| blob | d1cc136f973a499460955c9c4bade38c34713276 |
1 /*
2 * This file is part of Cleanflight.
3 *
4 * Cleanflight is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * Cleanflight is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with Cleanflight. If not, see <http://www.gnu.org/licenses/>.
16 */
18 /**
19 * This provides a stream interface to a flash chip if one is present.
20 *
21 * On statup, call flashfsInit() after initialising the flash chip in order to init the filesystem. This will
22 * result in the file pointer being pointed at the first free block found, or at the end of the device if the
23 * flash chip is full.
24 *
25 * Note that bits can only be set to 0 when writing, not back to 1 from 0. You must erase sectors in order
26 * to bring bits back to 1 again.
27 *
28 * In future, we can add support for multiple different flash chips by adding a flash device driver vtable
29 * and make calls through that, at the moment flashfs just calls m25p16_* routines explicitly.
30 */
32 #include <stdint.h>
33 #include <stdbool.h>
34 #include <string.h>
41 /* The position of our head and tail in the circular flash write buffer.
42 *
43 * The head is the index that a byte would be inserted into on writing, while the tail is the index of the
44 * oldest byte that has yet to be written to flash.
45 *
46 * When the circular buffer is empty, head == tail
47 */
50 // The position of the buffer's tail in the overall flash address space:
54 {
56 }
59 {
61 }
64 {
66 }
69 {
75 }
77 /**
78 * Start and end must lie on sector boundaries, or they will be rounded out to sector boundaries such that
79 * all the bytes in the range [start...end) are erased.
80 */
82 {
88 // Round the start down to a sector boundary
91 // And the end upward
96 endSector++;
97 }
101 }
102 }
104 /**
105 * Return true if the flash is not currently occupied with an operation.
106 */
108 {
110 }
113 {
115 }
118 {
123 }
125 /**
126 * Get the size of the largest single write that flashfs could ever accept without blocking or data loss.
127 */
129 {
131 }
133 /**
134 * Get the number of bytes that can currently be written to flashfs without any blocking or data loss.
135 */
137 {
139 }
142 {
144 }
146 /**
147 * Write the given buffers to flash sequentially at the current tail address, advancing the tail address after
148 * each write.
149 *
150 * In synchronous mode, waits for the flash to become ready before writing so that every byte requested can be written.
151 *
152 * In asynchronous mode, if the flash is busy, then the write is aborted and the routine returns immediately.
153 * In this case the returned number of bytes written will be less than the total amount requested.
154 *
155 * Modifies the supplied buffer pointers and sizes to reflect how many bytes remain in each of them.
156 *
157 * bufferCount: the number of buffers provided
158 * buffers: an array of pointers to the beginning of buffers
159 * bufferSizes: an array of the sizes of those buffers
160 * sync: true if we should wait for the device to be idle before writes, otherwise if the device is busy the
161 * write will be aborted and this routine will return immediately.
162 *
163 * Returns the number of bytes written
164 */
165 static uint32_t flashfsWriteBuffers(uint8_t const **buffers, uint32_t *bufferSizes, int bufferCount, bool sync)
166 {
173 }
177 }
185 /*
186 * Each page needs to be saved in a separate program operation, so
187 * if we would cross a page boundary, only write up to the boundary in this iteration:
188 */
193 }
195 // Are we at EOF already? Abort.
197 // May as well throw away any buffered data
201 }
209 // Is buffer larger than our write limit? Write our limit out of it
219 // We'll still have more to write after finishing this buffer off
226 }
227 }
228 }
234 // Advance the cursor in the file system to match the bytes we wrote
237 /*
238 * We'll have to wait for that write to complete before we can issue the next one, so if
239 * the user requested asynchronous writes, break now.
240 */
243 }
246 }
248 /*
249 * Since the buffered data might wrap around the end of the circular buffer, we can have two segments of data to write,
250 * an initial portion and a possible wrapped portion.
251 *
252 * This routine will fill the details of those buffers into the provided arrays, which must be at least 2 elements long.
253 */
255 {
265 }
266 }
268 /**
269 * Get the current offset of the file pointer within the volume.
270 */
272 {
276 // Dirty data in the buffers contributes to the offset
281 }
283 /**
284 * Called after bytes have been written from the buffer to advance the position of the tail by the given amount.
285 */
287 {
290 // Wrap tail around the end of the buffer
293 }
297 }
298 }
300 /**
301 * If the flash is ready to accept writes, flush the buffer to it.
302 *
303 * Returns true if all data in the buffer has been flushed to the device, or false if
304 * there is still data to be written (call flush again later).
305 */
307 {
310 }
321 }
323 /**
324 * Wait for the flash to become ready and begin flushing any buffered data to flash.
325 *
326 * The flash will still be busy some time after this sync completes, but space will
327 * be freed up to accept more writes in the write buffer.
328 */
330 {
333 }
341 // We've written our entire buffer now:
343 }
346 {
350 }
353 {
357 }
359 /**
360 * Write the given byte asynchronously to the flash. If the buffer overflows, data is silently discarded.
361 */
363 {
368 }
372 }
373 }
375 /**
376 * Write the given buffer to the flash either synchronously or asynchronously depending on the 'sync' parameter.
377 *
378 * If writing asynchronously, data will be silently discarded if the buffer overflows.
379 * If writing synchronously, the routine will block waiting for the flash to become ready so will never drop data.
380 */
382 {
386 // There could be two dirty buffers to write out already:
389 // Plus the buffer the user supplied:
393 /*
394 * Would writing this data to our buffer cause our buffer to reach the flush threshold? If so try to write through
395 * to the flash now
396 */
400 // Attempt to write all three buffers through to the flash asynchronously
404 // We wrote all the data that was previously buffered
408 // And we wrote all the data the user supplied! Job done!
410 }
412 // We only wrote a portion of the old data, so advance the tail to remove the bytes we did write from the buffer
414 }
416 // Is the remainder of the data to be written too big to fit in the buffers?
419 // Write it through synchronously
423 /*
424 * Silently drop the data the user asked to write (i.e. no-op) since we can't buffer it and they
425 * requested async.
426 */
427 }
430 }
432 // Fall through and add the remainder of the incoming data to our buffer
435 }
437 // Buffer up the data the user supplied instead of writing it right away
439 // First write the portion before we wrap around the end of the circular buffer
451 // If we wrap the head around, write the remainder to the start of the buffer (if any)
456 }
457 }
459 /**
460 * Read `len` bytes from the given address into the supplied buffer.
461 *
462 * Returns the number of bytes actually read which may be less than that requested.
463 */
465 {
468 // Did caller try to read past the end of the volume?
470 // Truncate their request
472 }
474 // Since the read could overlap data in our dirty buffers, force a sync to clear those first
480 }
482 /**
483 * Find the offset of the start of the free space on the device (or the size of the device if it is full).
484 */
486 {
487 /* Find the start of the free space on the device by examining the beginning of blocks with a binary search,
488 * looking for ones that appear to be erased. We can achieve this with good accuracy because an erased block
489 * is all bits set to 1, which pretty much never appears in reasonable size substrings of blackbox logs.
490 *
491 * To do better we might write a volume header instead, which would mark how much free space remains. But keeping
492 * a header up to date while logging would incur more writes to the flash, which would consume precious write
493 * bandwidth and block more often.
494 */
497 /* We can choose whatever power of 2 size we like, which determines how much wastage of free space we'll have
498 * at the end of the last written data. But smaller blocksizes will require more searching.
499 */
502 /* We don't expect valid data to ever contain this many consecutive uint32_t's of all 1 bits: */
505 };
513 int right = flashfsGetSize() / FREE_BLOCK_SIZE; // One past the largest block index in the search region
522 if (m25p16_readBytes(mid * FREE_BLOCK_SIZE, testBuffer.bytes, FREE_BLOCK_TEST_SIZE_BYTES) < FREE_BLOCK_TEST_SIZE_BYTES) {
523 // Unexpected timeout from flash, so bail early (reporting the device fuller than it really is)
525 }
527 // Checking the buffer 4 bytes at a time like this is probably faster than byte-by-byte, but I didn't benchmark it :)
533 }
534 }
537 /* This erased block might be the leftmost erased block in the volume, but we'll need to continue the
538 * search leftwards to find out:
539 */
545 }
546 }
549 }
551 /**
552 * Returns true if the file pointer is at the end of the device.
553 */
556 }
558 /**
559 * Call after initializing the flash chip in order to set up the filesystem.
560 */
562 {
563 // If we have a flash chip present at all
565 // Start the file pointer off at the beginning of free space so caller can start writing immediately
567 }
568 }