mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c40ca2301c
qemu/include
History
Alexander Bulekov c40ca2301c memory: prevent dma-reentracy issues 
Add a flag to the DeviceState, when a device is engaged in PIO/MMIO/DMA.
This flag is set/checked prior to calling a device's MemoryRegion
handlers, and set when device code initiates DMA.  The purpose of this
flag is to prevent two types of DMA-based reentrancy issues:

1.) mmio -> dma -> mmio case
2.) bh -> dma write -> mmio case

These issues have led to problems such as stack-exhaustion and
use-after-frees.

Summary of the problem from Peter Maydell:
https://lore.kernel.org/qemu-devel/CAFEAcA_23vc7hE3iaM-JVA6W38LK4hJoWae5KcknhPRD5fPBZA@mail.gmail.com

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/62
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/540
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/541
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/556
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/557
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/827
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1282
Resolves: CVE-2023-0330

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230427211013.2994127-2-alxndr@bu.edu>
[thuth: Replace warn_report() with warn_report_once()]
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit a2e1753b80)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-09-11 10:53:50 +03:00
..
authz
block block: Make bdrv_child_get_parent_aio_context I/O 2022-11-10 14:58:34 +01:00
chardev chardev: src buffer const for write functions 2022-09-29 14:38:05 +04:00
crypto crypto: Support export akcipher to pkcs8 2022-11-02 06:56:32 -04:00
disas target/loongarch: Add disassembler 2022-06-06 18:09:03 +00:00
exec memory: prevent dma-reentracy issues 2023-09-11 10:53:50 +03:00
fpu fpu: Add rebias bool, value and operation 2022-08-31 14:08:05 -03:00
hw memory: prevent dma-reentracy issues 2023-09-11 10:53:50 +03:00
io io: remove io watch if TLS channel is closed during handshake 2023-08-02 17:22:20 +03:00
libdecnumber Replace config-time define HOST_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
migration
monitor monitor: add missing coroutine_fn annotation 2022-10-27 20:14:11 +02:00
net Add G_GNUC_PRINTF to function qemu_set_info_str and fix related issues 2022-11-27 13:36:17 -05:00
qapi qerror: QERR_PERMISSION_DENIED is no longer used, drop 2022-10-27 07:57:18 +02:00
qemu host-utils: Avoid using __builtin_subcll on buggy versions of Apple Clang 2023-06-26 01:31:07 +03:00
qom qom/object: Remove circular include dependency 2022-06-28 10:53:32 +02:00
scsi scsi-disk: add SCSI_DISK_QUIRK_MODE_PAGE_VENDOR_SPECIFIC_APPLE quirk for Macintosh 2022-07-13 16:58:58 +02:00
semihosting semihosting: Allow optional use of semihosting from userspace 2022-09-13 17:18:21 +01:00
standard-headers m68k: rework BI_VIRT_RNG_SEED as BI_RNG_SEED 2022-10-21 20:46:10 +02:00
sysemu cryptodev: Add a lkcf-backend for cryptodev 2022-11-02 06:56:32 -04:00
tcg accel/tcg: Introduce tb_pc and log_pc 2022-10-04 12:13:12 -07:00
ui ui/console: Get tab completion working again in the SDL monitor vc 2022-09-23 13:42:09 +02:00
user misc: fix commonly doubled up words 2022-08-01 11:58:02 +02:00
elf.h include/elf.h: add s390x note types 2022-10-26 12:54:59 +04:00
glib-compat.h compiler.h: replace QEMU_NORETURN with G_NORETURN 2022-04-21 17:03:51 +04:00
qemu-io.h
qemu-main.h ui/cocoa: Run qemu_init in the main thread 2022-09-23 14:36:33 +02:00