xref: /openbmc/linux/drivers/mtd/ubi/io.c (revision e868d61272caa648214046a096e5a6bfc068dc8c)
1 /*
2  * Copyright (c) International Business Machines Corp., 2006
3  * Copyright (c) Nokia Corporation, 2006, 2007
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13  * the GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  *
19  * Author: Artem Bityutskiy (Битюцкий Артём)
20  */
21 
22 /*
23  * UBI input/output unit.
24  *
25  * This unit provides a uniform way to work with all kinds of the underlying
26  * MTD devices. It also implements handy functions for reading and writing UBI
27  * headers.
28  *
29  * We are trying to have a paranoid mindset and not to trust to what we read
30  * from the flash media in order to be more secure and robust. So this unit
31  * validates every single header it reads from the flash media.
32  *
33  * Some words about how the eraseblock headers are stored.
34  *
35  * The erase counter header is always stored at offset zero. By default, the
36  * VID header is stored after the EC header at the closest aligned offset
37  * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
38  * header at the closest aligned offset. But this default layout may be
39  * changed. For example, for different reasons (e.g., optimization) UBI may be
40  * asked to put the VID header at further offset, and even at an unaligned
41  * offset. Of course, if the offset of the VID header is unaligned, UBI adds
42  * proper padding in front of it. Data offset may also be changed but it has to
43  * be aligned.
44  *
45  * About minimal I/O units. In general, UBI assumes flash device model where
46  * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
47  * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
48  * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
49  * (smaller) minimal I/O unit size for EC and VID headers to make it possible
50  * to do different optimizations.
51  *
52  * This is extremely useful in case of NAND flashes which admit of several
53  * write operations to one NAND page. In this case UBI can fit EC and VID
54  * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
55  * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
56  * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
57  * users.
58  *
59  * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
60  * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
61  * headers.
62  *
63  * Q: why not just to treat sub-page as a minimal I/O unit of this flash
64  * device, e.g., make @ubi->min_io_size = 512 in the example above?
65  *
66  * A: because when writing a sub-page, MTD still writes a full 2K page but the
67  * bytes which are no relevant to the sub-page are 0xFF. So, basically, writing
68  * 4x512 sub-pages is 4 times slower then writing one 2KiB NAND page. Thus, we
69  * prefer to use sub-pages only for EV and VID headers.
70  *
71  * As it was noted above, the VID header may start at a non-aligned offset.
72  * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
73  * the VID header may reside at offset 1984 which is the last 64 bytes of the
74  * last sub-page (EC header is always at offset zero). This causes some
75  * difficulties when reading and writing VID headers.
76  *
77  * Suppose we have a 64-byte buffer and we read a VID header at it. We change
78  * the data and want to write this VID header out. As we can only write in
79  * 512-byte chunks, we have to allocate one more buffer and copy our VID header
80  * to offset 448 of this buffer.
81  *
82  * The I/O unit does the following trick in order to avoid this extra copy.
83  * It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID header
84  * and returns a pointer to offset @ubi->vid_hdr_shift of this buffer. When the
85  * VID header is being written out, it shifts the VID header pointer back and
86  * writes the whole sub-page.
87  */
88 
89 #include <linux/crc32.h>
90 #include <linux/err.h>
91 #include "ubi.h"
92 
93 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
94 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum);
95 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
96 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
97 				 const struct ubi_ec_hdr *ec_hdr);
98 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
99 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
100 				  const struct ubi_vid_hdr *vid_hdr);
101 static int paranoid_check_all_ff(const struct ubi_device *ubi, int pnum,
102 				 int offset, int len);
103 #else
104 #define paranoid_check_not_bad(ubi, pnum) 0
105 #define paranoid_check_peb_ec_hdr(ubi, pnum)  0
106 #define paranoid_check_ec_hdr(ubi, pnum, ec_hdr)  0
107 #define paranoid_check_peb_vid_hdr(ubi, pnum) 0
108 #define paranoid_check_vid_hdr(ubi, pnum, vid_hdr) 0
109 #define paranoid_check_all_ff(ubi, pnum, offset, len) 0
110 #endif
111 
112 /**
113  * ubi_io_read - read data from a physical eraseblock.
114  * @ubi: UBI device description object
115  * @buf: buffer where to store the read data
116  * @pnum: physical eraseblock number to read from
117  * @offset: offset within the physical eraseblock from where to read
118  * @len: how many bytes to read
119  *
120  * This function reads data from offset @offset of physical eraseblock @pnum
121  * and stores the read data in the @buf buffer. The following return codes are
122  * possible:
123  *
124  * o %0 if all the requested data were successfully read;
125  * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
126  *   correctable bit-flips were detected; this is harmless but may indicate
127  *   that this eraseblock may become bad soon (but do not have to);
128  * o %-EBADMSG if the MTD subsystem reported about data data integrity
129  *   problems, for example it can me an ECC error in case of NAND; this most
130  *   probably means that the data is corrupted;
131  * o %-EIO if some I/O error occurred;
132  * o other negative error codes in case of other errors.
133  */
134 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
135 		int len)
136 {
137 	int err, retries = 0;
138 	size_t read;
139 	loff_t addr;
140 
141 	dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
142 
143 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
144 	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
145 	ubi_assert(len > 0);
146 
147 	err = paranoid_check_not_bad(ubi, pnum);
148 	if (err)
149 		return err > 0 ? -EINVAL : err;
150 
151 	addr = (loff_t)pnum * ubi->peb_size + offset;
152 retry:
153 	err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
154 	if (err) {
155 		if (err == -EUCLEAN) {
156 			/*
157 			 * -EUCLEAN is reported if there was a bit-flip which
158 			 * was corrected, so this is harmless.
