Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 27.09.19 11:20, Janosch Frank wrote: > On 9/27/19 11:17 AM, David Hildenbrand wrote: >> On 27.09.19 11:14, Janosch Frank wrote: >>> On 9/27/19 10:51 AM, David Hildenbrand wrote: On 26.09.19 13:33, Claudio Imbrenda wrote: > From: Janosch Frank > > * All sclp codes need to be checked for page boundary violations. > * Requests over 4k are not a spec exception. > * Invalid command checking has to be done before the boundary check. Can we split this patch up so we fix one thing at a time? >>> >>> Sure, but we would end up with very small patches. >>> Do you want that? >> >> Why should I say no to easy-to-review, logically consistent, small >> chunks? I have shortcuts for my RB's and ACK's, so I don't have to type >> much ;) >> > > Higher patch count for me, win - win :-) > Now that's the spirit :) -- Thanks, David / dhildenb
Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 9/27/19 11:17 AM, David Hildenbrand wrote: > On 27.09.19 11:14, Janosch Frank wrote: >> On 9/27/19 10:51 AM, David Hildenbrand wrote: >>> On 26.09.19 13:33, Claudio Imbrenda wrote: From: Janosch Frank * All sclp codes need to be checked for page boundary violations. * Requests over 4k are not a spec exception. * Invalid command checking has to be done before the boundary check. >>> >>> Can we split this patch up so we fix one thing at a time? >> >> Sure, but we would end up with very small patches. >> Do you want that? > > Why should I say no to easy-to-review, logically consistent, small > chunks? I have shortcuts for my RB's and ACK's, so I don't have to type > much ;) > Higher patch count for me, win - win :-) signature.asc Description: OpenPGP digital signature
Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 27.09.19 11:14, Janosch Frank wrote: > On 9/27/19 10:51 AM, David Hildenbrand wrote: >> On 26.09.19 13:33, Claudio Imbrenda wrote: >>> From: Janosch Frank >>> >>> * All sclp codes need to be checked for page boundary violations. >>> * Requests over 4k are not a spec exception. >>> * Invalid command checking has to be done before the boundary check. >> >> Can we split this patch up so we fix one thing at a time? > > Sure, but we would end up with very small patches. > Do you want that? Why should I say no to easy-to-review, logically consistent, small chunks? I have shortcuts for my RB's and ACK's, so I don't have to type much ;) -- Thanks, David / dhildenb
Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 9/27/19 10:51 AM, David Hildenbrand wrote: > On 26.09.19 13:33, Claudio Imbrenda wrote: >> From: Janosch Frank >> >> * All sclp codes need to be checked for page boundary violations. >> * Requests over 4k are not a spec exception. >> * Invalid command checking has to be done before the boundary check. > > Can we split this patch up so we fix one thing at a time? Sure, but we would end up with very small patches. Do you want that? > >> >> Signed-off-by: Janosch Frank >> Reviewed-by: Jason J. Herne >> --- >> hw/s390x/event-facility.c | 3 --- >> hw/s390x/sclp.c | 25 ++--- >> 2 files changed, 22 insertions(+), 6 deletions(-) >> >> diff --git a/hw/s390x/event-facility.c b/hw/s390x/event-facility.c >> index 797ecbb..6620569 100644 >> --- a/hw/s390x/event-facility.c >> +++ b/hw/s390x/event-facility.c >> @@ -377,9 +377,6 @@ static void command_handler(SCLPEventFacility *ef, SCCB >> *sccb, uint64_t code) >> case SCLP_CMD_WRITE_EVENT_MASK: >> write_event_mask(ef, sccb); >> break; >> -default: >> -sccb->h.response_code = cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); >> -break; >> } >> } >> >> diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c >> index fac7c3b..76feac8 100644 >> --- a/hw/s390x/sclp.c >> +++ b/hw/s390x/sclp.c >> @@ -213,14 +213,33 @@ int sclp_service_call(CPUS390XState *env, uint64_t >> sccb, uint32_t code) >> cpu_physical_memory_read(sccb, &work_sccb, sccb_len); >> >> /* Valid sccb sizes */ >> -if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader) || >> -be16_to_cpu(work_sccb.h.length) > SCCB_SIZE) { >> +if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader)) { >> r = -PGM_SPECIFICATION; >> goto out; >> } >> >> -sclp_c->execute(sclp, &work_sccb, code); >> +switch (code & SCLP_CMD_CODE_MASK) { >> +case SCLP_CMDW_READ_SCP_INFO: >> +case SCLP_CMDW_READ_SCP_INFO_FORCED: >> +case SCLP_CMDW_READ_CPU_INFO: >> +case SCLP_CMDW_CONFIGURE_IOA: >> +case SCLP_CMDW_DECONFIGURE_IOA: >> +case SCLP_CMD_READ_EVENT_DATA: >> +case SCLP_CMD_WRITE_EVENT_DATA: >> +case SCLP_CMD_WRITE_EVENT_MASK: >> +break; >> +default: >> +work_sccb.h.response_code = >> cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); >> +goto out_write; >> +} >> >> +if ((sccb + work_sccb.h.length) > ((sccb & PAGE_MASK) + PAGE_SIZE)) { >> +work_sccb.h.response_code = >> cpu_to_be16(SCLP_RC_SCCB_BOUNDARY_VIOLATION); >> +goto out_write; >> +} >> + >> +sclp_c->execute(sclp, &work_sccb, code); >> +out_write: >> cpu_physical_memory_write(sccb, &work_sccb, >>be16_to_cpu(work_sccb.h.length)); >> >> > > signature.asc Description: OpenPGP digital signature
Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 26.09.19 13:33, Claudio Imbrenda wrote: > From: Janosch Frank > > * All sclp codes need to be checked for page boundary violations. > * Requests over 4k are not a spec exception. > * Invalid command checking has to be done before the boundary check. Can we split this patch up so we fix one thing at a time? > > Signed-off-by: Janosch Frank > Reviewed-by: Jason J. Herne > --- > hw/s390x/event-facility.c | 3 --- > hw/s390x/sclp.c | 25 ++--- > 2 files changed, 22 insertions(+), 6 deletions(-) > > diff --git a/hw/s390x/event-facility.c b/hw/s390x/event-facility.c > index 797ecbb..6620569 100644 > --- a/hw/s390x/event-facility.c > +++ b/hw/s390x/event-facility.c > @@ -377,9 +377,6 @@ static void command_handler(SCLPEventFacility *ef, SCCB > *sccb, uint64_t code) > case SCLP_CMD_WRITE_EVENT_MASK: > write_event_mask(ef, sccb); > break; > -default: > -sccb->h.response_code = cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); > -break; > } > } > > diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c > index fac7c3b..76feac8 100644 > --- a/hw/s390x/sclp.c > +++ b/hw/s390x/sclp.c > @@ -213,14 +213,33 @@ int sclp_service_call(CPUS390XState *env, uint64_t > sccb, uint32_t code) > cpu_physical_memory_read(sccb, &work_sccb, sccb_len); > > /* Valid sccb sizes */ > -if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader) || > -be16_to_cpu(work_sccb.h.length) > SCCB_SIZE) { > +if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader)) { > r = -PGM_SPECIFICATION; > goto