xref: /openbmc/linux/drivers/mtd/nftlmount.c (revision a266ef69)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * NFTL mount code with extensive checks
4  *
5  * Author: Fabrice Bellard (fabrice.bellard@netgem.com)
6  * Copyright © 2000 Netgem S.A.
7  * Copyright © 1999-2010 David Woodhouse <dwmw2@infradead.org>
8  */
9 
10 #include <linux/kernel.h>
11 #include <asm/errno.h>
12 #include <linux/delay.h>
13 #include <linux/slab.h>
14 #include <linux/mtd/mtd.h>
15 #include <linux/mtd/rawnand.h>
16 #include <linux/mtd/nftl.h>
17 
18 #define SECTORSIZE 512
19 
20 /* find_boot_record: Find the NFTL Media Header and its Spare copy which contains the
21  *	various device information of the NFTL partition and Bad Unit Table. Update
22  *	the ReplUnitTable[] table according to the Bad Unit Table. ReplUnitTable[]
23  *	is used for management of Erase Unit in other routines in nftl.c and nftlmount.c
24  */
25 static int find_boot_record(struct NFTLrecord *nftl)
26 {
27 	struct nftl_uci1 h1;
28 	unsigned int block, boot_record_count = 0;
29 	size_t retlen;
30 	u8 buf[SECTORSIZE];
31 	struct NFTLMediaHeader *mh = &nftl->MediaHdr;
32 	struct mtd_info *mtd = nftl->mbd.mtd;
33 	unsigned int i;
34 
35         /* Assume logical EraseSize == physical erasesize for starting the scan.
36 	   We'll sort it out later if we find a MediaHeader which says otherwise */
37 	/* Actually, we won't.  The new DiskOnChip driver has already scanned
38 	   the MediaHeader and adjusted the virtual erasesize it presents in
39 	   the mtd device accordingly.  We could even get rid of
40 	   nftl->EraseSize if there were any point in doing so. */
41 	nftl->EraseSize = nftl->mbd.mtd->erasesize;
42         nftl->nb_blocks = (u32)nftl->mbd.mtd->size / nftl->EraseSize;
43 
44 	nftl->MediaUnit = BLOCK_NIL;
45 	nftl->SpareMediaUnit = BLOCK_NIL;
46 
47 	/* search for a valid boot record */
48 	for (block = 0; block < nftl->nb_blocks; block++) {
49 		int ret;
50 
51 		/* Check for ANAND header first. Then can whinge if it's found but later
52 		   checks fail */
53 		ret = mtd_read(mtd, block * nftl->EraseSize, SECTORSIZE,
54 			       &retlen, buf);
55 		/* We ignore ret in case the ECC of the MediaHeader is invalid
56 		   (which is apparently acceptable) */
57 		if (retlen != SECTORSIZE) {
58 			static int warncount = 5;
59 
60 			if (warncount) {
61 				printk(KERN_WARNING "Block read at 0x%x of mtd%d failed: %d\n",
62 				       block * nftl->EraseSize, nftl->mbd.mtd->index, ret);
63 				if (!--warncount)
64 					printk(KERN_WARNING "Further failures for this block will not be printed\n");
65 			}
66 			continue;
67 		}
68 
69 		if (retlen < 6 || memcmp(buf, "ANAND", 6)) {
70 			/* ANAND\0 not found. Continue */
71 #if 0
72 			printk(KERN_DEBUG "ANAND header not found at 0x%x in mtd%d\n",
73 			       block * nftl->EraseSize, nftl->mbd.mtd->index);
74 #endif
75 			continue;
76 		}
77 
78 		/* To be safer with BIOS, also use erase mark as discriminant */
79 		ret = nftl_read_oob(mtd, block * nftl->EraseSize +
80 					 SECTORSIZE + 8, 8, &retlen,
81 					 (char *)&h1);
82 		if (ret < 0) {
83 			printk(KERN_WARNING "ANAND header found at 0x%x in mtd%d, but OOB data read failed (err %d)\n",
84 			       block * nftl->EraseSize, nftl->mbd.mtd->index, ret);
85 			continue;
86 		}
87 
88 #if 0 /* Some people seem to have devices without ECC or erase marks
89 	 on the Media Header blocks. There are enough other sanity
90 	 checks in here that we can probably do without it.
