attach.c (52597B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Copyright (c) International Business Machines Corp., 2006 4 * 5 * Author: Artem Bityutskiy (Битюцкий Артём) 6 */ 7 8/* 9 * UBI attaching sub-system. 10 * 11 * This sub-system is responsible for attaching MTD devices and it also 12 * implements flash media scanning. 13 * 14 * The attaching information is represented by a &struct ubi_attach_info' 15 * object. Information about volumes is represented by &struct ubi_ainf_volume 16 * objects which are kept in volume RB-tree with root at the @volumes field. 17 * The RB-tree is indexed by the volume ID. 18 * 19 * Logical eraseblocks are represented by &struct ubi_ainf_peb objects. These 20 * objects are kept in per-volume RB-trees with the root at the corresponding 21 * &struct ubi_ainf_volume object. To put it differently, we keep an RB-tree of 22 * per-volume objects and each of these objects is the root of RB-tree of 23 * per-LEB objects. 24 * 25 * Corrupted physical eraseblocks are put to the @corr list, free physical 26 * eraseblocks are put to the @free list and the physical eraseblock to be 27 * erased are put to the @erase list. 28 * 29 * About corruptions 30 * ~~~~~~~~~~~~~~~~~ 31 * 32 * UBI protects EC and VID headers with CRC-32 checksums, so it can detect 33 * whether the headers are corrupted or not. Sometimes UBI also protects the 34 * data with CRC-32, e.g., when it executes the atomic LEB change operation, or 35 * when it moves the contents of a PEB for wear-leveling purposes. 36 * 37 * UBI tries to distinguish between 2 types of corruptions. 38 * 39 * 1. Corruptions caused by power cuts. These are expected corruptions and UBI 40 * tries to handle them gracefully, without printing too many warnings and 41 * error messages. The idea is that we do not lose important data in these 42 * cases - we may lose only the data which were being written to the media just 43 * before the power cut happened, and the upper layers (e.g., UBIFS) are 44 * supposed to handle such data losses (e.g., by using the FS journal). 45 * 46 * When UBI detects a corruption (CRC-32 mismatch) in a PEB, and it looks like 47 * the reason is a power cut, UBI puts this PEB to the @erase list, and all 48 * PEBs in the @erase list are scheduled for erasure later. 49 * 50 * 2. Unexpected corruptions which are not caused by power cuts. During 51 * attaching, such PEBs are put to the @corr list and UBI preserves them. 52 * Obviously, this lessens the amount of available PEBs, and if at some point 53 * UBI runs out of free PEBs, it switches to R/O mode. UBI also loudly informs 54 * about such PEBs every time the MTD device is attached. 55 * 56 * However, it is difficult to reliably distinguish between these types of 57 * corruptions and UBI's strategy is as follows (in case of attaching by 58 * scanning). UBI assumes corruption type 2 if the VID header is corrupted and 59 * the data area does not contain all 0xFFs, and there were no bit-flips or 60 * integrity errors (e.g., ECC errors in case of NAND) while reading the data 61 * area. Otherwise UBI assumes corruption type 1. So the decision criteria 62 * are as follows. 63 * o If the data area contains only 0xFFs, there are no data, and it is safe 64 * to just erase this PEB - this is corruption type 1. 65 * o If the data area has bit-flips or data integrity errors (ECC errors on 66 * NAND), it is probably a PEB which was being erased when power cut 67 * happened, so this is corruption type 1. However, this is just a guess, 68 * which might be wrong. 69 * o Otherwise this is corruption type 2. 70 */ 71 72#include <linux/err.h> 73#include <linux/slab.h> 74#include <linux/crc32.h> 75#include <linux/math64.h> 76#include <linux/random.h> 77#include "ubi.h" 78 79static int self_check_ai(struct ubi_device *ubi, struct ubi_attach_info *ai); 80 81#define AV_FIND BIT(0) 82#define AV_ADD BIT(1) 83#define AV_FIND_OR_ADD (AV_FIND | AV_ADD) 84 85/** 86 * find_or_add_av - internal function to find a volume, add a volume or do 87 * both (find and add if missing). 88 * @ai: attaching information 89 * @vol_id: the requested volume ID 90 * @flags: a combination of the %AV_FIND and %AV_ADD flags describing the 91 * expected operation. If only %AV_ADD is set, -EEXIST is returned 92 * if the volume already exists. If only %AV_FIND is set, NULL is 93 * returned if the volume does not exist. And if both flags are 94 * set, the helper first tries to find an existing volume, and if 95 * it does not exist it creates a new one. 96 * @created: in value used to inform the caller whether it"s a newly created 97 * volume or not. 98 * 99 * This function returns a pointer to a volume description or an ERR_PTR if 100 * the operation failed. It can also return NULL if only %AV_FIND is set and 101 * the volume does not exist. 102 */ 103static struct ubi_ainf_volume *find_or_add_av(struct ubi_attach_info *ai, 104 int vol_id, unsigned int flags, 105 bool *created) 106{ 107 struct ubi_ainf_volume *av; 108 struct rb_node **p = &ai->volumes.rb_node, *parent = NULL; 109 110 /* Walk the volume RB-tree to look if this volume is already present */ 111 while (*p) { 112 parent = *p; 113 av = rb_entry(parent, struct ubi_ainf_volume, rb); 114 115 if (vol_id == av->vol_id) { 116 *created = false; 117 118 if (!(flags & AV_FIND)) 119 return ERR_PTR(-EEXIST); 120 121 return av; 122 } 123 124 if (vol_id > av->vol_id) 125 p = &(*p)->rb_left; 126 else 127 p = &(*p)->rb_right; 128 } 129 130 if (!(flags & AV_ADD)) 131 return NULL; 132 133 /* The volume is absent - add it */ 134 av = kzalloc(sizeof(*av), GFP_KERNEL); 135 if (!av) 136 return ERR_PTR(-ENOMEM); 137 138 av->vol_id = vol_id; 139 140 if (vol_id > ai->highest_vol_id) 141 ai->highest_vol_id = vol_id; 142 143 rb_link_node(&av->rb, parent, p); 144 rb_insert_color(&av->rb, &ai->volumes); 145 ai->vols_found += 1; 146 *created = true; 147 dbg_bld("added volume %d", vol_id); 148 return av; 149} 150 151/** 152 * ubi_find_or_add_av - search for a volume in the attaching information and 153 * add one if it does not exist. 154 * @ai: attaching information 155 * @vol_id: the requested volume ID 156 * @created: whether the volume has been created or not 157 * 158 * This function returns a pointer to the new volume description or an 159 * ERR_PTR if the operation failed. 160 */ 161static struct ubi_ainf_volume *ubi_find_or_add_av(struct ubi_attach_info *ai, 162 int vol_id, bool *created) 163{ 164 return find_or_add_av(ai, vol_id, AV_FIND_OR_ADD, created); 165} 166 167/** 168 * ubi_alloc_aeb - allocate an aeb element 169 * @ai: attaching information 170 * @pnum: physical eraseblock number 171 * @ec: erase counter of the physical eraseblock 172 * 173 * Allocate an aeb object and initialize the pnum and ec information. 