Commit Graph

569 Commits

Author SHA1 Message Date
Laurent Vivier f894efd199 linux-user: add getrandom() syscall
getrandom() has been introduced in kernel 3.17 and is now used during
the boot sequence of Debian unstable (stretch/sid).

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-02-24 15:22:15 +02:00
Riku Voipio 13756fb008 linux-user: remove unavailable syscalls from aarch64
QEMU lists deprecated system call numbers in for Aarch64. These
are never enabled for Linux kernel, so don't define them in Qemu
either. Remove the ifdef around host_to_target_stat64 since
all architectures need it now.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-02-23 21:25:10 +02:00
Peter Maydell b6e17875f2 linux-user: Don't assert if guest tries shmdt(0)
Our implementation of shmat() and shmdt() for linux-user was
using "zero guest address" as its marker for "entry in the
shm_regions[] array is not in use". This meant that if the
guest did a shmdt(0) we would match on an unused array entry
and call page_set_flags() with both start and end addresses zero,
which causes an assertion failure.

Use an explicit in_use flag to manage the shm_regions[] array,
so that we avoid this problem.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Pavel Shamis <pasharesearch@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-02-23 21:25:09 +02:00
Laurent Vivier 5089c7ce82 linux-user: fix realloc size of target_fd_trans.
target_fd_trans is an array of "TargetFdTrans *": compute size
accordingly. Use g_renew() as proposed by Paolo.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-02-23 21:25:09 +02:00
Peter Maydell d39594e9d9 linux-user: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-10-git-send-email-peter.maydell@linaro.org
2016-01-29 15:07:22 +00:00
John Paul Adrian Glaubitz 5a53dc5042 linux-user: Add SOCKOP_sendmmsg and SOCKOP_recvmmsg socket call, wire them up.
Adds the definitions for the socket calls SOCKOP_sendmmsg
and SOCKOP_recvmmsg and wires them up with the rest of the code.
The necessary function do_sendrecvmmsg() is already present in
linux-user/syscall.c. After adding these two definitions and wiring
them up, I no longer receive an error message about the
unimplemented socket calls when running "apt-get update" on Debian
unstable running on qemu with glibc_2.21 on m68k.

Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-11 14:54:03 +02:00
Chen Gang fad6c58a3d linux-user/syscall.c: Use SOL_SOCKET instead of level for setsockopt()
In this case, level is TARGET_SOL_SOCKET, but we need SOL_SOCKET for
setsockopt().

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-11 13:45:23 +02:00
Michael Tokarev c0d3573632 linux-user: enable sigaltstack for all architectures
There is no reason to limit sigaltstack syscall to just a few
architectures and pretend it is not implemented for others.

If some architecture is not ready for this, that architecture
should be fixed instead.

This fixes LP#1516408.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:36:21 +02:00
Laurent Vivier 861d72cd28 linux-user: check fd is >= 0 in fd_trans_host_to_target_data/fd_trans_host_to_target_addr
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:20:35 +02:00
Laurent Vivier 0cf227229b linux-user: manage bind with a socket of SOCK_PACKET type.
This is obsolete, but if we want to use dhcp with an old distro (like debian
etch), we need it. Some users (like dhclient) use SOCK_PACKET with AF_PACKET
and the kernel allows that.

packet(7)

  In Linux 2.0, the only way to  get  a  packet  socket  was  by calling
  socket(AF_INET,  SOCK_PACKET,  protocol).   This is still supported but
  strongly deprecated.  The main difference between the  two methods  is
  that  SOCK_PACKET uses the old struct sockaddr_pkt to specify an inter‐
  face, which doesn't provide physical layer independence.

     struct sockaddr_pkt {
         unsigned short spkt_family;
         unsigned char  spkt_device[14];
         unsigned short spkt_protocol;
     };

  spkt_family contains the device type, spkt_protocol is the  IEEE 802.3
  protocol  type  as  defined  in <sys/if_ether.h> and spkt_device is the
  device name as a null-terminated string, for example, eth0.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:20:15 +02:00
Laurent Vivier 7b36f78274 linux-user: add a function hook to translate sockaddr
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:20:08 +02:00
Laurent Vivier 5d4d366585 linux-user: rename TargetFdFunc to TargetFdDataFunc, and structure fields accordingly
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:19:57 +02:00
Laurent Vivier ff626f2d9e linux-user: SOCK_PACKET uses network endian to encode protocol in socket()
in PACKET(7) :

  packet_socket = socket(AF_PACKET, int socket_type, int protocol);
[...]
                                   protocol is the  IEEE  802.3 protocol
  number in network order.  See the <linux/if_ether.h> include file for a
  list of allowed protocols.  When protocol is  set  to htons(ETH_P_ALL)
  then all protocols are received.  All incoming packets of that protocol
  type will be passed to the packet socket before they are passed to the
  protocols implemented in the kernel.
[...]
Compatibility

