1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include "qemu/osdep.h" 3 #include <sys/param.h> 4 5 #include <sys/resource.h> 6 7 #include "qemu.h" 8 #include "disas/disas.h" 9 #include "qemu/path.h" 10 11 #ifdef _ARCH_PPC64 12 #undef ARCH_DLINFO 13 #undef ELF_PLATFORM 14 #undef ELF_HWCAP 15 #undef ELF_HWCAP2 16 #undef ELF_CLASS 17 #undef ELF_DATA 18 #undef ELF_ARCH 19 #endif 20 21 #define ELF_OSABI ELFOSABI_SYSV 22 23 /* from personality.h */ 24 25 /* 26 * Flags for bug emulation. 27 * 28 * These occupy the top three bytes. 29 */ 30 enum { 31 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 32 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 33 descriptors (signal handling) */ 34 MMAP_PAGE_ZERO = 0x0100000, 35 ADDR_COMPAT_LAYOUT = 0x0200000, 36 READ_IMPLIES_EXEC = 0x0400000, 37 ADDR_LIMIT_32BIT = 0x0800000, 38 SHORT_INODE = 0x1000000, 39 WHOLE_SECONDS = 0x2000000, 40 STICKY_TIMEOUTS = 0x4000000, 41 ADDR_LIMIT_3GB = 0x8000000, 42 }; 43 44 /* 45 * Personality types. 46 * 47 * These go in the low byte. Avoid using the top bit, it will 48 * conflict with error returns. 49 */ 50 enum { 51 PER_LINUX = 0x0000, 52 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 53 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 54 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 55 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 56 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 57 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 58 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 59 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 60 PER_BSD = 0x0006, 61 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 62 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 63 PER_LINUX32 = 0x0008, 64 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 65 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 66 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 67 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 68 PER_RISCOS = 0x000c, 69 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 70 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 71 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 72 PER_HPUX = 0x0010, 73 PER_MASK = 0x00ff, 74 }; 75 76 /* 77 * Return the base personality without flags. 78 */ 79 #define personality(pers) (pers & PER_MASK) 80 81 /* this flag is uneffective under linux too, should be deleted */ 82 #ifndef MAP_DENYWRITE 83 #define MAP_DENYWRITE 0 84 #endif 85 86 /* should probably go in elf.h */ 87 #ifndef ELIBBAD 88 #define ELIBBAD 80 89 #endif 90 91 #ifdef TARGET_WORDS_BIGENDIAN 92 #define ELF_DATA ELFDATA2MSB 93 #else 94 #define ELF_DATA ELFDATA2LSB 95 #endif 96 97 #ifdef TARGET_ABI_MIPSN32 98 typedef abi_ullong target_elf_greg_t; 99 #define tswapreg(ptr) tswap64(ptr) 100 #else 101 typedef abi_ulong target_elf_greg_t; 102 #define tswapreg(ptr) tswapal(ptr) 103 #endif 104 105 #ifdef USE_UID16 106 typedef abi_ushort target_uid_t; 107 typedef abi_ushort target_gid_t; 108 #else 109 typedef abi_uint target_uid_t; 110 typedef abi_uint target_gid_t; 111 #endif 112 typedef abi_int target_pid_t; 113 114 #ifdef TARGET_I386 115 116 #define ELF_PLATFORM get_elf_platform() 117 118 static const char *get_elf_platform(void) 119 { 120 static char elf_platform[] = "i386"; 121 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 122 if (family > 6) 123 family = 6; 124 if (family >= 3) 125 elf_platform[1] = '0' + family; 126 return elf_platform; 127 } 128 129 #define ELF_HWCAP get_elf_hwcap() 130 131 static uint32_t get_elf_hwcap(void) 132 { 133 X86CPU *cpu = X86_CPU(thread_cpu); 134 135 return cpu->env.features[FEAT_1_EDX]; 136 } 137 138 #ifdef TARGET_X86_64 139 #define ELF_START_MMAP 0x2aaaaab000ULL 140 141 #define ELF_CLASS ELFCLASS64 142 #define ELF_ARCH EM_X86_64 143 144 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 145 { 146 regs->rax = 0; 147 regs->rsp = infop->start_stack; 148 regs->rip = infop->entry; 149 } 150 151 #define ELF_NREG 27 152 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 153 154 /* 155 * Note that ELF_NREG should be 29 as there should be place for 156 * TRAPNO and ERR "registers" as well but linux doesn't dump 157 * those. 158 * 159 * See linux kernel: arch/x86/include/asm/elf.h 160 */ 161 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 162 { 163 (*regs)[0] = env->regs[15]; 164 (*regs)[1] = env->regs[14]; 165 (*regs)[2] = env->regs[13]; 166 (*regs)[3] = env->regs[12]; 167 (*regs)[4] = env->regs[R_EBP]; 168 (*regs)[5] = env->regs[R_EBX]; 169 (*regs)[6] = env->regs[11]; 170 (*regs)[7] = env->regs[10]; 171 (*regs)[8] = env->regs[9]; 172 (*regs)[9] = env->regs[8]; 173 (*regs)[10] = env->regs[R_EAX]; 174 (*regs)[11] = env->regs[R_ECX]; 175 (*regs)[12] = env->regs[R_EDX]; 176 (*regs)[13] = env->regs[R_ESI]; 177 (*regs)[14] = env->regs[R_EDI]; 178 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 179 (*regs)[16] = env->eip; 180 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 181 (*regs)[18] = env->eflags; 182 (*regs)[19] = env->regs[R_ESP]; 183 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 184 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 185 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 186 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 187 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 188 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 189 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 190 } 191 192 #else 193 194 #define ELF_START_MMAP 0x80000000 195 196 /* 197 * This is used to ensure we don't load something for the wrong architecture. 198 */ 199 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 200 201 /* 202 * These are used to set parameters in the core dumps. 203 */ 204 #define ELF_CLASS ELFCLASS32 205 #define ELF_ARCH EM_386 206 207 static inline void init_thread(struct target_pt_regs *regs, 208 struct image_info *infop) 209 { 210 regs->esp = infop->start_stack; 211 regs->eip = infop->entry; 212 213 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 214 starts %edx contains a pointer to a function which might be 215 registered using `atexit'. This provides a mean for the 216 dynamic linker to call DT_FINI functions for shared libraries 217 that have been loaded before the code runs. 218 219 A value of 0 tells we have no such handler. */ 220 regs->edx = 0; 221 } 222 223 #define ELF_NREG 17 224 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 225 226 /* 227 * Note that ELF_NREG should be 19 as there should be place for 228 * TRAPNO and ERR "registers" as well but linux doesn't dump 229 * those. 230 * 231 * See linux kernel: arch/x86/include/asm/elf.h 232 */ 233 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 234 { 235 (*regs)[0] = env->regs[R_EBX]; 236 (*regs)[1] = env->regs[R_ECX]; 237 (*regs)[2] = env->regs[R_EDX]; 238 (*regs)[3] = env->regs[R_ESI]; 239 (*regs)[4] = env->regs[R_EDI]; 240 (*regs)[5] = env->regs[R_EBP]; 241 (*regs)[6] = env->regs[R_EAX]; 242 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 243 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 244 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 245 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 246 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 247 (*regs)[12] = env->eip; 248 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 249 (*regs)[14] = env->eflags; 250 (*regs)[15] = env->regs[R_ESP]; 251 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 252 } 253 #endif 254 255 #define USE_ELF_CORE_DUMP 256 #define ELF_EXEC_PAGESIZE 4096 257 258 #endif 259 260 #ifdef TARGET_ARM 261 262 #ifndef TARGET_AARCH64 263 /* 32 bit ARM definitions */ 264 265 #define ELF_START_MMAP 0x80000000 266 267 #define ELF_ARCH EM_ARM 268 #define ELF_CLASS ELFCLASS32 269 270 static inline void init_thread(struct target_pt_regs *regs, 271 struct image_info *infop) 272 { 273 abi_long stack = infop->start_stack; 274 memset(regs, 0, sizeof(*regs)); 275 276 regs->uregs[16] = ARM_CPU_MODE_USR; 277 if (infop->entry & 1) { 278 regs->uregs[16] |= CPSR_T; 279 } 280 regs->uregs[15] = infop->entry & 0xfffffffe; 281 regs->uregs[13] = infop->start_stack; 282 /* FIXME - what to for failure of get_user()? */ 283 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 284 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 285 /* XXX: it seems that r0 is zeroed after ! */ 286 regs->uregs[0] = 0; 287 /* For uClinux PIC binaries. */ 288 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 289 regs->uregs[10] = infop->start_data; 290 } 291 292 #define ELF_NREG 18 293 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 294 295 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 296 { 297 (*regs)[0] = tswapreg(env->regs[0]); 298 (*regs)[1] = tswapreg(env->regs[1]); 299 (*regs)[2] = tswapreg(env->regs[2]); 300 (*regs)[3] = tswapreg(env->regs[3]); 301 (*regs)[4] = tswapreg(env->regs[4]); 302 (*regs)[5] = tswapreg(env->regs[5]); 303 (*regs)[6] = tswapreg(env->regs[6]); 304 (*regs)[7] = tswapreg(env->regs[7]); 305 (*regs)[8] = tswapreg(env->regs[8]); 306 (*regs)[9] = tswapreg(env->regs[9]); 307 (*regs)[10] = tswapreg(env->regs[10]); 308 (*regs)[11] = tswapreg(env->regs[11]); 309 (*regs)[12] = tswapreg(env->regs[12]); 310 (*regs)[13] = tswapreg(env->regs[13]); 311 (*regs)[14] = tswapreg(env->regs[14]); 312 (*regs)[15] = tswapreg(env->regs[15]); 313 314 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 315 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 316 } 317 318 #define USE_ELF_CORE_DUMP 319 #define ELF_EXEC_PAGESIZE 4096 320 321 enum 322 { 323 ARM_HWCAP_ARM_SWP = 1 << 0, 324 ARM_HWCAP_ARM_HALF = 1 << 1, 325 ARM_HWCAP_ARM_THUMB = 1 << 2, 326 ARM_HWCAP_ARM_26BIT = 1 << 3, 327 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 328 ARM_HWCAP_ARM_FPA = 1 << 5, 329 ARM_HWCAP_ARM_VFP = 1 << 6, 330 ARM_HWCAP_ARM_EDSP = 1 << 7, 331 ARM_HWCAP_ARM_JAVA = 1 << 8, 332 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 333 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 334 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 335 ARM_HWCAP_ARM_NEON = 1 << 12, 336 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 337 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 338 ARM_HWCAP_ARM_TLS = 1 << 15, 339 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 340 ARM_HWCAP_ARM_IDIVA = 1 << 17, 341 ARM_HWCAP_ARM_IDIVT = 1 << 18, 342 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 343 ARM_HWCAP_ARM_LPAE = 1 << 20, 344 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 345 }; 346 347 enum { 348 ARM_HWCAP2_ARM_AES = 1 << 0, 349 ARM_HWCAP2_ARM_PMULL = 1 << 1, 350 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 351 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 352 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 353 }; 354 355 /* The commpage only exists for 32 bit kernels */ 356 357 #define TARGET_HAS_VALIDATE_GUEST_SPACE 358 /* Return 1 if the proposed guest space is suitable for the guest. 359 * Return 0 if the proposed guest space isn't suitable, but another 360 * address space should be tried. 361 * Return -1 if there is no way the proposed guest space can be 362 * valid regardless of the base. 363 * The guest code may leave a page mapped and populate it if the 364 * address is suitable. 