[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 12/13] esp: ensure that do_cmd is set to zero before submitting an
From: |
Mark Cave-Ayland |
Subject: |
[PULL 12/13] esp: ensure that do_cmd is set to zero before submitting an ESP select command |
Date: |
Mon, 12 Apr 2021 23:20:47 +0100 |
When a CDB has been received and is about to be submitted to the SCSI layer
via one of the ESP select commands, ensure that do_cmd is set to zero before
executing the command.
Otherwise a guest executing 2 valid CDBs in quick sequence can invoke the SCSI
.transfer_data callback again before do_cmd is set to zero by the callback
function triggering an assert at the start of esp_transfer_data().
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210407195801.685-12-mark.cave-ayland@ilande.co.uk>
---
hw/scsi/esp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
index 0037197bdb..b668acef82 100644
--- a/hw/scsi/esp.c
+++ b/hw/scsi/esp.c
@@ -357,6 +357,7 @@ static void handle_satn(ESPState *s)
cmdlen = get_cmd(s, ESP_CMDFIFO_SZ);
if (cmdlen > 0) {
s->cmdfifo_cdb_offset = 1;
+ s->do_cmd = 0;
do_cmd(s);
} else if (cmdlen == 0) {
s->do_cmd = 1;
@@ -390,6 +391,7 @@ static void handle_s_without_atn(ESPState *s)
cmdlen = get_cmd(s, ESP_CMDFIFO_SZ);
if (cmdlen > 0) {
s->cmdfifo_cdb_offset = 0;
+ s->do_cmd = 0;
do_busid_cmd(s, 0);
} else if (cmdlen == 0) {
s->do_cmd = 1;
--
2.20.1
- [PULL 02/13] esp: always check current_req is not NULL before use in DMA callbacks, (continued)
- [PULL 02/13] esp: always check current_req is not NULL before use in DMA callbacks, Mark Cave-Ayland, 2021/04/12
- [PULL 01/13] esp: fix setting of ESPState mig_version_id when launching QEMU with -S option, Mark Cave-Ayland, 2021/04/12
- [PULL 04/13] esp: consolidate esp_cmdfifo_push() into esp_fifo_push(), Mark Cave-Ayland, 2021/04/12
- [PULL 05/13] esp: consolidate esp_cmdfifo_pop() into esp_fifo_pop(), Mark Cave-Ayland, 2021/04/12
- [PULL 06/13] esp: introduce esp_fifo_pop_buf() and use it instead of fifo8_pop_buf(), Mark Cave-Ayland, 2021/04/12
- [PULL 07/13] esp: ensure cmdfifo is not empty and current_dev is non-NULL, Mark Cave-Ayland, 2021/04/12
- [PULL 08/13] esp: don't underflow cmdfifo in do_cmd(), Mark Cave-Ayland, 2021/04/12
- [PULL 09/13] esp: don't overflow cmdfifo in get_cmd(), Mark Cave-Ayland, 2021/04/12
- [PULL 11/13] esp: don't reset async_len directly in esp_select() if cancelling request, Mark Cave-Ayland, 2021/04/12
- [PULL 10/13] esp: don't overflow cmdfifo if TC is larger than the cmdfifo size, Mark Cave-Ayland, 2021/04/12
- [PULL 12/13] esp: ensure that do_cmd is set to zero before submitting an ESP select command,
Mark Cave-Ayland <=
- [PULL 13/13] tests/qtest: add tests for am53c974 device, Mark Cave-Ayland, 2021/04/12
- Re: [PULL 00/13] qemu-sparc queue 20210412, Peter Maydell, 2021/04/13