[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 3/8] s390/sclp: rework sclp boundary and length checks
|
From: |
Thomas Huth |
|
Subject: |
Re: [PATCH v2 3/8] s390/sclp: rework sclp boundary and length checks |
|
Date: |
Thu, 11 Jun 2020 14:56:10 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 |
On 16/05/2020 00.20, Collin Walling wrote:
> Rework the SCLP boundary check to account for different SCLP commands
> (eventually) allowing different boundary sizes.
>
> Move the length check code into a separate function, and introduce a
> new function to determine the length of the read SCP data (i.e. the size
> from the start of the struct to where the CPU entries should begin).
>
> Signed-off-by: Collin Walling <walling@linux.ibm.com>
> ---
> hw/s390x/sclp.c | 57 ++++++++++++++++++++++++++++++++++++++++++-------
> 1 file changed, 49 insertions(+), 8 deletions(-)
>
> diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
> index 2bd618515e..987699e3c4 100644
> --- a/hw/s390x/sclp.c
> +++ b/hw/s390x/sclp.c
> @@ -49,6 +49,34 @@ static inline bool sclp_command_code_valid(uint32_t code)
> return false;
> }
>
> +static bool sccb_has_valid_boundary(uint64_t sccb_addr, uint32_t code,
> + SCCBHeader *header)
> +{
> + uint64_t current_len = sccb_addr + be16_to_cpu(header->length);
> + uint64_t allowed_len = (sccb_addr & PAGE_MASK) + PAGE_SIZE;
> +
> + switch (code & SCLP_CMD_CODE_MASK) {
> + default:
> + if (current_len <= allowed_len) {
> + return true;
> + }
> + }
> + header->response_code = cpu_to_be16(SCLP_RC_SCCB_BOUNDARY_VIOLATION);
> + return false;
> +}
> +
> +/* Calculates sufficient SCCB length to store a full Read SCP/CPU response */
> +static bool sccb_has_sufficient_len(SCCB *sccb, int num_cpus, int data_len)
> +{
> + int required_len = data_len + num_cpus * sizeof(CPUEntry);
> +
> + if (be16_to_cpu(sccb->h.length) < required_len) {
> + sccb->h.response_code =
> cpu_to_be16(SCLP_RC_INSUFFICIENT_SCCB_LENGTH);
> + return false;
> + }
> + return true;
> +}
> +
> static void prepare_cpu_entries(MachineState *ms, CPUEntry *entry, int
> *count)
> {
> uint8_t features[SCCB_CPU_FEATURE_LEN] = { 0 };
> @@ -66,6 +94,16 @@ static void prepare_cpu_entries(MachineState *ms, CPUEntry
> *entry, int *count)
> }
> }
>
> +/*
> + * The data length denotes the start of the struct to where the first
> + * CPU entry is to be allocated. This value also denotes the offset_cpu
> + * field.
> + */
> +static int get_read_scp_info_data_len(void)
> +{
> + return offsetof(ReadInfo, entries);
> +}
> +
> /* Provide information about the configuration, CPUs and storage */
> static void read_SCP_info(SCLPDevice *sclp, SCCB *sccb)
> {
> @@ -74,16 +112,16 @@ static void read_SCP_info(SCLPDevice *sclp, SCCB *sccb)
> int cpu_count;
> int rnsize, rnmax;
> IplParameterBlock *ipib = s390_ipl_get_iplb();
> + int data_len = get_read_scp_info_data_len();
>
> - if (be16_to_cpu(sccb->h.length) < (sizeof(ReadInfo) + cpu_count *
> sizeof(CPUEntry))) {
> - sccb->h.response_code =
> cpu_to_be16(SCLP_RC_INSUFFICIENT_SCCB_LENGTH);
> + if (!sccb_has_sufficient_len(sccb, machine->possible_cpus->len,
> data_len)) {
> return;
> }
>
> /* CPU information */
> prepare_cpu_entries(machine, read_info->entries, &cpu_count);
> read_info->entries_cpu = cpu_to_be16(cpu_count);
> - read_info->offset_cpu = cpu_to_be16(offsetof(ReadInfo, entries));
> + read_info->offset_cpu = cpu_to_be16(data_len);
> read_info->highest_cpu = cpu_to_be16(machine->smp.max_cpus - 1);
>
> read_info->ibc_val = cpu_to_be32(s390_get_ibc_val());
> @@ -132,16 +170,16 @@ static void sclp_read_cpu_info(SCLPDevice *sclp, SCCB
> *sccb)
> {
> MachineState *machine = MACHINE(qdev_get_machine());
> ReadCpuInfo *cpu_info = (ReadCpuInfo *) sccb;
> + int data_len = offsetof(ReadCpuInfo, entries);
Is there a reason for not using get_read_scp_info_data_len() here?
Thomas
- Re: [PATCH v2 3/8] s390/sclp: rework sclp boundary and length checks,
Thomas Huth <=