From nobody Tue Feb 10 09:10:52 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1591372683; cv=none; d=zohomail.com; s=zohoarc; b=BC2hK/+vGmWa1VRhaiS6lZEYSzpNp0Ev4PT+qNK4ss5yb+HKgv9tZHqj8qFdmNMmgCZcevpk2N5xpTi65dwyPZOR3uLAwc7uK8VMxrloQzNa5/R4g1Q9FFOsJabIvfFBpYTZ4lcPGYiqXdvniITmp2oJc+4D7YQU4aqWONpzh+k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591372683; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ou/1yLdNR/Td2p6rgjvxI8THzHHOh+I9GsvdOs07AMM=; b=N05fR95VNOnT7EwgjuJ9yJhvK8shd6WxS8zKJzfozoBIotrjcCxuHFReACE0s5EgRt5E5Occ4QqSxxEvM9N/04n3LFcG+5uApuEmMMKSF9HZq3bSQlL3ta/zvaSA4goLPGN5IKMEpYRWFPRZEg5znMOxs03qRliXKEUMOWEBttw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1591372683133709.0980170075235; Fri, 5 Jun 2020 08:58:03 -0700 (PDT) Received: from localhost ([::1]:48852 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jhEjJ-0001HY-QE for importer@patchew.org; Fri, 05 Jun 2020 11:58:01 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58390) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jhEbP-00041v-LB for qemu-devel@nongnu.org; Fri, 05 Jun 2020 11:49:51 -0400 Received: from mail-wm1-x341.google.com ([2a00:1450:4864:20::341]:52994) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jhEbO-0004MD-Fh for qemu-devel@nongnu.org; Fri, 05 Jun 2020 11:49:51 -0400 Received: by mail-wm1-x341.google.com with SMTP id r9so8877048wmh.2 for ; Fri, 05 Jun 2020 08:49:50 -0700 (PDT) Received: from zen.linaroharston ([51.148.130.216]) by smtp.gmail.com with ESMTPSA id j190sm11823001wmb.33.2020.06.05.08.49.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 08:49:44 -0700 (PDT) Received: from zen.lan (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id 3129C1FF9B; Fri, 5 Jun 2020 16:49:30 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Ou/1yLdNR/Td2p6rgjvxI8THzHHOh+I9GsvdOs07AMM=; b=uFjeECQGJhmpjJSX9xWl6GS9H2uG1KOKVQOLtLl4pfL9X7sUjGgOCwmhrJercWMRy3 9fBcZiROldGuVlirunkq9GJFB1FEuABDY1XTBucjKvYOTJqneANe3dJfAJPbLBDu/4aX DxbuAp4gHkCIr+lIA6eUqVYwX4t0xOgQqBNjtgzMMmbHN5jeicvyCbFA90UlztrFNIPb v7Ohe2TY4GOq+7atqQ2daTiRmIMpbAMvasB34l6KRFtD3dC3Z3MrltdoITo/zsxei/NO ayO58UN/r0qHjSQPwSmRohYrYTTn7IamxQHGBO7PGreZYZn+Fbkc2Xqy7wS2xBjH+gzX Fu2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Ou/1yLdNR/Td2p6rgjvxI8THzHHOh+I9GsvdOs07AMM=; b=lgSJsXwg8yAZZ7s9TAEr9YPJUUX4F8eic2WCZ3O/PjORMvSU6wHuP2sFAvUFwTmp+E uWhUexrY1lgQgN3BbMH6HvQkuoOqmAZ0BY+ZlmmP/lNenoM8FxWdbDBTFgsl5ZJauxD7 89kjg8/MHu0sB5fxGYA9bJObvHDREFb3UAvMiJ9S94ldEjEn1qFRJID4fl3/1pRx5HDQ fRKfpn6A2TRuRaGN794WKHpWkio0lw6+QdTSljWdOlWgy7FFB53JhMqq2ufY1Emy6Mdy QYfPetwcnKLqDeUFI2NPayB3xxb6nR5rzo+frmaNLydyebr6GSRuA71mnAXauymYnWBw l2sQ== X-Gm-Message-State: AOAM530nqP0GEYHiZT7UpOleqPdVGD/oNwhOCNgvlxMOeP49OIc/p8fZ F3RLQOLiKKkjhwSO11HSe9GbNg== X-Google-Smtp-Source: ABdhPJzjJysKDY3Jcd/Cdqp85W47q9lx7lR6kZdTsdKOGXx3dZANCe5i6fCLGG0FS/UWizphnexE/w== X-Received: by 2002:a1c:9ec4:: with SMTP id h187mr3266598wme.27.1591372189031; Fri, 05 Jun 2020 08:49:49 -0700 (PDT) From: =?UTF-8?q?Alex=20Benn=C3=A9e?