1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include <sys/time.h> 3 #include <sys/param.h> 4 5 #include <stdio.h> 6 #include <sys/types.h> 7 #include <fcntl.h> 8 #include <errno.h> 9 #include <unistd.h> 10 #include <sys/mman.h> 11 #include <sys/resource.h> 12 #include <stdlib.h> 13 #include <string.h> 14 #include <time.h> 15 16 #include "qemu.h" 17 #include "disas.h" 18 19 #ifdef _ARCH_PPC64 20 #undef ARCH_DLINFO 21 #undef ELF_PLATFORM 22 #undef ELF_HWCAP 23 #undef ELF_CLASS 24 #undef ELF_DATA 25 #undef ELF_ARCH 26 #endif 27 28 #define ELF_OSABI ELFOSABI_SYSV 29 30 /* from personality.h */ 31 32 /* 33 * Flags for bug emulation. 34 * 35 * These occupy the top three bytes. 36 */ 37 enum { 38 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 39 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 40 descriptors (signal handling) */ 41 MMAP_PAGE_ZERO = 0x0100000, 42 ADDR_COMPAT_LAYOUT = 0x0200000, 43 READ_IMPLIES_EXEC = 0x0400000, 44 ADDR_LIMIT_32BIT = 0x0800000, 45 SHORT_INODE = 0x1000000, 46 WHOLE_SECONDS = 0x2000000, 47 STICKY_TIMEOUTS = 0x4000000, 48 ADDR_LIMIT_3GB = 0x8000000, 49 }; 50 51 /* 52 * Personality types. 53 * 54 * These go in the low byte. Avoid using the top bit, it will 55 * conflict with error returns. 56 */ 57 enum { 58 PER_LINUX = 0x0000, 59 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 60 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 61 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 62 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 63 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 64 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 65 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 66 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 67 PER_BSD = 0x0006, 68 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 69 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 70 PER_LINUX32 = 0x0008, 71 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 72 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 73 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 74 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 75 PER_RISCOS = 0x000c, 76 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 77 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 78 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 79 PER_HPUX = 0x0010, 80 PER_MASK = 0x00ff, 81 }; 82 83 /* 84 * Return the base personality without flags. 85 */ 86 #define personality(pers) (pers & PER_MASK) 87 88 /* this flag is uneffective under linux too, should be deleted */ 89 #ifndef MAP_DENYWRITE 90 #define MAP_DENYWRITE 0 91 #endif 92 93 /* should probably go in elf.h */ 94 #ifndef ELIBBAD 95 #define ELIBBAD 80 96 #endif 97 98 #ifdef TARGET_WORDS_BIGENDIAN 99 #define ELF_DATA ELFDATA2MSB 100 #else 101 #define ELF_DATA ELFDATA2LSB 102 #endif 103 104 typedef target_ulong target_elf_greg_t; 105 #ifdef USE_UID16 106 typedef target_ushort target_uid_t; 107 typedef target_ushort target_gid_t; 108 #else 109 typedef target_uint target_uid_t; 110 typedef target_uint target_gid_t; 111 #endif 112 typedef target_int target_pid_t; 113 114 #ifdef TARGET_I386 115 116 #define ELF_PLATFORM get_elf_platform() 117 118 static const char *get_elf_platform(void) 119 { 120 static char elf_platform[] = "i386"; 121 int family = (thread_env->cpuid_version >> 8) & 0xff; 122 if (family > 6) 123 family = 6; 124 if (family >= 3) 125 elf_platform[1] = '0' + family; 126 return elf_platform; 127 } 128 129 #define ELF_HWCAP get_elf_hwcap() 130 131 static uint32_t get_elf_hwcap(void) 132 { 133 return thread_env->cpuid_features; 134 } 135 136 #ifdef TARGET_X86_64 137 #define ELF_START_MMAP 0x2aaaaab000ULL 138 #define elf_check_arch(x) ( ((x) == ELF_ARCH) ) 139 140 #define ELF_CLASS ELFCLASS64 141 #define ELF_ARCH EM_X86_64 142 143 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 144 { 145 regs->rax = 0; 146 regs->rsp = infop->start_stack; 147 regs->rip = infop->entry; 148 } 149 150 #define ELF_NREG 27 151 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 152 153 /* 154 * Note that ELF_NREG should be 29 as there should be place for 155 * TRAPNO and ERR "registers" as well but linux doesn't dump 156 * those. 157 * 158 * See linux kernel: arch/x86/include/asm/elf.h 159 */ 160 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 161 { 162 (*regs)[0] = env->regs[15]; 163 (*regs)[1] = env->regs[14]; 164 (*regs)[2] = env->regs[13]; 165 (*regs)[3] = env->regs[12]; 166 (*regs)[4] = env->regs[R_EBP]; 167 (*regs)[5] = env->regs[R_EBX]; 168 (*regs)[6] = env->regs[11]; 169 (*regs)[7] = env->regs[10]; 170 (*regs)[8] = env->regs[9]; 171 (*regs)[9] = env->regs[8]; 172 (*regs)[10] = env->regs[R_EAX]; 173 (*regs)[11] = env->regs[R_ECX]; 174 (*regs)[12] = env->regs[R_EDX]; 175 (*regs)[13] = env->regs[R_ESI]; 176 (*regs)[14] = env->regs[R_EDI]; 177 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 178 (*regs)[16] = env->eip; 179 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 180 (*regs)[18] = env->eflags; 181 (*regs)[19] = env->regs[R_ESP]; 182 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 183 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 184 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 185 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 186 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 187 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 188 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 189 } 190 191 #else 192 193 #define ELF_START_MMAP 0x80000000 194 195 /* 196 * This is used to ensure we don't load something for the wrong architecture. 197 */ 198 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 199 200 /* 201 * These are used to set parameters in the core dumps. 202 */ 203 #define ELF_CLASS ELFCLASS32 204 #define ELF_ARCH EM_386 205 206 static inline void init_thread(struct target_pt_regs *regs, 207 struct image_info *infop) 208 { 209 regs->esp = infop->start_stack; 210 regs->eip = infop->entry; 211 212 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 213 starts %edx contains a pointer to a function which might be 214 registered using `atexit'. This provides a mean for the 215 dynamic linker to call DT_FINI functions for shared libraries 216 that have been loaded before the code runs. 217 218 A value of 0 tells we have no such handler. */ 219 regs->edx = 0; 220 } 221 222 #define ELF_NREG 17 223 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 224 225 /* 226 * Note that ELF_NREG should be 19 as there should be place for 227 * TRAPNO and ERR "registers" as well but linux doesn't dump 228 * those. 229 * 230 * See linux kernel: arch/x86/include/asm/elf.h 231 */ 232 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 233 { 234 (*regs)[0] = env->regs[R_EBX]; 235 (*regs)[1] = env->regs[R_ECX]; 236 (*regs)[2] = env->regs[R_EDX]; 237 (*regs)[3] = env->regs[R_ESI]; 238 (*regs)[4] = env->regs[R_EDI]; 239 (*regs)[5] = env->regs[R_EBP]; 240 (*regs)[6] = env->regs[R_EAX]; 241 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 242 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 243 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 244 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 245 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 246 (*regs)[12] = env->eip; 247 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 248 (*regs)[14] = env->eflags; 249 (*regs)[15] = env->regs[R_ESP]; 250 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 251 } 252 #endif 253 254 #define USE_ELF_CORE_DUMP 255 #define ELF_EXEC_PAGESIZE 4096 256 257 #endif 258 259 #ifdef TARGET_ARM 260 261 #define ELF_START_MMAP 0x80000000 262 263 #define elf_check_arch(x) ( (x) == EM_ARM ) 264 265 #define ELF_CLASS ELFCLASS32 266 #define ELF_ARCH EM_ARM 267 268 static inline void init_thread(struct target_pt_regs *regs, 269 struct image_info *infop) 270 { 271 abi_long stack = infop->start_stack; 272 memset(regs, 0, sizeof(*regs)); 273 regs->ARM_cpsr = 0x10; 274 if (infop->entry & 1) 275 regs->ARM_cpsr |= CPSR_T; 276 regs->ARM_pc = infop->entry & 0xfffffffe; 277 regs->ARM_sp = infop->start_stack; 278 /* FIXME - what to for failure of get_user()? */ 279 get_user_ual(regs->ARM_r2, stack + 8); /* envp */ 280 get_user_ual(regs->ARM_r1, stack + 4); /* envp */ 281 /* XXX: it seems that r0 is zeroed after ! */ 282 regs->ARM_r0 = 0; 283 /* For uClinux PIC binaries. */ 284 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 285 regs->ARM_r10 = infop->start_data; 286 } 287 288 #define ELF_NREG 18 289 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 290 291 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 292 { 293 (*regs)[0] = tswapl(env->regs[0]); 294 (*regs)[1] = tswapl(env->regs[1]); 295 (*regs)[2] = tswapl(env->regs[2]); 296 (*regs)[3] = tswapl(env->regs[3]); 297 (*regs)[4] = tswapl(env->regs[4]); 298 (*regs)[5] = tswapl(env->regs[5]); 299 (*regs)[6] = tswapl(env->regs[6]); 300 (*regs)[7] = tswapl(env->regs[7]); 301 (*regs)[8] = tswapl(env->regs[8]); 302 (*regs)[9] = tswapl(env->regs[9]); 303 (*regs)[10] = tswapl(env->regs[10]); 304 (*regs)[11] = tswapl(env->regs[11]); 305 (*regs)[12] = tswapl(env->regs[12]); 306 (*regs)[13] = tswapl(env->regs[13]); 307 (*regs)[14] = tswapl(env->regs[14]); 308 (*regs)[15] = tswapl(env->regs[15]); 309 310 (*regs)[16] = tswapl(cpsr_read((CPUState *)env)); 311 (*regs)[17] = tswapl(env->regs[0]); /* XXX */ 312 } 313 314 #define USE_ELF_CORE_DUMP 315 #define ELF_EXEC_PAGESIZE 4096 316 317 enum 318 { 319 ARM_HWCAP_ARM_SWP = 1 << 0, 320 ARM_HWCAP_ARM_HALF = 1 << 1, 321 ARM_HWCAP_ARM_THUMB = 1 << 2, 322 ARM_HWCAP_ARM_26BIT = 1 << 3, 323 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 324 ARM_HWCAP_ARM_FPA = 1 << 5, 325 ARM_HWCAP_ARM_VFP = 1 << 6, 326 ARM_HWCAP_ARM_EDSP = 1 << 7, 327 ARM_HWCAP_ARM_JAVA = 1 << 8, 328 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 329 ARM_HWCAP_ARM_THUMBEE = 1 << 10, 330 ARM_HWCAP_ARM_NEON = 1 << 11, 331 ARM_HWCAP_ARM_VFPv3 = 1 << 12, 332 ARM_HWCAP_ARM_VFPv3D16 = 1 << 13, 333 }; 334 335 #define ELF_HWCAP (ARM_HWCAP_ARM_SWP | ARM_HWCAP_ARM_HALF \ 336 | ARM_HWCAP_ARM_THUMB | ARM_HWCAP_ARM_FAST_MULT \ 337 | ARM_HWCAP_ARM_FPA | ARM_HWCAP_ARM_VFP \ 338 | ARM_HWCAP_ARM_NEON | ARM_HWCAP_ARM_VFPv3 ) 339 340 #endif 341 342 #ifdef TARGET_UNICORE32 343 344 #define ELF_START_MMAP 0x80000000 345 346 #define elf_check_arch(x) ((x) == EM_UNICORE32) 347 348 #define ELF_CLASS ELFCLASS32 349 #define ELF_DATA ELFDATA2LSB 350 #define ELF_ARCH EM_UNICORE32 351 352 static inline void init_thread(struct target_pt_regs *regs, 353 struct image_info *infop) 354 { 355 abi_long stack = infop->start_stack; 356 memset(regs, 0, sizeof(*regs)); 357 regs->UC32_REG_asr = 0x10; 358 regs->UC32_REG_pc = infop->entry & 0xfffffffe; 359 regs->UC32_REG_sp = infop->start_stack; 360 /* FIXME - what to for failure of get_user()? */ 361 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */ 362 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */ 363 /* XXX: it seems that r0 is zeroed after ! */ 364 regs->UC32_REG_00 = 0; 365 } 366 367 #define ELF_NREG 34 368 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 369 370 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 371 { 372 (*regs)[0] = env->regs[0]; 373 (*regs)[1] = env->regs[1]; 374 (*regs)[2] = env->regs[2]; 375 (*regs)[3] = env->regs[3]; 376 (*regs)[4] = env->regs[4]; 377 (*regs)[5] = env->regs[5]; 378 (*regs)[6] = env->regs[6]; 379 (*regs)[7] = env->regs[7]; 380 (*regs)[8] = env->regs[8]; 381 (*regs)[9] = env->regs[9]; 382 (*regs)[10] = env->regs[10]; 383 (*regs)[11] = env->regs[11]; 384 (*regs)[12] = env->regs[12]; 385 (*regs)[13] = env->regs[13]; 386 (*regs)[14] = env->regs[14]; 387 (*regs)[15] = env->regs[15]; 388 (*regs)[16] = env->regs[16]; 389 (*regs)[17] = env->regs[17]; 390 (*regs)[18] = env->regs[18]; 391 (*regs)[19] = env->regs[19]; 392 (*regs)[20] = env->regs[20]; 393 (*regs)[21] = env->regs[21]; 394 (*regs)[22] = env->regs[22]; 395 (*regs)[23] = env->regs[23]; 396 (*regs)[24] = env->regs[24]; 397 (*regs)[25] = env->regs[25]; 398 (*regs)[26] = env->regs[26]; 399 (*regs)[27] = env->regs[27]; 400 (*regs)[28] = env->regs[28]; 401 (*regs)[29] = env->regs[29]; 402 (*regs)[30] = env->regs[30]; 403 (*regs)[31] = env->regs[31]; 404 405 (*regs)[32] = cpu_asr_read((CPUState *)env); 406 (*regs)[33] = env->regs[0]; /* XXX */ 407 } 408 409 #define USE_ELF_CORE_DUMP 410 #define ELF_EXEC_PAGESIZE 4096 411 412 #define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64) 413 414 #endif 415 416 #ifdef TARGET_SPARC 417 #ifdef TARGET_SPARC64 418 419 #define ELF_START_MMAP 0x80000000 420 421 #ifndef TARGET_ABI32 422 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 423 #else 424 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 425 #endif 426 427 #define ELF_CLASS ELFCLASS64 428 #define ELF_ARCH EM_SPARCV9 429 430 #define STACK_BIAS 2047 431 432 static inline void init_thread(struct target_pt_regs *regs, 433 struct image_info *infop) 434 { 435 #ifndef TARGET_ABI32 436 regs->tstate = 0; 437 #endif 438 regs->pc = infop->entry; 439 regs->npc = regs->pc + 4; 440 regs->y = 0; 441 #ifdef TARGET_ABI32 442 regs->u_regs[14] = infop->start_stack - 16 * 4; 443 #else 444 if (personality(infop->personality) == PER_LINUX32) 445 regs->u_regs[14] = infop->start_stack - 16 * 4; 446 else 447 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 448 #endif 449 } 450 451 #else 452 #define ELF_START_MMAP 0x80000000 453 454 #define elf_check_arch(x) ( (x) == EM_SPARC ) 455 456 #define ELF_CLASS ELFCLASS32 457 #define ELF_ARCH EM_SPARC 458 459 static inline void init_thread(struct target_pt_regs *regs, 460 struct image_info *infop) 461 { 462 regs->psr = 0; 463 regs->pc = infop->entry; 464 regs->npc = regs->pc + 4; 465 regs->y = 0; 466 regs->u_regs[14] = infop->start_stack - 16 * 4; 467 } 468 469 #endif 470 #endif 471 472 #ifdef TARGET_PPC 473 474 #define ELF_START_MMAP 0x80000000 475 476 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 477 478 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 479 480 #define ELF_CLASS ELFCLASS64 481 482 #else 483 484 #define elf_check_arch(x) ( (x) == EM_PPC ) 485 486 #define ELF_CLASS ELFCLASS32 487 488 #endif 489 490 #define ELF_ARCH EM_PPC 491 492 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 493 See arch/powerpc/include/asm/cputable.h. */ 494 enum { 495 QEMU_PPC_FEATURE_32 = 0x80000000, 496 QEMU_PPC_FEATURE_64 = 0x40000000, 497 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 498 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 499 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 500 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 501 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 502 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 503 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 504 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 505 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 506 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 507 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 508 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 509 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 510 QEMU_PPC_FEATURE_CELL = 0x00010000, 511 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 512 QEMU_PPC_FEATURE_SMT = 0x00004000, 513 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 514 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 515 QEMU_PPC_FEATURE_PA6T = 0x00000800, 516 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 517 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 518 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 519 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 520 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 521 522 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 523 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 524 }; 525 526 #define ELF_HWCAP get_elf_hwcap() 527 528 static uint32_t get_elf_hwcap(void) 529 { 530 CPUState *e = thread_env; 531 uint32_t features = 0; 532 533 /* We don't have to be terribly complete here; the high points are 534 Altivec/FP/SPE support. Anything else is just a bonus. */ 535 #define GET_FEATURE(flag, feature) \ 536 do {if (e->insns_flags & flag) features |= feature; } while(0) 537 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 538 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 539 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 540 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 541 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 542 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 543 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 544 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 545 #undef GET_FEATURE 546 547 return features; 548 } 549 550 /* 551 * The requirements here are: 552 * - keep the final alignment of sp (sp & 0xf) 553 * - make sure the 32-bit value at the first 16 byte aligned position of 554 * AUXV is greater than 16 for glibc compatibility. 555 * AT_IGNOREPPC is used for that. 556 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 557 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 558 */ 559 #define DLINFO_ARCH_ITEMS 5 560 #define ARCH_DLINFO \ 561 do { \ 562 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \ 563 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \ 564 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 565 /* \ 566 * Now handle glibc compatibility. \ 567 */ \ 568 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 569 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 570 } while (0) 571 572 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 573 { 574 _regs->gpr[1] = infop->start_stack; 575 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 576 _regs->gpr[2] = ldq_raw(infop->entry + 8) + infop->load_addr; 577 infop->entry = ldq_raw(infop->entry) + infop->load_addr; 578 #endif 579 _regs->nip = infop->entry; 580 } 581 582 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 583 #define ELF_NREG 48 584 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 585 586 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 587 { 588 int i; 589 target_ulong ccr = 0; 590 591 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 592 (*regs)[i] = tswapl(env->gpr[i]); 593 } 594 595 (*regs)[32] = tswapl(env->nip); 596 (*regs)[33] = tswapl(env->msr); 597 (*regs)[35] = tswapl(env->ctr); 598 (*regs)[36] = tswapl(env->lr); 599 (*regs)[37] = tswapl(env->xer); 600 601 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 602 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 603 } 604 (*regs)[38] = tswapl(ccr); 605 } 606 607 #define USE_ELF_CORE_DUMP 608 #define ELF_EXEC_PAGESIZE 4096 609 610 #endif 611 612 #ifdef TARGET_MIPS 613 614 #define ELF_START_MMAP 0x80000000 615 616 #define elf_check_arch(x) ( (x) == EM_MIPS ) 617 618 #ifdef TARGET_MIPS64 619 #define ELF_CLASS ELFCLASS64 620 #else 621 #define ELF_CLASS ELFCLASS32 622 #endif 623 #define ELF_ARCH EM_MIPS 624 625 static inline void init_thread(struct target_pt_regs *regs, 626 struct image_info *infop) 627 { 628 regs->cp0_status = 2 << CP0St_KSU; 629 regs->cp0_epc = infop->entry; 630 regs->regs[29] = infop->start_stack; 631 } 632 633 /* See linux kernel: arch/mips/include/asm/elf.h. */ 634 #define ELF_NREG 45 635 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 636 637 /* See linux kernel: arch/mips/include/asm/reg.h. */ 638 enum { 639 #ifdef TARGET_MIPS64 640 TARGET_EF_R0 = 0, 641 #else 642 TARGET_EF_R0 = 6, 643 #endif 644 TARGET_EF_R26 = TARGET_EF_R0 + 26, 645 TARGET_EF_R27 = TARGET_EF_R0 + 27, 646 TARGET_EF_LO = TARGET_EF_R0 + 32, 647 TARGET_EF_HI = TARGET_EF_R0 + 33, 648 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 649 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 650 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 651 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 652 }; 653 654 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 655 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 656 { 657 int i; 658 659 for (i = 0; i < TARGET_EF_R0; i++) { 660 (*regs)[i] = 0; 661 } 662 (*regs)[TARGET_EF_R0] = 0; 663 664 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 665 (*regs)[TARGET_EF_R0 + i] = tswapl(env->active_tc.gpr[i]); 666 } 667 668 (*regs)[TARGET_EF_R26] = 0; 669 (*regs)[TARGET_EF_R27] = 0; 670 (*regs)[TARGET_EF_LO] = tswapl(env->active_tc.LO[0]); 671 (*regs)[TARGET_EF_HI] = tswapl(env->active_tc.HI[0]); 672 (*regs)[TARGET_EF_CP0_EPC] = tswapl(env->active_tc.PC); 673 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapl(env->CP0_BadVAddr); 674 (*regs)[TARGET_EF_CP0_STATUS] = tswapl(env->CP0_Status); 675 (*regs)[TARGET_EF_CP0_CAUSE] = tswapl(env->CP0_Cause); 676 } 677 678 #define USE_ELF_CORE_DUMP 679 #define ELF_EXEC_PAGESIZE 4096 680 681 #endif /* TARGET_MIPS */ 682 683 #ifdef TARGET_MICROBLAZE 684 685 #define ELF_START_MMAP 0x80000000 686 687 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 688 689 #define ELF_CLASS ELFCLASS32 690 #define ELF_ARCH EM_MICROBLAZE 691 692 static inline void init_thread(struct target_pt_regs *regs, 693 struct image_info *infop) 694 { 695 regs->pc = infop->entry; 696 regs->r1 = infop->start_stack; 697 698 } 699 700 #define ELF_EXEC_PAGESIZE 4096 701 702 #define USE_ELF_CORE_DUMP 703 #define ELF_NREG 38 704 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 705 706 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 707 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 708 { 709 int i, pos = 0; 710 711 for (i = 0; i < 32; i++) { 712 (*regs)[pos++] = tswapl(env->regs[i]); 713 } 714 715 for (i = 0; i < 6; i++) { 716 (*regs)[pos++] = tswapl(env->sregs[i]); 717 } 718 } 719 720 #endif /* TARGET_MICROBLAZE */ 721 722 #ifdef TARGET_SH4 723 724 #define ELF_START_MMAP 0x80000000 725 726 #define elf_check_arch(x) ( (x) == EM_SH ) 727 728 #define ELF_CLASS ELFCLASS32 729 #define ELF_ARCH EM_SH 730 731 static inline void init_thread(struct target_pt_regs *regs, 732 struct image_info *infop) 733 { 734 /* Check other registers XXXXX */ 735 regs->pc = infop->entry; 736 regs->regs[15] = infop->start_stack; 737 } 738 739 /* See linux kernel: arch/sh/include/asm/elf.h. */ 740 #define ELF_NREG 23 741 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 742 743 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 744 enum { 745 TARGET_REG_PC = 16, 746 TARGET_REG_PR = 17, 747 TARGET_REG_SR = 18, 748 TARGET_REG_GBR = 19, 749 TARGET_REG_MACH = 20, 750 TARGET_REG_MACL = 21, 751 TARGET_REG_SYSCALL = 22 752 }; 753 754 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 755 const CPUState *env) 756 { 757 int i; 758 759 for (i = 0; i < 16; i++) { 760 (*regs[i]) = tswapl(env->gregs[i]); 761 } 762 763 (*regs)[TARGET_REG_PC] = tswapl(env->pc); 764 (*regs)[TARGET_REG_PR] = tswapl(env->pr); 765 (*regs)[TARGET_REG_SR] = tswapl(env->sr); 766 (*regs)[TARGET_REG_GBR] = tswapl(env->gbr); 767 (*regs)[TARGET_REG_MACH] = tswapl(env->mach); 768 (*regs)[TARGET_REG_MACL] = tswapl(env->macl); 769 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 770 } 771 772 #define USE_ELF_CORE_DUMP 773 #define ELF_EXEC_PAGESIZE 4096 774 775 #endif 776 777 #ifdef TARGET_CRIS 778 779 #define ELF_START_MMAP 0x80000000 780 781 #define elf_check_arch(x) ( (x) == EM_CRIS ) 782 783 #define ELF_CLASS ELFCLASS32 784 #define ELF_ARCH EM_CRIS 785 786 static inline void init_thread(struct target_pt_regs *regs, 787 struct image_info *infop) 788 { 789 regs->erp = infop->entry; 790 } 791 792 #define ELF_EXEC_PAGESIZE 8192 793 794 #endif 795 796 #ifdef TARGET_M68K 797 798 #define ELF_START_MMAP 0x80000000 799 800 #define elf_check_arch(x) ( (x) == EM_68K ) 801 802 #define ELF_CLASS ELFCLASS32 803 #define ELF_ARCH EM_68K 804 805 /* ??? Does this need to do anything? 806 #define ELF_PLAT_INIT(_r) */ 807 808 static inline void init_thread(struct target_pt_regs *regs, 809 struct image_info *infop) 810 { 811 regs->usp = infop->start_stack; 812 regs->sr = 0; 813 regs->pc = infop->entry; 814 } 815 816 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 817 #define ELF_NREG 20 818 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 819 820 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env) 821 { 822 (*regs)[0] = tswapl(env->dregs[1]); 823 (*regs)[1] = tswapl(env->dregs[2]); 824 (*regs)[2] = tswapl(env->dregs[3]); 825 (*regs)[3] = tswapl(env->dregs[4]); 826 (*regs)[4] = tswapl(env->dregs[5]); 827 (*regs)[5] = tswapl(env->dregs[6]); 828 (*regs)[6] = tswapl(env->dregs[7]); 829 (*regs)[7] = tswapl(env->aregs[0]); 830 (*regs)[8] = tswapl(env->aregs[1]); 831 (*regs)[9] = tswapl(env->aregs[2]); 832 (*regs)[10] = tswapl(env->aregs[3]); 833 (*regs)[11] = tswapl(env->aregs[4]); 834 (*regs)[12] = tswapl(env->aregs[5]); 835 (*regs)[13] = tswapl(env->aregs[6]); 836 (*regs)[14] = tswapl(env->dregs[0]); 837 (*regs)[15] = tswapl(env->aregs[7]); 838 (*regs)[16] = tswapl(env->dregs[0]); /* FIXME: orig_d0 */ 839 (*regs)[17] = tswapl(env->sr); 840 (*regs)[18] = tswapl(env->pc); 841 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 842 } 843 844 #define USE_ELF_CORE_DUMP 845 #define ELF_EXEC_PAGESIZE 8192 846 847 #endif 848 849 #ifdef TARGET_ALPHA 850 851 #define ELF_START_MMAP (0x30000000000ULL) 852 853 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 854 855 #define ELF_CLASS ELFCLASS64 856 #define ELF_ARCH EM_ALPHA 857 858 static inline void init_thread(struct target_pt_regs *regs, 859 struct image_info *infop) 860 { 861 regs->pc = infop->entry; 862 regs->ps = 8; 863 regs->usp = infop->start_stack; 864 } 865 866 #define ELF_EXEC_PAGESIZE 8192 867 868 #endif /* TARGET_ALPHA */ 869 870 #ifdef TARGET_S390X 871 872 #define ELF_START_MMAP (0x20000000000ULL) 873 874 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 875 876 #define ELF_CLASS ELFCLASS64 877 #define ELF_DATA ELFDATA2MSB 878 #define ELF_ARCH EM_S390 879 880 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 881 { 882 regs->psw.addr = infop->entry; 883 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 884 regs->gprs[15] = infop->start_stack; 885 } 886 887 #endif /* TARGET_S390X */ 888 889 #ifndef ELF_PLATFORM 890 #define ELF_PLATFORM (NULL) 891 #endif 892 893 #ifndef ELF_HWCAP 894 #define ELF_HWCAP 0 895 #endif 896 897 #ifdef TARGET_ABI32 898 #undef ELF_CLASS 899 #define ELF_CLASS ELFCLASS32 900 #undef bswaptls 901 #define bswaptls(ptr) bswap32s(ptr) 902 #endif 903 904 #include "elf.h" 905 906 struct exec 907 { 908 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 909 unsigned int a_text; /* length of text, in bytes */ 910 unsigned int a_data; /* length of data, in bytes */ 911 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 912 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 913 unsigned int a_entry; /* start address */ 914 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 915 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 916 }; 917 918 919 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 920 #define OMAGIC 0407 921 #define NMAGIC 0410 922 #define ZMAGIC 0413 923 #define QMAGIC 0314 924 925 /* Necessary parameters */ 926 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE 927 #define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1)) 928 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 929 930 #define DLINFO_ITEMS 12 931 932 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 933 { 934 memcpy(to, from, n); 935 } 936 937 #ifdef BSWAP_NEEDED 938 static void bswap_ehdr(struct elfhdr *ehdr) 939 { 940 bswap16s(&ehdr->e_type); /* Object file type */ 941 bswap16s(&ehdr->e_machine); /* Architecture */ 942 bswap32s(&ehdr->e_version); /* Object file version */ 943 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 944 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 945 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 946 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 947 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 948 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 949 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 950 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 951 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 952 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 953 } 954 955 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 956 { 957 int i; 958 for (i = 0; i < phnum; ++i, ++phdr) { 959 bswap32s(&phdr->p_type); /* Segment type */ 960 bswap32s(&phdr->p_flags); /* Segment flags */ 961 bswaptls(&phdr->p_offset); /* Segment file offset */ 962 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 963 bswaptls(&phdr->p_paddr); /* Segment physical address */ 964 bswaptls(&phdr->p_filesz); /* Segment size in file */ 965 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 966 bswaptls(&phdr->p_align); /* Segment alignment */ 967 } 968 } 969 970 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 971 { 972 int i; 973 for (i = 0; i < shnum; ++i, ++shdr) { 974 bswap32s(&shdr->sh_name); 975 bswap32s(&shdr->sh_type); 976 bswaptls(&shdr->sh_flags); 977 bswaptls(&shdr->sh_addr); 978 bswaptls(&shdr->sh_offset); 979 bswaptls(&shdr->sh_size); 980 bswap32s(&shdr->sh_link); 981 bswap32s(&shdr->sh_info); 982 bswaptls(&shdr->sh_addralign); 983 bswaptls(&shdr->sh_entsize); 984 } 985 } 986 987 static void bswap_sym(struct elf_sym *sym) 988 { 989 bswap32s(&sym->st_name); 990 bswaptls(&sym->st_value); 991 bswaptls(&sym->st_size); 992 bswap16s(&sym->st_shndx); 993 } 994 #else 995 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 996 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 997 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 998 static inline void bswap_sym(struct elf_sym *sym) { } 999 #endif 1000 1001 #ifdef USE_ELF_CORE_DUMP 1002 static int elf_core_dump(int, const CPUState *); 1003 #endif /* USE_ELF_CORE_DUMP */ 1004 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1005 1006 /* Verify the portions of EHDR within E_IDENT for the target. 1007 This can be performed before bswapping the entire header. */ 1008 static bool elf_check_ident(struct elfhdr *ehdr) 1009 { 1010 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1011 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1012 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1013 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1014 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1015 && ehdr->e_ident[EI_DATA] == ELF_DATA 1016 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1017 } 1018 1019 /* Verify the portions of EHDR outside of E_IDENT for the target. 