174 * vol_id and lnum are set to UBI_UNKNOWN, and the other fields are 175 * initialized to zero. 176 * Note that the element is not added in any list or RB tree. 177 */ 178struct ubi_ainf_peb *ubi_alloc_aeb(struct ubi_attach_info *ai, int pnum, 179 int ec) 180{ 181 struct ubi_ainf_peb *aeb; 182 183 aeb = kmem_cache_zalloc(ai->aeb_slab_cache, GFP_KERNEL); 184 if (!aeb) 185 return NULL; 186 187 aeb->pnum = pnum; 188 aeb->ec = ec; 189 aeb->vol_id = UBI_UNKNOWN; 190 aeb->lnum = UBI_UNKNOWN; 191 192 return aeb; 193} 194 195/** 196 * ubi_free_aeb - free an aeb element 197 * @ai: attaching information 198 * @aeb: the element to free 199 * 200 * Free an aeb object. The caller must have removed the element from any list 201 * or RB tree. 202 */ 203void ubi_free_aeb(struct ubi_attach_info *ai, struct ubi_ainf_peb *aeb) 204{ 205 kmem_cache_free(ai->aeb_slab_cache, aeb); 206} 207 208/** 209 * add_to_list - add physical eraseblock to a list. 210 * @ai: attaching information 211 * @pnum: physical eraseblock number to add 212 * @vol_id: the last used volume id for the PEB 213 * @lnum: the last used LEB number for the PEB 214 * @ec: erase counter of the physical eraseblock 215 * @to_head: if not zero, add to the head of the list 216 * @list: the list to add to 217 * 218 * This function allocates a 'struct ubi_ainf_peb' object for physical 219 * eraseblock @pnum and adds it to the "free", "erase", or "alien" lists. 220 * It stores the @lnum and @vol_id alongside, which can both be 221 * %UBI_UNKNOWN if they are not available, not readable, or not assigned. 222 * If @to_head is not zero, PEB will be added to the head of the list, which 223 * basically means it will be processed first later. E.g., we add corrupted 224 * PEBs (corrupted due to power cuts) to the head of the erase list to make 225 * sure we erase them first and get rid of corruptions ASAP. This function 226 * returns zero in case of success and a negative error code in case of 227 * failure. 228 */ 229static int add_to_list(struct ubi_attach_info *ai, int pnum, int vol_id, 230 int lnum, int ec, int to_head, struct list_head *list) 231{ 232 struct ubi_ainf_peb *aeb; 233 234 if (list == &ai->free) { 235 dbg_bld("add to free: PEB %d, EC %d", pnum, ec); 236 } else if (list == &ai->erase) { 237 dbg_bld("add to erase: PEB %d, EC %d", pnum, ec); 238 } else if (list == &ai->alien) { 239 dbg_bld("add to alien: PEB %d, EC %d", pnum, ec); 240 ai->alien_peb_count += 1; 241 } else 242 BUG(); 243 244 aeb = ubi_alloc_aeb(ai, pnum, ec); 245 if (!aeb) 246 return -ENOMEM; 247 248 aeb->vol_id = vol_id; 249 aeb->lnum = lnum; 250 if (to_head) 251 list_add(&aeb->u.list, list); 252 else 253 list_add_tail(&aeb->u.list, list); 254 return 0; 255} 256 257/** 258 * add_corrupted - add a corrupted physical eraseblock. 259 * @ai: attaching information 260 * @pnum: physical eraseblock number to add 261 * @ec: erase counter of the physical eraseblock 262 * 263 * This function allocates a 'struct ubi_ainf_peb' object for a corrupted 264 * physical eraseblock @pnum and adds it to the 'corr' list. The corruption 265 * was presumably not caused by a power cut. Returns zero in case of success 266 * and a negative error code in case of failure. 267 */ 268static int add_corrupted(struct ubi_attach_info *ai, int pnum, int ec) 269{ 270 struct ubi_ainf_peb *aeb; 271 272 dbg_bld("add to corrupted: PEB %d, EC %d", pnum, ec); 273 274 aeb = ubi_alloc_aeb(ai, pnum, ec); 275 if (!aeb) 276 return -ENOMEM; 277 278 ai->corr_peb_count += 1; 279 list_add(&aeb->u.list, &ai->corr); 280 return 0; 281} 282 283/** 284 * add_fastmap - add a Fastmap related physical eraseblock. 285 * @ai: attaching information 286 * @pnum: physical eraseblock number the VID header came from 287 * @vid_hdr: the volume identifier header 288 * @ec: erase counter of the physical eraseblock 289 * 290 * This function allocates a 'struct ubi_ainf_peb' object for a Fastamp 291 * physical eraseblock @pnum and adds it to the 'fastmap' list. 292 * Such blocks can be Fastmap super and data blocks from both the most 293 * recent Fastmap we're attaching from or from old Fastmaps which will 294 * be erased. 295 */ 296static int add_fastmap(struct ubi_attach_info *ai, int pnum, 297 struct ubi_vid_hdr *vid_hdr, int ec) 298{ 299 struct ubi_ainf_peb *aeb; 300 301 aeb = ubi_alloc_aeb(ai, pnum, ec); 302 if (!aeb) 303 return -ENOMEM; 304 305 aeb->vol_id = be32_to_cpu(vid_hdr->vol_id); 306 aeb->sqnum = be64_to_cpu(vid_hdr->sqnum); 307 list_add(&aeb->u.list, &ai->fastmap); 308 309 dbg_bld("add to fastmap list: PEB %d, vol_id %d, sqnum: %llu", pnum, 310 aeb->vol_id, aeb->sqnum); 311 312 return 0; 313} 314 315/** 316 * validate_vid_hdr - check volume identifier header. 317 * @ubi: UBI device description object 318 * @vid_hdr: the volume identifier header to check 319 * @av: information about the volume this logical eraseblock belongs to 320 * @pnum: physical eraseblock number the VID header came from 321 * 322 * This function checks that data stored in @vid_hdr is consistent. Returns 323 * non-zero if an inconsistency was found and zero if not. 324 * 325 * Note, UBI does sanity check of everything it reads from the flash media. 326 * Most of the checks are done in the I/O sub-system. Here we check that the 327 * information in the VID header is consistent to the information in other VID 328 * headers of the same volume. 329 */ 330static int validate_vid_hdr(const struct ubi_device *ubi, 331 const struct ubi_vid_hdr *vid_hdr, 332 const struct ubi_ainf_volume *av, int pnum) 333{ 334 int vol_type = vid_hdr->vol_type; 335 int vol_id = be32_to_cpu(vid_hdr->vol_id); 336 int used_ebs = be32_to_cpu(vid_hdr->used_ebs); 337 int data_pad = be32_to_cpu(vid_hdr->data_pad); 338 339 if (av->leb_count != 0) { 340 int av_vol_type; 341 342 /* 343 * This is not the first logical eraseblock belonging to this 344 * volume. Ensure that the data in its VID header is consistent 345 * to the data in previous logical eraseblock headers. 346 */ 347 348 if (vol_id != av->vol_id) { 349 ubi_err(ubi, "inconsistent vol_id"); 350 goto bad; 351 } 352 353 if (av->vol_type == UBI_STATIC_VOLUME) 354 av_vol_type = UBI_VID_STATIC; 355 else 356 av_vol_type = UBI_VID_DYNAMIC; 357 358 if (vol_type != av_vol_type) { 359 ubi_err(ubi, "inconsistent vol_type"); 360 goto bad; 361 } 362 363 if (used_ebs != av->used_ebs) { 364 ubi_err(ubi, "inconsistent used_ebs"); 365 goto bad; 366 } 367 368 if (data_pad != av->data_pad) { 369 ubi_err(ubi, "inconsistent data_pad"); 370 goto bad; 371 } 372 } 373 374 return 0; 375 376bad: 377 ubi_err(ubi, "inconsistent VID header at PEB %d", pnum); 378 ubi_dump_vid_hdr(vid_hdr); 379 ubi_dump_av(av); 380 return -EINVAL; 381} 382 383/** 384 * add_volume - add volume to the attaching information. 385 * @ai: attaching information 386 * @vol_id: ID of the volume to add 387 * @pnum: physical eraseblock number 388 * @vid_hdr: volume identifier header 389 * 390 * If the volume corresponding to the @vid_hdr logical eraseblock is already 391 * present in the attaching information, this function does nothing. Otherwise 392 * it adds corresponding volume to the attaching information. Returns a pointer 393 * to the allocated "av" object in case of success and a negative error code in 394 * case of failure. 395 */ 396static struct ubi_ainf_volume *add_volume(struct ubi_attach_info *ai, 397 int vol_id, int pnum, 398 const struct ubi_vid_hdr *vid_hdr) 399{ 400 struct ubi_ainf_volume *av; 401 bool created; 402 403 ubi_assert(vol_id == be32_to_cpu(vid_hdr->vol_id)); 404 405 av = ubi_find_or_add_av(ai, vol_id, &created); 406 if (IS_ERR(av) || !created) 407 return av; 408 409 av->used_ebs = be32_to_cpu(vid_hdr->used_ebs); 410 av->data_pad = be32_to_cpu(vid_hdr->data_pad); 411 av->compat = vid_hdr->compat; 412 av->vol_type = vid_hdr->vol_type == UBI_VID_DYNAMIC ? UBI_DYNAMIC_VOLUME 413 : UBI_STATIC_VOLUME; 414 415 return av; 416} 417 418/** 419 * ubi_compare_lebs - find out which logical eraseblock is newer. 