[Qemu-devel] [PATCH] Introduce --enable-binfmt-misc configure option

[Qemu-devel] [PATCH] Introduce --enable-binfmt-misc configure option

[Kirill A. Shutemov]

It makes qemu compatible with binfmt_misc's flags 'P' and 'O'.

'P' - preserve-argv[0].  Legacy behavior of binfmt_misc is to overwrite the
      original argv[0] with the full path to the binary.  When this flag is
      included, binfmt_misc will add an argument to the argument vector for
      this purpose, thus preserving the original argv[0].

'O' - open-binary. Legacy behavior of binfmt_misc is to pass the full path
      of the binary to the interpreter as an argument. When this flag is
      included, binfmt_misc will open the file for reading and pass its
      descriptor as an argument, instead of the full path, thus allowing
      the interpreter to execute non-readable binaries.

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 configure              |   90 ++++++++++++++++++++++++++----------------------
 linux-user/linuxload.c |    7 +---
 linux-user/main.c      |   39 ++++++++++++++++++++-
 linux-user/qemu.h      |    2 +-
 4 files changed, 89 insertions(+), 49 deletions(-)

diff --git a/configure b/configure
index 57b3b5a..aeeae72 100755
--- a/configure
+++ b/configure
@@ -122,6 +122,7 @@ kvm="yes"
 kerneldir=""
 aix="no"
 blobs="yes"
+binfmt_misc="no"
 
 # OS specific
 targetos=`uname -s`
@@ -380,6 +381,8 @@ for opt do
   ;;
   --kerneldir=*) kerneldir="$optarg"
   ;;
+  --enable-binfmt-misc) binfmt_misc="yes"
+  ;;
   *) echo "ERROR: unknown option $opt"; show_help="yes"
   ;;
   esac
@@ -491,6 +494,7 @@ echo "  --disable-vde            disable support for vde network"
 echo "  --disable-aio            disable AIO support"
 echo "  --disable-blobs          disable installing provided firmware blobs"
 echo "  --kerneldir=PATH         look for kernel includes in PATH"
+echo "  --enable-binfmt-misc     makes usermode compatible with binfmt_misc's flags 'P' and 'O'"
 echo ""
 echo "NOTE: The object files are built at the place where configure is launched"
 exit 1
@@ -1041,57 +1045,58 @@ else
   binsuffix="/bin"
 fi
 
-echo "Install prefix    $prefix"
-echo "BIOS directory    $prefix$datasuffix"
-echo "binary directory  $prefix$binsuffix"
+echo "Install prefix      $prefix"
+echo "BIOS directory      $prefix$datasuffix"
+echo "binary directory    $prefix$binsuffix"
 if test "$mingw32" = "no" ; then
-echo "Manual directory  $prefix$mansuffix"
-echo "ELF interp prefix $interp_prefix"
-fi
-echo "Source path       $source_path"
-echo "C compiler        $cc"
-echo "Host C compiler   $host_cc"
-echo "ARCH_CFLAGS       $ARCH_CFLAGS"
-echo "make              $make"
-echo "install           $install"
-echo "host CPU          $cpu"
-echo "host big endian   $bigendian"
-echo "target list       $target_list"
-echo "gprof enabled     $gprof"
-echo "sparse enabled    $sparse"
-echo "profiler          $profiler"
-echo "static build      $static"
-echo "-Werror enabled   $werror"
+echo "Manual directory    $prefix$mansuffix"
+echo "ELF interp prefix   $interp_prefix"
+fi
+echo "Source path         $source_path"
+echo "C compiler          $cc"
+echo "Host C compiler     $host_cc"
+echo "ARCH_CFLAGS         $ARCH_CFLAGS"
+echo "make                $make"
+echo "install             $install"
+echo "host CPU            $cpu"
+echo "host big endian     $bigendian"
+echo "target list         $target_list"
+echo "gprof enabled       $gprof"
+echo "sparse enabled      $sparse"
+echo "profiler            $profiler"
+echo "static build        $static"
+echo "-Werror enabled     $werror"
 if test "$darwin" = "yes" ; then
-    echo "Cocoa support     $cocoa"
+    echo "Cocoa support       $cocoa"
 fi
 echo "SDL support       $sdl"
 if test "$sdl" != "no" ; then
-    echo "SDL static link   $sdl_static"
-fi
-echo "curses support    $curses"
-echo "mingw32 support   $mingw32"
-echo "Audio drivers     $audio_drv_list"
-echo "Extra audio cards $audio_card_list"
-echo "Mixer emulation   $mixemu"
-echo "VNC TLS support   $vnc_tls"
+    echo "SDL static link     $sdl_static"
+fi
+echo "curses support      $curses"
+echo "mingw32 support     $mingw32"
+echo "Audio drivers       $audio_drv_list"
+echo "Extra audio cards   $audio_card_list"
+echo "Mixer emulation     $mixemu"
+echo "VNC TLS support     $vnc_tls"
 if test "$vnc_tls" = "yes" ; then
-    echo "    TLS CFLAGS    $vnc_tls_cflags"
-    echo "    TLS LIBS      $vnc_tls_libs"
+    echo "    TLS CFLAGS      $vnc_tls_cflags"
+    echo "    TLS LIBS        $vnc_tls_libs"
 fi
 if test -n "$sparc_cpu"; then
-    echo "Target Sparc Arch $sparc_cpu"
+    echo "Target Sparc Arch   $sparc_cpu"
 fi
-echo "kqemu support     $kqemu"
-echo "brlapi support    $brlapi"
-echo "Documentation     $build_docs"
+echo "kqemu support       $kqemu"
+echo "brlapi support      $brlapi"
+echo "Documentation       $build_docs"
 [ ! -z "$uname_release" ] && \
-echo "uname -r          $uname_release"
-echo "NPTL support      $nptl"
-echo "vde support       $vde"
-echo "AIO support       $aio"
-echo "Install blobs     $blobs"
-echo "KVM support       $kvm"
+echo "uname -r            $uname_release"
+echo "NPTL support        $nptl"
+echo "vde support         $vde"
+echo "AIO support         $aio"
+echo "Install blobs       $blobs"
+echo "KVM support         $kvm"
+echo "binfmt_misc support $binfmt_misc"
 
 if test $sdl_too_old = "yes"; then
 echo "-> Your SDL version is too old - please upgrade to have SDL support"
@@ -1709,6 +1714,9 @@ if test "$target_bsd_user" = "yes" ; then
   echo "CONFIG_BSD_USER=yes" >> $config_mak
   echo "#define CONFIG_BSD_USER 1" >> $config_h
 fi
+if test "$target_user_only" = "yes" -a "$binfmt_misc" = "yes"; then
+  echo "#define BINFMT_MISC 1" >> $config_h
+fi
 
 test -f ${config_h}~ && cmp -s $config_h ${config_h}~ && mv ${config_h}~ $config_h
 
diff --git a/linux-user/linuxload.c b/linux-user/linuxload.c
index ada7c69..cbd90f7 100644
--- a/linux-user/linuxload.c
+++ b/linux-user/linuxload.c
@@ -154,7 +154,7 @@ abi_ulong loader_build_argptr(int envc, int argc, abi_ulong sp,
     return sp;
 }
 
-int loader_exec(const char * filename, char ** argv, char ** envp,
+int loader_exec(int fd, const char * filename, char ** argv, char ** envp,
              struct target_pt_regs * regs, struct image_info *infop)
 {
     struct linux_binprm bprm;
@@ -164,10 +164,7 @@ int loader_exec(const char * filename, char ** argv, char ** envp,
     bprm.p = TARGET_PAGE_SIZE*MAX_ARG_PAGES-sizeof(unsigned int);
     for (i=0 ; i<MAX_ARG_PAGES ; i++)       /* clear page-table */
             bprm.page[i] = 0;
-    retval = open(filename, O_RDONLY);
-    if (retval < 0)
-        return retval;
-    bprm.fd = retval;
+    bprm.fd = fd;
     bprm.filename = (char *)filename;
     bprm.argc = count(argv);
     bprm.argv = argv;
diff --git a/linux-user/main.c b/linux-user/main.c
index 66be107..6ed9247 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -27,6 +27,7 @@
 
 #include "qemu.h"
 #include "qemu-common.h"
+#include "elf.h"
 /* For tb_lock */
 #include "exec-all.h"
 
@@ -2214,9 +2215,10 @@ void init_task_state(TaskState *ts)
     ts->sigqueue_table[i].next = NULL;
 }
  
-int main(int argc, char **argv)
+int main(int argc, char **argv, char **envp)
 {
     const char *filename;
+    int fd = -1;
     const char *cpu_model;
     struct target_pt_regs regs1, *regs = &regs1;
     struct image_info info1, *info = &info1;
@@ -2377,7 +2379,40 @@ int main(int argc, char **argv)
     }
     *dst = NULL; /* NULL terminate target_environ */
 
-    if (loader_exec(filename, argv+optind, target_environ, regs, info) != 0) {
+#ifdef BINFMT_MISC
+#if HOST_LONG_BITS == 32
+#define Elf_Dyn Elf32_Dyn
+#else
+#define Elf_Dyn Elf64_Dyn
+#endif
+    {
+        Elf_Dyn *auxv;
+
+        optind++; /* Handle binfmt_misc's option 'P' */
+
+        /* Handle binfmt_misc's option 'O' */
+        while(*envp++ != NULL); /* skip envp. we are on auxv now */
+        for(auxv = (Elf_Dyn *)envp; auxv->d_tag != AT_NULL; auxv++) {
+            if( auxv->d_tag == AT_EXECFD) {
+                fd = auxv->d_un.d_val;
+                break;
+            }
+        }
+
+        if (fd < 0) {
+            printf("Cannot find binary file descriptor\n");
+            _exit(1);
+        }
+    }
+#else
+    fd = open(filename, O_RDONLY);
+    if (fd < 0) {
+        printf("Cannot open file %s: %s\n", filename, strerror(errno));
+        _exit(1);
+    }
+#endif
+
+    if (loader_exec(fd, filename, argv+optind, target_environ, regs, info) != 0) {
         printf("Error loading %s\n", filename);
         _exit(1);
     }
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index a2abe51..52835ec 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -168,7 +168,7 @@ struct linux_binprm {
 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop);
 abi_ulong loader_build_argptr(int envc, int argc, abi_ulong sp,
                               abi_ulong stringp, int push_ptr);
-int loader_exec(const char * filename, char ** argv, char ** envp,
+int loader_exec(int fd, const char * filename, char ** argv, char ** envp,
              struct target_pt_regs * regs, struct image_info *infop);
 
 int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Fix fstatat64()/newfstatat() syscall implementation

[Kirill A. Shutemov]

There are two different syscall names for the same goal.

On systems with sizeof(long) == 64 it calls newfstatat.
On systems with sizeof(long) == 32 it calls fstatat64.

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |   29 +++++++++++++++++++++++++----
 1 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 4065917..dc65a77 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -169,6 +169,7 @@ static type name (type1 arg1,type2 arg2,type3 arg3,type4 arg4,type5 arg5,	\
 #define __NR_sys_linkat __NR_linkat
 #define __NR_sys_mkdirat __NR_mkdirat
 #define __NR_sys_mknodat __NR_mknodat
+#define __NR_sys_newfstatat __NR_newfstatat
 #define __NR_sys_openat __NR_openat
 #define __NR_sys_readlinkat __NR_readlinkat
 #define __NR_sys_renameat __NR_renameat
@@ -210,7 +211,8 @@ _syscall4(int,sys_fchmodat,int,dirfd,const char *,pathname,
 _syscall5(int,sys_fchownat,int,dirfd,const char *,pathname,
           uid_t,owner,gid_t,group,int,flags)
 #endif
-#if defined(TARGET_NR_fstatat64) && defined(__NR_fstatat64)
+#if (defined(TARGET_NR_fstatat64) || defined(TARGET_NR_newfstatat)) && \
+        defined(__NR_fstatat64)
 _syscall4(int,sys_fstatat64,int,dirfd,const char *,pathname,
           struct stat *,buf,int,flags)
 #endif
@@ -241,6 +243,11 @@ _syscall3(int,sys_mkdirat,int,dirfd,const char *,pathname,mode_t,mode)
 _syscall4(int,sys_mknodat,int,dirfd,const char *,pathname,
           mode_t,mode,dev_t,dev)
 #endif
+#if (defined(TARGET_NR_newfstatat) || defined(TARGET_NR_fstatat64) ) && \
+        defined(__NR_newfstatat)
+_syscall4(int,sys_newfstatat,int,dirfd,const char *,pathname,
+          struct stat *,buf,int,flags)
+#endif
 #if defined(TARGET_NR_openat) && defined(__NR_openat)
 _syscall4(int,sys_openat,int,dirfd,const char *,pathname,int,flags,mode_t,mode)
 #endif
@@ -3246,7 +3253,7 @@ static inline abi_long host_to_target_timespec(abi_ulong target_addr,
     return 0;
 }
 
-#ifdef TARGET_NR_stat64
+#if defined(TARGET_NR_stat64) || defined(TARGET_NR_newfstatat)
 static inline abi_long host_to_target_stat64(void *cpu_env,
                                              abi_ulong target_addr,
                                              struct stat *host_st)
@@ -3278,11 +3285,15 @@ static inline abi_long host_to_target_stat64(void *cpu_env,
     } else
 #endif
     {
+#if TARGET_LONG_BITS == 64
+        struct target_stat *target_st;
+#else
         struct target_stat64 *target_st;
+#endif
 
         if (!lock_user_struct(VERIFY_WRITE, target_st, target_addr, 0))
             return -TARGET_EFAULT;
-        memset(target_st, 0, sizeof(struct target_stat64));
+        memset(target_st, 0, sizeof(*target_st));
         __put_user(host_st->st_dev, &target_st->st_dev);
         __put_user(host_st->st_ino, &target_st->st_ino);
 #ifdef TARGET_STAT64_HAS_BROKEN_ST_INO
@@ -5373,11 +5384,21 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
             ret = host_to_target_stat64(cpu_env, arg2, &st);
         break;
 #endif
-#if defined(TARGET_NR_fstatat64) && defined(__NR_fstatat64)
+#if (defined(TARGET_NR_fstatat64) || defined(TARGET_NR_newfstatat)) && \
+        (defined(__NR_fstatat64) || defined(__NR_newfstatat))
+#ifdef TARGET_NR_fstatat64
     case TARGET_NR_fstatat64:
+#endif
+#ifdef TARGET_NR_newfstatat
+    case TARGET_NR_newfstatat:
+#endif
         if (!(p = lock_user_string(arg2)))
             goto efault;
+#ifdef __NR_fstatat64
         ret = get_errno(sys_fstatat64(arg1, path(p), &st, arg4));
+#else
+        ret = get_errno(sys_newfstatat(arg1, path(p), &st, arg4));
+#endif
         if (!is_error(ret))
             ret = host_to_target_stat64(cpu_env, arg3, &st);
         break;
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Move abi_* typedefs into qemu-types.h

