From patchwork Thu Nov 5 07:08:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Laurent Vivier X-Patchwork-Id: 319913 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 183C3C00A89 for ; Thu, 5 Nov 2020 07:10:26 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8B11920936 for ; Thu, 5 Nov 2020 07:10:25 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8B11920936 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=vivier.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:37668 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kaZPc-0002iy-Bs for qemu-devel@archiver.kernel.org; Thu, 05 Nov 2020 02:10:24 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43254) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZOF-0000WN-5j for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:59 -0500 Received: from mout.kundenserver.de ([212.227.126.131]:46739) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZOC-0007Z1-QL for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:58 -0500 Received: from localhost.localdomain ([82.252.154.198]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPSA (Nemesis) id 1MvKL3-1kIcxf142z-00rDQ1; Thu, 05 Nov 2020 08:08:42 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 1/4] linux-user/mips/cpu_loop: silence the compiler warnings Date: Thu, 5 Nov 2020 08:08:34 +0100 Message-Id: <20201105070837.558332-2-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201105070837.558332-1-laurent@vivier.eu> References: <20201105070837.558332-1-laurent@vivier.eu> MIME-Version: 1.0 X-Provags-ID: V03:K1:mB2wYGg5fJmamHxht+mWKsCvbov7nBc+/AkihQD+UANjNMzleP3 5lfScrPwvmH59imx+R+7m2HyXm/wyh5BiqHIj7v0HWMpIlY9omplsLzc42RG66F/oM8iO5T 1Za9+C/icYIu6BtSzFtOc59pY21P1UzhPXFLbg5CFl9c2HxK+302RrioHYnbts/GBt4A1y9 s/dmsOGU9vJxL2twtU4ZQ== X-UI-Out-Filterresults: notjunk:1; V03:K0:cDY63zzMv0E=:n0XDVufOE5aKGnydyB/wmz j3VC8TqXEXKsTVxRT87jIHQJuuLtuxpCIpL97zIH0S9HaRGl5f8WT2lklm6Z2+x0EIDFUpHnh a5i6Izw8RbmshqaHDjvoPx+6p5yRT56+lGvKpFBEJ6CIoa0d70lPr7VTSiK7PTXVFmo3W9g1i 2emKB56OXxqoq5pKh03wMaUvVRzTIS1yCOYgjxa2QO+fDd54HmPYAwsD0VTV961WAhDaRbWqv wYNdMW6AtGIYip5y9Mt+2VM8+ko3HjCHmSA8zl1GJIsfMHXjg9n2NWzhPC1xMxl5Ponzgj0C+ juHCMTMRntoKC0SWTtbkmojdjeFnjnnFNUtsMmqUZruGV2GXGK2k/PvAJKK+rbp/UGWjNYfMG bNAWlTt4PxtMKeuFwQfLI+hqZnyfF7IEhHWfBw4Ggs9nHr/r0lHJ6dTxIQLRG Received-SPF: none client-ip=212.227.126.131; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/05 02:08:48 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chen Qun , Thomas Huth , Laurent Vivier , Euler Robot Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Chen Qun When using -Wimplicit-fallthrough in our CFLAGS, the compiler showed warning: linux-user/mips/cpu_loop.c: In function ‘cpu_loop’: linux-user/mips/cpu_loop.c:104:24: warning: this statement may fall through [-Wimplicit-fallthrough=] 104 | if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) { | ^ linux-user/mips/cpu_loop.c:107:17: note: here 107 | case 7: | ^~~~ linux-user/mips/cpu_loop.c:108:24: warning: this statement may fall through [-Wimplicit-fallthrough=] 108 | if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) { | ^ linux-user/mips/cpu_loop.c:111:17: note: here 111 | case 6: | ^~~~ linux-user/mips/cpu_loop.c:112:24: warning: this statement may fall through [-Wimplicit-fallthrough=] 112 | if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) { | ^ linux-user/mips/cpu_loop.c:115:17: note: here 115 | case 5: | ^~~~ Add the corresponding "fall through" comment to fix it. Reported-by: Euler Robot Signed-off-by: Chen Qun Reviewed-by: Thomas Huth Reviewed-by: Laurent Vivier Message-Id: <20201030004046.2191790-5-kuhn.chenqun@huawei.com> Signed-off-by: Laurent Vivier --- linux-user/mips/cpu_loop.