| History log of /src/sys/dev/ata/satapmp_subr.c |
| Revision | | Date | Author | Comments |
| 1.16 |
| 13-Apr-2020 |
jdolecek | fix use-after-free for ata xfer on bio submission found by KASAN
driver ata_bio hooks read parts of the xfer after ata_exec_xfer()
call in order to determine return value, change so that the hook
doesn't return any value - callers do not care already,
as all I/O requests are asynchronous
this problem was uncovered by recent change for wd(4) to not hold
wd mutex during ata_bio call, the interrupt for the xfer might
thus actually fire immediately
adjust also ata_exec_command driver hooks similarily - remove all
completion and waiting logic from drivers, upper layer ata code
using AT_WAIT/AT_POLL changed to call ata_wait_cmd() itself
PR kern/55169 by Nick Hudson
|
| 1.15 |
| 22-Oct-2018 |
jdolecek | branches: 1.15.4; 1.15.10;
Merge jdolecek-ncqfixes branch
- ata_xfer's are dynamicall allocated as needed using a pool, no longer
limited to number of possible openings supported by controller; dump
and recovery paths use dedicated pre-allocated storage
- moved callouts and condvars from ata_xfer to queue or channel, so that
ata_xfer does not need special initialization
- slot allocation now done when xfer is being activated, uncoupled
from memory allocation; active slots are no longer tracked by controller
code
- channel and drive reset is done always via the atabus thread, and
now executes with channel locked the whole time
- NCQ recovery moved to shared function, and run via the thread also
- added some workarounds for buggy error recovery AHCI emulation in QEMU
and Parallels
designed to primarily fix kern/52614, but might also help with kern/47041
and kern/53183
|
| 1.14 |
| 29-Jul-2018 |
jdolecek | branches: 1.14.2;
mark satapmp_rescan() static, it's not to be used outside satapmp_subr.c
|
| 1.13 |
| 07-Oct-2017 |
jdolecek | branches: 1.13.2; 1.13.4;
Merge support for SATA NCQ (Native Command Queueing) from jdolecek-ncq branch
ATA subsystem was changed to support several outstanding commands, and use
NCQ xfers if supported by both the controller and the disk, including NCQ
error recovery. Set NCQ high priority for BPRIO_TIMECRITICAL xfers
if supported. Added FUA support.
Done some work towards MP-safe, all ATA code tsleep()/wakeup() replaced
by condvars, and switched most code from spl* to mutexes (separate
wd(4) and ata channel lock).
Introduced new option WD_CHAOS_MONKEY to facilitate testing of error
handling, fixed several uncovered issues. Also fixed several problems
with kernel dump to wd(4) disk.
Tested with ahcisata(4), mvsata(4), siisata(4), piixide(4) on amd64,
with and without port multiplier, both disk and ATAPI devices; other
drivers and archs mechanically adjusted and compile-tested. NCQ is
supported for ahcisata(4) and siisata(4) for any controller, for
mvsata(4) only Gen IIe ones for now. Also enabled ATAPI support in
mvsata(4).
Thanks to Matt Thomas for initial ATA infrastructure patch, and
Jonathan A.Kollasch for siisata(4) NCQ changes and general testing.
Also fixes PR kern/43169 (wd(4)); and PR kern/11811, PR kern/47041,
PR kern/51979 (kernel dump)
|
| 1.12 |
| 03-May-2013 |
jakllsch | branches: 1.12.24;
Wait for DRDY after the PMP commands and don't wait before.
Should fix the worst part of PR kern/47793.
|
| 1.11 |
| 17-Apr-2013 |
jakllsch | Also print port multiplier port number when register accesses fail.
|
| 1.10 |
| 01-Aug-2012 |
bouyer | branches: 1.10.2; 1.10.4;
Make this compile again after DRIVET rename
|
| 1.9 |
| 01-Aug-2012 |
bouyer | Apply back changes that were reverted on Jul 24 and Jul 26 (general ata/wdc
cleanup and SATA PMP support), now that I'm back to fix the fallouts.
|
| 1.8 |
| 26-Jul-2012 |
jakllsch | Revert, with intention of restoring in a less invasive way, the SATA Port
Multiplier code.
ok christos@
|
| 1.7 |
| 24-Jul-2012 |
jakllsch | Revert dsl@'s changes of Sun, 15 Jul 2012 10:55:35 +0000 and
Sun, 15 Jul 2012 10:56:50 +0000, excepting the kernel version bump.
