1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include <sys/time.h> 3 #include <sys/param.h> 4 5 #include <stdio.h> 6 #include <sys/types.h> 7 #include <fcntl.h> 8 #include <errno.h> 9 #include <unistd.h> 10 #include <sys/mman.h> 11 #include <sys/resource.h> 12 #include <stdlib.h> 13 #include <string.h> 14 #include <time.h> 15 16 #include "qemu.h" 17 #include "disas/disas.h" 18 19 #ifdef _ARCH_PPC64 20 #undef ARCH_DLINFO 21 #undef ELF_PLATFORM 22 #undef ELF_HWCAP 23 #undef ELF_HWCAP2 24 #undef ELF_CLASS 25 #undef ELF_DATA 26 #undef ELF_ARCH 27 #endif 28 29 #define ELF_OSABI ELFOSABI_SYSV 30 31 /* from personality.h */ 32 33 /* 34 * Flags for bug emulation. 35 * 36 * These occupy the top three bytes. 37 */ 38 enum { 39 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 40 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 41 descriptors (signal handling) */ 42 MMAP_PAGE_ZERO = 0x0100000, 43 ADDR_COMPAT_LAYOUT = 0x0200000, 44 READ_IMPLIES_EXEC = 0x0400000, 45 ADDR_LIMIT_32BIT = 0x0800000, 46 SHORT_INODE = 0x1000000, 47 WHOLE_SECONDS = 0x2000000, 48 STICKY_TIMEOUTS = 0x4000000, 49 ADDR_LIMIT_3GB = 0x8000000, 50 }; 51 52 /* 53 * Personality types. 54 * 55 * These go in the low byte. Avoid using the top bit, it will 56 * conflict with error returns. 57 */ 58 enum { 59 PER_LINUX = 0x0000, 60 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 61 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 62 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 63 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 64 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 65 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 66 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 67 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 68 PER_BSD = 0x0006, 69 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 70 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 71 PER_LINUX32 = 0x0008, 72 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 73 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 74 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 75 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 76 PER_RISCOS = 0x000c, 77 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 78 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 79 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 80 PER_HPUX = 0x0010, 81 PER_MASK = 0x00ff, 82 }; 83 84 /* 85 * Return the base personality without flags. 86 */ 87 #define personality(pers) (pers & PER_MASK) 88 89 /* this flag is uneffective under linux too, should be deleted */ 90 #ifndef MAP_DENYWRITE 91 #define MAP_DENYWRITE 0 92 #endif 93 94 /* should probably go in elf.h */ 95 #ifndef ELIBBAD 96 #define ELIBBAD 80 97 #endif 98 99 #ifdef TARGET_WORDS_BIGENDIAN 100 #define ELF_DATA ELFDATA2MSB 101 #else 102 #define ELF_DATA ELFDATA2LSB 103 #endif 104 105 #ifdef TARGET_ABI_MIPSN32 106 typedef abi_ullong target_elf_greg_t; 107 #define tswapreg(ptr) tswap64(ptr) 108 #else 109 typedef abi_ulong target_elf_greg_t; 110 #define tswapreg(ptr) tswapal(ptr) 111 #endif 112 113 #ifdef USE_UID16 114 typedef abi_ushort target_uid_t; 115 typedef abi_ushort target_gid_t; 116 #else 117 typedef abi_uint target_uid_t; 118 typedef abi_uint target_gid_t; 119 #endif 120 typedef abi_int target_pid_t; 121 122 #ifdef TARGET_I386 123 124 #define ELF_PLATFORM get_elf_platform() 125 126 static const char *get_elf_platform(void) 127 { 128 static char elf_platform[] = "i386"; 129 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 130 if (family > 6) 131 family = 6; 132 if (family >= 3) 133 elf_platform[1] = '0' + family; 134 return elf_platform; 135 } 136 137 #define ELF_HWCAP get_elf_hwcap() 138 139 static uint32_t get_elf_hwcap(void) 140 { 141 X86CPU *cpu = X86_CPU(thread_cpu); 142 143 return cpu->env.features[FEAT_1_EDX]; 144 } 145 146 #ifdef TARGET_X86_64 147 #define ELF_START_MMAP 0x2aaaaab000ULL 148 #define elf_check_arch(x) ( ((x) == ELF_ARCH) ) 149 150 #define ELF_CLASS ELFCLASS64 151 #define ELF_ARCH EM_X86_64 152 153 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 154 { 155 regs->rax = 0; 156 regs->rsp = infop->start_stack; 157 regs->rip = infop->entry; 158 } 159 160 #define ELF_NREG 27 161 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 162 163 /* 164 * Note that ELF_NREG should be 29 as there should be place for 165 * TRAPNO and ERR "registers" as well but linux doesn't dump 166 * those. 167 * 168 * See linux kernel: arch/x86/include/asm/elf.h 169 */ 170 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 171 { 172 (*regs)[0] = env->regs[15]; 173 (*regs)[1] = env->regs[14]; 174 (*regs)[2] = env->regs[13]; 175 (*regs)[3] = env->regs[12]; 176 (*regs)[4] = env->regs[R_EBP]; 177 (*regs)[5] = env->regs[R_EBX]; 178 (*regs)[6] = env->regs[11]; 179 (*regs)[7] = env->regs[10]; 180 (*regs)[8] = env->regs[9]; 181 (*regs)[9] = env->regs[8]; 182 (*regs)[10] = env->regs[R_EAX]; 183 (*regs)[11] = env->regs[R_ECX]; 184 (*regs)[12] = env->regs[R_EDX]; 185 (*regs)[13] = env->regs[R_ESI]; 186 (*regs)[14] = env->regs[R_EDI]; 187 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 188 (*regs)[16] = env->eip; 189 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 190 (*regs)[18] = env->eflags; 191 (*regs)[19] = env->regs[R_ESP]; 192 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 193 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 194 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 195 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 196 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 197 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 198 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 199 } 200 201 #else 202 203 #define ELF_START_MMAP 0x80000000 204 205 /* 206 * This is used to ensure we don't load something for the wrong architecture. 207 */ 208 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 209 210 /* 211 * These are used to set parameters in the core dumps. 212 */ 213 #define ELF_CLASS ELFCLASS32 214 #define ELF_ARCH EM_386 215 216 static inline void init_thread(struct target_pt_regs *regs, 217 struct image_info *infop) 218 { 219 regs->esp = infop->start_stack; 220 regs->eip = infop->entry; 221 222 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 223 starts %edx contains a pointer to a function which might be 224 registered using `atexit'. This provides a mean for the 225 dynamic linker to call DT_FINI functions for shared libraries 226 that have been loaded before the code runs. 227 228 A value of 0 tells we have no such handler. */ 229 regs->edx = 0; 230 } 231 232 #define ELF_NREG 17 233 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 234 235 /* 236 * Note that ELF_NREG should be 19 as there should be place for 237 * TRAPNO and ERR "registers" as well but linux doesn't dump 238 * those. 239 * 240 * See linux kernel: arch/x86/include/asm/elf.h 241 */ 242 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 243 { 244 (*regs)[0] = env->regs[R_EBX]; 245 (*regs)[1] = env->regs[R_ECX]; 246 (*regs)[2] = env->regs[R_EDX]; 247 (*regs)[3] = env->regs[R_ESI]; 248 (*regs)[4] = env->regs[R_EDI]; 249 (*regs)[5] = env->regs[R_EBP]; 250 (*regs)[6] = env->regs[R_EAX]; 251 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 252 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 253 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 254 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 255 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 256 (*regs)[12] = env->eip; 257 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 258 (*regs)[14] = env->eflags; 259 (*regs)[15] = env->regs[R_ESP]; 260 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 261 } 262 #endif 263 264 #define USE_ELF_CORE_DUMP 265 #define ELF_EXEC_PAGESIZE 4096 266 267 #endif 268 269 #ifdef TARGET_ARM 270 271 #ifndef TARGET_AARCH64 272 /* 32 bit ARM definitions */ 273 274 #define ELF_START_MMAP 0x80000000 275 276 #define elf_check_arch(x) ((x) == ELF_MACHINE) 277 278 #define ELF_ARCH ELF_MACHINE 279 #define ELF_CLASS ELFCLASS32 280 281 static inline void init_thread(struct target_pt_regs *regs, 282 struct image_info *infop) 283 { 284 abi_long stack = infop->start_stack; 285 memset(regs, 0, sizeof(*regs)); 286 287 regs->ARM_cpsr = 0x10; 288 if (infop->entry & 1) 289 regs->ARM_cpsr |= CPSR_T; 290 regs->ARM_pc = infop->entry & 0xfffffffe; 291 regs->ARM_sp = infop->start_stack; 292 /* FIXME - what to for failure of get_user()? */ 293 get_user_ual(regs->ARM_r2, stack + 8); /* envp */ 294 get_user_ual(regs->ARM_r1, stack + 4); /* envp */ 295 /* XXX: it seems that r0 is zeroed after ! */ 296 regs->ARM_r0 = 0; 297 /* For uClinux PIC binaries. */ 298 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 299 regs->ARM_r10 = infop->start_data; 300 } 301 302 #define ELF_NREG 18 303 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 304 305 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 306 { 307 (*regs)[0] = tswapreg(env->regs[0]); 308 (*regs)[1] = tswapreg(env->regs[1]); 309 (*regs)[2] = tswapreg(env->regs[2]); 310 (*regs)[3] = tswapreg(env->regs[3]); 311 (*regs)[4] = tswapreg(env->regs[4]); 312 (*regs)[5] = tswapreg(env->regs[5]); 313 (*regs)[6] = tswapreg(env->regs[6]); 314 (*regs)[7] = tswapreg(env->regs[7]); 315 (*regs)[8] = tswapreg(env->regs[8]); 316 (*regs)[9] = tswapreg(env->regs[9]); 317 (*regs)[10] = tswapreg(env->regs[10]); 318 (*regs)[11] = tswapreg(env->regs[11]); 319 (*regs)[12] = tswapreg(env->regs[12]); 320 (*regs)[13] = tswapreg(env->regs[13]); 321 (*regs)[14] = tswapreg(env->regs[14]); 322 (*regs)[15] = tswapreg(env->regs[15]); 323 324 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 325 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 326 } 327 328 #define USE_ELF_CORE_DUMP 329 #define ELF_EXEC_PAGESIZE 4096 330 331 enum 332 { 333 ARM_HWCAP_ARM_SWP = 1 << 0, 334 ARM_HWCAP_ARM_HALF = 1 << 1, 335 ARM_HWCAP_ARM_THUMB = 1 << 2, 336 ARM_HWCAP_ARM_26BIT = 1 << 3, 337 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 338 ARM_HWCAP_ARM_FPA = 1 << 5, 339 ARM_HWCAP_ARM_VFP = 1 << 6, 340 ARM_HWCAP_ARM_EDSP = 1 << 7, 341 ARM_HWCAP_ARM_JAVA = 1 << 8, 342 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 343 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 344 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 345 ARM_HWCAP_ARM_NEON = 1 << 12, 346 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 347 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 348 ARM_HWCAP_ARM_TLS = 1 << 15, 349 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 350 ARM_HWCAP_ARM_IDIVA = 1 << 17, 351 ARM_HWCAP_ARM_IDIVT = 1 << 18, 352 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 353 ARM_HWCAP_ARM_LPAE = 1 << 20, 354 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 355 }; 356 357 enum { 358 ARM_HWCAP2_ARM_AES = 1 << 0, 359 ARM_HWCAP2_ARM_PMULL = 1 << 1, 360 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 361 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 362 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 363 }; 364 365 /* The commpage only exists for 32 bit kernels */ 366 367 #define TARGET_HAS_VALIDATE_GUEST_SPACE 368 /* Return 1 if the proposed guest space is suitable for the guest. 369 * Return 0 if the proposed guest space isn't suitable, but another 370 * address space should be tried. 371 * Return -1 if there is no way the proposed guest space can be 372 * valid regardless of the base. 373 * The guest code may leave a page mapped and populate it if the 374 * address is suitable. 375 */ 376 static int validate_guest_space(unsigned long guest_base, 377 unsigned long guest_size) 378 { 379 unsigned long real_start, test_page_addr; 380 381 /* We need to check that we can force a fault on access to the 382 * commpage at 0xffff0fxx 383 */ 384 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask); 385 386 /* If the commpage lies within the already allocated guest space, 387 * then there is no way we can allocate it. 388 */ 389 if (test_page_addr >= guest_base 390 && test_page_addr <= (guest_base + guest_size)) { 391 return -1; 392 } 393 394 /* Note it needs to be writeable to let us initialise it */ 395 real_start = (unsigned long) 396 mmap((void *)test_page_addr, qemu_host_page_size, 397 PROT_READ | PROT_WRITE, 398 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 399 400 /* If we can't map it then try another address */ 401 if (real_start == -1ul) { 402 return 0; 403 } 404 405 if (real_start != test_page_addr) { 406 /* OS didn't put the page where we asked - unmap and reject */ 407 munmap((void *)real_start, qemu_host_page_size); 408 return 0; 409 } 410 411 /* Leave the page mapped 412 * Populate it (mmap should have left it all 0'd) 413 */ 414 415 /* Kernel helper versions */ 416 __put_user(5, (uint32_t *)g2h(0xffff0ffcul)); 417 418 /* Now it's populated make it RO */ 419 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) { 420 perror("Protecting guest commpage"); 421 exit(-1); 422 } 423 424 return 1; /* All good */ 425 } 426 427 #define ELF_HWCAP get_elf_hwcap() 428 #define ELF_HWCAP2 get_elf_hwcap2() 429 430 static uint32_t get_elf_hwcap(void) 431 { 432 ARMCPU *cpu = ARM_CPU(thread_cpu); 433 uint32_t hwcaps = 0; 434 435 hwcaps |= ARM_HWCAP_ARM_SWP; 436 hwcaps |= ARM_HWCAP_ARM_HALF; 437 hwcaps |= ARM_HWCAP_ARM_THUMB; 438 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 439 440 /* probe for the extra features */ 441 #define GET_FEATURE(feat, hwcap) \ 442 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 443 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 444 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 445 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP); 446 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 447 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 448 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 449 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3); 450 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 451 GET_FEATURE(ARM_FEATURE_VFP4, ARM_HWCAP_ARM_VFPv4); 452 GET_FEATURE(ARM_FEATURE_ARM_DIV, ARM_HWCAP_ARM_IDIVA); 453 GET_FEATURE(ARM_FEATURE_THUMB_DIV, ARM_HWCAP_ARM_IDIVT); 454 /* All QEMU's VFPv3 CPUs have 32 registers, see VFP_DREG in translate.c. 455 * Note that the ARM_HWCAP_ARM_VFPv3D16 bit is always the inverse of 456 * ARM_HWCAP_ARM_VFPD32 (and so always clear for QEMU); it is unrelated 457 * to our VFP_FP16 feature bit. 458 */ 459 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPD32); 460 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 461 462 return hwcaps; 463 } 464 465 static uint32_t get_elf_hwcap2(void) 466 { 467 ARMCPU *cpu = ARM_CPU(thread_cpu); 468 uint32_t hwcaps = 0; 469 470 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP2_ARM_AES); 471 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP2_ARM_PMULL); 472 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP2_ARM_SHA1); 473 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP2_ARM_SHA2); 474 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP2_ARM_CRC32); 475 return hwcaps; 476 } 477 478 #undef GET_FEATURE 479 480 #else 481 /* 64 bit ARM definitions */ 482 #define ELF_START_MMAP 0x80000000 483 484 #define elf_check_arch(x) ((x) == ELF_MACHINE) 485 486 #define ELF_ARCH ELF_MACHINE 487 #define ELF_CLASS ELFCLASS64 488 #define ELF_PLATFORM "aarch64" 489 490 static inline void init_thread(struct target_pt_regs *regs, 491 struct image_info *infop) 492 { 493 abi_long stack = infop->start_stack; 494 memset(regs, 0, sizeof(*regs)); 495 496 regs->pc = infop->entry & ~0x3ULL; 497 regs->sp = stack; 498 } 499 500 #define ELF_NREG 34 501 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 502 503 static void elf_core_copy_regs(target_elf_gregset_t *regs, 504 const CPUARMState *env) 505 { 506 int i; 507 508 for (i = 0; i < 32; i++) { 509 (*regs)[i] = tswapreg(env->xregs[i]); 510 } 511 (*regs)[32] = tswapreg(env->pc); 512 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 513 } 514 515 #define USE_ELF_CORE_DUMP 516 #define ELF_EXEC_PAGESIZE 4096 517 518 enum { 519 ARM_HWCAP_A64_FP = 1 << 0, 520 ARM_HWCAP_A64_ASIMD = 1 << 1, 521 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 522 ARM_HWCAP_A64_AES = 1 << 3, 523 ARM_HWCAP_A64_PMULL = 1 << 4, 524 ARM_HWCAP_A64_SHA1 = 1 << 5, 525 ARM_HWCAP_A64_SHA2 = 1 << 6, 526 ARM_HWCAP_A64_CRC32 = 1 << 7, 527 }; 528 529 #define ELF_HWCAP get_elf_hwcap() 530 531 static uint32_t get_elf_hwcap(void) 532 { 533 ARMCPU *cpu = ARM_CPU(thread_cpu); 534 uint32_t hwcaps = 0; 535 536 hwcaps |= ARM_HWCAP_A64_FP; 537 hwcaps |= ARM_HWCAP_A64_ASIMD; 538 539 /* probe for the extra features */ 540 #define GET_FEATURE(feat, hwcap) \ 541 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 542 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP_A64_AES); 543 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP_A64_PMULL); 544 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1); 545 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2); 546 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32); 547 #undef GET_FEATURE 548 549 return hwcaps; 550 } 551 552 #endif /* not TARGET_AARCH64 */ 553 #endif /* TARGET_ARM */ 554 555 #ifdef TARGET_UNICORE32 556 557 #define ELF_START_MMAP 0x80000000 558 559 #define elf_check_arch(x) ((x) == EM_UNICORE32) 560 561 #define ELF_CLASS ELFCLASS32 562 #define ELF_DATA ELFDATA2LSB 563 #define ELF_ARCH EM_UNICORE32 564 565 static inline void init_thread(struct target_pt_regs *regs, 566 struct image_info *infop) 567 { 568 abi_long stack = infop->start_stack; 569 memset(regs, 0, sizeof(*regs)); 570 regs->UC32_REG_asr = 0x10; 571 regs->UC32_REG_pc = infop->entry & 0xfffffffe; 572 regs->UC32_REG_sp = infop->start_stack; 573 /* FIXME - what to for failure of get_user()? */ 574 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */ 575 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */ 576 /* XXX: it seems that r0 is zeroed after ! */ 577 regs->UC32_REG_00 = 0; 578 } 579 580 #define ELF_NREG 34 581 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 582 583 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env) 584 { 585 (*regs)[0] = env->regs[0]; 586 (*regs)[1] = env->regs[1]; 587 (*regs)[2] = env->regs[2]; 588 (*regs)[3] = env->regs[3]; 589 (*regs)[4] = env->regs[4]; 590 (*regs)[5] = env->regs[5]; 591 (*regs)[6] = env->regs[6]; 592 (*regs)[7] = env->regs[7]; 593 (*regs)[8] = env->regs[8]; 594 (*regs)[9] = env->regs[9]; 595 (*regs)[10] = env->regs[10]; 596 (*regs)[11] = env->regs[11]; 597 (*regs)[12] = env->regs[12]; 598 (*regs)[13] = env->regs[13]; 599 (*regs)[14] = env->regs[14]; 600 (*regs)[15] = env->regs[15]; 601 (*regs)[16] = env->regs[16]; 602 (*regs)[17] = env->regs[17]; 603 (*regs)[18] = env->regs[18]; 604 (*regs)[19] = env->regs[19]; 605 (*regs)[20] = env->regs[20]; 606 (*regs)[21] = env->regs[21]; 607 (*regs)[22] = env->regs[22]; 608 (*regs)[23] = env->regs[23]; 609 (*regs)[24] = env->regs[24]; 610 (*regs)[25] = env->regs[25]; 611 (*regs)[26] = env->regs[26]; 612 (*regs)[27] = env->regs[27]; 613 (*regs)[28] = env->regs[28]; 614 (*regs)[29] = env->regs[29]; 615 (*regs)[30] = env->regs[30]; 616 (*regs)[31] = env->regs[31]; 617 618 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env); 619 (*regs)[33] = env->regs[0]; /* XXX */ 620 } 621 622 #define USE_ELF_CORE_DUMP 623 #define ELF_EXEC_PAGESIZE 4096 624 625 #define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64) 626 627 #endif 628 629 #ifdef TARGET_SPARC 630 #ifdef TARGET_SPARC64 631 632 #define ELF_START_MMAP 0x80000000 633 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 634 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 635 #ifndef TARGET_ABI32 636 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 637 #else 638 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 639 #endif 640 641 #define ELF_CLASS ELFCLASS64 642 #define ELF_ARCH EM_SPARCV9 643 644 #define STACK_BIAS 2047 645 646 static inline void init_thread(struct target_pt_regs *regs, 647 struct image_info *infop) 648 { 649 #ifndef TARGET_ABI32 650 regs->tstate = 0; 651 #endif 652 regs->pc = infop->entry; 653 regs->npc = regs->pc + 4; 654 regs->y = 0; 655 #ifdef TARGET_ABI32 656 regs->u_regs[14] = infop->start_stack - 16 * 4; 657 #else 658 if (personality(infop->personality) == PER_LINUX32) 659 regs->u_regs[14] = infop->start_stack - 16 * 4; 660 else 661 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 662 #endif 663 } 664 665 #else 666 #define ELF_START_MMAP 0x80000000 667 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 668 | HWCAP_SPARC_MULDIV) 669 #define elf_check_arch(x) ( (x) == EM_SPARC ) 670 671 #define ELF_CLASS ELFCLASS32 672 #define ELF_ARCH EM_SPARC 673 674 static inline void init_thread(struct target_pt_regs *regs, 675 struct image_info *infop) 676 { 677 regs->psr = 0; 678 regs->pc = infop->entry; 679 regs->npc = regs->pc + 4; 680 regs->y = 0; 681 regs->u_regs[14] = infop->start_stack - 16 * 4; 682 } 683 684 #endif 685 #endif 686 687 #ifdef TARGET_PPC 688 689 #define ELF_START_MMAP 0x80000000 690 691 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 692 693 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 694 695 #define ELF_CLASS ELFCLASS64 696 697 #else 698 699 #define elf_check_arch(x) ( (x) == EM_PPC ) 700 701 #define ELF_CLASS ELFCLASS32 702 703 #endif 704 705 #define ELF_ARCH EM_PPC 706 707 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 708 See arch/powerpc/include/asm/cputable.h. */ 709 enum { 710 QEMU_PPC_FEATURE_32 = 0x80000000, 711 QEMU_PPC_FEATURE_64 = 0x40000000, 712 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 713 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 714 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 715 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 716 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 717 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 718 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 719 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 720 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 721 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 722 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 723 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 724 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 725 QEMU_PPC_FEATURE_CELL = 0x00010000, 726 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 727 QEMU_PPC_FEATURE_SMT = 0x00004000, 728 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 729 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 730 QEMU_PPC_FEATURE_PA6T = 0x00000800, 731 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 732 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 733 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 734 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 735 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 736 737 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 738 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 739 }; 740 741 #define ELF_HWCAP get_elf_hwcap() 742 743 static uint32_t get_elf_hwcap(void) 744 { 745 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 746 uint32_t features = 0; 747 748 /* We don't have to be terribly complete here; the high points are 749 Altivec/FP/SPE support. Anything else is just a bonus. */ 750 #define GET_FEATURE(flag, feature) \ 751 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 752 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 753 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 754 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 755 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 756 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 757 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 758 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 759 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 760 #undef GET_FEATURE 761 762 return features; 763 } 764 765 /* 766 * The requirements here are: 767 * - keep the final alignment of sp (sp & 0xf) 768 * - make sure the 32-bit value at the first 16 byte aligned position of 769 * AUXV is greater than 16 for glibc compatibility. 