mtdchar: add MEMREAD ioctl · tjh.dev/kernel@095bb6e

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

mtdchar: add MEMREAD ioctl

User-space applications making use of MTD devices via /dev/mtd*
character devices currently have limited capabilities for reading data:

- only deprecated methods of accessing OOB layout information exist,

- there is no way to explicitly specify MTD operation mode to use; it
is auto-selected based on the MTD file mode (MTD_FILE_MODE_*) set
for the character device; in particular, this prevents using
MTD_OPS_AUTO_OOB for reads,

- all existing user-space interfaces which cause mtd_read() or
mtd_read_oob() to be called (via mtdchar_read() and
mtdchar_read_oob(), respectively) return success even when those
functions return -EUCLEAN or -EBADMSG; this renders user-space
applications using these interfaces unaware of any corrected
bitflips or uncorrectable ECC errors detected during reads.

Note that the existing MEMWRITE ioctl allows the MTD operation mode to
be explicitly set, allowing user-space applications to write page data
and OOB data without requiring them to know anything about the OOB
layout of the MTD device they are writing to (MTD_OPS_AUTO_OOB). Also,
the MEMWRITE ioctl does not mangle the return value of mtd_write_oob().

Add a new ioctl, MEMREAD, which addresses the above issues. It is
intended to be a read-side counterpart of the existing MEMWRITE ioctl.
Similarly to the latter, the read operation is performed in a loop which
processes at most mtd->erasesize bytes in each iteration. This is done
to prevent unbounded memory allocations caused by calling kmalloc() with
the 'size' argument taken directly from the struct mtd_read_req provided
by user space. However, the new ioctl is implemented so that the values
it returns match those that would have been returned if just a single
mtd_read_oob() call was issued to handle the entire read operation in
one go.

Note that while just returning -EUCLEAN or -EBADMSG to user space would
already be a valid and useful indication of the ECC algorithm detecting
errors during a read operation, that signal would not be granular enough
to cover all use cases. For example, knowing the maximum number of
bitflips detected in a single ECC step during a read operation performed
on a given page may be useful when dealing with an MTD partition whose
ECC layout varies across pages (e.g. a partition consisting of a
bootloader area using a "custom" ECC layout followed by data pages using
a "standard" ECC layout). To address that, include ECC statistics in
the structure returned to user space by the new MEMREAD ioctl.

Link: https://www.infradead.org/pipermail/linux-mtd/2016-April/067085.html

Suggested-by: Boris Brezillon <boris.brezillon@collabora.com>
Signed-off-by: Michał Kępień <kernel@kempniu.pl>
Acked-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Link: https://lore.kernel.org/linux-mtd/20220629125737.14418-5-kernel@kempniu.pl