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 bsd-user/qemu-types.h   |   24 ++++++++++++++++++++++++
 bsd-user/qemu.h         |   20 +-------------------
 linux-user/qemu-types.h |   24 ++++++++++++++++++++++++
 linux-user/qemu.h       |   20 +-------------------
 4 files changed, 50 insertions(+), 38 deletions(-)
 create mode 100644 bsd-user/qemu-types.h
 create mode 100644 linux-user/qemu-types.h

diff --git a/bsd-user/qemu-types.h b/bsd-user/qemu-types.h
new file mode 100644
index 0000000..1adda9f
--- /dev/null
+++ b/bsd-user/qemu-types.h
@@ -0,0 +1,24 @@
+#ifndef QEMU_TYPES_H
+#define QEMU_TYPES_H
+#include "cpu.h"
+
+#ifdef TARGET_ABI32
+typedef uint32_t abi_ulong;
+typedef int32_t abi_long;
+#define TARGET_ABI_FMT_lx "%08x"
+#define TARGET_ABI_FMT_ld "%d"
+#define TARGET_ABI_FMT_lu "%u"
+#define TARGET_ABI_BITS 32
+#else
+typedef target_ulong abi_ulong;
+typedef target_long abi_long;
+#define TARGET_ABI_FMT_lx TARGET_FMT_lx
+#define TARGET_ABI_FMT_ld TARGET_FMT_ld
+#define TARGET_ABI_FMT_lu TARGET_FMT_lu
+#define TARGET_ABI_BITS TARGET_LONG_BITS
+/* for consistency, define ABI32 too */
+#if TARGET_ABI_BITS == 32
+#define TARGET_ABI32 1
+#endif
+#endif
+#endif
diff --git a/bsd-user/qemu.h b/bsd-user/qemu.h
index 0a55ac3..3ea0044 100644
--- a/bsd-user/qemu.h
+++ b/bsd-user/qemu.h
@@ -11,25 +11,7 @@
 #include <stdlib.h>
 #endif /* DEBUG_REMAP */
 
-#ifdef TARGET_ABI32
-typedef uint32_t abi_ulong;
-typedef int32_t abi_long;
-#define TARGET_ABI_FMT_lx "%08x"
-#define TARGET_ABI_FMT_ld "%d"
-#define TARGET_ABI_FMT_lu "%u"
-#define TARGET_ABI_BITS 32
-#else
-typedef target_ulong abi_ulong;
-typedef target_long abi_long;
-#define TARGET_ABI_FMT_lx TARGET_FMT_lx
-#define TARGET_ABI_FMT_ld TARGET_FMT_ld
-#define TARGET_ABI_FMT_lu TARGET_FMT_lu
-#define TARGET_ABI_BITS TARGET_LONG_BITS
-/* for consistency, define ABI32 too */
-#if TARGET_ABI_BITS == 32
-#define TARGET_ABI32 1
-#endif
-#endif
+#include "qemu-types.h"
 
 enum BSDType {
     target_freebsd,
diff --git a/linux-user/qemu-types.h b/linux-user/qemu-types.h
new file mode 100644
index 0000000..1adda9f
--- /dev/null
+++ b/linux-user/qemu-types.h
@@ -0,0 +1,24 @@
+#ifndef QEMU_TYPES_H
+#define QEMU_TYPES_H
+#include "cpu.h"
+
+#ifdef TARGET_ABI32
+typedef uint32_t abi_ulong;
+typedef int32_t abi_long;
+#define TARGET_ABI_FMT_lx "%08x"
+#define TARGET_ABI_FMT_ld "%d"
+#define TARGET_ABI_FMT_lu "%u"
+#define TARGET_ABI_BITS 32
+#else
+typedef target_ulong abi_ulong;
+typedef target_long abi_long;
+#define TARGET_ABI_FMT_lx TARGET_FMT_lx
+#define TARGET_ABI_FMT_ld TARGET_FMT_ld
+#define TARGET_ABI_FMT_lu TARGET_FMT_lu
+#define TARGET_ABI_BITS TARGET_LONG_BITS
+/* for consistency, define ABI32 too */
+#if TARGET_ABI_BITS == 32
+#define TARGET_ABI32 1
+#endif
+#endif
+#endif
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 52835ec..b620c97 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -11,25 +11,7 @@
 #include <stdlib.h>
 #endif /* DEBUG_REMAP */
 
-#ifdef TARGET_ABI32
-typedef uint32_t abi_ulong;
-typedef int32_t abi_long;
-#define TARGET_ABI_FMT_lx "%08x"
-#define TARGET_ABI_FMT_ld "%d"
-#define TARGET_ABI_FMT_lu "%u"
-#define TARGET_ABI_BITS 32
-#else
-typedef target_ulong abi_ulong;
-typedef target_long abi_long;
-#define TARGET_ABI_FMT_lx TARGET_FMT_lx
-#define TARGET_ABI_FMT_ld TARGET_FMT_ld
-#define TARGET_ABI_FMT_lu TARGET_FMT_lu
-#define TARGET_ABI_BITS TARGET_LONG_BITS
-/* for consistency, define ABI32 too */
-#if TARGET_ABI_BITS == 32
-#define TARGET_ABI32 1
-#endif
-#endif
+#include "qemu-types.h"
 
 #include "thunk.h"
 #include "syscall_defs.h"
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Kirill A. Shutemov]

From: Jan Kiszka <jan.kiszka@web.de>

h2g can only work on 64-bit hosts if the provided address is mappable to
the guest range. Neglecting this was already the source for several
bugs. Instrument the macro so that it will trigger earlier in the
future (at least as long as we have this kind of mapping mechanism).

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 cpu-all.h |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/cpu-all.h b/cpu-all.h
index 73c7b4c..526ace2 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -621,6 +621,9 @@ static inline void stfq_be_p(void *ptr, float64 v)
 /* MMU memory access macros */
 
 #if defined(CONFIG_USER_ONLY)
+#include <assert.h>
+#include "qemu-types.h"
+
 /* On some host systems the guest address space is reserved on the host.
  * This allows the guest address space to be offset to a convenient location.
  */
@@ -629,7 +632,12 @@ static inline void stfq_be_p(void *ptr, float64 v)
 
 /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
 #define g2h(x) ((void *)((unsigned long)(x) + GUEST_BASE))
-#define h2g(x) ((target_ulong)((unsigned long)(x) - GUEST_BASE))
+#define h2g(x) ({ \
+    unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
+    /* Check if given address fits target address space */ \
+    assert(__ret == (abi_ulong)__ret); \
+    (abi_ulong)__ret; \
+})
 
 #define saddr(x) g2h(x)
 #define laddr(x) g2h(x)
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] linux-user: Introduce h2g_valid

[Kirill A. Shutemov]

From: Jan Kiszka <jan.kiszka@web.de>

Introduce h2g_valid to check if a given host address can be converted
into a valid guest address.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 cpu-all.h |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/cpu-all.h b/cpu-all.h
index 526ace2..341c38e 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -638,6 +638,10 @@ static inline void stfq_be_p(void *ptr, float64 v)
     assert(__ret == (abi_ulong)__ret); \
     (abi_ulong)__ret; \
 })
+#define h2g_valid(x) ({ \
+    unsigned long __guest = (unsigned long)(x) - GUEST_BASE; \
+    (__guest == (abi_ulong)__guest); \
+})
 
 #define saddr(x) g2h(x)
 #define laddr(x) g2h(x)
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] linux-user: Fix h2g usage in page_find_alloc

[Kirill A. Shutemov]

From: Jan Kiszka <jan.kiszka@web.de>

Paul's comment on my first approach to fix the h2g usage in
page_find_alloc finally open my eyes about what the code is actually
supposed to do:

With the help of h2g_valid we can no cleanly check if a freshly allocate
page (for host usage) is guest-reachable and, in case it is, mark it
reserved in the guest's address range.

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 exec.c |    5 ++---
 1 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/exec.c b/exec.c
index 58a0cff..105812f 100644
--- a/exec.c
+++ b/exec.c
@@ -305,14 +305,13 @@ static inline PageDesc *page_find_alloc(target_ulong index)
     if (!p) {
         /* allocate if not found */
 #if defined(CONFIG_USER_ONLY)
-        unsigned long addr;
         size_t len = sizeof(PageDesc) * L2_SIZE;
         /* Don't use qemu_malloc because it may recurse.  */
         p = mmap(0, len, PROT_READ | PROT_WRITE,
                  MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
         *lp = p;
-        addr = h2g(p);
-        if (addr == (target_ulong)addr) {
+        if (h2g_valid(p)) {
+            unsigned long addr = h2g(p);
             page_set_flags(addr & TARGET_PAGE_MASK,
                            TARGET_PAGE_ALIGN(addr + len),
                            PAGE_RESERVED); 
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

qemu's page table can be incomple if /proc/self/maps is unavailable or
host allocating a memory with mmap(), so we can't use it to find free
memory area.

New version mmap_find_vma() uses mmap() without MAP_FIXED to find free
memory.

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/mmap.c |   81 ++++++++++++++++++++++++++++------------------------
 1 files changed, 44 insertions(+), 37 deletions(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index d5f22b8..d96917d 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -255,52 +255,59 @@ static abi_ulong mmap_next_start = 0x40000000;
 
 unsigned long last_brk;
 
-/* find a free memory area of size 'size'. The search starts at
-   'start'. If 'start' == 0, then a default start address is used.
-   Return -1 if error.
-*/
-/* page_init() marks pages used by the host as reserved to be sure not
-   to use them. */
-static abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
+/*
+ * Find and reserve a free memory area of size 'size'. The search
+ * starts at 'start'.
+ * It must be called with mmap_lock() held.
+ * Return -1 if error.
+ */
+abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size)
 {
-    abi_ulong addr, addr1, addr_start;
-    int prot;
-    unsigned long new_brk;
-
-    new_brk = (unsigned long)sbrk(0);
-    if (last_brk && last_brk < new_brk && last_brk == (target_ulong)last_brk) {
-        /* This is a hack to catch the host allocating memory with brk().
-           If it uses mmap then we loose.
-           FIXME: We really want to avoid the host allocating memory in
-           the first place, and maybe leave some slack to avoid switching
-           to mmap.  */
-        page_set_flags(last_brk & TARGET_PAGE_MASK,
-                       TARGET_PAGE_ALIGN(new_brk),
-                       PAGE_RESERVED); 
-    }
-    last_brk = new_brk;
+    void *ptr;
+    abi_ulong addr;
 
     size = HOST_PAGE_ALIGN(size);
-    start = start & qemu_host_page_mask;
+    start &= qemu_host_page_mask;
+
+    /* If 'start' == 0, then a default start address is used. */
+    if (start == 0)
+        start = mmap_next_start;
+
     addr = start;
-    if (addr == 0)
-        addr = mmap_next_start;
-    addr_start = addr;
+
     for(;;) {
-        prot = 0;
-        for(addr1 = addr; addr1 < (addr + size); addr1 += TARGET_PAGE_SIZE) {
-            prot |= page_get_flags(addr1);
-        }
-        if (prot == 0)
+        /*
+         * Reserve needed memory area to avoid a race.
+         * It should be discarded using:
+         *  - mmap() with MAP_FIXED flag
+         *  - mremap() with MREMAP_FIXED flag
+         *  - shmat() with SHM_REMAP flag
+         */
+        ptr = mmap((void *)(unsigned long)addr, size, PROT_NONE,
+                   MAP_ANONYMOUS|MAP_PRIVATE|MAP_NORESERVE, -1, 0);
+
+        /* ENOMEM, if host address space has no memory */
+        if (ptr == MAP_FAILED)
+            return (abi_ulong)-1;
+
+        /* If address fits target address space we've found what we need */
+        if ((unsigned long)ptr + size - 1 <= (abi_ulong)-1)
             break;
+
+        /* Unmap and try again with new page */
+        munmap(ptr, size);
         addr += qemu_host_page_size;
-        /* we found nothing */
-        if (addr == addr_start)
+
+        /* ENOMEM if we check whole of target address space */
+        if (addr == start)
             return (abi_ulong)-1;
     }
-    if (start == 0)
-        mmap_next_start = addr + size;
-    return addr;
+
+    /* Update default start address */
+    if (start == mmap_next_start)
+        mmap_next_start = (unsigned long)ptr + size;
+
+    return h2g(ptr);
 }
 
 /* NOTE: all the constants are the HOST ones */
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] mmap: add check if requested memory area fits target address space

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/mmap.c |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index d96917d..52e2dc8 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -389,6 +389,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
         end = start + len;
         real_end = HOST_PAGE_ALIGN(end);
 
+	/*
+	 * Test if requested memory area fits target address space
+	 * It can fail only on 64-bit host with 32-bit target.
+	 * On any other target/host host mmap() handles this error correctly.
+	 */
+        if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
+            errno = EINVAL;
+            goto fail;
+        }
+
         for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
             flg = page_get_flags(addr);
             if (flg & PAGE_RESERVED) {
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] mremap(): handle MREMAP_FIXED and MREMAP_MAYMOVE correctly

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/mmap.c |   35 +++++++++++++++++++++++++++++------
 1 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 52e2dc8..0a1e27a 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -544,19 +544,41 @@ int target_munmap(abi_ulong start, abi_ulong len)
     return ret;
 }
 
-/* XXX: currently, we only handle MAP_ANONYMOUS and not MAP_FIXED
-   blocks which have been allocated starting on a host page */
 abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
                        abi_ulong new_size, unsigned long flags,
                        abi_ulong new_addr)
 {
     int prot;
-    unsigned long host_addr;
+    void *host_addr;
 
     mmap_lock();
-    /* XXX: use 5 args syscall */
-    host_addr = (long)mremap(g2h(old_addr), old_size, new_size, flags);
-    if (host_addr == -1) {
+
+    if (flags & MREMAP_FIXED)
+        host_addr = mremap(g2h(old_addr), old_size, new_size,
+                           flags, new_addr);
+    else if (flags & MREMAP_MAYMOVE) {
+        abi_ulong mmap_start;
+
+        mmap_start = mmap_find_vma(0, new_size);
+
+        if (mmap_start == -1) {
+            errno = ENOMEM;
+            host_addr = MAP_FAILED;
+        } else
+            host_addr = mremap(g2h(old_addr), old_size, new_size,
+                               flags | MREMAP_FIXED, g2h(mmap_start));
+    } else {
+        host_addr = mremap(g2h(old_addr), old_size, new_size, flags);
+        /* Check if address fits target address space */
+        if ((unsigned long)host_addr + new_size > (abi_ulong)-1) {
+            /* Revert mremap() changes */
+            host_addr = mremap(g2h(old_addr), new_size, old_size, flags);
+            errno = ENOMEM;
+            host_addr = MAP_FAILED;
+        }
+    }
+
+    if (host_addr == MAP_FAILED) {
         new_addr = -1;
     } else {
         new_addr = h2g(host_addr);
@@ -564,6 +586,7 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
         page_set_flags(old_addr, old_addr + old_size, 0);
         page_set_flags(new_addr, new_addr + new_size, prot | PAGE_VALID);
     }
+
     mmap_unlock();
     return new_addr;
 }
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Fix and cleanup IPCOP_sem* ipc calls handling

