Commit Graph

47 Commits

Author SHA1 Message Date
Robert Watson
311fa10b52 r222015 introduced a new assertion that the size of a fixed-length sbuf
buffer is greater than 1.  This triggered panics in at least one spot in
the kernel (the MAC Framework) which passes non-negative, rather than >1
buffer sizes based on the size of a user buffer passed into a system
call.  While 0-size buffers aren't particularly useful, they also aren't
strictly incorrect, so loosen the assertion.

Discussed with:	phk (fears I might be EDOOFUS but willing to go along)
Spotted by:	pho + stress2
Approved by:	re (kib)
2011-08-19 08:29:10 +00:00
Poul-Henning Kamp
384bf94c48 Use memset() instead of bzero() and memcpy() instead of bcopy(), there
is no relevant difference for sbufs, and it increases portability of
the source code.

Split the actual initialization of the sbuf into a separate local
function, so that certain static code checkers can understand
what sbuf_new() does, thus eliminating on silly annoyance of
MISRA compliance testing.

Contributed by:		An anonymous company in the last business I
			expected sbufs to invade.
2011-05-17 11:04:50 +00:00
Poul-Henning Kamp
eb05ee7a71 Don't expect PAGE_SIZE to exist on all platforms (It is a pretty arbitrary
choice of default size in the first place)

Reverse the order of arguments to the internal static sbuf_put_byte()
function to match everything else in this file.

Move sbuf_putc_func() inside the kernel version of sbuf_vprintf
where it belongs.

sbuf_putc() incorrectly used sbuf_putc_func() which supress NUL
characters, it should use sbuf_put_byte().

Make sbuf_finish() return -1 on error.

Minor stylistic nits fixed.
2011-05-17 06:36:32 +00:00
Poul-Henning Kamp
71c2bc5c6b Change the length quantities of sbufs to be ssize_t rather than int.
Constify a couple of arguments.
2011-05-16 16:18:40 +00:00
Matthew D Fleming
4e6571599b Re-add r212370 now that the LOR in powerpc64 has been resolved:
Add a drain function for struct sysctl_req, and use it for a variety
of handlers, some of which had to do awkward things to get a large
enough SBUF_FIXEDLEN buffer.

Note that some sysctl handlers were explicitly outputting a trailing
NUL byte.  This behaviour was preserved, though it should not be
necessary.

Reviewed by:    phk (original patch)
2010-09-16 16:13:12 +00:00
Matthew D Fleming
404a593e28 Revert r212370, as it causes a LOR on powerpc. powerpc does a few
unexpected things in copyout(9) and so wiring the user buffer is not
sufficient to perform a copyout(9) while holding a random mutex.

Requested by: nwhitehorn
2010-09-13 18:48:23 +00:00
Alexander Kabaev
eb262be333 Add missing pointer increment to sbuf_cat. 2010-09-11 19:42:50 +00:00
Matthew D Fleming
4d369413e1 Replace sbuf_overflowed() with sbuf_error(), which returns any error
code associated with overflow or with the drain function.  While this
function is not expected to be used often, it produces more information
in the form of an errno that sbuf_overflowed() did.
2010-09-10 16:42:16 +00:00
Matthew D Fleming
dd67e2103c Add a drain function for struct sysctl_req, and use it for a variety of
handlers, some of which had to do awkward things to get a large enough
FIXEDLEN buffer.

Note that some sysctl handlers were explicitly outputting a trailing NUL
byte.  This behaviour was preserved, though it should not be necessary.

Reviewed by:	phk
2010-09-09 18:33:46 +00:00
Matthew D Fleming
4351ba272c Add drain functionality to sbufs. The drain is a function that is
called when the sbuf internal buffer is filled.  For kernel sbufs with a
drain, the internal buffer will never be expanded.  For userland sbufs
with a drain, the internal buffer may still be expanded by
sbuf_[v]printf(3).

Sbufs now have three basic uses:
1) static string manipulation.  Overflow is marked.
2) dynamic string manipulation.  Overflow triggers string growth.
3) drained string manipulation.  Overflow triggers draining.

In all cases the manipulation is 'safe' in that overflow is detected and
managed.

Reviewed by:	phk (the previous version)
2010-09-09 17:49:18 +00:00
Matthew D Fleming
01f6f5fcd4 Refactor sbuf code so that most uses of sbuf_extend() are in a new
sbuf_put_byte().  This makes it easier to add drain functionality when a
buffer would overflow as there are fewer code points.

