xen/pt: Check if reg->init function sets the 'data' past the reg->size
It should never happen, but in case it does (an developer adds a new register and the 'init_val' expands past the register size) we want to report. The code will only write up to reg->size so there is no runtime danger of the register spilling across other ones - however to catch this sort of thing we still return an error. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
This commit is contained in:
parent
2e87512ecc
commit
5b4dd0f55e
|
@ -1949,9 +1949,15 @@ static int xen_pt_config_reg_init(XenPCIPassthroughState *s,
|
||||||
} else
|
} else
|
||||||
val = data;
|
val = data;
|
||||||
|
|
||||||
|
if (val & ~size_mask) {
|
||||||
|
XEN_PT_ERR(&s->dev,"Offset 0x%04x:0x%04x expands past register size(%d)!\n",
|
||||||
|
offset, val, reg->size);
|
||||||
|
g_free(reg_entry);
|
||||||
|
return -ENXIO;
|
||||||
|
}
|
||||||
/* This could be just pci_set_long as we don't modify the bits
|
/* This could be just pci_set_long as we don't modify the bits
|
||||||
* past reg->size, but in case this routine is run in parallel
|
* past reg->size, but in case this routine is run in parallel or the
|
||||||
* we do not want to over-write other registers. */
|
* init value is larger, we do not want to over-write registers. */
|
||||||
switch (reg->size) {
|
switch (reg->size) {
|
||||||
case 1: pci_set_byte(s->dev.config + offset, (uint8_t)val);
|
case 1: pci_set_byte(s->dev.config + offset, (uint8_t)val);
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue