]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blame - fs/binfmt_elf.c
projects / mirror_ubuntu-artful-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
netfilter: use skb_to_full_sk in ip_route_me_harder
[mirror_ubuntu-artful-kernel.git] / fs / binfmt_elf.c
CommitLineData
1da177e4
LT		 1/*
2 * linux/fs/binfmt_elf.c
3 *
4 * These are the functions used to load ELF format executables as used
5 * on SVr4 machines. Information on the format may be found in the book
6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
7 * Tools".
8 *
9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
10 */
11
12#include <linux/module.h>
13#include <linux/kernel.h>
14#include <linux/fs.h>
1da177e4
LT		 15#include <linux/mm.h>
16#include <linux/mman.h>
1da177e4
LT		 17#include <linux/errno.h>
18#include <linux/signal.h>
19#include <linux/binfmts.h>
20#include <linux/string.h>
21#include <linux/file.h>
1da177e4 22#include <linux/slab.h>
1da177e4
LT		 23#include <linux/personality.h>
24#include <linux/elfcore.h>
25#include <linux/init.h>
26#include <linux/highuid.h>
1da177e4
LT		 27#include <linux/compiler.h>
28#include <linux/highmem.h>
29#include <linux/pagemap.h>
2aa362c4 30#include <linux/vmalloc.h>
1da177e4 31#include <linux/security.h>
1da177e4 32#include <linux/random.h>
f4e5cc2c 33#include <linux/elf.h>
d1fd836d 34#include <linux/elf-randomize.h>
7e80d0d0 35#include <linux/utsname.h>
088e7af7 36#include <linux/coredump.h>
6fac4829 37#include <linux/sched.h>
5037835c 38#include <linux/dax.h>
7c0f6ba6 39#include <linux/uaccess.h>
1da177e4
LT		 40#include <asm/param.h>
41#include <asm/page.h>
42
2aa362c4
DV		 43#ifndef user_long_t
44#define user_long_t long
45#endif
49ae4d4b
DV		 46#ifndef user_siginfo_t
47#define user_siginfo_t siginfo_t
48#endif
49
71613c3b 50static int load_elf_binary(struct linux_binprm *bprm);
bb1ad820
AM		 51static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
52 int, int, unsigned long);
1da177e4 53
69369a70
JT		 54#ifdef CONFIG_USELIB
55static int load_elf_library(struct file *);
56#else
57#define load_elf_library NULL
58#endif
59
1da177e4
LT		 60/*
61 * If we don't support core dumping, then supply a NULL so we
62 * don't even try.
63 */
698ba7b5 64#ifdef CONFIG_ELF_CORE
f6151dfe 65static int elf_core_dump(struct coredump_params *cprm);
1da177e4
LT		 66#else
67#define elf_core_dump NULL
68#endif
69
70#if ELF_EXEC_PAGESIZE > PAGE_SIZE
f4e5cc2c 71#define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
1da177e4 72#else
f4e5cc2c 73#define ELF_MIN_ALIGN PAGE_SIZE
1da177e4
LT		 74#endif
75
76#ifndef ELF_CORE_EFLAGS
77#define ELF_CORE_EFLAGS 0
78#endif
79
80#define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
81#define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
82#define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
83
84static struct linux_binfmt elf_format = {
f670d0ec
MP		 85 .module = THIS_MODULE,
86 .load_binary = load_elf_binary,
87 .load_shlib = load_elf_library,
88 .core_dump = elf_core_dump,
89 .min_coredump = ELF_EXEC_PAGESIZE,
1da177e4
LT		 90};
91
d4e3cc38 92#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
1da177e4 93
16e72e9b 94static int set_brk(unsigned long start, unsigned long end, int prot)
1da177e4
LT		 95{
96 start = ELF_PAGEALIGN(start);
97 end = ELF_PAGEALIGN(end);
98 if (end > start) {
16e72e9b
DV		 99 /*
100 * Map the last of the bss segment.
101 * If the header is requesting these pages to be
102 * executable, honour that (ppc32 needs this).
103 */
104 int error = vm_brk_flags(start, end - start,
105 prot & PROT_EXEC ? VM_EXEC : 0);
5d22fc25
LT		 106 if (error)
107 return error;
1da177e4
LT		 108 }
109 current->mm->start_brk = current->mm->brk = end;
110 return 0;
111}
112
1da177e4
LT		 113/* We need to explicitly zero any fractional pages
114 after the data section (i.e. bss). This would
115 contain the junk from the file that should not
f4e5cc2c
JJ		 116 be in memory
117 */
1da177e4
LT		 118static int padzero(unsigned long elf_bss)
119{
120 unsigned long nbyte;
121
122 nbyte = ELF_PAGEOFFSET(elf_bss);
123 if (nbyte) {
124 nbyte = ELF_MIN_ALIGN - nbyte;
125 if (clear_user((void __user *) elf_bss, nbyte))
126 return -EFAULT;
127 }
128 return 0;
129}
130
09c6dd3c 131/* Let's use some macros to make this stack manipulation a little clearer */
1da177e4
LT		 132#ifdef CONFIG_STACK_GROWSUP
133#define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
134#define STACK_ROUND(sp, items) \
135 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
f4e5cc2c
JJ		 136#define STACK_ALLOC(sp, len) ({ \
137 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
138 old_sp; })
1da177e4
LT		 139#else
140#define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
141#define STACK_ROUND(sp, items) \
142 (((unsigned long) (sp - items)) &~ 15UL)
143#define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
144#endif
145
483fad1c
NL		 146#ifndef ELF_BASE_PLATFORM
147/*
148 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
149 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
150 * will be copied to the user stack in the same manner as AT_PLATFORM.
151 */
152#define ELF_BASE_PLATFORM NULL
153#endif
154
1da177e4 155static int
f4e5cc2c 156create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
d20894a2 157 unsigned long load_addr, unsigned long interp_load_addr)
1da177e4
LT		 158{
159 unsigned long p = bprm->p;
160 int argc = bprm->argc;
161 int envc = bprm->envc;
162 elf_addr_t __user *argv;
163 elf_addr_t __user *envp;
164 elf_addr_t __user *sp;
165 elf_addr_t __user *u_platform;
483fad1c 166 elf_addr_t __user *u_base_platform;
f06295b4 167 elf_addr_t __user *u_rand_bytes;
1da177e4 168 const char *k_platform = ELF_PLATFORM;
483fad1c 169 const char *k_base_platform = ELF_BASE_PLATFORM;
f06295b4 170 unsigned char k_rand_bytes[16];
1da177e4
LT		 171 int items;
172 elf_addr_t *elf_info;
173 int ei_index = 0;
86a264ab 174 const struct cred *cred = current_cred();
b6a2fea3 175 struct vm_area_struct *vma;
1da177e4 176
d68c9d6a
FBH		 177 /*
178 * In some cases (e.g. Hyper-Threading), we want to avoid L1
179 * evictions by the processes running on the same package. One
180 * thing we can do is to shuffle the initial stack for them.
181 */
182
183 p = arch_align_stack(p);
184
1da177e4
LT		 185 /*
186 * If this architecture has a platform capability string, copy it
187 * to userspace. In some cases (Sparc), this info is impossible
188 * for userspace to get any other way, in others (i386) it is
189 * merely difficult.
190 */
1da177e4
LT		 191 u_platform = NULL;
192 if (k_platform) {
193 size_t len = strlen(k_platform) + 1;
194
1da177e4
LT		 195 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
196 if (__copy_to_user(u_platform, k_platform, len))
197 return -EFAULT;
198 }
199
483fad1c
NL		 200 /*
201 * If this architecture has a "base" platform capability
202 * string, copy it to userspace.
203 */
204 u_base_platform = NULL;
205 if (k_base_platform) {
206 size_t len = strlen(k_base_platform) + 1;
207
208 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
209 if (__copy_to_user(u_base_platform, k_base_platform, len))
210 return -EFAULT;
211 }
212
f06295b4
KC		 213 /*
214 * Generate 16 random bytes for userspace PRNG seeding.
215 */
216 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
217 u_rand_bytes = (elf_addr_t __user *)
218 STACK_ALLOC(p, sizeof(k_rand_bytes));
219 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
220 return -EFAULT;
221
1da177e4 222 /* Create the ELF interpreter info */
785d5570 223 elf_info = (elf_addr_t *)current->mm->saved_auxv;
4f9a58d7 224 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
1da177e4 225#define NEW_AUX_ENT(id, val) \
f4e5cc2c 226 do { \
785d5570
JJ		 227 elf_info[ei_index++] = id; \
228 elf_info[ei_index++] = val; \
f4e5cc2c 229 } while (0)
1da177e4
LT		 230
231#ifdef ARCH_DLINFO
232 /*
233 * ARCH_DLINFO must come first so PPC can do its special alignment of
234 * AUXV.
4f9a58d7
OH		 235 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
236 * ARCH_DLINFO changes
1da177e4
LT		 237 */
238 ARCH_DLINFO;
239#endif
240 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
241 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
242 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
243 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
f4e5cc2c 244 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
1da177e4
LT		 245 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
246 NEW_AUX_ENT(AT_BASE, interp_load_addr);
247 NEW_AUX_ENT(AT_FLAGS, 0);
248 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
ebc887b2
EB		 249 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
250 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
251 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
252 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
785d5570 253 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
f06295b4 254 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
2171364d
MN		 255#ifdef ELF_HWCAP2
256 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
257#endif
65191087 258 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
1da177e4 259 if (k_platform) {
f4e5cc2c 260 NEW_AUX_ENT(AT_PLATFORM,
785d5570 261 (elf_addr_t)(unsigned long)u_platform);
1da177e4 262 }
483fad1c
NL		 263 if (k_base_platform) {
264 NEW_AUX_ENT(AT_BASE_PLATFORM,
265 (elf_addr_t)(unsigned long)u_base_platform);
266 }
1da177e4 267 if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
785d5570 268 NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
1da177e4
LT		 269 }
270#undef NEW_AUX_ENT
271 /* AT_NULL is zero; clear the rest too */
272 memset(&elf_info[ei_index], 0,
273 sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
274
275 /* And advance past the AT_NULL entry. */
276 ei_index += 2;
277
278 sp = STACK_ADD(p, ei_index);
279
d20894a2 280 items = (argc + 1) + (envc + 1) + 1;
1da177e4
LT		 281 bprm->p = STACK_ROUND(sp, items);
282
283 /* Point sp at the lowest address on the stack */
284#ifdef CONFIG_STACK_GROWSUP
285 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
f4e5cc2c 286 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
1da177e4
LT		 287#else
288 sp = (elf_addr_t __user *)bprm->p;
289#endif
290
b6a2fea3
OW		 291
292 /*
293 * Grow the stack manually; some architectures have a limit on how
294 * far ahead a user-space access may be in order to grow the stack.