420 * @ubi: UBI device description object 421 * @aeb: first logical eraseblock to compare 422 * @pnum: physical eraseblock number of the second logical eraseblock to 423 * compare 424 * @vid_hdr: volume identifier header of the second logical eraseblock 425 * 426 * This function compares 2 copies of a LEB and informs which one is newer. In 427 * case of success this function returns a positive value, in case of failure, a 428 * negative error code is returned. The success return codes use the following 429 * bits: 430 * o bit 0 is cleared: the first PEB (described by @aeb) is newer than the 431 * second PEB (described by @pnum and @vid_hdr); 432 * o bit 0 is set: the second PEB is newer; 433 * o bit 1 is cleared: no bit-flips were detected in the newer LEB; 434 * o bit 1 is set: bit-flips were detected in the newer LEB; 435 * o bit 2 is cleared: the older LEB is not corrupted; 436 * o bit 2 is set: the older LEB is corrupted. 437 */ 438int ubi_compare_lebs(struct ubi_device *ubi, const struct ubi_ainf_peb *aeb, 439 int pnum, const struct ubi_vid_hdr *vid_hdr) 440{ 441 int len, err, second_is_newer, bitflips = 0, corrupted = 0; 442 uint32_t data_crc, crc; 443 struct ubi_vid_io_buf *vidb = NULL; 444 unsigned long long sqnum2 = be64_to_cpu(vid_hdr->sqnum); 445 446 if (sqnum2 == aeb->sqnum) { 447 /* 448 * This must be a really ancient UBI image which has been 449 * created before sequence numbers support has been added. At 450 * that times we used 32-bit LEB versions stored in logical 451 * eraseblocks. That was before UBI got into mainline. We do not 452 * support these images anymore. Well, those images still work, 453 * but only if no unclean reboots happened. 454 */ 455 ubi_err(ubi, "unsupported on-flash UBI format"); 456 return -EINVAL; 457 } 458 459 /* Obviously the LEB with lower sequence counter is older */ 460 second_is_newer = (sqnum2 > aeb->sqnum); 461 462 /* 463 * Now we know which copy is newer. If the copy flag of the PEB with 464 * newer version is not set, then we just return, otherwise we have to 465 * check data CRC. For the second PEB we already have the VID header, 466 * for the first one - we'll need to re-read it from flash. 467 * 468 * Note: this may be optimized so that we wouldn't read twice. 469 */ 470 471 if (second_is_newer) { 472 if (!vid_hdr->copy_flag) { 473 /* It is not a copy, so it is newer */ 474 dbg_bld("second PEB %d is newer, copy_flag is unset", 475 pnum); 476 return 1; 477 } 478 } else { 479 if (!aeb->copy_flag) { 480 /* It is not a copy, so it is newer */ 481 dbg_bld("first PEB %d is newer, copy_flag is unset", 482 pnum); 483 return bitflips << 1; 484 } 485 486 vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL); 487 if (!vidb) 488 return -ENOMEM; 489 490 pnum = aeb->pnum; 491 err = ubi_io_read_vid_hdr(ubi, pnum, vidb, 0); 492 if (err) { 493 if (err == UBI_IO_BITFLIPS) 494 bitflips = 1; 495 else { 496 ubi_err(ubi, "VID of PEB %d header is bad, but it was OK earlier, err %d", 497 pnum, err); 498 if (err > 0) 499 err = -EIO; 500 501 goto out_free_vidh; 502 } 503 } 504 505 vid_hdr = ubi_get_vid_hdr(vidb); 506 } 507 508 /* Read the data of the copy and check the CRC */ 509 510 len = be32_to_cpu(vid_hdr->data_size); 511 512 mutex_lock(&ubi->buf_mutex); 513 err = ubi_io_read_data(ubi, ubi->peb_buf, pnum, 0, len); 514 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err)) 515 goto out_unlock; 516 517 data_crc = be32_to_cpu(vid_hdr->data_crc); 518 crc = crc32(UBI_CRC32_INIT, ubi->peb_buf, len); 519 if (crc != data_crc) { 520 dbg_bld("PEB %d CRC error: calculated %#08x, must be %#08x", 521 pnum, crc, data_crc); 522 corrupted = 1; 523 bitflips = 0; 524 second_is_newer = !second_is_newer; 525 } else { 526 dbg_bld("PEB %d CRC is OK", pnum); 527 bitflips |= !!err; 528 } 529 mutex_unlock(&ubi->buf_mutex); 530 531 ubi_free_vid_buf(vidb); 532 533 if (second_is_newer) 534 dbg_bld("second PEB %d is newer, copy_flag is set", pnum); 535 else 536 dbg_bld("first PEB %d is newer, copy_flag is set", pnum); 537 538 return second_is_newer | (bitflips << 1) | (corrupted << 2); 539 540out_unlock: 541 mutex_unlock(&ubi->buf_mutex); 542out_free_vidh: 543 ubi_free_vid_buf(vidb); 544 return err; 545} 546 547/** 548 * ubi_add_to_av - add used physical eraseblock to the attaching information. 549 * @ubi: UBI device description object 550 * @ai: attaching information 551 * @pnum: the physical eraseblock number 552 * @ec: erase counter 553 * @vid_hdr: the volume identifier header 554 * @bitflips: if bit-flips were detected when this physical eraseblock was read 555 * 556 * This function adds information about a used physical eraseblock to the 557 * 'used' tree of the corresponding volume. The function is rather complex 558 * because it has to handle cases when this is not the first physical 559 * eraseblock belonging to the same logical eraseblock, and the newer one has 560 * to be picked, while the older one has to be dropped. This function returns 561 * zero in case of success and a negative error code in case of failure. 562 */ 563int ubi_add_to_av(struct ubi_device *ubi, struct ubi_attach_info *ai, int pnum, 564 int ec, const struct ubi_vid_hdr *vid_hdr, int bitflips) 565{ 566 int err, vol_id, lnum; 567 unsigned long long sqnum; 568 struct ubi_ainf_volume *av; 569 struct ubi_ainf_peb *aeb; 570 struct rb_node **p, *parent = NULL; 571 572 vol_id = be32_to_cpu(vid_hdr->vol_id); 573 lnum = be32_to_cpu(vid_hdr->lnum); 574 sqnum = be64_to_cpu(vid_hdr->sqnum); 575 576 dbg_bld("PEB %d, LEB %d:%d, EC %d, sqnum %llu, bitflips %d", 577 pnum, vol_id, lnum, ec, sqnum, bitflips); 578 579 av = add_volume(ai, vol_id, pnum, vid_hdr); 580 if (IS_ERR(av)) 581 return PTR_ERR(av); 582 583 if (ai->max_sqnum < sqnum) 584 ai->max_sqnum = sqnum; 585 586 /* 587 * Walk the RB-tree of logical eraseblocks of volume @vol_id to look 588 * if this is the first instance of this logical eraseblock or not. 589 */ 590 p = &av->root.rb_node; 591 while (*p) { 592 int cmp_res; 593 594 parent = *p; 595 aeb = rb_entry(parent, struct ubi_ainf_peb, u.rb); 596 if (lnum != aeb->lnum) { 597 if (lnum < aeb->lnum) 598 p = &(*p)->rb_left; 599 else 600 p = &(*p)->rb_right; 601 continue; 602 } 603 604 /* 605 * There is already a physical eraseblock describing the same 606 * logical eraseblock present. 607 */ 608 609 dbg_bld("this LEB already exists: PEB %d, sqnum %llu, EC %d", 610 aeb->pnum, aeb->sqnum, aeb->ec); 611 612 /* 613 * Make sure that the logical eraseblocks have different 614 * sequence numbers. Otherwise the image is bad. 615 * 616 * However, if the sequence number is zero, we assume it must 617 * be an ancient UBI image from the era when UBI did not have 618 * sequence numbers. We still can attach these images, unless 619 * there is a need to distinguish between old and new 620 * eraseblocks, in which case we'll refuse the image in 621 * 'ubi_compare_lebs()'. In other words, we attach old clean 622 * images, but refuse attaching old images with duplicated 623 * logical eraseblocks because there was an unclean reboot. 