freebsd-skq

d/freebsd-skq

Fork 0

Commit Graph

Author	SHA1	Message	Date
mav	c4b30791ff	Fix several iov handling bugs in bhyve virtio-scsi backend. - buf_to_iov() does not use buflen parameter, allowing out of bound read. - buf_to_iov() leaks memory if seek argument > 0. - iov_to_buf() doesn't need to reallocate buffer for every segment. - there is no point to use size_t for iov counts, int is more then enough. - some iov function arguments can be constified. - pci_vtscsi_request_handle() used truncate_iov() incorrectly, allowing getting out of buffer and possibly corrupting data. - pci_vtscsi_controlq_notify() written returned status at wrong offset. - pci_vtscsi_controlq_notify() leaked one buffer per event. Reported by: wg Reviewed by: araujo MFC after: 1 week Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D18465	2018-12-07 20:30:00 +00:00
araujo	64730b7ec2	- Add bhyve virtio-scsi storage backend support. Example of configuration: ctl.conf: portal-group pg0 { discovery-auth-group no-authentication listen 0.0.0.0 listen [::] } target iqn.2012-06.com.example:target0 { auth-group no-authentication portal-group pg0 port ioctl/5/3 lun 0 { path /z/test.img size 8G } lun 1 { path /z/test1.img size 8G } } bhyve <...> -s 4,virtio-scsi,/dev/cam/ctl5.3,iid=3 <VM_NAME> From inside guest: root@:~ # zpool status test pool: test state: ONLINE scan: none requested config: NAME STATE READ WRITE CKSUM test ONLINE 0 0 0 da0 ONLINE 0 0 0 da1 ONLINE 0 0 0 dmesg: da0 at vtscsi0 bus 0 scbus0 target 0 lun 0 da0: <FREEBSD CTLDISK 0001> Fixed Direct Access SPC-5 SCSI device da0: Serial Number MYSERIAL0000 da0: 300.000MB/s transfers da0: Command Queueing enabled da0: 8192MB (16777216 512 byte sectors) da1 at vtscsi0 bus 0 scbus0 target 0 lun 1 da1: <FREEBSD CTLDISK 0001> Fixed Direct Access SPC-5 SCSI device da1: Serial Number MYSERIAL0001 da1: 300.000MB/s transfers da1: Command Queueing enabled da1: 8192MB (16777216 512 byte sectors) Discussed with: grehan Reviewed by: mav Obtained from: TrueOS Relnotes: Yes Sponsored by: iXsystems Inc. Tested with: FreeBSD HEAD, Fedora 28 (Workstation) and Ubuntu 18.04. Differential Revision: https://reviews.freebsd.org/D15276	2018-06-11 02:09:20 +00:00

Author

SHA1

Message

Date

mav

c4b30791ff

Fix several iov handling bugs in bhyve virtio-scsi backend.

- buf_to_iov() does not use buflen parameter, allowing out of bound read.
 - buf_to_iov() leaks memory if seek argument > 0.
 - iov_to_buf() doesn't need to reallocate buffer for every segment.
 - there is no point to use size_t for iov counts, int is more then enough.
 - some iov function arguments can be constified.
 - pci_vtscsi_request_handle() used truncate_iov() incorrectly, allowing
   getting out of buffer and possibly corrupting data.
 - pci_vtscsi_controlq_notify() written returned status at wrong offset.
 - pci_vtscsi_controlq_notify() leaked one buffer per event.

Reported by:	wg
Reviewed by:	araujo
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D18465

2018-12-07 20:30:00 +00:00

araujo

64730b7ec2

- Add bhyve virtio-scsi storage backend support.

Example of configuration:
ctl.conf:
portal-group pg0 {
        discovery-auth-group no-authentication
        listen 0.0.0.0
        listen [::]
}

target iqn.2012-06.com.example:target0 {
        auth-group no-authentication
        portal-group pg0
        port ioctl/5/3

        lun 0 {
                path /z/test.img
                size 8G
        }
        lun 1 {
                path /z/test1.img
                size 8G
        }
}

bhyve <...> -s 4,virtio-scsi,/dev/cam/ctl5.3,iid=3 <VM_NAME>

From inside guest:
root@:~ # zpool status test
  pool: test
 state: ONLINE
  scan: none requested
config:

        NAME        STATE     READ WRITE CKSUM
        test        ONLINE       0     0     0
          da0       ONLINE       0     0     0
          da1       ONLINE       0     0     0

dmesg:
da0 at vtscsi0 bus 0 scbus0 target 0 lun 0
da0: <FREEBSD CTLDISK 0001> Fixed Direct Access SPC-5 SCSI device
da0: Serial Number MYSERIAL0000
da0: 300.000MB/s transfers
da0: Command Queueing enabled
da0: 8192MB (16777216 512 byte sectors)
da1 at vtscsi0 bus 0 scbus0 target 0 lun 1
da1: <FREEBSD CTLDISK 0001> Fixed Direct Access SPC-5 SCSI device
da1: Serial Number MYSERIAL0001
da1: 300.000MB/s transfers
da1: Command Queueing enabled
da1: 8192MB (16777216 512 byte sectors)

Discussed with:		grehan
Reviewed by:		mav
Obtained from:		TrueOS
Relnotes:		Yes
Sponsored by:		iXsystems Inc.
Tested with:		FreeBSD HEAD, Fedora 28 (Workstation) and
			Ubuntu 18.04.
Differential Revision:  https://reviews.freebsd.org/D15276

2018-06-11 02:09:20 +00:00

2 Commits