[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-stable] [Qemu-devel] [PATCH RESEND] megasas: fix mapped frame
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
Re: [Qemu-stable] [Qemu-devel] [PATCH RESEND] megasas: fix mapped frame size |
|
Date: |
Tue, 30 Apr 2019 14:56:13 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 |
On 4/30/19 1:54 PM, Peter Lieven wrote:
> the current value of 1024 bytes (16 * MFI_FRAME_SIZE) we map is not enough to
> hold
> the maximum number of scatter gather elements we advertise. We actually need a
> maximum of 2048 bytes. This is 128 max sg elements * 16 bytes (sizeof (union
> mfi_sgl)).
Looking at megasas_map_sgl(), we indeed accept up to MEGASAS_MAX_SGE
iov_count. Broken since ever then?
Fixes: e8f943c3bcc2
>
> Cc: address@hidden
> Signed-off-by: Peter Lieven <address@hidden>
> Reviewed-by: Hannes Reinecke <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
> ---
> hw/scsi/megasas.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
> index a56317e026..5ad762de23 100644
> --- a/hw/scsi/megasas.c
> +++ b/hw/scsi/megasas.c
> @@ -477,7 +477,7 @@ static MegasasCmd *megasas_enqueue_frame(MegasasState *s,
> {
> PCIDevice *pcid = PCI_DEVICE(s);
> MegasasCmd *cmd = NULL;
> - int frame_size = MFI_FRAME_SIZE * 16;
> + int frame_size = MEGASAS_MAX_SGE * sizeof(union mfi_sgl);
> hwaddr frame_size_p = frame_size;
> unsigned long index;
>
>