1/* 2 * Copyright (c) International Business Machines Corp., 2006 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See 12 * the GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 17 * 18 * Author: Artem Bityutskiy (ÐиÑÑÑкий ÐÑÑÑм) 19 */ 20 21/* 22 * UBI scanning sub-system. 23 * 24 * This sub-system is responsible for scanning the flash media, checking UBI 25 * headers and providing complete information about the UBI flash image. 26 * 27 * The scanning information is represented by a &struct ubi_scan_info' object. 28 * Information about found volumes is represented by &struct ubi_scan_volume 29 * objects which are kept in volume RB-tree with root at the @volumes field. 30 * The RB-tree is indexed by the volume ID. 31 * 32 * Scanned logical eraseblocks are represented by &struct ubi_scan_leb objects. 33 * These objects are kept in per-volume RB-trees with the root at the 34 * corresponding &struct ubi_scan_volume object. To put it differently, we keep 35 * an RB-tree of per-volume objects and each of these objects is the root of 36 * RB-tree of per-eraseblock objects. 37 * 38 * Corrupted physical eraseblocks are put to the @corr list, free physical 39 * eraseblocks are put to the @free list and the physical eraseblock to be 40 * erased are put to the @erase list. 41 * 42 * About corruptions 43 * ~~~~~~~~~~~~~~~~~ 44 * 45 * UBI protects EC and VID headers with CRC-32 checksums, so it can detect 46 * whether the headers are corrupted or not. Sometimes UBI also protects the 47 * data with CRC-32, e.g., when it executes the atomic LEB change operation, or 48 * when it moves the contents of a PEB for wear-leveling purposes. 49 * 50 * UBI tries to distinguish between 2 types of corruptions. 51 * 52 * 1. Corruptions caused by power cuts. These are expected corruptions and UBI 53 * tries to handle them gracefully, without printing too many warnings and 54 * error messages. The idea is that we do not lose important data in these case 55 * - we may lose only the data which was being written to the media just before 56 * the power cut happened, and the upper layers (e.g., UBIFS) are supposed to 57 * handle such data losses (e.g., by using the FS journal). 58 * 59 * When UBI detects a corruption (CRC-32 mismatch) in a PEB, and it looks like 60 * the reason is a power cut, UBI puts this PEB to the @erase list, and all 61 * PEBs in the @erase list are scheduled for erasure later. 62 * 63 * 2. Unexpected corruptions which are not caused by power cuts. During 64 * scanning, such PEBs are put to the @corr list and UBI preserves them. 65 * Obviously, this lessens the amount of available PEBs, and if at some point 66 * UBI runs out of free PEBs, it switches to R/O mode. UBI also loudly informs 67 * about such PEBs every time the MTD device is attached. 68 * 69 * However, it is difficult to reliably distinguish between these types of 70 * corruptions and UBI's strategy is as follows. UBI assumes corruption type 2 71 * if the VID header is corrupted and the data area does not contain all 0xFFs, 72 * and there were no bit-flips or integrity errors while reading the data area. 73 * Otherwise UBI assumes corruption type 1. So the decision criteria are as 74 * follows. 75 * o If the data area contains only 0xFFs, there is no data, and it is safe 76 * to just erase this PEB - this is corruption type 1. 77 * o If the data area has bit-flips or data integrity errors (ECC errors on 78 * NAND), it is probably a PEB which was being erased when power cut 79 * happened, so this is corruption type 1. However, this is just a guess, 80 * which might be wrong. 81 * o Otherwise this it corruption type 2. 82 */ 83 84#include <linux/err.h> 85#include <linux/slab.h> 86#include <linux/crc32.h> 87#include <linux/math64.h> 88#include <linux/random.h> 89#include "ubi.h" 90 91#ifdef CONFIG_MTD_UBI_DEBUG 92static int paranoid_check_si(struct ubi_device *ubi, struct ubi_scan_info *si); 93#else 94#define paranoid_check_si(ubi, si) 0 95#endif 96 97/* Temporary variables used during scanning */ 98static struct ubi_ec_hdr *ech; 99static struct ubi_vid_hdr *vidh; 100 101/** 102 * add_to_list - add physical eraseblock to a list. 103 * @si: scanning information 104 * @pnum: physical eraseblock number to add 105 * @ec: erase counter of the physical eraseblock 106 * @to_head: if not zero, add to the head of the list 107 * @list: the list to add to 108 * 109 * This function adds physical eraseblock @pnum to free, erase, or alien lists. 110 * If @to_head is not zero, PEB will be added to the head of the list, which 111 * basically means it will be processed first later. E.g., we add corrupted 112 * PEBs (corrupted due to power cuts) to the head of the erase list to make 113 * sure we erase them first and get rid of corruptions ASAP. This function 114 * returns zero in case of success and a negative error code in case of 115 * failure. 116 */ 117static int add_to_list(struct ubi_scan_info *si, int pnum, int ec, int to_head, 118 struct list_head *list) 119{ 120 struct ubi_scan_leb *seb; 121 122 if (list == &si->free) { 123 dbg_bld("add to free: PEB %d, EC %d", pnum, ec); 124 } else if (list == &si->erase) { 125 dbg_bld("add to erase: PEB %d, EC %d", pnum, ec); 126 } else if (list == &si->alien) { 127 dbg_bld("add to alien: PEB %d, EC %d", pnum, ec); 128 si->alien_peb_count += 1; 129 } else 130 BUG(); 131 132 seb = kmem_cache_alloc(si->scan_leb_slab, GFP_KERNEL); 133 if (!seb) 134 return -ENOMEM; 135 136 seb->pnum = pnum; 137 seb->ec = ec; 138 if (to_head) 139 list_add(&seb->u.list, list); 140 else 141 list_add_tail(&seb->u.list, list); 142 return 0; 143} 144 145/** 146 * add_corrupted - add a corrupted physical eraseblock. 147 * @si: scanning information 148 * @pnum: physical eraseblock number to add 149 * @ec: erase counter of the physical eraseblock 150 * 151 * This function adds corrupted physical eraseblock @pnum to the 'corr' list. 152 * The corruption was presumably not caused by a power cut. Returns zero in 153 * case of success and a negative error code in case of failure. 