[Lguest] [PATCH 2/8] lguest: fix descriptor corruption in example launcher

[Rusty Russell]

1d589bb16b825b3a7b4edd34d997f1f1f953033d "Add serial number support
for virtio_blk, V4a" extended 'struct virtio_blk_config' to 536 bytes.
Lguest and S/390 both use an 8 bit value for the feature length, and
this change broke them (if the code is naive).

Signed-off-by: Rusty Russell <rusty at rustcorp.com.au>
Cc: John Cooper <john.cooper at redhat.com>
Cc: Christian Borntraeger <borntraeger at de.ibm.com>
---
 Documentation/lguest/lguest.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Documentation/lguest/lguest.c b/Documentation/lguest/lguest.c
--- a/Documentation/lguest/lguest.c
+++ b/Documentation/lguest/lguest.c
@@ -1105,6 +1105,9 @@ static void set_config(struct device *de
 	/* Copy in the config information, and store the length. */
 	memcpy(device_config(dev), conf, len);
 	dev->desc->config_len = len;
+
+	/* Size must fit in config_len field (8 bits)! */
+	assert(dev->desc->config_len == len);
 }
 
 /* This routine does all the creation and setup of a new device, including
@@ -1515,7 +1518,8 @@ static void setup_block_file(const char 
 	add_feature(dev, VIRTIO_BLK_F_SEG_MAX);
 	conf.seg_max = cpu_to_le32(VIRTQUEUE_NUM - 2);
 
-	set_config(dev, sizeof(conf), &conf);
+	/* Don't try to put whole struct: we have 8 bit limit. */
+	set_config(dev, offsetof(struct virtio_blk_config, geometry), &conf);
 
 	verbose("device %u: virtblock %llu sectors\n",
 		++devices.device_num, le64_to_cpu(conf.capacity));