EMMCFirmwareBugs » History » Revision 7
Revision 6 (Denis 'GNUtoo' Carikli, 11/22/2020 05:06 PM) → Revision 7/11 (Denis 'GNUtoo' Carikli, 11/22/2020 05:06 PM)
h1. EMMCFirmwareBugs
{{toc}}
h2. Data corruption
Several devices have fixes or workarounds in vendor kernels for data corruptions in the eMMC. This can lead to non-working devices as it could potentially corrupt the bootloaders for instance.
The bug #2104 has more details for the Galaxy SIII.
h3. Affected devices
h4. VTU00M
*Affected devices*: Some Galaxy SIII (GT-I9300)
*Vendor kernel patch*: "mmc: Soft-patch MoviNAND VTU00M (16GB) eMMC failure":https://git.replicant.us/replicant/kernel_samsung_smdk4412/commit/?id=da8461692362317a8ffce4d4646953985fcf4e1d
*Upstream status*: not upstream
*Replicant >=9 status*: not yet ported
h5. How to check
As this patch shows:
<pre>
+ if (!strncmp(host->card->cid.prod_name, "VTU00M", 6) &&
+ (host->card->cid.prod_rev == 0xf1) &&
+ (mmc_start_movi_smart(host->card) == 0x2))
+ host->card->movi_ops = 0x2;
</pre>
* The name of the eMMC is VTU00M
* Only certain revisions are affected (revision 0xf1)
* The revision is probably in the prv field
With Replicant > 6 we can find the eMMC name like that:
<pre>
$ adb root
$ adb shell
i9300:/ # cat /sys/bus/mmc/devices/mmc2:0001/name
VTU00M
</pre>
As for the prod_rev, we have "this code":https://git.replicant.us/replicant/kernel_samsung_smdk4412/tree/drivers/mmc/core/mmc.c?id=da8461692362317a8ffce4d4646953985fcf4e1d#n101 in the Replicant 6 kernel:
<pre>
case 4: /* MMC v4 */
[...]
card->cid.prod_rev = UNSTUFF_BITS(resp, 48, 8);
[...]
break;
</pre>
So it's a MMC v4 and uses @UNSTUFF_BITS(resp, 48, 8);@
In upstream Linux we have that instead:
<pre>
case 4: /* MMC v4 */
[...]
card->cid.prv = UNSTUFF_BITS(resp, 48, 8);
[...]
</pre>
So we should be able to get the revision in this way:
<pre>
$ adb root
$ adb shell
i9300:/ # cat /sys/bus/mmc/devices/mmc2:0001/prv
0xf7
</pre>
Here I've the 0xf7 revision and not the problematic 0xf1 revision, so I should probably be ok.
Here this has been tested with a GT-I9300 with a work in progress Replicant 10 image that uses a kernel closely based on upstream Linux.
h5. Vendor kernel workaround analysis
The "mmc: Soft-patch MoviNAND VTU00M (16GB) eMMC failure":https://git.replicant.us/replicant/kernel_samsung_smdk4412/commit/?id=da8461692362317a8ffce4d4646953985fcf4e1d patch patches the eMMC firmware at runtime (it patches the firmware in RAM).
The eMMC firmware patch makes the eMMC hang when a corruption is about to happen.