1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include "qemu/osdep.h" 3 #include <sys/param.h> 4 5 #include <sys/prctl.h> 6 #include <sys/resource.h> 7 #include <sys/shm.h> 8 9 #include "qemu.h" 10 #include "user/tswap-target.h" 11 #include "exec/page-protection.h" 12 #include "user/guest-base.h" 13 #include "user-internals.h" 14 #include "signal-common.h" 15 #include "loader.h" 16 #include "user-mmap.h" 17 #include "disas/disas.h" 18 #include "qemu/bitops.h" 19 #include "qemu/path.h" 20 #include "qemu/queue.h" 21 #include "qemu/guest-random.h" 22 #include "qemu/units.h" 23 #include "qemu/selfmap.h" 24 #include "qemu/lockable.h" 25 #include "qapi/error.h" 26 #include "qemu/error-report.h" 27 #include "target_signal.h" 28 #include "tcg/debuginfo.h" 29 30 #ifdef TARGET_ARM 31 #include "target/arm/cpu-features.h" 32 #endif 33 34 #ifdef _ARCH_PPC64 35 #undef ARCH_DLINFO 36 #undef ELF_PLATFORM 37 #undef ELF_HWCAP 38 #undef ELF_HWCAP2 39 #undef ELF_CLASS 40 #undef ELF_DATA 41 #undef ELF_ARCH 42 #endif 43 44 #ifndef TARGET_ARCH_HAS_SIGTRAMP_PAGE 45 #define TARGET_ARCH_HAS_SIGTRAMP_PAGE 0 46 #endif 47 48 typedef struct { 49 const uint8_t *image; 50 const uint32_t *relocs; 51 unsigned image_size; 52 unsigned reloc_count; 53 unsigned sigreturn_ofs; 54 unsigned rt_sigreturn_ofs; 55 } VdsoImageInfo; 56 57 #define ELF_OSABI ELFOSABI_SYSV 58 59 /* from personality.h */ 60 61 /* 62 * Flags for bug emulation. 63 * 64 * These occupy the top three bytes. 65 */ 66 enum { 67 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 68 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 69 descriptors (signal handling) */ 70 MMAP_PAGE_ZERO = 0x0100000, 71 ADDR_COMPAT_LAYOUT = 0x0200000, 72 READ_IMPLIES_EXEC = 0x0400000, 73 ADDR_LIMIT_32BIT = 0x0800000, 74 SHORT_INODE = 0x1000000, 75 WHOLE_SECONDS = 0x2000000, 76 STICKY_TIMEOUTS = 0x4000000, 77 ADDR_LIMIT_3GB = 0x8000000, 78 }; 79 80 /* 81 * Personality types. 82 * 83 * These go in the low byte. Avoid using the top bit, it will 84 * conflict with error returns. 85 */ 86 enum { 87 PER_LINUX = 0x0000, 88 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 89 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 90 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 91 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 92 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 93 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 94 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 95 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 96 PER_BSD = 0x0006, 97 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 98 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 99 PER_LINUX32 = 0x0008, 100 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 101 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 102 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 103 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 104 PER_RISCOS = 0x000c, 105 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 106 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 107 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 108 PER_HPUX = 0x0010, 109 PER_MASK = 0x00ff, 110 }; 111 112 /* 113 * Return the base personality without flags. 114 */ 115 #define personality(pers) (pers & PER_MASK) 116 info_is_fdpic(struct image_info * info)117 int info_is_fdpic(struct image_info *info) 118 { 119 return info->personality == PER_LINUX_FDPIC; 120 } 121 122 /* this flag is uneffective under linux too, should be deleted */ 123 #ifndef MAP_DENYWRITE 124 #define MAP_DENYWRITE 0 125 #endif 126 127 /* should probably go in elf.h */ 128 #ifndef ELIBBAD 129 #define ELIBBAD 80 130 #endif 131 132 #if TARGET_BIG_ENDIAN 133 #define ELF_DATA ELFDATA2MSB 134 #else 135 #define ELF_DATA ELFDATA2LSB 136 #endif 137 138 #ifdef TARGET_ABI_MIPSN32 139 typedef abi_ullong target_elf_greg_t; 140 #define tswapreg(ptr) tswap64(ptr) 141 #else 142 typedef abi_ulong target_elf_greg_t; 143 #define tswapreg(ptr) tswapal(ptr) 144 #endif 145 146 #ifdef USE_UID16 147 typedef abi_ushort target_uid_t; 148 typedef abi_ushort target_gid_t; 149 #else 150 typedef abi_uint target_uid_t; 151 typedef abi_uint target_gid_t; 152 #endif 153 typedef abi_int target_pid_t; 154 155 #ifdef TARGET_I386 156 157 #define ELF_HWCAP get_elf_hwcap() 158 get_elf_hwcap(void)159 static uint32_t get_elf_hwcap(void) 160 { 161 X86CPU *cpu = X86_CPU(thread_cpu); 162 163 return cpu->env.features[FEAT_1_EDX]; 164 } 165 166 #ifdef TARGET_X86_64 167 #define ELF_CLASS ELFCLASS64 168 #define ELF_ARCH EM_X86_64 169 170 #define ELF_PLATFORM "x86_64" 171 init_thread(struct target_pt_regs * regs,struct image_info * infop)172 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 173 { 174 regs->rax = 0; 175 regs->rsp = infop->start_stack; 176 regs->rip = infop->entry; 177 } 178 179 #define ELF_NREG 27 180 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 181 182 /* 183 * Note that ELF_NREG should be 29 as there should be place for 184 * TRAPNO and ERR "registers" as well but linux doesn't dump 185 * those. 186 * 187 * See linux kernel: arch/x86/include/asm/elf.h 188 */ elf_core_copy_regs(target_elf_gregset_t * regs,const CPUX86State * env)189 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 190 { 191 (*regs)[0] = tswapreg(env->regs[15]); 192 (*regs)[1] = tswapreg(env->regs[14]); 193 (*regs)[2] = tswapreg(env->regs[13]); 194 (*regs)[3] = tswapreg(env->regs[12]); 195 (*regs)[4] = tswapreg(env->regs[R_EBP]); 196 (*regs)[5] = tswapreg(env->regs[R_EBX]); 197 (*regs)[6] = tswapreg(env->regs[11]); 198 (*regs)[7] = tswapreg(env->regs[10]); 199 (*regs)[8] = tswapreg(env->regs[9]); 200 (*regs)[9] = tswapreg(env->regs[8]); 201 (*regs)[10] = tswapreg(env->regs[R_EAX]); 202 (*regs)[11] = tswapreg(env->regs[R_ECX]); 203 (*regs)[12] = tswapreg(env->regs[R_EDX]); 204 (*regs)[13] = tswapreg(env->regs[R_ESI]); 205 (*regs)[14] = tswapreg(env->regs[R_EDI]); 206 (*regs)[15] = tswapreg(get_task_state(env_cpu_const(env))->orig_ax); 207 (*regs)[16] = tswapreg(env->eip); 208 (*regs)[17] = tswapreg(env->segs[R_CS].selector & 0xffff); 209 (*regs)[18] = tswapreg(env->eflags); 210 (*regs)[19] = tswapreg(env->regs[R_ESP]); 211 (*regs)[20] = tswapreg(env->segs[R_SS].selector & 0xffff); 212 (*regs)[21] = tswapreg(env->segs[R_FS].selector & 0xffff); 213 (*regs)[22] = tswapreg(env->segs[R_GS].selector & 0xffff); 214 (*regs)[23] = tswapreg(env->segs[R_DS].selector & 0xffff); 215 (*regs)[24] = tswapreg(env->segs[R_ES].selector & 0xffff); 216 (*regs)[25] = tswapreg(env->segs[R_FS].selector & 0xffff); 217 (*regs)[26] = tswapreg(env->segs[R_GS].selector & 0xffff); 218 } 219 220 #if ULONG_MAX > UINT32_MAX 221 #define INIT_GUEST_COMMPAGE init_guest_commpage(void)222 static bool init_guest_commpage(void) 223 { 224 /* 225 * The vsyscall page is at a high negative address aka kernel space, 226 * which means that we cannot actually allocate it with target_mmap. 227 * We still should be able to use page_set_flags, unless the user 228 * has specified -R reserved_va, which would trigger an assert(). 229 */ 230 if (reserved_va != 0 && 231 TARGET_VSYSCALL_PAGE + TARGET_PAGE_SIZE - 1 > reserved_va) { 232 error_report("Cannot allocate vsyscall page"); 233 exit(EXIT_FAILURE); 234 } 235 page_set_flags(TARGET_VSYSCALL_PAGE, 236 TARGET_VSYSCALL_PAGE | ~TARGET_PAGE_MASK, 237 PAGE_EXEC | PAGE_VALID); 238 return true; 239 } 240 #endif 241 #else 242 243 /* 244 * This is used to ensure we don't load something for the wrong architecture. 245 */ 246 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 247 248 /* 249 * These are used to set parameters in the core dumps. 250 */ 251 #define ELF_CLASS ELFCLASS32 252 #define ELF_ARCH EM_386 253 254 #define ELF_PLATFORM get_elf_platform() 255 #define EXSTACK_DEFAULT true 256 get_elf_platform(void)257 static const char *get_elf_platform(void) 258 { 259 static char elf_platform[] = "i386"; 260 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 261 if (family > 6) { 262 family = 6; 263 } 264 if (family >= 3) { 265 elf_platform[1] = '0' + family; 266 } 267 return elf_platform; 268 } 269 init_thread(struct target_pt_regs * regs,struct image_info * infop)270 static inline void init_thread(struct target_pt_regs *regs, 271 struct image_info *infop) 272 { 273 regs->esp = infop->start_stack; 274 regs->eip = infop->entry; 275 276 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 277 starts %edx contains a pointer to a function which might be 278 registered using `atexit'. This provides a mean for the 279 dynamic linker to call DT_FINI functions for shared libraries 280 that have been loaded before the code runs. 281 282 A value of 0 tells we have no such handler. */ 283 regs->edx = 0; 284 } 285 286 #define ELF_NREG 17 287 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 288 289 /* 290 * Note that ELF_NREG should be 19 as there should be place for 291 * TRAPNO and ERR "registers" as well but linux doesn't dump 292 * those. 293 * 294 * See linux kernel: arch/x86/include/asm/elf.h 295 */ elf_core_copy_regs(target_elf_gregset_t * regs,const CPUX86State * env)296 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 297 { 298 (*regs)[0] = tswapreg(env->regs[R_EBX]); 299 (*regs)[1] = tswapreg(env->regs[R_ECX]); 300 (*regs)[2] = tswapreg(env->regs[R_EDX]); 301 (*regs)[3] = tswapreg(env->regs[R_ESI]); 302 (*regs)[4] = tswapreg(env->regs[R_EDI]); 303 (*regs)[5] = tswapreg(env->regs[R_EBP]); 304 (*regs)[6] = tswapreg(env->regs[R_EAX]); 305 (*regs)[7] = tswapreg(env->segs[R_DS].selector & 0xffff); 306 (*regs)[8] = tswapreg(env->segs[R_ES].selector & 0xffff); 307 (*regs)[9] = tswapreg(env->segs[R_FS].selector & 0xffff); 308 (*regs)[10] = tswapreg(env->segs[R_GS].selector & 0xffff); 309 (*regs)[11] = tswapreg(get_task_state(env_cpu_const(env))->orig_ax); 310 (*regs)[12] = tswapreg(env->eip); 311 (*regs)[13] = tswapreg(env->segs[R_CS].selector & 0xffff); 312 (*regs)[14] = tswapreg(env->eflags); 313 (*regs)[15] = tswapreg(env->regs[R_ESP]); 314 (*regs)[16] = tswapreg(env->segs[R_SS].selector & 0xffff); 315 } 316 317 /* 318 * i386 is the only target which supplies AT_SYSINFO for the vdso. 319 * All others only supply AT_SYSINFO_EHDR. 320 */ 321 #define DLINFO_ARCH_ITEMS (vdso_info != NULL) 322 #define ARCH_DLINFO \ 323 do { \ 324 if (vdso_info) { \ 325 NEW_AUX_ENT(AT_SYSINFO, vdso_info->entry); \ 326 } \ 327 } while (0) 328 329 #endif /* TARGET_X86_64 */ 330 331 #define VDSO_HEADER "vdso.c.inc" 332 333 #define USE_ELF_CORE_DUMP 334 #define ELF_EXEC_PAGESIZE 4096 335 336 #endif /* TARGET_I386 */ 337 338 #ifdef TARGET_ARM 339 340 #ifndef TARGET_AARCH64 341 /* 32 bit ARM definitions */ 342 343 #define ELF_ARCH EM_ARM 344 #define ELF_CLASS ELFCLASS32 345 #define EXSTACK_DEFAULT true 346 init_thread(struct target_pt_regs * regs,struct image_info * infop)347 static inline void init_thread(struct target_pt_regs *regs, 348 struct image_info *infop) 349 { 350 abi_long stack = infop->start_stack; 351 memset(regs, 0, sizeof(*regs)); 352 353 regs->uregs[16] = ARM_CPU_MODE_USR; 354 if (infop->entry & 1) { 355 regs->uregs[16] |= CPSR_T; 356 } 357 regs->uregs[15] = infop->entry & 0xfffffffe; 358 regs->uregs[13] = infop->start_stack; 359 /* FIXME - what to for failure of get_user()? */ 360 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 361 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 362 /* XXX: it seems that r0 is zeroed after ! */ 363 regs->uregs[0] = 0; 364 /* For uClinux PIC binaries. */ 365 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 366 regs->uregs[10] = infop->start_data; 367 368 /* Support ARM FDPIC. */ 369 if (info_is_fdpic(infop)) { 370 /* As described in the ABI document, r7 points to the loadmap info 371 * prepared by the kernel. If an interpreter is needed, r8 points 372 * to the interpreter loadmap and r9 points to the interpreter 373 * PT_DYNAMIC info. If no interpreter is needed, r8 is zero, and 374 * r9 points to the main program PT_DYNAMIC info. 375 */ 376 regs->uregs[7] = infop->loadmap_addr; 377 if (infop->interpreter_loadmap_addr) { 378 /* Executable is dynamically loaded. */ 379 regs->uregs[8] = infop->interpreter_loadmap_addr; 380 regs->uregs[9] = infop->interpreter_pt_dynamic_addr; 381 } else { 382 regs->uregs[8] = 0; 383 regs->uregs[9] = infop->pt_dynamic_addr; 384 } 385 } 386 } 387 388 #define ELF_NREG 18 389 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 390 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUARMState * env)391 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 392 { 393 (*regs)[0] = tswapreg(env->regs[0]); 394 (*regs)[1] = tswapreg(env->regs[1]); 395 (*regs)[2] = tswapreg(env->regs[2]); 396 (*regs)[3] = tswapreg(env->regs[3]); 397 (*regs)[4] = tswapreg(env->regs[4]); 398 (*regs)[5] = tswapreg(env->regs[5]); 399 (*regs)[6] = tswapreg(env->regs[6]); 400 (*regs)[7] = tswapreg(env->regs[7]); 401 (*regs)[8] = tswapreg(env->regs[8]); 402 (*regs)[9] = tswapreg(env->regs[9]); 403 (*regs)[10] = tswapreg(env->regs[10]); 404 (*regs)[11] = tswapreg(env->regs[11]); 405 (*regs)[12] = tswapreg(env->regs[12]); 406 (*regs)[13] = tswapreg(env->regs[13]); 407 (*regs)[14] = tswapreg(env->regs[14]); 408 (*regs)[15] = tswapreg(env->regs[15]); 409 410 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 411 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 412 } 413 414 #define USE_ELF_CORE_DUMP 415 #define ELF_EXEC_PAGESIZE 4096 416 417 enum 418 { 419 ARM_HWCAP_ARM_SWP = 1 << 0, 420 ARM_HWCAP_ARM_HALF = 1 << 1, 421 ARM_HWCAP_ARM_THUMB = 1 << 2, 422 ARM_HWCAP_ARM_26BIT = 1 << 3, 423 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 424 ARM_HWCAP_ARM_FPA = 1 << 5, 425 ARM_HWCAP_ARM_VFP = 1 << 6, 426 ARM_HWCAP_ARM_EDSP = 1 << 7, 427 ARM_HWCAP_ARM_JAVA = 1 << 8, 428 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 429 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 430 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 431 ARM_HWCAP_ARM_NEON = 1 << 12, 432 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 433 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 434 ARM_HWCAP_ARM_TLS = 1 << 15, 435 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 436 ARM_HWCAP_ARM_IDIVA = 1 << 17, 437 ARM_HWCAP_ARM_IDIVT = 1 << 18, 438 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 439 ARM_HWCAP_ARM_LPAE = 1 << 20, 440 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 441 ARM_HWCAP_ARM_FPHP = 1 << 22, 442 ARM_HWCAP_ARM_ASIMDHP = 1 << 23, 443 ARM_HWCAP_ARM_ASIMDDP = 1 << 24, 444 ARM_HWCAP_ARM_ASIMDFHM = 1 << 25, 445 ARM_HWCAP_ARM_ASIMDBF16 = 1 << 26, 446 ARM_HWCAP_ARM_I8MM = 1 << 27, 447 }; 448 449 enum { 450 ARM_HWCAP2_ARM_AES = 1 << 0, 451 ARM_HWCAP2_ARM_PMULL = 1 << 1, 452 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 453 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 454 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 455 ARM_HWCAP2_ARM_SB = 1 << 5, 456 ARM_HWCAP2_ARM_SSBS = 1 << 6, 457 }; 458 459 /* The commpage only exists for 32 bit kernels */ 460 461 #define HI_COMMPAGE (intptr_t)0xffff0f00u 462 init_guest_commpage(void)463 static bool init_guest_commpage(void) 464 { 465 ARMCPU *cpu = ARM_CPU(thread_cpu); 466 int host_page_size = qemu_real_host_page_size(); 467 abi_ptr commpage; 468 void *want; 469 void *addr; 470 471 /* 472 * M-profile allocates maximum of 2GB address space, so can never 473 * allocate the commpage. Skip it. 474 */ 475 if (arm_feature(&cpu->env, ARM_FEATURE_M)) { 476 return true; 477 } 478 479 commpage = HI_COMMPAGE & -host_page_size; 480 want = g2h_untagged(commpage); 481 addr = mmap(want, host_page_size, PROT_READ | PROT_WRITE, 482 MAP_ANONYMOUS | MAP_PRIVATE | 483 (commpage < reserved_va ? MAP_FIXED : MAP_FIXED_NOREPLACE), 484 -1, 0); 485 486 if (addr == MAP_FAILED) { 487 perror("Allocating guest commpage"); 488 exit(EXIT_FAILURE); 489 } 490 if (addr != want) { 491 return false; 492 } 493 494 /* Set kernel helper versions; rest of page is 0. */ 495 __put_user(5, (uint32_t *)g2h_untagged(0xffff0ffcu)); 496 497 if (mprotect(addr, host_page_size, PROT_READ)) { 498 perror("Protecting guest commpage"); 499 exit(EXIT_FAILURE); 500 } 501 502 page_set_flags(commpage, commpage | (host_page_size - 1), 503 PAGE_READ | PAGE_EXEC | PAGE_VALID); 504 return true; 505 } 506 507 #define ELF_HWCAP get_elf_hwcap() 508 #define ELF_HWCAP2 get_elf_hwcap2() 509 get_elf_hwcap(void)510 uint32_t get_elf_hwcap(void) 511 { 512 ARMCPU *cpu = ARM_CPU(thread_cpu); 513 uint32_t hwcaps = 0; 514 515 hwcaps |= ARM_HWCAP_ARM_SWP; 516 hwcaps |= ARM_HWCAP_ARM_HALF; 517 hwcaps |= ARM_HWCAP_ARM_THUMB; 518 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 519 520 /* probe for the extra features */ 521 #define GET_FEATURE(feat, hwcap) \ 522 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 523 524 #define GET_FEATURE_ID(feat, hwcap) \ 525 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 526 527 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 528 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 529 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 530 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 531 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 532 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 533 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 534 GET_FEATURE_ID(aa32_arm_div, ARM_HWCAP_ARM_IDIVA); 535 GET_FEATURE_ID(aa32_thumb_div, ARM_HWCAP_ARM_IDIVT); 536 GET_FEATURE_ID(aa32_vfp, ARM_HWCAP_ARM_VFP); 537 538 if (cpu_isar_feature(aa32_fpsp_v3, cpu) || 539 cpu_isar_feature(aa32_fpdp_v3, cpu)) { 540 hwcaps |= ARM_HWCAP_ARM_VFPv3; 541 if (cpu_isar_feature(aa32_simd_r32, cpu)) { 542 hwcaps |= ARM_HWCAP_ARM_VFPD32; 543 } else { 544 hwcaps |= ARM_HWCAP_ARM_VFPv3D16; 545 } 546 } 547 GET_FEATURE_ID(aa32_simdfmac, ARM_HWCAP_ARM_VFPv4); 548 /* 549 * MVFR1.FPHP and .SIMDHP must be in sync, and QEMU uses the same 550 * isar_feature function for both. The kernel reports them as two hwcaps. 