770 * AT_IGNOREPPC is used for that. 771 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 772 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 773 */ 774 #define DLINFO_ARCH_ITEMS 5 775 #define ARCH_DLINFO \ 776 do { \ 777 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \ 778 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \ 779 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 780 /* \ 781 * Now handle glibc compatibility. \ 782 */ \ 783 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 784 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 785 } while (0) 786 787 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 788 { 789 _regs->gpr[1] = infop->start_stack; 790 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 791 _regs->gpr[2] = ldq_raw(infop->entry + 8) + infop->load_bias; 792 infop->entry = ldq_raw(infop->entry) + infop->load_bias; 793 #endif 794 _regs->nip = infop->entry; 795 } 796 797 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 798 #define ELF_NREG 48 799 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 800 801 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 802 { 803 int i; 804 target_ulong ccr = 0; 805 806 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 807 (*regs)[i] = tswapreg(env->gpr[i]); 808 } 809 810 (*regs)[32] = tswapreg(env->nip); 811 (*regs)[33] = tswapreg(env->msr); 812 (*regs)[35] = tswapreg(env->ctr); 813 (*regs)[36] = tswapreg(env->lr); 814 (*regs)[37] = tswapreg(env->xer); 815 816 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 817 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 818 } 819 (*regs)[38] = tswapreg(ccr); 820 } 821 822 #define USE_ELF_CORE_DUMP 823 #define ELF_EXEC_PAGESIZE 4096 824 825 #endif 826 827 #ifdef TARGET_MIPS 828 829 #define ELF_START_MMAP 0x80000000 830 831 #define elf_check_arch(x) ( (x) == EM_MIPS ) 832 833 #ifdef TARGET_MIPS64 834 #define ELF_CLASS ELFCLASS64 835 #else 836 #define ELF_CLASS ELFCLASS32 837 #endif 838 #define ELF_ARCH EM_MIPS 839 840 static inline void init_thread(struct target_pt_regs *regs, 841 struct image_info *infop) 842 { 843 regs->cp0_status = 2 << CP0St_KSU; 844 regs->cp0_epc = infop->entry; 845 regs->regs[29] = infop->start_stack; 846 } 847 848 /* See linux kernel: arch/mips/include/asm/elf.h. */ 849 #define ELF_NREG 45 850 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 851 852 /* See linux kernel: arch/mips/include/asm/reg.h. */ 853 enum { 854 #ifdef TARGET_MIPS64 855 TARGET_EF_R0 = 0, 856 #else 857 TARGET_EF_R0 = 6, 858 #endif 859 TARGET_EF_R26 = TARGET_EF_R0 + 26, 860 TARGET_EF_R27 = TARGET_EF_R0 + 27, 861 TARGET_EF_LO = TARGET_EF_R0 + 32, 862 TARGET_EF_HI = TARGET_EF_R0 + 33, 863 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 864 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 865 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 866 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 867 }; 868 869 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 870 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 871 { 872 int i; 873 874 for (i = 0; i < TARGET_EF_R0; i++) { 875 (*regs)[i] = 0; 876 } 877 (*regs)[TARGET_EF_R0] = 0; 878 879 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 880 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 881 } 882 883 (*regs)[TARGET_EF_R26] = 0; 884 (*regs)[TARGET_EF_R27] = 0; 885 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 886 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 887 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 888 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 889 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 890 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 891 } 892 893 #define USE_ELF_CORE_DUMP 894 #define ELF_EXEC_PAGESIZE 4096 895 896 #endif /* TARGET_MIPS */ 897 898 #ifdef TARGET_MICROBLAZE 899 900 #define ELF_START_MMAP 0x80000000 901 902 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 903 904 #define ELF_CLASS ELFCLASS32 905 #define ELF_ARCH EM_MICROBLAZE 906 907 static inline void init_thread(struct target_pt_regs *regs, 908 struct image_info *infop) 909 { 910 regs->pc = infop->entry; 911 regs->r1 = infop->start_stack; 912 913 } 914 915 #define ELF_EXEC_PAGESIZE 4096 916 917 #define USE_ELF_CORE_DUMP 918 #define ELF_NREG 38 919 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 920 921 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 922 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 923 { 924 int i, pos = 0; 925 926 for (i = 0; i < 32; i++) { 927 (*regs)[pos++] = tswapreg(env->regs[i]); 928 } 929 930 for (i = 0; i < 6; i++) { 931 (*regs)[pos++] = tswapreg(env->sregs[i]); 932 } 933 } 934 935 #endif /* TARGET_MICROBLAZE */ 936 937 #ifdef TARGET_OPENRISC 938 939 #define ELF_START_MMAP 0x08000000 940 941 #define elf_check_arch(x) ((x) == EM_OPENRISC) 942 943 #define ELF_ARCH EM_OPENRISC 944 #define ELF_CLASS ELFCLASS32 945 #define ELF_DATA ELFDATA2MSB 946 947 static inline void init_thread(struct target_pt_regs *regs, 948 struct image_info *infop) 949 { 950 regs->pc = infop->entry; 951 regs->gpr[1] = infop->start_stack; 952 } 953 954 #define USE_ELF_CORE_DUMP 955 #define ELF_EXEC_PAGESIZE 8192 956 957 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 958 #define ELF_NREG 34 /* gprs and pc, sr */ 959 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 960 961 static void elf_core_copy_regs(target_elf_gregset_t *regs, 962 const CPUOpenRISCState *env) 963 { 964 int i; 965 966 for (i = 0; i < 32; i++) { 967 (*regs)[i] = tswapreg(env->gpr[i]); 968 } 969 970 (*regs)[32] = tswapreg(env->pc); 971 (*regs)[33] = tswapreg(env->sr); 972 } 973 #define ELF_HWCAP 0 974 #define ELF_PLATFORM NULL 975 976 #endif /* TARGET_OPENRISC */ 977 978 #ifdef TARGET_SH4 979 980 #define ELF_START_MMAP 0x80000000 981 982 #define elf_check_arch(x) ( (x) == EM_SH ) 983 984 #define ELF_CLASS ELFCLASS32 985 #define ELF_ARCH EM_SH 986 987 static inline void init_thread(struct target_pt_regs *regs, 988 struct image_info *infop) 989 { 990 /* Check other registers XXXXX */ 991 regs->pc = infop->entry; 992 regs->regs[15] = infop->start_stack; 993 } 994 995 /* See linux kernel: arch/sh/include/asm/elf.h. */ 996 #define ELF_NREG 23 997 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 998 999 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1000 enum { 1001 TARGET_REG_PC = 16, 1002 TARGET_REG_PR = 17, 1003 TARGET_REG_SR = 18, 1004 TARGET_REG_GBR = 19, 1005 TARGET_REG_MACH = 20, 1006 TARGET_REG_MACL = 21, 1007 TARGET_REG_SYSCALL = 22 1008 }; 1009 1010 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1011 const CPUSH4State *env) 1012 { 1013 int i; 1014 1015 for (i = 0; i < 16; i++) { 1016 (*regs[i]) = tswapreg(env->gregs[i]); 1017 } 1018 1019 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1020 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1021 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1022 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1023 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1024 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1025 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1026 } 1027 1028 #define USE_ELF_CORE_DUMP 1029 #define ELF_EXEC_PAGESIZE 4096 1030 1031 #endif 1032 1033 #ifdef TARGET_CRIS 1034 1035 #define ELF_START_MMAP 0x80000000 1036 1037 #define elf_check_arch(x) ( (x) == EM_CRIS ) 1038 1039 #define ELF_CLASS ELFCLASS32 1040 #define ELF_ARCH EM_CRIS 1041 1042 static inline void init_thread(struct target_pt_regs *regs, 1043 struct image_info *infop) 1044 { 1045 regs->erp = infop->entry; 1046 } 1047 1048 #define ELF_EXEC_PAGESIZE 8192 1049 1050 #endif 1051 1052 #ifdef TARGET_M68K 1053 1054 #define ELF_START_MMAP 0x80000000 1055 1056 #define elf_check_arch(x) ( (x) == EM_68K ) 1057 1058 #define ELF_CLASS ELFCLASS32 1059 #define ELF_ARCH EM_68K 1060 1061 /* ??? Does this need to do anything? 1062 #define ELF_PLAT_INIT(_r) */ 1063 1064 static inline void init_thread(struct target_pt_regs *regs, 1065 struct image_info *infop) 1066 { 1067 regs->usp = infop->start_stack; 1068 regs->sr = 0; 1069 regs->pc = infop->entry; 1070 } 1071 1072 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1073 #define ELF_NREG 20 1074 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1075 1076 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1077 { 1078 (*regs)[0] = tswapreg(env->dregs[1]); 1079 (*regs)[1] = tswapreg(env->dregs[2]); 1080 (*regs)[2] = tswapreg(env->dregs[3]); 1081 (*regs)[3] = tswapreg(env->dregs[4]); 1082 (*regs)[4] = tswapreg(env->dregs[5]); 1083 (*regs)[5] = tswapreg(env->dregs[6]); 1084 (*regs)[6] = tswapreg(env->dregs[7]); 1085 (*regs)[7] = tswapreg(env->aregs[0]); 1086 (*regs)[8] = tswapreg(env->aregs[1]); 1087 (*regs)[9] = tswapreg(env->aregs[2]); 1088 (*regs)[10] = tswapreg(env->aregs[3]); 1089 (*regs)[11] = tswapreg(env->aregs[4]); 1090 (*regs)[12] = tswapreg(env->aregs[5]); 1091 (*regs)[13] = tswapreg(env->aregs[6]); 1092 (*regs)[14] = tswapreg(env->dregs[0]); 1093 (*regs)[15] = tswapreg(env->aregs[7]); 1094 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1095 (*regs)[17] = tswapreg(env->sr); 1096 (*regs)[18] = tswapreg(env->pc); 1097 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1098 } 1099 1100 #define USE_ELF_CORE_DUMP 1101 #define ELF_EXEC_PAGESIZE 8192 1102 1103 #endif 1104 1105 #ifdef TARGET_ALPHA 1106 1107 #define ELF_START_MMAP (0x30000000000ULL) 1108 1109 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 1110 1111 #define ELF_CLASS ELFCLASS64 1112 #define ELF_ARCH EM_ALPHA 1113 1114 static inline void init_thread(struct target_pt_regs *regs, 1115 struct image_info *infop) 1116 { 1117 regs->pc = infop->entry; 1118 regs->ps = 8; 1119 regs->usp = infop->start_stack; 1120 } 1121 1122 #define ELF_EXEC_PAGESIZE 8192 1123 1124 #endif /* TARGET_ALPHA */ 1125 1126 #ifdef TARGET_S390X 1127 1128 #define ELF_START_MMAP (0x20000000000ULL) 1129 1130 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 1131 1132 #define ELF_CLASS ELFCLASS64 1133 #define ELF_DATA ELFDATA2MSB 1134 #define ELF_ARCH EM_S390 1135 1136 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1137 { 1138 regs->psw.addr = infop->entry; 1139 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1140 regs->gprs[15] = infop->start_stack; 1141 } 1142 1143 #endif /* TARGET_S390X */ 1144 1145 #ifndef ELF_PLATFORM 1146 #define ELF_PLATFORM (NULL) 1147 #endif 1148 1149 #ifndef ELF_HWCAP 1150 #define ELF_HWCAP 0 1151 #endif 1152 1153 #ifdef TARGET_ABI32 1154 #undef ELF_CLASS 1155 #define ELF_CLASS ELFCLASS32 1156 #undef bswaptls 1157 #define bswaptls(ptr) bswap32s(ptr) 1158 #endif 1159 1160 #include "elf.h" 1161 1162 struct exec 1163 { 1164 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1165 unsigned int a_text; /* length of text, in bytes */ 1166 unsigned int a_data; /* length of data, in bytes */ 1167 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1168 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1169 unsigned int a_entry; /* start address */ 1170 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1171 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1172 }; 1173 1174 1175 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1176 #define OMAGIC 0407 1177 #define NMAGIC 0410 1178 #define ZMAGIC 0413 1179 #define QMAGIC 0314 1180 1181 /* Necessary parameters */ 1182 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE 1183 #define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1)) 1184 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1185 1186 #define DLINFO_ITEMS 14 1187 1188 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1189 { 1190 memcpy(to, from, n); 1191 } 1192 1193 #ifdef BSWAP_NEEDED 1194 static void bswap_ehdr(struct elfhdr *ehdr) 1195 { 1196 bswap16s(&ehdr->e_type); /* Object file type */ 1197 bswap16s(&ehdr->e_machine); /* Architecture */ 1198 bswap32s(&ehdr->e_version); /* Object file version */ 1199 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1200 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1201 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1202 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1203 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1204 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1205 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1206 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1207 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1208 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1209 } 1210 1211 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1212 { 1213 int i; 1214 for (i = 0; i < phnum; ++i, ++phdr) { 1215 bswap32s(&phdr->p_type); /* Segment type */ 1216 bswap32s(&phdr->p_flags); /* Segment flags */ 1217 bswaptls(&phdr->p_offset); /* Segment file offset */ 1218 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1219 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1220 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1221 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1222 bswaptls(&phdr->p_align); /* Segment alignment */ 1223 } 1224 } 1225 1226 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1227 { 1228 int i; 1229 for (i = 0; i < shnum; ++i, ++shdr) { 1230 bswap32s(&shdr->sh_name); 1231 bswap32s(&shdr->sh_type); 1232 bswaptls(&shdr->sh_flags); 1233 bswaptls(&shdr->sh_addr); 1234 bswaptls(&shdr->sh_offset); 1235 bswaptls(&shdr->sh_size); 1236 bswap32s(&shdr->sh_link); 1237 bswap32s(&shdr->sh_info); 1238 bswaptls(&shdr->sh_addralign); 1239 bswaptls(&shdr->sh_entsize); 1240 } 1241 } 1242 1243 static void bswap_sym(struct elf_sym *sym) 1244 { 1245 bswap32s(&sym->st_name); 1246 bswaptls(&sym->st_value); 1247 bswaptls(&sym->st_size); 1248 bswap16s(&sym->st_shndx); 1249 } 1250 #else 1251 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1252 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1253 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1254 static inline void bswap_sym(struct elf_sym *sym) { } 1255 #endif 1256 1257 #ifdef USE_ELF_CORE_DUMP 1258 static int elf_core_dump(int, const CPUArchState *); 1259 #endif /* USE_ELF_CORE_DUMP */ 1260 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1261 1262 /* Verify the portions of EHDR within E_IDENT for the target. 1263 This can be performed before bswapping the entire header. */ 1264 static bool elf_check_ident(struct elfhdr *ehdr) 1265 { 1266 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1267 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1268 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1269 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1270 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1271 && ehdr->e_ident[EI_DATA] == ELF_DATA 1272 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1273 } 1274 1275 /* Verify the portions of EHDR outside of E_IDENT for the target. 1276 This has to wait until after bswapping the header. */ 1277 static bool elf_check_ehdr(struct elfhdr *ehdr) 1278 { 1279 return (elf_check_arch(ehdr->e_machine) 1280 && ehdr->e_ehsize == sizeof(struct elfhdr) 1281 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1282 && ehdr->e_shentsize == sizeof(struct elf_shdr) 1283 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1284 } 1285 1286 /* 1287 * 'copy_elf_strings()' copies argument/envelope strings from user 1288 * memory to free pages in kernel mem. These are in a format ready 1289 * to be put directly into the top of new user memory. 1290 * 1291 */ 1292 static abi_ulong copy_elf_strings(int argc,char ** argv, void **page, 1293 abi_ulong p) 1294 { 1295 char *tmp, *tmp1, *pag = NULL; 1296 int len, offset = 0; 1297 1298 if (!p) { 1299 return 0; /* bullet-proofing */ 1300 } 1301 while (argc-- > 0) { 1302 tmp = argv[argc]; 1303 if (!tmp) { 1304 fprintf(stderr, "VFS: argc is wrong"); 1305 exit(-1); 1306 } 1307 tmp1 = tmp; 1308 while (*tmp++); 1309 len = tmp - tmp1; 1310 if (p < len) { /* this shouldn't happen - 128kB */ 1311 return 0; 1312 } 1313 while (len) { 1314 --p; --tmp; --len; 1315 if (--offset < 0) { 1316 offset = p % TARGET_PAGE_SIZE; 1317 pag = (char *)page[p/TARGET_PAGE_SIZE]; 1318 if (!pag) { 1319 pag = g_try_malloc0(TARGET_PAGE_SIZE); 1320 page[p/TARGET_PAGE_SIZE] = pag; 1321 if (!pag) 1322 return 0; 1323 } 1324 } 1325 if (len == 0 || offset == 0) { 1326 *(pag + offset) = *tmp; 1327 } 1328 else { 1329 int bytes_to_copy = (len > offset) ? offset : len; 1330 tmp -= bytes_to_copy; 1331 p -= bytes_to_copy; 1332 offset -= bytes_to_copy; 1333 len -= bytes_to_copy; 1334 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1); 1335 } 1336 } 1337 } 1338 return p; 1339 } 1340 1341 static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm, 1342 struct image_info *info) 1343 { 1344 abi_ulong stack_base, size, error, guard; 1345 int i; 1346 1347 /* Create enough stack to hold everything. If we don't use 1348 it for args, we'll use it for something else. */ 1349 size = guest_stack_size; 1350 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE) { 1351 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1352 } 1353 guard = TARGET_PAGE_SIZE; 1354 if (guard < qemu_real_host_page_size) { 1355 guard = qemu_real_host_page_size; 1356 } 1357 1358 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1359 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1360 if (error == -1) { 1361 perror("mmap stack"); 1362 exit(-1); 1363 } 1364 1365 /* We reserve one extra page at the top of the stack as guard. */ 1366 target_mprotect(error, guard, PROT_NONE); 1367 1368 info->stack_limit = error + guard; 1369 stack_base = info->stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1370 p += stack_base; 1371 1372 for (i = 0 ; i < MAX_ARG_PAGES ; i++) { 1373 if (bprm->page[i]) { 1374 info->rss++; 1375 /* FIXME - check return value of memcpy_to_target() for failure */ 1376 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE); 1377 g_free(bprm->page[i]); 1378 } 1379 stack_base += TARGET_PAGE_SIZE; 1380 } 1381 return p; 1382 } 1383 1384 /* Map and zero the bss. We need to explicitly zero any fractional pages 1385 after the data section (i.e. bss). */ 1386 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1387 { 1388 uintptr_t host_start, host_map_start, host_end; 1389 1390 last_bss = TARGET_PAGE_ALIGN(last_bss); 1391 1392 /* ??? There is confusion between qemu_real_host_page_size and 1393 qemu_host_page_size here and elsewhere in target_mmap, which 1394 may lead to the end of the data section mapping from the file 1395 not being mapped. At least there was an explicit test and 1396 comment for that here, suggesting that "the file size must 1397 be known". The comment probably pre-dates the introduction 1398 of the fstat system call in target_mmap which does in fact 1399 find out the size. What isn't clear is if the workaround 1400 here is still actually needed. For now, continue with it, 1401 but merge it with the "normal" mmap that would allocate the bss. */ 1402 1403 host_start = (uintptr_t) g2h(elf_bss); 1404 host_end = (uintptr_t) g2h(last_bss); 1405 host_map_start = (host_start + qemu_real_host_page_size - 1); 1406 host_map_start &= -qemu_real_host_page_size; 1407 1408 if (host_map_start < host_end) { 1409 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1410 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1411 if (p == MAP_FAILED) { 1412 perror("cannot mmap brk"); 1413 exit(-1); 1414 } 1415 1416 /* Since we didn't use target_mmap, make sure to record 1417 the validity of the pages with qemu. */ 1418 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot|PAGE_VALID); 1419 } 1420 1421 if (host_start < host_map_start) { 1422 memset((void *)host_start, 0, host_map_start - host_start); 1423 } 1424 } 1425 1426 #ifdef CONFIG_USE_FDPIC 1427 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1428 { 1429 uint16_t n; 1430 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1431 1432 /* elf32_fdpic_loadseg */ 1433 n = info->nsegs; 1434 while (n--) { 1435 sp -= 12; 1436 put_user_u32(loadsegs[n].addr, sp+0); 1437 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1438 put_user_u32(loadsegs[n].p_memsz, sp+8); 1439 } 1440 1441 /* elf32_fdpic_loadmap */ 1442 sp -= 4; 1443 put_user_u16(0, sp+0); /* version */ 1444 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1445 1446 info->personality = PER_LINUX_FDPIC; 1447 info->loadmap_addr = sp; 1448 1449 return sp; 1450 } 1451 #endif 1452 1453 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1454 struct elfhdr *exec, 1455 struct image_info *info, 1456 struct image_info *interp_info) 1457 { 1458 abi_ulong sp; 1459 abi_ulong sp_auxv; 1460 int size; 1461 int i; 1462 abi_ulong u_rand_bytes; 1463 uint8_t k_rand_bytes[16]; 1464 abi_ulong u_platform; 1465 const char *k_platform; 1466 const int n = sizeof(elf_addr_t); 1467 1468 sp = p; 1469 1470 #ifdef CONFIG_USE_FDPIC 1471 /* Needs to be before we load the env/argc/... */ 1472 if (elf_is_fdpic(exec)) { 1473 /* Need 4 byte alignment for these structs */ 1474 sp &= ~3; 1475 sp = loader_build_fdpic_loadmap(info, sp); 1476 info->other_info = interp_info; 1477 if (interp_info) { 1478 interp_info->other_info = info; 1479 sp = loader_build_fdpic_loadmap(interp_info, sp); 1480 } 1481 } 1482 #endif 1483 1484 u_platform = 0; 1485 k_platform = ELF_PLATFORM; 1486 if (k_platform) { 1487 size_t len = strlen(k_platform) + 1; 1488 sp -= (len + n - 1) & ~(n - 1); 1489 u_platform = sp; 1490 /* FIXME - check return value of memcpy_to_target() for failure */ 1491 memcpy_to_target(sp, k_platform, len); 1492 } 1493 1494 /* 1495 * Generate 16 random bytes for userspace PRNG seeding (not 1496 * cryptically secure but it's not the aim of QEMU). 1497 */ 1498 srand((unsigned int) time(NULL)); 1499 for (i = 0; i < 16; i++) { 1500 k_rand_bytes[i] = rand(); 1501 } 1502 sp -= 16; 1503 u_rand_bytes = sp; 1504 /* FIXME - check return value of memcpy_to_target() for failure */ 1505 memcpy_to_target(sp, k_rand_bytes, 16); 1506 1507 /* 1508 * Force 16 byte _final_ alignment here for generality. 