git: 814bf1fddd27 - main - virtio_p9fs: fix panic on qemu/kvm

From: Warner Losh <imp_at_FreeBSD.org>
Date: Sun, 07 Jul 2024 11:41:44 UTC
The branch main has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=814bf1fddd27aea69740f9e7426302354285cad4

commit 814bf1fddd27aea69740f9e7426302354285cad4
Author:     Danilo Egea Gondolfo <danilo@FreeBSD.org>
AuthorDate: 2024-07-06 16:51:51 +0000
Commit:     Warner Losh <imp@FreeBSD.org>
CommitDate: 2024-07-07 11:39:27 +0000

    virtio_p9fs: fix panic on qemu/kvm
    
    When the module is loaded on a system running on qemu/kvm the "modern"
    virtio infrastructure is used and virtio_read_device_config() will end
    up calling vtpci_modern_read_dev_config(). This function cannot read
    values of arbitrary sizes and will panic if the p9fs mount tag size is
    not supported by it.
    
    Use virtio_read_device_config_array() instead. It was tested on both
    bhyve and qemu/kvm.
    
    PR: 280098
    Co-authored-by: Mark Peek <mp@FreeBSD.org>
    Reviewed by: imp
    Pull Request: https://github.com/freebsd/freebsd-src/pull/1320
---
 sys/dev/virtio/p9fs/virtio_p9fs.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/dev/virtio/p9fs/virtio_p9fs.c b/sys/dev/virtio/p9fs/virtio_p9fs.c
index aa174d3bd5ba..3600e0ea09c9 100644
--- a/sys/dev/virtio/p9fs/virtio_p9fs.c
+++ b/sys/dev/virtio/p9fs/virtio_p9fs.c
@@ -352,9 +352,9 @@ vt9p_attach(device_t dev)
 	mount_tag = malloc(mount_tag_len + 1, M_P9FS_MNTTAG,
 	    M_WAITOK | M_ZERO);
 
-	virtio_read_device_config(dev,
+	virtio_read_device_config_array(dev,
 	    offsetof(struct virtio_9pnet_config, mount_tag),
-	    mount_tag, mount_tag_len);
+	    mount_tag, 1, mount_tag_len);
 
 	device_printf(dev, "Mount tag: %s\n", mount_tag);