diff options
author | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2008-10-23 20:21:05 -0400 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2008-11-05 12:40:23 -0500 |
commit | 6b0eea21efed26f92e18741e54a3121cf5cd197e (patch) | |
tree | 100893dadb93eaa0c3cf577256ab0c77d9091354 | |
parent | 75fa67706cce5272bcfc51ed646f2da21f3bdb6e (diff) |
[SCSI] megaraid: fix mega_internal_command oops
scsi_cmnd->cmnd was changed from a static array to a pointer post
2.6.25. It breaks mega_internal_command():
static int
mega_internal_command(adapter_t *adapter, megacmd_t *mc, mega_passthru *pthru)
{
...
scb = &adapter->int_scb;
memset(scb, 0, sizeof(scb_t));
scmd = &adapter->int_scmd;
memset(scmd, 0, sizeof(Scsi_Cmnd));
sdev = kzalloc(sizeof(struct scsi_device), GFP_KERNEL);
scmd->device = sdev;
scmd->device->host = adapter->host;
scmd->host_scribble = (void *)scb;
scmd->cmnd[0] = MEGA_INTERNAL_CMD;
mega_internal_command() uses scsi_cmnd allocated internally so
scmd->cmnd is NULL here. This patch adds a static array for cdb to
adapter_t and uses it here. This also uses
scsi_allocate_command/scsi_free_command, the recommended way to
allocate struct scsi_cmnd since the driver might use sense_buffer in
struct scsi_cmnd.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Reviewed-by: Boaz Harrosh <bharrosh@panasas.com>
Tested-by: Pascal Terjan <pterjan@gmail.com>
Reported-by: Pascal Terjan <pterjan@gmail.com>
Acked-by: "Yang, Bo" <Bo.Yang@lsi.com>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rw-r--r-- | drivers/scsi/megaraid.c | 11 | ||||
-rw-r--r-- | drivers/scsi/megaraid.h | 2 |
2 files changed, 9 insertions, 4 deletions
diff --git a/drivers/scsi/megaraid.c b/drivers/scsi/megaraid.c index 28c9da7d4a5c..7dc62deb4087 100644 --- a/drivers/scsi/megaraid.c +++ b/drivers/scsi/megaraid.c | |||
@@ -4402,6 +4402,10 @@ mega_internal_command(adapter_t *adapter, megacmd_t *mc, mega_passthru *pthru) | |||
4402 | scb_t *scb; | 4402 | scb_t *scb; |
4403 | int rval; | 4403 | int rval; |
4404 | 4404 | ||
4405 | scmd = scsi_allocate_command(GFP_KERNEL); | ||
4406 | if (!scmd) | ||
4407 | return -ENOMEM; | ||
4408 | |||
4405 | /* | 4409 | /* |
4406 | * The internal commands share one command id and hence are | 4410 | * The internal commands share one command id and hence are |
4407 | * serialized. This is so because we want to reserve maximum number of | 4411 | * serialized. This is so because we want to reserve maximum number of |
@@ -4412,12 +4416,11 @@ mega_internal_command(adapter_t *adapter, megacmd_t *mc, mega_passthru *pthru) | |||
4412 | scb = &adapter->int_scb; | 4416 | scb = &adapter->int_scb; |
4413 | memset(scb, 0, sizeof(scb_t)); | 4417 | memset(scb, 0, sizeof(scb_t)); |
4414 | 4418 | ||
4415 | scmd = &adapter->int_scmd; | ||
4416 | memset(scmd, 0, sizeof(Scsi_Cmnd)); | ||
4417 | |||
4418 | sdev = kzalloc(sizeof(struct scsi_device), GFP_KERNEL); | 4419 | sdev = kzalloc(sizeof(struct scsi_device), GFP_KERNEL); |
4419 | scmd->device = sdev; | 4420 | scmd->device = sdev; |
4420 | 4421 | ||
4422 | memset(adapter->int_cdb, 0, sizeof(adapter->int_cdb)); | ||
4423 | scmd->cmnd = adapter->int_cdb; | ||
4421 | scmd->device->host = adapter->host; | 4424 | scmd->device->host = adapter->host; |
4422 | scmd->host_scribble = (void *)scb; | 4425 | scmd->host_scribble = (void *)scb; |
4423 | scmd->cmnd[0] = MEGA_INTERNAL_CMD; | 4426 | scmd->cmnd[0] = MEGA_INTERNAL_CMD; |
@@ -4456,6 +4459,8 @@ mega_internal_command(adapter_t *adapter, megacmd_t *mc, mega_passthru *pthru) | |||
4456 | 4459 | ||
4457 | mutex_unlock(&adapter->int_mtx); | 4460 | mutex_unlock(&adapter->int_mtx); |
4458 | 4461 | ||
4462 | scsi_free_command(GFP_KERNEL, scmd); | ||
4463 | |||
4459 | return rval; | 4464 | return rval; |
4460 | } | 4465 | } |
4461 | 4466 | ||
diff --git a/drivers/scsi/megaraid.h b/drivers/scsi/megaraid.h index ee70bd4ae4ba..795201fa0b48 100644 --- a/drivers/scsi/megaraid.h +++ b/drivers/scsi/megaraid.h | |||
@@ -888,8 +888,8 @@ typedef struct { | |||
888 | 888 | ||
889 | u8 sglen; /* f/w supported scatter-gather list length */ | 889 | u8 sglen; /* f/w supported scatter-gather list length */ |
890 | 890 | ||
891 | unsigned char int_cdb[MAX_COMMAND_SIZE]; | ||
891 | scb_t int_scb; | 892 | scb_t int_scb; |
892 | Scsi_Cmnd int_scmd; | ||
893 | struct mutex int_mtx; /* To synchronize the internal | 893 | struct mutex int_mtx; /* To synchronize the internal |
894 | commands */ | 894 | commands */ |
895 | struct completion int_waitq; /* wait queue for internal | 895 | struct completion int_waitq; /* wait queue for internal |