From patchwork Wed Oct 18 12:33:20 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Riku Voipio <riku.voipio@linaro.org>
X-Patchwork-Id: 116287
Delivered-To: patch@linaro.org
Received: by 10.140.22.163 with SMTP id 32csp6019452qgn;
 Wed, 18 Oct 2017 05:41:33 -0700 (PDT)
X-Received: by 10.200.28.70 with SMTP id j6mr2708429qtk.78.1508330493297;
 Wed, 18 Oct 2017 05:41:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1508330493; cv=none;
 d=google.com; s=arc-20160816;
 b=IbbeXHFBifCQHCuxt/2rYKrawtPGoK0nxPS+Qna0zBrwqXOb6E1zDOcVxrfADPUsW3
 I6eUag24KUmJZ3QfqNSeGOmH8/O/MjIwwFBWjZNqTeWRfXWW/J+f10wu1i5N0h7PNeBu
 WGALYKgpZ1YLCJW231S94xuEwZ8Jjy1krrGTRAuxXwfBIM35ybnYK1pHvr1MoHJ/8BGv
 jIJeO5S3O9+1yiboZwTUDLjSOf1i6EmDjAnNeGHj2etPjwBwvPHg8vmQyPq6qgn2+V8+
 jVJ6HAOPY9BnXgywkMHM53MFW3fqrioaaYvjb0/Rzi0EtUPB3q1j9PEkb4II0RtSb7NB
 JoKQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:references:in-reply-to
 :message-id:date:to:from:dkim-signature:arc-authentication-results;
 bh=GKYDmvBRv2sgM615HmP1smpEB09rZHtGpRvAoSBBWqs=;
 b=QC696U1Gxs0frD2DsnAtihC/ngl86JZVcpUBL0uE+YnkRLs9CGDA077dlpWLliC62E
 za6V8ZYbVHgJ3lheL0d8MGlzVVPCsfrY7jgyyQjeZk1Z7lSnII/QtzbdRD6zo5F5gIaG
 izN2m4en+x0upIP3hSooGp2TVBYHgPDmi7Q+fKkX7H5VXKFFm4pa+vVTZXbR+P2Yn0BG
 bB9LKgT1M0v2+SzXLDYBQsb9S31dYhBRzzOLGTnIWXsGnV1HwQ8tdaYWlAs2uzFVJJnT
 nwwudjTiSRmgDfZQFRt8//snNMnhUQ9vO8uarcIwt1+nmDE7QHNG02c6O4gR6iFeG6Fy
 M8Jg==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=cgGms+gI;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11])
 by mx.google.com with ESMTPS id
 c29si2621230qtb.372.2017.10.18.05.41.32 for <patch@linaro.org>
 (version=TLS1 cipher=AES128-SHA bits=128/128);
 Wed, 18 Oct 2017 05:41:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 client-ip=2001:4830:134:3::11; 
Authentication-Results: mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=cgGms+gI;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1]:44459 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1e4nf9-0002Pi-3t
 for patch@linaro.org; Wed, 18 Oct 2017 08:41:31 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58639)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <riku.voipio@linaro.org>) id 1e4nXa-0005Gr-KB
 for qemu-devel@nongnu.org; Wed, 18 Oct 2017 08:33:46 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <riku.voipio@linaro.org>) id 1e4nXW-0003xF-Cf
 for qemu-devel@nongnu.org; Wed, 18 Oct 2017 08:33:42 -0400
Received: from mail-lf0-x242.google.com ([2a00:1450:4010:c07::242]:50978)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <riku.voipio@linaro.org>)
 id 1e4nXW-0003wh-1O
 for qemu-devel@nongnu.org; Wed, 18 Oct 2017 08:33:38 -0400
Received: by mail-lf0-x242.google.com with SMTP id a132so5618370lfa.7
 for <qemu-devel@nongnu.org>; Wed, 18 Oct 2017 05:33:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=GKYDmvBRv2sgM615HmP1smpEB09rZHtGpRvAoSBBWqs=;
 b=cgGms+gIcP5ldah9UoEvBHV5GOl4gggNTGcJXQxF0HdwTN0MZ2AifEzhMQqFrMe54f
 ZSq8tLMCjThoxa2WFAxWUNgsg0C3M/+r2UN5jzNwwMMWVOtnM5HPMXh4XCCDtxcRmIsP
 3bGS7quVNpZA6RqpA/kUZUuTEqUp3uONdcUak=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=GKYDmvBRv2sgM615HmP1smpEB09rZHtGpRvAoSBBWqs=;
 b=MQnZgCf8DRAxjJAyT+kTr3exw6QGZ/u6O4OZ9oxZtkrYZFMSjRMKfNKpJTEpld+C1L
 jNNfP8gkurvhi7tWUFsfQSibETt6hIrTViHri2T4CbsuvdhIWTEcBi6o+7FaceqTQeg+
 +AoxlRQbleyHzBaOyxiUtVAFqedmDiHv7POR8Cz+Hg9wzF6DC6SKk+8fXTTluGNYNoZI
 7IfarXD4xTA56ZApXEOD/tZYBzmw6vp9WD43RxI2R7ScxpBfWAh41Envl84HhPx6C4hG
 4je13HD9UL5WOzH0D/ENcm5SjnjzLPjsHWI8JmxN42T074rBFBbdgICusbftt35IJVdi
 JjPw==
X-Gm-Message-State: AMCzsaWZOV2bJWwK7UXssQWOQSTCSXCZalCSuWu4Y/SxBXeIkQXFtaX9
 UF0MFRknsi/FoJ9w73QgIgvsJEFbwuE=
X-Google-Smtp-Source: ABhQp+RVEQtB8s6sU6RW7vBcMjVMHDdN1KSjAhLdp5R4qMMjBm8/6Vl+ni4a4kjzqgw7lEgLZe+z+w==
X-Received: by 10.25.17.21 with SMTP id g21mr5129335lfi.170.1508330016401;
 Wed, 18 Oct 2017 05:33:36 -0700 (PDT)
Received: from berserk.kos.to (91-157-170-157.elisa-laajakaista.fi.
 [91.157.170.157]) by smtp.gmail.com with ESMTPSA id
 j71sm2590718lfk.6.2017.10.18.05.33.34
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 18 Oct 2017 05:33:34 -0700 (PDT)
From: riku.voipio@linaro.org
To: qemu-devel@nongnu.org
Date: Wed, 18 Oct 2017 15:33:20 +0300
Message-Id: <18e80c55bb6ec17c05ec0ba717ec83933c2bfc07.1508329282.git.riku.voipio@linaro.org>
X-Mailer: git-send-email 2.14.2
In-Reply-To: <cover.1508329282.git.riku.voipio@linaro.org>
References: <cover.1508329282.git.riku.voipio@linaro.org>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2a00:1450:4010:c07::242
Subject: [Qemu-devel] [PULL 06/10] linux-user: Tidy and enforce reserved_va
 initialization
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Richard Henderson <rth@twiddle.net>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

From: Richard Henderson <rth@twiddle.net>

We had a check using TARGET_VIRT_ADDR_SPACE_BITS to make sure
that the allocation coming in from the command-line option was
not too large, but that didn't include target-specific knowledge
about other restrictions on user-space.

Remove several target-specific hacks in linux-user/main.c.

For MIPS and Nios, we can replace them with proper adjustments
to the respective target's TARGET_VIRT_ADDR_SPACE_BITS definition.

For ARM, we had no existing ifdef but I suspect that the current
default value of 0xf7000000 was chosen with this in mind.  Define
a workable value in linux-user/arm/, and also document why the
special case is required.

Signed-off-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20170708025030.15845-3-rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/arm/target_cpu.h |  4 ++++
 linux-user/main.c           | 38 +++++++++++++++++++++++++-------------
 target/mips/mips-defs.h     |  6 +++++-
 target/nios2/cpu.h          |  6 +++++-
 4 files changed, 39 insertions(+), 15 deletions(-)

-- 
2.14.2

diff --git a/linux-user/arm/target_cpu.h b/linux-user/arm/target_cpu.h
index d888219150..c3eb4b243d 100644
--- a/linux-user/arm/target_cpu.h
+++ b/linux-user/arm/target_cpu.h
@@ -19,6 +19,10 @@
 #ifndef ARM_TARGET_CPU_H
 #define ARM_TARGET_CPU_H
 
+/* We need to be able to map the commpage.
+   See validate_guest_space in linux-user/elfload.c.  */
+#define MAX_RESERVED_VA  0xffff0000ul
+
 static inline void cpu_clone_regs(CPUARMState *env, target_ulong newsp)
 {
     if (newsp) {
diff --git a/linux-user/main.c b/linux-user/main.c
index 829f974662..fd54d344bb 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -60,23 +60,38 @@ do {                                                                    \
     }                                                                   \
 } while (0)
 
