1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include "qemu/osdep.h" 3 #include <sys/param.h> 4 5 #include <sys/resource.h> 6 7 #include "qemu.h" 8 #include "disas/disas.h" 9 #include "qemu/path.h" 10 11 #ifdef _ARCH_PPC64 12 #undef ARCH_DLINFO 13 #undef ELF_PLATFORM 14 #undef ELF_HWCAP 15 #undef ELF_HWCAP2 16 #undef ELF_CLASS 17 #undef ELF_DATA 18 #undef ELF_ARCH 19 #endif 20 21 #define ELF_OSABI ELFOSABI_SYSV 22 23 /* from personality.h */ 24 25 /* 26 * Flags for bug emulation. 27 * 28 * These occupy the top three bytes. 29 */ 30 enum { 31 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 32 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 33 descriptors (signal handling) */ 34 MMAP_PAGE_ZERO = 0x0100000, 35 ADDR_COMPAT_LAYOUT = 0x0200000, 36 READ_IMPLIES_EXEC = 0x0400000, 37 ADDR_LIMIT_32BIT = 0x0800000, 38 SHORT_INODE = 0x1000000, 39 WHOLE_SECONDS = 0x2000000, 40 STICKY_TIMEOUTS = 0x4000000, 41 ADDR_LIMIT_3GB = 0x8000000, 42 }; 43 44 /* 45 * Personality types. 46 * 47 * These go in the low byte. Avoid using the top bit, it will 48 * conflict with error returns. 49 */ 50 enum { 51 PER_LINUX = 0x0000, 52 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 53 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 54 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 55 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 56 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 57 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 58 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 59 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 60 PER_BSD = 0x0006, 61 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 62 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 63 PER_LINUX32 = 0x0008, 64 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 65 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 66 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 67 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 68 PER_RISCOS = 0x000c, 69 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 70 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 71 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 72 PER_HPUX = 0x0010, 73 PER_MASK = 0x00ff, 74 }; 75 76 /* 77 * Return the base personality without flags. 78 */ 79 #define personality(pers) (pers & PER_MASK) 80 81 int info_is_fdpic(struct image_info *info) 82 { 83 return info->personality == PER_LINUX_FDPIC; 84 } 85 86 /* this flag is uneffective under linux too, should be deleted */ 87 #ifndef MAP_DENYWRITE 88 #define MAP_DENYWRITE 0 89 #endif 90 91 /* should probably go in elf.h */ 92 #ifndef ELIBBAD 93 #define ELIBBAD 80 94 #endif 95 96 #ifdef TARGET_WORDS_BIGENDIAN 97 #define ELF_DATA ELFDATA2MSB 98 #else 99 #define ELF_DATA ELFDATA2LSB 100 #endif 101 102 #ifdef TARGET_ABI_MIPSN32 103 typedef abi_ullong target_elf_greg_t; 104 #define tswapreg(ptr) tswap64(ptr) 105 #else 106 typedef abi_ulong target_elf_greg_t; 107 #define tswapreg(ptr) tswapal(ptr) 108 #endif 109 110 #ifdef USE_UID16 111 typedef abi_ushort target_uid_t; 112 typedef abi_ushort target_gid_t; 113 #else 114 typedef abi_uint target_uid_t; 115 typedef abi_uint target_gid_t; 116 #endif 117 typedef abi_int target_pid_t; 118 119 #ifdef TARGET_I386 120 121 #define ELF_PLATFORM get_elf_platform() 122 123 static const char *get_elf_platform(void) 124 { 125 static char elf_platform[] = "i386"; 126 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 127 if (family > 6) 128 family = 6; 129 if (family >= 3) 130 elf_platform[1] = '0' + family; 131 return elf_platform; 132 } 133 134 #define ELF_HWCAP get_elf_hwcap() 135 136 static uint32_t get_elf_hwcap(void) 137 { 138 X86CPU *cpu = X86_CPU(thread_cpu); 139 140 return cpu->env.features[FEAT_1_EDX]; 141 } 142 143 #ifdef TARGET_X86_64 144 #define ELF_START_MMAP 0x2aaaaab000ULL 145 146 #define ELF_CLASS ELFCLASS64 147 #define ELF_ARCH EM_X86_64 148 149 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 150 { 151 regs->rax = 0; 152 regs->rsp = infop->start_stack; 153 regs->rip = infop->entry; 154 } 155 156 #define ELF_NREG 27 157 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 158 159 /* 160 * Note that ELF_NREG should be 29 as there should be place for 161 * TRAPNO and ERR "registers" as well but linux doesn't dump 162 * those. 163 * 164 * See linux kernel: arch/x86/include/asm/elf.h 165 */ 166 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 167 { 168 (*regs)[0] = env->regs[15]; 169 (*regs)[1] = env->regs[14]; 170 (*regs)[2] = env->regs[13]; 171 (*regs)[3] = env->regs[12]; 172 (*regs)[4] = env->regs[R_EBP]; 173 (*regs)[5] = env->regs[R_EBX]; 174 (*regs)[6] = env->regs[11]; 175 (*regs)[7] = env->regs[10]; 176 (*regs)[8] = env->regs[9]; 177 (*regs)[9] = env->regs[8]; 178 (*regs)[10] = env->regs[R_EAX]; 179 (*regs)[11] = env->regs[R_ECX]; 180 (*regs)[12] = env->regs[R_EDX]; 181 (*regs)[13] = env->regs[R_ESI]; 182 (*regs)[14] = env->regs[R_EDI]; 183 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 184 (*regs)[16] = env->eip; 185 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 186 (*regs)[18] = env->eflags; 187 (*regs)[19] = env->regs[R_ESP]; 188 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 189 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 190 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 191 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 192 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 193 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 194 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 195 } 196 197 #else 198 199 #define ELF_START_MMAP 0x80000000 200 201 /* 202 * This is used to ensure we don't load something for the wrong architecture. 203 */ 204 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 205 206 /* 207 * These are used to set parameters in the core dumps. 208 */ 209 #define ELF_CLASS ELFCLASS32 210 #define ELF_ARCH EM_386 211 212 static inline void init_thread(struct target_pt_regs *regs, 213 struct image_info *infop) 214 { 215 regs->esp = infop->start_stack; 216 regs->eip = infop->entry; 217 218 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 219 starts %edx contains a pointer to a function which might be 220 registered using `atexit'. This provides a mean for the 221 dynamic linker to call DT_FINI functions for shared libraries 222 that have been loaded before the code runs. 223 224 A value of 0 tells we have no such handler. */ 225 regs->edx = 0; 226 } 227 228 #define ELF_NREG 17 229 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 230 231 /* 232 * Note that ELF_NREG should be 19 as there should be place for 233 * TRAPNO and ERR "registers" as well but linux doesn't dump 234 * those. 235 * 236 * See linux kernel: arch/x86/include/asm/elf.h 237 */ 238 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 239 { 240 (*regs)[0] = env->regs[R_EBX]; 241 (*regs)[1] = env->regs[R_ECX]; 242 (*regs)[2] = env->regs[R_EDX]; 243 (*regs)[3] = env->regs[R_ESI]; 244 (*regs)[4] = env->regs[R_EDI]; 245 (*regs)[5] = env->regs[R_EBP]; 246 (*regs)[6] = env->regs[R_EAX]; 247 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 248 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 249 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 250 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 251 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 252 (*regs)[12] = env->eip; 253 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 254 (*regs)[14] = env->eflags; 255 (*regs)[15] = env->regs[R_ESP]; 256 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 257 } 258 #endif 259 260 #define USE_ELF_CORE_DUMP 261 #define ELF_EXEC_PAGESIZE 4096 262 263 #endif 264 265 #ifdef TARGET_ARM 266 267 #ifndef TARGET_AARCH64 268 /* 32 bit ARM definitions */ 269 270 #define ELF_START_MMAP 0x80000000 271 272 #define ELF_ARCH EM_ARM 273 #define ELF_CLASS ELFCLASS32 274 275 static inline void init_thread(struct target_pt_regs *regs, 276 struct image_info *infop) 277 { 278 abi_long stack = infop->start_stack; 279 memset(regs, 0, sizeof(*regs)); 280 281 regs->uregs[16] = ARM_CPU_MODE_USR; 282 if (infop->entry & 1) { 283 regs->uregs[16] |= CPSR_T; 284 } 285 regs->uregs[15] = infop->entry & 0xfffffffe; 286 regs->uregs[13] = infop->start_stack; 287 /* FIXME - what to for failure of get_user()? */ 288 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 289 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 290 /* XXX: it seems that r0 is zeroed after ! */ 291 regs->uregs[0] = 0; 292 /* For uClinux PIC binaries. */ 293 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 294 regs->uregs[10] = infop->start_data; 295 296 /* Support ARM FDPIC. */ 297 if (info_is_fdpic(infop)) { 298 /* As described in the ABI document, r7 points to the loadmap info 299 * prepared by the kernel. If an interpreter is needed, r8 points 300 * to the interpreter loadmap and r9 points to the interpreter 301 * PT_DYNAMIC info. If no interpreter is needed, r8 is zero, and 302 * r9 points to the main program PT_DYNAMIC info. 303 */ 304 regs->uregs[7] = infop->loadmap_addr; 305 if (infop->interpreter_loadmap_addr) { 306 /* Executable is dynamically loaded. */ 307 regs->uregs[8] = infop->interpreter_loadmap_addr; 308 regs->uregs[9] = infop->interpreter_pt_dynamic_addr; 309 } else { 310 regs->uregs[8] = 0; 311 regs->uregs[9] = infop->pt_dynamic_addr; 312 } 313 } 314 } 315 316 #define ELF_NREG 18 317 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 318 319 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 320 { 321 (*regs)[0] = tswapreg(env->regs[0]); 322 (*regs)[1] = tswapreg(env->regs[1]); 323 (*regs)[2] = tswapreg(env->regs[2]); 324 (*regs)[3] = tswapreg(env->regs[3]); 325 (*regs)[4] = tswapreg(env->regs[4]); 326 (*regs)[5] = tswapreg(env->regs[5]); 327 (*regs)[6] = tswapreg(env->regs[6]); 328 (*regs)[7] = tswapreg(env->regs[7]); 329 (*regs)[8] = tswapreg(env->regs[8]); 330 (*regs)[9] = tswapreg(env->regs[9]); 331 (*regs)[10] = tswapreg(env->regs[10]); 332 (*regs)[11] = tswapreg(env->regs[11]); 333 (*regs)[12] = tswapreg(env->regs[12]); 334 (*regs)[13] = tswapreg(env->regs[13]); 335 (*regs)[14] = tswapreg(env->regs[14]); 336 (*regs)[15] = tswapreg(env->regs[15]); 337 338 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 339 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 340 } 341 342 #define USE_ELF_CORE_DUMP 343 #define ELF_EXEC_PAGESIZE 4096 344 345 enum 346 { 347 ARM_HWCAP_ARM_SWP = 1 << 0, 348 ARM_HWCAP_ARM_HALF = 1 << 1, 349 ARM_HWCAP_ARM_THUMB = 1 << 2, 350 ARM_HWCAP_ARM_26BIT = 1 << 3, 351 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 352 ARM_HWCAP_ARM_FPA = 1 << 5, 353 ARM_HWCAP_ARM_VFP = 1 << 6, 354 ARM_HWCAP_ARM_EDSP = 1 << 7, 355 ARM_HWCAP_ARM_JAVA = 1 << 8, 356 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 357 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 358 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 359 ARM_HWCAP_ARM_NEON = 1 << 12, 360 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 361 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 362 ARM_HWCAP_ARM_TLS = 1 << 15, 363 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 364 ARM_HWCAP_ARM_IDIVA = 1 << 17, 365 ARM_HWCAP_ARM_IDIVT = 1 << 18, 366 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 367 ARM_HWCAP_ARM_LPAE = 1 << 20, 368 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 369 }; 370 371 enum { 372 ARM_HWCAP2_ARM_AES = 1 << 0, 373 ARM_HWCAP2_ARM_PMULL = 1 << 1, 374 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 375 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 376 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 377 }; 378 379 /* The commpage only exists for 32 bit kernels */ 380 381 /* Return 1 if the proposed guest space is suitable for the guest. 382 * Return 0 if the proposed guest space isn't suitable, but another 383 * address space should be tried. 384 * Return -1 if there is no way the proposed guest space can be 385 * valid regardless of the base. 386 * The guest code may leave a page mapped and populate it if the 387 * address is suitable. 388 */ 389 static int init_guest_commpage(unsigned long guest_base, 390 unsigned long guest_size) 391 { 392 unsigned long real_start, test_page_addr; 393 394 /* We need to check that we can force a fault on access to the 395 * commpage at 0xffff0fxx 396 */ 397 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask); 398 399 /* If the commpage lies within the already allocated guest space, 400 * then there is no way we can allocate it. 401 * 402 * You may be thinking that that this check is redundant because 403 * we already validated the guest size against MAX_RESERVED_VA; 404 * but if qemu_host_page_mask is unusually large, then 405 * test_page_addr may be lower. 