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/linux-user/mips/cpu_loop.c b/linux-user/mips/cpu_loop.c index 553e8ca7f576..cfe7ba5c47d8 100644 --- a/linux-user/mips/cpu_loop.c +++ b/linux-user/mips/cpu_loop.c @@ -104,18 +104,22 @@ void cpu_loop(CPUMIPSState *env) if ((ret = get_user_ual(arg8, sp_reg + 28)) != 0) { goto done_syscall; } + /* fall through */ case 7: if ((ret = get_user_ual(arg7, sp_reg + 24)) != 0) { goto done_syscall; } + /* fall through */ case 6: if ((ret = get_user_ual(arg6, sp_reg + 20)) != 0) { goto done_syscall; } + /* fall through */ case 5: if ((ret = get_user_ual(arg5, sp_reg + 16)) != 0) { goto done_syscall; } + /* fall through */ default: break; } From patchwork Thu Nov 5 07:08:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Laurent Vivier X-Patchwork-Id: 318548 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E87CCC4741F for ; Thu, 5 Nov 2020 07:10:07 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4A7F62080D for ; Thu, 5 Nov 2020 07:10:06 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4A7F62080D Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=vivier.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:35876 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kaZPJ-000204-7r for qemu-devel@archiver.kernel.org; Thu, 05 Nov 2020 02:10:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43238) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZO9-0000IZ-TK for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:53 -0500 Received: from mout.kundenserver.de ([212.227.126.133]:33015) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZO2-0007Xg-8j for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:53 -0500 Received: from localhost.localdomain ([82.252.154.198]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPSA (Nemesis) id 1MmDVA-1jsOrb0f8C-00iFFw; Thu, 05 Nov 2020 08:08:43 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 2/4] linux-user: Use "!= 0" when checking if MAP_FIXED_NOREPLACE is non-zero Date: Thu, 5 Nov 2020 08:08:35 +0100 Message-Id: <20201105070837.558332-3-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201105070837.558332-1-laurent@vivier.eu> References: <20201105070837.558332-1-laurent@vivier.eu> MIME-Version: 1.0 X-Provags-ID: V03:K1:xp3EU+evYL7WeGagg5hHecSr5tQF2Vv/mnqq4smCZOuZhmFJ3Ct oiR3KDfFZFNukgEwTaUNXooykdLU7bWSs3PXotrpvWWSew7/d1Jktn0sQZRARv5i/6Pe5tU RSAKHN/KqfbAFsUoxJ5/KzZYA9KOC3pMb85DyJVPZGp/aaKm/iMItdwDC2UM44Nb3NiSw3G JEQYLrcupIYqiqSxSRogA== X-UI-Out-Filterresults: notjunk:1; V03:K0:AS40tPH6BGM=:0gePM1PvTBvvlM293FzAoJ kEg86ofm0zyF1rZIlUYNBsGbM3XqLSf0LceOYHbddvR7K+qK63ZFVGJ9BNAjkvkYwzC4xYcgL EOoewIo7hQ/BeDbDlqFI1mShiXXA4h6tc4HQm8pKzIELMYYw/hT2IAkE3Vb2VR4RbLa3wT1aC J9Gz5ApidMbHqdnFgoNCpmysjB5+sVFkX/c5qhQ9VSkyFQ9B3T8lQ/XQvbT2ewR8Vue8SXIwi F4xWaj8JWp44xjuF1GwrWHY5D8rBAuMgnl1YWjhOWsF9vfGKLsKEGd5hhX6PbIMuPsD0fjSi3 YmhMo06ayTyQxFfvagnghRNDyajbYqNi8uBl6M3YeZRS4poP8ESkD3xrcqSOtKkxmWHc+rlfl qrjxzDSq/8Oyme4CpNiShvZnTzYrh0zCvc8R5HrL2rdNcTEyl30a/RO/ezl4u Received-SPF: none client-ip=212.227.126.133; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/05 02:08:45 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Laurent Vivier , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell In pgd_find_hole_fallback(), Coverity doesn't like the use of "if (MAP_FIXED_NOREPLACE || ...)" because it's using a logical operator on a constant other than 0 or 1 and its heuristic thinks we might have intended a bitwise operator instead. The logic is correct (we are checking whether the host really has a MAP_FIXED_NOREPLACE or whether we fell back to the "#define as 0 to ignore" from osdep.h); make Coverity happier by explicitly writing out the comparison with zero. Fixes: Coverity CID 1431059 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20201103142636.21125-1-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/elfload.