[mjmartin] 51752: [USBSTOR] - USBSTOR_SendRequest: The buffer for read/write may not be NonPagedPool, which is documented as a requirement for using MmBuildMdlForNonPagedPool. Also locking the buff... - Ros-diffs

15 May 2011

Author: mjmartin
Date: Sun May 15 08:23:32 2011
New Revision: 51752
URL: http://svn.reactos.org/svn/reactos?rev=51752&view=rev
Log:
[USBSTOR]
- USBSTOR_SendRequest: The buffer for read/write may not be NonPagedPool, which is documented as a requirement for using MmBuildMdlForNonPagedPool. Also locking the buffers pages is also not an option as the routine is called at DISPATCH_LEVEL.
It so happens that Irp->MdlAddress is valid for read/write operations. Use it instead of procedure above.
- Add a sanity check to make sure the Mdl does describe the transfer buffer.
Fixes IRQL_NOT_LESS_OR_EQUAL bugcheck in windows. These changes also may fixed writing to device.
Modified:
    branches/usb-bringup/drivers/usb/usbstor/scsi.c
Modified: branches/usb-bringup/drivers/usb/usbstor/scsi.c
URL: http://svn.reactos.org/svn/reactos/branches/usb-bringup/drivers/usb/usbstor/...
==============================================================================

--- branches/usb-bringup/drivers/usb/usbstor/scsi.c [iso-8859-1] (original)
+++ branches/usb-bringup/drivers/usb/usbstor/scsi.c [iso-8859-1] Sun May 15 08:23:32 2011
@@ -442,6 +442,7 @@
     PFDO_DEVICE_EXTENSION FDODeviceExtension;
     PIRP Irp;
     PIO_STACK_LOCATION IoStack;
+	PULONG MdlVirtualAddress;
//
     // first allocate irp context
@@ -507,8 +508,18 @@
         //
         if (OriginalRequest)
         {
-            if (OriginalRequest->MdlAddress != NULL && Context->TransferData == NULL)
+            if ((OriginalRequest->MdlAddress != NULL) &&
+			(Context->TransferData == NULL || Command[0] == SCSIOP_READ || Command[0] == SCSIOP_WRITE))
             {
+				//
+				// Sanity check that the Mdl does describe the TransferData for read/write
+				//
+				if (CommandLength == UFI_READ_WRITE_CMD_LEN)
+				{
+					MdlVirtualAddress = MmGetMdlVirtualAddress(OriginalRequest->MdlAddress);
+					ASSERT(MdlVirtualAddress == Context->TransferData);
+				}
+
                 //
                 // I/O paging request
                 //
@@ -1052,7 +1063,7 @@
         //
         Status = USBSTOR_SendModeSenseCmd(DeviceObject, Irp);
     }
-    else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ /*||  pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE*/)
+    else if (pCDB->MODE_SENSE.OperationCode == SCSIOP_READ ||  pCDB->MODE_SENSE.OperationCode == SCSIOP_WRITE)
     {
         DPRINT1("SCSIOP_READ / SCSIOP_WRITE DataTransferLength %lu\n", Request->DataTransferLength);

    