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |  319 +++++++++++++++++++++++++++++++-------------------
 1 files changed, 198 insertions(+), 121 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index dc65a77..ee61e1e 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1645,14 +1645,14 @@ struct target_ipc_perm
 
 struct target_semid_ds
 {
-  struct target_ipc_perm sem_perm;
-  abi_ulong sem_otime;
-  abi_ulong __unused1;
-  abi_ulong sem_ctime;
-  abi_ulong __unused2;
-  abi_ulong sem_nsems;
-  abi_ulong __unused3;
-  abi_ulong __unused4;
+    struct target_ipc_perm sem_perm;
+    abi_ulong sem_otime;
+    abi_ulong __unused1;
+    abi_ulong sem_ctime;
+    abi_ulong __unused2;
+    abi_ulong sem_nsems;
+    abi_ulong __unused3;
+    abi_ulong __unused4;
 };
 
 static inline abi_long target_to_host_ipc_perm(struct ipc_perm *host_ip,
@@ -1700,7 +1700,8 @@ static inline abi_long target_to_host_semid_ds(struct semid_ds *host_sd,
 
     if (!lock_user_struct(VERIFY_READ, target_sd, target_addr, 1))
         return -TARGET_EFAULT;
-    target_to_host_ipc_perm(&(host_sd->sem_perm),target_addr);
+    if (target_to_host_ipc_perm(&(host_sd->sem_perm),target_addr))
+        return -TARGET_EFAULT;
     host_sd->sem_nsems = tswapl(target_sd->sem_nsems);
     host_sd->sem_otime = tswapl(target_sd->sem_otime);
     host_sd->sem_ctime = tswapl(target_sd->sem_ctime);
@@ -1715,7 +1716,8 @@ static inline abi_long host_to_target_semid_ds(abi_ulong target_addr,
 
     if (!lock_user_struct(VERIFY_WRITE, target_sd, target_addr, 0))
         return -TARGET_EFAULT;
-    host_to_target_ipc_perm(target_addr,&(host_sd->sem_perm));
+    if (host_to_target_ipc_perm(target_addr,&(host_sd->sem_perm)))
+        return -TARGET_EFAULT;;
     target_sd->sem_nsems = tswapl(host_sd->sem_nsems);
     target_sd->sem_otime = tswapl(host_sd->sem_otime);
     target_sd->sem_ctime = tswapl(host_sd->sem_ctime);
@@ -1723,135 +1725,215 @@ static inline abi_long host_to_target_semid_ds(abi_ulong target_addr,
     return 0;
 }
 
+struct target_seminfo {
+    int semmap;
+    int semmni;
+    int semmns;
+    int semmnu;
+    int semmsl;
+    int semopm;
+    int semume;
+    int semusz;
+    int semvmx;
+    int semaem;
+};
+
+static inline abi_long host_to_target_seminfo(abi_ulong target_addr,
+                                              struct seminfo *host_seminfo)
+{
+    struct target_seminfo *target_seminfo;
+    if (!lock_user_struct(VERIFY_WRITE, target_seminfo, target_addr, 0))
+        return -TARGET_EFAULT;
+    __put_user(host_seminfo->semmap, &target_seminfo->semmap);
+    __put_user(host_seminfo->semmni, &target_seminfo->semmni);
+    __put_user(host_seminfo->semmns, &target_seminfo->semmns);
+    __put_user(host_seminfo->semmnu, &target_seminfo->semmnu);
+    __put_user(host_seminfo->semmsl, &target_seminfo->semmsl);
+    __put_user(host_seminfo->semopm, &target_seminfo->semopm);
+    __put_user(host_seminfo->semume, &target_seminfo->semume);
+    __put_user(host_seminfo->semusz, &target_seminfo->semusz);
+    __put_user(host_seminfo->semvmx, &target_seminfo->semvmx);
+    __put_user(host_seminfo->semaem, &target_seminfo->semaem);
+    unlock_user_struct(target_seminfo, target_addr, 1);
+    return 0;
+}
+
 union semun {
-	int val;
-	struct semid_ds *buf;
-	unsigned short *array;
+    int val;
+    struct semid_ds *buf;
+    unsigned short *array;
+    struct seminfo *__buf;
 };
 
 union target_semun {
-	int val;
-	abi_long buf;
-	unsigned short int *array;
+    int val;
+    abi_ulong buf;
+    abi_ulong array;
+    abi_ulong __buf;
 };
 
-static inline abi_long target_to_host_semun(int cmd,
-                                            union semun *host_su,
-                                            abi_ulong target_addr,
-                                            struct semid_ds *ds)
+static inline abi_long target_to_host_semarray(int semid, unsigned short **host_array,
+                                               abi_ulong target_addr)
 {
-    union target_semun *target_su;
-
-    switch( cmd ) {
-	case IPC_STAT:
-	case IPC_SET:
-           if (!lock_user_struct(VERIFY_READ, target_su, target_addr, 1))
-               return -TARGET_EFAULT;
-	   target_to_host_semid_ds(ds,target_su->buf);
-	   host_su->buf = ds;
-           unlock_user_struct(target_su, target_addr, 0);
-	   break;
-	case GETVAL:
-	case SETVAL:
-           if (!lock_user_struct(VERIFY_READ, target_su, target_addr, 1))
-               return -TARGET_EFAULT;
-	   host_su->val = tswapl(target_su->val);
-           unlock_user_struct(target_su, target_addr, 0);
-	   break;
-	case GETALL:
-	case SETALL:
-           if (!lock_user_struct(VERIFY_READ, target_su, target_addr, 1))
-               return -TARGET_EFAULT;
-	   *host_su->array = tswap16(*target_su->array);
-           unlock_user_struct(target_su, target_addr, 0);
-	   break;
-	default:
-           gemu_log("semun operation not fully supported: %d\n", (int)cmd);
+    int nsems;
+    unsigned short *array;
+    union semun semun;
+    struct semid_ds semid_ds;
+    int i, ret;
+
+    semun.buf = &semid_ds;
+
+    ret = semctl(semid, 0, IPC_STAT, semun);
+    if (ret == -1)
+        return get_errno(ret);
+
+    nsems = semid_ds.sem_nsems;
+
+    *host_array = malloc(nsems*sizeof(unsigned short));
+    array = lock_user(VERIFY_READ, target_addr,
+                      nsems*sizeof(unsigned short), 1);
+    if (!array)
+        return -TARGET_EFAULT;
+
+    for(i=0; i<nsems; i++) {
+        __get_user((*host_array)[i], &array[i]);
     }
+    unlock_user(array, target_addr, 0);
+
     return 0;
 }
 
-static inline abi_long host_to_target_semun(int cmd,
-                                            abi_ulong target_addr,
-                                            union semun *host_su,
-                                            struct semid_ds *ds)
+static inline abi_long host_to_target_semarray(int semid, abi_ulong target_addr,
+                                               unsigned short **host_array)
 {
-    union target_semun *target_su;
-
-    switch( cmd ) {
-	case IPC_STAT:
-	case IPC_SET:
-           if (lock_user_struct(VERIFY_WRITE, target_su, target_addr, 0))
-               return -TARGET_EFAULT;
-	   host_to_target_semid_ds(target_su->buf,ds);
-           unlock_user_struct(target_su, target_addr, 1);
-	   break;
-	case GETVAL:
-	case SETVAL:
-           if (lock_user_struct(VERIFY_WRITE, target_su, target_addr, 0))
-               return -TARGET_EFAULT;
-	   target_su->val = tswapl(host_su->val);
-           unlock_user_struct(target_su, target_addr, 1);
-	   break;
-	case GETALL:
-	case SETALL:
-           if (lock_user_struct(VERIFY_WRITE, target_su, target_addr, 0))
-               return -TARGET_EFAULT;
-	   *target_su->array = tswap16(*host_su->array);
-           unlock_user_struct(target_su, target_addr, 1);
-	   break;
-        default:
-           gemu_log("semun operation not fully supported: %d\n", (int)cmd);
+    int nsems;
+    unsigned short *array;
+    union semun semun;
+    struct semid_ds semid_ds;
+    int i, ret;
+
+    semun.buf = &semid_ds;
+
+    ret = semctl(semid, 0, IPC_STAT, semun);
+    if (ret == -1)
+        return get_errno(ret);
+
+    nsems = semid_ds.sem_nsems;
+
+    array = lock_user(VERIFY_WRITE, target_addr,
+                      nsems*sizeof(unsigned short), 0);
+    if (!array)
+        return -TARGET_EFAULT;
+
+    for(i=0; i<nsems; i++) {
+        __put_user((*host_array)[i], &array[i]);
     }
+    free(*host_array);
+    unlock_user(array, target_addr, 1);
+
     return 0;
 }
 
-static inline abi_long do_semctl(int first, int second, int third,
-                                 abi_long ptr)
+static inline abi_long do_semctl(int semid, int semnum, int cmd,
+                                 union target_semun target_su)
 {
     union semun arg;
     struct semid_ds dsarg;
-    int cmd = third&0xff;
-    abi_long ret = 0;
+    unsigned short *array;
+    struct seminfo seminfo;
+    abi_long ret = -TARGET_EINVAL;
+    abi_long err;
 
-    switch( cmd ) {
-	case GETVAL:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-	case SETVAL:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-	case GETALL:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-	case SETALL:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-	case IPC_STAT:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-	case IPC_SET:
-            target_to_host_semun(cmd,&arg,ptr,&dsarg);
-            ret = get_errno(semctl(first, second, cmd, arg));
-            host_to_target_semun(cmd,ptr,&arg,&dsarg);
-            break;
-    default:
-            ret = get_errno(semctl(first, second, cmd, arg));
+    cmd &= 0xff;
+
+    switch (cmd) {
+    case IPC_STAT:
+    case IPC_SET:
+    case SEM_STAT:
+        err = target_to_host_semid_ds(&dsarg, target_su.buf);
+        if (err)
+            return err;
+        arg.buf = &dsarg;
+        ret = get_errno(semctl(semid, semnum, cmd, arg));
+        err = host_to_target_semid_ds(target_su.buf, &dsarg);
+        if (err)
+            return err;
+        break;
+    case GETVAL:
+    case SETVAL:
+        arg.val = tswapl(target_su.val);
+        ret = get_errno(semctl(semid, semnum, cmd, arg));
+        target_su.val = tswapl(arg.val);
+        break;
+    case GETALL:
+    case SETALL:
+        err = target_to_host_semarray(semid, &array, target_su.array);
+        if (err)
+            return err;
+        arg.array = array;
+        ret = get_errno(semctl(semid, semnum, cmd, arg));
+        err = host_to_target_semarray(semid, target_su.array, &array);
+        if (err)
+            return err;
+        break;
+    case IPC_INFO:
+    case SEM_INFO:
+        arg.__buf = &seminfo;
+        ret = get_errno(semctl(semid, semnum, cmd, arg));
+        err = host_to_target_seminfo(target_su.__buf, &seminfo);
+        if (err)
+            return err;
+        break;
+    case IPC_RMID:
+    case GETPID:
+    case GETNCNT:
+    case GETZCNT:
+        ret = get_errno(semctl(semid, semnum, cmd, NULL));
+        break;
     }
 
     return ret;
 }
 
+struct target_sembuf {
+    unsigned short sem_num;
+    short sem_op;
+    short sem_flg;
+};
+
+static inline abi_long target_to_host_sembuf(struct sembuf *host_sembuf,
+                                             abi_ulong target_addr,
+                                             unsigned nsops)
+{
+    struct target_sembuf *target_sembuf;
+    int i;
+
+    target_sembuf = lock_user(VERIFY_READ, target_addr,
+                              nsops*sizeof(struct target_sembuf), 1);
+    if (!target_sembuf)
+        return -TARGET_EFAULT;
+
+    for(i=0; i<nsops; i++) {
+        __put_user(target_sembuf[i].sem_num, &host_sembuf[i].sem_num);
+        __put_user(target_sembuf[i].sem_op, &host_sembuf[i].sem_op);
+        __put_user(target_sembuf[i].sem_flg, &host_sembuf[i].sem_flg);
+    }
+
+    unlock_user(target_sembuf, target_addr, 0);
+
+    return 0;
+}
+
+static inline abi_long do_semop(int semid, abi_long ptr, unsigned nsops)
+{
+    struct sembuf sops[nsops];
+
+    if (target_to_host_sembuf(sops, ptr, nsops))
+        return -TARGET_EFAULT;
+
+    return semop(semid, sops, nsops);
+}
+
 struct target_msqid_ds
 {
     struct target_ipc_perm msg_perm;
@@ -2055,7 +2137,7 @@ static abi_long do_ipc(unsigned int call, int first,
 
     switch (call) {
     case IPCOP_semop:
-        ret = get_errno(semop(first,(struct sembuf *)g2h(ptr), second));
+        ret = do_semop(first, ptr, second);
         break;
 
     case IPCOP_semget:
@@ -2063,12 +2145,7 @@ static abi_long do_ipc(unsigned int call, int first,
         break;
 
     case IPCOP_semctl:
-        ret = do_semctl(first, second, third, ptr);
-        break;
-
-    case IPCOP_semtimedop:
-        gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
-        ret = -TARGET_ENOSYS;
+        ret = do_semctl(first, second, third, (union target_semun)(abi_ulong) ptr);
         break;
 
     case IPCOP_msgget:
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Implement sem* syscalls

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |   16 +++++++++++++++-
 1 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index ee61e1e..276f557 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4925,7 +4925,21 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 	ret = do_ipc(arg1, arg2, arg3, arg4, arg5, arg6);
 	break;
 #endif
-
+#ifdef TARGET_NR_semget
+    case TARGET_NR_semget:
+        ret = get_errno(semget(arg1, arg2, arg3));
+        break;
+#endif
+#ifdef TARGET_NR_semop
+    case TARGET_NR_semop:
+        ret = get_errno(do_semop(arg1, arg2, arg3));
+        break;
+#endif
+#ifdef TARGET_NR_semctl
+    case TARGET_NR_semctl:
+        ret = do_semctl(arg1, arg2, arg3, (union target_semun)(abi_ulong)arg4);
+        break;
+#endif
 #ifdef TARGET_NR_msgctl
     case TARGET_NR_msgctl:
         ret = do_msgctl(arg1, arg2, arg3);
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Fix and cleanup IPCOP_shm* ipc calls handling

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |  282 +++++++++++++++++++++++++++++++++++++++----------
 1 files changed, 224 insertions(+), 58 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 276f557..8994cd0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -2120,6 +2120,206 @@ end:
     return ret;
 }
 
