From patchwork Thu Jan 6 06:47:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raphael Norwitz X-Patchwork-Id: 12705154 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6E3E8C433EF for ; Thu, 6 Jan 2022 06:57:19 +0000 (UTC) Received: from localhost ([::1]:49552 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1n5Mi5-0004Wi-Lm for qemu-devel@archiver.kernel.org; Thu, 06 Jan 2022 01:57:17 -0500 Received: from eggs.gnu.org ([209.51.188.92]:41704) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n5MYh-0001HD-1B for qemu-devel@nongnu.org; Thu, 06 Jan 2022 01:47:38 -0500 Received: from mx0a-002c1b01.pphosted.com ([148.163.151.68]:22644) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n5MYc-0003Tg-H7 for qemu-devel@nongnu.org; Thu, 06 Jan 2022 01:47:33 -0500 Received: from pps.filterd (m0127837.ppops.net [127.0.0.1]) by mx0a-002c1b01.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 205N5d7j019176; Wed, 5 Jan 2022 22:47:28 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=proofpoint20171006; bh=xTXUa0V5/w7nkUas7PxLZMYxnH++OqMtYi1YlrXD+tU=; b=x9Ly7IkIxhzDpWu1ITZKpBdFab25s8khIvuodSRlBTEc/1RoIfo2crxoQIJyyrlmUWgA w3kGQsKjyIo28HKrxvR5wAKmYFEFv9HhviTGMA0al6h3D5Acf/Z0l4DZwZZ1Kk9USQJe grl32U3WBuguCfCoTJJXr8zpalAtPMgATxKekvNbXlngbkRw0R91SiSWxOPONRGiI7ol U6+MqMHeNm/fYfWpptJzSj+SD0CmKZlg09SyTaxeaEI0LKS9v57XUkQELhEsylVKXTb6 UI0ikfrxcxHLd/aBCzYRFDcS5olS6KHR4Q1chzFVSuVssN7NPavnVVcrRnlcRaTL4lQM uw== Received: from nam04-bn8-obe.outbound.protection.outlook.com (mail-bn8nam08lp2046.outbound.protection.outlook.com [104.47.74.46]) by mx0a-002c1b01.pphosted.com (PPS) with ESMTPS id 3ddmq00jfk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Jan 2022 22:47:27 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eQNtKlE4pc38WG+96z/Rs+0m/B+hDP/jCFh6E4BZ5YaiyYWedPQYGiyQuJNPf4ObVGI/DbTukBDMv4bYeptRsz/q2FyZO1u1UYaB+JAdbubckx/h9BCb3qIpdWwHL3gTELA2Dx6TkEzpD2IYq7LLMIt4yxbtqqSDXaAP7/yusNYoXDuaqlELDO8SFjkFPhJLrDclmRBzZMRk0sQyYyboFukYbkSgbO5VTtYTj2FBqXKq61HQ1nkggMm3xI+9UCL0jVCbwZLICFHcC38kiMtqDKGouJU0XYRrSZGnIiHgE853EMmDZBUxq85ERxKdBJCMzDrvO2glEQlpmWaiyuBN3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xTXUa0V5/w7nkUas7PxLZMYxnH++OqMtYi1YlrXD+tU=; b=csrFbbLFwIyTv34wAJ5Qqjsw625GixirubneXpPP/4X7NOzxTMIMwRRIRKCsK8Sfe8cUNRXSHJ9sNpt5n8KOZOhFw6FDOZTRHhV2r/deMTuC2Iq/H/8n94WGQUe0ZHEdGGFJX7Tn2lawAamFxzlN7PSLETLBNk6l1dSZbb4INUblXRWxV+63mt+TndZSGFrkiXIeXW0NVSdMUpFd4SRb3vJIK54vsCBMMj9IOU0Zehc1cchWtKuCdFbC+9yCQXX93KiBJ709FDwM8t/7vWIDSLorjA4glMl/7HeDOZYqAY36o6BdM7fIsSdqJ7X1npSM5wo8toVGhg0a33c78eroMA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none Received: from BL3PR02MB7938.namprd02.prod.outlook.com (2603:10b6:208:355::20) by BL0PR02MB6530.namprd02.prod.outlook.com (2603:10b6:208:1c1::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.7; Thu, 6 Jan 2022 06:47:26 +0000 Received: from BL3PR02MB7938.namprd02.prod.outlook.com ([fe80::3c2f:b2dd:a0b5:74da]) by BL3PR02MB7938.namprd02.prod.outlook.com ([fe80::3c2f:b2dd:a0b5:74da%6]) with mapi id 15.20.4867.009; Thu, 6 Jan 2022 06:47:26 +0000 From: Raphael Norwitz To: "stefanha@redhat.com" , "marcandre.lureau@redhat.com" , "mst@redhat.com" , "david@redhat.com" Subject: [PATCH v2 1/5] libvhost-user: Add vu_rem_mem_reg input validation Thread-Topic: [PATCH v2 1/5] libvhost-user: Add vu_rem_mem_reg input validation Thread-Index: AQHYAslEhQY8WRvwAEOt3/M7Uq9W0A== Date: Thu, 6 Jan 2022 06:47:26 +0000 Message-ID: <20220106064717.7477-2-raphael.norwitz@nutanix.com> References: <20220106064717.7477-1-raphael.norwitz@nutanix.com> In-Reply-To: <20220106064717.7477-1-raphael.norwitz@nutanix.