diff mbox series

[PULL,08/13] linux-user/mmap: Avoid asserts for out of range mremap calls

Message ID 20210215124519.720265-9-laurent@vivier.eu
State New
Headers show
Series [PULL,01/13] linux-user/mips64: Restore setup_frame() for o32 ABI | expand

Commit Message

Laurent Vivier Feb. 15, 2021, 12:45 p.m. UTC 
From: Richard Purdie <richard.purdie@linuxfoundation.org>

If mremap() is called without the MREMAP_MAYMOVE flag with a start address
just before the end of memory (reserved_va) where new_size would exceed
it (and GUEST_ADDR_MAX), the assert(end - 1 <= GUEST_ADDR_MAX) inĀ 
page_set_flags() would trigger.

Add an extra guard to the guest_range_valid() checks to prevent this and
avoid asserting binaries when reserved_va is set.

This meant a bug I was seeing locally now gives the same behaviourĀ 
regardless of whether reserved_va is set or not.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org
Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Message-Id: <70c46e7b999bafbb01d54bfafd44b420d0b782e9.camel@linuxfoundation.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
 linux-user/mmap.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index 810653c50357..1c9faef47699 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -724,7 +724,9 @@  abi_long target_mremap(abi_ulong old_addr, abi_ulong old_size,
 
     if (!guest_range_valid(old_addr, old_size) ||
         ((flags & MREMAP_FIXED) &&
-         !guest_range_valid(new_addr, new_size))) {
+         !guest_range_valid(new_addr, new_size)) ||
+        ((flags & MREMAP_MAYMOVE) == 0 &&
+         !guest_range_valid(old_addr, new_size))) {
         errno = ENOMEM;
         return -1;
     }