mirror_qemu

History

Alexander Bulekov c40ca2301c memory: prevent dma-reentracy issues Add a flag to the DeviceState, when a device is engaged in PIO/MMIO/DMA. This flag is set/checked prior to calling a device's MemoryRegion handlers, and set when device code initiates DMA. The purpose of this flag is to prevent two types of DMA-based reentrancy issues: 1.) mmio -> dma -> mmio case 2.) bh -> dma write -> mmio case These issues have led to problems such as stack-exhaustion and use-after-frees. Summary of the problem from Peter Maydell: https://lore.kernel.org/qemu-devel/CAFEAcA_23vc7hE3iaM-JVA6W38LK4hJoWae5KcknhPRD5fPBZA@mail.gmail.com Resolves: https://gitlab.com/qemu-project/qemu/-/issues/62 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/540 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/541 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/556 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/557 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/827 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1282 Resolves: CVE-2023-0330 Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20230427211013.2994127-2-alxndr@bu.edu> [thuth: Replace warn_report() with warn_report_once()] Signed-off-by: Thomas Huth <thuth@redhat.com> (cherry picked from commit `a2e1753b80`) Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>		2023-09-11 10:53:50 +03:00
..
arch_init.c	softmmu: Add qemu_init_arch_modules()	2022-03-06 13:15:42 +01:00
balloon.c	qapi: Restrict balloon-related commands to machine code	2020-09-29 15:41:35 +02:00
bootdevice.c	machine: use QAPI struct for boot configuration	2022-05-12 12:29:43 +02:00
cpu-throttle.c	Remove qemu-common.h include from most units	2022-04-06 14:31:55 +02:00
cpu-timers.c	Remove qemu-common.h include from most units	2022-04-06 14:31:55 +02:00
cpus.c	* Fix and test the VISTR instruction on s390x	2022-10-31 06:19:54 -04:00
datadir.c	meson: Prefix each element of firmware path	2022-07-13 16:58:57 +02:00
device_tree.c	device-tree: add re-randomization helper function	2022-10-27 11:34:31 +01:00
dirtylimit.c	Use g_new() & friends where that makes obvious sense	2022-10-04 00:10:11 +02:00
dma-helpers.c	Use g_new() & friends where that makes obvious sense	2022-03-21 15:44:44 +01:00
globals.c	ui: Switch "-display sdl" to use the QAPI parser	2022-06-03 08:03:28 +02:00
icount.c	icount: don't adjust virtual time backwards after warp	2023-06-29 18:17:49 +03:00
ioport.c	softmmu: Add missing trace-events file	2020-09-09 17:15:18 +01:00
main.c	ui/cocoa: Run qemu_init in the main thread	2022-09-23 14:36:33 +02:00
memory.c	memory: prevent dma-reentracy issues	2023-09-11 10:53:50 +03:00
memory_mapping.c	Use g_new() & friends where that makes obvious sense	2022-03-21 15:44:44 +01:00
meson.build	softmmu/dirtylimit: Implement vCPU dirtyrate calculation periodically	2022-07-20 12:15:08 +01:00
physmem.c	memory: Fix wrong end address dump	2022-11-08 15:53:40 -05:00
qdev-monitor.c	qdev: unplug blocker for devices	2022-06-15 14:50:41 +01:00
qemu-seccomp.c	seccomp: Get actual errno value from failed seccomp functions	2022-10-26 13:32:58 +01:00
qtest.c	module: add Error arguments to module_load and module_load_qom	2022-11-06 09:48:50 +01:00
rtc.c	rtc: Move RTC function prototypes to their own header	2022-01-28 14:29:46 +00:00
runstate-action.c	runstate: cleanup reboot and panic actions	2021-01-21 13:00:41 +01:00
runstate.c	reset: allow registering handlers that aren't called by snapshot loading	2022-10-27 11:34:31 +01:00
timers-state.h	qemu/atomic: Add aligned_{int64,uint64}_t types	2021-07-21 07:45:38 -10:00
tpm.c	qapi: More complex uses of QAPI_LIST_APPEND	2021-01-28 08:08:45 +01:00
trace-events	softmmu/dirtylimit: Implement virtual CPU throttle	2022-07-20 12:15:08 +01:00
trace.h	softmmu: Add missing trace-events file	2020-09-09 17:15:18 +01:00
vl.c	Hi,	2022-10-30 18:31:59 -04:00