Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/dev/dm Fix bug in kmem_alloc/kmem_free of params string....
details: https://anonhg.NetBSD.org/src/rev/724d2fc61bcf
branches: trunk
changeset: 747310:724d2fc61bcf
user: haad <haad%NetBSD.org@localhost>
date: Wed Sep 09 22:38:49 2009 +0000
description:
Fix bug in kmem_alloc/kmem_free of params string. Params string was
allocated with length DM_MAX_PARAMS_SIZE and released with strlen + 1 size.
Disable KM_NOSLEEP allocation because we do not need them here there is
nothing critical in ioctl part of dm driver.
Bug reported by jak@.
diffstat:
sys/dev/dm/dm_dev.c | 6 +++---
sys/dev/dm/dm_ioctl.c | 6 +++---
sys/dev/dm/dm_pdev.c | 4 ++--
sys/dev/dm/dm_target.c | 4 ++--
sys/dev/dm/dm_target_linear.c | 6 +++---
sys/dev/dm/dm_target_stripe.c | 8 +++-----
6 files changed, 16 insertions(+), 18 deletions(-)
diffs (143 lines):
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_dev.c
--- a/sys/dev/dm/dm_dev.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_dev.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dm_dev.c,v 1.5 2009/04/13 18:51:54 haad Exp $ */
+/* $NetBSD: dm_dev.c,v 1.6 2009/09/09 22:38:49 haad Exp $ */
/*
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -304,10 +304,10 @@
{
dm_dev_t *dmv;
- dmv = kmem_zalloc(sizeof(dm_dev_t), KM_NOSLEEP);
+ dmv = kmem_zalloc(sizeof(dm_dev_t), KM_SLEEP);
if(dmv != NULL)
- dmv->diskp = kmem_zalloc(sizeof(struct disk), KM_NOSLEEP);
+ dmv->diskp = kmem_zalloc(sizeof(struct disk), KM_SLEEP);
return dmv;
}
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_ioctl.c
--- a/sys/dev/dm/dm_ioctl.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_ioctl.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dm_ioctl.c,v 1.13 2009/06/05 21:52:31 haad Exp $ */
+/* $NetBSD: dm_ioctl.c,v 1.14 2009/09/09 22:38:49 haad Exp $ */
/*
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -746,7 +746,7 @@
}
if ((table_en = kmem_alloc(sizeof(dm_table_entry_t),
- KM_NOSLEEP)) == NULL) {
+ KM_SLEEP)) == NULL) {
dm_table_release(&dmv->table_head, DM_TABLE_INACTIVE);
dm_dev_unbusy(dmv);
return ENOMEM;
@@ -913,7 +913,7 @@
prop_dictionary_set_cstring(target_dict,
DM_TABLE_PARAMS, params);
- kmem_free(params, strlen(params) + 1);
+ kmem_free(params, DM_MAX_PARAMS_SIZE);
}
}
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_pdev.c
--- a/sys/dev/dm/dm_pdev.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_pdev.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dm_pdev.c,v 1.3 2009/03/18 10:22:39 cegger Exp $ */
+/* $NetBSD: dm_pdev.c,v 1.4 2009/09/09 22:38:49 haad Exp $ */
/*
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -141,7 +141,7 @@
{
dm_pdev_t *dmp;
- if ((dmp = kmem_zalloc(sizeof(dm_pdev_t), KM_NOSLEEP)) == NULL)
+ if ((dmp = kmem_zalloc(sizeof(dm_pdev_t), KM_SLEEP)) == NULL)
return NULL;
strlcpy(dmp->name, name, MAX_DEV_NAME);
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_target.c
--- a/sys/dev/dm/dm_target.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_target.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dm_target.c,v 1.10 2009/08/16 11:02:40 yamt Exp $ */
+/* $NetBSD: dm_target.c,v 1.11 2009/09/09 22:38:49 haad Exp $ */
/*
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -238,7 +238,7 @@
dm_target_t*
dm_target_alloc(const char *name)
{
- return kmem_zalloc(sizeof(dm_target_t), KM_NOSLEEP);
+ return kmem_zalloc(sizeof(dm_target_t), KM_SLEEP);
}
/*
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_target_linear.c
--- a/sys/dev/dm/dm_target_linear.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_target_linear.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dm_target_linear.c,v 1.6 2009/08/16 11:02:24 yamt Exp $ */
+/* $NetBSD: dm_target_linear.c,v 1.7 2009/09/09 22:38:49 haad Exp $ */
/*
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -78,7 +78,7 @@
aprint_debug("Linear target init function called %s--%"PRIu64"!!\n",
device, offset);
- if ((tlc = kmem_alloc(sizeof(dm_target_linear_config_t), KM_NOSLEEP))
+ if ((tlc = kmem_alloc(sizeof(dm_target_linear_config_t), KM_SLEEP))
== NULL)
return 1;
@@ -109,7 +109,7 @@
aprint_debug("Linear target status function called\n");
- if ((params = kmem_alloc(DM_MAX_PARAMS_SIZE, KM_NOSLEEP)) == NULL)
+ if ((params = kmem_alloc(DM_MAX_PARAMS_SIZE, KM_SLEEP)) == NULL)
return NULL;
aprint_normal("%s %"PRIu64, tlc->pdev->name, tlc->offset);
diff -r 9aee2399b91f -r 724d2fc61bcf sys/dev/dm/dm_target_stripe.c
--- a/sys/dev/dm/dm_target_stripe.c Wed Sep 09 17:09:49 2009 +0000
+++ b/sys/dev/dm/dm_target_stripe.c Wed Sep 09 22:38:49 2009 +0000
@@ -1,4 +1,4 @@
-/*$NetBSD: dm_target_stripe.c,v 1.6 2009/06/05 19:56:40 haad Exp $*/
+/*$NetBSD: dm_target_stripe.c,v 1.7 2009/09/09 22:38:49 haad Exp $*/
/*
* Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -164,8 +164,6 @@
tsc->stripe_devs[0].offset = offset1;
tsc->stripe_devs[1].offset = offset2;
- /* Save length of param string */
- tsc->params_len = DM_MAX_PARAMS_SIZE;
tsc->stripe_chunksize = chunk_size;
tsc->stripe_num = (uint8_t)stripes;
@@ -185,10 +183,10 @@
tsc = target_config;
- if ((params = kmem_alloc(tsc->params_len, KM_NOSLEEP)) == NULL)
+ if ((params = kmem_alloc(DM_MAX_PARAMS_SIZE, KM_SLEEP)) == NULL)
return NULL;
- snprintf(params, tsc->params_len, "%d %"PRIu64" %s %"PRIu64" %s %"PRIu64,
+ snprintf(params, DM_MAX_PARAMS_SIZE, "%d %"PRIu64" %s %"PRIu64" %s %"PRIu64,
tsc->stripe_num, tsc->stripe_chunksize,
tsc->stripe_devs[0].pdev->name, tsc->stripe_devs[0].offset,
tsc->stripe_devs[1].pdev->name, tsc->stripe_devs[1].offset);
Home |
Main Index |
Thread Index |
Old Index