365 */ 366 static int validate_guest_space(unsigned long guest_base, 367 unsigned long guest_size) 368 { 369 unsigned long real_start, test_page_addr; 370 371 /* We need to check that we can force a fault on access to the 372 * commpage at 0xffff0fxx 373 */ 374 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask); 375 376 /* If the commpage lies within the already allocated guest space, 377 * then there is no way we can allocate it. 378 */ 379 if (test_page_addr >= guest_base 380 && test_page_addr < (guest_base + guest_size)) { 381 return -1; 382 } 383 384 /* Note it needs to be writeable to let us initialise it */ 385 real_start = (unsigned long) 386 mmap((void *)test_page_addr, qemu_host_page_size, 387 PROT_READ | PROT_WRITE, 388 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 389 390 /* If we can't map it then try another address */ 391 if (real_start == -1ul) { 392 return 0; 393 } 394 395 if (real_start != test_page_addr) { 396 /* OS didn't put the page where we asked - unmap and reject */ 397 munmap((void *)real_start, qemu_host_page_size); 398 return 0; 399 } 400 401 /* Leave the page mapped 402 * Populate it (mmap should have left it all 0'd) 403 */ 404 405 /* Kernel helper versions */ 406 __put_user(5, (uint32_t *)g2h(0xffff0ffcul)); 407 408 /* Now it's populated make it RO */ 409 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) { 410 perror("Protecting guest commpage"); 411 exit(-1); 412 } 413 414 return 1; /* All good */ 415 } 416 417 #define ELF_HWCAP get_elf_hwcap() 418 #define ELF_HWCAP2 get_elf_hwcap2() 419 420 static uint32_t get_elf_hwcap(void) 421 { 422 ARMCPU *cpu = ARM_CPU(thread_cpu); 423 uint32_t hwcaps = 0; 424 425 hwcaps |= ARM_HWCAP_ARM_SWP; 426 hwcaps |= ARM_HWCAP_ARM_HALF; 427 hwcaps |= ARM_HWCAP_ARM_THUMB; 428 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 429 430 /* probe for the extra features */ 431 #define GET_FEATURE(feat, hwcap) \ 432 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 433 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 434 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 435 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP); 436 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 437 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 438 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 439 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3); 440 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 441 GET_FEATURE(ARM_FEATURE_VFP4, ARM_HWCAP_ARM_VFPv4); 442 GET_FEATURE(ARM_FEATURE_ARM_DIV, ARM_HWCAP_ARM_IDIVA); 443 GET_FEATURE(ARM_FEATURE_THUMB_DIV, ARM_HWCAP_ARM_IDIVT); 444 /* All QEMU's VFPv3 CPUs have 32 registers, see VFP_DREG in translate.c. 445 * Note that the ARM_HWCAP_ARM_VFPv3D16 bit is always the inverse of 446 * ARM_HWCAP_ARM_VFPD32 (and so always clear for QEMU); it is unrelated 447 * to our VFP_FP16 feature bit. 448 */ 449 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPD32); 450 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 451 452 return hwcaps; 453 } 454 455 static uint32_t get_elf_hwcap2(void) 456 { 457 ARMCPU *cpu = ARM_CPU(thread_cpu); 458 uint32_t hwcaps = 0; 459 460 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP2_ARM_AES); 461 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP2_ARM_PMULL); 462 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP2_ARM_SHA1); 463 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP2_ARM_SHA2); 464 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP2_ARM_CRC32); 465 return hwcaps; 466 } 467 468 #undef GET_FEATURE 469 470 #else 471 /* 64 bit ARM definitions */ 472 #define ELF_START_MMAP 0x80000000 473 474 #define ELF_ARCH EM_AARCH64 475 #define ELF_CLASS ELFCLASS64 476 #define ELF_PLATFORM "aarch64" 477 478 static inline void init_thread(struct target_pt_regs *regs, 479 struct image_info *infop) 480 { 481 abi_long stack = infop->start_stack; 482 memset(regs, 0, sizeof(*regs)); 483 484 regs->pc = infop->entry & ~0x3ULL; 485 regs->sp = stack; 486 } 487 488 #define ELF_NREG 34 489 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 490 491 static void elf_core_copy_regs(target_elf_gregset_t *regs, 492 const CPUARMState *env) 493 { 494 int i; 495 496 for (i = 0; i < 32; i++) { 497 (*regs)[i] = tswapreg(env->xregs[i]); 498 } 499 (*regs)[32] = tswapreg(env->pc); 500 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 501 } 502 503 #define USE_ELF_CORE_DUMP 504 #define ELF_EXEC_PAGESIZE 4096 505 506 enum { 507 ARM_HWCAP_A64_FP = 1 << 0, 508 ARM_HWCAP_A64_ASIMD = 1 << 1, 509 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 510 ARM_HWCAP_A64_AES = 1 << 3, 511 ARM_HWCAP_A64_PMULL = 1 << 4, 512 ARM_HWCAP_A64_SHA1 = 1 << 5, 513 ARM_HWCAP_A64_SHA2 = 1 << 6, 514 ARM_HWCAP_A64_CRC32 = 1 << 7, 515 ARM_HWCAP_A64_ATOMICS = 1 << 8, 516 ARM_HWCAP_A64_FPHP = 1 << 9, 517 ARM_HWCAP_A64_ASIMDHP = 1 << 10, 518 ARM_HWCAP_A64_CPUID = 1 << 11, 519 ARM_HWCAP_A64_ASIMDRDM = 1 << 12, 520 ARM_HWCAP_A64_JSCVT = 1 << 13, 521 ARM_HWCAP_A64_FCMA = 1 << 14, 522 ARM_HWCAP_A64_LRCPC = 1 << 15, 523 ARM_HWCAP_A64_DCPOP = 1 << 16, 524 ARM_HWCAP_A64_SHA3 = 1 << 17, 525 ARM_HWCAP_A64_SM3 = 1 << 18, 526 ARM_HWCAP_A64_SM4 = 1 << 19, 527 ARM_HWCAP_A64_ASIMDDP = 1 << 20, 528 ARM_HWCAP_A64_SHA512 = 1 << 21, 529 ARM_HWCAP_A64_SVE = 1 << 22, 530 }; 531 532 #define ELF_HWCAP get_elf_hwcap() 533 534 static uint32_t get_elf_hwcap(void) 535 { 536 ARMCPU *cpu = ARM_CPU(thread_cpu); 537 uint32_t hwcaps = 0; 538 539 hwcaps |= ARM_HWCAP_A64_FP; 540 hwcaps |= ARM_HWCAP_A64_ASIMD; 541 542 /* probe for the extra features */ 543 #define GET_FEATURE(feat, hwcap) \ 544 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 545 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP_A64_AES); 546 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP_A64_PMULL); 547 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1); 548 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2); 549 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32); 550 GET_FEATURE(ARM_FEATURE_V8_SHA3, ARM_HWCAP_A64_SHA3); 551 GET_FEATURE(ARM_FEATURE_V8_SM3, ARM_HWCAP_A64_SM3); 552 GET_FEATURE(ARM_FEATURE_V8_SM4, ARM_HWCAP_A64_SM4); 553 GET_FEATURE(ARM_FEATURE_V8_SHA512, ARM_HWCAP_A64_SHA512); 554 GET_FEATURE(ARM_FEATURE_V8_FP16, 555 ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP); 556 GET_FEATURE(ARM_FEATURE_V8_RDM, ARM_HWCAP_A64_ASIMDRDM); 557 GET_FEATURE(ARM_FEATURE_V8_FCMA, ARM_HWCAP_A64_FCMA); 558 #undef GET_FEATURE 559 560 return hwcaps; 561 } 562 563 #endif /* not TARGET_AARCH64 */ 564 #endif /* TARGET_ARM */ 565 566 #ifdef TARGET_UNICORE32 567 568 #define ELF_START_MMAP 0x80000000 569 570 #define ELF_CLASS ELFCLASS32 571 #define ELF_DATA ELFDATA2LSB 572 #define ELF_ARCH EM_UNICORE32 573 574 static inline void init_thread(struct target_pt_regs *regs, 575 struct image_info *infop) 576 { 577 abi_long stack = infop->start_stack; 578 memset(regs, 0, sizeof(*regs)); 579 regs->UC32_REG_asr = 0x10; 580 regs->UC32_REG_pc = infop->entry & 0xfffffffe; 581 regs->UC32_REG_sp = infop->start_stack; 582 /* FIXME - what to for failure of get_user()? */ 583 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */ 584 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */ 585 /* XXX: it seems that r0 is zeroed after ! */ 586 regs->UC32_REG_00 = 0; 587 } 588 589 #define ELF_NREG 34 590 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 591 592 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env) 593 { 594 (*regs)[0] = env->regs[0]; 595 (*regs)[1] = env->regs[1]; 596 (*regs)[2] = env->regs[2]; 597 (*regs)[3] = env->regs[3]; 598 (*regs)[4] = env->regs[4]; 599 (*regs)[5] = env->regs[5]; 600 (*regs)[6] = env->regs[6]; 601 (*regs)[7] = env->regs[7]; 602 (*regs)[8] = env->regs[8]; 603 (*regs)[9] = env->regs[9]; 604 (*regs)[10] = env->regs[10]; 605 (*regs)[11] = env->regs[11]; 606 (*regs)[12] = env->regs[12]; 607 (*regs)[13] = env->regs[13]; 608 (*regs)[14] = env->regs[14]; 609 (*regs)[15] = env->regs[15]; 610 (*regs)[16] = env->regs[16]; 611 (*regs)[17] = env->regs[17]; 612 (*regs)[18] = env->regs[18]; 613 (*regs)[19] = env->regs[19]; 614 (*regs)[20] = env->regs[20]; 615 (*regs)[21] = env->regs[21]; 616 (*regs)[22] = env->regs[22]; 617 (*regs)[23] = env->regs[23]; 618 (*regs)[24] = env->regs[24]; 619 (*regs)[25] = env->regs[25]; 620 (*regs)[26] = env->regs[26]; 621 (*regs)[27] = env->regs[27]; 622 (*regs)[28] = env->regs[28]; 623 (*regs)[29] = env->regs[29]; 624 (*regs)[30] = env->regs[30]; 625 (*regs)[31] = env->regs[31]; 626 627 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env); 628 (*regs)[33] = env->regs[0]; /* XXX */ 629 } 630 631 #define USE_ELF_CORE_DUMP 632 #define ELF_EXEC_PAGESIZE 4096 633 634 #define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64) 635 636 #endif 637 638 #ifdef TARGET_SPARC 639 #ifdef TARGET_SPARC64 640 641 #define ELF_START_MMAP 0x80000000 642 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 643 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 644 #ifndef TARGET_ABI32 645 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 646 #else 647 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 648 #endif 649 650 #define ELF_CLASS ELFCLASS64 651 #define ELF_ARCH EM_SPARCV9 652 653 #define STACK_BIAS 2047 654 655 static inline void init_thread(struct target_pt_regs *regs, 656 struct image_info *infop) 657 { 658 #ifndef TARGET_ABI32 659 regs->tstate = 0; 660 #endif 661 regs->pc = infop->entry; 662 regs->npc = regs->pc + 4; 663 regs->y = 0; 664 #ifdef TARGET_ABI32 665 regs->u_regs[14] = infop->start_stack - 16 * 4; 666 #else 667 if (personality(infop->personality) == PER_LINUX32) 668 regs->u_regs[14] = infop->start_stack - 16 * 4; 669 else 670 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 671 #endif 672 } 673 674 #else 675 #define ELF_START_MMAP 0x80000000 676 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 677 | HWCAP_SPARC_MULDIV) 678 679 #define ELF_CLASS ELFCLASS32 680 #define ELF_ARCH EM_SPARC 681 682 static inline void init_thread(struct target_pt_regs *regs, 683 struct image_info *infop) 684 { 685 regs->psr = 0; 686 regs->pc = infop->entry; 687 regs->npc = regs->pc + 4; 688 regs->y = 0; 689 regs->u_regs[14] = infop->start_stack - 16 * 4; 690 } 691 692 #endif 693 #endif 694 695 #ifdef TARGET_PPC 696 697 #define ELF_MACHINE PPC_ELF_MACHINE 698 #define ELF_START_MMAP 0x80000000 699 700 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 701 702 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 703 704 #define ELF_CLASS ELFCLASS64 705 706 #else 707 708 #define ELF_CLASS ELFCLASS32 709 710 #endif 711 712 #define ELF_ARCH EM_PPC 713 714 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 715 See arch/powerpc/include/asm/cputable.h. */ 716 enum { 717 QEMU_PPC_FEATURE_32 = 0x80000000, 718 QEMU_PPC_FEATURE_64 = 0x40000000, 719 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 720 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 721 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 722 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 723 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 724 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 725 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 726 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 727 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 728 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 729 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 730 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 731 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 732 QEMU_PPC_FEATURE_CELL = 0x00010000, 733 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 734 QEMU_PPC_FEATURE_SMT = 0x00004000, 735 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 736 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 737 QEMU_PPC_FEATURE_PA6T = 0x00000800, 738 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 739 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 740 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 741 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 742 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 743 744 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 745 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 746 747 /* Feature definitions in AT_HWCAP2. */ 748 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 749 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 750 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 751 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 752 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 753 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 754 }; 755 756 #define ELF_HWCAP get_elf_hwcap() 757 758 static uint32_t get_elf_hwcap(void) 759 { 760 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 761 uint32_t features = 0; 762 763 /* We don't have to be terribly complete here; the high points are 764 Altivec/FP/SPE support. Anything else is just a bonus. */ 765 #define GET_FEATURE(flag, feature) \ 766 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 767 #define GET_FEATURE2(flags, feature) \ 768 do { \ 769 if ((cpu->env.insns_flags2 & flags) == flags) { \ 770 features |= feature; \ 771 } \ 772 } while (0) 773 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 774 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 775 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 776 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 777 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 778 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 779 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 780 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 781 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 782 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 783 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 784 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 785 QEMU_PPC_FEATURE_ARCH_2_06); 786 #undef GET_FEATURE 787 #undef GET_FEATURE2 788 789 return features; 790 } 791 792 #define ELF_HWCAP2 get_elf_hwcap2() 793 794 static uint32_t get_elf_hwcap2(void) 795 { 796 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 797 uint32_t features = 0; 798 799 #define GET_FEATURE(flag, feature) \ 800 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 801 #define GET_FEATURE2(flag, feature) \ 802 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 803 804 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 805 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 806 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 807 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07); 808 809 #undef GET_FEATURE 810 #undef GET_FEATURE2 811 812 return features; 813 } 814 815 /* 816 * The requirements here are: 817 * - keep the final alignment of sp (sp & 0xf) 818 * - make sure the 32-bit value at the first 16 byte aligned position of 819 * AUXV is greater than 16 for glibc compatibility. 