virtio/s390: size of SET_IND payload

SET_IND takes as a payload the _address_ of the indicators, meaning
that we have one of the rare cases where kmalloc(sizeof(&...)) is
actually correct. Let's clarify that with a comment.

The count for the ccw, however, was only correct because the
indicators are 64 bit. Let's use the correct value.

Reported-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: David Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

diff --git a/drivers/s390/virtio/virtio_ccw.c b/drivers/s390/virtio/virtio_ccw.c
index 46b110a..8688ad4 100644 (file)
--- a/drivers/s390/virtio/virtio_ccw.c
+++ b/drivers/s390/virtio/virtio_ccw.c
@@ -342,13 +342,14 @@ static void virtio_ccw_drop_indicator(struct virtio_ccw_device *vcdev,
                ccw->count = sizeof(*thinint_area);
                ccw->cda = (__u32)(unsigned long) thinint_area;
        } else {
+               /* payload is the address of the indicators */
                indicatorp = kmalloc(sizeof(&vcdev->indicators),
                                     GFP_DMA | GFP_KERNEL);
                if (!indicatorp)
                        return;
                *indicatorp = 0;
                ccw->cmd_code = CCW_CMD_SET_IND;
-               ccw->count = sizeof(vcdev->indicators);
+               ccw->count = sizeof(&vcdev->indicators);
                ccw->cda = (__u32)(unsigned long) indicatorp;
        }
        /* Deregister indicators from host. */
@@ -656,7 +657,10 @@ static int virtio_ccw_find_vqs(struct virtio_device *vdev, unsigned nvqs,
                }
        }
        ret = -ENOMEM;
-       /* We need a data area under 2G to communicate. */
+       /*
+        * We need a data area under 2G to communicate. Our payload is
+        * the address of the indicators.
+       */
        indicatorp = kmalloc(sizeof(&vcdev->indicators), GFP_DMA | GFP_KERNEL);
        if (!indicatorp)
                goto out;
@@ -672,7 +676,7 @@ static int virtio_ccw_find_vqs(struct virtio_device *vdev, unsigned nvqs,
                vcdev->indicators = 0;
                ccw->cmd_code = CCW_CMD_SET_IND;
                ccw->flags = 0;
-               ccw->count = sizeof(vcdev->indicators);
+               ccw->count = sizeof(&vcdev->indicators);
                ccw->cda = (__u32)(unsigned long) indicatorp;
                ret = ccw_io_helper(vcdev, ccw, VIRTIO_CCW_DOING_SET_IND);
                if (ret)
@@ -683,7 +687,7 @@ static int virtio_ccw_find_vqs(struct virtio_device *vdev, unsigned nvqs,
        vcdev->indicators2 = 0;
        ccw->cmd_code = CCW_CMD_SET_CONF_IND;
        ccw->flags = 0;
-       ccw->count = sizeof(vcdev->indicators2);
+       ccw->count = sizeof(&vcdev->indicators2);
        ccw->cda = (__u32)(unsigned long) indicatorp;
        ret = ccw_io_helper(vcdev, ccw, VIRTIO_CCW_DOING_SET_CONF_IND);
        if (ret)