| blob | dbc2abe6bf67fe10adcb51f47924a36a27617ab5 |
1 /*
2 * This file is part of Cleanflight and Betaflight.
3 *
4 * Cleanflight and Betaflight are free software. You can redistribute
5 * this software and/or modify this software under the terms of the
6 * GNU General Public License as published by the Free Software
7 * Foundation, either version 3 of the License, or (at your option)
8 * any later version.
9 *
10 * Cleanflight and Betaflight are distributed in the hope that they
11 * will be useful, but WITHOUT ANY WARRANTY; without even the implied
12 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 * See the GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this software.
17 *
18 * If not, see <http://www.gnu.org/licenses/>.
19 */
21 /**
22 * This provides a stream interface to a flash chip if one is present.
23 *
24 * On statup, call flashfsInit() after initialising the flash chip in order to init the filesystem. This will
25 * result in the file pointer being pointed at the first free block found, or at the end of the device if the
26 * flash chip is full.
27 *
28 * Note that bits can only be set to 0 when writing, not back to 1 from 0. You must erase sectors in order
29 * to bring bits back to 1 again.
30 *
31 * In future, we can add support for multiple different flash chips by adding a flash device driver vtable
32 * and make calls through that, at the moment flashfs just calls m25p16_* routines explicitly.
33 */
35 #include <stdint.h>
36 #include <stdbool.h>
37 #include <string.h>
47 /* The position of our head and tail in the circular flash write buffer.
48 *
49 * The head is the index that a byte would be inserted into on writing, while the tail is the index of the
50 * oldest byte that has yet to be written to flash.
51 *
52 * When the circular buffer is empty, head == tail
53 */
56 // The position of the buffer's tail in the overall flash address space:
60 {
62 }
65 {
67 }
70 {
72 }
75 {
81 }
83 /**
84 * Start and end must lie on sector boundaries, or they will be rounded out to sector boundaries such that
85 * all the bytes in the range [start...end) are erased.
86 */
88 {
94 // Round the start down to a sector boundary
97 // And the end upward
102 endSector++;
103 }
107 }
108 }
110 /**
111 * Return true if the flash is not currently occupied with an operation.
112 */
114 {
115 // Check for flash chip existence first, then check if ready.
118 }
121 {
123 }
126 {
128 }
131 {
136 }
138 /**
139 * Get the size of the largest single write that flashfs could ever accept without blocking or data loss.
140 */
142 {
144 }
146 /**
147 * Get the number of bytes that can currently be written to flashfs without any blocking or data loss.
148 */
150 {
152 }
155 {
157 }
159 /**
160 * Write the given buffers to flash sequentially at the current tail address, advancing the tail address after
161 * each write.
162 *
163 * In synchronous mode, waits for the flash to become ready before writing so that every byte requested can be written.
164 *
165 * In asynchronous mode, if the flash is busy, then the write is aborted and the routine returns immediately.
166 * In this case the returned number of bytes written will be less than the total amount requested.
167 *
168 * Modifies the supplied buffer pointers and sizes to reflect how many bytes remain in each of them.
169 *
170 * bufferCount: the number of buffers provided
171 * buffers: an array of pointers to the beginning of buffers
172 * bufferSizes: an array of the sizes of those buffers
173 * sync: true if we should wait for the device to be idle before writes, otherwise if the device is busy the
174 * write will be aborted and this routine will return immediately.
175 *
176 * Returns the number of bytes written
177 */
178 static uint32_t flashfsWriteBuffers(uint8_t const **buffers, uint32_t *bufferSizes, int bufferCount, bool sync)
179 {
186 }
190 }
200 /*
201 * Each page needs to be saved in a separate program operation, so
202 * if we would cross a page boundary, only write up to the boundary in this iteration:
203 */
208 }
210 // Are we at EOF already? Abort.
212 // May as well throw away any buffered data
216 }
224 // Is buffer larger than our write limit? Write our limit out of it
234 // We'll still have more to write after finishing this buffer off
241 }
242 }
243 }
249 // Advance the cursor in the file system to match the bytes we wrote
252 /*
253 * We'll have to wait for that write to complete before we can issue the next one, so if
254 * the user requested asynchronous writes, break now.
255 */
258 }
261 }
263 /*
264 * Since the buffered data might wrap around the end of the circular buffer, we can have two segments of data to write,
265 * an initial portion and a possible wrapped portion.
266 *
267 * This routine will fill the details of those buffers into the provided arrays, which must be at least 2 elements long.
268 */
270 {
280 }
281 }
283 /**
284 * Get the current offset of the file pointer within the volume.
285 */
287 {
291 // Dirty data in the buffers contributes to the offset
296 }
298 /**
299 * Called after bytes have been written from the buffer to advance the position of the tail by the given amount.
300 */
302 {
305 // Wrap tail around the end of the buffer
308 }
312 }
313 }
315 /**
316 * If the flash is ready to accept writes, flush the buffer to it.
317 *
318 * Returns true if all data in the buffer has been flushed to the device, or false if
319 * there is still data to be written (call flush again later).
320 */
322 {
325 }
336 }
338 /**
339 * Wait for the flash to become ready and begin flushing any buffered data to flash.
340 *
341 * The flash will still be busy some time after this sync completes, but space will
342 * be freed up to accept more writes in the write buffer.
343 */
345 {
348 }
356 // We've written our entire buffer now:
358 }
361 {
365 }
368 {
372 }
374 /**
375 * Write the given byte asynchronously to the flash. If the buffer overflows, data is silently discarded.
376 */
378 {
383 }
387 }
388 }
390 /**
391 * Write the given buffer to the flash either synchronously or asynchronously depending on the 'sync' parameter.
392 *
393 * If writing asynchronously, data will be silently discarded if the buffer overflows.
394 * If writing synchronously, the routine will block waiting for the flash to become ready so will never drop data.
395 */
397 {
401 // There could be two dirty buffers to write out already:
404 // Plus the buffer the user supplied:
408 /*
409 * Would writing this data to our buffer cause our buffer to reach the flush threshold? If so try to write through
410 * to the flash now
411 */
415 // Attempt to write all three buffers through to the flash asynchronously
419 // We wrote all the data that was previously buffered
423 // And we wrote all the data the user supplied! Job done!
425 }
427 // We only wrote a portion of the old data, so advance the tail to remove the bytes we did write from the buffer
429 }
431 // Is the remainder of the data to be written too big to fit in the buffers?
434 // Write it through synchronously
438 /*
439 * Silently drop the data the user asked to write (i.e. no-op) since we can't buffer it and they
440 * requested async.
441 */
442 }
445 }
447 // Fall through and add the remainder of the incoming data to our buffer
450 }
452 // Buffer up the data the user supplied instead of writing it right away
454 // First write the portion before we wrap around the end of the circular buffer
466 // If we wrap the head around, write the remainder to the start of the buffer (if any)
471 }
472 }
474 /**
475 * Read `len` bytes from the given address into the supplied buffer.
476 *
477 * Returns the number of bytes actually read which may be less than that requested.
478 */
480 {
483 // Did caller try to read past the end of the volume?
485 // Truncate their request
487 }
489 // Since the read could overlap data in our dirty buffers, force a sync to clear those first
495 }
497 /**
498 * Find the offset of the start of the free space on the device (or the size of the device if it is full).
499 */
501 {
502 /* Find the start of the free space on the device by examining the beginning of blocks with a binary search,
503 * looking for ones that appear to be erased. We can achieve this with good accuracy because an erased block
504 * is all bits set to 1, which pretty much never appears in reasonable size substrings of blackbox logs.
505 *
506 * To do better we might write a volume header instead, which would mark how much free space remains. But keeping
507 * a header up to date while logging would incur more writes to the flash, which would consume precious write
508 * bandwidth and block more often.
509 */
512 /* We can choose whatever power of 2 size we like, which determines how much wastage of free space we'll have
513 * at the end of the last written data. But smaller blocksizes will require more searching.
514 */
515 FREE_BLOCK_SIZE = 2048, // XXX This can't be smaller than page size for underlying flash device.
517 /* We don't expect valid data to ever contain this many consecutive uint32_t's of all 1 bits: */
520 };
530 int right = flashfsGetSize() / FREE_BLOCK_SIZE; // One past the largest block index in the search region
539 if (flashReadBytes(mid * FREE_BLOCK_SIZE, testBuffer.bytes, FREE_BLOCK_TEST_SIZE_BYTES) < FREE_BLOCK_TEST_SIZE_BYTES) {
540 // Unexpected timeout from flash, so bail early (reporting the device fuller than it really is)
542 }
544 // Checking the buffer 4 bytes at a time like this is probably faster than byte-by-byte, but I didn't benchmark it :)
550 }
551 }
554 /* This erased block might be the leftmost erased block in the volume, but we'll need to continue the
555 * search leftwards to find out:
556 */
562 }
563 }
566 }
568 /**
569 * Returns true if the file pointer is at the end of the device.
570 */
572 {
574 }
577 {
585 // Advance tailAddress to next page boundary.
590 }
591 }
593 /**
594 * Call after initializing the flash chip in order to set up the filesystem.
595 */
597 {
598 // If we have a flash chip present at all
600 // Start the file pointer off at the beginning of free space so caller can start writing immediately
602 }
603 }