xref: /openbmc/linux/drivers/mtd/ubi/io.c (revision b34e08d5)
1 /*
2  * Copyright (c) International Business Machines Corp., 2006
3  * Copyright (c) Nokia Corporation, 2006, 2007
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
13  * the GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  *
19  * Author: Artem Bityutskiy (Битюцкий Артём)
20  */
21 
22 /*
23  * UBI input/output sub-system.
24  *
25  * This sub-system provides a uniform way to work with all kinds of the
26  * underlying MTD devices. It also implements handy functions for reading and
27  * writing UBI headers.
28  *
29  * We are trying to have a paranoid mindset and not to trust to what we read
30  * from the flash media in order to be more secure and robust. So this
31  * sub-system validates every single header it reads from the flash media.
32  *
33  * Some words about how the eraseblock headers are stored.
34  *
35  * The erase counter header is always stored at offset zero. By default, the
36  * VID header is stored after the EC header at the closest aligned offset
37  * (i.e. aligned to the minimum I/O unit size). Data starts next to the VID
38  * header at the closest aligned offset. But this default layout may be
39  * changed. For example, for different reasons (e.g., optimization) UBI may be
40  * asked to put the VID header at further offset, and even at an unaligned
41  * offset. Of course, if the offset of the VID header is unaligned, UBI adds
42  * proper padding in front of it. Data offset may also be changed but it has to
43  * be aligned.
44  *
45  * About minimal I/O units. In general, UBI assumes flash device model where
46  * there is only one minimal I/O unit size. E.g., in case of NOR flash it is 1,
47  * in case of NAND flash it is a NAND page, etc. This is reported by MTD in the
48  * @ubi->mtd->writesize field. But as an exception, UBI admits of using another
49  * (smaller) minimal I/O unit size for EC and VID headers to make it possible
50  * to do different optimizations.
51  *
52  * This is extremely useful in case of NAND flashes which admit of several
53  * write operations to one NAND page. In this case UBI can fit EC and VID
54  * headers at one NAND page. Thus, UBI may use "sub-page" size as the minimal
55  * I/O unit for the headers (the @ubi->hdrs_min_io_size field). But it still
56  * reports NAND page size (@ubi->min_io_size) as a minimal I/O unit for the UBI
57  * users.
58  *
59  * Example: some Samsung NANDs with 2KiB pages allow 4x 512-byte writes, so
60  * although the minimal I/O unit is 2K, UBI uses 512 bytes for EC and VID
61  * headers.
62  *
63  * Q: why not just to treat sub-page as a minimal I/O unit of this flash
64  * device, e.g., make @ubi->min_io_size = 512 in the example above?
65  *
66  * A: because when writing a sub-page, MTD still writes a full 2K page but the
67  * bytes which are not relevant to the sub-page are 0xFF. So, basically,
68  * writing 4x512 sub-pages is 4 times slower than writing one 2KiB NAND page.
69  * Thus, we prefer to use sub-pages only for EC and VID headers.
70  *
71  * As it was noted above, the VID header may start at a non-aligned offset.
72  * For example, in case of a 2KiB page NAND flash with a 512 bytes sub-page,
73  * the VID header may reside at offset 1984 which is the last 64 bytes of the
74  * last sub-page (EC header is always at offset zero). This causes some
75  * difficulties when reading and writing VID headers.
76  *
77  * Suppose we have a 64-byte buffer and we read a VID header at it. We change
78  * the data and want to write this VID header out. As we can only write in
79  * 512-byte chunks, we have to allocate one more buffer and copy our VID header
80  * to offset 448 of this buffer.
81  *
82  * The I/O sub-system does the following trick in order to avoid this extra
83  * copy. It always allocates a @ubi->vid_hdr_alsize bytes buffer for the VID
84  * header and returns a pointer to offset @ubi->vid_hdr_shift of this buffer.
85  * When the VID header is being written out, it shifts the VID header pointer
86  * back and writes the whole sub-page.
87  */
88 
89 #include <linux/crc32.h>
90 #include <linux/err.h>
91 #include <linux/slab.h>
92 #include "ubi.h"
93 
94 static int self_check_not_bad(const struct ubi_device *ubi, int pnum);
95 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum);
96 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
97 			     const struct ubi_ec_hdr *ec_hdr);
98 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum);
99 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
100 			      const struct ubi_vid_hdr *vid_hdr);
101 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
102 			    int offset, int len);
103 
104 /**
105  * ubi_io_read - read data from a physical eraseblock.
106  * @ubi: UBI device description object
107  * @buf: buffer where to store the read data
108  * @pnum: physical eraseblock number to read from
109  * @offset: offset within the physical eraseblock from where to read
110  * @len: how many bytes to read
111  *
112  * This function reads data from offset @offset of physical eraseblock @pnum
113  * and stores the read data in the @buf buffer. The following return codes are
114  * possible:
115  *
116  * o %0 if all the requested data were successfully read;
117  * o %UBI_IO_BITFLIPS if all the requested data were successfully read, but
118  *   correctable bit-flips were detected; this is harmless but may indicate
119  *   that this eraseblock may become bad soon (but do not have to);
120  * o %-EBADMSG if the MTD subsystem reported about data integrity problems, for
121  *   example it can be an ECC error in case of NAND; this most probably means
122  *   that the data is corrupted;
123  * o %-EIO if some I/O error occurred;
124  * o other negative error codes in case of other errors.
125  */
126 int ubi_io_read(const struct ubi_device *ubi, void *buf, int pnum, int offset,
127 		int len)
128 {
129 	int err, retries = 0;
130 	size_t read;
131 	loff_t addr;
132 
133 	dbg_io("read %d bytes from PEB %d:%d", len, pnum, offset);
134 
135 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
136 	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
137 	ubi_assert(len > 0);
138 
139 	err = self_check_not_bad(ubi, pnum);
140 	if (err)
141 		return err;
142 
143 	/*
144 	 * Deliberately corrupt the buffer to improve robustness. Indeed, if we
145 	 * do not do this, the following may happen:
146 	 * 1. The buffer contains data from previous operation, e.g., read from
147 	 *    another PEB previously. The data looks like expected, e.g., if we
148 	 *    just do not read anything and return - the caller would not
149 	 *    notice this. E.g., if we are reading a VID header, the buffer may
150 	 *    contain a valid VID header from another PEB.
151 	 * 2. The driver is buggy and returns us success or -EBADMSG or
152 	 *    -EUCLEAN, but it does not actually put any data to the buffer.
153 	 *
154 	 * This may confuse UBI or upper layers - they may think the buffer
155 	 * contains valid data while in fact it is just old data. This is
156 	 * especially possible because UBI (and UBIFS) relies on CRC, and
157 	 * treats data as correct even in case of ECC errors if the CRC is
158 	 * correct.
159 	 *
160 	 * Try to prevent this situation by changing the first byte of the
161 	 * buffer.
162 	 */
163 	*((uint8_t *)buf) ^= 0xFF;
164 
165 	addr = (loff_t)pnum * ubi->peb_size + offset;
166 retry:
167 	err = mtd_read(ubi->mtd, addr, len, &read, buf);
168 	if (err) {
169 		const char *errstr = mtd_is_eccerr(err) ? " (ECC error)" : "";
170 
171 		if (mtd_is_bitflip(err)) {
172 			/*
173 			 * -EUCLEAN is reported if there was a bit-flip which
174 			 * was corrected, so this is harmless.
175 			 *
176 			 * We do not report about it here unless debugging is
177 			 * enabled. A corresponding message will be printed
178 			 * later, when it is has been scrubbed.
179 			 */
180 			ubi_msg("fixable bit-flip detected at PEB %d", pnum);
181 			ubi_assert(len == read);
182 			return UBI_IO_BITFLIPS;
183 		}
184 
185 		if (retries++ < UBI_IO_RETRIES) {
186 			ubi_warn("error %d%s while reading %d bytes from PEB %d:%d, read only %zd bytes, retry",
187 				 err, errstr, len, pnum, offset, read);
188 			yield();
189 			goto retry;
190 		}
191 
192 		ubi_err("error %d%s while reading %d bytes from PEB %d:%d, read %zd bytes",
193 			err, errstr, len, pnum, offset, read);
194 		dump_stack();
195 
196 		/*
197 		 * The driver should never return -EBADMSG if it failed to read
198 		 * all the requested data. But some buggy drivers might do
199 		 * this, so we change it to -EIO.
200 		 */
201 		if (read != len && mtd_is_eccerr(err)) {
202 			ubi_assert(0);
203 			err = -EIO;
204 		}
205 	} else {
206 		ubi_assert(len == read);
207 
208 		if (ubi_dbg_is_bitflip(ubi)) {
209 			dbg_gen("bit-flip (emulated)");
210 			err = UBI_IO_BITFLIPS;
211 		}
212 	}
213 
214 	return err;
215 }
216 
217 /**
218  * ubi_io_write - write data to a physical eraseblock.
219  * @ubi: UBI device description object
220  * @buf: buffer with the data to write
221  * @pnum: physical eraseblock number to write to
222  * @offset: offset within the physical eraseblock where to write
223  * @len: how many bytes to write
224  *
225  * This function writes @len bytes of data from buffer @buf to offset @offset
226  * of physical eraseblock @pnum. If all the data were successfully written,
227  * zero is returned. If an error occurred, this function returns a negative
228  * error code. If %-EIO is returned, the physical eraseblock most probably went
229  * bad.
230  *
231  * Note, in case of an error, it is possible that something was still written
232  * to the flash media, but may be some garbage.
233  */
234 int ubi_io_write(struct ubi_device *ubi, const void *buf, int pnum, int offset,
235 		 int len)
236 {
237 	int err;
238 	size_t written;
239 	loff_t addr;
240 
241 	dbg_io("write %d bytes to PEB %d:%d", len, pnum, offset);
242 
243 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
244 	ubi_assert(offset >= 0 && offset + len <= ubi->peb_size);
245 	ubi_assert(offset % ubi->hdrs_min_io_size == 0);
246 	ubi_assert(len > 0 && len % ubi->hdrs_min_io_size == 0);
247 
248 	if (ubi->ro_mode) {
249 		ubi_err("read-only mode");
250 		return -EROFS;
251 	}
252 
253 	err = self_check_not_bad(ubi, pnum);
254 	if (err)
255 		return err;
256 
257 	/* The area we are writing to has to contain all 0xFF bytes */
258 	err = ubi_self_check_all_ff(ubi, pnum, offset, len);
259 	if (err)
260 		return err;
261 
262 	if (offset >= ubi->leb_start) {
263 		/*
264 		 * We write to the data area of the physical eraseblock. Make
265 		 * sure it has valid EC and VID headers.
266 		 */
267 		err = self_check_peb_ec_hdr(ubi, pnum);
268 		if (err)
269 			return err;
270 		err = self_check_peb_vid_hdr(ubi, pnum);
271 		if (err)
272 			return err;
273 	}
274 
275 	if (ubi_dbg_is_write_failure(ubi)) {
276 		ubi_err("cannot write %d bytes to PEB %d:%d (emulated)",
277 			len, pnum, offset);
278 		dump_stack();
279 		return -EIO;
280 	}
281 
282 	addr = (loff_t)pnum * ubi->peb_size + offset;
283 	err = mtd_write(ubi->mtd, addr, len, &written, buf);
284 	if (err) {
285 		ubi_err("error %d while writing %d bytes to PEB %d:%d, written %zd bytes",
286 			err, len, pnum, offset, written);
287 		dump_stack();
288 		ubi_dump_flash(ubi, pnum, offset, len);
289 	} else
290 		ubi_assert(written == len);
291 
292 	if (!err) {
293 		err = self_check_write(ubi, buf, pnum, offset, len);
294 		if (err)
295 			return err;
296 
297 		/*
298 		 * Since we always write sequentially, the rest of the PEB has
299 		 * to contain only 0xFF bytes.
300 		 */
301 		offset += len;
302 		len = ubi->peb_size - offset;
303 		if (len)
304 			err = ubi_self_check_all_ff(ubi, pnum, offset, len);
305 	}
306 
307 	return err;
308 }
309 
310 /**
311  * erase_callback - MTD erasure call-back.
312  * @ei: MTD erase information object.
313  *
314  * Note, even though MTD erase interface is asynchronous, all the current
315  * implementations are synchronous anyway.
316  */
317 static void erase_callback(struct erase_info *ei)
318 {
319 	wake_up_interruptible((wait_queue_head_t *)ei->priv);
320 }
321 
322 /**
323  * do_sync_erase - synchronously erase a physical eraseblock.
324  * @ubi: UBI device description object
325  * @pnum: the physical eraseblock number to erase
326  *
327  * This function synchronously erases physical eraseblock @pnum and returns
328  * zero in case of success and a negative error code in case of failure. If
329  * %-EIO is returned, the physical eraseblock most probably went bad.
