Re: [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Riku Voipio <riku.voipio@iki.fi>
To: "Jan-Simon Möller" <dl9pf@gmx.de>
Cc: Martin Mohring <martin.mohring@opensuse.org>,
	Riku Voipio <riku.voipio@iki.fi>,
	qemu-devel@nongnu.org, Aurelien Jarno <aurelien@aurel32.net>,
	Richard Henderson <rth@twiddle.net>
Subject: Re: [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3
Date: Wed, 17 Mar 2010 11:48:07 +0000	[thread overview]
Message-ID: <20100317114807.GA13278@afflict.kos.to> (raw)
In-Reply-To: <201003151608.46624.dl9pf@gmx.de>

On Mon, Mar 15, 2010 at 04:08:46PM +0100, Jan-Simon Möller wrote:
> Am Montag, 15. März 2010 15:48:03 schrieb Riku Voipio:
> > On Mon, Mar 15, 2010 at 01:46:10PM +0100, Jan-Simon Möller wrote:
> > > root@frodo:/# qemu-arm -strace /sbin/ldconfig.real
> > > 16359 uname(0x403fef78) = 0
> > > 16359 brk(NULL) = 0x000a9000
> > > 16359 brk(0x000a9d08) = 0x000a9d08
> > > 16359 open("/dev/urandom",O_RDONLY) = 3
> > > 16359 read(3,0x403ff27d,3) = 3
> > > 16359 close(3) = 0
> > > [...]
> > > 16359 stat64("/usr/lib/libgettextlib.so",0x403fdf28) = 0
> > > 16359 stat64("/usr/lib/libgettextpo.so.0",0x403fdec0) = 0
> > > 16359 stat64("/usr/lib/libgettextpo.so.0.4.0",0x403fdf28) = 0
> > > 16359 stat64("/usr/lib/libpython2.6.so.1.0",0x403fdec0) = 0
> > > 16359 stat64("/usr/lib/libpython2.6.so.1.0",0x403fdf28) = 0
> > > 16359 open("/etc/ld.so.cache~",O_WRONLY|O_CREAT|O_NOFOLLOW|O_TRUNC,0600)
> > > = 3 16359 write(3,0xb03d0,1288) = 1288
> > > 16359 write(3,0x403ff0a0,0) = -1 errno=14 (Bad address)
 
> > A zero sized write. According to manpage ok.
 
> > In qemu we do a lock_user to to get the string to write. Richards change
> >  changes the access checks the get called by lock_user:

> > page_check_range:
> > 
> > -    if (start + len < start)
> > -        /* we've wrapped around */
> > ...
> > +    if (start + len - 1 < start) {
> > +        /* We've wrapped around.  */
> > 
> > This now blows up with len = 0;

> Confirmed. A quick test with  if (len > 0) around and ldconfig.real runs.

Richard, would you be ok with that change? Or should we rather have explicit 

if (len == 0) return 0;

?

next prev parent reply	other threads:[~2010-03-17 11:48 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-10 23:59 [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3 Richard Henderson
2010-03-10 22:33 ` [Qemu-devel] [PATCH 1/6] Move TARGET_PHYS_ADDR_SPACE_BITS to target-*/cpu.h Richard Henderson
2010-03-11 11:11   ` Aurelien Jarno
2010-03-11 15:19     ` Richard Henderson
2010-03-10 22:36 ` [Qemu-devel] [PATCH 2/6] Use TARGET_VIRT_ADDR_SPACE_BITS in h2g_valid Richard Henderson
2010-03-10 22:38 ` [Qemu-devel] [PATCH 3/6] linux-user: Use h2g_valid in qemu_vmalloc Richard Henderson
2010-03-10 23:39 ` [Qemu-devel] [PATCH 4/6] linux-user: Fix mmap_find_vma returning invalid addresses Richard Henderson
2010-03-10 23:53 ` [Qemu-devel] [PATCH 5/6] Implement multi-level page tables Richard Henderson
2010-03-13 22:48   ` Stefan Weil
2010-03-14 15:02     ` Paul Brook
2010-03-14 16:41       ` Aurelien Jarno
2010-03-10 23:57 ` [Qemu-devel] [PATCH 6/6] Fix last page errors in page_check_range and page_set_flags Richard Henderson
2010-03-12 18:51 ` [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3 Paul Brook
2010-03-12 19:26   ` Blue Swirl
2010-03-12 23:28     ` Paul Brook
2010-03-13 12:45   ` Aurelien Jarno
2010-03-13 14:00     ` Martin Mohring
2010-03-15  7:45       ` Riku Voipio
2010-03-15 12:46         ` Jan-Simon Möller
2010-03-15 14:48           ` Riku Voipio
2010-03-15 15:08             ` Jan-Simon Möller
2010-03-17 11:48               ` Riku Voipio [this message]
2010-03-17 14:32                 ` Richard Henderson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100317114807.GA13278@afflict.kos.to \
    --to=riku.voipio@iki.fi \
    --cc=aurelien@aurel32.net \
    --cc=dl9pf@gmx.de \
    --cc=martin.mohring@opensuse.org \
    --cc=qemu-devel@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).