[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 56d190: linux-user/mmap.c: check range of mre
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 56d190: linux-user/mmap.c: check range of mremap result in... |
Date: |
Thu, 31 Dec 2020 07:13:07 -0800 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 56d190848b9b8ecb8213835b0d2d05b243bcb5b8
https://github.com/qemu/qemu/commit/56d190848b9b8ecb8213835b0d2d05b243bcb5b8
Author: Tobias Koch <tobias.koch@nonterra.com>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user/mmap.c: check range of mremap result in target address space
If mremap succeeds, an additional check is performed to ensure that the
new address range fits into the target address space. This check was
previously perfomed in host address space, with the upper bound fixed to
abi_ulong.
This patch replaces the static check with a call to `guest_range_valid`,
performing the range check against the actual size of the target address
space. It also moves the corresponding block to prevent it from being
called incorrectly when the mapping itself fails.
Signed-off-by: Tobias Koch <tobias.koch@nonterra.com>
Message-Id: <20201028213833.26592-1-tobias.koch@nonterra.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 6dd97bfc1fd4453c4855109dd508a78617527a6e
https://github.com/qemu/qemu/commit/6dd97bfc1fd4453c4855109dd508a78617527a6e
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/elfload: Move GET_FEATURE macro out of get_elf_hwcap() body
As we are going to add more macros, keep the function body clear.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-2-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 7d9a3d96f57dfed441622ebb9d1516473d51f919
https://github.com/qemu/qemu/commit/7d9a3d96f57dfed441622ebb9d1516473d51f919
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/elfload: Rename MIPS GET_FEATURE() as GET_FEATURE_INSN()
We want to add macros similar to GET_FEATURE().
As this one use the 'insn_flags' field, rename it
GET_FEATURE_INSN().
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-3-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 388765a05bde86de9d9b66348afed6551c58f091
https://github.com/qemu/qemu/commit/388765a05bde86de9d9b66348afed6551c58f091
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_SET() macro
ISA features are usually denoted in read-only bits from
CPU registers. Add the GET_FEATURE_REG_SET() macro which
checks if a CPU register has bits set.
Use the macro to check for MSA (which sets the MSAP bit of
the Config3 register when the ASE implementation is present).
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-4-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: ce54384405b77483f5ce06ab8dc7537299453b43
https://github.com/qemu/qemu/commit/ce54384405b77483f5ce06ab8dc7537299453b43
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
M target/mips/cpu.h
Log Message:
-----------
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_EQU() macro
ISA features are usually denoted in read-only bits from
CPU registers. Add the GET_FEATURE_REG_EQU() macro which
checks if a CPU register has bits set to a specific value.
Use the macro to check the 'Architecture Revision' level
of the Config0 register, which is '2' when the Release 6
ISA is implemented.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-5-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 9ea313ba5d2071f6c3bf0897a7876c7c527964d6
https://github.com/qemu/qemu/commit/9ea313ba5d2071f6c3bf0897a7876c7c527964d6
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/elfload: Update HWCAP bits from linux 5.7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-6-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 53673d0ff4a45964322bd6bfe904eff7dc96197d
https://github.com/qemu/qemu/commit/53673d0ff4a45964322bd6bfe904eff7dc96197d
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user: Add support for MIPS Loongson 2F/3A
Userland ELF binaries using Loongson SIMD instructions have the
HWCAP_LOONGSON_MMI bit set [1].
Binaries compiled for Loongson 3A [2] have the HWCAP_LOONGSON_EXT
bit set for the LQ / SQ instructions.
[1] commit 8e2d5831e4b ("target/mips: Legalize Loongson insn flags")
[2] commit af868995e1b ("target/mips: Add Loongson-3 CPU definition")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-7-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: c8a03a8f95781fe3dfbcc35967e7d9c7e2506dba
https://github.com/qemu/qemu/commit/c8a03a8f95781fe3dfbcc35967e7d9c7e2506dba
Author: Philippe Mathieu-Daudé <f4bug@amsat.org>
Date: 2020-12-17 (Thu, 17 Dec 2020)
Changed paths:
M docs/user/main.rst
Log Message:
-----------
docs/user: Display linux-user binaries nicely
linux-user binaries are displayed altogether. Use the '*'
character to force displaying them as bullet list (one list
per architecture).
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201119160838.1981709-1-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 8494645797ac3c61d8693ac4164a87c8790a8717
https://github.com/qemu/qemu/commit/8494645797ac3c61d8693ac4164a87c8790a8717
Author: Andreas Schwab <schwab@suse.de>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/syscall.c
Log Message:
-----------
linux-user: Implement copy_file_range
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvm361eer3n.fsf@suse.de>
[lv: copy back offset only if there is no error]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 6addf06a3c4dad68d8d7032e31714e81b438c7d9
https://github.com/qemu/qemu/commit/6addf06a3c4dad68d8d7032e31714e81b438c7d9
Author: Shu-Chun Weng <scw@google.com>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/ioctls.h
M linux-user/syscall.c
M linux-user/syscall_defs.h
Log Message:
-----------
linux-user: Add most IFTUN ioctls
The three options handling `struct sock_fprog` (TUNATTACHFILTER,
TUNDETACHFILTER, and TUNGETFILTER) are not implemented. Linux kernel
keeps a user space pointer in them which we cannot correctly handle.
