Bug Summary

File:linux-user/elfload.c
Location:line 2563, column 5
Description:Value stored to 'bytes_written' is never read

Annotated Source Code

1/* This is the Linux kernel elf-loading code, ported into user space */
2#include <sys/time.h>
3#include <sys/param.h>
4
5#include <stdio.h>
6#include <sys/types.h>
7#include <fcntl.h>
8#include <errno(*__errno_location ()).h>
9#include <unistd.h>
10#include <sys/mman.h>
11#include <sys/resource.h>
12#include <stdlib.h>
13#include <string.h>
14#include <time.h>
15
16#include "qemu.h"
17#include "disas/disas.h"
18
19#ifdef _ARCH_PPC64
20#undef ARCH_DLINFO
21#undef ELF_PLATFORM(((void*)0))
22#undef ELF_HWCAP0
23#undef ELF_CLASS1
24#undef ELF_DATA1
25#undef ELF_ARCH8
26#endif
27
28#define ELF_OSABI0 ELFOSABI_SYSV0
29
30/* from personality.h */
31
32/*
33 * Flags for bug emulation.
34 *
35 * These occupy the top three bytes.
36 */
37enum {
38 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */
39 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to
40 descriptors (signal handling) */
41 MMAP_PAGE_ZERO = 0x0100000,
42 ADDR_COMPAT_LAYOUT = 0x0200000,
43 READ_IMPLIES_EXEC = 0x0400000,
44 ADDR_LIMIT_32BIT = 0x0800000,
45 SHORT_INODE = 0x1000000,
46 WHOLE_SECONDS = 0x2000000,
47 STICKY_TIMEOUTS = 0x4000000,
48 ADDR_LIMIT_3GB = 0x8000000,
49};
50
51/*
52 * Personality types.
53 *
54 * These go in the low byte. Avoid using the top bit, it will
55 * conflict with error returns.
56 */
57enum {
58 PER_LINUX = 0x0000,
59 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT,
60 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS,
61 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
62 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
63 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE,
64 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
65 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
66 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS,
67 PER_BSD = 0x0006,
68 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS,
69 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
70 PER_LINUX32 = 0x0008,
71 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB,
72 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
73 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
74 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
75 PER_RISCOS = 0x000c,
76 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS,
77 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
78 PER_OSF4 = 0x000f, /* OSF/1 v4 */
79 PER_HPUX = 0x0010,
80 PER_MASK = 0x00ff,
81};
82
83/*
84 * Return the base personality without flags.
85 */
86#define personality(pers)(pers & PER_MASK) (pers & PER_MASK)
87
88/* this flag is uneffective under linux too, should be deleted */
89#ifndef MAP_DENYWRITE0x00800
90#define MAP_DENYWRITE0x00800 0
91#endif
92
93/* should probably go in elf.h */
94#ifndef ELIBBAD80
95#define ELIBBAD80 80
96#endif
97
98#ifdef TARGET_WORDS_BIGENDIAN
99#define ELF_DATA1 ELFDATA2MSB2
100#else
101#define ELF_DATA1 ELFDATA2LSB1
102#endif
103
104#ifdef TARGET_ABI_MIPSN32
105typedef abi_ullong target_elf_greg_t;
106#define tswapreg(ptr)tswapal(ptr) tswap64(ptr)
107#else
108typedef abi_ulong target_elf_greg_t;
109#define tswapreg(ptr)tswapal(ptr) tswapal(ptr)
110#endif
111
112#ifdef USE_UID16
113typedef abi_ushort target_uid_t;
114typedef abi_ushort target_gid_t;
115#else
116typedef abi_uint target_uid_t;
117typedef abi_uint target_gid_t;
118#endif
119typedef abi_int target_pid_t;
120
121#ifdef TARGET_I386
122
123#define ELF_PLATFORM(((void*)0)) get_elf_platform()
124
125static const char *get_elf_platform(void)
126{
127 static char elf_platform[] = "i386";
128 int family = object_property_get_int(OBJECT(thread_cpu)((Object *)(thread_cpu)), "family", NULL((void*)0));
129 if (family > 6)
130 family = 6;
131 if (family >= 3)
132 elf_platform[1] = '0' + family;
133 return elf_platform;
134}
135
136#define ELF_HWCAP0 get_elf_hwcap()
137
138static uint32_t get_elf_hwcap(void)
139{
140 X86CPU *cpu = X86_CPU(thread_cpu);
141
142 return cpu->env.features[FEAT_1_EDX];
143}
144
145#ifdef TARGET_X86_64
146#define ELF_START_MMAP0x80000000 0x2aaaaab000ULL
147#define elf_check_arch(x)( (x) == 8 ) ( ((x) == ELF_ARCH8) )
148
149#define ELF_CLASS1 ELFCLASS642
150#define ELF_ARCH8 EM_X86_6462
151
152static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
153{
154 regs->rax = 0;
155 regs->rsp = infop->start_stack;
156 regs->rip = infop->entry;
157}
158
159#define ELF_NREG45 27
160typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
161
162/*
163 * Note that ELF_NREG should be 29 as there should be place for
164 * TRAPNO and ERR "registers" as well but linux doesn't dump
165 * those.
166 *
167 * See linux kernel: arch/x86/include/asm/elf.h
168 */
169static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env)
170{
171 (*regs)[0] = env->regs[15];
172 (*regs)[1] = env->regs[14];
173 (*regs)[2] = env->regs[13];
174 (*regs)[3] = env->regs[12];
175 (*regs)[4] = env->regs[R_EBP];
176 (*regs)[5] = env->regs[R_EBX];
177 (*regs)[6] = env->regs[11];
178 (*regs)[7] = env->regs[10];
179 (*regs)[8] = env->regs[9];
180 (*regs)[9] = env->regs[8];
181 (*regs)[10] = env->regs[R_EAX];
182 (*regs)[11] = env->regs[R_ECX];
183 (*regs)[12] = env->regs[R_EDX];
184 (*regs)[13] = env->regs[R_ESI];
185 (*regs)[14] = env->regs[R_EDI];
186 (*regs)[15] = env->regs[R_EAX]; /* XXX */
187 (*regs)[16] = env->eip;
188 (*regs)[17] = env->segs[R_CS].selector & 0xffff;
189 (*regs)[18] = env->eflags;
190 (*regs)[19] = env->regs[R_ESP];
191 (*regs)[20] = env->segs[R_SS].selector & 0xffff;
192 (*regs)[21] = env->segs[R_FS].selector & 0xffff;
193 (*regs)[22] = env->segs[R_GS].selector & 0xffff;
194 (*regs)[23] = env->segs[R_DS].selector & 0xffff;
195 (*regs)[24] = env->segs[R_ES].selector & 0xffff;
196 (*regs)[25] = env->segs[R_FS].selector & 0xffff;
197 (*regs)[26] = env->segs[R_GS].selector & 0xffff;
198}
199
200#else
201
202#define ELF_START_MMAP0x80000000 0x80000000
203
204/*
205 * This is used to ensure we don't load something for the wrong architecture.
206 */
207#define elf_check_arch(x)( (x) == 8 ) ( ((x) == EM_3863) || ((x) == EM_4866) )
208
209/*
210 * These are used to set parameters in the core dumps.
211 */
212#define ELF_CLASS1 ELFCLASS321
213#define ELF_ARCH8 EM_3863
214
215static inline void init_thread(struct target_pt_regs *regs,
216 struct image_info *infop)
217{
218 regs->esp = infop->start_stack;
219 regs->eip = infop->entry;
220
221 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
222 starts %edx contains a pointer to a function which might be
223 registered using `atexit'. This provides a mean for the
224 dynamic linker to call DT_FINI functions for shared libraries
225 that have been loaded before the code runs.
226
227 A value of 0 tells we have no such handler. */
228 regs->edx = 0;
229}
230
231#define ELF_NREG45 17
232typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
233
234/*
235 * Note that ELF_NREG should be 19 as there should be place for
236 * TRAPNO and ERR "registers" as well but linux doesn't dump
237 * those.
238 *
239 * See linux kernel: arch/x86/include/asm/elf.h
240 */
241static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env)
242{
243 (*regs)[0] = env->regs[R_EBX];
244 (*regs)[1] = env->regs[R_ECX];
245 (*regs)[2] = env->regs[R_EDX];
246 (*regs)[3] = env->regs[R_ESI];
247 (*regs)[4] = env->regs[R_EDI];
248 (*regs)[5] = env->regs[R_EBP];
249 (*regs)[6] = env->regs[R_EAX];
250 (*regs)[7] = env->segs[R_DS].selector & 0xffff;
251 (*regs)[8] = env->segs[R_ES].selector & 0xffff;
252 (*regs)[9] = env->segs[R_FS].selector & 0xffff;
253 (*regs)[10] = env->segs[R_GS].selector & 0xffff;
254 (*regs)[11] = env->regs[R_EAX]; /* XXX */
255 (*regs)[12] = env->eip;
256 (*regs)[13] = env->segs[R_CS].selector & 0xffff;
257 (*regs)[14] = env->eflags;
258 (*regs)[15] = env->regs[R_ESP];
259 (*regs)[16] = env->segs[R_SS].selector & 0xffff;
260}
261#endif
262
263#define USE_ELF_CORE_DUMP
264#define ELF_EXEC_PAGESIZE4096 4096
265
266#endif
267
268#ifdef TARGET_ARM
269
270#define ELF_START_MMAP0x80000000 0x80000000
271
272#define elf_check_arch(x)( (x) == 8 ) ((x) == ELF_MACHINE8)
273
274#define ELF_ARCH8 ELF_MACHINE8
275
276#ifdef TARGET_AARCH64
277#define ELF_CLASS1 ELFCLASS642
278#else
279#define ELF_CLASS1 ELFCLASS321
280#endif
281
282static inline void init_thread(struct target_pt_regs *regs,
283 struct image_info *infop)
284{
285 abi_long stack = infop->start_stack;
286 memset(regs, 0, sizeof(*regs));
287
288#ifdef TARGET_AARCH64
289 regs->pc = infop->entry & ~0x3ULL;
290 regs->sp = stack;
291#else
292 regs->ARM_cpsr = 0x10;
293 if (infop->entry & 1)
294 regs->ARM_cpsr |= CPSR_T;
295 regs->ARM_pc = infop->entry & 0xfffffffe;
296 regs->ARM_sp = infop->start_stack;
297 /* FIXME - what to for failure of get_user()? */
298 get_user_ual(regs->ARM_r2, stack + 8)({ abi_ulong __gaddr = ((stack + 8)); abi_ulong *__hptr; abi_long
__ret; if ((__hptr = lock_user(0, __gaddr, sizeof(abi_ulong)
, 1))) { __ret = ((((regs->ARM_r2))) = (typeof(*__hptr))( __builtin_choose_expr
(sizeof(*(__hptr)) == 1, ldub_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 2, lduw_le_p, __builtin_choose_expr(sizeof(*(__hptr
)) == 4, ldl_le_p, __builtin_choose_expr(sizeof(*(__hptr)) ==
8, ldq_le_p, abort)))) (__hptr)), 0); unlock_user(__hptr, __gaddr
, 0); } else { ((regs->ARM_r2)) = 0; __ret = -14; } __ret;
})
; /* envp */
299 get_user_ual(regs->ARM_r1, stack + 4)({ abi_ulong __gaddr = ((stack + 4)); abi_ulong *__hptr; abi_long
__ret; if ((__hptr = lock_user(0, __gaddr, sizeof(abi_ulong)
, 1))) { __ret = ((((regs->ARM_r1))) = (typeof(*__hptr))( __builtin_choose_expr
(sizeof(*(__hptr)) == 1, ldub_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 2, lduw_le_p, __builtin_choose_expr(sizeof(*(__hptr
)) == 4, ldl_le_p, __builtin_choose_expr(sizeof(*(__hptr)) ==
8, ldq_le_p, abort)))) (__hptr)), 0); unlock_user(__hptr, __gaddr
, 0); } else { ((regs->ARM_r1)) = 0; __ret = -14; } __ret;
})
; /* envp */
300 /* XXX: it seems that r0 is zeroed after ! */
301 regs->ARM_r0 = 0;
302 /* For uClinux PIC binaries. */
303 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
304 regs->ARM_r10 = infop->start_data;
305#endif
306}
307
308#define ELF_NREG45 18
309typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
310
311static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env)
312{
313 (*regs)[0] = tswapreg(env->regs[0])tswapal(env->regs[0]);
314 (*regs)[1] = tswapreg(env->regs[1])tswapal(env->regs[1]);
315 (*regs)[2] = tswapreg(env->regs[2])tswapal(env->regs[2]);
316 (*regs)[3] = tswapreg(env->regs[3])tswapal(env->regs[3]);
317 (*regs)[4] = tswapreg(env->regs[4])tswapal(env->regs[4]);
318 (*regs)[5] = tswapreg(env->regs[5])tswapal(env->regs[5]);
319 (*regs)[6] = tswapreg(env->regs[6])tswapal(env->regs[6]);
320 (*regs)[7] = tswapreg(env->regs[7])tswapal(env->regs[7]);
321 (*regs)[8] = tswapreg(env->regs[8])tswapal(env->regs[8]);
322 (*regs)[9] = tswapreg(env->regs[9])tswapal(env->regs[9]);
323 (*regs)[10] = tswapreg(env->regs[10])tswapal(env->regs[10]);
324 (*regs)[11] = tswapreg(env->regs[11])tswapal(env->regs[11]);
325 (*regs)[12] = tswapreg(env->regs[12])tswapal(env->regs[12]);
326 (*regs)[13] = tswapreg(env->regs[13])tswapal(env->regs[13]);
327 (*regs)[14] = tswapreg(env->regs[14])tswapal(env->regs[14]);
328 (*regs)[15] = tswapreg(env->regs[15])tswapal(env->regs[15]);
329
330 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env))tswapal(cpsr_read((CPUARMState *)env));
331 (*regs)[17] = tswapreg(env->regs[0])tswapal(env->regs[0]); /* XXX */
332}
333
334#define USE_ELF_CORE_DUMP
335#define ELF_EXEC_PAGESIZE4096 4096
336
337enum
338{
339 ARM_HWCAP_ARM_SWP = 1 << 0,
340 ARM_HWCAP_ARM_HALF = 1 << 1,
341 ARM_HWCAP_ARM_THUMB = 1 << 2,
342 ARM_HWCAP_ARM_26BIT = 1 << 3,
343 ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
344 ARM_HWCAP_ARM_FPA = 1 << 5,
345 ARM_HWCAP_ARM_VFP = 1 << 6,
346 ARM_HWCAP_ARM_EDSP = 1 << 7,
347 ARM_HWCAP_ARM_JAVA = 1 << 8,
348 ARM_HWCAP_ARM_IWMMXT = 1 << 9,
349 ARM_HWCAP_ARM_THUMBEE = 1 << 10,
350 ARM_HWCAP_ARM_NEON = 1 << 11,
351 ARM_HWCAP_ARM_VFPv3 = 1 << 12,
352 ARM_HWCAP_ARM_VFPv3D16 = 1 << 13,
353};
354
355#define TARGET_HAS_VALIDATE_GUEST_SPACE
356/* Return 1 if the proposed guest space is suitable for the guest.
357 * Return 0 if the proposed guest space isn't suitable, but another
358 * address space should be tried.
