On Fri, 27 Jan 2023, Marek Marczykowski-Górecki wrote:
> xen_pt_config_reg_init() reads only that many bytes as the size of the
> register that is being initialized. It uses
> xen_host_pci_get_{byte,word,long} and casts its last argument to
> expected pointer type. This means for smaller registers higher bits of
> 'val' are not initialized. Then, the function fails if any of those
> higher bits are set.
> 
> Fix this by initializing 'val' with zero.
> 
> Signed-off-by: Marek Marczykowski-Górecki <marma...@invisiblethingslab.com>

Reviewed-by: Stefano Stabellini <sstabell...@kernel.org>


> ---
>  hw/xen/xen_pt_config_init.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
> index cde898b744..8b9b554352 100644
> --- a/hw/xen/xen_pt_config_init.c
> +++ b/hw/xen/xen_pt_config_init.c
> @@ -1924,7 +1924,7 @@ static void 
> xen_pt_config_reg_init(XenPCIPassthroughState *s,
>      if (reg->init) {
>          uint32_t host_mask, size_mask;
>          unsigned int offset;
> -        uint32_t val;
> +        uint32_t val = 0;
>  
>          /* initialize emulate register */
>          rc = reg->init(s, reg_entry->reg,
> -- 
> 2.37.3
> 

Reply via email to