624 */ 625 if (aeb->sqnum == sqnum && sqnum != 0) { 626 ubi_err(ubi, "two LEBs with same sequence number %llu", 627 sqnum); 628 ubi_dump_aeb(aeb, 0); 629 ubi_dump_vid_hdr(vid_hdr); 630 return -EINVAL; 631 } 632 633 /* 634 * Now we have to drop the older one and preserve the newer 635 * one. 636 */ 637 cmp_res = ubi_compare_lebs(ubi, aeb, pnum, vid_hdr); 638 if (cmp_res < 0) 639 return cmp_res; 640 641 if (cmp_res & 1) { 642 /* 643 * This logical eraseblock is newer than the one 644 * found earlier. 645 */ 646 err = validate_vid_hdr(ubi, vid_hdr, av, pnum); 647 if (err) 648 return err; 649 650 err = add_to_list(ai, aeb->pnum, aeb->vol_id, 651 aeb->lnum, aeb->ec, cmp_res & 4, 652 &ai->erase); 653 if (err) 654 return err; 655 656 aeb->ec = ec; 657 aeb->pnum = pnum; 658 aeb->vol_id = vol_id; 659 aeb->lnum = lnum; 660 aeb->scrub = ((cmp_res & 2) || bitflips); 661 aeb->copy_flag = vid_hdr->copy_flag; 662 aeb->sqnum = sqnum; 663 664 if (av->highest_lnum == lnum) 665 av->last_data_size = 666 be32_to_cpu(vid_hdr->data_size); 667 668 return 0; 669 } else { 670 /* 671 * This logical eraseblock is older than the one found 672 * previously. 673 */ 674 return add_to_list(ai, pnum, vol_id, lnum, ec, 675 cmp_res & 4, &ai->erase); 676 } 677 } 678 679 /* 680 * We've met this logical eraseblock for the first time, add it to the 681 * attaching information. 682 */ 683 684 err = validate_vid_hdr(ubi, vid_hdr, av, pnum); 685 if (err) 686 return err; 687 688 aeb = ubi_alloc_aeb(ai, pnum, ec); 689 if (!aeb) 690 return -ENOMEM; 691 692 aeb->vol_id = vol_id; 693 aeb->lnum = lnum; 694 aeb->scrub = bitflips; 695 aeb->copy_flag = vid_hdr->copy_flag; 696 aeb->sqnum = sqnum; 697 698 if (av->highest_lnum <= lnum) { 699 av->highest_lnum = lnum; 700 av->last_data_size = be32_to_cpu(vid_hdr->data_size); 701 } 702 703 av->leb_count += 1; 704 rb_link_node(&aeb->u.rb, parent, p); 705 rb_insert_color(&aeb->u.rb, &av->root); 706 return 0; 707} 708 709/** 710 * ubi_add_av - add volume to the attaching information. 711 * @ai: attaching information 712 * @vol_id: the requested volume ID 713 * 714 * This function returns a pointer to the new volume description or an 715 * ERR_PTR if the operation failed. 716 */ 717struct ubi_ainf_volume *ubi_add_av(struct ubi_attach_info *ai, int vol_id) 718{ 719 bool created; 720 721 return find_or_add_av(ai, vol_id, AV_ADD, &created); 722} 723 724/** 725 * ubi_find_av - find volume in the attaching information. 726 * @ai: attaching information 727 * @vol_id: the requested volume ID 728 * 729 * This function returns a pointer to the volume description or %NULL if there 730 * are no data about this volume in the attaching information. 731 */ 732struct ubi_ainf_volume *ubi_find_av(const struct ubi_attach_info *ai, 733 int vol_id) 734{ 735 bool created; 736 737 return find_or_add_av((struct ubi_attach_info *)ai, vol_id, AV_FIND, 738 &created); 739} 740 741static void destroy_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av, 742 struct list_head *list); 743 744/** 745 * ubi_remove_av - delete attaching information about a volume. 746 * @ai: attaching information 747 * @av: the volume attaching information to delete 748 */ 749void ubi_remove_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av) 750{ 751 dbg_bld("remove attaching information about volume %d", av->vol_id); 752 753 rb_erase(&av->rb, &ai->volumes); 754 destroy_av(ai, av, &ai->erase); 755 ai->vols_found -= 1; 756} 757 758/** 759 * early_erase_peb - erase a physical eraseblock. 760 * @ubi: UBI device description object 761 * @ai: attaching information 762 * @pnum: physical eraseblock number to erase; 763 * @ec: erase counter value to write (%UBI_UNKNOWN if it is unknown) 764 * 765 * This function erases physical eraseblock 'pnum', and writes the erase 766 * counter header to it. This function should only be used on UBI device 767 * initialization stages, when the EBA sub-system had not been yet initialized. 768 * This function returns zero in case of success and a negative error code in 769 * case of failure. 770 */ 771static int early_erase_peb(struct ubi_device *ubi, 772 const struct ubi_attach_info *ai, int pnum, int ec) 773{ 774 int err; 775 struct ubi_ec_hdr *ec_hdr; 776 777 if ((long long)ec >= UBI_MAX_ERASECOUNTER) { 778 /* 779 * Erase counter overflow. Upgrade UBI and use 64-bit 780 * erase counters internally. 781 */ 782 ubi_err(ubi, "erase counter overflow at PEB %d, EC %d", 783 pnum, ec); 784 return -EINVAL; 785 } 786 787 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL); 788 if (!ec_hdr) 789 return -ENOMEM; 790 791 ec_hdr->ec = cpu_to_be64(ec); 792 793 err = ubi_io_sync_erase(ubi, pnum, 0); 794 if (err < 0) 795 goto out_free; 796 797 err = ubi_io_write_ec_hdr(ubi, pnum, ec_hdr); 798 799out_free: 800 kfree(ec_hdr); 801 return err; 802} 803 804/** 805 * ubi_early_get_peb - get a free physical eraseblock. 806 * @ubi: UBI device description object 807 * @ai: attaching information 808 * 809 * This function returns a free physical eraseblock. It is supposed to be 810 * called on the UBI initialization stages when the wear-leveling sub-system is 811 * not initialized yet. This function picks a physical eraseblocks from one of 812 * the lists, writes the EC header if it is needed, and removes it from the 813 * list. 814 * 815 * This function returns a pointer to the "aeb" of the found free PEB in case 816 * of success and an error code in case of failure. 817 */ 818struct ubi_ainf_peb *ubi_early_get_peb(struct ubi_device *ubi, 819 struct ubi_attach_info *ai) 820{ 821 int err = 0; 822 struct ubi_ainf_peb *aeb, *tmp_aeb; 823 824 if (!list_empty(&ai->free)) { 825 aeb = list_entry(ai->free.next, struct ubi_ainf_peb, u.list); 826 list_del(&aeb->u.list); 827 dbg_bld("return free PEB %d, EC %d", aeb->pnum, aeb->ec); 828 return aeb; 829 } 830 831 /* 832 * We try to erase the first physical eraseblock from the erase list 833 * and pick it if we succeed, or try to erase the next one if not. And 834 * so forth. We don't want to take care about bad eraseblocks here - 835 * they'll be handled later. 836 */ 837 list_for_each_entry_safe(aeb, tmp_aeb, &ai->erase, u.list) { 838 if (aeb->ec == UBI_UNKNOWN) 839 aeb->ec = ai->mean_ec; 840 841 err = early_erase_peb(ubi, ai, aeb->pnum, aeb->ec+1); 842 if (err) 843 continue; 844 845 aeb->ec += 1; 846 list_del(&aeb->u.list); 847 dbg_bld("return PEB %d, EC %d", aeb->pnum, aeb->ec); 848 return aeb; 849 } 850 851 ubi_err(ubi, "no free eraseblocks"); 852 return ERR_PTR(-ENOSPC); 853} 854 855/** 856 * check_corruption - check the data area of PEB. 857 * @ubi: UBI device description object 858 * @vid_hdr: the (corrupted) VID header of this PEB 859 * @pnum: the physical eraseblock number to check 860 * 861 * This is a helper function which is used to distinguish between VID header 862 * corruptions caused by power cuts and other reasons. If the PEB contains only 863 * 0xFF bytes in the data area, the VID header is most probably corrupted 864 * because of a power cut (%0 is returned in this case). Otherwise, it was 865 * probably corrupted for some other reasons (%1 is returned in this case). A 866 * negative error code is returned if a read error occurred. 