authored by

Michał Kępień and committed by

Miquel Raynal 3 years ago 095bb6e4 7bea6056

+198 -5

2 changed files

expand all

drivers

mtd

mtdchar.c

include

uapi

mtd

mtd-abi.h

+139

drivers/mtd/mtdchar.c

··· 688 688 return ret; 689 689 } 690 690 691 + static int mtdchar_read_ioctl(struct mtd_info *mtd, 692 + struct mtd_read_req __user *argp) 693 + { 694 + struct mtd_info *master = mtd_get_master(mtd); 695 + struct mtd_read_req req; 696 + void __user *usr_data, *usr_oob; 697 + uint8_t *datbuf = NULL, *oobbuf = NULL; 698 + size_t datbuf_len, oobbuf_len; 699 + size_t orig_len, orig_ooblen; 700 + int ret = 0; 701 + 702 + if (copy_from_user(&req, argp, sizeof(req))) 703 + return -EFAULT; 704 + 705 + orig_len = req.len; 706 + orig_ooblen = req.ooblen; 707 + 708 + usr_data = (void __user *)(uintptr_t)req.usr_data; 709 + usr_oob = (void __user *)(uintptr_t)req.usr_oob; 710 + 711 + if (!master->_read_oob) 712 + return -EOPNOTSUPP; 713 + 714 + if (!usr_data) 715 + req.len = 0; 716 + 717 + if (!usr_oob) 718 + req.ooblen = 0; 719 + 720 + req.ecc_stats.uncorrectable_errors = 0; 721 + req.ecc_stats.corrected_bitflips = 0; 722 + req.ecc_stats.max_bitflips = 0; 723 + 724 + req.len &= 0xffffffff; 725 + req.ooblen &= 0xffffffff; 726 + 727 + if (req.start + req.len > mtd->size) { 728 + ret = -EINVAL; 729 + goto out; 730 + } 731 + 732 + datbuf_len = min_t(size_t, req.len, mtd->erasesize); 733 + if (datbuf_len > 0) { 734 + datbuf = kvmalloc(datbuf_len, GFP_KERNEL); 735 + if (!datbuf) { 736 + ret = -ENOMEM; 737 + goto out; 738 + } 739 + } 740 + 741 + oobbuf_len = min_t(size_t, req.ooblen, mtd->erasesize); 742 + if (oobbuf_len > 0) { 743 + oobbuf = kvmalloc(oobbuf_len, GFP_KERNEL); 744 + if (!oobbuf) { 745 + ret = -ENOMEM; 746 + goto out; 747 + } 748 + } 749 + 750 + while (req.len > 0 || (!usr_data && req.ooblen > 0)) { 751 + struct mtd_req_stats stats; 752 + struct mtd_oob_ops ops = { 753 + .mode = req.mode, 754 + .len = min_t(size_t, req.len, datbuf_len), 755 + .ooblen = min_t(size_t, req.ooblen, oobbuf_len), 756 + .datbuf = datbuf, 757 + .oobbuf = oobbuf, 758 + .stats = &stats, 759 + }; 760 + 761 + /* 762 + * Shorten non-page-aligned, eraseblock-sized reads so that the 763 + * read ends on an eraseblock boundary. This is necessary in 764 + * order to prevent OOB data for some pages from being 765 + * duplicated in the output of non-page-aligned reads requiring 766 + * multiple mtd_read_oob() calls to be completed. 767 + */ 768 + if (ops.len == mtd->erasesize) 769 + ops.len -= mtd_mod_by_ws(req.start + ops.len, mtd); 770 + 771 + ret = mtd_read_oob(mtd, (loff_t)req.start, &ops); 772 + 773 + req.ecc_stats.uncorrectable_errors += 774 + stats.uncorrectable_errors; 775 + req.ecc_stats.corrected_bitflips += stats.corrected_bitflips; 776 + req.ecc_stats.max_bitflips = 777 + max(req.ecc_stats.max_bitflips, stats.max_bitflips); 778 + 779 + if (ret && !mtd_is_bitflip_or_eccerr(ret)) 780 + break; 781 + 782 + if (copy_to_user(usr_data, ops.datbuf, ops.retlen) || 783 + copy_to_user(usr_oob, ops.oobbuf, ops.oobretlen)) { 784 + ret = -EFAULT; 785 + break; 786 + } 787 + 788 + req.start += ops.retlen; 789 + req.len -= ops.retlen; 790 + usr_data += ops.retlen; 791 + 792 + req.ooblen -= ops.oobretlen; 793 + usr_oob += ops.oobretlen; 794 + } 795 + 796 + /* 797 + * As multiple iterations of the above loop (and therefore multiple 798 + * mtd_read_oob() calls) may be necessary to complete the read request, 799 + * adjust the final return code to ensure it accounts for all detected 800 + * ECC errors. 801 + */ 802 + if (!ret || mtd_is_bitflip(ret)) { 803 + if (req.ecc_stats.uncorrectable_errors > 0) 804 + ret = -EBADMSG; 805 + else if (req.ecc_stats.corrected_bitflips > 0) 806 + ret = -EUCLEAN; 807 + } 808 + 809 + out: 810 + req.len = orig_len - req.len; 811 + req.ooblen = orig_ooblen - req.ooblen; 812 + 813 + if (copy_to_user(argp, &req, sizeof(req))) 814 + ret = -EFAULT; 815 + 816 + kvfree(datbuf); 817 + kvfree(oobbuf); 818 + 819 + return ret; 820 + } 821 + 691 822 static int mtdchar_ioctl(struct file *file, u_int cmd, u_long arg) 692 823 { 693 824 struct mtd_file_info *mfi = file->private_data; ··· 841 710 case MEMGETINFO: 842 711 case MEMREADOOB: 843 712 case MEMREADOOB64: 713 + case MEMREAD: 844 714 case MEMISLOCKED: 845 715 case MEMGETOOBSEL: 846 716 case MEMGETBADBLOCK: ··· 1013 881 { 1014 882 ret = mtdchar_write_ioctl(mtd, 1015 883 (struct mtd_write_req __user *)arg); 884 + break; 885 + } 886 + 887 + case MEMREAD: 888 + { 889 + ret = mtdchar_read_ioctl(mtd, 890 + (struct mtd_read_req __user *)arg); 1016 891 break; 1017 892 } 1018 893

