Commit Graph

1715 Commits

Author SHA1 Message Date
Paolo Bonzini
ab129972c8 cpus-common: move exclusive work infrastructure from linux-user
This will serve as the base for async_safe_run_on_cpu.  Because
start_exclusive uses CPU_FOREACH, merge exclusive_lock with
qemu_cpu_list_lock: together with a call to exclusive_idle (via
cpu_exec_start/end) in cpu_list_add, this protects exclusive work
against concurrent CPU addition and removal.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-27 11:57:30 +02:00
Sergey Fedorov
d148d90ee8 cpus-common: move CPU work item management to common code
Make CPU work core functions common between system and user-mode
emulation. User-mode does not use run_on_cpu, so do not implement it.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Signed-off-by: Sergey Fedorov <sergey.fedorov@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1470158864-17651-10-git-send-email-alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-27 11:57:30 +02:00
Paolo Bonzini
267f685b8b cpus-common: move CPU list management to common code
Add a mutex for the CPU list to system emulation, as it will be used to
manage safe work.  Abstract manipulation of the CPU list in new functions
cpu_list_add and cpu_list_remove.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-27 11:57:29 +02:00
Sergey Fedorov
178f94297a linux-user: Add qemu_cpu_is_self() and qemu_cpu_kick()
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Signed-off-by: Sergey Fedorov <sergey.fedorov@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1470158864-17651-9-git-send-email-alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-27 11:57:29 +02:00
Sergey Fedorov
959f593c0e linux-user: Use QemuMutex and QemuCond
Convert pthread_mutex_t and pthread_cond_t to QemuMutex and QemuCond.
This will allow to make some locks and conditional variables common
between user and system mode emulation.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Signed-off-by: Sergey Fedorov <sergey.fedorov@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1470158864-17651-7-git-send-email-alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-27 11:57:29 +02:00
Peter Maydell
eaff9c4367 MIPS patches 2016-09-23
Changes:
 * 24KEc CPU definition
 * SYNC instructions make use of tcg memory barrier ops
 * various MIPS linux-user bug fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJX5NUUAAoJEFIRjjwLKdprVcsH/0noTs5B/Nnqkdzc1/Hf/wUD
 WWrmj5hLctPK/1Rn209oWGQPEeygppr8spV+ELpGQ/rzi6cnrhf+ApyRgJIYqAeu
 uGyS3Eu0C4WRR1I5ncpJKxQBZl95fKkWg4QZP1nwXaWAtJe4aZp4apeEPs6HBZzI
 SfpvpQ34oGjodI2UzCSxnx5ZvawowRozoUrVsJeuA9ep3H995ZkbNIq14zKh2blx
 RtH09vaWd8mY+yQ0MVlKDUgZuj5PukSsDQCG1uwqBCKJKq0N3VHb5ht3nhOCTpaU
 xoA9MJTrE7ctiyNRpgg/JzJQ0P4Ifq5Ry4lyDxDzuXA35wHzvOeIbTdg78dQr3M=
 =3Hfc
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/lalrae/tags/mips-20160923' into staging

MIPS patches 2016-09-23

Changes:
* 24KEc CPU definition
* SYNC instructions make use of tcg memory barrier ops
* various MIPS linux-user bug fixes

# gpg: Signature made Fri 23 Sep 2016 08:09:08 BST
# gpg:                using RSA key 0x52118E3C0B29DA6B
# gpg: Good signature from "Leon Alrae <leon.alrae@imgtec.com>"
# Primary key fingerprint: 8DD3 2F98 5495 9D66 35D4  4FC0 5211 8E3C 0B29 DA6B

* remotes/lalrae/tags/mips-20160923:
  linux-user: Add missing Mips syscalls items in strace.list
  linux-user: Add missing TARGET_EDQUOT error code for Mips
  linux-user: Fix certain argument alignment cases for Mips64
  linux-user: Fix structure target_semid64_ds definition for Mips
  linux-user: Fix structure target_flock definition for Mips
  linux-user: Fix TARGET_F_GETOWN definition for Mips
  linux-user: Fix TARGET_SIOCATMARK definition for Mips
  target-mips: generate fences
  target-mips: add 24KEc CPU definition

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-09-23 15:28:07 +01:00
Aleksandar Markovic
fea55615b2 linux-user: Add missing Mips syscalls items in strace.list
Without this patch, a number of Mips syscalls will be logged in the following
way (in this example, this is an invocation of accept4()):

  86906 Unknown syscall 4334

This patch provides standard Qemu's strace output for such cases, like this:

  95861 accept4(3,1996486000,1996486016,128,0,0) = 5

Such output may be further improved by providing strace-related functions
that handle only particular syscalls, but this is beyond the scope of
this patch.

Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:36 +01:00
Aleksandar Markovic
0444a3b793 linux-user: Add missing TARGET_EDQUOT error code for Mips
EDQUOT is defined for Mips platform in Linux kernel in such a way
that it has different value than on most other platforms. However,
correspondent TARGET_EDQUOT for Mips is missing in Qemu code. Moreover,
TARGET_EDQUOT is missing from the table for conversion of error codes
from host to target. This patch fixes these problems.

Without this patch, syscalls add_key(), keyctl(), link(), mkdir(), mknod(),
open(), rename(), request_key(), setxattr(), symlink(), and write() will not
be able to return the right error code in some scenarios on Mips platform.
(Some of these syscalls are not yet supported in Qemu, but once they are
supported, they will need correct EDQUOT handling.)

Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:35 +01:00
Aleksandar Markovic
d7779acb30 linux-user: Fix certain argument alignment cases for Mips64
The function that is changed in this patch is supposed to indicate that
there was certain argument rearrangement related to 64-bit arguments on
32-bit platforms. The background on such rearrangements can be found,
for example, in the man page for syscall(2).

However, for 64-bit Mips architectures there is no such rearrangement,
and this patch reflects it.

Signed-off-by: Aleksandar Rikalo <aleksandar.rikalo@imgtec.com>
Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:34 +01:00
Aleksandar Markovic
2ef4186964 linux-user: Fix structure target_semid64_ds definition for Mips
This patch corrects target_semid64_ds structure definition for Mips.

See, for example definition of semid64_ds for Mips in Linux kernel:
arch/mips/include/uapi/asm/sembuf.h#L13.

This patch will also fix certain semaphore-related LTP tests for Mips,
if they are executed in Qemu user mode for any Mips platform.

Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com>
Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:33 +01:00
Aleksandar Markovic
8a8001b147 linux-user: Fix structure target_flock definition for Mips
Structure flock is defined for Mips in a way different from any
other platform. For reference, see Linux kernel source code files:

arch/mips/include/uapi/asm/fcntl.h, line 63 (for Mips)
include/uapi/asm-generic/fcntl.h, line 195 (for all other platforms)

This patch fix this problem, by amending structure target_flock,
for Mips only.

Besides, this patch fixes LTP tests fcntl11, fcntl17, fcntl19, fcntl20,
and fcntl21, which are currently failing, if executed in Qemu user mode
for Mips platforms.

Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:33 +01:00
Aleksandar Markovic
3a87a954c8 linux-user: Fix TARGET_F_GETOWN definition for Mips
For some reason, Qemu's TARGET_F_GETOWN constant for Mips does not
match the correct value of correspondent F_GETOWN. This patch fixes
this problem.

For reference, see Mips' F_GETOWN definition in Linux kernel at
arch/mips/include/uapi/asm/fcntl.h#L44.

This patch also fixes some fcntl()-related LTP tests for Qemu
user mode for Mips.

Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com>
Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:32 +01:00
Aleksandar Markovic
e1be160691 linux-user: Fix TARGET_SIOCATMARK definition for Mips
This patch fixes wrong definition of TARGET_SIOCATMARK for mips,
alpha, and sh4.

The current definition is:

  #define SIOCATMARK      0x8905

while the correct definition is:

  #define SIOCATMARK      TARGET_IOR('s', 7, int)

See Linux kernel source file arch/mips/include/uapi/asm/sockios.h#L19
for reference.

This patch also a fixes LTP test failure for test sockioctl01, for
mips, alpha, and sh4.

Signed-off-by: Aleksandar Rikalo <aleksandar.rikalo@imgtec.com>
Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-09-23 07:07:31 +01:00
Michael Walle
58eb53083c linux-user: ppc64: fix ARCH_206 bit in AT_HWCAP
Only the POWER[789] CPUs should have the ARCH_206 bit set. This is what the
linux kernel does. I guess this was also the intention of commit 0e019746.
We have to make sure all *206 bits are set.

Before this patch, the flags check in the GET_FEATURES2 macro returned true
if _any_ bit was set. This worked well as long as there was only one bit
set in the 'flag' parameter. But as explained before, we have to make sure
all bits in the 'flag' parameter are set.

Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-09-23 12:39:07 +10:00
Benjamin Herrenschmidt
95cda4c44e ppc: Fix signal delivery in ppc-user and ppc64-user
There were a number of bugs in the implementation:

 - The structure alignment was wrong for 64-bit.

 - Also 64-bit only does RT signals.

 - On 64-bit, we need to put a pointer to the (aligned) vector registers
   in the frame and use it for restoring

 - We had endian bugs when saving/restoring vector registers

 - My recent fixes for exception NIP broke sigreturn in user mode
   causing us to resume one instruction too far.

 - Add VSR second halves

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-09-23 10:29:40 +10:00
Laurent Vivier
5457dc9e37 linux-user: fix TARGET_NR_select
TARGET_NR_select can have three different implementations:

  1- to always return -ENOSYS

     microblaze, ppc, ppc64

     -> TARGET_WANT_NI_OLD_SELECT

  2- to take parameters from a structure pointed by arg1
    (kernel sys_old_select)

     i386, arm, m68k

     -> TARGET_WANT_OLD_SYS_SELECT

  3- to take parameters from arg[1-5]
     (kernel sys_select)

     x86_64, alpha, s390x,
     cris, sparc, sparc64

Some (new) architectures don't define NR_select,

  4- but only NR__newselect with sys_select:

      mips, mips64, sh

  5- don't define NR__newselect, and use pselect6 syscall:

      aarch64, openrisc, tilegx, unicore32

Reported-by: Timothy Pearson <tpearson@raptorengineering.com>
Reported-by: Allan Wirth <awirth@akamai.com>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-22 07:24:21 +03:00
Timothy E Baldwin
45eafb4d32 linux-user: Fix incorrect offset of tuc_stack in ARM do_sigframe_return_v2
struct target_ucontext_v2 is not at the begining of the signal frame,
therefore do_sigaltstack was being passed bogus arguments.

As the offset depends on the type of signal frame fixed by passing in the
beginning of the context from do_sigreturn_v2 and do_rt_sigreturn_v2.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:17:02 +03:00
Peter Maydell
5ea2fc84da linux-user: Sanity check clone flags
We currently make no checks on the flags passed to the clone syscall,
which means we will not fail clone attempts which ask for features
that we can't implement. Add sanity checking of the flags to clone
(which we were already doing in the "this is a fork" path, but not
for the "this is a new thread" path), tidy up the checking in
the fork path to match it, and check that the fork case isn't trying
to specify a custom termination signal.

This is helpful in causing some LTP test cases to fail cleanly
rather than behaving bizarrely when we let the clone succeed
but didn't provide the semantics requested by the flags.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:14:27 +03:00
Peter Maydell
7cfbd386b9 linux-user: Remove unnecessary nptl_flags variable from do_fork()
The 'nptl_flags' variable in do_fork() is set to a copy of
'flags', and then the CLONE_NPTL_FLAGS are cleared out of 'flags'.
However the only effect of this is that the later check on
"if (flags & CLONE_PARENT_SETTID)" is never true. Since we
will already have done the setting of parent_tidptr in clone_func()
in the child thread, we don't need to do it again.

Delete the dead if() and the clearing of CLONE_NPTL_FLAGS from
'flags', and then use 'flags' where we were previously using
'nptl_flags', so we can delete the unnecessary variable.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:14:18 +03:00
Peter Maydell
c4b3574402 linux-user: Implement force_sigsegv() via force_sig()
Now that we have a force_sig() with the semantics we need,
we can implement force_sigsegv() to call it rather than
open-coding the call to queue_signal().

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:01:45 +03:00
Peter Maydell
c599d4d6d6 linux-user: SIGSEGV from sigreturn need not be fatal
If the sigreturn syscall fails to read memory then this causes a
SIGSEGV, but this is not necessarily a fatal signal -- the guest
process can catch it.

We don't implement this correctly because the behaviour of QEMU's
force_sig() function has drifted away from the kernel function of the
same name -- ours now does "always do a guest core dump and abort
execution", whereas the kernel version simply forces the guest to
take a signal, which may or may not eventually cause a core dump.

Rename our force_sig() to dump_core_and_abort(), and provide a
force_sig() which acts more like the kernel version as the sigreturn
implementations expect it to.  Since force_sig() now returns, we must
update all the callsites to return -TARGET_QEMU_ESIGRETURN so that
the main loop doesn't change the guest registers before the signal
handler is invoked.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:01:45 +03:00
Peter Maydell
28298c912e linux-user: ARM: Give SIGSEGV if signal frame setup fails
The 32-bit ARM signal frame setup code was just bailing out
on error returns from lock_user_struct calls, without
generating the SIGSEGV that should happen here. Wire up
error return codes to call force_sigsegv().

