[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL 08/13] linux-user/mmap: Avoid asserts for out of range mremap call

From: Laurent Vivier
Subject: [PULL 08/13] linux-user/mmap: Avoid asserts for out of range mremap calls
Date: Mon, 15 Feb 2021 13:45:14 +0100

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If mremap() is called without the MREMAP_MAYMOVE flag with a start address
just before the end of memory (reserved_va) where new_size would exceed
it (and GUEST_ADDR_MAX), the assert(end - 1 <= GUEST_ADDR_MAX) in 
page_set_flags() would trigger.

Add an extra guard to the guest_range_valid() checks to prevent this and
avoid asserting binaries when reserved_va is set.

This meant a bug I was seeing locally now gives the same behaviour 
regardless of whether reserved_va is set or not.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org
Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Message-Id: <70c46e7b999bafbb01d54bfafd44b420d0b782e9.camel@linuxfoundation.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
 linux-user/mmap.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 810653c50357..1c9faef47699 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -724,7 +724,9 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong 
     if (!guest_range_valid(old_addr, old_size) ||
         ((flags & MREMAP_FIXED) &&
-         !guest_range_valid(new_addr, new_size))) {
+         !guest_range_valid(new_addr, new_size)) ||
+        ((flags & MREMAP_MAYMOVE) == 0 &&
+         !guest_range_valid(old_addr, new_size))) {
         errno = ENOMEM;
         return -1;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]