+struct target_shmid_ds
+{
+    struct target_ipc_perm shm_perm;
+    abi_ulong shm_segsz;
+    abi_ulong shm_atime;
+#if TARGET_ABI_BITS == 32
+    abi_ulong __unused1;
+#endif
+    abi_ulong shm_dtime;
+#if TARGET_ABI_BITS == 32
+    abi_ulong __unused2;
+#endif
+    abi_ulong shm_ctime;
+#if TARGET_ABI_BITS == 32
+    abi_ulong __unused3;
+#endif
+    int shm_cpid;
+    int shm_lpid;
+    abi_ulong shm_nattch;
+    unsigned long int __unused4;
+    unsigned long int __unused5;
+};
+
+static inline abi_long target_to_host_shmid_ds(struct shmid_ds *host_sd,
+                                               abi_ulong target_addr)
+{
+    struct target_shmid_ds *target_sd;
+
+    if (!lock_user_struct(VERIFY_READ, target_sd, target_addr, 1))
+        return -TARGET_EFAULT;
+    if (target_to_host_ipc_perm(&(host_sd->shm_perm), target_addr))
+        return -TARGET_EFAULT;
+    __put_user(target_sd->shm_segsz, &host_sd->shm_segsz);
+    __put_user(target_sd->shm_atime, &host_sd->shm_atime);
+    __put_user(target_sd->shm_dtime, &host_sd->shm_dtime);
+    __put_user(target_sd->shm_ctime, &host_sd->shm_ctime);
+    __put_user(target_sd->shm_cpid, &host_sd->shm_cpid);
+    __put_user(target_sd->shm_lpid, &host_sd->shm_lpid);
+    __put_user(target_sd->shm_nattch, &host_sd->shm_nattch);
+    unlock_user_struct(target_sd, target_addr, 0);
+    return 0;
+}
+
+static inline abi_long host_to_target_shmid_ds(abi_ulong target_addr,
+                                               struct shmid_ds *host_sd)
+{
+    struct target_shmid_ds *target_sd;
+
+    if (!lock_user_struct(VERIFY_WRITE, target_sd, target_addr, 0))
+        return -TARGET_EFAULT;
+    if (host_to_target_ipc_perm(target_addr, &(host_sd->shm_perm)))
+        return -TARGET_EFAULT;
+    __put_user(host_sd->shm_segsz, &target_sd->shm_segsz);
+    __put_user(host_sd->shm_atime, &target_sd->shm_atime);
+    __put_user(host_sd->shm_dtime, &target_sd->shm_dtime);
+    __put_user(host_sd->shm_ctime, &target_sd->shm_ctime);
+    __put_user(host_sd->shm_cpid, &target_sd->shm_cpid);
+    __put_user(host_sd->shm_lpid, &target_sd->shm_lpid);
+    __put_user(host_sd->shm_nattch, &target_sd->shm_nattch);
+    unlock_user_struct(target_sd, target_addr, 1);
+    return 0;
+}
+
+struct  target_shminfo {
+    abi_ulong shmmax;
+    abi_ulong shmmin;
+    abi_ulong shmmni;
+    abi_ulong shmseg;
+    abi_ulong shmall;
+};
+
+static inline abi_long host_to_target_shminfo(abi_ulong target_addr,
+                                              struct shminfo *host_shminfo)
+{
+    struct target_shminfo *target_shminfo;
+    if (!lock_user_struct(VERIFY_WRITE, target_shminfo, target_addr, 0))
+        return -TARGET_EFAULT;
+    __put_user(host_shminfo->shmmax, &target_shminfo->shmmax);
+    __put_user(host_shminfo->shmmin, &target_shminfo->shmmin);
+    __put_user(host_shminfo->shmmni, &target_shminfo->shmmni);
+    __put_user(host_shminfo->shmseg, &target_shminfo->shmseg);
+    __put_user(host_shminfo->shmall, &target_shminfo->shmall);
+    unlock_user_struct(target_shminfo, target_addr, 1);
+}
+
+struct target_shm_info {
+    int used_ids;
+    abi_ulong shm_tot;
+    abi_ulong shm_rss;
+    abi_ulong shm_swp;
+    abi_ulong swap_attempts;
+    abi_ulong swap_successes;
+};
+
+static inline abi_long host_to_target_shm_info(abi_ulong target_addr,
+                                               struct shm_info *host_shm_info)
+{
+    struct target_shm_info *target_shm_info;
+    if (!lock_user_struct(VERIFY_WRITE, target_shm_info, target_addr, 0))
+        return -TARGET_EFAULT;
+    __put_user(host_shm_info->used_ids, &target_shm_info->used_ids);
+    __put_user(host_shm_info->shm_tot, &target_shm_info->shm_tot);
+    __put_user(host_shm_info->shm_rss, &target_shm_info->shm_rss);
+    __put_user(host_shm_info->shm_swp, &target_shm_info->shm_swp);
+    __put_user(host_shm_info->swap_attempts, &target_shm_info->swap_attempts);
+    __put_user(host_shm_info->swap_successes, &target_shm_info->swap_successes);
+    unlock_user_struct(target_shm_info, target_addr, 1);
+}
+
+static inline abi_long do_shmctl(int shmid, int cmd, abi_long buf)
+{
+    struct shmid_ds dsarg;
+    struct shminfo shminfo;
+    struct shm_info shm_info;
+    abi_long ret = -TARGET_EINVAL;
+
+    cmd &= 0xff;
+
+    switch(cmd) {
+    case IPC_STAT:
+    case IPC_SET:
+    case SHM_STAT:
+        if (target_to_host_shmid_ds(&dsarg, buf))
+            return -TARGET_EFAULT;
+        ret = get_errno(shmctl(shmid, cmd, &dsarg));
+        if (host_to_target_shmid_ds(buf, &dsarg))
+            return -TARGET_EFAULT;
+        break;
+    case IPC_INFO:
+        ret = get_errno(shmctl(shmid, cmd, (struct shmid_ds *)&shminfo));
+        if (host_to_target_shminfo(buf, &shminfo))
+            return -TARGET_EFAULT;
+        break;
+    case SHM_INFO:
+        ret = get_errno(shmctl(shmid, cmd, (struct shmid_ds *)&shm_info));
+        if (host_to_target_shm_info(buf, &shm_info))
+            return -TARGET_EFAULT;
+        break;
+    case IPC_RMID:
+    case SHM_LOCK:
+    case SHM_UNLOCK:
+        ret = get_errno(shmctl(shmid, cmd, NULL));
+        break;
+    }
+
+    return ret;
+}
+
+static inline abi_long do_shmat(int shmid, abi_ulong shmaddr, int shmflg,
+                                unsigned long *raddr)
+{
+    abi_long ret;
+    struct shmid_ds shm_info;
+    int i;
+
+    /* SHM_* flags are the same on all linux platforms */
+    *raddr = (unsigned long) shmat(shmid, g2h(shmaddr), shmflg);
+
+    if (*raddr == -1) {
+        return get_errno(*raddr);
+    }
+
+    /* find out the length of the shared memory segment */
+    ret = get_errno(shmctl(shmid, IPC_STAT, &shm_info));
+    if (is_error(ret)) {
+        /* can't get length, bail out */
+        shmdt((void *) *raddr);
+        return get_errno(ret);
+    }
+
+    page_set_flags(h2g(*raddr), h2g(*raddr) + shm_info.shm_segsz,
+                   PAGE_VALID | PAGE_READ |
+                   ((shmflg & SHM_RDONLY)? 0 : PAGE_WRITE));
+
+    for (i = 0; i < N_SHM_REGIONS; i++) {
+        if (shm_regions[i].start == 0) {
+            shm_regions[i].start = h2g(*raddr);
+            shm_regions[i].size = shm_info.shm_segsz;
+            break;
+        }
+    }
+
+    return 0;
+}
+
+static inline abi_long do_shmdt(abi_ulong shmaddr)
+{
+    int i;
+
+    for (i = 0; i < N_SHM_REGIONS; ++i) {
+        if (shm_regions[i].start == shmaddr) {
+            shm_regions[i].start = 0;
+            page_set_flags(shmaddr, shm_regions[i].size, 0);
+            break;
+        }
+    }
+
+    return get_errno(shmdt(g2h(shmaddr)));
+}
+
 #ifdef TARGET_NR_ipc
 /* ??? This only works with linear mappings.  */
 /* do_ipc() must return target values and target errnos. */
@@ -2129,8 +2329,6 @@ static abi_long do_ipc(unsigned int call, int first,
 {
     int version;
     abi_long ret = 0;
-    struct shmid_ds shm_info;
-    int i;
 
     version = call >> 16;
     call &= 0xffff;
@@ -2185,72 +2383,40 @@ static abi_long do_ipc(unsigned int call, int first,
         break;
 
     case IPCOP_shmat:
-        {
-            abi_ulong raddr;
-            void *host_addr;
-            /* SHM_* flags are the same on all linux platforms */
-            host_addr = shmat(first, (void *)g2h(ptr), second);
-            if (host_addr == (void *)-1) {
-                ret = get_errno((long)host_addr);
-                break;
-            }
-            raddr = h2g((unsigned long)host_addr);
-            /* find out the length of the shared memory segment */
-            
-            ret = get_errno(shmctl(first, IPC_STAT, &shm_info));
-            if (is_error(ret)) {
-                /* can't get length, bail out */
-                shmdt(host_addr);
-                break;
-            }
-            page_set_flags(raddr, raddr + shm_info.shm_segsz,
-                           PAGE_VALID | PAGE_READ |
-                           ((second & SHM_RDONLY)? 0: PAGE_WRITE));
-            for (i = 0; i < N_SHM_REGIONS; ++i) {
-                if (shm_regions[i].start == 0) {
-                    shm_regions[i].start = raddr;
-                    shm_regions[i].size = shm_info.shm_segsz;
+        switch (version) {
+        default:
+            {
+                unsigned long raddr;
+
+                ret = do_shmat(first, ptr, second, &raddr);
+                if (ret)
                     break;
-                }
+
+                ret = put_user_ual(raddr, third);
+                break;
             }
-            if (put_user_ual(raddr, third))
-                return -TARGET_EFAULT;
-            ret = 0;
+        case 1:
+            ret = -TARGET_EINVAL;
+            break;
         }
-	break;
+        break;
+
     case IPCOP_shmdt:
-	for (i = 0; i < N_SHM_REGIONS; ++i) {
-	    if (shm_regions[i].start == ptr) {
-		shm_regions[i].start = 0;
-		page_set_flags(ptr, shm_regions[i].size, 0);
-		break;
-	    }
-	}
-	ret = get_errno(shmdt((void *)g2h(ptr)));
-	break;
+        ret = do_shmdt(ptr);
+        break;
 
     case IPCOP_shmget:
-	/* IPC_* flag values are the same on all linux platforms */
-	ret = get_errno(shmget(first, second, third));
-	break;
+        ret = get_errno(shmget(first, second, third));
+        break;
 
-	/* IPC_* and SHM_* command values are the same on all linux platforms */
     case IPCOP_shmctl:
-        switch(second) {
-        case IPC_RMID:
-        case SHM_LOCK:
-        case SHM_UNLOCK:
-            ret = get_errno(shmctl(first, second, NULL));
-            break;
-        default:
-            goto unimplemented;
-        }
+        ret = do_shmctl(first, second, third);
         break;
+
     default:
-    unimplemented:
-	gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
-	ret = -TARGET_ENOSYS;
-	break;
+        gemu_log("Unsupported ipc call: %d (version %d)\n", call, version);
+        ret = -TARGET_ENOSYS;
+        break;
     }
     return ret;
 }
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] Implement shm* syscalls

[Kirill A. Shutemov]

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |   26 ++++++++++++++++++++++++++
 1 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 8994cd0..d2f34b9 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5126,6 +5126,32 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
         ret = do_msgsnd(arg1, arg2, arg3, arg4);
         break;
 #endif
+#ifdef TARGET_NR_shmget
+    case TARGET_NR_shmget:
+        ret = get_errno(shmget(arg1, arg2, arg3));
+        break;
+#endif
+#ifdef TARGET_NR_shmctl
+    case TARGET_NR_shmctl:
+        ret = do_shmctl(arg1, arg2, arg3);
+        break;
+#endif
+#ifdef TARGET_NR_shmat
+    case TARGET_NR_shmat:
+        {
+            abi_long err;
+            unsigned long _ret;
+
+            err = do_shmat(arg1, arg2, arg3, &_ret);
+            ret = err ? err : _ret;
+        }
+        break;
+#endif
+#ifdef TARGET_NR_shmdt
+    case TARGET_NR_shmdt:
+        ret = do_shmdt(arg1);
+        break;
+#endif
     case TARGET_NR_fsync:
         ret = get_errno(fsync(arg1));
         break;
-- 
1.6.0.2.GIT

[Qemu-devel] [PATCH] shmat(): use mmap_find_vma to find free memory area

[Kirill A. Shutemov]

This patch depends on new implementation of mmap_find_vma().

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 linux-user/syscall.c |   32 ++++++++++++++++++++++++--------
 1 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d2f34b9..29765f0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -2271,25 +2271,40 @@ static inline abi_long do_shmctl(int shmid, int cmd, abi_long buf)
 static inline abi_long do_shmat(int shmid, abi_ulong shmaddr, int shmflg,
                                 unsigned long *raddr)
 {
+    abi_ulong mmap_find_vma(abi_ulong start, abi_ulong size);
     abi_long ret;
     struct shmid_ds shm_info;
     int i;
 
-    /* SHM_* flags are the same on all linux platforms */
-    *raddr = (unsigned long) shmat(shmid, g2h(shmaddr), shmflg);
-
-    if (*raddr == -1) {
-        return get_errno(*raddr);
-    }
-
     /* find out the length of the shared memory segment */
     ret = get_errno(shmctl(shmid, IPC_STAT, &shm_info));
     if (is_error(ret)) {
         /* can't get length, bail out */
-        shmdt((void *) *raddr);
         return get_errno(ret);
     }
 
+    mmap_lock();
+
+    if (shmaddr)
+        *raddr = (unsigned long) shmat(shmid, g2h(shmaddr), shmflg);
+    else {
+        abi_ulong mmap_start;
+
+        mmap_start = mmap_find_vma(0, shm_info.shm_segsz);
+
+        if (mmap_start == -1) {
+            errno = ENOMEM;
+            *raddr = -1;
+        } else
+            *raddr = (unsigned long) shmat(shmid, g2h(mmap_start),
+                                           shmflg | SHM_REMAP);
+    }
+
+    if (*raddr == -1) {
+        mmap_unlock();
+        return get_errno(*raddr);
+    }
+
     page_set_flags(h2g(*raddr), h2g(*raddr) + shm_info.shm_segsz,
                    PAGE_VALID | PAGE_READ |
                    ((shmflg & SHM_RDONLY)? 0 : PAGE_WRITE));
@@ -2302,6 +2317,7 @@ static inline abi_long do_shmat(int shmid, abi_ulong shmaddr, int shmflg,
         }
     }
 
+    mmap_unlock();
     return 0;
 }
 
-- 
1.6.0.2.GIT

Re: [Qemu-devel] [PATCH] mremap(): handle MREMAP_FIXED and MREMAP_MAYMOVE correctly

[Edgar E. Iglesias]

On Wed, Dec 03, 2008 at 01:29:44PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>


> ---
>  linux-user/mmap.c |   35 +++++++++++++++++++++++++++++------
>  1 files changed, 29 insertions(+), 6 deletions(-)
> 
> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> index 52e2dc8..0a1e27a 100644
> --- a/linux-user/mmap.c
> +++ b/linux-user/mmap.c
> @@ -544,19 +544,41 @@ int target_munmap(abi_ulong start, abi_ulong len)
>      return ret;
>  }
>  
> -/* XXX: currently, we only handle MAP_ANONYMOUS and not MAP_FIXED
> -   blocks which have been allocated starting on a host page */
>  abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
>                         abi_ulong new_size, unsigned long flags,
>                         abi_ulong new_addr)
>  {
>      int prot;
> -    unsigned long host_addr;
> +    void *host_addr;
>  
>      mmap_lock();
> -    /* XXX: use 5 args syscall */
> -    host_addr = (long)mremap(g2h(old_addr), old_size, new_size, flags);
> -    if (host_addr == -1) {
> +
> +    if (flags & MREMAP_FIXED)
> +        host_addr = mremap(g2h(old_addr), old_size, new_size,
> +                           flags, new_addr);
> +    else if (flags & MREMAP_MAYMOVE) {
> +        abi_ulong mmap_start;
> +
> +        mmap_start = mmap_find_vma(0, new_size);
> +
> +        if (mmap_start == -1) {
> +            errno = ENOMEM;
> +            host_addr = MAP_FAILED;
> +        } else
> +            host_addr = mremap(g2h(old_addr), old_size, new_size,
> +                               flags | MREMAP_FIXED, g2h(mmap_start));
> +    } else {
> +        host_addr = mremap(g2h(old_addr), old_size, new_size, flags);
> +        /* Check if address fits target address space */
> +        if ((unsigned long)host_addr + new_size > (abi_ulong)-1) {
> +            /* Revert mremap() changes */
> +            host_addr = mremap(g2h(old_addr), new_size, old_size, flags);
> +            errno = ENOMEM;
> +            host_addr = MAP_FAILED;
> +        }
> +    }
> +
> +    if (host_addr == MAP_FAILED) {
>          new_addr = -1;
>      } else {
>          new_addr = h2g(host_addr);
> @@ -564,6 +586,7 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
>          page_set_flags(old_addr, old_addr + old_size, 0);
>          page_set_flags(new_addr, new_addr + new_size, prot | PAGE_VALID);
>      }
> +
>      mmap_unlock();
>      return new_addr;
>  }
> -- 
> 1.6.0.2.GIT
> 
> 

Re: [Qemu-devel] [PATCH] mremap(): handle MREMAP_FIXED and MREMAP_MAYMOVE correctly

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 375 bytes --]

On Sat, Dec 06, 2008 at 08:51:01PM +0100, Edgar E. Iglesias wrote:
> On Wed, Dec 03, 2008 at 01:29:44PM +0200, Kirill A. Shutemov wrote:
> > Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> 
> Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Thanks.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] mremap(): handle MREMAP_FIXED and MREMAP_MAYMOVE correctly

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:44PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Applied. A description of the patch would have helped.

