1/*
   2 * Copyright (c) International Business Machines Corp., 2006
   3 * Copyright (c) Nokia Corporation, 2006, 2007
   4 *
   5 * This program is free software; you can redistribute it and/or modify
   6 * it under the terms of the GNU General Public License as published by
   7 * the Free Software Foundation; either version 2 of the License, or
   8 * (at your option) any later version.
   9 *
  10 * This program is distributed in the hope that it will be useful,
  11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
  13 * the GNU General Public License for more details.
  14 *
  15 * You should have received a copy of the GNU General Public License
  16 * along with this program; if not, write to the Free Software
  17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  18 *
  19 * Author: Artem Bityutskiy (Битюцкий Артём)
  20 */
  21
  22/*
  23 * UBI input/output sub-system.
  24 *
  25 * This sub-system provides a uniform way to work with all kinds of the
  26 * underlying MTD devices. It also implements handy functions for reading and
  27 * writing UBI headers.
  28 *
  29 * We are trying to have a paranoid mindset and not to trust to what we read
  30 * from the flash media in order to be more secure and robust. So this
  31 * sub-system validates every single header it reads from the flash media.
  32 *
  33 * Some words about how the eraseblock headers are stored.
  34 *
  35 * The erase counter header is always stored at offset zero. By default, the
  36 * VID header is stored after the EC header at the closest aligned offset
  37 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
  38 * header at the closest aligned offset. But this default layout may be
  39 * changed. For example, for different reasons (e.g., optimization) UBI may be
  40 * asked to put the VID header at further offset, and even at an unaligned
  41 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
  42 * proper padding in front of it. Data offset may also be changed but it has to
  43 * be aligned.
  44 *
  45 * About minimal I/O units. In general, UBI assumes flash device model where
  46 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
  47 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
  48 * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
  49 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
  50 * to do different optimizations.
  51 *
  52 * This is extremely useful in case of NAND flashes which admit of several
  53 * write operations to one NAND page. In this case UBI can fit EC and VID
  54 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
  55 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
  56 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
  57 * users.
  58 *
  59 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
  60 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
  61 * headers.
  62 *
  63 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
  64 * device, e.g., make @ubi->min_io_size = 512 in the example above?
  65 *
  66 * A: because when writing a sub-page, MTD still writes a full 2K page but the
  67 * bytes which are not relevant to the sub-page are 0xFF. So, basically,
  68 * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page.
  69 * Thus, we prefer to use sub-pages only for EC and VID headers.
  70 *
  71 * As it was noted above, the VID header may start at a non-aligned offset.
  72 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
  73 * the VID header may reside at offset 1984 which is the last 64 bytes of the
  74 * last sub-page (EC header is always at offset zero). This causes some
  75 * difficulties when reading and writing VID headers.
  76 *
  77 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
  78 * the data and want to write this VID header out. As we can only write in
  79 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
  80 * to offset 448 of this buffer.
  81 *
  82 * The I/O sub-system does the following trick in order to avoid this extra
  83 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
  84 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
  85 * When the VID header is being written out, it shifts the VID header pointer
  86 * back and writes the whole sub-page.
  87 */
  88
  89#include <linux/crc32.h>
  90#include <linux/err.h>
  91#include <linux/slab.h>
  92#include "ubi.h"
  93
  94#ifdef CONFIG_MTD_UBI_DEBUG
  95static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum);
  96static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
  97static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
  98				 const struct ubi_ec_hdr *ec_hdr);
  99static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
 100static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
 101				  const struct ubi_vid_hdr *vid_hdr);
 102#else
 103#define paranoid_check_not_bad(ubi, pnum) 0
 104#define paranoid_check_peb_ec_hdr(ubi, pnum)  0
 105#define paranoid_check_ec_hdr(ubi, pnum, ec_hdr)  0
 106#define paranoid_check_peb_vid_hdr(ubi, pnum) 0
 107#define paranoid_check_vid_hdr(ubi, pnum, vid_hdr) 0
 108#endif
 109
 110/**
 111 * ubi_io_read - read data from a physical eraseblock.
 112 * @ubi: UBI device description object
 113 * @buf: buffer where to store the read data
 114 * @pnum: physical eraseblock number to read from
 115 * @offset: offset within the physical eraseblock from where to read
 116 * @len: how many bytes to read
 117 *
 118 * This function reads data from offset @offset of physical eraseblock @pnum
 119 * and stores the read data in the @buf buffer. The following return codes are
 120 * possible:
 121 *
 122 * o %0 if all the requested data were successfully read;
 123 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
 124 *   correctable bit-flips were detected; this is harmless but may indicate
 125 *   that this eraseblock may become bad soon (but do not have to);
 126 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
 127 *   example it can be an ECC error in case of NAND; this most probably means
 128 *   that the data is corrupted;
 129 * o %-EIO if some I/O error occurred;
 130 * o other negative error codes in case of other errors.
 131 */
 132int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
 133		int len)
 134{
 135	int err, retries = 0;
 136	size_t read;
 137	loff_t addr;
 138
 139	dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
 140
 141	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 142	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
 143	ubi_assert(len > 0);
 144
 145	err = paranoid_check_not_bad(ubi, pnum);
 146	if (err)
 147		return err;
 148
 149	/*
 150	 * Deliberately corrupt the buffer to improve robustness. Indeed, if we
 151	 * do not do this, the following may happen:
 152	 * 1. The buffer contains data from previous operation, e.g., read from
 153	 *    another PEB previously. The data looks like expected, e.g., if we
 154	 *    just do not read anything and return - the caller would not
 155	 *    notice this. E.g., if we are reading a VID header, the buffer may
 156	 *    contain a valid VID header from another PEB.
 157	 * 2. The driver is buggy and returns us success or -EBADMSG or
 158	 *    -EUCLEAN, but it does not actually put any data to the buffer.
 159	 *
 160	 * This may confuse UBI or upper layers - they may think the buffer
 161	 * contains valid data while in fact it is just old data. This is
 162	 * especially possible because UBI (and UBIFS) relies on CRC, and
 163	 * treats data as correct even in case of ECC errors if the CRC is
 164	 * correct.
 165	 *
 166	 * Try to prevent this situation by changing the first byte of the
 167	 * buffer.