91       */
92 		if (le16_to_cpu(h1.EraseMark | h1.EraseMark1) != ERASE_MARK) {
93 			printk(KERN_NOTICE "ANAND header found at 0x%x in mtd%d, but erase mark not present (0x%04x,0x%04x instead)\n",
94 			       block * nftl->EraseSize, nftl->mbd.mtd->index,
95 			       le16_to_cpu(h1.EraseMark), le16_to_cpu(h1.EraseMark1));
96 			continue;
97 		}
98 
99 		/* Finally reread to check ECC */
100 		ret = mtd->read(mtd, block * nftl->EraseSize, SECTORSIZE,
101 				&retlen, buf);
102 		if (ret < 0) {
103 			printk(KERN_NOTICE "ANAND header found at 0x%x in mtd%d, but ECC read failed (err %d)\n",
104 			       block * nftl->EraseSize, nftl->mbd.mtd->index, ret);
105 			continue;
106 		}
107 
108 		/* Paranoia. Check the ANAND header is still there after the ECC read */
109 		if (memcmp(buf, "ANAND", 6)) {
110 			printk(KERN_NOTICE "ANAND header found at 0x%x in mtd%d, but went away on reread!\n",
111 			       block * nftl->EraseSize, nftl->mbd.mtd->index);
112 			printk(KERN_NOTICE "New data are: %6ph\n", buf);
113 			continue;
114 		}
115 #endif
116 		/* OK, we like it. */
117 
118 		if (boot_record_count) {
119 			/* We've already processed one. So we just check if
120 			   this one is the same as the first one we found */
121 			if (memcmp(mh, buf, sizeof(struct NFTLMediaHeader))) {
122 				printk(KERN_NOTICE "NFTL Media Headers at 0x%x and 0x%x disagree.\n",
123 				       nftl->MediaUnit * nftl->EraseSize, block * nftl->EraseSize);
124 				/* if (debug) Print both side by side */
125 				if (boot_record_count < 2) {
126 					/* We haven't yet seen two real ones */
127 					return -1;
128 				}
129 				continue;
130 			}
131 			if (boot_record_count == 1)
132 				nftl->SpareMediaUnit = block;
133 
134 			/* Mark this boot record (NFTL MediaHeader) block as reserved */
135 			nftl->ReplUnitTable[block] = BLOCK_RESERVED;
136 
137 
138 			boot_record_count++;
139 			continue;
140 		}
141 
142 		/* This is the first we've seen. Copy the media header structure into place */
143 		memcpy(mh, buf, sizeof(struct NFTLMediaHeader));
144 
145 		/* Do some sanity checks on it */
146 #if 0
147 The new DiskOnChip driver scans the MediaHeader itself, and presents a virtual
148 erasesize based on UnitSizeFactor.  So the erasesize we read from the mtd
149 device is already correct.
150 		if (mh->UnitSizeFactor == 0) {
151 			printk(KERN_NOTICE "NFTL: UnitSizeFactor 0x00 detected. This violates the spec but we think we know what it means...\n");
152 		} else if (mh->UnitSizeFactor < 0xfc) {
153 			printk(KERN_NOTICE "Sorry, we don't support UnitSizeFactor 0x%02x\n",
154 			       mh->UnitSizeFactor);
155 			return -1;
156 		} else if (mh->UnitSizeFactor != 0xff) {
157 			printk(KERN_NOTICE "WARNING: Support for NFTL with UnitSizeFactor 0x%02x is experimental\n",
158 			       mh->UnitSizeFactor);
159 			nftl->EraseSize = nftl->mbd.mtd->erasesize << (0xff - mh->UnitSizeFactor);
160 			nftl->nb_blocks = (u32)nftl->mbd.mtd->size / nftl->EraseSize;
161 		}
162 #endif
163 		nftl->nb_boot_blocks = le16_to_cpu(mh->FirstPhysicalEUN);
164 		if ((nftl->nb_boot_blocks + 2) >= nftl->nb_blocks) {
165 			printk(KERN_NOTICE "NFTL Media Header sanity check failed:\n");
166 			printk(KERN_NOTICE "nb_boot_blocks (%d) + 2 > nb_blocks (%d)\n",
167 			       nftl->nb_boot_blocks, nftl->nb_blocks);
168 			return -1;
169 		}
170 
171 		nftl->numvunits = le32_to_cpu(mh->FormattedSize) / nftl->EraseSize;
172 		if (nftl->numvunits > (nftl->nb_blocks - nftl->nb_boot_blocks - 2)) {
173 			printk(KERN_NOTICE "NFTL Media Header sanity check failed:\n");
174 			printk(KERN_NOTICE "numvunits (%d) > nb_blocks (%d) - nb_boot_blocks(%d) - 2\n",
175 			       nftl->numvunits, nftl->nb_blocks, nftl->nb_boot_blocks);
176 			return -1;
177 		}
178 