551 */ 552 GET_FEATURE_ID(aa32_fp16_arith, ARM_HWCAP_ARM_FPHP); 553 GET_FEATURE_ID(aa32_fp16_arith, ARM_HWCAP_ARM_ASIMDHP); 554 GET_FEATURE_ID(aa32_dp, ARM_HWCAP_ARM_ASIMDDP); 555 GET_FEATURE_ID(aa32_fhm, ARM_HWCAP_ARM_ASIMDFHM); 556 GET_FEATURE_ID(aa32_bf16, ARM_HWCAP_ARM_ASIMDBF16); 557 GET_FEATURE_ID(aa32_i8mm, ARM_HWCAP_ARM_I8MM); 558 559 return hwcaps; 560 } 561 get_elf_hwcap2(void)562 uint64_t get_elf_hwcap2(void) 563 { 564 ARMCPU *cpu = ARM_CPU(thread_cpu); 565 uint64_t hwcaps = 0; 566 567 GET_FEATURE_ID(aa32_aes, ARM_HWCAP2_ARM_AES); 568 GET_FEATURE_ID(aa32_pmull, ARM_HWCAP2_ARM_PMULL); 569 GET_FEATURE_ID(aa32_sha1, ARM_HWCAP2_ARM_SHA1); 570 GET_FEATURE_ID(aa32_sha2, ARM_HWCAP2_ARM_SHA2); 571 GET_FEATURE_ID(aa32_crc32, ARM_HWCAP2_ARM_CRC32); 572 GET_FEATURE_ID(aa32_sb, ARM_HWCAP2_ARM_SB); 573 GET_FEATURE_ID(aa32_ssbs, ARM_HWCAP2_ARM_SSBS); 574 return hwcaps; 575 } 576 elf_hwcap_str(uint32_t bit)577 const char *elf_hwcap_str(uint32_t bit) 578 { 579 static const char *hwcap_str[] = { 580 [__builtin_ctz(ARM_HWCAP_ARM_SWP )] = "swp", 581 [__builtin_ctz(ARM_HWCAP_ARM_HALF )] = "half", 582 [__builtin_ctz(ARM_HWCAP_ARM_THUMB )] = "thumb", 583 [__builtin_ctz(ARM_HWCAP_ARM_26BIT )] = "26bit", 584 [__builtin_ctz(ARM_HWCAP_ARM_FAST_MULT)] = "fast_mult", 585 [__builtin_ctz(ARM_HWCAP_ARM_FPA )] = "fpa", 586 [__builtin_ctz(ARM_HWCAP_ARM_VFP )] = "vfp", 587 [__builtin_ctz(ARM_HWCAP_ARM_EDSP )] = "edsp", 588 [__builtin_ctz(ARM_HWCAP_ARM_JAVA )] = "java", 589 [__builtin_ctz(ARM_HWCAP_ARM_IWMMXT )] = "iwmmxt", 590 [__builtin_ctz(ARM_HWCAP_ARM_CRUNCH )] = "crunch", 591 [__builtin_ctz(ARM_HWCAP_ARM_THUMBEE )] = "thumbee", 592 [__builtin_ctz(ARM_HWCAP_ARM_NEON )] = "neon", 593 [__builtin_ctz(ARM_HWCAP_ARM_VFPv3 )] = "vfpv3", 594 [__builtin_ctz(ARM_HWCAP_ARM_VFPv3D16 )] = "vfpv3d16", 595 [__builtin_ctz(ARM_HWCAP_ARM_TLS )] = "tls", 596 [__builtin_ctz(ARM_HWCAP_ARM_VFPv4 )] = "vfpv4", 597 [__builtin_ctz(ARM_HWCAP_ARM_IDIVA )] = "idiva", 598 [__builtin_ctz(ARM_HWCAP_ARM_IDIVT )] = "idivt", 599 [__builtin_ctz(ARM_HWCAP_ARM_VFPD32 )] = "vfpd32", 600 [__builtin_ctz(ARM_HWCAP_ARM_LPAE )] = "lpae", 601 [__builtin_ctz(ARM_HWCAP_ARM_EVTSTRM )] = "evtstrm", 602 [__builtin_ctz(ARM_HWCAP_ARM_FPHP )] = "fphp", 603 [__builtin_ctz(ARM_HWCAP_ARM_ASIMDHP )] = "asimdhp", 604 [__builtin_ctz(ARM_HWCAP_ARM_ASIMDDP )] = "asimddp", 605 [__builtin_ctz(ARM_HWCAP_ARM_ASIMDFHM )] = "asimdfhm", 606 [__builtin_ctz(ARM_HWCAP_ARM_ASIMDBF16)] = "asimdbf16", 607 [__builtin_ctz(ARM_HWCAP_ARM_I8MM )] = "i8mm", 608 }; 609 610 return bit < ARRAY_SIZE(hwcap_str) ? hwcap_str[bit] : NULL; 611 } 612 elf_hwcap2_str(uint32_t bit)613 const char *elf_hwcap2_str(uint32_t bit) 614 { 615 static const char *hwcap_str[] = { 616 [__builtin_ctz(ARM_HWCAP2_ARM_AES )] = "aes", 617 [__builtin_ctz(ARM_HWCAP2_ARM_PMULL)] = "pmull", 618 [__builtin_ctz(ARM_HWCAP2_ARM_SHA1 )] = "sha1", 619 [__builtin_ctz(ARM_HWCAP2_ARM_SHA2 )] = "sha2", 620 [__builtin_ctz(ARM_HWCAP2_ARM_CRC32)] = "crc32", 621 [__builtin_ctz(ARM_HWCAP2_ARM_SB )] = "sb", 622 [__builtin_ctz(ARM_HWCAP2_ARM_SSBS )] = "ssbs", 623 }; 624 625 return bit < ARRAY_SIZE(hwcap_str) ? hwcap_str[bit] : NULL; 626 } 627 628 #undef GET_FEATURE 629 #undef GET_FEATURE_ID 630 631 #define ELF_PLATFORM get_elf_platform() 632 get_elf_platform(void)633 static const char *get_elf_platform(void) 634 { 635 CPUARMState *env = cpu_env(thread_cpu); 636 637 #if TARGET_BIG_ENDIAN 638 # define END "b" 639 #else 640 # define END "l" 641 #endif 642 643 if (arm_feature(env, ARM_FEATURE_V8)) { 644 return "v8" END; 645 } else if (arm_feature(env, ARM_FEATURE_V7)) { 646 if (arm_feature(env, ARM_FEATURE_M)) { 647 return "v7m" END; 648 } else { 649 return "v7" END; 650 } 651 } else if (arm_feature(env, ARM_FEATURE_V6)) { 652 return "v6" END; 653 } else if (arm_feature(env, ARM_FEATURE_V5)) { 654 return "v5" END; 655 } else { 656 return "v4" END; 657 } 658 659 #undef END 660 } 661 662 #if TARGET_BIG_ENDIAN 663 #include "elf.h" 664 #include "vdso-be8.c.inc" 665 #include "vdso-be32.c.inc" 666 vdso_image_info(uint32_t elf_flags)667 static const VdsoImageInfo *vdso_image_info(uint32_t elf_flags) 668 { 669 return (EF_ARM_EABI_VERSION(elf_flags) >= EF_ARM_EABI_VER4 670 && (elf_flags & EF_ARM_BE8) 671 ? &vdso_be8_image_info 672 : &vdso_be32_image_info); 673 } 674 #define vdso_image_info vdso_image_info 675 #else 676 # define VDSO_HEADER "vdso-le.c.inc" 677 #endif 678 679 #else 680 /* 64 bit ARM definitions */ 681 682 #define ELF_ARCH EM_AARCH64 683 #define ELF_CLASS ELFCLASS64 684 #if TARGET_BIG_ENDIAN 685 # define ELF_PLATFORM "aarch64_be" 686 #else 687 # define ELF_PLATFORM "aarch64" 688 #endif 689 init_thread(struct target_pt_regs * regs,struct image_info * infop)690 static inline void init_thread(struct target_pt_regs *regs, 691 struct image_info *infop) 692 { 693 abi_long stack = infop->start_stack; 694 memset(regs, 0, sizeof(*regs)); 695 696 regs->pc = infop->entry & ~0x3ULL; 697 regs->sp = stack; 698 } 699 700 #define ELF_NREG 34 701 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 702 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUARMState * env)703 static void elf_core_copy_regs(target_elf_gregset_t *regs, 704 const CPUARMState *env) 705 { 706 int i; 707 708 for (i = 0; i < 32; i++) { 709 (*regs)[i] = tswapreg(env->xregs[i]); 710 } 711 (*regs)[32] = tswapreg(env->pc); 712 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 713 } 714 715 #define USE_ELF_CORE_DUMP 716 #define ELF_EXEC_PAGESIZE 4096 717 718 enum { 719 ARM_HWCAP_A64_FP = 1 << 0, 720 ARM_HWCAP_A64_ASIMD = 1 << 1, 721 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 722 ARM_HWCAP_A64_AES = 1 << 3, 723 ARM_HWCAP_A64_PMULL = 1 << 4, 724 ARM_HWCAP_A64_SHA1 = 1 << 5, 725 ARM_HWCAP_A64_SHA2 = 1 << 6, 726 ARM_HWCAP_A64_CRC32 = 1 << 7, 727 ARM_HWCAP_A64_ATOMICS = 1 << 8, 728 ARM_HWCAP_A64_FPHP = 1 << 9, 729 ARM_HWCAP_A64_ASIMDHP = 1 << 10, 730 ARM_HWCAP_A64_CPUID = 1 << 11, 731 ARM_HWCAP_A64_ASIMDRDM = 1 << 12, 732 ARM_HWCAP_A64_JSCVT = 1 << 13, 733 ARM_HWCAP_A64_FCMA = 1 << 14, 734 ARM_HWCAP_A64_LRCPC = 1 << 15, 735 ARM_HWCAP_A64_DCPOP = 1 << 16, 736 ARM_HWCAP_A64_SHA3 = 1 << 17, 737 ARM_HWCAP_A64_SM3 = 1 << 18, 738 ARM_HWCAP_A64_SM4 = 1 << 19, 739 ARM_HWCAP_A64_ASIMDDP = 1 << 20, 740 ARM_HWCAP_A64_SHA512 = 1 << 21, 741 ARM_HWCAP_A64_SVE = 1 << 22, 742 ARM_HWCAP_A64_ASIMDFHM = 1 << 23, 743 ARM_HWCAP_A64_DIT = 1 << 24, 744 ARM_HWCAP_A64_USCAT = 1 << 25, 745 ARM_HWCAP_A64_ILRCPC = 1 << 26, 746 ARM_HWCAP_A64_FLAGM = 1 << 27, 747 ARM_HWCAP_A64_SSBS = 1 << 28, 748 ARM_HWCAP_A64_SB = 1 << 29, 749 ARM_HWCAP_A64_PACA = 1 << 30, 750 ARM_HWCAP_A64_PACG = 1UL << 31, 751 752 ARM_HWCAP2_A64_DCPODP = 1 << 0, 753 ARM_HWCAP2_A64_SVE2 = 1 << 1, 754 ARM_HWCAP2_A64_SVEAES = 1 << 2, 755 ARM_HWCAP2_A64_SVEPMULL = 1 << 3, 756 ARM_HWCAP2_A64_SVEBITPERM = 1 << 4, 757 ARM_HWCAP2_A64_SVESHA3 = 1 << 5, 758 ARM_HWCAP2_A64_SVESM4 = 1 << 6, 759 ARM_HWCAP2_A64_FLAGM2 = 1 << 7, 760 ARM_HWCAP2_A64_FRINT = 1 << 8, 761 ARM_HWCAP2_A64_SVEI8MM = 1 << 9, 762 ARM_HWCAP2_A64_SVEF32MM = 1 << 10, 763 ARM_HWCAP2_A64_SVEF64MM = 1 << 11, 764 ARM_HWCAP2_A64_SVEBF16 = 1 << 12, 765 ARM_HWCAP2_A64_I8MM = 1 << 13, 766 ARM_HWCAP2_A64_BF16 = 1 << 14, 767 ARM_HWCAP2_A64_DGH = 1 << 15, 768 ARM_HWCAP2_A64_RNG = 1 << 16, 769 ARM_HWCAP2_A64_BTI = 1 << 17, 770 ARM_HWCAP2_A64_MTE = 1 << 18, 771 ARM_HWCAP2_A64_ECV = 1 << 19, 772 ARM_HWCAP2_A64_AFP = 1 << 20, 773 ARM_HWCAP2_A64_RPRES = 1 << 21, 774 ARM_HWCAP2_A64_MTE3 = 1 << 22, 775 ARM_HWCAP2_A64_SME = 1 << 23, 776 ARM_HWCAP2_A64_SME_I16I64 = 1 << 24, 777 ARM_HWCAP2_A64_SME_F64F64 = 1 << 25, 778 ARM_HWCAP2_A64_SME_I8I32 = 1 << 26, 779 ARM_HWCAP2_A64_SME_F16F32 = 1 << 27, 780 ARM_HWCAP2_A64_SME_B16F32 = 1 << 28, 781 ARM_HWCAP2_A64_SME_F32F32 = 1 << 29, 782 ARM_HWCAP2_A64_SME_FA64 = 1 << 30, 783 ARM_HWCAP2_A64_WFXT = 1ULL << 31, 784 ARM_HWCAP2_A64_EBF16 = 1ULL << 32, 785 ARM_HWCAP2_A64_SVE_EBF16 = 1ULL << 33, 786 ARM_HWCAP2_A64_CSSC = 1ULL << 34, 787 ARM_HWCAP2_A64_RPRFM = 1ULL << 35, 788 ARM_HWCAP2_A64_SVE2P1 = 1ULL << 36, 789 ARM_HWCAP2_A64_SME2 = 1ULL << 37, 790 ARM_HWCAP2_A64_SME2P1 = 1ULL << 38, 791 ARM_HWCAP2_A64_SME_I16I32 = 1ULL << 39, 792 ARM_HWCAP2_A64_SME_BI32I32 = 1ULL << 40, 793 ARM_HWCAP2_A64_SME_B16B16 = 1ULL << 41, 794 ARM_HWCAP2_A64_SME_F16F16 = 1ULL << 42, 795 ARM_HWCAP2_A64_MOPS = 1ULL << 43, 796 ARM_HWCAP2_A64_HBC = 1ULL << 44, 797 }; 798 799 #define ELF_HWCAP get_elf_hwcap() 800 #define ELF_HWCAP2 get_elf_hwcap2() 801 802 #define GET_FEATURE_ID(feat, hwcap) \ 803 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 804 get_elf_hwcap(void)805 uint32_t get_elf_hwcap(void) 806 { 807 ARMCPU *cpu = ARM_CPU(thread_cpu); 808 uint32_t hwcaps = 0; 809 810 hwcaps |= ARM_HWCAP_A64_FP; 811 hwcaps |= ARM_HWCAP_A64_ASIMD; 812 hwcaps |= ARM_HWCAP_A64_CPUID; 813 814 /* probe for the extra features */ 815 816 GET_FEATURE_ID(aa64_aes, ARM_HWCAP_A64_AES); 817 GET_FEATURE_ID(aa64_pmull, ARM_HWCAP_A64_PMULL); 818 GET_FEATURE_ID(aa64_sha1, ARM_HWCAP_A64_SHA1); 819 GET_FEATURE_ID(aa64_sha256, ARM_HWCAP_A64_SHA2); 820 GET_FEATURE_ID(aa64_sha512, ARM_HWCAP_A64_SHA512); 821 GET_FEATURE_ID(aa64_crc32, ARM_HWCAP_A64_CRC32); 822 GET_FEATURE_ID(aa64_sha3, ARM_HWCAP_A64_SHA3); 823 GET_FEATURE_ID(aa64_sm3, ARM_HWCAP_A64_SM3); 824 GET_FEATURE_ID(aa64_sm4, ARM_HWCAP_A64_SM4); 825 GET_FEATURE_ID(aa64_fp16, ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP); 826 GET_FEATURE_ID(aa64_atomics, ARM_HWCAP_A64_ATOMICS); 827 GET_FEATURE_ID(aa64_lse2, ARM_HWCAP_A64_USCAT); 828 GET_FEATURE_ID(aa64_rdm, ARM_HWCAP_A64_ASIMDRDM); 829 GET_FEATURE_ID(aa64_dp, ARM_HWCAP_A64_ASIMDDP); 830 GET_FEATURE_ID(aa64_fcma, ARM_HWCAP_A64_FCMA); 831 GET_FEATURE_ID(aa64_sve, ARM_HWCAP_A64_SVE); 832 GET_FEATURE_ID(aa64_pauth, ARM_HWCAP_A64_PACA | ARM_HWCAP_A64_PACG); 833 GET_FEATURE_ID(aa64_fhm, ARM_HWCAP_A64_ASIMDFHM); 834 GET_FEATURE_ID(aa64_dit, ARM_HWCAP_A64_DIT); 835 GET_FEATURE_ID(aa64_jscvt, ARM_HWCAP_A64_JSCVT); 836 GET_FEATURE_ID(aa64_sb, ARM_HWCAP_A64_SB); 837 GET_FEATURE_ID(aa64_condm_4, ARM_HWCAP_A64_FLAGM); 838 GET_FEATURE_ID(aa64_dcpop, ARM_HWCAP_A64_DCPOP); 839 GET_FEATURE_ID(aa64_rcpc_8_3, ARM_HWCAP_A64_LRCPC); 840 GET_FEATURE_ID(aa64_rcpc_8_4, ARM_HWCAP_A64_ILRCPC); 841 842 return hwcaps; 843 } 844 get_elf_hwcap2(void)845 uint64_t get_elf_hwcap2(void) 846 { 847 ARMCPU *cpu = ARM_CPU(thread_cpu); 848 uint64_t hwcaps = 0; 849 850 GET_FEATURE_ID(aa64_dcpodp, ARM_HWCAP2_A64_DCPODP); 851 GET_FEATURE_ID(aa64_sve2, ARM_HWCAP2_A64_SVE2); 852 GET_FEATURE_ID(aa64_sve2_aes, ARM_HWCAP2_A64_SVEAES); 853 GET_FEATURE_ID(aa64_sve2_pmull128, ARM_HWCAP2_A64_SVEPMULL); 854 GET_FEATURE_ID(aa64_sve2_bitperm, ARM_HWCAP2_A64_SVEBITPERM); 855 GET_FEATURE_ID(aa64_sve2_sha3, ARM_HWCAP2_A64_SVESHA3); 856 GET_FEATURE_ID(aa64_sve2_sm4, ARM_HWCAP2_A64_SVESM4); 857 GET_FEATURE_ID(aa64_condm_5, ARM_HWCAP2_A64_FLAGM2); 858 GET_FEATURE_ID(aa64_frint, ARM_HWCAP2_A64_FRINT); 859 GET_FEATURE_ID(aa64_sve_i8mm, ARM_HWCAP2_A64_SVEI8MM); 860 GET_FEATURE_ID(aa64_sve_f32mm, ARM_HWCAP2_A64_SVEF32MM); 861 GET_FEATURE_ID(aa64_sve_f64mm, ARM_HWCAP2_A64_SVEF64MM); 862 GET_FEATURE_ID(aa64_sve_bf16, ARM_HWCAP2_A64_SVEBF16); 863 GET_FEATURE_ID(aa64_i8mm, ARM_HWCAP2_A64_I8MM); 864 GET_FEATURE_ID(aa64_bf16, ARM_HWCAP2_A64_BF16); 865 GET_FEATURE_ID(aa64_rndr, ARM_HWCAP2_A64_RNG); 866 GET_FEATURE_ID(aa64_bti, ARM_HWCAP2_A64_BTI); 867 GET_FEATURE_ID(aa64_mte, ARM_HWCAP2_A64_MTE); 868 GET_FEATURE_ID(aa64_mte3, ARM_HWCAP2_A64_MTE3); 869 GET_FEATURE_ID(aa64_sme, (ARM_HWCAP2_A64_SME | 870 ARM_HWCAP2_A64_SME_F32F32 | 871 ARM_HWCAP2_A64_SME_B16F32 | 872 ARM_HWCAP2_A64_SME_F16F32 | 873 ARM_HWCAP2_A64_SME_I8I32)); 874 GET_FEATURE_ID(aa64_sme_f64f64, ARM_HWCAP2_A64_SME_F64F64); 875 GET_FEATURE_ID(aa64_sme_i16i64, ARM_HWCAP2_A64_SME_I16I64); 876 GET_FEATURE_ID(aa64_sme_fa64, ARM_HWCAP2_A64_SME_FA64); 877 GET_FEATURE_ID(aa64_hbc, ARM_HWCAP2_A64_HBC); 878 GET_FEATURE_ID(aa64_mops, ARM_HWCAP2_A64_MOPS); 879 880 return hwcaps; 881 } 882 elf_hwcap_str(uint32_t bit)883 const char *elf_hwcap_str(uint32_t bit) 884 { 885 static const char *hwcap_str[] = { 886 [__builtin_ctz(ARM_HWCAP_A64_FP )] = "fp", 887 [__builtin_ctz(ARM_HWCAP_A64_ASIMD )] = "asimd", 888 [__builtin_ctz(ARM_HWCAP_A64_EVTSTRM )] = "evtstrm", 889 [__builtin_ctz(ARM_HWCAP_A64_AES )] = "aes", 890 [__builtin_ctz(ARM_HWCAP_A64_PMULL )] = "pmull", 891 [__builtin_ctz(ARM_HWCAP_A64_SHA1 )] = "sha1", 892 [__builtin_ctz(ARM_HWCAP_A64_SHA2 )] = "sha2", 893 [__builtin_ctz(ARM_HWCAP_A64_CRC32 )] = "crc32", 894 [__builtin_ctz(ARM_HWCAP_A64_ATOMICS )] = "atomics", 895 [__builtin_ctz(ARM_HWCAP_A64_FPHP )] = "fphp", 896 [__builtin_ctz(ARM_HWCAP_A64_ASIMDHP )] = "asimdhp", 897 [__builtin_ctz(ARM_HWCAP_A64_CPUID )] = "cpuid", 898 [__builtin_ctz(ARM_HWCAP_A64_ASIMDRDM)] = "asimdrdm", 899 [__builtin_ctz(ARM_HWCAP_A64_JSCVT )] = "jscvt", 900 [__builtin_ctz(ARM_HWCAP_A64_FCMA )] = "fcma", 901 [__builtin_ctz(ARM_HWCAP_A64_LRCPC )] = "lrcpc", 902 [__builtin_ctz(ARM_HWCAP_A64_DCPOP )] = "dcpop", 903 [__builtin_ctz(ARM_HWCAP_A64_SHA3 )] = "sha3", 904 [__builtin_ctz(ARM_HWCAP_A64_SM3 )] = "sm3", 905 [__builtin_ctz(ARM_HWCAP_A64_SM4 )] = "sm4", 906 [__builtin_ctz(ARM_HWCAP_A64_ASIMDDP )] = "asimddp", 907 [__builtin_ctz(ARM_HWCAP_A64_SHA512 )] = "sha512", 908 [__builtin_ctz(ARM_HWCAP_A64_SVE )] = "sve", 909 [__builtin_ctz(ARM_HWCAP_A64_ASIMDFHM)] = "asimdfhm", 910 [__builtin_ctz(ARM_HWCAP_A64_DIT )] = "dit", 911 [__builtin_ctz(ARM_HWCAP_A64_USCAT )] = "uscat", 912 [__builtin_ctz(ARM_HWCAP_A64_ILRCPC )] = "ilrcpc", 913 [__builtin_ctz(ARM_HWCAP_A64_FLAGM )] = "flagm", 914 [__builtin_ctz(ARM_HWCAP_A64_SSBS )] = "ssbs", 915 [__builtin_ctz(ARM_HWCAP_A64_SB )] = "sb", 916 [__builtin_ctz(ARM_HWCAP_A64_PACA )] = "paca", 917 [__builtin_ctz(ARM_HWCAP_A64_PACG )] = "pacg", 918 }; 919 920 return bit < ARRAY_SIZE(hwcap_str) ? hwcap_str[bit] : NULL; 921 } 922 elf_hwcap2_str(uint32_t bit)923 const char *elf_hwcap2_str(uint32_t bit) 924 { 925 static const char *hwcap_str[] = { 926 [__builtin_ctz(ARM_HWCAP2_A64_DCPODP )] = "dcpodp", 927 [__builtin_ctz(ARM_HWCAP2_A64_SVE2 )] = "sve2", 928 [__builtin_ctz(ARM_HWCAP2_A64_SVEAES )] = "sveaes", 929 [__builtin_ctz(ARM_HWCAP2_A64_SVEPMULL )] = "svepmull", 930 [__builtin_ctz(ARM_HWCAP2_A64_SVEBITPERM )] = "svebitperm", 931 [__builtin_ctz(ARM_HWCAP2_A64_SVESHA3 )] = "svesha3", 932 [__builtin_ctz(ARM_HWCAP2_A64_SVESM4 )] = "svesm4", 933 [__builtin_ctz(ARM_HWCAP2_A64_FLAGM2 )] = "flagm2", 934 [__builtin_ctz(ARM_HWCAP2_A64_FRINT )] = "frint", 935 [__builtin_ctz(ARM_HWCAP2_A64_SVEI8MM )] = "svei8mm", 936 [__builtin_ctz(ARM_HWCAP2_A64_SVEF32MM )] = "svef32mm", 937 [__builtin_ctz(ARM_HWCAP2_A64_SVEF64MM )] = "svef64mm", 938 [__builtin_ctz(ARM_HWCAP2_A64_SVEBF16 )] = "svebf16", 939 [__builtin_ctz(ARM_HWCAP2_A64_I8MM )] = "i8mm", 940 [__builtin_ctz(ARM_HWCAP2_A64_BF16 )] = "bf16", 941 [__builtin_ctz(ARM_HWCAP2_A64_DGH )] = "dgh", 942 [__builtin_ctz(ARM_HWCAP2_A64_RNG )] = "rng", 943 [__builtin_ctz(ARM_HWCAP2_A64_BTI )] = "bti", 944 [__builtin_ctz(ARM_HWCAP2_A64_MTE )] = "mte", 945 [__builtin_ctz(ARM_HWCAP2_A64_ECV )] = "ecv", 946 [__builtin_ctz(ARM_HWCAP2_A64_AFP )] = "afp", 947 [__builtin_ctz(ARM_HWCAP2_A64_RPRES )] = "rpres", 948 [__builtin_ctz(ARM_HWCAP2_A64_MTE3 )] = "mte3", 949 [__builtin_ctz(ARM_HWCAP2_A64_SME )] = "sme", 950 [__builtin_ctz(ARM_HWCAP2_A64_SME_I16I64 )] = "smei16i64", 951 [__builtin_ctz(ARM_HWCAP2_A64_SME_F64F64 )] = "smef64f64", 952 [__builtin_ctz(ARM_HWCAP2_A64_SME_I8I32 )] = "smei8i32", 953 [__builtin_ctz(ARM_HWCAP2_A64_SME_F16F32 )] = "smef16f32", 954 [__builtin_ctz(ARM_HWCAP2_A64_SME_B16F32 )] = "smeb16f32", 955 [__builtin_ctz(ARM_HWCAP2_A64_SME_F32F32 )] = "smef32f32", 956 [__builtin_ctz(ARM_HWCAP2_A64_SME_FA64 )] = "smefa64", 957 [__builtin_ctz(ARM_HWCAP2_A64_WFXT )] = "wfxt", 958 [__builtin_ctzll(ARM_HWCAP2_A64_EBF16 )] = "ebf16", 959 [__builtin_ctzll(ARM_HWCAP2_A64_SVE_EBF16 )] = "sveebf16", 960 [__builtin_ctzll(ARM_HWCAP2_A64_CSSC )] = "cssc", 961 [__builtin_ctzll(ARM_HWCAP2_A64_RPRFM )] = "rprfm", 962 [__builtin_ctzll(ARM_HWCAP2_A64_SVE2P1 )] = "sve2p1", 963 [__builtin_ctzll(ARM_HWCAP2_A64_SME2 )] = "sme2", 964 [__builtin_ctzll(ARM_HWCAP2_A64_SME2P1 )] = "sme2p1", 965 [__builtin_ctzll(ARM_HWCAP2_A64_SME_I16I32 )] = "smei16i32", 966 [__builtin_ctzll(ARM_HWCAP2_A64_SME_BI32I32)] = "smebi32i32", 967 [__builtin_ctzll(ARM_HWCAP2_A64_SME_B16B16 )] = "smeb16b16", 968 [__builtin_ctzll(ARM_HWCAP2_A64_SME_F16F16 )] = "smef16f16", 969 [__builtin_ctzll(ARM_HWCAP2_A64_MOPS )] = "mops", 970 [__builtin_ctzll(ARM_HWCAP2_A64_HBC )] = "hbc", 971 }; 972 973 return bit < ARRAY_SIZE(hwcap_str) ? hwcap_str[bit] : NULL; 974 } 975 976 #undef GET_FEATURE_ID 977 978 #if TARGET_BIG_ENDIAN 979 # define VDSO_HEADER "vdso-be.c.inc" 980 #else 981 # define VDSO_HEADER "vdso-le.c.inc" 982 #endif 983 984 #endif /* not TARGET_AARCH64 */ 985 986 #endif /* TARGET_ARM */ 987 988 #ifdef TARGET_SPARC 989 990 #ifndef TARGET_SPARC64 991 # define ELF_CLASS ELFCLASS32 992 # define ELF_ARCH EM_SPARC 993 #elif defined(TARGET_ABI32) 994 # define ELF_CLASS ELFCLASS32 995 # define elf_check_arch(x) ((x) == EM_SPARC32PLUS || (x) == EM_SPARC) 996 #else 997 # define ELF_CLASS ELFCLASS64 998 # define ELF_ARCH EM_SPARCV9 999 #endif 1000 1001 #include "elf.h" 1002 1003 #define ELF_HWCAP get_elf_hwcap() 1004 get_elf_hwcap(void)1005 static uint32_t get_elf_hwcap(void) 1006 { 1007 /* There are not many sparc32 hwcap bits -- we have all of them. */ 1008 uint32_t r = HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | 1009 HWCAP_SPARC_SWAP | HWCAP_SPARC_MULDIV; 1010 1011 #ifdef TARGET_SPARC64 1012 CPUSPARCState *env = cpu_env(thread_cpu); 1013 uint32_t features = env->def.features; 1014 1015 r |= HWCAP_SPARC_V9 | HWCAP_SPARC_V8PLUS; 1016 /* 32x32 multiply and divide are efficient. */ 1017 r |= HWCAP_SPARC_MUL32 | HWCAP_SPARC_DIV32; 1018 /* We don't have an internal feature bit for this. */ 1019 r |= HWCAP_SPARC_POPC; 1020 r |= features & CPU_FEATURE_FSMULD ? HWCAP_SPARC_FSMULD : 0; 1021 r |= features & CPU_FEATURE_VIS1 ? HWCAP_SPARC_VIS : 0; 1022 r |= features & CPU_FEATURE_VIS2 ? HWCAP_SPARC_VIS2 : 0; 1023 r |= features & CPU_FEATURE_FMAF ? HWCAP_SPARC_FMAF : 0; 1024 r |= features & CPU_FEATURE_VIS3 ? HWCAP_SPARC_VIS3 : 0; 1025 r |= features & CPU_FEATURE_IMA ? HWCAP_SPARC_IMA : 0; 1026 #endif 1027 1028 return r; 1029 } 1030 init_thread(struct target_pt_regs * regs,struct image_info * infop)1031 static inline void init_thread(struct target_pt_regs *regs, 1032 struct image_info *infop) 1033 { 1034 /* Note that target_cpu_copy_regs does not read psr/tstate. */ 1035 regs->pc = infop->entry; 1036 regs->npc = regs->pc + 4; 1037 regs->y = 0; 1038 regs->u_regs[14] = (infop->start_stack - 16 * sizeof(abi_ulong) 1039 - TARGET_STACK_BIAS); 1040 } 1041 #endif /* TARGET_SPARC */ 1042 1043 #ifdef TARGET_PPC 1044 1045 #define ELF_MACHINE PPC_ELF_MACHINE 1046 1047 #if defined(TARGET_PPC64) 1048 1049 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 1050 1051 #define ELF_CLASS ELFCLASS64 1052 1053 #else 1054 1055 #define ELF_CLASS ELFCLASS32 1056 #define EXSTACK_DEFAULT true 1057 1058 #endif 1059 1060 #define ELF_ARCH EM_PPC 1061 1062 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 1063 See arch/powerpc/include/asm/cputable.h. */ 1064 enum { 1065 QEMU_PPC_FEATURE_32 = 0x80000000, 1066 QEMU_PPC_FEATURE_64 = 0x40000000, 1067 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 1068 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 1069 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 1070 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 1071 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 1072 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 1073 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 1074 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 1075 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 1076 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 1077 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 1078 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 1079 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 1080 QEMU_PPC_FEATURE_CELL = 0x00010000, 1081 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 1082 QEMU_PPC_FEATURE_SMT = 0x00004000, 1083 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 1084 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 1085 QEMU_PPC_FEATURE_PA6T = 0x00000800, 1086 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 1087 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 1088 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 1089 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 1090 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 1091 1092 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 1093 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 1094 1095 /* Feature definitions in AT_HWCAP2. */ 1096 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 1097 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 1098 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 1099 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 1100 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 1101 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 1102 QEMU_PPC_FEATURE2_VEC_CRYPTO = 0x02000000, 1103 QEMU_PPC_FEATURE2_HTM_NOSC = 0x01000000, 1104 QEMU_PPC_FEATURE2_ARCH_3_00 = 0x00800000, /* ISA 3.00 */ 1105 QEMU_PPC_FEATURE2_HAS_IEEE128 = 0x00400000, /* VSX IEEE Bin Float 128-bit */ 1106 QEMU_PPC_FEATURE2_DARN = 0x00200000, /* darn random number insn */ 1107 QEMU_PPC_FEATURE2_SCV = 0x00100000, /* scv syscall */ 1108 QEMU_PPC_FEATURE2_HTM_NO_SUSPEND = 0x00080000, /* TM w/o suspended state */ 1109 QEMU_PPC_FEATURE2_ARCH_3_1 = 0x00040000, /* ISA 3.1 */ 1110 QEMU_PPC_FEATURE2_MMA = 0x00020000, /* Matrix-Multiply Assist */ 1111 }; 1112 1113 #define ELF_HWCAP get_elf_hwcap() 1114 get_elf_hwcap(void)1115 static uint32_t get_elf_hwcap(void) 1116 { 1117 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 1118 uint32_t features = 0; 1119 1120 /* We don't have to be terribly complete here; the high points are 1121 Altivec/FP/SPE support. Anything else is just a bonus. */ 1122 #define GET_FEATURE(flag, feature) \ 1123 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 1124 #define GET_FEATURE2(flags, feature) \ 1125 do { \ 1126 if ((cpu->env.insns_flags2 & flags) == flags) { \ 1127 features |= feature; \ 1128 } \ 1129 } while (0) 1130 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 1131 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 1132 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 1133 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 1134 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 1135 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 1136 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 1137 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 1138 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 1139 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 1140 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 1141 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 1142 QEMU_PPC_FEATURE_ARCH_2_06); 1143 #undef GET_FEATURE 1144 #undef GET_FEATURE2 1145 1146 return features; 1147 } 1148 1149 #define ELF_HWCAP2 get_elf_hwcap2() 1150 get_elf_hwcap2(void)1151 static uint32_t get_elf_hwcap2(void) 1152 { 1153 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 1154 uint32_t features = 0; 1155 1156 #define GET_FEATURE(flag, feature) \ 1157 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 1158 #define GET_FEATURE2(flag, feature) \ 1159 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 1160 1161 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 1162 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 1163 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 1164 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07 | 1165 QEMU_PPC_FEATURE2_VEC_CRYPTO); 1166 GET_FEATURE2(PPC2_ISA300, QEMU_PPC_FEATURE2_ARCH_3_00 | 1167 QEMU_PPC_FEATURE2_DARN | QEMU_PPC_FEATURE2_HAS_IEEE128); 1168 GET_FEATURE2(PPC2_ISA310, QEMU_PPC_FEATURE2_ARCH_3_1 | 1169 QEMU_PPC_FEATURE2_MMA); 1170 1171 #undef GET_FEATURE 1172 #undef GET_FEATURE2 1173 1174 return features; 1175 } 1176 1177 /* 1178 * The requirements here are: 1179 * - keep the final alignment of sp (sp & 0xf) 1180 * - make sure the 32-bit value at the first 16 byte aligned position of 1181 * AUXV is greater than 16 for glibc compatibility. 1182 * AT_IGNOREPPC is used for that. 1183 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 1184 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 1185 */ 1186 #define DLINFO_ARCH_ITEMS 5 1187 #define ARCH_DLINFO \ 1188 do { \ 1189 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 1190 /* \ 1191 * Handle glibc compatibility: these magic entries must \ 1192 * be at the lowest addresses in the final auxv. \ 1193 */ \ 1194 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 1195 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 1196 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 1197 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 1198 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 1199 } while (0) 1200 init_thread(struct target_pt_regs * _regs,struct image_info * infop)1201 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 1202 { 1203 _regs->gpr[1] = infop->start_stack; 1204 #if defined(TARGET_PPC64) 1205 if (get_ppc64_abi(infop) < 2) { 1206 uint64_t val; 1207 get_user_u64(val, infop->entry + 8); 1208 _regs->gpr[2] = val + infop->load_bias; 1209 get_user_u64(val, infop->entry); 1210 infop->entry = val + infop->load_bias; 1211 } else { 1212 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 1213 } 1214 #endif 1215 _regs->nip = infop->entry; 1216 } 1217 1218 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 1219 #define ELF_NREG 48 1220 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1221 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUPPCState * env)1222 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 1223 { 1224 int i; 1225 target_ulong ccr = 0; 1226 1227 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 1228 (*regs)[i] = tswapreg(env->gpr[i]); 1229 } 1230 1231 (*regs)[32] = tswapreg(env->nip); 1232 (*regs)[33] = tswapreg(env->msr); 1233 (*regs)[35] = tswapreg(env->ctr); 1234 (*regs)[36] = tswapreg(env->lr); 1235 (*regs)[37] = tswapreg(cpu_read_xer(env)); 1236 1237 ccr = ppc_get_cr(env); 1238 (*regs)[38] = tswapreg(ccr); 1239 } 1240 1241 #define USE_ELF_CORE_DUMP 1242 #define ELF_EXEC_PAGESIZE 4096 1243 1244 #ifndef TARGET_PPC64 1245 # define VDSO_HEADER "vdso-32.c.inc" 1246 #elif TARGET_BIG_ENDIAN 1247 # define VDSO_HEADER "vdso-64.c.inc" 1248 #else 1249 # define VDSO_HEADER "vdso-64le.c.inc" 1250 #endif 1251 1252 #endif 1253 1254 #ifdef TARGET_LOONGARCH64 1255 1256 #define ELF_CLASS ELFCLASS64 1257 #define ELF_ARCH EM_LOONGARCH 1258 #define EXSTACK_DEFAULT true 1259 1260 #define elf_check_arch(x) ((x) == EM_LOONGARCH) 1261 1262 #define VDSO_HEADER "vdso.c.inc" 1263 init_thread(struct target_pt_regs * regs,struct image_info * infop)1264 static inline void init_thread(struct target_pt_regs *regs, 1265 struct image_info *infop) 1266 { 1267 /*Set crmd PG,DA = 1,0 */ 1268 regs->csr.crmd = 2 << 3; 1269 regs->csr.era = infop->entry; 1270 regs->regs[3] = infop->start_stack; 1271 } 1272 1273 /* See linux kernel: arch/loongarch/include/asm/elf.h */ 1274 #define ELF_NREG 45 1275 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1276 1277 enum { 1278 TARGET_EF_R0 = 0, 1279 TARGET_EF_CSR_ERA = TARGET_EF_R0 + 33, 1280 TARGET_EF_CSR_BADV = TARGET_EF_R0 + 34, 1281 }; 1282 elf_core_copy_regs(target_elf_gregset_t * regs,const CPULoongArchState * env)1283 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1284 const CPULoongArchState *env) 1285 { 1286 int i; 1287 1288 (*regs)[TARGET_EF_R0] = 0; 1289 1290 for (i = 1; i < ARRAY_SIZE(env->gpr); i++) { 1291 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->gpr[i]); 1292 } 1293 1294 (*regs)[TARGET_EF_CSR_ERA] = tswapreg(env->pc); 1295 (*regs)[TARGET_EF_CSR_BADV] = tswapreg(env->CSR_BADV); 1296 } 1297 1298 #define USE_ELF_CORE_DUMP 1299 #define ELF_EXEC_PAGESIZE 4096 1300 1301 #define ELF_HWCAP get_elf_hwcap() 1302 1303 /* See arch/loongarch/include/uapi/asm/hwcap.h */ 1304 enum { 1305 HWCAP_LOONGARCH_CPUCFG = (1 << 0), 1306 HWCAP_LOONGARCH_LAM = (1 << 1), 1307 HWCAP_LOONGARCH_UAL = (1 << 2), 1308 HWCAP_LOONGARCH_FPU = (1 << 3), 1309 HWCAP_LOONGARCH_LSX = (1 << 4), 1310 HWCAP_LOONGARCH_LASX = (1 << 5), 1311 HWCAP_LOONGARCH_CRC32 = (1 << 6), 1312 HWCAP_LOONGARCH_COMPLEX = (1 << 7), 1313 HWCAP_LOONGARCH_CRYPTO = (1 << 8), 1314 HWCAP_LOONGARCH_LVZ = (1 << 9), 1315 HWCAP_LOONGARCH_LBT_X86 = (1 << 10), 1316 HWCAP_LOONGARCH_LBT_ARM = (1 << 11), 1317 HWCAP_LOONGARCH_LBT_MIPS = (1 << 12), 1318 }; 1319 get_elf_hwcap(void)1320 static uint32_t get_elf_hwcap(void) 1321 { 1322 LoongArchCPU *cpu = LOONGARCH_CPU(thread_cpu); 1323 uint32_t hwcaps = 0; 1324 1325 hwcaps |= HWCAP_LOONGARCH_CRC32; 1326 1327 if (FIELD_EX32(cpu->env.cpucfg[1], CPUCFG1, UAL)) { 1328 hwcaps |= HWCAP_LOONGARCH_UAL; 1329 } 1330 1331 if (FIELD_EX32(cpu->env.cpucfg[2], CPUCFG2, FP)) { 1332 hwcaps |= HWCAP_LOONGARCH_FPU; 1333 } 1334 1335 if (FIELD_EX32(cpu->env.cpucfg[2], CPUCFG2, LAM)) { 1336 hwcaps |= HWCAP_LOONGARCH_LAM; 1337 } 1338 1339 if (FIELD_EX32(cpu->env.cpucfg[2], CPUCFG2, LSX)) { 1340 hwcaps |= HWCAP_LOONGARCH_LSX; 1341 } 1342 1343 if (FIELD_EX32(cpu->env.cpucfg[2], CPUCFG2, LASX)) { 1344 hwcaps |= HWCAP_LOONGARCH_LASX; 1345 } 1346 1347 return hwcaps; 1348 } 1349 1350 #define ELF_PLATFORM "loongarch" 1351 1352 #endif /* TARGET_LOONGARCH64 */ 1353 1354 #ifdef TARGET_MIPS 1355 1356 #ifdef TARGET_MIPS64 1357 #define ELF_CLASS ELFCLASS64 1358 #else 1359 #define ELF_CLASS ELFCLASS32 1360 #endif 1361 #define ELF_ARCH EM_MIPS 1362 #define EXSTACK_DEFAULT true 1363 1364 #ifdef TARGET_ABI_MIPSN32 1365 #define elf_check_abi(x) ((x) & EF_MIPS_ABI2) 1366 #else 1367 #define elf_check_abi(x) (!((x) & EF_MIPS_ABI2)) 1368 #endif 1369 1370 #define ELF_BASE_PLATFORM get_elf_base_platform() 1371 1372 #define MATCH_PLATFORM_INSN(_flags, _base_platform) \ 1373 do { if ((cpu->env.insn_flags & (_flags)) == _flags) \ 1374 { return _base_platform; } } while (0) 1375 get_elf_base_platform(void)1376 static const char *get_elf_base_platform(void) 1377 { 1378 MIPSCPU *cpu = MIPS_CPU(thread_cpu); 1379 1380 /* 64 bit ISAs goes first */ 1381 MATCH_PLATFORM_INSN(CPU_MIPS64R6, "mips64r6"); 1382 MATCH_PLATFORM_INSN(CPU_MIPS64R5, "mips64r5"); 1383 MATCH_PLATFORM_INSN(CPU_MIPS64R2, "mips64r2"); 1384 MATCH_PLATFORM_INSN(CPU_MIPS64R1, "mips64"); 1385 MATCH_PLATFORM_INSN(CPU_MIPS5, "mips5"); 1386 MATCH_PLATFORM_INSN(CPU_MIPS4, "mips4"); 1387 MATCH_PLATFORM_INSN(CPU_MIPS3, "mips3"); 1388 1389 /* 32 bit ISAs */ 1390 MATCH_PLATFORM_INSN(CPU_MIPS32R6, "mips32r6"); 1391 MATCH_PLATFORM_INSN(CPU_MIPS32R5, "mips32r5"); 1392 MATCH_PLATFORM_INSN(CPU_MIPS32R2, "mips32r2"); 1393 MATCH_PLATFORM_INSN(CPU_MIPS32R1, "mips32"); 1394 MATCH_PLATFORM_INSN(CPU_MIPS2, "mips2"); 1395 1396 /* Fallback */ 1397 return "mips"; 1398 } 1399 #undef MATCH_PLATFORM_INSN 1400 init_thread(struct target_pt_regs * regs,struct image_info * infop)1401 static inline void init_thread(struct target_pt_regs *regs, 1402 struct image_info *infop) 1403 { 1404 regs->cp0_status = 2 << CP0St_KSU; 1405 regs->cp0_epc = infop->entry; 1406 regs->regs[29] = infop->start_stack; 1407 } 1408 1409 /* See linux kernel: arch/mips/include/asm/elf.h. */ 1410 #define ELF_NREG 45 1411 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1412 1413 /* See linux kernel: arch/mips/include/asm/reg.h. */ 1414 enum { 1415 #ifdef TARGET_MIPS64 1416 TARGET_EF_R0 = 0, 1417 #else 1418 TARGET_EF_R0 = 6, 1419 #endif 1420 TARGET_EF_R26 = TARGET_EF_R0 + 26, 1421 TARGET_EF_R27 = TARGET_EF_R0 + 27, 1422 TARGET_EF_LO = TARGET_EF_R0 + 32, 1423 TARGET_EF_HI = TARGET_EF_R0 + 33, 1424 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 1425 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 1426 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 1427 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 1428 }; 1429 1430 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ elf_core_copy_regs(target_elf_gregset_t * regs,const CPUMIPSState * env)1431 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 1432 { 1433 int i; 1434 1435 for (i = 0; i < TARGET_EF_R0; i++) { 1436 (*regs)[i] = 0; 1437 } 1438 (*regs)[TARGET_EF_R0] = 0; 1439 1440 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 1441 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 1442 } 1443 1444 (*regs)[TARGET_EF_R26] = 0; 1445 (*regs)[TARGET_EF_R27] = 0; 1446 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 1447 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 1448 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 1449 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 1450 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 1451 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 1452 } 1453 1454 #define USE_ELF_CORE_DUMP 1455 #define ELF_EXEC_PAGESIZE 4096 1456 1457 /* See arch/mips/include/uapi/asm/hwcap.h. */ 1458 enum { 1459 HWCAP_MIPS_R6 = (1 << 0), 1460 HWCAP_MIPS_MSA = (1 << 1), 1461 HWCAP_MIPS_CRC32 = (1 << 2), 1462 HWCAP_MIPS_MIPS16 = (1 << 3), 1463 HWCAP_MIPS_MDMX = (1 << 4), 1464 HWCAP_MIPS_MIPS3D = (1 << 5), 1465 HWCAP_MIPS_SMARTMIPS = (1 << 6), 1466 HWCAP_MIPS_DSP = (1 << 7), 1467 HWCAP_MIPS_DSP2 = (1 << 8), 1468 HWCAP_MIPS_DSP3 = (1 << 9), 1469 HWCAP_MIPS_MIPS16E2 = (1 << 10), 1470 HWCAP_LOONGSON_MMI = (1 << 11), 1471 HWCAP_LOONGSON_EXT = (1 << 12), 1472 HWCAP_LOONGSON_EXT2 = (1 << 13), 1473 HWCAP_LOONGSON_CPUCFG = (1 << 14), 1474 }; 1475 1476 #define ELF_HWCAP get_elf_hwcap() 1477 1478 #define GET_FEATURE_INSN(_flag, _hwcap) \ 1479 do { if (cpu->env.insn_flags & (_flag)) { hwcaps |= _hwcap; } } while (0) 1480 1481 #define GET_FEATURE_REG_SET(_reg, _mask, _hwcap) \ 1482 do { if (cpu->env._reg & (_mask)) { hwcaps |= _hwcap; } } while (0) 1483 1484 #define GET_FEATURE_REG_EQU(_reg, _start, _length, _val, _hwcap) \ 1485 do { \ 1486 if (extract32(cpu->env._reg, (_start), (_length)) == (_val)) { \ 1487 hwcaps |= _hwcap; \ 1488 } \ 1489 } while (0) 1490 get_elf_hwcap(void)1491 static uint32_t get_elf_hwcap(void) 1492 { 1493 MIPSCPU *cpu = MIPS_CPU(thread_cpu); 1494 uint32_t hwcaps = 0; 1495 1496 GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, CP0C0_AR_LENGTH, 1497 2, HWCAP_MIPS_R6); 1498 GET_FEATURE_REG_SET(CP0_Config3, 1 << CP0C3_MSAP, HWCAP_MIPS_MSA); 1499 GET_FEATURE_INSN(ASE_LMMI, HWCAP_LOONGSON_MMI); 1500 GET_FEATURE_INSN(ASE_LEXT, HWCAP_LOONGSON_EXT); 1501 1502 return hwcaps; 1503 } 1504 1505 #undef GET_FEATURE_REG_EQU 1506 #undef GET_FEATURE_REG_SET 1507 #undef GET_FEATURE_INSN 1508 1509 #endif /* TARGET_MIPS */ 1510 1511 #ifdef TARGET_MICROBLAZE 1512 1513 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 1514 1515 #define ELF_CLASS ELFCLASS32 1516 #define ELF_ARCH EM_MICROBLAZE 1517 init_thread(struct target_pt_regs * regs,struct image_info * infop)1518 static inline void init_thread(struct target_pt_regs *regs, 1519 struct image_info *infop) 1520 { 1521 regs->pc = infop->entry; 1522 regs->r1 = infop->start_stack; 1523 1524 } 1525 1526 #define ELF_EXEC_PAGESIZE 4096 1527 1528 #define USE_ELF_CORE_DUMP 1529 #define ELF_NREG 38 1530 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1531 1532 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ elf_core_copy_regs(target_elf_gregset_t * regs,const CPUMBState * env)1533 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 1534 { 1535 int i, pos = 0; 1536 1537 for (i = 0; i < 32; i++) { 1538 (*regs)[pos++] = tswapreg(env->regs[i]); 1539 } 1540 1541 (*regs)[pos++] = tswapreg(env->pc); 1542 (*regs)[pos++] = tswapreg(mb_cpu_read_msr(env)); 1543 (*regs)[pos++] = 0; 1544 (*regs)[pos++] = tswapreg(env->ear); 1545 (*regs)[pos++] = 0; 1546 (*regs)[pos++] = tswapreg(env->esr); 1547 } 1548 1549 #endif /* TARGET_MICROBLAZE */ 1550 1551 #ifdef TARGET_OPENRISC 1552 1553 #define ELF_ARCH EM_OPENRISC 1554 #define ELF_CLASS ELFCLASS32 1555 #define ELF_DATA ELFDATA2MSB 1556 init_thread(struct target_pt_regs * regs,struct image_info * infop)1557 static inline void init_thread(struct target_pt_regs *regs, 1558 struct image_info *infop) 1559 { 1560 regs->pc = infop->entry; 1561 regs->gpr[1] = infop->start_stack; 1562 } 1563 1564 #define USE_ELF_CORE_DUMP 1565 #define ELF_EXEC_PAGESIZE 8192 1566 1567 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 1568 #define ELF_NREG 34 /* gprs and pc, sr */ 1569 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1570 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUOpenRISCState * env)1571 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1572 const CPUOpenRISCState *env) 1573 { 1574 int i; 1575 1576 for (i = 0; i < 32; i++) { 1577 (*regs)[i] = tswapreg(cpu_get_gpr(env, i)); 1578 } 1579 (*regs)[32] = tswapreg(env->pc); 1580 (*regs)[33] = tswapreg(cpu_get_sr(env)); 1581 } 1582 #define ELF_HWCAP 0 1583 #define ELF_PLATFORM NULL 1584 1585 #endif /* TARGET_OPENRISC */ 1586 1587 #ifdef TARGET_SH4 1588 1589 #define ELF_CLASS ELFCLASS32 1590 #define ELF_ARCH EM_SH 1591 init_thread(struct target_pt_regs * regs,struct image_info * infop)1592 static inline void init_thread(struct target_pt_regs *regs, 1593 struct image_info *infop) 1594 { 1595 /* Check other registers XXXXX */ 1596 regs->pc = infop->entry; 1597 regs->regs[15] = infop->start_stack; 1598 } 1599 1600 /* See linux kernel: arch/sh/include/asm/elf.h. */ 1601 #define ELF_NREG 23 1602 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1603 1604 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1605 enum { 1606 TARGET_REG_PC = 16, 1607 TARGET_REG_PR = 17, 1608 TARGET_REG_SR = 18, 1609 TARGET_REG_GBR = 19, 1610 TARGET_REG_MACH = 20, 1611 TARGET_REG_MACL = 21, 1612 TARGET_REG_SYSCALL = 22 1613 }; 1614 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUSH4State * env)1615 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1616 const CPUSH4State *env) 1617 { 1618 int i; 1619 1620 for (i = 0; i < 16; i++) { 1621 (*regs)[i] = tswapreg(env->gregs[i]); 1622 } 1623 1624 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1625 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1626 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1627 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1628 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1629 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1630 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1631 } 1632 1633 #define USE_ELF_CORE_DUMP 1634 #define ELF_EXEC_PAGESIZE 4096 1635 1636 enum { 1637 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1638 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1639 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1640 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1641 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1642 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1643 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1644 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1645 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1646 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1647 }; 1648 1649 #define ELF_HWCAP get_elf_hwcap() 1650 get_elf_hwcap(void)1651 static uint32_t get_elf_hwcap(void) 1652 { 1653 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1654 uint32_t hwcap = 0; 1655 1656 hwcap |= SH_CPU_HAS_FPU; 1657 1658 if (cpu->env.features & SH_FEATURE_SH4A) { 1659 hwcap |= SH_CPU_HAS_LLSC; 1660 } 1661 1662 return hwcap; 1663 } 1664 1665 #endif 1666 1667 #ifdef TARGET_M68K 1668 1669 #define ELF_CLASS ELFCLASS32 1670 #define ELF_ARCH EM_68K 1671 1672 /* ??? Does this need to do anything? 