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/linux-user/elfload.c b/linux-user/elfload.c index bf8c1bd25330..cae41d504d36 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -2188,7 +2188,8 @@ static uintptr_t pgd_find_hole_fallback(uintptr_t guest_size, uintptr_t brk, PROT_NONE, flags, -1, 0); if (mmap_start != MAP_FAILED) { munmap((void *) align_start, guest_size); - if (MAP_FIXED_NOREPLACE || mmap_start == (void *) align_start) { + if (MAP_FIXED_NOREPLACE != 0 || + mmap_start == (void *) align_start) { return (uintptr_t) mmap_start + offset; } } From patchwork Thu Nov 5 07:08:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Laurent Vivier X-Patchwork-Id: 318547 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 869D7C00A89 for ; Thu, 5 Nov 2020 07:11:23 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F015B20709 for ; Thu, 5 Nov 2020 07:11:22 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F015B20709 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=vivier.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:42484 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kaZQX-0004jP-SR for qemu-devel@archiver.kernel.org; Thu, 05 Nov 2020 02:11:21 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43242) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZOA-0000Iu-4D for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:54 -0500 Received: from mout.kundenserver.de ([212.227.126.131]:39399) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZO7-0007Xt-Bc for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:53 -0500 Received: from localhost.localdomain ([82.252.154.198]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPSA (Nemesis) id 1Mdevh-1k0xaM4Bd3-00ZgXB; Thu, 05 Nov 2020 08:08:44 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 3/4] linux-user/syscall: Fix missing target_to_host_timespec64() check Date: Thu, 5 Nov 2020 08:08:36 +0100 Message-Id: <20201105070837.558332-4-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201105070837.558332-1-laurent@vivier.eu> References: <20201105070837.558332-1-laurent@vivier.eu> MIME-Version: 1.0 X-Provags-ID: V03:K1:nhYnG5QhwgCnkzuQyYDBGPnpGnHbLD2aCzUxPzGvcxAA9hBHnLc 1BVFVSyTnA2o2zrt+UFHT5kxmWKjq+YOMtn5PalhNKNYI5H0bAfJvPyvxjHMikw2YSgZUJv dC6evrnDQEUdP9esuwmupIUu6Erp6W3jShSJaWv3SLizRvNbdDZqeHBpyUxAGOKgqtNYYi9 JN3Z8vsEBR6c19BHePxXw== X-UI-Out-Filterresults: notjunk:1; V03:K0:NjR5CYtZrgc=:h/NQVx6aOYhj9RRh/Ak9tW C2eJg+9li8qdgLR0Owd4791s9yB5YDDpNW1egIU7XLB++sbjGq5cSGQH/NOSrx64YOtdxEXbL 6+P0okAqI+DN++AgRwEYaYeOiOm5CPwloiaE/4rIf9SP3BuLHMwXWOvha1fYXDBu8YNg7vPl2 CsGRSLaENcJH1K0McqplyMSTHFFMPPh13ZiHaPNh6N9D2xklF8u/nOnlT/v7xc+FTGxmMl9f0 wI9pVOnh7el+JRi4bqQISTJBG8/i3YKcGjpVPnthyl0Og0lsr3GX36/6yzm1twZ6B4UQZSe2s bp+TsvPe4uChB4xiGu3FYYHJS4gD1jAvB3LmMU5g9bJZv+fsenJ3syJjjDT42+9JlUnh9KacA 6diFg+5EQE0pcg0YwajTkEILoZMCzRqaJdQAy/H3tfLVNPDfcokyjq5Yc/tEGbTmbZ4u2EY+S Z2EgwBqrUA== Received-SPF: none client-ip=212.227.126.131; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/05 02:08:48 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alistair Francis , Laurent Vivier , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Alistair Francis Coverity pointed out (CID 1432339) that target_to_host_timespec64() can fail with -TARGET_EFAULT but we never check the return value. This patch checks the return value and handles the error. Signed-off-by: Alistair Francis Reviewed-by: Philippe Mathieu-Daudé Message-Id: Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 6fef8181e738..3160a9ba06bd 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -7592,7 +7592,9 @@ static int do_futex_time64(target_ulong uaddr, int op, int val, target_ulong tim case FUTEX_WAIT_BITSET: if (timeout) { pts = &ts; - target_to_host_timespec64(pts, timeout); + if (target_to_host_timespec64(pts, timeout)) { + return -TARGET_EFAULT; + } } else { pts = NULL; } From patchwork Thu Nov 5 07:08:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Vivier X-Patchwork-Id: 319914 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E98CC4742C for ; Thu, 5 Nov 2020 07:10:07 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7FA1820936 for ; Thu, 5 Nov 2020 07:10:06 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7FA1820936 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=vivier.