359 * Return -1 if there is no way the proposed guest space can be
360 * valid regardless of the base.
361 * The guest code may leave a page mapped and populate it if the
362 * address is suitable.
363 */
364static int validate_guest_space(unsigned long guest_base,
365 unsigned long guest_size)
366{
367 unsigned long real_start, test_page_addr;
368
369 /* We need to check that we can force a fault on access to the
370 * commpage at 0xffff0fxx
371 */
372 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask);
373
374 /* If the commpage lies within the already allocated guest space,
375 * then there is no way we can allocate it.
376 */
377 if (test_page_addr >= guest_base
378 && test_page_addr <= (guest_base + guest_size)) {
379 return -1;
380 }
381
382 /* Note it needs to be writeable to let us initialise it */
383 real_start = (unsigned long)
384 mmap((void *)test_page_addr, qemu_host_page_size,
385 PROT_READ0x1 | PROT_WRITE0x2,
386 MAP_ANONYMOUS0x20 | MAP_PRIVATE0x02 | MAP_ANONYMOUS0x20, -1, 0);
387
388 /* If we can't map it then try another address */
389 if (real_start == -1ul) {
390 return 0;
391 }
392
393 if (real_start != test_page_addr) {
394 /* OS didn't put the page where we asked - unmap and reject */
395 munmap((void *)real_start, qemu_host_page_size);
396 return 0;
397 }
398
399 /* Leave the page mapped
400 * Populate it (mmap should have left it all 0'd)
401 */
402
403 /* Kernel helper versions */
404 __put_user(5, (uint32_t *)g2h(0xffff0ffcul))(__builtin_choose_expr(sizeof(*((uint32_t *)((void *)((unsigned
long)(target_ulong)(0xffff0ffcul) + guest_base)))) == 1, stb_p
, __builtin_choose_expr(sizeof(*((uint32_t *)((void *)((unsigned
long)(target_ulong)(0xffff0ffcul) + guest_base)))) == 2, stw_le_p
, __builtin_choose_expr(sizeof(*((uint32_t *)((void *)((unsigned
long)(target_ulong)(0xffff0ffcul) + guest_base)))) == 4, stl_le_p
, __builtin_choose_expr(sizeof(*((uint32_t *)((void *)((unsigned
long)(target_ulong)(0xffff0ffcul) + guest_base)))) == 8, stq_le_p
, abort)))) (((uint32_t *)((void *)((unsigned long)(target_ulong
)(0xffff0ffcul) + guest_base))), (5)), 0)
;
405
406 /* Now it's populated make it RO */
407 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ0x1)) {
408 perror("Protecting guest commpage");
409 exit(-1);
410 }
411
412 return 1; /* All good */
413}
414
415
416#define ELF_HWCAP0 get_elf_hwcap()
417
418static uint32_t get_elf_hwcap(void)
419{
420 ARMCPU *cpu = ARM_CPU(thread_cpu);
421 uint32_t hwcaps = 0;
422
423 hwcaps |= ARM_HWCAP_ARM_SWP;
424 hwcaps |= ARM_HWCAP_ARM_HALF;
425 hwcaps |= ARM_HWCAP_ARM_THUMB;
426 hwcaps |= ARM_HWCAP_ARM_FAST_MULT;
427 hwcaps |= ARM_HWCAP_ARM_FPA;
428
429 /* probe for the extra features */
430#define GET_FEATURE(feat, hwcap) \
431 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0)
432 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP);
433 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT);
434 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE);
435 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON);
436 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3);
437 GET_FEATURE(ARM_FEATURE_VFP_FP16, ARM_HWCAP_ARM_VFPv3D16);
438#undef GET_FEATURE
439
440 return hwcaps;
441}
442
443#endif
444
445#ifdef TARGET_UNICORE32
446
447#define ELF_START_MMAP0x80000000 0x80000000
448
449#define elf_check_arch(x)( (x) == 8 ) ((x) == EM_UNICORE32110)
450
451#define ELF_CLASS1 ELFCLASS321
452#define ELF_DATA1 ELFDATA2LSB1
453#define ELF_ARCH8 EM_UNICORE32110
454
455static inline void init_thread(struct target_pt_regs *regs,
456 struct image_info *infop)
457{
458 abi_long stack = infop->start_stack;
459 memset(regs, 0, sizeof(*regs));
460 regs->UC32_REG_asr = 0x10;
461 regs->UC32_REG_pc = infop->entry & 0xfffffffe;
462 regs->UC32_REG_sp = infop->start_stack;
463 /* FIXME - what to for failure of get_user()? */
464 get_user_ual(regs->UC32_REG_02, stack + 8)({ abi_ulong __gaddr = ((stack + 8)); abi_ulong *__hptr; abi_long
__ret; if ((__hptr = lock_user(0, __gaddr, sizeof(abi_ulong)
, 1))) { __ret = ((((regs->UC32_REG_02))) = (typeof(*__hptr
))( __builtin_choose_expr(sizeof(*(__hptr)) == 1, ldub_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 2, lduw_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 4, ldl_le_p, __builtin_choose_expr(sizeof(*(__hptr
)) == 8, ldq_le_p, abort)))) (__hptr)), 0); unlock_user(__hptr
, __gaddr, 0); } else { ((regs->UC32_REG_02)) = 0; __ret =
-14; } __ret; })
; /* envp */
465 get_user_ual(regs->UC32_REG_01, stack + 4)({ abi_ulong __gaddr = ((stack + 4)); abi_ulong *__hptr; abi_long
__ret; if ((__hptr = lock_user(0, __gaddr, sizeof(abi_ulong)
, 1))) { __ret = ((((regs->UC32_REG_01))) = (typeof(*__hptr
))( __builtin_choose_expr(sizeof(*(__hptr)) == 1, ldub_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 2, lduw_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 4, ldl_le_p, __builtin_choose_expr(sizeof(*(__hptr
)) == 8, ldq_le_p, abort)))) (__hptr)), 0); unlock_user(__hptr
, __gaddr, 0); } else { ((regs->UC32_REG_01)) = 0; __ret =
-14; } __ret; })
; /* envp */
466 /* XXX: it seems that r0 is zeroed after ! */
467 regs->UC32_REG_00 = 0;
468}
469
470#define ELF_NREG45 34
471typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
472
473static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env)
474{
475 (*regs)[0] = env->regs[0];
476 (*regs)[1] = env->regs[1];
477 (*regs)[2] = env->regs[2];
478 (*regs)[3] = env->regs[3];
479 (*regs)[4] = env->regs[4];
480 (*regs)[5] = env->regs[5];
481 (*regs)[6] = env->regs[6];
482 (*regs)[7] = env->regs[7];
483 (*regs)[8] = env->regs[8];
484 (*regs)[9] = env->regs[9];
485 (*regs)[10] = env->regs[10];
486 (*regs)[11] = env->regs[11];
487 (*regs)[12] = env->regs[12];
488 (*regs)[13] = env->regs[13];
489 (*regs)[14] = env->regs[14];
490 (*regs)[15] = env->regs[15];
491 (*regs)[16] = env->regs[16];
492 (*regs)[17] = env->regs[17];
493 (*regs)[18] = env->regs[18];
494 (*regs)[19] = env->regs[19];
495 (*regs)[20] = env->regs[20];
496 (*regs)[21] = env->regs[21];
497 (*regs)[22] = env->regs[22];
498 (*regs)[23] = env->regs[23];
499 (*regs)[24] = env->regs[24];
500 (*regs)[25] = env->regs[25];
501 (*regs)[26] = env->regs[26];
502 (*regs)[27] = env->regs[27];
503 (*regs)[28] = env->regs[28];
504 (*regs)[29] = env->regs[29];
505 (*regs)[30] = env->regs[30];
506 (*regs)[31] = env->regs[31];
507
508 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env);
509 (*regs)[33] = env->regs[0]; /* XXX */
510}
511
512#define USE_ELF_CORE_DUMP
513#define ELF_EXEC_PAGESIZE4096 4096
514
515#define ELF_HWCAP0 (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64)
516
517#endif
518
519#ifdef TARGET_SPARC
520#ifdef TARGET_SPARC64
521
522#define ELF_START_MMAP0x80000000 0x80000000
523#define ELF_HWCAP0 (HWCAP_SPARC_FLUSH1 | HWCAP_SPARC_STBAR2 | HWCAP_SPARC_SWAP4 \
524 | HWCAP_SPARC_MULDIV8 | HWCAP_SPARC_V916)
525#ifndef TARGET_ABI321
526#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_SPARCV943 || (x) == EM_SPARC32PLUS18 )
527#else
528#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_SPARC32PLUS18 || (x) == EM_SPARC2 )
529#endif
530
531#define ELF_CLASS1 ELFCLASS642
532#define ELF_ARCH8 EM_SPARCV943
533
534#define STACK_BIAS 2047
535
536static inline void init_thread(struct target_pt_regs *regs,
537 struct image_info *infop)
538{
539#ifndef TARGET_ABI321
540 regs->tstate = 0;
541#endif
542 regs->pc = infop->entry;
543 regs->npc = regs->pc + 4;
544 regs->y = 0;
545#ifdef TARGET_ABI321
546 regs->u_regs[14] = infop->start_stack - 16 * 4;
547#else
548 if (personality(infop->personality)(infop->personality & PER_MASK) == PER_LINUX32)
549 regs->u_regs[14] = infop->start_stack - 16 * 4;
550 else
551 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
552#endif
553}
554
555#else
556#define ELF_START_MMAP0x80000000 0x80000000
557#define ELF_HWCAP0 (HWCAP_SPARC_FLUSH1 | HWCAP_SPARC_STBAR2 | HWCAP_SPARC_SWAP4 \
558 | HWCAP_SPARC_MULDIV8)
559#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_SPARC2 )
560
561#define ELF_CLASS1 ELFCLASS321
562#define ELF_ARCH8 EM_SPARC2
563
564static inline void init_thread(struct target_pt_regs *regs,
565 struct image_info *infop)
566{
567 regs->psr = 0;
568 regs->pc = infop->entry;
569 regs->npc = regs->pc + 4;
570 regs->y = 0;
571 regs->u_regs[14] = infop->start_stack - 16 * 4;
572}
573
574#endif
575#endif
576
577#ifdef TARGET_PPC
578
579#define ELF_START_MMAP0x80000000 0x80000000
580
581#if defined(TARGET_PPC64) && !defined(TARGET_ABI321)
582
583#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_PPC6421 )
584
585#define ELF_CLASS1 ELFCLASS642
586
587#else
588
589#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_PPC20 )
590
591#define ELF_CLASS1 ELFCLASS321
592
593#endif
594
595#define ELF_ARCH8 EM_PPC20
596
597/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
598 See arch/powerpc/include/asm/cputable.h. */
599enum {
600 QEMU_PPC_FEATURE_32 = 0x80000000,
601 QEMU_PPC_FEATURE_64 = 0x40000000,
602 QEMU_PPC_FEATURE_601_INSTR = 0x20000000,
603 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000,
604 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000,
605 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000,
606 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000,
607 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000,
608 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000,
609 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000,
610 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000,
611 QEMU_PPC_FEATURE_NO_TB = 0x00100000,
612 QEMU_PPC_FEATURE_POWER4 = 0x00080000,
613 QEMU_PPC_FEATURE_POWER5 = 0x00040000,
614 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000,
615 QEMU_PPC_FEATURE_CELL = 0x00010000,
616 QEMU_PPC_FEATURE_BOOKE = 0x00008000,
617 QEMU_PPC_FEATURE_SMT = 0x00004000,
618 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000,
619 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000,
620 QEMU_PPC_FEATURE_PA6T = 0x00000800,
621 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400,
622 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200,
623 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100,
624 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080,
625 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040,
626
627 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002,
628 QEMU_PPC_FEATURE_PPC_LE = 0x00000001,
629};
630
631#define ELF_HWCAP0 get_elf_hwcap()
632
633static uint32_t get_elf_hwcap(void)
634{
635 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu);
636 uint32_t features = 0;
637
638 /* We don't have to be terribly complete here; the high points are
639 Altivec/FP/SPE support. Anything else is just a bonus. */
640#define GET_FEATURE(flag, feature) \
641 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0)
642 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64);
643 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU);
644 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC);
645 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE);
646 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE);
647 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE);
648 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE);
649 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC);
650#undef GET_FEATURE
651
652 return features;
653}
654
655/*
656 * The requirements here are:
657 * - keep the final alignment of sp (sp & 0xf)
658 * - make sure the 32-bit value at the first 16 byte aligned position of
659 * AUXV is greater than 16 for glibc compatibility.
660 * AT_IGNOREPPC is used for that.
