#
361040 |
|
14-May-2020 |
jhb |
MFC 360818: Fix a memory leak for ENCIOC_GETSTRING I introduced in r360171.
|
#
361038 |
|
14-May-2020 |
jhb |
MFC 360171,360179,360285,360388: Don't dereference various user pointers.
360171: Don't access a user buffer directly from the kernel.
The handle_string callback for the ENCIOC_SETSTRING ioctl was passing a user pointer to memcpy(). Fix by using copyin() instead.
For ENCIOC_GETSTRING ioctls, the handler was storing the user pointer in a CCB's data_ptr field where it was indirected by other code. Fix this by allocating a temporary buffer (which ENCIOC_SETSTRING already did) and copying the result out to the user buffer after the CCB has been processed.
360179: Don't pass a user buffer pointer as the data pointer in a CCB.
Allocate a temporary buffer in the kernel to serve as the CCB data pointer for a pass-through transaction and use copyin/copyout to shuffle the data to/from the user buffer.
360285: Don't indirect user pointers directly in two 802.11s ioctls.
IEEE80211_MESH_RTCMD_ADD was invoking memcmp() to validate the supplied address directly on the user pointer rather than first doing a copyin() and validating the copied value.
IEEE80211_MESH_RTCMD_DELETE was passing the user pointer directly to ieee80211_mesh_rt_del() rather than copying the user buffer into a temporary kernel buffer.
360388: Don't run strcmp() against strings stored in user memory.
Instead, copy the strings into a temporary buffer on the stack and run strcmp on the copies.
|
#
359861 |
|
13-Apr-2020 |
mav |
MFC r359662: Relax too strict SES element descriptors check in r355430.
SES specifications allows the string to be NULL-terminated, while previous code was considering it as invalid due to incorrectly ordered conditions.
|
#
359315 |
|
26-Mar-2020 |
mav |
MFC r359146: Fix SES on device slots without phys after r349321.
Broadcom 9400-8i8e HBAs report virtual SES device, where slots representing external connectors are reported having no phys. Since sasdev_phys is NULL there and proto_hdr is a union, ses_paths_iter() misinterpreted them as ATA. Add explicit protocol check to properly differentiate them.
|
#
359205 |
|
22-Mar-2020 |
asomers |
MFC r355430:
ses: sanitize illegal strings in SES element descriptors
The SES4r3 standard requires that element descriptors may only contain ASCII characters in the range 0x20 to 0x7e. Some SuperMicro expanders violate that rule. This patch adds a sanity check to ses(4). Descriptors in violation will be replaced by "<invalid>".
This patch fixes "sesutil --libxo xml" on such systems. Previously it would generate non-well-formed XML output.
PR: 241929 Reviewed by: allanjude Sponsored by: Axcient
|
#
352299 |
|
13-Sep-2019 |
mav |
MFC r352201: Fix assumptions of only one device per SES slot.
It is typical to have one, but no longer true for multi-actuator HDDs with separate LUN for each actuator.
|
#
351754 |
|
03-Sep-2019 |
mav |
MFC r351606: Take proper lock in ses_setphyspath_callback().
XPT_DEV_ADVINFO call should be protected by the lock of the specific device it is addressed to, not the lock of SES device. In some weird case, probably with hardware violating standards, it sometimes caused NULL dereference due to race.
To protect from it further, add lock assertion to *_dev_advinfo().
|
#
350793 |
|
08-Aug-2019 |
mav |
MFC r349321: Improve AHCI Enclosure Management and SES interoperation.
Since SES specs do not define mechanism to map enclosure slots to SATA disks, AHCI EM code I written many years ago appeared quite useless, that always bugged me. I was thinking whether it was a good idea, but if LSI HBAs do that, why I shouldn't?
This change introduces simple non-standard mechanism for the mapping into both AHCI EM and SES code, that makes AHCI EM on capable controllers (most of Intel's) a first-class SES citizen, allowing it to report disk physical path to GEOM, show devices inserted into each enclosure slot in `sesutil map` and `getencstat`, control locate and fault LEDs for specific devices with `sesutil locate adaX on` and `sesutil fault adaX on`, etc.
I've successfully tested this on Supermicro X10DRH-i motherboard connected with sideband cable of its S-SATA Mini-SAS connector to SAS815TQ backplane. It can indicate with LEDs Locate, Fault and Rebuild/Remap SES statuses for each disk identical to real SES of Supermicro SAS2 backplanes.
|
#
350788 |
|
08-Aug-2019 |
mav |
MFC r349284: Make ELEMENT INDEX validation more strict.
SES specifications tell: "The Additional Element Status descriptors shall be in the same order as the status elements in the Enclosure Status diagnostic page". It allows us to question ELEMENT INDEX that is lower then values we already processed. There are many SAS2 enclosures with this kind of problem.