179 		nftl->mbd.size  = nftl->numvunits * (nftl->EraseSize / SECTORSIZE);
180 
181 		/* If we're not using the last sectors in the device for some reason,
182 		   reduce nb_blocks accordingly so we forget they're there */
183 		nftl->nb_blocks = le16_to_cpu(mh->NumEraseUnits) + le16_to_cpu(mh->FirstPhysicalEUN);
184 
185 		/* XXX: will be suppressed */
186 		nftl->lastEUN = nftl->nb_blocks - 1;
187 
188 		/* memory alloc */
189 		nftl->EUNtable = kmalloc_array(nftl->nb_blocks, sizeof(u16),
190 					       GFP_KERNEL);
191 		if (!nftl->EUNtable)
192 			return -ENOMEM;
193 
194 		nftl->ReplUnitTable = kmalloc_array(nftl->nb_blocks,
195 						    sizeof(u16),
196 						    GFP_KERNEL);
197 		if (!nftl->ReplUnitTable) {
198 			kfree(nftl->EUNtable);
199 			return -ENOMEM;
200 		}
201 
202 		/* mark the bios blocks (blocks before NFTL MediaHeader) as reserved */
203 		for (i = 0; i < nftl->nb_boot_blocks; i++)
204 			nftl->ReplUnitTable[i] = BLOCK_RESERVED;
205 		/* mark all remaining blocks as potentially containing data */
206 		for (; i < nftl->nb_blocks; i++) {
207 			nftl->ReplUnitTable[i] = BLOCK_NOTEXPLORED;
208 		}
209 
210 		/* Mark this boot record (NFTL MediaHeader) block as reserved */
211 		nftl->ReplUnitTable[block] = BLOCK_RESERVED;
212 
213 		/* read the Bad Erase Unit Table and modify ReplUnitTable[] accordingly */
214 		for (i = 0; i < nftl->nb_blocks; i++) {
215 #if 0
216 The new DiskOnChip driver already scanned the bad block table.  Just query it.
217 			if ((i & (SECTORSIZE - 1)) == 0) {
218 				/* read one sector for every SECTORSIZE of blocks */
219 				ret = mtd->read(nftl->mbd.mtd,
220 						block * nftl->EraseSize + i +
221 						SECTORSIZE, SECTORSIZE,
222 						&retlen, buf);
223 				if (ret < 0) {
224 					printk(KERN_NOTICE "Read of bad sector table failed (err %d)\n",
225 					       ret);
226 					kfree(nftl->ReplUnitTable);
227 					kfree(nftl->EUNtable);
228 					return -1;
229 				}
230 			}
231 			/* mark the Bad Erase Unit as RESERVED in ReplUnitTable */
232 			if (buf[i & (SECTORSIZE - 1)] != 0xff)
233 				nftl->ReplUnitTable[i] = BLOCK_RESERVED;
234 #endif
235 			if (mtd_block_isbad(nftl->mbd.mtd,
236 					    i * nftl->EraseSize))
237 				nftl->ReplUnitTable[i] = BLOCK_RESERVED;
238 		}
239 
240 		nftl->MediaUnit = block;
241 		boot_record_count++;
242 
243 	} /* foreach (block) */
244 
245 	return boot_record_count?0:-1;
246 }
247 
248 static int memcmpb(void *a, int c, int n)
249 {
250 	int i;
251 	for (i = 0; i < n; i++) {
252 		if (c != ((unsigned char *)a)[i])
253 			return 1;
254 	}
255 	return 0;
256 }
257 
258 /* check_free_sector: check if a free sector is actually FREE, i.e. All 0xff in data and oob area */
259 static int check_free_sectors(struct NFTLrecord *nftl, unsigned int address, int len,
260 			      int check_oob)
261 {
262 	struct mtd_info *mtd = nftl->mbd.mtd;
263 	size_t retlen;
264 	int i, ret;
265 	u8 *buf;
266 
267 	buf = kmalloc(SECTORSIZE + mtd->oobsize, GFP_KERNEL);
268 	if (!buf)
269 		return -ENOMEM;
270 
271 	ret = -1;
272 	for (i = 0; i < len; i += SECTORSIZE) {
273 		if (mtd_read(mtd, address, SECTORSIZE, &retlen, buf))
274 			goto out;
275 		if (memcmpb(buf, 0xff, SECTORSIZE) != 0)
276 			goto out;
277 
278 		if (check_oob) {
279 			if(nftl_read_oob(mtd, address, mtd->oobsize,
280 					 &retlen, &buf[SECTORSIZE]) < 0)
281 				goto out;
282 			if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0)
283 				goto out;
284 		}
285 		address += SECTORSIZE;
286 	}
287 
288 	ret = 0;
289 
290 out:
291 	kfree(buf);
292 	return ret;
293 }
294 
295 /* NFTL_format: format a Erase Unit by erasing ALL Erase Zones in the Erase Unit and
296  *              Update NFTL metadata. Each erase operation is checked with check_free_sectors
297  *
298  * Return: 0 when succeed, -1 on error.
