Date: Tue, 4 Jun 2024 07:11:14 GMT From: Corvin =?utf-8?Q?K=C3=B6hne?= <corvink@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: e425e601b978 - main - bhyve: verify OpRegion size Message-ID: <202406040711.4547BEfm071098@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by corvink: URL: https://cgit.FreeBSD.org/src/commit/?id=e425e601b9781c3585fcee4adf29a295a6b2aa45 commit e425e601b9781c3585fcee4adf29a295a6b2aa45 Author: Corvin Köhne <corvink@FreeBSD.org> AuthorDate: 2023-12-15 11:46:09 +0000 Commit: Corvin Köhne <corvink@FreeBSD.org> CommitDate: 2024-06-04 07:08:49 +0000 bhyve: verify OpRegion size If the OpRegion size doesn't match the size of our igd_opregion struct, it's using a different layout than we're expecting. To avoid strange issues, we should exit hard. If we see any devices in the field with a different OpRegion size, we can analyse it and fix it accordingly. Reviewed by: markj MFC after: 1 week Sponsored by: Beckhoff Automation GmbH & Co. KG Differential Revision: https://reviews.freebsd.org/D45335 --- usr.sbin/bhyve/amd64/pci_gvt-d.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/usr.sbin/bhyve/amd64/pci_gvt-d.c b/usr.sbin/bhyve/amd64/pci_gvt-d.c index 95f9066498d6..8cd5d21c8e6d 100644 --- a/usr.sbin/bhyve/amd64/pci_gvt-d.c +++ b/usr.sbin/bhyve/amd64/pci_gvt-d.c @@ -222,6 +222,13 @@ gvt_d_setup_opregion(struct pci_devinst *const pi) opregion->len = header->size * KB; munmap(header, sizeof(*header)); + if (opregion->len != sizeof(struct igd_opregion)) { + warnx("%s: Invalid OpRegion size of 0x%lx", __func__, + opregion->len); + close(memfd); + return (-1); + } + opregion->hva = mmap(NULL, opregion->len, PROT_READ, MAP_SHARED, memfd, opregion->hpa); if (opregion->hva == MAP_FAILED) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202406040711.4547BEfm071098>