git: 076686fe0703 - main - cam: make sure to clear CCBs allocated on the stack
Edward Tomasz Napierala
trasz at FreeBSD.org
Tue Mar 30 18:23:39 UTC 2021
The branch main has been updated by trasz:
URL: https://cgit.FreeBSD.org/src/commit/?id=076686fe0703b906a05c9869609dd550bd4ed7ac
commit 076686fe0703b906a05c9869609dd550bd4ed7ac
Author: Edward Tomasz Napierala <trasz at FreeBSD.org>
AuthorDate: 2021-03-30 18:15:11 +0000
Commit: Edward Tomasz Napierala <trasz at FreeBSD.org>
CommitDate: 2021-03-30 18:15:43 +0000
cam: make sure to clear CCBs allocated on the stack
This is required for small CCBs support, where we need to track
whether the CCB was allocated from an UMA zone or not. There are
no (intended) functional changes with the current source.
Reviewed By: imp
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D29484
---
sys/cam/cam_periph.c | 6 ++++++
sys/cam/cam_xpt.c | 5 +++++
sys/cam/scsi/scsi_da.c | 3 +++
sys/cam/scsi/scsi_xpt.c | 7 +++++++
4 files changed, 21 insertions(+)
diff --git a/sys/cam/cam_periph.c b/sys/cam/cam_periph.c
index 98b9264f1069..3e1a19936825 100644
--- a/sys/cam/cam_periph.c
+++ b/sys/cam/cam_periph.c
@@ -746,6 +746,7 @@ camperiphfree(struct cam_periph *periph)
union ccb ccb;
void *arg;
+ memset(&ccb, 0, sizeof(ccb));
switch (periph->deferred_ac) {
case AC_FOUND_DEVICE:
ccb.ccb_h.func_code = XPT_GDEV_TYPE;
@@ -1318,6 +1319,7 @@ cam_freeze_devq(struct cam_path *path)
struct ccb_hdr ccb_h;
CAM_DEBUG(path, CAM_DEBUG_TRACE, ("cam_freeze_devq\n"));
+ memset(&ccb_h, 0, sizeof(ccb_h));
xpt_setup_ccb(&ccb_h, path, /*priority*/1);
ccb_h.func_code = XPT_NOOP;
ccb_h.flags = CAM_DEV_QFREEZE;
@@ -1333,6 +1335,7 @@ cam_release_devq(struct cam_path *path, u_int32_t relsim_flags,
CAM_DEBUG(path, CAM_DEBUG_TRACE, ("cam_release_devq(%u, %u, %u, %d)\n",
relsim_flags, openings, arg, getcount_only));
+ memset(&crs, 0, sizeof(crs));
xpt_setup_ccb(&crs.ccb_h, path, CAM_PRIORITY_NORMAL);
crs.ccb_h.func_code = XPT_REL_SIMQ;
crs.ccb_h.flags = getcount_only ? CAM_DEV_QFREEZE : 0;
@@ -1456,6 +1459,7 @@ cam_periph_bus_settle(struct cam_periph *periph, u_int bus_settle)
{
struct ccb_getdevstats cgds;
+ memset(&cgds, 0, sizeof(cgds));
xpt_setup_ccb(&cgds.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cgds.ccb_h.func_code = XPT_GDEV_STATS;
xpt_action((union ccb *)&cgds);
@@ -1527,6 +1531,7 @@ camperiphscsistatuserror(union ccb *ccb, union ccb **orig_ccb,
* First off, find out what the current
* transaction counts are.
*/
+ memset(&cgds, 0, sizeof(cgds));
xpt_setup_ccb(&cgds.ccb_h,
ccb->ccb_h.path,
CAM_PRIORITY_NORMAL);
@@ -1645,6 +1650,7 @@ camperiphscsisenseerror(union ccb *ccb, union ccb **orig,
/*
* Grab the inquiry data for this device.
*/
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, ccb->ccb_h.path, CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
xpt_action((union ccb *)&cgd);
diff --git a/sys/cam/cam_xpt.c b/sys/cam/cam_xpt.c
index 24e16bebb2e7..b7bc2b74da6c 100644
--- a/sys/cam/cam_xpt.c
+++ b/sys/cam/cam_xpt.c
@@ -499,6 +499,7 @@ xptdoioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag, struct thread *
* This is an immediate CCB, so it's okay to
* allocate it on the stack.
