The 'ubi_scan_erase_peb()' is used only in scan.c so can be static. Also
re-name it to 'early_erase_peb()' because we tend to use "ubi_" prefix only for
non-static fuction and also because the new name is better.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
After re-naming the 'struct ubi_scan_volume' we should adjust all variables
named 'sv' to something else, because 'sv' stands for "scanning volume".
Let's rename it to 'av' which stands for "attaching volume" which is
a bit more consistent and has the same length, which makes re-naming easy.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
After re-naming the 'struct ubi_scan_info' we should adjust all variables
named 'si' to something else, because 'si' stands for "scanning info".
Let's rename it to 'ai' which stands for "attaching info" which is
a bit more consistent and has the same length, which makes re-naming easy.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
After re-naming the 'struct ubi_scan_leb' we should adjust all variables
named 'seb' to something else, because 'seb' stands for "scanning eraseblock".
Let's rename it to 'aeb' which stands for "attaching eraseblock" which is
a bit more consistend and has the same length.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
Rename 'struct ubi_scan_info' to 'struct ubi_attach_info'. This is part
of the code re-structuring I am trying to do in order to add fastmap
in a more logical way. Fastmap can share a lot with scanning, including
the attach-time data structures, which all now have "scan" word in the
name. Let's get rid of this word.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
Rename 'struct ubi_scan_volume' to 'struct ubi_ainf_volume'. This is part
of the code re-structuring I am trying to do in order to add fastmap
in a more logical way. Fastmap can share a lot with scanning, including
the attach-time data structures, which all now have "scan" word in the
name. Let's get rid of this word and use "ainf" instead which stands
for "attach information". It has the same length as "scan" so re-naming
is trivial.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
Rename 'struct ubi_scan_leb' to 'struct ubi_ainf_leb'. This is part
of the code re-structuring I am trying to do in order to add fastmap
in a more logical way. Fastmap can share a lot with scanning, including
the attach-time data structures, which all now have "scan" word in the
name. Let's get rid of this word and use "ainf" instead which stands
for "attach information". It has the same length as "scan" so re-naming
is trivial.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
This patch removes the 'dbg_err()' macro and we now use 'ubi_err' instead.
The idea of 'dbg_err()' was to compile out some error message to make the
binary a bit smaller - but I think it was a bad idea.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
We have the "sefl-check" feature in UBI, but for historical reasons many
corresponding functions and commentaries in the code use term "paranoid check"
instead. Let's clean this up and use "self-check" everywhere.
This patch renames functions, amends messages and kills several redundant
debugging messages.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
This patch kills the UBI debugging Kconfig option completely and makes all the
debugging stuff to be always compiled-in. It was pain in the neck to maintain
this useless option because all users I am aware of have debugging enabled
anyway - how else will you diagnose errors otherwise?
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
I am going to remove the "UBI debugging" compilation option and make the
debugging stuff to be always compiled it. This patch is a preparation
which renames 'ubi_dbg_dump_seb()' to 'ubi_dump_seb()'.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
I am going to remove the "UBI debugging" compilation option and make the
debugging stuff to be always compiled it. This patch is a preparation
which renames 'ubi_dbg_dump_sv()' to 'ubi_dump_sv()'.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
UBI (and UBIFS) are a bit over-engineered WRT debugging. The idea was to
link as few as possible when debugging is disabled, but the downside is
that most people produce bug reports which are difficult to understand.
Always dump the VID and EC headers' contents in case of errors when it
is helpful.
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
UBI (and UBIFS) are a bit over-engineered WRT debugging. The idea was to
link as few as possible when debugging is disabled, but the downside is
that most people produce bug reports which are difficult to understand.
This patch weeds out the 'ubi_dbg_dump_stack()' function and turns it
into 'dump_stack()' - it is always useful to have stack dump in case of
an error.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
Two bad things can happen in ubi_scan():
1. If kmem_cache_create() fails we jump to out_si and call
ubi_scan_destroy_si() which calls kmem_cache_destroy().
But si->scan_leb_slab is NULL.
2. If process_eb() fails we jump to out_vidh, call
kmem_cache_destroy() and ubi_scan_destroy_si() which calls
again kmem_cache_destroy().
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Cc: stable@kernel.org
This patch introduces debugfs support to UBI. All the UBI stuff is kept in the
"ubi" debugfs directory, which contains per-UBI device "ubi/ubiX"
sub-directories, containing debugging files. This file also creates
"ubi/ubiX/chk_gen" and "ubi/ubiX/chk_io" knobs for switching general and I/O
extra checks on and off. And it removes the 'debug_chks' UBI module parameters.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Fix checkpatch.pl errors and warnings:
* space before tab
* line over 80 characters
* include linux/ioctl.h instead of asm/ioctl.h
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
This patch adds a possibility to dynamically switch UBI self-checks
on and off, instead of toggling them compile-time from the configuration
menu. This is much more flexible, and consistent with UBIFS, and this
also simplifies UBI Kconfig menu and the code.