299  *
300  *  ToDo: 1. Is it necessary to check_free_sector after erasing ??
301  */
302 int NFTL_formatblock(struct NFTLrecord *nftl, int block)
303 {
304 	size_t retlen;
305 	unsigned int nb_erases, erase_mark;
306 	struct nftl_uci1 uci;
307 	struct erase_info *instr = &nftl->instr;
308 	struct mtd_info *mtd = nftl->mbd.mtd;
309 
310 	/* Read the Unit Control Information #1 for Wear-Leveling */
311 	if (nftl_read_oob(mtd, block * nftl->EraseSize + SECTORSIZE + 8,
312 			  8, &retlen, (char *)&uci) < 0)
313 		goto default_uci1;
314 
315 	erase_mark = le16_to_cpu ((uci.EraseMark | uci.EraseMark1));
316 	if (erase_mark != ERASE_MARK) {
317 	default_uci1:
318 		uci.EraseMark = cpu_to_le16(ERASE_MARK);
319 		uci.EraseMark1 = cpu_to_le16(ERASE_MARK);
320 		uci.WearInfo = cpu_to_le32(0);
321 	}
322 
323 	memset(instr, 0, sizeof(struct erase_info));
324 
325 	/* XXX: use async erase interface, XXX: test return code */
326 	instr->addr = block * nftl->EraseSize;
327 	instr->len = nftl->EraseSize;
328 	if (mtd_erase(mtd, instr)) {
329 		printk("Error while formatting block %d\n", block);
330 		goto fail;
331 	}
332 
333 	/* increase and write Wear-Leveling info */
334 	nb_erases = le32_to_cpu(uci.WearInfo);
335 	nb_erases++;
336 
337 	/* wrap (almost impossible with current flash) or free block */
338 	if (nb_erases == 0)
339 		nb_erases = 1;
340 
341 	/* check the "freeness" of Erase Unit before updating metadata
342 	 * FixMe:  is this check really necessary ? since we have check the
343 	 *         return code after the erase operation.
344 	 */
345 	if (check_free_sectors(nftl, instr->addr, nftl->EraseSize, 1) != 0)
346 		goto fail;
347 
348 	uci.WearInfo = le32_to_cpu(nb_erases);
349 	if (nftl_write_oob(mtd, block * nftl->EraseSize + SECTORSIZE +
350 			   8, 8, &retlen, (char *)&uci) < 0)
351 		goto fail;
352 	return 0;
353 fail:
354 	/* could not format, update the bad block table (caller is responsible
355 	   for setting the ReplUnitTable to BLOCK_RESERVED on failure) */
356 	mtd_block_markbad(nftl->mbd.mtd, instr->addr);
357 	return -1;
358 }
359 
360 /* check_sectors_in_chain: Check that each sector of a Virtual Unit Chain is correct.
361  *	Mark as 'IGNORE' each incorrect sector. This check is only done if the chain
362  *	was being folded when NFTL was interrupted.
