1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include "qemu/osdep.h" 3 #include <sys/param.h> 4 5 #include <sys/resource.h> 6 #include <sys/shm.h> 7 8 #include "qemu.h" 9 #include "user-internals.h" 10 #include "signal-common.h" 11 #include "loader.h" 12 #include "user-mmap.h" 13 #include "disas/disas.h" 14 #include "qemu/bitops.h" 15 #include "qemu/path.h" 16 #include "qemu/queue.h" 17 #include "qemu/guest-random.h" 18 #include "qemu/units.h" 19 #include "qemu/selfmap.h" 20 #include "qapi/error.h" 21 #include "target_signal.h" 22 23 #ifdef _ARCH_PPC64 24 #undef ARCH_DLINFO 25 #undef ELF_PLATFORM 26 #undef ELF_HWCAP 27 #undef ELF_HWCAP2 28 #undef ELF_CLASS 29 #undef ELF_DATA 30 #undef ELF_ARCH 31 #endif 32 33 #ifndef TARGET_ARCH_HAS_SIGTRAMP_PAGE 34 #define TARGET_ARCH_HAS_SIGTRAMP_PAGE 0 35 #endif 36 37 #define ELF_OSABI ELFOSABI_SYSV 38 39 /* from personality.h */ 40 41 /* 42 * Flags for bug emulation. 43 * 44 * These occupy the top three bytes. 45 */ 46 enum { 47 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 48 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 49 descriptors (signal handling) */ 50 MMAP_PAGE_ZERO = 0x0100000, 51 ADDR_COMPAT_LAYOUT = 0x0200000, 52 READ_IMPLIES_EXEC = 0x0400000, 53 ADDR_LIMIT_32BIT = 0x0800000, 54 SHORT_INODE = 0x1000000, 55 WHOLE_SECONDS = 0x2000000, 56 STICKY_TIMEOUTS = 0x4000000, 57 ADDR_LIMIT_3GB = 0x8000000, 58 }; 59 60 /* 61 * Personality types. 62 * 63 * These go in the low byte. Avoid using the top bit, it will 64 * conflict with error returns. 65 */ 66 enum { 67 PER_LINUX = 0x0000, 68 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 69 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 70 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 71 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 72 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 73 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 74 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 75 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 76 PER_BSD = 0x0006, 77 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 78 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 79 PER_LINUX32 = 0x0008, 80 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 81 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 82 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 83 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 84 PER_RISCOS = 0x000c, 85 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 86 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 87 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 88 PER_HPUX = 0x0010, 89 PER_MASK = 0x00ff, 90 }; 91 92 /* 93 * Return the base personality without flags. 94 */ 95 #define personality(pers) (pers & PER_MASK) 96 97 int info_is_fdpic(struct image_info *info) 98 { 99 return info->personality == PER_LINUX_FDPIC; 100 } 101 102 /* this flag is uneffective under linux too, should be deleted */ 103 #ifndef MAP_DENYWRITE 104 #define MAP_DENYWRITE 0 105 #endif 106 107 /* should probably go in elf.h */ 108 #ifndef ELIBBAD 109 #define ELIBBAD 80 110 #endif 111 112 #ifdef TARGET_WORDS_BIGENDIAN 113 #define ELF_DATA ELFDATA2MSB 114 #else 115 #define ELF_DATA ELFDATA2LSB 116 #endif 117 118 #ifdef TARGET_ABI_MIPSN32 119 typedef abi_ullong target_elf_greg_t; 120 #define tswapreg(ptr) tswap64(ptr) 121 #else 122 typedef abi_ulong target_elf_greg_t; 123 #define tswapreg(ptr) tswapal(ptr) 124 #endif 125 126 #ifdef USE_UID16 127 typedef abi_ushort target_uid_t; 128 typedef abi_ushort target_gid_t; 129 #else 130 typedef abi_uint target_uid_t; 131 typedef abi_uint target_gid_t; 132 #endif 133 typedef abi_int target_pid_t; 134 135 #ifdef TARGET_I386 136 137 #define ELF_PLATFORM get_elf_platform() 138 139 static const char *get_elf_platform(void) 140 { 141 static char elf_platform[] = "i386"; 142 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 143 if (family > 6) 144 family = 6; 145 if (family >= 3) 146 elf_platform[1] = '0' + family; 147 return elf_platform; 148 } 149 150 #define ELF_HWCAP get_elf_hwcap() 151 152 static uint32_t get_elf_hwcap(void) 153 { 154 X86CPU *cpu = X86_CPU(thread_cpu); 155 156 return cpu->env.features[FEAT_1_EDX]; 157 } 158 159 #ifdef TARGET_X86_64 160 #define ELF_START_MMAP 0x2aaaaab000ULL 161 162 #define ELF_CLASS ELFCLASS64 163 #define ELF_ARCH EM_X86_64 164 165 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 166 { 167 regs->rax = 0; 168 regs->rsp = infop->start_stack; 169 regs->rip = infop->entry; 170 } 171 172 #define ELF_NREG 27 173 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 174 175 /* 176 * Note that ELF_NREG should be 29 as there should be place for 177 * TRAPNO and ERR "registers" as well but linux doesn't dump 178 * those. 179 * 180 * See linux kernel: arch/x86/include/asm/elf.h 181 */ 182 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 183 { 184 (*regs)[0] = tswapreg(env->regs[15]); 185 (*regs)[1] = tswapreg(env->regs[14]); 186 (*regs)[2] = tswapreg(env->regs[13]); 187 (*regs)[3] = tswapreg(env->regs[12]); 188 (*regs)[4] = tswapreg(env->regs[R_EBP]); 189 (*regs)[5] = tswapreg(env->regs[R_EBX]); 190 (*regs)[6] = tswapreg(env->regs[11]); 191 (*regs)[7] = tswapreg(env->regs[10]); 192 (*regs)[8] = tswapreg(env->regs[9]); 193 (*regs)[9] = tswapreg(env->regs[8]); 194 (*regs)[10] = tswapreg(env->regs[R_EAX]); 195 (*regs)[11] = tswapreg(env->regs[R_ECX]); 196 (*regs)[12] = tswapreg(env->regs[R_EDX]); 197 (*regs)[13] = tswapreg(env->regs[R_ESI]); 198 (*regs)[14] = tswapreg(env->regs[R_EDI]); 199 (*regs)[15] = tswapreg(env->regs[R_EAX]); /* XXX */ 200 (*regs)[16] = tswapreg(env->eip); 201 (*regs)[17] = tswapreg(env->segs[R_CS].selector & 0xffff); 202 (*regs)[18] = tswapreg(env->eflags); 203 (*regs)[19] = tswapreg(env->regs[R_ESP]); 204 (*regs)[20] = tswapreg(env->segs[R_SS].selector & 0xffff); 205 (*regs)[21] = tswapreg(env->segs[R_FS].selector & 0xffff); 206 (*regs)[22] = tswapreg(env->segs[R_GS].selector & 0xffff); 207 (*regs)[23] = tswapreg(env->segs[R_DS].selector & 0xffff); 208 (*regs)[24] = tswapreg(env->segs[R_ES].selector & 0xffff); 209 (*regs)[25] = tswapreg(env->segs[R_FS].selector & 0xffff); 210 (*regs)[26] = tswapreg(env->segs[R_GS].selector & 0xffff); 211 } 212 213 #else 214 215 #define ELF_START_MMAP 0x80000000 216 217 /* 218 * This is used to ensure we don't load something for the wrong architecture. 219 */ 220 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 221 222 /* 223 * These are used to set parameters in the core dumps. 224 */ 225 #define ELF_CLASS ELFCLASS32 226 #define ELF_ARCH EM_386 227 228 static inline void init_thread(struct target_pt_regs *regs, 229 struct image_info *infop) 230 { 231 regs->esp = infop->start_stack; 232 regs->eip = infop->entry; 233 234 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 235 starts %edx contains a pointer to a function which might be 236 registered using `atexit'. This provides a mean for the 237 dynamic linker to call DT_FINI functions for shared libraries 238 that have been loaded before the code runs. 239 240 A value of 0 tells we have no such handler. */ 241 regs->edx = 0; 242 } 243 244 #define ELF_NREG 17 245 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 246 247 /* 248 * Note that ELF_NREG should be 19 as there should be place for 249 * TRAPNO and ERR "registers" as well but linux doesn't dump 250 * those. 251 * 252 * See linux kernel: arch/x86/include/asm/elf.h 253 */ 254 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 255 { 256 (*regs)[0] = tswapreg(env->regs[R_EBX]); 257 (*regs)[1] = tswapreg(env->regs[R_ECX]); 258 (*regs)[2] = tswapreg(env->regs[R_EDX]); 259 (*regs)[3] = tswapreg(env->regs[R_ESI]); 260 (*regs)[4] = tswapreg(env->regs[R_EDI]); 261 (*regs)[5] = tswapreg(env->regs[R_EBP]); 262 (*regs)[6] = tswapreg(env->regs[R_EAX]); 263 (*regs)[7] = tswapreg(env->segs[R_DS].selector & 0xffff); 264 (*regs)[8] = tswapreg(env->segs[R_ES].selector & 0xffff); 265 (*regs)[9] = tswapreg(env->segs[R_FS].selector & 0xffff); 266 (*regs)[10] = tswapreg(env->segs[R_GS].selector & 0xffff); 267 (*regs)[11] = tswapreg(env->regs[R_EAX]); /* XXX */ 268 (*regs)[12] = tswapreg(env->eip); 269 (*regs)[13] = tswapreg(env->segs[R_CS].selector & 0xffff); 270 (*regs)[14] = tswapreg(env->eflags); 271 (*regs)[15] = tswapreg(env->regs[R_ESP]); 272 (*regs)[16] = tswapreg(env->segs[R_SS].selector & 0xffff); 273 } 274 #endif 275 276 #define USE_ELF_CORE_DUMP 277 #define ELF_EXEC_PAGESIZE 4096 278 279 #endif 280 281 #ifdef TARGET_ARM 282 283 #ifndef TARGET_AARCH64 284 /* 32 bit ARM definitions */ 285 286 #define ELF_START_MMAP 0x80000000 287 288 #define ELF_ARCH EM_ARM 289 #define ELF_CLASS ELFCLASS32 290 291 static inline void init_thread(struct target_pt_regs *regs, 292 struct image_info *infop) 293 { 294 abi_long stack = infop->start_stack; 295 memset(regs, 0, sizeof(*regs)); 296 297 regs->uregs[16] = ARM_CPU_MODE_USR; 298 if (infop->entry & 1) { 299 regs->uregs[16] |= CPSR_T; 300 } 301 regs->uregs[15] = infop->entry & 0xfffffffe; 302 regs->uregs[13] = infop->start_stack; 303 /* FIXME - what to for failure of get_user()? */ 304 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 305 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 306 /* XXX: it seems that r0 is zeroed after ! */ 307 regs->uregs[0] = 0; 308 /* For uClinux PIC binaries. */ 309 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 310 regs->uregs[10] = infop->start_data; 311 312 /* Support ARM FDPIC. */ 313 if (info_is_fdpic(infop)) { 314 /* As described in the ABI document, r7 points to the loadmap info 315 * prepared by the kernel. If an interpreter is needed, r8 points 316 * to the interpreter loadmap and r9 points to the interpreter 317 * PT_DYNAMIC info. If no interpreter is needed, r8 is zero, and 318 * r9 points to the main program PT_DYNAMIC info. 319 */ 320 regs->uregs[7] = infop->loadmap_addr; 321 if (infop->interpreter_loadmap_addr) { 322 /* Executable is dynamically loaded. */ 323 regs->uregs[8] = infop->interpreter_loadmap_addr; 324 regs->uregs[9] = infop->interpreter_pt_dynamic_addr; 325 } else { 326 regs->uregs[8] = 0; 327 regs->uregs[9] = infop->pt_dynamic_addr; 328 } 329 } 330 } 331 332 #define ELF_NREG 18 333 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 334 335 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 336 { 337 (*regs)[0] = tswapreg(env->regs[0]); 338 (*regs)[1] = tswapreg(env->regs[1]); 339 (*regs)[2] = tswapreg(env->regs[2]); 340 (*regs)[3] = tswapreg(env->regs[3]); 341 (*regs)[4] = tswapreg(env->regs[4]); 342 (*regs)[5] = tswapreg(env->regs[5]); 343 (*regs)[6] = tswapreg(env->regs[6]); 344 (*regs)[7] = tswapreg(env->regs[7]); 345 (*regs)[8] = tswapreg(env->regs[8]); 346 (*regs)[9] = tswapreg(env->regs[9]); 347 (*regs)[10] = tswapreg(env->regs[10]); 348 (*regs)[11] = tswapreg(env->regs[11]); 349 (*regs)[12] = tswapreg(env->regs[12]); 350 (*regs)[13] = tswapreg(env->regs[13]); 351 (*regs)[14] = tswapreg(env->regs[14]); 352 (*regs)[15] = tswapreg(env->regs[15]); 353 354 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 355 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 356 } 357 358 #define USE_ELF_CORE_DUMP 359 #define ELF_EXEC_PAGESIZE 4096 360 361 enum 362 { 363 ARM_HWCAP_ARM_SWP = 1 << 0, 364 ARM_HWCAP_ARM_HALF = 1 << 1, 365 ARM_HWCAP_ARM_THUMB = 1 << 2, 366 ARM_HWCAP_ARM_26BIT = 1 << 3, 367 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 368 ARM_HWCAP_ARM_FPA = 1 << 5, 369 ARM_HWCAP_ARM_VFP = 1 << 6, 370 ARM_HWCAP_ARM_EDSP = 1 << 7, 371 ARM_HWCAP_ARM_JAVA = 1 << 8, 372 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 373 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 374 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 375 ARM_HWCAP_ARM_NEON = 1 << 12, 376 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 377 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 378 ARM_HWCAP_ARM_TLS = 1 << 15, 379 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 380 ARM_HWCAP_ARM_IDIVA = 1 << 17, 381 ARM_HWCAP_ARM_IDIVT = 1 << 18, 382 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 383 ARM_HWCAP_ARM_LPAE = 1 << 20, 384 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 385 }; 386 387 enum { 388 ARM_HWCAP2_ARM_AES = 1 << 0, 389 ARM_HWCAP2_ARM_PMULL = 1 << 1, 390 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 391 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 392 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 393 }; 394 395 /* The commpage only exists for 32 bit kernels */ 396 397 #define ARM_COMMPAGE (intptr_t)0xffff0f00u 398 399 static bool init_guest_commpage(void) 400 { 401 void *want = g2h_untagged(ARM_COMMPAGE & -qemu_host_page_size); 402 void *addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE, 403 MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); 404 405 if (addr == MAP_FAILED) { 406 perror("Allocating guest commpage"); 407 exit(EXIT_FAILURE); 408 } 409 if (addr != want) { 410 return false; 411 } 412 413 /* Set kernel helper versions; rest of page is 0. */ 414 __put_user(5, (uint32_t *)g2h_untagged(0xffff0ffcu)); 415 416 if (mprotect(addr, qemu_host_page_size, PROT_READ)) { 417 perror("Protecting guest commpage"); 418 exit(EXIT_FAILURE); 419 } 420 return true; 421 } 422 423 #define ELF_HWCAP get_elf_hwcap() 424 #define ELF_HWCAP2 get_elf_hwcap2() 425 426 static uint32_t get_elf_hwcap(void) 427 { 428 ARMCPU *cpu = ARM_CPU(thread_cpu); 429 uint32_t hwcaps = 0; 430 431 hwcaps |= ARM_HWCAP_ARM_SWP; 432 hwcaps |= ARM_HWCAP_ARM_HALF; 433 hwcaps |= ARM_HWCAP_ARM_THUMB; 434 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 435 436 /* probe for the extra features */ 437 #define GET_FEATURE(feat, hwcap) \ 438 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 439 440 #define GET_FEATURE_ID(feat, hwcap) \ 441 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 442 443 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 444 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 445 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 446 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 447 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 448 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 449 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 450 GET_FEATURE_ID(aa32_arm_div, ARM_HWCAP_ARM_IDIVA); 451 GET_FEATURE_ID(aa32_thumb_div, ARM_HWCAP_ARM_IDIVT); 452 GET_FEATURE_ID(aa32_vfp, ARM_HWCAP_ARM_VFP); 453 454 if (cpu_isar_feature(aa32_fpsp_v3, cpu) || 455 cpu_isar_feature(aa32_fpdp_v3, cpu)) { 456 hwcaps |= ARM_HWCAP_ARM_VFPv3; 457 if (cpu_isar_feature(aa32_simd_r32, cpu)) { 458 hwcaps |= ARM_HWCAP_ARM_VFPD32; 459 } else { 460 hwcaps |= ARM_HWCAP_ARM_VFPv3D16; 461 } 462 } 463 GET_FEATURE_ID(aa32_simdfmac, ARM_HWCAP_ARM_VFPv4); 464 465 return hwcaps; 466 } 467 468 static uint32_t get_elf_hwcap2(void) 469 { 470 ARMCPU *cpu = ARM_CPU(thread_cpu); 471 uint32_t hwcaps = 0; 472 473 GET_FEATURE_ID(aa32_aes, ARM_HWCAP2_ARM_AES); 474 GET_FEATURE_ID(aa32_pmull, ARM_HWCAP2_ARM_PMULL); 475 GET_FEATURE_ID(aa32_sha1, ARM_HWCAP2_ARM_SHA1); 476 GET_FEATURE_ID(aa32_sha2, ARM_HWCAP2_ARM_SHA2); 477 GET_FEATURE_ID(aa32_crc32, ARM_HWCAP2_ARM_CRC32); 478 return hwcaps; 479 } 480 481 #undef GET_FEATURE 482 #undef GET_FEATURE_ID 483 484 #define ELF_PLATFORM get_elf_platform() 485 486 static const char *get_elf_platform(void) 487 { 488 CPUARMState *env = thread_cpu->env_ptr; 489 490 #ifdef TARGET_WORDS_BIGENDIAN 491 # define END "b" 492 #else 493 # define END "l" 494 #endif 495 496 if (arm_feature(env, ARM_FEATURE_V8)) { 497 return "v8" END; 498 } else if (arm_feature(env, ARM_FEATURE_V7)) { 499 if (arm_feature(env, ARM_FEATURE_M)) { 500 return "v7m" END; 501 } else { 502 return "v7" END; 503 } 504 } else if (arm_feature(env, ARM_FEATURE_V6)) { 505 return "v6" END; 506 } else if (arm_feature(env, ARM_FEATURE_V5)) { 507 return "v5" END; 508 } else { 509 return "v4" END; 510 } 511 512 #undef END 513 } 514 515 #else 516 /* 