aboutsummaryrefslogtreecommitdiff
path: root/linux-user/elfload.c
diff options
context:
space:
mode:
authorRichard Henderson <richard.henderson@linaro.org>2023-03-06 01:26:29 +0300
committerRichard Henderson <richard.henderson@linaro.org>2023-03-28 15:23:10 -0700
commit95059f9c313a7fbd7f22e4cdc1977c0393addc7b (patch)
tree5cbda761db3d946f2dafca04afaab139077596dd /linux-user/elfload.c
parenta3a67f54f0b4ec98ff2380a792e5bfeebc47d554 (diff)
downloadqemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.zip
qemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.tar.gz
qemu-95059f9c313a7fbd7f22e4cdc1977c0393addc7b.tar.bz2
include/exec: Change reserved_va semantics to last byte
Change the semantics to be the last byte of the guest va, rather than the following byte. This avoids some overflow conditions. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'linux-user/elfload.c')
-rw-r--r--linux-user/elfload.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index dfae967..f1370a7 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -208,7 +208,7 @@ static bool init_guest_commpage(void)
* has specified -R reserved_va, which would trigger an assert().
*/
if (reserved_va != 0 &&
- TARGET_VSYSCALL_PAGE + TARGET_PAGE_SIZE >= reserved_va) {
+ TARGET_VSYSCALL_PAGE + TARGET_PAGE_SIZE - 1 > reserved_va) {
error_report("Cannot allocate vsyscall page");
exit(EXIT_FAILURE);
}
@@ -2504,7 +2504,7 @@ static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr,
if (guest_hiaddr > reserved_va) {
error_report("%s: requires more than reserved virtual "
"address space (0x%" PRIx64 " > 0x%lx)",
- image_name, (uint64_t)guest_hiaddr + 1, reserved_va);
+ image_name, (uint64_t)guest_hiaddr, reserved_va);
exit(EXIT_FAILURE);
}
} else {
@@ -2525,7 +2525,7 @@ static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr,
if (reserved_va) {
guest_loaddr = (guest_base >= mmap_min_addr ? 0
: mmap_min_addr - guest_base);
- guest_hiaddr = reserved_va - 1;
+ guest_hiaddr = reserved_va;
}
/* Reserve the address space for the binary, or reserved_va. */
@@ -2755,7 +2755,7 @@ static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr,
if (guest_hiaddr > reserved_va) {
error_report("%s: requires more than reserved virtual "
"address space (0x%" PRIx64 " > 0x%lx)",
- image_name, (uint64_t)guest_hiaddr + 1, reserved_va);
+ image_name, (uint64_t)guest_hiaddr, reserved_va);
exit(EXIT_FAILURE);
}
@@ -2768,17 +2768,17 @@ static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr,
/* Reserve the memory on the host. */
assert(guest_base != 0);
test = g2h_untagged(0);
- addr = mmap(test, reserved_va, PROT_NONE, flags, -1, 0);
+ addr = mmap(test, reserved_va + 1, PROT_NONE, flags, -1, 0);
if (addr == MAP_FAILED || addr != test) {
error_report("Unable to reserve 0x%lx bytes of virtual address "
"space at %p (%s) for use as guest address space (check your "
"virtual memory ulimit setting, min_mmap_addr or reserve less "
- "using -R option)", reserved_va, test, strerror(errno));
+ "using -R option)", reserved_va + 1, test, strerror(errno));
exit(EXIT_FAILURE);
}
qemu_log_mask(CPU_LOG_PAGE, "%s: base @ %p for %lu bytes\n",
- __func__, addr, reserved_va);
+ __func__, addr, reserved_va + 1);
}
void probe_guest_base(const char *image_name, abi_ulong guest_loaddr,