[WAN]: lmc_ioctl: don't return with locks held
[linux-2.6] / drivers / mtd / inftlmount.c
1 /*
2  * inftlmount.c -- INFTL mount code with extensive checks.
3  *
4  * Author: Greg Ungerer (gerg@snapgear.com)
5  * (C) Copyright 2002-2003, Greg Ungerer (gerg@snapgear.com)
6  *
7  * Based heavily on the nftlmount.c code which is:
8  * Author: Fabrice Bellard (fabrice.bellard@netgem.com)
9  * Copyright (C) 2000 Netgem S.A.
10  *
11  * $Id: inftlmount.c,v 1.18 2005/11/07 11:14:20 gleixner Exp $
12  *
13  * This program is free software; you can redistribute it and/or modify
14  * it under the terms of the GNU General Public License as published by
15  * the Free Software Foundation; either version 2 of the License, or
16  * (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software
25  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26  */
27
28 #include <linux/kernel.h>
29 #include <linux/module.h>
30 #include <asm/errno.h>
31 #include <asm/io.h>
32 #include <asm/uaccess.h>
33 #include <linux/miscdevice.h>
34 #include <linux/delay.h>
35 #include <linux/slab.h>
36 #include <linux/init.h>
37 #include <linux/mtd/mtd.h>
38 #include <linux/mtd/nftl.h>
39 #include <linux/mtd/inftl.h>
40 #include <linux/mtd/compatmac.h>
41
42 char inftlmountrev[]="$Revision: 1.18 $";
43
44 extern int inftl_read_oob(struct mtd_info *mtd, loff_t offs, size_t len,
45                           size_t *retlen, uint8_t *buf);
46 extern int inftl_write_oob(struct mtd_info *mtd, loff_t offs, size_t len,
47                            size_t *retlen, uint8_t *buf);
48
49 /*
50  * find_boot_record: Find the INFTL Media Header and its Spare copy which
51  *      contains the various device information of the INFTL partition and
52  *      Bad Unit Table. Update the PUtable[] table according to the Bad
53  *      Unit Table. PUtable[] is used for management of Erase Unit in
54  *      other routines in inftlcore.c and inftlmount.c.
55  */
56 static int find_boot_record(struct INFTLrecord *inftl)
57 {
58         struct inftl_unittail h1;
59         //struct inftl_oob oob;
60         unsigned int i, block;
61         u8 buf[SECTORSIZE];
62         struct INFTLMediaHeader *mh = &inftl->MediaHdr;
63         struct mtd_info *mtd = inftl->mbd.mtd;
64         struct INFTLPartition *ip;
65         size_t retlen;
66
67         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: find_boot_record(inftl=%p)\n", inftl);
68
69         /*
70          * Assume logical EraseSize == physical erasesize for starting the
71          * scan. We'll sort it out later if we find a MediaHeader which says
72          * otherwise.
73          */
74         inftl->EraseSize = inftl->mbd.mtd->erasesize;
75         inftl->nb_blocks = inftl->mbd.mtd->size / inftl->EraseSize;
76
77         inftl->MediaUnit = BLOCK_NIL;
78
79         /* Search for a valid boot record */
80         for (block = 0; block < inftl->nb_blocks; block++) {
81                 int ret;
82
83                 /*
84                  * Check for BNAND header first. Then whinge if it's found
85                  * but later checks fail.
86                  */
87                 ret = mtd->read(mtd, block * inftl->EraseSize,
88                                 SECTORSIZE, &retlen, buf);
89                 /* We ignore ret in case the ECC of the MediaHeader is invalid
90                    (which is apparently acceptable) */
91                 if (retlen != SECTORSIZE) {
92                         static int warncount = 5;
93
94                         if (warncount) {
95                                 printk(KERN_WARNING "INFTL: block read at 0x%x "
96                                         "of mtd%d failed: %d\n",
97                                         block * inftl->EraseSize,
98                                         inftl->mbd.mtd->index, ret);
99                                 if (!--warncount)
100                                         printk(KERN_WARNING "INFTL: further "
101                                                 "failures for this block will "
102                                                 "not be printed\n");
103                         }
104                         continue;
105                 }
106
107                 if (retlen < 6 || memcmp(buf, "BNAND", 6)) {
108                         /* BNAND\0 not found. Continue */
109                         continue;
110                 }
111
112                 /* To be safer with BIOS, also use erase mark as discriminant */
113                 if ((ret = inftl_read_oob(mtd, block * inftl->EraseSize +
114                                           SECTORSIZE + 8, 8, &retlen,
115                                           (char *)&h1) < 0)) {
116                         printk(KERN_WARNING "INFTL: ANAND header found at "
117                                 "0x%x in mtd%d, but OOB data read failed "
118                                 "(err %d)\n", block * inftl->EraseSize,
119                                 inftl->mbd.mtd->index, ret);
120                         continue;
121                 }
122
123
124                 /*
125                  * This is the first we've seen.
126                  * Copy the media header structure into place.
127                  */
128                 memcpy(mh, buf, sizeof(struct INFTLMediaHeader));
129
130                 /* Read the spare media header at offset 4096 */
131                 mtd->read(mtd, block * inftl->EraseSize + 4096,
132                           SECTORSIZE, &retlen, buf);
133                 if (retlen != SECTORSIZE) {
134                         printk(KERN_WARNING "INFTL: Unable to read spare "
135                                "Media Header\n");
136                         return -1;
137                 }
138                 /* Check if this one is the same as the first one we found. */
139                 if (memcmp(mh, buf, sizeof(struct INFTLMediaHeader))) {
140                         printk(KERN_WARNING "INFTL: Primary and spare Media "
141                                "Headers disagree.\n");
142                         return -1;
143                 }
144
145                 mh->NoOfBootImageBlocks = le32_to_cpu(mh->NoOfBootImageBlocks);
146                 mh->NoOfBinaryPartitions = le32_to_cpu(mh->NoOfBinaryPartitions);
147                 mh->NoOfBDTLPartitions = le32_to_cpu(mh->NoOfBDTLPartitions);
148                 mh->BlockMultiplierBits = le32_to_cpu(mh->BlockMultiplierBits);
149                 mh->FormatFlags = le32_to_cpu(mh->FormatFlags);
150                 mh->PercentUsed = le32_to_cpu(mh->PercentUsed);
151
152 #ifdef CONFIG_MTD_DEBUG_VERBOSE
153                 if (CONFIG_MTD_DEBUG_VERBOSE >= 2) {
154                         printk("INFTL: Media Header ->\n"
155                                 "    bootRecordID          = %s\n"
156                                 "    NoOfBootImageBlocks   = %d\n"
157                                 "    NoOfBinaryPartitions  = %d\n"
158                                 "    NoOfBDTLPartitions    = %d\n"
159                                 "    BlockMultiplerBits    = %d\n"
160                                 "    FormatFlgs            = %d\n"
161                                 "    OsakVersion           = 0x%x\n"
162                                 "    PercentUsed           = %d\n",
163                                 mh->bootRecordID, mh->NoOfBootImageBlocks,
164                                 mh->NoOfBinaryPartitions,
165                                 mh->NoOfBDTLPartitions,
166                                 mh->BlockMultiplierBits, mh->FormatFlags,
167                                 mh->OsakVersion, mh->PercentUsed);
168                 }
169 #endif
170
171                 if (mh->NoOfBDTLPartitions == 0) {
172                         printk(KERN_WARNING "INFTL: Media Header sanity check "
173                                 "failed: NoOfBDTLPartitions (%d) == 0, "
174                                 "must be at least 1\n", mh->NoOfBDTLPartitions);
175                         return -1;
176                 }
177
178                 if ((mh->NoOfBDTLPartitions + mh->NoOfBinaryPartitions) > 4) {
179                         printk(KERN_WARNING "INFTL: Media Header sanity check "
180                                 "failed: Total Partitions (%d) > 4, "
181                                 "BDTL=%d Binary=%d\n", mh->NoOfBDTLPartitions +
182                                 mh->NoOfBinaryPartitions,
183                                 mh->NoOfBDTLPartitions,
184                                 mh->NoOfBinaryPartitions);
185                         return -1;
186                 }
187
