1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include <sys/time.h> 3 #include <sys/param.h> 4 5 #include <stdio.h> 6 #include <sys/types.h> 7 #include <fcntl.h> 8 #include <errno.h> 9 #include <unistd.h> 10 #include <sys/mman.h> 11 #include <sys/resource.h> 12 #include <stdlib.h> 13 #include <string.h> 14 #include <time.h> 15 16 #include "qemu.h" 17 #include "disas/disas.h" 18 19 #ifdef _ARCH_PPC64 20 #undef ARCH_DLINFO 21 #undef ELF_PLATFORM 22 #undef ELF_HWCAP 23 #undef ELF_HWCAP2 24 #undef ELF_CLASS 25 #undef ELF_DATA 26 #undef ELF_ARCH 27 #endif 28 29 #define ELF_OSABI ELFOSABI_SYSV 30 31 /* from personality.h */ 32 33 /* 34 * Flags for bug emulation. 35 * 36 * These occupy the top three bytes. 37 */ 38 enum { 39 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 40 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 41 descriptors (signal handling) */ 42 MMAP_PAGE_ZERO = 0x0100000, 43 ADDR_COMPAT_LAYOUT = 0x0200000, 44 READ_IMPLIES_EXEC = 0x0400000, 45 ADDR_LIMIT_32BIT = 0x0800000, 46 SHORT_INODE = 0x1000000, 47 WHOLE_SECONDS = 0x2000000, 48 STICKY_TIMEOUTS = 0x4000000, 49 ADDR_LIMIT_3GB = 0x8000000, 50 }; 51 52 /* 53 * Personality types. 54 * 55 * These go in the low byte. Avoid using the top bit, it will 56 * conflict with error returns. 57 */ 58 enum { 59 PER_LINUX = 0x0000, 60 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 61 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 62 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 63 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 64 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 65 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 66 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 67 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 68 PER_BSD = 0x0006, 69 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 70 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 71 PER_LINUX32 = 0x0008, 72 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 73 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 74 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 75 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 76 PER_RISCOS = 0x000c, 77 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 78 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 79 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 80 PER_HPUX = 0x0010, 81 PER_MASK = 0x00ff, 82 }; 83 84 /* 85 * Return the base personality without flags. 86 */ 87 #define personality(pers) (pers & PER_MASK) 88 89 /* this flag is uneffective under linux too, should be deleted */ 90 #ifndef MAP_DENYWRITE 91 #define MAP_DENYWRITE 0 92 #endif 93 94 /* should probably go in elf.h */ 95 #ifndef ELIBBAD 96 #define ELIBBAD 80 97 #endif 98 99 #ifdef TARGET_WORDS_BIGENDIAN 100 #define ELF_DATA ELFDATA2MSB 101 #else 102 #define ELF_DATA ELFDATA2LSB 103 #endif 104 105 #ifdef TARGET_ABI_MIPSN32 106 typedef abi_ullong target_elf_greg_t; 107 #define tswapreg(ptr) tswap64(ptr) 108 #else 109 typedef abi_ulong target_elf_greg_t; 110 #define tswapreg(ptr) tswapal(ptr) 111 #endif 112 113 #ifdef USE_UID16 114 typedef abi_ushort target_uid_t; 115 typedef abi_ushort target_gid_t; 116 #else 117 typedef abi_uint target_uid_t; 118 typedef abi_uint target_gid_t; 119 #endif 120 typedef abi_int target_pid_t; 121 122 #ifdef TARGET_I386 123 124 #define ELF_PLATFORM get_elf_platform() 125 126 static const char *get_elf_platform(void) 127 { 128 static char elf_platform[] = "i386"; 129 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 130 if (family > 6) 131 family = 6; 132 if (family >= 3) 133 elf_platform[1] = '0' + family; 134 return elf_platform; 135 } 136 137 #define ELF_HWCAP get_elf_hwcap() 138 139 static uint32_t get_elf_hwcap(void) 140 { 141 X86CPU *cpu = X86_CPU(thread_cpu); 142 143 return cpu->env.features[FEAT_1_EDX]; 144 } 145 146 #ifdef TARGET_X86_64 147 #define ELF_START_MMAP 0x2aaaaab000ULL 148 #define elf_check_arch(x) ( ((x) == ELF_ARCH) ) 149 150 #define ELF_CLASS ELFCLASS64 151 #define ELF_ARCH EM_X86_64 152 153 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 154 { 155 regs->rax = 0; 156 regs->rsp = infop->start_stack; 157 regs->rip = infop->entry; 158 } 159 160 #define ELF_NREG 27 161 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 162 163 /* 164 * Note that ELF_NREG should be 29 as there should be place for 165 * TRAPNO and ERR "registers" as well but linux doesn't dump 166 * those. 167 * 168 * See linux kernel: arch/x86/include/asm/elf.h 169 */ 170 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 171 { 172 (*regs)[0] = env->regs[15]; 173 (*regs)[1] = env->regs[14]; 174 (*regs)[2] = env->regs[13]; 175 (*regs)[3] = env->regs[12]; 176 (*regs)[4] = env->regs[R_EBP]; 177 (*regs)[5] = env->regs[R_EBX]; 178 (*regs)[6] = env->regs[11]; 179 (*regs)[7] = env->regs[10]; 180 (*regs)[8] = env->regs[9]; 181 (*regs)[9] = env->regs[8]; 182 (*regs)[10] = env->regs[R_EAX]; 183 (*regs)[11] = env->regs[R_ECX]; 184 (*regs)[12] = env->regs[R_EDX]; 185 (*regs)[13] = env->regs[R_ESI]; 186 (*regs)[14] = env->regs[R_EDI]; 187 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 188 (*regs)[16] = env->eip; 189 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 190 (*regs)[18] = env->eflags; 191 (*regs)[19] = env->regs[R_ESP]; 192 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 193 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 194 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 195 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 196 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 197 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 198 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 199 } 200 201 #else 202 203 #define ELF_START_MMAP 0x80000000 204 205 /* 206 * This is used to ensure we don't load something for the wrong architecture. 207 */ 208 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 209 210 /* 211 * These are used to set parameters in the core dumps. 212 */ 213 #define ELF_CLASS ELFCLASS32 214 #define ELF_ARCH EM_386 215 216 static inline void init_thread(struct target_pt_regs *regs, 217 struct image_info *infop) 218 { 219 regs->esp = infop->start_stack; 220 regs->eip = infop->entry; 221 222 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 223 starts %edx contains a pointer to a function which might be 224 registered using `atexit'. This provides a mean for the 225 dynamic linker to call DT_FINI functions for shared libraries 226 that have been loaded before the code runs. 227 228 A value of 0 tells we have no such handler. */ 229 regs->edx = 0; 230 } 231 232 #define ELF_NREG 17 233 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 234 235 /* 236 * Note that ELF_NREG should be 19 as there should be place for 237 * TRAPNO and ERR "registers" as well but linux doesn't dump 238 * those. 239 * 240 * See linux kernel: arch/x86/include/asm/elf.h 241 */ 242 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 243 { 244 (*regs)[0] = env->regs[R_EBX]; 245 (*regs)[1] = env->regs[R_ECX]; 246 (*regs)[2] = env->regs[R_EDX]; 247 (*regs)[3] = env->regs[R_ESI]; 248 (*regs)[4] = env->regs[R_EDI]; 249 (*regs)[5] = env->regs[R_EBP]; 250 (*regs)[6] = env->regs[R_EAX]; 251 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 252 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 253 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 254 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 255 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 256 (*regs)[12] = env->eip; 257 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 258 (*regs)[14] = env->eflags; 259 (*regs)[15] = env->regs[R_ESP]; 260 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 261 } 262 #endif 263 264 #define USE_ELF_CORE_DUMP 265 #define ELF_EXEC_PAGESIZE 4096 266 267 #endif 268 269 #ifdef TARGET_ARM 270 271 #ifndef TARGET_AARCH64 272 /* 32 bit ARM definitions */ 273 274 #define ELF_START_MMAP 0x80000000 275 276 #define elf_check_arch(x) ((x) == ELF_MACHINE) 277 278 #define ELF_ARCH ELF_MACHINE 279 #define ELF_CLASS ELFCLASS32 280 281 static inline void init_thread(struct target_pt_regs *regs, 282 struct image_info *infop) 283 { 284 abi_long stack = infop->start_stack; 285 memset(regs, 0, sizeof(*regs)); 286 287 regs->ARM_cpsr = 0x10; 288 if (infop->entry & 1) 289 regs->ARM_cpsr |= CPSR_T; 290 regs->ARM_pc = infop->entry & 0xfffffffe; 291 regs->ARM_sp = infop->start_stack; 292 /* FIXME - what to for failure of get_user()? */ 293 get_user_ual(regs->ARM_r2, stack + 8); /* envp */ 294 get_user_ual(regs->ARM_r1, stack + 4); /* envp */ 295 /* XXX: it seems that r0 is zeroed after ! */ 296 regs->ARM_r0 = 0; 297 /* For uClinux PIC binaries. */ 298 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 299 regs->ARM_r10 = infop->start_data; 300 } 301 302 #define ELF_NREG 18 303 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 304 305 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 306 { 307 (*regs)[0] = tswapreg(env->regs[0]); 308 (*regs)[1] = tswapreg(env->regs[1]); 309 (*regs)[2] = tswapreg(env->regs[2]); 310 (*regs)[3] = tswapreg(env->regs[3]); 311 (*regs)[4] = tswapreg(env->regs[4]); 312 (*regs)[5] = tswapreg(env->regs[5]); 313 (*regs)[6] = tswapreg(env->regs[6]); 314 (*regs)[7] = tswapreg(env->regs[7]); 315 (*regs)[8] = tswapreg(env->regs[8]); 316 (*regs)[9] = tswapreg(env->regs[9]); 317 (*regs)[10] = tswapreg(env->regs[10]); 318 (*regs)[11] = tswapreg(env->regs[11]); 319 (*regs)[12] = tswapreg(env->regs[12]); 320 (*regs)[13] = tswapreg(env->regs[13]); 321 (*regs)[14] = tswapreg(env->regs[14]); 322 (*regs)[15] = tswapreg(env->regs[15]); 323 324 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 325 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 326 } 327 328 #define USE_ELF_CORE_DUMP 329 #define ELF_EXEC_PAGESIZE 4096 330 331 enum 332 { 333 ARM_HWCAP_ARM_SWP = 1 << 0, 334 ARM_HWCAP_ARM_HALF = 1 << 1, 335 ARM_HWCAP_ARM_THUMB = 1 << 2, 336 ARM_HWCAP_ARM_26BIT = 1 << 3, 337 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 338 ARM_HWCAP_ARM_FPA = 1 << 5, 339 ARM_HWCAP_ARM_VFP = 1 << 6, 340 ARM_HWCAP_ARM_EDSP = 1 << 7, 341 ARM_HWCAP_ARM_JAVA = 1 << 8, 342 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 343 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 344 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 345 ARM_HWCAP_ARM_NEON = 1 << 12, 346 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 347 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 348 ARM_HWCAP_ARM_TLS = 1 << 15, 349 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 350 ARM_HWCAP_ARM_IDIVA = 1 << 17, 351 ARM_HWCAP_ARM_IDIVT = 1 << 18, 352 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 353 ARM_HWCAP_ARM_LPAE = 1 << 20, 354 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 355 }; 356 357 enum { 358 ARM_HWCAP2_ARM_AES = 1 << 0, 359 ARM_HWCAP2_ARM_PMULL = 1 << 1, 360 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 361 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 362 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 363 }; 364 365 /* The commpage only exists for 32 bit kernels */ 366 367 #define TARGET_HAS_VALIDATE_GUEST_SPACE 368 /* Return 1 if the proposed guest space is suitable for the guest. 369 * Return 0 if the proposed guest space isn't suitable, but another 370 * address space should be tried. 371 * Return -1 if there is no way the proposed guest space can be 372 * valid regardless of the base. 373 * The guest code may leave a page mapped and populate it if the 374 * address is suitable. 