aboutsummaryrefslogtreecommitdiffstats
path: root/drivers
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2012-09-07 11:30:32 -0400
committerNicholas Bellinger <nab@linux-iscsi.org>2012-09-07 14:04:08 -0400
commit306c11b28d7bb85a7adda741798a2b6b60dd305a (patch)
tree65639a992a1bf2ec8abc1836f935b0e67d634da5 /drivers
parentd5829eac5f7cfff89c6d1cf11717eee97cf030d0 (diff)
target: go through normal processing for zero-length PSCSI commands
Right now, commands with a zero-size payload are skipped completely. This is wrong; such commands should be passed down to the device and processed normally. For physical backends, this ignores completely things such as START STOP UNIT. For virtual backends, we have a hack in place to clear a unit attention state on a zero-size REQUEST SENSE, but we still do not report errors properly on zero-length commands---out-of-bounds 0-block reads and writes, too small parameter list lengths, etc. This patch fixes this for PSCSI. Uses of transport_kmap_data_sg are guarded with a check for non-zero cmd->data_length; for all other commands a zero length is handled properly in pscsi_execute_cmd. The sole exception will be for now REPORT LUNS, which is handled through the normal SPC emulation. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Diffstat (limited to 'drivers')
-rw-r--r--drivers/target/target_core_pscsi.c8
-rw-r--r--drivers/target/target_core_transport.c4
2 files changed, 7 insertions, 5 deletions
diff --git a/drivers/target/target_core_pscsi.c b/drivers/target/target_core_pscsi.c
index 5f7151d90344..9d7ce3daa262 100644
--- a/drivers/target/target_core_pscsi.c
+++ b/drivers/target/target_core_pscsi.c
@@ -688,11 +688,11 @@ static void pscsi_transport_complete(struct se_cmd *cmd, struct scatterlist *sg,
688 * Hack to make sure that Write-Protect modepage is set if R/O mode is 688 * Hack to make sure that Write-Protect modepage is set if R/O mode is
689 * forced. 689 * forced.
690 */ 690 */
691 if (!cmd->se_deve || !cmd->data_length)
692 goto after_mode_sense;
693
691 if (((cdb[0] == MODE_SENSE) || (cdb[0] == MODE_SENSE_10)) && 694 if (((cdb[0] == MODE_SENSE) || (cdb[0] == MODE_SENSE_10)) &&
692 (status_byte(result) << 1) == SAM_STAT_GOOD) { 695 (status_byte(result) << 1) == SAM_STAT_GOOD) {
693 if (!cmd->se_deve)
694 goto after_mode_sense;
695
696 if (cmd->se_deve->lun_flags & TRANSPORT_LUNFLAGS_READ_ONLY) { 696 if (cmd->se_deve->lun_flags & TRANSPORT_LUNFLAGS_READ_ONLY) {
697 unsigned char *buf = transport_kmap_data_sg(cmd); 697 unsigned char *buf = transport_kmap_data_sg(cmd);
698 698
@@ -709,7 +709,7 @@ static void pscsi_transport_complete(struct se_cmd *cmd, struct scatterlist *sg,
709 } 709 }
710after_mode_sense: 710after_mode_sense:
711 711
712 if (sd->type != TYPE_TAPE) 712 if (sd->type != TYPE_TAPE || !cmd->data_length)
713 goto after_mode_select; 713 goto after_mode_select;
714 714
715 /* 715 /*
diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c
index 8a29e3fd0195..7ddb0c33f644 100644
--- a/drivers/target/target_core_transport.c
+++ b/drivers/target/target_core_transport.c
@@ -2300,7 +2300,9 @@ int transport_generic_new_cmd(struct se_cmd *cmd)
2300 * into the fabric for data transfers, go ahead and complete it right 2300 * into the fabric for data transfers, go ahead and complete it right
2301 * away. 2301 * away.
2302 */ 2302 */
2303 if (!cmd->data_length) { 2303 if (!cmd->data_length &&
2304 (cmd->se_dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV ||
2305 cmd->t_task_cdb[0] == REPORT_LUNS) {
2304 spin_lock_irq(&cmd->t_state_lock); 2306 spin_lock_irq(&cmd->t_state_lock);
2305 cmd->t_state = TRANSPORT_COMPLETE; 2307 cmd->t_state = TRANSPORT_COMPLETE;
2306 cmd->transport_state |= CMD_T_ACTIVE; 2308 cmd->transport_state |= CMD_T_ACTIVE;