target: go through normal processing for zero-length PSCSI commands
Right now, commands with a zero-size payload are skipped completely. This is wrong; such commands should be passed down to the device and processed normally. For physical backends, this ignores completely things such as START STOP UNIT. For virtual backends, we have a hack in place to clear a unit attention state on a zero-size REQUEST SENSE, but we still do not report errors properly on zero-length commands---out-of-bounds 0-block reads and writes, too small parameter list lengths, etc. This patch fixes this for PSCSI. Uses of transport_kmap_data_sg are guarded with a check for non-zero cmd->data_length; for all other commands a zero length is handled properly in pscsi_execute_cmd. The sole exception will be for now REPORT LUNS, which is handled through the normal SPC emulation. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This commit is contained in:
Родитель
d5829eac5f
Коммит
306c11b28d
|
@ -688,11 +688,11 @@ static void pscsi_transport_complete(struct se_cmd *cmd, struct scatterlist *sg,
|
|||
* Hack to make sure that Write-Protect modepage is set if R/O mode is
|
||||
* forced.
|
||||
*/
|
||||
if (!cmd->se_deve || !cmd->data_length)
|
||||
goto after_mode_sense;
|
||||
|
||||
if (((cdb[0] == MODE_SENSE) || (cdb[0] == MODE_SENSE_10)) &&
|
||||
(status_byte(result) << 1) == SAM_STAT_GOOD) {
|
||||
if (!cmd->se_deve)
|
||||
goto after_mode_sense;
|
||||
|
||||
if (cmd->se_deve->lun_flags & TRANSPORT_LUNFLAGS_READ_ONLY) {
|
||||
unsigned char *buf = transport_kmap_data_sg(cmd);
|
||||
|
||||
|
@ -709,7 +709,7 @@ static void pscsi_transport_complete(struct se_cmd *cmd, struct scatterlist *sg,
|
|||
}
|
||||
after_mode_sense:
|
||||
|
||||
if (sd->type != TYPE_TAPE)
|
||||
if (sd->type != TYPE_TAPE || !cmd->data_length)
|
||||
goto after_mode_select;
|
||||
|
||||
/*
|
||||
|
|
|
@ -2300,7 +2300,9 @@ int transport_generic_new_cmd(struct se_cmd *cmd)
|
|||
* into the fabric for data transfers, go ahead and complete it right
|
||||
* away.
|
||||
*/
|
||||
if (!cmd->data_length) {
|
||||
if (!cmd->data_length &&
|
||||
(cmd->se_dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV ||
|
||||
cmd->t_task_cdb[0] == REPORT_LUNS) {
|
||||
spin_lock_irq(&cmd->t_state_lock);
|
||||
cmd->t_state = TRANSPORT_COMPLETE;
|
||||
cmd->transport_state |= CMD_T_ACTIVE;
|
||||
|
|
Загрузка…
Ссылка в новой задаче