fix(snapshot): switch PCI snapshot state vectors for arrays

Using serde-big-array, switch to serializing arrays rather than
converting arrays to vecs. This should prevent panics that could
previously be encountered by unwrapping vec-to-array conversions (e.g.,
when a malformed snapshot was encountered).

NB: Arrays must be boxed to prevent stack overflows. This is still
better than using Vecs, because the size is known at compile time.

Signed-off-by: James Curtis <jxcurtis@amazon.co.uk>

Author: JamesC1305

src/vmm/src/devices/virtio/transport/pci/device.rs

@@ -221,12 +221,15 @@ const NOTIFY_OFF_MULTIPLIER: u32 = 4; // A dword per notification address.
 const VIRTIO_PCI_VENDOR_ID: u16 = 0x1af4;
 const VIRTIO_PCI_DEVICE_ID_BASE: u16 = 0x1040; // Add to device type to get device ID.
 
+/// The size of the VIRTIO_PCI_CAP_PCI_CFG capability.
+const CAP_PCI_CFG_SIZE: usize = std::mem::size_of::<VirtioPciCfgCap>();
+
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct VirtioPciDeviceState {
     pub sbdf: PciSBDF,
     pub device_activated: bool,
     pub cap_pci_cfg_offset: u16,
-    pub cap_pci_cfg: Vec<u8>,
+    pub cap_pci_cfg: [u8; CAP_PCI_CFG_SIZE],
     pub pci_configuration_state: PciConfigurationState,
     pub pci_dev_state: VirtioPciCommonConfigState,
     pub msix_state: MsixConfigState,
@@ -610,7 +613,8 @@ impl VirtioPciDevice {
             sbdf: self.sbdf,
             device_activated: self.device_activated.load(Ordering::Acquire),
             cap_pci_cfg_offset: self.cap_pci_cfg_info.offset,
-            cap_pci_cfg: self.cap_pci_cfg_info.cap.bytes().to_vec(),
+            cap_pci_cfg: <[u8; CAP_PCI_CFG_SIZE]>::try_from(self.cap_pci_cfg_info.cap.as_slice())
+                .unwrap(),
             pci_configuration_state: self.configuration.state(),
             pci_dev_state: self.common_config.state(),
             msix_state: self

src/vmm/src/pci/configuration.rs

@@ -18,6 +18,26 @@ use crate::pci::{PciCapabilityId, PciClassCode};
 // The number of 32bit registers in the config space, 4096 bytes.
 const NUM_CONFIGURATION_REGISTERS: usize = 1024;
 
+mod boxed_big_array {
+    use serde::{Deserializer, Serializer};
+    use serde_big_array::BigArray;
+
+    use super::NUM_CONFIGURATION_REGISTERS;
+
+    pub fn serialize<S: Serializer>(
+        val: &Box<[u32; NUM_CONFIGURATION_REGISTERS]>,
+        s: S,
+    ) -> Result<S::Ok, S::Error> {
+        BigArray::serialize(val.as_ref(), s)
+    }
+
+    pub fn deserialize<'de, D: Deserializer<'de>>(
+        d: D,
+    ) -> Result<Box<[u32; NUM_CONFIGURATION_REGISTERS]>, D::Error> {
+        BigArray::deserialize(d).map(Box::new)
+    }
+}
+
 const STATUS_REG: usize = 1;
 const STATUS_REG_CAPABILITIES_USED_MASK: u32 = 0x0010_0000;
 const BAR0_REG: u16 = 4;
@@ -64,12 +84,15 @@ struct PciBar {
     used: bool,
 }
 
-/// PCI configuration space state for (de)serialization
+/// PCI configuration space state for (de)serialization.
+/// Register arrays are boxed to prevent stack overflow during (de)serialization.
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct PciConfigurationState {
-    registers: Vec<u32>,
-    writable_bits: Vec<u32>,
-    bars: Vec<PciBar>,
+    #[serde(with = "boxed_big_array")]
+    registers: Box<[u32; NUM_CONFIGURATION_REGISTERS]>,
+    #[serde(with = "boxed_big_array")]
+    writable_bits: Box<[u32; NUM_CONFIGURATION_REGISTERS]>,
+    bars: [PciBar; NUM_BAR_REGS],
     last_capability: Option<(u8, u8)>,
     msix_cap_reg_idx: Option<u16>,
 }
@@ -131,9 +154,9 @@ impl PciConfiguration {
         msix_config: Option<Arc<Mutex<MsixConfig>>>,
     ) -> Self {
         PciConfiguration {
-            registers: state.registers.try_into().unwrap(),
-            writable_bits: state.writable_bits.try_into().unwrap(),
-            bars: state.bars.try_into().unwrap(),
+            registers: *state.registers,
+            writable_bits: *state.writable_bits,
+            bars: state.bars,
             last_capability: state.last_capability,
             msix_cap_reg_idx: state.msix_cap_reg_idx,
             msix_config,
@@ -143,9 +166,9 @@ impl PciConfiguration {
     /// Create PCI configuration space state
     pub fn state(&self) -> PciConfigurationState {
         PciConfigurationState {
-            registers: self.registers.to_vec(),
-            writable_bits: self.writable_bits.to_vec(),
-            bars: self.bars.to_vec(),
+            registers: Box::new(self.registers),
+            writable_bits: Box::new(self.writable_bits),
+            bars: self.bars,
             last_capability: self.last_capability,
             msix_cap_reg_idx: self.msix_cap_reg_idx,
         }