295 */
296 vma = find_extend_vma(current->mm, bprm->p);
297 if (!vma)
298 return -EFAULT;
299
1da177e4
LT		 300 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
301 if (__put_user(argc, sp++))
302 return -EFAULT;
d20894a2
AK		 303 argv = sp;
304 envp = argv + argc + 1;
1da177e4
LT		 305
306 /* Populate argv and envp */
a84a5059 307 p = current->mm->arg_end = current->mm->arg_start;
1da177e4
LT		 308 while (argc-- > 0) {
309 size_t len;
841d5fb7
HC		 310 if (__put_user((elf_addr_t)p, argv++))
311 return -EFAULT;
b6a2fea3
OW		 312 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
313 if (!len || len > MAX_ARG_STRLEN)
23c4971e 314 return -EINVAL;
1da177e4
LT		 315 p += len;
316 }
317 if (__put_user(0, argv))
318 return -EFAULT;
319 current->mm->arg_end = current->mm->env_start = p;
320 while (envc-- > 0) {
321 size_t len;
841d5fb7
HC		 322 if (__put_user((elf_addr_t)p, envp++))
323 return -EFAULT;
b6a2fea3
OW		 324 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
325 if (!len || len > MAX_ARG_STRLEN)
23c4971e 326 return -EINVAL;
1da177e4
LT		 327 p += len;
328 }
329 if (__put_user(0, envp))
330 return -EFAULT;
331 current->mm->env_end = p;
332
333 /* Put the elf_info on the stack in the right place. */
334 sp = (elf_addr_t __user *)envp + 1;
335 if (copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t)))
336 return -EFAULT;
337 return 0;
338}
339
c07380be
JH		 340#ifndef elf_map
341
1da177e4 342static unsigned long elf_map(struct file *filep, unsigned long addr,
cc503c1b
JK		 343 struct elf_phdr *eppnt, int prot, int type,
344 unsigned long total_size)
1da177e4
LT		 345{
346 unsigned long map_addr;
cc503c1b
JK		 347 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
348 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
349 addr = ELF_PAGESTART(addr);
350 size = ELF_PAGEALIGN(size);
1da177e4 351
dda6ebde
DG		 352 /* mmap() will return -EINVAL if given a zero size, but a
353 * segment with zero filesize is perfectly valid */
cc503c1b
JK		 354 if (!size)
355 return addr;
356
cc503c1b
JK		 357 /*
358 * total_size is the size of the ELF (interpreter) image.
359 * The _first_ mmap needs to know the full size, otherwise
360 * randomization might put this image into an overlapping
361 * position with the ELF binary image. (since size < total_size)
362 * So we first map the 'big' image - and unmap the remainder at
363 * the end. (which unmap is needed for ELF images with holes.)
364 */
365 if (total_size) {
366 total_size = ELF_PAGEALIGN(total_size);
5a5e4c2e 367 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
cc503c1b 368 if (!BAD_ADDR(map_addr))
5a5e4c2e 369 vm_munmap(map_addr+size, total_size-size);
cc503c1b 370 } else
5a5e4c2e 371 map_addr = vm_mmap(filep, addr, size, prot, type, off);
cc503c1b 372
1da177e4
LT		 373 return(map_addr);
374}
375
c07380be
JH		 376#endif /* !elf_map */
377
cc503c1b
JK		 378static unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
379{
380 int i, first_idx = -1, last_idx = -1;
381
382 for (i = 0; i < nr; i++) {
383 if (cmds[i].p_type == PT_LOAD) {
384 last_idx = i;
385 if (first_idx == -1)
386 first_idx = i;
387 }
388 }
389 if (first_idx == -1)
390 return 0;
391
392 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
393 ELF_PAGESTART(cmds[first_idx].p_vaddr);
394}
395
6a8d3894
PB		 396/**
397 * load_elf_phdrs() - load ELF program headers
398 * @elf_ex: ELF header of the binary whose program headers should be loaded
399 * @elf_file: the opened ELF binary file
400 *
401 * Loads ELF program headers from the binary file elf_file, which has the ELF
402 * header pointed to by elf_ex, into a newly allocated array. The caller is
403 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.
404 */
405static struct elf_phdr *load_elf_phdrs(struct elfhdr *elf_ex,
406 struct file *elf_file)
407{
408 struct elf_phdr *elf_phdata = NULL;
409 int retval, size, err = -1;
410
411 /*
412 * If the size of this structure has changed, then punt, since
413 * we will be doing the wrong thing.
414 */
415 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
416 goto out;
417
418 /* Sanity check the number of program headers... */
419 if (elf_ex->e_phnum < 1 ||
420 elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
421 goto out;
422
423 /* ...and their total size. */
424 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
425 if (size > ELF_MIN_ALIGN)
426 goto out;
427
428 elf_phdata = kmalloc(size, GFP_KERNEL);
429 if (!elf_phdata)
430 goto out;
431
432 /* Read in the program headers */
433 retval = kernel_read(elf_file, elf_ex->e_phoff,
434 (char *)elf_phdata, size);
435 if (retval != size) {
436 err = (retval < 0) ? retval : -EIO;
437 goto out;
438 }
439
440 /* Success! */
441 err = 0;
442out:
443 if (err) {
444 kfree(elf_phdata);
445 elf_phdata = NULL;
446 }
447 return elf_phdata;
448}
cc503c1b 449
774c105e
PB		 450#ifndef CONFIG_ARCH_BINFMT_ELF_STATE
451
452/**
453 * struct arch_elf_state - arch-specific ELF loading state
454 *
455 * This structure is used to preserve architecture specific data during
456 * the loading of an ELF file, throughout the checking of architecture
457 * specific ELF headers & through to the point where the ELF load is
458 * known to be proceeding (ie. SET_PERSONALITY).
459 *
460 * This implementation is a dummy for architectures which require no
461 * specific state.
462 */
463struct arch_elf_state {
464};
465
466#define INIT_ARCH_ELF_STATE {}
467
468/**
469 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
470 * @ehdr: The main ELF header
471 * @phdr: The program header to check
472 * @elf: The open ELF file
473 * @is_interp: True if the phdr is from the interpreter of the ELF being
474 * loaded, else false.
475 * @state: Architecture-specific state preserved throughout the process
476 * of loading the ELF.
477 *
478 * Inspects the program header phdr to validate its correctness and/or
479 * suitability for the system. Called once per ELF program header in the
480 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
481 * interpreter.
482 *
483 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
484 * with that return code.
485 */
486static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
487 struct elf_phdr *phdr,
488 struct file *elf, bool is_interp,
489 struct arch_elf_state *state)
490{
491 /* Dummy implementation, always proceed */
492 return 0;
493}
494
495/**
54d15714 496 * arch_check_elf() - check an ELF executable
774c105e
PB		 497 * @ehdr: The main ELF header
498 * @has_interp: True if the ELF has an interpreter, else false.
eb4bc076 499 * @interp_ehdr: The interpreter's ELF header
774c105e
PB		 500 * @state: Architecture-specific state preserved throughout the process
501 * of loading the ELF.
502 *
503 * Provides a final opportunity for architecture code to reject the loading
504 * of the ELF & cause an exec syscall to return an error. This is called after
505 * all program headers to be checked by arch_elf_pt_proc have been.
506 *
507 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
508 * with that return code.
509 */
510static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
eb4bc076 511 struct elfhdr *interp_ehdr,
774c105e
PB		 512 struct arch_elf_state *state)
513{
514 /* Dummy implementation, always proceed */
515 return 0;
516}
517
518#endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
cc503c1b 519
1da177e4
LT		 520/* This is much more generalized than the library routine read function,
521 so we keep this separate. Technically the library read function
522 is only provided so that we can read a.out libraries that have
523 an ELF header */
524
f4e5cc2c 525static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
cc503c1b 526 struct file *interpreter, unsigned long *interp_map_addr,
a9d9ef13 527 unsigned long no_base, struct elf_phdr *interp_elf_phdata)
1da177e4 528{
1da177e4
LT		 529 struct elf_phdr *eppnt;
530 unsigned long load_addr = 0;
531 int load_addr_set = 0;
532 unsigned long last_bss = 0, elf_bss = 0;
16e72e9b 533 int bss_prot = 0;
1da177e4 534 unsigned long error = ~0UL;
cc503c1b 535 unsigned long total_size;
6a8d3894 536 int i;
1da177e4
LT		 537
538 /* First of all, some simple consistency checks */
539 if (interp_elf_ex->e_type != ET_EXEC &&
540 interp_elf_ex->e_type != ET_DYN)
541 goto out;
542 if (!elf_check_arch(interp_elf_ex))
543 goto out;
72c2d531 544 if (!interpreter->f_op->mmap)
1da177e4
LT		 545 goto out;
546
a9d9ef13
PB		 547 total_size = total_mapping_size(interp_elf_phdata,
548 interp_elf_ex->e_phnum);
cc503c1b
JK		 549 if (!total_size) {
550 error = -EINVAL;
a9d9ef13 551 goto out;
cc503c1b
JK		 552 }
553
a9d9ef13 554 eppnt = interp_elf_phdata;
f4e5cc2c
JJ		 555 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
556 if (eppnt->p_type == PT_LOAD) {
557 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
558 int elf_prot = 0;
559 unsigned long vaddr = 0;
560 unsigned long k, map_addr;
561
562 if (eppnt->p_flags & PF_R)
563 elf_prot = PROT_READ;
564 if (eppnt->p_flags & PF_W)
565 elf_prot |= PROT_WRITE;
566 if (eppnt->p_flags & PF_X)
567 elf_prot |= PROT_EXEC;
568 vaddr = eppnt->p_vaddr;
569 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
570 elf_type |= MAP_FIXED;
cc503c1b
JK		 571 else if (no_base && interp_elf_ex->e_type == ET_DYN)
572 load_addr = -vaddr;
f4e5cc2c
JJ		 573
574 map_addr = elf_map(interpreter, load_addr + vaddr,
bb1ad820 575 eppnt, elf_prot, elf_type, total_size);
cc503c1b
JK		 576 total_size = 0;
577 if (!*interp_map_addr)
578 *interp_map_addr = map_addr;
f4e5cc2c
JJ		 579 error = map_addr;
580 if (BAD_ADDR(map_addr))
a9d9ef13 581 goto out;
f4e5cc2c
JJ		 582
583 if (!load_addr_set &&
584 interp_elf_ex->e_type == ET_DYN) {
585 load_addr = map_addr - ELF_PAGESTART(vaddr);
586 load_addr_set = 1;
587 }
588
589 /*
590 * Check to see if the section's size will overflow the
591 * allowed task size. Note that p_filesz must always be
592 * <= p_memsize so it's only necessary to check p_memsz.
593 */
594 k = load_addr + eppnt->p_vaddr;
ce51059b 595 if (BAD_ADDR(k) ||
f4e5cc2c
JJ		 596 eppnt->p_filesz > eppnt->p_memsz ||
597 eppnt->p_memsz > TASK_SIZE ||
598 TASK_SIZE - eppnt->p_memsz < k) {
599 error = -ENOMEM;
a9d9ef13 600 goto out;
f4e5cc2c
JJ		 601 }
602
603 /*
604 * Find the end of the file mapping for this phdr, and
605 * keep track of the largest address we see for this.
606 */
607 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
608 if (k > elf_bss)
609 elf_bss = k;
610
611 /*
612 * Do the same thing for the memory mapping - between
613 * elf_bss and last_bss is the bss section.
