nvmf/vfio-user: add check for property_access

Only 4 bytes or 8 bytes are valid numbers when to access NVMe
registers, add the check here.

Fix issue #2495.

Change-Id: I63b6e16a156f6eba17f397ec9d1a447e6a80b4da
Signed-off-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/12643
Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com>
Community-CI: Mellanox Build Bot
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Dong Yi <dongx.yi@intel.com>
Reviewed-by: John Levon <levon@movementarian.org>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
This commit is contained in:
Changpeng Liu 2022-05-12 12:41:08 +08:00 committed by Tomasz Zawadzki
parent 7cfb12f437
commit 9df0f59444

View File

@ -2747,6 +2747,11 @@ vfio_user_property_access(struct nvmf_vfio_user_ctrlr *vu_ctrlr,
struct nvmf_vfio_user_req *req;
const struct spdk_nvmf_registers *regs;
if ((count != 4) && (count != 8)) {
errno = EINVAL;
return -1;
}
/* Construct a Fabric Property Get/Set command and send it */
req = get_nvmf_vfio_user_req(vu_ctrlr->sqs[0]);
if (req == NULL) {
@ -2760,7 +2765,11 @@ vfio_user_property_access(struct nvmf_vfio_user_ctrlr *vu_ctrlr,
req->cb_arg = vu_ctrlr->sqs[0];
req->req.cmd->prop_set_cmd.opcode = SPDK_NVME_OPC_FABRIC;
req->req.cmd->prop_set_cmd.cid = 0;
req->req.cmd->prop_set_cmd.attrib.size = (count / 4) - 1;
if (count == 4) {
req->req.cmd->prop_set_cmd.attrib.size = 0;
} else {
req->req.cmd->prop_set_cmd.attrib.size = 1;
}
req->req.cmd->prop_set_cmd.ofst = pos;
if (is_write) {
req->req.cmd->prop_set_cmd.fctype = SPDK_NVMF_FABRIC_COMMAND_PROPERTY_SET;