[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] d869ff: linux-user/arm: Mark the commpage exe
|
From: |
Paolo Bonzini |
|
Subject: |
[Qemu-commits] [qemu/qemu] d869ff: linux-user/arm: Mark the commpage executable |
|
Date: |
Thu, 01 Sep 2022 13:41:32 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: d869ff5b9b3c58b00c509378cb9fb3d3d495d958
https://github.com/qemu/qemu/commit/d869ff5b9b3c58b00c509378cb9fb3d3d495d958
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M linux-user/arm/target_cpu.h
M linux-user/elfload.c
Log Message:
-----------
linux-user/arm: Mark the commpage executable
We're about to start validating PAGE_EXEC, which means
that we've got to mark the commpage executable. We had
been placing the commpage outside of reserved_va, which
was incorrect and lead to an abort.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: d6cf2ea8a5eb6a6e298424340318421555b48fe8
https://github.com/qemu/qemu/commit/d6cf2ea8a5eb6a6e298424340318421555b48fe8
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/hppa: Allocate page zero as a commpage
We're about to start validating PAGE_EXEC, which means that we've
got to mark page zero executable. We had been special casing this
entirely within translate.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 72083e612763dd00285bf2d528914f689a1f1feb
https://github.com/qemu/qemu/commit/72083e612763dd00285bf2d528914f689a1f1feb
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M linux-user/elfload.c
Log Message:
-----------
linux-user/x86_64: Allocate vsyscall page as a commpage
We're about to start validating PAGE_EXEC, which means that we've
got to mark the vsyscall page executable. We had been special
casing this entirely within translate.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: e479b5e64e4795639526c17aa1b598234ede7565
https://github.com/qemu/qemu/commit/e479b5e64e4795639526c17aa1b598234ede7565
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M include/elf.h
M linux-user/elfload.c
M linux-user/qemu.h
Log Message:
-----------
linux-user: Honor PT_GNU_STACK
Map the stack executable if required by default or on demand.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: da6dca16cea8213d17ec87f49fd2cf112442ab3b
https://github.com/qemu/qemu/commit/da6dca16cea8213d17ec87f49fd2cf112442ab3b
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M linux-user/mmap.c
Log Message:
-----------
linux-user: Clear translations on mprotect()
Currently it's possible to execute pages that do not have PAGE_EXEC
if there is an existing translation block. Fix by invalidating TBs
that touch the affected pages.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20220817150506.592862-2-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 6ae3a7313d11fd309b6648cbb7c19e32b6ab0991
https://github.com/qemu/qemu/commit/6ae3a7313d11fd309b6648cbb7c19e32b6ab0991
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M tests/tcg/i386/test-i386.c
Log Message:
-----------
tests/tcg/i386: Move smc_code2 to an executable section
We're about to start validating PAGE_EXEC, which means
that we've got to put this code into a section that is
both writable and executable.
Note that this test did not run on hardware beforehand either.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 7141bf7765313c5dee13d292d4483f87afd85e5b
https://github.com/qemu/qemu/commit/7141bf7765313c5dee13d292d4483f87afd85e5b
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M include/exec/translator.h
Log Message:
-----------
accel/tcg: Introduce is_same_page()
Introduce a function that checks whether a given address is on the same
page as where disassembly started. Having it improves readability of
the following patches.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20220811095534.241224-3-iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[rth: Make the DisasContextBase parameter const.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 806306342e4045e3a3730610e568fdf2a2c7afdd
https://github.com/qemu/qemu/commit/806306342e4045e3a3730610e568fdf2a2c7afdd
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
M accel/tcg/user-exec.c
M include/exec/exec-all.h
Log Message:
-----------
accel/tcg: Properly implement get_page_addr_code for user-only
The current implementation is a no-op, simply returning addr.
This is incorrect, because we ought to be checking the page
permissions for execution.
Make get_page_addr_code inline for both implementations.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: cd9ee086f58a9e67803af64ad400b0735a980e7b
https://github.com/qemu/qemu/commit/cd9ee086f58a9e67803af64ad400b0735a980e7b
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M accel/tcg/user-exec.c
Log Message:
-----------
accel/tcg: Unlock mmap_lock after longjmp
The mmap_lock is held around tb_gen_code. While the comment
is correct that the lock is dropped when tb_gen_code runs out
of memory, the lock is *not* dropped when an exception is
raised reading code for translation.
