From d0229ae3fed59b4009e33f836d9ad4e312294d46 Mon Sep 17 00:00:00 2001 From: Andy Grover <agrover@redhat.com> Date: Fri, 8 Jul 2011 17:04:53 -0700 Subject: [PATCH] target: Enforce 1 page max for control cdb buffer sizes Due to all cdbs' data buffers being referenced by scatterlists, buffers of more than a page are not contiguous. Instead of handling this in all control command handlers, we may be able to get away with just limiting control cdb data buffers to one page. The only control CDBs we handle that have potentially large data buffers are REPORT LUNS and UNMAP, so if we didn't want to live with this limitation, they would need to be modified to walk the pages in the data buffer's sgl. Signed-off-by: Andy Grover <agrover@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org> --- drivers/target/target_core_transport.c | 5 +++++ include/target/target_core_base.h | 1 + 2 files changed, 6 insertions(+) diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c index c681c812dd64..267113c1607c 100644 --- a/drivers/target/target_core_transport.c +++ b/drivers/target/target_core_transport.c @@ -3562,6 +3562,11 @@ static int transport_generic_cmd_sequencer( cmd->data_length = size; } + /* Let's limit control cdbs to a page, for simplicity's sake. */ + if ((cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB) && + size > PAGE_SIZE) + goto out_invalid_cdb_field; + transport_set_supported_SAM_opcode(cmd); return ret; diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h index f67ca98394d3..bb9ef9f715a3 100644 --- a/include/target/target_core_base.h +++ b/include/target/target_core_base.h @@ -15,6 +15,7 @@ /* Used by transport_generic_allocate_iovecs() */ #define TRANSPORT_IOV_DATA_BUFFER 5 /* Maximum Number of LUNs per Target Portal Group */ +/* Don't raise above 511 or REPORT_LUNS needs to handle >1 page */ #define TRANSPORT_MAX_LUNS_PER_TPG 256 /* * By default we use 32-byte CDBs in TCM Core and subsystem plugin code. -- GitLab