154 */ 155static int add_corrupted(struct ubi_scan_info *si, int pnum, int ec) 156{ 157 struct ubi_scan_leb *seb; 158 159 dbg_bld("add to corrupted: PEB %d, EC %d", pnum, ec); 160 161 seb = kmem_cache_alloc(si->scan_leb_slab, GFP_KERNEL); 162 if (!seb) 163 return -ENOMEM; 164 165 si->corr_peb_count += 1; 166 seb->pnum = pnum; 167 seb->ec = ec; 168 list_add(&seb->u.list, &si->corr); 169 return 0; 170} 171 172/** 173 * validate_vid_hdr - check volume identifier header. 174 * @vid_hdr: the volume identifier header to check 175 * @sv: information about the volume this logical eraseblock belongs to 176 * @pnum: physical eraseblock number the VID header came from 177 * 178 * This function checks that data stored in @vid_hdr is consistent. Returns 179 * non-zero if an inconsistency was found and zero if not. 180 * 181 * Note, UBI does sanity check of everything it reads from the flash media. 182 * Most of the checks are done in the I/O sub-system. Here we check that the 183 * information in the VID header is consistent to the information in other VID 184 * headers of the same volume. 185 */ 186static int validate_vid_hdr(const struct ubi_vid_hdr *vid_hdr, 187 const struct ubi_scan_volume *sv, int pnum) 188{ 189 int vol_type = vid_hdr->vol_type; 190 int vol_id = be32_to_cpu(vid_hdr->vol_id); 191 int used_ebs = be32_to_cpu(vid_hdr->used_ebs); 192 int data_pad = be32_to_cpu(vid_hdr->data_pad); 193 194 if (sv->leb_count != 0) { 195 int sv_vol_type; 196 197 /* 198 * This is not the first logical eraseblock belonging to this 199 * volume. Ensure that the data in its VID header is consistent 200 * to the data in previous logical eraseblock headers. 201 */ 202 203 if (vol_id != sv->vol_id) { 204 dbg_err("inconsistent vol_id"); 205 goto bad; 206 } 207 208 if (sv->vol_type == UBI_STATIC_VOLUME) 209 sv_vol_type = UBI_VID_STATIC; 210 else 211 sv_vol_type = UBI_VID_DYNAMIC; 212 213 if (vol_type != sv_vol_type) { 214 dbg_err("inconsistent vol_type"); 215 goto bad; 216 } 217 218 if (used_ebs != sv->used_ebs) { 219 dbg_err("inconsistent used_ebs"); 220 goto bad; 221 } 222 223 if (data_pad != sv->data_pad) { 224 dbg_err("inconsistent data_pad"); 225 goto bad; 226 } 227 } 228 229 return 0; 230 231bad: 232 ubi_err("inconsistent VID header at PEB %d", pnum); 233 ubi_dbg_dump_vid_hdr(vid_hdr); 234 ubi_dbg_dump_sv(sv); 235 return -EINVAL; 236} 237 238/** 239 * add_volume - add volume to the scanning information. 240 * @si: scanning information 241 * @vol_id: ID of the volume to add 242 * @pnum: physical eraseblock number 243 * @vid_hdr: volume identifier header 244 * 245 * If the volume corresponding to the @vid_hdr logical eraseblock is already 246 * present in the scanning information, this function does nothing. Otherwise 247 * it adds corresponding volume to the scanning information. Returns a pointer 248 * to the scanning volume object in case of success and a negative error code 249 * in case of failure. 250 */ 251static struct ubi_scan_volume *add_volume(struct ubi_scan_info *si, int vol_id, 252 int pnum, 253 const struct ubi_vid_hdr *vid_hdr) 254{ 255 struct ubi_scan_volume *sv; 256 struct rb_node **p = &si->volumes.rb_node, *parent = NULL; 257 258 ubi_assert(vol_id == be32_to_cpu(vid_hdr->vol_id)); 259 260 /* Walk the volume RB-tree to look if this volume is already present */ 261 while (*p) { 262 parent = *p; 263 sv = rb_entry(parent, struct ubi_scan_volume, rb); 264 265 if (vol_id == sv->vol_id) 266 return sv; 267 268 if (vol_id > sv->vol_id) 269 p = &(*p)->rb_left; 270 else 271 p = &(*p)->rb_right; 272 } 273 274 /* The volume is absent - add it */ 275 sv = kmalloc(sizeof(struct ubi_scan_volume), GFP_KERNEL); 276 if (!sv) 277 return ERR_PTR(-ENOMEM); 278 279 sv->highest_lnum = sv->leb_count = 0; 280 sv->vol_id = vol_id; 281 sv->root = RB_ROOT; 282 sv->used_ebs = be32_to_cpu(vid_hdr->used_ebs); 283 sv->data_pad = be32_to_cpu(vid_hdr->data_pad); 284 sv->compat = vid_hdr->compat; 285 sv->vol_type = vid_hdr->vol_type == UBI_VID_DYNAMIC ? UBI_DYNAMIC_VOLUME 286 : UBI_STATIC_VOLUME; 287 if (vol_id > si->highest_vol_id) 288 si->highest_vol_id = vol_id; 289 290 rb_link_node(&sv->rb, parent, p); 291 rb_insert_color(&sv->rb, &si->volumes); 292 si->vols_found += 1; 293 dbg_bld("added volume %d", vol_id); 294 return sv; 295} 296 297/** 298 * compare_lebs - find out which logical eraseblock is newer. 299 * @ubi: UBI device description object 300 * @seb: first logical eraseblock to compare 301 * @pnum: physical eraseblock number of the second logical eraseblock to 302 * compare 303 * @vid_hdr: volume identifier header of the second logical eraseblock 304 * 305 * This function compares 2 copies of a LEB and informs which one is newer. In 306 * case of success this function returns a positive value, in case of failure, a 307 * negative error code is returned. The success return codes use the following 308 * bits: 309 * o bit 0 is cleared: the first PEB (described by @seb) is newer than the 310 * second PEB (described by @pnum and @vid_hdr); 311 * o bit 0 is set: the second PEB is newer; 312 * o bit 1 is cleared: no bit-flips were detected in the newer LEB; 313 * o bit 1 is set: bit-flips were detected in the newer LEB; 314 * o bit 2 is cleared: the older LEB is not corrupted; 315 * o bit 2 is set: the older LEB is corrupted. 316 */ 317static int compare_lebs(struct ubi_device *ubi, const struct ubi_scan_leb *seb, 318 int pnum, const struct ubi_vid_hdr *vid_hdr) 319{ 320 void *buf; 321 int len, err, second_is_newer, bitflips = 0, corrupted = 0; 322 uint32_t data_crc, crc; 323 struct ubi_vid_hdr *vh = NULL; 324 unsigned long long sqnum2 = be64_to_cpu(vid_hdr->sqnum); 325 326 if (sqnum2 == seb->sqnum) { 327 /* 328 * This must be a really ancient UBI image which has been 329 * created before sequence numbers support has been added. At 330 * that times we used 32-bit LEB versions stored in logical 331 * eraseblocks. That was before UBI got into mainline. We do not 332 * support these images anymore. Well, those images still work, 333 * but only if no unclean reboots happened. 334 */ 335 ubi_err("unsupported on-flash UBI format\n"); 336 return -EINVAL; 337 } 338 339 /* Obviously the LEB with lower sequence counter is older */ 340 second_is_newer = !!(sqnum2 > seb->sqnum); 341 342 /* 343 * Now we know which copy is newer. If the copy flag of the PEB with 344 * newer version is not set, then we just return, otherwise we have to 345 * check data CRC. For the second PEB we already have the VID header, 346 * for the first one - we'll need to re-read it from flash. 347 * 348 * Note: this may be optimized so that we wouldn't read twice. 349 */ 350 351 if (second_is_newer) { 352 if (!vid_hdr->copy_flag) { 353 /* It is not a copy, so it is newer */ 354 dbg_bld("second PEB %d is newer, copy_flag is unset", 355 pnum); 356 return 1; 357 } 358 } else { 359 if (!seb->copy_flag) { 360 /* It is not a copy, so it is newer */ 361 dbg_bld("first PEB %d is newer, copy_flag is unset", 362 pnum); 363 return bitflips << 1; 364 } 365 366 vh = ubi_zalloc_vid_hdr(ubi, GFP_KERNEL); 367 if (!vh) 368 return -ENOMEM; 369 370 pnum = seb->pnum; 371 err = ubi_io_read_vid_hdr(ubi, pnum, vh, 0); 372 if (err) { 373 if (err == UBI_IO_BITFLIPS) 374 bitflips = 1; 375 else { 376 dbg_err("VID of PEB %d header is bad, but it " 377 "was OK earlier, err %d", pnum, err); 378 if (err > 0) 379 err = -EIO; 380 381 goto out_free_vidh; 382 } 383 } 384 385 vid_hdr = vh; 386 } 387 388 /* Read the data of the copy and check the CRC */ 389 390 len = be32_to_cpu(vid_hdr->data_size); 391 buf = vmalloc(len); 392 if (!buf) { 393 err = -ENOMEM; 394 goto out_free_vidh; 395 } 396 397 err = ubi_io_read_data(ubi, buf, pnum, 0, len); 398 if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err)) 399 goto out_free_buf; 400 401 data_crc = be32_to_cpu(vid_hdr->data_crc); 402 crc = crc32(UBI_CRC32_INIT, buf, len); 403 if (crc != data_crc) { 404 dbg_bld("PEB %d CRC error: calculated %#08x, must be %#08x", 405 pnum, crc, data_crc); 406 corrupted = 1; 407 bitflips = 0; 408 second_is_newer = !second_is_newer; 409 } else { 410 dbg_bld("PEB %d CRC is OK", pnum); 411 bitflips = !!err; 412 } 413 414 vfree(buf); 415 ubi_free_vid_hdr(ubi, vh); 416 417 if (second_is_newer) 418 dbg_bld("second PEB %d is newer, copy_flag is set", pnum); 419 else 420 dbg_bld("first PEB %d is newer, copy_flag is set", pnum); 421 422 return second_is_newer | (bitflips << 1) | (corrupted << 2); 423 424out_free_buf: 425 vfree(buf); 426out_free_vidh: 427 ubi_free_vid_hdr(ubi, vh); 428 return err; 429} 430 431/** 432 * ubi_scan_add_used - add physical eraseblock to the scanning information. 433 * @ubi: UBI device description object 434 * @si: scanning information 435 * @pnum: the physical eraseblock number 436 * @ec: erase counter 437 * @vid_hdr: the volume identifier header 438 * @bitflips: if bit-flips were detected when this physical eraseblock was read 439 * 440 * This function adds information about a used physical eraseblock to the 441 * 'used' tree of the corresponding volume. The function is rather complex 442 * because it has to handle cases when this is not the first physical 443 * eraseblock belonging to the same logical eraseblock, and the newer one has 444 * to be picked, while the older one has to be dropped. This function returns 445 * zero in case of success and a negative error code in case of failure. 446 */ 447int ubi_scan_add_used(struct ubi_device *ubi, struct ubi_scan_info *si, 448 int pnum, int ec, const struct ubi_vid_hdr *vid_hdr, 449 int bitflips) 450{ 451 int err, vol_id, lnum; 452 unsigned long long sqnum; 453 struct ubi_scan_volume *sv; 454 struct ubi_scan_leb *seb; 455 struct rb_node **p, *parent = NULL; 456 457 vol_id = be32_to_cpu(vid_hdr->vol_id); 458 lnum = be32_to_cpu(vid_hdr->lnum); 459 sqnum = be64_to_cpu(vid_hdr->sqnum); 460 461 dbg_bld("PEB %d, LEB %d:%d, EC %d, sqnum %llu, bitflips %d", 462 pnum, vol_id, lnum, ec, sqnum, bitflips); 463 464 sv = add_volume(si, vol_id, pnum, vid_hdr); 465 if (IS_ERR(sv)) 466 return PTR_ERR(sv); 467 468 if (si->max_sqnum < sqnum) 469 si->max_sqnum = sqnum; 470 471 /* 472 * Walk the RB-tree of logical eraseblocks of volume @vol_id to look 473 * if this is the first instance of this logical eraseblock or not. 474 */ 475 p = &sv->root.rb_node; 476 while (*p) { 477 int cmp_res; 478 479 parent = *p; 480 seb = rb_entry(parent, struct ubi_scan_leb, u.rb); 481 if (lnum != seb->lnum) { 482 if (lnum < seb->lnum) 483 p = &(*p)->rb_left; 484 else 485 p = &(*p)->rb_right; 486 continue; 487 } 488 489 /* 490 * There is already a physical eraseblock describing the same 491 * logical eraseblock present. 492 */ 493 494 dbg_bld("this LEB already exists: PEB %d, sqnum %llu, " 495 "EC %d", seb->pnum, seb->sqnum, seb->ec); 496 497 /* 498 * Make sure that the logical eraseblocks have different 499 * sequence numbers. Otherwise the image is bad. 500 * 501 * However, if the sequence number is zero, we assume it must 502 * be an ancient UBI image from the era when UBI did not have 503 * sequence numbers. We still can attach these images, unless 504 * there is a need to distinguish between old and new 505 * eraseblocks, in which case we'll refuse the image in 506 * 'compare_lebs()'. In other words, we attach old clean 507 * images, but refuse attaching old images with duplicated 508 * logical eraseblocks because there was an unclean reboot. 509 */ 510 if (seb->sqnum == sqnum && sqnum != 0) { 511 ubi_err("two LEBs with same sequence number %llu", 512 sqnum); 513 ubi_dbg_dump_seb(seb, 0); 514 ubi_dbg_dump_vid_hdr(vid_hdr); 515 return -EINVAL; 516 } 517 518 /* 519 * Now we have to drop the older one and preserve the newer 520 * one. 521 */ 522 cmp_res = compare_lebs(ubi, seb, pnum, vid_hdr); 523 if (cmp_res < 0) 524 return cmp_res; 525 526 if (cmp_res & 1) { 527 /* 528 * This logical eraseblock is newer than the one 529 * found earlier. 