www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Xiubo Li <lixiubo@cmss.chinamobile.com>
	Mon, 27 Mar 2017 09:07:40 +0000 (17:07 +0800)
committer	Chuck Anderson <chuck.anderson@oracle.com>
	Fri, 23 Jun 2017 04:10:53 +0000 (21:10 -0700)
commit	90a2e6c3ec2c4df92dcb7a4c50005f2fdf971873
tree	c0ca4ac7d0e22a859422c3920ebd3bfd806e22e4	tree
parent	059ed6f4480fe6a41b630b5a5ea9ff993f96f721	commit \| diff

tcmu: Fix possible overwrite of t_data_sg's last iov[]

If there has BIDI data, its first iov[] will overwrite the last
iov[] for se_cmd->t_data_sg.

To fix this, we can just increase the iov pointer, but this may
introuduce a new memory leakage bug: If the se_cmd->data_length
and se_cmd->t_bidi_data_sg->length are all not aligned up to the
DATA_BLOCK_SIZE, the actual length needed maybe larger than just
sum of them.

So, this could be avoided by rounding all the data lengthes up
to DATA_BLOCK_SIZE.

Reviewed-by: Mike Christie <mchristi@redhat.com>
Tested-by: Ilias Tsitsimpis <iliastsi@arrikto.com>
Reviewed-by: Bryant G. Ly <bryantly@linux.vnet.ibm.com>
Signed-off-by: Xiubo Li <lixiubo@cmss.chinamobile.com>
Cc: stable@vger.kernel.org # 3.18+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Orabug: 25395066
(cherry picked from commit ab22d2604c86ceb01bb2725c9860b88a7dd383bb)
Signed-off-by: Kyle Fortin <kyle.fortin@oracle.com>
Reviewed-by: Shan Hai <shan.hai@oracle.com>