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.20.1 x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c7b8c46a-801f-417f-cf26-08d9d0e066cb x-ms-traffictypediagnostic: BL0PR02MB6530:EE_ x-microsoft-antispam-prvs: x-proofpoint-crosstenant: true x-ms-oob-tlc-oobclassifiers: OLM:346; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: HSsmclzK6YUhI2bVLfi0HerXqa1Ogq3yUNSLS+K56PhELXy/5mIK64QJEqwC2E2zvNHG1cR4DM/D+A44Qxd9FGE/+rx7AsUCP/AjjrW2dUW4+tJsBrL616XxTd+3EWK82I522hvApu5WXYpLt3oO/HAIcIewl7VoKCDmOnKKLeT/sjHzM9lCGLvEC09QjSsOVtbL/aS684FVvmH0+ozggyrb9WekcA3CN7E8Y+mRW3ifDXud5tD8hhTsNtDbzM1jDu8+v0tpCkpkK1f9HU8ewVFQiVUPi4BNO5bWQKh99KizOzrrZSNEnrItSDp/WHizQNTbdbIWRjPkYy3BFBHTFVwUs6alydYSP+rGcWnLqfS0KdkpEHJxSqJ2FHk+gMwUwvTQDOJhamUGBsLlehhFIOFkL0DMHA6aEdYtjHwTNNfEVe1ZXSaFyXP/X2b0kSvbxQ7uZfqylWN6k57zUBahvVp0Qcznj5NujR7Mdu663X+NDVG35S9Vk55d/JZm2r1yOwI4Ugt8Swsckc5ktyU4Ud+N0JeHiMsqlB6lyOB3rVroLC3qyFauP+gwHX0sQASpN5cmQl4BR9c1p4riZriPXDQSu9uv6dBDZAvZv7NkYe3Pt3Weg7AYTijtW/YF0a3g1kyXwZ2KfC2mfW/AeVnKF/dMuRf5nfzqYVHSbuberASUNibZO8il9uTuY0Rg0H0YlCSHIqPaNJ9SRk8fIKNJ/Q== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL3PR02MB7938.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(6506007)(508600001)(66446008)(4326008)(76116006)(186003)(2906002)(316002)(4744005)(122000001)(6512007)(66476007)(71200400001)(66556008)(66946007)(5660300002)(91956017)(64756008)(54906003)(6486002)(38070700005)(110136005)(44832011)(36756003)(1076003)(2616005)(38100700002)(86362001)(107886003)(8676002)(26005)(8936002); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?JN26IwEAQkPFkN4RqXfG8UK?= =?iso-8859-1?q?xqP8xhAx90Np2rtec4tLK89xMIVqVc+HPUyCTh/yj/PGV9blF8oOR85DB5q+?= =?iso-8859-1?q?KII/uVRKOz9iZaToGtgBKGSAH36itK9mu4a46TSlq6XAJjEetU0cwu5HhkUp?= =?iso-8859-1?q?gM3LgQT2eMtDJpbWrfxakW35VkexvFP2tCPk6TQh9LU3CMSQzaB8WGerdxHU?= =?iso-8859-1?q?4zYd8XKPtte1qnnAvd4lBXJTKA4eOM9WlM9TX8oE2IJjQOUHsGL7wWOUJf5Q?= =?iso-8859-1?q?ct7dgf3yzYpjGsE9SSMKdrk/aaEQu0MeRetlEVS8UzrPH2rbar/s/KarZjJK?= =?iso-8859-1?q?vwzwuKFtYKHZiGUHUpfrE+1Tap3/TFi0PR4cCBmS8MdThL9EswK8/sglQhgY?= =?iso-8859-1?q?nm4a1X/ptKo44hBkhuMiLgxRhgE8dv2ddoWPOlFX/6JiGjZeyRKcrQ+JsWrG?= =?iso-8859-1?q?Ecstx0YaOOvuYS3eAiEYDkdizlZH5S9MXrMGDnuK3jK5CSVdN7n0fT2qIb/9?= =?iso-8859-1?q?h8w7qBeUktykgOqOK8GT4b7PRDQ9DHKAlN8E2Vskz1f+dz9K0yhvHBnsCvh2?= =?iso-8859-1?q?IRmnzZKHCeWEcxHO+mxIAmguJ01eNvC0uIFqsVabJz4MY7Oyym+1sZvmNvKU?= =?iso-8859-1?q?8gc70Aol8KisFdQfMR+Aqh2hjqn4loKF62Xlw9ZzbDiaMdjjKDKzOOVAGbmy?= =?iso-8859-1?q?FH2wWO5x9wVxb1XF+VpBRI83rR8Rp7bpTahfI/V/Q2runKWAz6FqVecMzkOF?= =?iso-8859-1?q?5x3MywVnyytgltPGDd1K7GhyVYKnzweGy9qZA6Whv/EaV8I4C026HmYGVg/z?= =?iso-8859-1?q?YFngcMbORc8npnv306echny3R3Ns1yrthe/ZxyJDRcYdOQd4pSEJuo5wfhtR?