mirrors/qemu
0
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2024-12-16 07:53:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
a2e1753b80
qemu/include
History
Alexander Bulekov a2e1753b80 memory: prevent dma-reentracy issues 
Add a flag to the DeviceState, when a device is engaged in PIO/MMIO/DMA.
This flag is set/checked prior to calling a device's MemoryRegion
handlers, and set when device code initiates DMA.  The purpose of this
flag is to prevent two types of DMA-based reentrancy issues:

1.) mmio -> dma -> mmio case
2.) bh -> dma write -> mmio case

These issues have led to problems such as stack-exhaustion and
use-after-frees.

Summary of the problem from Peter Maydell:
https://lore.kernel.org/qemu-devel/CAFEAcA_23vc7hE3iaM-JVA6W38LK4hJoWae5KcknhPRD5fPBZA@mail.gmail.com

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/62
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/540
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/541
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/556
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/557
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/827
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1282
Resolves: CVE-2023-0330

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20230427211013.2994127-2-alxndr@bu.edu>
[thuth: Replace warn_report() with warn_report_once()]
Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-04-28 11:20:01 +02:00
..
authz Prefer 'on' | 'off' over 'yes' | 'no' for bool options 2021-01-29 17:07:53 +00:00
block thread-pool: avoid passing the pool parameter every time 2023-04-25 13:17:28 +02:00
chardev chardev: src buffer const for write functions 2022-09-29 14:38:05 +04:00
crypto replace TABs with spaces 2023-03-20 12:43:50 +01:00
disas replace TABs with spaces 2023-03-20 12:43:50 +01:00
exec memory: prevent dma-reentracy issues 2023-04-28 11:20:01 +02:00
fpu fpu: Add rebias bool, value and operation 2022-08-31 14:08:05 -03:00
gdbstub gdbstub: Remove gdb_do_syscallv 2023-03-07 20:44:09 +00:00
hw memory: prevent dma-reentracy issues 2023-04-28 11:20:01 +02:00
io io: mark mixed functions that can suspend 2023-04-20 11:17:35 +02:00
libdecnumber Replace config-time define HOST_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
migration migration: move migration_global_dump() to migration-hmp-cmds.c 2023-04-24 15:01:46 +02:00
monitor hmp: add cryptodev info command 2023-03-07 12:38:59 -05:00
net net/eth: Introduce EthL4HdrProto 2023-03-10 15:35:38 +08:00
qapi monitor: mark mixed functions that can suspend 2023-04-20 11:17:35 +02:00
qemu util/mmap-alloc: qemu_fd_getfs() 2023-04-24 11:29:00 +02:00
qom qom/object: Remove circular include dependency 2022-06-28 10:53:32 +02:00
scsi coroutine: Clean up superfluous inclusion of qemu/coroutine.h 2023-01-19 10:18:28 +01:00
semihosting semihosting: Allow optional use of semihosting from userspace 2022-09-13 17:18:21 +01:00
standard-headers linux-headers: Update to v6.2-rc8 2023-02-16 12:13:46 -07:00
sysemu linux-aio: use LinuxAioState from the running thread 2023-04-25 13:17:28 +02:00
tcg tcg: Replace tcg_abort with g_assert_not_reached 2023-04-23 08:17:46 +01:00
ui ui: introduce egl_init() 2023-03-13 23:48:45 +04:00
user *: Add missing includes of qemu/plugin.h 2023-03-22 15:06:57 +00:00
elf.h replace TABs with spaces 2023-03-20 12:43:50 +01:00
glib-compat.h compiler.h: replace QEMU_NORETURN with G_NORETURN 2022-04-21 17:03:51 +04:00
qemu-io.h
qemu-main.h ui/cocoa: Run qemu_init in the main thread 2022-09-23 14:36:33 +02:00