| History log of /src/sys/dev/ata/ata_recovery.c |
| Revision | | Date | Author | Comments |
| 1.4 |
| 13-Apr-2020 |
jdolecek | fix use-after-free for ata xfer on bio submission found by KASAN
driver ata_bio hooks read parts of the xfer after ata_exec_xfer()
call in order to determine return value, change so that the hook
doesn't return any value - callers do not care already,
as all I/O requests are asynchronous
this problem was uncovered by recent change for wd(4) to not hold
wd mutex during ata_bio call, the interrupt for the xfer might
thus actually fire immediately
adjust also ata_exec_command driver hooks similarily - remove all
completion and waiting logic from drivers, upper layer ata code
using AT_WAIT/AT_POLL changed to call ata_wait_cmd() itself
PR kern/55169 by Nick Hudson
|
| 1.3 |
| 04-Apr-2020 |
jdolecek | branches: 1.3.2;
stop xfer timeouts during recovery, all xfers will be requeued anyway
this avoids race with the timeout routine when processing the xfers
for requeueing
should fix PR kern/54790 by Izumi Tsutsui
|
| 1.2 |
| 22-Oct-2018 |
jdolecek | branches: 1.2.2; 1.2.6; 1.2.8;
Merge jdolecek-ncqfixes branch
- ata_xfer's are dynamicall allocated as needed using a pool, no longer
limited to number of possible openings supported by controller; dump
and recovery paths use dedicated pre-allocated storage
- moved callouts and condvars from ata_xfer to queue or channel, so that
ata_xfer does not need special initialization
- slot allocation now done when xfer is being activated, uncoupled
from memory allocation; active slots are no longer tracked by controller
code
- channel and drive reset is done always via the atabus thread, and
now executes with channel locked the whole time
- NCQ recovery moved to shared function, and run via the thread also
- added some workarounds for buggy error recovery AHCI emulation in QEMU
and Parallels
designed to primarily fix kern/52614, but might also help with kern/47041
and kern/53183
|
| 1.1 |
| 11-Oct-2018 |
jdolecek | branches: 1.1.2;
file ata_recovery.c was initially added on branch jdolecek-ncqfixes.
|
| 1.1.2.2 |
| 15-Oct-2018 |
jdolecek | change the SATA/NCQ recovery to run in the atabus thread
|
| 1.1.2.1 |
| 11-Oct-2018 |
jdolecek | refactor shared parts of the SATA error recovery into new function
ata_recovery_resume() and use for ahcisata/siisata/mvsata, also replace
per-controller hold/unhold with generic version
move the shared recovery code into separate file ata_recovery.c
|
| 1.2.8.2 |
| 30-Dec-2022 |
martin | Pull up following revision(s) (requested by tsutsui in ticket #1557):
sys/dev/ic/ahcisata_core.c: revision 1.83
sys/dev/ic/ahcisata_core.c: revision 1.102
sys/dev/ata/ata.c: revision 1.164
sys/dev/ata/ata_wdc.c: revision 1.115
sys/dev/ata/ata_recovery.c: revision 1.4
sys/dev/ic/siisata.c: revision 1.42
sys/dev/ic/wdc.c: revision 1.308
sys/dev/ic/mvsata.c: revision 1.56
sys/dev/scsipi/atapi_wdc.c: revision 1.138
sys/dev/ic/siisata.c: revision 1.49
sys/dev/ata/atavar.h: revision 1.105
sys/dev/ata/wd.c: revision 1.460
sys/dev/ata/ata.c: revision 1.155
sys/dev/ata/wd.c: revision 1.462
sys/dev/ata/atavar.h: revision 1.109
sys/dev/ata/satapmp_subr.c: revision 1.16
sys/dev/ic/wdc.c: revision 1.299
sys/dev/ic/ahcisata_core.c: revision 1.93
sys/dev/ata/ata_wdc.c: revision 1.120
sys/dev/ic/wdcvar.h: revision 1.100
sys/dev/scsipi/atapi_wdc.c: revision 1.141
sys/dev/ic/mvsata.c: revision 1.61
sys/dev/usb/umass_isdata.c (apply patch)
drop wd lock in wdstart1() before calling the ata_bio hook; when called
from ata thread context, that can still need to sleep for wdc attachments
in wdcwait()
fix use-after-free for ata xfer on bio submission found by KASAN
driver ata_bio hooks read parts of the xfer after ata_exec_xfer()
call in order to determine return value, change so that the hook
doesn't return any value - callers do not care already,
as all I/O requests are asynchronous
this problem was uncovered by recent change for wd(4) to not hold
wd mutex during ata_bio call, the interrupt for the xfer might
thus actually fire immediately
adjust also ata_exec_command driver hooks similarily - remove all
completion and waiting logic from drivers, upper layer ata code
using AT_WAIT/AT_POLL changed to call ata_wait_cmd() itself
PR kern/55169 by Nick Hudson
Function declaration formating whitespace consistency. NFCI.
PR kern/56403
Fix kernel freeze for wdc(4) variants with ATAC_CAP_NOIRQ:
(1) Change ata_xfer_ops:c_poll from void to int function. When it returns
ATAPOLL_AGAIN, let ata_xfer_start() iterate itself again.
(2) Let wdc_ata_bio_poll() return ATAPOLL_AGAIN until ATA_ITSDONE is
achieved.
A similar change has been made for mvsata(4) (see mvsata_bio_poll()),
and no functional changes for other devices.
This is how the drivers worked before jdolecek-ncq branch was merged.
Note that this changes are less likely to cause infinite recursion:
(1) wdc_ata_bio_intr() called from wdc_ata_bio_poll() asserts ATA_ITSDONE
in its error handling paths via wdc_ata_bio_done().
(2) Return value from c_start (= wdc_ata_bio_start()) is checked in
ata_xfer_start().
Therefore, errors encountered in ata_xfer_ops:c_poll and c_start routines
terminate the recursion for wdc(4). The situation is similar for mvsata(4).
Still, there is a possibility where ata_xfer_start() takes long time to
finish a normal operation. This can result in a delayed response for lower
priority interrupts. But, I've never observed such a situation, even when
heavy thrashing takes place for swap partition in wd(4).
"Go ahead" by jdolecek@.
|
| 1.2.8.1 |
| 08-Feb-2022 |
martin | Pull up following revision(s) (requested by jdolecek in ticket #1426):
sys/dev/ata/ata_recovery.c: revision 1.3
sys/dev/ata/ata_subr.c: revision 1.9
stop xfer timeouts during recovery, all xfers will be requeued anyway
this avoids race with the timeout routine when processing the xfers
for requeueing
should fix PR kern/54790 by Izumi Tsutsui
|
| 1.2.6.4 |
| 21-Apr-2020 |
martin | Sync with HEAD
|
| 1.2.6.3 |
| 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
| 1.2.6.2 |
| 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.2.6.1 |
| 22-Oct-2018 |
christos | file ata_recovery.c was added on branch phil-wifi on 2019-06-10 22:07:05 +0000
|
| 1.2.2.2 |
| 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.2.2.1 |
| 22-Oct-2018 |
pgoyette | file ata_recovery.c was added on branch pgoyette-compat on 2018-11-26 01:52:30 +0000
|
| 1.3.2.1 |
| 20-Apr-2020 |
bouyer | Sync with HEAD
|