530 */ 531 err = validate_vid_hdr(vid_hdr, sv, pnum); 532 if (err) 533 return err; 534 535 err = add_to_list(si, seb->pnum, seb->ec, cmp_res & 4, 536 &si->erase); 537 if (err) 538 return err; 539 540 seb->ec = ec; 541 seb->pnum = pnum; 542 seb->scrub = ((cmp_res & 2) || bitflips); 543 seb->copy_flag = vid_hdr->copy_flag; 544 seb->sqnum = sqnum; 545 546 if (sv->highest_lnum == lnum) 547 sv->last_data_size = 548 be32_to_cpu(vid_hdr->data_size); 549 550 return 0; 551 } else { 552 /* 553 * This logical eraseblock is older than the one found 554 * previously. 555 */ 556 return add_to_list(si, pnum, ec, cmp_res & 4, 557 &si->erase); 558 } 559 } 560 561 /* 562 * We've met this logical eraseblock for the first time, add it to the 563 * scanning information. 564 */ 565 566 err = validate_vid_hdr(vid_hdr, sv, pnum); 567 if (err) 568 return err; 569 570 seb = kmem_cache_alloc(si->scan_leb_slab, GFP_KERNEL); 571 if (!seb) 572 return -ENOMEM; 573 574 seb->ec = ec; 575 seb->pnum = pnum; 576 seb->lnum = lnum; 577 seb->scrub = bitflips; 578 seb->copy_flag = vid_hdr->copy_flag; 579 seb->sqnum = sqnum; 580 581 if (sv->highest_lnum <= lnum) { 582 sv->highest_lnum = lnum; 583 sv->last_data_size = be32_to_cpu(vid_hdr->data_size); 584 } 585 586 sv->leb_count += 1; 587 rb_link_node(&seb->u.rb, parent, p); 588 rb_insert_color(&seb->u.rb, &sv->root); 589 return 0; 590} 591 592/** 593 * ubi_scan_find_sv - find volume in the scanning information. 594 * @si: scanning information 595 * @vol_id: the requested volume ID 596 * 597 * This function returns a pointer to the volume description or %NULL if there 598 * are no data about this volume in the scanning information. 599 */ 600struct ubi_scan_volume *ubi_scan_find_sv(const struct ubi_scan_info *si, 601 int vol_id) 602{ 603 struct ubi_scan_volume *sv; 604 struct rb_node *p = si->volumes.rb_node; 605 606 while (p) { 607 sv = rb_entry(p, struct ubi_scan_volume, rb); 608 609 if (vol_id == sv->vol_id) 610 return sv; 611 612 if (vol_id > sv->vol_id) 613 p = p->rb_left; 614 else 615 p = p->rb_right; 616 } 617 618 return NULL; 619} 620 621/** 622 * ubi_scan_find_seb - find LEB in the volume scanning information. 623 * @sv: a pointer to the volume scanning information 624 * @lnum: the requested logical eraseblock 625 * 626 * This function returns a pointer to the scanning logical eraseblock or %NULL 627 * if there are no data about it in the scanning volume information. 628 */ 629struct ubi_scan_leb *ubi_scan_find_seb(const struct ubi_scan_volume *sv, 630 int lnum) 631{ 632 struct ubi_scan_leb *seb; 633 struct rb_node *p = sv->root.rb_node; 634 635 while (p) { 636 seb = rb_entry(p, struct ubi_scan_leb, u.rb); 637 638 if (lnum == seb->lnum) 639 return seb; 640 641 if (lnum > seb->lnum) 642 p = p->rb_left; 643 else 644 p = p->rb_right; 645 } 646 647 return NULL; 648} 649 650/** 651 * ubi_scan_rm_volume - delete scanning information about a volume. 652 * @si: scanning information 653 * @sv: the volume scanning information to delete 654 */ 655void ubi_scan_rm_volume(struct ubi_scan_info *si, struct ubi_scan_volume *sv) 656{ 657 struct rb_node *rb; 658 struct ubi_scan_leb *seb; 659 660 dbg_bld("remove scanning information about volume %d", sv->vol_id); 661 662 while ((rb = rb_first(&sv->root))) { 663 seb = rb_entry(rb, struct ubi_scan_leb, u.rb); 664 rb_erase(&seb->u.rb, &sv->root); 665 list_add_tail(&seb->u.list, &si->erase); 666 } 667 668 rb_erase(&sv->rb, &si->volumes); 669 kfree(sv); 670 si->vols_found -= 1; 671} 672 673/** 674 * ubi_scan_erase_peb - erase a physical eraseblock. 675 * @ubi: UBI device description object 676 * @si: scanning information 677 * @pnum: physical eraseblock number to erase; 678 * @ec: erase counter value to write (%UBI_SCAN_UNKNOWN_EC if it is unknown) 679 * 680 * This function erases physical eraseblock 'pnum', and writes the erase 681 * counter header to it. This function should only be used on UBI device 682 * initialization stages, when the EBA sub-system had not been yet initialized. 683 * This function returns zero in case of success and a negative error code in 684 * case of failure. 685 */ 686int ubi_scan_erase_peb(struct ubi_device *ubi, const struct ubi_scan_info *si, 687 int pnum, int ec) 688{ 689 int err; 690 struct ubi_ec_hdr *ec_hdr; 691 692 if ((long long)ec >= UBI_MAX_ERASECOUNTER) { 693 /* 694 * Erase counter overflow. Upgrade UBI and use 64-bit 695 * erase counters internally. 696 */ 697 ubi_err("erase counter overflow at PEB %d, EC %d", pnum, ec); 698 return -EINVAL; 699 } 700 701 ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL); 702 if (!ec_hdr) 703 return -ENOMEM; 704 705 ec_hdr->ec = cpu_to_be64(ec); 706 707 err = ubi_io_sync_erase(ubi, pnum, 0); 708 if (err < 0) 709 goto out_free; 710 711 err = ubi_io_write_ec_hdr(ubi, pnum, ec_hdr); 712 713out_free: 714 kfree(ec_hdr); 715 return err; 716} 717 718/** 719 * ubi_scan_get_free_peb - get a free physical eraseblock. 720 * @ubi: UBI device description object 721 * @si: scanning information 722 * 723 * This function returns a free physical eraseblock. It is supposed to be 724 * called on the UBI initialization stages when the wear-leveling sub-system is 725 * not initialized yet. This function picks a physical eraseblocks from one of 726 * the lists, writes the EC header if it is needed, and removes it from the 727 * list. 728 * 729 * This function returns scanning physical eraseblock information in case of 730 * success and an error code in case of failure. 731 */ 732struct ubi_scan_leb *ubi_scan_get_free_peb(struct ubi_device *ubi, 733 struct ubi_scan_info *si) 734{ 735 int err = 0; 736 struct ubi_scan_leb *seb, *tmp_seb; 737 738 if (!list_empty(&si->free)) { 739 seb = list_entry(si->free.next, struct ubi_scan_leb, u.list); 740 list_del(&seb->u.list); 741 dbg_bld("return free PEB %d, EC %d", seb->pnum, seb->ec); 742 return seb; 743 } 744 745 /* 746 * We try to erase the first physical eraseblock from the erase list 747 * and pick it if we succeed, or try to erase the next one if not. And 748 * so forth. We don't want to take care about bad eraseblocks here - 749 * they'll be handled later. 