1// SPDX-License-Identifier: GPL-2.0-or-later
   2/*
   3 * Copyright (c) International Business Machines Corp., 2006
   4 * Copyright (c) Nokia Corporation, 2006, 2007
   5 *
   6 * Author: Artem Bityutskiy (Битюцкий Артём)
   7 */
   8
   9/*
  10 * UBI input/output sub-system.
  11 *
  12 * This sub-system provides a uniform way to work with all kinds of the
  13 * underlying MTD devices. It also implements handy functions for reading and
  14 * writing UBI headers.
  15 *
  16 * We are trying to have a paranoid mindset and not to trust to what we read
  17 * from the flash media in order to be more secure and robust. So this
  18 * sub-system validates every single header it reads from the flash media.
  19 *
  20 * Some words about how the eraseblock headers are stored.
  21 *
  22 * The erase counter header is always stored at offset zero. By default, the
  23 * VID header is stored after the EC header at the closest aligned offset
  24 * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
  25 * header at the closest aligned offset. But this default layout may be
  26 * changed. For example, for different reasons (e.g., optimization) UBI may be
  27 * asked to put the VID header at further offset, and even at an unaligned
  28 * offset. Of course, if the offset of the VID header is unaligned, UBI adds
  29 * proper padding in front of it. Data offset may also be changed but it has to
  30 * be aligned.
  31 *
  32 * About minimal I/O units. In general, UBI assumes flash device model where
  33 * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
  34 * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
  35 * @ubi->mtd->writesize field. But as an exception, UBI admits use of another
  36 * (smaller) minimal I/O unit size for EC and VID headers to make it possible
  37 * to do different optimizations.
  38 *
  39 * This is extremely useful in case of NAND flashes which admit of several
  40 * write operations to one NAND page. In this case UBI can fit EC and VID
  41 * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
  42 * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
  43 * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
  44 * users.
  45 *
  46 * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
  47 * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
  48 * headers.
  49 *
  50 * Q: why not just to treat sub-page as a minimal I/O unit of this flash
  51 * device, e.g., make @ubi->min_io_size = 512 in the example above?
  52 *
  53 * A: because when writing a sub-page, MTD still writes a full 2K page but the
  54 * bytes which are not relevant to the sub-page are 0xFF. So, basically,
  55 * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page.
  56 * Thus, we prefer to use sub-pages only for EC and VID headers.
  57 *
  58 * As it was noted above, the VID header may start at a non-aligned offset.
  59 * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
  60 * the VID header may reside at offset 1984 which is the last 64 bytes of the
  61 * last sub-page (EC header is always at offset zero). This causes some
  62 * difficulties when reading and writing VID headers.
  63 *
  64 * Suppose we have a 64-byte buffer and we read a VID header at it. We change
  65 * the data and want to write this VID header out. As we can only write in
  66 * 512-byte chunks, we have to allocate one more buffer and copy our VID header
  67 * to offset 448 of this buffer.
  68 *
  69 * The I/O sub-system does the following trick in order to avoid this extra
  70 * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
  71 * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
  72 * When the VID header is being written out, it shifts the VID header pointer
  73 * back and writes the whole sub-page.
  74 */
  75
  76#include <linux/crc32.h>
  77#include <linux/err.h>
  78#include <linux/slab.h>
  79#include "ubi.h"
  80
  81static int self_check_not_bad(const struct ubi_device *ubi, int pnum);
  82static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
  83static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
  84			     const struct ubi_ec_hdr *ec_hdr);
  85static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
  86static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
  87			      const struct ubi_vid_hdr *vid_hdr);
  88static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
  89			    int offset, int len);
  90
  91/**
  92 * ubi_io_read - read data from a physical eraseblock.
  93 * @ubi: UBI device description object
  94 * @buf: buffer where to store the read data
  95 * @pnum: physical eraseblock number to read from
  96 * @offset: offset within the physical eraseblock from where to read
  97 * @len: how many bytes to read
  98 *
  99 * This function reads data from offset @offset of physical eraseblock @pnum
 100 * and stores the read data in the @buf buffer. The following return codes are
 101 * possible:
 102 *
 103 * o %0 if all the requested data were successfully read;
 104 * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
 105 *   correctable bit-flips were detected; this is harmless but may indicate
 106 *   that this eraseblock may become bad soon (but do not have to);
 107 * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
 108 *   example it can be an ECC error in case of NAND; this most probably means
 109 *   that the data is corrupted;
 110 * o %-EIO if some I/O error occurred;
 111 * o other negative error codes in case of other errors.
 112 */
 113int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
 114		int len)
 115{
 116	int err, retries = 0;
 117	size_t read;
 118	loff_t addr;
 119
 120	dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
 121
 122	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 123	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
 124	ubi_assert(len > 0);
 125
 126	err = self_check_not_bad(ubi, pnum);
 127	if (err)
 128		return err;
 129
 130	/*
 131	 * Deliberately corrupt the buffer to improve robustness. Indeed, if we
 132	 * do not do this, the following may happen:
 133	 * 1. The buffer contains data from previous operation, e.g., read from
 134	 *    another PEB previously. The data looks like expected, e.g., if we
 135	 *    just do not read anything and return - the caller would not
 136	 *    notice this. E.g., if we are reading a VID header, the buffer may
 137	 *    contain a valid VID header from another PEB.
 138	 * 2. The driver is buggy and returns us success or -EBADMSG or
 139	 *    -EUCLEAN, but it does not actually put any data to the buffer.
 140	 *
 141	 * This may confuse UBI or upper layers - they may think the buffer
 142	 * contains valid data while in fact it is just old data. This is
 143	 * especially possible because UBI (and UBIFS) relies on CRC, and
 144	 * treats data as correct even in case of ECC errors if the CRC is
 145	 * correct.
 146	 *
 147	 * Try to prevent this situation by changing the first byte of the
 148	 * buffer.
 149	 */
 150	*((uint8_t *)buf) ^= 0xFF;
 151
 152	addr = (loff_t)pnum * ubi->peb_size + offset;
 153retry:
 154	err = mtd_read(ubi->mtd, addr, len, &read, buf);
 155	if (err) {
 156		const char *errstr = mtd_is_eccerr(err) ? " (ECC error)" : "";
 157
 158		if (mtd_is_bitflip(err)) {
 159			/*
 160			 * -EUCLEAN is reported if there was a bit-flip which
 161			 * was corrected, so this is harmless.
 162			 *
 163			 * We do not report about it here unless debugging is
 164			 * enabled. A corresponding message will be printed
 165			 * later, when it is has been scrubbed.
 166			 */
 167			ubi_msg(ubi, "fixable bit-flip detected at PEB %d",
 168				pnum);
 169			ubi_assert(len == read);
 170			return UBI_IO_BITFLIPS;
 171		}
 172
 173		if (retries++ < UBI_IO_RETRIES) {
 174			ubi_warn(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read only %zd bytes, retry",
 175				 err, errstr, len, pnum, offset, read);
 176			yield();
 177			goto retry;
 178		}
 179
 180		ubi_err(ubi, "error %d%s while reading %d bytes from PEB %d:%d, read %zd bytes",
 181			err, errstr, len, pnum, offset, read);
 182		dump_stack();
 183
 184		/*
 185		 * The driver should never return -EBADMSG if it failed to read
 186		 * all the requested data. But some buggy drivers might do
 187		 * this, so we change it to -EIO.
 188		 */
 189		if (read != len && mtd_is_eccerr(err)) {
 190			ubi_assert(0);
 191			err = -EIO;
 192		}
 193	} else {
 194		ubi_assert(len == read);
 195
 196		if (ubi_dbg_is_bitflip(ubi)) {
 197			dbg_gen("bit-flip (emulated)");
 198			return UBI_IO_BITFLIPS;
 199		}
 200
 201		if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE)) {
 202			ubi_warn(ubi, "cannot read %d bytes from PEB %d:%d (emulated)",
 203				 len, pnum, offset);
 204			return -EIO;
 205		}
 206
 207		if (ubi_dbg_is_eccerr(ubi)) {
 208			ubi_warn(ubi, "ECC error (emulated) while reading %d bytes from PEB %d:%d, read %zd bytes",
 209				 len, pnum, offset, read);
 210			return -EBADMSG;
 211		}
 212	}
 213
 214	return err;
 215}
 216
 217/**
 218 * ubi_io_write - write data to a physical eraseblock.
 219 * @ubi: UBI device description object
 220 * @buf: buffer with the data to write
 221 * @pnum: physical eraseblock number to write to
 222 * @offset: offset within the physical eraseblock where to write
 223 * @len: how many bytes to write
 224 *
 225 * This function writes @len bytes of data from buffer @buf to offset @offset
 226 * of physical eraseblock @pnum. If all the data were successfully written,
 227 * zero is returned. If an error occurred, this function returns a negative
 228 * error code. If %-EIO is returned, the physical eraseblock most probably went
 229 * bad.
 230 *
 231 * Note, in case of an error, it is possible that something was still written
 232 * to the flash media, but may be some garbage.
 233 */
 234int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
 235		 int len)
 236{
 237	int err;
 238	size_t written;
 239	loff_t addr;
 240
 241	dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
 242
 243	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 244	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
 245	ubi_assert(offset % ubi->hdrs_min_io_size == 0);
 246	ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
 247
 248	if (ubi->ro_mode) {
 249		ubi_err(ubi, "read-only mode");
 250		return -EROFS;
 251	}
 252
 253	err = self_check_not_bad(ubi, pnum);
 254	if (err)
 255		return err;
 256
 257	/* The area we are writing to has to contain all 0xFF bytes */
 258	err = ubi_self_check_all_ff(ubi, pnum, offset, len);
 259	if (err)
 260		return err;
 261
 262	if (offset >= ubi->leb_start) {
 263		/*
 264		 * We write to the data area of the physical eraseblock. Make
 265		 * sure it has valid EC and VID headers.
 266		 */
 267		err = self_check_peb_ec_hdr(ubi, pnum);
 268		if (err)
 269			return err;
 270		err = self_check_peb_vid_hdr(ubi, pnum);
 271		if (err)
 272			return err;
 273	}
 274
 275	if (ubi_dbg_is_write_failure(ubi)) {
 276		ubi_err(ubi, "cannot write %d bytes to PEB %d:%d (emulated)",
 277			len, pnum, offset);
 278		dump_stack();
 279		return -EIO;
 280	}
 281
 282	addr = (loff_t)pnum * ubi->peb_size + offset;
 283	err = mtd_write(ubi->mtd, addr, len, &written, buf);
 284	if (err) {
 285		ubi_err(ubi, "error %d while writing %d bytes to PEB %d:%d, written %zd bytes",
 286			err, len, pnum, offset, written);
 287		dump_stack();
 288		ubi_dump_flash(ubi, pnum, offset, len);
 289	} else
 290		ubi_assert(written == len);
 291
 292	if (!err) {
 293		err = self_check_write(ubi, buf, pnum, offset, len);
 294		if (err)
 295			return err;
 296
 297		/*
 298		 * Since we always write sequentially, the rest of the PEB has
 299		 * to contain only 0xFF bytes.
 300		 */
 301		offset += len;
 302		len = ubi->peb_size - offset;
 303		if (len)
 304			err = ubi_self_check_all_ff(ubi, pnum, offset, len);
 305	}
 306
 307	return err;
 308}
 309
 310/**
 311 * do_sync_erase - synchronously erase a physical eraseblock.
 312 * @ubi: UBI device description object
 313 * @pnum: the physical eraseblock number to erase
 314 *
 315 * This function synchronously erases physical eraseblock @pnum and returns
 316 * zero in case of success and a negative error code in case of failure. If
 317 * %-EIO is returned, the physical eraseblock most probably went bad.
 318 */
 319static int do_sync_erase(struct ubi_device *ubi, int pnum)
 320{
 321	int err, retries = 0;
 322	struct erase_info ei;
 323
 324	dbg_io("erase PEB %d", pnum);
 325	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 326
 327	if (ubi->ro_mode) {
 328		ubi_err(ubi, "read-only mode");
 329		return -EROFS;
 330	}
 331
 332retry:
 333	memset(&ei, 0, sizeof(struct erase_info));
 334
 335	ei.addr     = (loff_t)pnum * ubi->peb_size;
 336	ei.len      = ubi->peb_size;
 337
 338	err = mtd_erase(ubi->mtd, &ei);
 339	if (err) {
 340		if (retries++ < UBI_IO_RETRIES) {
 341			ubi_warn(ubi, "error %d while erasing PEB %d, retry",
 342				 err, pnum);
 343			yield();
 344			goto retry;
 345		}
 346		ubi_err(ubi, "cannot erase PEB %d, error %d", pnum, err);
 347		dump_stack();
 348		return err;
 349	}
 350
 351	err = ubi_self_check_all_ff(ubi, pnum, 0, ubi->peb_size);
 352	if (err)
 353		return err;
 354
 355	if (ubi_dbg_is_erase_failure(ubi)) {
 356		ubi_err(ubi, "cannot erase PEB %d (emulated)", pnum);
 357		return -EIO;
 358	}
 359
 360	return 0;
 361}
 362
 363/* Patterns to write to a physical eraseblock when torturing it */
 364static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
 365
 366/**
 367 * torture_peb - test a supposedly bad physical eraseblock.
