Validate count between 0 and IOV_MAX. Limit total length of
operation in the same way the kernel does.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
When reading our faked /proc/self/maps from a secondary thread,
we get an invalid stack entry. This is because ts->stack_base is not
initialized in non-primary threads.
However, ts->info is, and the stack layout information we're looking
for is there too. So let's use that one instead!
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
The statfs syscall should always memset(0) its full struct extent before
writing to it. Newer versions of the syscall use one of the reserved fields
for flags, which would otherwise get stale values from uncleaned memory.
This fixes libarchive for me, which got confused about the return value of
pathconf("/", _PC_REC_XFER_ALIGN) otherwise, as it some times gave old pointers
as return value.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Report from smatch:
linux-user/syscall.c:3632 do_ioctl_dm(220) info:
redundant null check on big_buf calling free()
'big_buf' was allocated by g_malloc0, therefore free was also
replaced by g_free.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
In case when TARGET_ABI_BITS == 32 && HOST_LONG_BITS == 64, the last
byte of the target dirent structure (aka d_type byte) was never copied
from the host dirent structure, thus breaking everything that relies
on valid d_type value, e.g. glob(3).
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Also, use g_malloc to avoid NULL-deref upon OOM.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The code to initialise the target_to_host_errno_table[] array was
accidentally inside the loop through checking and initialising all
the supported ioctls. This was harmless but meant that we reinitialised the
array several hundred times on startup.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alpha uses unbiased priority values in the syscall, with the a3
return value signaling error conditions. Therefore, properly
interpret the libc getpriority as needed for the guest rather
than passing the host value through unchanged.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Name the syscall properly for QEMU, kernel source notwithstanding.
Fix syntax errors in the code thus enabled within do_syscall.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
We weren't aggregating the exceptions, nor raising signals properly.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Improve the emulation of /proc/self/maps by reading the underlying
host maps file and passing lines through with addresses adjusted
to be guest addresses. This is necessary to avoid false triggers
of the glibc check that a format string containing '%n' is not in
writable memory. (For an example see the bug reported in
https://bugs.launchpad.net/qemu-linaro/+bug/947888 where gpg aborts.)
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
After all target CPUs have been QOM'ified, we no longer need an #ifdef
to switch between object_delete() and g_free() in NPTL thread exit.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
For QOM'ified CPUs we cannot g_free() CPUArchState, we must
object_delete() the object it is embedded into.
Fixes LP#982321 (invalid free() while executing pacman with qemu-arm).
Reported-by: Serge Schneider <serge@xecdesign.com>
Reported-by: Russell Keith Davis <russell@russelldavis.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Serge Schneider <serge@xecdesign.com>
Tested-by: Russell Keith Davis <russell@russelldavis.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Add support for the prctl options PR_GET_NAME and PR_SET_NAME,
which take or return a name in a 16 byte buffer pointed to by arg2.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Clean up the odd indentation of this switch statement before
we double its size by adding new cases to it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Fallocate gets off_t parameters passed in, so we should also read them out
accordingly.
Signed-off-by: Alexander Graf <agraf@suse.de>
---
v1 -> v2:
- unbreak 64-bit guests
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
This patch implements all ioctls currently implemented by device mapper,
enabling us to run dmsetup and kpartx inside of linux-user.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
With the current fake /proc/self/stat implementation `ps` is
segfaulting because it expects to read PID and argv[0] as first and
second field respectively, with the latter being enclosed between
backets.
Reproducing is as easy as running: `ps` inside qemu-user chroot
with /proc mounted.
Signed-off-by: Fabio Erculiani <lxnay@sabayon.org>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Scripted conversion:
for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
sed -i "s/CPUState/CPUArchState/g" $file
done
All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Frees the identifier cpu_reset for QOM CPUs (manual rename).
Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Fix format type mismatches in do_brk debug printfs.
Signed-off-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
If the host's page size is equal to or smaller than the target's, native
execve() will fail appropriately with E2BIG if called with too big an
environment for the target to handle. It may falsely succeed, however, if
the host's page size is bigger, and feed the executed target process an
environment that is too big for it to handle, at which point QEMU barfs and
exits, confusing procmail's autoconf script and causing the build to fail.