159 			 */
160 			ubi_msg("fixable bit-flip detected at PEB %d", pnum);
161 			ubi_assert(len == read);
162 			return UBI_IO_BITFLIPS;
163 		}
164 
165 		if (read != len && retries++ < UBI_IO_RETRIES) {
166 			dbg_io("error %d while reading %d bytes from PEB %d:%d, "
167 			       "read only %zd bytes, retry",
168 			       err, len, pnum, offset, read);
169 			yield();
170 			goto retry;
171 		}
172 
173 		ubi_err("error %d while reading %d bytes from PEB %d:%d, "
174 			"read %zd bytes", err, len, pnum, offset, read);
175 		ubi_dbg_dump_stack();
176 	} else {
177 		ubi_assert(len == read);
178 
179 		if (ubi_dbg_is_bitflip()) {
180 			dbg_msg("bit-flip (emulated)");
181 			err = UBI_IO_BITFLIPS;
182 		}
183 	}
184 
185 	return err;
186 }
187 
188 /**
189  * ubi_io_write - write data to a physical eraseblock.
190  * @ubi: UBI device description object
191  * @buf: buffer with the data to write
192  * @pnum: physical eraseblock number to write to
193  * @offset: offset within the physical eraseblock where to write
194  * @len: how many bytes to write
195  *
196  * This function writes @len bytes of data from buffer @buf to offset @offset
197  * of physical eraseblock @pnum. If all the data were successfully written,
198  * zero is returned. If an error occurred, this function returns a negative
199  * error code. If %-EIO is returned, the physical eraseblock most probably went
200  * bad.
201  *
202  * Note, in case of an error, it is possible that something was still written
203  * to the flash media, but may be some garbage.
204  */
205 int ubi_io_write(const struct ubi_device *ubi, const void *buf, int pnum,
206 		 int offset, int len)
207 {
208 	int err;
209 	size_t written;
210 	loff_t addr;
211 
212 	dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
213 
214 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
215 	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
216 	ubi_assert(offset % ubi->hdrs_min_io_size == 0);
217 	ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
218 
219 	if (ubi->ro_mode) {
220 		ubi_err("read-only mode");
221 		return -EROFS;
222 	}
223 
224 	/* The below has to be compiled out if paranoid checks are disabled */
225 
226 	err = paranoid_check_not_bad(ubi, pnum);
227 	if (err)
228 		return err > 0 ? -EINVAL : err;
229 
230 	/* The area we are writing to has to contain all 0xFF bytes */
231 	err = paranoid_check_all_ff(ubi, pnum, offset, len);
232 	if (err)
233 		return err > 0 ? -EINVAL : err;
234 
235 	if (offset >= ubi->leb_start) {
236 		/*
237 		 * We write to the data area of the physical eraseblock. Make
238 		 * sure it has valid EC and VID headers.
239 		 */
240 		err = paranoid_check_peb_ec_hdr(ubi, pnum);
241 		if (err)
242 			return err > 0 ? -EINVAL : err;
243 		err = paranoid_check_peb_vid_hdr(ubi, pnum);
244 		if (err)
245 			return err > 0 ? -EINVAL : err;
246 	}
247 
248 	if (ubi_dbg_is_write_failure()) {
249 		dbg_err("cannot write %d bytes to PEB %d:%d "
250 			"(emulated)", len, pnum, offset);
251 		ubi_dbg_dump_stack();
252 		return -EIO;
253 	}
254 
255 	addr = (loff_t)pnum * ubi->peb_size + offset;
256 	err = ubi->mtd->write(ubi->mtd, addr, len, &written, buf);
257 	if (err) {
258 		ubi_err("error %d while writing %d bytes to PEB %d:%d, written"
259 			" %zd bytes", err, len, pnum, offset, written);
260 		ubi_dbg_dump_stack();
261 	} else
262 		ubi_assert(written == len);
263 
264 	return err;
265 }
266 
267 /**
268  * erase_callback - MTD erasure call-back.
269  * @ei: MTD erase information object.
270  *
271  * Note, even though MTD erase interface is asynchronous, all the current
272  * implementations are synchronous anyway.
273  */
274 static void erase_callback(struct erase_info *ei)
275 {
276 	wake_up_interruptible((wait_queue_head_t *)ei->priv);
277 }
278 
279 /**
280  * do_sync_erase - synchronously erase a physical eraseblock.
281  * @ubi: UBI device description object
282  * @pnum: the physical eraseblock number to erase
283  *
284  * This function synchronously erases physical eraseblock @pnum and returns
285  * zero in case of success and a negative error code in case of failure. If
286  * %-EIO is returned, the physical eraseblock most probably went bad.
