Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394...
[linux-2.6] / drivers / mtd / ubi / scan.c
1 /*
2  * Copyright (c) International Business Machines Corp., 2006
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
12  * the GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17  *
18  * Author: Artem Bityutskiy (Битюцкий Артём)
19  */
20
21 /*
22  * UBI scanning sub-system.
23  *
24  * This sub-system is responsible for scanning the flash media, checking UBI
25  * headers and providing complete information about the UBI flash image.
26  *
27  * The scanning information is represented by a &struct ubi_scan_info' object.
28  * Information about found volumes is represented by &struct ubi_scan_volume
29  * objects which are kept in volume RB-tree with root at the @volumes field.
30  * The RB-tree is indexed by the volume ID.
31  *
32  * Found logical eraseblocks are represented by &struct ubi_scan_leb objects.
33  * These objects are kept in per-volume RB-trees with the root at the
34  * corresponding &struct ubi_scan_volume object. To put it differently, we keep
35  * an RB-tree of per-volume objects and each of these objects is the root of
36  * RB-tree of per-eraseblock objects.
37  *
38  * Corrupted physical eraseblocks are put to the @corr list, free physical
39  * eraseblocks are put to the @free list and the physical eraseblock to be
40  * erased are put to the @erase list.
41  */
42
43 #include <linux/err.h>
44 #include <linux/crc32.h>
45 #include <asm/div64.h>
46 #include "ubi.h"
47
48 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
49 static int paranoid_check_si(struct ubi_device *ubi, struct ubi_scan_info *si);
50 #else
51 #define paranoid_check_si(ubi, si) 0
52 #endif
53
54 /* Temporary variables used during scanning */
55 static struct ubi_ec_hdr *ech;
56 static struct ubi_vid_hdr *vidh;
57
58 /**
59  * add_to_list - add physical eraseblock to a list.
60  * @si: scanning information
61  * @pnum: physical eraseblock number to add
62  * @ec: erase counter of the physical eraseblock
63  * @list: the list to add to
64  *
65  * This function adds physical eraseblock @pnum to free, erase, corrupted or
66  * alien lists. Returns zero in case of success and a negative error code in
67  * case of failure.
68  */
69 static int add_to_list(struct ubi_scan_info *si, int pnum, int ec,
70                        struct list_head *list)
71 {
72         struct ubi_scan_leb *seb;
73
74         if (list == &si->free)
75                 dbg_bld("add to free: PEB %d, EC %d", pnum, ec);
76         else if (list == &si->erase)
77                 dbg_bld("add to erase: PEB %d, EC %d", pnum, ec);
78         else if (list == &si->corr)
79                 dbg_bld("add to corrupted: PEB %d, EC %d", pnum, ec);
80         else if (list == &si->alien)
81                 dbg_bld("add to alien: PEB %d, EC %d", pnum, ec);
82         else
83                 BUG();
84
85         seb = kmalloc(sizeof(struct ubi_scan_leb), GFP_KERNEL);
86         if (!seb)
87                 return -ENOMEM;
88
89         seb->pnum = pnum;
90         seb->ec = ec;
91         list_add_tail(&seb->u.list, list);
92         return 0;
93 }
94
95 /**
96  * validate_vid_hdr - check volume identifier header.
97  * @vid_hdr: the volume identifier header to check
98  * @sv: information about the volume this logical eraseblock belongs to
99  * @pnum: physical eraseblock number the VID header came from
100  *
101  * This function checks that data stored in @vid_hdr is consistent. Returns
102  * non-zero if an inconsistency was found and zero if not.
103  *
104  * Note, UBI does sanity check of everything it reads from the flash media.
105  * Most of the checks are done in the I/O sub-system. Here we check that the
106  * information in the VID header is consistent to the information in other VID
107  * headers of the same volume.
108  */
109 static int validate_vid_hdr(const struct ubi_vid_hdr *vid_hdr,
110                             const struct ubi_scan_volume *sv, int pnum)
111 {
112         int vol_type = vid_hdr->vol_type;
113         int vol_id = be32_to_cpu(vid_hdr->vol_id);
114         int used_ebs = be32_to_cpu(vid_hdr->used_ebs);
115         int data_pad = be32_to_cpu(vid_hdr->data_pad);
116
117         if (sv->leb_count != 0) {
118                 int sv_vol_type;
119
120                 /*
121                  * This is not the first logical eraseblock belonging to this
122                  * volume. Ensure that the data in its VID header is consistent
123                  * to the data in previous logical eraseblock headers.
124                  */
125
126                 if (vol_id != sv->vol_id) {
127                         dbg_err("inconsistent vol_id");
128                         goto bad;
129                 }
130
131                 if (sv->vol_type == UBI_STATIC_VOLUME)
132                         sv_vol_type = UBI_VID_STATIC;
133                 else
134                         sv_vol_type = UBI_VID_DYNAMIC;
135
136                 if (vol_type != sv_vol_type) {
137                         dbg_err("inconsistent vol_type");
138                         goto bad;
139                 }
140
141                 if (used_ebs != sv->used_ebs) {
142                         dbg_err("inconsistent used_ebs");
143                         goto bad;
144                 }
145
146                 if (data_pad != sv->data_pad) {
147                         dbg_err("inconsistent data_pad");
148                         goto bad;
149                 }
150         }
151
152         return 0;
153
154 bad:
155         ubi_err("inconsistent VID header at PEB %d", pnum);
156         ubi_dbg_dump_vid_hdr(vid_hdr);
157         ubi_dbg_dump_sv(sv);
158         return -EINVAL;
159 }
160
161 /**
162  * add_volume - add volume to the scanning information.
163  * @si: scanning information
164  * @vol_id: ID of the volume to add
165  * @pnum: physical eraseblock number
166  * @vid_hdr: volume identifier header
167  *
168  * If the volume corresponding to the @vid_hdr logical eraseblock is already
169  * present in the scanning information, this function does nothing. Otherwise
170  * it adds corresponding volume to the scanning information. Returns a pointer
171  * to the scanning volume object in case of success and a negative error code
172  * in case of failure.
173  */
174 static struct ubi_scan_volume *add_volume(struct ubi_scan_info *si, int vol_id,
175                                           int pnum,
176                                           const struct ubi_vid_hdr *vid_hdr)
177 {
178         struct ubi_scan_volume *sv;
179         struct rb_node **p = &si->volumes.rb_node, *parent = NULL;
180
181         ubi_assert(vol_id == be32_to_cpu(vid_hdr->vol_id));
182
183         /* Walk the volume RB-tree to look if this volume is already present */
184         while (*p) {
185                 parent = *p;
186                 sv = rb_entry(parent, struct ubi_scan_volume, rb);
187
188                 if (vol_id == sv->vol_id)
189                         return sv;
190
191                 if (vol_id > sv->vol_id)
192                         p = &(*p)->rb_left;
193                 else
194                         p = &(*p)->rb_right;
195         }
196
197         /* The volume is absent - add it */
198         sv = kmalloc(sizeof(struct ubi_scan_volume), GFP_KERNEL);
199         if (!sv)
200                 return ERR_PTR(-ENOMEM);
201
202         sv->highest_lnum = sv->leb_count = 0;
203         sv->vol_id = vol_id;
204         sv->root = RB_ROOT;
205         sv->used_ebs = be32_to_cpu(vid_hdr->used_ebs);
206         sv->data_pad = be32_to_cpu(vid_hdr->data_pad);
207         sv->compat = vid_hdr->compat;
208         sv->vol_type = vid_hdr->vol_type == UBI_VID_DYNAMIC ? UBI_DYNAMIC_VOLUME
209                                                             : UBI_STATIC_VOLUME;
210         if (vol_id > si->highest_vol_id)
211                 si->highest_vol_id = vol_id;
212
213         rb_link_node(&sv->rb, parent, p);
214         rb_insert_color(&sv->rb, &si->volumes);
215         si->vols_found += 1;
216         dbg_bld("added volume %d", vol_id);
217         return sv;
218 }
219
220 /**
221  * compare_lebs - find out which logical eraseblock is newer.
222  * @ubi: UBI device description object
223  * @seb: first logical eraseblock to compare
224  * @pnum: physical eraseblock number of the second logical eraseblock to
225  * compare
226  * @vid_hdr: volume identifier header of the second logical eraseblock
227  *
228  * This function compares 2 copies of a LEB and informs which one is newer. In
229  * case of success this function returns a positive value, in case of failure, a
230  * negative error code is returned. The success return codes use the following
231  * bits:
232  *     o bit 0 is cleared: the first PEB (described by @seb) is newer then the
233  *       second PEB (described by @pnum and @vid_hdr);
234  *     o bit 0 is set: the second PEB is newer;
235  *     o bit 1 is cleared: no bit-flips were detected in the newer LEB;
236  *     o bit 1 is set: bit-flips were detected in the newer LEB;
237  *     o bit 2 is cleared: the older LEB is not corrupted;
238  *     o bit 2 is set: the older LEB is corrupted.
239  */
240 static int compare_lebs(struct ubi_device *ubi, const struct ubi_scan_leb *seb,
241                         int pnum, const struct ubi_vid_hdr *vid_hdr)
242 {
243         void *buf;
244         int len, err, second_is_newer, bitflips = 0, corrupted = 0;
245         uint32_t data_crc, crc;
246         struct ubi_vid_hdr *vh = NULL;
247         unsigned long long sqnum2 = be64_to_cpu(vid_hdr->sqnum);
248
249         if (sqnum2 == seb->sqnum) {
250                 /*
251                  * This must be a really ancient UBI image which has been
252                  * created before sequence numbers support has been added. At
253                  * that times we used 32-bit LEB versions stored in logical
254                  * eraseblocks. That was before UBI got into mainline. We do not
255                  * support these images anymore. Well, those images will work
256                  * still work, but only if no unclean reboots happened.
257                  */
258                 ubi_err("unsupported on-flash UBI format\n");
259                 return -EINVAL;
260         }
261
262         /* Obviously the LEB with lower sequence counter is older */
263         second_is_newer = !!(sqnum2 > seb->sqnum);
264
265         /*
266          * Now we know which copy is newer. If the copy flag of the PEB with
267          * newer version is not set, then we just return, otherwise we have to
268          * check data CRC. For the second PEB we already have the VID header,
269          * for the first one - we'll need to re-read it from flash.
270          *
271          * Note: this may be optimized so that we wouldn't read twice.
272          */
273
274         if (second_is_newer) {
275                 if (!vid_hdr->copy_flag) {
276                         /* It is not a copy, so it is newer */
277                         dbg_bld("second PEB %d is newer, copy_flag is unset",
278                                 pnum);
279                         return 1;
280                 }
281         } else {
282                 pnum = seb->pnum;
283
284                 vh = ubi_zalloc_vid_hdr(ubi, GFP_KERNEL);
285                 if (!vh)
286                         return -ENOMEM;
287
288                 err = ubi_io_read_vid_hdr(ubi, pnum, vh, 0);
289                 if (err) {
290                         if (err == UBI_IO_BITFLIPS)
291                                 bitflips = 1;
292                         else {
293                                 dbg_err("VID of PEB %d header is bad, but it "
294                                         "was OK earlier", pnum);
295                                 if (err > 0)
296                                         err = -EIO;
297
298                                 goto out_free_vidh;
299                         }
300                 }
301
302                 if (!vh->copy_flag) {
303                         /* It is not a copy, so it is newer */
304                         dbg_bld("first PEB %d is newer, copy_flag is unset",
305                                 pnum);
306                         err = bitflips << 1;
307                         goto out_free_vidh;
308                 }
309
310                 vid_hdr = vh;
311         }
312
313         /* Read the data of the copy and check the CRC */
314
315         len = be32_to_cpu(vid_hdr->data_size);
316         buf = vmalloc(len);
317         if (!buf) {
318                 err = -ENOMEM;
319                 goto out_free_vidh;
320         }
321
322         err = ubi_io_read_data(ubi, buf, pnum, 0, len);
323         if (err && err != UBI_IO_BITFLIPS)
324                 goto out_free_buf;
325
326         data_crc = be32_to_cpu(vid_hdr->data_crc);
327         crc = crc32(UBI_CRC32_INIT, buf, len);
328         if (crc != data_crc) {
329                 dbg_bld("PEB %d CRC error: calculated %#08x, must be %#08x",
330                         pnum, crc, data_crc);
331                 corrupted = 1;
332                 bitflips = 0;
333                 second_is_newer = !second_is_newer;
334         } else {
335                 dbg_bld("PEB %d CRC is OK", pnum);
336                 bitflips = !!err;
337         }
338
339         vfree(buf);
340         ubi_free_vid_hdr(ubi, vh);
341
342         if (second_is_newer)
343                 dbg_bld("second PEB %d is newer, copy_flag is set", pnum);
344         else
345                 dbg_bld("first PEB %d is newer, copy_flag is set", pnum);
346
347         return second_is_newer | (bitflips << 1) | (corrupted << 2);
348
349 out_free_buf:
350         vfree(buf);
351 out_free_vidh:
352         ubi_free_vid_hdr(ubi, vh);
353         return err;
354 }
355
356 /**
357  * ubi_scan_add_used - add physical eraseblock to the scanning information.
358  * @ubi: UBI device description object
359  * @si: scanning information
360  * @pnum: the physical eraseblock number
361  * @ec: erase counter
362  * @vid_hdr: the volume identifier header
363  * @bitflips: if bit-flips were detected when this physical eraseblock was read
364  *
365  * This function adds information about a used physical eraseblock to the
366  * 'used' tree of the corresponding volume. The function is rather complex
367  * because it has to handle cases when this is not the first physical
368  * eraseblock belonging to the same logical eraseblock, and the newer one has
369  * to be picked, while the older one has to be dropped. This function returns
370  * zero in case of success and a negative error code in case of failure.
371  */
372 int ubi_scan_add_used(struct ubi_device *ubi, struct ubi_scan_info *si,
373                       int pnum, int ec, const struct ubi_vid_hdr *vid_hdr,
374                       int bitflips)
375 {
376         int err, vol_id, lnum;
377         unsigned long long sqnum;
378         struct ubi_scan_volume *sv;
379         struct ubi_scan_leb *seb;
380         struct rb_node **p, *parent = NULL;
381
382         vol_id = be32_to_cpu(vid_hdr->vol_id);
383         lnum = be32_to_cpu(vid_hdr->lnum);
384         sqnum = be64_to_cpu(vid_hdr->sqnum);
385
386         dbg_bld("PEB %d, LEB %d:%d, EC %d, sqnum %llu, bitflips %d",
387                 pnum, vol_id, lnum, ec, sqnum, bitflips);
388
389         sv = add_volume(si, vol_id, pnum, vid_hdr);
390         if (IS_ERR(sv) < 0)
391                 return PTR_ERR(sv);
392
393         if (si->max_sqnum < sqnum)
394                 si->max_sqnum = sqnum;
395
396         /*
397          * Walk the RB-tree of logical eraseblocks of volume @vol_id to look
398          * if this is the first instance of this logical eraseblock or not.
399          */
400         p = &sv->root.rb_node;
401         while (*p) {
402                 int cmp_res;
403
404                 parent = *p;
405                 seb = rb_entry(parent, struct ubi_scan_leb, u.rb);
406                 if (lnum != seb->lnum) {
407                         if (lnum < seb->lnum)
408                                 p = &(*p)->rb_left;
409                         else
410                                 p = &(*p)->rb_right;
411                         continue;
412                 }
413
414                 /*
415                  * There is already a physical eraseblock describing the same
416                  * logical eraseblock present.
417                  */
418
419                 dbg_bld("this LEB already exists: PEB %d, sqnum %llu, "
420                         "EC %d", seb->pnum, seb->sqnum, seb->ec);
421
422                 /*
423                  * Make sure that the logical eraseblocks have different
424                  * sequence numbers. Otherwise the image is bad.
425                  *
426                  * However, if the sequence number is zero, we assume it must
427                  * be an ancient UBI image from the era when UBI did not have
428                  * sequence numbers. We still can attach these images, unless
429                  * there is a need to distinguish between old and new
430                  * eraseblocks, in which case we'll refuse the image in
431                  * 'compare_lebs()'. In other words, we attach old clean
432                  * images, but refuse attaching old images with duplicated
433                  * logical eraseblocks because there was an unclean reboot.
434                  */
435                 if (seb->sqnum == sqnum && sqnum != 0) {
436                         ubi_err("two LEBs with same sequence number %llu",
437                                 sqnum);
438                         ubi_dbg_dump_seb(seb, 0);
439                         ubi_dbg_dump_vid_hdr(vid_hdr);
440                         return -EINVAL;
441                 }
442
443                 /*
444                  * Now we have to drop the older one and preserve the newer
445                  * one.
446                  */
447                 cmp_res = compare_lebs(ubi, seb, pnum, vid_hdr);
448                 if (cmp_res < 0)
449                         return cmp_res;
450
451                 if (cmp_res & 1) {
452                         /*
453                          * This logical eraseblock is newer then the one
454                          * found earlier.
455                          */
456                         err = validate_vid_hdr(vid_hdr, sv, pnum);
457                         if (err)
458                                 return err;
459
460                         if (cmp_res & 4)
461                                 err = add_to_list(si, seb->pnum, seb->ec,
462                                                   &si->corr);
463                         else
464                                 err = add_to_list(si, seb->pnum, seb->ec,
465                                                   &si->erase);
466                         if (err)
467                                 return err;
468
469                         seb->ec = ec;
470                         seb->pnum = pnum;
471                         seb->scrub = ((cmp_res & 2) || bitflips);
472                         seb->sqnum = sqnum;
473
474                         if (sv->highest_lnum == lnum)
475                                 sv->last_data_size =
476                                         be32_to_cpu(vid_hdr->data_size);
477
478                         return 0;
479                 } else {
480                         /*
481                          * This logical eraseblock is older then the one found
482                          * previously.