While there, add more specific error messages for cases when ELEMENT INDEX is obviously wrong. Also skip elements with INVALID bit set.
|
#
349814 |
|
07-Jul-2019 |
mav |
MFC r349281: Fix individual_element_index when some type has 0 elements.
When some type has 0 elements, saved_individual_element_index was set to -1 on second type bump, since individual_element_index was not restored after the first. To me it looks easier just to increment saved_individual_element_index separately than think when to save it.
|
#
344008 |
|
11-Feb-2019 |
mav |
MFC r343727: Use switch instead of chained if/else to improve readability.
Submitted by: Ryan Moeller <ryan@freqlabs.com> Sponsored by: iXsystems, Inc.
|
#
320475 |
|
29-Jun-2017 |
markj |
MFC r320372: Fix a memory leak in ses_get_elm_devnames().
Approved by: re (gjb)
|
#
311395 |
|
05-Jan-2017 |
mav |
MFC r309297: Make SES status updates more aggressive.
- On control request update all status pages, since they may also be affected if user enables/disables enclosure slots. - Periodically update element descriptors too, since there is some hardware where they are changed dynamically.
|
#
309628 |
|
06-Dec-2016 |
mav |
MFC r309282: Explicitly initialize cdai.flags.
In SES driver uninitialized value caused unreliable physpath reporting.
|
#
309041 |
|
23-Nov-2016 |
mav |
MFC r308425: Add support for EIIOE flag in Additional Element Status.
It was added in SES-3 spec, and its support required to properly link the Additional Element Status page data to the original elements.
|
#
307956 |
|
26-Oct-2016 |
mav |
MFC r307132: Use copyout() instead of pointing sbuf to user-space buffer.
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
299373 |
|
10-May-2016 |
mav |
Allow sleepable allocations in enclosure daemon threads.
There were at least two places where M_NOWAIT was used without NULL check. This change should fix NULL-dereference panic there and possibly improve operation in other ways under memory pressure.
MFC after: 2 weeks
|
#
291126 |
|
21-Nov-2015 |
mav |
Add API to obtain primary enclosure name and ID for /dev/sesX devices.
sesX device number may change between reboots, so to properly identify the instance we need more data. Name and ID reported here may mach ones reported by SCSI device, but that is not really required by specs.
MFC after: 1 week Sponsored by: iXsystems, Inc.
|
#
278964 |
|
18-Feb-2015 |
ken |
Make sure that the flags for the XPT_DEV_ADVINFO CCB are initialized properly.
If there is garbage in the flags field, it can sometimes include a set CDAI_FLAG_STORE flag, which may cause either an error or perhaps result in overwriting the field that was intended to be read.
sys/cam/cam_ccb.h: Add a new flag to the XPT_DEV_ADVINFO CCB, CDAI_FLAG_NONE, that callers can use to set the flags field when no store is desired.
sys/cam/scsi/scsi_enc_ses.c: In ses_setphyspath_callback(), explicitly set the XPT_DEV_ADVINFO flags to CDAI_FLAG_NONE when fetching the physical path information. Instead of ORing in the CDAI_FLAG_STORE flag when storing the physical path, set the flags field to CDAI_FLAG_STORE.
sys/cam/scsi/scsi_sa.c: Set the XPT_DEV_ADVINFO flags field to CDAI_FLAG_NONE when fetching extended inquiry information.
sys/cam/scsi/scsi_da.c: When storing extended READ CAPACITY information, set the XPT_DEV_ADVINFO flags field to CDAI_FLAG_STORE instead of ORing it into a field that isn't initialized.
sys/dev/mpr/mpr_sas.c, sys/dev/mps/mps_sas.c: When fetching extended READ CAPACITY information, set the XPT_DEV_ADVINFO flags field to CDAI_FLAG_NONE instead of setting it to 0.
sbin/camcontrol/camcontrol.c: When fetching a device ID, set the XPT_DEV_ADVINFO flags field to CDAI_FLAG_NONE instead of 0.
sys/sys/param.h: Bump __FreeBSD_version to 1100061 for the new XPT_DEV_ADVINFO CCB flag, CDAI_FLAG_NONE.
Sponsored by: Spectra Logic MFC after: 1 week
|
#
263954 |
|
30-Mar-2014 |
imp |
Remove instances of variables that were set, but never used. gcc 4.9 warns about these by default.
|
#
256843 |
|
21-Oct-2013 |
mav |
Merge CAM locking changes from the projects/camlock branch to radically reduce lock congestion and improve SMP scalability of the SCSI/ATA stack, preparing the ground for the coming next GEOM direct dispatch support.
Replace big per-SIM locks with bunch of smaller ones: - per-LUN locks to protect device and peripheral drivers state; - per-target locks to protect list of LUNs on target; - per-bus locks to protect reference counting; - per-send queue locks to protect queue of CCBs to be sent; - per-done queue locks to protect queue of completed CCBs; - remaining per-SIM locks now protect only HBA driver internals.