This patch makes sure that execve() will return E2BIG if the environment is
too large for the target.
Signed-off-by: Ulrich Hecht <uli@suse.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Implement the f and l versions (operate on fd, don't follow links)
of the setxattr, getxattr and removexattr syscalls.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
It's valid to pass a NULL value pointer to setxattr, so don't
fail this case EFAULT.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
When calling wait4 or waitpid with a status pointer and WNOHANG, the
syscall can potentially not modify the status pointer input. Now if we
have guest code like:
int status = 0;
waitpid(pid, &status, WNOHANG);
if (status)
<breakage>
then we have to make sure that in case status did not change we actually
return the guest's initialized status variable instead of our own uninitialized.
We fail to do so today, as we proxy everything through an uninitialized status
variable which for me ended up always containing the last error code.
This patch fixes some test cases when building yast2-core in OBS for ARM.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
While debugging some issues with QEMU_STRACE I stumbled over segmentation
faults that were pretty reproducible. Turns out we tried to treat a
normal return value as errno, resulting in an access over array boundaries
for the resolution.
Fix this by allowing failure to resolve invalid errnos into strings.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Gtk tries to read /proc/self/auxv to find its auxv table instead of
taking it from its own program memory space.
However, when running with linux-user, we see the host's auxv which
clearly exposes wrong information. so let's instead expose the guest
memory backed auxv tables via /proc/self/auxv as well.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
The boehm gc finds the program's stack starting pointer by
checking /proc/self/stat. Unfortunately, so far it reads
qemu's stack pointer which clearly is wrong.
So let's instead fake the file so the guest program sees the
right address.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
glibc's pthread_attr_getstack tries to find the stack range from
/proc/self/maps. Unfortunately, /proc is usually the host's /proc
which means linux-user guests see qemu's stack there.
Fake the file with a constructed maps entry that exposes the guest's
stack range.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
There are a number of files in /proc that expose host information
to the guest program. This patch adds infrastructure to override
the open() syscall for guest programs to enable us to on the fly
generate guest sensible files.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
In an fcntl64 failure path, we were returning directly rather than
simply breaking out of the switch statement. This skips the strace
code for printing the syscall return value, so don't do that.
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Double semicolons should be single.
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Modern distributions place xattr.h in /usr/include/sys, and fold
libattr.so into libc. They also don't have an ENOATTR.
Make configure detect this, and add a qemu-xattr.h file that
directs the #include to the right place.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
For OBS, we're running a full cross-guest inside of a VM. When a build
is done there, we reboot the guest as shutdown mechanism.
Unfortunately, reboot is not implemented in linux-user. So this mechanism
fails, spilling unpretty warnings. This patch implements sys_reboot()
emulation.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
When running openat using qemu-arm, we stumbled over invalid permissions
on the created files. The reason for this is that the mode parameter gets
treates as an O_... flag, which it isn't - it's a permission bitmask.
This patch removes the needless translation of the mode parameter,
rendering permission passing of openat() to work with linux-user.
Reported-by: Dirk Mueller <dmueller@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
abi_(u)long might be different from target_ulong, so don't use tswapl
but introduce a new tswapal
Signed-off-by: Matthias Braun <matze@braunis.de>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Those blanks violate the coding conventions, see
scripts/checkpatch.pl.
Blanks missing after colons in the changed lines were added.
This patch does not try to fix tabs, long lines and other
problems in the changed lines, therefore checkpatch.pl reports
many violations.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* qemu-common.h is not a system include file, so it should be included
with "" instead of <>. Otherwise incremental builds might fail
because only local include files are checked for changes.
* linux-user/syscall.c included the file twice.
Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This patch implements the setxattr, getxattr, and removexattr syscalls
if CONFIG_ATTR is enabled.
Note that since libattr uses indirect syscalls for these, this change
depends on the fix for indirect syscall handling on MIPS.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: An-Cheng Huang <ancheng@ubnt.com>
