target/user: Return an error if cmd data size is too large Userspace should be implementing VPD B0 (Block Limits) to inform the initiator of max data size, but just in case we do get a too-large request, do what the spec says and return INVALID_CDB_FIELD. Make sure to unlock udev->cmdr_lock before returning. Signed-off-by: Andy Grover <agrover@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Mike Christie <mchristi@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>

commit: 554617b2bbe25c3fb3c80c28fe7a465884bb40b1 [log] [tgz]
author: Andy Grover <agrover@redhat.com> Thu Aug 25 08:55:53 2016 -0700
committer: Nicholas Bellinger <nab@linux-iscsi.org> Wed Oct 19 21:22:16 2016 -0700
tree: 0a4a342ff1d0ae52a6cad39352a714a914489bd1
parent: 02eb924fabc5b699c0d9d354491e6f0767e3c139 [diff] [blame]
diff --git a/drivers/target/target_core_user.c b/drivers/target/target_core_user.c
index 0cd1c61..5de1eac 100644
--- a/drivers/target/target_core_user.c
+++ b/drivers/target/target_core_user.c

@@ -433,11 +433,14 @@
 		BUG_ON(!(se_cmd->t_bidi_data_sg && se_cmd->t_bidi_data_nents));
 		data_length += se_cmd->t_bidi_data_sg->length;
 	}
-	if ((command_size > (udev->cmdr_size / 2))
-	    || data_length > udev->data_size)
-		pr_warn("TCMU: Request of size %zu/%zu may be too big for %u/%zu "
+	if ((command_size > (udev->cmdr_size / 2)) ||
+	    data_length > udev->data_size) {
+		pr_warn("TCMU: Request of size %zu/%zu is too big for %u/%zu "
 			"cmd/data ring buffers\n", command_size, data_length,
 			udev->cmdr_size, udev->data_size);
+		spin_unlock_irq(&udev->cmdr_lock);
+		return TCM_INVALID_CDB_FIELD;
+	}
 
 	while (!is_ring_space_avail(udev, command_size, data_length)) {
 		int ret;
commit	554617b2bbe25c3fb3c80c28fe7a465884bb40b1	[log] [tgz]
author	Andy Grover <agrover@redhat.com>	Thu Aug 25 08:55:53 2016 -0700
committer	Nicholas Bellinger <nab@linux-iscsi.org>	Wed Oct 19 21:22:16 2016 -0700
tree	0a4a342ff1d0ae52a6cad39352a714a914489bd1
parent	02eb924fabc5b699c0d9d354491e6f0767e3c139 [diff] [blame]