188                 if (mh->BlockMultiplierBits > 1) {
189                         printk(KERN_WARNING "INFTL: sorry, we don't support "
190                                 "UnitSizeFactor 0x%02x\n",
191                                 mh->BlockMultiplierBits);
192                         return -1;
193                 } else if (mh->BlockMultiplierBits == 1) {
194                         printk(KERN_WARNING "INFTL: support for INFTL with "
195                                 "UnitSizeFactor 0x%02x is experimental\n",
196                                 mh->BlockMultiplierBits);
197                         inftl->EraseSize = inftl->mbd.mtd->erasesize <<
198                                 mh->BlockMultiplierBits;
199                         inftl->nb_blocks = inftl->mbd.mtd->size / inftl->EraseSize;
200                         block >>= mh->BlockMultiplierBits;
201                 }
202
203                 /* Scan the partitions */
204                 for (i = 0; (i < 4); i++) {
205                         ip = &mh->Partitions[i];
206                         ip->virtualUnits = le32_to_cpu(ip->virtualUnits);
207                         ip->firstUnit = le32_to_cpu(ip->firstUnit);
208                         ip->lastUnit = le32_to_cpu(ip->lastUnit);
209                         ip->flags = le32_to_cpu(ip->flags);
210                         ip->spareUnits = le32_to_cpu(ip->spareUnits);
211                         ip->Reserved0 = le32_to_cpu(ip->Reserved0);
212
213 #ifdef CONFIG_MTD_DEBUG_VERBOSE
214                         if (CONFIG_MTD_DEBUG_VERBOSE >= 2) {
215                                 printk("    PARTITION[%d] ->\n"
216                                         "        virtualUnits    = %d\n"
217                                         "        firstUnit       = %d\n"
218                                         "        lastUnit        = %d\n"
219                                         "        flags           = 0x%x\n"
220                                         "        spareUnits      = %d\n",
221                                         i, ip->virtualUnits, ip->firstUnit,
222                                         ip->lastUnit, ip->flags,
223                                         ip->spareUnits);
224                         }
225 #endif
226
227                         if (ip->Reserved0 != ip->firstUnit) {
228                                 struct erase_info *instr = &inftl->instr;
229
230                                 instr->mtd = inftl->mbd.mtd;
231
232                                 /*
233                                  *      Most likely this is using the
234                                  *      undocumented qiuck mount feature.
235                                  *      We don't support that, we will need
236                                  *      to erase the hidden block for full
237                                  *      compatibility.
238                                  */
239                                 instr->addr = ip->Reserved0 * inftl->EraseSize;
240                                 instr->len = inftl->EraseSize;
241                                 mtd->erase(mtd, instr);
242                         }
243                         if ((ip->lastUnit - ip->firstUnit + 1) < ip->virtualUnits) {
244                                 printk(KERN_WARNING "INFTL: Media Header "
245                                         "Partition %d sanity check failed\n"
246                                         "    firstUnit %d : lastUnit %d  >  "
247                                         "virtualUnits %d\n", i, ip->lastUnit,
248                                         ip->firstUnit, ip->Reserved0);
249                                 return -1;
250                         }
251                         if (ip->Reserved1 != 0) {
252                                 printk(KERN_WARNING "INFTL: Media Header "
253                                         "Partition %d sanity check failed: "
254                                         "Reserved1 %d != 0\n",
255                                         i, ip->Reserved1);
256                                 return -1;
257                         }
258
259                         if (ip->flags & INFTL_BDTL)
260                                 break;
261                 }
262
263                 if (i >= 4) {
264                         printk(KERN_WARNING "INFTL: Media Header Partition "
265                                 "sanity check failed:\n       No partition "
266                                 "marked as Disk Partition\n");
267                         return -1;
268                 }
269
270                 inftl->nb_boot_blocks = ip->firstUnit;
271                 inftl->numvunits = ip->virtualUnits;
272                 if (inftl->numvunits > (inftl->nb_blocks -
273                     inftl->nb_boot_blocks - 2)) {
274                         printk(KERN_WARNING "INFTL: Media Header sanity check "
275                                 "failed:\n        numvunits (%d) > nb_blocks "
276                                 "(%d) - nb_boot_blocks(%d) - 2\n",
277                                 inftl->numvunits, inftl->nb_blocks,
278                                 inftl->nb_boot_blocks);
279                         return -1;
280                 }
281
282                 inftl->mbd.size  = inftl->numvunits *
283                         (inftl->EraseSize / SECTORSIZE);
284
285                 /*
286                  * Block count is set to last used EUN (we won't need to keep
287                  * any meta-data past that point).
