aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/mtd/ubi/vtbl.c
diff options
context:
space:
mode:
authorArtem B. Bityutskiy <dedekind@linutronix.de>2006-06-27 04:22:22 -0400
committerFrank Haverkamp <haver@vnet.ibm.com>2007-04-27 07:23:33 -0400
commit801c135ce73d5df1caf3eca35b66a10824ae0707 (patch)
treeeaf6e7859650557192533b70746479de686c56e1 /drivers/mtd/ubi/vtbl.c
parentde46c33745f5e2ad594c72f2cf5f490861b16ce1 (diff)
UBI: Unsorted Block Images
UBI (Latin: "where?") manages multiple logical volumes on a single flash device, specifically supporting NAND flash devices. UBI provides a flexible partitioning concept which still allows for wear-levelling across the whole flash device. In a sense, UBI may be compared to the Logical Volume Manager (LVM). Whereas LVM maps logical sector numbers to physical HDD sector numbers, UBI maps logical eraseblocks to physical eraseblocks. More information may be found at http://www.linux-mtd.infradead.org/doc/ubi.html Partitioning/Re-partitioning An UBI volume occupies a certain number of erase blocks. This is limited by a configured maximum volume size, which could also be viewed as the partition size. Each individual UBI volume's size can be changed independently of the other UBI volumes, provided that the sum of all volume sizes doesn't exceed a certain limit. UBI supports dynamic volumes and static volumes. Static volumes are read-only and their contents are protected by CRC check sums. Bad eraseblocks handling UBI transparently handles bad eraseblocks. When a physical eraseblock becomes bad, it is substituted by a good physical eraseblock, and the user does not even notice this. Scrubbing On a NAND flash bit flips can occur on any write operation, sometimes also on read. If bit flips persist on the device, at first they can still be corrected by ECC, but once they accumulate, correction will become impossible. Thus it is best to actively scrub the affected eraseblock, by first copying it to a free eraseblock and then erasing the original. The UBI layer performs this type of scrubbing under the covers, transparently to the UBI volume users. Erase Counts UBI maintains an erase count header per eraseblock. This frees higher-level layers (like file systems) from doing this and allows for centralized erase count management instead. The erase counts are used by the wear-levelling algorithm in the UBI layer. The algorithm itself is exchangeable. Booting from NAND For booting directly from NAND flash the hardware must at least be capable of fetching and executing a small portion of the NAND flash. Some NAND flash controllers have this kind of support. They usually limit the window to a few kilobytes in erase block 0. This "initial program loader" (IPL) must then contain sufficient logic to load and execute the next boot phase. Due to bad eraseblocks, which may be randomly scattered over the flash device, it is problematic to store the "secondary program loader" (SPL) statically. Also, due to bit-flips it may become corrupted over time. UBI allows to solve this problem gracefully by storing the SPL in a small static UBI volume. UBI volumes vs. static partitions UBI volumes are still very similar to static MTD partitions: * both consist of eraseblocks (logical eraseblocks in case of UBI volumes, and physical eraseblocks in case of static partitions; * both support three basic operations - read, write, erase. But UBI volumes have the following advantages over traditional static MTD partitions: * there are no eraseblock wear-leveling constraints in case of UBI volumes, so the user should not care about this; * there are no bit-flips and bad eraseblocks in case of UBI volumes. So, UBI volumes may be considered as flash devices with relaxed restrictions. Where can it be found? Documentation, kernel code and applications can be found in the MTD gits. What are the applications for? The applications help to create binary flash images for two purposes: pfi files (partial flash images) for in-system update of UBI volumes, and plain binary images, with or without OOB data in case of NAND, for a manufacturing step. Furthermore some tools are/and will be created that allow flash content analysis after a system has crashed.. Who did UBI? The original ideas, where UBI is based on, were developed by Andreas Arnez, Frank Haverkamp and Thomas Gleixner. Josh W. Boyer and some others were involved too. The implementation of the kernel layer was done by Artem B. Bityutskiy. The user-space applications and tools were written by Oliver Lohmann with contributions from Frank Haverkamp, Andreas Arnez, and Artem. Joern Engel contributed a patch which modifies JFFS2 so that it can be run on a UBI volume. Thomas Gleixner did modifications to the NAND layer. Alexander Schmidt made some testing work as well as core functionality improvements. Signed-off-by: Artem B. Bityutskiy <dedekind@linutronix.de> Signed-off-by: Frank Haverkamp <haver@vnet.ibm.com>
Diffstat (limited to 'drivers/mtd/ubi/vtbl.c')
-rw-r--r--drivers/mtd/ubi/vtbl.c809
1 files changed, 809 insertions, 0 deletions
diff --git a/drivers/mtd/ubi/vtbl.c b/drivers/mtd/ubi/vtbl.c
new file mode 100644
index 00000000000..b6fd6bbd941
--- /dev/null
+++ b/drivers/mtd/ubi/vtbl.c
@@ -0,0 +1,809 @@
1/*
2 * Copyright (c) International Business Machines Corp., 2006
3 * Copyright (c) Nokia Corporation, 2006, 2007
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13 * the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 *
19 * Author: Artem Bityutskiy (Битюцкий Артём)
20 */
21
22/*
23 * This file includes volume table manipulation code. The volume table is an
24 * on-flash table containing volume meta-data like name, number of reserved
25 * physical eraseblocks, type, etc. The volume table is stored in the so-called
26 * "layout volume".
