diff options
author | Akihiko Odaki | 2022-08-29 10:35:24 +0200 |
---|---|---|
committer | Michael S. Tsirkin | 2022-11-07 20:08:17 +0100 |
commit | 15377f6e79cc6aa08dbafe82607e0bda13ca44b5 (patch) | |
tree | 689870d114b96e0fd61fd47b73ee92e5c1d6a7df /hw/pci | |
parent | MAINTAINERS: Add qapi/virtio.json to section "virtio" (diff) | |
download | qemu-15377f6e79cc6aa08dbafe82607e0bda13ca44b5.tar.gz qemu-15377f6e79cc6aa08dbafe82607e0bda13ca44b5.tar.xz qemu-15377f6e79cc6aa08dbafe82607e0bda13ca44b5.zip |
msix: Assert that specified vector is in range
There were several different ways to deal with the situation where the
vector specified for a msix function is out of bound:
- early return a function and keep progresssing
- propagate the error to the caller
- mark msix unusable
- assert it is in bound
- just ignore
An out-of-bound vector should not be specified if the device
implementation is correct so let msix functions always assert that the
specified vector is in range.
An exceptional case is virtio-pci, which allows the guest to configure
vectors. For virtio-pci, it is more appropriate to introduce its own
checks because it is sometimes too late to check the vector range in
msix functions.
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-Id: <20220829083524.143640-1-akihiko.odaki@daynix.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Signed-off-by: Akihiko Odaki <<a href="mailto:akihiko.odaki@daynix.com" target="_blank">akihiko.odaki@daynix.com</a>><br>
Diffstat (limited to 'hw/pci')
-rw-r--r-- | hw/pci/msix.c | 24 |
1 files changed, 9 insertions, 15 deletions
diff --git a/hw/pci/msix.c b/hw/pci/msix.c index 1e381a9813..9e70fcd6fa 100644 --- a/hw/pci/msix.c +++ b/hw/pci/msix.c @@ -136,17 +136,12 @@ static void msix_handle_mask_update(PCIDevice *dev, int vector, bool was_masked) } } -void msix_set_mask(PCIDevice *dev, int vector, bool mask, Error **errp) +void msix_set_mask(PCIDevice *dev, int vector, bool mask) { - ERRP_GUARD(); unsigned offset; bool was_masked; - if (vector > dev->msix_entries_nr) { - error_setg(errp, "msix: vector %d not allocated. max vector is %d", - vector, dev->msix_entries_nr); - return; - } + assert(vector < dev->msix_entries_nr); offset = vector * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL; @@ -522,7 +517,9 @@ void msix_notify(PCIDevice *dev, unsigned vector) { MSIMessage msg; - if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) { + assert(vector < dev->msix_entries_nr); + + if (!dev->msix_entry_used[vector]) { return; } @@ -558,20 +555,17 @@ void msix_reset(PCIDevice *dev) * don't want to follow the spec suggestion can declare all vectors as used. */ /* Mark vector as used. */ -int msix_vector_use(PCIDevice *dev, unsigned vector) +void msix_vector_use(PCIDevice *dev, unsigned vector) { - if (vector >= dev->msix_entries_nr) { - return -EINVAL; - } - + assert(vector < dev->msix_entries_nr); dev->msix_entry_used[vector]++; - return 0; } /* Mark vector as unused. */ void msix_vector_unuse(PCIDevice *dev, unsigned vector) { - if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) { + assert(vector < dev->msix_entries_nr); + if (!dev->msix_entry_used[vector]) { return; } if (--dev->msix_entry_used[vector]) { |