Branch data Line data Source code
1 : : /*
2 : : * JFFS2 -- Journalling Flash File System, Version 2.
3 : : *
4 : : * Copyright © 2001-2007 Red Hat, Inc.
5 : : * Copyright © 2004 Thomas Gleixner <tglx@linutronix.de>
6 : : *
7 : : * Created by David Woodhouse <dwmw2@infradead.org>
8 : : * Modified debugged and enhanced by Thomas Gleixner <tglx@linutronix.de>
9 : : *
10 : : * For licensing information, see the file 'LICENCE' in this directory.
11 : : *
12 : : */
13 : :
14 : : #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15 : :
16 : : #include <linux/kernel.h>
17 : : #include <linux/slab.h>
18 : : #include <linux/mtd/mtd.h>
19 : : #include <linux/crc32.h>
20 : : #include <linux/mtd/nand.h>
21 : : #include <linux/jiffies.h>
22 : : #include <linux/sched.h>
23 : : #include <linux/writeback.h>
24 : :
25 : : #include "nodelist.h"
26 : :
27 : : /* For testing write failures */
28 : : #undef BREAKME
29 : : #undef BREAKMEHEADER
30 : :
31 : : #ifdef BREAKME
32 : : static unsigned char *brokenbuf;
33 : : #endif
34 : :
35 : : #define PAGE_DIV(x) ( ((unsigned long)(x) / (unsigned long)(c->wbuf_pagesize)) * (unsigned long)(c->wbuf_pagesize) )
36 : : #define PAGE_MOD(x) ( (unsigned long)(x) % (unsigned long)(c->wbuf_pagesize) )
37 : :
38 : : /* max. erase failures before we mark a block bad */
39 : : #define MAX_ERASE_FAILURES 2
40 : :
41 : : struct jffs2_inodirty {
42 : : uint32_t ino;
43 : : struct jffs2_inodirty *next;
44 : : };
45 : :
46 : : static struct jffs2_inodirty inodirty_nomem;
47 : :
48 : : static int jffs2_wbuf_pending_for_ino(struct jffs2_sb_info *c, uint32_t ino)
49 : : {
50 : : struct jffs2_inodirty *this = c->wbuf_inodes;
51 : :
52 : : /* If a malloc failed, consider _everything_ dirty */
53 [ # # # # ]: 0 : if (this == &inodirty_nomem)
54 : : return 1;
55 : :
56 : : /* If ino == 0, _any_ non-GC writes mean 'yes' */
57 [ # # ][ # # ]: 0 : if (this && !ino)
58 : : return 1;
59 : :
60 : : /* Look to see if the inode in question is pending in the wbuf */
61 [ # # ][ # # ]: 0 : while (this) {
62 [ # # ][ # # ]: 0 : if (this->ino == ino)
63 : : return 1;
64 : 0 : this = this->next;
65 : : }
66 : : return 0;
67 : : }
68 : :
69 : 0 : static void jffs2_clear_wbuf_ino_list(struct jffs2_sb_info *c)
70 : : {
71 : : struct jffs2_inodirty *this;
72 : :
73 : 0 : this = c->wbuf_inodes;
74 : :
75 [ # # ]: 0 : if (this != &inodirty_nomem) {
76 [ # # ]: 0 : while (this) {
77 : 0 : struct jffs2_inodirty *next = this->next;
78 : 0 : kfree(this);
79 : : this = next;
80 : : }
81 : : }
82 : 0 : c->wbuf_inodes = NULL;
83 : 0 : }
84 : :
85 : 0 : static void jffs2_wbuf_dirties_inode(struct jffs2_sb_info *c, uint32_t ino)
86 : : {
87 : : struct jffs2_inodirty *new;
88 : :
89 : : /* Schedule delayed write-buffer write-out */
90 : 0 : jffs2_dirty_trigger(c);
91 : :
92 [ # # ]: 0 : if (jffs2_wbuf_pending_for_ino(c, ino))
93 : : return;
94 : :
95 : : new = kmalloc(sizeof(*new), GFP_KERNEL);
96 [ # # ]: 0 : if (!new) {
97 : : jffs2_dbg(1, "No memory to allocate inodirty. Fallback to all considered dirty\n");
98 : 0 : jffs2_clear_wbuf_ino_list(c);
99 : 0 : c->wbuf_inodes = &inodirty_nomem;
100 : 0 : return;
101 : : }
102 : 0 : new->ino = ino;
103 : 0 : new->next = c->wbuf_inodes;
104 : 0 : c->wbuf_inodes = new;
105 : 0 : return;
106 : : }
107 : :
108 : : static inline void jffs2_refile_wbuf_blocks(struct jffs2_sb_info *c)
109 : : {
110 : : struct list_head *this, *next;
111 : : static int n;
112 : :
113 [ # # ]: 0 : if (list_empty(&c->erasable_pending_wbuf_list))
114 : : return;
115 : :
116 [ # # ]: 0 : list_for_each_safe(this, next, &c->erasable_pending_wbuf_list) {
117 : : struct jffs2_eraseblock *jeb = list_entry(this, struct jffs2_eraseblock, list);
118 : :
119 : : jffs2_dbg(1, "Removing eraseblock at 0x%08x from erasable_pending_wbuf_list...\n",
120 : : jeb->offset);
121 : : list_del(this);
122 [ # # ]: 0 : if ((jiffies + (n++)) & 127) {
123 : : /* Most of the time, we just erase it immediately. Otherwise we
124 : : spend ages scanning it on mount, etc. */
125 : : jffs2_dbg(1, "...and adding to erase_pending_list\n");
126 : 0 : list_add_tail(&jeb->list, &c->erase_pending_list);
127 : 0 : c->nr_erasing_blocks++;
128 : 0 : jffs2_garbage_collect_trigger(c);
129 : : } else {
130 : : /* Sometimes, however, we leave it elsewhere so it doesn't get
131 : : immediately reused, and we spread the load a bit. */
132 : : jffs2_dbg(1, "...and adding to erasable_list\n");
133 : 0 : list_add_tail(&jeb->list, &c->erasable_list);
134 : : }
135 : : }
136 : : }
137 : :
138 : : #define REFILE_NOTEMPTY 0
139 : : #define REFILE_ANYWAY 1
140 : :
141 : 0 : static void jffs2_block_refile(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, int allow_empty)
142 : : {
143 : : jffs2_dbg(1, "About to refile bad block at %08x\n", jeb->offset);
144 : :
145 : : /* File the existing block on the bad_used_list.... */
146 [ # # ]: 0 : if (c->nextblock == jeb)
147 : 0 : c->nextblock = NULL;
148 : : else /* Not sure this should ever happen... need more coffee */
149 : : list_del(&jeb->list);
150 [ # # ]: 0 : if (jeb->first_node) {
151 : : jffs2_dbg(1, "Refiling block at %08x to bad_used_list\n",
152 : : jeb->offset);
153 : 0 : list_add(&jeb->list, &c->bad_used_list);
154 : : } else {
155 [ # # ]: 0 : BUG_ON(allow_empty == REFILE_NOTEMPTY);
156 : : /* It has to have had some nodes or we couldn't be here */
157 : : jffs2_dbg(1, "Refiling block at %08x to erase_pending_list\n",
158 : : jeb->offset);
159 : 0 : list_add(&jeb->list, &c->erase_pending_list);
160 : 0 : c->nr_erasing_blocks++;
161 : 0 : jffs2_garbage_collect_trigger(c);
162 : : }
163 : :
164 [ # # ]: 0 : if (!jffs2_prealloc_raw_node_refs(c, jeb, 1)) {
165 : 0 : uint32_t oldfree = jeb->free_size;
166 : :
167 : 0 : jffs2_link_node_ref(c, jeb,
168 : 0 : (jeb->offset+c->sector_size-oldfree) | REF_OBSOLETE,
169 : : oldfree, NULL);
170 : : /* convert to wasted */
171 : 0 : c->wasted_size += oldfree;
172 : 0 : jeb->wasted_size += oldfree;
173 : 0 : c->dirty_size -= oldfree;
