qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] linux-user: SIGSEGV protection on host/guest si


From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH] linux-user: SIGSEGV protection on host/guest signal masks
Date: Mon, 24 Sep 2012 13:53:04 +0100

On 24 September 2012 12:23, Alex Barcelo <address@hidden> wrote:
>
> There are some situations where the guest application changes the SIGSEGV and 
> messes with qemu-user way of handling self-modifying code.
>
> In case of qemu-system, this happens. Emulation of qemu-system inside 
> qemu-user doesn't work because of this. This patch doesn't aim to do a 
> complete signal protection and achieve bulletproof signal management for 
> every test case, instead it is a small easy-to-understand patch that resolves 
> the most common problem.
>
> Signed-off-by: Alex Barcelo <address@hidden>
> ---
>  linux-user/syscall.c |   18 ++++++++++++++++++
>  1 files changed, 18 insertions(+), 0 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 6257a04..95bb818 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -5897,6 +5897,16 @@ abi_long do_syscall(void *cpu_env, int num, abi_long 
> arg1,
>          }
>          break;
>  #endif
> +
> +/*
> + * Use SETSIGNAL and GETSIGNAL macros for SIGSEGV protection.
> + *
> + * This should protect SIGSEGV unconscious manipulations from guest apps
> + * (but we still do not let the emulated software play the signal game)
> + */
> +#define SETSIGNAL(set) sigdelset( (set), SIGSEGV)
> +#define GETSIGNAL(get) sigaddset( (get), SIGSEGV)
> +

I think we could probably structure this in a cleaner way. I think
it would be better to define and use a wrapper for sigprocmask() which
was a "do/emulate sigprocmask in way that is safe for guest" (call it
do_sigprocmask, put it in signal.c). Then we could start with a really
simple version that just prevents the guest trying to fiddle with
SIGSEGV, and extend it later to better emulation if necessary (eg
storing the actual guest signal mask in TaskState so we can emulate
delivery or otherwise in process_pending_signals(), and so we can
report the correct thing if the guest later tries to read back the
signal mask).

Note that another place the guest can set the signal mask is via
sigreturn.

-- PMM



reply via email to

[Prev in Thread] Current Thread [Next in Thread]