m68knommu: fix dereference of port.tty
[pandora-kernel.git] / drivers / mtd / inftlmount.c
1 /*
2  * inftlmount.c -- INFTL mount code with extensive checks.
3  *
4  * Author: Greg Ungerer (gerg@snapgear.com)
5  * Copyright © 2002-2003, Greg Ungerer (gerg@snapgear.com)
6  *
7  * Based heavily on the nftlmount.c code which is:
8  * Author: Fabrice Bellard (fabrice.bellard@netgem.com)
9  * Copyright © 2000 Netgem S.A.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; if not, write to the Free Software
23  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
24  */
25
26 #include <linux/kernel.h>
27 #include <linux/module.h>
28 #include <asm/errno.h>
29 #include <asm/io.h>
30 #include <asm/uaccess.h>
31 #include <linux/delay.h>
32 #include <linux/slab.h>
33 #include <linux/init.h>
34 #include <linux/mtd/mtd.h>
35 #include <linux/mtd/nftl.h>
36 #include <linux/mtd/inftl.h>
37
38 /*
39  * find_boot_record: Find the INFTL Media Header and its Spare copy which
40  *      contains the various device information of the INFTL partition and
41  *      Bad Unit Table. Update the PUtable[] table according to the Bad
42  *      Unit Table. PUtable[] is used for management of Erase Unit in
43  *      other routines in inftlcore.c and inftlmount.c.
44  */
45 static int find_boot_record(struct INFTLrecord *inftl)
46 {
47         struct inftl_unittail h1;
48         //struct inftl_oob oob;
49         unsigned int i, block;
50         u8 buf[SECTORSIZE];
51         struct INFTLMediaHeader *mh = &inftl->MediaHdr;
52         struct mtd_info *mtd = inftl->mbd.mtd;
53         struct INFTLPartition *ip;
54         size_t retlen;
55
56         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: find_boot_record(inftl=%p)\n", inftl);
57
58         /*
59          * Assume logical EraseSize == physical erasesize for starting the
60          * scan. We'll sort it out later if we find a MediaHeader which says
61          * otherwise.
62          */
63         inftl->EraseSize = inftl->mbd.mtd->erasesize;
64         inftl->nb_blocks = (u32)inftl->mbd.mtd->size / inftl->EraseSize;
65
66         inftl->MediaUnit = BLOCK_NIL;
67
68         /* Search for a valid boot record */
69         for (block = 0; block < inftl->nb_blocks; block++) {
70                 int ret;
71
72                 /*
73                  * Check for BNAND header first. Then whinge if it's found
74                  * but later checks fail.
75                  */
76                 ret = mtd->read(mtd, block * inftl->EraseSize,
77                                 SECTORSIZE, &retlen, buf);
78                 /* We ignore ret in case the ECC of the MediaHeader is invalid
79                    (which is apparently acceptable) */
80                 if (retlen != SECTORSIZE) {
81                         static int warncount = 5;
82
83                         if (warncount) {
84                                 printk(KERN_WARNING "INFTL: block read at 0x%x "
85                                         "of mtd%d failed: %d\n",
86                                         block * inftl->EraseSize,
87                                         inftl->mbd.mtd->index, ret);
88                                 if (!--warncount)
89                                         printk(KERN_WARNING "INFTL: further "
90                                                 "failures for this block will "
91                                                 "not be printed\n");
92                         }
93                         continue;
94                 }
95
96                 if (retlen < 6 || memcmp(buf, "BNAND", 6)) {
97                         /* BNAND\0 not found. Continue */
98                         continue;
99                 }
100
101                 /* To be safer with BIOS, also use erase mark as discriminant */
102                 ret = inftl_read_oob(mtd,
103                                      block * inftl->EraseSize + SECTORSIZE + 8,
104                                      8, &retlen,(char *)&h1);
105                 if (ret < 0) {
106                         printk(KERN_WARNING "INFTL: ANAND header found at "
107                                 "0x%x in mtd%d, but OOB data read failed "
108                                 "(err %d)\n", block * inftl->EraseSize,
109                                 inftl->mbd.mtd->index, ret);
110                         continue;
111                 }
112
113
114                 /*
115                  * This is the first we've seen.
116                  * Copy the media header structure into place.
117                  */
118                 memcpy(mh, buf, sizeof(struct INFTLMediaHeader));
119
120                 /* Read the spare media header at offset 4096 */
121                 mtd->read(mtd, block * inftl->EraseSize + 4096,
122                           SECTORSIZE, &retlen, buf);
123                 if (retlen != SECTORSIZE) {
124                         printk(KERN_WARNING "INFTL: Unable to read spare "
125                                "Media Header\n");
126                         return -1;
127                 }
128                 /* Check if this one is the same as the first one we found. */
129                 if (memcmp(mh, buf, sizeof(struct INFTLMediaHeader))) {
130                         printk(KERN_WARNING "INFTL: Primary and spare Media "
131                                "Headers disagree.\n");
132                         return -1;
133                 }
134
135                 mh->NoOfBootImageBlocks = le32_to_cpu(mh->NoOfBootImageBlocks);
136                 mh->NoOfBinaryPartitions = le32_to_cpu(mh->NoOfBinaryPartitions);
137                 mh->NoOfBDTLPartitions = le32_to_cpu(mh->NoOfBDTLPartitions);
138                 mh->BlockMultiplierBits = le32_to_cpu(mh->BlockMultiplierBits);
139                 mh->FormatFlags = le32_to_cpu(mh->FormatFlags);
140                 mh->PercentUsed = le32_to_cpu(mh->PercentUsed);
141
142 #ifdef CONFIG_MTD_DEBUG_VERBOSE
143                 if (CONFIG_MTD_DEBUG_VERBOSE >= 2) {
144                         printk("INFTL: Media Header ->\n"
145                                 "    bootRecordID          = %s\n"
146                                 "    NoOfBootImageBlocks   = %d\n"
147                                 "    NoOfBinaryPartitions  = %d\n"
148                                 "    NoOfBDTLPartitions    = %d\n"
149                                 "    BlockMultiplerBits    = %d\n"
150                                 "    FormatFlgs            = %d\n"
151                                 "    OsakVersion           = 0x%x\n"
152                                 "    PercentUsed           = %d\n",
153                                 mh->bootRecordID, mh->NoOfBootImageBlocks,
154                                 mh->NoOfBinaryPartitions,
155                                 mh->NoOfBDTLPartitions,
156                                 mh->BlockMultiplierBits, mh->FormatFlags,
157                                 mh->OsakVersion, mh->PercentUsed);
158                 }
159 #endif
160
161                 if (mh->NoOfBDTLPartitions == 0) {
162                         printk(KERN_WARNING "INFTL: Media Header sanity check "
163                                 "failed: NoOfBDTLPartitions (%d) == 0, "
164                                 "must be at least 1\n", mh->NoOfBDTLPartitions);
165                         return -1;
166                 }
167
168                 if ((mh->NoOfBDTLPartitions + mh->NoOfBinaryPartitions) > 4) {
169                         printk(KERN_WARNING "INFTL: Media Header sanity check "
170                                 "failed: Total Partitions (%d) > 4, "
171                                 "BDTL=%d Binary=%d\n", mh->NoOfBDTLPartitions +
172                                 mh->NoOfBinaryPartitions,
173                                 mh->NoOfBDTLPartitions,
174                                 mh->NoOfBinaryPartitions);
175                         return -1;
176                 }
177
178                 if (mh->BlockMultiplierBits > 1) {
179                         printk(KERN_WARNING "INFTL: sorry, we don't support "
180                                 "UnitSizeFactor 0x%02x\n",
181                                 mh->BlockMultiplierBits);
182                         return -1;
183                 } else if (mh->BlockMultiplierBits == 1) {
184                         printk(KERN_WARNING "INFTL: support for INFTL with "
185                                 "UnitSizeFactor 0x%02x is experimental\n",
186                                 mh->BlockMultiplierBits);
187                         inftl->EraseSize = inftl->mbd.mtd->erasesize <<
188                                 mh->BlockMultiplierBits;
189                         inftl->nb_blocks = (u32)inftl->mbd.mtd->size / inftl->EraseSize;
190                         block >>= mh->BlockMultiplierBits;
191                 }
192
193                 /* Scan the partitions */
194                 for (i = 0; (i < 4); i++) {
195                         ip = &mh->Partitions[i];