661 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
662 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
663 */
664#define DLINFO_ARCH_ITEMS 5
665#define ARCH_DLINFO \
666 do { \
667 NEW_AUX_ENT(AT_DCACHEBSIZE19, 0x20); \
668 NEW_AUX_ENT(AT_ICACHEBSIZE20, 0x20); \
669 NEW_AUX_ENT(AT_UCACHEBSIZE21, 0); \
670 /* \
671 * Now handle glibc compatibility. \
672 */ \
673 NEW_AUX_ENT(AT_IGNOREPPC22, AT_IGNOREPPC22); \
674 NEW_AUX_ENT(AT_IGNOREPPC22, AT_IGNOREPPC22); \
675 } while (0)
676
677static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
678{
679 _regs->gpr[1] = infop->start_stack;
680#if defined(TARGET_PPC64) && !defined(TARGET_ABI321)
681 _regs->gpr[2] = ldq_raw(infop->entry + 8)ldq_le_p(((void *)((unsigned long)(target_ulong)((infop->entry
+ 8)) + guest_base)))
+ infop->load_bias;
682 infop->entry = ldq_raw(infop->entry)ldq_le_p(((void *)((unsigned long)(target_ulong)((infop->entry
)) + guest_base)))
+ infop->load_bias;
683#endif
684 _regs->nip = infop->entry;
685}
686
687/* See linux kernel: arch/powerpc/include/asm/elf.h. */
688#define ELF_NREG45 48
689typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
690
691static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env)
692{
693 int i;
694 target_ulong ccr = 0;
695
696 for (i = 0; i < ARRAY_SIZE(env->gpr)(sizeof(env->gpr) / sizeof((env->gpr)[0])); i++) {
697 (*regs)[i] = tswapreg(env->gpr[i])tswapal(env->gpr[i]);
698 }
699
700 (*regs)[32] = tswapreg(env->nip)tswapal(env->nip);
701 (*regs)[33] = tswapreg(env->msr)tswapal(env->msr);
702 (*regs)[35] = tswapreg(env->ctr)tswapal(env->ctr);
703 (*regs)[36] = tswapreg(env->lr)tswapal(env->lr);
704 (*regs)[37] = tswapreg(env->xer)tswapal(env->xer);
705
706 for (i = 0; i < ARRAY_SIZE(env->crf)(sizeof(env->crf) / sizeof((env->crf)[0])); i++) {
707 ccr |= env->crf[i] << (32 - ((i + 1) * 4));
708 }
709 (*regs)[38] = tswapreg(ccr)tswapal(ccr);
710}
711
712#define USE_ELF_CORE_DUMP
713#define ELF_EXEC_PAGESIZE4096 4096
714
715#endif
716
717#ifdef TARGET_MIPS1
718
719#define ELF_START_MMAP0x80000000 0x80000000
720
721#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_MIPS8 )
722
723#ifdef TARGET_MIPS64
724#define ELF_CLASS1 ELFCLASS642
725#else
726#define ELF_CLASS1 ELFCLASS321
727#endif
728#define ELF_ARCH8 EM_MIPS8
729
730static inline void init_thread(struct target_pt_regs *regs,
731 struct image_info *infop)
732{
733 regs->cp0_status = 2 << CP0St_KSU3;
734 regs->cp0_epc = infop->entry;
735 regs->regs[29] = infop->start_stack;
736}
737
738/* See linux kernel: arch/mips/include/asm/elf.h. */
739#define ELF_NREG45 45
740typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
741
742/* See linux kernel: arch/mips/include/asm/reg.h. */
743enum {
744#ifdef TARGET_MIPS64
745 TARGET_EF_R0 = 0,
746#else
747 TARGET_EF_R0 = 6,
748#endif
749 TARGET_EF_R26 = TARGET_EF_R0 + 26,
750 TARGET_EF_R27 = TARGET_EF_R0 + 27,
751 TARGET_EF_LO = TARGET_EF_R0 + 32,
752 TARGET_EF_HI = TARGET_EF_R0 + 33,
753 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34,
754 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35,
755 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36,
756 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37
757};
758
759/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */
760static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env)
761{
762 int i;
763
764 for (i = 0; i < TARGET_EF_R0; i++) {
765 (*regs)[i] = 0;
766 }
767 (*regs)[TARGET_EF_R0] = 0;
768
769 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr)(sizeof(env->active_tc.gpr) / sizeof((env->active_tc.gpr
)[0]))
; i++) {
770 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i])tswapal(env->active_tc.gpr[i]);
771 }
772
773 (*regs)[TARGET_EF_R26] = 0;
774 (*regs)[TARGET_EF_R27] = 0;
775 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0])tswapal(env->active_tc.LO[0]);
776 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0])tswapal(env->active_tc.HI[0]);
777 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC)tswapal(env->active_tc.PC);
778 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr)tswapal(env->CP0_BadVAddr);
779 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status)tswapal(env->CP0_Status);
780 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause)tswapal(env->CP0_Cause);
781}
782
783#define USE_ELF_CORE_DUMP
784#define ELF_EXEC_PAGESIZE4096 4096
785
786#endif /* TARGET_MIPS */
787
788#ifdef TARGET_MICROBLAZE
789
790#define ELF_START_MMAP0x80000000 0x80000000
791
792#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_MICROBLAZE189 || (x) == EM_MICROBLAZE_OLD0xBAAB)
793
794#define ELF_CLASS1 ELFCLASS321
795#define ELF_ARCH8 EM_MICROBLAZE189
796
797static inline void init_thread(struct target_pt_regs *regs,
798 struct image_info *infop)
799{
800 regs->pc = infop->entry;
801 regs->r1 = infop->start_stack;
802
803}
804
805#define ELF_EXEC_PAGESIZE4096 4096
806
807#define USE_ELF_CORE_DUMP
808#define ELF_NREG45 38
809typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
810
811/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */
812static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env)
813{
814 int i, pos = 0;
815
816 for (i = 0; i < 32; i++) {
817 (*regs)[pos++] = tswapreg(env->regs[i])tswapal(env->regs[i]);
818 }
819
820 for (i = 0; i < 6; i++) {
821 (*regs)[pos++] = tswapreg(env->sregs[i])tswapal(env->sregs[i]);
822 }
823}
824
825#endif /* TARGET_MICROBLAZE */
826
827#ifdef TARGET_OPENRISC
828
829#define ELF_START_MMAP0x80000000 0x08000000
830
831#define elf_check_arch(x)( (x) == 8 ) ((x) == EM_OPENRISC92)
832
833#define ELF_ARCH8 EM_OPENRISC92
834#define ELF_CLASS1 ELFCLASS321
835#define ELF_DATA1 ELFDATA2MSB2
836
837static inline void init_thread(struct target_pt_regs *regs,
838 struct image_info *infop)
839{
840 regs->pc = infop->entry;
841 regs->gpr[1] = infop->start_stack;
842}
843
844#define USE_ELF_CORE_DUMP
845#define ELF_EXEC_PAGESIZE4096 8192
846
847/* See linux kernel arch/openrisc/include/asm/elf.h. */
848#define ELF_NREG45 34 /* gprs and pc, sr */
849typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
850
851static void elf_core_copy_regs(target_elf_gregset_t *regs,
852 const CPUOpenRISCState *env)
853{
854 int i;
855
856 for (i = 0; i < 32; i++) {
857 (*regs)[i] = tswapreg(env->gpr[i])tswapal(env->gpr[i]);
858 }
859
860 (*regs)[32] = tswapreg(env->pc)tswapal(env->pc);
861 (*regs)[33] = tswapreg(env->sr)tswapal(env->sr);
862}
863#define ELF_HWCAP0 0
864#define ELF_PLATFORM(((void*)0)) NULL((void*)0)
865
866#endif /* TARGET_OPENRISC */
867
868#ifdef TARGET_SH4
869
870#define ELF_START_MMAP0x80000000 0x80000000
871
872#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_SH42 )
873
874#define ELF_CLASS1 ELFCLASS321
875#define ELF_ARCH8 EM_SH42
876
877static inline void init_thread(struct target_pt_regs *regs,
878 struct image_info *infop)
879{
880 /* Check other registers XXXXX */
881 regs->pc = infop->entry;
882 regs->regs[15] = infop->start_stack;
883}
884
885/* See linux kernel: arch/sh/include/asm/elf.h. */
886#define ELF_NREG45 23
887typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
888
889/* See linux kernel: arch/sh/include/asm/ptrace.h. */
890enum {
891 TARGET_REG_PC = 16,
892 TARGET_REG_PR = 17,
893 TARGET_REG_SR = 18,
894 TARGET_REG_GBR = 19,
895 TARGET_REG_MACH = 20,
896 TARGET_REG_MACL = 21,
897 TARGET_REG_SYSCALL = 22
898};
899
900static inline void elf_core_copy_regs(target_elf_gregset_t *regs,
901 const CPUSH4State *env)
902{
903 int i;
904
905 for (i = 0; i < 16; i++) {
906 (*regs[i]) = tswapreg(env->gregs[i])tswapal(env->gregs[i]);
907 }
908
909 (*regs)[TARGET_REG_PC] = tswapreg(env->pc)tswapal(env->pc);
910 (*regs)[TARGET_REG_PR] = tswapreg(env->pr)tswapal(env->pr);
911 (*regs)[TARGET_REG_SR] = tswapreg(env->sr)tswapal(env->sr);
912 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr)tswapal(env->gbr);
913 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach)tswapal(env->mach);
914 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl)tswapal(env->macl);
915 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */
916}
917
918#define USE_ELF_CORE_DUMP
919#define ELF_EXEC_PAGESIZE4096 4096
920
921#endif
922
923#ifdef TARGET_CRIS
924
925#define ELF_START_MMAP0x80000000 0x80000000
926
927#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_CRIS76 )
928
929#define ELF_CLASS1 ELFCLASS321
930#define ELF_ARCH8 EM_CRIS76
931
932static inline void init_thread(struct target_pt_regs *regs,
933 struct image_info *infop)
934{
935 regs->erp = infop->entry;
936}
937
938#define ELF_EXEC_PAGESIZE4096 8192
939
940#endif
941
942#ifdef TARGET_M68K
943
944#define ELF_START_MMAP0x80000000 0x80000000
945
946#define elf_check_arch(x)( (x) == 8 ) ( (x) == EM_68K4 )
947
948#define ELF_CLASS1 ELFCLASS321
949#define ELF_ARCH8 EM_68K4
950
951/* ??? Does this need to do anything?
952 #define ELF_PLAT_INIT(_r) */
953
954static inline void init_thread(struct target_pt_regs *regs,
955 struct image_info *infop)
956{
957 regs->usp = infop->start_stack;
958 regs->sr = 0;
959 regs->pc = infop->entry;
960}
961
962/* See linux kernel: arch/m68k/include/asm/elf.h. */
963#define ELF_NREG45 20
964typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG45];
965
966static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env)
967{
968 (*regs)[0] = tswapreg(env->dregs[1])tswapal(env->dregs[1]);
969 (*regs)[1] = tswapreg(env->dregs[2])tswapal(env->dregs[2]);
970 (*regs)[2] = tswapreg(env->dregs[3])tswapal(env->dregs[3]);
971 (*regs)[3] = tswapreg(env->dregs[4])tswapal(env->dregs[4]);
972 (*regs)[4] = tswapreg(env->dregs[5])tswapal(env->dregs[5]);
973 (*regs)[5] = tswapreg(env->dregs[6])tswapal(env->dregs[6]);
974 (*regs)[6] = tswapreg(env->dregs[7])tswapal(env->dregs[7]);
975 (*regs)[7] = tswapreg(env->aregs[0])tswapal(env->aregs[0]);
976 (*regs)[8] = tswapreg(env->aregs[1])tswapal(env->aregs[1]);
977 (*regs)[9] = tswapreg(env->aregs[2])tswapal(env->aregs[2]);
978 (*regs)[10] = tswapreg(env->aregs[3])tswapal(env->aregs[3]);
979 (*regs)[11] = tswapreg(env->aregs[4])tswapal(env->aregs[4]);
980 (*regs)[12] = tswapreg(env->aregs[5])tswapal(env->aregs[5]);
981 (*regs)[13] = tswapreg(env->aregs[6])tswapal(env->aregs[6]);
982 (*regs)[14] = tswapreg(env->dregs[0])tswapal(env->dregs[0]);
983 (*regs)[15] = tswapreg(env->aregs[7])tswapal(env->aregs[7]);
984 (*regs)[16] = tswapreg(env->dregs[0])tswapal(env->dregs[0]); /* FIXME: orig_d0 */
985 (*regs)[17] = tswapreg(env->sr)tswapal(env->sr);
986 (*regs)[18] = tswapreg(env->pc)tswapal(env->pc);
987 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */
988}
989
990#define USE_ELF_CORE_DUMP
991#define ELF_EXEC_PAGESIZE4096 8192
992
993#endif
994
995#ifdef TARGET_ALPHA
996
997#define ELF_START_MMAP0x80000000 (0x30000000000ULL)
998
999#define elf_check_arch(x)( (x) == 8 ) ( (x) == ELF_ARCH8 )
1000
1001#define ELF_CLASS1 ELFCLASS642
1002#define ELF_ARCH8 EM_ALPHA0x9026
1003
1004static inline void init_thread(struct target_pt_regs *regs,
1005 struct image_info *infop)
1006{
1007 regs->pc = infop->entry;
1008 regs->ps = 8;
1009 regs->usp = infop->start_stack;
1010}
1011
1012#define ELF_EXEC_PAGESIZE4096 8192
1013
1014#endif /* TARGET_ALPHA */
1015
1016#ifdef TARGET_S390X
1017
1018#define ELF_START_MMAP0x80000000 (0x20000000000ULL)
1019
1020#define elf_check_arch(x)( (x) == 8 ) ( (x) == ELF_ARCH8 )
1021
1022#define ELF_CLASS1 ELFCLASS642
1023#define ELF_DATA1 ELFDATA2MSB2
1024#define ELF_ARCH8 EM_S39022
1025
1026static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
1027{
1028 regs->psw.addr = infop->entry;
1029 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32;
1030 regs->gprs[15] = infop->start_stack;
1031}
1032
1033#endif /* TARGET_S390X */
1034
1035#ifndef ELF_PLATFORM(((void*)0))
1036#define ELF_PLATFORM(((void*)0)) (NULL((void*)0))
1037#endif
1038
1039#ifndef ELF_HWCAP0
1040#define ELF_HWCAP0 0
1041#endif
1042
1043#ifdef TARGET_ABI321
1044#undef ELF_CLASS1
1045#define ELF_CLASS1 ELFCLASS321
1046#undef bswaptls
1047#define bswaptls(ptr)bswap32s(ptr) bswap32s(ptr)
1048#endif
1049
1050#include "elf.h"
1051
1052struct exec
1053{
1054 unsigned int a_info; /* Use macros N_MAGIC, etc for access */
1055 unsigned int a_text; /* length of text, in bytes */
1056 unsigned int a_data; /* length of data, in bytes */
1057 unsigned int a_bss; /* length of uninitialized data area, in bytes */
1058 unsigned int a_syms; /* length of symbol table data in file, in bytes */
1059 unsigned int a_entry; /* start address */
1060 unsigned int a_trsize; /* length of relocation info for text, in bytes */
1061 unsigned int a_drsize; /* length of relocation info for data, in bytes */
1062};
1063
1064
1065#define N_MAGIC(exec)((exec).a_info & 0xffff) ((exec).a_info & 0xffff)
1066#define OMAGIC0407 0407
1067#define NMAGIC0410 0410
1068#define ZMAGIC0413 0413
1069#define QMAGIC0314 0314
1070
1071/* Necessary parameters */
1072#define TARGET_ELF_EXEC_PAGESIZE(1 << 12) TARGET_PAGE_SIZE(1 << 12)
1073#define TARGET_ELF_PAGESTART(_v)((_v) & ~(unsigned long)((1 << 12)-1)) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE(1 << 12)-1))
1074#define TARGET_ELF_PAGEOFFSET(_v)((_v) & ((1 << 12)-1)) ((_v) & (TARGET_ELF_EXEC_PAGESIZE(1 << 12)-1))
1075
1076#define DLINFO_ITEMS13 13
1077
1078static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
1079{
1080 memcpy(to, from, n);
1081}
1082
1083#ifdef BSWAP_NEEDED
1084static void bswap_ehdr(struct elfhdrelf32_hdr *ehdr)
1085{
1086 bswap16s(&ehdr->e_type); /* Object file type */
1087 bswap16s(&ehdr->e_machine); /* Architecture */
1088 bswap32s(&ehdr->e_version); /* Object file version */
1089 bswaptls(&ehdr->e_entry)bswap32s(&ehdr->e_entry); /* Entry point virtual address */
1090 bswaptls(&ehdr->e_phoff)bswap32s(&ehdr->e_phoff); /* Program header table file offset */
1091 bswaptls(&ehdr->e_shoff)bswap32s(&ehdr->e_shoff); /* Section header table file offset */
1092 bswap32s(&ehdr->e_flags); /* Processor-specific flags */
1093 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */
1094 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */
1095 bswap16s(&ehdr->e_phnum); /* Program header table entry count */
1096 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */
1097 bswap16s(&ehdr->e_shnum); /* Section header table entry count */
1098 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */
1099}
1100
1101static void bswap_phdr(struct elf_phdrelf32_phdr *phdr, int phnum)
1102{
1103 int i;
1104 for (i = 0; i < phnum; ++i, ++phdr) {
1105 bswap32s(&phdr->p_type); /* Segment type */
1106 bswap32s(&phdr->p_flags); /* Segment flags */
1107 bswaptls(&phdr->p_offset)bswap32s(&phdr->p_offset); /* Segment file offset */
1108 bswaptls(&phdr->p_vaddr)bswap32s(&phdr->p_vaddr); /* Segment virtual address */
1109 bswaptls(&phdr->p_paddr)bswap32s(&phdr->p_paddr); /* Segment physical address */
1110 bswaptls(&phdr->p_filesz)bswap32s(&phdr->p_filesz); /* Segment size in file */
1111 bswaptls(&phdr->p_memsz)bswap32s(&phdr->p_memsz); /* Segment size in memory */
1112 bswaptls(&phdr->p_align)bswap32s(&phdr->p_align); /* Segment alignment */
1113 }
1114}
1115
1116static void bswap_shdr(struct elf_shdrelf32_shdr *shdr, int shnum)
1117{
1118 int i;
1119 for (i = 0; i < shnum; ++i, ++shdr) {
1120 bswap32s(&shdr->sh_name);
1121 bswap32s(&shdr->sh_type);
1122 bswaptls(&shdr->sh_flags)bswap32s(&shdr->sh_flags);
1123 bswaptls(&shdr->sh_addr)bswap32s(&shdr->sh_addr);
1124 bswaptls(&shdr->sh_offset)bswap32s(&shdr->sh_offset);
1125 bswaptls(&shdr->sh_size)bswap32s(&shdr->sh_size);
1126 bswap32s(&shdr->sh_link);
1127 bswap32s(&shdr->sh_info);
1128 bswaptls(&shdr->sh_addralign)bswap32s(&shdr->sh_addralign);
1129 bswaptls(&shdr->sh_entsize)bswap32s(&shdr->sh_entsize);
1130 }
1131}
1132
1133static void bswap_sym(struct elf_symelf32_sym *sym)
1134{
1135 bswap32s(&sym->st_name);
1136 bswaptls(&sym->st_value)bswap32s(&sym->st_value);
1137 bswaptls(&sym->st_size)bswap32s(&sym->st_size);
1138 bswap16s(&sym->st_shndx);
1139}
1140#else
1141static inline void bswap_ehdr(struct elfhdrelf32_hdr *ehdr) { }
1142static inline void bswap_phdr(struct elf_phdrelf32_phdr *phdr, int phnum) { }
1143static inline void bswap_shdr(struct elf_shdrelf32_shdr *shdr, int shnum) { }
1144static inline void bswap_sym(struct elf_symelf32_sym *sym) { }
1145#endif
1146
1147#ifdef USE_ELF_CORE_DUMP
1148static int elf_core_dump(int, const CPUArchStatestruct CPUMIPSState *);
1149#endif /* USE_ELF_CORE_DUMP */
1150static void load_symbols(struct elfhdrelf32_hdr *hdr, int fd, abi_ulong load_bias);
1151
1152/* Verify the portions of EHDR within E_IDENT for the target.
1153 This can be performed before bswapping the entire header. */
1154static bool_Bool elf_check_ident(struct elfhdrelf32_hdr *ehdr)
1155{
1156 return (ehdr->e_ident[EI_MAG00] == ELFMAG00x7f
1157 && ehdr->e_ident[EI_MAG11] == ELFMAG1'E'
1158 && ehdr->e_ident[EI_MAG22] == ELFMAG2'L'
1159 && ehdr->e_ident[EI_MAG33] == ELFMAG3'F'
1160 && ehdr->e_ident[EI_CLASS4] == ELF_CLASS1
1161 && ehdr->e_ident[EI_DATA5] == ELF_DATA1
1162 && ehdr->e_ident[EI_VERSION6] == EV_CURRENT1);
1163}
1164
1165/* Verify the portions of EHDR outside of E_IDENT for the target.
1166 This has to wait until after bswapping the header. */
1167static bool_Bool elf_check_ehdr(struct elfhdrelf32_hdr *ehdr)
1168{
1169 return (elf_check_arch(ehdr->e_machine)( (ehdr->e_machine) == 8 )
1170 && ehdr->e_ehsize == sizeof(struct elfhdrelf32_hdr)
1171 && ehdr->e_phentsize == sizeof(struct elf_phdrelf32_phdr)
1172 && ehdr->e_shentsize == sizeof(struct elf_shdrelf32_shdr)
1173 && (ehdr->e_type == ET_EXEC2 || ehdr->e_type == ET_DYN3));
1174}
1175
1176/*
1177 * 'copy_elf_strings()' copies argument/envelope strings from user
1178 * memory to free pages in kernel mem. These are in a format ready
1179 * to be put directly into the top of new user memory.
1180 *
1181 */
1182static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
1183 abi_ulong p)
1184{
1185 char *tmp, *tmp1, *pag = NULL((void*)0);
1186 int len, offset = 0;
1187
1188 if (!p) {
1189 return 0; /* bullet-proofing */
1190 }
1191 while (argc-- > 0) {
1192 tmp = argv[argc];
1193 if (!tmp) {
1194 fprintf(stderrstderr, "VFS: argc is wrong");
1195 exit(-1);
1196 }
1197 tmp1 = tmp;
1198 while (*tmp++);
1199 len = tmp - tmp1;
1200 if (p < len) { /* this shouldn't happen - 128kB */
1201 return 0;
1202 }
1203 while (len) {
1204 --p; --tmp; --len;
1205 if (--offset < 0) {
1206 offset = p % TARGET_PAGE_SIZE(1 << 12);
1207 pag = (char *)page[p/TARGET_PAGE_SIZE(1 << 12)];
1208 if (!pag) {
1209 pag = g_try_malloc0(TARGET_PAGE_SIZE(1 << 12));
1210 page[p/TARGET_PAGE_SIZE(1 << 12)] = pag;
1211 if (!pag)
1212 return 0;
1213 }
1214 }
1215 if (len == 0 || offset == 0) {
1216 *(pag + offset) = *tmp;
1217 }
1218 else {
1219 int bytes_to_copy = (len > offset) ? offset : len;
1220 tmp -= bytes_to_copy;
1221 p -= bytes_to_copy;
1222 offset -= bytes_to_copy;
1223 len -= bytes_to_copy;
1224 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
1225 }
1226 }
1227 }
1228 return p;
1229}
1230
1231static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
1232 struct image_info *info)
1233{
1234 abi_ulong stack_base, size, error, guard;
1235 int i;
1236
1237 /* Create enough stack to hold everything. If we don't use
1238 it for args, we'll use it for something else. */
1239 size = guest_stack_size;
1240 if (size < MAX_ARG_PAGES33*TARGET_PAGE_SIZE(1 << 12)) {
1241 size = MAX_ARG_PAGES33*TARGET_PAGE_SIZE(1 << 12);
1242 }
1243 guard = TARGET_PAGE_SIZE(1 << 12);
1244 if (guard < qemu_real_host_page_size) {
1245 guard = qemu_real_host_page_size;
1246 }
1247
1248 error = target_mmap(0, size + guard, PROT_READ0x1 | PROT_WRITE0x2,
1249 MAP_PRIVATE0x02 | MAP_ANONYMOUS0x20, -1, 0);
1250 if (error == -1) {
1251 perror("mmap stack");
1252 exit(-1);
1253 }
1254
1255 /* We reserve one extra page at the top of the stack as guard. */
1256 target_mprotect(error, guard, PROT_NONE0x0);
1257
1258 info->stack_limit = error + guard;
1259 stack_base = info->stack_limit + size - MAX_ARG_PAGES33*TARGET_PAGE_SIZE(1 << 12);
1260 p += stack_base;
1261
1262 for (i = 0 ; i < MAX_ARG_PAGES33 ; i++) {
1263 if (bprm->page[i]) {
1264 info->rss++;
1265 /* FIXME - check return value of memcpy_to_target() for failure */
1266 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE(1 << 12));
1267 g_free(bprm->page[i]);
1268 }
1269 stack_base += TARGET_PAGE_SIZE(1 << 12);
1270 }
1271 return p;
1272}
1273
1274/* Map and zero the bss. We need to explicitly zero any fractional pages
1275 after the data section (i.e. bss). */
1276static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot)
1277{
1278 uintptr_t host_start, host_map_start, host_end;
1279
1280 last_bss = TARGET_PAGE_ALIGN(last_bss)(((last_bss) + (1 << 12) - 1) & ~((1 << 12) -
1))
;
1281
1282 /* ??? There is confusion between qemu_real_host_page_size and
1283 qemu_host_page_size here and elsewhere in target_mmap, which
1284 may lead to the end of the data section mapping from the file
1285 not being mapped. At least there was an explicit test and
1286 comment for that here, suggesting that "the file size must
1287 be known". The comment probably pre-dates the introduction
1288 of the fstat system call in target_mmap which does in fact
1289 find out the size. What isn't clear is if the workaround
1290 here is still actually needed. For now, continue with it,
1291 but merge it with the "normal" mmap that would allocate the bss. */
1292
1293 host_start = (uintptr_t) g2h(elf_bss)((void *)((unsigned long)(target_ulong)(elf_bss) + guest_base
))
;
1294 host_end = (uintptr_t) g2h(last_bss)((void *)((unsigned long)(target_ulong)(last_bss) + guest_base
))
;
1295 host_map_start = (host_start + qemu_real_host_page_size - 1);
1296 host_map_start &= -qemu_real_host_page_size;
1297
1298 if (host_map_start < host_end) {
1299 void *p = mmap((void *)host_map_start, host_end - host_map_start,
1300 prot, MAP_FIXED0x10 | MAP_PRIVATE0x02 | MAP_ANONYMOUS0x20, -1, 0);
1301 if (p == MAP_FAILED((void *) -1)) {
1302 perror("cannot mmap brk");
1303 exit(-1);
1304 }
1305
1306 /* Since we didn't use target_mmap, make sure to record
1307 the validity of the pages with qemu. */
1308 page_set_flags(elf_bss & TARGET_PAGE_MASK~((1 << 12) - 1), last_bss, prot|PAGE_VALID0x0008);
1309 }
1310
1311 if (host_start < host_map_start) {
1312 memset((void *)host_start, 0, host_map_start - host_start);
1313 }
1314}
1315
1316#ifdef CONFIG_USE_FDPIC
1317static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp)
1318{
1319 uint16_t n;
1320 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs;
1321
1322 /* elf32_fdpic_loadseg */
1323 n = info->nsegs;
1324 while (n--) {
1325 sp -= 12;
1326 put_user_u32(loadsegs[n].addr, sp+0)({ abi_ulong __gaddr = ((sp+0)); uint32_t *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(uint32_t), 0))) {
__ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((loadsegs[
n].addr)))), 0); unlock_user(__hptr, __gaddr, sizeof(uint32_t
)); } else __ret = -14; __ret; })
;
1327 put_user_u32(loadsegs[n].p_vaddr, sp+4)({ abi_ulong __gaddr = ((sp+4)); uint32_t *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(uint32_t), 0))) {
__ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((loadsegs[
n].p_vaddr)))), 0); unlock_user(__hptr, __gaddr, sizeof(uint32_t
)); } else __ret = -14; __ret; })
;
1328 put_user_u32(loadsegs[n].p_memsz, sp+8)({ abi_ulong __gaddr = ((sp+8)); uint32_t *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(uint32_t), 0))) {
__ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((loadsegs[
n].p_memsz)))), 0); unlock_user(__hptr, __gaddr, sizeof(uint32_t
)); } else __ret = -14; __ret; })
;
1329 }
1330
1331 /* elf32_fdpic_loadmap */
1332 sp -= 4;
1333 put_user_u16(0, sp+0)({ abi_ulong __gaddr = ((sp+0)); uint16_t *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(uint16_t), 0))) {
__ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((0)))), 0)
; unlock_user(__hptr, __gaddr, sizeof(uint16_t)); } else __ret
= -14; __ret; })
; /* version */
1334 put_user_u16(info->nsegs, sp+2)({ abi_ulong __gaddr = ((sp+2)); uint16_t *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(uint16_t), 0))) {
__ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((info->
nsegs)))), 0); unlock_user(__hptr, __gaddr, sizeof(uint16_t))
; } else __ret = -14; __ret; })
; /* nsegs */
1335
1336 info->personality = PER_LINUX_FDPIC;
1337 info->loadmap_addr = sp;
1338
1339 return sp;
1340}
1341#endif
1342
1343static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
1344 struct elfhdrelf32_hdr *exec,
1345 struct image_info *info,
1346 struct image_info *interp_info)
1347{
1348 abi_ulong sp;
1349 abi_ulong sp_auxv;
1350 int size;
1351 int i;
1352 abi_ulong u_rand_bytes;
1353 uint8_t k_rand_bytes[16];
1354 abi_ulong u_platform;
1355 const char *k_platform;
1356 const int n = sizeof(elf_addr_tElf32_Off);
1357
1358 sp = p;
1359
1360#ifdef CONFIG_USE_FDPIC
1361 /* Needs to be before we load the env/argc/... */
1362 if (elf_is_fdpic(exec)) {
1363 /* Need 4 byte alignment for these structs */
1364 sp &= ~3;
1365 sp = loader_build_fdpic_loadmap(info, sp);
1366 info->other_info = interp_info;
1367 if (interp_info) {
1368 interp_info->other_info = info;
1369 sp = loader_build_fdpic_loadmap(interp_info, sp);
1370 }
1371 }
1372#endif
1373
1374 u_platform = 0;
1375 k_platform = ELF_PLATFORM(((void*)0));
1376 if (k_platform) {
1377 size_t len = strlen(k_platform) + 1;
1378 sp -= (len + n - 1) & ~(n - 1);
1379 u_platform = sp;
1380 /* FIXME - check return value of memcpy_to_target() for failure */
1381 memcpy_to_target(sp, k_platform, len);
1382 }
1383
1384 /*
1385 * Generate 16 random bytes for userspace PRNG seeding (not
1386 * cryptically secure but it's not the aim of QEMU).
1387 */
1388 srand((unsigned int) time(NULL((void*)0)));
1389 for (i = 0; i < 16; i++) {
1390 k_rand_bytes[i] = rand();
1391 }
1392 sp -= 16;
1393 u_rand_bytes = sp;
1394 /* FIXME - check return value of memcpy_to_target() for failure */
1395 memcpy_to_target(sp, k_rand_bytes, 16);
1396
1397 /*
1398 * Force 16 byte _final_ alignment here for generality.