330  */
331 static int do_sync_erase(struct ubi_device *ubi, int pnum)
332 {
333 	int err, retries = 0;
334 	struct erase_info ei;
335 	wait_queue_head_t wq;
336 
337 	dbg_io("erase PEB %d", pnum);
338 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
339 
340 	if (ubi->ro_mode) {
341 		ubi_err("read-only mode");
342 		return -EROFS;
343 	}
344 
345 retry:
346 	init_waitqueue_head(&wq);
347 	memset(&ei, 0, sizeof(struct erase_info));
348 
349 	ei.mtd      = ubi->mtd;
350 	ei.addr     = (loff_t)pnum * ubi->peb_size;
351 	ei.len      = ubi->peb_size;
352 	ei.callback = erase_callback;
353 	ei.priv     = (unsigned long)&wq;
354 
355 	err = mtd_erase(ubi->mtd, &ei);
356 	if (err) {
357 		if (retries++ < UBI_IO_RETRIES) {
358 			ubi_warn("error %d while erasing PEB %d, retry",
359 				 err, pnum);
360 			yield();
361 			goto retry;
362 		}
363 		ubi_err("cannot erase PEB %d, error %d", pnum, err);
364 		dump_stack();
365 		return err;
366 	}
367 
368 	err = wait_event_interruptible(wq, ei.state == MTD_ERASE_DONE ||
369 					   ei.state == MTD_ERASE_FAILED);
370 	if (err) {
371 		ubi_err("interrupted PEB %d erasure", pnum);
372 		return -EINTR;
373 	}
374 
375 	if (ei.state == MTD_ERASE_FAILED) {
376 		if (retries++ < UBI_IO_RETRIES) {
377 			ubi_warn("error while erasing PEB %d, retry", pnum);
378 			yield();
379 			goto retry;
380 		}
381 		ubi_err("cannot erase PEB %d", pnum);
382 		dump_stack();
383 		return -EIO;
384 	}
385 
386 	err = ubi_self_check_all_ff(ubi, pnum, 0, ubi->peb_size);
387 	if (err)
388 		return err;
389 
390 	if (ubi_dbg_is_erase_failure(ubi)) {
391 		ubi_err("cannot erase PEB %d (emulated)", pnum);
392 		return -EIO;
393 	}
394 
395 	return 0;
396 }
397 
398 /* Patterns to write to a physical eraseblock when torturing it */
399 static uint8_t patterns[] = {0xa5, 0x5a, 0x0};
400 
401 /**
402  * torture_peb - test a supposedly bad physical eraseblock.
403  * @ubi: UBI device description object
404  * @pnum: the physical eraseblock number to test
405  *
406  * This function returns %-EIO if the physical eraseblock did not pass the
407  * test, a positive number of erase operations done if the test was
408  * successfully passed, and other negative error codes in case of other errors.
409  */
410 static int torture_peb(struct ubi_device *ubi, int pnum)
411 {
412 	int err, i, patt_count;
413 
414 	ubi_msg("run torture test for PEB %d", pnum);
415 	patt_count = ARRAY_SIZE(patterns);
416 	ubi_assert(patt_count > 0);
417 
418 	mutex_lock(&ubi->buf_mutex);
419 	for (i = 0; i < patt_count; i++) {
420 		err = do_sync_erase(ubi, pnum);
421 		if (err)
422 			goto out;
423 
424 		/* Make sure the PEB contains only 0xFF bytes */
425 		err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
426 		if (err)
427 			goto out;
428 
429 		err = ubi_check_pattern(ubi->peb_buf, 0xFF, ubi->peb_size);
430 		if (err == 0) {
431 			ubi_err("erased PEB %d, but a non-0xFF byte found",
432 				pnum);
433 			err = -EIO;
434 			goto out;
435 		}
436 
437 		/* Write a pattern and check it */
438 		memset(ubi->peb_buf, patterns[i], ubi->peb_size);
439 		err = ubi_io_write(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
440 		if (err)
441 			goto out;
442 
443 		memset(ubi->peb_buf, ~patterns[i], ubi->peb_size);
444 		err = ubi_io_read(ubi, ubi->peb_buf, pnum, 0, ubi->peb_size);
445 		if (err)
446 			goto out;
447 
448 		err = ubi_check_pattern(ubi->peb_buf, patterns[i],
449 					ubi->peb_size);
450 		if (err == 0) {
451 			ubi_err("pattern %x checking failed for PEB %d",
452 				patterns[i], pnum);
453 			err = -EIO;
454 			goto out;
455 		}
456 	}
457 
458 	err = patt_count;
459 	ubi_msg("PEB %d passed torture test, do not mark it as bad", pnum);
460 
461 out:
462 	mutex_unlock(&ubi->buf_mutex);
463 	if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) {
464 		/*
465 		 * If a bit-flip or data integrity error was detected, the test
466 		 * has not passed because it happened on a freshly erased
467 		 * physical eraseblock which means something is wrong with it.
468 		 */
469 		ubi_err("read problems on freshly erased PEB %d, must be bad",
470 			pnum);
471 		err = -EIO;
472 	}
473 	return err;
474 }
475 
476 /**
477  * nor_erase_prepare - prepare a NOR flash PEB for erasure.
478  * @ubi: UBI device description object
479  * @pnum: physical eraseblock number to prepare
480  *
481  * NOR flash, or at least some of them, have peculiar embedded PEB erasure
482  * algorithm: the PEB is first filled with zeroes, then it is erased. And
483  * filling with zeroes starts from the end of the PEB. This was observed with
484  * Spansion S29GL512N NOR flash.
485  *
486  * This means that in case of a power cut we may end up with intact data at the
487  * beginning of the PEB, and all zeroes at the end of PEB. In other words, the
488  * EC and VID headers are OK, but a large chunk of data at the end of PEB is
489  * zeroed. This makes UBI mistakenly treat this PEB as used and associate it
490  * with an LEB, which leads to subsequent failures (e.g., UBIFS fails).
491  *
492  * This function is called before erasing NOR PEBs and it zeroes out EC and VID
493  * magic numbers in order to invalidate them and prevent the failures. Returns
494  * zero in case of success and a negative error code in case of failure.
495  */
496 static int nor_erase_prepare(struct ubi_device *ubi, int pnum)
497 {
498 	int err;
499 	size_t written;
500 	loff_t addr;
501 	uint32_t data = 0;
502 	struct ubi_ec_hdr ec_hdr;
503 
504 	/*
505 	 * Note, we cannot generally define VID header buffers on stack,
506 	 * because of the way we deal with these buffers (see the header
507 	 * comment in this file). But we know this is a NOR-specific piece of
508 	 * code, so we can do this. But yes, this is error-prone and we should
509 	 * (pre-)allocate VID header buffer instead.
510 	 */
511 	struct ubi_vid_hdr vid_hdr;
512 
513 	/*
514 	 * If VID or EC is valid, we have to corrupt them before erasing.
515 	 * It is important to first invalidate the EC header, and then the VID
516 	 * header. Otherwise a power cut may lead to valid EC header and
517 	 * invalid VID header, in which case UBI will treat this PEB as
518 	 * corrupted and will try to preserve it, and print scary warnings.
519 	 */
520 	addr = (loff_t)pnum * ubi->peb_size;
521 	err = ubi_io_read_ec_hdr(ubi, pnum, &ec_hdr, 0);
522 	if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
523 	    err != UBI_IO_FF){
524 		err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
525 		if(err)
526 			goto error;
527 	}
528 
529 	err = ubi_io_read_vid_hdr(ubi, pnum, &vid_hdr, 0);
530 	if (err != UBI_IO_BAD_HDR_EBADMSG && err != UBI_IO_BAD_HDR &&
531 	    err != UBI_IO_FF){
532 		addr += ubi->vid_hdr_aloffset;
533 		err = mtd_write(ubi->mtd, addr, 4, &written, (void *)&data);
534 		if (err)
535 			goto error;
536 	}
537 	return 0;
538 
539 error:
540 	/*
541 	 * The PEB contains a valid VID or EC header, but we cannot invalidate
542 	 * it. Supposedly the flash media or the driver is screwed up, so
543 	 * return an error.
