Date: Sun, 15 Nov 1998 06:58:44 -0800 (PST) From: dan@math.berkeley.edu (Dan Strick) To: freebsd-scsi@FreeBSD.ORG Cc: dan@math.berkeley.edu Subject: bug in cam_real_open_device() Message-ID: <199811151458.GAA26354@math.berkeley.edu>
next in thread | raw e-mail | index | archive | help
In file: camlib.c,v 1.2 1998/10/12 21:54:00 ken Exp
beginning at line 587:
if ((fd = open(path, flags)) < 0) {
sprintf(cam_errbuf, "%s: couldn't open passthrough device %s\n"
"%s: %s", func_name, newpath, func_name,
strerror(errno));
goto crod_bailout;
}
The bug is that "newpath" hasn't been filled in at this point.
Another bug is that since the contents of newpath is unknown,
cam_errbuf might not be large enough (resulting in buffer overflow).
---------------------------------------
I feel compelled to express severe irritation with this part of the
cam design. The above code is trying to open one of the passthrough
devices. It determines the passthough device name by issuing a
CAMGETPASSTHRU ioctl() to the xpt device that maps driver name and
unit number into a passthrough driver name and unit number. These
driver names are not names in /dev but names defined in kernel source
driver tables that happen (by design of course) to correspond to names
of special files in /dev. For example, "/dev/rda0s1c" refers to
driver "da" unit "0" and "/dev/pass1" refers to driver "pass"
unit "1".
The cam library has to make the invalid assumption that special
file names correspond to kernel driver names and has couple of
special rules for two well known cases that break this assumption
("sd" and "st"). The cam library is effectively assuming that names
in /dev are compiled into the kernel.
In general, I think it is a very serious error for the kernel to contain
hardwired file names. The only name that the kernel really has to know
is "/sbin/init" and that name should be passed to it as an argument
during bootstrap.
There are a lot of little glitchy consequences of this aspect of the
cam design. For example, cam_open_device() will fail if the required
passthrough device has not been created in /dev, but there is currently
no way for a program using camlib to determine the name of the required
passthough device until after camlib has successfully opened it.
(The camlib routines happen not to fill in this cam_device struct
member until after the open succeeds. There is no camlib routine
that does just the CAMGETPASSTHRU ioctl(). Since the CAMGETPASSTHRU
ioctl() is undocumented, using it on the side is not an option.)
As a consequence, my program cannot produce an error message
telling the user that he has to create a specific passthrough
device in /dev. This is a real bummer.
This whole issue would never have come up and most of camlib would
be obviously vacuous if SCSI ioctl()s could be issued via the
usual device special files instead of the /dev/pass files.
What exactly do the /dev/pass files do that could not have been
done with the real device special files? (I.E. Why can't we just
do SCSI passthough ioctl()s using the raw disk devices like we
used to?)
Dan Strick
dan@math.berkeley.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-scsi" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811151458.GAA26354>