287  */
288 static int do_sync_erase(const struct ubi_device *ubi, int pnum)
289 {
290 	int err, retries = 0;
291 	struct erase_info ei;
292 	wait_queue_head_t wq;
293 
294 	dbg_io("erase PEB %d", pnum);
295 
296 retry:
297 	init_waitqueue_head(&wq);
298 	memset(&ei, 0, sizeof(struct erase_info));
299 
300 	ei.mtd      = ubi->mtd;
301 	ei.addr     = pnum * ubi->peb_size;
302 	ei.len      = ubi->peb_size;
303 	ei.callback = erase_callback;
304 	ei.priv     = (unsigned long)&wq;
305 
306 	err = ubi->mtd->erase(ubi->mtd, &ei);
307 	if (err) {
308 		if (retries++ < UBI_IO_RETRIES) {
309 			dbg_io("error %d while erasing PEB %d, retry",
310 			       err, pnum);
311 			yield();
312 			goto retry;
313 		}
314 		ubi_err("cannot erase PEB %d, error %d", pnum, err);
315 		ubi_dbg_dump_stack();
316 		return err;
317 	}
318 
319 	err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
320 					   ei.state == MTD_ERASE_FAILED);
321 	if (err) {
322 		ubi_err("interrupted PEB %d erasure", pnum);
323 		return -EINTR;
324 	}
325 
326 	if (ei.state == MTD_ERASE_FAILED) {
327 		if (retries++ < UBI_IO_RETRIES) {
328 			dbg_io("error while erasing PEB %d, retry", pnum);
329 			yield();
330 			goto retry;
331 		}
332 		ubi_err("cannot erase PEB %d", pnum);
333 		ubi_dbg_dump_stack();
334 		return -EIO;
335 	}
336 
337 	err = paranoid_check_all_ff(ubi, pnum, 0, ubi->peb_size);
338 	if (err)
339 		return err > 0 ? -EINVAL : err;
340 
341 	if (ubi_dbg_is_erase_failure() && !err) {
342 		dbg_err("cannot erase PEB %d (emulated)", pnum);
343 		return -EIO;
344 	}
345 
346 	return 0;
347 }
348 
349 /**
350  * check_pattern - check if buffer contains only a certain byte pattern.
351  * @buf: buffer to check
352  * @patt: the pattern to check
353  * @size: buffer size in bytes
354  *
355  * This function returns %1 in there are only @patt bytes in @buf, and %0 if
356  * something else was also found.
357  */
358 static int check_pattern(const void *buf, uint8_t patt, int size)
359 {
360 	int i;
361 
362 	for (i = 0; i < size; i++)
363 		if (((const uint8_t *)buf)[i] != patt)
364 			return 0;
365 	return 1;
366 }
367 
368 /* Patterns to write to a physical eraseblock when torturing it */
369 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
370 
371 /**
372  * torture_peb - test a supposedly bad physical eraseblock.
373  * @ubi: UBI device description object
374  * @pnum: the physical eraseblock number to test
375  *
376  * This function returns %-EIO if the physical eraseblock did not pass the
377  * test, a positive number of erase operations done if the test was
378  * successfully passed, and other negative error codes in case of other errors.
379  */
380 static int torture_peb(const struct ubi_device *ubi, int pnum)
381 {
382 	void *buf;
383 	int err, i, patt_count;
384 
385 	buf = kmalloc(ubi->peb_size, GFP_KERNEL);
386 	if (!buf)
387 		return -ENOMEM;
388 
389 	patt_count = ARRAY_SIZE(patterns);
390 	ubi_assert(patt_count > 0);
391 
392 	for (i = 0; i < patt_count; i++) {
393 		err = do_sync_erase(ubi, pnum);
394 		if (err)
395 			goto out;
396 
397 		/* Make sure the PEB contains only 0xFF bytes */
398 		err = ubi_io_read(ubi, buf, pnum, 0, ubi->peb_size);
399 		if (err)
400 			goto out;
401 
402 		err = check_pattern(buf, 0xFF, ubi->peb_size);
403 		if (err == 0) {
404 			ubi_err("erased PEB %d, but a non-0xFF byte found",
405 				pnum);
406 			err = -EIO;
407 			goto out;
408 		}
409 
410 		/* Write a pattern and check it */
411 		memset(buf, patterns[i], ubi->peb_size);
412 		err = ubi_io_write(ubi, buf, pnum, 0, ubi->peb_size);
413 		if (err)
414 			goto out;
415 
416 		memset(buf, ~patterns[i], ubi->peb_size);
417 		err = ubi_io_read(ubi, buf, pnum, 0, ubi->peb_size);
418 		if (err)
419 			goto out;
420 
421 		err = check_pattern(buf, patterns[i], ubi->peb_size);
422 		if (err == 0) {
423 			ubi_err("pattern %x checking failed for PEB %d",
424 				patterns[i], pnum);
425 			err = -EIO;
426 			goto out;
427 		}
428 	}
429 
430 	err = patt_count;
431 
432 out:
433 	if (err == UBI_IO_BITFLIPS || err == -EBADMSG)
434 		/*
435 		 * If a bit-flip or data integrity error was detected, the test
436 		 * has not passed because it happened on a freshly erased
437 		 * physical eraseblock which means something is wrong with it.
438 		 */
439 		err = -EIO;
440 	kfree(buf);
441 	return err;
442 }
443 
444 /**
445  * ubi_io_sync_erase - synchronously erase a physical eraseblock.
446  * @ubi: UBI device description object
447  * @pnum: physical eraseblock number to erase
448  * @torture: if this physical eraseblock has to be tortured
449  *
450  * This function synchronously erases physical eraseblock @pnum. If @torture
451  * flag is not zero, the physical eraseblock is checked by means of writing
452  * different patterns to it and reading them back. If the torturing is enabled,
453  * the physical eraseblock is erased more then once.
454  *
455  * This function returns the number of erasures made in case of success, %-EIO
456  * if the erasure failed or the torturing test failed, and other negative error
457  * codes in case of other errors. Note, %-EIO means that the physical
458  * eraseblock is bad.
