inferno-os/liblogfs/boot.c

#include "logfsos.h"
#include "logfs.h"
#include "local.h"

struct LogfsBoot {
	LogfsLowLevel *ll;
	long bootblocks;
	long blocksize;
	long size;
	long *map;
	int trace;
	int printbad;
//	ulong bootpathmask;
//	int bootgenshift;
};

typedef struct LogfsBootPath LogfsBootPath;

//#define LogfsBootGenBits 2
//#define LogfsBootGenMask ((1 << LogfsBootGenBits) - 1)
#define LogfsBootGenMask ((1 << L2BlockCopies) - 1)

struct LogfsBootPath {
	ulong path;
	uchar gen;
};

#define LOGFSMKBOOTPATH(lb, p) mkdatapath((p)->path, (p)->gen)
#define LOGFSSPLITBOOTPATHEX(bgs, bpm, p, v) ((p)->path = dataseqof(v), (p)->gen = copygenof(v))
#define LOGFSSPLITBOOTPATH(lb, p, v) LOGFSSPLITBOOTPATHEX(0, 0, p, v)

//#define LOGFSMKBOOTPATH(lb, p) (((p)->path & (lb)->bootpathmask) | (((p)->gen & LogfsBootGenMask) << (lb)->bootgenshift))
//#define LOGFSSPLITBOOTPATHEX(bgs, bpm, p, v) ((p)->path = (v) & (bpm), (p)->gen = ((v) >> (bgs)) & LogfsBootGenMask) 
//#define LOGFSSPLITBOOTPATH(lb, p, v) LOGFSSPLITBOOTPATHEX((lb)->bootgenshift, (lb)->bootpathmask, p, v)

extern LogfsBootPath logfsbooterasedpath;

static char Ecorrupt[] = "filesystem corrupt";
static char Enospc[] = "no free blocks";
static char Eaddress[] = "address out of range";

static char *
logfsbootblockupdate(LogfsBoot *lb, void *buf, LogfsBootPath *path, uchar tag, ulong block)
{
	LogfsLowLevel *ll =  lb->ll;
	char *errmsg;
	ulong packedpath;

	if(lb->trace > 1)
		print("logfsbootblockupdate: path 0x%.8lux(%d) tag %s block %lud\n",
		    path->path, path->gen, logfstagname(tag), block);

	packedpath = LOGFSMKBOOTPATH(lb, path);
	errmsg = (*ll->writeblock)(ll, buf, tag, packedpath, 1, &lb->bootblocks, block);

	if(errmsg) {
		/*
		 * ensure block never used again until file system reinitialised
		 * We have absolutely no idea what state it's in. This is most
		 * likely if someone turns off the power (or at least threatens
		 * the power supply), during a block update. This way the block
		 * is protected until the file system in reinitialised. An alternative
		 * would be check the file system after a power fail false alarm,
		 * and erase any Tworse blocks
		 */
		(*ll->setblocktag)(ll, block, LogfsTworse);
		return errmsg;
	}
		
	(*ll->setblocktag)(ll, block, tag);
	(*ll->setblockpath)(ll, block, packedpath);

	return nil;
}

char *
logfsbootfettleblock(LogfsBoot *lb, long block, uchar tag, long path, int *markedbad)
{
	LogfsLowLevel *ll = lb->ll;
	char *errmsg;
	void *llsave;

	errmsg = (*ll->eraseblock)(ll, block, &llsave, markedbad);
	if(errmsg || (markedbad && *markedbad)) {
		logfsfreemem(llsave);
		return errmsg;
	}
	errmsg = (*ll->reformatblock)(ll, block, tag, path, 1, &lb->bootblocks, llsave, markedbad);
	logfsfreemem(llsave);
	return errmsg;
}

/*
 * block transfer is the critical unit of update
 * we are going to assume that page writes and block erases are atomic
 * this can pretty much be assured by not starting a page write or block erase
 * if the device feels it is in power fail
 */

static char *
logfsbootblocktransfer(LogfsBoot *lb, void *buf, ulong oldblock, int markbad)
{
	LogfsLowLevel *ll = lb->ll;
	long bestnewblock;
	ulong oldpackedpath;
	LogfsBootPath oldpath;
	short oldtag;
	char *errmsg;
	int markedbad;

	oldpackedpath = (*ll->getblockpath)(ll, oldblock);
	oldtag = (*ll->getblocktag)(ll, oldblock);

