qemu-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 246611: linux-user: Check array bounds in err


From: GitHub
Subject: [Qemu-commits] [qemu/qemu] 246611: linux-user: Check array bounds in errno conversion
Date: Fri, 27 May 2016 07:30:05 -0700

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 2466119c9551d606a0f92f9832e0c865bc04b488
      
https://github.com/qemu/qemu/commit/2466119c9551d606a0f92f9832e0c865bc04b488
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Check array bounds in errno conversion

Check array bounds in host_to_target_errno() and target_to_host_errno().

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Add a lower-bound check, use braces on if(), tweak commit message]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>


  Commit: a3ca7bb2592010eedca31abd11d3ab451cf3b738
      
https://github.com/qemu/qemu/commit/a3ca7bb2592010eedca31abd11d3ab451cf3b738
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Consistently return host errnos from do_openat()

The function do_openat() is not consistent about whether it is
returning a host errno or a guest errno in case of failure.
Standardise on returning -1 with errno set (ie caller has
to call get_errno()).

Signed-off-by: Peter Maydell <address@hidden>
Reported-by: Timothy Edward Baldwin <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>


  Commit: da7c8647e51f1f82fb98c40933d0950bca988a6c
      
https://github.com/qemu/qemu/commit/da7c8647e51f1f82fb98c40933d0950bca988a6c
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Reindent signal handling

Some of the signal handling was a mess with a mixture of tabs and 8 space
indents.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: just rebased]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 14896d32814c78ed5b97a22fbd9e5a6cddc2de80
      
https://github.com/qemu/qemu/commit/14896d32814c78ed5b97a22fbd9e5a6cddc2de80
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/errno_defs.h

  Log Message:
  -----------
  linux-user: Define TARGET_ERESTART* errno values

Define TARGET_ERESTARTSYS; like the kernel, we will use this to
indicate that a guest system call should be restarted. We use
the same value the kernel does for this, 512.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
[PMM: split out from the patch which moves and renumbers
 TARGET_QEMU_ESIGRETURN, add comment on usage]
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 499b5d176a77773cab5479264a3d5067176df21c
      
https://github.com/qemu/qemu/commit/499b5d176a77773cab5479264a3d5067176df21c
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/errno_defs.h
    M linux-user/mips/target_syscall.h
    M linux-user/mips64/target_syscall.h
    M linux-user/ppc/target_syscall.h

  Log Message:
  -----------
  linux-user: Renumber TARGET_QEMU_ESIGRETURN, make it not arch-specific

Currently we define a QEMU-internal errno TARGET_QEMU_ESIGRETURN
only on the MIPS and PPC targets; move this to errno_defs.h
so it is available for all architectures, and renumber it to 513.
We pick 513 because this is safe from future use as a system call return
value: Linux uses it as ERESTART_NOINTR internally and never allows that
errno to escape to userspace.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: TARGET_ERESTARTSYS split out into preceding patch, add comment]
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 0284b03ba3f47da53b6b46293a3d586c08829f7e
      
https://github.com/qemu/qemu/commit/0284b03ba3f47da53b6b46293a3d586c08829f7e
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/signal.c
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for x86 targets

Update the x86 main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code rather than passing it
   back out as the "return code" from do_sigreturn()
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch EAX

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: Commit message tweaks; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: f0267ef7115656119bf00ed77857789adc036bda
      
https://github.com/qemu/qemu/commit/f0267ef7115656119bf00ed77857789adc036bda
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/arm/target_signal.h
    M linux-user/main.c
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for ARM targets

Update the 32-bit and 64-bit ARM main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 2eb3ae27ec3b797eba16338c08dfac23465f0d7b
      
https://github.com/qemu/qemu/commit/2eb3ae27ec3b797eba16338c08dfac23465f0d7b
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/mips/target_signal.h
    M linux-user/mips64/target_signal.h

  Log Message:
  -----------
  linux-user: Support for restarting system calls for MIPS targets

Update the MIPS main loop code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn

(We already handle TARGET_QEMU_ESIGRETURN.)

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 6db9d00e2f05db0dfcc1a4d8b811fdd40170c91c
      
https://github.com/qemu/qemu/commit/6db9d00e2f05db0dfcc1a4d8b811fdd40170c91c
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/ppc/target_signal.h

  Log Message:
  -----------
  linux-user: Support for restarting system calls for PPC targets

Update the PPC main loop code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn

(We already handle TARGET_QEMU_ESIGRETURN.)

