Print this page
653 incorrect handling in iscsit of duplicate PDUs with cmdsn > expsn
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Jason King <jason.brian.king@gmail.com>
Reviewed by: Gary Mills <gary_mills@fastmail.fm>
*** 18,31 ****
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
*/
- /*
- * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
- */
#include <sys/cpuvar.h>
#include <sys/types.h>
#include <sys/conf.h>
#include <sys/stat.h>
--- 18,30 ----
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Copyright 2012 Nexenta Systems, Inc. All rights reserved.
*/
#include <sys/cpuvar.h>
#include <sys/types.h>
#include <sys/conf.h>
#include <sys/stat.h>
*** 3159,3171 ****
}
iscsit_conn_dispatch_hold(ict);
mutex_exit(&ict->ict_mutex);
index = ntohl(cmdsn) % ISCSIT_RXPDU_QUEUE_LEN;
! ASSERT(cbuf->cb_buffer[index] == NULL);
cbuf->cb_buffer[index] = rx_pdu;
cbuf->cb_num_elems++;
}
static idm_pdu_t *
iscsit_remove_pdu_from_queue(iscsit_sess_t *ist, uint32_t cmdsn)
{
--- 3158,3182 ----
}
iscsit_conn_dispatch_hold(ict);
mutex_exit(&ict->ict_mutex);
index = ntohl(cmdsn) % ISCSIT_RXPDU_QUEUE_LEN;
! /*
! * In the normal case, assuming that the Initiator is not
! * buggy and that we don't have packet duplication occuring,
! * the entry in the array will be NULL. However, we may have
! * received a duplicate PDU with cmdsn > expsn , and in that
! * case we just ignore this PDU -- the previously received one
! * remains queued for processing. We need to be careful not
! * to leak this one however.
! */
! if (cbuf->cb_buffer[index] != NULL) {
! idm_pdu_complete(rx_pdu, IDM_STATUS_FAIL);
! } else {
cbuf->cb_buffer[index] = rx_pdu;
cbuf->cb_num_elems++;
+ }
}
static idm_pdu_t *
iscsit_remove_pdu_from_queue(iscsit_sess_t *ist, uint32_t cmdsn)
{