1399 */
1400 sp = sp &~ (abi_ulong)15;
1401 size = (DLINFO_ITEMS13 + 1) * 2;
1402 if (k_platform)
1403 size += 2;
1404#ifdef DLINFO_ARCH_ITEMS
1405 size += DLINFO_ARCH_ITEMS * 2;
1406#endif
1407 size += envc + argc + 2;
1408 size += 1; /* argc itself */
1409 size *= n;
1410 if (size & 15)
1411 sp -= 16 - (size & 15);
1412
1413 /* This is correct because Linux defines
1414 * elf_addr_t as Elf32_Off / Elf64_Off
1415 */
1416#define NEW_AUX_ENT(id, val) do { \
1417 sp -= n; put_user_ual(val, sp)({ abi_ulong __gaddr = ((sp)); abi_ulong *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(abi_ulong), 0)))
{ __ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((val)))), 0
); unlock_user(__hptr, __gaddr, sizeof(abi_ulong)); } else __ret
= -14; __ret; })
; \
1418 sp -= n; put_user_ual(id, sp)({ abi_ulong __gaddr = ((sp)); abi_ulong *__hptr; abi_long __ret
; if ((__hptr = lock_user(1, __gaddr, sizeof(abi_ulong), 0)))
{ __ret = (__builtin_choose_expr(sizeof(*(__hptr)) == 1, stb_p
, __builtin_choose_expr(sizeof(*(__hptr)) == 2, stw_le_p, __builtin_choose_expr
(sizeof(*(__hptr)) == 4, stl_le_p, __builtin_choose_expr(sizeof
(*(__hptr)) == 8, stq_le_p, abort)))) ((__hptr), (((id)))), 0
); unlock_user(__hptr, __gaddr, sizeof(abi_ulong)); } else __ret
= -14; __ret; })
; \
1419 } while(0)
1420
1421 sp_auxv = sp;
1422 NEW_AUX_ENT (AT_NULL0, 0);
1423
1424 /* There must be exactly DLINFO_ITEMS entries here. */
1425 NEW_AUX_ENT(AT_PHDR3, (abi_ulong)(info->load_addr + exec->e_phoff));
1426 NEW_AUX_ENT(AT_PHENT4, (abi_ulong)(sizeof (struct elf_phdrelf32_phdr)));
1427 NEW_AUX_ENT(AT_PHNUM5, (abi_ulong)(exec->e_phnum));
1428 NEW_AUX_ENT(AT_PAGESZ6, (abi_ulong)(TARGET_PAGE_SIZE(1 << 12)));
1429 NEW_AUX_ENT(AT_BASE7, (abi_ulong)(interp_info ? interp_info->load_addr : 0));
1430 NEW_AUX_ENT(AT_FLAGS8, (abi_ulong)0);
1431 NEW_AUX_ENT(AT_ENTRY9, info->entry);
1432 NEW_AUX_ENT(AT_UID11, (abi_ulong) getuid());
1433 NEW_AUX_ENT(AT_EUID12, (abi_ulong) geteuid());
1434 NEW_AUX_ENT(AT_GID13, (abi_ulong) getgid());
1435 NEW_AUX_ENT(AT_EGID14, (abi_ulong) getegid());
1436 NEW_AUX_ENT(AT_HWCAP16, (abi_ulong) ELF_HWCAP0);
1437 NEW_AUX_ENT(AT_CLKTCK17, (abi_ulong) sysconf(_SC_CLK_TCK_SC_CLK_TCK));
1438 NEW_AUX_ENT(AT_RANDOM25, (abi_ulong) u_rand_bytes);
1439
1440 if (k_platform)
1441 NEW_AUX_ENT(AT_PLATFORM15, u_platform);
1442#ifdef ARCH_DLINFO
1443 /*
1444 * ARCH_DLINFO must come last so platform specific code can enforce
1445 * special alignment requirements on the AUXV if necessary (eg. PPC).
1446 */
1447 ARCH_DLINFO;
1448#endif
1449#undef NEW_AUX_ENT
1450
1451 info->saved_auxv = sp;
1452 info->auxv_len = sp_auxv - sp;
1453
1454 sp = loader_build_argptr(envc, argc, sp, p, 0);
1455 return sp;
1456}
1457
1458#ifndef TARGET_HAS_VALIDATE_GUEST_SPACE
1459/* If the guest doesn't have a validation function just agree */
1460static int validate_guest_space(unsigned long guest_base,
1461 unsigned long guest_size)
1462{
1463 return 1;
1464}
1465#endif
1466
1467unsigned long init_guest_space(unsigned long host_start,
1468 unsigned long host_size,
1469 unsigned long guest_start,
1470 bool_Bool fixed)
1471{
1472 unsigned long current_start, real_start;
1473 int flags;
1474
1475 assert(host_start || host_size)((host_start || host_size) ? (void) (0) : __assert_fail ("host_start || host_size"
, "/home/stefan/src/qemu/qemu.org/qemu/linux-user/elfload.c",
1475, __PRETTY_FUNCTION__))
;
1476
1477 /* If just a starting address is given, then just verify that
1478 * address. */
1479 if (host_start && !host_size) {
1480 if (validate_guest_space(host_start, host_size) == 1) {
1481 return host_start;
1482 } else {
1483 return (unsigned long)-1;
1484 }
1485 }
1486
1487 /* Setup the initial flags and start address. */
1488 current_start = host_start & qemu_host_page_mask;
1489 flags = MAP_ANONYMOUS0x20 | MAP_PRIVATE0x02 | MAP_NORESERVE0x04000;
1490 if (fixed) {
1491 flags |= MAP_FIXED0x10;
1492 }
1493
1494 /* Otherwise, a non-zero size region of memory needs to be mapped
1495 * and validated. */
1496 while (1) {
1497 unsigned long real_size = host_size;
1498
1499 /* Do not use mmap_find_vma here because that is limited to the
1500 * guest address space. We are going to make the
1501 * guest address space fit whatever we're given.
1502 */
1503 real_start = (unsigned long)
1504 mmap((void *)current_start, host_size, PROT_NONE0x0, flags, -1, 0);
1505 if (real_start == (unsigned long)-1) {
1506 return (unsigned long)-1;
1507 }
1508
1509 /* Ensure the address is properly aligned. */
1510 if (real_start & ~qemu_host_page_mask) {
1511 munmap((void *)real_start, host_size);
1512 real_size = host_size + qemu_host_page_size;
1513 real_start = (unsigned long)
1514 mmap((void *)real_start, real_size, PROT_NONE0x0, flags, -1, 0);
1515 if (real_start == (unsigned long)-1) {
1516 return (unsigned long)-1;
1517 }
1518 real_start = HOST_PAGE_ALIGN(real_start)(((real_start) + qemu_host_page_size - 1) & qemu_host_page_mask
)
;
1519 }
1520
1521 /* Check to see if the address is valid. */
1522 if (!host_start || real_start == current_start) {
1523 int valid = validate_guest_space(real_start - guest_start,
1524 real_size);
1525 if (valid == 1) {
1526 break;
1527 } else if (valid == -1) {
1528 return (unsigned long)-1;
1529 }
1530 /* valid == 0, so try again. */
1531 }
1532
1533 /* That address didn't work. Unmap and try a different one.
1534 * The address the host picked because is typically right at
1535 * the top of the host address space and leaves the guest with
1536 * no usable address space. Resort to a linear search. We
1537 * already compensated for mmap_min_addr, so this should not
1538 * happen often. Probably means we got unlucky and host
1539 * address space randomization put a shared library somewhere
1540 * inconvenient.
1541 */
1542 munmap((void *)real_start, host_size);
1543 current_start += qemu_host_page_size;
1544 if (host_start == current_start) {
1545 /* Theoretically possible if host doesn't have any suitably
1546 * aligned areas. Normally the first mmap will fail.
1547 */
1548 return (unsigned long)-1;
1549 }
1550 }
1551
1552 qemu_log("Reserved 0x%lx bytes of guest address space\n", host_size);
1553
1554 return real_start;
1555}
1556
1557static void probe_guest_base(const char *image_name,
1558 abi_ulong loaddr, abi_ulong hiaddr)
1559{
1560 /* Probe for a suitable guest base address, if the user has not set
1561 * it explicitly, and set guest_base appropriately.
1562 * In case of error we will print a suitable message and exit.
1563 */
1564#if defined(CONFIG_USE_GUEST_BASE1)
1565 const char *errmsg;
1566 if (!have_guest_base && !reserved_va) {
1567 unsigned long host_start, real_start, host_size;
1568
1569 /* Round addresses to page boundaries. */
1570 loaddr &= qemu_host_page_mask;
1571 hiaddr = HOST_PAGE_ALIGN(hiaddr)(((hiaddr) + qemu_host_page_size - 1) & qemu_host_page_mask
)
;
1572
1573 if (loaddr < mmap_min_addr) {
1574 host_start = HOST_PAGE_ALIGN(mmap_min_addr)(((mmap_min_addr) + qemu_host_page_size - 1) & qemu_host_page_mask
)
;
1575 } else {
1576 host_start = loaddr;
1577 if (host_start != loaddr) {
1578 errmsg = "Address overflow loading ELF binary";
1579 goto exit_errmsg;
1580 }
1581 }
1582 host_size = hiaddr - loaddr;
1583
1584 /* Setup the initial guest memory space with ranges gleaned from
1585 * the ELF image that is being loaded.
1586 */
1587 real_start = init_guest_space(host_start, host_size, loaddr, false0);
1588 if (real_start == (unsigned long)-1) {
1589 errmsg = "Unable to find space for application";
1590 goto exit_errmsg;
1591 }
1592 guest_base = real_start - loaddr;
1593
1594 qemu_log("Relocating guest address space from 0x"
1595 TARGET_ABI_FMT_lx"%08x" " to 0x%lx\n",
1596 loaddr, real_start);
1597 }
1598 return;
1599
1600exit_errmsg:
1601 fprintf(stderrstderr, "%s: %s\n", image_name, errmsg);
1602 exit(-1);
1603#endif
1604}
1605
1606
1607/* Load an ELF image into the address space.
1608
1609 IMAGE_NAME is the filename of the image, to use in error messages.
1610 IMAGE_FD is the open file descriptor for the image.
1611
1612 BPRM_BUF is a copy of the beginning of the file; this of course
1613 contains the elf file header at offset 0. It is assumed that this
1614 buffer is sufficiently aligned to present no problems to the host
1615 in accessing data at aligned offsets within the buffer.
1616
1617 On return: INFO values will be filled in, as necessary or available. */
1618
1619static void load_elf_image(const char *image_name, int image_fd,
1620 struct image_info *info, char **pinterp_name,
1621 char bprm_buf[BPRM_BUF_SIZE1024])
1622{
1623 struct elfhdrelf32_hdr *ehdr = (struct elfhdrelf32_hdr *)bprm_buf;
1624 struct elf_phdrelf32_phdr *phdr;
1625 abi_ulong load_addr, load_bias, loaddr, hiaddr, error;
1626 int i, retval;
1627 const char *errmsg;
1628
1629 /* First of all, some simple consistency checks */
1630 errmsg = "Invalid ELF image for this architecture";
1631 if (!elf_check_ident(ehdr)) {
1632 goto exit_errmsg;
1633 }
1634 bswap_ehdr(ehdr);
1635 if (!elf_check_ehdr(ehdr)) {
1636 goto exit_errmsg;
1637 }
1638
1639 i = ehdr->e_phnum * sizeof(struct elf_phdrelf32_phdr);
1640 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE1024) {
1641 phdr = (struct elf_phdrelf32_phdr *)(bprm_buf + ehdr->e_phoff);
1642 } else {
1643 phdr = (struct elf_phdrelf32_phdr *) alloca(i)__builtin_alloca (i);
1644 retval = pread(image_fd, phdr, i, ehdr->e_phoff);
1645 if (retval != i) {
1646 goto exit_read;
1647 }
1648 }
1649 bswap_phdr(phdr, ehdr->e_phnum);
1650
1651#ifdef CONFIG_USE_FDPIC
1652 info->nsegs = 0;
1653 info->pt_dynamic_addr = 0;
1654#endif
1655
1656 /* Find the maximum size of the image and allocate an appropriate
1657 amount of memory to handle that. */
1658 loaddr = -1, hiaddr = 0;
1659 for (i = 0; i < ehdr->e_phnum; ++i) {
1660 if (phdr[i].p_type == PT_LOAD1) {
1661 abi_ulong a = phdr[i].p_vaddr;
1662 if (a < loaddr) {
1663 loaddr = a;
1664 }
1665 a += phdr[i].p_memsz;
1666 if (a > hiaddr) {
1667 hiaddr = a;
1668 }
1669#ifdef CONFIG_USE_FDPIC
1670 ++info->nsegs;
1671#endif
1672 }
1673 }
1674
1675 load_addr = loaddr;
1676 if (ehdr->e_type == ET_DYN3) {
1677 /* The image indicates that it can be loaded anywhere. Find a
1678 location that can hold the memory space required. If the
1679 image is pre-linked, LOADDR will be non-zero. Since we do
1680 not supply MAP_FIXED here we'll use that address if and
1681 only if it remains available. */
1682 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE0x0,
1683 MAP_PRIVATE0x02 | MAP_ANON0x20 | MAP_NORESERVE0x04000,
1684 -1, 0);
1685 if (load_addr == -1) {
1686 goto exit_perror;
1687 }
1688 } else if (pinterp_name != NULL((void*)0)) {
1689 /* This is the main executable. Make sure that the low
1690 address does not conflict with MMAP_MIN_ADDR or the
1691 QEMU application itself. */
1692 probe_guest_base(image_name, loaddr, hiaddr);
1693 }
1694 load_bias = load_addr - loaddr;
1695
1696#ifdef CONFIG_USE_FDPIC
1697 {
1698 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs =
1699 g_malloc(sizeof(*loadsegs) * info->nsegs);
1700
1701 for (i = 0; i < ehdr->e_phnum; ++i) {
1702 switch (phdr[i].p_type) {
1703 case PT_DYNAMIC2:
1704 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias;
1705 break;
1706 case PT_LOAD1:
1707 loadsegs->addr = phdr[i].p_vaddr + load_bias;
1708 loadsegs->p_vaddr = phdr[i].p_vaddr;
1709 loadsegs->p_memsz = phdr[i].p_memsz;
1710 ++loadsegs;
1711 break;
1712 }
1713 }
1714 }
1715#endif
1716
1717 info->load_bias = load_bias;
1718 info->load_addr = load_addr;
1719 info->entry = ehdr->e_entry + load_bias;
1720 info->start_code = -1;
1721 info->end_code = 0;
1722 info->start_data = -1;
1723 info->end_data = 0;
1724 info->brk = 0;
1725 info->elf_flags = ehdr->e_flags;
1726
1727 for (i = 0; i < ehdr->e_phnum; i++) {
1728 struct elf_phdrelf32_phdr *eppnt = phdr + i;
1729 if (eppnt->p_type == PT_LOAD1) {
1730 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em;
1731 int elf_prot = 0;
1732
1733 if (eppnt->p_flags & PF_R0x4) elf_prot = PROT_READ0x1;
1734 if (eppnt->p_flags & PF_W0x2) elf_prot |= PROT_WRITE0x2;
1735 if (eppnt->p_flags & PF_X0x1) elf_prot |= PROT_EXEC0x4;
1736
1737 vaddr = load_bias + eppnt->p_vaddr;
1738 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr)((vaddr) & ((1 << 12)-1));
1739 vaddr_ps = TARGET_ELF_PAGESTART(vaddr)((vaddr) & ~(unsigned long)((1 << 12)-1));
1740
1741 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po,
1742 elf_prot, MAP_PRIVATE0x02 | MAP_FIXED0x10,
1743 image_fd, eppnt->p_offset - vaddr_po);
1744 if (error == -1) {
1745 goto exit_perror;
1746 }
1747
1748 vaddr_ef = vaddr + eppnt->p_filesz;
1749 vaddr_em = vaddr + eppnt->p_memsz;
1750
1751 /* If the load segment requests extra zeros (e.g. bss), map it. */
1752 if (vaddr_ef < vaddr_em) {
1753 zero_bss(vaddr_ef, vaddr_em, elf_prot);
1754 }
1755
1756 /* Find the full program boundaries. */
1757 if (elf_prot & PROT_EXEC0x4) {
1758 if (vaddr < info->start_code) {
1759 info->start_code = vaddr;
1760 }
1761 if (vaddr_ef > info->end_code) {
1762 info->end_code = vaddr_ef;
1763 }
1764 }
1765 if (elf_prot & PROT_WRITE0x2) {
1766 if (vaddr < info->start_data) {
1767 info->start_data = vaddr;
1768 }
