[Qemu-devel] Recursion in cpu_physical_memory_rw

[Herbert Xu]

Hi:

A number of qemu driver backends (such as rtl8139) call the function
cpu_physical_memory_rw to read/write guest memory.  The target guest
memory address is often supplied by the guest.  This opens up the
possibility of a guest giving an address which happens to be an MMIO
address which can potentially lead to infinite recursion involving
cpu_physical_memory_rw.

Since these driver backends really only need to access system memory,
we could simply provide a new access interface that does not allow
MMIO addresses.

Any comments on this problem?

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <address@hidden>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt