[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Patch/RFC 11/16] s390x/sclp: Add missing checks to SCLP ha
From: |
Christian Borntraeger |
Subject: |
[Qemu-devel] [Patch/RFC 11/16] s390x/sclp: Add missing checks to SCLP handler |
Date: |
Fri, 7 Feb 2014 18:16:20 +0100 |
From: Thomas Huth <address@hidden>
If the 51 most significant bits of the SCCB address are zero or equal to
the prefix, we should throw an specification exception, too.
Also moved the check for privileged mode to sclp_service_call() to have
all program checks in one place now.
Signed-off-by: Thomas Huth <address@hidden>
Reviewed-by: Cornelia Huck <address@hidden>
Signed-off-by: Christian Borntraeger <address@hidden>
---
hw/s390x/sclp.c | 9 +++++++--
target-s390x/cpu.h | 2 +-
target-s390x/kvm.c | 6 +-----
target-s390x/misc_helper.c | 2 +-
4 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c
index 6134d4f..9880977 100644
--- a/hw/s390x/sclp.c
+++ b/hw/s390x/sclp.c
@@ -107,7 +107,7 @@ static void sclp_execute(SCCB *sccb, uint32_t code)
}
}
-int sclp_service_call(uint64_t sccb, uint32_t code)
+int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code)
{
int r = 0;
SCCB work_sccb;
@@ -115,11 +115,16 @@ int sclp_service_call(uint64_t sccb, uint32_t code)
hwaddr sccb_len = sizeof(SCCB);
/* first some basic checks on program checks */
+ if (env->psw.mask & PSW_MASK_PSTATE) {
+ r = -PGM_PRIVILEGED;
+ goto out;
+ }
if (cpu_physical_memory_is_io(sccb)) {
r = -PGM_ADDRESSING;
goto out;
}
- if (sccb & ~0x7ffffff8ul) {
+ if ((sccb & ~0x1fffUL) == 0 || (sccb & ~0x1fffUL) == env->psa
+ || (sccb & ~0x7ffffff8UL) != 0) {
r = -PGM_SPECIFICATION;
goto out;
}
diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h
index 373c115..9673838 100644
--- a/target-s390x/cpu.h
+++ b/target-s390x/cpu.h
@@ -963,7 +963,7 @@ struct sysib_322 {
void load_psw(CPUS390XState *env, uint64_t mask, uint64_t addr);
int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
target_ulong *raddr, int *flags);
-int sclp_service_call(uint64_t sccb, uint32_t code);
+int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code);
uint32_t calc_cc(CPUS390XState *env, uint32_t cc_op, uint64_t src, uint64_t
dst,
uint64_t vr);
diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index 9d8cee8..ea3d652 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -445,14 +445,10 @@ static int kvm_sclp_service_call(S390CPU *cpu, struct
kvm_run *run,
int r = 0;
cpu_synchronize_state(CPU(cpu));
- if (env->psw.mask & PSW_MASK_PSTATE) {
- enter_pgmcheck(cpu, PGM_PRIVILEGED);
- return 0;
- }
sccb = env->regs[ipbh0 & 0xf];
code = env->regs[(ipbh0 & 0xf0) >> 4];
- r = sclp_service_call(sccb, code);
+ r = sclp_service_call(env, sccb, code);
if (r < 0) {
enter_pgmcheck(cpu, -r);
}
diff --git a/target-s390x/misc_helper.c b/target-s390x/misc_helper.c
index 10d0425..728456f 100644
--- a/target-s390x/misc_helper.c
+++ b/target-s390x/misc_helper.c
@@ -93,7 +93,7 @@ void program_interrupt(CPUS390XState *env, uint32_t code, int
ilen)
/* SCLP service call */
uint32_t HELPER(servc)(CPUS390XState *env, uint64_t r1, uint64_t r2)
{
- int r = sclp_service_call(r1, r2);
+ int r = sclp_service_call(env, r1, r2);
if (r < 0) {
program_interrupt(env, -r, 4);
return 0;
--
1.8.4.2
- [Qemu-devel] [Patch/RFC 00/16] s390x/kvm features and fixes, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 05/16] s390x/kvm: Rework SIGP INITIAL CPU RESET handler, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 09/16] s390x/eventfacility: mask out commands, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 02/16] s390x/kvm: implement floating-interrupt controller device, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 04/16] s390x/kvm: Fixed bad SIGP SET-ARCHITECTURE handler, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 03/16] s390x/async_pf: Check for apf extension and enable pfault, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 07/16] s390x/virtio-hcall: Add range check for hypervisor call, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 11/16] s390x/sclp: Add missing checks to SCLP handler,
Christian Borntraeger <=
- [Qemu-devel] [Patch/RFC 15/16] s390x/event-facility: add support for live migration, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 16/16] s390x/event-facility: exploit realize/unrealize, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 14/16] s390x/event-facility: code restructure, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 10/16] s390x/sclp: Fixed the size of sccb and code parameter, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 13/16] s390x/event-facility: some renaming, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 06/16] s390x/kvm: Add missing SIGP CPU RESET order, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 12/16] s390x/sclp: Fixed setting of condition code register, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 08/16] s390x/virtio-hcall: Specification exception for illegal subcodes, Christian Borntraeger, 2014/02/07
- [Qemu-devel] [Patch/RFC 01/16] update linux headers to kvm/next, Christian Borntraeger, 2014/02/07