From: Tu Dinh Ngoc <dinhngoc.tu@xxxxxxx>
The `len' parameter of kvm__register_pio specifies a range of I/O ports
to be registered for the same handler. However, the `size' parameter of
PIO events specifies the number of bytes read/written to a single I/O
port.
kvm__emulate_io confuses the two and uses the number of bytes
read/written in its I/O handler search, meaning reads/writes with a size
larger than the registered range length will be silently dropped.
Fix this issue by specifying a MMIO tree search range of 1 port.
---
mmio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mmio.c b/mmio.c
index 5a114e9..212e979 100644
--- a/mmio.c
+++ b/mmio.c
@@ -222,7 +222,7 @@ bool kvm__emulate_io(struct kvm_cpu *vcpu, u16 port, void *data,
struct mmio_mapping *mmio;
bool is_write = direction == KVM_EXIT_IO_OUT;
- mmio = mmio_get(&pio_tree, port, size);
+ mmio = mmio_get(&pio_tree, port, 1);
if (!mmio) {
if (vcpu->kvm->cfg.ioport_debug) {
fprintf(stderr, "IO error: %s port=%x, size=%d, count=%u\n",
--
2.25.1