1673 #define ELF_PLAT_INIT(_r) */ 1674 init_thread(struct target_pt_regs * regs,struct image_info * infop)1675 static inline void init_thread(struct target_pt_regs *regs, 1676 struct image_info *infop) 1677 { 1678 regs->usp = infop->start_stack; 1679 regs->sr = 0; 1680 regs->pc = infop->entry; 1681 } 1682 1683 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1684 #define ELF_NREG 20 1685 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1686 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUM68KState * env)1687 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1688 { 1689 (*regs)[0] = tswapreg(env->dregs[1]); 1690 (*regs)[1] = tswapreg(env->dregs[2]); 1691 (*regs)[2] = tswapreg(env->dregs[3]); 1692 (*regs)[3] = tswapreg(env->dregs[4]); 1693 (*regs)[4] = tswapreg(env->dregs[5]); 1694 (*regs)[5] = tswapreg(env->dregs[6]); 1695 (*regs)[6] = tswapreg(env->dregs[7]); 1696 (*regs)[7] = tswapreg(env->aregs[0]); 1697 (*regs)[8] = tswapreg(env->aregs[1]); 1698 (*regs)[9] = tswapreg(env->aregs[2]); 1699 (*regs)[10] = tswapreg(env->aregs[3]); 1700 (*regs)[11] = tswapreg(env->aregs[4]); 1701 (*regs)[12] = tswapreg(env->aregs[5]); 1702 (*regs)[13] = tswapreg(env->aregs[6]); 1703 (*regs)[14] = tswapreg(env->dregs[0]); 1704 (*regs)[15] = tswapreg(env->aregs[7]); 1705 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1706 (*regs)[17] = tswapreg(env->sr); 1707 (*regs)[18] = tswapreg(env->pc); 1708 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1709 } 1710 1711 #define USE_ELF_CORE_DUMP 1712 #define ELF_EXEC_PAGESIZE 8192 1713 1714 #endif 1715 1716 #ifdef TARGET_ALPHA 1717 1718 #define ELF_CLASS ELFCLASS64 1719 #define ELF_ARCH EM_ALPHA 1720 init_thread(struct target_pt_regs * regs,struct image_info * infop)1721 static inline void init_thread(struct target_pt_regs *regs, 1722 struct image_info *infop) 1723 { 1724 regs->pc = infop->entry; 1725 regs->ps = 8; 1726 regs->usp = infop->start_stack; 1727 } 1728 1729 #define ELF_EXEC_PAGESIZE 8192 1730 1731 #endif /* TARGET_ALPHA */ 1732 1733 #ifdef TARGET_S390X 1734 1735 #define ELF_CLASS ELFCLASS64 1736 #define ELF_DATA ELFDATA2MSB 1737 #define ELF_ARCH EM_S390 1738 1739 #include "elf.h" 1740 1741 #define ELF_HWCAP get_elf_hwcap() 1742 1743 #define GET_FEATURE(_feat, _hwcap) \ 1744 do { if (s390_has_feat(_feat)) { hwcap |= _hwcap; } } while (0) 1745 get_elf_hwcap(void)1746 uint32_t get_elf_hwcap(void) 1747 { 1748 /* 1749 * Let's assume we always have esan3 and zarch. 1750 * 31-bit processes can use 64-bit registers (high gprs). 1751 */ 1752 uint32_t hwcap = HWCAP_S390_ESAN3 | HWCAP_S390_ZARCH | HWCAP_S390_HIGH_GPRS; 1753 1754 GET_FEATURE(S390_FEAT_STFLE, HWCAP_S390_STFLE); 1755 GET_FEATURE(S390_FEAT_MSA, HWCAP_S390_MSA); 1756 GET_FEATURE(S390_FEAT_LONG_DISPLACEMENT, HWCAP_S390_LDISP); 1757 GET_FEATURE(S390_FEAT_EXTENDED_IMMEDIATE, HWCAP_S390_EIMM); 1758 if (s390_has_feat(S390_FEAT_EXTENDED_TRANSLATION_3) && 1759 s390_has_feat(S390_FEAT_ETF3_ENH)) { 1760 hwcap |= HWCAP_S390_ETF3EH; 1761 } 1762 GET_FEATURE(S390_FEAT_VECTOR, HWCAP_S390_VXRS); 1763 GET_FEATURE(S390_FEAT_VECTOR_ENH, HWCAP_S390_VXRS_EXT); 1764 GET_FEATURE(S390_FEAT_VECTOR_ENH2, HWCAP_S390_VXRS_EXT2); 1765 1766 return hwcap; 1767 } 1768 elf_hwcap_str(uint32_t bit)1769 const char *elf_hwcap_str(uint32_t bit) 1770 { 1771 static const char *hwcap_str[] = { 1772 [HWCAP_S390_NR_ESAN3] = "esan3", 1773 [HWCAP_S390_NR_ZARCH] = "zarch", 1774 [HWCAP_S390_NR_STFLE] = "stfle", 1775 [HWCAP_S390_NR_MSA] = "msa", 1776 [HWCAP_S390_NR_LDISP] = "ldisp", 1777 [HWCAP_S390_NR_EIMM] = "eimm", 1778 [HWCAP_S390_NR_DFP] = "dfp", 1779 [HWCAP_S390_NR_HPAGE] = "edat", 1780 [HWCAP_S390_NR_ETF3EH] = "etf3eh", 1781 [HWCAP_S390_NR_HIGH_GPRS] = "highgprs", 1782 [HWCAP_S390_NR_TE] = "te", 1783 [HWCAP_S390_NR_VXRS] = "vx", 1784 [HWCAP_S390_NR_VXRS_BCD] = "vxd", 1785 [HWCAP_S390_NR_VXRS_EXT] = "vxe", 1786 [HWCAP_S390_NR_GS] = "gs", 1787 [HWCAP_S390_NR_VXRS_EXT2] = "vxe2", 1788 [HWCAP_S390_NR_VXRS_PDE] = "vxp", 1789 [HWCAP_S390_NR_SORT] = "sort", 1790 [HWCAP_S390_NR_DFLT] = "dflt", 1791 [HWCAP_S390_NR_NNPA] = "nnpa", 1792 [HWCAP_S390_NR_PCI_MIO] = "pcimio", 1793 [HWCAP_S390_NR_SIE] = "sie", 1794 }; 1795 1796 return bit < ARRAY_SIZE(hwcap_str) ? hwcap_str[bit] : NULL; 1797 } 1798 init_thread(struct target_pt_regs * regs,struct image_info * infop)1799 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1800 { 1801 regs->psw.addr = infop->entry; 1802 regs->psw.mask = PSW_MASK_DAT | PSW_MASK_IO | PSW_MASK_EXT | \ 1803 PSW_MASK_MCHECK | PSW_MASK_PSTATE | PSW_MASK_64 | \ 1804 PSW_MASK_32; 1805 regs->gprs[15] = infop->start_stack; 1806 } 1807 1808 /* See linux kernel: arch/s390/include/uapi/asm/ptrace.h (s390_regs). */ 1809 #define ELF_NREG 27 1810 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1811 1812 enum { 1813 TARGET_REG_PSWM = 0, 1814 TARGET_REG_PSWA = 1, 1815 TARGET_REG_GPRS = 2, 1816 TARGET_REG_ARS = 18, 1817 TARGET_REG_ORIG_R2 = 26, 1818 }; 1819 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUS390XState * env)1820 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1821 const CPUS390XState *env) 1822 { 1823 int i; 1824 uint32_t *aregs; 1825 1826 (*regs)[TARGET_REG_PSWM] = tswapreg(env->psw.mask); 1827 (*regs)[TARGET_REG_PSWA] = tswapreg(env->psw.addr); 1828 for (i = 0; i < 16; i++) { 1829 (*regs)[TARGET_REG_GPRS + i] = tswapreg(env->regs[i]); 1830 } 1831 aregs = (uint32_t *)&((*regs)[TARGET_REG_ARS]); 1832 for (i = 0; i < 16; i++) { 1833 aregs[i] = tswap32(env->aregs[i]); 1834 } 1835 (*regs)[TARGET_REG_ORIG_R2] = 0; 1836 } 1837 1838 #define USE_ELF_CORE_DUMP 1839 #define ELF_EXEC_PAGESIZE 4096 1840 1841 #define VDSO_HEADER "vdso.c.inc" 1842 1843 #endif /* TARGET_S390X */ 1844 1845 #ifdef TARGET_RISCV 1846 1847 #define ELF_ARCH EM_RISCV 1848 1849 #ifdef TARGET_RISCV32 1850 #define ELF_CLASS ELFCLASS32 1851 #define VDSO_HEADER "vdso-32.c.inc" 1852 #else 1853 #define ELF_CLASS ELFCLASS64 1854 #define VDSO_HEADER "vdso-64.c.inc" 1855 #endif 1856 1857 #define ELF_HWCAP get_elf_hwcap() 1858 get_elf_hwcap(void)1859 static uint32_t get_elf_hwcap(void) 1860 { 1861 #define MISA_BIT(EXT) (1 << (EXT - 'A')) 1862 RISCVCPU *cpu = RISCV_CPU(thread_cpu); 1863 uint32_t mask = MISA_BIT('I') | MISA_BIT('M') | MISA_BIT('A') 1864 | MISA_BIT('F') | MISA_BIT('D') | MISA_BIT('C') 1865 | MISA_BIT('V'); 1866 1867 return cpu->env.misa_ext & mask; 1868 #undef MISA_BIT 1869 } 1870 init_thread(struct target_pt_regs * regs,struct image_info * infop)1871 static inline void init_thread(struct target_pt_regs *regs, 1872 struct image_info *infop) 1873 { 1874 regs->sepc = infop->entry; 1875 regs->sp = infop->start_stack; 1876 } 1877 1878 #define ELF_EXEC_PAGESIZE 4096 1879 1880 #endif /* TARGET_RISCV */ 1881 1882 #ifdef TARGET_HPPA 1883 1884 #define ELF_CLASS ELFCLASS32 1885 #define ELF_ARCH EM_PARISC 1886 #define ELF_PLATFORM "PARISC" 1887 #define STACK_GROWS_DOWN 0 1888 #define STACK_ALIGNMENT 64 1889 1890 #define VDSO_HEADER "vdso.c.inc" 1891 init_thread(struct target_pt_regs * regs,struct image_info * infop)1892 static inline void init_thread(struct target_pt_regs *regs, 1893 struct image_info *infop) 1894 { 1895 regs->iaoq[0] = infop->entry | PRIV_USER; 1896 regs->iaoq[1] = regs->iaoq[0] + 4; 1897 regs->gr[23] = 0; 1898 regs->gr[24] = infop->argv; 1899 regs->gr[25] = infop->argc; 1900 /* The top-of-stack contains a linkage buffer. */ 1901 regs->gr[30] = infop->start_stack + 64; 1902 regs->gr[31] = infop->entry; 1903 } 1904 1905 #define LO_COMMPAGE 0 1906 init_guest_commpage(void)1907 static bool init_guest_commpage(void) 1908 { 1909 /* If reserved_va, then we have already mapped 0 page on the host. */ 1910 if (!reserved_va) { 1911 void *want, *addr; 1912 1913 want = g2h_untagged(LO_COMMPAGE); 1914 addr = mmap(want, TARGET_PAGE_SIZE, PROT_NONE, 1915 MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED_NOREPLACE, -1, 0); 1916 if (addr == MAP_FAILED) { 1917 perror("Allocating guest commpage"); 1918 exit(EXIT_FAILURE); 1919 } 1920 if (addr != want) { 1921 return false; 1922 } 1923 } 1924 1925 /* 1926 * On Linux, page zero is normally marked execute only + gateway. 1927 * Normal read or write is supposed to fail (thus PROT_NONE above), 1928 * but specific offsets have kernel code mapped to raise permissions 1929 * and implement syscalls. Here, simply mark the page executable. 1930 * Special case the entry points during translation (see do_page_zero). 1931 */ 1932 page_set_flags(LO_COMMPAGE, LO_COMMPAGE | ~TARGET_PAGE_MASK, 1933 PAGE_EXEC | PAGE_VALID); 1934 return true; 1935 } 1936 1937 #endif /* TARGET_HPPA */ 1938 1939 #ifdef TARGET_XTENSA 1940 1941 #define ELF_CLASS ELFCLASS32 1942 #define ELF_ARCH EM_XTENSA 1943 init_thread(struct target_pt_regs * regs,struct image_info * infop)1944 static inline void init_thread(struct target_pt_regs *regs, 1945 struct image_info *infop) 1946 { 1947 regs->windowbase = 0; 1948 regs->windowstart = 1; 1949 regs->areg[1] = infop->start_stack; 1950 regs->pc = infop->entry; 1951 if (info_is_fdpic(infop)) { 1952 regs->areg[4] = infop->loadmap_addr; 1953 regs->areg[5] = infop->interpreter_loadmap_addr; 1954 if (infop->interpreter_loadmap_addr) { 1955 regs->areg[6] = infop->interpreter_pt_dynamic_addr; 1956 } else { 1957 regs->areg[6] = infop->pt_dynamic_addr; 1958 } 1959 } 1960 } 1961 1962 /* See linux kernel: arch/xtensa/include/asm/elf.h. */ 1963 #define ELF_NREG 128 1964 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1965 1966 enum { 1967 TARGET_REG_PC, 1968 TARGET_REG_PS, 1969 TARGET_REG_LBEG, 1970 TARGET_REG_LEND, 1971 TARGET_REG_LCOUNT, 1972 TARGET_REG_SAR, 1973 TARGET_REG_WINDOWSTART, 1974 TARGET_REG_WINDOWBASE, 1975 TARGET_REG_THREADPTR, 1976 TARGET_REG_AR0 = 64, 1977 }; 1978 elf_core_copy_regs(target_elf_gregset_t * regs,const CPUXtensaState * env)1979 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1980 const CPUXtensaState *env) 1981 { 1982 unsigned i; 1983 1984 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1985 (*regs)[TARGET_REG_PS] = tswapreg(env->sregs[PS] & ~PS_EXCM); 1986 (*regs)[TARGET_REG_LBEG] = tswapreg(env->sregs[LBEG]); 1987 (*regs)[TARGET_REG_LEND] = tswapreg(env->sregs[LEND]); 1988 (*regs)[TARGET_REG_LCOUNT] = tswapreg(env->sregs[LCOUNT]); 1989 (*regs)[TARGET_REG_SAR] = tswapreg(env->sregs[SAR]); 1990 (*regs)[TARGET_REG_WINDOWSTART] = tswapreg(env->sregs[WINDOW_START]); 1991 (*regs)[TARGET_REG_WINDOWBASE] = tswapreg(env->sregs[WINDOW_BASE]); 1992 (*regs)[TARGET_REG_THREADPTR] = tswapreg(env->uregs[THREADPTR]); 1993 xtensa_sync_phys_from_window((CPUXtensaState *)env); 1994 for (i = 0; i < env->config->nareg; ++i) { 1995 (*regs)[TARGET_REG_AR0 + i] = tswapreg(env->phys_regs[i]); 1996 } 1997 } 1998 1999 #define USE_ELF_CORE_DUMP 2000 #define ELF_EXEC_PAGESIZE 4096 2001 2002 #endif /* TARGET_XTENSA */ 2003 2004 #ifdef TARGET_HEXAGON 2005 2006 #define ELF_CLASS ELFCLASS32 2007 #define ELF_ARCH EM_HEXAGON 2008 init_thread(struct target_pt_regs * regs,struct image_info * infop)2009 static inline void init_thread(struct target_pt_regs *regs, 2010 struct image_info *infop) 2011 { 2012 regs->sepc = infop->entry; 2013 regs->sp = infop->start_stack; 2014 } 2015 2016 #endif /* TARGET_HEXAGON */ 2017 2018 #ifndef ELF_BASE_PLATFORM 2019 #define ELF_BASE_PLATFORM (NULL) 2020 #endif 2021 2022 #ifndef ELF_PLATFORM 2023 #define ELF_PLATFORM (NULL) 2024 #endif 2025 2026 #ifndef ELF_MACHINE 2027 #define ELF_MACHINE ELF_ARCH 2028 #endif 2029 2030 #ifndef elf_check_arch 2031 #define elf_check_arch(x) ((x) == ELF_ARCH) 2032 #endif 2033 2034 #ifndef elf_check_abi 2035 #define elf_check_abi(x) (1) 2036 #endif 2037 2038 #ifndef ELF_HWCAP 2039 #define ELF_HWCAP 0 2040 #endif 2041 2042 #ifndef STACK_GROWS_DOWN 2043 #define STACK_GROWS_DOWN 1 2044 #endif 2045 2046 #ifndef STACK_ALIGNMENT 2047 #define STACK_ALIGNMENT 16 2048 #endif 2049 2050 #ifdef TARGET_ABI32 2051 #undef ELF_CLASS 2052 #define ELF_CLASS ELFCLASS32 2053 #undef bswaptls 2054 #define bswaptls(ptr) bswap32s(ptr) 2055 #endif 2056 2057 #ifndef EXSTACK_DEFAULT 2058 #define EXSTACK_DEFAULT false 2059 #endif 2060 2061 #include "elf.h" 2062 2063 /* We must delay the following stanzas until after "elf.h". */ 2064 #if defined(TARGET_AARCH64) 2065 arch_parse_elf_property(uint32_t pr_type,uint32_t pr_datasz,const uint32_t * data,struct image_info * info,Error ** errp)2066 static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 2067 const uint32_t *data, 2068 struct image_info *info, 2069 Error **errp) 2070 { 2071 if (pr_type == GNU_PROPERTY_AARCH64_FEATURE_1_AND) { 2072 if (pr_datasz != sizeof(uint32_t)) { 2073 error_setg(errp, "Ill-formed GNU_PROPERTY_AARCH64_FEATURE_1_AND"); 2074 return false; 2075 } 2076 /* We will extract GNU_PROPERTY_AARCH64_FEATURE_1_BTI later. */ 2077 info->note_flags = *data; 2078 } 2079 return true; 2080 } 2081 #define ARCH_USE_GNU_PROPERTY 1 2082 2083 #else 2084 arch_parse_elf_property(uint32_t pr_type,uint32_t pr_datasz,const uint32_t * data,struct image_info * info,Error ** errp)2085 static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 2086 const uint32_t *data, 2087 struct image_info *info, 2088 Error **errp) 2089 { 2090 g_assert_not_reached(); 2091 } 2092 #define ARCH_USE_GNU_PROPERTY 0 2093 2094 #endif 2095 2096 struct exec 2097 { 2098 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 2099 unsigned int a_text; /* length of text, in bytes */ 2100 unsigned int a_data; /* length of data, in bytes */ 2101 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 2102 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 2103 unsigned int a_entry; /* start address */ 2104 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 2105 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 2106 }; 2107 2108 2109 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 2110 #define OMAGIC 0407 2111 #define NMAGIC 0410 2112 #define ZMAGIC 0413 2113 #define QMAGIC 0314 2114 2115 #define DLINFO_ITEMS 16 2116 memcpy_fromfs(void * to,const void * from,unsigned long n)2117 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 2118 { 2119 memcpy(to, from, n); 2120 } 2121 2122 #ifdef BSWAP_NEEDED bswap_ehdr(struct elfhdr * ehdr)2123 static void bswap_ehdr(struct elfhdr *ehdr) 2124 { 2125 bswap16s(&ehdr->e_type); /* Object file type */ 2126 bswap16s(&ehdr->e_machine); /* Architecture */ 2127 bswap32s(&ehdr->e_version); /* Object file version */ 2128 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 2129 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 2130 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 2131 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 2132 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 2133 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 2134 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 2135 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 2136 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 2137 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 2138 } 2139 bswap_phdr(struct elf_phdr * phdr,int phnum)2140 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 2141 { 2142 int i; 2143 for (i = 0; i < phnum; ++i, ++phdr) { 2144 bswap32s(&phdr->p_type); /* Segment type */ 2145 bswap32s(&phdr->p_flags); /* Segment flags */ 2146 bswaptls(&phdr->p_offset); /* Segment file offset */ 2147 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 2148 bswaptls(&phdr->p_paddr); /* Segment physical address */ 2149 bswaptls(&phdr->p_filesz); /* Segment size in file */ 2150 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 2151 bswaptls(&phdr->p_align); /* Segment alignment */ 2152 } 2153 } 2154 bswap_shdr(struct elf_shdr * shdr,int shnum)2155 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 2156 { 2157 int i; 2158 for (i = 0; i < shnum; ++i, ++shdr) { 2159 bswap32s(&shdr->sh_name); 2160 bswap32s(&shdr->sh_type); 2161 bswaptls(&shdr->sh_flags); 2162 bswaptls(&shdr->sh_addr); 2163 bswaptls(&shdr->sh_offset); 2164 bswaptls(&shdr->sh_size); 2165 bswap32s(&shdr->sh_link); 2166 bswap32s(&shdr->sh_info); 2167 bswaptls(&shdr->sh_addralign); 2168 bswaptls(&shdr->sh_entsize); 2169 } 2170 } 2171 bswap_sym(struct elf_sym * sym)2172 static void bswap_sym(struct elf_sym *sym) 2173 { 2174 bswap32s(&sym->st_name); 2175 bswaptls(&sym->st_value); 2176 bswaptls(&sym->st_size); 2177 bswap16s(&sym->st_shndx); 2178 } 2179 2180 #ifdef TARGET_MIPS bswap_mips_abiflags(Mips_elf_abiflags_v0 * abiflags)2181 static void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) 2182 { 2183 bswap16s(&abiflags->version); 2184 bswap32s(&abiflags->ases); 2185 bswap32s(&abiflags->isa_ext); 2186 bswap32s(&abiflags->flags1); 2187 bswap32s(&abiflags->flags2); 2188 } 2189 #endif 2190 #else bswap_ehdr(struct elfhdr * ehdr)2191 static inline void bswap_ehdr(struct elfhdr *ehdr) { } bswap_phdr(struct elf_phdr * phdr,int phnum)2192 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } bswap_shdr(struct elf_shdr * shdr,int shnum)2193 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } bswap_sym(struct elf_sym * sym)2194 static inline void bswap_sym(struct elf_sym *sym) { } 2195 #ifdef TARGET_MIPS bswap_mips_abiflags(Mips_elf_abiflags_v0 * abiflags)2196 static inline void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) { } 2197 #endif 2198 #endif 2199 2200 #ifdef USE_ELF_CORE_DUMP 2201 static int elf_core_dump(int, const CPUArchState *); 2202 #endif /* USE_ELF_CORE_DUMP */ 2203 static void load_symbols(struct elfhdr *hdr, const ImageSource *src, 2204 abi_ulong load_bias); 2205 2206 /* Verify the portions of EHDR within E_IDENT for the target. 