820 * AT_IGNOREPPC is used for that. 821 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 822 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 823 */ 824 #define DLINFO_ARCH_ITEMS 5 825 #define ARCH_DLINFO \ 826 do { \ 827 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 828 /* \ 829 * Handle glibc compatibility: these magic entries must \ 830 * be at the lowest addresses in the final auxv. \ 831 */ \ 832 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 833 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 834 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 835 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 836 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 837 } while (0) 838 839 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 840 { 841 _regs->gpr[1] = infop->start_stack; 842 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 843 if (get_ppc64_abi(infop) < 2) { 844 uint64_t val; 845 get_user_u64(val, infop->entry + 8); 846 _regs->gpr[2] = val + infop->load_bias; 847 get_user_u64(val, infop->entry); 848 infop->entry = val + infop->load_bias; 849 } else { 850 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 851 } 852 #endif 853 _regs->nip = infop->entry; 854 } 855 856 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 857 #define ELF_NREG 48 858 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 859 860 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 861 { 862 int i; 863 target_ulong ccr = 0; 864 865 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 866 (*regs)[i] = tswapreg(env->gpr[i]); 867 } 868 869 (*regs)[32] = tswapreg(env->nip); 870 (*regs)[33] = tswapreg(env->msr); 871 (*regs)[35] = tswapreg(env->ctr); 872 (*regs)[36] = tswapreg(env->lr); 873 (*regs)[37] = tswapreg(env->xer); 874 875 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 876 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 877 } 878 (*regs)[38] = tswapreg(ccr); 879 } 880 881 #define USE_ELF_CORE_DUMP 882 #define ELF_EXEC_PAGESIZE 4096 883 884 #endif 885 886 #ifdef TARGET_MIPS 887 888 #define ELF_START_MMAP 0x80000000 889 890 #ifdef TARGET_MIPS64 891 #define ELF_CLASS ELFCLASS64 892 #else 893 #define ELF_CLASS ELFCLASS32 894 #endif 895 #define ELF_ARCH EM_MIPS 896 897 static inline void init_thread(struct target_pt_regs *regs, 898 struct image_info *infop) 899 { 900 regs->cp0_status = 2 << CP0St_KSU; 901 regs->cp0_epc = infop->entry; 902 regs->regs[29] = infop->start_stack; 903 } 904 905 /* See linux kernel: arch/mips/include/asm/elf.h. */ 906 #define ELF_NREG 45 907 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 908 909 /* See linux kernel: arch/mips/include/asm/reg.h. */ 910 enum { 911 #ifdef TARGET_MIPS64 912 TARGET_EF_R0 = 0, 913 #else 914 TARGET_EF_R0 = 6, 915 #endif 916 TARGET_EF_R26 = TARGET_EF_R0 + 26, 917 TARGET_EF_R27 = TARGET_EF_R0 + 27, 918 TARGET_EF_LO = TARGET_EF_R0 + 32, 919 TARGET_EF_HI = TARGET_EF_R0 + 33, 920 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 921 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 922 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 923 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 924 }; 925 926 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 927 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 928 { 929 int i; 930 931 for (i = 0; i < TARGET_EF_R0; i++) { 932 (*regs)[i] = 0; 933 } 934 (*regs)[TARGET_EF_R0] = 0; 935 936 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 937 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 938 } 939 940 (*regs)[TARGET_EF_R26] = 0; 941 (*regs)[TARGET_EF_R27] = 0; 942 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 943 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 944 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 945 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 946 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 947 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 948 } 949 950 #define USE_ELF_CORE_DUMP 951 #define ELF_EXEC_PAGESIZE 4096 952 953 #endif /* TARGET_MIPS */ 954 955 #ifdef TARGET_MICROBLAZE 956 957 #define ELF_START_MMAP 0x80000000 958 959 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 960 961 #define ELF_CLASS ELFCLASS32 962 #define ELF_ARCH EM_MICROBLAZE 963 964 static inline void init_thread(struct target_pt_regs *regs, 965 struct image_info *infop) 966 { 967 regs->pc = infop->entry; 968 regs->r1 = infop->start_stack; 969 970 } 971 972 #define ELF_EXEC_PAGESIZE 4096 973 974 #define USE_ELF_CORE_DUMP 975 #define ELF_NREG 38 976 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 977 978 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 979 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 980 { 981 int i, pos = 0; 982 983 for (i = 0; i < 32; i++) { 984 (*regs)[pos++] = tswapreg(env->regs[i]); 985 } 986 987 for (i = 0; i < 6; i++) { 988 (*regs)[pos++] = tswapreg(env->sregs[i]); 989 } 990 } 991 992 #endif /* TARGET_MICROBLAZE */ 993 994 #ifdef TARGET_NIOS2 995 996 #define ELF_START_MMAP 0x80000000 997 998 #define elf_check_arch(x) ((x) == EM_ALTERA_NIOS2) 999 1000 #define ELF_CLASS ELFCLASS32 1001 #define ELF_ARCH EM_ALTERA_NIOS2 1002 1003 static void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1004 { 1005 regs->ea = infop->entry; 1006 regs->sp = infop->start_stack; 1007 regs->estatus = 0x3; 1008 } 1009 1010 #define ELF_EXEC_PAGESIZE 4096 1011 1012 #define USE_ELF_CORE_DUMP 1013 #define ELF_NREG 49 1014 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1015 1016 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1017 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1018 const CPUNios2State *env) 1019 { 1020 int i; 1021 1022 (*regs)[0] = -1; 1023 for (i = 1; i < 8; i++) /* r0-r7 */ 1024 (*regs)[i] = tswapreg(env->regs[i + 7]); 1025 1026 for (i = 8; i < 16; i++) /* r8-r15 */ 1027 (*regs)[i] = tswapreg(env->regs[i - 8]); 1028 1029 for (i = 16; i < 24; i++) /* r16-r23 */ 1030 (*regs)[i] = tswapreg(env->regs[i + 7]); 1031 (*regs)[24] = -1; /* R_ET */ 1032 (*regs)[25] = -1; /* R_BT */ 1033 (*regs)[26] = tswapreg(env->regs[R_GP]); 1034 (*regs)[27] = tswapreg(env->regs[R_SP]); 1035 (*regs)[28] = tswapreg(env->regs[R_FP]); 1036 (*regs)[29] = tswapreg(env->regs[R_EA]); 1037 (*regs)[30] = -1; /* R_SSTATUS */ 1038 (*regs)[31] = tswapreg(env->regs[R_RA]); 1039 1040 (*regs)[32] = tswapreg(env->regs[R_PC]); 1041 1042 (*regs)[33] = -1; /* R_STATUS */ 1043 (*regs)[34] = tswapreg(env->regs[CR_ESTATUS]); 1044 1045 for (i = 35; i < 49; i++) /* ... */ 1046 (*regs)[i] = -1; 1047 } 1048 1049 #endif /* TARGET_NIOS2 */ 1050 1051 #ifdef TARGET_OPENRISC 1052 1053 #define ELF_START_MMAP 0x08000000 1054 1055 #define ELF_ARCH EM_OPENRISC 1056 #define ELF_CLASS ELFCLASS32 1057 #define ELF_DATA ELFDATA2MSB 1058 1059 static inline void init_thread(struct target_pt_regs *regs, 1060 struct image_info *infop) 1061 { 1062 regs->pc = infop->entry; 1063 regs->gpr[1] = infop->start_stack; 1064 } 1065 1066 #define USE_ELF_CORE_DUMP 1067 #define ELF_EXEC_PAGESIZE 8192 1068 1069 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 1070 #define ELF_NREG 34 /* gprs and pc, sr */ 1071 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1072 1073 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1074 const CPUOpenRISCState *env) 1075 { 1076 int i; 1077 1078 for (i = 0; i < 32; i++) { 1079 (*regs)[i] = tswapreg(cpu_get_gpr(env, i)); 1080 } 1081 (*regs)[32] = tswapreg(env->pc); 1082 (*regs)[33] = tswapreg(cpu_get_sr(env)); 1083 } 1084 #define ELF_HWCAP 0 1085 #define ELF_PLATFORM NULL 1086 1087 #endif /* TARGET_OPENRISC */ 1088 1089 #ifdef TARGET_SH4 1090 1091 #define ELF_START_MMAP 0x80000000 1092 1093 #define ELF_CLASS ELFCLASS32 1094 #define ELF_ARCH EM_SH 1095 1096 static inline void init_thread(struct target_pt_regs *regs, 1097 struct image_info *infop) 1098 { 1099 /* Check other registers XXXXX */ 1100 regs->pc = infop->entry; 1101 regs->regs[15] = infop->start_stack; 1102 } 1103 1104 /* See linux kernel: arch/sh/include/asm/elf.h. */ 1105 #define ELF_NREG 23 1106 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1107 1108 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1109 enum { 1110 TARGET_REG_PC = 16, 1111 TARGET_REG_PR = 17, 1112 TARGET_REG_SR = 18, 1113 TARGET_REG_GBR = 19, 1114 TARGET_REG_MACH = 20, 1115 TARGET_REG_MACL = 21, 1116 TARGET_REG_SYSCALL = 22 1117 }; 1118 1119 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1120 const CPUSH4State *env) 1121 { 1122 int i; 1123 1124 for (i = 0; i < 16; i++) { 1125 (*regs)[i] = tswapreg(env->gregs[i]); 1126 } 1127 1128 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1129 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1130 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1131 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1132 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1133 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1134 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1135 } 1136 1137 #define USE_ELF_CORE_DUMP 1138 #define ELF_EXEC_PAGESIZE 4096 1139 1140 enum { 1141 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1142 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1143 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1144 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1145 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1146 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1147 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1148 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1149 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1150 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1151 }; 1152 1153 #define ELF_HWCAP get_elf_hwcap() 1154 1155 static uint32_t get_elf_hwcap(void) 1156 { 1157 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1158 uint32_t hwcap = 0; 1159 1160 hwcap |= SH_CPU_HAS_FPU; 1161 1162 if (cpu->env.features & SH_FEATURE_SH4A) { 1163 hwcap |= SH_CPU_HAS_LLSC; 1164 } 1165 1166 return hwcap; 1167 } 1168 1169 #endif 1170 1171 #ifdef TARGET_CRIS 1172 1173 #define ELF_START_MMAP 0x80000000 1174 1175 #define ELF_CLASS ELFCLASS32 1176 #define ELF_ARCH EM_CRIS 1177 1178 static inline void init_thread(struct target_pt_regs *regs, 1179 struct image_info *infop) 1180 { 1181 regs->erp = infop->entry; 1182 } 1183 1184 #define ELF_EXEC_PAGESIZE 8192 1185 1186 #endif 1187 1188 #ifdef TARGET_M68K 1189 1190 #define ELF_START_MMAP 0x80000000 1191 1192 #define ELF_CLASS ELFCLASS32 1193 #define ELF_ARCH EM_68K 1194 1195 /* ??? Does this need to do anything? 1196 #define ELF_PLAT_INIT(_r) */ 1197 1198 static inline void init_thread(struct target_pt_regs *regs, 1199 struct image_info *infop) 1200 { 1201 regs->usp = infop->start_stack; 1202 regs->sr = 0; 1203 regs->pc = infop->entry; 1204 } 1205 1206 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1207 #define ELF_NREG 20 1208 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1209 1210 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1211 { 1212 (*regs)[0] = tswapreg(env->dregs[1]); 1213 (*regs)[1] = tswapreg(env->dregs[2]); 1214 (*regs)[2] = tswapreg(env->dregs[3]); 1215 (*regs)[3] = tswapreg(env->dregs[4]); 1216 (*regs)[4] = tswapreg(env->dregs[5]); 1217 (*regs)[5] = tswapreg(env->dregs[6]); 1218 (*regs)[6] = tswapreg(env->dregs[7]); 1219 (*regs)[7] = tswapreg(env->aregs[0]); 1220 (*regs)[8] = tswapreg(env->aregs[1]); 1221 (*regs)[9] = tswapreg(env->aregs[2]); 1222 (*regs)[10] = tswapreg(env->aregs[3]); 1223 (*regs)[11] = tswapreg(env->aregs[4]); 1224 (*regs)[12] = tswapreg(env->aregs[5]); 1225 (*regs)[13] = tswapreg(env->aregs[6]); 1226 (*regs)[14] = tswapreg(env->dregs[0]); 1227 (*regs)[15] = tswapreg(env->aregs[7]); 1228 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1229 (*regs)[17] = tswapreg(env->sr); 1230 (*regs)[18] = tswapreg(env->pc); 1231 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1232 } 1233 1234 #define USE_ELF_CORE_DUMP 1235 #define ELF_EXEC_PAGESIZE 8192 1236 1237 #endif 1238 1239 #ifdef TARGET_ALPHA 1240 1241 #define ELF_START_MMAP (0x30000000000ULL) 1242 1243 #define ELF_CLASS ELFCLASS64 1244 #define ELF_ARCH EM_ALPHA 1245 1246 static inline void init_thread(struct target_pt_regs *regs, 1247 struct image_info *infop) 1248 { 1249 regs->pc = infop->entry; 1250 regs->ps = 8; 1251 regs->usp = infop->start_stack; 1252 } 1253 1254 #define ELF_EXEC_PAGESIZE 8192 1255 1256 #endif /* TARGET_ALPHA */ 1257 1258 #ifdef TARGET_S390X 1259 1260 #define ELF_START_MMAP (0x20000000000ULL) 1261 1262 #define ELF_CLASS ELFCLASS64 1263 #define ELF_DATA ELFDATA2MSB 1264 #define ELF_ARCH EM_S390 1265 1266 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1267 { 1268 regs->psw.addr = infop->entry; 1269 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1270 regs->gprs[15] = infop->start_stack; 1271 } 1272 1273 #endif /* TARGET_S390X */ 1274 1275 #ifdef TARGET_TILEGX 1276 1277 /* 42 bits real used address, a half for user mode */ 1278 #define ELF_START_MMAP (0x00000020000000000ULL) 1279 1280 #define elf_check_arch(x) ((x) == EM_TILEGX) 1281 1282 #define ELF_CLASS ELFCLASS64 1283 #define ELF_DATA ELFDATA2LSB 1284 #define ELF_ARCH EM_TILEGX 1285 1286 static inline void init_thread(struct target_pt_regs *regs, 1287 struct image_info *infop) 1288 { 1289 regs->pc = infop->entry; 1290 regs->sp = infop->start_stack; 1291 1292 } 1293 1294 #define ELF_EXEC_PAGESIZE 65536 /* TILE-Gx page size is 64KB */ 1295 1296 #endif /* TARGET_TILEGX */ 1297 1298 #ifdef TARGET_RISCV 1299 1300 #define ELF_START_MMAP 0x80000000 1301 #define ELF_ARCH EM_RISCV 1302 1303 #ifdef TARGET_RISCV32 1304 #define ELF_CLASS ELFCLASS32 1305 #else 1306 #define ELF_CLASS ELFCLASS64 1307 #endif 1308 1309 static inline void init_thread(struct target_pt_regs *regs, 1310 struct image_info *infop) 1311 { 1312 regs->sepc = infop->entry; 1313 regs->sp = infop->start_stack; 1314 } 1315 1316 #define ELF_EXEC_PAGESIZE 4096 1317 1318 #endif /* TARGET_RISCV */ 1319 1320 #ifdef TARGET_HPPA 1321 1322 #define ELF_START_MMAP 0x80000000 1323 #define ELF_CLASS ELFCLASS32 1324 #define ELF_ARCH EM_PARISC 1325 #define ELF_PLATFORM "PARISC" 1326 #define STACK_GROWS_DOWN 0 1327 #define STACK_ALIGNMENT 64 1328 1329 static inline void init_thread(struct target_pt_regs *regs, 1330 struct image_info *infop) 1331 { 1332 regs->iaoq[0] = infop->entry; 1333 regs->iaoq[1] = infop->entry + 4; 1334 regs->gr[23] = 0; 1335 regs->gr[24] = infop->arg_start; 1336 regs->gr[25] = (infop->arg_end - infop->arg_start) / sizeof(abi_ulong); 1337 /* The top-of-stack contains a linkage buffer. */ 1338 regs->gr[30] = infop->start_stack + 64; 1339 regs->gr[31] = infop->entry; 1340 } 1341 1342 #endif /* TARGET_HPPA */ 1343 1344 #ifndef ELF_PLATFORM 1345 #define ELF_PLATFORM (NULL) 1346 #endif 1347 1348 #ifndef ELF_MACHINE 1349 #define ELF_MACHINE ELF_ARCH 1350 #endif 1351 1352 #ifndef elf_check_arch 1353 #define elf_check_arch(x) ((x) == ELF_ARCH) 1354 #endif 1355 1356 #ifndef ELF_HWCAP 1357 #define ELF_HWCAP 0 1358 #endif 1359 1360 #ifndef STACK_GROWS_DOWN 1361 #define STACK_GROWS_DOWN 1 1362 #endif 1363 1364 #ifndef STACK_ALIGNMENT 1365 #define STACK_ALIGNMENT 16 1366 #endif 1367 1368 #ifdef TARGET_ABI32 1369 #undef ELF_CLASS 1370 #define ELF_CLASS ELFCLASS32 1371 #undef bswaptls 1372 #define bswaptls(ptr) bswap32s(ptr) 1373 #endif 1374 1375 #include "elf.h" 1376 1377 struct exec 1378 { 1379 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1380 unsigned int a_text; /* length of text, in bytes */ 1381 unsigned int a_data; /* length of data, in bytes */ 1382 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1383 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1384 unsigned int a_entry; /* start address */ 1385 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1386 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1387 }; 1388 1389 1390 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1391 #define OMAGIC 0407 1392 #define NMAGIC 0410 1393 #define ZMAGIC 0413 1394 #define QMAGIC 0314 1395 1396 /* Necessary parameters */ 1397 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE 1398 #define TARGET_ELF_PAGESTART(_v) ((_v) & \ 1399 ~(abi_ulong)(TARGET_ELF_EXEC_PAGESIZE-1)) 1400 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1401 1402 #define DLINFO_ITEMS 15 1403 1404 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1405 { 1406 memcpy(to, from, n); 1407 } 1408 1409 #ifdef BSWAP_NEEDED 1410 static void bswap_ehdr(struct elfhdr *ehdr) 1411 { 1412 bswap16s(&ehdr->e_type); /* Object file type */ 1413 bswap16s(&ehdr->e_machine); /* Architecture */ 1414 bswap32s(&ehdr->e_version); /* Object file version */ 1415 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1416 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1417 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1418 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1419 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1420 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1421 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1422 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1423 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1424 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1425 } 1426 1427 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1428 { 1429 int i; 1430 for (i = 0; i < phnum; ++i, ++phdr) { 1431 bswap32s(&phdr->p_type); /* Segment type */ 1432 bswap32s(&phdr->p_flags); /* Segment flags */ 1433 bswaptls(&phdr->p_offset); /* Segment file offset */ 1434 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1435 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1436 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1437 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1438 bswaptls(&phdr->p_align); /* Segment alignment */ 1439 } 1440 } 1441 1442 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1443 { 1444 int i; 1445 for (i = 0; i < shnum; ++i, ++shdr) { 1446 bswap32s(&shdr->sh_name); 1447 bswap32s(&shdr->sh_type); 1448 bswaptls(&shdr->sh_flags); 1449 bswaptls(&shdr->sh_addr); 1450 bswaptls(&shdr->sh_offset); 1451 bswaptls(&shdr->sh_size); 1452 bswap32s(&shdr->sh_link); 1453 bswap32s(&shdr->sh_info); 1454 bswaptls(&shdr->sh_addralign); 1455 bswaptls(&shdr->sh_entsize); 1456 } 1457 } 1458 1459 static void bswap_sym(struct elf_sym *sym) 1460 { 1461 bswap32s(&sym->st_name); 1462 bswaptls(&sym->st_value); 1463 bswaptls(&sym->st_size); 1464 bswap16s(&sym->st_shndx); 1465 } 1466 #else 1467 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1468 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1469 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1470 static inline void bswap_sym(struct elf_sym *sym) { } 1471 #endif 1472 1473 #ifdef USE_ELF_CORE_DUMP 1474 static int elf_core_dump(int, const CPUArchState *); 1475 #endif /* USE_ELF_CORE_DUMP */ 1476 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1477 1478 /* Verify the portions of EHDR within E_IDENT for the target. 1479 This can be performed before bswapping the entire header. */ 1480 static bool elf_check_ident(struct elfhdr *ehdr) 1481 { 1482 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1483 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1484 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1485 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1486 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1487 && ehdr->e_ident[EI_DATA] == ELF_DATA 1488 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1489 } 1490 1491 /* Verify the portions of EHDR outside of E_IDENT for the target. 1492 This has to wait until after bswapping the header. */ 1493 static bool elf_check_ehdr(struct elfhdr *ehdr) 1494 { 1495 return (elf_check_arch(ehdr->e_machine) 1496 && ehdr->e_ehsize == sizeof(struct elfhdr) 1497 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1498 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1499 } 1500 1501 /* 1502 * 'copy_elf_strings()' copies argument/envelope strings from user 1503 * memory to free pages in kernel mem. These are in a format ready 1504 * to be put directly into the top of new user memory. 1505 * 1506 */ 1507 static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 1508 abi_ulong p, abi_ulong stack_limit) 1509 { 1510 char *tmp; 1511 int len, i; 1512 abi_ulong top = p; 1513 1514 if (!p) { 1515 return 0; /* bullet-proofing */ 1516 } 1517 1518 if (STACK_GROWS_DOWN) { 1519 int offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 1520 for (i = argc - 1; i >= 0; --i) { 1521 tmp = argv[i]; 1522 if (!tmp) { 1523 fprintf(stderr, "VFS: argc is wrong"); 1524 exit(-1); 1525 } 1526 len = strlen(tmp) + 1; 1527 tmp += len; 1528 1529 if (len > (p - stack_limit)) { 1530 return 0; 1531 } 1532 while (len) { 1533 int bytes_to_copy = (len > offset) ? offset : len; 1534 tmp -= bytes_to_copy; 1535 p -= bytes_to_copy; 1536 offset -= bytes_to_copy; 1537 len -= bytes_to_copy; 1538 1539 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 1540 1541 if (offset == 0) { 1542 memcpy_to_target(p, scratch, top - p); 1543 top = p; 1544 offset = TARGET_PAGE_SIZE; 1545 } 1546 } 1547 } 1548 if (p != top) { 1549 memcpy_to_target(p, scratch + offset, top - p); 1550 } 1551 } else { 1552 int remaining = TARGET_PAGE_SIZE - (p % TARGET_PAGE_SIZE); 1553 for (i = 0; i < argc; ++i) { 1554 tmp = argv[i]; 1555 if (!tmp) { 1556 fprintf(stderr, "VFS: argc is wrong"); 1557 exit(-1); 1558 } 1559 len = strlen(tmp) + 1; 1560 if (len > (stack_limit - p)) { 1561 return 0; 1562 } 1563 while (len) { 1564 int bytes_to_copy = (len > remaining) ? remaining : len; 1565 1566 memcpy_fromfs(scratch + (p - top), tmp, bytes_to_copy); 1567 1568 tmp += bytes_to_copy; 1569 remaining -= bytes_to_copy; 1570 p += bytes_to_copy; 1571 len -= bytes_to_copy; 1572 1573 if (remaining == 0) { 1574 memcpy_to_target(top, scratch, p - top); 1575 top = p; 1576 remaining = TARGET_PAGE_SIZE; 1577 } 1578 } 1579 } 1580 if (p != top) { 1581 memcpy_to_target(top, scratch, p - top); 1582 } 1583 } 1584 1585 return p; 1586 } 1587 1588 /* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 1589 * argument/environment space. Newer kernels (>2.6.33) allow more, 1590 * dependent on stack size, but guarantee at least 32 pages for 1591 * backwards compatibility. 1592 */ 1593 #define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 1594 1595 static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 1596 struct image_info *info) 1597 { 1598 abi_ulong size, error, guard; 1599 1600 size = guest_stack_size; 1601 if (size < STACK_LOWER_LIMIT) { 1602 size = STACK_LOWER_LIMIT; 1603 } 1604 guard = TARGET_PAGE_SIZE; 1605 if (guard < qemu_real_host_page_size) { 1606 guard = qemu_real_host_page_size; 1607 } 1608 1609 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1610 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1611 if (error == -1) { 1612 perror("mmap stack"); 1613 exit(-1); 1614 } 1615 1616 /* We reserve one extra page at the top of the stack as guard. */ 1617 if (STACK_GROWS_DOWN) { 1618 target_mprotect(error, guard, PROT_NONE); 1619 info->stack_limit = error + guard; 1620 return info->stack_limit + size - sizeof(void *); 1621 } else { 1622 target_mprotect(error + size, guard, PROT_NONE); 1623 info->stack_limit = error + size; 1624 return error; 1625 } 1626 } 1627 1628 /* Map and zero the bss. We need to explicitly zero any fractional pages 1629 after the data section (i.e. bss). */ 1630 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1631 { 1632 uintptr_t host_start, host_map_start, host_end; 1633 1634 last_bss = TARGET_PAGE_ALIGN(last_bss); 1635 1636 /* ??? There is confusion between qemu_real_host_page_size and 1637 qemu_host_page_size here and elsewhere in target_mmap, which 1638 may lead to the end of the data section mapping from the file 1639 not being mapped. At least there was an explicit test and 1640 comment for that here, suggesting that "the file size must 1641 be known". The comment probably pre-dates the introduction 1642 of the fstat system call in target_mmap which does in fact 1643 find out the size. What isn't clear is if the workaround 1644 here is still actually needed. For now, continue with it, 1645 but merge it with the "normal" mmap that would allocate the bss. */ 1646 1647 host_start = (uintptr_t) g2h(elf_bss); 1648 host_end = (uintptr_t) g2h(last_bss); 1649 host_map_start = REAL_HOST_PAGE_ALIGN(host_start); 1650 1651 if (host_map_start < host_end) { 1652 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1653 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1654 if (p == MAP_FAILED) { 1655 perror("cannot mmap brk"); 1656 exit(-1); 1657 } 1658 } 1659 1660 /* Ensure that the bss page(s) are valid */ 1661 if ((page_get_flags(last_bss-1) & prot) != prot) { 1662 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot | PAGE_VALID); 1663 } 1664 1665 if (host_start < host_map_start) { 1666 memset((void *)host_start, 0, host_map_start - host_start); 1667 } 1668 } 1669 1670 #ifdef CONFIG_USE_FDPIC 1671 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1672 { 1673 uint16_t n; 1674 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1675 1676 /* elf32_fdpic_loadseg */ 1677 n = info->nsegs; 1678 while (n--) { 1679 sp -= 12; 1680 put_user_u32(loadsegs[n].addr, sp+0); 1681 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1682 put_user_u32(loadsegs[n].p_memsz, sp+8); 1683 } 1684 1685 /* elf32_fdpic_loadmap */ 1686 sp -= 4; 1687 put_user_u16(0, sp+0); /* version */ 1688 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1689 1690 info->personality = PER_LINUX_FDPIC; 1691 info->loadmap_addr = sp; 1692 1693 return sp; 1694 } 1695 #endif 1696 1697 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1698 struct elfhdr *exec, 1699 struct image_info *info, 1700 struct image_info *interp_info) 1701 { 1702 abi_ulong sp; 1703 abi_ulong u_argc, u_argv, u_envp, u_auxv; 1704 int size; 1705 int i; 1706 abi_ulong u_rand_bytes; 1707 uint8_t k_rand_bytes[16]; 1708 abi_ulong u_platform; 1709 const char *k_platform; 1710 const int n = sizeof(elf_addr_t); 1711 1712 sp = p; 1713 1714 #ifdef CONFIG_USE_FDPIC 1715 /* Needs to be before we load the env/argc/... */ 1716 if (elf_is_fdpic(exec)) { 1717 /* Need 4 byte alignment for these structs */ 1718 sp &= ~3; 1719 sp = loader_build_fdpic_loadmap(info, sp); 1720 info->other_info = interp_info; 1721 if (interp_info) { 1722 interp_info->other_info = info; 1723 sp = loader_build_fdpic_loadmap(interp_info, sp); 1724 } 1725 } 1726 #endif 1727 1728 u_platform = 0; 1729 k_platform = ELF_PLATFORM; 1730 if (k_platform) { 1731 size_t len = strlen(k_platform) + 1; 1732 if (STACK_GROWS_DOWN) { 1733 sp -= (len + n - 1) & ~(n - 1); 1734 u_platform = sp; 1735 /* FIXME - check return value of memcpy_to_target() for failure */ 1736 memcpy_to_target(sp, k_platform, len); 1737 } else { 1738 memcpy_to_target(sp, k_platform, len); 1739 u_platform = sp; 1740 sp += len + 1; 1741 } 1742 } 1743 1744 /* Provide 16 byte alignment for the PRNG, and basic alignment for 1745 * the argv and envp pointers. 1746 */ 1747 if (STACK_GROWS_DOWN) { 1748 sp = QEMU_ALIGN_DOWN(sp, 16); 1749 } else { 1750 sp = QEMU_ALIGN_UP(sp, 16); 1751 } 1752 1753 /* 1754 * Generate 16 random bytes for userspace PRNG seeding (not 1755 * cryptically secure but it's not the aim of QEMU). 1756 */ 1757 for (i = 0; i < 16; i++) { 1758 k_rand_bytes[i] = rand(); 1759 } 1760 if (STACK_GROWS_DOWN) { 1761 sp -= 16; 1762 u_rand_bytes = sp; 1763 /* FIXME - check return value of memcpy_to_target() for failure */ 1764 memcpy_to_target(sp, k_rand_bytes, 16); 1765 } else { 1766 memcpy_to_target(sp, k_rand_bytes, 16); 1767 u_rand_bytes = sp; 1768 sp += 16; 1769 } 1770 1771 size = (DLINFO_ITEMS + 1) * 2; 1772 if (k_platform) 1773 size += 2; 1774 #ifdef DLINFO_ARCH_ITEMS 1775 size += DLINFO_ARCH_ITEMS * 2; 1776 #endif 1777 #ifdef ELF_HWCAP2 1778 size += 2; 1779 #endif 1780 info->auxv_len = size * n; 1781 1782 size += envc + argc + 2; 1783 size += 1; /* argc itself */ 1784 size *= n; 1785 1786 /* Allocate space and finalize stack alignment for entry now. */ 1787 if (STACK_GROWS_DOWN) { 1788 u_argc = QEMU_ALIGN_DOWN(sp - size, STACK_ALIGNMENT); 1789 sp = u_argc; 1790 } else { 1791 u_argc = sp; 1792 sp = QEMU_ALIGN_UP(sp + size, STACK_ALIGNMENT); 1793 } 1794 1795 u_argv = u_argc + n; 1796 u_envp = u_argv + (argc + 1) * n; 1797 u_auxv = u_envp + (envc + 1) * n; 1798 info->saved_auxv = u_auxv; 1799 info->arg_start = u_argv; 1800 info->arg_end = u_argv + argc * n; 1801 1802 /* This is correct because Linux defines 1803 * elf_addr_t as Elf32_Off / Elf64_Off 1804 */ 1805 #define NEW_AUX_ENT(id, val) do { \ 1806 put_user_ual(id, u_auxv); u_auxv += n; \ 1807 put_user_ual(val, u_auxv); u_auxv += n; \ 1808 } while(0) 1809 1810 #ifdef ARCH_DLINFO 1811 /* 1812 * ARCH_DLINFO must come first so platform specific code can enforce 1813 * special alignment requirements on the AUXV if necessary (eg. PPC). 1814 */ 1815 ARCH_DLINFO; 1816 #endif 1817 /* There must be exactly DLINFO_ITEMS entries here, or the assert 1818 * on info->auxv_len will trigger. 1819 */ 1820 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1821 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1822 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1823 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(MAX(TARGET_PAGE_SIZE, getpagesize()))); 1824 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1825 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1826 NEW_AUX_ENT(AT_ENTRY, info->entry); 1827 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1828 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1829 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1830 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1831 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1832 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1833 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 1834 NEW_AUX_ENT(AT_SECURE, (abi_ulong) qemu_getauxval(AT_SECURE)); 1835 1836 #ifdef ELF_HWCAP2 1837 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 1838 #endif 1839 1840 if (u_platform) { 1841 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1842 } 1843 NEW_AUX_ENT (AT_NULL, 0); 1844 #undef NEW_AUX_ENT 1845 1846 /* Check that our initial calculation of the auxv length matches how much 1847 * we actually put into it. 1848 */ 1849 assert(info->auxv_len == u_auxv - info->saved_auxv); 1850 1851 put_user_ual(argc, u_argc); 1852 1853 p = info->arg_strings; 1854 for (i = 0; i < argc; ++i) { 1855 put_user_ual(p, u_argv); 1856 u_argv += n; 1857 p += target_strlen(p) + 1; 1858 } 1859 put_user_ual(0, u_argv); 1860 1861 p = info->env_strings; 1862 for (i = 0; i < envc; ++i) { 1863 put_user_ual(p, u_envp); 1864 u_envp += n; 1865 p += target_strlen(p) + 1; 1866 } 1867 put_user_ual(0, u_envp); 1868 1869 return sp; 1870 } 1871 1872 #ifndef TARGET_HAS_VALIDATE_GUEST_SPACE 1873 /* If the guest doesn't have a validation function just agree */ 1874 static int validate_guest_space(unsigned long guest_base, 1875 unsigned long guest_size) 1876 { 1877 return 1; 1878 } 1879 #endif 1880 1881 unsigned long init_guest_space(unsigned long host_start, 1882 unsigned long host_size, 1883 unsigned long guest_start, 1884 bool fixed) 1885 { 1886 unsigned long current_start, real_start; 1887 int flags; 1888 1889 assert(host_start || host_size); 1890 1891 /* If just a starting address is given, then just verify that 1892 * address. */ 1893 if (host_start && !host_size) { 1894 if (validate_guest_space(host_start, host_size) == 1) { 1895 return host_start; 1896 } else { 1897 return (unsigned long)-1; 1898 } 1899 } 1900 1901 /* Setup the initial flags and start address. */ 1902 current_start = host_start & qemu_host_page_mask; 1903 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 1904 if (fixed) { 1905 flags |= MAP_FIXED; 1906 } 1907 1908 /* Otherwise, a non-zero size region of memory needs to be mapped 1909 * and validated. */ 1910 while (1) { 1911 unsigned long real_size = host_size; 1912 1913 /* Do not use mmap_find_vma here because that is limited to the 1914 * guest address space. We are going to make the 1915 * guest address space fit whatever we're given. 1916 */ 1917 real_start = (unsigned long) 1918 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0); 1919 if (real_start == (unsigned long)-1) { 1920 return (unsigned long)-1; 1921 } 1922 1923 /* Ensure the address is properly aligned. */ 1924 if (real_start & ~qemu_host_page_mask) { 1925 munmap((void *)real_start, host_size); 1926 real_size = host_size + qemu_host_page_size; 1927 real_start = (unsigned long) 1928 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0); 1929 if (real_start == (unsigned long)-1) { 1930 return (unsigned long)-1; 1931 } 1932 real_start = HOST_PAGE_ALIGN(real_start); 1933 } 1934 1935 /* Check to see if the address is valid. */ 1936 if (!host_start || real_start == current_start) { 1937 int valid = validate_guest_space(real_start - guest_start, 1938 real_size); 1939 if (valid == 1) { 1940 break; 1941 } else if (valid == -1) { 1942 return (unsigned long)-1; 1943 } 1944 /* valid == 0, so try again. */ 1945 } 1946 1947 /* That address didn't work. Unmap and try a different one. 1948 * The address the host picked because is typically right at 1949 * the top of the host address space and leaves the guest with 1950 * no usable address space. Resort to a linear search. We 1951 * already compensated for mmap_min_addr, so this should not 1952 * happen often. Probably means we got unlucky and host 1953 * address space randomization put a shared library somewhere 1954 * inconvenient. 1955 */ 1956 munmap((void *)real_start, host_size); 1957 current_start += qemu_host_page_size; 1958 if (host_start == current_start) { 1959 /* Theoretically possible if host doesn't have any suitably 1960 * aligned areas. Normally the first mmap will fail. 1961 */ 1962 return (unsigned long)-1; 1963 } 1964 } 1965 1966 qemu_log_mask(CPU_LOG_PAGE, "Reserved 0x%lx bytes of guest address space\n", host_size); 1967 1968 return real_start; 1969 } 1970 1971 static void probe_guest_base(const char *image_name, 1972 abi_ulong loaddr, abi_ulong hiaddr) 1973 { 1974 /* Probe for a suitable guest base address, if the user has not set 1975 * it explicitly, and set guest_base appropriately. 1976 * In case of error we will print a suitable message and exit. 1977 */ 1978 const char *errmsg; 1979 if (!have_guest_base && !reserved_va) { 1980 unsigned long host_start, real_start, host_size; 1981 1982 /* Round addresses to page boundaries. */ 1983 loaddr &= qemu_host_page_mask; 1984 hiaddr = HOST_PAGE_ALIGN(hiaddr); 1985 1986 if (loaddr < mmap_min_addr) { 1987 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 1988 } else { 1989 host_start = loaddr; 1990 if (host_start != loaddr) { 1991 errmsg = "Address overflow loading ELF binary"; 1992 goto exit_errmsg; 1993 } 1994 } 1995 host_size = hiaddr - loaddr; 1996 1997 /* Setup the initial guest memory space with ranges gleaned from 1998 * the ELF image that is being loaded. 1999 */ 2000 real_start = init_guest_space(host_start, host_size, loaddr, false); 2001 if (real_start == (unsigned long)-1) { 2002 errmsg = "Unable to find space for application"; 2003 goto exit_errmsg; 2004 } 2005 guest_base = real_start - loaddr; 2006 2007 qemu_log_mask(CPU_LOG_PAGE, "Relocating guest address space from 0x" 2008 TARGET_ABI_FMT_lx " to 0x%lx\n", 2009 loaddr, real_start); 2010 } 2011 return; 2012 2013 exit_errmsg: 2014 fprintf(stderr, "%s: %s\n", image_name, errmsg); 2015 exit(-1); 2016 } 2017 2018 2019 /* Load an ELF image into the address space. 2020 2021 IMAGE_NAME is the filename of the image, to use in error messages. 2022 IMAGE_FD is the open file descriptor for the image. 2023 2024 BPRM_BUF is a copy of the beginning of the file; this of course 2025 contains the elf file header at offset 0. It is assumed that this 2026 buffer is sufficiently aligned to present no problems to the host 2027 in accessing data at aligned offsets within the buffer. 2028 2029 On return: INFO values will be filled in, as necessary or available. */ 2030 2031 static void load_elf_image(const char *image_name, int image_fd, 2032 struct image_info *info, char **pinterp_name, 2033 char bprm_buf[BPRM_BUF_SIZE]) 2034 { 2035 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 2036 struct elf_phdr *phdr; 2037 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 2038 int i, retval; 2039 const char *errmsg; 2040 2041 /* First of all, some simple consistency checks */ 2042 errmsg = "Invalid ELF image for this architecture"; 2043 if (!elf_check_ident(ehdr)) { 2044 goto exit_errmsg; 2045 } 2046 bswap_ehdr(ehdr); 2047 if (!elf_check_ehdr(ehdr)) { 2048 goto exit_errmsg; 2049 } 2050 2051 i = ehdr->e_phnum * sizeof(struct elf_phdr); 2052 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 2053 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 2054 } else { 2055 phdr = (struct elf_phdr *) alloca(i); 2056 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 2057 if (retval != i) { 2058 goto exit_read; 2059 } 2060 } 2061 bswap_phdr(phdr, ehdr->e_phnum); 2062 2063 #ifdef CONFIG_USE_FDPIC 2064 info->nsegs = 0; 2065 info->pt_dynamic_addr = 0; 2066 #endif 2067 2068 mmap_lock(); 2069 2070 /* Find the maximum size of the image and allocate an appropriate 2071 amount of memory to handle that. */ 2072 loaddr = -1, hiaddr = 0; 2073 for (i = 0; i < ehdr->e_phnum; ++i) { 2074 if (phdr[i].p_type == PT_LOAD) { 2075 abi_ulong a = phdr[i].p_vaddr - phdr[i].p_offset; 2076 if (a < loaddr) { 2077 loaddr = a; 2078 } 2079 a = phdr[i].p_vaddr + phdr[i].p_memsz; 2080 if (a > hiaddr) { 2081 hiaddr = a; 2082 } 2083 #ifdef CONFIG_USE_FDPIC 2084 ++info->nsegs; 2085 #endif 2086 } 2087 } 2088 2089 load_addr = loaddr; 2090 if (ehdr->e_type == ET_DYN) { 2091 /* The image indicates that it can be loaded anywhere. Find a 2092 location that can hold the memory space required. If the 2093 image is pre-linked, LOADDR will be non-zero. Since we do 2094 not supply MAP_FIXED here we'll use that address if and 2095 only if it remains available. */ 2096 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 2097 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 2098 -1, 0); 2099 if (load_addr == -1) { 2100 goto exit_perror; 2101 } 2102 } else if (pinterp_name != NULL) { 2103 /* This is the main executable. Make sure that the low 2104 address does not conflict with MMAP_MIN_ADDR or the 2105 QEMU application itself. */ 2106 probe_guest_base(image_name, loaddr, hiaddr); 2107 } 2108 load_bias = load_addr - loaddr; 2109 2110 #ifdef CONFIG_USE_FDPIC 2111 { 2112 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 2113 g_malloc(sizeof(*loadsegs) * info->nsegs); 2114 2115 for (i = 0; i < ehdr->e_phnum; ++i) { 2116 switch (phdr[i].p_type) { 2117 case PT_DYNAMIC: 2118 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 2119 break; 2120 case PT_LOAD: 2121 loadsegs->addr = phdr[i].p_vaddr + load_bias; 2122 loadsegs->p_vaddr = phdr[i].p_vaddr; 2123 loadsegs->p_memsz = phdr[i].p_memsz; 2124 ++loadsegs; 2125 break; 2126 } 2127 } 2128 } 2129 #endif 2130 2131 info->load_bias = load_bias; 2132 info->load_addr = load_addr; 2133 info->entry = ehdr->e_entry + load_bias; 2134 info->start_code = -1; 2135 info->end_code = 0; 2136 info->start_data = -1; 2137 info->end_data = 0; 2138 info->brk = 0; 2139 info->elf_flags = ehdr->e_flags; 2140 2141 for (i = 0; i < ehdr->e_phnum; i++) { 2142 struct elf_phdr *eppnt = phdr + i; 2143 if (eppnt->p_type == PT_LOAD) { 2144 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 2145 int elf_prot = 0; 2146 2147 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 2148 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 2149 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 2150 2151 vaddr = load_bias + eppnt->p_vaddr; 2152 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 2153 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 2154 2155 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 2156 elf_prot, MAP_PRIVATE | MAP_FIXED, 2157 image_fd, eppnt->p_offset - vaddr_po); 2158 if (error == -1) { 2159 goto exit_perror; 2160 } 2161 2162 vaddr_ef = vaddr + eppnt->p_filesz; 2163 vaddr_em = vaddr + eppnt->p_memsz; 2164 2165 /* If the load segment requests extra zeros (e.g. bss), map it. */ 2166 if (vaddr_ef < vaddr_em) { 2167 zero_bss(vaddr_ef, vaddr_em, elf_prot); 2168 } 2169 2170 /* Find the full program boundaries. */ 2171 if (elf_prot & PROT_EXEC) { 2172 if (vaddr < info->start_code) { 2173 info->start_code = vaddr; 2174 } 2175 if (vaddr_ef > info->end_code) { 2176 info->end_code = vaddr_ef; 2177 } 2178 } 2179 if (elf_prot & PROT_WRITE) { 2180 if (vaddr < info->start_data) { 2181 info->start_data = vaddr; 2182 } 2183 if (vaddr_ef > info->end_data) { 2184 info->end_data = vaddr_ef; 2185 } 2186 if (vaddr_em > info->brk) { 2187 info->brk = vaddr_em; 2188 } 2189 } 2190 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 2191 char *interp_name; 2192 2193 if (*pinterp_name) { 2194 errmsg = "Multiple PT_INTERP entries"; 2195 goto exit_errmsg; 2196 } 2197 interp_name = malloc(eppnt->p_filesz); 2198 if (!interp_name) { 2199 goto exit_perror; 2200 } 2201 2202 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2203 memcpy(interp_name, bprm_buf + eppnt->p_offset, 2204 eppnt->p_filesz); 2205 } else { 2206 retval = pread(image_fd, interp_name, eppnt->p_filesz, 2207 eppnt->p_offset); 2208 if (retval != eppnt->p_filesz) { 2209 goto exit_perror; 2210 } 2211 } 2212 if (interp_name[eppnt->p_filesz - 1] != 0) { 2213 errmsg = "Invalid PT_INTERP entry"; 2214 goto exit_errmsg; 2215 } 2216 *pinterp_name = interp_name; 2217 } 2218 } 2219 2220 if (info->end_data == 0) { 2221 info->start_data = info->end_code; 2222 info->end_data = info->end_code; 2223 info->brk = info->end_code; 2224 } 2225 2226 if (qemu_log_enabled()) { 2227 load_symbols(ehdr, image_fd, load_bias); 2228 } 2229 2230 mmap_unlock(); 2231 2232 close(image_fd); 2233 return; 2234 2235 exit_read: 2236 if (retval >= 0) { 2237 errmsg = "Incomplete read of file header"; 2238 goto exit_errmsg; 2239 } 2240 exit_perror: 2241 errmsg = strerror(errno); 2242 exit_errmsg: 2243 fprintf(stderr, "%s: %s\n", image_name, errmsg); 2244 exit(-1); 2245 } 2246 2247 static void load_elf_interp(const char *filename, struct image_info *info, 2248 char bprm_buf[BPRM_BUF_SIZE]) 2249 { 2250 int fd, retval; 2251 2252 fd = open(path(filename), O_RDONLY); 2253 if (fd < 0) { 2254 goto exit_perror; 2255 } 2256 2257 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 2258 if (retval < 0) { 2259 goto exit_perror; 2260 } 2261 if (retval < BPRM_BUF_SIZE) { 2262 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 2263 } 2264 2265 load_elf_image(filename, fd, info, NULL, bprm_buf); 2266 return; 2267 2268 exit_perror: 2269 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 2270 exit(-1); 2271 } 2272 2273 static int symfind(const void *s0, const void *s1) 2274 { 2275 target_ulong addr = *(target_ulong *)s0; 2276 struct elf_sym *sym = (struct elf_sym *)s1; 2277 int result = 0; 2278 if (addr < sym->st_value) { 2279 result = -1; 2280 } else if (addr >= sym->st_value + sym->st_size) { 2281 result = 1; 2282 } 2283 return result; 2284 } 2285 2286 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 2287 { 2288 #if ELF_CLASS == ELFCLASS32 2289 struct elf_sym *syms = s->disas_symtab.elf32; 2290 #else 2291 struct elf_sym *syms = s->disas_symtab.elf64; 2292 #endif 2293 2294 // binary search 2295 struct elf_sym *sym; 2296 2297 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 2298 if (sym != NULL) { 2299 return s->disas_strtab + sym->st_name; 2300 } 2301 2302 return ""; 2303 } 2304 2305 /* FIXME: This should use elf_ops.h */ 2306 static int symcmp(const void *s0, const void *s1) 2307 { 2308 struct elf_sym *sym0 = (struct elf_sym *)s0; 2309 struct elf_sym *sym1 = (struct elf_sym *)s1; 2310 return (sym0->st_value < sym1->st_value) 2311 ? -1 2312 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 2313 } 2314 2315 /* Best attempt to load symbols from this ELF object. */ 2316 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 2317 { 2318 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 2319 uint64_t segsz; 2320 struct elf_shdr *shdr; 2321 char *strings = NULL; 2322 struct syminfo *s = NULL; 2323 struct elf_sym *new_syms, *syms = NULL; 2324 2325 shnum = hdr->e_shnum; 2326 i = shnum * sizeof(struct elf_shdr); 2327 shdr = (struct elf_shdr *)alloca(i); 2328 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 2329 return; 2330 } 2331 2332 bswap_shdr(shdr, shnum); 2333 for (i = 0; i < shnum; ++i) { 2334 if (shdr[i].sh_type == SHT_SYMTAB) { 2335 sym_idx = i; 2336 str_idx = shdr[i].sh_link; 2337 goto found; 2338 } 2339 } 2340 2341 /* There will be no symbol table if the file was stripped. */ 2342 return; 2343 2344 found: 2345 /* Now know where the strtab and symtab are. Snarf them. */ 2346 s = g_try_new(struct syminfo, 1); 2347 if (!s) { 2348 goto give_up; 2349 } 2350 2351 segsz = shdr[str_idx].sh_size; 2352 s->disas_strtab = strings = g_try_malloc(segsz); 2353 if (!strings || 2354 pread(fd, strings, segsz, shdr[str_idx].sh_offset) != segsz) { 2355 goto give_up; 2356 } 2357 2358 segsz = shdr[sym_idx].sh_size; 2359 syms = g_try_malloc(segsz); 2360 if (!syms || pread(fd, syms, segsz, shdr[sym_idx].sh_offset) != segsz) { 2361 goto give_up; 2362 } 2363 2364 if (segsz / sizeof(struct elf_sym) > INT_MAX) { 2365 /* Implausibly large symbol table: give up rather than ploughing 2366 * on with the number of symbols calculation overflowing 2367 */ 2368 goto give_up; 2369 } 2370 nsyms = segsz / sizeof(struct elf_sym); 2371 for (i = 0; i < nsyms; ) { 2372 bswap_sym(syms + i); 2373 /* Throw away entries which we do not need. */ 2374 if (syms[i].st_shndx == SHN_UNDEF 2375 || syms[i].st_shndx >= SHN_LORESERVE 2376 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 2377 if (i < --nsyms) { 2378 syms[i] = syms[nsyms]; 2379 } 2380 } else { 2381 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 2382 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 2383 syms[i].st_value &= ~(target_ulong)1; 2384 #endif 2385 syms[i].st_value += load_bias; 2386 i++; 2387 } 2388 } 2389 2390 /* No "useful" symbol. */ 2391 if (nsyms == 0) { 2392 goto give_up; 2393 } 2394 2395 /* Attempt to free the storage associated with the local symbols 2396 that we threw away. Whether or not this has any effect on the 2397 memory allocation depends on the malloc implementation and how 2398 many symbols we managed to discard. */ 2399 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 2400 if (new_syms == NULL) { 2401 goto give_up; 2402 } 2403 syms = new_syms; 2404 2405 qsort(syms, nsyms, sizeof(*syms), symcmp); 2406 2407 s->disas_num_syms = nsyms; 2408 #if ELF_CLASS == ELFCLASS32 2409 s->disas_symtab.elf32 = syms; 2410 #else 2411 s->disas_symtab.elf64 = syms; 2412 #endif 2413 s->lookup_symbol = lookup_symbolxx; 2414 s->next = syminfos; 2415 syminfos = s; 2416 2417 return; 2418 2419 give_up: 2420 g_free(s); 2421 g_free(strings); 2422 g_free(syms); 2423 } 2424 2425 uint32_t get_elf_eflags(int fd) 2426 { 2427 struct elfhdr ehdr; 2428 off_t offset; 2429 int ret; 2430 2431 /* Read ELF header */ 2432 offset = lseek(fd, 0, SEEK_SET); 2433 if (offset == (off_t) -1) { 2434 return 0; 2435 } 2436 ret = read(fd, &ehdr, sizeof(ehdr)); 2437 if (ret < sizeof(ehdr)) { 2438 return 0; 2439 } 2440 offset = lseek(fd, offset, SEEK_SET); 2441 if (offset == (off_t) -1) { 2442 return 0; 2443 } 2444 2445 /* Check ELF signature */ 2446 if (!elf_check_ident(&ehdr)) { 2447 return 0; 2448 } 2449 2450 /* check header */ 2451 bswap_ehdr(&ehdr); 2452 if (!elf_check_ehdr(&ehdr)) { 2453 return 0; 2454 } 2455 2456 /* return architecture id */ 2457 return ehdr.e_flags; 2458 } 2459 2460 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 2461 { 2462 struct image_info interp_info; 2463 struct elfhdr elf_ex; 2464 char *elf_interpreter = NULL; 2465 char *scratch; 2466 2467 info->start_mmap = (abi_ulong)ELF_START_MMAP; 2468 2469 load_elf_image(bprm->filename, bprm->fd, info, 2470 &elf_interpreter, bprm->buf); 2471 2472 /* ??? We need a copy of the elf header for passing to create_elf_tables. 2473 If we do nothing, we'll have overwritten this when we re-use bprm->buf 2474 when we load the interpreter. */ 2475 elf_ex = *(struct elfhdr *)bprm->buf; 2476 2477 /* Do this so that we can load the interpreter, if need be. We will 2478 change some of these later */ 2479 bprm->p = setup_arg_pages(bprm, info); 2480 2481 scratch = g_new0(char, TARGET_PAGE_SIZE); 2482 if (STACK_GROWS_DOWN) { 2483 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 2484 bprm->p, info->stack_limit); 2485 info->file_string = bprm->p; 2486 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 2487 bprm->p, info->stack_limit); 2488 info->env_strings = bprm->p; 2489 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 2490 bprm->p, info->stack_limit); 2491 info->arg_strings = bprm->p; 2492 } else { 2493 info->arg_strings = bprm->p; 2494 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 2495 bprm->p, info->stack_limit); 2496 info->env_strings = bprm->p; 2497 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 2498 bprm->p, info->stack_limit); 2499 info->file_string = bprm->p; 2500 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 2501 bprm->p, info->stack_limit); 2502 } 2503 2504 g_free(scratch); 2505 2506 if (!bprm->p) { 2507 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 2508 exit(-1); 2509 } 2510 2511 if (elf_interpreter) { 2512 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 2513 2514 /* If the program interpreter is one of these two, then assume 2515 an iBCS2 image. Otherwise assume a native linux image. */ 2516 2517 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 2518 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 2519 info->personality = PER_SVR4; 2520 2521 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 2522 and some applications "depend" upon this behavior. Since 2523 we do not have the power to recompile these, we emulate 2524 the SVr4 behavior. Sigh. */ 2525 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 2526 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 2527 } 2528 } 2529 2530 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 2531 info, (elf_interpreter ? &interp_info : NULL)); 2532 info->start_stack = bprm->p; 2533 2534 /* If we have an interpreter, set that as the program's entry point. 2535 Copy the load_bias as well, to help PPC64 interpret the entry 2536 point as a function descriptor. Do this after creating elf tables 2537 so that we copy the original program entry point into the AUXV. */ 2538 if (elf_interpreter) { 2539 info->load_bias = interp_info.load_bias; 2540 info->entry = interp_info.entry; 2541 free(elf_interpreter); 2542 } 2543 2544 #ifdef USE_ELF_CORE_DUMP 2545 bprm->core_dump = &elf_core_dump; 2546 #endif 2547 2548 return 0; 2549 } 2550 2551 #ifdef USE_ELF_CORE_DUMP 2552 /* 2553 * Definitions to generate Intel SVR4-like core files. 2554 * These mostly have the same names as the SVR4 types with "target_elf_" 2555 * tacked on the front to prevent clashes with linux definitions, 2556 * and the typedef forms have been avoided. This is mostly like 2557 * the SVR4 structure, but more Linuxy, with things that Linux does 2558 * not support and which gdb doesn't really use excluded. 