Update the 32-bit and 64-bit ARM main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code on sigreturn
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch any guest CPU state
Signed-off-by: NTimothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Message-id: 1441497448-32489-6-git-send-email-T.E.Baldwin99@members.leeds.ac.uk
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[PMM: tweak commit message; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Update the x86 main loop and sigreturn code:
 * on TARGET_ERESTARTSYS, wind guest PC backwards to repeat syscall insn
 * set all guest CPU state within signal.c code rather than passing it
   back out as the "return code" from do_sigreturn()
 * handle TARGET_QEMU_ESIGRETURN in the main loop as the indication
   that the main loop should not touch EAX
Signed-off-by: NTimothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Message-id: 1441497448-32489-5-git-send-email-T.E.Baldwin99@members.leeds.ac.uk
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[PMM: Commit message tweaks; drop TARGET_USE_ERESTARTSYS define]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Some of the signal handling was a mess with a mixture of tabs and 8 space
indents.
Signed-off-by: NTimothy Edward Baldwin <T.E.Baldwin99@members.leeds.ac.uk>
Message-id: 1441497448-32489-3-git-send-email-T.E.Baldwin99@members.leeds.ac.uk
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[PMM: just rebased]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NPeter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

When linux-user code is calling cpsr_write(), use a restrictive
mask to ensure we are limiting the set of CPSR bits we update.
In particular, don't allow the mode bits to be changed.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NSergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-5-git-send-email-peter.maydell@linaro.org

Add an argument to cpsr_write() to indicate what kind of CPSR
write is being requested, since the exact behaviour should
differ for the different cases.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NSergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1455556977-3644-3-git-send-email-peter.maydell@linaro.org

Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 1453832250-766-10-git-send-email-peter.maydell@linaro.org

To return from a signal, setup_frame() puts an instruction to
be executed in the stack. This sequence calls the syscall sigreturn().

The address of the instruction must be set in the PR register
to be executed.

This patch fixes this: the current code sets the register to the address
of the instruction in the host address space (which can be 64bit whereas
PR is only 32bit), but the virtual CPU can't access this address space,
so we put in PR the address of the instruction in the guest address space.

This patch also removes an useless variable (ret) in the modified functions.
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

"Unimplemented" messages go to stderr, everything else goes to tracepoints
Reviewed-by: NLaurent Vivier <lvivier@redhat.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

[rth: Remove the spreg[EX1] handling, as it's irrelevant to user-mode.]
Signed-off-by: NChen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443312618-13641-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

qemu has already considered about some targets may have no traditional
signals. And openrisc's setup_frame() is dummy, but it can be supported
by setup_rt_frame().
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NChen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

A number of files were including assert.h but not using any
of the functions it provides
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>

All of the core-code usages of this API have the cpu pointer handy so
pass it in. There are only 3 architecture specific usages (2 of which
are commented out) which can just use ENV_GET_CPU() locally to get the
cpu pointer. The reduces core code usage of the CPU env, which brings
us closer to common-obj'ing these core files.

Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
Acked-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NPeter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Provide a routine to access the correct floating point register,
to simplify future expansion.
Suggested-by: NDavid Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: NEric Farman <farman@linux.vnet.ibm.com>
Reviewed-by: NDavid Hildenbrand <dahi@linux.vnet.ibm.com>
Signed-off-by: NCornelia Huck <cornelia.huck@de.ibm.com>

The m68k signal frame setup code which writes the signal return
trampoline code to the stack was assuming that a 'long' was 32 bits;
on 64 bit systems this meant we would end up writing the 32 bit
(2 insn) trampoline sequence to retaddr+4,retaddr+6 instead of
the intended retaddr+0,retaddr+2, resulting in a guest crash when
it tried to execute the invalid zero-bytes at retaddr+0.
Fix by using uint32_t instead; also use uint16_t rather than short
for consistency. This fixes bug LP:1404690.

Reported-by: Michel Boaventura
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The function copy_siginfo_to_user() just calls tswap_siginfo(), so
call the latter function directly and delete the wrapper function.
The wrapper is actually misleading since it implies that the
semantics are like the kernel function with the same name which
copies the data to a guest user-space address. In fact tswap_siginfo()
just does data-structure conversion between two structures whose
addresses are host addresses (the copy to userspace is handled
in QEMU by the lock_user/unlock_user calls).

This also fixes clang complaints about the wrapper being unused
in some configs.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Remove the function current_exec_domain_sig(), which always returns
its argument. This was intended as a stub for supporting the kernel's
exec_domain handling, but:
 * we don't have any of the other code for execution domains
 * in the kernel this handling is architecture-specific, not generic
 * we only call this function in the x86, ppc and sh4 signal code paths,
   and the PPC one is wrong anyway because the PPC kernel doesn't
   have this signal-remapping code

So it's best to simply delete the function; any future attempt to
implement exec domains will be better served by adding the correct
code from scratch based on the kernel sources at that time.

This change also fixes some clang warnings about the function being
defined but not used for some target architectures.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Function pointers in the 64-bit ELFv2 PowerPC ABI are actual (internal)
entry point addresses.  However, when invoking a function via a function
pointer, GPR 12 must also be set to this address so that the TOC may be
handled properly.

