嵌入式 Linux下SPI NAND Flash可靠读写策略与应用层设计
- 2026-04-19 07:21:43
嵌入式 Linux下SPI NAND Flash可靠读写策略与应用层设计Hello,大家好,我是程序媛MM。
往期文章(欢迎订阅技术分享栏目全部文章):
【从零开始撸内核驱动源码】:以ttyserial(串口驱动)为例,串联字符设备驱动基础知识点的学习计划 Linux内核源码顶层 Makefile分析并单独编译调试内核自带的驱动 【从零开始撸内核驱动源码】:ttynull驱动 Linux内核驱动安装失败问题调试及解决方法 Linux内核驱动源码走读之编译内核及外部驱动实操指南 
“谢谢你看到这里”
本文分析约1500字,这是芯片厂家提供的驱动接口结合项目上使用方法,整理出来的一篇可靠读写SPI NADN Flash的机制。
关注公众号, 即可获得与Linux相关的电子书籍以及常用开发工具,文末有文档清单。
在嵌入式 Linux 产品中,配置参数、固件镜像、日志都需要掉电可靠存储。SPI NAND 因成本低、容量大成为首选,但它天生存在坏块、位翻转、只能按块擦除、只能 1→0 写入等物理限制。
一 NAND Flash 核心原理(决定读写策略的根因)
NAND 存储以 Block(块)为最小擦除单元,Page(页)为最小读写单元,SPI NAND 遵循同样规则:
擦除特性:必须先擦除再写入,擦除后全为 0xFF
写入限制:只能把 1 写成 0,不能直接改写
坏块不可避免:出厂坏块 + 磨损坏块,必须跳过
数据易出错:传输干扰、电荷泄漏会导致位翻转
Linux下访问方式:通过 /dev/mtdX 字符设备 + MTD ioctl 操作
代码基于 Linux MTD 子系统封装,是真实嵌入式部署场景的应用体现。
二 安全机制
可靠读写全套策略:
[1]. 坏块管理机制(最核心)
通过 MTD 标准 ioctl 完成坏块检测与标记,读写前先检测,遇到坏块自动跳过;写入校验失败则标记坏块并换块写入,完全遵循 Linux MTD 标准坏块表,不破坏分区。
[2]. 块擦除安全机制
擦除流程严格遵循:先判断是否坏块→再执行块擦除→擦除失败直接跳过该块,完全符合 NAND 擦不死、擦坏即弃原则。
[3]. 数据完整性:头部 + CRC32 双校验
定义块头结构,包含 CRC 校验值、有效魔数标识与保留字段。读取时先校验魔数防止块错位,再用 CRC32 校验数据完整性,自动丢弃无效块,保证数据不篡改、不损坏。
[4]. 写入后强制回读校验(关键可靠性保障)
写入完成后立即回读整块数据,与写入源数据对比。校验不一致则标记坏块并跳过,从根本上保证数据真正写入成功。
[5]. 内存缓冲与边界保护
按块大小动态申请读写缓冲,避免栈溢出;增加地址越界检查、写入长度检查,防止非法操作损坏 Flash。
三 完整读写流程
[1].写入流程:
>>打开 MTD 设备 /dev/mtdX
>>获取 NAND 信息(块大小、页大小、总容量)
>>初始化读写缓冲
>>逐块循环:检查地址越界→跳过坏块→擦除块→再次检查坏块→组包(头部魔数 + 数据 + CRC)→写入块→回读校验→校验失败标记坏块并跳过
>>fsync 刷盘→关闭设备
[2].读取流程:
>>打开 MTD 设备
>>获取 NAND 信息
>>初始化缓冲
>>逐块循环:越界检查→跳过坏块→读取整块→魔数 + CRC 双校验→有效则拷贝用户数据
>>关闭设备
代码片段:
typedef struct blockHeader{int crc;int headImage;char rsv[24];}blockHeader_T;static char* pWriteBlockBuf = NULL;static char* pReadBlockBuf = NULL;#define PRINT_DEBUG#ifdef PRINT_DEBUG#define PRINT_LOG_DBG(format,arg...) \printf(format,## arg)#else#define PRINT_LOG_DBG(format,arg...)#endif#define PRINT_LOG_INFO(format,arg...) \printf(format,## arg)unsignedlongsimple_strtoul(constchar *cp, char **endp,unsigned int base){unsigned long result = 0;unsigned long value;if (*cp == '0') {cp++;if ((*cp == 'x') && isxdigit(cp[1])) {base = 16;cp++;}if (!base)base = 8;}if (!base)base = 10;while (isxdigit(*cp) && (value = isdigit(*cp) ? *cp-'0' : (islower(*cp)? toupper(*cp) : *cp)-'A'+10) < base) {result = result*base + value;cp++;}if (endp)*endp = (char *)cp;return result;}staticintcompare_buf(char *buf0, char *buf1, int len){int i;/* dump_buf(0,16,buf0); *//* dump_buf(0,16,buf1); */for(i = 0; i < len; i++){if(buf0[i] != buf1[i])return 1;}return 0;}staticintnand_rwblockbuf_init(int block_size){if(pWriteBlockBuf == NULL){pWriteBlockBuf = (char*)malloc(block_size);if(pWriteBlockBuf == NULL){printf("nand_rwbuf_init: malloc pWriteBlockBuf failed!\n");return -1;}}if(pReadBlockBuf == NULL){pReadBlockBuf = (char*)malloc(block_size);if(pReadBlockBuf == NULL){printf("nand_rwbuf_init: malloc pReadBlockBuf failed!