Reviewed by:	phk
2010-09-09 16:51:52 +00:00
Matthew D Fleming
181ff3d503 Use a better #if guard.
Suggested by pluknet <pluknet at gmail dot com>.
2010-09-03 17:42:17 +00:00
Matthew D Fleming
c05dbe7a54 Style(9) fixes and eliminate the use of min(). 2010-09-03 17:42:12 +00:00
Matthew D Fleming
969292fb1b Fix user-space libsbuf build. Why isn't CTASSERT available to
user-space?
2010-09-03 17:23:26 +00:00
Matthew D Fleming
f5a5dc5da8 Fix brain fart when converting an if statement into a KASSERT. 2010-09-03 16:12:39 +00:00
Matthew D Fleming
f4bafab8da Use math rather than iteration when the desired sbuf size is larger than
SBUF_MAXEXTENDSIZE.
2010-09-03 16:09:17 +00:00
Dag-Erling Smørgrav
546d78908b Switch to simplified BSD license (with phk's approval), plus whitespace
and style(9) cleanup.
2008-08-09 10:26:21 +00:00
Poul-Henning Kamp
49091c48d5 Make sbuf_copyin() return the number of bytes copied on success.
Submitted by:	"Wojciech A. Koszek" <dunstan@freebsd.czest.pl>
2005-12-23 11:49:53 +00:00
Poul-Henning Kamp
c711aea6ca Make a bunch of malloc types static.
Found by:	src/tools/tools/kernxref
2005-02-10 12:02:37 +00:00
Dag-Erling Smørgrav
520df27692 Cosmetic adjustment to previous commit: name the second argument to
sbuf_bcat() and sbuf_bcpy() "buf" rather than "data".
2004-07-09 11:37:44 +00:00
Dag-Erling Smørgrav
d751f0a935 Have sbuf_bcat() and sbuf_bcpy() take a const void * instead of a
const char *, since callers are likely to pass in pointers to all
kinds of structs and whatnot.
2004-07-09 11:35:30 +00:00
Dag-Erling Smørgrav
963385cf22 Mechanical whistespace cleanup. 2004-02-17 10:21:03 +00:00
David E. O'Brien
677b542ea2 Use __FBSDID(). 2003-06-11 00:56:59 +00:00
Peter Wemm
a9a0bbad19 Copy the va_list in sbuf_vprintf() before passing it to vsnprintf(),
because we could fail due to a small buffer and loop and rerun.  If this
happens, then the vsnprintf() will have already taken the arguments off
the va_list.  For i386 and others, this doesn't matter because the
va_list type is a passed as a copy.  But on powerpc and amd64, this is
fatal because the va_list is a reference to an external structure that
keeps the vararg state due to the more complicated argument passing system.
On amd64, arguments can be passed as follows:
First 6 int/pointer type arguments go in registers, the rest go on
  the memory stack.
Float and double are similar, except using SSE registers.
long double (80 bit precision) are similar except using the x87 stack.
Where the 'next argument' comes from depends on how many have been
processed so far and what type it is.  For amd64, gcc keeps this state
somewhere that is referenced by the va_list.

I found a description that showed the va_copy was required here:
http://mirrors.ccs.neu.edu/cgi-bin/unixhelp/man-cgi?va_end+9
The single unix spec doesn't mention va_copy() at all.

Anyway, the problem was that the sysctl kern.geom.conf* nodes would panic
due to walking off the end of the va_arg lists in vsnprintf.  A better fix
would be to have sbuf_vprintf() use a single pass and call kvprintf()
with a callback function that stored the results and grew the buffer
as needed.

Approved by:	re (scottl)
2003-05-25 19:03:08 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Poul-Henning Kamp
c5f9218b48 Add the new function "sbuf_done()" which returns non-zero if the sbuf is
finished.

This allows sbufs to be used for request/response scenarioes without
needing additional communication flags.

Sponsored by:	DARPA & NAI Labs.
2002-10-04 09:58:17 +00:00
Poul-Henning Kamp
7b08810243 Add a cast to make this file compile in userland on sparc64 without
warnings.
2002-09-16 18:45:18 +00:00
Peter Wemm
a5e7c7da5e Fix warnings on gcc-3.1+ where __func__ is a const char * instead of a
string.
2002-03-19 10:56:46 +00:00
Poul-Henning Kamp
9118ec5a27 Yet a bug with extensible sbufs being marked as OVERFLOWED. This time
because of a signed/unsigned problem.

Approved by:	DES
2002-01-24 20:57:56 +00:00
Poul-Henning Kamp
1a25c86b3b In certain cases sbuf_printf() and sbuf_vprintf() could mistakely
make extendable sbufs as overflowed.