1020 This has to wait until after bswapping the header. */ 1021 static bool elf_check_ehdr(struct elfhdr *ehdr) 1022 { 1023 return (elf_check_arch(ehdr->e_machine) 1024 && ehdr->e_ehsize == sizeof(struct elfhdr) 1025 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1026 && ehdr->e_shentsize == sizeof(struct elf_shdr) 1027 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1028 } 1029 1030 /* 1031 * 'copy_elf_strings()' copies argument/envelope strings from user 1032 * memory to free pages in kernel mem. These are in a format ready 1033 * to be put directly into the top of new user memory. 1034 * 1035 */ 1036 static abi_ulong copy_elf_strings(int argc,char ** argv, void **page, 1037 abi_ulong p) 1038 { 1039 char *tmp, *tmp1, *pag = NULL; 1040 int len, offset = 0; 1041 1042 if (!p) { 1043 return 0; /* bullet-proofing */ 1044 } 1045 while (argc-- > 0) { 1046 tmp = argv[argc]; 1047 if (!tmp) { 1048 fprintf(stderr, "VFS: argc is wrong"); 1049 exit(-1); 1050 } 1051 tmp1 = tmp; 1052 while (*tmp++); 1053 len = tmp - tmp1; 1054 if (p < len) { /* this shouldn't happen - 128kB */ 1055 return 0; 1056 } 1057 while (len) { 1058 --p; --tmp; --len; 1059 if (--offset < 0) { 1060 offset = p % TARGET_PAGE_SIZE; 1061 pag = (char *)page[p/TARGET_PAGE_SIZE]; 1062 if (!pag) { 1063 pag = (char *)malloc(TARGET_PAGE_SIZE); 1064 memset(pag, 0, TARGET_PAGE_SIZE); 1065 page[p/TARGET_PAGE_SIZE] = pag; 1066 if (!pag) 1067 return 0; 1068 } 1069 } 1070 if (len == 0 || offset == 0) { 1071 *(pag + offset) = *tmp; 1072 } 1073 else { 1074 int bytes_to_copy = (len > offset) ? offset : len; 1075 tmp -= bytes_to_copy; 1076 p -= bytes_to_copy; 1077 offset -= bytes_to_copy; 1078 len -= bytes_to_copy; 1079 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1); 1080 } 1081 } 1082 } 1083 return p; 1084 } 1085 1086 static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm, 1087 struct image_info *info) 1088 { 1089 abi_ulong stack_base, size, error, guard; 1090 int i; 1091 1092 /* Create enough stack to hold everything. If we don't use 1093 it for args, we'll use it for something else. */ 1094 size = guest_stack_size; 1095 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE) { 1096 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1097 } 1098 guard = TARGET_PAGE_SIZE; 1099 if (guard < qemu_real_host_page_size) { 1100 guard = qemu_real_host_page_size; 1101 } 1102 1103 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1104 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1105 if (error == -1) { 1106 perror("mmap stack"); 1107 exit(-1); 1108 } 1109 1110 /* We reserve one extra page at the top of the stack as guard. */ 1111 target_mprotect(error, guard, PROT_NONE); 1112 1113 info->stack_limit = error + guard; 1114 stack_base = info->stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1115 p += stack_base; 1116 1117 for (i = 0 ; i < MAX_ARG_PAGES ; i++) { 1118 if (bprm->page[i]) { 1119 info->rss++; 1120 /* FIXME - check return value of memcpy_to_target() for failure */ 1121 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE); 1122 free(bprm->page[i]); 1123 } 1124 stack_base += TARGET_PAGE_SIZE; 1125 } 1126 return p; 1127 } 1128 1129 /* Map and zero the bss. We need to explicitly zero any fractional pages 1130 after the data section (i.e. bss). */ 1131 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1132 { 1133 uintptr_t host_start, host_map_start, host_end; 1134 1135 last_bss = TARGET_PAGE_ALIGN(last_bss); 1136 1137 /* ??? There is confusion between qemu_real_host_page_size and 1138 qemu_host_page_size here and elsewhere in target_mmap, which 1139 may lead to the end of the data section mapping from the file 1140 not being mapped. At least there was an explicit test and 1141 comment for that here, suggesting that "the file size must 1142 be known". The comment probably pre-dates the introduction 1143 of the fstat system call in target_mmap which does in fact 1144 find out the size. What isn't clear is if the workaround 1145 here is still actually needed. For now, continue with it, 1146 but merge it with the "normal" mmap that would allocate the bss. */ 1147 1148 host_start = (uintptr_t) g2h(elf_bss); 1149 host_end = (uintptr_t) g2h(last_bss); 1150 host_map_start = (host_start + qemu_real_host_page_size - 1); 1151 host_map_start &= -qemu_real_host_page_size; 1152 1153 if (host_map_start < host_end) { 1154 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1155 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1156 if (p == MAP_FAILED) { 1157 perror("cannot mmap brk"); 1158 exit(-1); 1159 } 1160 1161 /* Since we didn't use target_mmap, make sure to record 1162 the validity of the pages with qemu. */ 1163 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot|PAGE_VALID); 1164 } 1165 1166 if (host_start < host_map_start) { 1167 memset((void *)host_start, 0, host_map_start - host_start); 1168 } 1169 } 1170 1171 #ifdef CONFIG_USE_FDPIC 1172 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1173 { 1174 uint16_t n; 1175 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1176 1177 /* elf32_fdpic_loadseg */ 1178 n = info->nsegs; 1179 while (n--) { 1180 sp -= 12; 1181 put_user_u32(loadsegs[n].addr, sp+0); 1182 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1183 put_user_u32(loadsegs[n].p_memsz, sp+8); 1184 } 1185 1186 /* elf32_fdpic_loadmap */ 1187 sp -= 4; 1188 put_user_u16(0, sp+0); /* version */ 1189 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1190 1191 info->personality = PER_LINUX_FDPIC; 1192 info->loadmap_addr = sp; 1193 1194 return sp; 1195 } 1196 #endif 1197 1198 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1199 struct elfhdr *exec, 1200 struct image_info *info, 1201 struct image_info *interp_info) 1202 { 1203 abi_ulong sp; 1204 int size; 1205 abi_ulong u_platform; 1206 const char *k_platform; 1207 const int n = sizeof(elf_addr_t); 1208 1209 sp = p; 1210 1211 #ifdef CONFIG_USE_FDPIC 1212 /* Needs to be before we load the env/argc/... */ 1213 if (elf_is_fdpic(exec)) { 1214 /* Need 4 byte alignment for these structs */ 1215 sp &= ~3; 1216 sp = loader_build_fdpic_loadmap(info, sp); 1217 info->other_info = interp_info; 1218 if (interp_info) { 1219 interp_info->other_info = info; 1220 sp = loader_build_fdpic_loadmap(interp_info, sp); 1221 } 1222 } 1223 #endif 1224 1225 u_platform = 0; 1226 k_platform = ELF_PLATFORM; 1227 if (k_platform) { 1228 size_t len = strlen(k_platform) + 1; 1229 sp -= (len + n - 1) & ~(n - 1); 1230 u_platform = sp; 1231 /* FIXME - check return value of memcpy_to_target() for failure */ 1232 memcpy_to_target(sp, k_platform, len); 1233 } 1234 /* 1235 * Force 16 byte _final_ alignment here for generality. 1236 */ 1237 sp = sp &~ (abi_ulong)15; 1238 size = (DLINFO_ITEMS + 1) * 2; 1239 if (k_platform) 1240 size += 2; 1241 #ifdef DLINFO_ARCH_ITEMS 1242 size += DLINFO_ARCH_ITEMS * 2; 1243 #endif 1244 size += envc + argc + 2; 1245 size += 1; /* argc itself */ 1246 size *= n; 1247 if (size & 15) 1248 sp -= 16 - (size & 15); 1249 1250 /* This is correct because Linux defines 1251 * elf_addr_t as Elf32_Off / Elf64_Off 1252 */ 1253 #define NEW_AUX_ENT(id, val) do { \ 1254 sp -= n; put_user_ual(val, sp); \ 1255 sp -= n; put_user_ual(id, sp); \ 1256 } while(0) 1257 1258 NEW_AUX_ENT (AT_NULL, 0); 1259 1260 /* There must be exactly DLINFO_ITEMS entries here. */ 1261 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1262 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1263 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1264 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 1265 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1266 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1267 NEW_AUX_ENT(AT_ENTRY, info->entry); 1268 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1269 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1270 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1271 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1272 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1273 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1274 if (k_platform) 1275 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1276 #ifdef ARCH_DLINFO 1277 /* 1278 * ARCH_DLINFO must come last so platform specific code can enforce 1279 * special alignment requirements on the AUXV if necessary (eg. PPC). 1280 */ 1281 ARCH_DLINFO; 1282 #endif 1283 #undef NEW_AUX_ENT 1284 1285 info->saved_auxv = sp; 1286 1287 sp = loader_build_argptr(envc, argc, sp, p, 0); 1288 return sp; 1289 } 1290 1291 /* Load an ELF image into the address space. 1292 1293 IMAGE_NAME is the filename of the image, to use in error messages. 1294 IMAGE_FD is the open file descriptor for the image. 1295 1296 BPRM_BUF is a copy of the beginning of the file; this of course 1297 contains the elf file header at offset 0. It is assumed that this 1298 buffer is sufficiently aligned to present no problems to the host 1299 in accessing data at aligned offsets within the buffer. 1300 1301 On return: INFO values will be filled in, as necessary or available. */ 1302 1303 static void load_elf_image(const char *image_name, int image_fd, 1304 struct image_info *info, char **pinterp_name, 1305 char bprm_buf[BPRM_BUF_SIZE]) 1306 { 1307 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 1308 struct elf_phdr *phdr; 1309 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 1310 int i, retval; 1311 const char *errmsg; 1312 1313 /* First of all, some simple consistency checks */ 1314 errmsg = "Invalid ELF image for this architecture"; 1315 if (!elf_check_ident(ehdr)) { 1316 goto exit_errmsg; 1317 } 1318 bswap_ehdr(ehdr); 1319 if (!elf_check_ehdr(ehdr)) { 1320 goto exit_errmsg; 1321 } 1322 1323 i = ehdr->e_phnum * sizeof(struct elf_phdr); 1324 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 1325 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 1326 } else { 1327 phdr = (struct elf_phdr *) alloca(i); 1328 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 1329 if (retval != i) { 1330 goto exit_read; 1331 } 1332 } 1333 bswap_phdr(phdr, ehdr->e_phnum); 1334 1335 #ifdef CONFIG_USE_FDPIC 1336 info->nsegs = 0; 1337 info->pt_dynamic_addr = 0; 1338 #endif 1339 1340 /* Find the maximum size of the image and allocate an appropriate 1341 amount of memory to handle that. */ 1342 loaddr = -1, hiaddr = 0; 1343 for (i = 0; i < ehdr->e_phnum; ++i) { 1344 if (phdr[i].p_type == PT_LOAD) { 1345 abi_ulong a = phdr[i].p_vaddr; 1346 if (a < loaddr) { 1347 loaddr = a; 1348 } 1349 a += phdr[i].p_memsz; 1350 if (a > hiaddr) { 1351 hiaddr = a; 1352 } 1353 #ifdef CONFIG_USE_FDPIC 1354 ++info->nsegs; 1355 #endif 1356 } 1357 } 1358 1359 load_addr = loaddr; 1360 if (ehdr->e_type == ET_DYN) { 1361 /* The image indicates that it can be loaded anywhere. Find a 1362 location that can hold the memory space required. If the 1363 image is pre-linked, LOADDR will be non-zero. Since we do 1364 not supply MAP_FIXED here we'll use that address if and 1365 only if it remains available. */ 1366 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 1367 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 1368 -1, 0); 1369 if (load_addr == -1) { 1370 goto exit_perror; 1371 } 1372 } else if (pinterp_name != NULL) { 1373 /* This is the main executable. Make sure that the low 1374 address does not conflict with MMAP_MIN_ADDR or the 1375 QEMU application itself. */ 1376 #if defined(CONFIG_USE_GUEST_BASE) 1377 /* 1378 * In case where user has not explicitly set the guest_base, we 1379 * probe here that should we set it automatically. 1380 */ 1381 if (!have_guest_base && !reserved_va) { 1382 unsigned long host_start, real_start, host_size; 1383 1384 /* Round addresses to page boundaries. */ 1385 loaddr &= qemu_host_page_mask; 1386 hiaddr = HOST_PAGE_ALIGN(hiaddr); 1387 1388 if (loaddr < mmap_min_addr) { 1389 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 1390 } else { 1391 host_start = loaddr; 1392 if (host_start != loaddr) { 1393 errmsg = "Address overflow loading ELF binary"; 1394 goto exit_errmsg; 1395 } 1396 } 1397 host_size = hiaddr - loaddr; 1398 while (1) { 1399 /* Do not use mmap_find_vma here because that is limited to the 1400 guest address space. We are going to make the 1401 guest address space fit whatever we're given. */ 1402 real_start = (unsigned long) 1403 mmap((void *)host_start, host_size, PROT_NONE, 1404 MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE, -1, 0); 1405 if (real_start == (unsigned long)-1) { 1406 goto exit_perror; 1407 } 1408 if (real_start == host_start) { 1409 break; 1410 } 1411 /* That address didn't work. Unmap and try a different one. 1412 The address the host picked because is typically right at 1413 the top of the host address space and leaves the guest with 1414 no usable address space. Resort to a linear search. We 1415 already compensated for mmap_min_addr, so this should not 1416 happen often. Probably means we got unlucky and host 1417 address space randomization put a shared library somewhere 1418 inconvenient. */ 1419 munmap((void *)real_start, host_size); 1420 host_start += qemu_host_page_size; 1421 if (host_start == loaddr) { 1422 /* Theoretically possible if host doesn't have any suitably 1423 aligned areas. Normally the first mmap will fail. */ 1424 errmsg = "Unable to find space for application"; 1425 goto exit_errmsg; 1426 } 1427 } 1428 qemu_log("Relocating guest address space from 0x" 1429 TARGET_ABI_FMT_lx " to 0x%lx\n", loaddr, real_start); 1430 guest_base = real_start - loaddr; 1431 } 1432 #endif 1433 } 1434 load_bias = load_addr - loaddr; 1435 1436 #ifdef CONFIG_USE_FDPIC 1437 { 1438 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 1439 qemu_malloc(sizeof(*loadsegs) * info->nsegs); 1440 1441 for (i = 0; i < ehdr->e_phnum; ++i) { 1442 switch (phdr[i].p_type) { 1443 case PT_DYNAMIC: 1444 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 1445 break; 1446 case PT_LOAD: 1447 loadsegs->addr = phdr[i].p_vaddr + load_bias; 1448 loadsegs->p_vaddr = phdr[i].p_vaddr; 1449 loadsegs->p_memsz = phdr[i].p_memsz; 1450 ++loadsegs; 1451 break; 1452 } 1453 } 1454 } 1455 #endif 1456 1457 info->load_bias = load_bias; 1458 info->load_addr = load_addr; 1459 info->entry = ehdr->e_entry + load_bias; 1460 info->start_code = -1; 1461 info->end_code = 0; 1462 info->start_data = -1; 1463 info->end_data = 0; 1464 info->brk = 0; 1465 1466 for (i = 0; i < ehdr->e_phnum; i++) { 1467 struct elf_phdr *eppnt = phdr + i; 1468 if (eppnt->p_type == PT_LOAD) { 1469 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 1470 int elf_prot = 0; 1471 1472 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 1473 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 1474 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 1475 1476 vaddr = load_bias + eppnt->p_vaddr; 1477 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 1478 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 1479 1480 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 1481 elf_prot, MAP_PRIVATE | MAP_FIXED, 1482 image_fd, eppnt->p_offset - vaddr_po); 1483 if (error == -1) { 1484 goto exit_perror; 1485 } 1486 1487 vaddr_ef = vaddr + eppnt->p_filesz; 1488 vaddr_em = vaddr + eppnt->p_memsz; 1489 1490 /* If the load segment requests extra zeros (e.g. bss), map it. */ 1491 if (vaddr_ef < vaddr_em) { 1492 zero_bss(vaddr_ef, vaddr_em, elf_prot); 1493 } 1494 1495 /* Find the full program boundaries. */ 1496 if (elf_prot & PROT_EXEC) { 1497 if (vaddr < info->start_code) { 1498 info->start_code = vaddr; 1499 } 1500 if (vaddr_ef > info->end_code) { 1501 info->end_code = vaddr_ef; 1502 } 1503 } 1504 if (elf_prot & PROT_WRITE) { 1505 if (vaddr < info->start_data) { 1506 info->start_data = vaddr; 1507 } 1508 if (vaddr_ef > info->end_data) { 1509 info->end_data = vaddr_ef; 1510 } 1511 if (vaddr_em > info->brk) { 1512 info->brk = vaddr_em; 1513 } 1514 } 1515 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 1516 char *interp_name; 1517 1518 if (*pinterp_name) { 1519 errmsg = "Multiple PT_INTERP entries"; 1520 goto exit_errmsg; 1521 } 1522 interp_name = malloc(eppnt->p_filesz); 1523 if (!interp_name) { 1524 goto exit_perror; 1525 } 1526 1527 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 1528 memcpy(interp_name, bprm_buf + eppnt->p_offset, 1529 eppnt->p_filesz); 1530 } else { 1531 retval = pread(image_fd, interp_name, eppnt->p_filesz, 1532 eppnt->p_offset); 1533 if (retval != eppnt->p_filesz) { 1534 goto exit_perror; 1535 } 1536 } 1537 if (interp_name[eppnt->p_filesz - 1] != 0) { 1538 errmsg = "Invalid PT_INTERP entry"; 1539 goto exit_errmsg; 1540 } 1541 *pinterp_name = interp_name; 1542 } 1543 } 1544 1545 if (info->end_data == 0) { 1546 info->start_data = info->end_code; 1547 info->end_data = info->end_code; 1548 info->brk = info->end_code; 1549 } 1550 1551 if (qemu_log_enabled()) { 1552 load_symbols(ehdr, image_fd, load_bias); 1553 } 1554 1555 close(image_fd); 1556 return; 1557 1558 exit_read: 1559 if (retval >= 0) { 1560 errmsg = "Incomplete read of file header"; 1561 goto exit_errmsg; 1562 } 1563 exit_perror: 1564 errmsg = strerror(errno); 1565 exit_errmsg: 1566 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1567 exit(-1); 1568 } 1569 1570 static void load_elf_interp(const char *filename, struct image_info *info, 1571 char bprm_buf[BPRM_BUF_SIZE]) 1572 { 1573 int fd, retval; 1574 1575 fd = open(path(filename), O_RDONLY); 1576 if (fd < 0) { 1577 goto exit_perror; 1578 } 1579 1580 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 1581 if (retval < 0) { 1582 goto exit_perror; 1583 } 1584 if (retval < BPRM_BUF_SIZE) { 1585 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 1586 } 1587 1588 load_elf_image(filename, fd, info, NULL, bprm_buf); 1589 return; 1590 1591 exit_perror: 1592 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 1593 exit(-1); 1594 } 1595 1596 static int symfind(const void *s0, const void *s1) 1597 { 1598 struct elf_sym *key = (struct elf_sym *)s0; 1599 struct elf_sym *sym = (struct elf_sym *)s1; 1600 int result = 0; 1601 if (key->st_value < sym->st_value) { 1602 result = -1; 1603 } else if (key->st_value >= sym->st_value + sym->st_size) { 1604 result = 1; 1605 } 1606 return result; 1607 } 1608 1609 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 1610 { 1611 #if ELF_CLASS == ELFCLASS32 1612 struct elf_sym *syms = s->disas_symtab.elf32; 1613 #else 1614 struct elf_sym *syms = s->disas_symtab.elf64; 1615 #endif 1616 1617 // binary search 1618 struct elf_sym key; 1619 struct elf_sym *sym; 1620 1621 key.st_value = orig_addr; 1622 1623 sym = bsearch(&key, syms, s->disas_num_syms, sizeof(*syms), symfind); 1624 if (sym != NULL) { 1625 return s->disas_strtab + sym->st_name; 1626 } 1627 1628 return ""; 1629 } 1630 1631 /* FIXME: This should use elf_ops.h */ 1632 static int symcmp(const void *s0, const void *s1) 1633 { 1634 struct elf_sym *sym0 = (struct elf_sym *)s0; 1635 struct elf_sym *sym1 = (struct elf_sym *)s1; 1636 return (sym0->st_value < sym1->st_value) 1637 ? -1 1638 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 1639 } 1640 1641 /* Best attempt to load symbols from this ELF object. */ 1642 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 1643 { 1644 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 1645 struct elf_shdr *shdr; 1646 char *strings; 1647 struct syminfo *s; 1648 struct elf_sym *syms, *new_syms; 1649 1650 shnum = hdr->e_shnum; 1651 i = shnum * sizeof(struct elf_shdr); 1652 shdr = (struct elf_shdr *)alloca(i); 1653 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 1654 return; 1655 } 1656 1657 bswap_shdr(shdr, shnum); 1658 for (i = 0; i < shnum; ++i) { 1659 if (shdr[i].sh_type == SHT_SYMTAB) { 1660 sym_idx = i; 1661 str_idx = shdr[i].sh_link; 1662 goto found; 1663 } 1664 } 1665 1666 /* There will be no symbol table if the file was stripped. */ 1667 return; 1668 1669 found: 1670 /* Now know where the strtab and symtab are. Snarf them. */ 1671 s = malloc(sizeof(*s)); 1672 if (!s) { 1673 return; 1674 } 1675 1676 i = shdr[str_idx].sh_size; 1677 s->disas_strtab = strings = malloc(i); 1678 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) { 1679 free(s); 1680 free(strings); 1681 return; 1682 } 1683 1684 i = shdr[sym_idx].sh_size; 1685 syms = malloc(i); 1686 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) { 1687 free(s); 1688 free(strings); 1689 free(syms); 1690 return; 1691 } 1692 1693 nsyms = i / sizeof(struct elf_sym); 1694 for (i = 0; i < nsyms; ) { 1695 bswap_sym(syms + i); 1696 /* Throw away entries which we do not need. */ 1697 if (syms[i].st_shndx == SHN_UNDEF 1698 || syms[i].st_shndx >= SHN_LORESERVE 1699 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 1700 if (i < --nsyms) { 1701 syms[i] = syms[nsyms]; 1702 } 1703 } else { 1704 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 1705 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 1706 syms[i].st_value &= ~(target_ulong)1; 1707 #endif 1708 syms[i].st_value += load_bias; 1709 i++; 1710 } 1711 } 1712 1713 /* Attempt to free the storage associated with the local symbols 1714 that we threw away. Whether or not this has any effect on the 1715 memory allocation depends on the malloc implementation and how 1716 many symbols we managed to discard. */ 1717 new_syms = realloc(syms, nsyms * sizeof(*syms)); 1718 if (new_syms == NULL) { 1719 free(s); 1720 free(syms); 1721 free(strings); 1722 return; 1723 } 1724 syms = new_syms; 1725 1726 qsort(syms, nsyms, sizeof(*syms), symcmp); 1727 1728 s->disas_num_syms = nsyms; 1729 #if ELF_CLASS == ELFCLASS32 1730 s->disas_symtab.elf32 = syms; 1731 #else 1732 s->disas_symtab.elf64 = syms; 1733 #endif 1734 s->lookup_symbol = lookup_symbolxx; 1735 s->next = syminfos; 1736 syminfos = s; 1737 } 1738 1739 int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs, 1740 struct image_info * info) 1741 { 1742 struct image_info interp_info; 1743 struct elfhdr elf_ex; 1744 char *elf_interpreter = NULL; 1745 1746 info->start_mmap = (abi_ulong)ELF_START_MMAP; 1747 info->mmap = 0; 1748 info->rss = 0; 1749 1750 load_elf_image(bprm->filename, bprm->fd, info, 1751 &elf_interpreter, bprm->buf); 1752 1753 /* ??? We need a copy of the elf header for passing to create_elf_tables. 1754 If we do nothing, we'll have overwritten this when we re-use bprm->buf 1755 when we load the interpreter. */ 1756 elf_ex = *(struct elfhdr *)bprm->buf; 1757 1758 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p); 1759 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p); 1760 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p); 1761 if (!bprm->p) { 1762 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 1763 exit(-1); 1764 } 1765 1766 /* Do this so that we can load the interpreter, if need be. We will 1767 change some of these later */ 1768 bprm->p = setup_arg_pages(bprm->p, bprm, info); 1769 1770 if (elf_interpreter) { 1771 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 1772 1773 /* If the program interpreter is one of these two, then assume 1774 an iBCS2 image. Otherwise assume a native linux image. */ 1775 1776 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 1777 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 1778 info->personality = PER_SVR4; 1779 1780 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 1781 and some applications "depend" upon this behavior. Since 1782 we do not have the power to recompile these, we emulate 1783 the SVr4 behavior. Sigh. */ 1784 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 1785 MAP_FIXED | MAP_PRIVATE, -1, 0); 1786 } 1787 } 1788 1789 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 1790 info, (elf_interpreter ? &interp_info : NULL)); 1791 info->start_stack = bprm->p; 1792 1793 /* If we have an interpreter, set that as the program's entry point. 1794 Copy the load_addr as well, to help PPC64 interpret the entry 1795 point as a function descriptor. Do this after creating elf tables 1796 so that we copy the original program entry point into the AUXV. */ 1797 if (elf_interpreter) { 1798 info->load_addr = interp_info.load_addr; 1799 info->entry = interp_info.entry; 1800 free(elf_interpreter); 1801 } 1802 1803 #ifdef USE_ELF_CORE_DUMP 1804 bprm->core_dump = &elf_core_dump; 1805 #endif 1806 1807 return 0; 1808 } 1809 1810 #ifdef USE_ELF_CORE_DUMP 1811 /* 1812 * Definitions to generate Intel SVR4-like core files. 1813 * These mostly have the same names as the SVR4 types with "target_elf_" 1814 * tacked on the front to prevent clashes with linux definitions, 1815 * and the typedef forms have been avoided. This is mostly like 1816 * the SVR4 structure, but more Linuxy, with things that Linux does 1817 * not support and which gdb doesn't really use excluded. 1818 * 1819 * Fields we don't dump (their contents is zero) in linux-user qemu 1820 * are marked with XXX. 1821 * 1822 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 1823 * 1824 * Porting ELF coredump for target is (quite) simple process. First you 1825 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 1826 * the target resides): 1827 * 1828 * #define USE_ELF_CORE_DUMP 1829 * 1830 * Next you define type of register set used for dumping. ELF specification 1831 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 1832 * 1833 * typedef <target_regtype> target_elf_greg_t; 1834 * #define ELF_NREG <number of registers> 1835 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1836 * 1837 * Last step is to implement target specific function that copies registers 1838 * from given cpu into just specified register set. Prototype is: 1839 * 1840 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 1841 * const CPUState *env); 1842 * 1843 * Parameters: 1844 * regs - copy register values into here (allocated and zeroed by caller) 1845 * env - copy registers from here 1846 * 1847 * Example for ARM target is provided in this file. 1848 */ 1849 1850 /* An ELF note in memory */ 1851 struct memelfnote { 1852 const char *name; 1853 size_t namesz; 1854 size_t namesz_rounded; 1855 int type; 1856 size_t datasz; 1857 size_t datasz_rounded; 1858 void *data; 1859 size_t notesz; 1860 }; 1861 1862 struct target_elf_siginfo { 1863 target_int si_signo; /* signal number */ 1864 target_int si_code; /* extra code */ 1865 target_int si_errno; /* errno */ 1866 }; 1867 1868 struct target_elf_prstatus { 1869 struct target_elf_siginfo pr_info; /* Info associated with signal */ 1870 target_short pr_cursig; /* Current signal */ 1871 target_ulong pr_sigpend; /* XXX */ 1872 target_ulong pr_sighold; /* XXX */ 1873 target_pid_t pr_pid; 1874 target_pid_t pr_ppid; 1875 target_pid_t pr_pgrp; 1876 target_pid_t pr_sid; 1877 struct target_timeval pr_utime; /* XXX User time */ 1878 struct target_timeval pr_stime; /* XXX System time */ 1879 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 1880 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 1881 target_elf_gregset_t pr_reg; /* GP registers */ 1882 target_int pr_fpvalid; /* XXX */ 1883 }; 1884 1885 #define ELF_PRARGSZ (80) /* Number of chars for args */ 1886 1887 struct target_elf_prpsinfo { 1888 char pr_state; /* numeric process state */ 1889 char pr_sname; /* char for pr_state */ 1890 char pr_zomb; /* zombie */ 1891 char pr_nice; /* nice val */ 1892 target_ulong pr_flag; /* flags */ 1893 target_uid_t pr_uid; 1894 target_gid_t pr_gid; 1895 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 1896 /* Lots missing */ 1897 char pr_fname[16]; /* filename of executable */ 1898 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 1899 }; 1900 1901 /* Here is the structure in which status of each thread is captured. */ 1902 struct elf_thread_status { 1903 QTAILQ_ENTRY(elf_thread_status) ets_link; 1904 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 1905 #if 0 1906 elf_fpregset_t fpu; /* NT_PRFPREG */ 1907 struct task_struct *thread; 1908 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 1909 #endif 1910 struct memelfnote notes[1]; 1911 int num_notes; 1912 }; 1913 1914 struct elf_note_info { 1915 struct memelfnote *notes; 1916 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 1917 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 1918 1919 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list; 1920 #if 0 1921 /* 1922 * Current version of ELF coredump doesn't support 1923 * dumping fp regs etc. 1924 */ 1925 elf_fpregset_t *fpu; 1926 elf_fpxregset_t *xfpu; 1927 int thread_status_size; 1928 #endif 1929 int notes_size; 1930 int numnote; 1931 }; 1932 1933 struct vm_area_struct { 1934 abi_ulong vma_start; /* start vaddr of memory region */ 1935 abi_ulong vma_end; /* end vaddr of memory region */ 1936 abi_ulong vma_flags; /* protection etc. flags for the region */ 1937 QTAILQ_ENTRY(vm_area_struct) vma_link; 1938 }; 1939 1940 struct mm_struct { 1941 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 1942 int mm_count; /* number of mappings */ 1943 }; 1944 1945 static struct mm_struct *vma_init(void); 1946 static void vma_delete(struct mm_struct *); 1947 static int vma_add_mapping(struct mm_struct *, abi_ulong, 1948 abi_ulong, abi_ulong); 1949 static int vma_get_mapping_count(const struct mm_struct *); 1950 static struct vm_area_struct *vma_first(const struct mm_struct *); 1951 static struct vm_area_struct *vma_next(struct vm_area_struct *); 1952 static abi_ulong vma_dump_size(const struct vm_area_struct *); 1953 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 1954 unsigned long flags); 1955 1956 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 1957 static void fill_note(struct memelfnote *, const char *, int, 1958 unsigned int, void *); 1959 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 1960 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 1961 static void fill_auxv_note(struct memelfnote *, const TaskState *); 1962 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 1963 static size_t note_size(const struct memelfnote *); 1964 static void free_note_info(struct elf_note_info *); 1965 static int fill_note_info(struct elf_note_info *, long, const CPUState *); 1966 static void fill_thread_info(struct elf_note_info *, const CPUState *); 1967 static int core_dump_filename(const TaskState *, char *, size_t); 1968 1969 static int dump_write(int, const void *, size_t); 