1 /* drivers/misc/apanic.c
3 * Copyright (C) 2009 Google, Inc.
4 * Author: San Mehat <san@android.com>
6 * This software is licensed under the terms of the GNU General Public
7 * License version 2, as published by the Free Software Foundation, and
8 * may be copied, distributed, and modified under those terms.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
17 #include <linux/module.h>
18 #include <linux/kernel.h>
19 #include <linux/string.h>
20 #include <linux/errno.h>
21 #include <linux/init.h>
22 #include <linux/interrupt.h>
23 #include <linux/device.h>
24 #include <linux/types.h>
25 #include <linux/delay.h>
26 #include <linux/sched.h>
27 #include <linux/wait.h>
28 #include <linux/wakelock.h>
29 #include <linux/platform_device.h>
30 #include <linux/uaccess.h>
31 #include <linux/mtd/mtd.h>
32 #include <linux/notifier.h>
33 #include <linux/mtd/mtd.h>
34 #include <linux/debugfs.h>
36 #include <linux/proc_fs.h>
37 #include <linux/mutex.h>
38 #include <linux/workqueue.h>
39 #include <linux/preempt.h>
41 extern void ram_console_enable_console(int);
45 #define PANIC_MAGIC 0xdeadf00d
48 #define PHDR_VERSION 0x01
59 struct panic_header curr;
61 struct proc_dir_entry *apanic_console;
62 struct proc_dir_entry *apanic_threads;
65 static struct apanic_data drv_ctx;
66 static struct work_struct proc_removal_work;
67 static DEFINE_MUTEX(drv_mutex);
69 static unsigned int *apanic_bbt;
70 static unsigned int apanic_erase_blocks;
71 static unsigned int apanic_good_blocks;
73 static void set_bb(unsigned int block, unsigned int *bbt)
75 unsigned int flag = 1;
77 BUG_ON(block >= apanic_erase_blocks);
79 flag = flag << (block%32);
80 apanic_bbt[block/32] |= flag;
84 static unsigned int get_bb(unsigned int block, unsigned int *bbt)
88 BUG_ON(block >= apanic_erase_blocks);
90 flag = 1 << (block%32);
91 return apanic_bbt[block/32] & flag;
94 static void alloc_bbt(struct mtd_info *mtd, unsigned int *bbt)
97 apanic_erase_blocks = (mtd->size)>>(mtd->erasesize_shift);
98 bbt_size = (apanic_erase_blocks+32)/32;
100 apanic_bbt = kmalloc(bbt_size*4, GFP_KERNEL);
101 memset(apanic_bbt, 0, bbt_size*4);
102 apanic_good_blocks = apanic_erase_blocks;
104 static void scan_bbt(struct mtd_info *mtd, unsigned int *bbt)
108 for (i = 0; i < apanic_erase_blocks; i++) {
109 if (mtd->block_isbad(mtd, i*mtd->erasesize))
110 set_bb(i, apanic_bbt);
114 #define APANIC_INVALID_OFFSET 0xFFFFFFFF
116 static unsigned int phy_offset(struct mtd_info *mtd, unsigned int offset)
118 unsigned int logic_block = offset>>(mtd->erasesize_shift);
119 unsigned int phy_block;
120 unsigned good_block = 0;
122 for (phy_block = 0; phy_block < apanic_erase_blocks; phy_block++) {
123 if (!get_bb(phy_block, apanic_bbt))
125 if (good_block == (logic_block + 1))
129 if (good_block != (logic_block + 1))
130 return APANIC_INVALID_OFFSET;
132 return offset + ((phy_block-logic_block)<<mtd->erasesize_shift);
135 static void apanic_erase_callback(struct erase_info *done)
137 wait_queue_head_t *wait_q = (wait_queue_head_t *) done->priv;
141 static int apanic_proc_read(char *buffer, char **start, off_t offset,
142 int count, int *peof, void *dat)
144 struct apanic_data *ctx = &drv_ctx;
147 unsigned int page_no;
155 mutex_lock(&drv_mutex);
158 case 1: /* apanic_console */
159 file_length = ctx->curr.console_length;
160 file_offset = ctx->curr.console_offset;
162 case 2: /* apanic_threads */
163 file_length = ctx->curr.threads_length;
164 file_offset = ctx->curr.threads_offset;
167 pr_err("Bad dat (%d)\n", (int) dat);
168 mutex_unlock(&drv_mutex);
172 if ((offset + count) > file_length) {
173 mutex_unlock(&drv_mutex);
177 /* We only support reading a maximum of a flash page */
178 if (count > ctx->mtd->writesize)
179 count = ctx->mtd->writesize;
181 page_no = (file_offset + offset) / ctx->mtd->writesize;
182 page_offset = (file_offset + offset) % ctx->mtd->writesize;
185 if (phy_offset(ctx->mtd, (page_no * ctx->mtd->writesize))
186 == APANIC_INVALID_OFFSET) {
187 pr_err("apanic: reading an invalid address\n");
188 mutex_unlock(&drv_mutex);
191 rc = ctx->mtd->read(ctx->mtd,
192 phy_offset(ctx->mtd, (page_no * ctx->mtd->writesize)),
196 #ifdef CONFIG_MTD_RKNAND
197 if (count > (ctx->mtd->writesize - page_offset))
198 count = ctx->mtd->writesize - page_offset;
201 count -= page_offset;
203 memcpy(buffer, ctx->bounce + page_offset, count);
207 if ((offset + count) == file_length)
210 mutex_unlock(&drv_mutex);
214 static void mtd_panic_erase(void)
216 struct apanic_data *ctx = &drv_ctx;
217 #ifdef CONFIG_MTD_RKNAND
219 memset(ctx->bounce, 0, ctx->mtd->writesize);
220 ctx->mtd->write(ctx->mtd, 0, ctx->mtd->writesize, &wlen, ctx->bounce);
222 struct erase_info erase;
223 DECLARE_WAITQUEUE(wait, current);
224 wait_queue_head_t wait_q;
227 init_waitqueue_head(&wait_q);
228 erase.mtd = ctx->mtd;
229 erase.callback = apanic_erase_callback;
230 erase.len = ctx->mtd->erasesize;
231 erase.priv = (u_long)&wait_q;
232 for (i = 0; i < ctx->mtd->size; i += ctx->mtd->erasesize) {
234 set_current_state(TASK_INTERRUPTIBLE);
235 add_wait_queue(&wait_q, &wait);
237 if (get_bb(erase.addr>>ctx->mtd->erasesize_shift, apanic_bbt)) {
239 "apanic: Skipping erase of bad "
240 "block @%llx\n", erase.addr);
241 set_current_state(TASK_RUNNING);
242 remove_wait_queue(&wait_q, &wait);
246 rc = ctx->mtd->erase(ctx->mtd, &erase);
248 set_current_state(TASK_RUNNING);
249 remove_wait_queue(&wait_q, &wait);
251 "apanic: Erase of 0x%llx, 0x%llx failed\n",
252 (unsigned long long) erase.addr,
253 (unsigned long long) erase.len);
255 if (ctx->mtd->block_markbad(ctx->mtd,
258 "apanic: Err marking blk bad\n");
262 "apanic: Marked a bad block"
263 " @%llx\n", erase.addr);
264 set_bb(erase.addr>>ctx->mtd->erasesize_shift,
271 remove_wait_queue(&wait_q, &wait);
274 printk(KERN_DEBUG "apanic: %s partition erased\n",
275 CONFIG_APANIC_PLABEL);
280 static void apanic_remove_proc_work(struct work_struct *work)
282 struct apanic_data *ctx = &drv_ctx;
284 mutex_lock(&drv_mutex);
286 memset(&ctx->curr, 0, sizeof(struct panic_header));
287 if (ctx->apanic_console) {
288 remove_proc_entry("apanic_console", NULL);
289 ctx->apanic_console = NULL;
291 if (ctx->apanic_threads) {
292 remove_proc_entry("apanic_threads", NULL);
293 ctx->apanic_threads = NULL;
295 mutex_unlock(&drv_mutex);
298 static int apanic_proc_write(struct file *file, const char __user *buffer,
299 unsigned long count, void *data)
301 schedule_work(&proc_removal_work);
305 static void mtd_panic_notify_add(struct mtd_info *mtd)
307 struct apanic_data *ctx = &drv_ctx;