  In Linux 2.0, the only way to  get  a  packet  socket  was  by  calling
  socket(AF_INET,  SOCK_PACKET,  protocol).

We need to tswap16() the protocol because on big-endian, the ABI is
waiting for, for instance for ETH_P_ALL, 0x0003 (big endian ==
network order), whereas on little-endian it is waiting for 0x0300.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 15:18:47 +02:00
Harmandeep Kaur 0e173b24b5 linux-user/syscall.c: malloc()/calloc() to g_malloc()/g_try_malloc()/g_new0()
Convert malloc()/ calloc() calls to g_malloc()/ g_try_malloc()/ g_new0()

All heap memory allocation should go through glib so that we can take
advantage of a single memory allocator and its debugging/tracing features.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Harmandeep Kaur <write.harmandeep@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 11:36:13 +02:00
Laurent Vivier 3e24bb3f12 linux-user: in poll(), if nfds is 0, pfd can be NULL
This problem appears with yum in Fedora 20 / PPC64 container.

test case:

    #include <stdio.h>
    #include <poll.h>

    int main(void)
    {
        int ret;

        ret = poll(NULL, 0, 1000);
        printf("%d\n", ret);
    }

target test environment: Fedora 20 / PPC64
host test environment: Ubuntu 14.0.2 / x86_64

original test result: -1

    13451 poll(0,0,1000,274886297496,268566664,268566648) = -1 errno=14 (Bad address)

patched test result: 0

    13536 poll(0,0,1000,274886297496,268566664,268566648) = 0

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 11:36:13 +02:00
Laurent Vivier e36800c91a linux-user: add signalfd/signalfd4 syscalls
This patch introduces a system very similar to the one used in the kernel
to attach specific functions to a given file descriptor.

In this case, we attach a specific "host_to_target()" translator to the fd
returned by signalfd() to be able to byte-swap the signalfd_siginfo
structure provided by read().

This patch allows to execute the example program given by
man signalfd(2):

 #include <sys/signalfd.h>
 #include <signal.h>
 #include <unistd.h>
 #include <stdlib.h>
 #include <stdio.h>

 #define handle_error(msg) \
     do { perror(msg); exit(EXIT_FAILURE); } while (0)

 int
 main(int argc, char *argv[])
 {
     sigset_t mask;
     int sfd;
     struct signalfd_siginfo fdsi;
     ssize_t s;

     sigemptyset(&mask);
     sigaddset(&mask, SIGINT);
     sigaddset(&mask, SIGQUIT);

     /* Block signals so that they aren't handled
        according to their default dispositions */

     if (sigprocmask(SIG_BLOCK, &mask, NULL) == -1)
         handle_error("sigprocmask");

     sfd = signalfd(-1, &mask, 0);
     if (sfd == -1)
         handle_error("signalfd");

     for (;;) {
         s = read(sfd, &fdsi, sizeof(struct signalfd_siginfo));
         if (s != sizeof(struct signalfd_siginfo))
             handle_error("read");

         if (fdsi.ssi_signo == SIGINT) {
             printf("Got SIGINT\n");
         } else if (fdsi.ssi_signo == SIGQUIT) {
             printf("Got SIGQUIT\n");
             exit(EXIT_SUCCESS);
         } else {
             printf("Read unexpected signal\n");
         }
     }
 }

 $ ./signalfd_demo
 ^CGot SIGINT
 ^CGot SIGINT
 ^\Got SIGQUIT

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-01-08 11:36:12 +02:00
Thomas Huth e9d49d518d linux-user/syscall: Replace g_malloc0 + memcpy with g_memdup
No need to use g_malloc0 to zero the memory if we memcpy to
the whole buffer afterwards anyway. Actually, there is even
a function which combines both steps, g_memdup, so let's use
this function here instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-11-06 15:42:38 +03:00
Stefan Weil d1c002b6ae linux-user: Remove type casts to union type
Casting to a union type is a gcc (and clang) extension. Other compilers
might not support it. This is not a problem today, but the type casts
can be removed easily. Smatch now no longer complains like before:

linux-user/syscall.c:3190:18: warning: cast to non-scalar
linux-user/syscall.c:7348:44: warning: cast to non-scalar

Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:47 +03:00
Markus Armbruster c78d65e8a7 linux-user: Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

This commit only touches allocations with size arguments of the form
sizeof(T).  Same Coccinelle semantic patch as in commit b45c03f.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-10-08 19:46:47 +03:00
Chen Gang 08703b9f7b linux-user/syscall.c: Add EAGAIN to host_to_target_errno_table for
Under Alpha host, EAGAIN is redefined to 35, so it need be remapped too.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-09-28 16:57:54 +03:00
Laurent Vivier 0f0426f343 linux-user: add name_to_handle_at/open_by_handle_at
This patch allows to run example given by open_by_handle_at(2):

      The following shell session demonstrates the use of these two programs:

           $ echo 'Can you please think about it?' > cecilia.txt
           $ ./t_name_to_handle_at cecilia.txt > fh
           $ ./t_open_by_handle_at < fh
           open_by_handle_at: Operation not permitted
           $ sudo ./t_open_by_handle_at < fh      # Need CAP_SYS_ADMIN
           Read 31 bytes
           $ rm cecilia.txt

       Now  we delete and (quickly) re-create the file so that it has the same
       content and (by chance) the  same  inode.[...]

           $ stat --printf="%i\n" cecilia.txt     # Display inode number
           4072121
           $ rm cecilia.txt
           $ echo 'Can you please think about it?' > cecilia.txt
           $ stat --printf="%i\n" cecilia.txt     # Check inode number
           4072121
           $ sudo ./t_open_by_handle_at < fh
           open_by_handle_at: Stale NFS file handle

See the man page for source code.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-09-28 16:44:46 +03:00
Timothy E Baldwin 93b4eff80a linux-user: Return target error number in do_fork()
Whilst calls to do_fork() are wrapped in get_errno() this does not
translate return values.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Timothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-09-28 16:40:12 +03:00
Jonathan Neuschäfer ee1045877a linux-user: fix cmsg conversion in case of multiple headers
Currently, __target_cmsg_nxthdr compares a pointer derived from
target_cmsg against the msg_control field of target_msgh (through
subtraction).  This failed for me when emulating i386 code under x86_64,
because pointers in the host address space and pointers in the guest
address space were not the same.  This patch passes the initial value of
target_cmsg into __target_cmsg_nxthdr.

I found and fixed two more related bugs:
- __target_cmsg_nxthdr now returns the new cmsg pointer instead of the
  old one.
- tgt_space (in host_to_target_cmsg) doesn't count "sizeof (struct
  target_cmsghdr)" twice anymore.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-09-28 16:39:43 +03:00
Stefan Brüns 59baae9a62 linux-user: remove MAX_ARG_PAGES limit
Instead of creating a temporary copy for the whole environment and
the arguments, directly copy everything to the target stack.

For this to work, we have to change the order of stack creation and
copying the arguments.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-09-28 16:29:11 +03:00
Chen Gang 704eff6c23 linux-user: Conditionalize syscalls which are not defined in tilegx
Some of architectures (e.g. tilegx), several syscall macros are not
supported, so switch them.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <BLU436-SMTP457D6FC9B2B9BA87AEB22CB9660@phx.gbl>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-09-15 07:41:35 -07:00
Peter Maydell a2aa09e181 * Support for jemalloc
* qemu_mutex_lock_iothread "No such process" fix
 * cutils: qemu_strto* wrappers
 * iohandler.c simplification
 * Many other fixes and misc patches.
 