64 bit ARM definitions */ 517 #define ELF_START_MMAP 0x80000000 518 519 #define ELF_ARCH EM_AARCH64 520 #define ELF_CLASS ELFCLASS64 521 #ifdef TARGET_WORDS_BIGENDIAN 522 # define ELF_PLATFORM "aarch64_be" 523 #else 524 # define ELF_PLATFORM "aarch64" 525 #endif 526 527 static inline void init_thread(struct target_pt_regs *regs, 528 struct image_info *infop) 529 { 530 abi_long stack = infop->start_stack; 531 memset(regs, 0, sizeof(*regs)); 532 533 regs->pc = infop->entry & ~0x3ULL; 534 regs->sp = stack; 535 } 536 537 #define ELF_NREG 34 538 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 539 540 static void elf_core_copy_regs(target_elf_gregset_t *regs, 541 const CPUARMState *env) 542 { 543 int i; 544 545 for (i = 0; i < 32; i++) { 546 (*regs)[i] = tswapreg(env->xregs[i]); 547 } 548 (*regs)[32] = tswapreg(env->pc); 549 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 550 } 551 552 #define USE_ELF_CORE_DUMP 553 #define ELF_EXEC_PAGESIZE 4096 554 555 enum { 556 ARM_HWCAP_A64_FP = 1 << 0, 557 ARM_HWCAP_A64_ASIMD = 1 << 1, 558 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 559 ARM_HWCAP_A64_AES = 1 << 3, 560 ARM_HWCAP_A64_PMULL = 1 << 4, 561 ARM_HWCAP_A64_SHA1 = 1 << 5, 562 ARM_HWCAP_A64_SHA2 = 1 << 6, 563 ARM_HWCAP_A64_CRC32 = 1 << 7, 564 ARM_HWCAP_A64_ATOMICS = 1 << 8, 565 ARM_HWCAP_A64_FPHP = 1 << 9, 566 ARM_HWCAP_A64_ASIMDHP = 1 << 10, 567 ARM_HWCAP_A64_CPUID = 1 << 11, 568 ARM_HWCAP_A64_ASIMDRDM = 1 << 12, 569 ARM_HWCAP_A64_JSCVT = 1 << 13, 570 ARM_HWCAP_A64_FCMA = 1 << 14, 571 ARM_HWCAP_A64_LRCPC = 1 << 15, 572 ARM_HWCAP_A64_DCPOP = 1 << 16, 573 ARM_HWCAP_A64_SHA3 = 1 << 17, 574 ARM_HWCAP_A64_SM3 = 1 << 18, 575 ARM_HWCAP_A64_SM4 = 1 << 19, 576 ARM_HWCAP_A64_ASIMDDP = 1 << 20, 577 ARM_HWCAP_A64_SHA512 = 1 << 21, 578 ARM_HWCAP_A64_SVE = 1 << 22, 579 ARM_HWCAP_A64_ASIMDFHM = 1 << 23, 580 ARM_HWCAP_A64_DIT = 1 << 24, 581 ARM_HWCAP_A64_USCAT = 1 << 25, 582 ARM_HWCAP_A64_ILRCPC = 1 << 26, 583 ARM_HWCAP_A64_FLAGM = 1 << 27, 584 ARM_HWCAP_A64_SSBS = 1 << 28, 585 ARM_HWCAP_A64_SB = 1 << 29, 586 ARM_HWCAP_A64_PACA = 1 << 30, 587 ARM_HWCAP_A64_PACG = 1UL << 31, 588 589 ARM_HWCAP2_A64_DCPODP = 1 << 0, 590 ARM_HWCAP2_A64_SVE2 = 1 << 1, 591 ARM_HWCAP2_A64_SVEAES = 1 << 2, 592 ARM_HWCAP2_A64_SVEPMULL = 1 << 3, 593 ARM_HWCAP2_A64_SVEBITPERM = 1 << 4, 594 ARM_HWCAP2_A64_SVESHA3 = 1 << 5, 595 ARM_HWCAP2_A64_SVESM4 = 1 << 6, 596 ARM_HWCAP2_A64_FLAGM2 = 1 << 7, 597 ARM_HWCAP2_A64_FRINT = 1 << 8, 598 ARM_HWCAP2_A64_SVEI8MM = 1 << 9, 599 ARM_HWCAP2_A64_SVEF32MM = 1 << 10, 600 ARM_HWCAP2_A64_SVEF64MM = 1 << 11, 601 ARM_HWCAP2_A64_SVEBF16 = 1 << 12, 602 ARM_HWCAP2_A64_I8MM = 1 << 13, 603 ARM_HWCAP2_A64_BF16 = 1 << 14, 604 ARM_HWCAP2_A64_DGH = 1 << 15, 605 ARM_HWCAP2_A64_RNG = 1 << 16, 606 ARM_HWCAP2_A64_BTI = 1 << 17, 607 ARM_HWCAP2_A64_MTE = 1 << 18, 608 }; 609 610 #define ELF_HWCAP get_elf_hwcap() 611 #define ELF_HWCAP2 get_elf_hwcap2() 612 613 #define GET_FEATURE_ID(feat, hwcap) \ 614 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 615 616 static uint32_t get_elf_hwcap(void) 617 { 618 ARMCPU *cpu = ARM_CPU(thread_cpu); 619 uint32_t hwcaps = 0; 620 621 hwcaps |= ARM_HWCAP_A64_FP; 622 hwcaps |= ARM_HWCAP_A64_ASIMD; 623 hwcaps |= ARM_HWCAP_A64_CPUID; 624 625 /* probe for the extra features */ 626 627 GET_FEATURE_ID(aa64_aes, ARM_HWCAP_A64_AES); 628 GET_FEATURE_ID(aa64_pmull, ARM_HWCAP_A64_PMULL); 629 GET_FEATURE_ID(aa64_sha1, ARM_HWCAP_A64_SHA1); 630 GET_FEATURE_ID(aa64_sha256, ARM_HWCAP_A64_SHA2); 631 GET_FEATURE_ID(aa64_sha512, ARM_HWCAP_A64_SHA512); 632 GET_FEATURE_ID(aa64_crc32, ARM_HWCAP_A64_CRC32); 633 GET_FEATURE_ID(aa64_sha3, ARM_HWCAP_A64_SHA3); 634 GET_FEATURE_ID(aa64_sm3, ARM_HWCAP_A64_SM3); 635 GET_FEATURE_ID(aa64_sm4, ARM_HWCAP_A64_SM4); 636 GET_FEATURE_ID(aa64_fp16, ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP); 637 GET_FEATURE_ID(aa64_atomics, ARM_HWCAP_A64_ATOMICS); 638 GET_FEATURE_ID(aa64_rdm, ARM_HWCAP_A64_ASIMDRDM); 639 GET_FEATURE_ID(aa64_dp, ARM_HWCAP_A64_ASIMDDP); 640 GET_FEATURE_ID(aa64_fcma, ARM_HWCAP_A64_FCMA); 641 GET_FEATURE_ID(aa64_sve, ARM_HWCAP_A64_SVE); 642 GET_FEATURE_ID(aa64_pauth, ARM_HWCAP_A64_PACA | ARM_HWCAP_A64_PACG); 643 GET_FEATURE_ID(aa64_fhm, ARM_HWCAP_A64_ASIMDFHM); 644 GET_FEATURE_ID(aa64_jscvt, ARM_HWCAP_A64_JSCVT); 645 GET_FEATURE_ID(aa64_sb, ARM_HWCAP_A64_SB); 646 GET_FEATURE_ID(aa64_condm_4, ARM_HWCAP_A64_FLAGM); 647 GET_FEATURE_ID(aa64_dcpop, ARM_HWCAP_A64_DCPOP); 648 GET_FEATURE_ID(aa64_rcpc_8_3, ARM_HWCAP_A64_LRCPC); 649 GET_FEATURE_ID(aa64_rcpc_8_4, ARM_HWCAP_A64_ILRCPC); 650 651 return hwcaps; 652 } 653 654 static uint32_t get_elf_hwcap2(void) 655 { 656 ARMCPU *cpu = ARM_CPU(thread_cpu); 657 uint32_t hwcaps = 0; 658 659 GET_FEATURE_ID(aa64_dcpodp, ARM_HWCAP2_A64_DCPODP); 660 GET_FEATURE_ID(aa64_sve2, ARM_HWCAP2_A64_SVE2); 661 GET_FEATURE_ID(aa64_sve2_aes, ARM_HWCAP2_A64_SVEAES); 662 GET_FEATURE_ID(aa64_sve2_pmull128, ARM_HWCAP2_A64_SVEPMULL); 663 GET_FEATURE_ID(aa64_sve2_bitperm, ARM_HWCAP2_A64_SVEBITPERM); 664 GET_FEATURE_ID(aa64_sve2_sha3, ARM_HWCAP2_A64_SVESHA3); 665 GET_FEATURE_ID(aa64_sve2_sm4, ARM_HWCAP2_A64_SVESM4); 666 GET_FEATURE_ID(aa64_condm_5, ARM_HWCAP2_A64_FLAGM2); 667 GET_FEATURE_ID(aa64_frint, ARM_HWCAP2_A64_FRINT); 668 GET_FEATURE_ID(aa64_sve_i8mm, ARM_HWCAP2_A64_SVEI8MM); 669 GET_FEATURE_ID(aa64_sve_f32mm, ARM_HWCAP2_A64_SVEF32MM); 670 GET_FEATURE_ID(aa64_sve_f64mm, ARM_HWCAP2_A64_SVEF64MM); 671 GET_FEATURE_ID(aa64_sve_bf16, ARM_HWCAP2_A64_SVEBF16); 672 GET_FEATURE_ID(aa64_i8mm, ARM_HWCAP2_A64_I8MM); 673 GET_FEATURE_ID(aa64_bf16, ARM_HWCAP2_A64_BF16); 674 GET_FEATURE_ID(aa64_rndr, ARM_HWCAP2_A64_RNG); 675 GET_FEATURE_ID(aa64_bti, ARM_HWCAP2_A64_BTI); 676 GET_FEATURE_ID(aa64_mte, ARM_HWCAP2_A64_MTE); 677 678 return hwcaps; 679 } 680 681 #undef GET_FEATURE_ID 682 683 #endif /* not TARGET_AARCH64 */ 684 #endif /* TARGET_ARM */ 685 686 #ifdef TARGET_SPARC 687 #ifdef TARGET_SPARC64 688 689 #define ELF_START_MMAP 0x80000000 690 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 691 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 692 #ifndef TARGET_ABI32 693 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 694 #else 695 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 696 #endif 697 698 #define ELF_CLASS ELFCLASS64 699 #define ELF_ARCH EM_SPARCV9 700 #else 701 #define ELF_START_MMAP 0x80000000 702 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 703 | HWCAP_SPARC_MULDIV) 704 #define ELF_CLASS ELFCLASS32 705 #define ELF_ARCH EM_SPARC 706 #endif /* TARGET_SPARC64 */ 707 708 static inline void init_thread(struct target_pt_regs *regs, 709 struct image_info *infop) 710 { 711 /* Note that target_cpu_copy_regs does not read psr/tstate. */ 712 regs->pc = infop->entry; 713 regs->npc = regs->pc + 4; 714 regs->y = 0; 715 regs->u_regs[14] = (infop->start_stack - 16 * sizeof(abi_ulong) 716 - TARGET_STACK_BIAS); 717 } 718 #endif /* TARGET_SPARC */ 719 720 #ifdef TARGET_PPC 721 722 #define ELF_MACHINE PPC_ELF_MACHINE 723 #define ELF_START_MMAP 0x80000000 724 725 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 726 727 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 728 729 #define ELF_CLASS ELFCLASS64 730 731 #else 732 733 #define ELF_CLASS ELFCLASS32 734 735 #endif 736 737 #define ELF_ARCH EM_PPC 738 739 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 740 See arch/powerpc/include/asm/cputable.h. */ 741 enum { 742 QEMU_PPC_FEATURE_32 = 0x80000000, 743 QEMU_PPC_FEATURE_64 = 0x40000000, 744 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 745 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 746 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 747 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 748 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 749 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 750 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 751 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 752 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 753 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 754 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 755 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 756 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 757 QEMU_PPC_FEATURE_CELL = 0x00010000, 758 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 759 QEMU_PPC_FEATURE_SMT = 0x00004000, 760 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 761 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 762 QEMU_PPC_FEATURE_PA6T = 0x00000800, 763 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 764 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 765 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 766 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 767 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 768 769 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 770 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 771 772 /* Feature definitions in AT_HWCAP2. */ 773 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 774 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 775 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 776 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 777 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 778 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 779 QEMU_PPC_FEATURE2_VEC_CRYPTO = 0x02000000, 780 QEMU_PPC_FEATURE2_HTM_NOSC = 0x01000000, 781 QEMU_PPC_FEATURE2_ARCH_3_00 = 0x00800000, /* ISA 3.00 */ 782 QEMU_PPC_FEATURE2_HAS_IEEE128 = 0x00400000, /* VSX IEEE Bin Float 128-bit */ 783 QEMU_PPC_FEATURE2_DARN = 0x00200000, /* darn random number insn */ 784 QEMU_PPC_FEATURE2_SCV = 0x00100000, /* scv syscall */ 785 QEMU_PPC_FEATURE2_HTM_NO_SUSPEND = 0x00080000, /* TM w/o suspended state */ 786 }; 787 788 #define ELF_HWCAP get_elf_hwcap() 789 790 static uint32_t get_elf_hwcap(void) 791 { 792 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 793 uint32_t features = 0; 794 795 /* We don't have to be terribly complete here; the high points are 796 Altivec/FP/SPE support. Anything else is just a bonus. */ 797 #define GET_FEATURE(flag, feature) \ 798 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 799 #define GET_FEATURE2(flags, feature) \ 800 do { \ 801 if ((cpu->env.insns_flags2 & flags) == flags) { \ 802 features |= feature; \ 803 } \ 804 } while (0) 805 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 806 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 807 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 808 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 809 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 810 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 811 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 812 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 813 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 814 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 815 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 816 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 817 QEMU_PPC_FEATURE_ARCH_2_06); 818 #undef GET_FEATURE 819 #undef GET_FEATURE2 820 821 return features; 822 } 823 824 #define ELF_HWCAP2 get_elf_hwcap2() 825 826 static uint32_t get_elf_hwcap2(void) 827 { 828 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 829 uint32_t features = 0; 830 831 #define GET_FEATURE(flag, feature) \ 832 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 833 #define GET_FEATURE2(flag, feature) \ 834 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 835 836 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 837 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 838 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 839 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07 | 840 QEMU_PPC_FEATURE2_VEC_CRYPTO); 841 GET_FEATURE2(PPC2_ISA300, QEMU_PPC_FEATURE2_ARCH_3_00 | 842 QEMU_PPC_FEATURE2_DARN | QEMU_PPC_FEATURE2_HAS_IEEE128); 843 844 #undef GET_FEATURE 845 #undef GET_FEATURE2 846 847 return features; 848 } 849 850 /* 851 * The requirements here are: 852 * - keep the final alignment of sp (sp & 0xf) 853 * - make sure the 32-bit value at the first 16 byte aligned position of 854 * AUXV is greater than 16 for glibc compatibility. 855 * AT_IGNOREPPC is used for that. 856 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 857 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 858 */ 859 #define DLINFO_ARCH_ITEMS 5 860 #define ARCH_DLINFO \ 861 do { \ 862 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 863 /* \ 864 * Handle glibc compatibility: these magic entries must \ 865 * be at the lowest addresses in the final auxv. \ 866 */ \ 867 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 868 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 869 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 870 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 871 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 872 } while (0) 873 874 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 875 { 876 _regs->gpr[1] = infop->start_stack; 877 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 878 if (get_ppc64_abi(infop) < 2) { 879 uint64_t val; 880 get_user_u64(val, infop->entry + 8); 881 _regs->gpr[2] = val + infop->load_bias; 882 get_user_u64(val, infop->entry); 883 infop->entry = val + infop->load_bias; 884 } else { 885 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 886 } 887 #endif 888 _regs->nip = infop->entry; 889 } 890 891 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 892 #define ELF_NREG 48 893 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 894 895 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 896 { 897 int i; 898 target_ulong ccr = 0; 899 900 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 901 (*regs)[i] = tswapreg(env->gpr[i]); 902 } 903 904 (*regs)[32] = tswapreg(env->nip); 905 (*regs)[33] = tswapreg(env->msr); 906 (*regs)[35] = tswapreg(env->ctr); 907 (*regs)[36] = tswapreg(env->lr); 908 (*regs)[37] = tswapreg(env->xer); 909 910 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 911 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 912 } 913 (*regs)[38] = tswapreg(ccr); 914 } 915 916 #define USE_ELF_CORE_DUMP 917 #define ELF_EXEC_PAGESIZE 4096 918 919 #endif 920 921 #ifdef TARGET_MIPS 922 923 #define ELF_START_MMAP 0x80000000 924 925 #ifdef TARGET_MIPS64 926 #define ELF_CLASS ELFCLASS64 927 #else 928 #define ELF_CLASS ELFCLASS32 929 #endif 930 #define ELF_ARCH EM_MIPS 931 932 #define elf_check_arch(x) ((x) == EM_MIPS || (x) == EM_NANOMIPS) 933 934 #ifdef TARGET_ABI_MIPSN32 935 #define elf_check_abi(x) ((x) & EF_MIPS_ABI2) 936 #else 937 #define elf_check_abi(x) (!