Mailinglist Archive: opensuse-bugs (4068 mails)

< Previous Next >
[Bug 714836] New: 16 byte vendor specific CDB cannot go through SG_IO interface
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Mon, 29 Aug 2011 22:06:14 +0000
  • Message-id: <>

Summary: 16 byte vendor specific CDB cannot go through SG_IO
Classification: openSUSE
Product: openSUSE 11.4
Version: Final
Platform: x86-64
OS/Version: SLES 11
Status: NEW
Severity: Major
Priority: P5 - None
Component: Kernel
AssignedTo: kernel-maintainers@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: yanling.qi@xxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---

Created an attachment (id=448314)
--> (
safe-pass-thru CDB layout

User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101

NetApp E-series storage array (formerly LSI storage array) supports a vendor
specific command – “Safe-Pass-Through” command. The command opcode is “C0h” and
its CDB length is 16 bytes.
The “Safe-Pass-Through” command is used to pass a scsi command to a drive which
is behind the storage array controller in a different scsi domain from the
Linux host side scsi domain. The real-CDB is embedded inside the “pass-thru”
CDB. Please refer to the pass-thru CDB layout in the attached pdf file. The
real CDB starts from the offset 7.
The SPC specifies command opcode as two parts - group code and command code.
The Group code determines the CDB length
The C0h falls into the “110b” group and the CDB length is vendor specific.
The new kernel code in ./block/scsi_ioctl.c forcefully assigns the 110b group
(our C0h opcode) opecodes as a 10 byte CDB.
/* Command group 3 is reserved and should never be used. */
const unsigned char scsi_command_size_tbl[8] =
6, 10, 10, 12,
16, 12, 10, 10

The sg driver uses the scsi_command_size_tbl to determine CDB length. Since
“char scsi_command_size_tbl” tells it is a 10 byte CDB, the embedded real CDB
inside the pass thru CDB for the drive is truncated. Only 4 bytes of the
embedded real CDB is copied and the allocation-length field of the real CDB
doesn’t get set for a 6 byte real CDB. NetApp E-series controller will reject
the pass-thru command with 05h/24h/00h check condition because of real command
CDB parameter error.

Reproducible: Always

Steps to Reproduce:
1.Develop a test driver using SG_IO interface
2.The driver will issue a scsi command with the CDB = “c0 00 00 00 00 00 12 00
00 00 28 00 00 00 00 00”. The real CDB is standard inquiry
3. Send the SG_IO request to a NetApp E-Series Storage array /dev/sgX device

Actual Results:
The request will be rejected with 05h/24h/00h condition. It works fine for
SLES10SPx systems.

Expected Results:
the drive's standard inquiry data will be returned

One of our major customers will use this to collect drive info.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug.
< Previous Next >