]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - fs/jffs2/wbuf.c
Merge branches 'for-4.4/upstream-fixes', 'for-4.5/async-suspend', 'for-4.5/container...
[mirror_ubuntu-artful-kernel.git] / fs / jffs2 / wbuf.c
CommitLineData
1da177e4
LT
1/*
2 * JFFS2 -- Journalling Flash File System, Version 2.
3 *
c00c310e
DW
4 * Copyright © 2001-2007 Red Hat, Inc.
5 * Copyright © 2004 Thomas Gleixner <tglx@linutronix.de>
1da177e4
LT
6 *
7 * Created by David Woodhouse <dwmw2@infradead.org>
8 * Modified debugged and enhanced by Thomas Gleixner <tglx@linutronix.de>
9 *
10 * For licensing information, see the file 'LICENCE' in this directory.
11 *
1da177e4
LT
12 */
13
5a528957
JP
14#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
15
1da177e4
LT
16#include <linux/kernel.h>
17#include <linux/slab.h>
18#include <linux/mtd/mtd.h>
19#include <linux/crc32.h>
20#include <linux/mtd/nand.h>
4e57b681 21#include <linux/jiffies.h>
914e2637 22#include <linux/sched.h>
8bdc81c5 23#include <linux/writeback.h>
4e57b681 24
1da177e4
LT
25#include "nodelist.h"
26
27/* For testing write failures */
28#undef BREAKME
29#undef BREAKMEHEADER
30
31#ifdef BREAKME
32static unsigned char *brokenbuf;
33#endif
34
daba5cc4
AB
35#define PAGE_DIV(x) ( ((unsigned long)(x) / (unsigned long)(c->wbuf_pagesize)) * (unsigned long)(c->wbuf_pagesize) )
36#define PAGE_MOD(x) ( (unsigned long)(x) % (unsigned long)(c->wbuf_pagesize) )
37
1da177e4
LT
38/* max. erase failures before we mark a block bad */
39#define MAX_ERASE_FAILURES 2
40
1da177e4
LT
41struct jffs2_inodirty {
42 uint32_t ino;
43 struct jffs2_inodirty *next;
44};
45
46static struct jffs2_inodirty inodirty_nomem;
47
48static int jffs2_wbuf_pending_for_ino(struct jffs2_sb_info *c, uint32_t ino)
49{
50 struct jffs2_inodirty *this = c->wbuf_inodes;
51
52 /* If a malloc failed, consider _everything_ dirty */
53 if (this == &inodirty_nomem)
54 return 1;
55
56 /* If ino == 0, _any_ non-GC writes mean 'yes' */
57 if (this && !ino)
58 return 1;
59
60 /* Look to see if the inode in question is pending in the wbuf */
61 while (this) {
62 if (this->ino == ino)
63 return 1;
64 this = this->next;
65 }
66 return 0;
67}
68
69static void jffs2_clear_wbuf_ino_list(struct jffs2_sb_info *c)
70{
71 struct jffs2_inodirty *this;
72
73 this = c->wbuf_inodes;
74
75 if (this != &inodirty_nomem) {
76 while (this) {
77 struct jffs2_inodirty *next = this->next;
78 kfree(this);
79 this = next;
80 }
81 }
82 c->wbuf_inodes = NULL;
83}
84
85static void jffs2_wbuf_dirties_inode(struct jffs2_sb_info *c, uint32_t ino)
86{
87 struct jffs2_inodirty *new;
88
8bdc81c5 89 /* Schedule delayed write-buffer write-out */
64a5c2eb 90 jffs2_dirty_trigger(c);
1da177e4
LT
91
92 if (jffs2_wbuf_pending_for_ino(c, ino))
93 return;
94
95 new = kmalloc(sizeof(*new), GFP_KERNEL);
96 if (!new) {
9c261b33 97 jffs2_dbg(1, "No memory to allocate inodirty. Fallback to all considered dirty\n");
1da177e4
LT
98 jffs2_clear_wbuf_ino_list(c);
99 c->wbuf_inodes = &inodirty_nomem;
100 return;
101 }
102 new->ino = ino;
103 new->next = c->wbuf_inodes;
104 c->wbuf_inodes = new;
105 return;
106}
107
108static inline void jffs2_refile_wbuf_blocks(struct jffs2_sb_info *c)
109{
110 struct list_head *this, *next;
111 static int n;
112
113 if (list_empty(&c->erasable_pending_wbuf_list))
114 return;
115
116 list_for_each_safe(this, next, &c->erasable_pending_wbuf_list) {
117 struct jffs2_eraseblock *jeb = list_entry(this, struct jffs2_eraseblock, list);
118
9c261b33
JP
119 jffs2_dbg(1, "Removing eraseblock at 0x%08x from erasable_pending_wbuf_list...\n",
120 jeb->offset);
1da177e4
LT
121 list_del(this);
122 if ((jiffies + (n++)) & 127) {
123 /* Most of the time, we just erase it immediately. Otherwise we
124 spend ages scanning it on mount, etc. */
9c261b33 125 jffs2_dbg(1, "...and adding to erase_pending_list\n");
1da177e4
LT
126 list_add_tail(&jeb->list, &c->erase_pending_list);
127 c->nr_erasing_blocks++;
ae3b6ba0 128 jffs2_garbage_collect_trigger(c);
1da177e4
LT
129 } else {
130 /* Sometimes, however, we leave it elsewhere so it doesn't get
131 immediately reused, and we spread the load a bit. */
9c261b33 132 jffs2_dbg(1, "...and adding to erasable_list\n");
1da177e4
LT
133 list_add_tail(&jeb->list, &c->erasable_list);
134 }
135 }
136}
137
7f716cf3
EH
138#define REFILE_NOTEMPTY 0
139#define REFILE_ANYWAY 1
140
141static void jffs2_block_refile(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, int allow_empty)
1da177e4 142{
9c261b33 143 jffs2_dbg(1, "About to refile bad block at %08x\n", jeb->offset);
1da177e4 144
1da177e4
LT
145 /* File the existing block on the bad_used_list.... */
146 if (c->nextblock == jeb)
147 c->nextblock = NULL;
148 else /* Not sure this should ever happen... need more coffee */
149 list_del(&jeb->list);
150 if (jeb->first_node) {
9c261b33
JP
151 jffs2_dbg(1, "Refiling block at %08x to bad_used_list\n",
152 jeb->offset);
1da177e4
LT
153 list_add(&jeb->list, &c->bad_used_list);
154 } else {
9b88f473 155 BUG_ON(allow_empty == REFILE_NOTEMPTY);
1da177e4 156 /* It has to have had some nodes or we couldn't be here */
9c261b33
JP
157 jffs2_dbg(1, "Refiling block at %08x to erase_pending_list\n",
158 jeb->offset);
1da177e4
LT
159 list_add(&jeb->list, &c->erase_pending_list);
160 c->nr_erasing_blocks++;
ae3b6ba0 161 jffs2_garbage_collect_trigger(c);
1da177e4 162 }
1da177e4 163
9bfeb691
DW
164 if (!jffs2_prealloc_raw_node_refs(c, jeb, 1)) {
165 uint32_t oldfree = jeb->free_size;
166
167 jffs2_link_node_ref(c, jeb,
168 (jeb->offset+c->sector_size-oldfree) | REF_OBSOLETE,
169 oldfree, NULL);
170 /* convert to wasted */
171 c->wasted_size += oldfree;
172 jeb->wasted_size += oldfree;