750 */ 751 list_for_each_entry_safe(seb, tmp_seb, &si->erase, u.list) { 752 if (seb->ec == UBI_SCAN_UNKNOWN_EC) 753 seb->ec = si->mean_ec; 754 755 err = ubi_scan_erase_peb(ubi, si, seb->pnum, seb->ec+1); 756 if (err) 757 continue; 758 759 seb->ec += 1; 760 list_del(&seb->u.list); 761 dbg_bld("return PEB %d, EC %d", seb->pnum, seb->ec); 762 return seb; 763 } 764 765 ubi_err("no free eraseblocks"); 766 return ERR_PTR(-ENOSPC); 767} 768 769/** 770 * check_corruption - check the data area of PEB. 771 * @ubi: UBI device description object 772 * @vid_hrd: the (corrupted) VID header of this PEB 773 * @pnum: the physical eraseblock number to check 774 * 775 * This is a helper function which is used to distinguish between VID header 776 * corruptions caused by power cuts and other reasons. If the PEB contains only 777 * 0xFF bytes in the data area, the VID header is most probably corrupted 778 * because of a power cut (%0 is returned in this case). Otherwise, it was 779 * probably corrupted for some other reasons (%1 is returned in this case). A 780 * negative error code is returned if a read error occurred. 781 * 782 * If the corruption reason was a power cut, UBI can safely erase this PEB. 783 * Otherwise, it should preserve it to avoid possibly destroying important 784 * information. 785 */ 786static int check_corruption(struct ubi_device *ubi, struct ubi_vid_hdr *vid_hdr, 787 int pnum) 788{ 789 int err; 790 791 mutex_lock(&ubi->buf_mutex); 792 memset(ubi->peb_buf1, 0x00, ubi->leb_size); 793 794 err = ubi_io_read(ubi, ubi->peb_buf1, pnum, ubi->leb_start, 795 ubi->leb_size); 796 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) { 797 /* 798 * Bit-flips or integrity errors while reading the data area. 799 * It is difficult to say for sure what type of corruption is 800 * this, but presumably a power cut happened while this PEB was 801 * erased, so it became unstable and corrupted, and should be 802 * erased. 803 */ 804 err = 0; 805 goto out_unlock; 806 } 807 808 if (err) 809 goto out_unlock; 810 811 if (ubi_check_pattern(ubi->peb_buf1, 0xFF, ubi->leb_size)) 812 goto out_unlock; 813 814 ubi_err("PEB %d contains corrupted VID header, and the data does not " 815 "contain all 0xFF, this may be a non-UBI PEB or a severe VID " 816 "header corruption which requires manual inspection", pnum); 817 ubi_dbg_dump_vid_hdr(vid_hdr); 818 dbg_msg("hexdump of PEB %d offset %d, length %d", 819 pnum, ubi->leb_start, ubi->leb_size); 820 ubi_dbg_print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, 821 ubi->peb_buf1, ubi->leb_size, 1); 822 err = 1; 823 824out_unlock: 825 mutex_unlock(&ubi->buf_mutex); 826 return err; 827} 828 829/** 830 * process_eb - read, check UBI headers, and add them to scanning information. 831 * @ubi: UBI device description object 832 * @si: scanning information 833 * @pnum: the physical eraseblock number 834 * 835 * This function returns a zero if the physical eraseblock was successfully 836 * handled and a negative error code in case of failure. 837 */ 838static int process_eb(struct ubi_device *ubi, struct ubi_scan_info *si, 839 int pnum) 840{ 841 long long uninitialized_var(ec); 842 int err, bitflips = 0, vol_id, ec_err = 0; 843 844 dbg_bld("scan PEB %d", pnum); 845 846 /* Skip bad physical eraseblocks */ 847 err = ubi_io_is_bad(ubi, pnum); 848 if (err < 0) 849 return err; 850 else if (err) { 851 /* 852 * FIXME: this is actually duty of the I/O sub-system to 853 * initialize this, but MTD does not provide enough 854 * information. 855 */ 856 si->bad_peb_count += 1; 857 return 0; 858 } 859 860 err = ubi_io_read_ec_hdr(ubi, pnum, ech, 0); 861 if (err < 0) 862 return err; 863 switch (err) { 864 case 0: 865 break; 866 case UBI_IO_BITFLIPS: 867 bitflips = 1; 868 break; 869 case UBI_IO_FF: 870 si->empty_peb_count += 1; 871 return add_to_list(si, pnum, UBI_SCAN_UNKNOWN_EC, 0, 872 &si->erase); 873 case UBI_IO_FF_BITFLIPS: 874 si->empty_peb_count += 1; 875 return add_to_list(si, pnum, UBI_SCAN_UNKNOWN_EC, 1, 876 &si->erase); 877 case UBI_IO_BAD_HDR_EBADMSG: 878 case UBI_IO_BAD_HDR: 879 /* 880 * We have to also look at the VID header, possibly it is not 881 * corrupted. Set %bitflips flag in order to make this PEB be 882 * moved and EC be re-created. 883 */ 884 ec_err = err; 885 ec = UBI_SCAN_UNKNOWN_EC; 886 bitflips = 1; 887 break; 888 default: 889 ubi_err("'ubi_io_read_ec_hdr()' returned unknown code %d", err); 890 return -EINVAL; 891 } 892 893 if (!ec_err) { 894 int image_seq; 895 896 /* Make sure UBI version is OK */ 897 if (ech->version != UBI_VERSION) { 898 ubi_err("this UBI version is %d, image version is %d", 899 UBI_VERSION, (int)ech->version); 900 return -EINVAL; 901 } 902 903 ec = be64_to_cpu(ech->ec); 904 if (ec > UBI_MAX_ERASECOUNTER) { 905 /* 906 * Erase counter overflow. The EC headers have 64 bits 907 * reserved, but we anyway make use of only 31 bit 908 * values, as this seems to be enough for any existing 909 * flash. Upgrade UBI and use 64-bit erase counters 910 * internally. 911 */ 912 ubi_err("erase counter overflow, max is %d", 913 UBI_MAX_ERASECOUNTER); 914 ubi_dbg_dump_ec_hdr(ech); 915 return -EINVAL; 916 } 917 918 /* 919 * Make sure that all PEBs have the same image sequence number. 920 * This allows us to detect situations when users flash UBI 921 * images incorrectly, so that the flash has the new UBI image 922 * and leftovers from the old one. This feature was added 923 * relatively recently, and the sequence number was always 924 * zero, because old UBI implementations always set it to zero. 925 * For this reasons, we do not panic if some PEBs have zero 926 * sequence number, while other PEBs have non-zero sequence 927 * number. 