diff mbox

[2/3] virtio-ccw: BE accesses in SET_VIRTIO_REV

Message ID 1430838011-19843-3-git-send-email-cornelia.huck@de.ibm.com
State New
Headers show

Commit Message

Cornelia Huck May 5, 2015, 3 p.m. UTC 
updates "s390x/virtio-ccw: add virtio set-revision call"

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
---
 hw/s390x/virtio-ccw.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)
diff mbox

Patch

diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 230b280..e778da9 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -723,7 +723,7 @@  static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
         break;
     case CCW_CMD_SET_VIRTIO_REV:
         len = sizeof(revinfo);
-        if (ccw.count < len || (check_len && ccw.count > len)) {
+        if (ccw.count < len) {
             ret = -EINVAL;
             break;
         }
@@ -731,7 +731,22 @@  static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
             ret = -EFAULT;
             break;
         }
-        cpu_physical_memory_read(ccw.cda, &revinfo, len);
+        revinfo.revision =
+            address_space_lduw_be(&address_space_memory, ccw.cda,
+                                  MEMTXATTRS_UNSPECIFIED, NULL);
+        revinfo.length =
+            address_space_lduw_be(&address_space_memory,
+                                  ccw.cda + sizeof(revinfo.revision),
+                                  MEMTXATTRS_UNSPECIFIED, NULL);
+        if (ccw.count < len + revinfo.length ||
+            (check_len && ccw.count > len + revinfo.length)) {
+            ret = -EINVAL;
+            break;
+        }
+        /*
+         * Once we start to support revisions with additional data, we'll
+         * need to fetch it here. Nothing to do for now, though.
+         */
         if (dev->revision >= 0 ||
             revinfo.revision > virtio_ccw_rev_max(dev, vdev)) {
             ret = -ENOSYS;