 368 * @ubi: UBI device description object
 369 * @pnum: the physical eraseblock number to test
 370 *
 371 * This function returns %-EIO if the physical eraseblock did not pass the
 372 * test, a positive number of erase operations done if the test was
 373 * successfully passed, and other negative error codes in case of other errors.
 374 */
 375static int torture_peb(struct ubi_device *ubi, int pnum)
 376{
 377	int err, i, patt_count;
 378
 379	ubi_msg(ubi, "run torture test for PEB %d", pnum);
 380	patt_count = ARRAY_SIZE(patterns);
 381	ubi_assert(patt_count > 0);
 382
 383	mutex_lock(&ubi->buf_mutex);
 384	for (i = 0; i < patt_count; i++) {
 385		err = do_sync_erase(ubi, pnum);
 386		if (err)
 387			goto out;
 388
 389		/* Make sure the PEB contains only 0xFF bytes */
 390		err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
 391		if (err)
 392			goto out;
 393
 394		err = ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->peb_size);
 395		if (err == 0) {
 396			ubi_err(ubi, "erased PEB %d, but a non-0xFF byte found",
 397				pnum);
 398			err = -EIO;
 399			goto out;
 400		}
 401
 402		/* Write a pattern and check it */
 403		memset(ubi->peb_buf, patterns[i], ubi->peb_size);
 404		err = ubi_io_write(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
 405		if (err)
 406			goto out;
 407
 408		memset(ubi->peb_buf, ~patterns[i], ubi->peb_size);
 409		err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
 410		if (err)
 411			goto out;
 412
 413		err = ubi_check_pattern(ubi->peb_buf, patterns[i],
 414					ubi->peb_size);
 415		if (err == 0) {
 416			ubi_err(ubi, "pattern %x checking failed for PEB %d",
 417				patterns[i], pnum);
 418			err = -EIO;
 419			goto out;
 420		}
 421	}
 422
 423	err = patt_count;
 424	ubi_msg(ubi, "PEB %d passed torture test, do not mark it as bad", pnum);
 425
 426out:
 427	mutex_unlock(&ubi->buf_mutex);
 428	if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) {
 429		/*
 430		 * If a bit-flip or data integrity error was detected, the test
 431		 * has not passed because it happened on a freshly erased
 432		 * physical eraseblock which means something is wrong with it.
 433		 */
 434		ubi_err(ubi, "read problems on freshly erased PEB %d, must be bad",
 435			pnum);
 436		err = -EIO;
 437	}
 438	return err;
 439}
 440
 441/**
 442 * nor_erase_prepare - prepare a NOR flash PEB for erasure.
 443 * @ubi: UBI device description object
 444 * @pnum: physical eraseblock number to prepare
 445 *
 446 * NOR flash, or at least some of them, have peculiar embedded PEB erasure
 447 * algorithm: the PEB is first filled with zeroes, then it is erased. And
 448 * filling with zeroes starts from the end of the PEB. This was observed with
 449 * Spansion S29GL512N NOR flash.
 450 *
 451 * This means that in case of a power cut we may end up with intact data at the
 452 * beginning of the PEB, and all zeroes at the end of PEB. In other words, the
 453 * EC and VID headers are OK, but a large chunk of data at the end of PEB is
 454 * zeroed. This makes UBI mistakenly treat this PEB as used and associate it
 455 * with an LEB, which leads to subsequent failures (e.g., UBIFS fails).
 456 *
 457 * This function is called before erasing NOR PEBs and it zeroes out EC and VID
 458 * magic numbers in order to invalidate them and prevent the failures. Returns
 459 * zero in case of success and a negative error code in case of failure.
 460 */
 461static int nor_erase_prepare(struct ubi_device *ubi, int pnum)
 462{
 463	int err;
 464	size_t written;
 465	loff_t addr;
 466	uint32_t data = 0;
 467	struct ubi_ec_hdr ec_hdr;
 468	struct ubi_vid_io_buf vidb;
 469
 470	/*
 471	 * Note, we cannot generally define VID header buffers on stack,
 472	 * because of the way we deal with these buffers (see the header
 473	 * comment in this file). But we know this is a NOR-specific piece of
 474	 * code, so we can do this. But yes, this is error-prone and we should
 475	 * (pre-)allocate VID header buffer instead.
 476	 */
 477	struct ubi_vid_hdr vid_hdr;
 478
 479	/*
 480	 * If VID or EC is valid, we have to corrupt them before erasing.
 481	 * It is important to first invalidate the EC header, and then the VID
 482	 * header. Otherwise a power cut may lead to valid EC header and
 483	 * invalid VID header, in which case UBI will treat this PEB as
 484	 * corrupted and will try to preserve it, and print scary warnings.
 485	 */
 486	addr = (loff_t)pnum * ubi->peb_size;
 487	err = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0);
 488	if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
 489	    err != UBI_IO_FF){
 490		err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
 491		if(err)
 492			goto error;
 493	}
 494
 495	ubi_init_vid_buf(ubi, &vidb, &vid_hdr);
 496	ubi_assert(&vid_hdr == ubi_get_vid_hdr(&vidb));
 497
 498	err = ubi_io_read_vid_hdr(ubi, pnum, &vidb, 0);
 499	if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
 500	    err != UBI_IO_FF){
 501		addr += ubi->vid_hdr_aloffset;
 502		err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
 503		if (err)
 504			goto error;
 505	}
 506	return 0;
 507
 508error:
 509	/*
 510	 * The PEB contains a valid VID or EC header, but we cannot invalidate
 511	 * it. Supposedly the flash media or the driver is screwed up, so
 512	 * return an error.
 513	 */
 514	ubi_err(ubi, "cannot invalidate PEB %d, write returned %d", pnum, err);
 515	ubi_dump_flash(ubi, pnum, 0, ubi->peb_size);
 516	return -EIO;
 517}
 518
 519/**
 520 * ubi_io_sync_erase - synchronously erase a physical eraseblock.
 521 * @ubi: UBI device description object
 522 * @pnum: physical eraseblock number to erase
 523 * @torture: if this physical eraseblock has to be tortured
 524 *
 525 * This function synchronously erases physical eraseblock @pnum. If @torture
 526 * flag is not zero, the physical eraseblock is checked by means of writing
 527 * different patterns to it and reading them back. If the torturing is enabled,
 528 * the physical eraseblock is erased more than once.
