summaryrefslogtreecommitdiff
path: root/drivers/scsi/qla2xxx/qla_target.h
diff options
context:
space:
mode:
authorQuinn Tran <quinn.tran@cavium.com>2016-12-23 18:06:11 -0800
committerBart Van Assche <bart.vanassche@sandisk.com>2017-01-17 11:26:56 -0800
commit5f35509db179ca7ed1feaa4b14f841adb06ed220 (patch)
treef5b4e6bc95ec09eed327291db14d45217ebb6e33 /drivers/scsi/qla2xxx/qla_target.h
parentfc1ffd6cb38a1c1af625b9833c41928039e733f5 (diff)
qla2xxx: Terminate exchange if corrupted
Corrupted ATIO is defined as length of fcp_header & fcp_cmd payload is less than 0x38. It's the minimum size for a frame to carry 8..16 bytes SCSI CDB. The exchange will be dropped or terminated if corrupted. Signed-off-by: Quinn Tran <quinn.tran@cavium.com> Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com> Reviewed-by: Christoph Hellwig <hch@lst.de> [ bvanassche: Fixed spelling in patch title ] Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Diffstat (limited to 'drivers/scsi/qla2xxx/qla_target.h')
-rw-r--r--drivers/scsi/qla2xxx/qla_target.h22
1 files changed, 21 insertions, 1 deletions
diff --git a/drivers/scsi/qla2xxx/qla_target.h b/drivers/scsi/qla2xxx/qla_target.h
index f26c5f60eedd..0824a8164a24 100644
--- a/drivers/scsi/qla2xxx/qla_target.h
+++ b/drivers/scsi/qla2xxx/qla_target.h
@@ -427,13 +427,33 @@ struct atio_from_isp {
struct {
uint8_t entry_type; /* Entry type. */
uint8_t entry_count; /* Entry count. */
- uint8_t data[58];
+ __le16 attr_n_length;
+#define FCP_CMD_LENGTH_MASK 0x0fff
+#define FCP_CMD_LENGTH_MIN 0x38
+ uint8_t data[56];
uint32_t signature;
#define ATIO_PROCESSED 0xDEADDEAD /* Signature */
} raw;
} u;
} __packed;
+static inline int fcpcmd_is_corrupted(struct atio *atio)
+{
+ if (atio->entry_type == ATIO_TYPE7 &&
+ (le16_to_cpu(atio->attr_n_length & FCP_CMD_LENGTH_MASK) <
+ FCP_CMD_LENGTH_MIN))
+ return 1;
+ else
+ return 0;
+}
+
+/* adjust corrupted atio so we won't trip over the same entry again. */
+static inline void adjust_corrupted_atio(struct atio_from_isp *atio)
+{
+ atio->u.raw.attr_n_length = cpu_to_le16(FCP_CMD_LENGTH_MIN);
+ atio->u.isp24.fcp_cmnd.add_cdb_len = 0;
+}
+
#define CTIO_TYPE7 0x12 /* Continue target I/O entry (for 24xx) */
/*