[PATCH 2/6] ACRN:DM:PCI: pci_emul_alloc_pbar adds more check for bar type/index


Zhao, Yakui
 

Now it doesn't check the input bar type/index when pci device calls the pci_emul_alloc_bar
to allocate the resource for PCI IO/MMIO/ROM bar. This is added to avoid that
the incorrect bar index/type is passed.

Signed-off-by: Zhao Yakui <yakui.zhao@...>
---
devicemodel/hw/pci/core.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/devicemodel/hw/pci/core.c b/devicemodel/hw/pci/core.c
index 87cbf6d05..60111f98c 100644
--- a/devicemodel/hw/pci/core.c
+++ b/devicemodel/hw/pci/core.c
@@ -784,6 +784,15 @@ pci_emul_alloc_pbar(struct pci_vdev *pdi, int idx, uint64_t hostbase,
size = 16;
}

+ if (idx > PCI_ROMBAR) {
+ pr_err("%s: invalid bar number %d for PCI bar type\n", __func__, idx);
+ return -1;
+ }
+ if ((idx == PCI_ROMBAR) && (type != PCIBAR_MEM32)) {
+ pr_err("%s: invalid bar type %d for PCI ROM\n", __func__, type);
+ return -1;
+ }
+
switch (type) {
case PCIBAR_NONE:
baseptr = NULL;
--
2.25.1


Yu Wang
 

On Thu, Sep 15, 2022 at 10:30:49AM +0800, Zhao Yakui wrote:
Now it doesn't check the input bar type/index when pci device calls the pci_emul_alloc_bar
to allocate the resource for PCI IO/MMIO/ROM bar. This is added to avoid that
the incorrect bar index/type is passed.

Signed-off-by: Zhao Yakui <yakui.zhao@...>
---
devicemodel/hw/pci/core.c | 9 +++++++++
1 file changed, 9 insertions(+)

diff --git a/devicemodel/hw/pci/core.c b/devicemodel/hw/pci/core.c
index 87cbf6d05..60111f98c 100644
--- a/devicemodel/hw/pci/core.c
+++ b/devicemodel/hw/pci/core.c
@@ -784,6 +784,15 @@ pci_emul_alloc_pbar(struct pci_vdev *pdi, int idx, uint64_t hostbase,
size = 16;
}

+ if (idx > PCI_ROMBAR) {
+ pr_err("%s: invalid bar number %d for PCI bar type\n", __func__, idx);
+ return -1;
+ }
+ if ((idx == PCI_ROMBAR) && (type != PCIBAR_MEM32)) {
+ pr_err("%s: invalid bar type %d for PCI ROM\n", __func__, type);
+ return -1;
+ }
Ditto. Please check my previous comments.

+
switch (type) {
case PCIBAR_NONE:
baseptr = NULL;
--
2.25.1