*/
+ memset(&ccb, 0, sizeof(ccb));
/*
* Create a path using the bus, target, and lun the
@@ -2595,6 +2596,7 @@ xptsetasyncfunc(struct cam_ed *device, void *arg)
if ((device->flags & CAM_DEV_UNCONFIGURED) != 0)
return (1);
+ memset(&cgd, 0, sizeof(cgd));
xpt_compile_path(&path,
NULL,
device->target->bus->path_id,
@@ -5078,6 +5080,7 @@ xpt_start_tags(struct cam_path *path)
sim->max_tagged_dev_openings);
xpt_dev_ccbq_resize(path, newopenings);
xpt_async(AC_GETDEV_CHANGED, path, NULL);
+ memset(&crs, 0, sizeof(crs));
xpt_setup_ccb(&crs.ccb_h, path, CAM_PRIORITY_NORMAL);
crs.ccb_h.func_code = XPT_REL_SIMQ;
crs.release_flags = RELSIM_RELEASE_AFTER_QEMPTY;
@@ -5103,6 +5106,7 @@ xpt_stop_tags(struct cam_path *path)
device->inq_flags &= ~SID_CmdQue;
xpt_dev_ccbq_resize(path, sim->max_dev_openings);
xpt_async(AC_GETDEV_CHANGED, path, NULL);
+ memset(&crs, 0, sizeof(crs));
xpt_setup_ccb(&crs.ccb_h, path, CAM_PRIORITY_NORMAL);
crs.ccb_h.func_code = XPT_REL_SIMQ;
crs.release_flags = RELSIM_RELEASE_AFTER_QEMPTY;
@@ -5260,6 +5264,7 @@ xpt_register_async(int event, ac_callback_t *cbfunc, void *cbarg,
xptpath = 1;
}
+ memset(&csa, 0, sizeof(csa));
xpt_setup_ccb(&csa.ccb_h, path, CAM_PRIORITY_NORMAL);
csa.ccb_h.func_code = XPT_SASYNC_CB;
csa.event_enable = event;
diff --git a/sys/cam/scsi/scsi_da.c b/sys/cam/scsi/scsi_da.c
index c13b51921745..baba5d9ed839 100644
--- a/sys/cam/scsi/scsi_da.c
+++ b/sys/cam/scsi/scsi_da.c
@@ -4879,6 +4879,7 @@ dadone_proberc(struct cam_periph *periph, union ccb *done_ccb)
/*timeout*/0,
/*getcount_only*/0);
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, done_ccb->ccb_h.path,
CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
@@ -6125,6 +6126,7 @@ dasetgeom(struct cam_periph *periph, uint32_t block_len, uint64_t maxsector,
* up with something that will make this a bootable
* device.
*/
+ memset(&ccg, 0, sizeof(ccg));
xpt_setup_ccb(&ccg.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
ccg.ccb_h.func_code = XPT_CALC_GEOMETRY;
ccg.block_size = dp->secsize;
@@ -6162,6 +6164,7 @@ dasetgeom(struct cam_periph *periph, uint32_t block_len, uint64_t maxsector,
min(sizeof(softc->rcaplong), rcap_len)) != 0)) {
struct ccb_dev_advinfo cdai;
+ memset(&cdai, 0, sizeof(cdai));
xpt_setup_ccb(&cdai.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
cdai.buftype = CDAI_TYPE_RCAPLONG;
diff --git a/sys/cam/scsi/scsi_xpt.c b/sys/cam/scsi/scsi_xpt.c
index 2ec1490c0edf..5db60fcccd01 100644
--- a/sys/cam/scsi/scsi_xpt.c
+++ b/sys/cam/scsi/scsi_xpt.c
@@ -1036,6 +1036,7 @@ proberequestdefaultnegotiation(struct cam_periph *periph)
{
struct ccb_trans_settings cts;
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, periph->path, CAM_PRIORITY_NONE);
cts.ccb_h.func_code = XPT_GET_TRAN_SETTINGS;
cts.type = CTS_TYPE_USER_SETTINGS;
@@ -2306,6 +2307,7 @@ scsi_scan_lun(struct cam_periph *periph, struct cam_path *path,
CAM_DEBUG(path, CAM_DEBUG_TRACE, ("scsi_scan_lun\n"));
+ memset(&cpi, 0, sizeof(cpi));
xpt_setup_ccb(&cpi.ccb_h, path, CAM_PRIORITY_NONE);
cpi.ccb_h.func_code = XPT_PATH_INQ;
xpt_action((union ccb *)&cpi);
@@ -2432,6 +2434,7 @@ scsi_devise_transport(struct cam_path *path)
struct scsi_inquiry_data *inq_buf;
/* Get transport information from the SIM */
+ memset(&cpi, 0, sizeof(cpi));
xpt_setup_ccb(&cpi.ccb_h, path, CAM_PRIORITY_NONE);
cpi.ccb_h.func_code = XPT_PATH_INQ;
xpt_action((union ccb *)&cpi);
@@ -2492,6 +2495,7 @@ scsi_devise_transport(struct cam_path *path)
*/
/* Tell the controller what we think */
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NONE);
cts.ccb_h.func_code = XPT_SET_TRAN_SETTINGS;
cts.type = CTS_TYPE_CURRENT_SETTINGS;
@@ -2754,6 +2758,7 @@ scsi_set_transfer_settings(struct ccb_trans_settings *cts, struct cam_path *path
* Perform sanity checking against what the
* controller and device can do.
*/
+ memset(&cur_cts, 0, sizeof(cur_cts));
xpt_setup_ccb(&cur_cts.ccb_h, path, CAM_PRIORITY_NONE);
cur_cts.ccb_h.func_code = XPT_GET_TRAN_SETTINGS;
cur_cts.type = cts->type;
@@ -2937,6 +2942,7 @@ scsi_toggle_tags(struct cam_path *path)
&& (dev->inq_flags & (SID_Sync|SID_WBus16|SID_WBus32)) != 0)) {
struct ccb_trans_settings cts;
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NONE);
cts.protocol = PROTO_SCSI;
cts.protocol_version = PROTO_VERSION_UNSPECIFIED;
@@ -3044,6 +3050,7 @@ _scsi_announce_periph(struct cam_periph *periph, u_int *speed, u_int *freq, stru
return;
/* Ask the SIM for its base transfer speed */
+ memset(&cpi, 0, sizeof(cpi));
xpt_setup_ccb(&cpi.ccb_h, path, CAM_PRIORITY_NORMAL);
cpi.ccb_h.func_code = XPT_PATH_INQ;
xpt_action((union ccb *)&cpi);
More information about the dev-commits-src-main
mailing list