| Message ID | 20240822095045.72643-3-philmd@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | linux-user/flatload: Take mmap_lock in load_flt_binary() | expand |
22.08.2024 12:50, Philippe Mathieu-Daudé wrote: > load_flt_binary() calls load_flat_file() -> page_set_flags(). > > page_set_flags() must be called with the mmap_lock held, > otherwise it aborts: > > $ qemu-arm -L stm32/lib/ stm32/bin/busybox > qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion `have_mmap_lock()' failed. > Aborted (core dumped) > > Fix by taking the lock in load_flt_binary(). > > Fixes: fbd3c4cff6 ("linux-user/arm: Mark the commpage executable") > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2525 This one seems like it should go to -stable, is it not? Thanks, /mjt
On 10/6/24 01:51, Michael Tokarev wrote: > 22.08.2024 12:50, Philippe Mathieu-Daudé wrote: >> load_flt_binary() calls load_flat_file() -> page_set_flags(). >> >> page_set_flags() must be called with the mmap_lock held, >> otherwise it aborts: >> >> $ qemu-arm -L stm32/lib/ stm32/bin/busybox >> qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion `have_mmap_lock()' >> failed. >> Aborted (core dumped) >> >> Fix by taking the lock in load_flt_binary(). >> >> Fixes: fbd3c4cff6 ("linux-user/arm: Mark the commpage executable") >> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2525 > > This one seems like it should go to -stable, is it not? Yes, I think so. r~
diff --git a/linux-user/flatload.c b/linux-user/flatload.c index 04d8138d12..0e4be5bf44 100644 --- a/linux-user/flatload.c +++ b/linux-user/flatload.c @@ -487,7 +487,10 @@ int load_flt_binary(struct linux_binprm *bprm, struct image_info *info) stack_len += (bprm->envc + 1) * 4; /* the envp array */ + mmap_lock(); res = load_flat_file(bprm, libinfo, 0, &stack_len); + mmap_unlock(); + if (is_error(res)) { return res; }
load_flt_binary() calls load_flat_file() -> page_set_flags(). page_set_flags() must be called with the mmap_lock held, otherwise it aborts: $ qemu-arm -L stm32/lib/ stm32/bin/busybox qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion `have_mmap_lock()' failed. Aborted (core dumped) Fix by taking the lock in load_flt_binary(). Fixes: fbd3c4cff6 ("linux-user/arm: Mark the commpage executable") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2525 Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> --- linux-user/flatload.c | 3 +++ 1 file changed, 3 insertions(+)