From f1ec4fbe162e24cc4ae3cdf1100eb8912653f10c Mon Sep 17 00:00:00 2001 From: Michael Martin Date: Sun, 15 May 2011 08:23:32 +0000 Subject: [PATCH] [USBSTOR] - USBSTOR_SendRequest: The buffer for read/write may not be NonPagedPool, which is documented as a requirement for using MmBuildMdlForNonPagedPool. Also locking the buffers pages is also not an option as the routine is called at DISPATCH_LEVEL. It so happens that Irp->MdlAddress is valid for read/write operations. Use it instead of procedure above. - Add a sanity check to make sure the Mdl does describe the transfer buffer. Fixes IRQL_NOT_LESS_OR_EQUAL bugcheck in windows. These changes also may fixed writing to device. svn path=/branches/usb-bringup/; revision=51752 --- drivers/usb/usbstor/scsi.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/usb/usbstor/scsi.c b/drivers/usb/usbstor/scsi.c index 0e2b9262320..5611815c712 100644 --- a/drivers/usb/usbstor/scsi.c +++ b/drivers/usb/usbstor/scsi.c @@ -442,6 +442,7 @@ USBSTOR_SendRequest( PFDO_DEVICE_EXTENSION FDODeviceExtension; PIRP Irp; PIO_STACK_LOCATION IoStack; + PULONG MdlVirtualAddress; // // first allocate irp context @@ -507,8 +508,18 @@ USBSTOR_SendRequest( // if (OriginalRequest) { - if (OriginalRequest->MdlAddress != NULL && Context->TransferData == NULL) + if ((OriginalRequest->MdlAddress != NULL) && + (Context->TransferData == NULL || Command[0] == SCSIOP_READ || Command[0] == SCSIOP_WRITE)) { + // + // Sanity check that the Mdl does describe the TransferData for read/write + // + if (CommandLength == UFI_READ_WRITE_CMD_LEN) + { + MdlVirtualAddress = MmGetMdlVirtualAddress(OriginalRequest->MdlAddress); + ASSERT(MdlVirtualAddress == Context->TransferData); + } + // // I/O paging request // @@ -1052,7 +1063,7 @@ USBSTOR_HandleExecuteSCSI( // Status = USBSTOR_SendModeSenseCmd(DeviceObject, Irp); } - else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ /*|| pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE*/) + else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ || pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE) { DPRINT1("SCSIOP_READ / SCSIOP_WRITE DataTransferLength %lu\n", Request->DataTransferLength);