27 *
28 * The layout volume is an internal volume which is organized as follows. It
29 * consists of two logical eraseblocks - LEB 0 and LEB 1. Each logical
30 * eraseblock stores one volume table copy, i.e. LEB 0 and LEB 1 duplicate each
31 * other. This redundancy guarantees robustness to unclean reboots. The volume
32 * table is basically an array of volume table records. Each record contains
33 * full information about the volume and protected by a CRC checksum.
34 *
35 * The volume table is changed, it is first changed in RAM. Then LEB 0 is
36 * erased, and the updated volume table is written back to LEB 0. Then same for
37 * LEB 1. This scheme guarantees recoverability from unclean reboots.
38 *
39 * In this UBI implementation the on-flash volume table does not contain any
40 * information about how many data static volumes contain. This information may
41 * be found from the scanning data.
42 *
43 * But it would still be beneficial to store this information in the volume
44 * table. For example, suppose we have a static volume X, and all its physical
45 * eraseblocks became bad for some reasons. Suppose we are attaching the
46 * corresponding MTD device, the scanning has found no logical eraseblocks
47 * corresponding to the volume X. According to the volume table volume X does
48 * exist. So we don't know whether it is just empty or all its physical
49 * eraseblocks went bad. So we cannot alarm the user about this corruption.
50 *
51 * The volume table also stores so-called "update marker", which is used for
52 * volume updates. Before updating the volume, the update marker is set, and
53 * after the update operation is finished, the update marker is cleared. So if
54 * the update operation was interrupted (e.g. by an unclean reboot) - the
55 * update marker is still there and we know that the volume's contents is
56 * damaged.
57 */
58
59#include <linux/crc32.h>
60#include <linux/err.h>
61#include <asm/div64.h>
62#include "ubi.h"
63
64#ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
65static void paranoid_vtbl_check(const struct ubi_device *ubi);
66#else
67#define paranoid_vtbl_check(ubi)
68#endif
69
70/* Empty volume table record */
71static struct ubi_vtbl_record empty_vtbl_record;
72
73/**
74 * ubi_change_vtbl_record - change volume table record.
75 * @ubi: UBI device description object
76 * @idx: table index to change
77 * @vtbl_rec: new volume table record
78 *
79 * This function changes volume table record @idx. If @vtbl_rec is %NULL, empty
80 * volume table record is written. The caller does not have to calculate CRC of
81 * the record as it is done by this function. Returns zero in case of success
82 * and a negative error code in case of failure.
