tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
[SCSI] hide EH backup data outside the scsi_cmnd
Currently struct scsi_cmnd has various fields that are used to backup
original data after the corresponding fields have been overridden for
EH commands. This means drivers can easily get at it and misuse it.
Due to the old_ naming this doesn't happen for most of them, but two
that have different names have been used wrong a lot (see previous
patch). Another downside is that they unessecarily bloat the scsi_cmnd
size.
This patch moves them onstack in scsi_send_eh_cmnd to fix those two
issues aswell as allowing future EH fixes like moving the EH command
submissions to use SG lists like everything else.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
authored by
Christoph Hellwig
and committed by
James Bottomley
631c228c
ae0fda0c
+108
-233
+9
-5
drivers/scsi/aha152x.c
+9
-5
drivers/scsi/aha152x.c
···
1179
1179
DECLARE_MUTEX_LOCKED(sem);
1180
1180
struct timer_list timer;
1181
1181
int ret, issued, disconnected;
1182
+
unsigned char old_cmd_len = SCpnt->cmd_len;
1183
+
unsigned short old_use_sg = SCpnt->use_sg;
1184
+
void *old_buffer = SCpnt->request_buffer;
1185
+
unsigned old_bufflen = SCpnt->request_bufflen;
1182
1186
unsigned long flags;
1183
1187
1184
1188
#if defined(AHA152X_DEBUG)
···
1216
1212
add_timer(&timer);
1217
1213
down(&sem);
1218
1214
del_timer(&timer);
1219
-
1220
-
SCpnt->cmd_len = SCpnt->old_cmd_len;
1221
-
SCpnt->use_sg = SCpnt->old_use_sg;
1222
-
SCpnt->request_buffer = SCpnt->buffer;
1223
-
SCpnt->request_bufflen = SCpnt->bufflen;
1215
+
1216
+
SCpnt->cmd_len = old_cmd_len;
1217
+
SCpnt->use_sg = old_use_sg;
1218
+
SCpnt->request_buffer = old_buffer;
1219
+
SCpnt->request_bufflen = old_bufflen;
1224
1220
1225
1221
DO_LOCK(flags);
1226
1222
+1
-10
drivers/scsi/scsi.c
+1
-10
drivers/scsi/scsi.c
···
346
346
if (level > 3) {
347
347
printk(KERN_INFO "buffer = 0x%p, bufflen = %d,"
348
348
" done = 0x%p, queuecommand 0x%p\n",
349
-
cmd->buffer, cmd->bufflen,
349
+
cmd->request_buffer, cmd->request_bufflen,
350
350
cmd->done,
351
351
sdev->host->hostt->queuecommand);
352
352
···
661
661
*/
662
662
int scsi_retry_command(struct scsi_cmnd *cmd)
663
663
{
664
-
/*
665
-
* Restore the SCSI command state.
666
-
*/
667
-
scsi_setup_cmd_retry(cmd);
668
-
669
664
/*
670
665
* Zero the sense information from the last time we tried
671
666
* this command.
···
706
711
"Notifying upper driver of completion "
707
712
"(result %x)\n", cmd->result));
708
713
709
-
/*
710
-
* We can get here with use_sg=0, causing a panic in the upper level
711
-
*/
712
-
cmd->use_sg = cmd->old_use_sg;
713
714
cmd->done(cmd);
714
715
}
715
716
EXPORT_SYMBOL(scsi_finish_command);
+89
-121
drivers/scsi/scsi_error.c
+89
-121
drivers/scsi/scsi_error.c
···
460
460
* Return value:
461
461
* SUCCESS or FAILED or NEEDS_RETRY
462
462
**/
463
-
static int scsi_send_eh_cmnd(struct scsi_cmnd *scmd, int timeout)
463
+
static int scsi_send_eh_cmnd(struct scsi_cmnd *scmd, int timeout, int copy_sense)
464
464
{
465
465
struct scsi_device *sdev = scmd->device;
466
466
struct Scsi_Host *shost = sdev->host;
467
+
int old_result = scmd->result;
467
468
DECLARE_COMPLETION(done);
468
469
unsigned long timeleft;
469
470
unsigned long flags;
471
+
unsigned char old_cmnd[MAX_COMMAND_SIZE];
472
+
enum dma_data_direction old_data_direction;
473
+
unsigned short old_use_sg;
474
+
unsigned char old_cmd_len;
475
+
unsigned old_bufflen;
476
+
void *old_buffer;
470
477
int rtn;
478
+
479
+
/*
480
+
* We need saved copies of a number of fields - this is because
481
+
* error handling may need to overwrite these with different values
482
+
* to run different commands, and once error handling is complete,
483
+
* we will need to restore these values prior to running the actual
484
+
* command.
