Merge branch 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfashe...
[linux-2.6] / fs / jffs2 / wbuf.c
1 /*
2  * JFFS2 -- Journalling Flash File System, Version 2.
3  *
4  * Copyright (C) 2001-2003 Red Hat, Inc.
5  * Copyright (C) 2004 Thomas Gleixner <tglx@linutronix.de>
6  *
7  * Created by David Woodhouse <dwmw2@infradead.org>
8  * Modified debugged and enhanced by Thomas Gleixner <tglx@linutronix.de>
9  *
10  * For licensing information, see the file 'LICENCE' in this directory.
11  *
12  * $Id: wbuf.c,v 1.100 2005/09/30 13:59:13 dedekind Exp $
13  *
14  */
15
16 #include <linux/kernel.h>
17 #include <linux/slab.h>
18 #include <linux/mtd/mtd.h>
19 #include <linux/crc32.h>
20 #include <linux/mtd/nand.h>
21 #include <linux/jiffies.h>
22 #include <linux/sched.h>
23
24 #include "nodelist.h"
25
26 /* For testing write failures */
27 #undef BREAKME
28 #undef BREAKMEHEADER
29
30 #ifdef BREAKME
31 static unsigned char *brokenbuf;
32 #endif
33
34 #define PAGE_DIV(x) ( ((unsigned long)(x) / (unsigned long)(c->wbuf_pagesize)) * (unsigned long)(c->wbuf_pagesize) )
35 #define PAGE_MOD(x) ( (unsigned long)(x) % (unsigned long)(c->wbuf_pagesize) )
36
37 /* max. erase failures before we mark a block bad */
38 #define MAX_ERASE_FAILURES      2
39
40 struct jffs2_inodirty {
41         uint32_t ino;
42         struct jffs2_inodirty *next;
43 };
44
45 static struct jffs2_inodirty inodirty_nomem;
46
47 static int jffs2_wbuf_pending_for_ino(struct jffs2_sb_info *c, uint32_t ino)
48 {
49         struct jffs2_inodirty *this = c->wbuf_inodes;
50
51         /* If a malloc failed, consider _everything_ dirty */
52         if (this == &inodirty_nomem)
53                 return 1;
54
55         /* If ino == 0, _any_ non-GC writes mean 'yes' */
56         if (this && !ino)
57                 return 1;
58
59         /* Look to see if the inode in question is pending in the wbuf */
60         while (this) {
61                 if (this->ino == ino)
62                         return 1;
63                 this = this->next;
64         }
65         return 0;
66 }
67
68 static void jffs2_clear_wbuf_ino_list(struct jffs2_sb_info *c)
69 {
70         struct jffs2_inodirty *this;
71
72         this = c->wbuf_inodes;
73
74         if (this != &inodirty_nomem) {
75                 while (this) {
76                         struct jffs2_inodirty *next = this->next;
77                         kfree(this);
78                         this = next;
79                 }
80         }
81         c->wbuf_inodes = NULL;
82 }
83
84 static void jffs2_wbuf_dirties_inode(struct jffs2_sb_info *c, uint32_t ino)
85 {
86         struct jffs2_inodirty *new;
87
88         /* Mark the superblock dirty so that kupdated will flush... */
89         jffs2_erase_pending_trigger(c);
90
91         if (jffs2_wbuf_pending_for_ino(c, ino))
92                 return;
93
94         new = kmalloc(sizeof(*new), GFP_KERNEL);
95         if (!new) {
96                 D1(printk(KERN_DEBUG "No memory to allocate inodirty. Fallback to all considered dirty\n"));
97                 jffs2_clear_wbuf_ino_list(c);
98                 c->wbuf_inodes = &inodirty_nomem;
99                 return;
100         }
101         new->ino = ino;
102         new->next = c->wbuf_inodes;
103         c->wbuf_inodes = new;
104         return;
105 }
106
107 static inline void jffs2_refile_wbuf_blocks(struct jffs2_sb_info *c)
108 {
109         struct list_head *this, *next;
110         static int n;
111
112         if (list_empty(&c->erasable_pending_wbuf_list))
113                 return;
114
115         list_for_each_safe(this, next, &c->erasable_pending_wbuf_list) {
116                 struct jffs2_eraseblock *jeb = list_entry(this, struct jffs2_eraseblock, list);
117
118                 D1(printk(KERN_DEBUG "Removing eraseblock at 0x%08x from erasable_pending_wbuf_list...\n", jeb->offset));
119                 list_del(this);
120                 if ((jiffies + (n++)) & 127) {
121                         /* Most of the time, we just erase it immediately. Otherwise we
122                            spend ages scanning it on mount, etc. */
123                         D1(printk(KERN_DEBUG "...and adding to erase_pending_list\n"));
124                         list_add_tail(&jeb->list, &c->erase_pending_list);
125                         c->nr_erasing_blocks++;
126                         jffs2_erase_pending_trigger(c);
127                 } else {
128                         /* Sometimes, however, we leave it elsewhere so it doesn't get
129                            immediately reused, and we spread the load a bit. */
130                         D1(printk(KERN_DEBUG "...and adding to erasable_list\n"));
131                         list_add_tail(&jeb->list, &c->erasable_list);
132                 }
133         }
134 }
135
136 #define REFILE_NOTEMPTY 0
137 #define REFILE_ANYWAY   1
138
139 static void jffs2_block_refile(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, int allow_empty)
140 {
141         D1(printk("About to refile bad block at %08x\n", jeb->offset));
142
143         /* File the existing block on the bad_used_list.... */
144         if (c->nextblock == jeb)
145                 c->nextblock = NULL;
146         else /* Not sure this should ever happen... need more coffee */
147                 list_del(&jeb->list);
148         if (jeb->first_node) {
149                 D1(printk("Refiling block at %08x to bad_used_list\n", jeb->offset));
150                 list_add(&jeb->list, &c->bad_used_list);
151         } else {
152                 BUG_ON(allow_empty == REFILE_NOTEMPTY);
153                 /* It has to have had some nodes or we couldn't be here */
154                 D1(printk("Refiling block at %08x to erase_pending_list\n", jeb->offset));
155                 list_add(&jeb->list, &c->erase_pending_list);
156                 c->nr_erasing_blocks++;
157                 jffs2_erase_pending_trigger(c);
158         }
159
160         if (!jffs2_prealloc_raw_node_refs(c, jeb, 1)) {
161                 uint32_t oldfree = jeb->free_size;
162
163                 jffs2_link_node_ref(c, jeb, 
164                                     (jeb->offset+c->sector_size-oldfree) | REF_OBSOLETE,
165                                     oldfree, NULL);
166                 /* convert to wasted */
167                 c->wasted_size += oldfree;
168                 jeb->wasted_size += oldfree;
169                 c->dirty_size -= oldfree;
170                 jeb->dirty_size -= oldfree;
171         }
172
173         jffs2_dbg_dump_block_lists_nolock(c);
174         jffs2_dbg_acct_sanity_check_nolock(c,jeb);
175         jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
176 }
177
178 static struct jffs2_raw_node_ref **jffs2_incore_replace_raw(struct jffs2_sb_info *c,
179                                                             struct jffs2_inode_info *f,
180                                                             struct jffs2_raw_node_ref *raw,