406 */ 407 if (test_page_addr >= guest_base 408 && test_page_addr < (guest_base + guest_size)) { 409 return -1; 410 } 411 412 /* Note it needs to be writeable to let us initialise it */ 413 real_start = (unsigned long) 414 mmap((void *)test_page_addr, qemu_host_page_size, 415 PROT_READ | PROT_WRITE, 416 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 417 418 /* If we can't map it then try another address */ 419 if (real_start == -1ul) { 420 return 0; 421 } 422 423 if (real_start != test_page_addr) { 424 /* OS didn't put the page where we asked - unmap and reject */ 425 munmap((void *)real_start, qemu_host_page_size); 426 return 0; 427 } 428 429 /* Leave the page mapped 430 * Populate it (mmap should have left it all 0'd) 431 */ 432 433 /* Kernel helper versions */ 434 __put_user(5, (uint32_t *)g2h(0xffff0ffcul)); 435 436 /* Now it's populated make it RO */ 437 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) { 438 perror("Protecting guest commpage"); 439 exit(-1); 440 } 441 442 return 1; /* All good */ 443 } 444 445 #define ELF_HWCAP get_elf_hwcap() 446 #define ELF_HWCAP2 get_elf_hwcap2() 447 448 static uint32_t get_elf_hwcap(void) 449 { 450 ARMCPU *cpu = ARM_CPU(thread_cpu); 451 uint32_t hwcaps = 0; 452 453 hwcaps |= ARM_HWCAP_ARM_SWP; 454 hwcaps |= ARM_HWCAP_ARM_HALF; 455 hwcaps |= ARM_HWCAP_ARM_THUMB; 456 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 457 458 /* probe for the extra features */ 459 #define GET_FEATURE(feat, hwcap) \ 460 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 461 462 #define GET_FEATURE_ID(feat, hwcap) \ 463 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 464 465 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 466 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 467 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP); 468 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 469 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 470 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 471 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3); 472 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 473 GET_FEATURE(ARM_FEATURE_VFP4, ARM_HWCAP_ARM_VFPv4); 474 GET_FEATURE_ID(arm_div, ARM_HWCAP_ARM_IDIVA); 475 GET_FEATURE_ID(thumb_div, ARM_HWCAP_ARM_IDIVT); 476 /* All QEMU's VFPv3 CPUs have 32 registers, see VFP_DREG in translate.c. 477 * Note that the ARM_HWCAP_ARM_VFPv3D16 bit is always the inverse of 478 * ARM_HWCAP_ARM_VFPD32 (and so always clear for QEMU); it is unrelated 479 * to our VFP_FP16 feature bit. 480 */ 481 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPD32); 482 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 483 484 return hwcaps; 485 } 486 487 static uint32_t get_elf_hwcap2(void) 488 { 489 ARMCPU *cpu = ARM_CPU(thread_cpu); 490 uint32_t hwcaps = 0; 491 492 GET_FEATURE_ID(aa32_aes, ARM_HWCAP2_ARM_AES); 493 GET_FEATURE_ID(aa32_pmull, ARM_HWCAP2_ARM_PMULL); 494 GET_FEATURE_ID(aa32_sha1, ARM_HWCAP2_ARM_SHA1); 495 GET_FEATURE_ID(aa32_sha2, ARM_HWCAP2_ARM_SHA2); 496 GET_FEATURE_ID(aa32_crc32, ARM_HWCAP2_ARM_CRC32); 497 return hwcaps; 498 } 499 500 #undef GET_FEATURE 501 #undef GET_FEATURE_ID 502 503 #define ELF_PLATFORM get_elf_platform() 504 505 static const char *get_elf_platform(void) 506 { 507 CPUARMState *env = thread_cpu->env_ptr; 508 509 #ifdef TARGET_WORDS_BIGENDIAN 510 # define END "b" 511 #else 512 # define END "l" 513 #endif 514 515 if (arm_feature(env, ARM_FEATURE_V8)) { 516 return "v8" END; 517 } else if (arm_feature(env, ARM_FEATURE_V7)) { 518 if (arm_feature(env, ARM_FEATURE_M)) { 519 return "v7m" END; 520 } else { 521 return "v7" END; 522 } 523 } else if (arm_feature(env, ARM_FEATURE_V6)) { 524 return "v6" END; 525 } else if (arm_feature(env, ARM_FEATURE_V5)) { 526 return "v5" END; 527 } else { 528 return "v4" END; 529 } 530 531 #undef END 532 } 533 534 #else 535 /* 64 bit ARM definitions */ 536 #define ELF_START_MMAP 0x80000000 537 538 #define ELF_ARCH EM_AARCH64 539 #define ELF_CLASS ELFCLASS64 540 #ifdef TARGET_WORDS_BIGENDIAN 541 # define ELF_PLATFORM "aarch64_be" 542 #else 543 # define ELF_PLATFORM "aarch64" 544 #endif 545 546 static inline void init_thread(struct target_pt_regs *regs, 547 struct image_info *infop) 548 { 549 abi_long stack = infop->start_stack; 550 memset(regs, 0, sizeof(*regs)); 551 552 regs->pc = infop->entry & ~0x3ULL; 553 regs->sp = stack; 554 } 555 556 #define ELF_NREG 34 557 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 558 559 static void elf_core_copy_regs(target_elf_gregset_t *regs, 560 const CPUARMState *env) 561 { 562 int i; 563 564 for (i = 0; i < 32; i++) { 565 (*regs)[i] = tswapreg(env->xregs[i]); 566 } 567 (*regs)[32] = tswapreg(env->pc); 568 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 569 } 570 571 #define USE_ELF_CORE_DUMP 572 #define ELF_EXEC_PAGESIZE 4096 573 574 enum { 575 ARM_HWCAP_A64_FP = 1 << 0, 576 ARM_HWCAP_A64_ASIMD = 1 << 1, 577 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 578 ARM_HWCAP_A64_AES = 1 << 3, 579 ARM_HWCAP_A64_PMULL = 1 << 4, 580 ARM_HWCAP_A64_SHA1 = 1 << 5, 581 ARM_HWCAP_A64_SHA2 = 1 << 6, 582 ARM_HWCAP_A64_CRC32 = 1 << 7, 583 ARM_HWCAP_A64_ATOMICS = 1 << 8, 584 ARM_HWCAP_A64_FPHP = 1 << 9, 585 ARM_HWCAP_A64_ASIMDHP = 1 << 10, 586 ARM_HWCAP_A64_CPUID = 1 << 11, 587 ARM_HWCAP_A64_ASIMDRDM = 1 << 12, 588 ARM_HWCAP_A64_JSCVT = 1 << 13, 589 ARM_HWCAP_A64_FCMA = 1 << 14, 590 ARM_HWCAP_A64_LRCPC = 1 << 15, 591 ARM_HWCAP_A64_DCPOP = 1 << 16, 592 ARM_HWCAP_A64_SHA3 = 1 << 17, 593 ARM_HWCAP_A64_SM3 = 1 << 18, 594 ARM_HWCAP_A64_SM4 = 1 << 19, 595 ARM_HWCAP_A64_ASIMDDP = 1 << 20, 596 ARM_HWCAP_A64_SHA512 = 1 << 21, 597 ARM_HWCAP_A64_SVE = 1 << 22, 598 ARM_HWCAP_A64_ASIMDFHM = 1 << 23, 599 ARM_HWCAP_A64_DIT = 1 << 24, 600 ARM_HWCAP_A64_USCAT = 1 << 25, 601 ARM_HWCAP_A64_ILRCPC = 1 << 26, 602 ARM_HWCAP_A64_FLAGM = 1 << 27, 603 ARM_HWCAP_A64_SSBS = 1 << 28, 604 ARM_HWCAP_A64_SB = 1 << 29, 605 ARM_HWCAP_A64_PACA = 1 << 30, 606 ARM_HWCAP_A64_PACG = 1UL << 31, 607 }; 608 609 #define ELF_HWCAP get_elf_hwcap() 610 611 static uint32_t get_elf_hwcap(void) 612 { 613 ARMCPU *cpu = ARM_CPU(thread_cpu); 614 uint32_t hwcaps = 0; 615 616 hwcaps |= ARM_HWCAP_A64_FP; 617 hwcaps |= ARM_HWCAP_A64_ASIMD; 618 hwcaps |= ARM_HWCAP_A64_CPUID; 619 620 /* probe for the extra features */ 621 #define GET_FEATURE_ID(feat, hwcap) \ 622 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 623 624 GET_FEATURE_ID(aa64_aes, ARM_HWCAP_A64_AES); 625 GET_FEATURE_ID(aa64_pmull, ARM_HWCAP_A64_PMULL); 626 GET_FEATURE_ID(aa64_sha1, ARM_HWCAP_A64_SHA1); 627 GET_FEATURE_ID(aa64_sha256, ARM_HWCAP_A64_SHA2); 628 GET_FEATURE_ID(aa64_sha512, ARM_HWCAP_A64_SHA512); 629 GET_FEATURE_ID(aa64_crc32, ARM_HWCAP_A64_CRC32); 630 GET_FEATURE_ID(aa64_sha3, ARM_HWCAP_A64_SHA3); 631 GET_FEATURE_ID(aa64_sm3, ARM_HWCAP_A64_SM3); 632 GET_FEATURE_ID(aa64_sm4, ARM_HWCAP_A64_SM4); 633 GET_FEATURE_ID(aa64_fp16, ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP); 634 GET_FEATURE_ID(aa64_atomics, ARM_HWCAP_A64_ATOMICS); 635 GET_FEATURE_ID(aa64_rdm, ARM_HWCAP_A64_ASIMDRDM); 636 GET_FEATURE_ID(aa64_dp, ARM_HWCAP_A64_ASIMDDP); 637 GET_FEATURE_ID(aa64_fcma, ARM_HWCAP_A64_FCMA); 638 GET_FEATURE_ID(aa64_sve, ARM_HWCAP_A64_SVE); 639 GET_FEATURE_ID(aa64_pauth, ARM_HWCAP_A64_PACA | ARM_HWCAP_A64_PACG); 640 GET_FEATURE_ID(aa64_fhm, ARM_HWCAP_A64_ASIMDFHM); 641 GET_FEATURE_ID(aa64_jscvt, ARM_HWCAP_A64_JSCVT); 642 GET_FEATURE_ID(aa64_sb, ARM_HWCAP_A64_SB); 643 GET_FEATURE_ID(aa64_condm_4, ARM_HWCAP_A64_FLAGM); 644 645 #undef GET_FEATURE_ID 646 647 return hwcaps; 648 } 649 650 #endif /* not TARGET_AARCH64 */ 651 #endif /* TARGET_ARM */ 652 653 #ifdef TARGET_SPARC 654 #ifdef TARGET_SPARC64 655 656 #define ELF_START_MMAP 0x80000000 657 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 658 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 659 #ifndef TARGET_ABI32 660 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 661 #else 662 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 663 #endif 664 665 #define ELF_CLASS ELFCLASS64 666 #define ELF_ARCH EM_SPARCV9 667 668 #define STACK_BIAS 2047 669 670 static inline void init_thread(struct target_pt_regs *regs, 671 struct image_info *infop) 672 { 673 #ifndef TARGET_ABI32 674 regs->tstate = 0; 675 #endif 676 regs->pc = infop->entry; 677 regs->npc = regs->pc + 4; 678 regs->y = 0; 679 #ifdef TARGET_ABI32 680 regs->u_regs[14] = infop->start_stack - 16 * 4; 681 #else 682 if (personality(infop->personality) == PER_LINUX32) 683 regs->u_regs[14] = infop->start_stack - 16 * 4; 684 else 685 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 686 #endif 687 } 688 689 #else 690 #define ELF_START_MMAP 0x80000000 691 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 692 | HWCAP_SPARC_MULDIV) 693 694 #define ELF_CLASS ELFCLASS32 695 #define ELF_ARCH EM_SPARC 696 697 static inline void init_thread(struct target_pt_regs *regs, 698 struct image_info *infop) 699 { 700 regs->psr = 0; 701 regs->pc = infop->entry; 702 regs->npc = regs->pc + 4; 703 regs->y = 0; 704 regs->u_regs[14] = infop->start_stack - 16 * 4; 705 } 706 707 #endif 708 #endif 709 710 #ifdef TARGET_PPC 711 712 #define ELF_MACHINE PPC_ELF_MACHINE 713 #define ELF_START_MMAP 0x80000000 714 715 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 716 717 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 718 719 #define ELF_CLASS ELFCLASS64 720 721 #else 722 723 #define ELF_CLASS ELFCLASS32 724 725 #endif 726 727 #define ELF_ARCH EM_PPC 728 729 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 730 See arch/powerpc/include/asm/cputable.h. */ 731 enum { 732 QEMU_PPC_FEATURE_32 = 0x80000000, 733 QEMU_PPC_FEATURE_64 = 0x40000000, 734 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 735 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 736 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 737 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 738 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 739 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 740 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 741 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 742 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 743 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 744 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 745 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 746 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 747 QEMU_PPC_FEATURE_CELL = 0x00010000, 748 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 749 QEMU_PPC_FEATURE_SMT = 0x00004000, 750 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 751 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 752 QEMU_PPC_FEATURE_PA6T = 0x00000800, 753 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 754 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 755 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 756 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 757 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 758 759 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 760 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 761 762 /* Feature definitions in AT_HWCAP2. */ 763 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 764 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 765 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 766 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 767 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 768 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 769 QEMU_PPC_FEATURE2_ARCH_3_00 = 0x00800000, /* ISA 3.00 */ 770 }; 771 772 #define ELF_HWCAP get_elf_hwcap() 773 774 static uint32_t get_elf_hwcap(void) 775 { 776 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 777 uint32_t features = 0; 778 779 /* We don't have to be terribly complete here; the high points are 780 Altivec/FP/SPE support. Anything else is just a bonus. */ 781 #define GET_FEATURE(flag, feature) \ 782 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 783 #define GET_FEATURE2(flags, feature) \ 784 do { \ 785 if ((cpu->env.insns_flags2 & flags) == flags) { \ 786 features |= feature; \ 787 } \ 788 } while (0) 789 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 790 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 791 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 792 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 793 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 794 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 795 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 796 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 797 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 798 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 799 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 800 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 801 QEMU_PPC_FEATURE_ARCH_2_06); 802 #undef GET_FEATURE 803 #undef GET_FEATURE2 804 805 return features; 806 } 807 808 #define ELF_HWCAP2 get_elf_hwcap2() 809 810 static uint32_t get_elf_hwcap2(void) 811 { 812 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 813 uint32_t features = 0; 814 815 #define GET_FEATURE(flag, feature) \ 816 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 817 #define GET_FEATURE2(flag, feature) \ 818 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 819 820 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 821 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 822 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 823 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07); 824 GET_FEATURE2(PPC2_ISA300, QEMU_PPC_FEATURE2_ARCH_3_00); 825 826 #undef GET_FEATURE 827 #undef GET_FEATURE2 828 829 return features; 830 } 831 832 /* 833 * The requirements here are: 834 * - keep the final alignment of sp (sp & 0xf) 835 * - make sure the 32-bit value at the first 16 byte aligned position of 836 * AUXV is greater than 16 for glibc compatibility. 