git: e425e601b978 - main - bhyve: verify OpRegion size
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 04 Jun 2024 07:11:14 UTC
The branch main has been updated by corvink: URL: https://cgit.FreeBSD.org/src/commit/?id=e425e601b9781c3585fcee4adf29a295a6b2aa45 commit e425e601b9781c3585fcee4adf29a295a6b2aa45 Author: Corvin Köhne <corvink@FreeBSD.org> AuthorDate: 2023-12-15 11:46:09 +0000 Commit: Corvin Köhne <corvink@FreeBSD.org> CommitDate: 2024-06-04 07:08:49 +0000 bhyve: verify OpRegion size If the OpRegion size doesn't match the size of our igd_opregion struct, it's using a different layout than we're expecting. To avoid strange issues, we should exit hard. If we see any devices in the field with a different OpRegion size, we can analyse it and fix it accordingly. Reviewed by: markj MFC after: 1 week Sponsored by: Beckhoff Automation GmbH & Co. KG Differential Revision: https://reviews.freebsd.org/D45335 --- usr.sbin/bhyve/amd64/pci_gvt-d.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/usr.sbin/bhyve/amd64/pci_gvt-d.c b/usr.sbin/bhyve/amd64/pci_gvt-d.c index 95f9066498d6..8cd5d21c8e6d 100644 --- a/usr.sbin/bhyve/amd64/pci_gvt-d.c +++ b/usr.sbin/bhyve/amd64/pci_gvt-d.c @@ -222,6 +222,13 @@ gvt_d_setup_opregion(struct pci_devinst *const pi) opregion->len = header->size * KB; munmap(header, sizeof(*header)); + if (opregion->len != sizeof(struct igd_opregion)) { + warnx("%s: Invalid OpRegion size of 0x%lx", __func__, + opregion->len); + close(memfd); + return (-1); + } + opregion->hva = mmap(NULL, opregion->len, PROT_READ, MAP_SHARED, memfd, opregion->hpa); if (opregion->hva == MAP_FAILED) {