[Qemu-devel] Re: [PATCH] fix qruncom compilation problems

[Stefano Bonifazi]

On 12/10/2010 09:53 AM, Paolo Bonzini wrote:
> On 12/09/2010 06:29 PM, Stefano Bonifazi wrote:
> > how can one think that addresses around zero are free for a mapping??
>
> Addresses around zero are always free, because if they weren't you 
> couldn't detect NULL pointer dereferences reliably.
>
> mmap-ing at zero thus is a tricky operation, because it removes the 
> possibility to detect NULL pointer dereferences.  What's worse, such 
> ability would be lost even for _kernel_ dereferences of NULL, thus 
> opening a large security hole for privilege-escalation or kernel 
> exploits.  So, mmap-ing addresses close to zero is restricted to root.
>
> Paolo

Hi!
Thank you! Very clear explanation! :)

- So why can't I simply change the following:
> vm86_mem = mmap((void *)0x00000000, 0x110000,
>                     PROT_WRITE | PROT_READ | PROT_EXEC,
>                     MAP_FIXED|MAP_ANON | MAP_PRIVATE, -1, 0);
> page_set_flags(0x00000000, 0x110000,
>                    PAGE_WRITE | PAGE_READ | PAGE_EXEC | PAGE_VALID);
into something like:
> > vm86_mem = mmap((void *)0x00000000, 0x110000,
> >                     PROT_WRITE | PROT_READ | PROT_EXEC,
> >                     MAP_ANON | MAP_PRIVATE, -1, 0);
> > page_set_flags(vm86_mem, 0x110000+vm86_mem,
> >                    PAGE_WRITE | PAGE_READ | PAGE_EXEC | PAGE_VALID);
?


- Any luck with the tcg fatal error? I am trying to understand how tcg 
works for fixing the error.. but it is so complicated! :)
Thank You again!
Best Regards!
Stefano B.