diff options
author | Richard Henderson <richard.henderson@linaro.org> | 2023-03-06 01:26:29 +0300 |
---|---|---|
committer | Richard Henderson <richard.henderson@linaro.org> | 2023-03-28 15:23:10 -0700 |
commit | 95059f9c313a7fbd7f22e4cdc1977c0393addc7b (patch) | |
tree | 5cbda761db3d946f2dafca04afaab139077596dd /linux-user/elfload.c | |
parent | a3a67f54f0b4ec98ff2380a792e5bfeebc47d554 (diff) | |
download | qemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.zip qemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.tar.gz qemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.tar.bz2 |
include/exec: Change reserved_va semantics to last byte
Change the semantics to be the last byte of the guest va, rather
than the following byte. This avoids some overflow conditions.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'linux-user/elfload.c')
-rw-r--r-- | linux-user/elfload.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/linux-user/elfload.c b/linux-user/elfload.c index dfae967..f1370a7 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -208,7 +208,7 @@ static bool init_guest_commpage(void) * has specified -R reserved_va, which would trigger an assert(). */ if (reserved_va != 0 && - TARGET_VSYSCALL_PAGE + TARGET_PAGE_SIZE >= reserved_va) { + TARGET_VSYSCALL_PAGE + TARGET_PAGE_SIZE - 1 > reserved_va) { error_report("Cannot allocate vsyscall page"); exit(EXIT_FAILURE); } @@ -2504,7 +2504,7 @@ static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr, if (guest_hiaddr > reserved_va) { error_report("%s: requires more than reserved virtual " "address space (0x%" PRIx64 " > 0x%lx)", - image_name, (uint64_t)guest_hiaddr + 1, reserved_va); + image_name, (uint64_t)guest_hiaddr, reserved_va); exit(EXIT_FAILURE); } } else { @@ -2525,7 +2525,7 @@ static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr, if (reserved_va) { guest_loaddr = (guest_base >= mmap_min_addr ? 0 : mmap_min_addr - guest_base); - guest_hiaddr = reserved_va - 1; + guest_hiaddr = reserved_va; } /* Reserve the address space for the binary, or reserved_va. */ @@ -2755,7 +2755,7 @@ static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr, if (guest_hiaddr > reserved_va) { error_report("%s: requires more than reserved virtual " "address space (0x%" PRIx64 " > 0x%lx)", - image_name, (uint64_t)guest_hiaddr + 1, reserved_va); + image_name, (uint64_t)guest_hiaddr, reserved_va); exit(EXIT_FAILURE); } @@ -2768,17 +2768,17 @@ static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr, /* Reserve the memory on the host. */ assert(guest_base != 0); test = g2h_untagged(0); - addr = mmap(test, reserved_va, PROT_NONE, flags, -1, 0); + addr = mmap(test, reserved_va + 1, PROT_NONE, flags, -1, 0); if (addr == MAP_FAILED || addr != test) { error_report("Unable to reserve 0x%lx bytes of virtual address " "space at %p (%s) for use as guest address space (check your " "virtual memory ulimit setting, min_mmap_addr or reserve less " - "using -R option)", reserved_va, test, strerror(errno)); + "using -R option)", reserved_va + 1, test, strerror(errno)); exit(EXIT_FAILURE); } qemu_log_mask(CPU_LOG_PAGE, "%s: base @ %p for %lu bytes\n", - __func__, addr, reserved_va); + __func__, addr, reserved_va + 1); } void probe_guest_base(const char *image_name, abi_ulong guest_loaddr, |