This patch introduces two levels of self-checks - general, which
includes all self-checks which are relatively fast, and I/O, which
includes write-verify checks and erase-verify checks, which are
relatively slow and involve flash I/O.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
During scanning UBI allocates one struct ubi_scan_leb object for each PEB,
so it can end up allocating thousands of them. Use slab cache to reduce
memory consumption for these 48-byte objects, because currently used
'kmalloc()' ends up allocating 64 bytes per object, instead of 48.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
My new shiny code for corrupted PEB detection has NOR specific bug.
We tread PEB as corrupted and preserve it, if
1. EC header is OK.
2. VID header is corrupted.
3. data area is not "all 0xFFs"
In case of NOR we have 'nor_erase_prepare()' quirk, which invalidates
the headers before erasing the PEB. And we invalidate first the VID
header, and then the EC header. So if a power cut happens after we have
invalidated the VID header, but before we have invalidated the EC
header, we end up with a PEB which satisfies the above 3 conditions,
and the scanning code will treat it as corrupted, and will print
scary warnings, wrongly.
This patch fixes the issue by firt invalidating the EC header, then
invalidating the VID header. In case of power cut inbetween, we still
just lose the EC header, and UBI can deal with this situation gracefully.
Thanks to Anatolij Gustschin <agust@denx.de> for tracking this down.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Reported-by: Anatolij Gustschin <agust@denx.de>
Tested-by: Anatolij Gustschin <agust@denx.de>
Commit 45aafd3299 "UBI: tighten the corrupted PEB criteria"
introduced some return paths that didn't release the ubi->buf_mutex
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
If we get a bit-flip of ECC error while reading the data area, do not add it to
corrupted list, because it is possible that this is just unstable PEB with
corruptions caused by unclean reboots.
This patch also improves commentaries.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
When the data does not contain all 0xFF bytes, 'check_data_ff()' should return
1, not -EINVAL; Also, the caller ('process_eb()') should not add the PEB to the
"corrupted" list if there was a read error.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
While scanning the flash we read all VID headers and store some important
information in 'struct ubi_scan_leb'. Store also the 'copy_flag' value there
as it is needed when comparing LEBs. We do not increase memory consumption
because this is just one bit and we have plenty of spare bits in
'struct ubi_scan_leb' (sizeof(struct ubi_scan_leb) is 48 both with and
without this patch).
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Currently UBI erases all corrupted eraseblocks, irrespectively of the nature
of corruption: corruption due to power cuts and non-power cut corruption.
The former case is OK, but the latter is not, because UBI may destroy
potentially important data.
With this patch, during scanning, when UBI hits a PEB with corrupted VID
header, it checks whether this PEB contains only 0xFF data. If yes, it is
safe to erase this PEB and it is put to the 'erase' list. If not, this may
be important data and it is better to avoid erasing this PEB. Instead,
UBI puts it to the corr list and moves out of the pool of available PEB.
IOW, UBI preserves this PEB.
Such corrupted PEB lessen the amount of available PEBs. So the more of them
we accumulate, the less PEBs are available. The maximum amount of non-power
cut corrupted PEBs is 8.
This patch is a response to UBIFS problem where reporter
(Matthew L. Creech <mlcreech@gmail.com>) observes that UBIFS index points
to an unmapped LEB. The theory is that corresponding PEB somehow got
corrupted and UBI wiped it. This patch (actually a series of patches)
tries to make sure such PEBs are preserved - this would make it is easier
to analyze the corruption.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Start using the 'corr' list and add there PEBs which look truly corrupted,
which means they have corrupted VID header and the data which follows the
corrupted header does not contain all 0xFF bytes.
At the moment, this does not change UBI functionality much because these
PEBs will be erase when scanning finishes. But the plan is to teach UBI
preserving them.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Currently UBI maintains 2 lists of PEBs during scanning:
1. 'erase' list - PEBs which have no corruptions but should be erased
2. 'corr' list - PEBs which have some corruptions and should be erased
But we do not really need 2 lists for PEBs which should be erased after
scanning is done - this is redundant. So this patch makes sure all PEBs
which are corrupted are moved to the head of the 'erase' list. We add
them to the head to make sure they are erased first and we get rid of
corruption ASAP.
However, we do not remove the 'corr' list and realted functions, because
the plan is to use this list for other purposes. Namely, we plan to
put eraseblocks with corruption which does not look like it was caused
by unclean power cut. Then we'll preserve thes PEBs in order to avoid
killing potentially valuable user data.
