From patchwork Fri Apr  4 11:52:42 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 27807
Return-Path: <patchwork-forward+bncBC6Z756YVMIBBFV27KMQKGQE7GGJG3A@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-pd0-f197.google.com (mail-pd0-f197.google.com
 [209.85.192.197])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 87A9320490
 for <linaro@patches.linaro.org>; Fri,  4 Apr 2014 11:52:55 +0000 (UTC)
Received: by mail-pd0-f197.google.com with SMTP id fp1sf10874490pdb.0
 for <linaro@patches.linaro.org>; Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:delivered-to:from:to:cc:subject
 :date:message-id:in-reply-to:references:x-original-sender
 :x-original-authentication-results:precedence:mailing-list:list-id
 :list-post:list-help:list-archive:list-unsubscribe;
 bh=empO2XSozpV4JcbNYvBivtiiZNP6VBQqWnUxN4xbAlM=;
 b=Mi2JyWgyWM4kS0VzbOQWCPyOxQxUOlVfvUfb+RN5g7ioeSahExzoojvcBUirp15kd4
 d3B/cBhjhHzaoqj3Lo2swIhuMK+O3/+60tf5Z5Nw8cpbLsiSWiJfznUMwSboBtIWYU1w
 Ukpe/AXSdk9blvnuk9fx1AqGyalssU3eUG6XIL54iWgFvFmEuJRvN3RK75o3mhZ4X2c9
 0QeBPGSRKx4jwBpK2s69UBUL2jw0eBCN6Q6La9G25N8Ugog0hz6aC/Dp2INQ7BUncuRY
 k3l+GwMFLjk9ufKx+D8vMJaWWFfdGTQyAXjQS9EJ2sEP8nPhp8O0i8s/U4uDEelDxrnQ
 Iq4w==
X-Gm-Message-State: ALoCoQloxAgTtW+fuXH11bEqW4ke0tXEpb0VKeMROWkhr3yVaMso65IEc5ZFf2uTCAb+SDFRgw6Y
X-Received: by 10.68.230.193 with SMTP id ta1mr7531173pbc.6.1396612374733;
 Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
MIME-Version: 1.0
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.140.92.163 with SMTP id b32ls968004qge.22.gmail; Fri, 04 Apr
 2014 04:52:54 -0700 (PDT)
X-Received: by 10.220.159.4 with SMTP id h4mr8052337vcx.1.1396612374594;
 Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
Received: from mail-vc0-f179.google.com (mail-vc0-f179.google.com
 [209.85.220.179]) by mx.google.com with ESMTPS id
 rx10si1733083vdc.204.2014.04.04.04.52.54
 for <patchwork-forward@linaro.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
Received-SPF: neutral (google.com: 209.85.220.179 is neither permitted nor
 denied by best guess record for domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org)
 client-ip=209.85.220.179; 
Received: by mail-vc0-f179.google.com with SMTP id ij19so3101180vcb.10
 for <patchwork-forward@linaro.org>;
 Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
X-Received: by 10.221.26.10 with SMTP id rk10mr8065606vcb.0.1396612374521;
 Fri, 04 Apr 2014 04:52:54 -0700 (PDT)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patches@linaro.org
Received: by 10.220.12.8 with SMTP id v8csp107371vcv;
 Fri, 4 Apr 2014 04:52:53 -0700 (PDT)
X-Received: by 10.205.65.69 with SMTP id xl5mr94933bkb.79.1396612366008;
 Fri, 04 Apr 2014 04:52:46 -0700 (PDT)
Received: from mnementh.archaic.org.uk (mnementh.archaic.org.uk.
 [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id
 ti7si3253008bkb.199.2014.04.04.04.52.45 for <patches@linaro.org>
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Fri, 04 Apr 2014 04:52:45 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 pm215@archaic.org.uk designates 2001:8b0:1d0::1 as permitted
 sender) client-ip=2001:8b0:1d0::1; 
Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80)
 (envelope-from <pm215@archaic.org.uk>)
 id 1WW2fr-0003VI-Bn; Fri, 04 Apr 2014 12:52:43 +0100
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: patches@linaro.org, Richard Henderson <rth@twiddle.net>,
 "Andrei E. Warkentin" <andrey.warkentin@gmail.com>,
 Riku Voipio <riku.voipio@iki.fi>
Subject: [PATCH for-2.0 v2 1/2] page_check_range: don't bail out early after
 unprotecting page
Date: Fri,  4 Apr 2014 12:52:42 +0100
Message-Id: <1396612363-13439-2-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1396612363-13439-1-git-send-email-peter.maydell@linaro.org>
References: <1396612363-13439-1-git-send-email-peter.maydell@linaro.org>
X-Removed-Original-Auth: Dkim didn't pass.
X-Original-Sender: peter.maydell@linaro.org
X-Original-Authentication-Results: mx.google.com;       spf=neutral
 (google.com: 209.85.220.179 is neither permitted nor denied by best
 guess record for domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org
Precedence: list
Mailing-list: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
List-ID: <patchwork-forward.linaro.org>
X-Google-Group-Id: 836684582541
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Unsubscribe: <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>, 
 <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>

From: Andrei Warkentin <andrey.warkentin@gmail.com>

When checking a page range, if we found that a page was
made read-only by QEMU because it contained translated code,
we were incorrectly returning immediately after unprotecting
that page, rather than continuing to check the entire range,
so we might fail to unprotect pages later in the range, or
might incorrectly return a "success" result even if later
pages were not writable.

In particular, this could cause segfaults in a case where
signals are delivered back to back on a target architecture
which uses trampoline code in the stack frame (as AArch64
currently does). The second signal causes a segfault because
the frame cannot be written to (it was protected because
we translated and executed the restorer trampoline, and the
unprotect logic did not unprotect the whole range).

Signed-off-by: Andrei Warkentin <andrey.warkentin@gmail.com
[PMM: expanded commit message a bit]
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 translate-all.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/translate-all.c b/translate-all.c
index f243c10..5759974 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1777,7 +1777,6 @@ int page_check_range(target_ulong start, target_ulong len, int flags)
                     return -1;
                 }
             }
-            return 0;
         }
     }
     return 0;