From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=37697 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PRAk6-0005Yb-8J
	for qemu-devel@nongnu.org; Fri, 10 Dec 2010 16:43:07 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefboombastic@gmail.com>) id 1PRAk5-0006lp-0t
	for qemu-devel@nongnu.org; Fri, 10 Dec 2010 16:43:06 -0500
Received: from mail-ww0-f53.google.com ([74.125.82.53]:62204)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefboombastic@gmail.com>) id 1PRAk4-0006lc-Qi
	for qemu-devel@nongnu.org; Fri, 10 Dec 2010 16:43:04 -0500
Received: by wwi18 with SMTP id 18so3967968wwi.10
	for <qemu-devel@nongnu.org>; Fri, 10 Dec 2010 13:43:03 -0800 (PST)
Message-ID: <4D029EE5.40202@gmail.com>
Date: Fri, 10 Dec 2010 22:43:01 +0100
From: Stefano Bonifazi <stefboombastic@gmail.com>
MIME-Version: 1.0
References: <4CFF6E8F.7000300@gmail.com>
	<1291812551-12590-1-git-send-email-pbonzini@redhat.com>
	<4CFFFC1A.1090001@gmail.com> <4D008246.9070500@redhat.com>
	<4D0111E5.5070702@gmail.com> <4D01EA70.1040906@redhat.com>
In-Reply-To: <4D01EA70.1040906@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] Re: [PATCH] fix qruncom compilation problems
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel@nongnu.org

On 12/10/2010 09:53 AM, Paolo Bonzini wrote:
> On 12/09/2010 06:29 PM, Stefano Bonifazi wrote:
>> how can one think that addresses around zero are free for a mapping??
>
> Addresses around zero are always free, because if they weren't you 
> couldn't detect NULL pointer dereferences reliably.
>
> mmap-ing at zero thus is a tricky operation, because it removes the 
> possibility to detect NULL pointer dereferences.  What's worse, such 
> ability would be lost even for _kernel_ dereferences of NULL, thus 
> opening a large security hole for privilege-escalation or kernel 
> exploits.  So, mmap-ing addresses close to zero is restricted to root.
>
> Paolo

Hi!
Thank you! Very clear explanation! :)

- So why can't I simply change the following:
> vm86_mem = mmap((void *)0x00000000, 0x110000,
>                     PROT_WRITE | PROT_READ | PROT_EXEC,
>                     MAP_FIXED|MAP_ANON | MAP_PRIVATE, -1, 0);
> page_set_flags(0x00000000, 0x110000,
>                    PAGE_WRITE | PAGE_READ | PAGE_EXEC | PAGE_VALID);
into something like:
>> vm86_mem = mmap((void *)0x00000000, 0x110000,
>>                     PROT_WRITE | PROT_READ | PROT_EXEC,
>>                     MAP_ANON | MAP_PRIVATE, -1, 0);
>> page_set_flags(vm86_mem, 0x110000+vm86_mem,
>>                    PAGE_WRITE | PAGE_READ | PAGE_EXEC | PAGE_VALID);
?


- Any luck with the tcg fatal error? I am trying to understand how tcg 
works for fixing the error.. but it is so complicated! :)
Thank You again!
Best Regards!
Stefano B.