 529 *
 530 * This function returns the number of erasures made in case of success, %-EIO
 531 * if the erasure failed or the torturing test failed, and other negative error
 532 * codes in case of other errors. Note, %-EIO means that the physical
 533 * eraseblock is bad.
 534 */
 535int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
 536{
 537	int err, ret = 0;
 538
 539	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 540
 541	err = self_check_not_bad(ubi, pnum);
 542	if (err != 0)
 543		return err;
 544
 545	if (ubi->ro_mode) {
 546		ubi_err(ubi, "read-only mode");
 547		return -EROFS;
 548	}
 549
 550	/*
 551	 * If the flash is ECC-ed then we have to erase the ECC block before we
 552	 * can write to it. But the write is in preparation to an erase in the
 553	 * first place. This means we cannot zero out EC and VID before the
 554	 * erase and we just have to hope the flash starts erasing from the
 555	 * start of the page.
 556	 */
 557	if (ubi->nor_flash && ubi->mtd->writesize == 1) {
 558		err = nor_erase_prepare(ubi, pnum);
 559		if (err)
 560			return err;
 561	}
 562
 563	if (torture) {
 564		ret = torture_peb(ubi, pnum);
 565		if (ret < 0)
 566			return ret;
 567	}
 568
 569	err = do_sync_erase(ubi, pnum);
 570	if (err)
 571		return err;
 572
 573	return ret + 1;
 574}
 575
 576/**
 577 * ubi_io_is_bad - check if a physical eraseblock is bad.
 578 * @ubi: UBI device description object
 579 * @pnum: the physical eraseblock number to check
 580 *
 581 * This function returns a positive number if the physical eraseblock is bad,
 582 * zero if not, and a negative error code if an error occurred.
 583 */
 584int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
 585{
 586	struct mtd_info *mtd = ubi->mtd;
 587
 588	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 589
 590	if (ubi->bad_allowed) {
 591		int ret;
 592
 593		ret = mtd_block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
 594		if (ret < 0)
 595			ubi_err(ubi, "error %d while checking if PEB %d is bad",
 596				ret, pnum);
 597		else if (ret)
 598			dbg_io("PEB %d is bad", pnum);
 599		return ret;
 600	}
 601
 602	return 0;
 603}
 604
 605/**
 606 * ubi_io_mark_bad - mark a physical eraseblock as bad.
 607 * @ubi: UBI device description object
 608 * @pnum: the physical eraseblock number to mark
 609 *
 610 * This function returns zero in case of success and a negative error code in
 611 * case of failure.
 612 */
 613int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
 614{
 615	int err;
 616	struct mtd_info *mtd = ubi->mtd;
 617
 618	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 619
 620	if (ubi->ro_mode) {
 621		ubi_err(ubi, "read-only mode");
 622		return -EROFS;
 623	}
 624
 625	if (!ubi->bad_allowed)
 626		return 0;
 627
 628	err = mtd_block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
 629	if (err)
 630		ubi_err(ubi, "cannot mark PEB %d bad, error %d", pnum, err);
 631	return err;
 632}
 633
 634/**
 635 * validate_ec_hdr - validate an erase counter header.
 636 * @ubi: UBI device description object
 637 * @ec_hdr: the erase counter header to check
 638 *
 639 * This function returns zero if the erase counter header is OK, and %1 if
 640 * not.
 641 */
 642static int validate_ec_hdr(const struct ubi_device *ubi,
 643			   const struct ubi_ec_hdr *ec_hdr)
 644{
 645	long long ec;
 646	int vid_hdr_offset, leb_start;
 647
 648	ec = be64_to_cpu(ec_hdr->ec);
 649	vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
 650	leb_start = be32_to_cpu(ec_hdr->data_offset);
 651
 652	if (ec_hdr->version != UBI_VERSION) {
 653		ubi_err(ubi, "node with incompatible UBI version found: this UBI version is %d, image version is %d",
 654			UBI_VERSION, (int)ec_hdr->version);
 655		goto bad;
 656	}
 657
 658	if (vid_hdr_offset != ubi->vid_hdr_offset) {
 659		ubi_err(ubi, "bad VID header offset %d, expected %d",
 660			vid_hdr_offset, ubi->vid_hdr_offset);
 661		goto bad;
 662	}
 663
 664	if (leb_start != ubi->leb_start) {
 665		ubi_err(ubi, "bad data offset %d, expected %d",
 666			leb_start, ubi->leb_start);
 667		goto bad;
 668	}
 669
 670	if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
 671		ubi_err(ubi, "bad erase counter %lld", ec);
 672		goto bad;
 673	}
 674
 675	return 0;
 676
 677bad:
 678	ubi_err(ubi, "bad EC header");
 679	ubi_dump_ec_hdr(ec_hdr);
 680	dump_stack();
 681	return 1;
 682}
 683
 684/**
 685 * ubi_io_read_ec_hdr - read and check an erase counter header.
 686 * @ubi: UBI device description object
 687 * @pnum: physical eraseblock to read from
 688 * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
 689 * header
 690 * @verbose: be verbose if the header is corrupted or was not found
 691 *
 692 * This function reads erase counter header from physical eraseblock @pnum and
 693 * stores it in @ec_hdr. This function also checks CRC checksum of the read
 694 * erase counter header. The following codes may be returned:
 695 *
 696 * o %0 if the CRC checksum is correct and the header was successfully read;
 697 * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
 698 *   and corrected by the flash driver; this is harmless but may indicate that
 699 *   this eraseblock may become bad soon (but may be not);
 700 * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error);
 701 * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was
 702 *   a data integrity error (uncorrectable ECC error in case of NAND);
 703 * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty)
 704 * o a negative error code in case of failure.
 705 */
 706int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
 707		       struct ubi_ec_hdr *ec_hdr, int verbose)
 708{
 709	int err, read_err;
 710	uint32_t crc, magic, hdr_crc;
 711
 712	dbg_io("read EC header from PEB %d", pnum);
 713	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
 714
 715	read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
 716	if (read_err) {
 717		if (read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
 718			return read_err;
 719
 720		/*
 721		 * We read all the data, but either a correctable bit-flip
 722		 * occurred, or MTD reported a data integrity error
 723		 * (uncorrectable ECC error in case of NAND). The former is
 724		 * harmless, the later may mean that the read data is
 725		 * corrupted. But we have a CRC check-sum and we will detect
 726		 * this. If the EC header is still OK, we just report this as
 727		 * there was a bit-flip, to force scrubbing.
