Date: Mon, 23 Apr 2012 13:58:57 GMT From: Petr Lampa <lampa@fit.vutbr.cz> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/167226: new tbolt mfi driver cannot read sector >= 2^32 or 2^21 Message-ID: <201204231358.q3NDwuaD042630@red.freebsd.org> Resent-Message-ID: <201204231400.q3NE0auw012032@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 167226
>Category: kern
>Synopsis: new tbolt mfi driver cannot read sector >= 2^32 or 2^21
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 23 14:00:35 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Petr Lampa
>Release: 9.0-STABLE
>Organization:
BUT FIT
>Environment:
FreeBSD temp 9.0-STABLE FreeBSD 9.0-STABLE #0: Thu Apr 19 11:18:42 CEST 2012 root@temp:/usr/obj/usr/src/sys/TEMP amd64
>Description:
The new mfi_tbolt_build_cdb() ignores lba_hi when checking if lba address can be placed into read/write 6/10 CDB. The result is sector address clipped to 2^21-1 or 2^32-1 (this depends on request length).
>How-To-Repeat:
Connect 9265/9285 LSI MegaRAID and read existing array > 2TB.
>Fix:
Change dev/mfi/mfi_tbolt.c:
if ((num_lba <= 0xFF) && (lba_lo <= 0x1FFFFF)) {
..
else if ((num_lba <= 0xFFFF) && (lba_lo <= 0xFFFFFFFF)) {
..
to
if (lba_hi == 0 && (num_lba <= 0xFF) && (lba_lo <= 0x1FFFFF)) {
...
else if (lba_hi == 0 && (num_lba <= 0xFFFF) && (lba_lo <= 0xFFFFFFFF)) {
...
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201204231358.q3NDwuaD042630>