363  *
364  *	The check_free_sectors in this function is necessary. There is a possible
365  *	situation that after writing the Data area, the Block Control Information is
366  *	not updated according (due to power failure or something) which leaves the block
367  *	in an inconsistent state. So we have to check if a block is really FREE in this
368  *	case. */
369 static void check_sectors_in_chain(struct NFTLrecord *nftl, unsigned int first_block)
370 {
371 	struct mtd_info *mtd = nftl->mbd.mtd;
372 	unsigned int block, i, status;
373 	struct nftl_bci bci;
374 	int sectors_per_block;
375 	size_t retlen;
376 
377 	sectors_per_block = nftl->EraseSize / SECTORSIZE;
378 	block = first_block;
379 	for (;;) {
380 		for (i = 0; i < sectors_per_block; i++) {
381 			if (nftl_read_oob(mtd,
382 					  block * nftl->EraseSize + i * SECTORSIZE,
383 					  8, &retlen, (char *)&bci) < 0)
384 				status = SECTOR_IGNORE;
385 			else
386 				status = bci.Status | bci.Status1;
387 
388 			switch(status) {
389 			case SECTOR_FREE:
390 				/* verify that the sector is really free. If not, mark
391 				   as ignore */
392 				if (memcmpb(&bci, 0xff, 8) != 0 ||
393 				    check_free_sectors(nftl, block * nftl->EraseSize + i * SECTORSIZE,
394 						       SECTORSIZE, 0) != 0) {
395 					printk("Incorrect free sector %d in block %d: "
396 					       "marking it as ignored\n",
397 					       i, block);
398 
399 					/* sector not free actually : mark it as SECTOR_IGNORE  */
400 					bci.Status = SECTOR_IGNORE;
401 					bci.Status1 = SECTOR_IGNORE;
402 					nftl_write_oob(mtd, block *
403 						       nftl->EraseSize +
404 						       i * SECTORSIZE, 8,
405 						       &retlen, (char *)&bci);
406 				}
407 				break;
408 			default:
409 				break;
410 			}
411 		}
412 
413 		/* proceed to next Erase Unit on the chain */
414 		block = nftl->ReplUnitTable[block];
415 		if (!(block == BLOCK_NIL || block < nftl->nb_blocks))
416 			printk("incorrect ReplUnitTable[] : %d\n", block);
417 		if (block == BLOCK_NIL || block >= nftl->nb_blocks)
418 			break;
419 	}
420 }
421 
422 /* calc_chain_length: Walk through a Virtual Unit Chain and estimate chain length */
423 static int calc_chain_length(struct NFTLrecord *nftl, unsigned int first_block)
424 {
425 	unsigned int length = 0, block = first_block;
426 
427 	for (;;) {
428 		length++;
429 		/* avoid infinite loops, although this is guaranteed not to
430 		   happen because of the previous checks */
431 		if (length >= nftl->nb_blocks) {
432 			printk("nftl: length too long %d !\n", length);
433 			break;
434 		}
435 
436 		block = nftl->ReplUnitTable[block];
437 		if (!(block == BLOCK_NIL || block < nftl->nb_blocks))
438 			printk("incorrect ReplUnitTable[] : %d\n", block);
439 		if (block == BLOCK_NIL || block >= nftl->nb_blocks)
440 			break;
441 	}
442 	return length;
443 }
444 
445 /* format_chain: Format an invalid Virtual Unit chain. It frees all the Erase Units in a
446  *	Virtual Unit Chain, i.e. all the units are disconnected.
447  *
448  *	It is not strictly correct to begin from the first block of the chain because
449  *	if we stop the code, we may see again a valid chain if there was a first_block
450  *	flag in a block inside it. But is it really a problem ?
451  *
452  * FixMe: Figure out what the last statement means. What if power failure when we are
453  *	in the for (;;) loop formatting blocks ??
454  */
455 static void format_chain(struct NFTLrecord *nftl, unsigned int first_block)
456 {
457 	unsigned int block = first_block, block1;
458 
459 	printk("Formatting chain at block %d\n", first_block);
460 
461 	for (;;) {
462 		block1 = nftl->ReplUnitTable[block];
463 
464 		printk("Formatting block %d\n", block);
465 		if (NFTL_formatblock(nftl, block) < 0) {
466 			/* cannot format !!!! Mark it as Bad Unit */
467 			nftl->ReplUnitTable[block] = BLOCK_RESERVED;
468 		} else {
469 			nftl->ReplUnitTable[block] = BLOCK_FREE;
470 		}
471 
472 		/* goto next block on the chain */
473 		block = block1;
474 
475 		if (!(block == BLOCK_NIL || block < nftl->nb_blocks))
476 			printk("incorrect ReplUnitTable[] : %d\n", block);
477 		if (block == BLOCK_NIL || block >= nftl->nb_blocks)
478 			break;
479 	}
480 }
481 
482 /* check_and_mark_free_block: Verify that a block is free in the NFTL sense (valid erase mark) or
483  *	totally free (only 0xff).