614 */
0036d1f7 615 k = load_addr + eppnt->p_vaddr + eppnt->p_memsz;
16e72e9b 616 if (k > last_bss) {
f4e5cc2c 617 last_bss = k;
16e72e9b
DV		 618 bss_prot = elf_prot;
619 }
f4e5cc2c 620 }
1da177e4
LT		 621 }
622
0036d1f7
KC		 623 /*
624 * Now fill out the bss section: first pad the last page from
625 * the file up to the page boundary, and zero it from elf_bss
626 * up to the end of the page.
627 */
628 if (padzero(elf_bss)) {
629 error = -EFAULT;
630 goto out;
631 }
632 /*
633 * Next, align both the file and mem bss up to the page size,
634 * since this is where elf_bss was just zeroed up to, and where
16e72e9b 635 * last_bss will end after the vm_brk_flags() below.
0036d1f7
KC		 636 */
637 elf_bss = ELF_PAGEALIGN(elf_bss);
638 last_bss = ELF_PAGEALIGN(last_bss);
639 /* Finally, if there is still more bss to allocate, do it. */
752015d1 640 if (last_bss > elf_bss) {
16e72e9b
DV		 641 error = vm_brk_flags(elf_bss, last_bss - elf_bss,
642 bss_prot & PROT_EXEC ? VM_EXEC : 0);
5d22fc25 643 if (error)
a9d9ef13 644 goto out;
1da177e4
LT		 645 }
646
cc503c1b 647 error = load_addr;
1da177e4
LT		 648out:
649 return error;
650}
651
1da177e4
LT		 652/*
653 * These are the functions used to load ELF style executables and shared
654 * libraries. There is no binary dependent code anywhere else.
655 */
656
913bd906 657#ifndef STACK_RND_MASK
d1cabd63 658#define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
913bd906 659#endif
1da177e4
LT		 660
661static unsigned long randomize_stack_top(unsigned long stack_top)
662{
4e7c22d4 663 unsigned long random_variable = 0;
1da177e4 664
c16b63e0
AK		 665 if ((current->flags & PF_RANDOMIZE) &&
666 !(current->personality & ADDR_NO_RANDOMIZE)) {
5ef11c35 667 random_variable = get_random_long();
4e7c22d4 668 random_variable &= STACK_RND_MASK;
913bd906
AK		 669 random_variable <<= PAGE_SHIFT;
670 }
1da177e4 671#ifdef CONFIG_STACK_GROWSUP
913bd906 672 return PAGE_ALIGN(stack_top) + random_variable;
1da177e4 673#else
913bd906 674 return PAGE_ALIGN(stack_top) - random_variable;
1da177e4
LT		 675#endif
676}
677
71613c3b 678static int load_elf_binary(struct linux_binprm *bprm)
1da177e4
LT		 679{
680 struct file *interpreter = NULL; /* to shut gcc up */
681 unsigned long load_addr = 0, load_bias = 0;
682 int load_addr_set = 0;
683 char * elf_interpreter = NULL;
1da177e4 684 unsigned long error;
a9d9ef13 685 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
1da177e4 686 unsigned long elf_bss, elf_brk;
16e72e9b 687 int bss_prot = 0;
1da177e4 688 int retval, i;
cc503c1b
JK		 689 unsigned long elf_entry;
690 unsigned long interp_load_addr = 0;
1da177e4 691 unsigned long start_code, end_code, start_data, end_data;
1a530a6f 692 unsigned long reloc_func_desc __maybe_unused = 0;
8de61e69 693 int executable_stack = EXSTACK_DEFAULT;
71613c3b 694 struct pt_regs *regs = current_pt_regs();
1da177e4
LT		 695 struct {
696 struct elfhdr elf_ex;
697 struct elfhdr interp_elf_ex;
1da177e4 698 } *loc;
774c105e 699 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
1da177e4
LT		 700
701 loc = kmalloc(sizeof(*loc), GFP_KERNEL);
702 if (!loc) {
703 retval = -ENOMEM;
704 goto out_ret;
705 }
706
707 /* Get the exec-header */
f4e5cc2c 708 loc->elf_ex = *((struct elfhdr *)bprm->buf);
1da177e4
LT		 709
710 retval = -ENOEXEC;
711 /* First of all, some simple consistency checks */
712 if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
713 goto out;
714
715 if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
716 goto out;
717 if (!elf_check_arch(&loc->elf_ex))
718 goto out;
72c2d531 719 if (!bprm->file->f_op->mmap)
1da177e4
LT		 720 goto out;
721
6a8d3894 722 elf_phdata = load_elf_phdrs(&loc->elf_ex, bprm->file);
1da177e4
LT		 723 if (!elf_phdata)
724 goto out;
725
1da177e4
LT		 726 elf_ppnt = elf_phdata;
727 elf_bss = 0;
728 elf_brk = 0;
729
730 start_code = ~0UL;
731 end_code = 0;
732 start_data = 0;
733 end_data = 0;
734
735 for (i = 0; i < loc->elf_ex.e_phnum; i++) {
736 if (elf_ppnt->p_type == PT_INTERP) {
737 /* This is the program interpreter used for
738 * shared libraries - for now assume that this
739 * is an a.out format binary
740 */
1da177e4
LT		 741 retval = -ENOEXEC;
742 if (elf_ppnt->p_filesz > PATH_MAX ||
743 elf_ppnt->p_filesz < 2)
e7b9b550 744 goto out_free_ph;
1da177e4
LT		 745
746 retval = -ENOMEM;
792db3af 747 elf_interpreter = kmalloc(elf_ppnt->p_filesz,
f4e5cc2c 748 GFP_KERNEL);
1da177e4 749 if (!elf_interpreter)
e7b9b550 750 goto out_free_ph;
1da177e4
LT		 751
752 retval = kernel_read(bprm->file, elf_ppnt->p_offset,
f4e5cc2c
JJ		 753 elf_interpreter,
754 elf_ppnt->p_filesz);
1da177e4
LT		 755 if (retval != elf_ppnt->p_filesz) {
756 if (retval >= 0)
757 retval = -EIO;
758 goto out_free_interp;
759 }
760 /* make sure path is NULL terminated */
761 retval = -ENOEXEC;
762 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
763 goto out_free_interp;
764
1da177e4
LT		 765 interpreter = open_exec(elf_interpreter);
766 retval = PTR_ERR(interpreter);
767 if (IS_ERR(interpreter))
768 goto out_free_interp;
1fb84496
AD		 769
770 /*
771 * If the binary is not readable then enforce
772 * mm->dumpable = 0 regardless of the interpreter's
773 * permissions.
774 */
1b5d783c 775 would_dump(bprm, interpreter);
1fb84496 776
b582ef5c
MR		 777 /* Get the exec headers */
778 retval = kernel_read(interpreter, 0,
779 (void *)&loc->interp_elf_ex,
780 sizeof(loc->interp_elf_ex));
781 if (retval != sizeof(loc->interp_elf_ex)) {
1da177e4
LT		 782 if (retval >= 0)
783 retval = -EIO;
784 goto out_free_dentry;
785 }
786
1da177e4
LT		 787 break;
788 }
789 elf_ppnt++;
790 }
791
792 elf_ppnt = elf_phdata;
793 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
774c105e
PB		 794 switch (elf_ppnt->p_type) {
795 case PT_GNU_STACK:
1da177e4
LT		 796 if (elf_ppnt->p_flags & PF_X)
797 executable_stack = EXSTACK_ENABLE_X;
798 else
799 executable_stack = EXSTACK_DISABLE_X;
800 break;
774c105e
PB		 801
802 case PT_LOPROC ... PT_HIPROC:
803 retval = arch_elf_pt_proc(&loc->elf_ex, elf_ppnt,
804 bprm->file, false,
805 &arch_state);
806 if (retval)
807 goto out_free_dentry;
808 break;
1da177e4 809 }
1da177e4
LT		 810
811 /* Some simple consistency checks for the interpreter */
812 if (elf_interpreter) {
1da177e4 813 retval = -ELIBBAD;
d20894a2
AK		 814 /* Not an ELF interpreter */
815 if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1da177e4 816 goto out_free_dentry;
1da177e4 817 /* Verify the interpreter has a valid arch */
d20894a2 818 if (!elf_check_arch(&loc->interp_elf_ex))
1da177e4 819 goto out_free_dentry;
a9d9ef13
PB		 820
821 /* Load the interpreter program headers */
822 interp_elf_phdata = load_elf_phdrs(&loc->interp_elf_ex,
823 interpreter);
824 if (!interp_elf_phdata)
825 goto out_free_dentry;
774c105e
PB		 826
827 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
828 elf_ppnt = interp_elf_phdata;
829 for (i = 0; i < loc->interp_elf_ex.e_phnum; i++, elf_ppnt++)
830 switch (elf_ppnt->p_type) {
831 case PT_LOPROC ... PT_HIPROC:
832 retval = arch_elf_pt_proc(&loc->interp_elf_ex,
833 elf_ppnt, interpreter,
834 true, &arch_state);
835 if (retval)
836 goto out_free_dentry;
837 break;
838 }
1da177e4
LT		 839 }
840
774c105e
PB		 841 /*
842 * Allow arch code to reject the ELF at this point, whilst it's
843 * still possible to return an error to the code that invoked
844 * the exec syscall.
