diff options
| author | Richard Henderson <richard.henderson@linaro.org> | 2021-10-15 09:19:45 -0700 |
|---|---|---|
| committer | Richard Henderson <richard.henderson@linaro.org> | 2021-10-15 09:19:45 -0700 |
| commit | 82d88f834c8f7d33ad9529fca80924bc496fcb70 (patch) | |
| tree | 21ba3c412cedd37feeb9a7b165a8ec9a56cb24c6 /hw | |
| parent | 4d1a525dfafe995a98bb486e702da09e31b68b9c (diff) | |
| parent | 962fde57b7d573281619cb2b7068d570470ef833 (diff) | |
| download | qemu-82d88f834c8f7d33ad9529fca80924bc496fcb70.zip qemu-82d88f834c8f7d33ad9529fca80924bc496fcb70.tar.gz qemu-82d88f834c8f7d33ad9529fca80924bc496fcb70.tar.bz2 | |
Merge remote-tracking branch 'remotes/thuth/tags/pull-request-2021-10-15' into staging
* Check kernel command line size on s390x
* Simplification of one of the SIGP instructions on s390x
* Cornelia stepping down as maintainer in some subsystems
* Update the dtc submodule to a proper release version
# gpg: Signature made Fri 15 Oct 2021 02:11:13 AM PDT
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full]
* remotes/thuth/tags/pull-request-2021-10-15:
dtc: Update to version 1.6.1
s390x virtio-ccw machine: step down as maintainer
s390x/kvm: step down as maintainer
vfio-ccw: step down as maintainer
s390x: sigp: Force Set Architecture to return Invalid Parameter
s390x/ipl: check kernel command line size
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'hw')
| -rw-r--r-- | hw/s390x/ipl.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c index 1821c6f..7ddca01 100644 --- a/hw/s390x/ipl.c +++ b/hw/s390x/ipl.c @@ -38,6 +38,7 @@ #define KERN_IMAGE_START 0x010000UL #define LINUX_MAGIC_ADDR 0x010008UL #define KERN_PARM_AREA 0x010480UL +#define KERN_PARM_AREA_SIZE 0x000380UL #define INITRD_START 0x800000UL #define INITRD_PARM_START 0x010408UL #define PARMFILE_START 0x001000UL @@ -190,10 +191,19 @@ static void s390_ipl_realize(DeviceState *dev, Error **errp) * loader) and it won't work. For this case we force it to 0x10000, too. */ if (pentry == KERN_IMAGE_START || pentry == 0x800) { - char *parm_area = rom_ptr(KERN_PARM_AREA, strlen(ipl->cmdline) + 1); + size_t cmdline_size = strlen(ipl->cmdline) + 1; + char *parm_area = rom_ptr(KERN_PARM_AREA, cmdline_size); + ipl->start_addr = KERN_IMAGE_START; /* Overwrite parameters in the kernel image, which are "rom" */ if (parm_area) { + if (cmdline_size > KERN_PARM_AREA_SIZE) { + error_setg(errp, + "kernel command line exceeds maximum size: %zu > %lu", + cmdline_size, KERN_PARM_AREA_SIZE); + return; + } + strcpy(parm_area, ipl->cmdline); } } else { |