544 	 */
545 	ubi_err("cannot invalidate PEB %d, write returned %d", pnum, err);
546 	ubi_dump_flash(ubi, pnum, 0, ubi->peb_size);
547 	return -EIO;
548 }
549 
550 /**
551  * ubi_io_sync_erase - synchronously erase a physical eraseblock.
552  * @ubi: UBI device description object
553  * @pnum: physical eraseblock number to erase
554  * @torture: if this physical eraseblock has to be tortured
555  *
556  * This function synchronously erases physical eraseblock @pnum. If @torture
557  * flag is not zero, the physical eraseblock is checked by means of writing
558  * different patterns to it and reading them back. If the torturing is enabled,
559  * the physical eraseblock is erased more than once.
560  *
561  * This function returns the number of erasures made in case of success, %-EIO
562  * if the erasure failed or the torturing test failed, and other negative error
563  * codes in case of other errors. Note, %-EIO means that the physical
564  * eraseblock is bad.
565  */
566 int ubi_io_sync_erase(struct ubi_device *ubi, int pnum, int torture)
567 {
568 	int err, ret = 0;
569 
570 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
571 
572 	err = self_check_not_bad(ubi, pnum);
573 	if (err != 0)
574 		return err;
575 
576 	if (ubi->ro_mode) {
577 		ubi_err("read-only mode");
578 		return -EROFS;
579 	}
580 
581 	if (ubi->nor_flash) {
582 		err = nor_erase_prepare(ubi, pnum);
583 		if (err)
584 			return err;
585 	}
586 
587 	if (torture) {
588 		ret = torture_peb(ubi, pnum);
589 		if (ret < 0)
590 			return ret;
591 	}
592 
593 	err = do_sync_erase(ubi, pnum);
594 	if (err)
595 		return err;
596 
597 	return ret + 1;
598 }
599 
600 /**
601  * ubi_io_is_bad - check if a physical eraseblock is bad.
602  * @ubi: UBI device description object
603  * @pnum: the physical eraseblock number to check
604  *
605  * This function returns a positive number if the physical eraseblock is bad,
606  * zero if not, and a negative error code if an error occurred.
607  */
608 int ubi_io_is_bad(const struct ubi_device *ubi, int pnum)
609 {
610 	struct mtd_info *mtd = ubi->mtd;
611 
612 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
613 
614 	if (ubi->bad_allowed) {
615 		int ret;
616 
617 		ret = mtd_block_isbad(mtd, (loff_t)pnum * ubi->peb_size);
618 		if (ret < 0)
619 			ubi_err("error %d while checking if PEB %d is bad",
620 				ret, pnum);
621 		else if (ret)
622 			dbg_io("PEB %d is bad", pnum);
623 		return ret;
624 	}
625 
626 	return 0;
627 }
628 
629 /**
630  * ubi_io_mark_bad - mark a physical eraseblock as bad.
631  * @ubi: UBI device description object
632  * @pnum: the physical eraseblock number to mark
633  *
634  * This function returns zero in case of success and a negative error code in
635  * case of failure.
636  */
637 int ubi_io_mark_bad(const struct ubi_device *ubi, int pnum)
638 {
639 	int err;
640 	struct mtd_info *mtd = ubi->mtd;
641 
642 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
643 
644 	if (ubi->ro_mode) {
645 		ubi_err("read-only mode");
646 		return -EROFS;
647 	}
648 
649 	if (!ubi->bad_allowed)
650 		return 0;
651 
652 	err = mtd_block_markbad(mtd, (loff_t)pnum * ubi->peb_size);
653 	if (err)
654 		ubi_err("cannot mark PEB %d bad, error %d", pnum, err);
655 	return err;
656 }
657 
658 /**
659  * validate_ec_hdr - validate an erase counter header.
660  * @ubi: UBI device description object
661  * @ec_hdr: the erase counter header to check
662  *
663  * This function returns zero if the erase counter header is OK, and %1 if
664  * not.
665  */
666 static int validate_ec_hdr(const struct ubi_device *ubi,
667 			   const struct ubi_ec_hdr *ec_hdr)
668 {
669 	long long ec;
670 	int vid_hdr_offset, leb_start;
671 
672 	ec = be64_to_cpu(ec_hdr->ec);
673 	vid_hdr_offset = be32_to_cpu(ec_hdr->vid_hdr_offset);
674 	leb_start = be32_to_cpu(ec_hdr->data_offset);
675 
676 	if (ec_hdr->version != UBI_VERSION) {
677 		ubi_err("node with incompatible UBI version found: this UBI version is %d, image version is %d",
678 			UBI_VERSION, (int)ec_hdr->version);
679 		goto bad;
680 	}
681 
682 	if (vid_hdr_offset != ubi->vid_hdr_offset) {
683 		ubi_err("bad VID header offset %d, expected %d",
684 			vid_hdr_offset, ubi->vid_hdr_offset);
685 		goto bad;
686 	}
687 
688 	if (leb_start != ubi->leb_start) {
689 		ubi_err("bad data offset %d, expected %d",
690 			leb_start, ubi->leb_start);
691 		goto bad;
692 	}
693 
694 	if (ec < 0 || ec > UBI_MAX_ERASECOUNTER) {
695 		ubi_err("bad erase counter %lld", ec);
696 		goto bad;
697 	}
698 
699 	return 0;
700 
701 bad:
702 	ubi_err("bad EC header");
703 	ubi_dump_ec_hdr(ec_hdr);
704 	dump_stack();
705 	return 1;
706 }
707 
708 /**
709  * ubi_io_read_ec_hdr - read and check an erase counter header.
710  * @ubi: UBI device description object
711  * @pnum: physical eraseblock to read from
712  * @ec_hdr: a &struct ubi_ec_hdr object where to store the read erase counter
713  * header
714  * @verbose: be verbose if the header is corrupted or was not found
715  *
716  * This function reads erase counter header from physical eraseblock @pnum and
717  * stores it in @ec_hdr. This function also checks CRC checksum of the read
718  * erase counter header. The following codes may be returned:
719  *
720  * o %0 if the CRC checksum is correct and the header was successfully read;
721  * o %UBI_IO_BITFLIPS if the CRC is correct, but bit-flips were detected
722  *   and corrected by the flash driver; this is harmless but may indicate that
723  *   this eraseblock may become bad soon (but may be not);
724  * o %UBI_IO_BAD_HDR if the erase counter header is corrupted (a CRC error);
725  * o %UBI_IO_BAD_HDR_EBADMSG is the same as %UBI_IO_BAD_HDR, but there also was
726  *   a data integrity error (uncorrectable ECC error in case of NAND);
727  * o %UBI_IO_FF if only 0xFF bytes were read (the PEB is supposedly empty)
728  * o a negative error code in case of failure.
