From ffe45f38e6f379c1c6986348f361914202603978 Mon Sep 17 00:00:00 2001
From: Bin Lu <bin.lu@arm.com>
Date: Thu, 18 Jul 2019 23:30:52 -0700
Subject: Add ARM64 support to pkg/sentry/loader

Signed-off-by: Bin Lu <bin.lu@arm.com>
---
 pkg/sentry/arch/arch.go  |  4 ++++
 pkg/sentry/loader/elf.go | 17 ++++++++++++++---
 2 files changed, 18 insertions(+), 3 deletions(-)

(limited to 'pkg')

diff --git a/pkg/sentry/arch/arch.go b/pkg/sentry/arch/arch.go
index ace7d5b18..498ca4669 100644
--- a/pkg/sentry/arch/arch.go
+++ b/pkg/sentry/arch/arch.go
@@ -33,6 +33,8 @@ type Arch int
 const (
 	// AMD64 is the x86-64 architecture.
 	AMD64 Arch = iota
+	// ARM64 is the aarch64 architecture.
+	ARM64
 )
 
 // String implements fmt.Stringer.
@@ -40,6 +42,8 @@ func (a Arch) String() string {
 	switch a {
 	case AMD64:
 		return "amd64"
+	case ARM64:
+		return "arm64"
 	default:
 		return fmt.Sprintf("Arch(%d)", a)
 	}
diff --git a/pkg/sentry/loader/elf.go b/pkg/sentry/loader/elf.go
index fba2f27fe..bc5b841fb 100644
--- a/pkg/sentry/loader/elf.go
+++ b/pkg/sentry/loader/elf.go
@@ -148,12 +148,17 @@ func parseHeader(ctx context.Context, f *fs.File) (elfInfo, error) {
 	}
 	binary.Unmarshal(hdrBuf, byteOrder, &hdr)
 
-	// We only support amd64.
-	if machine := elf.Machine(hdr.Machine); machine != elf.EM_X86_64 {
+	// We support amd64 and arm64.
+	var a arch.Arch
+	switch machine := elf.Machine(hdr.Machine); machine {
+	case elf.EM_X86_64:
+		a = arch.AMD64
+	case elf.EM_AARCH64:
+		a = arch.ARM64
+	default:
 		log.Infof("Unsupported ELF machine %d", machine)
 		return elfInfo{}, syserror.ENOEXEC
 	}
-	a := arch.AMD64
 
 	var sharedObject bool
 	elfType := elf.Type(hdr.Type)
@@ -560,6 +565,12 @@ func loadInitialELF(ctx context.Context, m *mm.MemoryManager, fs *cpuid.FeatureS
 		return loadedELF{}, nil, err
 	}
 
+	// Check Image Compatibility.
+	if arch.Host != info.arch {
+		ctx.Warningf("Found mismatch for platform %s with ELF type %s", arch.Host.String(), info.arch.String())
+		return loadedELF{}, nil, syserror.ENOEXEC
+	}
+
 	// Create the arch.Context now so we can prepare the mmap layout before
 	// mapping anything.
 	ac := arch.New(info.arch, fs)
-- 
cgit v1.2.3


From ec906e46c0f99ab4d134c1d7bd84b48ea0a78488 Mon Sep 17 00:00:00 2001
From: Andrei Vagin <avagin@google.com>
Date: Mon, 22 Jul 2019 13:27:13 -0700
Subject: kvm: fix race between machine.Put and machine.Get

m.available.Signal() has to be called under m.mu.RLock, otherwise it can
race with machine.Get:

m.Get			| m.Put
-------------------------------------
m.mu.Lock()		|
Seatching available vcpu|
			| m.available.Signal()
m.available.Wait	|

PiperOrigin-RevId: 259394051
---
 pkg/sentry/platform/kvm/machine.go | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'pkg')

diff --git a/pkg/sentry/platform/kvm/machine.go b/pkg/sentry/platform/kvm/machine.go
index 679087e25..cc6c138b2 100644
--- a/pkg/sentry/platform/kvm/machine.go
+++ b/pkg/sentry/platform/kvm/machine.go
@@ -388,7 +388,10 @@ func (m *machine) Get() *vCPU {
 func (m *machine) Put(c *vCPU) {
 	c.unlock()
 	runtime.UnlockOSThread()
+
+	m.mu.RLock()
 	m.available.Signal()
+	m.mu.RUnlock()
 }
 
 // newDirtySet returns a new dirty set.
-- 
cgit v1.2.3