From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: aliguori@us.ibm.com, qemu-stable@nongnu.org
Subject: [Qemu-devel] [PATCH 09/56] Fix iSCSI crash on SG_IO with an iovector
Date: Tue, 13 Aug 2013 10:10:33 -0500 [thread overview]
Message-ID: <1376406680-16302-10-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1376406680-16302-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Don't assume that SG_IO is always invoked with a simple buffer,
check the iovec_count and if it is >= 1 then we need to pass an array
of iovectors to libiscsi instead of just a plain buffer.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 0a53f010745635c39a83756a948df60a84e88fe5)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
block/iscsi.c | 51 ++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 44 insertions(+), 7 deletions(-)
diff --git a/block/iscsi.c b/block/iscsi.c
index 0bbf0b1..fa5252c 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -32,6 +32,7 @@
#include "block/block_int.h"
#include "trace.h"
#include "block/scsi.h"
+#include "qemu/iov.h"
#include <iscsi/iscsi.h>
#include <iscsi/scsi-lowlevel.h>
@@ -651,6 +652,9 @@ iscsi_aio_ioctl_cb(struct iscsi_context *iscsi, int status,
{
IscsiAIOCB *acb = opaque;
+ g_free(acb->buf);
+ acb->buf = NULL;
+
if (acb->canceled != 0) {
return;
}
@@ -727,14 +731,30 @@ static BlockDriverAIOCB *iscsi_aio_ioctl(BlockDriverState *bs,
memcpy(&acb->task->cdb[0], acb->ioh->cmdp, acb->ioh->cmd_len);
acb->task->expxferlen = acb->ioh->dxfer_len;
+ data.size = 0;
if (acb->task->xfer_dir == SCSI_XFER_WRITE) {
- data.data = acb->ioh->dxferp;
- data.size = acb->ioh->dxfer_len;
+ if (acb->ioh->iovec_count == 0) {
+ data.data = acb->ioh->dxferp;
+ data.size = acb->ioh->dxfer_len;
+ } else {
+#if defined(LIBISCSI_FEATURE_IOVECTOR)
+ scsi_task_set_iov_out(acb->task,
+ (struct scsi_iovec *) acb->ioh->dxferp,
+ acb->ioh->iovec_count);
+#else
+ struct iovec *iov = (struct iovec *)acb->ioh->dxferp;
+
+ acb->buf = g_malloc(acb->ioh->dxfer_len);
+ data.data = acb->buf;
+ data.size = iov_to_buf(iov, acb->ioh->iovec_count, 0,
+ acb->buf, acb->ioh->dxfer_len);
+#endif
+ }
}
+
if (iscsi_scsi_command_async(iscsi, iscsilun->lun, acb->task,
iscsi_aio_ioctl_cb,
- (acb->task->xfer_dir == SCSI_XFER_WRITE) ?
- &data : NULL,
+ (data.size > 0) ? &data : NULL,
acb) != 0) {
scsi_free_scsi_task(acb->task);
qemu_aio_release(acb);
@@ -743,9 +763,26 @@ static BlockDriverAIOCB *iscsi_aio_ioctl(BlockDriverState *bs,
/* tell libiscsi to read straight into the buffer we got from ioctl */
if (acb->task->xfer_dir == SCSI_XFER_READ) {
- scsi_task_add_data_in_buffer(acb->task,
- acb->ioh->dxfer_len,
- acb->ioh->dxferp);
+ if (acb->ioh->iovec_count == 0) {
+ scsi_task_add_data_in_buffer(acb->task,
+ acb->ioh->dxfer_len,
+ acb->ioh->dxferp);
+ } else {
+#if defined(LIBISCSI_FEATURE_IOVECTOR)
+ scsi_task_set_iov_in(acb->task,
+ (struct scsi_iovec *) acb->ioh->dxferp,
+ acb->ioh->iovec_count);
+#else
+ int i;
+ for (i = 0; i < acb->ioh->iovec_count; i++) {
+ struct iovec *iov = (struct iovec *)acb->ioh->dxferp;
+
+ scsi_task_add_data_in_buffer(acb->task,
+ iov[i].iov_len,
+ iov[i].iov_base);
+ }
+#endif
+ }
}
iscsi_set_events(iscsilun);
--
1.7.9.5
next prev parent reply other threads:[~2013-08-13 15:12 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-13 15:10 [Qemu-devel] Patch Round-up for stable 1.5.3, freeze on 2013-08-16 Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 01/56] s390/virtio-ccw: Fix virtio reset Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 02/56] arm/boot: Free dtb blob memory after use Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 03/56] ppc: do not register IABR SPR twice for 603e Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 04/56] qxl: Fix QXLRam initialisation Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 05/56] virtio-scsi: forward scsibus for virtio-scsi-pci Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 06/56] acl: acl_add can't insert before last list element, fix Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 07/56] usb-host-libusb: set USB_DEV_FLAG_IS_HOST Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 08/56] s390/ipl: Fix boot order Michael Roth
2013-08-13 15:10 ` Michael Roth [this message]
