[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v6 16/31] linux-user: Use cpu_untagged_addr in access_ok; split o
From: |
Richard Henderson |
Subject: |
[PATCH v6 16/31] linux-user: Use cpu_untagged_addr in access_ok; split out *_untagged |
Date: |
Tue, 9 Feb 2021 16:02:08 -0800 |
Provide both tagged and untagged versions of access_ok.
In a few places use thread_cpu, as the user is several
callees removed from do_syscall1.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
linux-user/qemu.h | 11 +++++++++--
linux-user/elfload.c | 2 +-
linux-user/hppa/cpu_loop.c | 8 ++++----
linux-user/i386/cpu_loop.c | 2 +-
linux-user/i386/signal.c | 5 +++--
linux-user/syscall.c | 9 ++++++---
6 files changed, 24 insertions(+), 13 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index b3ccffbf0f..82eabb73f8 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -491,7 +491,7 @@ extern unsigned long guest_stack_size;
#define VERIFY_READ PAGE_READ
#define VERIFY_WRITE (PAGE_READ | PAGE_WRITE)
-static inline bool access_ok(int type, abi_ulong addr, abi_ulong size)
+static inline bool access_ok_untagged(int type, abi_ulong addr, abi_ulong size)
{
if (size == 0
? !guest_addr_valid_untagged(addr)
@@ -501,6 +501,12 @@ static inline bool access_ok(int type, abi_ulong addr,
abi_ulong size)
return page_check_range((target_ulong)addr, size, type) == 0;
}
+static inline bool access_ok(CPUState *cpu, int type,
+ abi_ulong addr, abi_ulong size)
+{
+ return access_ok_untagged(type, cpu_untagged_addr(cpu, addr), size);
+}
+
/* NOTE __get_user and __put_user use host pointers and don't check access.
These are usually used to access struct data members once the struct has
been locked - usually with lock_user_struct. */
@@ -636,8 +642,9 @@ abi_long copy_to_user(abi_ulong gaddr, void *hptr, size_t
len);
host area will have the same contents as the guest. */
static inline void *lock_user(int type, abi_ulong guest_addr, long len, int
copy)
{
- if (!access_ok(type, guest_addr, len))
+ if (!access_ok_untagged(type, guest_addr, len)) {
return NULL;
+ }
#ifdef DEBUG_REMAP
{
void *addr;
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index f542841ba2..e7209e03cb 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -3500,7 +3500,7 @@ static int vma_get_mapping_count(const struct mm_struct
*mm)
static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
{
/* if we cannot even read the first page, skip it */
- if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
+ if (!access_ok_untagged(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
return (0);
/*
diff --git a/linux-user/hppa/cpu_loop.c b/linux-user/hppa/cpu_loop.c
index 944511bbe4..3aaaf3337c 100644
--- a/linux-user/hppa/cpu_loop.c
+++ b/linux-user/hppa/cpu_loop.c
@@ -35,7 +35,7 @@ static abi_ulong hppa_lws(CPUHPPAState *env)
return -TARGET_ENOSYS;
case 0: /* elf32 atomic 32bit cmpxchg */
- if ((addr & 3) || !access_ok(VERIFY_WRITE, addr, 4)) {
+ if ((addr & 3) || !access_ok(cs, VERIFY_WRITE, addr, 4)) {
return -TARGET_EFAULT;
}
old = tswap32(old);
@@ -50,9 +50,9 @@ static abi_ulong hppa_lws(CPUHPPAState *env)
return -TARGET_ENOSYS;
}
if (((addr | old | new) & ((1 << size) - 1))
- || !access_ok(VERIFY_WRITE, addr, 1 << size)
- || !access_ok(VERIFY_READ, old, 1 << size)
- || !access_ok(VERIFY_READ, new, 1 << size)) {
+ || !access_ok(cs, VERIFY_WRITE, addr, 1 << size)
+ || !access_ok(cs, VERIFY_READ, old, 1 << size)
+ || !access_ok(cs, VERIFY_READ, new, 1 << size)) {
return -TARGET_EFAULT;
}
/* Note that below we use host-endian loads so that the cmpxchg
diff --git a/linux-user/i386/cpu_loop.c b/linux-user/i386/cpu_loop.c
index 19c8a18cd3..f813e87294 100644
--- a/linux-user/i386/cpu_loop.c
+++ b/linux-user/i386/cpu_loop.c
@@ -99,7 +99,7 @@ static bool write_ok_or_segv(CPUX86State *env, abi_ptr addr,
size_t len)
* For all the vsyscalls, NULL means "don't write anything" not
* "write it at address 0".
