xref: /openbmc/qemu/bsd-user/elfload.c (revision 88f62c2b)
1 /* This is the Linux kernel elf-loading code, ported into user space */
2 
3 #include <stdio.h>
4 #include <sys/types.h>
5 #include <fcntl.h>
6 #include <errno.h>
7 #include <unistd.h>
8 #include <sys/mman.h>
9 #include <stdlib.h>
10 #include <string.h>
11 
12 #include "qemu.h"
13 #include "disas/disas.h"
14 
15 #ifdef _ARCH_PPC64
16 #undef ARCH_DLINFO
17 #undef ELF_PLATFORM
18 #undef ELF_HWCAP
19 #undef ELF_CLASS
20 #undef ELF_DATA
21 #undef ELF_ARCH
22 #endif
23 
24 /* from personality.h */
25 
26 /*
27  * Flags for bug emulation.
28  *
29  * These occupy the top three bytes.
30  */
31 enum {
32         ADDR_NO_RANDOMIZE =     0x0040000,      /* disable randomization of VA space */
33         FDPIC_FUNCPTRS =        0x0080000,      /* userspace function ptrs point to descriptors
34                                                  * (signal handling)
35                                                  */
36         MMAP_PAGE_ZERO =        0x0100000,
37         ADDR_COMPAT_LAYOUT =    0x0200000,
38         READ_IMPLIES_EXEC =     0x0400000,
39         ADDR_LIMIT_32BIT =      0x0800000,
40         SHORT_INODE =           0x1000000,
41         WHOLE_SECONDS =         0x2000000,
42         STICKY_TIMEOUTS =       0x4000000,
43         ADDR_LIMIT_3GB =        0x8000000,
44 };
45 
46 /*
47  * Personality types.
48  *
49  * These go in the low byte.  Avoid using the top bit, it will
50  * conflict with error returns.
51  */
52 enum {
53         PER_LINUX =             0x0000,
54         PER_LINUX_32BIT =       0x0000 | ADDR_LIMIT_32BIT,
55         PER_LINUX_FDPIC =       0x0000 | FDPIC_FUNCPTRS,
56         PER_SVR4 =              0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
57         PER_SVR3 =              0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
58         PER_SCOSVR3 =           0x0003 | STICKY_TIMEOUTS |
59                                          WHOLE_SECONDS | SHORT_INODE,
60         PER_OSR5 =              0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
61         PER_WYSEV386 =          0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
62         PER_ISCR4 =             0x0005 | STICKY_TIMEOUTS,
63         PER_BSD =               0x0006,
64         PER_SUNOS =             0x0006 | STICKY_TIMEOUTS,
65         PER_XENIX =             0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
66         PER_LINUX32 =           0x0008,
67         PER_LINUX32_3GB =       0x0008 | ADDR_LIMIT_3GB,
68         PER_IRIX32 =            0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
69         PER_IRIXN32 =           0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
70         PER_IRIX64 =            0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
71         PER_RISCOS =            0x000c,
72         PER_SOLARIS =           0x000d | STICKY_TIMEOUTS,
73         PER_UW7 =               0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
74         PER_OSF4 =              0x000f,                  /* OSF/1 v4 */
75         PER_HPUX =              0x0010,
76         PER_MASK =              0x00ff,
77 };
78 
79 /*
80  * Return the base personality without flags.
81  */
82 #define personality(pers)       (pers & PER_MASK)
83 
84 /* this flag is uneffective under linux too, should be deleted */
85 #ifndef MAP_DENYWRITE
86 #define MAP_DENYWRITE 0
87 #endif
88 
89 /* should probably go in elf.h */
90 #ifndef ELIBBAD
91 #define ELIBBAD 80
92 #endif
93 
94 #ifdef TARGET_I386
95 
96 #define ELF_PLATFORM get_elf_platform()
97 
98 static const char *get_elf_platform(void)
99 {
100     static char elf_platform[] = "i386";
101     int family = (thread_env->cpuid_version >> 8) & 0xff;
102     if (family > 6)
103         family = 6;
104     if (family >= 3)
105         elf_platform[1] = '0' + family;
106     return elf_platform;
107 }
108 
109 #define ELF_HWCAP get_elf_hwcap()
110 
111 static uint32_t get_elf_hwcap(void)
112 {
113     return thread_env->features[FEAT_1_EDX];
114 }
115 
116 #ifdef TARGET_X86_64
117 #define ELF_START_MMAP 0x2aaaaab000ULL
118 #define elf_check_arch(x) ( ((x) == ELF_ARCH) )
119 
120 #define ELF_CLASS      ELFCLASS64
121 #define ELF_DATA       ELFDATA2LSB
122 #define ELF_ARCH       EM_X86_64
123 
124 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
125 {
126     regs->rax = 0;
127     regs->rsp = infop->start_stack;
128     regs->rip = infop->entry;
129     if (bsd_type == target_freebsd) {
130         regs->rdi = infop->start_stack;
131     }
132 }
133 
134 #else
135 
136 #define ELF_START_MMAP 0x80000000
137 
138 /*
139  * This is used to ensure we don't load something for the wrong architecture.
140  */
141 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) )
142 
143 /*
144  * These are used to set parameters in the core dumps.
145  */
146 #define ELF_CLASS       ELFCLASS32
147 #define ELF_DATA        ELFDATA2LSB
148 #define ELF_ARCH        EM_386
149 
150 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
151 {
152     regs->esp = infop->start_stack;
153     regs->eip = infop->entry;
154 
155     /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
156        starts %edx contains a pointer to a function which might be
157        registered using `atexit'.  This provides a mean for the
158        dynamic linker to call DT_FINI functions for shared libraries
159        that have been loaded before the code runs.
160 
161        A value of 0 tells we have no such handler.  */
162     regs->edx = 0;
163 }
164 #endif
165 
166 #define USE_ELF_CORE_DUMP
167 #define ELF_EXEC_PAGESIZE       4096
168 
169 #endif
170 
171 #ifdef TARGET_ARM
172 
173 #define ELF_START_MMAP 0x80000000
174 
175 #define elf_check_arch(x) ( (x) == EM_ARM )
176 
177 #define ELF_CLASS       ELFCLASS32
178 #ifdef TARGET_WORDS_BIGENDIAN
179 #define ELF_DATA        ELFDATA2MSB
180 #else
181 #define ELF_DATA        ELFDATA2LSB
182 #endif
183 #define ELF_ARCH        EM_ARM
184 
185 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
186 {
187     abi_long stack = infop->start_stack;
188     memset(regs, 0, sizeof(*regs));
189     regs->ARM_cpsr = 0x10;
190     if (infop->entry & 1)
191       regs->ARM_cpsr |= CPSR_T;
192     regs->ARM_pc = infop->entry & 0xfffffffe;
193     regs->ARM_sp = infop->start_stack;
194     /* FIXME - what to for failure of get_user()? */
195     get_user_ual(regs->ARM_r2, stack + 8); /* envp */
196     get_user_ual(regs->ARM_r1, stack + 4); /* envp */
197     /* XXX: it seems that r0 is zeroed after ! */
198     regs->ARM_r0 = 0;
199     /* For uClinux PIC binaries.  */
200     /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
201     regs->ARM_r10 = infop->start_data;
202 }
203 
204 #define USE_ELF_CORE_DUMP
205 #define ELF_EXEC_PAGESIZE       4096
206 
207 enum
208 {
209   ARM_HWCAP_ARM_SWP       = 1 << 0,
210   ARM_HWCAP_ARM_HALF      = 1 << 1,
211   ARM_HWCAP_ARM_THUMB     = 1 << 2,
212   ARM_HWCAP_ARM_26BIT     = 1 << 3,
213   ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
214   ARM_HWCAP_ARM_FPA       = 1 << 5,
215   ARM_HWCAP_ARM_VFP       = 1 << 6,
216   ARM_HWCAP_ARM_EDSP      = 1 << 7,
217 };
218 
219 #define ELF_HWCAP (ARM_HWCAP_ARM_SWP | ARM_HWCAP_ARM_HALF              \
220                     | ARM_HWCAP_ARM_THUMB | ARM_HWCAP_ARM_FAST_MULT     \
221                     | ARM_HWCAP_ARM_FPA | ARM_HWCAP_ARM_VFP)
222 
223 #endif
224 
225 #ifdef TARGET_SPARC
226 #ifdef TARGET_SPARC64
227 
228 #define ELF_START_MMAP 0x80000000
229 
230 #ifndef TARGET_ABI32
231 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS )
232 #else
233 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC )
234 #endif
235 
236 #define ELF_CLASS   ELFCLASS64
237 #define ELF_DATA    ELFDATA2MSB
238 #define ELF_ARCH    EM_SPARCV9
239 
240 #define STACK_BIAS              2047
241 
242 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
243 {
244 #ifndef TARGET_ABI32
245     regs->tstate = 0;
246 #endif
247     regs->pc = infop->entry;
248     regs->npc = regs->pc + 4;
249     regs->y = 0;
250 #ifdef TARGET_ABI32
251     regs->u_regs[14] = infop->start_stack - 16 * 4;
252 #else
253     if (personality(infop->personality) == PER_LINUX32)
254         regs->u_regs[14] = infop->start_stack - 16 * 4;
255     else {
256         regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
257         if (bsd_type == target_freebsd) {
258             regs->u_regs[8] = infop->start_stack;
259             regs->u_regs[11] = infop->start_stack;
260         }
261     }
262 #endif
263 }
264 
265 #else
266 #define ELF_START_MMAP 0x80000000
267 
268 #define elf_check_arch(x) ( (x) == EM_SPARC )
269 
270 #define ELF_CLASS   ELFCLASS32
271 #define ELF_DATA    ELFDATA2MSB
272 #define ELF_ARCH    EM_SPARC
273 
274 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
275 {
276     regs->psr = 0;
277     regs->pc = infop->entry;
278     regs->npc = regs->pc + 4;
279     regs->y = 0;
280     regs->u_regs[14] = infop->start_stack - 16 * 4;
281 }
282 
283 #endif
284 #endif
285 
286 #ifdef TARGET_PPC
287 
288 #define ELF_START_MMAP 0x80000000
289 
290 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
291 
292 #define elf_check_arch(x) ( (x) == EM_PPC64 )
293 
294 #define ELF_CLASS       ELFCLASS64
295 
296 #else
297 
298 #define elf_check_arch(x) ( (x) == EM_PPC )
299 
300 #define ELF_CLASS       ELFCLASS32
301 
302 #endif
303 
304 #ifdef TARGET_WORDS_BIGENDIAN
305 #define ELF_DATA        ELFDATA2MSB
306 #else
307 #define ELF_DATA        ELFDATA2LSB
308 #endif
309 #define ELF_ARCH        EM_PPC
310 
311 /*
312  * We need to put in some extra aux table entries to tell glibc what
313  * the cache block size is, so it can use the dcbz instruction safely.
314  */
315 #define AT_DCACHEBSIZE          19
316 #define AT_ICACHEBSIZE          20
317 #define AT_UCACHEBSIZE          21
318 /* A special ignored type value for PPC, for glibc compatibility.  */
319 #define AT_IGNOREPPC            22
320 /*
321  * The requirements here are:
322  * - keep the final alignment of sp (sp & 0xf)
323  * - make sure the 32-bit value at the first 16 byte aligned position of
324  *   AUXV is greater than 16 for glibc compatibility.
325  *   AT_IGNOREPPC is used for that.
326  * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
327  *   even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
328  */
329 #define DLINFO_ARCH_ITEMS       5
330 #define ARCH_DLINFO                                                     \
331 do {                                                                    \
332         NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20);                              \
333         NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20);                              \
334         NEW_AUX_ENT(AT_UCACHEBSIZE, 0);                                 \
335         /*                                                              \
336          * Now handle glibc compatibility.                              \
337          */                                                             \
338         NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC);                        \
339         NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC);                        \
340  } while (0)
341 
342 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
343 {
344     abi_ulong pos = infop->start_stack;
345     abi_ulong tmp;
346 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
347     abi_ulong entry, toc;
348 #endif
349 
350     _regs->gpr[1] = infop->start_stack;
351 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
352     entry = ldq_raw(infop->entry) + infop->load_addr;
353     toc = ldq_raw(infop->entry + 8) + infop->load_addr;
354     _regs->gpr[2] = toc;
355     infop->entry = entry;
356 #endif
357     _regs->nip = infop->entry;
358     /* Note that isn't exactly what regular kernel does
359      * but this is what the ABI wants and is needed to allow
360      * execution of PPC BSD programs.