174 : 0 : jeb->dirty_size -= oldfree;
175 : : }
176 : :
177 : : jffs2_dbg_dump_block_lists_nolock(c);
178 : 0 : jffs2_dbg_acct_sanity_check_nolock(c,jeb);
179 : : jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
180 : 0 : }
181 : :
182 : 0 : static struct jffs2_raw_node_ref **jffs2_incore_replace_raw(struct jffs2_sb_info *c,
183 : : struct jffs2_inode_info *f,
184 : : struct jffs2_raw_node_ref *raw,
185 : : union jffs2_node_union *node)
186 : : {
187 : : struct jffs2_node_frag *frag;
188 : : struct jffs2_full_dirent *fd;
189 : :
190 : : dbg_noderef("incore_replace_raw: node at %p is {%04x,%04x}\n",
191 : : node, je16_to_cpu(node->u.magic), je16_to_cpu(node->u.nodetype));
192 : :
193 [ # # ]: 0 : BUG_ON(je16_to_cpu(node->u.magic) != 0x1985 &&
194 : : je16_to_cpu(node->u.magic) != 0);
195 : :
196 [ # # # ]: 0 : switch (je16_to_cpu(node->u.nodetype)) {
197 : : case JFFS2_NODETYPE_INODE:
198 [ # # ][ # # ]: 0 : if (f->metadata && f->metadata->raw == raw) {
199 : : dbg_noderef("Will replace ->raw in f->metadata at %p\n", f->metadata);
200 : 0 : return &f->metadata->raw;
201 : : }
202 : 0 : frag = jffs2_lookup_node_frag(&f->fragtree, je32_to_cpu(node->i.offset));
203 [ # # ]: 0 : BUG_ON(!frag);
204 : : /* Find a frag which refers to the full_dnode we want to modify */
205 [ # # ][ # # ]: 0 : while (!frag->node || frag->node->raw != raw) {
206 : 0 : frag = frag_next(frag);
207 [ # # ]: 0 : BUG_ON(!frag);
208 : : }
209 : : dbg_noderef("Will replace ->raw in full_dnode at %p\n", frag->node);
210 : 0 : return &frag->node->raw;
211 : :
212 : : case JFFS2_NODETYPE_DIRENT:
213 [ # # ]: 0 : for (fd = f->dents; fd; fd = fd->next) {
214 [ # # ]: 0 : if (fd->raw == raw) {
215 : : dbg_noderef("Will replace ->raw in full_dirent at %p\n", fd);
216 : 0 : return &fd->raw;
217 : : }
218 : : }
219 : 0 : BUG();
220 : :
221 : : default:
222 : : dbg_noderef("Don't care about replacing raw for nodetype %x\n",
223 : : je16_to_cpu(node->u.nodetype));
224 : : break;
225 : : }
226 : : return NULL;
227 : : }
228 : :
229 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
230 : : static int jffs2_verify_write(struct jffs2_sb_info *c, unsigned char *buf,
231 : : uint32_t ofs)
232 : : {
233 : : int ret;
234 : : size_t retlen;
235 : : char *eccstr;
236 : :
237 : : ret = mtd_read(c->mtd, ofs, c->wbuf_pagesize, &retlen, c->wbuf_verify);
238 : : if (ret && ret != -EUCLEAN && ret != -EBADMSG) {
239 : : pr_warn("%s(): Read back of page at %08x failed: %d\n",
240 : : __func__, c->wbuf_ofs, ret);
241 : : return ret;
242 : : } else if (retlen != c->wbuf_pagesize) {
243 : : pr_warn("%s(): Read back of page at %08x gave short read: %zd not %d\n",
244 : : __func__, ofs, retlen, c->wbuf_pagesize);
245 : : return -EIO;
246 : : }
247 : : if (!memcmp(buf, c->wbuf_verify, c->wbuf_pagesize))
248 : : return 0;
249 : :
250 : : if (ret == -EUCLEAN)
251 : : eccstr = "corrected";
252 : : else if (ret == -EBADMSG)
253 : : eccstr = "correction failed";
254 : : else
255 : : eccstr = "OK or unused";
256 : :
257 : : pr_warn("Write verify error (ECC %s) at %08x. Wrote:\n",
258 : : eccstr, c->wbuf_ofs);
259 : : print_hex_dump(KERN_WARNING, "", DUMP_PREFIX_OFFSET, 16, 1,
260 : : c->wbuf, c->wbuf_pagesize, 0);
261 : :
262 : : pr_warn("Read back:\n");
263 : : print_hex_dump(KERN_WARNING, "", DUMP_PREFIX_OFFSET, 16, 1,
264 : : c->wbuf_verify, c->wbuf_pagesize, 0);
265 : :
266 : : return -EIO;
267 : : }
268 : : #else
269 : : #define jffs2_verify_write(c,b,o) (0)
270 : : #endif
271 : :
272 : : /* Recover from failure to write wbuf. Recover the nodes up to the
273 : : * wbuf, not the one which we were starting to try to write. */
274 : :
275 : 0 : static void jffs2_wbuf_recover(struct jffs2_sb_info *c)
276 : : {
277 : : struct jffs2_eraseblock *jeb, *new_jeb;
278 : : struct jffs2_raw_node_ref *raw, *next, *first_raw = NULL;
279 : : size_t retlen;
280 : : int ret;
281 : : int nr_refile = 0;
282 : : unsigned char *buf;
283 : : uint32_t start, end, ofs, len;
284 : :
285 : 0 : jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
286 : :
287 : : spin_lock(&c->erase_completion_lock);
288 [ # # ]: 0 : if (c->wbuf_ofs % c->mtd->erasesize)
289 : 0 : jffs2_block_refile(c, jeb, REFILE_NOTEMPTY);
290 : : else
291 : 0 : jffs2_block_refile(c, jeb, REFILE_ANYWAY);
292 : : spin_unlock(&c->erase_completion_lock);
293 : :
294 [ # # ]: 0 : BUG_ON(!ref_obsolete(jeb->last_node));
295 : :
296 : : /* Find the first node to be recovered, by skipping over every
297 : : node which ends before the wbuf starts, or which is obsolete. */
298 [ # # ]: 0 : for (next = raw = jeb->first_node; next; raw = next) {
299 : : next = ref_next(raw);
300 : :
301 [ # # ][ # # ]: 0 : if (ref_obsolete(raw) ||
302 [ # # ]: 0 : (next && ref_offset(next) <= c->wbuf_ofs)) {
303 : : dbg_noderef("Skipping node at 0x%08x(%d)-0x%08x which is either before 0x%08x or obsolete\n",
304 : : ref_offset(raw), ref_flags(raw),
305 : : (ref_offset(raw) + ref_totlen(c, jeb, raw)),
306 : : c->wbuf_ofs);
307 : 0 : continue;
308 : : }
309 : : dbg_noderef("First node to be recovered is at 0x%08x(%d)-0x%08x\n",
310 : : ref_offset(raw), ref_flags(raw),
311 : : (ref_offset(raw) + ref_totlen(c, jeb, raw)));
312 : :
313 : : first_raw = raw;
314 : : break;
315 : : }
316 : :
317 [ # # ]: 0 : if (!first_raw) {
318 : : /* All nodes were obsolete. Nothing to recover. */
319 : : jffs2_dbg(1, "No non-obsolete nodes to be recovered. Just filing block bad\n");
320 : 0 : c->wbuf_len = 0;
321 : 0 : return;
322 : : }
323 : :
324 : 0 : start = ref_offset(first_raw);
325 : 0 : end = ref_offset(jeb->last_node);
326 : : nr_refile = 1;
327 : :
328 : : /* Count the number of refs which need to be copied */
329 [ # # ]: 0 : while ((raw = ref_next(raw)) != jeb->last_node)
330 : 0 : nr_refile++;
331 : :
332 : : dbg_noderef("wbuf recover %08x-%08x (%d bytes in %d nodes)\n",
333 : : start, end, end - start, nr_refile);
334 : :
335 : : buf = NULL;
336 [ # # ]: 0 : if (start < c->wbuf_ofs) {
337 : : /* First affected node was already partially written.
