| Brad Bishop | c342db3 | 2019-05-15 21:57:59 -0400 | [diff] [blame] | 1 | From 2a66bd95c856de6950fbd802c5b99075207c1d76 Mon Sep 17 00:00:00 2001 |
| 2 | From: Martin Jansa <martin.jansa@lge.com> |
| 3 | Date: Fri, 1 Jun 2018 08:41:07 +0000 |
| 4 | Subject: [PATCH] Revert "linux-user: fix mmap/munmap/mprotect/mremap/shmat" |
| 5 | |
| 6 | Causes qemu-i386 to hang during gobject-introspection in webkitgtk build |
| 7 | when musl is used on qemux86 - the same issue as |
| 8 | 0010-linux-user-Fix-webkitgtk-hangs-on-32-bit-x86-target.patch |
| 9 | was fixing in 2.11.0 release, but with this patch the fix no longer worked |
| 10 | as discussed here: |
| 11 | http://lists.openembedded.org/pipermail/openembedded-core/2018-May/150302.html |
| 12 | http://lists.openembedded.org/pipermail/openembedded-core/2018-June/151382.html |
| 13 | |
| 14 | This reverts commit ebf9a3630c911d0cfc9c20f7cafe9ba4f88cf583. |
| 15 | |
| 16 | Upstream-Status: Pending |
| 17 | |
| 18 | --- |
| 19 | include/exec/cpu-all.h | 6 +----- |
| 20 | include/exec/cpu_ldst.h | 16 +++++++++------- |
| 21 | linux-user/mmap.c | 17 ++++------------- |
| 22 | linux-user/syscall.c | 5 +---- |
| 23 | 4 files changed, 15 insertions(+), 29 deletions(-) |
| 24 | |
| 25 | diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h |
| 26 | index b16c9ec5..612db6a0 100644 |
| 27 | --- a/include/exec/cpu-all.h |
| 28 | +++ b/include/exec/cpu-all.h |
| 29 | @@ -163,12 +163,8 @@ extern unsigned long guest_base; |
| 30 | extern int have_guest_base; |
| 31 | extern unsigned long reserved_va; |
| 32 | |
| 33 | -#if HOST_LONG_BITS <= TARGET_VIRT_ADDR_SPACE_BITS |
| 34 | -#define GUEST_ADDR_MAX (~0ul) |
| 35 | -#else |
| 36 | -#define GUEST_ADDR_MAX (reserved_va ? reserved_va - 1 : \ |
| 37 | +#define GUEST_ADDR_MAX (reserved_va ? reserved_va : \ |
| 38 | (1ul << TARGET_VIRT_ADDR_SPACE_BITS) - 1) |
| 39 | -#endif |
| 40 | #else |
| 41 | |
| 42 | #include "exec/hwaddr.h" |
| 43 | diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h |
| 44 | index d78041d7..845639f7 100644 |
| 45 | --- a/include/exec/cpu_ldst.h |
| 46 | +++ b/include/exec/cpu_ldst.h |
| 47 | @@ -62,13 +62,15 @@ typedef uint64_t abi_ptr; |
| 48 | /* All direct uses of g2h and h2g need to go away for usermode softmmu. */ |
| 49 | #define g2h(x) ((void *)((unsigned long)(abi_ptr)(x) + guest_base)) |
| 50 | |
| 51 | -#define guest_addr_valid(x) ((x) <= GUEST_ADDR_MAX) |
| 52 | -#define h2g_valid(x) guest_addr_valid((unsigned long)(x) - guest_base) |
| 53 | - |
| 54 | -static inline int guest_range_valid(unsigned long start, unsigned long len) |
| 55 | -{ |
| 56 | - return len - 1 <= GUEST_ADDR_MAX && start <= GUEST_ADDR_MAX - len + 1; |
| 57 | -} |
| 58 | +#if HOST_LONG_BITS <= TARGET_VIRT_ADDR_SPACE_BITS |
| 59 | +#define h2g_valid(x) 1 |
| 60 | +#else |
| 61 | +#define h2g_valid(x) ({ \ |
| 62 | + unsigned long __guest = (unsigned long)(x) - guest_base; \ |
| 63 | + (__guest < (1ul << TARGET_VIRT_ADDR_SPACE_BITS)) && \ |
