summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNicholas Bellinger <nab@linux-iscsi.org>2012-08-08 02:14:13 +0200
committerNicholas Bellinger <nab@linux-iscsi.org>2012-08-17 08:36:55 +0200
commit1d2a2cd95ee0137a2353d1b5635739c281f27cd4 (patch)
treea5529f0b252c9f7d828c03ffa6920a94466ab57f
parenttcm_vhost: Change vhost_scsi_target->vhost_wwpn to char * (diff)
downloadlinux-1d2a2cd95ee0137a2353d1b5635739c281f27cd4.tar.xz
linux-1d2a2cd95ee0137a2353d1b5635739c281f27cd4.zip
target/pscsi: Fix bug with REPORT_LUNs handling for SCSI passthrough
This patch fixes a regression bug in pscsi_transport_complete() callback code where *pt was being NULL dereferenced during REPORT_LUNS handling, that was introduced with the spc/sbc refactoring in: commit 1fd032ee10d2816c947f5d5b9abda95e728f0a8f Author: Christoph Hellwig <hch@infradead.org> Date: Sun May 20 11:59:15 2012 -0400 target: move code for CDB emulation As this is a special case for pscsi_parse_cdb() to call spc_parse_cdb() to allow TCM to handle REPORT_LUN emulation, pscsi_plugin_task will have not been allocated.. So now in pscsi_transport_complete() just check for existence of *pt and return for this special case. Reported-by: Alex Elsayed <eternaleye+usenet@gmail.com> Cc: Alex Elsayed <eternaleye+usenet@gmail.com> Cc: Christoph Hellwig <hch@lst.de> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
-rw-r--r--drivers/target/target_core_pscsi.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/drivers/target/target_core_pscsi.c b/drivers/target/target_core_pscsi.c
index 6e32ff6f2fa0..5552fa7426bc 100644
--- a/drivers/target/target_core_pscsi.c
+++ b/drivers/target/target_core_pscsi.c
@@ -673,8 +673,15 @@ static int pscsi_transport_complete(struct se_cmd *cmd, struct scatterlist *sg)
struct scsi_device *sd = pdv->pdv_sd;
int result;
struct pscsi_plugin_task *pt = cmd->priv;
- unsigned char *cdb = &pt->pscsi_cdb[0];
+ unsigned char *cdb;
+ /*
+ * Special case for REPORT_LUNs handling where pscsi_plugin_task has
+ * not been allocated because TCM is handling the emulation directly.
+ */
+ if (!pt)
+ return 0;
+ cdb = &pt->pscsi_cdb[0];
result = pt->pscsi_result;
/*
* Hack to make sure that Write-Protect modepage is set if R/O mode is