196                         ip->virtualUnits = le32_to_cpu(ip->virtualUnits);
197                         ip->firstUnit = le32_to_cpu(ip->firstUnit);
198                         ip->lastUnit = le32_to_cpu(ip->lastUnit);
199                         ip->flags = le32_to_cpu(ip->flags);
200                         ip->spareUnits = le32_to_cpu(ip->spareUnits);
201                         ip->Reserved0 = le32_to_cpu(ip->Reserved0);
202
203 #ifdef CONFIG_MTD_DEBUG_VERBOSE
204                         if (CONFIG_MTD_DEBUG_VERBOSE >= 2) {
205                                 printk("    PARTITION[%d] ->\n"
206                                         "        virtualUnits    = %d\n"
207                                         "        firstUnit       = %d\n"
208                                         "        lastUnit        = %d\n"
209                                         "        flags           = 0x%x\n"
210                                         "        spareUnits      = %d\n",
211                                         i, ip->virtualUnits, ip->firstUnit,
212                                         ip->lastUnit, ip->flags,
213                                         ip->spareUnits);
214                         }
215 #endif
216
217                         if (ip->Reserved0 != ip->firstUnit) {
218                                 struct erase_info *instr = &inftl->instr;
219
220                                 instr->mtd = inftl->mbd.mtd;
221
222                                 /*
223                                  *      Most likely this is using the
224                                  *      undocumented qiuck mount feature.
225                                  *      We don't support that, we will need
226                                  *      to erase the hidden block for full
227                                  *      compatibility.
228                                  */
229                                 instr->addr = ip->Reserved0 * inftl->EraseSize;
230                                 instr->len = inftl->EraseSize;
231                                 mtd->erase(mtd, instr);
232                         }
233                         if ((ip->lastUnit - ip->firstUnit + 1) < ip->virtualUnits) {
234                                 printk(KERN_WARNING "INFTL: Media Header "
235                                         "Partition %d sanity check failed\n"
236                                         "    firstUnit %d : lastUnit %d  >  "
237                                         "virtualUnits %d\n", i, ip->lastUnit,
238                                         ip->firstUnit, ip->Reserved0);
239                                 return -1;
240                         }
241                         if (ip->Reserved1 != 0) {
242                                 printk(KERN_WARNING "INFTL: Media Header "
243                                         "Partition %d sanity check failed: "
244                                         "Reserved1 %d != 0\n",
245                                         i, ip->Reserved1);
246                                 return -1;
247                         }
248
249                         if (ip->flags & INFTL_BDTL)
250                                 break;
251                 }
252
253                 if (i >= 4) {
254                         printk(KERN_WARNING "INFTL: Media Header Partition "
255                                 "sanity check failed:\n       No partition "
256                                 "marked as Disk Partition\n");
257                         return -1;
258                 }
259
260                 inftl->nb_boot_blocks = ip->firstUnit;
261                 inftl->numvunits = ip->virtualUnits;
262                 if (inftl->numvunits > (inftl->nb_blocks -
263                     inftl->nb_boot_blocks - 2)) {
264                         printk(KERN_WARNING "INFTL: Media Header sanity check "
265                                 "failed:\n        numvunits (%d) > nb_blocks "
266                                 "(%d) - nb_boot_blocks(%d) - 2\n",
267                                 inftl->numvunits, inftl->nb_blocks,
268                                 inftl->nb_boot_blocks);
269                         return -1;
270                 }
271
272                 inftl->mbd.size  = inftl->numvunits *
273                         (inftl->EraseSize / SECTORSIZE);
274
275                 /*
276                  * Block count is set to last used EUN (we won't need to keep
277                  * any meta-data past that point).