375 */ 376 static int validate_guest_space(unsigned long guest_base, 377 unsigned long guest_size) 378 { 379 unsigned long real_start, test_page_addr; 380 381 /* We need to check that we can force a fault on access to the 382 * commpage at 0xffff0fxx 383 */ 384 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask); 385 386 /* If the commpage lies within the already allocated guest space, 387 * then there is no way we can allocate it. 388 */ 389 if (test_page_addr >= guest_base 390 && test_page_addr <= (guest_base + guest_size)) { 391 return -1; 392 } 393 394 /* Note it needs to be writeable to let us initialise it */ 395 real_start = (unsigned long) 396 mmap((void *)test_page_addr, qemu_host_page_size, 397 PROT_READ | PROT_WRITE, 398 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 399 400 /* If we can't map it then try another address */ 401 if (real_start == -1ul) { 402 return 0; 403 } 404 405 if (real_start != test_page_addr) { 406 /* OS didn't put the page where we asked - unmap and reject */ 407 munmap((void *)real_start, qemu_host_page_size); 408 return 0; 409 } 410 411 /* Leave the page mapped 412 * Populate it (mmap should have left it all 0'd) 413 */ 414 415 /* Kernel helper versions */ 416 __put_user(5, (uint32_t *)g2h(0xffff0ffcul)); 417 418 /* Now it's populated make it RO */ 419 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) { 420 perror("Protecting guest commpage"); 421 exit(-1); 422 } 423 424 return 1; /* All good */ 425 } 426 427 #define ELF_HWCAP get_elf_hwcap() 428 #define ELF_HWCAP2 get_elf_hwcap2() 429 430 static uint32_t get_elf_hwcap(void) 431 { 432 ARMCPU *cpu = ARM_CPU(thread_cpu); 433 uint32_t hwcaps = 0; 434 435 hwcaps |= ARM_HWCAP_ARM_SWP; 436 hwcaps |= ARM_HWCAP_ARM_HALF; 437 hwcaps |= ARM_HWCAP_ARM_THUMB; 438 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 439 440 /* probe for the extra features */ 441 #define GET_FEATURE(feat, hwcap) \ 442 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 443 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 444 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 445 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP); 446 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 447 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 448 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 449 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3); 450 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 451 GET_FEATURE(ARM_FEATURE_VFP4, ARM_HWCAP_ARM_VFPv4); 452 GET_FEATURE(ARM_FEATURE_ARM_DIV, ARM_HWCAP_ARM_IDIVA); 453 GET_FEATURE(ARM_FEATURE_THUMB_DIV, ARM_HWCAP_ARM_IDIVT); 454 /* All QEMU's VFPv3 CPUs have 32 registers, see VFP_DREG in translate.c. 455 * Note that the ARM_HWCAP_ARM_VFPv3D16 bit is always the inverse of 456 * ARM_HWCAP_ARM_VFPD32 (and so always clear for QEMU); it is unrelated 457 * to our VFP_FP16 feature bit. 458 */ 459 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPD32); 460 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 461 462 return hwcaps; 463 } 464 465 static uint32_t get_elf_hwcap2(void) 466 { 467 ARMCPU *cpu = ARM_CPU(thread_cpu); 468 uint32_t hwcaps = 0; 469 470 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP2_ARM_AES); 471 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP2_ARM_CRC32); 472 return hwcaps; 473 } 474 475 #undef GET_FEATURE 476 477 #else 478 /* 64 bit ARM definitions */ 479 #define ELF_START_MMAP 0x80000000 480 481 #define elf_check_arch(x) ((x) == ELF_MACHINE) 482 483 #define ELF_ARCH ELF_MACHINE 484 #define ELF_CLASS ELFCLASS64 485 #define ELF_PLATFORM "aarch64" 486 487 static inline void init_thread(struct target_pt_regs *regs, 488 struct image_info *infop) 489 { 490 abi_long stack = infop->start_stack; 491 memset(regs, 0, sizeof(*regs)); 492 493 regs->pc = infop->entry & ~0x3ULL; 494 regs->sp = stack; 495 } 496 497 #define ELF_NREG 34 498 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 499 500 static void elf_core_copy_regs(target_elf_gregset_t *regs, 501 const CPUARMState *env) 502 { 503 int i; 504 505 for (i = 0; i < 32; i++) { 506 (*regs)[i] = tswapreg(env->xregs[i]); 507 } 508 (*regs)[32] = tswapreg(env->pc); 509 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 510 } 511 512 #define USE_ELF_CORE_DUMP 513 #define ELF_EXEC_PAGESIZE 4096 514 515 enum { 516 ARM_HWCAP_A64_FP = 1 << 0, 517 ARM_HWCAP_A64_ASIMD = 1 << 1, 518 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 519 ARM_HWCAP_A64_AES = 1 << 3, 520 ARM_HWCAP_A64_PMULL = 1 << 4, 521 ARM_HWCAP_A64_SHA1 = 1 << 5, 522 ARM_HWCAP_A64_SHA2 = 1 << 6, 523 ARM_HWCAP_A64_CRC32 = 1 << 7, 524 }; 525 526 #define ELF_HWCAP get_elf_hwcap() 527 528 static uint32_t get_elf_hwcap(void) 529 { 530 ARMCPU *cpu = ARM_CPU(thread_cpu); 531 uint32_t hwcaps = 0; 532 533 hwcaps |= ARM_HWCAP_A64_FP; 534 hwcaps |= ARM_HWCAP_A64_ASIMD; 535 536 /* probe for the extra features */ 537 #define GET_FEATURE(feat, hwcap) \ 538 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 539 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP_A64_PMULL); 540 #undef GET_FEATURE 541 542 return hwcaps; 543 } 544 545 #endif /* not TARGET_AARCH64 */ 546 #endif /* TARGET_ARM */ 547 548 #ifdef TARGET_UNICORE32 549 550 #define ELF_START_MMAP 0x80000000 551 552 #define elf_check_arch(x) ((x) == EM_UNICORE32) 553 554 #define ELF_CLASS ELFCLASS32 555 #define ELF_DATA ELFDATA2LSB 556 #define ELF_ARCH EM_UNICORE32 557 558 static inline void init_thread(struct target_pt_regs *regs, 559 struct image_info *infop) 560 { 561 abi_long stack = infop->start_stack; 562 memset(regs, 0, sizeof(*regs)); 563 regs->UC32_REG_asr = 0x10; 564 regs->UC32_REG_pc = infop->entry & 0xfffffffe; 565 regs->UC32_REG_sp = infop->start_stack; 566 /* FIXME - what to for failure of get_user()? */ 567 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */ 568 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */ 569 /* XXX: it seems that r0 is zeroed after ! */ 570 regs->UC32_REG_00 = 0; 571 } 572 573 #define ELF_NREG 34 574 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 575 576 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env) 577 { 578 (*regs)[0] = env->regs[0]; 579 (*regs)[1] = env->regs[1]; 580 (*regs)[2] = env->regs[2]; 581 (*regs)[3] = env->regs[3]; 582 (*regs)[4] = env->regs[4]; 583 (*regs)[5] = env->regs[5]; 584 (*regs)[6] = env->regs[6]; 585 (*regs)[7] = env->regs[7]; 586 (*regs)[8] = env->regs[8]; 587 (*regs)[9] = env->regs[9]; 588 (*regs)[10] = env->regs[10]; 589 (*regs)[11] = env->regs[11]; 590 (*regs)[12] = env->regs[12]; 591 (*regs)[13] = env->regs[13]; 592 (*regs)[14] = env->regs[14]; 593 (*regs)[15] = env->regs[15]; 594 (*regs)[16] = env->regs[16]; 595 (*regs)[17] = env->regs[17]; 596 (*regs)[18] = env->regs[18]; 597 (*regs)[19] = env->regs[19]; 598 (*regs)[20] = env->regs[20]; 599 (*regs)[21] = env->regs[21]; 600 (*regs)[22] = env->regs[22]; 601 (*regs)[23] = env->regs[23]; 602 (*regs)[24] = env->regs[24]; 603 (*regs)[25] = env->regs[25]; 604 (*regs)[26] = env->regs[26]; 605 (*regs)[27] = env->regs[27]; 606 (*regs)[28] = env->regs[28]; 607 (*regs)[29] = env->regs[29]; 608 (*regs)[30] = env->regs[30]; 609 (*regs)[31] = env->regs[31]; 610 611 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env); 612 (*regs)[33] = env->regs[0]; /* XXX */ 613 } 614 615 #define USE_ELF_CORE_DUMP 616 #define ELF_EXEC_PAGESIZE 4096 617 618 #define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64) 619 620 #endif 621 622 #ifdef TARGET_SPARC 623 #ifdef TARGET_SPARC64 624 625 #define ELF_START_MMAP 0x80000000 626 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 627 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 628 #ifndef TARGET_ABI32 629 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 630 #else 631 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 632 #endif 633 634 #define ELF_CLASS ELFCLASS64 635 #define ELF_ARCH EM_SPARCV9 636 637 #define STACK_BIAS 2047 638 639 static inline void init_thread(struct target_pt_regs *regs, 640 struct image_info *infop) 641 { 642 #ifndef TARGET_ABI32 643 regs->tstate = 0; 644 #endif 645 regs->pc = infop->entry; 646 regs->npc = regs->pc + 4; 647 regs->y = 0; 648 #ifdef TARGET_ABI32 649 regs->u_regs[14] = infop->start_stack - 16 * 4; 650 #else 651 if (personality(infop->personality) == PER_LINUX32) 652 regs->u_regs[14] = infop->start_stack - 16 * 4; 653 else 654 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 655 #endif 656 } 657 658 #else 659 #define ELF_START_MMAP 0x80000000 660 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 661 | HWCAP_SPARC_MULDIV) 662 #define elf_check_arch(x) ( (x) == EM_SPARC ) 663 664 #define ELF_CLASS ELFCLASS32 665 #define ELF_ARCH EM_SPARC 666 667 static inline void init_thread(struct target_pt_regs *regs, 668 struct image_info *infop) 669 { 670 regs->psr = 0; 671 regs->pc = infop->entry; 672 regs->npc = regs->pc + 4; 673 regs->y = 0; 674 regs->u_regs[14] = infop->start_stack - 16 * 4; 675 } 676 677 #endif 678 #endif 679 680 #ifdef TARGET_PPC 681 682 #define ELF_START_MMAP 0x80000000 683 684 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 685 686 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 687 688 #define ELF_CLASS ELFCLASS64 689 690 #else 691 692 #define elf_check_arch(x) ( (x) == EM_PPC ) 693 694 #define ELF_CLASS ELFCLASS32 695 696 #endif 697 698 #define ELF_ARCH EM_PPC 699 700 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 701 See arch/powerpc/include/asm/cputable.h. */ 702 enum { 703 QEMU_PPC_FEATURE_32 = 0x80000000, 704 QEMU_PPC_FEATURE_64 = 0x40000000, 705 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 706 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 707 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 708 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 709 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 710 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 711 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 712 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 713 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 714 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 715 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 716 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 717 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 718 QEMU_PPC_FEATURE_CELL = 0x00010000, 719 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 720 QEMU_PPC_FEATURE_SMT = 0x00004000, 721 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 722 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 723 QEMU_PPC_FEATURE_PA6T = 0x00000800, 724 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 725 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 726 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 727 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 728 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 729 730 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 731 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 732 }; 733 734 #define ELF_HWCAP get_elf_hwcap() 735 736 static uint32_t get_elf_hwcap(void) 737 { 738 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 739 uint32_t features = 0; 740 741 /* We don't have to be terribly complete here; the high points are 742 Altivec/FP/SPE support. Anything else is just a bonus. */ 743 #define GET_FEATURE(flag, feature) \ 744 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 745 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 746 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 747 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 748 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 749 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 750 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 751 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 752 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 753 #undef GET_FEATURE 754 755 return features; 756 } 757 758 /* 759 * The requirements here are: 760 * - keep the final alignment of sp (sp & 0xf) 761 * - make sure the 32-bit value at the first 16 byte aligned position of 762 * AUXV is greater than 16 for glibc compatibility. 