83 */
84int ubi_change_vtbl_record(struct ubi_device *ubi, int idx,
85 struct ubi_vtbl_record *vtbl_rec)
86{
87 int i, err;
88 uint32_t crc;
89
90 ubi_assert(idx >= 0 && idx < ubi->vtbl_slots);
91
92 if (!vtbl_rec)
93 vtbl_rec = &empty_vtbl_record;
94 else {
95 crc = crc32(UBI_CRC32_INIT, vtbl_rec, UBI_VTBL_RECORD_SIZE_CRC);
96 vtbl_rec->crc = cpu_to_ubi32(crc);
97 }
98
99 dbg_msg("change record %d", idx);
100 ubi_dbg_dump_vtbl_record(vtbl_rec, idx);
101
102 mutex_lock(&ubi->vtbl_mutex);
103 memcpy(&ubi->vtbl[idx], vtbl_rec, sizeof(struct ubi_vtbl_record));
104 for (i = 0; i < UBI_LAYOUT_VOLUME_EBS; i++) {
105 err = ubi_eba_unmap_leb(ubi, UBI_LAYOUT_VOL_ID, i);
106 if (err) {
107 mutex_unlock(&ubi->vtbl_mutex);
108 return err;
109 }
110 err = ubi_eba_write_leb(ubi, UBI_LAYOUT_VOL_ID, i, ubi->vtbl, 0,
111 ubi->vtbl_size, UBI_LONGTERM);
112 if (err) {
113 mutex_unlock(&ubi->vtbl_mutex);
114 return err;
115 }
116 }
117
118 paranoid_vtbl_check(ubi);
119 mutex_unlock(&ubi->vtbl_mutex);
120 return ubi_wl_flush(ubi);
121}
122
123/**
124 * vol_til_check - check if volume table is not corrupted and contains sensible
125 * data.
126 *
127 * @ubi: UBI device description object
128 * @vtbl: volume table
129 *
130 * This function returns zero if @vtbl is all right, %1 if CRC is incorrect,
131 * and %-EINVAL if it contains inconsistent data.
132 */
133static int vtbl_check(const struct ubi_device *ubi,
134 const struct ubi_vtbl_record *vtbl)
135{
136 int i, n, reserved_pebs, alignment, data_pad, vol_type, name_len;
137 int upd_marker;
138 uint32_t crc;
139 const char *name;
140
141 for (i = 0; i < ubi->vtbl_slots; i++) {
142 cond_resched();
143
144 reserved_pebs = ubi32_to_cpu(vtbl[i].reserved_pebs);
145 alignment = ubi32_to_cpu(vtbl[i].alignment);
146 data_pad = ubi32_to_cpu(vtbl[i].data_pad);
147 upd_marker = vtbl[i].upd_marker;
148 vol_type = vtbl[i].vol_type;
149 name_len = ubi16_to_cpu(vtbl[i].name_len);
150 name = &vtbl[i].name[0];
151
152 crc = crc32(UBI_CRC32_INIT, &vtbl[i], UBI_VTBL_RECORD_SIZE_CRC);
153 if (ubi32_to_cpu(vtbl[i].crc) != crc) {
154 ubi_err("bad CRC at record %u: %#08x, not %#08x",
155 i, crc, ubi32_to_cpu(vtbl[i].crc));
156 ubi_dbg_dump_vtbl_record(&vtbl[i], i);
157 return 1;
158 }
159
160 if (reserved_pebs == 0) {
161 if (memcmp(&vtbl[i], &empty_vtbl_record,
162 UBI_VTBL_RECORD_SIZE)) {
163 dbg_err("bad empty record");
164 goto bad;
165 }
166 continue;
167 }
168
169 if (reserved_pebs < 0 || alignment < 0 || data_pad < 0 ||
170 name_len < 0) {
171 dbg_err("negative values");
172 goto bad;
173 }
174
175 if (alignment > ubi->leb_size || alignment == 0) {
176 dbg_err("bad alignment");
177 goto bad;
178 }
179
180 n = alignment % ubi->min_io_size;
181 if (alignment != 1 && n) {
182 dbg_err("alignment is not multiple of min I/O unit");
183 goto bad;
184 }
185
186 n = ubi->leb_size % alignment;
187 if (data_pad != n) {
188 dbg_err("bad data_pad, has to be %d", n);
189 goto bad;
190 }
191
192 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
193 dbg_err("bad vol_type");
194 goto bad;
195 }
196
197 if (upd_marker != 0 && upd_marker != 1) {
198 dbg_err("bad upd_marker");
199 goto bad;
200 }
201
202 if (reserved_pebs > ubi->good_peb_count) {
203 dbg_err("too large reserved_pebs, good PEBs %d",
204 ubi->good_peb_count);
205 goto bad;
206 }
207
208 if (name_len > UBI_VOL_NAME_MAX) {
209 dbg_err("too long volume name, max %d",
210 UBI_VOL_NAME_MAX);
211 goto bad;
212 }
213
214 if (name[0] == '\0') {
215 dbg_err("NULL volume name");
216 goto bad;
217 }
218
219 if (name_len != strnlen(name, name_len + 1)) {
220 dbg_err("bad name_len");
221 goto bad;
222 }
223 }
224
225 /* Checks that all names are unique */
226 for (i = 0; i < ubi->vtbl_slots - 1; i++) {
227 for (n = i + 1; n < ubi->vtbl_slots; n++) {
228 int len1 = ubi16_to_cpu(vtbl[i].name_len);
229 int len2 = ubi16_to_cpu(vtbl[n].name_len);
230
231 if (len1 > 0 && len1 == len2 &&
232 !strncmp(vtbl[i].name, vtbl[n].name, len1)) {
233 ubi_err("volumes %d and %d have the same name"
234 " \"%s\"", i, n, vtbl[i].name);
235 ubi_dbg_dump_vtbl_record(&vtbl[i], i);
236 ubi_dbg_dump_vtbl_record(&vtbl[n], n);
237 return -EINVAL;
238 }
239 }
240 }
241
242 return 0;
243
244bad:
245 ubi_err("volume table check failed, record %d", i);
246 ubi_dbg_dump_vtbl_record(&vtbl[i], i);
247 return -EINVAL;
248}
249
250/**
251 * create_vtbl - create a copy of volume table.
252 * @ubi: UBI device description object
253 * @si: scanning information
254 * @copy: number of the volume table copy
255 * @vtbl: contents of the volume table
256 *
257 * This function returns zero in case of success and a negative error code in
258 * case of failure.
259 */
260static int create_vtbl(const struct ubi_device *ubi, struct ubi_scan_info *si,
261 int copy, void *vtbl)
262{
263 int err, tries = 0;
264 static struct ubi_vid_hdr *vid_hdr;
265 struct ubi_scan_volume *sv;
266 struct ubi_scan_leb *new_seb, *old_seb = NULL;
267
268 ubi_msg("create volume table (copy #%d)", copy + 1);
269
270 vid_hdr = ubi_zalloc_vid_hdr(ubi);
271 if (!vid_hdr)
272 return -ENOMEM;
273
274 /*
275 * Check if there is a logical eraseblock which would have to contain
276 * this volume table copy was found during scanning. It has to be wiped
277 * out.
278 */
279 sv = ubi_scan_find_sv(si, UBI_LAYOUT_VOL_ID);
280 if (sv)
281 old_seb = ubi_scan_find_seb(sv, copy);
282
283retry:
284 new_seb = ubi_scan_get_free_peb(ubi, si);
285 if (IS_ERR(new_seb)) {
286 err = PTR_ERR(new_seb);
287 goto out_free;
288 }
289
290 vid_hdr->vol_type = UBI_VID_DYNAMIC;
291 vid_hdr->vol_id = cpu_to_ubi32(UBI_LAYOUT_VOL_ID);
292 vid_hdr->compat = UBI_LAYOUT_VOLUME_COMPAT;
293 vid_hdr->data_size = vid_hdr->used_ebs =
294 vid_hdr->data_pad = cpu_to_ubi32(0);
295 vid_hdr->lnum = cpu_to_ubi32(copy);
296 vid_hdr->sqnum = cpu_to_ubi64(++si->max_sqnum);
297 vid_hdr->leb_ver = cpu_to_ubi32(old_seb ? old_seb->leb_ver + 1: 0);
298
299 /* The EC header is already there, write the VID header */
300 err = ubi_io_write_vid_hdr(ubi, new_seb->pnum, vid_hdr);
301 if (err)
302 goto write_error;
303
304 /* Write the layout volume contents */
305 err = ubi_io_write_data(ubi, vtbl, new_seb->pnum, 0, ubi->vtbl_size);
306 if (err)
307 goto write_error;
308
309 /*
310 * And add it to the scanning information. Don't delete the old
311 * @old_seb as it will be deleted and freed in 'ubi_scan_add_used()'.
312 */
313 err = ubi_scan_add_used(ubi, si, new_seb->pnum, new_seb->ec,
314 vid_hdr, 0);
315 kfree(new_seb);
316 ubi_free_vid_hdr(ubi, vid_hdr);
317 return err;
318
319write_error:
320 kfree(new_seb);
321 /* May be this physical eraseblock went bad, try to pick another one */
322 if (++tries <= 5) {
323 err = ubi_scan_add_to_list(si, new_seb->pnum, new_seb->ec,
324 &si->corr);
325 if (!err)
326 goto retry;
327 }
328out_free:
329 ubi_free_vid_hdr(ubi, vid_hdr);
330 return err;
331
332}
333
334/**
335 * process_lvol - process the layout volume.