2013-08-13 15:10 ` [Qemu-devel] [PATCH 10/56] block/ssh: Set bdrv_has_zero_init according to the file type Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 11/56] gluster: Return bdrv_has_zero_init = 0 Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 12/56] vmdk: remove wrong calculation of relative path Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 13/56] Revert "migration: do not sent zero pages in bulk stage" Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 14/56] migration: do not overwrite zero pages Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 15/56] raw-posix: Fix /dev/cdrom magic on OS X Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 16/56] kvmclock: clock should count only if vm is running Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 17/56] qemu-char: Fix ID reuse after chardev-remove for qapi-based init Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 18/56] target-cris: gen_intermediate_code_internal() should be inlined Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 19/56] target-lm32: " Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 20/56] target-microblaze: " Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 21/56] target-moxie: " Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 22/56] target-xtensa: " Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 23/56] block: fix bdrv_flush() ordering in bdrv_close() Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 24/56] target-openrisc: Fix typename in openrisc_cpu_class_by_name() Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 25/56] qom: Fix class cast of NULL classes Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 26/56] seccomp: add the asynchronous I/O syscalls to the whitelist Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 27/56] qapi: qapi-commands: fix possible leaks on visitor dealloc Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 28/56] ahci: Fix FLUSH command Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 29/56] iscsi: fix -ENOSPC in iscsi_create() Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 30/56] iscsi: remove support for misaligned nb_sectors in aio_readv Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 31/56] iscsi: assert that sectors are aligned to LUN blocksize Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 32/56] block: Add return value for bdrv_flush_all() Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 33/56] cpus: Add return value for vm_stop() Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 34/56] cpus: Let vm_stop[_force_state]() always flush block devices Michael Roth
2013-08-13 15:10 ` [Qemu-devel] [PATCH 35/56] megasas: Legacy command line handling fix Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 36/56] gtk: don't use g_object_unref on GdkCursor Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 37/56] gtk: Fix compiler warning (GTK 3 deprecated function) Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 38/56] dataplane: refuse to start if device is already in use Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 39/56] xhci: handle USB_RET_IOERROR Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 40/56] qemu-char: Register ring buffer driver with correct name "ringbuf" Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 41/56] qapi: Rename ChardevBackend member "memory" to "ringbuf" Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 42/56] virtio-console: Use exitfn for virtserialport, too Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 43/56] pci-bridge: update mappings for migration/restore Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 44/56] xhci: fix segfault Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 45/56] chardev: fix CHR_EVENT_OPENED events for mux chardevs Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 46/56] seccomp: add arch_prctl() to the syscall whitelist Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 47/56] seccomp: add additional asynchronous I/O syscalls Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 48/56] iov: handle EOF in iov_send_recv Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 49/56] target-i386: Fix X86CPU error handling Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 50/56] ignore SIGPIPE in qemu-img and qemu-io Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 51/56] semaphore: fix a hangup problem under load on NetBSD hosts Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 52/56] Bugfix for loading multiboot kernels Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 53/56] i82801b11: Fix i82801b11 PCI host bridge config space Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 54/56] dataplane: sync virtio.c and vring.c virtqueue state Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 55/56] virtio: clear signalled_used_valid when switching from dataplane Michael Roth
2013-08-13 15:11 ` [Qemu-devel] [PATCH 56/56] vhost: clear signalled_used_valid on vhost stop Michael Roth
2013-08-14 4:05 ` [Qemu-devel] [Qemu-stable] Patch Round-up for stable 1.5.3, freeze on 2013-08-16 Doug Goldstein
2013-08-14 15:02 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1376406680-16302-10-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).