484  *
485  * Definition: Free Erase Unit -- A properly erased/formatted Free Erase Unit should have meet the
486  *	following criteria:
487  *	1. */
488 static int check_and_mark_free_block(struct NFTLrecord *nftl, int block)
489 {
490 	struct mtd_info *mtd = nftl->mbd.mtd;
491 	struct nftl_uci1 h1;
492 	unsigned int erase_mark;
493 	size_t retlen;
494 
495 	/* check erase mark. */
496 	if (nftl_read_oob(mtd, block * nftl->EraseSize + SECTORSIZE + 8, 8,
497 			  &retlen, (char *)&h1) < 0)
498 		return -1;
499 
500 	erase_mark = le16_to_cpu ((h1.EraseMark | h1.EraseMark1));
501 	if (erase_mark != ERASE_MARK) {
502 		/* if no erase mark, the block must be totally free. This is
503 		   possible in two cases : empty filesystem or interrupted erase (very unlikely) */
504 		if (check_free_sectors (nftl, block * nftl->EraseSize, nftl->EraseSize, 1) != 0)
505 			return -1;
506 
507 		/* free block : write erase mark */
508 		h1.EraseMark = cpu_to_le16(ERASE_MARK);
509 		h1.EraseMark1 = cpu_to_le16(ERASE_MARK);
510 		h1.WearInfo = cpu_to_le32(0);
511 		if (nftl_write_oob(mtd,
512 				   block * nftl->EraseSize + SECTORSIZE + 8, 8,
513 				   &retlen, (char *)&h1) < 0)
514 			return -1;
515 	} else {
516 #if 0
517 		/* if erase mark present, need to skip it when doing check */
518 		for (i = 0; i < nftl->EraseSize; i += SECTORSIZE) {
519 			/* check free sector */
520 			if (check_free_sectors (nftl, block * nftl->EraseSize + i,
521 						SECTORSIZE, 0) != 0)
522 				return -1;
523 
524 			if (nftl_read_oob(mtd, block * nftl->EraseSize + i,
525 					  16, &retlen, buf) < 0)
526 				return -1;
527 			if (i == SECTORSIZE) {
528 				/* skip erase mark */
529 				if (memcmpb(buf, 0xff, 8))
530 					return -1;
531 			} else {
532 				if (memcmpb(buf, 0xff, 16))
533 					return -1;
534 			}
535 		}
536 #endif
537 	}
538 
539 	return 0;
540 }
541 
542 /* get_fold_mark: Read fold mark from Unit Control Information #2, we use FOLD_MARK_IN_PROGRESS
543  *	to indicate that we are in the progression of a Virtual Unit Chain folding. If the UCI #2
544  *	is FOLD_MARK_IN_PROGRESS when mounting the NFTL, the (previous) folding process is interrupted
545  *	for some reason. A clean up/check of the VUC is necessary in this case.
