On 07/27/2017 10:01 AM, Cornelia Huck wrote:
> On Wed, 26 Jul 2017 00:44:42 +0200
> Halil Pasic <pa...@linux.vnet.ibm.com> wrote:
>
>> According to the PoP bit positions 0-3 and 8-32 of the format-1 CCW must
>> contain zeros. Bits 0-3 are already covered by cmd_code validity
>> checking, and bit 32 is covered by the CCW address checking.
>>
>> Bits 8-31 correspond to CCW1.flags and CCW1.count. Currently we only
>> check for the absence of certain flags. Let's fix this.
>>
>> Signed-off-by: Halil Pasic <pa...@linux.vnet.ibm.com>
>> ---
>> hw/s390x/css.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/s390x/css.c b/hw/s390x/css.c
>> index d17e21b7af..1f04ce4a1b 100644
>> --- a/hw/s390x/css.c
>> +++ b/hw/s390x/css.c
>> @@ -884,7 +884,8 @@ static int css_interpret_ccw(SubchDev *sch, hwaddr
>> ccw_addr,
>> ret = -EINVAL;
>> break;
>> }
>> - if (ccw.flags & (CCW_FLAG_CC | CCW_FLAG_DC)) {
>> + if (ccw.flags || ccw.count) {
>> + /* We have already sanitized these if fmt 0. */
>
> I'd tweak that to
>
> /* We have already sanitized these if converted from fmt 0. */
>
Fine with me.
> Seems less confusing.
>
>> ret = -EINVAL;
>> break;
>> }
>
> I'm inclined to pick this as a 2.10 bugfix. Patch 1 still needs work
> from what I've seen.
>
Hm. The commit message becomes inaccurate if this goes in before
patch 1. We still have must be zero bits which should be handled
by the address (ccw.cda) checking. I think I can fix patch 1 today.