2559 * 2560 * Fields we don't dump (their contents is zero) in linux-user qemu 2561 * are marked with XXX. 2562 * 2563 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 2564 * 2565 * Porting ELF coredump for target is (quite) simple process. First you 2566 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 2567 * the target resides): 2568 * 2569 * #define USE_ELF_CORE_DUMP 2570 * 2571 * Next you define type of register set used for dumping. ELF specification 2572 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 2573 * 2574 * typedef <target_regtype> target_elf_greg_t; 2575 * #define ELF_NREG <number of registers> 2576 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 2577 * 2578 * Last step is to implement target specific function that copies registers 2579 * from given cpu into just specified register set. Prototype is: 2580 * 2581 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 2582 * const CPUArchState *env); 2583 * 2584 * Parameters: 2585 * regs - copy register values into here (allocated and zeroed by caller) 2586 * env - copy registers from here 2587 * 2588 * Example for ARM target is provided in this file. 2589 */ 2590 2591 /* An ELF note in memory */ 2592 struct memelfnote { 2593 const char *name; 2594 size_t namesz; 2595 size_t namesz_rounded; 2596 int type; 2597 size_t datasz; 2598 size_t datasz_rounded; 2599 void *data; 2600 size_t notesz; 2601 }; 2602 2603 struct target_elf_siginfo { 2604 abi_int si_signo; /* signal number */ 2605 abi_int si_code; /* extra code */ 2606 abi_int si_errno; /* errno */ 2607 }; 2608 2609 struct target_elf_prstatus { 2610 struct target_elf_siginfo pr_info; /* Info associated with signal */ 2611 abi_short pr_cursig; /* Current signal */ 2612 abi_ulong pr_sigpend; /* XXX */ 2613 abi_ulong pr_sighold; /* XXX */ 2614 target_pid_t pr_pid; 2615 target_pid_t pr_ppid; 2616 target_pid_t pr_pgrp; 2617 target_pid_t pr_sid; 2618 struct target_timeval pr_utime; /* XXX User time */ 2619 struct target_timeval pr_stime; /* XXX System time */ 2620 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 2621 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 2622 target_elf_gregset_t pr_reg; /* GP registers */ 2623 abi_int pr_fpvalid; /* XXX */ 2624 }; 2625 2626 #define ELF_PRARGSZ (80) /* Number of chars for args */ 2627 2628 struct target_elf_prpsinfo { 2629 char pr_state; /* numeric process state */ 2630 char pr_sname; /* char for pr_state */ 2631 char pr_zomb; /* zombie */ 2632 char pr_nice; /* nice val */ 2633 abi_ulong pr_flag; /* flags */ 2634 target_uid_t pr_uid; 2635 target_gid_t pr_gid; 2636 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 2637 /* Lots missing */ 2638 char pr_fname[16]; /* filename of executable */ 2639 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 2640 }; 2641 2642 /* Here is the structure in which status of each thread is captured. */ 2643 struct elf_thread_status { 2644 QTAILQ_ENTRY(elf_thread_status) ets_link; 2645 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 2646 #if 0 2647 elf_fpregset_t fpu; /* NT_PRFPREG */ 2648 struct task_struct *thread; 2649 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 2650 #endif 2651 struct memelfnote notes[1]; 2652 int num_notes; 2653 }; 2654 2655 struct elf_note_info { 2656 struct memelfnote *notes; 2657 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 2658 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 2659 2660 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list; 2661 #if 0 2662 /* 2663 * Current version of ELF coredump doesn't support 2664 * dumping fp regs etc. 2665 */ 2666 elf_fpregset_t *fpu; 2667 elf_fpxregset_t *xfpu; 2668 int thread_status_size; 2669 #endif 2670 int notes_size; 2671 int numnote; 2672 }; 2673 2674 struct vm_area_struct { 2675 target_ulong vma_start; /* start vaddr of memory region */ 2676 target_ulong vma_end; /* end vaddr of memory region */ 2677 abi_ulong vma_flags; /* protection etc. flags for the region */ 2678 QTAILQ_ENTRY(vm_area_struct) vma_link; 2679 }; 2680 2681 struct mm_struct { 2682 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 2683 int mm_count; /* number of mappings */ 2684 }; 2685 2686 static struct mm_struct *vma_init(void); 2687 static void vma_delete(struct mm_struct *); 2688 static int vma_add_mapping(struct mm_struct *, target_ulong, 2689 target_ulong, abi_ulong); 2690 static int vma_get_mapping_count(const struct mm_struct *); 2691 static struct vm_area_struct *vma_first(const struct mm_struct *); 2692 static struct vm_area_struct *vma_next(struct vm_area_struct *); 2693 static abi_ulong vma_dump_size(const struct vm_area_struct *); 2694 static int vma_walker(void *priv, target_ulong start, target_ulong end, 2695 unsigned long flags); 2696 2697 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 2698 static void fill_note(struct memelfnote *, const char *, int, 2699 unsigned int, void *); 2700 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 2701 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 2702 static void fill_auxv_note(struct memelfnote *, const TaskState *); 2703 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 2704 static size_t note_size(const struct memelfnote *); 2705 static void free_note_info(struct elf_note_info *); 2706 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 2707 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 2708 static int core_dump_filename(const TaskState *, char *, size_t); 2709 2710 static int dump_write(int, const void *, size_t); 2711 static int write_note(struct memelfnote *, int); 2712 static int write_note_info(struct elf_note_info *, int); 2713 2714 #ifdef BSWAP_NEEDED 2715 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 2716 { 2717 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 2718 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 2719 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 2720 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 2721 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 2722 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 2723 prstatus->pr_pid = tswap32(prstatus->pr_pid); 2724 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 2725 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 2726 prstatus->pr_sid = tswap32(prstatus->pr_sid); 2727 /* cpu times are not filled, so we skip them */ 2728 /* regs should be in correct format already */ 2729 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 2730 } 2731 2732 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 2733 { 2734 psinfo->pr_flag = tswapal(psinfo->pr_flag); 2735 psinfo->pr_uid = tswap16(psinfo->pr_uid); 2736 psinfo->pr_gid = tswap16(psinfo->pr_gid); 2737 psinfo->pr_pid = tswap32(psinfo->pr_pid); 2738 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 2739 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 2740 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2741 } 2742 2743 static void bswap_note(struct elf_note *en) 2744 { 2745 bswap32s(&en->n_namesz); 2746 bswap32s(&en->n_descsz); 2747 bswap32s(&en->n_type); 2748 } 2749 #else 2750 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2751 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2752 static inline void bswap_note(struct elf_note *en) { } 2753 #endif /* BSWAP_NEEDED */ 2754 2755 /* 2756 * Minimal support for linux memory regions. These are needed 2757 * when we are finding out what memory exactly belongs to 2758 * emulated process. No locks needed here, as long as 2759 * thread that received the signal is stopped. 2760 */ 2761 2762 static struct mm_struct *vma_init(void) 2763 { 2764 struct mm_struct *mm; 2765 2766 if ((mm = g_malloc(sizeof (*mm))) == NULL) 2767 return (NULL); 2768 2769 mm->mm_count = 0; 2770 QTAILQ_INIT(&mm->mm_mmap); 2771 2772 return (mm); 2773 } 2774 2775 static void vma_delete(struct mm_struct *mm) 2776 { 2777 struct vm_area_struct *vma; 2778 2779 while ((vma = vma_first(mm)) != NULL) { 2780 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 2781 g_free(vma); 2782 } 2783 g_free(mm); 2784 } 2785 2786 static int vma_add_mapping(struct mm_struct *mm, target_ulong start, 2787 target_ulong end, abi_ulong flags) 2788 { 2789 struct vm_area_struct *vma; 2790 2791 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 2792 return (-1); 2793 2794 vma->vma_start = start; 2795 vma->vma_end = end; 2796 vma->vma_flags = flags; 2797 2798 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 2799 mm->mm_count++; 2800 2801 return (0); 2802 } 2803 2804 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 2805 { 2806 return (QTAILQ_FIRST(&mm->mm_mmap)); 2807 } 2808 2809 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 2810 { 2811 return (QTAILQ_NEXT(vma, vma_link)); 2812 } 2813 2814 static int vma_get_mapping_count(const struct mm_struct *mm) 2815 { 2816 return (mm->mm_count); 2817 } 2818 2819 /* 2820 * Calculate file (dump) size of given memory region. 2821 */ 2822 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 2823 { 2824 /* if we cannot even read the first page, skip it */ 2825 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 2826 return (0); 2827 2828 /* 2829 * Usually we don't dump executable pages as they contain 2830 * non-writable code that debugger can read directly from 2831 * target library etc. However, thread stacks are marked 2832 * also executable so we read in first page of given region 2833 * and check whether it contains elf header. If there is 2834 * no elf header, we dump it. 2835 */ 2836 if (vma->vma_flags & PROT_EXEC) { 2837 char page[TARGET_PAGE_SIZE]; 2838 2839 copy_from_user(page, vma->vma_start, sizeof (page)); 2840 if ((page[EI_MAG0] == ELFMAG0) && 2841 (page[EI_MAG1] == ELFMAG1) && 2842 (page[EI_MAG2] == ELFMAG2) && 2843 (page[EI_MAG3] == ELFMAG3)) { 2844 /* 2845 * Mappings are possibly from ELF binary. Don't dump 2846 * them. 2847 */ 2848 return (0); 2849 } 2850 } 2851 2852 return (vma->vma_end - vma->vma_start); 2853 } 2854 2855 static int vma_walker(void *priv, target_ulong start, target_ulong end, 2856 unsigned long flags) 2857 { 2858 struct mm_struct *mm = (struct mm_struct *)priv; 2859 2860 vma_add_mapping(mm, start, end, flags); 2861 return (0); 2862 } 2863 2864 static void fill_note(struct memelfnote *note, const char *name, int type, 2865 unsigned int sz, void *data) 2866 { 2867 unsigned int namesz; 2868 2869 namesz = strlen(name) + 1; 2870 note->name = name; 2871 note->namesz = namesz; 2872 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 2873 note->type = type; 2874 note->datasz = sz; 2875 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 2876 2877 note->data = data; 2878 2879 /* 2880 * We calculate rounded up note size here as specified by 2881 * ELF document. 2882 */ 2883 note->notesz = sizeof (struct elf_note) + 2884 note->namesz_rounded + note->datasz_rounded; 2885 } 2886 2887 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 2888 uint32_t flags) 2889 { 2890 (void) memset(elf, 0, sizeof(*elf)); 2891 2892 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 2893 elf->e_ident[EI_CLASS] = ELF_CLASS; 2894 elf->e_ident[EI_DATA] = ELF_DATA; 2895 elf->e_ident[EI_VERSION] = EV_CURRENT; 2896 elf->e_ident[EI_OSABI] = ELF_OSABI; 2897 2898 elf->e_type = ET_CORE; 2899 elf->e_machine = machine; 2900 elf->e_version = EV_CURRENT; 2901 elf->e_phoff = sizeof(struct elfhdr); 2902 elf->e_flags = flags; 2903 elf->e_ehsize = sizeof(struct elfhdr); 2904 elf->e_phentsize = sizeof(struct elf_phdr); 2905 elf->e_phnum = segs; 2906 2907 bswap_ehdr(elf); 2908 } 2909 2910 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 2911 { 2912 phdr->p_type = PT_NOTE; 2913 phdr->p_offset = offset; 2914 phdr->p_vaddr = 0; 2915 phdr->p_paddr = 0; 2916 phdr->p_filesz = sz; 2917 phdr->p_memsz = 0; 2918 phdr->p_flags = 0; 2919 phdr->p_align = 0; 2920 2921 bswap_phdr(phdr, 1); 2922 } 2923 2924 static size_t note_size(const struct memelfnote *note) 2925 { 2926 return (note->notesz); 2927 } 2928 2929 static void fill_prstatus(struct target_elf_prstatus *prstatus, 2930 const TaskState *ts, int signr) 2931 { 2932 (void) memset(prstatus, 0, sizeof (*prstatus)); 2933 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 2934 prstatus->pr_pid = ts->ts_tid; 2935 prstatus->pr_ppid = getppid(); 2936 prstatus->pr_pgrp = getpgrp(); 2937 prstatus->pr_sid = getsid(0); 2938 2939 bswap_prstatus(prstatus); 2940 } 2941 2942 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 2943 { 2944 char *base_filename; 2945 unsigned int i, len; 2946 2947 (void) memset(psinfo, 0, sizeof (*psinfo)); 2948 2949 len = ts->info->arg_end - ts->info->arg_start; 2950 if (len >= ELF_PRARGSZ) 2951 len = ELF_PRARGSZ - 1; 2952 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 2953 return -EFAULT; 2954 for (i = 0; i < len; i++) 2955 if (psinfo->pr_psargs[i] == 0) 2956 psinfo->pr_psargs[i] = ' '; 2957 psinfo->pr_psargs[len] = 0; 2958 2959 psinfo->pr_pid = getpid(); 2960 psinfo->pr_ppid = getppid(); 2961 psinfo->pr_pgrp = getpgrp(); 2962 psinfo->pr_sid = getsid(0); 2963 psinfo->pr_uid = getuid(); 2964 psinfo->pr_gid = getgid(); 2965 2966 base_filename = g_path_get_basename(ts->bprm->filename); 2967 /* 2968 * Using strncpy here is fine: at max-length, 2969 * this field is not NUL-terminated. 