867 * 868 * If the corruption reason was a power cut, UBI can safely erase this PEB. 869 * Otherwise, it should preserve it to avoid possibly destroying important 870 * information. 871 */ 872static int check_corruption(struct ubi_device *ubi, struct ubi_vid_hdr *vid_hdr, 873 int pnum) 874{ 875 int err; 876 877 mutex_lock(&ubi->buf_mutex); 878 memset(ubi->peb_buf, 0x00, ubi->leb_size); 879 880 err = ubi_io_read(ubi, ubi->peb_buf, pnum, ubi->leb_start, 881 ubi->leb_size); 882 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) { 883 /* 884 * Bit-flips or integrity errors while reading the data area. 885 * It is difficult to say for sure what type of corruption is 886 * this, but presumably a power cut happened while this PEB was 887 * erased, so it became unstable and corrupted, and should be 888 * erased. 889 */ 890 err = 0; 891 goto out_unlock; 892 } 893 894 if (err) 895 goto out_unlock; 896 897 if (ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->leb_size)) 898 goto out_unlock; 899 900 ubi_err(ubi, "PEB %d contains corrupted VID header, and the data does not contain all 0xFF", 901 pnum); 902 ubi_err(ubi, "this may be a non-UBI PEB or a severe VID header corruption which requires manual inspection"); 903 ubi_dump_vid_hdr(vid_hdr); 904 pr_err("hexdump of PEB %d offset %d, length %d", 905 pnum, ubi->leb_start, ubi->leb_size); 906 ubi_dbg_print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, 907 ubi->peb_buf, ubi->leb_size, 1); 908 err = 1; 909 910out_unlock: 911 mutex_unlock(&ubi->buf_mutex); 912 return err; 913} 914 915static bool vol_ignored(int vol_id) 916{ 917 switch (vol_id) { 918 case UBI_LAYOUT_VOLUME_ID: 919 return true; 920 } 921 922#ifdef CONFIG_MTD_UBI_FASTMAP 923 return ubi_is_fm_vol(vol_id); 924#else 925 return false; 926#endif 927} 928 929/** 930 * scan_peb - scan and process UBI headers of a PEB. 931 * @ubi: UBI device description object 932 * @ai: attaching information 933 * @pnum: the physical eraseblock number 934 * @fast: true if we're scanning for a Fastmap 935 * 936 * This function reads UBI headers of PEB @pnum, checks them, and adds 937 * information about this PEB to the corresponding list or RB-tree in the 938 * "attaching info" structure. Returns zero if the physical eraseblock was 939 * successfully handled and a negative error code in case of failure. 940 */ 941static int scan_peb(struct ubi_device *ubi, struct ubi_attach_info *ai, 942 int pnum, bool fast) 943{ 944 struct ubi_ec_hdr *ech = ai->ech; 945 struct ubi_vid_io_buf *vidb = ai->vidb; 946 struct ubi_vid_hdr *vidh = ubi_get_vid_hdr(vidb); 947 long long ec; 948 int err, bitflips = 0, vol_id = -1, ec_err = 0; 949 950 dbg_bld("scan PEB %d", pnum); 951 952 /* Skip bad physical eraseblocks */ 953 err = ubi_io_is_bad(ubi, pnum); 954 if (err < 0) 955 return err; 956 else if (err) { 957 ai->bad_peb_count += 1; 958 return 0; 959 } 960 961 err = ubi_io_read_ec_hdr(ubi, pnum, ech, 0); 962 if (err < 0) 963 return err; 964 switch (err) { 965 case 0: 966 break; 967 case UBI_IO_BITFLIPS: 968 bitflips = 1; 969 break; 970 case UBI_IO_FF: 971 ai->empty_peb_count += 1; 972 return add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN, 973 UBI_UNKNOWN, 0, &ai->erase); 974 case UBI_IO_FF_BITFLIPS: 975 ai->empty_peb_count += 1; 976 return add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN, 977 UBI_UNKNOWN, 1, &ai->erase); 978 case UBI_IO_BAD_HDR_EBADMSG: 979 case UBI_IO_BAD_HDR: 980 /* 981 * We have to also look at the VID header, possibly it is not 982 * corrupted. Set %bitflips flag in order to make this PEB be 983 * moved and EC be re-created. 984 */ 985 ec_err = err; 986 ec = UBI_UNKNOWN; 987 bitflips = 1; 988 break; 989 default: 990 ubi_err(ubi, "'ubi_io_read_ec_hdr()' returned unknown code %d", 991 err); 992 return -EINVAL; 993 } 994 995 if (!ec_err) { 996 int image_seq; 997 998 /* Make sure UBI version is OK */ 999 if (ech->version != UBI_VERSION) { 1000 ubi_err(ubi, "this UBI version is %d, image version is %d", 1001 UBI_VERSION, (int)ech->version); 1002 return -EINVAL; 1003 } 1004 1005 ec = be64_to_cpu(ech->ec); 1006 if (ec > UBI_MAX_ERASECOUNTER) { 1007 /* 1008 * Erase counter overflow. The EC headers have 64 bits 1009 * reserved, but we anyway make use of only 31 bit 1010 * values, as this seems to be enough for any existing 1011 * flash. Upgrade UBI and use 64-bit erase counters 1012 * internally. 1013 */ 1014 ubi_err(ubi, "erase counter overflow, max is %d", 1015 UBI_MAX_ERASECOUNTER); 1016 ubi_dump_ec_hdr(ech); 1017 return -EINVAL; 1018 } 1019 1020 /* 1021 * Make sure that all PEBs have the same image sequence number. 1022 * This allows us to detect situations when users flash UBI 1023 * images incorrectly, so that the flash has the new UBI image 1024 * and leftovers from the old one. This feature was added 1025 * relatively recently, and the sequence number was always 1026 * zero, because old UBI implementations always set it to zero. 1027 * For this reasons, we do not panic if some PEBs have zero 1028 * sequence number, while other PEBs have non-zero sequence 1029 * number. 1030 */ 1031 image_seq = be32_to_cpu(ech->image_seq); 1032 if (!ubi->image_seq) 1033 ubi->image_seq = image_seq; 1034 if (image_seq && ubi->image_seq != image_seq) { 1035 ubi_err(ubi, "bad image sequence number %d in PEB %d, expected %d", 1036 image_seq, pnum, ubi->image_seq); 1037 ubi_dump_ec_hdr(ech); 1038 return -EINVAL; 1039 } 1040 } 1041 1042 /* OK, we've done with the EC header, let's look at the VID header */ 1043 1044 err = ubi_io_read_vid_hdr(ubi, pnum, vidb, 0); 1045 if (err < 0) 1046 return err; 1047 switch (err) { 1048 case 0: 1049 break; 1050 case UBI_IO_BITFLIPS: 1051 bitflips = 1; 1052 break; 1053 case UBI_IO_BAD_HDR_EBADMSG: 1054 if (ec_err == UBI_IO_BAD_HDR_EBADMSG) 1055 /* 1056 * Both EC and VID headers are corrupted and were read 1057 * with data integrity error, probably this is a bad 1058 * PEB, bit it is not marked as bad yet. This may also 1059 * be a result of power cut during erasure. 1060 */ 1061 ai->maybe_bad_peb_count += 1; 1062 fallthrough; 1063 case UBI_IO_BAD_HDR: 1064 /* 1065 * If we're facing a bad VID header we have to drop *all* 1066 * Fastmap data structures we find. The most recent Fastmap 1067 * could be bad and therefore there is a chance that we attach 1068 * from an old one. On a fine MTD stack a PEB must not render 1069 * bad all of a sudden, but the reality is different. 1070 * So, let's be paranoid and help finding the root cause by 1071 * falling back to scanning mode instead of attaching with a 1072 * bad EBA table and cause data corruption which is hard to 1073 * analyze. 1074 */ 1075 if (fast) 1076 ai->force_full_scan = 1; 1077 1078 if (ec_err) 1079 /* 1080 * Both headers are corrupted. There is a possibility 1081 * that this a valid UBI PEB which has corresponding 1082 * LEB, but the headers are corrupted. However, it is 1083 * impossible to distinguish it from a PEB which just 1084 * contains garbage because of a power cut during erase 1085 * operation. So we just schedule this PEB for erasure. 