All fields in structures transmitted by ccws are big endian; assure
we handle them as such for the set-revision ccw as well.
Should be merged into "s390x/virtio-ccw: add virtio set-revision call".
CC: Thomas Huth <th...@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.h...@de.ibm.com>
---
hw/s390x/virtio-ccw.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 60f8a14..a64f116 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -687,7 +687,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
break;
case CCW_CMD_SET_VIRTIO_REV:
len = sizeof(revinfo);
- if (ccw.count < len || (check_len && ccw.count > len)) {
+ if (ccw.count < sizeof(revinfo)) {
ret = -EINVAL;
break;
}
@@ -695,7 +695,18 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
ret = -EFAULT;
break;
}
- cpu_physical_memory_read(ccw.cda, &revinfo, len);
+ revinfo.revision = lduw_be_phys(&address_space_memory, ccw.cda);
+ revinfo.length = lduw_be_phys(&address_space_memory,
+ ccw.cda + sizeof(revinfo.revision));
+ if (ccw.count < len + revinfo.length ||
+ (check_len && ccw.count > len + revinfo.length)) {
+ ret = -EINVAL;
+ break;
+ }
+ /*
+ * Once we start to support revisions with additional data, we'll
+ * need to fetch it here. Nothing to do for now, though.
+ */
if (dev->revision >= 0 ||
revinfo.revision > virtio_ccw_rev_max(dev)) {
ret = -ENOSYS;
--
2.1.4