Approved by:	des
2002-01-22 11:22:55 +00:00
Kelly Yancey
2bbe1e9d6c Replace spaces after #defines with tabs; this makes all #defines
consistent in their adherence with style(9).
2002-01-09 07:29:28 +00:00
Kelly Yancey
7195eb40f9 * Implement SBUF_AUTOEXTEND flag; sbufs created with this flag are
automatically extended to prevent overflow.
 * Added sbuf_vprintf(); sbuf_printf() is now just a wrapper around
   sbuf_vprintf().
 * Include <stdio.h> and <string.h> when building libsbuf to silence
   WARNS=4 warnings.

Reviewed by:	des
2002-01-06 08:38:23 +00:00
Matthew Dillon
a57094a011 Calculate whether the sbuf is dynamic *before* bzero()ing the
structure.  This fixes a serious memory leak in the sbuf code.

MFC after:	3 days
2001-12-19 19:04:57 +00:00
David E. O'Brien
a48740b6c5 Update to C99, s/__FUNCTION__/__func__/. 2001-12-10 05:51:45 +00:00
Dag-Erling Smørgrav
5b6db47748 Add a couple of API functions I need for my pseudofs WIP. Documentation
will follow when I've decided whether to keep this API or ditch it in
favor of something slightly more subtle.
2001-09-29 00:32:46 +00:00
Dag-Erling Smørgrav
2687c8741b Constify the format string.
Submitted by:	Mike Barcroft <mike@q9media.com>
2001-07-03 21:46:43 +00:00
Jonathan Lemon
9fa416ca19 Fix warnings:
112: warning: cast to pointer from integer of different size
125: warning: cast to pointer from integer of different size
2001-06-16 07:02:47 +00:00
Dag-Erling Smørgrav
fe46349692 Blah, I cut out a tad too much in the previous commit. (thanks again, Jake!) 2001-06-11 18:43:32 +00:00
Dag-Erling Smørgrav
e3b373228c copyin(9) doesn't return ENAMETOOLONG. (thanks, Jake!) 2001-06-11 18:36:18 +00:00
Dag-Erling Smørgrav
b0def2b548 Add sbuf_copyin(). Also add 'b' variants of sbuf_{cat,copyin,cpy}() which
ignore NUL bytes in the source string.
2001-06-11 17:05:52 +00:00
Dag-Erling Smørgrav
d647935801 sbuf_new(9) now returns a struct sbuf * instead of an int. If the caller
does not provide a struct sbuf, sbuf_new(9) will allocate one and return
a pointer to it.
2001-06-10 15:48:04 +00:00
Kenneth D. Merry
3393f8daa3 Rewrite of the CAM error recovery code.
Some of the major changes include:

	- The SCSI error handling portion of cam_periph_error() has
	  been broken out into a number of subfunctions to better
	  modularize the code that handles the hierarchy of SCSI errors.
	  As a result, the code is now much easier to read.

	- String handling and error printing has been significantly
	  revamped.  We now use sbufs to do string formatting instead
	  of using printfs (for the kernel) and snprintf/strncat (for
	  userland) as before.

	  There is a new catchall error printing routine,
	  cam_error_print() and its string-based counterpart,
	  cam_error_string() that allow the kernel and userland
	  applications to pass in a CCB and have errors printed out
	  properly, whether or not they're SCSI errors.  Among other
	  things, this helped eliminate a fair amount of duplicate code
	  in camcontrol.

	  We now print out more information than before, including
	  the CAM status and SCSI status and the error recovery action
	  taken to remedy the problem.

	- sbufs are now available in userland, via libsbuf.  This
	  change was necessary since most of the error printing code
	  is shared between libcam and the kernel.

	- A new transfer settings interface is included in this checkin.
	  This code is #ifdef'ed out, and is primarily intended to aid
	  discussion with HBA driver authors on the final form the
	  interface should take.  There is example code in the ahc(4)
	  driver that implements the HBA driver side of the new
	  interface.  The new transfer settings code won't be enabled
	  until we're ready to switch all HBA drivers over to the new
	  interface.

src/Makefile.inc1,
lib/Makefile:		Add libsbuf.  It must be built before libcam,
			since libcam uses sbuf routines.

libcam/Makefile:	libcam now depends on libsbuf.

libsbuf/Makefile:	Add a makefile for libsbuf.  This pulls in the
			sbuf sources from sys/kern.

bsd.libnames.mk:	Add LIBSBUF.

camcontrol/Makefile:	Add -lsbuf.  Since camcontrol is statically
			linked, we can't depend on the dynamic linker
			to pull in libsbuf.

camcontrol.c:		Use cam_error_print() instead of checking for
			CAM_SCSI_STATUS_ERROR on every failed CCB.

sbuf.9:			Change the prototypes for sbuf_cat() and
			sbuf_cpy() so that the source string is now a
			const char *.  This is more in line wth the
			standard system string functions, and helps
			eliminate warnings when dealing with a const
			source buffer.

