hw/virtio/virtio: Don't allow guests to add/remove queues

A queue size of 0 is used to indicate a nonexistent queue, so
don't allow the guest to flip a queue between zero-size and
non-zero-size. Don't permit setting of negative queue sizes
either.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1374853288-9912-2-git-send-email-peter.maydell@linaro.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
This commit is contained in:
Peter Maydell 2013-07-26 16:41:27 +01:00
parent 2e985fe000
commit f6049f4483

View File

@ -673,10 +673,16 @@ hwaddr virtio_queue_get_addr(VirtIODevice *vdev, int n)
void virtio_queue_set_num(VirtIODevice *vdev, int n, int num)
{
if (num <= VIRTQUEUE_MAX_SIZE) {
vdev->vq[n].vring.num = num;
virtqueue_init(&vdev->vq[n]);
/* Don't allow guest to flip queue between existent and
* nonexistent states, or to set it to an invalid size.
*/
if (!!num != !!vdev->vq[n].vring.num ||
num > VIRTQUEUE_MAX_SIZE ||
num < 0) {
return;
}
vdev->vq[n].vring.num = num;
virtqueue_init(&vdev->vq[n]);
}
int virtio_queue_get_num(VirtIODevice *vdev, int n)