361      */
362     /* FIXME - what to for failure of get_user()? */
363     get_user_ual(_regs->gpr[3], pos);
364     pos += sizeof(abi_ulong);
365     _regs->gpr[4] = pos;
366     for (tmp = 1; tmp != 0; pos += sizeof(abi_ulong))
367         tmp = ldl(pos);
368     _regs->gpr[5] = pos;
369 }
370 
371 #define USE_ELF_CORE_DUMP
372 #define ELF_EXEC_PAGESIZE       4096
373 
374 #endif
375 
376 #ifdef TARGET_MIPS
377 
378 #define ELF_START_MMAP 0x80000000
379 
380 #define elf_check_arch(x) ( (x) == EM_MIPS )
381 
382 #ifdef TARGET_MIPS64
383 #define ELF_CLASS   ELFCLASS64
384 #else
385 #define ELF_CLASS   ELFCLASS32
386 #endif
387 #ifdef TARGET_WORDS_BIGENDIAN
388 #define ELF_DATA        ELFDATA2MSB
389 #else
390 #define ELF_DATA        ELFDATA2LSB
391 #endif
392 #define ELF_ARCH    EM_MIPS
393 
394 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
395 {
396     regs->cp0_status = 2 << CP0St_KSU;
397     regs->cp0_epc = infop->entry;
398     regs->regs[29] = infop->start_stack;
399 }
400 
401 #define USE_ELF_CORE_DUMP
402 #define ELF_EXEC_PAGESIZE        4096
403 
404 #endif /* TARGET_MIPS */
405 
406 #ifdef TARGET_SH4
407 
408 #define ELF_START_MMAP 0x80000000
409 
410 #define elf_check_arch(x) ( (x) == EM_SH )
411 
412 #define ELF_CLASS ELFCLASS32
413 #define ELF_DATA  ELFDATA2LSB
414 #define ELF_ARCH  EM_SH
415 
416 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
417 {
418   /* Check other registers XXXXX */
419   regs->pc = infop->entry;
420   regs->regs[15] = infop->start_stack;
421 }
422 
423 #define USE_ELF_CORE_DUMP
424 #define ELF_EXEC_PAGESIZE        4096
425 
426 #endif
427 
428 #ifdef TARGET_CRIS
429 
430 #define ELF_START_MMAP 0x80000000
431 
432 #define elf_check_arch(x) ( (x) == EM_CRIS )
433 
434 #define ELF_CLASS ELFCLASS32
435 #define ELF_DATA  ELFDATA2LSB
436 #define ELF_ARCH  EM_CRIS
437 
438 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
439 {
440   regs->erp = infop->entry;
441 }
442 
443 #define USE_ELF_CORE_DUMP
444 #define ELF_EXEC_PAGESIZE        8192
445 
446 #endif
447 
448 #ifdef TARGET_M68K
449 
450 #define ELF_START_MMAP 0x80000000
451 
452 #define elf_check_arch(x) ( (x) == EM_68K )
453 
454 #define ELF_CLASS       ELFCLASS32
455 #define ELF_DATA        ELFDATA2MSB
456 #define ELF_ARCH        EM_68K
457 
458 /* ??? Does this need to do anything?
459 #define ELF_PLAT_INIT(_r) */
460 
461 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
462 {
463     regs->usp = infop->start_stack;
464     regs->sr = 0;
465     regs->pc = infop->entry;
466 }
467 
468 #define USE_ELF_CORE_DUMP
469 #define ELF_EXEC_PAGESIZE       8192
470 
471 #endif
472 
473 #ifdef TARGET_ALPHA
474 
475 #define ELF_START_MMAP (0x30000000000ULL)
476 
477 #define elf_check_arch(x) ( (x) == ELF_ARCH )
478 
479 #define ELF_CLASS      ELFCLASS64
480 #define ELF_DATA       ELFDATA2MSB
481 #define ELF_ARCH       EM_ALPHA
482 
483 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
484 {
485     regs->pc = infop->entry;
486     regs->ps = 8;
487     regs->usp = infop->start_stack;
488     regs->unique = infop->start_data; /* ? */
489     printf("Set unique value to " TARGET_FMT_lx " (" TARGET_FMT_lx ")\n",
490            regs->unique, infop->start_data);
491 }
492 
493 #define USE_ELF_CORE_DUMP
494 #define ELF_EXEC_PAGESIZE        8192
495 
496 #endif /* TARGET_ALPHA */
497 
498 #ifndef ELF_PLATFORM
499 #define ELF_PLATFORM (NULL)
500 #endif
501 
502 #ifndef ELF_HWCAP
503 #define ELF_HWCAP 0
504 #endif
505 
506 #ifdef TARGET_ABI32
507 #undef ELF_CLASS
508 #define ELF_CLASS ELFCLASS32
509 #undef bswaptls
510 #define bswaptls(ptr) bswap32s(ptr)
511 #endif
512 
513 #include "elf.h"
514 
515 struct exec
516 {
517   unsigned int a_info;   /* Use macros N_MAGIC, etc for access */
518   unsigned int a_text;   /* length of text, in bytes */
519   unsigned int a_data;   /* length of data, in bytes */
520   unsigned int a_bss;    /* length of uninitialized data area, in bytes */
521   unsigned int a_syms;   /* length of symbol table data in file, in bytes */
522   unsigned int a_entry;  /* start address */
523   unsigned int a_trsize; /* length of relocation info for text, in bytes */
524   unsigned int a_drsize; /* length of relocation info for data, in bytes */
525 };
526 
527 
528 #define N_MAGIC(exec) ((exec).a_info & 0xffff)
529 #define OMAGIC 0407
530 #define NMAGIC 0410
531 #define ZMAGIC 0413
532 #define QMAGIC 0314
533 
534 /* max code+data+bss space allocated to elf interpreter */
535 #define INTERP_MAP_SIZE (32 * 1024 * 1024)
536 
537 /* max code+data+bss+brk space allocated to ET_DYN executables */
538 #define ET_DYN_MAP_SIZE (128 * 1024 * 1024)
539 
540 /* Necessary parameters */
541 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE
542 #define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1))
543 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1))
544 
545 #define INTERPRETER_NONE 0
546 #define INTERPRETER_AOUT 1
547 #define INTERPRETER_ELF 2
548 
549 #define DLINFO_ITEMS 12
550 
551 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
552 {
553         memcpy(to, from, n);
554 }
555 
556 static int load_aout_interp(void * exptr, int interp_fd);
557 
558 #ifdef BSWAP_NEEDED
559 static void bswap_ehdr(struct elfhdr *ehdr)
560 {
561     bswap16s(&ehdr->e_type);                    /* Object file type */
562     bswap16s(&ehdr->e_machine);         /* Architecture */
563     bswap32s(&ehdr->e_version);         /* Object file version */
564     bswaptls(&ehdr->e_entry);           /* Entry point virtual address */
565     bswaptls(&ehdr->e_phoff);           /* Program header table file offset */
566     bswaptls(&ehdr->e_shoff);           /* Section header table file offset */
567     bswap32s(&ehdr->e_flags);           /* Processor-specific flags */
568     bswap16s(&ehdr->e_ehsize);          /* ELF header size in bytes */
569     bswap16s(&ehdr->e_phentsize);               /* Program header table entry size */
570     bswap16s(&ehdr->e_phnum);           /* Program header table entry count */
571     bswap16s(&ehdr->e_shentsize);               /* Section header table entry size */
572     bswap16s(&ehdr->e_shnum);           /* Section header table entry count */
573     bswap16s(&ehdr->e_shstrndx);                /* Section header string table index */
574 }
575 
576 static void bswap_phdr(struct elf_phdr *phdr)
577 {
578     bswap32s(&phdr->p_type);                    /* Segment type */
579     bswaptls(&phdr->p_offset);          /* Segment file offset */
580     bswaptls(&phdr->p_vaddr);           /* Segment virtual address */
581     bswaptls(&phdr->p_paddr);           /* Segment physical address */
582     bswaptls(&phdr->p_filesz);          /* Segment size in file */
583     bswaptls(&phdr->p_memsz);           /* Segment size in memory */
584     bswap32s(&phdr->p_flags);           /* Segment flags */
585     bswaptls(&phdr->p_align);           /* Segment alignment */
586 }
587 
588 static void bswap_shdr(struct elf_shdr *shdr)
589 {
590     bswap32s(&shdr->sh_name);
591     bswap32s(&shdr->sh_type);
592     bswaptls(&shdr->sh_flags);
593     bswaptls(&shdr->sh_addr);
594     bswaptls(&shdr->sh_offset);
595     bswaptls(&shdr->sh_size);
596     bswap32s(&shdr->sh_link);
597     bswap32s(&shdr->sh_info);
598     bswaptls(&shdr->sh_addralign);
599     bswaptls(&shdr->sh_entsize);
600 }
601 
602 static void bswap_sym(struct elf_sym *sym)
603 {
604     bswap32s(&sym->st_name);
605     bswaptls(&sym->st_value);
606     bswaptls(&sym->st_size);
607     bswap16s(&sym->st_shndx);
608 }
609 #endif
610 
611 /*
612  * 'copy_elf_strings()' copies argument/envelope strings from user
613  * memory to free pages in kernel mem. These are in a format ready
614  * to be put directly into the top of new user memory.
