motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-08 02:03:56 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

s390x/sclp: Add missing checks to SCLP handler

Browse source 
If the 51 most significant bits of the SCCB address are zero or equal to
the prefix, we should throw an specification exception, too.
Also moved the check for privileged mode to sclp_service_call() to have
all program checks in one place now.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This commit is contained in:
Thomas Huth 2014-01-13 12:55:55 +01:00 committed by Christian Borntraeger
parent a0fa2cb8cc
commit 6e25280216
4 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

9
hw/s390x/sclp.c
View file

@ -107,7 +107,7 @@ static void sclp_execute(SCCB *sccb, uint32_t code)
}
}
int sclp_service_call(uint64_t sccb, uint32_t code)
int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code)
{
int r = 0;
SCCB work_sccb;
@ -115,11 +115,16 @@ int sclp_service_call(uint64_t sccb, uint32_t code)
hwaddr sccb_len = sizeof(SCCB);
/* first some basic checks on program checks */
if (env->psw.mask & PSW_MASK_PSTATE) {
r = -PGM_PRIVILEGED;
goto out;
}
if (cpu_physical_memory_is_io(sccb)) {
r = -PGM_ADDRESSING;
goto out;
}
if (sccb & ~0x7ffffff8ul) {
if ((sccb & ~0x1fffUL) == 0 || (sccb & ~0x1fffUL) == env->psa
|| (sccb & ~0x7ffffff8UL) != 0) {
r = -PGM_SPECIFICATION;
goto out;
}