Add this support to the invocation of a signal handler.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Eliminate the stub for the do_setcontext() function for TARGET_PPC64.  The
implementation re-uses the existing TARGET_PPC32 code with the only change
being the computation of the address of the register save area.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Properly dereference 64-bit PPC ELF V1 ABIT function pointers to signal handlers.
On this platform, function pointers are pointers to structures and the first 64
bits of such a structure contains the function's entry point.  The second 64 bits
contains the TOC pointer, which must be placed into GPR 2.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Enable the 64-bit PowerPC signal handling code that was previously
disabled via #ifdefs.  Specifically:

  - Move the target_mcontext (register save area) structure and
    append it to the 64-bit target_sigcontext structure.  This
    provides the space on the stack for saving and restoring
    context.
  - Define the target_rt_sigframe for 64-bit.
  - Adjust the setup_frame and setup_rt_frame routines to properly
    select the target_mcontext area and trampoline within the stack
    frame; tthis is different for 32-bit and 64-bit implementations.
  - Adjust the do_setcontext stub for 64-bit so that it compiles
    without warnings.

The 64-bit signal handling code is still not functional after this
change; but the 32-bit code is.  Subsequent changes will address
specific issues with the 64-bit code.
Signed-off-by: NTom Musta <tommusta@gmail.com>
[agraf: fix build on 32bit hosts, ppc64abi32]
Signed-off-by: NAlexander Graf <agraf@suse.de>

Split the encoding of the PowerPC sigreturn trampoline from the saving of
register state onto the signal handler stack.  This will make it easier
in subsequent patches to deal with variations in the stack frame layouts between
32 and 64 bit PowerPC.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The code that sets the stack frame back pointer is incorrect for
the setup_rt_frame() code; qemu will abort (SIGSEGV) in some
environments.  The setup_frame code  was fixed in commit
beb526b1 but the setup_rt_frame
code was not.

Make the setup_rt_frame code consistent with the setup_frame
code.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

The ELF V2 ABI for PPC64 defines MINSIGSTKSZ as 4096 bytes whereas it was
2048 previously.
Signed-off-by: NTom Musta <tommusta@gmail.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

As reported by Laurent, which should use TARGET_SA_ONSTACK
on arm, microblaze and openrisc targets like we do on all
others. Practical matter is minimal as for almost all archs
SA_ONSTACK is 0x08000000:

http://lxr.free-electrons.com/ident?i=SA_ONSTACKReported-by: NLaurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The last remaining check for return value of __get_user.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Cc: Alexander Graf <agraf@suse.de>

Remove checks of __get_user and the err variable
used to control flow with it.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

As __get_user and __put_user do not return errors, remove the
if checks from around them. This allows making the save/restore
functions void.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Cc: Alexander Graf <agraf@suse.de>

Remove "if(__put_user" checks and their related error paths
for all architecture's setup_frame, setup_rt_frame and similar.

Remove the unlock_user_struct when the only way to end up there is
from failed lock_user_struct.

Remove err variable if there are no users for it in the function
anymore.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Remove "if(__get_user" checks and their related error paths
for all architecture's do_sigreturn. Remove the unlock_user_struct
when the only way to end up there is from failed lock_user_struct.

v3: remove unneccesary sigsegv label as suggested by Peter
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Access is already checked in the lock_user_struct
call before.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

A function never called from anywhere, obviously half-complete.
Remove function and if someone wants to complete this, please
check the old version out of git history.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

make most implementations of restore_sigcontext void and
remove checking it's return value from functions calling
restore_sigcontext.

The exception is the X86 version of the function that is
too different from others to deal in this way, and arm
version, to keep possibility of erroring out from failed
valid_user_regs.

v3: keep arm valid_user_regs for filling in near future.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Make all implementations of setup_sigcontext void and
remove checking it's return value from functions calling
setup_sigcontext.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Since copy_siginfo_to_user always returns 0, make it void
and remove any checks for return value from calling functions.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Remove the remaining check for __put_user return
value, and all the checks for err variable which
isn't set anywhere anymore.

No we can only end up in give_sigsegv due to failed
lock_user_struct - thus we remove the unlock_user_struct
to avoid unlocking a region never locked.
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Remove all the simple cases of reading the return value
of __get_user and __put_user.

We set err = 0 in sparc versions of do_sigreturn and
sparc64_set_context to avoid compile error, but else this patch is
just general removal of err |= __get_user ... idiom.

v2: remove err variable from target_rt_restore_ucontext
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>

Set the fault address correctly in the signal information passed
to a signal handler for AArch64 guests.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Signed-off-by: NPrasad Joshi <prasadjoshi.linux@gmail.com>
Acked-by: NRiku Voipio <riku.voipio@linaro.org>
Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>

Don't allow the linux-user guest to block SIGSEGV -- QEMU needs this
signal to detect accesses to pages which it has marked read-only
because it has cached translated code from them.

We implement this by making the do_sigprocmask() wrapper suppress
SIGSEGV when doing the host process signal mask manipulation; instead
we store the current state of SIGSEGV in the TaskState struct.

If we get a SIGSEGV for the guest when the guest has blocked the
signal, we treat it as if the default SEGV handler was in place,
as the kernel does for forced SIGSEGV delivery.

This patch is based on an idea by Alex Barcelo, but rather than
simply lying to the guest about the SIGSEGV state we track it.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reported-by: NAlex Barcelo <abarcelo@ac.upc.edu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>