((x) & EF_MIPS_ABI2)) 938 #endif 939 940 static inline void init_thread(struct target_pt_regs *regs, 941 struct image_info *infop) 942 { 943 regs->cp0_status = 2 << CP0St_KSU; 944 regs->cp0_epc = infop->entry; 945 regs->regs[29] = infop->start_stack; 946 } 947 948 /* See linux kernel: arch/mips/include/asm/elf.h. */ 949 #define ELF_NREG 45 950 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 951 952 /* See linux kernel: arch/mips/include/asm/reg.h. */ 953 enum { 954 #ifdef TARGET_MIPS64 955 TARGET_EF_R0 = 0, 956 #else 957 TARGET_EF_R0 = 6, 958 #endif 959 TARGET_EF_R26 = TARGET_EF_R0 + 26, 960 TARGET_EF_R27 = TARGET_EF_R0 + 27, 961 TARGET_EF_LO = TARGET_EF_R0 + 32, 962 TARGET_EF_HI = TARGET_EF_R0 + 33, 963 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 964 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 965 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 966 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 967 }; 968 969 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 970 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 971 { 972 int i; 973 974 for (i = 0; i < TARGET_EF_R0; i++) { 975 (*regs)[i] = 0; 976 } 977 (*regs)[TARGET_EF_R0] = 0; 978 979 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 980 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 981 } 982 983 (*regs)[TARGET_EF_R26] = 0; 984 (*regs)[TARGET_EF_R27] = 0; 985 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 986 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 987 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 988 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 989 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 990 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 991 } 992 993 #define USE_ELF_CORE_DUMP 994 #define ELF_EXEC_PAGESIZE 4096 995 996 /* See arch/mips/include/uapi/asm/hwcap.h. */ 997 enum { 998 HWCAP_MIPS_R6 = (1 << 0), 999 HWCAP_MIPS_MSA = (1 << 1), 1000 HWCAP_MIPS_CRC32 = (1 << 2), 1001 HWCAP_MIPS_MIPS16 = (1 << 3), 1002 HWCAP_MIPS_MDMX = (1 << 4), 1003 HWCAP_MIPS_MIPS3D = (1 << 5), 1004 HWCAP_MIPS_SMARTMIPS = (1 << 6), 1005 HWCAP_MIPS_DSP = (1 << 7), 1006 HWCAP_MIPS_DSP2 = (1 << 8), 1007 HWCAP_MIPS_DSP3 = (1 << 9), 1008 HWCAP_MIPS_MIPS16E2 = (1 << 10), 1009 HWCAP_LOONGSON_MMI = (1 << 11), 1010 HWCAP_LOONGSON_EXT = (1 << 12), 1011 HWCAP_LOONGSON_EXT2 = (1 << 13), 1012 HWCAP_LOONGSON_CPUCFG = (1 << 14), 1013 }; 1014 1015 #define ELF_HWCAP get_elf_hwcap() 1016 1017 #define GET_FEATURE_INSN(_flag, _hwcap) \ 1018 do { if (cpu->env.insn_flags & (_flag)) { hwcaps |= _hwcap; } } while (0) 1019 1020 #define GET_FEATURE_REG_SET(_reg, _mask, _hwcap) \ 1021 do { if (cpu->env._reg & (_mask)) { hwcaps |= _hwcap; } } while (0) 1022 1023 #define GET_FEATURE_REG_EQU(_reg, _start, _length, _val, _hwcap) \ 1024 do { \ 1025 if (extract32(cpu->env._reg, (_start), (_length)) == (_val)) { \ 1026 hwcaps |= _hwcap; \ 1027 } \ 1028 } while (0) 1029 1030 static uint32_t get_elf_hwcap(void) 1031 { 1032 MIPSCPU *cpu = MIPS_CPU(thread_cpu); 1033 uint32_t hwcaps = 0; 1034 1035 GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, CP0C0_AR_LENGTH, 1036 2, HWCAP_MIPS_R6); 1037 GET_FEATURE_REG_SET(CP0_Config3, 1 << CP0C3_MSAP, HWCAP_MIPS_MSA); 1038 GET_FEATURE_INSN(ASE_LMMI, HWCAP_LOONGSON_MMI); 1039 GET_FEATURE_INSN(ASE_LEXT, HWCAP_LOONGSON_EXT); 1040 1041 return hwcaps; 1042 } 1043 1044 #undef GET_FEATURE_REG_EQU 1045 #undef GET_FEATURE_REG_SET 1046 #undef GET_FEATURE_INSN 1047 1048 #endif /* TARGET_MIPS */ 1049 1050 #ifdef TARGET_MICROBLAZE 1051 1052 #define ELF_START_MMAP 0x80000000 1053 1054 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 1055 1056 #define ELF_CLASS ELFCLASS32 1057 #define ELF_ARCH EM_MICROBLAZE 1058 1059 static inline void init_thread(struct target_pt_regs *regs, 1060 struct image_info *infop) 1061 { 1062 regs->pc = infop->entry; 1063 regs->r1 = infop->start_stack; 1064 1065 } 1066 1067 #define ELF_EXEC_PAGESIZE 4096 1068 1069 #define USE_ELF_CORE_DUMP 1070 #define ELF_NREG 38 1071 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1072 1073 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1074 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 1075 { 1076 int i, pos = 0; 1077 1078 for (i = 0; i < 32; i++) { 1079 (*regs)[pos++] = tswapreg(env->regs[i]); 1080 } 1081 1082 (*regs)[pos++] = tswapreg(env->pc); 1083 (*regs)[pos++] = tswapreg(mb_cpu_read_msr(env)); 1084 (*regs)[pos++] = 0; 1085 (*regs)[pos++] = tswapreg(env->ear); 1086 (*regs)[pos++] = 0; 1087 (*regs)[pos++] = tswapreg(env->esr); 1088 } 1089 1090 #endif /* TARGET_MICROBLAZE */ 1091 1092 #ifdef TARGET_NIOS2 1093 1094 #define ELF_START_MMAP 0x80000000 1095 1096 #define elf_check_arch(x) ((x) == EM_ALTERA_NIOS2) 1097 1098 #define ELF_CLASS ELFCLASS32 1099 #define ELF_ARCH EM_ALTERA_NIOS2 1100 1101 static void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1102 { 1103 regs->ea = infop->entry; 1104 regs->sp = infop->start_stack; 1105 regs->estatus = 0x3; 1106 } 1107 1108 #define ELF_EXEC_PAGESIZE 4096 1109 1110 #define USE_ELF_CORE_DUMP 1111 #define ELF_NREG 49 1112 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1113 1114 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1115 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1116 const CPUNios2State *env) 1117 { 1118 int i; 1119 1120 (*regs)[0] = -1; 1121 for (i = 1; i < 8; i++) /* r0-r7 */ 1122 (*regs)[i] = tswapreg(env->regs[i + 7]); 1123 1124 for (i = 8; i < 16; i++) /* r8-r15 */ 1125 (*regs)[i] = tswapreg(env->regs[i - 8]); 1126 1127 for (i = 16; i < 24; i++) /* r16-r23 */ 1128 (*regs)[i] = tswapreg(env->regs[i + 7]); 1129 (*regs)[24] = -1; /* R_ET */ 1130 (*regs)[25] = -1; /* R_BT */ 1131 (*regs)[26] = tswapreg(env->regs[R_GP]); 1132 (*regs)[27] = tswapreg(env->regs[R_SP]); 1133 (*regs)[28] = tswapreg(env->regs[R_FP]); 1134 (*regs)[29] = tswapreg(env->regs[R_EA]); 1135 (*regs)[30] = -1; /* R_SSTATUS */ 1136 (*regs)[31] = tswapreg(env->regs[R_RA]); 1137 1138 (*regs)[32] = tswapreg(env->regs[R_PC]); 1139 1140 (*regs)[33] = -1; /* R_STATUS */ 1141 (*regs)[34] = tswapreg(env->regs[CR_ESTATUS]); 1142 1143 for (i = 35; i < 49; i++) /* ... */ 1144 (*regs)[i] = -1; 1145 } 1146 1147 #endif /* TARGET_NIOS2 */ 1148 1149 #ifdef TARGET_OPENRISC 1150 1151 #define ELF_START_MMAP 0x08000000 1152 1153 #define ELF_ARCH EM_OPENRISC 1154 #define ELF_CLASS ELFCLASS32 1155 #define ELF_DATA ELFDATA2MSB 1156 1157 static inline void init_thread(struct target_pt_regs *regs, 1158 struct image_info *infop) 1159 { 1160 regs->pc = infop->entry; 1161 regs->gpr[1] = infop->start_stack; 1162 } 1163 1164 #define USE_ELF_CORE_DUMP 1165 #define ELF_EXEC_PAGESIZE 8192 1166 1167 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 1168 #define ELF_NREG 34 /* gprs and pc, sr */ 1169 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1170 1171 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1172 const CPUOpenRISCState *env) 1173 { 1174 int i; 1175 1176 for (i = 0; i < 32; i++) { 1177 (*regs)[i] = tswapreg(cpu_get_gpr(env, i)); 1178 } 1179 (*regs)[32] = tswapreg(env->pc); 1180 (*regs)[33] = tswapreg(cpu_get_sr(env)); 1181 } 1182 #define ELF_HWCAP 0 1183 #define ELF_PLATFORM NULL 1184 1185 #endif /* TARGET_OPENRISC */ 1186 1187 #ifdef TARGET_SH4 1188 1189 #define ELF_START_MMAP 0x80000000 1190 1191 #define ELF_CLASS ELFCLASS32 1192 #define ELF_ARCH EM_SH 1193 1194 static inline void init_thread(struct target_pt_regs *regs, 1195 struct image_info *infop) 1196 { 1197 /* Check other registers XXXXX */ 1198 regs->pc = infop->entry; 1199 regs->regs[15] = infop->start_stack; 1200 } 1201 1202 /* See linux kernel: arch/sh/include/asm/elf.h. */ 1203 #define ELF_NREG 23 1204 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1205 1206 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1207 enum { 1208 TARGET_REG_PC = 16, 1209 TARGET_REG_PR = 17, 1210 TARGET_REG_SR = 18, 1211 TARGET_REG_GBR = 19, 1212 TARGET_REG_MACH = 20, 1213 TARGET_REG_MACL = 21, 1214 TARGET_REG_SYSCALL = 22 1215 }; 1216 1217 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1218 const CPUSH4State *env) 1219 { 1220 int i; 1221 1222 for (i = 0; i < 16; i++) { 1223 (*regs)[i] = tswapreg(env->gregs[i]); 1224 } 1225 1226 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1227 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1228 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1229 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1230 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1231 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1232 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1233 } 1234 1235 #define USE_ELF_CORE_DUMP 1236 #define ELF_EXEC_PAGESIZE 4096 1237 1238 enum { 1239 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1240 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1241 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1242 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1243 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1244 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1245 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1246 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1247 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1248 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1249 }; 1250 1251 #define ELF_HWCAP get_elf_hwcap() 1252 1253 static uint32_t get_elf_hwcap(void) 1254 { 1255 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1256 uint32_t hwcap = 0; 1257 1258 hwcap |= SH_CPU_HAS_FPU; 1259 1260 if (cpu->env.features & SH_FEATURE_SH4A) { 1261 hwcap |= SH_CPU_HAS_LLSC; 1262 } 1263 1264 return hwcap; 1265 } 1266 1267 #endif 1268 1269 #ifdef TARGET_CRIS 1270 1271 #define ELF_START_MMAP 0x80000000 1272 1273 #define ELF_CLASS ELFCLASS32 1274 #define ELF_ARCH EM_CRIS 1275 1276 static inline void init_thread(struct target_pt_regs *regs, 1277 struct image_info *infop) 1278 { 1279 regs->erp = infop->entry; 1280 } 1281 1282 #define ELF_EXEC_PAGESIZE 8192 1283 1284 #endif 1285 1286 #ifdef TARGET_M68K 1287 1288 #define ELF_START_MMAP 0x80000000 1289 1290 #define ELF_CLASS ELFCLASS32 1291 #define ELF_ARCH EM_68K 1292 1293 /* ??? Does this need to do anything? 1294 #define ELF_PLAT_INIT(_r) */ 1295 1296 static inline void init_thread(struct target_pt_regs *regs, 1297 struct image_info *infop) 1298 { 1299 regs->usp = infop->start_stack; 1300 regs->sr = 0; 1301 regs->pc = infop->entry; 1302 } 1303 1304 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1305 #define ELF_NREG 20 1306 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1307 1308 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1309 { 1310 (*regs)[0] = tswapreg(env->dregs[1]); 1311 (*regs)[1] = tswapreg(env->dregs[2]); 1312 (*regs)[2] = tswapreg(env->dregs[3]); 1313 (*regs)[3] = tswapreg(env->dregs[4]); 1314 (*regs)[4] = tswapreg(env->dregs[5]); 1315 (*regs)[5] = tswapreg(env->dregs[6]); 1316 (*regs)[6] = tswapreg(env->dregs[7]); 1317 (*regs)[7] = tswapreg(env->aregs[0]); 1318 (*regs)[8] = tswapreg(env->aregs[1]); 1319 (*regs)[9] = tswapreg(env->aregs[2]); 1320 (*regs)[10] = tswapreg(env->aregs[3]); 1321 (*regs)[11] = tswapreg(env->aregs[4]); 1322 (*regs)[12] = tswapreg(env->aregs[5]); 1323 (*regs)[13] = tswapreg(env->aregs[6]); 1324 (*regs)[14] = tswapreg(env->dregs[0]); 1325 (*regs)[15] = tswapreg(env->aregs[7]); 1326 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1327 (*regs)[17] = tswapreg(env->sr); 1328 (*regs)[18] = tswapreg(env->pc); 1329 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1330 } 1331 1332 #define USE_ELF_CORE_DUMP 1333 #define ELF_EXEC_PAGESIZE 8192 1334 1335 #endif 1336 1337 #ifdef TARGET_ALPHA 1338 1339 #define ELF_START_MMAP (0x30000000000ULL) 1340 1341 #define ELF_CLASS ELFCLASS64 1342 #define ELF_ARCH EM_ALPHA 1343 1344 static inline void init_thread(struct target_pt_regs *regs, 1345 struct image_info *infop) 1346 { 1347 regs->pc = infop->entry; 1348 regs->ps = 8; 1349 regs->usp = infop->start_stack; 1350 } 1351 1352 #define ELF_EXEC_PAGESIZE 8192 1353 1354 #endif /* TARGET_ALPHA */ 1355 1356 #ifdef TARGET_S390X 1357 1358 #define ELF_START_MMAP (0x20000000000ULL) 1359 1360 #define ELF_CLASS ELFCLASS64 1361 #define ELF_DATA ELFDATA2MSB 1362 #define ELF_ARCH EM_S390 1363 1364 #include "elf.h" 1365 1366 #define ELF_HWCAP get_elf_hwcap() 1367 1368 #define GET_FEATURE(_feat, _hwcap) \ 1369 do { if (s390_has_feat(_feat)) { hwcap |= _hwcap; } } while (0) 1370 1371 static uint32_t get_elf_hwcap(void) 1372 { 1373 /* 1374 * Let's assume we always have esan3 and zarch. 1375 * 31-bit processes can use 64-bit registers (high gprs). 1376 */ 1377 uint32_t hwcap = HWCAP_S390_ESAN3 | HWCAP_S390_ZARCH | HWCAP_S390_HIGH_GPRS; 1378 1379 GET_FEATURE(S390_FEAT_STFLE, HWCAP_S390_STFLE); 1380 GET_FEATURE(S390_FEAT_MSA, HWCAP_S390_MSA); 1381 GET_FEATURE(S390_FEAT_LONG_DISPLACEMENT, HWCAP_S390_LDISP); 1382 GET_FEATURE(S390_FEAT_EXTENDED_IMMEDIATE, HWCAP_S390_EIMM); 1383 if (s390_has_feat(S390_FEAT_EXTENDED_TRANSLATION_3) && 1384 s390_has_feat(S390_FEAT_ETF3_ENH)) { 1385 hwcap |= HWCAP_S390_ETF3EH; 1386 } 1387 GET_FEATURE(S390_FEAT_VECTOR, HWCAP_S390_VXRS); 1388 GET_FEATURE(S390_FEAT_VECTOR_ENH, HWCAP_S390_VXRS_EXT); 1389 1390 return hwcap; 1391 } 1392 1393 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1394 { 1395 regs->psw.addr = infop->entry; 1396 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1397 regs->gprs[15] = infop->start_stack; 1398 } 1399 1400 /* See linux kernel: arch/s390/include/uapi/asm/ptrace.h (s390_regs). */ 1401 #define ELF_NREG 27 1402 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1403 1404 enum { 1405 TARGET_REG_PSWM = 0, 1406 TARGET_REG_PSWA = 1, 1407 TARGET_REG_GPRS = 2, 1408 TARGET_REG_ARS = 18, 1409 TARGET_REG_ORIG_R2 = 26, 1410 }; 1411 1412 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1413 const CPUS390XState *env) 1414 { 1415 int i; 1416 uint32_t *aregs; 1417 1418 (*regs)[TARGET_REG_PSWM] = tswapreg(env->psw.mask); 1419 (*regs)[TARGET_REG_PSWA] = tswapreg(env->psw.addr); 1420 for (i = 0; i < 16; i++) { 1421 (*regs)[TARGET_REG_GPRS + i] = tswapreg(env->regs[i]); 1422 } 1423 aregs = (uint32_t *)&((*regs)[TARGET_REG_ARS]); 1424 for (i = 0; i < 16; i++) { 1425 aregs[i] = tswap32(env->aregs[i]); 1426 } 1427 (*regs)[TARGET_REG_ORIG_R2] = 0; 1428 } 1429 1430 #define USE_ELF_CORE_DUMP 1431 #define ELF_EXEC_PAGESIZE 4096 1432 1433 #endif /* TARGET_S390X */ 1434 1435 #ifdef TARGET_RISCV 1436 1437 #define ELF_START_MMAP 0x80000000 1438 #define ELF_ARCH EM_RISCV 1439 1440 #ifdef TARGET_RISCV32 1441 #define ELF_CLASS ELFCLASS32 1442 #else 1443 #define ELF_CLASS ELFCLASS64 1444 #endif 1445 1446 #define ELF_HWCAP get_elf_hwcap() 1447 1448 static uint32_t get_elf_hwcap(void) 1449 { 1450 #define MISA_BIT(EXT) (1 << (EXT - 'A')) 1451 RISCVCPU *cpu = RISCV_CPU(thread_cpu); 1452 uint32_t mask = MISA_BIT('I') | MISA_BIT('M') | MISA_BIT('A') 1453 | MISA_BIT('F') | MISA_BIT('D') | MISA_BIT('C'); 1454 1455 return cpu->env.misa & mask; 1456 #undef MISA_BIT 1457 } 1458 1459 static inline void init_thread(struct target_pt_regs *regs, 1460 struct image_info *infop) 1461 { 1462 regs->sepc = infop->entry; 1463 regs->sp = infop->start_stack; 1464 } 1465 1466 #define ELF_EXEC_PAGESIZE 4096 1467 1468 #endif /* TARGET_RISCV */ 1469 1470 #ifdef TARGET_HPPA 1471 1472 #define ELF_START_MMAP 0x80000000 1473 #define ELF_CLASS ELFCLASS32 1474 #define ELF_ARCH EM_PARISC 1475 #define ELF_PLATFORM "PARISC" 1476 #define STACK_GROWS_DOWN 0 1477 #define STACK_ALIGNMENT 64 1478 1479 static inline void init_thread(struct target_pt_regs *regs, 1480 struct image_info *infop) 1481 { 1482 regs->iaoq[0] = infop->entry; 1483 regs->iaoq[1] = infop->entry + 4; 1484 regs->gr[23] = 0; 1485 regs->gr[24] = infop->arg_start; 1486 regs->gr[25] = (infop->arg_end - infop->arg_start) / sizeof(abi_ulong); 1487 /* The top-of-stack contains a linkage buffer. */ 1488 regs->gr[30] = infop->start_stack + 64; 1489 regs->gr[31] = infop->entry; 1490 } 1491 1492 #endif /* TARGET_HPPA */ 1493 1494 #ifdef TARGET_XTENSA 1495 1496 #define ELF_START_MMAP 0x20000000 1497 1498 #define ELF_CLASS ELFCLASS32 1499 #define ELF_ARCH EM_XTENSA 1500 1501 static inline void init_thread(struct target_pt_regs *regs, 1502 struct image_info *infop) 1503 { 1504 regs->windowbase = 0; 1505 regs->windowstart = 1; 1506 regs->areg[1] = infop->start_stack; 1507 regs->pc = infop->entry; 1508 } 1509 1510 /* See linux kernel: arch/xtensa/include/asm/elf.h. */ 1511 #define ELF_NREG 128 1512 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1513 1514 enum { 1515 TARGET_REG_PC, 1516 TARGET_REG_PS, 1517 TARGET_REG_LBEG, 1518 TARGET_REG_LEND, 1519 TARGET_REG_LCOUNT, 1520 TARGET_REG_SAR, 1521 TARGET_REG_WINDOWSTART, 1522 TARGET_REG_WINDOWBASE, 1523 TARGET_REG_THREADPTR, 1524 TARGET_REG_AR0 = 64, 1525 }; 1526 1527 static void elf_core_copy_regs(target_elf_gregset_t *regs, 1528 const CPUXtensaState *env) 1529 { 1530 unsigned i; 1531 1532 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1533 (*regs)[TARGET_REG_PS] = tswapreg(env->sregs[PS] & ~PS_EXCM); 1534 (*regs)[TARGET_REG_LBEG] = tswapreg(env->sregs[LBEG]); 1535 (*regs)[TARGET_REG_LEND] = tswapreg(env->sregs[LEND]); 1536 (*regs)[TARGET_REG_LCOUNT] = tswapreg(env->sregs[LCOUNT]); 