 And some MTTCG work (with Emilio's fixes squashed):
 * Signal-free TCG kick
 * Removing spinlock in favor of QemuMutex
 * User-mode emulation multi-threading fixes/docs
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJV8Tk7AAoJEL/70l94x66Ds3QH/3bi0RRR2NtKIXAQrGo5tfuD
 NPMu1K5Hy+/26AC6mEVNRh4kh7dPH5E4NnDGbxet1+osvmpjxAjc2JrxEybhHD0j
 fkpzqynuBN6cA2Gu5GUNoKzxxTmi2RrEYigWDZqCftRXBeO2Hsr1etxJh9UoZw5H
 dgpU3j/n0Q8s08jUJ1o789knZI/ckwL4oXK4u2KhSC7ZTCWhJT7Qr7c0JmiKReaF
 JEYAsKkQhICVKRVmC8NxML8U58O8maBjQ62UN6nQpVaQd0Yo/6cstFTZsRrHMHL3
 7A2Tyg862cMvp+1DOX3Bk02yXA+nxnzLF8kUe0rYo6llqDBDStzqyn1j9R0qeqA=
 =nB06
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Support for jemalloc
* qemu_mutex_lock_iothread "No such process" fix
* cutils: qemu_strto* wrappers
* iohandler.c simplification
* Many other fixes and misc patches.

And some MTTCG work (with Emilio's fixes squashed):
* Signal-free TCG kick
* Removing spinlock in favor of QemuMutex
* User-mode emulation multi-threading fixes/docs

# gpg: Signature made Thu 10 Sep 2015 09:03:07 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"

* remotes/bonzini/tags/for-upstream: (44 commits)
  cutils: work around platform differences in strto{l,ul,ll,ull}
  cpu-exec: fix lock hierarchy for user-mode emulation
  exec: make mmap_lock/mmap_unlock globally available
  tcg: comment on which functions have to be called with mmap_lock held
  tcg: add memory barriers in page_find_alloc accesses
  remove unused spinlock.
  replace spinlock by QemuMutex.
  cpus: remove tcg_halt_cond and tcg_cpu_thread globals
  cpus: protect work list with work_mutex
  scripts/dump-guest-memory.py: fix after RAMBlock change
  configure: Add support for jemalloc
  add macro file for coccinelle
  configure: factor out adding disas configure
  vhost-scsi: fix wrong vhost-scsi firmware path
  checkpatch: remove tests that are not relevant outside the kernel
  checkpatch: adapt some tests to QEMU
  CODING_STYLE: update mixed declaration rules
  qmp: Add example usage of strto*l() qemu wrapper
  cutils: Add qemu_strtoull() wrapper
  cutils: Add qemu_strtoll() wrapper
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-14 16:13:16 +01:00
Veres Lajos 67cc32ebfd typofixes - v4
Signed-off-by: Veres Lajos <vlajos@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:45:43 +03:00
Emilio G. Cota 7090376369 linux-user: call rcu_(un)register_thread on pthread_(exit|create)
Signed-off-by: Emilio G. Cota <cota@braap.org>
Message-Id: <1440375847-17603-13-git-send-email-cota@braap.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-09 15:34:54 +02:00
Laurent Vivier 45c874ebba linux-user: ioctl() command type is int
When executing a 64bit target chroot on 64bit host,
the ioctl() command can mismatch.

It seems the previous commit doesn't solve the problem in
my case:

    9c6bf9c7 linux-user: Fix ioctl cmd type mismatch on 64-bit targets

For example, a ppc64 chroot on an x86_64 host:

bash-4.3# ls
Unsupported ioctl: cmd=0x80087467
Unsupported ioctl: cmd=0x802c7415

The origin of the problem is in syscall.c:do_ioctl().

    static abi_long do_ioctl(int fd, abi_long cmd, abi_long arg)

In this case (ppc64) abi_long is long (on the x86_64), and

    cmd = 0x0000000080087467

then
    if (ie->target_cmd == cmd)

target_cmd is int, so target_cmd = 0x80087467
and to compare an int with a long, the sign is extended to 64bit,
so the comparison is:

    if (0xffffffff80087467 == 0x0000000080087467)

which doesn't match whereas it should.

This patch uses int in the case of the target command type
instead of abi_long.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-06-16 09:37:17 +03:00
Peter Maydell 876e23cb2e linux-user: use __get_user and __put_user in cmsg conversions
The target payloads in cmsg conversions may not have the alignment
required by the host. Using the get_user and put_user functions is
the easiest way to handle this and also do the byte-swapping we
require.

(Note that prior to this commit target_to_host_cmsg was incorrectly
using __put_user() rather than __get_user() for the SCM_CREDENTIALS
conversion, which meant it wasn't getting the benefit of the
misalignment handling.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-06-16 08:21:01 +03:00
Peter Maydell c2aeb2586b linux-user: Fix length handling in host_to_target_cmsg
The previous code for handling payload length when converting
cmsg structures from host to target had a number of problems:
 * we required the msg->msg_controllen to declare the buffer
   to have enough space for final trailing padding (we were
   checking against CMSG_SPACE), whereas the kernel does not
   require this, and common userspace code assumes this. (In
   particular, glibc's "try to talk to nscd" code that it will
   run on startup will receive a cmsg with a 4 byte payload and
   only allocate 4 bytes for it, which was causing us to do
   the wrong thing on architectures that need 8-alignment.)
 * we weren't correctly handling the fact that the SO_TIMESTAMP
   payload may be larger for the target than the host
 * we weren't marking the messages with MSG_CTRUNC when we did
   need to truncate a message that wasn't truncated by the host,
   but were instead logging a QEMU message; since truncation is
   always the result of a guest giving us an insufficiently
   sized buffer, we should report it to the guest as the kernel
   does and don't log anything

Rewrite the parts of the function that deal with length to
fix these issues, and add a comment in target_to_host_cmsg
to explain why the overflow logging it does is a QEMU bug,
not a guest issue.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-06-16 08:21:01 +03:00
Alexander Graf 8be656b87c linux-user: Allocate thunk size dynamically
We store all struct types in an array of static size without ever
checking whether we overrun it. Of course some day someone (like me
in another, ancient ALSA enabling patch set) will run into the limit
without realizing it.

So let's make the allocation dynamic. We already know the number of
structs that we want to allocate, so we only need to pass the variable
into the respective piece of code.

Also, to ensure we don't accidently overwrite random memory, add some
asserts to sanity check whether a thunk is actually part of our array.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-06-15 11:36:58 +03:00
Paolo Bonzini a59629fcc6 rcu: do not create thread in pthread_atfork callback
If QEMU forks after the CPU threads have been created, qemu_mutex_lock_iothread
will not be able to do qemu_cpu_kick_thread.  There is no solution other than
assuming that forks after the CPU threads have been created will end up in an
exec.  Forks before the CPU threads have been created (such as -daemonize)
have to call rcu_after_fork manually.

Notably, the oxygen theme for GTK+ forks and shows a "No such process" error
without this patch.

This patch can be reverted once the iothread loses the "kick the TCG thread"
magic.

User-mode emulation does not use the iothread, so it can also call
rcu_after_fork.

Reported by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Tested by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-04-01 10:06:38 +02:00
Andreas Schwab 17644b3627 linux-user: fix emulation of splice syscall
The second and fourth argument are in/out parameters, store them back
after the syscall.  Also, the fourth argument was mishandled, and EFAULT
handling was missing.

Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-03-22 15:18:51 +02:00
Chen Gang S dec0473dc6 linux-user/syscall.c: do_ioctl_dm: Need to call unlock_user() before going to failure return in default case
In abi_long do_ioctl_dm(), after lock_user() call, the code does
not call unlock_user() before going to failure return in default case.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Chen Gang S 71ec7cef01 linux-user/syscall.c: Fix typo issue for using target_vec[i].iov_len instead of target_vec[i].iov_base
It is only a typo issue, need use tswapal(target_vec[i].iov_len) for the
len.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Chen Gang S 7eff518b6c linux-user/syscall.c: lock_iovec: unlock vec[i] in failure processing code block
When failure occurs during locking of vec[i], we also need to unlock all
already locked vec[i] in failure processing code block before return.

Code in unlock_user() checks vec[i].iov_base for NULL, so there's no
need not check it .

If error is EFAULT when "i == 0", vec[i].iov_base is NULL, we can just
skip it, so can still use "while (--i >= 0)" loop condition.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Alex Suykov 30b8b68eb5 linux-user: support target-to-host SCM_CREDENTIALS
When passing ancillary data through a unix socket, handle
credentials properly instead of doing a simple copy and
issuing a warning.

Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-01-27 22:33:57 +02:00
Ed Swierk 9c6bf9c7d7 linux-user: Fix ioctl cmd type mismatch on 64-bit targets
linux-user passes the cmd argument of the ioctl syscall as a signed long,
but compares it to an unsigned int when iterating through the ioctl_entries
list.  When the cmd is a large value like 0x80047476 (TARGET_TIOCSWINSZ on
mips64) it gets sign-extended to 0xffffffff80047476, causing the comparison
to fail and resulting in lots of spurious "Unsupported ioctl" errors.
Changing the target_cmd field in the ioctl_entries list to a signed int
causes those values to be sign-extended as well during the comparison.

Signed-off-by: Ed Swierk <eswierk@skyportsystems.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-01-27 22:33:57 +02:00
Felix Janda 95018018ca linux-user: translate resource also for prlimit64
The resource argument is translated from host to target for
[gs]etprlimit but not for prlimit64. Fix this.

Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2015-01-27 22:33:57 +02:00
Alexander Graf aecc88616a linux-user: Fix up timer id handling
When creating a timer handle, we give the timer id a special magic offset
of 0xcafe0000. However, we never mask that offset out of the timer id before
we start using it to dereference our timer array. So we always end up aborting
timer operations because the timer id is out of bounds.

This was not an issue before my patch e52a99f756 ("linux-user: Simplify
timerid checks on g_posix_timers range") because before we would blindly mask
anything above the first 16 bits.

This patch simplifies the code around timer id creation by introducing a proper
target_timer_id typedef that is s32, just like Linux has it. It also changes the
magic offset to a value that makes all timer ids be positive.

Reported-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-11-11 08:13:09 +02:00
Riku Voipio d80a190594 linux-user: don't include timerfd if not needed
Without this, builds on older systems fail with:

qemu/linux-user/syscall.c:61:25: warning: sys/timerfd.h: No such file or directory

v2: fix the usual case where CONFIG_TIMERFD is enabled..

Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-10-06 21:52:46 +03:00
Alexander Graf e52a99f756 linux-user: Simplify timerid checks on g_posix_timers range
We check whether the passed in timer id is negative on all calls
that involve g_posix_timers.

However, these checks are bogus. First off we limit the timer_id to
16 bits which is not what Linux does. Then we check whether it's negative
which it can't be because we masked it.

We can safely remove the masking. For the negativity check we can just
treat the timerid as unsigned and only check for upper boundaries.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-10-06 21:52:45 +03:00
Alexander Graf a59b5e35d1 linux-user: Convert blkpg to use a special subop handler
The blkpg ioctl can take different payloads depending on the opcode in
its payload structure. Create a new special ioctl handler that can only
deal with partition style ones for now.

This patch fixes running parted for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-10-06 21:52:45 +03:00
zhanghailiang 680dfde919 linux-user: fix file descriptor leaks
Handle variable "fd_orig" going out of scope leaks the handle.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-08-24 13:18:28 +04:00
zhanghailiang 29e03fcb62 linux-user: check return value of malloc()
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Acked-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-08-22 15:06:35 +03:00
Tom Musta 29560a6cb7 linux-user: writev Partial Writes
Although not technically not required by POSIX, the writev system call will
typically write out its buffers individually.  That is, if the first buffer
is written successfully, but the second buffer pointer is invalid, then
the first chuck will be written and its size is returned.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-08-22 15:06:35 +03:00
Tom Musta 6f6a40328b linux-user: Support target-to-host translation of mlockall argument
The argument to the mlockall system call is not necessarily the same on
all platforms and thus may require translation prior to passing to the
host.

For example, PowerPC 64 bit platforms define values for MCL_CURRENT
(0x2000) and MCL_FUTURE (0x4000) which are different from Intel platforms
(0x1 and 0x2, respectively)

Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-08-22 15:06:35 +03:00
Tom Musta 8fbe8fdfbc linux-user: clock_nanosleep errno Handling on PPC
The clock_nanosleep syscall is unusual in that it returns positive
numbers in error handling situations, versus returning -1 and setting
errno, or returning a negative errno value.  On POWER, the kernel will
set the SO bit of CR0 to indicate failure in a syscall.  QEMU has
generic handling to do this for syscalls with standard return values.

Add special case code for clock_nanosleep to handle CR0 properly.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-08-22 15:06:35 +03:00
Tom Musta d4290c40a4 linux-user: Detect fault in sched_rr_get_interval
Properly detect a fault when attempting to store into an invalid
struct timespec pointer.

Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2014-08-22 15:06:35 +03:00