173 c->dirty_size -= oldfree;
174 jeb->dirty_size -= oldfree;
175 }
1da177e4 176
e0c8e42f
AB
177 jffs2_dbg_dump_block_lists_nolock(c);
178 jffs2_dbg_acct_sanity_check_nolock(c,jeb);
179 jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
1da177e4
LT
180}
181
9bfeb691
DW
182static struct jffs2_raw_node_ref **jffs2_incore_replace_raw(struct jffs2_sb_info *c,
183 struct jffs2_inode_info *f,
184 struct jffs2_raw_node_ref *raw,
185 union jffs2_node_union *node)
186{
187 struct jffs2_node_frag *frag;
188 struct jffs2_full_dirent *fd;
189
190 dbg_noderef("incore_replace_raw: node at %p is {%04x,%04x}\n",
191 node, je16_to_cpu(node->u.magic), je16_to_cpu(node->u.nodetype));
192
193 BUG_ON(je16_to_cpu(node->u.magic) != 0x1985 &&
194 je16_to_cpu(node->u.magic) != 0);
195
196 switch (je16_to_cpu(node->u.nodetype)) {
197 case JFFS2_NODETYPE_INODE:
ddc58bd6
DW
198 if (f->metadata && f->metadata->raw == raw) {
199 dbg_noderef("Will replace ->raw in f->metadata at %p\n", f->metadata);
200 return &f->metadata->raw;
201 }
9bfeb691
DW
202 frag = jffs2_lookup_node_frag(&f->fragtree, je32_to_cpu(node->i.offset));
203 BUG_ON(!frag);
204 /* Find a frag which refers to the full_dnode we want to modify */
205 while (!frag->node || frag->node->raw != raw) {
206 frag = frag_next(frag);
207 BUG_ON(!frag);
208 }
209 dbg_noderef("Will replace ->raw in full_dnode at %p\n", frag->node);
210 return &frag->node->raw;
9bfeb691
DW
211
212 case JFFS2_NODETYPE_DIRENT:
213 for (fd = f->dents; fd; fd = fd->next) {
214 if (fd->raw == raw) {
215 dbg_noderef("Will replace ->raw in full_dirent at %p\n", fd);
216 return &fd->raw;
217 }
218 }
219 BUG();
ddc58bd6 220
9bfeb691
DW
221 default:
222 dbg_noderef("Don't care about replacing raw for nodetype %x\n",
223 je16_to_cpu(node->u.nodetype));
224 break;
225 }
226 return NULL;
227}
228
a6bc432e
DW
229#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
230static int jffs2_verify_write(struct jffs2_sb_info *c, unsigned char *buf,
231 uint32_t ofs)
232{
233 int ret;
234 size_t retlen;
235 char *eccstr;
236
329ad399 237 ret = mtd_read(c->mtd, ofs, c->wbuf_pagesize, &retlen, c->wbuf_verify);
a6bc432e 238 if (ret && ret != -EUCLEAN && ret != -EBADMSG) {
da320f05
JP
239 pr_warn("%s(): Read back of page at %08x failed: %d\n",
240 __func__, c->wbuf_ofs, ret);
a6bc432e
DW
241 return ret;
242 } else if (retlen != c->wbuf_pagesize) {
da320f05
JP
243 pr_warn("%s(): Read back of page at %08x gave short read: %zd not %d\n",
244 __func__, ofs, retlen, c->wbuf_pagesize);
a6bc432e
DW
245 return -EIO;
246 }
247 if (!memcmp(buf, c->wbuf_verify, c->wbuf_pagesize))
248 return 0;
249
250 if (ret == -EUCLEAN)
251 eccstr = "corrected";
252 else if (ret == -EBADMSG)
253 eccstr = "correction failed";
254 else
255 eccstr = "OK or unused";
256
da320f05
JP
257 pr_warn("Write verify error (ECC %s) at %08x. Wrote:\n",
258 eccstr, c->wbuf_ofs);
a6bc432e
DW
259 print_hex_dump(KERN_WARNING, "", DUMP_PREFIX_OFFSET, 16, 1,
260 c->wbuf, c->wbuf_pagesize, 0);
261
da320f05 262 pr_warn("Read back:\n");
a6bc432e
DW
263 print_hex_dump(KERN_WARNING, "", DUMP_PREFIX_OFFSET, 16, 1,
264 c->wbuf_verify, c->wbuf_pagesize, 0);
265
266 return -EIO;
267}
268#else
269#define jffs2_verify_write(c,b,o) (0)
270#endif
271
1da177e4
LT
272/* Recover from failure to write wbuf. Recover the nodes up to the
273 * wbuf, not the one which we were starting to try to write. */
274
275static void jffs2_wbuf_recover(struct jffs2_sb_info *c)
276{
277 struct jffs2_eraseblock *jeb, *new_jeb;
9bfeb691 278 struct jffs2_raw_node_ref *raw, *next, *first_raw = NULL;
1da177e4
LT
279 size_t retlen;
280 int ret;
9bfeb691 281 int nr_refile = 0;
1da177e4
LT
282 unsigned char *buf;
283 uint32_t start, end, ofs, len;
284
046b8b98
DW
285 jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
286
1da177e4 287 spin_lock(&c->erase_completion_lock);
180bfb31
VW
288 if (c->wbuf_ofs % c->mtd->erasesize)
289 jffs2_block_refile(c, jeb, REFILE_NOTEMPTY);
290 else
291 jffs2_block_refile(c, jeb, REFILE_ANYWAY);
9bfeb691
DW
292 spin_unlock(&c->erase_completion_lock);
293
294 BUG_ON(!ref_obsolete(jeb->last_node));
1da177e4
LT
295
296 /* Find the first node to be recovered, by skipping over every
297 node which ends before the wbuf starts, or which is obsolete. */
9bfeb691
DW
298 for (next = raw = jeb->first_node; next; raw = next) {
299 next = ref_next(raw);
300
301 if (ref_obsolete(raw) ||
302 (next && ref_offset(next) <= c->wbuf_ofs)) {
303 dbg_noderef("Skipping node at 0x%08x(%d)-0x%08x which is either before 0x%08x or obsolete\n",
304 ref_offset(raw), ref_flags(raw),
305 (ref_offset(raw) + ref_totlen(c, jeb, raw)),
306 c->wbuf_ofs);
307 continue;
308 }
309 dbg_noderef("First node to be recovered is at 0x%08x(%d)-0x%08x\n",
310 ref_offset(raw), ref_flags(raw),
311 (ref_offset(raw) + ref_totlen(c, jeb, raw)));
312
313 first_raw = raw;
314 break;
315 }
316
317 if (!first_raw) {
1da177e4 318 /* All nodes were obsolete. Nothing to recover. */
9c261b33 319 jffs2_dbg(1, "No non-obsolete nodes to be recovered. Just filing block bad\n");
9bfeb691 320 c->wbuf_len = 0;
1da177e4
LT
321 return;
322 }
323
9bfeb691
DW
324 start = ref_offset(first_raw);
325 end = ref_offset(jeb->last_node);
326 nr_refile = 1;
1da177e4 327
9bfeb691
DW
328 /* Count the number of refs which need to be copied */
329 while ((raw = ref_next(raw)) != jeb->last_node)
330 nr_refile++;
1da177e4 331
9bfeb691
DW
332 dbg_noderef("wbuf recover %08x-%08x (%d bytes in %d nodes)\n",
333 start, end, end - start, nr_refile);
1da177e4
LT
334
335 buf = NULL;
336 if (start < c->wbuf_ofs) {
337 /* First affected node was already partially written.
338 * Attempt to reread the old data into our buffer. */
339
340 buf = kmalloc(end - start, GFP_KERNEL);
341 if (!buf) {
da320f05 342 pr_crit("Malloc failure in wbuf recovery. Data loss ensues.\n");
1da177e4
LT
343
344 goto read_failed;
345 }
346
347 /* Do the read... */
329ad399
AB
348 ret = mtd_read(c->mtd, start, c->wbuf_ofs - start, &retlen,
349 buf);
182ec4ee 350
9a1fcdfd
TG
351 /* ECC recovered ? */
352 if ((ret == -EUCLEAN || ret == -EBADMSG) &&
353 (retlen == c->wbuf_ofs - start))
1da177e4 354 ret = 0;
9a1fcdfd 355
1da177e4 356 if (ret || retlen != c->wbuf_ofs - start) {
da320f05 357 pr_crit("Old data are already lost in wbuf recovery. Data loss ensues.\n");
1da177e4
LT
358
359 kfree(buf);
360 buf = NULL;
361 read_failed:
9bfeb691
DW
362 first_raw = ref_next(first_raw);
363 nr_refile--;
364 while (first_raw && ref_obsolete(first_raw)) {
365 first_raw = ref_next(first_raw);
366 nr_refile--;
367 }
368
1da177e4 369 /* If this was the only node to be recovered, give up */
9bfeb691
DW
370 if (!first_raw) {
371 c->wbuf_len = 0;
1da177e4 372 return;
9bfeb691 373 }
1da177e4
LT
374
375 /* It wasn't. Go on and try to recover nodes complete in the wbuf */
9bfeb691
DW
376 start = ref_offset(first_raw);
377 dbg_noderef("wbuf now recover %08x-%08x (%d bytes in %d nodes)\n",
378 start, end, end - start, nr_refile);
379
1da177e4
LT
380 } else {
381 /* Read succeeded. Copy the remaining data from the wbuf */
382 memcpy(buf + (c->wbuf_ofs - start), c->wbuf, end - c->wbuf_ofs);
383 }
384 }
385 /* OK... we're to rewrite (end-start) bytes of data from first_raw onwards.
386 Either 'buf' contains the data, or we find it in the wbuf */
387
1da177e4 388 /* ... and get an allocation of space from a shiny new block instead */
9fe4854c 389 ret = jffs2_reserve_space_gc(c, end-start, &len, JFFS2_SUMMARY_NOSUM_SIZE);
1da177e4 390 if (ret) {
da320f05 391 pr_warn("Failed to allocate space for wbuf recovery. Data loss ensues.\n");
9b88f473 392 kfree(buf);
1da177e4
LT
393 return;
394 }
9bfeb691 395
7f762ab2
AH
396 /* The summary is not recovered, so it must be disabled for this erase block */
397 jffs2_sum_disable_collecting(c->summary);
398
9bfeb691
DW
399 ret = jffs2_prealloc_raw_node_refs(c, c->nextblock, nr_refile);
400 if (ret) {
da320f05 401 pr_warn("Failed to allocate node refs for wbuf recovery. Data loss ensues.\n");
9bfeb691
DW
402 kfree(buf);
403 return;
404 }
405
9fe4854c
DW
406 ofs = write_ofs(c);
407
1da177e4 408 if (end-start >= c->wbuf_pagesize) {
7f716cf3 409 /* Need to do another write immediately, but it's possible
9b88f473 410 that this is just because the wbuf itself is completely
182ec4ee
TG
411 full, and there's nothing earlier read back from the
412 flash. Hence 'buf' isn't necessarily what we're writing
9b88f473 413 from. */
7f716cf3 414 unsigned char *rewrite_buf = buf?:c->wbuf;
1da177e4
LT
415 uint32_t towrite = (end-start) - ((end-start)%c->wbuf_pagesize);
416
9c261b33
JP
417 jffs2_dbg(1, "Write 0x%x bytes at 0x%08x in wbuf recover\n",
418 towrite, ofs);
182ec4ee 419
1da177e4
LT
420#ifdef BREAKMEHEADER
421 static int breakme;
422 if (breakme++ == 20) {
da320f05 423 pr_notice("Faking write error at 0x%08x\n", ofs);
1da177e4 424 breakme = 0;
eda95cbf 425 mtd_write(c->mtd, ofs, towrite, &retlen, brokenbuf);
1da177e4
LT
426 ret = -EIO;
427 } else
428#endif
eda95cbf
AB
429 ret = mtd_write(c->mtd, ofs, towrite, &retlen,
430 rewrite_buf);
1da177e4 431
a6bc432e 432 if (ret || retlen != towrite || jffs2_verify_write(c, rewrite_buf, ofs)) {
1da177e4 433 /* Argh. We tried. Really we did. */
da320f05 434 pr_crit("Recovery of wbuf failed due to a second write error\n");
9b88f473 435 kfree(buf);
1da177e4 436
2f785402 437 if (retlen)
9bfeb691 438 jffs2_add_physical_node_ref(c, ofs | REF_OBSOLETE, ref_totlen(c, jeb, first_raw), NULL);
1da177e4 439
1da177e4
LT
440 return;
441 }
da320f05 442 pr_notice("Recovery of wbuf succeeded to %08x\n", ofs);
1da177e4
LT
443
444 c->wbuf_len = (end - start) - towrite;
445 c->wbuf_ofs = ofs + towrite;
7f716cf3 446 memmove(c->wbuf, rewrite_buf + towrite, c->wbuf_len);
1da177e4 447 /* Don't muck about with c->wbuf_inodes. False positives are harmless. */
1da177e4
LT
448 } else {
449 /* OK, now we're left with the dregs in whichever buffer we're using */
450 if (buf) {
451 memcpy(c->wbuf, buf, end-start);
1da177e4
LT
452 } else {
453 memmove(c->wbuf, c->wbuf + (start - c->wbuf_ofs), end - start);
454 }
455 c->wbuf_ofs = ofs;
456 c->wbuf_len = end - start;
457 }
458
459 /* Now sort out the jffs2_raw_node_refs, moving them from the old to the next block */
460 new_jeb = &c->blocks[ofs / c->sector_size];
461
462 spin_lock(&c->erase_completion_lock);
9bfeb691
DW
463 for (raw = first_raw; raw != jeb->last_node; raw = ref_next(raw)) {
464 uint32_t rawlen = ref_totlen(c, jeb, raw);
465 struct jffs2_inode_cache *ic;
466 struct jffs2_raw_node_ref *new_ref;
467 struct jffs2_raw_node_ref **adjust_ref = NULL;
468 struct jffs2_inode_info *f = NULL;
1da177e4 469
9c261b33
JP
470 jffs2_dbg(1, "Refiling block of %08x at %08x(%d) to %08x\n",
471 rawlen, ref_offset(raw), ref_flags(raw), ofs);
9bfeb691
DW
472
473 ic = jffs2_raw_ref_to_ic(raw);
474
475 /* Ick. This XATTR mess should be fixed shortly... */
476 if (ic && ic->class == RAWNODE_CLASS_XATTR_DATUM) {
477 struct jffs2_xattr_datum *xd = (void *)ic;
478 BUG_ON(xd->node != raw);
479 adjust_ref = &xd->node;
480 raw->next_in_ino = NULL;
481 ic = NULL;
482 } else if (ic && ic->class == RAWNODE_CLASS_XATTR_REF) {
483 struct jffs2_xattr_datum *xr = (void *)ic;
484 BUG_ON(xr->node != raw);
485 adjust_ref = &xr->node;
486 raw->next_in_ino = NULL;
487 ic = NULL;
488 } else if (ic && ic->class == RAWNODE_CLASS_INODE_CACHE) {
489 struct jffs2_raw_node_ref **p = &ic->nodes;
490
491 /* Remove the old node from the per-inode list */
492 while (*p && *p != (void *)ic) {
493 if (*p == raw) {
494 (*p) = (raw->next_in_ino);
495 raw->next_in_ino = NULL;
496 break;
497 }
498 p = &((*p)->next_in_ino);
499 }
1da177e4 500
9bfeb691
DW
501 if (ic->state == INO_STATE_PRESENT && !ref_obsolete(raw)) {
502 /* If it's an in-core inode, then we have to adjust any
503 full_dirent or full_dnode structure to point to the
504 new version instead of the old */
27c72b04 505 f = jffs2_gc_fetch_inode(c, ic->ino, !ic->pino_nlink);
9bfeb691
DW
506 if (IS_ERR(f)) {
507 /* Should never happen; it _must_ be present */
508 JFFS2_ERROR("Failed to iget() ino #%u, err %ld\n",
509 ic->ino, PTR_ERR(f));
510 BUG();
511 }
512 /* We don't lock f->sem. There's a number of ways we could
513 end up in here with it already being locked, and nobody's
514 going to modify it on us anyway because we hold the
515 alloc_sem. We're only changing one ->raw pointer too,
516 which we can get away with without upsetting readers. */
517 adjust_ref = jffs2_incore_replace_raw(c, f, raw,
518 (void *)(buf?:c->wbuf) + (ref_offset(raw) - start));
519 } else if (unlikely(ic->state != INO_STATE_PRESENT &&
520 ic->state != INO_STATE_CHECKEDABSENT &&
521 ic->state != INO_STATE_GC)) {
522 JFFS2_ERROR("Inode #%u is in strange state %d!\n", ic->ino, ic->state);
523 BUG();
524 }
525 }
526
527 new_ref = jffs2_link_node_ref(c, new_jeb, ofs | ref_flags(raw), rawlen, ic);
528
529 if (adjust_ref) {
530 BUG_ON(*adjust_ref != raw);
531 *adjust_ref = new_ref;
532 }
533 if (f)
534 jffs2_gc_release_inode(c, f);
535
536 if (!ref_obsolete(raw)) {
1da177e4
LT
537 jeb->dirty_size += rawlen;
538 jeb->used_size -= rawlen;
539 c->dirty_size += rawlen;
9bfeb691
DW
540 c->used_size -= rawlen;
541 raw->flash_offset = ref_offset(raw) | REF_OBSOLETE;
542 BUG_ON(raw->next_in_ino);
1da177e4 543 }
1da177e4 544 ofs += rawlen;
1da177e4
LT
545 }
546
9bfeb691
DW
547 kfree(buf);
548
1da177e4 549 /* Fix up the original jeb now it's on the bad_list */
9bfeb691 550 if (first_raw == jeb->first_node) {
9c261b33
JP
551 jffs2_dbg(1, "Failing block at %08x is now empty. Moving to erase_pending_list\n",
552 jeb->offset);
f116629d 553 list_move(&jeb->list, &c->erase_pending_list);
1da177e4 554 c->nr_erasing_blocks++;
ae3b6ba0 555 jffs2_garbage_collect_trigger(c);
1da177e4 556 }
1da177e4 557
e0c8e42f 558 jffs2_dbg_acct_sanity_check_nolock(c, jeb);
9bfeb691 559 jffs2_dbg_acct_paranoia_check_nolock(c, jeb);
1da177e4 560
e0c8e42f 561 jffs2_dbg_acct_sanity_check_nolock(c, new_jeb);
9bfeb691 562 jffs2_dbg_acct_paranoia_check_nolock(c, new_jeb);
1da177e4
LT
563
564 spin_unlock(&c->erase_completion_lock);
565
9c261b33
JP
566 jffs2_dbg(1, "wbuf recovery completed OK. wbuf_ofs 0x%08x, len 0x%x\n",
567 c->wbuf_ofs, c->wbuf_len);
9bfeb691 568
1da177e4
LT
569}
570
571/* Meaning of pad argument:
572 0: Do not pad. Probably pointless - we only ever use this when we can't pad anyway.
573 1: Pad, do not adjust nextblock free_size
574 2: Pad, adjust nextblock free_size
575*/
576#define NOPAD 0
577#define PAD_NOACCOUNT 1
578#define PAD_ACCOUNTING 2
579
580static int __jffs2_flush_wbuf(struct jffs2_sb_info *c, int pad)
581{
9bfeb691 582 struct jffs2_eraseblock *wbuf_jeb;
1da177e4
LT
583 int ret;
584 size_t retlen;
585
3be36675 586 /* Nothing to do if not write-buffering the flash. In particular, we shouldn't
1da177e4 587 del_timer() the timer we never initialised. */
3be36675 588 if (!jffs2_is_writebuffered(c))
1da177e4
LT
589 return 0;
590
51b11e36 591 if (!mutex_is_locked(&c->alloc_sem)) {
da320f05 592 pr_crit("jffs2_flush_wbuf() called with alloc_sem not locked!\n");
1da177e4
LT
593 BUG();
594 }
595
3be36675 596 if (!c->wbuf_len) /* already checked c->wbuf above */
1da177e4
LT
597 return 0;
598
9bfeb691
DW
599 wbuf_jeb = &c->blocks[c->wbuf_ofs / c->sector_size];
600 if (jffs2_prealloc_raw_node_refs(c, wbuf_jeb, c->nextblock->allocated_refs + 1))
2f785402
DW
601 return -ENOMEM;
602
1da177e4
LT
603 /* claim remaining space on the page
604 this happens, if we have a change to a new block,
605 or if fsync forces us to flush the writebuffer.
606 if we have a switch to next page, we will not have
182ec4ee 607 enough remaining space for this.
1da177e4 608 */
daba5cc4 609 if (pad ) {
1da177e4
LT
610 c->wbuf_len = PAD(c->wbuf_len);
611
612 /* Pad with JFFS2_DIRTY_BITMASK initially. this helps out ECC'd NOR
613 with 8 byte page size */
614 memset(c->wbuf + c->wbuf_len, 0, c->wbuf_pagesize - c->wbuf_len);
182ec4ee 615
1da177e4
LT
616 if ( c->wbuf_len + sizeof(struct jffs2_unknown_node) < c->wbuf_pagesize) {
617 struct jffs2_unknown_node *padnode = (void *)(c->wbuf + c->wbuf_len);
618 padnode->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
619 padnode->nodetype = cpu_to_je16(JFFS2_NODETYPE_PADDING);
620 padnode->totlen = cpu_to_je32(c->wbuf_pagesize - c->wbuf_len);
621 padnode->hdr_crc = cpu_to_je32(crc32(0, padnode, sizeof(*padnode)-4));
622 }
623 }
624 /* else jffs2_flash_writev has actually filled in the rest of the
625 buffer for us, and will deal with the node refs etc. later. */
182ec4ee 626
1da177e4
LT
627#ifdef BREAKME
628 static int breakme;
629 if (breakme++ == 20) {
da320f05 630 pr_notice("Faking write error at 0x%08x\n", c->wbuf_ofs);
1da177e4 631 breakme = 0;
eda95cbf
AB
632 mtd_write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize, &retlen,
633 brokenbuf);
1da177e4 634 ret = -EIO;
182ec4ee 635 } else
1da177e4 636#endif
182ec4ee 637
eda95cbf
AB
638 ret = mtd_write(c->mtd, c->wbuf_ofs, c->wbuf_pagesize,
639 &retlen, c->wbuf);
1da177e4 640
a6bc432e 641 if (ret) {
da320f05 642 pr_warn("jffs2_flush_wbuf(): Write failed with %d\n", ret);
a6bc432e
DW
643 goto wfail;
644 } else if (retlen != c->wbuf_pagesize) {
da320f05
JP
645 pr_warn("jffs2_flush_wbuf(): Write was short: %zd instead of %d\n",
646 retlen, c->wbuf_pagesize);
a6bc432e
DW
647 ret = -EIO;
648 goto wfail;
649 } else if ((ret = jffs2_verify_write(c, c->wbuf, c->wbuf_ofs))) {
650 wfail:
1da177e4
LT
651 jffs2_wbuf_recover(c);
652
653 return ret;
654 }
655
1da177e4 656 /* Adjust free size of the block if we padded. */
daba5cc4 657 if (pad) {
0bcc099d 658 uint32_t waste = c->wbuf_pagesize - c->wbuf_len;
1da177e4 659
9c261b33
JP
660 jffs2_dbg(1, "jffs2_flush_wbuf() adjusting free_size of %sblock at %08x\n",
661 (wbuf_jeb == c->nextblock) ? "next" : "",
662 wbuf_jeb->offset);
1da177e4 663
182ec4ee 664 /* wbuf_pagesize - wbuf_len is the amount of space that's to be
1da177e4
LT
665 padded. If there is less free space in the block than that,
666 something screwed up */
9bfeb691 667 if (wbuf_jeb->free_size < waste) {
da320f05
JP
668 pr_crit("jffs2_flush_wbuf(): Accounting error. wbuf at 0x%08x has 0x%03x bytes, 0x%03x left.\n",
669 c->wbuf_ofs, c->wbuf_len, waste);
670 pr_crit("jffs2_flush_wbuf(): But free_size for block at 0x%08x is only 0x%08x\n",
671 wbuf_jeb->offset, wbuf_jeb->free_size);
1da177e4
LT
672 BUG();
673 }
0bcc099d
DW
674
675 spin_lock(&c->erase_completion_lock);
676
9bfeb691 677 jffs2_link_node_ref(c, wbuf_jeb, (c->wbuf_ofs + c->wbuf_len) | REF_OBSOLETE, waste, NULL);
0bcc099d 678 /* FIXME: that made it count as dirty. Convert to wasted */
9bfeb691 679 wbuf_jeb->dirty_size -= waste;
0bcc099d 680 c->dirty_size -= waste;
9bfeb691 681 wbuf_jeb->wasted_size += waste;
0bcc099d
DW
682 c->wasted_size += waste;
683 } else
684 spin_lock(&c->erase_completion_lock);
1da177e4
LT
685
686 /* Stick any now-obsoleted blocks on the erase_pending_list */
687 jffs2_refile_wbuf_blocks(c);
688 jffs2_clear_wbuf_ino_list(c);
689 spin_unlock(&c->erase_completion_lock);
690
691 memset(c->wbuf,0xff,c->wbuf_pagesize);
692 /* adjust write buffer offset, else we get a non contiguous write bug */
5bf17237 693 c->wbuf_ofs += c->wbuf_pagesize;
1da177e4
LT
694 c->wbuf_len = 0;
695 return 0;
696}
697
182ec4ee 698/* Trigger garbage collection to flush the write-buffer.
1da177e4 699 If ino arg is zero, do it if _any_ real (i.e. not GC) writes are
182ec4ee 700 outstanding. If ino arg non-zero, do it only if a write for the
1da177e4
LT
701 given inode is outstanding. */
702int jffs2_flush_wbuf_gc(struct jffs2_sb_info *c, uint32_t ino)
703{
704 uint32_t old_wbuf_ofs;
705 uint32_t old_wbuf_len;
706 int ret = 0;
707
9c261b33 708 jffs2_dbg(1, "jffs2_flush_wbuf_gc() called for ino #%u...\n", ino);
1da177e4 709
8aee6ac1
DW
710 if (!c->wbuf)
711 return 0;
712
ced22070 713 mutex_lock(&c->alloc_sem);
1da177e4 714 if (!jffs2_wbuf_pending_for_ino(c, ino)) {
9c261b33 715 jffs2_dbg(1, "Ino #%d not pending in wbuf. Returning\n", ino);
ced22070 716 mutex_unlock(&c->alloc_sem);
1da177e4
LT
717 return 0;
718 }
719
720 old_wbuf_ofs = c->wbuf_ofs;
721 old_wbuf_len = c->wbuf_len;
722
723 if (c->unchecked_size) {
724 /* GC won't make any progress for a while */
9c261b33
JP
725 jffs2_dbg(1, "%s(): padding. Not finished checking\n",
726 __func__);
1da177e4
LT
727 down_write(&c->wbuf_sem);
728 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
7f716cf3
EH
729 /* retry flushing wbuf in case jffs2_wbuf_recover
730 left some data in the wbuf */
731 if (ret)
7f716cf3 732 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
1da177e4
LT
733 up_write(&c->wbuf_sem);
734 } else while (old_wbuf_len &&
735 old_wbuf_ofs == c->wbuf_ofs) {
736
ced22070 737 mutex_unlock(&c->alloc_sem);
1da177e4 738
9c261b33 739 jffs2_dbg(1, "%s(): calls gc pass\n", __func__);
1da177e4
LT
740
741 ret = jffs2_garbage_collect_pass(c);
742 if (ret) {
743 /* GC failed. Flush it with padding instead */
ced22070 744 mutex_lock(&c->alloc_sem);
1da177e4
LT
745 down_write(&c->wbuf_sem);
746 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
7f716cf3
EH
747 /* retry flushing wbuf in case jffs2_wbuf_recover
748 left some data in the wbuf */
749 if (ret)
7f716cf3 750 ret = __jffs2_flush_wbuf(c, PAD_ACCOUNTING);
1da177e4
LT
751 up_write(&c->wbuf_sem);
752 break;
753 }
ced22070 754 mutex_lock(&c->alloc_sem);
1da177e4
LT
755 }
756
9c261b33 757 jffs2_dbg(1, "%s(): ends...\n", __func__);
1da177e4 758
ced22070 759 mutex_unlock(&c->alloc_sem);
1da177e4
LT
760 return ret;
761}
762
763/* Pad write-buffer to end and write it, wasting space. */
764int jffs2_flush_wbuf_pad(struct jffs2_sb_info *c)
765{
766 int ret;
767
8aee6ac1
DW
768 if (!c->wbuf)
769 return 0;
770
1da177e4
LT
771 down_write(&c->wbuf_sem);
772 ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
7f716cf3
EH
773 /* retry - maybe wbuf recover left some data in wbuf. */
774 if (ret)
775 ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
1da177e4
LT
776 up_write(&c->wbuf_sem);
777
778 return ret;
779}
dcb09328
TG
780
781static size_t jffs2_fill_wbuf(struct jffs2_sb_info *c, const uint8_t *buf,
782 size_t len)
1da177e4 783{
dcb09328
TG
784 if (len && !c->wbuf_len && (len >= c->wbuf_pagesize))
785 return 0;
786
787 if (len > (c->wbuf_pagesize - c->wbuf_len))
788 len = c->wbuf_pagesize - c->wbuf_len;
789 memcpy(c->wbuf + c->wbuf_len, buf, len);
790 c->wbuf_len += (uint32_t) len;
791 return len;
792}
793
794int jffs2_flash_writev(struct jffs2_sb_info *c, const struct kvec *invecs,
795 unsigned long count, loff_t to, size_t *retlen,
796 uint32_t ino)
797{
798 struct jffs2_eraseblock *jeb;
799 size_t wbuf_retlen, donelen = 0;
1da177e4 800 uint32_t outvec_to = to;
dcb09328 801 int ret, invec;
1da177e4 802
dcb09328 803 /* If not writebuffered flash, don't bother */
3be36675 804 if (!jffs2_is_writebuffered(c))
1da177e4 805 return jffs2_flash_direct_writev(c, invecs, count, to, retlen);
182ec4ee 806
1da177e4
LT
807 down_write(&c->wbuf_sem);
808
809 /* If wbuf_ofs is not initialized, set it to target address */
810 if (c->wbuf_ofs == 0xFFFFFFFF) {
811 c->wbuf_ofs = PAGE_DIV(to);
182ec4ee 812 c->wbuf_len = PAGE_MOD(to);
1da177e4
LT
813 memset(c->wbuf,0xff,c->wbuf_pagesize);
814 }
815
dcb09328
TG
816 /*
817 * Sanity checks on target address. It's permitted to write
818 * at PAD(c->wbuf_len+c->wbuf_ofs), and it's permitted to
819 * write at the beginning of a new erase block. Anything else,
820 * and you die. New block starts at xxx000c (0-b = block
821 * header)
822 */
3be36675 823 if (SECTOR_ADDR(to) != SECTOR_ADDR(c->wbuf_ofs)) {
1da177e4
LT
824 /* It's a write to a new block */
825 if (c->wbuf_len) {
9c261b33
JP
826 jffs2_dbg(1, "%s(): to 0x%lx causes flush of wbuf at 0x%08x\n",
827 __func__, (unsigned long)to, c->wbuf_ofs);
1da177e4 828 ret = __jffs2_flush_wbuf(c, PAD_NOACCOUNT);
dcb09328
TG
829 if (ret)
830 goto outerr;
1da177e4
LT
831 }
832 /* set pointer to new block */
833 c->wbuf_ofs = PAGE_DIV(to);
182ec4ee
TG
834 c->wbuf_len = PAGE_MOD(to);
835 }
1da177e4
LT
836
837 if (to != PAD(c->wbuf_ofs + c->wbuf_len)) {
838 /* We're not writing immediately after the writebuffer. Bad. */
da320f05
JP
839 pr_crit("%s(): Non-contiguous write to %08lx\n",
840 __func__, (unsigned long)to);
1da177e4 841 if (c->wbuf_len)
da320f05
JP
842 pr_crit("wbuf was previously %08x-%08x\n",
843 c->wbuf_ofs, c->wbuf_ofs + c->wbuf_len);
1da177e4
LT
844 BUG();
845 }
846
dcb09328
TG
847 /* adjust alignment offset */
848 if (c->wbuf_len != PAGE_MOD(to)) {
849 c->wbuf_len = PAGE_MOD(to);
850 /* take care of alignment to next page */
851 if (!c->wbuf_len) {
852 c->wbuf_len = c->wbuf_pagesize;
853 ret = __jffs2_flush_wbuf(c, NOPAD);
854 if (ret)
855 goto outerr;
1da177e4
LT
856 }
857 }
858
dcb09328
TG
859 for (invec = 0; invec < count; invec++) {
860 int vlen = invecs[invec].iov_len;
861 uint8_t *v = invecs[invec].iov_base;
7f716cf3 862
dcb09328 863 wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
7f716cf3 864
dcb09328
TG
865 if (c->wbuf_len == c->wbuf_pagesize) {
866 ret = __jffs2_flush_wbuf(c, NOPAD);
867 if (ret)
868 goto outerr;
1da177e4 869 }
dcb09328
TG
870 vlen -= wbuf_retlen;
871 outvec_to += wbuf_retlen;
1da177e4 872 donelen += wbuf_retlen;
dcb09328
TG
873 v += wbuf_retlen;
874
875 if (vlen >= c->wbuf_pagesize) {
eda95cbf
AB
876 ret = mtd_write(c->mtd, outvec_to, PAGE_DIV(vlen),
877 &wbuf_retlen, v);
dcb09328
TG
878 if (ret < 0 || wbuf_retlen != PAGE_DIV(vlen))
879 goto outfile;
880
881 vlen -= wbuf_retlen;
882 outvec_to += wbuf_retlen;
883 c->wbuf_ofs = outvec_to;
884 donelen += wbuf_retlen;
885 v += wbuf_retlen;
1da177e4
LT
886 }
887
dcb09328
TG
888 wbuf_retlen = jffs2_fill_wbuf(c, v, vlen);
889 if (c->wbuf_len == c->wbuf_pagesize) {
890 ret = __jffs2_flush_wbuf(c, NOPAD);
891 if (ret)
892 goto outerr;
893 }
1da177e4 894
dcb09328
TG
895 outvec_to += wbuf_retlen;
896 donelen += wbuf_retlen;
1da177e4 897 }
1da177e4 898
dcb09328
TG
899 /*
900 * If there's a remainder in the wbuf and it's a non-GC write,
901 * remember that the wbuf affects this ino
902 */
1da177e4
LT
903 *retlen = donelen;
904
e631ddba
FH
905 if (jffs2_sum_active()) {
906 int res = jffs2_sum_add_kvec(c, invecs, count, (uint32_t) to);
907 if (res)
908 return res;
909 }
910
1da177e4
LT
911 if (c->wbuf_len && ino)
912 jffs2_wbuf_dirties_inode(c, ino);
913
914 ret = 0;
dcb09328
TG
915 up_write(&c->wbuf_sem);
916 return ret;
917
918outfile:
919 /*
920 * At this point we have no problem, c->wbuf is empty. However
921 * refile nextblock to avoid writing again to same address.
922 */
923
924 spin_lock(&c->erase_completion_lock);
925
926 jeb = &c->blocks[outvec_to / c->sector_size];
927 jffs2_block_refile(c, jeb, REFILE_ANYWAY);
928
929 spin_unlock(&c->erase_completion_lock);
182ec4ee 930
dcb09328
TG
931outerr:
932 *retlen = 0;
1da177e4
LT
933 up_write(&c->wbuf_sem);
934 return ret;
935}
936
937/*
938 * This is the entry for flash write.
939 * Check, if we work on NAND FLASH, if so build an kvec and write it via vritev
940*/
9bfeb691
DW
941int jffs2_flash_write(struct jffs2_sb_info *c, loff_t ofs, size_t len,
942 size_t *retlen, const u_char *buf)
1da177e4
LT
943{
944 struct kvec vecs[1];
945
3be36675 946 if (!jffs2_is_writebuffered(c))
e631ddba 947 return jffs2_flash_direct_write(c, ofs, len, retlen, buf);
1da177e4
LT
948
949 vecs[0].iov_base = (unsigned char *) buf;
950 vecs[0].iov_len = len;
951 return jffs2_flash_writev(c, vecs, 1, ofs, retlen, 0);
952}
953
954/*
955 Handle readback from writebuffer and ECC failure return
956*/
957int jffs2_flash_read(struct jffs2_sb_info *c, loff_t ofs, size_t len, size_t *retlen, u_char *buf)
958{
959 loff_t orbf = 0, owbf = 0, lwbf = 0;
960 int ret;
961
3be36675 962 if (!jffs2_is_writebuffered(c))
329ad399 963 return mtd_read(c->mtd, ofs, len, retlen, buf);
1da177e4 964
3be36675 965 /* Read flash */
894214d1 966 down_read(&c->wbuf_sem);
329ad399 967 ret = mtd_read(c->mtd, ofs, len, retlen, buf);
3be36675 968
9a1fcdfd
TG
969 if ( (ret == -EBADMSG || ret == -EUCLEAN) && (*retlen == len) ) {
970 if (ret == -EBADMSG)
da320f05
JP
971 pr_warn("mtd->read(0x%zx bytes from 0x%llx) returned ECC error\n",
972 len, ofs);
182ec4ee 973 /*
9a1fcdfd
TG
974 * We have the raw data without ECC correction in the buffer,
975 * maybe we are lucky and all data or parts are correct. We
976 * check the node. If data are corrupted node check will sort
977 * it out. We keep this block, it will fail on write or erase
978 * and the we mark it bad. Or should we do that now? But we
979 * should give him a chance. Maybe we had a system crash or
980 * power loss before the ecc write or a erase was completed.
3be36675
AV
981 * So we return success. :)
982 */
9a1fcdfd 983 ret = 0;
182ec4ee 984 }
3be36675 985
1da177e4
LT
986 /* if no writebuffer available or write buffer empty, return */
987 if (!c->wbuf_pagesize || !c->wbuf_len)
894214d1 988 goto exit;
1da177e4
LT
989
990 /* if we read in a different block, return */
3be36675 991 if (SECTOR_ADDR(ofs) != SECTOR_ADDR(c->wbuf_ofs))
894214d1 992 goto exit;
1da177e4
LT
993
994 if (ofs >= c->wbuf_ofs) {
995 owbf = (ofs - c->wbuf_ofs); /* offset in write buffer */
996 if (owbf > c->wbuf_len) /* is read beyond write buffer ? */
997 goto exit;
998 lwbf = c->wbuf_len - owbf; /* number of bytes to copy */
182ec4ee 999 if (lwbf > len)
1da177e4 1000 lwbf = len;
182ec4ee 1001 } else {
1da177e4
LT
1002 orbf = (c->wbuf_ofs - ofs); /* offset in read buffer */
1003 if (orbf > len) /* is write beyond write buffer ? */
1004 goto exit;
9a1fcdfd 1005 lwbf = len - orbf; /* number of bytes to copy */
182ec4ee 1006 if (lwbf > c->wbuf_len)
1da177e4 1007 lwbf = c->wbuf_len;
182ec4ee 1008 }
1da177e4
LT
1009 if (lwbf > 0)
1010 memcpy(buf+orbf,c->wbuf+owbf,lwbf);
1011
1012exit:
1013 up_read(&c->wbuf_sem);
1014 return ret;
1015}
1016
a7a6ace1
AB
1017#define NR_OOB_SCAN_PAGES 4
1018
09b3fba5
DW
1019/* For historical reasons we use only 8 bytes for OOB clean marker */
1020#define OOB_CM_SIZE 8
a7a6ace1
AB
1021
1022static const struct jffs2_unknown_node oob_cleanmarker =
1023{
566865a2
DW
1024 .magic = constant_cpu_to_je16(JFFS2_MAGIC_BITMASK),
1025 .nodetype = constant_cpu_to_je16(JFFS2_NODETYPE_CLEANMARKER),
1026 .totlen = constant_cpu_to_je32(8)
a7a6ace1 1027};
8593fbc6 1028
1da177e4 1029/*
a7a6ace1
AB
1030 * Check, if the out of band area is empty. This function knows about the clean
1031 * marker and if it is present in OOB, treats the OOB as empty anyway.
1da177e4 1032 */
8593fbc6
TG
1033int jffs2_check_oob_empty(struct jffs2_sb_info *c,
1034 struct jffs2_eraseblock *jeb, int mode)
1da177e4 1035{
a7a6ace1
AB
1036 int i, ret;
1037 int cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
8593fbc6
TG
1038 struct mtd_oob_ops ops;
1039
0612b9dd 1040 ops.mode = MTD_OPS_AUTO_OOB;
a7a6ace1 1041 ops.ooblen = NR_OOB_SCAN_PAGES * c->oobavail;
8593fbc6 1042 ops.oobbuf = c->oobbuf;
a7a6ace1 1043 ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
8593fbc6 1044 ops.datbuf = NULL;
8593fbc6 1045
fd2819bb 1046 ret = mtd_read_oob(c->mtd, jeb->offset, &ops);
74d83bea 1047 if ((ret && !mtd_is_bitflip(ret)) || ops.oobretlen != ops.ooblen) {
da320f05
JP
1048 pr_err("cannot read OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1049 jeb->offset, ops.ooblen, ops.oobretlen, ret);
74d83bea 1050 if (!ret || mtd_is_bitflip(ret))
a7a6ace1 1051 ret = -EIO;
8593fbc6 1052 return ret;
1da177e4 1053 }
182ec4ee 1054
a7a6ace1
AB
1055 for(i = 0; i < ops.ooblen; i++) {
1056 if (mode && i < cmlen)
1057 /* Yeah, we know about the cleanmarker */
1da177e4
LT
1058 continue;
1059
8593fbc6 1060 if (ops.oobbuf[i] != 0xFF) {
9c261b33
JP
1061 jffs2_dbg(2, "Found %02x at %x in OOB for "
1062 "%08x\n", ops.oobbuf[i], i, jeb->offset);
8593fbc6 1063 return 1;
1da177e4
LT
1064 }
1065 }
1066
8593fbc6 1067 return 0;
1da177e4
LT
1068}
1069
1070/*
a7a6ace1
AB
1071 * Check for a valid cleanmarker.
1072 * Returns: 0 if a valid cleanmarker was found
ef53cb02
DW
1073 * 1 if no cleanmarker was found
1074 * negative error code if an error occurred
8593fbc6 1075 */
a7a6ace1
AB
1076int jffs2_check_nand_cleanmarker(struct jffs2_sb_info *c,
1077 struct jffs2_eraseblock *jeb)
1da177e4 1078{
8593fbc6 1079 struct mtd_oob_ops ops;
a7a6ace1 1080 int ret, cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
1da177e4 1081
0612b9dd 1082 ops.mode = MTD_OPS_AUTO_OOB;
a7a6ace1 1083 ops.ooblen = cmlen;
8593fbc6 1084 ops.oobbuf = c->oobbuf;
a7a6ace1 1085 ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
8593fbc6 1086 ops.datbuf = NULL;
1da177e4 1087
fd2819bb 1088 ret = mtd_read_oob(c->mtd, jeb->offset, &ops);
74d83bea 1089 if ((ret && !mtd_is_bitflip(ret)) || ops.oobretlen != ops.ooblen) {
da320f05
JP
1090 pr_err("cannot read OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1091 jeb->offset, ops.ooblen, ops.oobretlen, ret);
74d83bea 1092 if (!ret || mtd_is_bitflip(ret))
a7a6ace1 1093 ret = -EIO;
8593fbc6
TG
1094 return ret;
1095 }
1da177e4 1096
a7a6ace1 1097 return !!memcmp(&oob_cleanmarker, c->oobbuf, cmlen);
1da177e4
LT
1098}
1099
8593fbc6
TG
1100int jffs2_write_nand_cleanmarker(struct jffs2_sb_info *c,
1101 struct jffs2_eraseblock *jeb)
1da177e4 1102{
a7a6ace1 1103 int ret;
8593fbc6 1104 struct mtd_oob_ops ops;
a7a6ace1 1105 int cmlen = min_t(int, c->oobavail, OOB_CM_SIZE);
1da177e4 1106
0612b9dd 1107 ops.mode = MTD_OPS_AUTO_OOB;
a7a6ace1
AB
1108 ops.ooblen = cmlen;
1109 ops.oobbuf = (uint8_t *)&oob_cleanmarker;
1110 ops.len = ops.ooboffs = ops.retlen = ops.oobretlen = 0;
8593fbc6 1111 ops.datbuf = NULL;
8593fbc6 1112
a2cc5ba0 1113 ret = mtd_write_oob(c->mtd, jeb->offset, &ops);
a7a6ace1 1114 if (ret || ops.oobretlen != ops.ooblen) {
da320f05
JP
1115 pr_err("cannot write OOB for EB at %08x, requested %zd bytes, read %zd bytes, error %d\n",
1116 jeb->offset, ops.ooblen, ops.oobretlen, ret);
a7a6ace1
AB
1117 if (!ret)
1118 ret = -EIO;
1da177e4
LT
1119 return ret;
1120 }
a7a6ace1 1121
1da177e4
LT
1122 return 0;
1123}
1124
182ec4ee 1125/*
1da177e4 1126 * On NAND we try to mark this block bad. If the block was erased more
25985edc 1127 * than MAX_ERASE_FAILURES we mark it finally bad.
1da177e4
LT
1128 * Don't care about failures. This block remains on the erase-pending
1129 * or badblock list as long as nobody manipulates the flash with
1130 * a bootloader or something like that.