 168	 */
 169	*((uint8_t *)buf) ^= 0xFF;
 170
 171	addr = (loff_t)pnum * ubi->peb_size + offset;
 172retry:
 173	err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
 174	if (err) {
 175		const char *errstr = (err == -EBADMSG) ? " (ECC error)" : "";
 176
 177		if (err == -EUCLEAN) {
 178			/*
 179			 * -EUCLEAN is reported if there was a bit-flip which
 180			 * was corrected, so this is harmless.
 181			 *
 182			 * We do not report about it here unless debugging is
 183			 * enabled. A corresponding message will be printed
 184			 * later, when it is has been scrubbed.
 185			 */
 186			dbg_msg("fixable bit-flip detected at PEB %d", pnum);
 187			ubi_assert(len == read);
 188			return UBI_IO_BITFLIPS;
 189		}
 190
 191		if (retries++ < UBI_IO_RETRIES) {
 192			dbg_io("error %d%s while reading %d bytes from PEB "
 193			       "%d:%d, read only %zd bytes, retry",
 194			       err, errstr, len, pnum, offset, read);
 195			yield();
 196			goto retry;
 197		}
 198
 199		ubi_err("error %d%s while reading %d bytes from PEB %d:%d, "
 200			"read %zd bytes", err, errstr, len, pnum, offset, read);
 201		ubi_dbg_dump_stack();
 202
 203		/*
 204		 * The driver should never return -EBADMSG if it failed to read
 205		 * all the requested data. But some buggy drivers might do
 206		 * this, so we change it to -EIO.
 207		 */
 208		if (read != len && err == -EBADMSG) {
 209			ubi_assert(0);
 210			err = -EIO;
 211		}
 212	} else {
 213		ubi_assert(len == read);
 214
 215		if (ubi_dbg_is_bitflip(ubi)) {
 216			dbg_gen("bit-flip (emulated)");
 217			err = UBI_IO_BITFLIPS;
 218		}
 219	}
 220
 221	return err;
 222}
 223
 224/**
 225 * ubi_io_write - write data to a physical eraseblock.
 226 * @ubi: UBI device description object
 227 * @buf: buffer with the data to write
 228 * @pnum: physical eraseblock number to write to
 229 * @offset: offset within the physical eraseblock where to write
 230 * @len: how many bytes to write
 231 *
 232 * This function writes @len bytes of data from buffer @buf to offset @offset
 233 * of physical eraseblock @pnum. If all the data were successfully written,
 234 * zero is returned. If an error occurred, this function returns a negative
 235 * error code. If %-EIO is returned, the physical eraseblock most probably went
 236 * bad.
 237 *
 238 * Note, in case of an error, it is possible that something was still written
 239 * to the flash media, but may be some garbage.
 240 */
 241int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
 242		 int len)
 243{
 244	int err;
 245	size_t written;
 246	loff_t addr;
 247
 248	dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
 249
 250	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 251	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
 252	ubi_assert(offset % ubi->hdrs_min_io_size == 0);
 253	ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
 254
 255	if (ubi->ro_mode) {
 256		ubi_err("read-only mode");
 257		return -EROFS;
 258	}
 259
 260	/* The below has to be compiled out if paranoid checks are disabled */
 261
 262	err = paranoid_check_not_bad(ubi, pnum);
 263	if (err)
 264		return err;
 265
 266	/* The area we are writing to has to contain all 0xFF bytes */
 267	err = ubi_dbg_check_all_ff(ubi, pnum, offset, len);
 268	if (err)
 269		return err;
 270
 271	if (offset >= ubi->leb_start) {
 272		/*
 273		 * We write to the data area of the physical eraseblock. Make
 274		 * sure it has valid EC and VID headers.
 275		 */
 276		err = paranoid_check_peb_ec_hdr(ubi, pnum);
 277		if (err)
 278			return err;
 279		err = paranoid_check_peb_vid_hdr(ubi, pnum);
 280		if (err)
 281			return err;
 282	}
 283
 284	if (ubi_dbg_is_write_failure(ubi)) {
 285		dbg_err("cannot write %d bytes to PEB %d:%d "
 286			"(emulated)", len, pnum, offset);
 287		ubi_dbg_dump_stack();
 288		return -EIO;
 289	}
 290
 291	addr = (loff_t)pnum * ubi->peb_size + offset;
 292	err = ubi->mtd->write(ubi->mtd, addr, len, &written, buf);
 293	if (err) {
 294		ubi_err("error %d while writing %d bytes to PEB %d:%d, written "
 295			"%zd bytes", err, len, pnum, offset, written);
 296		ubi_dbg_dump_stack();
 297		ubi_dbg_dump_flash(ubi, pnum, offset, len);
 298	} else
 299		ubi_assert(written == len);
 300
 301	if (!err) {
 302		err = ubi_dbg_check_write(ubi, buf, pnum, offset, len);
 303		if (err)
 304			return err;
 305
 306		/*
 307		 * Since we always write sequentially, the rest of the PEB has
 308		 * to contain only 0xFF bytes.
 309		 */
 310		offset += len;
 311		len = ubi->peb_size - offset;
 312		if (len)
 313			err = ubi_dbg_check_all_ff(ubi, pnum, offset, len);
 314	}
 315
 316	return err;
 317}
 318
 319/**
 320 * erase_callback - MTD erasure call-back.
 321 * @ei: MTD erase information object.
 322 *
 323 * Note, even though MTD erase interface is asynchronous, all the current
 324 * implementations are synchronous anyway.
 325 */
 326static void erase_callback(struct erase_info *ei)
 327{
 328	wake_up_interruptible((wait_queue_head_t *)ei->priv);
 329}
 330
 331/**
 332 * do_sync_erase - synchronously erase a physical eraseblock.
 333 * @ubi: UBI device description object
 334 * @pnum: the physical eraseblock number to erase
 335 *
 336 * This function synchronously erases physical eraseblock @pnum and returns
 337 * zero in case of success and a negative error code in case of failure. If
 338 * %-EIO is returned, the physical eraseblock most probably went bad.