288                  */
289                 inftl->firstEUN = ip->firstUnit;
290                 inftl->lastEUN = ip->lastUnit;
291                 inftl->nb_blocks = ip->lastUnit + 1;
292
293                 /* Memory alloc */
294                 inftl->PUtable = kmalloc(inftl->nb_blocks * sizeof(u16), GFP_KERNEL);
295                 if (!inftl->PUtable) {
296                         printk(KERN_WARNING "INFTL: allocation of PUtable "
297                                 "failed (%zd bytes)\n",
298                                 inftl->nb_blocks * sizeof(u16));
299                         return -ENOMEM;
300                 }
301
302                 inftl->VUtable = kmalloc(inftl->nb_blocks * sizeof(u16), GFP_KERNEL);
303                 if (!inftl->VUtable) {
304                         kfree(inftl->PUtable);
305                         printk(KERN_WARNING "INFTL: allocation of VUtable "
306                                 "failed (%zd bytes)\n",
307                                 inftl->nb_blocks * sizeof(u16));
308                         return -ENOMEM;
309                 }
310
311                 /* Mark the blocks before INFTL MediaHeader as reserved */
312                 for (i = 0; i < inftl->nb_boot_blocks; i++)
313                         inftl->PUtable[i] = BLOCK_RESERVED;
314                 /* Mark all remaining blocks as potentially containing data */
315                 for (; i < inftl->nb_blocks; i++)
316                         inftl->PUtable[i] = BLOCK_NOTEXPLORED;
317
318                 /* Mark this boot record (NFTL MediaHeader) block as reserved */
319                 inftl->PUtable[block] = BLOCK_RESERVED;
320
321                 /* Read Bad Erase Unit Table and modify PUtable[] accordingly */
322                 for (i = 0; i < inftl->nb_blocks; i++) {
323                         int physblock;
324                         /* If any of the physical eraseblocks are bad, don't
325                            use the unit. */
326                         for (physblock = 0; physblock < inftl->EraseSize; physblock += inftl->mbd.mtd->erasesize) {
327                                 if (inftl->mbd.mtd->block_isbad(inftl->mbd.mtd, i * inftl->EraseSize + physblock))
328                                         inftl->PUtable[i] = BLOCK_RESERVED;
329                         }
330                 }
331
332                 inftl->MediaUnit = block;
333                 return 0;
334         }
335
336         /* Not found. */
337         return -1;
338 }
339
340 static int memcmpb(void *a, int c, int n)
341 {
342         int i;
343         for (i = 0; i < n; i++) {
344                 if (c != ((unsigned char *)a)[i])
345                         return 1;
346         }
347         return 0;
348 }
349
350 /*
351  * check_free_sector: check if a free sector is actually FREE,
352  *      i.e. All 0xff in data and oob area.
353  */
354 static int check_free_sectors(struct INFTLrecord *inftl, unsigned int address,
355         int len, int check_oob)
356 {
357         u8 buf[SECTORSIZE + inftl->mbd.mtd->oobsize];
358         struct mtd_info *mtd = inftl->mbd.mtd;
359         size_t retlen;
360         int i;
361
362         for (i = 0; i < len; i += SECTORSIZE) {
363                 if (mtd->read(mtd, address, SECTORSIZE, &retlen, buf))
364                         return -1;
365                 if (memcmpb(buf, 0xff, SECTORSIZE) != 0)
366                         return -1;
367
368                 if (check_oob) {
369                         if(inftl_read_oob(mtd, address, mtd->oobsize,
370                                           &retlen, &buf[SECTORSIZE]) < 0)
371                                 return -1;
372                         if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0)
373                                 return -1;
374                 }
375                 address += SECTORSIZE;
376         }
377
378         return 0;
379 }
380
381 /*
382  * INFTL_format: format a Erase Unit by erasing ALL Erase Zones in the Erase
383  *               Unit and Update INFTL metadata. Each erase operation is
384  *               checked with check_free_sectors.
385  *
386  * Return: 0 when succeed, -1 on error.
387  *
388  * ToDo: 1. Is it neceressary to check_free_sector after erasing ??
389  */
390 int INFTL_formatblock(struct INFTLrecord *inftl, int block)
391 {
392         size_t retlen;
393         struct inftl_unittail uci;
394         struct erase_info *instr = &inftl->instr;
395         struct mtd_info *mtd = inftl->mbd.mtd;
396         int physblock;
397
398         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_formatblock(inftl=%p,"
399                 "block=%d)\n", inftl, block);
400
401         memset(instr, 0, sizeof(struct erase_info));
402
403         /* FIXME: Shouldn't we be setting the 'discarded' flag to zero
404            _first_? */
405
406         /* Use async erase interface, test return code */
407         instr->mtd = inftl->mbd.mtd;
408         instr->addr = block * inftl->EraseSize;
409         instr->len = inftl->mbd.mtd->erasesize;
410         /* Erase one physical eraseblock at a time, even though the NAND api
411            allows us to group them.  This way we if we have a failure, we can
412            mark only the failed block in the bbt. */
413         for (physblock = 0; physblock < inftl->EraseSize;
414              physblock += instr->len, instr->addr += instr->len) {
415                 mtd->erase(inftl->mbd.mtd, instr);
416
417                 if (instr->state == MTD_ERASE_FAILED) {
418                         printk(KERN_WARNING "INFTL: error while formatting block %d\n",
419                                 block);
420                         goto fail;
421                 }
422
423                 /*
424                  * Check the "freeness" of Erase Unit before updating metadata.
425                  * FixMe: is this check really necessary? Since we have check
426                  * the return code after the erase operation.
427                  */
428                 if (check_free_sectors(inftl, instr->addr, instr->len, 1) != 0)
429                         goto fail;
430         }
431
432         uci.EraseMark = cpu_to_le16(ERASE_MARK);
433         uci.EraseMark1 = cpu_to_le16(ERASE_MARK);
434         uci.Reserved[0] = 0;
435         uci.Reserved[1] = 0;
436         uci.Reserved[2] = 0;
437         uci.Reserved[3] = 0;
438         instr->addr = block * inftl->EraseSize + SECTORSIZE * 2;
439         if (inftl_write_oob(mtd, instr->addr + 8, 8, &retlen, (char *)&uci) < 0)
440                 goto fail;
441         return 0;
442 fail:
443         /* could not format, update the bad block table (caller is responsible
444            for setting the PUtable to BLOCK_RESERVED on failure) */
445         inftl->mbd.mtd->block_markbad(inftl->mbd.mtd, instr->addr);
446         return -1;
447 }
448
449 /*
450  * format_chain: Format an invalid Virtual Unit chain. It frees all the Erase
451  *      Units in a Virtual Unit Chain, i.e. all the units are disconnected.
452  *
453  *      Since the chain is invalid then we will have to erase it from its
454  *      head (normally for INFTL we go from the oldest). But if it has a
455  *      loop then there is no oldest...