1970 static int write_note(struct memelfnote *, int); 1971 static int write_note_info(struct elf_note_info *, int); 1972 1973 #ifdef BSWAP_NEEDED 1974 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 1975 { 1976 prstatus->pr_info.si_signo = tswapl(prstatus->pr_info.si_signo); 1977 prstatus->pr_info.si_code = tswapl(prstatus->pr_info.si_code); 1978 prstatus->pr_info.si_errno = tswapl(prstatus->pr_info.si_errno); 1979 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 1980 prstatus->pr_sigpend = tswapl(prstatus->pr_sigpend); 1981 prstatus->pr_sighold = tswapl(prstatus->pr_sighold); 1982 prstatus->pr_pid = tswap32(prstatus->pr_pid); 1983 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 1984 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 1985 prstatus->pr_sid = tswap32(prstatus->pr_sid); 1986 /* cpu times are not filled, so we skip them */ 1987 /* regs should be in correct format already */ 1988 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 1989 } 1990 1991 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 1992 { 1993 psinfo->pr_flag = tswapl(psinfo->pr_flag); 1994 psinfo->pr_uid = tswap16(psinfo->pr_uid); 1995 psinfo->pr_gid = tswap16(psinfo->pr_gid); 1996 psinfo->pr_pid = tswap32(psinfo->pr_pid); 1997 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 1998 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 1999 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2000 } 2001 2002 static void bswap_note(struct elf_note *en) 2003 { 2004 bswap32s(&en->n_namesz); 2005 bswap32s(&en->n_descsz); 2006 bswap32s(&en->n_type); 2007 } 2008 #else 2009 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2010 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2011 static inline void bswap_note(struct elf_note *en) { } 2012 #endif /* BSWAP_NEEDED */ 2013 2014 /* 2015 * Minimal support for linux memory regions. These are needed 2016 * when we are finding out what memory exactly belongs to 2017 * emulated process. No locks needed here, as long as 2018 * thread that received the signal is stopped. 2019 */ 2020 2021 static struct mm_struct *vma_init(void) 2022 { 2023 struct mm_struct *mm; 2024 2025 if ((mm = qemu_malloc(sizeof (*mm))) == NULL) 2026 return (NULL); 2027 2028 mm->mm_count = 0; 2029 QTAILQ_INIT(&mm->mm_mmap); 2030 2031 return (mm); 2032 } 2033 2034 static void vma_delete(struct mm_struct *mm) 2035 { 2036 struct vm_area_struct *vma; 2037 2038 while ((vma = vma_first(mm)) != NULL) { 2039 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 2040 qemu_free(vma); 2041 } 2042 qemu_free(mm); 2043 } 2044 2045 static int vma_add_mapping(struct mm_struct *mm, abi_ulong start, 2046 abi_ulong end, abi_ulong flags) 2047 { 2048 struct vm_area_struct *vma; 2049 2050 if ((vma = qemu_mallocz(sizeof (*vma))) == NULL) 2051 return (-1); 2052 2053 vma->vma_start = start; 2054 vma->vma_end = end; 2055 vma->vma_flags = flags; 2056 2057 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 2058 mm->mm_count++; 2059 2060 return (0); 2061 } 2062 2063 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 2064 { 2065 return (QTAILQ_FIRST(&mm->mm_mmap)); 2066 } 2067 2068 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 2069 { 2070 return (QTAILQ_NEXT(vma, vma_link)); 2071 } 2072 2073 static int vma_get_mapping_count(const struct mm_struct *mm) 2074 { 2075 return (mm->mm_count); 2076 } 2077 2078 /* 2079 * Calculate file (dump) size of given memory region. 2080 */ 2081 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 2082 { 2083 /* if we cannot even read the first page, skip it */ 2084 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 2085 return (0); 2086 2087 /* 2088 * Usually we don't dump executable pages as they contain 2089 * non-writable code that debugger can read directly from 2090 * target library etc. However, thread stacks are marked 2091 * also executable so we read in first page of given region 2092 * and check whether it contains elf header. If there is 2093 * no elf header, we dump it. 2094 */ 2095 if (vma->vma_flags & PROT_EXEC) { 2096 char page[TARGET_PAGE_SIZE]; 2097 2098 copy_from_user(page, vma->vma_start, sizeof (page)); 2099 if ((page[EI_MAG0] == ELFMAG0) && 2100 (page[EI_MAG1] == ELFMAG1) && 2101 (page[EI_MAG2] == ELFMAG2) && 2102 (page[EI_MAG3] == ELFMAG3)) { 2103 /* 2104 * Mappings are possibly from ELF binary. Don't dump 2105 * them. 2106 */ 2107 return (0); 2108 } 2109 } 2110 2111 return (vma->vma_end - vma->vma_start); 2112 } 2113 2114 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 2115 unsigned long flags) 2116 { 2117 struct mm_struct *mm = (struct mm_struct *)priv; 2118 2119 vma_add_mapping(mm, start, end, flags); 2120 return (0); 2121 } 2122 2123 static void fill_note(struct memelfnote *note, const char *name, int type, 2124 unsigned int sz, void *data) 2125 { 2126 unsigned int namesz; 2127 2128 namesz = strlen(name) + 1; 2129 note->name = name; 2130 note->namesz = namesz; 2131 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 2132 note->type = type; 2133 note->datasz = sz; 2134 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 2135 2136 note->data = data; 2137 2138 /* 2139 * We calculate rounded up note size here as specified by 2140 * ELF document. 2141 */ 2142 note->notesz = sizeof (struct elf_note) + 2143 note->namesz_rounded + note->datasz_rounded; 2144 } 2145 2146 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 2147 uint32_t flags) 2148 { 2149 (void) memset(elf, 0, sizeof(*elf)); 2150 2151 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 2152 elf->e_ident[EI_CLASS] = ELF_CLASS; 2153 elf->e_ident[EI_DATA] = ELF_DATA; 2154 elf->e_ident[EI_VERSION] = EV_CURRENT; 2155 elf->e_ident[EI_OSABI] = ELF_OSABI; 2156 2157 elf->e_type = ET_CORE; 2158 elf->e_machine = machine; 2159 elf->e_version = EV_CURRENT; 2160 elf->e_phoff = sizeof(struct elfhdr); 2161 elf->e_flags = flags; 2162 elf->e_ehsize = sizeof(struct elfhdr); 2163 elf->e_phentsize = sizeof(struct elf_phdr); 2164 elf->e_phnum = segs; 2165 2166 bswap_ehdr(elf); 2167 } 2168 2169 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 2170 { 2171 phdr->p_type = PT_NOTE; 2172 phdr->p_offset = offset; 2173 phdr->p_vaddr = 0; 2174 phdr->p_paddr = 0; 2175 phdr->p_filesz = sz; 2176 phdr->p_memsz = 0; 2177 phdr->p_flags = 0; 2178 phdr->p_align = 0; 2179 2180 bswap_phdr(phdr, 1); 2181 } 2182 2183 static size_t note_size(const struct memelfnote *note) 2184 { 2185 return (note->notesz); 2186 } 2187 2188 static void fill_prstatus(struct target_elf_prstatus *prstatus, 2189 const TaskState *ts, int signr) 2190 { 2191 (void) memset(prstatus, 0, sizeof (*prstatus)); 2192 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 2193 prstatus->pr_pid = ts->ts_tid; 2194 prstatus->pr_ppid = getppid(); 2195 prstatus->pr_pgrp = getpgrp(); 2196 prstatus->pr_sid = getsid(0); 2197 2198 bswap_prstatus(prstatus); 2199 } 2200 2201 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 2202 { 2203 char *filename, *base_filename; 2204 unsigned int i, len; 2205 2206 (void) memset(psinfo, 0, sizeof (*psinfo)); 2207 2208 len = ts->info->arg_end - ts->info->arg_start; 2209 if (len >= ELF_PRARGSZ) 2210 len = ELF_PRARGSZ - 1; 2211 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 2212 return -EFAULT; 2213 for (i = 0; i < len; i++) 2214 if (psinfo->pr_psargs[i] == 0) 2215 psinfo->pr_psargs[i] = ' '; 2216 psinfo->pr_psargs[len] = 0; 2217 2218 psinfo->pr_pid = getpid(); 2219 psinfo->pr_ppid = getppid(); 2220 psinfo->pr_pgrp = getpgrp(); 2221 psinfo->pr_sid = getsid(0); 2222 psinfo->pr_uid = getuid(); 2223 psinfo->pr_gid = getgid(); 2224 2225 filename = strdup(ts->bprm->filename); 2226 base_filename = strdup(basename(filename)); 2227 (void) strncpy(psinfo->pr_fname, base_filename, 2228 sizeof(psinfo->pr_fname)); 2229 free(base_filename); 2230 free(filename); 2231 2232 bswap_psinfo(psinfo); 2233 return (0); 2234 } 2235 2236 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 2237 { 2238 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 2239 elf_addr_t orig_auxv = auxv; 2240 abi_ulong val; 2241 void *ptr; 2242 int i, len; 2243 2244 /* 2245 * Auxiliary vector is stored in target process stack. It contains 2246 * {type, value} pairs that we need to dump into note. This is not 2247 * strictly necessary but we do it here for sake of completeness. 2248 */ 2249 2250 /* find out lenght of the vector, AT_NULL is terminator */ 2251 i = len = 0; 2252 do { 2253 get_user_ual(val, auxv); 2254 i += 2; 2255 auxv += 2 * sizeof (elf_addr_t); 2256 } while (val != AT_NULL); 2257 len = i * sizeof (elf_addr_t); 2258 2259 /* read in whole auxv vector and copy it to memelfnote */ 2260 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 2261 if (ptr != NULL) { 2262 fill_note(note, "CORE", NT_AUXV, len, ptr); 2263 unlock_user(ptr, auxv, len); 2264 } 2265 } 2266 2267 /* 2268 * Constructs name of coredump file. We have following convention 2269 * for the name: 2270 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 2271 * 2272 * Returns 0 in case of success, -1 otherwise (errno is set). 2273 */ 2274 static int core_dump_filename(const TaskState *ts, char *buf, 2275 size_t bufsize) 2276 { 2277 char timestamp[64]; 2278 char *filename = NULL; 2279 char *base_filename = NULL; 2280 struct timeval tv; 2281 struct tm tm; 2282 2283 assert(bufsize >= PATH_MAX); 2284 2285 if (gettimeofday(&tv, NULL) < 0) { 2286 (void) fprintf(stderr, "unable to get current timestamp: %s", 2287 strerror(errno)); 2288 return (-1); 2289 } 2290 2291 filename = strdup(ts->bprm->filename); 2292 base_filename = strdup(basename(filename)); 2293 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 2294 localtime_r(&tv.tv_sec, &tm)); 2295 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 2296 base_filename, timestamp, (int)getpid()); 2297 free(base_filename); 2298 free(filename); 2299 2300 return (0); 2301 } 2302 2303 static int dump_write(int fd, const void *ptr, size_t size) 2304 { 2305 const char *bufp = (const char *)ptr; 2306 ssize_t bytes_written, bytes_left; 2307 struct rlimit dumpsize; 2308 off_t pos; 2309 2310 bytes_written = 0; 2311 getrlimit(RLIMIT_CORE, &dumpsize); 2312 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 2313 if (errno == ESPIPE) { /* not a seekable stream */ 2314 bytes_left = size; 2315 } else { 2316 return pos; 2317 } 2318 } else { 2319 if (dumpsize.rlim_cur <= pos) { 2320 return -1; 2321 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 2322 bytes_left = size; 2323 } else { 2324 size_t limit_left=dumpsize.rlim_cur - pos; 2325 bytes_left = limit_left >= size ? size : limit_left ; 2326 } 2327 } 2328 2329 /* 2330 * In normal conditions, single write(2) should do but 2331 * in case of socket etc. this mechanism is more portable. 