338 : : * Attempt to reread the old data into our buffer. */
339 : :
340 : 0 : buf = kmalloc(end - start, GFP_KERNEL);
341 [ # # ]: 0 : if (!buf) {
342 : 0 : pr_crit("Malloc failure in wbuf recovery. Data loss ensues.\n");
343 : :
344 : 0 : goto read_failed;
345 : : }
346 : :
347 : : /* Do the read... */
348 : 0 : ret = mtd_read(c->mtd, start, c->wbuf_ofs - start, &retlen,
349 : : buf);
350 : :
351 : : /* ECC recovered ? */
352 [ # # ][ # # ]: 0 : if ((ret == -EUCLEAN || ret == -EBADMSG) &&
353 : 0 : (retlen == c->wbuf_ofs - start))
354 : : ret = 0;
355 : :
356 [ # # ][ # # ]: 0 : if (ret || retlen != c->wbuf_ofs - start) {
357 : 0 : pr_crit("Old data are already lost in wbuf recovery. Data loss ensues.\n");
358 : :
359 : 0 : kfree(buf);
360 : : buf = NULL;
361 : : read_failed:
362 : : first_raw = ref_next(first_raw);
363 : 0 : nr_refile--;
364 [ # # ][ # # ]: 0 : while (first_raw && ref_obsolete(first_raw)) {
365 : : first_raw = ref_next(first_raw);
366 : 0 : nr_refile--;
367 : : }
368 : :
369 : : /* If this was the only node to be recovered, give up */
370 [ # # ]: 0 : if (!first_raw) {
371 : 0 : c->wbuf_len = 0;
372 : 0 : return;
373 : : }
374 : :
375 : : /* It wasn't. Go on and try to recover nodes complete in the wbuf */
376 : 0 : start = ref_offset(first_raw);
377 : : dbg_noderef("wbuf now recover %08x-%08x (%d bytes in %d nodes)\n",
378 : : start, end, end - start, nr_refile);
379 : :
380 : : } else {
381 : : /* Read succeeded. Copy the remaining data from the wbuf */
382 : 0 : memcpy(buf + (c->wbuf_ofs - start), c->wbuf, end - c->wbuf_ofs);
383 : : }
384 : : }
385 : : /* OK... we're to rewrite (end-start) bytes of data from first_raw onwards.
386 : : Either 'buf' contains the data, or we find it in the wbuf */
387 : :
388 : : /* ... and get an allocation of space from a shiny new block instead */
389 : 0 : ret = jffs2_reserve_space_gc(c, end-start, &len, JFFS2_SUMMARY_NOSUM_SIZE);
390 [ # # ]: 0 : if (ret) {
391 : 0 : pr_warn("Failed to allocate space for wbuf recovery. Data loss ensues.\n");
392 : 0 : kfree(buf);
393 : 0 : return;
394 : : }
395 : :
396 : : /* The summary is not recovered, so it must be disabled for this erase block */
397 : 0 : jffs2_sum_disable_collecting(c->summary);
398 : :
399 : 0 : ret = jffs2_prealloc_raw_node_refs(c, c->nextblock, nr_refile);
400 [ # # ]: 0 : if (ret) {
401 : 0 : pr_warn("Failed to allocate node refs for wbuf recovery. Data loss ensues.\n");
402 : 0 : kfree(buf);
403 : 0 : return;
404 : : }
405 : :
406 : 0 : ofs = write_ofs(c);
407 : :
408 [ # # ]: 0 : if (end-start >= c->wbuf_pagesize) {
409 : : /* Need to do another write immediately, but it's possible
410 : : that this is just because the wbuf itself is completely
411 : : full, and there's nothing earlier read back from the
412 : : flash. Hence 'buf' isn't necessarily what we're writing
413 : : from. */
414 [ # # ]: 0 : unsigned char *rewrite_buf = buf?:c->wbuf;
415 : 0 : uint32_t towrite = (end-start) - ((end-start)%c->wbuf_pagesize);
416 : :
417 : : jffs2_dbg(1, "Write 0x%x bytes at 0x%08x in wbuf recover\n",
418 : : towrite, ofs);
419 : :
420 : : #ifdef BREAKMEHEADER
421 : : static int breakme;
422 : : if (breakme++ == 20) {
423 : : pr_notice("Faking write error at 0x%08x\n", ofs);
424 : : breakme = 0;
425 : : mtd_write(c->mtd, ofs, towrite, &retlen, brokenbuf);
426 : : ret = -EIO;
427 : : } else
428 : : #endif
429 : 0 : ret = mtd_write(c->mtd, ofs, towrite, &retlen,
430 : : rewrite_buf);
431 : :
432 [ # # ][ # # ]: 0 : if (ret || retlen != towrite || jffs2_verify_write(c, rewrite_buf, ofs)) {
433 : : /* Argh. We tried. Really we did. */
434 : 0 : pr_crit("Recovery of wbuf failed due to a second write error\n");
435 : 0 : kfree(buf);
436 : :
437 [ # # ]: 0 : if (retlen)
438 : 0 : jffs2_add_physical_node_ref(c, ofs | REF_OBSOLETE, ref_totlen(c, jeb, first_raw), NULL);
439 : :
440 : : return;
441 : : }
442 : 0 : pr_notice("Recovery of wbuf succeeded to %08x\n", ofs);
443 : :
444 : 0 : c->wbuf_len = (end - start) - towrite;
445 : 0 : c->wbuf_ofs = ofs + towrite;
446 : 0 : memmove(c->wbuf, rewrite_buf + towrite, c->wbuf_len);
447 : : /* Don't muck about with c->wbuf_inodes. False positives are harmless. */
448 : : } else {
449 : : /* OK, now we're left with the dregs in whichever buffer we're using */
450 [ # # ]: 0 : if (buf) {
451 : 0 : memcpy(c->wbuf, buf, end-start);
452 : : } else {
453 : 0 : memmove(c->wbuf, c->wbuf + (start - c->wbuf_ofs), end - start);
454 : : }
455 : 0 : c->wbuf_ofs = ofs;
456 : 0 : c->wbuf_len = end - start;
457 : : }
458 : :
459 : : /* Now sort out the jffs2_raw_node_refs, moving them from the old to the next block */
460 : 0 : new_jeb = &c->blocks[ofs / c->sector_size];
461 : :
462 : : spin_lock(&c->erase_completion_lock);
463 [ # # ]: 0 : for (raw = first_raw; raw != jeb->last_node; raw = ref_next(raw)) {
464 : 0 : uint32_t rawlen = ref_totlen(c, jeb, raw);
465 : : struct jffs2_inode_cache *ic;
466 : : struct jffs2_raw_node_ref *new_ref;
467 : : struct jffs2_raw_node_ref **adjust_ref = NULL;
468 : : struct jffs2_inode_info *f = NULL;
469 : :
470 : : jffs2_dbg(1, "Refiling block of %08x at %08x(%d) to %08x\n",
471 : : rawlen, ref_offset(raw), ref_flags(raw), ofs);
472 : :
473 : : ic = jffs2_raw_ref_to_ic(raw);
474 : :
475 : : /* Ick. This XATTR mess should be fixed shortly... */
476 [ # # ][ # # ]: 0 : if (ic && ic->class == RAWNODE_CLASS_XATTR_DATUM) {
477 : : struct jffs2_xattr_datum *xd = (void *)ic;
478 [ # # ]: 0 : BUG_ON(xd->node != raw);
479 : 0 : adjust_ref = &xd->node;
480 : 0 : raw->next_in_ino = NULL;
481 : : ic = NULL;
482 [ # # ][ # # ]: 0 : } else if (ic && ic->class == RAWNODE_CLASS_XATTR_REF) {
483 : : struct jffs2_xattr_datum *xr = (void *)ic;
484 [ # # ]: 0 : BUG_ON(xr->node != raw);
485 : 0 : adjust_ref = &xr->node;
486 : 0 : raw->next_in_ino = NULL;
487 : : ic = NULL;
488 [ # # ][ # # ]: 0 : } else if (ic && ic->class == RAWNODE_CLASS_INODE_CACHE) {
489 : 0 : struct jffs2_raw_node_ref **p = &ic->nodes;
490 : :
491 : : /* Remove the old node from the per-inode list */
492 [ # # ][ # # ]: 0 : while (*p && *p != (void *)ic) {
493 [ # # ]: 0 : if (*p == raw) {
494 : 0 : (*p) = (raw->next_in_ino);
495 : 0 : raw->next_in_ino = NULL;
496 : 0 : break;
497 : : }
498 : 0 : p = &((*p)->next_in_ino);
499 : : }
500 : :
501 [ # # ][ # # ]: 0 : if (ic->state == INO_STATE_PRESENT && !ref_obsolete(raw)) {
502 : : /* If it's an in-core inode, then we have to adjust any
503 : : full_dirent or full_dnode structure to point to the
504 : : new version instead of the old */
505 : 0 : f = jffs2_gc_fetch_inode(c, ic->ino, !ic->pino_nlink);
506 [ # # ]: 0 : if (IS_ERR(f)) {
507 : : /* Should never happen; it _must_ be present */
508 : 0 : JFFS2_ERROR("Failed to iget() ino #%u, err %ld\n",
509 : : ic->ino, PTR_ERR(f));
510 : 0 : BUG();
511 : : }
512 : : /* We don't lock f->sem. There's a number of ways we could
513 : : end up in here with it already being locked, and nobody's
514 : : going to modify it on us anyway because we hold the
515 : : alloc_sem. We're only changing one ->raw pointer too,
516 : : which we can get away with without upsetting readers. */