\n");return -1;}}return 0;}staticintnand_mark_badblock(int fd, loff_t offs){int ret;ret = ioctl(fd, MEMSETBADBLOCK, &offs);if (ret < 0) {PRINT_LOG_DBG("[%s][%d] Failed to set bad block\n",__func__, __LINE__);}return ret;}staticintnand_is_badblock(int fd, loff_t offs){int ret;ret = ioctl(fd, MEMGETBADBLOCK, &offs);if (ret < 0) {PRINT_LOG_DBG("[%s][%d] Failed get badblock\n",__func__, __LINE__);}return ret;}staticintnand_erase_block(int fd, struct erase_info_user erase_info){int ret;ret = ioctl(fd, MEMERASE, &erase_info);if (ret < 0) {PRINT_LOG_DBG("[%s][%d] Failed erase block\n",__func__, __LINE__);}return ret;}staticintnand_is_invaliddata(char *data, int dataLen){//check nand every block data is validunsigned int pkg_crc_block = 0;int blockCrc = 0;int blockDataLen = 0;if(data == NULL || dataLen <= 0){return 1;}if (*(uint32_t *)(data + CRC_LEN) != HEADIMAGE) {//PRINT_LOG_INFO("Invalid block header, %x %x error headLen:%d\n", *(uint32_t *)(data+CRC_LEN), HEADIMAGE, headLen);return 1;}blockCrc = *(unsigned int*)data;blockDataLen = dataLen - CRC_LEN;crc_32_fun(data + CRC_LEN, blockDataLen, &pkg_crc_block);if(blockCrc != pkg_crc_block){PRINT_LOG_INFO("The block data is invalid, blockCrc:%x pkg_crc_block:%x blockDataLen:%d\n", blockCrc, pkg_crc_block, blockDataLen);return 1;}PRINT_LOG_INFO("The block data is ok, blockCrc:%x pkg_crc_block:%x\n", blockCrc, pkg_crc_block);return 0;}intnand_read(char* nand_device, char *read_buffer, int read_size, int max_available_size, int offset){int fd = -1;int ret = -1;int len = 0;struct mtd_info_user mtd_info;loff_t offs = (loff_t)offset;int dataErr = -1;if(nand_device == NULL || read_buffer == NULL){printf("inf_nand_read:nand_device or read_buffer is NULL\n");return -1;}//open nand devicefd = open(nand_device, O_RDWR);if (fd < 0) {perror("inf_nand_read: Failed to open NAND device");return -1;}//get nand device inforet = ioctl(fd, MEMGETINFO, &mtd_info);if (ret < 0) {perror("inf_nand_read: Failed to get MTD info");close(fd);return ret;}#if 0PRINT_LOG_DBG("read nand info:\n");PRINT_LOG_DBG("mtd size: 0x%x\n",mtd_info.size);PRINT_LOG_DBG("nand erasesize: 0x%x\n",mtd_info.erasesize);PRINT_LOG_DBG("nand writesize: 0x%x\n",mtd_info.writesize);PRINT_LOG_DBG("nand oobsize: 0x%x\n",mtd_info.oobsize);#endifif(nand_rwblockbuf_init(mtd_info.erasesize) < 0){return -1;}len = read_size;lseek(fd, offs, SEEK_SET);while(len > 0) {if(offs >= (loff_t)max_available_size){//PRINT_LOG_DBG("inf_nand_read: offs(0x%x) is bigger than offset + max_available_size(0x%x)\n", offs, (loff_t)(offset + max_available_size));close(fd);return dataErr;}ret = nand_is_badblock(fd,offs);if(ret) {PRINT_LOG_DBG("inf_nand_read: skiping bad block, addr %llx ret %d\n",offs, ret);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;} else;memset(pReadBlockBuf, 0x0, mtd_info.erasesize);if (read(fd, pReadBlockBuf, mtd_info.erasesize) != mtd_info.erasesize) {perror("inf_nand_read: Failed to read from NAND device");PRINT_LOG_DBG("inf_nand read: block addr %llx read failed, len = 0x%x\n",offs, len);close(fd);return dataErr;}ret = nand_is_invaliddata(pReadBlockBuf, mtd_info.erasesize);if(ret){//PRINT_LOG_DBG("inf_nand_read: check data is