+59 -5

include/uapi/mtd/mtd-abi.h

··· 55 55 * @MTD_OPS_RAW: data are transferred as-is, with no error correction; 56 56 * this mode implies %MTD_OPS_PLACE_OOB 57 57 * 58 - * These modes can be passed to ioctl(MEMWRITE) and are also used internally. 59 - * See notes on "MTD file modes" for discussion on %MTD_OPS_RAW vs. 60 - * %MTD_FILE_MODE_RAW. 58 + * These modes can be passed to ioctl(MEMWRITE) and ioctl(MEMREAD); they are 59 + * also used internally. See notes on "MTD file modes" for discussion on 60 + * %MTD_OPS_RAW vs. %MTD_FILE_MODE_RAW. 61 61 */ 62 62 enum { 63 63 MTD_OPS_PLACE_OOB = 0, ··· 89 89 __u64 usr_oob; 90 90 __u8 mode; 91 91 __u8 padding[7]; 92 + }; 93 + 94 + /** 95 + * struct mtd_read_req_ecc_stats - ECC statistics for a read operation 96 + * 97 + * @uncorrectable_errors: the number of uncorrectable errors that happened 98 + * during the read operation 99 + * @corrected_bitflips: the number of bitflips corrected during the read 100 + * operation 101 + * @max_bitflips: the maximum number of bitflips detected in any single ECC 102 + * step for the data read during the operation; this information 103 + * can be used to decide whether the data stored in a specific 104 + * region of the MTD device should be moved somewhere else to 105 + * avoid data loss. 106 + */ 107 + struct mtd_read_req_ecc_stats { 108 + __u32 uncorrectable_errors; 109 + __u32 corrected_bitflips; 110 + __u32 max_bitflips; 111 + }; 112 + 113 + /** 114 + * struct mtd_read_req - data structure for requesting a read operation 115 + * 116 + * @start: start address 117 + * @len: length of data buffer (only lower 32 bits are used) 118 + * @ooblen: length of OOB buffer (only lower 32 bits are used) 119 + * @usr_data: user-provided data buffer 120 + * @usr_oob: user-provided OOB buffer 121 + * @mode: MTD mode (see "MTD operation modes") 122 + * @padding: reserved, must be set to 0 123 + * @ecc_stats: ECC statistics for the read operation 124 + * 125 + * This structure supports ioctl(MEMREAD) operations, allowing data and/or OOB 126 + * reads in various modes. To read from OOB-only, set @usr_data == NULL, and to 127 + * read data-only, set @usr_oob == NULL. However, setting both @usr_data and 128 + * @usr_oob to NULL is not allowed. 129 + */ 130 + struct mtd_read_req { 131 + __u64 start; 132 + __u64 len; 133 + __u64 ooblen; 134 + __u64 usr_data; 135 + __u64 usr_oob; 136 + __u8 mode; 137 + __u8 padding[7]; 138 + struct mtd_read_req_ecc_stats ecc_stats; 92 139 }; 93 140 94 141 #define MTD_ABSENT 0 ··· 254 207 #define MEMWRITE _IOWR('M', 24, struct mtd_write_req) 255 208 /* Erase a given range of user data (must be in mode %MTD_FILE_MODE_OTP_USER) */ 256 209 #define OTPERASE _IOW('M', 25, struct otp_info) 210 + /* 211 + * Most generic read interface; can read in-band and/or out-of-band in various 212 + * modes (see "struct mtd_read_req"). This ioctl is not supported for flashes 213 + * without OOB, e.g., NOR flash. 214 + */ 215 + #define MEMREAD _IOWR('M', 26, struct mtd_read_req) 257 216 258 217 /* 259 218 * Obsolete legacy interface. Keep it in order not to break userspace ··· 323 270 * Note: %MTD_FILE_MODE_RAW provides the same functionality as %MTD_OPS_RAW - 324 271 * raw access to the flash, without error correction or autoplacement schemes. 325 272 * Wherever possible, the MTD_OPS_* mode will override the MTD_FILE_MODE_* mode 326 - * (e.g., when using ioctl(MEMWRITE)), but in some cases, the MTD_FILE_MODE is 327 - * used out of necessity (e.g., `write()', ioctl(MEMWRITEOOB64)). 273 + * (e.g., when using ioctl(MEMWRITE) or ioctl(MEMREAD)), but in some cases, the 274 + * MTD_FILE_MODE is used out of necessity (e.g., `write()', 275 + * ioctl(MEMWRITEOOB64)). 328 276 */ 329 277 enum mtd_file_modes { 330 278 MTD_FILE_MODE_NORMAL = MTD_OTP_OFF,