1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
|
/* Copyright 2013-2017 IBM Corp.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <stdbool.h>
#include <errno.h>
#include <string.h>
#include <inttypes.h>
#include <libflash/errors.h>
#include "blocklevel.h"
#include "ecc.h"
#define PROT_REALLOC_NUM 25
/* This function returns tristate values.
* 1 - The region is ECC protected
* 0 - The region is not ECC protected
* -1 - Partially protected
*/
static int ecc_protected(struct blocklevel_device *bl, uint64_t pos, uint64_t len)
{
int i;
/* Length of 0 is nonsensical so add 1 */
if (len == 0)
len = 1;
for (i = 0; i < bl->ecc_prot.n_prot; i++) {
/* Fits entirely within the range */
if (bl->ecc_prot.prot[i].start <= pos && bl->ecc_prot.prot[i].start + bl->ecc_prot.prot[i].len >= pos + len)
return 1;
/*
* Since we merge regions on inserting we can be sure that a
* partial fit means that the non fitting region won't fit in another ecc
* region
*/
if ((bl->ecc_prot.prot[i].start >= pos && bl->ecc_prot.prot[i].start < pos + len) ||
(bl->ecc_prot.prot[i].start <= pos && bl->ecc_prot.prot[i].start + bl->ecc_prot.prot[i].len > pos))
return -1;
}
return 0;
}
static int reacquire(struct blocklevel_device *bl)
{
if (!bl->keep_alive && bl->reacquire)
return bl->reacquire(bl);
return 0;
}
static int release(struct blocklevel_device *bl)
{
int rc = 0;
if (!bl->keep_alive && bl->release) {
/* This is the error return path a lot, preserve errno */
int err = errno;
rc = bl->release(bl);
errno = err;
}
return rc;
}
int blocklevel_raw_read(struct blocklevel_device *bl, uint64_t pos, void *buf, uint64_t len)
{
int rc;
FL_DBG("%s: 0x%" PRIx64 "\t%p\t0x%" PRIx64 "\n", __func__, pos, buf, len);
if (!bl || !bl->read || !buf) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
rc = reacquire(bl);
if (rc)
return rc;
rc = bl->read(bl, pos, buf, len);
release(bl);
return rc;
}
int blocklevel_read(struct blocklevel_device *bl, uint64_t pos, void *buf, uint64_t len)
{
int rc;
struct ecc64 *buffer;
uint64_t ecc_len = ecc_buffer_size(len);
FL_DBG("%s: 0x%" PRIx64 "\t%p\t0x%" PRIx64 "\n", __func__, pos, buf, len);
if (!bl || !buf) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
if (!ecc_protected(bl, pos, len))
return blocklevel_raw_read(bl, pos, buf, len);
FL_DBG("%s: region has ECC\n", __func__);
buffer = malloc(ecc_len);
if (!buffer) {
errno = ENOMEM;
rc = FLASH_ERR_MALLOC_FAILED;
goto out;
}
rc = blocklevel_raw_read(bl, pos, buffer, ecc_len);
if (rc)
goto out;
if (memcpy_from_ecc(buf, buffer, len)) {
errno = EBADF;
rc = FLASH_ERR_ECC_INVALID;
}
out:
free(buffer);
return rc;
}
int blocklevel_raw_write(struct blocklevel_device *bl, uint64_t pos,
const void *buf, uint64_t len)
{
int rc;
FL_DBG("%s: 0x%" PRIx64 "\t%p\t0x%" PRIx64 "\n", __func__, pos, buf, len);
if (!bl || !bl->write || !buf) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
rc = reacquire(bl);
if (rc)
return rc;
rc = bl->write(bl, pos, buf, len);
release(bl);
return rc;
}
int blocklevel_write(struct blocklevel_device *bl, uint64_t pos, const void *buf,
uint64_t len)
{
int rc;
struct ecc64 *buffer;
uint64_t ecc_len = ecc_buffer_size(len);
FL_DBG("%s: 0x%" PRIx64 "\t%p\t0x%" PRIx64 "\n", __func__, pos, buf, len);
if (!bl || !buf) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
if (!ecc_protected(bl, pos, len))
return blocklevel_raw_write(bl, pos, buf, len);
FL_DBG("%s: region has ECC\n", __func__);
buffer = malloc(ecc_len);
if (!buffer) {
errno = ENOMEM;
rc = FLASH_ERR_MALLOC_FAILED;
goto out;
}
if (memcpy_to_ecc(buffer, buf, len)) {
errno = EBADF;
rc = FLASH_ERR_ECC_INVALID;
goto out;
}
rc = blocklevel_raw_write(bl, pos, buffer, ecc_len);
out:
free(buffer);
return rc;
}
int blocklevel_erase(struct blocklevel_device *bl, uint64_t pos, uint64_t len)
{
int rc;
if (!bl || !bl->erase) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
FL_DBG("%s: 0x%" PRIx64 "\t0x%" PRIx64 "\n", __func__, pos, len);
/* Programmer may be making a horrible mistake without knowing it */
if (pos & bl->erase_mask) {
FL_ERR("blocklevel_erase: pos (0x%"PRIx64") is not erase block (0x%08x) aligned\n",
pos, bl->erase_mask + 1);
return FLASH_ERR_ERASE_BOUNDARY;
}
if (len & bl->erase_mask) {
FL_ERR("blocklevel_erase: len (0x%"PRIx64") is not erase block (0x%08x) aligned\n",
len, bl->erase_mask + 1);
return FLASH_ERR_ERASE_BOUNDARY;
}
rc = reacquire(bl);
if (rc)
return rc;
rc = bl->erase(bl, pos, len);
release(bl);
return rc;
}
int blocklevel_get_info(struct blocklevel_device *bl, const char **name, uint64_t *total_size,
uint32_t *erase_granule)
{
int rc;
if (!bl || !bl->get_info) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
rc = reacquire(bl);
if (rc)
return rc;
rc = bl->get_info(bl, name, total_size, erase_granule);
/* Check the validity of what we are being told */
if (erase_granule && *erase_granule != bl->erase_mask + 1)
FL_ERR("blocklevel_get_info: WARNING: erase_granule (0x%08x) and erase_mask"
" (0x%08x) don't match\n", *erase_granule, bl->erase_mask + 1);
release(bl);
return rc;
}
/*
* Compare flash and memory to determine if:
* a) Erase must happen before write
* b) Flash and memory are identical
* c) Flash can simply be written to
*
* returns -1 for a
* returns 0 for b
* returns 1 for c
*/
static int blocklevel_flashcmp(const void *flash_buf, const void *mem_buf, uint64_t len)
{
uint64_t i;
int same = true;
const uint8_t *f_buf, *m_buf;
f_buf = flash_buf;
m_buf = mem_buf;
for (i = 0; i < len; i++) {
if (m_buf[i] & ~f_buf[i])
return -1;
if (same && (m_buf[i] != f_buf[i]))
same = false;
}
return same ? 0 : 1;
}
int blocklevel_smart_erase(struct blocklevel_device *bl, uint64_t pos, uint64_t len)
{
uint64_t block_size;
void *erase_buf;
int rc;
if (!bl) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
FL_DBG("%s: 0x%" PRIx64 "\t0x%" PRIx64 "\n", __func__, pos, len);
/* Nothing smart needs to be done, pos and len are aligned */
if ((pos & bl->erase_mask) == 0 && (len & bl->erase_mask) == 0) {
FL_DBG("%s: Skipping smarts everything is aligned 0x%" PRIx64 " 0x%" PRIx64
"to 0x%08x\n", __func__, pos, len, bl->erase_mask);
return blocklevel_erase(bl, pos, len);
}
block_size = bl->erase_mask + 1;
erase_buf = malloc(block_size);
if (!erase_buf) {
errno = ENOMEM;
return FLASH_ERR_MALLOC_FAILED;
}
rc = reacquire(bl);
if (rc) {
free(erase_buf);
return rc;
}
if (pos & bl->erase_mask) {
/*
* base_pos and base_len are the values in the first erase
* block that we need to preserve: the region up to pos.