 728		 */
 729	}
 730
 731	magic = be32_to_cpu(ec_hdr->magic);
 732	if (magic != UBI_EC_HDR_MAGIC) {
 733		if (mtd_is_eccerr(read_err))
 734			return UBI_IO_BAD_HDR_EBADMSG;
 735
 736		/*
 737		 * The magic field is wrong. Let's check if we have read all
 738		 * 0xFF. If yes, this physical eraseblock is assumed to be
 739		 * empty.
 740		 */
 741		if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
 742			/* The physical eraseblock is supposedly empty */
 743			if (verbose)
 744				ubi_warn(ubi, "no EC header found at PEB %d, only 0xFF bytes",
 745					 pnum);
 746			dbg_bld("no EC header found at PEB %d, only 0xFF bytes",
 747				pnum);
 748			if (!read_err)
 749				return UBI_IO_FF;
 750			else
 751				return UBI_IO_FF_BITFLIPS;
 752		}
 753
 754		/*
 755		 * This is not a valid erase counter header, and these are not
 756		 * 0xFF bytes. Report that the header is corrupted.
 757		 */
 758		if (verbose) {
 759			ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x",
 760				 pnum, magic, UBI_EC_HDR_MAGIC);
 761			ubi_dump_ec_hdr(ec_hdr);
 762		}
 763		dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
 764			pnum, magic, UBI_EC_HDR_MAGIC);
 765		return UBI_IO_BAD_HDR;
 766	}
 767
 768	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
 769	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
 770
 771	if (hdr_crc != crc) {
 772		if (verbose) {
 773			ubi_warn(ubi, "bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
 774				 pnum, crc, hdr_crc);
 775			ubi_dump_ec_hdr(ec_hdr);
 776		}
 777		dbg_bld("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
 778			pnum, crc, hdr_crc);
 779
 780		if (!read_err)
 781			return UBI_IO_BAD_HDR;
 782		else
 783			return UBI_IO_BAD_HDR_EBADMSG;
 784	}
 785
 786	/* And of course validate what has just been read from the media */
 787	err = validate_ec_hdr(ubi, ec_hdr);
 788	if (err) {
 789		ubi_err(ubi, "validation failed for PEB %d", pnum);
 790		return -EINVAL;
 791	}
 792
 793	/*
 794	 * If there was %-EBADMSG, but the header CRC is still OK, report about
 795	 * a bit-flip to force scrubbing on this PEB.
 796	 */
 797	if (read_err)
 798		return UBI_IO_BITFLIPS;
 799
 800	if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE_EC)) {
 801		ubi_warn(ubi, "cannot read EC header from PEB %d (emulated)",
 802			 pnum);
 803		return -EIO;
 804	}
 805
 806	if (ubi_dbg_is_ff(ubi, MASK_IO_FF_EC)) {
 807		ubi_warn(ubi, "bit-all-ff (emulated)");
 808		return UBI_IO_FF;
 809	}
 810
 811	if (ubi_dbg_is_ff_bitflips(ubi, MASK_IO_FF_BITFLIPS_EC)) {
 812		ubi_warn(ubi, "bit-all-ff with error reported by MTD driver (emulated)");
 813		return UBI_IO_FF_BITFLIPS;
 814	}
 815
 816	if (ubi_dbg_is_bad_hdr(ubi, MASK_BAD_HDR_EC)) {
 817		ubi_warn(ubi, "bad_hdr (emulated)");
 818		return UBI_IO_BAD_HDR;
 819	}
 820
 821	if (ubi_dbg_is_bad_hdr_ebadmsg(ubi, MASK_BAD_HDR_EBADMSG_EC)) {
 822		ubi_warn(ubi, "bad_hdr with ECC error (emulated)");
 823		return UBI_IO_BAD_HDR_EBADMSG;
 824	}
 825
 826	return 0;
 827}
 828
 829/**
 830 * ubi_io_write_ec_hdr - write an erase counter header.
 831 * @ubi: UBI device description object
 832 * @pnum: physical eraseblock to write to
 833 * @ec_hdr: the erase counter header to write
 834 *
 835 * This function writes erase counter header described by @ec_hdr to physical
 836 * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
 837 * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
 838 * field.
 839 *
 840 * This function returns zero in case of success and a negative error code in
 841 * case of failure. If %-EIO is returned, the physical eraseblock most probably
 842 * went bad.
 843 */
 844int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
 845			struct ubi_ec_hdr *ec_hdr)
 846{
 847	int err;
 848	uint32_t crc;
 849
 850	dbg_io("write EC header to PEB %d", pnum);
 851	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
 852
 853	ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
 854	ec_hdr->version = UBI_VERSION;
 855	ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
 856	ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
 857	ec_hdr->image_seq = cpu_to_be32(ubi->image_seq);
 858	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
 859	ec_hdr->hdr_crc = cpu_to_be32(crc);
 860
 861	err = self_check_ec_hdr(ubi, pnum, ec_hdr);
 862	if (err)
 863		return err;
 864
 865	if (ubi_dbg_is_power_cut(ubi, MASK_POWER_CUT_EC)) {
 866		ubi_warn(ubi, "emulating a power cut when writing EC header");
 867		ubi_ro_mode(ubi);
 868		return -EROFS;
 869	}
 870
 871	err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
 872	return err;
 873}
 874
 875/**
 876 * validate_vid_hdr - validate a volume identifier header.
