3 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Don Lewis
|
95320acebc |
Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its header generates one or two Coverity errors for each time it is used. All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON) error because of the treatment of the header as a two element array, with a pointer to the non-existent second element being passed as the starting address to bzero(). Some instances also alsp generate Out-of-bounds access (OVERRUN) errors, probably because the space being cleared is larger than the sizeofstruct ccb_hdr). In addition, this idiom is difficult for humans to understand and it is error prone. The user has to chose the proper struct ccb_* type (which does not appear in the surrounding code) for the sizeof() in the length calculation. I found several instances where the length was incorrect, which could cause either an actual out of bounds write, or incompletely clear the ccb. A better way is to write the code to clear the ccb itself starting at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate the length based on the specific type of struct ccb_* being cleared as specified by the union ccb member being used. The latter can normally be seen in the nearby code. This is friendlier for Coverity and other static analysis tools because they will see that the intent is to clear the trailing part of the ccb. Wrap all of the boilerplate code in a convenient macro that only requires a pointer to the desired union ccb member (or a pointer to the union ccb itself) as an argument. Reported by: Coverity CID: 1007578, 1008684, 1009724, 1009773, 1011304, 1011306 CID: 1011307, 1011308, 1011309, 1011310, 1011311, 1011312 CID: 1011313, 1011314, 1011315, 1011316, 1011317, 1011318 CID: 1011319, 1011320, 1011321, 1011322, 1011324, 1011325 CID: 1011326, 1011327, 1011328, 1011329, 1011330, 1011374 CID: 1011390, 1011391, 1011392, 1011393, 1011394, 1011395 CID: 1011396, 1011397, 1011398, 1011399, 1011400, 1011401 CID: 1011402, 1011403, 1011404, 1011405, 1011406, 1011408 CID: 1011409, 1011410, 1011411, 1011412, 1011413, 1011414 CID: 1017461, 1018387, 1086860, 1086874, 1194257, 1229897 CID: 1229968, 1306229, 1306234, 1331282, 1331283, 1331294 CID: 1331295, 1331535, 1331536, 1331539, 1331540, 1341623 CID: 1341624, 1341637, 1341638, 1355264, 1355324 Reviewed by: scottl, ken, delphij, imp MFH: 1 month Differential Revision: https://reviews.freebsd.org/D6496 |
||
Marcelo Araujo
|
1bfa92ba85 |
Remove unused variables reported by clang.
Differential Revision: D2688 Reviewed by: rodrigc, mav |
||
Kenneth D. Merry
|
08df2e3eaf |
Add persistent reservation support to camcontrol(8).
camcontrol(8) now supports a new 'persist' subcommand that allows users to issue SCSI PERSISTENT RESERVE IN / OUT commands. sbin/camcontrol/Makefile: Add persist.c. sbin/camcontrol/persist.c: New persistent reservation support for camcontrol(8). We have support for all known operation modes for PERSISTENT RESERVE IN and PERSISTENT RESERVE OUT. exceptions noted above. sbin/camcontrol/camcontrol.8: Document the new 'persist' subcommand. In the section on the Transport ID (-I) option, explain what Transport IDs for each protocol should look like. At some point some of this information could probably get moved off in a separate man page, either on Transport IDs alone or a man page documenting the Transport ID parsing code. Add a number of examples of persistent reservation commands. Persistent Reservations are complex enough that the average user probably won't be able to get the commands exactly right by just reading the man page. These examples show a few basic and advanced examples of how to use persistent reservations. sbin/camcontrol/camcontrol.h: Move the definition for camcontrol_optret here, so we can use it for the persistent reservation code. Add a definition for the new scsipersist() function. sbin/camcontrol/camcontrol.c: Add 'persist' to the list of subcommands. Document 'persist' in the help text. sys/cam/scsi/scsi_all.c: Add the scsi_persistent_reserve_in() and scsi_persistent_reserve_out() CCB building functions. Add a new function, scsi_transportid_sbuf(). This takes a SCSI Transport ID (documented in SPC-4), and prints it to an sbuf(9). There are some transports (like ATA, USB, and SSA) for which there is no transport defined. We need to come up with a reasonable thing to do if we're presented with a Transport ID that claims to be for one of those protocols. Add new routines scsi_get_nv() and scsi_nv_to_str(). These functions do a table lookup to go between a string and an integer. There are lots of table lookups needed in the persistent reservation code in camcontrol(8). Add a new function, scsi_parse_transportid(), along with leaf node functions to parse: FC, 1394 and SAS (scsi_parse_transportid_64bit()) iSCSI (scsi_parse_transportid_iscsi()) SPI (scsi_parse_transportid_spi()) RDMA (scsi_parse_transportid_rdma()) PCIe (scsi_parse_transportid_sop()) Transport IDs. Given a string with the general form proto,id these functions create a SCSI Transport ID structure. sys/cam/scsi/scsi_all.h: Update the various persistent reservation data structures to SPC4r36l, but also rename some fields that were previously obsolete with the proper names from older SCSI specs. This allows using older, obsolete persistent reservation types when desired. Add function prototypes for the new persistent reservation CCB building functions. Add a data strucure for the READ FULL STATUS service action of the PERSISTENT RESERVE IN command. Add Transport ID structures for all protocols described in SPC-4. Add a new series of SCSI_PROTO_XXX definitions, and redefine other defines in terms of these new definitions. Add a prototype for scsi_transportid_sbuf(). Change a couple of "obsolete" persistent reservation data structure fields into something more meaningful, based on what the field was called when it was defined in the spec. (e.g. SPC, SPC-2, etc.) Create a new define, SPRI_MAX_LEN, for the maximum allocation length allowed for the PERSISTENT RESERVE IN command. Add data structures and enumerations for the new name/value translation functions. Add data structures for SCSI over PCIe Routing IDs. Bring the PERSISTENT RESERVE OUT Register and Move parameter list structure (struct scsi_per_res_out_parms) up to date with SPC-4. Add a data structure for the transport IDs that can optionally be appended to the basic PERSISTENT RESERVE OUT parameter list. Move SCSI protocol macro definitions out of the VPD page 0x83 definition and combine them with the more up to date protocol definitions higher in the file. Add function prototypes for scsi_nv_to_str(), scsi_get_nv(), scsi_parse_transportid_64bit(), scsi_parse_transportid_spi(), scsi_parse_transportid_rdma(), scsi_parse_transportid_iscsi(), scsi_parse_transportid_sop(), and scsi_parse_transportid(). Sponsored by: Spectra Logic Corporation MFC after: 1 week |