1086 * 1087 * Besides, in case of NOR flash, we deliberately 1088 * corrupt both headers because NOR flash erasure is 1089 * slow and can start from the end. 1090 */ 1091 err = 0; 1092 else 1093 /* 1094 * The EC was OK, but the VID header is corrupted. We 1095 * have to check what is in the data area. 1096 */ 1097 err = check_corruption(ubi, vidh, pnum); 1098 1099 if (err < 0) 1100 return err; 1101 else if (!err) 1102 /* This corruption is caused by a power cut */ 1103 err = add_to_list(ai, pnum, UBI_UNKNOWN, 1104 UBI_UNKNOWN, ec, 1, &ai->erase); 1105 else 1106 /* This is an unexpected corruption */ 1107 err = add_corrupted(ai, pnum, ec); 1108 if (err) 1109 return err; 1110 goto adjust_mean_ec; 1111 case UBI_IO_FF_BITFLIPS: 1112 err = add_to_list(ai, pnum, UBI_UNKNOWN, UBI_UNKNOWN, 1113 ec, 1, &ai->erase); 1114 if (err) 1115 return err; 1116 goto adjust_mean_ec; 1117 case UBI_IO_FF: 1118 if (ec_err || bitflips) 1119 err = add_to_list(ai, pnum, UBI_UNKNOWN, 1120 UBI_UNKNOWN, ec, 1, &ai->erase); 1121 else 1122 err = add_to_list(ai, pnum, UBI_UNKNOWN, 1123 UBI_UNKNOWN, ec, 0, &ai->free); 1124 if (err) 1125 return err; 1126 goto adjust_mean_ec; 1127 default: 1128 ubi_err(ubi, "'ubi_io_read_vid_hdr()' returned unknown code %d", 1129 err); 1130 return -EINVAL; 1131 } 1132 1133 vol_id = be32_to_cpu(vidh->vol_id); 1134 if (vol_id > UBI_MAX_VOLUMES && !vol_ignored(vol_id)) { 1135 int lnum = be32_to_cpu(vidh->lnum); 1136 1137 /* Unsupported internal volume */ 1138 switch (vidh->compat) { 1139 case UBI_COMPAT_DELETE: 1140 ubi_msg(ubi, "\"delete\" compatible internal volume %d:%d found, will remove it", 1141 vol_id, lnum); 1142 1143 err = add_to_list(ai, pnum, vol_id, lnum, 1144 ec, 1, &ai->erase); 1145 if (err) 1146 return err; 1147 return 0; 1148 1149 case UBI_COMPAT_RO: 1150 ubi_msg(ubi, "read-only compatible internal volume %d:%d found, switch to read-only mode", 1151 vol_id, lnum); 1152 ubi->ro_mode = 1; 1153 break; 1154 1155 case UBI_COMPAT_PRESERVE: 1156 ubi_msg(ubi, "\"preserve\" compatible internal volume %d:%d found", 1157 vol_id, lnum); 1158 err = add_to_list(ai, pnum, vol_id, lnum, 1159 ec, 0, &ai->alien); 1160 if (err) 1161 return err; 1162 return 0; 1163 1164 case UBI_COMPAT_REJECT: 1165 ubi_err(ubi, "incompatible internal volume %d:%d found", 1166 vol_id, lnum); 1167 return -EINVAL; 1168 } 1169 } 1170 1171 if (ec_err) 1172 ubi_warn(ubi, "valid VID header but corrupted EC header at PEB %d", 1173 pnum); 1174 1175 if (ubi_is_fm_vol(vol_id)) 1176 err = add_fastmap(ai, pnum, vidh, ec); 1177 else 1178 err = ubi_add_to_av(ubi, ai, pnum, ec, vidh, bitflips); 1179 1180 if (err) 1181 return err; 1182 1183adjust_mean_ec: 1184 if (!ec_err) { 1185 ai->ec_sum += ec; 1186 ai->ec_count += 1; 1187 if (ec > ai->max_ec) 1188 ai->max_ec = ec; 1189 if (ec < ai->min_ec) 1190 ai->min_ec = ec; 1191 } 1192 1193 return 0; 1194} 1195 1196/** 1197 * late_analysis - analyze the overall situation with PEB. 1198 * @ubi: UBI device description object 1199 * @ai: attaching information 1200 * 1201 * This is a helper function which takes a look what PEBs we have after we 1202 * gather information about all of them ("ai" is compete). It decides whether 1203 * the flash is empty and should be formatted of whether there are too many 1204 * corrupted PEBs and we should not attach this MTD device. Returns zero if we 1205 * should proceed with attaching the MTD device, and %-EINVAL if we should not. 1206 */ 1207static int late_analysis(struct ubi_device *ubi, struct ubi_attach_info *ai) 1208{ 1209 struct ubi_ainf_peb *aeb; 1210 int max_corr, peb_count; 1211 1212 peb_count = ubi->peb_count - ai->bad_peb_count - ai->alien_peb_count; 1213 max_corr = peb_count / 20 ?: 8; 1214 1215 /* 1216 * Few corrupted PEBs is not a problem and may be just a result of 1217 * unclean reboots. However, many of them may indicate some problems 1218 * with the flash HW or driver. 1219 */ 1220 if (ai->corr_peb_count) { 1221 ubi_err(ubi, "%d PEBs are corrupted and preserved", 1222 ai->corr_peb_count); 1223 pr_err("Corrupted PEBs are:"); 1224 list_for_each_entry(aeb, &ai->corr, u.list) 1225 pr_cont(" %d", aeb->pnum); 1226 pr_cont("\n"); 1227 1228 /* 1229 * If too many PEBs are corrupted, we refuse attaching, 1230 * otherwise, only print a warning. 1231 */ 1232 if (ai->corr_peb_count >= max_corr) { 1233 ubi_err(ubi, "too many corrupted PEBs, refusing"); 1234 return -EINVAL; 1235 } 1236 } 1237 1238 if (ai->empty_peb_count + ai->maybe_bad_peb_count == peb_count) { 1239 /* 1240 * All PEBs are empty, or almost all - a couple PEBs look like 1241 * they may be bad PEBs which were not marked as bad yet. 1242 * 1243 * This piece of code basically tries to distinguish between 1244 * the following situations: 1245 * 1246 * 1. Flash is empty, but there are few bad PEBs, which are not 1247 * marked as bad so far, and which were read with error. We 1248 * want to go ahead and format this flash. While formatting, 1249 * the faulty PEBs will probably be marked as bad. 1250 * 1251 * 2. Flash contains non-UBI data and we do not want to format 1252 * it and destroy possibly important information. 1253 */ 1254 if (ai->maybe_bad_peb_count <= 2) { 1255 ai->is_empty = 1; 1256 ubi_msg(ubi, "empty MTD device detected"); 1257 get_random_bytes(&ubi->image_seq, 1258 sizeof(ubi->image_seq)); 1259 } else { 1260 ubi_err(ubi, "MTD device is not UBI-formatted and possibly contains non-UBI data - refusing it"); 1261 return -EINVAL; 1262 } 1263 1264 } 1265 1266 return 0; 1267} 1268 1269/** 1270 * destroy_av - free volume attaching information. 1271 * @av: volume attaching information 1272 * @ai: attaching information 1273 * @list: put the aeb elements in there if !NULL, otherwise free them 1274 * 1275 * This function destroys the volume attaching information. 1276 */ 1277static void destroy_av(struct ubi_attach_info *ai, struct ubi_ainf_volume *av, 1278 struct list_head *list) 1279{ 1280 struct ubi_ainf_peb *aeb; 1281 struct rb_node *this = av->root.rb_node; 1282 1283 while (this) { 1284 if (this->rb_left) 1285 this = this->rb_left; 1286 else if (this->rb_right) 1287 this = this->rb_right; 1288 else { 1289 aeb = rb_entry(this, struct ubi_ainf_peb, u.rb); 1290 this = rb_parent(this); 1291 if (this) { 1292 if (this->rb_left == &aeb->u.rb) 1293 this->rb_left = NULL; 1294 else 1295 this->rb_right = NULL; 1296 } 1297 1298 if (list) 1299 list_add_tail(&aeb->u.list, list); 1300 else 1301 ubi_free_aeb(ai, aeb); 1302 } 1303 } 1304 kfree(av); 1305} 1306 1307/** 1308 * destroy_ai - destroy attaching information. 1309 * @ai: attaching information 1310 */ 1311static void destroy_ai(struct ubi_attach_info *ai) 1312{ 1313 struct ubi_ainf_peb *aeb, *aeb_tmp; 1314 struct ubi_ainf_volume *av; 1315 struct rb_node *rb; 1316 1317 list_for_each_entry_safe(aeb, aeb_tmp, &ai->alien, u.list) { 1318 list_del(&aeb->u.list); 1319 ubi_free_aeb(ai, aeb); 1320 } 1321 list_for_each_entry_safe(aeb, aeb_tmp, &ai->erase, u.list) { 1322 list_del(&aeb->u.list); 1323 ubi_free_aeb(ai, aeb); 1324 } 1325 list_for_each_entry_safe(aeb, aeb_tmp, &ai->corr, u.list) { 1326 list_del(&aeb->u.list); 1327 ubi_free_aeb(ai, aeb); 1328 } 1329 list_for_each_entry_safe(aeb, aeb_tmp, &ai->free, u.list) { 1330 list_del(&aeb->u.list); 1331 ubi_free_aeb(ai, aeb); 1332 } 1333 list_for_each_entry_safe(aeb, aeb_tmp, &ai->fastmap, u.list) { 1334 list_del(&aeb->u.list); 1335 ubi_free_aeb(ai, aeb); 1336 } 1337 1338 /* Destroy the volume RB-tree */ 1339 rb = ai->volumes.rb_node; 1340 while (rb) { 1341 if (rb->rb_left) 1342 rb = rb->rb_left; 1343 else if (rb->rb_right) 1344 rb = rb->rb_right; 1345 else { 1346 av = rb_entry(rb, struct ubi_ainf_volume, rb); 1347 1348 rb = rb_parent(rb); 1349 if (rb) { 1350 if (rb->rb_left == &av->rb) 1351 rb->rb_left = NULL; 1352 else 1353 rb->rb_right = NULL; 1354 } 1355 1356 destroy_av(ai, av, NULL); 1357 } 1358 } 1359 1360 kmem_cache_destroy(ai->aeb_slab_cache); 1361 kfree(ai); 1362} 1363 1364/** 1365 * scan_all - scan entire MTD device. 1366 * @ubi: UBI device description object 1367 * @ai: attach info object 1368 * @start: start scanning at this PEB 1369 * 1370 * This function does full scanning of an MTD device and returns complete 1371 * information about it in form of a "struct ubi_attach_info" object. In case 1372 * of failure, an error code is returned. 1373 */ 1374static int scan_all(struct ubi_device *ubi, struct ubi_attach_info *ai, 1375 int start) 1376{ 1377 int err, pnum; 1378 struct rb_node *rb1, *rb2; 1379 struct ubi_ainf_volume *av; 1380 struct ubi_ainf_peb *aeb; 1381 1382 err = -ENOMEM; 1383 1384 ai->ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL); 1385 if (!ai->ech) 1386 return err; 1387 1388 ai->vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL); 1389 if (!ai->vidb) 1390 goto out_ech; 1391 1392 for (pnum = start; pnum < ubi->peb_count; pnum++) { 1393 cond_resched(); 1394 1395 dbg_gen("process PEB %d", pnum); 1396 err = scan_peb(ubi, ai, pnum, false); 1397 if (err < 0) 1398 goto out_vidh; 1399 } 1400 1401 ubi_msg(ubi, "scanning is finished"); 1402 1403 /* Calculate mean erase counter */ 1404 if (ai->ec_count) 1405 ai->mean_ec = div_u64(ai->ec_sum, ai->ec_count); 1406 1407 err = late_analysis(ubi, ai); 1408 if (err) 1409 goto out_vidh; 1410 1411 /* 1412 * In case of unknown erase counter we use the mean erase counter 1413 * value. 1414 */ 1415 ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) { 1416 ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) 1417 if (aeb->ec == UBI_UNKNOWN) 1418 aeb->ec = ai->mean_ec; 1419 } 1420 1421 list_for_each_entry(aeb, &ai->free, u.list) { 1422 if (aeb->ec == UBI_UNKNOWN) 1423 aeb->ec = ai->mean_ec; 1424 } 1425 1426 list_for_each_entry(aeb, &ai->corr, u.list) 1427 if (aeb->ec == UBI_UNKNOWN) 1428 aeb->ec = ai->mean_ec; 1429 1430 list_for_each_entry(aeb, &ai->erase, u.list) 1431 if (aeb->ec == UBI_UNKNOWN) 1432 aeb->ec = ai->mean_ec; 1433 1434 err = self_check_ai(ubi, ai); 1435 if (err) 1436 goto out_vidh; 1437 1438 ubi_free_vid_buf(ai->vidb); 1439 kfree(ai->ech); 1440 1441 return 0; 1442 1443out_vidh: 1444 ubi_free_vid_buf(ai->vidb); 1445out_ech: 1446 kfree(ai->ech); 1447 return err; 1448} 1449 1450static struct ubi_attach_info *alloc_ai(void) 1451{ 1452 struct ubi_attach_info *ai; 1453 1454 ai = kzalloc(sizeof(struct ubi_attach_info), GFP_KERNEL); 1455 if (!ai) 1456 return ai; 1457 1458 INIT_LIST_HEAD(&ai->corr); 1459 INIT_LIST_HEAD(&ai->free); 1460 INIT_LIST_HEAD(&ai->erase); 1461 INIT_LIST_HEAD(&ai->alien); 1462 INIT_LIST_HEAD(&ai->fastmap); 1463 ai->volumes = RB_ROOT; 1464 ai->aeb_slab_cache = kmem_cache_create("ubi_aeb_slab_cache", 1465 sizeof(struct ubi_ainf_peb), 1466 0, 0, NULL); 1467 if (!ai->aeb_slab_cache) { 1468 kfree(ai); 1469 ai = NULL; 1470 } 1471 1472 return ai; 1473} 1474 1475#ifdef CONFIG_MTD_UBI_FASTMAP 1476 1477/** 1478 * scan_fast - try to find a fastmap and attach from it. 1479 * @ubi: UBI device description object 1480 * @ai: attach info object 1481 * 1482 * Returns 0 on success, negative return values indicate an internal 1483 * error. 1484 * UBI_NO_FASTMAP denotes that no fastmap was found. 1485 * UBI_BAD_FASTMAP denotes that the found fastmap was invalid. 1486 */ 1487static int scan_fast(struct ubi_device *ubi, struct ubi_attach_info **ai) 1488{ 1489 int err, pnum; 1490 struct ubi_attach_info *scan_ai; 1491 1492 err = -ENOMEM; 1493 1494 scan_ai = alloc_ai(); 1495 if (!scan_ai) 1496 goto out; 1497 1498 scan_ai->ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL); 1499 if (!scan_ai->ech) 1500 goto out_ai; 1501 1502 scan_ai->vidb = ubi_alloc_vid_buf(ubi, GFP_KERNEL); 1503 if (!scan_ai->vidb) 1504 goto out_ech; 1505 1506 for (pnum = 0; pnum < UBI_FM_MAX_START; pnum++) { 1507 cond_resched(); 1508 1509 dbg_gen("process PEB %d", pnum); 1510 err = scan_peb(ubi, scan_ai, pnum, true); 1511 if (err < 0) 1512 goto out_vidh; 1513 } 1514 1515 ubi_free_vid_buf(scan_ai->vidb); 1516 kfree(scan_ai->ech); 1517 1518 if (scan_ai->force_full_scan) 1519 err = UBI_NO_FASTMAP; 1520 else 1521 err = ubi_scan_fastmap(ubi, *ai, scan_ai); 1522 1523 if (err) { 1524 /* 1525 * Didn't attach via fastmap, do a full scan but reuse what 1526 * we've aready scanned. 1527 */ 1528 destroy_ai(*ai); 1529 *ai = scan_ai; 1530 } else 1531 destroy_ai(scan_ai); 1532 1533 return err; 1534 1535out_vidh: 1536 ubi_free_vid_buf(scan_ai->vidb); 1537out_ech: 1538 kfree(scan_ai->ech); 1539out_ai: 1540 destroy_ai(scan_ai); 1541out: 1542 return err; 1543} 1544 1545#endif 1546 1547/** 1548 * ubi_attach - attach an MTD device. 1549 * @ubi: UBI device descriptor 1550 * @force_scan: if set to non-zero attach by scanning 1551 * 1552 * This function returns zero in case of success and a negative error code in 1553 * case of failure. 1554 */ 1555int ubi_attach(struct ubi_device *ubi, int force_scan) 1556{ 1557 int err; 1558 struct ubi_attach_info *ai; 1559 1560 ai = alloc_ai(); 1561 if (!ai) 1562 return -ENOMEM; 1563 1564#ifdef CONFIG_MTD_UBI_FASTMAP 1565 /* On small flash devices we disable fastmap in any case. */ 1566 if ((int)mtd_div_by_eb(ubi->mtd->size, ubi->mtd) <= UBI_FM_MAX_START) { 1567 ubi->fm_disabled = 1; 1568 force_scan = 1; 1569 } 1570 1571 if (force_scan) 1572 err = scan_all(ubi, ai, 0); 1573 else { 1574 err = scan_fast(ubi, &ai); 1575 if (err > 0 || mtd_is_eccerr(err)) { 1576 if (err != UBI_NO_FASTMAP) { 1577 destroy_ai(ai); 1578 ai = alloc_ai(); 1579 if (!ai) 1580 return -ENOMEM; 1581 1582 err = scan_all(ubi, ai, 0); 1583 } else { 1584 err = scan_all(ubi, ai, UBI_FM_MAX_START); 1585 } 1586 } 1587 } 1588#else 1589 err = scan_all(ubi, ai, 0); 1590#endif 1591 if (err) 1592 goto out_ai; 1593 1594 ubi->bad_peb_count = ai->bad_peb_count; 1595 ubi->good_peb_count = ubi->peb_count - ubi->bad_peb_count; 1596 ubi->corr_peb_count = ai->corr_peb_count; 1597 ubi->max_ec = ai->max_ec; 1598 ubi->mean_ec = ai->mean_ec; 1599 dbg_gen("max. sequence number: %llu", ai->max_sqnum); 1600 1601 err = ubi_read_volume_table(ubi, ai); 1602 if (err) 1603 goto out_ai; 1604 1605 err = ubi_wl_init(ubi, ai); 1606 if (err) 1607 goto out_vtbl; 1608 1609 err = ubi_eba_init(ubi, ai); 1610 if (err) 1611 goto out_wl; 1612 1613#ifdef CONFIG_MTD_UBI_FASTMAP 1614 if (ubi->fm && ubi_dbg_chk_fastmap(ubi)) { 1615 struct ubi_attach_info *scan_ai; 1616 1617 scan_ai = alloc_ai(); 1618 if (!scan_ai) { 1619 err = -ENOMEM; 1620 goto out_wl; 1621 } 1622 1623 err = scan_all(ubi, scan_ai, 0); 1624 if (err) { 1625 destroy_ai(scan_ai); 1626 goto out_wl; 1627 } 1628 1629 err = self_check_eba(ubi, ai, scan_ai); 1630 destroy_ai(scan_ai); 1631 1632 if (err) 1633 goto out_wl; 1634 } 1635#endif 1636 1637 destroy_ai(ai); 1638 return 0; 1639 1640out_wl: 1641 ubi_wl_close(ubi); 1642out_vtbl: 1643 ubi_free_all_volumes(ubi); 1644 vfree(ubi->vtbl); 1645out_ai: 1646 destroy_ai(ai); 1647 return err; 1648} 1649 1650/** 1651 * self_check_ai - check the attaching information. 