= To: qemu-devel@nongnu.org Subject: [PATCH v1 12/14] linux-user: deal with address wrap for ARM_COMMPAGE on 32 bit Date: Fri, 5 Jun 2020 16:49:27 +0100 Message-Id: <20200605154929.26910-13-alex.bennee@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200605154929.26910-1-alex.bennee@linaro.org> References: <20200605154929.26910-1-alex.bennee@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::341; envelope-from=alex.bennee@linaro.org; helo=mail-wm1-x341.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Bug 1880225 <1880225@bugs.launchpad.net>, Riku Voipio , Richard Henderson , Laurent Vivier , Aleksandar Markovic , =?UTF-8?q?Alex=20Benn=C3=A9e?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) We rely on the pointer to wrap when accessing the high address of the COMMPAGE so it lands somewhere reasonable. However on 32 bit hosts we cannot afford just to map the entire 4gb address range. The old mmap trial and error code handled this by just checking we could map both the guest_base and the computed COMMPAGE address. We can't just manipulate loadaddr to get what we want so we introduce an offset which pgb_find_hole can apply when looking for a gap for guest_base that ensures there is space left to map the COMMPAGE afterwards. This is arguably a little inefficient for the one 32 bit value (kuser_helper_version) we need to keep there given all the actual code entries are picked up during the translation phase. Fixes: ee94743034b Bug: https://bugs.launchpad.net/qemu/+bug/1880225 Cc: Bug 1880225 <1880225@bugs.launchpad.net> Signed-off-by: Alex Benn=C3=A9e Tested-by: Aleksandar Markovic Cc: Richard Henderson Cc: Peter Maydell Message-Id: <20200527100546.29297-3-alex.bennee@linaro.org> --- v3 - base offset on ARM_COMMPAGE - ensure we MAP_FIXED the commpage - support offset in pgd_find_hole_fallback --- linux-user/elfload.c | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/linux-user/elfload.c b/linux-user/elfload.c index 475d243f3bd..b5cb21384a1 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -389,7 +389,7 @@ static bool init_guest_commpage(void) { void *want =3D g2h(ARM_COMMPAGE & -qemu_host_page_size); void *addr =3D mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE, - MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); =20 if (addr =3D=3D MAP_FAILED) { perror("Allocating guest commpage"); @@ -2113,7 +2113,8 @@ static void pgb_have_guest_base(const char *image_nam= e, abi_ulong guest_loaddr, * only dumbly iterate up the host address space seeing if the * allocation would work. */ -static uintptr_t pgd_find_hole_fallback(uintptr_t guest_size, uintptr_t br= k, long align) +static uintptr_t pgd_find_hole_fallback(uintptr_t guest_size, uintptr_t br= k, + long align, uintptr_t offset) { uintptr_t base; =20 @@ -2123,7 +2124,7 @@ static uintptr_t pgd_find_hole_fallback(uintptr_t gue= st_size, uintptr_t brk, lon while (true) { uintptr_t align_start, end; align_start =3D ROUND_UP(base, align); - end =3D align_start + guest_size; + end =3D align_start + guest_size + offset; =20 /* if brk is anywhere in the range give ourselves some room to gro= w. */ if (align_start <=3D brk && brk < end) { @@ -2138,7 +2139,7 @@ static uintptr_t pgd_find_hole_fallback(uintptr_t gue= st_size, uintptr_t brk, lon PROT_NONE, flags, -1, 0); if (mmap_start !