456  */
457 static void format_chain(struct INFTLrecord *inftl, unsigned int first_block)
458 {
459         unsigned int block = first_block, block1;
460
461         printk(KERN_WARNING "INFTL: formatting chain at block %d\n",
462                 first_block);
463
464         for (;;) {
465                 block1 = inftl->PUtable[block];
466
467                 printk(KERN_WARNING "INFTL: formatting block %d\n", block);
468                 if (INFTL_formatblock(inftl, block) < 0) {
469                         /*
470                          * Cannot format !!!! Mark it as Bad Unit,
471                          */
472                         inftl->PUtable[block] = BLOCK_RESERVED;
473                 } else {
474                         inftl->PUtable[block] = BLOCK_FREE;
475                 }
476
477                 /* Goto next block on the chain */
478                 block = block1;
479
480                 if (block == BLOCK_NIL || block >= inftl->lastEUN)
481                         break;
482         }
483 }
484
485 void INFTL_dumptables(struct INFTLrecord *s)
486 {
487         int i;
488
489         printk("-------------------------------------------"
490                 "----------------------------------\n");
491
492         printk("VUtable[%d] ->", s->nb_blocks);
493         for (i = 0; i < s->nb_blocks; i++) {
494                 if ((i % 8) == 0)
495                         printk("\n%04x: ", i);
496                 printk("%04x ", s->VUtable[i]);
497         }
498
499         printk("\n-------------------------------------------"
500                 "----------------------------------\n");
501
502         printk("PUtable[%d-%d=%d] ->", s->firstEUN, s->lastEUN, s->nb_blocks);
503         for (i = 0; i <= s->lastEUN; i++) {
504                 if ((i % 8) == 0)
505                         printk("\n%04x: ", i);
506                 printk("%04x ", s->PUtable[i]);
507         }
508
509         printk("\n-------------------------------------------"
510                 "----------------------------------\n");
511
512         printk("INFTL ->\n"
513                 "  EraseSize       = %d\n"
514                 "  h/s/c           = %d/%d/%d\n"
515                 "  numvunits       = %d\n"
516                 "  firstEUN        = %d\n"
517                 "  lastEUN         = %d\n"
518                 "  numfreeEUNs     = %d\n"
519                 "  LastFreeEUN     = %d\n"
520                 "  nb_blocks       = %d\n"
521                 "  nb_boot_blocks  = %d",
522                 s->EraseSize, s->heads, s->sectors, s->cylinders,
523                 s->numvunits, s->firstEUN, s->lastEUN, s->numfreeEUNs,
524                 s->LastFreeEUN, s->nb_blocks, s->nb_boot_blocks);
525
526         printk("\n-------------------------------------------"
527                 "----------------------------------\n");
528 }
529
530 void INFTL_dumpVUchains(struct INFTLrecord *s)
531 {
532         int logical, block, i;
533
534         printk("-------------------------------------------"
535                 "----------------------------------\n");
536
537         printk("INFTL Virtual Unit Chains:\n");
538         for (logical = 0; logical < s->nb_blocks; logical++) {
539                 block = s->VUtable[logical];
540                 if (block > s->nb_blocks)
541                         continue;
542                 printk("  LOGICAL %d --> %d ", logical, block);
543                 for (i = 0; i < s->nb_blocks; i++) {
544                         if (s->PUtable[block] == BLOCK_NIL)
545                                 break;
546                         block = s->PUtable[block];
547                         printk("%d ", block);
548                 }
549                 printk("\n");
550         }
551
552         printk("-------------------------------------------"
553                 "----------------------------------\n");
554 }
555
556 int INFTL_mount(struct INFTLrecord *s)
557 {
558         struct mtd_info *mtd = s->mbd.mtd;
559         unsigned int block, first_block, prev_block, last_block;
560         unsigned int first_logical_block, logical_block, erase_mark;
561         int chain_length, do_format_chain;
562         struct inftl_unithead1 h0;
563         struct inftl_unittail h1;
564         size_t retlen;
565         int i;
566         u8 *ANACtable, ANAC;
567
568         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_mount(inftl=%p)\n", s);
569
570         /* Search for INFTL MediaHeader and Spare INFTL Media Header */
571         if (find_boot_record(s) < 0) {
572                 printk(KERN_WARNING "INFTL: could not find valid boot record?\n");
573                 return -ENXIO;
574         }
575
576         /* Init the logical to physical table */
577         for (i = 0; i < s->nb_blocks; i++)
578                 s->VUtable[i] = BLOCK_NIL;
579
580         logical_block = block = BLOCK_NIL;
581
582         /* Temporary buffer to store ANAC numbers. */
583         ANACtable = kcalloc(s->nb_blocks, sizeof(u8), GFP_KERNEL);
584         if (!ANACtable) {
585                 printk(KERN_WARNING "INFTL: allocation of ANACtable "
586                                 "failed (%zd bytes)\n",
587                                 s->nb_blocks * sizeof(u8));
588                 return -ENOMEM;
589         }
590
591         /*
592          * First pass is to explore each physical unit, and construct the
593          * virtual chains that exist (newest physical unit goes into VUtable).