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:35918 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kaZPJ-000213-7e for qemu-devel@archiver.kernel.org; Thu, 05 Nov 2020 02:10:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:43240) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZO9-0000Ie-Tm for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:53 -0500 Received: from mout.kundenserver.de ([212.227.126.134]:34953) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kaZO7-0007Xk-BP for qemu-devel@nongnu.org; Thu, 05 Nov 2020 02:08:53 -0500 Received: from localhost.localdomain ([82.252.154.198]) by mrelayeu.kundenserver.de (mreue010 [212.227.15.167]) with ESMTPSA (Nemesis) id 1Mz9pT-1kMUqF2vrf-00wBEB; Thu, 05 Nov 2020 08:08:44 +0100 From: Laurent Vivier To: qemu-devel@nongnu.org Subject: [PULL 4/4] linux-user: Check copy_from_user() return value in vma_dump_size() Date: Thu, 5 Nov 2020 08:08:37 +0100 Message-Id: <20201105070837.558332-5-laurent@vivier.eu> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201105070837.558332-1-laurent@vivier.eu> References: <20201105070837.558332-1-laurent@vivier.eu> MIME-Version: 1.0 X-Provags-ID: V03:K1:bZ+KkmCsEIgTB9FZ1lkIDWS00V/RUxqzWUf6ODm/h1q1u30Y9PT oQmQ3ltPSlpGxGAMwOJlaVfzGMqSxVD96kgrBExqbkP93ULLPnR9+DsCXGWqcTCSbltowqe vO5FM6Cg/scuTrVjx69IexTuBzJrtWbRQ28RQVxGRpxTPy4T9RzGFOD5/WjY07Hx/w0+IAQ 2nkoa5APVr66eYMZ8MtCQ== X-UI-Out-Filterresults: notjunk:1; V03:K0:Fjro3wryRXU=:fPlXULmZYus/gFt9r7G+e7 XcYmXZvo7iQ8GYLF3+3D+RMbYn5PaTYZKRWWDJYhsysU4AoL2oarDiOLX6Mj0FFyraz3URK9G abMunJ5+Ejxw2MLCQwTeuUyD3B4+xmxT4k2F0PVy2ghpEtC+ysQAQpE3HIAsc+iGu7I84Vkns cAJkNuuXoo1ORZ0C3Hs5z6zn9HBtW4A4/BhsOQl2iIf4jPzw3JXphnHfOWjONroOkjkOom27b 1PeQmBXtR6vlJ2zXnBdmLfL5hPQTF2ookI1aqUZr5Ok4yoNVuuB22xQiRuW4zxbPPbJE9Xxr/ /SMGCUQxSpwAf5V+De73EG3d7Of2p61OIdJvewB9S32tuKHgjW/zBkmErn6/jYsX9xDu+NNP7 56lRxjXj7a/DslmhlzKB1PIlQxVjyGY8MAlyg0C4hu6GicNN3kZJay51G2fxlTM1XNPgoJhl9 b0Daa0268w== Received-SPF: none client-ip=212.227.126.134; envelope-from=laurent@vivier.eu; helo=mout.kundenserver.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/05 02:08:41 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Laurent Vivier Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell Coverity points out that we don't check the return value from copy_from_user() in vma_dump_size(). This is to some extent a "can't happen" error since we've already checked the page with an access_ok() call earlier, but it's simple enough to handle the error anyway. Fixes: Coverity CID 1432362 Signed-off-by: Peter Maydell Reviewed-by: Laurent Vivier Message-Id: <20201103141532.19912-1-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/elfload.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/linux-user/elfload.c b/linux-user/elfload.c index cae41d504d36..0b02a926025e 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -3485,7 +3485,9 @@ static abi_ulong vma_dump_size(const struct vm_area_struct *vma) if (vma->vma_flags & PROT_EXEC) { char page[TARGET_PAGE_SIZE]; - copy_from_user(page, vma->vma_start, sizeof (page)); + if (copy_from_user(page, vma->vma_start, sizeof (page))) { + return 0; + } if ((page[EI_MAG0] == ELFMAG0) && (page[EI_MAG1] == ELFMAG1) && (page[EI_MAG2] == ELFMAG2) &&