for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.
These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.
Reviewed by: Bruce Evans <bde@zeta.org.au>
Reviewed by: Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by: Mike Spengler <mks@networkcs.com>
- Call isa_dmadone() whenever necessary to stop DMA and/or free bounce
buffers. Undead DMA corrupted the malloc freelist fairly consistently
in the following configuration: SLICE kernel, 2 floppy drives, no disk
in fd0, disk in fd1.
- Don't call fdc_reset() from fd_timeout(). Doing so gave an "extra"
interrupt which was usually misinterpreted as being for completion
of the next FDC command; the interrupt for completion of the next
FDC command was then usually misinterpreted... There were further
complications for interrupts latched by the soft-spl mechanism so
that they were delivered after all the h/w interrupts went away.
This caused at least wrong head settle delays and may be why the
FreeBSD floppy driver seems to munch floppies more than most floppy
drivers. The reset was unnecessary anyway in cases that didn't have
the bug described next, since is was repeated a little later for
the IOTIMEDOUT state. The state machine has complications to handle
resets correctly, so just use it.
- Don't call retrier() from fd_timeout(). The IOTIMEDOUT state needs
to be processed next, and it isn't valid to set to that state if
retrier() has aborted the current transfer. Doing so caused null
pointer panics after the previous bug was fixed.
Improved error handling:
- If an i/o is aborted, arrange to reset in the state machine before
doing the next i/o. New fdc flag for this. This fixes spurious
warnings and lengthy busy-waiting for the next i/o.
- Split STARTRECAL into RESETCOMPLETE and STARTRECAL and only check
for the results from reset if we actually reset. This fixes spurious
warnings for other paths to STARTRECAL. [Oops, it may break reset
handling for motor-off resets.]
Cleanups in fd_timeout():
- Renamed to fd_iotimeout() to make it clearer that it is only used
for i/o.
- Don't handle the bp == 0 case. This case can't happen for i/o.
- Don't check for controller-busy. We know it must be.
- Don't print anything. retrier() already prints too much for normal
errors.
- Fudge the state differently so that the state machine advances
fdc->retry and the status is invalid (perhaps this should fudge a
valid state like the one for WP).
- Style fixes.
controller reports a successful seek, it is very unlikely to report
seeking to a cylinder other than the one requested, but we check for
this, and botched the error handling for the requested_cylinder != 0
case. This error happened when the bug fixed in rev.1.52 of <sys/buf.h>
caused the head of buffer queue to change to one starting on a different
cylnder - the requested cylinder was found, but it wasn't what we
thought we requested. The fix is simply to arrange to reset the state
machine.
Corruption of the buffer queue seems to only have been a problem in the
floppy driver. Other drivers dequeue the head of the queue before doing
physical i/o on it, so the corruption at worse broke the elevator sort
order. Dequeueing breaks it anyway.
interupt level events. This needs a lot of cleanup, but has been working
here for a month or two.. originally needed for CAM integration
but that hasn't happenned yet. The probing state machines for each
handler should be replaced by a more generic state-service. It's
still quite messy in there..
There is only cdevsw (which should be renamed in a later edit to deventry
or something). cdevsw contains the union of what were in both bdevsw an
cdevsw entries. The bdevsw[] table stiff exists and is a second pointer
to the cdevsw entry of the device. it's major is in d_bmaj rather than
d_maj. some cleanup still to happen (e.g. dsopen now gets two pointers
to the same cdevsw struct instead of one to a bdevsw and one to a cdevsw).
rawread()/rawwrite() went away as part of this though it's not strictly
the same patch, just that it involves all the same lines in the drivers.
cdroms no longer have write() entries (they did have rawwrite (?)).
tapes no longer have support for bdev operations.
Reviewed by: Eivind Eklund and Mike Smith
Changes suggested by eivind.