837 * AT_IGNOREPPC is used for that. 838 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 839 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 840 */ 841 #define DLINFO_ARCH_ITEMS 5 842 #define ARCH_DLINFO \ 843 do { \ 844 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 845 /* \ 846 * Handle glibc compatibility: these magic entries must \ 847 * be at the lowest addresses in the final auxv. \ 848 */ \ 849 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 850 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 851 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 852 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 853 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 854 } while (0) 855 856 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 857 { 858 _regs->gpr[1] = infop->start_stack; 859 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 860 if (get_ppc64_abi(infop) < 2) { 861 uint64_t val; 862 get_user_u64(val, infop->entry + 8); 863 _regs->gpr[2] = val + infop->load_bias; 864 get_user_u64(val, infop->entry); 865 infop->entry = val + infop->load_bias; 866 } else { 867 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 868 } 869 #endif 870 _regs->nip = infop->entry; 871 } 872 873 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 874 #define ELF_NREG 48 875 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 876 877 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 878 { 879 int i; 880 target_ulong ccr = 0; 881 882 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 883 (*regs)[i] = tswapreg(env->gpr[i]); 884 } 885 886 (*regs)[32] = tswapreg(env->nip); 887 (*regs)[33] = tswapreg(env->msr); 888 (*regs)[35] = tswapreg(env->ctr); 889 (*regs)[36] = tswapreg(env->lr); 890 (*regs)[37] = tswapreg(env->xer); 891 892 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 893 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 894 } 895 (*regs)[38] = tswapreg(ccr); 896 } 897 898 #define USE_ELF_CORE_DUMP 899 #define ELF_EXEC_PAGESIZE 4096 900 901 #endif 902 903 #ifdef TARGET_MIPS 904 905 #define ELF_START_MMAP 0x80000000 906 907 #ifdef TARGET_MIPS64 908 #define ELF_CLASS ELFCLASS64 909 #else 910 #define ELF_CLASS ELFCLASS32 911 #endif 912 #define ELF_ARCH EM_MIPS 913 914 #define elf_check_arch(x) ((x) == EM_MIPS || (x) == EM_NANOMIPS) 915 916 static inline void init_thread(struct target_pt_regs *regs, 917 struct image_info *infop) 918 { 919 regs->cp0_status = 2 << CP0St_KSU; 920 regs->cp0_epc = infop->entry; 921 regs->regs[29] = infop->start_stack; 922 } 923 924 /* See linux kernel: arch/mips/include/asm/elf.h. */ 925 #define ELF_NREG 45 926 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 927 928 /* See linux kernel: arch/mips/include/asm/reg.h. */ 929 enum { 930 #ifdef TARGET_MIPS64 931 TARGET_EF_R0 = 0, 932 #else 933 TARGET_EF_R0 = 6, 934 #endif 935 TARGET_EF_R26 = TARGET_EF_R0 + 26, 936 TARGET_EF_R27 = TARGET_EF_R0 + 27, 937 TARGET_EF_LO = TARGET_EF_R0 + 32, 938 TARGET_EF_HI = TARGET_EF_R0 + 33, 939 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 940 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 941 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 942 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 943 }; 944 945 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 946 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 947 { 948 int i; 949 950 for (i = 0; i < TARGET_EF_R0; i++) { 951 (*regs)[i] = 0; 952 } 953 (*regs)[TARGET_EF_R0] = 0; 954 955 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 956 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 957 } 958 959 (*regs)[TARGET_EF_R26] = 0; 960 (*regs)[TARGET_EF_R27] = 0; 961 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 962 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 963 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 964 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 965 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 966 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 967 } 968 969 #define USE_ELF_CORE_DUMP 970 #define ELF_EXEC_PAGESIZE 4096 971 972 /* See arch/mips/include/uapi/asm/hwcap.h. */ 973 enum { 974 HWCAP_MIPS_R6 = (1 << 0), 975 HWCAP_MIPS_MSA = (1 << 1), 976 }; 977 978 #define ELF_HWCAP get_elf_hwcap() 979 980 static uint32_t get_elf_hwcap(void) 981 { 982 MIPSCPU *cpu = MIPS_CPU(thread_cpu); 983 uint32_t hwcaps = 0; 984 985 #define GET_FEATURE(flag, hwcap) \ 986 do { if (cpu->env.insn_flags & (flag)) { hwcaps |= hwcap; } } while (0) 987 988 GET_FEATURE(ISA_MIPS32R6 | ISA_MIPS64R6, HWCAP_MIPS_R6); 989 GET_FEATURE(ASE_MSA, HWCAP_MIPS_MSA); 990 991 #undef GET_FEATURE 992 993 return hwcaps; 994 } 995 996 #endif /* TARGET_MIPS */ 997 998 #ifdef TARGET_MICROBLAZE 999 1000 #define ELF_START_MMAP 0x80000000 1001 1002 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 1003 1004 #define ELF_CLASS ELFCLASS32 1005 #define ELF_ARCH EM_MICROBLAZE 1006 1007 static inline void init_thread(struct target_pt_regs *regs, 1008 struct image_info *infop) 1009 { 1010 regs->pc = infop->entry; 1011 regs->r1 = infop->start_stack; 1012 1013 } 1014 1015 #define ELF_EXEC_PAGESIZE 4096 1016 1017 #define USE_ELF_CORE_DUMP 1018 #define ELF_NREG 38 1019 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1020 1021 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1022 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 1023 { 1024 int i, pos = 0; 1025 1026 for (i = 0; i < 32; i++) { 1027 (*regs)[pos++] = tswapreg(env->regs[i]); 1028 } 1029 1030 for (i = 0; i < 6; i++) { 1031 (*regs)[pos++] = tswapreg(env->sregs[i]); 1032 } 1033 } 1034 1035 #endif /* TARGET_MICROBLAZE */ 1036 1037 #ifdef TARGET_NIOS2 1038 1039 #define ELF_START_MMAP 0x80000000 1040 1041 #define elf_check_arch(x) ((x) == EM_ALTERA_NIOS2) 1042 1043 #define ELF_CLASS ELFCLASS32 1044 #define ELF_ARCH EM_ALTERA_NIOS2 1045 1046 static void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1047 { 1048 regs->ea = infop->entry; 1049 regs->sp = infop->start_stack; 1050 regs->estatus = 0x3; 1051 } 1052 1053 #define ELF_EXEC_PAGESIZE 4096 1054 1055 #define USE_ELF_CORE_DUMP 1056 #define ELF_NREG 49 1057 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1058 1059 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1060 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1061 const CPUNios2State *env) 1062 { 1063 int i; 1064 1065 (*regs)[0] = -1; 1066 for (i = 1; i < 8; i++) /* r0-r7 */ 1067 (*regs)[i] = tswapreg(env->regs[i + 7]); 1068 1069 for (i = 8; i < 16; i++) /* r8-r15 */ 1070 (*regs)[i] = tswapreg(env->regs[i - 8]); 1071 1072 for (i = 16; i < 24; i++) /* r16-r23 */ 1073 (*regs)[i] = tswapreg(env->regs[i + 7]); 1074 (*regs)[24] = -1; /* R_ET */ 1075 (*regs)[25] = -1; /* R_BT */ 1076 (*regs)[26] = tswapreg(env->regs[R_GP]); 1077 (*regs)[27] = tswapreg(env->regs[R_SP]); 1078 (*regs)[28] = tswapreg(env->regs[R_FP]); 1079 (*regs)[29] = tswapreg(env->regs[R_EA]); 1080 (*regs)[30] = -1; /* R_SSTATUS */ 1081 (*regs)[31] = tswapreg(env->regs[R_RA]); 1082 1083 (*regs)[32] = tswapreg(env->regs[R_PC]); 1084 1085 (*regs)[33] = -1; /* R_STATUS */ 1086 (*regs)[34] = tswapreg(env->regs[CR_ESTATUS]); 1087 1088 for (i = 35; i < 49; i++) /* ... */ 1089 (*regs)[i] = -1; 1090 } 1091 1092 #endif /* TARGET_NIOS2 */ 1093 1094 #ifdef TARGET_OPENRISC 1095 1096 #define ELF_START_MMAP 0x08000000 1097 1098 #define ELF_ARCH EM_OPENRISC 1099 #define ELF_CLASS ELFCLASS32 1100 #define ELF_DATA ELFDATA2MSB 1101 1102 static inline void init_thread(struct target_pt_regs *regs, 1103 struct image_info *infop) 1104 { 1105 regs->pc = infop->entry; 1106 regs->gpr[1] = infop->start_stack; 1107 } 1108 1109 #define USE_ELF_CORE_DUMP 1110 #define ELF_EXEC_PAGESIZE 8192 1111 1112 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 1113 #define ELF_NREG 34 /* gprs and pc, sr */ 1114 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1115 1116 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1117 const CPUOpenRISCState *env) 1118 { 1119 int i; 1120 1121 for (i = 0; i < 32; i++) { 1122 (*regs)[i] = tswapreg(cpu_get_gpr(env, i)); 1123 } 1124 (*regs)[32] = tswapreg(env->pc); 1125 (*regs)[33] = tswapreg(cpu_get_sr(env)); 1126 } 1127 #define ELF_HWCAP 0 1128 #define ELF_PLATFORM NULL 1129 1130 #endif /* TARGET_OPENRISC */ 1131 1132 #ifdef TARGET_SH4 1133 1134 #define ELF_START_MMAP 0x80000000 1135 1136 #define ELF_CLASS ELFCLASS32 1137 #define ELF_ARCH EM_SH 1138 1139 static inline void init_thread(struct target_pt_regs *regs, 1140 struct image_info *infop) 1141 { 1142 /* Check other registers XXXXX */ 1143 regs->pc = infop->entry; 1144 regs->regs[15] = infop->start_stack; 1145 } 1146 1147 /* See linux kernel: arch/sh/include/asm/elf.h. */ 1148 #define ELF_NREG 23 1149 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1150 1151 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1152 enum { 1153 TARGET_REG_PC = 16, 1154 TARGET_REG_PR = 17, 1155 TARGET_REG_SR = 18, 1156 TARGET_REG_GBR = 19, 1157 TARGET_REG_MACH = 20, 1158 TARGET_REG_MACL = 21, 1159 TARGET_REG_SYSCALL = 22 1160 }; 1161 1162 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1163 const CPUSH4State *env) 1164 { 1165 int i; 1166 1167 for (i = 0; i < 16; i++) { 1168 (*regs)[i] = tswapreg(env->gregs[i]); 1169 } 1170 1171 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1172 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1173 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1174 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1175 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1176 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1177 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1178 } 1179 1180 #define USE_ELF_CORE_DUMP 1181 #define ELF_EXEC_PAGESIZE 4096 1182 1183 enum { 1184 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1185 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1186 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1187 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1188 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1189 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1190 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1191 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1192 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1193 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1194 }; 1195 1196 #define ELF_HWCAP get_elf_hwcap() 1197 1198 static uint32_t get_elf_hwcap(void) 1199 { 1200 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1201 uint32_t hwcap = 0; 1202 1203 hwcap |= SH_CPU_HAS_FPU; 1204 1205 if (cpu->env.features & SH_FEATURE_SH4A) { 1206 hwcap |= SH_CPU_HAS_LLSC; 1207 } 1208 1209 return hwcap; 1210 } 1211 1212 #endif 1213 1214 #ifdef TARGET_CRIS 1215 1216 #define ELF_START_MMAP 0x80000000 1217 1218 #define ELF_CLASS ELFCLASS32 1219 #define ELF_ARCH EM_CRIS 1220 1221 static inline void init_thread(struct target_pt_regs *regs, 1222 struct image_info *infop) 1223 { 1224 regs->erp = infop->entry; 1225 } 1226 1227 #define ELF_EXEC_PAGESIZE 8192 1228 1229 #endif 1230 1231 #ifdef TARGET_M68K 1232 1233 #define ELF_START_MMAP 0x80000000 1234 1235 #define ELF_CLASS ELFCLASS32 1236 #define ELF_ARCH EM_68K 1237 1238 /* ??? Does this need to do anything? 1239 #define ELF_PLAT_INIT(_r) */ 1240 1241 static inline void init_thread(struct target_pt_regs *regs, 1242 struct image_info *infop) 1243 { 1244 regs->usp = infop->start_stack; 1245 regs->sr = 0; 1246 regs->pc = infop->entry; 1247 } 1248 1249 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1250 #define ELF_NREG 20 1251 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1252 1253 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1254 { 1255 (*regs)[0] = tswapreg(env->dregs[1]); 1256 (*regs)[1] = tswapreg(env->dregs[2]); 1257 (*regs)[2] = tswapreg(env->dregs[3]); 1258 (*regs)[3] = tswapreg(env->dregs[4]); 1259 (*regs)[4] = tswapreg(env->dregs[5]); 1260 (*regs)[5] = tswapreg(env->dregs[6]); 1261 (*regs)[6] = tswapreg(env->dregs[7]); 1262 (*regs)[7] = tswapreg(env->aregs[0]); 1263 (*regs)[8] = tswapreg(env->aregs[1]); 1264 (*regs)[9] = tswapreg(env->aregs[2]); 1265 (*regs)[10] = tswapreg(env->aregs[3]); 1266 (*regs)[11] = tswapreg(env->aregs[4]); 1267 (*regs)[12] = tswapreg(env->aregs[5]); 1268 (*regs)[13] = tswapreg(env->aregs[6]); 1269 (*regs)[14] = tswapreg(env->dregs[0]); 1270 (*regs)[15] = tswapreg(env->aregs[7]); 1271 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1272 (*regs)[17] = tswapreg(env->sr); 1273 (*regs)[18] = tswapreg(env->pc); 1274 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1275 } 1276 1277 #define USE_ELF_CORE_DUMP 1278 #define ELF_EXEC_PAGESIZE 8192 1279 1280 #endif 1281 1282 #ifdef TARGET_ALPHA 1283 1284 #define ELF_START_MMAP (0x30000000000ULL) 1285 1286 #define ELF_CLASS ELFCLASS64 1287 #define ELF_ARCH EM_ALPHA 1288 1289 static inline void init_thread(struct target_pt_regs *regs, 1290 struct image_info *infop) 1291 { 1292 regs->pc = infop->entry; 1293 regs->ps = 8; 1294 regs->usp = infop->start_stack; 1295 } 1296 1297 #define ELF_EXEC_PAGESIZE 8192 1298 1299 #endif /* TARGET_ALPHA */ 1300 1301 #ifdef TARGET_S390X 1302 1303 #define ELF_START_MMAP (0x20000000000ULL) 1304 1305 #define ELF_CLASS ELFCLASS64 1306 #define ELF_DATA ELFDATA2MSB 1307 #define ELF_ARCH EM_S390 1308 1309 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1310 { 1311 regs->psw.addr = infop->entry; 1312 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1313 regs->gprs[15] = infop->start_stack; 1314 } 1315 1316 #endif /* TARGET_S390X */ 1317 1318 #ifdef TARGET_TILEGX 1319 1320 /* 42 bits real used address, a half for user mode */ 1321 #define ELF_START_MMAP (0x00000020000000000ULL) 1322 1323 #define elf_check_arch(x) ((x) == EM_TILEGX) 1324 1325 #define ELF_CLASS ELFCLASS64 1326 #define ELF_DATA ELFDATA2LSB 1327 #define ELF_ARCH EM_TILEGX 1328 1329 static inline void init_thread(struct target_pt_regs *regs, 1330 struct image_info *infop) 1331 { 1332 regs->pc = infop->entry; 1333 regs->sp = infop->start_stack; 1334 1335 } 1336 1337 #define ELF_EXEC_PAGESIZE 65536 /* TILE-Gx page size is 64KB */ 1338 1339 #endif /* TARGET_TILEGX */ 1340 1341 #ifdef TARGET_RISCV 1342 1343 #define ELF_START_MMAP 0x80000000 1344 #define ELF_ARCH EM_RISCV 1345 1346 #ifdef TARGET_RISCV32 1347 #define ELF_CLASS ELFCLASS32 1348 #else 1349 #define ELF_CLASS ELFCLASS64 1350 #endif 1351 1352 static inline void init_thread(struct target_pt_regs *regs, 1353 struct image_info *infop) 1354 { 1355 regs->sepc = infop->entry; 1356 regs->sp = infop->start_stack; 1357 } 1358 1359 #define ELF_EXEC_PAGESIZE 4096 1360 1361 #endif /* TARGET_RISCV */ 1362 1363 #ifdef TARGET_HPPA 1364 1365 #define ELF_START_MMAP 0x80000000 1366 #define ELF_CLASS ELFCLASS32 1367 #define ELF_ARCH EM_PARISC 1368 #define ELF_PLATFORM "PARISC" 1369 #define STACK_GROWS_DOWN 0 1370 #define STACK_ALIGNMENT 64 1371 1372 static inline void init_thread(struct target_pt_regs *regs, 1373 struct image_info *infop) 1374 { 1375 regs->iaoq[0] = infop->entry; 1376 regs->iaoq[1] = infop->entry + 4; 1377 regs->gr[23] = 0; 1378 regs->gr[24] = infop->arg_start; 1379 regs->gr[25] = (infop->arg_end - infop->arg_start) / sizeof(abi_ulong); 1380 /* The top-of-stack contains a linkage buffer. */ 1381 regs->gr[30] = infop->start_stack + 64; 1382 regs->gr[31] = infop->entry; 1383 } 1384 1385 #endif /* TARGET_HPPA */ 1386 1387 #ifdef TARGET_XTENSA 1388 1389 #define ELF_START_MMAP 0x20000000 1390 1391 #define ELF_CLASS ELFCLASS32 1392 #define ELF_ARCH EM_XTENSA 1393 1394 static inline void init_thread(struct target_pt_regs *regs, 1395 struct image_info *infop) 1396 { 1397 regs->windowbase = 0; 1398 regs->windowstart = 1; 1399 regs->areg[1] = infop->start_stack; 1400 regs->pc = infop->entry; 1401 } 1402 1403 /* See linux kernel: arch/xtensa/include/asm/elf.h. */ 1404 #define ELF_NREG 128 1405 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1406 1407 enum { 1408 TARGET_REG_PC, 1409 TARGET_REG_PS, 1410 TARGET_REG_LBEG, 1411 TARGET_REG_LEND, 1412 TARGET_REG_LCOUNT, 1413 TARGET_REG_SAR, 1414 TARGET_REG_WINDOWSTART, 1415 TARGET_REG_WINDOWBASE, 1416 TARGET_REG_THREADPTR, 1417 TARGET_REG_AR0 = 64, 1418 }; 1419 1420 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1421 const CPUXtensaState *env) 1422 { 1423 unsigned i; 1424 1425 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1426 (*regs)[TARGET_REG_PS] = tswapreg(env->sregs[PS] & ~PS_EXCM); 1427 (*regs)[TARGET_REG_LBEG] = tswapreg(env->sregs[LBEG]); 1428 (*regs)[TARGET_REG_LEND] = tswapreg(env->sregs[LEND]); 1429 (*regs)[TARGET_REG_LCOUNT] = tswapreg(env->sregs[LCOUNT]); 1430 (*regs)[TARGET_REG_SAR] = tswapreg(env->sregs[SAR]); 1431 (*regs)[TARGET_REG_WINDOWSTART] = tswapreg(env->sregs[WINDOW_START]); 1432 (*regs)[TARGET_REG_WINDOWBASE] = tswapreg(env->sregs[WINDOW_BASE]); 1433 (*regs)[TARGET_REG_THREADPTR] = tswapreg(env->uregs[THREADPTR]); 1434 xtensa_sync_phys_from_window((CPUXtensaState *)env); 1435 for (i = 0; i < env->config->nareg; ++i) { 1436 (*regs)[TARGET_REG_AR0 + i] = tswapreg(env->phys_regs[i]); 1437 } 1438 } 1439 1440 #define USE_ELF_CORE_DUMP 1441 #define ELF_EXEC_PAGESIZE 4096 1442 1443 #endif /* TARGET_XTENSA */ 1444 1445 #ifndef ELF_PLATFORM 1446 #define ELF_PLATFORM (NULL) 1447 #endif 1448 1449 #ifndef ELF_MACHINE 1450 #define ELF_MACHINE ELF_ARCH 1451 #endif 1452 1453 #ifndef elf_check_arch 1454 #define elf_check_arch(x) ((x) == ELF_ARCH) 1455 #endif 1456 1457 #ifndef ELF_HWCAP 1458 #define ELF_HWCAP 0 1459 #endif 1460 1461 #ifndef STACK_GROWS_DOWN 1462 #define STACK_GROWS_DOWN 1 1463 #endif 1464 1465 #ifndef STACK_ALIGNMENT 1466 #define STACK_ALIGNMENT 16 1467 #endif 1468 1469 #ifdef TARGET_ABI32 1470 #undef ELF_CLASS 1471 #define ELF_CLASS ELFCLASS32 1472 #undef bswaptls 1473 #define bswaptls(ptr) bswap32s(ptr) 1474 #endif 1475 1476 #include "elf.h" 1477 1478 struct exec 1479 { 1480 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1481 unsigned int a_text; /* length of text, in bytes */ 1482 unsigned int a_data; /* length of data, in bytes */ 1483 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1484 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1485 unsigned int a_entry; /* start address */ 1486 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1487 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1488 }; 1489 1490 1491 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1492 #define OMAGIC 0407 1493 #define NMAGIC 0410 1494 #define ZMAGIC 0413 1495 #define QMAGIC 0314 1496 1497 /* Necessary parameters */ 1498 #define TARGET_ELF_EXEC_PAGESIZE \ 1499 (((eppnt->p_align & ~qemu_host_page_mask) != 0) ? \ 1500 TARGET_PAGE_SIZE : MAX(qemu_host_page_size, TARGET_PAGE_SIZE)) 1501 #define TARGET_ELF_PAGELENGTH(_v) ROUND_UP((_v), TARGET_ELF_EXEC_PAGESIZE) 1502 #define TARGET_ELF_PAGESTART(_v) ((_v) & \ 1503 ~(abi_ulong)(TARGET_ELF_EXEC_PAGESIZE-1)) 1504 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1505 1506 #define DLINFO_ITEMS 15 1507 1508 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1509 { 1510 memcpy(to, from, n); 1511 } 1512 1513 #ifdef BSWAP_NEEDED 1514 static void bswap_ehdr(struct elfhdr *ehdr) 1515 { 1516 bswap16s(&ehdr->e_type); /* Object file type */ 1517 bswap16s(&ehdr->e_machine); /* Architecture */ 1518 bswap32s(&ehdr->e_version); /* Object file version */ 1519 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1520 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1521 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1522 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1523 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1524 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1525 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1526 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1527 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1528 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1529 } 1530 1531 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1532 { 1533 int i; 1534 for (i = 0; i < phnum; ++i, ++phdr) { 1535 bswap32s(&phdr->p_type); /* Segment type */ 1536 bswap32s(&phdr->p_flags); /* Segment flags */ 1537 bswaptls(&phdr->p_offset); /* Segment file offset */ 1538 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1539 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1540 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1541 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1542 bswaptls(&phdr->p_align); /* Segment alignment */ 1543 } 1544 } 1545 1546 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1547 { 1548 int i; 1549 for (i = 0; i < shnum; ++i, ++shdr) { 1550 bswap32s(&shdr->sh_name); 1551 bswap32s(&shdr->sh_type); 1552 bswaptls(&shdr->sh_flags); 1553 bswaptls(&shdr->sh_addr); 1554 bswaptls(&shdr->sh_offset); 1555 bswaptls(&shdr->sh_size); 1556 bswap32s(&shdr->sh_link); 1557 bswap32s(&shdr->sh_info); 1558 bswaptls(&shdr->sh_addralign); 1559 bswaptls(&shdr->sh_entsize); 1560 } 1561 } 1562 1563 static void bswap_sym(struct elf_sym *sym) 1564 { 1565 bswap32s(&sym->st_name); 1566 bswaptls(&sym->st_value); 1567 bswaptls(&sym->st_size); 1568 bswap16s(&sym->st_shndx); 1569 } 1570 1571 #ifdef TARGET_MIPS 1572 static void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) 1573 { 1574 bswap16s(&abiflags->version); 1575 bswap32s(&abiflags->ases); 1576 bswap32s(&abiflags->isa_ext); 1577 bswap32s(&abiflags->flags1); 1578 bswap32s(&abiflags->flags2); 1579 } 1580 #endif 1581 #else 1582 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1583 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1584 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1585 static inline void bswap_sym(struct elf_sym *sym) { } 1586 #ifdef TARGET_MIPS 1587 static inline void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) { } 1588 #endif 1589 #endif 1590 1591 #ifdef USE_ELF_CORE_DUMP 1592 static int elf_core_dump(int, const CPUArchState *); 1593 #endif /* USE_ELF_CORE_DUMP */ 1594 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1595 1596 /* Verify the portions of EHDR within E_IDENT for the target. 1597 This can be performed before bswapping the entire header. */ 1598 static bool elf_check_ident(struct elfhdr *ehdr) 1599 { 1600 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1601 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1602 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1603 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1604 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1605 && ehdr->e_ident[EI_DATA] == ELF_DATA 1606 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1607 } 1608 1609 /* Verify the portions of EHDR outside of E_IDENT for the target. 1610 This has to wait until after bswapping the header. */ 1611 static bool elf_check_ehdr(struct elfhdr *ehdr) 1612 { 1613 return (elf_check_arch(ehdr->e_machine) 1614 && ehdr->e_ehsize == sizeof(struct elfhdr) 1615 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1616 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1617 } 1618 1619 /* 1620 * 'copy_elf_strings()' copies argument/envelope strings from user 1621 * memory to free pages in kernel mem. These are in a format ready 1622 * to be put directly into the top of new user memory. 1623 * 1624 */ 1625 static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 1626 abi_ulong p, abi_ulong stack_limit) 1627 { 1628 char *tmp; 1629 int len, i; 1630 abi_ulong top = p; 1631 1632 if (!p) { 1633 return 0; /* bullet-proofing */ 1634 } 1635 1636 if (STACK_GROWS_DOWN) { 1637 int offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 1638 for (i = argc - 1; i >= 0; --i) { 1639 tmp = argv[i]; 1640 if (!tmp) { 1641 fprintf(stderr, "VFS: argc is wrong"); 1642 exit(-1); 1643 } 1644 len = strlen(tmp) + 1; 1645 tmp += len; 1646 1647 if (len > (p - stack_limit)) { 1648 return 0; 1649 } 1650 while (len) { 1651 int bytes_to_copy = (len > offset) ? offset : len; 1652 tmp -= bytes_to_copy; 1653 p -= bytes_to_copy; 1654 offset -= bytes_to_copy; 1655 len -= bytes_to_copy; 1656 1657 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 1658 1659 if (offset == 0) { 1660 memcpy_to_target(p, scratch, top - p); 1661 top = p; 1662 offset = TARGET_PAGE_SIZE; 1663 } 1664 } 1665 } 1666 if (p != top) { 1667 memcpy_to_target(p, scratch + offset, top - p); 1668 } 1669 } else { 1670 int remaining = TARGET_PAGE_SIZE - (p % TARGET_PAGE_SIZE); 1671 for (i = 0; i < argc; ++i) { 1672 tmp = argv[i]; 1673 if (!tmp) { 1674 fprintf(stderr, "VFS: argc is wrong"); 1675 exit(-1); 1676 } 1677 len = strlen(tmp) + 1; 1678 if (len > (stack_limit - p)) { 1679 return 0; 1680 } 1681 while (len) { 1682 int bytes_to_copy = (len > remaining) ? remaining : len; 1683 1684 memcpy_fromfs(scratch + (p - top), tmp, bytes_to_copy); 1685 1686 tmp += bytes_to_copy; 1687 remaining -= bytes_to_copy; 1688 p += bytes_to_copy; 1689 len -= bytes_to_copy; 1690 1691 if (remaining == 0) { 1692 memcpy_to_target(top, scratch, p - top); 1693 top = p; 1694 remaining = TARGET_PAGE_SIZE; 1695 } 1696 } 1697 } 1698 if (p != top) { 1699 memcpy_to_target(top, scratch, p - top); 1700 } 1701 } 1702 1703 return p; 1704 } 1705 1706 /* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 1707 * argument/environment space. Newer kernels (>2.6.33) allow more, 1708 * dependent on stack size, but guarantee at least 32 pages for 1709 * backwards compatibility. 1710 */ 1711 #define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 1712 1713 static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 1714 struct image_info *info) 1715 { 1716 abi_ulong size, error, guard; 1717 1718 size = guest_stack_size; 1719 if (size < STACK_LOWER_LIMIT) { 1720 size = STACK_LOWER_LIMIT; 1721 } 1722 guard = TARGET_PAGE_SIZE; 1723 if (guard < qemu_real_host_page_size) { 1724 guard = qemu_real_host_page_size; 1725 } 1726 1727 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1728 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1729 if (error == -1) { 1730 perror("mmap stack"); 1731 exit(-1); 1732 } 1733 1734 /* We reserve one extra page at the top of the stack as guard. */ 1735 if (STACK_GROWS_DOWN) { 1736 target_mprotect(error, guard, PROT_NONE); 1737 info->stack_limit = error + guard; 1738 return info->stack_limit + size - sizeof(void *); 1739 } else { 1740 target_mprotect(error + size, guard, PROT_NONE); 1741 info->stack_limit = error + size; 1742 return error; 1743 } 1744 } 1745 1746 /* Map and zero the bss. We need to explicitly zero any fractional pages 1747 after the data section (i.e. bss). */ 1748 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1749 { 1750 uintptr_t host_start, host_map_start, host_end; 1751 1752 last_bss = TARGET_PAGE_ALIGN(last_bss); 1753 1754 /* ??? There is confusion between qemu_real_host_page_size and 1755 qemu_host_page_size here and elsewhere in target_mmap, which 1756 may lead to the end of the data section mapping from the file 1757 not being mapped. At least there was an explicit test and 1758 comment for that here, suggesting that "the file size must 1759 be known". The comment probably pre-dates the introduction 1760 of the fstat system call in target_mmap which does in fact 1761 find out the size. What isn't clear is if the workaround 1762 here is still actually needed. For now, continue with it, 1763 but merge it with the "normal" mmap that would allocate the bss. */ 1764 1765 host_start = (uintptr_t) g2h(elf_bss); 1766 host_end = (uintptr_t) g2h(last_bss); 1767 host_map_start = REAL_HOST_PAGE_ALIGN(host_start); 1768 1769 if (host_map_start < host_end) { 1770 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1771 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1772 if (p == MAP_FAILED) { 1773 perror("cannot mmap brk"); 1774 exit(-1); 1775 } 1776 } 1777 1778 /* Ensure that the bss page(s) are valid */ 1779 if ((page_get_flags(last_bss-1) & prot) != prot) { 1780 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot | PAGE_VALID); 1781 } 1782 1783 if (host_start < host_map_start) { 1784 memset((void *)host_start, 0, host_map_start - host_start); 1785 } 1786 } 1787 1788 #ifdef TARGET_ARM 1789 static int elf_is_fdpic(struct elfhdr *exec) 1790 { 1791 return exec->e_ident[EI_OSABI] == ELFOSABI_ARM_FDPIC; 1792 } 1793 #else 1794 /* Default implementation, always false. */ 1795 static int elf_is_fdpic(struct elfhdr *exec) 1796 { 1797 return 0; 1798 } 1799 #endif 1800 1801 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1802 { 1803 uint16_t n; 1804 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1805 1806 /* elf32_fdpic_loadseg */ 1807 n = info->nsegs; 1808 while (n--) { 1809 sp -= 12; 1810 put_user_u32(loadsegs[n].addr, sp+0); 1811 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1812 put_user_u32(loadsegs[n].p_memsz, sp+8); 1813 } 1814 1815 /* elf32_fdpic_loadmap */ 1816 sp -= 4; 1817 put_user_u16(0, sp+0); /* version */ 1818 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1819 1820 info->personality = PER_LINUX_FDPIC; 1821 info->loadmap_addr = sp; 1822 1823 return sp; 1824 } 1825 1826 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1827 struct elfhdr *exec, 1828 struct image_info *info, 1829 struct image_info *interp_info) 1830 { 1831 abi_ulong sp; 1832 abi_ulong u_argc, u_argv, u_envp, u_auxv; 1833 int size; 1834 int i; 1835 abi_ulong u_rand_bytes; 1836 uint8_t k_rand_bytes[16]; 1837 abi_ulong u_platform; 1838 const char *k_platform; 1839 const int n = sizeof(elf_addr_t); 1840 1841 sp = p; 1842 1843 /* Needs to be before we load the env/argc/... */ 1844 if (elf_is_fdpic(exec)) { 1845 /* Need 4 byte alignment for these structs */ 1846 sp &= ~3; 1847 sp = loader_build_fdpic_loadmap(info, sp); 1848 info->other_info = interp_info; 1849 if (interp_info) { 1850 interp_info->other_info = info; 1851 sp = loader_build_fdpic_loadmap(interp_info, sp); 1852 info->interpreter_loadmap_addr = interp_info->loadmap_addr; 1853 info->interpreter_pt_dynamic_addr = interp_info->pt_dynamic_addr; 1854 } else { 1855 info->interpreter_loadmap_addr = 0; 1856 info->interpreter_pt_dynamic_addr = 0; 1857 } 1858 } 1859 1860 u_platform = 0; 1861 k_platform = ELF_PLATFORM; 1862 if (k_platform) { 1863 size_t len = strlen(k_platform) + 1; 1864 if (STACK_GROWS_DOWN) { 1865 sp -= (len + n - 1) & ~(n - 1); 1866 u_platform = sp; 1867 /* FIXME - check return value of memcpy_to_target() for failure */ 1868 memcpy_to_target(sp, k_platform, len); 1869 } else { 1870 memcpy_to_target(sp, k_platform, len); 1871 u_platform = sp; 1872 sp += len + 1; 1873 } 1874 } 1875 1876 /* Provide 16 byte alignment for the PRNG, and basic alignment for 1877 * the argv and envp pointers. 