Hi Jonathan, Thanks for the review.
This v3 splits the helper extraction from the actual bug fix. Patch 1 is a refactor only: it folds the existing patrol scrub and ECS bounds checks into a helper, with no intended functional change. Patch 2 uses that helper for the remaining Set Feature branches that still copy into fixed-size write-attribute buffers without bounds validation. That patch carries the Fixes tags. I have left the qtest out of this backportable bugfix series for now. I can send it separately after addressing the x86-only and magic-value comments. Changes since v2: - split helper extraction from the bug fix - add Fixes tags to the bug-fixing patch - leave the qtest for a separate follow-up Jia Jia (2): hw/cxl: factor Set Feature write bounds helper hw/cxl: validate PPR and sparing Set Feature writes hw/cxl/cxl-mailbox-utils.c | 94 ++++++++++++++++++++++++++++---------- 1 file changed, 70 insertions(+), 24 deletions(-) -- 2.34.1