First step in reverting regressions to ata(4) subsystem during the addition of
port multiplier support.
|
| 1.6 |
| 22-Jul-2012 |
jakllsch | Port multiplier registers are 64-bits wide (although the ones we need only
implement 32-bits). Implement the access routines using 64-bit values and add
32-bit wrappers thereto.
|
| 1.5 |
| 22-Jul-2012 |
jakllsch | The vendor and product IDs are 16-bit, print out as such.
|
| 1.4 |
| 22-Jul-2012 |
jakllsch | Correctly issue port multiplier register access commands as LBA48 now that the
FIS code doesn't get in the way of doing that.
|
| 1.3 |
| 22-Jul-2012 |
jakllsch | KASSERT if we attempt to access an invalid port.
Also, small whitespace change for internal consistency.
|
| 1.2 |
| 15-Jul-2012 |
dsl | Some namespace protection (and add greppablity).
Prefix the DRIVE_ and DRIVET_ constants from atavar.h with ATA_.
Don't use an enum for drive_type - you don't know how big it will be.
Move driver_type to avoid implicit structure padding (esp on arm).
This change is purely lexical and mechanical.
Update to 6.99.9 - this wasn't done when the SATA PMP changes
were made - I'm sure they warranted a bump.
|
| 1.1 |
| 02-Jul-2012 |
bouyer | Add sata Port MultiPlier (PMP) support to the ata bus layer,
as described in
http://mail-index.netbsd.org/tech-kern/2012/06/23/msg013442.html
PMP support in integrated to the atabus layer.
struct ata_channel's ch_drive[] is not dynamically allocated, and ch_ndrive
(renamed to ch_ndrives) closely reflects the size of the ch_drive[] array.
Add helper functions atabus_alloc_drives() and atabus_free_drives()
to manage ch_drive[]/ch_ndrives.
Add wdc_maxdrives to struct wdc_softc so that bus front-end can specify
how much drive they really support (master/slave or single).
ata_reset_drive() callback gains a uint32_t *sigp argument which,
when not NULL, will contain the signature of the device being reset.
While there, some cosmetic changes:
- added a drive_type enum to ata_drive_datas, and stop encoding the
probed drive type in drive_flags (we were out of drive flags anyway).
- rename DRIVE_ATAPIST to DRIVE_ATAPIDSCW to better reflect what this
really is
- remove ata_channel->ata_drives, it's redundant with the pointer in
ata_drive_datas
- factor out the interpretation of SATA signatures in sata_interpet_sig()
propagate these changes to the ATA HBA drivers, and add support for PMP
to ahcisata(4) and siisata(4).
Thanks to:
- Protocase (http://www.protocase.com/) which provided a system
with lots of controllers, SATA PMP and drive slots
- Conservation Genomics Laboratory, Department of Biology, New Mexico State
University for hosting the above system
- Brook Milligan, who set up remote access and has been very responsive
when SATA cable move was needed
|
| 1.10.4.3 |
| 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.10.4.2 |
| 30-Oct-2012 |
yamt | sync with head
|
| 1.10.4.1 |
| 01-Aug-2012 |
yamt | file satapmp_subr.c was added on branch yamt-pagecache on 2012-10-30 17:20:53 +0000
|
| 1.10.2.2 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
| 1.10.2.1 |
| 23-Jun-2013 |
tls | resync from head
|
| 1.12.24.6 |
| 19-Sep-2017 |
jdolecek | replace all remaining tsleep()/wakeup() calls with condition variables, or
calls to ata_delay(), as appropriate; change ata_delay() to require the
channel lock on entry, and pass the lock to kpause() for unlocking while
sleeping
|
| 1.12.24.5 |
| 26-Jul-2017 |
jdolecek | write the device and channel for port multiplier attach (not just the atabus),
so it's easier to check
|
| 1.12.24.4 |
| 20-Jun-2017 |
jdolecek | remove ata queue downsizing - every device, attached to the same channel,
uses slots according to it's own limits
wdc code changed to expect maximum one active xfer, and not check number
of openings in the channel; this is to facilitate using wdc functions
for e.g. handling of atapi commands for drivers which support both ATAPI
and NCQ
|
| 1.12.24.3 |
| 19-Jun-2017 |
jdolecek | add ata_channel lock, use it to protect queue manipulation (only that for now);
add ata_channel_detach() to destroy the locks
change ata_get_xfer() so that it can wait for xfer, convert all on-stack
xfer code to use the blocking variant
fix siisata_reset_drive() to use polled reset and not try ata_activate_xfer(),
convert drive probe code also over from slot0 XXX to ata_get_xfer()
drive reset and PMP now works on siisata(4) too; changes tested also
on piixide(4), ahci(4), mvsata(4)
|
| 1.12.24.2 |
| 17-Jun-2017 |
jdolecek | make PMP working great again