594          * Any block that is in any way invalid will be left in the
595          * NOTEXPLORED state. Then at the end we will try to format it and
596          * mark it as free.
597          */
598         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 1, explore each unit\n");
599         for (first_block = s->firstEUN; first_block <= s->lastEUN; first_block++) {
600                 if (s->PUtable[first_block] != BLOCK_NOTEXPLORED)
601                         continue;
602
603                 do_format_chain = 0;
604                 first_logical_block = BLOCK_NIL;
605                 last_block = BLOCK_NIL;
606                 block = first_block;
607
608                 for (chain_length = 0; ; chain_length++) {
609
610                         if ((chain_length == 0) &&
611                             (s->PUtable[block] != BLOCK_NOTEXPLORED)) {
612                                 /* Nothing to do here, onto next block */
613                                 break;
614                         }
615
616                         if (inftl_read_oob(mtd, block * s->EraseSize + 8,
617                                            8, &retlen, (char *)&h0) < 0 ||
618                             inftl_read_oob(mtd, block * s->EraseSize +
619                                            2 * SECTORSIZE + 8, 8, &retlen,
620                                            (char *)&h1) < 0) {
621                                 /* Should never happen? */
622                                 do_format_chain++;
623                                 break;
624                         }
625
626                         logical_block = le16_to_cpu(h0.virtualUnitNo);
627                         prev_block = le16_to_cpu(h0.prevUnitNo);
628                         erase_mark = le16_to_cpu((h1.EraseMark | h1.EraseMark1));
629                         ANACtable[block] = h0.ANAC;
630
631                         /* Previous block is relative to start of Partition */
632                         if (prev_block < s->nb_blocks)
633                                 prev_block += s->firstEUN;
634
635                         /* Already explored partial chain? */
636                         if (s->PUtable[block] != BLOCK_NOTEXPLORED) {
637                                 /* Check if chain for this logical */
638                                 if (logical_block == first_logical_block) {
639                                         if (last_block != BLOCK_NIL)
640                                                 s->PUtable[last_block] = block;
641                                 }
642                                 break;
643                         }
644
645                         /* Check for invalid block */
646                         if (erase_mark != ERASE_MARK) {
647                                 printk(KERN_WARNING "INFTL: corrupt block %d "
648                                         "in chain %d, chain length %d, erase "
649                                         "mark 0x%x?\n", block, first_block,
650                                         chain_length, erase_mark);
651                                 /*
652                                  * Assume end of chain, probably incomplete
653                                  * fold/erase...
654                                  */
655                                 if (chain_length == 0)
656                                         do_format_chain++;
657                                 break;
658                         }
659
660                         /* Check for it being free already then... */
661                         if ((logical_block == BLOCK_FREE) ||
662                             (logical_block == BLOCK_NIL)) {
663                                 s->PUtable[block] = BLOCK_FREE;
664                                 break;
665                         }
666
667                         /* Sanity checks on block numbers */
668                         if ((logical_block >= s->nb_blocks) ||
669                             ((prev_block >= s->nb_blocks) &&
670                              (prev_block != BLOCK_NIL))) {
671                                 if (chain_length > 0) {
672                                         printk(KERN_WARNING "INFTL: corrupt "
673                                                 "block %d in chain %d?\n",
674                                                 block, first_block);
675                                         do_format_chain++;
676                                 }
677                                 break;
678                         }
679
680                         if (first_logical_block == BLOCK_NIL) {
681                                 first_logical_block = logical_block;
682                         } else {
683                                 if (first_logical_block != logical_block) {
684                                         /* Normal for folded chain... */
685                                         break;
686                                 }
687                         }
688
689                         /*
690                          * Current block is valid, so if we followed a virtual
691                          * chain to get here then we can set the previous
692                          * block pointer in our PUtable now. Then move onto
693                          * the previous block in the chain.
