* [Qemu-devel] [PATCH] linux-user: Handle images where lowest vaddr is not page aligned
@ 2011-05-17 12:34 Peter Maydell
2011-05-17 14:46 ` Russ Cox
0 siblings, 1 reply; 3+ messages in thread
From: Peter Maydell @ 2011-05-17 12:34 UTC (permalink / raw)
To: qemu-devel; +Cc: gustavo, Riku Voipio, rsc, patches
Fix a bug in the linux-user ELF loader code where it was not correctly
handling images where the lowest vaddr to be loaded was not page aligned.
The problem was that the code to probe for a suitable guest base address
was changing the 'loaddr' variable (by rounding it to a page boundary),
which meant that the load bias would then be incorrectly calculated
unless loaddr happened to already be page-aligned.
Binaries generated by gcc with the default linker script do start with
a loadable segment at a page-aligned vaddr, so were unaffected. This
bug was noticed with a binary created by the Google Go toolchain for ARM.
We fix the bug by refactoring the "probe for guest base" code out into
its own self-contained function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
linux-user/elfload.c | 130 ++++++++++++++++++++++++++++----------------------
1 files changed, 73 insertions(+), 57 deletions(-)
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 4c399f8..930f6d3 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1269,6 +1269,78 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
return sp;
}
+static void probe_guest_base(const char *image_name,
+ abi_ulong loaddr, abi_ulong hiaddr)
+{
+ /* Probe for a suitable guest base address, if the user has not set
+ * it explicitly, and set guest_base appropriately.
+ * In case of error we will print a suitable message and exit.
+ */
+#if defined(CONFIG_USE_GUEST_BASE)
+ const char *errmsg;
+ if (!have_guest_base && !reserved_va) {
+ unsigned long host_start, real_start, host_size;
+
+ /* Round addresses to page boundaries. */
+ loaddr &= qemu_host_page_mask;
+ hiaddr = HOST_PAGE_ALIGN(hiaddr);
+
+ if (loaddr < mmap_min_addr) {
+ host_start = HOST_PAGE_ALIGN(mmap_min_addr);
+ } else {
+ host_start = loaddr;
+ if (host_start != loaddr) {
+ errmsg = "Address overflow loading ELF binary";
+ goto exit_errmsg;
+ }
+ }
+ host_size = hiaddr - loaddr;
+ while (1) {
+ /* Do not use mmap_find_vma here because that is limited to the
+ guest address space. We are going to make the
+ guest address space fit whatever we're given. */
+ real_start = (unsigned long)
+ mmap((void *)host_start, host_size, PROT_NONE,
+ MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
+ if (real_start == (unsigned long)-1) {
+ goto exit_perror;
+ }
+ if (real_start == host_start) {
+ break;
+ }
+ /* That address didn't work. Unmap and try a different one.
+ The address the host picked because is typically right at
+ the top of the host address space and leaves the guest with
+ no usable address space. Resort to a linear search. We
+ already compensated for mmap_min_addr, so this should not
+ happen often. Probably means we got unlucky and host
+ address space randomization put a shared library somewhere
+ inconvenient. */
+ munmap((void *)real_start, host_size);
+ host_start += qemu_host_page_size;
+ if (host_start == loaddr) {
+ /* Theoretically possible if host doesn't have any suitably
+ aligned areas. Normally the first mmap will fail. */
+ errmsg = "Unable to find space for application";
+ goto exit_errmsg;
+ }
+ }
+ qemu_log("Relocating guest address space from 0x"
+ TARGET_ABI_FMT_lx " to 0x%lx\n",
+ loaddr, real_start);
+ guest_base = real_start - loaddr;
+ }
+ return;
+
+exit_perror:
+ errmsg = strerror(errno);
+exit_errmsg:
+ fprintf(stderr, "%s: %s\n", image_name, errmsg);
+ exit(-1);
+#endif
+}
+
+
/* Load an ELF image into the address space.
