| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pflash -i is currently broken due to this commit
commit 602dee4505cd0ceb5b69f056ec403f982b585791
Author: Cyril Bur <cyril.bur@au1.ibm.com>
libflash/libffs: Rework libffs
It's output doesn't correctly detect the last partition and continues
printing forever.
This fixes it by returning null when we don't find a partition in
ffs_get_part().
Signed-off-by: Michael Neuling <mikey@neuling.org>
Acked-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
| |
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch attempts a rework of libffs to prepare it for future changes.
Firstly the types are split in two:
1. Packed, big endian structures used to map exactly how the data is on flash.
2. CPU endian, sane valued, not packed structures used to manipulate FFS data.
Secondly:
The packed struct can use BE types so that in future tools like sparse can be
run over the code to check for endian conversion bugs.
Thirdly:
defines of sizeof(struct ...) were removed for clarity.
Finally:
For ease of manipulation, the in memory FFS structures contain a linked list of
entries as this will make addition and removal operations much easier.
This patch should be invisible to consumers of libffs.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
| |
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
| |
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the policy for calling ECC protecting a range at the
blocklevel layer is that the requested region be completely
unprotected otherwise the call will return an error. It turns out that
duplicate calls to ffs_init() with true as the last parameter (for the
same blocklevel structure) will cause duplicate attempts to
ecc_protect() ranges.
Change the policy within blocklevel to allow duplicate protecting.
In fact the new policy almost guarantees no failure (baring something
odd like malloc() failing). It will detect that the range is currently
already fully protected and do nothing, detect that part of the range
is or is not and extend the existing range or detect that a range fits
perfectly between two ranges in which case it will merge the ranges.
Also adjust tests to match the new policy.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current flash code was written with only one flash chip, which is
a system_flash (ie. the PNOR image), in mind.
Now that we have mambo bogusdisk flash, we can have many flash chips.
This is resulting in some confusing output messages.
This reworks some of the error paths and warnings to make this more
coherent when we have multiple flash chips.
We assume everything can be a system flash, so I've removed the
is_system_flash parameter from flash_register(). We'll use the first
system flash we find and warn if we find another since discovery order
is not a guaranteed API.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Acked-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the size of flash 64 bit safe so that we can have flash
devices greater than 4GB. This is especially useful for mambo disks
passed through to Linux.
Fortunately the device tree interface and the linux device driver are
64bit safe so no changes are required there.
Userspace gard and flash tools are also updated to ensure "make check"
still passes.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Reviewed-by: Cyril Bur <cyrilbur@gmail.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
Quite a lot of code relies on values read from flash. These values
shouldn't be totally trusted without at least basic sanity checks.
Fixes coverity bug: 119719
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When flash controllers get deconfigured or yanked out from under these
tools flash accesses tend to just return all 0xFF bytes.
libffs is usually the first thing to do reads and will fail parsing its
partition structures. This patch adds reporting when it fails to parse
because it got all 0xFF bytes.
The idea is that this will help debugging by splitting the possible reasons
for a failed init into 1) flash controller issue or reading erased flash 2)
flash corruption or not valid reading partition data. These two cases are
nice to be able to separate as early as possible as they usually mean two
quite different type of bugs.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently there are two error cases that ffs_next_side() may hit and will
leave the return pointer untouched. This isn't a huge problem as the caller
should be checking the return value anyway but as we know, callers don't
always do that.
It doesn't hurt for ffs_next_side() to make it as clear as possible that it
encountered a problem.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Reviewed-by: Sam Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some confusion has arisen from the first consumer of ffs_cmp() in that they
expected a strcmp style less than one, zero or greater than one return value.
This has been addressed in this patch in two ways, by changing the return
type to a boolean in order to (attempt) to alert the programmer that this
is not the case and by renaming it to equal to avoid the implied comparison
and imply very much a boolean outcome.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Reviewed-by: Sam Mendoza-Jonas <sam@mendozajonas.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some FFS structures will have a partition called "OTHER_SIDE", this is a
pointer to another ffs TOC on which another ffs_handle can be instantiated.