1769 if (vaddr_ef > info->end_data) {
1770 info->end_data = vaddr_ef;
1771 }
1772 if (vaddr_em > info->brk) {
1773 info->brk = vaddr_em;
1774 }
1775 }
1776 } else if (eppnt->p_type == PT_INTERP3 && pinterp_name) {
1777 char *interp_name;
1778
1779 if (*pinterp_name) {
1780 errmsg = "Multiple PT_INTERP entries";
1781 goto exit_errmsg;
1782 }
1783 interp_name = malloc(eppnt->p_filesz);
1784 if (!interp_name) {
1785 goto exit_perror;
1786 }
1787
1788 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE1024) {
1789 memcpy(interp_name, bprm_buf + eppnt->p_offset,
1790 eppnt->p_filesz);
1791 } else {
1792 retval = pread(image_fd, interp_name, eppnt->p_filesz,
1793 eppnt->p_offset);
1794 if (retval != eppnt->p_filesz) {
1795 goto exit_perror;
1796 }
1797 }
1798 if (interp_name[eppnt->p_filesz - 1] != 0) {
1799 errmsg = "Invalid PT_INTERP entry";
1800 goto exit_errmsg;
1801 }
1802 *pinterp_name = interp_name;
1803 }
1804 }
1805
1806 if (info->end_data == 0) {
1807 info->start_data = info->end_code;
1808 info->end_data = info->end_code;
1809 info->brk = info->end_code;
1810 }
1811
1812 if (qemu_log_enabled()) {
1813 load_symbols(ehdr, image_fd, load_bias);
1814 }
1815
1816 close(image_fd);
1817 return;
1818
1819 exit_read:
1820 if (retval >= 0) {
1821 errmsg = "Incomplete read of file header";
1822 goto exit_errmsg;
1823 }
1824 exit_perror:
1825 errmsg = strerror(errno(*__errno_location ()));
1826 exit_errmsg:
1827 fprintf(stderrstderr, "%s: %s\n", image_name, errmsg);
1828 exit(-1);
1829}
1830
1831static void load_elf_interp(const char *filename, struct image_info *info,
1832 char bprm_buf[BPRM_BUF_SIZE1024])
1833{
1834 int fd, retval;
1835
1836 fd = open(path(filename), O_RDONLY00);
1837 if (fd < 0) {
1838 goto exit_perror;
1839 }
1840
1841 retval = read(fd, bprm_buf, BPRM_BUF_SIZE1024);
1842 if (retval < 0) {
1843 goto exit_perror;
1844 }
1845 if (retval < BPRM_BUF_SIZE1024) {
1846 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE1024 - retval);
1847 }
1848
1849 load_elf_image(filename, fd, info, NULL((void*)0), bprm_buf);
1850 return;
1851
1852 exit_perror:
1853 fprintf(stderrstderr, "%s: %s\n", filename, strerror(errno(*__errno_location ())));
1854 exit(-1);
1855}
1856
1857static int symfind(const void *s0, const void *s1)
1858{
1859 target_ulong addr = *(target_ulong *)s0;
1860 struct elf_symelf32_sym *sym = (struct elf_symelf32_sym *)s1;
1861 int result = 0;
1862 if (addr < sym->st_value) {
1863 result = -1;
1864 } else if (addr >= sym->st_value + sym->st_size) {
1865 result = 1;
1866 }
1867 return result;
1868}
1869
1870static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1871{
1872#if ELF_CLASS1 == ELFCLASS321
1873 struct elf_symelf32_sym *syms = s->disas_symtab.elf32;
1874#else
1875 struct elf_symelf32_sym *syms = s->disas_symtab.elf64;
1876#endif
1877
1878 // binary search
1879 struct elf_symelf32_sym *sym;
1880
1881 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind);
1882 if (sym != NULL((void*)0)) {
1883 return s->disas_strtab + sym->st_name;
1884 }
1885
1886 return "";
1887}
1888
1889/* FIXME: This should use elf_ops.h */
1890static int symcmp(const void *s0, const void *s1)
1891{
1892 struct elf_symelf32_sym *sym0 = (struct elf_symelf32_sym *)s0;
1893 struct elf_symelf32_sym *sym1 = (struct elf_symelf32_sym *)s1;
1894 return (sym0->st_value < sym1->st_value)
1895 ? -1
1896 : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1897}
1898
1899/* Best attempt to load symbols from this ELF object. */
1900static void load_symbols(struct elfhdrelf32_hdr *hdr, int fd, abi_ulong load_bias)
1901{
1902 int i, shnum, nsyms, sym_idx = 0, str_idx = 0;
1903 struct elf_shdrelf32_shdr *shdr;
1904 char *strings = NULL((void*)0);
1905 struct syminfo *s = NULL((void*)0);
1906 struct elf_symelf32_sym *new_syms, *syms = NULL((void*)0);
1907
1908 shnum = hdr->e_shnum;
1909 i = shnum * sizeof(struct elf_shdrelf32_shdr);
1910 shdr = (struct elf_shdrelf32_shdr *)alloca(i)__builtin_alloca (i);
1911 if (pread(fd, shdr, i, hdr->e_shoff) != i) {
1912 return;
1913 }
1914
1915 bswap_shdr(shdr, shnum);
1916 for (i = 0; i < shnum; ++i) {
1917 if (shdr[i].sh_type == SHT_SYMTAB2) {
1918 sym_idx = i;
1919 str_idx = shdr[i].sh_link;
1920 goto found;
1921 }
1922 }
1923
1924 /* There will be no symbol table if the file was stripped. */
1925 return;
1926
1927 found:
1928 /* Now know where the strtab and symtab are. Snarf them. */
1929 s = malloc(sizeof(*s));
1930 if (!s) {
1931 goto give_up;
1932 }
1933
1934 i = shdr[str_idx].sh_size;
1935 s->disas_strtab = strings = malloc(i);
1936 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) {
1937 goto give_up;
1938 }
1939
1940 i = shdr[sym_idx].sh_size;
1941 syms = malloc(i);
1942 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) {
1943 goto give_up;
1944 }
1945
1946 nsyms = i / sizeof(struct elf_symelf32_sym);
1947 for (i = 0; i < nsyms; ) {
1948 bswap_sym(syms + i);
1949 /* Throw away entries which we do not need. */
1950 if (syms[i].st_shndx == SHN_UNDEF0
1951 || syms[i].st_shndx >= SHN_LORESERVE0xff00
1952 || ELF_ST_TYPE(syms[i].st_info)(((unsigned int) syms[i].st_info) & 0xf) != STT_FUNC2) {
1953 if (i < --nsyms) {
1954 syms[i] = syms[nsyms];
1955 }
1956 } else {
1957#if defined(TARGET_ARM) || defined (TARGET_MIPS1)
1958 /* The bottom address bit marks a Thumb or MIPS16 symbol. */
1959 syms[i].st_value &= ~(target_ulong)1;
1960#endif
1961 syms[i].st_value += load_bias;
1962 i++;
1963 }
1964 }
1965
1966 /* No "useful" symbol. */
1967 if (nsyms == 0) {
1968 goto give_up;
1969 }
1970
1971 /* Attempt to free the storage associated with the local symbols
1972 that we threw away. Whether or not this has any effect on the
1973 memory allocation depends on the malloc implementation and how
1974 many symbols we managed to discard. */
1975 new_syms = realloc(syms, nsyms * sizeof(*syms));
1976 if (new_syms == NULL((void*)0)) {
1977 goto give_up;
1978 }
1979 syms = new_syms;
1980
1981 qsort(syms, nsyms, sizeof(*syms), symcmp);
1982
1983 s->disas_num_syms = nsyms;
1984#if ELF_CLASS1 == ELFCLASS321
1985 s->disas_symtab.elf32 = syms;
1986#else
1987 s->disas_symtab.elf64 = syms;
1988#endif
1989 s->lookup_symbol = lookup_symbolxx;
1990 s->next = syminfos;
1991 syminfos = s;
1992
1993 return;
1994
1995give_up:
1996 free(s);
1997 free(strings);
1998 free(syms);
1999}
2000
2001int load_elf_binary(struct linux_binprm *bprm, struct image_info *info)
2002{
2003 struct image_info interp_info;
2004 struct elfhdrelf32_hdr elf_ex;
2005 char *elf_interpreter = NULL((void*)0);
2006
2007 info->start_mmap = (abi_ulong)ELF_START_MMAP0x80000000;
2008 info->mmap = 0;
2009 info->rss = 0;
2010
2011 load_elf_image(bprm->filename, bprm->fd, info,
2012 &elf_interpreter, bprm->buf);
2013
2014 /* ??? We need a copy of the elf header for passing to create_elf_tables.
2015 If we do nothing, we'll have overwritten this when we re-use bprm->buf
2016 when we load the interpreter. */
2017 elf_ex = *(struct elfhdrelf32_hdr *)bprm->buf;
2018
2019 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
2020 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
2021 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
2022 if (!bprm->p) {
2023 fprintf(stderrstderr, "%s: %s\n", bprm->filename, strerror(E2BIG7));
2024 exit(-1);
2025 }
2026
2027 /* Do this so that we can load the interpreter, if need be. We will
2028 change some of these later */
2029 bprm->p = setup_arg_pages(bprm->p, bprm, info);
2030
2031 if (elf_interpreter) {
2032 load_elf_interp(elf_interpreter, &interp_info, bprm->buf);
2033
2034 /* If the program interpreter is one of these two, then assume
2035 an iBCS2 image. Otherwise assume a native linux image. */
2036
2037 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0
2038 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) {
2039 info->personality = PER_SVR4;
2040
2041 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
2042 and some applications "depend" upon this behavior. Since
2043 we do not have the power to recompile these, we emulate
2044 the SVr4 behavior. Sigh. */
2045 target_mmap(0, qemu_host_page_size, PROT_READ0x1 | PROT_EXEC0x4,
2046 MAP_FIXED0x10 | MAP_PRIVATE0x02, -1, 0);
2047 }
2048 }
2049
2050 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex,
2051 info, (elf_interpreter ? &interp_info : NULL((void*)0)));
2052 info->start_stack = bprm->p;
2053
2054 /* If we have an interpreter, set that as the program's entry point.
2055 Copy the load_bias as well, to help PPC64 interpret the entry
2056 point as a function descriptor. Do this after creating elf tables
2057 so that we copy the original program entry point into the AUXV. */
2058 if (elf_interpreter) {
2059 info->load_bias = interp_info.load_bias;
2060 info->entry = interp_info.entry;
2061 free(elf_interpreter);
2062 }
2063
2064#ifdef USE_ELF_CORE_DUMP
2065 bprm->core_dump = &elf_core_dump;
2066#endif
2067
2068 return 0;
2069}
2070
2071#ifdef USE_ELF_CORE_DUMP
2072/*
2073 * Definitions to generate Intel SVR4-like core files.
2074 * These mostly have the same names as the SVR4 types with "target_elf_"
2075 * tacked on the front to prevent clashes with linux definitions,
2076 * and the typedef forms have been avoided. This is mostly like
2077 * the SVR4 structure, but more Linuxy, with things that Linux does
2078 * not support and which gdb doesn't really use excluded.
2079 *
2080 * Fields we don't dump (their contents is zero) in linux-user qemu
2081 * are marked with XXX.
2082 *
2083 * Core dump code is copied from linux kernel (fs/binfmt_elf.c).
2084 *
2085 * Porting ELF coredump for target is (quite) simple process. First you
2086 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for
2087 * the target resides):
2088 *
2089 * #define USE_ELF_CORE_DUMP
2090 *
2091 * Next you define type of register set used for dumping. ELF specification
2092 * says that it needs to be array of elf_greg_t that has size of ELF_NREG.
2093 *
2094 * typedef <target_regtype> target_elf_greg_t;
2095 * #define ELF_NREG <number of registers>
2096 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG];
2097 *
2098 * Last step is to implement target specific function that copies registers
2099 * from given cpu into just specified register set. Prototype is:
2100 *
2101 * static void elf_core_copy_regs(taret_elf_gregset_t *regs,
2102 * const CPUArchState *env);
2103 *
2104 * Parameters:
2105 * regs - copy register values into here (allocated and zeroed by caller)
2106 * env - copy registers from here
2107 *
2108 * Example for ARM target is provided in this file.
2109 */
2110
2111/* An ELF note in memory */
2112struct memelfnote {
2113 const char *name;
2114 size_t namesz;
2115 size_t namesz_rounded;
2116 int type;
2117 size_t datasz;
2118 size_t datasz_rounded;
2119 void *data;
2120 size_t notesz;
2121};
2122
2123struct target_elf_siginfo {
2124 abi_int si_signo; /* signal number */
2125 abi_int si_code; /* extra code */
2126 abi_int si_errno; /* errno */
2127};
2128
2129struct target_elf_prstatus {
2130 struct target_elf_siginfo pr_info; /* Info associated with signal */
2131 abi_short pr_cursig; /* Current signal */
2132 abi_ulong pr_sigpend; /* XXX */
2133 abi_ulong pr_sighold; /* XXX */
2134 target_pid_t pr_pid;
2135 target_pid_t pr_ppid;
2136 target_pid_t pr_pgrp;
2137 target_pid_t pr_sid;
2138 struct target_timeval pr_utime; /* XXX User time */
2139 struct target_timeval pr_stime; /* XXX System time */
2140 struct target_timeval pr_cutime; /* XXX Cumulative user time */
2141 struct target_timeval pr_cstime; /* XXX Cumulative system time */
2142 target_elf_gregset_t pr_reg; /* GP registers */
2143 abi_int pr_fpvalid; /* XXX */
2144};
2145
2146#define ELF_PRARGSZ(80) (80) /* Number of chars for args */
2147
2148struct target_elf_prpsinfo {
2149 char pr_state; /* numeric process state */
2150 char pr_sname; /* char for pr_state */
2151 char pr_zomb; /* zombie */
2152 char pr_nice; /* nice val */
2153 abi_ulong pr_flag; /* flags */
2154 target_uid_t pr_uid;
2155 target_gid_t pr_gid;
2156 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
2157 /* Lots missing */
2158 char pr_fname[16]; /* filename of executable */
2159 char pr_psargs[ELF_PRARGSZ(80)]; /* initial part of arg list */
2160};
2161
2162/* Here is the structure in which status of each thread is captured. */
2163struct elf_thread_status {
2164 QTAILQ_ENTRY(elf_thread_status)struct { struct elf_thread_status *tqe_next; struct elf_thread_status
* *tqe_prev; }
ets_link;
2165 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */
2166#if 0
2167 elf_fpregset_t fpu; /* NT_PRFPREG */
2168 struct task_struct *thread;
2169 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
2170#endif
2171 struct memelfnote notes[1];
2172 int num_notes;
2173};
2174
2175struct elf_note_info {
2176 struct memelfnote *notes;
2177 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */
2178 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */
2179
2180 QTAILQ_HEAD(thread_list_head, elf_thread_status)struct thread_list_head { struct elf_thread_status *tqh_first
; struct elf_thread_status * *tqh_last; }
thread_list;
2181#if 0
2182 /*
2183 * Current version of ELF coredump doesn't support
2184 * dumping fp regs etc.
2185 */
2186 elf_fpregset_t *fpu;
2187 elf_fpxregset_t *xfpu;
2188 int thread_status_size;
2189#endif
2190 int notes_size;
2191 int numnote;
2192};
2193
2194struct vm_area_struct {
2195 abi_ulong vma_start; /* start vaddr of memory region */
2196 abi_ulong vma_end; /* end vaddr of memory region */
2197 abi_ulong vma_flags; /* protection etc. flags for the region */
2198 QTAILQ_ENTRY(vm_area_struct)struct { struct vm_area_struct *tqe_next; struct vm_area_struct
* *tqe_prev; }
vma_link;
2199};
2200
2201struct mm_struct {
2202 QTAILQ_HEAD(, vm_area_struct)struct { struct vm_area_struct *tqh_first; struct vm_area_struct
* *tqh_last; }
mm_mmap;
2203 int mm_count; /* number of mappings */
2204};
2205
2206static struct mm_struct *vma_init(void);
2207static void vma_delete(struct mm_struct *);
2208static int vma_add_mapping(struct mm_struct *, abi_ulong,
2209 abi_ulong, abi_ulong);
2210static int vma_get_mapping_count(const struct mm_struct *);
2211static struct vm_area_struct *vma_first(const struct mm_struct *);
2212static struct vm_area_struct *vma_next(struct vm_area_struct *);
2213static abi_ulong vma_dump_size(const struct vm_area_struct *);
2214static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
2215 unsigned long flags);
2216
2217static void fill_elf_header(struct elfhdrelf32_hdr *, int, uint16_t, uint32_t);
2218static void fill_note(struct memelfnote *, const char *, int,
2219 unsigned int, void *);
2220static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int);
2221static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *);
2222static void fill_auxv_note(struct memelfnote *, const TaskState *);
2223static void fill_elf_note_phdr(struct elf_phdrelf32_phdr *, int, off_t);
2224static size_t note_size(const struct memelfnote *);
2225static void free_note_info(struct elf_note_info *);
2226static int fill_note_info(struct elf_note_info *, long, const CPUArchStatestruct CPUMIPSState *);
2227static void fill_thread_info(struct elf_note_info *, const CPUArchStatestruct CPUMIPSState *);
2228static int core_dump_filename(const TaskState *, char *, size_t);
2229
2230static int dump_write(int, const void *, size_t);
2231static int write_note(struct memelfnote *, int);
2232static int write_note_info(struct elf_note_info *, int);
2233
2234#ifdef BSWAP_NEEDED
2235static void bswap_prstatus(struct target_elf_prstatus *prstatus)
2236{
2237 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo);
2238 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code);
2239 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno);
2240 prstatus->pr_cursig = tswap16(prstatus->pr_cursig);
2241 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend);
2242 prstatus->pr_sighold = tswapal(prstatus->pr_sighold);
2243 prstatus->pr_pid = tswap32(prstatus->pr_pid);
2244 prstatus->pr_ppid = tswap32(prstatus->pr_ppid);
2245 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp);
2246 prstatus->pr_sid = tswap32(prstatus->pr_sid);
2247 /* cpu times are not filled, so we skip them */
2248 /* regs should be in correct format already */
2249 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid);
2250}
2251
2252static void bswap_psinfo(struct target_elf_prpsinfo *psinfo)
2253{
2254 psinfo->pr_flag = tswapal(psinfo->pr_flag);
2255 psinfo->pr_uid = tswap16(psinfo->pr_uid);
2256 psinfo->pr_gid = tswap16(psinfo->pr_gid);
2257 psinfo->pr_pid = tswap32(psinfo->pr_pid);
2258 psinfo->pr_ppid = tswap32(psinfo->pr_ppid);
2259 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp);
2260 psinfo->pr_sid = tswap32(psinfo->pr_sid);
2261}
2262
2263static void bswap_note(struct elf_noteelf32_note *en)
2264{
2265 bswap32s(&en->n_namesz);
2266 bswap32s(&en->n_descsz);
2267 bswap32s(&en->n_type);
2268}
2269#else
2270static inline void bswap_prstatus(struct target_elf_prstatus *p) { }
2271static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {}
2272static inline void bswap_note(struct elf_noteelf32_note *en) { }
2273#endif /* BSWAP_NEEDED */
2274
2275/*
2276 * Minimal support for linux memory regions. These are needed
2277 * when we are finding out what memory exactly belongs to
2278 * emulated process. No locks needed here, as long as
2279 * thread that received the signal is stopped.
2280 */
2281
2282static struct mm_struct *vma_init(void)
2283{
2284 struct mm_struct *mm;
2285
2286 if ((mm = g_malloc(sizeof (*mm))) == NULL((void*)0))
2287 return (NULL((void*)0));
2288
2289 mm->mm_count = 0;
2290 QTAILQ_INIT(&mm->mm_mmap)do { (&mm->mm_mmap)->tqh_first = ((void*)0); (&
mm->mm_mmap)->tqh_last = &(&mm->mm_mmap)->
tqh_first; } while ( 0)
;
2291
2292 return (mm);
2293}
2294
2295static void vma_delete(struct mm_struct *mm)
2296{
2297 struct vm_area_struct *vma;
2298
2299 while ((vma = vma_first(mm)) != NULL((void*)0)) {
2300 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link)do { if (((vma)->vma_link.tqe_next) != ((void*)0)) (vma)->
vma_link.tqe_next->vma_link.tqe_prev = (vma)->vma_link.
tqe_prev; else (&mm->mm_mmap)->tqh_last = (vma)->
vma_link.tqe_prev; *(vma)->vma_link.tqe_prev = (vma)->vma_link
.tqe_next; } while ( 0)
;
2301 g_free(vma);
2302 }
2303 g_free(mm);
2304}
2305
2306static int vma_add_mapping(struct mm_struct *mm, abi_ulong start,
2307 abi_ulong end, abi_ulong flags)
2308{
2309 struct vm_area_struct *vma;
2310
2311 if ((vma = g_malloc0(sizeof (*vma))) == NULL((void*)0))
2312 return (-1);
2313
2314 vma->vma_start = start;
2315 vma->vma_end = end;
2316 vma->vma_flags = flags;
2317
2318 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link)do { (vma)->vma_link.tqe_next = ((void*)0); (vma)->vma_link
.tqe_prev = (&mm->mm_mmap)->tqh_last; *(&mm->
mm_mmap)->tqh_last = (vma); (&mm->mm_mmap)->tqh_last
= &(vma)->vma_link.tqe_next; } while ( 0)
;
2319 mm->mm_count++;
2320
2321 return (0);
2322}
2323
2324static struct vm_area_struct *vma_first(const struct mm_struct *mm)
2325{
2326 return (QTAILQ_FIRST(&mm->mm_mmap)((&mm->mm_mmap)->tqh_first));
2327}
2328
2329static struct vm_area_struct *vma_next(struct vm_area_struct *vma)
2330{
2331 return (QTAILQ_NEXT(vma, vma_link)((vma)->vma_link.tqe_next));
2332}
2333
2334static int vma_get_mapping_count(const struct mm_struct *mm)
2335{
2336 return (mm->mm_count);
2337}
2338
2339/*
2340 * Calculate file (dump) size of given memory region.
2341 */
2342static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
2343{
2344 /* if we cannot even read the first page, skip it */
2345 if (!access_ok(VERIFY_READ0, vma->vma_start, TARGET_PAGE_SIZE(1 << 12)))
2346 return (0);
2347
2348 /*
2349 * Usually we don't dump executable pages as they contain
2350 * non-writable code that debugger can read directly from
2351 * target library etc. However, thread stacks are marked
2352 * also executable so we read in first page of given region
2353 * and check whether it contains elf header. If there is
2354 * no elf header, we dump it.
2355 */
2356 if (vma->vma_flags & PROT_EXEC0x4) {
2357 char page[TARGET_PAGE_SIZE(1 << 12)];
2358
2359 copy_from_user(page, vma->vma_start, sizeof (page));
2360 if ((page[EI_MAG00] == ELFMAG00x7f) &&
2361 (page[EI_MAG11] == ELFMAG1'E') &&
2362 (page[EI_MAG22] == ELFMAG2'L') &&
2363 (page[EI_MAG33] == ELFMAG3'F')) {
2364 /*
2365 * Mappings are possibly from ELF binary. Don't dump
2366 * them.
2367 */
2368 return (0);
2369 }
2370 }
2371
2372 return (vma->vma_end - vma->vma_start);
2373}
2374
2375static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
2376 unsigned long flags)
2377{
2378 struct mm_struct *mm = (struct mm_struct *)priv;
2379
2380 vma_add_mapping(mm, start, end, flags);
2381 return (0);
2382}
2383
2384static void fill_note(struct memelfnote *note, const char *name, int type,
2385 unsigned int sz, void *data)
2386{
2387 unsigned int namesz;
2388
2389 namesz = strlen(name) + 1;
2390 note->name = name;
2391 note->namesz = namesz;
2392 note->namesz_rounded = roundup(namesz, sizeof (int32_t))(__builtin_constant_p (sizeof (int32_t)) && ((((sizeof
(int32_t)) - 1) & (sizeof (int32_t))) == 0) ? (((namesz)
+ (sizeof (int32_t)) - 1) & ~((sizeof (int32_t)) - 1)) :
((((namesz) + ((sizeof (int32_t)) - 1)) / (sizeof (int32_t))
) * (sizeof (int32_t))))
;
2393 note->type = type;
2394 note->datasz = sz;
2395 note->datasz_rounded = roundup(sz, sizeof (int32_t))(__builtin_constant_p (sizeof (int32_t)) && ((((sizeof
(int32_t)) - 1) & (sizeof (int32_t))) == 0) ? (((sz) + (
sizeof (int32_t)) - 1) & ~((sizeof (int32_t)) - 1)) : (((
(sz) + ((sizeof (int32_t)) - 1)) / (sizeof (int32_t))) * (sizeof
(int32_t))))
;
2396
2397 note->data = data;
2398
2399 /*
2400 * We calculate rounded up note size here as specified by
2401 * ELF document.
2402 */
2403 note->notesz = sizeof (struct elf_noteelf32_note) +
2404 note->namesz_rounded + note->datasz_rounded;
2405}
2406
2407static void fill_elf_header(struct elfhdrelf32_hdr *elf, int segs, uint16_t machine,
2408 uint32_t flags)
2409{
2410 (void) memset(elf, 0, sizeof(*elf));
2411
2412 (void) memcpy(elf->e_ident, ELFMAG"\177ELF", SELFMAG4);
2413 elf->e_ident[EI_CLASS4] = ELF_CLASS1;
2414 elf->e_ident[EI_DATA5] = ELF_DATA1;
2415 elf->e_ident[EI_VERSION6] = EV_CURRENT1;
2416 elf->e_ident[EI_OSABI7] = ELF_OSABI0;
2417
2418 elf->e_type = ET_CORE4;
2419 elf->e_machine = machine;
2420 elf->e_version = EV_CURRENT1;
2421 elf->e_phoff = sizeof(struct elfhdrelf32_hdr);
2422 elf->e_flags = flags;
2423 elf->e_ehsize = sizeof(struct elfhdrelf32_hdr);
2424 elf->e_phentsize = sizeof(struct elf_phdrelf32_phdr);
2425 elf->e_phnum = segs;
2426
2427 bswap_ehdr(elf);
2428}
2429
2430static void fill_elf_note_phdr(struct elf_phdrelf32_phdr *phdr, int sz, off_t offset)
2431{
2432 phdr->p_type = PT_NOTE4;
2433 phdr->p_offset = offset;
2434 phdr->p_vaddr = 0;
2435 phdr->p_paddr = 0;
2436 phdr->p_filesz = sz;
2437 phdr->p_memsz = 0;
2438 phdr->p_flags = 0;
2439 phdr->p_align = 0;
2440
2441 bswap_phdr(phdr, 1);
2442}
2443
2444static size_t note_size(const struct memelfnote *note)
2445{
2446 return (note->notesz);
2447}
2448
2449static void fill_prstatus(struct target_elf_prstatus *prstatus,
2450 const TaskState *ts, int signr)
2451{
2452 (void) memset(prstatus, 0, sizeof (*prstatus));
2453 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
2454 prstatus->pr_pid = ts->ts_tid;
2455 prstatus->pr_ppid = getppid();
2456 prstatus->pr_pgrp = getpgrp();
2457 prstatus->pr_sid = getsid(0);
2458
2459 bswap_prstatus(prstatus);
2460}
2461
2462static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
2463{
2464 char *base_filename;
2465 unsigned int i, len;
2466
2467 (void) memset(psinfo, 0, sizeof (*psinfo));
2468
2469 len = ts->info->arg_end - ts->info->arg_start;
2470 if (len >= ELF_PRARGSZ(80))
2471 len = ELF_PRARGSZ(80) - 1;
2472 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len))
2473 return -EFAULT14;
2474 for (i = 0; i < len; i++)
2475 if (psinfo->pr_psargs[i] == 0)
2476 psinfo->pr_psargs[i] = ' ';
2477 psinfo->pr_psargs[len] = 0;
2478
2479 psinfo->pr_pid = getpid();
2480 psinfo->pr_ppid = getppid();
2481 psinfo->pr_pgrp = getpgrp();
2482 psinfo->pr_sid = getsid(0);
2483 psinfo->pr_uid = getuid();
2484 psinfo->pr_gid = getgid();
2485
2486 base_filename = g_path_get_basename(ts->bprm->filename);
2487 /*
2488 * Using strncpy here is fine: at max-length,
2489 * this field is not NUL-terminated.
2490 */
2491 (void) strncpy(psinfo->pr_fname, base_filename,
2492 sizeof(psinfo->pr_fname));
2493
2494 g_free(base_filename);
2495 bswap_psinfo(psinfo);
2496 return (0);
2497}
2498
2499static void fill_auxv_note(struct memelfnote *note, const TaskState *ts)
2500{
2501 elf_addr_tElf32_Off auxv = (elf_addr_tElf32_Off)ts->info->saved_auxv;
2502 elf_addr_tElf32_Off orig_auxv = auxv;
2503 void *ptr;
2504 int len = ts->info->auxv_len;
2505
2506 /*
2507 * Auxiliary vector is stored in target process stack. It contains
2508 * {type, value} pairs that we need to dump into note. This is not
2509 * strictly necessary but we do it here for sake of completeness.
2510 */
2511
2512 /* read in whole auxv vector and copy it to memelfnote */
2513 ptr = lock_user(VERIFY_READ0, orig_auxv, len, 0);
2514 if (ptr != NULL((void*)0)) {
2515 fill_note(note, "CORE", NT_AUXV6, len, ptr);
2516 unlock_user(ptr, auxv, len);
2517 }
2518}
2519
2520/*
2521 * Constructs name of coredump file. We have following convention
2522 * for the name:
2523 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core
2524 *
2525 * Returns 0 in case of success, -1 otherwise (errno is set).