517 : 0 : adjust_ref = jffs2_incore_replace_raw(c, f, raw,
518 [ # # ]: 0 : (void *)(buf?:c->wbuf) + (ref_offset(raw) - start));
519 [ # # ]: 0 : } else if (unlikely(ic->state != INO_STATE_PRESENT &&
520 : : ic->state != INO_STATE_CHECKEDABSENT &&
521 : : ic->state != INO_STATE_GC)) {
522 : 0 : JFFS2_ERROR("Inode #%u is in strange state %d!\n", ic->ino, ic->state);
523 : 0 : BUG();
524 : : }
525 : : }
526 : :
527 : 0 : new_ref = jffs2_link_node_ref(c, new_jeb, ofs | ref_flags(raw), rawlen, ic);
528 : :
529 [ # # ]: 0 : if (adjust_ref) {
530 [ # # ]: 0 : BUG_ON(*adjust_ref != raw);
531 : 0 : *adjust_ref = new_ref;
532 : : }
533 [ # # ]: 0 : if (f)
534 : 0 : jffs2_gc_release_inode(c, f);
535 : :
536 [ # # ]: 0 : if (!ref_obsolete(raw)) {
537 : 0 : jeb->dirty_size += rawlen;
538 : 0 : jeb->used_size -= rawlen;
539 : 0 : c->dirty_size += rawlen;
540 : 0 : c->used_size -= rawlen;
541 : 0 : raw->flash_offset = ref_offset(raw) | REF_OBSOLETE;
542 [ # # ]: 0 : BUG_ON(raw->next_in_ino);
543 : : }
544 : 0 : ofs += rawlen;
545 : : }
546 : :
547 : 0 : kfree(buf);
548 : :
549 : : /* Fix up the original jeb now it's on the bad_list */
550 [ # # ]: 0 : if (first_raw == jeb->first_node) {
551 : : jffs2_dbg(1, "Failing block at %08x is now empty. Moving to erase_pending_list\n",
552 : : jeb->offset);
553 : 0 : list_move(&jeb->list, &c->erase_pending_list);
554 : 0 : c->nr_erasing_blocks++;
555 : 0 : jffs2_garbage_collect_trigger(c);
556 : : }
557 : :
558 : 0 : jffs2_dbg_acct_sanity_check_nolock(c, jeb);
559 : : jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
560 : :
561 : 0 : jffs2_dbg_acct_sanity_check_nolock(c, new_jeb);
562 : : jffs2_dbg_acct_paranoia_check_nolock(c, new_jeb);
563 : :
564 : : spin_unlock(&c->erase_completion_lock);
565 : :
566 : : jffs2_dbg(1, "wbuf recovery completed OK. wbuf_ofs 0x%08x, len 0x%x\n",
567 : : c->wbuf_ofs, c->wbuf_len);
568 : :
569 : : }
570 : :
571 : : /* Meaning of pad argument:
572 : : 0: Do not pad. Probably pointless - we only ever use this when we can't pad anyway.
573 : : 1: Pad, do not adjust nextblock free_size
574 : : 2: Pad, adjust nextblock free_size
575 : : */
576 : : #define NOPAD 0
577 : : #define PAD_NOACCOUNT 1
578 : : #define PAD_ACCOUNTING 2
579 : :
580 : 0 : static int __jffs2_flush_wbuf(struct jffs2_sb_info *c, int pad)
581 : : {
582 : : struct jffs2_eraseblock *wbuf_jeb;
583 : : int ret;
584 : : size_t retlen;
585 : :
586 : : /* Nothing to do if not write-buffering the flash. In particular, we shouldn't
587 : : del_timer() the timer we never initialised. */
588 [ # # ]: 0 : if (!jffs2_is_writebuffered(c))
589 : : return 0;
590 : :
591 [ # # ]: 0 : if (!mutex_is_locked(&c->alloc_sem)) {
592 : 0 : pr_crit("jffs2_flush_wbuf() called with alloc_sem not locked!\n");
593 : 0 : BUG();
594 : : }
595 : :
596 [ # # ]: 0 : if (!c->wbuf_len) /* already checked c->wbuf above */
597 : : return 0;
598 : :
599 : 0 : wbuf_jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
600 [ # # ]: 0 : if (jffs2_prealloc_raw_node_refs(c, wbuf_jeb, c->nextblock->allocated_refs + 1))
601 : : return -ENOMEM;
602 : :
603 : : /* claim remaining space on the page
604 : : this happens, if we have a change to a new block,
605 : : or if fsync forces us to flush the writebuffer.
606 : : if we have a switch to next page, we will not have
607 : : enough remaining space for this.
608 : : */
609 [ # # ]: 0 : if (pad ) {
610 : 0 : c->wbuf_len = PAD(c->wbuf_len);
611 : :
612 : : /* Pad with JFFS2_DIRTY_BITMASK initially. this helps out ECC'd NOR
613 : : with 8 byte page size */
614 [ # # ]: 0 : memset(c->wbuf + c->wbuf_len, 0, c->wbuf_pagesize - c->wbuf_len);
615 : :
616 [ # # ]: 0 : if ( c->wbuf_len + sizeof(struct jffs2_unknown_node) < c->wbuf_pagesize) {
617 : 0 : struct jffs2_unknown_node *padnode = (void *)(c->wbuf + c->wbuf_len);
618 : 0 : padnode->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
619 : 0 : padnode->nodetype = cpu_to_je16(JFFS2_NODETYPE_PADDING);
620 : 0 : padnode->totlen = cpu_to_je32(c->wbuf_pagesize - c->wbuf_len);
621 : 0 : padnode->hdr_crc = cpu_to_je32(crc32(0, padnode, sizeof(*padnode)-4));
622 : : }
623 : : }
624 : : /* else jffs2_flash_writev has actually filled in the rest of the
625 : : buffer for us, and will deal with the node refs etc. later. */
626 : :
627 : : #ifdef BREAKME
628 : : static int breakme;
629 : : if (breakme++ == 20) {
630 : : pr_notice("Faking write error at 0x%08x\n", c->wbuf_ofs);
631 : : breakme = 0;
632 : : mtd_write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize, &retlen,
633 : : brokenbuf);
634 : : ret = -EIO;
635 : : } else
636 : : #endif
637 : :
638 : 0 : ret = mtd_write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize,
639 : 0 : &retlen, c->wbuf);
640 : :
641 [ # # ]: 0 : if (ret) {
642 : 0 : pr_warn("jffs2_flush_wbuf(): Write failed with %d\n", ret);
643 : 0 : goto wfail;
644 [ # # ]: 0 : } else if (retlen != c->wbuf_pagesize) {
645 : 0 : pr_warn("jffs2_flush_wbuf(): Write was short: %zd instead of %d\n",
646 : : retlen, c->wbuf_pagesize);
647 : : ret = -EIO;
648 : 0 : goto wfail;
649 : : } else if ((ret = jffs2_verify_write(c, c->wbuf, c->wbuf_ofs))) {
650 : : wfail:
651 : 0 : jffs2_wbuf_recover(c);
652 : :
653 : 0 : return ret;
654 : : }
655 : :
656 : : /* Adjust free size of the block if we padded. */
657 [ # # ]: 0 : if (pad) {
658 : 0 : uint32_t waste = c->wbuf_pagesize - c->wbuf_len;
659 : :
660 : : jffs2_dbg(1, "jffs2_flush_wbuf() adjusting free_size of %sblock at %08x\n",
661 : : (wbuf_jeb == c->nextblock) ? "next" : "",
662 : : wbuf_jeb->offset);
663 : :
664 : : /* wbuf_pagesize - wbuf_len is the amount of space that's to be
665 : : padded. If there is less free space in the block than that,
666 : : something screwed up */
667 [ # # ]: 0 : if (wbuf_jeb->free_size < waste) {
668 : 0 : pr_crit("jffs2_flush_wbuf(): Accounting error. wbuf at 0x%08x has 0x%03x bytes, 0x%03x left.\n",
669 : : c->wbuf_ofs, c->wbuf_len, waste);
670 : 0 : pr_crit("jffs2_flush_wbuf(): But free_size for block at 0x%08x is only 0x%08x\n",
671 : : wbuf_jeb->offset, wbuf_jeb->free_size);
672 : 0 : BUG();
673 : : }
674 : :
675 : : spin_lock(&c->erase_completion_lock);
676 : :
677 : 0 : jffs2_link_node_ref(c, wbuf_jeb, (c->wbuf_ofs + c->wbuf_len) | REF_OBSOLETE, waste, NULL);
678 : : /* FIXME: that made it count as dirty. Convert to wasted */
679 : 0 : wbuf_jeb->dirty_size -= waste;
680 : 0 : c->dirty_size -= waste;
681 : 0 : wbuf_jeb->wasted_size += waste;
682 : 0 : c->wasted_size += waste;
683 : : } else
684 : : spin_lock(&c->erase_completion_lock);
685 : :
686 : : /* Stick any now-obsoleted blocks on the erase_pending_list */
687 : : jffs2_refile_wbuf_blocks(c);
688 : 0 : jffs2_clear_wbuf_ino_list(c);
689 : : spin_unlock(&c->erase_completion_lock);
690 : :
691 [ # # ]: 0 : memset(c->wbuf,0xff,c->wbuf_pagesize);
692 : : /* adjust write buffer offset, else we get a non contiguous write bug */
693 : 0 : c->wbuf_ofs += c->wbuf_pagesize;
694 : 0 : c->wbuf_len = 0;
695 : 0 : return 0;
696 : : }
697 : :
698 : : /* Trigger garbage collection to flush the write-buffer.