181                                                             union jffs2_node_union *node)
182 {
183         struct jffs2_node_frag *frag;
184         struct jffs2_full_dirent *fd;
185
186         dbg_noderef("incore_replace_raw: node at %p is {%04x,%04x}\n",
187                     node, je16_to_cpu(node->u.magic), je16_to_cpu(node->u.nodetype));
188
189         BUG_ON(je16_to_cpu(node->u.magic) != 0x1985 &&
190                je16_to_cpu(node->u.magic) != 0);
191
192         switch (je16_to_cpu(node->u.nodetype)) {
193         case JFFS2_NODETYPE_INODE:
194                 if (f->metadata && f->metadata->raw == raw) {
195                         dbg_noderef("Will replace ->raw in f->metadata at %p\n", f->metadata);
196                         return &f->metadata->raw;
197                 }
198                 frag = jffs2_lookup_node_frag(&f->fragtree, je32_to_cpu(node->i.offset));
199                 BUG_ON(!frag);
200                 /* Find a frag which refers to the full_dnode we want to modify */
201                 while (!frag->node || frag->node->raw != raw) {
202                         frag = frag_next(frag);
203                         BUG_ON(!frag);
204                 }
205                 dbg_noderef("Will replace ->raw in full_dnode at %p\n", frag->node);
206                 return &frag->node->raw;
207
208         case JFFS2_NODETYPE_DIRENT:
209                 for (fd = f->dents; fd; fd = fd->next) {
210                         if (fd->raw == raw) {
211                                 dbg_noderef("Will replace ->raw in full_dirent at %p\n", fd);
212                                 return &fd->raw;
213                         }
214                 }
215                 BUG();
216
217         default:
218                 dbg_noderef("Don't care about replacing raw for nodetype %x\n",
219                             je16_to_cpu(node->u.nodetype));
220                 break;
221         }
222         return NULL;
223 }
224
225 /* Recover from failure to write wbuf. Recover the nodes up to the
226  * wbuf, not the one which we were starting to try to write. */
227
228 static void jffs2_wbuf_recover(struct jffs2_sb_info *c)
229 {
230         struct jffs2_eraseblock *jeb, *new_jeb;
231         struct jffs2_raw_node_ref *raw, *next, *first_raw = NULL;
232         size_t retlen;
233         int ret;
234         int nr_refile = 0;
235         unsigned char *buf;
236         uint32_t start, end, ofs, len;
237
238         jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
239
240         spin_lock(&c->erase_completion_lock);
241         jffs2_block_refile(c, jeb, REFILE_NOTEMPTY);
242         spin_unlock(&c->erase_completion_lock);
243
244         BUG_ON(!ref_obsolete(jeb->last_node));
245
246         /* Find the first node to be recovered, by skipping over every
247            node which ends before the wbuf starts, or which is obsolete. */
248         for (next = raw = jeb->first_node; next; raw = next) {
249                 next = ref_next(raw);
250
251                 if (ref_obsolete(raw) || 
252                     (next && ref_offset(next) <= c->wbuf_ofs)) {
253                         dbg_noderef("Skipping node at 0x%08x(%d)-0x%08x which is either before 0x%08x or obsolete\n",
254                                     ref_offset(raw), ref_flags(raw),
255                                     (ref_offset(raw) + ref_totlen(c, jeb, raw)),
256                                     c->wbuf_ofs);
257                         continue;
258                 }
259                 dbg_noderef("First node to be recovered is at 0x%08x(%d)-0x%08x\n",
260                             ref_offset(raw), ref_flags(raw),
261                             (ref_offset(raw) + ref_totlen(c, jeb, raw)));
262
263                 first_raw = raw;
264                 break;
265         }
266
267         if (!first_raw) {
268                 /* All nodes were obsolete. Nothing to recover. */
269                 D1(printk(KERN_DEBUG "No non-obsolete nodes to be recovered. Just filing block bad\n"));
270                 c->wbuf_len = 0;
271                 return;
272         }
273
274         start = ref_offset(first_raw);
275         end = ref_offset(jeb->last_node);
276         nr_refile = 1;
277
278         /* Count the number of refs which need to be copied */
279         while ((raw = ref_next(raw)) != jeb->last_node)
280                 nr_refile++;
281
282         dbg_noderef("wbuf recover %08x-%08x (%d bytes in %d nodes)\n",
283                     start, end, end - start, nr_refile);
284
285         buf = NULL;
286         if (start < c->wbuf_ofs) {
287                 /* First affected node was already partially written.
288                  * Attempt to reread the old data into our buffer. */
289
290                 buf = kmalloc(end - start, GFP_KERNEL);
291                 if (!buf) {
292                         printk(KERN_CRIT "Malloc failure in wbuf recovery. Data loss ensues.\n");
293
294                         goto read_failed;
295                 }
296
297                 /* Do the read... */
298                 ret = c->mtd->read(c->mtd, start, c->wbuf_ofs - start, &retlen, buf);
299
300                 /* ECC recovered ? */
301                 if ((ret == -EUCLEAN || ret == -EBADMSG) &&
302                     (retlen == c->wbuf_ofs - start))
303                         ret = 0;
304
305                 if (ret || retlen != c->wbuf_ofs - start) {
306                         printk(KERN_CRIT "Old data are already lost in wbuf recovery. Data loss ensues.\n");
307
308                         kfree(buf);
309                         buf = NULL;
310                 read_failed:
311                         first_raw = ref_next(first_raw);
312                         nr_refile--;
313                         while (first_raw && ref_obsolete(first_raw)) {
314                                 first_raw = ref_next(first_raw);
315                                 nr_refile--;
316                         }
317
318                         /* If this was the only node to be recovered, give up */
319                         if (!first_raw) {
320                                 c->wbuf_len = 0;
321                                 return;
322                         }
323
324                         /* It wasn't. Go on and try to recover nodes complete in the wbuf */
325                         start = ref_offset(first_raw);
326                         dbg_noderef("wbuf now recover %08x-%08x (%d bytes in %d nodes)\n",
327                                     start, end, end - start, nr_refile);
328
329                 } else {
330                         /* Read succeeded. Copy the remaining data from the wbuf */
331                         memcpy(buf + (c->wbuf_ofs - start), c->wbuf, end - c->wbuf_ofs);
332                 }
333         }
334         /* OK... we're to rewrite (end-start) bytes of data from first_raw onwards.
