Fix DMA MMIO reentrancy issues
Goal
Find a generic way to fix the DMA reentrancy problem.
Technical details
DMA ring buffer might contains pointers to DMA MMIO region, and once the DMA is programmed it calls itself recursively.
Additional information
List of DMA reentrancy issues (usually found by fuzzer):
- #62 (closed) (AHCI)
- #84 (closed), #305 (closed), #552 (closed) (SCSI)
- #451 (closed), #1282 (closed) (SDHCI)
- #540 (closed) (xHCI)
- #541 (closed) (EHCI)
- #542 (closed) (HDA)
- #557 (closed) (pcnet)
- #782 (closed) (NVMe)
- eepro100
- #827 (closed) (virtio-blk)
- #1171 (closed) (tulip)
- #1543 (closed) (e1000e)
- #1563 (closed) (lsi53c895a)
Usually coredump backtrace includes multiple calls to access_with_adjusted_size() from the Memory API.
Edited by Thomas Huth