Replace __siginfo_t with target_pt_regs, and move si_mask
into target_signal_frame directly.
Extract save/restore functions for target_pt_regs. Adjust
for sparc64 tstate. Use proper get/put functions for psr.
Turns out we were already writing to si_mask twice, so no
need to handle that in the new functions.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-16-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Move target_reg_window up and use it. Fold structptr and xxargs
into xargs -- the use of a host pointer was incorrect anyway.
Rename the structure to target_stackf for consistency.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-15-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
All of the source and header files already defer to sparc
via #include. The syscall.tbl and syscallhdr.sh files
could not do the same, but are identical.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-12-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
There are only a few differences in sparc32 vs sparc64.
This fixes target_shmlba for sparc32plus, which is v9.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-8-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Share code between sparc32 and sparc64, removing a bit of pointless
difference wrt psr/tstate. Use sizeof(abi_ulong) for allocating
initial register window. Use TARGET_STACK_BIAS.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-7-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Move TARGET_STACK_BIAS from signal.c. Generic code cares about the
logical stack pointer, not the physical one that has a bias applied
for sparc64.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-6-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
In most cases we were already passing get_sp_from_cpustate
directly to the function. In other cases, we were passing
a local variable which already contained the same value.
In the rest of the cases, we were passing the stack pointer
out of env directly.
Reviewed by: Warner Losh <imp@bsdimp.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-5-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Now that we have exactly one call, it's easy to pass
in env instead of passing in the sp value.
Use target_save_altstack, which required env.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-4-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Note that target_restore_altstack uses the host memory
pointer that we have already verified, so TARGET_EFAULT
is not a possible return value.
Note that using -EFAULT was a bug.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-3-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Create a function to match target_save_altstack.
Fix some style and unlock issues in do_sigaltstack.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210426025334.1168495-2-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Some target are using llseek instead of _llseek like riscv,
nios2, hexagon, and openrisc.
Signed-off-by: Kito Cheng <kito.cheng@sifive.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210512101358.122781-1-kito.cheng@sifive.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Use bit masking instead of an if tree.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210423165413.338259-5-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
There is no such decoding in linux/arch/arm/nwfpe/fpmodule.c.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210423165413.338259-4-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Pull out the fpa11 emulation to a helper function.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210423165413.338259-2-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Syscall unshare did not have custom print function for strace, but it's argument is same as flags in clone syscall, so it can be easily implemented.
Also updated missing flags from clone_flags.
Signed-off-by: Matus Kysel <mkysel@tachyum.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210406144203.1020598-1-mkysel@tachyum.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
We can not use watchpoints in user-mode emulation because we
need the softmmu slow path to detect accesses to watchpointed
memory. This code is expanded as empty stub in "hw/core/cpu.h"
anyway, so we can drop it.
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210303214708.1727801-18-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
move the call for sysemu specifically in machine_run_board_init,
mirror the calling sequence for user mode too.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20210322132800.7470-23-cfontana@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Here's the first ppc pull request for qemu-6.1. It has a wide variety
of stuff accumulated during the 6.0 freeze. Highlights are:
* Multi-phase reset cleanups for PAPR
* Preliminary cleanups towards allowing !CONFIG_TCG for the ppc target
* Cleanup of AIL logic and extension to POWER10
* Further improvements to handling of hot unplug failures on PAPR
* Allow much larger numbers of CPU on pseries
* Support for the H_SCM_HEALTH hypercall
* Add support for the Pegasos II board
* Substantial cleanup to hflag handling
* Assorted minor fixes and cleanups
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAmCQ4ScACgkQbDjKyiDZ
s5KmNhAAsICdDqeu/jm1uhRCr0DDT/Wa6KE1xlglQ53ybWb5Hm2ae0Uwzti5ZWkt
T9yryObX++wiugbU5Dlx9eXTiJIPgTbDoBV1wfOa3a1BAxSEES1t70jwuwAXXBpX
mgU++SurQB70IB7vVvyXDi2Z592qGvMiKXqT0sdkfoexPHzAL0+KkQPyJZLeFchM
Ap/zRHAodXf9SuWAl+LwLXeb350jivXYXBWNcFRrBbOGpbVT0AJMYrk/TEa2ZIpi
SvbzAWuW+9mX0EOmk7JK5JfkT41cGNdcBcwd0bt4xyvUpmkXLaTMFDLVHj3HWSUn
PFA4RB3uKXyTfISVtWdxJBbFOzMpchI6lEiRJHCS+KuY7UsACqV1T/y54ATOUauC
ycLc9APgRaStdNPxfDl+xeFfoVb/f0mQsNwcmY1tv7z+3qE/trY9bMyrbgaebBFn
/TAkmPvXfwtAREnx8xF/57poarWUkvupGTQkANNosdFokpExmrLj8T0sKv90hh5Y
vkGf5zP4pYGN1Rs8qhOdHu+IjhVJvUl/L3LZYWcoMI6E61D8rGRc0Dkacx7gcja+
sluFi5Yh2fQn55y6LTi3049cB1wMd6wly0214F11RKoBswguiGuaqJmL4sNDO/s4
IcMCy5mg6C0jNZA5kHcdWmqsVzD2+XwP5J29n/LedlmgXoHYF+M=
=N0qr
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/dg-gitlab/tags/ppc-for-6.1-20210504' into staging
ppc patch queue 2021-05-04
Here's the first ppc pull request for qemu-6.1. It has a wide variety
of stuff accumulated during the 6.0 freeze. Highlights are:
* Multi-phase reset cleanups for PAPR
* Preliminary cleanups towards allowing !CONFIG_TCG for the ppc target
* Cleanup of AIL logic and extension to POWER10
* Further improvements to handling of hot unplug failures on PAPR
* Allow much larger numbers of CPU on pseries
* Support for the H_SCM_HEALTH hypercall
* Add support for the Pegasos II board
* Substantial cleanup to hflag handling
* Assorted minor fixes and cleanups
# gpg: Signature made Tue 04 May 2021 06:52:39 BST
# gpg: using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg: aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392
* remotes/dg-gitlab/tags/ppc-for-6.1-20210504: (46 commits)
hw/ppc/pnv_psi: Use device_cold_reset() instead of device_legacy_reset()
hw/ppc/spapr_vio: Reset TCE table object with device_cold_reset()
hw/intc/spapr_xive: Use device_cold_reset() instead of device_legacy_reset()
target/ppc: removed VSCR from SPR registration
target/ppc: Reduce the size of ppc_spr_t
target/ppc: Clean up _spr_register et al
target/ppc: Add POWER10 exception model
target/ppc: rework AIL logic in interrupt delivery
target/ppc: move opcode table logic to translate.c
target/ppc: code motion from translate_init.c.inc to gdbstub.c
spapr_drc.c: handle hotunplug errors in drc_unisolate_logical()
spapr.h: increase FDT_MAX_SIZE
spapr.c: do not use MachineClass::max_cpus to limit CPUs
ppc: Rename current DAWR macros and variables
target/ppc: POWER10 supports scv
target/ppc: Fix POWER9 radix guest HV interrupt AIL behaviour
docs/system: ppc: Add documentation for ppce500 machine
roms/u-boot: Bump ppce500 u-boot to v2021.04 to fix broken pci support
roms/Makefile: Update ppce500 u-boot build directory name
ppc/spapr: Add support for implement support for H_SCM_HEALTH
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmCPtbASHGxhdXJlbnRA
dml2aWVyLmV1AAoJEPMMOL0/L748I3wP/Al7yi77BMpts1t3lGMm7EBjKgkppnpr
wZYEM68bJonvvGiEKQjexn1CUfnDcq7f5SZkzcUNLI4oP57pyywb4/gshN0k/Zz8
uCDveMfnhbio2sqlXiMsH9TOhcv/4wtXAek/ghP7EOjkBvyXrAFIQ7eEPEB9cp+X
xxs9DxqfWmrGB6vt7Er78zjfUETSMa+UrheVLwbRMhJcc0Bg8hT2DCn9Lw6IjfOy
usWdrLTGc6qg1zdZzi8QR7jZ+bNx0h+aJLlm8M4cVitXq9v2wb3+6KdsOAeYioAE
AsnClw0m8j/xtMh3g4/hB4oCxMj0jRdZ9GIGs8Didw5ZwkXTRvFM1GK1PHxqX4pF
8xMW6Qq0bSUr4II6bPOukBUMUAnPYdkh+iHXsYSZG0I3u6VZLgMK3AXmKRukAYqe
kQ1lcRe3Lwsp2h+jMBBsbCWhwYdA3THFO4YO31cUaZ191A7z57905QMbqJG/H3HB
7IUBYBNbrhgysPsNBvY6Lr7yUJIocMgcfP36UHYcBPsDdZgjNCQZneJlkaRlQb8+
CtUSF8D614EguzGsWaIn3uBSm9THKKLd1rSXCyTSgrXDI285mXlKmEWZvm236ew0
OEmIz/Ach/R4268j76enYGa1aubsxnrphUfC3aePu0Wzd3QW4RxnCSq7wc4ARPw7
WTL7J00P578h
=aCeG
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-for-6.1-pull-request' into staging
Trivial patches pull request 20210503
# gpg: Signature made Mon 03 May 2021 09:34:56 BST
# gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/trivial-branch-for-6.1-pull-request: (23 commits)
hw/rx/rx-gdbsim: Do not accept invalid memory size
docs: More precisely describe memory-backend-*::id's user
scripts: fix generation update-binfmts templates
docs/system: Document the removal of "compat" property for POWER CPUs
mc146818rtc: put it into the 'misc' category
Do not include exec/address-spaces.h if it's not really necessary
Do not include cpu.h if it's not really necessary
Do not include hw/boards.h if it's not really necessary
Do not include sysemu/sysemu.h if it's not really necessary
hw: Do not include qemu/log.h if it is not necessary
hw: Do not include hw/irq.h if it is not necessary
hw: Do not include hw/sysbus.h if it is not necessary
hw: Remove superfluous includes of hw/hw.h
ui: Fix memory leak in qemu_xkeymap_mapping_table()
hw/usb: Constify VMStateDescription
hw/display/qxl: Constify VMStateDescription
hw/arm: Constify VMStateDescription
vmstate: Constify some VMStateDescriptions
Fix typo in CFI build documentation
hw/pcmcia: Do not register PCMCIA type if not required
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In save_user_regs, there are two bugs where we OR in a bit number
instead of the bit, clobbering the low bits of MSR. However:
The MSR_VR and MSR_SPE bits control the availability of the insns.
If the bits were not already set in MSR, then any attempt to access
those registers would result in SIGILL.
For linux-user, we always initialize MSR to the capabilities
of the cpu. We *could* add checks vs MSR where we currently
check insn_flags and insn_flags2, but we know they match.
Also, there's a stray cut-and-paste comment in restore.
Then, do not force little-endian binaries into big-endian mode.
Finally, use ppc_store_msr for the update to affect hflags.
Which is the reason none of these bugs were previously noticed.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210323184340.619757-10-richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Stop including cpu.h in files that don't need it.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210416171314.2074665-4-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Remove hexagon_env_get_cpu and replace with env_archcpu
Replace CPU(hexagon_env_get_cpu(env)) with env_cpu(env)
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1617930474-31979-5-git-send-email-tsimpson@quicinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Partially revert 09f679b62d, but only for the length arguments.
Instead of reverting to long, use ssize_t. Reinstate the > 0 check
in unlock_user.
Fixes: 09f679b62d
Reported-by: Coverity (CID 1446711)
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210315204004.2025219-1-richard.henderson@linaro.org>
[lv: remove superfluous semicolon]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
getsockopt(fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, *optval, *optlen)
syscall allows optval to be NULL/invalid if optlen points to a size of
zero. This allows userspace to query the length of the array they should
use to get the full membership list before allocating memory for said
list, then re-calling getsockopt with proper optval/optlen arguments.
Notable users of this pattern include systemd-networkd, which in the
(albeit old) version 237 tested, cannot start without this fix.
Signed-off-by: Frédéric Fortier <frf@ghgsat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210328180135.88449-1-frf@ghgsat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The kernel allows a NULL msg in recvfrom so that he size of the next
message may be queried before allocating a correctly sized buffer. This
change allows the syscall translator to pass along the NULL msg pointer
instead of returning early with EFAULT.
Signed-off-by: Zach Reizner <zachr@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <CAFNex=DvFCq=AQf+=19fTfw-T8eZZT=3NnFFm2JMFvVr5QgQyA@mail.gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
When setting up the pointer for the sigreturn stub in the return
address register (r14) we currently use the host frame address instead
of the guest frame address.
Note: This only caused problems if Qemu has been built with
--disable-pie (as it is in distros nowadays). Otherwise guest_base
defaults to 0 hiding the actual problem.
Signed-off-by: Andreas Krebbel <krebbel@linux.ibm.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210324185128.63971-1-krebbel@linux.ibm.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Arguably the target_cpu_copy_regs function for each architecture is
misnamed as a number of the architectures also take the opportunity to
fill out the TaskState structure. This could arguably be factored out
into common code but that would require a wider audit of the
architectures. For now just replicate for riscv so we can correctly
report semihosting information for SYS_HEAPINFO.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20210323165308.15244-9-alex.bennee@linaro.org>
Previously, guest_loaddr was not taken into account when returning an
address from pgb_find_hole when /proc/self/maps was unavailable which
caused an improper guest_base address to be calculated.
This could cause a SIGSEGV later in load_elf_image -> target_mmap for
ET_EXEC type images since the mmap MAP_FIXED flag is specified which
could clobber existing mappings at the address returnd by g2h().
mmap(0xd87000, 16846912, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE|0x100000, -1, 0) = 0xd87000
munmap(0xd87000, 16846912) = 0
write(2, "Locating guest address space @ 0"..., 40Locating guest address space @ 0xd87000) = 40
mmap(0x1187000, 16850944, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x1187000
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x2188310} ---
+++ killed by SIGSEGV +++
Now, pgd_find_hole accounts for guest_loaddr in this scenario.
Fixes: ad592e37df ("linux-user: provide fallback pgd_find_hole for bare chroots")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210131061948.15990-1-vfazio@xes-inc.com>
[lv: updated it to check if ret == -1]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Previously, pgd_find_hole_fallback assumed that if the build host's libc
had MAP_FIXED_NOREPLACE defined that the address returned by mmap would
match the requested address. This is not a safe assumption for Linux
kernels prior to 4.17
Now, we always compare mmap's resultant address with the requested
address and no longer short-circuit based on MAP_FIXED_NOREPLACE.
Fixes: 2667e069e7 ("linux-user: don't use MAP_FIXED in pgd_find_hole_fallback")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210131061930.14554-1-vfazio@xes-inc.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Previously, if the build host's libc did not define MAP_FIXED_NOREPLACE
or if the running kernel didn't support that flag, it was possible for
pgd_find_hole_fallback to munmap an incorrect address which could lead to
SIGSEGV if the range happened to overlap with the mapped address of the
QEMU binary.
mmap(0x1000, 22261224, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x7f889d331000
munmap(0x1000, 22261224) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x84b817} ---
++ killed by SIGSEGV +++
Now, always munmap the address returned by mmap.
Fixes: 2667e069e7 ("linux-user: don't use MAP_FIXED in pgd_find_hole_fallback")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210131061849.12615-1-vfazio@xes-inc.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Add --preserve-argv0 in qemu-binfmt-conf.sh to configure the preserve-argv0
flag.
This patch allows to use new flag in AT_FLAGS to detect if
preserve-argv0 is configured for this interpreter:
argv[0] (the full pathname provided by binfmt-misc) is removed and
replaced by argv[1] (the original argv[0] provided by binfmt-misc when
'P'/preserve-arg[0] is set)
For instance with this patch and kernel support for AT_FLAGS:
$ sudo chroot m68k-chroot sh -c 'echo $0'
sh
without this patch:
$ sudo chroot m68k-chroot sh -c 'echo $0'
/usr/bin/sh
The new flag is available in kernel (v5.12) since:
2347961b11d4 ("binfmt_misc: pass binfmt_misc flags to the interpreter")
This can be tested with something like:
# cp ..../qemu-ppc /chroot/powerpc/jessie
# qemu-binfmt-conf.sh --qemu-path / --systemd ppc --credential yes \
--persistent no --preserve-argv0 yes
# systemctl restart systemd-binfmt.service
# cat /proc/sys/fs/binfmt_misc/qemu-ppc
enabled
interpreter //qemu-ppc
flags: POC
offset 0
magic 7f454c4601020100000000000000000000020014
mask ffffffffffffff00fffffffffffffffffffeffff
# chroot /chroot/powerpc/jessie sh -c 'echo $0'
sh
# qemu-binfmt-conf.sh --qemu-path / --systemd ppc --credential yes \
--persistent no --preserve-argv0 no
# systemctl restart systemd-binfmt.service
# cat /proc/sys/fs/binfmt_misc/qemu-ppc
enabled
interpreter //qemu-ppc
flags: OC
offset 0
magic 7f454c4601020100000000000000000000020014
mask ffffffffffffff00fffffffffffffffffffeffff
# chroot /chroot/powerpc/jessie sh -c 'echo $0'
/bin/sh
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210222105004.1642234-1-laurent@vivier.eu>
The guest binary and libraries are not always map with the
executable bit in the host process. The guest may read a
/proc/self/maps with no executable address range. The
perm fields should be based on the guest permission inside
Qemu.
Signed-off-by: Nicolas Surbayrole <nsurbayrole@quarkslab.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210308091959.986540-1-nsurbayrole@quarkslab.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
- add warning text to quickstart example
- add CFI tests to CI
- use --arch-only for docker pre-requisites
- fix .editorconfig for emacs
- add guest-loader for Xen-like hypervisor testing
- move generic-loader docs into manual proper
- move semihosting out of hw/
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmBI50MACgkQ+9DbCVqe
KkSyKggAhPZW+7sReVEsFdnVfwuo3evW7auoW44mghNbikTnm3RfoahYTrek8lGZ
AEo2gFMbzENW0j88e0OvSYYtwkVz3sD68bygfXerti6sQwWlwkf42I/suWjJNLph
oVKGEEdJess9+zR13Cu6RAq5RaTwzDPGPjUwTbeJPpAps4+UZV3hsxhaxs8keII6
GBa/idnh0qEApP2NDLKiSASrYZM7xGvljE7zO4qhchd6iSH/o5rCtkoB2tRCcXGo
+KF8LyBsUNf7GiWp0yYZMZUQ3Pqskqma8N3d2A4UlS1kXvxeX/FiORkG/Ne8bH1Z
VZ1Z/xbyXGlVkiP1bcoYSc6XWHNDTw==
=R9zQ
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-docs-xen-updates-100321-2' into staging
Testing, guest-loader and other misc tweaks
- add warning text to quickstart example
- add CFI tests to CI
- use --arch-only for docker pre-requisites
- fix .editorconfig for emacs
- add guest-loader for Xen-like hypervisor testing
- move generic-loader docs into manual proper
- move semihosting out of hw/
# gpg: Signature made Wed 10 Mar 2021 15:35:31 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-testing-docs-xen-updates-100321-2:
semihosting: Move hw/semihosting/ -> semihosting/
semihosting: Move include/hw/semihosting/ -> include/semihosting/
tests/avocado: add boot_xen tests
docs: add some documentation for the guest-loader
docs: move generic-loader documentation into the main manual
hw/core: implement a guest-loader to support static hypervisor guests
device_tree: add qemu_fdt_setprop_string_array helper
hw/riscv: migrate fdt field to generic MachineState
hw/board: promote fdt from ARM VirtMachineState to MachineState
.editorconfig: update the automatic mode setting for Emacs
tests/docker: Use --arch-only when building Debian cross image
gitlab-ci.yml: Add jobs to test CFI flags
gitlab-ci.yml: Allow custom # of parallel linkers
tests/docker: add a test-tcg for building then running check-tcg
docs/system: add a gentle prompt for the complexity to come
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We want to move the semihosting code out of hw/ in the next patch.
This patch contains the mechanical steps, created using:
$ git mv include/hw/semihosting/ include/
$ sed -i s,hw/semihosting,semihosting, $(git grep -l hw/semihosting)
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210226131356.3964782-2-f4bug@amsat.org>
Message-Id: <20210305135451.15427-2-alex.bennee@linaro.org>
TILE-Gx was only implemented in linux-user mode, but support for this CPU
was removed from the upstream Linux kernel in 2018, and it has also been
dropped from glibc, so there is no new Linux development taking place with
this architecture. For running the old binaries, users can simply use older
versions of QEMU.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210224183952.80463-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
The primary motivation is to remove a dozen insns along
the fast-path in tb_lookup. As a byproduct, this allows
us to completely remove parallel_cpus.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Implementation of Linux user emulation for Hexagon
Some common files modified in addition to new files in linux-user/hexagon
Acked-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1612763186-18161-31-git-send-email-tsimpson@quicinc.com>
[rth: Fix termbits.h on review by Laurent]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The real kernel collects _TIF_MTE_ASYNC_FAULT into the current thread's
state on any kernel entry (interrupt, exception etc), and then delivers
the signal in advance of resuming the thread.
This means that while the signal won't be delivered immediately, it will
not be delayed forever -- at minimum it will be delivered after the next
clock interrupt.
We don't have a clock interrupt in linux-user, so we issue a cpu_kick
to signal a return to the main loop at the end of the current TB.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-29-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-28-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
A proper syndrome is required to fill in the proper si_code.
Use page_get_flags to determine permission vs translation for user-only.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-27-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Remember the PROT_MTE bit as PAGE_MTE/PAGE_TARGET_2.
Otherwise this does not yet have effect.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-25-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These prctl fields are required for the function of MTE.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-24-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is the prctl bit that controls whether syscalls accept tagged
addresses. See Documentation/arm64/tagged-address-abi.rst in the
linux kernel.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-21-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Resolve the untagged address once, using thread_cpu.
Tidy the DEBUG_REMAP code using glib routines.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-20-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For copy_*_user, only 0 and -TARGET_EFAULT are returned; no need
to involve abi_long. Use size_t for lengths. Use bool for the
lock_user copy argument. Use ssize_t for target_strlen, because
we can't overflow the host memory space.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210212184902.1251044-19-richard.henderson@linaro.org
[PMM: moved fix for ifdef error to previous commit]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These functions are not small, except for unlock_user
without debugging enabled. Move them out of line, and
add missing braces on the way.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210212184902.1251044-18-richard.henderson@linaro.org
[PMM: fixed the sense of an ifdef test in qemu.h]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Provide both tagged and untagged versions of access_ok.
In a few places use thread_cpu, as the user is several
callees removed from do_syscall1.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-17-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The places that use these are better off using untagged
addresses, so do not provide a tagged versions. Rename
to make it clear about the address type.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-16-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We're currently open-coding the range check in access_ok;
use guest_range_valid when size != 0.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-15-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We define target_mmap et al as untagged, so that they can be
used from the binary loaders. Explicitly call cpu_untagged_addr
for munmap, mprotect, mremap syscall entry points.
Add a few comments for the syscalls that are exempted by the
kernel's tagged-address-abi.rst.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-14-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use g2h_untagged in contexts that have no cpu, e.g. the binary
loaders that operate before the primary cpu is created. As a
colollary, target_mmap and friends must use untagged addresses,
since they are used by the loaders.
Use g2h_untagged on values returned from target_mmap, as the
kernel never applies a tag itself.
Use g2h_untagged on all pc values. The only current user of
tags, aarch64, removes tags from code addresses upon branch,
so "pc" is always untagged.
Use g2h with the cpu context on hand wherever possible.
Use g2h_untagged in lock_user, which will be updated soon.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-13-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
These constants are only ever used with access_ok, and friends.
Rather than translating them to PAGE_* bits, let them equal
the PAGE_* bits to begin.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Verify that addr + size - 1 does not wrap around.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is more descriptive than 'unsigned long'.
No functional change, since these match on all linux+bsd hosts.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210212184902.1251044-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Record whether the backing page is anonymous, or if it has file
backing. This will allow us to get close to the Linux AArch64
ABI for MTE, which allows tag memory only on ram-backed VMAs.
The real ABI allows tag memory on files, when those files are
on ram-backed filesystems, such as tmpfs. We will not be able
to implement that in QEMU linux-user.
Thankfully, anonymous memory for malloc arenas is the primary
consumer of this feature, so this restricted version should
still be of use.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This data can be allocated by page_alloc_target_data() and
released by page_set_flags(start, end, prot | PAGE_RESET).
This data will be used to hold tag memory for AArch64 MTE.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210212184902.1251044-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Recognise the R5900, which reports itself as MIPS III, as a 64-bit CPU
supporting the n32 ABI.
Signed-off-by: Fredrik Noring <noring@nocrew.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <5bea109f0c140da6a821aa7f9705d4b3717e86dc.1541701393.git.noring@nocrew.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
These were defined for other platforms but mistakenly left out of mips
and generic, so this commit adds them to the places missing. Then it
makes them be translated in getsockopt.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210204153925.2030606-1-Jason@zx2c4.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The sizeof(struct ifreq) is 40 for 64 bit and 32 for 32 bit architectures.
This structure contains a union of other structures, of which struct ifmap
is the biggest for 64 bit architectures. Calling ioclt(…, SIOCGIFCONF, …)
fills a struct sockaddr of that union, and do_ioctl_ifconf() only considered
that struct sockaddr for the size of the union, which has the same size as
struct ifmap on 32 bit architectures. So do_ioctl_ifconf() assumed a wrong
size of 32 for struct ifreq instead of the correct size of 40 on 64 bit
architectures.
The fix makes do_ioctl_ifconf() handle struct ifmap as the biggest part of
the union, treating struct ifreq with the correct size.
Signed-off-by: Stefan <stefan-guix@vodafonemail.de>
Message-Id: <60AA0765-53DD-43D1-A3D2-75F1778526F6@vodafonemail.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
If mremap() is called without the MREMAP_MAYMOVE flag with a start address
just before the end of memory (reserved_va) where new_size would exceed
it (and GUEST_ADDR_MAX), the assert(end - 1 <= GUEST_ADDR_MAX) in
page_set_flags() would trigger.
Add an extra guard to the guest_range_valid() checks to prevent this and
avoid asserting binaries when reserved_va is set.
This meant a bug I was seeing locally now gives the same behaviour
regardless of whether reserved_va is set or not.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <70c46e7b999bafbb01d54bfafd44b420d0b782e9.camel@linuxfoundation.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Some ELF binaries encode the .bss section as an extension of the data
ones by setting the segment p_memsz > p_filesz. Some other binaries take
a different route and encode it as a stand-alone PT_LOAD segment with
p_filesz = 0 and p_memsz > 0.
Both the encodings are actually correct per ELF specification but the
ELF loader had some troubles in handling the former: with the old logic
it was very likely to get Qemu to crash in zero_bss when trying to
access unmapped memory.
zero_bss isn't meant to allocate whole zero-filled segments but to
"complete" a previously mapped segment with the needed zero bits.
The fix is pretty simple, if the segment is completely zero-filled we
simply allocate one or more pages (according to p_memsz) and avoid
calling zero_bss altogether.
Signed-off-by: Giuseppe Musacchio <thatlemon@gmail.com>
Message-Id: <c9106487-dc4d-120a-bd48-665b3c617287@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
On the hppa target userspace binaries may call signalfd4() and
eventfd2() with an old TARGET_O_NONBLOCK value of 000200004 instead of
000200000 for the "mask" syscall parameter, in which case the current
emulation doesn't handle the translation to the native O_NONBLOCK value
correctly.
The 0x04 bit is not masked out before the new O_NONBLOCK bit is set and
as such when calling the native syscall errors out with EINVAL.
Fix this by introducing TARGET_O_NONBLOCK_MASK which is used to mask off
all possible bits. This define defaults to TARGET_O_NONBLOCK when not
defined otherwise, so for all other targets the implementation will
behave as before.
This patch needs to be applied on top of my previous two patches.
Bug was found and patch was verified by using qemu-hppa as debian buildd
server on x86_64.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210210061214.GA221322@ls3530.fritz.box>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Historically the parisc linux port tried to be compatible with HP-UX
userspace and as such defined the O_NONBLOCK constant to 0200004 to
emulate separate NDELAY & NONBLOCK values.
Since parisc was the only Linux platform which had two bits set, this
produced various userspace issues. Finally it was decided to drop the
(never completed) HP-UX compatibilty, which is why O_NONBLOCK was
changed upstream to only have one bit set in future with this commit:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75ae04206a4d0e4f541c1d692b7febd1c0fdb814
This patch simply adjusts the value for qemu-user too.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210201220551.GA8015@ls3530.fritz.box>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The hppa and alpha targets miss the #define of the TARGET___O_TMPFILE
and as such fail to run a trivial symlink command like
ln -s /bin/bash /tmp
which results in an -EINVAL return code.
Adding the define fixes the problem.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210201155922.GA18291@ls3530.fritz.box>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
When mapping the host waitid status to the target status we previously
just used decoding information in the status value. This doesn't follow
what the waitid documentation describes, which instead suggests using
the si_code value for the decoding. This results in the incorrect values
seen when calling waitid. This is especially apparent on RV32 where all
wait calls use waitid (see the bug case).
This patch just passes the waitid status directly back to the guest.
Buglink: https://bugs.launchpad.net/qemu/+bug/1906193
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Tested-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1fb2d56aa23a81f4473e638abe9e2d78c09a3d5b.1611080607.git.alistair.francis@wdc.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
64-bit MIPS targets lost setup_frame() during the refactor in commit
8949bef18b. Restore it declaring TARGET_ARCH_HAS_SETUP_FRAME, to be
able to build the o32 ABI target.
Fixes: 8949bef18b ("linux-user: move mips/mips64 signal.c parts to mips directory")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201119161710.1985083-2-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This will allow us to centralize the registration of
the cpus.c module accelerator operations (in accel/accel-softmmu.c),
and trigger it automatically using object hierarchy lookup from the
new accel_init_interfaces() initialization step, depending just on
which accelerators are available in the code.
Rename all tcg-cpus.c, kvm-cpus.c, etc to tcg-accel-ops.c,
kvm-accel-ops.c, etc, matching the object type names.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20210204163931.7358-18-cfontana@suse.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
These lock types are unsupported by Linux since v2.2[0][1] and
always return EINVAL (except on SPARC up until v2.6, which just
warned).
musl libc does not define these constants, so just remove them from
the translation cases.
[0] https://github.com/mpe/linux-fullhistory/blob/v2.2.0/fs/locks.c#L322-L324
[1] https://github.com/mpe/linux-fullhistory/blob/v2.2.0/fs/locks.c#L429-L445
Signed-off-by: Michael Forney <mforney@mforney.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210114223602.9004-1-mforney@mforney.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
SOL_UDP manipulate options at UDP level. All six options currently defined
in linux source include/uapi/linux/udp.h take integer values.
Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-3-scw@google.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Also reorder blocks so that they are all in the same order everywhere.
Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201218193213.3566856-2-scw@google.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This could made testing more easier and ARM/AArch64 has supported on
their linux user mode too, so I think it should be reasonable.
Verified GCC testsuite with newlib/semihosting.
Signed-off-by: Kito Cheng <kito.cheng@sifive.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210107170717.2098982-7-keithp@keithp.com>
Message-Id: <20210108224256.2321-18-alex.bennee@linaro.org>
Adapt the arm semihosting support code for RISCV. This implementation
is based on the standard for RISC-V semihosting version 0.2 as
documented in
https://github.com/riscv/riscv-semihosting-spec/releases/tag/0.2
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20210107170717.2098982-6-keithp@keithp.com>
Message-Id: <20210108224256.2321-17-alex.bennee@linaro.org>
The public API is now defined in
hw/semihosting/common-semi.h. do_common_semihosting takes CPUState *
instead of CPUARMState *. All internal functions have been renamed
common_semi_ instead of arm_semi_ or arm_. Aside from the API change,
there are no functional changes in this patch.
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20210107170717.2098982-3-keithp@keithp.com>
Message-Id: <20210108224256.2321-14-alex.bennee@linaro.org>
This commit renames two files which provide ARM semihosting support so
that they can be shared by other architectures:
1. target/arm/arm-semi.c -> hw/semihosting/common-semi.c
2. linux-user/arm/semihost.c -> linux-user/semihost.c
The build system was modified use a new config variable,
CONFIG_ARM_COMPATIBLE_SEMIHOSTING, which has been added to the ARM
softmmu and linux-user default configs. The contents of the source
files has not been changed in this patch.
Signed-off-by: Keith Packard <keithp@keithp.com>
[AJB: rename arm-compat-semi, select SEMIHOSTING]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210107170717.2098982-2-keithp@keithp.com>
Message-Id: <20210108224256.2321-13-alex.bennee@linaro.org>
gdb_exit() has never needed anything from env and I doubt we are going
to start now.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210108224256.2321-8-alex.bennee@linaro.org>
Extract FPU specific helpers from "internal.h" to "fpu_helper.h".
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201120210844.2625602-2-f4bug@amsat.org>
The MIPS ISA release 6 is common to 32/64-bit CPUs.
To avoid holes in the insn_flags type, update the
definition with the next available bit.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210104221154.3127610-16-f4bug@amsat.org>
The MIPS ISA release 2 is common to 32/64-bit CPUs.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210104221154.3127610-13-f4bug@amsat.org>
Use the single ISA_MIPS32R6 definition to check if the Release 6
ISA is supported, whether the CPU support 32/64-bit.
For now we keep '32' in the definition name, we will rename it
as ISA_MIPS_R6 in few commits.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210104221154.3127610-11-f4bug@amsat.org>
Use the single ISA_MIPS32R2 definition to check if the Release 2
ISA is supported, whether the CPU support 32/64-bit.
For now we keep '32' in the definition name, we will rename it
as ISA_MIPS_R2 in few commits.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210104221154.3127610-8-f4bug@amsat.org>
Plumb the value through to alloc_code_gen_buffer. This is not
supported by any os or tcg backend, so for now enabling it will
result in an error.
Reviewed-by: Joelle van Dyne <j@getutm.app>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This fixes the build for older ppc64 kernel headers.
Fixes: 6addf06a3c
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Correctly implement save/restore of the tstate field in
sparc64_get_context() and sparc64_set_context():
* Don't use the CWP value from the guest in set_context
* Construct and save a tstate value rather than leaving
it as zero in get_context
To do this we factor out the "calculate TSTATE value from CPU state"
code from sparc_cpu_do_interrupt() into its own sparc64_tstate()
function; that in turn requires us to move some of the function
prototypes out from inside a CPU_NO_IO_DEFS ifdef guard.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-5-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The kernel does not restore the g7 register in sparc64_set_context();
neither should we. (We still save it in sparc64_get_context().)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-4-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Unlike the kernel macros, our __get_user() and __put_user() do not
return a failure code. Kernel code typically has a style of
err |= __get_user(...); err |= __get_user(...);
and then checking err at the end. In sparc64_get_context() our
version of the code dropped the accumulating into err but left the
"if (err) goto do_sigsegv" checks, which will never be taken. Delete
unnecessary if()s.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-3-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The handling of the FPU state in sparc64_get_context() and
sparc64_set_context() is not the same as what the kernel actually
does: we unconditionally read and write the FP registers and the
FSR, GSR and FPRS, but the kernel logic is more complicated:
* in get_context the kernel has code for saving FPU registers,
but it is hidden inside an "if (fenab) condition and the
fenab flag is always set to 0 (inside an "#if 1" which has
been in the kernel for over 15 years). So the effect is that
the FPU state part is always written as zeroes.
* in set_context the kernel looks at the fenab field in the
structure from the guest, and only restores the state if
it is set; it also looks at the structure's FPRS to see
whether either the upper or lower or both halves of the
register file have valid data.
Bring our implementations into line with the kernel:
* in get_context:
- clear the entire target_ucontext at the top of the
function (as the kernel does)
- then don't write the FPU state, so those fields remain zero
- this fixes Coverity issue CID 1432305 by deleting the code
it was complaining about
* in set_context:
- check the fenab and the fpsr to decide which parts of
the FPU data to restore, if any
- instead of setting the FPU registers by doing two
32-bit loads and filling in the .upper and .lower parts
of the CPU_Double union separately, just do a 64-bit
load of the whole register at once. This fixes Coverity
issue CID 1432303 because we now access the dregs[] part
of the mcfpu_fregs union rather than the sregs[] part
(which is not large enough to actually cover the whole of
the data, so we were accessing off the end of sregs[])
We change both functions in a single commit to avoid potentially
breaking bisection.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-2-peter.maydell@linaro.org>
[lv: fix FPRS_DU loop s/31/32/]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The three options handling `struct sock_fprog` (TUNATTACHFILTER,
TUNDETACHFILTER, and TUNGETFILTER) are not implemented. Linux kernel
keeps a user space pointer in them which we cannot correctly handle.
Signed-off-by: Josh Kunz <jkz@google.com>
Signed-off-by: Shu-Chun Weng <scw@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200929014801.655524-1-scw@google.com>
[lv: use 0 size in unlock_user()]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvm361eer3n.fsf@suse.de>
[lv: copy back offset only if there is no error]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Userland ELF binaries using Loongson SIMD instructions have the
HWCAP_LOONGSON_MMI bit set [1].
Binaries compiled for Loongson 3A [2] have the HWCAP_LOONGSON_EXT
bit set for the LQ / SQ instructions.
[1] commit 8e2d5831e4 ("target/mips: Legalize Loongson insn flags")
[2] commit af868995e1 ("target/mips: Add Loongson-3 CPU definition")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-7-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
ISA features are usually denoted in read-only bits from
CPU registers. Add the GET_FEATURE_REG_EQU() macro which
checks if a CPU register has bits set to a specific value.
Use the macro to check the 'Architecture Revision' level
of the Config0 register, which is '2' when the Release 6
ISA is implemented.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-5-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
ISA features are usually denoted in read-only bits from
CPU registers. Add the GET_FEATURE_REG_SET() macro which
checks if a CPU register has bits set.
Use the macro to check for MSA (which sets the MSAP bit of
the Config3 register when the ASE implementation is present).
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-4-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
We want to add macros similar to GET_FEATURE().
As this one use the 'insn_flags' field, rename it
GET_FEATURE_INSN().
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-3-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
As we are going to add more macros, keep the function body clear.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-2-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
If mremap succeeds, an additional check is performed to ensure that the
new address range fits into the target address space. This check was
previously perfomed in host address space, with the upper bound fixed to
abi_ulong.
This patch replaces the static check with a call to `guest_range_valid`,
performing the range check against the actual size of the target address
space. It also moves the corresponding block to prevent it from being
called incorrectly when the mapping itself fails.
Signed-off-by: Tobias Koch <tobias.koch@nonterra.com>
Message-Id: <20201028213833.26592-1-tobias.koch@nonterra.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
QEMU requires Clang or GCC, that define and support __GNUC__ extensions.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20201210134752.780923-13-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu_finish_machine_init currently can only exit QEMU if it fails.
Prepare for giving it proper error propagation, and possibly for
adding a plugin_add monitor command that calls an accelerator
method.
While at it, make all errors from plugin_load look the same.
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This check can be done in a much shorter way in meson.build. And while
we're at it, rename the #define to HAVE_BTRFS_H to match the other
HAVE_someheader_H symbols that we already have.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201118171052.308191-7-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This check can be done in a much shorter way in meson.build. And while
we're at it, rename the #define to HAVE_SYS_KCOV_H to match the other
HAVE_someheader_H symbols that we already have.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201118171052.308191-6-thuth@redhat.com>
[lv: s/signal/kcov/]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The Linux kernel doesn't use the official bkpt insn for breakpoints;
instead it uses three instructions in the guaranteed-to-UNDEF space,
and generates SIGTRAP for these rather than the SIGILL that most
UNDEF insns generate:
https://elixir.bootlin.com/linux/v5.9.8/source/arch/arm/kernel/ptrace.c#L197
Make QEMU treat these insns specially too. The main benefit of this
is that if you're running a debugger on a guest program that runs
into a GCC __builtin_trap() or LLVM "trap because execution should
never reach here" then you'll get the expected signal rather than a
SIGILL.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201117155634.6924-1-peter.maydell@linaro.org
With iproute2-5.8.0, the route, link and addr show commands fail:
root@sid:~# ip addr show
RTNETLINK answers: Unknown error 352321537
Dump terminated
root@sid:~# ip link show
RTNETLINK answers: Unknown error 352321537
Dump terminated
root@sid:~# ip route show
RTNETLINK answers: Unknown error 352321537
Dump terminated
This patch correctly decodes the GETROUTE and GETLINK commands and adds
the RTA_TABLE message.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201116163622.791442-1-laurent@vivier.eu>
There is no "version 2" of the "Lesser" General Public License.
It is either "GPL version 2.0" or "Lesser GPL version 2.1".
This patch replaces all occurrences of "Lesser GPL version 2" with
"Lesser GPL version 2.1" in comment section.
Signed-off-by: Chetan Pant <chetan4windows@gmail.com>
Message-Id: <20201023122455.19417-1-chetan4windows@gmail.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
It is not needed, all the callers are just saving what was
retrieved from -trace and trace_init_file can retrieve it
on its own.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20201102115841.4017692-1-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
From 894bb5172705e46a3a04c93b4962c0f0cafee814 Mon Sep 17 00:00:00 2001
From: Giuseppe Musacchio <thatlemon@gmail.com>
Date: Fri, 17 Apr 2020 17:25:07 +0200
Subject: [PATCH] linux-user: Prevent crash in epoll_ctl
The `event` parameter is ignored by the kernel if `op` is EPOLL_CTL_DEL,
do the same and avoid returning EFAULT if garbage is passed instead of a
valid pointer.
Signed-off-by: Giuseppe Musacchio <thatlemon@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <a244fa67-dace-abdb-995a-3198bd80fee8@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Some platforms used the wrong definition of stack_t where the flags and
size fields were swapped or where the flags field had type ulong instead
of int.
Due to the presence of padding space in the structure and the prevalence
of little-endian machines this problem went unnoticed for a long time.
The type definitions have been cross-checked with the ones defined in
the Linux kernel v5.9, plus some older versions for a few architecture
that have been removed and Xilinx's kernel fork for NiosII [1].
The bsd-user headers remain unchanged as I don't know if they are wrong
or not.
[1] https://github.com/Xilinx/linux-xlnx/blob/master/arch/nios2/include/uapi/asm/signal.h
Signed-off-by: Giuseppe Musacchio <thatlemon@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <e9d47692-ee92-009f-6007-0abc3f502b97@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The function do_sigreturn() tries to store the PC, NPC and PSR in
uint32_t local variables, which implicitly drops the high half of
these fields for 64-bit guests.
The usual effect was that a guest which used signals would crash on
return from a signal unless it was lucky enough to take it while the
PC was in the low 4GB of the address space. In particular, Debian
/bin/dash and /bin/bash would segfault after executing external
commands.
Use abi_ulong, which is the type these fields all have in the
__siginfo_t struct.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201105212314.9628-4-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Because QEMU's user-mode emulation just directly accesses guest CPU
state, for SPARC the guest register window state is not the same in
the sparc64_get_context() and sparc64_set_context() functions as it
is for the real kernel's versions of those functions. Specifically,
for the kernel it has saved the user space state such that the O*
registers go into a pt_regs struct as UREG_I*, and the I* registers
have been spilled onto the userspace stack. For QEMU, we haven't
done that, so the guest's O* registers are still in WREG_O* and the
I* registers in WREG_I*.
The code was already accessing the O* registers correctly for QEMU,
but had copied the kernel code for accessing the I* registers off the
userspace stack. Replace this with direct accesses to fp and i7 in
the CPU state, and add a comment explaining why we differ from the
kernel code here.
This fix is sufficient to get bash to a shell prompt.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201105212314.9628-3-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The various structs that make up the SPARC target_ucontext had some
errors:
* target structures must not include fields which are host pointers,
which might be the wrong size. These should be abi_ulong instead
* because we don't have the 'long double' part of the mcfpu_fregs
union in our version of the target_mc_fpu struct, we need to
manually force it to be 16-aligned
In particular, the lack of 16-alignment caused sparc64_get_context()
and sparc64_set_context() to read and write all the registers at the
wrong offset, which triggered a guest glibc stack check in
siglongjmp:
*** longjmp causes uninitialized stack frame ***: terminated
when trying to run bash.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201105212314.9628-2-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Coverity points out that we don't check the return value from
copy_from_user() in vma_dump_size(). This is to some extent
a "can't happen" error since we've already checked the page
with an access_ok() call earlier, but it's simple enough to
handle the error anyway.
Fixes: Coverity CID 1432362
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201103141532.19912-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Coverity pointed out (CID 1432339) that target_to_host_timespec64() can
fail with -TARGET_EFAULT but we never check the return value. This patch
checks the return value and handles the error.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <cad74fae734d2562746b94acd9c34b00081c89bf.1604432881.git.alistair.francis@wdc.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
In pgd_find_hole_fallback(), Coverity doesn't like the use
of "if (MAP_FIXED_NOREPLACE || ...)" because it's using a
logical operator on a constant other than 0 or 1 and its
heuristic thinks we might have intended a bitwise operator
instead.
The logic is correct (we are checking whether the host really
has a MAP_FIXED_NOREPLACE or whether we fell back to the
"#define as 0 to ignore" from osdep.h); make Coverity
happier by explicitly writing out the comparison with zero.
Fixes: Coverity CID 1431059
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201103142636.21125-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
When using -Wimplicit-fallthrough in our CFLAGS, the compiler showed warning:
linux-user/mips/cpu_loop.c: In function ‘cpu_loop’:
linux-user/mips/cpu_loop.c:104:24: warning: this statement may fall through [-Wimplicit-fallthrough=]
104 | if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) {
| ^
linux-user/mips/cpu_loop.c:107:17: note: here
107 | case 7:
| ^~~~
linux-user/mips/cpu_loop.c:108:24: warning: this statement may fall through [-Wimplicit-fallthrough=]
108 | if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) {
| ^
linux-user/mips/cpu_loop.c:111:17: note: here
111 | case 6:
| ^~~~
linux-user/mips/cpu_loop.c:112:24: warning: this statement may fall through [-Wimplicit-fallthrough=]
112 | if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) {
| ^
linux-user/mips/cpu_loop.c:115:17: note: here
115 | case 5:
| ^~~~
Add the corresponding "fall through" comment to fix it.
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20201030004046.2191790-5-kuhn.chenqun@huawei.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Use the new generic support for NT_GNU_PROPERTY_TYPE_0.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-12-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is generic support, with the code disabled for all targets.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-11-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is slightly clearer than just using strerror, though
the different forms produced by error_setg_file_open and
error_setg_errno isn't entirely convenient.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-10-richard.henderson@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This is a bit clearer than open-coding some of this
with a bare c string.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-9-richard.henderson@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For BTI, we need to know if the executable is static or dynamic,
which means looking for PT_INTERP earlier.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-8-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The second loop uses a loop induction variable, and the first
does not. Transform the first to match the second, to simplify
a following patch moving code between them.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-7-richard.henderson@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fixing this now will clarify following patches.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-6-richard.henderson@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix an unlikely memory leak in load_elf_image().
Fixes: bf858897b7 ("linux-user: Re-use load_elf_image for the main binary.")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-5-richard.henderson@linaro.org
Message-Id: <20201003174944.1972444-1-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Transform the prot bit to a qemu internal page bit, and save
it in the page tables.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The kernel sets btype for the signal handler as if for a call.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20201021173749.111103-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
accept4() returned wrong errno, that did not match current linux
Signed-off-by: Matus Kysel <mkysel@tachyum.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200930151616.3588165-1-mkysel@tachyum.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
It has been removed from linux since
61a47c1ad3a4 ("sysctl: Remove the sysctl system call")
It's a good news because it was not really supported by qemu.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200930003033.554124-5-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Update gensyscalls.sh not to generate an empty line at the end of the file
And then automatically update syscall_nr.h running scripts/gensyscalls.sh
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200930003033.554124-2-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Same as d4247ec2d7 but for statfs64
When running rpm within qemu-arm-dynamic this could cause rpm fail with
an error like
"installing package A needs B MB on the C filesystem" depending on what
is in memory in f_flags.
af06db1d55/lib/transaction.c (L164)
Signed-off-by: Franz-Josef Haider <franz.haider@jolla.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <2e405fe7-efab-dae5-93d6-02575773fd6e@jolla.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The bug was triggered by the following code on aarch64-linux-user:
int main(void)
{
int PDeathSig = 0;
if (prctl(PR_GET_PDEATHSIG, &PDeathSig) == 0 && PDeathSig == SIGKILL)
prctl(PR_GET_PDEATHSIG, 0);
return (PDeathSig == SIGKILL);
}
Signed-off-by: Stephen Long <steplong@quicinc.com>
Signed-off-by: Ana Pazos <apazos@quicinc.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200507130302.3684-1-steplong@quicinc.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The microblaze kernel does not support these, and uses
only rt style signal frames.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Allows microblaze to pass tests/tcg/multiarch/linux-test.c.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
clang's C11 atomic_fetch_*() functions only take a C11 atomic type
pointer argument. QEMU uses direct types (int, etc) and this causes a
compiler error when a QEMU code calls these functions in a source file
that also included <stdatomic.h> via a system header file:
$ CC=clang CXX=clang++ ./configure ... && make
../util/async.c:79:17: error: address argument to atomic operation must be a pointer to _Atomic type ('unsigned int *' invalid)
Avoid using atomic_*() names in QEMU's atomic.h since that namespace is
used by <stdatomic.h>. Prefix QEMU's APIs with 'q' so that atomic.h
and <stdatomic.h> can co-exist. I checked /usr/include on my machine and
searched GitHub for existing "qatomic_" users but there seem to be none.