1509 */ 1510 sp = sp &~ (abi_ulong)15; 1511 size = (DLINFO_ITEMS + 1) * 2; 1512 if (k_platform) 1513 size += 2; 1514 #ifdef DLINFO_ARCH_ITEMS 1515 size += DLINFO_ARCH_ITEMS * 2; 1516 #endif 1517 #ifdef ELF_HWCAP2 1518 size += 2; 1519 #endif 1520 size += envc + argc + 2; 1521 size += 1; /* argc itself */ 1522 size *= n; 1523 if (size & 15) 1524 sp -= 16 - (size & 15); 1525 1526 /* This is correct because Linux defines 1527 * elf_addr_t as Elf32_Off / Elf64_Off 1528 */ 1529 #define NEW_AUX_ENT(id, val) do { \ 1530 sp -= n; put_user_ual(val, sp); \ 1531 sp -= n; put_user_ual(id, sp); \ 1532 } while(0) 1533 1534 sp_auxv = sp; 1535 NEW_AUX_ENT (AT_NULL, 0); 1536 1537 /* There must be exactly DLINFO_ITEMS entries here. */ 1538 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1539 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1540 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1541 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 1542 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1543 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1544 NEW_AUX_ENT(AT_ENTRY, info->entry); 1545 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1546 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1547 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1548 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1549 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1550 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1551 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 1552 1553 #ifdef ELF_HWCAP2 1554 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 1555 #endif 1556 1557 if (k_platform) 1558 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1559 #ifdef ARCH_DLINFO 1560 /* 1561 * ARCH_DLINFO must come last so platform specific code can enforce 1562 * special alignment requirements on the AUXV if necessary (eg. PPC). 1563 */ 1564 ARCH_DLINFO; 1565 #endif 1566 #undef NEW_AUX_ENT 1567 1568 info->saved_auxv = sp; 1569 info->auxv_len = sp_auxv - sp; 1570 1571 sp = loader_build_argptr(envc, argc, sp, p, 0); 1572 /* Check the right amount of stack was allocated for auxvec, envp & argv. */ 1573 assert(sp_auxv - sp == size); 1574 return sp; 1575 } 1576 1577 #ifndef TARGET_HAS_VALIDATE_GUEST_SPACE 1578 /* If the guest doesn't have a validation function just agree */ 1579 static int validate_guest_space(unsigned long guest_base, 1580 unsigned long guest_size) 1581 { 1582 return 1; 1583 } 1584 #endif 1585 1586 unsigned long init_guest_space(unsigned long host_start, 1587 unsigned long host_size, 1588 unsigned long guest_start, 1589 bool fixed) 1590 { 1591 unsigned long current_start, real_start; 1592 int flags; 1593 1594 assert(host_start || host_size); 1595 1596 /* If just a starting address is given, then just verify that 1597 * address. */ 1598 if (host_start && !host_size) { 1599 if (validate_guest_space(host_start, host_size) == 1) { 1600 return host_start; 1601 } else { 1602 return (unsigned long)-1; 1603 } 1604 } 1605 1606 /* Setup the initial flags and start address. */ 1607 current_start = host_start & qemu_host_page_mask; 1608 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 1609 if (fixed) { 1610 flags |= MAP_FIXED; 1611 } 1612 1613 /* Otherwise, a non-zero size region of memory needs to be mapped 1614 * and validated. */ 1615 while (1) { 1616 unsigned long real_size = host_size; 1617 1618 /* Do not use mmap_find_vma here because that is limited to the 1619 * guest address space. We are going to make the 1620 * guest address space fit whatever we're given. 1621 */ 1622 real_start = (unsigned long) 1623 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0); 1624 if (real_start == (unsigned long)-1) { 1625 return (unsigned long)-1; 1626 } 1627 1628 /* Ensure the address is properly aligned. */ 1629 if (real_start & ~qemu_host_page_mask) { 1630 munmap((void *)real_start, host_size); 1631 real_size = host_size + qemu_host_page_size; 1632 real_start = (unsigned long) 1633 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0); 1634 if (real_start == (unsigned long)-1) { 1635 return (unsigned long)-1; 1636 } 1637 real_start = HOST_PAGE_ALIGN(real_start); 1638 } 1639 1640 /* Check to see if the address is valid. */ 1641 if (!host_start || real_start == current_start) { 1642 int valid = validate_guest_space(real_start - guest_start, 1643 real_size); 1644 if (valid == 1) { 1645 break; 1646 } else if (valid == -1) { 1647 return (unsigned long)-1; 1648 } 1649 /* valid == 0, so try again. */ 1650 } 1651 1652 /* That address didn't work. Unmap and try a different one. 1653 * The address the host picked because is typically right at 1654 * the top of the host address space and leaves the guest with 1655 * no usable address space. Resort to a linear search. We 1656 * already compensated for mmap_min_addr, so this should not 1657 * happen often. Probably means we got unlucky and host 1658 * address space randomization put a shared library somewhere 1659 * inconvenient. 1660 */ 1661 munmap((void *)real_start, host_size); 1662 current_start += qemu_host_page_size; 1663 if (host_start == current_start) { 1664 /* Theoretically possible if host doesn't have any suitably 1665 * aligned areas. Normally the first mmap will fail. 1666 */ 1667 return (unsigned long)-1; 1668 } 1669 } 1670 1671 qemu_log("Reserved 0x%lx bytes of guest address space\n", host_size); 1672 1673 return real_start; 1674 } 1675 1676 static void probe_guest_base(const char *image_name, 1677 abi_ulong loaddr, abi_ulong hiaddr) 1678 { 1679 /* Probe for a suitable guest base address, if the user has not set 1680 * it explicitly, and set guest_base appropriately. 1681 * In case of error we will print a suitable message and exit. 1682 */ 1683 #if defined(CONFIG_USE_GUEST_BASE) 1684 const char *errmsg; 1685 if (!have_guest_base && !reserved_va) { 1686 unsigned long host_start, real_start, host_size; 1687 1688 /* Round addresses to page boundaries. */ 1689 loaddr &= qemu_host_page_mask; 1690 hiaddr = HOST_PAGE_ALIGN(hiaddr); 1691 1692 if (loaddr < mmap_min_addr) { 1693 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 1694 } else { 1695 host_start = loaddr; 1696 if (host_start != loaddr) { 1697 errmsg = "Address overflow loading ELF binary"; 1698 goto exit_errmsg; 1699 } 1700 } 1701 host_size = hiaddr - loaddr; 1702 1703 /* Setup the initial guest memory space with ranges gleaned from 1704 * the ELF image that is being loaded. 1705 */ 1706 real_start = init_guest_space(host_start, host_size, loaddr, false); 1707 if (real_start == (unsigned long)-1) { 1708 errmsg = "Unable to find space for application"; 1709 goto exit_errmsg; 1710 } 1711 guest_base = real_start - loaddr; 1712 1713 qemu_log("Relocating guest address space from 0x" 1714 TARGET_ABI_FMT_lx " to 0x%lx\n", 1715 loaddr, real_start); 1716 } 1717 return; 1718 1719 exit_errmsg: 1720 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1721 exit(-1); 1722 #endif 1723 } 1724 1725 1726 /* Load an ELF image into the address space. 1727 1728 IMAGE_NAME is the filename of the image, to use in error messages. 1729 IMAGE_FD is the open file descriptor for the image. 1730 1731 BPRM_BUF is a copy of the beginning of the file; this of course 1732 contains the elf file header at offset 0. It is assumed that this 1733 buffer is sufficiently aligned to present no problems to the host 1734 in accessing data at aligned offsets within the buffer. 1735 1736 On return: INFO values will be filled in, as necessary or available. */ 1737 1738 static void load_elf_image(const char *image_name, int image_fd, 1739 struct image_info *info, char **pinterp_name, 1740 char bprm_buf[BPRM_BUF_SIZE]) 1741 { 1742 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 1743 struct elf_phdr *phdr; 1744 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 1745 int i, retval; 1746 const char *errmsg; 1747 1748 /* First of all, some simple consistency checks */ 1749 errmsg = "Invalid ELF image for this architecture"; 1750 if (!elf_check_ident(ehdr)) { 1751 goto exit_errmsg; 1752 } 1753 bswap_ehdr(ehdr); 1754 if (!elf_check_ehdr(ehdr)) { 1755 goto exit_errmsg; 1756 } 1757 1758 i = ehdr->e_phnum * sizeof(struct elf_phdr); 1759 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 1760 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 1761 } else { 1762 phdr = (struct elf_phdr *) alloca(i); 1763 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 1764 if (retval != i) { 1765 goto exit_read; 1766 } 1767 } 1768 bswap_phdr(phdr, ehdr->e_phnum); 1769 1770 #ifdef CONFIG_USE_FDPIC 1771 info->nsegs = 0; 1772 info->pt_dynamic_addr = 0; 1773 #endif 1774 1775 /* Find the maximum size of the image and allocate an appropriate 1776 amount of memory to handle that. */ 1777 loaddr = -1, hiaddr = 0; 1778 for (i = 0; i < ehdr->e_phnum; ++i) { 1779 if (phdr[i].p_type == PT_LOAD) { 1780 abi_ulong a = phdr[i].p_vaddr; 1781 if (a < loaddr) { 1782 loaddr = a; 1783 } 1784 a += phdr[i].p_memsz; 1785 if (a > hiaddr) { 1786 hiaddr = a; 1787 } 1788 #ifdef CONFIG_USE_FDPIC 1789 ++info->nsegs; 1790 #endif 1791 } 1792 } 1793 1794 load_addr = loaddr; 1795 if (ehdr->e_type == ET_DYN) { 1796 /* The image indicates that it can be loaded anywhere. Find a 1797 location that can hold the memory space required. If the 1798 image is pre-linked, LOADDR will be non-zero. Since we do 1799 not supply MAP_FIXED here we'll use that address if and 1800 only if it remains available. */ 1801 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 1802 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 1803 -1, 0); 1804 if (load_addr == -1) { 1805 goto exit_perror; 1806 } 1807 } else if (pinterp_name != NULL) { 1808 /* This is the main executable. Make sure that the low 1809 address does not conflict with MMAP_MIN_ADDR or the 1810 QEMU application itself. */ 1811 probe_guest_base(image_name, loaddr, hiaddr); 1812 } 1813 load_bias = load_addr - loaddr; 1814 1815 #ifdef CONFIG_USE_FDPIC 1816 { 1817 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 1818 g_malloc(sizeof(*loadsegs) * info->nsegs); 1819 1820 for (i = 0; i < ehdr->e_phnum; ++i) { 1821 switch (phdr[i].p_type) { 1822 case PT_DYNAMIC: 1823 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 1824 break; 1825 case PT_LOAD: 1826 loadsegs->addr = phdr[i].p_vaddr + load_bias; 1827 loadsegs->p_vaddr = phdr[i].p_vaddr; 1828 loadsegs->p_memsz = phdr[i].p_memsz; 1829 ++loadsegs; 1830 break; 1831 } 1832 } 1833 } 1834 #endif 1835 1836 info->load_bias = load_bias; 1837 info->load_addr = load_addr; 1838 info->entry = ehdr->e_entry + load_bias; 1839 info->start_code = -1; 1840 info->end_code = 0; 1841 info->start_data = -1; 1842 info->end_data = 0; 1843 info->brk = 0; 1844 info->elf_flags = ehdr->e_flags; 1845 1846 for (i = 0; i < ehdr->e_phnum; i++) { 1847 struct elf_phdr *eppnt = phdr + i; 1848 if (eppnt->p_type == PT_LOAD) { 1849 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 1850 int elf_prot = 0; 1851 1852 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 1853 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 1854 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 1855 1856 vaddr = load_bias + eppnt->p_vaddr; 1857 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 1858 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 1859 1860 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 1861 elf_prot, MAP_PRIVATE | MAP_FIXED, 1862 image_fd, eppnt->p_offset - vaddr_po); 1863 if (error == -1) { 1864 goto exit_perror; 1865 } 1866 1867 vaddr_ef = vaddr + eppnt->p_filesz; 1868 vaddr_em = vaddr + eppnt->p_memsz; 1869 1870 /* If the load segment requests extra zeros (e.g. bss), map it. */ 1871 if (vaddr_ef < vaddr_em) { 1872 zero_bss(vaddr_ef, vaddr_em, elf_prot); 1873 } 1874 1875 /* Find the full program boundaries. */ 1876 if (elf_prot & PROT_EXEC) { 1877 if (vaddr < info->start_code) { 1878 info->start_code = vaddr; 1879 } 1880 if (vaddr_ef > info->end_code) { 1881 info->end_code = vaddr_ef; 1882 } 1883 } 1884 if (elf_prot & PROT_WRITE) { 1885 if (vaddr < info->start_data) { 1886 info->start_data = vaddr; 1887 } 1888 if (vaddr_ef > info->end_data) { 1889 info->end_data = vaddr_ef; 1890 } 1891 if (vaddr_em > info->brk) { 1892 info->brk = vaddr_em; 1893 } 1894 } 1895 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 1896 char *interp_name; 1897 1898 if (*pinterp_name) { 1899 errmsg = "Multiple PT_INTERP entries"; 1900 goto exit_errmsg; 1901 } 1902 interp_name = malloc(eppnt->p_filesz); 1903 if (!interp_name) { 1904 goto exit_perror; 1905 } 1906 1907 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 1908 memcpy(interp_name, bprm_buf + eppnt->p_offset, 1909 eppnt->p_filesz); 1910 } else { 1911 retval = pread(image_fd, interp_name, eppnt->p_filesz, 1912 eppnt->p_offset); 1913 if (retval != eppnt->p_filesz) { 1914 goto exit_perror; 1915 } 1916 } 1917 if (interp_name[eppnt->p_filesz - 1] != 0) { 1918 errmsg = "Invalid PT_INTERP entry"; 1919 goto exit_errmsg; 1920 } 1921 *pinterp_name = interp_name; 1922 } 1923 } 1924 1925 if (info->end_data == 0) { 1926 info->start_data = info->end_code; 1927 info->end_data = info->end_code; 1928 info->brk = info->end_code; 1929 } 1930 1931 if (qemu_log_enabled()) { 1932 load_symbols(ehdr, image_fd, load_bias); 1933 } 1934 1935 close(image_fd); 1936 return; 1937 1938 exit_read: 1939 if (retval >= 0) { 1940 errmsg = "Incomplete read of file header"; 1941 goto exit_errmsg; 1942 } 1943 exit_perror: 1944 errmsg = strerror(errno); 1945 exit_errmsg: 1946 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1947 exit(-1); 1948 } 1949 1950 static void load_elf_interp(const char *filename, struct image_info *info, 1951 char bprm_buf[BPRM_BUF_SIZE]) 1952 { 1953 int fd, retval; 1954 1955 fd = open(path(filename), O_RDONLY); 1956 if (fd < 0) { 1957 goto exit_perror; 1958 } 1959 1960 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 1961 if (retval < 0) { 1962 goto exit_perror; 1963 } 1964 if (retval < BPRM_BUF_SIZE) { 1965 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 1966 } 1967 1968 load_elf_image(filename, fd, info, NULL, bprm_buf); 1969 return; 1970 1971 exit_perror: 1972 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 1973 exit(-1); 1974 } 1975 1976 static int symfind(const void *s0, const void *s1) 1977 { 1978 target_ulong addr = *(target_ulong *)s0; 1979 struct elf_sym *sym = (struct elf_sym *)s1; 1980 int result = 0; 1981 if (addr < sym->st_value) { 1982 result = -1; 1983 } else if (addr >= sym->st_value + sym->st_size) { 1984 result = 1; 1985 } 1986 return result; 1987 } 1988 1989 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 1990 { 1991 #if ELF_CLASS == ELFCLASS32 1992 struct elf_sym *syms = s->disas_symtab.elf32; 1993 #else 1994 struct elf_sym *syms = s->disas_symtab.elf64; 1995 #endif 1996 1997 // binary search 1998 struct elf_sym *sym; 1999 2000 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 2001 if (sym != NULL) { 2002 return s->disas_strtab + sym->st_name; 2003 } 2004 2005 return ""; 2006 } 2007 2008 /* FIXME: This should use elf_ops.h */ 2009 static int symcmp(const void *s0, const void *s1) 2010 { 2011 struct elf_sym *sym0 = (struct elf_sym *)s0; 2012 struct elf_sym *sym1 = (struct elf_sym *)s1; 2013 return (sym0->st_value < sym1->st_value) 2014 ? -1 2015 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 2016 } 2017 2018 /* Best attempt to load symbols from this ELF object. */ 2019 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 2020 { 2021 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 2022 struct elf_shdr *shdr; 2023 char *strings = NULL; 2024 struct syminfo *s = NULL; 2025 struct elf_sym *new_syms, *syms = NULL; 2026 2027 shnum = hdr->e_shnum; 2028 i = shnum * sizeof(struct elf_shdr); 2029 shdr = (struct elf_shdr *)alloca(i); 2030 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 2031 return; 2032 } 2033 2034 bswap_shdr(shdr, shnum); 2035 for (i = 0; i < shnum; ++i) { 2036 if (shdr[i].sh_type == SHT_SYMTAB) { 2037 sym_idx = i; 2038 str_idx = shdr[i].sh_link; 2039 goto found; 2040 } 2041 } 2042 2043 /* There will be no symbol table if the file was stripped. */ 2044 return; 2045 2046 found: 2047 /* Now know where the strtab and symtab are. Snarf them. */ 2048 s = malloc(sizeof(*s)); 2049 if (!s) { 2050 goto give_up; 2051 } 2052 2053 i = shdr[str_idx].sh_size; 2054 s->disas_strtab = strings = malloc(i); 2055 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) { 2056 goto give_up; 2057 } 2058 2059 i = shdr[sym_idx].sh_size; 2060 syms = malloc(i); 2061 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) { 2062 goto give_up; 2063 } 2064 2065 nsyms = i / sizeof(struct elf_sym); 2066 for (i = 0; i < nsyms; ) { 2067 bswap_sym(syms + i); 2068 /* Throw away entries which we do not need. */ 2069 if (syms[i].st_shndx == SHN_UNDEF 2070 || syms[i].st_shndx >= SHN_LORESERVE 2071 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 2072 if (i < --nsyms) { 2073 syms[i] = syms[nsyms]; 2074 } 2075 } else { 2076 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 2077 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 2078 syms[i].st_value &= ~(target_ulong)1; 2079 #endif 2080 syms[i].st_value += load_bias; 2081 i++; 2082 } 2083 } 2084 2085 /* No "useful" symbol. */ 2086 if (nsyms == 0) { 2087 goto give_up; 2088 } 2089 2090 /* Attempt to free the storage associated with the local symbols 2091 that we threw away. Whether or not this has any effect on the 2092 memory allocation depends on the malloc implementation and how 2093 many symbols we managed to discard. */ 2094 new_syms = realloc(syms, nsyms * sizeof(*syms)); 2095 if (new_syms == NULL) { 2096 goto give_up; 2097 } 2098 syms = new_syms; 2099 2100 qsort(syms, nsyms, sizeof(*syms), symcmp); 2101 2102 s->disas_num_syms = nsyms; 2103 #if ELF_CLASS == ELFCLASS32 2104 s->disas_symtab.elf32 = syms; 2105 #else 2106 s->disas_symtab.elf64 = syms; 2107 #endif 2108 s->lookup_symbol = lookup_symbolxx; 2109 s->next = syminfos; 2110 syminfos = s; 2111 2112 return; 2113 2114 give_up: 2115 free(s); 2116 free(strings); 2117 free(syms); 2118 } 2119 2120 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 2121 { 2122 struct image_info interp_info; 2123 struct elfhdr elf_ex; 2124 char *elf_interpreter = NULL; 2125 2126 info->start_mmap = (abi_ulong)ELF_START_MMAP; 2127 info->mmap = 0; 2128 info->rss = 0; 2129 2130 load_elf_image(bprm->filename, bprm->fd, info, 2131 &elf_interpreter, bprm->buf); 2132 2133 /* ??? We need a copy of the elf header for passing to create_elf_tables. 2134 If we do nothing, we'll have overwritten this when we re-use bprm->buf 2135 when we load the interpreter. */ 2136 elf_ex = *(struct elfhdr *)bprm->buf; 2137 2138 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p); 2139 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p); 2140 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p); 2141 if (!bprm->p) { 2142 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 2143 exit(-1); 2144 } 2145 2146 /* Do this so that we can load the interpreter, if need be. We will 2147 change some of these later */ 2148 bprm->p = setup_arg_pages(bprm->p, bprm, info); 2149 2150 if (elf_interpreter) { 2151 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 2152 2153 /* If the program interpreter is one of these two, then assume 2154 an iBCS2 image. Otherwise assume a native linux image. */ 2155 2156 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 2157 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 2158 info->personality = PER_SVR4; 2159 2160 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 2161 and some applications "depend" upon this behavior. Since 2162 we do not have the power to recompile these, we emulate 2163 the SVr4 behavior. Sigh. */ 2164 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 2165 MAP_FIXED | MAP_PRIVATE, -1, 0); 2166 } 2167 } 2168 2169 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 2170 info, (elf_interpreter ? &interp_info : NULL)); 2171 info->start_stack = bprm->p; 2172 2173 /* If we have an interpreter, set that as the program's entry point. 2174 Copy the load_bias as well, to help PPC64 interpret the entry 2175 point as a function descriptor. Do this after creating elf tables 2176 so that we copy the original program entry point into the AUXV. */ 2177 if (elf_interpreter) { 2178 info->load_bias = interp_info.load_bias; 2179 info->entry = interp_info.entry; 2180 free(elf_interpreter); 2181 } 2182 2183 #ifdef USE_ELF_CORE_DUMP 2184 bprm->core_dump = &elf_core_dump; 2185 #endif 2186 2187 return 0; 2188 } 2189 2190 #ifdef USE_ELF_CORE_DUMP 2191 /* 2192 * Definitions to generate Intel SVR4-like core files. 2193 * These mostly have the same names as the SVR4 types with "target_elf_" 2194 * tacked on the front to prevent clashes with linux definitions, 2195 * and the typedef forms have been avoided. This is mostly like 2196 * the SVR4 structure, but more Linuxy, with things that Linux does 2197 * not support and which gdb doesn't really use excluded. 2198 * 2199 * Fields we don't dump (their contents is zero) in linux-user qemu 2200 * are marked with XXX. 2201 * 2202 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 2203 * 2204 * Porting ELF coredump for target is (quite) simple process. First you 2205 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 2206 * the target resides): 2207 * 2208 * #define USE_ELF_CORE_DUMP 2209 * 2210 * Next you define type of register set used for dumping. ELF specification 2211 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 2212 * 2213 * typedef <target_regtype> target_elf_greg_t; 2214 * #define ELF_NREG <number of registers> 2215 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 2216 * 2217 * Last step is to implement target specific function that copies registers 2218 * from given cpu into just specified register set. Prototype is: 2219 * 2220 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 2221 * const CPUArchState *env); 2222 * 2223 * Parameters: 2224 * regs - copy register values into here (allocated and zeroed by caller) 2225 * env - copy registers from here 2226 * 2227 * Example for ARM target is provided in this file. 2228 */ 2229 2230 /* An ELF note in memory */ 2231 struct memelfnote { 2232 const char *name; 2233 size_t namesz; 2234 size_t namesz_rounded; 2235 int type; 2236 size_t datasz; 2237 size_t datasz_rounded; 2238 void *data; 2239 size_t notesz; 2240 }; 2241 2242 struct target_elf_siginfo { 2243 abi_int si_signo; /* signal number */ 2244 abi_int si_code; /* extra code */ 2245 abi_int si_errno; /* errno */ 2246 }; 2247 2248 struct target_elf_prstatus { 2249 struct target_elf_siginfo pr_info; /* Info associated with signal */ 2250 abi_short pr_cursig; /* Current signal */ 2251 abi_ulong pr_sigpend; /* XXX */ 2252 abi_ulong pr_sighold; /* XXX */ 2253 target_pid_t pr_pid; 2254 target_pid_t pr_ppid; 2255 target_pid_t pr_pgrp; 2256 target_pid_t pr_sid; 2257 struct target_timeval pr_utime; /* XXX User time */ 2258 struct target_timeval pr_stime; /* XXX System time */ 2259 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 2260 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 2261 target_elf_gregset_t pr_reg; /* GP registers */ 2262 abi_int pr_fpvalid; /* XXX */ 2263 }; 2264 2265 #define ELF_PRARGSZ (80) /* Number of chars for args */ 2266 2267 struct target_elf_prpsinfo { 2268 char pr_state; /* numeric process state */ 2269 char pr_sname; /* char for pr_state */ 2270 char pr_zomb; /* zombie */ 2271 char pr_nice; /* nice val */ 2272 abi_ulong pr_flag; /* flags */ 2273 target_uid_t pr_uid; 2274 target_gid_t pr_gid; 2275 