This is a note to let you know that I've just added the patch titled
target: Fix reading of data length fields for UNMAP commands
to the 3.5-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
target-fix-reading-of-data-length-fields-for-unmap-commands.patch
and it can be found in the queue-3.5 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
From: Roland Dreier <[email protected]>
Date: Mon, 16 Jul 2012 15:34:23 -0700
Subject: target: Fix reading of data length fields for UNMAP commands
From: Roland Dreier <[email protected]>
commit 1a5fa4576ec8a462313c7516b31d7453481ddbe8 upstream.
The UNMAP DATA LENGTH and UNMAP BLOCK DESCRIPTOR DATA LENGTH fields
are in the unmap descriptor (the payload transferred to our data out
buffer), not in the CDB itself. Read them from the correct place in
target_emulated_unmap.
Signed-off-by: Roland Dreier <[email protected]>
Signed-off-by: Nicholas Bellinger <[email protected]>
[bwh: Backported to 3.2: adjust filename, context]
Signed-off-by: Ben Hutchings <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/target/target_core_cdb.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/drivers/target/target_core_cdb.c
+++ b/drivers/target/target_core_cdb.c
@@ -1013,7 +1013,6 @@ int target_emulate_unmap(struct se_cmd *
{
struct se_device *dev = cmd->se_dev;
unsigned char *buf, *ptr = NULL;
- unsigned char *cdb = &cmd->t_task_cdb[0];
sector_t lba;
unsigned int size = cmd->data_length, range;
int ret = 0, offset;
@@ -1029,11 +1028,12 @@ int target_emulate_unmap(struct se_cmd *
/* First UNMAP block descriptor starts at 8 byte offset */
offset = 8;
size -= 8;
- dl = get_unaligned_be16(&cdb[0]);
- bd_dl = get_unaligned_be16(&cdb[2]);
buf = transport_kmap_data_sg(cmd);
+ dl = get_unaligned_be16(&buf[0]);
+ bd_dl = get_unaligned_be16(&buf[2]);
+
ptr = &buf[offset];
pr_debug("UNMAP: Sub: %s Using dl: %hu bd_dl: %hu size: %hu"
" ptr: %p\n", dev->transport->name, dl, bd_dl, size, ptr);
Patches currently in stable-queue which might be from [email protected] are
queue-3.5/target-check-number-of-unmap-descriptors-against-our-limit.patch
queue-3.5/target-fix-possible-integer-underflow-in-unmap-emulation.patch
queue-3.5/target-add-range-checking-to-unmap-emulation.patch
queue-3.5/target-fix-reading-of-data-length-fields-for-unmap-commands.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
