1 /* 2 * Copyright (c) International Business Machines Corp., 2006 3 * Copyright (c) Nokia Corporation, 2006, 2007 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 * 7 * Author: Artem Bityutskiy (Битюцкий Артём) 8 */ 9 10 /* 11 * This file includes volume table manipulation code. The volume table is an 12 * on-flash table containing volume meta-data like name, number of reserved 13 * physical eraseblocks, type, etc. The volume table is stored in the so-called 14 * "layout volume". 15 * 16 * The layout volume is an internal volume which is organized as follows. It 17 * consists of two logical eraseblocks - LEB 0 and LEB 1. Each logical 18 * eraseblock stores one volume table copy, i.e. LEB 0 and LEB 1 duplicate each 19 * other. This redundancy guarantees robustness to unclean reboots. The volume 20 * table is basically an array of volume table records. Each record contains 21 * full information about the volume and protected by a CRC checksum. Note, 22 * nowadays we use the atomic LEB change operation when updating the volume 23 * table, so we do not really need 2 LEBs anymore, but we preserve the older 24 * design for the backward compatibility reasons. 25 * 26 * When the volume table is changed, it is first changed in RAM. Then LEB 0 is 27 * erased, and the updated volume table is written back to LEB 0. Then same for 28 * LEB 1. This scheme guarantees recoverability from unclean reboots. 29 * 30 * In this UBI implementation the on-flash volume table does not contain any 31 * information about how much data static volumes contain. 32 * 33 * But it would still be beneficial to store this information in the volume 34 * table. For example, suppose we have a static volume X, and all its physical 35 * eraseblocks became bad for some reasons. Suppose we are attaching the 36 * corresponding MTD device, for some reason we find no logical eraseblocks 37 * corresponding to the volume X. According to the volume table volume X does 38 * exist. So we don't know whether it is just empty or all its physical 39 * eraseblocks went bad. So we cannot alarm the user properly. 40 * 41 * The volume table also stores so-called "update marker", which is used for 42 * volume updates. Before updating the volume, the update marker is set, and 43 * after the update operation is finished, the update marker is cleared. So if 44 * the update operation was interrupted (e.g. by an unclean reboot) - the 45 * update marker is still there and we know that the volume's contents is 46 * damaged. 47 */ 48 49 #ifndef __UBOOT__ 50 #include <linux/crc32.h> 51 #include <linux/err.h> 52 #include <linux/slab.h> 53 #include <asm/div64.h> 54 #else 55 #include <ubi_uboot.h> 56 #endif 57 58 #include <linux/err.h> 59 #include "ubi.h" 60 61 static void self_vtbl_check(const struct ubi_device *ubi); 62 63 /* Empty volume table record */ 64 static struct ubi_vtbl_record empty_vtbl_record; 65 66 /** 67 * ubi_update_layout_vol - helper for updatting layout volumes on flash 68 * @ubi: UBI device description object 69 */ 70 static int ubi_update_layout_vol(struct ubi_device *ubi) 71 { 72 struct ubi_volume *layout_vol; 73 int i, err; 74 75 layout_vol = ubi->volumes[vol_id2idx(ubi, UBI_LAYOUT_VOLUME_ID)]; 76 for (i = 0; i < UBI_LAYOUT_VOLUME_EBS; i++) { 77 err = ubi_eba_atomic_leb_change(ubi, layout_vol, i, ubi->vtbl, 78 ubi->vtbl_size); 79 if (err) 80 return err; 81 } 82 83 return 0; 84 } 85 86 /** 87 * ubi_change_vtbl_record - change volume table record. 