Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-27 Thread Cornelia Huck
On Fri, Mar 17 2023, Carlos López wrote: > When a virtqueue size is changed by the guest via > virtio_queue_set_num(), its region cache is not automatically updated. > If the size was increased, this could lead to accessing the cache out > of bounds. For example, in vring_get_used_event(): > >

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-27 Thread Halil Pasic
On Mon, 27 Mar 2023 08:29:09 -0400 "Michael S. Tsirkin" wrote: > On Mon, Mar 27, 2023 at 01:06:19PM +0200, Cornelia Huck wrote: > > On Wed, Mar 22 2023, Halil Pasic wrote: > > > > > On Wed, 22 Mar 2023 10:52:31 +0100 > > > Cornelia Huck wrote: > > > [..] > > >> > > > >> > diff --git

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-27 Thread Michael S. Tsirkin
On Mon, Mar 27, 2023 at 01:06:19PM +0200, Cornelia Huck wrote: > On Wed, Mar 22 2023, Halil Pasic wrote: > > > On Wed, 22 Mar 2023 10:52:31 +0100 > > Cornelia Huck wrote: > > [..] > >> > > >> > diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c > >> > index e33e5207ab..f44de1a8c1 100644

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-27 Thread Cornelia Huck
On Wed, Mar 22 2023, Halil Pasic wrote: > On Wed, 22 Mar 2023 10:52:31 +0100 > Cornelia Huck wrote: > [..] >> > >> > diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c >> > index e33e5207ab..f44de1a8c1 100644 >> > --- a/hw/s390x/virtio-ccw.c >> > +++ b/hw/s390x/virtio-ccw.c >> > @@

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-27 Thread Cornelia Huck
On Fri, Mar 24 2023, Halil Pasic wrote: > On Wed, 22 Mar 2023 18:24:33 +0100 > Halil Pasic wrote: > >> > > --- a/hw/s390x/virtio-ccw.c >> > > +++ b/hw/s390x/virtio-ccw.c >> > > @@ -237,6 +237,7 @@ static int virtio_ccw_set_vqs(SubchDev *sch, >> > > VqInfoBlock *info, >> > >

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-24 Thread Halil Pasic
On Wed, 22 Mar 2023 18:24:33 +0100 Halil Pasic wrote: > > > --- a/hw/s390x/virtio-ccw.c > > > +++ b/hw/s390x/virtio-ccw.c > > > @@ -237,6 +237,7 @@ static int virtio_ccw_set_vqs(SubchDev *sch, > > > VqInfoBlock *info, > > > return -EINVAL; > > > } > > >

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-22 Thread Halil Pasic
On Wed, 22 Mar 2023 10:52:31 +0100 Cornelia Huck wrote: [..] > > > > diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c > > index e33e5207ab..f44de1a8c1 100644 > > --- a/hw/s390x/virtio-ccw.c > > +++ b/hw/s390x/virtio-ccw.c > > @@ -237,6 +237,7 @@ static int virtio_ccw_set_vqs(SubchDev

Re: [PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-22 Thread Cornelia Huck
On Fri, Mar 17 2023, Carlos López wrote: > When a virtqueue size is changed by the guest via > virtio_queue_set_num(), its region cache is not automatically updated. > If the size was increased, this could lead to accessing the cache out > of bounds. For example, in vring_get_used_event(): > >

[PATCH v2] virtio: refresh vring region cache after updating a virtqueue size

2023-03-16 Thread Carlos López
When a virtqueue size is changed by the guest via virtio_queue_set_num(), its region cache is not automatically updated. If the size was increased, this could lead to accessing the cache out of bounds. For example, in vring_get_used_event(): static inline uint16_t