From 944981c7e106af2aa004847e9177497856630980 Mon Sep 17 00:00:00 2001 From: Nicholas Bellinger Date: Tue, 2 Oct 2012 14:00:33 -0700 Subject: [PATCH] target: Add control CDB READ payload zero work-around This patch carries forward a work-around from tcm_loop to target core code to explicitly clear control CDB READ paylods in order to avoid bugs in scsi-generic user-space code for INQUIRY that do not explicitly zero CDB payload memory. (v2: Drop TARGET_SCF_MAP_CLEAR_MEM, and perform the explicit zero of READ memory for all target_submit_cmd_map_sgls users) Cc: Christoph Hellwig Signed-off-by: Nicholas Bellinger --- drivers/target/target_core_transport.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c index d96d9aa3a496..c33baff86aa6 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -1539,6 +1539,27 @@ int target_submit_cmd_map_sgls(struct se_cmd *se_cmd, struct se_session *se_sess if (sgl_count != 0) { BUG_ON(!sgl); + /* + * A work-around for tcm_loop as some userspace code via + * scsi-generic do not memset their associated read buffers, + * so go ahead and do that here for type non-data CDBs. Also + * note that this is currently guaranteed to be a single SGL + * for this case by target core in target_setup_cmd_from_cdb() + * -> transport_generic_cmd_sequencer(). + */ + if (!(se_cmd->se_cmd_flags & SCF_SCSI_DATA_CDB) && + se_cmd->data_direction == DMA_FROM_DEVICE) { + unsigned char *buf = NULL; + + if (sgl) + buf = kmap(sg_page(sgl)) + sgl->offset; + + if (buf) { + memset(buf, 0, sgl->length); + kunmap(sg_page(sgl)); + } + } + rc = transport_generic_map_mem_to_cmd(se_cmd, sgl, sgl_count, sgl_bidi, sgl_bidi_count); if (rc != 0) {