729  */
730 int ubi_io_read_ec_hdr(struct ubi_device *ubi, int pnum,
731 		       struct ubi_ec_hdr *ec_hdr, int verbose)
732 {
733 	int err, read_err;
734 	uint32_t crc, magic, hdr_crc;
735 
736 	dbg_io("read EC header from PEB %d", pnum);
737 	ubi_assert(pnum >= 0 && pnum < ubi->peb_count);
738 
739 	read_err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
740 	if (read_err) {
741 		if (read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
742 			return read_err;
743 
744 		/*
745 		 * We read all the data, but either a correctable bit-flip
746 		 * occurred, or MTD reported a data integrity error
747 		 * (uncorrectable ECC error in case of NAND). The former is
748 		 * harmless, the later may mean that the read data is
749 		 * corrupted. But we have a CRC check-sum and we will detect
750 		 * this. If the EC header is still OK, we just report this as
751 		 * there was a bit-flip, to force scrubbing.
752 		 */
753 	}
754 
755 	magic = be32_to_cpu(ec_hdr->magic);
756 	if (magic != UBI_EC_HDR_MAGIC) {
757 		if (mtd_is_eccerr(read_err))
758 			return UBI_IO_BAD_HDR_EBADMSG;
759 
760 		/*
761 		 * The magic field is wrong. Let's check if we have read all
762 		 * 0xFF. If yes, this physical eraseblock is assumed to be
763 		 * empty.
764 		 */
765 		if (ubi_check_pattern(ec_hdr, 0xFF, UBI_EC_HDR_SIZE)) {
766 			/* The physical eraseblock is supposedly empty */
767 			if (verbose)
768 				ubi_warn("no EC header found at PEB %d, only 0xFF bytes",
769 					 pnum);
770 			dbg_bld("no EC header found at PEB %d, only 0xFF bytes",
771 				pnum);
772 			if (!read_err)
773 				return UBI_IO_FF;
774 			else
775 				return UBI_IO_FF_BITFLIPS;
776 		}
777 
778 		/*
779 		 * This is not a valid erase counter header, and these are not
780 		 * 0xFF bytes. Report that the header is corrupted.
781 		 */
782 		if (verbose) {
783 			ubi_warn("bad magic number at PEB %d: %08x instead of %08x",
784 				 pnum, magic, UBI_EC_HDR_MAGIC);
785 			ubi_dump_ec_hdr(ec_hdr);
786 		}
787 		dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
788 			pnum, magic, UBI_EC_HDR_MAGIC);
789 		return UBI_IO_BAD_HDR;
790 	}
791 
792 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
793 	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
794 
795 	if (hdr_crc != crc) {
796 		if (verbose) {
797 			ubi_warn("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
798 				 pnum, crc, hdr_crc);
799 			ubi_dump_ec_hdr(ec_hdr);
800 		}
801 		dbg_bld("bad EC header CRC at PEB %d, calculated %#08x, read %#08x",
802 			pnum, crc, hdr_crc);
803 
804 		if (!read_err)
805 			return UBI_IO_BAD_HDR;
806 		else
807 			return UBI_IO_BAD_HDR_EBADMSG;
808 	}
809 
810 	/* And of course validate what has just been read from the media */
811 	err = validate_ec_hdr(ubi, ec_hdr);
812 	if (err) {
813 		ubi_err("validation failed for PEB %d", pnum);
814 		return -EINVAL;
815 	}
816 
817 	/*
818 	 * If there was %-EBADMSG, but the header CRC is still OK, report about
819 	 * a bit-flip to force scrubbing on this PEB.
820 	 */
821 	return read_err ? UBI_IO_BITFLIPS : 0;
822 }
823 
824 /**
825  * ubi_io_write_ec_hdr - write an erase counter header.
826  * @ubi: UBI device description object
827  * @pnum: physical eraseblock to write to
828  * @ec_hdr: the erase counter header to write
829  *
830  * This function writes erase counter header described by @ec_hdr to physical
831  * eraseblock @pnum. It also fills most fields of @ec_hdr before writing, so
832  * the caller do not have to fill them. Callers must only fill the @ec_hdr->ec
833  * field.
834  *
835  * This function returns zero in case of success and a negative error code in
836  * case of failure. If %-EIO is returned, the physical eraseblock most probably
837  * went bad.
838  */
839 int ubi_io_write_ec_hdr(struct ubi_device *ubi, int pnum,
840 			struct ubi_ec_hdr *ec_hdr)
841 {
842 	int err;
843 	uint32_t crc;
844 
845 	dbg_io("write EC header to PEB %d", pnum);
846 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
847 
848 	ec_hdr->magic = cpu_to_be32(UBI_EC_HDR_MAGIC);
849 	ec_hdr->version = UBI_VERSION;
850 	ec_hdr->vid_hdr_offset = cpu_to_be32(ubi->vid_hdr_offset);
851 	ec_hdr->data_offset = cpu_to_be32(ubi->leb_start);
852 	ec_hdr->image_seq = cpu_to_be32(ubi->image_seq);
853 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
854 	ec_hdr->hdr_crc = cpu_to_be32(crc);
855 
856 	err = self_check_ec_hdr(ubi, pnum, ec_hdr);
857 	if (err)
858 		return err;
859 
860 	err = ubi_io_write(ubi, ec_hdr, pnum, 0, ubi->ec_hdr_alsize);
861 	return err;
862 }
863 
864 /**
865  * validate_vid_hdr - validate a volume identifier header.
866  * @ubi: UBI device description object
867  * @vid_hdr: the volume identifier header to check
868  *
869  * This function checks that data stored in the volume identifier header
870  * @vid_hdr. Returns zero if the VID header is OK and %1 if not.