335            Either 'buf' contains the data, or we find it in the wbuf */
336
337         /* ... and get an allocation of space from a shiny new block instead */
338         ret = jffs2_reserve_space_gc(c, end-start, &len, JFFS2_SUMMARY_NOSUM_SIZE);
339         if (ret) {
340                 printk(KERN_WARNING "Failed to allocate space for wbuf recovery. Data loss ensues.\n");
341                 kfree(buf);
342                 return;
343         }
344
345         ret = jffs2_prealloc_raw_node_refs(c, c->nextblock, nr_refile);
346         if (ret) {
347                 printk(KERN_WARNING "Failed to allocate node refs for wbuf recovery. Data loss ensues.\n");
348                 kfree(buf);
349                 return;
350         }
351
352         ofs = write_ofs(c);
353
354         if (end-start >= c->wbuf_pagesize) {
355                 /* Need to do another write immediately, but it's possible
356                    that this is just because the wbuf itself is completely
357                    full, and there's nothing earlier read back from the
358                    flash. Hence 'buf' isn't necessarily what we're writing
359                    from. */
360                 unsigned char *rewrite_buf = buf?:c->wbuf;
361                 uint32_t towrite = (end-start) - ((end-start)%c->wbuf_pagesize);
362
363                 D1(printk(KERN_DEBUG "Write 0x%x bytes at 0x%08x in wbuf recover\n",
364                           towrite, ofs));
365
366 #ifdef BREAKMEHEADER
367                 static int breakme;
368                 if (breakme++ == 20) {
369                         printk(KERN_NOTICE "Faking write error at 0x%08x\n", ofs);
370                         breakme = 0;
371                         c->mtd->write(c->mtd, ofs, towrite, &retlen,
372                                       brokenbuf);
373                         ret = -EIO;
374                 } else
375 #endif
376                         ret = c->mtd->write(c->mtd, ofs, towrite, &retlen,
377                                             rewrite_buf);
378
379                 if (ret || retlen != towrite) {
380                         /* Argh. We tried. Really we did. */
381                         printk(KERN_CRIT "Recovery of wbuf failed due to a second write error\n");
382                         kfree(buf);
383
384                         if (retlen)
385                                 jffs2_add_physical_node_ref(c, ofs | REF_OBSOLETE, ref_totlen(c, jeb, first_raw), NULL);
386
387                         return;
388                 }
389                 printk(KERN_NOTICE "Recovery of wbuf succeeded to %08x\n", ofs);
390
391                 c->wbuf_len = (end - start) - towrite;
392                 c->wbuf_ofs = ofs + towrite;
393                 memmove(c->wbuf, rewrite_buf + towrite, c->wbuf_len);
394                 /* Don't muck about with c->wbuf_inodes. False positives are harmless. */
395         } else {
396                 /* OK, now we're left with the dregs in whichever buffer we're using */
397                 if (buf) {
398                         memcpy(c->wbuf, buf, end-start);
399                 } else {
400                         memmove(c->wbuf, c->wbuf + (start - c->wbuf_ofs), end - start);
401                 }
402                 c->wbuf_ofs = ofs;
403                 c->wbuf_len = end - start;
404         }
405
406         /* Now sort out the jffs2_raw_node_refs, moving them from the old to the next block */
407         new_jeb = &c->blocks[ofs / c->sector_size];
408
409         spin_lock(&c->erase_completion_lock);
410         for (raw = first_raw; raw != jeb->last_node; raw = ref_next(raw)) {
411                 uint32_t rawlen = ref_totlen(c, jeb, raw);
412                 struct jffs2_inode_cache *ic;
413                 struct jffs2_raw_node_ref *new_ref;
414                 struct jffs2_raw_node_ref **adjust_ref = NULL;
415                 struct jffs2_inode_info *f = NULL;
416
417                 D1(printk(KERN_DEBUG "Refiling block of %08x at %08x(%d) to %08x\n",
418                           rawlen, ref_offset(raw), ref_flags(raw), ofs));
419
420                 ic = jffs2_raw_ref_to_ic(raw);
421
422                 /* Ick. This XATTR mess should be fixed shortly... */
423                 if (ic && ic->class == RAWNODE_CLASS_XATTR_DATUM) {
424                         struct jffs2_xattr_datum *xd = (void *)ic;
425                         BUG_ON(xd->node != raw);
426                         adjust_ref = &xd->node;
427                         raw->next_in_ino = NULL;
428                         ic = NULL;
429                 } else if (ic && ic->class == RAWNODE_CLASS_XATTR_REF) {
430                         struct jffs2_xattr_datum *xr = (void *)ic;
431                         BUG_ON(xr->node != raw);
432                         adjust_ref = &xr->node;
433                         raw->next_in_ino = NULL;
434                         ic = NULL;
435                 } else if (ic && ic->class == RAWNODE_CLASS_INODE_CACHE) {
436                         struct jffs2_raw_node_ref **p = &ic->nodes;
437
438                         /* Remove the old node from the per-inode list */
439                         while (*p && *p != (void *)ic) {
440                                 if (*p == raw) {
441                                         (*p) = (raw->next_in_ino);
442                                         raw->next_in_ino = NULL;
443                                         break;
444                                 }
445                                 p = &((*p)->next_in_ino);
446                         }
447
448                         if (ic->state == INO_STATE_PRESENT && !ref_obsolete(raw)) {
449                                 /* If it's an in-core inode, then we have to adjust any
450                                    full_dirent or full_dnode structure to point to the
451                                    new version instead of the old */
452                                 f = jffs2_gc_fetch_inode(c, ic->ino, ic->nlink);
453                                 if (IS_ERR(f)) {
454                                         /* Should never happen; it _must_ be present */
455                                         JFFS2_ERROR("Failed to iget() ino #%u, err %ld\n",
456                                                     ic->ino, PTR_ERR(f));
457                                         BUG();
458                                 }
459                                 /* We don't lock f->sem. There's a number of ways we could
460                                    end up in here with it already being locked, and nobody's
461                                    going to modify it on us anyway because we hold the
462                                    alloc_sem. We're only changing one ->raw pointer too,
463                                    which we can get away with without upsetting readers. */
464                                 adjust_ref = jffs2_incore_replace_raw(c, f, raw,
465                                                                       (void *)(buf?:c->wbuf) + (ref_offset(raw) - start));
466                         } else if (unlikely(ic->state != INO_STATE_PRESENT &&
467                                             ic->state != INO_STATE_CHECKEDABSENT &&
468                                             ic->state != INO_STATE_GC)) {
469                                 JFFS2_ERROR("Inode #%u is in strange state %d!\n", ic->ino, ic->state);
470                                 BUG();
471                         }