485
+
*/
486
+
old_buffer = scmd->request_buffer;
487
+
old_bufflen = scmd->request_bufflen;
488
+
memcpy(old_cmnd, scmd->cmnd, sizeof(scmd->cmnd));
489
+
old_data_direction = scmd->sc_data_direction;
490
+
old_cmd_len = scmd->cmd_len;
491
+
old_use_sg = scmd->use_sg;
492
+
493
+
if (copy_sense) {
494
+
int gfp_mask = GFP_ATOMIC;
495
+
496
+
if (shost->hostt->unchecked_isa_dma)
497
+
gfp_mask |= __GFP_DMA;
498
+
499
+
scmd->sc_data_direction = DMA_FROM_DEVICE;
500
+
scmd->request_bufflen = 252;
501
+
scmd->request_buffer = kzalloc(scmd->request_bufflen, gfp_mask);
502
+
if (!scmd->request_buffer)
503
+
return FAILED;
504
+
} else {
505
+
scmd->request_buffer = NULL;
506
+
scmd->request_bufflen = 0;
507
+
scmd->sc_data_direction = DMA_NONE;
508
+
}
509
+
510
+
scmd->underflow = 0;
511
+
scmd->use_sg = 0;
512
+
scmd->cmd_len = COMMAND_SIZE(scmd->cmnd[0]);
471
513
472
514
if (sdev->scsi_level <= SCSI_2)
473
515
scmd->cmnd[1] = (scmd->cmnd[1] & 0x1f) |
474
516
(sdev->lun << 5 & 0xe0);
517
+
518
+
/*
519
+
* Zero the sense buffer. The scsi spec mandates that any
520
+
* untransferred sense data should be interpreted as being zero.
521
+
*/
522
+
memset(scmd->sense_buffer, 0, sizeof(scmd->sense_buffer));
475
523
476
524
shost->eh_action = &done;
477
525
···
570
522
rtn = FAILED;
571
523
}
572
524
525
+
526
+
/*
527
+
* Last chance to have valid sense data.
528
+
*/
529
+
if (copy_sense) {
530
+
if (!SCSI_SENSE_VALID(scmd)) {
531
+
memcpy(scmd->sense_buffer, scmd->request_buffer,
532
+
sizeof(scmd->sense_buffer));
533
+
}
534
+
kfree(scmd->request_buffer);
535
+
}
536
+
537
+
538
+
/*
539
+
* Restore original data
540
+
*/
541
+
scmd->request_buffer = old_buffer;
542
+
scmd->request_bufflen = old_bufflen;
543
+
memcpy(scmd->cmnd, old_cmnd, sizeof(scmd->cmnd));
544
+
scmd->sc_data_direction = old_data_direction;
545
+
scmd->cmd_len = old_cmd_len;
546
+
scmd->use_sg = old_use_sg;
547
+
scmd->result = old_result;
573
548
return rtn;
574
549
}
575
550
···
608
537
static int scsi_request_sense(struct scsi_cmnd *scmd)
609
538
{
610
539
static unsigned char generic_sense[6] =
611
-
{REQUEST_SENSE, 0, 0, 0, 252, 0};
612
-
unsigned char *scsi_result;
613
-
int saved_result;
614
-
int rtn;
540
+
{REQUEST_SENSE, 0, 0, 0, 252, 0};
615
541
616
542
memcpy(scmd->cmnd, generic_sense, sizeof(generic_sense));
617
-
618
-
scsi_result = kmalloc(252, GFP_ATOMIC | ((scmd->device->host->hostt->unchecked_isa_dma) ? __GFP_DMA : 0));
619
-
620
-
621
-
if (unlikely(!scsi_result)) {
622
-
printk(KERN_ERR "%s: cannot allocate scsi_result.\n",
623
-
__FUNCTION__);
624
-
return FAILED;
625
-
}
626
-
627
-
/*
628
-
* zero the sense buffer. some host adapters automatically always
629
-
* request sense, so it is not a good idea that
630
-
* scmd->request_buffer and scmd->sense_buffer point to the same
631
-
* address (db). 0 is not a valid sense code.
