[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] c448e9: linux-user/arm: Mark the commpage exe
|
From: |
Paolo Bonzini |
|
Subject: |
[Qemu-commits] [qemu/qemu] c448e9: linux-user/arm: Mark the commpage executable |
|
Date: |
Mon, 05 Sep 2022 14:10:29 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: c448e9f5cb6451d306634df9fbf604d4a543e258
https://github.com/qemu/qemu/commit/c448e9f5cb6451d306634df9fbf604d4a543e258
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M linux-user/arm/target_cpu.h
M linux-user/elfload.c
Log Message:
-----------
linux-user/arm: Mark the commpage executable
We're about to start validating PAGE_EXEC, which means
that we've got to mark the commpage executable. We had
been placing the commpage outside of reserved_va, which
was incorrect and lead to an abort.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: a57c5fa712a852e4f20d58bc4a0833b1168d4d2b
https://github.com/qemu/qemu/commit/a57c5fa712a852e4f20d58bc4a0833b1168d4d2b
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/hppa: Allocate page zero as a commpage
We're about to start validating PAGE_EXEC, which means that we've
got to mark page zero executable. We had been special casing this
entirely within translate.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: e84b9fccc8f5137291c57434d768bbdeb440e257
https://github.com/qemu/qemu/commit/e84b9fccc8f5137291c57434d768bbdeb440e257
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/x86_64: Allocate vsyscall page as a commpage
We're about to start validating PAGE_EXEC, which means that we've
got to mark the vsyscall page executable. We had been special
casing this entirely within translate.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 1ec6049d01451705238e0f80c6cf04c45838e754
https://github.com/qemu/qemu/commit/1ec6049d01451705238e0f80c6cf04c45838e754
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M include/elf.h
M linux-user/elfload.c
M linux-user/qemu.h
Log Message:
-----------
linux-user: Honor PT_GNU_STACK
Map the stack executable if required by default or on demand.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 16e0354b00cdb8c254568218dbec654f6bb4e241
https://github.com/qemu/qemu/commit/16e0354b00cdb8c254568218dbec654f6bb4e241
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: Clear translations on mprotect()
Currently it's possible to execute pages that do not have PAGE_EXEC
if there is an existing translation block. Fix by invalidating TBs
that touch the affected pages.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20220817150506.592862-2-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 6feb8a1288337fd7bff244dfd3bfde9b1216d1b8
https://github.com/qemu/qemu/commit/6feb8a1288337fd7bff244dfd3bfde9b1216d1b8
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M tests/tcg/i386/test-i386.c
Log Message:
-----------
tests/tcg/i386: Move smc_code2 to an executable section
We're about to start validating PAGE_EXEC, which means
that we've got to put this code into a section that is
both writable and executable.
Note that this test did not run on hardware beforehand either.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 21e47e02359d8129d2ad72bd76d9b7d1ef3f3d6c
https://github.com/qemu/qemu/commit/21e47e02359d8129d2ad72bd76d9b7d1ef3f3d6c
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M include/exec/translator.h
Log Message:
-----------
accel/tcg: Introduce is_same_page()
Introduce a function that checks whether a given address is on the same
page as where disassembly started. Having it improves readability of
the following patches.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20220811095534.241224-3-iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[rth: Make the DisasContextBase parameter const.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 5f908a23e15d4284273394c8e55b6eef43235e47
https://github.com/qemu/qemu/commit/5f908a23e15d4284273394c8e55b6eef43235e47
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
M accel/tcg/user-exec.c
M include/exec/exec-all.h
Log Message:
-----------
accel/tcg: Properly implement get_page_addr_code for user-only
The current implementation is a no-op, simply returning addr.
This is incorrect, because we ought to be checking the page
permissions for execution.
Make get_page_addr_code inline for both implementations.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: b285d2ee609bcd32212938aae8b311cca9916df9
https://github.com/qemu/qemu/commit/b285d2ee609bcd32212938aae8b311cca9916df9
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M accel/tcg/user-exec.c
Log Message:
-----------
accel/tcg: Unlock mmap_lock after longjmp
The mmap_lock is held around tb_gen_code. While the comment
is correct that the lock is dropped when tb_gen_code runs out
of memory, the lock is *not* dropped when an exception is
raised reading code for translation.
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 4798601287b03dd423b4bee17c993d19d2ae2420
https://github.com/qemu/qemu/commit/4798601287b03dd423b4bee17c993d19d2ae2420
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M include/exec/exec-all.h
Log Message:
-----------
accel/tcg: Make tb_htable_lookup static
The function is not used outside of cpu-exec.c. Move it and
its subroutines up in the file, before the first use.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 2be4dd370d8fa012d7a683a20c15d2feaa3e8f76
https://github.com/qemu/qemu/commit/2be4dd370d8fa012d7a683a20c15d2feaa3e8f76
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
M include/exec/cpu-common.h
M softmmu/physmem.c
Log Message:
-----------
accel/tcg: Move qemu_ram_addr_from_host_nofail to physmem.c
The base qemu_ram_addr_from_host function is already in
softmmu/physmem.c; move the nofail version to be adjacent.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: d43227f96d996a31a0a6ae4e12a27eeccab2dcd1
https://github.com/qemu/qemu/commit/d43227f96d996a31a0a6ae4e12a27eeccab2dcd1
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
Log Message:
-----------
accel/tcg: Use probe_access_internal for softmmu get_page_addr_code_hostp
Simplify the implementation of get_page_addr_code_hostp
by reusing the existing probe_access infrastructure.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 12bc0bccfdb44fe4561a26ffbf23a3b8495c7f46
https://github.com/qemu/qemu/commit/12bc0bccfdb44fe4561a26ffbf23a3b8495c7f46
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
Log Message:
-----------
accel/tcg: Document the faulting lookup in tb_lookup_cmp
It was non-obvious to me why we can raise an exception in
the middle of a comparison function, but it works.
While nearby, use TARGET_PAGE_ALIGN instead of open-coding.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: ec3337ce4b242dd1030ed50d983bb9bd480d3148
https://github.com/qemu/qemu/commit/ec3337ce4b242dd1030ed50d983bb9bd480d3148
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M include/exec/translator.h
M target/i386/tcg/translate.c
Log Message:
-----------
accel/tcg: Remove translator_ldsw
The only user can easily use translator_lduw and
adjust the type to signed during the return.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: a2a395f8f0bb1c5613c75d186fd2440f659f0f34
https://github.com/qemu/qemu/commit/a2a395f8f0bb1c5613c75d186fd2440f659f0f34
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M include/exec/exec-all.h
M include/exec/translator.h
M target/alpha/translate.c
M target/arm/translate.c
M target/avr/translate.c
M target/cris/translate.c
M target/hexagon/translate.c
M target/hppa/translate.c
M target/i386/tcg/translate.c
M target/loongarch/translate.c
M target/m68k/translate.c
M target/microblaze/translate.c
M target/mips/tcg/translate.c
M target/nios2/translate.c
M target/openrisc/translate.c
M target/ppc/translate.c
M target/riscv/translate.c
M target/rx/translate.c
M target/s390x/tcg/translate.c
M target/sh4/translate.c
M target/sparc/translate.c
M target/tricore/translate.c
M target/xtensa/translate.c
Log Message:
-----------
accel/tcg: Add pc and host_pc params to gen_intermediate_code
Pass these along to translator_loop -- pc may be used instead
of tb->pc, and host_pc is currently unused. Adjust all targets
at one time.
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: b9e4ca766b7bd322052186242c4dac5a5c2df7c3
https://github.com/qemu/qemu/commit/b9e4ca766b7bd322052186242c4dac5a5c2df7c3
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M include/exec/translator.h
Log Message:
-----------
accel/tcg: Add fast path for translator_ld*
Cache the translation from guest to host address, so we may
use direct loads when we hit on the primary translation page.
Look up the second translation page only once, during translation.
This obviates another lookup of the second page within tb_gen_code
after translation.
Fixes a bug in that plugin_insn_append should be passed the bytes
in the original memory order, not bswapped by pieces.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: d8a1c947fd74ed03715f05656ec700dd8453d913
https://github.com/qemu/qemu/commit/d8a1c947fd74ed03715f05656ec700dd8453d913
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M target/s390x/tcg/translate.c
A tests/tcg/multiarch/noexec.c.inc
M tests/tcg/s390x/Makefile.target
A tests/tcg/s390x/noexec.c
Log Message:
-----------
target/s390x: Make translator stop before the end of a page
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220817150506.592862-3-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 15e34701d4a0ac2b960ec357c87de9d5948a6b36
https://github.com/qemu/qemu/commit/15e34701d4a0ac2b960ec357c87de9d5948a6b36
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M target/i386/tcg/translate.c
M tests/tcg/x86_64/Makefile.target
A tests/tcg/x86_64/noexec.c
Log Message:
-----------
target/i386: Make translator stop before the end of a page
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
An implementation, like the one arm and s390x have, would require an
i386 length disassembler, which is burdensome to maintain. Another
alternative would be to single-step at the end of a guest page, but
this may come with a performance impact.