88 * @ubi: UBI device description object 89 * @idx: table index to change 90 * @vtbl_rec: new volume table record 91 * 92 * This function changes volume table record @idx. If @vtbl_rec is %NULL, empty 93 * volume table record is written. The caller does not have to calculate CRC of 94 * the record as it is done by this function. Returns zero in case of success 95 * and a negative error code in case of failure. 96 */ 97 int ubi_change_vtbl_record(struct ubi_device *ubi, int idx, 98 struct ubi_vtbl_record *vtbl_rec) 99 { 100 int err; 101 uint32_t crc; 102 103 ubi_assert(idx >= 0 && idx < ubi->vtbl_slots); 104 105 if (!vtbl_rec) 106 vtbl_rec = &empty_vtbl_record; 107 else { 108 crc = crc32(UBI_CRC32_INIT, vtbl_rec, UBI_VTBL_RECORD_SIZE_CRC); 109 vtbl_rec->crc = cpu_to_be32(crc); 110 } 111 112 memcpy(&ubi->vtbl[idx], vtbl_rec, sizeof(struct ubi_vtbl_record)); 113 err = ubi_update_layout_vol(ubi); 114 115 self_vtbl_check(ubi); 116 return err ? err : 0; 117 } 118 119 /** 120 * ubi_vtbl_rename_volumes - rename UBI volumes in the volume table. 121 * @ubi: UBI device description object 122 * @rename_list: list of &struct ubi_rename_entry objects 123 * 124 * This function re-names multiple volumes specified in @req in the volume 125 * table. Returns zero in case of success and a negative error code in case of 126 * failure. 127 */ 128 int ubi_vtbl_rename_volumes(struct ubi_device *ubi, 129 struct list_head *rename_list) 130 { 131 struct ubi_rename_entry *re; 132 133 list_for_each_entry(re, rename_list, list) { 134 uint32_t crc; 135 struct ubi_volume *vol = re->desc->vol; 136 struct ubi_vtbl_record *vtbl_rec = &ubi->vtbl[vol->vol_id]; 137 138 if (re->remove) { 139 memcpy(vtbl_rec, &empty_vtbl_record, 140 sizeof(struct ubi_vtbl_record)); 141 continue; 142 } 143 144 vtbl_rec->name_len = cpu_to_be16(re->new_name_len); 145 memcpy(vtbl_rec->name, re->new_name, re->new_name_len); 146 memset(vtbl_rec->name + re->new_name_len, 0, 147 UBI_VOL_NAME_MAX + 1 - re->new_name_len); 148 crc = crc32(UBI_CRC32_INIT, vtbl_rec, 149 UBI_VTBL_RECORD_SIZE_CRC); 150 vtbl_rec->crc = cpu_to_be32(crc); 151 } 152 153 return ubi_update_layout_vol(ubi); 154 } 155 156 /** 157 * vtbl_check - check if volume table is not corrupted and sensible. 158 * @ubi: UBI device description object 159 * @vtbl: volume table 160 * 161 * This function returns zero if @vtbl is all right, %1 if CRC is incorrect, 162 * and %-EINVAL if it contains inconsistent data. 163 */ 164 static int vtbl_check(const struct ubi_device *ubi, 165 const struct ubi_vtbl_record *vtbl) 166 { 167 int i, n, reserved_pebs, alignment, data_pad, vol_type, name_len; 168 int upd_marker, err; 169 uint32_t crc; 170 const char *name; 171 172 for (i = 0; i < ubi->vtbl_slots; i++) { 173 cond_resched(); 174 175 reserved_pebs = be32_to_cpu(vtbl[i].reserved_pebs); 176 alignment = be32_to_cpu(vtbl[i].alignment); 177 data_pad = be32_to_cpu(vtbl[i].data_pad); 178 upd_marker = vtbl[i].upd_marker; 179 vol_type = vtbl[i].vol_type; 180 name_len = be16_to_cpu(vtbl[i].name_len); 181 name = &vtbl[i].name[0]; 182 183 crc = crc32(UBI_CRC32_INIT, &vtbl[i], UBI_VTBL_RECORD_SIZE_CRC); 184 if (be32_to_cpu(vtbl[i].crc) != crc) { 185 ubi_err(ubi, "bad CRC at record %u: %#08x, not %#08x", 186 i, crc, be32_to_cpu(vtbl[i].crc)); 187 ubi_dump_vtbl_record(&vtbl[i], i); 188 return 1; 189 } 190 191 if (reserved_pebs == 0) { 192 if (memcmp(&vtbl[i], &empty_vtbl_record, 193 UBI_VTBL_RECORD_SIZE)) { 194 err = 2; 195 goto bad; 196 } 197 continue; 198 } 199 200 if (reserved_pebs < 0 || alignment < 0 || data_pad < 0 || 201 name_len < 0) { 202 err = 3; 203 goto bad; 204 } 205 206 if (alignment > ubi->leb_size || alignment == 0) { 207 err = 4; 208 goto bad; 209 } 210 211 n = alignment & (ubi->min_io_size - 1); 212 if (alignment != 1 && n) { 213 err = 5; 214 goto bad; 215 } 216 217 n = ubi->leb_size % alignment; 218 if (data_pad != n) { 219 ubi_err(ubi, "bad data_pad, has to be %d", n); 220 err = 6; 221 goto bad; 222 } 223 224 if (vol_type != UBI_VID_DYNAMIC && vol_type != UBI_VID_STATIC) { 225 err = 7; 226 goto bad; 227 } 228 229 if (upd_marker != 0 && upd_marker != 1) { 230 err = 8; 231 goto bad; 232 } 233 234 if (reserved_pebs > ubi->good_peb_count) { 235 ubi_err(ubi, "too large reserved_pebs %d, good PEBs %d", 236 reserved_pebs, ubi->good_peb_count); 237 err = 9; 238 goto bad; 239 } 240 241 if (name_len > UBI_VOL_NAME_MAX) { 242 err = 10; 243 goto bad; 244 } 245 246 if (name[0] == '\0') { 247 err = 11; 248 goto bad; 249 } 250 251 if (name_len != strnlen(name, name_len + 1)) { 252 err = 12; 253 goto bad; 254 } 255 } 256 257 /* Checks that all names are unique */ 258 for (i = 0; i < ubi->vtbl_slots - 1; i++) { 259 for (n = i + 1; n < ubi->vtbl_slots; n++) { 260 int len1 = be16_to_cpu(vtbl[i].name_len); 261 int len2 = be16_to_cpu(vtbl[n].name_len); 262 263 if (len1 > 0 && len1 == len2 && 264 #ifndef __UBOOT__ 265 !strncmp(vtbl[i].name, vtbl[n].name, len1)) { 266 #else 267 !strncmp((char *)vtbl[i].name, vtbl[n].name, len1)) { 268 #endif 269 ubi_err(ubi, "volumes %d and %d have the same name \"%s\"", 270 i, n, vtbl[i].name); 271 ubi_dump_vtbl_record(&vtbl[i], i); 272 ubi_dump_vtbl_record(&vtbl[n], n); 273 return -EINVAL; 274 } 275 } 276 } 277 278 return 0; 279 280 bad: 281 ubi_err(ubi, "volume table check failed: record %d, error %d", i, err); 282 ubi_dump_vtbl_record(&vtbl[i], i); 283 return -EINVAL; 284 } 285 286 /** 287 * create_vtbl - create a copy of volume table. 288 * @ubi: UBI device description object 289 * @ai: attaching information 290 * @copy: number of the volume table copy 291 * @vtbl: contents of the volume table 292 * 293 * This function returns zero in case of success and a negative error code in 294 * case of failure. 295 */ 296 static int create_vtbl(struct ubi_device *ubi, struct ubi_attach_info *ai, 297 int copy, void *vtbl) 298 { 299 int err, tries = 0; 300 struct ubi_vid_hdr *vid_hdr; 301 struct ubi_ainf_peb *new_aeb; 302 303 dbg_gen("create volume table (copy #%d)", copy + 1); 304 305 vid_hdr = ubi_zalloc_vid_hdr(ubi, GFP_KERNEL); 306 if (!vid_hdr) 307 return -ENOMEM; 308 309 retry: 310 new_aeb = ubi_early_get_peb(ubi, ai); 311 if (IS_ERR(new_aeb)) { 312 err = PTR_ERR(new_aeb); 313 goto out_free; 314 } 315 316 vid_hdr->vol_type = UBI_LAYOUT_VOLUME_TYPE; 317 vid_hdr->vol_id = cpu_to_be32(UBI_LAYOUT_VOLUME_ID); 318 vid_hdr->compat = UBI_LAYOUT_VOLUME_COMPAT; 319 vid_hdr->data_size = vid_hdr->used_ebs = 320 vid_hdr->data_pad = cpu_to_be32(0); 321 vid_hdr->lnum = cpu_to_be32(copy); 322 vid_hdr->sqnum = cpu_to_be64(++ai->max_sqnum); 323 324 /* The EC header is already there, write the VID header */ 325 err = ubi_io_write_vid_hdr(ubi, new_aeb->pnum, vid_hdr); 326 if (err) 327 goto write_error; 328 329 /* Write the layout volume contents */ 330 err = ubi_io_write_data(ubi, vtbl, new_aeb->pnum, 0, ubi->vtbl_size); 331 if (err) 332 goto write_error; 333 334 /* 335 * And add it to the attaching information. Don't delete the old version 336 * of this LEB as it will be deleted and freed in 'ubi_add_to_av()'. 337 */ 338 err = ubi_add_to_av(ubi, ai, new_aeb->pnum, new_aeb->ec, vid_hdr, 0); 339 kmem_cache_free(ai->aeb_slab_cache, new_aeb); 340 ubi_free_vid_hdr(ubi, vid_hdr); 341 return err; 342 343 write_error: 344 if (err == -EIO && ++tries <= 5) { 345 /* 346 * Probably this physical eraseblock went bad, try to pick 347 * another one. 348 */ 349 list_add(&new_aeb->u.list, &ai->erase); 350 goto retry; 351 } 352 kmem_cache_free(ai->aeb_slab_cache, new_aeb); 353 out_free: 354 ubi_free_vid_hdr(ubi, vid_hdr); 355 return err; 356 357 } 358 359 /** 360 * process_lvol - process the layout volume. 361 * @ubi: UBI device description object 362 * @ai: attaching information 363 * @av: layout volume attaching information 364 * 365 * This function is responsible for reading the layout volume, ensuring it is 366 * not corrupted, and recovering from corruptions if needed. Returns volume 367 * table in case of success and a negative error code in case of failure. 368 */ 369 static struct ubi_vtbl_record *process_lvol(struct ubi_device *ubi, 370 struct ubi_attach_info *ai, 371 struct ubi_ainf_volume *av) 372 { 373 int err; 374 struct rb_node *rb; 375 struct ubi_ainf_peb *aeb; 376 struct ubi_vtbl_record *leb[UBI_LAYOUT_VOLUME_EBS] = { NULL, NULL }; 377 int leb_corrupted[UBI_LAYOUT_VOLUME_EBS] = {1, 1}; 378 379 /* 380 * UBI goes through the following steps when it changes the layout 381 * volume: 382 * a. erase LEB 0; 383 * b. write new data to LEB 0; 384 * c. erase LEB 1; 385 * d. write new data to LEB 1. 386 * 387 * Before the change, both LEBs contain the same data. 388 * 389 * Due to unclean reboots, the contents of LEB 0 may be lost, but there 390 * should LEB 1. So it is OK if LEB 0 is corrupted while LEB 1 is not. 391 * Similarly, LEB 1 may be lost, but there should be LEB 0. And 392 * finally, unclean reboots may result in a situation when neither LEB 393 * 0 nor LEB 1 are corrupted, but they are different. In this case, LEB 394 * 0 contains more recent information. 395 * 396 * So the plan is to first check LEB 0. Then 397 * a. if LEB 0 is OK, it must be containing the most recent data; then 398 * we compare it with LEB 1, and if they are different, we copy LEB 399 * 0 to LEB 1; 400 * b. if LEB 0 is corrupted, but LEB 1 has to be OK, and we copy LEB 1 401 * to LEB 0. 