diff options
author | Nicholas Bellinger <nab@linux-iscsi.org> | 2012-11-01 18:43:03 -0700 |
---|---|---|
committer | Nicholas Bellinger <nab@linux-iscsi.org> | 2012-11-06 20:55:46 -0800 |
commit | fecae40abb1ae9218bdbaa8b8e30bfb5ae43f522 (patch) | |
tree | 3f804933534a773ff86664a81352ecf5bd4df868 /drivers/target | |
parent | 3a3c5e4a672c5cd61cbdcedcd027312577f9ab7c (diff) | |
download | op-kernel-dev-fecae40abb1ae9218bdbaa8b8e30bfb5ae43f522.zip op-kernel-dev-fecae40abb1ae9218bdbaa8b8e30bfb5ae43f522.tar.gz |
target: Fix incorrect starting offset after MODE_SENSE refactoring
This patch fixes a new off-by-one bug in the hardcoded starting offset of
spc_emulate_modesense() code that causes BLOCK DESCRIPTOR to be incorrectly
written within the MEDIUM TYPE buffer area of the mode parameter header.
According to spc4r30, Section 7.5.4, BLOCK DESCRIPTOR for MODE_SENSE_10
starts at byte 3, and BLOCK_DESCRIPTOR for MODE_SENSE (6) starts at byte 2.
(roland: add MODE DATA LENGTH + MEDIUM TYPE offset comment)
Cc: Roland Dreier <roland@purestorage.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Diffstat (limited to 'drivers/target')
-rw-r--r-- | drivers/target/target_core_spc.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/drivers/target/target_core_spc.c b/drivers/target/target_core_spc.c index 33022a3..f9c2bd0 100644 --- a/drivers/target/target_core_spc.c +++ b/drivers/target/target_core_spc.c @@ -870,8 +870,11 @@ static int spc_emulate_modesense(struct se_cmd *cmd) } else { buf = map_buf; } - - length = ten ? 2 : 1; + /* + * Skip over MODE DATA LENGTH + MEDIUM TYPE fields to byte 3 for + * MODE_SENSE_10 and byte 2 for MODE_SENSE (6). + */ + length = ten ? 3 : 2; /* DEVICE-SPECIFIC PARAMETER */ if ((cmd->se_lun->lun_access & TRANSPORT_LUNFLAGS_READ_ONLY) || |