id = 556
title = "Fix DMA MMIO reentrancy issues"
state = "closed"
created_at = "2021-08-23T22:16:51.599Z"
closed_at = "2023-04-28T20:58:33.031Z"
labels = ["Security", "kind::Feature Request"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/556"
host-os = "n/a"
host-arch = "n/a"
qemu-version = "n/a"
guest-os = "n/a"
guest-arch = "n/a"
description = "n/a"
reproduce = "n/a"
additional = """List of `DMA reentrancy` issues (usually found by [fuzzer](https://gitlab.com/qemu-project/qemu/-/issues?label_name[]=Fuzzer)):
- #62 (AHCI)
- #84, #305, #552 (SCSI)
- #451, #1282 (SDHCI)
- #540 (xHCI)
- #541 (EHCI)
- #542 (HDA)
- #557 (pcnet)
- #782 (NVMe)
- [eepro100](https://lore.kernel.org/qemu-devel/20210218140629.373646-1-ppandit@redhat.com/)
- #827 (virtio-blk)
- #1171 (tulip)
- #1543 (e1000e)
- #1563 (lsi53c895a)


Usually coredump backtrace includes multiple calls to `access_with_adjusted_size()` from the Memory API."""