*/
uint64_t base_pos = pos & ~(bl->erase_mask);
uint64_t base_len = pos - base_pos;
FL_DBG("%s: preserving 0x%" PRIx64 "..0x%" PRIx64 "\n",
__func__, base_pos, base_pos + base_len);
/*
* Read the entire block in case this is the ONLY block we're
* modifying, we may need the end chunk of it later
*/
rc = bl->read(bl, base_pos, erase_buf, block_size);
if (rc)
goto out;
rc = bl->erase(bl, base_pos, block_size);
if (rc)
goto out;
rc = bl->write(bl, base_pos, erase_buf, base_len);
if (rc)
goto out;
/*
* The requested erase fits entirely into this erase block and
* so we need to write back the chunk at the end of the block
*/
if (base_pos + base_len + len < base_pos + block_size) {
rc = bl->write(bl, pos + len, erase_buf + pos + len,
block_size - base_len - len);
FL_DBG("%s: Early exit, everything was in one erase block\n",
__func__);
goto out;
}
pos += block_size - base_len;
len -= block_size - base_len;
}
/* Now we should be aligned, best to double check */
if (pos & bl->erase_mask) {
FL_DBG("%s:pos 0x%" PRIx64 " isn't erase_mask 0x%08x aligned\n",
__func__, pos, bl->erase_mask);
rc = FLASH_ERR_PARM_ERROR;
goto out;
}
if (len & ~(bl->erase_mask)) {
rc = bl->erase(bl, pos, len & ~(bl->erase_mask));
if (rc)
goto out;
pos += len & ~(bl->erase_mask);
len -= len & ~(bl->erase_mask);
}
/* Length should be less than a block now */
if (len > block_size) {
FL_DBG("%s: len 0x%" PRIx64 " is still exceeds block_size 0x%" PRIx64 "\n",
__func__, len, block_size);
rc = FLASH_ERR_PARM_ERROR;
goto out;
}
if (len & bl->erase_mask) {
/*
* top_pos is the first byte that must be preserved and
* top_len is the length from top_pos to the end of the erase
* block: the region that must be preserved
*/
uint64_t top_pos = pos + len;
uint64_t top_len = block_size - len;
FL_DBG("%s: preserving 0x%" PRIx64 "..0x%" PRIx64 "\n",
__func__, top_pos, top_pos + top_len);
rc = bl->read(bl, top_pos, erase_buf, top_len);
if (rc)
goto out;
rc = bl->erase(bl, pos, block_size);
if (rc)
goto out;
rc = bl->write(bl, top_pos, erase_buf, top_len);
if (rc)
goto out;
}
out:
free(erase_buf);
release(bl);
return rc;
}
int blocklevel_smart_write(struct blocklevel_device *bl, uint64_t pos, const void *buf, uint64_t len)
{
uint32_t erase_size;
const void *write_buf = buf;
void *write_buf_start = NULL;
void *erase_buf;
int rc = 0;
if (!write_buf || !bl) {
errno = EINVAL;
return FLASH_ERR_PARM_ERROR;
}
FL_DBG("%s: 0x%" PRIx64 "\t0x%" PRIx64 "\n", __func__, pos, len);
if (!(bl->flags & WRITE_NEED_ERASE)) {
FL_DBG("%s: backend doesn't need erase\n", __func__);
return blocklevel_write(bl, pos, buf, len);
}
rc = blocklevel_get_info(bl, NULL, NULL, &erase_size);
if (rc)
return rc;
if (ecc_protected(bl, pos, len)) {
FL_DBG("%s: region has ECC\n", __func__);
len = ecc_buffer_size(len);
write_buf_start = malloc(len);
if (!write_buf_start) {
errno = ENOMEM;
return FLASH_ERR_MALLOC_FAILED;
}
if (memcpy_to_ecc(write_buf_start, buf, ecc_buffer_size_minus_ecc(len))) {
free(write_buf_start);
errno = EBADF;
return FLASH_ERR_ECC_INVALID;
}
write_buf = write_buf_start;
}
erase_buf = malloc(erase_size);
if (!erase_buf) {
errno = ENOMEM;
rc = FLASH_ERR_MALLOC_FAILED;
goto out_free;
}
rc = reacquire(bl);
if (rc)
goto out_free;
while (len > 0) {
uint32_t erase_block = pos & ~(erase_size - 1);
uint32_t block_offset = pos & (erase_size - 1);
uint32_t size = erase_size > len ? len : erase_size;
int cmp;
/* Write crosses an erase boundary, shrink the write to the boundary */
if (erase_size < block_offset + size) {
size = erase_size - block_offset;
}
rc = bl->read(bl, erase_block, erase_buf, erase_size);
if (rc)
goto out;
cmp = blocklevel_flashcmp(erase_buf + block_offset, write_buf, size);