402 */ 403 404 dbg_gen("check layout volume"); 405 406 /* Read both LEB 0 and LEB 1 into memory */ 407 ubi_rb_for_each_entry(rb, aeb, &av->root, u.rb) { 408 leb[aeb->lnum] = vzalloc(ubi->vtbl_size); 409 if (!leb[aeb->lnum]) { 410 err = -ENOMEM; 411 goto out_free; 412 } 413 414 err = ubi_io_read_data(ubi, leb[aeb->lnum], aeb->pnum, 0, 415 ubi->vtbl_size); 416 if (err == UBI_IO_BITFLIPS || mtd_is_eccerr(err)) 417 /* 418 * Scrub the PEB later. Note, -EBADMSG indicates an 419 * uncorrectable ECC error, but we have our own CRC and 420 * the data will be checked later. If the data is OK, 421 * the PEB will be scrubbed (because we set 422 * aeb->scrub). If the data is not OK, the contents of 423 * the PEB will be recovered from the second copy, and 424 * aeb->scrub will be cleared in 425 * 'ubi_add_to_av()'. 426 */ 427 aeb->scrub = 1; 428 else if (err) 429 goto out_free; 430 } 431 432 err = -EINVAL; 433 if (leb[0]) { 434 leb_corrupted[0] = vtbl_check(ubi, leb[0]); 435 if (leb_corrupted[0] < 0) 436 goto out_free; 437 } 438 439 if (!leb_corrupted[0]) { 440 /* LEB 0 is OK */ 441 if (leb[1]) 442 leb_corrupted[1] = memcmp(leb[0], leb[1], 443 ubi->vtbl_size); 444 if (leb_corrupted[1]) { 445 ubi_warn(ubi, "volume table copy #2 is corrupted"); 446 err = create_vtbl(ubi, ai, 1, leb[0]); 447 if (err) 448 goto out_free; 449 ubi_msg(ubi, "volume table was restored"); 450 } 451 452 /* Both LEB 1 and LEB 2 are OK and consistent */ 453 vfree(leb[1]); 454 return leb[0]; 455 } else { 456 /* LEB 0 is corrupted or does not exist */ 457 if (leb[1]) { 458 leb_corrupted[1] = vtbl_check(ubi, leb[1]); 459 if (leb_corrupted[1] < 0) 460 goto out_free; 461 } 462 if (leb_corrupted[1]) { 463 /* Both LEB 0 and LEB 1 are corrupted */ 464 ubi_err(ubi, "both volume tables are corrupted"); 465 goto out_free; 466 } 467 468 ubi_warn(ubi, "volume table copy #1 is corrupted"); 469 err = create_vtbl(ubi, ai, 0, leb[1]); 470 if (err) 471 goto out_free; 472 ubi_msg(ubi, "volume table was restored"); 473 474 vfree(leb[0]); 475 return leb[1]; 476 } 477 478 out_free: 479 vfree(leb[0]); 480 vfree(leb[1]); 481 return ERR_PTR(err); 482 } 483 484 /** 485 * create_empty_lvol - create empty layout volume. 486 * @ubi: UBI device description object 487 * @ai: attaching information 488 * 489 * This function returns volume table contents in case of success and a 490 * negative error code in case of failure. 491 */ 492 static struct ubi_vtbl_record *create_empty_lvol(struct ubi_device *ubi, 493 struct ubi_attach_info *ai) 494 { 495 int i; 496 struct ubi_vtbl_record *vtbl; 497 498 vtbl = vzalloc(ubi->vtbl_size); 499 if (!vtbl) 500 return ERR_PTR(-ENOMEM); 501 502 for (i = 0; i < ubi->vtbl_slots; i++) 503 memcpy(&vtbl[i], &empty_vtbl_record, UBI_VTBL_RECORD_SIZE); 504 505 for (i = 0; i < UBI_LAYOUT_VOLUME_EBS; i++) { 506 int err; 507 508 err = create_vtbl(ubi, ai, i, vtbl); 509 if (err) { 510 vfree(vtbl); 511 return ERR_PTR(err); 512 } 513 } 514 515 return vtbl; 516 } 517 518 /** 519 * init_volumes - initialize volume information for existing volumes. 520 * @ubi: UBI device description object 521 * @ai: scanning information 522 * @vtbl: volume table 523 * 524 * This function allocates volume description objects for existing volumes. 525 * Returns zero in case of success and a negative error code in case of 526 * failure. 