From: James Smart <jsmart2021@gmail.com>
Date: Wed, 15 Nov 2017 17:00:21 -0800
Subject: nvmet_fc: fix better length checking
Patch-mainline: v4.15-rc1
Git-commit: cce75291ffd82eb5bac56b051f46f89e8c0d2918
References: FATE#323952, FATE#322506

Reorganize nvmet_fc_handle_fcp_rqst() so that the nvmet req.transfer_len
field is set after the call nvmet_req_init(). An update to nvmet now
has nvmet_req_init() clearing the field, thus the fc transport was losing
the value.

Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Acked-by: Johannes Thumshirn <jthumshirn@suse.de>
---
 drivers/nvme/target/fc.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

--- a/drivers/nvme/target/fc.c
+++ b/drivers/nvme/target/fc.c
@@ -2147,6 +2147,7 @@ nvmet_fc_handle_fcp_rqst(struct nvmet_fc
 			struct nvmet_fc_fcp_iod *fod)
 {
 	struct nvme_fc_cmd_iu *cmdiu = &fod->cmdiubuf;
+	u32 xfrlen = be32_to_cpu(cmdiu->data_len);
 	int ret;
 
 	/*
@@ -2160,7 +2161,6 @@ nvmet_fc_handle_fcp_rqst(struct nvmet_fc
 
 	fod->fcpreq->done = nvmet_fc_xmt_fcp_op_done;
 
-	fod->req.transfer_len = be32_to_cpu(cmdiu->data_len);
 	if (cmdiu->flags & FCNVME_CMD_FLAGS_WRITE) {
 		fod->io_dir = NVMET_FCP_WRITE;
 		if (!nvme_is_write(&cmdiu->sqe))
@@ -2171,7 +2171,7 @@ nvmet_fc_handle_fcp_rqst(struct nvmet_fc
 			goto transport_error;
 	} else {
 		fod->io_dir = NVMET_FCP_NODATA;
-		if (fod->req.transfer_len)
+		if (xfrlen)
 			goto transport_error;
 	}
 
@@ -2195,6 +2195,8 @@ nvmet_fc_handle_fcp_rqst(struct nvmet_fc
 		return;
 	}
 
+	fod->req.transfer_len = xfrlen;
+
 	/* keep a running counter of tail position */
 	atomic_inc(&fod->queue->sqtail);