FL_DBG("%s: region 0x%08x..0x%08x ", __func__,
erase_block, erase_size);
if (cmp != 0) {
FL_DBG("needs ");
if (cmp == -1) {
FL_DBG("erase and ");
bl->erase(bl, erase_block, erase_size);
}
FL_DBG("write\n");
memcpy(erase_buf + block_offset, write_buf, size);
rc = bl->write(bl, erase_block, erase_buf, erase_size);
if (rc)
goto out;
}
len -= size;
pos += size;
write_buf += size;
}
out:
release(bl);
out_free:
free(write_buf_start);
free(erase_buf);
return rc;
}
static bool insert_bl_prot_range(struct blocklevel_range *ranges, struct bl_prot_range range)
{
int i;
uint32_t pos, len;
struct bl_prot_range *prot = ranges->prot;
pos = range.start;
len = range.len;
if (len == 0)
return true;
/* Check for overflow */
if (pos + len < len)
return false;
for (i = 0; i < ranges->n_prot && len > 0; i++) {
if (prot[i].start <= pos && prot[i].start + prot[i].len >= pos + len) {
len = 0;
FL_DBG("%s: breaking early\n", __func__);
break; /* Might as well, the next two conditions can't be true */
}
/* Can easily extend this down just by adjusting start */
if (pos <= prot[i].start && pos + len >= prot[i].start) {
FL_DBG("%s: extending start down\n", __func__);
prot[i].len += prot[i].start - pos;
prot[i].start = pos;
pos += prot[i].len;
if (prot[i].len >= len)
len = 0;
else
len -= prot[i].len;
}
/*
* Jump over this range but the new range might be so big that
* theres a chunk after
*/
if (pos >= prot[i].start && pos < prot[i].start + prot[i].len) {
FL_DBG("%s: fits within current range ", __func__);
if (prot[i].start + prot[i].len - pos > len) {
FL_DBG("but there is some extra at the end\n");
len -= prot[i].start + prot[i].len - pos;
pos = prot[i].start + prot[i].len;
} else {
FL_DBG("\n");
len = 0;
}
}
/*
* This condition will be true if the range is smaller than
* the current range, therefore it should go here!
*/
if (pos < prot[i].start && pos + len <= prot[i].start)
break;
}
if (len) {
int insert_pos = i;
struct bl_prot_range *new_ranges = ranges->prot;
FL_DBG("%s: adding 0x%08x..0x%08x\n", __func__, pos, pos + len);
if (ranges->n_prot == ranges->total_prot) {
new_ranges = realloc(ranges->prot,
sizeof(range) * ((ranges->n_prot) + PROT_REALLOC_NUM));
if (!new_ranges)
return false;
ranges->total_prot += PROT_REALLOC_NUM;
}
if (insert_pos != ranges->n_prot)
for (i = ranges->n_prot; i > insert_pos; i--)
memcpy(&new_ranges[i], &new_ranges[i - 1], sizeof(range));
range.start = pos;
range.len = len;
memcpy(&new_ranges[insert_pos], &range, sizeof(range));
ranges->prot = new_ranges;
ranges->n_prot++;
}
/* Probably only worth mergeing when we're low on space */
if (ranges->n_prot + 1 == ranges->total_prot) {
FL_DBG("%s: merging ranges\n", __func__);
/* Check to see if we can merge ranges */
for (i = 0; i < ranges->n_prot - 1; i++) {
if (prot[i].start + prot[i].len == prot[i + 1].start) {
int j;
FL_DBG("%s: merging 0x%" PRIx64 "..0x%" PRIx64 " with "
"0x%" PRIx64 "..0x%" PRIx64 "\n",
__func__, prot[i].start, prot[i].start + prot[i].len,
prot[i + 1].start, prot[i + 1].start + prot[i + 1].len);
prot[i].len += prot[i + 1].len;
for (j = i + 1; j < ranges->n_prot - 1; j++)
memcpy(&prot[j] , &prot[j + 1], sizeof(range));
ranges->n_prot--;
i--; /* Maybe the next one can merge too */
}
}
}
return true;
}
int blocklevel_ecc_protect(struct blocklevel_device *bl, uint32_t start, uint32_t len)
{
/*
* Could implement this at hardware level by having an accessor to the
* backend in struct blocklevel_device and as a result do nothing at
* this level (although probably not for ecc!)
*/
struct bl_prot_range range = { .start = start, .len = len };
if (len < BYTES_PER_ECC)
return -1;
return !insert_bl_prot_range(&bl->ecc_prot, range);
}
|