1878 */ 1879 if (STACK_GROWS_DOWN) { 1880 sp = QEMU_ALIGN_DOWN(sp, 16); 1881 } else { 1882 sp = QEMU_ALIGN_UP(sp, 16); 1883 } 1884 1885 /* 1886 * Generate 16 random bytes for userspace PRNG seeding (not 1887 * cryptically secure but it's not the aim of QEMU). 1888 */ 1889 for (i = 0; i < 16; i++) { 1890 k_rand_bytes[i] = rand(); 1891 } 1892 if (STACK_GROWS_DOWN) { 1893 sp -= 16; 1894 u_rand_bytes = sp; 1895 /* FIXME - check return value of memcpy_to_target() for failure */ 1896 memcpy_to_target(sp, k_rand_bytes, 16); 1897 } else { 1898 memcpy_to_target(sp, k_rand_bytes, 16); 1899 u_rand_bytes = sp; 1900 sp += 16; 1901 } 1902 1903 size = (DLINFO_ITEMS + 1) * 2; 1904 if (k_platform) 1905 size += 2; 1906 #ifdef DLINFO_ARCH_ITEMS 1907 size += DLINFO_ARCH_ITEMS * 2; 1908 #endif 1909 #ifdef ELF_HWCAP2 1910 size += 2; 1911 #endif 1912 info->auxv_len = size * n; 1913 1914 size += envc + argc + 2; 1915 size += 1; /* argc itself */ 1916 size *= n; 1917 1918 /* Allocate space and finalize stack alignment for entry now. */ 1919 if (STACK_GROWS_DOWN) { 1920 u_argc = QEMU_ALIGN_DOWN(sp - size, STACK_ALIGNMENT); 1921 sp = u_argc; 1922 } else { 1923 u_argc = sp; 1924 sp = QEMU_ALIGN_UP(sp + size, STACK_ALIGNMENT); 1925 } 1926 1927 u_argv = u_argc + n; 1928 u_envp = u_argv + (argc + 1) * n; 1929 u_auxv = u_envp + (envc + 1) * n; 1930 info->saved_auxv = u_auxv; 1931 info->arg_start = u_argv; 1932 info->arg_end = u_argv + argc * n; 1933 1934 /* This is correct because Linux defines 1935 * elf_addr_t as Elf32_Off / Elf64_Off 1936 */ 1937 #define NEW_AUX_ENT(id, val) do { \ 1938 put_user_ual(id, u_auxv); u_auxv += n; \ 1939 put_user_ual(val, u_auxv); u_auxv += n; \ 1940 } while(0) 1941 1942 #ifdef ARCH_DLINFO 1943 /* 1944 * ARCH_DLINFO must come first so platform specific code can enforce 1945 * special alignment requirements on the AUXV if necessary (eg. PPC). 1946 */ 1947 ARCH_DLINFO; 1948 #endif 1949 /* There must be exactly DLINFO_ITEMS entries here, or the assert 1950 * on info->auxv_len will trigger. 1951 */ 1952 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1953 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1954 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1955 if ((info->alignment & ~qemu_host_page_mask) != 0) { 1956 /* Target doesn't support host page size alignment */ 1957 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 1958 } else { 1959 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(MAX(TARGET_PAGE_SIZE, 1960 qemu_host_page_size))); 1961 } 1962 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1963 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1964 NEW_AUX_ENT(AT_ENTRY, info->entry); 1965 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1966 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1967 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1968 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1969 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1970 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1971 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 1972 NEW_AUX_ENT(AT_SECURE, (abi_ulong) qemu_getauxval(AT_SECURE)); 1973 1974 #ifdef ELF_HWCAP2 1975 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 1976 #endif 1977 1978 if (u_platform) { 1979 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1980 } 1981 NEW_AUX_ENT (AT_NULL, 0); 1982 #undef NEW_AUX_ENT 1983 1984 /* Check that our initial calculation of the auxv length matches how much 1985 * we actually put into it. 1986 */ 1987 assert(info->auxv_len == u_auxv - info->saved_auxv); 1988 1989 put_user_ual(argc, u_argc); 1990 1991 p = info->arg_strings; 1992 for (i = 0; i < argc; ++i) { 1993 put_user_ual(p, u_argv); 1994 u_argv += n; 1995 p += target_strlen(p) + 1; 1996 } 1997 put_user_ual(0, u_argv); 1998 1999 p = info->env_strings; 2000 for (i = 0; i < envc; ++i) { 2001 put_user_ual(p, u_envp); 2002 u_envp += n; 2003 p += target_strlen(p) + 1; 2004 } 2005 put_user_ual(0, u_envp); 2006 2007 return sp; 2008 } 2009 2010 unsigned long init_guest_space(unsigned long host_start, 2011 unsigned long host_size, 2012 unsigned long guest_start, 2013 bool fixed) 2014 { 2015 unsigned long current_start, aligned_start; 2016 int flags; 2017 2018 assert(host_start || host_size); 2019 2020 /* If just a starting address is given, then just verify that 2021 * address. */ 2022 if (host_start && !host_size) { 2023 #if defined(TARGET_ARM) && !defined(TARGET_AARCH64) 2024 if (init_guest_commpage(host_start, host_size) != 1) { 2025 return (unsigned long)-1; 2026 } 2027 #endif 2028 return host_start; 2029 } 2030 2031 /* Setup the initial flags and start address. */ 2032 current_start = host_start & qemu_host_page_mask; 2033 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 2034 if (fixed) { 2035 flags |= MAP_FIXED; 2036 } 2037 2038 /* Otherwise, a non-zero size region of memory needs to be mapped 2039 * and validated. */ 2040 2041 #if defined(TARGET_ARM) && !defined(TARGET_AARCH64) 2042 /* On 32-bit ARM, we need to map not just the usable memory, but 2043 * also the commpage. Try to find a suitable place by allocating 2044 * a big chunk for all of it. If host_start, then the naive 2045 * strategy probably does good enough. 2046 */ 2047 if (!host_start) { 2048 unsigned long guest_full_size, host_full_size, real_start; 2049 2050 guest_full_size = 2051 (0xffff0f00 & qemu_host_page_mask) + qemu_host_page_size; 2052 host_full_size = guest_full_size - guest_start; 2053 real_start = (unsigned long) 2054 mmap(NULL, host_full_size, PROT_NONE, flags, -1, 0); 2055 if (real_start == (unsigned long)-1) { 2056 if (host_size < host_full_size - qemu_host_page_size) { 2057 /* We failed to map a continous segment, but we're 2058 * allowed to have a gap between the usable memory and 2059 * the commpage where other things can be mapped. 2060 * This sparseness gives us more flexibility to find 2061 * an address range. 2062 */ 2063 goto naive; 2064 } 2065 return (unsigned long)-1; 2066 } 2067 munmap((void *)real_start, host_full_size); 2068 if (real_start & ~qemu_host_page_mask) { 2069 /* The same thing again, but with an extra qemu_host_page_size 2070 * so that we can shift around alignment. 2071 */ 2072 unsigned long real_size = host_full_size + qemu_host_page_size; 2073 real_start = (unsigned long) 2074 mmap(NULL, real_size, PROT_NONE, flags, -1, 0); 2075 if (real_start == (unsigned long)-1) { 2076 if (host_size < host_full_size - qemu_host_page_size) { 2077 goto naive; 2078 } 2079 return (unsigned long)-1; 2080 } 2081 munmap((void *)real_start, real_size); 2082 real_start = HOST_PAGE_ALIGN(real_start); 2083 } 2084 current_start = real_start; 2085 } 2086 naive: 2087 #endif 2088 2089 while (1) { 2090 unsigned long real_start, real_size, aligned_size; 2091 aligned_size = real_size = host_size; 2092 2093 /* Do not use mmap_find_vma here because that is limited to the 2094 * guest address space. We are going to make the 2095 * guest address space fit whatever we're given. 2096 */ 2097 real_start = (unsigned long) 2098 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0); 2099 if (real_start == (unsigned long)-1) { 2100 return (unsigned long)-1; 2101 } 2102 2103 /* Check to see if the address is valid. */ 2104 if (host_start && real_start != current_start) { 2105 goto try_again; 2106 } 2107 2108 /* Ensure the address is properly aligned. */ 2109 if (real_start & ~qemu_host_page_mask) { 2110 /* Ideally, we adjust like 2111 * 2112 * pages: [ ][ ][ ][ ][ ] 2113 * old: [ real ] 2114 * [ aligned ] 2115 * new: [ real ] 2116 * [ aligned ] 2117 * 2118 * But if there is something else mapped right after it, 2119 * then obviously it won't have room to grow, and the 2120 * kernel will put the new larger real someplace else with 2121 * unknown alignment (if we made it to here, then 2122 * fixed=false). Which is why we grow real by a full page 2123 * size, instead of by part of one; so that even if we get 2124 * moved, we can still guarantee alignment. But this does 2125 * mean that there is a padding of < 1 page both before 2126 * and after the aligned range; the "after" could could 2127 * cause problems for ARM emulation where it could butt in 2128 * to where we need to put the commpage. 2129 */ 2130 munmap((void *)real_start, host_size); 2131 real_size = aligned_size + qemu_host_page_size; 2132 real_start = (unsigned long) 2133 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0); 2134 if (real_start == (unsigned long)-1) { 2135 return (unsigned long)-1; 2136 } 2137 aligned_start = HOST_PAGE_ALIGN(real_start); 2138 } else { 2139 aligned_start = real_start; 2140 } 2141 2142 #if defined(TARGET_ARM) && !defined(TARGET_AARCH64) 2143 /* On 32-bit ARM, we need to also be able to map the commpage. */ 2144 int valid = init_guest_commpage(aligned_start - guest_start, 2145 aligned_size + guest_start); 2146 if (valid == -1) { 2147 munmap((void *)real_start, real_size); 2148 return (unsigned long)-1; 2149 } else if (valid == 0) { 2150 goto try_again; 2151 } 2152 #endif 2153 2154 /* If nothing has said `return -1` or `goto try_again` yet, 2155 * then the address we have is good. 2156 */ 2157 break; 2158 2159 try_again: 2160 /* That address didn't work. Unmap and try a different one. 2161 * The address the host picked because is typically right at 2162 * the top of the host address space and leaves the guest with 2163 * no usable address space. Resort to a linear search. We 2164 * already compensated for mmap_min_addr, so this should not 2165 * happen often. Probably means we got unlucky and host 2166 * address space randomization put a shared library somewhere 2167 * inconvenient. 2168 * 2169 * This is probably a good strategy if host_start, but is 2170 * probably a bad strategy if not, which means we got here 2171 * because of trouble with ARM commpage setup. 2172 */ 2173 munmap((void *)real_start, real_size); 2174 current_start += qemu_host_page_size; 2175 if (host_start == current_start) { 2176 /* Theoretically possible if host doesn't have any suitably 2177 * aligned areas. Normally the first mmap will fail. 2178 */ 2179 return (unsigned long)-1; 2180 } 2181 } 2182 2183 qemu_log_mask(CPU_LOG_PAGE, "Reserved 0x%lx bytes of guest address space\n", host_size); 2184 2185 return aligned_start; 2186 } 2187 2188 static void probe_guest_base(const char *image_name, 2189 abi_ulong loaddr, abi_ulong hiaddr) 2190 { 2191 /* Probe for a suitable guest base address, if the user has not set 2192 * it explicitly, and set guest_base appropriately. 2193 * In case of error we will print a suitable message and exit. 2194 */ 2195 const char *errmsg; 2196 if (!have_guest_base && !reserved_va) { 2197 unsigned long host_start, real_start, host_size; 2198 2199 /* Round addresses to page boundaries. */ 2200 loaddr &= qemu_host_page_mask; 2201 hiaddr = HOST_PAGE_ALIGN(hiaddr); 2202 2203 if (loaddr < mmap_min_addr) { 2204 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 2205 } else { 2206 host_start = loaddr; 2207 if (host_start != loaddr) { 2208 errmsg = "Address overflow loading ELF binary"; 2209 goto exit_errmsg; 2210 } 2211 } 2212 host_size = hiaddr - loaddr; 2213 2214 /* Setup the initial guest memory space with ranges gleaned from 2215 * the ELF image that is being loaded. 2216 */ 2217 real_start = init_guest_space(host_start, host_size, loaddr, false); 2218 if (real_start == (unsigned long)-1) { 2219 errmsg = "Unable to find space for application"; 2220 goto exit_errmsg; 2221 } 2222 guest_base = real_start - loaddr; 2223 2224 qemu_log_mask(CPU_LOG_PAGE, "Relocating guest address space from 0x" 2225 TARGET_ABI_FMT_lx " to 0x%lx\n", 2226 loaddr, real_start); 2227 } 2228 return; 2229 2230 exit_errmsg: 2231 fprintf(stderr, "%s: %s\n", image_name, errmsg); 2232 exit(-1); 2233 } 2234 2235 2236 /* Load an ELF image into the address space. 2237 2238 IMAGE_NAME is the filename of the image, to use in error messages. 2239 IMAGE_FD is the open file descriptor for the image. 2240 2241 BPRM_BUF is a copy of the beginning of the file; this of course 2242 contains the elf file header at offset 0. It is assumed that this 2243 buffer is sufficiently aligned to present no problems to the host 2244 in accessing data at aligned offsets within the buffer. 