483                          */
484                         if (cmp_res & 4)
485                                 return add_to_list(si, pnum, ec, &si->corr);
486                         else
487                                 return add_to_list(si, pnum, ec, &si->erase);
488                 }
489         }
490
491         /*
492          * We've met this logical eraseblock for the first time, add it to the
493          * scanning information.
494          */
495
496         err = validate_vid_hdr(vid_hdr, sv, pnum);
497         if (err)
498                 return err;
499
500         seb = kmalloc(sizeof(struct ubi_scan_leb), GFP_KERNEL);
501         if (!seb)
502                 return -ENOMEM;
503
504         seb->ec = ec;
505         seb->pnum = pnum;
506         seb->lnum = lnum;
507         seb->sqnum = sqnum;
508         seb->scrub = bitflips;
509
510         if (sv->highest_lnum <= lnum) {
511                 sv->highest_lnum = lnum;
512                 sv->last_data_size = be32_to_cpu(vid_hdr->data_size);
513         }
514
515         sv->leb_count += 1;
516         rb_link_node(&seb->u.rb, parent, p);
517         rb_insert_color(&seb->u.rb, &sv->root);
518         return 0;
519 }
520
521 /**
522  * ubi_scan_find_sv - find volume in the scanning information.
523  * @si: scanning information
524  * @vol_id: the requested volume ID
525  *
526  * This function returns a pointer to the volume description or %NULL if there
527  * are no data about this volume in the scanning information.
528  */
529 struct ubi_scan_volume *ubi_scan_find_sv(const struct ubi_scan_info *si,
530                                          int vol_id)
531 {
532         struct ubi_scan_volume *sv;
533         struct rb_node *p = si->volumes.rb_node;
534
535         while (p) {
536                 sv = rb_entry(p, struct ubi_scan_volume, rb);
537
538                 if (vol_id == sv->vol_id)
539                         return sv;
540
541                 if (vol_id > sv->vol_id)
542                         p = p->rb_left;
543                 else
544                         p = p->rb_right;
545         }
546
547         return NULL;
548 }
549
550 /**
551  * ubi_scan_find_seb - find LEB in the volume scanning information.
552  * @sv: a pointer to the volume scanning information
553  * @lnum: the requested logical eraseblock
554  *
555  * This function returns a pointer to the scanning logical eraseblock or %NULL
556  * if there are no data about it in the scanning volume information.
557  */
558 struct ubi_scan_leb *ubi_scan_find_seb(const struct ubi_scan_volume *sv,
559                                        int lnum)
560 {
561         struct ubi_scan_leb *seb;
562         struct rb_node *p = sv->root.rb_node;
563
564         while (p) {
565                 seb = rb_entry(p, struct ubi_scan_leb, u.rb);
566
567                 if (lnum == seb->lnum)
568                         return seb;
569
570                 if (lnum > seb->lnum)
571                         p = p->rb_left;
572                 else
573                         p = p->rb_right;
574         }
575
576         return NULL;
577 }
578
579 /**
580  * ubi_scan_rm_volume - delete scanning information about a volume.
581  * @si: scanning information
582  * @sv: the volume scanning information to delete
583  */
584 void ubi_scan_rm_volume(struct ubi_scan_info *si, struct ubi_scan_volume *sv)
585 {
586         struct rb_node *rb;
587         struct ubi_scan_leb *seb;
588
589         dbg_bld("remove scanning information about volume %d", sv->vol_id);
590
591         while ((rb = rb_first(&sv->root))) {
592                 seb = rb_entry(rb, struct ubi_scan_leb, u.rb);
593                 rb_erase(&seb->u.rb, &sv->root);
594                 list_add_tail(&seb->u.list, &si->erase);
595         }
596
597         rb_erase(&sv->rb, &si->volumes);
598         kfree(sv);
599         si->vols_found -= 1;
600 }
601
602 /**
603  * ubi_scan_erase_peb - erase a physical eraseblock.
604  * @ubi: UBI device description object
605  * @si: scanning information
606  * @pnum: physical eraseblock number to erase;
607  * @ec: erase counter value to write (%UBI_SCAN_UNKNOWN_EC if it is unknown)
608  *
609  * This function erases physical eraseblock 'pnum', and writes the erase
610  * counter header to it. This function should only be used on UBI device
611  * initialization stages, when the EBA sub-system had not been yet initialized.
612  * This function returns zero in case of success and a negative error code in
613  * case of failure.
614  */
615 int ubi_scan_erase_peb(struct ubi_device *ubi, const struct ubi_scan_info *si,
616                        int pnum, int ec)
617 {
618         int err;
619         struct ubi_ec_hdr *ec_hdr;
620
621         if ((long long)ec >= UBI_MAX_ERASECOUNTER) {
622                 /*
623                  * Erase counter overflow. Upgrade UBI and use 64-bit
624                  * erase counters internally.
625                  */
626                 ubi_err("erase counter overflow at PEB %d, EC %d", pnum, ec);
627                 return -EINVAL;
628         }
629
630         ec_hdr = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
631         if (!ec_hdr)
632                 return -ENOMEM;
633
634         ec_hdr->ec = cpu_to_be64(ec);
635
636         err = ubi_io_sync_erase(ubi, pnum, 0);
637         if (err < 0)
638                 goto out_free;
639
640         err = ubi_io_write_ec_hdr(ubi, pnum, ec_hdr);
641
642 out_free:
643         kfree(ec_hdr);
644         return err;
645 }
646
647 /**
648  * ubi_scan_get_free_peb - get a free physical eraseblock.
649  * @ubi: UBI device description object
650  * @si: scanning information
651  *
652  * This function returns a free physical eraseblock. It is supposed to be
653  * called on the UBI initialization stages when the wear-leveling sub-system is
654  * not initialized yet. This function picks a physical eraseblocks from one of
655  * the lists, writes the EC header if it is needed, and removes it from the
656  * list.
657  *
658  * This function returns scanning physical eraseblock information in case of
659  * success and an error code in case of failure.
660  */
661 struct ubi_scan_leb *ubi_scan_get_free_peb(struct ubi_device *ubi,
662                                            struct ubi_scan_info *si)
663 {
664         int err = 0, i;
665         struct ubi_scan_leb *seb;
666
667         if (!list_empty(&si->free)) {
668                 seb = list_entry(si->free.next, struct ubi_scan_leb, u.list);
669                 list_del(&seb->u.list);
670                 dbg_bld("return free PEB %d, EC %d", seb->pnum, seb->ec);
671                 return seb;
672         }
673
674         for (i = 0; i < 2; i++) {
675                 struct list_head *head;
676                 struct ubi_scan_leb *tmp_seb;
677
678                 if (i == 0)
679                         head = &si->erase;
680                 else
681                         head = &si->corr;
682
683                 /*
684                  * We try to erase the first physical eraseblock from the @head
685                  * list and pick it if we succeed, or try to erase the
686                  * next one if not. And so forth. We don't want to take care
687                  * about bad eraseblocks here - they'll be handled later.
688                  */
689                 list_for_each_entry_safe(seb, tmp_seb, head, u.list) {
690                         if (seb->ec == UBI_SCAN_UNKNOWN_EC)
691                                 seb->ec = si->mean_ec;
692
693                         err = ubi_scan_erase_peb(ubi, si, seb->pnum, seb->ec+1);
694                         if (err)
695                                 continue;
696
697                         seb->ec += 1;
698                         list_del(&seb->u.list);
699                         dbg_bld("return PEB %d, EC %d", seb->pnum, seb->ec);
700                         return seb;
701                 }
702         }
703
704         ubi_err("no eraseblocks found");
705         return ERR_PTR(-ENOSPC);
706 }
707
708 /**
709  * process_eb - read, check UBI headers, and add them to scanning information.
710  * @ubi: UBI device description object
711  * @si: scanning information
712  * @pnum: the physical eraseblock number
713  *
714  * This function returns a zero if the physical eraseblock was successfully
715  * handled and a negative error code in case of failure.
716  */
717 static int process_eb(struct ubi_device *ubi, struct ubi_scan_info *si,
718                       int pnum)
719 {
720         long long uninitialized_var(ec);
721         int err, bitflips = 0, vol_id, ec_corr = 0;
722
723         dbg_bld("scan PEB %d", pnum);
724
725         /* Skip bad physical eraseblocks */
726         err = ubi_io_is_bad(ubi, pnum);
727         if (err < 0)
728                 return err;
729         else if (err) {
730                 /*
731                  * FIXME: this is actually duty of the I/O sub-system to
732                  * initialize this, but MTD does not provide enough
733                  * information.
734                  */
735                 si->bad_peb_count += 1;
736                 return 0;
737         }
738
739         err = ubi_io_read_ec_hdr(ubi, pnum, ech, 0);
740         if (err < 0)
741                 return err;
742         else if (err == UBI_IO_BITFLIPS)
743                 bitflips = 1;
744         else if (err == UBI_IO_PEB_EMPTY)
745                 return add_to_list(si, pnum, UBI_SCAN_UNKNOWN_EC, &si->erase);
746         else if (err == UBI_IO_BAD_EC_HDR) {
747                 /*
748                  * We have to also look at the VID header, possibly it is not
749                  * corrupted. Set %bitflips flag in order to make this PEB be
750                  * moved and EC be re-created.
751                  */
752                 ec_corr = 1;
753                 ec = UBI_SCAN_UNKNOWN_EC;
754                 bitflips = 1;
755         }
756
757         si->is_empty = 0;
758
759         if (!ec_corr) {
760                 /* Make sure UBI version is OK */
761                 if (ech->version != UBI_VERSION) {
762                         ubi_err("this UBI version is %d, image version is %d",
763                                 UBI_VERSION, (int)ech->version);
764                         return -EINVAL;
765                 }
766
767                 ec = be64_to_cpu(ech->ec);
768                 if (ec > UBI_MAX_ERASECOUNTER) {
769                         /*
770                          * Erase counter overflow. The EC headers have 64 bits
771                          * reserved, but we anyway make use of only 31 bit
772                          * values, as this seems to be enough for any existing
773                          * flash. Upgrade UBI and use 64-bit erase counters
774                          * internally.
