ns16550: limit mapped MMIO size

There's no point in mapping more than the memory we actually may need
to touch, and in fact the too large region could actually extend into
another device's one (which currently is benign on x86 since only a
single page gets mapped anyway, but which is a latent bug on ARM
whenever PCI support gets enabled there).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>

diff --git a/xen/drivers/char/ns16550.c b/xen/drivers/char/ns16550.c
index ebe01ecc93ef4519ccf85923cbaa16937e76cb3b..09abca8a0f0312ed81a8d0b444408579e63736de 100644 (file)
--- a/xen/drivers/char/ns16550.c
+++ b/xen/drivers/char/ns16550.c
@@ -931,6 +931,8 @@ pci_uart_config(struct ns16550 *uart, bool_t skip_amt, unsigned int bar_idx)
                         uart->io_base += bar_idx * uart_param[p].uart_offset;
                         if ( uart_param[p].base_baud )
                             uart->clock_hz = uart_param[p].base_baud * 16;
+                        size = max(8U << uart_param[p].reg_shift,
+                                   uart_param[p].uart_offset);
                         /* Set device and MMIO region read only to Dom0 */
                         uart->enable_ro = 1;
                         break;