target: Fix WRITE_SAME_[16,32] number of blocks=0 case
Nicholas Bellinger [Sat, 7 May 2011 00:55:35 +0000 (17:55 -0700)]
This patch fixes the handling of WRITE_SAME_[16,32] emulation where a
WRITE_SAME_* CDB with number of blocks=0 was being rejected by SCSI
expected data transfer length overflow checking in target core.

It changes both CDB cases in transport_generic_cmd_sequencer() to use
dev->se_sub_dev->se_dev_attrib.block_size to match what sg_write_same
is sending us with --num=0.  It also fixes target_emulate_write_same()
to properly determine the num_blocks with --num=0 case to determine the
remaining range for dev->transport->do_discard().

Reported-by: Chris Greiveldinger <chris.greiveldinger@rnanetworks.com>
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org>

drivers/target/target_core_cdb.c
drivers/target/target_core_transport.c

index 95195d7..8d5a0fc 100644 (file)
@@ -1008,18 +1008,30 @@ target_emulate_unmap(struct se_task *task)
  * Note this is not used for TCM/pSCSI passthrough
  */
 static int
-target_emulate_write_same(struct se_task *task)
+target_emulate_write_same(struct se_task *task, int write_same32)
 {
        struct se_cmd *cmd = task->task_se_cmd;
        struct se_device *dev = cmd->se_dev;
-       sector_t lba = cmd->t_task.t_task_lba;
-       unsigned int range;
+       sector_t range, lba = cmd->t_task.t_task_lba;
+       unsigned int num_blocks;
        int ret;
+       /*
+        * Extract num_blocks from the WRITE_SAME_* CDB.  Then use the explict
+        * range when non zero is supplied, otherwise calculate the remaining
+        * range based on ->get_blocks() - starting LBA.
+        */
+       if (write_same32)
+               num_blocks = get_unaligned_be32(&cmd->t_task.t_task_cdb[28]);
+       else
+               num_blocks = get_unaligned_be32(&cmd->t_task.t_task_cdb[10]);
 
-       range = (cmd->data_length / dev->se_sub_dev->se_dev_attrib.block_size);
+       if (num_blocks != 0)
+               range = num_blocks;
+       else
+               range = (dev->transport->get_blocks(dev) - lba);
 
-       printk(KERN_INFO "WRITE_SAME UNMAP: LBA: %llu Range: %u\n",
-                        (unsigned long long)lba, range);
+       printk(KERN_INFO "WRITE_SAME UNMAP: LBA: %llu Range: %llu\n",
+                (unsigned long long)lba, (unsigned long long)range);
 
        ret = dev->transport->do_discard(dev, lba, range);
        if (ret < 0) {
@@ -1081,7 +1093,7 @@ transport_emulate_control_cdb(struct se_task *task)
                                        " for: %s\n", dev->transport->name);
                        return PYX_TRANSPORT_UNKNOWN_SAM_OPCODE;
                }
-               ret = target_emulate_write_same(task);
+               ret = target_emulate_write_same(task, 0);
                break;
        case VARIABLE_LENGTH_CMD:
                service_action =
@@ -1094,7 +1106,7 @@ transport_emulate_control_cdb(struct se_task *task)
                                        dev->transport->name);
                                return PYX_TRANSPORT_UNKNOWN_SAM_OPCODE;
                        }
-                       ret = target_emulate_write_same(task);
+                       ret = target_emulate_write_same(task, 1);
                        break;
                default:
                        printk(KERN_ERR "Unsupported VARIABLE_LENGTH_CMD SA:"
index a29f6d3..bf401da 100644 (file)
@@ -3132,7 +3132,12 @@ static int transport_generic_cmd_sequencer(
                        sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
                        if (sector_ret)
                                goto out_unsupported_cdb;
-                       size = transport_get_size(sectors, cdb, cmd);
+
+                       if (sectors != 0)
+                               size = transport_get_size(sectors, cdb, cmd);
+                       else
+                               size = dev->se_sub_dev->se_dev_attrib.block_size;
+
                        cmd->t_task.t_task_lba = get_unaligned_be64(&cdb[12]);
                        cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
 
@@ -3416,7 +3421,12 @@ static int transport_generic_cmd_sequencer(
                sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
                if (sector_ret)
                        goto out_unsupported_cdb;
-               size = transport_get_size(sectors, cdb, cmd);
+
+               if (sectors != 0)
+                       size = transport_get_size(sectors, cdb, cmd);
+               else
+                       size = dev->se_sub_dev->se_dev_attrib.block_size;
+
                cmd->t_task.t_task_lba = get_unaligned_be64(&cdb[2]);
                passthrough = (dev->transport->transport_type ==
                                TRANSPORT_PLUGIN_PHBA_PDEV);