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:01:45 +03:00
Peter Maydell
0939166997 linux-user: SIGSEGV on signal entry need not be fatal
A failed write to memory trying to set up the signal frame
should trigger a SIGSEGV, but this need not be fatal: the
guest has a chance to catch it. Implement this via a force_sigsegv()
function with the same behaviour as the kernel function of that
name: make sure that we don't try to re-take a failed SIGSEGV,
and force a synchronous signal.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:01:45 +03:00
Peter Maydell
9d2803f720 linux-user: Pass si_type information to queue_signal() explicitly
Instead of assuming in queue_signal() that all callers are passing
a siginfo structure which uses the _sifields._sigfault part of the
union (and thus a si_type of QEMU_SI_FAULT), make callers pass
the si_type they require in as an argument.

[RV adjusted to apply]
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 22:01:28 +03:00
Peter Maydell
8bd3773cce linux-user: Recheck for pending synchronous signals too
In process_pending_signals() we restart the scan of possible
pending signals after calling handle_pending_signal() in
case some other signal has been generated. This rescan
should also include a check for a new synchronous signal
since those are in fact the only kind of new signal that
the signal frame setup process might produce.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 21:51:49 +03:00
Michael Walle
c836112997 linux-user: ppc64: set MSR_CM bit for BookE 2.06 MMU
64 bit user mode doesn't work for the e5500 core because the MSR_CM bit is
not set which enables the 64 bit mode for this MMU model. Memory addresses
are truncated to 32 bit, which results in "Invalid data memory access"
error messages. Fix it by setting the MSR_CM bit for this MMU model.

Signed-off-by: Michael Walle <michael@walle.cc>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 21:42:11 +03:00
Peter Maydell
ee8e76141b linux-user: Use correct target SHMLBA in shmat()
The shmat() handling needs to do target-specific handling
of the attach address for shmat():
 * if the SHM_RND flag is passed, the address is rounded
   down to a SHMLBA boundary
 * if SHM_RND is not passed, then the call is failed EINVAL
   if the address is not a multiple of SHMLBA

Since SHMLBA is target-specific, we need to do this
checking and rounding in QEMU and can't leave it up to the
host syscall.

Allow targets to define TARGET_FORCE_SHMLBA and provide
a target_shmlba() function if appropriate, and update
do_shmat() to honour them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:28:52 +03:00
Peter Maydell
0ef9ea290e linux-user: Use glib malloc functions in load_symbols()
Switch to using the glib malloc functions in load_symbols();
this deals with a Coverity complaint about possible
integer overflow calculating the allocation size with
'nsyms * sizeof(*syms)'.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:28:20 +03:00
Peter Maydell
772034b63e linux-user: Check dump_write() return in elf_core_dump()
One of the calls to dump_write() in elf_core_dump() was missing
a check for failure (spotted by Coverity). Add the check to
bring it into line with the other calls from this function.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:28:03 +03:00
Peter Maydell
e5a869ed56 linux-user: Fix error handling in flatload.c target_pread()
The flatload.c target_pread() function is supposed to return
0 on success or negative host errnos; however it wasn't
checking lock_user() for failure or returning the errno from
the pread() call. Fix these problems (the first of which is
noted by Coverity).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:27:19 +03:00
Peter Maydell
f9757b1d96 linux-user: Fix incorrect use of host errno in do_ioctl_dm()
do_ioctl_dm() should return target errno values, not host ones;
correct an accidental use of a host errno in an error path.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:27:07 +03:00
Peter Maydell
3211215e74 linux-user: Check lock_user() return value for NULL
lock_user() can return NULL, which typically means the syscall
should fail with EFAULT. Add checks in various places where
Coverity spotted that we were missing them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:26:46 +03:00
Peter Maydell
68754b442b linux-user: Pass missing MAP_ANONYMOUS to target_mmap() call
A target_mmap() call in load_elf_binary() was missing the MAP_ANONYMOUS
flag. (Spotted by Coverity, because target_mmap() will try to use
-1 as the filedescriptor in this case.)

