Re: [PATCH v2] vfio/pci: Do vf_token checks for VFIO_DEVICE_BIND_IOMMUFD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Jul 11, 2025 at 12:01:49PM +0000, Shameerali Kolothum Thodi wrote:
> >  	minsz = offsetofend(struct vfio_device_bind_iommufd, out_devid);
> > 
> > -	if (copy_from_user(&bind, arg, minsz))
> > -		return -EFAULT;
> > +	ret = get_user(user_size, &arg->argsz);
> > +	if (ret)
> > +		return ret;
> > +	if (bind.argsz < minsz)
> 
> The above check should use user_size.

Woops for sure!

> With that fixed, I did a basic sanity testing with a latest Qemu(no BIND_FLAG_TOKEN flag),
> assigning a vf to a Guest. Seems to be OK.  No regression observed.
> 
> FWIW:
> Tested-by: Shameer Kolothum <shameerali.kolothum.thodi@xxxxxxxxxx>

Thanks for testing!

Jason
[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux