diff options
| author | Nicholas Bellinger <nab@linux-iscsi.org> | 2013-11-25 17:53:57 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2014-01-09 15:24:20 -0500 |
| commit | 42ea20ee7fe958123981979da1c459160733dfdb (patch) | |
| tree | 230835f91ec9431506597ef26fd1ed91294cb151 | |
| parent | 0629b407e1855bd34f0b5feb9f9cbffd3416f0fd (diff) | |
iscsi-target: Fix-up all zero data-length CDBs with R/W_BIT set
commit 4454b66cb67f14c33cd70ddcf0ff4985b26324b7 upstream.
This patch changes special case handling for ISCSI_OP_SCSI_CMD
where an initiator sends a zero length Expected Data Transfer
Length (EDTL), but still sets the WRITE and/or READ flag bits
when no payload transfer is requested.
Many, many moons ago two special cases where added for an ancient
version of ESX that has long since been fixed, so instead of adding
a new special case for the reported bug with a Broadcom 57800 NIC,
go ahead and always strip off the incorrect WRITE + READ flag bits.
Also, avoid sending a reject here, as RFC-3720 does mandate this
case be handled without protocol error.
Reported-by: Witold Bazakbal <865perl@wp.pl>
Tested-by: Witold Bazakbal <865perl@wp.pl>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | drivers/target/iscsi/iscsi_target.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c index 4c1b8dbdcb36..b71a69750607 100644 --- a/drivers/target/iscsi/iscsi_target.c +++ b/drivers/target/iscsi/iscsi_target.c | |||
| @@ -838,24 +838,22 @@ int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd, | |||
| 838 | if (((hdr->flags & ISCSI_FLAG_CMD_READ) || | 838 | if (((hdr->flags & ISCSI_FLAG_CMD_READ) || |
| 839 | (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { | 839 | (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) { |
| 840 | /* | 840 | /* |
| 841 | * Vmware ESX v3.0 uses a modified Cisco Initiator (v3.4.2) | 841 | * From RFC-3720 Section 10.3.1: |
| 842 | * that adds support for RESERVE/RELEASE. There is a bug | 842 | * |
| 843 | * add with this new functionality that sets R/W bits when | 843 | * "Either or both of R and W MAY be 1 when either the |
| 844 | * neither CDB carries any READ or WRITE datapayloads. | 844 | * Expected Data Transfer Length and/or Bidirectional Read |
| 845 | * Expected Data Transfer Length are 0" | ||
| 846 | * | ||
| 847 | * For this case, go ahead and clear the unnecssary bits | ||
| 848 | * to avoid any confusion with ->data_direction. | ||
| 845 | */ | 849 | */ |
| 846 | if ((hdr->cdb[0] == 0x16) || (hdr->cdb[0] == 0x17)) { | 850 | hdr->flags &= ~ISCSI_FLAG_CMD_READ; |
| 847 | hdr->flags &= ~ISCSI_FLAG_CMD_READ; | 851 | hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; |
| 848 | hdr->flags &= ~ISCSI_FLAG_CMD_WRITE; | ||
| 849 | goto done; | ||
| 850 | } | ||
| 851 | 852 | ||
| 852 | pr_err("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" | 853 | pr_warn("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE" |
| 853 | " set when Expected Data Transfer Length is 0 for" | 854 | " set when Expected Data Transfer Length is 0 for" |
| 854 | " CDB: 0x%02x. Bad iSCSI Initiator.\n", hdr->cdb[0]); | 855 | " CDB: 0x%02x, Fixing up flags\n", hdr->cdb[0]); |
| 855 | return iscsit_add_reject_cmd(cmd, | ||
| 856 | ISCSI_REASON_BOOKMARK_INVALID, buf); | ||
| 857 | } | 856 | } |
| 858 | done: | ||
| 859 | 857 | ||
| 860 | if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && | 858 | if (!(hdr->flags & ISCSI_FLAG_CMD_READ) && |
| 861 | !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { | 859 | !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) { |