From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=51372 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PhSab-0006u0-0k
	for qemu-devel@nongnu.org; Mon, 24 Jan 2011 15:00:38 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <vapier.adi@gmail.com>) id 1PhSaZ-0001Lh-KM
	for qemu-devel@nongnu.org; Mon, 24 Jan 2011 15:00:37 -0500
Received: from mail-iw0-f173.google.com ([209.85.214.173]:34679)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <vapier.adi@gmail.com>) id 1PhSaZ-0001LC-FG
	for qemu-devel@nongnu.org; Mon, 24 Jan 2011 15:00:35 -0500
Received: by iwn40 with SMTP id 40so4546887iwn.4
	for <qemu-devel@nongnu.org>; Mon, 24 Jan 2011 12:00:33 -0800 (PST)
MIME-Version: 1.0
In-Reply-To: <4D3DC1F6.9030800@gmail.com>
References: <4D3D63B3.1030402@gmail.com>
	<AANLkTin_LVqQ-BjYtyJ1YJ3C4ok2nS_E8k_HoA7TRgqG@mail.gmail.com>
	<4D3DC1F6.9030800@gmail.com>
From: Mike Frysinger <vapier.adi@gmail.com>
Date: Mon, 24 Jan 2011 15:00:10 -0500
Message-ID: <AANLkTikbw-dXoRi7ETNnTRxSm+TYD4odQRjaHLrq=cX0@mail.gmail.com>
Subject: Re: [Qemu-devel] qemu-user: relocating target code weakness
Content-Type: text/plain; charset=UTF-8
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefano Bonifazi <stefboombastic@gmail.com>
Cc: Mulyadi Santosa <mulyadi.santosa@gmail.com>, QEMU Developers <qemu-devel@nongnu.org>

On Mon, Jan 24, 2011 at 13:16, Stefano Bonifazi wrote:
>> Start address in which address the ELF code section, in reality (not
>> under qemu-user) should be mapped. in x86 32 bit it's 08048000, you
>> can check it by yourself by executing:
>> cat /proc/self/maps
>
> Wait, like that I don't understand anything more.. As far as I understood
> when calling mmap from within a process, its result, when no error happen,
> would be the virtual address where the mapping starts.. so if I get
> 0x10000000 from mmap why should it be 08048000 instead??

he is telling you what ELF_START_MMAP is all about.  it is the base
address that the linux kernel for that architecture will start giving
out addresses.  so when running Linux on an x86 system, the first
mmap() a process does will start at 0x80000000 and move up.

although looking at the elfload code quickly, it doesnt seem that this
is really used anymore.  so it probably can be ignored.

> Inside load_elf_binary the call to mmap has elf_ppnt->p_vaddr as required
> starting address (plus alignment) and MAP_FIXED flag.

review the mmap() man page ... MAP_FIXED is always a *suggestion* and
never a requirement.  the app must check the return value to see what
the kernel actually gave it.
-mike