invalid, skiping the block, addr %llx ret %d\n",offs, ret);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;} else;PRINT_LOG_DBG("inf_nand read: block addr %llx read ok, len = 0x%x\n",offs, len);offs += mtd_info.erasesize;memcpy(read_buffer, pReadBlockBuf + sizeof(blockHeader_T), mtd_info.erasesize - sizeof(blockHeader_T));read_buffer += mtd_info.erasesize - sizeof(blockHeader_T);len -= mtd_info.erasesize - sizeof(blockHeader_T);dataErr = 0;}close(fd);return dataErr;}intnand_write(char* nand_device, char *write_buffer, int write_size, int max_available_size, int offset){int fd = -1;int ret = -1;unsigned int crcnum = 0;int blockDataLen = 0;int blockHeadLen = sizeof(blockHeader_T);int remainDataSize = 0;struct mtd_info_user mtd_info;struct erase_info_user erase_info;loff_t offs = (loff_t)offset;if(nand_device == NULL || write_buffer == NULL){printf("inf_nand_write: nand_device is NULL\n");return -1;}//open nand devicefd = open(nand_device, O_RDWR);if (fd < 0) {perror("inf_nand_write: Failed to open NAND device");return -1;}//get nand device inforet = ioctl(fd, MEMGETINFO, &mtd_info);if (ret < 0) {perror("inf_nand_write: Failed to get MTD info");close(fd);return ret;}#if 0PRINT_LOG_DBG("read nand info:\n");PRINT_LOG_DBG("mtd size: 0x%x\n",mtd_info.size);PRINT_LOG_DBG("nand erasesize: 0x%x\n",mtd_info.erasesize);PRINT_LOG_DBG("nand writesize: 0x%x\n",mtd_info.writesize);PRINT_LOG_DBG("nand oobsize: 0x%x\n",mtd_info.oobsize);#endifif(nand_rwblockbuf_init(mtd_info.erasesize) < 0){return -1;}//mark badblock for testing//nand_mark_badblock(fd, offs);//printf("nand_mark_badblock: set nand bad, 0x%llx \n", offs);if(write_size > CONFIG_SIZE - mtd_info.erasesize){return -1;}remainDataSize = write_size;printf("inf_nand_write: write_size:%d offset:0x%x\n", write_size, offset);lseek(fd, offs, SEEK_SET);while(remainDataSize > 0) {if(offs >= (loff_t)max_available_size){PRINT_LOG_INFO("inf_nand_write: offs(0x%x) is bigger than max_available_size(0x%x)", offs, max_available_size);close(fd);return -1;}//check if it is bad fast. If so, skip this block and write it to the next blockret = nand_is_badblock(fd,offs);if(ret) {PRINT_LOG_INFO("inf_nand_write: 1 skiping bad block, addr %llx ret %d len: %d\n",offs, ret, remainDataSize);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;} else;/* write_crc = crc32(0, write_buffer, mtd_info.erasesize); *///Before writing, erase the block firsterase_info.start = (__u32)offs;erase_info.length = mtd_info.erasesize;ret = nand_erase_block(fd,erase_info);if(ret) {PRINT_LOG_INFO("inf_nand_write: erase failed, skiping the block, addr %llx ret %d\n", offs, ret);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;} else;//check if it is bad fast. If so, skip this block and write it to the next blockret = nand_is_badblock(fd,offs);if(ret) {PRINT_LOG_INFO("inf_nand_write: 2 skiping bad block, addr %llx ret %d remainDataSize: %d\n",offs, ret, remainDataSize);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;} else;//handle