632
-
*/
633
-
memset(scmd->sense_buffer, 0, sizeof(scmd->sense_buffer));
634
-
memset(scsi_result, 0, 252);
635
-
636
-
saved_result = scmd->result;
637
-
scmd->request_buffer = scsi_result;
638
-
scmd->request_bufflen = 252;
639
-
scmd->use_sg = 0;
640
-
scmd->cmd_len = COMMAND_SIZE(scmd->cmnd[0]);
641
-
scmd->sc_data_direction = DMA_FROM_DEVICE;
642
-
scmd->underflow = 0;
643
-
644
-
rtn = scsi_send_eh_cmnd(scmd, SENSE_TIMEOUT);
645
-
646
-
/* last chance to have valid sense data */
647
-
if(!SCSI_SENSE_VALID(scmd)) {
648
-
memcpy(scmd->sense_buffer, scmd->request_buffer,
649
-
sizeof(scmd->sense_buffer));
650
-
}
651
-
652
-
kfree(scsi_result);
653
-
654
-
/*
655
-
* when we eventually call scsi_finish, we really wish to complete
656
-
* the original request, so let's restore the original data. (db)
657
-
*/
658
-
scsi_setup_cmd_retry(scmd);
659
-
scmd->result = saved_result;
660
-
return rtn;
543
+
return scsi_send_eh_cmnd(scmd, SENSE_TIMEOUT, 1);
661
544
}
662
545
663
546
/**
···
630
605
{
631
606
scmd->device->host->host_failed--;
632
607
scmd->eh_eflags = 0;
633
-
634
-
/*
635
-
* set this back so that the upper level can correctly free up
636
-
* things.
637
-
*/
638
-
scsi_setup_cmd_retry(scmd);
639
608
list_move_tail(&scmd->eh_entry, done_q);
640
609
}
641
610
EXPORT_SYMBOL(scsi_eh_finish_cmd);
···
734
715
{
735
716
static unsigned char tur_command[6] = {TEST_UNIT_READY, 0, 0, 0, 0, 0};
736
717
int retry_cnt = 1, rtn;
737
-
int saved_result;
738
718
739
719
retry_tur:
740
720
memcpy(scmd->cmnd, tur_command, sizeof(tur_command));
741
721
742
-
/*
743
-
* zero the sense buffer. the scsi spec mandates that any
744
-
* untransferred sense data should be interpreted as being zero.
745
-
*/
746
-
memset(scmd->sense_buffer, 0, sizeof(scmd->sense_buffer));
747
722
748
-
saved_result = scmd->result;
749
-
scmd->request_buffer = NULL;
750
-
scmd->request_bufflen = 0;
751
-
scmd->use_sg = 0;
752
-
scmd->cmd_len = COMMAND_SIZE(scmd->cmnd[0]);
753
-
scmd->underflow = 0;
754
-
scmd->sc_data_direction = DMA_NONE;
723
+
rtn = scsi_send_eh_cmnd(scmd, SENSE_TIMEOUT, 0);
755
724
756
-
rtn = scsi_send_eh_cmnd(scmd, SENSE_TIMEOUT);
757
-
758
-
/*
759
-
* when we eventually call scsi_finish, we really wish to complete
760
-
* the original request, so let's restore the original data. (db)
761
-
*/
762
-
scsi_setup_cmd_retry(scmd);
763
-
scmd->result = saved_result;
764
-
765
-
/*
766
-
* hey, we are done. let's look to see what happened.