699 : : If ino arg is zero, do it if _any_ real (i.e. not GC) writes are
700 : : outstanding. If ino arg non-zero, do it only if a write for the
701 : : given inode is outstanding. */
702 : 0 : int jffs2_flush_wbuf_gc(struct jffs2_sb_info *c, uint32_t ino)
703 : : {
704 : : uint32_t old_wbuf_ofs;
705 : : uint32_t old_wbuf_len;
706 : : int ret = 0;
707 : :
708 : : jffs2_dbg(1, "jffs2_flush_wbuf_gc() called for ino #%u...\n", ino);
709 : :
710 [ # # ]: 0 : if (!c->wbuf)
711 : : return 0;
712 : :
713 : 0 : mutex_lock(&c->alloc_sem);
714 [ # # ]: 0 : if (!jffs2_wbuf_pending_for_ino(c, ino)) {
715 : : jffs2_dbg(1, "Ino #%d not pending in wbuf. Returning\n", ino);
716 : 0 : mutex_unlock(&c->alloc_sem);
717 : 0 : return 0;
718 : : }
719 : :
720 : 0 : old_wbuf_ofs = c->wbuf_ofs;
721 : 0 : old_wbuf_len = c->wbuf_len;
722 : :
723 [ # # ]: 0 : if (c->unchecked_size) {
724 : : /* GC won't make any progress for a while */
725 : : jffs2_dbg(1, "%s(): padding. Not finished checking\n",
726 : : __func__);
727 : 0 : down_write(&c->wbuf_sem);
728 : 0 : ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
729 : : /* retry flushing wbuf in case jffs2_wbuf_recover
730 : : left some data in the wbuf */
731 [ # # ]: 0 : if (ret)
732 : 0 : ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
733 : 0 : up_write(&c->wbuf_sem);
734 [ # # ][ # # ]: 0 : } else while (old_wbuf_len &&
735 : 0 : old_wbuf_ofs == c->wbuf_ofs) {
736 : :
737 : 0 : mutex_unlock(&c->alloc_sem);
738 : :
739 : : jffs2_dbg(1, "%s(): calls gc pass\n", __func__);
740 : :
741 : 0 : ret = jffs2_garbage_collect_pass(c);
742 [ # # ]: 0 : if (ret) {
743 : : /* GC failed. Flush it with padding instead */
744 : 0 : mutex_lock(&c->alloc_sem);
745 : 0 : down_write(&c->wbuf_sem);
746 : 0 : ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
747 : : /* retry flushing wbuf in case jffs2_wbuf_recover
748 : : left some data in the wbuf */
749 [ # # ]: 0 : if (ret)
750 : 0 : ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
751 : 0 : up_write(&c->wbuf_sem);
752 : 0 : break;
753 : : }
754 : 0 : mutex_lock(&c->alloc_sem);
755 : : }
756 : :
757 : : jffs2_dbg(1, "%s(): ends...\n", __func__);
758 : :
759 : 0 : mutex_unlock(&c->alloc_sem);
760 : 0 : return ret;
761 : : }
762 : :
763 : : /* Pad write-buffer to end and write it, wasting space. */
764 : 0 : int jffs2_flush_wbuf_pad(struct jffs2_sb_info *c)
765 : : {
766 : : int ret;
767 : :
768 [ # # ]: 0 : if (!c->wbuf)
769 : : return 0;
770 : :
771 : 0 : down_write(&c->wbuf_sem);
772 : 0 : ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
773 : : /* retry - maybe wbuf recover left some data in wbuf. */
774 [ # # ]: 0 : if (ret)
775 : 0 : ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
776 : 0 : up_write(&c->wbuf_sem);
777 : :
778 : 0 : return ret;
779 : : }
780 : :
781 : 0 : static size_t jffs2_fill_wbuf(struct jffs2_sb_info *c, const uint8_t *buf,
782 : : size_t len)
783 : : {
784 [ # # ][ # # ]: 0 : if (len && !c->wbuf_len && (len >= c->wbuf_pagesize))
[ # # ]
785 : : return 0;
786 : :
787 [ # # ]: 0 : if (len > (c->wbuf_pagesize - c->wbuf_len))
788 : : len = c->wbuf_pagesize - c->wbuf_len;
789 : 0 : memcpy(c->wbuf + c->wbuf_len, buf, len);
790 : 0 : c->wbuf_len += (uint32_t) len;
791 : 0 : return len;
792 : : }
793 : :
794 : 0 : int jffs2_flash_writev(struct jffs2_sb_info *c, const struct kvec *invecs,
795 : : unsigned long count, loff_t to, size_t *retlen,
796 : : uint32_t ino)
797 : : {
798 : : struct jffs2_eraseblock *jeb;
799 : : size_t wbuf_retlen, donelen = 0;
800 : 0 : uint32_t outvec_to = to;
801 : : int ret, invec;
802 : :
803 : : /* If not writebuffered flash, don't bother */
804 [ # # ]: 0 : if (!jffs2_is_writebuffered(c))
805 : 0 : return jffs2_flash_direct_writev(c, invecs, count, to, retlen);
806 : :
807 : 0 : down_write(&c->wbuf_sem);
808 : :
809 : : /* If wbuf_ofs is not initialized, set it to target address */
810 [ # # ]: 0 : if (c->wbuf_ofs == 0xFFFFFFFF) {
811 : 0 : c->wbuf_ofs = PAGE_DIV(to);
812 : 0 : c->wbuf_len = PAGE_MOD(to);
813 [ # # ]: 0 : memset(c->wbuf,0xff,c->wbuf_pagesize);
814 : : }
815 : :
816 : : /*
817 : : * Sanity checks on target address. It's permitted to write
818 : : * at PAD(c->wbuf_len+c->wbuf_ofs), and it's permitted to
819 : : * write at the beginning of a new erase block. Anything else,
820 : : * and you die. New block starts at xxx000c (0-b = block
821 : : * header)
822 : : */
823 [ # # ]: 0 : if (SECTOR_ADDR(to) != SECTOR_ADDR(c->wbuf_ofs)) {
824 : : /* It's a write to a new block */
825 [ # # ]: 0 : if (c->wbuf_len) {
826 : : jffs2_dbg(1, "%s(): to 0x%lx causes flush of wbuf at 0x%08x\n",
827 : : __func__, (unsigned long)to, c->wbuf_ofs);
828 : 0 : ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
829 [ # # ]: 0 : if (ret)
830 : : goto outerr;
831 : : }
832 : : /* set pointer to new block */
833 : 0 : c->wbuf_ofs = PAGE_DIV(to);
834 : 0 : c->wbuf_len = PAGE_MOD(to);
835 : : }
836 : :
837 [ # # ]: 0 : if (to != PAD(c->wbuf_ofs + c->wbuf_len)) {
838 : : /* We're not writing immediately after the writebuffer. Bad. */
839 : 0 : pr_crit("%s(): Non-contiguous write to %08lx\n",
840 : : __func__, (unsigned long)to);
841 [ # # ]: 0 : if (c->wbuf_len)
842 : 0 : pr_crit("wbuf was previously %08x-%08x\n",
843 : : c->wbuf_ofs, c->wbuf_ofs + c->wbuf_len);
844 : 0 : BUG();
845 : : }
846 : :
847 : : /* adjust alignment offset */
848 [ # # ]: 0 : if (c->wbuf_len != PAGE_MOD(to)) {
849 : 0 : c->wbuf_len = PAGE_MOD(to);
850 : : /* take care of alignment to next page */
851 [ # # ]: 0 : if (!c->wbuf_len) {
852 : 0 : c->wbuf_len = c->wbuf_pagesize;
853 : 0 : ret = __jffs2_flush_wbuf(c, NOPAD);
854 [ # # ]: 0 : if (ret)
855 : : goto outerr;
856 : : }
857 : : }
858 : :
859 [ # # ]: 0 : for (invec = 0; invec < count; invec++) {
860 : 0 : int vlen = invecs[invec].iov_len;
861 : 0 : uint8_t *v = invecs[invec].iov_base;