1537 (*regs)[TARGET_REG_SAR] = tswapreg(env->sregs[SAR]); 1538 (*regs)[TARGET_REG_WINDOWSTART] = tswapreg(env->sregs[WINDOW_START]); 1539 (*regs)[TARGET_REG_WINDOWBASE] = tswapreg(env->sregs[WINDOW_BASE]); 1540 (*regs)[TARGET_REG_THREADPTR] = tswapreg(env->uregs[THREADPTR]); 1541 xtensa_sync_phys_from_window((CPUXtensaState *)env); 1542 for (i = 0; i < env->config->nareg; ++i) { 1543 (*regs)[TARGET_REG_AR0 + i] = tswapreg(env->phys_regs[i]); 1544 } 1545 } 1546 1547 #define USE_ELF_CORE_DUMP 1548 #define ELF_EXEC_PAGESIZE 4096 1549 1550 #endif /* TARGET_XTENSA */ 1551 1552 #ifdef TARGET_HEXAGON 1553 1554 #define ELF_START_MMAP 0x20000000 1555 1556 #define ELF_CLASS ELFCLASS32 1557 #define ELF_ARCH EM_HEXAGON 1558 1559 static inline void init_thread(struct target_pt_regs *regs, 1560 struct image_info *infop) 1561 { 1562 regs->sepc = infop->entry; 1563 regs->sp = infop->start_stack; 1564 } 1565 1566 #endif /* TARGET_HEXAGON */ 1567 1568 #ifndef ELF_PLATFORM 1569 #define ELF_PLATFORM (NULL) 1570 #endif 1571 1572 #ifndef ELF_MACHINE 1573 #define ELF_MACHINE ELF_ARCH 1574 #endif 1575 1576 #ifndef elf_check_arch 1577 #define elf_check_arch(x) ((x) == ELF_ARCH) 1578 #endif 1579 1580 #ifndef elf_check_abi 1581 #define elf_check_abi(x) (1) 1582 #endif 1583 1584 #ifndef ELF_HWCAP 1585 #define ELF_HWCAP 0 1586 #endif 1587 1588 #ifndef STACK_GROWS_DOWN 1589 #define STACK_GROWS_DOWN 1 1590 #endif 1591 1592 #ifndef STACK_ALIGNMENT 1593 #define STACK_ALIGNMENT 16 1594 #endif 1595 1596 #ifdef TARGET_ABI32 1597 #undef ELF_CLASS 1598 #define ELF_CLASS ELFCLASS32 1599 #undef bswaptls 1600 #define bswaptls(ptr) bswap32s(ptr) 1601 #endif 1602 1603 #include "elf.h" 1604 1605 /* We must delay the following stanzas until after "elf.h". */ 1606 #if defined(TARGET_AARCH64) 1607 1608 static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 1609 const uint32_t *data, 1610 struct image_info *info, 1611 Error **errp) 1612 { 1613 if (pr_type == GNU_PROPERTY_AARCH64_FEATURE_1_AND) { 1614 if (pr_datasz != sizeof(uint32_t)) { 1615 error_setg(errp, "Ill-formed GNU_PROPERTY_AARCH64_FEATURE_1_AND"); 1616 return false; 1617 } 1618 /* We will extract GNU_PROPERTY_AARCH64_FEATURE_1_BTI later. */ 1619 info->note_flags = *data; 1620 } 1621 return true; 1622 } 1623 #define ARCH_USE_GNU_PROPERTY 1 1624 1625 #else 1626 1627 static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 1628 const uint32_t *data, 1629 struct image_info *info, 1630 Error **errp) 1631 { 1632 g_assert_not_reached(); 1633 } 1634 #define ARCH_USE_GNU_PROPERTY 0 1635 1636 #endif 1637 1638 struct exec 1639 { 1640 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1641 unsigned int a_text; /* length of text, in bytes */ 1642 unsigned int a_data; /* length of data, in bytes */ 1643 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1644 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1645 unsigned int a_entry; /* start address */ 1646 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1647 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1648 }; 1649 1650 1651 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1652 #define OMAGIC 0407 1653 #define NMAGIC 0410 1654 #define ZMAGIC 0413 1655 #define QMAGIC 0314 1656 1657 /* Necessary parameters */ 1658 #define TARGET_ELF_EXEC_PAGESIZE \ 1659 (((eppnt->p_align & ~qemu_host_page_mask) != 0) ? \ 1660 TARGET_PAGE_SIZE : MAX(qemu_host_page_size, TARGET_PAGE_SIZE)) 1661 #define TARGET_ELF_PAGELENGTH(_v) ROUND_UP((_v), TARGET_ELF_EXEC_PAGESIZE) 1662 #define TARGET_ELF_PAGESTART(_v) ((_v) & \ 1663 ~(abi_ulong)(TARGET_ELF_EXEC_PAGESIZE-1)) 1664 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1665 1666 #define DLINFO_ITEMS 16 1667 1668 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1669 { 1670 memcpy(to, from, n); 1671 } 1672 1673 #ifdef BSWAP_NEEDED 1674 static void bswap_ehdr(struct elfhdr *ehdr) 1675 { 1676 bswap16s(&ehdr->e_type); /* Object file type */ 1677 bswap16s(&ehdr->e_machine); /* Architecture */ 1678 bswap32s(&ehdr->e_version); /* Object file version */ 1679 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1680 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1681 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1682 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1683 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1684 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1685 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1686 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1687 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1688 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1689 } 1690 1691 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1692 { 1693 int i; 1694 for (i = 0; i < phnum; ++i, ++phdr) { 1695 bswap32s(&phdr->p_type); /* Segment type */ 1696 bswap32s(&phdr->p_flags); /* Segment flags */ 1697 bswaptls(&phdr->p_offset); /* Segment file offset */ 1698 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1699 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1700 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1701 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1702 bswaptls(&phdr->p_align); /* Segment alignment */ 1703 } 1704 } 1705 1706 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1707 { 1708 int i; 1709 for (i = 0; i < shnum; ++i, ++shdr) { 1710 bswap32s(&shdr->sh_name); 1711 bswap32s(&shdr->sh_type); 1712 bswaptls(&shdr->sh_flags); 1713 bswaptls(&shdr->sh_addr); 1714 bswaptls(&shdr->sh_offset); 1715 bswaptls(&shdr->sh_size); 1716 bswap32s(&shdr->sh_link); 1717 bswap32s(&shdr->sh_info); 1718 bswaptls(&shdr->sh_addralign); 1719 bswaptls(&shdr->sh_entsize); 1720 } 1721 } 1722 1723 static void bswap_sym(struct elf_sym *sym) 1724 { 1725 bswap32s(&sym->st_name); 1726 bswaptls(&sym->st_value); 1727 bswaptls(&sym->st_size); 1728 bswap16s(&sym->st_shndx); 1729 } 1730 1731 #ifdef TARGET_MIPS 1732 static void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) 1733 { 1734 bswap16s(&abiflags->version); 1735 bswap32s(&abiflags->ases); 1736 bswap32s(&abiflags->isa_ext); 1737 bswap32s(&abiflags->flags1); 1738 bswap32s(&abiflags->flags2); 1739 } 1740 #endif 1741 #else 1742 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1743 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1744 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1745 static inline void bswap_sym(struct elf_sym *sym) { } 1746 #ifdef TARGET_MIPS 1747 static inline void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) { } 1748 #endif 1749 #endif 1750 1751 #ifdef USE_ELF_CORE_DUMP 1752 static int elf_core_dump(int, const CPUArchState *); 1753 #endif /* USE_ELF_CORE_DUMP */ 1754 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1755 1756 /* Verify the portions of EHDR within E_IDENT for the target. 1757 This can be performed before bswapping the entire header. */ 1758 static bool elf_check_ident(struct elfhdr *ehdr) 1759 { 1760 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1761 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1762 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1763 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1764 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1765 && ehdr->e_ident[EI_DATA] == ELF_DATA 1766 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1767 } 1768 1769 /* Verify the portions of EHDR outside of E_IDENT for the target. 1770 This has to wait until after bswapping the header. */ 1771 static bool elf_check_ehdr(struct elfhdr *ehdr) 1772 { 1773 return (elf_check_arch(ehdr->e_machine) 1774 && elf_check_abi(ehdr->e_flags) 1775 && ehdr->e_ehsize == sizeof(struct elfhdr) 1776 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1777 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1778 } 1779 1780 /* 1781 * 'copy_elf_strings()' copies argument/envelope strings from user 1782 * memory to free pages in kernel mem. These are in a format ready 1783 * to be put directly into the top of new user memory. 1784 * 1785 */ 1786 static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 1787 abi_ulong p, abi_ulong stack_limit) 1788 { 1789 char *tmp; 1790 int len, i; 1791 abi_ulong top = p; 1792 1793 if (!p) { 1794 return 0; /* bullet-proofing */ 1795 } 1796 1797 if (STACK_GROWS_DOWN) { 1798 int offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 1799 for (i = argc - 1; i >= 0; --i) { 1800 tmp = argv[i]; 1801 if (!tmp) { 1802 fprintf(stderr, "VFS: argc is wrong"); 1803 exit(-1); 1804 } 1805 len = strlen(tmp) + 1; 1806 tmp += len; 1807 1808 if (len > (p - stack_limit)) { 1809 return 0; 1810 } 1811 while (len) { 1812 int bytes_to_copy = (len > offset) ? offset : len; 1813 tmp -= bytes_to_copy; 1814 p -= bytes_to_copy; 1815 offset -= bytes_to_copy; 1816 len -= bytes_to_copy; 1817 1818 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 1819 1820 if (offset == 0) { 1821 memcpy_to_target(p, scratch, top - p); 1822 top = p; 1823 offset = TARGET_PAGE_SIZE; 1824 } 1825 } 1826 } 1827 if (p != top) { 1828 memcpy_to_target(p, scratch + offset, top - p); 1829 } 1830 } else { 1831 int remaining = TARGET_PAGE_SIZE - (p % TARGET_PAGE_SIZE); 1832 for (i = 0; i < argc; ++i) { 1833 tmp = argv[i]; 1834 if (!tmp) { 1835 fprintf(stderr, "VFS: argc is wrong"); 1836 exit(-1); 1837 } 1838 len = strlen(tmp) + 1; 1839 if (len > (stack_limit - p)) { 1840 return 0; 1841 } 1842 while (len) { 1843 int bytes_to_copy = (len > remaining) ? remaining : len; 1844 1845 memcpy_fromfs(scratch + (p - top), tmp, bytes_to_copy); 1846 1847 tmp += bytes_to_copy; 1848 remaining -= bytes_to_copy; 1849 p += bytes_to_copy; 1850 len -= bytes_to_copy; 1851 1852 if (remaining == 0) { 1853 memcpy_to_target(top, scratch, p - top); 1854 top = p; 1855 remaining = TARGET_PAGE_SIZE; 1856 } 1857 } 1858 } 1859 if (p != top) { 1860 memcpy_to_target(top, scratch, p - top); 1861 } 1862 } 1863 1864 return p; 1865 } 1866 1867 /* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 1868 * argument/environment space. Newer kernels (>2.6.33) allow more, 1869 * dependent on stack size, but guarantee at least 32 pages for 1870 * backwards compatibility. 1871 */ 1872 #define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 1873 1874 static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 1875 struct image_info *info) 1876 { 1877 abi_ulong size, error, guard; 1878 1879 size = guest_stack_size; 1880 if (size < STACK_LOWER_LIMIT) { 1881 size = STACK_LOWER_LIMIT; 1882 } 1883 guard = TARGET_PAGE_SIZE; 1884 if (guard < qemu_real_host_page_size) { 1885 guard = qemu_real_host_page_size; 1886 } 1887 1888 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1889 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1890 if (error == -1) { 1891 perror("mmap stack"); 1892 exit(-1); 1893 } 1894 1895 /* We reserve one extra page at the top of the stack as guard. */ 1896 if (STACK_GROWS_DOWN) { 1897 target_mprotect(error, guard, PROT_NONE); 1898 info->stack_limit = error + guard; 1899 return info->stack_limit + size - sizeof(void *); 1900 } else { 1901 target_mprotect(error + size, guard, PROT_NONE); 1902 info->stack_limit = error + size; 1903 return error; 1904 } 1905 } 1906 1907 /* Map and zero the bss. We need to explicitly zero any fractional pages 1908 after the data section (i.e. bss). */ 1909 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1910 { 1911 uintptr_t host_start, host_map_start, host_end; 1912 1913 last_bss = TARGET_PAGE_ALIGN(last_bss); 1914 1915 /* ??? There is confusion between qemu_real_host_page_size and 1916 qemu_host_page_size here and elsewhere in target_mmap, which 1917 may lead to the end of the data section mapping from the file 1918 not being mapped. At least there was an explicit test and 1919 comment for that here, suggesting that "the file size must 1920 be known". The comment probably pre-dates the introduction 1921 of the fstat system call in target_mmap which does in fact 1922 find out the size. What isn't clear is if the workaround 1923 here is still actually needed. For now, continue with it, 1924 but merge it with the "normal" mmap that would allocate the bss. */ 1925 1926 host_start = (uintptr_t) g2h_untagged(elf_bss); 1927 host_end = (uintptr_t) g2h_untagged(last_bss); 1928 host_map_start = REAL_HOST_PAGE_ALIGN(host_start); 1929 1930 if (host_map_start < host_end) { 1931 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1932 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1933 if (p == MAP_FAILED) { 1934 perror("cannot mmap brk"); 1935 exit(-1); 1936 } 1937 } 1938 1939 /* Ensure that the bss page(s) are valid */ 1940 if ((page_get_flags(last_bss-1) & prot) != prot) { 1941 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot | PAGE_VALID); 1942 } 1943 1944 if (host_start < host_map_start) { 1945 memset((void *)host_start, 0, host_map_start - host_start); 1946 } 1947 } 1948 1949 #ifdef TARGET_ARM 1950 static int elf_is_fdpic(struct elfhdr *exec) 1951 { 1952 return exec->e_ident[EI_OSABI] == ELFOSABI_ARM_FDPIC; 1953 } 1954 #else 1955 /* Default implementation, always false. */ 1956 static int elf_is_fdpic(struct elfhdr *exec) 1957 { 1958 return 0; 1959 } 1960 #endif 1961 1962 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1963 { 1964 uint16_t n; 1965 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1966 1967 /* elf32_fdpic_loadseg */ 1968 n = info->nsegs; 1969 while (n--) { 1970 sp -= 12; 1971 put_user_u32(loadsegs[n].addr, sp+0); 1972 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1973 put_user_u32(loadsegs[n].p_memsz, sp+8); 1974 } 1975 1976 /* elf32_fdpic_loadmap */ 1977 sp -= 4; 1978 put_user_u16(0, sp+0); /* version */ 1979 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1980 1981 info->personality = PER_LINUX_FDPIC; 1982 info->loadmap_addr = sp; 1983 1984 return sp; 1985 } 1986 1987 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1988 struct elfhdr *exec, 1989 struct image_info *info, 1990 struct image_info *interp_info) 1991 { 1992 abi_ulong sp; 1993 abi_ulong u_argc, u_argv, u_envp, u_auxv; 1994 int size; 1995 int i; 1996 abi_ulong u_rand_bytes; 1997 uint8_t k_rand_bytes[16]; 1998 abi_ulong u_platform; 1999 const char *k_platform; 2000 const int n = sizeof(elf_addr_t); 2001 2002 sp = p; 2003 2004 /* Needs to be before we load the env/argc/... */ 2005 if (elf_is_fdpic(exec)) { 2006 /* Need 4 byte alignment for these structs */ 2007 sp &= ~3; 2008 sp = loader_build_fdpic_loadmap(info, sp); 2009 info->other_info = interp_info; 2010 if (interp_info) { 2011 interp_info->other_info = info; 2012 sp = loader_build_fdpic_loadmap(interp_info, sp); 2013 info->interpreter_loadmap_addr = interp_info->loadmap_addr; 2014 info->interpreter_pt_dynamic_addr = interp_info->pt_dynamic_addr; 2015 } else { 2016 info->interpreter_loadmap_addr = 0; 2017 info->interpreter_pt_dynamic_addr = 0; 2018 } 2019 } 2020 2021 u_platform = 0; 2022 k_platform = ELF_PLATFORM; 2023 if (k_platform) { 2024 size_t len = strlen(k_platform) + 1; 2025 if (STACK_GROWS_DOWN) { 2026 sp -= (len + n - 1) & ~(n - 1); 2027 u_platform = sp; 2028 /* FIXME - check return value of memcpy_to_target() for failure */ 2029 memcpy_to_target(sp, k_platform, len); 2030 } else { 2031 memcpy_to_target(sp, k_platform, len); 2032 u_platform = sp; 2033 sp += len + 1; 2034 } 2035 } 2036 2037 /* Provide 16 byte alignment for the PRNG, and basic alignment for 2038 * the argv and envp pointers. 2039 */ 2040 if (STACK_GROWS_DOWN) { 2041 sp = QEMU_ALIGN_DOWN(sp, 16); 2042 } else { 2043 sp = QEMU_ALIGN_UP(sp, 16); 2044 } 2045 2046 /* 2047 * Generate 16 random bytes for userspace PRNG seeding. 