615  *
616  */
617 static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
618                                   abi_ulong p)
619 {
620     char *tmp, *tmp1, *pag = NULL;
621     int len, offset = 0;
622 
623     if (!p) {
624         return 0;       /* bullet-proofing */
625     }
626     while (argc-- > 0) {
627         tmp = argv[argc];
628         if (!tmp) {
629             fprintf(stderr, "VFS: argc is wrong");
630             exit(-1);
631         }
632         tmp1 = tmp;
633         while (*tmp++);
634         len = tmp - tmp1;
635         if (p < len) {  /* this shouldn't happen - 128kB */
636                 return 0;
637         }
638         while (len) {
639             --p; --tmp; --len;
640             if (--offset < 0) {
641                 offset = p % TARGET_PAGE_SIZE;
642                 pag = (char *)page[p/TARGET_PAGE_SIZE];
643                 if (!pag) {
644                     pag = g_try_malloc0(TARGET_PAGE_SIZE);
645                     page[p/TARGET_PAGE_SIZE] = pag;
646                     if (!pag)
647                         return 0;
648                 }
649             }
650             if (len == 0 || offset == 0) {
651                 *(pag + offset) = *tmp;
652             }
653             else {
654               int bytes_to_copy = (len > offset) ? offset : len;
655               tmp -= bytes_to_copy;
656               p -= bytes_to_copy;
657               offset -= bytes_to_copy;
658               len -= bytes_to_copy;
659               memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
660             }
661         }
662     }
663     return p;
664 }
665 
666 static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
667                                  struct image_info *info)
668 {
669     abi_ulong stack_base, size, error;
670     int i;
671 
672     /* Create enough stack to hold everything.  If we don't use
673      * it for args, we'll use it for something else...
674      */
675     size = x86_stack_size;
676     if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE)
677         size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
678     error = target_mmap(0,
679                         size + qemu_host_page_size,
680                         PROT_READ | PROT_WRITE,
681                         MAP_PRIVATE | MAP_ANON,
682                         -1, 0);
683     if (error == -1) {
684         perror("stk mmap");
685         exit(-1);
686     }
687     /* we reserve one extra page at the top of the stack as guard */
688     target_mprotect(error + size, qemu_host_page_size, PROT_NONE);
689 
690     stack_base = error + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
691     p += stack_base;
692 
693     for (i = 0 ; i < MAX_ARG_PAGES ; i++) {
694         if (bprm->page[i]) {
695             info->rss++;
696             /* FIXME - check return value of memcpy_to_target() for failure */
697             memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE);
698             g_free(bprm->page[i]);
699         }
700         stack_base += TARGET_PAGE_SIZE;
701     }
702     return p;
703 }
704 
705 static void set_brk(abi_ulong start, abi_ulong end)
706 {
707         /* page-align the start and end addresses... */
708         start = HOST_PAGE_ALIGN(start);
709         end = HOST_PAGE_ALIGN(end);
710         if (end <= start)
711                 return;
712         if(target_mmap(start, end - start,
713                        PROT_READ | PROT_WRITE | PROT_EXEC,
714                        MAP_FIXED | MAP_PRIVATE | MAP_ANON, -1, 0) == -1) {
715             perror("cannot mmap brk");
716             exit(-1);
717         }
718 }
719 
720 
721 /* We need to explicitly zero any fractional pages after the data
722    section (i.e. bss).  This would contain the junk from the file that
723    should not be in memory. */
724 static void padzero(abi_ulong elf_bss, abi_ulong last_bss)
725 {
726         abi_ulong nbyte;
727 
728         if (elf_bss >= last_bss)
729                 return;
730 
731         /* XXX: this is really a hack : if the real host page size is
732            smaller than the target page size, some pages after the end
733            of the file may not be mapped. A better fix would be to
734            patch target_mmap(), but it is more complicated as the file
735            size must be known */
736         if (qemu_real_host_page_size < qemu_host_page_size) {
737             abi_ulong end_addr, end_addr1;
738             end_addr1 = (elf_bss + qemu_real_host_page_size - 1) &
739                 ~(qemu_real_host_page_size - 1);
740             end_addr = HOST_PAGE_ALIGN(elf_bss);
741             if (end_addr1 < end_addr) {
742                 mmap((void *)g2h(end_addr1), end_addr - end_addr1,
743                      PROT_READ|PROT_WRITE|PROT_EXEC,
744                      MAP_FIXED|MAP_PRIVATE|MAP_ANON, -1, 0);
745             }
746         }
747 
748         nbyte = elf_bss & (qemu_host_page_size-1);
749         if (nbyte) {
750             nbyte = qemu_host_page_size - nbyte;
751             do {
752                 /* FIXME - what to do if put_user() fails? */
753                 put_user_u8(0, elf_bss);
754                 elf_bss++;
755             } while (--nbyte);
756         }
757 }
758 
759 
760 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
761                                    struct elfhdr * exec,
762                                    abi_ulong load_addr,
763                                    abi_ulong load_bias,
764                                    abi_ulong interp_load_addr, int ibcs,
765                                    struct image_info *info)
766 {
767         abi_ulong sp;
768         int size;
769         abi_ulong u_platform;
770         const char *k_platform;
771         const int n = sizeof(elf_addr_t);
772 
773         sp = p;
774         u_platform = 0;
775         k_platform = ELF_PLATFORM;
776         if (k_platform) {
777             size_t len = strlen(k_platform) + 1;
778             sp -= (len + n - 1) & ~(n - 1);
779             u_platform = sp;
780             /* FIXME - check return value of memcpy_to_target() for failure */
781             memcpy_to_target(sp, k_platform, len);
782         }
783         /*
784          * Force 16 byte _final_ alignment here for generality.
