[5/6] linux-user: Check is_hostfd in mmap syscalls

Message ID	20180531224911.23725-6-richard.henderson@linaro.org
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Date: Thu, 31 May 2018 15:49:10 -0700 Message-Id: <20180531224911.23725-6-richard.henderson@linaro.org> In-Reply-To: <20180531224911.23725-1-richard.henderson@linaro.org> References: <20180531224911.23725-1-richard.henderson@linaro.org> Subject: [Qemu-devel] [PATCH 5/6] linux-user: Check is_hostfd in mmap syscalls Precedence: list Cc: peter.maydell@linaro.org, laurent@vivier.eu, evgreen@chromium.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	linux-user: Reorg interp_prefix handling \| expand [v5,0/6] linux-user: Reorg interp_prefix handling [1/6] gdbstub: Return the fd from gdbserver_start [2/6] linux-user: Add host_fds and manipulators [3/6] linux-user: Check is_hostfd in do_syscall [4/6] linux-user: Check contains_hostfd in select syscalls [5/6] linux-user: Check is_hostfd in mmap syscalls [6/6] linux-user: Use *at functions to implement interp_prefix

Message ID

20180531224911.23725-6-richard.henderson@linaro.org

State

New

Headers

Received-SPF: pass (google.com: domain of
	qemu-devel-bounces+patch=linaro.org@nongnu.org designates
	2001:4830:134:3::11 as permitted sender)
	client-ip=2001:4830:134:3::11; 
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Date: Thu, 31 May 2018 15:49:10 -0700
Message-Id: <20180531224911.23725-6-richard.henderson@linaro.org>
In-Reply-To: <20180531224911.23725-1-richard.henderson@linaro.org>
References: <20180531224911.23725-1-richard.henderson@linaro.org>
Subject: [Qemu-devel] [PATCH 5/6] linux-user: Check is_hostfd in mmap
	syscalls
Precedence: list
Cc: peter.maydell@linaro.org, laurent@vivier.eu, evgreen@chromium.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Series

linux-user: Reorg interp_prefix handling | expand

Comments

Laurent Vivier June 1, 2018, 8:57 p.m. UTC | #1

Le 01/06/2018 à 00:49, Richard Henderson a écrit :
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

> ---

>  linux-user/syscall.c | 9 +++++++++

>  1 file changed, 9 insertions(+)

> 


Reviewed-by: Laurent Vivier <laurent@vivier.eu>

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b98125829b..d7513d5dac 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9605,11 +9605,17 @@  abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
             v5 = tswapal(v[4]);
             v6 = tswapal(v[5]);
             unlock_user(v, arg1, 0);
+            if (is_hostfd(v5)) {
+                goto ebadf;
+            }
             ret = get_errno(target_mmap(v1, v2, v3,
                                         target_to_host_bitmask(v4, mmap_flags_tbl),
                                         v5, v6));
         }
 #else
+        if (is_hostfd(arg5)) {
+            goto ebadf;
+        }
         ret = get_errno(target_mmap(arg1, arg2, arg3,
                                     target_to_host_bitmask(arg4, mmap_flags_tbl),
                                     arg5,
@@ -9622,6 +9628,9 @@  abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 #ifndef MMAP_SHIFT
 #define MMAP_SHIFT 12
 #endif
+        if (is_hostfd(arg5)) {
+            goto ebadf;
+        }
         ret = get_errno(target_mmap(arg1, arg2, arg3,
                                     target_to_host_bitmask(arg4, mmap_flags_tbl),
                                     arg5,

[5/6] linux-user: Check is_hostfd in mmap syscalls

Commit Message

Comments

Patch