1652 * @ubi: UBI device description object 1653 * @ai: attaching information 1654 * 1655 * This function returns zero if the attaching information is all right, and a 1656 * negative error code if not or if an error occurred. 1657 */ 1658static int self_check_ai(struct ubi_device *ubi, struct ubi_attach_info *ai) 1659{ 1660 struct ubi_vid_io_buf *vidb = ai->vidb; 1661 struct ubi_vid_hdr *vidh = ubi_get_vid_hdr(vidb); 1662 int pnum, err, vols_found = 0; 1663 struct rb_node *rb1, *rb2; 1664 struct ubi_ainf_volume *av; 1665 struct ubi_ainf_peb *aeb, *last_aeb; 1666 uint8_t *buf; 1667 1668 if (!ubi_dbg_chk_gen(ubi)) 1669 return 0; 1670 1671 /* 1672 * At first, check that attaching information is OK. 1673 */ 1674 ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) { 1675 int leb_count = 0; 1676 1677 cond_resched(); 1678 1679 vols_found += 1; 1680 1681 if (ai->is_empty) { 1682 ubi_err(ubi, "bad is_empty flag"); 1683 goto bad_av; 1684 } 1685 1686 if (av->vol_id < 0 || av->highest_lnum < 0 || 1687 av->leb_count < 0 || av->vol_type < 0 || av->used_ebs < 0 || 1688 av->data_pad < 0 || av->last_data_size < 0) { 1689 ubi_err(ubi, "negative values"); 1690 goto bad_av; 1691 } 1692 1693 if (av->vol_id >= UBI_MAX_VOLUMES && 1694 av->vol_id < UBI_INTERNAL_VOL_START) { 1695 ubi_err(ubi, "bad vol_id"); 1696 goto bad_av; 1697 } 1698 1699 if (av->vol_id > ai->highest_vol_id) { 1700 ubi_err(ubi, "highest_vol_id is %d, but vol_id %d is there", 1701 ai->highest_vol_id, av->vol_id); 1702 goto out; 1703 } 1704 1705 if (av->vol_type != UBI_DYNAMIC_VOLUME && 1706 av->vol_type != UBI_STATIC_VOLUME) { 1707 ubi_err(ubi, "bad vol_type"); 1708 goto bad_av; 1709 } 1710 1711 if (av->data_pad > ubi->leb_size / 2) { 1712 ubi_err(ubi, "bad data_pad"); 1713 goto bad_av; 1714 } 1715 1716 last_aeb = NULL; 1717 ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) { 1718 cond_resched(); 1719 1720 last_aeb = aeb; 1721 leb_count += 1; 1722 1723 if (aeb->pnum < 0 || aeb->ec < 0) { 1724 ubi_err(ubi, "negative values"); 1725 goto bad_aeb; 1726 } 1727 1728 if (aeb->ec < ai->min_ec) { 1729 ubi_err(ubi, "bad ai->min_ec (%d), %d found", 1730 ai->min_ec, aeb->ec); 1731 goto bad_aeb; 1732 } 1733 1734 if (aeb->ec > ai->max_ec) { 1735 ubi_err(ubi, "bad ai->max_ec (%d), %d found", 1736 ai->max_ec, aeb->ec); 1737 goto bad_aeb; 1738 } 1739 1740 if (aeb->pnum >= ubi->peb_count) { 1741 ubi_err(ubi, "too high PEB number %d, total PEBs %d", 1742 aeb->pnum, ubi->peb_count); 1743 goto bad_aeb; 1744 } 1745 1746 if (av->vol_type == UBI_STATIC_VOLUME) { 1747 if (aeb->lnum >= av->used_ebs) { 1748 ubi_err(ubi, "bad lnum or used_ebs"); 1749 goto bad_aeb; 1750 } 1751 } else { 1752 if (av->used_ebs != 0) { 1753 ubi_err(ubi, "non-zero used_ebs"); 1754 goto bad_aeb; 1755 } 1756 } 1757 1758 if (aeb->lnum > av->highest_lnum) { 1759 ubi_err(ubi, "incorrect highest_lnum or lnum"); 1760 goto bad_aeb; 1761 } 1762 } 1763 1764 if (av->leb_count != leb_count) { 1765 ubi_err(ubi, "bad leb_count, %d objects in the tree", 1766 leb_count); 1767 goto bad_av; 1768 } 1769 1770 if (!last_aeb) 1771 continue; 1772 1773 aeb = last_aeb; 1774 1775 if (aeb->lnum != av->highest_lnum) { 1776 ubi_err(ubi, "bad highest_lnum"); 1777 goto bad_aeb; 1778 } 1779 } 1780 1781 if (vols_found != ai->vols_found) { 1782 ubi_err(ubi, "bad ai->vols_found %d, should be %d", 1783 ai->vols_found, vols_found); 1784 goto out; 1785 } 1786 1787 /* Check that attaching information is correct */ 1788 ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) { 1789 last_aeb = NULL; 1790 ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) { 1791 int vol_type; 1792 1793 cond_resched(); 1794 1795 last_aeb = aeb; 1796 1797 err = ubi_io_read_vid_hdr(ubi, aeb->pnum, vidb, 1); 1798 if (err && err != UBI_IO_BITFLIPS) { 1799 ubi_err(ubi, "VID header is not OK (%d)", 1800 err); 1801 if (err > 0) 1802 err = -EIO; 1803 return err; 1804 } 1805 1806 vol_type = vidh->vol_type == UBI_VID_DYNAMIC ? 1807 UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME; 1808 if (av->vol_type != vol_type) { 1809 ubi_err(ubi, "bad vol_type"); 1810 goto bad_vid_hdr; 1811 } 1812 1813 if (aeb->sqnum != be64_to_cpu(vidh->sqnum)) { 1814 ubi_err(ubi, "bad sqnum %llu", aeb->sqnum); 1815 goto bad_vid_hdr; 1816 } 1817 1818 if (av->vol_id != be32_to_cpu(vidh->vol_id)) { 1819 ubi_err(ubi, "bad vol_id %d", av->vol_id); 1820 goto bad_vid_hdr; 1821 } 1822 1823 if (av->compat != vidh->compat) { 1824 ubi_err(ubi, "bad compat %d", vidh->compat); 1825 goto bad_vid_hdr; 1826 } 1827 1828 if (aeb->lnum != be32_to_cpu(vidh->lnum)) { 1829 ubi_err(ubi, "bad lnum %d", aeb->lnum); 1830 goto bad_vid_hdr; 1831 } 1832 1833 if (av->used_ebs != be32_to_cpu(vidh->used_ebs)) { 1834 ubi_err(ubi, "bad used_ebs %d", av->used_ebs); 1835 goto bad_vid_hdr; 1836 } 1837 1838 if (av->data_pad != be32_to_cpu(vidh->data_pad)) { 1839 ubi_err(ubi, "bad data_pad %d", av->data_pad); 1840 goto bad_vid_hdr; 1841 } 1842 } 1843 1844 if (!last_aeb) 1845 continue; 1846 1847 if (av->highest_lnum != be32_to_cpu(vidh->lnum)) { 1848 ubi_err(ubi, "bad highest_lnum %d", av->highest_lnum); 1849 goto bad_vid_hdr; 1850 } 1851 1852 if (av->last_data_size != be32_to_cpu(vidh->data_size)) { 1853 ubi_err(ubi, "bad last_data_size %d", 1854 av->last_data_size); 1855 goto bad_vid_hdr; 1856 } 1857 } 1858 1859 /* 1860 * Make sure that all the physical eraseblocks are in one of the lists 1861 * or trees. 1862 */ 1863 buf = kzalloc(ubi->peb_count, GFP_KERNEL); 1864 if (!buf) 1865 return -ENOMEM; 1866 1867 for (pnum = 0; pnum < ubi->peb_count; pnum++) { 1868 err = ubi_io_is_bad(ubi, pnum); 1869 if (err < 0) { 1870 kfree(buf); 1871 return err; 1872 } else if (err) 1873 buf[pnum] = 1; 1874 } 1875 1876 ubi_rb_for_each_entry(rb1, av, &ai->volumes, rb) 1877 ubi_rb_for_each_entry(rb2, aeb, &av->root, u.rb) 1878 buf[aeb->pnum] = 1; 1879 1880 list_for_each_entry(aeb, &ai->free, u.list) 1881 buf[aeb->pnum] = 1; 1882 1883 list_for_each_entry(aeb, &ai->corr, u.list) 1884 buf[aeb->pnum] = 1; 1885 1886 list_for_each_entry(aeb, &ai->erase, u.list) 1887 buf[aeb->pnum] = 1; 1888 1889 list_for_each_entry(aeb, &ai->alien, u.list) 1890 buf[aeb->pnum] = 1; 1891 1892 err = 0; 1893 for (pnum = 0; pnum < ubi->peb_count; pnum++) 1894 if (!buf[pnum]) { 1895 ubi_err(ubi, "PEB %d is not referred", pnum); 1896 err = 1; 1897 } 1898 1899 kfree(buf); 1900 if (err) 1901 goto out; 1902 return 0; 1903 1904bad_aeb: 1905 ubi_err(ubi, "bad attaching information about LEB %d", aeb->lnum); 1906 ubi_dump_aeb(aeb, 0); 1907 ubi_dump_av(av); 1908 goto out; 1909 1910bad_av: 1911 ubi_err(ubi, "bad attaching information about volume %d", av->vol_id); 1912 ubi_dump_av(av); 1913 goto out; 1914 1915bad_vid_hdr: 1916 ubi_err(ubi, "bad attaching information about volume %d", av->vol_id); 1917 ubi_dump_av(av); 1918 ubi_dump_vid_hdr(vidh); 1919 1920out: 1921 dump_stack(); 1922 return -EINVAL; 1923}