527 */ 528 static int init_volumes(struct ubi_device *ubi, 529 const struct ubi_attach_info *ai, 530 const struct ubi_vtbl_record *vtbl) 531 { 532 int i, reserved_pebs = 0; 533 struct ubi_ainf_volume *av; 534 struct ubi_volume *vol; 535 536 for (i = 0; i < ubi->vtbl_slots; i++) { 537 cond_resched(); 538 539 if (be32_to_cpu(vtbl[i].reserved_pebs) == 0) 540 continue; /* Empty record */ 541 542 vol = kzalloc(sizeof(struct ubi_volume), GFP_KERNEL); 543 if (!vol) 544 return -ENOMEM; 545 546 vol->reserved_pebs = be32_to_cpu(vtbl[i].reserved_pebs); 547 vol->alignment = be32_to_cpu(vtbl[i].alignment); 548 vol->data_pad = be32_to_cpu(vtbl[i].data_pad); 549 vol->upd_marker = vtbl[i].upd_marker; 550 vol->vol_type = vtbl[i].vol_type == UBI_VID_DYNAMIC ? 551 UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME; 552 vol->name_len = be16_to_cpu(vtbl[i].name_len); 553 vol->usable_leb_size = ubi->leb_size - vol->data_pad; 554 memcpy(vol->name, vtbl[i].name, vol->name_len); 555 vol->name[vol->name_len] = '\0'; 556 vol->vol_id = i; 557 558 if (vtbl[i].flags & UBI_VTBL_AUTORESIZE_FLG) { 559 /* Auto re-size flag may be set only for one volume */ 560 if (ubi->autoresize_vol_id != -1) { 561 ubi_err(ubi, "more than one auto-resize volume (%d and %d)", 562 ubi->autoresize_vol_id, i); 563 kfree(vol); 564 return -EINVAL; 565 } 566 567 ubi->autoresize_vol_id = i; 568 } 569 570 ubi_assert(!ubi->volumes[i]); 571 ubi->volumes[i] = vol; 572 ubi->vol_count += 1; 573 vol->ubi = ubi; 574 reserved_pebs += vol->reserved_pebs; 575 576 /* 577 * In case of dynamic volume UBI knows nothing about how many 578 * data is stored there. So assume the whole volume is used. 579 */ 580 if (vol->vol_type == UBI_DYNAMIC_VOLUME) { 581 vol->used_ebs = vol->reserved_pebs; 582 vol->last_eb_bytes = vol->usable_leb_size; 583 vol->used_bytes = 584 (long long)vol->used_ebs * vol->usable_leb_size; 585 continue; 586 } 587 588 /* Static volumes only */ 589 av = ubi_find_av(ai, i); 590 if (!av || !av->leb_count) { 591 /* 592 * No eraseblocks belonging to this volume found. We 593 * don't actually know whether this static volume is 594 * completely corrupted or just contains no data. And 595 * we cannot know this as long as data size is not 596 * stored on flash. So we just assume the volume is 597 * empty. FIXME: this should be handled. 598 */ 599 continue; 600 } 601 602 if (av->leb_count != av->used_ebs) { 603 /* 604 * We found a static volume which misses several 605 * eraseblocks. Treat it as corrupted. 606 */ 607 ubi_warn(ubi, "static volume %d misses %d LEBs - corrupted", 608 av->vol_id, av->used_ebs - av->leb_count); 609 vol->corrupted = 1; 610 continue; 611 } 612 613 vol->used_ebs = av->used_ebs; 614 vol->used_bytes = 615 (long long)(vol->used_ebs - 1) * vol->usable_leb_size; 616 vol->used_bytes += av->last_data_size; 617 vol->last_eb_bytes = av->last_data_size; 618 } 619 620 /* And add the layout volume */ 621 vol = kzalloc(sizeof(struct ubi_volume), GFP_KERNEL); 622 if (!vol) 623 return -ENOMEM; 624 625 vol->reserved_pebs = UBI_LAYOUT_VOLUME_EBS; 626 vol->alignment = UBI_LAYOUT_VOLUME_ALIGN; 627 vol->vol_type = UBI_DYNAMIC_VOLUME; 628 vol->name_len = sizeof(UBI_LAYOUT_VOLUME_NAME) - 1; 629 memcpy(vol->name, UBI_LAYOUT_VOLUME_NAME, vol->name_len + 1); 630 vol->usable_leb_size = ubi->leb_size; 631 vol->used_ebs = vol->reserved_pebs; 632 vol->last_eb_bytes = vol->reserved_pebs; 633 vol->used_bytes = 634 (long long)vol->used_ebs * (ubi->leb_size - vol->data_pad); 635 vol->vol_id = UBI_LAYOUT_VOLUME_ID; 636 vol->ref_count = 1; 637 638 ubi_assert(!ubi->volumes[i]); 639 ubi->volumes[vol_id2idx(ubi, vol->vol_id)] = vol; 640 reserved_pebs += vol->reserved_pebs; 641 ubi->vol_count += 1; 642 vol->ubi = ubi; 643 644 if (reserved_pebs > ubi->avail_pebs) { 645 ubi_err(ubi, "not enough PEBs, required %d, available %d", 646 reserved_pebs, ubi->avail_pebs); 647 if (ubi->corr_peb_count) 648 ubi_err(ubi, "%d PEBs are corrupted and not used", 649 ubi->corr_peb_count); 650 } 651 ubi->rsvd_pebs += reserved_pebs; 652 ubi->avail_pebs -= reserved_pebs; 653 654 return 0; 655 } 656 657 /** 658 * check_av - check volume attaching information. 659 * @vol: UBI volume description object 660 * @av: volume attaching information 661 * 662 * This function returns zero if the volume attaching information is consistent 663 * to the data read from the volume tabla, and %-EINVAL if not. 664 */ 665 static int check_av(const struct ubi_volume *vol, 666 const struct ubi_ainf_volume *av) 667 { 668 int err; 669 670 if (av->highest_lnum >= vol->reserved_pebs) { 671 err = 1; 672 goto bad; 673 } 674 if (av->leb_count > vol->reserved_pebs) { 675 err = 2; 676 goto bad; 677 } 678 if (av->vol_type != vol->vol_type) { 679 err = 3; 680 goto bad; 681 } 682 if (av->used_ebs > vol->reserved_pebs) { 683 err = 4; 684 goto bad; 685 } 686 if (av->data_pad != vol->data_pad) { 687 err = 5; 688 goto bad; 689 } 690 return 0; 691 692 bad: 693 ubi_err(vol->ubi, "bad attaching information, error %d", err); 694 ubi_dump_av(av); 695 ubi_dump_vol_info(vol); 696 return -EINVAL; 697 } 698 699 /** 700 * check_attaching_info - check that attaching information. 701 * @ubi: UBI device description object 702 * @ai: attaching information 703 * 704 * Even though we protect on-flash data by CRC checksums, we still don't trust 705 * the media. This function ensures that attaching information is consistent to 706 * the information read from the volume table. Returns zero if the attaching 707 * information is OK and %-EINVAL if it is not. 708 */ 709 static int check_attaching_info(const struct ubi_device *ubi, 710 struct ubi_attach_info *ai) 711 { 712 int err, i; 713 struct ubi_ainf_volume *av; 714 struct ubi_volume *vol; 715 716 if (ai->vols_found > UBI_INT_VOL_COUNT + ubi->vtbl_slots) { 717 ubi_err(ubi, "found %d volumes while attaching, maximum is %d + %d", 718 ai->vols_found, UBI_INT_VOL_COUNT, ubi->vtbl_slots); 719 return -EINVAL; 720 } 721 722 if (ai->highest_vol_id >= ubi->vtbl_slots + UBI_INT_VOL_COUNT && 723 ai->highest_vol_id < UBI_INTERNAL_VOL_START) { 724 ubi_err(ubi, "too large volume ID %d found", 725 ai->highest_vol_id); 726 return -EINVAL; 727 } 728 729 for (i = 0; i < ubi->vtbl_slots + UBI_INT_VOL_COUNT; i++) { 730 cond_resched(); 731 732 av = ubi_find_av(ai, i); 733 vol = ubi->volumes[i]; 734 if (!vol) { 735 if (av) 736 ubi_remove_av(ai, av); 737 continue; 738 } 739 740 if (vol->reserved_pebs == 0) { 741 ubi_assert(i < ubi->vtbl_slots); 742 743 if (!av) 744 continue; 745 746 /* 747 * During attaching we found a volume which does not 748 * exist according to the information in the volume 749 * table. This must have happened due to an unclean 750 * reboot while the volume was being removed. Discard 751 * these eraseblocks. 