From d9a5eba477e7ed7183a6d417755790d6ecf22cad Mon Sep 17 00:00:00 2001 From: Stephen Long Date: Thu, 7 May 2020 06:03:02 -0700 Subject: Fix stack smashing when handling PR_GET_PDEATHSIG The bug was triggered by the following code on aarch64-linux-user: int main(void) { int PDeathSig = 0; if (prctl(PR_GET_PDEATHSIG, &PDeathSig) == 0 && PDeathSig == SIGKILL) prctl(PR_GET_PDEATHSIG, 0); return (PDeathSig == SIGKILL); } Signed-off-by: Stephen Long Signed-off-by: Ana Pazos Reviewed-by: Laurent Vivier Message-Id: <20200507130302.3684-1-steplong@quicinc.com> Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'linux-user/syscall.c') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 897d20c076..3e0f14f2e6 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -10703,7 +10703,7 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, int deathsig; ret = get_errno(prctl(arg1, &deathsig, arg3, arg4, arg5)); if (!is_error(ret) && arg2 - && put_user_ual(deathsig, arg2)) { + && put_user_s32(deathsig, arg2)) { return -TARGET_EFAULT; } return ret; -- cgit 1.4.1 From b94e2b4e34524c37b86f6acb8ad4a696969f2dd0 Mon Sep 17 00:00:00 2001 From: Frajo Date: Thu, 30 Jan 2020 15:00:30 +0200 Subject: linux-user: Support f_flags in statfs64 when available. Same as d4247ec2d79ef2477cb886fa688706b068119736 but for statfs64 When running rpm within qemu-arm-dynamic this could cause rpm fail with an error like "installing package A needs B MB on the C filesystem" depending on what is in memory in f_flags. https://github.com/rpm-software-management/rpm/blob/af06db1d5558870f7fb8f5c502572c2d27af5c71/lib/transaction.c#L164 Signed-off-by: Franz-Josef Haider Reviewed-by: Laurent Vivier Message-Id: <2e405fe7-efab-dae5-93d6-02575773fd6e@jolla.com> Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'linux-user/syscall.c') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 3e0f14f2e6..cd520ae42e 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -9787,6 +9787,11 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, __put_user(stfs.f_fsid.__val[1], &target_stfs->f_fsid.val[1]); __put_user(stfs.f_namelen, &target_stfs->f_namelen); __put_user(stfs.f_frsize, &target_stfs->f_frsize); +#ifdef _STATFS_F_FLAGS + __put_user(stfs.f_flags, &target_stfs->f_flags); +#else + __put_user(0, &target_stfs->f_flags); +#endif memset(target_stfs->f_spare, 0, sizeof(target_stfs->f_spare)); unlock_user_struct(target_stfs, arg3, 1); } -- cgit 1.4.1 From 0deb6556c35a78bb3384fd43c6a1ee2b47374c38 Mon Sep 17 00:00:00 2001 From: Laurent Vivier Date: Wed, 30 Sep 2020 02:30:33 +0200 Subject: linux-user: remove _sysctl It has been removed from linux since 61a47c1ad3a4 ("sysctl: Remove the sysctl system call") It's a good news because it was not really supported by qemu. Signed-off-by: Laurent Vivier Reviewed-by: Richard Henderson Message-Id: <20200930003033.554124-5-laurent@vivier.eu> Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'linux-user/syscall.c') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index cd520ae42e..f0df6aecef 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -10529,12 +10529,6 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, #if defined(TARGET_NR_fdatasync) /* Not on alpha (osf_datasync ?) */ case TARGET_NR_fdatasync: return get_errno(fdatasync(arg1)); -#endif -#ifdef TARGET_NR__sysctl - case TARGET_NR__sysctl: - /* We don't implement this, but ENOTDIR is always a safe - return value. */ - return -TARGET_ENOTDIR; #endif case TARGET_NR_sched_getaffinity: { -- cgit 1.4.1 From e554eb4bb56395b1e3b7042dc6974dc87de3f4d1 Mon Sep 17 00:00:00 2001 From: Matus Kysel Date: Wed, 30 Sep 2020 17:16:16 +0200 Subject: linux-user: correct errno returned from accept4() syscall accept4() returned wrong errno, that did not match current linux Signed-off-by: Matus Kysel Reviewed-by: Laurent Vivier Message-Id: <20200930151616.3588165-1-mkysel@tachyum.com> Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'linux-user/syscall.c') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index f0df6aecef..6fef8181e7 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -3491,16 +3491,16 @@ static abi_long do_accept4(int fd, abi_ulong target_addr, return get_errno(safe_accept4(fd, NULL, NULL, host_flags)); } - /* linux returns EINVAL if addrlen pointer is invalid */ + /* linux returns EFAULT if addrlen pointer is invalid */ if (get_user_u32(addrlen, target_addrlen_addr)) - return -TARGET_EINVAL; + return -TARGET_EFAULT; if ((int)addrlen < 0) { return -TARGET_EINVAL; } if (!access_ok(VERIFY_WRITE, target_addr, addrlen)) - return -TARGET_EINVAL; + return -TARGET_EFAULT; addr = alloca(addrlen); -- cgit 1.4.1