1 /* 2 * vfio protocol over a UNIX socket device handling. 3 * 4 * Copyright © 2018, 2021 Oracle and/or its affiliates. 5 * 6 * SPDX-License-Identifier: GPL-2.0-or-later 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qapi/error.h" 11 #include "qemu/error-report.h" 12 13 #include "hw/vfio-user/device.h" 14 #include "hw/vfio-user/trace.h" 15 16 /* 17 * These are to defend against a malign server trying 18 * to force us to run out of memory. 19 */ 20 #define VFIO_USER_MAX_REGIONS 100 21 #define VFIO_USER_MAX_IRQS 50 22 23 bool vfio_user_get_device_info(VFIOUserProxy *proxy, 24 struct vfio_device_info *info, Error **errp) 25 { 26 VFIOUserDeviceInfo msg; 27 uint32_t argsz = sizeof(msg) - sizeof(msg.hdr); 28 29 memset(&msg, 0, sizeof(msg)); 30 vfio_user_request_msg(&msg.hdr, VFIO_USER_DEVICE_GET_INFO, sizeof(msg), 0); 31 msg.argsz = argsz; 32 33 if (!vfio_user_send_wait(proxy, &msg.hdr, NULL, 0, errp)) { 34 return false; 35 } 36 37 if (msg.hdr.flags & VFIO_USER_ERROR) { 38 error_setg_errno(errp, -msg.hdr.error_reply, 39 "VFIO_USER_DEVICE_GET_INFO failed"); 40 return false; 41 } 42 43 trace_vfio_user_get_info(msg.num_regions, msg.num_irqs); 44 45 memcpy(info, &msg.argsz, argsz); 46 47 /* defend against a malicious server */ 48 if (info->num_regions > VFIO_USER_MAX_REGIONS || 49 info->num_irqs > VFIO_USER_MAX_IRQS) { 50 error_setg_errno(errp, EINVAL, "invalid reply"); 51 return false; 52 } 53 54 return true; 55 } 56