This has never been noticed because the code in question is for
handling ancient SVr4 iBCS2 binaries.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:26:23 +03:00
Peter Maydell
0cb581d6bd linux-user: report signals being taken in strace output
Native strace reports when the process being traced takes a signal:
   --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=0} ---

Report something similar when QEMU is doing its internal strace of
the guest process and is about to deliver it a signal.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:25:59 +03:00
Peter Maydell
ce9c139d93 linux-user: Range check the nfds argument to ppoll syscall
Do an initial range check on the ppoll syscall's nfds argument,
to avoid possible overflow in the calculation of the lock_user()
size argument. The host kernel will later apply the rather lower
limit based on RLIMIT_NOFILE as appropriate.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:25:53 +03:00
Peter Maydell
2ba7fae3bd linux-user: Check for bad event numbers in epoll_wait
The kernel checks that the maxevents parameter to epoll_wait
is non-negative and not larger than EP_MAX_EVENTS. Add this
check to our implementation, so that:
 * we fail these cases EINVAL rather than EFAULT
 * we don't pass negative or overflowing values to the
   lock_user() size calculation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:25:26 +03:00
Peter Maydell
700fa58e4b linux-user: Use direct syscall for utimensat
The linux utimensat syscall differs in semantics from the
libc function because the syscall combines the features
of utimensat() and futimens(). Rather than trying to
split these apart in order to call the two libc functions
which then call the same underlying syscall, just always
directly make the host syscall. This fixes bugs in some
of the corner cases which should return errors from the
syscall but which we were incorrectly directing to futimens().

This doesn't reduce the set of hosts that our syscall
implementation will work on, because if the direct syscall
fails ENOSYS then the libc functions would also fail ENOSYS.
(The system call has been in the kernel since 2.6.22 anyway.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:25:10 +03:00
Peter Maydell
6080723102 linux-user: Implement FS_IOC_GETFLAGS and FS_IOC_SETFLAGS ioctls
Implement the FS_IOC_GETFLAGS and FS_IOC_SETFLAGS ioctls, as used
by chattr.

Note that the type information encoded in these ioctl numbers
is at odds with the actual type the kernel accesses, as discussed
in http://thread.gmane.org/gmane.linux.file-systems/80164.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:24:47 +03:00
Peter Maydell
26a6fc96e0 linux-user: Allow bad msg_name for recvfrom on connected socket
The POSIX standard mandates that for a connected socket recvfrom()
must ignore the msg_name and msg_namelen fields. This is awkward
for QEMU because we will attempt to copy them from guest address
space. Handle this by not immediately returning a TARGET_EFAULT
if the copy failed, but instead passing a known-bad address
to the host kernel, which can then return EFAULT or ignore the
value appropriately.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:23:59 +03:00
Peter Maydell
97b0797033 linux-user: Fix errno for sendrecvmsg with large iovec length
The sendmsg and recvmsg syscalls use a different errno to indicate
an overlarge iovec length from readv and writev. Handle this
special case in do_sendrcvmsg_locked() to avoid getting the
default errno returned by lock_iovec().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:20:31 +03:00
Peter Maydell
dab32b321f linux-user: Fix handling of iovec counts
In the kernel the length of an iovec is generally handled as
an unsigned long, not an integer; fix the parameter to
lock_iovec() accordingly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-09-21 14:19:46 +03:00
Peter Maydell
5f473241ac * Support multiple -d trace:PATTERN arguments (Daniel)
* SCSI cleanups/fixes for removable meia (Fam)
 * SCSI security fixes (Li Qiang, PJP)
 * qemu-char segfault fix (Lin Ma)
 * "make help" and qemu-socket cleanups (Marc-André)
 * end of the buffer_is_zero reword (Richard)
 * Fix target-i386 syscall segfault (Stanislav)
 * split irqchip fix/robustification (Wanpeng)
 * misc cleanups (me, Jiangang)
 * x86 vmstate fixes (Pavel)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQExBAABCAAbBQJX2p4HFBxwYm9uemluaUByZWRoYXQuY29tAAoJEL/70l94x66D
 aPcIAJlBiq+SSLSTE3iWntjMQcOPWiclhSj+66BDYL4ck5zsj7vKJ1GaR0WHFZEW
 8PPe84uvX1ljTEYu1bs0uA+id8rUWhoJWnxRAYfECs7ymaViHk1n6RSEl7QJhC9X
 0Tahf/8W9q0ocqVurLGs6UzNn0HTr8O922y6IcM0/wlnixNaarGCT/skOJ91ZzwM
 OVtv1AltkdOQSF21dskltgj2gupkFOg1OqhO/EHOQHIbEDhyVxPFC5aAMPaxgWR/
 eyUxk5aXTXf1ZXRhsr23zZUOmAxHL6VKF17agNwNi+UNSk4DERU1+KOUbFowv+WV
 QO7tLKTTLrPcigrkRAZJ+xaUUoY=
 =HIc4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Support multiple -d trace:PATTERN arguments (Daniel)
* SCSI cleanups/fixes for removable meia (Fam)
* SCSI security fixes (Li Qiang, PJP)
* qemu-char segfault fix (Lin Ma)
* "make help" and qemu-socket cleanups (Marc-André)
* end of the buffer_is_zero reword (Richard)
* Fix target-i386 syscall segfault (Stanislav)
* split irqchip fix/robustification (Wanpeng)
* misc cleanups (me, Jiangang)
* x86 vmstate fixes (Pavel)

