From: Philippe Mathieu-Daudé <[email protected]>
We are not ready to handle additional CDB data.
If a guest sends a packet with such additional data,
report the command parameter as not supported.
Specify a size (of 1 byte) for the add_cdb member we
are not using, to fix the following warning:
usb/dev-uas.c:157:31: error: field 'status' with variable sized type 'uas_iu'
not at the end of a struct or class is a GNU extension
[-Werror,-Wgnu-variable-sized-type-not-at-end]
uas_iu status;
^
Reported-by: Ed Maste <[email protected]>
Reported-by: Daniele Buono <[email protected]>
Reported-by: Han Han <[email protected]>
Reviewed-by: Eric Blake <[email protected]>
Signed-off-by: Philippe Mathieu-Daudé <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Gerd Hoffmann <[email protected]>
---
hw/usb/dev-uas.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
index cec071d96c49..a51402bc0bfd 100644
--- a/hw/usb/dev-uas.c
+++ b/hw/usb/dev-uas.c
@@ -16,6 +16,7 @@
#include "qemu/error-report.h"
#include "qemu/main-loop.h"
#include "qemu/module.h"
+#include "qemu/log.h"
#include "hw/usb.h"
#include "migration/vmstate.h"
@@ -70,7 +71,7 @@ typedef struct {
uint8_t reserved_2;
uint64_t lun;
uint8_t cdb[16];
- uint8_t add_cdb[];
+ uint8_t add_cdb[1]; /* not supported by QEMU */
} QEMU_PACKED uas_iu_command;
typedef struct {
@@ -700,6 +701,11 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu)
uint32_t len;
uint16_t tag = be16_to_cpu(iu->hdr.tag);
+ if (iu->command.add_cdb_length > 0) {
+ qemu_log_mask(LOG_UNIMP, "additional adb length not yet supported\n");
+ goto unsupported_len;
+ }
+
if (uas_using_streams(uas) && tag > UAS_MAX_STREAMS) {
goto invalid_tag;
}
@@ -735,6 +741,10 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu)
}
return;
+unsupported_len:
+ usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_PARAM_VALUE);
+ return;
+
invalid_tag:
usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_TAG);
return;
--
2.29.2