472                 }
473
474                 new_ref = jffs2_link_node_ref(c, new_jeb, ofs | ref_flags(raw), rawlen, ic);
475
476                 if (adjust_ref) {
477                         BUG_ON(*adjust_ref != raw);
478                         *adjust_ref = new_ref;
479                 }
480                 if (f)
481                         jffs2_gc_release_inode(c, f);
482
483                 if (!ref_obsolete(raw)) {
484                         jeb->dirty_size += rawlen;
485                         jeb->used_size  -= rawlen;
486                         c->dirty_size += rawlen;
487                         c->used_size -= rawlen;
488                         raw->flash_offset = ref_offset(raw) | REF_OBSOLETE;
489                         BUG_ON(raw->next_in_ino);
490                 }
491                 ofs += rawlen;
492         }
493
494         kfree(buf);
495
496         /* Fix up the original jeb now it's on the bad_list */
497         if (first_raw == jeb->first_node) {
498                 D1(printk(KERN_DEBUG "Failing block at %08x is now empty. Moving to erase_pending_list\n", jeb->offset));
499                 list_move(&jeb->list, &c->erase_pending_list);
500                 c->nr_erasing_blocks++;
501                 jffs2_erase_pending_trigger(c);
502         }
503
504         jffs2_dbg_acct_sanity_check_nolock(c, jeb);
505         jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
506
507         jffs2_dbg_acct_sanity_check_nolock(c, new_jeb);
508         jffs2_dbg_acct_paranoia_check_nolock(c, new_jeb);
509
510         spin_unlock(&c->erase_completion_lock);
511
512         D1(printk(KERN_DEBUG "wbuf recovery completed OK. wbuf_ofs 0x%08x, len 0x%x\n", c->wbuf_ofs, c->wbuf_len));
513
514 }
515
516 /* Meaning of pad argument:
517    0: Do not pad. Probably pointless - we only ever use this when we can't pad anyway.
518    1: Pad, do not adjust nextblock free_size
519    2: Pad, adjust nextblock free_size
520 */
521 #define NOPAD           0
522 #define PAD_NOACCOUNT   1
523 #define PAD_ACCOUNTING  2
524
525 static int __jffs2_flush_wbuf(struct jffs2_sb_info *c, int pad)
526 {
527         struct jffs2_eraseblock *wbuf_jeb;
528         int ret;
529         size_t retlen;
530
531         /* Nothing to do if not write-buffering the flash. In particular, we shouldn't
532            del_timer() the timer we never initialised. */
533         if (!jffs2_is_writebuffered(c))
534                 return 0;
535
536         if (!down_trylock(&c->alloc_sem)) {
537                 up(&c->alloc_sem);
538                 printk(KERN_CRIT "jffs2_flush_wbuf() called with alloc_sem not locked!\n");
539                 BUG();
540         }
541
542         if (!c->wbuf_len)       /* already checked c->wbuf above */
543                 return 0;
544
545         wbuf_jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
546         if (jffs2_prealloc_raw_node_refs(c, wbuf_jeb, c->nextblock->allocated_refs + 1))
547                 return -ENOMEM;
548
549         /* claim remaining space on the page
550            this happens, if we have a change to a new block,
551            or if fsync forces us to flush the writebuffer.
552            if we have a switch to next page, we will not have
553            enough remaining space for this.
554         */
555         if (pad ) {
556                 c->wbuf_len = PAD(c->wbuf_len);
557
558                 /* Pad with JFFS2_DIRTY_BITMASK initially.  this helps out ECC'd NOR
559                    with 8 byte page size */
560                 memset(c->wbuf + c->wbuf_len, 0, c->wbuf_pagesize - c->wbuf_len);
561
562                 if ( c->wbuf_len + sizeof(struct jffs2_unknown_node) < c->wbuf_pagesize) {
563                         struct jffs2_unknown_node *padnode = (void *)(c->wbuf + c->wbuf_len);
564                         padnode->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
565                         padnode->nodetype = cpu_to_je16(JFFS2_NODETYPE_PADDING);
566                         padnode->totlen = cpu_to_je32(c->wbuf_pagesize - c->wbuf_len);
567                         padnode->hdr_crc = cpu_to_je32(crc32(0, padnode, sizeof(*padnode)-4));
568                 }
569         }
570         /* else jffs2_flash_writev has actually filled in the rest of the
571            buffer for us, and will deal with the node refs etc. later. */
572
573 #ifdef BREAKME
574         static int breakme;
575         if (breakme++ == 20) {
576                 printk(KERN_NOTICE "Faking write error at 0x%08x\n", c->wbuf_ofs);
577                 breakme = 0;
578                 c->mtd->write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize, &retlen,
579                               brokenbuf);
580                 ret = -EIO;
581         } else
582 #endif
583
584                 ret = c->mtd->write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize, &retlen, c->wbuf);
585
586         if (ret || retlen != c->wbuf_pagesize) {
587                 if (ret)
588                         printk(KERN_WARNING "jffs2_flush_wbuf(): Write failed with %d\n",ret);
589                 else {
590                         printk(KERN_WARNING "jffs2_flush_wbuf(): Write was short: %zd instead of %d\n",
591                                 retlen, c->wbuf_pagesize);
592                         ret = -EIO;
593                 }
594
595                 jffs2_wbuf_recover(c);
596
597                 return ret;
598         }
599
600         /* Adjust free size of the block if we padded. */
601         if (pad) {
602                 uint32_t waste = c->wbuf_pagesize - c->wbuf_len;
603
604                 D1(printk(KERN_DEBUG "jffs2_flush_wbuf() adjusting free_size of %sblock at %08x\n",
605                           (wbuf_jeb==c->nextblock)?"next":"", wbuf_jeb->offset));
606
607                 /* wbuf_pagesize - wbuf_len is the amount of space that's to be
608                    padded. If there is less free space in the block than that,
609                    something screwed up */
610                 if (wbuf_jeb->free_size < waste) {
611                         printk(KERN_CRIT "jffs2_flush_wbuf(): Accounting error. wbuf at 0x%08x has 0x%03x bytes, 0x%03x left.\n",
612                                c->wbuf_ofs, c->wbuf_len, waste);
613                         printk(KERN_CRIT "jffs2_flush_wbuf(): But free_size for block at 0x%08x is only 0x%08x\n",
614                                wbuf_jeb->offset, wbuf_jeb->free_size);
615                         BUG();
616                 }
617
618                 spin_lock(&c->erase_completion_lock);
619
620                 jffs2_link_node_ref(c, wbuf_jeb, (c->wbuf_ofs + c->wbuf_len) | REF_OBSOLETE, waste, NULL);
621                 /* FIXME: that made it count as dirty. Convert to wasted */
622                 wbuf_jeb->dirty_size -= waste;
623                 c->dirty_size -= waste;
624                 wbuf_jeb->wasted_size += waste;
625                 c->wasted_size += waste;
626         } else
627                 spin_lock(&c->erase_completion_lock);
628
629         /* Stick any now-obsoleted blocks on the erase_pending_list */
630         jffs2_refile_wbuf_blocks(c);
631         jffs2_clear_wbuf_ino_list(c);
632         spin_unlock(&c->erase_completion_lock);
633
634         memset(c->wbuf,0xff,c->wbuf_pagesize);
635         /* adjust write buffer offset, else we get a non contiguous write bug */
636         c->wbuf_ofs += c->wbuf_pagesize;
637         c->wbuf_len = 0;
638         return 0;
639 }
640
641 /* Trigger garbage collection to flush the write-buffer.