> ---
>  linux-user/mmap.c |   35 +++++++++++++++++++++++++++++------
>  1 files changed, 29 insertions(+), 6 deletions(-)
> 
> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> index 52e2dc8..0a1e27a 100644
> --- a/linux-user/mmap.c
> +++ b/linux-user/mmap.c
> @@ -544,19 +544,41 @@ int target_munmap(abi_ulong start, abi_ulong len)
>      return ret;
>  }
>  
> -/* XXX: currently, we only handle MAP_ANONYMOUS and not MAP_FIXED
> -   blocks which have been allocated starting on a host page */
>  abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
>                         abi_ulong new_size, unsigned long flags,
>                         abi_ulong new_addr)
>  {
>      int prot;
> -    unsigned long host_addr;
> +    void *host_addr;
>  
>      mmap_lock();
> -    /* XXX: use 5 args syscall */
> -    host_addr = (long)mremap(g2h(old_addr), old_size, new_size, flags);
> -    if (host_addr == -1) {
> +
> +    if (flags & MREMAP_FIXED)
> +        host_addr = mremap(g2h(old_addr), old_size, new_size,
> +                           flags, new_addr);
> +    else if (flags & MREMAP_MAYMOVE) {
> +        abi_ulong mmap_start;
> +
> +        mmap_start = mmap_find_vma(0, new_size);
> +
> +        if (mmap_start == -1) {
> +            errno = ENOMEM;
> +            host_addr = MAP_FAILED;
> +        } else
> +            host_addr = mremap(g2h(old_addr), old_size, new_size,
> +                               flags | MREMAP_FIXED, g2h(mmap_start));
> +    } else {
> +        host_addr = mremap(g2h(old_addr), old_size, new_size, flags);
> +        /* Check if address fits target address space */
> +        if ((unsigned long)host_addr + new_size > (abi_ulong)-1) {
> +            /* Revert mremap() changes */
> +            host_addr = mremap(g2h(old_addr), new_size, old_size, flags);
> +            errno = ENOMEM;
> +            host_addr = MAP_FAILED;
> +        }
> +    }
> +
> +    if (host_addr == MAP_FAILED) {
>          new_addr = -1;
>      } else {
>          new_addr = h2g(host_addr);
> @@ -564,6 +586,7 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
>          page_set_flags(old_addr, old_addr + old_size, 0);
>          page_set_flags(new_addr, new_addr + new_size, prot | PAGE_VALID);
>      }
> +
>      mmap_unlock();
>      return new_addr;
>  }
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] mmap: add check if requested memory area fits target address space

[Edgar E. Iglesias]

On Wed, Dec 03, 2008 at 01:29:43PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> ---
>  linux-user/mmap.c |   10 ++++++++++
>  1 files changed, 10 insertions(+), 0 deletions(-)
> 
> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> index d96917d..52e2dc8 100644
> --- a/linux-user/mmap.c
> +++ b/linux-user/mmap.c
> @@ -389,6 +389,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
>          end = start + len;
>          real_end = HOST_PAGE_ALIGN(end);
>  
> +	/*
> +	 * Test if requested memory area fits target address space
> +	 * It can fail only on 64-bit host with 32-bit target.
> +	 * On any other target/host host mmap() handles this error correctly.
> +	 */
> +        if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
> +            errno = EINVAL;
> +            goto fail;
> +        }
> +
>          for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
>              flg = page_get_flags(addr);
>              if (flg & PAGE_RESERVED) {

Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Re: [Qemu-devel] [PATCH] mmap: add check if requested memory area fits target address space

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 1368 bytes --]

On Sat, Dec 06, 2008 at 08:46:10PM +0100, Edgar E. Iglesias wrote:
> On Wed, Dec 03, 2008 at 01:29:43PM +0200, Kirill A. Shutemov wrote:
> > Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> > ---
> >  linux-user/mmap.c |   10 ++++++++++
> >  1 files changed, 10 insertions(+), 0 deletions(-)
> > 
> > diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> > index d96917d..52e2dc8 100644
> > --- a/linux-user/mmap.c
> > +++ b/linux-user/mmap.c
> > @@ -389,6 +389,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
> >          end = start + len;
> >          real_end = HOST_PAGE_ALIGN(end);
> >  
> > +	/*
> > +	 * Test if requested memory area fits target address space
> > +	 * It can fail only on 64-bit host with 32-bit target.
> > +	 * On any other target/host host mmap() handles this error correctly.
> > +	 */
> > +        if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
> > +            errno = EINVAL;
> > +            goto fail;
> > +        }
> > +
> >          for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
> >              flg = page_get_flags(addr);
> >              if (flg & PAGE_RESERVED) {
> 
> Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
 
Thanks.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] mmap: add check if requested memory area fits target address space

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:43PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Applied, thanks.

> ---
>  linux-user/mmap.c |   10 ++++++++++
>  1 files changed, 10 insertions(+), 0 deletions(-)
> 
> diff --git a/linux-user/mmap.c b/linux-user/mmap.c
> index d96917d..52e2dc8 100644
> --- a/linux-user/mmap.c
> +++ b/linux-user/mmap.c
> @@ -389,6 +389,16 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
>          end = start + len;
>          real_end = HOST_PAGE_ALIGN(end);
>  
> +	/*
> +	 * Test if requested memory area fits target address space
> +	 * It can fail only on 64-bit host with 32-bit target.
> +	 * On any other target/host host mmap() handles this error correctly.
> +	 */
> +        if ((unsigned long)start + len - 1 > (abi_ulong) -1) {
> +            errno = EINVAL;
> +            goto fail;
> +        }
> +
>          for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
>              flg = page_get_flags(addr);
>              if (flg & PAGE_RESERVED) {
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Paul Brook]

On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> qemu's page table can be incomple if /proc/self/maps is unavailable or
> host allocating a memory with mmap(), so we can't use it to find free
> memory area.

Do we really care? Do such systems exist?

Paul

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Christoph Egger]

On Wednesday 03 December 2008 13:34:18 Paul Brook wrote:
> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > qemu's page table can be incomple if /proc/self/maps is unavailable or
> > host allocating a memory with mmap(), so we can't use it to find free
> > memory area.
>
> Do we really care?

Yes.

> Do such systems exist? 

Any non-Linux system.

Christoph

-- 
AMD Saxony, Dresden, Germany
Operating System Research Center

Legal Information:
AMD Saxony Limited Liability Company & Co. KG
Sitz (Geschäftsanschrift):
   Wilschdorfer Landstr. 101, 01109 Dresden, Deutschland
Registergericht Dresden: HRA 4896
vertretungsberechtigter Komplementär:
   AMD Saxony LLC (Sitz Wilmington, Delaware, USA)
Geschäftsführer der AMD Saxony LLC:
   Dr. Hans-R. Deppe, Thomas McCoy

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Paul Brook]

On Wednesday 03 December 2008, Christoph Egger wrote:
> On Wednesday 03 December 2008 13:34:18 Paul Brook wrote:
> > On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > > qemu's page table can be incomple if /proc/self/maps is unavailable or
> > > host allocating a memory with mmap(), so we can't use it to find free
> > > memory area.
> >
> > Do we really care?
>
> Yes.
>
> > Do such systems exist?
>
> Any non-Linux system.

This is linux usermode emulation. It only works on linux systems anyway.

Paul

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 650 bytes --]

On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > qemu's page table can be incomple if /proc/self/maps is unavailable or
> > host allocating a memory with mmap(), so we can't use it to find free
> > memory area.
> 
> Do we really care? Do such systems exist?

I use qemu-arm to build packages in restricted environment -- in hasher[1].
hasher mounts /proc only for packages that really need it for building
(java, for example).

[1] http://en.altlinux.org/Hasher

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 828 bytes --]

On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> > On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > > qemu's page table can be incomple if /proc/self/maps is unavailable or
> > > host allocating a memory with mmap(), so we can't use it to find free
> > > memory area.
> > 
> > Do we really care? Do such systems exist?
> 
> I use qemu-arm to build packages in restricted environment -- in hasher[1].
> hasher mounts /proc only for packages that really need it for building
> (java, for example).
> 
> [1] http://en.altlinux.org/Hasher

Paul, do you have any objection or not? I really want to see it into
upstream.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Martin Mohring]

Kirill A. Shutemov wrote:
> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
>   
>> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
>>     
>>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
>>>       
>>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
>>>> host allocating a memory with mmap(), so we can't use it to find free
>>>> memory area.
>>>>         
>>> Do we really care? Do such systems exist?
>>>       
>> I use qemu-arm to build packages in restricted environment -- in hasher[1].
>> hasher mounts /proc only for packages that really need it for building
>> (java, for example).
>>
>> [1] http://en.altlinux.org/Hasher
>>     
>
> Paul, do you have any objection or not? I really want to see it into
> upstream
I have tested this also with OBS, where both of your cases can happen
(qemu-arm - linux-user). I works fine for me.

Martin

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Martin Mohring]

Kirill A. Shutemov wrote:
> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
>   
>> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
>>     
>>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
>>>       
>>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
>>>> host allocating a memory with mmap(), so we can't use it to find free
>>>> memory area.
>>>>         
>>> Do we really care? Do such systems exist?
>>>       
>> I use qemu-arm to build packages in restricted environment -- in hasher[1].
>> hasher mounts /proc only for packages that really need it for building
>> (java, for example).
>>
>> [1] http://en.altlinux.org/Hasher
>>     
>
> Paul, do you have any objection or not? I really want to see it into
> upstream.
>
>   
One question I have though... What happens, if a start up script (ini
script) run in qemu linux-user changes /proc/sys/vm/mmap_min_addr from 0
to say 65536? Can this ever work, without later memory allocs with
mmap() failing?

Martin

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 1421 bytes --]

On Mon, Dec 08, 2008 at 09:59:07PM +0100, Martin Mohring wrote:
> Kirill A. Shutemov wrote:
> > On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> >   
> >> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> >>     
> >>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> >>>       
> >>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
> >>>> host allocating a memory with mmap(), so we can't use it to find free
> >>>> memory area.
> >>>>         
> >>> Do we really care? Do such systems exist?
> >>>       
> >> I use qemu-arm to build packages in restricted environment -- in hasher[1].
> >> hasher mounts /proc only for packages that really need it for building
> >> (java, for example).
> >>
> >> [1] http://en.altlinux.org/Hasher
> >>     
> >
> > Paul, do you have any objection or not? I really want to see it into
> > upstream.
> >
> >   
> One question I have though... What happens, if a start up script (ini
> script) run in qemu linux-user changes /proc/sys/vm/mmap_min_addr from 0
> to say 65536? Can this ever work, without later memory allocs with
> mmap() failing?

If I understood you correctly, it's one more reason for new
mmap_find_vma(). I guess, it should work fine, but I haven't tested this
case.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Martin Mohring]

Kirill A. Shutemov wrote:
> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
>   
>> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
>>     
>>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
>>>       
>>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
>>>> host allocating a memory with mmap(), so we can't use it to find free
>>>> memory area.
>>>>         
>>> Do we really care? Do such systems exist?
>>>       
>> I use qemu-arm to build packages in restricted environment -- in hasher[1].
>> hasher mounts /proc only for packages that really need it for building
>> (java, for example).
>>
>> [1] http://en.altlinux.org/Hasher
>>     
>
> Paul, do you have any objection or not? I really want to see it into
> upstream.
>   
And last, but not least: what if I have a very old Debian Etch, where
the kernel does not have MREMAP defined? E.g.:

gcc -I. -I.. -I/usr/src/packages/BUILD/target-i386
-I/usr/src/packages/BUILD -MMD -MT mmap.o -MP -DNEED_CPU_H -D_GNU_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -I/usr/src/packages/BUILD/tcg
-I/usr/src/packages/BUILD/tcg/i386 -I/usr/src/packages/BUILD/fpu
-I/usr/src/packages/BUILD/linux-user
-I/usr/src/packages/BUILD/linux-user/i386 -O2 -g -fno-strict-aliasing
-Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
-Wstrict-prototypes -Wredundant-decls -m32 -c -o mmap.o
/usr/src/packages/BUILD/linux-user/mmap.c
/usr/src/packages/BUILD/linux-user/mmap.c:265: warning: no previous
prototype for 'mmap_find_vma'
/usr/src/packages/BUILD/linux-user/mmap.c: In function 'target_mremap':
/usr/src/packages/BUILD/linux-user/mmap.c:556: error: 'MREMAP_FIXED'
undeclared (first use in this function)
/usr/src/packages/BUILD/linux-user/mmap.c:556: error: (Each undeclared
identifier is reported only once
/usr/src/packages/BUILD/linux-user/mmap.c:556: error: for each function
it appears in.)
/usr/src/packages/BUILD/linux-user/mmap.c:558: error: too many arguments
to function 'mremap'
/usr/src/packages/BUILD/linux-user/mmap.c:569: error: too many arguments
to function 'mremap'


Martin

[Qemu-devel] qemu and glibc version

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 2718 bytes --]

On Mon, Dec 08, 2008 at 10:02:59PM +0100, Martin Mohring wrote:
> Kirill A. Shutemov wrote:
> > On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> >   
> >> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> >>     
> >>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> >>>       
> >>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
> >>>> host allocating a memory with mmap(), so we can't use it to find free
> >>>> memory area.
> >>>>         
> >>> Do we really care? Do such systems exist?
> >>>       
> >> I use qemu-arm to build packages in restricted environment -- in hasher[1].
> >> hasher mounts /proc only for packages that really need it for building
> >> (java, for example).
> >>
> >> [1] http://en.altlinux.org/Hasher
> >>     
> >
> > Paul, do you have any objection or not? I really want to see it into
> > upstream.
> >   
> And last, but not least: what if I have a very old Debian Etch, where
> the kernel does not have MREMAP defined? E.g.:
> 
> gcc -I. -I.. -I/usr/src/packages/BUILD/target-i386
> -I/usr/src/packages/BUILD -MMD -MT mmap.o -MP -DNEED_CPU_H -D_GNU_SOURCE
> -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -I/usr/src/packages/BUILD/tcg
> -I/usr/src/packages/BUILD/tcg/i386 -I/usr/src/packages/BUILD/fpu
> -I/usr/src/packages/BUILD/linux-user
> -I/usr/src/packages/BUILD/linux-user/i386 -O2 -g -fno-strict-aliasing
> -Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
> -Wstrict-prototypes -Wredundant-decls -m32 -c -o mmap.o
> /usr/src/packages/BUILD/linux-user/mmap.c
> /usr/src/packages/BUILD/linux-user/mmap.c:265: warning: no previous
> prototype for 'mmap_find_vma'
> /usr/src/packages/BUILD/linux-user/mmap.c: In function 'target_mremap':
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: 'MREMAP_FIXED'
> undeclared (first use in this function)
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: (Each undeclared
> identifier is reported only once
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: for each function
> it appears in.)
> /usr/src/packages/BUILD/linux-user/mmap.c:558: error: too many arguments
> to function 'mremap'
> /usr/src/packages/BUILD/linux-user/mmap.c:569: error: too many arguments
> to function 'mremap'

Oops... My fault. glibc < 2.4 doesn't provide this functionality. I'll try to
fix it.

Another way is increase version of glibc required for linux user emulation in
qemu. After it we can strip a lot of crap from linux-user/syscall.c and
meke it easier for supporting. 

What do you think.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Robert Reif]

Martin Mohring wrote:
> Kirill A. Shutemov wrote:
>   
>> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
>>   
>>     
>>> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
>>>     
>>>       
>>>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
>>>>       
>>>>         
>>>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
>>>>> host allocating a memory with mmap(), so we can't use it to find free
>>>>> memory area.
>>>>>         
>>>>>           
>>>> Do we really care? Do such systems exist?
>>>>       
>>>>         
>>> I use qemu-arm to build packages in restricted environment -- in hasher[1].
>>> hasher mounts /proc only for packages that really need it for building
>>> (java, for example).
>>>
>>> [1] http://en.altlinux.org/Hasher
>>>     
>>>       
>> Paul, do you have any objection or not? I really want to see it into
>> upstream.
>>   
>>     
> And last, but not least: what if I have a very old Debian Etch, where
> the kernel does not have MREMAP defined? E.g.:
>
> gcc -I. -I.. -I/usr/src/packages/BUILD/target-i386
> -I/usr/src/packages/BUILD -MMD -MT mmap.o -MP -DNEED_CPU_H -D_GNU_SOURCE
> -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -I/usr/src/packages/BUILD/tcg
> -I/usr/src/packages/BUILD/tcg/i386 -I/usr/src/packages/BUILD/fpu
> -I/usr/src/packages/BUILD/linux-user
> -I/usr/src/packages/BUILD/linux-user/i386 -O2 -g -fno-strict-aliasing
> -Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
> -Wstrict-prototypes -Wredundant-decls -m32 -c -o mmap.o
> /usr/src/packages/BUILD/linux-user/mmap.c
> /usr/src/packages/BUILD/linux-user/mmap.c:265: warning: no previous
> prototype for 'mmap_find_vma'
> /usr/src/packages/BUILD/linux-user/mmap.c: In function 'target_mremap':
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: 'MREMAP_FIXED'
> undeclared (first use in this function)
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: (Each undeclared
> identifier is reported only once
> /usr/src/packages/BUILD/linux-user/mmap.c:556: error: for each function
> it appears in.)
> /usr/src/packages/BUILD/linux-user/mmap.c:558: error: too many arguments
> to function 'mremap'
> /usr/src/packages/BUILD/linux-user/mmap.c:569: error: too many arguments
> to function 'mremap'
>
>
> Martin
>
>
>
>
>   
I get this same build error now with RedHat 9.

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 3620 bytes --]

On Tue, Dec 09, 2008 at 07:25:25AM -0500, Robert Reif wrote:
> Martin Mohring wrote:
> > Kirill A. Shutemov wrote:
> >   
> >> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> >>   
> >>     
> >>> On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> >>>     
> >>>       
> >>>> On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> >>>>       
> >>>>         
> >>>>> qemu's page table can be incomple if /proc/self/maps is unavailable or
> >>>>> host allocating a memory with mmap(), so we can't use it to find free
> >>>>> memory area.
> >>>>>         
> >>>>>           
> >>>> Do we really care? Do such systems exist?
> >>>>       
> >>>>         
> >>> I use qemu-arm to build packages in restricted environment -- in hasher[1].
> >>> hasher mounts /proc only for packages that really need it for building
> >>> (java, for example).
> >>>
> >>> [1] http://en.altlinux.org/Hasher
> >>>     
> >>>       
> >> Paul, do you have any objection or not? I really want to see it into
> >> upstream.
> >>   
> >>     
> > And last, but not least: what if I have a very old Debian Etch, where
> > the kernel does not have MREMAP defined? E.g.:
> >
> > gcc -I. -I.. -I/usr/src/packages/BUILD/target-i386
> > -I/usr/src/packages/BUILD -MMD -MT mmap.o -MP -DNEED_CPU_H -D_GNU_SOURCE
> > -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -I/usr/src/packages/BUILD/tcg
> > -I/usr/src/packages/BUILD/tcg/i386 -I/usr/src/packages/BUILD/fpu
> > -I/usr/src/packages/BUILD/linux-user
> > -I/usr/src/packages/BUILD/linux-user/i386 -O2 -g -fno-strict-aliasing
> > -Wall -Wundef -Wendif-labels -Wwrite-strings -Wmissing-prototypes
> > -Wstrict-prototypes -Wredundant-decls -m32 -c -o mmap.o
> > /usr/src/packages/BUILD/linux-user/mmap.c
> > /usr/src/packages/BUILD/linux-user/mmap.c:265: warning: no previous
> > prototype for 'mmap_find_vma'
> > /usr/src/packages/BUILD/linux-user/mmap.c: In function 'target_mremap':
> > /usr/src/packages/BUILD/linux-user/mmap.c:556: error: 'MREMAP_FIXED'
> > undeclared (first use in this function)
> > /usr/src/packages/BUILD/linux-user/mmap.c:556: error: (Each undeclared
> > identifier is reported only once
> > /usr/src/packages/BUILD/linux-user/mmap.c:556: error: for each function
> > it appears in.)
> > /usr/src/packages/BUILD/linux-user/mmap.c:558: error: too many arguments
> > to function 'mremap'
> > /usr/src/packages/BUILD/linux-user/mmap.c:569: error: too many arguments
> > to function 'mremap'
> >
> >
> > Martin
> >
> >
> >
> >
> >   
> I get this same build error now with RedHat 9.

Please, try it:

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 89254ae..b632bee 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -24,6 +24,8 @@
 #include <unistd.h>
 #include <errno.h>
 #include <sys/mman.h>
+#include <linux/mman.h>
+#include <linux/unistd.h>
 
 #include "qemu.h"
 #include "qemu-common.h"
@@ -564,9 +566,11 @@ abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
         if (mmap_start == -1) {
             errno = ENOMEM;
             host_addr = MAP_FAILED;
-        } else
-            host_addr = mremap(g2h(old_addr), old_size, new_size,
-                               flags | MREMAP_FIXED, g2h(mmap_start));
+        } else {
+	    host_addr = (void *) syscall(__NR_mremap, g2h(old_addr),
+			    old_size, new_size, flags | MREMAP_FIXED,
+			    g2h(mmap_start));
+	}
     } else {
         host_addr = mremap(g2h(old_addr), old_size, new_size, flags);
         /* Check if address fits target address space */

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Paul Brook]

On Monday 08 December 2008, Kirill A. Shutemov wrote:
> On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> > On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> > > On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > > > qemu's page table can be incomple if /proc/self/maps is unavailable
> > > > or host allocating a memory with mmap(), so we can't use it to find
> > > > free memory area.
> > >
> > > Do we really care? Do such systems exist?
> >
> > I use qemu-arm to build packages in restricted environment -- in
> > hasher[1]. hasher mounts /proc only for packages that really need it for
> > building (java, for example).
> >
> > [1] http://en.altlinux.org/Hasher
>
> Paul, do you have any objection or not? I really want to see it into
> upstream.

My objection is that we're replacing a fairly deterministic code that 
maintains an address map with something that uses host mmap fairly 
aggressively to do probing. I'm not sure this is a good thing.

I'm a bit worried that we've now got a strange mix of code that "knows" which 
areas are available and code that does probing. I'm also a bit worried about 
the overhead of doing that probing.

> > One question I have though... What happens, if a start up script (ini
> > script) run in qemu linux-user changes /proc/sys/vm/mmap_min_addr from 0
> > to say 65536? Can this ever work, without later memory allocs with
> > mmap() failing?
>
> If I understood you correctly, it's one more reason for new
> mmap_find_vma(). I guess, it should work fine, but I haven't tested this
> case.

That's generally a different problem. Linux applications tend to be mapped at 
a fixed address (typically 0x8000 for ARM) If your host system has randomly 
decided to disallow this then you've much bigger problems..

Paul

Re: [Qemu-devel] [PATCH] Rewrite mmap_find_vma() to work fine on 64-bit hosts with 32-bit targets

[Kirill A. Shutemov]

[-- Attachment #1.1: Type: text/plain, Size: 3034 bytes --]

On Mon, Dec 08, 2008 at 11:42:10PM +0000, Paul Brook wrote:
> On Monday 08 December 2008, Kirill A. Shutemov wrote:
> > On Wed, Dec 03, 2008 at 02:50:57PM +0200, Kirill A. Shutemov wrote:
> > > On Wed, Dec 03, 2008 at 12:34:18PM +0000, Paul Brook wrote:
> > > > On Wednesday 03 December 2008, Kirill A. Shutemov wrote:
> > > > > qemu's page table can be incomple if /proc/self/maps is unavailable
> > > > > or host allocating a memory with mmap(), so we can't use it to find
> > > > > free memory area.
> > > >
> > > > Do we really care? Do such systems exist?
> > >
> > > I use qemu-arm to build packages in restricted environment -- in
> > > hasher[1]. hasher mounts /proc only for packages that really need it for
> > > building (java, for example).
> > >
> > > [1] http://en.altlinux.org/Hasher
> >
> > Paul, do you have any objection or not? I really want to see it into
> > upstream.
> 
> My objection is that we're replacing a fairly deterministic code that 
> maintains an address map with something that uses host mmap fairly 
> aggressively to do probing. I'm not sure this is a good thing.

In most cases we need only one probe to find hole.

Allocate 100Mb 10 times:
$ time arm-linux-user/qemu-arm ~/tmp/test 10 100000000
it takes 1 probes
it takes 1 probes
count: 10, size: 100000000
chunk 0
it takes 1 probes
0x40082000
chunk 1
it takes 1 probes
0x45fe1000
chunk 2
it takes 1 probes
0x4bf40000
chunk 3
it takes 1 probes
0x51e9f000
chunk 4
it takes 1 probes
0x57dfe000
chunk 5
it takes 21734 probes
0x63242000
chunk 6
it takes 1 probes
0x691a1000
chunk 7
it takes 1 probes
0x6f100000
chunk 8
it takes 1 probes
0x7505f000
chunk 9
it takes 1 probes
0x7afbe000
arm-linux-user/qemu-arm ~/tmp/test 10 100000000  0,01s user 0,08s system
98% cpu 0,096 total

test.c attached.

> I'm a bit worried that we've now got a strange mix of code that "knows" which 
> areas are available and code that does probing. I'm also a bit worried about 
> the overhead of doing that probing.

It takes ~3.3 seconds on my system to probe whole address space. I don't
think that it's a lot.

> > > One question I have though... What happens, if a start up script (ini
> > > script) run in qemu linux-user changes /proc/sys/vm/mmap_min_addr from 0
> > > to say 65536? Can this ever work, without later memory allocs with
> > > mmap() failing?
> >
> > If I understood you correctly, it's one more reason for new
> > mmap_find_vma(). I guess, it should work fine, but I haven't tested this
> > case.
> 
> That's generally a different problem. Linux applications tend to be mapped at 
> a fixed address (typically 0x8000 for ARM) If your host system has randomly 
> decided to disallow this then you've much bigger problems..

Understood. On other hand the old code knows nothing about mmap_min_addr
since it only uses page table and we will got EPERM on mmap().
-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #1.2: test.c --]
[-- Type: text/plain, Size: 587 bytes --]

#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/mman.h>

int main(int argc, char** argv)
{
	int count;
	size_t size;
	int i;

	if (argc < 3)
		return 1;

	count = atoi(argv[1]);
	size = atoll(argv[2]);

	printf("count: %d, size: %zd\n", count, size);

	for(i=0; i < count; i++) {
		void *p;

		printf("chunk %d\n", i);
		p = mmap(NULL, size, PROT_NONE, 
				MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
		if (p == MAP_FAILED) {
			printf("%s\n", strerror(errno));
		} else {
			printf("%p\n", p);
		}
	}

	return 0;
}

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] linux-user: Fix h2g usage in page_find_alloc

[Edgar E. Iglesias]

On Wed, Dec 03, 2008 at 01:29:41PM +0200, Kirill A. Shutemov wrote:
> From: Jan Kiszka <jan.kiszka@web.de>
> 
> Paul's comment on my first approach to fix the h2g usage in
> page_find_alloc finally open my eyes about what the code is actually
> supposed to do:
> 
> With the help of h2g_valid we can no cleanly check if a freshly allocate
> page (for host usage) is guest-reachable and, in case it is, mark it
> reserved in the guest's address range.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

> ---
>  exec.c |    5 ++---
>  1 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/exec.c b/exec.c
> index 58a0cff..105812f 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -305,14 +305,13 @@ static inline PageDesc *page_find_alloc(target_ulong index)
>      if (!p) {
>          /* allocate if not found */
>  #if defined(CONFIG_USER_ONLY)
> -        unsigned long addr;
>          size_t len = sizeof(PageDesc) * L2_SIZE;
>          /* Don't use qemu_malloc because it may recurse.  */
>          p = mmap(0, len, PROT_READ | PROT_WRITE,
>                   MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
>          *lp = p;
> -        addr = h2g(p);
> -        if (addr == (target_ulong)addr) {
> +        if (h2g_valid(p)) {
> +            unsigned long addr = h2g(p);
>              page_set_flags(addr & TARGET_PAGE_MASK,
>                             TARGET_PAGE_ALIGN(addr + len),
>                             PAGE_RESERVED); 
> -- 
> 1.6.0.2.GIT
> 
> 

Re: [Qemu-devel] [PATCH] linux-user: Fix h2g usage in page_find_alloc

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 842 bytes --]

On Sat, Dec 06, 2008 at 09:08:33PM +0100, Edgar E. Iglesias wrote:
> On Wed, Dec 03, 2008 at 01:29:41PM +0200, Kirill A. Shutemov wrote:
> > From: Jan Kiszka <jan.kiszka@web.de>
> > 
> > Paul's comment on my first approach to fix the h2g usage in
> > page_find_alloc finally open my eyes about what the code is actually
> > supposed to do:
> > 
> > With the help of h2g_valid we can no cleanly check if a freshly allocate
> > page (for host usage) is guest-reachable and, in case it is, mark it
> > reserved in the guest's address range.
> > 
> > Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> > Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> 
> Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

Thanks.

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] linux-user: Fix h2g usage in page_find_alloc

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:41PM +0200, Kirill A. Shutemov wrote:
> From: Jan Kiszka <jan.kiszka@web.de>
> 
> Paul's comment on my first approach to fix the h2g usage in
> page_find_alloc finally open my eyes about what the code is actually
> supposed to do:
> 
> With the help of h2g_valid we can no cleanly check if a freshly allocate
> page (for host usage) is guest-reachable and, in case it is, mark it
> reserved in the guest's address range.

Applied, thanks.

> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> ---
>  exec.c |    5 ++---
>  1 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/exec.c b/exec.c
> index 58a0cff..105812f 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -305,14 +305,13 @@ static inline PageDesc *page_find_alloc(target_ulong index)
>      if (!p) {
>          /* allocate if not found */
>  #if defined(CONFIG_USER_ONLY)
> -        unsigned long addr;
>          size_t len = sizeof(PageDesc) * L2_SIZE;
>          /* Don't use qemu_malloc because it may recurse.  */
>          p = mmap(0, len, PROT_READ | PROT_WRITE,
>                   MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
>          *lp = p;
> -        addr = h2g(p);
> -        if (addr == (target_ulong)addr) {
> +        if (h2g_valid(p)) {
> +            unsigned long addr = h2g(p);
>              page_set_flags(addr & TARGET_PAGE_MASK,
>                             TARGET_PAGE_ALIGN(addr + len),
>                             PAGE_RESERVED); 
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] linux-user: Introduce h2g_valid

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:40PM +0200, Kirill A. Shutemov wrote:
> From: Jan Kiszka <jan.kiszka@web.de>
> 
> Introduce h2g_valid to check if a given host address can be converted
> into a valid guest address.

