linux/drivers/scsi/arm/queue.c
Kees Cook 6da2ec5605 treewide: kmalloc() -> kmalloc_array()
The kmalloc() function has a 2-factor argument form, kmalloc_array(). This
patch replaces cases of:

        kmalloc(a * b, gfp)

with:
        kmalloc_array(a * b, gfp)

as well as handling cases of:

        kmalloc(a * b * c, gfp)

with:

        kmalloc(array3_size(a, b, c), gfp)

as it's slightly less ugly than:

        kmalloc_array(array_size(a, b), c, gfp)

This does, however, attempt to ignore constant size factors like:

        kmalloc(4 * 1024, gfp)

though any constants defined via macros get caught up in the conversion.

Any factors with a sizeof() of "unsigned char", "char", and "u8" were
dropped, since they're redundant.

The tools/ directory was manually excluded, since it has its own
implementation of kmalloc().

The Coccinelle script used for this was:

// Fix redundant parens around sizeof().
@@
type TYPE;
expression THING, E;
@@

(
  kmalloc(
-	(sizeof(TYPE)) * E
+	sizeof(TYPE) * E
  , ...)
|
  kmalloc(
-	(sizeof(THING)) * E
+	sizeof(THING) * E
  , ...)
)

// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
@@

(
  kmalloc(
-	sizeof(u8) * (COUNT)
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(__u8) * (COUNT)
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(char) * (COUNT)
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(unsigned char) * (COUNT)
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(u8) * COUNT
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(__u8) * COUNT
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(char) * COUNT
+	COUNT
  , ...)
|
  kmalloc(
-	sizeof(unsigned char) * COUNT
+	COUNT
  , ...)
)

// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
type TYPE;
expression THING;
identifier COUNT_ID;
constant COUNT_CONST;
@@

(
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * (COUNT_ID)
+	COUNT_ID, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * COUNT_ID
+	COUNT_ID, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * (COUNT_CONST)
+	COUNT_CONST, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * COUNT_CONST
+	COUNT_CONST, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * (COUNT_ID)
+	COUNT_ID, sizeof(THING)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * COUNT_ID
+	COUNT_ID, sizeof(THING)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * (COUNT_CONST)
+	COUNT_CONST, sizeof(THING)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * COUNT_CONST
+	COUNT_CONST, sizeof(THING)
  , ...)
)

// 2-factor product, only identifiers.
@@
identifier SIZE, COUNT;
@@

- kmalloc
+ kmalloc_array
  (
-	SIZE * COUNT
+	COUNT, SIZE
  , ...)

// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression THING;
identifier STRIDE, COUNT;
type TYPE;
@@

(
  kmalloc(
-	sizeof(TYPE) * (COUNT) * (STRIDE)
+	array3_size(COUNT, STRIDE, sizeof(TYPE))
  , ...)
|
  kmalloc(
-	sizeof(TYPE) * (COUNT) * STRIDE
+	array3_size(COUNT, STRIDE, sizeof(TYPE))
  , ...)
|
  kmalloc(
-	sizeof(TYPE) * COUNT * (STRIDE)
+	array3_size(COUNT, STRIDE, sizeof(TYPE))
  , ...)
|
  kmalloc(
-	sizeof(TYPE) * COUNT * STRIDE
+	array3_size(COUNT, STRIDE, sizeof(TYPE))
  , ...)
|
  kmalloc(
-	sizeof(THING) * (COUNT) * (STRIDE)
+	array3_size(COUNT, STRIDE, sizeof(THING))
  , ...)
|
  kmalloc(
-	sizeof(THING) * (COUNT) * STRIDE
+	array3_size(COUNT, STRIDE, sizeof(THING))
  , ...)
|
  kmalloc(
-	sizeof(THING) * COUNT * (STRIDE)
+	array3_size(COUNT, STRIDE, sizeof(THING))
  , ...)
|
  kmalloc(
-	sizeof(THING) * COUNT * STRIDE
+	array3_size(COUNT, STRIDE, sizeof(THING))
  , ...)
)

// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression THING1, THING2;
identifier COUNT;
type TYPE1, TYPE2;
@@