2048 */ 2049 qemu_guest_getrandom_nofail(k_rand_bytes, sizeof(k_rand_bytes)); 2050 if (STACK_GROWS_DOWN) { 2051 sp -= 16; 2052 u_rand_bytes = sp; 2053 /* FIXME - check return value of memcpy_to_target() for failure */ 2054 memcpy_to_target(sp, k_rand_bytes, 16); 2055 } else { 2056 memcpy_to_target(sp, k_rand_bytes, 16); 2057 u_rand_bytes = sp; 2058 sp += 16; 2059 } 2060 2061 size = (DLINFO_ITEMS + 1) * 2; 2062 if (k_platform) 2063 size += 2; 2064 #ifdef DLINFO_ARCH_ITEMS 2065 size += DLINFO_ARCH_ITEMS * 2; 2066 #endif 2067 #ifdef ELF_HWCAP2 2068 size += 2; 2069 #endif 2070 info->auxv_len = size * n; 2071 2072 size += envc + argc + 2; 2073 size += 1; /* argc itself */ 2074 size *= n; 2075 2076 /* Allocate space and finalize stack alignment for entry now. */ 2077 if (STACK_GROWS_DOWN) { 2078 u_argc = QEMU_ALIGN_DOWN(sp - size, STACK_ALIGNMENT); 2079 sp = u_argc; 2080 } else { 2081 u_argc = sp; 2082 sp = QEMU_ALIGN_UP(sp + size, STACK_ALIGNMENT); 2083 } 2084 2085 u_argv = u_argc + n; 2086 u_envp = u_argv + (argc + 1) * n; 2087 u_auxv = u_envp + (envc + 1) * n; 2088 info->saved_auxv = u_auxv; 2089 info->arg_start = u_argv; 2090 info->arg_end = u_argv + argc * n; 2091 2092 /* This is correct because Linux defines 2093 * elf_addr_t as Elf32_Off / Elf64_Off 2094 */ 2095 #define NEW_AUX_ENT(id, val) do { \ 2096 put_user_ual(id, u_auxv); u_auxv += n; \ 2097 put_user_ual(val, u_auxv); u_auxv += n; \ 2098 } while(0) 2099 2100 #ifdef ARCH_DLINFO 2101 /* 2102 * ARCH_DLINFO must come first so platform specific code can enforce 2103 * special alignment requirements on the AUXV if necessary (eg. PPC). 2104 */ 2105 ARCH_DLINFO; 2106 #endif 2107 /* There must be exactly DLINFO_ITEMS entries here, or the assert 2108 * on info->auxv_len will trigger. 2109 */ 2110 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 2111 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 2112 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 2113 if ((info->alignment & ~qemu_host_page_mask) != 0) { 2114 /* Target doesn't support host page size alignment */ 2115 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 2116 } else { 2117 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(MAX(TARGET_PAGE_SIZE, 2118 qemu_host_page_size))); 2119 } 2120 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 2121 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 2122 NEW_AUX_ENT(AT_ENTRY, info->entry); 2123 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 2124 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 2125 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 2126 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 2127 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 2128 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 2129 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 2130 NEW_AUX_ENT(AT_SECURE, (abi_ulong) qemu_getauxval(AT_SECURE)); 2131 NEW_AUX_ENT(AT_EXECFN, info->file_string); 2132 2133 #ifdef ELF_HWCAP2 2134 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 2135 #endif 2136 2137 if (u_platform) { 2138 NEW_AUX_ENT(AT_PLATFORM, u_platform); 2139 } 2140 NEW_AUX_ENT (AT_NULL, 0); 2141 #undef NEW_AUX_ENT 2142 2143 /* Check that our initial calculation of the auxv length matches how much 2144 * we actually put into it. 2145 */ 2146 assert(info->auxv_len == u_auxv - info->saved_auxv); 2147 2148 put_user_ual(argc, u_argc); 2149 2150 p = info->arg_strings; 2151 for (i = 0; i < argc; ++i) { 2152 put_user_ual(p, u_argv); 2153 u_argv += n; 2154 p += target_strlen(p) + 1; 2155 } 2156 put_user_ual(0, u_argv); 2157 2158 p = info->env_strings; 2159 for (i = 0; i < envc; ++i) { 2160 put_user_ual(p, u_envp); 2161 u_envp += n; 2162 p += target_strlen(p) + 1; 2163 } 2164 put_user_ual(0, u_envp); 2165 2166 return sp; 2167 } 2168 2169 #ifndef ARM_COMMPAGE 2170 #define ARM_COMMPAGE 0 2171 #define init_guest_commpage() true 2172 #endif 2173 2174 static void pgb_fail_in_use(const char *image_name) 2175 { 2176 error_report("%s: requires virtual address space that is in use " 2177 "(omit the -B option or choose a different value)", 2178 image_name); 2179 exit(EXIT_FAILURE); 2180 } 2181 2182 static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr, 2183 abi_ulong guest_hiaddr, long align) 2184 { 2185 const int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 2186 void *addr, *test; 2187 2188 if (!QEMU_IS_ALIGNED(guest_base, align)) { 2189 fprintf(stderr, "Requested guest base %p does not satisfy " 2190 "host minimum alignment (0x%lx)\n", 2191 (void *)guest_base, align); 2192 exit(EXIT_FAILURE); 2193 } 2194 2195 /* Sanity check the guest binary. */ 2196 if (reserved_va) { 2197 if (guest_hiaddr > reserved_va) { 2198 error_report("%s: requires more than reserved virtual " 2199 "address space (0x%" PRIx64 " > 0x%lx)", 2200 image_name, (uint64_t)guest_hiaddr, reserved_va); 2201 exit(EXIT_FAILURE); 2202 } 2203 } else { 2204 #if HOST_LONG_BITS < TARGET_ABI_BITS 2205 if ((guest_hiaddr - guest_base) > ~(uintptr_t)0) { 2206 error_report("%s: requires more virtual address space " 2207 "than the host can provide (0x%" PRIx64 ")", 2208 image_name, (uint64_t)guest_hiaddr - guest_base); 2209 exit(EXIT_FAILURE); 2210 } 2211 #endif 2212 } 2213 2214 /* 2215 * Expand the allocation to the entire reserved_va. 2216 * Exclude the mmap_min_addr hole. 2217 */ 2218 if (reserved_va) { 2219 guest_loaddr = (guest_base >= mmap_min_addr ? 0 2220 : mmap_min_addr - guest_base); 2221 guest_hiaddr = reserved_va; 2222 } 2223 2224 /* Reserve the address space for the binary, or reserved_va. */ 2225 test = g2h_untagged(guest_loaddr); 2226 addr = mmap(test, guest_hiaddr - guest_loaddr, PROT_NONE, flags, -1, 0); 2227 if (test != addr) { 2228 pgb_fail_in_use(image_name); 2229 } 2230 } 2231 2232 /** 2233 * pgd_find_hole_fallback: potential mmap address 2234 * @guest_size: size of available space 2235 * @brk: location of break 2236 * @align: memory alignment 2237 * 2238 * This is a fallback method for finding a hole in the host address 2239 * space if we don't have the benefit of being able to access 2240 * /proc/self/map. It can potentially take a very long time as we can 2241 * only dumbly iterate up the host address space seeing if the 2242 * allocation would work. 2243 */ 2244 static uintptr_t pgd_find_hole_fallback(uintptr_t guest_size, uintptr_t brk, 2245 long align, uintptr_t offset) 2246 { 2247 uintptr_t base; 2248 2249 /* Start (aligned) at the bottom and work our way up */ 2250 base = ROUND_UP(mmap_min_addr, align); 2251 2252 while (true) { 2253 uintptr_t align_start, end; 2254 align_start = ROUND_UP(base, align); 2255 end = align_start + guest_size + offset; 2256 2257 /* if brk is anywhere in the range give ourselves some room to grow. */ 2258 if (align_start <= brk && brk < end) { 2259 base = brk + (16 * MiB); 2260 continue; 2261 } else if (align_start + guest_size < align_start) { 2262 /* we have run out of space */ 2263 return -1; 2264 } else { 2265 int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE | 2266 MAP_FIXED_NOREPLACE; 2267 void * mmap_start = mmap((void *) align_start, guest_size, 2268 PROT_NONE, flags, -1, 0); 2269 if (mmap_start != MAP_FAILED) { 2270 munmap(mmap_start, guest_size); 2271 if (mmap_start == (void *) align_start) { 2272 return (uintptr_t) mmap_start + offset; 2273 } 2274 } 2275 base += qemu_host_page_size; 2276 } 2277 } 2278 } 2279 2280 /* Return value for guest_base, or -1 if no hole found. */ 2281 static uintptr_t pgb_find_hole(uintptr_t guest_loaddr, uintptr_t guest_size, 2282 long align, uintptr_t offset) 2283 { 2284 GSList *maps, *iter; 2285 uintptr_t this_start, this_end, next_start, brk; 2286 intptr_t ret = -1; 2287 2288 assert(QEMU_IS_ALIGNED(guest_loaddr, align)); 2289 2290 maps = read_self_maps(); 2291 2292 /* Read brk after we've read the maps, which will malloc. */ 2293 brk = (uintptr_t)sbrk(0); 2294 2295 if (!maps) { 2296 ret = pgd_find_hole_fallback(guest_size, brk, align, offset); 2297 return ret == -1 ? -1 : ret - guest_loaddr; 2298 } 2299 2300 /* The first hole is before the first map entry. */ 2301 this_start = mmap_min_addr; 2302 2303 for (iter = maps; iter; 2304 this_start = next_start, iter = g_slist_next(iter)) { 2305 uintptr_t align_start, hole_size; 2306 2307 this_end = ((MapInfo *)iter->data)->start; 2308 next_start = ((MapInfo *)iter->data)->end; 2309 align_start = ROUND_UP(this_start + offset, align); 2310 2311 /* Skip holes that are too small. */ 2312 if (align_start >= this_end) { 2313 continue; 2314 } 2315 hole_size = this_end - align_start; 2316 if (hole_size < guest_size) { 2317 continue; 2318 } 2319 2320 /* If this hole contains brk, give ourselves some room to grow. */ 2321 if (this_start <= brk && brk < this_end) { 2322 hole_size -= guest_size; 2323 if (sizeof(uintptr_t) == 8 && hole_size >= 1 * GiB) { 2324 align_start += 1 * GiB; 2325 } else if (hole_size >= 16 * MiB) { 2326 align_start += 16 * MiB; 2327 } else { 2328 align_start = (this_end - guest_size) & -align; 2329 if (align_start < this_start) { 2330 continue; 2331 } 2332 } 2333 } 2334 2335 /* Record the lowest successful match. */ 2336 if (ret < 0) { 2337 ret = align_start - guest_loaddr; 2338 } 2339 /* If this hole contains the identity map, select it. */ 2340 if (align_start <= guest_loaddr && 2341 guest_loaddr + guest_size <= this_end) { 2342 ret = 0; 2343 } 2344 /* If this hole ends above the identity map, stop looking. */ 2345 if (this_end >= guest_loaddr) { 2346 break; 2347 } 2348 } 2349 free_self_maps(maps); 2350 2351 return ret; 2352 } 2353 2354 static void pgb_static(const char *image_name, abi_ulong orig_loaddr, 2355 abi_ulong orig_hiaddr, long align) 2356 { 2357 uintptr_t loaddr = orig_loaddr; 2358 uintptr_t hiaddr = orig_hiaddr; 2359 uintptr_t offset = 0; 2360 uintptr_t addr; 2361 2362 if (hiaddr != orig_hiaddr) { 2363 error_report("%s: requires virtual address space that the " 2364 "host cannot provide (0x%" PRIx64 ")", 2365 image_name, (uint64_t)orig_hiaddr); 2366 exit(EXIT_FAILURE); 2367 } 2368 2369 loaddr &= -align; 2370 if (ARM_COMMPAGE) { 2371 /* 2372 * Extend the allocation to include the commpage. 2373 * For a 64-bit host, this is just 4GiB; for a 32-bit host we 2374 * need to ensure there is space bellow the guest_base so we 2375 * can map the commpage in the place needed when the address 2376 * arithmetic wraps around. 2377 */ 2378 if (sizeof(uintptr_t) == 8 || loaddr >= 0x80000000u) { 2379 hiaddr = (uintptr_t) 4 << 30; 2380 } else { 2381 offset = -(ARM_COMMPAGE & -align); 2382 } 2383 } 2384 2385 addr = pgb_find_hole(loaddr, hiaddr - loaddr, align, offset); 2386 if (addr == -1) { 2387 /* 2388 * If ARM_COMMPAGE, there *might* be a non-consecutive allocation 2389 * that can satisfy both. But as the normal arm32 link base address 2390 * is ~32k, and we extend down to include the commpage, making the 2391 * overhead only ~96k, this is unlikely. 2392 */ 2393 error_report("%s: Unable to allocate %#zx bytes of " 2394 "virtual address space", image_name, 2395 (size_t)(hiaddr - loaddr)); 2396 exit(EXIT_FAILURE); 2397 } 2398 2399 guest_base = addr; 2400 } 2401 2402 static void pgb_dynamic(const char *image_name, long align) 2403 { 2404 /* 2405 * The executable is dynamic and does not require a fixed address. 2406 * All we need is a commpage that satisfies align. 2407 * If we do not need a commpage, leave guest_base == 0. 2408 */ 2409 if (ARM_COMMPAGE) { 2410 uintptr_t addr, commpage; 2411 2412 /* 64-bit hosts should have used reserved_va. */ 2413 assert(sizeof(uintptr_t) == 4); 2414 2415 /* 2416 * By putting the commpage at the first hole, that puts guest_base 2417 * just above that, and maximises the positive guest addresses. 2418 */ 2419 commpage = ARM_COMMPAGE & -align; 2420 addr = pgb_find_hole(commpage, -commpage, align, 0); 2421 assert(addr != -1); 2422 guest_base = addr; 2423 } 2424 } 2425 2426 static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr, 2427 abi_ulong guest_hiaddr, long align) 2428 { 2429 int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 2430 void *addr, *test; 2431 2432 if (guest_hiaddr > reserved_va) { 2433 error_report("%s: requires more than reserved virtual " 2434 "address space (0x%" PRIx64 " > 0x%lx)", 2435 image_name, (uint64_t)guest_hiaddr, reserved_va); 2436 exit(EXIT_FAILURE); 2437 } 2438 2439 /* Widen the "image" to the entire reserved address space. */ 2440 pgb_static(image_name, 0, reserved_va, align); 2441 2442 /* osdep.h defines this as 0 if it's missing */ 2443 flags |= MAP_FIXED_NOREPLACE; 2444 2445 /* Reserve the memory on the host. */ 2446 assert(guest_base != 0); 2447 test = g2h_untagged(0); 2448 addr = mmap(test, reserved_va, PROT_NONE, flags, -1, 0); 2449 if (addr == MAP_FAILED || addr != test) { 2450 error_report("Unable to reserve 0x%lx bytes of virtual address " 2451 "space at %p (%s) for use as guest address space (check your" 2452 "virtual memory ulimit setting, min_mmap_addr or reserve less " 2453 "using -R option)", reserved_va, test, strerror(errno)); 2454 exit(EXIT_FAILURE); 2455 } 2456 } 2457 2458 void probe_guest_base(const char *image_name, abi_ulong guest_loaddr, 2459 abi_ulong guest_hiaddr) 2460 { 2461 /* In order to use host shmat, we must be able to honor SHMLBA. */ 2462 uintptr_t align = MAX(SHMLBA, qemu_host_page_size); 2463 2464 if (have_guest_base) { 2465 pgb_have_guest_base(image_name, guest_loaddr, guest_hiaddr, align); 2466 } else if (reserved_va) { 2467 pgb_reserved_va(image_name, guest_loaddr, guest_hiaddr, align); 2468 } else if (guest_loaddr) { 2469 pgb_static(image_name, guest_loaddr, guest_hiaddr, align); 2470 } else { 2471 pgb_dynamic(image_name, align); 2472 } 2473 2474 /* Reserve and initialize the commpage. */ 2475 if (!init_guest_commpage()) { 2476 /* 2477 * With have_guest_base, the user has selected the address and 2478 * we are trying to work with that. Otherwise, we have selected 2479 * free space and init_guest_commpage must succeeded. 2480 */ 2481 assert(have_guest_base); 2482 pgb_fail_in_use(image_name); 2483 } 2484 2485 assert(QEMU_IS_ALIGNED(guest_base, align)); 2486 qemu_log_mask(CPU_LOG_PAGE, "Locating guest address space " 2487 "@ 0x%" PRIx64 "\n", (uint64_t)guest_base); 2488 } 2489 2490 enum { 2491 /* The string "GNU\0" as a magic number. */ 2492 GNU0_MAGIC = const_le32('G' | 'N' << 8 | 'U' << 16), 2493 NOTE_DATA_SZ = 1 * KiB, 2494 NOTE_NAME_SZ = 4, 2495 ELF_GNU_PROPERTY_ALIGN = ELF_CLASS == ELFCLASS32 ? 4 : 8, 2496 }; 2497 2498 /* 2499 * Process a single gnu_property entry. 2500 * Return false for error. 2501 */ 2502 static bool parse_elf_property(const uint32_t *data, int *off, int datasz, 2503 struct image_info *info, bool have_prev_type, 2504 uint32_t *prev_type, Error **errp) 2505 { 2506 uint32_t pr_type, pr_datasz, step; 2507 2508 if (*off > datasz || !QEMU_IS_ALIGNED(*off, ELF_GNU_PROPERTY_ALIGN)) { 2509 goto error_data; 2510 } 2511 datasz -= *off; 2512 data += *off / sizeof(uint32_t); 2513 2514 if (datasz < 2 * sizeof(uint32_t)) { 2515 goto error_data; 2516 } 2517 pr_type = data[0]; 2518 pr_datasz = data[1]; 2519 data += 2; 2520 datasz -= 2 * sizeof(uint32_t); 2521 step = ROUND_UP(pr_datasz, ELF_GNU_PROPERTY_ALIGN); 2522 if (step > datasz) { 2523 goto error_data; 2524 } 2525 2526 /* Properties are supposed to be unique and sorted on pr_type. */ 2527 if (have_prev_type && pr_type <= *prev_type) { 2528 if (pr_type == *prev_type) { 2529 error_setg(errp, "Duplicate property in PT_GNU_PROPERTY"); 2530 } else { 2531 error_setg(errp, "Unsorted property in PT_GNU_PROPERTY"); 2532 } 2533 return false; 2534 } 2535 *prev_type = pr_type; 2536 2537 if (!arch_parse_elf_property(pr_type, pr_datasz, data, info, errp)) { 2538 return false; 2539 } 2540 2541 *off += 2 * sizeof(uint32_t) + step; 2542 return true; 2543 2544 error_data: 2545 error_setg(errp, "Ill-formed property in PT_GNU_PROPERTY"); 2546 return false; 2547 } 2548 2549 /* Process NT_GNU_PROPERTY_TYPE_0. */ 2550 static bool parse_elf_properties(int image_fd, 2551 struct image_info *info, 2552 const struct elf_phdr *phdr, 2553 char bprm_buf[BPRM_BUF_SIZE], 2554 Error **errp) 2555 { 2556 union { 2557 struct elf_note nhdr; 2558 uint32_t data[NOTE_DATA_SZ / sizeof(uint32_t)]; 2559 } note; 2560 2561 int n, off, datasz; 2562 bool have_prev_type; 2563 uint32_t prev_type; 2564 2565 /* Unless the arch requires properties, ignore them. */ 2566 if (!ARCH_USE_GNU_PROPERTY) { 2567 return true; 2568 } 2569 2570 /* If the properties are crazy large, that's too bad. */ 2571 n = phdr->p_filesz; 2572 if (n > sizeof(note)) { 2573 error_setg(errp, "PT_GNU_PROPERTY too large"); 2574 return false; 2575 } 2576 if (n < sizeof(note.nhdr)) { 2577 error_setg(errp, "PT_GNU_PROPERTY too small"); 2578 return false; 2579 } 2580 2581 if (phdr->p_offset + n <= BPRM_BUF_SIZE) { 2582 memcpy(¬e, bprm_buf + phdr->p_offset, n); 2583 } else { 2584 ssize_t len = pread(image_fd, ¬e, n, phdr->p_offset); 2585 if (len != n) { 2586 error_setg_errno(errp, errno, "Error reading file header"); 2587 return false; 2588 } 2589 } 2590 2591 /* 2592 * The contents of a valid PT_GNU_PROPERTY is a sequence 2593 * of uint32_t -- swap them all now. 2594 */ 2595 #ifdef BSWAP_NEEDED 2596 for (int i = 0; i < n / 4; i++) { 2597 bswap32s(note.data + i); 2598 } 2599 #endif 2600 2601 /* 2602 * Note that nhdr is 3 words, and that the "name" described by namesz 2603 * immediately follows nhdr and is thus at the 4th word. Further, all 2604 * of the inputs to the kernel's round_up are multiples of 4. 