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 2276 /* Lots missing */ 2277 char pr_fname[16]; /* filename of executable */ 2278 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 2279 }; 2280 2281 /* Here is the structure in which status of each thread is captured. */ 2282 struct elf_thread_status { 2283 QTAILQ_ENTRY(elf_thread_status) ets_link; 2284 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 2285 #if 0 2286 elf_fpregset_t fpu; /* NT_PRFPREG */ 2287 struct task_struct *thread; 2288 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 2289 #endif 2290 struct memelfnote notes[1]; 2291 int num_notes; 2292 }; 2293 2294 struct elf_note_info { 2295 struct memelfnote *notes; 2296 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 2297 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 2298 2299 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list; 2300 #if 0 2301 /* 2302 * Current version of ELF coredump doesn't support 2303 * dumping fp regs etc. 2304 */ 2305 elf_fpregset_t *fpu; 2306 elf_fpxregset_t *xfpu; 2307 int thread_status_size; 2308 #endif 2309 int notes_size; 2310 int numnote; 2311 }; 2312 2313 struct vm_area_struct { 2314 abi_ulong vma_start; /* start vaddr of memory region */ 2315 abi_ulong vma_end; /* end vaddr of memory region */ 2316 abi_ulong vma_flags; /* protection etc. flags for the region */ 2317 QTAILQ_ENTRY(vm_area_struct) vma_link; 2318 }; 2319 2320 struct mm_struct { 2321 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 2322 int mm_count; /* number of mappings */ 2323 }; 2324 2325 static struct mm_struct *vma_init(void); 2326 static void vma_delete(struct mm_struct *); 2327 static int vma_add_mapping(struct mm_struct *, abi_ulong, 2328 abi_ulong, abi_ulong); 2329 static int vma_get_mapping_count(const struct mm_struct *); 2330 static struct vm_area_struct *vma_first(const struct mm_struct *); 2331 static struct vm_area_struct *vma_next(struct vm_area_struct *); 2332 static abi_ulong vma_dump_size(const struct vm_area_struct *); 2333 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 2334 unsigned long flags); 2335 2336 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 2337 static void fill_note(struct memelfnote *, const char *, int, 2338 unsigned int, void *); 2339 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 2340 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 2341 static void fill_auxv_note(struct memelfnote *, const TaskState *); 2342 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 2343 static size_t note_size(const struct memelfnote *); 2344 static void free_note_info(struct elf_note_info *); 2345 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 2346 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 2347 static int core_dump_filename(const TaskState *, char *, size_t); 2348 2349 static int dump_write(int, const void *, size_t); 2350 static int write_note(struct memelfnote *, int); 2351 static int write_note_info(struct elf_note_info *, int); 2352 2353 #ifdef BSWAP_NEEDED 2354 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 2355 { 2356 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 2357 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 2358 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 2359 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 2360 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 2361 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 2362 prstatus->pr_pid = tswap32(prstatus->pr_pid); 2363 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 2364 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 2365 prstatus->pr_sid = tswap32(prstatus->pr_sid); 2366 /* cpu times are not filled, so we skip them */ 2367 /* regs should be in correct format already */ 2368 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 2369 } 2370 2371 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 2372 { 2373 psinfo->pr_flag = tswapal(psinfo->pr_flag); 2374 psinfo->pr_uid = tswap16(psinfo->pr_uid); 2375 psinfo->pr_gid = tswap16(psinfo->pr_gid); 2376 psinfo->pr_pid = tswap32(psinfo->pr_pid); 2377 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 2378 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 2379 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2380 } 2381 2382 static void bswap_note(struct elf_note *en) 2383 { 2384 bswap32s(&en->n_namesz); 2385 bswap32s(&en->n_descsz); 2386 bswap32s(&en->n_type); 2387 } 2388 #else 2389 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2390 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2391 static inline void bswap_note(struct elf_note *en) { } 2392 #endif /* BSWAP_NEEDED */ 2393 2394 /* 2395 * Minimal support for linux memory regions. These are needed 2396 * when we are finding out what memory exactly belongs to 2397 * emulated process. No locks needed here, as long as 2398 * thread that received the signal is stopped. 2399 */ 2400 2401 static struct mm_struct *vma_init(void) 2402 { 2403 struct mm_struct *mm; 2404 2405 if ((mm = g_malloc(sizeof (*mm))) == NULL) 2406 return (NULL); 2407 2408 mm->mm_count = 0; 2409 QTAILQ_INIT(&mm->mm_mmap); 2410 2411 return (mm); 2412 } 2413 2414 static void vma_delete(struct mm_struct *mm) 2415 { 2416 struct vm_area_struct *vma; 2417 2418 while ((vma = vma_first(mm)) != NULL) { 2419 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 2420 g_free(vma); 2421 } 2422 g_free(mm); 2423 } 2424 2425 static int vma_add_mapping(struct mm_struct *mm, abi_ulong start, 2426 abi_ulong end, abi_ulong flags) 2427 { 2428 struct vm_area_struct *vma; 2429 2430 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 2431 return (-1); 2432 2433 vma->vma_start = start; 2434 vma->vma_end = end; 2435 vma->vma_flags = flags; 2436 2437 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 2438 mm->mm_count++; 2439 2440 return (0); 2441 } 2442 2443 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 2444 { 2445 return (QTAILQ_FIRST(&mm->mm_mmap)); 2446 } 2447 2448 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 2449 { 2450 return (QTAILQ_NEXT(vma, vma_link)); 2451 } 2452 2453 static int vma_get_mapping_count(const struct mm_struct *mm) 2454 { 2455 return (mm->mm_count); 2456 } 2457 2458 /* 2459 * Calculate file (dump) size of given memory region. 2460 */ 2461 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 2462 { 2463 /* if we cannot even read the first page, skip it */ 2464 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 2465 return (0); 2466 2467 /* 2468 * Usually we don't dump executable pages as they contain 2469 * non-writable code that debugger can read directly from 2470 * target library etc. However, thread stacks are marked 2471 * also executable so we read in first page of given region 2472 * and check whether it contains elf header. If there is 2473 * no elf header, we dump it. 2474 */ 2475 if (vma->vma_flags & PROT_EXEC) { 2476 char page[TARGET_PAGE_SIZE]; 2477 2478 copy_from_user(page, vma->vma_start, sizeof (page)); 2479 if ((page[EI_MAG0] == ELFMAG0) && 2480 (page[EI_MAG1] == ELFMAG1) && 2481 (page[EI_MAG2] == ELFMAG2) && 2482 (page[EI_MAG3] == ELFMAG3)) { 2483 /* 2484 * Mappings are possibly from ELF binary. Don't dump 2485 * them. 2486 */ 2487 return (0); 2488 } 2489 } 2490 2491 return (vma->vma_end - vma->vma_start); 2492 } 2493 2494 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 2495 unsigned long flags) 2496 { 2497 struct mm_struct *mm = (struct mm_struct *)priv; 2498 2499 vma_add_mapping(mm, start, end, flags); 2500 return (0); 2501 } 2502 2503 static void fill_note(struct memelfnote *note, const char *name, int type, 2504 unsigned int sz, void *data) 2505 { 2506 unsigned int namesz; 2507 2508 namesz = strlen(name) + 1; 2509 note->name = name; 2510 note->namesz = namesz; 2511 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 2512 note->type = type; 2513 note->datasz = sz; 2514 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 2515 2516 note->data = data; 2517 2518 /* 2519 * We calculate rounded up note size here as specified by 2520 * ELF document. 2521 */ 2522 note->notesz = sizeof (struct elf_note) + 2523 note->namesz_rounded + note->datasz_rounded; 2524 } 2525 2526 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 2527 uint32_t flags) 2528 { 2529 (void) memset(elf, 0, sizeof(*elf)); 2530 2531 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 2532 elf->e_ident[EI_CLASS] = ELF_CLASS; 2533 elf->e_ident[EI_DATA] = ELF_DATA; 2534 elf->e_ident[EI_VERSION] = EV_CURRENT; 2535 elf->e_ident[EI_OSABI] = ELF_OSABI; 2536 2537 elf->e_type = ET_CORE; 2538 elf->e_machine = machine; 2539 elf->e_version = EV_CURRENT; 2540 elf->e_phoff = sizeof(struct elfhdr); 2541 elf->e_flags = flags; 2542 elf->e_ehsize = sizeof(struct elfhdr); 2543 elf->e_phentsize = sizeof(struct elf_phdr); 2544 elf->e_phnum = segs; 2545 2546 bswap_ehdr(elf); 2547 } 2548 2549 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 2550 { 2551 phdr->p_type = PT_NOTE; 2552 phdr->p_offset = offset; 2553 phdr->p_vaddr = 0; 2554 phdr->p_paddr = 0; 2555 phdr->p_filesz = sz; 2556 phdr->p_memsz = 0; 2557 phdr->p_flags = 0; 2558 phdr->p_align = 0; 2559 2560 bswap_phdr(phdr, 1); 2561 } 2562 2563 static size_t note_size(const struct memelfnote *note) 2564 { 2565 return (note->notesz); 2566 } 2567 2568 static void fill_prstatus(struct target_elf_prstatus *prstatus, 2569 const TaskState *ts, int signr) 2570 { 2571 (void) memset(prstatus, 0, sizeof (*prstatus)); 2572 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 2573 prstatus->pr_pid = ts->ts_tid; 2574 prstatus->pr_ppid = getppid(); 2575 prstatus->pr_pgrp = getpgrp(); 2576 prstatus->pr_sid = getsid(0); 2577 2578 bswap_prstatus(prstatus); 2579 } 2580 2581 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 2582 { 2583 char *base_filename; 2584 unsigned int i, len; 2585 2586 (void) memset(psinfo, 0, sizeof (*psinfo)); 2587 2588 len = ts->info->arg_end - ts->info->arg_start; 2589 if (len >= ELF_PRARGSZ) 2590 len = ELF_PRARGSZ - 1; 2591 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 2592 return -EFAULT; 2593 for (i = 0; i < len; i++) 2594 if (psinfo->pr_psargs[i] == 0) 2595 psinfo->pr_psargs[i] = ' '; 2596 psinfo->pr_psargs[len] = 0; 2597 2598 psinfo->pr_pid = getpid(); 2599 psinfo->pr_ppid = getppid(); 2600 psinfo->pr_pgrp = getpgrp(); 2601 psinfo->pr_sid = getsid(0); 2602 psinfo->pr_uid = getuid(); 2603 psinfo->pr_gid = getgid(); 2604 2605 base_filename = g_path_get_basename(ts->bprm->filename); 2606 /* 2607 * Using strncpy here is fine: at max-length, 2608 * this field is not NUL-terminated. 2609 */ 2610 (void) strncpy(psinfo->pr_fname, base_filename, 2611 sizeof(psinfo->pr_fname)); 2612 2613 g_free(base_filename); 2614 bswap_psinfo(psinfo); 2615 return (0); 2616 } 2617 2618 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 2619 { 2620 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 2621 elf_addr_t orig_auxv = auxv; 2622 void *ptr; 2623 int len = ts->info->auxv_len; 2624 2625 /* 2626 * Auxiliary vector is stored in target process stack. It contains 2627 * {type, value} pairs that we need to dump into note. This is not 2628 * strictly necessary but we do it here for sake of completeness. 2629 */ 2630 2631 /* read in whole auxv vector and copy it to memelfnote */ 2632 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 2633 if (ptr != NULL) { 2634 fill_note(note, "CORE", NT_AUXV, len, ptr); 2635 unlock_user(ptr, auxv, len); 2636 } 2637 } 2638 2639 /* 2640 * Constructs name of coredump file. We have following convention 2641 * for the name: 2642 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 2643 * 2644 * Returns 0 in case of success, -1 otherwise (errno is set). 