278                  */
279                 inftl->firstEUN = ip->firstUnit;
280                 inftl->lastEUN = ip->lastUnit;
281                 inftl->nb_blocks = ip->lastUnit + 1;
282
283                 /* Memory alloc */
284                 inftl->PUtable = kmalloc(inftl->nb_blocks * sizeof(u16), GFP_KERNEL);
285                 if (!inftl->PUtable) {
286                         printk(KERN_WARNING "INFTL: allocation of PUtable "
287                                 "failed (%zd bytes)\n",
288                                 inftl->nb_blocks * sizeof(u16));
289                         return -ENOMEM;
290                 }
291
292                 inftl->VUtable = kmalloc(inftl->nb_blocks * sizeof(u16), GFP_KERNEL);
293                 if (!inftl->VUtable) {
294                         kfree(inftl->PUtable);
295                         printk(KERN_WARNING "INFTL: allocation of VUtable "
296                                 "failed (%zd bytes)\n",
297                                 inftl->nb_blocks * sizeof(u16));
298                         return -ENOMEM;
299                 }
300
301                 /* Mark the blocks before INFTL MediaHeader as reserved */
302                 for (i = 0; i < inftl->nb_boot_blocks; i++)
303                         inftl->PUtable[i] = BLOCK_RESERVED;
304                 /* Mark all remaining blocks as potentially containing data */
305                 for (; i < inftl->nb_blocks; i++)
306                         inftl->PUtable[i] = BLOCK_NOTEXPLORED;
307
308                 /* Mark this boot record (NFTL MediaHeader) block as reserved */
309                 inftl->PUtable[block] = BLOCK_RESERVED;
310
311                 /* Read Bad Erase Unit Table and modify PUtable[] accordingly */
312                 for (i = 0; i < inftl->nb_blocks; i++) {
313                         int physblock;
314                         /* If any of the physical eraseblocks are bad, don't
315                            use the unit. */
316                         for (physblock = 0; physblock < inftl->EraseSize; physblock += inftl->mbd.mtd->erasesize) {
317                                 if (inftl->mbd.mtd->block_isbad(inftl->mbd.mtd, i * inftl->EraseSize + physblock))
318                                         inftl->PUtable[i] = BLOCK_RESERVED;
319                         }
320                 }
321
322                 inftl->MediaUnit = block;
323                 return 0;
324         }
325
326         /* Not found. */
327         return -1;
328 }
329
330 static int memcmpb(void *a, int c, int n)
331 {
332         int i;
333         for (i = 0; i < n; i++) {
334                 if (c != ((unsigned char *)a)[i])
335                         return 1;
336         }
337         return 0;
338 }
339
340 /*
341  * check_free_sector: check if a free sector is actually FREE,
342  *      i.e. All 0xff in data and oob area.
343  */
344 static int check_free_sectors(struct INFTLrecord *inftl, unsigned int address,
345         int len, int check_oob)
346 {
347         u8 buf[SECTORSIZE + inftl->mbd.mtd->oobsize];
348         struct mtd_info *mtd = inftl->mbd.mtd;
349         size_t retlen;
350         int i;
351
352         for (i = 0; i < len; i += SECTORSIZE) {
353                 if (mtd->read(mtd, address, SECTORSIZE, &retlen, buf))
354                         return -1;
355                 if (memcmpb(buf, 0xff, SECTORSIZE) != 0)
356                         return -1;
357
358                 if (check_oob) {
359                         if(inftl_read_oob(mtd, address, mtd->oobsize,
360                                           &retlen, &buf[SECTORSIZE]) < 0)
361                                 return -1;
362                         if (memcmpb(buf + SECTORSIZE, 0xff, mtd->oobsize) != 0)
363                                 return -1;
364                 }
365                 address += SECTORSIZE;
366         }
367
368         return 0;
369 }
370
371 /*
372  * INFTL_format: format a Erase Unit by erasing ALL Erase Zones in the Erase
373  *               Unit and Update INFTL metadata. Each erase operation is
374  *               checked with check_free_sectors.
375  *
376  * Return: 0 when succeed, -1 on error.
