[ros-diffs] [mjmartin] 51752: [USBSTOR] - USBSTOR_SendRequest: The buffer for read/write may not be NonPagedPool, which is documented as a requirement for using MmBuildMdlForNonPagedPool. Also locking the buff...

Sun, 15 May 2011 01:23:47 -0700 

Author: mjmartin
Date: Sun May 15 08:23:32 2011
New Revision: 51752

URL: http://svn.reactos.org/svn/reactos?rev=51752&view=rev
Log:
[USBSTOR]
- USBSTOR_SendRequest: The buffer for read/write may not be NonPagedPool, which 
is documented as a requirement for using MmBuildMdlForNonPagedPool. Also 
locking the buffers pages is also not an option as the routine is called at 
DISPATCH_LEVEL.
It so happens that Irp->MdlAddress is valid for read/write operations. Use it 
instead of procedure above.
- Add a sanity check to make sure the Mdl does describe the transfer buffer.
Fixes IRQL_NOT_LESS_OR_EQUAL bugcheck in windows. These changes also may fixed 
writing to device.

Modified:
    branches/usb-bringup/drivers/usb/usbstor/scsi.c

Modified: branches/usb-bringup/drivers/usb/usbstor/scsi.c
URL: 
http://svn.reactos.org/svn/reactos/branches/usb-bringup/drivers/usb/usbstor/scsi.c?rev=51752&r1=51751&r2=51752&view=diff
==============================================================================
--- branches/usb-bringup/drivers/usb/usbstor/scsi.c [iso-8859-1] (original)
+++ branches/usb-bringup/drivers/usb/usbstor/scsi.c [iso-8859-1] Sun May 15 
08:23:32 2011
@@ -442,6 +442,7 @@
     PFDO_DEVICE_EXTENSION FDODeviceExtension;
     PIRP Irp;
     PIO_STACK_LOCATION IoStack;
+       PULONG MdlVirtualAddress;
 
     //
     // first allocate irp context
@@ -507,8 +508,18 @@
         //
         if (OriginalRequest)
         {
-            if (OriginalRequest->MdlAddress != NULL && Context->TransferData 
== NULL)
+            if ((OriginalRequest->MdlAddress != NULL) &&
+                       (Context->TransferData == NULL || Command[0] == 
SCSIOP_READ || Command[0] == SCSIOP_WRITE))
             {
+                               //
+                               // Sanity check that the Mdl does describe the 
TransferData for read/write
+                               //
+                               if (CommandLength == UFI_READ_WRITE_CMD_LEN)
+                               {
+                                       MdlVirtualAddress = 
MmGetMdlVirtualAddress(OriginalRequest->MdlAddress);
+                                       ASSERT(MdlVirtualAddress == 
Context->TransferData);
+                               }
+
                 //
                 // I/O paging request
                 //
@@ -1052,7 +1063,7 @@
         //
         Status = USBSTOR_SendModeSenseCmd(DeviceObject, Irp);
     }
-    else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ /*||  
pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE*/)
+    else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ ||  
pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE)
     {
         DPRINT1("SCSIOP_READ / SCSIOP_WRITE DataTransferLength %lu\n", 
Request->DataTransferLength);

Reply via email to