diff mbox series

[v4,2/3] hw/vfio: drop guest writes to ro regions

Message ID 20200417074446.28573-1-yan.y.zhao@intel.com (mailing list archive)
State New, archived
Headers show
Series drop writes to read-only ram device & vfio regions | expand

Commit Message

Yan Zhao April 17, 2020, 7:44 a.m. UTC 
for vfio regions that are without write permission,
drop guest writes to those regions.

Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Yan Zhao <yan.y.zhao@intel.com>
Signed-off-by: Xin Zeng <xin.zeng@intel.com>
---
 hw/vfio/common.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Comments

Philippe Mathieu-Daudé April 17, 2020, 8:49 a.m. UTC | #1 
On 4/17/20 9:44 AM, Yan Zhao wrote:
> for vfio regions that are without write permission,
> drop guest writes to those regions.
> 
> Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
> Signed-off-by: Yan Zhao <yan.y.zhao@intel.com>
> Signed-off-by: Xin Zeng <xin.zeng@intel.com>
> ---
>   hw/vfio/common.c | 12 ++++++++++--
>   1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/vfio/common.c b/hw/vfio/common.c
> index 0b3593b3c0..b6956a8098 100644
> --- a/hw/vfio/common.c
> +++ b/hw/vfio/common.c
> @@ -38,6 +38,7 @@
>   #include "sysemu/reset.h"
>   #include "trace.h"
>   #include "qapi/error.h"
> +#include "qemu/log.h"
>   
>   VFIOGroupList vfio_group_list =
>       QLIST_HEAD_INITIALIZER(vfio_group_list);
> @@ -190,6 +191,15 @@ void vfio_region_write(void *opaque, hwaddr addr,
>           uint64_t qword;
>       } buf;
>   
> +    trace_vfio_region_write(vbasedev->name, region->nr, addr, data, size);
> +    if (!(region->flags & VFIO_REGION_INFO_FLAG_WRITE)) {
> +        qemu_log_mask(LOG_GUEST_ERROR,
> +                      "Invalid write to read only vfio region 0x%"
> +                      HWADDR_PRIx" size %u\n", addr, size);
> +
> +        return;
> +    }
> +
>       switch (size) {
>       case 1:
>           buf.byte = data;
> @@ -215,8 +225,6 @@ void vfio_region_write(void *opaque, hwaddr addr,
>                        addr, data, size);
>       }
>   
> -    trace_vfio_region_write(vbasedev->name, region->nr, addr, data, size);
> -
>       /*
>        * A read or write to a BAR always signals an INTx EOI.  This will
>        * do nothing if not pending (including not in INTx mode).  We assume
> 

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
diff mbox series

Patch

diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 0b3593b3c0..b6956a8098 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -38,6 +38,7 @@ 
 #include "sysemu/reset.h"
 #include "trace.h"
 #include "qapi/error.h"
+#include "qemu/log.h"
 
 VFIOGroupList vfio_group_list =
     QLIST_HEAD_INITIALIZER(vfio_group_list);
@@ -190,6 +191,15 @@  void vfio_region_write(void *opaque, hwaddr addr,
         uint64_t qword;
     } buf;
 
+    trace_vfio_region_write(vbasedev->name, region->nr, addr, data, size);
+    if (!(region->flags & VFIO_REGION_INFO_FLAG_WRITE)) {
+        qemu_log_mask(LOG_GUEST_ERROR,
+                      "Invalid write to read only vfio region 0x%"
+                      HWADDR_PRIx" size %u\n", addr, size);
+
+        return;
+    }
+
     switch (size) {
     case 1:
         buf.byte = data;
@@ -215,8 +225,6 @@  void vfio_region_write(void *opaque, hwaddr addr,
                      addr, data, size);
     }
 
-    trace_vfio_region_write(vbasedev->name, region->nr, addr, data, size);
-
     /*
      * A read or write to a BAR always signals an INTx EOI.  This will
      * do nothing if not pending (including not in INTx mode).  We assume