[src/trunk]: src/sys/dev/ic fix passthrough command usage also in nvme_get_nu...

[jdolecek <jdolecek%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/5ab59eab218a
branches:  trunk
changeset: 831235:5ab59eab218a
user:      jdolecek <jdolecek%NetBSD.org@localhost>
date:      Sat Mar 17 09:36:32 2018 +0000

description:
fix passthrough command usage also in nvme_get_number_of_queues(), fixes
memory corruption and possible panic on boot

PR kern/53059

diffstat:

 sys/dev/ic/nvme.c |  11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)

diffs (40 lines):

diff -r 84062063e0c5 -r 5ab59eab218a sys/dev/ic/nvme.c
--- a/sys/dev/ic/nvme.c Sat Mar 17 07:31:36 2018 +0000
+++ b/sys/dev/ic/nvme.c Sat Mar 17 09:36:32 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: nvme.c,v 1.35 2018/03/17 00:28:03 jdolecek Exp $       */
+/*     $NetBSD: nvme.c,v 1.36 2018/03/17 09:36:32 jdolecek Exp $       */
 /*     $OpenBSD: nvme.c,v 1.49 2016/04/18 05:59:50 dlg Exp $ */
 
 /*
@@ -18,7 +18,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nvme.c,v 1.35 2018/03/17 00:28:03 jdolecek Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvme.c,v 1.36 2018/03/17 09:36:32 jdolecek Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -1443,6 +1443,7 @@
 static int
 nvme_get_number_of_queues(struct nvme_softc *sc, u_int *nqap)
 {
+       struct nvme_pt_state state;
        struct nvme_pt_command pt;
        struct nvme_ccb *ccb;
        uint16_t ncqa, nsqa;
@@ -1455,8 +1456,12 @@
        pt.cmd.opcode = NVM_ADMIN_GET_FEATURES;
        pt.cmd.cdw10 = NVM_FEATURE_NUMBER_OF_QUEUES;
 
+       memset(&state, 0, sizeof(state));
+       state.pt = &pt;
+       state.finished = false;
+
        ccb->ccb_done = nvme_pt_done;
-       ccb->ccb_cookie = &pt;
+       ccb->ccb_cookie = &state;
 
        rv = nvme_poll(sc, sc->sc_admin_q, ccb, nvme_pt_fill, NVME_TIMO_QOP);