785          */
786         sp = sp &~ (abi_ulong)15;
787         size = (DLINFO_ITEMS + 1) * 2;
788         if (k_platform)
789           size += 2;
790 #ifdef DLINFO_ARCH_ITEMS
791         size += DLINFO_ARCH_ITEMS * 2;
792 #endif
793         size += envc + argc + 2;
794         size += (!ibcs ? 3 : 1);        /* argc itself */
795         size *= n;
796         if (size & 15)
797             sp -= 16 - (size & 15);
798 
799         /* This is correct because Linux defines
800          * elf_addr_t as Elf32_Off / Elf64_Off
801          */
802 #define NEW_AUX_ENT(id, val) do {               \
803             sp -= n; put_user_ual(val, sp);     \
804             sp -= n; put_user_ual(id, sp);      \
805           } while(0)
806 
807         NEW_AUX_ENT (AT_NULL, 0);
808 
809         /* There must be exactly DLINFO_ITEMS entries here.  */
810         NEW_AUX_ENT(AT_PHDR, (abi_ulong)(load_addr + exec->e_phoff));
811         NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr)));
812         NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum));
813         NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE));
814         NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_load_addr));
815         NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0);
816         NEW_AUX_ENT(AT_ENTRY, load_bias + exec->e_entry);
817         NEW_AUX_ENT(AT_UID, (abi_ulong) getuid());
818         NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid());
819         NEW_AUX_ENT(AT_GID, (abi_ulong) getgid());
820         NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid());
821         NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP);
822         NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK));
823         if (k_platform)
824             NEW_AUX_ENT(AT_PLATFORM, u_platform);
825 #ifdef ARCH_DLINFO
826         /*
827          * ARCH_DLINFO must come last so platform specific code can enforce
828          * special alignment requirements on the AUXV if necessary (eg. PPC).
829          */
830         ARCH_DLINFO;
831 #endif
832 #undef NEW_AUX_ENT
833 
834         sp = loader_build_argptr(envc, argc, sp, p, !ibcs);
835         return sp;
836 }
837 
838 
839 static abi_ulong load_elf_interp(struct elfhdr * interp_elf_ex,
840                                  int interpreter_fd,
841                                  abi_ulong *interp_load_addr)
842 {
843         struct elf_phdr *elf_phdata  =  NULL;
844         struct elf_phdr *eppnt;
845         abi_ulong load_addr = 0;
846         int load_addr_set = 0;
847         int retval;
848         abi_ulong last_bss, elf_bss;
849         abi_ulong error;
850         int i;
851 
852         elf_bss = 0;
853         last_bss = 0;
854         error = 0;
855 
856 #ifdef BSWAP_NEEDED
857         bswap_ehdr(interp_elf_ex);
858 #endif
859         /* First of all, some simple consistency checks */
860         if ((interp_elf_ex->e_type != ET_EXEC &&
861              interp_elf_ex->e_type != ET_DYN) ||
862            !elf_check_arch(interp_elf_ex->e_machine)) {
863                 return ~((abi_ulong)0UL);
864         }
865 
866 
867         /* Now read in all of the header information */
868 
869         if (sizeof(struct elf_phdr) * interp_elf_ex->e_phnum > TARGET_PAGE_SIZE)
870             return ~(abi_ulong)0UL;
871 
872         elf_phdata =  (struct elf_phdr *)
873                 malloc(sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
874 
875         if (!elf_phdata)
876           return ~((abi_ulong)0UL);
877 
878         /*
879          * If the size of this structure has changed, then punt, since
880          * we will be doing the wrong thing.
881          */
882         if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr)) {
883             free(elf_phdata);
884             return ~((abi_ulong)0UL);
885         }
886 
887         retval = lseek(interpreter_fd, interp_elf_ex->e_phoff, SEEK_SET);
888         if(retval >= 0) {
889             retval = read(interpreter_fd,
890                            (char *) elf_phdata,
891                            sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
892         }
893         if (retval < 0) {
894                 perror("load_elf_interp");
895                 exit(-1);
896                 free (elf_phdata);
897                 return retval;
898         }
899 #ifdef BSWAP_NEEDED
900         eppnt = elf_phdata;
901         for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) {
902             bswap_phdr(eppnt);
903         }
904 #endif
905 
906         if (interp_elf_ex->e_type == ET_DYN) {
907             /* in order to avoid hardcoding the interpreter load
908                address in qemu, we allocate a big enough memory zone */
909             error = target_mmap(0, INTERP_MAP_SIZE,
910                                 PROT_NONE, MAP_PRIVATE | MAP_ANON,
911                                 -1, 0);
912             if (error == -1) {
913                 perror("mmap");
914                 exit(-1);
915             }
916             load_addr = error;
917             load_addr_set = 1;
918         }
919 
920         eppnt = elf_phdata;
921         for(i=0; i<interp_elf_ex->e_phnum; i++, eppnt++)
922           if (eppnt->p_type == PT_LOAD) {
923             int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
924             int elf_prot = 0;
925             abi_ulong vaddr = 0;
926             abi_ulong k;
927 
928             if (eppnt->p_flags & PF_R) elf_prot =  PROT_READ;
929             if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
930             if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
931             if (interp_elf_ex->e_type == ET_EXEC || load_addr_set) {
932                 elf_type |= MAP_FIXED;
933                 vaddr = eppnt->p_vaddr;
934             }
935             error = target_mmap(load_addr+TARGET_ELF_PAGESTART(vaddr),
936                  eppnt->p_filesz + TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr),
937                  elf_prot,
938                  elf_type,
939                  interpreter_fd,
940                  eppnt->p_offset - TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr));
941 
942             if (error == -1) {
943               /* Real error */
944               close(interpreter_fd);
945               free(elf_phdata);
946               return ~((abi_ulong)0UL);
947             }
948 
949             if (!load_addr_set && interp_elf_ex->e_type == ET_DYN) {
950               load_addr = error;
951               load_addr_set = 1;
952             }
953 
954             /*
955              * Find the end of the file  mapping for this phdr, and keep
956              * track of the largest address we see for this.
957              */
958             k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
959             if (k > elf_bss) elf_bss = k;
960 
961             /*
962              * Do the same thing for the memory mapping - between
963              * elf_bss and last_bss is the bss section.
964              */
965             k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
966             if (k > last_bss) last_bss = k;
967           }
968 
969         /* Now use mmap to map the library into memory. */
970 
971         close(interpreter_fd);
972 
973         /*
974          * Now fill out the bss section.  First pad the last page up
975          * to the page boundary, and then perform a mmap to make sure
976          * that there are zeromapped pages up to and including the last
977          * bss page.
