[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.0? 1/2] page_check_range: don't bail out e
From: |
Richard Henderson |
Subject: |
Re: [Qemu-devel] [PATCH for-2.0? 1/2] page_check_range: don't bail out early after unprotecting page |
Date: |
Thu, 03 Apr 2014 11:26:43 -0700 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 |
On 04/03/2014 09:45 AM, Peter Maydell wrote:
> From: Andrei Warkentin <address@hidden>
>
> When checking a page range, if we found that a page was
> made read-only by QEMU because it contained translated code,
> we were incorrectly returning immediately after unprotecting
> that page, rather than continuing to check the entire range,
> so we might fail to unprotect pages later in the range, or
> might incorrectly return a "success" result even if later
> pages were not writable.
>
> In particular, this could cause segfaults in a case where
> signals are delivered back to back on a target architecture
> which uses trampoline code in the stack frame (as AArch64
> currently does). The second signal causes a segfault because
> the frame cannot be written to (it was protected because
> we translated and executed the restorer trampoline, and the
> unprotect logic did not unprotect the whole range).
>
> Signed-off-by: Andrei Warkentin <address@hidden
> [PMM: expanded commit message a bit]
> Signed-off-by: Peter Maydell <address@hidden>
> ---
> translate-all.c | 1 -
> 1 file changed, 1 deletion(-)
Reviewed-by: Richard Henderson <address@hidden>
r~
[Qemu-devel] [PATCH for-2.0? 1/2] page_check_range: don't bail out early after unprotecting page, Peter Maydell, 2014/04/03
- Re: [Qemu-devel] [PATCH for-2.0? 1/2] page_check_range: don't bail out early after unprotecting page,
Richard Henderson <=