Applied. I have seen the patch has been modified since Jan Kiszka posted
it to the mailing list. Not sure a Signed-off-by still applies in that
case.

> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> ---
>  cpu-all.h |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)
> 
> diff --git a/cpu-all.h b/cpu-all.h
> index 526ace2..341c38e 100644
> --- a/cpu-all.h
> +++ b/cpu-all.h
> @@ -638,6 +638,10 @@ static inline void stfq_be_p(void *ptr, float64 v)
>      assert(__ret == (abi_ulong)__ret); \
>      (abi_ulong)__ret; \
>  })
> +#define h2g_valid(x) ({ \
> +    unsigned long __guest = (unsigned long)(x) - GUEST_BASE; \
> +    (__guest == (abi_ulong)__guest); \
> +})
>  
>  #define saddr(x) g2h(x)
>  #define laddr(x) g2h(x)
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Edgar E. Iglesias]

On Wed, Dec 03, 2008 at 01:29:39PM +0200, Kirill A. Shutemov wrote:
> From: Jan Kiszka <jan.kiszka@web.de>
> 
> h2g can only work on 64-bit hosts if the provided address is mappable to
> the guest range. Neglecting this was already the source for several
> bugs. Instrument the macro so that it will trigger earlier in the
> future (at least as long as we have this kind of mapping mechanism).
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>

> ---
>  cpu-all.h |   10 +++++++++-
>  1 files changed, 9 insertions(+), 1 deletions(-)
> 
> diff --git a/cpu-all.h b/cpu-all.h
> index 73c7b4c..526ace2 100644
> --- a/cpu-all.h
> +++ b/cpu-all.h
> @@ -621,6 +621,9 @@ static inline void stfq_be_p(void *ptr, float64 v)
>  /* MMU memory access macros */
>  
>  #if defined(CONFIG_USER_ONLY)
> +#include <assert.h>
> +#include "qemu-types.h"
> +
>  /* On some host systems the guest address space is reserved on the host.
>   * This allows the guest address space to be offset to a convenient location.
>   */
> @@ -629,7 +632,12 @@ static inline void stfq_be_p(void *ptr, float64 v)
>  
>  /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
>  #define g2h(x) ((void *)((unsigned long)(x) + GUEST_BASE))
> -#define h2g(x) ((target_ulong)((unsigned long)(x) - GUEST_BASE))
> +#define h2g(x) ({ \
> +    unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
> +    /* Check if given address fits target address space */ \
> +    assert(__ret == (abi_ulong)__ret); \
> +    (abi_ulong)__ret; \
> +})
>  
>  #define saddr(x) g2h(x)
>  #define laddr(x) g2h(x)
> -- 
> 1.6.0.2.GIT

Re: [Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:39PM +0200, Kirill A. Shutemov wrote:
> From: Jan Kiszka <jan.kiszka@web.de>
> 
> h2g can only work on 64-bit hosts if the provided address is mappable to
> the guest range. Neglecting this was already the source for several
> bugs. Instrument the macro so that it will trigger earlier in the
> future (at least as long as we have this kind of mapping mechanism).
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

Applied. I have seen the patch has been modified since Jan Kiszka posted
it to the mailing list. Not sure a Signed-off-by still applies in that
case.

> ---
>  cpu-all.h |   10 +++++++++-
>  1 files changed, 9 insertions(+), 1 deletions(-)
> 
> diff --git a/cpu-all.h b/cpu-all.h
> index 73c7b4c..526ace2 100644
> --- a/cpu-all.h
> +++ b/cpu-all.h
> @@ -621,6 +621,9 @@ static inline void stfq_be_p(void *ptr, float64 v)
>  /* MMU memory access macros */
>  
>  #if defined(CONFIG_USER_ONLY)
> +#include <assert.h>
> +#include "qemu-types.h"
> +
>  /* On some host systems the guest address space is reserved on the host.
>   * This allows the guest address space to be offset to a convenient location.
>   */
> @@ -629,7 +632,12 @@ static inline void stfq_be_p(void *ptr, float64 v)
>  
>  /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
>  #define g2h(x) ((void *)((unsigned long)(x) + GUEST_BASE))
> -#define h2g(x) ((target_ulong)((unsigned long)(x) - GUEST_BASE))
> +#define h2g(x) ({ \
> +    unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
> +    /* Check if given address fits target address space */ \
> +    assert(__ret == (abi_ulong)__ret); \
> +    (abi_ulong)__ret; \
> +})
>  
>  #define saddr(x) g2h(x)
>  #define laddr(x) g2h(x)
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Andreas Färber]

Am 08.12.2008 um 19:15 schrieb Aurelien Jarno:

> On Wed, Dec 03, 2008 at 01:29:39PM +0200, Kirill A. Shutemov wrote:
>> From: Jan Kiszka <jan.kiszka@web.de>
>>
>> h2g can only work on 64-bit hosts if the provided address is  
>> mappable to
>> the guest range. Neglecting this was already the source for several
>> bugs. Instrument the macro so that it will trigger earlier in the
>> future (at least as long as we have this kind of mapping mechanism).
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
>> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
>
> Applied. I have seen the patch has been modified since Jan Kiszka  
> posted
> it to the mailing list. Not sure a Signed-off-by still applies in that
> case.

Removing a Signed-off-by for code that is kept is a no-go to my  
knowledge. It's supposed to track through whom all the code went  
copyright- and GPL-wise, according to Kerneltrap.

Andreas

Re: [Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 2123 bytes --]

Aurelien Jarno wrote:
> On Wed, Dec 03, 2008 at 01:29:39PM +0200, Kirill A. Shutemov wrote:
>> From: Jan Kiszka <jan.kiszka@web.de>
>>
>> h2g can only work on 64-bit hosts if the provided address is mappable to
>> the guest range. Neglecting this was already the source for several
>> bugs. Instrument the macro so that it will trigger earlier in the
>> future (at least as long as we have this kind of mapping mechanism).
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
>> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> 
> Applied. I have seen the patch has been modified since Jan Kiszka posted
> it to the mailing list. Not sure a Signed-off-by still applies in that
> case.

Kirill correctly pointed out to me that target_ulong should rather be
abi_ulong here and in the other patch.

Good to see these changes finally merged!

Jan

> 
>> ---
>>  cpu-all.h |   10 +++++++++-
>>  1 files changed, 9 insertions(+), 1 deletions(-)
>>
>> diff --git a/cpu-all.h b/cpu-all.h
>> index 73c7b4c..526ace2 100644
>> --- a/cpu-all.h
>> +++ b/cpu-all.h
>> @@ -621,6 +621,9 @@ static inline void stfq_be_p(void *ptr, float64 v)
>>  /* MMU memory access macros */
>>  
>>  #if defined(CONFIG_USER_ONLY)
>> +#include <assert.h>
>> +#include "qemu-types.h"
>> +
>>  /* On some host systems the guest address space is reserved on the host.
>>   * This allows the guest address space to be offset to a convenient location.
>>   */
>> @@ -629,7 +632,12 @@ static inline void stfq_be_p(void *ptr, float64 v)
>>  
>>  /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
>>  #define g2h(x) ((void *)((unsigned long)(x) + GUEST_BASE))
>> -#define h2g(x) ((target_ulong)((unsigned long)(x) - GUEST_BASE))
>> +#define h2g(x) ({ \
>> +    unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
>> +    /* Check if given address fits target address space */ \
>> +    assert(__ret == (abi_ulong)__ret); \
>> +    (abi_ulong)__ret; \
>> +})
>>  
>>  #define saddr(x) g2h(x)
>>  #define laddr(x) g2h(x)
>> -- 
>> 1.6.0.2.GIT
>>
>>
>>
>>
> 



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 258 bytes --]

Re: [Qemu-devel] [PATCH] Move abi_* typedefs into qemu-types.h

[Aurelien Jarno]

Any rational?

On Wed, Dec 03, 2008 at 01:29:38PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> ---
>  bsd-user/qemu-types.h   |   24 ++++++++++++++++++++++++
>  bsd-user/qemu.h         |   20 +-------------------
>  linux-user/qemu-types.h |   24 ++++++++++++++++++++++++
>  linux-user/qemu.h       |   20 +-------------------
>  4 files changed, 50 insertions(+), 38 deletions(-)
>  create mode 100644 bsd-user/qemu-types.h
>  create mode 100644 linux-user/qemu-types.h
> 
> diff --git a/bsd-user/qemu-types.h b/bsd-user/qemu-types.h
> new file mode 100644
> index 0000000..1adda9f
> --- /dev/null
> +++ b/bsd-user/qemu-types.h
> @@ -0,0 +1,24 @@
> +#ifndef QEMU_TYPES_H
> +#define QEMU_TYPES_H
> +#include "cpu.h"
> +
> +#ifdef TARGET_ABI32
> +typedef uint32_t abi_ulong;
> +typedef int32_t abi_long;
> +#define TARGET_ABI_FMT_lx "%08x"
> +#define TARGET_ABI_FMT_ld "%d"
> +#define TARGET_ABI_FMT_lu "%u"
> +#define TARGET_ABI_BITS 32
> +#else
> +typedef target_ulong abi_ulong;
> +typedef target_long abi_long;
> +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> +#define TARGET_ABI_BITS TARGET_LONG_BITS
> +/* for consistency, define ABI32 too */
> +#if TARGET_ABI_BITS == 32
> +#define TARGET_ABI32 1
> +#endif
> +#endif
> +#endif
> diff --git a/bsd-user/qemu.h b/bsd-user/qemu.h
> index 0a55ac3..3ea0044 100644
> --- a/bsd-user/qemu.h
> +++ b/bsd-user/qemu.h
> @@ -11,25 +11,7 @@
>  #include <stdlib.h>
>  #endif /* DEBUG_REMAP */
>  
> -#ifdef TARGET_ABI32
> -typedef uint32_t abi_ulong;
> -typedef int32_t abi_long;
> -#define TARGET_ABI_FMT_lx "%08x"
> -#define TARGET_ABI_FMT_ld "%d"
> -#define TARGET_ABI_FMT_lu "%u"
> -#define TARGET_ABI_BITS 32
> -#else
> -typedef target_ulong abi_ulong;
> -typedef target_long abi_long;
> -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> -#define TARGET_ABI_BITS TARGET_LONG_BITS
> -/* for consistency, define ABI32 too */
> -#if TARGET_ABI_BITS == 32
> -#define TARGET_ABI32 1
> -#endif
> -#endif
> +#include "qemu-types.h"
>  
>  enum BSDType {
>      target_freebsd,
> diff --git a/linux-user/qemu-types.h b/linux-user/qemu-types.h
> new file mode 100644
> index 0000000..1adda9f
> --- /dev/null
> +++ b/linux-user/qemu-types.h
> @@ -0,0 +1,24 @@
> +#ifndef QEMU_TYPES_H
> +#define QEMU_TYPES_H
> +#include "cpu.h"
> +
> +#ifdef TARGET_ABI32
> +typedef uint32_t abi_ulong;
> +typedef int32_t abi_long;
> +#define TARGET_ABI_FMT_lx "%08x"
> +#define TARGET_ABI_FMT_ld "%d"
> +#define TARGET_ABI_FMT_lu "%u"
> +#define TARGET_ABI_BITS 32
> +#else
> +typedef target_ulong abi_ulong;
> +typedef target_long abi_long;
> +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> +#define TARGET_ABI_BITS TARGET_LONG_BITS
> +/* for consistency, define ABI32 too */
> +#if TARGET_ABI_BITS == 32
> +#define TARGET_ABI32 1
> +#endif
> +#endif
> +#endif
> diff --git a/linux-user/qemu.h b/linux-user/qemu.h
> index 52835ec..b620c97 100644
> --- a/linux-user/qemu.h
> +++ b/linux-user/qemu.h
> @@ -11,25 +11,7 @@
>  #include <stdlib.h>
>  #endif /* DEBUG_REMAP */
>  
> -#ifdef TARGET_ABI32
> -typedef uint32_t abi_ulong;
> -typedef int32_t abi_long;
> -#define TARGET_ABI_FMT_lx "%08x"
> -#define TARGET_ABI_FMT_ld "%d"
> -#define TARGET_ABI_FMT_lu "%u"
> -#define TARGET_ABI_BITS 32
> -#else
> -typedef target_ulong abi_ulong;
> -typedef target_long abi_long;
> -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> -#define TARGET_ABI_BITS TARGET_LONG_BITS
> -/* for consistency, define ABI32 too */
> -#if TARGET_ABI_BITS == 32
> -#define TARGET_ABI32 1
> -#endif
> -#endif
> +#include "qemu-types.h"
>  
>  #include "thunk.h"
>  #include "syscall_defs.h"
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] Move abi_* typedefs into qemu-types.h

[Kirill A. Shutemov]

[-- Attachment #1: Type: text/plain, Size: 4939 bytes --]

On Sun, Dec 07, 2008 at 10:56:25PM +0100, Aurelien Jarno wrote:
> Any rational?

See next patch. We can't include qemu.h into cpu-all.h because of
recursion. So I split qemu.h into two parts.

