aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbalrog <balrog@c046a42c-6fe2-441c-8c8c-71466251a162>2008-04-26 12:17:34 +0000
committerbalrog <balrog@c046a42c-6fe2-441c-8c8c-71466251a162>2008-04-26 12:17:34 +0000
commit7ab240ad4be6cd57b0656d291a0a4a1dfc426035 (patch)
tree4cc7693458e6cf24a4fb2a34aba0e1f4da141700
parent662caa6f9197a4e0d5e64743f1078ddc82836852 (diff)
Teach mmap to not overwrite reserved pages and fix brk return value (Richard Purdie).
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4255 c046a42c-6fe2-441c-8c8c-71466251a162
-rw-r--r--linux-user/mmap.c13
-rw-r--r--linux-user/syscall.c11
2 files changed, 17 insertions, 7 deletions
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index fa01c7bc2a..b5e31f5821 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -259,13 +259,24 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
host_start += offset - host_offset;
start = h2g(host_start);
} else {
+ int flg;
+ target_ulong addr;
+
if (start & ~TARGET_PAGE_MASK) {
errno = EINVAL;
return -1;
}
end = start + len;
real_end = HOST_PAGE_ALIGN(end);
-
+
+ for(addr = real_start; addr < real_end; addr += TARGET_PAGE_SIZE) {
+ flg = page_get_flags(addr);
+ if (flg & PAGE_RESERVED) {
+ errno = ENXIO;
+ return -1;
+ }
+ }
+
/* worst case: we cannot map the file because the offset is not
aligned, so we read it */
if (!(flags & MAP_ANONYMOUS) &&
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b1dc365e6e..3946d61b67 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -420,7 +420,7 @@ abi_long do_brk(abi_ulong new_brk)
if (!new_brk)
return target_brk;
if (new_brk < target_original_brk)
- return -TARGET_ENOMEM;
+ return target_brk;
brk_page = HOST_PAGE_ALIGN(target_brk);
@@ -435,12 +435,11 @@ abi_long do_brk(abi_ulong new_brk)
mapped_addr = get_errno(target_mmap(brk_page, new_alloc_size,
PROT_READ|PROT_WRITE,
MAP_ANON|MAP_FIXED|MAP_PRIVATE, 0, 0));
- if (is_error(mapped_addr)) {
- return mapped_addr;
- } else {
+
+ if (!is_error(mapped_addr))
target_brk = new_brk;
- return target_brk;
- }
+
+ return target_brk;
}
static inline abi_long copy_from_user_fdset(fd_set *fds,