Skip to content

L
linux
Commit 554617b2 authored by Andy Grover's avatar Andy Grover Committed by Nicholas Bellinger
Browse files
Options

target/user: Return an error if cmd data size is too large 

Userspace should be implementing VPD B0 (Block Limits) to inform the
initiator of max data size, but just in case we do get a too-large request,
do what the spec says and return INVALID_CDB_FIELD.

Make sure to unlock udev->cmdr_lock before returning.
Signed-off-by: default avatarAndy Grover <agrover@redhat.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Reviewed-by: default avatarMike Christie <mchristi@redhat.com>
Signed-off-by: default avatarNicholas Bellinger <nab@linux-iscsi.org>
parent 02eb924f
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 3 deletions
drivers/target/target_core_user.c
View file @ 554617b2
......@@ -433,11 +433,14 @@ tcmu_queue_cmd_ring(struct tcmu_cmd *tcmu_cmd)
BUG_ON(!(se_cmd->t_bidi_data_sg && se_cmd->t_bidi_data_nents));
data_length += se_cmd->t_bidi_data_sg->length;
}
if ((command_size > (udev->cmdr_size / 2))
|| data_length > udev->data_size)
pr_warn("TCMU: Request of size %zu/%zu may be too big for %u/%zu "
if ((command_size > (udev->cmdr_size / 2)) ||
data_length > udev->data_size) {
pr_warn("TCMU: Request of size %zu/%zu is too big for %u/%zu "
"cmd/data ring buffers\n", command_size, data_length,
udev->cmdr_size, udev->data_size);
spin_unlock_irq(&udev->cmdr_lock);
return TCM_INVALID_CDB_FIELD;
}
while (!is_ring_space_avail(udev, command_size, data_length)) {
int ret;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7