[PATCH 2/3] UBUNTU: SAUCE: (noup) target/user: Return an error if cmd data size is too large

[Tim Gardner]

From: Andy Grover <agrover at redhat.com>

BugLink: http://bugs.launchpad.net/bugs/1621088

Userspace should be implementing VPD B0 (Block Limits) to inform the
initiator of max data size, but just in case we do get a too-large request,
do what the spec says and return INVALID_CDB_FIELD.

Make sure to unlock udev->cmdr_lock before returning.

Signed-off-by: Andy Grover <agrover at redhat.com>
Signed-off-by: Bryant G. Ly <bryantly at linux.vnet.ibm.com>
Reviewed-by: Mike Christie <mchristi at redhat.com>
Reviewed-by: Christoph Hellwig <hch at lst.de>
Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
---
 drivers/target/target_core_user.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/drivers/target/target_core_user.c b/drivers/target/target_core_user.c
index b495da9..5c72501 100644
--- a/drivers/target/target_core_user.c
+++ b/drivers/target/target_core_user.c
@@ -441,11 +441,14 @@ tcmu_queue_cmd_ring(struct tcmu_cmd *tcmu_cmd)
 		BUG_ON(!(se_cmd->t_bidi_data_sg && se_cmd->t_bidi_data_nents));
 		data_length += se_cmd->t_bidi_data_sg->length;
 	}
-	if ((command_size > (udev->cmdr_size / 2))
-	    || data_length > udev->data_size)
-		pr_warn("TCMU: Request of size %zu/%zu may be too big for %u/%zu "
+	if ((command_size > (udev->cmdr_size / 2)) ||
+	    data_length > udev->data_size) {
+		pr_warn("TCMU: Request of size %zu/%zu is too big for %u/%zu "
 			"cmd/data ring buffers\n", command_size, data_length,
 			udev->cmdr_size, udev->data_size);
+		spin_unlock_irq(&udev->cmdr_lock);
+		return TCM_INVALID_CDB_FIELD;
+	}
 
 	while (!is_ring_space_avail(udev, command_size, data_length)) {
 		int ret;
-- 
2.7.4