ChangeSet 1.2062, 2005/02/17 11:59:58-08:00, [EMAIL PROTECTED]
[PATCH] ub: fix Add ioctls to ub patch
I am awfully sorry, but that patch contained a bug. The code dereferenced
cmd->back as if it were a pointer to a request even when it wasn't. It worked
by accident, because rq->flags overlapped with a zeroed memory in other case.
Here is a corrective patch.
Signed-off-by: Pete Zaitcev <[EMAIL PROTECTED]>
Signed-off-by: Greg Kroah-Hartman <[EMAIL PROTECTED]>
drivers/block/ub.c | 33 +++++++++++++++++----------------
1 files changed, 17 insertions(+), 16 deletions(-)
diff -Nru a/drivers/block/ub.c b/drivers/block/ub.c
--- a/drivers/block/ub.c 2005-02-17 12:20:15 -08:00
+++ b/drivers/block/ub.c 2005-02-17 12:20:15 -08:00
@@ -775,6 +775,12 @@
request_queue_t *q = disk->queue;
int uptodate;
+ if (blk_pc_request(rq)) {
+ /* UB_SENSE_SIZE is smaller than SCSI_SENSE_BUFFERSIZE */
+ memcpy(rq->sense, sc->top_sense, UB_SENSE_SIZE);
+ rq->sense_len = UB_SENSE_SIZE;
+ }
+
if (cmd->error == 0)
uptodate = 1;
else
@@ -833,6 +839,17 @@
bcb = &sc->work_bcb;
+ /*
+ * ``If the allocation length is eighteen or greater, and a device
+ * server returns less than eithteen bytes of data, the application
+ * client should assume that the bytes not transferred would have been
+ * zeroes had the device server returned those bytes.''
+ *
+ * We zero sense for all commands so that when a packet request
+ * fails it does not return a stale sense.
+ */
+ memset(&sc->top_sense, 0, UB_SENSE_SIZE);
+
/* set up the command wrapper */
bcb->Signature = cpu_to_le32(US_BULK_CB_SIGN);
bcb->Tag = cmd->tag; /* Endianness is not important */
@@ -938,7 +955,6 @@
{
struct urb *urb = &sc->work_urb;
struct bulk_cs_wrap *bcs;
- struct request *rq = cmd->back;
int pipe;
int rc;
@@ -1192,13 +1208,6 @@
(*cmd->done)(sc, cmd);
} else if (cmd->state == UB_CMDST_SENSE) {
- if (blk_pc_request(rq)) {
- /*
- * UB_SENSE_SIZE is smaller than SCSI_SENSE_BUFFERSIZE
- */
- memcpy(rq->sense, sc->top_sense, UB_SENSE_SIZE);
- rq->sense_len = UB_SENSE_SIZE;
- }
ub_state_done(sc, cmd, -EIO);
} else {
@@ -1283,14 +1292,6 @@
rc = -EPIPE;
goto error;
}
-
- /*
- * ``If the allocation length is eighteen or greater, and a device
- * server returns less than eithteen bytes of data, the application
- * client should assume that the bytes not transferred would have been
- * zeroes had the device server returned those bytes.''
- */
- memset(&sc->top_sense, 0, UB_SENSE_SIZE);
scmd = &sc->top_rqs_cmd;
scmd->cdb[0] = REQUEST_SENSE;
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&op=click
_______________________________________________
linux-usb-devel@lists.sourceforge.net
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