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: c0bea68f9ea48f0dea7a06a259a613bfd3a7e35e
      
https://github.com/qemu/qemu/commit/c0bea68f9ea48f0dea7a06a259a613bfd3a7e35e
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/signal.c
    M linux-user/sparc/target_signal.h
    M linux-user/sparc64/target_signal.h

  Log Message:
  -----------
  linux-user: Support for restarting system calls for SPARC targets

Update the SPARC main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Commit message tweaks; drop TARGET_USE_ERESTARTSYS define]
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: ba41249678f8c1504bf07706ddb0eda0d36cccc2
      
https://github.com/qemu/qemu/commit/ba41249678f8c1504bf07706ddb0eda0d36cccc2
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/sh4/target_signal.h
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for SH4 targets

Update the SH4 main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 338c858c946017cd3ec8c2be06d817e001d94bc3
      
https://github.com/qemu/qemu/commit/338c858c946017cd3ec8c2be06d817e001d94bc3
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/alpha/target_signal.h
    M linux-user/main.c
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for Alpha targets

Update the Alpha main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define;
 PC is env->pc, not env->ir[IR_PV]]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 256cb6af7f04ae385883408084b3ef989e2423d8
      
https://github.com/qemu/qemu/commit/256cb6af7f04ae385883408084b3ef989e2423d8
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for UniCore32 targets

Update the UniCore32 main loop code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

(We don't support signals on this target so there is no sigreturn code
to update.)

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 7fe7231a4904529404e85517888112c0acc0de4e
      
https://github.com/qemu/qemu/commit/7fe7231a4904529404e85517888112c0acc0de4e
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/openrisc/target_signal.h

  Log Message:
  -----------
  linux-user: Support for restarting system calls for OpenRISC targets

Update the OpenRISC main loop code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

(We don't implement sigreturn on this target so there is no
code there to update.)

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 7ccb84a91618eda626b12ce83d62cfe678cfc58f
      
https://github.com/qemu/qemu/commit/7ccb84a91618eda626b12ce83d62cfe678cfc58f
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/m68k/target_signal.h
    M linux-user/main.c
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for M68K targets

Update the M68K main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 47405ab642101c8ea0472ae434ab4bd2bc1fa41f
      
https://github.com/qemu/qemu/commit/47405ab642101c8ea0472ae434ab4bd2bc1fa41f
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/s390x/target_signal.h
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for S390 targets

Update the S390 main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: tweak commit message; remove stray double semicolon; drop
 TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 6205086558955402983f1c2ff9e4c3ebe9f1c678
      
https://github.com/qemu/qemu/commit/6205086558955402983f1c2ff9e4c3ebe9f1c678
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/cris/target_signal.h
    M linux-user/main.c
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for CRIS targets

Update the CRIS main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Edgar E. Iglesias <address@hidden>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: a9175169cc55ecff23a158dfee7d9cbb0b75d185
      
https://github.com/qemu/qemu/commit/a9175169cc55ecff23a158dfee7d9cbb0b75d185
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/signal.c
    M linux-user/tilegx/target_signal.h

  Log Message:
  -----------
  linux-user: Support for restarting system calls for tilegx targets

Update the tilegx main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * return -TARGET_QEMU_ESIGRETURN from sigreturn rather than current R_RE
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Note that this fixes a bug where a sigreturn which happened to have
an errno value in TILEGX_R_RE would incorrectly cause TILEGX_R_ERR
to get set.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: d7749ab770601258be7ae862b5827c42bb35e44c
      
https://github.com/qemu/qemu/commit/d7749ab770601258be7ae862b5827c42bb35e44c
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c

  Log Message:
  -----------
  linux-user: Set r14 on exit from microblaze syscall

All syscall exits on microblaze result in r14 being equal to the
PC we return to, because the kernel syscall exit instruction "rtbd"
does this. (This is true even for sigreturn(); note that r14 is
not a userspace-usable register as the kernel may clobber it at
any point.)

Emulate the setting of r14 on exit; this isn't really a guest
visible change for valid guest code because r14 isn't reliably
observable anyway. However having the code and the comment helps
to explain why it's ok for the ERESTARTSYS handling not to undo
the changes to r14 that happen on syscall entry.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 4134ecfeb903c362558cb1cb594ff532fd83fb84
      
https://github.com/qemu/qemu/commit/4134ecfeb903c362558cb1cb594ff532fd83fb84
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/main.c
    M linux-user/microblaze/target_signal.h
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user: Support for restarting system calls for Microblaze targets

Update the Microblaze main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state

Note that this in passing fixes a bug where we were corrupting
the guest r[3] on sigreturn with the guest's r[10] because
do_sigreturn() was returning env->regs[10] but the register for
syscall return values is env->regs[3].

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
Reviewed-by: Edgar E. Iglesias <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
[PMM: Commit message tweaks; drop TARGET_USE_ERESTARTSYS define;
 drop whitespace changes]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 71a8f7fece3e42dc55e865e081866f62f5c8c07e
      
https://github.com/qemu/qemu/commit/71a8f7fece3e42dc55e865e081866f62f5c8c07e
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Add debug code to exercise restarting system calls

If DEBUG_ERESTARTSYS is set restart all system calls once. This
is pure debug code for exercising the syscall restart code paths
in the per-architecture cpu main loops.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Add comment and a commented-out #define next to the commented-out
 generic DEBUG #define; remove the check on TARGET_USE_ERESTARTSYS;
 tweak comment message]
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 4d330cee37a21aabfc619a1948953559e66951a4
      
https://github.com/qemu/qemu/commit/4d330cee37a21aabfc619a1948953559e66951a4
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M Makefile.target
    M linux-user/Makefile.objs
    A linux-user/host/generic/hostdep.h
    A linux-user/host/x86_64/hostdep.h
    A linux-user/host/x86_64/safe-syscall.inc.S
    M linux-user/qemu.h
    A linux-user/safe-syscall.S
    M linux-user/signal.c
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Provide safe_syscall for fixing races between signals and syscalls

If a signal is delivered immediately before a blocking system call the
handler will only be called after the system call returns, which may be a
long time later or never.

This is fixed by using a function (safe_syscall) that checks if a guest
signal is pending prior to making a system call, and if so does not call the
system call and returns -TARGET_ERESTARTSYS. If a signal is received between
the check and the system call host_signal_handler() rewinds execution to
before the check. This rewinding has the effect of closing the race window
so that safe_syscall will reliably either (a) go into the host syscall
with no unprocessed guest signals pending or or (b) return
-TARGET_ERESTARTSYS so that the caller can deal with the signals.
Implementing this requires a per-host-architecture assembly language
fragment.

This will also resolve the mishandling of the SA_RESTART flag where
we would restart a host system call and not call the guest signal handler
until the syscall finally completed -- syscall restarting now always
happens at the guest syscall level so the guest signal handler will run.
(The host syscall will never be restarted because if the host kernel
rewinds the PC to point at the syscall insn for a restart then our
host_signal_handler() will see this and arrange the guest PC rewind.)

This commit contains the infrastructure for implementing safe_syscall
and the assembly language fragment for x86-64, but does not change any
syscalls to use it.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM:
 * Avoid having an architecture if-ladder in configure by putting
   linux-user/host/$(ARCH) on the include path and including
   safe-syscall.inc.S from it
 * Avoid ifdef ladder in signal.c by creating new hostdep.h to hold
   host-architecture-specific things
 * Added copyright/license header to safe-syscall.inc.S
 * Rewrote commit message
 * Added comments to safe-syscall.inc.S
 * Changed calling convention of safe_syscall() to match syscall()
   (returns -1 and host error in errno on failure)
 * Added a long comment in qemu.h about how to use safe_syscall()
   to implement guest syscalls.
]
RV: squashed Peters "fixup! linux-user: compile on non-x86-64 hosts"
patch
Signed-off-by: Peter Maydell <address@hidden>


  Commit: 50afd02b841cf0ccbc988a0fa868bbc4ca67c09e
      
https://github.com/qemu/qemu/commit/50afd02b841cf0ccbc988a0fa868bbc4ca67c09e
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for read and write system calls

Restart read() and write() if signals occur before, or during with SA_RESTART

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Update to new safe_syscall() convention of setting errno]
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: c10a07387b77b94d8f7233f3b5bb559211d4e49a
      
https://github.com/qemu/qemu/commit/c10a07387b77b94d8f7233f3b5bb559211d4e49a
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for open and openat system calls