752 */ 753 ubi_msg(ubi, "finish volume %d removal", av->vol_id); 754 ubi_remove_av(ai, av); 755 } else if (av) { 756 err = check_av(vol, av); 757 if (err) 758 return err; 759 } 760 } 761 762 return 0; 763 } 764 765 /** 766 * ubi_read_volume_table - read the volume table. 767 * @ubi: UBI device description object 768 * @ai: attaching information 769 * 770 * This function reads volume table, checks it, recover from errors if needed, 771 * or creates it if needed. Returns zero in case of success and a negative 772 * error code in case of failure. 773 */ 774 int ubi_read_volume_table(struct ubi_device *ubi, struct ubi_attach_info *ai) 775 { 776 int i, err; 777 struct ubi_ainf_volume *av; 778 779 empty_vtbl_record.crc = cpu_to_be32(0xf116c36b); 780 781 /* 782 * The number of supported volumes is limited by the eraseblock size 783 * and by the UBI_MAX_VOLUMES constant. 784 */ 785 ubi->vtbl_slots = ubi->leb_size / UBI_VTBL_RECORD_SIZE; 786 if (ubi->vtbl_slots > UBI_MAX_VOLUMES) 787 ubi->vtbl_slots = UBI_MAX_VOLUMES; 788 789 ubi->vtbl_size = ubi->vtbl_slots * UBI_VTBL_RECORD_SIZE; 790 ubi->vtbl_size = ALIGN(ubi->vtbl_size, ubi->min_io_size); 791 792 av = ubi_find_av(ai, UBI_LAYOUT_VOLUME_ID); 793 if (!av) { 794 /* 795 * No logical eraseblocks belonging to the layout volume were 796 * found. This could mean that the flash is just empty. In 797 * this case we create empty layout volume. 798 * 799 * But if flash is not empty this must be a corruption or the 800 * MTD device just contains garbage. 801 */ 802 if (ai->is_empty) { 803 ubi->vtbl = create_empty_lvol(ubi, ai); 804 if (IS_ERR(ubi->vtbl)) 805 return PTR_ERR(ubi->vtbl); 806 } else { 807 ubi_err(ubi, "the layout volume was not found"); 808 return -EINVAL; 809 } 810 } else { 811 if (av->leb_count > UBI_LAYOUT_VOLUME_EBS) { 812 /* This must not happen with proper UBI images */ 813 ubi_err(ubi, "too many LEBs (%d) in layout volume", 814 av->leb_count); 815 return -EINVAL; 816 } 817 818 ubi->vtbl = process_lvol(ubi, ai, av); 819 if (IS_ERR(ubi->vtbl)) 820 return PTR_ERR(ubi->vtbl); 821 } 822 823 ubi->avail_pebs = ubi->good_peb_count - ubi->corr_peb_count; 824 825 /* 826 * The layout volume is OK, initialize the corresponding in-RAM data 827 * structures. 828 */ 829 err = init_volumes(ubi, ai, ubi->vtbl); 830 if (err) 831 goto out_free; 832 833 /* 834 * Make sure that the attaching information is consistent to the 835 * information stored in the volume table. 836 */ 837 err = check_attaching_info(ubi, ai); 838 if (err) 839 goto out_free; 840 841 return 0; 842 843 out_free: 844 vfree(ubi->vtbl); 845 for (i = 0; i < ubi->vtbl_slots + UBI_INT_VOL_COUNT; i++) { 846 kfree(ubi->volumes[i]); 847 ubi->volumes[i] = NULL; 848 } 849 return err; 850 } 851 852 /** 853 * self_vtbl_check - check volume table. 854 * @ubi: UBI device description object 855 */ 856 static void self_vtbl_check(const struct ubi_device *ubi) 857 { 858 if (!ubi_dbg_chk_gen(ubi)) 859 return; 860 861 if (vtbl_check(ubi, ubi->vtbl)) { 862 ubi_err(ubi, "self-check failed"); 863 BUG(); 864 } 865 } 866