			Fix a typo.

cam.c:			Add description strings for the various CAM
			error status values, as well as routines to
			look up those strings.

			Add new cam_error_string() and
			cam_error_print() routines for userland and
			the kernel.

cam.h:			Add a new CAM flag, CAM_RETRY_SELTO.

			Add enumerated types for the various options
			available with cam_error_print() and
			cam_error_string().

cam_ccb.h:		Add new transfer negotiation structures/types.

			Change inq_len in the ccb_getdev structure to
			be "reserved".  This field has never been
			filled in, and will be removed when we next
			bump the CAM version.

cam_debug.h:		Fix typo.

cam_periph.c:		Modularize cam_periph_error().  The SCSI error
			handling part of cam_periph_error() is now
			in camperiphscsistatuserror() and
			camperiphscsisenseerror().

			In cam_periph_lock(), increase the reference
			count on the periph while we wait for our lock
			attempt to succeed so that the periph won't go
			away while we're sleeping.

cam_xpt.c:		Add new transfer negotiation code.  (ifdefed
			out)

			Add a new function, xpt_path_string().  This
			is a string/sbuf analog to xpt_print_path().

scsi_all.c:		Revamp string handing and error printing code.
			We now use sbufs for much of the string
			formatting code.  More of that code is shared
			between userland the kernel.

scsi_all.h:		Get rid of SS_TURSTART, it wasn't terribly
			useful in the first place.

			Add a new error action, SS_REQSENSE.  (Send a
			request sense and then retry the command.)
			This is useful when the controller hasn't
			performed autosense for some reason.

			Change the default actions around a bit.

scsi_cd.c,
scsi_da.c,
scsi_pt.c,
scsi_ses.c:		SF_RETRY_SELTO -> CAM_RETRY_SELTO.  Selection
			timeouts shouldn't be covered by a sense flag.

scsi_pass.[ch]:		SF_RETRY_SELTO -> CAM_RETRY_SELTO.

			Get rid of the last vestiges of a read/write
			interface.

libkern/bsearch.c,
sys/libkern.h,
conf/files:		Add bsearch.c, which is needed for some of the
			new table lookup routines.

aic7xxx_freebsd.c:	Define AHC_NEW_TRAN_SETTINGS if
			CAM_NEW_TRAN_CODE is defined.

sbuf.h,
subr_sbuf.c:		Add the appropriate #ifdefs so sbufs can
			compile and run in userland.

			Change sbuf_printf() to use vsnprintf()
			instead of kvprintf(), which is only available
			in the kernel.

			Change the source string for sbuf_cpy() and
			sbuf_cat() to be a const char *.

			Add __BEGIN_DECLS and __END_DECLS around
			function prototypes since they're now exported
			to userland.

kdump/mkioctls:		Include stdio.h before cam.h since cam.h now
			includes a function with a FILE * argument.

Submitted by:	gibbs (mostly)
Reviewed by:	jdp, marcel (libsbuf makefile changes)
Reviewed by:	des (sbuf changes)
Reviewed by:	ken
2001-03-27 05:45:52 +00:00
Dag-Erling Smørgrav
cab5b963a0 Make the KASSERTs report the correct function names.
Fix two off-by-one errors that would sometimes cause the final length of
the sbuf to include the trailing zero.
2001-03-06 17:48:26 +00:00
Dag-Erling Smørgrav
9fa2ef3da2 Remove an assertion I forgot to remove in the previous commit: sbuf_len()
may now be called with an unfinished sbuf.
For consistency, copy the related comment from sbuf_delete() to sbuf_clear()
and sbuf_len().
2001-01-28 00:33:58 +00:00
Dag-Erling Smørgrav
4dc1413915 Add sbuf_clear() and sbuf_overflowed().
Move the helper macros from sbuf.h to sbuf.c
Use ints instead of size_ts.
Relax the requirements for sbuf_finish(): it is now possible to finish an
overflowed buffer.
Make sbuf_len() return -1 instead of 0 if the sbuf overflowed.

Requested by:	gibbs
2001-01-28 00:13:01 +00:00
Dag-Erling Smørgrav
60ec413038 String buffer API 2000-12-13 19:51:07 +00:00