aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalyzyn, Mark <Mark_Salyzyn@adaptec.com>2008-01-24 10:40:10 -0500
committerJames Bottomley <James.Bottomley@HansenPartnership.com>2008-01-25 10:25:22 -0500
commita119ee8ee3045bf559d4cf02d72b112f3de2a15b (patch)
tree020c415dbade29e0c0fd3e39ec5b97d730d29f15
parent5aa22af3d089123df954693d1f911323307d41f7 (diff)
[SCSI] aacraid: fib context lock for management ioctls
Alan noticed the lack of locking surrounding the driver's dealings with the fib context managed by the trio of ioctls that are used by the RAID management applications to retrieve Adapter Initiated FIBs. I merely expanded the fib lock to include the fib context. There have been no field reports of any issues generally because the applications are relatively static and do not come and go often enough to stress this area. I bloated this patch a little with some space junk. Signed-off-by: Mark Salyzyn <aacraid@adaptec.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rw-r--r--drivers/scsi/aacraid/commctrl.c29
1 files changed, 17 insertions, 12 deletions
diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c
index f8afa358b6b6..851a7e599c50 100644
--- a/drivers/scsi/aacraid/commctrl.c
+++ b/drivers/scsi/aacraid/commctrl.c
@@ -243,6 +243,7 @@ static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
243 * Search the list of AdapterFibContext addresses on the adapter 243 * Search the list of AdapterFibContext addresses on the adapter
244 * to be sure this is a valid address 244 * to be sure this is a valid address
245 */ 245 */
246 spin_lock_irqsave(&dev->fib_lock, flags);
246 entry = dev->fib_list.next; 247 entry = dev->fib_list.next;
247 fibctx = NULL; 248 fibctx = NULL;
248 249
@@ -251,24 +252,25 @@ static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
251 /* 252 /*
252 * Extract the AdapterFibContext from the Input parameters. 253 * Extract the AdapterFibContext from the Input parameters.
253 */ 254 */
254 if (fibctx->unique == f.fibctx) { /* We found a winner */ 255 if (fibctx->unique == f.fibctx) { /* We found a winner */
255 break; 256 break;
256 } 257 }
257 entry = entry->next; 258 entry = entry->next;
258 fibctx = NULL; 259 fibctx = NULL;
259 } 260 }
260 if (!fibctx) { 261 if (!fibctx) {
262 spin_unlock_irqrestore(&dev->fib_lock, flags);
261 dprintk ((KERN_INFO "Fib Context not found\n")); 263 dprintk ((KERN_INFO "Fib Context not found\n"));
262 return -EINVAL; 264 return -EINVAL;
263 } 265 }
264 266
265 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) || 267 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
266 (fibctx->size != sizeof(struct aac_fib_context))) { 268 (fibctx->size != sizeof(struct aac_fib_context))) {
269 spin_unlock_irqrestore(&dev->fib_lock, flags);
267 dprintk ((KERN_INFO "Fib Context corrupt?\n")); 270 dprintk ((KERN_INFO "Fib Context corrupt?\n"));
268 return -EINVAL; 271 return -EINVAL;
269 } 272 }
270 status = 0; 273 status = 0;
271 spin_lock_irqsave(&dev->fib_lock, flags);
272 /* 274 /*
273 * If there are no fibs to send back, then either wait or return 275 * If there are no fibs to send back, then either wait or return
274 * -EAGAIN 276 * -EAGAIN
@@ -326,7 +328,9 @@ return_fib:
326int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx) 328int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
327{ 329{
328 struct fib *fib; 330 struct fib *fib;
331 unsigned long flags;
329 332
333 spin_lock_irqsave(&dev->fib_lock, flags);
330 /* 334 /*
331 * First free any FIBs that have not been consumed. 335 * First free any FIBs that have not been consumed.
332 */ 336 */
@@ -349,6 +353,7 @@ int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
349 * Remove the Context from the AdapterFibContext List 353 * Remove the Context from the AdapterFibContext List
350 */ 354 */
351 list_del(&fibctx->next); 355 list_del(&fibctx->next);
356 spin_unlock_irqrestore(&dev->fib_lock, flags);
352 /* 357 /*
353 * Invalidate context 358 * Invalidate context
354 */ 359 */
@@ -414,8 +419,8 @@ static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
414 * @arg: ioctl arguments 419 * @arg: ioctl arguments
415 * 420 *
416 * This routine returns the driver version. 421 * This routine returns the driver version.
417 * Under Linux, there have been no version incompatibilities, so this is 422 * Under Linux, there have been no version incompatibilities, so this is
418 * simple! 423 * simple!
419 */ 424 */
420 425
421static int check_revision(struct aac_dev *dev, void __user *arg) 426static int check_revision(struct aac_dev *dev, void __user *arg)
@@ -463,7 +468,7 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
463 u32 data_dir; 468 u32 data_dir;
464 void __user *sg_user[32]; 469 void __user *sg_user[32];
465 void *sg_list[32]; 470 void *sg_list[32];
466 u32 sg_indx = 0; 471 u32 sg_indx = 0;
467 u32 byte_count = 0; 472 u32 byte_count = 0;
468 u32 actual_fibsize64, actual_fibsize = 0; 473 u32 actual_fibsize64, actual_fibsize = 0;
469 int i; 474 int i;
@@ -517,11 +522,11 @@ static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
517 // Fix up srb for endian and force some values 522 // Fix up srb for endian and force some values
518 523
519 srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi); // Force this 524 srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi); // Force this
520 srbcmd->channel = cpu_to_le32(user_srbcmd->channel); 525 srbcmd->channel = cpu_to_le32(user_srbcmd->channel);
521 srbcmd->id = cpu_to_le32(user_srbcmd->id); 526 srbcmd->id = cpu_to_le32(user_srbcmd->id);
522 srbcmd->lun = cpu_to_le32(user_srbcmd->lun); 527 srbcmd->lun = cpu_to_le32(user_srbcmd->lun);
523 srbcmd->timeout = cpu_to_le32(user_srbcmd->timeout); 528 srbcmd->timeout = cpu_to_le32(user_srbcmd->timeout);
524 srbcmd->flags = cpu_to_le32(flags); 529 srbcmd->flags = cpu_to_le32(flags);
525 srbcmd->retry_limit = 0; // Obsolete parameter 530 srbcmd->retry_limit = 0; // Obsolete parameter
526 srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size); 531 srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
527 memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb)); 532 memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
@@ -786,9 +791,9 @@ static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
786 pci_info.bus = dev->pdev->bus->number; 791 pci_info.bus = dev->pdev->bus->number;
787 pci_info.slot = PCI_SLOT(dev->pdev->devfn); 792 pci_info.slot = PCI_SLOT(dev->pdev->devfn);
788 793
789 if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) { 794 if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
790 dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n")); 795 dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
791 return -EFAULT; 796 return -EFAULT;
792 } 797 }
793 return 0; 798 return 0;
794} 799}