From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43864)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <nikunj@linux.vnet.ibm.com>) id 1VDskx-0006Q9-G9
	for qemu-devel@nongnu.org; Mon, 26 Aug 2013 05:06:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <nikunj@linux.vnet.ibm.com>) id 1VDsko-0003kM-58
	for qemu-devel@nongnu.org; Mon, 26 Aug 2013 05:06:39 -0400
Received: from e28smtp05.in.ibm.com ([122.248.162.5]:50220)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <nikunj@linux.vnet.ibm.com>) id 1VDskn-0003jS-CP
	for qemu-devel@nongnu.org; Mon, 26 Aug 2013 05:06:30 -0400
Received: from /spool/local
	by e28smtp05.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <nikunj@linux.vnet.ibm.com>;
	Mon, 26 Aug 2013 14:29:51 +0530
From: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
In-Reply-To: <1377497959.3819.36.camel@pasglop>
References: <1377249737-12570-1-git-send-email-aik@ozlabs.ru>
	<24C2B209-2082-4AF8-A8FB-1FF8A8B7751B@suse.de>
	<1377468637.3819.27.camel@pasglop>
	<87vc2tysur.fsf@linux.vnet.ibm.com>
	<1377497959.3819.36.camel@pasglop>
Date: Mon, 26 Aug 2013 14:36:17 +0530
Message-ID: <87li3ozura.fsf@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Qemu-devel] [PATCH] spapr-vscsi: Adding VSCSI capabilities
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>, Paolo Bonzini <pbonzini@redhat.com>, qemu-ppc@nongnu.org, Alexander Graf <agraf@suse.de>, qemu-devel@nongnu.org

Benjamin Herrenschmidt <benh@kernel.crashing.org> writes:

> On Mon, 2013-08-26 at 10:02 +0530, Nikunj A Dadhania wrote:
>
>> 
>> From: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
>> 
>> This implements capabilities exchange between host and client.
>> As at the moment no capability is supported, put zero flags everywhere
>> and return.
>> 
>> Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
>> ---
>>  hw/scsi/spapr_vscsi.c | 37 +++++++++++++++++++++++++++++++++++++
>>  1 file changed, 37 insertions(+)
>> 
>> diff --git a/hw/scsi/spapr_vscsi.c b/hw/scsi/spapr_vscsi.c
>> index e9090e5..fae3644 100644
>> --- a/hw/scsi/spapr_vscsi.c
>> +++ b/hw/scsi/spapr_vscsi.c
>> @@ -858,6 +858,40 @@ static int vscsi_send_adapter_info(VSCSIState *s, vscsi_req *req)
>>      return vscsi_send_iu(s, req, sizeof(*sinfo), VIOSRP_MAD_FORMAT);
>>  }
>>  
>> +static int vscsi_send_capabilities(VSCSIState *s, vscsi_req *req)
>> +{
>> +    struct viosrp_capabilities *vcap;
>> +    struct capabilities cap;
>> +    uint16_t len = 0;
>
> The above initialization isn't useful
>
>> +    int rc = true;
>> +
>> +    vcap = &req->iu.mad.capabilities;
>> +    len = be16_to_cpu(vcap->common.length);
>> +    if (len > sizeof(&cap)) {
>                         ^ Ugh ? Why the & here ?

Oops, got that wrong.

>
>> +        fprintf(stderr, "vscsi_send_capabilities: size out of bound !\n");
>> +        goto error_out;
>> +    }
>
> I am not 100% familiar with the protocol, could it be that we should
> just read sizeof(cap) instead of erroring out or is there no way it
> can be correct and have a len too long ?

If the length is incorrect, can we trust whether cap is correct or is of
the type we are expecting?