From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MHMnm-0007zB-RW for qemu-devel@nongnu.org; Thu, 18 Jun 2009 14:57:34 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MHMnm-0007yz-IV for qemu-devel@nongnu.org; Thu, 18 Jun 2009 14:57:34 -0400 Received: from [199.232.76.173] (port=41292 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MHMnm-0007yw-Ba for qemu-devel@nongnu.org; Thu, 18 Jun 2009 14:57:34 -0400 Received: from naru.obs2.net ([84.20.150.76]:38709) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1MHMnl-0006wU-NH for qemu-devel@nongnu.org; Thu, 18 Jun 2009 14:57:34 -0400 Date: Thu, 18 Jun 2009 21:57:31 +0300 From: Riku Voipio Subject: Re: [Qemu-devel] Patch to fix mapping of elf pheaders specifying both .data and .bss segments Message-ID: <20090618185731.GC24046@kos.to> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kai Backman Cc: qemu-devel@nongnu.org On Wed, Jun 17, 2009 at 08:36:38PM +0300, Kai Backman wrote: > I recently found an issue where an elf pheader mapping both a .data and a > .bss segment would have its MemSiz ignored and only FileSiz bytes would > end up in the memory map. The bug is exhibiting when an elf interpreter > isn't available on the system. I've attached the output of readelf for > such a file and a patch against the git repository that fixes the problem. > Comments on the patch solicited, I'm also unclear on the commit flow for > the project. I presume you are not using a regular linux userland? A testcase would be nice. The patch attached is totally messed up thou. > diff --git a/linux-user/elfload.c b/linux-user/elfload.c index > 190ad14..e4e75d5 100644 --- a/linux-user/elfload.c +++ > b/linux-user/elfload.c @@ -1211,7 +1211,7 @@ int load_elf_binary(struct > linux_binprm * bprm, struct target_pt_regs * regs, abi_ulong mapped_addr; > struct elf_phdr * elf_ppnt; struct elf_phdr *elf_phdata; - abi_ulong > elf_bss, k, elf_brk; + abi_ulong elf_bss, last_bss, mapped_bss, k, > elf_brk; int retval; char * elf_interpreter; abi_ulong elf_entry, > interp_load_addr = 0; @@ -1271,6 +1271,7 @@ int load_elf_binary(struct > linux_binprm * bprm, struct target_pt_regs * regs, elf_ppnt = elf_phdata; > elf_bss = 0; + last_bss = 0; elf_brk = 0; @@ -1495,12 +1496,24 @@ int > load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs, > k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz; if (k > elf_bss) elf_bss = k; > + k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz; + if (k > last_bss) + > last_bss = k; if ((elf_ppnt->p_flags & PF_X) && end_code < k) end_code = > k; if (end_data < k) end_data = k; k = elf_ppnt->p_vaddr + > elf_ppnt->p_memsz; if (k > elf_brk) elf_brk = k; + if (!elf_interpreter && > last_bss > elf_bss) { + padzero(elf_bss, last_bss); + mapped_bss = > TARGET_ELF_PAGESTART(elf_bss + qemu_host_page_size - 1); + + /* Map the > last of the bss segment */ + target_mmap(load_bias + mapped_bss, > last_bss-mapped_bss, + PROT_READ|PROT_WRITE|PROT_EXEC, + > MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + } } elf_entry += load_bias; > -- > Kai Backman, Software Engineer, [1]kaib@google.com > > References > > Visible links > 1. mailto:kaib@google.com