esp.c: fix premature end of phase logic esp_command_complete

There are two cases here: the first is when the TI command underflows, in which
case we raise INTR_BS to indicate an early change of phase, and the second is
when the TI command overflows because the host requested a transfer for more
data than is available. In the latter case force TC to zero so that the TI
completion logic executes correctly.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Tested-by: Helge Deller <deller@gmx.de>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20240112125420.514425-30-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
This commit is contained in:
Mark Cave-Ayland 2024-01-12 12:53:21 +00:00
parent e4e166c8ef
commit cb9881999d

View File

@ -887,7 +887,6 @@ void esp_command_complete(SCSIRequest *req, size_t resid)
if (s->ti_size != 0) {
trace_esp_command_complete_unexpected();
}
s->ti_size = 0;
}
s->async_len = 0;
@ -897,13 +896,26 @@ void esp_command_complete(SCSIRequest *req, size_t resid)
s->status = req->status;
/*
* If the transfer is finished, switch to status phase. For non-DMA
* transfers from the target the last byte is still in the FIFO
* Switch to status phase. For non-DMA transfers from the target the last
* byte is still in the FIFO
*/
if (s->ti_size == 0) {
esp_set_phase(s, STAT_ST);
if (s->ti_size == 0) {
/*
* Transfer complete: force TC to zero just in case a TI command was
* requested for more data than the command returns (Solaris 8 does
* this)
*/
esp_set_tc(s, 0);
esp_dma_done(s);
esp_lower_drq(s);
} else {
/*
* Transfer truncated: raise INTR_BS to indicate early change of
* phase
*/
s->rregs[ESP_RINTR] |= INTR_BS;
esp_raise_irq(s);
s->ti_size = 0;
}
if (s->current_req) {