	LOGFSSPLITBOOTPATH(lb, &oldpath, oldpackedpath);

	for(;;) {
		LogfsBootPath newpath;

		bestnewblock = logfsfindfreeblock(ll, markbad ? AllocReasonReplace : AllocReasonTransfer);
		if(lb->trace > 0 && markbad)
			print("logfsbootblocktransfer: block %lud is bad, copying to %ld\n",
				oldblock, bestnewblock);
		if(lb->trace > 1 && !markbad)
			print("logfsbootblocktransfer: copying block %lud to %ld\n",
				oldblock, bestnewblock);
		if(bestnewblock == -1)
			return Enospc;
		newpath = oldpath;
//		newpath.gen = (newpath.gen + 1) & LogfsBootGenMask;
		newpath.gen = copygensucc(newpath.gen);
		errmsg = logfsbootblockupdate(lb, buf, &newpath, oldtag, bestnewblock);
		if(errmsg == nil)
			break;
		if(strcmp(errmsg, Eio) != 0)
			return errmsg;
		(*ll->markblockbad)(ll, bestnewblock);
	}

#ifdef LOGFSTEST
	if(logfstest.partialupdate) {
		print("skipping erase\n");
		logfstest.partialupdate = 0;
		return nil;
	}
	if(logfstest.updatenoerase) {
		print("skipping erase\n");
		logfstest.updatenoerase = 0;
		return nil;
	}
#endif

	if(oldtag == LogfsTboot)
		lb->map[oldpath.path] = bestnewblock;

	return logfsbootfettleblock(lb, oldblock, LogfsTnone, ~0, &markedbad);
}

static char *
logfsbootblockread(LogfsBoot *lb, void *buf, long block, LogfsLowLevelReadResult *blocke)
{
	LogfsLowLevel *ll = lb->ll;
	char *errmsg;

	*blocke = LogfsLowLevelReadResultOk;
	errmsg = (*ll->readblock)(ll, buf, block, blocke);
	if(errmsg)
		return errmsg;

	if(*blocke != LogfsLowLevelReadResultOk) {
		char *errmsg = logfsbootblocktransfer(lb, buf, block, 1);
		if(errmsg)
			return errmsg;
	}

	if(*blocke == LogfsLowLevelReadResultHardError)
		return Eio;

	return nil;
}

char *
logfsbootread(LogfsBoot *lb, void *buf, long n, ulong offset)
{
	int i;

	if(lb->trace > 0)
		print("logfsbootread(0x%.8lux, 0x%lx, 0x%lux)\n", (ulong)buf, n, offset);
	if(offset % lb->blocksize || n % lb->blocksize)
		return Eio;
	n /= lb->blocksize;
	offset /= lb->blocksize;
	if(offset + n > lb->bootblocks)
		return Eio;
	for(i = 0; i < n; i++) {
		LogfsLowLevelReadResult result;
		char *errmsg = logfsbootblockread(lb, buf, lb->map[offset + i], &result);
		if(errmsg)
			return errmsg;
		buf = (uchar *)buf + lb->blocksize;
	}
	return nil;
}

static char *
logfsbootblockreplace(LogfsBoot *lb, void *buf, ulong logicalblock)
{
	uchar *oldblockbuf;
	ulong oldblock;
	char *errmsg;
	LogfsLowLevelReadResult result;

	oldblock = lb->map[logicalblock];
	oldblockbuf = logfsrealloc(nil, lb->blocksize);
	if(oldblockbuf == nil)
		return Enomem;

	errmsg = logfsbootblockread(lb, oldblockbuf, oldblock, &result);
	if(errmsg == nil && memcmp(oldblockbuf, buf, lb->blocksize) != 0)
		errmsg = logfsbootblocktransfer(lb, buf, oldblock, 0);

	logfsfreemem(oldblockbuf);
	return errmsg;
}

char *
logfsbootwrite(LogfsBoot *lb, void *buf, long n, ulong offset)
{
	int i;