845 */
eb4bc076
MR		 846 retval = arch_check_elf(&loc->elf_ex,
847 !!interpreter, &loc->interp_elf_ex,
848 &arch_state);
774c105e
PB		 849 if (retval)
850 goto out_free_dentry;
851
1da177e4
LT		 852 /* Flush all traces of the currently running executable */
853 retval = flush_old_exec(bprm);
854 if (retval)
855 goto out_free_dentry;
856
1da177e4
LT		 857 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
858 may depend on the personality. */
774c105e 859 SET_PERSONALITY2(loc->elf_ex, &arch_state);
1da177e4
LT		 860 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
861 current->personality |= READ_IMPLIES_EXEC;
862
f4e5cc2c 863 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
1da177e4 864 current->flags |= PF_RANDOMIZE;
221af7f8
LT		 865
866 setup_new_exec(bprm);
9f834ec1 867 install_exec_creds(bprm);
1da177e4
LT		 868
869 /* Do this so that we can load the interpreter, if need be. We will
870 change some of these later */
1da177e4
LT		 871 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
872 executable_stack);
19d860a1 873 if (retval < 0)
1da177e4 874 goto out_free_dentry;
1da177e4 875
1da177e4
LT		 876 current->mm->start_stack = bprm->p;
877
af901ca1 878 /* Now we do a little grungy work by mmapping the ELF image into
cc503c1b 879 the correct location in memory. */
f4e5cc2c
JJ		 880 for(i = 0, elf_ppnt = elf_phdata;
881 i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
1da177e4
LT		 882 int elf_prot = 0, elf_flags;
883 unsigned long k, vaddr;
a87938b2 884 unsigned long total_size = 0;
1da177e4
LT		 885
886 if (elf_ppnt->p_type != PT_LOAD)
887 continue;
888
889 if (unlikely (elf_brk > elf_bss)) {
890 unsigned long nbyte;
891
892 /* There was a PT_LOAD segment with p_memsz > p_filesz
893 before this one. Map anonymous pages, if needed,
894 and clear the area. */
f670d0ec 895 retval = set_brk(elf_bss + load_bias,
16e72e9b
DV		 896 elf_brk + load_bias,
897 bss_prot);
19d860a1 898 if (retval)
1da177e4 899 goto out_free_dentry;
1da177e4
LT		 900 nbyte = ELF_PAGEOFFSET(elf_bss);
901 if (nbyte) {
902 nbyte = ELF_MIN_ALIGN - nbyte;
903 if (nbyte > elf_brk - elf_bss)
904 nbyte = elf_brk - elf_bss;
905 if (clear_user((void __user *)elf_bss +
906 load_bias, nbyte)) {
907 /*
908 * This bss-zeroing can fail if the ELF
f4e5cc2c 909 * file specifies odd protections. So
1da177e4
LT		 910 * we don't check the return value
911 */
912 }
913 }
914 }
915
f4e5cc2c
JJ		 916 if (elf_ppnt->p_flags & PF_R)
917 elf_prot |= PROT_READ;
918 if (elf_ppnt->p_flags & PF_W)
919 elf_prot |= PROT_WRITE;
920 if (elf_ppnt->p_flags & PF_X)
921 elf_prot |= PROT_EXEC;
1da177e4 922
f4e5cc2c 923 elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
1da177e4
LT		 924
925 vaddr = elf_ppnt->p_vaddr;
926 if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
927 elf_flags |= MAP_FIXED;
928 } else if (loc->elf_ex.e_type == ET_DYN) {
f4e5cc2c
JJ		 929 /* Try and get dynamic programs out of the way of the
930 * default mmap base, as well as whatever program they
931 * might try to exec. This is because the brk will
932 * follow the loader, and is not movable. */
d1fd836d 933 load_bias = ELF_ET_DYN_BASE - vaddr;
a3defbe5 934 if (current->flags & PF_RANDOMIZE)
d1fd836d
KC		 935 load_bias += arch_mmap_rnd();
936 load_bias = ELF_PAGESTART(load_bias);
a87938b2
MD		 937 total_size = total_mapping_size(elf_phdata,
938 loc->elf_ex.e_phnum);
939 if (!total_size) {
2b1d3ae9 940 retval = -EINVAL;
a87938b2
MD		 941 goto out_free_dentry;
942 }
1da177e4
LT		 943 }
944
f4e5cc2c 945 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
a87938b2 946 elf_prot, elf_flags, total_size);
1da177e4 947 if (BAD_ADDR(error)) {
b140f251
AK		 948 retval = IS_ERR((void *)error) ?
949 PTR_ERR((void*)error) : -EINVAL;
1da177e4
LT		 950 goto out_free_dentry;
951 }
952
953 if (!load_addr_set) {
954 load_addr_set = 1;
955 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
956 if (loc->elf_ex.e_type == ET_DYN) {
957 load_bias += error -
958 ELF_PAGESTART(load_bias + vaddr);
959 load_addr += load_bias;
960 reloc_func_desc = load_bias;
961 }
962 }
963 k = elf_ppnt->p_vaddr;
f4e5cc2c
JJ		 964 if (k < start_code)
965 start_code = k;
966 if (start_data < k)
967 start_data = k;
1da177e4
LT		 968
969 /*
970 * Check to see if the section's size will overflow the
971 * allowed task size. Note that p_filesz must always be
972 * <= p_memsz so it is only necessary to check p_memsz.
973 */
ce51059b 974 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
1da177e4
LT		 975 elf_ppnt->p_memsz > TASK_SIZE ||
976 TASK_SIZE - elf_ppnt->p_memsz < k) {
f4e5cc2c 977 /* set_brk can never work. Avoid overflows. */
b140f251 978 retval = -EINVAL;
1da177e4
LT		 979 goto out_free_dentry;
980 }
981
982 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
983
984 if (k > elf_bss)
985 elf_bss = k;
986 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
987 end_code = k;
988 if (end_data < k)
989 end_data = k;
990 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
16e72e9b
DV		 991 if (k > elf_brk) {
992 bss_prot = elf_prot;
1da177e4 993 elf_brk = k;
16e72e9b 994 }
1da177e4
LT		 995 }
996
997 loc->elf_ex.e_entry += load_bias;
998 elf_bss += load_bias;
999 elf_brk += load_bias;
1000 start_code += load_bias;
1001 end_code += load_bias;
1002 start_data += load_bias;
1003 end_data += load_bias;
1004
1005 /* Calling set_brk effectively mmaps the pages that we need
1006 * for the bss and break sections. We must do this before
1007 * mapping in the interpreter, to make sure it doesn't wind
1008 * up getting placed where the bss needs to go.
1009 */
16e72e9b 1010 retval = set_brk(elf_bss, elf_brk, bss_prot);
19d860a1 1011 if (retval)
1da177e4 1012 goto out_free_dentry;
6de50517 1013 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
1da177e4
LT		 1014 retval = -EFAULT; /* Nobody gets to see this, but.. */
1015 goto out_free_dentry;
1016 }
1017
1018 if (elf_interpreter) {
6eec482f 1019 unsigned long interp_map_addr = 0;
d20894a2
AK		 1020
1021 elf_entry = load_elf_interp(&loc->interp_elf_ex,
1022 interpreter,
1023 &interp_map_addr,
a9d9ef13 1024 load_bias, interp_elf_phdata);
d20894a2
AK		 1025 if (!IS_ERR((void *)elf_entry)) {
1026 /*
1027 * load_elf_interp() returns relocation
1028 * adjustment
1029 */
1030 interp_load_addr = elf_entry;
1031 elf_entry += loc->interp_elf_ex.e_entry;
cc503c1b 1032 }
1da177e4 1033 if (BAD_ADDR(elf_entry)) {
ce51059b
CE		 1034 retval = IS_ERR((void *)elf_entry) ?
1035 (int)elf_entry : -EINVAL;
1da177e4
LT		 1036 goto out_free_dentry;
1037 }
1038 reloc_func_desc = interp_load_addr;
1039
1040 allow_write_access(interpreter);
1041 fput(interpreter);
1042 kfree(elf_interpreter);
1043 } else {
1044 elf_entry = loc->elf_ex.e_entry;
5342fba5 1045 if (BAD_ADDR(elf_entry)) {
ce51059b 1046 retval = -EINVAL;
5342fba5
SS		 1047 goto out_free_dentry;
1048 }
1da177e4
LT		 1049 }
1050
774c105e 1051 kfree(interp_elf_phdata);
1da177e4
LT		 1052 kfree(elf_phdata);
1053
1da177e4
LT		 1054 set_binfmt(&elf_format);
1055
547ee84c 1056#ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
fc5243d9 1057 retval = arch_setup_additional_pages(bprm, !!elf_interpreter);
19d860a1 1058 if (retval < 0)
18c8baff 1059 goto out;
547ee84c
BH		 1060#endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1061
b6a2fea3 1062 retval = create_elf_tables(bprm, &loc->elf_ex,
f4e5cc2c 1063 load_addr, interp_load_addr);
19d860a1 1064 if (retval < 0)
b6a2fea3 1065 goto out;
1da177e4 1066 /* N.B. passed_fileno might not be initialized? */
1da177e4
LT		 1067 current->mm->end_code = end_code;
1068 current->mm->start_code = start_code;
1069 current->mm->start_data = start_data;
1070 current->mm->end_data = end_data;
1071 current->mm->start_stack = bprm->p;
1072
4471a675 1073 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
c1d171a0
JK		 1074 current->mm->brk = current->mm->start_brk =
1075 arch_randomize_brk(current->mm);
204db6ed 1076#ifdef compat_brk_randomized
4471a675
JK		 1077 current->brk_randomized = 1;
1078#endif
1079 }
c1d171a0 1080
1da177e4
LT		 1081 if (current->personality & MMAP_PAGE_ZERO) {
1082 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1083 and some applications "depend" upon this behavior.
1084 Since we do not have the power to recompile these, we
f4e5cc2c 1085 emulate the SVr4 behavior. Sigh. */
6be5ceb0 1086 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1da177e4 1087 MAP_FIXED | MAP_PRIVATE, 0);
1da177e4
LT		 1088 }
1089
1090#ifdef ELF_PLAT_INIT
1091 /*
1092 * The ABI may specify that certain registers be set up in special
1093 * ways (on i386 %edx is the address of a DT_FINI function, for
1094 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1095 * that the e_entry field is the address of the function descriptor
1096 * for the startup routine, rather than the address of the startup
1097 * routine itself. This macro performs whatever initialization to
1098 * the regs structure is required as well as any relocations to the
1099 * function descriptor entries when executing dynamically links apps.
1100 */
1101 ELF_PLAT_INIT(regs, reloc_func_desc);
1102#endif
1103
1104 start_thread(regs, elf_entry, bprm->p);
1da177e4
LT		 1105 retval = 0;
1106out:
1107 kfree(loc);
1108out_ret:
1109 return retval;
1110
1111 /* error cleanup */
1112out_free_dentry:
a9d9ef13 1113 kfree(interp_elf_phdata);
1da177e4
LT		 1114 allow_write_access(interpreter);
1115 if (interpreter)
1116 fput(interpreter);
1117out_free_interp:
f99d49ad 1118 kfree(elf_interpreter);
1da177e4
LT		 1119out_free_ph:
1120 kfree(elf_phdata);
1121 goto out;
1122}
1123
69369a70 1124#ifdef CONFIG_USELIB
1da177e4
LT		 1125/* This is really simpleminded and specialized - we are loading an
1126 a.out library that is given an ELF header. */
1da177e4
LT		 1127static int load_elf_library(struct file *file)
1128{
1129 struct elf_phdr *elf_phdata;
1130 struct elf_phdr *eppnt;
1131 unsigned long elf_bss, bss, len;
1132 int retval, error, i, j;
1133 struct elfhdr elf_ex;
1134
1135 error = -ENOEXEC;
f4e5cc2c 1136 retval = kernel_read(file, 0, (char *)&elf_ex, sizeof(elf_ex));
1da177e4
LT		 1137 if (retval != sizeof(elf_ex))
1138 goto out;
1139
1140 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1141 goto out;
1142
1143 /* First of all, some simple consistency checks */
1144 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
72c2d531 1145 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1da177e4
LT		 1146 goto out;
1147
1148 /* Now read in all of the header information */
1149
1150 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1151 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1152
1153 error = -ENOMEM;
1154 elf_phdata = kmalloc(j, GFP_KERNEL);
1155 if (!elf_phdata)
1156 goto out;
1157
1158 eppnt = elf_phdata;
1159 error = -ENOEXEC;
1160 retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
1161 if (retval != j)
1162 goto out_free_ph;
1163
1164 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1165 if ((eppnt + i)->p_type == PT_LOAD)
1166 j++;
1167 if (j != 1)
1168 goto out_free_ph;
1169
1170 while (eppnt->p_type != PT_LOAD)
1171 eppnt++;
1172
1173 /* Now use mmap to map the library into memory. */
6be5ceb0 1174 error = vm_mmap(file,
1da177e4
LT		 1175 ELF_PAGESTART(eppnt->p_vaddr),
1176 (eppnt->p_filesz +
1177 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1178 PROT_READ | PROT_WRITE | PROT_EXEC,
1179 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
1180 (eppnt->p_offset -
1181 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1da177e4
LT		 1182 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1183 goto out_free_ph;
1184
1185 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1186 if (padzero(elf_bss)) {
1187 error = -EFAULT;
1188 goto out_free_ph;
1189 }
1190
f4e5cc2c
JJ		 1191 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
1192 ELF_MIN_ALIGN - 1);
1da177e4 1193 bss = eppnt->p_memsz + eppnt->p_vaddr;
ecc2bc8a
MH		 1194 if (bss > len) {
1195 error = vm_brk(len, bss - len);
5d22fc25 1196 if (error)
ecc2bc8a
MH		 1197 goto out_free_ph;
1198 }
1da177e4
LT		 1199 error = 0;
1200
1201out_free_ph:
1202 kfree(elf_phdata);
1203out:
1204 return error;
1205}
69369a70 1206#endif /* #ifdef CONFIG_USELIB */
1da177e4 1207
698ba7b5 1208#ifdef CONFIG_ELF_CORE
1da177e4
LT		 1209/*
1210 * ELF core dumper
1211 *
1212 * Modelled on fs/exec.c:aout_core_dump()
1213 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1214 */
1da177e4 1215
909af768
JB		 1216/*
1217 * The purpose of always_dump_vma() is to make sure that special kernel mappings
1218 * that are useful for post-mortem analysis are included in every core dump.
