From woods@zeus.leitch.com  Wed Mar 11 09:03:38 1998
Received: from gateman.zeus.leitch.com (gateman.zeus.leitch.com [204.187.61.193])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA08439
          for <FreeBSD-gnats-submit@freebsd.org>; Wed, 11 Mar 1998 09:03:34 -0800 (PST)
          (envelope-from woods@zeus.leitch.com)
Received: from zeus.leitch.com (0@tap.zeus.leitch.com [204.187.61.10]) by gateman.zeus.leitch.com (8.8.5/8.7.3/1.0) with ESMTP id MAA09704 for <FreeBSD-gnats-submit@freebsd.org>; Wed, 11 Mar 1998 12:03:31 -0500 (EST)
Received: from bitter.zeus.leitch.com (bitter.zeus.leitch.com [204.187.61.66]) by zeus.leitch.com (8.7.5/8.7.3/1.0) with ESMTP id MAA15625 for <FreeBSD-gnats-submit@freebsd.org>; Wed, 11 Mar 1998 12:03:25 -0500 (EST)
Received: (woods@localhost) by bitter.zeus.leitch.com (8.8.7/8.6.9) id MAA02504; Wed, 11 Mar 1998 12:03:24 -0500 (EST)
Message-Id: <199803111703.MAA02504@bitter.zeus.leitch.com>
Date: Wed, 11 Mar 1998 12:03:24 -0500 (EST)
From: woods@zeus.leitch.com
Reply-To: woods@zeus.leitch.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: sd.c doesn't validate all mode sense 4 values, esp. secsize
X-Send-Pr-Version: 3.2

>Number:         5979
>Category:       kern
>Synopsis:       sd.c doesn't validate all mode sense 4 values, esp. secsize
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    julian
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 11 09:10:01 PST 1998
>Closed-Date:    Mon Nov 16 14:02:10 PST 1998
>Last-Modified:  Mon Nov 16 14:04:04 PST 1998
>Originator:     Greg A. Woods
>Release:        FreeBSD 2.2.5-STABLE i386
>Organization:
Planix, Inc.; on contract at Leitch Technology International, Inc.
>Environment:

System: ASUS P2L97 motherboard with i686 class CPU and 128MB SDRAM
SCSI Host Adapter: Adaptec AHA-2940UW (BIOS v1.32)
Disk Array Controller: Adaptec AEC-4312A

>Description:

The sd driver probes and reports incorrect values from an Adaptec
AEC-4312A SCSI RAID controller.  Notably the sector size (and thus the
calculated volume size) is invalid.

This problem was initially noted in the 2.2.5-stable (RELENG_2_2
branch cvsup'ed as of 1998/01/26), but the latest 3.0-SNAP boot floppy
also exhibited the same problem.

>How-To-Repeat:

Boot any FreeBSD on a system with an attached Adaptec AEC-4312A SCSI
RAID array and inspect the sector size reported.

>Fix:
	
Upon inspection of and comparison with the NetBSD-1.3 release code,
which does correctly identify bogus values from the mode sense and
reports the correct sector size and calculated volume size using the
traditional Adaptec "fictitious" geometry, we noted that the FreeBSD
code was not clearing the scsi_sense data structure (presumably to
allow detection of fields not set in the mode page), nor was the
sector size being forced to a logical value when the rest of the
geometry was corrected.

The attached patch solves the problem (but we've not verified that all
related problems have been solved -- the logic in NetBSD's version of
this code is considerably different and seems to handle more potential
conditions).

=== cd /usr/src/sys/scsi/
=== /usr/bin/cvs diff -c sd.c

Index: sd.c
===================================================================
RCS file: /cvs/Leitch/FreeBSD-2.2/sys/scsi/sd.c,v
retrieving revision 1.1.1.1
diff -c -r1.1.1.1 sd.c
*** sd.c	1998/01/21 23:19:16	1.1.1.1
--- sd.c	1998/02/11 18:33:08
***************
*** 725,730 ****
--- 725,731 ----
  	/*
  	 * do a "mode sense page 4"
  	 */
+ 	bzero(&scsi_sense, sizeof(scsi_sense));
  	bzero(&scsi_cmd, sizeof(scsi_cmd));
  	scsi_cmd.op_code = MODE_SENSE;
  	scsi_cmd.page = 4;
***************
*** 791,796 ****
--- 792,798 ----
  			disk_parms->heads = 64;
  			disk_parms->cyls = sectors / (64 * 32);
  			sectors = 32;
+ 			disk_parms->secsiz = SECSIZE;
  		}
  		/* keep secsiz sane too - we may divide by it later */
  		if(disk_parms->secsiz == 0)

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->gibbs 
Responsible-Changed-By: jkh 
Responsible-Changed-When: Wed Mar 11 17:19:36 PST 1998 
Responsible-Changed-Why:  
This is definitely a Justin PR. :) 
Responsible-Changed-From-To: gibbs->julian 
Responsible-Changed-By: gibbs 
Responsible-Changed-When: Thu Mar 12 21:56:09 PST 1998 
Responsible-Changed-Why:  
The usefulness of performing a "mode page 4" query is somewhat 
questionable.  The CAM SCSI layer doesn't even attempt this 
action as several devices do not support that mode page, the 
sector size reported is the "physical sector size" which 
often times does not match the "logical sector size", and 
the geometry that is reported is not useful for partitioning 
the disk (you want the translated geometry for that).  It 
might be of use for rotational optimizations, but these 
"optimizations" in FFS have been disabled for some time to 
increase performance. 

That being said, Julian did commit a change that was supposed 
to ensure that the system uses the logical sector size as 
reported by the READ CAPACITY command.  He should probably 
use that same sector size in computing any displayed geometry 
and for creating label information. 

The scsi_sense data should not need to be initialized to zero. 
If the SCSI command for fetching the mode page is successful 
and the code properly decodes the data the device wrote, it 
should work fine.  Perhaps the code is not doing this properly, 
but as my interest lies in the CAM code, it won't be me that 
fixes it. 
State-Changed-From-To: open->closed 
State-Changed-By: julian 
State-Changed-When: Mon Nov 16 14:02:10 PST 1998 
State-Changed-Why:  
sd.c is no-longer in 3.0 
also, a change was made to detect the sector size differently 
which may have fixed this anyway.. 
if it's still a problem in 2.2.x let me know 
>Unformatted:
