From: Philippe Mathieu-Daudé <philmd@linaro.org>
Date: Thu, 22 Aug 2024 09:50:43 +0000 (+0200)
Subject: linux-user/flatload: Take mmap_lock in load_flt_binary()
X-Git-Tag: v9.0.4~61
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a706820672ab20ecd332889622d24ebf60cc58f9;p=thirdparty%2Fqemu.git

linux-user/flatload: Take mmap_lock in load_flt_binary()

load_flt_binary() calls load_flat_file() -> page_set_flags().

page_set_flags() must be called with the mmap_lock held,
otherwise it aborts:

  $ qemu-arm -L stm32/lib/ stm32/bin/busybox
  qemu-arm: ../accel/tcg/user-exec.c:505: page_set_flags: Assertion `have_mmap_lock()' failed.
  Aborted (core dumped)

Fix by taking the lock in load_flt_binary().

Fixes: fbd3c4cff6 ("linux-user/arm: Mark the commpage executable")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2525
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20240822095045.72643-3-philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit a9ee641bd46f5462eeed183ac3c3760bddfc2600)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---

diff --git a/linux-user/flatload.c b/linux-user/flatload.c
index 5b62aa0a2be..6278655574a 100644
--- a/linux-user/flatload.c
+++ b/linux-user/flatload.c
@@ -747,7 +747,10 @@ int load_flt_binary(struct linux_binprm *bprm, struct image_info *info)
     stack_len += (bprm->envc + 1) * 4; /* the envp array */
 
 
+    mmap_lock();
     res = load_flat_file(bprm, libinfo, 0, &stack_len);
+    mmap_unlock();
+
     if (is_error(res)) {
             return res;
     }