*/
- if (addr == 0 || access_ok(VERIFY_WRITE, addr, len)) {
+ if (addr == 0 || access_ok(env_cpu(env), VERIFY_WRITE, addr, len)) {
return true;
}
diff --git a/linux-user/i386/signal.c b/linux-user/i386/signal.c
index 97a39204cc..9320e1d472 100644
--- a/linux-user/i386/signal.c
+++ b/linux-user/i386/signal.c
@@ -513,9 +513,10 @@ restore_sigcontext(CPUX86State *env, struct
target_sigcontext *sc)
fpstate_addr = tswapl(sc->fpstate);
if (fpstate_addr != 0) {
- if (!access_ok(VERIFY_READ, fpstate_addr,
- sizeof(struct target_fpstate)))
+ if (!access_ok(env_cpu(env), VERIFY_READ, fpstate_addr,
+ sizeof(struct target_fpstate))) {
goto badframe;
+ }
#ifndef TARGET_X86_64
cpu_x86_frstor(env, fpstate_addr, 1);
#else
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 30a5021509..24fc1daf02 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3515,8 +3515,9 @@ static abi_long do_accept4(int fd, abi_ulong target_addr,
return -TARGET_EINVAL;
}
- if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ if (!access_ok(thread_cpu, VERIFY_WRITE, target_addr, addrlen)) {
return -TARGET_EFAULT;
+ }
addr = alloca(addrlen);
@@ -3546,8 +3547,9 @@ static abi_long do_getpeername(int fd, abi_ulong
target_addr,
return -TARGET_EINVAL;
}
- if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ if (!access_ok(thread_cpu, VERIFY_WRITE, target_addr, addrlen)) {
return -TARGET_EFAULT;
+ }
addr = alloca(addrlen);
@@ -3577,8 +3579,9 @@ static abi_long do_getsockname(int fd, abi_ulong
target_addr,
return -TARGET_EINVAL;
}
- if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ if (!access_ok(thread_cpu, VERIFY_WRITE, target_addr, addrlen)) {
return -TARGET_EFAULT;
+ }
addr = alloca(addrlen);
--
2.25.1
- [PATCH v6 04/31] exec: Use uintptr_t in cpu_ldst.h, (continued)
- [PATCH v6 04/31] exec: Use uintptr_t in cpu_ldst.h, Richard Henderson, 2021/02/09
- [PATCH v6 07/31] linux-user: Tidy VERIFY_READ/VERIFY_WRITE, Richard Henderson, 2021/02/09
- [PATCH v6 06/31] linux-user: Check for overflow in access_ok, Richard Henderson, 2021/02/09
- [PATCH v6 08/31] bsd-user: Tidy VERIFY_READ/VERIFY_WRITE, Richard Henderson, 2021/02/09
- [PATCH v6 13/31] linux-user: Explicitly untag memory management syscalls, Richard Henderson, 2021/02/09
- [PATCH v6 14/31] linux-user: Use guest_range_valid in access_ok, Richard Henderson, 2021/02/09
- [PATCH v6 09/31] linux-user: Do not use guest_addr_valid for h2g_valid, Richard Henderson, 2021/02/09
- [PATCH v6 12/31] exec: Use cpu_untagged_addr in g2h; split out g2h_untagged, Richard Henderson, 2021/02/09
- [PATCH v6 10/31] linux-user: Fix guest_addr_valid vs reserved_va, Richard Henderson, 2021/02/09
- [PATCH v6 11/31] exec: Introduce cpu_untagged_addr, Richard Henderson, 2021/02/09
- [PATCH v6 16/31] linux-user: Use cpu_untagged_addr in access_ok; split out *_untagged,
Richard Henderson <=
- [PATCH v6 18/31] linux-user: Fix types in uaccess.c, Richard Henderson, 2021/02/09
- [PATCH v6 15/31] exec: Rename guest_{addr,range}_valid to *_untagged, Richard Henderson, 2021/02/09
- [PATCH v6 17/31] linux-user: Move lock_user et al out of line, Richard Henderson, 2021/02/09
- [PATCH v6 20/31] linux-user/aarch64: Implement PR_TAGGED_ADDR_ENABLE, Richard Henderson, 2021/02/09
- [PATCH v6 30/31] target/arm: Enable MTE for user-only, Richard Henderson, 2021/02/09
- [PATCH v6 27/31] linux-user/aarch64: Signal SEGV_MTESERR for sync tag check fault, Richard Henderson, 2021/02/09
- [PATCH v6 29/31] target/arm: Add allocation tag storage for user mode, Richard Henderson, 2021/02/09
- [PATCH v6 31/31] tests/tcg/aarch64: Add mte smoke tests, Richard Henderson, 2021/02/09
- [PATCH v6 23/31] linux-user/aarch64: Implement PR_MTE_TCF and PR_MTE_TAG, Richard Henderson, 2021/02/09
- [PATCH v6 19/31] linux-user: Handle tags in lock_user/unlock_user, Richard Henderson, 2021/02/09