Restart open() and openat() if signals occur before,
or during with SA_RESTART.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Adjusted to follow new -1-and-set-errno safe_syscall convention]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 4af80a3783950380df85ecca78aea3e3bad2e846
      
https://github.com/qemu/qemu/commit/4af80a3783950380df85ecca78aea3e3bad2e846
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for wait system calls

Use safe_syscall for waitpid, waitid and wait4 syscalls. Note that this
change allows us to implement support for waitid's fifth (rusage) argument
in future; for the moment we ignore it as we have done up til now.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: Adjust to new safe_syscall convention. Add fifth waitid syscall argument
 (which isn't present in the libc interface but is in the syscall ABI)]
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: ffdcbe223d23461669869e85786145cce65e1e8c
      
https://github.com/qemu/qemu/commit/ffdcbe223d23461669869e85786145cce65e1e8c
  Author: Timothy E Baldwin <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for execve syscall

Wrap execve() in the safe-syscall handling. Although execve() is not
an interruptible syscall, it is a special case: if we allow a signal
to happen before we make the host$ syscall then we will 'lose' it,
because at the point of execve the process leaves QEMU's control.  So
we use the safe syscall wrapper to ensure that we either take the
signal as a guest signal, or else it does not happen before the
execve completes and makes it the other program's problem.

The practical upshot is that without this SIGTERM could fail to
terminate the process.

Signed-off-by: Timothy Edward Baldwin <address@hidden>
Message-id: address@hidden
[PMM: expanded commit message to explain in more detail why this is
 needed, and add comment about it too]
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 6df9d38d33be8397bda8838dea5a4a10d662749b
      
https://github.com/qemu/qemu/commit/6df9d38d33be8397bda8838dea5a4a10d662749b
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for pselect, select syscalls

Use the safe_syscall wrapper for the pselect and select syscalls.
Since not every architecture has the select syscall, we now
have to implement select in terms of pselect, which means doing
timeval<->timespec conversion.

(Five years on from the initial patch that added pselect support
to QEMU and a decade after pselect6 went into the kernel, it seems
safe to not try to support hosts with header files which don't
define __NR_pselect6.)

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: d509eeb13c9c6fef4a29ca43c64f591d8c61d201
      
https://github.com/qemu/qemu/commit/d509eeb13c9c6fef4a29ca43c64f591d8c61d201
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use safe_syscall for futex syscall

Use the safe_syscall wrapper for the futex syscall.

In particular, this fixes hangs when using programs that link
against the Boehm garbage collector, including the Mono runtime.

(We don't change the sys_futex() call in the implementation of
the exit syscall, because as the FIXME comment there notes
that should be handled by disabling signals, since we can't
easily back out if the futex were to return ERESTARTSYS.)

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: c7e35da348e2e4df072e6979c48fa5283e07d1db
      
https://github.com/qemu/qemu/commit/c7e35da348e2e4df072e6979c48fa5283e07d1db
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Handle negative values in timespec conversion

In a struct timespec, both fields are signed longs. Converting
them from guest to host with code like
    host_ts->tv_sec = tswapal(target_ts->tv_sec);
mishandles negative values if the guest has 32-bit longs and
the host has 64-bit longs because tswapal()'s return type is
abi_ulong: the assignment will zero-extend into the host long
type rather than sign-extending it.

Make the conversion routines use __get_user() and __set_user()
instead: this automatically picks up the signedness of the
field type and does the correct kind of sign or zero extension.
It also handles the possibility that the target struct is not
sufficiently aligned for the host's requirements.

In particular, this fixes a hang when running the Linux Test Project
mq_timedsend01 and mq_timedreceive01 tests: one of the test cases
sets the timeout to -1 and expects an EINVAL failure, but we were
setting a very long timeout instead.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 99874f65526ed7827202c6e17c62f30d47652bdd
      
https://github.com/qemu/qemu/commit/99874f65526ed7827202c6e17c62f30d47652bdd
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Handle msgrcv error case correctly

The msgrcv ABI is a bit odd -- the msgsz argument is a size_t, which is
unsigned, but it must fail EINVAL if the value is negative when cast
to a long. We were incorrectly passing the value through an
"unsigned int", which meant that if the guest was 32-bit longs and
the host was 64-bit longs an input of 0xffffffff (which should trigger
EINVAL) would simply be passed to the host msgrcv() as 0xffffffff,
where it does not cause the host kernel to reject it.
Follow the same approach as do_msgsnd() in using a ssize_t and
doing the check for negative values by hand, so we correctly fail
in this corner case.