2332 */ 2333 do { 2334 bytes_written = write(fd, bufp, bytes_left); 2335 if (bytes_written < 0) { 2336 if (errno == EINTR) 2337 continue; 2338 return (-1); 2339 } else if (bytes_written == 0) { /* eof */ 2340 return (-1); 2341 } 2342 bufp += bytes_written; 2343 bytes_left -= bytes_written; 2344 } while (bytes_left > 0); 2345 2346 return (0); 2347 } 2348 2349 static int write_note(struct memelfnote *men, int fd) 2350 { 2351 struct elf_note en; 2352 2353 en.n_namesz = men->namesz; 2354 en.n_type = men->type; 2355 en.n_descsz = men->datasz; 2356 2357 bswap_note(&en); 2358 2359 if (dump_write(fd, &en, sizeof(en)) != 0) 2360 return (-1); 2361 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 2362 return (-1); 2363 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 2364 return (-1); 2365 2366 return (0); 2367 } 2368 2369 static void fill_thread_info(struct elf_note_info *info, const CPUState *env) 2370 { 2371 TaskState *ts = (TaskState *)env->opaque; 2372 struct elf_thread_status *ets; 2373 2374 ets = qemu_mallocz(sizeof (*ets)); 2375 ets->num_notes = 1; /* only prstatus is dumped */ 2376 fill_prstatus(&ets->prstatus, ts, 0); 2377 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 2378 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 2379 &ets->prstatus); 2380 2381 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 2382 2383 info->notes_size += note_size(&ets->notes[0]); 2384 } 2385 2386 static int fill_note_info(struct elf_note_info *info, 2387 long signr, const CPUState *env) 2388 { 2389 #define NUMNOTES 3 2390 CPUState *cpu = NULL; 2391 TaskState *ts = (TaskState *)env->opaque; 2392 int i; 2393 2394 (void) memset(info, 0, sizeof (*info)); 2395 2396 QTAILQ_INIT(&info->thread_list); 2397 2398 info->notes = qemu_mallocz(NUMNOTES * sizeof (struct memelfnote)); 2399 if (info->notes == NULL) 2400 return (-ENOMEM); 2401 info->prstatus = qemu_mallocz(sizeof (*info->prstatus)); 2402 if (info->prstatus == NULL) 2403 return (-ENOMEM); 2404 info->psinfo = qemu_mallocz(sizeof (*info->psinfo)); 2405 if (info->prstatus == NULL) 2406 return (-ENOMEM); 2407 2408 /* 2409 * First fill in status (and registers) of current thread 2410 * including process info & aux vector. 2411 */ 2412 fill_prstatus(info->prstatus, ts, signr); 2413 elf_core_copy_regs(&info->prstatus->pr_reg, env); 2414 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 2415 sizeof (*info->prstatus), info->prstatus); 2416 fill_psinfo(info->psinfo, ts); 2417 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 2418 sizeof (*info->psinfo), info->psinfo); 2419 fill_auxv_note(&info->notes[2], ts); 2420 info->numnote = 3; 2421 2422 info->notes_size = 0; 2423 for (i = 0; i < info->numnote; i++) 2424 info->notes_size += note_size(&info->notes[i]); 2425 2426 /* read and fill status of all threads */ 2427 cpu_list_lock(); 2428 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) { 2429 if (cpu == thread_env) 2430 continue; 2431 fill_thread_info(info, cpu); 2432 } 2433 cpu_list_unlock(); 2434 2435 return (0); 2436 } 2437 2438 static void free_note_info(struct elf_note_info *info) 2439 { 2440 struct elf_thread_status *ets; 2441 2442 while (!QTAILQ_EMPTY(&info->thread_list)) { 2443 ets = QTAILQ_FIRST(&info->thread_list); 2444 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 2445 qemu_free(ets); 2446 } 2447 2448 qemu_free(info->prstatus); 2449 qemu_free(info->psinfo); 2450 qemu_free(info->notes); 2451 } 2452 2453 static int write_note_info(struct elf_note_info *info, int fd) 2454 { 2455 struct elf_thread_status *ets; 2456 int i, error = 0; 2457 2458 /* write prstatus, psinfo and auxv for current thread */ 2459 for (i = 0; i < info->numnote; i++) 2460 if ((error = write_note(&info->notes[i], fd)) != 0) 2461 return (error); 2462 2463 /* write prstatus for each thread */ 2464 for (ets = info->thread_list.tqh_first; ets != NULL; 2465 ets = ets->ets_link.tqe_next) { 2466 if ((error = write_note(&ets->notes[0], fd)) != 0) 2467 return (error); 2468 } 2469 2470 return (0); 2471 } 2472 2473 /* 2474 * Write out ELF coredump. 2475 * 2476 * See documentation of ELF object file format in: 2477 * http://www.caldera.com/developers/devspecs/gabi41.pdf 2478 * 2479 * Coredump format in linux is following: 2480 * 2481 * 0 +----------------------+ \ 2482 * | ELF header | ET_CORE | 2483 * +----------------------+ | 2484 * | ELF program headers | |--- headers 2485 * | - NOTE section | | 2486 * | - PT_LOAD sections | | 2487 * +----------------------+ / 2488 * | NOTEs: | 2489 * | - NT_PRSTATUS | 2490 * | - NT_PRSINFO | 2491 * | - NT_AUXV | 2492 * +----------------------+ <-- aligned to target page 2493 * | Process memory dump | 2494 * : : 2495 * . . 2496 * : : 2497 * | | 2498 * +----------------------+ 2499 * 2500 * NT_PRSTATUS -> struct elf_prstatus (per thread) 2501 * NT_PRSINFO -> struct elf_prpsinfo 2502 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 2503 * 2504 * Format follows System V format as close as possible. Current 2505 * version limitations are as follows: 2506 * - no floating point registers are dumped 2507 * 2508 * Function returns 0 in case of success, negative errno otherwise. 2509 * 2510 * TODO: make this work also during runtime: it should be 2511 * possible to force coredump from running process and then 2512 * continue processing. For example qemu could set up SIGUSR2 2513 * handler (provided that target process haven't registered 2514 * handler for that) that does the dump when signal is received. 2515 */ 2516 static int elf_core_dump(int signr, const CPUState *env) 2517 { 2518 const TaskState *ts = (const TaskState *)env->opaque; 2519 struct vm_area_struct *vma = NULL; 2520 char corefile[PATH_MAX]; 2521 struct elf_note_info info; 2522 struct elfhdr elf; 2523 struct elf_phdr phdr; 2524 struct rlimit dumpsize; 2525 struct mm_struct *mm = NULL; 2526 off_t offset = 0, data_offset = 0; 2527 int segs = 0; 2528 int fd = -1; 2529 2530 errno = 0; 2531 getrlimit(RLIMIT_CORE, &dumpsize); 2532 if (dumpsize.rlim_cur == 0) 2533 return 0; 2534 2535 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 2536 return (-errno); 2537 2538 if ((fd = open(corefile, O_WRONLY | O_CREAT, 2539 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 2540 return (-errno); 2541 2542 /* 2543 * Walk through target process memory mappings and 2544 * set up structure containing this information. After 2545 * this point vma_xxx functions can be used. 2546 */ 2547 if ((mm = vma_init()) == NULL) 2548 goto out; 2549 2550 walk_memory_regions(mm, vma_walker); 2551 segs = vma_get_mapping_count(mm); 2552 2553 /* 2554 * Construct valid coredump ELF header. We also 2555 * add one more segment for notes. 2556 */ 2557 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 2558 if (dump_write(fd, &elf, sizeof (elf)) != 0) 2559 goto out; 2560 2561 /* fill in in-memory version of notes */ 2562 if (fill_note_info(&info, signr, env) < 0) 2563 goto out; 2564 2565 offset += sizeof (elf); /* elf header */ 2566 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 2567 2568 /* write out notes program header */ 2569 fill_elf_note_phdr(&phdr, info.notes_size, offset); 2570 2571 offset += info.notes_size; 2572 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 2573 goto out; 2574 2575 /* 2576 * ELF specification wants data to start at page boundary so 2577 * we align it here. 2578 */ 2579 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 2580 2581 /* 2582 * Write program headers for memory regions mapped in 2583 * the target process. 2584 */ 2585 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 2586 (void) memset(&phdr, 0, sizeof (phdr)); 2587 2588 phdr.p_type = PT_LOAD; 2589 phdr.p_offset = offset; 2590 phdr.p_vaddr = vma->vma_start; 2591 phdr.p_paddr = 0; 2592 phdr.p_filesz = vma_dump_size(vma); 2593 offset += phdr.p_filesz; 2594 phdr.p_memsz = vma->vma_end - vma->vma_start; 2595 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 2596 if (vma->vma_flags & PROT_WRITE) 2597 phdr.p_flags |= PF_W; 2598 if (vma->vma_flags & PROT_EXEC) 2599 phdr.p_flags |= PF_X; 2600 phdr.p_align = ELF_EXEC_PAGESIZE; 2601 2602 bswap_phdr(&phdr, 1); 2603 dump_write(fd, &phdr, sizeof (phdr)); 2604 } 2605 2606 /* 2607 * Next we write notes just after program headers. No 2608 * alignment needed here. 2609 */ 2610 if (write_note_info(&info, fd) < 0) 2611 goto out; 2612 2613 /* align data to page boundary */ 2614 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 2615 goto out; 2616 2617 /* 2618 * Finally we can dump process memory into corefile as well. 2619 */ 2620 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 2621 abi_ulong addr; 2622 abi_ulong end; 2623 2624 end = vma->vma_start + vma_dump_size(vma); 2625 2626 for (addr = vma->vma_start; addr < end; 2627 addr += TARGET_PAGE_SIZE) { 2628 char page[TARGET_PAGE_SIZE]; 2629 int error; 2630 2631 /* 2632 * Read in page from target process memory and 2633 * write it to coredump file. 2634 */ 2635 error = copy_from_user(page, addr, sizeof (page)); 2636 if (error != 0) { 2637 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 2638 addr); 2639 errno = -error; 2640 goto out; 2641 } 2642 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 2643 goto out; 2644 } 2645 } 2646 2647 out: 2648 free_note_info(&info); 2649 if (mm != NULL) 2650 vma_delete(mm); 2651 (void) close(fd); 2652 2653 if (errno != 0) 2654 return (-errno); 2655 return (0); 2656 } 2657 #endif /* USE_ELF_CORE_DUMP */ 2658 2659 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 2660 { 2661 init_thread(regs, infop); 2662 } 2663