-#if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
 /*
  * When running 32-on-64 we should make sure we can fit all of the possible
  * guest address space into a contiguous chunk of virtual host memory.
  *
  * This way we will never overlap with our own libraries or binaries or stack
  * or anything else that QEMU maps.
+ *
+ * Many cpus reserve the high bit (or more than one for some 64-bit cpus)
+ * of the address for the kernel.  Some cpus rely on this and user space
+ * uses the high bit(s) for pointer tagging and the like.  For them, we
+ * must preserve the expected address space.
  */
-# if defined(TARGET_MIPS) || defined(TARGET_NIOS2)
-/*
- * MIPS only supports 31 bits of virtual address space for user space.
- * Nios2 also only supports 31 bits.
- */
-unsigned long reserved_va = 0x77000000;
+#ifndef MAX_RESERVED_VA
+# if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
+#  if TARGET_VIRT_ADDR_SPACE_BITS == 32 && \
+      (TARGET_LONG_BITS == 32 || defined(TARGET_ABI32))
+/* There are a number of places where we assign reserved_va to a variable
+   of type abi_ulong and expect it to fit.  Avoid the last page.  */
+#   define MAX_RESERVED_VA  (0xfffffffful & TARGET_PAGE_MASK)
+#  else
+#   define MAX_RESERVED_VA  (1ul << TARGET_VIRT_ADDR_SPACE_BITS)
+#  endif
 # else
-unsigned long reserved_va = 0xf7000000;
+#  define MAX_RESERVED_VA  0
 # endif
+#endif
+
+/* That said, reserving *too* much vm space via mmap can run into problems
+   with rlimits, oom due to page table creation, etc.  We will still try it,
+   if directed by the command-line option, but not by default.  */
+#if HOST_LONG_BITS == 64 && TARGET_VIRT_ADDR_SPACE_BITS <= 32
+unsigned long reserved_va = MAX_RESERVED_VA;
 #else
 unsigned long reserved_va;
 #endif
@@ -3978,11 +3993,8 @@ static void handle_arg_reserved_va(const char *arg)
         unsigned long unshifted = reserved_va;
         p++;
         reserved_va <<= shift;
-        if (((reserved_va >> shift) != unshifted)
-#if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
-            || (reserved_va > (1ul << TARGET_VIRT_ADDR_SPACE_BITS))
-#endif
-            ) {
+        if (reserved_va >> shift != unshifted
+            || (MAX_RESERVED_VA && reserved_va > MAX_RESERVED_VA)) {
             fprintf(stderr, "Reserved virtual address too big\n");
             exit(EXIT_FAILURE);
         }
diff --git a/target/mips/mips-defs.h b/target/mips/mips-defs.h
index 047554ee45..d239069975 100644
--- a/target/mips/mips-defs.h
+++ b/target/mips/mips-defs.h
@@ -15,7 +15,11 @@
 #else
 #define TARGET_LONG_BITS 32
 #define TARGET_PHYS_ADDR_SPACE_BITS 40
-#define TARGET_VIRT_ADDR_SPACE_BITS 32
+# ifdef CONFIG_USER_ONLY
+#  define TARGET_VIRT_ADDR_SPACE_BITS 31
+# else
+#  define TARGET_VIRT_ADDR_SPACE_BITS 32
+#endif
 #endif
 
 /* Masks used to mark instructions to indicate which ISA level they
diff --git a/target/nios2/cpu.h b/target/nios2/cpu.h
index 50d803a217..9119eee587 100644
--- a/target/nios2/cpu.h
+++ b/target/nios2/cpu.h
@@ -226,7 +226,11 @@ qemu_irq *nios2_cpu_pic_init(Nios2CPU *cpu);
 void nios2_check_interrupts(CPUNios2State *env);
 
 #define TARGET_PHYS_ADDR_SPACE_BITS 32
-#define TARGET_VIRT_ADDR_SPACE_BITS 32
+#ifdef CONFIG_USER_ONLY
+# define TARGET_VIRT_ADDR_SPACE_BITS 31
+#else
+# define TARGET_VIRT_ADDR_SPACE_BITS 32
+#endif
 
 #define cpu_init(cpu_model) cpu_generic_init(TYPE_NIOS2_CPU, cpu_model)