336 * @ubi: UBI device description object
337 * @si: scanning information
338 * @sv: layout volume scanning information
339 *
340 * This function is responsible for reading the layout volume, ensuring it is
341 * not corrupted, and recovering from corruptions if needed. Returns volume
342 * table in case of success and a negative error code in case of failure.
343 */
344static struct ubi_vtbl_record *process_lvol(const struct ubi_device *ubi,
345 struct ubi_scan_info *si,
346 struct ubi_scan_volume *sv)
347{
348 int err;
349 struct rb_node *rb;
350 struct ubi_scan_leb *seb;
351 struct ubi_vtbl_record *leb[UBI_LAYOUT_VOLUME_EBS] = { NULL, NULL };
352 int leb_corrupted[UBI_LAYOUT_VOLUME_EBS] = {1, 1};
353
354 /*
355 * UBI goes through the following steps when it changes the layout
356 * volume:
357 * a. erase LEB 0;
358 * b. write new data to LEB 0;
359 * c. erase LEB 1;
360 * d. write new data to LEB 1.
361 *
362 * Before the change, both LEBs contain the same data.
363 *
364 * Due to unclean reboots, the contents of LEB 0 may be lost, but there
365 * should LEB 1. So it is OK if LEB 0 is corrupted while LEB 1 is not.
366 * Similarly, LEB 1 may be lost, but there should be LEB 0. And
367 * finally, unclean reboots may result in a situation when neither LEB
368 * 0 nor LEB 1 are corrupted, but they are different. In this case, LEB
369 * 0 contains more recent information.
370 *
371 * So the plan is to first check LEB 0. Then
372 * a. if LEB 0 is OK, it must be containing the most resent data; then
373 * we compare it with LEB 1, and if they are different, we copy LEB
374 * 0 to LEB 1;
375 * b. if LEB 0 is corrupted, but LEB 1 has to be OK, and we copy LEB 1
376 * to LEB 0.
377 */
378
379 dbg_msg("check layout volume");
380
381 /* Read both LEB 0 and LEB 1 into memory */
382 ubi_rb_for_each_entry(rb, seb, &sv->root, u.rb) {
383 leb[seb->lnum] = kzalloc(ubi->vtbl_size, GFP_KERNEL);
384 if (!leb[seb->lnum]) {
385 err = -ENOMEM;
386 goto out_free;
387 }
388
389 err = ubi_io_read_data(ubi, leb[seb->lnum], seb->pnum, 0,
390 ubi->vtbl_size);
391 if (err == UBI_IO_BITFLIPS || err == -EBADMSG)
392 /* Scrub the PEB later */
393 seb->scrub = 1;
394 else if (err)
395 goto out_free;
396 }
397
398 err = -EINVAL;
399 if (leb[0]) {
400 leb_corrupted[0] = vtbl_check(ubi, leb[0]);
401 if (leb_corrupted[0] < 0)
402 goto out_free;
403 }
404
405 if (!leb_corrupted[0]) {
406 /* LEB 0 is OK */
407 if (leb[1])
408 leb_corrupted[1] = memcmp(leb[0], leb[1], ubi->vtbl_size);
409 if (leb_corrupted[1]) {
410 ubi_warn("volume table copy #2 is corrupted");
411 err = create_vtbl(ubi, si, 1, leb[0]);
412 if (err)
413 goto out_free;
414 ubi_msg("volume table was restored");
415 }
416
417 /* Both LEB 1 and LEB 2 are OK and consistent */
418 kfree(leb[1]);
419 return leb[0];
420 } else {
421 /* LEB 0 is corrupted or does not exist */
422 if (leb[1]) {
423 leb_corrupted[1] = vtbl_check(ubi, leb[1]);
424 if (leb_corrupted[1] < 0)
425 goto out_free;
426 }
427 if (leb_corrupted[1]) {
428 /* Both LEB 0 and LEB 1 are corrupted */
429 ubi_err("both volume tables are corrupted");
430 goto out_free;
431 }
432
433 ubi_warn("volume table copy #1 is corrupted");
434 err = create_vtbl(ubi, si, 0, leb[1]);
435 if (err)
436 goto out_free;
437 ubi_msg("volume table was restored");
438
439 kfree(leb[0]);
440 return leb[1];
441 }
442
443out_free:
444 kfree(leb[0]);
445 kfree(leb[1]);
446 return ERR_PTR(err);
447}
448
449/**
450 * create_empty_lvol - create empty layout volume.