Fix by snapshotting disassembly state and restoring it after we figure
out we crossed a page boundary. This includes rolling back cc_op
updates and emitted ops.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1143
Message-Id: <20220817150506.592862-4-iii@linux.ibm.com>
[rth: Simplify end-of-insn cross-page checks.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: ab1122d1c3a662bf42cb946de18a3fd276cc6993
https://github.com/qemu/qemu/commit/ab1122d1c3a662bf42cb946de18a3fd276cc6993
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M target/riscv/translate.c
Log Message:
-----------
target/riscv: Add MAX_INSN_LEN and insn_len
These will be useful in properly ending the TB.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: cc64de1fdeb81bc1ab8bb6c7c24bfd4fc9b28ef2
https://github.com/qemu/qemu/commit/cc64de1fdeb81bc1ab8bb6c7c24bfd4fc9b28ef2
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-03 (Sat, 03 Sep 2022)
Changed paths:
M target/riscv/translate.c
M tests/tcg/riscv64/Makefile.target
A tests/tcg/riscv64/noexec.c
Log Message:
-----------
target/riscv: Make translator stop before the end of a page
Right now the translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1155
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 2682d1ad9306fc313d46d24f0ebc04383f6d2758
https://github.com/qemu/qemu/commit/2682d1ad9306fc313d46d24f0ebc04383f6d2758
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date: 2022-09-05 (Mon, 05 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M accel/tcg/cputlb.c
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M accel/tcg/user-exec.c
M include/elf.h
M include/exec/cpu-common.h
M include/exec/exec-all.h
M include/exec/translator.h
M linux-user/arm/target_cpu.h
M linux-user/elfload.c
M linux-user/mmap.c
M linux-user/qemu.h
M softmmu/physmem.c
M target/alpha/translate.c
M target/arm/translate.c
M target/avr/translate.c
M target/cris/translate.c
M target/hexagon/translate.c
M target/hppa/translate.c
M target/i386/tcg/translate.c
M target/loongarch/translate.c
M target/m68k/translate.c
M target/microblaze/translate.c
M target/mips/tcg/translate.c
M target/nios2/translate.c
M target/openrisc/translate.c
M target/ppc/translate.c
M target/riscv/translate.c
M target/rx/translate.c
M target/s390x/tcg/translate.c
M target/sh4/translate.c
M target/sparc/translate.c
M target/tricore/translate.c
M target/xtensa/translate.c
M tests/tcg/i386/test-i386.c
A tests/tcg/multiarch/noexec.c.inc
M tests/tcg/riscv64/Makefile.target
A tests/tcg/riscv64/noexec.c
M tests/tcg/s390x/Makefile.target
A tests/tcg/s390x/noexec.c
M tests/tcg/x86_64/Makefile.target
A tests/tcg/x86_64/noexec.c
Log Message:
-----------
Merge tag 'pull-tcg-20220904' of https://gitlab.com/rth7680/qemu into staging
Respect PROT_EXEC in user-only mode.
Fix s390x, i386 and riscv for translations crossing a page.
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmMT768dHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV81cgf9GWge29o91XG8Q1tJ
# iIIlyfgTfsGf9OAOa0gu6cMTNUldl1BlLYnKwsQCNdBBxX+12JicAxeLfh65s0sD
# vxmAo32Q276GG62RomX3TMkQbWDwG5WQmKwvU4AwoSIXJ+uplbQ1jRGBjdEj7dmD
# RN08YT0r3JgMJK9+VYlkf2dcSybFko7nrFNK/eGB8jfR/Cr7r9Lu4CvHpD4dl56q
# x7/TPGzcHRpF+7wp6JRAR9flHe1fTaxNioE7qRLd8ET6u57xf/mvvamDv1WMvjNw
# RFF2cWaoaWzG/wgGUPC4qq/h3Uk6NRaAfVb7JTKld9tHvcbrhOUVTt7Dh5J6YtRt
# v69Mow==
# =jDNk
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 03 Sep 2022 20:22:07 EDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
[full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* tag 'pull-tcg-20220904' of https://gitlab.com/rth7680/qemu:
target/riscv: Make translator stop before the end of a page
target/riscv: Add MAX_INSN_LEN and insn_len
target/i386: Make translator stop before the end of a page
target/s390x: Make translator stop before the end of a page
accel/tcg: Add fast path for translator_ld*
accel/tcg: Add pc and host_pc params to gen_intermediate_code
accel/tcg: Remove translator_ldsw
accel/tcg: Document the faulting lookup in tb_lookup_cmp
accel/tcg: Use probe_access_internal for softmmu get_page_addr_code_hostp
accel/tcg: Move qemu_ram_addr_from_host_nofail to physmem.c
accel/tcg: Make tb_htable_lookup static
accel/tcg: Unlock mmap_lock after longjmp
accel/tcg: Properly implement get_page_addr_code for user-only
accel/tcg: Introduce is_same_page()
tests/tcg/i386: Move smc_code2 to an executable section
linux-user: Clear translations on mprotect()
linux-user: Honor PT_GNU_STACK
linux-user/x86_64: Allocate vsyscall page as a commpage
linux-user/hppa: Allocate page zero as a commpage
linux-user/arm: Mark the commpage executable
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Compare: https://github.com/qemu/qemu/compare/61fd710b8da8...2682d1ad9306
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] c448e9: linux-user/arm: Mark the commpage executable,
Paolo Bonzini <=