763 * AT_IGNOREPPC is used for that. 764 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 765 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 766 */ 767 #define DLINFO_ARCH_ITEMS 5 768 #define ARCH_DLINFO \ 769 do { \ 770 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \ 771 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \ 772 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 773 /* \ 774 * Now handle glibc compatibility. \ 775 */ \ 776 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 777 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 778 } while (0) 779 780 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 781 { 782 _regs->gpr[1] = infop->start_stack; 783 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 784 _regs->gpr[2] = ldq_raw(infop->entry + 8) + infop->load_bias; 785 infop->entry = ldq_raw(infop->entry) + infop->load_bias; 786 #endif 787 _regs->nip = infop->entry; 788 } 789 790 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 791 #define ELF_NREG 48 792 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 793 794 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 795 { 796 int i; 797 target_ulong ccr = 0; 798 799 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 800 (*regs)[i] = tswapreg(env->gpr[i]); 801 } 802 803 (*regs)[32] = tswapreg(env->nip); 804 (*regs)[33] = tswapreg(env->msr); 805 (*regs)[35] = tswapreg(env->ctr); 806 (*regs)[36] = tswapreg(env->lr); 807 (*regs)[37] = tswapreg(env->xer); 808 809 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 810 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 811 } 812 (*regs)[38] = tswapreg(ccr); 813 } 814 815 #define USE_ELF_CORE_DUMP 816 #define ELF_EXEC_PAGESIZE 4096 817 818 #endif 819 820 #ifdef TARGET_MIPS 821 822 #define ELF_START_MMAP 0x80000000 823 824 #define elf_check_arch(x) ( (x) == EM_MIPS ) 825 826 #ifdef TARGET_MIPS64 827 #define ELF_CLASS ELFCLASS64 828 #else 829 #define ELF_CLASS ELFCLASS32 830 #endif 831 #define ELF_ARCH EM_MIPS 832 833 static inline void init_thread(struct target_pt_regs *regs, 834 struct image_info *infop) 835 { 836 regs->cp0_status = 2 << CP0St_KSU; 837 regs->cp0_epc = infop->entry; 838 regs->regs[29] = infop->start_stack; 839 } 840 841 /* See linux kernel: arch/mips/include/asm/elf.h. */ 842 #define ELF_NREG 45 843 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 844 845 /* See linux kernel: arch/mips/include/asm/reg.h. */ 846 enum { 847 #ifdef TARGET_MIPS64 848 TARGET_EF_R0 = 0, 849 #else 850 TARGET_EF_R0 = 6, 851 #endif 852 TARGET_EF_R26 = TARGET_EF_R0 + 26, 853 TARGET_EF_R27 = TARGET_EF_R0 + 27, 854 TARGET_EF_LO = TARGET_EF_R0 + 32, 855 TARGET_EF_HI = TARGET_EF_R0 + 33, 856 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 857 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 858 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 859 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 860 }; 861 862 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 863 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 864 { 865 int i; 866 867 for (i = 0; i < TARGET_EF_R0; i++) { 868 (*regs)[i] = 0; 869 } 870 (*regs)[TARGET_EF_R0] = 0; 871 872 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 873 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 874 } 875 876 (*regs)[TARGET_EF_R26] = 0; 877 (*regs)[TARGET_EF_R27] = 0; 878 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 879 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 880 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 881 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 882 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 883 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 884 } 885 886 #define USE_ELF_CORE_DUMP 887 #define ELF_EXEC_PAGESIZE 4096 888 889 #endif /* TARGET_MIPS */ 890 891 #ifdef TARGET_MICROBLAZE 892 893 #define ELF_START_MMAP 0x80000000 894 895 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 896 897 #define ELF_CLASS ELFCLASS32 898 #define ELF_ARCH EM_MICROBLAZE 899 900 static inline void init_thread(struct target_pt_regs *regs, 901 struct image_info *infop) 902 { 903 regs->pc = infop->entry; 904 regs->r1 = infop->start_stack; 905 906 } 907 908 #define ELF_EXEC_PAGESIZE 4096 909 910 #define USE_ELF_CORE_DUMP 911 #define ELF_NREG 38 912 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 913 914 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 915 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 916 { 917 int i, pos = 0; 918 919 for (i = 0; i < 32; i++) { 920 (*regs)[pos++] = tswapreg(env->regs[i]); 921 } 922 923 for (i = 0; i < 6; i++) { 924 (*regs)[pos++] = tswapreg(env->sregs[i]); 925 } 926 } 927 928 #endif /* TARGET_MICROBLAZE */ 929 930 #ifdef TARGET_OPENRISC 931 932 #define ELF_START_MMAP 0x08000000 933 934 #define elf_check_arch(x) ((x) == EM_OPENRISC) 935 936 #define ELF_ARCH EM_OPENRISC 937 #define ELF_CLASS ELFCLASS32 938 #define ELF_DATA ELFDATA2MSB 939 940 static inline void init_thread(struct target_pt_regs *regs, 941 struct image_info *infop) 942 { 943 regs->pc = infop->entry; 944 regs->gpr[1] = infop->start_stack; 945 } 946 947 #define USE_ELF_CORE_DUMP 948 #define ELF_EXEC_PAGESIZE 8192 949 950 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 951 #define ELF_NREG 34 /* gprs and pc, sr */ 952 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 953 954 static void elf_core_copy_regs(target_elf_gregset_t *regs, 955 const CPUOpenRISCState *env) 956 { 957 int i; 958 959 for (i = 0; i < 32; i++) { 960 (*regs)[i] = tswapreg(env->gpr[i]); 961 } 962 963 (*regs)[32] = tswapreg(env->pc); 964 (*regs)[33] = tswapreg(env->sr); 965 } 966 #define ELF_HWCAP 0 967 #define ELF_PLATFORM NULL 968 969 #endif /* TARGET_OPENRISC */ 970 971 #ifdef TARGET_SH4 972 973 #define ELF_START_MMAP 0x80000000 974 975 #define elf_check_arch(x) ( (x) == EM_SH ) 976 977 #define ELF_CLASS ELFCLASS32 978 #define ELF_ARCH EM_SH 979 980 static inline void init_thread(struct target_pt_regs *regs, 981 struct image_info *infop) 982 { 983 /* Check other registers XXXXX */ 984 regs->pc = infop->entry; 985 regs->regs[15] = infop->start_stack; 986 } 987 988 /* See linux kernel: arch/sh/include/asm/elf.h. */ 989 #define ELF_NREG 23 990 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 991 992 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 993 enum { 994 TARGET_REG_PC = 16, 995 TARGET_REG_PR = 17, 996 TARGET_REG_SR = 18, 997 TARGET_REG_GBR = 19, 998 TARGET_REG_MACH = 20, 999 TARGET_REG_MACL = 21, 1000 TARGET_REG_SYSCALL = 22 1001 }; 1002 1003 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1004 const CPUSH4State *env) 1005 { 1006 int i; 1007 1008 for (i = 0; i < 16; i++) { 1009 (*regs[i]) = tswapreg(env->gregs[i]); 1010 } 1011 1012 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1013 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1014 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1015 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1016 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1017 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1018 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1019 } 1020 1021 #define USE_ELF_CORE_DUMP 1022 #define ELF_EXEC_PAGESIZE 4096 1023 1024 #endif 1025 1026 #ifdef TARGET_CRIS 1027 1028 #define ELF_START_MMAP 0x80000000 1029 1030 #define elf_check_arch(x) ( (x) == EM_CRIS ) 1031 1032 #define ELF_CLASS ELFCLASS32 1033 #define ELF_ARCH EM_CRIS 1034 1035 static inline void init_thread(struct target_pt_regs *regs, 1036 struct image_info *infop) 1037 { 1038 regs->erp = infop->entry; 1039 } 1040 1041 #define ELF_EXEC_PAGESIZE 8192 1042 1043 #endif 1044 1045 #ifdef TARGET_M68K 1046 1047 #define ELF_START_MMAP 0x80000000 1048 1049 #define elf_check_arch(x) ( (x) == EM_68K ) 1050 1051 #define ELF_CLASS ELFCLASS32 1052 #define ELF_ARCH EM_68K 1053 1054 /* ??? Does this need to do anything? 1055 #define ELF_PLAT_INIT(_r) */ 1056 1057 static inline void init_thread(struct target_pt_regs *regs, 1058 struct image_info *infop) 1059 { 1060 regs->usp = infop->start_stack; 1061 regs->sr = 0; 1062 regs->pc = infop->entry; 1063 } 1064 1065 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1066 #define ELF_NREG 20 1067 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1068 1069 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1070 { 1071 (*regs)[0] = tswapreg(env->dregs[1]); 1072 (*regs)[1] = tswapreg(env->dregs[2]); 1073 (*regs)[2] = tswapreg(env->dregs[3]); 1074 (*regs)[3] = tswapreg(env->dregs[4]); 1075 (*regs)[4] = tswapreg(env->dregs[5]); 1076 (*regs)[5] = tswapreg(env->dregs[6]); 1077 (*regs)[6] = tswapreg(env->dregs[7]); 1078 (*regs)[7] = tswapreg(env->aregs[0]); 1079 (*regs)[8] = tswapreg(env->aregs[1]); 1080 (*regs)[9] = tswapreg(env->aregs[2]); 1081 (*regs)[10] = tswapreg(env->aregs[3]); 1082 (*regs)[11] = tswapreg(env->aregs[4]); 1083 (*regs)[12] = tswapreg(env->aregs[5]); 1084 (*regs)[13] = tswapreg(env->aregs[6]); 1085 (*regs)[14] = tswapreg(env->dregs[0]); 1086 (*regs)[15] = tswapreg(env->aregs[7]); 1087 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1088 (*regs)[17] = tswapreg(env->sr); 1089 (*regs)[18] = tswapreg(env->pc); 1090 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1091 } 1092 1093 #define USE_ELF_CORE_DUMP 1094 #define ELF_EXEC_PAGESIZE 8192 1095 1096 #endif 1097 1098 #ifdef TARGET_ALPHA 1099 1100 #define ELF_START_MMAP (0x30000000000ULL) 1101 1102 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 1103 1104 #define ELF_CLASS ELFCLASS64 1105 #define ELF_ARCH EM_ALPHA 1106 1107 static inline void init_thread(struct target_pt_regs *regs, 1108 struct image_info *infop) 1109 { 1110 regs->pc = infop->entry; 1111 regs->ps = 8; 1112 regs->usp = infop->start_stack; 1113 } 1114 1115 #define ELF_EXEC_PAGESIZE 8192 1116 1117 #endif /* TARGET_ALPHA */ 1118 1119 #ifdef TARGET_S390X 1120 1121 #define ELF_START_MMAP (0x20000000000ULL) 1122 1123 #define elf_check_arch(x) ( (x) == ELF_ARCH ) 1124 1125 #define ELF_CLASS ELFCLASS64 1126 #define ELF_DATA ELFDATA2MSB 1127 #define ELF_ARCH EM_S390 1128 1129 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1130 { 1131 regs->psw.addr = infop->entry; 1132 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1133 regs->gprs[15] = infop->start_stack; 1134 } 1135 1136 #endif /* TARGET_S390X */ 1137 1138 #ifndef ELF_PLATFORM 1139 #define ELF_PLATFORM (NULL) 1140 #endif 1141 1142 #ifndef ELF_HWCAP 1143 #define ELF_HWCAP 0 1144 #endif 1145 1146 #ifdef TARGET_ABI32 1147 #undef ELF_CLASS 1148 #define ELF_CLASS ELFCLASS32 1149 #undef bswaptls 1150 #define bswaptls(ptr) bswap32s(ptr) 1151 #endif 1152 1153 #include "elf.h" 1154 1155 struct exec 1156 { 1157 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1158 unsigned int a_text; /* length of text, in bytes */ 1159 unsigned int a_data; /* length of data, in bytes */ 1160 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1161 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1162 unsigned int a_entry; /* start address */ 