978          */
979         padzero(elf_bss, last_bss);
980         elf_bss = TARGET_ELF_PAGESTART(elf_bss + qemu_host_page_size - 1); /* What we have mapped so far */
981 
982         /* Map the last of the bss segment */
983         if (last_bss > elf_bss) {
984             target_mmap(elf_bss, last_bss-elf_bss,
985                         PROT_READ|PROT_WRITE|PROT_EXEC,
986                         MAP_FIXED|MAP_PRIVATE|MAP_ANON, -1, 0);
987         }
988         free(elf_phdata);
989 
990         *interp_load_addr = load_addr;
991         return ((abi_ulong) interp_elf_ex->e_entry) + load_addr;
992 }
993 
994 static int symfind(const void *s0, const void *s1)
995 {
996     target_ulong addr = *(target_ulong *)s0;
997     struct elf_sym *sym = (struct elf_sym *)s1;
998     int result = 0;
999     if (addr < sym->st_value) {
1000         result = -1;
1001     } else if (addr >= sym->st_value + sym->st_size) {
1002         result = 1;
1003     }
1004     return result;
1005 }
1006 
1007 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1008 {
1009 #if ELF_CLASS == ELFCLASS32
1010     struct elf_sym *syms = s->disas_symtab.elf32;
1011 #else
1012     struct elf_sym *syms = s->disas_symtab.elf64;
1013 #endif
1014 
1015     // binary search
1016     struct elf_sym *sym;
1017 
1018     sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind);
1019     if (sym != NULL) {
1020         return s->disas_strtab + sym->st_name;
1021     }
1022 
1023     return "";
1024 }
1025 
1026 /* FIXME: This should use elf_ops.h  */
1027 static int symcmp(const void *s0, const void *s1)
1028 {
1029     struct elf_sym *sym0 = (struct elf_sym *)s0;
1030     struct elf_sym *sym1 = (struct elf_sym *)s1;
1031     return (sym0->st_value < sym1->st_value)
1032         ? -1
1033         : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1034 }
1035 
1036 /* Best attempt to load symbols from this ELF object. */
1037 static void load_symbols(struct elfhdr *hdr, int fd)
1038 {
1039     unsigned int i, nsyms;
1040     struct elf_shdr sechdr, symtab, strtab;
1041     char *strings;
1042     struct syminfo *s;
1043     struct elf_sym *syms, *new_syms;
1044 
1045     lseek(fd, hdr->e_shoff, SEEK_SET);
1046     for (i = 0; i < hdr->e_shnum; i++) {
1047         if (read(fd, &sechdr, sizeof(sechdr)) != sizeof(sechdr))
1048             return;
1049 #ifdef BSWAP_NEEDED
1050         bswap_shdr(&sechdr);
1051 #endif
1052         if (sechdr.sh_type == SHT_SYMTAB) {
1053             symtab = sechdr;
1054             lseek(fd, hdr->e_shoff
1055                   + sizeof(sechdr) * sechdr.sh_link, SEEK_SET);
1056             if (read(fd, &strtab, sizeof(strtab))
1057                 != sizeof(strtab))
1058                 return;
1059 #ifdef BSWAP_NEEDED
1060             bswap_shdr(&strtab);
1061 #endif
1062             goto found;
1063         }
1064     }
1065     return; /* Shouldn't happen... */
1066 
1067  found:
1068     /* Now know where the strtab and symtab are.  Snarf them. */
1069     s = malloc(sizeof(*s));
1070     syms = malloc(symtab.sh_size);
1071     if (!syms) {
1072         free(s);
1073         return;
1074     }
1075     s->disas_strtab = strings = malloc(strtab.sh_size);
1076     if (!s->disas_strtab) {
1077         free(s);
1078         free(syms);
1079         return;
1080     }
1081 
1082     lseek(fd, symtab.sh_offset, SEEK_SET);
1083     if (read(fd, syms, symtab.sh_size) != symtab.sh_size) {
1084         free(s);
1085         free(syms);
1086         free(strings);
1087         return;
1088     }
1089 
1090     nsyms = symtab.sh_size / sizeof(struct elf_sym);
1091 
1092     i = 0;
1093     while (i < nsyms) {
1094 #ifdef BSWAP_NEEDED
1095         bswap_sym(syms + i);
1096 #endif
1097         // Throw away entries which we do not need.
1098         if (syms[i].st_shndx == SHN_UNDEF ||
1099                 syms[i].st_shndx >= SHN_LORESERVE ||
1100                 ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) {
1101             nsyms--;
1102             if (i < nsyms) {
1103                 syms[i] = syms[nsyms];
1104             }
1105             continue;
1106         }
1107 #if defined(TARGET_ARM) || defined (TARGET_MIPS)
1108         /* The bottom address bit marks a Thumb or MIPS16 symbol.  */
1109         syms[i].st_value &= ~(target_ulong)1;
1110 #endif
1111         i++;
1112     }
1113 
1114      /* Attempt to free the storage associated with the local symbols
1115         that we threw away.  Whether or not this has any effect on the
1116         memory allocation depends on the malloc implementation and how
1117         many symbols we managed to discard. */
1118     new_syms = realloc(syms, nsyms * sizeof(*syms));
1119     if (new_syms == NULL) {
1120         free(s);
1121         free(syms);
1122         free(strings);
1123         return;
1124     }
1125     syms = new_syms;
1126 
1127     qsort(syms, nsyms, sizeof(*syms), symcmp);
1128 
1129     lseek(fd, strtab.sh_offset, SEEK_SET);
1130     if (read(fd, strings, strtab.sh_size) != strtab.sh_size) {
1131         free(s);
1132         free(syms);
1133         free(strings);
1134         return;
1135     }
1136     s->disas_num_syms = nsyms;
1137 #if ELF_CLASS == ELFCLASS32
1138     s->disas_symtab.elf32 = syms;
1139     s->lookup_symbol = (lookup_symbol_t)lookup_symbolxx;
1140 #else
1141     s->disas_symtab.elf64 = syms;
1142     s->lookup_symbol = (lookup_symbol_t)lookup_symbolxx;
1143 #endif
1144     s->next = syminfos;
1145     syminfos = s;
1146 }
1147 
1148 int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
1149                     struct image_info * info)
1150 {
1151     struct elfhdr elf_ex;
1152     struct elfhdr interp_elf_ex;
1153     struct exec interp_ex;
1154     int interpreter_fd = -1; /* avoid warning */
1155     abi_ulong load_addr, load_bias;
1156     int load_addr_set = 0;
1157     unsigned int interpreter_type = INTERPRETER_NONE;
1158     unsigned char ibcs2_interpreter;
1159     int i;
1160     abi_ulong mapped_addr;
1161     struct elf_phdr * elf_ppnt;
1162     struct elf_phdr *elf_phdata;
1163     abi_ulong elf_bss, k, elf_brk;
1164     int retval;
1165     char * elf_interpreter;
1166     abi_ulong elf_entry, interp_load_addr = 0;
1167     int status;
1168     abi_ulong start_code, end_code, start_data, end_data;
1169     abi_ulong reloc_func_desc = 0;
1170     abi_ulong elf_stack;
1171     char passed_fileno[6];
1172 
1173     ibcs2_interpreter = 0;
1174     status = 0;
1175     load_addr = 0;
1176     load_bias = 0;
1177     elf_ex = *((struct elfhdr *) bprm->buf);          /* exec-header */
1178 #ifdef BSWAP_NEEDED
1179     bswap_ehdr(&elf_ex);
1180 #endif
1181 
1182     /* First of all, some simple consistency checks */
1183     if ((elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN) ||
