[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 for-2.7 19/20] s390x/pci: add length checking for
From: |
Cornelia Huck |
Subject: |
[Qemu-devel] [PATCH v2 for-2.7 19/20] s390x/pci: add length checking for pci sclp handlers |
Date: |
Wed, 11 May 2016 16:58:11 +0200 |
From: Yi Min Zhao <address@hidden>
The configure/deconfigure sclp commands need a SCCB with a length of
at least 16. Indicate in the response code if this is not fulfilled.
Signed-off-by: Yi Min Zhao <address@hidden>
Reviewed-by: Pierre Morel <address@hidden>
Signed-off-by: Cornelia Huck <address@hidden>
---
hw/s390x/s390-pci-bus.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index b2cd31c..a77c10c 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -113,6 +113,11 @@ void s390_pci_sclp_configure(SCCB *sccb)
S390PCIBusDevice *pbdev =
s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid));
uint16_t rc;
+ if (be16_to_cpu(sccb->h.length) < 16) {
+ rc = SCLP_RC_INSUFFICIENT_SCCB_LENGTH;
+ goto out;
+ }
+
if (pbdev) {
if (pbdev->configured) {
rc = SCLP_RC_NO_ACTION_REQUIRED;
@@ -124,7 +129,7 @@ void s390_pci_sclp_configure(SCCB *sccb)
DPRINTF("sclp config no dev found\n");
rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
}
-
+out:
psccb->header.response_code = cpu_to_be16(rc);
}
@@ -134,6 +139,11 @@ void s390_pci_sclp_deconfigure(SCCB *sccb)
S390PCIBusDevice *pbdev =
s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid));
uint16_t rc;
+ if (be16_to_cpu(sccb->h.length) < 16) {
+ rc = SCLP_RC_INSUFFICIENT_SCCB_LENGTH;
+ goto out;
+ }
+
if (pbdev) {
if (!pbdev->configured) {
rc = SCLP_RC_NO_ACTION_REQUIRED;
@@ -151,7 +161,7 @@ void s390_pci_sclp_deconfigure(SCCB *sccb)
DPRINTF("sclp deconfig no dev found\n");
rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
}
-
+out:
psccb->header.response_code = cpu_to_be16(rc);
}
--
2.6.6
- [Qemu-devel] [PATCH v2 for-2.7 15/20] s390x/pci: export pci_dereg_ioat and pci_dereg_irqs, (continued)
- [Qemu-devel] [PATCH v2 for-2.7 15/20] s390x/pci: export pci_dereg_ioat and pci_dereg_irqs, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 03/20] s390x/ipl: Extend the IplParameterBlock struct, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 06/20] s390x/ipl: Add ssid field to IplParameterBlock, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 11/20] hw/char: QOM'ify sclpconsole.c, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 20/20] s390x/pci: remove whitespace, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 17/20] s390x/pci: fix s390_pci_sclp_deconfigure, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 14/20] s390x/pci: separate s390_pcihost_iommu_configure function, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 10/20] hw/char: QOM'ify sclpconsole-lm.c, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 08/20] s390-ccw.img: rebuild image, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 09/20] s390x/ipl: Remove redundant usage of gr7, Cornelia Huck, 2016/05/11
- [Qemu-devel] [PATCH v2 for-2.7 19/20] s390x/pci: add length checking for pci sclp handlers,
Cornelia Huck <=
- Re: [Qemu-devel] [PATCH v2 for-2.7 00/20] First batch of s390x patches, Christian Borntraeger, 2016/05/12