| blob | a479160eb88f3a4ae29b74b75d35b0906a63e2c4 |
1 /**
2 ******************************************************************************
3 * @file pios_flashfs_logfs.c
4 * @author PhoenixPilot, http://github.com/PhoenixPilot, Copyright (C) 2012
5 * @addtogroup PIOS PIOS Core hardware abstraction layer
6 * @{
7 * @addtogroup PIOS_FLASHFS Flash Filesystem Function
8 * @{
9 * @brief Log Structured Filesystem for internal or external NOR Flash
10 *****************************************************************************/
11 /*
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 3 of the License, or
15 * (at your option) any later version.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 *
22 * You should have received a copy of the GNU General Public License along
23 * with this program; if not, write to the Free Software Foundation, Inc.,
24 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 */
30 #ifdef PIOS_INCLUDE_FLASH
32 #include <stdbool.h>
33 #include <openpilot.h>
34 #include <pios_math.h>
35 #include <pios_wdg.h>
38 /*
39 * Filesystem state data tracked in RAM
40 */
44 };
52 /* NOTE: num_active_slots + num_free_slots will not typically add
53 * up to the number of slots in the arena since some of the
54 * slots will be obsolete or otherwise invalidated
55 */
59 /* Underlying flash driver glue */
62 };
64 /*
65 * Internal Utility functions
66 */
68 /**
69 * @brief Return the offset in flash of a particular slot within an arena
70 * @return address of the requested slot
71 */
72 static uintptr_t logfs_get_addr(const struct logfs_state *logfs, uint8_t arena_id, uint16_t slot_id)
73 {
80 }
82 /*
83 * The bits within these enum values must progress ONLY
84 * from 1 -> 0 so that we can write later ones on top
85 * of earlier ones in NOR flash without an erase cycle.
86 */
88 /*
89 * The STM32F30X flash subsystem is only capable of
90 * writing words or halfwords. In this case we use halfwords.
91 * In addition to that it is only capable to write to erased
92 * cells (0xffff) or write a cell from anything to (0x0000).
93 * To cope with this, the F3 needs carefully crafted enum values.
94 * For this to work the underlying flash driver has to
95 * check each halfword if it has changed before writing.
96 */
101 };
109 /****************************************
110 * Arena life-cycle transition functions
111 ****************************************/
113 /**
114 * @brief Erases all sectors within the given arena and sets arena to erased state.
115 * @return 0 if success, < 0 on failure
116 * @note Must be called while holding the flash transaction lock
117 */
119 {
122 /* Erase all of the sectors in the arena */
125 sector_id++) {
129 }
130 }
132 /* Mark this arena as fully erased */
136 };
139 arena_addr,
143 }
145 /* Arena is ready to be activated */
147 }
149 /**
150 * @brief Marks the given arena as reserved so it can be filled.
151 * @return 0 if success, < 0 on failure
152 * @note Arena must have been previously erased before calling this
153 * @note Must be called while holding the flash transaction lock
154 */
156 {
159 /* Read in the current arena header */
163 arena_addr,
167 }
169 /* Arena was not erased, can't reserve it */
171 }
173 /* Set the arena state to reserved */
176 /* Write the arena header back to flash */
178 arena_addr,
182 }
184 /* Arena is ready to be filled */
186 }
188 /**
189 * @brief Erases all arenas available to this filesystem instance
190 * @return 0 if success, < 0 on failure
191 * @note Must be called while holding the flash transaction lock
192 */
194 {
198 #ifdef PIOS_LED_HEARTBEAT
200 #endif
201 #ifdef PIOS_INCLUDE_WDG
203 #endif
206 }
207 }
210 }
212 /**
213 * @brief Marks the given arena as active so it can be mounted.
214 * @return 0 if success, < 0 on failure
215 * @note Arena must have been previously erased or reserved before calling this
216 * @note Must be called while holding the flash transaction lock
217 */
219 {
222 /* Make sure this arena has been previously erased */
226 arena_addr,
229 /* Failed to read arena header */
231 }
234 /* Arena was not erased or reserved, can't activate it */
236 }
238 /* Mark this arena as active */
241 arena_addr,
245 }
247 /* The arena is now activated and the log may be mounted */
249 }
251 /**
252 * @brief Marks the given arena as obsolete.