862 : :
863 : 0 : wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
864 : :
865 [ # # ]: 0 : if (c->wbuf_len == c->wbuf_pagesize) {
866 : 0 : ret = __jffs2_flush_wbuf(c, NOPAD);
867 [ # # ]: 0 : if (ret)
868 : : goto outerr;
869 : : }
870 : 0 : vlen -= wbuf_retlen;
871 : 0 : outvec_to += wbuf_retlen;
872 : 0 : donelen += wbuf_retlen;
873 : 0 : v += wbuf_retlen;
874 : :
875 [ # # ]: 0 : if (vlen >= c->wbuf_pagesize) {
876 : 0 : ret = mtd_write(c->mtd, outvec_to, PAGE_DIV(vlen),
877 : : &wbuf_retlen, v);
878 [ # # ][ # # ]: 0 : if (ret < 0 || wbuf_retlen != PAGE_DIV(vlen))
879 : : goto outfile;
880 : :
881 : 0 : vlen -= wbuf_retlen;
882 : 0 : outvec_to += wbuf_retlen;
883 : 0 : c->wbuf_ofs = outvec_to;
884 : 0 : donelen += wbuf_retlen;
885 : 0 : v += wbuf_retlen;
886 : : }
887 : :
888 : 0 : wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
889 [ # # ]: 0 : if (c->wbuf_len == c->wbuf_pagesize) {
890 : 0 : ret = __jffs2_flush_wbuf(c, NOPAD);
891 [ # # ]: 0 : if (ret)
892 : : goto outerr;
893 : : }
894 : :
895 : 0 : outvec_to += wbuf_retlen;
896 : 0 : donelen += wbuf_retlen;
897 : : }
898 : :
899 : : /*
900 : : * If there's a remainder in the wbuf and it's a non-GC write,
901 : : * remember that the wbuf affects this ino
902 : : */
903 : 0 : *retlen = donelen;
904 : :
905 : : if (jffs2_sum_active()) {
906 : 0 : int res = jffs2_sum_add_kvec(c, invecs, count, (uint32_t) to);
907 [ # # ]: 0 : if (res)
908 : : return res;
909 : : }
910 : :
911 [ # # ][ # # ]: 0 : if (c->wbuf_len && ino)
912 : 0 : jffs2_wbuf_dirties_inode(c, ino);
913 : :
914 : : ret = 0;
915 : 0 : up_write(&c->wbuf_sem);
916 : 0 : return ret;
917 : :
918 : : outfile:
919 : : /*
920 : : * At this point we have no problem, c->wbuf is empty. However
921 : : * refile nextblock to avoid writing again to same address.
922 : : */
923 : :
924 : : spin_lock(&c->erase_completion_lock);
925 : :
926 : 0 : jeb = &c->blocks[outvec_to / c->sector_size];
927 : 0 : jffs2_block_refile(c, jeb, REFILE_ANYWAY);
928 : :
929 : : spin_unlock(&c->erase_completion_lock);
930 : :
931 : : outerr:
932 : 0 : *retlen = 0;
933 : 0 : up_write(&c->wbuf_sem);
934 : 0 : return ret;
935 : : }
936 : :
937 : : /*
938 : : * This is the entry for flash write.
939 : : * Check, if we work on NAND FLASH, if so build an kvec and write it via vritev
940 : : */
941 : 0 : int jffs2_flash_write(struct jffs2_sb_info *c, loff_t ofs, size_t len,
942 : : size_t *retlen, const u_char *buf)
943 : : {
944 : : struct kvec vecs[1];
945 : :
946 [ # # ]: 0 : if (!jffs2_is_writebuffered(c))
947 : 0 : return jffs2_flash_direct_write(c, ofs, len, retlen, buf);
948 : :
949 : 0 : vecs[0].iov_base = (unsigned char *) buf;
950 : 0 : vecs[0].iov_len = len;
951 : 0 : return jffs2_flash_writev(c, vecs, 1, ofs, retlen, 0);
952 : : }
953 : :
954 : : /*
955 : : Handle readback from writebuffer and ECC failure return
956 : : */
957 : 0 : int jffs2_flash_read(struct jffs2_sb_info *c, loff_t ofs, size_t len, size_t *retlen, u_char *buf)
958 : : {
959 : : loff_t orbf = 0, owbf = 0, lwbf = 0;
960 : : int ret;
961 : :
962 [ # # ]: 0 : if (!jffs2_is_writebuffered(c))
963 : 0 : return mtd_read(c->mtd, ofs, len, retlen, buf);
964 : :
965 : : /* Read flash */
966 : 0 : down_read(&c->wbuf_sem);
967 : 0 : ret = mtd_read(c->mtd, ofs, len, retlen, buf);
968 : :
969 [ # # ][ # # ]: 0 : if ( (ret == -EBADMSG || ret == -EUCLEAN) && (*retlen == len) ) {
970 [ # # ]: 0 : if (ret == -EBADMSG)
971 : 0 : pr_warn("mtd->read(0x%zx bytes from 0x%llx) returned ECC error\n",
972 : : len, ofs);
973 : : /*
974 : : * We have the raw data without ECC correction in the buffer,
975 : : * maybe we are lucky and all data or parts are correct. We
976 : : * check the node. If data are corrupted node check will sort
977 : : * it out. We keep this block, it will fail on write or erase
978 : : * and the we mark it bad. Or should we do that now? But we
979 : : * should give him a chance. Maybe we had a system crash or
980 : : * power loss before the ecc write or a erase was completed.
981 : : * So we return success. :)
982 : : */
983 : : ret = 0;
984 : : }
985 : :
986 : : /* if no writebuffer available or write buffer empty, return */
987 [ # # ][ # # ]: 0 : if (!c->wbuf_pagesize || !c->wbuf_len)
988 : : goto exit;
989 : :
990 : : /* if we read in a different block, return */
991 [ # # ]: 0 : if (SECTOR_ADDR(ofs) != SECTOR_ADDR(c->wbuf_ofs))
992 : : goto exit;
993 : :
994 [ # # ]: 0 : if (ofs >= c->wbuf_ofs) {
995 : 0 : owbf = (ofs - c->wbuf_ofs); /* offset in write buffer */
996 [ # # ]: 0 : if (owbf > c->wbuf_len) /* is read beyond write buffer ? */
997 : : goto exit;
998 : 0 : lwbf = c->wbuf_len - owbf; /* number of bytes to copy */
999 [ # # ]: 0 : if (lwbf > len)
1000 : : lwbf = len;
1001 : : } else {
1002 : 0 : orbf = (c->wbuf_ofs - ofs); /* offset in read buffer */
1003 [ # # ]: 0 : if (orbf > len) /* is write beyond write buffer ? */
1004 : : goto exit;
1005 : 0 : lwbf = len - orbf; /* number of bytes to copy */
1006 [ # # ]: 0 : if (lwbf > c->wbuf_len)
1007 : : lwbf = c->wbuf_len;
1008 : : }
1009 [ # # ]: 0 : if (lwbf > 0)
1010 : 0 : memcpy(buf+orbf,c->wbuf+owbf,lwbf);
1011 : :
1012 : : exit:
1013 : 0 : up_read(&c->wbuf_sem);
1014 : 0 : return ret;
1015 : : }
1016 : :
1017 : : #define NR_OOB_SCAN_PAGES 4
1018 : :
1019 : : /* For historical reasons we use only 8 bytes for OOB clean marker */
1020 : : #define OOB_CM_SIZE 8
1021 : :
1022 : : static const struct jffs2_unknown_node oob_cleanmarker =
1023 : : {
1024 : : .magic = constant_cpu_to_je16(JFFS2_MAGIC_BITMASK),
1025 : : .nodetype = constant_cpu_to_je16(JFFS2_NODETYPE_CLEANMARKER),
1026 : : .totlen = constant_cpu_to_je32(8)
1027 : : };
1028 : :
1029 : : /*
1030 : : * Check, if the out of band area is empty. This function knows about the clean
1031 : : * marker and if it is present in OOB, treats the OOB as empty anyway.