1219 * In that way we ensure that the core dump is fully interpretable later
1220 * without matching up the same kernel and hardware config to see what PC values
1221 * meant. These special mappings include - vDSO, vsyscall, and other
1222 * architecture specific mappings
1223 */
1224static bool always_dump_vma(struct vm_area_struct *vma)
1225{
1226 /* Any vsyscall mappings? */
1227 if (vma == get_gate_vma(vma->vm_mm))
1228 return true;
78d683e8
AL		 1229
1230 /*
1231 * Assume that all vmas with a .name op should always be dumped.
1232 * If this changes, a new vm_ops field can easily be added.
1233 */
1234 if (vma->vm_ops && vma->vm_ops->name && vma->vm_ops->name(vma))
1235 return true;
1236
909af768
JB		 1237 /*
1238 * arch_vma_name() returns non-NULL for special architecture mappings,
1239 * such as vDSO sections.
1240 */
1241 if (arch_vma_name(vma))
1242 return true;
1243
1244 return false;
1245}
1246
1da177e4 1247/*
82df3973 1248 * Decide what to dump of a segment, part, all or none.
1da177e4 1249 */
82df3973
RM		 1250static unsigned long vma_dump_size(struct vm_area_struct *vma,
1251 unsigned long mm_flags)
1da177e4 1252{
e575f111
KM		 1253#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
1254
909af768
JB		 1255 /* always dump the vdso and vsyscall sections */
1256 if (always_dump_vma(vma))
82df3973 1257 goto whole;
e5b97dde 1258
0103bd16 1259 if (vma->vm_flags & VM_DONTDUMP)
accb61fe
JB		 1260 return 0;
1261
5037835c
RZ		 1262 /* support for DAX */
1263 if (vma_is_dax(vma)) {
1264 if ((vma->vm_flags & VM_SHARED) && FILTER(DAX_SHARED))
1265 goto whole;
1266 if (!(vma->vm_flags & VM_SHARED) && FILTER(DAX_PRIVATE))
1267 goto whole;
1268 return 0;
1269 }
1270
e575f111
KM		 1271 /* Hugetlb memory check */
1272 if (vma->vm_flags & VM_HUGETLB) {
1273 if ((vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_SHARED))
1274 goto whole;
1275 if (!(vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_PRIVATE))
1276 goto whole;
23d9e482 1277 return 0;
e575f111
KM		 1278 }
1279
1da177e4 1280 /* Do not dump I/O mapped devices or special mappings */
314e51b9 1281 if (vma->vm_flags & VM_IO)
1da177e4
LT		 1282 return 0;
1283
a1b59e80
KH		 1284 /* By default, dump shared memory if mapped from an anonymous file. */
1285 if (vma->vm_flags & VM_SHARED) {
496ad9aa 1286 if (file_inode(vma->vm_file)->i_nlink == 0 ?
82df3973
RM		 1287 FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
1288 goto whole;
1289 return 0;
a1b59e80 1290 }
1da177e4 1291
82df3973
RM		 1292 /* Dump segments that have been written to. */
1293 if (vma->anon_vma && FILTER(ANON_PRIVATE))
1294 goto whole;
1295 if (vma->vm_file == NULL)
1296 return 0;
1da177e4 1297
82df3973
RM		 1298 if (FILTER(MAPPED_PRIVATE))
1299 goto whole;
1300
1301 /*
1302 * If this looks like the beginning of a DSO or executable mapping,
1303 * check for an ELF header. If we find one, dump the first page to
1304 * aid in determining what was mapped here.
1305 */
92dc07b1
RM		 1306 if (FILTER(ELF_HEADERS) &&
1307 vma->vm_pgoff == 0 && (vma->vm_flags & VM_READ)) {
82df3973
RM		 1308 u32 __user *header = (u32 __user *) vma->vm_start;
1309 u32 word;
92dc07b1 1310 mm_segment_t fs = get_fs();
82df3973
RM		 1311 /*
1312 * Doing it this way gets the constant folded by GCC.
1313 */
1314 union {
1315 u32 cmp;
1316 char elfmag[SELFMAG];
1317 } magic;
1318 BUILD_BUG_ON(SELFMAG != sizeof word);
1319 magic.elfmag[EI_MAG0] = ELFMAG0;
1320 magic.elfmag[EI_MAG1] = ELFMAG1;
1321 magic.elfmag[EI_MAG2] = ELFMAG2;
1322 magic.elfmag[EI_MAG3] = ELFMAG3;
92dc07b1
RM		 1323 /*
1324 * Switch to the user "segment" for get_user(),
1325 * then put back what elf_core_dump() had in place.
1326 */
1327 set_fs(USER_DS);
1328 if (unlikely(get_user(word, header)))
1329 word = 0;
1330 set_fs(fs);
1331 if (word == magic.cmp)
82df3973
RM		 1332 return PAGE_SIZE;
1333 }
1334
1335#undef FILTER
1336
1337 return 0;
1338
1339whole:
1340 return vma->vm_end - vma->vm_start;
1da177e4
LT		 1341}
1342
1da177e4
LT		 1343/* An ELF note in memory */
1344struct memelfnote
1345{
1346 const char *name;
1347 int type;
1348 unsigned int datasz;
1349 void *data;
1350};
1351
1352static int notesize(struct memelfnote *en)
1353{
1354 int sz;
1355
1356 sz = sizeof(struct elf_note);
1357 sz += roundup(strlen(en->name) + 1, 4);
1358 sz += roundup(en->datasz, 4);
1359
1360 return sz;
1361}
1362
ecc8c772 1363static int writenote(struct memelfnote *men, struct coredump_params *cprm)
d025c9db
AK		 1364{
1365 struct elf_note en;
1da177e4
LT		 1366 en.n_namesz = strlen(men->name) + 1;
1367 en.n_descsz = men->datasz;
1368 en.n_type = men->type;
1369
ecc8c772 1370 return dump_emit(cprm, &en, sizeof(en)) &&
22a8cb82
AV		 1371 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1372 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1da177e4 1373}
1da177e4 1374
3aba481f 1375static void fill_elf_header(struct elfhdr *elf, int segs,
d3330cf0 1376 u16 machine, u32 flags)
1da177e4 1377{
6970c8ef
CG		 1378 memset(elf, 0, sizeof(*elf));
1379
1da177e4
LT		 1380 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1381 elf->e_ident[EI_CLASS] = ELF_CLASS;
1382 elf->e_ident[EI_DATA] = ELF_DATA;
1383 elf->e_ident[EI_VERSION] = EV_CURRENT;
1384 elf->e_ident[EI_OSABI] = ELF_OSABI;
1da177e4
LT		 1385
1386 elf->e_type = ET_CORE;
3aba481f 1387 elf->e_machine = machine;
1da177e4 1388 elf->e_version = EV_CURRENT;
1da177e4 1389 elf->e_phoff = sizeof(struct elfhdr);
3aba481f 1390 elf->e_flags = flags;
1da177e4
LT		 1391 elf->e_ehsize = sizeof(struct elfhdr);
1392 elf->e_phentsize = sizeof(struct elf_phdr);
1393 elf->e_phnum = segs;
6970c8ef 1394
1da177e4
LT		 1395 return;
1396}
1397
8d6b5eee 1398static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1da177e4
LT		 1399{
1400 phdr->p_type = PT_NOTE;
1401 phdr->p_offset = offset;
1402 phdr->p_vaddr = 0;
1403 phdr->p_paddr = 0;
1404 phdr->p_filesz = sz;
1405 phdr->p_memsz = 0;
1406 phdr->p_flags = 0;
1407 phdr->p_align = 0;
1408 return;
1409}
1410
1411static void fill_note(struct memelfnote *note, const char *name, int type,
1412 unsigned int sz, void *data)
1413{
1414 note->name = name;
1415 note->type = type;
1416 note->datasz = sz;
1417 note->data = data;
1418 return;
1419}
1420
1421/*
f4e5cc2c
JJ		 1422 * fill up all the fields in prstatus from the given task struct, except
1423 * registers which need to be filled up separately.
1da177e4
LT		 1424 */
1425static void fill_prstatus(struct elf_prstatus *prstatus,
f4e5cc2c 1426 struct task_struct *p, long signr)
1da177e4
LT		 1427{
1428 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1429 prstatus->pr_sigpend = p->pending.signal.sig[0];
1430 prstatus->pr_sighold = p->blocked.sig[0];
3b34fc58
ON		 1431 rcu_read_lock();
1432 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1433 rcu_read_unlock();
b488893a 1434 prstatus->pr_pid = task_pid_vnr(p);
b488893a
PE		 1435 prstatus->pr_pgrp = task_pgrp_vnr(p);
1436 prstatus->pr_sid = task_session_vnr(p);
1da177e4 1437 if (thread_group_leader(p)) {
cd19c364 1438 struct task_cputime cputime;
f06febc9 1439
1da177e4 1440 /*
f06febc9
FM		 1441 * This is the record for the group leader. It shows the
1442 * group-wide total, not its individual thread total.
