aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhilippe Mathieu-Daudé <philmd@redhat.com>2021-01-20 16:35:22 +0100
committerGerd Hoffmann <kraxel@redhat.com>2021-01-22 14:51:35 +0100
commitd755cb9696e8aa16e850ac5f0b908015520cd395 (patch)
treeda47139612fc740db50772c060b5d51997c7e9d9
parent2e8f72acb0e948566c129d3e819cd77b9a8789ac (diff)
downloadqemu-d755cb9696e8aa16e850ac5f0b908015520cd395.zip
qemu-d755cb9696e8aa16e850ac5f0b908015520cd395.tar.gz
qemu-d755cb9696e8aa16e850ac5f0b908015520cd395.tar.bz2
hw/usb/dev-uas: Report command additional adb length as unsupported
We are not ready to handle additional CDB data. If a guest sends a packet with such additional data, report the command parameter as not supported. Specify a size (of 1 byte) for the add_cdb member we are not using, to fix the following warning: usb/dev-uas.c:157:31: error: field 'status' with variable sized type 'uas_iu' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end] uas_iu status; ^ Reported-by: Ed Maste <emaste@FreeBSD.org> Reported-by: Daniele Buono <dbuono@linux.vnet.ibm.com> Reported-by: Han Han <hhan@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210120153522.1173897-4-philmd@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-rw-r--r--hw/usb/dev-uas.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
index cec071d..a51402b 100644
--- a/hw/usb/dev-uas.c
+++ b/hw/usb/dev-uas.c
@@ -16,6 +16,7 @@
#include "qemu/error-report.h"
#include "qemu/main-loop.h"
#include "qemu/module.h"
+#include "qemu/log.h"
#include "hw/usb.h"
#include "migration/vmstate.h"
@@ -70,7 +71,7 @@ typedef struct {
uint8_t reserved_2;
uint64_t lun;
uint8_t cdb[16];
- uint8_t add_cdb[];
+ uint8_t add_cdb[1]; /* not supported by QEMU */
} QEMU_PACKED uas_iu_command;
typedef struct {
@@ -700,6 +701,11 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu)
uint32_t len;
uint16_t tag = be16_to_cpu(iu->hdr.tag);
+ if (iu->command.add_cdb_length > 0) {
+ qemu_log_mask(LOG_UNIMP, "additional adb length not yet supported\n");
+ goto unsupported_len;
+ }
+
if (uas_using_streams(uas) && tag > UAS_MAX_STREAMS) {
goto invalid_tag;
}
@@ -735,6 +741,10 @@ static void usb_uas_command(UASDevice *uas, uas_iu *iu)
}
return;
+unsupported_len:
+ usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_PARAM_VALUE);
+ return;
+
invalid_tag:
usb_uas_queue_fake_sense(uas, tag, sense_code_INVALID_TAG);
return;