Commit 0b7589ec authored by Sebastian Ott's avatar Sebastian Ott Committed by Martin Schwidefsky

s390/pci: query fmb length

Query the length of the fmb and abort fmb registration if the
size of the associated measurement block is too small.
Signed-off-by: default avatarSebastian Ott <sebott@linux.vnet.ibm.com>
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
parent d0350268
...@@ -133,6 +133,7 @@ struct zpci_dev { ...@@ -133,6 +133,7 @@ struct zpci_dev {
/* Function measurement block */ /* Function measurement block */
struct zpci_fmb *fmb; struct zpci_fmb *fmb;
u16 fmb_update; /* update interval */ u16 fmb_update; /* update interval */
u16 fmb_length;
/* software counters */ /* software counters */
atomic64_t allocated_pages; atomic64_t allocated_pages;
atomic64_t mapped_pages; atomic64_t mapped_pages;
......
...@@ -87,7 +87,8 @@ struct clp_rsp_query_pci { ...@@ -87,7 +87,8 @@ struct clp_rsp_query_pci {
u16 pchid; u16 pchid;
u32 bar[PCI_BAR_COUNT]; u32 bar[PCI_BAR_COUNT];
u8 pfip[CLP_PFIP_NR_SEGMENTS]; /* pci function internal path */ u8 pfip[CLP_PFIP_NR_SEGMENTS]; /* pci function internal path */
u32 : 24; u32 : 16;
u8 fmb_len;
u8 pft; /* pci function type */ u8 pft; /* pci function type */
u64 sdma; /* start dma as */ u64 sdma; /* start dma as */
u64 edma; /* end dma as */ u64 edma; /* end dma as */
......
...@@ -180,7 +180,7 @@ int zpci_fmb_enable_device(struct zpci_dev *zdev) ...@@ -180,7 +180,7 @@ int zpci_fmb_enable_device(struct zpci_dev *zdev)
{ {
struct mod_pci_args args = { 0, 0, 0, 0 }; struct mod_pci_args args = { 0, 0, 0, 0 };
if (zdev->fmb) if (zdev->fmb || sizeof(*zdev->fmb) < zdev->fmb_length)
return -EINVAL; return -EINVAL;
zdev->fmb = kmem_cache_zalloc(zdev_fmb_cache, GFP_KERNEL); zdev->fmb = kmem_cache_zalloc(zdev_fmb_cache, GFP_KERNEL);
......
...@@ -148,6 +148,7 @@ static int clp_store_query_pci_fn(struct zpci_dev *zdev, ...@@ -148,6 +148,7 @@ static int clp_store_query_pci_fn(struct zpci_dev *zdev,
zdev->pft = response->pft; zdev->pft = response->pft;
zdev->vfn = response->vfn; zdev->vfn = response->vfn;
zdev->uid = response->uid; zdev->uid = response->uid;
zdev->fmb_length = sizeof(u32) * response->fmb_len;
memcpy(zdev->pfip, response->pfip, sizeof(zdev->pfip)); memcpy(zdev->pfip, response->pfip, sizeof(zdev->pfip));
if (response->util_str_avail) { if (response->util_str_avail) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment