mirror of
https://github.com/qemu/qemu.git
synced 2024-11-26 12:23:36 +08:00
9c7c040702
If SELinux is setup without 'execmem' permission for qemu, all mmap with (PROT_WRITE | PROT_EXEC) will fail and print a warning in SELinux log. If "nvlink2-mr" memory allocation fails (fist diff), it will cause guest NUMA nodes to not be correctly configured (V100 memory will not be visible for guest, nor its NUMA nodes). Not having 'execmem' permission is intesting for virtual machines to avoid buffer-overflow based attacks, and it's adopted in distros like RHEL. So, removing the PROT_EXEC flag seems the right thing to do. Browsing some other code that mmaps memory for usage with memory_region_init_ram_device_ptr, I could notice it's usual to not have PROT_EXEC (only PROT_READ | PROT_WRITE), so it should be no problem around this. Signed-off-by: Leonardo Bras <leobras.c@gmail.com> Message-Id: <20200501055448.286518-1-leobras.c@gmail.com> Acked-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> |
||
|---|---|---|
| .. | ||
| amd-xgbe.c | ||
| ap.c | ||
| calxeda-xgmac.c | ||
| ccw.c | ||
| common.c | ||
| display.c | ||
| igd.c | ||
| Kconfig | ||
| Makefile.objs | ||
| pci-quirks.c | ||
| pci.c | ||
| pci.h | ||
| platform.c | ||
| spapr.c | ||
| trace-events | ||