[Qemu-devel] [PATCH 05/14] scsi: Specify the xfer direction for UNMAP and ATA_PASSTHROUGH commands

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Subject: [Qemu-devel] [PATCH 05/14] scsi: Specify the xfer direction for UNMAP and ATA_PASSTHROUGH commands
Date: Fri,  4 May 2012 10:45:45 +0200	[thread overview]
Message-ID: <1336121154-26517-6-git-send-email-pbonzini@redhat.com> (raw)
In-Reply-To: <1336121154-26517-1-git-send-email-pbonzini@redhat.com>

From: Ronnie Sahlberg <ronniesahlberg@gmail.com>

scsi_cmd_xfer_mode() is used to specify the xfer direction for SCSI
commands that come in from the guest.  If the direction is set incorrectly
this will eventually cause QEMU to kernel-panic the guest.

Add UNMAP and ATAPASSTHROUGH as commands that send data to the device.

Without this change, recent kernels will send both UNMAP as well
as ATAPASSTHROUGH commands to any /dev/sg* device, which due to the
incorrect xfer direction very quickly causes the guest kernel to crash.

Example causing a crash without the patch applied:

./x86_64-softmmu/qemu-system-x86_64 -m 1024 -enable-kvm -cdrom linuxmint-12-gnome-dvd-64bit.iso -drive file=/dev/sg4,if=scsi,bus=0,unit=6

Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 hw/scsi-bus.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 5640aae..08d5088 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -940,6 +940,7 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd)
     case WRITE_LONG_10:
     case WRITE_SAME_10:
     case WRITE_SAME_16:
+    case UNMAP:
     case SEARCH_HIGH_12:
     case SEARCH_EQUAL_12:
     case SEARCH_LOW_12:
@@ -949,6 +950,7 @@ static void scsi_cmd_xfer_mode(SCSICommand *cmd)
     case SEND_DVD_STRUCTURE:
     case PERSISTENT_RESERVE_OUT:
     case MAINTENANCE_OUT:
+    case ATA_PASSTHROUGH:
         cmd->mode = SCSI_XFER_TO_DEV;
         break;
     default:
-- 
1.7.9.3

next prev parent reply	other threads:[~2012-05-04  8:46 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-05-04  8:45 [Qemu-devel] [PULL 00/14] SCSI changes for 1.1 Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 01/14] ISCSI: Add support for thin-provisioning via discard/UNMAP and bigger LUNs Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 02/14] scsi: prevent data transfer overflow Paolo Bonzini
2012-05-04 16:28   ` Stefan Weil
2012-05-04 16:29     ` Paolo Bonzini
2012-05-04 16:51       ` Stefan Weil
2012-05-07 10:11         ` Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 03/14] scsi: fix refcounting for reads Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 04/14] scsi: fix WRITE SAME transfer length and direction Paolo Bonzini
2012-05-04  8:45 ` Paolo Bonzini [this message]
2012-05-04  8:45 ` [Qemu-devel] [PATCH 06/14] scsi: change "removable" field to host many features Paolo Bonzini
2012-05-04 16:30   ` Stefan Weil
2012-05-04 16:36     ` Paolo Bonzini
2012-05-04 16:49       ` Andreas Färber
2012-05-04  8:45 ` [Qemu-devel] [PATCH 07/14] scsi-disk: add dpofua property Paolo Bonzini
2012-05-04 16:32   ` Stefan Weil
2012-05-04  8:45 ` [Qemu-devel] [PATCH 08/14] scsi: do not report bogus overruns for commands in the 0x00-0x1F range Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 09/14] scsi: parse 16-byte tape CDBs Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 10/14] scsi: do not require a minimum allocation length for INQUIRY Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 11/14] scsi: do not require a minimum allocation length for REQUEST SENSE Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 12/14] scsi: set VALID bit to 0 in fixed format sense data Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 13/14] scsi: remove useless debug messages Paolo Bonzini
2012-05-04  8:45 ` [Qemu-devel] [PATCH 14/14] scsi: Add assertion for use-after-free errors Paolo Bonzini
2012-05-08 16:11 ` [Qemu-devel] [PULL 00/14] SCSI changes for 1.1 Anthony Liguori

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:5640aae dfblob:08d5088 )
 OR (
bs:"[Qemu-devel] [PATCH 05/14] scsi: Specify the xfer direction for UNMAP and ATA_PASSTHROUGH commands" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1336121154-26517-6-git-send-email-pbonzini@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=ronniesahlberg@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).