2207 This can be performed before bswapping the entire header. */ elf_check_ident(struct elfhdr * ehdr)2208 static bool elf_check_ident(struct elfhdr *ehdr) 2209 { 2210 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 2211 && ehdr->e_ident[EI_MAG1] == ELFMAG1 2212 && ehdr->e_ident[EI_MAG2] == ELFMAG2 2213 && ehdr->e_ident[EI_MAG3] == ELFMAG3 2214 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 2215 && ehdr->e_ident[EI_DATA] == ELF_DATA 2216 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 2217 } 2218 2219 /* Verify the portions of EHDR outside of E_IDENT for the target. 2220 This has to wait until after bswapping the header. */ elf_check_ehdr(struct elfhdr * ehdr)2221 static bool elf_check_ehdr(struct elfhdr *ehdr) 2222 { 2223 return (elf_check_arch(ehdr->e_machine) 2224 && elf_check_abi(ehdr->e_flags) 2225 && ehdr->e_ehsize == sizeof(struct elfhdr) 2226 && ehdr->e_phentsize == sizeof(struct elf_phdr) 2227 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 2228 } 2229 2230 /* 2231 * 'copy_elf_strings()' copies argument/envelope strings from user 2232 * memory to free pages in kernel mem. These are in a format ready 2233 * to be put directly into the top of new user memory. 2234 * 2235 */ copy_elf_strings(int argc,char ** argv,char * scratch,abi_ulong p,abi_ulong stack_limit)2236 static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 2237 abi_ulong p, abi_ulong stack_limit) 2238 { 2239 char *tmp; 2240 int len, i; 2241 abi_ulong top = p; 2242 2243 if (!p) { 2244 return 0; /* bullet-proofing */ 2245 } 2246 2247 if (STACK_GROWS_DOWN) { 2248 int offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 2249 for (i = argc - 1; i >= 0; --i) { 2250 tmp = argv[i]; 2251 if (!tmp) { 2252 fprintf(stderr, "VFS: argc is wrong"); 2253 exit(-1); 2254 } 2255 len = strlen(tmp) + 1; 2256 tmp += len; 2257 2258 if (len > (p - stack_limit)) { 2259 return 0; 2260 } 2261 while (len) { 2262 int bytes_to_copy = (len > offset) ? offset : len; 2263 tmp -= bytes_to_copy; 2264 p -= bytes_to_copy; 2265 offset -= bytes_to_copy; 2266 len -= bytes_to_copy; 2267 2268 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 2269 2270 if (offset == 0) { 2271 memcpy_to_target(p, scratch, top - p); 2272 top = p; 2273 offset = TARGET_PAGE_SIZE; 2274 } 2275 } 2276 } 2277 if (p != top) { 2278 memcpy_to_target(p, scratch + offset, top - p); 2279 } 2280 } else { 2281 int remaining = TARGET_PAGE_SIZE - (p % TARGET_PAGE_SIZE); 2282 for (i = 0; i < argc; ++i) { 2283 tmp = argv[i]; 2284 if (!tmp) { 2285 fprintf(stderr, "VFS: argc is wrong"); 2286 exit(-1); 2287 } 2288 len = strlen(tmp) + 1; 2289 if (len > (stack_limit - p)) { 2290 return 0; 2291 } 2292 while (len) { 2293 int bytes_to_copy = (len > remaining) ? remaining : len; 2294 2295 memcpy_fromfs(scratch + (p - top), tmp, bytes_to_copy); 2296 2297 tmp += bytes_to_copy; 2298 remaining -= bytes_to_copy; 2299 p += bytes_to_copy; 2300 len -= bytes_to_copy; 2301 2302 if (remaining == 0) { 2303 memcpy_to_target(top, scratch, p - top); 2304 top = p; 2305 remaining = TARGET_PAGE_SIZE; 2306 } 2307 } 2308 } 2309 if (p != top) { 2310 memcpy_to_target(top, scratch, p - top); 2311 } 2312 } 2313 2314 return p; 2315 } 2316 2317 /* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 2318 * argument/environment space. Newer kernels (>2.6.33) allow more, 2319 * dependent on stack size, but guarantee at least 32 pages for 2320 * backwards compatibility. 2321 */ 2322 #define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 2323 setup_arg_pages(struct linux_binprm * bprm,struct image_info * info)2324 static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 2325 struct image_info *info) 2326 { 2327 abi_ulong size, error, guard; 2328 int prot; 2329 2330 size = guest_stack_size; 2331 if (size < STACK_LOWER_LIMIT) { 2332 size = STACK_LOWER_LIMIT; 2333 } 2334 2335 if (STACK_GROWS_DOWN) { 2336 guard = TARGET_PAGE_SIZE; 2337 if (guard < qemu_real_host_page_size()) { 2338 guard = qemu_real_host_page_size(); 2339 } 2340 } else { 2341 /* no guard page for hppa target where stack grows upwards. */ 2342 guard = 0; 2343 } 2344 2345 prot = PROT_READ | PROT_WRITE; 2346 if (info->exec_stack) { 2347 prot |= PROT_EXEC; 2348 } 2349 error = target_mmap(0, size + guard, prot, 2350 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 2351 if (error == -1) { 2352 perror("mmap stack"); 2353 exit(-1); 2354 } 2355 2356 /* We reserve one extra page at the top of the stack as guard. */ 2357 if (STACK_GROWS_DOWN) { 2358 target_mprotect(error, guard, PROT_NONE); 2359 info->stack_limit = error + guard; 2360 return info->stack_limit + size - sizeof(void *); 2361 } else { 2362 info->stack_limit = error + size; 2363 return error; 2364 } 2365 } 2366 2367 /** 2368 * zero_bss: 2369 * 2370 * Map and zero the bss. We need to explicitly zero any fractional pages 2371 * after the data section (i.e. bss). Return false on mapping failure. 2372 */ zero_bss(abi_ulong start_bss,abi_ulong end_bss,int prot,Error ** errp)2373 static bool zero_bss(abi_ulong start_bss, abi_ulong end_bss, 2374 int prot, Error **errp) 2375 { 2376 abi_ulong align_bss; 2377 2378 /* We only expect writable bss; the code segment shouldn't need this. */ 2379 if (!(prot & PROT_WRITE)) { 2380 error_setg(errp, "PT_LOAD with non-writable bss"); 2381 return false; 2382 } 2383 2384 align_bss = TARGET_PAGE_ALIGN(start_bss); 2385 end_bss = TARGET_PAGE_ALIGN(end_bss); 2386 2387 if (start_bss < align_bss) { 2388 int flags = page_get_flags(start_bss); 2389 2390 if (!(flags & PAGE_RWX)) { 2391 /* 2392 * The whole address space of the executable was reserved 2393 * at the start, therefore all pages will be VALID. 2394 * But assuming there are no PROT_NONE PT_LOAD segments, 2395 * a PROT_NONE page means no data all bss, and we can 2396 * simply extend the new anon mapping back to the start 2397 * of the page of bss. 2398 */ 2399 align_bss -= TARGET_PAGE_SIZE; 2400 } else { 2401 /* 2402 * The start of the bss shares a page with something. 2403 * The only thing that we expect is the data section, 2404 * which would already be marked writable. 2405 * Overlapping the RX code segment seems malformed. 2406 */ 2407 if (!(flags & PAGE_WRITE)) { 2408 error_setg(errp, "PT_LOAD with bss overlapping " 2409 "non-writable page"); 2410 return false; 2411 } 2412 2413 /* The page is already mapped and writable. */ 2414 memset(g2h_untagged(start_bss), 0, align_bss - start_bss); 2415 } 2416 } 2417 2418 if (align_bss < end_bss && 2419 target_mmap(align_bss, end_bss - align_bss, prot, 2420 MAP_FIXED | MAP_PRIVATE | MAP_ANON, -1, 0) == -1) { 2421 error_setg_errno(errp, errno, "Error mapping bss"); 2422 return false; 2423 } 2424 return true; 2425 } 2426 2427 #if defined(TARGET_ARM) elf_is_fdpic(struct elfhdr * exec)2428 static int elf_is_fdpic(struct elfhdr *exec) 2429 { 2430 return exec->e_ident[EI_OSABI] == ELFOSABI_ARM_FDPIC; 2431 } 2432 #elif defined(TARGET_XTENSA) elf_is_fdpic(struct elfhdr * exec)2433 static int elf_is_fdpic(struct elfhdr *exec) 2434 { 2435 return exec->e_ident[EI_OSABI] == ELFOSABI_XTENSA_FDPIC; 2436 } 2437 #else 2438 /* Default implementation, always false. */ elf_is_fdpic(struct elfhdr * exec)2439 static int elf_is_fdpic(struct elfhdr *exec) 2440 { 2441 return 0; 2442 } 2443 #endif 2444 loader_build_fdpic_loadmap(struct image_info * info,abi_ulong sp)2445 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 2446 { 2447 uint16_t n; 2448 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 2449 2450 /* elf32_fdpic_loadseg */ 2451 n = info->nsegs; 2452 while (n--) { 2453 sp -= 12; 2454 put_user_u32(loadsegs[n].addr, sp+0); 2455 put_user_u32(loadsegs[n].p_vaddr, sp+4); 2456 put_user_u32(loadsegs[n].p_memsz, sp+8); 2457 } 2458 2459 /* elf32_fdpic_loadmap */ 2460 sp -= 4; 2461 put_user_u16(0, sp+0); /* version */ 2462 put_user_u16(info->nsegs, sp+2); /* nsegs */ 2463 2464 info->personality = PER_LINUX_FDPIC; 2465 info->loadmap_addr = sp; 2466 2467 return sp; 2468 } 2469 create_elf_tables(abi_ulong p,int argc,int envc,struct elfhdr * exec,struct image_info * info,struct image_info * interp_info,struct image_info * vdso_info)2470 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 2471 struct elfhdr *exec, 2472 struct image_info *info, 2473 struct image_info *interp_info, 2474 struct image_info *vdso_info) 2475 { 2476 abi_ulong sp; 2477 abi_ulong u_argc, u_argv, u_envp, u_auxv; 2478 int size; 2479 int i; 2480 abi_ulong u_rand_bytes; 2481 uint8_t k_rand_bytes[16]; 2482 abi_ulong u_platform, u_base_platform; 2483 const char *k_platform, *k_base_platform; 2484 const int n = sizeof(elf_addr_t); 2485 2486 sp = p; 2487 2488 /* Needs to be before we load the env/argc/... */ 2489 if (elf_is_fdpic(exec)) { 2490 /* Need 4 byte alignment for these structs */ 2491 sp &= ~3; 2492 sp = loader_build_fdpic_loadmap(info, sp); 2493 info->other_info = interp_info; 2494 if (interp_info) { 2495 interp_info->other_info = info; 2496 sp = loader_build_fdpic_loadmap(interp_info, sp); 2497 info->interpreter_loadmap_addr = interp_info->loadmap_addr; 2498 info->interpreter_pt_dynamic_addr = interp_info->pt_dynamic_addr; 2499 } else { 2500 info->interpreter_loadmap_addr = 0; 2501 info->interpreter_pt_dynamic_addr = 0; 2502 } 2503 } 2504 2505 u_base_platform = 0; 2506 k_base_platform = ELF_BASE_PLATFORM; 2507 if (k_base_platform) { 2508 size_t len = strlen(k_base_platform) + 1; 2509 if (STACK_GROWS_DOWN) { 2510 sp -= (len + n - 1) & ~(n - 1); 2511 u_base_platform = sp; 2512 /* FIXME - check return value of memcpy_to_target() for failure */ 2513 memcpy_to_target(sp, k_base_platform, len); 2514 } else { 2515 memcpy_to_target(sp, k_base_platform, len); 2516 u_base_platform = sp; 2517 sp += len + 1; 2518 } 2519 } 2520 2521 u_platform = 0; 2522 k_platform = ELF_PLATFORM; 2523 if (k_platform) { 2524 size_t len = strlen(k_platform) + 1; 2525 if (STACK_GROWS_DOWN) { 2526 sp -= (len + n - 1) & ~(n - 1); 2527 u_platform = sp; 2528 /* FIXME - check return value of memcpy_to_target() for failure */ 2529 memcpy_to_target(sp, k_platform, len); 2530 } else { 2531 memcpy_to_target(sp, k_platform, len); 2532 u_platform = sp; 2533 sp += len + 1; 2534 } 2535 } 2536 2537 /* Provide 16 byte alignment for the PRNG, and basic alignment for 2538 * the argv and envp pointers. 2539 */ 2540 if (STACK_GROWS_DOWN) { 2541 sp = QEMU_ALIGN_DOWN(sp, 16); 2542 } else { 2543 sp = QEMU_ALIGN_UP(sp, 16); 2544 } 2545 2546 /* 2547 * Generate 16 random bytes for userspace PRNG seeding. 2548 */ 2549 qemu_guest_getrandom_nofail(k_rand_bytes, sizeof(k_rand_bytes)); 2550 if (STACK_GROWS_DOWN) { 2551 sp -= 16; 2552 u_rand_bytes = sp; 2553 /* FIXME - check return value of memcpy_to_target() for failure */ 2554 memcpy_to_target(sp, k_rand_bytes, 16); 2555 } else { 2556 memcpy_to_target(sp, k_rand_bytes, 16); 2557 u_rand_bytes = sp; 2558 sp += 16; 2559 } 2560 2561 size = (DLINFO_ITEMS + 1) * 2; 2562 if (k_base_platform) { 2563 size += 2; 2564 } 2565 if (k_platform) { 2566 size += 2; 2567 } 2568 if (vdso_info) { 2569 size += 2; 2570 } 2571 #ifdef DLINFO_ARCH_ITEMS 2572 size += DLINFO_ARCH_ITEMS * 2; 2573 #endif 2574 #ifdef ELF_HWCAP2 2575 size += 2; 2576 #endif 2577 info->auxv_len = size * n; 2578 2579 size += envc + argc + 2; 2580 size += 1; /* argc itself */ 2581 size *= n; 2582 2583 /* Allocate space and finalize stack alignment for entry now. */ 2584 if (STACK_GROWS_DOWN) { 2585 u_argc = QEMU_ALIGN_DOWN(sp - size, STACK_ALIGNMENT); 2586 sp = u_argc; 2587 } else { 2588 u_argc = sp; 2589 sp = QEMU_ALIGN_UP(sp + size, STACK_ALIGNMENT); 2590 } 2591 2592 u_argv = u_argc + n; 2593 u_envp = u_argv + (argc + 1) * n; 2594 u_auxv = u_envp + (envc + 1) * n; 2595 info->saved_auxv = u_auxv; 2596 info->argc = argc; 2597 info->envc = envc; 2598 info->argv = u_argv; 2599 info->envp = u_envp; 2600 2601 /* This is correct because Linux defines 2602 * elf_addr_t as Elf32_Off / Elf64_Off 2603 */ 2604 #define NEW_AUX_ENT(id, val) do { \ 2605 put_user_ual(id, u_auxv); u_auxv += n; \ 2606 put_user_ual(val, u_auxv); u_auxv += n; \ 2607 } while(0) 2608 2609 #ifdef ARCH_DLINFO 2610 /* 2611 * ARCH_DLINFO must come first so platform specific code can enforce 2612 * special alignment requirements on the AUXV if necessary (eg. PPC). 2613 */ 2614 ARCH_DLINFO; 2615 #endif 2616 /* There must be exactly DLINFO_ITEMS entries here, or the assert 2617 * on info->auxv_len will trigger. 2618 */ 2619 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 2620 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 2621 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 2622 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 2623 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 2624 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 2625 NEW_AUX_ENT(AT_ENTRY, info->entry); 2626 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 2627 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 2628 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 2629 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 2630 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 2631 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 2632 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 2633 NEW_AUX_ENT(AT_SECURE, (abi_ulong) qemu_getauxval(AT_SECURE)); 2634 NEW_AUX_ENT(AT_EXECFN, info->file_string); 2635 2636 #ifdef ELF_HWCAP2 2637 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 2638 #endif 2639 2640 if (u_base_platform) { 2641 NEW_AUX_ENT(AT_BASE_PLATFORM, u_base_platform); 2642 } 2643 if (u_platform) { 2644 NEW_AUX_ENT(AT_PLATFORM, u_platform); 2645 } 2646 if (vdso_info) { 2647 NEW_AUX_ENT(AT_SYSINFO_EHDR, vdso_info->load_addr); 2648 } 2649 NEW_AUX_ENT (AT_NULL, 0); 2650 #undef NEW_AUX_ENT 2651 2652 /* Check that our initial calculation of the auxv length matches how much 2653 * we actually put into it. 2654 */ 2655 assert(info->auxv_len == u_auxv - info->saved_auxv); 2656 2657 put_user_ual(argc, u_argc); 2658 2659 p = info->arg_strings; 2660 for (i = 0; i < argc; ++i) { 2661 put_user_ual(p, u_argv); 2662 u_argv += n; 2663 p += target_strlen(p) + 1; 2664 } 2665 put_user_ual(0, u_argv); 2666 2667 p = info->env_strings; 2668 for (i = 0; i < envc; ++i) { 2669 put_user_ual(p, u_envp); 2670 u_envp += n; 2671 p += target_strlen(p) + 1; 2672 } 2673 put_user_ual(0, u_envp); 2674 2675 return sp; 2676 } 2677 2678 #if defined(HI_COMMPAGE) 2679 #define LO_COMMPAGE -1 2680 #elif defined(LO_COMMPAGE) 2681 #define HI_COMMPAGE 0 2682 #else 2683 #define HI_COMMPAGE 0 2684 #define LO_COMMPAGE -1 2685 #ifndef INIT_GUEST_COMMPAGE 2686 #define init_guest_commpage() true 2687 #endif 2688 #endif 2689 2690 /** 2691 * pgb_try_mmap: 2692 * @addr: host start address 2693 * @addr_last: host last address 2694 * @keep: do not unmap the probe region 2695 * 2696 * Return 1 if [@addr, @addr_last] is not mapped in the host, 2697 * return 0 if it is not available to map, and -1 on mmap error. 2698 * If @keep, the region is left mapped on success, otherwise unmapped. 2699 */ pgb_try_mmap(uintptr_t addr,uintptr_t addr_last,bool keep)2700 static int pgb_try_mmap(uintptr_t addr, uintptr_t addr_last, bool keep) 2701 { 2702 size_t size = addr_last - addr + 1; 2703 void *p = mmap((void *)addr, size, PROT_NONE, 2704 MAP_ANONYMOUS | MAP_PRIVATE | 2705 MAP_NORESERVE | MAP_FIXED_NOREPLACE, -1, 0); 2706 int ret; 2707 2708 if (p == MAP_FAILED) { 2709 return errno == EEXIST ? 