2245 2246 On return: INFO values will be filled in, as necessary or available. */ 2247 2248 static void load_elf_image(const char *image_name, int image_fd, 2249 struct image_info *info, char **pinterp_name, 2250 char bprm_buf[BPRM_BUF_SIZE]) 2251 { 2252 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 2253 struct elf_phdr *phdr; 2254 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 2255 int i, retval; 2256 const char *errmsg; 2257 2258 /* First of all, some simple consistency checks */ 2259 errmsg = "Invalid ELF image for this architecture"; 2260 if (!elf_check_ident(ehdr)) { 2261 goto exit_errmsg; 2262 } 2263 bswap_ehdr(ehdr); 2264 if (!elf_check_ehdr(ehdr)) { 2265 goto exit_errmsg; 2266 } 2267 2268 i = ehdr->e_phnum * sizeof(struct elf_phdr); 2269 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 2270 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 2271 } else { 2272 phdr = (struct elf_phdr *) alloca(i); 2273 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 2274 if (retval != i) { 2275 goto exit_read; 2276 } 2277 } 2278 bswap_phdr(phdr, ehdr->e_phnum); 2279 2280 info->nsegs = 0; 2281 info->pt_dynamic_addr = 0; 2282 2283 mmap_lock(); 2284 2285 /* Find the maximum size of the image and allocate an appropriate 2286 amount of memory to handle that. */ 2287 loaddr = -1, hiaddr = 0; 2288 info->alignment = 0; 2289 for (i = 0; i < ehdr->e_phnum; ++i) { 2290 if (phdr[i].p_type == PT_LOAD) { 2291 abi_ulong a = phdr[i].p_vaddr - phdr[i].p_offset; 2292 if (a < loaddr) { 2293 loaddr = a; 2294 } 2295 a = phdr[i].p_vaddr + phdr[i].p_memsz; 2296 if (a > hiaddr) { 2297 hiaddr = a; 2298 } 2299 ++info->nsegs; 2300 info->alignment |= phdr[i].p_align; 2301 } 2302 } 2303 2304 load_addr = loaddr; 2305 if (ehdr->e_type == ET_DYN) { 2306 /* The image indicates that it can be loaded anywhere. Find a 2307 location that can hold the memory space required. If the 2308 image is pre-linked, LOADDR will be non-zero. Since we do 2309 not supply MAP_FIXED here we'll use that address if and 2310 only if it remains available. */ 2311 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 2312 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 2313 -1, 0); 2314 if (load_addr == -1) { 2315 goto exit_perror; 2316 } 2317 } else if (pinterp_name != NULL) { 2318 /* This is the main executable. Make sure that the low 2319 address does not conflict with MMAP_MIN_ADDR or the 2320 QEMU application itself. */ 2321 probe_guest_base(image_name, loaddr, hiaddr); 2322 } 2323 load_bias = load_addr - loaddr; 2324 2325 if (elf_is_fdpic(ehdr)) { 2326 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 2327 g_malloc(sizeof(*loadsegs) * info->nsegs); 2328 2329 for (i = 0; i < ehdr->e_phnum; ++i) { 2330 switch (phdr[i].p_type) { 2331 case PT_DYNAMIC: 2332 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 2333 break; 2334 case PT_LOAD: 2335 loadsegs->addr = phdr[i].p_vaddr + load_bias; 2336 loadsegs->p_vaddr = phdr[i].p_vaddr; 2337 loadsegs->p_memsz = phdr[i].p_memsz; 2338 ++loadsegs; 2339 break; 2340 } 2341 } 2342 } 2343 2344 info->load_bias = load_bias; 2345 info->load_addr = load_addr; 2346 info->entry = ehdr->e_entry + load_bias; 2347 info->start_code = -1; 2348 info->end_code = 0; 2349 info->start_data = -1; 2350 info->end_data = 0; 2351 info->brk = 0; 2352 info->elf_flags = ehdr->e_flags; 2353 2354 for (i = 0; i < ehdr->e_phnum; i++) { 2355 struct elf_phdr *eppnt = phdr + i; 2356 if (eppnt->p_type == PT_LOAD) { 2357 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em, vaddr_len; 2358 int elf_prot = 0; 2359 2360 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 2361 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 2362 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 2363 2364 vaddr = load_bias + eppnt->p_vaddr; 2365 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 2366 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 2367 vaddr_len = TARGET_ELF_PAGELENGTH(eppnt->p_filesz + vaddr_po); 2368 2369 /* 2370 * Some segments may be completely empty without any backing file 2371 * segment, in that case just let zero_bss allocate an empty buffer 2372 * for it. 2373 */ 2374 if (eppnt->p_filesz != 0) { 2375 error = target_mmap(vaddr_ps, vaddr_len, elf_prot, 2376 MAP_PRIVATE | MAP_FIXED, 2377 image_fd, eppnt->p_offset - vaddr_po); 2378 2379 if (error == -1) { 2380 goto exit_perror; 2381 } 2382 } 2383 2384 vaddr_ef = vaddr + eppnt->p_filesz; 2385 vaddr_em = vaddr + eppnt->p_memsz; 2386 2387 /* If the load segment requests extra zeros (e.g. bss), map it. */ 2388 if (vaddr_ef < vaddr_em) { 2389 zero_bss(vaddr_ef, vaddr_em, elf_prot); 2390 } 2391 2392 /* Find the full program boundaries. */ 2393 if (elf_prot & PROT_EXEC) { 2394 if (vaddr < info->start_code) { 2395 info->start_code = vaddr; 2396 } 2397 if (vaddr_ef > info->end_code) { 2398 info->end_code = vaddr_ef; 2399 } 2400 } 2401 if (elf_prot & PROT_WRITE) { 2402 if (vaddr < info->start_data) { 2403 info->start_data = vaddr; 2404 } 2405 if (vaddr_ef > info->end_data) { 2406 info->end_data = vaddr_ef; 2407 } 2408 if (vaddr_em > info->brk) { 2409 info->brk = vaddr_em; 2410 } 2411 } 2412 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 2413 char *interp_name; 2414 2415 if (*pinterp_name) { 2416 errmsg = "Multiple PT_INTERP entries"; 2417 goto exit_errmsg; 2418 } 2419 interp_name = malloc(eppnt->p_filesz); 2420 if (!interp_name) { 2421 goto exit_perror; 2422 } 2423 2424 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2425 memcpy(interp_name, bprm_buf + eppnt->p_offset, 2426 eppnt->p_filesz); 2427 } else { 2428 retval = pread(image_fd, interp_name, eppnt->p_filesz, 2429 eppnt->p_offset); 2430 if (retval != eppnt->p_filesz) { 2431 goto exit_perror; 2432 } 2433 } 2434 if (interp_name[eppnt->p_filesz - 1] != 0) { 2435 errmsg = "Invalid PT_INTERP entry"; 2436 goto exit_errmsg; 2437 } 2438 *pinterp_name = interp_name; 2439 #ifdef TARGET_MIPS 2440 } else if (eppnt->p_type == PT_MIPS_ABIFLAGS) { 2441 Mips_elf_abiflags_v0 abiflags; 2442 if (eppnt->p_filesz < sizeof(Mips_elf_abiflags_v0)) { 2443 errmsg = "Invalid PT_MIPS_ABIFLAGS entry"; 2444 goto exit_errmsg; 2445 } 2446 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2447 memcpy(&abiflags, bprm_buf + eppnt->p_offset, 2448 sizeof(Mips_elf_abiflags_v0)); 2449 } else { 2450 retval = pread(image_fd, &abiflags, sizeof(Mips_elf_abiflags_v0), 2451 eppnt->p_offset); 2452 if (retval != sizeof(Mips_elf_abiflags_v0)) { 2453 goto exit_perror; 2454 } 2455 } 2456 bswap_mips_abiflags(&abiflags); 2457 info->fp_abi = abiflags.fp_abi; 2458 #endif 2459 } 2460 } 2461 2462 if (info->end_data == 0) { 2463 info->start_data = info->end_code; 2464 info->end_data = info->end_code; 2465 info->brk = info->end_code; 2466 } 2467 2468 if (qemu_log_enabled()) { 2469 load_symbols(ehdr, image_fd, load_bias); 2470 } 2471 2472 mmap_unlock(); 2473 2474 close(image_fd); 2475 return; 2476 2477 exit_read: 2478 if (retval >= 0) { 2479 errmsg = "Incomplete read of file header"; 2480 goto exit_errmsg; 2481 } 2482 exit_perror: 2483 errmsg = strerror(errno); 2484 exit_errmsg: 2485 fprintf(stderr, "%s: %s\n", image_name, errmsg); 2486 exit(-1); 2487 } 2488 2489 static void load_elf_interp(const char *filename, struct image_info *info, 2490 char bprm_buf[BPRM_BUF_SIZE]) 2491 { 2492 int fd, retval; 2493 2494 fd = open(path(filename), O_RDONLY); 2495 if (fd < 0) { 2496 goto exit_perror; 2497 } 2498 2499 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 2500 if (retval < 0) { 2501 goto exit_perror; 2502 } 2503 if (retval < BPRM_BUF_SIZE) { 2504 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 2505 } 2506 2507 load_elf_image(filename, fd, info, NULL, bprm_buf); 2508 return; 2509 2510 exit_perror: 2511 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 2512 exit(-1); 2513 } 2514 2515 static int symfind(const void *s0, const void *s1) 2516 { 2517 target_ulong addr = *(target_ulong *)s0; 2518 struct elf_sym *sym = (struct elf_sym *)s1; 2519 int result = 0; 2520 if (addr < sym->st_value) { 2521 result = -1; 2522 } else if (addr >= sym->st_value + sym->st_size) { 2523 result = 1; 2524 } 2525 return result; 2526 } 2527 2528 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 2529 { 2530 #if ELF_CLASS == ELFCLASS32 2531 struct elf_sym *syms = s->disas_symtab.elf32; 2532 #else 2533 struct elf_sym *syms = s->disas_symtab.elf64; 2534 #endif 2535 2536 // binary search 2537 struct elf_sym *sym; 2538 2539 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 2540 if (sym != NULL) { 2541 return s->disas_strtab + sym->st_name; 2542 } 2543 2544 return ""; 2545 } 2546 2547 /* FIXME: This should use elf_ops.h */ 2548 static int symcmp(const void *s0, const void *s1) 2549 { 2550 struct elf_sym *sym0 = (struct elf_sym *)s0; 2551 struct elf_sym *sym1 = (struct elf_sym *)s1; 2552 return (sym0->st_value < sym1->st_value) 2553 ? -1 2554 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 2555 } 2556 2557 /* Best attempt to load symbols from this ELF object. */ 2558 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 2559 { 2560 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 2561 uint64_t segsz; 2562 struct elf_shdr *shdr; 2563 char *strings = NULL; 2564 struct syminfo *s = NULL; 2565 struct elf_sym *new_syms, *syms = NULL; 2566 2567 shnum = hdr->e_shnum; 2568 i = shnum * sizeof(struct elf_shdr); 2569 shdr = (struct elf_shdr *)alloca(i); 2570 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 2571 return; 2572 } 2573 2574 bswap_shdr(shdr, shnum); 2575 for (i = 0; i < shnum; ++i) { 2576 if (shdr[i].sh_type == SHT_SYMTAB) { 2577 sym_idx = i; 2578 str_idx = shdr[i].sh_link; 2579 goto found; 2580 } 2581 } 2582 2583 /* There will be no symbol table if the file was stripped. */ 2584 return; 2585 2586 found: 2587 /* Now know where the strtab and symtab are. Snarf them. */ 2588 s = g_try_new(struct syminfo, 1); 2589 if (!s) { 2590 goto give_up; 2591 } 2592 2593 segsz = shdr[str_idx].sh_size; 2594 s->disas_strtab = strings = g_try_malloc(segsz); 2595 if (!strings || 2596 pread(fd, strings, segsz, shdr[str_idx].sh_offset) != segsz) { 2597 goto give_up; 2598 } 2599 2600 segsz = shdr[sym_idx].sh_size; 2601 syms = g_try_malloc(segsz); 2602 if (!syms || pread(fd, syms, segsz, shdr[sym_idx].sh_offset) != segsz) { 2603 goto give_up; 2604 } 2605 2606 if (segsz / sizeof(struct elf_sym) > INT_MAX) { 2607 /* Implausibly large symbol table: give up rather than ploughing 2608 * on with the number of symbols calculation overflowing 2609 */ 2610 goto give_up; 2611 } 2612 nsyms = segsz / sizeof(struct elf_sym); 2613 for (i = 0; i < nsyms; ) { 2614 bswap_sym(syms + i); 2615 /* Throw away entries which we do not need. */ 2616 if (syms[i].st_shndx == SHN_UNDEF 2617 || syms[i].st_shndx >= SHN_LORESERVE 2618 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 2619 if (i < --nsyms) { 2620 syms[i] = syms[nsyms]; 2621 } 2622 } else { 2623 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 2624 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 2625 syms[i].st_value &= ~(target_ulong)1; 2626 #endif 2627 syms[i].st_value += load_bias; 2628 i++; 2629 } 2630 } 2631 2632 /* No "useful" symbol. */ 2633 if (nsyms == 0) { 2634 goto give_up; 2635 } 2636 2637 /* Attempt to free the storage associated with the local symbols 2638 that we threw away. Whether or not this has any effect on the 2639 memory allocation depends on the malloc implementation and how 2640 many symbols we managed to discard. */ 2641 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 2642 if (new_syms == NULL) { 2643 goto give_up; 2644 } 2645 syms = new_syms; 2646 2647 qsort(syms, nsyms, sizeof(*syms), symcmp); 2648 2649 s->disas_num_syms = nsyms; 2650 #if ELF_CLASS == ELFCLASS32 2651 s->disas_symtab.elf32 = syms; 2652 #else 2653 s->disas_symtab.elf64 = syms; 2654 #endif 2655 s->lookup_symbol = lookup_symbolxx; 2656 s->next = syminfos; 2657 syminfos = s; 2658 2659 return; 2660 2661 give_up: 2662 g_free(s); 2663 g_free(strings); 2664 g_free(syms); 2665 } 2666 2667 uint32_t get_elf_eflags(int fd) 2668 { 2669 struct elfhdr ehdr; 2670 off_t offset; 2671 int ret; 2672 2673 /* Read ELF header */ 2674 offset = lseek(fd, 0, SEEK_SET); 2675 if (offset == (off_t) -1) { 2676 return 0; 2677 } 2678 ret = read(fd, &ehdr, sizeof(ehdr)); 2679 if (ret < sizeof(ehdr)) { 2680 return 0; 2681 } 2682 offset = lseek(fd, offset, SEEK_SET); 2683 if (offset == (off_t) -1) { 2684 return 0; 2685 } 2686 2687 /* Check ELF signature */ 2688 if (!elf_check_ident(&ehdr)) { 2689 return 0; 2690 } 2691 2692 /* check header */ 2693 bswap_ehdr(&ehdr); 2694 if (!elf_check_ehdr(&ehdr)) { 2695 return 0; 2696 } 2697 2698 /* return architecture id */ 2699 return ehdr.e_flags; 2700 } 2701 2702 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 2703 { 2704 struct image_info interp_info; 2705 struct elfhdr elf_ex; 2706 char *elf_interpreter = NULL; 2707 char *scratch; 2708 2709 info->start_mmap = (abi_ulong)ELF_START_MMAP; 2710 2711 load_elf_image(bprm->filename, bprm->fd, info, 2712 &elf_interpreter, bprm->buf); 2713 2714 /* ??? We need a copy of the elf header for passing to create_elf_tables. 2715 If we do nothing, we'll have overwritten this when we re-use bprm->buf 2716 when we load the interpreter. */ 2717 elf_ex = *(struct elfhdr *)bprm->buf; 2718 2719 /* Do this so that we can load the interpreter, if need be. We will 2720 change some of these later */ 2721 bprm->p = setup_arg_pages(bprm, info); 2722 2723 scratch = g_new0(char, TARGET_PAGE_SIZE); 2724 if (STACK_GROWS_DOWN) { 2725 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 2726 bprm->p, info->stack_limit); 2727 info->file_string = bprm->p; 2728 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 2729 bprm->p, info->stack_limit); 2730 info->env_strings = bprm->p; 2731 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 2732 bprm->p, info->stack_limit); 2733 info->arg_strings = bprm->p; 2734 } else { 2735 info->arg_strings = bprm->p; 2736 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 2737 bprm->p, info->stack_limit); 2738 info->env_strings = bprm->p; 2739 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 2740 bprm->p, info->stack_limit); 2741 info->file_string = bprm->p; 2742 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 2743 bprm->p, info->stack_limit); 2744 } 2745 2746 g_free(scratch); 2747 2748 if (!bprm->p) { 2749 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 2750 exit(-1); 2751 } 2752 2753 if (elf_interpreter) { 2754 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 2755 2756 /* If the program interpreter is one of these two, then assume 2757 an iBCS2 image. Otherwise assume a native linux image. */ 2758 2759 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 2760 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 2761 info->personality = PER_SVR4; 2762 2763 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 2764 and some applications "depend" upon this behavior. Since 2765 we do not have the power to recompile these, we emulate 2766 the SVr4 behavior. Sigh. */ 2767 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 2768 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 2769 } 2770 #ifdef TARGET_MIPS 2771 info->interp_fp_abi = interp_info.fp_abi; 2772 #endif 2773 } 2774 2775 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 2776 info, (elf_interpreter ? &interp_info : NULL)); 2777 info->start_stack = bprm->p; 2778 2779 /* If we have an interpreter, set that as the program's entry point. 