 339 */
 340static int do_sync_erase(struct ubi_device *ubi, int pnum)
 341{
 342	int err, retries = 0;
 343	struct erase_info ei;
 344	wait_queue_head_t wq;
 345
 346	dbg_io("erase PEB %d", pnum);
 347	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 348
 349	if (ubi->ro_mode) {
 350		ubi_err("read-only mode");
 351		return -EROFS;
 352	}
 353
 354retry:
 355	init_waitqueue_head(&wq);
 356	memset(&ei, 0, sizeof(struct erase_info));
 357
 358	ei.mtd      = ubi->mtd;
 359	ei.addr     = (loff_t)pnum * ubi->peb_size;
 360	ei.len      = ubi->peb_size;
 361	ei.callback = erase_callback;
 362	ei.priv     = (unsigned long)&wq;
 363
 364	err = ubi->mtd->erase(ubi->mtd, &ei);
 365	if (err) {
 366		if (retries++ < UBI_IO_RETRIES) {
 367			dbg_io("error %d while erasing PEB %d, retry",
 368			       err, pnum);
 369			yield();
 370			goto retry;
 371		}
 372		ubi_err("cannot erase PEB %d, error %d", pnum, err);
 373		ubi_dbg_dump_stack();
 374		return err;
 375	}
 376
 377	err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
 378					   ei.state == MTD_ERASE_FAILED);
 379	if (err) {
 380		ubi_err("interrupted PEB %d erasure", pnum);
 381		return -EINTR;
 382	}
 383
 384	if (ei.state == MTD_ERASE_FAILED) {
 385		if (retries++ < UBI_IO_RETRIES) {
 386			dbg_io("error while erasing PEB %d, retry", pnum);
 387			yield();
 388			goto retry;
 389		}
 390		ubi_err("cannot erase PEB %d", pnum);
 391		ubi_dbg_dump_stack();
 392		return -EIO;
 393	}
 394
 395	err = ubi_dbg_check_all_ff(ubi, pnum, 0, ubi->peb_size);
 396	if (err)
 397		return err;
 398
 399	if (ubi_dbg_is_erase_failure(ubi)) {
 400		dbg_err("cannot erase PEB %d (emulated)", pnum);
 401		return -EIO;
 402	}
 403
 404	return 0;
 405}
 406
 407/* Patterns to write to a physical eraseblock when torturing it */
 408static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
 409
 410/**
 411 * torture_peb - test a supposedly bad physical eraseblock.
 412 * @ubi: UBI device description object
 413 * @pnum: the physical eraseblock number to test
 414 *
 415 * This function returns %-EIO if the physical eraseblock did not pass the
 416 * test, a positive number of erase operations done if the test was
 417 * successfully passed, and other negative error codes in case of other errors.
 418 */
 419static int torture_peb(struct ubi_device *ubi, int pnum)
 420{
 421	int err, i, patt_count;
 422
 423	ubi_msg("run torture test for PEB %d", pnum);
 424	patt_count = ARRAY_SIZE(patterns);
 425	ubi_assert(patt_count > 0);
 426
 427	mutex_lock(&ubi->buf_mutex);
 428	for (i = 0; i < patt_count; i++) {
 429		err = do_sync_erase(ubi, pnum);
 430		if (err)
 431			goto out;
 432
 433		/* Make sure the PEB contains only 0xFF bytes */
 434		err = ubi_io_read(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
 435		if (err)
 436			goto out;
 437
 438		err = ubi_check_pattern(ubi->peb_buf1, 0xFF, ubi->peb_size);
 439		if (err == 0) {
 440			ubi_err("erased PEB %d, but a non-0xFF byte found",
 441				pnum);
 442			err = -EIO;
 443			goto out;
 444		}
 445
 446		/* Write a pattern and check it */
 447		memset(ubi->peb_buf1, patterns[i], ubi->peb_size);
 448		err = ubi_io_write(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
 449		if (err)
 450			goto out;
 451
 452		memset(ubi->peb_buf1, ~patterns[i], ubi->peb_size);
 453		err = ubi_io_read(ubi, ubi->peb_buf1, pnum, 0, ubi->peb_size);
 454		if (err)
 455			goto out;
 456
 457		err = ubi_check_pattern(ubi->peb_buf1, patterns[i],
 458					ubi->peb_size);
 459		if (err == 0) {
 460			ubi_err("pattern %x checking failed for PEB %d",
 461				patterns[i], pnum);
 462			err = -EIO;
 463			goto out;
 464		}
 465	}
 466
 467	err = patt_count;
 468	ubi_msg("PEB %d passed torture test, do not mark it as bad", pnum);
 469
 470out:
 471	mutex_unlock(&ubi->buf_mutex);
 472	if (err == UBI_IO_BITFLIPS || err == -EBADMSG) {
 473		/*
 474		 * If a bit-flip or data integrity error was detected, the test
 475		 * has not passed because it happened on a freshly erased
 476		 * physical eraseblock which means something is wrong with it.
 477		 */
 478		ubi_err("read problems on freshly erased PEB %d, must be bad",
 479			pnum);
 480		err = -EIO;
 481	}
 482	return err;
 483}
 484
 485/**
 486 * nor_erase_prepare - prepare a NOR flash PEB for erasure.
 487 * @ubi: UBI device description object
 488 * @pnum: physical eraseblock number to prepare
 489 *
 490 * NOR flash, or at least some of them, have peculiar embedded PEB erasure
 491 * algorithm: the PEB is first filled with zeroes, then it is erased. And
 492 * filling with zeroes starts from the end of the PEB. This was observed with
 493 * Spansion S29GL512N NOR flash.
 494 *
 495 * This means that in case of a power cut we may end up with intact data at the
 496 * beginning of the PEB, and all zeroes at the end of PEB. In other words, the
 497 * EC and VID headers are OK, but a large chunk of data at the end of PEB is
 498 * zeroed. This makes UBI mistakenly treat this PEB as used and associate it
 499 * with an LEB, which leads to subsequent failures (e.g., UBIFS fails).
 500 *
 501 * This function is called before erasing NOR PEBs and it zeroes out EC and VID
 502 * magic numbers in order to invalidate them and prevent the failures. Returns
 503 * zero in case of success and a negative error code in case of failure.