775                          */
776                         ubi_err("erase counter overflow, max is %d",
777                                 UBI_MAX_ERASECOUNTER);
778                         ubi_dbg_dump_ec_hdr(ech);
779                         return -EINVAL;
780                 }
781         }
782
783         /* OK, we've done with the EC header, let's look at the VID header */
784
785         err = ubi_io_read_vid_hdr(ubi, pnum, vidh, 0);
786         if (err < 0)
787                 return err;
788         else if (err == UBI_IO_BITFLIPS)
789                 bitflips = 1;
790         else if (err == UBI_IO_BAD_VID_HDR ||
791                  (err == UBI_IO_PEB_FREE && ec_corr)) {
792                 /* VID header is corrupted */
793                 err = add_to_list(si, pnum, ec, &si->corr);
794                 if (err)
795                         return err;
796                 goto adjust_mean_ec;
797         } else if (err == UBI_IO_PEB_FREE) {
798                 /* No VID header - the physical eraseblock is free */
799                 err = add_to_list(si, pnum, ec, &si->free);
800                 if (err)
801                         return err;
802                 goto adjust_mean_ec;
803         }
804
805         vol_id = be32_to_cpu(vidh->vol_id);
806         if (vol_id > UBI_MAX_VOLUMES && vol_id != UBI_LAYOUT_VOLUME_ID) {
807                 int lnum = be32_to_cpu(vidh->lnum);
808
809                 /* Unsupported internal volume */
810                 switch (vidh->compat) {
811                 case UBI_COMPAT_DELETE:
812                         ubi_msg("\"delete\" compatible internal volume %d:%d"
813                                 " found, remove it", vol_id, lnum);
814                         err = add_to_list(si, pnum, ec, &si->corr);
815                         if (err)
816                                 return err;
817                         break;
818
819                 case UBI_COMPAT_RO:
820                         ubi_msg("read-only compatible internal volume %d:%d"
821                                 " found, switch to read-only mode",
822                                 vol_id, lnum);
823                         ubi->ro_mode = 1;
824                         break;
825
826                 case UBI_COMPAT_PRESERVE:
827                         ubi_msg("\"preserve\" compatible internal volume %d:%d"
828                                 " found", vol_id, lnum);
829                         err = add_to_list(si, pnum, ec, &si->alien);
830                         if (err)
831                                 return err;
832                         si->alien_peb_count += 1;
833                         return 0;
834
835                 case UBI_COMPAT_REJECT:
836                         ubi_err("incompatible internal volume %d:%d found",
837                                 vol_id, lnum);
838                         return -EINVAL;
839                 }
840         }
841
842         /* Both UBI headers seem to be fine */
843         err = ubi_scan_add_used(ubi, si, pnum, ec, vidh, bitflips);
844         if (err)
845                 return err;
846
847 adjust_mean_ec:
848         if (!ec_corr) {
849                 si->ec_sum += ec;
850                 si->ec_count += 1;
851                 if (ec > si->max_ec)
852                         si->max_ec = ec;
853                 if (ec < si->min_ec)
854                         si->min_ec = ec;
855         }
856
857         return 0;
858 }
859
860 /**
861  * ubi_scan - scan an MTD device.
862  * @ubi: UBI device description object
863  *
864  * This function does full scanning of an MTD device and returns complete
865  * information about it. In case of failure, an error code is returned.
866  */
867 struct ubi_scan_info *ubi_scan(struct ubi_device *ubi)
868 {
869         int err, pnum;
870         struct rb_node *rb1, *rb2;
871         struct ubi_scan_volume *sv;
872         struct ubi_scan_leb *seb;
873         struct ubi_scan_info *si;
874
875         si = kzalloc(sizeof(struct ubi_scan_info), GFP_KERNEL);
876         if (!si)
877                 return ERR_PTR(-ENOMEM);
878
879         INIT_LIST_HEAD(&si->corr);
880         INIT_LIST_HEAD(&si->free);
881         INIT_LIST_HEAD(&si->erase);
882         INIT_LIST_HEAD(&si->alien);
883         si->volumes = RB_ROOT;
884         si->is_empty = 1;
885
886         err = -ENOMEM;
887         ech = kzalloc(ubi->ec_hdr_alsize, GFP_KERNEL);
888         if (!ech)
889                 goto out_si;
890
891         vidh = ubi_zalloc_vid_hdr(ubi, GFP_KERNEL);
892         if (!vidh)
893                 goto out_ech;
894
895         for (pnum = 0; pnum < ubi->peb_count; pnum++) {
896                 cond_resched();
897
898                 dbg_gen("process PEB %d", pnum);
899                 err = process_eb(ubi, si, pnum);
900                 if (err < 0)
901                         goto out_vidh;
902         }
903
904         dbg_msg("scanning is finished");
905
906         /* Calculate mean erase counter */
907         if (si->ec_count) {
908                 do_div(si->ec_sum, si->ec_count);
909                 si->mean_ec = si->ec_sum;
910         }
911
912         if (si->is_empty)
913                 ubi_msg("empty MTD device detected");
914
915         /*
916          * In case of unknown erase counter we use the mean erase counter
917          * value.
918          */
919         ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) {
920                 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb)
921                         if (seb->ec == UBI_SCAN_UNKNOWN_EC)
922                                 seb->ec = si->mean_ec;
923         }
924
925         list_for_each_entry(seb, &si->free, u.list) {
926                 if (seb->ec == UBI_SCAN_UNKNOWN_EC)
927                         seb->ec = si->mean_ec;
928         }
929
930         list_for_each_entry(seb, &si->corr, u.list)
931                 if (seb->ec == UBI_SCAN_UNKNOWN_EC)
932                         seb->ec = si->mean_ec;
933
934         list_for_each_entry(seb, &si->erase, u.list)
935                 if (seb->ec == UBI_SCAN_UNKNOWN_EC)
936                         seb->ec = si->mean_ec;
937
938         err = paranoid_check_si(ubi, si);
939         if (err) {
940                 if (err > 0)
941                         err = -EINVAL;
942                 goto out_vidh;
943         }
944
945         ubi_free_vid_hdr(ubi, vidh);
946         kfree(ech);
947
948         return si;
949
950 out_vidh:
951         ubi_free_vid_hdr(ubi, vidh);
952 out_ech:
953         kfree(ech);
954 out_si:
955         ubi_scan_destroy_si(si);
956         return ERR_PTR(err);
957 }
958
959 /**
960  * destroy_sv - free the scanning volume information
961  * @sv: scanning volume information
962  *
963  * This function destroys the volume RB-tree (@sv->root) and the scanning
964  * volume information.
965  */
966 static void destroy_sv(struct ubi_scan_volume *sv)
967 {
968         struct ubi_scan_leb *seb;
969         struct rb_node *this = sv->root.rb_node;
970
971         while (this) {
972                 if (this->rb_left)
973                         this = this->rb_left;
974                 else if (this->rb_right)
975                         this = this->rb_right;
976                 else {
977                         seb = rb_entry(this, struct ubi_scan_leb, u.rb);
978                         this = rb_parent(this);
979                         if (this) {
980                                 if (this->rb_left == &seb->u.rb)
981                                         this->rb_left = NULL;
982                                 else
983                                         this->rb_right = NULL;
984                         }
985
986                         kfree(seb);
987                 }
988         }
989         kfree(sv);
990 }
991
992 /**
993  * ubi_scan_destroy_si - destroy scanning information.