| 64 | + (!reserved_va || (__guest < reserved_va)); \ |
| 65 | +}) |
| 66 | +#endif |
| 67 | |
| 68 | #define h2g_nocheck(x) ({ \ |
| 69 | unsigned long __ret = (unsigned long)(x) - guest_base; \ |
| 70 | diff --git a/linux-user/mmap.c b/linux-user/mmap.c |
| 71 | index e0249efe..cfe34b35 100644 |
| 72 | --- a/linux-user/mmap.c |
| 73 | +++ b/linux-user/mmap.c |
| 74 | @@ -79,7 +79,7 @@ int target_mprotect(abi_ulong start, abi_ulong len, int prot) |
| 75 | return -TARGET_EINVAL; |
| 76 | len = TARGET_PAGE_ALIGN(len); |
| 77 | end = start + len; |
| 78 | - if (!guest_range_valid(start, len)) { |
| 79 | + if (end < start) { |
| 80 | return -TARGET_ENOMEM; |
| 81 | } |
| 82 | prot &= PROT_READ | PROT_WRITE | PROT_EXEC; |
| 83 | @@ -490,8 +490,8 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot, |
| 84 | * It can fail only on 64-bit host with 32-bit target. |
| 85 | * On any other target/host host mmap() handles this error correctly. |
| 86 | */ |
| 87 | - if (!guest_range_valid(start, len)) { |
| 88 | - errno = ENOMEM; |
| 89 | + if ((unsigned long)start + len - 1 > (abi_ulong) -1) { |
| 90 | + errno = EINVAL; |
| 91 | goto fail; |
| 92 | } |
| 93 | |
| 94 | @@ -631,10 +631,8 @@ int target_munmap(abi_ulong start, abi_ulong len) |
| 95 | if (start & ~TARGET_PAGE_MASK) |
| 96 | return -TARGET_EINVAL; |
| 97 | len = TARGET_PAGE_ALIGN(len); |
| 98 | - if (len == 0 || !guest_range_valid(start, len)) { |
| 99 | + if (len == 0) |
| 100 | return -TARGET_EINVAL; |
| 101 | - } |
| 102 | - |
| 103 | mmap_lock(); |
| 104 | end = start + len; |
| 105 | real_start = start & qemu_host_page_mask; |
| 106 | @@ -689,13 +687,6 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size, |
| 107 | int prot; |
| 108 | void *host_addr; |
| 109 | |
| 110 | - if (!guest_range_valid(old_addr, old_size) || |
| 111 | - ((flags & MREMAP_FIXED) && |
| 112 | - !guest_range_valid(new_addr, new_size))) { |
| 113 | - errno = ENOMEM; |
| 114 | - return -1; |
| 115 | - } |
| 116 | - |
| 117 | mmap_lock(); |
| 118 | |
| 119 | if (flags & MREMAP_FIXED) { |
| 120 | diff --git a/linux-user/syscall.c b/linux-user/syscall.c |
| 121 | index 96cd4bf8..e6754772 100644 |
| 122 | --- a/linux-user/syscall.c |
| 123 | +++ b/linux-user/syscall.c |
| 124 | @@ -3860,9 +3860,6 @@ static inline abi_ulong do_shmat(CPUArchState *cpu_env, |
| 125 | return -TARGET_EINVAL; |
| 126 | } |
| 127 | } |
| 128 | - if (!guest_range_valid(shmaddr, shm_info.shm_segsz)) { |
| 129 | - return -TARGET_EINVAL; |
| 130 | - } |
| 131 | |
| 132 | mmap_lock(); |
| 133 | |
| 134 | @@ -6633,7 +6630,7 @@ static int open_self_maps(void *cpu_env, int fd) |
| 135 | } |
| 136 | if (h2g_valid(min)) { |
| 137 | int flags = page_get_flags(h2g(min)); |
| 138 | - max = h2g_valid(max - 1) ? max : (uintptr_t)g2h(GUEST_ADDR_MAX) + 1; |
| 139 | + max = h2g_valid(max - 1) ? max : (uintptr_t)g2h(GUEST_ADDR_MAX); |
| 140 | if (page_check_range(h2g(min), max - min, flags) == -1) { |
| 141 | continue; |
| 142 | } |