git: ee2a1bc81a17 - stable/13 - cam: make sure to clear even more CCBs allocated on the stack
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 20 Jan 2025 12:42:14 UTC
The branch stable/13 has been updated by zlei:
URL: https://cgit.FreeBSD.org/src/commit/?id=ee2a1bc81a1782f197053c53cf84b4933e545e47
commit ee2a1bc81a1782f197053c53cf84b4933e545e47
Author: Edward Tomasz Napierala <trasz@FreeBSD.org>
AuthorDate: 2021-04-10 10:25:22 +0000
Commit: Zhenlei Huang <zlei@FreeBSD.org>
CommitDate: 2025-01-20 12:39:26 +0000
cam: make sure to clear even more CCBs allocated on the stack
This is my second pass, this time over all of CAM except
for the SCSI target bits. There should be no functional
changes.
Reviewed By: imp
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D29549
(cherry picked from commit ec5325dbca629d65179f14f68bbcdb9c014f1523)
---
sys/cam/ata/ata_da.c | 2 ++
sys/cam/ata/ata_xpt.c | 3 +++
sys/cam/mmc/mmc_da.c | 1 +
sys/cam/mmc/mmc_xpt.c | 1 +
sys/cam/nvme/nvme_xpt.c | 2 ++
sys/cam/scsi/scsi_cd.c | 1 +
sys/cam/scsi/scsi_enc_ses.c | 3 +++
sys/cam/scsi/scsi_sa.c | 2 ++
sys/cam/scsi/scsi_xpt.c | 2 ++
9 files changed, 17 insertions(+)
diff --git a/sys/cam/ata/ata_da.c b/sys/cam/ata/ata_da.c
index 4ad82e8e1fc0..38d8b45243bc 100644
--- a/sys/cam/ata/ata_da.c
+++ b/sys/cam/ata/ata_da.c
@@ -1346,6 +1346,7 @@ adaasync(void *callback_arg, u_int32_t code,
case AC_GETDEV_CHANGED:
{
softc = (struct ada_softc *)periph->softc;
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
xpt_action((union ccb *)&cgd);
@@ -1381,6 +1382,7 @@ adaasync(void *callback_arg, u_int32_t code,
cam_periph_async(periph, code, path, arg);
if (softc->state != ADA_STATE_NORMAL)
break;
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
xpt_action((union ccb *)&cgd);
diff --git a/sys/cam/ata/ata_xpt.c b/sys/cam/ata/ata_xpt.c
index 5c8f07dd5e9e..81e6269dfa0d 100644
--- a/sys/cam/ata/ata_xpt.c
+++ b/sys/cam/ata/ata_xpt.c
@@ -724,6 +724,7 @@ aproberequestdefaultnegotiation(struct cam_periph *periph)
{
struct ccb_trans_settings cts;
+ bzero(&cts, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, periph->path, CAM_PRIORITY_NONE);
cts.ccb_h.func_code = XPT_GET_TRAN_SETTINGS;
cts.type = CTS_TYPE_USER_SETTINGS;
@@ -1691,6 +1692,7 @@ ata_device_transport(struct cam_path *path)
ata_version(ident_buf->version_major) : cpi.transport_version;
/* Tell the controller what we think */
+ bzero(&cts, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NONE);
cts.ccb_h.func_code = XPT_SET_TRAN_SETTINGS;
cts.type = CTS_TYPE_CURRENT_SETTINGS;
@@ -2126,6 +2128,7 @@ ata_announce_periph(struct cam_periph *periph)
struct ccb_trans_settings cts;
u_int speed, mb;
+ bzero(&cts, sizeof(cts));
_ata_announce_periph(periph, &cts, &speed);
if ((cts.ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP)
return;
diff --git a/sys/cam/mmc/mmc_da.c b/sys/cam/mmc/mmc_da.c
index 18d686735082..81cbccb62693 100644
--- a/sys/cam/mmc/mmc_da.c
+++ b/sys/cam/mmc/mmc_da.c
@@ -693,6 +693,7 @@ sddaasync(void *callback_arg, u_int32_t code,
case AC_GETDEV_CHANGED:
{
CAM_DEBUG(path, CAM_DEBUG_TRACE, ("=> AC_GETDEV_CHANGED\n"));
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
xpt_action((union ccb *)&cgd);
diff --git a/sys/cam/mmc/mmc_xpt.c b/sys/cam/mmc/mmc_xpt.c
index 127c24e31bf4..c957a1ef5e41 100644
--- a/sys/cam/mmc/mmc_xpt.c
+++ b/sys/cam/mmc/mmc_xpt.c
@@ -386,6 +386,7 @@ mmc_announce_periph(struct cam_periph *periph)
CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("mmc_announce_periph"));
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NORMAL);
cts.ccb_h.func_code = XPT_GET_TRAN_SETTINGS;
cts.type = CTS_TYPE_CURRENT_SETTINGS;
diff --git a/sys/cam/nvme/nvme_xpt.c b/sys/cam/nvme/nvme_xpt.c
index ec4ffd4b33e7..e55bc09cf35d 100644
--- a/sys/cam/nvme/nvme_xpt.c
