From 43e9d322beb18f0b9877e553385aefb94c34fc02 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Mon, 4 Jul 2022 11:10:31 +0200
Subject: [PATCH] domain_validate: Disallow non-virtio IOMMU with an <address/>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Per v8.3.0-rc1~199 it's only a virtio IOMMU that can have
<address/>. The rest (Intel and SMMUv3) are system devices and
thus have no address associated with them. However, this
assumption is never checked for.

Fixes: b0eb1e193f5db033d0fbbf91ff71a121066ad77c
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 src/conf/domain_validate.c | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index c977c39144..d35451c26a 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -2582,6 +2582,27 @@ virDomainGraphicsDefValidate(const virDomainDef *def,
     return 0;
 }
 
+static int
+virDomainIOMMUDefValidate(const virDomainIOMMUDef *iommu)
+{
+    switch (iommu->model) {
+    case VIR_DOMAIN_IOMMU_MODEL_INTEL:
+    case VIR_DOMAIN_IOMMU_MODEL_SMMUV3:
+        if (iommu->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("iommu model '%s' can't have address"),
+                           virDomainIOMMUModelTypeToString(iommu->model));
+            return -1;
+        }
+        break;
+
+    case VIR_DOMAIN_IOMMU_MODEL_VIRTIO:
+    case VIR_DOMAIN_IOMMU_MODEL_LAST:
+    }
+
+    return 0;
+}
+
 static int
 virDomainDeviceInfoValidate(const virDomainDeviceDef *dev)
 {
@@ -2683,6 +2704,9 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
     case VIR_DOMAIN_DEVICE_GRAPHICS:
         return virDomainGraphicsDefValidate(def, dev->data.graphics);
 
+    case VIR_DOMAIN_DEVICE_IOMMU:
+        return virDomainIOMMUDefValidate(dev->data.iommu);
+
     case VIR_DOMAIN_DEVICE_LEASE:
     case VIR_DOMAIN_DEVICE_WATCHDOG:
     case VIR_DOMAIN_DEVICE_HUB:
@@ -2690,7 +2714,6 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
     case VIR_DOMAIN_DEVICE_NVRAM:
     case VIR_DOMAIN_DEVICE_TPM:
     case VIR_DOMAIN_DEVICE_PANIC:
-    case VIR_DOMAIN_DEVICE_IOMMU:
     case VIR_DOMAIN_DEVICE_NONE:
     case VIR_DOMAIN_DEVICE_LAST:
         break;