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: a96e7a00120c98678633e1c7f7bde09b9493c890
https://github.com/qemu/qemu/commit/a96e7a00120c98678633e1c7f7bde09b9493c890
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M include/exec/exec-all.h
Log Message:
-----------
accel/tcg: Make tb_htable_lookup static
The function is not used outside of cpu-exec.c. Move it and
its subroutines up in the file, before the first use.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 4e34fbf0de7fd739df4c0b5c0dd17b59ccbf181d
https://github.com/qemu/qemu/commit/4e34fbf0de7fd739df4c0b5c0dd17b59ccbf181d
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
M include/exec/cpu-common.h
M softmmu/physmem.c
Log Message:
-----------
accel/tcg: Move qemu_ram_addr_from_host_nofail to physmem.c
The base qemu_ram_addr_from_host function is already in
softmmu/physmem.c; move the nofail version to be adjacent.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 8d5f78cc046ba6db047393fe6514d77e61a8a6b1
https://github.com/qemu/qemu/commit/8d5f78cc046ba6db047393fe6514d77e61a8a6b1
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cputlb.c
Log Message:
-----------
accel/tcg: Use probe_access_internal for softmmu get_page_addr_code_hostp
Simplify the implementation of get_page_addr_code_hostp
by reusing the existing probe_access infrastructure.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: cc92e7767b1c6ba316d513a65f2c48f06b8ec73b
https://github.com/qemu/qemu/commit/cc92e7767b1c6ba316d513a65f2c48f06b8ec73b
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
Log Message:
-----------
accel/tcg: Document the faulting lookup in tb_lookup_cmp
It was non-obvious to me why we can raise an exception in
the middle of a comparison function, but it works.
While nearby, use TARGET_PAGE_ALIGN instead of open-coding.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: ffd080ed5d295b453454ffa7708751df58bc8563
https://github.com/qemu/qemu/commit/ffd080ed5d295b453454ffa7708751df58bc8563
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M include/exec/translator.h
M target/i386/tcg/translate.c
Log Message:
-----------
accel/tcg: Remove translator_ldsw
The only user can easily use translator_lduw and
adjust the type to signed during the return.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 603fd5ad229867038d142697cb0d48bfe060f59f
https://github.com/qemu/qemu/commit/603fd5ad229867038d142697cb0d48bfe060f59f
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M include/exec/exec-all.h
M include/exec/translator.h
M target/alpha/translate.c
M target/arm/translate.c
M target/avr/translate.c
M target/cris/translate.c
M target/hexagon/translate.c
M target/hppa/translate.c
M target/i386/tcg/translate.c
M target/loongarch/translate.c
M target/m68k/translate.c
M target/microblaze/translate.c
M target/mips/tcg/translate.c
M target/nios2/translate.c
M target/openrisc/translate.c
M target/ppc/translate.c
M target/riscv/translate.c
M target/rx/translate.c
M target/s390x/tcg/translate.c
M target/sh4/translate.c
M target/sparc/translate.c
M target/tricore/translate.c
M target/xtensa/translate.c
Log Message:
-----------
accel/tcg: Add pc and host_pc params to gen_intermediate_code
Pass these along to translator_loop -- pc may be used instead
of tb->pc, and host_pc is currently unused. Adjust all targets
at one time.
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 281db733304c8e51dec6965a4c086471e8f852f6
https://github.com/qemu/qemu/commit/281db733304c8e51dec6965a4c086471e8f852f6
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M include/exec/translator.h
Log Message:
-----------
accel/tcg: Add fast path for translator_ld*
Cache the translation from guest to host address, so we may
use direct loads when we hit on the primary translation page.
Look up the second translation page only once, during translation.
This obviates another lookup of the second page within tb_gen_code
after translation.
Fixes a bug in that plugin_insn_append should be passed the bytes
in the original memory order, not bswapped by pieces.
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 7b523bb52804abf583dbd303131119124dfc8767
https://github.com/qemu/qemu/commit/7b523bb52804abf583dbd303131119124dfc8767
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M target/s390x/tcg/translate.c
A tests/tcg/multiarch/noexec.c.inc
M tests/tcg/s390x/Makefile.target
A tests/tcg/s390x/noexec.c
Log Message:
-----------
target/s390x: Make translator stop before the end of a page
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220817150506.592862-3-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: e9b46c54ddec1877add3948cc084bb9b3fbcc1d4
https://github.com/qemu/qemu/commit/e9b46c54ddec1877add3948cc084bb9b3fbcc1d4
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M target/i386/tcg/translate.c
M tests/tcg/x86_64/Makefile.target
A tests/tcg/x86_64/noexec.c
Log Message:
-----------
target/i386: Make translator stop before the end of a page
Right now translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
An implementation, like the one arm and s390x have, would require an
i386 length disassembler, which is burdensome to maintain. Another
alternative would be to single-step at the end of a guest page, but
this may come with a performance impact.
