diff options
author | Philippe Mathieu-Daudé <philmd@redhat.com> | 2021-01-20 16:35:22 +0100 |
---|---|---|
committer | Gerd Hoffmann <kraxel@redhat.com> | 2021-01-22 14:51:35 +0100 |
commit | d755cb9696e8aa16e850ac5f0b908015520cd395 (patch) | |
tree | da47139612fc740db50772c060b5d51997c7e9d9 | |
parent | 2e8f72acb0e948566c129d3e819cd77b9a8789ac (diff) | |
download | qemu-d755cb9696e8aa16e850ac5f0b908015520cd395.zip qemu-d755cb9696e8aa16e850ac5f0b908015520cd395.tar.gz qemu-d755cb9696e8aa16e850ac5f0b908015520cd395.tar.bz2 |
hw/usb/dev-uas: Report command additional adb length as unsupported
We are not ready to handle additional CDB data.
If a guest sends a packet with such additional data,
report the command parameter as not supported.
Specify a size (of 1 byte) for the add_cdb member we
are not using, to fix the following warning:
usb/dev-uas.c:157:31: error: field 'status' with variable sized type 'uas_iu' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end]
uas_iu status;
^
Reported-by: Ed Maste <emaste@FreeBSD.org>
Reported-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Reported-by: Han Han <hhan@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210120153522.1173897-4-philmd@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-rw-r--r-- | hw/usb/dev-uas.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c index cec071d..a51402b 100644 --- a/hw/usb/dev-uas.c +++ b/hw/usb/dev-uas.c @@ -16,6 +16,7 @@ #include "qemu/error-report.h" #include "qemu/main-loop.h" #include "qemu/module.h" +#include "qemu/log.h" #include "hw/usb.h" #include "migration/vmstate.h" @@ -70,7 +71,7 @@ typedef struct { uint8_t reserved_2; uint64_t lun; uint8_t cdb[16]; - uint8_t add_cdb[]; + uint8_t add_cdb[1]; /* not supported by QEMU */ } QEMU_PACKED uas_iu_command; typedef struct { @@ -700,6 +701,11 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu) uint32_t len; uint16_t tag = be16_to_cpu(iu->hdr.tag); + if (iu->command.add_cdb_length > 0) { + qemu_log_mask(LOG_UNIMP, "additional adb length not yet supported\n"); + goto unsupported_len; + } + if (uas_using_streams(uas) && tag > UAS_MAX_STREAMS) { goto invalid_tag; } @@ -735,6 +741,10 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu) } return; +unsupported_len: + usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_PARAM_VALUE); + return; + invalid_tag: usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_TAG); return; |