767
-
*/
768
725
SCSI_LOG_ERROR_RECOVERY(3, printk("%s: scmd %p rtn %x\n",
769
726
__FUNCTION__, scmd, rtn));
770
-
if (rtn == SUCCESS)
771
-
return 0;
772
-
else if (rtn == NEEDS_RETRY) {
727
+
728
+
switch (rtn) {
729
+
case NEEDS_RETRY:
773
730
if (retry_cnt--)
774
731
goto retry_tur;
732
+
/*FALLTHRU*/
733
+
case SUCCESS:
775
734
return 0;
735
+
default:
736
+
return 1;
776
737
}
777
-
return 1;
778
738
}
779
739
780
740
/**
···
835
837
static int scsi_eh_try_stu(struct scsi_cmnd *scmd)
836
838
{
837
839
static unsigned char stu_command[6] = {START_STOP, 0, 0, 0, 1, 0};
838
-
int rtn;
839
-
int saved_result;
840
840
841
-
if (!scmd->device->allow_restart)
842
-
return 1;
841
+
if (scmd->device->allow_restart) {
842
+
int rtn;
843
843
844
-
memcpy(scmd->cmnd, stu_command, sizeof(stu_command));
844
+
memcpy(scmd->cmnd, stu_command, sizeof(stu_command));
845
+
rtn = scsi_send_eh_cmnd(scmd, START_UNIT_TIMEOUT, 0);
846
+
if (rtn == SUCCESS)
847
+
return 0;
848
+
}
845
849
846
-
/*
847
-
* zero the sense buffer. the scsi spec mandates that any
848
-
* untransferred sense data should be interpreted as being zero.
849
-
*/
850
-
memset(scmd->sense_buffer, 0, sizeof(scmd->sense_buffer));
851
-
852
-
saved_result = scmd->result;
853
-
scmd->request_buffer = NULL;
854
-
scmd->request_bufflen = 0;
855
-
scmd->use_sg = 0;
856
-
scmd->cmd_len = COMMAND_SIZE(scmd->cmnd[0]);
857
-
scmd->underflow = 0;
858
-
scmd->sc_data_direction = DMA_NONE;
859
-
860
-
rtn = scsi_send_eh_cmnd(scmd, START_UNIT_TIMEOUT);
861
-
862
-
/*
863
-
* when we eventually call scsi_finish, we really wish to complete
864
-
* the original request, so let's restore the original data. (db)
865
-
*/
866
-
scsi_setup_cmd_retry(scmd);
867
-
scmd->result = saved_result;
868
-
869
-
/*
870
-
* hey, we are done. let's look to see what happened.
871
-
*/
872
-
SCSI_LOG_ERROR_RECOVERY(3, printk("%s: scmd %p rtn %x\n",
873
-
__FUNCTION__, scmd, rtn));
874
-
if (rtn == SUCCESS)
875
-
return 0;
876
850
return 1;
877
851
}
878
852
···
1654
1684
1655
1685
scmd->scsi_done = scsi_reset_provider_done_command;
1656
1686
scmd->done = NULL;
1657
-
scmd->buffer = NULL;
1658
-
scmd->bufflen = 0;
1659
1687
scmd->request_buffer = NULL;
1660
1688
scmd->request_bufflen = 0;
1661
1689
+6
-82
drivers/scsi/scsi_lib.c
+6
-82
drivers/scsi/scsi_lib.c
···
436
436
*
437
437
* Arguments: cmd - command that is ready to be queued.
438
438
*
439
-
* Returns: Nothing
440
-
*
441
439
* Notes: This function has the job of initializing a number of
442
440
* fields related to error handling. Typically this will
443
441
* be called once for each command, as required.
444
442
*/
445
-
static int scsi_init_cmd_errh(struct scsi_cmnd *cmd)
443
+
static void scsi_init_cmd_errh(struct scsi_cmnd *cmd)
446
444
{
447
445
cmd->serial_number = 0;
448
-
449
446
memset(cmd->sense_buffer, 0, sizeof cmd->sense_buffer);
450
-
451
447
if (cmd->cmd_len == 0)
452
448
cmd->cmd_len = COMMAND_SIZE(cmd->cmnd[0]);
453
-
454
-
/*
455
-
* We need saved copies of a number of fields - this is because
456
-
* error handling may need to overwrite these with different values
457
-
* to run different commands, and once error handling is complete,
458
-
* we will need to restore these values prior to running the actual
459
-
* command.