2780 Copy the load_bias as well, to help PPC64 interpret the entry 2781 point as a function descriptor. Do this after creating elf tables 2782 so that we copy the original program entry point into the AUXV. */ 2783 if (elf_interpreter) { 2784 info->load_bias = interp_info.load_bias; 2785 info->entry = interp_info.entry; 2786 free(elf_interpreter); 2787 } 2788 2789 #ifdef USE_ELF_CORE_DUMP 2790 bprm->core_dump = &elf_core_dump; 2791 #endif 2792 2793 return 0; 2794 } 2795 2796 #ifdef USE_ELF_CORE_DUMP 2797 /* 2798 * Definitions to generate Intel SVR4-like core files. 2799 * These mostly have the same names as the SVR4 types with "target_elf_" 2800 * tacked on the front to prevent clashes with linux definitions, 2801 * and the typedef forms have been avoided. This is mostly like 2802 * the SVR4 structure, but more Linuxy, with things that Linux does 2803 * not support and which gdb doesn't really use excluded. 2804 * 2805 * Fields we don't dump (their contents is zero) in linux-user qemu 2806 * are marked with XXX. 2807 * 2808 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 2809 * 2810 * Porting ELF coredump for target is (quite) simple process. First you 2811 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 2812 * the target resides): 2813 * 2814 * #define USE_ELF_CORE_DUMP 2815 * 2816 * Next you define type of register set used for dumping. ELF specification 2817 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 2818 * 2819 * typedef <target_regtype> target_elf_greg_t; 2820 * #define ELF_NREG <number of registers> 2821 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 2822 * 2823 * Last step is to implement target specific function that copies registers 2824 * from given cpu into just specified register set. Prototype is: 2825 * 2826 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 2827 * const CPUArchState *env); 2828 * 2829 * Parameters: 2830 * regs - copy register values into here (allocated and zeroed by caller) 2831 * env - copy registers from here 2832 * 2833 * Example for ARM target is provided in this file. 2834 */ 2835 2836 /* An ELF note in memory */ 2837 struct memelfnote { 2838 const char *name; 2839 size_t namesz; 2840 size_t namesz_rounded; 2841 int type; 2842 size_t datasz; 2843 size_t datasz_rounded; 2844 void *data; 2845 size_t notesz; 2846 }; 2847 2848 struct target_elf_siginfo { 2849 abi_int si_signo; /* signal number */ 2850 abi_int si_code; /* extra code */ 2851 abi_int si_errno; /* errno */ 2852 }; 2853 2854 struct target_elf_prstatus { 2855 struct target_elf_siginfo pr_info; /* Info associated with signal */ 2856 abi_short pr_cursig; /* Current signal */ 2857 abi_ulong pr_sigpend; /* XXX */ 2858 abi_ulong pr_sighold; /* XXX */ 2859 target_pid_t pr_pid; 2860 target_pid_t pr_ppid; 2861 target_pid_t pr_pgrp; 2862 target_pid_t pr_sid; 2863 struct target_timeval pr_utime; /* XXX User time */ 2864 struct target_timeval pr_stime; /* XXX System time */ 2865 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 2866 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 2867 target_elf_gregset_t pr_reg; /* GP registers */ 2868 abi_int pr_fpvalid; /* XXX */ 2869 }; 2870 2871 #define ELF_PRARGSZ (80) /* Number of chars for args */ 2872 2873 struct target_elf_prpsinfo { 2874 char pr_state; /* numeric process state */ 2875 char pr_sname; /* char for pr_state */ 2876 char pr_zomb; /* zombie */ 2877 char pr_nice; /* nice val */ 2878 abi_ulong pr_flag; /* flags */ 2879 target_uid_t pr_uid; 2880 target_gid_t pr_gid; 2881 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 2882 /* Lots missing */ 2883 char pr_fname[16] QEMU_NONSTRING; /* filename of executable */ 2884 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 2885 }; 2886 2887 /* Here is the structure in which status of each thread is captured. */ 2888 struct elf_thread_status { 2889 QTAILQ_ENTRY(elf_thread_status) ets_link; 2890 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 2891 #if 0 2892 elf_fpregset_t fpu; /* NT_PRFPREG */ 2893 struct task_struct *thread; 2894 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 2895 #endif 2896 struct memelfnote notes[1]; 2897 int num_notes; 2898 }; 2899 2900 struct elf_note_info { 2901 struct memelfnote *notes; 2902 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 2903 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 2904 2905 QTAILQ_HEAD(, elf_thread_status) thread_list; 2906 #if 0 2907 /* 2908 * Current version of ELF coredump doesn't support 2909 * dumping fp regs etc. 2910 */ 2911 elf_fpregset_t *fpu; 2912 elf_fpxregset_t *xfpu; 2913 int thread_status_size; 2914 #endif 2915 int notes_size; 2916 int numnote; 2917 }; 2918 2919 struct vm_area_struct { 2920 target_ulong vma_start; /* start vaddr of memory region */ 2921 target_ulong vma_end; /* end vaddr of memory region */ 2922 abi_ulong vma_flags; /* protection etc. flags for the region */ 2923 QTAILQ_ENTRY(vm_area_struct) vma_link; 2924 }; 2925 2926 struct mm_struct { 2927 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 2928 int mm_count; /* number of mappings */ 2929 }; 2930 2931 static struct mm_struct *vma_init(void); 2932 static void vma_delete(struct mm_struct *); 2933 static int vma_add_mapping(struct mm_struct *, target_ulong, 2934 target_ulong, abi_ulong); 2935 static int vma_get_mapping_count(const struct mm_struct *); 2936 static struct vm_area_struct *vma_first(const struct mm_struct *); 2937 static struct vm_area_struct *vma_next(struct vm_area_struct *); 2938 static abi_ulong vma_dump_size(const struct vm_area_struct *); 2939 static int vma_walker(void *priv, target_ulong start, target_ulong end, 2940 unsigned long flags); 2941 2942 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 2943 static void fill_note(struct memelfnote *, const char *, int, 2944 unsigned int, void *); 2945 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 2946 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 2947 static void fill_auxv_note(struct memelfnote *, const TaskState *); 2948 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 2949 static size_t note_size(const struct memelfnote *); 2950 static void free_note_info(struct elf_note_info *); 2951 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 2952 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 2953 static int core_dump_filename(const TaskState *, char *, size_t); 2954 2955 static int dump_write(int, const void *, size_t); 2956 static int write_note(struct memelfnote *, int); 2957 static int write_note_info(struct elf_note_info *, int); 2958 2959 #ifdef BSWAP_NEEDED 2960 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 2961 { 2962 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 2963 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 2964 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 2965 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 2966 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 2967 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 2968 prstatus->pr_pid = tswap32(prstatus->pr_pid); 2969 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 2970 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 2971 prstatus->pr_sid = tswap32(prstatus->pr_sid); 2972 /* cpu times are not filled, so we skip them */ 2973 /* regs should be in correct format already */ 2974 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 2975 } 2976 2977 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 2978 { 2979 psinfo->pr_flag = tswapal(psinfo->pr_flag); 2980 psinfo->pr_uid = tswap16(psinfo->pr_uid); 2981 psinfo->pr_gid = tswap16(psinfo->pr_gid); 2982 psinfo->pr_pid = tswap32(psinfo->pr_pid); 2983 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 2984 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 2985 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2986 } 2987 2988 static void bswap_note(struct elf_note *en) 2989 { 2990 bswap32s(&en->n_namesz); 2991 bswap32s(&en->n_descsz); 2992 bswap32s(&en->n_type); 2993 } 2994 #else 2995 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2996 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2997 static inline void bswap_note(struct elf_note *en) { } 2998 #endif /* BSWAP_NEEDED */ 2999 3000 /* 3001 * Minimal support for linux memory regions. These are needed 3002 * when we are finding out what memory exactly belongs to 3003 * emulated process. No locks needed here, as long as 3004 * thread that received the signal is stopped. 3005 */ 3006 3007 static struct mm_struct *vma_init(void) 3008 { 3009 struct mm_struct *mm; 3010 3011 if ((mm = g_malloc(sizeof (*mm))) == NULL) 3012 return (NULL); 3013 3014 mm->mm_count = 0; 3015 QTAILQ_INIT(&mm->mm_mmap); 3016 3017 return (mm); 3018 } 3019 3020 static void vma_delete(struct mm_struct *mm) 3021 { 3022 struct vm_area_struct *vma; 3023 3024 while ((vma = vma_first(mm)) != NULL) { 3025 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 3026 g_free(vma); 3027 } 3028 g_free(mm); 3029 } 3030 3031 static int vma_add_mapping(struct mm_struct *mm, target_ulong start, 3032 target_ulong end, abi_ulong flags) 3033 { 3034 struct vm_area_struct *vma; 3035 3036 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 3037 return (-1); 3038 3039 vma->vma_start = start; 3040 vma->vma_end = end; 3041 vma->vma_flags = flags; 3042 3043 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 3044 mm->mm_count++; 3045 3046 return (0); 3047 } 3048 3049 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 3050 { 3051 return (QTAILQ_FIRST(&mm->mm_mmap)); 3052 } 3053 3054 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 3055 { 3056 return (QTAILQ_NEXT(vma, vma_link)); 3057 } 3058 3059 static int vma_get_mapping_count(const struct mm_struct *mm) 3060 { 3061 return (mm->mm_count); 3062 } 3063 3064 /* 3065 * Calculate file (dump) size of given memory region. 3066 */ 3067 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 3068 { 3069 /* if we cannot even read the first page, skip it */ 3070 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 3071 return (0); 3072 3073 /* 3074 * Usually we don't dump executable pages as they contain 3075 * non-writable code that debugger can read directly from 3076 * target library etc. However, thread stacks are marked 3077 * also executable so we read in first page of given region 3078 * and check whether it contains elf header. If there is 3079 * no elf header, we dump it. 3080 */ 3081 if (vma->vma_flags & PROT_EXEC) { 3082 char page[TARGET_PAGE_SIZE]; 3083 3084 copy_from_user(page, vma->vma_start, sizeof (page)); 3085 if ((page[EI_MAG0] == ELFMAG0) && 3086 (page[EI_MAG1] == ELFMAG1) && 3087 (page[EI_MAG2] == ELFMAG2) && 3088 (page[EI_MAG3] == ELFMAG3)) { 3089 /* 3090 * Mappings are possibly from ELF binary. Don't dump 3091 * them. 3092 */ 3093 return (0); 3094 } 3095 } 3096 3097 return (vma->vma_end - vma->vma_start); 3098 } 3099 3100 static int vma_walker(void *priv, target_ulong start, target_ulong end, 3101 unsigned long flags) 3102 { 3103 struct mm_struct *mm = (struct mm_struct *)priv; 3104 3105 vma_add_mapping(mm, start, end, flags); 3106 return (0); 3107 } 3108 3109 static void fill_note(struct memelfnote *note, const char *name, int type, 3110 unsigned int sz, void *data) 3111 { 3112 unsigned int namesz; 3113 3114 namesz = strlen(name) + 1; 3115 note->name = name; 3116 note->namesz = namesz; 3117 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 3118 note->type = type; 3119 note->datasz = sz; 3120 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 3121 3122 note->data = data; 3123 3124 /* 3125 * We calculate rounded up note size here as specified by 3126 * ELF document. 