# gpg: Signature made Thu 15 Sep 2016 14:11:35 BST
# gpg:                using RSA key 0xBFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  pcspk: adding vmstate for save/restore
  kvmvapic: fix state change handler
  pc: apic: introduce APIC macro
  target-i386: Fixed syscall posssible segfault
  log: fix parsing of multiple trace:PATTERN log args
  qemu-char: avoid segfault if user lacks of permisson of a given logfile
  build-sys: add make 'help' target
  linux-user: complete omission of removing uses of strdup
  target-i386: fix ordering of fields in CPUX86State
  pc: apic: fix touch LAPIC when irqchip is split
  scsi: pvscsi: limit process IO loop to ring size
  memory: remove memory_region_destructor_rom_device
  Change net/socket.c to use socket_*() functions
  cutils: Rewrite x86 buffer zero checking
  scsi: mptsas: use g_new0 to allocate MPTSASRequest object
  virtio-scsi: Don't abort when media is ejected
  scsi-disk: Cleaning up around tray open state

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-09-15 18:12:40 +01:00
Md Haris Iqbal
38e826de00 linux-user/qemu.h: change malloc to g_malloc, free to g_free
Signed-off-by: Md Haris Iqbal <haris.phnx@gmail.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-15 15:32:22 +03:00
Laurent Vivier
c1bc91c35c linux-user,s390x: remove useless cast
This patch is the result of coccinelle script
scripts/coccinelle/typecast.cocci

CC: Riku Voipio <riku.voipio@iki.fi>
CC: Alexander Graf <agraf@suse.de>
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-15 15:32:22 +03:00
Thomas Huth
d41f3c3cc7 Remove remainders of HPPA backend
The HPPA backend has been removed by the following commit:

    802b508123
    tcg-hppa: Remove tcg backend

But some small pieces of the HPPA backend still survived until
today. Since we also do not have support for a HPPA target in
QEMU, we can nowadays safely remove the remaining HPPA parts
(like the disassembler code, or the detection of HPPA in the
configure script).

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-15 15:32:22 +03:00
Wei Jiangang
b8da57fa15 linux-user: complete omission of removing uses of strdup
The 900cfbc just removed two unchecked uses of strdup
in fill_psinfo and missed the rest in core_dump_filename.
This patch fixes it.

Signed-off-by: Wei Jiangang <weijg.fnst@cn.fujitsu.com>
Message-Id: <1459997185-15669-2-git-send-email-weijg.fnst@cn.fujitsu.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-14 12:25:14 +02:00
Laurent Vivier
8223f345b9 linux-user, trivial: display "0x%x" instead of "0x%d"
Display an exception number, generally defined as an hexadecimal
number (for instance, EXCP_HLT is 0x10001).

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-13 18:12:34 +03:00
Benjamin Herrenschmidt
4f5d326046 ppc: Stop dumping state on all exceptions in linux-user
Other archs don't do it, some programs catch signals just fine
and those dumps just clutter the output. Keep the dumps for cases
that aren't supposed to happen such as unknown codes.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-09-07 12:40:12 +10:00
Benjamin Herrenschmidt
ba4a8df83f ppc: Fix catching some segfaults in user mode
The usermode "translate" code generates an error code value that
has the "is_write" bit set, which causes our switch/case to miss
and display "Invalid segfault errno" and a spurrious second state
dump. Fix it.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-09-07 12:40:12 +10:00
Benjamin Herrenschmidt
bd6fefe71c ppc: Make tlb_fill() use new exception helper
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-09-07 12:40:03 +10:00