Commit Graph

7 Commits

Author SHA1 Message Date
Conrad Meyer
db4fcadf52 "Buses" is the preferred plural of "bus"
Replace archaic "busses" with modern form "buses."

Intentionally excluded:
* Old/random drivers I didn't recognize
  * Old hardware in general
* Use of "busses" in code as identifiers

No functional change.

http://grammarist.com/spelling/buses-busses/

PR:		216099
Reported by:	bltsrc at mail.ru
Sponsored by:	Dell EMC Isilon
2017-01-15 17:54:01 +00:00
Don Lewis
95320acebc Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used.  All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero().  Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).

In addition, this idiom is difficult for humans to understand and
it is error prone.  The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation.  I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.

A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used.  The latter can
normally be seen in the nearby code.  This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.

Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.

Reported by:	Coverity
CID:		1007578, 1008684, 1009724, 1009773, 1011304, 1011306
CID:		1011307, 1011308, 1011309, 1011310, 1011311, 1011312
CID:		1011313, 1011314, 1011315, 1011316, 1011317, 1011318
CID:		1011319, 1011320, 1011321, 1011322, 1011324, 1011325
CID:		1011326, 1011327, 1011328, 1011329, 1011330, 1011374
CID:		1011390, 1011391, 1011392, 1011393, 1011394, 1011395
CID:		1011396, 1011397, 1011398, 1011399, 1011400, 1011401
CID:		1011402, 1011403, 1011404, 1011405, 1011406, 1011408
CID:		1011409, 1011410, 1011411, 1011412, 1011413, 1011414
CID:		1017461, 1018387, 1086860, 1086874, 1194257, 1229897
CID:		1229968, 1306229, 1306234, 1331282, 1331283, 1331294
CID:		1331295, 1331535, 1331536, 1331539, 1331540, 1341623
CID:		1341624, 1341637, 1341638, 1355264, 1355324
Reviewed by:	scottl, ken, delphij, imp
MFH:		1 month
Differential Revision:	https://reviews.freebsd.org/D6496
2016-05-24 00:57:11 +00:00
Don Lewis
ae092f753a Move a call to cam_freeccb() to avoid a use after free error and
a later double free.

Reported by:	Coverity
CID:		1018507
MFC after:	1 week
2016-05-13 06:26:42 +00:00
Kenneth D. Merry
e6bd5983ca Add CAM infrastructure to allow reporting when a drive's long read capacity
data changes.

cam_ccb.h:	Add a new advanced information type, CDAI_TYPE_RCAPLONG,
		for long read capacity data.

cam_xpt_internal.h:
		Add a read capacity data pointer and length to struct cam_ed.

cam_xpt.c:	Free the read capacity buffer when a device goes away.
		While we're here, make sure we don't leak memory for other
		malloced fields in struct cam_ed.

scsi_all.c:	Update the scsi_read_capacity_16() to take a uint8_t * and
		a length instead of just a pointer to the parameter data
		structure.  This will hopefully make this function somewhat
		immune to future changes in the parameter data.

scsi_all.h:	Add some extra bit definitions to struct
		scsi_read_capacity_data_long, and bump up the structure
		size to the full size specified by SBC-3.

		Change the prototype for scsi_read_capacity_16().

scsi_da.c:	Register changes in read capacity data with the transport
		layer.  This allows the transport layer to send out an
		async notification to interested parties.  Update the
		dasetgeom() API.

		Use scsi_extract_sense_len() instead of
		scsi_extract_sense().

scsi_xpt.c:	Add support for the new CDAI_TYPE_RCAPLONG advanced
		information type.

		Make sure we set the physpath pointer to NULL after freeing
		it.  This allows blindly freeing it in the struct cam_ed
		destructor.

sys/param.h:	Bump __FreeBSD_version from 1000005 to 1000006 to make it
		easier for third party drivers to determine that the read
		capacity data async notification is available.

camcontrol.c,
mptutil/mpt_cam.c:
		Update these for the new scsi_read_capacity_16() argument
		structure.

Sponsored by:	Spectra Logic
2012-01-26 18:09:28 +00:00
John Baldwin
c5f2b79dc7 - Save errno values before calling warn(3) so that errors are correctly
reported.
- Check for malloc() failures.

Submitted by:	gcooper
MFC after:	1 week
2010-11-09 19:28:06 +00:00
John Baldwin
fe2f808774 Fix mptutil's method for locating disk devices attached to a specific
mpt(4) controller.  Previously, the code assumed that multiple match
patterns provided to an XPT_DEV_MATCH request were ANDed together.
Instead, they are ORed.  Instead, to match peripherals for a specific bus,
one query needs to be performed to lookup the path ID of the bus.  A second
query can then be performed matching peripherals attached to that path.
This approach also makes the code a bit cleaner as the returned match
results do not mix bus and perphierals.

Reported by:	several folks
MFC after:	1 week
2010-02-19 15:16:00 +00:00
Scott Long
fc58801ccc Add mptutil, a basic utility for managing MPT SCSI/SATA/SAS controllers.
Drive and controller status can be reported, basic attributes changed,
and arrays and spares can be created and deleted.

Approved by:	re
Obtained from:	Yahoo! Inc.
2009-08-14 13:13:12 +00:00