1184                                 (! elf_check_arch(elf_ex.e_machine))) {
1185             return -ENOEXEC;
1186     }
1187 
1188     bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
1189     bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
1190     bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
1191     if (!bprm->p) {
1192         retval = -E2BIG;
1193     }
1194 
1195     /* Now read in all of the header information */
1196     elf_phdata = (struct elf_phdr *)malloc(elf_ex.e_phentsize*elf_ex.e_phnum);
1197     if (elf_phdata == NULL) {
1198         return -ENOMEM;
1199     }
1200 
1201     retval = lseek(bprm->fd, elf_ex.e_phoff, SEEK_SET);
1202     if(retval > 0) {
1203         retval = read(bprm->fd, (char *) elf_phdata,
1204                                 elf_ex.e_phentsize * elf_ex.e_phnum);
1205     }
1206 
1207     if (retval < 0) {
1208         perror("load_elf_binary");
1209         exit(-1);
1210         free (elf_phdata);
1211         return -errno;
1212     }
1213 
1214 #ifdef BSWAP_NEEDED
1215     elf_ppnt = elf_phdata;
1216     for (i=0; i<elf_ex.e_phnum; i++, elf_ppnt++) {
1217         bswap_phdr(elf_ppnt);
1218     }
1219 #endif
1220     elf_ppnt = elf_phdata;
1221 
1222     elf_bss = 0;
1223     elf_brk = 0;
1224 
1225 
1226     elf_stack = ~((abi_ulong)0UL);
1227     elf_interpreter = NULL;
1228     start_code = ~((abi_ulong)0UL);
1229     end_code = 0;
1230     start_data = 0;
1231     end_data = 0;
1232     interp_ex.a_info = 0;
1233 
1234     for(i=0;i < elf_ex.e_phnum; i++) {
1235         if (elf_ppnt->p_type == PT_INTERP) {
1236             if ( elf_interpreter != NULL )
1237             {
1238                 free (elf_phdata);
1239                 free(elf_interpreter);
1240                 close(bprm->fd);
1241                 return -EINVAL;
1242             }
1243 
1244             /* This is the program interpreter used for
1245              * shared libraries - for now assume that this
1246              * is an a.out format binary
1247              */
1248 
1249             elf_interpreter = (char *)malloc(elf_ppnt->p_filesz);
1250 
1251             if (elf_interpreter == NULL) {
1252                 free (elf_phdata);
1253                 close(bprm->fd);
1254                 return -ENOMEM;
1255             }
1256 
1257             retval = lseek(bprm->fd, elf_ppnt->p_offset, SEEK_SET);
1258             if(retval >= 0) {
1259                 retval = read(bprm->fd, elf_interpreter, elf_ppnt->p_filesz);
1260             }
1261             if(retval < 0) {
1262                 perror("load_elf_binary2");
1263                 exit(-1);
1264             }
1265 
1266             /* If the program interpreter is one of these two,
1267                then assume an iBCS2 image. Otherwise assume
1268                a native linux image. */
1269 
1270             /* JRP - Need to add X86 lib dir stuff here... */
1271 
1272             if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 ||
1273                 strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0) {
1274               ibcs2_interpreter = 1;
1275             }
1276 
1277 #if 0
1278             printf("Using ELF interpreter %s\n", path(elf_interpreter));
1279 #endif
1280             if (retval >= 0) {
1281                 retval = open(path(elf_interpreter), O_RDONLY);
1282                 if(retval >= 0) {
1283                     interpreter_fd = retval;
1284                 }
1285                 else {
1286                     perror(elf_interpreter);
1287                     exit(-1);
1288                     /* retval = -errno; */
1289                 }
1290             }
1291 
1292             if (retval >= 0) {
1293                 retval = lseek(interpreter_fd, 0, SEEK_SET);
1294                 if(retval >= 0) {
1295                     retval = read(interpreter_fd,bprm->buf,128);
1296                 }
1297             }
1298             if (retval >= 0) {
1299                 interp_ex = *((struct exec *) bprm->buf); /* aout exec-header */
1300                 interp_elf_ex = *((struct elfhdr *) bprm->buf); /* elf exec-header */
1301             }
1302             if (retval < 0) {
1303                 perror("load_elf_binary3");
1304                 exit(-1);
1305                 free (elf_phdata);
1306                 free(elf_interpreter);
1307                 close(bprm->fd);
1308                 return retval;
1309             }
1310         }
1311         elf_ppnt++;
1312     }
1313 
1314     /* Some simple consistency checks for the interpreter */
1315     if (elf_interpreter){
1316         interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT;
1317 
1318         /* Now figure out which format our binary is */
1319         if ((N_MAGIC(interp_ex) != OMAGIC) && (N_MAGIC(interp_ex) != ZMAGIC) &&
1320                 (N_MAGIC(interp_ex) != QMAGIC)) {
1321           interpreter_type = INTERPRETER_ELF;
1322         }
1323 
1324         if (interp_elf_ex.e_ident[0] != 0x7f ||
1325                 strncmp((char *)&interp_elf_ex.e_ident[1], "ELF",3) != 0) {
1326             interpreter_type &= ~INTERPRETER_ELF;
1327         }
1328 
1329         if (!interpreter_type) {
1330             free(elf_interpreter);
1331             free(elf_phdata);
1332             close(bprm->fd);
1333             return -ELIBBAD;
1334         }
1335     }
1336 
1337     /* OK, we are done with that, now set up the arg stuff,
1338        and then start this sucker up */
1339 
1340     {
1341         char * passed_p;
1342 
1343         if (interpreter_type == INTERPRETER_AOUT) {
1344             snprintf(passed_fileno, sizeof(passed_fileno), "%d", bprm->fd);
1345             passed_p = passed_fileno;
1346 
1347             if (elf_interpreter) {
1348                 bprm->p = copy_elf_strings(1,&passed_p,bprm->page,bprm->p);
1349                 bprm->argc++;
1350             }
1351         }
1352         if (!bprm->p) {
1353             if (elf_interpreter) {
1354                 free(elf_interpreter);
1355             }
1356             free (elf_phdata);
1357             close(bprm->fd);
1358             return -E2BIG;
1359         }
1360     }
1361 
1362     /* OK, This is the point of no return */
1363     info->end_data = 0;
1364     info->end_code = 0;
1365     info->start_mmap = (abi_ulong)ELF_START_MMAP;
1366     info->mmap = 0;
1367     elf_entry = (abi_ulong) elf_ex.e_entry;
1368 
1369 #if defined(CONFIG_USE_GUEST_BASE)
1370     /*
1371      * In case where user has not explicitly set the guest_base, we
1372      * probe here that should we set it automatically.
1373      */
1374     if (!have_guest_base) {
1375         /*
1376          * Go through ELF program header table and find out whether
1377 	 * any of the segments drop below our current mmap_min_addr and
1378          * in that case set guest_base to corresponding address.