Fix by snapshotting disassembly state and restoring it after we figure
out we crossed a page boundary. This includes rolling back cc_op
updates and emitted ops.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1143
Message-Id: <20220817150506.592862-4-iii@linux.ibm.com>
[rth: Simplify end-of-insn cross-page checks.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 4946c4027557c435a82cbf26952870fdbd11dd54
https://github.com/qemu/qemu/commit/4946c4027557c435a82cbf26952870fdbd11dd54
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M target/riscv/translate.c
Log Message:
-----------
target/riscv: Add MAX_INSN_LEN and insn_len
These will be useful in properly ending the TB.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 20011be2e30b8aa8ef1fc258485f00c688703deb
https://github.com/qemu/qemu/commit/20011be2e30b8aa8ef1fc258485f00c688703deb
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M target/riscv/translate.c
M tests/tcg/riscv64/Makefile.target
A tests/tcg/riscv64/noexec.c
Log Message:
-----------
target/riscv: Make translator stop before the end of a page
Right now the translator stops right *after* the end of a page, which
breaks reporting of fault locations when the last instruction of a
multi-insn translation block crosses a page boundary.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1155
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit: e5f2c67834bb3fef9f05b988ed80e78dab47930e
https://github.com/qemu/qemu/commit/e5f2c67834bb3fef9f05b988ed80e78dab47930e
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date: 2022-09-01 (Thu, 01 Sep 2022)
Changed paths:
M accel/tcg/cpu-exec.c
M accel/tcg/cputlb.c
M accel/tcg/translate-all.c
M accel/tcg/translator.c
M accel/tcg/user-exec.c
M include/elf.h
M include/exec/cpu-common.h
M include/exec/exec-all.h
M include/exec/translator.h
M linux-user/arm/target_cpu.h
M linux-user/elfload.c
M linux-user/mmap.c
M linux-user/qemu.h
M softmmu/physmem.c
M target/alpha/translate.c
M target/arm/translate.c
M target/avr/translate.c
M target/cris/translate.c
M target/hexagon/translate.c
M target/hppa/translate.c
M target/i386/tcg/translate.c
M target/loongarch/translate.c
M target/m68k/translate.c
M target/microblaze/translate.c
M target/mips/tcg/translate.c
M target/nios2/translate.c
M target/openrisc/translate.c
M target/ppc/translate.c
M target/riscv/translate.c
M target/rx/translate.c
M target/s390x/tcg/translate.c
M target/sh4/translate.c
M target/sparc/translate.c
M target/tricore/translate.c
M target/xtensa/translate.c
M tests/tcg/i386/test-i386.c
A tests/tcg/multiarch/noexec.c.inc
M tests/tcg/riscv64/Makefile.target
A tests/tcg/riscv64/noexec.c
M tests/tcg/s390x/Makefile.target
A tests/tcg/s390x/noexec.c
M tests/tcg/x86_64/Makefile.target
A tests/tcg/x86_64/noexec.c
Log Message:
-----------
Merge tag 'pull-tcg-20220901' of https://gitlab.com/rth7680/qemu into staging
Respect PROT_EXEC in user-only mode.
Fix s390x, i386 and riscv for translations crossing a page.
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmMQVlAdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8uaQgAssPSyq8KdEEBbWum
# Y8yCyOBY+rH7jknlulUxRpvBAgQq7NHH9AYIRwl4iWgCO9CpAS2Shz63VP/8pT9P
# auvuuWk+iu8dYZvVFMpvJjyeOODGfv4ns6aaVEcF4pQUcQEGIz2pfk9sVsVa3Vf0
# TiUctYnetBO8L6xKLzIbb5/9dc0hDWN0MdNIiMFZbki9Ru4zUrsvRF/8soZtGJVw
# z/p7ojroUmfrCA3rQEb9tiAxSg06s86UHVbhIFEyqU39qPXpZsrKStF4bvWwidam
# Py/omeJrQPqgq7KSxBqM68/acNVp9IGaAi13UkqOUrv+X0eLUwfchkX+GHy/K83R
# wyWcPg==
# =s4RE
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 01 Sep 2022 02:50:56 EDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>"
[full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* tag 'pull-tcg-20220901' of https://gitlab.com/rth7680/qemu:
target/riscv: Make translator stop before the end of a page
target/riscv: Add MAX_INSN_LEN and insn_len
target/i386: Make translator stop before the end of a page
target/s390x: Make translator stop before the end of a page
accel/tcg: Add fast path for translator_ld*
accel/tcg: Add pc and host_pc params to gen_intermediate_code
accel/tcg: Remove translator_ldsw
accel/tcg: Document the faulting lookup in tb_lookup_cmp
accel/tcg: Use probe_access_internal for softmmu get_page_addr_code_hostp
accel/tcg: Move qemu_ram_addr_from_host_nofail to physmem.c
accel/tcg: Make tb_htable_lookup static
accel/tcg: Unlock mmap_lock after longjmp
accel/tcg: Properly implement get_page_addr_code for user-only
accel/tcg: Introduce is_same_page()
tests/tcg/i386: Move smc_code2 to an executable section
linux-user: Clear translations on mprotect()
linux-user: Honor PT_GNU_STACK
linux-user/x86_64: Allocate vsyscall page as a commpage
linux-user/hppa: Allocate page zero as a commpage
linux-user/arm: Mark the commpage executable
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Compare: https://github.com/qemu/qemu/compare/c125b5520712...e5f2c67834bb
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] d869ff: linux-user/arm: Mark the commpage executable,
Paolo Bonzini <=