From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Subject: [Qemu-devel] [PULL 06/12] scsi-generic: Check sense key before request snooping and patching
Date: Sat, 20 Jul 2019 17:18:40 +0200 [thread overview]
Message-ID: <20190720151846.7450-7-pbonzini@redhat.com> (raw)
In-Reply-To: <20190720151846.7450-1-pbonzini@redhat.com>
From: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
When READ CAPACITY command completes, scsi_read_complete() function
snoops the command result and updates SCSIDevice members blocksize and
max_lba . However, this update is executed even when READ CAPACITY
command indicates an error in sense data. This causes unexpected
blocksize update with zero value for SCSI devices without
READ CAPACITY(10) command support and eventually results in a divide
by zero. An emulated device by TCMU-runner is an example of a device
that doesn't support READ CAPACITY(10) command.
To avoid the unexpected update, add sense key check in
scsi_read_complete() function. The function already checks the sense key
for VPD Block Limits emulation. Do the scsi_parse_sense_buf() call for
all requests rather than just for VPD Block Limits emulation, so that
blocksize and max_lba are only updated if READ CAPACITY returns zero
sense key.
Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
[Extend the check to all requests, not just READ CAPACITY]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/scsi/scsi-generic.c | 28 ++++++++++++++++------------
1 file changed, 16 insertions(+), 12 deletions(-)
diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index f07891b..c11a0c9 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -254,24 +254,28 @@ static void scsi_read_complete(void * opaque, int ret)
r->len = -1;
- /*
- * Check if this is a VPD Block Limits request that
- * resulted in sense error but would need emulation.
- * In this case, emulate a valid VPD response.
- */
- if (s->needs_vpd_bl_emulation && ret == 0 &&
- (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) &&
- r->req.cmd.buf[0] == INQUIRY &&
- (r->req.cmd.buf[1] & 0x01) &&
- r->req.cmd.buf[2] == 0xb0) {
+ if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
SCSISense sense =
scsi_parse_sense_buf(r->req.sense, r->io_header.sb_len_wr);
- if (sense.key == ILLEGAL_REQUEST) {
+
+ /*
+ * Check if this is a VPD Block Limits request that
+ * resulted in sense error but would need emulation.
+ * In this case, emulate a valid VPD response.
+ */
+ if (sense.key == ILLEGAL_REQUEST &&
+ s->needs_vpd_bl_emulation &&
+ r->req.cmd.buf[0] == INQUIRY &&
+ (r->req.cmd.buf[1] & 0x01) &&
+ r->req.cmd.buf[2] == 0xb0) {
len = scsi_generic_emulate_block_limits(r, s);
/*
- * No need to let scsi_read_complete go on and handle an
+ * It's okay to jup to req_complete: no need to
+ * let scsi_handle_inquiry_reply handle an
* INQUIRY VPD BL request we created manually.
*/
+ }
+ if (sense.key) {
goto req_complete;
}
}
--
1.8.3.1
next prev parent reply other threads:[~2019-07-20 15:19 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-20 15:18 [Qemu-devel] [PULL 00/12] Misc patches for QEMU 4.0-rc2 Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 01/12] target/i386: kvm: Demand nested migration kernel capabilities only when vCPU may have enabled VMX Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 02/12] target/i386: skip KVM_GET/SET_NESTED_STATE if VMX disabled, or for SVM Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 03/12] virtio-scsi: remove unused argument to virtio_scsi_common_realize Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 04/12] vhost-scsi: Call virtio_scsi_common_unrealize() when device realize failed Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 05/12] vhost-user-scsi: " Paolo Bonzini
2019-07-20 15:18 ` Paolo Bonzini [this message]
2019-07-20 15:18 ` [Qemu-devel] [PULL 07/12] test-bitmap: add test for bitmap_set Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 08/12] hmp: Print if memory section is registered with an accelerator Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 09/12] qmp: don't emit the RESET event on wakeup Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 10/12] build-sys: do no support modules on Windows Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 11/12] i386: indicate that 'pconfig' feature was removed intentionally Paolo Bonzini
2019-07-20 15:18 ` [Qemu-devel] [PULL 12/12] target/i386: sev: fix failed message typos Paolo Bonzini
2019-07-22 14:16 ` [Qemu-devel] [PULL 00/12] Misc patches for QEMU 4.0-rc2 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190720151846.7450-7-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=shinichiro.kawasaki@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).