From: James Bottomley <James.Bottomley@steeleye.com>
To: "Mukker, Atul" <atulm@lsil.com>
Cc: Mark Haverkamp <markh@osdl.org>,
Linus Torvalds <torvalds@transmeta.com>,
Linux Kernel <linux-kernel@vger.kernel.org>,
linux-scsi <linux-scsi@vger.kernel.org>
Subject: RE: [PATCH] megaraid driver fix for 2.5.70
Date: 06 Jun 2003 09:46:52 -0400 [thread overview]
Message-ID: <1054907212.1777.10.camel@mulgrave> (raw)
In-Reply-To: <0E3FA95632D6D047BA649F95DAB60E570185F234@EXA-ATLANTA.se.lsil.com>
On Fri, 2003-06-06 at 09:28, Mukker, Atul wrote:
> Coming back to main issue, declaring complete mailbox would be superfluous
> since driver uses 16 bytes at most. The following patch should fix the panic
>
> mbox = (mbox_t *)raw_mbox;
>
> - memset(mbox, 0, sizeof(*mbox));
> + memset(mbox, 0, 16);
>
> memset((void *)adapter->mega_buffer, 0, MEGA_BUFFER_SIZE);
>
This, I think, is a bad idea. It looks intrinsically wrong to allocate
storage and assign a pointer to it of a type that is longer than the
allocated storage. The initial buffer overrun was due to problems with
this.
I think the correct solution is to define your mailbox like this:
typedef struct {
/* 0x0 */ u8 cmd;
/* 0x1 */ u8 cmdid;
/* 0x2 */ u16 numsectors;
/* 0x4 */ u32 lba;
/* 0x8 */ u32 xferaddr;
/* 0xC */ u8 logdrv;
/* 0xD */ u8 numsgelements;
/* 0xE */ u8 resvd;
/* 0xF */ volatile u8 busy;
} __attribute__ ((packed)) user_mbox_t;
typedef struct {
user_mbox_t mbox_out
/* 0x10 */ volatile u8 numstatus;
/* 0x11 */ volatile u8 status;
/* 0x12 */ volatile u8 completed[MAX_FIRMWARE_STATUS];
volatile u8 poll;
volatile u8 ack;
} __attribute__ ((packed)) mbox_t;
and then re-define the issue_scb..() routines to use user_mbox_t which
is always the correct size.
Thus, you can throw away the raw_mbox and just do
user_mbox_t mbox;
memset(&mbox, 0, sizeof(mbox));
of course, your ->busy references become ->mbox_out.busy.
James
next prev parent reply other threads:[~2003-06-06 13:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-06 13:28 [PATCH] megaraid driver fix for 2.5.70 Mukker, Atul
2003-06-06 13:46 ` James Bottomley [this message]
2003-06-06 14:15 ` Mark Haverkamp
-- strict thread matches above, loose matches on Subject: below --
2003-06-06 15:03 Mukker, Atul
2003-06-03 14:29 Mark Haverkamp
2003-06-05 14:07 ` James Bottomley
2003-06-05 14:33 ` Mark Haverkamp
2003-06-05 14:42 ` James Bottomley
2003-06-05 14:46 ` Mark Haverkamp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1054907212.1777.10.camel@mulgrave \
--to=james.bottomley@steeleye.com \
--cc=atulm@lsil.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=markh@osdl.org \
--cc=torvalds@transmeta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.