1032 : : */
1033 : 0 : int jffs2_check_oob_empty(struct jffs2_sb_info *c,
1034 : : struct jffs2_eraseblock *jeb, int mode)
1035 : : {
1036 : : int i, ret;
1037 : 0 : int cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
1038 : : struct mtd_oob_ops ops;
1039 : :
1040 : 0 : ops.mode = MTD_OPS_AUTO_OOB;
1041 : 0 : ops.ooblen = NR_OOB_SCAN_PAGES * c->oobavail;
1042 : 0 : ops.oobbuf = c->oobbuf;
1043 : 0 : ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
1044 : 0 : ops.datbuf = NULL;
1045 : :
1046 : 0 : ret = mtd_read_oob(c->mtd, jeb->offset, &ops);
1047 [ # # ][ # # ]: 0 : if ((ret && !mtd_is_bitflip(ret)) || ops.oobretlen != ops.ooblen) {
[ # # ]
1048 : 0 : pr_err("cannot read OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1049 : : jeb->offset, ops.ooblen, ops.oobretlen, ret);
1050 [ # # ][ # # ]: 0 : if (!ret || mtd_is_bitflip(ret))
1051 : : ret = -EIO;
1052 : 0 : return ret;
1053 : : }
1054 : :
1055 [ # # ]: 0 : for(i = 0; i < ops.ooblen; i++) {
1056 [ # # ]: 0 : if (mode && i < cmlen)
1057 : : /* Yeah, we know about the cleanmarker */
1058 : 0 : continue;
1059 : :
1060 [ # # ]: 0 : if (ops.oobbuf[i] != 0xFF) {
1061 : : jffs2_dbg(2, "Found %02x at %x in OOB for "
1062 : : "%08x\n", ops.oobbuf[i], i, jeb->offset);
1063 : : return 1;
1064 : : }
1065 : : }
1066 : :
1067 : : return 0;
1068 : : }
1069 : :
1070 : : /*
1071 : : * Check for a valid cleanmarker.
1072 : : * Returns: 0 if a valid cleanmarker was found
1073 : : * 1 if no cleanmarker was found
1074 : : * negative error code if an error occurred
1075 : : */
1076 : 0 : int jffs2_check_nand_cleanmarker(struct jffs2_sb_info *c,
1077 : : struct jffs2_eraseblock *jeb)
1078 : : {
1079 : : struct mtd_oob_ops ops;
1080 : 0 : int ret, cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
1081 : :
1082 : 0 : ops.mode = MTD_OPS_AUTO_OOB;
1083 : 0 : ops.ooblen = cmlen;
1084 : 0 : ops.oobbuf = c->oobbuf;
1085 : 0 : ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
1086 : 0 : ops.datbuf = NULL;
1087 : :
1088 : 0 : ret = mtd_read_oob(c->mtd, jeb->offset, &ops);
1089 [ # # ][ # # ]: 0 : if ((ret && !mtd_is_bitflip(ret)) || ops.oobretlen != ops.ooblen) {
[ # # ]
1090 : 0 : pr_err("cannot read OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1091 : : jeb->offset, ops.ooblen, ops.oobretlen, ret);
1092 [ # # ][ # # ]: 0 : if (!ret || mtd_is_bitflip(ret))
1093 : : ret = -EIO;
1094 : 0 : return ret;
1095 : : }
1096 : :
1097 : 0 : return !!memcmp(&oob_cleanmarker, c->oobbuf, cmlen);
1098 : : }
1099 : :
1100 : 0 : int jffs2_write_nand_cleanmarker(struct jffs2_sb_info *c,
1101 : : struct jffs2_eraseblock *jeb)
1102 : : {
1103 : : int ret;
1104 : : struct mtd_oob_ops ops;
1105 : 0 : int cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
1106 : :
1107 : 0 : ops.mode = MTD_OPS_AUTO_OOB;
1108 : 0 : ops.ooblen = cmlen;
1109 : 0 : ops.oobbuf = (uint8_t *)&oob_cleanmarker;
1110 : 0 : ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
1111 : 0 : ops.datbuf = NULL;
1112 : :
1113 : 0 : ret = mtd_write_oob(c->mtd, jeb->offset, &ops);
1114 [ # # ][ # # ]: 0 : if (ret || ops.oobretlen != ops.ooblen) {
1115 : 0 : pr_err("cannot write OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1116 : : jeb->offset, ops.ooblen, ops.oobretlen, ret);
1117 [ # # ]: 0 : if (!ret)
1118 : : ret = -EIO;
1119 : 0 : return ret;
1120 : : }
1121 : :
1122 : : return 0;
1123 : : }
1124 : :
1125 : : /*
1126 : : * On NAND we try to mark this block bad. If the block was erased more
1127 : : * than MAX_ERASE_FAILURES we mark it finally bad.
1128 : : * Don't care about failures. This block remains on the erase-pending
1129 : : * or badblock list as long as nobody manipulates the flash with
1130 : : * a bootloader or something like that.