1163 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1164 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1165 }; 1166 1167 1168 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1169 #define OMAGIC 0407 1170 #define NMAGIC 0410 1171 #define ZMAGIC 0413 1172 #define QMAGIC 0314 1173 1174 /* Necessary parameters */ 1175 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE 1176 #define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1)) 1177 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1178 1179 #define DLINFO_ITEMS 14 1180 1181 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1182 { 1183 memcpy(to, from, n); 1184 } 1185 1186 #ifdef BSWAP_NEEDED 1187 static void bswap_ehdr(struct elfhdr *ehdr) 1188 { 1189 bswap16s(&ehdr->e_type); /* Object file type */ 1190 bswap16s(&ehdr->e_machine); /* Architecture */ 1191 bswap32s(&ehdr->e_version); /* Object file version */ 1192 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1193 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1194 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1195 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1196 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1197 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1198 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1199 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1200 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1201 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1202 } 1203 1204 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1205 { 1206 int i; 1207 for (i = 0; i < phnum; ++i, ++phdr) { 1208 bswap32s(&phdr->p_type); /* Segment type */ 1209 bswap32s(&phdr->p_flags); /* Segment flags */ 1210 bswaptls(&phdr->p_offset); /* Segment file offset */ 1211 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1212 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1213 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1214 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1215 bswaptls(&phdr->p_align); /* Segment alignment */ 1216 } 1217 } 1218 1219 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1220 { 1221 int i; 1222 for (i = 0; i < shnum; ++i, ++shdr) { 1223 bswap32s(&shdr->sh_name); 1224 bswap32s(&shdr->sh_type); 1225 bswaptls(&shdr->sh_flags); 1226 bswaptls(&shdr->sh_addr); 1227 bswaptls(&shdr->sh_offset); 1228 bswaptls(&shdr->sh_size); 1229 bswap32s(&shdr->sh_link); 1230 bswap32s(&shdr->sh_info); 1231 bswaptls(&shdr->sh_addralign); 1232 bswaptls(&shdr->sh_entsize); 1233 } 1234 } 1235 1236 static void bswap_sym(struct elf_sym *sym) 1237 { 1238 bswap32s(&sym->st_name); 1239 bswaptls(&sym->st_value); 1240 bswaptls(&sym->st_size); 1241 bswap16s(&sym->st_shndx); 1242 } 1243 #else 1244 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1245 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1246 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1247 static inline void bswap_sym(struct elf_sym *sym) { } 1248 #endif 1249 1250 #ifdef USE_ELF_CORE_DUMP 1251 static int elf_core_dump(int, const CPUArchState *); 1252 #endif /* USE_ELF_CORE_DUMP */ 1253 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1254 1255 /* Verify the portions of EHDR within E_IDENT for the target. 1256 This can be performed before bswapping the entire header. */ 1257 static bool elf_check_ident(struct elfhdr *ehdr) 1258 { 1259 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1260 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1261 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1262 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1263 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1264 && ehdr->e_ident[EI_DATA] == ELF_DATA 1265 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1266 } 1267 1268 /* Verify the portions of EHDR outside of E_IDENT for the target. 1269 This has to wait until after bswapping the header. */ 1270 static bool elf_check_ehdr(struct elfhdr *ehdr) 1271 { 1272 return (elf_check_arch(ehdr->e_machine) 1273 && ehdr->e_ehsize == sizeof(struct elfhdr) 1274 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1275 && ehdr->e_shentsize == sizeof(struct elf_shdr) 1276 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1277 } 1278 1279 /* 1280 * 'copy_elf_strings()' copies argument/envelope strings from user 1281 * memory to free pages in kernel mem. These are in a format ready 1282 * to be put directly into the top of new user memory. 1283 * 1284 */ 1285 static abi_ulong copy_elf_strings(int argc,char ** argv, void **page, 1286 abi_ulong p) 1287 { 1288 char *tmp, *tmp1, *pag = NULL; 1289 int len, offset = 0; 1290 1291 if (!p) { 1292 return 0; /* bullet-proofing */ 1293 } 1294 while (argc-- > 0) { 1295 tmp = argv[argc]; 1296 if (!tmp) { 1297 fprintf(stderr, "VFS: argc is wrong"); 1298 exit(-1); 1299 } 1300 tmp1 = tmp; 1301 while (*tmp++); 1302 len = tmp - tmp1; 1303 if (p < len) { /* this shouldn't happen - 128kB */ 1304 return 0; 1305 } 1306 while (len) { 1307 --p; --tmp; --len; 1308 if (--offset < 0) { 1309 offset = p % TARGET_PAGE_SIZE; 1310 pag = (char *)page[p/TARGET_PAGE_SIZE]; 1311 if (!pag) { 1312 pag = g_try_malloc0(TARGET_PAGE_SIZE); 1313 page[p/TARGET_PAGE_SIZE] = pag; 1314 if (!pag) 1315 return 0; 1316 } 1317 } 1318 if (len == 0 || offset == 0) { 1319 *(pag + offset) = *tmp; 1320 } 1321 else { 1322 int bytes_to_copy = (len > offset) ? offset : len; 1323 tmp -= bytes_to_copy; 1324 p -= bytes_to_copy; 1325 offset -= bytes_to_copy; 1326 len -= bytes_to_copy; 1327 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1); 1328 } 1329 } 1330 } 1331 return p; 1332 } 1333 1334 static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm, 1335 struct image_info *info) 1336 { 1337 abi_ulong stack_base, size, error, guard; 1338 int i; 1339 1340 /* Create enough stack to hold everything. If we don't use 1341 it for args, we'll use it for something else. */ 1342 size = guest_stack_size; 1343 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE) { 1344 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1345 } 1346 guard = TARGET_PAGE_SIZE; 1347 if (guard < qemu_real_host_page_size) { 1348 guard = qemu_real_host_page_size; 1349 } 1350 1351 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1352 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1353 if (error == -1) { 1354 perror("mmap stack"); 1355 exit(-1); 1356 } 1357 1358 /* We reserve one extra page at the top of the stack as guard. */ 1359 target_mprotect(error, guard, PROT_NONE); 1360 1361 info->stack_limit = error + guard; 1362 stack_base = info->stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE; 1363 p += stack_base; 1364 1365 for (i = 0 ; i < MAX_ARG_PAGES ; i++) { 1366 if (bprm->page[i]) { 1367 info->rss++; 1368 /* FIXME - check return value of memcpy_to_target() for failure */ 1369 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE); 1370 g_free(bprm->page[i]); 1371 } 1372 stack_base += TARGET_PAGE_SIZE; 1373 } 1374 return p; 1375 } 1376 1377 /* Map and zero the bss. We need to explicitly zero any fractional pages 1378 after the data section (i.e. bss). */ 1379 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1380 { 1381 uintptr_t host_start, host_map_start, host_end; 1382 1383 last_bss = TARGET_PAGE_ALIGN(last_bss); 1384 1385 /* ??? There is confusion between qemu_real_host_page_size and 1386 qemu_host_page_size here and elsewhere in target_mmap, which 1387 may lead to the end of the data section mapping from the file 1388 not being mapped. At least there was an explicit test and 1389 comment for that here, suggesting that "the file size must 1390 be known". The comment probably pre-dates the introduction 1391 of the fstat system call in target_mmap which does in fact 1392 find out the size. What isn't clear is if the workaround 1393 here is still actually needed. For now, continue with it, 1394 but merge it with the "normal" mmap that would allocate the bss. */ 1395 1396 host_start = (uintptr_t) g2h(elf_bss); 1397 host_end = (uintptr_t) g2h(last_bss); 1398 host_map_start = (host_start + qemu_real_host_page_size - 1); 1399 host_map_start &= -qemu_real_host_page_size; 1400 1401 if (host_map_start < host_end) { 1402 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1403 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1404 if (p == MAP_FAILED) { 1405 perror("cannot mmap brk"); 1406 exit(-1); 1407 } 1408 1409 /* Since we didn't use target_mmap, make sure to record 1410 the validity of the pages with qemu. */ 1411 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot|PAGE_VALID); 1412 } 1413 1414 if (host_start < host_map_start) { 1415 memset((void *)host_start, 0, host_map_start - host_start); 1416 } 1417 } 1418 1419 #ifdef CONFIG_USE_FDPIC 1420 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1421 { 1422 uint16_t n; 1423 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1424 1425 /* elf32_fdpic_loadseg */ 1426 n = info->nsegs; 1427 while (n--) { 1428 sp -= 12; 1429 put_user_u32(loadsegs[n].addr, sp+0); 1430 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1431 put_user_u32(loadsegs[n].p_memsz, sp+8); 1432 } 1433 1434 /* elf32_fdpic_loadmap */ 1435 sp -= 4; 1436 put_user_u16(0, sp+0); /* version */ 1437 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1438 1439 info->personality = PER_LINUX_FDPIC; 1440 info->loadmap_addr = sp; 1441 1442 return sp; 1443 } 1444 #endif 1445 1446 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1447 struct elfhdr *exec, 1448 struct image_info *info, 1449 struct image_info *interp_info) 1450 { 1451 abi_ulong sp; 1452 abi_ulong sp_auxv; 1453 int size; 1454 int i; 1455 abi_ulong u_rand_bytes; 1456 uint8_t k_rand_bytes[16]; 1457 abi_ulong u_platform; 1458 const char *k_platform; 1459 const int n = sizeof(elf_addr_t); 1460 1461 sp = p; 1462 1463 #ifdef CONFIG_USE_FDPIC 1464 /* Needs to be before we load the env/argc/... */ 1465 if (elf_is_fdpic(exec)) { 1466 /* Need 4 byte alignment for these structs */ 1467 sp &= ~3; 1468 sp = loader_build_fdpic_loadmap(info, sp); 1469 info->other_info = interp_info; 1470 if (interp_info) { 1471 interp_info->other_info = info; 1472 sp = loader_build_fdpic_loadmap(interp_info, sp); 1473 } 1474 } 1475 #endif 1476 1477 u_platform = 0; 1478 k_platform = ELF_PLATFORM; 1479 if (k_platform) { 1480 size_t len = strlen(k_platform) + 1; 1481 sp -= (len + n - 1) & ~(n - 1); 1482 u_platform = sp; 1483 /* FIXME - check return value of memcpy_to_target() for failure */ 1484 memcpy_to_target(sp, k_platform, len); 1485 } 1486 1487 /* 1488 * Generate 16 random bytes for userspace PRNG seeding (not 1489 * cryptically secure but it's not the aim of QEMU). 1490 */ 1491 srand((unsigned int) time(NULL)); 1492 for (i = 0; i < 16; i++) { 1493 k_rand_bytes[i] = rand(); 1494 } 1495 sp -= 16; 1496 u_rand_bytes = sp; 1497 /* FIXME - check return value of memcpy_to_target() for failure */ 1498 memcpy_to_target(sp, k_rand_bytes, 16); 1499 1500 /* 1501 * Force 16 byte _final_ alignment here for generality. 