(
  kmalloc(
-	sizeof(TYPE1) * sizeof(TYPE2) * COUNT
+	array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
  , ...)
|
  kmalloc(
-	sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+	array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
  , ...)
|
  kmalloc(
-	sizeof(THING1) * sizeof(THING2) * COUNT
+	array3_size(COUNT, sizeof(THING1), sizeof(THING2))
  , ...)
|
  kmalloc(
-	sizeof(THING1) * sizeof(THING2) * (COUNT)
+	array3_size(COUNT, sizeof(THING1), sizeof(THING2))
  , ...)
|
  kmalloc(
-	sizeof(TYPE1) * sizeof(THING2) * COUNT
+	array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
  , ...)
|
  kmalloc(
-	sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+	array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
  , ...)
)

// 3-factor product, only identifiers, with redundant parens removed.
@@
identifier STRIDE, SIZE, COUNT;
@@

(
  kmalloc(
-	(COUNT) * STRIDE * SIZE
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	COUNT * (STRIDE) * SIZE
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	COUNT * STRIDE * (SIZE)
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	(COUNT) * (STRIDE) * SIZE
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	COUNT * (STRIDE) * (SIZE)
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	(COUNT) * STRIDE * (SIZE)
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	(COUNT) * (STRIDE) * (SIZE)
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
|
  kmalloc(
-	COUNT * STRIDE * SIZE
+	array3_size(COUNT, STRIDE, SIZE)
  , ...)
)

// Any remaining multi-factor products, first at least 3-factor products,
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
@@

(
  kmalloc(C1 * C2 * C3, ...)
|
  kmalloc(
-	(E1) * E2 * E3
+	array3_size(E1, E2, E3)
  , ...)
|
  kmalloc(
-	(E1) * (E2) * E3
+	array3_size(E1, E2, E3)
  , ...)
|
  kmalloc(
-	(E1) * (E2) * (E3)
+	array3_size(E1, E2, E3)
  , ...)
|
  kmalloc(
-	E1 * E2 * E3
+	array3_size(E1, E2, E3)
  , ...)
)

// And then all remaining 2 factors products when they're not all constants,
// keeping sizeof() as the second factor argument.
@@
expression THING, E1, E2;
type TYPE;
constant C1, C2, C3;
@@

(
  kmalloc(sizeof(THING) * C2, ...)
|
  kmalloc(sizeof(TYPE) * C2, ...)
|
  kmalloc(C1 * C2 * C3, ...)
|
  kmalloc(C1 * C2, ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * (E2)
+	E2, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(TYPE) * E2
+	E2, sizeof(TYPE)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * (E2)
+	E2, sizeof(THING)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	sizeof(THING) * E2
+	E2, sizeof(THING)
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	(E1) * E2
+	E1, E2
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	(E1) * (E2)
+	E1, E2
  , ...)
|
- kmalloc
+ kmalloc_array
  (
-	E1 * E2
+	E1, E2
  , ...)
)