2605 */ 2606 if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 || 2607 note.nhdr.n_namesz != NOTE_NAME_SZ || 2608 note.data[3] != GNU0_MAGIC) { 2609 error_setg(errp, "Invalid note in PT_GNU_PROPERTY"); 2610 return false; 2611 } 2612 off = sizeof(note.nhdr) + NOTE_NAME_SZ; 2613 2614 datasz = note.nhdr.n_descsz + off; 2615 if (datasz > n) { 2616 error_setg(errp, "Invalid note size in PT_GNU_PROPERTY"); 2617 return false; 2618 } 2619 2620 have_prev_type = false; 2621 prev_type = 0; 2622 while (1) { 2623 if (off == datasz) { 2624 return true; /* end, exit ok */ 2625 } 2626 if (!parse_elf_property(note.data, &off, datasz, info, 2627 have_prev_type, &prev_type, errp)) { 2628 return false; 2629 } 2630 have_prev_type = true; 2631 } 2632 } 2633 2634 /* Load an ELF image into the address space. 2635 2636 IMAGE_NAME is the filename of the image, to use in error messages. 2637 IMAGE_FD is the open file descriptor for the image. 2638 2639 BPRM_BUF is a copy of the beginning of the file; this of course 2640 contains the elf file header at offset 0. It is assumed that this 2641 buffer is sufficiently aligned to present no problems to the host 2642 in accessing data at aligned offsets within the buffer. 2643 2644 On return: INFO values will be filled in, as necessary or available. */ 2645 2646 static void load_elf_image(const char *image_name, int image_fd, 2647 struct image_info *info, char **pinterp_name, 2648 char bprm_buf[BPRM_BUF_SIZE]) 2649 { 2650 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 2651 struct elf_phdr *phdr; 2652 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 2653 int i, retval, prot_exec; 2654 Error *err = NULL; 2655 2656 /* First of all, some simple consistency checks */ 2657 if (!elf_check_ident(ehdr)) { 2658 error_setg(&err, "Invalid ELF image for this architecture"); 2659 goto exit_errmsg; 2660 } 2661 bswap_ehdr(ehdr); 2662 if (!elf_check_ehdr(ehdr)) { 2663 error_setg(&err, "Invalid ELF image for this architecture"); 2664 goto exit_errmsg; 2665 } 2666 2667 i = ehdr->e_phnum * sizeof(struct elf_phdr); 2668 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 2669 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 2670 } else { 2671 phdr = (struct elf_phdr *) alloca(i); 2672 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 2673 if (retval != i) { 2674 goto exit_read; 2675 } 2676 } 2677 bswap_phdr(phdr, ehdr->e_phnum); 2678 2679 info->nsegs = 0; 2680 info->pt_dynamic_addr = 0; 2681 2682 mmap_lock(); 2683 2684 /* 2685 * Find the maximum size of the image and allocate an appropriate 2686 * amount of memory to handle that. Locate the interpreter, if any. 2687 */ 2688 loaddr = -1, hiaddr = 0; 2689 info->alignment = 0; 2690 for (i = 0; i < ehdr->e_phnum; ++i) { 2691 struct elf_phdr *eppnt = phdr + i; 2692 if (eppnt->p_type == PT_LOAD) { 2693 abi_ulong a = eppnt->p_vaddr - eppnt->p_offset; 2694 if (a < loaddr) { 2695 loaddr = a; 2696 } 2697 a = eppnt->p_vaddr + eppnt->p_memsz; 2698 if (a > hiaddr) { 2699 hiaddr = a; 2700 } 2701 ++info->nsegs; 2702 info->alignment |= eppnt->p_align; 2703 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 2704 g_autofree char *interp_name = NULL; 2705 2706 if (*pinterp_name) { 2707 error_setg(&err, "Multiple PT_INTERP entries"); 2708 goto exit_errmsg; 2709 } 2710 2711 interp_name = g_malloc(eppnt->p_filesz); 2712 2713 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2714 memcpy(interp_name, bprm_buf + eppnt->p_offset, 2715 eppnt->p_filesz); 2716 } else { 2717 retval = pread(image_fd, interp_name, eppnt->p_filesz, 2718 eppnt->p_offset); 2719 if (retval != eppnt->p_filesz) { 2720 goto exit_read; 2721 } 2722 } 2723 if (interp_name[eppnt->p_filesz - 1] != 0) { 2724 error_setg(&err, "Invalid PT_INTERP entry"); 2725 goto exit_errmsg; 2726 } 2727 *pinterp_name = g_steal_pointer(&interp_name); 2728 } else if (eppnt->p_type == PT_GNU_PROPERTY) { 2729 if (!parse_elf_properties(image_fd, info, eppnt, bprm_buf, &err)) { 2730 goto exit_errmsg; 2731 } 2732 } 2733 } 2734 2735 if (pinterp_name != NULL) { 2736 /* 2737 * This is the main executable. 2738 * 2739 * Reserve extra space for brk. 2740 * We hold on to this space while placing the interpreter 2741 * and the stack, lest they be placed immediately after 2742 * the data segment and block allocation from the brk. 2743 * 2744 * 16MB is chosen as "large enough" without being so large 2745 * as to allow the result to not fit with a 32-bit guest on 2746 * a 32-bit host. 2747 */ 2748 info->reserve_brk = 16 * MiB; 2749 hiaddr += info->reserve_brk; 2750 2751 if (ehdr->e_type == ET_EXEC) { 2752 /* 2753 * Make sure that the low address does not conflict with 2754 * MMAP_MIN_ADDR or the QEMU application itself. 2755 */ 2756 probe_guest_base(image_name, loaddr, hiaddr); 2757 } else { 2758 /* 2759 * The binary is dynamic, but we still need to 2760 * select guest_base. In this case we pass a size. 2761 */ 2762 probe_guest_base(image_name, 0, hiaddr - loaddr); 2763 } 2764 } 2765 2766 /* 2767 * Reserve address space for all of this. 2768 * 2769 * In the case of ET_EXEC, we supply MAP_FIXED so that we get 2770 * exactly the address range that is required. 2771 * 2772 * Otherwise this is ET_DYN, and we are searching for a location 2773 * that can hold the memory space required. If the image is 2774 * pre-linked, LOADDR will be non-zero, and the kernel should 2775 * honor that address if it happens to be free. 2776 * 2777 * In both cases, we will overwrite pages in this range with mappings 2778 * from the executable. 2779 */ 2780 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 2781 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE | 2782 (ehdr->e_type == ET_EXEC ? MAP_FIXED : 0), 2783 -1, 0); 2784 if (load_addr == -1) { 2785 goto exit_mmap; 2786 } 2787 load_bias = load_addr - loaddr; 2788 2789 if (elf_is_fdpic(ehdr)) { 2790 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 2791 g_malloc(sizeof(*loadsegs) * info->nsegs); 2792 2793 for (i = 0; i < ehdr->e_phnum; ++i) { 2794 switch (phdr[i].p_type) { 2795 case PT_DYNAMIC: 2796 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 2797 break; 2798 case PT_LOAD: 2799 loadsegs->addr = phdr[i].p_vaddr + load_bias; 2800 loadsegs->p_vaddr = phdr[i].p_vaddr; 2801 loadsegs->p_memsz = phdr[i].p_memsz; 2802 ++loadsegs; 2803 break; 2804 } 2805 } 2806 } 2807 2808 info->load_bias = load_bias; 2809 info->code_offset = load_bias; 2810 info->data_offset = load_bias; 2811 info->load_addr = load_addr; 2812 info->entry = ehdr->e_entry + load_bias; 2813 info->start_code = -1; 2814 info->end_code = 0; 2815 info->start_data = -1; 2816 info->end_data = 0; 2817 info->brk = 0; 2818 info->elf_flags = ehdr->e_flags; 2819 2820 prot_exec = PROT_EXEC; 2821 #ifdef TARGET_AARCH64 2822 /* 2823 * If the BTI feature is present, this indicates that the executable 2824 * pages of the startup binary should be mapped with PROT_BTI, so that 2825 * branch targets are enforced. 2826 * 2827 * The startup binary is either the interpreter or the static executable. 2828 * The interpreter is responsible for all pages of a dynamic executable. 2829 * 2830 * Elf notes are backward compatible to older cpus. 2831 * Do not enable BTI unless it is supported. 2832 */ 2833 if ((info->note_flags & GNU_PROPERTY_AARCH64_FEATURE_1_BTI) 2834 && (pinterp_name == NULL || *pinterp_name == 0) 2835 && cpu_isar_feature(aa64_bti, ARM_CPU(thread_cpu))) { 2836 prot_exec |= TARGET_PROT_BTI; 2837 } 2838 #endif 2839 2840 for (i = 0; i < ehdr->e_phnum; i++) { 2841 struct elf_phdr *eppnt = phdr + i; 2842 if (eppnt->p_type == PT_LOAD) { 2843 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em, vaddr_len; 2844 int elf_prot = 0; 2845 2846 if (eppnt->p_flags & PF_R) { 2847 elf_prot |= PROT_READ; 2848 } 2849 if (eppnt->p_flags & PF_W) { 2850 elf_prot |= PROT_WRITE; 2851 } 2852 if (eppnt->p_flags & PF_X) { 2853 elf_prot |= prot_exec; 2854 } 2855 2856 vaddr = load_bias + eppnt->p_vaddr; 2857 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 2858 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 2859 2860 vaddr_ef = vaddr + eppnt->p_filesz; 2861 vaddr_em = vaddr + eppnt->p_memsz; 2862 2863 /* 2864 * Some segments may be completely empty, with a non-zero p_memsz 2865 * but no backing file segment. 2866 */ 2867 if (eppnt->p_filesz != 0) { 2868 vaddr_len = TARGET_ELF_PAGELENGTH(eppnt->p_filesz + vaddr_po); 2869 error = target_mmap(vaddr_ps, vaddr_len, elf_prot, 2870 MAP_PRIVATE | MAP_FIXED, 2871 image_fd, eppnt->p_offset - vaddr_po); 2872 2873 if (error == -1) { 2874 goto exit_mmap; 2875 } 2876 2877 /* 2878 * If the load segment requests extra zeros (e.g. bss), map it. 2879 */ 2880 if (eppnt->p_filesz < eppnt->p_memsz) { 2881 zero_bss(vaddr_ef, vaddr_em, elf_prot); 2882 } 2883 } else if (eppnt->p_memsz != 0) { 2884 vaddr_len = TARGET_ELF_PAGELENGTH(eppnt->p_memsz + vaddr_po); 2885 error = target_mmap(vaddr_ps, vaddr_len, elf_prot, 2886 MAP_PRIVATE | MAP_FIXED | MAP_ANONYMOUS, 2887 -1, 0); 2888 2889 if (error == -1) { 2890 goto exit_mmap; 2891 } 2892 } 2893 2894 /* Find the full program boundaries. */ 2895 if (elf_prot & PROT_EXEC) { 2896 if (vaddr < info->start_code) { 2897 info->start_code = vaddr; 2898 } 2899 if (vaddr_ef > info->end_code) { 2900 info->end_code = vaddr_ef; 2901 } 2902 } 2903 if (elf_prot & PROT_WRITE) { 2904 if (vaddr < info->start_data) { 2905 info->start_data = vaddr; 2906 } 2907 if (vaddr_ef > info->end_data) { 2908 info->end_data = vaddr_ef; 2909 } 2910 } 2911 if (vaddr_em > info->brk) { 2912 info->brk = vaddr_em; 2913 } 2914 #ifdef TARGET_MIPS 2915 } else if (eppnt->p_type == PT_MIPS_ABIFLAGS) { 2916 Mips_elf_abiflags_v0 abiflags; 2917 if (eppnt->p_filesz < sizeof(Mips_elf_abiflags_v0)) { 2918 error_setg(&err, "Invalid PT_MIPS_ABIFLAGS entry"); 2919 goto exit_errmsg; 2920 } 2921 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2922 memcpy(&abiflags, bprm_buf + eppnt->p_offset, 2923 sizeof(Mips_elf_abiflags_v0)); 2924 } else { 2925 retval = pread(image_fd, &abiflags, sizeof(Mips_elf_abiflags_v0), 2926 eppnt->p_offset); 2927 if (retval != sizeof(Mips_elf_abiflags_v0)) { 2928 goto exit_read; 2929 } 2930 } 2931 bswap_mips_abiflags(&abiflags); 2932 info->fp_abi = abiflags.fp_abi; 2933 #endif 2934 } 2935 } 2936 2937 if (info->end_data == 0) { 2938 info->start_data = info->end_code; 2939 info->end_data = info->end_code; 2940 } 2941 2942 if (qemu_log_enabled()) { 2943 load_symbols(ehdr, image_fd, load_bias); 2944 } 2945 2946 mmap_unlock(); 2947 2948 close(image_fd); 2949 return; 2950 2951 exit_read: 2952 if (retval >= 0) { 2953 error_setg(&err, "Incomplete read of file header"); 2954 } else { 2955 error_setg_errno(&err, errno, "Error reading file header"); 2956 } 2957 goto exit_errmsg; 2958 exit_mmap: 2959 error_setg_errno(&err, errno, "Error mapping file"); 2960 goto exit_errmsg; 2961 exit_errmsg: 2962 error_reportf_err(err, "%s: ", image_name); 2963 exit(-1); 2964 } 2965 2966 static void load_elf_interp(const char *filename, struct image_info *info, 2967 char bprm_buf[BPRM_BUF_SIZE]) 2968 { 2969 int fd, retval; 2970 Error *err = NULL; 2971 2972 fd = open(path(filename), O_RDONLY); 2973 if (fd < 0) { 2974 error_setg_file_open(&err, errno, filename); 2975 error_report_err(err); 2976 exit(-1); 2977 } 2978 2979 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 2980 if (retval < 0) { 2981 error_setg_errno(&err, errno, "Error reading file header"); 2982 error_reportf_err(err, "%s: ", filename); 2983 exit(-1); 2984 } 2985 2986 if (retval < BPRM_BUF_SIZE) { 2987 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 2988 } 2989 2990 load_elf_image(filename, fd, info, NULL, bprm_buf); 2991 } 2992 2993 static int symfind(const void *s0, const void *s1) 2994 { 2995 target_ulong addr = *(target_ulong *)s0; 2996 struct elf_sym *sym = (struct elf_sym *)s1; 2997 int result = 0; 2998 if (addr < sym->st_value) { 2999 result = -1; 3000 } else if (addr >= sym->st_value + sym->st_size) { 3001 result = 1; 3002 } 3003 return result; 3004 } 3005 3006 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 3007 { 3008 #if ELF_CLASS == ELFCLASS32 3009 struct elf_sym *syms = s->disas_symtab.elf32; 3010 #else 3011 struct elf_sym *syms = s->disas_symtab.elf64; 3012 #endif 3013 3014 // binary search 3015 struct elf_sym *sym; 3016 3017 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 3018 if (sym != NULL) { 3019 return s->disas_strtab + sym->st_name; 3020 } 3021 3022 return ""; 3023 } 3024 3025 /* FIXME: This should use elf_ops.h */ 3026 static int symcmp(const void *s0, const void *s1) 3027 { 3028 struct elf_sym *sym0 = (struct elf_sym *)s0; 3029 struct elf_sym *sym1 = (struct elf_sym *)s1; 3030 return (sym0->st_value < sym1->st_value) 3031 ? -1 3032 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 3033 } 3034 3035 /* Best attempt to load symbols from this ELF object. */ 3036 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 3037 { 3038 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 3039 uint64_t segsz; 3040 struct elf_shdr *shdr; 3041 char *strings = NULL; 3042 struct syminfo *s = NULL; 3043 struct elf_sym *new_syms, *syms = NULL; 3044 3045 shnum = hdr->e_shnum; 3046 i = shnum * sizeof(struct elf_shdr); 3047 shdr = (struct elf_shdr *)alloca(i); 3048 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 3049 return; 3050 } 3051 3052 bswap_shdr(shdr, shnum); 3053 for (i = 0; i < shnum; ++i) { 3054 if (shdr[i].sh_type == SHT_SYMTAB) { 3055 sym_idx = i; 3056 str_idx = shdr[i].sh_link; 3057 goto found; 3058 } 3059 } 3060 3061 /* There will be no symbol table if the file was stripped. */ 3062 return; 3063 3064 found: 3065 /* Now know where the strtab and symtab are. Snarf them. */ 3066 s = g_try_new(struct syminfo, 1); 3067 if (!s) { 3068 goto give_up; 3069 } 3070 3071 segsz = shdr[str_idx].sh_size; 3072 s->disas_strtab = strings = g_try_malloc(segsz); 3073 if (!strings || 3074 pread(fd, strings, segsz, shdr[str_idx].sh_offset) != segsz) { 3075 goto give_up; 3076 } 3077 3078 segsz = shdr[sym_idx].sh_size; 3079 syms = g_try_malloc(segsz); 3080 if (!syms || pread(fd, syms, segsz, shdr[sym_idx].sh_offset) != segsz) { 3081 goto give_up; 3082 } 3083 3084 if (segsz / sizeof(struct elf_sym) > INT_MAX) { 3085 /* Implausibly large symbol table: give up rather than ploughing 3086 * on with the number of symbols calculation overflowing 3087 */ 3088 goto give_up; 3089 } 3090 nsyms = segsz / sizeof(struct elf_sym); 3091 for (i = 0; i < nsyms; ) { 3092 bswap_sym(syms + i); 3093 /* Throw away entries which we do not need. */ 3094 if (syms[i].st_shndx == SHN_UNDEF 3095 || syms[i].st_shndx >= SHN_LORESERVE 3096 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 3097 if (i < --nsyms) { 3098 syms[i] = syms[nsyms]; 3099 } 3100 } else { 3101 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 3102 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 3103 syms[i].st_value &= ~(target_ulong)1; 3104 #endif 3105 syms[i].st_value += load_bias; 3106 i++; 3107 } 3108 } 3109 3110 /* No "useful" symbol. */ 3111 if (nsyms == 0) { 3112 goto give_up; 3113 } 3114 3115 /* Attempt to free the storage associated with the local symbols 3116 that we threw away. Whether or not this has any effect on the 3117 memory allocation depends on the malloc implementation and how 3118 many symbols we managed to discard. */ 3119 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 3120 if (new_syms == NULL) { 3121 goto give_up; 3122 } 3123 syms = new_syms; 3124 3125 qsort(syms, nsyms, sizeof(*syms), symcmp); 3126 3127 s->disas_num_syms = nsyms; 3128 #if ELF_CLASS == ELFCLASS32 3129 s->disas_symtab.elf32 = syms; 3130 #else 3131 s->disas_symtab.elf64 = syms; 3132 #endif 3133 s->lookup_symbol = lookup_symbolxx; 3134 s->next = syminfos; 3135 syminfos = s; 3136 3137 return; 3138 3139 give_up: 3140 g_free(s); 3141 g_free(strings); 3142 g_free(syms); 3143 } 3144 3145 uint32_t get_elf_eflags(int fd) 3146 { 3147 struct elfhdr ehdr; 3148 off_t offset; 3149 int ret; 3150 3151 /* Read ELF header */ 3152 offset = lseek(fd, 0, SEEK_SET); 3153 if (offset == (off_t) -1) { 3154 return 0; 3155 } 3156 ret = read(fd, &ehdr, sizeof(ehdr)); 3157 if (ret < sizeof(ehdr)) { 3158 return 0; 3159 } 3160 offset = lseek(fd, offset, SEEK_SET); 3161 if (offset == (off_t) -1) { 3162 return 0; 3163 } 3164 3165 /* Check ELF signature */ 3166 if (!elf_check_ident(&ehdr)) { 3167 return 0; 3168 } 3169 3170 /* check header */ 3171 bswap_ehdr(&ehdr); 3172 if (!elf_check_ehdr(&ehdr)) { 3173 return 0; 3174 } 3175 3176 /* return architecture id */ 3177 return ehdr.e_flags; 3178 } 3179 3180 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 3181 { 3182 struct image_info interp_info; 3183 struct elfhdr elf_ex; 3184 char *elf_interpreter = NULL; 3185 char *scratch; 3186 3187 memset(&interp_info, 0, sizeof(interp_info)); 3188 #ifdef TARGET_MIPS 3189 interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN; 3190 #endif 3191 3192 info->start_mmap = (abi_ulong)ELF_START_MMAP; 3193 3194 load_elf_image(bprm->filename, bprm->fd, info, 3195 &elf_interpreter, bprm->buf); 3196 3197 /* ??? We need a copy of the elf header for passing to create_elf_tables. 