| Message ID | 20190430115404.18483-1-pl@kamp.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [RESEND] megasas: fix mapped frame size | expand |
On 4/30/19 1:54 PM, Peter Lieven wrote: > the current value of 1024 bytes (16 * MFI_FRAME_SIZE) we map is not enough to hold > the maximum number of scatter gather elements we advertise. We actually need a > maximum of 2048 bytes. This is 128 max sg elements * 16 bytes (sizeof (union mfi_sgl)). Looking at megasas_map_sgl(), we indeed accept up to MEGASAS_MAX_SGE iov_count. Broken since ever then? Fixes: e8f943c3bcc2 > > Cc: qemu-stable@nongnu.org > Signed-off-by: Peter Lieven <pl@kamp.de> > Reviewed-by: Hannes Reinecke <hare@suse.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> > --- > hw/scsi/megasas.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c > index a56317e026..5ad762de23 100644 > --- a/hw/scsi/megasas.c > +++ b/hw/scsi/megasas.c > @@ -477,7 +477,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s, > { > PCIDevice *pcid = PCI_DEVICE(s); > MegasasCmd *cmd = NULL; > - int frame_size = MFI_FRAME_SIZE * 16; > + int frame_size = MEGASAS_MAX_SGE * sizeof(union mfi_sgl); > hwaddr frame_size_p = frame_size; > unsigned long index; > >
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c index a56317e026..5ad762de23 100644 --- a/hw/scsi/megasas.c +++ b/hw/scsi/megasas.c @@ -477,7 +477,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s, { PCIDevice *pcid = PCI_DEVICE(s); MegasasCmd *cmd = NULL; - int frame_size = MFI_FRAME_SIZE * 16; + int frame_size = MEGASAS_MAX_SGE * sizeof(union mfi_sgl); hwaddr frame_size_p = frame_size; unsigned long index;