451 * @ubi: UBI device description object
452 * @si: scanning information
453 *
454 * This function returns volume table contents in case of success and a
455 * negative error code in case of failure.
456 */
457static struct ubi_vtbl_record *create_empty_lvol(const struct ubi_device *ubi,
458 struct ubi_scan_info *si)
459{
460 int i;
461 struct ubi_vtbl_record *vtbl;
462
463 vtbl = kzalloc(ubi->vtbl_size, GFP_KERNEL);
464 if (!vtbl)
465 return ERR_PTR(-ENOMEM);
466
467 for (i = 0; i < ubi->vtbl_slots; i++)
468 memcpy(&vtbl[i], &empty_vtbl_record, UBI_VTBL_RECORD_SIZE);
469
470 for (i = 0; i < UBI_LAYOUT_VOLUME_EBS; i++) {
471 int err;
472
473 err = create_vtbl(ubi, si, i, vtbl);
474 if (err) {
475 kfree(vtbl);
476 return ERR_PTR(err);
477 }
478 }
479
480 return vtbl;
481}
482
483/**
484 * init_volumes - initialize volume information for existing volumes.
485 * @ubi: UBI device description object
486 * @si: scanning information
487 * @vtbl: volume table
488 *
489 * This function allocates volume description objects for existing volumes.
490 * Returns zero in case of success and a negative error code in case of
491 * failure.
492 */
493static int init_volumes(struct ubi_device *ubi, const struct ubi_scan_info *si,
494 const struct ubi_vtbl_record *vtbl)
495{
496 int i, reserved_pebs = 0;
497 struct ubi_scan_volume *sv;
498 struct ubi_volume *vol;
499
500 for (i = 0; i < ubi->vtbl_slots; i++) {
501 cond_resched();
502
503 if (ubi32_to_cpu(vtbl[i].reserved_pebs) == 0)
504 continue; /* Empty record */
505
506 vol = kzalloc(sizeof(struct ubi_volume), GFP_KERNEL);
507 if (!vol)
508 return -ENOMEM;
509
510 vol->reserved_pebs = ubi32_to_cpu(vtbl[i].reserved_pebs);
511 vol->alignment = ubi32_to_cpu(vtbl[i].alignment);
512 vol->data_pad = ubi32_to_cpu(vtbl[i].data_pad);
513 vol->vol_type = vtbl[i].vol_type == UBI_VID_DYNAMIC ?
514 UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME;
515 vol->name_len = ubi16_to_cpu(vtbl[i].name_len);
516 vol->usable_leb_size = ubi->leb_size - vol->data_pad;
517 memcpy(vol->name, vtbl[i].name, vol->name_len);
518 vol->name[vol->name_len] = '\0';
519 vol->vol_id = i;
520
521 ubi_assert(!ubi->volumes[i]);
522 ubi->volumes[i] = vol;
523 ubi->vol_count += 1;
524 vol->ubi = ubi;
525 reserved_pebs += vol->reserved_pebs;
526
527 /*
528 * In case of dynamic volume UBI knows nothing about how many
529 * data is stored there. So assume the whole volume is used.
530 */
531 if (vol->vol_type == UBI_DYNAMIC_VOLUME) {
532 vol->used_ebs = vol->reserved_pebs;
533 vol->last_eb_bytes = vol->usable_leb_size;
534 vol->used_bytes = vol->used_ebs * vol->usable_leb_size;
535 continue;
536 }
537
538 /* Static volumes only */
539 sv = ubi_scan_find_sv(si, i);
540 if (!sv) {
541 /*
542 * No eraseblocks belonging to this volume found. We
543 * don't actually know whether this static volume is
544 * completely corrupted or just contains no data. And
545 * we cannot know this as long as data size is not
546 * stored on flash. So we just assume the volume is
547 * empty. FIXME: this should be handled.
548 */
549 continue;
550 }
551
552 if (sv->leb_count != sv->used_ebs) {
553 /*
554 * We found a static volume which misses several
555 * eraseblocks. Treat it as corrupted.