253 * @return 0 if success, < 0 on failure
254 * @note Arena must have been previously active before calling this
255 * @note Must be called while holding the flash transaction lock
256 */
258 {
261 /* We shouldn't be retiring the currently active arena */
264 /* Make sure this arena was previously active */
267 arena_addr,
270 /* Failed to read arena header */
272 }
275 /* Arena was not previously active, can't obsolete it */
277 }
279 /* Mark this arena as obsolete */
282 arena_addr,
286 }
288 /* Arena is now obsoleted */
290 }
292 /**
293 * @brief Find the first active arena in flash
294 * @return arena_id (>=0) of first active arena
295 * @return -1 if no active arena is found
296 * @return -2 if failed to read arena header
297 * @note Must be called while holding the flash transaction lock
298 */
300 {
301 /* Search for the lowest numbered active arena */
304 arena_id++) {
306 /* Load the arena header */
309 arena_addr,
313 }
316 /* This is the first active arena */
318 }
319 #ifdef PIOS_INCLUDE_WDG
321 #endif
322 }
324 /* Didn't find an active arena */
326 }
328 /*
329 * The bits within these enum values must progress ONLY
330 * from 1 -> 0 so that we can write later ones on top
331 * of earlier ones in NOR flash without an erase cycle.
332 */
334 /*
335 * The STM32F30X flash subsystem is only capable of
336 * writing words or halfwords. In this case we use halfwords.
337 * In addition to that it is only capable to write to erased
338 * cells (0xffff) or write a cell from anything to (0x0000).
339 * To cope with this, the F3 needs carfully crafted enum values.
340 * For this to work the underlying flash driver has to
341 * check each halfword if it has changed before writing.
342 */
347 };
356 /* NOTE: Must be called while holding the flash transaction lock */
357 static int32_t logfs_raw_copy_bytes(const struct logfs_state *logfs, uintptr_t src_addr, uint16_t src_size, uintptr_t dst_addr)
358 {
359 #define RAW_COPY_BLOCK_SIZE 16
365 /* Copy a full block */
368 /* Copy the remainder */
370 }
372 /* Read a block of data from source */
374 src_addr,
375 data_block,
377 /* Failed to read next chunk from source */
379 }
381 /* Write a block of data to destination */
383 dst_addr,
384 data_block,
386 /* Failed to write chunk to destination */
388 }
390 /* Update the src/dst pointers */
394 }
397 }
399 /*
400 * Is the entire filesystem full?
401 * true = all slots in the arena are in the ACTIVE state (ie. garbage collection won't free anything)
402 * false = some slots in the arena are either currently free or could be free'd by garbage collection
403 */
405 {
407 }
409 /*
410 * Is the log full?
411 * true = there are no unwritten slots left in the log (garbage collection may or may not help)
412 * false = there are still some entirely unused slots left in the log
413 */
415 {
417 }
420 {
428 }
431 {
438 /* Scan the log to find out how full it is */
441 slot_id++) {
445 slot_addr,
449 }
451 /*
452 * Empty slots must be in a continguous block at the
453 * end of the arena.
454 */
468 }
469 }
471 /* Scan is complete, mark the arena mounted */
476 }
479 {
481 }
483 #if defined(PIOS_INCLUDE_FREERTOS)
485 {
491 }
495 }
497 {
498 /* Invalidate the magic */
501 }
502 #else
506 {
511 }
517 }
519 {
520 /* Invalidate the magic */
523 /* Can't free the resources with this simple allocator */
524 }
527 /**
528 * @brief Initialize the flash object setting FS
529 * @return 0 if success, -1 if failure
530 */
531 int32_t PIOS_FLASHFS_Logfs_Init(uintptr_t *fs_id, const struct flashfs_logfs_cfg *cfg, const struct pios_flash_driver *driver, uintptr_t flash_id)
532 {
537 /* We must have at least 2 arenas for garbage collection to work */
540 /* Make sure the underlying flash driver provides the minimal set of required methods */
555 }
557 /* Bind configuration parameters to this filesystem instance */
566 }
571 /* Find the active arena */
574 /* Found the active arena */
578 /* No active arena found, erase and activate arena 0 */
581 }
584 }
585 }
586 }
589 /* Still no active arena, something is broken */
592 }
594 /* We've found an active arena, mount it */
596 /* Failed to mount the log, something is broken */
599 }
601 /* Log has been mounted */
606 out_end_trans:
609 out_exit:
611 }
614 {
622 }
627 out_exit:
629 }
631 /* NOTE: Must be called while holding the flash transaction lock */
633 {
636 /* Source arena is the active arena */
639 /* Compute destination arena */
640 uint8_t dst_arena_id = (logfs->active_arena_id + 1) % (logfs->cfg->total_fs_size / logfs->cfg->arena_size);
642 /* Erase destination arena */
645 }
647 /* Reserve the destination arena so we can start filling it */
649 /* Unable to reserve the arena */
651 }
653 /* Copy active slots from active arena to destination arena */
657 src_slot_id++) {
661 src_addr,
665 }
670 src_addr,
673 /* Failed to copy all bytes */
675 }
676 dst_slot_id++;
677 }
678 #ifdef PIOS_INCLUDE_WDG
680 #endif
681 }
683 /* Activate the destination arena */
686 }
688 /* Unmount the source arena */
691 }
693 /* Obsolete the source arena */
696 }
698 /* Mount the new arena */
701 }
704 }
706 /* NOTE: Must be called while holding the flash transaction lock */
707 static int16_t logfs_object_find_next(const struct logfs_state *logfs, struct slot_header *slot_hdr, uint16_t *curr_slot, uint32_t obj_id, uint16_t obj_inst_id)
708 {
712 /* First slot in the arena is reserved for arena header, skip it. */
715 }
719 slot_id++) {
723 slot_addr,
727 }
729 /* We hit the end of the log */
731 }
735 /* Found what we were looking for */
738 }
739 #ifdef PIOS_INCLUDE_WDG
741 #endif
742 }
744 /* No matching entry was found */
746 }
748 /* NOTE: Must be called while holding the flash transaction lock */
749 /* OPTIMIZE: could trust that there is at most one active version of every object and terminate the search when we find one */
750 static int8_t logfs_delete_object(struct logfs_state *logfs, uint32_t obj_id, uint16_t obj_inst_id)
751 {
761 /* Found a matching slot. Obsolete it. */
766 slot_addr,
771 }
772 /* Object has been successfully obsoleted and is no longer active */
776 /* Search completed, object not found */
781 /* Error occurred during search */
784 }
787 out_exit:
789 }
791 /* NOTE: Must be called while holding the flash transaction lock */
792 static int8_t logfs_reserve_free_slot(struct logfs_state *logfs, uint16_t *slot_id, struct slot_header *slot_hdr, uint32_t obj_id, uint16_t obj_inst_id, uint16_t obj_size)
793 {
798 /* No free slots to allocate */
800 }
803 /* This object is too big for the slot */
805 }
807 uint16_t candidate_slot_id = (logfs->cfg->arena_size / logfs->cfg->slot_size) - logfs->num_free_slots;
813 slot_addr,
816 /* Failed to read slot header for candidate slot */
818 }
821 /* Candidate slot isn't empty! Something is broken. */
824 }
826 /* Mark this slot as RESERVED */
833 slot_addr,
836 /* Failed to write the slot header */
838 }
840 /* FIXME: If the header write (above) failed, may have partially written data, thus corrupting that slot but we would have missed decrementing this counter */
845 }
847 /* NOTE: Must be called while holding the flash transaction lock */
848 static int8_t logfs_append_to_log(struct logfs_state *logfs, uint32_t obj_id, uint16_t obj_inst_id, uint8_t *obj_data, uint16_t obj_size)
849 {
850 /* Reserve a free slot for our new object */
854 if (logfs_reserve_free_slot(logfs, &free_slot_id, &slot_hdr, obj_id, obj_inst_id, obj_size) != 0) {
855 /* Failed to reserve a free slot */
857 }
859 /* Compute slot address */
862 /* Write the data into the reserved slot, starting after the slot header */
865 /* Individual writes must fit entirely within a single page buffer. */
870 obj_data,
872 /* Failed to write the object data to the slot */
874 }
876 /* Update our accounting */
880 }
882 /* Mark this slot active in one atomic step */
885 slot_addr,
888 /* Failed to mark the slot active */
890 }
892 /* Object has been successfully written to the slot */
895 }
898 /**********************************
899 *
900 * Provide a PIOS_FLASHFS_* driver
901 *
902 *********************************/
905 /**
906 * @brief Saves one object instance to the filesystem
907 * @param[in] fs_id The filesystem to use for this action
908 * @param[in] obj UAVObject ID of the object to save
909 * @param[in] obj_inst_id The instance number of the object being saved
910 * @param[in] obj_data Contents of the object being saved
911 * @param[in] obj_size Size of the object being saved
912 * @return 0 if success or error code
913 * @retval -1 if fs_id is not a valid filesystem instance
914 * @retval -2 if failed to start transaction
915 * @retval -3 if failure to delete any previous versions of the object
916 * @retval -4 if filesystem is entirely full and garbage collection won't help
917 * @retval -5 if garbage collection failed
918 * @retval -6 if filesystem is full even after garbage collection should have freed space
919 * @retval -7 if writing the new object to the filesystem failed
920 */
921 int32_t PIOS_FLASHFS_ObjSave(uintptr_t fs_id, uint32_t obj_id, uint16_t obj_inst_id, uint8_t *obj_data, uint16_t obj_size)
922 {
930 }
937 }
942 }
944 /*
945 * All old versions of this object + instance have been invalidated.
946 * Write the new object.
947 */
949 /* Check if the arena is entirely full. */
951 /* Note: Filesystem Full means we're full of *active* records so gc won't help at all. */
954 }
956 /* Is garbage collection required? */
958 /* Note: Log Full means the log is full but may contain obsolete slots so gc may free some space */
962 }
963 /* Check one more time just to be sure we actually free'd some space */
965 /*
966 * Log is still full even after gc!
967 * NOTE: This should not happen since the filesystem wasn't full
968 * when we checked above so gc should have helped.
969 */
973 }
974 }
976 /* We have room for our new object. Append it to the log. */
978 /* Error during append */
981 }
983 /* Object successfully written to the log */
986 out_end_trans:
989 out_exit:
991 }
993 /**
994 * @brief Load one object instance from the filesystem
995 * @param[in] fs_id The filesystem to use for this action
996 * @param[in] obj UAVObject ID of the object to load
997 * @param[in] obj_inst_id The instance of the object to load
998 * @param[in] obj_data Buffer to hold the contents of the loaded object
999 * @param[in] obj_size Size of the object to be loaded
1000 * @return 0 if success or error code
1001 * @retval -1 if fs_id is not a valid filesystem instance
1002 * @retval -2 if failed to start transaction
1003 * @retval -3 if object not found in filesystem
1004 * @retval -4 if object size in filesystem does not exactly match buffer size
1005 * @retval -5 if reading the object data from flash fails
1006 */
1007 int32_t PIOS_FLASHFS_ObjLoad(uintptr_t fs_id, uint32_t obj_id, uint16_t obj_inst_id, uint8_t *obj_data, uint16_t obj_size)
1008 {
1016 }
1023 }
1025 /* Find the object in the log */
1029 /* Object does not exist in fs */
1032 }
1034 /* Sanity check what we've found */
1036 /* Object sizes don't match. Not safe to copy contents. */
1039 }
1041 /* Read the contents of the object from the log */
1048 /* Failed to read object data from the log */
1051 }
1052 }
1054 /* Object successfully loaded */
1057 out_end_trans:
1060 out_exit:
1062 }
1064 /**
1065 * @brief Delete one instance of an object from the filesystem
1066 * @param[in] fs_id The filesystem to use for this action
1067 * @param[in] obj UAVObject ID of the object to delete
1068 * @param[in] obj_inst_id The instance of the object to delete
1069 * @return 0 if success or error code
1070 * @retval -1 if fs_id is not a valid filesystem instance
1071 * @retval -2 if failed to start transaction
1072 * @retval -3 if failed to delete the object from the filesystem
1073 */
1075 {
1083 }
1088 }
1093 }
1095 /* Object successfully deleted from the log */
1098 out_end_trans:
1101 out_exit:
1103 }
1105 /**
1106 * @brief Erases all filesystem arenas and activate the first arena
1107 * @param[in] fs_id The filesystem to use for this action
1108 * @return 0 if success or error code
1109 * @retval -1 if fs_id is not a valid filesystem instance
1110 * @retval -2 if failed to start transaction
1111 * @retval -3 if failed to erase all arenas
1112 * @retval -4 if failed to activate arena 0
1113 * @retval -5 if failed to mount arena 0
1114 */
1116 {
1124 }
1128 }
1133 }
1138 }
1140 /* Reinitialize arena 0 */
1144 }
1146 /* Mount arena 0 */
1150 }
1152 /* Chip erased and log remounted successfully */
1155 out_end_trans:
1158 out_exit:
1160 }
1161 /**
1162 * @brief Returs stats for the filesystems
1163 * @param[in] fs_id The filesystem to use for this action
1164 * @return 0 if success or error code
1165 * @retval -1 if fs_id is not a valid filesystem instance
1166 */
1168 {
1174 }
1178 }
1181 /**
1182 * @}
1183 * @}
1184 */