We keep the device's sense data in a byte array (following the architecture), but the ecws are an array of 32 bit values. If we just blindly copy the values, the sense data will change from de-facto BE data to de-facto cpu-endian data, which means we end up doing an incorrect conversion on LE hosts.
Let's just explicitly convert to cpu-endianness while assembling the irb. Reported-by: Andy Lutomirski <l...@kernel.org> Tested-by: Andy Lutomirski <l...@kernel.org> Signed-off-by: Cornelia Huck <cornelia.h...@de.ibm.com> Reviewed-by: Christian Borntraeger <borntrae...@de.ibm.com> --- hw/s390x/css.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/s390x/css.c b/hw/s390x/css.c index c033612..19851ce 100644 --- a/hw/s390x/css.c +++ b/hw/s390x/css.c @@ -892,8 +892,14 @@ int css_do_tsch_get_irb(SubchDev *sch, IRB *target_irb, int *irb_len) /* If a unit check is pending, copy sense data. */ if ((s->dstat & SCSW_DSTAT_UNIT_CHECK) && (p->chars & PMCW_CHARS_MASK_CSENSE)) { + int i; + irb.scsw.flags |= SCSW_FLAGS_MASK_ESWF | SCSW_FLAGS_MASK_ECTL; + /* Attention: sense_data is already BE! */ memcpy(irb.ecw, sch->sense_data, sizeof(sch->sense_data)); + for (i = 0; i < ARRAY_SIZE(irb.ecw); i++) { + irb.ecw[i] = be32_to_cpu(irb.ecw[i]); + } irb.esw[1] = 0x01000000 | (sizeof(sch->sense_data) << 8); } } -- 2.6.3