459  */
460 int ubi_io_sync_erase(const struct ubi_device *ubi, int pnum, int torture)
461 {
462 	int err, ret = 0;
463 
464 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
465 
466 	err = paranoid_check_not_bad(ubi, pnum);
467 	if (err != 0)
468 		return err > 0 ? -EINVAL : err;
469 
470 	if (ubi->ro_mode) {
471 		ubi_err("read-only mode");
472 		return -EROFS;
473 	}
474 
475 	if (torture) {
476 		ret = torture_peb(ubi, pnum);
477 		if (ret < 0)
478 			return ret;
479 	}
480 
481 	err = do_sync_erase(ubi, pnum);
482 	if (err)
483 		return err;
484 
485 	return ret + 1;
486 }
487 
488 /**
489  * ubi_io_is_bad - check if a physical eraseblock is bad.
490  * @ubi: UBI device description object
491  * @pnum: the physical eraseblock number to check
492  *
493  * This function returns a positive number if the physical eraseblock is bad,
494  * zero if not, and a negative error code if an error occurred.
495  */
496 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
497 {
498 	struct mtd_info *mtd = ubi->mtd;
499 
500 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
501 
502 	if (ubi->bad_allowed) {
503 		int ret;
504 
505 		ret = mtd->block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
506 		if (ret < 0)
507 			ubi_err("error %d while checking if PEB %d is bad",
508 				ret, pnum);
509 		else if (ret)
510 			dbg_io("PEB %d is bad", pnum);
511 		return ret;
512 	}
513 
514 	return 0;
515 }
516 
517 /**
518  * ubi_io_mark_bad - mark a physical eraseblock as bad.
519  * @ubi: UBI device description object
520  * @pnum: the physical eraseblock number to mark
521  *
522  * This function returns zero in case of success and a negative error code in
523  * case of failure.
524  */
525 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
526 {
527 	int err;
528 	struct mtd_info *mtd = ubi->mtd;
529 
530 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
531 
532 	if (ubi->ro_mode) {
533 		ubi_err("read-only mode");
534 		return -EROFS;
535 	}
536 
537 	if (!ubi->bad_allowed)
538 		return 0;
539 
540 	err = mtd->block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
541 	if (err)
542 		ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
543 	return err;
544 }
545 
546 /**
547  * validate_ec_hdr - validate an erase counter header.
548  * @ubi: UBI device description object
549  * @ec_hdr: the erase counter header to check
550  *
551  * This function returns zero if the erase counter header is OK, and %1 if
552  * not.
553  */
554 static int validate_ec_hdr(const struct ubi_device *ubi,
555 			   const struct ubi_ec_hdr *ec_hdr)
556 {
557 	long long ec;
558 	int vid_hdr_offset, leb_start;
559 
560 	ec = ubi64_to_cpu(ec_hdr->ec);
561 	vid_hdr_offset = ubi32_to_cpu(ec_hdr->vid_hdr_offset);
562 	leb_start = ubi32_to_cpu(ec_hdr->data_offset);
563 
564 	if (ec_hdr->version != UBI_VERSION) {
565 		ubi_err("node with incompatible UBI version found: "
566 			"this UBI version is %d, image version is %d",
567 			UBI_VERSION, (int)ec_hdr->version);
568 		goto bad;
569 	}
570 
571 	if (vid_hdr_offset != ubi->vid_hdr_offset) {
572 		ubi_err("bad VID header offset %d, expected %d",
573 			vid_hdr_offset, ubi->vid_hdr_offset);
574 		goto bad;
575 	}
576 
577 	if (leb_start != ubi->leb_start) {
578 		ubi_err("bad data offset %d, expected %d",
579 			leb_start, ubi->leb_start);
580 		goto bad;
581 	}
582 
583 	if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
584 		ubi_err("bad erase counter %lld", ec);
585 		goto bad;
586 	}
587 
588 	return 0;
589 
590 bad:
591 	ubi_err("bad EC header");
592 	ubi_dbg_dump_ec_hdr(ec_hdr);
593 	ubi_dbg_dump_stack();
594 	return 1;
595 }
596 
597 /**
598  * ubi_io_read_ec_hdr - read and check an erase counter header.
599  * @ubi: UBI device description object
600  * @pnum: physical eraseblock to read from
601  * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
602  * header
603  * @verbose: be verbose if the header is corrupted or was not found
604  *
605  * This function reads erase counter header from physical eraseblock @pnum and
606  * stores it in @ec_hdr. This function also checks CRC checksum of the read
607  * erase counter header. The following codes may be returned:
608  *
609  * o %0 if the CRC checksum is correct and the header was successfully read;
610  * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
611  *   and corrected by the flash driver; this is harmless but may indicate that
612  *   this eraseblock may become bad soon (but may be not);
613  * o %UBI_IO_BAD_EC_HDR if the erase counter header is corrupted (a CRC error);
614  * o %UBI_IO_PEB_EMPTY if the physical eraseblock is empty;
615  * o a negative error code in case of failure.
616  */
617 int ubi_io_read_ec_hdr(const struct ubi_device *ubi, int pnum,
618 		       struct ubi_ec_hdr *ec_hdr, int verbose)
619 {
620 	int err, read_err = 0;
621 	uint32_t crc, magic, hdr_crc;
622 
623 	dbg_io("read EC header from PEB %d", pnum);
624 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
625 
626 	err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
627 	if (err) {
628 		if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
629 			return err;
630 
631 		/*
632 		 * We read all the data, but either a correctable bit-flip
633 		 * occurred, or MTD reported about some data integrity error,
634 		 * like an ECC error in case of NAND. The former is harmless,
635 		 * the later may mean that the read data is corrupted. But we
636 		 * have a CRC check-sum and we will detect this. If the EC
637 		 * header is still OK, we just report this as there was a
638 		 * bit-flip.
