> On Aug 24, 2021, at 9:04 AM, Stefan Hajnoczi <stefa...@redhat.com> wrote: > > On Mon, Aug 16, 2021 at 09:42:40AM -0700, Elena Ufimtseva wrote: >> +int vfio_user_get_info(VFIODevice *vbasedev) >> +{ >> + VFIOUserDeviceInfo msg; >> + >> + memset(&msg, 0, sizeof(msg)); >> + vfio_user_request_msg(&msg.hdr, VFIO_USER_DEVICE_GET_INFO, sizeof(msg), >> 0); >> + msg.argsz = sizeof(struct vfio_device_info); >> + >> + vfio_user_send_recv(vbasedev->proxy, &msg.hdr, NULL, 0, 0); >> + if (msg.hdr.flags & VFIO_USER_ERROR) { >> + return -msg.hdr.error_reply; >> + } >> + >> + vbasedev->num_irqs = msg.num_irqs; >> + vbasedev->num_regions = msg.num_regions; >> + vbasedev->flags = msg.flags; >> + vbasedev->reset_works = !!(msg.flags & VFIO_DEVICE_FLAGS_RESET); > > No input validation. I haven't checked what happens when num_irqs, > num_regions, or flags are bogus but it's a little concerning. Unlike > kernel VFIO, we do not trust these values. >
As in the last reply, vfio-user doesn’t know valid values from invalid, so I need to re-work this so the PCI-specific code that calls vfio-user_get_info() can test for invalid values. JJ