| Message ID | 1437437534-17931-1-git-send-email-sbaugh@catern.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 7/21/2015 3:12 AM, Spencer Baugh wrote: > From: Alexei Potashnik <alexei@purestorage.com> > > Current implementation assumes that all the buffers of an IO are linked > with a single SG list. Which makes it fail if SG chaining is used. > > Signed-off-by: Alexei Potashnik <alexei@purestorage.com> > --- > drivers/target/iscsi/iscsi_target.c | 9 ++++----- > 1 file changed, 4 insertions(+), 5 deletions(-) > > diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c > index 4e68b62..a4cf58c 100644 > --- a/drivers/target/iscsi/iscsi_target.c > +++ b/drivers/target/iscsi/iscsi_target.c > @@ -1209,7 +1209,6 @@ static u32 iscsit_do_crypto_hash_sg( > u8 *pad_bytes) > { > u32 data_crc; > - u32 i; > struct scatterlist *sg; > unsigned int page_off; > > @@ -1218,15 +1217,15 @@ static u32 iscsit_do_crypto_hash_sg( > sg = cmd->first_data_sg; > page_off = cmd->first_data_sg_off; > > - i = 0; > while (data_length) { > - u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off)); > + u32 cur_len = min_t(u32, data_length, (sg->length - page_off)); > > - crypto_hash_update(hash, &sg[i], cur_len); > + crypto_hash_update(hash, sg, cur_len); > > data_length -= cur_len; > page_off = 0; > - i++; > + /* iscsit_map_iovec has already checked for invalid sg pointers */ > + sg = sg_next(sg); > } > > if (padding) { > How were you able to get a chained SG list in the target code? In any event, looks good, Reviewed-by: Sagi Grimberg <sagig@mellanox.com> -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Jul 21, 2015 at 1:57 AM, Sagi Grimberg <sagig@dev.mellanox.co.il> wrote:
> How were you able to get a chained SG list in the target code?
Local hack. So this bug can't be hit in current mainline code, but
patch improves the code and removes a hidden booby-trap, so I think it
makes sense to apply.
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, 2015-07-21 at 18:38 -0700, Roland Dreier wrote: > On Tue, Jul 21, 2015 at 1:57 AM, Sagi Grimberg <sagig@dev.mellanox.co.il> wrote: > > How were you able to get a chained SG list in the target code? > > Local hack. So this bug can't be hit in current mainline code, but > patch improves the code and removes a hidden booby-trap, so I think it > makes sense to apply. > -- Applied to target-pending/for-next. Thanks Roland & Co. -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c index 4e68b62..a4cf58c 100644 --- a/drivers/target/iscsi/iscsi_target.c +++ b/drivers/target/iscsi/iscsi_target.c @@ -1209,7 +1209,6 @@ static u32 iscsit_do_crypto_hash_sg( u8 *pad_bytes) { u32 data_crc; - u32 i; struct scatterlist *sg; unsigned int page_off; @@ -1218,15 +1217,15 @@ static u32 iscsit_do_crypto_hash_sg( sg = cmd->first_data_sg; page_off = cmd->first_data_sg_off; - i = 0; while (data_length) { - u32 cur_len = min_t(u32, data_length, (sg[i].length - page_off)); + u32 cur_len = min_t(u32, data_length, (sg->length - page_off)); - crypto_hash_update(hash, &sg[i], cur_len); + crypto_hash_update(hash, sg, cur_len); data_length -= cur_len; page_off = 0; - i++; + /* iscsit_map_iovec has already checked for invalid sg pointers */ + sg = sg_next(sg); } if (padding) {