377  *
378  * ToDo: 1. Is it neceressary to check_free_sector after erasing ??
379  */
380 int INFTL_formatblock(struct INFTLrecord *inftl, int block)
381 {
382         size_t retlen;
383         struct inftl_unittail uci;
384         struct erase_info *instr = &inftl->instr;
385         struct mtd_info *mtd = inftl->mbd.mtd;
386         int physblock;
387
388         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_formatblock(inftl=%p,"
389                 "block=%d)\n", inftl, block);
390
391         memset(instr, 0, sizeof(struct erase_info));
392
393         /* FIXME: Shouldn't we be setting the 'discarded' flag to zero
394            _first_? */
395
396         /* Use async erase interface, test return code */
397         instr->mtd = inftl->mbd.mtd;
398         instr->addr = block * inftl->EraseSize;
399         instr->len = inftl->mbd.mtd->erasesize;
400         /* Erase one physical eraseblock at a time, even though the NAND api
401            allows us to group them.  This way we if we have a failure, we can
402            mark only the failed block in the bbt. */
403         for (physblock = 0; physblock < inftl->EraseSize;
404              physblock += instr->len, instr->addr += instr->len) {
405                 mtd->erase(inftl->mbd.mtd, instr);
406
407                 if (instr->state == MTD_ERASE_FAILED) {
408                         printk(KERN_WARNING "INFTL: error while formatting block %d\n",
409                                 block);
410                         goto fail;
411                 }
412
413                 /*
414                  * Check the "freeness" of Erase Unit before updating metadata.
415                  * FixMe: is this check really necessary? Since we have check
416                  * the return code after the erase operation.
417                  */
418                 if (check_free_sectors(inftl, instr->addr, instr->len, 1) != 0)
419                         goto fail;
420         }
421
422         uci.EraseMark = cpu_to_le16(ERASE_MARK);
423         uci.EraseMark1 = cpu_to_le16(ERASE_MARK);
424         uci.Reserved[0] = 0;
425         uci.Reserved[1] = 0;
426         uci.Reserved[2] = 0;
427         uci.Reserved[3] = 0;
428         instr->addr = block * inftl->EraseSize + SECTORSIZE * 2;
429         if (inftl_write_oob(mtd, instr->addr + 8, 8, &retlen, (char *)&uci) < 0)
430                 goto fail;
431         return 0;
432 fail:
433         /* could not format, update the bad block table (caller is responsible
434            for setting the PUtable to BLOCK_RESERVED on failure) */
435         inftl->mbd.mtd->block_markbad(inftl->mbd.mtd, instr->addr);
436         return -1;
437 }
438
439 /*
440  * format_chain: Format an invalid Virtual Unit chain. It frees all the Erase
441  *      Units in a Virtual Unit Chain, i.e. all the units are disconnected.
442  *
443  *      Since the chain is invalid then we will have to erase it from its
444  *      head (normally for INFTL we go from the oldest). But if it has a
445  *      loop then there is no oldest...
