From: Roland Dreier Date: Mon, 16 Jul 2012 22:34:23 +0000 (-0700) Subject: target: Fix reading of data length fields for UNMAP commands X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=1a5fa4576ec8a462313c7516b31d7453481ddbe8;p=openwrt%2Fstaging%2Fblogic.git target: Fix reading of data length fields for UNMAP commands The UNMAP DATA LENGTH and UNMAP BLOCK DESCRIPTOR DATA LENGTH fields are in the unmap descriptor (the payload transferred to our data out buffer), not in the CDB itself. Read them from the correct place in target_emulated_unmap. Signed-off-by: Roland Dreier Cc: stable@vger.kernel.org Signed-off-by: Nicholas Bellinger --- diff --git a/drivers/target/target_core_iblock.c b/drivers/target/target_core_iblock.c index 8fb3822bad55..e6d08ee3166e 100644 --- a/drivers/target/target_core_iblock.c +++ b/drivers/target/target_core_iblock.c @@ -324,7 +324,6 @@ static int iblock_execute_unmap(struct se_cmd *cmd) struct se_device *dev = cmd->se_dev; struct iblock_dev *ibd = dev->dev_ptr; unsigned char *buf, *ptr = NULL; - unsigned char *cdb = &cmd->t_task_cdb[0]; sector_t lba; unsigned int size = cmd->data_length, range; int ret = 0, offset; @@ -333,11 +332,12 @@ static int iblock_execute_unmap(struct se_cmd *cmd) /* First UNMAP block descriptor starts at 8 byte offset */ offset = 8; size -= 8; - dl = get_unaligned_be16(&cdb[0]); - bd_dl = get_unaligned_be16(&cdb[2]); buf = transport_kmap_data_sg(cmd); + dl = get_unaligned_be16(&buf[0]); + bd_dl = get_unaligned_be16(&buf[2]); + ptr = &buf[offset]; pr_debug("UNMAP: Sub: %s Using dl: %hu bd_dl: %hu size: %hu" " ptr: %p\n", dev->transport->name, dl, bd_dl, size, ptr);