642    If ino arg is zero, do it if _any_ real (i.e. not GC) writes are
643    outstanding. If ino arg non-zero, do it only if a write for the
644    given inode is outstanding. */
645 int jffs2_flush_wbuf_gc(struct jffs2_sb_info *c, uint32_t ino)
646 {
647         uint32_t old_wbuf_ofs;
648         uint32_t old_wbuf_len;
649         int ret = 0;
650
651         D1(printk(KERN_DEBUG "jffs2_flush_wbuf_gc() called for ino #%u...\n", ino));
652
653         if (!c->wbuf)
654                 return 0;
655
656         down(&c->alloc_sem);
657         if (!jffs2_wbuf_pending_for_ino(c, ino)) {
658                 D1(printk(KERN_DEBUG "Ino #%d not pending in wbuf. Returning\n", ino));
659                 up(&c->alloc_sem);
660                 return 0;
661         }
662
663         old_wbuf_ofs = c->wbuf_ofs;
664         old_wbuf_len = c->wbuf_len;
665
666         if (c->unchecked_size) {
667                 /* GC won't make any progress for a while */
668                 D1(printk(KERN_DEBUG "jffs2_flush_wbuf_gc() padding. Not finished checking\n"));
669                 down_write(&c->wbuf_sem);
670                 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
671                 /* retry flushing wbuf in case jffs2_wbuf_recover
672                    left some data in the wbuf */
673                 if (ret)
674                         ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
675                 up_write(&c->wbuf_sem);
676         } else while (old_wbuf_len &&
677                       old_wbuf_ofs == c->wbuf_ofs) {
678
679                 up(&c->alloc_sem);
680
681                 D1(printk(KERN_DEBUG "jffs2_flush_wbuf_gc() calls gc pass\n"));
682
683                 ret = jffs2_garbage_collect_pass(c);
684                 if (ret) {
685                         /* GC failed. Flush it with padding instead */
686                         down(&c->alloc_sem);
687                         down_write(&c->wbuf_sem);
688                         ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
689                         /* retry flushing wbuf in case jffs2_wbuf_recover
690                            left some data in the wbuf */
691                         if (ret)
692                                 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
693                         up_write(&c->wbuf_sem);
694                         break;
695                 }
696                 down(&c->alloc_sem);
697         }
698
699         D1(printk(KERN_DEBUG "jffs2_flush_wbuf_gc() ends...\n"));
700
701         up(&c->alloc_sem);
702         return ret;
703 }
704
705 /* Pad write-buffer to end and write it, wasting space. */
706 int jffs2_flush_wbuf_pad(struct jffs2_sb_info *c)
707 {
708         int ret;
709
710         if (!c->wbuf)
711                 return 0;
712
713         down_write(&c->wbuf_sem);
714         ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
715         /* retry - maybe wbuf recover left some data in wbuf. */
716         if (ret)
717                 ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
718         up_write(&c->wbuf_sem);
719
720         return ret;
721 }
722
723 static size_t jffs2_fill_wbuf(struct jffs2_sb_info *c, const uint8_t *buf,
724                               size_t len)
725 {
726         if (len && !c->wbuf_len && (len >= c->wbuf_pagesize))
727                 return 0;
728
729         if (len > (c->wbuf_pagesize - c->wbuf_len))
730                 len = c->wbuf_pagesize - c->wbuf_len;
731         memcpy(c->wbuf + c->wbuf_len, buf, len);
732         c->wbuf_len += (uint32_t) len;
733         return len;
734 }
735
736 int jffs2_flash_writev(struct jffs2_sb_info *c, const struct kvec *invecs,
737                        unsigned long count, loff_t to, size_t *retlen,
738                        uint32_t ino)
739 {
740         struct jffs2_eraseblock *jeb;
741         size_t wbuf_retlen, donelen = 0;
742         uint32_t outvec_to = to;
743         int ret, invec;
744
745         /* If not writebuffered flash, don't bother */
746         if (!jffs2_is_writebuffered(c))
747                 return jffs2_flash_direct_writev(c, invecs, count, to, retlen);
748
749         down_write(&c->wbuf_sem);
750
751         /* If wbuf_ofs is not initialized, set it to target address */
752         if (c->wbuf_ofs == 0xFFFFFFFF) {
753                 c->wbuf_ofs = PAGE_DIV(to);
754                 c->wbuf_len = PAGE_MOD(to);
755                 memset(c->wbuf,0xff,c->wbuf_pagesize);
756         }
757
758         /*
759          * Sanity checks on target address.  It's permitted to write
760          * at PAD(c->wbuf_len+c->wbuf_ofs), and it's permitted to
761          * write at the beginning of a new erase block. Anything else,
762          * and you die.  New block starts at xxx000c (0-b = block
763          * header)
764          */
765         if (SECTOR_ADDR(to) != SECTOR_ADDR(c->wbuf_ofs)) {
766                 /* It's a write to a new block */
767                 if (c->wbuf_len) {
768                         D1(printk(KERN_DEBUG "jffs2_flash_writev() to 0x%lx "
769                                   "causes flush of wbuf at 0x%08x\n",
770                                   (unsigned long)to, c->wbuf_ofs));
771                         ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
772                         if (ret)
773                                 goto outerr;
774                 }
775                 /* set pointer to new block */
776                 c->wbuf_ofs = PAGE_DIV(to);
777                 c->wbuf_len = PAGE_MOD(to);
778         }
779
780         if (to != PAD(c->wbuf_ofs + c->wbuf_len)) {
781                 /* We're not writing immediately after the writebuffer. Bad. */
782                 printk(KERN_CRIT "jffs2_flash_writev(): Non-contiguous write "
783                        "to %08lx\n", (unsigned long)to);
784                 if (c->wbuf_len)
785                         printk(KERN_CRIT "wbuf was previously %08x-%08x\n",
786                                c->wbuf_ofs, c->wbuf_ofs+c->wbuf_len);
787                 BUG();
788         }
789
790         /* adjust alignment offset */
791         if (c->wbuf_len != PAGE_MOD(to)) {
792                 c->wbuf_len = PAGE_MOD(to);
793                 /* take care of alignment to next page */
794                 if (!c->wbuf_len) {
795                         c->wbuf_len = c->wbuf_pagesize;
796                         ret = __jffs2_flush_wbuf(c, NOPAD);
797                         if (ret)
798                                 goto outerr;
799                 }
800         }
801
802         for (invec = 0; invec < count; invec++) {
803                 int vlen = invecs[invec].iov_len;
804                 uint8_t *v = invecs[invec].iov_base;
805
806                 wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
807
808                 if (c->wbuf_len == c->wbuf_pagesize) {
809                         ret = __jffs2_flush_wbuf(c, NOPAD);
810                         if (ret)
811                                 goto outerr;
812                 }
813                 vlen -= wbuf_retlen;
814                 outvec_to += wbuf_retlen;
815                 donelen += wbuf_retlen;
816                 v += wbuf_retlen;
817
818                 if (vlen >= c->wbuf_pagesize) {
819                         ret = c->mtd->write(c->mtd, outvec_to, PAGE_DIV(vlen),
820                                             &wbuf_retlen, v);
821                         if (ret < 0 || wbuf_retlen != PAGE_DIV(vlen))
822                                 goto outfile;
823
824                         vlen -= wbuf_retlen;
825                         outvec_to += wbuf_retlen;
826                         c->wbuf_ofs = outvec_to;
827                         donelen += wbuf_retlen;
828                         v += wbuf_retlen;
829                 }
830
831                 wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
832                 if (c->wbuf_len == c->wbuf_pagesize) {
833                         ret = __jffs2_flush_wbuf(c, NOPAD);
834                         if (ret)
835                                 goto outerr;
836                 }
837
838                 outvec_to += wbuf_retlen;
839                 donelen += wbuf_retlen;
840         }
841
842         /*
843          * If there's a remainder in the wbuf and it's a non-GC write,
844          * remember that the wbuf affects this ino
845          */
846         *retlen = donelen;
847
848         if (jffs2_sum_active()) {
849                 int res = jffs2_sum_add_kvec(c, invecs, count, (uint32_t) to);
850                 if (res)
851                         return res;
852         }
853
854         if (c->wbuf_len && ino)
855                 jffs2_wbuf_dirties_inode(c, ino);
856
857         ret = 0;
858         up_write(&c->wbuf_sem);
859         return ret;
860
861 outfile:
862         /*
863          * At this point we have no problem, c->wbuf is empty. However
864          * refile nextblock to avoid writing again to same address.
865          */
866
867         spin_lock(&c->erase_completion_lock);
868
869         jeb = &c->blocks[outvec_to / c->sector_size];
870         jffs2_block_refile(c, jeb, REFILE_ANYWAY);
871
872         spin_unlock(&c->erase_completion_lock);
873
874 outerr:
875         *retlen = 0;
876         up_write(&c->wbuf_sem);
877         return ret;
878 }
879
880 /*
881  *      This is the entry for flash write.
882  *      Check, if we work on NAND FLASH, if so build an kvec and write it via vritev
883 */
884 int jffs2_flash_write(struct jffs2_sb_info *c, loff_t ofs, size_t len,
885                       size_t *retlen, const u_char *buf)
886 {
887         struct kvec vecs[1];
888
889         if (!jffs2_is_writebuffered(c))
890                 return jffs2_flash_direct_write(c, ofs, len, retlen, buf);
891
892         vecs[0].iov_base = (unsigned char *) buf;
893         vecs[0].iov_len = len;
894         return jffs2_flash_writev(c, vecs, 1, ofs, retlen, 0);
895 }
896
897 /*
898         Handle readback from writebuffer and ECC failure return
899 */
900 int jffs2_flash_read(struct jffs2_sb_info *c, loff_t ofs, size_t len, size_t *retlen, u_char *buf)
901 {
902         loff_t  orbf = 0, owbf = 0, lwbf = 0;
903         int     ret;
904
905         if (!jffs2_is_writebuffered(c))
906                 return c->mtd->read(c->mtd, ofs, len, retlen, buf);
907
908         /* Read flash */
909         down_read(&c->wbuf_sem);
910         ret = c->mtd->read(c->mtd, ofs, len, retlen, buf);
911
912         if ( (ret == -EBADMSG || ret == -EUCLEAN) && (*retlen == len) ) {
913                 if (ret == -EBADMSG)
914                         printk(KERN_WARNING "mtd->read(0x%zx bytes from 0x%llx)"
915                                " returned ECC error\n", len, ofs);
916                 /*
917                  * We have the raw data without ECC correction in the buffer,
918                  * maybe we are lucky and all data or parts are correct. We
919                  * check the node.  If data are corrupted node check will sort
920                  * it out.  We keep this block, it will fail on write or erase
921                  * and the we mark it bad. Or should we do that now? But we
922                  * should give him a chance.  Maybe we had a system crash or
923                  * power loss before the ecc write or a erase was completed.
