From 5c79097a28c2525740dd9e4470676ec9d25bee45 Mon Sep 17 00:00:00 2001 From: Tom Yan Date: Wed, 13 Jul 2016 04:31:22 +0800 Subject: [PATCH] libata-scsi: reject WRITE SAME (16) with n_block that exceeds limit Currently if a WRITE SAME (16) command is issued to the SATL with "number of blocks" that is larger than the "Maximum write same length" (which is the maximum number of blocks per TRIM command allowed in libata, currently 65535 * 512 / 8 blocks), the SATL will accept the command and translate it to a TRIM command with the upper limit. However, according to SBC (as of sbc4r11.pdf), the "device server" should terminate the command with "Invalid field in CDB" in that case. Signed-off-by: Tom Yan Signed-off-by: Tejun Heo --- drivers/ata/libata-scsi.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/ata/libata-scsi.c b/drivers/ata/libata-scsi.c index f0593bc2f97d..b0ca32228d3f 100644 --- a/drivers/ata/libata-scsi.c +++ b/drivers/ata/libata-scsi.c @@ -3310,7 +3310,13 @@ static unsigned int ata_scsi_write_same_xlat(struct ata_queued_cmd *qc) goto invalid_param_len; buf = page_address(sg_page(scsi_sglist(scmd))); - size = ata_set_lba_range_entries(buf, 512, block, n_block); + + if (n_block <= 65535 * 512 / 8) { + size = ata_set_lba_range_entries(buf, 512, block, n_block); + } else { + fp = 2; + goto invalid_fld; + } if (ata_ncq_enabled(dev) && ata_fpdma_dsm_supported(dev)) { /* Newer devices support queued TRIM commands */ -- 2.20.1