928 */ 929 image_seq = be32_to_cpu(ech->image_seq); 930 if (!ubi->image_seq && image_seq) 931 ubi->image_seq = image_seq; 932 if (ubi->image_seq && image_seq && 933 ubi->image_seq != image_seq) { 934 ubi_err("bad image sequence number %d in PEB %d, " 935 "expected %d", image_seq, pnum, ubi->image_seq); 936 ubi_dbg_dump_ec_hdr(ech); 937 return -EINVAL; 938 } 939 } 940 941 /* OK, we've done with the EC header, let's look at the VID header */ 942 943 err = ubi_io_read_vid_hdr(ubi, pnum, vidh, 0); 944 if (err < 0) 945 return err; 946 switch (err) { 947 case 0: 948 break; 949 case UBI_IO_BITFLIPS: 950 bitflips = 1; 951 break; 952 case UBI_IO_BAD_HDR_EBADMSG: 953 if (ec_err == UBI_IO_BAD_HDR_EBADMSG) 954 /* 955 * Both EC and VID headers are corrupted and were read 956 * with data integrity error, probably this is a bad 957 * PEB, bit it is not marked as bad yet. This may also 958 * be a result of power cut during erasure. 959 */ 960 si->maybe_bad_peb_count += 1; 961 case UBI_IO_BAD_HDR: 962 if (ec_err) 963 /* 964 * Both headers are corrupted. There is a possibility 965 * that this a valid UBI PEB which has corresponding 966 * LEB, but the headers are corrupted. However, it is 967 * impossible to distinguish it from a PEB which just 968 * contains garbage because of a power cut during erase 969 * operation. So we just schedule this PEB for erasure. 970 * 971 * Besides, in case of NOR flash, we deliberately 972 * corrupt both headers because NOR flash erasure is 973 * slow and can start from the end. 974 */ 975 err = 0; 976 else 977 /* 978 * The EC was OK, but the VID header is corrupted. We 979 * have to check what is in the data area. 980 */ 981 err = check_corruption(ubi, vidh, pnum); 982 983 if (err < 0) 984 return err; 985 else if (!err) 986 /* This corruption is caused by a power cut */ 987 err = add_to_list(si, pnum, ec, 1, &si->erase); 988 else 989 /* This is an unexpected corruption */ 990 err = add_corrupted(si, pnum, ec); 991 if (err) 992 return err; 993 goto adjust_mean_ec; 994 case UBI_IO_FF_BITFLIPS: 995 err = add_to_list(si, pnum, ec, 1, &si->erase); 996 if (err) 997 return err; 998 goto adjust_mean_ec; 999 case UBI_IO_FF: 1000 if (ec_err) 1001 err = add_to_list(si, pnum, ec, 1, &si->erase); 1002 else 1003 err = add_to_list(si, pnum, ec, 0, &si->free); 1004 if (err) 1005 return err; 1006 goto adjust_mean_ec; 1007 default: 1008 ubi_err("'ubi_io_read_vid_hdr()' returned unknown code %d", 1009 err); 1010 return -EINVAL; 1011 } 1012 1013 vol_id = be32_to_cpu(vidh->vol_id); 1014 if (vol_id > UBI_MAX_VOLUMES && vol_id != UBI_LAYOUT_VOLUME_ID) { 1015 int lnum = be32_to_cpu(vidh->lnum); 1016 1017 /* Unsupported internal volume */ 1018 switch (vidh->compat) { 1019 case UBI_COMPAT_DELETE: 1020 ubi_msg("\"delete\" compatible internal volume %d:%d" 1021 " found, will remove it", vol_id, lnum); 1022 err = add_to_list(si, pnum, ec, 1, &si->erase); 1023 if (err) 1024 return err; 1025 return 0; 1026 1027 case UBI_COMPAT_RO: 1028 ubi_msg("read-only compatible internal volume %d:%d" 1029 " found, switch to read-only mode", 1030 vol_id, lnum); 1031 ubi->ro_mode = 1; 1032 break; 1033 1034 case UBI_COMPAT_PRESERVE: 1035 ubi_msg("\"preserve\" compatible internal volume %d:%d" 1036 " found", vol_id, lnum); 1037 err = add_to_list(si, pnum, ec, 0, &si->alien); 1038 if (err) 1039 return err; 1040 return 0; 1041 1042 case UBI_COMPAT_REJECT: 1043 ubi_err("incompatible internal volume %d:%d found", 1044 vol_id, lnum); 1045 return -EINVAL; 1046 } 1047 } 1048 1049 if (ec_err) 1050 ubi_warn("valid VID header but corrupted EC header at PEB %d", 1051 pnum); 1052 err = ubi_scan_add_used(ubi, si, pnum, ec, vidh, bitflips); 1053 if (err) 1054 return err; 1055 1056adjust_mean_ec: 1057 if (!ec_err) { 1058 si->ec_sum += ec; 1059 si->ec_count += 1; 1060 if (ec > si->max_ec) 1061 si->max_ec = ec; 1062 if (ec < si->min_ec) 1063 si->min_ec = ec; 1064 } 1065 1066 return 0; 1067} 1068 1069/** 1070 * check_what_we_have - check what PEB were found by scanning. 1071 * @ubi: UBI device description object 1072 * @si: scanning information 1073 * 1074 * This is a helper function which takes a look what PEBs were found by 1075 * scanning, and decides whether the flash is empty and should be formatted and 1076 * whether there are too many corrupted PEBs and we should not attach this 1077 * MTD device. Returns zero if we should proceed with attaching the MTD device, 1078 * and %-EINVAL if we should not. 1079 */ 1080static int check_what_we_have(struct ubi_device *ubi, struct ubi_scan_info *si) 1081{ 1082 struct ubi_scan_leb *seb; 1083 int max_corr, peb_count; 1084 1085 peb_count = ubi->peb_count - si->bad_peb_count - si->alien_peb_count; 1086 max_corr = peb_count / 20 ?: 8; 1087 1088 /* 1089 * Few corrupted PEBs is not a problem and may be just a result of 1090 * unclean reboots. However, many of them may indicate some problems 1091 * with the flash HW or driver. 1092 */ 1093 if (si->corr_peb_count) { 1094 ubi_err("%d PEBs are corrupted and preserved", 1095 si->corr_peb_count); 1096 printk(KERN_ERR "Corrupted PEBs are:"); 1097 list_for_each_entry(seb, &si->corr, u.list) 1098 printk(KERN_CONT " %d", seb->pnum); 1099 printk(KERN_CONT "\n"); 1100 1101 /* 1102 * If too many PEBs are corrupted, we refuse attaching, 1103 * otherwise, only print a warning. 1104 */ 1105 if (si->corr_peb_count >= max_corr) { 1106 ubi_err("too many corrupted PEBs, refusing"); 1107 return -EINVAL; 1108 } 1109 } 1110 1111 if (si->empty_peb_count + si->maybe_bad_peb_count == peb_count) { 1112 /* 1113 * All PEBs are empty, or almost all - a couple PEBs look like 1114 * they may be bad PEBs which were not marked as bad yet. 1115 * 1116 * This piece of code basically tries to distinguish between 1117 * the following situations: 1118 * 1119 * 1. Flash is empty, but there are few bad PEBs, which are not 1120 * marked as bad so far, and which were read with error. We 1121 * want to go ahead and format this flash. While formatting, 1122 * the faulty PEBs will probably be marked as bad. 1123 * 1124 * 2. Flash contains non-UBI data and we do not want to format 1125 * it and destroy possibly important information. 