924                  * So we return success. :)
925                  */
926                 ret = 0;
927         }
928
929         /* if no writebuffer available or write buffer empty, return */
930         if (!c->wbuf_pagesize || !c->wbuf_len)
931                 goto exit;
932
933         /* if we read in a different block, return */
934         if (SECTOR_ADDR(ofs) != SECTOR_ADDR(c->wbuf_ofs))
935                 goto exit;
936
937         if (ofs >= c->wbuf_ofs) {
938                 owbf = (ofs - c->wbuf_ofs);     /* offset in write buffer */
939                 if (owbf > c->wbuf_len)         /* is read beyond write buffer ? */
940                         goto exit;
941                 lwbf = c->wbuf_len - owbf;      /* number of bytes to copy */
942                 if (lwbf > len)
943                         lwbf = len;
944         } else {
945                 orbf = (c->wbuf_ofs - ofs);     /* offset in read buffer */
946                 if (orbf > len)                 /* is write beyond write buffer ? */
947                         goto exit;
948                 lwbf = len - orbf;              /* number of bytes to copy */
949                 if (lwbf > c->wbuf_len)
950                         lwbf = c->wbuf_len;
951         }
952         if (lwbf > 0)
953                 memcpy(buf+orbf,c->wbuf+owbf,lwbf);
954
955 exit:
956         up_read(&c->wbuf_sem);
957         return ret;
958 }
959
960 #define NR_OOB_SCAN_PAGES       4
961
962 /*
963  * Check, if the out of band area is empty
964  */
965 int jffs2_check_oob_empty(struct jffs2_sb_info *c,
966                           struct jffs2_eraseblock *jeb, int mode)
967 {
968         int i, page, ret;
969         int oobsize = c->mtd->oobsize;
970         struct mtd_oob_ops ops;
971
972         ops.len = NR_OOB_SCAN_PAGES * oobsize;
973         ops.ooblen = oobsize;
974         ops.oobbuf = c->oobbuf;
975         ops.ooboffs = 0;
976         ops.datbuf = NULL;
977         ops.mode = MTD_OOB_PLACE;
978
979         ret = c->mtd->read_oob(c->mtd, jeb->offset, &ops);
980         if (ret) {
981                 D1(printk(KERN_WARNING "jffs2_check_oob_empty(): Read OOB "
982                           "failed %d for block at %08x\n", ret, jeb->offset));
983                 return ret;
984         }
985
986         if (ops.retlen < ops.len) {
987                 D1(printk(KERN_WARNING "jffs2_check_oob_empty(): Read OOB "
988                           "returned short read (%zd bytes not %d) for block "
989                           "at %08x\n", ops.retlen, ops.len, jeb->offset));
990                 return -EIO;
991         }
992
993         /* Special check for first page */
994         for(i = 0; i < oobsize ; i++) {
995                 /* Yeah, we know about the cleanmarker. */
996                 if (mode && i >= c->fsdata_pos &&
997                     i < c->fsdata_pos + c->fsdata_len)
998                         continue;
999
1000                 if (ops.oobbuf[i] != 0xFF) {
1001                         D2(printk(KERN_DEBUG "Found %02x at %x in OOB for "
1002                                   "%08x\n", ops.oobbuf[i], i, jeb->offset));
1003                         return 1;
1004                 }
1005         }
1006
1007         /* we know, we are aligned :) */
1008         for (page = oobsize; page < ops.len; page += sizeof(long)) {
1009                 long dat = *(long *)(&ops.oobbuf[page]);
1010                 if(dat != -1)
1011                         return 1;
1012         }
1013         return 0;
1014 }
1015
1016 /*
1017  * Scan for a valid cleanmarker and for bad blocks
1018  */
1019 int jffs2_check_nand_cleanmarker (struct jffs2_sb_info *c,
1020                                   struct jffs2_eraseblock *jeb)
1021 {
1022         struct jffs2_unknown_node n;
1023         struct mtd_oob_ops ops;
1024         int oobsize = c->mtd->oobsize;
1025         unsigned char *p,*b;
1026         int i, ret;
1027         size_t offset = jeb->offset;
1028
1029         /* Check first if the block is bad. */
1030         if (c->mtd->block_isbad(c->mtd, offset)) {
1031                 D1 (printk(KERN_WARNING "jffs2_check_nand_cleanmarker()"
1032                            ": Bad block at %08x\n", jeb->offset));
1033                 return 2;
1034         }
1035
1036         ops.len = oobsize;
1037         ops.ooblen = oobsize;
1038         ops.oobbuf = c->oobbuf;
1039         ops.ooboffs = 0;
1040         ops.datbuf = NULL;
1041         ops.mode = MTD_OOB_PLACE;
1042
1043         ret = c->mtd->read_oob(c->mtd, offset, &ops);
1044         if (ret) {
1045                 D1 (printk(KERN_WARNING "jffs2_check_nand_cleanmarker(): "
1046                            "Read OOB failed %d for block at %08x\n",
1047                            ret, jeb->offset));
1048                 return ret;
1049         }
1050
1051         if (ops.retlen < ops.len) {
1052                 D1 (printk (KERN_WARNING "jffs2_check_nand_cleanmarker(): "
1053                             "Read OOB return short read (%zd bytes not %d) "
1054                             "for block at %08x\n", ops.retlen, ops.len,
1055                             jeb->offset));
1056                 return -EIO;
1057         }
1058
1059         n.magic = cpu_to_je16 (JFFS2_MAGIC_BITMASK);
1060         n.nodetype = cpu_to_je16 (JFFS2_NODETYPE_CLEANMARKER);
1061         n.totlen = cpu_to_je32 (8);
1062         p = (unsigned char *) &n;
1063         b = c->oobbuf + c->fsdata_pos;
1064
1065         for (i = c->fsdata_len; i; i--) {
1066                 if (*b++ != *p++)
1067                         ret = 1;
1068         }
1069
1070         D1(if (ret == 1) {
1071                 printk(KERN_WARNING "jffs2_check_nand_cleanmarker(): "
1072                        "Cleanmarker node not detected in block at %08x\n",
1073                        offset);
1074                 printk(KERN_WARNING "OOB at %08zx was ", offset);
1075                 for (i=0; i < oobsize; i++)
1076                         printk("%02x ", c->oobbuf[i]);
1077                 printk("\n");
1078         });
1079         return ret;
1080 }
1081
1082 int jffs2_write_nand_cleanmarker(struct jffs2_sb_info *c,
1083                                  struct jffs2_eraseblock *jeb)
1084 {
1085         struct jffs2_unknown_node n;
1086         int     ret;
1087         struct mtd_oob_ops ops;
1088
1089         n.magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
1090         n.nodetype = cpu_to_je16(JFFS2_NODETYPE_CLEANMARKER);
1091         n.totlen = cpu_to_je32(8);
1092
1093         ops.len = c->fsdata_len;
1094         ops.ooblen = c->fsdata_len;;
1095         ops.oobbuf = (uint8_t *)&n;
1096         ops.ooboffs = c->fsdata_pos;
1097         ops.datbuf = NULL;
1098         ops.mode = MTD_OOB_PLACE;
1099
1100         ret = c->mtd->write_oob(c->mtd, jeb->offset, &ops);
1101
1102         if (ret) {
1103                 D1(printk(KERN_WARNING "jffs2_write_nand_cleanmarker(): "
1104                           "Write failed for block at %08x: error %d\n",
1105                           jeb->offset, ret));
1106                 return ret;
1107         }
1108         if (ops.retlen != ops.len) {
1109                 D1(printk(KERN_WARNING "jffs2_write_nand_cleanmarker(): "
1110                           "Short write for block at %08x: %zd not %d\n",
1111                           jeb->offset, ops.retlen, ops.len));
1112                 return -EIO;
1113         }
1114         return 0;
1115 }
1116
1117 /*
1118  * On NAND we try to mark this block bad. If the block was erased more
1119  * than MAX_ERASE_FAILURES we mark it finaly bad.