1da177e4 1443 */
cd19c364
FW		 1444 thread_group_cputime(p, &cputime);
1445 prstatus->pr_utime = ns_to_timeval(cputime.utime);
1446 prstatus->pr_stime = ns_to_timeval(cputime.stime);
1da177e4 1447 } else {
cd19c364 1448 u64 utime, stime;
6fac4829 1449
cd19c364
FW		 1450 task_cputime(p, &utime, &stime);
1451 prstatus->pr_utime = ns_to_timeval(utime);
1452 prstatus->pr_stime = ns_to_timeval(stime);
1da177e4 1453 }
5613fda9 1454
cd19c364
FW		 1455 prstatus->pr_cutime = ns_to_timeval(p->signal->cutime);
1456 prstatus->pr_cstime = ns_to_timeval(p->signal->cstime);
1da177e4
LT		 1457}
1458
1459static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1460 struct mm_struct *mm)
1461{
c69e8d9c 1462 const struct cred *cred;
a84a5059 1463 unsigned int i, len;
1da177e4
LT		 1464
1465 /* first copy the parameters from user space */
1466 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1467
1468 len = mm->arg_end - mm->arg_start;
1469 if (len >= ELF_PRARGSZ)
1470 len = ELF_PRARGSZ-1;
1471 if (copy_from_user(&psinfo->pr_psargs,
1472 (const char __user *)mm->arg_start, len))
1473 return -EFAULT;
1474 for(i = 0; i < len; i++)
1475 if (psinfo->pr_psargs[i] == 0)
1476 psinfo->pr_psargs[i] = ' ';
1477 psinfo->pr_psargs[len] = 0;
1478
3b34fc58
ON		 1479 rcu_read_lock();
1480 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1481 rcu_read_unlock();
b488893a 1482 psinfo->pr_pid = task_pid_vnr(p);
b488893a
PE		 1483 psinfo->pr_pgrp = task_pgrp_vnr(p);
1484 psinfo->pr_sid = task_session_vnr(p);
1da177e4
LT		 1485
1486 i = p->state ? ffz(~p->state) + 1 : 0;
1487 psinfo->pr_state = i;
55148548 1488 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1da177e4
LT		 1489 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1490 psinfo->pr_nice = task_nice(p);
1491 psinfo->pr_flag = p->flags;
c69e8d9c
DH		 1492 rcu_read_lock();
1493 cred = __task_cred(p);
ebc887b2
EB		 1494 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1495 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
c69e8d9c 1496 rcu_read_unlock();
1da177e4
LT		 1497 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1498
1499 return 0;
1500}
1501
3aba481f
RM		 1502static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1503{
1504 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1505 int i = 0;
1506 do
1507 i += 2;
1508 while (auxv[i - 2] != AT_NULL);
1509 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1510}
1511
49ae4d4b 1512static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
ce395960 1513 const siginfo_t *siginfo)
49ae4d4b
DV		 1514{
1515 mm_segment_t old_fs = get_fs();
1516 set_fs(KERNEL_DS);
1517 copy_siginfo_to_user((user_siginfo_t __user *) csigdata, siginfo);
1518 set_fs(old_fs);
1519 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1520}
1521
2aa362c4
DV		 1522#define MAX_FILE_NOTE_SIZE (4*1024*1024)
1523/*
1524 * Format of NT_FILE note:
1525 *
1526 * long count -- how many files are mapped
1527 * long page_size -- units for file_ofs
1528 * array of [COUNT] elements of
1529 * long start
1530 * long end
1531 * long file_ofs
1532 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1533 */
72023656 1534static int fill_files_note(struct memelfnote *note)
2aa362c4
DV		 1535{
1536 struct vm_area_struct *vma;
1537 unsigned count, size, names_ofs, remaining, n;
1538 user_long_t *data;
1539 user_long_t *start_end_ofs;
1540 char *name_base, *name_curpos;
1541
1542 /* *Estimated* file count and total data size needed */
1543 count = current->mm->map_count;
1544 size = count * 64;
1545
1546 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1547 alloc:
1548 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
72023656 1549 return -EINVAL;
2aa362c4
DV		 1550 size = round_up(size, PAGE_SIZE);
1551 data = vmalloc(size);
1552 if (!data)
72023656 1553 return -ENOMEM;
2aa362c4
DV		 1554
1555 start_end_ofs = data + 2;
1556 name_base = name_curpos = ((char *)data) + names_ofs;
1557 remaining = size - names_ofs;
1558 count = 0;
1559 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1560 struct file *file;
1561 const char *filename;
1562
1563 file = vma->vm_file;
1564 if (!file)
1565 continue;
9bf39ab2 1566 filename = file_path(file, name_curpos, remaining);
2aa362c4
DV		 1567 if (IS_ERR(filename)) {
1568 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1569 vfree(data);
1570 size = size * 5 / 4;
1571 goto alloc;
1572 }
1573 continue;
1574 }
1575
9bf39ab2 1576 /* file_path() fills at the end, move name down */
2aa362c4
DV		 1577 /* n = strlen(filename) + 1: */
1578 n = (name_curpos + remaining) - filename;
1579 remaining = filename - name_curpos;
1580 memmove(name_curpos, filename, n);
1581 name_curpos += n;
1582
1583 *start_end_ofs++ = vma->vm_start;
1584 *start_end_ofs++ = vma->vm_end;
1585 *start_end_ofs++ = vma->vm_pgoff;
1586 count++;
1587 }
1588
1589 /* Now we know exact count of files, can store it */
1590 data[0] = count;
1591 data[1] = PAGE_SIZE;
1592 /*
1593 * Count usually is less than current->mm->map_count,
1594 * we need to move filenames down.
1595 */
1596 n = current->mm->map_count - count;
1597 if (n != 0) {
1598 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1599 memmove(name_base - shift_bytes, name_base,
1600 name_curpos - name_base);
1601 name_curpos -= shift_bytes;
1602 }
1603
1604 size = name_curpos - (char *)data;
1605 fill_note(note, "CORE", NT_FILE, size, data);
72023656 1606 return 0;
2aa362c4
DV		 1607}
1608
4206d3aa
RM		 1609#ifdef CORE_DUMP_USE_REGSET
1610#include <linux/regset.h>
1611
1612struct elf_thread_core_info {
1613 struct elf_thread_core_info *next;
1614 struct task_struct *task;
1615 struct elf_prstatus prstatus;
1616 struct memelfnote notes[0];
1617};
1618
1619struct elf_note_info {
1620 struct elf_thread_core_info *thread;
1621 struct memelfnote psinfo;
49ae4d4b 1622 struct memelfnote signote;
4206d3aa 1623 struct memelfnote auxv;
2aa362c4 1624 struct memelfnote files;
49ae4d4b 1625 user_siginfo_t csigdata;
4206d3aa
RM		 1626 size_t size;
1627 int thread_notes;
1628};
1629
d31472b6
RM		 1630/*
1631 * When a regset has a writeback hook, we call it on each thread before
1632 * dumping user memory. On register window machines, this makes sure the
1633 * user memory backing the register data is up to date before we read it.
1634 */
1635static void do_thread_regset_writeback(struct task_struct *task,
1636 const struct user_regset *regset)
1637{
1638 if (regset->writeback)
1639 regset->writeback(task, regset, 1);
1640}
1641
0953f65d 1642#ifndef PRSTATUS_SIZE
90954e7b 1643#define PRSTATUS_SIZE(S, R) sizeof(S)
0953f65d
L		 1644#endif
1645
1646#ifndef SET_PR_FPVALID
90954e7b 1647#define SET_PR_FPVALID(S, V, R) ((S)->pr_fpvalid = (V))
0953f65d
L		 1648#endif
1649
4206d3aa
RM		 1650static int fill_thread_core_info(struct elf_thread_core_info *t,
1651 const struct user_regset_view *view,
1652 long signr, size_t *total)
1653{
1654 unsigned int i;
90954e7b 1655 unsigned int regset_size = view->regsets[0].n * view->regsets[0].size;
4206d3aa
RM		 1656
1657 /*
1658 * NT_PRSTATUS is the one special case, because the regset data
1659 * goes into the pr_reg field inside the note contents, rather
1660 * than being the whole note contents. We fill the reset in here.
1661 * We assume that regset 0 is NT_PRSTATUS.
1662 */
1663 fill_prstatus(&t->prstatus, t->task, signr);
90954e7b
DS		 1664 (void) view->regsets[0].get(t->task, &view->regsets[0], 0, regset_size,
1665 &t->prstatus.pr_reg, NULL);
4206d3aa
RM		 1666
1667 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
90954e7b 1668 PRSTATUS_SIZE(t->prstatus, regset_size), &t->prstatus);
4206d3aa
RM		 1669 *total += notesize(&t->notes[0]);
1670
d31472b6
RM		 1671 do_thread_regset_writeback(t->task, &view->regsets[0]);
1672
4206d3aa
RM		 1673 /*
1674 * Each other regset might generate a note too. For each regset
1675 * that has no core_note_type or is inactive, we leave t->notes[i]
1676 * all zero and we'll know to skip writing it later.
1677 */
1678 for (i = 1; i < view->n; ++i) {
1679 const struct user_regset *regset = &view->regsets[i];
d31472b6 1680 do_thread_regset_writeback(t->task, regset);
c8e25258 1681 if (regset->core_note_type && regset->get &&
4206d3aa
RM		 1682 (!regset->active || regset->active(t->task, regset))) {
1683 int ret;
1684 size_t size = regset->n * regset->size;
1685 void *data = kmalloc(size, GFP_KERNEL);
1686 if (unlikely(!data))
1687 return 0;
1688 ret = regset->get(t->task, regset,
1689 0, size, data, NULL);
1690 if (unlikely(ret))
1691 kfree(data);
1692 else {
1693 if (regset->core_note_type != NT_PRFPREG)
1694 fill_note(&t->notes[i], "LINUX",
1695 regset->core_note_type,
1696 size, data);
1697 else {
90954e7b
DS		 1698 SET_PR_FPVALID(&t->prstatus,
1699 1, regset_size);
4206d3aa
RM		 1700 fill_note(&t->notes[i], "CORE",
1701 NT_PRFPREG, size, data);
1702 }
1703 *total += notesize(&t->notes[i]);
1704 }
1705 }
1706 }
1707
1708 return 1;
1709}
1710
1711static int fill_note_info(struct elfhdr *elf, int phdrs,
1712 struct elf_note_info *info,
ec57941e 1713 const siginfo_t *siginfo, struct pt_regs *regs)
4206d3aa
RM		 1714{
1715 struct task_struct *dump_task = current;
1716 const struct user_regset_view *view = task_user_regset_view(dump_task);
1717 struct elf_thread_core_info *t;
1718 struct elf_prpsinfo *psinfo;
83914441 1719 struct core_thread *ct;
4206d3aa
RM		 1720 unsigned int i;
1721
1722 info->size = 0;
1723 info->thread = NULL;
1724
1725 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
6899e92d
AC		 1726 if (psinfo == NULL) {
1727 info->psinfo.data = NULL; /* So we don't free this wrongly */
4206d3aa 1728 return 0;
6899e92d 1729 }
4206d3aa 1730
e2dbe125
AW		 1731 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1732
4206d3aa
RM		 1733 /*
1734 * Figure out how many notes we're going to need for each thread.
1735 */
1736 info->thread_notes = 0;
1737 for (i = 0; i < view->n; ++i)
1738 if (view->regsets[i].core_note_type != 0)
1739 ++info->thread_notes;
1740
1741 /*
1742 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1743 * since it is our one special case.
1744 */
1745 if (unlikely(info->thread_notes == 0) ||
1746 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1747 WARN_ON(1);
1748 return 0;
1749 }
1750
1751 /*
1752 * Initialize the ELF file header.
1753 */
1754 fill_elf_header(elf, phdrs,
d3330cf0 1755 view->e_machine, view->e_flags);
4206d3aa
RM		 1756
1757 /*
1758 * Allocate a structure for each thread.