 504 */
 505static int nor_erase_prepare(struct ubi_device *ubi, int pnum)
 506{
 507	int err, err1;
 508	size_t written;
 509	loff_t addr;
 510	uint32_t data = 0;
 511	/*
 512	 * Note, we cannot generally define VID header buffers on stack,
 513	 * because of the way we deal with these buffers (see the header
 514	 * comment in this file). But we know this is a NOR-specific piece of
 515	 * code, so we can do this. But yes, this is error-prone and we should
 516	 * (pre-)allocate VID header buffer instead.
 517	 */
 518	struct ubi_vid_hdr vid_hdr;
 519
 520	/*
 521	 * It is important to first invalidate the EC header, and then the VID
 522	 * header. Otherwise a power cut may lead to valid EC header and
 523	 * invalid VID header, in which case UBI will treat this PEB as
 524	 * corrupted and will try to preserve it, and print scary warnings (see
 525	 * the header comment in scan.c for more information).
 526	 */
 527	addr = (loff_t)pnum * ubi->peb_size;
 528	err = ubi->mtd->write(ubi->mtd, addr, 4, &written, (void *)&data);
 529	if (!err) {
 530		addr += ubi->vid_hdr_aloffset;
 531		err = ubi->mtd->write(ubi->mtd, addr, 4, &written,
 532				      (void *)&data);
 533		if (!err)
 534			return 0;
 535	}
 536
 537	/*
 538	 * We failed to write to the media. This was observed with Spansion
 539	 * S29GL512N NOR flash. Most probably the previously eraseblock erasure
 540	 * was interrupted at a very inappropriate moment, so it became
 541	 * unwritable. In this case we probably anyway have garbage in this
 542	 * PEB.
 543	 */
 544	err1 = ubi_io_read_vid_hdr(ubi, pnum, &vid_hdr, 0);
 545	if (err1 == UBI_IO_BAD_HDR_EBADMSG || err1 == UBI_IO_BAD_HDR ||
 546	    err1 == UBI_IO_FF) {
 547		struct ubi_ec_hdr ec_hdr;
 548
 549		err1 = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0);
 550		if (err1 == UBI_IO_BAD_HDR_EBADMSG || err1 == UBI_IO_BAD_HDR ||
 551		    err1 == UBI_IO_FF)
 552			/*
 553			 * Both VID and EC headers are corrupted, so we can
 554			 * safely erase this PEB and not afraid that it will be
 555			 * treated as a valid PEB in case of an unclean reboot.
 556			 */
 557			return 0;
 558	}
 559
 560	/*
 561	 * The PEB contains a valid VID header, but we cannot invalidate it.
 562	 * Supposedly the flash media or the driver is screwed up, so return an
 563	 * error.
 564	 */
 565	ubi_err("cannot invalidate PEB %d, write returned %d read returned %d",
 566		pnum, err, err1);
 567	ubi_dbg_dump_flash(ubi, pnum, 0, ubi->peb_size);
 568	return -EIO;
 569}
 570
 571/**
 572 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
 573 * @ubi: UBI device description object
 574 * @pnum: physical eraseblock number to erase
 575 * @torture: if this physical eraseblock has to be tortured
 576 *
 577 * This function synchronously erases physical eraseblock @pnum. If @torture
 578 * flag is not zero, the physical eraseblock is checked by means of writing
 579 * different patterns to it and reading them back. If the torturing is enabled,
 580 * the physical eraseblock is erased more than once.
 581 *
 582 * This function returns the number of erasures made in case of success, %-EIO
 583 * if the erasure failed or the torturing test failed, and other negative error
 584 * codes in case of other errors. Note, %-EIO means that the physical
 585 * eraseblock is bad.
 586 */
 587int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
 588{
 589	int err, ret = 0;
 590
 591	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 592
 593	err = paranoid_check_not_bad(ubi, pnum);
 594	if (err != 0)
 595		return err;
 596
 597	if (ubi->ro_mode) {
 598		ubi_err("read-only mode");
 599		return -EROFS;
 600	}
 601
 602	if (ubi->nor_flash) {
 603		err = nor_erase_prepare(ubi, pnum);
 604		if (err)
 605			return err;
 606	}
 607
 608	if (torture) {
 609		ret = torture_peb(ubi, pnum);
 610		if (ret < 0)
 611			return ret;
 612	}
 613
 614	err = do_sync_erase(ubi, pnum);
 615	if (err)
 616		return err;
 617
 618	return ret + 1;
 619}
 620
 621/**
 622 * ubi_io_is_bad - check if a physical eraseblock is bad.
 623 * @ubi: UBI device description object
 624 * @pnum: the physical eraseblock number to check
 625 *
 626 * This function returns a positive number if the physical eraseblock is bad,
 627 * zero if not, and a negative error code if an error occurred.
 628 */
 629int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
 630{
 631	struct mtd_info *mtd = ubi->mtd;
 632
 633	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 634
 635	if (ubi->bad_allowed) {
 636		int ret;
 637
 638		ret = mtd->block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
 639		if (ret < 0)
 640			ubi_err("error %d while checking if PEB %d is bad",
 641				ret, pnum);
 642		else if (ret)
 643			dbg_io("PEB %d is bad", pnum);
 644		return ret;
 645	}
 646
 647	return 0;
 648}
 649
 650/**
 651 * ubi_io_mark_bad - mark a physical eraseblock as bad.
 652 * @ubi: UBI device description object
 653 * @pnum: the physical eraseblock number to mark
 654 *
 655 * This function returns zero in case of success and a negative error code in
 656 * case of failure.
 657 */
 658int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
 659{
 660	int err;
 661	struct mtd_info *mtd = ubi->mtd;
 662
 663	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 664
 665	if (ubi->ro_mode) {
 666		ubi_err("read-only mode");
 667		return -EROFS;
 668	}
 669
 670	if (!ubi->bad_allowed)
 671		return 0;
 672
 673	err = mtd->block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
 674	if (err)
 675		ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
 676	return err;
 677}
 678
 679/**
 680 * validate_ec_hdr - validate an erase counter header.
 681 * @ubi: UBI device description object
 682 * @ec_hdr: the erase counter header to check
 683 *
 684 * This function returns zero if the erase counter header is OK, and %1 if
 685 * not.
 686 */
 687static int validate_ec_hdr(const struct ubi_device *ubi,
 688			   const struct ubi_ec_hdr *ec_hdr)
 689{
 690	long long ec;
 691	int vid_hdr_offset, leb_start;
 692
 693	ec = be64_to_cpu(ec_hdr->ec);
 694	vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
 695	leb_start = be32_to_cpu(ec_hdr->data_offset);
 696
 697	if (ec_hdr->version != UBI_VERSION) {
 698		ubi_err("node with incompatible UBI version found: "
 699			"this UBI version is %d, image version is %d",
 700			UBI_VERSION, (int)ec_hdr->version);
 701		goto bad;
 702	}
 703
 704	if (vid_hdr_offset != ubi->vid_hdr_offset) {
 705		ubi_err("bad VID header offset %d, expected %d",
 706			vid_hdr_offset, ubi->vid_hdr_offset);
 707		goto bad;
 708	}
 709
 710	if (leb_start != ubi->leb_start) {
 711		ubi_err("bad data offset %d, expected %d",
 712			leb_start, ubi->leb_start);
 713		goto bad;
 714	}
 715
 716	if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
 717		ubi_err("bad erase counter %lld", ec);
 718		goto bad;
 719	}
 720
 721	return 0;
 722
 723bad:
 724	ubi_err("bad EC header");
 725	ubi_dbg_dump_ec_hdr(ec_hdr);
 726	ubi_dbg_dump_stack();
 727	return 1;
 728}
 729
 730/**
 731 * ubi_io_read_ec_hdr - read and check an erase counter header.
 732 * @ubi: UBI device description object
 733 * @pnum: physical eraseblock to read from
 734 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
 735 * header
 736 * @verbose: be verbose if the header is corrupted or was not found
 737 *
 738 * This function reads erase counter header from physical eraseblock @pnum and
 739 * stores it in @ec_hdr. This function also checks CRC checksum of the read
 740 * erase counter header. The following codes may be returned:
 741 *
 742 * o %0 if the CRC checksum is correct and the header was successfully read;
 743 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
 744 *   and corrected by the flash driver; this is harmless but may indicate that
 745 *   this eraseblock may become bad soon (but may be not);
 746 * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error);
 747 * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was
 748 *   a data integrity error (uncorrectable ECC error in case of NAND);
 749 * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty)
 750 * o a negative error code in case of failure.
 751 */
 752int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
 753		       struct ubi_ec_hdr *ec_hdr, int verbose)
 754{
 755	int err, read_err;
 756	uint32_t crc, magic, hdr_crc;
 757
 758	dbg_io("read EC header from PEB %d", pnum);
 759	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 760
 761	read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
 762	if (read_err) {
 763		if (read_err != UBI_IO_BITFLIPS && read_err != -EBADMSG)
 764			return read_err;
 765
 766		/*
 767		 * We read all the data, but either a correctable bit-flip
 768		 * occurred, or MTD reported a data integrity error
 769		 * (uncorrectable ECC error in case of NAND). The former is
 770		 * harmless, the later may mean that the read data is
 771		 * corrupted. But we have a CRC check-sum and we will detect
 772		 * this. If the EC header is still OK, we just report this as
 773		 * there was a bit-flip, to force scrubbing.
 774		 */
 775	}
 776
 777	magic = be32_to_cpu(ec_hdr->magic);
 778	if (magic != UBI_EC_HDR_MAGIC) {
 779		if (read_err == -EBADMSG)
 780			return UBI_IO_BAD_HDR_EBADMSG;
 781
 782		/*
 783		 * The magic field is wrong. Let's check if we have read all
 784		 * 0xFF. If yes, this physical eraseblock is assumed to be
 785		 * empty.
 786		 */
 787		if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
 788			/* The physical eraseblock is supposedly empty */
 789			if (verbose)
 790				ubi_warn("no EC header found at PEB %d, "
 791					 "only 0xFF bytes", pnum);
 792			dbg_bld("no EC header found at PEB %d, "
 793				"only 0xFF bytes", pnum);
 794			if (!read_err)
 795				return UBI_IO_FF;
 796			else
 797				return UBI_IO_FF_BITFLIPS;
 798		}
 799
 800		/*
 801		 * This is not a valid erase counter header, and these are not
 802		 * 0xFF bytes. Report that the header is corrupted.
 803		 */
 804		if (verbose) {
 805			ubi_warn("bad magic number at PEB %d: %08x instead of "
 806				 "%08x", pnum, magic, UBI_EC_HDR_MAGIC);
 807			ubi_dbg_dump_ec_hdr(ec_hdr);
 808		}
 809		dbg_bld("bad magic number at PEB %d: %08x instead of "
 810			"%08x", pnum, magic, UBI_EC_HDR_MAGIC);
 811		return UBI_IO_BAD_HDR;
 812	}
 813
 814	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
 815	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
 816
 817	if (hdr_crc != crc) {
 818		if (verbose) {
 819			ubi_warn("bad EC header CRC at PEB %d, calculated "
 820				 "%#08x, read %#08x", pnum, crc, hdr_crc);
 821			ubi_dbg_dump_ec_hdr(ec_hdr);
 822		}
 823		dbg_bld("bad EC header CRC at PEB %d, calculated "
 824			"%#08x, read %#08x", pnum, crc, hdr_crc);
 825
 826		if (!read_err)
 827			return UBI_IO_BAD_HDR;
 828		else
 829			return UBI_IO_BAD_HDR_EBADMSG;
 830	}
 831
 832	/* And of course validate what has just been read from the media */
 833	err = validate_ec_hdr(ubi, ec_hdr);
 834	if (err) {
 835		ubi_err("validation failed for PEB %d", pnum);
 836		return -EINVAL;
 837	}
 838
 839	/*
 840	 * If there was %-EBADMSG, but the header CRC is still OK, report about
 841	 * a bit-flip to force scrubbing on this PEB.
 842	 */
 843	return read_err ? UBI_IO_BITFLIPS : 0;
 844}
 845
 846/**
 847 * ubi_io_write_ec_hdr - write an erase counter header.
 848 * @ubi: UBI device description object
 849 * @pnum: physical eraseblock to write to
 850 * @ec_hdr: the erase counter header to write
 851 *
 852 * This function writes erase counter header described by @ec_hdr to physical
 853 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
 854 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
 855 * field.
 856 *
 857 * This function returns zero in case of success and a negative error code in
 858 * case of failure. If %-EIO is returned, the physical eraseblock most probably
 859 * went bad.
