From: Jan Beulich <jbeulich@suse.com>
Date: Tue, 29 Apr 2025 09:47:50 +0000 (+0200)
Subject: x86: constrain sub-page access length in mmio_ro_emulated_write()
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=35cb38b2220b15e1229214255a430f9e99f07aa1;p=xen.git

x86: constrain sub-page access length in mmio_ro_emulated_write()

Without doing so we could trigger the ASSERT_UNREACHABLE() in
subpage_mmio_write_emulate(). A comment there actually says this
validation would already have been done ...

Fixes: 8847d6e23f97 ("x86/mm: add API for marking only part of a MMIO page read only")
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Jason Andryuk <jason.andryuk@amd.com>
master commit: 8dbd9966f82f95b017f06e9397fc78064b688d61
master date: 2025-04-28 09:48:14 +0200
---

diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index 0d242739b1..3f43cbabe1 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -5192,8 +5192,13 @@ int cf_check mmio_ro_emulated_write(
         return X86EMUL_UNHANDLEABLE;
     }
 
-    subpage_mmio_write_emulate(mmio_ro_ctxt->mfn, PAGE_OFFSET(offset),
-                               p_data, bytes);
+    if ( bytes <= 8 )
+        subpage_mmio_write_emulate(mmio_ro_ctxt->mfn, PAGE_OFFSET(offset),
+                                   p_data, bytes);
+    else if ( subpage_mmio_find_page(mmio_ro_ctxt->mfn) )
+        gprintk(XENLOG_WARNING,
+                "unsupported %u-byte write to R/O MMIO 0x%"PRI_mfn"%03lx\n",
+                bytes, mfn_x(mmio_ro_ctxt->mfn), PAGE_OFFSET(offset));
 
     return X86EMUL_OKAY;
 }