639 		 */
640 		read_err = err;
641 	}
642 
643 	magic = ubi32_to_cpu(ec_hdr->magic);
644 	if (magic != UBI_EC_HDR_MAGIC) {
645 		/*
646 		 * The magic field is wrong. Let's check if we have read all
647 		 * 0xFF. If yes, this physical eraseblock is assumed to be
648 		 * empty.
649 		 *
650 		 * But if there was a read error, we do not test it for all
651 		 * 0xFFs. Even if it does contain all 0xFFs, this error
652 		 * indicates that something is still wrong with this physical
653 		 * eraseblock and we anyway cannot treat it as empty.
654 		 */
655 		if (read_err != -EBADMSG &&
656 		    check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
657 			/* The physical eraseblock is supposedly empty */
658 
659 			/*
660 			 * The below is just a paranoid check, it has to be
661 			 * compiled out if paranoid checks are disabled.
662 			 */
663 			err = paranoid_check_all_ff(ubi, pnum, 0,
664 						    ubi->peb_size);
665 			if (err)
666 				return err > 0 ? UBI_IO_BAD_EC_HDR : err;
667 
668 			if (verbose)
669 				ubi_warn("no EC header found at PEB %d, "
670 					 "only 0xFF bytes", pnum);
671 			return UBI_IO_PEB_EMPTY;
672 		}
673 
674 		/*
675 		 * This is not a valid erase counter header, and these are not
676 		 * 0xFF bytes. Report that the header is corrupted.
677 		 */
678 		if (verbose) {
679 			ubi_warn("bad magic number at PEB %d: %08x instead of "
680 				 "%08x", pnum, magic, UBI_EC_HDR_MAGIC);
681 			ubi_dbg_dump_ec_hdr(ec_hdr);
682 		}
683 		return UBI_IO_BAD_EC_HDR;
684 	}
685 
686 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
687 	hdr_crc = ubi32_to_cpu(ec_hdr->hdr_crc);
688 
689 	if (hdr_crc != crc) {
690 		if (verbose) {
691 			ubi_warn("bad EC header CRC at PEB %d, calculated %#08x,"
692 				 " read %#08x", pnum, crc, hdr_crc);
693 			ubi_dbg_dump_ec_hdr(ec_hdr);
694 		}
695 		return UBI_IO_BAD_EC_HDR;
696 	}
697 
698 	/* And of course validate what has just been read from the media */
699 	err = validate_ec_hdr(ubi, ec_hdr);
700 	if (err) {
701 		ubi_err("validation failed for PEB %d", pnum);
702 		return -EINVAL;
703 	}
704 
705 	return read_err ? UBI_IO_BITFLIPS : 0;
706 }
707 
708 /**
709  * ubi_io_write_ec_hdr - write an erase counter header.
710  * @ubi: UBI device description object
711  * @pnum: physical eraseblock to write to
712  * @ec_hdr: the erase counter header to write
713  *
714  * This function writes erase counter header described by @ec_hdr to physical
715  * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
716  * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
717  * field.
718  *
719  * This function returns zero in case of success and a negative error code in
720  * case of failure. If %-EIO is returned, the physical eraseblock most probably
721  * went bad.
722  */
723 int ubi_io_write_ec_hdr(const struct ubi_device *ubi, int pnum,
724 			struct ubi_ec_hdr *ec_hdr)
725 {
726 	int err;
727 	uint32_t crc;
728 
729 	dbg_io("write EC header to PEB %d", pnum);
730 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
731 
732 	ec_hdr->magic = cpu_to_ubi32(UBI_EC_HDR_MAGIC);
733 	ec_hdr->version = UBI_VERSION;
734 	ec_hdr->vid_hdr_offset = cpu_to_ubi32(ubi->vid_hdr_offset);
735 	ec_hdr->data_offset = cpu_to_ubi32(ubi->leb_start);
736 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
737 	ec_hdr->hdr_crc = cpu_to_ubi32(crc);
738 
739 	err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
740 	if (err)
741 		return -EINVAL;
742 
743 	err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
744 	return err;
745 }
746 
747 /**
748  * validate_vid_hdr - validate a volume identifier header.
749  * @ubi: UBI device description object
750  * @vid_hdr: the volume identifier header to check
751  *
752  * This function checks that data stored in the volume identifier header
753  * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
754  */
755 static int validate_vid_hdr(const struct ubi_device *ubi,
756 			    const struct ubi_vid_hdr *vid_hdr)
757 {
758 	int vol_type = vid_hdr->vol_type;
759 	int copy_flag = vid_hdr->copy_flag;
760 	int vol_id = ubi32_to_cpu(vid_hdr->vol_id);
761 	int lnum = ubi32_to_cpu(vid_hdr->lnum);
762 	int compat = vid_hdr->compat;
763 	int data_size = ubi32_to_cpu(vid_hdr->data_size);
764 	int used_ebs = ubi32_to_cpu(vid_hdr->used_ebs);
765 	int data_pad = ubi32_to_cpu(vid_hdr->data_pad);
766 	int data_crc = ubi32_to_cpu(vid_hdr->data_crc);
767 	int usable_leb_size = ubi->leb_size - data_pad;
768 
769 	if (copy_flag != 0 && copy_flag != 1) {
770 		dbg_err("bad copy_flag");
771 		goto bad;
772 	}
773 
774 	if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
775 	    data_pad < 0) {
776 		dbg_err("negative values");
777 		goto bad;
778 	}
779 
780 	if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
781 		dbg_err("bad vol_id");
782 		goto bad;
783 	}
784 
785 	if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
786 		dbg_err("bad compat");
787 		goto bad;
788 	}
789 
790 	if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
791 	    compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
792 	    compat != UBI_COMPAT_REJECT) {
793 		dbg_err("bad compat");
794 		goto bad;
795 	}
796 
797 	if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
798 		dbg_err("bad vol_type");
799 		goto bad;
800 	}
801 
802 	if (data_pad >= ubi->leb_size / 2) {
803 		dbg_err("bad data_pad");
804 		goto bad;
805 	}
806 
807 	if (vol_type == UBI_VID_STATIC) {
808 		/*
809 		 * Although from high-level point of view static volumes may
810 		 * contain zero bytes of data, but no VID headers can contain
811 		 * zero at these fields, because they empty volumes do not have
812 		 * mapped logical eraseblocks.
813 		 */
814 		if (used_ebs == 0) {
815 			dbg_err("zero used_ebs");
816 			goto bad;
817 		}
818 		if (data_size == 0) {
819 			dbg_err("zero data_size");
820 			goto bad;
821 		}
822 		if (lnum < used_ebs - 1) {
823 			if (data_size != usable_leb_size) {
824 				dbg_err("bad data_size");
825 				goto bad;
826 			}
827 		} else if (lnum == used_ebs - 1) {
828 			if (data_size == 0) {
829 				dbg_err("bad data_size at last LEB");
830 				goto bad;
831 			}
832 		} else {
833 			dbg_err("too high lnum");
834 			goto bad;
835 		}
836 	} else {
837 		if (copy_flag == 0) {
838 			if (data_crc != 0) {
839 				dbg_err("non-zero data CRC");
840 				goto bad;
841 			}
842 			if (data_size != 0) {
843 				dbg_err("non-zero data_size");
844 				goto bad;
845 			}
846 		} else {
847 			if (data_size == 0) {
848 				dbg_err("zero data_size of copy");
849 				goto bad;
850 			}
851 		}
852 		if (used_ebs != 0) {
853 			dbg_err("bad used_ebs");
854 			goto bad;
855 		}
856 	}
857 
858 	return 0;
859 
860 bad:
861 	ubi_err("bad VID header");
862 	ubi_dbg_dump_vid_hdr(vid_hdr);
863 	ubi_dbg_dump_stack();
864 	return 1;
865 }
866 
867 /**
868  * ubi_io_read_vid_hdr - read and check a volume identifier header.
869  * @ubi: UBI device description object
870  * @pnum: physical eraseblock number to read from
871  * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
872  * identifier header
873  * @verbose: be verbose if the header is corrupted or wasn't found
874  *
875  * This function reads the volume identifier header from physical eraseblock
876  * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
877  * volume identifier header. The following codes may be returned:
878  *
879  * o %0 if the CRC checksum is correct and the header was successfully read;
880  * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
881  *   and corrected by the flash driver; this is harmless but may indicate that
882  *   this eraseblock may become bad soon;
883  * o %UBI_IO_BAD_VID_HRD if the volume identifier header is corrupted (a CRC
884  *   error detected);
885  * o %UBI_IO_PEB_FREE if the physical eraseblock is free (i.e., there is no VID
886  *   header there);
887  * o a negative error code in case of failure.
888  */
889 int ubi_io_read_vid_hdr(const struct ubi_device *ubi, int pnum,
890 			struct ubi_vid_hdr *vid_hdr, int verbose)
891 {
892 	int err, read_err = 0;
893 	uint32_t crc, magic, hdr_crc;
894 	void *p;
895 
896 	dbg_io("read VID header from PEB %d", pnum);
897 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
898 
899 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
900 	err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
901 			  ubi->vid_hdr_alsize);
902 	if (err) {
903 		if (err != UBI_IO_BITFLIPS && err != -EBADMSG)
904 			return err;
905 
906 		/*
907 		 * We read all the data, but either a correctable bit-flip
908 		 * occurred, or MTD reported about some data integrity error,
909 		 * like an ECC error in case of NAND. The former is harmless,
910 		 * the later may mean the read data is corrupted. But we have a
911 		 * CRC check-sum and we will identify this. If the VID header is
912 		 * still OK, we just report this as there was a bit-flip.
913 		 */
914 		read_err = err;
915 	}
916 
917 	magic = ubi32_to_cpu(vid_hdr->magic);
918 	if (magic != UBI_VID_HDR_MAGIC) {
919 		/*
920 		 * If we have read all 0xFF bytes, the VID header probably does
921 		 * not exist and the physical eraseblock is assumed to be free.
922 		 *
923 		 * But if there was a read error, we do not test the data for
924 		 * 0xFFs. Even if it does contain all 0xFFs, this error
925 		 * indicates that something is still wrong with this physical
926 		 * eraseblock and it cannot be regarded as free.
927 		 */
928 		if (read_err != -EBADMSG &&
929 		    check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
930 			/* The physical eraseblock is supposedly free */
931 
932 			/*
933 			 * The below is just a paranoid check, it has to be
934 			 * compiled out if paranoid checks are disabled.
935 			 */
936 			err = paranoid_check_all_ff(ubi, pnum, ubi->leb_start,
937 						    ubi->leb_size);
938 			if (err)
939 				return err > 0 ? UBI_IO_BAD_VID_HDR : err;
940 
941 			if (verbose)
942 				ubi_warn("no VID header found at PEB %d, "
943 					 "only 0xFF bytes", pnum);
944 			return UBI_IO_PEB_FREE;
945 		}
946 
947 		/*
948 		 * This is not a valid VID header, and these are not 0xFF
949 		 * bytes. Report that the header is corrupted.
