Data corruption

Several devices have fixes or workarounds in vendor kernels for data corruptions in the eMMC. This can lead to non-working devices as it could potentially corrupt the bootloaders for instance.

The bug #2104 has more details for the Galaxy SIII.

Affected devices


Affected devices: Some Galaxy SIII (GT-I9300)
Vendor kernel patch: mmc: Soft-patch MoviNAND VTU00M (16GB) eMMC failure
Upstream status: not upstream
Replicant >=9 status: In Replicant 11 only

How to check

As this patch shows:

+    if (!strncmp(host->card->cid.prod_name, "VTU00M", 6) &&
+        (host->card->cid.prod_rev == 0xf1) &&
+        (mmc_start_movi_smart(host->card) == 0x2))
+        host->card->movi_ops = 0x2;

  • The name of the eMMC is VTU00M
  • Only certain revisions are affected (revision 0xf1)

With Replicant > 6 we can find the eMMC name like that:

$ adb root
$ adb shell
i9300:/ # cat /sys/bus/mmc/devices/mmc2:0001/name

As for the prod_rev, we have this code in the Replicant 6 kernel:

case 4: /* MMC v4 */
        card->cid.prod_rev    = UNSTUFF_BITS(resp, 48, 8);

So it's a MMC v4 and uses UNSTUFF_BITS(resp, 48, 8);

In upstream Linux we have that instead:

    case 4: /* MMC v4 */
        card->cid.prv        = UNSTUFF_BITS(resp, 48, 8);

So we should be able to get the revision in this way:

$ adb root
$ adb shell
i9300:/ # cat /sys/bus/mmc/devices/mmc2:0001/prv

Here I've the 0xf7 revision and not the problematic 0xf1 revision, so I should probably be ok.

Here this has been tested with a GT-I9300 with a work in progress Replicant 10 image that uses a kernel closely based on upstream Linux.

Vendor kernel workaround analysis

The mmc: Soft-patch MoviNAND VTU00M (16GB) eMMC failure patch patches the eMMC firmware at runtime (it patches the firmware in RAM).

The eMMC firmware patch makes the eMMC hang when a corruption is about to happen.

See also

Other devices

See also
  • Document this also for other devices, like the Galaxy SII.
  • There was a wiki page in LineageOS or CyanogenMod that referenced eMMC firmware bugs. find it and reference it

Updated by Denis 'GNUtoo' Carikli 23 days ago ยท 11 revisions

Also available in: PDF HTML TXT