From a03b6cedfd76846ded29b9f06e6299cb473bd14b Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Tue, 1 Aug 2023 12:57:04 +0200 Subject: [PATCH] qemu_driver: validate mem->model on MEMORY_DEVICE_SIZE_CHANGE event MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When guest acknowledges change in size of virtio-mem (portion that's exposed to the guest), QEMU emits MEMORY_DEVICE_SIZE_CHANGE event. We process it in processMemoryDeviceSizeChange(). So far, QEMU emits the even only for virtio-mem (as that's the only memory device model that allows live changes to its size). Nevertheless, if this ever changes, validate the memory model upon processing the event as the rest of the code blindly expects virtio-mem model. Signed-off-by: Michal Privoznik Reviewed-by: Ján Tomko --- src/qemu/qemu_driver.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index f8039160f4..f0eda71c4f 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -3998,6 +3998,13 @@ processMemoryDeviceSizeChange(virQEMUDriver *driver, goto endjob; } + if (mem->model != VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM) { + VIR_DEBUG("Received MEMORY_DEVICE_SIZE_CHANGE event for unexpected memory model (%s), expected %s", + virDomainMemoryModelTypeToString(mem->model), + virDomainMemoryModelTypeToString(VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM)); + goto endjob; + } + /* If this looks weird it's because it is. The balloon size * as reported by QEMU does not include any of @currentsize. * It really contains just the balloon size. But in domain