446  */
447 static void format_chain(struct INFTLrecord *inftl, unsigned int first_block)
448 {
449         unsigned int block = first_block, block1;
450
451         printk(KERN_WARNING "INFTL: formatting chain at block %d\n",
452                 first_block);
453
454         for (;;) {
455                 block1 = inftl->PUtable[block];
456
457                 printk(KERN_WARNING "INFTL: formatting block %d\n", block);
458                 if (INFTL_formatblock(inftl, block) < 0) {
459                         /*
460                          * Cannot format !!!! Mark it as Bad Unit,
461                          */
462                         inftl->PUtable[block] = BLOCK_RESERVED;
463                 } else {
464                         inftl->PUtable[block] = BLOCK_FREE;
465                 }
466
467                 /* Goto next block on the chain */
468                 block = block1;
469
470                 if (block == BLOCK_NIL || block >= inftl->lastEUN)
471                         break;
472         }
473 }
474
475 void INFTL_dumptables(struct INFTLrecord *s)
476 {
477         int i;
478
479         printk("-------------------------------------------"
480                 "----------------------------------\n");
481
482         printk("VUtable[%d] ->", s->nb_blocks);
483         for (i = 0; i < s->nb_blocks; i++) {
484                 if ((i % 8) == 0)
485                         printk("\n%04x: ", i);
486                 printk("%04x ", s->VUtable[i]);
487         }
488
489         printk("\n-------------------------------------------"
490                 "----------------------------------\n");
491
492         printk("PUtable[%d-%d=%d] ->", s->firstEUN, s->lastEUN, s->nb_blocks);
493         for (i = 0; i <= s->lastEUN; i++) {
494                 if ((i % 8) == 0)
495                         printk("\n%04x: ", i);
496                 printk("%04x ", s->PUtable[i]);
497         }
498
499         printk("\n-------------------------------------------"
500                 "----------------------------------\n");
501
502         printk("INFTL ->\n"
503                 "  EraseSize       = %d\n"
504                 "  h/s/c           = %d/%d/%d\n"
505                 "  numvunits       = %d\n"
506                 "  firstEUN        = %d\n"
507                 "  lastEUN         = %d\n"
508                 "  numfreeEUNs     = %d\n"
509                 "  LastFreeEUN     = %d\n"
510                 "  nb_blocks       = %d\n"
511                 "  nb_boot_blocks  = %d",
512                 s->EraseSize, s->heads, s->sectors, s->cylinders,
513                 s->numvunits, s->firstEUN, s->lastEUN, s->numfreeEUNs,
514                 s->LastFreeEUN, s->nb_blocks, s->nb_boot_blocks);
515
516         printk("\n-------------------------------------------"
517                 "----------------------------------\n");
518 }
519
520 void INFTL_dumpVUchains(struct INFTLrecord *s)
521 {
522         int logical, block, i;
523
524         printk("-------------------------------------------"
525                 "----------------------------------\n");
526
527         printk("INFTL Virtual Unit Chains:\n");
528         for (logical = 0; logical < s->nb_blocks; logical++) {
529                 block = s->VUtable[logical];
530                 if (block > s->nb_blocks)
531                         continue;
532                 printk("  LOGICAL %d --> %d ", logical, block);
533                 for (i = 0; i < s->nb_blocks; i++) {
534                         if (s->PUtable[block] == BLOCK_NIL)
535                                 break;
536                         block = s->PUtable[block];
537                         printk("%d ", block);
538                 }
539                 printk("\n");
540         }
541
542         printk("-------------------------------------------"
543                 "----------------------------------\n");
544 }
545
546 int INFTL_mount(struct INFTLrecord *s)
547 {
548         struct mtd_info *mtd = s->mbd.mtd;
549         unsigned int block, first_block, prev_block, last_block;
550         unsigned int first_logical_block, logical_block, erase_mark;
551         int chain_length, do_format_chain;
552         struct inftl_unithead1 h0;
553         struct inftl_unittail h1;
554         size_t retlen;
555         int i;
556         u8 *ANACtable, ANAC;
557
558         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: INFTL_mount(inftl=%p)\n", s);
559
560         /* Search for INFTL MediaHeader and Spare INFTL Media Header */
561         if (find_boot_record(s) < 0) {
562                 printk(KERN_WARNING "INFTL: could not find valid boot record?\n");
563                 return -ENXIO;
564         }
565
566         /* Init the logical to physical table */
567         for (i = 0; i < s->nb_blocks; i++)
568                 s->VUtable[i] = BLOCK_NIL;
569
570         logical_block = block = BLOCK_NIL;
571
572         /* Temporary buffer to store ANAC numbers. */
573         ANACtable = kcalloc(s->nb_blocks, sizeof(u8), GFP_KERNEL);
574         if (!ANACtable) {
575                 printk(KERN_WARNING "INFTL: allocation of ANACtable "
576                                 "failed (%zd bytes)\n",
577                                 s->nb_blocks * sizeof(u8));
578                 return -ENOMEM;
579         }
580
581         /*
582          * First pass is to explore each physical unit, and construct the
583          * virtual chains that exist (newest physical unit goes into VUtable).