FreeBSD/alpha. The most significant item is to change the command
argument to ioctl functions from int to u_long. This change brings us
inline with various other BSD versions. Driver writers may like to
use (__FreeBSD_version == 300003) to detect this change.
The prototype FreeBSD/alpha machdep will follow in a couple of days
time.
This code will be turned on with the TWO options
DEVFS and SLICE. (see LINT)
Two labels PRE_DEVFS_SLICE and POST_DEVFS_SLICE will deliniate these changes.
/dev will be automatically mounted by init (thanks phk)
on bootup. See /sys/dev/slice/slice.4 for more info.
All code should act the same without these options enabled.
Mike Smith, Poul Henning Kamp, Soeren, and a few dozen others
This code does not support the following:
bad144 handling.
Persistance. (My head is still hurting from the last time we discussed this)
ATAPI flopies are not handled by the SLICE code yet.
When this code is running, all major numbers are arbitrary and COULD
be dynamically assigned. (this is not done, for POLA only)
Minor numbers for disk slices ARE arbitray and dynamically assigned.
This introduce an xxxFS_BOOT for each of the rootable filesystems.
(Presently not required, but encouraged to allow a smooth move of option *FS
to opt_dontuse.h later.)
LFS is temporarily disabled, and will be re-enabled tomorrow.
floppy drive #0, regardless of what the CMOS says. This is intended
as a bandaid for those plagued with Compaq's idea to not announce the
floppy drive on their `Aero' notebook.
Using the device flags is not very nice (in particular since they
aren't per-drive but per-controller), but still looks a lot better to
me than the disgusting guesswork hack that was recently posted to
-hackers.
Doc update will follow shortly.
number of dma overruns/underruns for systems under heavy dma load.
As a side effect, broken enhanced floppy controllers that sometimes
don't detect dma overruns/underruns will give less errors.
Reviewed by: j@uriah.heep.sax.de (J Wunsch)
Hide the bogus FDC ``chip type'' display behind a (mostly) undocumented
option, since people started to trust the bogus claim. Once we're going
to handle 2.88 MB controllers, we have to redo the chip detection, by
now just leave it hidden.
changes, so don't expect to be able to run the kernel as-is (very well)
without the appropriate Lite/2 userland changes.
The system boots and can mount UFS filesystems.
Untested: ext2fs, msdosfs, NFS
Known problems: Incorrect Berkeley ID strings in some files.
Mount_std mounts will not work until the getfsent
library routine is changed.
Reviewed by: various people
Submitted by: Jeffery Hsu <hsu@freebsd.org>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
appearance of this bug was the malfunctioning -M option in GNU tar (it
worked only by explicitly specifying -L).
Reviewed by: bde, and partially corrected accoring to his comments
Candidate for 2.2, IMHO even for 2.1.6.
Saves about 280 butes of source per driver, 56 bytes in object size
and another 56 bytes moves from data to bss.
No functional change intended nor expected.
GENERIC should be about one k smaller now :-)
quite work yet, so the heart of it is disabled.
Added bdev and cdev args to dsopen().
drivers:
Fixed device names, links, minor numbers and modes.
wd.c:
Started actually supporting devfs.
diskslice.h:
Added devfs tokens to structs (currently 576 of them per disk! :-().
subr_diskslice.c:
Create devfs entries in dsopen() and (unsuccessfully) attempt to make
them go away at the right times. DEVFS is #undefed at the start so
that this shouldn't cause problems.
fd and wt drivers need bounce buffers, so this normally saves 32K-1K
of kernel memory.
Keep track of which DMA channels are busy. isa_dmadone() must now be
called when DMA has finished or been aborted.
Panic for unallocated and too-small (required) bounce buffers.
fd.c:
There will be new warnings about isa_dmadone() not being called after
DMA has been aborted.
sound/dmabuf.c:
isa_dmadone() needs more parameters than are available, so temporarily
use a new interface isa_dmadone_nobounce() to avoid having to worry
about panics for fake parameters. Untested.