On Tue, 2011-10-18 at 17:34 -0700, Eric Seppanen wrote: > On Tue, Oct 18, 2011 at 5:16 PM, Nicholas A. Bellinger > <nab@xxxxxxxxxxxxxxx> wrote: > > On Tue, 2011-10-18 at 15:55 -0700, Eric Seppanen wrote: > >> From: Eric Seppanen <eric@xxxxxxxxxxxxxxx> > >> > >> While playing around with target loopback, I discovered that I could > >> panic the kernel on older target code with the command: > >> > >> sg_raw -vv -r 8 /dev/sda 12 00 00 00 24 00 > >> > >> This led to the discovery that transport_memcpy_write_contig() will > >> happily write off the end of the scatterlist, if the transport size > >> requested is smaller than the size produced by the CDB. > >> > >> Patch is against 3.0.7. I understand that 3.1-rc code has changed > >> significantly and this patch doesn't apply, but maybe there will be > >> interest in this for the stable series? > >> > >> Signed-off-by: Eric Seppanen <eric@xxxxxxxxxxxxxxx> > > > > Thanks alot for this patch Eric. > > > > In 3.1-rc, target-core has been converted to use struct scatterlist for > > all CDB types, so the transport_memcpy_[write,read]_contig() logic for > > mapping contiguous buffers to fabrics that only speak SGls has gone away > > completely. > > > > I'm happy to include this as a bugfix for <= v3.0 stable code. > > Just out of curiosity, is this only possible on loopback? Are there > any other transports that use this code? > In mainline <= v3.0 code, only tcm_fc(FCoE) w/ the DDP HW offload enabled is going to use this code. --nab -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