546  *
547  * WARNING: return 0 if read error
548  */
549 static int get_fold_mark(struct NFTLrecord *nftl, unsigned int block)
550 {
551 	struct mtd_info *mtd = nftl->mbd.mtd;
552 	struct nftl_uci2 uci;
553 	size_t retlen;
554 
555 	if (nftl_read_oob(mtd, block * nftl->EraseSize + 2 * SECTORSIZE + 8,
556 			  8, &retlen, (char *)&uci) < 0)
557 		return 0;
558 
559 	return le16_to_cpu((uci.FoldMark | uci.FoldMark1));
560 }
561 
562 int NFTL_mount(struct NFTLrecord *s)
563 {
564 	int i;
565 	unsigned int first_logical_block, logical_block, rep_block, erase_mark;
566 	unsigned int block, first_block, is_first_block;
567 	int chain_length, do_format_chain;
568 	struct nftl_uci0 h0;
569 	struct nftl_uci1 h1;
570 	struct mtd_info *mtd = s->mbd.mtd;
571 	size_t retlen;
572 
573 	/* search for NFTL MediaHeader and Spare NFTL Media Header */
574 	if (find_boot_record(s) < 0) {
575 		printk("Could not find valid boot record\n");
576 		return -1;
577 	}
578 
579 	/* init the logical to physical table */
580 	for (i = 0; i < s->nb_blocks; i++) {
581 		s->EUNtable[i] = BLOCK_NIL;
582 	}
583 
584 	/* first pass : explore each block chain */
585 	first_logical_block = 0;
586 	for (first_block = 0; first_block < s->nb_blocks; first_block++) {
587 		/* if the block was not already explored, we can look at it */
588 		if (s->ReplUnitTable[first_block] == BLOCK_NOTEXPLORED) {
589 			block = first_block;
590 			chain_length = 0;
591 			do_format_chain = 0;
592 
593 			for (;;) {
594 				/* read the block header. If error, we format the chain */
595 				if (nftl_read_oob(mtd,
596 						  block * s->EraseSize + 8, 8,
597 						  &retlen, (char *)&h0) < 0 ||
598 				    nftl_read_oob(mtd,
599 						  block * s->EraseSize +
600 						  SECTORSIZE + 8, 8,
601 						  &retlen, (char *)&h1) < 0) {
602 					s->ReplUnitTable[block] = BLOCK_NIL;
603 					do_format_chain = 1;
604 					break;
605 				}
606 
607 				logical_block = le16_to_cpu ((h0.VirtUnitNum | h0.SpareVirtUnitNum));
608 				rep_block = le16_to_cpu ((h0.ReplUnitNum | h0.SpareReplUnitNum));
609 				erase_mark = le16_to_cpu ((h1.EraseMark | h1.EraseMark1));
610 
611 				is_first_block = !(logical_block >> 15);
612 				logical_block = logical_block & 0x7fff;
613 
614 				/* invalid/free block test */
615 				if (erase_mark != ERASE_MARK || logical_block >= s->nb_blocks) {
616 					if (chain_length == 0) {
617 						/* if not currently in a chain, we can handle it safely */
618 						if (check_and_mark_free_block(s, block) < 0) {
619 							/* not really free: format it */
620 							printk("Formatting block %d\n", block);
621 							if (NFTL_formatblock(s, block) < 0) {
622 								/* could not format: reserve the block */
623 								s->ReplUnitTable[block] = BLOCK_RESERVED;
624 							} else {
625 								s->ReplUnitTable[block] = BLOCK_FREE;
626 							}
627 						} else {
628 							/* free block: mark it */
629 							s->ReplUnitTable[block] = BLOCK_FREE;
630 						}
631 						/* directly examine the next block. */
632 						goto examine_ReplUnitTable;
633 					} else {
634 						/* the block was in a chain : this is bad. We
635 						   must format all the chain */
636 						printk("Block %d: free but referenced in chain %d\n",
637 						       block, first_block);
638 						s->ReplUnitTable[block] = BLOCK_NIL;
639 						do_format_chain = 1;
640 						break;
641 					}
642 				}
643 
644 				/* we accept only first blocks here */
645 				if (chain_length == 0) {
646 					/* this block is not the first block in chain :
647 					   ignore it, it will be included in a chain
648 					   later, or marked as not explored */
649 					if (!is_first_block)
650 						goto examine_ReplUnitTable;
651 					first_logical_block = logical_block;
652 				} else {
653 					if (logical_block != first_logical_block) {
654 						printk("Block %d: incorrect logical block: %d expected: %d\n",
655 						       block, logical_block, first_logical_block);
656 						/* the chain is incorrect : we must format it,
657 						   but we need to read it completely */
658 						do_format_chain = 1;
659 					}
660 					if (is_first_block) {
661 						/* we accept that a block is marked as first
662 						   block while being last block in a chain
663 						   only if the chain is being folded */
664 						if (get_fold_mark(s, block) != FOLD_MARK_IN_PROGRESS ||
665 						    rep_block != 0xffff) {
