From 025db34b64039a76d80439dcebed3d5d0602e968 Mon Sep 17 00:00:00 2001
From: Liu Jiang <gerry@linux.alibaba.com>
Date: Sun, 22 Mar 2020 16:14:53 +0800
Subject: [PATCH] Do not assume program header is sorted by VA

Do not assume program header is sorted ascendantly by virtual
address, otherwise loader_result.kernel_end may be wrong.

Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
---
 coverage_config_x86_64.json            |   2 +-
 src/loader/x86_64/elf/mod.rs           |   5 +++--
 src/loader/x86_64/elf/test_badnote.bin | Bin 640 -> 632 bytes
 src/loader/x86_64/elf/test_elfnote.bin | Bin 648 -> 640 bytes
 4 files changed, 4 insertions(+), 3 deletions(-)
 mode change 100755 => 100644 src/loader/x86_64/elf/test_badnote.bin
 mode change 100755 => 100644 src/loader/x86_64/elf/test_elfnote.bin

diff --git a/coverage_config_x86_64.json b/coverage_config_x86_64.json
index 27f86931..898d1bf0 100644
--- a/coverage_config_x86_64.json
+++ b/coverage_config_x86_64.json
@@ -1,5 +1,5 @@
 {
-  "coverage_score": 74.7,
+  "coverage_score": 74.8,
   "exclude_path": "",
   "crate_features": ""
 }
diff --git a/src/loader/x86_64/elf/mod.rs b/src/loader/x86_64/elf/mod.rs
index 0a7c29f9..4c193902 100644
--- a/src/loader/x86_64/elf/mod.rs
+++ b/src/loader/x86_64/elf/mod.rs
@@ -236,10 +236,11 @@ impl KernelLoader for Elf {
                 .read_exact_from(mem_offset, kernel_image, phdr.p_filesz as usize)
                 .map_err(|_| Error::ReadKernelImage)?;
 
-            loader_result.kernel_end = mem_offset
+            let kernel_end = mem_offset
                 .raw_value()
                 .checked_add(phdr.p_memsz as GuestUsize)
                 .ok_or(KernelLoaderError::MemoryOverflow)?;
+            loader_result.kernel_end = std::cmp::max(loader_result.kernel_end, kernel_end);
         }
 
         // elf image has no setup_header which is defined for bzImage
@@ -291,7 +292,7 @@ where
             kernel_image
                 .read_exact(&mut buf)
                 .map_err(|_| Error::ReadNoteHeader)?;
-            if buf == [b'x', b'e', b'n', b'\0'] {
+            if buf == [b'X', b'e', b'n', b'\0'] {
                 break;
             }
         }
diff --git a/src/loader/x86_64/elf/test_badnote.bin b/src/loader/x86_64/elf/test_badnote.bin
old mode 100755
new mode 100644
index cbe4cb5971f7b3b1883a62eee27e7766bd63d410..99013dd50fe9aa7f7f751177106c3c6bb93e99c5
GIT binary patch
delta 155
zcmZo*{lPLpLXd^gfdK>{Bm;xRL``!}7Dlib1Ixrrea;XFn;~T4LT!E)AcqNvg@8CB
zHE-g5QISV`M7mCL|IfR-^2L@lw_p2SSUd69WDZ7IW}y6J9mXw;B9j*~%1bH&b+AKq
X11W|FP%9rymSnPr+h{U5kx3o^qxT@1

delta 204
zcmeyt(!e@FLXd;efdK>{B#@q{Y0k;P2o_`Dn3$>083AE4L`+<$oxlO)Fafa;5C?>L
z_~n<RGRVs@Ft7mmB0$Ux#O{8f3_Jck43XYjyu4?!qP9(PKU;`txIcqlaYk`TQAuJF
zgI*p`qh3mBZf+%%4K-}C3gZ?=iODk=<t0^tMzI4i$T|>s0(Ik)$%0Jwa3@+!j%1Pt
E02`+$1ONa4

diff --git a/src/loader/x86_64/elf/test_elfnote.bin b/src/loader/x86_64/elf/test_elfnote.bin
old mode 100755
new mode 100644
index 36efd2d3f1a02ef7f9228e87506a8ef5c88e1246..e2fc7faa4f1ed2e46b7198b4f0dd88c9132f5c4b
GIT binary patch
delta 155
zcmeBRZD5@sA;`h#zyJae5=c+fH0R`C1dB0nOw82hjDWBiA|@`>=4SzNIDl9Ph$B+-
zCf=76(Kusk+xc|=G4>Vb9&4T{xUk<OQ+qNGqbxH}ezF1M4n~Q|D;eb_6@fa~ftU%1
WLEs70$|sW*ne5><noQ1Qk_P~~!5z>5

delta 161
zcmZo*?O>fCA;`n%zyJael7YcvqNX_~4<lHNfoEc-K4%Ps%@8wjp|&swkORU(KpYU}
z;g?^MI`Ouo$j#0rn|6y$E1Na7ta0{=brY^CzQ~%)!6?fPRWn(GamVBZj0%#fKz-~$
Z%ml<B@B(V_i^-Bq_HcVGCMPn<0{|WaA%p+`