On Wed, 2011-11-16 at 08:58 -0500, Christoph Hellwig wrote: > On Wed, Nov 16, 2011 at 08:32:21AM +0000, Nicholas A. Bellinger wrote: > > From: Nicholas Bellinger <nab@xxxxxxxxxxxxxxx> > > > > This patch fixes iscsi-target handling of underflow where residual data is > > causing an OOPs by using the incorrect iscsi_cmd_t->data_length initially > > assigned in iscsit_allocate_se_cmd(). It resets iscsi_cmd_t->data_length > > from se_cmd_t->data_length after transport_generic_allocate_tasks() > > has been invoked in iscsit_handle_scsi_cmd() RX context, and converts > > iscsi_cmd->residual_count usage to access iscsi_cmd->se_cmd.residual_count > > to get the proper residual count set by target-core. > > Can't we simply call iscsi_cmd->data_length, too? It should always > be the same as the se_cmd->data_length. > Actually, the main issue is iscsi_cmd->data_length being different from se_cmd->data_length after the residual adjustment from target-core in transport_generic_alloc_tasks() -> transport_generic_cmd_sequencer(). So converting iscsi-target to use iscsi_cmd->se_cmd.data_length instead of iscsi_cmd->data_length would probably make the most sense here.. --nab -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