 877 * @ubi: UBI device description object
 878 * @vid_hdr: the volume identifier header to check
 879 *
 880 * This function checks that data stored in the volume identifier header
 881 * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
 882 */
 883static int validate_vid_hdr(const struct ubi_device *ubi,
 884			    const struct ubi_vid_hdr *vid_hdr)
 885{
 886	int vol_type = vid_hdr->vol_type;
 887	int copy_flag = vid_hdr->copy_flag;
 888	int vol_id = be32_to_cpu(vid_hdr->vol_id);
 889	int lnum = be32_to_cpu(vid_hdr->lnum);
 890	int compat = vid_hdr->compat;
 891	int data_size = be32_to_cpu(vid_hdr->data_size);
 892	int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
 893	int data_pad = be32_to_cpu(vid_hdr->data_pad);
 894	int data_crc = be32_to_cpu(vid_hdr->data_crc);
 895	int usable_leb_size = ubi->leb_size - data_pad;
 896
 897	if (copy_flag != 0 && copy_flag != 1) {
 898		ubi_err(ubi, "bad copy_flag");
 899		goto bad;
 900	}
 901
 902	if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
 903	    data_pad < 0) {
 904		ubi_err(ubi, "negative values");
 905		goto bad;
 906	}
 907
 908	if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
 909		ubi_err(ubi, "bad vol_id");
 910		goto bad;
 911	}
 912
 913	if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
 914		ubi_err(ubi, "bad compat");
 915		goto bad;
 916	}
 917
 918	if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
 919	    compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
 920	    compat != UBI_COMPAT_REJECT) {
 921		ubi_err(ubi, "bad compat");
 922		goto bad;
 923	}
 924
 925	if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
 926		ubi_err(ubi, "bad vol_type");
 927		goto bad;
 928	}
 929
 930	if (data_pad >= ubi->leb_size / 2) {
 931		ubi_err(ubi, "bad data_pad");
 932		goto bad;
 933	}
 934
 935	if (data_size > ubi->leb_size) {
 936		ubi_err(ubi, "bad data_size");
 937		goto bad;
 938	}
 939
 940	if (vol_type == UBI_VID_STATIC) {
 941		/*
 942		 * Although from high-level point of view static volumes may
 943		 * contain zero bytes of data, but no VID headers can contain
 944		 * zero at these fields, because they empty volumes do not have
 945		 * mapped logical eraseblocks.
 946		 */
 947		if (used_ebs == 0) {
 948			ubi_err(ubi, "zero used_ebs");
 949			goto bad;
 950		}
 951		if (data_size == 0) {
 952			ubi_err(ubi, "zero data_size");
 953			goto bad;
 954		}
 955		if (lnum < used_ebs - 1) {
 956			if (data_size != usable_leb_size) {
 957				ubi_err(ubi, "bad data_size");
 958				goto bad;
 959			}
 960		} else if (lnum > used_ebs - 1) {
 961			ubi_err(ubi, "too high lnum");
 962			goto bad;
 963		}
 964	} else {
 965		if (copy_flag == 0) {
 966			if (data_crc != 0) {
 967				ubi_err(ubi, "non-zero data CRC");
 968				goto bad;
 969			}
 970			if (data_size != 0) {
 971				ubi_err(ubi, "non-zero data_size");
 972				goto bad;
 973			}
 974		} else {
 975			if (data_size == 0) {
 976				ubi_err(ubi, "zero data_size of copy");
 977				goto bad;
 978			}
 979		}
 980		if (used_ebs != 0) {
 981			ubi_err(ubi, "bad used_ebs");
 982			goto bad;
 983		}
 984	}
 985
 986	return 0;
 987
 988bad:
 989	ubi_err(ubi, "bad VID header");
 990	ubi_dump_vid_hdr(vid_hdr);
 991	dump_stack();
 992	return 1;
 993}
 994
 995/**
 996 * ubi_io_read_vid_hdr - read and check a volume identifier header.
 997 * @ubi: UBI device description object
 998 * @pnum: physical eraseblock number to read from
 999 * @vidb: the volume identifier buffer to store data in
1000 * @verbose: be verbose if the header is corrupted or wasn't found
1001 *
1002 * This function reads the volume identifier header from physical eraseblock
1003 * @pnum and stores it in @vidb. It also checks CRC checksum of the read
1004 * volume identifier header. The error codes are the same as in
1005 * 'ubi_io_read_ec_hdr()'.
1006 *
1007 * Note, the implementation of this function is also very similar to
1008 * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'.
1009 */
1010int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
1011			struct ubi_vid_io_buf *vidb, int verbose)
1012{
1013	int err, read_err;
1014	uint32_t crc, magic, hdr_crc;
1015	struct ubi_vid_hdr *vid_hdr = ubi_get_vid_hdr(vidb);
1016	void *p = vidb->buffer;
1017
1018	dbg_io("read VID header from PEB %d", pnum);
1019	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1020
1021	read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1022			  ubi->vid_hdr_shift + UBI_VID_HDR_SIZE);
1023	if (read_err && read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
1024		return read_err;
1025
1026	magic = be32_to_cpu(vid_hdr->magic);
1027	if (magic != UBI_VID_HDR_MAGIC) {
1028		if (mtd_is_eccerr(read_err))
1029			return UBI_IO_BAD_HDR_EBADMSG;
1030
1031		if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
1032			if (verbose)
1033				ubi_warn(ubi, "no VID header found at PEB %d, only 0xFF bytes",
1034					 pnum);
1035			dbg_bld("no VID header found at PEB %d, only 0xFF bytes",
1036				pnum);
1037			if (!read_err)
1038				return UBI_IO_FF;
1039			else
1040				return UBI_IO_FF_BITFLIPS;
1041		}
1042
1043		if (verbose) {
1044			ubi_warn(ubi, "bad magic number at PEB %d: %08x instead of %08x",
1045				 pnum, magic, UBI_VID_HDR_MAGIC);
1046			ubi_dump_vid_hdr(vid_hdr);
1047		}
1048		dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
1049			pnum, magic, UBI_VID_HDR_MAGIC);
1050		return UBI_IO_BAD_HDR;
1051	}
1052
1053	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1054	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1055
1056	if (hdr_crc != crc) {
1057		if (verbose) {
1058			ubi_warn(ubi, "bad CRC at PEB %d, calculated %#08x, read %#08x",
1059				 pnum, crc, hdr_crc);
1060			ubi_dump_vid_hdr(vid_hdr);
1061		}
1062		dbg_bld("bad CRC at PEB %d, calculated %#08x, read %#08x",
1063			pnum, crc, hdr_crc);
1064		if (!read_err)
1065			return UBI_IO_BAD_HDR;
1066		else
1067			return UBI_IO_BAD_HDR_EBADMSG;
1068	}
1069
1070	err = validate_vid_hdr(ubi, vid_hdr);
1071	if (err) {
1072		ubi_err(ubi, "validation failed for PEB %d", pnum);
1073		return -EINVAL;
1074	}
1075
1076	if (read_err)
1077		return UBI_IO_BITFLIPS;
1078
1079	if (ubi_dbg_is_read_failure(ubi, MASK_READ_FAILURE_VID)) {
1080		ubi_warn(ubi, "cannot read VID header from PEB %d (emulated)",
1081			 pnum);
1082		return -EIO;
1083	}
1084
1085	if (ubi_dbg_is_ff(ubi, MASK_IO_FF_VID)) {
1086		ubi_warn(ubi, "bit-all-ff (emulated)");
1087		return UBI_IO_FF;
1088	}
1089
1090	if (ubi_dbg_is_ff_bitflips(ubi, MASK_IO_FF_BITFLIPS_VID)) {
1091		ubi_warn(ubi, "bit-all-ff with error reported by MTD driver (emulated)");
1092		return UBI_IO_FF_BITFLIPS;
1093	}
1094
1095	if (ubi_dbg_is_bad_hdr(ubi, MASK_BAD_HDR_VID)) {
1096		ubi_warn(ubi, "bad_hdr (emulated)");
1097		return UBI_IO_BAD_HDR;
1098	}
1099
1100	if (ubi_dbg_is_bad_hdr_ebadmsg(ubi, MASK_BAD_HDR_EBADMSG_VID)) {
1101		ubi_warn(ubi, "bad_hdr with ECC error (emulated)");
1102		return UBI_IO_BAD_HDR_EBADMSG;
1103	}
1104
1105	return 0;
1106}
1107
1108/**
1109 * ubi_io_write_vid_hdr - write a volume identifier header.
1110 * @ubi: UBI device description object
1111 * @pnum: the physical eraseblock number to write to
1112 * @vidb: the volume identifier buffer to write
1113 *
1114 * This function writes the volume identifier header described by @vid_hdr to
1115 * physical eraseblock @pnum. This function automatically fills the
1116 * @vidb->hdr->magic and the @vidb->hdr->version fields, as well as calculates
1117 * header CRC checksum and stores it at vidb->hdr->hdr_crc.
1118 *
1119 * This function returns zero in case of success and a negative error code in
1120 * case of failure. If %-EIO is returned, the physical eraseblock probably went
1121 * bad.
1122 */
1123int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1124			 struct ubi_vid_io_buf *vidb)
1125{
1126	struct ubi_vid_hdr *vid_hdr = ubi_get_vid_hdr(vidb);
1127	int err;
1128	uint32_t crc;
1129	void *p = vidb->buffer;
1130
1131	dbg_io("write VID header to PEB %d", pnum);
1132	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1133
1134	err = self_check_peb_ec_hdr(ubi, pnum);
1135	if (err)
1136		return err;
1137
1138	vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1139	vid_hdr->version = UBI_VERSION;
1140	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1141	vid_hdr->hdr_crc = cpu_to_be32(crc);
1142
1143	err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1144	if (err)
1145		return err;
1146
1147	if (ubi_dbg_is_power_cut(ubi, MASK_POWER_CUT_VID)) {
1148		ubi_warn(ubi, "emulating a power cut when writing VID header");
1149		ubi_ro_mode(ubi);
1150		return -EROFS;
1151	}
1152
1153	err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1154			   ubi->vid_hdr_alsize);
1155	return err;
1156}
1157
1158/**
1159 * self_check_not_bad - ensure that a physical eraseblock is not bad.
1160 * @ubi: UBI device description object
1161 * @pnum: physical eraseblock number to check
1162 *
1163 * This function returns zero if the physical eraseblock is good, %-EINVAL if
1164 * it is bad and a negative error code if an error occurred.
1165 */
1166static int self_check_not_bad(const struct ubi_device *ubi, int pnum)
1167{
1168	int err;
1169
1170	if (!ubi_dbg_chk_io(ubi))
1171		return 0;
1172
1173	err = ubi_io_is_bad(ubi, pnum);
1174	if (!err)
1175		return err;
1176
1177	ubi_err(ubi, "self-check failed for PEB %d", pnum);
1178	dump_stack();
1179	return err > 0 ? -EINVAL : err;
1180}
1181
1182/**
1183 * self_check_ec_hdr - check if an erase counter header is all right.
1184 * @ubi: UBI device description object
1185 * @pnum: physical eraseblock number the erase counter header belongs to
1186 * @ec_hdr: the erase counter header to check
1187 *
1188 * This function returns zero if the erase counter header contains valid
1189 * values, and %-EINVAL if not.
1190 */
1191static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1192			     const struct ubi_ec_hdr *ec_hdr)
1193{
1194	int err;
1195	uint32_t magic;
1196
1197	if (!ubi_dbg_chk_io(ubi))
1198		return 0;
1199
1200	magic = be32_to_cpu(ec_hdr->magic);
1201	if (magic != UBI_EC_HDR_MAGIC) {
1202		ubi_err(ubi, "bad magic %#08x, must be %#08x",
1203			magic, UBI_EC_HDR_MAGIC);
1204		goto fail;
1205	}
1206
1207	err = validate_ec_hdr(ubi, ec_hdr);
1208	if (err) {
1209		ubi_err(ubi, "self-check failed for PEB %d", pnum);
1210		goto fail;
1211	}
1212
1213	return 0;
1214
1215fail:
1216	ubi_dump_ec_hdr(ec_hdr);
1217	dump_stack();
1218	return -EINVAL;
1219}
1220
1221/**
1222 * self_check_peb_ec_hdr - check erase counter header.
1223 * @ubi: UBI device description object
1224 * @pnum: the physical eraseblock number to check
1225 *
1226 * This function returns zero if the erase counter header is all right and
1227 * a negative error code if not or if an error occurred.
1228 */
1229static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1230{
1231	int err;
1232	uint32_t crc, hdr_crc;
1233	struct ubi_ec_hdr *ec_hdr;
1234
1235	if (!ubi_dbg_chk_io(ubi))
1236		return 0;
1237
1238	ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1239	if (!ec_hdr)
1240		return -ENOMEM;
1241
1242	err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1243	if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1244		goto exit;
1245
1246	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1247	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1248	if (hdr_crc != crc) {
1249		ubi_err(ubi, "bad CRC, calculated %#08x, read %#08x",
1250			crc, hdr_crc);
1251		ubi_err(ubi, "self-check failed for PEB %d", pnum);
1252		ubi_dump_ec_hdr(ec_hdr);
1253		dump_stack();
1254		err = -EINVAL;
1255		goto exit;
1256	}
1257
1258	err = self_check_ec_hdr(ubi, pnum, ec_hdr);
1259
1260exit:
1261	kfree(ec_hdr);
1262	return err;
1263}
1264
1265/**
1266 * self_check_vid_hdr - check that a volume identifier header is all right.
1267 * @ubi: UBI device description object
1268 * @pnum: physical eraseblock number the volume identifier header belongs to
1269 * @vid_hdr: the volume identifier header to check
1270 *
1271 * This function returns zero if the volume identifier header is all right, and
1272 * %-EINVAL if not.
