From: Chad Dupuis <cdupuis@redhat.com>
Date: Fri, 3 Sep 2010 21:40:10 -0400
Subject: [scsi] qla2xxx: correct extended sense-data handling
Message-id: <20100903214010.2767.10540.sendpatchset@localhost.localdomain>
Patchwork-id: 28145
O-Subject: [RHEL 5.6 PATCH 3/9] qla2xxx: Correct extended sense-data handling.
Bugzilla: 619814
RH-Acked-by: Rob Evers <revers@redhat.com>
Bugzilla
--------
Bug 619814 (https://bugzilla.redhat.com/show_bug.cgi?id=619814)
Upstream Status
---------------
scsi-misc commit id 5544213be7b4fb693730106a6d70a8cc1aa7cdf6
Description
-----------
>From c7426209d1233f8adaa0f5b1497cd853b1a113d6 Mon Sep 17 00:00:00 2001
From: Andrew Vasquez <andrew.vasquez@qlogic.com>
Date: Tue, 29 Jun 2010 10:57:43 +0530
Subject: [PATCH] qla2xxx: Correct extended sense-data handling.
Earlier implementation did not take into account the varying
sizes of data buffers returned from structures sts_entry_t and
sts_entry_24xx. Sense-data after the 20th byte could be
incorrect.
diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c
index f7cbcd9..beedcfc 100644
--- a/drivers/scsi/qla2xxx/qla_isr.c
+++ b/drivers/scsi/qla2xxx/qla_isr.c
@@ -976,7 +976,8 @@ qla2x00_process_response_queue(struct scsi_qla_host *ha)
}
static inline void
-qla2x00_handle_sense(srb_t *sp, uint8_t *sense_data, uint32_t sense_len)
+qla2x00_handle_sense(srb_t *sp, uint8_t *sense_data, uint32_t par_sense_len,
+ uint32_t sense_len)
{
struct scsi_cmnd *cp = sp->cmd;
@@ -986,8 +987,8 @@ qla2x00_handle_sense(srb_t *sp, uint8_t *sense_data, uint32_t sense_len)
CMD_ACTUAL_SNSLEN(cp) = sense_len;
sp->request_sense_length = sense_len;
sp->request_sense_ptr = cp->sense_buffer;
- if (sp->request_sense_length > 32)
- sense_len = 32;
+ if (sp->request_sense_length > par_sense_len)
+ sense_len = par_sense_len;
memcpy(cp->sense_buffer, sense_data, sense_len);
@@ -1022,7 +1023,8 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
uint16_t ox_id;
uint8_t lscsi_status;
int32_t resid;
- uint32_t sense_len, rsp_info_len, resid_len, fw_resid_len;
+ uint32_t sense_len, par_sense_len, rsp_info_len, resid_len;
+ uint32_t fw_resid_len;
uint8_t *rsp_info, *sense_data;
int logit = 1;
@@ -1076,7 +1078,7 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
fcport = sp->fcport;
ox_id = 0;
- sense_len = rsp_info_len = resid_len = fw_resid_len = 0;
+ sense_len = par_sense_len = rsp_info_len = resid_len = fw_resid_len = 0;
if (IS_FWI2_CAPABLE(ha)) {
if (scsi_status & SS_SENSE_LEN_VALID)
sense_len = le32_to_cpu(sts24->sense_len);
@@ -1090,6 +1092,7 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
sense_data = sts24->data;
host_to_fcp_swap(sts24->data, sizeof(sts24->data));
ox_id = le16_to_cpu(sts24->ox_id);
+ par_sense_len = sizeof(sts24->data);
} else {
if (scsi_status & SS_SENSE_LEN_VALID)
sense_len = le16_to_cpu(sts->req_sense_length);
@@ -1098,13 +1101,16 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
resid_len = le32_to_cpu(sts->residual_length);
rsp_info = sts->rsp_info;
sense_data = sts->req_sense_data;
+ par_sense_len = sizeof(sts->req_sense_data);
}
/* Check for any FCP transport errors. */
if (scsi_status & SS_RESPONSE_INFO_LEN_VALID) {
/* Sense data lies beyond any FCP RESPONSE data. */
- if (IS_FWI2_CAPABLE(ha))
+ if (IS_FWI2_CAPABLE(ha)) {
sense_data += rsp_info_len;
+ par_sense_len -= rsp_info_len;
+ }
if (rsp_info_len > 3 && rsp_info[3]) {
DEBUG2(qla_printk(KERN_INFO, ha,
"scsi(%ld:%d:%d): FCP I/O protocol failure "
@@ -1173,7 +1179,7 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
if (!(scsi_status & SS_SENSE_LEN_VALID))
break;
- qla2x00_handle_sense(sp, sense_data, sense_len);
+ qla2x00_handle_sense(sp, sense_data, par_sense_len, sense_len);
break;
case CS_DATA_UNDERRUN:
@@ -1257,7 +1263,8 @@ qla2x00_status_entry(scsi_qla_host_t *ha, void *pkt)
if (!(scsi_status & SS_SENSE_LEN_VALID))
break;
- qla2x00_handle_sense(sp, sense_data, sense_len);
+ qla2x00_handle_sense(sp, sense_data, par_sense_len,
+ sense_len);
}
break;