> On Wed, Dec 03, 2008 at 01:29:38PM +0200, Kirill A. Shutemov wrote:
> > Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> > ---
> >  bsd-user/qemu-types.h   |   24 ++++++++++++++++++++++++
> >  bsd-user/qemu.h         |   20 +-------------------
> >  linux-user/qemu-types.h |   24 ++++++++++++++++++++++++
> >  linux-user/qemu.h       |   20 +-------------------
> >  4 files changed, 50 insertions(+), 38 deletions(-)
> >  create mode 100644 bsd-user/qemu-types.h
> >  create mode 100644 linux-user/qemu-types.h
> > 
> > diff --git a/bsd-user/qemu-types.h b/bsd-user/qemu-types.h
> > new file mode 100644
> > index 0000000..1adda9f
> > --- /dev/null
> > +++ b/bsd-user/qemu-types.h
> > @@ -0,0 +1,24 @@
> > +#ifndef QEMU_TYPES_H
> > +#define QEMU_TYPES_H
> > +#include "cpu.h"
> > +
> > +#ifdef TARGET_ABI32
> > +typedef uint32_t abi_ulong;
> > +typedef int32_t abi_long;
> > +#define TARGET_ABI_FMT_lx "%08x"
> > +#define TARGET_ABI_FMT_ld "%d"
> > +#define TARGET_ABI_FMT_lu "%u"
> > +#define TARGET_ABI_BITS 32
> > +#else
> > +typedef target_ulong abi_ulong;
> > +typedef target_long abi_long;
> > +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> > +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> > +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> > +#define TARGET_ABI_BITS TARGET_LONG_BITS
> > +/* for consistency, define ABI32 too */
> > +#if TARGET_ABI_BITS == 32
> > +#define TARGET_ABI32 1
> > +#endif
> > +#endif
> > +#endif
> > diff --git a/bsd-user/qemu.h b/bsd-user/qemu.h
> > index 0a55ac3..3ea0044 100644
> > --- a/bsd-user/qemu.h
> > +++ b/bsd-user/qemu.h
> > @@ -11,25 +11,7 @@
> >  #include <stdlib.h>
> >  #endif /* DEBUG_REMAP */
> >  
> > -#ifdef TARGET_ABI32
> > -typedef uint32_t abi_ulong;
> > -typedef int32_t abi_long;
> > -#define TARGET_ABI_FMT_lx "%08x"
> > -#define TARGET_ABI_FMT_ld "%d"
> > -#define TARGET_ABI_FMT_lu "%u"
> > -#define TARGET_ABI_BITS 32
> > -#else
> > -typedef target_ulong abi_ulong;
> > -typedef target_long abi_long;
> > -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> > -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> > -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> > -#define TARGET_ABI_BITS TARGET_LONG_BITS
> > -/* for consistency, define ABI32 too */
> > -#if TARGET_ABI_BITS == 32
> > -#define TARGET_ABI32 1
> > -#endif
> > -#endif
> > +#include "qemu-types.h"
> >  
> >  enum BSDType {
> >      target_freebsd,
> > diff --git a/linux-user/qemu-types.h b/linux-user/qemu-types.h
> > new file mode 100644
> > index 0000000..1adda9f
> > --- /dev/null
> > +++ b/linux-user/qemu-types.h
> > @@ -0,0 +1,24 @@
> > +#ifndef QEMU_TYPES_H
> > +#define QEMU_TYPES_H
> > +#include "cpu.h"
> > +
> > +#ifdef TARGET_ABI32
> > +typedef uint32_t abi_ulong;
> > +typedef int32_t abi_long;
> > +#define TARGET_ABI_FMT_lx "%08x"
> > +#define TARGET_ABI_FMT_ld "%d"
> > +#define TARGET_ABI_FMT_lu "%u"
> > +#define TARGET_ABI_BITS 32
> > +#else
> > +typedef target_ulong abi_ulong;
> > +typedef target_long abi_long;
> > +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> > +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> > +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> > +#define TARGET_ABI_BITS TARGET_LONG_BITS
> > +/* for consistency, define ABI32 too */
> > +#if TARGET_ABI_BITS == 32
> > +#define TARGET_ABI32 1
> > +#endif
> > +#endif
> > +#endif
> > diff --git a/linux-user/qemu.h b/linux-user/qemu.h
> > index 52835ec..b620c97 100644
> > --- a/linux-user/qemu.h
> > +++ b/linux-user/qemu.h
> > @@ -11,25 +11,7 @@
> >  #include <stdlib.h>
> >  #endif /* DEBUG_REMAP */
> >  
> > -#ifdef TARGET_ABI32
> > -typedef uint32_t abi_ulong;
> > -typedef int32_t abi_long;
> > -#define TARGET_ABI_FMT_lx "%08x"
> > -#define TARGET_ABI_FMT_ld "%d"
> > -#define TARGET_ABI_FMT_lu "%u"
> > -#define TARGET_ABI_BITS 32
> > -#else
> > -typedef target_ulong abi_ulong;
> > -typedef target_long abi_long;
> > -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> > -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> > -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> > -#define TARGET_ABI_BITS TARGET_LONG_BITS
> > -/* for consistency, define ABI32 too */
> > -#if TARGET_ABI_BITS == 32
> > -#define TARGET_ABI32 1
> > -#endif
> > -#endif
> > +#include "qemu-types.h"
> >  
> >  #include "thunk.h"
> >  #include "syscall_defs.h"
> > -- 
> > 1.6.0.2.GIT
> > 
> > 
> > 
> > 
> 
> -- 
>   .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
>  : :' :  Debian developer           | Electrical Engineer
>  `. `'   aurel32@debian.org         | aurelien@aurel32.net
>    `-    people.debian.org/~aurel32 | www.aurel32.net

-- 
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + ALT Linux Team, http://www.altlinux.org/

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [Qemu-devel] [PATCH] Move abi_* typedefs into qemu-types.h

[Aurelien Jarno]

On Wed, Dec 03, 2008 at 01:29:38PM +0200, Kirill A. Shutemov wrote:
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>


Applied, thanks. In the future, it would be nice if you can put a short
description to the patch, even if it may be obvious.

> ---
>  bsd-user/qemu-types.h   |   24 ++++++++++++++++++++++++
>  bsd-user/qemu.h         |   20 +-------------------
>  linux-user/qemu-types.h |   24 ++++++++++++++++++++++++
>  linux-user/qemu.h       |   20 +-------------------
>  4 files changed, 50 insertions(+), 38 deletions(-)
>  create mode 100644 bsd-user/qemu-types.h
>  create mode 100644 linux-user/qemu-types.h
> 
> diff --git a/bsd-user/qemu-types.h b/bsd-user/qemu-types.h
> new file mode 100644
> index 0000000..1adda9f
> --- /dev/null
> +++ b/bsd-user/qemu-types.h
> @@ -0,0 +1,24 @@
> +#ifndef QEMU_TYPES_H
> +#define QEMU_TYPES_H
> +#include "cpu.h"
> +
> +#ifdef TARGET_ABI32
> +typedef uint32_t abi_ulong;
> +typedef int32_t abi_long;
> +#define TARGET_ABI_FMT_lx "%08x"
> +#define TARGET_ABI_FMT_ld "%d"
> +#define TARGET_ABI_FMT_lu "%u"
> +#define TARGET_ABI_BITS 32
> +#else
> +typedef target_ulong abi_ulong;
> +typedef target_long abi_long;
> +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> +#define TARGET_ABI_BITS TARGET_LONG_BITS
> +/* for consistency, define ABI32 too */
> +#if TARGET_ABI_BITS == 32
> +#define TARGET_ABI32 1
> +#endif
> +#endif
> +#endif
> diff --git a/bsd-user/qemu.h b/bsd-user/qemu.h
> index 0a55ac3..3ea0044 100644
> --- a/bsd-user/qemu.h
> +++ b/bsd-user/qemu.h
> @@ -11,25 +11,7 @@
>  #include <stdlib.h>
>  #endif /* DEBUG_REMAP */
>  
> -#ifdef TARGET_ABI32
> -typedef uint32_t abi_ulong;
> -typedef int32_t abi_long;
> -#define TARGET_ABI_FMT_lx "%08x"
> -#define TARGET_ABI_FMT_ld "%d"
> -#define TARGET_ABI_FMT_lu "%u"
> -#define TARGET_ABI_BITS 32
> -#else
> -typedef target_ulong abi_ulong;
> -typedef target_long abi_long;
> -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> -#define TARGET_ABI_BITS TARGET_LONG_BITS
> -/* for consistency, define ABI32 too */
> -#if TARGET_ABI_BITS == 32
> -#define TARGET_ABI32 1
> -#endif
> -#endif
> +#include "qemu-types.h"
>  
>  enum BSDType {
>      target_freebsd,
> diff --git a/linux-user/qemu-types.h b/linux-user/qemu-types.h
> new file mode 100644
> index 0000000..1adda9f
> --- /dev/null
> +++ b/linux-user/qemu-types.h
> @@ -0,0 +1,24 @@
> +#ifndef QEMU_TYPES_H
> +#define QEMU_TYPES_H
> +#include "cpu.h"
> +
> +#ifdef TARGET_ABI32
> +typedef uint32_t abi_ulong;
> +typedef int32_t abi_long;
> +#define TARGET_ABI_FMT_lx "%08x"
> +#define TARGET_ABI_FMT_ld "%d"
> +#define TARGET_ABI_FMT_lu "%u"
> +#define TARGET_ABI_BITS 32
> +#else
> +typedef target_ulong abi_ulong;
> +typedef target_long abi_long;
> +#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> +#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> +#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> +#define TARGET_ABI_BITS TARGET_LONG_BITS
> +/* for consistency, define ABI32 too */
> +#if TARGET_ABI_BITS == 32
> +#define TARGET_ABI32 1
> +#endif
> +#endif
> +#endif
> diff --git a/linux-user/qemu.h b/linux-user/qemu.h
> index 52835ec..b620c97 100644
> --- a/linux-user/qemu.h
> +++ b/linux-user/qemu.h
> @@ -11,25 +11,7 @@
>  #include <stdlib.h>
>  #endif /* DEBUG_REMAP */
>  
> -#ifdef TARGET_ABI32
> -typedef uint32_t abi_ulong;
> -typedef int32_t abi_long;
> -#define TARGET_ABI_FMT_lx "%08x"
> -#define TARGET_ABI_FMT_ld "%d"
> -#define TARGET_ABI_FMT_lu "%u"
> -#define TARGET_ABI_BITS 32
> -#else
> -typedef target_ulong abi_ulong;
> -typedef target_long abi_long;
> -#define TARGET_ABI_FMT_lx TARGET_FMT_lx
> -#define TARGET_ABI_FMT_ld TARGET_FMT_ld
> -#define TARGET_ABI_FMT_lu TARGET_FMT_lu
> -#define TARGET_ABI_BITS TARGET_LONG_BITS
> -/* for consistency, define ABI32 too */
> -#if TARGET_ABI_BITS == 32
> -#define TARGET_ABI32 1
> -#endif
> -#endif
> +#include "qemu-types.h"
>  
>  #include "thunk.h"
>  #include "syscall_defs.h"
> -- 
> 1.6.0.2.GIT
> 
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net

Re: [Qemu-devel] [PATCH] Introduce --enable-binfmt-misc configure option

[Riku Voipio]

On Wed, Dec 03, 2008 at 01:29:36PM +0200, Kirill A. Shutemov wrote:
> It makes qemu compatible with binfmt_misc's flags 'P' and 'O'.
> 
> 'P' - preserve-argv[0].  Legacy behavior of binfmt_misc is to overwrite the
>       original argv[0] with the full path to the binary.  When this flag is
>       included, binfmt_misc will add an argument to the argument vector for
>       this purpose, thus preserving the original argv[0].
> 
> 'O' - open-binary. Legacy behavior of binfmt_misc is to pass the full path
>       of the binary to the interpreter as an argument. When this flag is
>       included, binfmt_misc will open the file for reading and pass its
>       descriptor as an argument, instead of the full path, thus allowing
>       the interpreter to execute non-readable binaries.
>
> Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
> ---
>  configure              |   90 ++++++++++++++++++++++++++----------------------
>  linux-user/linuxload.c |    7 +---
>  linux-user/main.c      |   39 ++++++++++++++++++++-
>  linux-user/qemu.h      |    2 +-
>  4 files changed, 89 insertions(+), 49 deletions(-)
> 
> diff --git a/configure b/configure
> index 57b3b5a..aeeae72 100755
> --- a/configure
> +++ b/configure
> @@ -122,6 +122,7 @@ kvm="yes"
>  kerneldir=""
>  aix="no"
>  blobs="yes"
> +binfmt_misc="no"
>  
>  # OS specific
>  targetos=`uname -s`
> @@ -380,6 +381,8 @@ for opt do
>    ;;
>    --kerneldir=*) kerneldir="$optarg"
>    ;;
> +  --enable-binfmt-misc) binfmt_misc="yes"
> +  ;;
>    *) echo "ERROR: unknown option $opt"; show_help="yes"
>    ;;
>    esac
> @@ -491,6 +494,7 @@ echo "  --disable-vde            disable support for vde network"
>  echo "  --disable-aio            disable AIO support"
>  echo "  --disable-blobs          disable installing provided firmware blobs"
>  echo "  --kerneldir=PATH         look for kernel includes in PATH"
> +echo "  --enable-binfmt-misc     makes usermode compatible with binfmt_misc's flags 'P' and 'O'"
>  echo ""
>  echo "NOTE: The object files are built at the place where configure is launched"
>  exit 1
> @@ -1041,57 +1045,58 @@ else
>    binsuffix="/bin"
>  fi
>  
> -echo "Install prefix    $prefix"
> -echo "BIOS directory    $prefix$datasuffix"
> -echo "binary directory  $prefix$binsuffix"
> +echo "Install prefix      $prefix"
> +echo "BIOS directory      $prefix$datasuffix"
> +echo "binary directory    $prefix$binsuffix"

Whitespace changes mixed with code changes :-/

> +#include "elf.h"
>  /* For tb_lock */
>  #include "exec-all.h"
>  
> @@ -2214,9 +2215,10 @@ void init_task_state(TaskState *ts)
>      ts->sigqueue_table[i].next = NULL;
>  }
>   
> -int main(int argc, char **argv)
> +int main(int argc, char **argv, char **envp)
>  {
>      const char *filename;
> +    int fd = -1;
>      const char *cpu_model;
>      struct target_pt_regs regs1, *regs = &regs1;
>      struct image_info info1, *info = &info1;
> @@ -2377,7 +2379,40 @@ int main(int argc, char **argv)
>      }
>      *dst = NULL; /* NULL terminate target_environ */
>  
> -    if (loader_exec(filename, argv+optind, target_environ, regs, info) != 0) {
> +#ifdef BINFMT_MISC
> +#if HOST_LONG_BITS == 32
> +#define Elf_Dyn Elf32_Dyn
> +#else 
> +#define Elf_Dyn Elf64_Dyn
> +#endif
> +    {
> +        Elf_Dyn *auxv;
> +
> +        optind++; /* Handle binfmt_misc's option 'P' */
> +
> +        /* Handle binfmt_misc's option 'O' */
> +        while(*envp++ != NULL); /* skip envp. we are on auxv now */
> +        for(auxv = (Elf_Dyn *)envp; auxv->d_tag != AT_NULL; auxv++) {
> +            if( auxv->d_tag == AT_EXECFD) {
> +                fd = auxv->d_un.d_val;
> +                break;
> +            }
> +        }
> +
> +        if (fd < 0) {
> +            printf("Cannot find binary file descriptor\n");
> +            _exit(1);
> +        }
> +    }
> +#else
> +    fd = open(filename, O_RDONLY);
> +    if (fd < 0) {
> +        printf("Cannot open file %s: %s\n", filename, strerror(errno));
> +        _exit(1);
> +    }
> +#endif

If I read this correctly, it means this patch means that linux-user
doesn't work from command line if configured with --enable-binfmt-misc.

I think it would be better to add a wrapper (as recommended by
binfmt-misc docs in kernel) that sets these binfmt options to new qemu
command line arguments ( --argv0, --open-fd). Assuming the binfmt_misc
passed FD survives exec, the wrapper should work fine. This wrapper
could well be shipped with qemu.

[Qemu-devel] [PATCH] linux-user: Safety belt for h2g

[Jan Kiszka]

h2g can only work on 64-bit hosts if the provided address is mappable to
the guest range. Neglecting this was already the source for several
bugs. Instrument the macro so that it will trigger earlier in the
future (at least as long as we have this kind of mapping mechanism).

Signed-off-by: Jan Kiszka <jan.kiszka@web.de>
---
 cpu-all.h |    8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

Index: b/cpu-all.h
===================================================================
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -659,6 +659,8 @@ static inline void stfq_be_p(void *ptr,
 /* MMU memory access macros */
 
 #if defined(CONFIG_USER_ONLY)
+#include <assert.h>
+
 /* On some host systems the guest address space is reserved on the host.
  * This allows the guest address space to be offset to a convenient location.
  */
@@ -667,7 +669,11 @@ static inline void stfq_be_p(void *ptr,
 
 /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
 #define g2h(x) ((void *)((unsigned long)(x) + GUEST_BASE))
-#define h2g(x) ((target_ulong)((unsigned long)(x) - GUEST_BASE))
+#define h2g(x) ({ \
+    unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
+    assert(__ret == (target_ulong)__ret); \
+    __ret; \
+})
 
 #define saddr(x) g2h(x)
 #define laddr(x) g2h(x)