1502 */ 1503 sp = sp &~ (abi_ulong)15; 1504 size = (DLINFO_ITEMS + 1) * 2; 1505 if (k_platform) 1506 size += 2; 1507 #ifdef DLINFO_ARCH_ITEMS 1508 size += DLINFO_ARCH_ITEMS * 2; 1509 #endif 1510 #ifdef ELF_HWCAP2 1511 size += 2; 1512 #endif 1513 size += envc + argc + 2; 1514 size += 1; /* argc itself */ 1515 size *= n; 1516 if (size & 15) 1517 sp -= 16 - (size & 15); 1518 1519 /* This is correct because Linux defines 1520 * elf_addr_t as Elf32_Off / Elf64_Off 1521 */ 1522 #define NEW_AUX_ENT(id, val) do { \ 1523 sp -= n; put_user_ual(val, sp); \ 1524 sp -= n; put_user_ual(id, sp); \ 1525 } while(0) 1526 1527 sp_auxv = sp; 1528 NEW_AUX_ENT (AT_NULL, 0); 1529 1530 /* There must be exactly DLINFO_ITEMS entries here. */ 1531 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1532 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1533 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1534 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 1535 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1536 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1537 NEW_AUX_ENT(AT_ENTRY, info->entry); 1538 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1539 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1540 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1541 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1542 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1543 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1544 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 1545 1546 #ifdef ELF_HWCAP2 1547 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 1548 #endif 1549 1550 if (k_platform) 1551 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1552 #ifdef ARCH_DLINFO 1553 /* 1554 * ARCH_DLINFO must come last so platform specific code can enforce 1555 * special alignment requirements on the AUXV if necessary (eg. PPC). 1556 */ 1557 ARCH_DLINFO; 1558 #endif 1559 #undef NEW_AUX_ENT 1560 1561 info->saved_auxv = sp; 1562 info->auxv_len = sp_auxv - sp; 1563 1564 sp = loader_build_argptr(envc, argc, sp, p, 0); 1565 /* Check the right amount of stack was allocated for auxvec, envp & argv. */ 1566 assert(sp_auxv - sp == size); 1567 return sp; 1568 } 1569 1570 #ifndef TARGET_HAS_VALIDATE_GUEST_SPACE 1571 /* If the guest doesn't have a validation function just agree */ 1572 static int validate_guest_space(unsigned long guest_base, 1573 unsigned long guest_size) 1574 { 1575 return 1; 1576 } 1577 #endif 1578 1579 unsigned long init_guest_space(unsigned long host_start, 1580 unsigned long host_size, 1581 unsigned long guest_start, 1582 bool fixed) 1583 { 1584 unsigned long current_start, real_start; 1585 int flags; 1586 1587 assert(host_start || host_size); 1588 1589 /* If just a starting address is given, then just verify that 1590 * address. */ 1591 if (host_start && !host_size) { 1592 if (validate_guest_space(host_start, host_size) == 1) { 1593 return host_start; 1594 } else { 1595 return (unsigned long)-1; 1596 } 1597 } 1598 1599 /* Setup the initial flags and start address. */ 1600 current_start = host_start & qemu_host_page_mask; 1601 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 1602 if (fixed) { 1603 flags |= MAP_FIXED; 1604 } 1605 1606 /* Otherwise, a non-zero size region of memory needs to be mapped 1607 * and validated. */ 1608 while (1) { 1609 unsigned long real_size = host_size; 1610 1611 /* Do not use mmap_find_vma here because that is limited to the 1612 * guest address space. We are going to make the 1613 * guest address space fit whatever we're given. 1614 */ 1615 real_start = (unsigned long) 1616 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0); 1617 if (real_start == (unsigned long)-1) { 1618 return (unsigned long)-1; 1619 } 1620 1621 /* Ensure the address is properly aligned. */ 1622 if (real_start & ~qemu_host_page_mask) { 1623 munmap((void *)real_start, host_size); 1624 real_size = host_size + qemu_host_page_size; 1625 real_start = (unsigned long) 1626 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0); 1627 if (real_start == (unsigned long)-1) { 1628 return (unsigned long)-1; 1629 } 1630 real_start = HOST_PAGE_ALIGN(real_start); 1631 } 1632 1633 /* Check to see if the address is valid. */ 1634 if (!host_start || real_start == current_start) { 1635 int valid = validate_guest_space(real_start - guest_start, 1636 real_size); 1637 if (valid == 1) { 1638 break; 1639 } else if (valid == -1) { 1640 return (unsigned long)-1; 1641 } 1642 /* valid == 0, so try again. */ 1643 } 1644 1645 /* That address didn't work. Unmap and try a different one. 1646 * The address the host picked because is typically right at 1647 * the top of the host address space and leaves the guest with 1648 * no usable address space. Resort to a linear search. We 1649 * already compensated for mmap_min_addr, so this should not 1650 * happen often. Probably means we got unlucky and host 1651 * address space randomization put a shared library somewhere 1652 * inconvenient. 1653 */ 1654 munmap((void *)real_start, host_size); 1655 current_start += qemu_host_page_size; 1656 if (host_start == current_start) { 1657 /* Theoretically possible if host doesn't have any suitably 1658 * aligned areas. Normally the first mmap will fail. 1659 */ 1660 return (unsigned long)-1; 1661 } 1662 } 1663 1664 qemu_log("Reserved 0x%lx bytes of guest address space\n", host_size); 1665 1666 return real_start; 1667 } 1668 1669 static void probe_guest_base(const char *image_name, 1670 abi_ulong loaddr, abi_ulong hiaddr) 1671 { 1672 /* Probe for a suitable guest base address, if the user has not set 1673 * it explicitly, and set guest_base appropriately. 1674 * In case of error we will print a suitable message and exit. 1675 */ 1676 #if defined(CONFIG_USE_GUEST_BASE) 1677 const char *errmsg; 1678 if (!have_guest_base && !reserved_va) { 1679 unsigned long host_start, real_start, host_size; 1680 1681 /* Round addresses to page boundaries. */ 1682 loaddr &= qemu_host_page_mask; 1683 hiaddr = HOST_PAGE_ALIGN(hiaddr); 1684 1685 if (loaddr < mmap_min_addr) { 1686 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 1687 } else { 1688 host_start = loaddr; 1689 if (host_start != loaddr) { 1690 errmsg = "Address overflow loading ELF binary"; 1691 goto exit_errmsg; 1692 } 1693 } 1694 host_size = hiaddr - loaddr; 1695 1696 /* Setup the initial guest memory space with ranges gleaned from 1697 * the ELF image that is being loaded. 1698 */ 1699 real_start = init_guest_space(host_start, host_size, loaddr, false); 1700 if (real_start == (unsigned long)-1) { 1701 errmsg = "Unable to find space for application"; 1702 goto exit_errmsg; 1703 } 1704 guest_base = real_start - loaddr; 1705 1706 qemu_log("Relocating guest address space from 0x" 1707 TARGET_ABI_FMT_lx " to 0x%lx\n", 1708 loaddr, real_start); 1709 } 1710 return; 1711 1712 exit_errmsg: 1713 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1714 exit(-1); 1715 #endif 1716 } 1717 1718 1719 /* Load an ELF image into the address space. 1720 1721 IMAGE_NAME is the filename of the image, to use in error messages. 1722 IMAGE_FD is the open file descriptor for the image. 1723 1724 BPRM_BUF is a copy of the beginning of the file; this of course 1725 contains the elf file header at offset 0. It is assumed that this 1726 buffer is sufficiently aligned to present no problems to the host 1727 in accessing data at aligned offsets within the buffer. 1728 1729 On return: INFO values will be filled in, as necessary or available. */ 1730 1731 static void load_elf_image(const char *image_name, int image_fd, 1732 struct image_info *info, char **pinterp_name, 1733 char bprm_buf[BPRM_BUF_SIZE]) 1734 { 1735 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 1736 struct elf_phdr *phdr; 1737 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 1738 int i, retval; 1739 const char *errmsg; 1740 1741 /* First of all, some simple consistency checks */ 1742 errmsg = "Invalid ELF image for this architecture"; 1743 if (!elf_check_ident(ehdr)) { 1744 goto exit_errmsg; 1745 } 1746 bswap_ehdr(ehdr); 1747 if (!elf_check_ehdr(ehdr)) { 1748 goto exit_errmsg; 1749 } 1750 1751 i = ehdr->e_phnum * sizeof(struct elf_phdr); 1752 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 1753 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 1754 } else { 1755 phdr = (struct elf_phdr *) alloca(i); 1756 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 1757 if (retval != i) { 1758 goto exit_read; 1759 } 1760 } 1761 bswap_phdr(phdr, ehdr->e_phnum); 1762 1763 #ifdef CONFIG_USE_FDPIC 1764 info->nsegs = 0; 1765 info->pt_dynamic_addr = 0; 1766 #endif 1767 1768 /* Find the maximum size of the image and allocate an appropriate 1769 amount of memory to handle that. */ 1770 loaddr = -1, hiaddr = 0; 1771 for (i = 0; i < ehdr->e_phnum; ++i) { 1772 if (phdr[i].p_type == PT_LOAD) { 1773 abi_ulong a = phdr[i].p_vaddr; 1774 if (a < loaddr) { 1775 loaddr = a; 1776 } 1777 a += phdr[i].p_memsz; 1778 if (a > hiaddr) { 1779 hiaddr = a; 1780 } 1781 #ifdef CONFIG_USE_FDPIC 1782 ++info->nsegs; 1783 #endif 1784 } 1785 } 1786 1787 load_addr = loaddr; 1788 if (ehdr->e_type == ET_DYN) { 1789 /* The image indicates that it can be loaded anywhere. Find a 1790 location that can hold the memory space required. If the 1791 image is pre-linked, LOADDR will be non-zero. Since we do 1792 not supply MAP_FIXED here we'll use that address if and 1793 only if it remains available. */ 1794 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 1795 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 1796 -1, 0); 1797 if (load_addr == -1) { 1798 goto exit_perror; 1799 } 1800 } else if (pinterp_name != NULL) { 1801 /* This is the main executable. Make sure that the low 1802 address does not conflict with MMAP_MIN_ADDR or the 1803 QEMU application itself. */ 1804 probe_guest_base(image_name, loaddr, hiaddr); 1805 } 1806 load_bias = load_addr - loaddr; 1807 1808 #ifdef CONFIG_USE_FDPIC 1809 { 1810 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 1811 g_malloc(sizeof(*loadsegs) * info->nsegs); 1812 1813 for (i = 0; i < ehdr->e_phnum; ++i) { 1814 switch (phdr[i].p_type) { 1815 case PT_DYNAMIC: 1816 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 1817 break; 1818 case PT_LOAD: 1819 loadsegs->addr = phdr[i].p_vaddr + load_bias; 1820 loadsegs->p_vaddr = phdr[i].p_vaddr; 1821 loadsegs->p_memsz = phdr[i].p_memsz; 1822 ++loadsegs; 1823 break; 1824 } 1825 } 1826 } 1827 #endif 1828 1829 info->load_bias = load_bias; 1830 info->load_addr = load_addr; 1831 info->entry = ehdr->e_entry + load_bias; 1832 info->start_code = -1; 1833 info->end_code = 0; 1834 info->start_data = -1; 1835 info->end_data = 0; 1836 info->brk = 0; 1837 info->elf_flags = ehdr->e_flags; 1838 1839 for (i = 0; i < ehdr->e_phnum; i++) { 1840 struct elf_phdr *eppnt = phdr + i; 1841 if (eppnt->p_type == PT_LOAD) { 1842 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 1843 int elf_prot = 0; 1844 1845 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 1846 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 1847 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 1848 1849 vaddr = load_bias + eppnt->p_vaddr; 1850 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 1851 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 1852 1853 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 1854 elf_prot, MAP_PRIVATE | MAP_FIXED, 1855 image_fd, eppnt->p_offset - vaddr_po); 1856 if (error == -1) { 1857 goto exit_perror; 1858 } 1859 1860 vaddr_ef = vaddr + eppnt->p_filesz; 1861 vaddr_em = vaddr + eppnt->p_memsz; 1862 1863 /* If the load segment requests extra zeros (e.g. bss), map it. */ 1864 if (vaddr_ef < vaddr_em) { 1865 zero_bss(vaddr_ef, vaddr_em, elf_prot); 1866 } 1867 1868 /* Find the full program boundaries. */ 1869 if (elf_prot & PROT_EXEC) { 1870 if (vaddr < info->start_code) { 1871 info->start_code = vaddr; 1872 } 1873 if (vaddr_ef > info->end_code) { 1874 info->end_code = vaddr_ef; 1875 } 1876 } 1877 if (elf_prot & PROT_WRITE) { 1878 if (vaddr < info->start_data) { 1879 info->start_data = vaddr; 1880 } 1881 if (vaddr_ef > info->end_data) { 1882 info->end_data = vaddr_ef; 1883 } 1884 if (vaddr_em > info->brk) { 1885 info->brk = vaddr_em; 1886 } 1887 } 1888 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 1889 char *interp_name; 1890 1891 if (*pinterp_name) { 1892 errmsg = "Multiple PT_INTERP entries"; 1893 goto exit_errmsg; 1894 } 1895 interp_name = malloc(eppnt->p_filesz); 1896 if (!interp_name) { 1897 goto exit_perror; 1898 } 1899 1900 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 1901 memcpy(interp_name, bprm_buf + eppnt->p_offset, 1902 eppnt->p_filesz); 1903 } else { 1904 retval = pread(image_fd, interp_name, eppnt->p_filesz, 1905 eppnt->p_offset); 1906 if (retval != eppnt->p_filesz) { 1907 goto exit_perror; 1908 } 1909 } 1910 if (interp_name[eppnt->p_filesz - 1] != 0) { 1911 errmsg = "Invalid PT_INTERP entry"; 1912 goto exit_errmsg; 1913 } 1914 *pinterp_name = interp_name; 1915 } 1916 } 1917 1918 if (info->end_data == 0) { 1919 info->start_data = info->end_code; 1920 info->end_data = info->end_code; 1921 info->brk = info->end_code; 1922 } 1923 1924 if (qemu_log_enabled()) { 1925 load_symbols(ehdr, image_fd, load_bias); 1926 } 1927 1928 close(image_fd); 1929 return; 1930 1931 exit_read: 1932 if (retval >= 0) { 1933 errmsg = "Incomplete read of file header"; 1934 goto exit_errmsg; 1935 } 1936 exit_perror: 1937 errmsg = strerror(errno); 1938 exit_errmsg: 1939 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1940 exit(-1); 1941 } 1942 1943 static void load_elf_interp(const char *filename, struct image_info *info, 1944 char bprm_buf[BPRM_BUF_SIZE]) 1945 { 1946 int fd, retval; 1947 1948 fd = open(path(filename), O_RDONLY); 1949 if (fd < 0) { 1950 goto exit_perror; 1951 } 1952 1953 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 1954 if (retval < 0) { 1955 goto exit_perror; 1956 } 1957 if (retval < BPRM_BUF_SIZE) { 1958 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 1959 } 1960 1961 load_elf_image(filename, fd, info, NULL, bprm_buf); 1962 return; 1963 1964 exit_perror: 1965 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 1966 exit(-1); 1967 } 1968 1969 static int symfind(const void *s0, const void *s1) 1970 { 1971 target_ulong addr = *(target_ulong *)s0; 1972 struct elf_sym *sym = (struct elf_sym *)s1; 1973 int result = 0; 1974 if (addr < sym->st_value) { 1975 result = -1; 1976 } else if (addr >= sym->st_value + sym->st_size) { 1977 result = 1; 1978 } 1979 return result; 1980 } 1981 1982 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 1983 { 1984 #if ELF_CLASS == ELFCLASS32 1985 struct elf_sym *syms = s->disas_symtab.elf32; 1986 #else 1987 struct elf_sym *syms = s->disas_symtab.elf64; 1988 #endif 1989 1990 // binary search 1991 struct elf_sym *sym; 1992 1993 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 1994 if (sym != NULL) { 1995 return s->disas_strtab + sym->st_name; 1996 } 1997 1998 return ""; 1999 } 2000 2001 /* FIXME: This should use elf_ops.h */ 2002 static int symcmp(const void *s0, const void *s1) 2003 { 2004 struct elf_sym *sym0 = (struct elf_sym *)s0; 2005 struct elf_sym *sym1 = (struct elf_sym *)s1; 2006 return (sym0->st_value < sym1->st_value) 2007 ? -1 2008 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 2009 } 2010 2011 /* Best attempt to load symbols from this ELF object. */ 2012 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 2013 { 2014 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 2015 struct elf_shdr *shdr; 2016 char *strings = NULL; 2017 struct syminfo *s = NULL; 2018 struct elf_sym *new_syms, *syms = NULL; 2019 2020 shnum = hdr->e_shnum; 2021 i = shnum * sizeof(struct elf_shdr); 2022 shdr = (struct elf_shdr *)alloca(i); 2023 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 2024 return; 2025 } 2026 2027 bswap_shdr(shdr, shnum); 2028 for (i = 0; i < shnum; ++i) { 2029 if (shdr[i].sh_type == SHT_SYMTAB) { 2030 sym_idx = i; 2031 str_idx = shdr[i].sh_link; 2032 goto found; 2033 } 2034 } 2035 2036 /* There will be no symbol table if the file was stripped. */ 2037 return; 2038 2039 found: 2040 /* Now know where the strtab and symtab are. Snarf them. */ 2041 s = malloc(sizeof(*s)); 2042 if (!s) { 2043 goto give_up; 2044 } 2045 2046 i = shdr[str_idx].sh_size; 2047 s->disas_strtab = strings = malloc(i); 2048 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) { 2049 goto give_up; 2050 } 2051 2052 i = shdr[sym_idx].sh_size; 2053 syms = malloc(i); 2054 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) { 2055 goto give_up; 2056 } 2057 2058 nsyms = i / sizeof(struct elf_sym); 2059 for (i = 0; i < nsyms; ) { 2060 bswap_sym(syms + i); 2061 /* Throw away entries which we do not need. */ 2062 if (syms[i].st_shndx == SHN_UNDEF 2063 || syms[i].st_shndx >= SHN_LORESERVE 2064 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 2065 if (i < --nsyms) { 2066 syms[i] = syms[nsyms]; 2067 } 2068 } else { 2069 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 2070 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 2071 syms[i].st_value &= ~(target_ulong)1; 2072 #endif 2073 syms[i].st_value += load_bias; 2074 i++; 2075 } 2076 } 2077 2078 /* No "useful" symbol. */ 2079 if (nsyms == 0) { 2080 goto give_up; 2081 } 2082 2083 /* Attempt to free the storage associated with the local symbols 2084 that we threw away. Whether or not this has any effect on the 2085 memory allocation depends on the malloc implementation and how 2086 many symbols we managed to discard. */ 2087 new_syms = realloc(syms, nsyms * sizeof(*syms)); 2088 if (new_syms == NULL) { 2089 goto give_up; 2090 } 2091 syms = new_syms; 2092 2093 qsort(syms, nsyms, sizeof(*syms), symcmp); 2094 2095 s->disas_num_syms = nsyms; 2096 #if ELF_CLASS == ELFCLASS32 2097 s->disas_symtab.elf32 = syms; 2098 #else 2099 s->disas_symtab.elf64 = syms; 2100 #endif 2101 s->lookup_symbol = lookup_symbolxx; 2102 s->next = syminfos; 2103 syminfos = s; 2104 2105 return; 2106 2107 give_up: 2108 free(s); 2109 free(strings); 2110 free(syms); 2111 } 2112 2113 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 2114 { 2115 struct image_info interp_info; 2116 struct elfhdr elf_ex; 2117 char *elf_interpreter = NULL; 2118 2119 info->start_mmap = (abi_ulong)ELF_START_MMAP; 2120 info->mmap = 0; 2121 info->rss = 0; 2122 2123 load_elf_image(bprm->filename, bprm->fd, info, 2124 &elf_interpreter, bprm->buf); 2125 2126 /* ??? We need a copy of the elf header for passing to create_elf_tables. 2127 If we do nothing, we'll have overwritten this when we re-use bprm->buf 2128 when we load the interpreter. */ 2129 elf_ex = *(struct elfhdr *)bprm->buf; 2130 2131 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p); 2132 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p); 2133 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p); 2134 if (!bprm->p) { 2135 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 2136 exit(-1); 2137 } 2138 2139 /* Do this so that we can load the interpreter, if need be. We will 2140 change some of these later */ 2141 bprm->p = setup_arg_pages(bprm->p, bprm, info); 2142 2143 if (elf_interpreter) { 2144 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 2145 2146 /* If the program interpreter is one of these two, then assume 2147 an iBCS2 image. Otherwise assume a native linux image. */ 2148 2149 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 2150 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 2151 info->personality = PER_SVR4; 2152 2153 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 2154 and some applications "depend" upon this behavior. Since 2155 we do not have the power to recompile these, we emulate 2156 the SVr4 behavior. Sigh. */ 2157 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 2158 MAP_FIXED | MAP_PRIVATE, -1, 0); 2159 } 2160 } 2161 2162 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 2163 info, (elf_interpreter ? &interp_info : NULL)); 2164 info->start_stack = bprm->p; 2165 2166 /* If we have an interpreter, set that as the program's entry point. 2167 Copy the load_bias as well, to help PPC64 interpret the entry 2168 point as a function descriptor. Do this after creating elf tables 2169 so that we copy the original program entry point into the AUXV. */ 2170 if (elf_interpreter) { 2171 info->load_bias = interp_info.load_bias; 2172 info->entry = interp_info.entry; 2173 free(elf_interpreter); 2174 } 2175 2176 #ifdef USE_ELF_CORE_DUMP 2177 bprm->core_dump = &elf_core_dump; 2178 #endif 2179 2180 return 0; 2181 } 2182 2183 #ifdef USE_ELF_CORE_DUMP 2184 /* 2185 * Definitions to generate Intel SVR4-like core files. 2186 * These mostly have the same names as the SVR4 types with "target_elf_" 2187 * tacked on the front to prevent clashes with linux definitions, 2188 * and the typedef forms have been avoided. This is mostly like 2189 * the SVR4 structure, but more Linuxy, with things that Linux does 2190 * not support and which gdb doesn't really use excluded. 2191 * 2192 * Fields we don't dump (their contents is zero) in linux-user qemu 2193 * are marked with XXX. 2194 * 2195 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 2196 * 2197 * Porting ELF coredump for target is (quite) simple process. First you 2198 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 2199 * the target resides): 2200 * 2201 * #define USE_ELF_CORE_DUMP 2202 * 2203 * Next you define type of register set used for dumping. ELF specification 2204 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 2205 * 2206 * typedef <target_regtype> target_elf_greg_t; 2207 * #define ELF_NREG <number of registers> 2208 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 2209 * 2210 * Last step is to implement target specific function that copies registers 2211 * from given cpu into just specified register set. Prototype is: 2212 * 2213 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 2214 * const CPUArchState *env); 2215 * 2216 * Parameters: 2217 * regs - copy register values into here (allocated and zeroed by caller) 2218 * env - copy registers from here 2219 * 2220 * Example for ARM target is provided in this file. 2221 */ 2222 2223 /* An ELF note in memory */ 2224 struct memelfnote { 2225 const char *name; 2226 size_t namesz; 2227 size_t namesz_rounded; 2228 int type; 2229 size_t datasz; 2230 size_t datasz_rounded; 2231 void *data; 2232 size_t notesz; 2233 }; 2234 2235 struct target_elf_siginfo { 2236 abi_int si_signo; /* signal number */ 2237 abi_int si_code; /* extra code */ 2238 abi_int si_errno; /* errno */ 2239 }; 2240 2241 struct target_elf_prstatus { 2242 struct target_elf_siginfo pr_info; /* Info associated with signal */ 2243 abi_short pr_cursig; /* Current signal */ 2244 abi_ulong pr_sigpend; /* XXX */ 2245 abi_ulong pr_sighold; /* XXX */ 2246 target_pid_t pr_pid; 2247 target_pid_t pr_ppid; 2248 target_pid_t pr_pgrp; 2249 target_pid_t pr_sid; 2250 struct target_timeval pr_utime; /* XXX User time */ 2251 struct target_timeval pr_stime; /* XXX System time */ 2252 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 2253 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 2254 target_elf_gregset_t pr_reg; /* GP registers */ 2255 abi_int pr_fpvalid; /* XXX */ 2256 }; 2257 2258 #define ELF_PRARGSZ (80) /* Number of chars for args */ 2259 2260 struct target_elf_prpsinfo { 2261 char pr_state; /* numeric process state */ 2262 char pr_sname; /* char for pr_state */ 2263 char pr_zomb; /* zombie */ 2264 char pr_nice; /* nice val */ 2265 abi_ulong pr_flag; /* flags */ 2266 target_uid_t pr_uid; 2267 target_gid_t pr_gid; 2268 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 2269 /* Lots missing */ 2270 char pr_fname[16]; /* filename of executable */ 2271 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 2272 }; 2273 2274 /* Here is the structure in which status of each thread is captured. */ 2275 struct elf_thread_status { 2276 QTAILQ_ENTRY(elf_thread_status) ets_link; 2277 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 2278 #if 0 2279 elf_fpregset_t fpu; /* NT_PRFPREG */ 2280 struct task_struct *thread; 2281 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 2282 #endif 2283 struct memelfnote notes[1]; 2284 int num_notes; 2285 }; 2286 2287 struct elf_note_info { 2288 struct memelfnote *notes; 2289 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 2290 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 2291 2292 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list; 2293 #if 0 2294 /* 2295 * Current version of ELF coredump doesn't support 2296 * dumping fp regs etc. 2297 */ 2298 elf_fpregset_t *fpu; 2299 elf_fpxregset_t *xfpu; 2300 int thread_status_size; 2301 #endif 2302 int notes_size; 2303 int numnote; 2304 }; 2305 2306 struct vm_area_struct { 2307 abi_ulong vma_start; /* start vaddr of memory region */ 2308 abi_ulong vma_end; /* end vaddr of memory region */ 2309 abi_ulong vma_flags; /* protection etc. flags for the region */ 2310 QTAILQ_ENTRY(vm_area_struct) vma_link; 2311 }; 2312 2313 struct mm_struct { 2314 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 2315 int mm_count; /* number of mappings */ 2316 }; 2317 2318 static struct mm_struct *vma_init(void); 2319 static void vma_delete(struct mm_struct *); 2320 static int vma_add_mapping(struct mm_struct *, abi_ulong, 2321 abi_ulong, abi_ulong); 2322 static int vma_get_mapping_count(const struct mm_struct *); 2323 static struct vm_area_struct *vma_first(const struct mm_struct *); 2324 static struct vm_area_struct *vma_next(struct vm_area_struct *); 2325 static abi_ulong vma_dump_size(const struct vm_area_struct *); 2326 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 2327 unsigned long flags); 2328 2329 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 2330 static void fill_note(struct memelfnote *, const char *, int, 2331 unsigned int, void *); 2332 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 2333 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 2334 static void fill_auxv_note(struct memelfnote *, const TaskState *); 2335 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 2336 static size_t note_size(const struct memelfnote *); 2337 static void free_note_info(struct elf_note_info *); 2338 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 2339 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 2340 static int core_dump_filename(const TaskState *, char *, size_t); 2341 2342 static int dump_write(int, const void *, size_t); 2343 static int write_note(struct memelfnote *, int); 2344 static int write_note_info(struct elf_note_info *, int); 2345 2346 #ifdef BSWAP_NEEDED 2347 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 2348 { 2349 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 2350 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 2351 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 2352 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 2353 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 2354 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 2355 prstatus->pr_pid = tswap32(prstatus->pr_pid); 2356 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 2357 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 2358 prstatus->pr_sid = tswap32(prstatus->pr_sid); 2359 /* cpu times are not filled, so we skip them */ 2360 /* regs should be in correct format already */ 2361 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 2362 } 2363 2364 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 2365 { 2366 psinfo->pr_flag = tswapal(psinfo->pr_flag); 2367 psinfo->pr_uid = tswap16(psinfo->pr_uid); 2368 psinfo->pr_gid = tswap16(psinfo->pr_gid); 2369 psinfo->pr_pid = tswap32(psinfo->pr_pid); 2370 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 2371 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 2372 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2373 } 2374 2375 static void bswap_note(struct elf_note *en) 2376 { 2377 bswap32s(&en->n_namesz); 2378 bswap32s(&en->n_descsz); 2379 bswap32s(&en->n_type); 2380 } 2381 #else 2382 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2383 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2384 static inline void bswap_note(struct elf_note *en) { } 2385 #endif /* BSWAP_NEEDED */ 2386 2387 /* 2388 * Minimal support for linux memory regions. These are needed 2389 * when we are finding out what memory exactly belongs to 2390 * emulated process. No locks needed here, as long as 2391 * thread that received the signal is stopped. 2392 */ 2393 2394 static struct mm_struct *vma_init(void) 2395 { 2396 struct mm_struct *mm; 2397 2398 if ((mm = g_malloc(sizeof (*mm))) == NULL) 2399 return (NULL); 2400 2401 mm->mm_count = 0; 2402 QTAILQ_INIT(&mm->mm_mmap); 2403 2404 return (mm); 2405 } 2406 2407 static void vma_delete(struct mm_struct *mm) 2408 { 2409 struct vm_area_struct *vma; 2410 2411 while ((vma = vma_first(mm)) != NULL) { 2412 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 2413 g_free(vma); 2414 } 2415 g_free(mm); 2416 } 2417 2418 static int vma_add_mapping(struct mm_struct *mm, abi_ulong start, 2419 abi_ulong end, abi_ulong flags) 2420 { 2421 struct vm_area_struct *vma; 2422 2423 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 2424 return (-1); 2425 2426 vma->vma_start = start; 2427 vma->vma_end = end; 2428 vma->vma_flags = flags; 2429 2430 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 2431 mm->mm_count++; 2432 2433 return (0); 2434 } 2435 2436 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 2437 { 2438 return (QTAILQ_FIRST(&mm->mm_mmap)); 2439 } 2440 2441 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 2442 { 2443 return (QTAILQ_NEXT(vma, vma_link)); 2444 } 2445 2446 static int vma_get_mapping_count(const struct mm_struct *mm) 2447 { 2448 return (mm->mm_count); 2449 } 2450 2451 /* 2452 * Calculate file (dump) size of given memory region. 2453 */ 2454 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 2455 { 2456 /* if we cannot even read the first page, skip it */ 2457 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 2458 return (0); 2459 2460 /* 2461 * Usually we don't dump executable pages as they contain 2462 * non-writable code that debugger can read directly from 2463 * target library etc. However, thread stacks are marked 2464 * also executable so we read in first page of given region 2465 * and check whether it contains elf header. If there is 2466 * no elf header, we dump it. 2467 */ 2468 if (vma->vma_flags & PROT_EXEC) { 2469 char page[TARGET_PAGE_SIZE]; 2470 2471 copy_from_user(page, vma->vma_start, sizeof (page)); 2472 if ((page[EI_MAG0] == ELFMAG0) && 2473 (page[EI_MAG1] == ELFMAG1) && 2474 (page[EI_MAG2] == ELFMAG2) && 2475 (page[EI_MAG3] == ELFMAG3)) { 2476 /* 2477 * Mappings are possibly from ELF binary. Don't dump 2478 * them. 2479 */ 2480 return (0); 2481 } 2482 } 2483 2484 return (vma->vma_end - vma->vma_start); 2485 } 2486 2487 static int vma_walker(void *priv, abi_ulong start, abi_ulong end, 2488 unsigned long flags) 2489 { 2490 struct mm_struct *mm = (struct mm_struct *)priv; 2491 2492 vma_add_mapping(mm, start, end, flags); 2493 return (0); 2494 } 2495 2496 static void fill_note(struct memelfnote *note, const char *name, int type, 2497 unsigned int sz, void *data) 2498 { 2499 unsigned int namesz; 2500 2501 namesz = strlen(name) + 1; 2502 note->name = name; 2503 note->namesz = namesz; 2504 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 2505 note->type = type; 2506 note->datasz = sz; 2507 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 2508 2509 note->data = data; 2510 2511 /* 2512 * We calculate rounded up note size here as specified by 2513 * ELF document. 2514 */ 2515 note->notesz = sizeof (struct elf_note) + 2516 note->namesz_rounded + note->datasz_rounded; 2517 } 2518 2519 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 2520 uint32_t flags) 2521 { 2522 (void) memset(elf, 0, sizeof(*elf)); 2523 2524 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 2525 elf->e_ident[EI_CLASS] = ELF_CLASS; 2526 elf->e_ident[EI_DATA] = ELF_DATA; 2527 elf->e_ident[EI_VERSION] = EV_CURRENT; 2528 elf->e_ident[EI_OSABI] = ELF_OSABI; 2529 2530 elf->e_type = ET_CORE; 2531 elf->e_machine = machine; 2532 elf->e_version = EV_CURRENT; 2533 elf->e_phoff = sizeof(struct elfhdr); 2534 elf->e_flags = flags; 2535 elf->e_ehsize = sizeof(struct elfhdr); 2536 elf->e_phentsize = sizeof(struct elf_phdr); 2537 elf->e_phnum = segs; 2538 2539 bswap_ehdr(elf); 2540 } 2541 2542 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 2543 { 2544 phdr->p_type = PT_NOTE; 2545 phdr->p_offset = offset; 2546 phdr->p_vaddr = 0; 2547 phdr->p_paddr = 0; 2548 phdr->p_filesz = sz; 2549 phdr->p_memsz = 0; 2550 phdr->p_flags = 0; 2551 phdr->p_align = 0; 2552 2553 bswap_phdr(phdr, 1); 2554 } 2555 2556 static size_t note_size(const struct memelfnote *note) 2557 { 2558 return (note->notesz); 2559 } 2560 2561 static void fill_prstatus(struct target_elf_prstatus *prstatus, 2562 const TaskState *ts, int signr) 2563 { 2564 (void) memset(prstatus, 0, sizeof (*prstatus)); 2565 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 2566 prstatus->pr_pid = ts->ts_tid; 2567 prstatus->pr_ppid = getppid(); 2568 prstatus->pr_pgrp = getpgrp(); 2569 prstatus->pr_sid = getsid(0); 2570 2571 bswap_prstatus(prstatus); 2572 } 2573 2574 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 2575 { 2576 char *base_filename; 2577 unsigned int i, len; 2578 2579 (void) memset(psinfo, 0, sizeof (*psinfo)); 2580 2581 len = ts->info->arg_end - ts->info->arg_start; 2582 if (len >= ELF_PRARGSZ) 2583 len = ELF_PRARGSZ - 1; 2584 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 2585 return -EFAULT; 2586 for (i = 0; i < len; i++) 2587 if (psinfo->pr_psargs[i] == 0) 2588 psinfo->pr_psargs[i] = ' '; 2589 psinfo->pr_psargs[len] = 0; 2590 2591 psinfo->pr_pid = getpid(); 2592 psinfo->pr_ppid = getppid(); 2593 psinfo->pr_pgrp = getpgrp(); 2594 psinfo->pr_sid = getsid(0); 2595 psinfo->pr_uid = getuid(); 2596 psinfo->pr_gid = getgid(); 2597 2598 base_filename = g_path_get_basename(ts->bprm->filename); 2599 /* 2600 * Using strncpy here is fine: at max-length, 2601 * this field is not NUL-terminated. 2602 */ 2603 (void) strncpy(psinfo->pr_fname, base_filename, 2604 sizeof(psinfo->pr_fname)); 2605 2606 g_free(base_filename); 2607 bswap_psinfo(psinfo); 2608 return (0); 2609 } 2610 2611 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 2612 { 2613 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 2614 elf_addr_t orig_auxv = auxv; 2615 void *ptr; 2616 int len = ts->info->auxv_len; 2617 2618 /* 2619 * Auxiliary vector is stored in target process stack. It contains 2620 * {type, value} pairs that we need to dump into note. This is not 2621 * strictly necessary but we do it here for sake of completeness. 2622 */ 2623 2624 /* read in whole auxv vector and copy it to memelfnote */ 2625 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 2626 if (ptr != NULL) { 2627 fill_note(note, "CORE", NT_AUXV, len, ptr); 2628 unlock_user(ptr, auxv, len); 2629 } 2630 } 2631 2632 /* 2633 * Constructs name of coredump file. We have following convention 2634 * for the name: 2635 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 2636 * 2637 * Returns 0 in case of success, -1 otherwise (errno is set). 