1126 */ 1127 if (si->maybe_bad_peb_count <= 2) { 1128 si->is_empty = 1; 1129 ubi_msg("empty MTD device detected"); 1130 get_random_bytes(&ubi->image_seq, 1131 sizeof(ubi->image_seq)); 1132 } else { 1133 ubi_err("MTD device is not UBI-formatted and possibly " 1134 "contains non-UBI data - refusing it"); 1135 return -EINVAL; 1136 } 1137 1138 } 1139 1140 return 0; 1141} 1142 1143/** 1144 * ubi_scan - scan an MTD device. 1145 * @ubi: UBI device description object 1146 * 1147 * This function does full scanning of an MTD device and returns complete 1148 * information about it. In case of failure, an error code is returned. 1149 */ 1150struct ubi_scan_info *ubi_scan(struct ubi_device *ubi) 1151{ 1152 int err, pnum; 1153 struct rb_node *rb1, *rb2; 1154 struct ubi_scan_volume *sv; 1155 struct ubi_scan_leb *seb; 1156 struct ubi_scan_info *si; 1157 1158 si = kzalloc(sizeof(struct ubi_scan_info), GFP_KERNEL); 1159 if (!si) 1160 return ERR_PTR(-ENOMEM); 1161 1162 INIT_LIST_HEAD(&si->corr); 1163 INIT_LIST_HEAD(&si->free); 1164 INIT_LIST_HEAD(&si->erase); 1165 INIT_LIST_HEAD(&si->alien); 1166 si->volumes = RB_ROOT; 1167 1168 err = -ENOMEM; 1169 si->scan_leb_slab = kmem_cache_create("ubi_scan_leb_slab", 1170 sizeof(struct ubi_scan_leb), 1171 0, 0, NULL); 1172 if (!si->scan_leb_slab) 1173 goto out_si; 1174 1175 ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL); 1176 if (!ech) 1177 goto out_slab; 1178 1179 vidh = ubi_zalloc_vid_hdr(ubi, GFP_KERNEL); 1180 if (!vidh) 1181 goto out_ech; 1182 1183 for (pnum = 0; pnum < ubi->peb_count; pnum++) { 1184 cond_resched(); 1185 1186 dbg_gen("process PEB %d", pnum); 1187 err = process_eb(ubi, si, pnum); 1188 if (err < 0) 1189 goto out_vidh; 1190 } 1191 1192 dbg_msg("scanning is finished"); 1193 1194 /* Calculate mean erase counter */ 1195 if (si->ec_count) 1196 si->mean_ec = div_u64(si->ec_sum, si->ec_count); 1197 1198 err = check_what_we_have(ubi, si); 1199 if (err) 1200 goto out_vidh; 1201 1202 /* 1203 * In case of unknown erase counter we use the mean erase counter 1204 * value. 1205 */ 1206 ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) { 1207 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) 1208 if (seb->ec == UBI_SCAN_UNKNOWN_EC) 1209 seb->ec = si->mean_ec; 1210 } 1211 1212 list_for_each_entry(seb, &si->free, u.list) { 1213 if (seb->ec == UBI_SCAN_UNKNOWN_EC) 1214 seb->ec = si->mean_ec; 1215 } 1216 1217 list_for_each_entry(seb, &si->corr, u.list) 1218 if (seb->ec == UBI_SCAN_UNKNOWN_EC) 1219 seb->ec = si->mean_ec; 1220 1221 list_for_each_entry(seb, &si->erase, u.list) 1222 if (seb->ec == UBI_SCAN_UNKNOWN_EC) 1223 seb->ec = si->mean_ec; 1224 1225 err = paranoid_check_si(ubi, si); 1226 if (err) 1227 goto out_vidh; 1228 1229 ubi_free_vid_hdr(ubi, vidh); 1230 kfree(ech); 1231 1232 return si; 1233 1234out_vidh: 1235 ubi_free_vid_hdr(ubi, vidh); 1236out_ech: 1237 kfree(ech); 1238out_slab: 1239 kmem_cache_destroy(si->scan_leb_slab); 1240out_si: 1241 ubi_scan_destroy_si(si); 1242 return ERR_PTR(err); 1243} 1244 1245/** 1246 * destroy_sv - free the scanning volume information 1247 * @sv: scanning volume information 1248 * @si: scanning information 1249 * 1250 * This function destroys the volume RB-tree (@sv->root) and the scanning 1251 * volume information. 1252 */ 1253static void destroy_sv(struct ubi_scan_info *si, struct ubi_scan_volume *sv) 1254{ 1255 struct ubi_scan_leb *seb; 1256 struct rb_node *this = sv->root.rb_node; 1257 1258 while (this) { 1259 if (this->rb_left) 1260 this = this->rb_left; 1261 else if (this->rb_right) 1262 this = this->rb_right; 1263 else { 1264 seb = rb_entry(this, struct ubi_scan_leb, u.rb); 1265 this = rb_parent(this); 1266 if (this) { 1267 if (this->rb_left == &seb->u.rb) 1268 this->rb_left = NULL; 1269 else 1270 this->rb_right = NULL; 1271 } 1272 1273 kmem_cache_free(si->scan_leb_slab, seb); 1274 } 1275 } 1276 kfree(sv); 1277} 1278 1279/** 1280 * ubi_scan_destroy_si - destroy scanning information. 1281 * @si: scanning information 1282 */ 1283void ubi_scan_destroy_si(struct ubi_scan_info *si) 1284{ 1285 struct ubi_scan_leb *seb, *seb_tmp; 1286 struct ubi_scan_volume *sv; 1287 struct rb_node *rb; 1288 1289 list_for_each_entry_safe(seb, seb_tmp, &si->alien, u.list) { 1290 list_del(&seb->u.list); 1291 kmem_cache_free(si->scan_leb_slab, seb); 1292 } 1293 list_for_each_entry_safe(seb, seb_tmp, &si->erase, u.list) { 1294 list_del(&seb->u.list); 1295 kmem_cache_free(si->scan_leb_slab, seb); 1296 } 1297 list_for_each_entry_safe(seb, seb_tmp, &si->corr, u.list) { 1298 list_del(&seb->u.list); 1299 kmem_cache_free(si->scan_leb_slab, seb); 1300 } 1301 list_for_each_entry_safe(seb, seb_tmp, &si->free, u.list) { 1302 list_del(&seb->u.list); 1303 kmem_cache_free(si->scan_leb_slab, seb); 1304 } 1305 1306 /* Destroy the volume RB-tree */ 1307 rb = si->volumes.rb_node; 1308 while (rb) { 1309 if (rb->rb_left) 1310 rb = rb->rb_left; 1311 else if (rb->rb_right) 1312 rb = rb->rb_right; 1313 else { 1314 sv = rb_entry(rb, struct ubi_scan_volume, rb); 1315 1316 rb = rb_parent(rb); 1317 if (rb) { 1318 if (rb->rb_left == &sv->rb) 1319 rb->rb_left = NULL; 1320 else 1321 rb->rb_right = NULL; 1322 } 1323 1324 destroy_sv(si, sv); 1325 } 1326 } 1327 1328 kmem_cache_destroy(si->scan_leb_slab); 1329 kfree(si); 1330} 1331 1332#ifdef CONFIG_MTD_UBI_DEBUG 1333 1334/** 1335 * paranoid_check_si - check the scanning information. 1336 * @ubi: UBI device description object 1337 * @si: scanning information 1338 * 1339 * This function returns zero if the scanning information is all right, and a 1340 * negative error code if not or if an error occurred. 