1759 */
83914441
ON		 1760 for (ct = &dump_task->mm->core_state->dumper; ct; ct = ct->next) {
1761 t = kzalloc(offsetof(struct elf_thread_core_info,
1762 notes[info->thread_notes]),
1763 GFP_KERNEL);
1764 if (unlikely(!t))
1765 return 0;
1766
1767 t->task = ct->task;
1768 if (ct->task == dump_task || !info->thread) {
1769 t->next = info->thread;
1770 info->thread = t;
1771 } else {
1772 /*
1773 * Make sure to keep the original task at
1774 * the head of the list.
1775 */
1776 t->next = info->thread->next;
1777 info->thread->next = t;
4206d3aa 1778 }
83914441 1779 }
4206d3aa
RM		 1780
1781 /*
1782 * Now fill in each thread's information.
1783 */
1784 for (t = info->thread; t != NULL; t = t->next)
5ab1c309 1785 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
4206d3aa
RM		 1786 return 0;
1787
1788 /*
1789 * Fill in the two process-wide notes.
1790 */
1791 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1792 info->size += notesize(&info->psinfo);
1793
49ae4d4b
DV		 1794 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1795 info->size += notesize(&info->signote);
1796
4206d3aa
RM		 1797 fill_auxv_note(&info->auxv, current->mm);
1798 info->size += notesize(&info->auxv);
1799
72023656
DA		 1800 if (fill_files_note(&info->files) == 0)
1801 info->size += notesize(&info->files);
2aa362c4 1802
4206d3aa
RM		 1803 return 1;
1804}
1805
1806static size_t get_note_info_size(struct elf_note_info *info)
1807{
1808 return info->size;
1809}
1810
1811/*
1812 * Write all the notes for each thread. When writing the first thread, the
1813 * process-wide notes are interleaved after the first thread-specific note.
1814 */
1815static int write_note_info(struct elf_note_info *info,
ecc8c772 1816 struct coredump_params *cprm)
4206d3aa 1817{
b219e25f 1818 bool first = true;
4206d3aa
RM		 1819 struct elf_thread_core_info *t = info->thread;
1820
1821 do {
1822 int i;
1823
ecc8c772 1824 if (!writenote(&t->notes[0], cprm))
4206d3aa
RM		 1825 return 0;
1826
ecc8c772 1827 if (first && !writenote(&info->psinfo, cprm))
4206d3aa 1828 return 0;
ecc8c772 1829 if (first && !writenote(&info->signote, cprm))
49ae4d4b 1830 return 0;
ecc8c772 1831 if (first && !writenote(&info->auxv, cprm))
4206d3aa 1832 return 0;
72023656 1833 if (first && info->files.data &&
ecc8c772 1834 !writenote(&info->files, cprm))
2aa362c4 1835 return 0;
4206d3aa
RM		 1836
1837 for (i = 1; i < info->thread_notes; ++i)
1838 if (t->notes[i].data &&
ecc8c772 1839 !writenote(&t->notes[i], cprm))
4206d3aa
RM		 1840 return 0;
1841
b219e25f 1842 first = false;
4206d3aa
RM		 1843 t = t->next;
1844 } while (t);
1845
1846 return 1;
1847}
1848
1849static void free_note_info(struct elf_note_info *info)
1850{
1851 struct elf_thread_core_info *threads = info->thread;
1852 while (threads) {
1853 unsigned int i;
1854 struct elf_thread_core_info *t = threads;
1855 threads = t->next;
1856 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1857 for (i = 1; i < info->thread_notes; ++i)
1858 kfree(t->notes[i].data);
1859 kfree(t);
1860 }
1861 kfree(info->psinfo.data);
2aa362c4 1862 vfree(info->files.data);
4206d3aa
RM		 1863}
1864
1865#else
1866
1da177e4
LT		 1867/* Here is the structure in which status of each thread is captured. */
1868struct elf_thread_status
1869{
1870 struct list_head list;
1871 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1872 elf_fpregset_t fpu; /* NT_PRFPREG */
1873 struct task_struct *thread;
1874#ifdef ELF_CORE_COPY_XFPREGS
5b20cd80 1875 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1da177e4
LT		 1876#endif
1877 struct memelfnote notes[3];
1878 int num_notes;
1879};
1880
1881/*
1882 * In order to add the specific thread information for the elf file format,
f4e5cc2c
JJ		 1883 * we need to keep a linked list of every threads pr_status and then create
1884 * a single section for them in the final core file.
1da177e4
LT		 1885 */
1886static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1887{
1888 int sz = 0;
1889 struct task_struct *p = t->thread;
1890 t->num_notes = 0;
1891
1892 fill_prstatus(&t->prstatus, p, signr);
1893 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1894
f4e5cc2c
JJ		 1895 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1896 &(t->prstatus));
1da177e4
LT		 1897 t->num_notes++;
1898 sz += notesize(&t->notes[0]);
1899
f4e5cc2c
JJ		 1900 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
1901 &t->fpu))) {
1902 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
1903 &(t->fpu));
1da177e4
LT		 1904 t->num_notes++;
1905 sz += notesize(&t->notes[1]);
1906 }
1907
1908#ifdef ELF_CORE_COPY_XFPREGS
1909 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
5b20cd80
MN		 1910 fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
1911 sizeof(t->xfpu), &t->xfpu);
1da177e4
LT		 1912 t->num_notes++;
1913 sz += notesize(&t->notes[2]);
1914 }
1915#endif
1916 return sz;
1917}
1918
3aba481f
RM		 1919struct elf_note_info {
1920 struct memelfnote *notes;
72023656 1921 struct memelfnote *notes_files;
3aba481f
RM		 1922 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1923 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1924 struct list_head thread_list;
1925 elf_fpregset_t *fpu;
1926#ifdef ELF_CORE_COPY_XFPREGS
1927 elf_fpxregset_t *xfpu;
1928#endif
49ae4d4b 1929 user_siginfo_t csigdata;
3aba481f
RM		 1930 int thread_status_size;
1931 int numnote;
1932};
1933
0cf062d0 1934static int elf_note_info_init(struct elf_note_info *info)
3aba481f 1935{
0cf062d0 1936 memset(info, 0, sizeof(*info));
3aba481f
RM		 1937 INIT_LIST_HEAD(&info->thread_list);
1938
49ae4d4b 1939 /* Allocate space for ELF notes */
2aa362c4 1940 info->notes = kmalloc(8 * sizeof(struct memelfnote), GFP_KERNEL);
3aba481f
RM		 1941 if (!info->notes)
1942 return 0;
1943 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
1944 if (!info->psinfo)
f34f9d18 1945 return 0;
3aba481f
RM		 1946 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
1947 if (!info->prstatus)
f34f9d18 1948 return 0;
3aba481f
RM		 1949 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
1950 if (!info->fpu)
f34f9d18 1951 return 0;
3aba481f
RM		 1952#ifdef ELF_CORE_COPY_XFPREGS
1953 info->xfpu = kmalloc(sizeof(*info->xfpu), GFP_KERNEL);
1954 if (!info->xfpu)
f34f9d18 1955 return 0;
3aba481f 1956#endif
0cf062d0 1957 return 1;
0cf062d0
AW		 1958}
1959
1960static int fill_note_info(struct elfhdr *elf, int phdrs,
1961 struct elf_note_info *info,
ec57941e 1962 const siginfo_t *siginfo, struct pt_regs *regs)
0cf062d0
AW		 1963{
1964 struct list_head *t;
afabada9
AV		 1965 struct core_thread *ct;
1966 struct elf_thread_status *ets;
0cf062d0
AW		 1967
1968 if (!elf_note_info_init(info))
1969 return 0;
3aba481f 1970
afabada9
AV		 1971 for (ct = current->mm->core_state->dumper.next;
1972 ct; ct = ct->next) {
1973 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
1974 if (!ets)
1975 return 0;
83914441 1976
afabada9
AV		 1977 ets->thread = ct->task;
1978 list_add(&ets->list, &info->thread_list);
1979 }
83914441 1980
afabada9
AV		 1981 list_for_each(t, &info->thread_list) {
1982 int sz;
3aba481f 1983
afabada9
AV		 1984 ets = list_entry(t, struct elf_thread_status, list);
1985 sz = elf_dump_thread_status(siginfo->si_signo, ets);
1986 info->thread_status_size += sz;
3aba481f
RM		 1987 }
1988 /* now collect the dump for the current */
1989 memset(info->prstatus, 0, sizeof(*info->prstatus));
5ab1c309 1990 fill_prstatus(info->prstatus, current, siginfo->si_signo);
3aba481f
RM		 1991 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
1992
1993 /* Set up header */
d3330cf0 1994 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
3aba481f
RM		 1995
1996 /*
1997 * Set up the notes in similar form to SVR4 core dumps made
1998 * with info from their /proc.
1999 */
2000
2001 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
2002 sizeof(*info->prstatus), info->prstatus);
2003 fill_psinfo(info->psinfo, current->group_leader, current->mm);
2004 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
2005 sizeof(*info->psinfo), info->psinfo);
2006
2aa362c4
DV		 2007 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
2008 fill_auxv_note(info->notes + 3, current->mm);
72023656 2009 info->numnote = 4;
3aba481f 2010
72023656
DA		 2011 if (fill_files_note(info->notes + info->numnote) == 0) {
2012 info->notes_files = info->notes + info->numnote;
2013 info->numnote++;
2014 }
3aba481f
RM		 2015
2016 /* Try to dump the FPU. */
2017 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
2018 info->fpu);
2019 if (info->prstatus->pr_fpvalid)
2020 fill_note(info->notes + info->numnote++,
2021 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
2022#ifdef ELF_CORE_COPY_XFPREGS
2023 if (elf_core_copy_task_xfpregs(current, info->xfpu))
2024 fill_note(info->notes + info->numnote++,
2025 "LINUX", ELF_CORE_XFPREG_TYPE,
2026 sizeof(*info->xfpu), info->xfpu);
2027#endif
2028
2029 return 1;
3aba481f
RM		 2030}
2031
2032static size_t get_note_info_size(struct elf_note_info *info)
2033{
2034 int sz = 0;
2035 int i;
2036
2037 for (i = 0; i < info->numnote; i++)
2038 sz += notesize(info->notes + i);
2039
2040 sz += info->thread_status_size;
2041
2042 return sz;
2043}
2044
2045static int write_note_info(struct elf_note_info *info,
ecc8c772 2046 struct coredump_params *cprm)
3aba481f
RM		 2047{
2048 int i;
2049 struct list_head *t;
2050
2051 for (i = 0; i < info->numnote; i++)
ecc8c772 2052 if (!writenote(info->notes + i, cprm))
3aba481f
RM		 2053 return 0;
2054
2055 /* write out the thread status notes section */
2056 list_for_each(t, &info->thread_list) {
2057 struct elf_thread_status *tmp =
2058 list_entry(t, struct elf_thread_status, list);
2059
2060 for (i = 0; i < tmp->num_notes; i++)
ecc8c772 2061 if (!writenote(&tmp->notes[i], cprm))
3aba481f
RM		 2062 return 0;
2063 }
2064
2065 return 1;
2066}
2067
2068static void free_note_info(struct elf_note_info *info)
2069{
2070 while (!list_empty(&info->thread_list)) {
2071 struct list_head *tmp = info->thread_list.next;
2072 list_del(tmp);
2073 kfree(list_entry(tmp, struct elf_thread_status, list));
2074 }
2075
72023656
DA		 2076 /* Free data possibly allocated by fill_files_note(): */
2077 if (info->notes_files)
2078 vfree(info->notes_files->data);
2aa362c4 2079
3aba481f
RM		 2080 kfree(info->prstatus);
2081 kfree(info->psinfo);
2082 kfree(info->notes);
2083 kfree(info->fpu);
2084#ifdef ELF_CORE_COPY_XFPREGS
2085 kfree(info->xfpu);
2086#endif
2087}
2088
4206d3aa
RM		 2089#endif
2090
f47aef55
RM		 2091static struct vm_area_struct *first_vma(struct task_struct *tsk,
2092 struct vm_area_struct *gate_vma)
2093{
2094 struct vm_area_struct *ret = tsk->mm->mmap;
2095
2096 if (ret)
2097 return ret;
2098 return gate_vma;
2099}
2100/*
2101 * Helper function for iterating across a vma list. It ensures that the caller
2102 * will visit `gate_vma' prior to terminating the search.
