diff options
author | Alexandru Elisei <alexandru.elisei@arm.com> | 2021-10-12 14:25:09 +0100 |
---|---|---|
committer | Will Deacon <will@kernel.org> | 2021-10-13 08:36:59 +0100 |
commit | b20d6e3029400b4b4b19c654192951f8bedd39cc (patch) | |
tree | a91150363ea7a50f7addfc125914986a98c753a8 | |
parent | f93acc042fbd45ebd7540b391d2ac8c1134a0aa3 (diff) | |
download | kvmtool-b20d6e3029400b4b4b19c654192951f8bedd39cc.tar.gz |
vfio/pci: Print an error when offset is outside of the MSIX table or PBA
Now that we keep track of the real size of MSIX table and PBA, print an
error when the guest tries to write to an offset which is not inside the
correct regions.
Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com>
Link: https://lore.kernel.org/r/20211012132510.42134-7-alexandru.elisei@arm.com
Signed-off-by: Will Deacon <will@kernel.org>
-rw-r--r-- | vfio/pci.c | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -249,6 +249,11 @@ static void vfio_pci_msix_pba_access(struct kvm_cpu *vcpu, u64 addr, u8 *data, u64 offset = addr - pba->guest_phys_addr; struct vfio_device *vdev = container_of(pdev, struct vfio_device, pci); + if (offset >= pba->size) { + vfio_dev_err(vdev, "access outside of the MSIX PBA"); + return; + } + if (is_write) return; @@ -269,6 +274,10 @@ static void vfio_pci_msix_table_access(struct kvm_cpu *vcpu, u64 addr, u8 *data, struct vfio_device *vdev = container_of(pdev, struct vfio_device, pci); u64 offset = addr - pdev->msix_table.guest_phys_addr; + if (offset >= pdev->msix_table.size) { + vfio_dev_err(vdev, "access outside of the MSI-X table"); + return; + } size_t vector = offset / PCI_MSIX_ENTRY_SIZE; off_t field = offset % PCI_MSIX_ENTRY_SIZE; |