 860 */
 861int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
 862			struct ubi_ec_hdr *ec_hdr)
 863{
 864	int err;
 865	uint32_t crc;
 866
 867	dbg_io("write EC header to PEB %d", pnum);
 868	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
 869
 870	ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
 871	ec_hdr->version = UBI_VERSION;
 872	ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
 873	ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
 874	ec_hdr->image_seq = cpu_to_be32(ubi->image_seq);
 875	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
 876	ec_hdr->hdr_crc = cpu_to_be32(crc);
 877
 878	err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
 879	if (err)
 880		return err;
 881
 882	err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
 883	return err;
 884}
 885
 886/**
 887 * validate_vid_hdr - validate a volume identifier header.
 888 * @ubi: UBI device description object
 889 * @vid_hdr: the volume identifier header to check
 890 *
 891 * This function checks that data stored in the volume identifier header
 892 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
 893 */
 894static int validate_vid_hdr(const struct ubi_device *ubi,
 895			    const struct ubi_vid_hdr *vid_hdr)
 896{
 897	int vol_type = vid_hdr->vol_type;
 898	int copy_flag = vid_hdr->copy_flag;
 899	int vol_id = be32_to_cpu(vid_hdr->vol_id);
 900	int lnum = be32_to_cpu(vid_hdr->lnum);
 901	int compat = vid_hdr->compat;
 902	int data_size = be32_to_cpu(vid_hdr->data_size);
 903	int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
 904	int data_pad = be32_to_cpu(vid_hdr->data_pad);
 905	int data_crc = be32_to_cpu(vid_hdr->data_crc);
 906	int usable_leb_size = ubi->leb_size - data_pad;
 907
 908	if (copy_flag != 0 && copy_flag != 1) {
 909		dbg_err("bad copy_flag");
 910		goto bad;
 911	}
 912
 913	if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
 914	    data_pad < 0) {
 915		dbg_err("negative values");
 916		goto bad;
 917	}
 918
 919	if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
 920		dbg_err("bad vol_id");
 921		goto bad;
 922	}
 923
 924	if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
 925		dbg_err("bad compat");
 926		goto bad;
 927	}
 928
 929	if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
 930	    compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
 931	    compat != UBI_COMPAT_REJECT) {
 932		dbg_err("bad compat");
 933		goto bad;
 934	}
 935
 936	if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
 937		dbg_err("bad vol_type");
 938		goto bad;
 939	}
 940
 941	if (data_pad >= ubi->leb_size / 2) {
 942		dbg_err("bad data_pad");
 943		goto bad;
 944	}
 945
 946	if (vol_type == UBI_VID_STATIC) {
 947		/*
 948		 * Although from high-level point of view static volumes may
 949		 * contain zero bytes of data, but no VID headers can contain
 950		 * zero at these fields, because they empty volumes do not have
 951		 * mapped logical eraseblocks.
 952		 */
 953		if (used_ebs == 0) {
 954			dbg_err("zero used_ebs");
 955			goto bad;
 956		}
 957		if (data_size == 0) {
 958			dbg_err("zero data_size");
 959			goto bad;
 960		}
 961		if (lnum < used_ebs - 1) {
 962			if (data_size != usable_leb_size) {
 963				dbg_err("bad data_size");
 964				goto bad;
 965			}
 966		} else if (lnum == used_ebs - 1) {
 967			if (data_size == 0) {
 968				dbg_err("bad data_size at last LEB");
 969				goto bad;
 970			}
 971		} else {
 972			dbg_err("too high lnum");
 973			goto bad;
 974		}
 975	} else {
 976		if (copy_flag == 0) {
 977			if (data_crc != 0) {
 978				dbg_err("non-zero data CRC");
 979				goto bad;
 980			}
 981			if (data_size != 0) {
 982				dbg_err("non-zero data_size");
 983				goto bad;
 984			}
 985		} else {
 986			if (data_size == 0) {
 987				dbg_err("zero data_size of copy");
 988				goto bad;
 989			}
 990		}
 991		if (used_ebs != 0) {
 992			dbg_err("bad used_ebs");
 993			goto bad;
 994		}
 995	}
 996
 997	return 0;
 998
 999bad:
1000	ubi_err("bad VID header");
1001	ubi_dbg_dump_vid_hdr(vid_hdr);
1002	ubi_dbg_dump_stack();
1003	return 1;
1004}
1005
1006/**
1007 * ubi_io_read_vid_hdr - read and check a volume identifier header.
1008 * @ubi: UBI device description object
1009 * @pnum: physical eraseblock number to read from
1010 * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
1011 * identifier header
1012 * @verbose: be verbose if the header is corrupted or wasn't found
1013 *
1014 * This function reads the volume identifier header from physical eraseblock
1015 * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
1016 * volume identifier header. The error codes are the same as in
1017 * 'ubi_io_read_ec_hdr()'.
1018 *
1019 * Note, the implementation of this function is also very similar to
1020 * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'.
1021 */
1022int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
1023			struct ubi_vid_hdr *vid_hdr, int verbose)
1024{
1025	int err, read_err;
1026	uint32_t crc, magic, hdr_crc;
1027	void *p;
1028
1029	dbg_io("read VID header from PEB %d", pnum);
1030	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1031
1032	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1033	read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1034			  ubi->vid_hdr_alsize);
1035	if (read_err && read_err != UBI_IO_BITFLIPS && read_err != -EBADMSG)
1036		return read_err;
1037
1038	magic = be32_to_cpu(vid_hdr->magic);
1039	if (magic != UBI_VID_HDR_MAGIC) {
1040		if (read_err == -EBADMSG)
1041			return UBI_IO_BAD_HDR_EBADMSG;
1042
1043		if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
1044			if (verbose)
1045				ubi_warn("no VID header found at PEB %d, "
1046					 "only 0xFF bytes", pnum);
1047			dbg_bld("no VID header found at PEB %d, "
1048				"only 0xFF bytes", pnum);
1049			if (!read_err)
1050				return UBI_IO_FF;
1051			else
1052				return UBI_IO_FF_BITFLIPS;
1053		}
1054
1055		if (verbose) {
1056			ubi_warn("bad magic number at PEB %d: %08x instead of "
1057				 "%08x", pnum, magic, UBI_VID_HDR_MAGIC);
1058			ubi_dbg_dump_vid_hdr(vid_hdr);
1059		}
1060		dbg_bld("bad magic number at PEB %d: %08x instead of "
1061			"%08x", pnum, magic, UBI_VID_HDR_MAGIC);
1062		return UBI_IO_BAD_HDR;
1063	}
1064
1065	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1066	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1067
1068	if (hdr_crc != crc) {
1069		if (verbose) {
1070			ubi_warn("bad CRC at PEB %d, calculated %#08x, "
1071				 "read %#08x", pnum, crc, hdr_crc);
1072			ubi_dbg_dump_vid_hdr(vid_hdr);
1073		}
1074		dbg_bld("bad CRC at PEB %d, calculated %#08x, "
1075			"read %#08x", pnum, crc, hdr_crc);
1076		if (!read_err)
1077			return UBI_IO_BAD_HDR;
1078		else
1079			return UBI_IO_BAD_HDR_EBADMSG;
1080	}
1081
1082	err = validate_vid_hdr(ubi, vid_hdr);
1083	if (err) {
1084		ubi_err("validation failed for PEB %d", pnum);
1085		return -EINVAL;
1086	}
1087
1088	return read_err ? UBI_IO_BITFLIPS : 0;
1089}
1090
1091/**
1092 * ubi_io_write_vid_hdr - write a volume identifier header.
1093 * @ubi: UBI device description object
1094 * @pnum: the physical eraseblock number to write to
1095 * @vid_hdr: the volume identifier header to write
1096 *
1097 * This function writes the volume identifier header described by @vid_hdr to
1098 * physical eraseblock @pnum. This function automatically fills the
1099 * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
1100 * header CRC checksum and stores it at vid_hdr->hdr_crc.
1101 *
1102 * This function returns zero in case of success and a negative error code in
1103 * case of failure. If %-EIO is returned, the physical eraseblock probably went
1104 * bad.
1105 */
1106int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1107			 struct ubi_vid_hdr *vid_hdr)
1108{
1109	int err;
1110	uint32_t crc;
1111	void *p;
1112
1113	dbg_io("write VID header to PEB %d", pnum);
1114	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1115
1116	err = paranoid_check_peb_ec_hdr(ubi, pnum);
1117	if (err)
1118		return err;
1119
1120	vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1121	vid_hdr->version = UBI_VERSION;
1122	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1123	vid_hdr->hdr_crc = cpu_to_be32(crc);
1124
1125	err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1126	if (err)
1127		return err;
1128
1129	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1130	err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1131			   ubi->vid_hdr_alsize);
1132	return err;
1133}
1134
1135#ifdef CONFIG_MTD_UBI_DEBUG
1136
1137/**
1138 * paranoid_check_not_bad - ensure that a physical eraseblock is not bad.
1139 * @ubi: UBI device description object
1140 * @pnum: physical eraseblock number to check
1141 *
1142 * This function returns zero if the physical eraseblock is good, %-EINVAL if
1143 * it is bad and a negative error code if an error occurred.
1144 */
1145static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum)
1146{
1147	int err;
1148
1149	if (!ubi->dbg->chk_io)
1150		return 0;
1151
1152	err = ubi_io_is_bad(ubi, pnum);
1153	if (!err)
1154		return err;
1155
1156	ubi_err("paranoid check failed for PEB %d", pnum);
1157	ubi_dbg_dump_stack();
1158	return err > 0 ? -EINVAL : err;
1159}
1160
1161/**
1162 * paranoid_check_ec_hdr - check if an erase counter header is all right.
1163 * @ubi: UBI device description object
1164 * @pnum: physical eraseblock number the erase counter header belongs to
1165 * @ec_hdr: the erase counter header to check
1166 *
1167 * This function returns zero if the erase counter header contains valid
1168 * values, and %-EINVAL if not.
1169 */
1170static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1171				 const struct ubi_ec_hdr *ec_hdr)
1172{
1173	int err;
1174	uint32_t magic;
1175
1176	if (!ubi->dbg->chk_io)
1177		return 0;
1178
1179	magic = be32_to_cpu(ec_hdr->magic);
1180	if (magic != UBI_EC_HDR_MAGIC) {
1181		ubi_err("bad magic %#08x, must be %#08x",
1182			magic, UBI_EC_HDR_MAGIC);
1183		goto fail;
1184	}
1185
1186	err = validate_ec_hdr(ubi, ec_hdr);
1187	if (err) {
1188		ubi_err("paranoid check failed for PEB %d", pnum);
1189		goto fail;
1190	}
1191
1192	return 0;
1193
1194fail:
1195	ubi_dbg_dump_ec_hdr(ec_hdr);
1196	ubi_dbg_dump_stack();
1197	return -EINVAL;
1198}
1199
1200/**
1201 * paranoid_check_peb_ec_hdr - check erase counter header.
1202 * @ubi: UBI device description object
1203 * @pnum: the physical eraseblock number to check
1204 *
1205 * This function returns zero if the erase counter header is all right and and
1206 * a negative error code if not or if an error occurred.
1207 */
1208static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1209{
1210	int err;
1211	uint32_t crc, hdr_crc;
1212	struct ubi_ec_hdr *ec_hdr;
1213
1214	if (!ubi->dbg->chk_io)
1215		return 0;
1216
1217	ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1218	if (!ec_hdr)
1219		return -ENOMEM;
1220
1221	err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1222	if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1223		goto exit;
1224
1225	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1226	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1227	if (hdr_crc != crc) {
1228		ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1229		ubi_err("paranoid check failed for PEB %d", pnum);
1230		ubi_dbg_dump_ec_hdr(ec_hdr);
1231		ubi_dbg_dump_stack();
1232		err = -EINVAL;
1233		goto exit;
1234	}
1235
1236	err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
1237
1238exit:
1239	kfree(ec_hdr);
1240	return err;
1241}
1242
1243/**
1244 * paranoid_check_vid_hdr - check that a volume identifier header is all right.
1245 * @ubi: UBI device description object
1246 * @pnum: physical eraseblock number the volume identifier header belongs to
1247 * @vid_hdr: the volume identifier header to check
1248 *
1249 * This function returns zero if the volume identifier header is all right, and
1250 * %-EINVAL if not.
1251 */
1252static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1253				  const struct ubi_vid_hdr *vid_hdr)
1254{
1255	int err;
1256	uint32_t magic;
1257
1258	if (!ubi->dbg->chk_io)
1259		return 0;
1260
1261	magic = be32_to_cpu(vid_hdr->magic);
1262	if (magic != UBI_VID_HDR_MAGIC) {
1263		ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1264			magic, pnum, UBI_VID_HDR_MAGIC);
1265		goto fail;
1266	}
1267
1268	err = validate_vid_hdr(ubi, vid_hdr);
1269	if (err) {
1270		ubi_err("paranoid check failed for PEB %d", pnum);
1271		goto fail;
1272	}
1273
1274	return err;
1275
1276fail:
1277	ubi_err("paranoid check failed for PEB %d", pnum);
1278	ubi_dbg_dump_vid_hdr(vid_hdr);
1279	ubi_dbg_dump_stack();
1280	return -EINVAL;
1281
1282}
1283
1284/**
1285 * paranoid_check_peb_vid_hdr - check volume identifier header.
1286 * @ubi: UBI device description object
1287 * @pnum: the physical eraseblock number to check
1288 *
1289 * This function returns zero if the volume identifier header is all right,
1290 * and a negative error code if not or if an error occurred.
1291 */
1292static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1293{
1294	int err;
1295	uint32_t crc, hdr_crc;
1296	struct ubi_vid_hdr *vid_hdr;
1297	void *p;
1298
1299	if (!ubi->dbg->chk_io)
1300		return 0;
1301
1302	vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1303	if (!vid_hdr)
1304		return -ENOMEM;
1305
1306	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1307	err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1308			  ubi->vid_hdr_alsize);
1309	if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1310		goto exit;
1311
1312	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1313	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1314	if (hdr_crc != crc) {
1315		ubi_err("bad VID header CRC at PEB %d, calculated %#08x, "
1316			"read %#08x", pnum, crc, hdr_crc);
1317		ubi_err("paranoid check failed for PEB %d", pnum);
1318		ubi_dbg_dump_vid_hdr(vid_hdr);
1319		ubi_dbg_dump_stack();
1320		err = -EINVAL;
1321		goto exit;
1322	}
1323
1324	err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1325
1326exit:
1327	ubi_free_vid_hdr(ubi, vid_hdr);
1328	return err;
1329}
1330
1331/**
1332 * ubi_dbg_check_write - make sure write succeeded.
1333 * @ubi: UBI device description object
1334 * @buf: buffer with data which were written
1335 * @pnum: physical eraseblock number the data were written to
1336 * @offset: offset within the physical eraseblock the data were written to
1337 * @len: how many bytes were written
1338 *
1339 * This functions reads data which were recently written and compares it with
1340 * the original data buffer - the data have to match. Returns zero if the data
1341 * match and a negative error code if not or in case of failure.
1342 */
1343int ubi_dbg_check_write(struct ubi_device *ubi, const void *buf, int pnum,
1344			int offset, int len)
1345{
1346	int err, i;
1347	size_t read;
1348	void *buf1;
1349	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1350
1351	if (!ubi->dbg->chk_io)
1352		return 0;
1353
1354	buf1 = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1355	if (!buf1) {
1356		ubi_err("cannot allocate memory to check writes");
1357		return 0;
1358	}
1359
1360	err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf1);
1361	if (err && err != -EUCLEAN)
1362		goto out_free;
1363
1364	for (i = 0; i < len; i++) {
1365		uint8_t c = ((uint8_t *)buf)[i];
1366		uint8_t c1 = ((uint8_t *)buf1)[i];
1367		int dump_len;
1368
1369		if (c == c1)
1370			continue;
1371
1372		ubi_err("paranoid check failed for PEB %d:%d, len %d",
1373			pnum, offset, len);
1374		ubi_msg("data differ at position %d", i);
1375		dump_len = max_t(int, 128, len - i);
1376		ubi_msg("hex dump of the original buffer from %d to %d",
1377			i, i + dump_len);
1378		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1379			       buf + i, dump_len, 1);
1380		ubi_msg("hex dump of the read buffer from %d to %d",
1381			i, i + dump_len);
1382		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1383			       buf1 + i, dump_len, 1);
1384		ubi_dbg_dump_stack();
1385		err = -EINVAL;
1386		goto out_free;
1387	}
1388
1389	vfree(buf1);
1390	return 0;
1391
1392out_free:
1393	vfree(buf1);
1394	return err;
1395}
1396
1397/**
1398 * ubi_dbg_check_all_ff - check that a region of flash is empty.
1399 * @ubi: UBI device description object
1400 * @pnum: the physical eraseblock number to check
1401 * @offset: the starting offset within the physical eraseblock to check
1402 * @len: the length of the region to check
1403 *
1404 * This function returns zero if only 0xFF bytes are present at offset
1405 * @offset of the physical eraseblock @pnum, and a negative error code if not
1406 * or if an error occurred.
1407 */
1408int ubi_dbg_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len)
1409{
1410	size_t read;
1411	int err;
1412	void *buf;
1413	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1414
1415	if (!ubi->dbg->chk_io)
1416		return 0;
1417
1418	buf = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1419	if (!buf) {
1420		ubi_err("cannot allocate memory to check for 0xFFs");
1421		return 0;
1422	}
1423
1424	err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
1425	if (err && err != -EUCLEAN) {
1426		ubi_err("error %d while reading %d bytes from PEB %d:%d, "
1427			"read %zd bytes", err, len, pnum, offset, read);
1428		goto error;
1429	}
1430
1431	err = ubi_check_pattern(buf, 0xFF, len);
1432	if (err == 0) {
1433		ubi_err("flash region at PEB %d:%d, length %d does not "
1434			"contain all 0xFF bytes", pnum, offset, len);
1435		goto fail;
1436	}
1437
1438	vfree(buf);
1439	return 0;
1440
1441fail:
1442	ubi_err("paranoid check failed for PEB %d", pnum);
1443	ubi_msg("hex dump of the %d-%d region", offset, offset + len);
1444	print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1);
1445	err = -EINVAL;
1446error:
1447	ubi_dbg_dump_stack();
1448	vfree(buf);
1449	return err;
1450}
1451
1452#endif /* CONFIG_MTD_UBI_DEBUG */