2645 */ 2646 static int core_dump_filename(const TaskState *ts, char *buf, 2647 size_t bufsize) 2648 { 2649 char timestamp[64]; 2650 char *filename = NULL; 2651 char *base_filename = NULL; 2652 struct timeval tv; 2653 struct tm tm; 2654 2655 assert(bufsize >= PATH_MAX); 2656 2657 if (gettimeofday(&tv, NULL) < 0) { 2658 (void) fprintf(stderr, "unable to get current timestamp: %s", 2659 strerror(errno)); 2660 return (-1); 2661 } 2662 2663 filename = strdup(ts->bprm->filename); 2664 base_filename = strdup(basename(filename)); 2665 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 2666 localtime_r(&tv.tv_sec, &tm)); 2667 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 2668 base_filename, timestamp, (int)getpid()); 2669 free(base_filename); 2670 free(filename); 2671 2672 return (0); 2673 } 2674 2675 static int dump_write(int fd, const void *ptr, size_t size) 2676 { 2677 const char *bufp = (const char *)ptr; 2678 ssize_t bytes_written, bytes_left; 2679 struct rlimit dumpsize; 2680 off_t pos; 2681 2682 bytes_written = 0; 2683 getrlimit(RLIMIT_CORE, &dumpsize); 2684 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 2685 if (errno == ESPIPE) { /* not a seekable stream */ 2686 bytes_left = size; 2687 } else { 2688 return pos; 2689 } 2690 } else { 2691 if (dumpsize.rlim_cur <= pos) { 2692 return -1; 2693 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 2694 bytes_left = size; 2695 } else { 2696 size_t limit_left=dumpsize.rlim_cur - pos; 2697 bytes_left = limit_left >= size ? size : limit_left ; 2698 } 2699 } 2700 2701 /* 2702 * In normal conditions, single write(2) should do but 2703 * in case of socket etc. this mechanism is more portable. 2704 */ 2705 do { 2706 bytes_written = write(fd, bufp, bytes_left); 2707 if (bytes_written < 0) { 2708 if (errno == EINTR) 2709 continue; 2710 return (-1); 2711 } else if (bytes_written == 0) { /* eof */ 2712 return (-1); 2713 } 2714 bufp += bytes_written; 2715 bytes_left -= bytes_written; 2716 } while (bytes_left > 0); 2717 2718 return (0); 2719 } 2720 2721 static int write_note(struct memelfnote *men, int fd) 2722 { 2723 struct elf_note en; 2724 2725 en.n_namesz = men->namesz; 2726 en.n_type = men->type; 2727 en.n_descsz = men->datasz; 2728 2729 bswap_note(&en); 2730 2731 if (dump_write(fd, &en, sizeof(en)) != 0) 2732 return (-1); 2733 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 2734 return (-1); 2735 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 2736 return (-1); 2737 2738 return (0); 2739 } 2740 2741 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 2742 { 2743 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2744 TaskState *ts = (TaskState *)cpu->opaque; 2745 struct elf_thread_status *ets; 2746 2747 ets = g_malloc0(sizeof (*ets)); 2748 ets->num_notes = 1; /* only prstatus is dumped */ 2749 fill_prstatus(&ets->prstatus, ts, 0); 2750 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 2751 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 2752 &ets->prstatus); 2753 2754 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 2755 2756 info->notes_size += note_size(&ets->notes[0]); 2757 } 2758 2759 static void init_note_info(struct elf_note_info *info) 2760 { 2761 /* Initialize the elf_note_info structure so that it is at 2762 * least safe to call free_note_info() on it. Must be 2763 * called before calling fill_note_info(). 2764 */ 2765 memset(info, 0, sizeof (*info)); 2766 QTAILQ_INIT(&info->thread_list); 2767 } 2768 2769 static int fill_note_info(struct elf_note_info *info, 2770 long signr, const CPUArchState *env) 2771 { 2772 #define NUMNOTES 3 2773 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2774 TaskState *ts = (TaskState *)cpu->opaque; 2775 int i; 2776 2777 info->notes = g_malloc0(NUMNOTES * sizeof (struct memelfnote)); 2778 if (info->notes == NULL) 2779 return (-ENOMEM); 2780 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 2781 if (info->prstatus == NULL) 2782 return (-ENOMEM); 2783 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 2784 if (info->prstatus == NULL) 2785 return (-ENOMEM); 2786 2787 /* 2788 * First fill in status (and registers) of current thread 2789 * including process info & aux vector. 2790 */ 2791 fill_prstatus(info->prstatus, ts, signr); 2792 elf_core_copy_regs(&info->prstatus->pr_reg, env); 2793 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 2794 sizeof (*info->prstatus), info->prstatus); 2795 fill_psinfo(info->psinfo, ts); 2796 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 2797 sizeof (*info->psinfo), info->psinfo); 2798 fill_auxv_note(&info->notes[2], ts); 2799 info->numnote = 3; 2800 2801 info->notes_size = 0; 2802 for (i = 0; i < info->numnote; i++) 2803 info->notes_size += note_size(&info->notes[i]); 2804 2805 /* read and fill status of all threads */ 2806 cpu_list_lock(); 2807 CPU_FOREACH(cpu) { 2808 if (cpu == thread_cpu) { 2809 continue; 2810 } 2811 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 2812 } 2813 cpu_list_unlock(); 2814 2815 return (0); 2816 } 2817 2818 static void free_note_info(struct elf_note_info *info) 2819 { 2820 struct elf_thread_status *ets; 2821 2822 while (!QTAILQ_EMPTY(&info->thread_list)) { 2823 ets = QTAILQ_FIRST(&info->thread_list); 2824 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 2825 g_free(ets); 2826 } 2827 2828 g_free(info->prstatus); 2829 g_free(info->psinfo); 2830 g_free(info->notes); 2831 } 2832 2833 static int write_note_info(struct elf_note_info *info, int fd) 2834 { 2835 struct elf_thread_status *ets; 2836 int i, error = 0; 2837 2838 /* write prstatus, psinfo and auxv for current thread */ 2839 for (i = 0; i < info->numnote; i++) 2840 if ((error = write_note(&info->notes[i], fd)) != 0) 2841 return (error); 2842 2843 /* write prstatus for each thread */ 2844 for (ets = info->thread_list.tqh_first; ets != NULL; 2845 ets = ets->ets_link.tqe_next) { 2846 if ((error = write_note(&ets->notes[0], fd)) != 0) 2847 return (error); 2848 } 2849 2850 return (0); 2851 } 2852 2853 /* 2854 * Write out ELF coredump. 2855 * 2856 * See documentation of ELF object file format in: 2857 * http://www.caldera.com/developers/devspecs/gabi41.pdf 2858 * 2859 * Coredump format in linux is following: 2860 * 2861 * 0 +----------------------+ \ 2862 * | ELF header | ET_CORE | 2863 * +----------------------+ | 2864 * | ELF program headers | |--- headers 2865 * | - NOTE section | | 2866 * | - PT_LOAD sections | | 2867 * +----------------------+ / 2868 * | NOTEs: | 2869 * | - NT_PRSTATUS | 2870 * | - NT_PRSINFO | 2871 * | - NT_AUXV | 2872 * +----------------------+ <-- aligned to target page 2873 * | Process memory dump | 2874 * : : 2875 * . . 2876 * : : 2877 * | | 2878 * +----------------------+ 2879 * 2880 * NT_PRSTATUS -> struct elf_prstatus (per thread) 2881 * NT_PRSINFO -> struct elf_prpsinfo 2882 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 2883 * 2884 * Format follows System V format as close as possible. Current 2885 * version limitations are as follows: 2886 * - no floating point registers are dumped 2887 * 2888 * Function returns 0 in case of success, negative errno otherwise. 2889 * 2890 * TODO: make this work also during runtime: it should be 2891 * possible to force coredump from running process and then 2892 * continue processing. For example qemu could set up SIGUSR2 2893 * handler (provided that target process haven't registered 2894 * handler for that) that does the dump when signal is received. 2895 */ 2896 static int elf_core_dump(int signr, const CPUArchState *env) 2897 { 2898 const CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2899 const TaskState *ts = (const TaskState *)cpu->opaque; 2900 struct vm_area_struct *vma = NULL; 2901 char corefile[PATH_MAX]; 2902 struct elf_note_info info; 2903 struct elfhdr elf; 2904 struct elf_phdr phdr; 2905 struct rlimit dumpsize; 2906 struct mm_struct *mm = NULL; 2907 off_t offset = 0, data_offset = 0; 2908 int segs = 0; 2909 int fd = -1; 2910 2911 init_note_info(&info); 2912 2913 errno = 0; 2914 getrlimit(RLIMIT_CORE, &dumpsize); 2915 if (dumpsize.rlim_cur == 0) 2916 return 0; 2917 2918 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 2919 return (-errno); 2920 2921 if ((fd = open(corefile, O_WRONLY | O_CREAT, 2922 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 2923 return (-errno); 2924 2925 /* 2926 * Walk through target process memory mappings and 2927 * set up structure containing this information. After 2928 * this point vma_xxx functions can be used. 2929 */ 2930 if ((mm = vma_init()) == NULL) 2931 goto out; 2932 2933 walk_memory_regions(mm, vma_walker); 2934 segs = vma_get_mapping_count(mm); 2935 2936 /* 2937 * Construct valid coredump ELF header. We also 2938 * add one more segment for notes. 2939 */ 2940 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 2941 if (dump_write(fd, &elf, sizeof (elf)) != 0) 2942 goto out; 2943 2944 /* fill in in-memory version of notes */ 2945 if (fill_note_info(&info, signr, env) < 0) 2946 goto out; 2947 2948 offset += sizeof (elf); /* elf header */ 2949 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 2950 2951 /* write out notes program header */ 2952 fill_elf_note_phdr(&phdr, info.notes_size, offset); 2953 2954 offset += info.notes_size; 2955 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 2956 goto out; 2957 2958 /* 2959 * ELF specification wants data to start at page boundary so 2960 * we align it here. 2961 */ 2962 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 2963 2964 /* 2965 * Write program headers for memory regions mapped in 2966 * the target process. 2967 */ 2968 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 2969 (void) memset(&phdr, 0, sizeof (phdr)); 2970 2971 phdr.p_type = PT_LOAD; 2972 phdr.p_offset = offset; 2973 phdr.p_vaddr = vma->vma_start; 2974 phdr.p_paddr = 0; 2975 phdr.p_filesz = vma_dump_size(vma); 2976 offset += phdr.p_filesz; 2977 phdr.p_memsz = vma->vma_end - vma->vma_start; 2978 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 2979 if (vma->vma_flags & PROT_WRITE) 2980 phdr.p_flags |= PF_W; 2981 if (vma->vma_flags & PROT_EXEC) 2982 phdr.p_flags |= PF_X; 2983 phdr.p_align = ELF_EXEC_PAGESIZE; 2984 2985 bswap_phdr(&phdr, 1); 2986 dump_write(fd, &phdr, sizeof (phdr)); 2987 } 2988 2989 /* 2990 * Next we write notes just after program headers. No 2991 * alignment needed here. 2992 */ 2993 if (write_note_info(&info, fd) < 0) 2994 goto out; 2995 2996 /* align data to page boundary */ 2997 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 2998 goto out; 2999 3000 /* 3001 * Finally we can dump process memory into corefile as well. 3002 */ 3003 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3004 abi_ulong addr; 3005 abi_ulong end; 3006 3007 end = vma->vma_start + vma_dump_size(vma); 3008 3009 for (addr = vma->vma_start; addr < end; 3010 addr += TARGET_PAGE_SIZE) { 3011 char page[TARGET_PAGE_SIZE]; 3012 int error; 3013 3014 /* 3015 * Read in page from target process memory and 3016 * write it to coredump file. 3017 */ 3018 error = copy_from_user(page, addr, sizeof (page)); 3019 if (error != 0) { 3020 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 3021 addr); 3022 errno = -error; 3023 goto out; 3024 } 3025 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 3026 goto out; 3027 } 3028 } 3029 3030 out: 3031 free_note_info(&info); 3032 if (mm != NULL) 3033 vma_delete(mm); 3034 (void) close(fd); 3035 3036 if (errno != 0) 3037 return (-errno); 3038 return (0); 3039 } 3040 #endif /* USE_ELF_CORE_DUMP */ 3041 3042 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 3043 { 3044 init_thread(regs, infop); 3045 } 3046