From d81cb44726f050d7cf1be4afd9cb45d153b52066 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Mon, 17 Sep 2012 16:36:11 -0700 Subject: [PATCH] target: go through normal processing for all zero-length commands Yay, all users of transport_kmap_data_sg now check for a zero-length request and/or a too-small parameter list length. We can thus go through the normal emulation path even for such commands. This means that out-of-bounds reads and writes are now reported correctly even if they transfer 0 blocks. Other errors are also reported correctly. Testcase: sg_raw /dev/sdb 28 00 80 00 00 00 00 00 00 00 should fail with ILLEGAL REQUEST / LBA OUT OF RANGE sense does not fail without the patch (still wrong with the patch, but better: the ASC is INVALID FIELD IN CDB) Signed-off-by: Paolo Bonzini Signed-off-by: Nicholas Bellinger --- drivers/target/target_core_transport.c | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c index 3cc76ad14ce2..221f67f3427c 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -2289,23 +2289,6 @@ int transport_generic_new_cmd(struct se_cmd *cmd) if (ret < 0) goto out_fail; } - /* - * If this command doesn't have any payload and we don't have to call - * into the fabric for data transfers, go ahead and complete it right - * away. - */ - if (!cmd->data_length && - cmd->t_task_cdb[0] != REQUEST_SENSE && - cmd->se_dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) { - spin_lock_irq(&cmd->t_state_lock); - cmd->t_state = TRANSPORT_COMPLETE; - cmd->transport_state |= CMD_T_ACTIVE; - spin_unlock_irq(&cmd->t_state_lock); - - INIT_WORK(&cmd->work, target_complete_ok_work); - queue_work(target_completion_wq, &cmd->work); - return 0; - } atomic_inc(&cmd->t_fe_count); -- 2.34.1