1131 */
1132
1133int jffs2_write_nand_badblock(struct jffs2_sb_info *c, struct jffs2_eraseblock *jeb, uint32_t bad_offset)
1134{
1135 int ret;
1136
1137 /* if the count is < max, we try to write the counter to the 2nd page oob area */
1138 if( ++jeb->bad_count < MAX_ERASE_FAILURES)
1139 return 0;
1140
5a528957 1141 pr_warn("marking eraseblock at %08x as bad\n", bad_offset);
5942ddbc 1142 ret = mtd_block_markbad(c->mtd, bad_offset);
182ec4ee 1143
1da177e4 1144 if (ret) {
9c261b33
JP
1145 jffs2_dbg(1, "%s(): Write failed for block at %08x: error %d\n",
1146 __func__, jeb->offset, ret);
1da177e4
LT
1147 return ret;
1148 }
1149 return 1;
1150}
1151
8bdc81c5
AB
1152static struct jffs2_sb_info *work_to_sb(struct work_struct *work)
1153{
1154 struct delayed_work *dwork;
1155
1156 dwork = container_of(work, struct delayed_work, work);
1157 return container_of(dwork, struct jffs2_sb_info, wbuf_dwork);
1158}
1159
1160static void delayed_wbuf_sync(struct work_struct *work)
1161{
1162 struct jffs2_sb_info *c = work_to_sb(work);
1163 struct super_block *sb = OFNI_BS_2SFFJ(c);
1164
8bdc81c5
AB
1165 if (!(sb->s_flags & MS_RDONLY)) {
1166 jffs2_dbg(1, "%s()\n", __func__);
1167 jffs2_flush_wbuf_gc(c, 0);
1168 }
1169}
1170
1171void jffs2_dirty_trigger(struct jffs2_sb_info *c)
1172{
1173 struct super_block *sb = OFNI_BS_2SFFJ(c);
1174 unsigned long delay;
1175
1176 if (sb->s_flags & MS_RDONLY)
1177 return;
1178
99358a1c
AV
1179 delay = msecs_to_jiffies(dirty_writeback_interval * 10);
1180 if (queue_delayed_work(system_long_wq, &c->wbuf_dwork, delay))
8bdc81c5 1181 jffs2_dbg(1, "%s()\n", __func__);
8bdc81c5
AB
1182}
1183
a7a6ace1 1184int jffs2_nand_flash_setup(struct jffs2_sb_info *c)
1da177e4 1185{
5bd34c09 1186 struct nand_ecclayout *oinfo = c->mtd->ecclayout;
1da177e4 1187
1da177e4
LT
1188 if (!c->mtd->oobsize)
1189 return 0;
182ec4ee 1190
1da177e4
LT
1191 /* Cleanmarker is out-of-band, so inline size zero */
1192 c->cleanmarker_size = 0;
1193
a7a6ace1 1194 if (!oinfo || oinfo->oobavail == 0) {
da320f05 1195 pr_err("inconsistent device description\n");
5bd34c09
TG
1196 return -EINVAL;
1197 }
182ec4ee 1198
5a528957 1199 jffs2_dbg(1, "using OOB on NAND\n");
5bd34c09 1200
a7a6ace1 1201 c->oobavail = oinfo->oobavail;
1da177e4
LT
1202
1203 /* Initialise write buffer */
1204 init_rwsem(&c->wbuf_sem);
8bdc81c5 1205 INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
28318776 1206 c->wbuf_pagesize = c->mtd->writesize;
1da177e4 1207 c->wbuf_ofs = 0xFFFFFFFF;
182ec4ee 1208
1da177e4
LT
1209 c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1210 if (!c->wbuf)
1211 return -ENOMEM;
1212
a7a6ace1
AB
1213 c->oobbuf = kmalloc(NR_OOB_SCAN_PAGES * c->oobavail, GFP_KERNEL);
1214 if (!c->oobbuf) {
1da177e4
LT
1215 kfree(c->wbuf);
1216 return -ENOMEM;
1217 }
a7a6ace1 1218
a6bc432e
DW
1219#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1220 c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1221 if (!c->wbuf_verify) {
1222 kfree(c->oobbuf);
1223 kfree(c->wbuf);
1224 return -ENOMEM;
1225 }
1226#endif
a7a6ace1 1227 return 0;
1da177e4
LT
1228}
1229
1230void jffs2_nand_flash_cleanup(struct jffs2_sb_info *c)
1231{
a6bc432e
DW
1232#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1233 kfree(c->wbuf_verify);
1234#endif
1da177e4 1235 kfree(c->wbuf);
8593fbc6 1236 kfree(c->oobbuf);
1da177e4
LT
1237}
1238
8f15fd55
AV
1239int jffs2_dataflash_setup(struct jffs2_sb_info *c) {
1240 c->cleanmarker_size = 0; /* No cleanmarkers needed */
182ec4ee 1241
8f15fd55
AV
1242 /* Initialize write buffer */
1243 init_rwsem(&c->wbuf_sem);
8bdc81c5 1244 INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
daba5cc4 1245 c->wbuf_pagesize = c->mtd->erasesize;
182ec4ee 1246
daba5cc4
AB
1247 /* Find a suitable c->sector_size
1248 * - Not too much sectors
1249 * - Sectors have to be at least 4 K + some bytes
1250 * - All known dataflashes have erase sizes of 528 or 1056
1251 * - we take at least 8 eraseblocks and want to have at least 8K size
1252 * - The concatenation should be a power of 2
1253 */
1254
1255 c->sector_size = 8 * c->mtd->erasesize;
182ec4ee 1256
daba5cc4
AB
1257 while (c->sector_size < 8192) {
1258 c->sector_size *= 2;
1259 }
182ec4ee 1260
daba5cc4
AB
1261 /* It may be necessary to adjust the flash size */
1262 c->flash_size = c->mtd->size;
8f15fd55 1263
daba5cc4
AB
1264 if ((c->flash_size % c->sector_size) != 0) {
1265 c->flash_size = (c->flash_size / c->sector_size) * c->sector_size;
5a528957 1266 pr_warn("flash size adjusted to %dKiB\n", c->flash_size);
eac44a5e 1267 }
182ec4ee 1268
daba5cc4 1269 c->wbuf_ofs = 0xFFFFFFFF;
8f15fd55
AV
1270 c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1271 if (!c->wbuf)
1272 return -ENOMEM;
1273
cca15841 1274#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1275 c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1276 if (!c->wbuf_verify) {
cca15841 1277 kfree(c->wbuf);
1278 return -ENOMEM;
1279 }
1280#endif
1281
5a528957 1282 pr_info("write-buffering enabled buffer (%d) erasesize (%d)\n",
da320f05 1283 c->wbuf_pagesize, c->sector_size);
8f15fd55
AV
1284
1285 return 0;
1286}
1287
1288void jffs2_dataflash_cleanup(struct jffs2_sb_info *c) {
cca15841 1289#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1290 kfree(c->wbuf_verify);
1291#endif
8f15fd55
AV
1292 kfree(c->wbuf);
1293}
8f15fd55 1294
59da721a 1295int jffs2_nor_wbuf_flash_setup(struct jffs2_sb_info *c) {
c8b229de
JE
1296 /* Cleanmarker currently occupies whole programming regions,
1297 * either one or 2 for 8Byte STMicro flashes. */
1298 c->cleanmarker_size = max(16u, c->mtd->writesize);
59da721a
NP
1299
1300 /* Initialize write buffer */
1301 init_rwsem(&c->wbuf_sem);
8bdc81c5
AB
1302 INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
1303
28318776 1304 c->wbuf_pagesize = c->mtd->writesize;
59da721a
NP
1305 c->wbuf_ofs = 0xFFFFFFFF;
1306
1307 c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1308 if (!c->wbuf)
1309 return -ENOMEM;
1310
bc8cec0d
MC
1311#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1312 c->wbuf_verify = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1313 if (!c->wbuf_verify) {
1314 kfree(c->wbuf);
1315 return -ENOMEM;
1316 }
1317#endif
59da721a
NP
1318 return 0;
1319}
1320
1321void jffs2_nor_wbuf_flash_cleanup(struct jffs2_sb_info *c) {
bc8cec0d
MC
1322#ifdef CONFIG_JFFS2_FS_WBUF_VERIFY
1323 kfree(c->wbuf_verify);
1324#endif
59da721a
NP
1325 kfree(c->wbuf);
1326}
0029da3b
AB
1327
1328int jffs2_ubivol_setup(struct jffs2_sb_info *c) {
1329 c->cleanmarker_size = 0;
1330
1331 if (c->mtd->writesize == 1)
1332 /* We do not need write-buffer */
1333 return 0;
1334
1335 init_rwsem(&c->wbuf_sem);
8bdc81c5 1336 INIT_DELAYED_WORK(&c->wbuf_dwork, delayed_wbuf_sync);
0029da3b
AB
1337
1338 c->wbuf_pagesize = c->mtd->writesize;
1339 c->wbuf_ofs = 0xFFFFFFFF;
1340 c->wbuf = kmalloc(c->wbuf_pagesize, GFP_KERNEL);
1341 if (!c->wbuf)
1342 return -ENOMEM;
1343
5a528957 1344 pr_info("write-buffering enabled buffer (%d) erasesize (%d)\n",
da320f05 1345 c->wbuf_pagesize, c->sector_size);
0029da3b
AB
1346
1347 return 0;
1348}
1349
1350void jffs2_ubivol_cleanup(struct jffs2_sb_info *c) {
1351 kfree(c->wbuf);
1352}