linux/drivers
Eric Farman 48bd0eee8e s390/cio: Fix vfio-ccw handling of recursive TICs
The routine ccwchain_calc_length() is tasked with looking at a
channel program, seeing how many CCWs are chained together by
the presence of the Chain-Command flag, and returning a count
to the caller.

Previously, it also considered a Transfer-in-Channel CCW as being
an appropriate mechanism for chaining.  The problem at the time
was that the TIC CCW will almost certainly not go to the next CCW
in memory (because the CC flag would be sufficient), and so
advancing to the next 8 bytes will cause us to read potentially
invalid memory.  So that comparison was removed, and the target
of the TIC is processed as a new chain.

This is fine when a TIC goes to a new chain (consider a NOP+TIC to
a channel program that is being redriven), but there is another
scenario where this falls apart.  A TIC can be used to "rewind"
a channel program, for example to find a particular record on a
disk with various orientation CCWs.  In this case, we DO want to
consider the memory after the TIC since the TIC will be skipped
once the requested criteria is met.  This is due to the Status
Modifier presented by the device, though software doesn't need to
operate on it beyond understanding the behavior change of how the
channel program is executed.

So to handle this, we will re-introduce the check for a TIC CCW
but limit it by examining the target of the TIC.  If the TIC
doesn't go back into the current chain, then current behavior
applies; we should stop counting CCWs and let the target of the
TIC be handled as a new chain.  But, if the TIC DOES go back into
the current chain, then we need to keep looking at the memory after
the TIC for when the channel breaks out of the TIC loop.  We can't
use tic_target_chain_exists() because the chain in question hasn't
been built yet, so we will redefine that comparison with some small
functions to make it more readable and to permit refactoring later.

