From owner-p4-projects@FreeBSD.ORG  Fri Dec 29 19:31:18 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 9683D16A47C; Fri, 29 Dec 2006 19:31:18 +0000 (UTC)
X-Original-To: perforce@FreeBSD.org
Delivered-To: perforce@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 6C78416A416
	for <perforce@FreeBSD.org>; Fri, 29 Dec 2006 19:31:18 +0000 (UTC)
	(envelope-from hselasky@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 5CCDC13C44B
	for <perforce@FreeBSD.org>; Fri, 29 Dec 2006 19:31:18 +0000 (UTC)
	(envelope-from hselasky@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id kBTJVI8d009941
	for <perforce@FreeBSD.org>; Fri, 29 Dec 2006 19:31:18 GMT
	(envelope-from hselasky@FreeBSD.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id kBTJVIXw009938
	for perforce@freebsd.org; Fri, 29 Dec 2006 19:31:18 GMT
	(envelope-from hselasky@FreeBSD.org)
Date: Fri, 29 Dec 2006 19:31:18 GMT
Message-Id: <200612291931.kBTJVIXw009938@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	hselasky@FreeBSD.org using -f
From: Hans Petter Selasky <hselasky@FreeBSD.org>
To: Perforce Change Reviews <perforce@FreeBSD.org>
Cc: 
Subject: PERFORCE change 112295 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Dec 2006 19:31:18 -0000

http://perforce.freebsd.org/chv.cgi?CH=112295

Change 112295 by hselasky@hselasky_mini_itx on 2006/12/29 19:31:17

	Fix some regression. Obviously the commands that come from the 
	SCSI layer do not have the appropriate length, and should be
	zero padded. This is true for ATAPI and UFI.

Affected files ...

.. //depot/projects/usb/src/sys/dev/usb/umass.c#7 edit

Differences ...

==== //depot/projects/usb/src/sys/dev/usb/umass.c#7 (text+ko) ====

@@ -2968,16 +2968,19 @@
 umass_ufi_transform(struct umass_softc *sc, u_int8_t *cmd_ptr, 
 		    u_int8_t cmd_len)
 {
-	/* A UFI command is always 12 bytes in length */
-	if ((cmd_len < UFI_COMMAND_LENGTH) ||
+	if ((cmd_len == 0) ||
 	    (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
 		DPRINTF(sc, UDMASS_SCSI, "Invalid command "
 			"length: %d bytes\n", cmd_len);
 		return 0;	/* failure */
 	}
 
+	/* An UFI command is always 12 bytes in length */
 	sc->sc_transfer.cmd_len = UFI_COMMAND_LENGTH;
 
+	/* Zero the command data */
+	bzero(sc->sc_transfer.cmd_data, UFI_COMMAND_LENGTH);
+
 	switch (cmd_ptr[0]) {
 	/* Commands of which the format has been verified. They should work.
 	 * Copy the command into the (zeroed out) destination buffer.
@@ -2990,7 +2993,6 @@
 			DPRINTF(sc, UDMASS_UFI, "Converted TEST_UNIT_READY "
 				"to START_UNIT\n");
 
-			bzero(sc->sc_transfer.cmd_data, UFI_COMMAND_LENGTH);
 			sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
 			sc->sc_transfer.cmd_data[4] = SSS_START;
 			return 1;
@@ -3023,8 +3025,7 @@
 		return 0;	/* failure */
 	}
 
-	bcopy(cmd_ptr, sc->sc_transfer.cmd_data, 
-	      UFI_COMMAND_LENGTH);
+	bcopy(cmd_ptr, sc->sc_transfer.cmd_data, cmd_len);
 	return 1;	/* success */
 }
 
@@ -3035,16 +3036,19 @@
 umass_atapi_transform(struct umass_softc *sc, u_int8_t *cmd_ptr, 
 		      u_int8_t cmd_len)
 {
-	/* An ATAPI command is always 12 bytes in length. */
-	if ((cmd_len < ATAPI_COMMAND_LENGTH) ||
+	if ((cmd_len == 0) ||
 	    (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
 		DPRINTF(sc, UDMASS_SCSI, "Invalid command "
 			"length: %d bytes\n", cmd_len);
 		return 0;	/* failure */
 	}
 
+	/* An ATAPI command is always 12 bytes in length. */
 	sc->sc_transfer.cmd_len = ATAPI_COMMAND_LENGTH;
 
+	/* Zero the command data */
+	bzero(sc->sc_transfer.cmd_data, ATAPI_COMMAND_LENGTH);
+
 	switch (cmd_ptr[0]) {
 	/* Commands of which the format has been verified. They should work.
 	 * Copy the command into the destination buffer.
@@ -3052,8 +3056,8 @@
 	case INQUIRY:
 		/* some drives wedge when asked for full inquiry information. */
 		if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
-			bcopy(cmd_ptr, sc->sc_transfer.cmd_data, 
-			      ATAPI_COMMAND_LENGTH);
+			bcopy(cmd_ptr, sc->sc_transfer.cmd_data, cmd_len);
+
 			sc->sc_transfer.cmd_data[4] = SHORT_INQUIRY_LENGTH;
 			return 1;
 		}
@@ -3063,7 +3067,6 @@
 		if (sc->sc_quirks & NO_TEST_UNIT_READY) {
 			DPRINTF(sc, UDMASS_SCSI, "Converted TEST_UNIT_READY "
 				"to START_UNIT\n");
-			bzero(sc->sc_transfer.cmd_data, ATAPI_COMMAND_LENGTH);
 			sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
 			sc->sc_transfer.cmd_data[4] = SSS_START;
 			return 1;
@@ -3114,8 +3117,7 @@
 		break;;
 	}
 
-	bcopy(cmd_ptr, sc->sc_transfer.cmd_data, 
-	      ATAPI_COMMAND_LENGTH);
+	bcopy(cmd_ptr, sc->sc_transfer.cmd_data, cmd_len);
 	return 1;	/* success */
 }