Signed-off-by: Josh Kunz <jkz@google.com>
Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200929014801.655524-1-scw@google.com>
[lv: use 0 size in unlock_user()]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 246ff44295d0153d1d272b4d4a77c4bf9cc6ad66
https://github.com/qemu/qemu/commit/246ff44295d0153d1d272b4d4a77c4bf9cc6ad66
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/sparc/signal.c
M target/sparc/cpu.h
Log Message:
-----------
linux-user/sparc: Correct sparc64_get/set_context() FPU handling
The handling of the FPU state in sparc64_get_context() and
sparc64_set_context() is not the same as what the kernel actually
does: we unconditionally read and write the FP registers and the
FSR, GSR and FPRS, but the kernel logic is more complicated:
* in get_context the kernel has code for saving FPU registers,
but it is hidden inside an "if (fenab) condition and the
fenab flag is always set to 0 (inside an "#if 1" which has
been in the kernel for over 15 years). So the effect is that
the FPU state part is always written as zeroes.
* in set_context the kernel looks at the fenab field in the
structure from the guest, and only restores the state if
it is set; it also looks at the structure's FPRS to see
whether either the upper or lower or both halves of the
register file have valid data.
Bring our implementations into line with the kernel:
* in get_context:
- clear the entire target_ucontext at the top of the
function (as the kernel does)
- then don't write the FPU state, so those fields remain zero
- this fixes Coverity issue CID 1432305 by deleting the code
it was complaining about
* in set_context:
- check the fenab and the fpsr to decide which parts of
the FPU data to restore, if any
- instead of setting the FPU registers by doing two
32-bit loads and filling in the .upper and .lower parts
of the CPU_Double union separately, just do a 64-bit
load of the whole register at once. This fixes Coverity
issue CID 1432303 because we now access the dregs[] part
of the mcfpu_fregs union rather than the sregs[] part
(which is not large enough to actually cover the whole of
the data, so we were accessing off the end of sregs[])
We change both functions in a single commit to avoid potentially
breaking bisection.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-2-peter.maydell@linaro.org>
[lv: fix FPRS_DU loop s/31/32/]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 309abce23658c0142430440c7ad1be2a02170ed0
https://github.com/qemu/qemu/commit/309abce23658c0142430440c7ad1be2a02170ed0
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/sparc/signal.c
Log Message:
-----------
linux-user/sparc: Remove unneeded checks of 'err' from sparc64_get_context()
Unlike the kernel macros, our __get_user() and __put_user() do not
return a failure code. Kernel code typically has a style of
err |= __get_user(...); err |= __get_user(...);
and then checking err at the end. In sparc64_get_context() our
version of the code dropped the accumulating into err but left the
"if (err) goto do_sigsegv" checks, which will never be taken. Delete
unnecessary if()s.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-3-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 0ad20314f1e11acaeedcb14135b178a5711766f5
https://github.com/qemu/qemu/commit/0ad20314f1e11acaeedcb14135b178a5711766f5
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/sparc/signal.c
Log Message:
-----------
linux-user/sparc: Don't restore %g7 in sparc64_set_context()
The kernel does not restore the g7 register in sparc64_set_context();
neither should we. (We still save it in sparc64_get_context().)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-4-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 7a5805a08f942325b373643099f784cdac65c9ea
https://github.com/qemu/qemu/commit/7a5805a08f942325b373643099f784cdac65c9ea
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-12-18 (Fri, 18 Dec 2020)
Changed paths:
M linux-user/sparc/signal.c
M target/sparc/cpu.h
M target/sparc/int64_helper.c
Log Message:
-----------
linux-user/sparc: Handle tstate in sparc64_get/set_context()
Correctly implement save/restore of the tstate field in
sparc64_get_context() and sparc64_set_context():
* Don't use the CWP value from the guest in set_context
* Construct and save a tstate value rather than leaving
it as zero in get_context
To do this we factor out the "calculate TSTATE value from CPU state"
code from sparc_cpu_do_interrupt() into its own sparc64_tstate()
function; that in turn requires us to move some of the function
prototypes out from inside a CPU_NO_IO_DEFS ifdef guard.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-5-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Commit: 091774bfdee2b4f7dfd570061a200dfdc54374a6
https://github.com/qemu/qemu/commit/091774bfdee2b4f7dfd570061a200dfdc54374a6
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2020-12-31 (Thu, 31 Dec 2020)
Changed paths:
M docs/user/main.rst
M linux-user/elfload.c
M linux-user/ioctls.h
M linux-user/mmap.c
M linux-user/sparc/signal.c
M linux-user/syscall.c
M linux-user/syscall_defs.h
M target/mips/cpu.h
M target/sparc/cpu.h
M target/sparc/int64_helper.c
Log Message:
-----------
Merge remote-tracking branch
'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging
Add MIPS Loongson 2F/3A
sparc64 bug fix
Implement copy_file_range
Add most IFTUN ioctls
Fix mremap
# gpg: Signature made Fri 18 Dec 2020 10:23:43 GMT
# gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
[full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/linux-user-for-6.0-pull-request:
linux-user/sparc: Handle tstate in sparc64_get/set_context()
linux-user/sparc: Don't restore %g7 in sparc64_set_context()
linux-user/sparc: Remove unneeded checks of 'err' from sparc64_get_context()
linux-user/sparc: Correct sparc64_get/set_context() FPU handling
linux-user: Add most IFTUN ioctls
linux-user: Implement copy_file_range
docs/user: Display linux-user binaries nicely
linux-user: Add support for MIPS Loongson 2F/3A
linux-user/elfload: Update HWCAP bits from linux 5.7
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_EQU() macro
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_SET() macro
linux-user/elfload: Rename MIPS GET_FEATURE() as GET_FEATURE_INSN()
linux-user/elfload: Move GET_FEATURE macro out of get_elf_hwcap() body
linux-user/mmap.c: check range of mremap result in target address space
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/65a3c5984074...091774bfdee2
- [Qemu-commits] [qemu/qemu] 56d190: linux-user/mmap.c: check range of mremap result in...,
Peter Maydell <=