994  * @si: scanning information
995  */
996 void ubi_scan_destroy_si(struct ubi_scan_info *si)
997 {
998         struct ubi_scan_leb *seb, *seb_tmp;
999         struct ubi_scan_volume *sv;
1000         struct rb_node *rb;
1001
1002         list_for_each_entry_safe(seb, seb_tmp, &si->alien, u.list) {
1003                 list_del(&seb->u.list);
1004                 kfree(seb);
1005         }
1006         list_for_each_entry_safe(seb, seb_tmp, &si->erase, u.list) {
1007                 list_del(&seb->u.list);
1008                 kfree(seb);
1009         }
1010         list_for_each_entry_safe(seb, seb_tmp, &si->corr, u.list) {
1011                 list_del(&seb->u.list);
1012                 kfree(seb);
1013         }
1014         list_for_each_entry_safe(seb, seb_tmp, &si->free, u.list) {
1015                 list_del(&seb->u.list);
1016                 kfree(seb);
1017         }
1018
1019         /* Destroy the volume RB-tree */
1020         rb = si->volumes.rb_node;
1021         while (rb) {
1022                 if (rb->rb_left)
1023                         rb = rb->rb_left;
1024                 else if (rb->rb_right)
1025                         rb = rb->rb_right;
1026                 else {
1027                         sv = rb_entry(rb, struct ubi_scan_volume, rb);
1028
1029                         rb = rb_parent(rb);
1030                         if (rb) {
1031                                 if (rb->rb_left == &sv->rb)
1032                                         rb->rb_left = NULL;
1033                                 else
1034                                         rb->rb_right = NULL;
1035                         }
1036
1037                         destroy_sv(sv);
1038                 }
1039         }
1040
1041         kfree(si);
1042 }
1043
1044 #ifdef CONFIG_MTD_UBI_DEBUG_PARANOID
1045
1046 /**
1047  * paranoid_check_si - check the scanning information.
1048  * @ubi: UBI device description object
1049  * @si: scanning information
1050  *
1051  * This function returns zero if the scanning information is all right, %1 if
1052  * not and a negative error code if an error occurred.
1053  */
1054 static int paranoid_check_si(struct ubi_device *ubi, struct ubi_scan_info *si)
1055 {
1056         int pnum, err, vols_found = 0;
1057         struct rb_node *rb1, *rb2;
1058         struct ubi_scan_volume *sv;
1059         struct ubi_scan_leb *seb, *last_seb;
1060         uint8_t *buf;
1061
1062         /*
1063          * At first, check that scanning information is OK.
1064          */
1065         ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) {
1066                 int leb_count = 0;
1067
1068                 cond_resched();
1069
1070                 vols_found += 1;
1071
1072                 if (si->is_empty) {
1073                         ubi_err("bad is_empty flag");
1074                         goto bad_sv;
1075                 }
1076
1077                 if (sv->vol_id < 0 || sv->highest_lnum < 0 ||
1078                     sv->leb_count < 0 || sv->vol_type < 0 || sv->used_ebs < 0 ||
1079                     sv->data_pad < 0 || sv->last_data_size < 0) {
1080                         ubi_err("negative values");
1081                         goto bad_sv;
1082                 }
1083
1084                 if (sv->vol_id >= UBI_MAX_VOLUMES &&
1085                     sv->vol_id < UBI_INTERNAL_VOL_START) {
1086                         ubi_err("bad vol_id");
1087                         goto bad_sv;
1088                 }
1089
1090                 if (sv->vol_id > si->highest_vol_id) {
1091                         ubi_err("highest_vol_id is %d, but vol_id %d is there",
1092                                 si->highest_vol_id, sv->vol_id);
1093                         goto out;
1094                 }
1095
1096                 if (sv->vol_type != UBI_DYNAMIC_VOLUME &&
1097                     sv->vol_type != UBI_STATIC_VOLUME) {
1098                         ubi_err("bad vol_type");
1099                         goto bad_sv;
1100                 }
1101
1102                 if (sv->data_pad > ubi->leb_size / 2) {
1103                         ubi_err("bad data_pad");
1104                         goto bad_sv;
1105                 }
1106
1107                 last_seb = NULL;
1108                 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) {
1109                         cond_resched();
1110
1111                         last_seb = seb;
1112                         leb_count += 1;
1113
1114                         if (seb->pnum < 0 || seb->ec < 0) {
1115                                 ubi_err("negative values");
1116                                 goto bad_seb;
1117                         }
1118
1119                         if (seb->ec < si->min_ec) {
1120                                 ubi_err("bad si->min_ec (%d), %d found",
1121                                         si->min_ec, seb->ec);
1122                                 goto bad_seb;
1123                         }
1124
1125                         if (seb->ec > si->max_ec) {
1126                                 ubi_err("bad si->max_ec (%d), %d found",
1127                                         si->max_ec, seb->ec);
1128                                 goto bad_seb;
1129                         }
1130
1131                         if (seb->pnum >= ubi->peb_count) {
1132                                 ubi_err("too high PEB number %d, total PEBs %d",
1133                                         seb->pnum, ubi->peb_count);
1134                                 goto bad_seb;
1135                         }
1136
1137                         if (sv->vol_type == UBI_STATIC_VOLUME) {
1138                                 if (seb->lnum >= sv->used_ebs) {
1139                                         ubi_err("bad lnum or used_ebs");
1140                                         goto bad_seb;
1141                                 }
1142                         } else {
1143                                 if (sv->used_ebs != 0) {
1144                                         ubi_err("non-zero used_ebs");
1145                                         goto bad_seb;
1146                                 }
1147                         }
1148
1149                         if (seb->lnum > sv->highest_lnum) {
1150                                 ubi_err("incorrect highest_lnum or lnum");
1151                                 goto bad_seb;
1152                         }
1153                 }
1154
1155                 if (sv->leb_count != leb_count) {
1156                         ubi_err("bad leb_count, %d objects in the tree",
1157                                 leb_count);
1158                         goto bad_sv;
1159                 }
1160
1161                 if (!last_seb)
1162                         continue;
1163
1164                 seb = last_seb;
1165
1166                 if (seb->lnum != sv->highest_lnum) {
1167                         ubi_err("bad highest_lnum");
1168                         goto bad_seb;
1169                 }
1170         }
1171
1172         if (vols_found != si->vols_found) {
1173                 ubi_err("bad si->vols_found %d, should be %d",
1174                         si->vols_found, vols_found);
1175                 goto out;
1176         }
1177
1178         /* Check that scanning information is correct */
1179         ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb) {
1180                 last_seb = NULL;
1181                 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb) {
1182                         int vol_type;
1183
1184                         cond_resched();
1185
1186                         last_seb = seb;
1187
1188                         err = ubi_io_read_vid_hdr(ubi, seb->pnum, vidh, 1);
1189                         if (err && err != UBI_IO_BITFLIPS) {
1190                                 ubi_err("VID header is not OK (%d)", err);
1191                                 if (err > 0)
1192                                         err = -EIO;
1193                                 return err;
1194                         }
1195
1196                         vol_type = vidh->vol_type == UBI_VID_DYNAMIC ?
