[SCSI] libfc: call ddp setup for only FCP reads to avoid accessing ju…

…nk fsp pointer Adds check to call fc_fcp_ddp_setup for only FCP read cmds to avoid accessing junk fsp pointer at least in ESX since non FCP frame had junk fsp value, though fsp is implicitly initialized to null by __alloc_skb but with this patch no more relying on fsp initialized to null value and hitting junk fsp ptr access. Removes fsp pointer checking in fc_fcp_ddp_setup as this is not needed any more since its only caller for FCP read will always have a valid fsp. Reported by: Frank Zhang <frank_1.zhang@intel.com> Reported by: Rob Love <robert.w.love@intel.com> Signed-off-by: Vasu Dev <vasu.dev@intel.com> Signed-off-by: Robert Love <robert.w.love@intel.com> Signed-off-by: James Bottomley <James.Bottomley@suse.de>
git-mirror · Feb 17, 2010 · 10897ae · 10897ae
1 parent fee099b
commit 10897ae
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 4 deletions.
diff --git a/drivers/scsi/libfc/fc_exch.c b/drivers/scsi/libfc/fc_exch.c
@@ -1890,7 +1890,7 @@ static struct fc_seq *fc_exch_seq_send(struct fc_lport *lport,
 	fc_exch_setup_hdr(ep, fp, ep->f_ctl);
 	sp->cnt++;
 
-	if (ep->xid <= lport->lro_xid)
+	if (ep->xid <= lport->lro_xid && fh->fh_r_ctl == FC_RCTL_DD_UNSOL_CMD)
 		fc_fcp_ddp_setup(fr_fsp(fp), ep->xid);
 
 	if (unlikely(lport->tt.frame_send(lport, fp)))

diff --git a/drivers/scsi/libfc/fc_fcp.c b/drivers/scsi/libfc/fc_fcp.c
@@ -298,9 +298,6 @@ void fc_fcp_ddp_setup(struct fc_fcp_pkt *fsp, u16 xid)
 {
 	struct fc_lport *lport;
 
-	if (!fsp)
-		return;
-
 	lport = fsp->lp;
 	if ((fsp->req_flags & FC_SRB_READ) &&
 	    (lport->lro_enabled) && (lport->tt.ddp_setup)) {