[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] Re: [PATCH] scsi-disk: add data direction checking
|
From: |
Stefan Hajnoczi |
|
Subject: |
[Qemu-devel] Re: [PATCH] scsi-disk: add data direction checking |
|
Date: |
Tue, 23 Nov 2010 10:20:56 +0000 |
On Tue, Nov 23, 2010 at 10:12 AM, Hannes Reinecke <address@hidden> wrote:
> On 11/23/2010 11:03 AM, Stefan Hajnoczi wrote:
>> On Mon, Nov 22, 2010 at 10:15 AM, Hannes Reinecke <address@hidden> wrote:
>>> @@ -172,6 +170,9 @@ static void scsi_read_data(SCSIRequest *req)
>>> /* No data transfer may already be in progress */
>>> assert(r->req.aiocb == NULL);
>>>
>>> + if (r->req.cmd.mode == SCSI_XFER_TO_DEV)
>>> + BADF("Data transfer direction invalid\n");
>>> +
>>> if (r->sector_count == (uint32_t)-1) {
>>> DPRINTF("Read buf_len=%zd\n", r->iov[0].iov_len);
>>> r->sector_count = 0;
>>> @@ -284,6 +285,9 @@ static int scsi_write_data(SCSIRequest *req)
>>> /* No data transfer may already be in progress */
>>> assert(r->req.aiocb == NULL);
>>>
>>> + if (r->req.cmd.mode != SCSI_XFER_TO_DEV)
>>> + BADF("Data transfer direction invalid\n");
>>> +
>>> n = iov_size(r->iov, r->iov_num) / 512;
>>> if (n) {
>>> qemu_iovec_init_external(&r->qiov, r->iov, r->iov_num);
>>
>> If the guest can trigger this then there must be a SCSI response (an
>> error?). Right now BADF() will do fprintf(stderr) and then continue
>> executing.
>>
>> Can we abort the operation?
>>
> I've done a patch for it as per suggestion by hch.
> Right now we have
>
> if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
> DPRINTF("Data transfer direction invalid\n");
> scsi_read_complete(r, -EINVAL);
> return;
> }
>
> and -EINVAL will return the sense code 'INVALID FIELD IN CDB'.
> Will be in the next patchset.
Sounds good.
Stefan