694                          */
695                         s->PUtable[block] = BLOCK_NIL;
696                         if (last_block != BLOCK_NIL)
697                                 s->PUtable[last_block] = block;
698                         last_block = block;
699                         block = prev_block;
700
701                         /* Check for end of chain */
702                         if (block == BLOCK_NIL)
703                                 break;
704
705                         /* Validate next block before following it... */
706                         if (block > s->lastEUN) {
707                                 printk(KERN_WARNING "INFTL: invalid previous "
708                                         "block %d in chain %d?\n", block,
709                                         first_block);
710                                 do_format_chain++;
711                                 break;
712                         }
713                 }
714
715                 if (do_format_chain) {
716                         format_chain(s, first_block);
717                         continue;
718                 }
719
720                 /*
721                  * Looks like a valid chain then. It may not really be the
722                  * newest block in the chain, but it is the newest we have
723                  * found so far. We might update it in later iterations of
724                  * this loop if we find something newer.
725                  */
726                 s->VUtable[first_logical_block] = first_block;
727                 logical_block = BLOCK_NIL;
728         }
729
730 #ifdef CONFIG_MTD_DEBUG_VERBOSE
731         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
732                 INFTL_dumptables(s);
733 #endif
734
735         /*
736          * Second pass, check for infinite loops in chains. These are
737          * possible because we don't update the previous pointers when
738          * we fold chains. No big deal, just fix them up in PUtable.
739          */
740         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 2, validate virtual chains\n");
741         for (logical_block = 0; logical_block < s->numvunits; logical_block++) {
742                 block = s->VUtable[logical_block];
743                 last_block = BLOCK_NIL;
744
745                 /* Check for free/reserved/nil */
746                 if (block >= BLOCK_RESERVED)
747                         continue;
748
749                 ANAC = ANACtable[block];
750                 for (i = 0; i < s->numvunits; i++) {
751                         if (s->PUtable[block] == BLOCK_NIL)
752                                 break;
753                         if (s->PUtable[block] > s->lastEUN) {
754                                 printk(KERN_WARNING "INFTL: invalid prev %d, "
755                                         "in virtual chain %d\n",
756                                         s->PUtable[block], logical_block);
757                                 s->PUtable[block] = BLOCK_NIL;
758
759                         }
760                         if (ANACtable[block] != ANAC) {
761                                 /*
762                                  * Chain must point back to itself. This is ok,
763                                  * but we will need adjust the tables with this
764                                  * newest block and oldest block.
765                                  */
766                                 s->VUtable[logical_block] = block;
767                                 s->PUtable[last_block] = BLOCK_NIL;
768                                 break;
769                         }
770
771                         ANAC--;
772                         last_block = block;
773                         block = s->PUtable[block];
774                 }
775
776                 if (i >= s->nb_blocks) {
777                         /*
778                          * Uhoo, infinite chain with valid ANACS!
779                          * Format whole chain...
780                          */
781                         format_chain(s, first_block);
782                 }
783         }
784
785 #ifdef CONFIG_MTD_DEBUG_VERBOSE
786         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
787                 INFTL_dumptables(s);
788         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
789                 INFTL_dumpVUchains(s);
790 #endif
791
792         /*
793          * Third pass, format unreferenced blocks and init free block count.
794          */
795         s->numfreeEUNs = 0;
796         s->LastFreeEUN = BLOCK_NIL;
797
798         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 3, format unused blocks\n");
799         for (block = s->firstEUN; block <= s->lastEUN; block++) {
800                 if (s->PUtable[block] == BLOCK_NOTEXPLORED) {
801                         printk("INFTL: unreferenced block %d, formatting it\n",
802                                 block);
803                         if (INFTL_formatblock(s, block) < 0)
804                                 s->PUtable[block] = BLOCK_RESERVED;
805                         else
806                                 s->PUtable[block] = BLOCK_FREE;
807                 }
808                 if (s->PUtable[block] == BLOCK_FREE) {
809                         s->numfreeEUNs++;
810                         if (s->LastFreeEUN == BLOCK_NIL)
811                                 s->LastFreeEUN = block;
812                 }
813         }
814
815         kfree(ANACtable);
816         return 0;
817 }