Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of qu

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of qu

From:	Peter Maydell
Subject:	Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of queue size
Date:	Tue, 9 Jul 2013 09:27:54 +0100

On 8 July 2013 20:39, Anthony Liguori <address@hidden> wrote:
> Peter Maydell <address@hidden> writes:
>> +void virtio_queue_set_num(VirtIODevice *vdev, int n, int num)
>> +{
>> +    vdev->vq[n].vring.num = num;
>> +    virtqueue_init(&vdev->vq[n]);
>
> I think some level of checking is probably needed on num since we do a
> tremendous amount of math on it.  I doubt it's exploitable since it's
> always treated as a PA, but better to be safe than sorry.

So at the moment we do that in the transport:

+        if (value <= VIRTQUEUE_MAX_SIZE) {
+            DPRINTF("calling virtio_queue_set_num\n");
+            virtio_queue_set_num(vdev, vdev->queue_sel, value);
+        }

but I agree it would be better done here in the generic code.

-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of queue size, Anthony Liguori, 2013/07/08
- Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of queue size, Peter Maydell <=

Prev by Date: Re: [Qemu-devel] [PATCH v3 0/3] qapi: Top-level type reference for command definitions
Next by Date: Re: [Qemu-devel] [PATCH v3 1/2] trap signals for "-serial mon:stdio"
Previous by thread: Re: [Qemu-devel] [PATCH 3/8] virtio: Add support for guest setting of queue size
Next by thread: Re: [Qemu-devel] [PATCH 5/8] virtio: Implement MMIO based virtio transport
Index(es):
- Date
- Thread