From patchwork Sat Mar  3 23:26:09 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [v2] linux-user: map at TARGET_UNMAPPED_BASE with reserved_va
Date: Sat, 03 Mar 2012 13:26:09 -0000
From: Alexander Graf <agraf@suse.de>
X-Patchwork-Id: 144470
Message-Id: <1330817169-22305-1-git-send-email-agraf@suse.de>
To: qemu-devel qemu-devel <qemu-devel@nongnu.org>
Cc: "Bernhard M. Wiedemann" <bwiedemann@suse.de>,
 Riku Voipio <riku.voipio@iki.fi>, Paul Brook <paul@codesourcery.com>, 
 Peter Maydell <peter.maydell@linaro.org>

When mmap()'ing memory somewhere where it's not allowed, we should not
default to the "next free page" which could be right after brk()'ed memory,
but rather at TARGET_UNMAPPED_BASE, which ensures that brk() can extend its
space later on.

Reported-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>

---
v1 -> v2:

  - use consistent constant naming

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index e4db455..2245f40 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -244,7 +244,13 @@ static abi_ulong mmap_find_vma_reserved(abi_ulong start, abi_ulong size)
         }
         prot = page_get_flags(addr);
         if (prot) {
-            last_addr = addr + qemu_host_page_size;
+            if (addr < TASK_UNMAPPED_BASE) {
+                /* Someone randomly shot into potential brk space,
+                   better remap higher up when already remapping */
+                last_addr = TASK_UNMAPPED_BASE;
+            } else {
+                last_addr = addr + qemu_host_page_size;
+            }
         }
     }
     mmap_next_start = addr;