This patch was generated using:
$ git grep -h -o '\<atomic\(64\)\?_[a-z0-9_]\+' include/qemu/atomic.h | \
sort -u >/tmp/changed_identifiers
$ for identifier in $(</tmp/changed_identifiers); do
sed -i "s%\<$identifier\>%q$identifier%g" \
$(git grep -I -l "\<$identifier\>")
done
I manually fixed line-wrap issues and misaligned rST tables.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200923105646.47864-1-stefanha@redhat.com>
I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the linux-user folder.
Signed-off-by: zhaolichang <zhaolichang@huawei.com>
Reviewed-by: Alex Bennee <alex.bennee@linaro.org>
Message-Id: <20200917075029.313-7-zhaolichang@huawei.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
On older kernels which don't implement MAP_FIXED_NOREPLACE the kernel
may still fail to give us the address we asked for despite having
already probed the map for a valid hole. Asserting isn't particularly
useful to the user so let us move the check up and expand the
error_report a little to give them a fighting chance of working around
the problem.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Cc: Bug 1895080 <1895080@bugs.launchpad.net>
Ameliorates: ee94743034
Message-Id: <20200915134317.11110-2-alex.bennee@linaro.org>
Target definitions of btrfs ioctls in 'syscall_defs.h' use
the value BTRFS_IOCTL_MAGIC that is defined header 'btrfs.h'.
This header is not available in kernel versions before 3.9.
For that reason, these target ioctl definitions should be
enwrapped in an #ifdef directive to check whether the 'btrfs.h'
header is available as to not cause build errors on older
Linux systems.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200905163802.2666-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
On ppc, in termios, c_line is after c_cc, not before .
Fixes: c218b4ede4 ("linux-user: Add missing termbits types and values definitions")
Cc: Filip.Bozuta@syrmia.com
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200830181620.422036-1-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
info->brk was erroneously set to the end of highest addressed
writable segment which could result it in overlapping the executable.
As per load_elf_binary in fs/binfmt_elf.c in Linux, it should be
set to end of highest addressed segment.
Signed-off-by: Timothy E Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200728224615.326675-1-T.E.Baldwin99@members.leeds.ac.uk>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch introduces functionality for following time64 syscalls:
*ppoll_time64
This is a year 2038 safe variant of:
int poll(struct pollfd *fds, nfds_t nfds, int timeout)
-- wait for some event on a file descriptor --
man page: https://man7.org/linux/man-pages/man2/ppoll.2.html
*pselect6_time64
This is a year 2038 safe variant of:
int pselect6(int nfds, fd_set *readfds, fd_set *writefds,
fd_set *exceptfds, const struct timespec *timeout,
const sigset_t *sigmask);
-- synchronous I/O multiplexing --
man page: https://man7.org/linux/man-pages/man2/pselect6.2.html
Implementation notes:
Year 2038 safe syscalls in this patch were implemented
with the same code as their regular variants (ppoll() and pselect()).
This code was moved to new functions ('do_ppoll()' and 'do_pselect6()')
that take a 'bool time64' from which a right 'struct timespec' converting
function is called.
(target_to_host/host_to_target_timespec() for regular and
target_to_host/host_to_target_timespec64() for time64 variants)
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824223050.92032-2-Filip.Bozuta@syrmia.com>
[lv: rebase and fix do_pselect6()]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Fix MK_ARRAY()
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAl9QKi0SHGxhdXJlbnRA
dml2aWVyLmV1AAoJEPMMOL0/L748fnMP/iOEIiotDBW7TQ6f2iOejvlSOsYN3Wtz
735srtaD5og/0oaYH+nQ9kVV0cY6ZObe2KA9JeyodogkhuwzXHPjKlKWHBNGUMtB
fdur65/1I9tNQDW+FfVc+4uT3Vk3lBoHEMCmmtVVRcB+coa7kAXtntqAQPAkjmow
lA7WeGg1sIKVd1Hg+gM9qkboxqi9t90sbd+bhhHy2lPcCJvGFIWFRcgwwvJzIP49
K6h551/zXe7mLQ1dG4dPvNHnpnS+0HhgVzUGuERjx1wNgoQN1adKPO8R3aQl1mr7
ZIPWmZw6blw6neG3rMYEaSvfS+AItPCxE5zlpsJibni34sYHRIrukDhtxj1UMrJX
mZmJgFQthUbd1vGYBTJNy6gb0IHc8TyrIhsjclSWDcdZytaEKALm6OmgEqT8VCVA
KvWg7gnxi2nuCHWCaGjslBSiH7PjtzeY5g4AOeEYGfi3IBaRYdUDdB4jr1x7zfqT
66ROoi9Uwg5+vnlRenTFX3f0gXFXuqpIJf4AB8HXv3R6dDw+lpeCZM1MFOtNOFCK
hKrRF/Jz+g69DqvFbM6L6qSEjsco0PoXVMscyqKJOV8XZdycf3wtEbFofLiV6cPH
TyiebOKQjOGszxmQVXkdC7LD8h+jI6ZJb1ox2j9boXBVNTNUpV3ydVDnErfwKNxs
1Xx8F/bOVLlX
=Pr4V
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.2-pull-request' into staging
Add btrfs support
Fix MK_ARRAY()
# gpg: Signature made Thu 03 Sep 2020 00:26:37 BST
# gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/linux-user-for-5.2-pull-request:
linux-user: Add support for btrfs ioctls used to scrub a filesystem
linux-user: Add support for btrfs ioctls used to manage quota
linux-user: Add support for two btrfs ioctls used for subvolume
linux-user: Add support for a group of btrfs inode ioctls
linux-user: Add support for btrfs ioctls used to get/set features
linux-user: Add support for btrfs ioctls used to manipulate with devices
linux-user: Add support for a group of btrfs ioctls used for snapshots
linux-user: Add support for a group of btrfs ioctls used for subvolumes
linux-user: fix implicit conversion from enumeration type error
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch implements functionality for following ioctls:
BTRFS_IOC_SCRUB - Starting a btrfs filesystem scrub
Start a btrfs filesystem scrub. The third ioctls argument
is a pointer to a following type:
struct btrfs_ioctl_scrub_args {
__u64 devid; /* in */
__u64 start; /* in */
__u64 end; /* in */
__u64 flags; /* in */
struct btrfs_scrub_progress progress; /* out */
/* pad to 1k */
__u64 unused[(1024-32-sizeof(struct btrfs_scrub_progress))/8];
};
Before calling this ioctl, field 'devid' should be filled
with value that represents the device id of the btrfs filesystem
for which the scrub is to be started.
BTRFS_IOC_SCRUB_CANCEL - Canceling scrub of a btrfs filesystem
Cancel a btrfs filesystem scrub if it is running. The third
ioctls argument is ignored.
BTRFS_IOC_SCRUB_PROGRESS - Getting status of a running scrub
Read the status of a running btrfs filesystem scrub. The third
ioctls argument is a pointer to the above mentioned
'struct btrfs_ioctl_scrub_args'. Similarly as with 'BTRFS_IOC_SCRUB',
the 'devid' field should be filled with value that represents the
id of the btrfs device for which the scrub has started. The status
of a running scrub is returned in the field 'progress' which is
of type 'struct btrfs_scrub_progress' and its definition can be
found at:
https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/btrfs.h#L150
Implementation nots:
Ioctls in this patch use type 'struct btrfs_ioctl_scrub_args' as their
third argument. That is the reason why an aproppriate thunk type
definition is added in file 'syscall_types.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-9-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following ioctls:
BTRFS_IOC_QUOTA_CTL - Enabling/Disabling quota support
Enable or disable quota support for a btrfs filesystem. Quota
support is enabled or disabled using the ioctls third argument
which represents a pointer to a following type:
struct btrfs_ioctl_quota_ctl_args {
__u64 cmd;
__u64 status;
};
Before calling this ioctl, the 'cmd' field should be filled
with one of the values 'BTRFS_QUOTA_CTL_ENABLE' (enabling quota)
'BTRFS_QUOTA_CTL_DISABLE' (disabling quota).
BTRFS_IOC_QGROUP_CREATE - Creating/Removing a subvolume quota group
Create or remove a subvolume quota group. The subvolume quota
group is created or removed using the ioctl's third argument which
represents a pointer to a following type:
struct btrfs_ioctl_qgroup_create_args {
__u64 create;
__u64 qgroupid;
};
Before calling this ioctl, the 'create' field should be filled
with the aproppriate value depending on if the user wants to
create or remove a quota group (0 for removing, everything else
for creating). Also, the 'qgroupid' field should be filled with
the value for the quota group id that is to be created.
BTRFS_IOC_QGROUP_ASSIGN - Asigning or removing a quota group as child group
Asign or remove a quota group as child quota group of another
group in the btrfs filesystem. The asignment is done using the
ioctl's third argument which represents a pointert to a following type:
struct btrfs_ioctl_qgroup_assign_args {
__u64 assign;
__u64 src;
__u64 dst;
};
Before calling this ioctl, the 'assign' field should be filled with
the aproppriate value depending on if the user wants to asign or remove
a quota group as a child quota group of another group (0 for removing,
everythin else for asigning). Also, the 'src' and 'dst' fields should
be filled with the aproppriate quota group id values depending on which
quota group needs to asigned or removed as child quota group of another
group ('src' gets asigned or removed as child group of 'dst').
BTRFS_IOC_QGROUP_LIMIT - Limiting the size of a quota group
Limit the size of a quota group. The size of the quota group is limited
with the ioctls third argument which represents a pointer to a following
type:
struct btrfs_ioctl_qgroup_limit_args {
__u64 qgroupid;
struct btrfs_qgroup_limit lim;
};
Before calling this ioctl, the 'qgroup' id field should be filled with
aproppriate value of the quota group id for which the size is to be
limited. The second field is of following type:
struct btrfs_qgroup_limit {
__u64 flags;
__u64 max_rfer;
__u64 max_excl;
__u64 rsv_rfer;
__u64 rsv_excl;
};
The 'max_rfer' field should be filled with the size to which the quota
group should be limited. The 'flags' field can be used for passing
additional options and can have values which can be found on:
https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/btrfs.h#L67
BTRFS_IOC_QUOTA_RESCAN_STATUS - Checking status of running rescan operation
Check status of a running rescan operation. The status is checked using
the ioctl's third argument which represents a pointer to a following type:
struct btrfs_ioctl_quota_rescan_args {
__u64 flags;
__u64 progress;
__u64 reserved[6];
};
If there is a rescan operation running, 'flags' field is set to 1, and
'progress' field is set to aproppriate value which represents the progress
of the operation.
BTRFS_IOC_QUOTA_RESCAN - Starting a rescan operation
Start ar rescan operation to Trash all quota groups and scan the metadata
again with the current config. Before calling this ioctl,
BTRFS_IOC_QUOTA_RESCAN_STATUS sould be run to check if there is already a
rescan operation runing. After that ioctl call, the received
'struct btrfs_ioctl_quota_rescan_args' should be than passed as this ioctls
third argument.
BTRFS_IOC_QUOTA_RESCAN_WAIT - Waiting for a rescan operation to finish
Wait until a rescan operation is finished (if there is a rescan operation
running). The third ioctls argument is ignored.
Implementation notes:
Almost all of the ioctls in this patch use structure types as third arguments.
That is the reason why aproppriate thunk definitions were added in file
'syscall_types.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-8-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following ioctl:
BTRFS_IOC_DEFAULT_SUBVOL - Setting a default subvolume
Set a default subvolume for a btrfs filesystem. The third
ioctl's argument is a '__u64' (unsigned long long) which
represents the id of a subvolume that is to be set as
the default.
BTRFS_IOC_GET_SUBVOL_ROOTREF - Getting tree and directory id of subvolumes
Read tree and directory id of subvolumes from a btrfs
filesystem. The tree and directory id's are returned in the
ioctl's third argument which represents a pointer to a
following type:
struct btrfs_ioctl_get_subvol_rootref_args {
/* in/out, minimum id of rootref's treeid to be searched */
__u64 min_treeid;
/* out */
struct {
__u64 treeid;
__u64 dirid;
} rootref[BTRFS_MAX_ROOTREF_BUFFER_NUM];
/* out, number of found items */
__u8 num_items;
__u8 align[7];
};
Before calling this ioctl, 'min_treeid' field should be filled
with value that represent the minimum value for the tree id.
Implementation notes:
Ioctl BTRFS_IOC_GET_SUBVOL_ROOTREF uses the above mentioned structure
type as third argument. That is the reason why a aproppriate thunk
structure definition is added in file 'syscall_types.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-7-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality of following ioctls:
BTRFS_IOC_INO_LOOKUP - Reading tree root id and path
Read tree root id and path for a given file or directory.
The name and tree root id are returned in an ioctl's third
argument that represents a pointer to a following type:
struct btrfs_ioctl_ino_lookup_args {
__u64 treeid;
__u64 objectid;
char name[BTRFS_INO_LOOKUP_PATH_MAX];
};
Before calling this ioctl, field 'objectid' should be filled
with the object id value for which the tree id and path are
to be read. Value 'BTRFS_FIRST_FREE_OBJECTID' represents the
object id for the first available btrfs object (directory or
file).
BTRFS_IOC_INO_PATHS - Reading paths to all files
Read path to all files with a certain inode number. The paths
are returned in the ioctl's third argument which represents
a pointer to a following type:
struct btrfs_ioctl_ino_path_args {
__u64 inum; /* in */
__u64 size; /* in */
__u64 reserved[4];
/* struct btrfs_data_container *fspath; out */
__u64 fspath; /* out */
};
Before calling this ioctl, the 'inum' and 'size' field should
be filled with the aproppriate inode number and size of the
directory where file paths should be looked for. For now, the
paths are returned in an '__u64' (unsigned long long) value
'fspath'.
BTRFS_IOC_LOGICAL_INO - Reading inode numbers
Read inode numbers for files on a certain logical adress. The
inode numbers are returned in the ioctl's third argument which
represents a pointer to a following type:
struct btrfs_ioctl_logical_ino_args {
__u64 logical; /* in */
__u64 size; /* in */
__u64 reserved[3]; /* must be 0 for now */
__u64 flags; /* in, v2 only */
/* struct btrfs_data_container *inodes; out */
__u64 inodes;
};
Before calling this ioctl, the 'logical' and 'size' field should
be filled with the aproppriate logical adress and size of where
the inode numbers of files should be looked for. For now, the
inode numbers are returned in an '__u64' (unsigned long long)
value 'inodes'.
BTRFS_IOC_LOGICAL_INO_V2 - Reading inode numbers
Same as the above mentioned ioctl except that it allows passing
a flags 'BTRFS_LOGICAL_INO_ARGS_IGNORE_OFFSET'.
BTRFS_IOC_INO_LOOKUP_USER - Reading subvolume name and path
Read name and path of a subvolume. The tree root id and
path are read in an ioctl's third argument which represents a
pointer to a following type:
struct btrfs_ioctl_ino_lookup_user_args {
/* in, inode number containing the subvolume of 'subvolid' */
__u64 dirid;
/* in */
__u64 treeid;
/* out, name of the subvolume of 'treeid' */
char name[BTRFS_VOL_NAME_MAX + 1];
/*
* out, constructed path from the directory with which the ioctl is
* called to dirid
*/
char path[BTRFS_INO_LOOKUP_USER_PATH_MAX];
};
Before calling this ioctl, the 'dirid' and 'treeid' field should
be filled with aproppriate values which represent the inode number
of the directory that contains the subvolume and treeid of the
subvolume.
Implementation notes:
All of the ioctls in this patch use structure types as third arguments.
That is the reason why aproppriate thunk definitions were added in file
'syscall_types.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-6-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following ioctls:
BTRFS_IOC_GET_FEATURES - Getting feature flags
Read feature flags for a btrfs filesystem. The feature flags
are returned inside the ioctl's third argument which represents
a pointer to a following structure type:
struct btrfs_ioctl_feature_flags {
__u64 compat_flags;
__u64 compat_ro_flags;
__u64 incompat_flags;
};
All of the structure field represent bit masks that can be composed
of values which can be found on:
https://elixir.bootlin.com/linux/latest/source/fs/btrfs/ctree.h#L282
BTRFS_IOC_SET_FEATURES - Setting feature flags
Set and clear feature flags for a btrfs filesystem. The feature flags
are set using the ioctl's third argument which represents a
'struct btrfs_ioctl_feature_flags[2]' array. The first element of the
array represent flags which are to be cleared and the second element of
the array represent flags which are to be set. The second element has the
priority over the first, which means that if there are matching flags
in the elements, they will be set in the filesystem. If the flag values
in the third argument aren't correctly set to be composed of the available
predefined flag values, errno ENOPERM ("Operation not permitted") is returned.
BTRFS_IOC_GET_SUPPORTED_FEATURES - Getting supported feature flags
Read supported feature flags for a btrfs filesystem. The supported
feature flags are read using the ioctl's third argument which represents
a 'struct btrfs_ioctl_feature_flags[3]' array. The first element of this
array represents all of the supported flags in the btrfs filesystem.
The second element represents flags that can be safely set and third element
represent flags that can be safely clearead.
Implementation notes:
All of the implemented ioctls use 'struct btrfs_ioctl_feature_flags' as
third argument. That is the reason why a corresponding defintion was added
in file 'linux-user/syscall_types.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-5-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following ioctls:
BTRFS_IOC_SCAN_DEV - Scanning device for a btrfs filesystem
Scan a device for a btrfs filesystem. The device that is to
be scanned is passed in the ioctl's third argument which
represents a pointer to a 'struct ioc_vol_args' (which was
mentioned in a previous patch). Before calling this ioctl,
the name field of this structure should be filled with the
aproppriate name value which represents a path for the device.
If the device contains a btrfs filesystem, the ioctl returns 0,
otherwise a negative value is returned.
BTRFS_IOC_ADD_DEV - Adding a device to a btrfs filesystem
Add a device to a btrfs filesystem. The device that is to be
added is passed in the ioctl's third argument which represents
a pointer to a 'struct ioc_vol_args' (which was mentioned in
a previous patch). Before calling this ioctl, the name field of
this structure should be filled with the aproppriate name value
which represents a path for the device.
BTRFS_IOC_RM_DEV - Removing a device from a btrfs filesystem
Remove a device from a btrfs filesystem. The device that is to be
removed is passed in the ioctl's third argument which represents
a pointer to a 'struct ioc_vol_args' (which was mentioned in
a previous patch). Before calling this ioctl, the name field of
this structure should be filled with the aproppriate name value
which represents a path for the device.
BTRFS_IOC_DEV_INFO - Getting information about a device
Obtain information for device in a btrfs filesystem. The information
is gathered in the ioctl's third argument which represents a pointer
to a following structure type:
struct btrfs_ioctl_dev_info_args {
__u64 devid; /* in/out */
__u8 uuid[BTRFS_UUID_SIZE]; /* in/out */
__u64 bytes_used; /* out */
__u64 total_bytes; /* out */
__u64 unused[379]; /* pad to 4k */
__u8 path[BTRFS_DEVICE_PATH_NAME_MAX]; /* out */
};
Before calling this ioctl, field "devid" should be set with the id value
for the device for which the information is to be obtained. If this field
is not aproppriately set, the errno ENODEV ("No such device") is returned.
BTRFS_IOC_GET_DEV_STATS - Getting device statistics
Obtain stats informatin for device in a btrfs filesystem. The information
is gathered in the ioctl's third argument which represents a pointer to
a following structure type:
struct btrfs_ioctl_get_dev_stats {
__u64 devid; /* in */
__u64 nr_items; /* in/out */
__u64 flags; /* in/out */
/* out values: */
__u64 values[BTRFS_DEV_STAT_VALUES_MAX];
/*
* This pads the struct to 1032 bytes. It was originally meant to pad to
* 1024 bytes, but when adding the flags field, the padding calculation
* was not adjusted.
*/
__u64 unused[128 - 2 - BTRFS_DEV_STAT_VALUES_MAX];
};
Before calling this ioctl, field "devid" should be set with the id value
for the device for which the information is to be obtained. If this field
is not aproppriately set, the errno ENODEV ("No such device") is returned.
BTRFS_IOC_FORGET_DEV - Remove unmounted devices
Search and remove all stale devices (devices which are not mounted).
The third ioctl argument is a pointer to a 'struct btrfs_ioctl_vol_args'.
The ioctl call will release all unmounted devices which match the path
which is specified in the "name" field of the structure. If an empty
path ("") is specified, all unmounted devices will be released.
Implementation notes:
Ioctls BTRFS_IOC_DEV_INFO and BTRFS_IOC_GET_DEV_STATS use types
'struct btrfs_ioctl_dev_info_args' and ' struct btrfs_ioctl_get_dev_stats'
as third argument types. That is the reason why corresponding structure
definitions were added in file 'linux-user/syscall_types.h'.
Since the thunk type for 'struct ioc_vol_args' was already added in a
previous patch, the rest of the implementation was straightforward.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-4-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following ioctls:
BTRFS_IOC_SNAP_CREATE - Creating a subvolume snapshot
Create a snapshot of a btrfs subvolume. The snapshot is created using the
ioctl's third argument that is a pointer to a 'struct btrfs_ioctl_vol_args'
(which was mentioned in the previous patch). Before calling this ioctl,
the fields of the structure should be filled with aproppriate values for
the file descriptor and path of the subvolume for which the snapshot is to
be created.
BTRFS_IOC_SNAP_DESTROY - Removing a subvolume snapshot
Delete a snapshot of a btrfs subvolume. The snapshot is deleted using the
ioctl's third argument that is a pointer to a 'struct btrfs_ioctl_vol_args'
(which was mentioned in the previous patch). Before calling this ioctl,
the fields of the structure should be filled with aproppriate values for
the file descriptor and path of the subvolume for which the snapshot is to
be deleted.
Implementation notes:
Since the thunk type 'struct btrfs_ioctl_vol_args' is defined in the
previous patch, the implementation for these ioctls was straightforward.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-3-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality of following ioctls:
BTRFS_IOC_SUBVOL_CREATE - Creating a btrfs subvolume
Create a btrfs subvolume. The subvolume is created using the ioctl's
third argument which represents a pointer to a following structure
type:
struct btrfs_ioctl_vol_args {
__s64 fd;
char name[BTRFS_PATH_NAME_MAX + 1];
};
Before calling this ioctl, the fields of this structure should be filled
with aproppriate values. The fd field represents the file descriptor
value of the subvolume and the name field represents the subvolume
path.
BTRFS_IOC_SUBVOL_GETFLAGS - Getting subvolume flags
Read the flags of the btrfs subvolume. The flags are read using
the ioctl's third argument that is a pointer of __u64 (unsigned long).
The third argument represents a bit mask that can be composed of following
values:
BTRFS_SUBVOL_RDONLY (1ULL << 1)
BTRFS_SUBVOL_QGROUP_INHERIT (1ULL << 2)
BTRFS_DEVICE_SPEC_BY_ID (1ULL << 3)
BTRFS_SUBVOL_SPEC_BY_ID (1ULL << 4)
BTRFS_IOC_SUBVOL_SETFLAGS - Setting subvolume flags
Set the flags of the btrfs subvolume. The flags are set using the
ioctl's third argument that is a pointer of __u64 (unsigned long).
The third argument represents a bit mask that can be composed of same
values as in the case of previous ioctl (BTRFS_IOC_SUBVOL_GETFLAGS).
BTRFS_IOC_SUBVOL_GETINFO - Getting subvolume information
Read information about the subvolume. The subvolume information is
returned in the ioctl's third argument which represents a pointer to
a following structure type:
struct btrfs_ioctl_get_subvol_info_args {
/* Id of this subvolume */
__u64 treeid;
/* Name of this subvolume, used to get the real name at mount point */
char name[BTRFS_VOL_NAME_MAX + 1];
/*
* Id of the subvolume which contains this subvolume.
* Zero for top-level subvolume or a deleted subvolume.
*/
__u64 parent_id;
/*
* Inode number of the directory which contains this subvolume.
* Zero for top-level subvolume or a deleted subvolume
*/
__u64 dirid;
/* Latest transaction id of this subvolume */
__u64 generation;
/* Flags of this subvolume */
__u64 flags;
/* UUID of this subvolume */
__u8 uuid[BTRFS_UUID_SIZE];
/*
* UUID of the subvolume of which this subvolume is a snapshot.
* All zero for a non-snapshot subvolume.
*/
__u8 parent_uuid[BTRFS_UUID_SIZE];
/*
* UUID of the subvolume from which this subvolume was received.
* All zero for non-received subvolume.
*/
__u8 received_uuid[BTRFS_UUID_SIZE];
/* Transaction id indicating when change/create/send/receive happened */
__u64 ctransid;
__u64 otransid;
__u64 stransid;
__u64 rtransid;
/* Time corresponding to c/o/s/rtransid */
struct btrfs_ioctl_timespec ctime;
struct btrfs_ioctl_timespec otime;
struct btrfs_ioctl_timespec stime;
struct btrfs_ioctl_timespec rtime;
/* Must be zero */
__u64 reserved[8];
};
All of the fields of this structure are filled after the ioctl call.
Implementation notes:
Ioctls BTRFS_IOC_SUBVOL_CREATE and BTRFS_IOC_SUBVOL_GETINFO have structure
types as third arguments. That is the reason why a corresponding definition
are added in file 'linux-user/syscall_types.h'.
The line '#include <linux/btrfs.h>' is added in file 'linux-user/syscall.c' to
recognise preprocessor definitions for these ioctls. Since the file "linux/btrfs.h"
was added in the kernel version 3.9, it is enwrapped in an #ifdef statement
with parameter CONFIG_BTRFS which is defined in 'configure' if the
header file is present.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Tested-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200823195014.116226-2-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Split these out of the normal branch instructions, as they require
special handling. Perform the entire operation inline, instead of
raising EXCP_BREAK to do the work in mb_cpu_do_interrupt.
This fixes a bug in that brki rd, imm, for imm != 0x18 is not
supposed to set MSR_BIP. This fixes a bug in that imm == 0 is
the reset vector and 0x18 is the debug vector, and neither should
raise a tcg exception in system mode.
Introduce EXCP_SYSCALL for microblaze-linux-user.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Having the MSR[C] bit separate will improve arithmetic that operates
on the carry bit. Having mb_cpu_read_msr() populate MSR[CC] will
prevent the carry copy not matching the carry bit.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The exception status register is only 32-bits wide.
Do not use a 64-bit type to represent it.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Finish eliminating the sregs array in favor of individual members.
Does not correct the width of EDR, yet.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Continue eliminating the sregs array in favor of individual members.
Does not correct the width of FSR, yet.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Continue eliminating the sregs array in favor of individual members.
Does not correct the width of ESR, yet.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Begin eliminating the sregs array in favor of individual members.
Does not correct the width of pc, yet.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This patch introduces functionality for following time64 syscalls:
*utimensat_time64()
int utimensat(int dirfd, const char *pathname,
const struct timespec times[2], int flags);
-- change file timestamps with nanosecond precision --
man page: https://man7.org/linux/man-pages/man2/utimensat.2.html
*semtimedop_time64()
int semtimedop(int semid, struct sembuf *sops, size_t nsops,
const struct timespec *timeout);
-- System V semaphore operations --
man page: https://www.man7.org/linux/man-pages/man2/semtimedop.2.html
Implementation notes:
Syscall 'utimensat_time64()' is implemented in similar way as its
regular variants only difference being that time64 converting function
is used to convert values of 'struct timespec' between host and target
('target_to_host_timespec64()').
For syscall 'semtimedop_time64()' and additional argument is added
in function 'do_semtimedop()' through which the aproppriate 'struct timespec'
converting function is called (false for regular target_to_host_timespec()
and true for target_to_host_timespec64()). For 'do_ipc()' a
check was added as that additional argument: 'TARGET_ABI_BITS == 64'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824223050.92032-3-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following time64 syscalls:
*rt_sigtimedwait_time64()
This is a year 2038 safe variant of syscall:
int rt_sigtimedwait(const sigset_t *set, siginfo_t *info,
const struct timespec *timeout, size_t sigsetsize)
--synchronously wait for queued signals--
man page: https://man7.org/linux/man-pages/man2/rt_sigtimedwait.2.html
*sched_rr_get_interval_time64()
This is a year 2038 safe variant of syscall:
int sched_rr_get_interval(pid_t pid, struct timespec *tp)
--get the SCHED_RR interval for the named process--
man page: https://man7.org/linux/man-pages/man2/sched_rr_get_interval.2.html
Implementation notes:
These syscalls were implemented in similar ways like
'rt_sigtimedwait()' and 'sched_rr_get_interval()' except
that functions 'target_to_host_timespec64()' and
'host_to_target_timespec64()' were used to convert values
of 'struct timespec' between host and target.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824192116.65562-3-Filip.Bozuta@syrmia.com>
[lv: add missing defined(TARGET_NR_rt_sigtimedwait_time64)]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following time64 syscall:
*clock_nanosleep_time64()
This is a year 2038 safe vairant of syscall:
int clock_nanosleep(clockid_t clockid, int flags,
const struct timespec *request,
struct timespec *remain)
--high-resolution sleep with specifiable clock--
man page: https://man7.org/linux/man-pages/man2/clock_nanosleep.2.html
*clock_adjtime64()
This is a year 2038 safe variant of syscall:
int clock_adjtime(clockid_t clk_id, struct timex *buf)
--tune kernel clock--
man page: https://man7.org/linux/man-pages/man2/clock_adjtime.2.html
Implementation notes:
Syscall 'clock_nanosleep_time64()' was implemented similarly
to syscall 'clock_nanosleep()' except that 'host_to_target_timespec64()'
and 'target_to_host_timespec64()' were used instead of the regular
'host_to_target_timespec()' and 'target_to_host_timespec()'.
For 'clock_adjtime64()' a 64-bit target kernel version of 'struct timex'
was defined in 'syscall_defs.h': 'struct target__kernel_timex'.
This type was used to convert the values of 64-bit timex type between
host and target. For this purpose a 64-bit timex converting functions
'target_to_host_timex64()' and 'host_to_target_timex64()'. An existing
function 'copy_to_user_timeval64()' was used to convert the field
'time' which if of type 'struct timeval' from host to target.
Function 'copy_from_user_timveal64()' was added in this patch and
used to convert the 'time' field from target to host.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824192116.65562-2-Filip.Bozuta@syrmia.com>
[lv: add missing ifdef's]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following time64 syscalls:
*mq_timedsend_time64()
This is a year 2038 safe vairant of syscall:
int mq_timedsend(mqd_t mqdes, const char *msg_ptr,
size_t msg_len, unsigned int msg_prio,
const struct timespec *abs_timeout)
--send a message to a message queue--
man page: https://www.man7.org/linux/man-pages/man2/mq_timedsend.2.html
*mq_timedreceive_time64()
This is a year 2038 safe variant of syscall:
ssize_t mq_timedreceive(mqd_t mqdes, char *msg_ptr,
size_t msg_len, unsigned int *msg_prio,
const struct timespec *abs_timeout)
--receive a message from a message queue--
man page: https://man7.org/linux/man-pages/man3/mq_receive.3.html
Implementation notes:
These syscalls were implemented in similar ways like
'mq_timedsend()' and 'mq_timedreceive' except that
functions 'target_to_host_timespec64()' and
'host_to_target_timespec64()' were used to convert
values of 'struct timespec' between host and target.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824193752.67950-3-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
in 32 bit mode, drop the padding in tv_nsec. If host is 64bit and target
is 32bit, the padding bytes will be copied from the target and as the
kernel checks the value, the syscall exits with EINVAL.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200827070449.2386007-1-laurent@vivier.eu>
Fixes: c6c8d1026e ("linux-user/syscall: Add support for clock_gettime64/clock_settime64")
Implementations of syscalls 'mq_timedsend()' and 'mq_timedreceive()'
in 'syscall.c' use functions 'target_to_host_timespec()' and
'host_to_target_timespec()' to transfer the value of 'struct timespec'
between target and host. However, the implementations don't check whether
this conversion succeeds and thus can cause an unaproppriate error instead
of the 'EFAULT (Bad address)' which is supposed to be set if the conversion
from target to host fails. This was confirmed with the modified LTP
test suite where test cases with a bad adress for 'timespec' were
added. This modified test suite can be found at:
https://github.com/bozutaf/ltp
Without the changes from this patch the bad adress testcase for 'mq_timedsend()'
succeds unexpectedly, while the test returns errno 'ETIMEOUT' for
'mq_timedreceive()':
mq_timedsend01.c:190: FAIL: mq_timedsend() returned 0, expected -1: SUCCESS (0)
mq_timedreceive01.c:178: FAIL: mq_timedreceive() failed unexpectedly,
expected EFAULT: ETIMEDOUT (110)
After the changes from this patch, testcases for both syscalls fail with EFAULT
as expected, which is the same test result that is received with native execution:
mq_timedsend01.c:187: PASS: mq_timedsend() failed expectedly: EFAULT (14)
mq_timedreceive01.c:180: PASS: mq_timedreceive() failed expectedly: EFAULT (14)
(Patch with this new test case will be sent to LTP mailing list soon)
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200824193752.67950-2-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
MIPS provides 2 ILP32 ABIs, and therefore 4 possible qemu-mips binaries
with 2 pairs using the same endianess and bitness.
This could lead to an O32 image loading in the N32 binary or vice versa
and in cryptic errors (if lucky that the CPU doesn't match the FPU used)
like :
qemu: Unexpected FPU mode (o32 ELF loaded to qemu-mipsn32[el])
ELF binary's NaN mode not supported by CPU (n32 -> qemu-mips[el])
Add an ABI check macro that could be used while checking the ELF header
that relies in the ABI2 flag to identify n32 binaries and abort instead
early with a more descriptive error :
Invalid ELF image for this architecture
Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200823101703.18451-1-carenas@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Functions "print_ioctl()" and "print_syscall_ret_ioctl()" are used
to print arguments of "ioctl()" with "-strace". These functions
use "thunk_print()", which is defined in "thunk.c", to print the
contents of ioctl's third arguments that are not basic types.
However, this function doesn't handle ioctls of group ioctl_tty which
are used for terminals and serial lines. These ioctls use a type
"struct termios" which thunk type is defined in a non standard
way using "STRUCT_SPECIAL()". This means that this type is not decoded
regularly using "thunk_convert()" and uses special converting functions
"target_to_host_termios()" and "host_to_target_termios()", which are defined
in "syscall.c" to decode it's values.
For simillar reasons, this type is also not printed regularly using
"thunk_print()". That is the reason why a separate printing function
"print_termios()" is defined in file "strace.c". This function decodes
and prints flag values of the "termios" structure.
Implementation notes:
Function "print_termios()" was implemented in "strace.c" using
an existing function "print_flags()" to print flag values of
"struct termios" fields. Also, recently implemented function
"print_enums()" was also used to print enumareted values which
are contained in the fields of 'struct termios'.
These flag values were defined using an existing macro "FLAG_TARGET()"
that generates aproppriate target flag values and string representations
of these flags. Also, the recently defined macro "ENUM_TARGET()" was
used to generate aproppriate enumarated values and their respective
string representations.
Function "print_termios()" was declared in "qemu.h" so that it can
be accessed in "syscall.c". Type "StructEntry" defined in
"exec/user/thunk.h" contains information that is used to decode
structure values. Field "void print(void *arg)" was added in this
structure as a special print function. Also, function "thunk_print()"
was changed a little so that it uses this special print function
in case it is defined. This printing function was instantiated with
the defined "print_termios()" in "syscall.c" in "struct_termios_def".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200723210233.349690-4-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch introduces missing target types ('target_flag_t', 'target_cc_t',
'target_speed_t') in a few 'termibts.h' header files. Also, two missing
values ('TARGET_IUTF8' and 'TARGET_EXTPROC') were also added. These values
were also added in file 'syscall.c' in bitmask tables 'iflag_tbl[]' and
'lflag_tbl[]' which are used to convert values of 'struct termios' between
target and host.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200723210233.349690-3-Filip.Bozuta@syrmia.com>
[lv: keep TARGET_NCCS definition in xtensa/termbits.h]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch introduces a generic 'termbits.h' file for following
archs: 'aarch64', 'arm', 'i386, 'm68k', 'microblaze', 'nios2',
'openrisc', 'riscv', 's390x', 'x86_64'.
Since all of these archs have the same termios flag values and
same ioctl_tty numbers, there is no need for a separate 'termbits.h'
file for each one of them. For that reason one generic 'termbits.h'
file was added for all of them and an '#include' directive was
added for this generic file in every arch 'termbits.h' file.
Also, some of the flag values that were missing were added in this
generic file so that it matches the generic 'termibts.h' and 'ioctls.h'
files from the kernel: 'asm-generic/termbits.h' and 'asm-generic/ioctls.h'.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200723210233.349690-2-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscalls:
* clock_getres, clock_gettime, clock_settime - clock and time functions
int clock_getres(clockid_t clockid, struct timespec *res)
int clock_gettime(clockid_t clockid, struct timespec *tp)
int clock_settime(clockid_t clockid, const struct timespec *tp)
man page: https://man7.org/linux/man-pages/man2/clock_getres.2.html
* gettimeofday - get time
int gettimeofday(struct timeval *tv, struct timezone *tz)
man page: https://man7.org/linux/man-pages/man2/gettimeofday.2.html
* getitimer, setitimer - get or set value of an interval timer
int getitimer(int which, struct itimerval *curr_value)
int setitimer(int which, const struct itimerval *new_value,
struct itimerval *old_value)
man page: https://man7.org/linux/man-pages/man2/getitimer.2.html
Implementation notes:
All of the syscalls have some structue types as argument types and thus
a separate printing function was stated in file "strace.list" for each
of them. All of these functions use existing functions for their
appropriate structure types ("print_timeval()" and "print_timezone()").
Functions "print_timespec()" and "print_itimerval()" were added in this
patch so that they can be used to print types "struct timespec" and
"struct itimerval" used by some of the syscalls. Function "print_itimerval()"
uses the existing function "print_timeval()" to print fields of the
structure "struct itimerval" that are of type "struct timeval".
Function "print_enums()", which was introduced in the previous patch, is used
to print the interval timer type which is the first argument of "getitimer()"
and "setitimer()". Also, this function is used to print the clock id which
is the first argument of "clock_getres()" and "clock_gettime()". For that
reason, the existing function "print_clockid()" was removed in this patch.
Existing function "print_clock_adjtime()" was also changed for this reason
to use "print_enums()".
The existing function "print_timeval()" was changed a little so that it
prints the field names beside the values.
Syscalls "clock_getres()" and "clock_gettime()" have the same number
and types of arguments and thus their print functions "print_clock_getres"
and "print_clock_gettime" share a common definition in file "strace.c".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811164553.27713-6-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch introduces a type 'struct enums' and function 'print_enums()'
that can be used to print enumerated argument values of some syscalls
in strace. This can be used in future strace implementations.
Also, macros 'ENUM_GENERIC()', 'ENUM_TARGET()' and 'ENUM_END', are
introduced to enable automatic generation of aproppriate enumarated
values and their repsective string representations (these macros are
exactly the same as 'FLAG_GENERIC()', 'FLAG_TARGET()' and 'FLAG_END').
Future patches are planned to modify all existing print functions in
'strace.c' that print arguments of syscalls with enumerated values to
use this new api.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811164553.27713-5-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscalls:
* mlock, munlock, mlockall, munlockall - lock and unlock memory
int mlock(const void *addr, size_t len)
int munlock(const void *addr, size_t len)
int mlockall(int flags)
int munlockall(void)
man page: https://man7.org/linux/man-pages/man2/mlock.2.html
Implementation notes:
Syscall mlockall() takes an argument that is composed of predefined values
which represent flags that determine the type of locking operation that is
to be performed. For that reason, a printing function "print_mlockall" was
stated in file "strace.list". This printing function uses an already existing
function "print_flags()" to print the "flags" argument. These flags are stated
inside an array "mlockall_flags" that contains values of type "struct flags".
These values are instantiated using an existing macro "FLAG_TARGET()" that
crates aproppriate target flag values based on those defined in files
'/target_syscall.h'. These target flag values were changed from
"TARGET_MLOCKALL_MCL*" to "TARGET_MCL_*" so that they can be aproppriately set
and recognised in "strace.c" with "FLAG_TARGET()". Value for "MCL_ONFAULT"
was added in this patch. This value was also added in "syscall.c" in function
"target_to_host_mlockall_arg()". Because this flag value was added in kernel
version 4.4, it is enwrapped in an #ifdef directive (both in "syscall.c" and
in "strace.c") as to support older kernel versions.
The other syscalls have only primitive argument types, so the
rest of the implementation was handled by stating an appropriate
printing format in file "strace.list". Syscall mlock2() is not implemented in
"syscall.c" and thus it's argument printing is not implemented in this patch.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811164553.27713-4-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscalls:
* truncate, ftruncate - truncate a file to a specified length
int truncate/truncate64(const char *path, off_t length)
int ftruncate/ftruncate64(int fd, off_t length)
man page: https://man7.org/linux/man-pages/man2/truncate.2.html
* getsid - get session ID
pid_t getsid(pid_t pid)
man page: https://man7.org/linux/man-pages/man2/getsid.2.html
Implementation notes:
Syscalls truncate/truncate64 take string argument types and thus a
separate print function "print_truncate/print_truncate64" is stated in
file "strace.list". This function is defined and implemented in "strace.c"
by using an existing function used to print string arguments: "print_string()".
For syscall ftruncate64, a separate printing function was also stated in
"strace.c" as it requires a special kind of handling.
The other syscalls have only primitive argument types, so the rest of the
implementation was handled by stating an appropriate printing format in file
"strace.list".
Function "regpairs_aligned()" was cut & pasted from "syscall.c" to "qemu.h"
as it is used by functions "print_truncate64()" and "print_ftruncate64()"
to print the offset arguments of "truncate64()" and "ftruncate64()".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811164553.27713-3-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Variable "cpu_env" is used in file "syscall.c" to store
the information about the cpu environment. This variable
is used because values of some syscalls can vary between
cpu architectures. This patch makes the "cpu_env" accessible
in "strace.c" so it can enable aproppriate "-strace" argument
printing for these syscalls. This will be a useful addition
for future "-strace" implementation in QEMU.
Implementation notes:
Functions "print_syscall()" and "print_syscall_ret()" which
are stated and defined in "qemu.h" and "strace.c" respectively
are used to print syscall arguments before and after syscall
execution. These functions were changed with addition of a
new argument "void *cpu_env". Strucute "struct syscallname"
in "strace.c" is used to store the information about syscalls.
Fields "call" and "result" represent pointers to functions which
are used to print syscall arguments before and after execution.
These fields were also changed with addition of a new "void *"
argumetn.
Also, all defined "print_*" and "print_syscall_ret*" functions
in "strace.c" were changed to have the new "void *cpu_env".
This was done to not cause build errors (even though none of
these functions use this argument).
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811164553.27713-2-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Another DRM_IOCTL_I915 patches will be sent next.
Signed-off-by: Chen Gang <chengang@emindsoft.com.cn>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200802133938.12055-1-chengang@emindsoft.com.cn>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Implementation of syscall 'clock_nanosleep()' in 'syscall.c' uses
functions 'target_to_host_timespec()' and 'host_to_target_timespec()'
to transfer the value of 'struct timespec' between target and host.
However, the implementation doesn't check whether this conversion
succeeds and thus can return an unaproppriate error instead of 'EFAULT'
that is expected. This was confirmed with the modified LTP test suite
where testcases with bad 'struct timespec' adress for 'clock_nanosleep()'
were added. This modified LTP suite can be found at:
https://github.com/bozutaf/ltp
(Patch with this new test case will be sent to LTP mailing list soon)
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200727201326.401519-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The implementations of syscalls 'semop()' and 'semtimedop()' in
file 'syscall.c' use function 'target_to_host_sembuf()' to convert
values of 'struct sembuf' from host to target. However, before this
conversion it should be check whether the number of semaphore operations
'nsops' is not bigger than maximum allowed semaphor operations per
syscall: 'SEMOPM'. In these cases, errno 'E2BIG' ("Arg list too long")
should be set. But the implementation will set errno 'EFAULT' ("Bad address")
in this case since the conversion from target to host in this case fails.
This was confirmed with the LTP test for 'semop()' ('ipc/semop/semop02') in
test case where 'nsops' is greater than SEMOPM with unaproppriate errno EFAULT:
semop02.c:130: FAIL: semop failed unexpectedly; expected: E2BIG: EFAULT (14)
This patch changes this by adding a check whether 'nsops' is bigger than
'SEMOPM' before the conversion function 'target_to_host_sembuf()' is called.
After the changes from this patch, the test works fine along with the other
LTP testcases for 'semop()'):
semop02.c:126: PASS: semop failed as expected: E2BIG (7)
Implementation notes:
A target value ('TARGET_SEMOPM') was added for 'SEMOPM' as to be sure
in case the value is not available for some targets.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200818180722.45089-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Implementation of syscall 'utimensat()' in 'syscall.c' uses functions
target_to_host/host_to_target_timespec() to convert values of
'struct timespec' between host and target. However, the implementation
doesn't check whether the conversion succeeds and thus can cause an
inappropriate error or succeed unappropriately instead of setting errno
EFAULT ('Bad address') which is supposed to be set in these cases.
This was confirmed with the LTP test for utimensat ('testcases/utimensat')
which fails for test cases when the errno EFAULT is expected. After changes
from this patch, the test passes for all test cases.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200811113101.6636-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements functionality for following time64 syscalls:
*clock_getres_time64
This a year 2038 safe variant of syscall:
int clock_getres(clockid_t clockid, struct timespec *res)
--finding the resoultion of a specified clock--
man page: https://man7.org/linux/man-pages/man2/clock_getres.2.html
*timer_gettime64
*timer_settime64
These are year 2038 safe variants of syscalls:
int timer_settime(timer_t timerid, int flags,
const struct itimerspec *new_value,
struct itimerspec *old_value)
int timer_gettime(timer_t timerid, struct itimerspec *curr_value)
--arming/dissarming and fetching state of POSIX per-process timer--
man page: https://man7.org/linux/man-pages/man2/timer_settime.2.html
*timerfd_gettime64
*timerfd_settime64
These are year 2038 safe variants of syscalls:
int timerfd_settime(int fd, int flags,
const struct itimerspec *new_value,
struct itimerspec *old_value)
int timerfd_gettime(int fd, struct itimerspec *curr_value)
--timers that notify via file descriptor--
man page: https://man7.org/linux/man-pages/man2/timerfd_settime.2.html
Implementation notes:
Syscall 'clock_getres_time64' was implemented similarly to 'clock_getres()'.
The only difference was that for the conversion of 'struct timespec' from
host to target, function 'host_to_target_timespec64()' was used instead of
'host_to_target_timespec()'.
For other syscalls, new functions 'host_to_target_itimerspec64()' and
'target_to_host_itimerspec64()' were added to convert the value of the
'struct itimerspec' from host to target and vice versa. A new type
'struct target__kernel_itimerspec' was added in 'syscall_defs.h'. This
type was defined with fields which are of the already defined type
'struct target_timespec'. This new 'struct target__kernel_itimerspec'
type is used in these new converting functions. These new functions were
defined similarly to 'host_to_target_itimerspec()' and 'target_to_host_itimerspec()'
the only difference being that 'target_to_host_timespec64()' and
'host_to_target_timespec64()' were used.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200722153421.295411-3-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Functions 'target_to_host_itimerspec()' and 'host_to_target_itimerspec()'
are used to convert values of type 'struct itimerspec' between target and
host. This type has 'struct timespec' as its fields. That is the reason
why this patch introduces a little modification to the converting functions
to be implemented using already existing functions that convert 'struct timespec':
'target_to_host_timespec()' and 'host_to_target_timespec()'. This makes the
code of 'target_to_host_itimerspec()' and 'host_to_target_itimerspec()' more
clean and readable.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200722153421.295411-2-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Executable guest pages are never directly executed by
the host, but do need to be readable for translation.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200519185645.3915-3-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The kernel will return -EINVAL for bits set in the prot argument
that are unknown or invalid. Previously we were simply cropping
out the bits that we care about.
Introduce validate_prot_to_pageflags to perform this check in a
single place between the two syscalls. Differentiate between
the target and host versions of prot. Compute the qemu internal
page_flags value at the same time.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200519185645.3915-2-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Function "print_fdset()" in "strace.c" is used to print the file descriptor
values in "print__newselect()" which prints arguments of syscall _newselect().
Until changes from this patch, this function was printing "," even after the
last value of the fd_set argument. This was changed in this patch by removing
this unnecessary "," after the last fd value and thus improving the estetics of
the _newselect() "-strace" print.
Implementation notes:
The printing fix was made possible by using an existing function "get_comma()"
which returns a "," or an empty string "" based on its argument (0 for "," and
other for "").
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200702160915.9517-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The most interesting or most complicated part here is the syscall_nr.h
generators. In order to keep the generation logic all in meson.build,
I am adding to config_target the name of the .tbl file, and making the
generated file syscall<SUFFIX>_nr.h for input file syscall<SUFFIX>.tbl.
For architectures where the input file is not named syscall_nr.tbl,
syscall_nr.h has to be a source file; it's just a forwarder for x86
(i386/x86_64), while for MIPS64 it chooses between N32 and N64 ABIs.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Meson doesn't enjoy the same flexibility we have with Make in choosing
the include path. In particular the tracing headers are using
$(build_root)/$(<D).
In order to keep the include directives unchanged,
the simplest solution is to generate headers with patterns like
"trace/trace-audio.h" and place forwarding headers in the source tree
such that for example "audio/trace.h" includes "trace/trace-audio.h".