871  */
872 static int validate_vid_hdr(const struct ubi_device *ubi,
873 			    const struct ubi_vid_hdr *vid_hdr)
874 {
875 	int vol_type = vid_hdr->vol_type;
876 	int copy_flag = vid_hdr->copy_flag;
877 	int vol_id = be32_to_cpu(vid_hdr->vol_id);
878 	int lnum = be32_to_cpu(vid_hdr->lnum);
879 	int compat = vid_hdr->compat;
880 	int data_size = be32_to_cpu(vid_hdr->data_size);
881 	int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
882 	int data_pad = be32_to_cpu(vid_hdr->data_pad);
883 	int data_crc = be32_to_cpu(vid_hdr->data_crc);
884 	int usable_leb_size = ubi->leb_size - data_pad;
885 
886 	if (copy_flag != 0 && copy_flag != 1) {
887 		ubi_err("bad copy_flag");
888 		goto bad;
889 	}
890 
891 	if (vol_id < 0 || lnum < 0 || data_size < 0 || used_ebs < 0 ||
892 	    data_pad < 0) {
893 		ubi_err("negative values");
894 		goto bad;
895 	}
896 
897 	if (vol_id >= UBI_MAX_VOLUMES && vol_id < UBI_INTERNAL_VOL_START) {
898 		ubi_err("bad vol_id");
899 		goto bad;
900 	}
901 
902 	if (vol_id < UBI_INTERNAL_VOL_START && compat != 0) {
903 		ubi_err("bad compat");
904 		goto bad;
905 	}
906 
907 	if (vol_id >= UBI_INTERNAL_VOL_START && compat != UBI_COMPAT_DELETE &&
908 	    compat != UBI_COMPAT_RO && compat != UBI_COMPAT_PRESERVE &&
909 	    compat != UBI_COMPAT_REJECT) {
910 		ubi_err("bad compat");
911 		goto bad;
912 	}
913 
914 	if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) {
915 		ubi_err("bad vol_type");
916 		goto bad;
917 	}
918 
919 	if (data_pad >= ubi->leb_size / 2) {
920 		ubi_err("bad data_pad");
921 		goto bad;
922 	}
923 
924 	if (vol_type == UBI_VID_STATIC) {
925 		/*
926 		 * Although from high-level point of view static volumes may
927 		 * contain zero bytes of data, but no VID headers can contain
928 		 * zero at these fields, because they empty volumes do not have
929 		 * mapped logical eraseblocks.
930 		 */
931 		if (used_ebs == 0) {
932 			ubi_err("zero used_ebs");
933 			goto bad;
934 		}
935 		if (data_size == 0) {
936 			ubi_err("zero data_size");
937 			goto bad;
938 		}
939 		if (lnum < used_ebs - 1) {
940 			if (data_size != usable_leb_size) {
941 				ubi_err("bad data_size");
942 				goto bad;
943 			}
944 		} else if (lnum == used_ebs - 1) {
945 			if (data_size == 0) {
946 				ubi_err("bad data_size at last LEB");
947 				goto bad;
948 			}
949 		} else {
950 			ubi_err("too high lnum");
951 			goto bad;
952 		}
953 	} else {
954 		if (copy_flag == 0) {
955 			if (data_crc != 0) {
956 				ubi_err("non-zero data CRC");
957 				goto bad;
958 			}
959 			if (data_size != 0) {
960 				ubi_err("non-zero data_size");
961 				goto bad;
962 			}
963 		} else {
964 			if (data_size == 0) {
965 				ubi_err("zero data_size of copy");
966 				goto bad;
967 			}
968 		}
969 		if (used_ebs != 0) {
970 			ubi_err("bad used_ebs");
971 			goto bad;
972 		}
973 	}
974 
975 	return 0;
976 
977 bad:
978 	ubi_err("bad VID header");
979 	ubi_dump_vid_hdr(vid_hdr);
980 	dump_stack();
981 	return 1;
982 }
983 
984 /**
985  * ubi_io_read_vid_hdr - read and check a volume identifier header.
986  * @ubi: UBI device description object
987  * @pnum: physical eraseblock number to read from
988  * @vid_hdr: &struct ubi_vid_hdr object where to store the read volume
989  * identifier header
990  * @verbose: be verbose if the header is corrupted or wasn't found
991  *
992  * This function reads the volume identifier header from physical eraseblock
993  * @pnum and stores it in @vid_hdr. It also checks CRC checksum of the read
994  * volume identifier header. The error codes are the same as in
995  * 'ubi_io_read_ec_hdr()'.
996  *
997  * Note, the implementation of this function is also very similar to
998  * 'ubi_io_read_ec_hdr()', so refer commentaries in 'ubi_io_read_ec_hdr()'.
999  */
1000 int ubi_io_read_vid_hdr(struct ubi_device *ubi, int pnum,
1001 			struct ubi_vid_hdr *vid_hdr, int verbose)
1002 {
1003 	int err, read_err;
1004 	uint32_t crc, magic, hdr_crc;
1005 	void *p;
1006 
1007 	dbg_io("read VID header from PEB %d", pnum);
1008 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1009 
1010 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1011 	read_err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1012 			  ubi->vid_hdr_alsize);
1013 	if (read_err && read_err != UBI_IO_BITFLIPS && !mtd_is_eccerr(read_err))
1014 		return read_err;
1015 
1016 	magic = be32_to_cpu(vid_hdr->magic);
1017 	if (magic != UBI_VID_HDR_MAGIC) {
1018 		if (mtd_is_eccerr(read_err))
1019 			return UBI_IO_BAD_HDR_EBADMSG;
1020 
1021 		if (ubi_check_pattern(vid_hdr, 0xFF, UBI_VID_HDR_SIZE)) {
1022 			if (verbose)
1023 				ubi_warn("no VID header found at PEB %d, only 0xFF bytes",
1024 					 pnum);
1025 			dbg_bld("no VID header found at PEB %d, only 0xFF bytes",
1026 				pnum);
1027 			if (!read_err)
1028 				return UBI_IO_FF;
1029 			else
1030 				return UBI_IO_FF_BITFLIPS;
1031 		}
1032 
1033 		if (verbose) {
1034 			ubi_warn("bad magic number at PEB %d: %08x instead of %08x",
1035 				 pnum, magic, UBI_VID_HDR_MAGIC);
1036 			ubi_dump_vid_hdr(vid_hdr);
1037 		}
1038 		dbg_bld("bad magic number at PEB %d: %08x instead of %08x",
1039 			pnum, magic, UBI_VID_HDR_MAGIC);
1040 		return UBI_IO_BAD_HDR;
1041 	}
1042 
1043 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1044 	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1045 
1046 	if (hdr_crc != crc) {
1047 		if (verbose) {
1048 			ubi_warn("bad CRC at PEB %d, calculated %#08x, read %#08x",
1049 				 pnum, crc, hdr_crc);
1050 			ubi_dump_vid_hdr(vid_hdr);
1051 		}
1052 		dbg_bld("bad CRC at PEB %d, calculated %#08x, read %#08x",
1053 			pnum, crc, hdr_crc);
1054 		if (!read_err)
1055 			return UBI_IO_BAD_HDR;
1056 		else
1057 			return UBI_IO_BAD_HDR_EBADMSG;
1058 	}
1059 
1060 	err = validate_vid_hdr(ubi, vid_hdr);
1061 	if (err) {
1062 		ubi_err("validation failed for PEB %d", pnum);
1063 		return -EINVAL;
1064 	}
1065 
1066 	return read_err ? UBI_IO_BITFLIPS : 0;
1067 }
1068 
1069 /**
1070  * ubi_io_write_vid_hdr - write a volume identifier header.