3127 */ 3128 note->notesz = sizeof (struct elf_note) + 3129 note->namesz_rounded + note->datasz_rounded; 3130 } 3131 3132 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 3133 uint32_t flags) 3134 { 3135 (void) memset(elf, 0, sizeof(*elf)); 3136 3137 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 3138 elf->e_ident[EI_CLASS] = ELF_CLASS; 3139 elf->e_ident[EI_DATA] = ELF_DATA; 3140 elf->e_ident[EI_VERSION] = EV_CURRENT; 3141 elf->e_ident[EI_OSABI] = ELF_OSABI; 3142 3143 elf->e_type = ET_CORE; 3144 elf->e_machine = machine; 3145 elf->e_version = EV_CURRENT; 3146 elf->e_phoff = sizeof(struct elfhdr); 3147 elf->e_flags = flags; 3148 elf->e_ehsize = sizeof(struct elfhdr); 3149 elf->e_phentsize = sizeof(struct elf_phdr); 3150 elf->e_phnum = segs; 3151 3152 bswap_ehdr(elf); 3153 } 3154 3155 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 3156 { 3157 phdr->p_type = PT_NOTE; 3158 phdr->p_offset = offset; 3159 phdr->p_vaddr = 0; 3160 phdr->p_paddr = 0; 3161 phdr->p_filesz = sz; 3162 phdr->p_memsz = 0; 3163 phdr->p_flags = 0; 3164 phdr->p_align = 0; 3165 3166 bswap_phdr(phdr, 1); 3167 } 3168 3169 static size_t note_size(const struct memelfnote *note) 3170 { 3171 return (note->notesz); 3172 } 3173 3174 static void fill_prstatus(struct target_elf_prstatus *prstatus, 3175 const TaskState *ts, int signr) 3176 { 3177 (void) memset(prstatus, 0, sizeof (*prstatus)); 3178 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 3179 prstatus->pr_pid = ts->ts_tid; 3180 prstatus->pr_ppid = getppid(); 3181 prstatus->pr_pgrp = getpgrp(); 3182 prstatus->pr_sid = getsid(0); 3183 3184 bswap_prstatus(prstatus); 3185 } 3186 3187 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 3188 { 3189 char *base_filename; 3190 unsigned int i, len; 3191 3192 (void) memset(psinfo, 0, sizeof (*psinfo)); 3193 3194 len = ts->info->arg_end - ts->info->arg_start; 3195 if (len >= ELF_PRARGSZ) 3196 len = ELF_PRARGSZ - 1; 3197 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 3198 return -EFAULT; 3199 for (i = 0; i < len; i++) 3200 if (psinfo->pr_psargs[i] == 0) 3201 psinfo->pr_psargs[i] = ' '; 3202 psinfo->pr_psargs[len] = 0; 3203 3204 psinfo->pr_pid = getpid(); 3205 psinfo->pr_ppid = getppid(); 3206 psinfo->pr_pgrp = getpgrp(); 3207 psinfo->pr_sid = getsid(0); 3208 psinfo->pr_uid = getuid(); 3209 psinfo->pr_gid = getgid(); 3210 3211 base_filename = g_path_get_basename(ts->bprm->filename); 3212 /* 3213 * Using strncpy here is fine: at max-length, 3214 * this field is not NUL-terminated. 3215 */ 3216 (void) strncpy(psinfo->pr_fname, base_filename, 3217 sizeof(psinfo->pr_fname)); 3218 3219 g_free(base_filename); 3220 bswap_psinfo(psinfo); 3221 return (0); 3222 } 3223 3224 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 3225 { 3226 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 3227 elf_addr_t orig_auxv = auxv; 3228 void *ptr; 3229 int len = ts->info->auxv_len; 3230 3231 /* 3232 * Auxiliary vector is stored in target process stack. It contains 3233 * {type, value} pairs that we need to dump into note. This is not 3234 * strictly necessary but we do it here for sake of completeness. 3235 */ 3236 3237 /* read in whole auxv vector and copy it to memelfnote */ 3238 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 3239 if (ptr != NULL) { 3240 fill_note(note, "CORE", NT_AUXV, len, ptr); 3241 unlock_user(ptr, auxv, len); 3242 } 3243 } 3244 3245 /* 3246 * Constructs name of coredump file. We have following convention 3247 * for the name: 3248 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 3249 * 3250 * Returns 0 in case of success, -1 otherwise (errno is set). 3251 */ 3252 static int core_dump_filename(const TaskState *ts, char *buf, 3253 size_t bufsize) 3254 { 3255 char timestamp[64]; 3256 char *base_filename = NULL; 3257 struct timeval tv; 3258 struct tm tm; 3259 3260 assert(bufsize >= PATH_MAX); 3261 3262 if (gettimeofday(&tv, NULL) < 0) { 3263 (void) fprintf(stderr, "unable to get current timestamp: %s", 3264 strerror(errno)); 3265 return (-1); 3266 } 3267 3268 base_filename = g_path_get_basename(ts->bprm->filename); 3269 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 3270 localtime_r(&tv.tv_sec, &tm)); 3271 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 3272 base_filename, timestamp, (int)getpid()); 3273 g_free(base_filename); 3274 3275 return (0); 3276 } 3277 3278 static int dump_write(int fd, const void *ptr, size_t size) 3279 { 3280 const char *bufp = (const char *)ptr; 3281 ssize_t bytes_written, bytes_left; 3282 struct rlimit dumpsize; 3283 off_t pos; 3284 3285 bytes_written = 0; 3286 getrlimit(RLIMIT_CORE, &dumpsize); 3287 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 3288 if (errno == ESPIPE) { /* not a seekable stream */ 3289 bytes_left = size; 3290 } else { 3291 return pos; 3292 } 3293 } else { 3294 if (dumpsize.rlim_cur <= pos) { 3295 return -1; 3296 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 3297 bytes_left = size; 3298 } else { 3299 size_t limit_left=dumpsize.rlim_cur - pos; 3300 bytes_left = limit_left >= size ? size : limit_left ; 3301 } 3302 } 3303 3304 /* 3305 * In normal conditions, single write(2) should do but 3306 * in case of socket etc. this mechanism is more portable. 3307 */ 3308 do { 3309 bytes_written = write(fd, bufp, bytes_left); 3310 if (bytes_written < 0) { 3311 if (errno == EINTR) 3312 continue; 3313 return (-1); 3314 } else if (bytes_written == 0) { /* eof */ 3315 return (-1); 3316 } 3317 bufp += bytes_written; 3318 bytes_left -= bytes_written; 3319 } while (bytes_left > 0); 3320 3321 return (0); 3322 } 3323 3324 static int write_note(struct memelfnote *men, int fd) 3325 { 3326 struct elf_note en; 3327 3328 en.n_namesz = men->namesz; 3329 en.n_type = men->type; 3330 en.n_descsz = men->datasz; 3331 3332 bswap_note(&en); 3333 3334 if (dump_write(fd, &en, sizeof(en)) != 0) 3335 return (-1); 3336 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 3337 return (-1); 3338 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 3339 return (-1); 3340 3341 return (0); 3342 } 3343 3344 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 3345 { 3346 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3347 TaskState *ts = (TaskState *)cpu->opaque; 3348 struct elf_thread_status *ets; 3349 3350 ets = g_malloc0(sizeof (*ets)); 3351 ets->num_notes = 1; /* only prstatus is dumped */ 3352 fill_prstatus(&ets->prstatus, ts, 0); 3353 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 3354 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 3355 &ets->prstatus); 3356 3357 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 3358 3359 info->notes_size += note_size(&ets->notes[0]); 3360 } 3361 3362 static void init_note_info(struct elf_note_info *info) 3363 { 3364 /* Initialize the elf_note_info structure so that it is at 3365 * least safe to call free_note_info() on it. Must be 3366 * called before calling fill_note_info(). 3367 */ 3368 memset(info, 0, sizeof (*info)); 3369 QTAILQ_INIT(&info->thread_list); 3370 } 3371 3372 static int fill_note_info(struct elf_note_info *info, 3373 long signr, const CPUArchState *env) 3374 { 3375 #define NUMNOTES 3 3376 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3377 TaskState *ts = (TaskState *)cpu->opaque; 3378 int i; 3379 3380 info->notes = g_new0(struct memelfnote, NUMNOTES); 3381 if (info->notes == NULL) 3382 return (-ENOMEM); 3383 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 3384 if (info->prstatus == NULL) 3385 return (-ENOMEM); 3386 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 3387 if (info->prstatus == NULL) 3388 return (-ENOMEM); 3389 3390 /* 3391 * First fill in status (and registers) of current thread 3392 * including process info & aux vector. 3393 */ 3394 fill_prstatus(info->prstatus, ts, signr); 3395 elf_core_copy_regs(&info->prstatus->pr_reg, env); 3396 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 3397 sizeof (*info->prstatus), info->prstatus); 3398 fill_psinfo(info->psinfo, ts); 3399 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 3400 sizeof (*info->psinfo), info->psinfo); 3401 fill_auxv_note(&info->notes[2], ts); 3402 info->numnote = 3; 3403 3404 info->notes_size = 0; 3405 for (i = 0; i < info->numnote; i++) 3406 info->notes_size += note_size(&info->notes[i]); 3407 3408 /* read and fill status of all threads */ 3409 cpu_list_lock(); 3410 CPU_FOREACH(cpu) { 3411 if (cpu == thread_cpu) { 3412 continue; 3413 } 3414 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 3415 } 3416 cpu_list_unlock(); 3417 3418 return (0); 3419 } 3420 3421 static void free_note_info(struct elf_note_info *info) 3422 { 3423 struct elf_thread_status *ets; 3424 3425 while (!QTAILQ_EMPTY(&info->thread_list)) { 3426 ets = QTAILQ_FIRST(&info->thread_list); 3427 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 3428 g_free(ets); 3429 } 3430 3431 g_free(info->prstatus); 3432 g_free(info->psinfo); 3433 g_free(info->notes); 3434 } 3435 3436 static int write_note_info(struct elf_note_info *info, int fd) 3437 { 3438 struct elf_thread_status *ets; 3439 int i, error = 0; 3440 3441 /* write prstatus, psinfo and auxv for current thread */ 3442 for (i = 0; i < info->numnote; i++) 3443 if ((error = write_note(&info->notes[i], fd)) != 0) 3444 return (error); 3445 3446 /* write prstatus for each thread */ 3447 QTAILQ_FOREACH(ets, &info->thread_list, ets_link) { 3448 if ((error = write_note(&ets->notes[0], fd)) != 0) 3449 return (error); 3450 } 3451 3452 return (0); 3453 } 3454 3455 /* 3456 * Write out ELF coredump. 3457 * 3458 * See documentation of ELF object file format in: 3459 * http://www.caldera.com/developers/devspecs/gabi41.pdf 3460 * 3461 * Coredump format in linux is following: 3462 * 3463 * 0 +----------------------+ \ 3464 * | ELF header | ET_CORE | 3465 * +----------------------+ | 3466 * | ELF program headers | |--- headers 3467 * | - NOTE section | | 3468 * | - PT_LOAD sections | | 3469 * +----------------------+ / 3470 * | NOTEs: | 3471 * | - NT_PRSTATUS | 3472 * | - NT_PRSINFO | 3473 * | - NT_AUXV | 3474 * +----------------------+ <-- aligned to target page 3475 * | Process memory dump | 3476 * : : 3477 * . . 3478 * : : 3479 * | | 3480 * +----------------------+ 3481 * 3482 * NT_PRSTATUS -> struct elf_prstatus (per thread) 3483 * NT_PRSINFO -> struct elf_prpsinfo 3484 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 3485 * 3486 * Format follows System V format as close as possible. Current 3487 * version limitations are as follows: 3488 * - no floating point registers are dumped 3489 * 3490 * Function returns 0 in case of success, negative errno otherwise. 3491 * 3492 * TODO: make this work also during runtime: it should be 3493 * possible to force coredump from running process and then 3494 * continue processing. For example qemu could set up SIGUSR2 3495 * handler (provided that target process haven't registered 3496 * handler for that) that does the dump when signal is received. 3497 */ 3498 static int elf_core_dump(int signr, const CPUArchState *env) 3499 { 3500 const CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 3501 const TaskState *ts = (const TaskState *)cpu->opaque; 3502 struct vm_area_struct *vma = NULL; 3503 char corefile[PATH_MAX]; 3504 struct elf_note_info info; 3505 struct elfhdr elf; 3506 struct elf_phdr phdr; 3507 struct rlimit dumpsize; 3508 struct mm_struct *mm = NULL; 3509 off_t offset = 0, data_offset = 0; 3510 int segs = 0; 3511 int fd = -1; 3512 3513 init_note_info(&info); 3514 3515 errno = 0; 3516 getrlimit(RLIMIT_CORE, &dumpsize); 3517 if (dumpsize.rlim_cur == 0) 3518 return 0; 3519 3520 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 3521 return (-errno); 3522 3523 if ((fd = open(corefile, O_WRONLY | O_CREAT, 3524 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 3525 return (-errno); 3526 3527 /* 3528 * Walk through target process memory mappings and 3529 * set up structure containing this information. After 3530 * this point vma_xxx functions can be used. 3531 */ 3532 if ((mm = vma_init()) == NULL) 3533 goto out; 3534 3535 walk_memory_regions(mm, vma_walker); 3536 segs = vma_get_mapping_count(mm); 3537 3538 /* 3539 * Construct valid coredump ELF header. We also 3540 * add one more segment for notes. 3541 */ 3542 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 3543 if (dump_write(fd, &elf, sizeof (elf)) != 0) 3544 goto out; 3545 3546 /* fill in the in-memory version of notes */ 3547 if (fill_note_info(&info, signr, env) < 0) 3548 goto out; 3549 3550 offset += sizeof (elf); /* elf header */ 3551 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 3552 3553 /* write out notes program header */ 3554 fill_elf_note_phdr(&phdr, info.notes_size, offset); 3555 3556 offset += info.notes_size; 3557 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 3558 goto out; 3559 3560 /* 3561 * ELF specification wants data to start at page boundary so 3562 * we align it here. 3563 */ 3564 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 3565 3566 /* 3567 * Write program headers for memory regions mapped in 3568 * the target process. 3569 */ 3570 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3571 (void) memset(&phdr, 0, sizeof (phdr)); 3572 3573 phdr.p_type = PT_LOAD; 3574 phdr.p_offset = offset; 3575 phdr.p_vaddr = vma->vma_start; 3576 phdr.p_paddr = 0; 3577 phdr.p_filesz = vma_dump_size(vma); 3578 offset += phdr.p_filesz; 3579 phdr.p_memsz = vma->vma_end - vma->vma_start; 3580 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 3581 if (vma->vma_flags & PROT_WRITE) 3582 phdr.p_flags |= PF_W; 3583 if (vma->vma_flags & PROT_EXEC) 3584 phdr.p_flags |= PF_X; 3585 phdr.p_align = ELF_EXEC_PAGESIZE; 3586 3587 bswap_phdr(&phdr, 1); 3588 if (dump_write(fd, &phdr, sizeof(phdr)) != 0) { 3589 goto out; 3590 } 3591 } 3592 3593 /* 3594 * Next we write notes just after program headers. No 3595 * alignment needed here. 3596 */ 3597 if (write_note_info(&info, fd) < 0) 3598 goto out; 3599 3600 /* align data to page boundary */ 3601 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 3602 goto out; 3603 3604 /* 3605 * Finally we can dump process memory into corefile as well. 3606 */ 3607 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3608 abi_ulong addr; 3609 abi_ulong end; 3610 3611 end = vma->vma_start + vma_dump_size(vma); 3612 3613 for (addr = vma->vma_start; addr < end; 3614 addr += TARGET_PAGE_SIZE) { 3615 char page[TARGET_PAGE_SIZE]; 3616 int error; 3617 3618 /* 3619 * Read in page from target process memory and 3620 * write it to coredump file. 3621 */ 3622 error = copy_from_user(page, addr, sizeof (page)); 3623 if (error != 0) { 3624 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 3625 addr); 3626 errno = -error; 3627 goto out; 3628 } 3629 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 3630 goto out; 3631 } 3632 } 3633 3634 out: 3635 free_note_info(&info); 3636 if (mm != NULL) 3637 vma_delete(mm); 3638 (void) close(fd); 3639 3640 if (errno != 0) 3641 return (-errno); 3642 return (0); 3643 } 3644 #endif /* USE_ELF_CORE_DUMP */ 3645 3646 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 3647 { 3648 init_thread(regs, infop); 3649 } 3650