308 struct panic_header *hdr = ctx->bounce;
311 int proc_entry_created = 0;
313 if (strcmp(mtd->name, CONFIG_APANIC_PLABEL))
318 alloc_bbt(mtd, apanic_bbt);
319 scan_bbt(mtd, apanic_bbt);
321 if (apanic_good_blocks == 0) {
322 printk(KERN_ERR "apanic: no any good blocks?!\n");
326 rc = mtd->read(mtd, phy_offset(mtd, 0), mtd->writesize,
328 if (rc && rc == -EBADMSG) {
330 "apanic: Bad ECC on block 0 (ignored)\n");
331 } else if (rc && rc != -EUCLEAN) {
332 printk(KERN_ERR "apanic: Error reading block 0 (%d)\n", rc);
336 if (len != mtd->writesize) {
337 printk(KERN_ERR "apanic: Bad read size (%d)\n", rc);
341 printk(KERN_INFO "apanic: Bound to mtd partition '%s'\n", mtd->name);
343 if (hdr->magic != PANIC_MAGIC) {
344 printk(KERN_INFO "apanic: No panic data available\n");
345 #ifndef CONFIG_MTD_RKNAND
351 if (hdr->version != PHDR_VERSION) {
352 printk(KERN_INFO "apanic: Version mismatch (%d != %d)\n",
353 hdr->version, PHDR_VERSION);
354 #ifndef CONFIG_MTD_RKNAND
360 memcpy(&ctx->curr, hdr, sizeof(struct panic_header));
362 printk(KERN_INFO "apanic: c(%u, %u) t(%u, %u)\n",
363 hdr->console_offset, hdr->console_length,
364 hdr->threads_offset, hdr->threads_length);
366 if (hdr->console_length) {
367 ctx->apanic_console = create_proc_entry("apanic_console",
368 S_IFREG | S_IRUGO, NULL);
369 if (!ctx->apanic_console)
370 printk(KERN_ERR "%s: failed creating procfile\n",
373 ctx->apanic_console->read_proc = apanic_proc_read;
374 ctx->apanic_console->write_proc = apanic_proc_write;
375 ctx->apanic_console->size = hdr->console_length;
376 ctx->apanic_console->data = (void *) 1;
377 proc_entry_created = 1;
381 if (hdr->threads_length) {
382 ctx->apanic_threads = create_proc_entry("apanic_threads",
383 S_IFREG | S_IRUGO, NULL);
384 if (!ctx->apanic_threads)
385 printk(KERN_ERR "%s: failed creating procfile\n",
388 ctx->apanic_threads->read_proc = apanic_proc_read;
389 ctx->apanic_threads->write_proc = apanic_proc_write;
390 ctx->apanic_threads->size = hdr->threads_length;
391 ctx->apanic_threads->data = (void *) 2;
392 proc_entry_created = 1;
396 #ifndef CONFIG_MTD_RKNAND
397 if (!proc_entry_created)
406 static void mtd_panic_notify_remove(struct mtd_info *mtd)
408 struct apanic_data *ctx = &drv_ctx;
409 if (mtd == ctx->mtd) {
411 printk(KERN_INFO "apanic: Unbound from %s\n", mtd->name);
415 static struct mtd_notifier mtd_panic_notifier = {
416 .add = mtd_panic_notify_add,
417 .remove = mtd_panic_notify_remove,
420 static int in_panic = 0;
422 static int apanic_writeflashpage(struct mtd_info *mtd, loff_t to,
427 int panic = in_interrupt() | in_atomic();
429 if (panic && !mtd->panic_write) {
430 printk(KERN_EMERG "%s: No panic_write available\n", __func__);
432 } else if (!panic && !mtd->write) {
433 printk(KERN_EMERG "%s: No write available\n", __func__);
437 to = phy_offset(mtd, to);
438 if (to == APANIC_INVALID_OFFSET) {
439 printk(KERN_EMERG "apanic: write to invalid address\n");
444 rc = mtd->panic_write(mtd, to, mtd->writesize, &wlen, buf);
446 rc = mtd->write(mtd, to, mtd->writesize, &wlen, buf);
450 "%s: Error writing data to flash (%d)\n",
458 extern int log_buf_copy(char *dest, int idx, int len);
459 extern void log_buf_clear(void);
462 * Writes the contents of the console to the specified offset in flash.