556 */
557 ubi_warn("static volume %d misses %d LEBs - corrupted",
558 sv->vol_id, sv->used_ebs - sv->leb_count);
559 vol->corrupted = 1;
560 continue;
561 }
562
563 vol->used_ebs = sv->used_ebs;
564 vol->used_bytes = (vol->used_ebs - 1) * vol->usable_leb_size;
565 vol->used_bytes += sv->last_data_size;
566 vol->last_eb_bytes = sv->last_data_size;
567 }
568
569 vol = kzalloc(sizeof(struct ubi_volume), GFP_KERNEL);
570 if (!vol)
571 return -ENOMEM;
572
573 vol->reserved_pebs = UBI_LAYOUT_VOLUME_EBS;
574 vol->alignment = 1;
575 vol->vol_type = UBI_DYNAMIC_VOLUME;
576 vol->name_len = sizeof(UBI_LAYOUT_VOLUME_NAME) - 1;
577 memcpy(vol->name, UBI_LAYOUT_VOLUME_NAME, vol->name_len + 1);
578 vol->usable_leb_size = ubi->leb_size;
579 vol->used_ebs = vol->reserved_pebs;
580 vol->last_eb_bytes = vol->reserved_pebs;
581 vol->used_bytes = vol->used_ebs * (ubi->leb_size - vol->data_pad);
582 vol->vol_id = UBI_LAYOUT_VOL_ID;
583
584 ubi_assert(!ubi->volumes[i]);
585 ubi->volumes[vol_id2idx(ubi, vol->vol_id)] = vol;
586 reserved_pebs += vol->reserved_pebs;
587 ubi->vol_count += 1;
588 vol->ubi = ubi;
589
590 if (reserved_pebs > ubi->avail_pebs)
591 ubi_err("not enough PEBs, required %d, available %d",
592 reserved_pebs, ubi->avail_pebs);
593 ubi->rsvd_pebs += reserved_pebs;
594 ubi->avail_pebs -= reserved_pebs;
595
596 return 0;
597}
598
599/**
600 * check_sv - check volume scanning information.
601 * @vol: UBI volume description object
602 * @sv: volume scanning information
603 *
604 * This function returns zero if the volume scanning information is consistent
605 * to the data read from the volume tabla, and %-EINVAL if not.
606 */
607static int check_sv(const struct ubi_volume *vol,
608 const struct ubi_scan_volume *sv)
609{
610 if (sv->highest_lnum >= vol->reserved_pebs) {
611 dbg_err("bad highest_lnum");
612 goto bad;
613 }
614 if (sv->leb_count > vol->reserved_pebs) {
615 dbg_err("bad leb_count");
616 goto bad;
617 }
618 if (sv->vol_type != vol->vol_type) {
619 dbg_err("bad vol_type");
620 goto bad;
621 }
622 if (sv->used_ebs > vol->reserved_pebs) {
623 dbg_err("bad used_ebs");
624 goto bad;
625 }
626 if (sv->data_pad != vol->data_pad) {
627 dbg_err("bad data_pad");
628 goto bad;
629 }
630 return 0;
631
632bad:
633 ubi_err("bad scanning information");
634 ubi_dbg_dump_sv(sv);
635 ubi_dbg_dump_vol_info(vol);
636 return -EINVAL;
637}
638
639/**
640 * check_scanning_info - check that scanning information.
641 * @ubi: UBI device description object
642 * @si: scanning information
643 *
644 * Even though we protect on-flash data by CRC checksums, we still don't trust
645 * the media. This function ensures that scanning information is consistent to
646 * the information read from the volume table. Returns zero if the scanning
647 * information is OK and %-EINVAL if it is not.
648 */
649static int check_scanning_info(const struct ubi_device *ubi,
650 struct ubi_scan_info *si)
651{
652 int err, i;
653 struct ubi_scan_volume *sv;
654 struct ubi_volume *vol;
655
656 if (si->vols_found > UBI_INT_VOL_COUNT + ubi->vtbl_slots) {
657 ubi_err("scanning found %d volumes, maximum is %d + %d",
658 si->vols_found, UBI_INT_VOL_COUNT, ubi->vtbl_slots);
659 return -EINVAL;
660 }
661
662 if (si->highest_vol_id >= ubi->vtbl_slots + UBI_INT_VOL_COUNT&&
663 si->highest_vol_id < UBI_INTERNAL_VOL_START) {
664 ubi_err("too large volume ID %d found by scanning",
665 si->highest_vol_id);
666 return -EINVAL;
667 }
668
669
670 for (i = 0; i < ubi->vtbl_slots + UBI_INT_VOL_COUNT; i++) {
671 cond_resched();
672
673 sv = ubi_scan_find_sv(si, i);
674 vol = ubi->volumes[i];
675 if (!vol) {
676 if (sv)
677 ubi_scan_rm_volume(si, sv);
678 continue;
679 }
680
681 if (vol->reserved_pebs == 0) {
682 ubi_assert(i < ubi->vtbl_slots);
683
684 if (!sv)
685 continue;
686
687 /*
688 * During scanning we found a volume which does not
689 * exist according to the information in the volume
690 * table. This must have happened due to an unclean
691 * reboot while the volume was being removed. Discard
692 * these eraseblocks.