IMAGE_NAME is the filename of the image, to use in error messages.
@@ -1354,63 +1426,7 @@ static void load_elf_image(const char *image_name, int image_fd,
/* This is the main executable. Make sure that the low
address does not conflict with MMAP_MIN_ADDR or the
QEMU application itself. */
-#if defined(CONFIG_USE_GUEST_BASE)
- /*
- * In case where user has not explicitly set the guest_base, we
- * probe here that should we set it automatically.
- */
- if (!have_guest_base && !reserved_va) {
- unsigned long host_start, real_start, host_size;
-
- /* Round addresses to page boundaries. */
- loaddr &= qemu_host_page_mask;
- hiaddr = HOST_PAGE_ALIGN(hiaddr);
-
- if (loaddr < mmap_min_addr) {
- host_start = HOST_PAGE_ALIGN(mmap_min_addr);
- } else {
- host_start = loaddr;
- if (host_start != loaddr) {
- errmsg = "Address overflow loading ELF binary";
- goto exit_errmsg;
- }
- }
- host_size = hiaddr - loaddr;
- while (1) {
- /* Do not use mmap_find_vma here because that is limited to the
- guest address space. We are going to make the
- guest address space fit whatever we're given. */
- real_start = (unsigned long)
- mmap((void *)host_start, host_size, PROT_NONE,
- MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
- if (real_start == (unsigned long)-1) {
- goto exit_perror;
- }
- if (real_start == host_start) {
- break;
- }
- /* That address didn't work. Unmap and try a different one.
- The address the host picked because is typically right at
- the top of the host address space and leaves the guest with
- no usable address space. Resort to a linear search. We
- already compensated for mmap_min_addr, so this should not
- happen often. Probably means we got unlucky and host
- address space randomization put a shared library somewhere
- inconvenient. */
- munmap((void *)real_start, host_size);
- host_start += qemu_host_page_size;
- if (host_start == loaddr) {
- /* Theoretically possible if host doesn't have any suitably
- aligned areas. Normally the first mmap will fail. */
- errmsg = "Unable to find space for application";
- goto exit_errmsg;
- }
- }
- qemu_log("Relocating guest address space from 0x"
- TARGET_ABI_FMT_lx " to 0x%lx\n", loaddr, real_start);
- guest_base = real_start - loaddr;
- }
-#endif
+ probe_guest_base(image_name, loaddr, hiaddr);
}
load_bias = load_addr - loaddr;
--
1.7.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] linux-user: Handle images where lowest vaddr is not page aligned
2011-05-17 12:34 [Qemu-devel] [PATCH] linux-user: Handle images where lowest vaddr is not page aligned Peter Maydell
@ 2011-05-17 14:46 ` Russ Cox
2011-05-17 14:52 ` Gustavo Niemeyer
0 siblings, 1 reply; 3+ messages in thread
From: Russ Cox @ 2011-05-17 14:46 UTC (permalink / raw)
To: Peter Maydell; +Cc: gustavo, Riku Voipio, qemu-devel, patches
Thanks for tracking this down!
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] linux-user: Handle images where lowest vaddr is not page aligned
2011-05-17 14:46 ` Russ Cox
@ 2011-05-17 14:52 ` Gustavo Niemeyer
0 siblings, 0 replies; 3+ messages in thread
From: Gustavo Niemeyer @ 2011-05-17 14:52 UTC (permalink / raw)
To: Peter Maydell; +Cc: Riku Voipio, rsc, qemu-devel, patches
> Thanks for tracking this down!
Indeed, thanks a lot for the very fast action on this.
--
Gustavo Niemeyer
http://niemeyer.net
http://niemeyer.net/blog
http://niemeyer.net/twitter
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-05-17 14:53 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-17 12:34 [Qemu-devel] [PATCH] linux-user: Handle images where lowest vaddr is not page aligned Peter Maydell
2011-05-17 14:46 ` Russ Cox
2011-05-17 14:52 ` Gustavo Niemeyer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).