out; > } > > -sclp_c->execute(sclp, &work_sccb, code); > +switch (code & SCLP_CMD_CODE_MASK) { > +case SCLP_CMDW_READ_SCP_INFO: > +case SCLP_CMDW_READ_SCP_INFO_FORCED: > +case SCLP_CMDW_READ_CPU_INFO: > +case SCLP_CMDW_CONFIGURE_IOA: > +case SCLP_CMDW_DECONFIGURE_IOA: > +case SCLP_CMD_READ_EVENT_DATA: > +case SCLP_CMD_WRITE_EVENT_DATA: > +case SCLP_CMD_WRITE_EVENT_MASK: > +break; > +default: > +work_sccb.h.response_code = > cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); > +goto out_write; > +} > > +if ((sccb + work_sccb.h.length) > ((sccb & PAGE_MASK) + PAGE_SIZE)) { > +work_sccb.h.response_code = > cpu_to_be16(SCLP_RC_SCCB_BOUNDARY_VIOLATION); > +goto out_write; > +} > + > +sclp_c->execute(sclp, &work_sccb, code); > +out_write: > cpu_physical_memory_write(sccb, &work_sccb, >be16_to_cpu(work_sccb.h.length)); > > -- Thanks, David / dhildenb
Re: [PATCH v1 1/2] s390x: Add sclp boundary check and fix error priority
On 26/09/2019 13.33, Claudio Imbrenda wrote: > From: Janosch Frank > > * All sclp codes need to be checked for page boundary violations. > * Requests over 4k are not a spec exception. > * Invalid command checking has to be done before the boundary check. > > Signed-off-by: Janosch Frank > Reviewed-by: Jason J. Herne > --- > hw/s390x/event-facility.c | 3 --- > hw/s390x/sclp.c | 25 ++--- > 2 files changed, 22 insertions(+), 6 deletions(-) > > diff --git a/hw/s390x/event-facility.c b/hw/s390x/event-facility.c > index 797ecbb..6620569 100644 > --- a/hw/s390x/event-facility.c > +++ b/hw/s390x/event-facility.c > @@ -377,9 +377,6 @@ static void command_handler(SCLPEventFacility *ef, SCCB > *sccb, uint64_t code) > case SCLP_CMD_WRITE_EVENT_MASK: > write_event_mask(ef, sccb); > break; > -default: > -sccb->h.response_code = cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); > -break; > } > } > > diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c > index fac7c3b..76feac8 100644 > --- a/hw/s390x/sclp.c > +++ b/hw/s390x/sclp.c > @@ -213,14 +213,33 @@ int sclp_service_call(CPUS390XState *env, uint64_t > sccb, uint32_t code) > cpu_physical_memory_read(sccb, &work_sccb, sccb_len); > > /* Valid sccb sizes */ > -if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader) || > -be16_to_cpu(work_sccb.h.length) > SCCB_SIZE) { > +if (be16_to_cpu(work_sccb.h.length) < sizeof(SCCBHeader)) { > r = -PGM_SPECIFICATION; > goto out; > } > > -sclp_c->execute(sclp, &work_sccb, code); > +switch (code & SCLP_CMD_CODE_MASK) { > +case SCLP_CMDW_READ_SCP_INFO: > +case SCLP_CMDW_READ_SCP_INFO_FORCED: > +case SCLP_CMDW_READ_CPU_INFO: > +case SCLP_CMDW_CONFIGURE_IOA: > +case SCLP_CMDW_DECONFIGURE_IOA: > +case SCLP_CMD_READ_EVENT_DATA: > +case SCLP_CMD_WRITE_EVENT_DATA: > +case SCLP_CMD_WRITE_EVENT_MASK: > +break; > +default: > +work_sccb.h.response_code = > cpu_to_be16(SCLP_RC_INVALID_SCLP_COMMAND); > +goto out_write; > +} > > +if ((sccb + work_sccb.h.length) > ((sccb & PAGE_MASK) + PAGE_SIZE)) { I think you likely miss a be16_to_cpu() around work_sccb.h.length here? > +work_sccb.h.response_code = > cpu_to_be16(SCLP_RC_SCCB_BOUNDARY_VIOLATION); > +goto out_write; > +} > + > +sclp_c->execute(sclp, &work_sccb, code); > +out_write: > cpu_physical_memory_write(sccb, &work_sccb, >be16_to_cpu(work_sccb.h.length)); At least here it is swapped ^ Thomas