s390x/pci: add length checking for pci sclp handlers

The configure/deconfigure sclp commands need a SCCB with a length of
at least 16. Indicate in the response code if this is not fulfilled.

Signed-off-by: Yi Min Zhao <zyimin@linux.vnet.ibm.com>
Reviewed-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
This commit is contained in:
Yi Min Zhao 2016-05-04 15:56:53 +08:00 committed by Cornelia Huck
parent a6d9d4f26a
commit 3b40ea2957

View File

@ -113,6 +113,11 @@ void s390_pci_sclp_configure(SCCB *sccb)
S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid)); S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid));
uint16_t rc; uint16_t rc;
if (be16_to_cpu(sccb->h.length) < 16) {
rc = SCLP_RC_INSUFFICIENT_SCCB_LENGTH;
goto out;
}
if (pbdev) { if (pbdev) {
if (pbdev->configured) { if (pbdev->configured) {
rc = SCLP_RC_NO_ACTION_REQUIRED; rc = SCLP_RC_NO_ACTION_REQUIRED;
@ -124,7 +129,7 @@ void s390_pci_sclp_configure(SCCB *sccb)
DPRINTF("sclp config no dev found\n"); DPRINTF("sclp config no dev found\n");
rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED; rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
} }
out:
psccb->header.response_code = cpu_to_be16(rc); psccb->header.response_code = cpu_to_be16(rc);
} }
@ -134,6 +139,11 @@ void s390_pci_sclp_deconfigure(SCCB *sccb)
S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid)); S390PCIBusDevice *pbdev = s390_pci_find_dev_by_fid(be32_to_cpu(psccb->aid));
uint16_t rc; uint16_t rc;
if (be16_to_cpu(sccb->h.length) < 16) {
rc = SCLP_RC_INSUFFICIENT_SCCB_LENGTH;
goto out;
}
if (pbdev) { if (pbdev) {
if (!pbdev->configured) { if (!pbdev->configured) {
rc = SCLP_RC_NO_ACTION_REQUIRED; rc = SCLP_RC_NO_ACTION_REQUIRED;
@ -151,7 +161,7 @@ void s390_pci_sclp_deconfigure(SCCB *sccb)
DPRINTF("sclp deconfig no dev found\n"); DPRINTF("sclp deconfig no dev found\n");
rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED; rc = SCLP_RC_ADAPTER_ID_NOT_RECOGNIZED;
} }
out:
psccb->header.response_code = cpu_to_be16(rc); psccb->header.response_code = cpu_to_be16(rc);
} }