While holding LUN lock it is allowed (while not recommended for performance reasons) to take SIM lock. The opposite acquisition order is forbidden. All the other locks are leaf locks, that can be taken anywhere, but should not be cascaded. Many functions, such as: xpt_action(), xpt_done(), xpt_async(), xpt_create_path(), etc. are no longer require (but allow) SIM lock to be held.
To keep compatibility and solve cases where SIM lock can't be dropped, all xpt_async() calls in addition to xpt_done() calls are queued to completion threads for async processing in clean environment without SIM lock held.
Instead of single CAM SWI thread, used for commands completion processing before, use multiple (depending on number of CPUs) threads. Load balanced between them using "hash" of the device B:T:L address.
HBA drivers that can drop SIM lock during completion processing and have sufficient number of completion threads to efficiently scale to multiple CPUs can use new function xpt_done_direct() to avoid extra context switch. Make ahci(4) driver to use this mechanism depending on hardware setup.
Sponsored by: iXsystems, Inc. MFC after: 2 months
|
#
255309 |
|
06-Sep-2013 |
mav |
Make SES driver adequately react on simple enclosure devices -- read Short Enclosure status to enclosure status field, clear previous state and exit.
|
#
255304 |
|
06-Sep-2013 |
mav |
Fix kernel panic if cache->nelms is zero.
MFC after: 2 weeks
|
#
251654 |
|
12-Jun-2013 |
mav |
Make CAM return and GEOM DISK pass through new GEOM::lunid attribute.
SPC-4 specification states that serial number may be property of device, but not a specific logical unit. People reported about FC storages using serial number in that way, making it unusable for purposes of LUN multipath detection. SPC-4 states that designators associated with logical unit from the VPD page 83h "Device Identification" should be used for that purpose. Report first of them in the new attribute in such preference order: NAA, EUI-64, T10 and SCSI name string.
While there, make GEOM DISK properly report GEOM::ident in XML output also using d_getattr() method, if available. This fixes serial numbers reporting for SCSI disks in `geom disk list` output and confxml.
Discussed with: gibbs, ken Sponsored by: iXsystems, Inc. MFC after: 2 weeks
|
#
245891 |
|
24-Jan-2013 |
jh |
Sanitize the element descriptor string before using it as a device name.
Reported and tested by: Vitalij Satanivskij Reviewed by: gibbs, mav
|
#
244508 |
|
20-Dec-2012 |
mav |
Make SES driver to not fall out on some errors in Additional Status page. This allows CAM devices still get their physical paths even if status of later elements it corrupted.
Sponsored by: iXsystems, Inc.
|
#
244418 |
|
19-Dec-2012 |
mav |
Fix bug in r242720, that caused additional status page to not be used if descriptor page is supported.
|
#
242720 |
|
07-Nov-2012 |
mav |
Use information about suported diagnostic pages to avoid reading optional Element Descriptor page if it is not supported. This removes one error message from verbose logs during boot on systems with some enclosures.
Sponsored by: iXsystems, Inc.
|
#
241844 |
|
22-Oct-2012 |
eadler |
remove duplicate semicolons where possible.
Approved by: cperciva MFC after: 1 week
|
#
241503 |
|
13-Oct-2012 |
mav |
XPT_DEV_MATCH is probably the only xpt_action() method that is called without holding SIM lock. It really doesn't need that lock, but adding it removes that specific exception, allowing to assert locking there later.
Submitted by: ken@ (earlier version)
|
#
241488 |
|
12-Oct-2012 |
mav |
Get SIM lock in several places while calling CAM functions. This fixes several use-after-free panics on systems with SAS enclosures.
Submitted by: ken@, mav@
|
#
239213 |
|
12-Aug-2012 |
mjacob |
1. Remove SEN support. I doubt there are any working examples of this hardware still running (close to twenty years now).
2. Quiesece and use ENC_VLOG instead of ENC_LOG for most complaints. That is, they're visible with bootverbose, but otherwise quiesced and not repeatedly spamming messages with constant reminders that hardware in this space is rarely fully compliant.
MFC after: 1 month
|
#
238894 |
|
30-Jul-2012 |
bz |
Remove opt_enc.h from files committed with r235911. enc(4) is the 'encapsulating interface' used with IPsec and has nothing to do with storage 'enclosure' services.
MFC after: 3 days Noticed while: debugging why enc(4) is no longer automatically created
|
#
238739 |
|
24-Jul-2012 |
mav |
Do not call ses_softc_cleanup() in case of configuration read failure. Just free inclomplete daemon cache instead to let it retry next time. Premature ses_softc_cleanup() caused NULL dereference when freed softc was accessed later.
|
#
235911 |
|
24-May-2012 |
mav |
MFprojects/zfsd: Revamp the CAM enclosure services driver. This updated driver uses an in-kernel daemon to track state changes and publishes physical path location information\for disk elements into the CAM device database.
Sponsored by: Spectra Logic Corporation Sponsored by: iXsystems, Inc. Submitted by: gibbs, will, mav
|