+++ b/sys/cam/nvme/nvme_xpt.c
@@ -631,6 +631,7 @@ nvme_device_transport(struct cam_path *path)
path->device->protocol_version = cpi.protocol_version;
/* Tell the controller what we think */
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NONE);
cts.ccb_h.func_code = XPT_SET_TRAN_SETTINGS;
cts.type = CTS_TYPE_CURRENT_SETTINGS;
@@ -792,6 +793,7 @@ nvme_announce_periph(struct cam_periph *periph)
cam_periph_assert(periph, MA_OWNED);
/* Ask the SIM for connection details */
+ memset(&cts, 0, sizeof(cts));
xpt_setup_ccb(&cts.ccb_h, path, CAM_PRIORITY_NORMAL);
cts.ccb_h.func_code = XPT_GET_TRAN_SETTINGS;
cts.type = CTS_TYPE_CURRENT_SETTINGS;
diff --git a/sys/cam/scsi/scsi_cd.c b/sys/cam/scsi/scsi_cd.c
index d5406dc76f6f..b964c59906d3 100644
--- a/sys/cam/scsi/scsi_cd.c
+++ b/sys/cam/scsi/scsi_cd.c
@@ -1257,6 +1257,7 @@ cddone(struct cam_periph *periph, union ccb *done_ccb)
status = done_ccb->ccb_h.status;
+ bzero(&cgd, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h,
done_ccb->ccb_h.path,
CAM_PRIORITY_NORMAL);
diff --git a/sys/cam/scsi/scsi_enc_ses.c b/sys/cam/scsi/scsi_enc_ses.c
index df06a8a4c22e..ef71cfb1f0b4 100644
--- a/sys/cam/scsi/scsi_enc_ses.c
+++ b/sys/cam/scsi/scsi_enc_ses.c
@@ -980,6 +980,7 @@ ses_paths_iter(enc_softc_t *enc, enc_element_t *elm,
!= CAM_REQ_CMP)
return;
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h, path, CAM_PRIORITY_NORMAL);
cgd.ccb_h.func_code = XPT_GDEV_TYPE;
xpt_action((union ccb *)&cgd);
@@ -1041,6 +1042,7 @@ ses_setphyspath_callback(enc_softc_t *enc, enc_element_t *elm,
args = (ses_setphyspath_callback_args_t *)arg;
old_physpath = malloc(MAXPATHLEN, M_SCSIENC, M_WAITOK|M_ZERO);
xpt_path_lock(path);
+ memset(&cdai, 0, sizeof(cdai));
xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL);
cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
cdai.buftype = CDAI_TYPE_PHYS_PATH;
@@ -1101,6 +1103,7 @@ ses_set_physpath(enc_softc_t *enc, enc_element_t *elm,
* Assemble the components of the physical path starting with
* the device ID of the enclosure itself.
*/
+ memset(&cdai, 0, sizeof(cdai));
xpt_setup_ccb(&cdai.ccb_h, enc->periph->path, CAM_PRIORITY_NORMAL);
cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
cdai.flags = CDAI_FLAG_NONE;
diff --git a/sys/cam/scsi/scsi_sa.c b/sys/cam/scsi/scsi_sa.c
index 2ac4edb48de2..9c596f5523d0 100644
--- a/sys/cam/scsi/scsi_sa.c
+++ b/sys/cam/scsi/scsi_sa.c
@@ -2552,6 +2552,7 @@ saregister(struct cam_periph *periph, void *arg)
bzero(&ext_inq, sizeof(ext_inq));
+ memset(&cdai, 0, sizeof(cdai));
xpt_setup_ccb(&cdai.ccb_h, periph->path, CAM_PRIORITY_NORMAL);
cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
@@ -4728,6 +4729,7 @@ saextget(struct cdev *dev, struct cam_periph *periph, struct sbuf *sb,
SASBADDVARSTR(sb, indent, periph->periph_name, %s, periph_name,
strlen(periph->periph_name) + 1);
SASBADDUINT(sb, indent, periph->unit_number, %u, unit_number);
+ memset(&cgd, 0, sizeof(cgd));
xpt_setup_ccb(&cgd.ccb_h,
periph->path,
CAM_PRIORITY_NORMAL);
diff --git a/sys/cam/scsi/scsi_xpt.c b/sys/cam/scsi/scsi_xpt.c
index 37d8333e21a8..28d6445afac5 100644
--- a/sys/cam/scsi/scsi_xpt.c
+++ b/sys/cam/scsi/scsi_xpt.c
@@ -2730,6 +2730,7 @@ scsi_set_transfer_settings(struct ccb_trans_settings *cts, struct cam_path *path
inq_data = &device->inq_data;
scsi = &cts->proto_specific.scsi;
+ memset(&cpi, 0, sizeof(cpi));
xpt_setup_ccb(&cpi.ccb_h, path, CAM_PRIORITY_NONE);
cpi.ccb_h.func_code = XPT_PATH_INQ;
xpt_action((union ccb *)&cpi);
@@ -3086,6 +3087,7 @@ scsi_announce_periph_sbuf(struct cam_periph *periph, struct sbuf *sb)
struct ccb_trans_settings cts;
u_int speed, freq, mb;
+ memset(&cts, 0, sizeof(cts));
_scsi_announce_periph(periph, &speed, &freq, &cts);
if (cam_ccb_status((union ccb *)&cts) != CAM_REQ_CMP)
return;