2970 */ 2971 (void) strncpy(psinfo->pr_fname, base_filename, 2972 sizeof(psinfo->pr_fname)); 2973 2974 g_free(base_filename); 2975 bswap_psinfo(psinfo); 2976 return (0); 2977 } 2978 2979 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 2980 { 2981 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 2982 elf_addr_t orig_auxv = auxv; 2983 void *ptr; 2984 int len = ts->info->auxv_len; 2985 2986 /* 2987 * Auxiliary vector is stored in target process stack. It contains 2988 * {type, value} pairs that we need to dump into note. This is not 2989 * strictly necessary but we do it here for sake of completeness. 2990 */ 2991 2992 /* read in whole auxv vector and copy it to memelfnote */ 2993 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 2994 if (ptr != NULL) { 2995 fill_note(note, "CORE", NT_AUXV, len, ptr); 2996 unlock_user(ptr, auxv, len); 2997 } 2998 } 2999 3000 /* 3001 * Constructs name of coredump file. We have following convention 3002 * for the name: 3003 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 3004 * 3005 * Returns 0 in case of success, -1 otherwise (errno is set). 3006 */ 3007 static int core_dump_filename(const TaskState *ts, char *buf, 3008 size_t bufsize) 3009 { 3010 char timestamp[64]; 3011 char *base_filename = NULL; 3012 struct timeval tv; 3013 struct tm tm; 3014 3015 assert(bufsize >= PATH_MAX); 3016 3017 if (gettimeofday(&tv, NULL) < 0) { 3018 (void) fprintf(stderr, "unable to get current timestamp: %s", 3019 strerror(errno)); 3020 return (-1); 3021 } 3022 3023 base_filename = g_path_get_basename(ts->bprm->filename); 3024 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 3025 localtime_r(&tv.tv_sec, &tm)); 3026 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 3027 base_filename, timestamp, (int)getpid()); 3028 g_free(base_filename); 3029 3030 return (0); 3031 } 3032 3033 static int dump_write(int fd, const void *ptr, size_t size) 3034 { 3035 const char *bufp = (const char *)ptr; 3036 ssize_t bytes_written, bytes_left; 3037 struct rlimit dumpsize; 3038 off_t pos; 3039 3040 bytes_written = 0; 3041 getrlimit(RLIMIT_CORE, &dumpsize); 3042 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 3043 if (errno == ESPIPE) { /* not a seekable stream */ 3044 bytes_left = size; 3045 } else { 3046 return pos; 3047 } 3048 } else { 3049 if (dumpsize.rlim_cur <= pos) { 3050 return -1; 3051 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 3052 bytes_left = size; 3053 } else { 3054 size_t limit_left=dumpsize.rlim_cur - pos; 3055 bytes_left = limit_left >= size ? size : limit_left ; 3056 } 3057 } 3058 3059 /* 3060 * In normal conditions, single write(2) should do but 3061 * in case of socket etc. this mechanism is more portable. 3062 */ 3063 do { 3064 bytes_written = write(fd, bufp, bytes_left); 3065 if (bytes_written < 0) { 3066 if (errno == EINTR) 3067 continue; 3068 return (-1); 3069 } else if (bytes_written == 0) { /* eof */ 3070 return (-1); 3071 } 3072 bufp += bytes_written; 3073 bytes_left -= bytes_written; 3074 } while (bytes_left > 0); 3075 3076 return (0); 3077 } 3078 3079 static int write_note(struct memelfnote *men, int fd) 3080 { 3081 struct elf_note en; 3082 3083 en.n_namesz = men->namesz; 3084 en.n_type = men->type; 3085 en.n_descsz = men->datasz; 3086 3087 bswap_note(&en); 3088 3089 if (dump_write(fd, &en, sizeof(en)) != 0) 3090 return (-1); 3091 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 3092 return (-1); 3093 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 3094 return (-1); 3095 3096 return (0); 3097 } 3098 3099 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 3100 { 3101 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3102 TaskState *ts = (TaskState *)cpu->opaque; 3103 struct elf_thread_status *ets; 3104 3105 ets = g_malloc0(sizeof (*ets)); 3106 ets->num_notes = 1; /* only prstatus is dumped */ 3107 fill_prstatus(&ets->prstatus, ts, 0); 3108 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 3109 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 3110 &ets->prstatus); 3111 3112 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 3113 3114 info->notes_size += note_size(&ets->notes[0]); 3115 } 3116 3117 static void init_note_info(struct elf_note_info *info) 3118 { 3119 /* Initialize the elf_note_info structure so that it is at 3120 * least safe to call free_note_info() on it. Must be 3121 * called before calling fill_note_info(). 3122 */ 3123 memset(info, 0, sizeof (*info)); 3124 QTAILQ_INIT(&info->thread_list); 3125 } 3126 3127 static int fill_note_info(struct elf_note_info *info, 3128 long signr, const CPUArchState *env) 3129 { 3130 #define NUMNOTES 3 3131 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3132 TaskState *ts = (TaskState *)cpu->opaque; 3133 int i; 3134 3135 info->notes = g_new0(struct memelfnote, NUMNOTES); 3136 if (info->notes == NULL) 3137 return (-ENOMEM); 3138 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 3139 if (info->prstatus == NULL) 3140 return (-ENOMEM); 3141 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 3142 if (info->prstatus == NULL) 3143 return (-ENOMEM); 3144 3145 /* 3146 * First fill in status (and registers) of current thread 3147 * including process info & aux vector. 3148 */ 3149 fill_prstatus(info->prstatus, ts, signr); 3150 elf_core_copy_regs(&info->prstatus->pr_reg, env); 3151 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 3152 sizeof (*info->prstatus), info->prstatus); 3153 fill_psinfo(info->psinfo, ts); 3154 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 3155 sizeof (*info->psinfo), info->psinfo); 3156 fill_auxv_note(&info->notes[2], ts); 3157 info->numnote = 3; 3158 3159 info->notes_size = 0; 3160 for (i = 0; i < info->numnote; i++) 3161 info->notes_size += note_size(&info->notes[i]); 3162 3163 /* read and fill status of all threads */ 3164 cpu_list_lock(); 3165 CPU_FOREACH(cpu) { 3166 if (cpu == thread_cpu) { 3167 continue; 3168 } 3169 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 3170 } 3171 cpu_list_unlock(); 3172 3173 return (0); 3174 } 3175 3176 static void free_note_info(struct elf_note_info *info) 3177 { 3178 struct elf_thread_status *ets; 3179 3180 while (!QTAILQ_EMPTY(&info->thread_list)) { 3181 ets = QTAILQ_FIRST(&info->thread_list); 3182 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 3183 g_free(ets); 3184 } 3185 3186 g_free(info->prstatus); 3187 g_free(info->psinfo); 3188 g_free(info->notes); 3189 } 3190 3191 static int write_note_info(struct elf_note_info *info, int fd) 3192 { 3193 struct elf_thread_status *ets; 3194 int i, error = 0; 3195 3196 /* write prstatus, psinfo and auxv for current thread */ 3197 for (i = 0; i < info->numnote; i++) 3198 if ((error = write_note(&info->notes[i], fd)) != 0) 3199 return (error); 3200 3201 /* write prstatus for each thread */ 3202 QTAILQ_FOREACH(ets, &info->thread_list, ets_link) { 3203 if ((error = write_note(&ets->notes[0], fd)) != 0) 3204 return (error); 3205 } 3206 3207 return (0); 3208 } 3209 3210 /* 3211 * Write out ELF coredump. 3212 * 3213 * See documentation of ELF object file format in: 3214 * http://www.caldera.com/developers/devspecs/gabi41.pdf 3215 * 3216 * Coredump format in linux is following: 3217 * 3218 * 0 +----------------------+ \ 3219 * | ELF header | ET_CORE | 3220 * +----------------------+ | 3221 * | ELF program headers | |--- headers 3222 * | - NOTE section | | 3223 * | - PT_LOAD sections | | 3224 * +----------------------+ / 3225 * | NOTEs: | 3226 * | - NT_PRSTATUS | 3227 * | - NT_PRSINFO | 3228 * | - NT_AUXV | 3229 * +----------------------+ <-- aligned to target page 3230 * | Process memory dump | 3231 * : : 3232 * . . 3233 * : : 3234 * | | 3235 * +----------------------+ 3236 * 3237 * NT_PRSTATUS -> struct elf_prstatus (per thread) 3238 * NT_PRSINFO -> struct elf_prpsinfo 3239 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 3240 * 3241 * Format follows System V format as close as possible. Current 3242 * version limitations are as follows: 3243 * - no floating point registers are dumped 3244 * 3245 * Function returns 0 in case of success, negative errno otherwise. 3246 * 3247 * TODO: make this work also during runtime: it should be 3248 * possible to force coredump from running process and then 3249 * continue processing. For example qemu could set up SIGUSR2 3250 * handler (provided that target process haven't registered 3251 * handler for that) that does the dump when signal is received. 3252 */ 3253 static int elf_core_dump(int signr, const CPUArchState *env) 3254 { 3255 const CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3256 const TaskState *ts = (const TaskState *)cpu->opaque; 3257 struct vm_area_struct *vma = NULL; 3258 char corefile[PATH_MAX]; 3259 struct elf_note_info info; 3260 struct elfhdr elf; 3261 struct elf_phdr phdr; 3262 struct rlimit dumpsize; 3263 struct mm_struct *mm = NULL; 3264 off_t offset = 0, data_offset = 0; 3265 int segs = 0; 3266 int fd = -1; 3267 3268 init_note_info(&info); 3269 3270 errno = 0; 3271 getrlimit(RLIMIT_CORE, &dumpsize); 3272 if (dumpsize.rlim_cur == 0) 3273 return 0; 3274 3275 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 3276 return (-errno); 3277 3278 if ((fd = open(corefile, O_WRONLY | O_CREAT, 3279 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 3280 return (-errno); 3281 3282 /* 3283 * Walk through target process memory mappings and 3284 * set up structure containing this information. After 3285 * this point vma_xxx functions can be used. 3286 */ 3287 if ((mm = vma_init()) == NULL) 3288 goto out; 3289 3290 walk_memory_regions(mm, vma_walker); 3291 segs = vma_get_mapping_count(mm); 3292 3293 /* 3294 * Construct valid coredump ELF header. We also 3295 * add one more segment for notes. 3296 */ 3297 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 3298 if (dump_write(fd, &elf, sizeof (elf)) != 0) 3299 goto out; 3300 3301 /* fill in the in-memory version of notes */ 3302 if (fill_note_info(&info, signr, env) < 0) 3303 goto out; 3304 3305 offset += sizeof (elf); /* elf header */ 3306 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 3307 3308 /* write out notes program header */ 3309 fill_elf_note_phdr(&phdr, info.notes_size, offset); 3310 3311 offset += info.notes_size; 3312 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 3313 goto out; 3314 3315 /* 3316 * ELF specification wants data to start at page boundary so 3317 * we align it here. 3318 */ 3319 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 3320 3321 /* 3322 * Write program headers for memory regions mapped in 3323 * the target process. 3324 */ 3325 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3326 (void) memset(&phdr, 0, sizeof (phdr)); 3327 3328 phdr.p_type = PT_LOAD; 3329 phdr.p_offset = offset; 3330 phdr.p_vaddr = vma->vma_start; 3331 phdr.p_paddr = 0; 3332 phdr.p_filesz = vma_dump_size(vma); 3333 offset += phdr.p_filesz; 3334 phdr.p_memsz = vma->vma_end - vma->vma_start; 3335 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 3336 if (vma->vma_flags & PROT_WRITE) 3337 phdr.p_flags |= PF_W; 3338 if (vma->vma_flags & PROT_EXEC) 3339 phdr.p_flags |= PF_X; 3340 phdr.p_align = ELF_EXEC_PAGESIZE; 3341 3342 bswap_phdr(&phdr, 1); 3343 if (dump_write(fd, &phdr, sizeof(phdr)) != 0) { 3344 goto out; 3345 } 3346 } 3347 3348 /* 3349 * Next we write notes just after program headers. No 3350 * alignment needed here. 3351 */ 3352 if (write_note_info(&info, fd) < 0) 3353 goto out; 3354 3355 /* align data to page boundary */ 3356 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 3357 goto out; 3358 3359 /* 3360 * Finally we can dump process memory into corefile as well. 3361 */ 3362 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3363 abi_ulong addr; 3364 abi_ulong end; 3365 3366 end = vma->vma_start + vma_dump_size(vma); 3367 3368 for (addr = vma->vma_start; addr < end; 3369 addr += TARGET_PAGE_SIZE) { 3370 char page[TARGET_PAGE_SIZE]; 3371 int error; 3372 3373 /* 3374 * Read in page from target process memory and 3375 * write it to coredump file. 3376 */ 3377 error = copy_from_user(page, addr, sizeof (page)); 3378 if (error != 0) { 3379 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 3380 addr); 3381 errno = -error; 3382 goto out; 3383 } 3384 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 3385 goto out; 3386 } 3387 } 3388 3389 out: 3390 free_note_info(&info); 3391 if (mm != NULL) 3392 vma_delete(mm); 3393 (void) close(fd); 3394 3395 if (errno != 0) 3396 return (-errno); 3397 return (0); 3398 } 3399 #endif /* USE_ELF_CORE_DUMP */ 3400 3401 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 3402 { 3403 init_thread(regs, infop); 3404 } 3405