From 0f8436a23942a04378386a08f52befcec6b0dff5 Mon Sep 17 00:00:00 2001 From: scottl Date: Tue, 2 Jan 2007 04:12:34 +0000 Subject: Make sure that all of the fields in the header are clean. It was possible for unsafe flags to leak from one command to another. --- sys/dev/mfi/mfi.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'sys/dev/mfi') diff --git a/sys/dev/mfi/mfi.c b/sys/dev/mfi/mfi.c index 77a8e32..9a14eae 100644 --- a/sys/dev/mfi/mfi.c +++ b/sys/dev/mfi/mfi.c @@ -446,17 +446,21 @@ mfi_release_command(struct mfi_command *cm) /* * Zero out the important fields of the frame, but make sure the - * context field is preserved + * context field is preserved. For efficiency, handle the fields + * as 32 bit words. Clear out the first S/G entry too for safety. */ - hdr_data = (uint32_t *)cm->cm_frame; - hdr_data[0] = 0; - hdr_data[1] = 0; - hdr = &cm->cm_frame->header; if (hdr->sg_count) { cm->cm_sg->sg32[0].len = 0; cm->cm_sg->sg32[0].addr = 0; } + + hdr_data = (uint32_t *)cm->cm_frame; + hdr_data[0] = 0; /* cmd, sense_len, cmd_status, scsi_status */ + hdr_data[1] = 0; /* target_id, lun_id, cdb_len, sg_count */ + hdr_data[4] = 0; /* flags, timeout */ + hdr_data[5] = 0; /* data_len */ + cm->cm_extra_frames = 0; cm->cm_flags = 0; cm->cm_complete = NULL; -- cgit v1.1