On 3/13/20 3:30 PM, Christian Borntraeger wrote: > > > On 13.03.20 10:52, Janosch Frank wrote: >> Signed-off-by: Janosch Frank <fran...@linux.ibm.com> > > looks sane. You will merge this?
Yes, just did.
>
>> ---
>> hw/s390x/ipl.h | 11 +++++++----
>> target/s390x/diag.c | 2 +-
>> 2 files changed, 8 insertions(+), 5 deletions(-)
>>
>> diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h
>> index 95e3183c9cccf8b6..f799f7cfcf4763b1 100644
>> --- a/hw/s390x/ipl.h
>> +++ b/hw/s390x/ipl.h
>> @@ -261,15 +261,18 @@ static inline bool
>> ipl_valid_pv_header(IplParameterBlock *iplb)
>> return true;
>> }
>>
>> -static inline bool iplb_valid(IplParameterBlock *iplb)
>> +static inline bool iplb_valid(IplParameterBlock *iplb, uint64_t subcode)
>> {
>> switch (iplb->pbt) {
>> case S390_IPL_TYPE_FCP:
>> - return be32_to_cpu(iplb->len) >= S390_IPLB_MIN_FCP_LEN;
>> + return (subcode == DIAG308_SET &&
>> + be32_to_cpu(iplb->len) >= S390_IPLB_MIN_FCP_LEN);
>> case S390_IPL_TYPE_CCW:
>> - return be32_to_cpu(iplb->len) >= S390_IPLB_MIN_CCW_LEN;
>> + return (subcode == DIAG308_SET &&
>> + be32_to_cpu(iplb->len) >= S390_IPLB_MIN_CCW_LEN);
>> case S390_IPL_TYPE_PV:
>> - if (be32_to_cpu(iplb->len) < S390_IPLB_MIN_PV_LEN) {
>> + if (subcode != DIAG308_PV_SET ||
>> + be32_to_cpu(iplb->len) < S390_IPLB_MIN_PV_LEN) {
>> return false;
>> }
>> if (!ipl_valid_pv_header(iplb)) {
>> diff --git a/target/s390x/diag.c b/target/s390x/diag.c
>> index b1ca81633b83bbdc..d4f33db5c23c818d 100644
>> --- a/target/s390x/diag.c
>> +++ b/target/s390x/diag.c
>> @@ -118,7 +118,7 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1,
>> uint64_t r3, uintptr_t ra)
>>
>> cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len));
>>
>> - if (!iplb_valid(iplb)) {
>> + if (!iplb_valid(iplb, subcode)) {
>> env->regs[r1 + 1] = DIAG_308_RC_INVALID;
>> goto out;
>> }
>>
>
>
signature.asc
Description: OpenPGP digital signature