= =?iso-8859-1?q?hFcL/7Zv0vgAe+5J0m17bV+s5nJu4k8Kw8HbpCkIWvkFJ54BblBIwHe5KK62?= =?iso-8859-1?q?fSp4mmZKN+Q/FlxII8LrLRLKV+FEezXuPC+OsEI/445B4Ftj4F3UWNYdTgq4?= =?iso-8859-1?q?W3Ow8IR6DeC9H+c8eERmWzR3JHifs6peQkQAy655cjglADLqvDE9bgAcqcTK?= =?iso-8859-1?q?0jzUO0OwF+Pl2e9H5zyX1i7hR84srI/VTfUe7f3nWC5fbXh8NcGQWMt0o737?= =?iso-8859-1?q?HOBsVRM/Ldi2tCtPB1bqnp4+eWOIRxXsaQiETd+kcNEI4dCVorDwJlW+fb9q?= =?iso-8859-1?q?hsmHLQaqeguuAq5TukPrluDZ2AHQ110BVVBY7Ei94PRAd2NyUKyk0pIOc/mp?= =?iso-8859-1?q?nLNHHxJZAK04sEcm2zEjypLVD7lAAsMJ4rpRb0mk2tYhmW90+U+2pvSjJ518?= =?iso-8859-1?q?c3Vke/u5w2d+TMmjuaLqdytXhHJKj5OrsJo71z/yo0i2hNwpIgEPM3RdEhx0?= =?iso-8859-1?q?MlLHASf/MnTBk7Fu1J/j39aeOi13lzXpOO9gl7t3l5Prwyucm0s8HgcnB0tm?= =?iso-8859-1?q?rKz3tss3gBk8JldIIqVKtubovyjR/W2QF0g4RleLAtW5iLCyWB5daTITPoNk?= =?iso-8859-1?q?68M7zRpXhC5fbf0kD2ULc9y2zCpQzKxwkMlAEgYz6dqPhW0djDrrVlk+OHCk?= =?iso-8859-1?q?ISmqmRgHi8n5ga9xoIxWM2e7BlNdOA7mewaDQlxE5KCCvV9JV5y7U3OaKbhJ?= =?iso-8859-1?q?cTn2QPWBAHEMaZNoz6zwT2IZh15F/Xn7sb2KH1dKQQQ0P8qrlI309LtvXzuF?= =?iso-8859-1?q?/VVnwnwSVy/YsNkqJKwMkIoQo2px2+YXGvqRscUrHkNT2EV1L+0peYtKLaZW?= =?iso-8859-1?q?rpFQ=3D?= MIME-Version: 1.0 X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BL3PR02MB7938.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c7b8c46a-801f-417f-cf26-08d9d0e066cb X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2022 06:47:26.5051 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: T1zau8uPcYTkQa18MJUrfbSUJ9IAT3e4qHfxv9aHCp9KwZznGWZp5a3prkWFx9LmFjzVm38PtGOSNm1qYZRwDGEFCUu9FzNf4GtFEjuRlSQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR02MB6530 X-Proofpoint-GUID: z-5gjyDMUx7eHETzrRY-M0IsQ1EYsqss X-Proofpoint-ORIG-GUID: z-5gjyDMUx7eHETzrRY-M0IsQ1EYsqss X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-06_02,2022-01-04_01,2021-12-02_01 X-Proofpoint-Spam-Reason: safe Received-SPF: pass client-ip=148.163.151.68; envelope-from=raphael.norwitz@nutanix.com; helo=mx0a-002c1b01.pphosted.com X-Spam_score_int: -24 X-Spam_score: -2.5 X-Spam_bar: -- X-Spam_report: (-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.372, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "raphael.s.norwitz@gmail.com" , "qemu-devel@nongnu.org" , Raphael Norwitz Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" Signed-off-by: Raphael Norwitz Reviewed-by: David Hildenbrand --- subprojects/libvhost-user/libvhost-user.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/subprojects/libvhost-user/libvhost-user.c b/subprojects/libvhost-user/libvhost-user.c index 787f4d2d4f..a6dadeb637 100644 --- a/subprojects/libvhost-user/libvhost-user.c +++ b/subprojects/libvhost-user/libvhost-user.c @@ -801,6 +801,12 @@ vu_rem_mem_reg(VuDev *dev, VhostUserMsg *vmsg) { VuDevRegion shadow_regions[VHOST_USER_MAX_RAM_SLOTS] = {}; VhostUserMemoryRegion m = vmsg->payload.memreg.region, *msg_region = &m; + if (vmsg->fd_num != 1 || + vmsg->size != sizeof(vmsg->payload.memreg)) { + vu_panic(dev, "VHOST_USER_REM_MEM_REG received multiple regions"); + return false; + } + DPRINT("Removing region:\n"); DPRINT(" guest_phys_addr: 0x%016"PRIx64"\n", msg_region->guest_phys_addr);