2638 */ 2639 static int core_dump_filename(const TaskState *ts, char *buf, 2640 size_t bufsize) 2641 { 2642 char timestamp[64]; 2643 char *filename = NULL; 2644 char *base_filename = NULL; 2645 struct timeval tv; 2646 struct tm tm; 2647 2648 assert(bufsize >= PATH_MAX); 2649 2650 if (gettimeofday(&tv, NULL) < 0) { 2651 (void) fprintf(stderr, "unable to get current timestamp: %s", 2652 strerror(errno)); 2653 return (-1); 2654 } 2655 2656 filename = strdup(ts->bprm->filename); 2657 base_filename = strdup(basename(filename)); 2658 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 2659 localtime_r(&tv.tv_sec, &tm)); 2660 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 2661 base_filename, timestamp, (int)getpid()); 2662 free(base_filename); 2663 free(filename); 2664 2665 return (0); 2666 } 2667 2668 static int dump_write(int fd, const void *ptr, size_t size) 2669 { 2670 const char *bufp = (const char *)ptr; 2671 ssize_t bytes_written, bytes_left; 2672 struct rlimit dumpsize; 2673 off_t pos; 2674 2675 bytes_written = 0; 2676 getrlimit(RLIMIT_CORE, &dumpsize); 2677 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 2678 if (errno == ESPIPE) { /* not a seekable stream */ 2679 bytes_left = size; 2680 } else { 2681 return pos; 2682 } 2683 } else { 2684 if (dumpsize.rlim_cur <= pos) { 2685 return -1; 2686 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 2687 bytes_left = size; 2688 } else { 2689 size_t limit_left=dumpsize.rlim_cur - pos; 2690 bytes_left = limit_left >= size ? size : limit_left ; 2691 } 2692 } 2693 2694 /* 2695 * In normal conditions, single write(2) should do but 2696 * in case of socket etc. this mechanism is more portable. 2697 */ 2698 do { 2699 bytes_written = write(fd, bufp, bytes_left); 2700 if (bytes_written < 0) { 2701 if (errno == EINTR) 2702 continue; 2703 return (-1); 2704 } else if (bytes_written == 0) { /* eof */ 2705 return (-1); 2706 } 2707 bufp += bytes_written; 2708 bytes_left -= bytes_written; 2709 } while (bytes_left > 0); 2710 2711 return (0); 2712 } 2713 2714 static int write_note(struct memelfnote *men, int fd) 2715 { 2716 struct elf_note en; 2717 2718 en.n_namesz = men->namesz; 2719 en.n_type = men->type; 2720 en.n_descsz = men->datasz; 2721 2722 bswap_note(&en); 2723 2724 if (dump_write(fd, &en, sizeof(en)) != 0) 2725 return (-1); 2726 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 2727 return (-1); 2728 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 2729 return (-1); 2730 2731 return (0); 2732 } 2733 2734 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 2735 { 2736 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2737 TaskState *ts = (TaskState *)cpu->opaque; 2738 struct elf_thread_status *ets; 2739 2740 ets = g_malloc0(sizeof (*ets)); 2741 ets->num_notes = 1; /* only prstatus is dumped */ 2742 fill_prstatus(&ets->prstatus, ts, 0); 2743 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 2744 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 2745 &ets->prstatus); 2746 2747 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 2748 2749 info->notes_size += note_size(&ets->notes[0]); 2750 } 2751 2752 static void init_note_info(struct elf_note_info *info) 2753 { 2754 /* Initialize the elf_note_info structure so that it is at 2755 * least safe to call free_note_info() on it. Must be 2756 * called before calling fill_note_info(). 2757 */ 2758 memset(info, 0, sizeof (*info)); 2759 QTAILQ_INIT(&info->thread_list); 2760 } 2761 2762 static int fill_note_info(struct elf_note_info *info, 2763 long signr, const CPUArchState *env) 2764 { 2765 #define NUMNOTES 3 2766 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2767 TaskState *ts = (TaskState *)cpu->opaque; 2768 int i; 2769 2770 info->notes = g_malloc0(NUMNOTES * sizeof (struct memelfnote)); 2771 if (info->notes == NULL) 2772 return (-ENOMEM); 2773 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 2774 if (info->prstatus == NULL) 2775 return (-ENOMEM); 2776 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 2777 if (info->prstatus == NULL) 2778 return (-ENOMEM); 2779 2780 /* 2781 * First fill in status (and registers) of current thread 2782 * including process info & aux vector. 2783 */ 2784 fill_prstatus(info->prstatus, ts, signr); 2785 elf_core_copy_regs(&info->prstatus->pr_reg, env); 2786 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 2787 sizeof (*info->prstatus), info->prstatus); 2788 fill_psinfo(info->psinfo, ts); 2789 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 2790 sizeof (*info->psinfo), info->psinfo); 2791 fill_auxv_note(&info->notes[2], ts); 2792 info->numnote = 3; 2793 2794 info->notes_size = 0; 2795 for (i = 0; i < info->numnote; i++) 2796 info->notes_size += note_size(&info->notes[i]); 2797 2798 /* read and fill status of all threads */ 2799 cpu_list_lock(); 2800 CPU_FOREACH(cpu) { 2801 if (cpu == thread_cpu) { 2802 continue; 2803 } 2804 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 2805 } 2806 cpu_list_unlock(); 2807 2808 return (0); 2809 } 2810 2811 static void free_note_info(struct elf_note_info *info) 2812 { 2813 struct elf_thread_status *ets; 2814 2815 while (!QTAILQ_EMPTY(&info->thread_list)) { 2816 ets = QTAILQ_FIRST(&info->thread_list); 2817 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 2818 g_free(ets); 2819 } 2820 2821 g_free(info->prstatus); 2822 g_free(info->psinfo); 2823 g_free(info->notes); 2824 } 2825 2826 static int write_note_info(struct elf_note_info *info, int fd) 2827 { 2828 struct elf_thread_status *ets; 2829 int i, error = 0; 2830 2831 /* write prstatus, psinfo and auxv for current thread */ 2832 for (i = 0; i < info->numnote; i++) 2833 if ((error = write_note(&info->notes[i], fd)) != 0) 2834 return (error); 2835 2836 /* write prstatus for each thread */ 2837 for (ets = info->thread_list.tqh_first; ets != NULL; 2838 ets = ets->ets_link.tqe_next) { 2839 if ((error = write_note(&ets->notes[0], fd)) != 0) 2840 return (error); 2841 } 2842 2843 return (0); 2844 } 2845 2846 /* 2847 * Write out ELF coredump. 2848 * 2849 * See documentation of ELF object file format in: 2850 * http://www.caldera.com/developers/devspecs/gabi41.pdf 2851 * 2852 * Coredump format in linux is following: 2853 * 2854 * 0 +----------------------+ \ 2855 * | ELF header | ET_CORE | 2856 * +----------------------+ | 2857 * | ELF program headers | |--- headers 2858 * | - NOTE section | | 2859 * | - PT_LOAD sections | | 2860 * +----------------------+ / 2861 * | NOTEs: | 2862 * | - NT_PRSTATUS | 2863 * | - NT_PRSINFO | 2864 * | - NT_AUXV | 2865 * +----------------------+ <-- aligned to target page 2866 * | Process memory dump | 2867 * : : 2868 * . . 2869 * : : 2870 * | | 2871 * +----------------------+ 2872 * 2873 * NT_PRSTATUS -> struct elf_prstatus (per thread) 2874 * NT_PRSINFO -> struct elf_prpsinfo 2875 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 2876 * 2877 * Format follows System V format as close as possible. Current 2878 * version limitations are as follows: 2879 * - no floating point registers are dumped 2880 * 2881 * Function returns 0 in case of success, negative errno otherwise. 2882 * 2883 * TODO: make this work also during runtime: it should be 2884 * possible to force coredump from running process and then 2885 * continue processing. For example qemu could set up SIGUSR2 2886 * handler (provided that target process haven't registered 2887 * handler for that) that does the dump when signal is received. 2888 */ 2889 static int elf_core_dump(int signr, const CPUArchState *env) 2890 { 2891 const CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2892 const TaskState *ts = (const TaskState *)cpu->opaque; 2893 struct vm_area_struct *vma = NULL; 2894 char corefile[PATH_MAX]; 2895 struct elf_note_info info; 2896 struct elfhdr elf; 2897 struct elf_phdr phdr; 2898 struct rlimit dumpsize; 2899 struct mm_struct *mm = NULL; 2900 off_t offset = 0, data_offset = 0; 2901 int segs = 0; 2902 int fd = -1; 2903 2904 init_note_info(&info); 2905 2906 errno = 0; 2907 getrlimit(RLIMIT_CORE, &dumpsize); 2908 if (dumpsize.rlim_cur == 0) 2909 return 0; 2910 2911 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 2912 return (-errno); 2913 2914 if ((fd = open(corefile, O_WRONLY | O_CREAT, 2915 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 2916 return (-errno); 2917 2918 /* 2919 * Walk through target process memory mappings and 2920 * set up structure containing this information. After 2921 * this point vma_xxx functions can be used. 2922 */ 2923 if ((mm = vma_init()) == NULL) 2924 goto out; 2925 2926 walk_memory_regions(mm, vma_walker); 2927 segs = vma_get_mapping_count(mm); 2928 2929 /* 2930 * Construct valid coredump ELF header. We also 2931 * add one more segment for notes. 2932 */ 2933 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 2934 if (dump_write(fd, &elf, sizeof (elf)) != 0) 2935 goto out; 2936 2937 /* fill in in-memory version of notes */ 2938 if (fill_note_info(&info, signr, env) < 0) 2939 goto out; 2940 2941 offset += sizeof (elf); /* elf header */ 2942 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 2943 2944 /* write out notes program header */ 2945 fill_elf_note_phdr(&phdr, info.notes_size, offset); 2946 2947 offset += info.notes_size; 2948 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 2949 goto out; 2950 2951 /* 2952 * ELF specification wants data to start at page boundary so 2953 * we align it here. 2954 */ 2955 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 2956 2957 /* 2958 * Write program headers for memory regions mapped in 2959 * the target process. 2960 */ 2961 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 2962 (void) memset(&phdr, 0, sizeof (phdr)); 2963 2964 phdr.p_type = PT_LOAD; 2965 phdr.p_offset = offset; 2966 phdr.p_vaddr = vma->vma_start; 2967 phdr.p_paddr = 0; 2968 phdr.p_filesz = vma_dump_size(vma); 2969 offset += phdr.p_filesz; 2970 phdr.p_memsz = vma->vma_end - vma->vma_start; 2971 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 2972 if (vma->vma_flags & PROT_WRITE) 2973 phdr.p_flags |= PF_W; 2974 if (vma->vma_flags & PROT_EXEC) 2975 phdr.p_flags |= PF_X; 2976 phdr.p_align = ELF_EXEC_PAGESIZE; 2977 2978 bswap_phdr(&phdr, 1); 2979 dump_write(fd, &phdr, sizeof (phdr)); 2980 } 2981 2982 /* 2983 * Next we write notes just after program headers. No 2984 * alignment needed here. 2985 */ 2986 if (write_note_info(&info, fd) < 0) 2987 goto out; 2988 2989 /* align data to page boundary */ 2990 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 2991 goto out; 2992 2993 /* 2994 * Finally we can dump process memory into corefile as well. 2995 */ 2996 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 2997 abi_ulong addr; 2998 abi_ulong end; 2999 3000 end = vma->vma_start + vma_dump_size(vma); 3001 3002 for (addr = vma->vma_start; addr < end; 3003 addr += TARGET_PAGE_SIZE) { 3004 char page[TARGET_PAGE_SIZE]; 3005 int error; 3006 3007 /* 3008 * Read in page from target process memory and 3009 * write it to coredump file. 3010 */ 3011 error = copy_from_user(page, addr, sizeof (page)); 3012 if (error != 0) { 3013 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 3014 addr); 3015 errno = -error; 3016 goto out; 3017 } 3018 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 3019 goto out; 3020 } 3021 } 3022 3023 out: 3024 free_note_info(&info); 3025 if (mm != NULL) 3026 vma_delete(mm); 3027 (void) close(fd); 3028 3029 if (errno != 0) 3030 return (-errno); 3031 return (0); 3032 } 3033 #endif /* USE_ELF_CORE_DUMP */ 3034 3035 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 3036 { 3037 init_thread(regs, infop); 3038 } 3039