1120  * Don't care about failures. This block remains on the erase-pending
1121  * or badblock list as long as nobody manipulates the flash with
1122  * a bootloader or something like that.
1123  */
1124
1125 int jffs2_write_nand_badblock(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, uint32_t bad_offset)
1126 {
1127         int     ret;
1128
1129         /* if the count is < max, we try to write the counter to the 2nd page oob area */
1130         if( ++jeb->bad_count < MAX_ERASE_FAILURES)
1131                 return 0;
1132
1133         if (!c->mtd->block_markbad)
1134                 return 1; // What else can we do?
1135
1136         D1(printk(KERN_WARNING "jffs2_write_nand_badblock(): Marking bad block at %08x\n", bad_offset));
1137         ret = c->mtd->block_markbad(c->mtd, bad_offset);
1138
1139         if (ret) {
1140                 D1(printk(KERN_WARNING "jffs2_write_nand_badblock(): Write failed for block at %08x: error %d\n", jeb->offset, ret));
1141                 return ret;
1142         }
1143         return 1;
1144 }
1145
1146 static int jffs2_nand_set_oobinfo(struct jffs2_sb_info *c)
1147 {
1148         struct nand_ecclayout *oinfo = c->mtd->ecclayout;
1149
1150         /* Do this only, if we have an oob buffer */
1151         if (!c->mtd->oobsize)
1152                 return 0;
1153
1154         /* Cleanmarker is out-of-band, so inline size zero */
1155         c->cleanmarker_size = 0;
1156
1157         /* Should we use autoplacement ? */
1158         if (!oinfo) {
1159                 D1(printk(KERN_DEBUG "JFFS2 on NAND. No autoplacment info found\n"));
1160                 return -EINVAL;
1161         }
1162
1163         D1(printk(KERN_DEBUG "JFFS2 using autoplace on NAND\n"));
1164         /* Get the position of the free bytes */
1165         if (!oinfo->oobfree[0].length) {
1166                 printk (KERN_WARNING "jffs2_nand_set_oobinfo(): Eeep."
1167                         " Autoplacement selected and no empty space in oob\n");
1168                 return -ENOSPC;
1169         }
1170         c->fsdata_pos = oinfo->oobfree[0].offset;
1171         c->fsdata_len = oinfo->oobfree[0].length;
1172         if (c->fsdata_len > 8)
1173                 c->fsdata_len = 8;
1174
1175         return 0;
1176 }
1177
1178 int jffs2_nand_flash_setup(struct jffs2_sb_info *c)
1179 {
1180         int res;
1181
1182         /* Initialise write buffer */
1183         init_rwsem(&c->wbuf_sem);
1184         c->wbuf_pagesize = c->mtd->writesize;
1185         c->wbuf_ofs = 0xFFFFFFFF;
1186
1187         c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1188         if (!c->wbuf)
1189                 return -ENOMEM;
1190
1191         c->oobbuf = kmalloc(NR_OOB_SCAN_PAGES * c->mtd->oobsize, GFP_KERNEL);
1192         if (!c->oobbuf)
1193                 return -ENOMEM;
1194
1195         res = jffs2_nand_set_oobinfo(c);
1196
1197 #ifdef BREAKME
1198         if (!brokenbuf)
1199                 brokenbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1200         if (!brokenbuf) {
1201                 kfree(c->wbuf);
1202                 return -ENOMEM;
1203         }
1204         memset(brokenbuf, 0xdb, c->wbuf_pagesize);
1205 #endif
1206         return res;
1207 }
1208
1209 void jffs2_nand_flash_cleanup(struct jffs2_sb_info *c)
1210 {
1211         kfree(c->wbuf);
1212         kfree(c->oobbuf);
1213 }
1214
1215 int jffs2_dataflash_setup(struct jffs2_sb_info *c) {
1216         c->cleanmarker_size = 0;                /* No cleanmarkers needed */
1217
1218         /* Initialize write buffer */
1219         init_rwsem(&c->wbuf_sem);
1220
1221
1222         c->wbuf_pagesize =  c->mtd->erasesize;
1223
1224         /* Find a suitable c->sector_size
1225          * - Not too much sectors
1226          * - Sectors have to be at least 4 K + some bytes
1227          * - All known dataflashes have erase sizes of 528 or 1056
1228          * - we take at least 8 eraseblocks and want to have at least 8K size
1229          * - The concatenation should be a power of 2
1230         */
1231
1232         c->sector_size = 8 * c->mtd->erasesize;
1233
1234         while (c->sector_size < 8192) {
1235                 c->sector_size *= 2;
1236         }
1237
1238         /* It may be necessary to adjust the flash size */
1239         c->flash_size = c->mtd->size;
1240
1241         if ((c->flash_size % c->sector_size) != 0) {
1242                 c->flash_size = (c->flash_size / c->sector_size) * c->sector_size;
1243                 printk(KERN_WARNING "JFFS2 flash size adjusted to %dKiB\n", c->flash_size);
1244         };
1245
1246         c->wbuf_ofs = 0xFFFFFFFF;
1247         c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1248         if (!c->wbuf)
1249                 return -ENOMEM;
1250
1251         printk(KERN_INFO "JFFS2 write-buffering enabled buffer (%d) erasesize (%d)\n", c->wbuf_pagesize, c->sector_size);
1252
1253         return 0;
1254 }
1255
1256 void jffs2_dataflash_cleanup(struct jffs2_sb_info *c) {
1257         kfree(c->wbuf);
1258 }
1259
1260 int jffs2_nor_wbuf_flash_setup(struct jffs2_sb_info *c) {
1261         /* Cleanmarker currently occupies whole programming regions,
1262          * either one or 2 for 8Byte STMicro flashes. */
1263         c->cleanmarker_size = max(16u, c->mtd->writesize);
1264
1265         /* Initialize write buffer */
1266         init_rwsem(&c->wbuf_sem);
1267         c->wbuf_pagesize = c->mtd->writesize;
1268         c->wbuf_ofs = 0xFFFFFFFF;
1269
1270         c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1271         if (!c->wbuf)
1272                 return -ENOMEM;
1273
1274         return 0;
1275 }
1276
1277 void jffs2_nor_wbuf_flash_cleanup(struct jffs2_sb_info *c) {
1278         kfree(c->wbuf);
1279 }