666 							printk("Block %d: incorrectly marked as first block in chain\n",
667 							       block);
668 							/* the chain is incorrect : we must format it,
669 							   but we need to read it completely */
670 							do_format_chain = 1;
671 						} else {
672 							printk("Block %d: folding in progress - ignoring first block flag\n",
673 							       block);
674 						}
675 					}
676 				}
677 				chain_length++;
678 				if (rep_block == 0xffff) {
679 					/* no more blocks after */
680 					s->ReplUnitTable[block] = BLOCK_NIL;
681 					break;
682 				} else if (rep_block >= s->nb_blocks) {
683 					printk("Block %d: referencing invalid block %d\n",
684 					       block, rep_block);
685 					do_format_chain = 1;
686 					s->ReplUnitTable[block] = BLOCK_NIL;
687 					break;
688 				} else if (s->ReplUnitTable[rep_block] != BLOCK_NOTEXPLORED) {
689 					/* same problem as previous 'is_first_block' test:
690 					   we accept that the last block of a chain has
691 					   the first_block flag set if folding is in
692 					   progress. We handle here the case where the
693 					   last block appeared first */
694 					if (s->ReplUnitTable[rep_block] == BLOCK_NIL &&
695 					    s->EUNtable[first_logical_block] == rep_block &&
696 					    get_fold_mark(s, first_block) == FOLD_MARK_IN_PROGRESS) {
697 						/* EUNtable[] will be set after */
698 						printk("Block %d: folding in progress - ignoring first block flag\n",
699 						       rep_block);
700 						s->ReplUnitTable[block] = rep_block;
701 						s->EUNtable[first_logical_block] = BLOCK_NIL;
702 					} else {
703 						printk("Block %d: referencing block %d already in another chain\n",
704 						       block, rep_block);
705 						/* XXX: should handle correctly fold in progress chains */
706 						do_format_chain = 1;
707 						s->ReplUnitTable[block] = BLOCK_NIL;
708 					}
709 					break;
710 				} else {
711 					/* this is OK */
712 					s->ReplUnitTable[block] = rep_block;
713 					block = rep_block;
714 				}
715 			}
716 
717 			/* the chain was completely explored. Now we can decide
718 			   what to do with it */
719 			if (do_format_chain) {
720 				/* invalid chain : format it */
721 				format_chain(s, first_block);
722 			} else {
723 				unsigned int first_block1, chain_to_format, chain_length1;
724 				int fold_mark;
725 
726 				/* valid chain : get foldmark */
727 				fold_mark = get_fold_mark(s, first_block);
728 				if (fold_mark == 0) {
729 					/* cannot get foldmark : format the chain */
730 					printk("Could read foldmark at block %d\n", first_block);
731 					format_chain(s, first_block);
732 				} else {
733 					if (fold_mark == FOLD_MARK_IN_PROGRESS)
734 						check_sectors_in_chain(s, first_block);
735 
736 					/* now handle the case where we find two chains at the
737 					   same virtual address : we select the longer one,
738 					   because the shorter one is the one which was being
739 					   folded if the folding was not done in place */
740 					first_block1 = s->EUNtable[first_logical_block];
741 					if (first_block1 != BLOCK_NIL) {
742 						/* XXX: what to do if same length ? */
743 						chain_length1 = calc_chain_length(s, first_block1);
744 						printk("Two chains at blocks %d (len=%d) and %d (len=%d)\n",
745 						       first_block1, chain_length1, first_block, chain_length);
746 
747 						if (chain_length >= chain_length1) {
748 							chain_to_format = first_block1;
749 							s->EUNtable[first_logical_block] = first_block;
750 						} else {
751 							chain_to_format = first_block;
752 						}
753 						format_chain(s, chain_to_format);
754 					} else {
755 						s->EUNtable[first_logical_block] = first_block;
756 					}
757 				}
758 			}
759 		}
760 	examine_ReplUnitTable:;
761 	}
762 
763 	/* second pass to format unreferenced blocks  and init free block count */
764 	s->numfreeEUNs = 0;
765 	s->LastFreeEUN = le16_to_cpu(s->MediaHdr.FirstPhysicalEUN);
766 
767 	for (block = 0; block < s->nb_blocks; block++) {
768 		if (s->ReplUnitTable[block] == BLOCK_NOTEXPLORED) {
769 			printk("Unreferenced block %d, formatting it\n", block);
770 			if (NFTL_formatblock(s, block) < 0)
771 				s->ReplUnitTable[block] = BLOCK_RESERVED;
772 			else
773 				s->ReplUnitTable[block] = BLOCK_FREE;
774 		}
775 		if (s->ReplUnitTable[block] == BLOCK_FREE) {
776 			s->numfreeEUNs++;
777 			s->LastFreeEUN = block;
778 		}
779 	}
780 
781 	return 0;
782 }
783