584          * Any block that is in any way invalid will be left in the
585          * NOTEXPLORED state. Then at the end we will try to format it and
586          * mark it as free.
587          */
588         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 1, explore each unit\n");
589         for (first_block = s->firstEUN; first_block <= s->lastEUN; first_block++) {
590                 if (s->PUtable[first_block] != BLOCK_NOTEXPLORED)
591                         continue;
592
593                 do_format_chain = 0;
594                 first_logical_block = BLOCK_NIL;
595                 last_block = BLOCK_NIL;
596                 block = first_block;
597
598                 for (chain_length = 0; ; chain_length++) {
599
600                         if ((chain_length == 0) &&
601                             (s->PUtable[block] != BLOCK_NOTEXPLORED)) {
602                                 /* Nothing to do here, onto next block */
603                                 break;
604                         }
605
606                         if (inftl_read_oob(mtd, block * s->EraseSize + 8,
607                                            8, &retlen, (char *)&h0) < 0 ||
608                             inftl_read_oob(mtd, block * s->EraseSize +
609                                            2 * SECTORSIZE + 8, 8, &retlen,
610                                            (char *)&h1) < 0) {
611                                 /* Should never happen? */
612                                 do_format_chain++;
613                                 break;
614                         }
615
616                         logical_block = le16_to_cpu(h0.virtualUnitNo);
617                         prev_block = le16_to_cpu(h0.prevUnitNo);
618                         erase_mark = le16_to_cpu((h1.EraseMark | h1.EraseMark1));
619                         ANACtable[block] = h0.ANAC;
620
621                         /* Previous block is relative to start of Partition */
622                         if (prev_block < s->nb_blocks)
623                                 prev_block += s->firstEUN;
624
625                         /* Already explored partial chain? */
626                         if (s->PUtable[block] != BLOCK_NOTEXPLORED) {
627                                 /* Check if chain for this logical */
628                                 if (logical_block == first_logical_block) {
629                                         if (last_block != BLOCK_NIL)
630                                                 s->PUtable[last_block] = block;
631                                 }
632                                 break;
633                         }
634
635                         /* Check for invalid block */
636                         if (erase_mark != ERASE_MARK) {
637                                 printk(KERN_WARNING "INFTL: corrupt block %d "
638                                         "in chain %d, chain length %d, erase "
639                                         "mark 0x%x?\n", block, first_block,
640                                         chain_length, erase_mark);
641                                 /*
642                                  * Assume end of chain, probably incomplete
643                                  * fold/erase...
644                                  */
645                                 if (chain_length == 0)
646                                         do_format_chain++;
647                                 break;
648                         }
649
650                         /* Check for it being free already then... */
651                         if ((logical_block == BLOCK_FREE) ||
652                             (logical_block == BLOCK_NIL)) {
653                                 s->PUtable[block] = BLOCK_FREE;
654                                 break;
655                         }
656
657                         /* Sanity checks on block numbers */
658                         if ((logical_block >= s->nb_blocks) ||
659                             ((prev_block >= s->nb_blocks) &&
660                              (prev_block != BLOCK_NIL))) {
661                                 if (chain_length > 0) {
662                                         printk(KERN_WARNING "INFTL: corrupt "
663                                                 "block %d in chain %d?\n",
664                                                 block, first_block);
665                                         do_format_chain++;
666                                 }
667                                 break;
668                         }
669
670                         if (first_logical_block == BLOCK_NIL) {
671                                 first_logical_block = logical_block;
672                         } else {
673                                 if (first_logical_block != logical_block) {
674                                         /* Normal for folded chain... */
675                                         break;
676                                 }
677                         }
678
679                         /*
680                          * Current block is valid, so if we followed a virtual
681                          * chain to get here then we can set the previous
682                          * block pointer in our PUtable now. Then move onto
683                          * the previous block in the chain.