1131 : : */
1132 : :
1133 : 0 : int jffs2_write_nand_badblock(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, uint32_t bad_offset)
1134 : : {
1135 : : int ret;
1136 : :
1137 : : /* if the count is < max, we try to write the counter to the 2nd page oob area */
1138 [ # # ]: 0 : if( ++jeb->bad_count < MAX_ERASE_FAILURES)
1139 : : return 0;
1140 : :
1141 : 0 : pr_warn("marking eraseblock at %08x as bad\n", bad_offset);
1142 : 0 : ret = mtd_block_markbad(c->mtd, bad_offset);
1143 : :
1144 [ # # ]: 0 : if (ret) {
1145 : : jffs2_dbg(1, "%s(): Write failed for block at %08x: error %d\n",
1146 : : __func__, jeb->offset, ret);
1147 : 0 : return ret;
1148 : : }
1149 : : return 1;
1150 : : }
1151 : :
1152 : : static struct jffs2_sb_info *work_to_sb(struct work_struct *work)
1153 : : {
1154 : : struct delayed_work *dwork;
1155 : :
1156 : : dwork = container_of(work, struct delayed_work, work);
1157 : : return container_of(dwork, struct jffs2_sb_info, wbuf_dwork);
1158 : : }
1159 : :
1160 : 0 : static void delayed_wbuf_sync(struct work_struct *work)
1161 : : {
1162 : 0 : struct jffs2_sb_info *c = work_to_sb(work);
1163 : 0 : struct super_block *sb = OFNI_BS_2SFFJ(c);
1164 : :
1165 : : spin_lock(&c->wbuf_dwork_lock);
1166 : 0 : c->wbuf_queued = 0;
1167 : : spin_unlock(&c->wbuf_dwork_lock);
1168 : :
1169 [ # # ]: 0 : if (!(sb->s_flags & MS_RDONLY)) {
1170 : : jffs2_dbg(1, "%s()\n", __func__);
1171 : 0 : jffs2_flush_wbuf_gc(c, 0);
1172 : : }
1173 : 0 : }
1174 : :
1175 : 0 : void jffs2_dirty_trigger(struct jffs2_sb_info *c)
1176 : : {
1177 : 0 : struct super_block *sb = OFNI_BS_2SFFJ(c);
1178 : : unsigned long delay;
1179 : :
1180 [ # # ]: 0 : if (sb->s_flags & MS_RDONLY)
1181 : 0 : return;
1182 : :
1183 : : spin_lock(&c->wbuf_dwork_lock);
1184 [ # # ]: 0 : if (!c->wbuf_queued) {
1185 : : jffs2_dbg(1, "%s()\n", __func__);
1186 : 0 : delay = msecs_to_jiffies(dirty_writeback_interval * 10);
1187 : 0 : queue_delayed_work(system_long_wq, &c->wbuf_dwork, delay);
1188 : 0 : c->wbuf_queued = 1;
1189 : : }
1190 : : spin_unlock(&c->wbuf_dwork_lock);
1191 : : }
1192 : :
1193 : 0 : int jffs2_nand_flash_setup(struct jffs2_sb_info *c)
1194 : : {
1195 : 0 : struct nand_ecclayout *oinfo = c->mtd->ecclayout;
1196 : :
1197 [ # # ]: 0 : if (!c->mtd->oobsize)
1198 : : return 0;
1199 : :
1200 : : /* Cleanmarker is out-of-band, so inline size zero */
1201 : 0 : c->cleanmarker_size = 0;
1202 : :
1203 [ # # ][ # # ]: 0 : if (!oinfo || oinfo->oobavail == 0) {
1204 : 0 : pr_err("inconsistent device description\n");
1205 : 0 : return -EINVAL;
1206 : : }
1207 : :
1208 : : jffs2_dbg(1, "using OOB on NAND\n");
1209 : :
1210 : 0 : c->oobavail = oinfo->oobavail;
1211 : :
1212 : : /* Initialise write buffer */
1213 : 0 : init_rwsem(&c->wbuf_sem);
1214 : 0 : spin_lock_init(&c->wbuf_dwork_lock);
1215 : 0 : INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
1216 : 0 : c->wbuf_pagesize = c->mtd->writesize;
1217 : 0 : c->wbuf_ofs = 0xFFFFFFFF;
1218 : :
1219 : 0 : c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1220 [ # # ]: 0 : if (!c->wbuf)
1221 : : return -ENOMEM;
1222 : :
1223 : 0 : c->oobbuf = kmalloc(NR_OOB_SCAN_PAGES * c->oobavail, GFP_KERNEL);
1224 [ # # ]: 0 : if (!c->oobbuf) {
1225 : 0 : kfree(c->wbuf);
1226 : 0 : return -ENOMEM;
1227 : : }
1228 : :
1229 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1230 : : c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1231 : : if (!c->wbuf_verify) {
1232 : : kfree(c->oobbuf);
1233 : : kfree(c->wbuf);
1234 : : return -ENOMEM;
1235 : : }
1236 : : #endif
1237 : : return 0;
1238 : : }
1239 : :
1240 : 0 : void jffs2_nand_flash_cleanup(struct jffs2_sb_info *c)
1241 : : {
1242 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1243 : : kfree(c->wbuf_verify);
1244 : : #endif
1245 : 0 : kfree(c->wbuf);
1246 : 0 : kfree(c->oobbuf);
1247 : 0 : }
1248 : :
1249 : 0 : int jffs2_dataflash_setup(struct jffs2_sb_info *c) {
1250 : 0 : c->cleanmarker_size = 0; /* No cleanmarkers needed */
1251 : :
1252 : : /* Initialize write buffer */
1253 : 0 : init_rwsem(&c->wbuf_sem);
1254 : 0 : spin_lock_init(&c->wbuf_dwork_lock);
1255 : 0 : INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
1256 : 0 : c->wbuf_pagesize = c->mtd->erasesize;
1257 : :
1258 : : /* Find a suitable c->sector_size
1259 : : * - Not too much sectors
1260 : : * - Sectors have to be at least 4 K + some bytes
1261 : : * - All known dataflashes have erase sizes of 528 or 1056
1262 : : * - we take at least 8 eraseblocks and want to have at least 8K size
1263 : : * - The concatenation should be a power of 2
1264 : : */
1265 : :
1266 : 0 : c->sector_size = 8 * c->mtd->erasesize;
1267 : :
1268 [ # # ]: 0 : while (c->sector_size < 8192) {
1269 : 0 : c->sector_size *= 2;
1270 : : }
1271 : :
1272 : : /* It may be necessary to adjust the flash size */
1273 : 0 : c->flash_size = c->mtd->size;
1274 : :
1275 [ # # ]: 0 : if ((c->flash_size % c->sector_size) != 0) {
1276 : 0 : c->flash_size = (c->flash_size / c->sector_size) * c->sector_size;
1277 : 0 : pr_warn("flash size adjusted to %dKiB\n", c->flash_size);
1278 : : };
1279 : :
1280 : 0 : c->wbuf_ofs = 0xFFFFFFFF;
1281 : 0 : c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1282 [ # # ]: 0 : if (!c->wbuf)
1283 : : return -ENOMEM;
1284 : :
1285 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1286 : : c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1287 : : if (!c->wbuf_verify) {
1288 : : kfree(c->oobbuf);
1289 : : kfree(c->wbuf);
1290 : : return -ENOMEM;
1291 : : }
1292 : : #endif
1293 : :
1294 : 0 : pr_info("write-buffering enabled buffer (%d) erasesize (%d)\n",
1295 : : c->wbuf_pagesize, c->sector_size);
1296 : :
1297 : 0 : return 0;
1298 : : }
1299 : :
1300 : 0 : void jffs2_dataflash_cleanup(struct jffs2_sb_info *c) {
1301 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1302 : : kfree(c->wbuf_verify);
1303 : : #endif
1304 : 0 : kfree(c->wbuf);
1305 : 0 : }
1306 : :
1307 : 0 : int jffs2_nor_wbuf_flash_setup(struct jffs2_sb_info *c) {
1308 : : /* Cleanmarker currently occupies whole programming regions,
1309 : : * either one or 2 for 8Byte STMicro flashes. */
1310 : 0 : c->cleanmarker_size = max(16u, c->mtd->writesize);
1311 : :
1312 : : /* Initialize write buffer */
1313 : 0 : init_rwsem(&c->wbuf_sem);
1314 : 0 : spin_lock_init(&c->wbuf_dwork_lock);
1315 : 0 : INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
1316 : :
1317 : 0 : c->wbuf_pagesize = c->mtd->writesize;
1318 : 0 : c->wbuf_ofs = 0xFFFFFFFF;
1319 : :
1320 : 0 : c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1321 [ # # ]: 0 : if (!c->wbuf)
1322 : : return -ENOMEM;
1323 : :
1324 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1325 : : c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1326 : : if (!c->wbuf_verify) {
1327 : : kfree(c->wbuf);
1328 : : return -ENOMEM;
1329 : : }
1330 : : #endif
1331 : 0 : return 0;
1332 : : }
1333 : :
1334 : 0 : void jffs2_nor_wbuf_flash_cleanup(struct jffs2_sb_info *c) {
1335 : : #ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1336 : : kfree(c->wbuf_verify);
1337 : : #endif
1338 : 0 : kfree(c->wbuf);
1339 : 0 : }
1340 : :
1341 : 0 : int jffs2_ubivol_setup(struct jffs2_sb_info *c) {
1342 : 0 : c->cleanmarker_size = 0;
1343 : :
1344 [ # # ]: 0 : if (c->mtd->writesize == 1)
1345 : : /* We do not need write-buffer */
1346 : : return 0;
1347 : :
1348 : 0 : init_rwsem(&c->wbuf_sem);
1349 : 0 : spin_lock_init(&c->wbuf_dwork_lock);
1350 : 0 : INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
1351 : :
1352 : 0 : c->wbuf_pagesize = c->mtd->writesize;
1353 : 0 : c->wbuf_ofs = 0xFFFFFFFF;
1354 : 0 : c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1355 [ # # ]: 0 : if (!c->wbuf)
1356 : : return -ENOMEM;
1357 : :
1358 : 0 : pr_info("write-buffering enabled buffer (%d) erasesize (%d)\n",
1359 : : c->wbuf_pagesize, c->sector_size);
1360 : :
1361 : 0 : return 0;
1362 : : }
1363 : :
1364 : 0 : void jffs2_ubivol_cleanup(struct jffs2_sb_info *c) {
1365 : 0 : kfree(c->wbuf);
1366 : 0 : }
|