950 		 */
951 		if (verbose) {
952 			ubi_warn("bad magic number at PEB %d: %08x instead of "
953 				 "%08x", pnum, magic, UBI_VID_HDR_MAGIC);
954 			ubi_dbg_dump_vid_hdr(vid_hdr);
955 		}
956 		return UBI_IO_BAD_VID_HDR;
957 	}
958 
959 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
960 	hdr_crc = ubi32_to_cpu(vid_hdr->hdr_crc);
961 
962 	if (hdr_crc != crc) {
963 		if (verbose) {
964 			ubi_warn("bad CRC at PEB %d, calculated %#08x, "
965 				 "read %#08x", pnum, crc, hdr_crc);
966 			ubi_dbg_dump_vid_hdr(vid_hdr);
967 		}
968 		return UBI_IO_BAD_VID_HDR;
969 	}
970 
971 	/* Validate the VID header that we have just read */
972 	err = validate_vid_hdr(ubi, vid_hdr);
973 	if (err) {
974 		ubi_err("validation failed for PEB %d", pnum);
975 		return -EINVAL;
976 	}
977 
978 	return read_err ? UBI_IO_BITFLIPS : 0;
979 }
980 
981 /**
982  * ubi_io_write_vid_hdr - write a volume identifier header.
983  * @ubi: UBI device description object
984  * @pnum: the physical eraseblock number to write to
985  * @vid_hdr: the volume identifier header to write
986  *
987  * This function writes the volume identifier header described by @vid_hdr to
988  * physical eraseblock @pnum. This function automatically fills the
989  * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
990  * header CRC checksum and stores it at vid_hdr->hdr_crc.
991  *
992  * This function returns zero in case of success and a negative error code in
993  * case of failure. If %-EIO is returned, the physical eraseblock probably went
994  * bad.
995  */
996 int ubi_io_write_vid_hdr(const struct ubi_device *ubi, int pnum,
997 			 struct ubi_vid_hdr *vid_hdr)
998 {
999 	int err;
1000 	uint32_t crc;
1001 	void *p;
1002 
1003 	dbg_io("write VID header to PEB %d", pnum);
1004 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1005 
1006 	err = paranoid_check_peb_ec_hdr(ubi, pnum);
1007 	if (err)
1008 		return err > 0 ? -EINVAL: err;
1009 
1010 	vid_hdr->magic = cpu_to_ubi32(UBI_VID_HDR_MAGIC);
1011 	vid_hdr->version = UBI_VERSION;
1012 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1013 	vid_hdr->hdr_crc = cpu_to_ubi32(crc);
1014 
1015 	err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1016 	if (err)
1017 		return -EINVAL;
1018 
1019 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1020 	err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1021 			   ubi->vid_hdr_alsize);
1022 	return err;
1023 }
1024 
1025 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
1026 
1027 /**
1028  * paranoid_check_not_bad - ensure that a physical eraseblock is not bad.
1029  * @ubi: UBI device description object
1030  * @pnum: physical eraseblock number to check
1031  *
1032  * This function returns zero if the physical eraseblock is good, a positive
1033  * number if it is bad and a negative error code if an error occurred.
1034  */
1035 static int paranoid_check_not_bad(const struct ubi_device *ubi, int pnum)
1036 {
1037 	int err;
1038 
1039 	err = ubi_io_is_bad(ubi, pnum);
1040 	if (!err)
1041 		return err;
1042 
1043 	ubi_err("paranoid check failed for PEB %d", pnum);
1044 	ubi_dbg_dump_stack();
1045 	return err;
1046 }
1047 
1048 /**
1049  * paranoid_check_ec_hdr - check if an erase counter header is all right.
1050  * @ubi: UBI device description object
1051  * @pnum: physical eraseblock number the erase counter header belongs to
1052  * @ec_hdr: the erase counter header to check
1053  *
1054  * This function returns zero if the erase counter header contains valid
1055  * values, and %1 if not.
1056  */
1057 static int paranoid_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1058 				 const struct ubi_ec_hdr *ec_hdr)
1059 {
1060 	int err;
1061 	uint32_t magic;
1062 
1063 	magic = ubi32_to_cpu(ec_hdr->magic);
1064 	if (magic != UBI_EC_HDR_MAGIC) {
1065 		ubi_err("bad magic %#08x, must be %#08x",
1066 			magic, UBI_EC_HDR_MAGIC);
1067 		goto fail;
1068 	}
1069 
1070 	err = validate_ec_hdr(ubi, ec_hdr);
1071 	if (err) {
1072 		ubi_err("paranoid check failed for PEB %d", pnum);
1073 		goto fail;
1074 	}
1075 
1076 	return 0;
1077 
1078 fail:
1079 	ubi_dbg_dump_ec_hdr(ec_hdr);
1080 	ubi_dbg_dump_stack();
1081 	return 1;
1082 }
1083 
1084 /**
1085  * paranoid_check_peb_ec_hdr - check that the erase counter header of a
1086  * physical eraseblock is in-place and is all right.
1087  * @ubi: UBI device description object
1088  * @pnum: the physical eraseblock number to check
1089  *
1090  * This function returns zero if the erase counter header is all right, %1 if
1091  * not, and a negative error code if an error occurred.
