/*
- * hvc_iucv.c - z/VM IUCV hypervisor console (HVC) device driver
+ * z/VM IUCV hypervisor console (HVC) device driver
*
* This HVC device driver provides terminal access using
* z/VM IUCV communication paths.
*
- * Copyright IBM Corp. 2008, 2009
+ * Copyright IBM Corp. 2008, 2013
*
* Author(s): Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
*/
#define IUCV_HVC_CON_IDX (0)
/* List of z/VM user ID filter entries (struct iucv_vmid_filter) */
#define MAX_VMID_FILTER (500)
+#define FILTER_WILDCARD_CHAR '*'
static size_t hvc_iucv_filter_size;
static void *hvc_iucv_filter;
static const char *hvc_iucv_filter_string;
* hvc_iucv_filter_connreq() - Filter connection request based on z/VM user ID
* @ipvmid: Originating z/VM user ID (right padded with blanks)
*
- * Returns 0 if the z/VM user ID @ipvmid is allowed to connection, otherwise
- * non-zero.
+ * Returns 0 if the z/VM user ID that is specified with @ipvmid is permitted to
+ * connect, otherwise non-zero.
*/
static int hvc_iucv_filter_connreq(u8 ipvmid[8])
{
- size_t i;
+ const char *wildcard, *filter_entry;
+ size_t i, len;
/* Note: default policy is ACCEPT if no filter is set */
if (!hvc_iucv_filter_size)
return 0;
- for (i = 0; i < hvc_iucv_filter_size; i++)
- if (0 == memcmp(ipvmid, hvc_iucv_filter + (8 * i), 8))
+ for (i = 0; i < hvc_iucv_filter_size; i++) {
+ filter_entry = hvc_iucv_filter + (8 * i);
+
+ /* If a filter entry contains the filter wildcard character,
+ * reduce the length to match the leading portion of the user
+ * ID only (wildcard match). Characters following the wildcard
+ * are ignored.
+ */
+ wildcard = strnchr(filter_entry, 8, FILTER_WILDCARD_CHAR);
+ len = (wildcard) ? wildcard - filter_entry : 8;
+ if (0 == memcmp(ipvmid, filter_entry, len))
return 0;
+ }
return 1;
}
/**
* hvc_iucv_parse_filter() - Parse filter for a single z/VM user ID
* @filter: String containing a comma-separated list of z/VM user IDs
+ * @dest: Location where to store the parsed z/VM user ID
*/
static const char *hvc_iucv_parse_filter(const char *filter, char *dest)
{
if (filter[len - 1] == '\n')
len--;
+ /* prohibit filter entries containing the wildcard character only */
+ if (len == 1 && *filter == FILTER_WILDCARD_CHAR)
+ return ERR_PTR(-EINVAL);
+
if (len > 8)
return ERR_PTR(-EINVAL);