Signed-off-by: Kees Cook <keescook@chromium.org>
2018-06-12 16:19:22 -07:00

319 lines
7.9 KiB
C

/*
* linux/drivers/acorn/scsi/queue.c: queue handling primitives
*
* Copyright (C) 1997-2000 Russell King
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Changelog:
* 15-Sep-1997 RMK Created.
* 11-Oct-1997 RMK Corrected problem with queue_remove_exclude
* not updating internal linked list properly
* (was causing commands to go missing).
* 30-Aug-2000 RMK Use Linux list handling and spinlocks
*/
#include <linux/module.h>
#include <linux/blkdev.h>
#include <linux/kernel.h>
#include <linux/string.h>
#include <linux/slab.h>
#include <linux/spinlock.h>
#include <linux/list.h>
#include <linux/init.h>
#include "../scsi.h"
#define DEBUG
typedef struct queue_entry {
struct list_head list;
struct scsi_cmnd *SCpnt;
#ifdef DEBUG
unsigned long magic;
#endif
} QE_t;
#ifdef DEBUG
#define QUEUE_MAGIC_FREE 0xf7e1c9a3
#define QUEUE_MAGIC_USED 0xf7e1cc33
#define SET_MAGIC(q,m) ((q)->magic = (m))
#define BAD_MAGIC(q,m) ((q)->magic != (m))
#else
#define SET_MAGIC(q,m) do { } while (0)
#define BAD_MAGIC(q,m) (0)
#endif
#include "queue.h"
#define NR_QE 32
/*
* Function: void queue_initialise (Queue_t *queue)
* Purpose : initialise a queue
* Params : queue - queue to initialise
*/
int queue_initialise (Queue_t *queue)
{
unsigned int nqueues = NR_QE;
QE_t *q;
spin_lock_init(&queue->queue_lock);
INIT_LIST_HEAD(&queue->head);
INIT_LIST_HEAD(&queue->free);
/*
* If life was easier, then SCpnt would have a
* host-available list head, and we wouldn't
* need to keep free lists or allocate this
* memory.
*/
queue->alloc = q = kmalloc_array(nqueues, sizeof(QE_t), GFP_KERNEL);
if (q) {
for (; nqueues; q++, nqueues--) {
SET_MAGIC(q, QUEUE_MAGIC_FREE);
q->SCpnt = NULL;
list_add(&q->list, &queue->free);
}
}
return queue->alloc != NULL;
}
/*
* Function: void queue_free (Queue_t *queue)
* Purpose : free a queue
* Params : queue - queue to free
*/
void queue_free (Queue_t *queue)
{
if (!list_empty(&queue->head))
printk(KERN_WARNING "freeing non-empty queue %p\n", queue);
kfree(queue->alloc);
}
/*
* Function: int __queue_add(Queue_t *queue, struct scsi_cmnd *SCpnt, int head)
* Purpose : Add a new command onto a queue, adding REQUEST_SENSE to head.
* Params : queue - destination queue
* SCpnt - command to add
* head - add command to head of queue
* Returns : 0 on error, !0 on success
*/
int __queue_add(Queue_t *queue, struct scsi_cmnd *SCpnt, int head)
{
unsigned long flags;
struct list_head *l;
QE_t *q;
int ret = 0;
spin_lock_irqsave(&queue->queue_lock, flags);
if (list_empty(&queue->free))
goto empty;
l = queue->free.next;
list_del(l);
q = list_entry(l, QE_t, list);
BUG_ON(BAD_MAGIC(q, QUEUE_MAGIC_FREE));
SET_MAGIC(q, QUEUE_MAGIC_USED);
q->SCpnt = SCpnt;
if (head)
list_add(l, &queue->head);
else
list_add_tail(l, &queue->head);
ret = 1;
empty:
spin_unlock_irqrestore(&queue->queue_lock, flags);
return ret;
}
static struct scsi_cmnd *__queue_remove(Queue_t *queue, struct list_head *ent)
{
QE_t *q;
/*
* Move the entry from the "used" list onto the "free" list
*/
list_del(ent);
q = list_entry(ent, QE_t, list);
BUG_ON(BAD_MAGIC(q, QUEUE_MAGIC_USED));
SET_MAGIC(q, QUEUE_MAGIC_FREE);
list_add(ent, &queue->free);
return q->SCpnt;
}
/*
* Function: struct scsi_cmnd *queue_remove_exclude (queue, exclude)
* Purpose : remove a SCSI command from a queue
* Params : queue - queue to remove command from
* exclude - bit array of target&lun which is busy
* Returns : struct scsi_cmnd if successful (and a reference), or NULL if no command available
*/
struct scsi_cmnd *queue_remove_exclude(Queue_t *queue, unsigned long *exclude)
{
unsigned long flags;
struct list_head *l;
struct scsi_cmnd *SCpnt = NULL;
spin_lock_irqsave(&queue->queue_lock, flags);
list_for_each(l, &queue->head) {
QE_t *q = list_entry(l, QE_t, list);