0 : -1; 2710 } 2711 ret = p == (void *)addr; 2712 if (!keep || !ret) { 2713 munmap(p, size); 2714 } 2715 return ret; 2716 } 2717 2718 /** 2719 * pgb_try_mmap_skip_brk(uintptr_t addr, uintptr_t size, uintptr_t brk) 2720 * @addr: host address 2721 * @addr_last: host last address 2722 * @brk: host brk 2723 * 2724 * Like pgb_try_mmap, but additionally reserve some memory following brk. 2725 */ pgb_try_mmap_skip_brk(uintptr_t addr,uintptr_t addr_last,uintptr_t brk,bool keep)2726 static int pgb_try_mmap_skip_brk(uintptr_t addr, uintptr_t addr_last, 2727 uintptr_t brk, bool keep) 2728 { 2729 uintptr_t brk_last = brk + 16 * MiB - 1; 2730 2731 /* Do not map anything close to the host brk. */ 2732 if (addr <= brk_last && brk <= addr_last) { 2733 return 0; 2734 } 2735 return pgb_try_mmap(addr, addr_last, keep); 2736 } 2737 2738 /** 2739 * pgb_try_mmap_set: 2740 * @ga: set of guest addrs 2741 * @base: guest_base 2742 * @brk: host brk 2743 * 2744 * Return true if all @ga can be mapped by the host at @base. 2745 * On success, retain the mapping at index 0 for reserved_va. 2746 */ 2747 2748 typedef struct PGBAddrs { 2749 uintptr_t bounds[3][2]; /* start/last pairs */ 2750 int nbounds; 2751 } PGBAddrs; 2752 pgb_try_mmap_set(const PGBAddrs * ga,uintptr_t base,uintptr_t brk)2753 static bool pgb_try_mmap_set(const PGBAddrs *ga, uintptr_t base, uintptr_t brk) 2754 { 2755 for (int i = ga->nbounds - 1; i >= 0; --i) { 2756 if (pgb_try_mmap_skip_brk(ga->bounds[i][0] + base, 2757 ga->bounds[i][1] + base, 2758 brk, i == 0 && reserved_va) <= 0) { 2759 return false; 2760 } 2761 } 2762 return true; 2763 } 2764 2765 /** 2766 * pgb_addr_set: 2767 * @ga: output set of guest addrs 2768 * @guest_loaddr: guest image low address 2769 * @guest_loaddr: guest image high address 2770 * @identity: create for identity mapping 2771 * 2772 * Fill in @ga with the image, COMMPAGE and NULL page. 2773 */ pgb_addr_set(PGBAddrs * ga,abi_ulong guest_loaddr,abi_ulong guest_hiaddr,bool try_identity)2774 static bool pgb_addr_set(PGBAddrs *ga, abi_ulong guest_loaddr, 2775 abi_ulong guest_hiaddr, bool try_identity) 2776 { 2777 int n; 2778 2779 /* 2780 * With a low commpage, or a guest mapped very low, 2781 * we may not be able to use the identity map. 2782 */ 2783 if (try_identity) { 2784 if (LO_COMMPAGE != -1 && LO_COMMPAGE < mmap_min_addr) { 2785 return false; 2786 } 2787 if (guest_loaddr != 0 && guest_loaddr < mmap_min_addr) { 2788 return false; 2789 } 2790 } 2791 2792 memset(ga, 0, sizeof(*ga)); 2793 n = 0; 2794 2795 if (reserved_va) { 2796 ga->bounds[n][0] = try_identity ? mmap_min_addr : 0; 2797 ga->bounds[n][1] = reserved_va; 2798 n++; 2799 /* LO_COMMPAGE and NULL handled by reserving from 0. */ 2800 } else { 2801 /* Add any LO_COMMPAGE or NULL page. */ 2802 if (LO_COMMPAGE != -1) { 2803 ga->bounds[n][0] = 0; 2804 ga->bounds[n][1] = LO_COMMPAGE + TARGET_PAGE_SIZE - 1; 2805 n++; 2806 } else if (!try_identity) { 2807 ga->bounds[n][0] = 0; 2808 ga->bounds[n][1] = TARGET_PAGE_SIZE - 1; 2809 n++; 2810 } 2811 2812 /* Add the guest image for ET_EXEC. */ 2813 if (guest_loaddr) { 2814 ga->bounds[n][0] = guest_loaddr; 2815 ga->bounds[n][1] = guest_hiaddr; 2816 n++; 2817 } 2818 } 2819 2820 /* 2821 * Temporarily disable 2822 * "comparison is always false due to limited range of data type" 2823 * due to comparison between unsigned and (possible) 0. 2824 */ 2825 #pragma GCC diagnostic push 2826 #pragma GCC diagnostic ignored "-Wtype-limits" 2827 2828 /* Add any HI_COMMPAGE not covered by reserved_va. */ 2829 if (reserved_va < HI_COMMPAGE) { 2830 ga->bounds[n][0] = HI_COMMPAGE & qemu_real_host_page_mask(); 2831 ga->bounds[n][1] = HI_COMMPAGE + TARGET_PAGE_SIZE - 1; 2832 n++; 2833 } 2834 2835 #pragma GCC diagnostic pop 2836 2837 ga->nbounds = n; 2838 return true; 2839 } 2840 pgb_fail_in_use(const char * image_name)2841 static void pgb_fail_in_use(const char *image_name) 2842 { 2843 error_report("%s: requires virtual address space that is in use " 2844 "(omit the -B option or choose a different value)", 2845 image_name); 2846 exit(EXIT_FAILURE); 2847 } 2848 pgb_fixed(const char * image_name,uintptr_t guest_loaddr,uintptr_t guest_hiaddr,uintptr_t align)2849 static void pgb_fixed(const char *image_name, uintptr_t guest_loaddr, 2850 uintptr_t guest_hiaddr, uintptr_t align) 2851 { 2852 PGBAddrs ga; 2853 uintptr_t brk = (uintptr_t)sbrk(0); 2854 2855 if (!QEMU_IS_ALIGNED(guest_base, align)) { 2856 fprintf(stderr, "Requested guest base %p does not satisfy " 2857 "host minimum alignment (0x%" PRIxPTR ")\n", 2858 (void *)guest_base, align); 2859 exit(EXIT_FAILURE); 2860 } 2861 2862 if (!pgb_addr_set(&ga, guest_loaddr, guest_hiaddr, !guest_base) 2863 || !pgb_try_mmap_set(&ga, guest_base, brk)) { 2864 pgb_fail_in_use(image_name); 2865 } 2866 } 2867 2868 /** 2869 * pgb_find_fallback: 2870 * 2871 * This is a fallback method for finding holes in the host address space 2872 * if we don't have the benefit of being able to access /proc/self/map. 2873 * It can potentially take a very long time as we can only dumbly iterate 2874 * up the host address space seeing if the allocation would work. 2875 */ pgb_find_fallback(const PGBAddrs * ga,uintptr_t align,uintptr_t brk)2876 static uintptr_t pgb_find_fallback(const PGBAddrs *ga, uintptr_t align, 2877 uintptr_t brk) 2878 { 2879 /* TODO: come up with a better estimate of how much to skip. */ 2880 uintptr_t skip = sizeof(uintptr_t) == 4 ? MiB : GiB; 2881 2882 for (uintptr_t base = skip; ; base += skip) { 2883 base = ROUND_UP(base, align); 2884 if (pgb_try_mmap_set(ga, base, brk)) { 2885 return base; 2886 } 2887 if (base >= -skip) { 2888 return -1; 2889 } 2890 } 2891 } 2892 pgb_try_itree(const PGBAddrs * ga,uintptr_t base,IntervalTreeRoot * root)2893 static uintptr_t pgb_try_itree(const PGBAddrs *ga, uintptr_t base, 2894 IntervalTreeRoot *root) 2895 { 2896 for (int i = ga->nbounds - 1; i >= 0; --i) { 2897 uintptr_t s = base + ga->bounds[i][0]; 2898 uintptr_t l = base + ga->bounds[i][1]; 2899 IntervalTreeNode *n; 2900 2901 if (l < s) { 2902 /* Wraparound. Skip to advance S to mmap_min_addr. */ 2903 return mmap_min_addr - s; 2904 } 2905 2906 n = interval_tree_iter_first(root, s, l); 2907 if (n != NULL) { 2908 /* Conflict. Skip to advance S to LAST + 1. */ 2909 return n->last - s + 1; 2910 } 2911 } 2912 return 0; /* success */ 2913 } 2914 pgb_find_itree(const PGBAddrs * ga,IntervalTreeRoot * root,uintptr_t align,uintptr_t brk)2915 static uintptr_t pgb_find_itree(const PGBAddrs *ga, IntervalTreeRoot *root, 2916 uintptr_t align, uintptr_t brk) 2917 { 2918 uintptr_t last = sizeof(uintptr_t) == 4 ? MiB : GiB; 2919 uintptr_t base, skip; 2920 2921 while (true) { 2922 base = ROUND_UP(last, align); 2923 if (base < last) { 2924 return -1; 2925 } 2926 2927 skip = pgb_try_itree(ga, base, root); 2928 if (skip == 0) { 2929 break; 2930 } 2931 2932 last = base + skip; 2933 if (last < base) { 2934 return -1; 2935 } 2936 } 2937 2938 /* 2939 * We've chosen 'base' based on holes in the interval tree, 2940 * but we don't yet know if it is a valid host address. 2941 * Because it is the first matching hole, if the host addresses 2942 * are invalid we know there are no further matches. 2943 */ 2944 return pgb_try_mmap_set(ga, base, brk) ? base : -1; 2945 } 2946 pgb_dynamic(const char * image_name,uintptr_t guest_loaddr,uintptr_t guest_hiaddr,uintptr_t align)2947 static void pgb_dynamic(const char *image_name, uintptr_t guest_loaddr, 2948 uintptr_t guest_hiaddr, uintptr_t align) 2949 { 2950 IntervalTreeRoot *root; 2951 uintptr_t brk, ret; 2952 PGBAddrs ga; 2953 2954 /* Try the identity map first. */ 2955 if (pgb_addr_set(&ga, guest_loaddr, guest_hiaddr, true)) { 2956 brk = (uintptr_t)sbrk(0); 2957 if (pgb_try_mmap_set(&ga, 0, brk)) { 2958 guest_base = 0; 2959 return; 2960 } 2961 } 2962 2963 /* 2964 * Rebuild the address set for non-identity map. 2965 * This differs in the mapping of the guest NULL page. 2966 */ 2967 pgb_addr_set(&ga, guest_loaddr, guest_hiaddr, false); 2968 2969 root = read_self_maps(); 2970 2971 /* Read brk after we've read the maps, which will malloc. */ 2972 brk = (uintptr_t)sbrk(0); 2973 2974 if (!root) { 2975 ret = pgb_find_fallback(&ga, align, brk); 2976 } else { 2977 /* 2978 * Reserve the area close to the host brk. 2979 * This will be freed with the rest of the tree. 2980 */ 2981 IntervalTreeNode *b = g_new0(IntervalTreeNode, 1); 2982 b->start = brk; 2983 b->last = brk + 16 * MiB - 1; 2984 interval_tree_insert(b, root); 2985 2986 ret = pgb_find_itree(&ga, root, align, brk); 2987 free_self_maps(root); 2988 } 2989 2990 if (ret == -1) { 2991 int w = TARGET_LONG_BITS / 4; 2992 2993 error_report("%s: Unable to find a guest_base to satisfy all " 2994 "guest address mapping requirements", image_name); 2995 2996 for (int i = 0; i < ga.nbounds; ++i) { 2997 error_printf(" %0*" PRIx64 "-%0*" PRIx64 "\n", 2998 w, (uint64_t)ga.bounds[i][0], 2999 w, (uint64_t)ga.bounds[i][1]); 3000 } 3001 exit(EXIT_FAILURE); 3002 } 3003 guest_base = ret; 3004 } 3005 probe_guest_base(const char * image_name,abi_ulong guest_loaddr,abi_ulong guest_hiaddr)3006 void probe_guest_base(const char *image_name, abi_ulong guest_loaddr, 3007 abi_ulong guest_hiaddr) 3008 { 3009 /* In order to use host shmat, we must be able to honor SHMLBA. */ 3010 uintptr_t align = MAX(SHMLBA, TARGET_PAGE_SIZE); 3011 3012 /* Sanity check the guest binary. */ 3013 if (reserved_va) { 3014 if (guest_hiaddr > reserved_va) { 3015 error_report("%s: requires more than reserved virtual " 3016 "address space (0x%" PRIx64 " > 0x%lx)", 3017 image_name, (uint64_t)guest_hiaddr, reserved_va); 3018 exit(EXIT_FAILURE); 3019 } 3020 } else { 3021 if (guest_hiaddr != (uintptr_t)guest_hiaddr) { 3022 error_report("%s: requires more virtual address space " 3023 "than the host can provide (0x%" PRIx64 ")", 3024 image_name, (uint64_t)guest_hiaddr + 1); 3025 exit(EXIT_FAILURE); 3026 } 3027 } 3028 3029 if (have_guest_base) { 3030 pgb_fixed(image_name, guest_loaddr, guest_hiaddr, align); 3031 } else { 3032 pgb_dynamic(image_name, guest_loaddr, guest_hiaddr, align); 3033 } 3034 3035 /* Reserve and initialize the commpage. */ 3036 if (!init_guest_commpage()) { 3037 /* We have already probed for the commpage being free. */ 3038 g_assert_not_reached(); 3039 } 3040 3041 assert(QEMU_IS_ALIGNED(guest_base, align)); 3042 qemu_log_mask(CPU_LOG_PAGE, "Locating guest address space " 3043 "@ 0x%" PRIx64 "\n", (uint64_t)guest_base); 3044 } 3045 3046 enum { 3047 /* The string "GNU\0" as a magic number. */ 3048 GNU0_MAGIC = const_le32('G' | 'N' << 8 | 'U' << 16), 3049 NOTE_DATA_SZ = 1 * KiB, 3050 NOTE_NAME_SZ = 4, 3051 ELF_GNU_PROPERTY_ALIGN = ELF_CLASS == ELFCLASS32 ? 4 : 8, 3052 }; 3053 3054 /* 3055 * Process a single gnu_property entry. 3056 * Return false for error. 3057 */ parse_elf_property(const uint32_t * data,int * off,int datasz,struct image_info * info,bool have_prev_type,uint32_t * prev_type,Error ** errp)3058 static bool parse_elf_property(const uint32_t *data, int *off, int datasz, 3059 struct image_info *info, bool have_prev_type, 3060 uint32_t *prev_type, Error **errp) 3061 { 3062 uint32_t pr_type, pr_datasz, step; 3063 3064 if (*off > datasz || !QEMU_IS_ALIGNED(*off, ELF_GNU_PROPERTY_ALIGN)) { 3065 goto error_data; 3066 } 3067 datasz -= *off; 3068 data += *off / sizeof(uint32_t); 3069 3070 if (datasz < 2 * sizeof(uint32_t)) { 3071 goto error_data; 3072 } 3073 pr_type = data[0]; 3074 pr_datasz = data[1]; 3075 data += 2; 3076 datasz -= 2 * sizeof(uint32_t); 3077 step = ROUND_UP(pr_datasz, ELF_GNU_PROPERTY_ALIGN); 3078 if (step > datasz) { 3079 goto error_data; 3080 } 3081 3082 /* Properties are supposed to be unique and sorted on pr_type. */ 3083 if (have_prev_type && pr_type <= *prev_type) { 3084 if (pr_type == *prev_type) { 3085 error_setg(errp, "Duplicate property in PT_GNU_PROPERTY"); 3086 } else { 3087 error_setg(errp, "Unsorted property in PT_GNU_PROPERTY"); 3088 } 3089 return false; 3090 } 3091 *prev_type = pr_type; 3092 3093 if (!arch_parse_elf_property(pr_type, pr_datasz, data, info, errp)) { 3094 return false; 3095 } 3096 3097 *off += 2 * sizeof(uint32_t) + step; 3098 return true; 3099 3100 error_data: 3101 error_setg(errp, "Ill-formed property in PT_GNU_PROPERTY"); 3102 return false; 3103 } 3104 3105 /* Process NT_GNU_PROPERTY_TYPE_0. */ parse_elf_properties(const ImageSource * src,struct image_info * info,const struct elf_phdr * phdr,Error ** errp)3106 static bool parse_elf_properties(const ImageSource *src, 3107 struct image_info *info, 3108 const struct elf_phdr *phdr, 3109 Error **errp) 3110 { 3111 union { 3112 struct elf_note nhdr; 3113 uint32_t data[NOTE_DATA_SZ / sizeof(uint32_t)]; 3114 } note; 3115 3116 int n, off, datasz; 3117 bool have_prev_type; 3118 uint32_t prev_type; 3119 3120 /* Unless the arch requires properties, ignore them. */ 3121 if (!ARCH_USE_GNU_PROPERTY) { 3122 return true; 3123 } 3124 3125 /* If the properties are crazy large, that's too bad. */ 3126 n = phdr->p_filesz; 3127 if (n > sizeof(note)) { 3128 error_setg(errp, "PT_GNU_PROPERTY too large"); 3129 return false; 3130 } 3131 if (n < sizeof(note.nhdr)) { 3132 error_setg(errp, "PT_GNU_PROPERTY too small"); 3133 return false; 3134 } 3135 3136 if (!imgsrc_read(¬e, phdr->p_offset, n, src, errp)) { 3137 return false; 3138 } 3139 3140 /* 3141 * The contents of a valid PT_GNU_PROPERTY is a sequence of uint32_t. 3142 * Swap most of them now, beyond the header and namesz. 3143 */ 3144 #ifdef BSWAP_NEEDED 3145 for (int i = 4; i < n / 4; i++) { 3146 bswap32s(note.data + i); 3147 } 3148 #endif 3149 3150 /* 3151 * Note that nhdr is 3 words, and that the "name" described by namesz 3152 * immediately follows nhdr and is thus at the 4th word. Further, all 3153 * of the inputs to the kernel's round_up are multiples of 4. 3154 */ 3155 if (tswap32(note.nhdr.n_type) != NT_GNU_PROPERTY_TYPE_0 || 3156 tswap32(note.nhdr.n_namesz) != NOTE_NAME_SZ || 3157 note.data[3] != GNU0_MAGIC) { 3158 error_setg(errp, "Invalid note in PT_GNU_PROPERTY"); 3159 return false; 3160 } 3161 off = sizeof(note.nhdr) + NOTE_NAME_SZ; 3162 3163 datasz = tswap32(note.nhdr.n_descsz) + off; 3164 if (datasz > n) { 3165 error_setg(errp, "Invalid note size in PT_GNU_PROPERTY"); 3166 return false; 3167 } 3168 3169 have_prev_type = false; 3170 prev_type = 0; 3171 while (1) { 3172 if (off == datasz) { 3173 return true; /* end, exit ok */ 3174 } 3175 if (!parse_elf_property(note.data, &off, datasz, info, 3176 have_prev_type, &prev_type, errp)) { 3177 return false; 3178 } 3179 have_prev_type = true; 3180 } 3181 } 3182 3183 /** 3184 * load_elf_image: Load an ELF image into the address space. 3185 * @image_name: the filename of the image, to use in error messages. 3186 * @src: the ImageSource from which to read. 3187 * @info: info collected from the loaded image. 3188 * @ehdr: the ELF header, not yet bswapped. 3189 * @pinterp_name: record any PT_INTERP string found. 3190 * 3191 * On return: @info values will be filled in, as necessary or available. 3192 */ 3193 load_elf_image(const char * image_name,const ImageSource * src,struct image_info * info,struct elfhdr * ehdr,char ** pinterp_name)3194 static void load_elf_image(const char *image_name, const ImageSource *src, 3195 struct image_info *info, struct elfhdr *ehdr, 3196 char **pinterp_name) 3197 { 3198 g_autofree struct elf_phdr *phdr = NULL; 3199 abi_ulong load_addr, load_bias, loaddr, hiaddr, error, align; 3200 size_t reserve_size, align_size; 3201 int i, prot_exec; 3202 Error *err = NULL; 3203 3204 /* 3205 * First of all, some simple consistency checks. 3206 * Note that we rely on the bswapped ehdr staying in bprm_buf, 3207 * for later use by load_elf_binary and create_elf_tables. 3208 */ 3209 if (!imgsrc_read(ehdr, 0, sizeof(*ehdr), src, &err)) { 3210 goto exit_errmsg; 3211 } 3212 if (!elf_check_ident(ehdr)) { 3213 error_setg(&err, "Invalid ELF image for this architecture"); 3214 goto exit_errmsg; 3215 } 3216 bswap_ehdr(ehdr); 3217 if (!elf_check_ehdr(ehdr)) { 3218 error_setg(&err, "Invalid ELF image for this architecture"); 3219 goto exit_errmsg; 3220 } 3221 3222 phdr = imgsrc_read_alloc(ehdr->e_phoff, 3223 ehdr->e_phnum * sizeof(struct elf_phdr), 3224 src, &err); 3225 if (phdr == NULL) { 3226 goto exit_errmsg; 3227 } 3228 bswap_phdr(phdr, ehdr->e_phnum); 3229 3230 info->nsegs = 0; 3231 info->pt_dynamic_addr = 0; 3232 3233 mmap_lock(); 3234 3235 /* 3236 * Find the maximum size of the image and allocate an appropriate 3237 * amount of memory to handle that. Locate the interpreter, if any. 3238 */ 3239 loaddr = -1, hiaddr = 0; 3240 align = 0; 3241 info->exec_stack = EXSTACK_DEFAULT; 3242 for (i = 0; i < ehdr->e_phnum; ++i) { 3243 struct elf_phdr *eppnt = phdr + i; 3244 if (eppnt->p_type == PT_LOAD) { 3245 abi_ulong a = eppnt->p_vaddr & TARGET_PAGE_MASK; 3246 if (a < loaddr) { 3247 loaddr = a; 3248 } 3249 a = eppnt->p_vaddr + eppnt->p_memsz - 1; 3250 if (a > hiaddr) { 3251 hiaddr = a; 3252 } 3253 ++info->nsegs; 3254 align |= eppnt->p_align; 3255 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 3256 g_autofree char *interp_name = NULL; 3257 3258 if (*pinterp_name) { 3259 error_setg(&err, "Multiple PT_INTERP entries"); 3260 goto exit_errmsg; 3261 } 3262 3263 interp_name = imgsrc_read_alloc(eppnt->p_offset, eppnt->p_filesz, 3264 src, &err); 3265 if (interp_name == NULL) { 3266 goto exit_errmsg; 3267 } 3268 if (interp_name[eppnt->p_filesz - 1] != 0) { 3269 error_setg(&err, "Invalid PT_INTERP entry"); 3270 goto exit_errmsg; 3271 } 3272 *pinterp_name = g_steal_pointer(&interp_name); 3273 } else if (eppnt->p_type == PT_GNU_PROPERTY) { 3274 if (!parse_elf_properties(src, info, eppnt, &err)) { 3275 goto exit_errmsg; 3276 } 3277 } else if (eppnt->p_type == PT_GNU_STACK) { 3278 info->exec_stack = eppnt->p_flags & PF_X; 3279 } 3280 } 3281 3282 load_addr = loaddr; 3283 3284 align = pow2ceil(align); 3285 3286 if (pinterp_name != NULL) { 3287 if (ehdr->e_type == ET_EXEC) { 3288 /* 3289 * Make sure that the low address does not conflict with 3290 * MMAP_MIN_ADDR or the QEMU application itself. 3291 */ 3292 probe_guest_base(image_name, loaddr, hiaddr); 3293 } else { 3294 /* 3295 * The binary is dynamic, but we still need to 3296 * select guest_base. In this case we pass a size. 3297 */ 3298 probe_guest_base(image_name, 0, hiaddr - loaddr); 3299 3300 /* 3301 * Avoid collision with the loader by providing a different 3302 * default load address. 3303 */ 3304 load_addr += elf_et_dyn_base; 3305 3306 /* 3307 * TODO: Better support for mmap alignment is desirable. 3308 * Since we do not have complete control over the guest 3309 * address space, we prefer the kernel to choose some address 3310 * rather than force the use of LOAD_ADDR via MAP_FIXED. 3311 */ 3312 if (align) { 3313 load_addr &= -align; 3314 } 3315 } 3316 } 3317 3318 /* 3319 * Reserve address space for all of this. 3320 * 3321 * In the case of ET_EXEC, we supply MAP_FIXED_NOREPLACE so that we get 3322 * exactly the address range that is required. Without reserved_va, 3323 * the guest address space is not isolated. We have attempted to avoid 3324 * conflict with the host program itself via probe_guest_base, but using 3325 * MAP_FIXED_NOREPLACE instead of MAP_FIXED provides an extra check. 3326 * 3327 * Otherwise this is ET_DYN, and we are searching for a location 3328 * that can hold the memory space required. If the image is 3329 * pre-linked, LOAD_ADDR will be non-zero, and the kernel should 3330 * honor that address if it happens to be free. 3331 * 3332 * In both cases, we will overwrite pages in this range with mappings 3333 * from the executable. 3334 */ 3335 reserve_size = (size_t)hiaddr - loaddr + 1; 3336 align_size = reserve_size; 3337 3338 if (ehdr->e_type != ET_EXEC && align > qemu_real_host_page_size()) { 3339 align_size += align - 1; 3340 } 3341 3342 load_addr = target_mmap(load_addr, align_size, PROT_NONE, 3343 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE | 3344 (ehdr->e_type == ET_EXEC ? MAP_FIXED_NOREPLACE : 0), 3345 -1, 0); 3346 if (load_addr == -1) { 3347 goto exit_mmap; 3348 } 3349 3350 if (align_size != reserve_size) { 3351 abi_ulong align_addr = ROUND_UP(load_addr, align); 3352 abi_ulong align_end = TARGET_PAGE_ALIGN(align_addr + reserve_size); 3353 abi_ulong load_end = TARGET_PAGE_ALIGN(load_addr + align_size); 3354 3355 if (align_addr != load_addr) { 3356 target_munmap(load_addr, align_addr - load_addr); 3357 } 3358 if (align_end != load_end) { 3359 target_munmap(align_end, load_end - align_end); 3360 } 3361 load_addr = align_addr; 3362 } 3363 3364 load_bias = load_addr - loaddr; 3365 3366 if (elf_is_fdpic(ehdr)) { 3367 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 3368 g_malloc(sizeof(*loadsegs) * info->nsegs); 3369 3370 for (i = 0; i < ehdr->e_phnum; ++i) { 3371 switch (phdr[i].p_type) { 3372 case PT_DYNAMIC: 3373 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 3374 break; 3375 case PT_LOAD: 3376 loadsegs->addr = phdr[i].p_vaddr + load_bias; 3377 loadsegs->p_vaddr = phdr[i].p_vaddr; 3378 loadsegs->p_memsz = phdr[i].p_memsz; 3379 ++loadsegs; 3380 break; 3381 } 3382 } 3383 } 3384 3385 info->load_bias = load_bias; 3386 info->code_offset = load_bias; 3387 info->data_offset = load_bias; 3388 info->load_addr = load_addr; 3389 info->entry = ehdr->e_entry + load_bias; 3390 info->start_code = -1; 3391 info->end_code = 0; 3392 info->start_data = -1; 3393 info->end_data = 0; 3394 /* Usual start for brk is after all sections of the main executable. */ 3395 info->brk = TARGET_PAGE_ALIGN(hiaddr + load_bias); 3396 info->elf_flags = ehdr->e_flags; 3397 3398 prot_exec = PROT_EXEC; 3399 #ifdef TARGET_AARCH64 3400 /* 3401 * If the BTI feature is present, this indicates that the executable 3402 * pages of the startup binary should be mapped with PROT_BTI, so that 3403 * branch targets are enforced. 3404 * 3405 * The startup binary is either the interpreter or the static executable. 3406 * The interpreter is responsible for all pages of a dynamic executable. 3407 * 3408 * Elf notes are backward compatible to older cpus. 3409 * Do not enable BTI unless it is supported. 3410 */ 3411 if ((info->note_flags & GNU_PROPERTY_AARCH64_FEATURE_1_BTI) 3412 && (pinterp_name == NULL || *pinterp_name == 0) 3413 && cpu_isar_feature(aa64_bti, ARM_CPU(thread_cpu))) { 3414 prot_exec |= TARGET_PROT_BTI; 3415 } 3416 #endif 3417 3418 for (i = 0; i < ehdr->e_phnum; i++) { 3419 struct elf_phdr *eppnt = phdr + i; 3420 if (eppnt->p_type == PT_LOAD) { 3421 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 3422 int elf_prot = 0; 3423 3424 if (eppnt->p_flags & PF_R) { 3425 elf_prot |= PROT_READ; 3426 } 3427 if (eppnt->p_flags & PF_W) { 3428 elf_prot |= PROT_WRITE; 3429 } 3430 if (eppnt->p_flags & PF_X) { 3431 elf_prot |= prot_exec; 3432 } 3433 3434 vaddr = load_bias + eppnt->p_vaddr; 3435 vaddr_po = vaddr & ~TARGET_PAGE_MASK; 3436 vaddr_ps = vaddr & TARGET_PAGE_MASK; 3437 3438 vaddr_ef = vaddr + eppnt->p_filesz; 3439 vaddr_em = vaddr + eppnt->p_memsz; 3440 3441 /* 3442 * Some segments may be completely empty, with a non-zero p_memsz 3443 * but no backing file segment. 3444 */ 3445 if (eppnt->p_filesz != 0) { 3446 error = imgsrc_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 3447 elf_prot, MAP_PRIVATE | MAP_FIXED, 3448 src, eppnt->p_offset - vaddr_po); 3449 if (error == -1) { 3450 goto exit_mmap; 3451 } 3452 } 3453 3454 /* If the load segment requests extra zeros (e.g. bss), map it. */ 3455 if (vaddr_ef < vaddr_em && 3456 !zero_bss(vaddr_ef, vaddr_em, elf_prot, &err)) { 3457 goto exit_errmsg; 3458 } 3459 3460 /* Find the full program boundaries. */ 3461 if (elf_prot & PROT_EXEC) { 3462 if (vaddr < info->start_code) { 3463 info->start_code = vaddr; 3464 } 3465 if (vaddr_ef > info->end_code) { 3466 info->end_code = vaddr_ef; 3467 } 3468 } 3469 if (elf_prot & PROT_WRITE) { 3470 if (vaddr < info->start_data) { 3471 info->start_data = vaddr; 3472 } 3473 if (vaddr_ef > info->end_data) { 3474 info->end_data = vaddr_ef; 3475 } 3476 } 3477 #ifdef TARGET_MIPS 3478 } else if (eppnt->p_type == PT_MIPS_ABIFLAGS) { 3479 Mips_elf_abiflags_v0 abiflags; 3480 3481 if (!imgsrc_read(&abiflags, eppnt->p_offset, sizeof(abiflags), 3482 src, &err)) { 3483 goto exit_errmsg; 3484 } 3485 bswap_mips_abiflags(&abiflags); 3486 info->fp_abi = abiflags.fp_abi; 3487 #endif 3488 } 3489 } 3490 3491 if (info->end_data == 0) { 3492 info->start_data = info->end_code; 3493 info->end_data = info->end_code; 3494 } 3495 3496 if (qemu_log_enabled()) { 3497 load_symbols(ehdr, src, load_bias); 3498 } 3499 3500 debuginfo_report_elf(image_name, src->fd, load_bias); 3501 3502 mmap_unlock(); 3503 3504 close(src->fd); 3505 return; 3506 3507 exit_mmap: 3508 error_setg_errno(&err, errno, "Error mapping file"); 3509 goto exit_errmsg; 3510 exit_errmsg: 3511 error_reportf_err(err, "%s: ", image_name); 3512 exit(-1); 3513 } 3514 load_elf_interp(const char * filename,struct image_info * info,char bprm_buf[BPRM_BUF_SIZE])3515 static void load_elf_interp(const char *filename, struct image_info *info, 3516 char bprm_buf[BPRM_BUF_SIZE]) 3517 { 3518 struct elfhdr ehdr; 3519 ImageSource src; 3520 int fd, retval; 3521 Error *err = NULL; 3522 3523 fd = open(path(filename), O_RDONLY); 3524 if (fd < 0) { 3525 error_setg_file_open(&err, errno, filename); 3526 error_report_err(err); 3527 exit(-1); 3528 } 3529 3530 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 3531 if (retval < 0) { 3532 error_setg_errno(&err, errno, "Error reading file header"); 3533 error_reportf_err(err, "%s: ", filename); 3534 exit(-1); 3535 } 3536 3537 src.fd = fd; 3538 src.cache = bprm_buf; 3539 src.cache_size = retval; 3540 3541 load_elf_image(filename, &src, info, &ehdr, NULL); 3542 } 3543 3544 #ifndef vdso_image_info 3545 #ifdef VDSO_HEADER 3546 #include VDSO_HEADER 3547 #define vdso_image_info(flags) &vdso_image_info 3548 #else 3549 #define vdso_image_info(flags) NULL 3550 #endif /* VDSO_HEADER */ 3551 #endif /* vdso_image_info */ 3552 load_elf_vdso(struct image_info * info,const VdsoImageInfo * vdso)3553 static void load_elf_vdso(struct image_info *info, const VdsoImageInfo *vdso) 3554 { 3555 ImageSource src; 3556 struct elfhdr ehdr; 3557 abi_ulong load_bias, load_addr; 3558 3559 src.fd = -1; 3560 src.cache = vdso->image; 3561 src.cache_size = vdso->image_size; 3562 3563 load_elf_image("<internal-vdso>", &src, info, &ehdr, NULL); 3564 load_addr = info->load_addr; 3565 load_bias = info->load_bias; 3566 3567 /* 3568 * We need to relocate the VDSO image. The one built into the kernel 3569 * is built for a fixed address. The one built for QEMU is not, since 3570 * that requires close control of the guest address space. 3571 * We pre-processed the image to locate all of the addresses that need 3572 * to be updated. 3573 */ 3574 for (unsigned i = 0, n = vdso->reloc_count; i < n; i++) { 3575 abi_ulong *addr = g2h_untagged(load_addr + vdso->relocs[i]); 3576 *addr = tswapal(tswapal(*addr) + load_bias); 3577 } 3578 3579 /* Install signal trampolines, if present. */ 3580 if (vdso->sigreturn_ofs) { 3581 default_sigreturn = load_addr + vdso->sigreturn_ofs; 3582 } 3583 if (vdso->rt_sigreturn_ofs) { 3584 default_rt_sigreturn = load_addr + vdso->rt_sigreturn_ofs; 3585 } 3586 3587 /* Remove write from VDSO segment. */ 3588 target_mprotect(info->start_data, info->end_data - info->start_data, 3589 PROT_READ | PROT_EXEC); 3590 } 3591 symfind(const void * s0,const void * s1)3592 static int symfind(const void *s0, const void *s1) 3593 { 3594 struct elf_sym *sym = (struct elf_sym *)s1; 3595 __typeof(sym->st_value) addr = *(uint64_t *)s0; 3596 int result = 0; 3597 3598 if (addr < sym->st_value) { 3599 result = -1; 3600 } else if (addr >= sym->st_value + sym->st_size) { 3601 result = 1; 3602 } 3603 return result; 3604 } 3605 lookup_symbolxx(struct syminfo * s,uint64_t orig_addr)3606 static const char *lookup_symbolxx(struct syminfo *s, uint64_t orig_addr) 3607 { 3608 #if ELF_CLASS == ELFCLASS32 3609 struct elf_sym *syms = s->disas_symtab.elf32; 3610 #else 3611 struct elf_sym *syms = s->disas_symtab.elf64; 3612 #endif 3613 3614 // binary search 3615 struct elf_sym *sym; 3616 3617 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 3618 if (sym != NULL) { 3619 return s->disas_strtab + sym->st_name; 3620 } 3621 3622 return ""; 3623 } 3624 3625 /* FIXME: This should use elf_ops.h.inc */ symcmp(const void * s0,const void * s1)3626 static int symcmp(const void *s0, const void *s1) 3627 { 3628 struct elf_sym *sym0 = (struct elf_sym *)s0; 3629 struct elf_sym *sym1 = (struct elf_sym *)s1; 3630 return (sym0->st_value < sym1->st_value) 3631 ? -1 3632 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 3633 } 3634 3635 /* Best attempt to load symbols from this ELF object. */ load_symbols(struct elfhdr * hdr,const ImageSource * src,abi_ulong load_bias)3636 static void load_symbols(struct elfhdr *hdr, const ImageSource *src, 3637 abi_ulong load_bias) 3638 { 3639 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 3640 g_autofree struct elf_shdr *shdr = NULL; 3641 char *strings = NULL; 3642 struct elf_sym *syms = NULL; 3643 struct elf_sym *new_syms; 3644 uint64_t segsz; 3645 3646 shnum = hdr->e_shnum; 3647 shdr = imgsrc_read_alloc(hdr->e_shoff, shnum * sizeof(struct elf_shdr), 3648 src, NULL); 3649 if (shdr == NULL) { 3650 return; 3651 } 3652 3653 bswap_shdr(shdr, shnum); 3654 for (i = 0; i < shnum; ++i) { 3655 if (shdr[i].sh_type == SHT_SYMTAB) { 3656 sym_idx = i; 3657 str_idx = shdr[i].sh_link; 3658 goto found; 3659 } 3660 } 3661 3662 /* There will be no symbol table if the file was stripped. */ 3663 return; 3664 3665 found: 3666 /* Now know where the strtab and symtab are. Snarf them. */ 3667 3668 segsz = shdr[str_idx].sh_size; 3669 strings = g_try_malloc(segsz); 3670 if (!strings) { 3671 goto give_up; 3672 } 3673 if (!imgsrc_read(strings, shdr[str_idx].sh_offset, segsz, src, NULL)) { 3674 goto give_up; 3675 } 3676 3677 segsz = shdr[sym_idx].sh_size; 3678 if (segsz / sizeof(struct elf_sym) > INT_MAX) { 3679 /* 3680 * Implausibly large symbol table: give up rather than ploughing 3681 * on with the number of symbols calculation overflowing. 3682 */ 3683 goto give_up; 3684 } 3685 nsyms = segsz / sizeof(struct elf_sym); 3686 syms = g_try_malloc(segsz); 3687 if (!syms) { 3688 goto give_up; 3689 } 3690 if (!imgsrc_read(syms, shdr[sym_idx].sh_offset, segsz, src, NULL)) { 3691 goto give_up; 3692 } 3693 3694 for (i = 0; i < nsyms; ) { 3695 bswap_sym(syms + i); 3696 /* Throw away entries which we do not need. */ 3697 if (syms[i].st_shndx == SHN_UNDEF 3698 || syms[i].st_shndx >= SHN_LORESERVE 3699 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 3700 if (i < --nsyms) { 3701 syms[i] = syms[nsyms]; 3702 } 3703 } else { 3704 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 3705 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 3706 syms[i].st_value &= ~(target_ulong)1; 3707 #endif 3708 syms[i].st_value += load_bias; 3709 i++; 3710 } 3711 } 3712 3713 /* No "useful" symbol. */ 3714 if (nsyms == 0) { 3715 goto give_up; 3716 } 3717 3718 /* 3719 * Attempt to free the storage associated with the local symbols 3720 * that we threw away. Whether or not this has any effect on the 3721 * memory allocation depends on the malloc implementation and how 3722 * many symbols we managed to discard. 3723 */ 3724 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 3725 if (new_syms == NULL) { 3726 goto give_up; 3727 } 3728 syms = new_syms; 3729 3730 qsort(syms, nsyms, sizeof(*syms), symcmp); 3731 3732 { 3733 struct syminfo *s = g_new(struct syminfo, 1); 3734 3735 s->disas_strtab = strings; 3736 s->disas_num_syms = nsyms; 3737 #if ELF_CLASS == ELFCLASS32 3738 s->disas_symtab.elf32 = syms; 3739 #else 3740 s->disas_symtab.elf64 = syms; 3741 #endif 3742 s->lookup_symbol = lookup_symbolxx; 3743 s->next = syminfos; 3744 syminfos = s; 3745 } 3746 return; 3747 3748 give_up: 3749 g_free(strings); 3750 g_free(syms); 3751 } 3752 get_elf_eflags(int fd)3753 uint32_t get_elf_eflags(int fd) 3754 { 3755 struct elfhdr ehdr; 3756 off_t offset; 3757 int ret; 3758 3759 /* Read ELF header */ 3760 offset = lseek(fd, 0, SEEK_SET); 3761 if (offset == (off_t) -1) { 3762 return 0; 3763 } 3764 ret = read(fd, &ehdr, sizeof(ehdr)); 3765 if (ret < sizeof(ehdr)) { 3766 return 0; 3767 } 3768 offset = lseek(fd, offset, SEEK_SET); 3769 if (offset == (off_t) -1) { 3770 return 0; 3771 } 3772 3773 /* Check ELF signature */ 3774 if (!elf_check_ident(&ehdr)) { 3775 return 0; 3776 } 3777 3778 /* check header */ 3779 bswap_ehdr(&ehdr); 3780 if (!elf_check_ehdr(&ehdr)) { 3781 return 0; 3782 } 3783 3784 /* return architecture id */ 3785 return ehdr.e_flags; 3786 } 3787 load_elf_binary(struct linux_binprm * bprm,struct image_info * info)3788 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 3789 { 3790 /* 3791 * We need a copy of the elf header for passing to create_elf_tables. 3792 * We will have overwritten the original when we re-use bprm->buf 3793 * while loading the interpreter. Allocate the storage for this now 3794 * and let elf_load_image do any swapping that may be required. 3795 */ 3796 struct elfhdr ehdr; 3797 struct image_info interp_info, vdso_info; 3798 char *elf_interpreter = NULL; 3799 char *scratch; 3800 3801 memset(&interp_info, 0, sizeof(interp_info)); 3802 #ifdef TARGET_MIPS 3803 interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN; 3804 #endif 3805 3806 load_elf_image(bprm->filename, &bprm->src, info, &ehdr, &elf_interpreter); 3807 3808 /* Do this so that we can load the interpreter, if need be. We will 3809 change some of these later */ 3810 bprm->p = setup_arg_pages(bprm, info); 3811 3812 scratch = g_new0(char, TARGET_PAGE_SIZE); 3813 if (STACK_GROWS_DOWN) { 3814 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3815 bprm->p, info->stack_limit); 3816 info->file_string = bprm->p; 3817 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3818 bprm->p, info->stack_limit); 3819 info->env_strings = bprm->p; 3820 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3821 bprm->p, info->stack_limit); 3822 info->arg_strings = bprm->p; 3823 } else { 3824 info->arg_strings = bprm->p; 3825 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3826 bprm->p, info->stack_limit); 3827 info->env_strings = bprm->p; 3828 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3829 bprm->p, info->stack_limit); 3830 info->file_string = bprm->p; 3831 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3832 bprm->p, info->stack_limit); 3833 } 3834 3835 g_free(scratch); 3836 3837 if (!bprm->p) { 3838 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 3839 exit(-1); 3840 } 3841 3842 if (elf_interpreter) { 3843 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 3844 3845 /* 3846 * While unusual because of ELF_ET_DYN_BASE, if we are unlucky 3847 * with the mappings the interpreter can be loaded above but 3848 * near the main executable, which can leave very little room 3849 * for the heap. 3850 * If the current brk has less than 16MB, use the end of the 3851 * interpreter. 3852 */ 3853 if (interp_info.brk > info->brk && 3854 interp_info.load_bias - info->brk < 16 * MiB) { 3855 info->brk = interp_info.brk; 3856 } 3857 3858 /* If the program interpreter is one of these two, then assume 3859 an iBCS2 image. Otherwise assume a native linux image. */ 3860 3861 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 3862 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 3863 info->personality = PER_SVR4; 3864 3865 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 3866 and some applications "depend" upon this behavior. Since 3867 we do not have the power to recompile these, we emulate 3868 the SVr4 behavior. Sigh. */ 3869 target_mmap(0, TARGET_PAGE_SIZE, PROT_READ | PROT_EXEC, 3870 MAP_FIXED_NOREPLACE | MAP_PRIVATE | MAP_ANONYMOUS, 3871 -1, 0); 3872 } 3873 #ifdef TARGET_MIPS 3874 info->interp_fp_abi = interp_info.fp_abi; 3875 #endif 3876 } 3877 3878 /* 3879 * Load a vdso if available, which will amongst other things contain the 3880 * signal trampolines. Otherwise, allocate a separate page for them. 3881 */ 3882 const VdsoImageInfo *vdso = vdso_image_info(info->elf_flags); 3883 if (vdso) { 3884 load_elf_vdso(&vdso_info, vdso); 3885 info->vdso = vdso_info.load_bias; 3886 } else if (TARGET_ARCH_HAS_SIGTRAMP_PAGE) { 3887 abi_long tramp_page = target_mmap(0, TARGET_PAGE_SIZE, 3888 PROT_READ | PROT_WRITE, 3889 MAP_PRIVATE | MAP_ANON, -1, 0); 3890 if (tramp_page == -1) { 3891 return -errno; 3892 } 3893 3894 setup_sigtramp(tramp_page); 3895 target_mprotect(tramp_page, TARGET_PAGE_SIZE, PROT_READ | PROT_EXEC); 3896 } 3897 3898 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &ehdr, info, 3899 elf_interpreter ? &interp_info : NULL, 3900 vdso ? &vdso_info : NULL); 3901 info->start_stack = bprm->p; 3902 3903 /* If we have an interpreter, set that as the program's entry point. 3904 Copy the load_bias as well, to help PPC64 interpret the entry 3905 point as a function descriptor. Do this after creating elf tables 3906 so that we copy the original program entry point into the AUXV. */ 3907 if (elf_interpreter) { 3908 info->load_bias = interp_info.load_bias; 3909 info->entry = interp_info.entry; 3910 g_free(elf_interpreter); 3911 } 3912 3913 #ifdef USE_ELF_CORE_DUMP 3914 bprm->core_dump = &elf_core_dump; 3915 #endif 3916 3917 return 0; 3918 } 3919 3920 #ifdef USE_ELF_CORE_DUMP 3921 #include "exec/translate-all.h" 3922 3923 /* 3924 * Definitions to generate Intel SVR4-like core files. 3925 * These mostly have the same names as the SVR4 types with "target_elf_" 3926 * tacked on the front to prevent clashes with linux definitions, 3927 * and the typedef forms have been avoided. This is mostly like 3928 * the SVR4 structure, but more Linuxy, with things that Linux does 3929 * not support and which gdb doesn't really use excluded. 