463 * Returns number of bytes written
465 static int apanic_write_console(struct mtd_info *mtd, unsigned int off)
467 struct apanic_data *ctx = &drv_ctx;
471 unsigned int last_chunk = 0;
473 while (!last_chunk) {
474 saved_oip = oops_in_progress;
475 oops_in_progress = 1;
476 rc = log_buf_copy(ctx->bounce, idx, mtd->writesize);
480 if (rc != mtd->writesize)
483 oops_in_progress = saved_oip;
486 if (rc != mtd->writesize)
487 memset(ctx->bounce + rc, 0, mtd->writesize - rc);
489 rc2 = apanic_writeflashpage(mtd, off, ctx->bounce);
492 "apanic: Flash write failed (%d)\n", rc2);
504 static int apanic(struct notifier_block *this, unsigned long event,
507 struct apanic_data *ctx = &drv_ctx;
508 struct panic_header *hdr = (struct panic_header *) ctx->bounce;
509 int console_offset = 0;
511 int threads_offset = 0;
518 #ifdef CONFIG_PREEMPT
519 /* Ensure that cond_resched() won't try to preempt anybody */
520 add_preempt_count(PREEMPT_ACTIVE);
522 touch_softlockup_watchdog();
527 if (ctx->curr.magic) {
528 printk(KERN_EMERG "Crash partition in use!\n");
531 console_offset = ctx->mtd->erasesize;
534 * Write out the console
536 console_len = apanic_write_console(ctx->mtd, console_offset);
537 if (console_len < 0) {
538 printk(KERN_EMERG "Error writing console to panic log! (%d)\n",
544 * Write out all threads
546 threads_offset = ALIGN(console_offset + console_len,
547 ctx->mtd->writesize);
549 threads_offset = ctx->mtd->writesize;
551 #ifdef CONFIG_ANDROID_RAM_CONSOLE
552 ram_console_enable_console(0);
556 show_state_filter(0);
557 threads_len = apanic_write_console(ctx->mtd, threads_offset);
558 if (threads_len < 0) {
559 printk(KERN_EMERG "Error writing threads to panic log! (%d)\n",
565 * Finally write the panic header
567 memset(ctx->bounce, 0, PAGE_SIZE);
568 hdr->magic = PANIC_MAGIC;
569 hdr->version = PHDR_VERSION;
571 hdr->console_offset = console_offset;
572 hdr->console_length = console_len;
574 hdr->threads_offset = threads_offset;
575 hdr->threads_length = threads_len;
577 rc = apanic_writeflashpage(ctx->mtd, 0, ctx->bounce);
579 printk(KERN_EMERG "apanic: Header write failed (%d)\n",
584 printk(KERN_EMERG "apanic: Panic dump sucessfully written to flash\n");
587 #ifdef CONFIG_PREEMPT
588 sub_preempt_count(PREEMPT_ACTIVE);
594 static struct notifier_block panic_blk = {
595 .notifier_call = apanic,
598 static int panic_dbg_get(void *data, u64 *val)
600 apanic(NULL, 0, NULL);
604 static int panic_dbg_set(void *data, u64 val)
610 DEFINE_SIMPLE_ATTRIBUTE(panic_dbg_fops, panic_dbg_get, panic_dbg_set, "%llu\n");
612 int __init apanic_init(void)
614 register_mtd_user(&mtd_panic_notifier);
615 atomic_notifier_chain_register(&panic_notifier_list, &panic_blk);
616 debugfs_create_file("apanic", 0644, NULL, NULL, &panic_dbg_fops);
617 memset(&drv_ctx, 0, sizeof(drv_ctx));
618 drv_ctx.bounce = (void *) __get_free_page(GFP_KERNEL);
619 INIT_WORK(&proc_removal_work, apanic_remove_proc_work);
620 printk(KERN_INFO "Android kernel panic handler initialized (bind=%s)\n",
621 CONFIG_APANIC_PLABEL);
625 module_init(apanic_init);