tested with mvsata(4), my ahcisata(4) controller unfortunately doesn't
support PMP
|
| 1.12.24.1 |
| 15-Apr-2017 |
jdolecek | pass also ata_command via ata_xfer, callers of ata_exec_command() is now
responsible for allocation/disposal of the structure
change code to allocate ata_xfer for commands on stack same way as previously
the ata_command were, using c_slot 0; adjust asserts so that it would allow
several xfers with same c_slot, as long as only one such transfer is active
at a time
|
| 1.13.4.2 |
| 21-Apr-2020 |
martin | Sync with HEAD
|
| 1.13.4.1 |
| 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.13.2.2 |
| 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.13.2.1 |
| 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.14.2.2 |
| 20-Oct-2018 |
jdolecek | hold lock during drive reset (new locking protocol)
erase xfer before each reuse for read/write port commands
|
| 1.14.2.1 |
| 22-Sep-2018 |
jdolecek | separate ata_xfer slot allocation and the memory allocation, so that
there can be more queued xfers than number of supported slots by controller,
and use a pool instead of custom pre-allocation
primarily to help PR kern/52614
remove no longer needed custom wd(4) logic for flush cache
switch also wd(4) trim/suspend/setcache/wdioctlstrategy to sleep waiting
for the memory, they are all called from process context and this
avoids spurious failures
|
| 1.15.10.1 |
| 20-Apr-2020 |
bouyer | Sync with HEAD
|
| 1.15.4.1 |
| 30-Dec-2022 |
martin | Pull up following revision(s) (requested by tsutsui in ticket #1557):
sys/dev/ic/ahcisata_core.c: revision 1.83
sys/dev/ic/ahcisata_core.c: revision 1.102
sys/dev/ata/ata.c: revision 1.164
sys/dev/ata/ata_wdc.c: revision 1.115
sys/dev/ata/ata_recovery.c: revision 1.4
sys/dev/ic/siisata.c: revision 1.42
sys/dev/ic/wdc.c: revision 1.308
sys/dev/ic/mvsata.c: revision 1.56
sys/dev/scsipi/atapi_wdc.c: revision 1.138
sys/dev/ic/siisata.c: revision 1.49
sys/dev/ata/atavar.h: revision 1.105
sys/dev/ata/wd.c: revision 1.460
sys/dev/ata/ata.c: revision 1.155
sys/dev/ata/wd.c: revision 1.462
sys/dev/ata/atavar.h: revision 1.109
sys/dev/ata/satapmp_subr.c: revision 1.16
sys/dev/ic/wdc.c: revision 1.299
sys/dev/ic/ahcisata_core.c: revision 1.93
sys/dev/ata/ata_wdc.c: revision 1.120
sys/dev/ic/wdcvar.h: revision 1.100
sys/dev/scsipi/atapi_wdc.c: revision 1.141
sys/dev/ic/mvsata.c: revision 1.61
sys/dev/usb/umass_isdata.c (apply patch)
drop wd lock in wdstart1() before calling the ata_bio hook; when called
from ata thread context, that can still need to sleep for wdc attachments
in wdcwait()
fix use-after-free for ata xfer on bio submission found by KASAN
driver ata_bio hooks read parts of the xfer after ata_exec_xfer()
call in order to determine return value, change so that the hook
doesn't return any value - callers do not care already,
as all I/O requests are asynchronous
this problem was uncovered by recent change for wd(4) to not hold
wd mutex during ata_bio call, the interrupt for the xfer might
thus actually fire immediately
adjust also ata_exec_command driver hooks similarily - remove all
completion and waiting logic from drivers, upper layer ata code
using AT_WAIT/AT_POLL changed to call ata_wait_cmd() itself
PR kern/55169 by Nick Hudson
Function declaration formating whitespace consistency. NFCI.
PR kern/56403
Fix kernel freeze for wdc(4) variants with ATAC_CAP_NOIRQ:
(1) Change ata_xfer_ops:c_poll from void to int function. When it returns
ATAPOLL_AGAIN, let ata_xfer_start() iterate itself again.
(2) Let wdc_ata_bio_poll() return ATAPOLL_AGAIN until ATA_ITSDONE is
achieved.
A similar change has been made for mvsata(4) (see mvsata_bio_poll()),
and no functional changes for other devices.
This is how the drivers worked before jdolecek-ncq branch was merged.
Note that this changes are less likely to cause infinite recursion:
(1) wdc_ata_bio_intr() called from wdc_ata_bio_poll() asserts ATA_ITSDONE
in its error handling paths via wdc_ata_bio_done().
(2) Return value from c_start (= wdc_ata_bio_start()) is checked in
ata_xfer_start().
Therefore, errors encountered in ata_xfer_ops:c_poll and c_start routines
terminate the recursion for wdc(4). The situation is similar for mvsata(4).
Still, there is a possibility where ata_xfer_start() takes long time to
finish a normal operation. This can result in a delayed response for lower
priority interrupts. But, I've never observed such a situation, even when
heavy thrashing takes place for swap partition in wd(4).
"Go ahead" by jdolecek@.
|