3930 * 3931 * Fields we don't dump (their contents is zero) in linux-user qemu 3932 * are marked with XXX. 3933 * 3934 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 3935 * 3936 * Porting ELF coredump for target is (quite) simple process. First you 3937 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 3938 * the target resides): 3939 * 3940 * #define USE_ELF_CORE_DUMP 3941 * 3942 * Next you define type of register set used for dumping. ELF specification 3943 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 3944 * 3945 * typedef <target_regtype> target_elf_greg_t; 3946 * #define ELF_NREG <number of registers> 3947 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 3948 * 3949 * Last step is to implement target specific function that copies registers 3950 * from given cpu into just specified register set. Prototype is: 3951 * 3952 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 3953 * const CPUArchState *env); 3954 * 3955 * Parameters: 3956 * regs - copy register values into here (allocated and zeroed by caller) 3957 * env - copy registers from here 3958 * 3959 * Example for ARM target is provided in this file. 3960 */ 3961 3962 struct target_elf_siginfo { 3963 abi_int si_signo; /* signal number */ 3964 abi_int si_code; /* extra code */ 3965 abi_int si_errno; /* errno */ 3966 }; 3967 3968 struct target_elf_prstatus { 3969 struct target_elf_siginfo pr_info; /* Info associated with signal */ 3970 abi_short pr_cursig; /* Current signal */ 3971 abi_ulong pr_sigpend; /* XXX */ 3972 abi_ulong pr_sighold; /* XXX */ 3973 target_pid_t pr_pid; 3974 target_pid_t pr_ppid; 3975 target_pid_t pr_pgrp; 3976 target_pid_t pr_sid; 3977 struct target_timeval pr_utime; /* XXX User time */ 3978 struct target_timeval pr_stime; /* XXX System time */ 3979 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 3980 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 3981 target_elf_gregset_t pr_reg; /* GP registers */ 3982 abi_int pr_fpvalid; /* XXX */ 3983 }; 3984 3985 #define ELF_PRARGSZ (80) /* Number of chars for args */ 3986 3987 struct target_elf_prpsinfo { 3988 char pr_state; /* numeric process state */ 3989 char pr_sname; /* char for pr_state */ 3990 char pr_zomb; /* zombie */ 3991 char pr_nice; /* nice val */ 3992 abi_ulong pr_flag; /* flags */ 3993 target_uid_t pr_uid; 3994 target_gid_t pr_gid; 3995 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 3996 /* Lots missing */ 3997 char pr_fname[16] QEMU_NONSTRING; /* filename of executable */ 3998 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 3999 }; 4000 4001 #ifdef BSWAP_NEEDED bswap_prstatus(struct target_elf_prstatus * prstatus)4002 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 4003 { 4004 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 4005 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 4006 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 4007 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 4008 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 4009 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 4010 prstatus->pr_pid = tswap32(prstatus->pr_pid); 4011 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 4012 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 4013 prstatus->pr_sid = tswap32(prstatus->pr_sid); 4014 /* cpu times are not filled, so we skip them */ 4015 /* regs should be in correct format already */ 4016 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 4017 } 4018 bswap_psinfo(struct target_elf_prpsinfo * psinfo)4019 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 4020 { 4021 psinfo->pr_flag = tswapal(psinfo->pr_flag); 4022 psinfo->pr_uid = tswap16(psinfo->pr_uid); 4023 psinfo->pr_gid = tswap16(psinfo->pr_gid); 4024 psinfo->pr_pid = tswap32(psinfo->pr_pid); 4025 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 4026 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 4027 psinfo->pr_sid = tswap32(psinfo->pr_sid); 4028 } 4029 bswap_note(struct elf_note * en)4030 static void bswap_note(struct elf_note *en) 4031 { 4032 bswap32s(&en->n_namesz); 4033 bswap32s(&en->n_descsz); 4034 bswap32s(&en->n_type); 4035 } 4036 #else bswap_prstatus(struct target_elf_prstatus * p)4037 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } bswap_psinfo(struct target_elf_prpsinfo * p)4038 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} bswap_note(struct elf_note * en)4039 static inline void bswap_note(struct elf_note *en) { } 4040 #endif /* BSWAP_NEEDED */ 4041 4042 /* 4043 * Calculate file (dump) size of given memory region. 4044 */ vma_dump_size(target_ulong start,target_ulong end,unsigned long flags)4045 static size_t vma_dump_size(target_ulong start, target_ulong end, 4046 unsigned long flags) 4047 { 4048 /* The area must be readable. */ 4049 if (!(flags & PAGE_READ)) { 4050 return 0; 4051 } 4052 4053 /* 4054 * Usually we don't dump executable pages as they contain 4055 * non-writable code that debugger can read directly from 4056 * target library etc. If there is no elf header, we dump it. 4057 */ 4058 if (!(flags & PAGE_WRITE_ORG) && 4059 (flags & PAGE_EXEC) && 4060 memcmp(g2h_untagged(start), ELFMAG, SELFMAG) == 0) { 4061 return 0; 4062 } 4063 4064 return end - start; 4065 } 4066 size_note(const char * name,size_t datasz)4067 static size_t size_note(const char *name, size_t datasz) 4068 { 4069 size_t namesz = strlen(name) + 1; 4070 4071 namesz = ROUND_UP(namesz, 4); 4072 datasz = ROUND_UP(datasz, 4); 4073 4074 return sizeof(struct elf_note) + namesz + datasz; 4075 } 4076 fill_note(void ** pptr,int type,const char * name,size_t datasz)4077 static void *fill_note(void **pptr, int type, const char *name, size_t datasz) 4078 { 4079 void *ptr = *pptr; 4080 struct elf_note *n = ptr; 4081 size_t namesz = strlen(name) + 1; 4082 4083 n->n_namesz = namesz; 4084 n->n_descsz = datasz; 4085 n->n_type = type; 4086 bswap_note(n); 4087 4088 ptr += sizeof(*n); 4089 memcpy(ptr, name, namesz); 4090 4091 namesz = ROUND_UP(namesz, 4); 4092 datasz = ROUND_UP(datasz, 4); 4093 4094 *pptr = ptr + namesz + datasz; 4095 return ptr + namesz; 4096 } 4097 fill_elf_header(struct elfhdr * elf,int segs,uint16_t machine,uint32_t flags)4098 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 4099 uint32_t flags) 4100 { 4101 memcpy(elf->e_ident, ELFMAG, SELFMAG); 4102 4103 elf->e_ident[EI_CLASS] = ELF_CLASS; 4104 elf->e_ident[EI_DATA] = ELF_DATA; 4105 elf->e_ident[EI_VERSION] = EV_CURRENT; 4106 elf->e_ident[EI_OSABI] = ELF_OSABI; 4107 4108 elf->e_type = ET_CORE; 4109 elf->e_machine = machine; 4110 elf->e_version = EV_CURRENT; 4111 elf->e_phoff = sizeof(struct elfhdr); 4112 elf->e_flags = flags; 4113 elf->e_ehsize = sizeof(struct elfhdr); 4114 elf->e_phentsize = sizeof(struct elf_phdr); 4115 elf->e_phnum = segs; 4116 4117 bswap_ehdr(elf); 4118 } 4119 fill_elf_note_phdr(struct elf_phdr * phdr,size_t sz,off_t offset)4120 static void fill_elf_note_phdr(struct elf_phdr *phdr, size_t sz, off_t offset) 4121 { 4122 phdr->p_type = PT_NOTE; 4123 phdr->p_offset = offset; 4124 phdr->p_filesz = sz; 4125 4126 bswap_phdr(phdr, 1); 4127 } 4128 fill_prstatus_note(void * data,CPUState * cpu,int signr)4129 static void fill_prstatus_note(void *data, CPUState *cpu, int signr) 4130 { 4131 /* 4132 * Because note memory is only aligned to 4, and target_elf_prstatus 4133 * may well have higher alignment requirements, fill locally and 4134 * memcpy to the destination afterward. 4135 */ 4136 struct target_elf_prstatus prstatus = { 4137 .pr_info.si_signo = signr, 4138 .pr_cursig = signr, 4139 .pr_pid = get_task_state(cpu)->ts_tid, 4140 .pr_ppid = getppid(), 4141 .pr_pgrp = getpgrp(), 4142 .pr_sid = getsid(0), 4143 }; 4144 4145 elf_core_copy_regs(&prstatus.pr_reg, cpu_env(cpu)); 4146 bswap_prstatus(&prstatus); 4147 memcpy(data, &prstatus, sizeof(prstatus)); 4148 } 4149 fill_prpsinfo_note(void * data,const TaskState * ts)4150 static void fill_prpsinfo_note(void *data, const TaskState *ts) 4151 { 4152 /* 4153 * Because note memory is only aligned to 4, and target_elf_prpsinfo 4154 * may well have higher alignment requirements, fill locally and 4155 * memcpy to the destination afterward. 4156 */ 4157 struct target_elf_prpsinfo psinfo = { 4158 .pr_pid = getpid(), 4159 .pr_ppid = getppid(), 4160 .pr_pgrp = getpgrp(), 4161 .pr_sid = getsid(0), 4162 .pr_uid = getuid(), 4163 .pr_gid = getgid(), 4164 }; 4165 char *base_filename; 4166 size_t len; 4167 4168 len = ts->info->env_strings - ts->info->arg_strings; 4169 len = MIN(len, ELF_PRARGSZ); 4170 memcpy(&psinfo.pr_psargs, g2h_untagged(ts->info->arg_strings), len); 4171 for (size_t i = 0; i < len; i++) { 4172 if (psinfo.pr_psargs[i] == 0) { 4173 psinfo.pr_psargs[i] = ' '; 4174 } 4175 } 4176 4177 base_filename = g_path_get_basename(ts->bprm->filename); 4178 /* 4179 * Using strncpy here is fine: at max-length, 4180 * this field is not NUL-terminated. 4181 */ 4182 strncpy(psinfo.pr_fname, base_filename, sizeof(psinfo.pr_fname)); 4183 g_free(base_filename); 4184 4185 bswap_psinfo(&psinfo); 4186 memcpy(data, &psinfo, sizeof(psinfo)); 4187 } 4188 fill_auxv_note(void * data,const TaskState * ts)4189 static void fill_auxv_note(void *data, const TaskState *ts) 4190 { 4191 memcpy(data, g2h_untagged(ts->info->saved_auxv), ts->info->auxv_len); 4192 } 4193 4194 /* 4195 * Constructs name of coredump file. We have following convention 4196 * for the name: 4197 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 4198 * 4199 * Returns the filename 4200 */ core_dump_filename(const TaskState * ts)4201 static char *core_dump_filename(const TaskState *ts) 4202 { 4203 g_autoptr(GDateTime) now = g_date_time_new_now_local(); 4204 g_autofree char *nowstr = g_date_time_format(now, "%Y%m%d-%H%M%S"); 4205 g_autofree char *base_filename = g_path_get_basename(ts->bprm->filename); 4206 4207 return g_strdup_printf("qemu_%s_%s_%d.core", 4208 base_filename, nowstr, (int)getpid()); 4209 } 4210 dump_write(int fd,const void * ptr,size_t size)4211 static int dump_write(int fd, const void *ptr, size_t size) 4212 { 4213 const char *bufp = (const char *)ptr; 4214 ssize_t bytes_written, bytes_left; 4215 4216 bytes_written = 0; 4217 bytes_left = size; 4218 4219 /* 4220 * In normal conditions, single write(2) should do but 4221 * in case of socket etc. this mechanism is more portable. 4222 */ 4223 do { 4224 bytes_written = write(fd, bufp, bytes_left); 4225 if (bytes_written < 0) { 4226 if (errno == EINTR) 4227 continue; 4228 return (-1); 4229 } else if (bytes_written == 0) { /* eof */ 4230 return (-1); 4231 } 4232 bufp += bytes_written; 4233 bytes_left -= bytes_written; 4234 } while (bytes_left > 0); 4235 4236 return (0); 4237 } 4238 wmr_page_unprotect_regions(void * opaque,target_ulong start,target_ulong end,unsigned long flags)4239 static int wmr_page_unprotect_regions(void *opaque, target_ulong start, 4240 target_ulong end, unsigned long flags) 4241 { 4242 if ((flags & (PAGE_WRITE | PAGE_WRITE_ORG)) == PAGE_WRITE_ORG) { 4243 size_t step = MAX(TARGET_PAGE_SIZE, qemu_real_host_page_size()); 4244 4245 while (1) { 4246 page_unprotect(start, 0); 4247 if (end - start <= step) { 4248 break; 4249 } 4250 start += step; 4251 } 4252 } 4253 return 0; 4254 } 4255 4256 typedef struct { 4257 unsigned count; 4258 size_t size; 4259 } CountAndSizeRegions; 4260 wmr_count_and_size_regions(void * opaque,target_ulong start,target_ulong end,unsigned long flags)4261 static int wmr_count_and_size_regions(void *opaque, target_ulong start, 4262 target_ulong end, unsigned long flags) 4263 { 4264 CountAndSizeRegions *css = opaque; 4265 4266 css->count++; 4267 css->size += vma_dump_size(start, end, flags); 4268 return 0; 4269 } 4270 4271 typedef struct { 4272 struct elf_phdr *phdr; 4273 off_t offset; 4274 } FillRegionPhdr; 4275 wmr_fill_region_phdr(void * opaque,target_ulong start,target_ulong end,unsigned long flags)4276 static int wmr_fill_region_phdr(void *opaque, target_ulong start, 4277 target_ulong end, unsigned long flags) 4278 { 4279 FillRegionPhdr *d = opaque; 4280 struct elf_phdr *phdr = d->phdr; 4281 4282 phdr->p_type = PT_LOAD; 4283 phdr->p_vaddr = start; 4284 phdr->p_paddr = 0; 4285 phdr->p_filesz = vma_dump_size(start, end, flags); 4286 phdr->p_offset = d->offset; 4287 d->offset += phdr->p_filesz; 4288 phdr->p_memsz = end - start; 4289 phdr->p_flags = (flags & PAGE_READ ? PF_R : 0) 4290 | (flags & PAGE_WRITE_ORG ? PF_W : 0) 4291 | (flags & PAGE_EXEC ? PF_X : 0); 4292 phdr->p_align = ELF_EXEC_PAGESIZE; 4293 4294 bswap_phdr(phdr, 1); 4295 d->phdr = phdr + 1; 4296 return 0; 4297 } 4298 wmr_write_region(void * opaque,target_ulong start,target_ulong end,unsigned long flags)4299 static int wmr_write_region(void *opaque, target_ulong start, 4300 target_ulong end, unsigned long flags) 4301 { 4302 int fd = *(int *)opaque; 4303 size_t size = vma_dump_size(start, end, flags); 4304 4305 if (!size) { 4306 return 0; 4307 } 4308 return dump_write(fd, g2h_untagged(start), size); 4309 } 4310 4311 /* 4312 * Write out ELF coredump. 4313 * 4314 * See documentation of ELF object file format in: 4315 * http://www.caldera.com/developers/devspecs/gabi41.pdf 4316 * 4317 * Coredump format in linux is following: 4318 * 4319 * 0 +----------------------+ \ 4320 * | ELF header | ET_CORE | 4321 * +----------------------+ | 4322 * | ELF program headers | |--- headers 4323 * | - NOTE section | | 4324 * | - PT_LOAD sections | | 4325 * +----------------------+ / 4326 * | NOTEs: | 4327 * | - NT_PRSTATUS | 4328 * | - NT_PRSINFO | 4329 * | - NT_AUXV | 4330 * +----------------------+ <-- aligned to target page 4331 * | Process memory dump | 4332 * : : 4333 * . . 4334 * : : 4335 * | | 4336 * +----------------------+ 4337 * 4338 * NT_PRSTATUS -> struct elf_prstatus (per thread) 4339 * NT_PRSINFO -> struct elf_prpsinfo 4340 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 4341 * 4342 * Format follows System V format as close as possible. Current 4343 * version limitations are as follows: 4344 * - no floating point registers are dumped 4345 * 4346 * Function returns 0 in case of success, negative errno otherwise. 4347 * 4348 * TODO: make this work also during runtime: it should be 4349 * possible to force coredump from running process and then 4350 * continue processing. For example qemu could set up SIGUSR2 4351 * handler (provided that target process haven't registered 4352 * handler for that) that does the dump when signal is received. 4353 */ elf_core_dump(int signr,const CPUArchState * env)4354 static int elf_core_dump(int signr, const CPUArchState *env) 4355 { 4356 const CPUState *cpu = env_cpu_const(env); 4357 const TaskState *ts = (const TaskState *)get_task_state((CPUState *)cpu); 4358 struct rlimit dumpsize; 4359 CountAndSizeRegions css; 4360 off_t offset, note_offset, data_offset; 4361 size_t note_size; 4362 int cpus, ret; 4363 int fd = -1; 4364 CPUState *cpu_iter; 4365 4366 if (prctl(PR_GET_DUMPABLE) == 0) { 4367 return 0; 4368 } 4369 4370 if (getrlimit(RLIMIT_CORE, &dumpsize) < 0 || dumpsize.rlim_cur == 0) { 4371 return 0; 4372 } 4373 4374 cpu_list_lock(); 4375 mmap_lock(); 4376 4377 /* By unprotecting, we merge vmas that might be split. */ 4378 walk_memory_regions(NULL, wmr_page_unprotect_regions); 4379 4380 /* 4381 * Walk through target process memory mappings and 4382 * set up structure containing this information. 4383 */ 4384 memset(&css, 0, sizeof(css)); 4385 walk_memory_regions(&css, wmr_count_and_size_regions); 4386 4387 cpus = 0; 4388 CPU_FOREACH(cpu_iter) { 4389 cpus++; 4390 } 4391 4392 offset = sizeof(struct elfhdr); 4393 offset += (css.count + 1) * sizeof(struct elf_phdr); 4394 note_offset = offset; 4395 4396 offset += size_note("CORE", ts->info->auxv_len); 4397 offset += size_note("CORE", sizeof(struct target_elf_prpsinfo)); 4398 offset += size_note("CORE", sizeof(struct target_elf_prstatus)) * cpus; 4399 note_size = offset - note_offset; 4400 data_offset = ROUND_UP(offset, ELF_EXEC_PAGESIZE); 4401 4402 /* Do not dump if the corefile size exceeds the limit. */ 4403 if (dumpsize.rlim_cur != RLIM_INFINITY 4404 && dumpsize.rlim_cur < data_offset + css.size) { 4405 errno = 0; 4406 goto out; 4407 } 4408 4409 { 4410 g_autofree char *corefile = core_dump_filename(ts); 4411 fd = open(corefile, O_WRONLY | O_CREAT | O_TRUNC, 4412 S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); 4413 } 4414 if (fd < 0) { 4415 goto out; 4416 } 4417 4418 /* 4419 * There is a fair amount of alignment padding within the notes 4420 * as well as preceeding the process memory. Allocate a zeroed 4421 * block to hold it all. Write all of the headers directly into 4422 * this buffer and then write it out as a block. 4423 */ 4424 { 4425 g_autofree void *header = g_malloc0(data_offset); 4426 FillRegionPhdr frp; 4427 void *hptr, *dptr; 4428 4429 /* Create elf file header. */ 4430 hptr = header; 4431 fill_elf_header(hptr, css.count + 1, ELF_MACHINE, 0); 4432 hptr += sizeof(struct elfhdr); 4433 4434 /* Create elf program headers. */ 4435 fill_elf_note_phdr(hptr, note_size, note_offset); 4436 hptr += sizeof(struct elf_phdr); 4437 4438 frp.phdr = hptr; 4439 frp.offset = data_offset; 4440 walk_memory_regions(&frp, wmr_fill_region_phdr); 4441 hptr = frp.phdr; 4442 4443 /* Create the notes. */ 4444 dptr = fill_note(&hptr, NT_AUXV, "CORE", ts->info->auxv_len); 4445 fill_auxv_note(dptr, ts); 4446 4447 dptr = fill_note(&hptr, NT_PRPSINFO, "CORE", 4448 sizeof(struct target_elf_prpsinfo)); 4449 fill_prpsinfo_note(dptr, ts); 4450 4451 CPU_FOREACH(cpu_iter) { 4452 dptr = fill_note(&hptr, NT_PRSTATUS, "CORE", 4453 sizeof(struct target_elf_prstatus)); 4454 fill_prstatus_note(dptr, cpu_iter, cpu_iter == cpu ? signr : 0); 4455 } 4456 4457 if (dump_write(fd, header, data_offset) < 0) { 4458 goto out; 4459 } 4460 } 4461 4462 /* 4463 * Finally write process memory into the corefile as well. 4464 */ 4465 if (walk_memory_regions(&fd, wmr_write_region) < 0) { 4466 goto out; 4467 } 4468 errno = 0; 4469 4470 out: 4471 ret = -errno; 4472 mmap_unlock(); 4473 cpu_list_unlock(); 4474 if (fd >= 0) { 4475 close(fd); 4476 } 4477 return ret; 4478 } 4479 #endif /* USE_ELF_CORE_DUMP */ 4480 do_init_thread(struct target_pt_regs * regs,struct image_info * infop)4481 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 4482 { 4483 init_thread(regs, infop); 4484 } 4485