From: Nicholas Bellinger <nab@linux-iscsi.org>
Date: Sun, 23 Feb 2014 12:52:44 +0000 (+0000)
Subject: target/sbc: Fix sbc_dif_copy_prot addr offset bug
X-Git-Tag: v3.14-rc5~7^2~4
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=10762e80489e73e2d52bf78e0869f253f42821bd;p=profile%2Fivi%2Fkernel-x86-ivi.git

target/sbc: Fix sbc_dif_copy_prot addr offset bug

This patch fixes a bug in sbc_dif_copy_prot() where the updated addr
offset did not take into account the case where the associated
scatterlist had not been incremented.

This addresses the case where incoming protection scatterlists may
contain a length smaller than PAGE_SIZE across multiple entires,
when the target protection scatterlists are always being explicitly
filled up to PAGE_SIZE before adding another entry.

Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Hannes Reinecke <hare@suse.de>
Cc: Sagi Grimberg <sagig@mellanox.com>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
---

diff --git a/drivers/target/target_core_sbc.c b/drivers/target/target_core_sbc.c
index a448944..ef1a58a 100644
--- a/drivers/target/target_core_sbc.c
+++ b/drivers/target/target_core_sbc.c
@@ -1074,7 +1074,7 @@ sbc_dif_copy_prot(struct se_cmd *cmd, unsigned int sectors, bool read,
 	struct scatterlist *psg;
 	void *paddr, *addr;
 	unsigned int i, len, left;
-	unsigned int offset = 0;
+	unsigned int offset = sg_off;
 
 	left = sectors * dev->prot_length;
 
@@ -1084,11 +1084,10 @@ sbc_dif_copy_prot(struct se_cmd *cmd, unsigned int sectors, bool read,
 		if (offset >= sg->length) {
 			sg = sg_next(sg);
 			offset = 0;
-			sg_off = sg->offset;
 		}
 
 		paddr = kmap_atomic(sg_page(psg)) + psg->offset;
-		addr = kmap_atomic(sg_page(sg)) + sg_off;
+		addr = kmap_atomic(sg_page(sg)) + sg->offset + offset;
 
 		if (read)
 			memcpy(paddr, addr, len);