From 722c58affb2b0f7ed67407269338d584c2897c7e Mon Sep 17 00:00:00 2001
From: "Michael S. Tsirkin" <mst@redhat.com>
Date: Fri, 16 Feb 2018 15:17:07 -0500
Subject: [PATCH] exec: factor out duplicate mmap code

Anonymous and file-backed RAM allocation are now almost exactly the same.

Reduce code duplication by moving RAM mmap code out of oslib-posix.c and
exec.c.

Backports commit 794e8f301a17953efa78ab7538019ec43c59e82a from qemu
---
 qemu/exec.c                    |  3 ++
 qemu/include/qemu/mmap-alloc.h | 10 +++++
 qemu/util/Makefile.objs        |  1 +
 qemu/util/mmap-alloc.c         | 71 ++++++++++++++++++++++++++++++++++
 qemu/util/oslib-posix.c        | 20 ++--------
 5 files changed, 89 insertions(+), 16 deletions(-)
 create mode 100644 qemu/include/qemu/mmap-alloc.h
 create mode 100644 qemu/util/mmap-alloc.c

diff --git a/qemu/exec.c b/qemu/exec.c
index 8f160000..dc0e0b6c 100644
--- a/qemu/exec.c
+++ b/qemu/exec.c
@@ -46,6 +46,9 @@
 #include "exec/ram_addr.h"
 
 #include "qemu/range.h"
+#ifndef _WIN32
+#include "qemu/mmap-alloc.h"
+#endif
 
 #include "uc_priv.h"
 
diff --git a/qemu/include/qemu/mmap-alloc.h b/qemu/include/qemu/mmap-alloc.h
new file mode 100644
index 00000000..56388e68
--- /dev/null
+++ b/qemu/include/qemu/mmap-alloc.h
@@ -0,0 +1,10 @@
+#ifndef QEMU_MMAP_ALLOC
+#define QEMU_MMAP_ALLOC
+
+#include "qemu-common.h"
+
+void *qemu_ram_mmap(int fd, size_t size, size_t align, bool shared);
+
+void qemu_ram_munmap(void *ptr, size_t size);
+
+#endif
diff --git a/qemu/util/Makefile.objs b/qemu/util/Makefile.objs
index 9800b748..c3966799 100644
--- a/qemu/util/Makefile.objs
+++ b/qemu/util/Makefile.objs
@@ -1,6 +1,7 @@
 util-obj-y = cutils.o qemu-timer-common.o
 util-obj-$(CONFIG_WIN32) += oslib-win32.o qemu-thread-win32.o
 util-obj-$(CONFIG_POSIX) += oslib-posix.o qemu-thread-posix.o
+util-obj-$(CONFIG_POSIX) += mmap-alloc.o
 util-obj-y += module.o
 util-obj-y += bitmap.o bitops.o
 util-obj-y += error.o
diff --git a/qemu/util/mmap-alloc.c b/qemu/util/mmap-alloc.c
new file mode 100644
index 00000000..13942694
--- /dev/null
+++ b/qemu/util/mmap-alloc.c
@@ -0,0 +1,71 @@
+/*
+ * Support for RAM backed by mmaped host memory.
+ *
+ * Copyright (c) 2015 Red Hat, Inc.
+ *
+ * Authors:
+ *  Michael S. Tsirkin <mst@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later.  See the COPYING file in the top-level directory.
+ */
+#include <qemu/mmap-alloc.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <assert.h>
+
+void *qemu_ram_mmap(int fd, size_t size, size_t align, bool shared)
+{
+    /*
+     * Note: this always allocates at least one extra page of virtual address
+     * space, even if size is already aligned.
+     */
+    size_t total = size + align;
+    void *ptr = mmap(0, total, PROT_NONE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
+    size_t offset = QEMU_ALIGN_UP((uintptr_t)ptr, align) - (uintptr_t)ptr;
+    void *ptr1;
+
+    if (ptr == MAP_FAILED) {
+        return NULL;
+    }
+
+    /* Make sure align is a power of 2 */
+    assert(!(align & (align - 1)));
+    /* Always align to host page size */
+    assert(align >= getpagesize());
+
+    ptr1 = mmap(ptr + offset, size, PROT_READ | PROT_WRITE,
+                MAP_FIXED |
+                (fd == -1 ? MAP_ANONYMOUS : 0) |
+                (shared ? MAP_SHARED : MAP_PRIVATE),
+                fd, 0);
+    if (ptr1 == MAP_FAILED) {
+        munmap(ptr, total);
+        return NULL;
+    }
+
+    ptr += offset;
+    total -= offset;
+
+    if (offset > 0) {
+        munmap(ptr - offset, offset);
+    }
+
+    /*
+     * Leave a single PROT_NONE page allocated after the RAM block, to serve as
+     * a guard page guarding against potential buffer overflows.
+     */
+    if (total > size + getpagesize()) {
+        munmap(ptr + size + getpagesize(), total - size - getpagesize());
+    }
+
+    return ptr;
+}
+
+void qemu_ram_munmap(void *ptr, size_t size)
+{
+    if (ptr) {
+        /* Unmap both the RAM block and the guard page */
+        munmap(ptr, size + getpagesize());
+    }
+}
diff --git a/qemu/util/oslib-posix.c b/qemu/util/oslib-posix.c
index b688ae6b..43edfeaa 100644
--- a/qemu/util/oslib-posix.c
+++ b/qemu/util/oslib-posix.c
@@ -58,6 +58,8 @@
 #include <sys/sysctl.h>
 #endif
 
+#include <qemu/mmap-alloc.h>
+
 void *qemu_oom_check(void *ptr)
 {
     if (ptr == NULL) {
@@ -99,10 +101,7 @@ void *qemu_memalign(size_t alignment, size_t size)
 void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment)
 {
     size_t align = QEMU_VMALLOC_ALIGN;
-    size_t total = size + align - getpagesize();
-    void *ptr = mmap(0, total, PROT_READ | PROT_WRITE,
-                     MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
-    size_t offset = QEMU_ALIGN_UP((uintptr_t)ptr, align) - (uintptr_t)ptr;
+    void *ptr = qemu_ram_mmap(-1, size, align, false);
 
     if (ptr == MAP_FAILED) {
         return NULL;
@@ -111,15 +110,6 @@ void *qemu_anon_ram_alloc(size_t size, uint64_t *alignment)
     if (alignment) {
         *alignment = align;
     }
-    ptr += offset;
-    total -= offset;
-
-    if (offset > 0) {
-        munmap(ptr - offset, offset);
-    }
-    if (total > size) {
-        munmap(ptr + size, total - size);
-    }
 
     return ptr;
 }
@@ -131,7 +121,5 @@ void qemu_vfree(void *ptr)
 
 void qemu_anon_ram_free(void *ptr, size_t size)
 {
-    if (ptr) {
-        munmap(ptr, size);
-    }
+    qemu_ram_munmap(ptr, size);
 }