684                          */
685                         s->PUtable[block] = BLOCK_NIL;
686                         if (last_block != BLOCK_NIL)
687                                 s->PUtable[last_block] = block;
688                         last_block = block;
689                         block = prev_block;
690
691                         /* Check for end of chain */
692                         if (block == BLOCK_NIL)
693                                 break;
694
695                         /* Validate next block before following it... */
696                         if (block > s->lastEUN) {
697                                 printk(KERN_WARNING "INFTL: invalid previous "
698                                         "block %d in chain %d?\n", block,
699                                         first_block);
700                                 do_format_chain++;
701                                 break;
702                         }
703                 }
704
705                 if (do_format_chain) {
706                         format_chain(s, first_block);
707                         continue;
708                 }
709
710                 /*
711                  * Looks like a valid chain then. It may not really be the
712                  * newest block in the chain, but it is the newest we have
713                  * found so far. We might update it in later iterations of
714                  * this loop if we find something newer.
715                  */
716                 s->VUtable[first_logical_block] = first_block;
717                 logical_block = BLOCK_NIL;
718         }
719
720 #ifdef CONFIG_MTD_DEBUG_VERBOSE
721         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
722                 INFTL_dumptables(s);
723 #endif
724
725         /*
726          * Second pass, check for infinite loops in chains. These are
727          * possible because we don't update the previous pointers when
728          * we fold chains. No big deal, just fix them up in PUtable.
729          */
730         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 2, validate virtual chains\n");
731         for (logical_block = 0; logical_block < s->numvunits; logical_block++) {
732                 block = s->VUtable[logical_block];
733                 last_block = BLOCK_NIL;
734
735                 /* Check for free/reserved/nil */
736                 if (block >= BLOCK_RESERVED)
737                         continue;
738
739                 ANAC = ANACtable[block];
740                 for (i = 0; i < s->numvunits; i++) {
741                         if (s->PUtable[block] == BLOCK_NIL)
742                                 break;
743                         if (s->PUtable[block] > s->lastEUN) {
744                                 printk(KERN_WARNING "INFTL: invalid prev %d, "
745                                         "in virtual chain %d\n",
746                                         s->PUtable[block], logical_block);
747                                 s->PUtable[block] = BLOCK_NIL;
748
749                         }
750                         if (ANACtable[block] != ANAC) {
751                                 /*
752                                  * Chain must point back to itself. This is ok,
753                                  * but we will need adjust the tables with this
754                                  * newest block and oldest block.
755                                  */
756                                 s->VUtable[logical_block] = block;
757                                 s->PUtable[last_block] = BLOCK_NIL;
758                                 break;
759                         }
760
761                         ANAC--;
762                         last_block = block;
763                         block = s->PUtable[block];
764                 }
765
766                 if (i >= s->nb_blocks) {
767                         /*
768                          * Uhoo, infinite chain with valid ANACS!
769                          * Format whole chain...
770                          */
771                         format_chain(s, first_block);
772                 }
773         }
774
775 #ifdef CONFIG_MTD_DEBUG_VERBOSE
776         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
777                 INFTL_dumptables(s);
778         if (CONFIG_MTD_DEBUG_VERBOSE >= 2)
779                 INFTL_dumpVUchains(s);
780 #endif
781
782         /*
783          * Third pass, format unreferenced blocks and init free block count.
784          */
785         s->numfreeEUNs = 0;
786         s->LastFreeEUN = BLOCK_NIL;
787
788         DEBUG(MTD_DEBUG_LEVEL3, "INFTL: pass 3, format unused blocks\n");
789         for (block = s->firstEUN; block <= s->lastEUN; block++) {
790                 if (s->PUtable[block] == BLOCK_NOTEXPLORED) {
791                         printk("INFTL: unreferenced block %d, formatting it\n",
792                                 block);
793                         if (INFTL_formatblock(s, block) < 0)
794                                 s->PUtable[block] = BLOCK_RESERVED;
795                         else
796                                 s->PUtable[block] = BLOCK_FREE;
797                 }
798                 if (s->PUtable[block] == BLOCK_FREE) {
799                         s->numfreeEUNs++;
800                         if (s->LastFreeEUN == BLOCK_NIL)
801                                 s->LastFreeEUN = block;
802                 }
803         }
804
805         kfree(ANACtable);
806         return 0;
807 }