1071  * @ubi: UBI device description object
1072  * @pnum: the physical eraseblock number to write to
1073  * @vid_hdr: the volume identifier header to write
1074  *
1075  * This function writes the volume identifier header described by @vid_hdr to
1076  * physical eraseblock @pnum. This function automatically fills the
1077  * @vid_hdr->magic and the @vid_hdr->version fields, as well as calculates
1078  * header CRC checksum and stores it at vid_hdr->hdr_crc.
1079  *
1080  * This function returns zero in case of success and a negative error code in
1081  * case of failure. If %-EIO is returned, the physical eraseblock probably went
1082  * bad.
1083  */
1084 int ubi_io_write_vid_hdr(struct ubi_device *ubi, int pnum,
1085 			 struct ubi_vid_hdr *vid_hdr)
1086 {
1087 	int err;
1088 	uint32_t crc;
1089 	void *p;
1090 
1091 	dbg_io("write VID header to PEB %d", pnum);
1092 	ubi_assert(pnum >= 0 &&  pnum < ubi->peb_count);
1093 
1094 	err = self_check_peb_ec_hdr(ubi, pnum);
1095 	if (err)
1096 		return err;
1097 
1098 	vid_hdr->magic = cpu_to_be32(UBI_VID_HDR_MAGIC);
1099 	vid_hdr->version = UBI_VERSION;
1100 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_VID_HDR_SIZE_CRC);
1101 	vid_hdr->hdr_crc = cpu_to_be32(crc);
1102 
1103 	err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1104 	if (err)
1105 		return err;
1106 
1107 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1108 	err = ubi_io_write(ubi, p, pnum, ubi->vid_hdr_aloffset,
1109 			   ubi->vid_hdr_alsize);
1110 	return err;
1111 }
1112 
1113 /**
1114  * self_check_not_bad - ensure that a physical eraseblock is not bad.
1115  * @ubi: UBI device description object
1116  * @pnum: physical eraseblock number to check
1117  *
1118  * This function returns zero if the physical eraseblock is good, %-EINVAL if
1119  * it is bad and a negative error code if an error occurred.
1120  */
1121 static int self_check_not_bad(const struct ubi_device *ubi, int pnum)
1122 {
1123 	int err;
1124 
1125 	if (!ubi_dbg_chk_io(ubi))
1126 		return 0;
1127 
1128 	err = ubi_io_is_bad(ubi, pnum);
1129 	if (!err)
1130 		return err;
1131 
1132 	ubi_err("self-check failed for PEB %d", pnum);
1133 	dump_stack();
1134 	return err > 0 ? -EINVAL : err;
1135 }
1136 
1137 /**
1138  * self_check_ec_hdr - check if an erase counter header is all right.
1139  * @ubi: UBI device description object
1140  * @pnum: physical eraseblock number the erase counter header belongs to
1141  * @ec_hdr: the erase counter header to check
1142  *
1143  * This function returns zero if the erase counter header contains valid
1144  * values, and %-EINVAL if not.
1145  */
1146 static int self_check_ec_hdr(const struct ubi_device *ubi, int pnum,
1147 			     const struct ubi_ec_hdr *ec_hdr)
1148 {
1149 	int err;
1150 	uint32_t magic;
1151 
1152 	if (!ubi_dbg_chk_io(ubi))
1153 		return 0;
1154 
1155 	magic = be32_to_cpu(ec_hdr->magic);
1156 	if (magic != UBI_EC_HDR_MAGIC) {
1157 		ubi_err("bad magic %#08x, must be %#08x",
1158 			magic, UBI_EC_HDR_MAGIC);
1159 		goto fail;
1160 	}
1161 
1162 	err = validate_ec_hdr(ubi, ec_hdr);
1163 	if (err) {
1164 		ubi_err("self-check failed for PEB %d", pnum);
1165 		goto fail;
1166 	}
1167 
1168 	return 0;
1169 
1170 fail:
1171 	ubi_dump_ec_hdr(ec_hdr);
1172 	dump_stack();
1173 	return -EINVAL;
1174 }
1175 
1176 /**
1177  * self_check_peb_ec_hdr - check erase counter header.
1178  * @ubi: UBI device description object
1179  * @pnum: the physical eraseblock number to check
1180  *
1181  * This function returns zero if the erase counter header is all right and and
1182  * a negative error code if not or if an error occurred.
1183  */
1184 static int self_check_peb_ec_hdr(const struct ubi_device *ubi, int pnum)
1185 {
1186 	int err;
1187 	uint32_t crc, hdr_crc;
1188 	struct ubi_ec_hdr *ec_hdr;
1189 
1190 	if (!ubi_dbg_chk_io(ubi))
1191 		return 0;
1192 
1193 	ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_NOFS);
1194 	if (!ec_hdr)
1195 		return -ENOMEM;
1196 
1197 	err = ubi_io_read(ubi, ec_hdr, pnum, 0, UBI_EC_HDR_SIZE);
1198 	if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1199 		goto exit;
1200 
1201 	crc = crc32(UBI_CRC32_INIT, ec_hdr, UBI_EC_HDR_SIZE_CRC);
1202 	hdr_crc = be32_to_cpu(ec_hdr->hdr_crc);
1203 	if (hdr_crc != crc) {
1204 		ubi_err("bad CRC, calculated %#08x, read %#08x", crc, hdr_crc);
1205 		ubi_err("self-check failed for PEB %d", pnum);
1206 		ubi_dump_ec_hdr(ec_hdr);
1207 		dump_stack();
1208 		err = -EINVAL;
1209 		goto exit;
1210 	}
1211 
1212 	err = self_check_ec_hdr(ubi, pnum, ec_hdr);
1213 
1214 exit:
1215 	kfree(ec_hdr);
1216 	return err;
1217 }
1218 
1219 /**
1220  * self_check_vid_hdr - check that a volume identifier header is all right.
1221  * @ubi: UBI device description object
1222  * @pnum: physical eraseblock number the volume identifier header belongs to
1223  * @vid_hdr: the volume identifier header to check
1224  *
1225  * This function returns zero if the volume identifier header is all right, and
1226  * %-EINVAL if not.
1227  */
1228 static int self_check_vid_hdr(const struct ubi_device *ubi, int pnum,
1229 			      const struct ubi_vid_hdr *vid_hdr)
1230 {
1231 	int err;
1232 	uint32_t magic;
1233 
1234 	if (!ubi_dbg_chk_io(ubi))
1235 		return 0;
1236 
1237 	magic = be32_to_cpu(vid_hdr->magic);
1238 	if (magic != UBI_VID_HDR_MAGIC) {
1239 		ubi_err("bad VID header magic %#08x at PEB %d, must be %#08x",
1240 			magic, pnum, UBI_VID_HDR_MAGIC);
1241 		goto fail;
1242 	}
1243 
1244 	err = validate_vid_hdr(ubi, vid_hdr);
1245 	if (err) {
1246 		ubi_err("self-check failed for PEB %d", pnum);
1247 		goto fail;
1248 	}
1249 
1250 	return err;
1251 
1252 fail:
1253 	ubi_err("self-check failed for PEB %d", pnum);
1254 	ubi_dump_vid_hdr(vid_hdr);
1255 	dump_stack();
1256 	return -EINVAL;
1257 
1258 }
1259 
1260 /**
1261  * self_check_peb_vid_hdr - check volume identifier header.
