[Qemu-devel] [PULL v2 2/3] linux-user: check valid address in access

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL v2 2/3] linux-user: check valid address in access_ok(

From:	Laurent Vivier
Subject:	[Qemu-devel] [PULL v2 2/3] linux-user: check valid address in access_ok()
Date:	Fri, 19 Jul 2019 10:06:09 +0200

From: Rémi Denis-Courmont <address@hidden>

Fix a crash with LTP testsuite and aarch64:

  tst_test.c:1015: INFO: Timeout per run is 0h 05m 00s
  qemu-aarch64: .../qemu/accel/tcg/translate-all.c:2522: page_check_range: 
Assertion `start < ((target_ulong)1 << L1_MAP_ADDR_SPACE_BITS)' failed.
  qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x60001554

page_check_range() should never be called with address outside the guest
address space. This patch adds a guest_addr_valid() check in access_ok()
to only call page_check_range() with a valid address.

Fixes: f6768aa1b4c6 ("target/arm: fix AArch64 virtual address space size")
Signed-off-by: Rémi Denis-Courmont <address@hidden>
Signed-off-by: Laurent Vivier <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Laurent Vivier <address@hidden>
---
 include/exec/cpu_ldst.h | 4 ++++
 linux-user/qemu.h       | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
index 9de8c933031b..9151fdb042c4 100644
--- a/include/exec/cpu_ldst.h
+++ b/include/exec/cpu_ldst.h
@@ -62,7 +62,11 @@ typedef uint64_t abi_ptr;
 /* All direct uses of g2h and h2g need to go away for usermode softmmu.  */
 #define g2h(x) ((void *)((unsigned long)(abi_ptr)(x) + guest_base))
 
+#if HOST_LONG_BITS <= TARGET_VIRT_ADDR_SPACE_BITS
+#define guest_addr_valid(x) (1)
+#else
 #define guest_addr_valid(x) ((x) <= GUEST_ADDR_MAX)
+#endif
 #define h2g_valid(x) guest_addr_valid((unsigned long)(x) - guest_base)
 
 static inline int guest_range_valid(unsigned long start, unsigned long len)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index fab287b7ec50..4258e4162d26 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -456,7 +456,9 @@ extern unsigned long guest_stack_size;
 
 static inline int access_ok(int type, abi_ulong addr, abi_ulong size)
 {
-    return page_check_range((target_ulong)addr, size,
+    return guest_addr_valid(addr) &&
+           (size == 0 || guest_addr_valid(addr + size - 1)) &&
+           page_check_range((target_ulong)addr, size,
                             (type == VERIFY_READ) ? PAGE_READ : (PAGE_READ | 
PAGE_WRITE)) == 0;
 }
 
-- 
2.21.0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL v2 0/3] Linux user for 4.1 patches, Laurent Vivier, 2019/07/19
- [Qemu-devel] [PULL v2 2/3] linux-user: check valid address in access_ok(), Laurent Vivier <=
- [Qemu-devel] [PULL v2 3/3] linux-user: fix to handle variably sized SIOCGSTAMP with new kernels, Laurent Vivier, 2019/07/19
- [Qemu-devel] [PULL v2 1/3] linux-user: Fix structure target_ucontext for MIPS, Laurent Vivier, 2019/07/19
- Re: [Qemu-devel] [PULL v2 0/3] Linux user for 4.1 patches, Peter Maydell, 2019/07/19

Prev by Date: Re: [Qemu-devel] [PATCH] audio: Add missing fall through comments
Next by Date: [Qemu-devel] [PULL v2 0/3] Linux user for 4.1 patches
Previous by thread: [Qemu-devel] [PULL v2 0/3] Linux user for 4.1 patches
Next by thread: [Qemu-devel] [PULL v2 3/3] linux-user: fix to handle variably sized SIOCGSTAMP with new kernels
Index(es):
- Date
- Thread