1379          */
1380         for (i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum;
1381             i++, elf_ppnt++) {
1382             if (elf_ppnt->p_type != PT_LOAD)
1383                 continue;
1384             if (HOST_PAGE_ALIGN(elf_ppnt->p_vaddr) < mmap_min_addr) {
1385                 guest_base = HOST_PAGE_ALIGN(mmap_min_addr);
1386                 break;
1387             }
1388         }
1389     }
1390 #endif /* CONFIG_USE_GUEST_BASE */
1391 
1392     /* Do this so that we can load the interpreter, if need be.  We will
1393        change some of these later */
1394     info->rss = 0;
1395     bprm->p = setup_arg_pages(bprm->p, bprm, info);
1396     info->start_stack = bprm->p;
1397 
1398     /* Now we do a little grungy work by mmaping the ELF image into
1399      * the correct location in memory.  At this point, we assume that
1400      * the image should be loaded at fixed address, not at a variable
1401      * address.
1402      */
1403 
1404     for(i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum; i++, elf_ppnt++) {
1405         int elf_prot = 0;
1406         int elf_flags = 0;
1407         abi_ulong error;
1408 
1409         if (elf_ppnt->p_type != PT_LOAD)
1410             continue;
1411 
1412         if (elf_ppnt->p_flags & PF_R) elf_prot |= PROT_READ;
1413         if (elf_ppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1414         if (elf_ppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1415         elf_flags = MAP_PRIVATE | MAP_DENYWRITE;
1416         if (elf_ex.e_type == ET_EXEC || load_addr_set) {
1417             elf_flags |= MAP_FIXED;
1418         } else if (elf_ex.e_type == ET_DYN) {
1419             /* Try and get dynamic programs out of the way of the default mmap
1420                base, as well as whatever program they might try to exec.  This
1421                is because the brk will follow the loader, and is not movable.  */
1422             /* NOTE: for qemu, we do a big mmap to get enough space
1423                without hardcoding any address */
1424             error = target_mmap(0, ET_DYN_MAP_SIZE,
1425                                 PROT_NONE, MAP_PRIVATE | MAP_ANON,
1426                                 -1, 0);
1427             if (error == -1) {
1428                 perror("mmap");
1429                 exit(-1);
1430             }
1431             load_bias = TARGET_ELF_PAGESTART(error - elf_ppnt->p_vaddr);
1432         }
1433 
1434         error = target_mmap(TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr),
1435                             (elf_ppnt->p_filesz +
1436                              TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)),
1437                             elf_prot,
1438                             (MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE),
1439                             bprm->fd,
1440                             (elf_ppnt->p_offset -
1441                              TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)));
1442         if (error == -1) {
1443             perror("mmap");
1444             exit(-1);
1445         }
1446 
1447 #ifdef LOW_ELF_STACK
1448         if (TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr) < elf_stack)
1449             elf_stack = TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr);
1450 #endif
1451 
1452         if (!load_addr_set) {
1453             load_addr_set = 1;
1454             load_addr = elf_ppnt->p_vaddr - elf_ppnt->p_offset;
1455             if (elf_ex.e_type == ET_DYN) {
1456                 load_bias += error -
1457                     TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr);
1458                 load_addr += load_bias;
1459                 reloc_func_desc = load_bias;
1460             }
1461         }
1462         k = elf_ppnt->p_vaddr;
1463         if (k < start_code)
1464             start_code = k;
1465         if (start_data < k)
1466             start_data = k;
1467         k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
1468         if (k > elf_bss)
1469             elf_bss = k;
1470         if ((elf_ppnt->p_flags & PF_X) && end_code <  k)
1471             end_code = k;
1472         if (end_data < k)
1473             end_data = k;
1474         k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1475         if (k > elf_brk) elf_brk = k;
1476     }
1477 
1478     elf_entry += load_bias;
1479     elf_bss += load_bias;
1480     elf_brk += load_bias;
1481     start_code += load_bias;
1482     end_code += load_bias;
1483     start_data += load_bias;
1484     end_data += load_bias;
1485 
1486     if (elf_interpreter) {
1487         if (interpreter_type & 1) {
1488             elf_entry = load_aout_interp(&interp_ex, interpreter_fd);
1489         }
1490         else if (interpreter_type & 2) {
1491             elf_entry = load_elf_interp(&interp_elf_ex, interpreter_fd,
1492                                             &interp_load_addr);
1493         }
1494         reloc_func_desc = interp_load_addr;
1495 
1496         close(interpreter_fd);
1497         free(elf_interpreter);
1498 
1499         if (elf_entry == ~((abi_ulong)0UL)) {
1500             printf("Unable to load interpreter\n");
1501             free(elf_phdata);
1502             exit(-1);
1503             return 0;
1504         }
1505     }
1506 
1507     free(elf_phdata);
1508 
1509     if (qemu_log_enabled())
1510         load_symbols(&elf_ex, bprm->fd);
1511 
1512     if (interpreter_type != INTERPRETER_AOUT) close(bprm->fd);
1513     info->personality = (ibcs2_interpreter ? PER_SVR4 : PER_LINUX);
1514 
1515 #ifdef LOW_ELF_STACK
1516     info->start_stack = bprm->p = elf_stack - 4;
1517 #endif
1518     bprm->p = create_elf_tables(bprm->p,
1519                     bprm->argc,
1520                     bprm->envc,
1521                     &elf_ex,
1522                     load_addr, load_bias,
1523                     interp_load_addr,
1524                     (interpreter_type == INTERPRETER_AOUT ? 0 : 1),
1525                     info);
1526     info->load_addr = reloc_func_desc;
1527     info->start_brk = info->brk = elf_brk;
1528     info->end_code = end_code;
1529     info->start_code = start_code;
1530     info->start_data = start_data;
1531     info->end_data = end_data;
1532     info->start_stack = bprm->p;
1533 
1534     /* Calling set_brk effectively mmaps the pages that we need for the bss and break
1535        sections */
1536     set_brk(elf_bss, elf_brk);
1537 
1538     padzero(elf_bss, elf_brk);
1539 
1540 #if 0
1541     printf("(start_brk) %x\n" , info->start_brk);
1542     printf("(end_code) %x\n" , info->end_code);
1543     printf("(start_code) %x\n" , info->start_code);
1544     printf("(end_data) %x\n" , info->end_data);
1545     printf("(start_stack) %x\n" , info->start_stack);
1546     printf("(brk) %x\n" , info->brk);
1547 #endif
1548 
1549     if ( info->personality == PER_SVR4 )
1550     {
1551             /* Why this, you ask???  Well SVr4 maps page 0 as read-only,
1552                and some applications "depend" upon this behavior.
1553                Since we do not have the power to recompile these, we
1554                emulate the SVr4 behavior.  Sigh.  */
1555             mapped_addr = target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC,
1556                                       MAP_FIXED | MAP_PRIVATE, -1, 0);
1557     }
1558 
1559     info->entry = elf_entry;
1560 
1561     return 0;
1562 }
1563 
1564 static int load_aout_interp(void * exptr, int interp_fd)
1565 {
1566     printf("a.out interpreter not yet supported\n");
1567     return(0);
1568 }
1569 
1570 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
1571 {
1572     init_thread(regs, infop);
1573 }
1574