git: f5cc62e54a7f - stable/14 - virtio_p9fs: fix panic on qemu/kvm
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 04 Jul 2025 13:28:49 UTC
The branch stable/14 has been updated by arrowd:
URL: https://cgit.FreeBSD.org/src/commit/?id=f5cc62e54a7f8ae9b8bb1484e0ebb22352c95d36
commit f5cc62e54a7f8ae9b8bb1484e0ebb22352c95d36
Author: Danilo Egea Gondolfo <danilo@FreeBSD.org>
AuthorDate: 2024-07-06 16:51:51 +0000
Commit: Gleb Popov <arrowd@FreeBSD.org>
CommitDate: 2025-07-04 13:28:06 +0000
virtio_p9fs: fix panic on qemu/kvm
When the module is loaded on a system running on qemu/kvm the "modern"
virtio infrastructure is used and virtio_read_device_config() will end
up calling vtpci_modern_read_dev_config(). This function cannot read
values of arbitrary sizes and will panic if the p9fs mount tag size is
not supported by it.
Use virtio_read_device_config_array() instead. It was tested on both
bhyve and qemu/kvm.
PR: 280098
Co-authored-by: Mark Peek <mp@FreeBSD.org>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1320
(cherry picked from commit 814bf1fddd27aea69740f9e7426302354285cad4)
---
sys/dev/virtio/p9fs/virtio_p9fs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sys/dev/virtio/p9fs/virtio_p9fs.c b/sys/dev/virtio/p9fs/virtio_p9fs.c
index e87659da2732..f7bc3f00fe6a 100644
--- a/sys/dev/virtio/p9fs/virtio_p9fs.c
+++ b/sys/dev/virtio/p9fs/virtio_p9fs.c
@@ -352,9 +352,9 @@ vt9p_attach(device_t dev)
mount_tag = malloc(mount_tag_len + 1, M_P9FS_MNTTAG,
M_WAITOK | M_ZERO);
- virtio_read_device_config(dev,
+ virtio_read_device_config_array(dev,
offsetof(struct virtio_9pnet_config, mount_tag),
- mount_tag, mount_tag_len);
+ mount_tag, 1, mount_tag_len);
device_printf(dev, "Mount tag: %s\n", mount_tag);