This patch is too ugly to be applied to the Makefiles now. It's only
a way to separate the changes to the tracing header files from the
Meson rewrite of the tracing logic.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The glibc getcwd function returns different errors than the getcwd
syscall, which triggers an assertion failure in the glibc getcwd function
when running under the emulation.
When the syscall returns ENAMETOOLONG, the glibc wrapper uses a fallback
implementation that potentially handles an unlimited path length, and
returns with ERANGE if the provided buffer is too small. The qemu
emulation cannot distinguish the two cases, and thus always returns ERANGE.
This is unexpected by the glibc wrapper.
Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvmmu3qplvi.fsf@suse.de>
[lv: updated description]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Implementation of 'rt_sigtimedwait()' in 'syscall.c' uses the
function 'target_to_host_timespec()' to transfer the value of
'struct timespec' from target to host. However, the implementation
doesn't check whether this conversion succeeds and thus can cause
an unaproppriate error instead of the 'EFAULT (Bad address)' which
is supposed to be set if the conversion from target to host fails.
This was confirmed with the LTP test for rt_sigtimedwait:
"/testcases/kernel/syscalls/rt_sigtimedwait/rt_sigtimedwait01.c"
which causes an unapropriate error in test case "test_bad_adress3"
which is run with a bad adress for the 'struct timespec' argument:
FAIL: test_bad_address3 (349): Unexpected failure: EAGAIN/EWOULDBLOCK (11)
The test fails with an unexptected errno 'EAGAIN/EWOULDBLOCK' instead
of the expected EFAULT.
After the changes from this patch, the test case is executed successfully
along with the other LTP test cases for 'rt_sigtimedwait()':
PASS: test_bad_address3 (349): Test passed
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200724181651.167819-1-Filip.Bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
When the chroot does not have /proc mounted, we can read neither
/proc/sys/vm/mmap_min_addr nor /proc/sys/maps.
The enforcement of mmap_min_addr in the host kernel is done by
the security module, and so does not apply to processes owned
by root. Which leads pgd_find_hole_fallback to succeed in probing
a reservation at address 0. Which confuses pgb_reserved_va to
believe that guest_base has not actually been initialized.
We don't actually want NULL addresses to become accessible, so
make sure that mmap_min_addr is initialized with a non-zero value.
Buglink: https://bugs.launchpad.net/qemu/+bug/1888728
Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Acked-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200724212314.545877-1-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Our safe_clock_nanosleep() returns -1 and updates errno.
We don't need to update the CRF bit in syscall.c because it will
be updated in ppc/cpu_loop.c as the return value is negative.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200722174612.2917566-3-laurent@vivier.eu>
Message-Id: <20200724064509.331-14-alex.bennee@linaro.org>
If the call is interrupted by a signal handler, it fails with error EINTR
and if "remain" is not NULL and "flags" is not TIMER_ABSTIME, it returns
the remaining unslept time in "remain".
Update linux-user to not overwrite the "remain" structure if there is no
error.
Found with "make check-tcg", linux-test fails on nanosleep test:
TEST linux-test on x86_64
.../tests/tcg/multiarch/linux-test.c:242: nanosleep
Reported-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200722174612.2917566-2-laurent@vivier.eu>
Message-Id: <20200724064509.331-13-alex.bennee@linaro.org>
Plain MAP_FIXED has the undesirable behaviour of splatting exiting
maps so we don't actually achieve what we want when looking for gaps.
We should be using MAP_FIXED_NOREPLACE. As this isn't always available
we need to potentially check the returned address to see if the kernel
gave us what we asked for.
Fixes: ad592e37df ("linux-user: provide fallback pgd_find_hole for bare chroots")
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200724064509.331-9-alex.bennee@linaro.org>
print_syscall_err() relies on the sign of the returned value to know
if it is an errno value or not.
But in some cases the returned value can have the most signicant bit
set without being an errno.
This patch restores previous behaviour that was also checking if
we can decode the errno to validate it.
This patch fixes this kind of problem (qemu-m68k):
root@sid:/# QEMU_STRACE= ls
3 brk(NULL) = -1 errno=21473607683 uname(0x407fff8a) = 0
to become:
root@sid:/# QEMU_STRACE= ls
3 brk(NULL) = 0x8001e000
3 uname(0xffffdf8a) = 0
Fixes: c84be71f68 ("linux-user: Extend strace support to enable argument printing after syscall execution")
Cc: Filip.Bozuta@syrmia.com
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200708152435.706070-3-laurent@vivier.eu>
errno of the target is returned as a negative value by the syscall,
not in the host errno variable.
The emulation of the target syscall can return an error while the
host doesn't set an errno value. Target errnos and host errnos can
also differ in some cases.
Fixes: c84be71f68 ("linux-user: Extend strace support to enable argument printing after syscall execution")
Cc: Filip.Bozuta@syrmia.com
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Message-Id: <20200708152435.706070-2-laurent@vivier.eu>
This command is needed to be able to boot systemd in a container.
$ sudo systemd-nspawn -D /chroot/armhf/sid/ -b
Spawning container sid on /chroot/armhf/sid.
Press ^] three times within 1s to kill container.
systemd 245.6-2 running in system mode.
Detected virtualization systemd-nspawn.
Detected architecture arm.
Welcome to Debian GNU/Linux bullseye/sid!
Set hostname to <virt-arm>.
Failed to enqueue loopback interface start request: Operation not supported
Caught <SEGV>, dumped core as pid 3.
Exiting PID 1...
Container sid failed with error code 255.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200709072332.890440-2-laurent@vivier.eu>
Only implement IFLA_PERM_ADDRESS to fix the following error:
Unknown host QEMU_IFLA type: 54
The couple of other ones, IFLA_PROP_LIST and IFLA_ALT_IFNAME, have
been introduced to be used with RTM_NEWLINKPROP, RTM_DELLINKPROP and
RTM_GETLINKPROP that are not implemented by QEMU.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200709072332.890440-1-laurent@vivier.eu>
In new functions print_ioctl() and print_syscall_ret_ioctl(), we don't
check if lock_user() returns NULL and this would cause a segfault in
thunk_print().
If lock_user() returns NULL don't call thunk_print() but prints only the
value of the (invalid) pointer.
Tested with:
# cat ioctl.c
#include <unistd.h>
#include <sys/ioctl.h>
int main(void)
{
int ret;
ret = ioctl(STDOUT_FILENO, TCGETS, 0xdeadbeef);
ret = ioctl(STDOUT_FILENO, TCSETSF, 0xdeadbeef);
return 0;
}
# QEMU_STRACE= ./ioctl
...
578 ioctl(1,TCGETS,0xdeadbeef) = -1 errno=2 (Bad address)
578 ioctl(1,TCSETSF,0xdeadbeef) = -1 errno=2 (Bad address)
...
# QEMU_STRACE= passwd
...
623 ioctl(0,TCGETS,0x3fffed04) = 0 ({})
623 ioctl(0,TCSETSF,{}) = 0
...
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: 79482e5987 ("linux-user: Add strace support for printing arguments of ioctl()")
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Refactoring ipc syscall for s390x and SPARC, so it matches glibc implementation
We should add support of semtimedop syscall as new version of glibc
2.31 uses semop based on semtimedop
(commit: 765cdd0bff ).
Signed-off-by: Matus Kysel <mkysel@tachyum.com>
Message-Id: <20200626124612.58593-2-mkysel@tachyum.com>
Message-Id: <20200626124612.58593-3-mkysel@tachyum.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
[lv: merged PATCH 1 & 2 to avoid build break on PATCH 1]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Linux uses the EPROTONOSUPPORT error code[1] if the users requests a
netlink socket with an unsupported netlink protocol. This change
switches linux-user to use the same code as Linux, instead of
EPFNOSUPPORT (which AFAIK is just an anachronistic version of
EAFNOSUPPORT).
Tested by compiling all linux-user targets on x86.
[1]:
bfe91da29b/net/netlink/af_netlink.c (L683)
Signed-off-by: Josh Kunz <jkz@google.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200707001036.1671982-1-jkz@google.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Given we assert the requested address matches what we asked we should
also make that clear in the mmap flags. Otherwise we see failures in
the GitLab environment for some currently unknown but allowable
reason. We use MAP_FIXED_NOREPLACE if we can so we don't just clobber
an existing mapping. Also include the strerror string for a bit more
info on failure.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200701135652.1366-34-alex.bennee@linaro.org>
The object_property_set_FOO() setters take property name and value in
an unusual order:
void object_property_set_FOO(Object *obj, FOO_TYPE value,
const char *name, Error **errp)
Having to pass value before name feels grating. Swap them.
Same for object_property_set(), object_property_get(), and
object_property_parse().
Convert callers with this Coccinelle script:
@@
identifier fun = {
object_property_get, object_property_parse, object_property_set_str,
object_property_set_link, object_property_set_bool,
object_property_set_int, object_property_set_uint, object_property_set,
object_property_set_qobject
};
expression obj, v, name, errp;
@@
- fun(obj, v, name, errp)
+ fun(obj, name, v, errp)
Chokes on hw/arm/musicpal.c's lcd_refresh() with the unhelpful error
message "no position information". Convert that one manually.
Fails to convert hw/arm/armsse.c, because Coccinelle gets confused by
ARMSSE being used both as typedef and function-like macro there.
Convert manually.
Fails to convert hw/rx/rx-gdbsim.c, because Coccinelle gets confused
by RXCPU being used both as typedef and function-like macro there.
Convert manually. The other files using RXCPU that way don't need
conversion.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200707160613.848843-27-armbru@redhat.com>
[Straightforwad conflict with commit 2336172d9b "audio: set default
value for pcspk.iobase property" resolved]
This patch implements functionality for strace argument printing for ioctls.
When running ioctls through qemu with "-strace", they get printed in format:
"ioctl(fd_num,0x*,0x*) = ret_value"
where the request code an the ioctl's third argument get printed in a hexadicemal
format. This patch changes that by enabling strace to print both the request code
name and the contents of the third argument. For example, when running ioctl
RTC_SET_TIME with "-strace", with changes from this patch, it gets printed in
this way:
"ioctl(3,RTC_SET_TIME,{12,13,15,20,10,119,0,0,0}) = 0"
In case of IOC_R type ioctls, the contents of the third argument get printed
after the return value, and the argument inside the ioctl call gets printed
as pointer in hexadecimal format. For example, when running RTC_RD_TIME with
"-strace", with changes from this patch, it gets printed in this way:
"ioctl(3,RTC_RD_TIME,0x40800374) = 0 ({22,9,13,11,5,120,0,0,0})"
In case of IOC_RW type ioctls, the contents of the third argument get printed
both inside the ioctl call and after the return value.
Implementation notes:
Functions "print_ioctl()" and "print_syscall_ret_ioctl()", that are defined
in "strace.c", are listed in file "strace.list" as "call" and "result"
value for ioctl. Structure definition "IOCTLEntry" as well as predefined
values for IOC_R, IOC_W and IOC_RW were cut and pasted from file "syscall.c"
to file "qemu.h" so that they can be used by these functions to print the
contents of the third ioctl argument. Also, the "static" identifier for array
"ioctl_entries[]" was removed and this array was declared as "extern" in "qemu.h"
so that it can also be used by these functions. To decode the structure type
of the ioctl third argument, function "thunk_print()" was defined in file
"thunk.c" and its definition is somewhat simillar to that of function
"thunk_convert()".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619124727.18080-3-filip.bozuta@syrmia.com>
[lv: fix close-bracket]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Socket ioctls SIOCGSTAMP and SIOCGSTAMPNS, used for timestamping the socket
connection, are defined in file "ioctls.h" differently from other ioctls.
The reason for this difference is explained in the comments above their definition.
These ioctls didn't have defined thunk argument types before changes from this
patch. They have special handling functions ("do_ioctl_SIOCGSTAMP" and
"do_ioctl_SIOCGSTAMPNS") that take care of setting values for approppriate argument
types (struct timeval and struct timespec) and thus no thunk argument types were
needed for their implementation. But this patch adds those argument type definitions
in file "syscall_types.h" and "ioctls.h" as it is needed for printing arguments
of these ioctls with strace.
Implementation notes:
There are two variants of these ioctls: SIOCGSTAMP_OLD/SIOCGSTAM_NEW and
SIOCGSTAMPNS_OLD/SIOCGSTAMPNS_NEW. One is the old existing definition and the
other is the 2038 safe variant used for 32-bit architectures. Corresponding
structure definitions STRUCT_timespec/STRUCT__kernel_timespec and
STRUCT_timeval/STRUCT__kernel_sock_timeval were added for these variants.
STRUCT_timeval definition was already inside the file as it is used by
another implemented ioctl. Two cases were added for definitions
STRUCT_timeval/STRUCT__kernel_sock_timeval to manage the case when the
"u_sec" field of the timeval structure is of type int.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619124727.18080-2-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscall:
*fallocate - manipulate file space
int fallocate(int fd, int mode, off_t offset, off_t len)
man page: https://www.man7.org/linux/man-pages/man2/fallocate.2.html
Implementation notes:
This syscall's second argument "mode" is composed of predefined values
which represent flags that determine the type of operation that is
to be performed on the file space. For that reason, a printing
function "print_fallocate" was stated in file "strace.list". This printing
function uses an already existing function "print_flags()" to print flags of
the "mode" argument. These flags are stated inside an array "falloc_flags"
that contains values of type "struct flags". These values are instantiated
using an existing macro "FLAG_GENERIC()". Most of these flags are defined
after kernel version 3.0 which is why they are enwrapped in an #ifdef
directive.
The syscall's third ant fourth argument are of type "off_t" which can
cause variations between 32/64-bit architectures. To handle this variation,
function "target_offset64()" was copied from file "strace.c" and used in
"print_fallocate" to print "off_t" arguments for 32-bit architectures.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-7-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for syscalls:
*chown, lchown - change ownership of a file
int chown(const char *pathname, uid_t owner, gid_t group)
int lchown(const char *pathname, uid_t owner, gid_t group)
man page: https://www.man7.org/linux/man-pages/man2/lchown.2.html
Implementation notes:
Both syscalls use strings as arguments and thus a separate
printing function was stated in "strace.list" for them.
Both syscalls share the same number and types of arguments
and thus share a same definition in file "syscall.c".
This defintion uses existing functions "print_string()" to
print the string argument and "print_raw_param()" to print
other two arguments that are of basic types.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-6-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for syscall:
*lseek - reposition read/write file offset
off_t lseek(int fd, off_t offset, int whence)
man page: https://www.man7.org/linux/man-pages/man2/lseek.2.html
Implementation notes:
The syscall's third argument "whence" has predefined values:
"SEEK_SET","SEEK_CUR","SEEK_END","SEEK_DATA","SEEK_HOLE"
and thus a separate printing function "print_lseek" was stated
in file "strace.list". This function is defined in "strace.c"
by using an existing function "print_raw_param()" to print
the first and second argument and a switch(case) statement
for the predefined values of the third argument.
Values "SEEK_DATA" and "SEEK_HOLE" are defined in kernel version 3.1.
That is the reason why case statements for these values are
enwrapped in #ifdef directive.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-5-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscalls:
*getxattr, lgetxattr, fgetxattr - retrieve an extended attribute value
ssize_t getxattr(const char *path, const char *name, void *value, size_t size)
ssize_t lgetxattr(const char *path, const char *name, void *value, size_t size)
ssize_t fgetxattr(int fd, const char *name, void *value, size_t size)
man page: https://www.man7.org/linux/man-pages/man2/getxattr.2.html
*listxattr, llistxattr, flistxattr - list extended attribute names
ssize_t listxattr(const char *path, char *list, size_t size)
ssize_t llistxattr(const char *path, char *list, size_t size)
ssize_t flistxattr(int fd, char *list, size_t size)
man page: https://www.man7.org/linux/man-pages/man2/listxattr.2.html
*removexattr, lremovexattr, fremovexattr - remove an extended attribute
int removexattr(const char *path, const char *name)
int lremovexattr(const char *path, const char *name)
int fremovexattr(int fd, const char *name)
man page: https://www.man7.org/linux/man-pages/man2/removexattr.2.html
Implementation notes:
All of the syscalls have strings as argument types and thus a separate
printing function was stated in file "strace.list" for every one of them.
All of these printing functions were defined in "strace.c" using existing
printing functions for appropriate argument types:
"print_string()" - for (const char*) type
"print_pointer()" - for (char*) and (void *) type
"print_raw_param()" for (int) and (size_t) type
Syscalls "getxattr()" and "lgetxattr()" have the same number and type of
arguments and thus their print functions ("print_getxattr", "print_lgetxattr")
share a same definition. The same statement applies to syscalls "listxattr()"
and "llistxattr()".
Function "print_syscall_ret_listxattr()" was added to print the returned list
of extended attributes for syscalls "print_listxattr(), print_llistxattr() and
print_flistxattr()".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-4-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch implements strace argument printing functionality for following syscalls:
*acct - switch process accounting on or off
int acct(const char *filename)
man page: https://www.man7.org/linux/man-pages/man2/acct.2.html
*fsync, fdatasync - synchronize a file's in-core state with storage device
int fsync(int fd)
int fdatasync(int fd)
man page: https://www.man7.org/linux/man-pages/man2/fsync.2.html
*listen - listen for connections on a socket
int listen(int sockfd, int backlog)
man page: https://www.man7.org/linux/man-pages/man2/listen.2.html
Implementation notes:
Syscall acct() takes string as its only argument and thus a separate
print function "print_acct" is stated in file "strace.list". This
function is defined and implemented in "strace.c" by using an
existing function used to print string arguments: "print_string()".
All the other syscalls have only primitive argument types, so the
rest of the implementation was handled by stating an appropriate
printing format in file "strace.list".
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-3-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Structure "struct syscallname" in file "strace.c" is used for "-strace"
to print arguments and return values of syscalls. The last field of
this structure "result" represents the calling function that prints the
return values. This field was extended in this patch so that this function
takes all syscalls arguments beside the return value. In this way, it enables
"-strace" to print arguments of syscalls that have changed after the syscall
execution. This extension will be useful as there are many syscalls that
return values inside their arguments (i.e. listxattr() that returns the list
of extended attributes inside the "list" argument).
Implementation notes:
Since there are already three existing "print_syscall_ret*" functions inside
"strace.c" ("print_syscall_ret_addr()", "print_syscall_ret_adjtimex()",
"print_syscall_ret_newselect()"), they were changed to have all syscall arguments
beside the return value. This was done so that these functions don't cause build
errors (even though syscall arguments are not used in these functions).
There is code repetition in these functions for checking the return value
and printing the approppriate error message (this code is also located in
print_syscall_ret() at the end of "strace.c"). That is the reason why a
function "syscall_print_err()" was added for this code and put inside these
functions. Functions "print_newselect()" and "print_syscall_ret_newselect()"
were changed to use this new implemented functionality and not store the syscall
argument values in separate static variables.
Signed-off-by: Filip Bozuta <Filip.Bozuta@syrmia.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200619123331.17387-2-filip.bozuta@syrmia.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Fix the handling of window spill traps by keeping cansave into account
when calculating the new CWP.
Signed-off-by: Giuseppe Musacchio <thatlemon@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200625091204.3186186-3-laurent@vivier.eu>
Relaxing the restrictions on 64 bit guests leads to the user being
able to attempt to map right at the edge of addressable memory. This
in turn lead to address overflow tripping the assert in page_set_flags
when the end address wrapped around.
Detect the wrap earlier and correctly -ENOMEM the guest (in the
reported case LTP mmap15).
Fixes: 7d8cbbabcb
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reported-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200605154929.26910-15-alex.bennee@linaro.org>
We rely on the pointer to wrap when accessing the high address of the
COMMPAGE so it lands somewhere reasonable. However on 32 bit hosts we
cannot afford just to map the entire 4gb address range. The old mmap
trial and error code handled this by just checking we could map both
the guest_base and the computed COMMPAGE address.
We can't just manipulate loadaddr to get what we want so we introduce
an offset which pgb_find_hole can apply when looking for a gap for
guest_base that ensures there is space left to map the COMMPAGE
afterwards.
This is arguably a little inefficient for the one 32 bit
value (kuser_helper_version) we need to keep there given all the
actual code entries are picked up during the translation phase.
Fixes: ee94743034
Bug: https://bugs.launchpad.net/qemu/+bug/1880225
Cc: Bug 1880225 <1880225@bugs.launchpad.net>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200605154929.26910-13-alex.bennee@linaro.org>
When running QEMU out of a chroot environment we may not have access
to /proc/self/maps. As there is no other "official" way to introspect
our memory map we need to fall back to the original technique of
repeatedly trying to mmap an address range until we find one that
works.
Fortunately it's not quite as ugly as the original code given we
already re-factored the complications of dealing with the
ARM_COMMPAGE. We do make an attempt to skip over brk() which is about
the only concrete piece of information we have about the address map
at this moment.
Fixes: ee9474303
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200605154929.26910-12-alex.bennee@linaro.org>
Fixes: https://bugs.launchpad.net/bugs/1876373
This code path in mmap occurs when a page size is decreased with mremap. When a section of pages is shrunk, qemu calls mmap_reserve on the pages that were released. However, it has the diff operation reversed, subtracting the larger old_size from the smaller new_size. Instead, it should be subtracting the smaller new_size from the larger old_size. You can also see in the previous line of the change that this mmap_reserve call only occurs when old_size > new_size.
Bug: https://bugs.launchpad.net/qemu/+bug/1876373
Signed-off-by: Jonathan Marler <johnnymarler@gmail.com>
Reviewded-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200502161225.14346-1-johnnymarler@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
- Build with other images instead of the broken Debian containers
- Fix building with the latest version of Clang (at least wrt. to
the gitlab-CI pipeline)
- Add Philippe, Alex and Wainer to the Gitlab-CI section in MAINTAINERS
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAl7PgV8RHHRodXRoQHJl
ZGhhdC5jb20ACgkQLtnXdP5wLbXnww/+OSn3x62FYTSmqbwfF/fTFnOqVndfKjkQ
UhG4s6ttlFN2H+hgS9sxHB7cwk9WsyN/V7V8DMM3Ytdbmz9wsP8bLx+Q5wXHmIAl
r/yk9AMrrJtlzGZnt1FcZMJdnrzky9VrqZgM1e0oL8mdPYvTiBmlpJqKoFk0tmWS
WR0qKYFjETRCWtJgalMJTiYuRtkGIlTjXVo7vLmUNYKp+xCKP5Pn7J9JA+Ds+aXX
/PuOztd9IT/T0K+F8lbt9iHVSAu+tsVn1CsZy9cLKEDwgmWFWrF2faXA8e9lZdKe
NctTdClb+DILgezxdd9obIGBJKLy11xPXBopH+8cy9u5vWl1nNUu0tppni83bslB
Kk4AB/qWLRFxz8xJ4U8jI3w62cH7u+gUIxiDeFuJxociLIhYQRL2otskiJ4q1RRD
VOdX8PhsOa8LfV+LqJ+vfJQeYrliYaz/1wU+d6tFL3r+k9E+zI0Z+XCDa9z0pL0B
aBh/UpsUUAUpLyy8JlYm6RejsnHchRqtx/1c+Bdsg84o4BQkFTrrLh3BZFQBncXp
NYNXuWQi0Teotm01tvOHqZjqwE+2apKcKtdj0E6t0YDrn5Inbvj3/l64KeDEzwQN
W0ppgJCJm/k5UkfkfEiFvwgvIn8jj3CrszVjlLZurIkDtTSrEqoNBv68AJewGPHL
YCbuqk8Q8XE=
=TThW
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-05-28' into staging
Fixes and improvements for the gitlab-CI:
- Build with other images instead of the broken Debian containers
- Fix building with the latest version of Clang (at least wrt. to
the gitlab-CI pipeline)
- Add Philippe, Alex and Wainer to the Gitlab-CI section in MAINTAINERS
# gpg: Signature made Thu 28 May 2020 10:16:15 BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* remotes/huth-gitlab/tags/pull-request-2020-05-28:
gitlab-ci: Determine the number of jobs dynamically
gitlab-ci: Do not use the standard container images from gitlab
gitlab-ci: Move edk2 and opensbi YAML files to .gitlab-ci.d folder
GitLab CI: avoid calling before_scripts on unintended jobs
gitlab-ci: Remove flex/bison packages
MAINTAINERS: Add Philippe, Alex and Wainer to the Gitlab-CI section
linux-user: limit check to HOST_LONG_BITS < TARGET_ABI_BITS
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Newer clangs rightly spot that you can never exceed the full address
space of 64 bit hosts with:
linux-user/elfload.c:2076:41: error: result of comparison 'unsigned
long' > 18446744073709551615 is always false
[-Werror,-Wtautological-type-limit-compare]
4685 if ((guest_hiaddr - guest_base) > ~(uintptr_t)0) {
4686 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~
4687 1 error generated.
So lets limit the check to 32 bit hosts only.
Fixes: ee94743034
Reported-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200525131823.715-8-thuth@redhat.com>
[thuth: Use HOST_LONG_BITS < TARGET_ABI_BITS instead of HOST_LONG_BITS == 32]
Signed-off-by: Thomas Huth <thuth@redhat.com>
When we try to bootstrap debian/lenny for alpha, it fails because
it cannot umount /.root directory:
...
Setting up initscripts (2.86.ds1-61) ...
umount: /.root: Function not implemented
dpkg: error processing initscripts (--configure):
subprocess post-installation script returned error exit status 1
dpkg: sysvinit: dependency problems, but configuring anyway as you request:
sysvinit depends on initscripts; however:
Package initscripts is not configured yet.
This is because, when we switched from syscall_nr.h to syscall.tbl,
the syscall #321 has been renamed from umount to oldumount and
syscall.c has not been updated to manage the new name.
oldumount has been introduced in linux 2.1.116pre1 by:
7d32756b2 ("Import 2.1.116pre1")
...
* We now support a flag for forced unmount like the other 'big iron'
* unixes. Our API is identical to OSF/1 to avoid making a mess of AMD
...
Fixes: 6116aea994 ("linux-user, alpha: add syscall table generation support")
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200502194642.32823-1-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
We shouldn't be messing around with the CPU list in linux-user save
for the very special case of do_fork(). When threads end we need to
properly follow QOM object lifetime handling and allow the eventual
cpu_common_unrealizefn to both remove the CPU and ensure any clean-up
actions are taken place, for example calling plugin exit hooks.
There is still a race condition to avoid so use the linux-user
specific clone_lock instead of the cpu_list_lock to avoid it.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: Nikolay Igotti <igotti@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Daniel P. Berrange <berrange@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200520140541.30256-14-alex.bennee@linaro.org>
POWER9 adds scv and rfscv instructions and the system call vectored
interrupt. Linux does not support this instruction yet but it has
been tested with a modified kernel that runs on real hardware.
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Message-Id: <20200507115328.789175-1-npiggin@gmail.com>
[dwg: Corrected an overlong line]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The Arm signal-handling code has some parts ifdeffed with a
TARGET_CONFIG_CPU_32, which is always defined. This is a leftover
from when this code's structure was based on the Linux kernel
signal handling code, where it was intended to support 26-bit
Arm CPUs. The kernel dropped its CONFIG_CPU_32 in kernel commit
4da8b8208eded0ba21e3 in 2009.
QEMU has never had 26-bit CPU support and is unlikely to ever
add it; we certainly aren't going to support 26-bit Linux
binaries via linux-user mode. The ifdef is just unhelpful
noise, so remove it entirely.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200518143014.20689-1-peter.maydell@linaro.org
This fixes signal handlers running with the wrong endianness if the
interrupted code used SETEND to dynamically switch endianness.
Signed-off-by: Amanieu d'Antras <amanieu@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200511131117.2486486-1-amanieu@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Using the MSR instruction to write to CPSR.E is deprecated, but it is
required to work from any mode including unprivileged code. We were
incorrectly forbidding usermode code from writing it because
CPSR_USER did not include the CPSR_E bit.
We use CPSR_USER in only three places:
* as the mask of what to allow userspace MSR to write to CPSR
* when deciding what bits a linux-user signal-return should be
able to write from the sigcontext structure
* in target_user_copy_regs() when we set up the initial
registers for the linux-user process
In the first two cases not being able to update CPSR.E is a bug, and
in the third case it doesn't matter because CPSR.E is always 0 there.
So we can fix both bugs by adding CPSR_E to CPSR_USER.
Because the cpsr_write() in restore_sigcontext() is now changing
a CPSR bit which is cached in hflags, we need to add an
arm_rebuild_hflags() call there; the callsite in
target_user_copy_regs() was already rebuilding hflags for other
reasons.
(The recommended way to change CPSR.E is to use the 'SETEND'
instruction, which we do correctly allow from usermode code.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200518142801.20503-1-peter.maydell@linaro.org
Our code to identify syscall numbers has some issues:
* for Thumb mode, we never need the immediate value from the insn,
but we always read it anyway
* bad immediate values in the svc insn should cause a SIGILL, but we
were abort()ing instead (via "goto error")
We can fix both these things by refactoring the code that identifies
the syscall number to more closely follow the kernel COMPAT_OABI code:
* for Thumb it is always r7
* for Arm, if the immediate value is 0, then this is an EABI call
with the syscall number in r7
* otherwise, we XOR the immediate value with 0x900000
(ARM_SYSCALL_BASE for QEMU; __NR_OABI_SYSCALL_BASE in the kernel),
which converts valid syscall immediates into the desired value,
and puts all invalid immediates in the range 0x100000 or above
* then we can just let the existing "value too large, deliver
SIGILL" case handle invalid numbers, and drop the 'goto error'
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20200420212206.12776-5-peter.maydell@linaro.org
The kernel has different handling for syscalls with invalid
numbers that are in the "arm-specific" range 0x9f0000 and up:
* 0x9f0000..0x9f07ff return -ENOSYS if not implemented
* other out of range syscalls cause a SIGILL
(see the kernel's arch/arm/kernel/traps.c:arm_syscall())
Implement this distinction. (Note that our code doesn't look
quite like the kernel's, because we have removed the
0x900000 prefix by this point, whereas the kernel retains
it in arm_syscall().)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200420212206.12776-4-peter.maydell@linaro.org
We incorrectly treat SVC 0xf0002 as a cacheflush request (which is a
NOP for QEMU). This is the wrong syscall number, because in the
svc-immediate OABI syscall numbers are all offset by the
ARM_SYSCALL_BASE value and so the correct insn is SVC 0x9f0002.
(This is handled further down in the code with the other Arm-specific
syscalls like NR_breakpoint.)
When this code was initially added in commit 6f1f31c069 in
2004, ARM_NR_cacheflush was defined as (ARM_SYSCALL_BASE + 0xf0000 + 2)
so the value in the comparison took account of the extra 0x900000
offset. In commit fbb4a2e371 in 2008, the ARM_SYSCALL_BASE
was removed from the definition of ARM_NR_cacheflush and handling
for this group of syscalls was added below the point where we subtract
ARM_SYSCALL_BASE from the SVC immediate value. However that commit
forgot to remove the now-obsolete earlier handling code.
Remove the spurious ARM_NR_cacheflush condition.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20200420212206.12776-3-peter.maydell@linaro.org
In linux-user/arm/cpu-loop.c we incorrectly treat EXCP_BKPT similarly
to EXCP_SWI, which means that if the guest executes a BKPT insn then
QEMU will perform a syscall for it (which syscall depends on what
value happens to be in r7...). The correct behaviour is that the
guest process should take a SIGTRAP.
This code has been like this (more or less) since commit
06c949e62a in 2006 which added BKPT in the first place. This is
probably because at the time the same code path was used to handle
both Linux syscalls and semihosting calls, and (on M profile) BKPT
with a suitable magic number is used for semihosting calls. But
these days we've moved handling of semihosting out to an entirely
different codepath, so we can fix this bug by simply removing this
handling of EXCP_BKPT and instead making it deliver a SIGTRAP like
EXCP_DEBUG (as we do already on aarch64).
Reported-by: <omerg681@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200420212206.12776-2-peter.maydell@linaro.org
Fixes: https://bugs.launchpad.net/qemu/+bug/1873898
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
First we ensure all guest space initialisation logic comes through
probe_guest_base once we understand the nature of the binary we are
loading. The convoluted init_guest_space routine is removed and
replaced with a number of pgb_* helpers which are called depending on
what requirements we have when loading the binary.
We first try to do what is requested by the host. Failing that we try
and satisfy the guest requested base address. If all those options
fail we fall back to finding a space in the memory map using our
recently written read_self_maps() helper.
There are some additional complications we try and take into account
when looking for holes in the address space. We try not to go directly
after the system brk() space so there is space for a little growth. We
also don't want to have to use negative offsets which would result in
slightly less efficient code on x86 when it's unable to use the
segment offset register.
Less mind-binding gotos and hopefully clearer logic throughout.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200513175134.19619-5-alex.bennee@linaro.org>
While debugging over TCP is fairly straightforward now we have test
cases that want to orchestrate via make and currently a parallel build
fails as two processes can't use the same listening port. While system
emulation offers a wide cornucopia of connection methods thanks to the
chardev abstraction we are a little more limited for linux user.
Thankfully the programming API for a TCP socket and a local UNIX
socket is pretty much the same once it's set up.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200430190122.4592-7-alex.bennee@linaro.org>