2103 */
2104static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
2105 struct vm_area_struct *gate_vma)
2106{
2107 struct vm_area_struct *ret;
2108
2109 ret = this_vma->vm_next;
2110 if (ret)
2111 return ret;
2112 if (this_vma == gate_vma)
2113 return NULL;
2114 return gate_vma;
2115}
2116
8d9032bb
DH		 2117static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2118 elf_addr_t e_shoff, int segs)
2119{
2120 elf->e_shoff = e_shoff;
2121 elf->e_shentsize = sizeof(*shdr4extnum);
2122 elf->e_shnum = 1;
2123 elf->e_shstrndx = SHN_UNDEF;
2124
2125 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2126
2127 shdr4extnum->sh_type = SHT_NULL;
2128 shdr4extnum->sh_size = elf->e_shnum;
2129 shdr4extnum->sh_link = elf->e_shstrndx;
2130 shdr4extnum->sh_info = segs;
2131}
2132
1da177e4
LT		 2133/*
2134 * Actual dumper
2135 *
2136 * This is a two-pass process; first we find the offsets of the bits,
2137 * and then they are actually written out. If we run out of core limit
2138 * we just truncate.
2139 */
f6151dfe 2140static int elf_core_dump(struct coredump_params *cprm)
1da177e4 2141{
1da177e4
LT		 2142 int has_dumped = 0;
2143 mm_segment_t fs;
52f5592e
JL		 2144 int segs, i;
2145 size_t vma_data_size = 0;
f47aef55 2146 struct vm_area_struct *vma, *gate_vma;
1da177e4 2147 struct elfhdr *elf = NULL;
cdc3d562 2148 loff_t offset = 0, dataoff;
72023656 2149 struct elf_note_info info = { };
93eb211e 2150 struct elf_phdr *phdr4note = NULL;
8d9032bb
DH		 2151 struct elf_shdr *shdr4extnum = NULL;
2152 Elf_Half e_phnum;
2153 elf_addr_t e_shoff;
52f5592e 2154 elf_addr_t *vma_filesz = NULL;
1da177e4
LT		 2155
2156 /*
2157 * We no longer stop all VM operations.
2158 *
f4e5cc2c
JJ		 2159 * This is because those proceses that could possibly change map_count
2160 * or the mmap / vma pages are now blocked in do_exit on current
2161 * finishing this core dump.
1da177e4
LT		 2162 *
2163 * Only ptrace can touch these memory addresses, but it doesn't change
f4e5cc2c 2164 * the map_count or the pages allocated. So no possibility of crashing
1da177e4
LT		 2165 * exists while dumping the mm->vm_next areas to the core file.
2166 */
2167
2168 /* alloc memory for large data structures: too large to be on stack */
2169 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
2170 if (!elf)
5f719558 2171 goto out;
341c87bf
KH		 2172 /*
2173 * The number of segs are recored into ELF header as 16bit value.
2174 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2175 */
1da177e4 2176 segs = current->mm->map_count;
1fcccbac 2177 segs += elf_core_extra_phdrs();
1da177e4 2178
31db58b3 2179 gate_vma = get_gate_vma(current->mm);
f47aef55
RM		 2180 if (gate_vma != NULL)
2181 segs++;
2182
8d9032bb
DH		 2183 /* for notes section */
2184 segs++;
2185
2186 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2187 * this, kernel supports extended numbering. Have a look at
2188 * include/linux/elf.h for further information. */
2189 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2190
1da177e4 2191 /*
3aba481f
RM		 2192 * Collect all the non-memory information about the process for the
2193 * notes. This also sets up the file header.
1da177e4 2194 */
5ab1c309 2195 if (!fill_note_info(elf, e_phnum, &info, cprm->siginfo, cprm->regs))
3aba481f 2196 goto cleanup;
1da177e4 2197
3aba481f 2198 has_dumped = 1;
079148b9 2199
1da177e4
LT		 2200 fs = get_fs();
2201 set_fs(KERNEL_DS);
2202
1da177e4 2203 offset += sizeof(*elf); /* Elf header */
8d9032bb 2204 offset += segs * sizeof(struct elf_phdr); /* Program headers */
1da177e4
LT		 2205
2206 /* Write notes phdr entry */
2207 {
3aba481f 2208 size_t sz = get_note_info_size(&info);
1da177e4 2209
e5501492 2210 sz += elf_coredump_extra_notes_size();
bf1ab978 2211
93eb211e
DH		 2212 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2213 if (!phdr4note)
088e7af7 2214 goto end_coredump;
93eb211e
DH		 2215
2216 fill_elf_note_phdr(phdr4note, sz, offset);
2217 offset += sz;
1da177e4
LT		 2218 }
2219
1da177e4
LT		 2220 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2221
30f74aa0
JB		 2222 if (segs - 1 > ULONG_MAX / sizeof(*vma_filesz))
2223 goto end_coredump;
2224 vma_filesz = vmalloc((segs - 1) * sizeof(*vma_filesz));
52f5592e
JL		 2225 if (!vma_filesz)
2226 goto end_coredump;
2227
2228 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2229 vma = next_vma(vma, gate_vma)) {
2230 unsigned long dump_size;
2231
2232 dump_size = vma_dump_size(vma, cprm->mm_flags);
2233 vma_filesz[i++] = dump_size;
2234 vma_data_size += dump_size;
2235 }
2236
2237 offset += vma_data_size;
8d9032bb
DH		 2238 offset += elf_core_extra_data_size();
2239 e_shoff = offset;
2240
2241 if (e_phnum == PN_XNUM) {
2242 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2243 if (!shdr4extnum)
2244 goto end_coredump;
2245 fill_extnum_info(elf, shdr4extnum, e_shoff, segs);
2246 }
2247
2248 offset = dataoff;
2249
ecc8c772 2250 if (!dump_emit(cprm, elf, sizeof(*elf)))
93eb211e
DH		 2251 goto end_coredump;
2252
ecc8c772 2253 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
93eb211e
DH		 2254 goto end_coredump;
2255
1da177e4 2256 /* Write program headers for segments dump */
52f5592e 2257 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
f47aef55 2258 vma = next_vma(vma, gate_vma)) {
1da177e4 2259 struct elf_phdr phdr;
1da177e4
LT		 2260
2261 phdr.p_type = PT_LOAD;
2262 phdr.p_offset = offset;
2263 phdr.p_vaddr = vma->vm_start;
2264 phdr.p_paddr = 0;
52f5592e 2265 phdr.p_filesz = vma_filesz[i++];
82df3973 2266 phdr.p_memsz = vma->vm_end - vma->vm_start;
1da177e4
LT		 2267 offset += phdr.p_filesz;
2268 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
f4e5cc2c
JJ		 2269 if (vma->vm_flags & VM_WRITE)
2270 phdr.p_flags |= PF_W;
2271 if (vma->vm_flags & VM_EXEC)
2272 phdr.p_flags |= PF_X;
1da177e4
LT		 2273 phdr.p_align = ELF_EXEC_PAGESIZE;
2274
ecc8c772 2275 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
088e7af7 2276 goto end_coredump;
1da177e4
LT		 2277 }
2278
506f21c5 2279 if (!elf_core_write_extra_phdrs(cprm, offset))
1fcccbac 2280 goto end_coredump;
1da177e4
LT		 2281
2282 /* write out the notes section */
ecc8c772 2283 if (!write_note_info(&info, cprm))
3aba481f 2284 goto end_coredump;
1da177e4 2285
cdc3d562 2286 if (elf_coredump_extra_notes_write(cprm))
e5501492 2287 goto end_coredump;
bf1ab978 2288
d025c9db 2289 /* Align to page */
1607f09c 2290 if (!dump_skip(cprm, dataoff - cprm->pos))
f3e8fccd 2291 goto end_coredump;
1da177e4 2292
52f5592e 2293 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
f47aef55 2294 vma = next_vma(vma, gate_vma)) {
1da177e4 2295 unsigned long addr;
82df3973 2296 unsigned long end;
1da177e4 2297
52f5592e 2298 end = vma->vm_start + vma_filesz[i++];
1da177e4 2299
82df3973 2300 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
f4e5cc2c 2301 struct page *page;
f3e8fccd
HD		 2302 int stop;
2303
2304 page = get_dump_page(addr);
2305 if (page) {
2306 void *kaddr = kmap(page);
13046ece 2307 stop = !dump_emit(cprm, kaddr, PAGE_SIZE);
f3e8fccd 2308 kunmap(page);
09cbfeaf 2309 put_page(page);
f3e8fccd 2310 } else
9b56d543 2311 stop = !dump_skip(cprm, PAGE_SIZE);
f3e8fccd
HD		 2312 if (stop)
2313 goto end_coredump;
1da177e4
LT		 2314 }
2315 }
4d22c75d 2316 dump_truncate(cprm);
1da177e4 2317
aa3e7eaf 2318 if (!elf_core_write_extra_data(cprm))
1fcccbac 2319 goto end_coredump;
1da177e4 2320
8d9032bb 2321 if (e_phnum == PN_XNUM) {
13046ece 2322 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
8d9032bb
DH		 2323 goto end_coredump;
2324 }
2325
1da177e4
LT		 2326end_coredump:
2327 set_fs(fs);
2328
2329cleanup:
3aba481f 2330 free_note_info(&info);
8d9032bb 2331 kfree(shdr4extnum);
30f74aa0 2332 vfree(vma_filesz);
93eb211e 2333 kfree(phdr4note);
5f719558
WC		 2334 kfree(elf);
2335out:
1da177e4 2336 return has_dumped;
1da177e4
LT		 2337}
2338
698ba7b5 2339#endif /* CONFIG_ELF_CORE */
1da177e4
LT		 2340
2341static int __init init_elf_binfmt(void)
2342{
8fc3dc5a
AV		 2343 register_binfmt(&elf_format);
2344 return 0;
1da177e4
LT		 2345}
2346
2347static void __exit exit_elf_binfmt(void)
2348{
2349 /* Remove the COFF and ELF loaders. */
2350 unregister_binfmt(&elf_format);
2351}
2352
2353core_initcall(init_elf_binfmt);
2354module_exit(exit_elf_binfmt);
2355MODULE_LICENSE("GPL");
Ubuntu Artful kernel mirror