The TARGET_SYS_TMPNAM implementation has two bugs spotted by
Coverity:
* confusion about whether 'len' has the length of the string
including or excluding the terminating NUL means we
lock_user() len bytes of memory but memcpy() len + 1 bytes
* In the error-exit cases we forget to free() the buffer
that asprintf() returned to us
Resolves: Coverity CID 1490285, 1490289
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-5-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-10-alex.bennee@linaro.org>
The SET_ARG() macro returns an error indication; we check this in the
TARGET_SYS_GET_CMDLINE case but not when we use it in implementing
TARGET_SYS_ELAPSED. Check for and handle the errors via the do_fault
codepath, and update the comment documenting the SET_ARG() and
GET_ARG() macros to note how they handle memory access errors.
Resolves: Coverity CID 1490287
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-4-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-9-alex.bennee@linaro.org>
The console_write() semihosting function outputs guest data from a
buffer; it doesn't update that buffer. It therefore doesn't need to
pass a length value to unlock_user(), but can pass 0, meaning "do not
copy any data back to the guest memory".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-3-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-8-alex.bennee@linaro.org>
The documentation comment for qemu_semihosting_console_write() says
* Returns: number of bytes written -- this should only ever be short
* on some sort of i/o error.
and the callsites rely on this. However, the implementation code
path which sends console output to a chardev doesn't honour this,
and will return negative values on error. Bring it into line with
the other implementation codepaths and the documentation, so that
it returns 0 on error.
Spotted by Coverity, because console_write() passes the return value
to unlock_user(), which doesn't accept a negative length.
Resolves: Coverity CID 1490288
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-2-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220725140520.515340-7-alex.bennee@linaro.org>
The function is no longer used.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220628111701.677216-7-richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
This will be used for implementing the xtensa select_one
system call. Choose "poll" over "select" so that we can
reuse Glib's g_poll constants and to avoid struct timeval.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This function has been replaced by *_write.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This function has been replaced by *_write.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
For arm-compat, initialize console_{in,out}_gf;
otherwise, initialize stdio file descriptors.
This will go some way to cleaning up arm-compat, and
will allow other semihosting to use normal stdio.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Add a GuestFDType for connecting to the semihosting console.
Hook up to read, write, isatty, and fstat syscalls.
Note that the arm-specific syscall flen cannot be applied
to the console, because the console is not a descriptor
exposed to the guest.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Will replace qemu_semihosting_console_{outs,outc},
but we need more plumbing first.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Rename qemu_semihosting_connect_chardevs to
qemu_semihosting_chardev_init; pass the result
directly to qemu_semihosting_console_init.
Store the chardev in SemihostingConsole instead
of SemihostingConfig, which lets us drop
semihosting_get_chardev.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Allow more than one character to be read at one time.
Will be used by m68k and nios2 semihosting for stdio.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We don't need CPUArchState, and we do want the CPUState of the
thread performing the operation -- use this instead of current_cpu.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Change 'ret' to uint64_t. This resolves a FIXME in the
m68k and nios2 semihosting that we've lost data.
Change 'err' to int. There is nothing target-specific
about the width of the errno value.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This syscall will be used by m68k and nios2 semihosting.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
These syscalls will be used by m68k and nios2 semihosting.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_SYSTEM to a
reusable function.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_RENAME to a
reusable function.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_REMOVE to a
reusable function.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The ARM-specific SYS_FLEN isn't really something that can be
reused by other semihosting apis, but there are parts that can
reused for the implementation of semihost_sys_fstat.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_ISTTY to a
reusable function. This handles all GuestFD.
Add a common_semi_istty_cb helper to translate the Posix
error return, 0+ENOTTY, to the Arm semihosting not-a-file
success result.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_SEEK to a
reusable function. This handles all GuestFD. Isolate the
curious ARM-specific return value processing to a new
callback, common_semi_seek_cb.
Expand the internal type of the offset to int64_t, and
provide the whence argument, which will be required by
m68k and nios2 semihosting.
Note that gdb_do_syscall %x reads target_ulong, not int.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Fixes a minor bug in which a 64-bit guest on a 32-bit host could
truncate the length. This would only ever cause a problem if
there were no bits set in the low 32, so that it truncates to 0.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_WRITE to a
reusable function. This handles all GuestFD. This removes
the last use of common_semi_syscall_len.
Note that gdb_do_syscall %x reads target_ulong, not int.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_READ to a
reusable function. This handles all GuestFD. Isolate the
curious ARM-specific return value processing to a new
callback, common_semi_rw_cb.
Note that gdb_do_syscall %x reads target_ulong, not int.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_CLOSE to a
reusable function. This handles all GuestFD.
Note that gdb_do_syscall %x reads target_ulong, not int.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Split out the non-ARM specific portions of SYS_OPEN to a
reusable function. This handles gdb and host file i/o.
Add helpers to validate the length of the filename string.
Prepare for usage by other semihosting by allowing the
filename length parameter to be 0, and calling strlen.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Moving this to be useful for another function
besides do_common_semihosting.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We've already loaded cs->env_ptr into a local variable; use it.
Since env is unconditionally used, we don't need a dummy use.
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Move the ARM and RISCV specific helpers into
their own header file.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Luc Michel <lmichel@kalray.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We already have some larger ifdef blocks for ARM and RISCV;
split out a boolean test for SYS_SYNCCACHE.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We already have some larger ifdef blocks for ARM and RISCV;
split out common_semi_stack_bottom per target.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We already have some larger ifdef blocks for ARM and RISCV;
split the function into multiple implementations per arch.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Load the entire 64-bit size value. While we're at it,
use offsetof instead of an integer constant.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
There were 3 copies of these flags. Place them in the
file with gdb_do_syscall, with which they belong.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The value is zero, and gdb always opens files in binary mode.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This header is not private to the top-level semihosting directory,
so place it in the public include directory.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Perform the cleanup in the FIXME comment in common_semi_gdb_syscall.
Do not modify guest registers until the syscall is complete,
which in the gdbstub case is asynchronous.
In the synchronous non-gdbstub case, use common_semi_set_ret
to set the result. Merge set_swi_errno into common_semi_cb.
Rely on the latter for combined return value / errno setting.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Use common_semi_cb to return results instead of calling
set_swi_errno and common_semi_set_ret directly.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Do not read from the gdb struct stat buffer if the callback is
reporting an error. Use common_semi_cb to finish returning results.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The err parameter is non-zero if and only if an error occured.
Use this instead of ret == -1 for determining if we need to
update the saved errno.
This fixes the errno setting of SYS_ISTTY, which returns 0 on
error, not -1.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Do not store 'err' into errno only to read it back immediately.
Use 'ret' for the return value, not 'reg0'.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In arm-compat-semi.c, we have more advanced treatment of
guest file descriptors than we do in other implementations.
Split out GuestFD and related functions to a new file so
that they can be shared.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
We are not currently bounding the search to the 1024 bytes
that we allocated, possibly overrunning the buffer.
Use softmmu_strlen_user to find the length and allocate the
correct size from the beginning.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Mirror the interface of the user-only function of the same name.
Use probe_access_flags for the common case of ram, and
cpu_memory_rw_debug for the uncommon case of mmio.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
v3: Use probe_access_flags (pmm)
Rather that static (and not even inline) functions within a
header, move the functions to semihosting/uaccess.c.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Peter Maydell
Richard Henderson