3198 If we do nothing, we'll have overwritten this when we re-use bprm->buf 3199 when we load the interpreter. */ 3200 elf_ex = *(struct elfhdr *)bprm->buf; 3201 3202 /* Do this so that we can load the interpreter, if need be. We will 3203 change some of these later */ 3204 bprm->p = setup_arg_pages(bprm, info); 3205 3206 scratch = g_new0(char, TARGET_PAGE_SIZE); 3207 if (STACK_GROWS_DOWN) { 3208 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3209 bprm->p, info->stack_limit); 3210 info->file_string = bprm->p; 3211 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3212 bprm->p, info->stack_limit); 3213 info->env_strings = bprm->p; 3214 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3215 bprm->p, info->stack_limit); 3216 info->arg_strings = bprm->p; 3217 } else { 3218 info->arg_strings = bprm->p; 3219 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3220 bprm->p, info->stack_limit); 3221 info->env_strings = bprm->p; 3222 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3223 bprm->p, info->stack_limit); 3224 info->file_string = bprm->p; 3225 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3226 bprm->p, info->stack_limit); 3227 } 3228 3229 g_free(scratch); 3230 3231 if (!bprm->p) { 3232 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 3233 exit(-1); 3234 } 3235 3236 if (elf_interpreter) { 3237 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 3238 3239 /* If the program interpreter is one of these two, then assume 3240 an iBCS2 image. Otherwise assume a native linux image. */ 3241 3242 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 3243 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 3244 info->personality = PER_SVR4; 3245 3246 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 3247 and some applications "depend" upon this behavior. Since 3248 we do not have the power to recompile these, we emulate 3249 the SVr4 behavior. Sigh. */ 3250 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 3251 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 3252 } 3253 #ifdef TARGET_MIPS 3254 info->interp_fp_abi = interp_info.fp_abi; 3255 #endif 3256 } 3257 3258 /* 3259 * TODO: load a vdso, which would also contain the signal trampolines. 3260 * Otherwise, allocate a private page to hold them. 3261 */ 3262 if (TARGET_ARCH_HAS_SIGTRAMP_PAGE) { 3263 abi_ulong tramp_page = target_mmap(0, TARGET_PAGE_SIZE, 3264 PROT_READ | PROT_WRITE, 3265 MAP_PRIVATE | MAP_ANON, -1, 0); 3266 setup_sigtramp(tramp_page); 3267 target_mprotect(tramp_page, TARGET_PAGE_SIZE, PROT_READ | PROT_EXEC); 3268 } 3269 3270 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 3271 info, (elf_interpreter ? &interp_info : NULL)); 3272 info->start_stack = bprm->p; 3273 3274 /* If we have an interpreter, set that as the program's entry point. 3275 Copy the load_bias as well, to help PPC64 interpret the entry 3276 point as a function descriptor. Do this after creating elf tables 3277 so that we copy the original program entry point into the AUXV. */ 3278 if (elf_interpreter) { 3279 info->load_bias = interp_info.load_bias; 3280 info->entry = interp_info.entry; 3281 g_free(elf_interpreter); 3282 } 3283 3284 #ifdef USE_ELF_CORE_DUMP 3285 bprm->core_dump = &elf_core_dump; 3286 #endif 3287 3288 /* 3289 * If we reserved extra space for brk, release it now. 3290 * The implementation of do_brk in syscalls.c expects to be able 3291 * to mmap pages in this space. 3292 */ 3293 if (info->reserve_brk) { 3294 abi_ulong start_brk = HOST_PAGE_ALIGN(info->brk); 3295 abi_ulong end_brk = HOST_PAGE_ALIGN(info->brk + info->reserve_brk); 3296 target_munmap(start_brk, end_brk - start_brk); 3297 } 3298 3299 return 0; 3300 } 3301 3302 #ifdef USE_ELF_CORE_DUMP 3303 /* 3304 * Definitions to generate Intel SVR4-like core files. 3305 * These mostly have the same names as the SVR4 types with "target_elf_" 3306 * tacked on the front to prevent clashes with linux definitions, 3307 * and the typedef forms have been avoided. This is mostly like 3308 * the SVR4 structure, but more Linuxy, with things that Linux does 3309 * not support and which gdb doesn't really use excluded. 3310 * 3311 * Fields we don't dump (their contents is zero) in linux-user qemu 3312 * are marked with XXX. 3313 * 3314 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 3315 * 3316 * Porting ELF coredump for target is (quite) simple process. First you 3317 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 3318 * the target resides): 3319 * 3320 * #define USE_ELF_CORE_DUMP 3321 * 3322 * Next you define type of register set used for dumping. ELF specification 3323 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 3324 * 3325 * typedef <target_regtype> target_elf_greg_t; 3326 * #define ELF_NREG <number of registers> 3327 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 3328 * 3329 * Last step is to implement target specific function that copies registers 3330 * from given cpu into just specified register set. Prototype is: 3331 * 3332 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 3333 * const CPUArchState *env); 3334 * 3335 * Parameters: 3336 * regs - copy register values into here (allocated and zeroed by caller) 3337 * env - copy registers from here 3338 * 3339 * Example for ARM target is provided in this file. 3340 */ 3341 3342 /* An ELF note in memory */ 3343 struct memelfnote { 3344 const char *name; 3345 size_t namesz; 3346 size_t namesz_rounded; 3347 int type; 3348 size_t datasz; 3349 size_t datasz_rounded; 3350 void *data; 3351 size_t notesz; 3352 }; 3353 3354 struct target_elf_siginfo { 3355 abi_int si_signo; /* signal number */ 3356 abi_int si_code; /* extra code */ 3357 abi_int si_errno; /* errno */ 3358 }; 3359 3360 struct target_elf_prstatus { 3361 struct target_elf_siginfo pr_info; /* Info associated with signal */ 3362 abi_short pr_cursig; /* Current signal */ 3363 abi_ulong pr_sigpend; /* XXX */ 3364 abi_ulong pr_sighold; /* XXX */ 3365 target_pid_t pr_pid; 3366 target_pid_t pr_ppid; 3367 target_pid_t pr_pgrp; 3368 target_pid_t pr_sid; 3369 struct target_timeval pr_utime; /* XXX User time */ 3370 struct target_timeval pr_stime; /* XXX System time */ 3371 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 3372 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 3373 target_elf_gregset_t pr_reg; /* GP registers */ 3374 abi_int pr_fpvalid; /* XXX */ 3375 }; 3376 3377 #define ELF_PRARGSZ (80) /* Number of chars for args */ 3378 3379 struct target_elf_prpsinfo { 3380 char pr_state; /* numeric process state */ 3381 char pr_sname; /* char for pr_state */ 3382 char pr_zomb; /* zombie */ 3383 char pr_nice; /* nice val */ 3384 abi_ulong pr_flag; /* flags */ 3385 target_uid_t pr_uid; 3386 target_gid_t pr_gid; 3387 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 3388 /* Lots missing */ 3389 char pr_fname[16] QEMU_NONSTRING; /* filename of executable */ 3390 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 3391 }; 3392 3393 /* Here is the structure in which status of each thread is captured. */ 3394 struct elf_thread_status { 3395 QTAILQ_ENTRY(elf_thread_status) ets_link; 3396 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 3397 #if 0 3398 elf_fpregset_t fpu; /* NT_PRFPREG */ 3399 struct task_struct *thread; 3400 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 3401 #endif 3402 struct memelfnote notes[1]; 3403 int num_notes; 3404 }; 3405 3406 struct elf_note_info { 3407 struct memelfnote *notes; 3408 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 3409 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 3410 3411 QTAILQ_HEAD(, elf_thread_status) thread_list; 3412 #if 0 3413 /* 3414 * Current version of ELF coredump doesn't support 3415 * dumping fp regs etc. 3416 */ 3417 elf_fpregset_t *fpu; 3418 elf_fpxregset_t *xfpu; 3419 int thread_status_size; 3420 #endif 3421 int notes_size; 3422 int numnote; 3423 }; 3424 3425 struct vm_area_struct { 3426 target_ulong vma_start; /* start vaddr of memory region */ 3427 target_ulong vma_end; /* end vaddr of memory region */ 3428 abi_ulong vma_flags; /* protection etc. flags for the region */ 3429 QTAILQ_ENTRY(vm_area_struct) vma_link; 3430 }; 3431 3432 struct mm_struct { 3433 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 3434 int mm_count; /* number of mappings */ 3435 }; 3436 3437 static struct mm_struct *vma_init(void); 3438 static void vma_delete(struct mm_struct *); 3439 static int vma_add_mapping(struct mm_struct *, target_ulong, 3440 target_ulong, abi_ulong); 3441 static int vma_get_mapping_count(const struct mm_struct *); 3442 static struct vm_area_struct *vma_first(const struct mm_struct *); 3443 static struct vm_area_struct *vma_next(struct vm_area_struct *); 3444 static abi_ulong vma_dump_size(const struct vm_area_struct *); 3445 static int vma_walker(void *priv, target_ulong start, target_ulong end, 3446 unsigned long flags); 3447 3448 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 3449 static void fill_note(struct memelfnote *, const char *, int, 3450 unsigned int, void *); 3451 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 3452 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 3453 static void fill_auxv_note(struct memelfnote *, const TaskState *); 3454 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 3455 static size_t note_size(const struct memelfnote *); 3456 static void free_note_info(struct elf_note_info *); 3457 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 3458 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 3459 3460 static int dump_write(int, const void *, size_t); 3461 static int write_note(struct memelfnote *, int); 3462 static int write_note_info(struct elf_note_info *, int); 3463 3464 #ifdef BSWAP_NEEDED 3465 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 3466 { 3467 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 3468 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 3469 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 3470 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 3471 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 3472 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 3473 prstatus->pr_pid = tswap32(prstatus->pr_pid); 3474 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 3475 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 3476 prstatus->pr_sid = tswap32(prstatus->pr_sid); 3477 /* cpu times are not filled, so we skip them */ 3478 /* regs should be in correct format already */ 3479 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 3480 } 3481 3482 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 3483 { 3484 psinfo->pr_flag = tswapal(psinfo->pr_flag); 3485 psinfo->pr_uid = tswap16(psinfo->pr_uid); 3486 psinfo->pr_gid = tswap16(psinfo->pr_gid); 3487 psinfo->pr_pid = tswap32(psinfo->pr_pid); 3488 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 3489 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 3490 psinfo->pr_sid = tswap32(psinfo->pr_sid); 3491 } 3492 3493 static void bswap_note(struct elf_note *en) 3494 { 3495 bswap32s(&en->n_namesz); 3496 bswap32s(&en->n_descsz); 3497 bswap32s(&en->n_type); 3498 } 3499 #else 3500 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 3501 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 3502 static inline void bswap_note(struct elf_note *en) { } 3503 #endif /* BSWAP_NEEDED */ 3504 3505 /* 3506 * Minimal support for linux memory regions. These are needed 3507 * when we are finding out what memory exactly belongs to 3508 * emulated process. No locks needed here, as long as 3509 * thread that received the signal is stopped. 3510 */ 3511 3512 static struct mm_struct *vma_init(void) 3513 { 3514 struct mm_struct *mm; 3515 3516 if ((mm = g_malloc(sizeof (*mm))) == NULL) 3517 return (NULL); 3518 3519 mm->mm_count = 0; 3520 QTAILQ_INIT(&mm->mm_mmap); 3521 3522 return (mm); 3523 } 3524 3525 static void vma_delete(struct mm_struct *mm) 3526 { 3527 struct vm_area_struct *vma; 3528 3529 while ((vma = vma_first(mm)) != NULL) { 3530 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 3531 g_free(vma); 3532 } 3533 g_free(mm); 3534 } 3535 3536 static int vma_add_mapping(struct mm_struct *mm, target_ulong start, 3537 target_ulong end, abi_ulong flags) 3538 { 3539 struct vm_area_struct *vma; 3540 3541 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 3542 return (-1); 3543 3544 vma->vma_start = start; 3545 vma->vma_end = end; 3546 vma->vma_flags = flags; 3547 3548 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 3549 mm->mm_count++; 3550 3551 return (0); 3552 } 3553 3554 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 3555 { 3556 return (QTAILQ_FIRST(&mm->mm_mmap)); 3557 } 3558 3559 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 3560 { 3561 return (QTAILQ_NEXT(vma, vma_link)); 3562 } 3563 3564 static int vma_get_mapping_count(const struct mm_struct *mm) 3565 { 3566 return (mm->mm_count); 3567 } 3568 3569 /* 3570 * Calculate file (dump) size of given memory region. 