1197                                    UBI_DYNAMIC_VOLUME : UBI_STATIC_VOLUME;
1198                         if (sv->vol_type != vol_type) {
1199                                 ubi_err("bad vol_type");
1200                                 goto bad_vid_hdr;
1201                         }
1202
1203                         if (seb->sqnum != be64_to_cpu(vidh->sqnum)) {
1204                                 ubi_err("bad sqnum %llu", seb->sqnum);
1205                                 goto bad_vid_hdr;
1206                         }
1207
1208                         if (sv->vol_id != be32_to_cpu(vidh->vol_id)) {
1209                                 ubi_err("bad vol_id %d", sv->vol_id);
1210                                 goto bad_vid_hdr;
1211                         }
1212
1213                         if (sv->compat != vidh->compat) {
1214                                 ubi_err("bad compat %d", vidh->compat);
1215                                 goto bad_vid_hdr;
1216                         }
1217
1218                         if (seb->lnum != be32_to_cpu(vidh->lnum)) {
1219                                 ubi_err("bad lnum %d", seb->lnum);
1220                                 goto bad_vid_hdr;
1221                         }
1222
1223                         if (sv->used_ebs != be32_to_cpu(vidh->used_ebs)) {
1224                                 ubi_err("bad used_ebs %d", sv->used_ebs);
1225                                 goto bad_vid_hdr;
1226                         }
1227
1228                         if (sv->data_pad != be32_to_cpu(vidh->data_pad)) {
1229                                 ubi_err("bad data_pad %d", sv->data_pad);
1230                                 goto bad_vid_hdr;
1231                         }
1232                 }
1233
1234                 if (!last_seb)
1235                         continue;
1236
1237                 if (sv->highest_lnum != be32_to_cpu(vidh->lnum)) {
1238                         ubi_err("bad highest_lnum %d", sv->highest_lnum);
1239                         goto bad_vid_hdr;
1240                 }
1241
1242                 if (sv->last_data_size != be32_to_cpu(vidh->data_size)) {
1243                         ubi_err("bad last_data_size %d", sv->last_data_size);
1244                         goto bad_vid_hdr;
1245                 }
1246         }
1247
1248         /*
1249          * Make sure that all the physical eraseblocks are in one of the lists
1250          * or trees.
1251          */
1252         buf = kzalloc(ubi->peb_count, GFP_KERNEL);
1253         if (!buf)
1254                 return -ENOMEM;
1255
1256         for (pnum = 0; pnum < ubi->peb_count; pnum++) {
1257                 err = ubi_io_is_bad(ubi, pnum);
1258                 if (err < 0) {
1259                         kfree(buf);
1260                         return err;
1261                 } else if (err)
1262                         buf[pnum] = 1;
1263         }
1264
1265         ubi_rb_for_each_entry(rb1, sv, &si->volumes, rb)
1266                 ubi_rb_for_each_entry(rb2, seb, &sv->root, u.rb)
1267                         buf[seb->pnum] = 1;
1268
1269         list_for_each_entry(seb, &si->free, u.list)
1270                 buf[seb->pnum] = 1;
1271
1272         list_for_each_entry(seb, &si->corr, u.list)
1273                 buf[seb->pnum] = 1;
1274
1275         list_for_each_entry(seb, &si->erase, u.list)
1276                 buf[seb->pnum] = 1;
1277
1278         list_for_each_entry(seb, &si->alien, u.list)
1279                 buf[seb->pnum] = 1;
1280
1281         err = 0;
1282         for (pnum = 0; pnum < ubi->peb_count; pnum++)
1283                 if (!buf[pnum]) {
1284                         ubi_err("PEB %d is not referred", pnum);
1285                         err = 1;
1286                 }
1287
1288         kfree(buf);
1289         if (err)
1290                 goto out;
1291         return 0;
1292
1293 bad_seb:
1294         ubi_err("bad scanning information about LEB %d", seb->lnum);
1295         ubi_dbg_dump_seb(seb, 0);
1296         ubi_dbg_dump_sv(sv);
1297         goto out;
1298
1299 bad_sv:
1300         ubi_err("bad scanning information about volume %d", sv->vol_id);
1301         ubi_dbg_dump_sv(sv);
1302         goto out;
1303
1304 bad_vid_hdr:
1305         ubi_err("bad scanning information about volume %d", sv->vol_id);
1306         ubi_dbg_dump_sv(sv);
1307         ubi_dbg_dump_vid_hdr(vidh);
1308
1309 out:
1310         ubi_dbg_dump_stack();
1311         return 1;
1312 }
1313
1314 #endif /* CONFIG_MTD_UBI_DEBUG_PARANOID */