svn commit: r354623 - head/sys/cam/scsi

Warner Losh imp at FreeBSD.org
Mon Nov 11 17:36:58 UTC 2019 

Author: imp
Date: Mon Nov 11 17:36:57 2019
New Revision: 354623
URL: https://svnweb.freebsd.org/changeset/base/354623

Log:
  Add asserts for some state transitions
  
  For the PROBEWP and PROBERC* states, add assertiosn that both the da device
  state is in the right state, as well as the ccb state is the right one when we
  enter dadone_probe{wp,rc}. This will ensure that we don't sneak through when
  we're re-probing the size and write protection status of the device and thereby
  leak a reference which can later lead to an invalidated peripheral going away
  before all references are released (and resulting panic).
  
  Reviewed by: scottl, ken
  Differential Revision: https://reviews.freebsd.org/D22295

Modified:
  head/sys/cam/scsi/scsi_da.c

Modified: head/sys/cam/scsi/scsi_da.c
==============================================================================
--- head/sys/cam/scsi/scsi_da.c	Mon Nov 11 17:36:52 2019	(r354622)
+++ head/sys/cam/scsi/scsi_da.c	Mon Nov 11 17:36:57 2019	(r354623)
@@ -4613,6 +4613,14 @@ dadone_probewp(struct cam_periph *periph, union ccb *d
 
 	cam_periph_assert(periph, MA_OWNED);
 
+	KASSERT(softc->state == DA_STATE_PROBE_WP,
+	    ("State (%d) not PROBE_WP in dadone_probewp, periph %p ccb %p",
+		softc->state, periph, done_ccb));
+        KASSERT((csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK) == DA_CCB_PROBE_WP,
+	    ("CCB State (%lu) not PROBE_WP in dadone_probewp, periph %p ccb %p",
+		(unsigned long)csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK, periph,
+		done_ccb));
+
 	if (softc->minimum_cmd_size > 6) {
 		mode_hdr10 = (struct scsi_mode_header_10 *)csio->data_ptr;
 		dev_spec = mode_hdr10->dev_spec;
@@ -4672,6 +4680,13 @@ dadone_proberc(struct cam_periph *periph, union ccb *d
 	priority = done_ccb->ccb_h.pinfo.priority;
 	csio = &done_ccb->csio;
 	state = csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK;
+
+	KASSERT(softc->state == DA_STATE_PROBE_RC || softc->state == DA_STATE_PROBE_RC16,
+	    ("State (%d) not PROBE_RC* in dadone_proberc, periph %p ccb %p",
+		softc->state, periph, done_ccb));
+	KASSERT(state == DA_CCB_PROBE_RC || state == DA_CCB_PROBE_RC16,
+	    ("CCB State (%lu) not PROBE_RC* in dadone_probewp, periph %p ccb %p",
+		(unsigned long)state, periph, done_ccb));
 
 	lbp = 0;
 	rdcap = NULL;

More information about the svn-src-all mailing list