From patchwork Wed Sep 20 17:23:14 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Halil Pasic X-Patchwork-Id: 9961939 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 0456C602D8 for ; Wed, 20 Sep 2017 17:25:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DC2AC291E1 for ; Wed, 20 Sep 2017 17:25:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CD404291E3; Wed, 20 Sep 2017 17:25:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 68A56291DD for ; Wed, 20 Sep 2017 17:25:00 +0000 (UTC) Received: from localhost ([::1]:49909 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1duik7-0005B1-Ng for patchwork-qemu-devel@patchwork.kernel.org; Wed, 20 Sep 2017 13:24:59 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51664) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1duiiw-00057S-7v for qemu-devel@nongnu.org; Wed, 20 Sep 2017 13:23:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1duiit-000624-Gp for qemu-devel@nongnu.org; Wed, 20 Sep 2017 13:23:46 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:38070) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1duiit-00060s-7d for qemu-devel@nongnu.org; Wed, 20 Sep 2017 13:23:43 -0400 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v8KHLteK093667 for ; Wed, 20 Sep 2017 13:23:41 -0400 Received: from e06smtp10.uk.ibm.com (e06smtp10.uk.ibm.com [195.75.94.106]) by mx0a-001b2d01.pphosted.com with ESMTP id 2d3ueqmxu8-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Wed, 20 Sep 2017 13:23:40 -0400 Received: from localhost by e06smtp10.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 20 Sep 2017 18:23:38 +0100 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp10.uk.ibm.com (192.168.101.140) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Wed, 20 Sep 2017 18:23:35 +0100 Received: from d06av22.portsmouth.uk.ibm.com (d06av22.portsmouth.uk.ibm.com [9.149.105.58]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v8KHNYpP21299338; Wed, 20 Sep 2017 17:23:34 GMT Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5C3434C046; Wed, 20 Sep 2017 18:19:58 +0100 (BST) Received: from d06av22.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1F28E4C040; Wed, 20 Sep 2017 18:19:58 +0100 (BST) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by d06av22.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Wed, 20 Sep 2017 18:19:58 +0100 (BST) From: Halil Pasic To: Cornelia Huck , Christian Borntraeger Date: Wed, 20 Sep 2017 19:23:14 +0200 X-Mailer: git-send-email 2.13.5 In-Reply-To: <20170920172314.102710-1-pasic@linux.vnet.ibm.com> References: <20170920172314.102710-1-pasic@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 17092017-0040-0000-0000-000003DBC014 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17092017-0041-0000-0000-000025DCF6CF Message-Id: <20170920172314.102710-3-pasic@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-09-20_04:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1709200234 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 Subject: [Qemu-devel] [PATCH 2/2] s390x/3270: handle writes of arbitrary length X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Halil Pasic , qemu-devel@nongnu.org, Alexander Graf , "Jason J . Herne" , Dong Jia Shi , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The problem is, that the current implementation places unrealistic and arbitrary constraints on the length of writes to the device (that is the outbound requests), by asserting ccw.count being such that that even the worst case escaped payload will fit an more or less arbitrary sized buffer. Actually on protocol level there is nothing to justify such a limitation. Another strange thing is the return value which more or less reflects the size (written) after escaping instead of before escaping. This is strange, because this return value is used to calculate SCSW.count. Let us teach 3270 how to deal with arbitrary long writes. Signed-off-by: Halil Pasic Acked-by: Christian Borntraeger Reviewed-by: Dong Jia Shi Reported-by: Jason J . Herne Tested-by: Jason J . Herne --- hw/char/terminal3270.c | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/hw/char/terminal3270.c b/hw/char/terminal3270.c index c976a63cc2..a109ce5987 100644 --- a/hw/char/terminal3270.c +++ b/hw/char/terminal3270.c @@ -30,7 +30,6 @@ typedef struct Terminal3270 { uint8_t inv[INPUT_BUFFER_SIZE]; uint8_t outv[OUTPUT_BUFFER_SIZE]; int in_len; - int out_len; bool handshake_done; guint timer_tag; } Terminal3270; @@ -145,7 +144,6 @@ static void chr_event(void *opaque, int event) /* Ensure the initial status correct, always reset them. */ t->in_len = 0; - t->out_len = 0; t->handshake_done = false; if (t->timer_tag) { g_source_remove(t->timer_tag); @@ -231,8 +229,9 @@ static int write_payload_3270(EmulatedCcw3270Device *dev, uint8_t cmd) Terminal3270 *t = TERMINAL_3270(dev); int retval = 0; int count = ccw_dstream_avail(get_cds(t)); - - assert(count <= (OUTPUT_BUFFER_SIZE - 3) / 2); + int bound = (OUTPUT_BUFFER_SIZE - 3) / 2; + int len = MIN(count, bound); + int out_len = 0; if (!t->handshake_done) { if (!(t->outv[0] == IAC && t->outv[1] != IAC)) { @@ -247,16 +246,23 @@ static int write_payload_3270(EmulatedCcw3270Device *dev, uint8_t cmd) /* We just say we consumed all data if there's no backend. */ return count; } - t->outv[0] = cmd; - ccw_dstream_read_buf(get_cds(t), &t->outv[1], count); - t->out_len = count + 1; - t->out_len = insert_IAC_escape_char(t->outv, t->out_len); - t->outv[t->out_len++] = IAC; - t->outv[t->out_len++] = IAC_EOR; + t->outv[out_len++] = cmd; + do { + ccw_dstream_read_buf(get_cds(t), &t->outv[out_len], len); + count = ccw_dstream_avail(get_cds(t)); + out_len += len; - retval = qemu_chr_fe_write_all(&t->chr, t->outv, t->out_len); - return (retval <= 0) ? 0 : (retval - 3); + out_len = insert_IAC_escape_char(t->outv, out_len); + if (!count) { + t->outv[out_len++] = IAC; + t->outv[out_len++] = IAC_EOR; + } + retval = qemu_chr_fe_write_all(&t->chr, t->outv, out_len); + len = MIN(count, bound); + out_len = 0; + } while (len && retval >= 0); + return (retval <= 0) ? 0 : get_cds(t)->count; } static Property terminal_properties[] = {