diff options
| author | Thomas Huth <thuth@linux.vnet.ibm.com> | 2013-06-20 11:22:03 -0400 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2013-06-20 17:32:13 -0400 |
| commit | 133608f392ce2e11481317e3d0b02044710a5956 (patch) | |
| tree | fa39445622a2f114b18e0f1befd641d5aba5d30e | |
| parent | 93e1750f5ee8417e015bcb0bf2c37bf07b5ff647 (diff) | |
KVM: s390: Check for access exceptions during TPI
When a guest calls the TPI instruction, the second operand address could
point to an invalid location. In this case the problem should be signaled
to the guest by throwing an access exception.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| -rw-r--r-- | arch/s390/kvm/priv.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c index 0b19e2226955..4b8fb6cc3c45 100644 --- a/arch/s390/kvm/priv.c +++ b/arch/s390/kvm/priv.c | |||
| @@ -146,9 +146,10 @@ static int handle_tpi(struct kvm_vcpu *vcpu) | |||
| 146 | * Store the two-word I/O interruption code into the | 146 | * Store the two-word I/O interruption code into the |
| 147 | * provided area. | 147 | * provided area. |
| 148 | */ | 148 | */ |
| 149 | put_guest(vcpu, inti->io.subchannel_id, (u16 __user *) addr); | 149 | if (put_guest(vcpu, inti->io.subchannel_id, (u16 __user *)addr) |
| 150 | put_guest(vcpu, inti->io.subchannel_nr, (u16 __user *) (addr + 2)); | 150 | || put_guest(vcpu, inti->io.subchannel_nr, (u16 __user *)(addr + 2)) |
| 151 | put_guest(vcpu, inti->io.io_int_parm, (u32 __user *) (addr + 4)); | 151 | || put_guest(vcpu, inti->io.io_int_parm, (u32 __user *)(addr + 4))) |
| 152 | return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING); | ||
| 152 | } else { | 153 | } else { |
| 153 | /* | 154 | /* |
| 154 | * Store the three-word I/O interruption code into | 155 | * Store the three-word I/O interruption code into |