The full size of the BAR is stored in the lower PCIIORegion.size. The
upper PCIIORegion.size is 0. Calculate the size of the upper half
correctly from the lower half otherwise the size read by the guest will
be incorrect.
Signed-off-by: Ross Lagerwall <ross.lagerw...@citrix.com>
---
hw/xen/xen_pt_config_init.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
index a3ce33e..aee31c6 100644
--- a/hw/xen/xen_pt_config_init.c
+++ b/hw/xen/xen_pt_config_init.c
@@ -504,6 +504,8 @@ static int xen_pt_bar_reg_write(XenPCIPassthroughState *s,
XenPTReg *cfg_entry,
bar_ro_mask = XEN_PT_BAR_IO_RO_MASK | (r_size - 1);
break;
case XEN_PT_BAR_FLAG_UPPER:
+ assert(index > 0);
+ r_size = d->io_regions[index - 1].size >> 32;
bar_emu_mask = XEN_PT_BAR_ALLF;
bar_ro_mask = r_size ? r_size - 1 : 0;
break;
--
2.9.5