1273 */
1274static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1275			      const struct ubi_vid_hdr *vid_hdr)
1276{
1277	int err;
1278	uint32_t magic;
1279
1280	if (!ubi_dbg_chk_io(ubi))
1281		return 0;
1282
1283	magic = be32_to_cpu(vid_hdr->magic);
1284	if (magic != UBI_VID_HDR_MAGIC) {
1285		ubi_err(ubi, "bad VID header magic %#08x at PEB %d, must be %#08x",
1286			magic, pnum, UBI_VID_HDR_MAGIC);
1287		goto fail;
1288	}
1289
1290	err = validate_vid_hdr(ubi, vid_hdr);
1291	if (err) {
1292		ubi_err(ubi, "self-check failed for PEB %d", pnum);
1293		goto fail;
1294	}
1295
1296	return err;
1297
1298fail:
1299	ubi_err(ubi, "self-check failed for PEB %d", pnum);
1300	ubi_dump_vid_hdr(vid_hdr);
1301	dump_stack();
1302	return -EINVAL;
1303
1304}
1305
1306/**
1307 * self_check_peb_vid_hdr - check volume identifier header.
1308 * @ubi: UBI device description object
1309 * @pnum: the physical eraseblock number to check
1310 *
1311 * This function returns zero if the volume identifier header is all right,
1312 * and a negative error code if not or if an error occurred.
1313 */
1314static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1315{
1316	int err;
1317	uint32_t crc, hdr_crc;
1318	struct ubi_vid_io_buf *vidb;
1319	struct ubi_vid_hdr *vid_hdr;
1320	void *p;
1321
1322	if (!ubi_dbg_chk_io(ubi))
1323		return 0;
1324
1325	vidb = ubi_alloc_vid_buf(ubi, GFP_NOFS);
1326	if (!vidb)
1327		return -ENOMEM;
1328
1329	vid_hdr = ubi_get_vid_hdr(vidb);
1330	p = vidb->buffer;
1331	err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1332			  ubi->vid_hdr_alsize);
1333	if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1334		goto exit;
1335
1336	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1337	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1338	if (hdr_crc != crc) {
1339		ubi_err(ubi, "bad VID header CRC at PEB %d, calculated %#08x, read %#08x",
1340			pnum, crc, hdr_crc);
1341		ubi_err(ubi, "self-check failed for PEB %d", pnum);
1342		ubi_dump_vid_hdr(vid_hdr);
1343		dump_stack();
1344		err = -EINVAL;
1345		goto exit;
1346	}
1347
1348	err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1349
1350exit:
1351	ubi_free_vid_buf(vidb);
1352	return err;
1353}
1354
1355/**
1356 * self_check_write - make sure write succeeded.
1357 * @ubi: UBI device description object
1358 * @buf: buffer with data which were written
1359 * @pnum: physical eraseblock number the data were written to
1360 * @offset: offset within the physical eraseblock the data were written to
1361 * @len: how many bytes were written
1362 *
1363 * This functions reads data which were recently written and compares it with
1364 * the original data buffer - the data have to match. Returns zero if the data
1365 * match and a negative error code if not or in case of failure.
1366 */
1367static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
1368			    int offset, int len)
1369{
1370	int err, i;
1371	size_t read;
1372	void *buf1;
1373	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1374
1375	if (!ubi_dbg_chk_io(ubi))
1376		return 0;
1377
1378	buf1 = __vmalloc(len, GFP_NOFS);
1379	if (!buf1) {
1380		ubi_err(ubi, "cannot allocate memory to check writes");
1381		return 0;
1382	}
1383
1384	err = mtd_read(ubi->mtd, addr, len, &read, buf1);
1385	if (err && !mtd_is_bitflip(err))
1386		goto out_free;
1387
1388	for (i = 0; i < len; i++) {
1389		uint8_t c = ((uint8_t *)buf)[i];
1390		uint8_t c1 = ((uint8_t *)buf1)[i];
1391		int dump_len;
1392
1393		if (c == c1)
1394			continue;
1395
1396		ubi_err(ubi, "self-check failed for PEB %d:%d, len %d",
1397			pnum, offset, len);
1398		ubi_msg(ubi, "data differ at position %d", i);
1399		dump_len = max_t(int, 128, len - i);
1400		ubi_msg(ubi, "hex dump of the original buffer from %d to %d",
1401			i, i + dump_len);
1402		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1403			       buf + i, dump_len, 1);
1404		ubi_msg(ubi, "hex dump of the read buffer from %d to %d",
1405			i, i + dump_len);
1406		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1407			       buf1 + i, dump_len, 1);
1408		dump_stack();
1409		err = -EINVAL;
1410		goto out_free;
1411	}
1412
1413	vfree(buf1);
1414	return 0;
1415
1416out_free:
1417	vfree(buf1);
1418	return err;
1419}
1420
1421/**
1422 * ubi_self_check_all_ff - check that a region of flash is empty.
1423 * @ubi: UBI device description object
1424 * @pnum: the physical eraseblock number to check
1425 * @offset: the starting offset within the physical eraseblock to check
1426 * @len: the length of the region to check
1427 *
1428 * This function returns zero if only 0xFF bytes are present at offset
1429 * @offset of the physical eraseblock @pnum, and a negative error code if not
1430 * or if an error occurred.
1431 */
1432int ubi_self_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len)
1433{
1434	size_t read;
1435	int err;
1436	void *buf;
1437	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1438
1439	if (!ubi_dbg_chk_io(ubi))
1440		return 0;
1441
1442	buf = __vmalloc(len, GFP_NOFS);
1443	if (!buf) {
1444		ubi_err(ubi, "cannot allocate memory to check for 0xFFs");
1445		return 0;
1446	}
1447
1448	err = mtd_read(ubi->mtd, addr, len, &read, buf);
1449	if (err && !mtd_is_bitflip(err)) {
1450		ubi_err(ubi, "err %d while reading %d bytes from PEB %d:%d, read %zd bytes",
1451			err, len, pnum, offset, read);
1452		goto error;
1453	}
1454
1455	err = ubi_check_pattern(buf, 0xFF, len);
1456	if (err == 0) {
1457		ubi_err(ubi, "flash region at PEB %d:%d, length %d does not contain all 0xFF bytes",
1458			pnum, offset, len);
1459		goto fail;
1460	}
1461
1462	vfree(buf);
1463	return 0;
1464
1465fail:
1466	ubi_err(ubi, "self-check failed for PEB %d", pnum);
1467	ubi_msg(ubi, "hex dump of the %d-%d region", offset, offset + len);
1468	print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1);
1469	err = -EINVAL;
1470error:
1471	dump_stack();
1472	vfree(buf);
1473	return err;
1474}