Currently users of libffs would have to query for the presence of this
partition and then initialise a new ffs_handle themselves. As accessing the
"other" side appears to be becoming a common operation this convenience
function should prove useful.
Furthermore, it is possible for these multiTOC flash chips to be circular,
that is the "OTHER_SIDE" partition of 'secondary' TOC points back to the
initial TOC. The solution is to add a comparison function capable of
detecting when repeated calls to ffs_next_side() go full circle. It should
be noted here that this is all the comparator function is designed to
detect, it will not be able to detect two identical TOCs opened with
different blocklevel_devices as this would require the ability to compare
blocklevel_devices.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
The utility of this function has been superceeded by blocklevel code and is
no longer called from anywhere, it can be removed.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
Simply isn't used anymore since libffs knows how to use the blocklevel
interface.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
| |
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
| |
fixes.
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
| |
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current packaging builds (which specify -O2) fail for me, with:
CC libffs.o
../../libflash/libffs.c: In function ffs_init:
../../libflash/libffs.c:149:8: error: start may be used uninitialized in this
function [-Werror=maybe-uninitialized]
rc = blocklevel_ecc_protect(bl, start, total_size);
^
../../libflash/libffs.c:149:8: error: total_size may be used uninitialized in
this function [-Werror=maybe-uninitialized]
../../libflash/libffs.c:148:7: error: ecc may be used uninitialized in this
function [-Werror=maybe-uninitialized]
if (ecc) {
^
cc1: all warnings being treated as errors
This is because we're not checking for the return value of
ffs_part_info, which may return with start/total_size/ecc uninitialised.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check for the return value from blocklevel_ecc_protect(), while
registering regions of the flash and log error incase the return
registration of region fails.
Fixes Coverity defect#101019
Signed-off-by: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>
Reviewed-By: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Passing a flag on libffs init will register all regions of the flash with
ecc (as per the libffs partition information) as being ecc protected (or
not).
This saves the consumer needing to know or care about the presence of ecc.
Reviewed-By: Alistair Popple <alistair@popple.id.au>
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
Converted all the libflash calls to use the blocklevel interface, modified all
callers to libflash to use the blocklevel interface.
This patch should introduce next to no functional change.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
| |
The accessor for ffs partition entries should be adding the offset of the TOC
to the absolute address of the partition entries as the TOC is not necessarily
at 0 within in the flash.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Reviewed-By: Alistair Popple <alistair@popple.id.au>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The word offset can be ambiguous, it can be unclear what offset the variable
refers to or what it is the offset of. As this library now has to deal with
flash with more than one libffs TOC, it makes sense to rename all uses of
'offset' to 'toc_offset' which relate to the offset of the TOC within in the
flash.
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Reviewed-By: Alistair Popple <alistair@popple.id.au>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
ffs_open_image is like ffs_open_flash, but it can operate on a file
descriptor to a pnor image instead of a flash device.
It is currently disabled in skiboot as it does not provide the read
and lseek used by libffs.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We have ffs_flash_read to do optionally-ecc-ed reads of flash data.
However, this isn't really related to the ffs partitioning.
This change moves ffs_flash_read into libflash.c, named
flash_read_corrected. The function itself isn't changed.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
libflash should be compilable without the skiboot definitions.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Reviewed-By: Joel Stanley <joel@jms.id.au>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ecc.h header is used by libflash, so should sit in libflash, to
allow non-skiboot tools to access it.
This change is a simple move of the header file - no changes are made to
the header itself.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Reviewed-By: Joel Stanley <joel@jms.id.au>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
Add ffs_flash_read() which mimics flash_read() but handles ECC checking,
correction and uncorrectable errors.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
Add ecc parmenter to ffs_part_info() to indicate if the partition is ECC
protected or not. Fix all call sites.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
|
| |
This adds the correct user structure to ffs_entry as defined from hostboot.
No functional changes.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
|
|
|
|
|
|
| |
In some parts of libffs we access struct ffs_entry with endian access and in
other parts we don't. This adds a comment to clarify why we do this.
Signed-off-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
|
|
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|