falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

scsi: Ensure command and transfer lengths are set for all SCSI devices 

scsi-generic relies on those values to be correct, so it is important that
those values are initialized properly for all device types.

Reported-by: Christian Hoff <christian.hoff@de.ibm.com>
Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Paolo Bonzini 2012-06-14 16:13:49 +02:00
parent 15e58a21a8
commit 28b70c9dbd
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
hw/scsi-bus.c
View File

@ -734,20 +734,16 @@ static int scsi_req_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
switch (buf[0] >> 5) {
case 0:
cmd->xfer = buf[4];
cmd->len = 6;
break;
case 1:
case 2:
cmd->xfer = lduw_be_p(&buf[7]);
cmd->len = 10;
break;
case 4:
cmd->xfer = ldl_be_p(&buf[10]) & 0xffffffffULL;
cmd->len = 16;
break;
case 5:
cmd->xfer = ldl_be_p(&buf[6]) & 0xffffffffULL;
cmd->len = 12;
break;
default:
return -1;
@ -884,7 +880,6 @@ static int scsi_req_stream_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *bu
case READ_REVERSE:
case RECOVER_BUFFERED_DATA:
case WRITE_6:
cmd->len = 6;
cmd->xfer = buf[4] | (buf[3] << 8) | (buf[2] << 16);
if (buf[1] & 0x01) { /* fixed */
cmd->xfer *= dev->blocksize;
@ -894,7 +889,6 @@ static int scsi_req_stream_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *bu
case READ_REVERSE_16:
case VERIFY_16:
case WRITE_16:
cmd->len = 16;
cmd->xfer = buf[14] | (buf[13] << 8) | (buf[12] << 16);
if (buf[1] & 0x01) { /* fixed */
cmd->xfer *= dev->blocksize;
@ -902,7 +896,6 @@ static int scsi_req_stream_length(SCSICommand *cmd, SCSIDevice *dev, uint8_t *bu
break;
case REWIND:
case LOAD_UNLOAD:
cmd->len = 6;
cmd->xfer = 0;
break;
case SPACE_16:
@ -1000,6 +993,24 @@ int scsi_req_parse(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf)
{
int rc;
switch (buf[0] >> 5) {
case 0:
cmd->len = 6;
break;
case 1:
case 2:
cmd->len = 10;
break;
case 4:
cmd->len = 16;
break;
case 5:
cmd->len = 12;
break;
default:
return -1;
}
if (dev->type == TYPE_TAPE) {
rc = scsi_req_stream_length(cmd, dev, buf);
} else {