460
-
*/
461
-
cmd->old_use_sg = cmd->use_sg;
462
-
cmd->old_cmd_len = cmd->cmd_len;
463
-
cmd->sc_old_data_direction = cmd->sc_data_direction;
464
-
cmd->old_underflow = cmd->underflow;
465
-
memcpy(cmd->data_cmnd, cmd->cmnd, sizeof(cmd->cmnd));
466
-
cmd->buffer = cmd->request_buffer;
467
-
cmd->bufflen = cmd->request_bufflen;
468
-
469
-
return 1;
470
-
}
471
-
472
-
/*
473
-
* Function: scsi_setup_cmd_retry()
474
-
*
475
-
* Purpose: Restore the command state for a retry
476
-
*
477
-
* Arguments: cmd - command to be restored
478
-
*
479
-
* Returns: Nothing
480
-
*
481
-
* Notes: Immediately prior to retrying a command, we need
482
-
* to restore certain fields that we saved above.
483
-
*/
484
-
void scsi_setup_cmd_retry(struct scsi_cmnd *cmd)
485
-
{
486
-
memcpy(cmd->cmnd, cmd->data_cmnd, sizeof(cmd->data_cmnd));
487
-
cmd->request_buffer = cmd->buffer;
488
-
cmd->request_bufflen = cmd->bufflen;
489
-
cmd->use_sg = cmd->old_use_sg;
490
-
cmd->cmd_len = cmd->old_cmd_len;
491
-
cmd->sc_data_direction = cmd->sc_old_data_direction;
492
-
cmd->underflow = cmd->old_underflow;
493
449
}
494
450
495
451
void scsi_device_unbusy(struct scsi_device *sdev)
···
763
807
*/
764
808
static void scsi_release_buffers(struct scsi_cmnd *cmd)
765
809
{
766
-
struct request *req = cmd->request;
767
-
768
-
/*
769
-
* Free up any indirection buffers we allocated for DMA purposes.
770
-
*/
771
810
if (cmd->use_sg)
772
811
scsi_free_sgtable(cmd->request_buffer, cmd->sglist_len);
773
-
else if (cmd->request_buffer != req->buffer)
774
-
kfree(cmd->request_buffer);
775
812
776
813
/*
777
814
* Zero these out. They now point to freed memory, and it is
778
815
* dangerous to hang onto the pointers.
779
816
*/
780
-
cmd->buffer = NULL;
781
-
cmd->bufflen = 0;
782
817
cmd->request_buffer = NULL;
783
818
cmd->request_bufflen = 0;
784
819
}
···
805
858
void scsi_io_completion(struct scsi_cmnd *cmd, unsigned int good_bytes)
806
859
{
807
860
int result = cmd->result;
808
-
int this_count = cmd->bufflen;
861
+
int this_count = cmd->request_bufflen;
809
862
request_queue_t *q = cmd->device->request_queue;
810
863
struct request *req = cmd->request;
811
864
int clear_errors = 1;
···
813
866
int sense_valid = 0;
814
867
int sense_deferred = 0;
815
868
816
-
/*
817
-
* Free up any indirection buffers we allocated for DMA purposes.
818
-
* For the case of a READ, we need to copy the data out of the
819
-
* bounce buffer and into the real buffer.
820
-
*/
821
-
if (cmd->use_sg)
822
-
scsi_free_sgtable(cmd->buffer, cmd->sglist_len);
823
-
else if (cmd->buffer != req->buffer) {
824
-
if (rq_data_dir(req) == READ) {
825
-
unsigned long flags;
826
-
char *to = bio_kmap_irq(req->bio, &flags);
827
-
memcpy(to, cmd->buffer, cmd->bufflen);
828
-
bio_kunmap_irq(to, &flags);
829
-
}
830
-
kfree(cmd->buffer);
831
-
}
869
+
scsi_release_buffers(cmd);
832
870
833
871
if (result) {
834
872
sense_valid = scsi_command_normalize_sense(cmd, &sshdr);
835
873
if (sense_valid)
836
874
sense_deferred = scsi_sense_is_deferred(&sshdr);
837
875
}
876
+
838
877
if (blk_pc_request(req)) { /* SG_IO ioctl from block level */
839
878
req->errors = result;
840
879
if (result) {
···
839
906
} else
840
907
req->data_len = cmd->resid;
841
908
}
842
-
843
-
/*
844
-
* Zero these out. They now point to freed memory, and it is
845
-
* dangerous to hang onto the pointers.
846
-
*/
847
-
cmd->buffer = NULL;
848
-
cmd->bufflen = 0;
849
-
cmd->request_buffer = NULL;
850
-
cmd->request_bufflen = 0;
851
909
852
910
/*
853
911
* Next deal with any sectors which we were able to correctly
···
936
1012
if (!(req->flags & REQ_QUIET)) {
937
1013
scmd_printk(KERN_INFO, cmd,
938
1014
"Volume overflow, CDB: ");
939
-
__scsi_print_command(cmd->data_cmnd);
1015
+
__scsi_print_command(cmd->cmnd);
940
1016
scsi_print_sense("", cmd);
941
1017
}
942
1018
/* See SSC3rXX or current. */
···
1067
1143
* successfully. Since this is a REQ_BLOCK_PC command the
1068
1144
* caller should check the request's errors value
1069
1145
*/
1070
-
scsi_io_completion(cmd, cmd->bufflen);
1146
+
scsi_io_completion(cmd, cmd->request_bufflen);
1071
1147
}
1072
1148
1073
1149
static void scsi_setup_blk_pc_cmnd(struct scsi_cmnd *cmd)
-1
drivers/scsi/scsi_priv.h
-1
drivers/scsi/scsi_priv.h
···
57
57
58
58
/* scsi_lib.c */
59
59
extern int scsi_maybe_unblock_host(struct scsi_device *sdev);
60
-
extern void scsi_setup_cmd_retry(struct scsi_cmnd *cmd);
61
60
extern void scsi_device_unbusy(struct scsi_device *sdev);
62
61
extern int scsi_queue_insert(struct scsi_cmnd *cmd, int reason);
63
62
extern void scsi_next_command(struct scsi_cmnd *cmd);
+1
-2
drivers/scsi/sd.c
+1
-2
drivers/scsi/sd.c
···
502
502
SCpnt->cmnd[4] = (unsigned char) this_count;
503
503
SCpnt->cmnd[5] = 0;
504
504
}
505
-
SCpnt->request_bufflen = SCpnt->bufflen =
506
-
this_count * sdp->sector_size;
505
+
SCpnt->request_bufflen = this_count * sdp->sector_size;
507
506
508
507
/*
509
508
* We shouldn't disconnect in the middle of a sector, so with a dumb
+2
-3
drivers/scsi/sr.c
+2
-3
drivers/scsi/sr.c
···
360
360
"mismatch count %d, bytes %d\n",
361
361
size, SCpnt->request_bufflen);
362
362
if (SCpnt->request_bufflen > size)
363
-
SCpnt->request_bufflen = SCpnt->bufflen = size;
363
+
SCpnt->request_bufflen = size;
364
364
}
365
365
}
366
366
···
387
387
388
388
if (this_count > 0xffff) {
389
389
this_count = 0xffff;
390
-
SCpnt->request_bufflen = SCpnt->bufflen =
391
-
this_count * s_size;
390
+
SCpnt->request_bufflen = this_count * s_size;
392
391
}
393
392
394
393
SCpnt->cmnd[2] = (unsigned char) (block >> 24) & 0xff;
-9
include/scsi/scsi_cmnd.h
-9
include/scsi/scsi_cmnd.h
···
58
58
int timeout_per_command;
59
59
60
60
unsigned char cmd_len;
61
-
unsigned char old_cmd_len;
62
61
enum dma_data_direction sc_data_direction;
63
-
enum dma_data_direction sc_old_data_direction;
64
62
65
63
/* These elements define the operation we are about to perform */
66
64
#define MAX_COMMAND_SIZE 16
···
69
71
void *request_buffer; /* Actual requested buffer */
70
72
71
73
/* These elements define the operation we ultimately want to perform */
72
-
unsigned char data_cmnd[MAX_COMMAND_SIZE];
73
-
unsigned short old_use_sg; /* We save use_sg here when requesting
74
-
* sense info */
75
74
unsigned short use_sg; /* Number of pieces of scatter-gather */
76
75
unsigned short sglist_len; /* size of malloc'd scatter-gather list */
77
-
unsigned bufflen; /* Size of data buffer */
78
-
void *buffer; /* Data buffer */
79
76
80
77
unsigned underflow; /* Return error if less than
81
78
this amount is transferred */
82
-
unsigned old_underflow; /* save underflow here when reusing the
83
-
* command for error handling */
84
79
85
80
unsigned transfersize; /* How much we are guaranteed to
86
81
transfer with each SCSI transfer