block header dataif(remainDataSize <= mtd_info.erasesize - blockHeadLen){blockDataLen = remainDataSize;}else{blockDataLen = mtd_info.erasesize - blockHeadLen;}bzero(pReadBlockBuf, mtd_info.erasesize);bzero(pWriteBlockBuf, mtd_info.erasesize);*(int*)(pWriteBlockBuf + CRC_LEN) = HEADIMAGE;memcpy(pWriteBlockBuf + blockHeadLen, write_buffer, blockDataLen);crc_32_fun(pWriteBlockBuf + CRC_LEN, mtd_info.erasesize - CRC_LEN, &crcnum);PRINT_LOG_INFO("crcnum:0x%x blockDataLen:%d \n", crcnum, mtd_info.erasesize - CRC_LEN);*(int*)pWriteBlockBuf = crcnum;lseek(fd, offs, SEEK_SET);//write dataif (write(fd, pWriteBlockBuf, mtd_info.erasesize) != mtd_info.erasesize) {perror("inf_nand_write: Failed to read from NAND device");close(fd);return -1;}//Read data for verification (sample is just a simple comparison, actual use can use CRC verification, which is more efficient)//If the data is abnormal (you can retry reading a few more times here); Mark the block as a block, skip the block and write it onto a blocklseek(fd, offs, SEEK_SET);if (read(fd, pReadBlockBuf, mtd_info.erasesize) != mtd_info.erasesize) {perror("inf_nand_write: Failed to read from NAND device");close(fd);return -1;}/* read_crc = crc32(0, read_buffer, mtd_info.erasesize); *//* if(write_crc != read_crc) { */if(compare_buf(pReadBlockBuf, pWriteBlockBuf, mtd_info.erasesize)) {PRINT_LOG_INFO("inf_nand_write: block addr %llx, write data error,mark badblock, remainDataSize:%d\n",offs, remainDataSize);offs += mtd_info.erasesize;lseek(fd, offs, SEEK_SET);continue;}PRINT_LOG_DBG("inf_nand_write: block addr %llx write ok, len = 0x%x\n",offs, remainDataSize);offs += mtd_info.erasesize;write_buffer += mtd_info.erasesize - blockHeadLen;lseek(fd, offs, SEEK_SET);remainDataSize -= blockDataLen;}fsync(fd);close(fd);return 0;}#endif
四 嵌入式应用层如何设计可靠读写(最关键)
[1].应用层设计原则:
固定分区:配置、固件、日志分开放
固定入口:统一调用 nand_read /nand_write
缓冲对齐:读写缓冲必须和块大小对齐
失败重试:1~3 次,避免偶发干扰
掉电安全:先写备份区,再写主区
版本管理:头部加版本,支持回滚
应用层宏定义:
// 配置分区路径(Linux 下 SPI NAND 对应 mtdX)#define CONFIG_FILE_PATH "/dev/mtd5"// 配置区最大可用空间#define CONFIG_MAX_SIZE (1024 * 1024 * 1)// 配置存储偏移地址#define CONFIG_INFO_OFFSET 0x00000000// 块头魔数#define HEADIMAGE 0xAA55AA55#define CRC_LEN 4
[2].应用层可靠写入示例
// 全局或静态缓冲(必须足够大,>= 块大小)char pWriteBuf [64 * 1024] = {0};int savedDataLen = 0;// 1. 填充待写入数据memcpy (pWriteBuf, &app_config, sizeof (app_config));savedDataLen = sizeof (app_config);// 2. 调用封装好的标准接口写入int ret = nand_write (CONFIG_FILE_PATH, pWriteBuf, savedDataLen, CONFIG_MAX_SIZE, CONFIG_INFO_OFFSET);// 3. 结果判断if (ret < 0){print("nand write config info failed\n");// 可重试 1~2 次}else{printf("nand write config info success\n");}
应用层可靠读取示例:
char pReadBuf[64 * 1024] = {0};int read_len = sizeof(app_config);int ret = nand_read(CONFIG_FILE_PATH, pReadBuf, read_len, CONFIG_MAX_SIZE, CONFIG_INFO_OFFSET);if (ret < 0){printf("nand read config fail\n");}else{// 读取成功,恢复配置memcpy (&app_config, pReadBuf, sizeof (app_config));}
五 增强策略:掉电安全写入
在原有代码基础上,应用层可简单封装双区备份,彻底防止断电损坏:
示例代码:
int read_nand_check_crc(char* wr_buf, int* wr_buf_len, int offset){//check config and bak config crc is validunsigned int pkg_crc_config = 0;int configCrc = 0;int i = 0;int dataLen = 0;int validFileNum = 0;fileDescrible_T *pBuffer = NULL;fileDescrible_T fileInfo;int oneFileInfoLen = sizeof(fileDescrible_T);int headImageLen = sizeof(int);int headFileNumLen = sizeof(int);int totalHeadLen = 0;if(wr_buf_len == NULL || *wr_buf_len <= 0){return -1;}memset(wr_buf, 0, *wr_buf_len);inf_nand_read(CONFIG_FILE_PATH, wr_buf, *wr_buf_len, CONFIG_MAX_SIZE+offset, offset);char* pConfigInfo = (offset == 0) ? "config data" : "bak config data";if (*(uint32_t *)(wr_buf+CRC_LEN) != HEADIMAGE) {printf("Invalid config header, %s error\n", pConfigInfo);return -1;}totalHeadLen = CRC_LEN+headImageLen;validFileNum = *(uint32_t *)(wr_buf + totalHeadLen);pBuffer = (fileDescrible_T*)(wr_buf + totalHeadLen + headFileNumLen);for(i = 0; i < validFileNum; i++){memset(&fileInfo, 0, oneFileInfoLen);memcpy(&fileInfo, pBuffer+i, oneFileInfoLen);dataLen += fileInfo.fileLen;//printf("=====i : %d fileName:%s fileInfo.fileLen:%d\n", i, fileInfo.fileName, fileInfo.fileLen);}dataLen += totalHeadLen + headFileNumLen + oneFileInfoLen*validFileNum;configCrc = *(unsigned int*)(wr_buf);crc_32_fun(wr_buf+CRC_LEN, dataLen -CRC_LEN, &pkg_crc_config);if((configCrc != pkg_crc_config)||(validFileNum == 0)){printf("%s is invalid, configCrc:%x pkg_crc_config:%x config data len:%d validFileNum:%d\n", pConfigInfo, configCrc, pkg_crc_config, dataLen, validFileNum);return -1;}printf("%s is ok, configCrc:%x pkg_crc_config:%x config data len:%d validFileNum:%d\n", pConfigInfo, configCrc, pkg_crc_config, dataLen, validFileNum);*wr_buf_len = dataLen;return 0;}
if(read_nand_check_crc(wr_buf, &wr_buf_len, CONFIG_INFO_OFFSET) < 0){if(read_nand_check_crc(bak_wr_buf, &bak_wr_buf_len, BAK_CONFIG_INFO_OFFSET) >= 0){//copy bak config to configinf_nand_write(CONFIG_FILE_PATH, (uint8_t*)bak_wr_buf, bak_wr_buf_len,CONFIG_MAX_SIZE, CONFIG_INFO_OFFSET);memcpy(wr_buf, bak_wr_buf, bak_wr_buf_len);}else{printf("config and bak config data are both error!\n");goto exitGet;}}else{if(read_nand_check_crc(bak_wr_buf, &bak_wr_buf_len, BAK_CONFIG_INFO_OFFSET) < 0){//copy config to bak configinf_nand_write(CONFIG_FILE_PATH, (uint8_t*)wr_buf, wr_buf_len,BAK_CONFIG_INFO_OFFSET+CONFIG_MAX_SIZE, BAK_CONFIG_INFO_OFFSET);memcpy(bak_wr_buf, wr_buf, wr_buf_len);}}
六 嵌入式开发必知注意事项
MTD 设备必须是原始字符设备 /dev/mtdX,不要用 /dev/mtdblockX(块设备会被文件系统缓存)
缓冲必须大于等于 NAND 块大小,常见 64KB/128KB,代码已自动 malloc
禁止跨块乱写、禁止部分写,代码已按整块管理,从根源避免
ECC 建议开启,内核 MTD 驱动默认打开硬件 ECC,可纠正 1~4 位错误
高可靠场景建议双备份 + 版本号,配置参数至少 2 块备份
调试看日志,打开 PRINT_DEBUG 可看到:坏块、CRC、地址、长度
七 总结
这套设计逻辑包含:
[1].标准 Linux MTD 接口
[2].坏块检测 / 跳过 / 标记
[3].块擦除安全流程
[4].头部魔数 + CRC32 双校验
[5].写入后回读校验
[6].越界保护、缓冲管理
应用层只需要做三件事:
[1].定义好分区路径与大小
[2].准备对齐的读写缓冲
[3].调用封装好的读和写接口
这套方案能满足很多嵌入式产品的掉电可靠存储需求。
以上为全文内容。
这里是女程序员的笔记本
15年+嵌入式软件工程师兼二胎宝妈
分享读书心得、工作经验,自我成长和生活方式。
希望我的文字能对你有所帮助
本文来自网友投稿或网络内容,如有侵犯您的权益请联系我们删除,联系邮箱:wyl860211@qq.com 。