1092  */
1093 static int paranoid_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1094 {
1095 	int err;
1096 	uint32_t crc, hdr_crc;
1097 	struct ubi_ec_hdr *ec_hdr;
1098 
1099 	ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
1100 	if (!ec_hdr)
1101 		return -ENOMEM;
1102 
1103 	err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1104 	if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1105 		goto exit;
1106 
1107 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1108 	hdr_crc = ubi32_to_cpu(ec_hdr->hdr_crc);
1109 	if (hdr_crc != crc) {
1110 		ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1111 		ubi_err("paranoid check failed for PEB %d", pnum);
1112 		ubi_dbg_dump_ec_hdr(ec_hdr);
1113 		ubi_dbg_dump_stack();
1114 		err = 1;
1115 		goto exit;
1116 	}
1117 
1118 	err = paranoid_check_ec_hdr(ubi, pnum, ec_hdr);
1119 
1120 exit:
1121 	kfree(ec_hdr);
1122 	return err;
1123 }
1124 
1125 /**
1126  * paranoid_check_vid_hdr - check that a volume identifier header is all right.
1127  * @ubi: UBI device description object
1128  * @pnum: physical eraseblock number the volume identifier header belongs to
1129  * @vid_hdr: the volume identifier header to check
1130  *
1131  * This function returns zero if the volume identifier header is all right, and
1132  * %1 if not.
1133  */
1134 static int paranoid_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1135 				  const struct ubi_vid_hdr *vid_hdr)
1136 {
1137 	int err;
1138 	uint32_t magic;
1139 
1140 	magic = ubi32_to_cpu(vid_hdr->magic);
1141 	if (magic != UBI_VID_HDR_MAGIC) {
1142 		ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1143 			magic, pnum, UBI_VID_HDR_MAGIC);
1144 		goto fail;
1145 	}
1146 
1147 	err = validate_vid_hdr(ubi, vid_hdr);
1148 	if (err) {
1149 		ubi_err("paranoid check failed for PEB %d", pnum);
1150 		goto fail;
1151 	}
1152 
1153 	return err;
1154 
1155 fail:
1156 	ubi_err("paranoid check failed for PEB %d", pnum);
1157 	ubi_dbg_dump_vid_hdr(vid_hdr);
1158 	ubi_dbg_dump_stack();
1159 	return 1;
1160 
1161 }
1162 
1163 /**
1164  * paranoid_check_peb_vid_hdr - check that the volume identifier header of a
1165  * physical eraseblock is in-place and is all right.
1166  * @ubi: UBI device description object
1167  * @pnum: the physical eraseblock number to check
1168  *
1169  * This function returns zero if the volume identifier header is all right,
1170  * %1 if not, and a negative error code if an error occurred.
1171  */
1172 static int paranoid_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1173 {
1174 	int err;
1175 	uint32_t crc, hdr_crc;
1176 	struct ubi_vid_hdr *vid_hdr;
1177 	void *p;
1178 
1179 	vid_hdr = ubi_zalloc_vid_hdr(ubi);
1180 	if (!vid_hdr)
1181 		return -ENOMEM;
1182 
1183 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1184 	err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1185 			  ubi->vid_hdr_alsize);
1186 	if (err && err != UBI_IO_BITFLIPS && err != -EBADMSG)
1187 		goto exit;
1188 
1189 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1190 	hdr_crc = ubi32_to_cpu(vid_hdr->hdr_crc);
1191 	if (hdr_crc != crc) {
1192 		ubi_err("bad VID header CRC at PEB %d, calculated %#08x, "
1193 			"read %#08x", pnum, crc, hdr_crc);
1194 		ubi_err("paranoid check failed for PEB %d", pnum);
1195 		ubi_dbg_dump_vid_hdr(vid_hdr);
1196 		ubi_dbg_dump_stack();
1197 		err = 1;
1198 		goto exit;
1199 	}
1200 
1201 	err = paranoid_check_vid_hdr(ubi, pnum, vid_hdr);
1202 
1203 exit:
1204 	ubi_free_vid_hdr(ubi, vid_hdr);
1205 	return err;
1206 }
1207 
1208 /**
1209  * paranoid_check_all_ff - check that a region of flash is empty.
1210  * @ubi: UBI device description object
1211  * @pnum: the physical eraseblock number to check
1212  * @offset: the starting offset within the physical eraseblock to check
1213  * @len: the length of the region to check
1214  *
1215  * This function returns zero if only 0xFF bytes are present at offset
1216  * @offset of the physical eraseblock @pnum, %1 if not, and a negative error
1217  * code if an error occurred.
1218  */
1219 static int paranoid_check_all_ff(const struct ubi_device *ubi, int pnum,
1220 				 int offset, int len)
1221 {
1222 	size_t read;
1223 	int err;
1224 	void *buf;
1225 	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1226 
1227 	buf = kzalloc(len, GFP_KERNEL);
1228 	if (!buf)
1229 		return -ENOMEM;
1230 
1231 	err = ubi->mtd->read(ubi->mtd, addr, len, &read, buf);
1232 	if (err && err != -EUCLEAN) {
1233 		ubi_err("error %d while reading %d bytes from PEB %d:%d, "
1234 			"read %zd bytes", err, len, pnum, offset, read);
1235 		goto error;
1236 	}
1237 
1238 	err = check_pattern(buf, 0xFF, len);
1239 	if (err == 0) {
1240 		ubi_err("flash region at PEB %d:%d, length %d does not "
1241 			"contain all 0xFF bytes", pnum, offset, len);
1242 		goto fail;
1243 	}
1244 
1245 	kfree(buf);
1246 	return 0;
1247 
1248 fail:
1249 	ubi_err("paranoid check failed for PEB %d", pnum);
1250 	dbg_msg("hex dump of the %d-%d region", offset, offset + len);
1251 	ubi_dbg_hexdump(buf, len);
1252 	err = 1;
1253 error:
1254 	ubi_dbg_dump_stack();
1255 	kfree(buf);
1256 	return err;
1257 }
1258 
1259 #endif /* CONFIG_MTD_UBI_DEBUG_PARANOID */
1260