This patch also amends PEBs accounting, because it was closely tight to
the 'erase'/'corr' lists separation.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
This patch introduces 'add_corrupted()' function and separates out 'corr' list
manipulation from the common 'add_to_list()' function. This is just a
preparation for further changes - this patch does not change functionality.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
This patch improves readability and simplifies scanning code by changing a
long cascade of 'if' statements to a switch statement. This should presumably
be a little faster as well.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Rename local variable 'ec_corr' into 'ec_err' to make the code a little bit
more readable. 'ec_err' is more appropriate because it sounds more like 'error
when EC was read' and it looks more logical because we use it together with
'err'. Just a minor nicification which should improve the rather complex
scanning code.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Currently UBI has one small flaw - when we read EC or VID header, but find only
0xFF bytes, we return UBI_IO_FF and do not report whether we had bit-flips or
not. In case of the VID header, the scanning code adds this PEB to the free list,
even though there were bit-flips.
Imagine the following situation: we start writing VID header to a PEB and have a
power cut, so the PEB becomes unstable. When we scan and read the PEB, we get
a bit-flip. Currently, UBI would just ignore this and treat the PEB as free. This
patch changes UBI behavior and now UBI will schedule this PEB for erasure.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
The 'UBI_IO_PEB_EMPTY' and 'UBI_IO_PEB_FREE' are essentially the same
and mean that there are only 0xFF bytes instead of headers. Simplify
UBI a little by turning them into a single 'UBI_IO_FF' error code.
Also, stop maintaining commentaries in 'ubi_io_read_vid_hdr()' which are
almost identical to commentaries in 'ubi_io_read_ec_hdr()'.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Rename UBI_IO_BAD_HDR_READ into UBI_IO_BAD_HDR_EBADMSG which is presumably more
self-documenting and readable. Indeed, the '_READ' suffix does not tell much and
even confuses, while '_EBADMSG' tells about uncorrectable ECC error, because we
use -EBADMSG all over the place to represent ECC errors.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Commit 0798cea8c2 "UBI: improve corrupted flash handling"
broke delet-compatible volumes handling - it introduced a limit of 8 eraseblocks which
may be corrupted. And delete-compatible eraseblocks are added to the "corrupted" list,
so if we'd have a large delete-compatible volume, UBI would refuse it.
The fix is to add delete-compatible volumes to the erase list instead. Indeed, they are
corrupted, we just have to erase them.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Currently UBI prints
UBI: corrupted PEBs will be formatted
even if there are not corrupted PEBs. Fix this.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
When a delete-compatible volume is found, it is first added to the
'corr' list, which contains "corrupted" PEBs which should be erased,
and then it is added to the used volumes tree. However, the second
step should not be done. This does not cause problems in practice,
because we never access delete-compattible volumes, but it is still
not the right thing to do.
[Artem: amended the commit message and few prints]
Signed-off-by: Brijesh Singh <brijesh.s.singh@gmail.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Fix the followong compilation warnings introduced by commit
095751a6e0:
drivers/mtd/ubi/scan.c: In function 'check_what_we_have':
drivers/mtd/ubi/scan.c:960: warning: passing argument 1 of 'get_random_bytes' discards qualifiers from pointer target type
Fix the following compilation warnings introduced by commit
1a49af2ca0:
drivers/mtd/ubi/io.c: In function 'ubi_io_read':
drivers/mtd/ubi/io.c:153: warning: initialization makes integer from pointer without a cast
drivers/mtd/ubi/io.c:170: warning: format '%s' expects type 'char *', but argument 5 has type 'int'
drivers/mtd/ubi/io.c:177: warning: format '%zd' expects type 'signed size_t', but argument 7 has type 'int'
drivers/mtd/ubi/io.c:177: warning: too many arguments for format
Also, amend the ECC error code string and add brackets and whitespace
there - this should make the message readable.
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Generate random image_seq when attaching empty MTD device (kernel do the
ubi formating).
Signed-off-by: Matthieu CASTET <matthieu.castet@parrot.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
This patch improves the way UBI handles corrupted flash, or flash
containing garbage or non-UBI data, which is the same from UBI POW.
Namely, we do the following:
* if 5% or more PEBs are corrupted, refuse the flash
* if less than 5% PEBs are corrupted, do not refuse the flash
and format these PEBs
* if less than 8 PEBs are corrupted, format them silently, otherwise
print a warning message.
Reported-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Reviewed-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
This is just a preparation patch which introduces several
'struct ubi_scan_info' fields which count eraseblocks of different
types. This will be used later on to decide whether it is safe to
format the flash or not. No functional changes so far.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Reviewed-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
This patch introduces the %UBI_IO_BAD_HDR_READ return code for
the I/O level function. We will use this code in order to distinguish
between "corrupted header possibly because this is non-ubi data" and
"corrupted header possibly because of real data corruption and ECC error".
So far this patch does not introduce any functional change, just a
preparation.
This patch is pased on a patch from
Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Reviewed-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