1341 */ 1342static int paranoid_check_si(struct ubi_device *ubi, struct ubi_scan_info *si) 1343{ 1344 int pnum, err, vols_found = 0; 1345 struct rb_node *rb1, *rb2; 1346 struct ubi_scan_volume *sv; 1347 struct ubi_scan_leb *seb, *last_seb; 1348 uint8_t *buf; 1349 1350 if (!ubi->dbg->chk_gen) 1351 return 0; 1352 1353 /* 1354 * At first, check that scanning information is OK. 1355 */ 1356 ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) { 1357 int leb_count = 0; 1358 1359 cond_resched(); 1360 1361 vols_found += 1; 1362 1363 if (si->is_empty) { 1364 ubi_err("bad is_empty flag"); 1365 goto bad_sv; 1366 } 1367 1368 if (sv->vol_id < 0 || sv->highest_lnum < 0 || 1369 sv->leb_count < 0 || sv->vol_type < 0 || sv->used_ebs < 0 || 1370 sv->data_pad < 0 || sv->last_data_size < 0) { 1371 ubi_err("negative values"); 1372 goto bad_sv; 1373 } 1374 1375 if (sv->vol_id >= UBI_MAX_VOLUMES && 1376 sv->vol_id < UBI_INTERNAL_VOL_START) { 1377 ubi_err("bad vol_id"); 1378 goto bad_sv; 1379 } 1380 1381 if (sv->vol_id > si->highest_vol_id) { 1382 ubi_err("highest_vol_id is %d, but vol_id %d is there", 1383 si->highest_vol_id, sv->vol_id); 1384 goto out; 1385 } 1386 1387 if (sv->vol_type != UBI_DYNAMIC_VOLUME && 1388 sv->vol_type != UBI_STATIC_VOLUME) { 1389 ubi_err("bad vol_type"); 1390 goto bad_sv; 1391 } 1392 1393 if (sv->data_pad > ubi->leb_size / 2) { 1394 ubi_err("bad data_pad"); 1395 goto bad_sv; 1396 } 1397 1398 last_seb = NULL; 1399 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) { 1400 cond_resched(); 1401 1402 last_seb = seb; 1403 leb_count += 1; 1404 1405 if (seb->pnum < 0 || seb->ec < 0) { 1406 ubi_err("negative values"); 1407 goto bad_seb; 1408 } 1409 1410 if (seb->ec < si->min_ec) { 1411 ubi_err("bad si->min_ec (%d), %d found", 1412 si->min_ec, seb->ec); 1413 goto bad_seb; 1414 } 1415 1416 if (seb->ec > si->max_ec) { 1417 ubi_err("bad si->max_ec (%d), %d found", 1418 si->max_ec, seb->ec); 1419 goto bad_seb; 1420 } 1421 1422 if (seb->pnum >= ubi->peb_count) { 1423 ubi_err("too high PEB number %d, total PEBs %d", 1424 seb->pnum, ubi->peb_count); 1425 goto bad_seb; 1426 } 1427 1428 if (sv->vol_type == UBI_STATIC_VOLUME) { 1429 if (seb->lnum >= sv->used_ebs) { 1430 ubi_err("bad lnum or used_ebs"); 1431 goto bad_seb; 1432 } 1433 } else { 1434 if (sv->used_ebs != 0) { 1435 ubi_err("non-zero used_ebs"); 1436 goto bad_seb; 1437 } 1438 } 1439 1440 if (seb->lnum > sv->highest_lnum) { 1441 ubi_err("incorrect highest_lnum or lnum"); 1442 goto bad_seb; 1443 } 1444 } 1445 1446 if (sv->leb_count != leb_count) { 1447 ubi_err("bad leb_count, %d objects in the tree", 1448 leb_count); 1449 goto bad_sv; 1450 } 1451 1452 if (!last_seb) 1453 continue; 1454 1455 seb = last_seb; 1456 1457 if (seb->lnum != sv->highest_lnum) { 1458 ubi_err("bad highest_lnum"); 1459 goto bad_seb; 1460 } 1461 } 1462 1463 if (vols_found != si->vols_found) { 1464 ubi_err("bad si->vols_found %d, should be %d", 1465 si->vols_found, vols_found); 1466 goto out; 1467 } 1468 1469 /* Check that scanning information is correct */ 1470 ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) { 1471 last_seb = NULL; 1472 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) { 1473 int vol_type; 1474 1475 cond_resched(); 1476 1477 last_seb = seb; 1478 1479 err = ubi_io_read_vid_hdr(ubi, seb->pnum, vidh, 1); 1480 if (err && err != UBI_IO_BITFLIPS) { 1481 ubi_err("VID header is not OK (%d)", err); 1482 if (err > 0) 1483 err = -EIO; 1484 return err; 1485 } 1486 1487 vol_type = vidh->vol_type == UBI_VID_DYNAMIC ? 1488 UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME; 1489 if (sv->vol_type != vol_type) { 1490 ubi_err("bad vol_type"); 1491 goto bad_vid_hdr; 1492 } 1493 1494 if (seb->sqnum != be64_to_cpu(vidh->sqnum)) { 1495 ubi_err("bad sqnum %llu", seb->sqnum); 1496 goto bad_vid_hdr; 1497 } 1498 1499 if (sv->vol_id != be32_to_cpu(vidh->vol_id)) { 1500 ubi_err("bad vol_id %d", sv->vol_id); 1501 goto bad_vid_hdr; 1502 } 1503 1504 if (sv->compat != vidh->compat) { 1505 ubi_err("bad compat %d", vidh->compat); 1506 goto bad_vid_hdr; 1507 } 1508 1509 if (seb->lnum != be32_to_cpu(vidh->lnum)) { 1510 ubi_err("bad lnum %d", seb->lnum); 1511 goto bad_vid_hdr; 1512 } 1513 1514 if (sv->used_ebs != be32_to_cpu(vidh->used_ebs)) { 1515 ubi_err("bad used_ebs %d", sv->used_ebs); 1516 goto bad_vid_hdr; 1517 } 1518 1519 if (sv->data_pad != be32_to_cpu(vidh->data_pad)) { 1520 ubi_err("bad data_pad %d", sv->data_pad); 1521 goto bad_vid_hdr; 1522 } 1523 } 1524 1525 if (!last_seb) 1526 continue; 1527 1528 if (sv->highest_lnum != be32_to_cpu(vidh->lnum)) { 1529 ubi_err("bad highest_lnum %d", sv->highest_lnum); 1530 goto bad_vid_hdr; 1531 } 1532 1533 if (sv->last_data_size != be32_to_cpu(vidh->data_size)) { 1534 ubi_err("bad last_data_size %d", sv->last_data_size); 1535 goto bad_vid_hdr; 1536 } 1537 } 1538 1539 /* 1540 * Make sure that all the physical eraseblocks are in one of the lists 1541 * or trees. 1542 */ 1543 buf = kzalloc(ubi->peb_count, GFP_KERNEL); 1544 if (!buf) 1545 return -ENOMEM; 1546 1547 for (pnum = 0; pnum < ubi->peb_count; pnum++) { 1548 err = ubi_io_is_bad(ubi, pnum); 1549 if (err < 0) { 1550 kfree(buf); 1551 return err; 1552 } else if (err) 1553 buf[pnum] = 1; 1554 } 1555 1556 ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) 1557 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) 1558 buf[seb->pnum] = 1; 1559 1560 list_for_each_entry(seb, &si->free, u.list) 1561 buf[seb->pnum] = 1; 1562 1563 list_for_each_entry(seb, &si->corr, u.list) 1564 buf[seb->pnum] = 1; 1565 1566 list_for_each_entry(seb, &si->erase, u.list) 1567 buf[seb->pnum] = 1; 1568 1569 list_for_each_entry(seb, &si->alien, u.list) 1570 buf[seb->pnum] = 1; 1571 1572 err = 0; 1573 for (pnum = 0; pnum < ubi->peb_count; pnum++) 1574 if (!buf[pnum]) { 1575 ubi_err("PEB %d is not referred", pnum); 1576 err = 1; 1577 } 1578 1579 kfree(buf); 1580 if (err) 1581 goto out; 1582 return 0; 1583 1584bad_seb: 1585 ubi_err("bad scanning information about LEB %d", seb->lnum); 1586 ubi_dbg_dump_seb(seb, 0); 1587 ubi_dbg_dump_sv(sv); 1588 goto out; 1589 1590bad_sv: 1591 ubi_err("bad scanning information about volume %d", sv->vol_id); 1592 ubi_dbg_dump_sv(sv); 1593 goto out; 1594 1595bad_vid_hdr: 1596 ubi_err("bad scanning information about volume %d", sv->vol_id); 1597 ubi_dbg_dump_sv(sv); 1598 ubi_dbg_dump_vid_hdr(vidh); 1599 1600out: 1601 ubi_dbg_dump_stack(); 1602 return -EINVAL; 1603} 1604 1605#endif /* CONFIG_MTD_UBI_DEBUG */ 1606