3571 */ 3572 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 3573 { 3574 /* if we cannot even read the first page, skip it */ 3575 if (!access_ok_untagged(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 3576 return (0); 3577 3578 /* 3579 * Usually we don't dump executable pages as they contain 3580 * non-writable code that debugger can read directly from 3581 * target library etc. However, thread stacks are marked 3582 * also executable so we read in first page of given region 3583 * and check whether it contains elf header. If there is 3584 * no elf header, we dump it. 3585 */ 3586 if (vma->vma_flags & PROT_EXEC) { 3587 char page[TARGET_PAGE_SIZE]; 3588 3589 if (copy_from_user(page, vma->vma_start, sizeof (page))) { 3590 return 0; 3591 } 3592 if ((page[EI_MAG0] == ELFMAG0) && 3593 (page[EI_MAG1] == ELFMAG1) && 3594 (page[EI_MAG2] == ELFMAG2) && 3595 (page[EI_MAG3] == ELFMAG3)) { 3596 /* 3597 * Mappings are possibly from ELF binary. Don't dump 3598 * them. 3599 */ 3600 return (0); 3601 } 3602 } 3603 3604 return (vma->vma_end - vma->vma_start); 3605 } 3606 3607 static int vma_walker(void *priv, target_ulong start, target_ulong end, 3608 unsigned long flags) 3609 { 3610 struct mm_struct *mm = (struct mm_struct *)priv; 3611 3612 vma_add_mapping(mm, start, end, flags); 3613 return (0); 3614 } 3615 3616 static void fill_note(struct memelfnote *note, const char *name, int type, 3617 unsigned int sz, void *data) 3618 { 3619 unsigned int namesz; 3620 3621 namesz = strlen(name) + 1; 3622 note->name = name; 3623 note->namesz = namesz; 3624 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 3625 note->type = type; 3626 note->datasz = sz; 3627 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 3628 3629 note->data = data; 3630 3631 /* 3632 * We calculate rounded up note size here as specified by 3633 * ELF document. 3634 */ 3635 note->notesz = sizeof (struct elf_note) + 3636 note->namesz_rounded + note->datasz_rounded; 3637 } 3638 3639 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 3640 uint32_t flags) 3641 { 3642 (void) memset(elf, 0, sizeof(*elf)); 3643 3644 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 3645 elf->e_ident[EI_CLASS] = ELF_CLASS; 3646 elf->e_ident[EI_DATA] = ELF_DATA; 3647 elf->e_ident[EI_VERSION] = EV_CURRENT; 3648 elf->e_ident[EI_OSABI] = ELF_OSABI; 3649 3650 elf->e_type = ET_CORE; 3651 elf->e_machine = machine; 3652 elf->e_version = EV_CURRENT; 3653 elf->e_phoff = sizeof(struct elfhdr); 3654 elf->e_flags = flags; 3655 elf->e_ehsize = sizeof(struct elfhdr); 3656 elf->e_phentsize = sizeof(struct elf_phdr); 3657 elf->e_phnum = segs; 3658 3659 bswap_ehdr(elf); 3660 } 3661 3662 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 3663 { 3664 phdr->p_type = PT_NOTE; 3665 phdr->p_offset = offset; 3666 phdr->p_vaddr = 0; 3667 phdr->p_paddr = 0; 3668 phdr->p_filesz = sz; 3669 phdr->p_memsz = 0; 3670 phdr->p_flags = 0; 3671 phdr->p_align = 0; 3672 3673 bswap_phdr(phdr, 1); 3674 } 3675 3676 static size_t note_size(const struct memelfnote *note) 3677 { 3678 return (note->notesz); 3679 } 3680 3681 static void fill_prstatus(struct target_elf_prstatus *prstatus, 3682 const TaskState *ts, int signr) 3683 { 3684 (void) memset(prstatus, 0, sizeof (*prstatus)); 3685 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 3686 prstatus->pr_pid = ts->ts_tid; 3687 prstatus->pr_ppid = getppid(); 3688 prstatus->pr_pgrp = getpgrp(); 3689 prstatus->pr_sid = getsid(0); 3690 3691 bswap_prstatus(prstatus); 3692 } 3693 3694 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 3695 { 3696 char *base_filename; 3697 unsigned int i, len; 3698 3699 (void) memset(psinfo, 0, sizeof (*psinfo)); 3700 3701 len = ts->info->env_strings - ts->info->arg_strings; 3702 if (len >= ELF_PRARGSZ) 3703 len = ELF_PRARGSZ - 1; 3704 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_strings, len)) { 3705 return -EFAULT; 3706 } 3707 for (i = 0; i < len; i++) 3708 if (psinfo->pr_psargs[i] == 0) 3709 psinfo->pr_psargs[i] = ' '; 3710 psinfo->pr_psargs[len] = 0; 3711 3712 psinfo->pr_pid = getpid(); 3713 psinfo->pr_ppid = getppid(); 3714 psinfo->pr_pgrp = getpgrp(); 3715 psinfo->pr_sid = getsid(0); 3716 psinfo->pr_uid = getuid(); 3717 psinfo->pr_gid = getgid(); 3718 3719 base_filename = g_path_get_basename(ts->bprm->filename); 3720 /* 3721 * Using strncpy here is fine: at max-length, 3722 * this field is not NUL-terminated. 3723 */ 3724 (void) strncpy(psinfo->pr_fname, base_filename, 3725 sizeof(psinfo->pr_fname)); 3726 3727 g_free(base_filename); 3728 bswap_psinfo(psinfo); 3729 return (0); 3730 } 3731 3732 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 3733 { 3734 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 3735 elf_addr_t orig_auxv = auxv; 3736 void *ptr; 3737 int len = ts->info->auxv_len; 3738 3739 /* 3740 * Auxiliary vector is stored in target process stack. It contains 3741 * {type, value} pairs that we need to dump into note. This is not 3742 * strictly necessary but we do it here for sake of completeness. 3743 */ 3744 3745 /* read in whole auxv vector and copy it to memelfnote */ 3746 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 3747 if (ptr != NULL) { 3748 fill_note(note, "CORE", NT_AUXV, len, ptr); 3749 unlock_user(ptr, auxv, len); 3750 } 3751 } 3752 3753 /* 3754 * Constructs name of coredump file. We have following convention 3755 * for the name: 3756 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 3757 * 3758 * Returns the filename 3759 */ 3760 static char *core_dump_filename(const TaskState *ts) 3761 { 3762 g_autoptr(GDateTime) now = g_date_time_new_now_local(); 3763 g_autofree char *nowstr = g_date_time_format(now, "%Y%m%d-%H%M%S"); 3764 g_autofree char *base_filename = g_path_get_basename(ts->bprm->filename); 3765 3766 return g_strdup_printf("qemu_%s_%s_%d.core", 3767 base_filename, nowstr, (int)getpid()); 3768 } 3769 3770 static int dump_write(int fd, const void *ptr, size_t size) 3771 { 3772 const char *bufp = (const char *)ptr; 3773 ssize_t bytes_written, bytes_left; 3774 struct rlimit dumpsize; 3775 off_t pos; 3776 3777 bytes_written = 0; 3778 getrlimit(RLIMIT_CORE, &dumpsize); 3779 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 3780 if (errno == ESPIPE) { /* not a seekable stream */ 3781 bytes_left = size; 3782 } else { 3783 return pos; 3784 } 3785 } else { 3786 if (dumpsize.rlim_cur <= pos) { 3787 return -1; 3788 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 3789 bytes_left = size; 3790 } else { 3791 size_t limit_left=dumpsize.rlim_cur - pos; 3792 bytes_left = limit_left >= size ? size : limit_left ; 3793 } 3794 } 3795 3796 /* 3797 * In normal conditions, single write(2) should do but 3798 * in case of socket etc. this mechanism is more portable. 3799 */ 3800 do { 3801 bytes_written = write(fd, bufp, bytes_left); 3802 if (bytes_written < 0) { 3803 if (errno == EINTR) 3804 continue; 3805 return (-1); 3806 } else if (bytes_written == 0) { /* eof */ 3807 return (-1); 3808 } 3809 bufp += bytes_written; 3810 bytes_left -= bytes_written; 3811 } while (bytes_left > 0); 3812 3813 return (0); 3814 } 3815 3816 static int write_note(struct memelfnote *men, int fd) 3817 { 3818 struct elf_note en; 3819 3820 en.n_namesz = men->namesz; 3821 en.n_type = men->type; 3822 en.n_descsz = men->datasz; 3823 3824 bswap_note(&en); 3825 3826 if (dump_write(fd, &en, sizeof(en)) != 0) 3827 return (-1); 3828 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 3829 return (-1); 3830 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 3831 return (-1); 3832 3833 return (0); 3834 } 3835 3836 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 3837 { 3838 CPUState *cpu = env_cpu((CPUArchState *)env); 3839 TaskState *ts = (TaskState *)cpu->opaque; 3840 struct elf_thread_status *ets; 3841 3842 ets = g_malloc0(sizeof (*ets)); 3843 ets->num_notes = 1; /* only prstatus is dumped */ 3844 fill_prstatus(&ets->prstatus, ts, 0); 3845 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 3846 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 3847 &ets->prstatus); 3848 3849 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 3850 3851 info->notes_size += note_size(&ets->notes[0]); 3852 } 3853 3854 static void init_note_info(struct elf_note_info *info) 3855 { 3856 /* Initialize the elf_note_info structure so that it is at 3857 * least safe to call free_note_info() on it. Must be 3858 * called before calling fill_note_info(). 3859 */ 3860 memset(info, 0, sizeof (*info)); 3861 QTAILQ_INIT(&info->thread_list); 3862 } 3863 3864 static int fill_note_info(struct elf_note_info *info, 3865 long signr, const CPUArchState *env) 3866 { 3867 #define NUMNOTES 3 3868 CPUState *cpu = env_cpu((CPUArchState *)env); 3869 TaskState *ts = (TaskState *)cpu->opaque; 3870 int i; 3871 3872 info->notes = g_new0(struct memelfnote, NUMNOTES); 3873 if (info->notes == NULL) 3874 return (-ENOMEM); 3875 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 3876 if (info->prstatus == NULL) 3877 return (-ENOMEM); 3878 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 3879 if (info->prstatus == NULL) 3880 return (-ENOMEM); 3881 3882 /* 3883 * First fill in status (and registers) of current thread 3884 * including process info & aux vector. 3885 */ 3886 fill_prstatus(info->prstatus, ts, signr); 3887 elf_core_copy_regs(&info->prstatus->pr_reg, env); 3888 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 3889 sizeof (*info->prstatus), info->prstatus); 3890 fill_psinfo(info->psinfo, ts); 3891 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 3892 sizeof (*info->psinfo), info->psinfo); 3893 fill_auxv_note(&info->notes[2], ts); 3894 info->numnote = 3; 3895 3896 info->notes_size = 0; 3897 for (i = 0; i < info->numnote; i++) 3898 info->notes_size += note_size(&info->notes[i]); 3899 3900 /* read and fill status of all threads */ 3901 cpu_list_lock(); 3902 CPU_FOREACH(cpu) { 3903 if (cpu == thread_cpu) { 3904 continue; 3905 } 3906 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 3907 } 3908 cpu_list_unlock(); 3909 3910 return (0); 3911 } 3912 3913 static void free_note_info(struct elf_note_info *info) 3914 { 3915 struct elf_thread_status *ets; 3916 3917 while (!QTAILQ_EMPTY(&info->thread_list)) { 3918 ets = QTAILQ_FIRST(&info->thread_list); 3919 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 3920 g_free(ets); 3921 } 3922 3923 g_free(info->prstatus); 3924 g_free(info->psinfo); 3925 g_free(info->notes); 3926 } 3927 3928 static int write_note_info(struct elf_note_info *info, int fd) 3929 { 3930 struct elf_thread_status *ets; 3931 int i, error = 0; 3932 3933 /* write prstatus, psinfo and auxv for current thread */ 3934 for (i = 0; i < info->numnote; i++) 3935 if ((error = write_note(&info->notes[i], fd)) != 0) 3936 return (error); 3937 3938 /* write prstatus for each thread */ 3939 QTAILQ_FOREACH(ets, &info->thread_list, ets_link) { 3940 if ((error = write_note(&ets->notes[0], fd)) != 0) 3941 return (error); 3942 } 3943 3944 return (0); 3945 } 3946 3947 /* 3948 * Write out ELF coredump. 3949 * 3950 * See documentation of ELF object file format in: 3951 * http://www.caldera.com/developers/devspecs/gabi41.pdf 3952 * 3953 * Coredump format in linux is following: 3954 * 3955 * 0 +----------------------+ \ 3956 * | ELF header | ET_CORE | 3957 * +----------------------+ | 3958 * | ELF program headers | |--- headers 3959 * | - NOTE section | | 3960 * | - PT_LOAD sections | | 3961 * +----------------------+ / 3962 * | NOTEs: | 3963 * | - NT_PRSTATUS | 3964 * | - NT_PRSINFO | 3965 * | - NT_AUXV | 3966 * +----------------------+ <-- aligned to target page 3967 * | Process memory dump | 3968 * : : 3969 * . . 3970 * : : 3971 * | | 3972 * +----------------------+ 3973 * 3974 * NT_PRSTATUS -> struct elf_prstatus (per thread) 3975 * NT_PRSINFO -> struct elf_prpsinfo 3976 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 3977 * 3978 * Format follows System V format as close as possible. Current 3979 * version limitations are as follows: 3980 * - no floating point registers are dumped 3981 * 3982 * Function returns 0 in case of success, negative errno otherwise. 3983 * 3984 * TODO: make this work also during runtime: it should be 3985 * possible to force coredump from running process and then 3986 * continue processing. For example qemu could set up SIGUSR2 3987 * handler (provided that target process haven't registered 3988 * handler for that) that does the dump when signal is received. 3989 */ 3990 static int elf_core_dump(int signr, const CPUArchState *env) 3991 { 3992 const CPUState *cpu = env_cpu((CPUArchState *)env); 3993 const TaskState *ts = (const TaskState *)cpu->opaque; 3994 struct vm_area_struct *vma = NULL; 3995 g_autofree char *corefile = NULL; 3996 struct elf_note_info info; 3997 struct elfhdr elf; 3998 struct elf_phdr phdr; 3999 struct rlimit dumpsize; 4000 struct mm_struct *mm = NULL; 4001 off_t offset = 0, data_offset = 0; 4002 int segs = 0; 4003 int fd = -1; 4004 4005 init_note_info(&info); 4006 4007 errno = 0; 4008 getrlimit(RLIMIT_CORE, &dumpsize); 4009 if (dumpsize.rlim_cur == 0) 4010 return 0; 4011 4012 corefile = core_dump_filename(ts); 4013 4014 if ((fd = open(corefile, O_WRONLY | O_CREAT, 4015 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 4016 return (-errno); 4017 4018 /* 4019 * Walk through target process memory mappings and 4020 * set up structure containing this information. After 4021 * this point vma_xxx functions can be used. 4022 */ 4023 if ((mm = vma_init()) == NULL) 4024 goto out; 4025 4026 walk_memory_regions(mm, vma_walker); 4027 segs = vma_get_mapping_count(mm); 4028 4029 /* 4030 * Construct valid coredump ELF header. We also 4031 * add one more segment for notes. 4032 */ 4033 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 4034 if (dump_write(fd, &elf, sizeof (elf)) != 0) 4035 goto out; 4036 4037 /* fill in the in-memory version of notes */ 4038 if (fill_note_info(&info, signr, env) < 0) 4039 goto out; 4040 4041 offset += sizeof (elf); /* elf header */ 4042 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 4043 4044 /* write out notes program header */ 4045 fill_elf_note_phdr(&phdr, info.notes_size, offset); 4046 4047 offset += info.notes_size; 4048 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 4049 goto out; 4050 4051 /* 4052 * ELF specification wants data to start at page boundary so 4053 * we align it here. 4054 */ 4055 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 4056 4057 /* 4058 * Write program headers for memory regions mapped in 4059 * the target process. 4060 */ 4061 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 4062 (void) memset(&phdr, 0, sizeof (phdr)); 4063 4064 phdr.p_type = PT_LOAD; 4065 phdr.p_offset = offset; 4066 phdr.p_vaddr = vma->vma_start; 4067 phdr.p_paddr = 0; 4068 phdr.p_filesz = vma_dump_size(vma); 4069 offset += phdr.p_filesz; 4070 phdr.p_memsz = vma->vma_end - vma->vma_start; 4071 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 4072 if (vma->vma_flags & PROT_WRITE) 4073 phdr.p_flags |= PF_W; 4074 if (vma->vma_flags & PROT_EXEC) 4075 phdr.p_flags |= PF_X; 4076 phdr.p_align = ELF_EXEC_PAGESIZE; 4077 4078 bswap_phdr(&phdr, 1); 4079 if (dump_write(fd, &phdr, sizeof(phdr)) != 0) { 4080 goto out; 4081 } 4082 } 4083 4084 /* 4085 * Next we write notes just after program headers. No 4086 * alignment needed here. 4087 */ 4088 if (write_note_info(&info, fd) < 0) 4089 goto out; 4090 4091 /* align data to page boundary */ 4092 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 4093 goto out; 4094 4095 /* 4096 * Finally we can dump process memory into corefile as well. 4097 */ 4098 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 4099 abi_ulong addr; 4100 abi_ulong end; 4101 4102 end = vma->vma_start + vma_dump_size(vma); 4103 4104 for (addr = vma->vma_start; addr < end; 4105 addr += TARGET_PAGE_SIZE) { 4106 char page[TARGET_PAGE_SIZE]; 4107 int error; 4108 4109 /* 4110 * Read in page from target process memory and 4111 * write it to coredump file. 4112 */ 4113 error = copy_from_user(page, addr, sizeof (page)); 4114 if (error != 0) { 4115 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 4116 addr); 4117 errno = -error; 4118 goto out; 4119 } 4120 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 4121 goto out; 4122 } 4123 } 4124 4125 out: 4126 free_note_info(&info); 4127 if (mm != NULL) 4128 vma_delete(mm); 4129 (void) close(fd); 4130 4131 if (errno != 0) 4132 return (-errno); 4133 return (0); 4134 } 4135 #endif /* USE_ELF_CORE_DUMP */ 4136 4137 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 4138 { 4139 init_thread(regs, infop); 4140 } 4141