if (!test_bit(q->SCpnt->device->id * 8 +
(u8)(q->SCpnt->device->lun & 0x7), exclude)) {
SCpnt = __queue_remove(queue, l);
break;
}
}
spin_unlock_irqrestore(&queue->queue_lock, flags);
return SCpnt;
}
/*
* Function: struct scsi_cmnd *queue_remove (queue)
* Purpose : removes first SCSI command from a queue
* Params : queue - queue to remove command from
* Returns : struct scsi_cmnd if successful (and a reference), or NULL if no command available
*/
struct scsi_cmnd *queue_remove(Queue_t *queue)
{
unsigned long flags;
struct scsi_cmnd *SCpnt = NULL;
spin_lock_irqsave(&queue->queue_lock, flags);
if (!list_empty(&queue->head))
SCpnt = __queue_remove(queue, queue->head.next);
spin_unlock_irqrestore(&queue->queue_lock, flags);
return SCpnt;
}
/*
* Function: struct scsi_cmnd *queue_remove_tgtluntag (queue, target, lun, tag)
* Purpose : remove a SCSI command from the queue for a specified target/lun/tag
* Params : queue - queue to remove command from
* target - target that we want
* lun - lun on device
* tag - tag on device
* Returns : struct scsi_cmnd if successful, or NULL if no command satisfies requirements
*/
struct scsi_cmnd *queue_remove_tgtluntag(Queue_t *queue, int target, int lun,
int tag)
{
unsigned long flags;
struct list_head *l;
struct scsi_cmnd *SCpnt = NULL;
spin_lock_irqsave(&queue->queue_lock, flags);
list_for_each(l, &queue->head) {
QE_t *q = list_entry(l, QE_t, list);
if (q->SCpnt->device->id == target && q->SCpnt->device->lun == lun &&
q->SCpnt->tag == tag) {
SCpnt = __queue_remove(queue, l);
break;
}
}
spin_unlock_irqrestore(&queue->queue_lock, flags);
return SCpnt;
}
/*
* Function: queue_remove_all_target(queue, target)
* Purpose : remove all SCSI commands from the queue for a specified target
* Params : queue - queue to remove command from
* target - target device id
* Returns : nothing
*/
void queue_remove_all_target(Queue_t *queue, int target)
{
unsigned long flags;
struct list_head *l;
spin_lock_irqsave(&queue->queue_lock, flags);
list_for_each(l, &queue->head) {
QE_t *q = list_entry(l, QE_t, list);
if (q->SCpnt->device->id == target)
__queue_remove(queue, l);
}
spin_unlock_irqrestore(&queue->queue_lock, flags);
}
/*
* Function: int queue_probetgtlun (queue, target, lun)
* Purpose : check to see if we have a command in the queue for the specified
* target/lun.
* Params : queue - queue to look in
* target - target we want to probe
* lun - lun on target
* Returns : 0 if not found, != 0 if found
*/
int queue_probetgtlun (Queue_t *queue, int target, int lun)
{
unsigned long flags;
struct list_head *l;
int found = 0;
spin_lock_irqsave(&queue->queue_lock, flags);
list_for_each(l, &queue->head) {
QE_t *q = list_entry(l, QE_t, list);
if (q->SCpnt->device->id == target && q->SCpnt->device->lun == lun) {
found = 1;
break;
}
}
spin_unlock_irqrestore(&queue->queue_lock, flags);
return found;
}
/*
* Function: int queue_remove_cmd(Queue_t *queue, struct scsi_cmnd *SCpnt)
* Purpose : remove a specific command from the queues
* Params : queue - queue to look in
* SCpnt - command to find
* Returns : 0 if not found
*/
int queue_remove_cmd(Queue_t *queue, struct scsi_cmnd *SCpnt)
{
unsigned long flags;
struct list_head *l;
int found = 0;
spin_lock_irqsave(&queue->queue_lock, flags);
list_for_each(l, &queue->head) {
QE_t *q = list_entry(l, QE_t, list);
if (q->SCpnt == SCpnt) {
__queue_remove(queue, l);
found = 1;
break;
}
}
spin_unlock_irqrestore(&queue->queue_lock, flags);
return found;
}
EXPORT_SYMBOL(queue_initialise);
EXPORT_SYMBOL(queue_free);
EXPORT_SYMBOL(__queue_add);
EXPORT_SYMBOL(queue_remove);
EXPORT_SYMBOL(queue_remove_exclude);
EXPORT_SYMBOL(queue_remove_tgtluntag);
EXPORT_SYMBOL(queue_remove_cmd);
EXPORT_SYMBOL(queue_remove_all_target);
EXPORT_SYMBOL(queue_probetgtlun);
MODULE_AUTHOR("Russell King");
MODULE_DESCRIPTION("SCSI command queueing");
MODULE_LICENSE("GPL");