[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC 0/3] try to solve the DMA to MMIO issue
|
From: |
Peter Maydell |
|
Subject: |
Re: [RFC 0/3] try to solve the DMA to MMIO issue |
|
Date: |
Thu, 3 Sep 2020 11:53:12 +0100 |
On Thu, 3 Sep 2020 at 04:55, Jason Wang <jasowang@redhat.com> wrote:
> I think we still need to seek a way to address this issue completely.
>
> How about adding a flag in MemoryRegionOps and detect the reentrancy
> through that flag?
This won't catch everything. Consider this situation:
Device A makes DMA access to device B
Device B's write-handling causes it to raise an
outbound qemu_irq signal
The qemu_irq signal is connected to device A
Now we have reentered into device A's code
That is to say, the problem is general to "device A does
something that affects device B" links of all kinds, which
can form loops. Self-DMA is just an easy way to find one
category of these with the fuzzer.
thanks
-- PMM
- Re: [RFC 3/3] virtio-gpu: make the IO handler reentrant, (continued)
Re: [RFC 0/3] try to solve the DMA to MMIO issue,
Peter Maydell <=
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Li Qiang, 2020/09/03
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Peter Maydell, 2020/09/03
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Li Qiang, 2020/09/03
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Peter Maydell, 2020/09/03
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Philippe Mathieu-Daudé, 2020/09/03
- Re: [RFC 0/3] try to solve the DMA to MMIO issue, Peter Maydell, 2020/09/03
Re: [RFC 0/3] try to solve the DMA to MMIO issue, Jason Wang, 2020/09/03