693 */
694 ubi_msg("finish volume %d removal", sv->vol_id);
695 ubi_scan_rm_volume(si, sv);
696 } else if (sv) {
697 err = check_sv(vol, sv);
698 if (err)
699 return err;
700 }
701 }
702
703 return 0;
704}
705
706/**
707 * ubi_read_volume_table - read volume table.
708 * information.
709 * @ubi: UBI device description object
710 * @si: scanning information
711 *
712 * This function reads volume table, checks it, recover from errors if needed,
713 * or creates it if needed. Returns zero in case of success and a negative
714 * error code in case of failure.
715 */
716int ubi_read_volume_table(struct ubi_device *ubi, struct ubi_scan_info *si)
717{
718 int i, err;
719 struct ubi_scan_volume *sv;
720
721 empty_vtbl_record.crc = cpu_to_ubi32(0xf116c36b);
722
723 /*
724 * The number of supported volumes is limited by the eraseblock size
725 * and by the UBI_MAX_VOLUMES constant.
726 */
727 ubi->vtbl_slots = ubi->leb_size / UBI_VTBL_RECORD_SIZE;
728 if (ubi->vtbl_slots > UBI_MAX_VOLUMES)
729 ubi->vtbl_slots = UBI_MAX_VOLUMES;
730
731 ubi->vtbl_size = ubi->vtbl_slots * UBI_VTBL_RECORD_SIZE;
732 ubi->vtbl_size = ALIGN(ubi->vtbl_size, ubi->min_io_size);
733
734 sv = ubi_scan_find_sv(si, UBI_LAYOUT_VOL_ID);
735 if (!sv) {
736 /*
737 * No logical eraseblocks belonging to the layout volume were
738 * found. This could mean that the flash is just empty. In
739 * this case we create empty layout volume.
740 *
741 * But if flash is not empty this must be a corruption or the
742 * MTD device just contains garbage.
743 */
744 if (si->is_empty) {
745 ubi->vtbl = create_empty_lvol(ubi, si);
746 if (IS_ERR(ubi->vtbl))
747 return PTR_ERR(ubi->vtbl);
748 } else {
749 ubi_err("the layout volume was not found");
750 return -EINVAL;
751 }
752 } else {
753 if (sv->leb_count > UBI_LAYOUT_VOLUME_EBS) {
754 /* This must not happen with proper UBI images */
755 dbg_err("too many LEBs (%d) in layout volume",
756 sv->leb_count);
757 return -EINVAL;
758 }
759
760 ubi->vtbl = process_lvol(ubi, si, sv);
761 if (IS_ERR(ubi->vtbl))
762 return PTR_ERR(ubi->vtbl);
763 }
764
765 ubi->avail_pebs = ubi->good_peb_count;
766
767 /*
768 * The layout volume is OK, initialize the corresponding in-RAM data
769 * structures.
770 */
771 err = init_volumes(ubi, si, ubi->vtbl);
772 if (err)
773 goto out_free;
774
775 /*
776 * Get sure that the scanning information is consistent to the
777 * information stored in the volume table.
778 */
779 err = check_scanning_info(ubi, si);
780 if (err)
781 goto out_free;
782
783 return 0;
784
785out_free:
786 kfree(ubi->vtbl);
787 for (i = 0; i < ubi->vtbl_slots + UBI_INT_VOL_COUNT; i++)
788 if (ubi->volumes[i]) {
789 kfree(ubi->volumes[i]);
790 ubi->volumes[i] = NULL;
791 }
792 return err;
793}
794
795#ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
796
797/**
798 * paranoid_vtbl_check - check volume table.
799 * @ubi: UBI device description object
800 */
801static void paranoid_vtbl_check(const struct ubi_device *ubi)
802{
803 if (vtbl_check(ubi, ubi->vtbl)) {
804 ubi_err("paranoid check failed");
805 BUG();
806 }
807}
808
809#endif /* CONFIG_MTD_UBI_DEBUG_PARANOID */