=3D MAP_FAILED) { munmap((void *) align_start, guest_size); - return (uintptr_t) mmap_start; + return (uintptr_t) mmap_start + offset; } base +=3D qemu_host_page_size; } @@ -2147,7 +2148,7 @@ static uintptr_t pgd_find_hole_fallback(uintptr_t gue= st_size, uintptr_t brk, lon =20 /* Return value for guest_base, or -1 if no hole found. */ static uintptr_t pgb_find_hole(uintptr_t guest_loaddr, uintptr_t guest_siz= e, - long align) + long align, uintptr_t offset) { GSList *maps, *iter; uintptr_t this_start, this_end, next_start, brk; @@ -2161,7 +2162,7 @@ static uintptr_t pgb_find_hole(uintptr_t guest_loaddr= , uintptr_t guest_size, brk =3D (uintptr_t)sbrk(0); =20 if (!maps) { - return pgd_find_hole_fallback(guest_size, brk, align); + return pgd_find_hole_fallback(guest_size, brk, align, offset); } =20 /* The first hole is before the first map entry. */ @@ -2173,7 +2174,7 @@ static uintptr_t pgb_find_hole(uintptr_t guest_loaddr= , uintptr_t guest_size, =20 this_end =3D ((MapInfo *)iter->data)->start; next_start =3D ((MapInfo *)iter->data)->end; - align_start =3D ROUND_UP(this_start, align); + align_start =3D ROUND_UP(this_start + offset, align); =20 /* Skip holes that are too small. */ if (align_start >=3D this_end) { @@ -2223,6 +2224,7 @@ static void pgb_static(const char *image_name, abi_ul= ong orig_loaddr, { uintptr_t loaddr =3D orig_loaddr; uintptr_t hiaddr =3D orig_hiaddr; + uintptr_t offset =3D 0; uintptr_t addr; =20 if (hiaddr !=3D orig_hiaddr) { @@ -2236,18 +2238,19 @@ static void pgb_static(const char *image_name, abi_= ulong orig_loaddr, if (ARM_COMMPAGE) { /* * Extend the allocation to include the commpage. - * For a 64-bit host, this is just 4GiB; for a 32-bit host, - * the address arithmetic will wrap around, but the difference - * will produce the correct allocation size. + * For a 64-bit host, this is just 4GiB; for a 32-bit host we + * need to ensure there is space bellow the guest_base so we + * can map the commpage in the place needed when the address + * arithmetic wraps around. */ if (sizeof(uintptr_t) =3D=3D 8 || loaddr >=3D 0x80000000u) { - hiaddr =3D (uintptr_t)4 << 30; + hiaddr =3D (uintptr_t) 4 << 30; } else { - loaddr =3D ARM_COMMPAGE & -align; + offset =3D -(ARM_COMMPAGE & -align); } } =20 - addr =3D pgb_find_hole(loaddr, hiaddr - loaddr, align); + addr =3D pgb_find_hole(loaddr, hiaddr - loaddr, align, offset); if (addr =3D=3D -1) { /* * If ARM_COMMPAGE, there *might* be a non-consecutive allocation @@ -2282,7 +2285,7 @@ static void pgb_dynamic(const char *image_name, long = align) * just above that, and maximises the positive guest addresses. */ commpage =3D ARM_COMMPAGE & -align; - addr =3D pgb_find_hole(commpage, -commpage, align); + addr =3D pgb_find_hole(commpage, -commpage, align, 0); assert(addr !=3D -1); guest_base =3D addr; } --=20 2.20.1