	if(lb->trace > 0)
		print("logfsbootwrite(0x%.8lux, 0x%lux, 0x%lux)\n", (ulong)buf, n, offset);
	/*
	 * don't even get started on a write if the power has failed
	 */
	if(offset % lb->blocksize || n % lb->blocksize)
		return Eio;
	n /= lb->blocksize;
	offset /= lb->blocksize;
	if(offset + n > lb->bootblocks)
		return Eio;
	for(i = 0; i < n; i++) {
		logfsbootblockreplace(lb, buf, offset + i);
		buf = (uchar *)buf + lb->blocksize;
	}
	return nil;
}

char *
logfsbootio(LogfsBoot *lb, void *buf, long n, ulong offset, int write)
{
	return (write ? logfsbootwrite : logfsbootread)(lb, buf, n, offset);
}

static char *
eraseandformatblock(LogfsBoot *lb, long block, int trace)
{
	char *errmsg;
	int markedbad;

	errmsg = logfsbootfettleblock(lb, block, LogfsTnone, ~0, &markedbad);
	if(errmsg)
		return errmsg;
	if(markedbad && trace > 1)
		print("erase/format failed - marked bad\n");
	return nil;
}

char *
logfsbootopen(LogfsLowLevel *ll, long base, long limit, int trace, int printbad, LogfsBoot **lbp)
{
	long *reversemap;
	ulong blocksize;
	ulong blocks;
	long i;
	long bootblockmax;
	LogfsBoot *lb = nil;
	ulong baseblock;
	char *errmsg;
//	int bootgenshift = ll->pathbits- LogfsBootGenBits;
//	ulong bootpathmask = (1 << (ll->pathbits - LogfsBootGenBits)) - 1;
	long expectedbootblocks;

	errmsg = (*ll->open)(ll, base, limit, trace, 1, &expectedbootblocks);
	if(errmsg)
		return errmsg;

	bootblockmax = -1;
	blocks = ll->blocks;
	baseblock = (*ll->getbaseblock)(ll);
	blocksize = (*ll->getblocksize)(ll);

	for(i = 0; i < blocks; i++) {
		if((*ll->getblocktag)(ll, i) == LogfsTboot) {
			long path = (*ll->getblockpath)(ll, i);
			LogfsBootPath lp;
			LOGFSSPLITBOOTPATHEX(bootgenshift, bootpathmask, &lp, path);
			if((long)lp.path > bootblockmax)
				bootblockmax = lp.path;
		}
	}
	if(bootblockmax + 1 >= blocks) {
		if(printbad)
			print("logfsbootinit: bootblockmax %ld exceeds number of blocks\n", bootblockmax);
		return Ecorrupt;
	}
	if(bootblockmax < 0) {
		if(printbad)
			print("logfsbootopen: no boot area\n");
		return Ecorrupt;
	}
	if(bootblockmax + 1 != expectedbootblocks) {
		if(printbad)
			print("logfsbootopen: wrong number of bootblocks (found %lud, expected %lud)\n",
				bootblockmax + 1, expectedbootblocks);
	}
		
	reversemap = logfsrealloc(nil, sizeof(*reversemap) * (bootblockmax + 1));
	if(reversemap == nil)
		return Enomem;

	for(i = 0; i <= bootblockmax; i++)
		reversemap[i] = -1;
	for(i = 0; i < blocks; i++) {
		LogfsBootPath ipath;
		long rm;
		ulong ip;

		if((*ll->getblocktag)(ll, i) != LogfsTboot)
			continue;
		ip = (*ll->getblockpath)(ll, i);
		LOGFSSPLITBOOTPATHEX(bootgenshift, bootpathmask, &ipath, ip);
		rm = reversemap[ipath.path];
		if(rm != -1) {
			if(printbad)
				print("logfsbootopen: blockaddr 0x%.8lux: path %ld(%d): duplicate\n",
					blocksize * (baseblock + i), ipath.path, ipath.gen);
			/*
			 * resolve collision
			 * if this one is partial, then erase it
			 * if the existing one is partial, erase that
			 * if both valid, give up
			 */
			if((*ll->getblockpartialformatstatus)(ll, i)) {
				errmsg = eraseandformatblock(lb, i, trace);
				if(errmsg)
					goto error;
			}
			else if((*ll->getblockpartialformatstatus)(ll, rm)) {
				errmsg = eraseandformatblock(lb, rm, trace);
				if(errmsg)
					goto error;
				reversemap[ipath.path] = i;
			}
			else {
				int d;
				ulong rmp;
				LogfsBootPath rmpath;
				rmp = (*ll->getblockpath)(ll, rm);
				LOGFSSPLITBOOTPATHEX(bootgenshift, bootpathmask, &rmpath, rmp);
				d = (ipath.gen - rmpath.gen) & LogfsBootGenMask;
				if(printbad)
					print("i.gen = %d rm.gen = %d d = %d\n", ipath.gen, rmpath.gen, d);
				if(d == 1) {
					/* i is newer;
					 * keep the OLDER one because
					 * we might have had a write failure on the last page, but lost the
					 * power before being able to mark the first page bad
					 * if, worse, the auxiliary area's tag is the same for first and last page,
					 * this looks like a successfully written page. so, we cannot believe the
					 * data in the newer block unless we erased the old one, and then of
					 * course, we wouldn't have a duplicate.
					 */
					errmsg = eraseandformatblock(lb, i, trace);
					if(errmsg)
						goto error;
				}
				else if(d == LogfsBootGenMask) {
					/* rm is newer */
					errmsg = eraseandformatblock(lb, rm, trace);
					if(errmsg)
						goto error;
					reversemap[ipath.path] = i;
				}
				else {
					errmsg = Ecorrupt;
					goto error;
				}
			}
		}
		else
			reversemap[ipath.path] = i;
	}
	/*
	 * final checks; not partial blocks, and no holes
	 */
	for(i = 0; i <= bootblockmax; i++) {
		long rm;
		rm = reversemap[i];
		if(rm == -1) {
			if(printbad)
				print("logfsbootopen: missing boot block %ld\n", i);
			errmsg = Ecorrupt;
			goto error;
		}
		if((*ll->getblockpartialformatstatus)(ll, rm)) {
			if(printbad)
				print("logfsbootopen: boot block %ld partially written\n", rm);
			errmsg = Ecorrupt;
			goto error;
		}
	}
	/* the reverse map is consistent */
	lb = logfsrealloc(nil, sizeof(*lb));
	if(lb == nil) {
		errmsg = Enomem;
		goto error;
	}

	lb->blocksize = blocksize;
	lb->bootblocks = bootblockmax + 1;
	lb->map = reversemap;
	lb->trace = trace;
	lb->printbad = printbad;
	lb->ll = ll;
	lb->size = blocksize * lb->bootblocks;
//	lb->bootgenshift = bootgenshift;
//	lb->bootpathmask = bootpathmask;
	*lbp = lb;
	if(trace)
		print("logfsbootopen: success\n");
	return nil;

error:
	logfsfreemem(reversemap);
	logfsfreemem(lb);
	return errmsg;
}

void
logfsbootfree(LogfsBoot *lb)
{
	if(lb) {
		logfsfreemem(lb->map);
		logfsfreemem(lb);
	}
}

char *
logfsbootmap(LogfsBoot *lb, ulong laddress, ulong *lblockp, int *lboffsetp, int *lpagep, int *lpageoffsetp, ulong *pblockp, ulong *paddressp)
{
	LogfsLowLevel *ll = lb->ll;
	ulong lblock;
	ulong lboffset, lpageoffset, lpage;
	ulong pblock;
	ulong paddress;

	lblock = laddress / lb->blocksize;
	if(lblock >= lb->bootblocks)
		return Eaddress;
	lboffset = laddress % lb->blocksize;
	pblock = lb->map[lblock];
	paddress = (*ll->calcrawaddress)(ll, pblock, lboffset);
	lpage = lboffset >>  ll->l2pagesize;
	lpageoffset = lboffset & ((1 << ll->l2pagesize) - 1);
	if(lblockp)
		*lblockp = lblock;
	if(lboffsetp)
		*lboffsetp = lboffset;
	if(lpagep)
		*lpagep = lpage;
	if(lpageoffsetp)
		*lpageoffsetp = lpageoffset;
	if(pblockp)
		*pblockp = pblock;
	if(paddressp)
		*paddressp = paddress;
	return nil;
}

long
logfsbootgetiosize(LogfsBoot *lb)
{
	return lb->blocksize;
}

long
logfsbootgetsize(LogfsBoot *lb)
{
	return lb->size;
}

void
logfsboottrace(LogfsBoot *lb, int level)
{
	lb->trace = level;
}