2526 */
2527static int core_dump_filename(const TaskState *ts, char *buf,
2528 size_t bufsize)
2529{
2530 char timestamp[64];
2531 char *filename = NULL((void*)0);
2532 char *base_filename = NULL((void*)0);
2533 struct timeval tv;
2534 struct tm tm;
2535
2536 assert(bufsize >= PATH_MAX)((bufsize >= 4096) ? (void) (0) : __assert_fail ("bufsize >= 4096"
, "/home/stefan/src/qemu/qemu.org/qemu/linux-user/elfload.c",
2536, __PRETTY_FUNCTION__))
;
2537
2538 if (gettimeofday(&tv, NULL((void*)0)) < 0) {
2539 (void) fprintf(stderrstderr, "unable to get current timestamp: %s",
2540 strerror(errno(*__errno_location ())));
2541 return (-1);
2542 }
2543
2544 filename = strdup(ts->bprm->filename);
2545 base_filename = strdup(basename(filename));
2546 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S",
2547 localtime_r(&tv.tv_sec, &tm));
2548 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core",
2549 base_filename, timestamp, (int)getpid());
2550 free(base_filename);
2551 free(filename);
2552
2553 return (0);
2554}
2555
2556static int dump_write(int fd, const void *ptr, size_t size)
2557{
2558 const char *bufp = (const char *)ptr;
2559 ssize_t bytes_written, bytes_left;
2560 struct rlimit dumpsize;
2561 off_t pos;
2562
2563 bytes_written = 0;
Value stored to 'bytes_written' is never read
2564 getrlimit(RLIMIT_CORERLIMIT_CORE, &dumpsize);
2565 if ((pos = lseek(fd, 0, SEEK_CUR1))==-1) {
2566 if (errno(*__errno_location ()) == ESPIPE29) { /* not a seekable stream */
2567 bytes_left = size;
2568 } else {
2569 return pos;
2570 }
2571 } else {
2572 if (dumpsize.rlim_cur <= pos) {
2573 return -1;
2574 } else if (dumpsize.rlim_cur == RLIM_INFINITY0xffffffffffffffffuLL) {
2575 bytes_left = size;
2576 } else {
2577 size_t limit_left=dumpsize.rlim_cur - pos;
2578 bytes_left = limit_left >= size ? size : limit_left ;
2579 }
2580 }
2581
2582 /*
2583 * In normal conditions, single write(2) should do but
2584 * in case of socket etc. this mechanism is more portable.
2585 */
2586 do {
2587 bytes_written = write(fd, bufp, bytes_left);
2588 if (bytes_written < 0) {
2589 if (errno(*__errno_location ()) == EINTR4)
2590 continue;
2591 return (-1);
2592 } else if (bytes_written == 0) { /* eof */
2593 return (-1);
2594 }
2595 bufp += bytes_written;
2596 bytes_left -= bytes_written;
2597 } while (bytes_left > 0);
2598
2599 return (0);
2600}
2601
2602static int write_note(struct memelfnote *men, int fd)
2603{
2604 struct elf_noteelf32_note en;
2605
2606 en.n_namesz = men->namesz;
2607 en.n_type = men->type;
2608 en.n_descsz = men->datasz;
2609
2610 bswap_note(&en);
2611
2612 if (dump_write(fd, &en, sizeof(en)) != 0)
2613 return (-1);
2614 if (dump_write(fd, men->name, men->namesz_rounded) != 0)
2615 return (-1);
2616 if (dump_write(fd, men->data, men->datasz_rounded) != 0)
2617 return (-1);
2618
2619 return (0);
2620}
2621
2622static void fill_thread_info(struct elf_note_info *info, const CPUArchStatestruct CPUMIPSState *env)
2623{
2624 TaskState *ts = (TaskState *)env->opaque;
2625 struct elf_thread_status *ets;
2626
2627 ets = g_malloc0(sizeof (*ets));
2628 ets->num_notes = 1; /* only prstatus is dumped */
2629 fill_prstatus(&ets->prstatus, ts, 0);
2630 elf_core_copy_regs(&ets->prstatus.pr_reg, env);
2631 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS1, sizeof (ets->prstatus),
2632 &ets->prstatus);
2633
2634 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link)do { (ets)->ets_link.tqe_next = ((void*)0); (ets)->ets_link
.tqe_prev = (&info->thread_list)->tqh_last; *(&
info->thread_list)->tqh_last = (ets); (&info->thread_list
)->tqh_last = &(ets)->ets_link.tqe_next; } while ( 0
)
;
2635
2636 info->notes_size += note_size(&ets->notes[0]);
2637}
2638
2639static int fill_note_info(struct elf_note_info *info,
2640 long signr, const CPUArchStatestruct CPUMIPSState *env)
2641{
2642#define NUMNOTES3 3
2643 CPUState *cpu = NULL((void*)0);
2644 TaskState *ts = (TaskState *)env->opaque;
2645 int i;
2646
2647 (void) memset(info, 0, sizeof (*info));
2648
2649 QTAILQ_INIT(&info->thread_list)do { (&info->thread_list)->tqh_first = ((void*)0); (
&info->thread_list)->tqh_last = &(&info->
thread_list)->tqh_first; } while ( 0)
;
2650
2651 info->notes = g_malloc0(NUMNOTES3 * sizeof (struct memelfnote));
2652 if (info->notes == NULL((void*)0))
2653 return (-ENOMEM12);
2654 info->prstatus = g_malloc0(sizeof (*info->prstatus));
2655 if (info->prstatus == NULL((void*)0))
2656 return (-ENOMEM12);
2657 info->psinfo = g_malloc0(sizeof (*info->psinfo));
2658 if (info->prstatus == NULL((void*)0))
2659 return (-ENOMEM12);
2660
2661 /*
2662 * First fill in status (and registers) of current thread
2663 * including process info & aux vector.
2664 */
2665 fill_prstatus(info->prstatus, ts, signr);
2666 elf_core_copy_regs(&info->prstatus->pr_reg, env);
2667 fill_note(&info->notes[0], "CORE", NT_PRSTATUS1,
2668 sizeof (*info->prstatus), info->prstatus);
2669 fill_psinfo(info->psinfo, ts);
2670 fill_note(&info->notes[1], "CORE", NT_PRPSINFO3,
2671 sizeof (*info->psinfo), info->psinfo);
2672 fill_auxv_note(&info->notes[2], ts);
2673 info->numnote = 3;
2674
2675 info->notes_size = 0;
2676 for (i = 0; i < info->numnote; i++)
2677 info->notes_size += note_size(&info->notes[i]);
2678
2679 /* read and fill status of all threads */
2680 cpu_list_lock();
2681 CPU_FOREACH(cpu)for ((cpu) = ((&cpus)->tqh_first); (cpu); (cpu) = ((cpu
)->node.tqe_next))
{
2682 if (cpu == thread_cpu) {
2683 continue;
2684 }
2685 fill_thread_info(info, (CPUArchStatestruct CPUMIPSState *)cpu->env_ptr);
2686 }
2687 cpu_list_unlock();
2688
2689 return (0);
2690}
2691
2692static void free_note_info(struct elf_note_info *info)
2693{
2694 struct elf_thread_status *ets;
2695
2696 while (!QTAILQ_EMPTY(&info->thread_list)((&info->thread_list)->tqh_first == ((void*)0))) {
2697 ets = QTAILQ_FIRST(&info->thread_list)((&info->thread_list)->tqh_first);
2698 QTAILQ_REMOVE(&info->thread_list, ets, ets_link)do { if (((ets)->ets_link.tqe_next) != ((void*)0)) (ets)->
ets_link.tqe_next->ets_link.tqe_prev = (ets)->ets_link.
tqe_prev; else (&info->thread_list)->tqh_last = (ets
)->ets_link.tqe_prev; *(ets)->ets_link.tqe_prev = (ets)
->ets_link.tqe_next; } while ( 0)
;
2699 g_free(ets);
2700 }
2701
2702 g_free(info->prstatus);
2703 g_free(info->psinfo);
2704 g_free(info->notes);
2705}
2706
2707static int write_note_info(struct elf_note_info *info, int fd)
2708{
2709 struct elf_thread_status *ets;
2710 int i, error = 0;
2711
2712 /* write prstatus, psinfo and auxv for current thread */
2713 for (i = 0; i < info->numnote; i++)
2714 if ((error = write_note(&info->notes[i], fd)) != 0)
2715 return (error);
2716
2717 /* write prstatus for each thread */
2718 for (ets = info->thread_list.tqh_first; ets != NULL((void*)0);
2719 ets = ets->ets_link.tqe_next) {
2720 if ((error = write_note(&ets->notes[0], fd)) != 0)
2721 return (error);
2722 }
2723
2724 return (0);
2725}
2726
2727/*
2728 * Write out ELF coredump.
2729 *
2730 * See documentation of ELF object file format in:
2731 * http://www.caldera.com/developers/devspecs/gabi41.pdf
2732 *
2733 * Coredump format in linux is following:
2734 *
2735 * 0 +----------------------+ \
2736 * | ELF header | ET_CORE |
2737 * +----------------------+ |
2738 * | ELF program headers | |--- headers
2739 * | - NOTE section | |
2740 * | - PT_LOAD sections | |
2741 * +----------------------+ /
2742 * | NOTEs: |
2743 * | - NT_PRSTATUS |
2744 * | - NT_PRSINFO |
2745 * | - NT_AUXV |
2746 * +----------------------+ <-- aligned to target page
2747 * | Process memory dump |
2748 * : :
2749 * . .
2750 * : :
2751 * | |
2752 * +----------------------+
2753 *
2754 * NT_PRSTATUS -> struct elf_prstatus (per thread)
2755 * NT_PRSINFO -> struct elf_prpsinfo
2756 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()).
2757 *
2758 * Format follows System V format as close as possible. Current
2759 * version limitations are as follows:
2760 * - no floating point registers are dumped
2761 *
2762 * Function returns 0 in case of success, negative errno otherwise.
2763 *
2764 * TODO: make this work also during runtime: it should be
2765 * possible to force coredump from running process and then
2766 * continue processing. For example qemu could set up SIGUSR2
2767 * handler (provided that target process haven't registered
2768 * handler for that) that does the dump when signal is received.
2769 */
2770static int elf_core_dump(int signr, const CPUArchStatestruct CPUMIPSState *env)
2771{
2772 const TaskState *ts = (const TaskState *)env->opaque;
2773 struct vm_area_struct *vma = NULL((void*)0);
2774 char corefile[PATH_MAX4096];
2775 struct elf_note_info info;
2776 struct elfhdrelf32_hdr elf;
2777 struct elf_phdrelf32_phdr phdr;
2778 struct rlimit dumpsize;
2779 struct mm_struct *mm = NULL((void*)0);
2780 off_t offset = 0, data_offset = 0;
2781 int segs = 0;
2782 int fd = -1;
2783
2784 errno(*__errno_location ()) = 0;
2785 getrlimit(RLIMIT_CORERLIMIT_CORE, &dumpsize);
2786 if (dumpsize.rlim_cur == 0)
2787 return 0;
2788
2789 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0)
2790 return (-errno(*__errno_location ()));
2791
2792 if ((fd = open(corefile, O_WRONLY01 | O_CREAT0100,
2793 S_IRUSR0400|S_IWUSR0200|S_IRGRP(0400 >> 3)|S_IROTH((0400 >> 3) >> 3))) < 0)
2794 return (-errno(*__errno_location ()));
2795
2796 /*
2797 * Walk through target process memory mappings and
2798 * set up structure containing this information. After
2799 * this point vma_xxx functions can be used.
2800 */
2801 if ((mm = vma_init()) == NULL((void*)0))
2802 goto out;
2803
2804 walk_memory_regions(mm, vma_walker);
2805 segs = vma_get_mapping_count(mm);
2806
2807 /*
2808 * Construct valid coredump ELF header. We also
2809 * add one more segment for notes.
2810 */
2811 fill_elf_header(&elf, segs + 1, ELF_MACHINE8, 0);
2812 if (dump_write(fd, &elf, sizeof (elf)) != 0)
2813 goto out;
2814
2815 /* fill in in-memory version of notes */
2816 if (fill_note_info(&info, signr, env) < 0)
2817 goto out;
2818
2819 offset += sizeof (elf); /* elf header */
2820 offset += (segs + 1) * sizeof (struct elf_phdrelf32_phdr); /* program headers */
2821
2822 /* write out notes program header */
2823 fill_elf_note_phdr(&phdr, info.notes_size, offset);
2824
2825 offset += info.notes_size;
2826 if (dump_write(fd, &phdr, sizeof (phdr)) != 0)
2827 goto out;
2828
2829 /*
2830 * ELF specification wants data to start at page boundary so
2831 * we align it here.
2832 */
2833 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE)(__builtin_constant_p (4096) && ((((4096) - 1) & (
4096)) == 0) ? (((offset) + (4096) - 1) & ~((4096) - 1)) :
((((offset) + ((4096) - 1)) / (4096)) * (4096)))
;
2834
2835 /*
2836 * Write program headers for memory regions mapped in
2837 * the target process.
2838 */
2839 for (vma = vma_first(mm); vma != NULL((void*)0); vma = vma_next(vma)) {
2840 (void) memset(&phdr, 0, sizeof (phdr));
2841
2842 phdr.p_type = PT_LOAD1;
2843 phdr.p_offset = offset;
2844 phdr.p_vaddr = vma->vma_start;
2845 phdr.p_paddr = 0;
2846 phdr.p_filesz = vma_dump_size(vma);
2847 offset += phdr.p_filesz;
2848 phdr.p_memsz = vma->vma_end - vma->vma_start;
2849 phdr.p_flags = vma->vma_flags & PROT_READ0x1 ? PF_R0x4 : 0;
2850 if (vma->vma_flags & PROT_WRITE0x2)
2851 phdr.p_flags |= PF_W0x2;
2852 if (vma->vma_flags & PROT_EXEC0x4)
2853 phdr.p_flags |= PF_X0x1;
2854 phdr.p_align = ELF_EXEC_PAGESIZE4096;
2855
2856 bswap_phdr(&phdr, 1);
2857 dump_write(fd, &phdr, sizeof (phdr));
2858 }
2859
2860 /*
2861 * Next we write notes just after program headers. No
2862 * alignment needed here.
2863 */
2864 if (write_note_info(&info, fd) < 0)
2865 goto out;
2866
2867 /* align data to page boundary */
2868 if (lseek(fd, data_offset, SEEK_SET0) != data_offset)
2869 goto out;
2870
2871 /*
2872 * Finally we can dump process memory into corefile as well.
2873 */
2874 for (vma = vma_first(mm); vma != NULL((void*)0); vma = vma_next(vma)) {
2875 abi_ulong addr;
2876 abi_ulong end;
2877
2878 end = vma->vma_start + vma_dump_size(vma);
2879
2880 for (addr = vma->vma_start; addr < end;
2881 addr += TARGET_PAGE_SIZE(1 << 12)) {
2882 char page[TARGET_PAGE_SIZE(1 << 12)];
2883 int error;
2884
2885 /*
2886 * Read in page from target process memory and
2887 * write it to coredump file.
2888 */
2889 error = copy_from_user(page, addr, sizeof (page));
2890 if (error != 0) {
2891 (void) fprintf(stderrstderr, "unable to dump " TARGET_ABI_FMT_lx"%08x" "\n",
2892 addr);
2893 errno(*__errno_location ()) = -error;
2894 goto out;
2895 }
2896 if (dump_write(fd, page, TARGET_PAGE_SIZE(1 << 12)) < 0)
2897 goto out;
2898 }
2899 }
2900
2901 out:
2902 free_note_info(&info);
2903 if (mm != NULL((void*)0))
2904 vma_delete(mm);
2905 (void) close(fd);
2906
2907 if (errno(*__errno_location ()) != 0)
2908 return (-errno(*__errno_location ()));
2909 return (0);
2910}
2911#endif /* USE_ELF_CORE_DUMP */
2912
2913void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
2914{
2915 init_thread(regs, infop);
2916}