x86/vMSI-X: write snoops should ignore hvm_mmio_internal() requests

Those aren't actual I/O requests (and hence are of no interest here
anyway). Since they don't get copied into struct vcpu, looking at that
copy reads whatever was left there. Use the state of the request to
determine its validity.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
Release-acked-by: Wei Liu <wei.liu2@citrix.com>

diff --git a/xen/arch/x86/hvm/vmsi.c b/xen/arch/x86/hvm/vmsi.c
index 805e560701c5b5b82132d88c5d256e55b0a8fc8b..53c24e5adac059b5bceb07fa6d795e8c3e1dc5c8 100644 (file)
--- a/xen/arch/x86/hvm/vmsi.c
+++ b/xen/arch/x86/hvm/vmsi.c
@@ -349,6 +349,8 @@ static int msixtbl_range(struct vcpu *v, unsigned long addr)
     {
         const ioreq_t *r = &v->arch.hvm_vcpu.hvm_io.io_req;
 
+        if ( r->state != STATE_IOREQ_READY )
+            return 0;
         ASSERT(r->type == IOREQ_TYPE_COPY);
         if ( r->dir == IOREQ_WRITE && r->size == 4 && !r->data_is_ptr
              && !(r->data & PCI_MSIX_VECTOR_BITMASK) )