summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Bellinger <nab@linux-iscsi.org>2012-11-02 05:43:03 +0400
committerNicholas Bellinger <nab@linux-iscsi.org>2012-11-07 08:55:46 +0400
commitfecae40abb1ae9218bdbaa8b8e30bfb5ae43f522 (patch)
tree3f804933534a773ff86664a81352ecf5bd4df868
parent3a3c5e4a672c5cd61cbdcedcd027312577f9ab7c (diff)
downloadlinux-fecae40abb1ae9218bdbaa8b8e30bfb5ae43f522.tar.xz
target: Fix incorrect starting offset after MODE_SENSE refactoring
This patch fixes a new off-by-one bug in the hardcoded starting offset of spc_emulate_modesense() code that causes BLOCK DESCRIPTOR to be incorrectly written within the MEDIUM TYPE buffer area of the mode parameter header. According to spc4r30, Section 7.5.4, BLOCK DESCRIPTOR for MODE_SENSE_10 starts at byte 3, and BLOCK_DESCRIPTOR for MODE_SENSE (6) starts at byte 2. (roland: add MODE DATA LENGTH + MEDIUM TYPE offset comment) Cc: Roland Dreier <roland@purestorage.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Douglas Gilbert <dgilbert@interlog.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
-rw-r--r--drivers/target/target_core_spc.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/drivers/target/target_core_spc.c b/drivers/target/target_core_spc.c
index 33022a3f31fc..f9c2bd02043c 100644
--- a/drivers/target/target_core_spc.c
+++ b/drivers/target/target_core_spc.c
@@ -870,8 +870,11 @@ static int spc_emulate_modesense(struct se_cmd *cmd)
} else {
buf = map_buf;
}
-
- length = ten ? 2 : 1;
+ /*
+ * Skip over MODE DATA LENGTH + MEDIUM TYPE fields to byte 3 for
+ * MODE_SENSE_10 and byte 2 for MODE_SENSE (6).
+ */
+ length = ten ? 3 : 2;
/* DEVICE-SPECIFIC PARAMETER */
if ((cmd->se_lun->lun_access & TRANSPORT_LUNFLAGS_READ_ONLY) ||