This fixes the msgrcv03 Linux Test Project test case, which otherwise
hangs.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 415d847110e3f8cd176160b92a5fdc56d8a20792
      
https://github.com/qemu/qemu/commit/415d847110e3f8cd176160b92a5fdc56d8a20792
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use g_try_malloc() in do_msgrcv()

In do_msgrcv() we want to allocate a message buffer, whose size
is passed to us by the guest. That means we could legitimately
fail, so use g_try_malloc() and handle the error case, in the same
way that do_msgsnd() does.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 716f3fbef26b583d207f8b7c98cadfa9dda69c6b
      
https://github.com/qemu/qemu/commit/716f3fbef26b583d207f8b7c98cadfa9dda69c6b
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall_defs.h

  Log Message:
  -----------
  linux-user: x86_64: Don't use 16-bit UIDs

The 64-bit x86 syscall ABI uses 32-bit UIDs; only define
USE_UID16 for 32-bit x86.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: fd6f7798ac3066ad9e3956defd37521830197666
      
https://github.com/qemu/qemu/commit/fd6f7798ac3066ad9e3956defd37521830197666
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/syscall.c

  Log Message:
  -----------
  linux-user: Use direct syscalls for setuid(), etc

On Linux the setuid(), setgid(), etc system calls have different semantics
from the libc functions. The libc functions follow POSIX and update the
credentials for all threads in the process; the system calls update only
the thread which makes the call. (This impedance mismatch is worked around
in libc by signalling all threads to tell them to do a syscall, in a
byzantine and fragile way; see http://ewontfix.com/17/.)

Since in linux-user we are trying to emulate the system call semantics,
we must implement all these syscalls to directly call the underlying
host syscall, rather than calling the host libc function.

Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 167e4cdc29985e69769452fade698c5b9df78b3d
      
https://github.com/qemu/qemu/commit/167e4cdc29985e69769452fade698c5b9df78b3d
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/arm/target_syscall.h
    M linux-user/elfload.c

  Log Message:
  -----------
  linux-user: arm: Remove ARM_cpsr and similar #defines

The #defines of ARM_cpsr and friends in linux-user/arm/target-syscall.h
can clash with versions in the system headers if building on an
ARM or AArch64 build (though this seems to be dependent on the version
of the system headers). The QEMU defines are not very useful (it's
not clear that they're intended for use with the target_pt_regs struct
rather than (say) the CPUARMState structure) and we only use them in one
function in elfload.c anyway. So just remove the #defines and directly
access regs->uregs[].

Reported-by: Christopher Covington <address@hidden>
Tested-by: Christopher Covington <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: f1d9d1071c01bc5852750b0a829cf45f32cde709
      
https://github.com/qemu/qemu/commit/f1d9d1071c01bc5852750b0a829cf45f32cde709
  Author: Chen Gang <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user/signal.c: Generate opcode data for restorer in setup_rt_frame

Original implementation uses do_rt_sigreturn directly in host space,
when a guest program is in unwind procedure in guest space, it will get
an incorrect restore address, then causes unwind failure.

Also cleanup the original incorrect indentation.

Reviewed-by: Laurent Vivier <address@hidden>
Signed-off-by: Chen Gang <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 166c97edd682878943f496f1a3cbed49e096d43b
      
https://github.com/qemu/qemu/commit/166c97edd682878943f496f1a3cbed49e096d43b
  Author: Chen Gang <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user/signal.c: Use target address instead of host address for 
microblaze restorer

The return address is in target space, so the restorer address needs to
be target space, too.

Signed-off-by: Chen Gang <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: 5b1d59d0bb2a30d9fd8e8def88cba2ead7006ece
      
https://github.com/qemu/qemu/commit/5b1d59d0bb2a30d9fd8e8def88cba2ead7006ece
  Author: Chen Gang <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user/signal.c: Use s390 target space address instead of host space

The return address is in target space, so the restorer address needs to
be target space, too.

Signed-off-by: Chen Gang <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Laurent Vivier <address@hidden>


  Commit: 49e55cbacf4ad08f831b9f3f9cb0f3082883a3a1
      
https://github.com/qemu/qemu/commit/49e55cbacf4ad08f831b9f3f9cb0f3082883a3a1
  Author: Laurent Vivier <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M linux-user/signal.c

  Log Message:
  -----------
  linux-user,target-ppc: fix use of MSR_LE

setup_frame()/setup_rt_frame()/restore_user_regs() are using
MSR_LE as the similar kernel functions do: as a bitmask.

But in QEMU, MSR_LE is a bit position, so change this
accordingly.

The previous code was doing nothing as MSR_LE is 0,
and "env->msr &= ~MSR_LE" doesn't change the value of msr.

And yes, a user process can change its endianness,
see linux kernel commit:

    fab5db9 [PATCH] powerpc: Implement support for setting little-endian mode 
via prctl

and prctl(2): PR_SET_ENDIAN, PR_GET_ENDIAN

Reviewed-by: Thomas Huth <address@hidden>
Signed-off-by: Laurent Vivier <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>


  Commit: d6550e9ed2e1a60d889dfb721de00d9a4e3bafbe
      
https://github.com/qemu/qemu/commit/d6550e9ed2e1a60d889dfb721de00d9a4e3bafbe
  Author: Peter Maydell <address@hidden>
  Date:   2016-05-27 (Fri, 27 May 2016)

  Changed paths:
    M Makefile.target
    M linux-user/Makefile.objs
    M linux-user/alpha/target_signal.h
    M linux-user/arm/target_signal.h
    M linux-user/arm/target_syscall.h
    M linux-user/cris/target_signal.h
    M linux-user/elfload.c
    M linux-user/errno_defs.h
    A linux-user/host/generic/hostdep.h
    A linux-user/host/x86_64/hostdep.h
    A linux-user/host/x86_64/safe-syscall.inc.S
    M linux-user/m68k/target_signal.h
    M linux-user/main.c
    M linux-user/microblaze/target_signal.h
    M linux-user/mips/target_signal.h
    M linux-user/mips/target_syscall.h
    M linux-user/mips64/target_signal.h
    M linux-user/mips64/target_syscall.h
    M linux-user/openrisc/target_signal.h
    M linux-user/ppc/target_signal.h
    M linux-user/ppc/target_syscall.h
    M linux-user/qemu.h
    M linux-user/s390x/target_signal.h
    A linux-user/safe-syscall.S
    M linux-user/sh4/target_signal.h
    M linux-user/signal.c
    M linux-user/sparc/target_signal.h
    M linux-user/sparc64/target_signal.h
    M linux-user/syscall.c
    M linux-user/syscall_defs.h
    M linux-user/tilegx/target_signal.h

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/riku/tags/pull-linux-user-20160527' 
into staging

linux-user pull request v2 for may 2016

# gpg: Signature made Fri 27 May 2016 12:51:10 BST using RSA key ID DE3C9BC0
# gpg: Good signature from "Riku Voipio <address@hidden>"
# gpg:                 aka "Riku Voipio <address@hidden>"

* remotes/riku/tags/pull-linux-user-20160527: (38 commits)
  linux-user,target-ppc: fix use of MSR_LE
  linux-user/signal.c: Use s390 target space address instead of host space
  linux-user/signal.c: Use target address instead of host address for 
microblaze restorer
  linux-user/signal.c: Generate opcode data for restorer in setup_rt_frame
  linux-user: arm: Remove ARM_cpsr and similar #defines
  linux-user: Use direct syscalls for setuid(), etc
  linux-user: x86_64: Don't use 16-bit UIDs
  linux-user: Use g_try_malloc() in do_msgrcv()
  linux-user: Handle msgrcv error case correctly
  linux-user: Handle negative values in timespec conversion
  linux-user: Use safe_syscall for futex syscall
  linux-user: Use safe_syscall for pselect, select syscalls
  linux-user: Use safe_syscall for execve syscall
  linux-user: Use safe_syscall for wait system calls
  linux-user: Use safe_syscall for open and openat system calls
  linux-user: Use safe_syscall for read and write system calls
  linux-user: Provide safe_syscall for fixing races between signals and syscalls
  linux-user: Add debug code to exercise restarting system calls
  linux-user: Support for restarting system calls for Microblaze targets
  linux-user: Set r14 on exit from microblaze syscall
  ...

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/34c99d7b93c9...d6550e9ed2e1

reply via email to

[Prev in Thread] Current Thread [Next in Thread]