Fixes: 405d566f98 ("vfio-ccw: Don't assume there are more ccws after a TIC")
Signed-off-by: Eric Farman <farman@linux.ibm.com>
Message-Id: <20190222183941.29596-2-farman@linux.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Farhan Ali <alifm@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-02-26 18:30:11 +01:00
..
accessibility
acpi arm64 fixes for -rc2 2019-01-11 12:25:40 -08:00
amba
android binder: implement binderfs 2018-12-19 09:40:13 +01:00
ata for-linus-20190112 2019-01-12 13:40:51 -08:00
atm cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
auxdisplay auxdisplay: charlcd: fix x/y command parsing 2018-12-21 21:27:21 +01:00
base Merge branches 'pm-cpuidle', 'pm-cpufreq' and 'pm-sleep' 2019-01-11 10:09:51 +01:00
bcma
block for-linus-20190112 2019-01-12 13:40:51 -08:00
bluetooth Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading 2018-12-19 13:43:42 +01:00
bus ARM: SoC driver updates 2018-12-31 17:32:35 -08:00
cdrom gdrom: fix a memory leak bug 2018-12-29 08:20:44 -07:00
char Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
clk Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-01-02 18:56:59 -08:00
clocksource arch/csky patches for 4.21-rc1 2019-01-05 09:50:07 -08:00
connector
cpufreq Merge branches 'pm-cpuidle', 'pm-cpufreq' and 'pm-sleep' 2019-01-11 10:09:51 +01:00
cpuidle powerpc updates for 4.21 2018-12-27 10:43:24 -08:00
crypto cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
dax mm, devm_memremap_pages: fix shutdown handling 2018-12-28 12:11:47 -08:00
dca
devfreq
dio
dma cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
dma-buf drivers/dma-buf/udmabuf.c: convert to use vm_fault_t 2019-01-04 13:13:46 -08:00
edac EDAC, fsl_ddr: Add LS1021A to the list of supported hardware 2018-12-19 11:57:45 +01:00
eisa
extcon
firewire FireWire (IEEE 1394) subsystem patch: 2019-01-05 18:33:21 -08:00
firmware arm64 fixes for -rc1 2019-01-05 11:28:39 -08:00
fmc
fpga Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
fsi
gnss
gpio This is the bulk of GPIO changes for the v4.21 kernel series: 2018-12-28 20:00:21 -08:00
gpu remove dma_zalloc_coherent 2019-01-12 10:52:40 -08:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid 2019-01-05 17:53:40 -08:00
hsi
hv Char/Misc driver patches for 4.21-rc1 2018-12-28 20:54:57 -08:00
hwmon Kconfig updates for v4.21 2018-12-29 13:03:29 -08:00
hwspinlock hwspinlock: fix return value check in stm32_hwspinlock_probe() 2019-01-03 11:42:10 -08:00
hwtracing intel_th: msu: Fix an off-by-one in attribute store 2018-12-19 20:21:06 +01:00
i2c i2c: tegra: Fix Maximum transfer size 2019-01-11 00:15:04 +01:00
i3c
ide for-4.21/block-20181221 2018-12-28 13:19:59 -08:00
idle
iio Staging/IIO driver patches for 4.21-rc1 2018-12-28 20:39:58 -08:00
infiniband cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
input cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
iommu cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
ipack
irqchip irqchip/csky: fixup handle_irq_perbit break irq 2019-01-09 00:18:46 +08:00
isdn isdn: fix kernel-infoleak in capi_unlocked_ioctl 2019-01-02 10:31:39 -08:00
leds LEDs for 4.21-rc1 2018-12-25 14:52:50 -08:00
lightnvm lightnvm: pblk: fix use-after-free bug 2018-12-22 14:45:35 -07:00
macintosh Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
mailbox mailbox: tegra-hsp: Use device-managed registration API 2018-12-21 22:31:26 -06:00
mcb
md Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md into for-linus 2019-01-03 08:21:02 -07:00
media cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
memory ARM: SoC: late updates 2019-01-05 11:30:37 -08:00
memstick MMC core: 2018-12-28 16:52:18 -08:00
message scsi: flip the default on use_clustering 2018-12-18 23:13:12 -05:00
mfd
misc cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
mmc cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
mtd mtd: rawnand: qcom: fix memory corruption that causes panic 2019-01-08 12:33:24 +01:00
mux
net cross-tree: phase out dma_zalloc_coherent() on headers 2019-01-08 07:58:49 -05:00
nfc
ntb cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
nubus
nvdimm Merge branch 'akpm' (patches from Andrew) 2018-12-28 16:55:46 -08:00
nvme for-linus-20190112 2019-01-12 13:40:51 -08:00
nvmem
of Merge tag 'devicetree-for-4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux 2018-12-28 20:08:34 -08:00
opp cpufreq: scpi/scmi: Fix freeing of dynamic OPPs 2019-01-04 12:19:40 +01:00
oprofile
parisc Kconfig file consolidation for v4.21 2018-12-29 13:40:29 -08:00
parport
pci remove dma_zalloc_coherent 2019-01-12 10:52:40 -08:00
pcmcia Included in this update: 2019-01-05 11:23:17 -08:00
perf drivers/perf: hisi: Fixup one DDRC PMU register offset 2019-01-04 10:13:27 +00:00
phy phy: fix build breakage: add PHY_MODE_SATA 2019-01-12 21:07:14 -08:00
pinctrl Pin control bulk changes for the v4.21 kernel cycle: 2019-01-01 13:19:16 -08:00
platform chrome platform changes for v4.21 2019-01-06 11:40:06 -08:00
pnp Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
power power supply and reset changes for the v4.21 series 2018-12-28 20:22:45 -08:00
powercap
pps Kconfig updates for v4.21 2018-12-29 13:03:29 -08:00
ps3
ptp Char/Misc driver patches for 4.21-rc1 2018-12-28 20:54:57 -08:00
pwm pwm: imx: Add ipg clock operation 2018-12-24 12:06:56 +01:00
rapidio cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
ras treewide: surround Kconfig file paths with double quotes 2018-12-22 00:25:54 +09:00
regulator Merge remote-tracking branch 'regulator/topic/coupled' into regulator-next 2018-12-21 13:43:35 +00:00
remoteproc
reset reset: uniphier-glue: Add AHCI reset control support in glue layer 2019-01-07 16:38:51 +01:00
rpmsg
rtc RTC for 4.21 2019-01-01 13:24:31 -08:00
s390 s390/cio: Fix vfio-ccw handling of recursive TICs 2019-02-26 18:30:11 +01:00
sbus Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-next 2018-12-26 10:32:18 -08:00
scsi cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
sfi
sh
siox
slimbus
sn
soc ARM: SoC fixes 2019-01-14 10:34:14 +12:00
soundwire
spi cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
spmi
ssb
staging Staging driver fixes for 5.0-rc2 2019-01-14 05:49:35 +12:00
target SCSI misc on 20181224 2018-12-28 14:48:06 -08:00
tc
tee OP-TEE dynamic shm log message 2018-12-31 13:06:30 -08:00
thermal Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2019-01-05 16:07:28 -08:00
thunderbolt
tty tty/serial fixes for 5.0-rc2 2019-01-14 05:47:48 +12:00
uio Char/Misc driver patches for 4.21-rc1 2018-12-28 20:54:57 -08:00
usb USB fixes for 5.0-rc2 2019-01-14 05:45:28 +12:00
uwb
vfio vfio/type1: Fix unmap overflow off-by-one 2019-01-08 09:31:28 -07:00
vhost Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
video cross-tree: phase out dma_zalloc_coherent() 2019-01-08 07:58:37 -05:00
virt
virtio virtio, vhost: features, fixes, cleanups 2019-01-02 18:54:45 -08:00
visorbus
vlynq
vme
w1 treewide: surround Kconfig file paths with double quotes 2018-12-22 00:25:54 +09:00
watchdog linux-watchdog 4.21-rc1 tag 2019-01-01 13:16:45 -08:00
xen Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
zorro
Kconfig Kconfig file consolidation for v4.21 2018-12-29 13:40:29 -08:00
Makefile