1262  * @ubi: UBI device description object
1263  * @pnum: the physical eraseblock number to check
1264  *
1265  * This function returns zero if the volume identifier header is all right,
1266  * and a negative error code if not or if an error occurred.
1267  */
1268 static int self_check_peb_vid_hdr(const struct ubi_device *ubi, int pnum)
1269 {
1270 	int err;
1271 	uint32_t crc, hdr_crc;
1272 	struct ubi_vid_hdr *vid_hdr;
1273 	void *p;
1274 
1275 	if (!ubi_dbg_chk_io(ubi))
1276 		return 0;
1277 
1278 	vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_NOFS);
1279 	if (!vid_hdr)
1280 		return -ENOMEM;
1281 
1282 	p = (char *)vid_hdr - ubi->vid_hdr_shift;
1283 	err = ubi_io_read(ubi, p, pnum, ubi->vid_hdr_aloffset,
1284 			  ubi->vid_hdr_alsize);
1285 	if (err && err != UBI_IO_BITFLIPS && !mtd_is_eccerr(err))
1286 		goto exit;
1287 
1288 	crc = crc32(UBI_CRC32_INIT, vid_hdr, UBI_EC_HDR_SIZE_CRC);
1289 	hdr_crc = be32_to_cpu(vid_hdr->hdr_crc);
1290 	if (hdr_crc != crc) {
1291 		ubi_err("bad VID header CRC at PEB %d, calculated %#08x, read %#08x",
1292 			pnum, crc, hdr_crc);
1293 		ubi_err("self-check failed for PEB %d", pnum);
1294 		ubi_dump_vid_hdr(vid_hdr);
1295 		dump_stack();
1296 		err = -EINVAL;
1297 		goto exit;
1298 	}
1299 
1300 	err = self_check_vid_hdr(ubi, pnum, vid_hdr);
1301 
1302 exit:
1303 	ubi_free_vid_hdr(ubi, vid_hdr);
1304 	return err;
1305 }
1306 
1307 /**
1308  * self_check_write - make sure write succeeded.
1309  * @ubi: UBI device description object
1310  * @buf: buffer with data which were written
1311  * @pnum: physical eraseblock number the data were written to
1312  * @offset: offset within the physical eraseblock the data were written to
1313  * @len: how many bytes were written
1314  *
1315  * This functions reads data which were recently written and compares it with
1316  * the original data buffer - the data have to match. Returns zero if the data
1317  * match and a negative error code if not or in case of failure.
1318  */
1319 static int self_check_write(struct ubi_device *ubi, const void *buf, int pnum,
1320 			    int offset, int len)
1321 {
1322 	int err, i;
1323 	size_t read;
1324 	void *buf1;
1325 	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1326 
1327 	if (!ubi_dbg_chk_io(ubi))
1328 		return 0;
1329 
1330 	buf1 = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1331 	if (!buf1) {
1332 		ubi_err("cannot allocate memory to check writes");
1333 		return 0;
1334 	}
1335 
1336 	err = mtd_read(ubi->mtd, addr, len, &read, buf1);
1337 	if (err && !mtd_is_bitflip(err))
1338 		goto out_free;
1339 
1340 	for (i = 0; i < len; i++) {
1341 		uint8_t c = ((uint8_t *)buf)[i];
1342 		uint8_t c1 = ((uint8_t *)buf1)[i];
1343 		int dump_len;
1344 
1345 		if (c == c1)
1346 			continue;
1347 
1348 		ubi_err("self-check failed for PEB %d:%d, len %d",
1349 			pnum, offset, len);
1350 		ubi_msg("data differ at position %d", i);
1351 		dump_len = max_t(int, 128, len - i);
1352 		ubi_msg("hex dump of the original buffer from %d to %d",
1353 			i, i + dump_len);
1354 		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1355 			       buf + i, dump_len, 1);
1356 		ubi_msg("hex dump of the read buffer from %d to %d",
1357 			i, i + dump_len);
1358 		print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1,
1359 			       buf1 + i, dump_len, 1);
1360 		dump_stack();
1361 		err = -EINVAL;
1362 		goto out_free;
1363 	}
1364 
1365 	vfree(buf1);
1366 	return 0;
1367 
1368 out_free:
1369 	vfree(buf1);
1370 	return err;
1371 }
1372 
1373 /**
1374  * ubi_self_check_all_ff - check that a region of flash is empty.
1375  * @ubi: UBI device description object
1376  * @pnum: the physical eraseblock number to check
1377  * @offset: the starting offset within the physical eraseblock to check
1378  * @len: the length of the region to check
1379  *
1380  * This function returns zero if only 0xFF bytes are present at offset
1381  * @offset of the physical eraseblock @pnum, and a negative error code if not
1382  * or if an error occurred.
1383  */
1384 int ubi_self_check_all_ff(struct ubi_device *ubi, int pnum, int offset, int len)
1385 {
1386 	size_t read;
1387 	int err;
1388 	void *buf;
1389 	loff_t addr = (loff_t)pnum * ubi->peb_size + offset;
1390 
1391 	if (!ubi_dbg_chk_io(ubi))
1392 		return 0;
1393 
1394 	buf = __vmalloc(len, GFP_NOFS, PAGE_KERNEL);
1395 	if (!buf) {
1396 		ubi_err("cannot allocate memory to check for 0xFFs");
1397 		return 0;
1398 	}
1399 
1400 	err = mtd_read(ubi->mtd, addr, len, &read, buf);
1401 	if (err && !mtd_is_bitflip(err)) {
1402 		ubi_err("error %d while reading %d bytes from PEB %d:%d, read %zd bytes",
1403 			err, len, pnum, offset, read);
1404 		goto error;
1405 	}
1406 
1407 	err = ubi_check_pattern(buf, 0xFF, len);
1408 	if (err == 0) {
1409 		ubi_err("flash region at PEB %d:%d, length %d does not contain all 0xFF bytes",
1410 			pnum, offset, len);
1411 		goto fail;
1412 	}
1413 
1414 	vfree(buf);
1415 	return 0;
1416 
1417 fail:
1418 	ubi_err("self-check failed for PEB %d", pnum);
1419 	ubi_msg("hex dump of the %d-%d region", offset, offset + len);
1420 	print_hex_dump(KERN_DEBUG, "", DUMP_PREFIX_OFFSET, 32, 1, buf, len, 1);
1421 	err = -EINVAL;
1422 error:
1423 	dump_stack();
1424 	vfree(buf);
1425 	return err;
1426 }
1427