On Fri, Jan 09, 2026 at 04:24:20PM +0100, Eugenio Pérez wrote:
> @@ -1252,12 +1266,24 @@ static long vduse_dev_ioctl(struct file *file,
> unsigned int cmd,
> if (config.index >= dev->vq_num)
> break;
>
> - if (!is_mem_zero((const char *)config.reserved,
> - sizeof(config.reserved)))
> + if (dev->api_version < VDUSE_API_VERSION_1 && config.group)
> + break;
> +
> + if (dev->api_version >= VDUSE_API_VERSION_1) {
> + if (config.group >= dev->ngroups)
> + break;
> + if (dev->status & VIRTIO_CONFIG_S_DRIVER_OK)
> + break;
> + }
> +
> + if (config.reserved1 ||
> + !is_mem_zero((const char *)config.reserved2,
> + sizeof(config.reserved2)))
Hmm but if api version is 0 then group should be 0 no?
We should validate.
