]> git.proxmox.com Git - qemu.git/blame - linux-user/elfload.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
linux-user: add core dump support for M68K
[qemu.git] / linux-user / elfload.c
CommitLineData
31e31b8a 1/* This is the Linux kernel elf-loading code, ported into user space */
edf8e2af
MW		 2#include <sys/time.h>
3#include <sys/param.h>
31e31b8a
FB		 4
5#include <stdio.h>
6#include <sys/types.h>
7#include <fcntl.h>
31e31b8a
FB		 8#include <errno.h>
9#include <unistd.h>
10#include <sys/mman.h>
edf8e2af 11#include <sys/resource.h>
31e31b8a
FB		 12#include <stdlib.h>
13#include <string.h>
edf8e2af 14#include <time.h>
31e31b8a 15
3ef693a0 16#include "qemu.h"
689f936f 17#include "disas.h"
31e31b8a 18
e58ffeb3 19#ifdef _ARCH_PPC64
a6cc84f4 20#undef ARCH_DLINFO
21#undef ELF_PLATFORM
22#undef ELF_HWCAP
23#undef ELF_CLASS
24#undef ELF_DATA
25#undef ELF_ARCH
26#endif
27
edf8e2af
MW		 28#define ELF_OSABI ELFOSABI_SYSV
29
cb33da57
BS		 30/* from personality.h */
31
32/*
33 * Flags for bug emulation.
34 *
35 * These occupy the top three bytes.
36 */
37enum {
38 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */
39 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to descriptors
40 * (signal handling)
41 */
42 MMAP_PAGE_ZERO = 0x0100000,
43 ADDR_COMPAT_LAYOUT = 0x0200000,
44 READ_IMPLIES_EXEC = 0x0400000,
45 ADDR_LIMIT_32BIT = 0x0800000,
46 SHORT_INODE = 0x1000000,
47 WHOLE_SECONDS = 0x2000000,
48 STICKY_TIMEOUTS = 0x4000000,
49 ADDR_LIMIT_3GB = 0x8000000,
50};
51
52/*
53 * Personality types.
54 *
55 * These go in the low byte. Avoid using the top bit, it will
56 * conflict with error returns.
57 */
58enum {
59 PER_LINUX = 0x0000,
60 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT,
61 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS,
62 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
63 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
64 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS |
65 WHOLE_SECONDS | SHORT_INODE,
66 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
67 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
68 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS,
69 PER_BSD = 0x0006,
70 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS,
71 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
72 PER_LINUX32 = 0x0008,
73 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB,
74 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
75 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
76 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
77 PER_RISCOS = 0x000c,
78 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS,
79 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
80 PER_OSF4 = 0x000f, /* OSF/1 v4 */
81 PER_HPUX = 0x0010,
82 PER_MASK = 0x00ff,
83};
84
85/*
86 * Return the base personality without flags.
87 */
88#define personality(pers) (pers & PER_MASK)
89
83fb7adf
FB		 90/* this flag is uneffective under linux too, should be deleted */
91#ifndef MAP_DENYWRITE
92#define MAP_DENYWRITE 0
93#endif
94
95/* should probably go in elf.h */
96#ifndef ELIBBAD
97#define ELIBBAD 80
98#endif
99
21e807fa
NF		 100typedef target_ulong target_elf_greg_t;
101#ifdef USE_UID16
102typedef uint16_t target_uid_t;
103typedef uint16_t target_gid_t;
104#else
105typedef uint32_t target_uid_t;
106typedef uint32_t target_gid_t;
107#endif
108typedef int32_t target_pid_t;
109
30ac07d4
FB		 110#ifdef TARGET_I386
111
15338fd7
FB		 112#define ELF_PLATFORM get_elf_platform()
113
114static const char *get_elf_platform(void)
115{
116 static char elf_platform[] = "i386";
d5975363 117 int family = (thread_env->cpuid_version >> 8) & 0xff;
15338fd7
FB		 118 if (family > 6)
119 family = 6;
120 if (family >= 3)
121 elf_platform[1] = '0' + family;
122 return elf_platform;
123}
124
125#define ELF_HWCAP get_elf_hwcap()
126
127static uint32_t get_elf_hwcap(void)
128{
d5975363 129 return thread_env->cpuid_features;
15338fd7
FB		 130}
131
84409ddb
JM		 132#ifdef TARGET_X86_64
133#define ELF_START_MMAP 0x2aaaaab000ULL
134#define elf_check_arch(x) ( ((x) == ELF_ARCH) )
135
136#define ELF_CLASS ELFCLASS64
137#define ELF_DATA ELFDATA2LSB
138#define ELF_ARCH EM_X86_64
139
140static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
141{
142 regs->rax = 0;
143 regs->rsp = infop->start_stack;
144 regs->rip = infop->entry;
145}
146
9edc5d79 147#define ELF_NREG 27
c227f099 148typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
9edc5d79
MW		 149
150/*
151 * Note that ELF_NREG should be 29 as there should be place for
152 * TRAPNO and ERR "registers" as well but linux doesn't dump
153 * those.
154 *
155 * See linux kernel: arch/x86/include/asm/elf.h
156 */
c227f099 157static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
9edc5d79
MW		 158{
159 (*regs)[0] = env->regs[15];
160 (*regs)[1] = env->regs[14];
161 (*regs)[2] = env->regs[13];
162 (*regs)[3] = env->regs[12];
163 (*regs)[4] = env->regs[R_EBP];
164 (*regs)[5] = env->regs[R_EBX];
165 (*regs)[6] = env->regs[11];
166 (*regs)[7] = env->regs[10];
167 (*regs)[8] = env->regs[9];
168 (*regs)[9] = env->regs[8];
169 (*regs)[10] = env->regs[R_EAX];
170 (*regs)[11] = env->regs[R_ECX];
171 (*regs)[12] = env->regs[R_EDX];
172 (*regs)[13] = env->regs[R_ESI];
173 (*regs)[14] = env->regs[R_EDI];
174 (*regs)[15] = env->regs[R_EAX]; /* XXX */
175 (*regs)[16] = env->eip;
176 (*regs)[17] = env->segs[R_CS].selector & 0xffff;
177 (*regs)[18] = env->eflags;
178 (*regs)[19] = env->regs[R_ESP];
179 (*regs)[20] = env->segs[R_SS].selector & 0xffff;
180 (*regs)[21] = env->segs[R_FS].selector & 0xffff;
181 (*regs)[22] = env->segs[R_GS].selector & 0xffff;
182 (*regs)[23] = env->segs[R_DS].selector & 0xffff;
183 (*regs)[24] = env->segs[R_ES].selector & 0xffff;
184 (*regs)[25] = env->segs[R_FS].selector & 0xffff;
185 (*regs)[26] = env->segs[R_GS].selector & 0xffff;
186}
187
84409ddb
JM		 188#else
189
30ac07d4
FB		 190#define ELF_START_MMAP 0x80000000
191
30ac07d4
FB		 192/*
193 * This is used to ensure we don't load something for the wrong architecture.
194 */
195#define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) )
196
197/*
198 * These are used to set parameters in the core dumps.
199 */
200#define ELF_CLASS ELFCLASS32
201#define ELF_DATA ELFDATA2LSB
202#define ELF_ARCH EM_386
203
b346ff46
FB		 204static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
205{
206 regs->esp = infop->start_stack;
207 regs->eip = infop->entry;
e5fe0c52
PB		 208
209 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
210 starts %edx contains a pointer to a function which might be
211 registered using `atexit'. This provides a mean for the
212 dynamic linker to call DT_FINI functions for shared libraries
213 that have been loaded before the code runs.
214
215 A value of 0 tells we have no such handler. */
216 regs->edx = 0;
b346ff46 217}
9edc5d79 218
9edc5d79 219#define ELF_NREG 17
c227f099 220typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
9edc5d79
MW		 221
222/*
223 * Note that ELF_NREG should be 19 as there should be place for
224 * TRAPNO and ERR "registers" as well but linux doesn't dump
225 * those.
226 *
227 * See linux kernel: arch/x86/include/asm/elf.h
228 */
c227f099 229static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
9edc5d79
MW		 230{
231 (*regs)[0] = env->regs[R_EBX];
232 (*regs)[1] = env->regs[R_ECX];
233 (*regs)[2] = env->regs[R_EDX];
234 (*regs)[3] = env->regs[R_ESI];
235 (*regs)[4] = env->regs[R_EDI];
236 (*regs)[5] = env->regs[R_EBP];
237 (*regs)[6] = env->regs[R_EAX];
238 (*regs)[7] = env->segs[R_DS].selector & 0xffff;
239 (*regs)[8] = env->segs[R_ES].selector & 0xffff;
240 (*regs)[9] = env->segs[R_FS].selector & 0xffff;
241 (*regs)[10] = env->segs[R_GS].selector & 0xffff;
242 (*regs)[11] = env->regs[R_EAX]; /* XXX */
243 (*regs)[12] = env->eip;
244 (*regs)[13] = env->segs[R_CS].selector & 0xffff;
245 (*regs)[14] = env->eflags;
246 (*regs)[15] = env->regs[R_ESP];
247 (*regs)[16] = env->segs[R_SS].selector & 0xffff;
248}
84409ddb 249#endif
b346ff46 250
9edc5d79 251#define USE_ELF_CORE_DUMP
b346ff46
FB		 252#define ELF_EXEC_PAGESIZE 4096
253
254#endif
255
256#ifdef TARGET_ARM
257
258#define ELF_START_MMAP 0x80000000
259
260#define elf_check_arch(x) ( (x) == EM_ARM )
261
262#define ELF_CLASS ELFCLASS32
263#ifdef TARGET_WORDS_BIGENDIAN
264#define ELF_DATA ELFDATA2MSB
265#else
266#define ELF_DATA ELFDATA2LSB
267#endif
268#define ELF_ARCH EM_ARM
269
b346ff46
FB		 270static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
271{
992f48a0 272 abi_long stack = infop->start_stack;
b346ff46
FB		 273 memset(regs, 0, sizeof(*regs));
274 regs->ARM_cpsr = 0x10;
0240ded8
PB		 275 if (infop->entry & 1)
276 regs->ARM_cpsr |= CPSR_T;
277 regs->ARM_pc = infop->entry & 0xfffffffe;
b346ff46 278 regs->ARM_sp = infop->start_stack;
2f619698
FB		 279 /* FIXME - what to for failure of get_user()? */
280 get_user_ual(regs->ARM_r2, stack + 8); /* envp */
281 get_user_ual(regs->ARM_r1, stack + 4); /* envp */
a1516e92 282 /* XXX: it seems that r0 is zeroed after ! */
e5fe0c52
PB		 283 regs->ARM_r0 = 0;
284 /* For uClinux PIC binaries. */
863cf0b7 285 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
e5fe0c52 286 regs->ARM_r10 = infop->start_data;
b346ff46
FB		 287}
288
edf8e2af 289#define ELF_NREG 18
c227f099 290typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
edf8e2af 291
c227f099 292static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
edf8e2af 293{
d049e626
NF		 294 (*regs)[0] = tswapl(env->regs[0]);
295 (*regs)[1] = tswapl(env->regs[1]);
296 (*regs)[2] = tswapl(env->regs[2]);
297 (*regs)[3] = tswapl(env->regs[3]);
298 (*regs)[4] = tswapl(env->regs[4]);
299 (*regs)[5] = tswapl(env->regs[5]);
300 (*regs)[6] = tswapl(env->regs[6]);
301 (*regs)[7] = tswapl(env->regs[7]);
302 (*regs)[8] = tswapl(env->regs[8]);
303 (*regs)[9] = tswapl(env->regs[9]);
304 (*regs)[10] = tswapl(env->regs[10]);
305 (*regs)[11] = tswapl(env->regs[11]);
306 (*regs)[12] = tswapl(env->regs[12]);
307 (*regs)[13] = tswapl(env->regs[13]);
308 (*regs)[14] = tswapl(env->regs[14]);
309 (*regs)[15] = tswapl(env->regs[15]);
310
311 (*regs)[16] = tswapl(cpsr_read((CPUState *)env));
312 (*regs)[17] = tswapl(env->regs[0]); /* XXX */
edf8e2af
MW		 313}
314
30ac07d4
FB		 315#define USE_ELF_CORE_DUMP
316#define ELF_EXEC_PAGESIZE 4096
317
afce2927
FB		 318enum
319{
320 ARM_HWCAP_ARM_SWP = 1 << 0,
321 ARM_HWCAP_ARM_HALF = 1 << 1,
322 ARM_HWCAP_ARM_THUMB = 1 << 2,
323 ARM_HWCAP_ARM_26BIT = 1 << 3,
324 ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
325 ARM_HWCAP_ARM_FPA = 1 << 5,
326 ARM_HWCAP_ARM_VFP = 1 << 6,
327 ARM_HWCAP_ARM_EDSP = 1 << 7,
cf6de34a
RV		 328 ARM_HWCAP_ARM_JAVA = 1 << 8,
329 ARM_HWCAP_ARM_IWMMXT = 1 << 9,
330 ARM_HWCAP_ARM_THUMBEE = 1 << 10,
331 ARM_HWCAP_ARM_NEON = 1 << 11,
332 ARM_HWCAP_ARM_VFPv3 = 1 << 12,
333 ARM_HWCAP_ARM_VFPv3D16 = 1 << 13,
afce2927
FB		 334};
335
15338fd7 336#define ELF_HWCAP (ARM_HWCAP_ARM_SWP | ARM_HWCAP_ARM_HALF \
afce2927 337 | ARM_HWCAP_ARM_THUMB | ARM_HWCAP_ARM_FAST_MULT \
cf6de34a
RV		 338 | ARM_HWCAP_ARM_FPA | ARM_HWCAP_ARM_VFP \
339 | ARM_HWCAP_ARM_NEON | ARM_HWCAP_ARM_VFPv3 )
afce2927 340
30ac07d4
FB		 341#endif
342
853d6f7a 343#ifdef TARGET_SPARC
a315a145 344#ifdef TARGET_SPARC64
853d6f7a
FB		 345
346#define ELF_START_MMAP 0x80000000
347
992f48a0 348#ifndef TARGET_ABI32
cb33da57 349#define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS )
992f48a0
BS		 350#else
351#define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC )
352#endif
853d6f7a 353
a315a145
FB		 354#define ELF_CLASS ELFCLASS64
355#define ELF_DATA ELFDATA2MSB
5ef54116
FB		 356#define ELF_ARCH EM_SPARCV9
357
358#define STACK_BIAS 2047
a315a145 359
a315a145
FB		 360static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
361{
992f48a0 362#ifndef TARGET_ABI32
a315a145 363 regs->tstate = 0;
992f48a0 364#endif
a315a145
FB		 365 regs->pc = infop->entry;
366 regs->npc = regs->pc + 4;
367 regs->y = 0;
992f48a0
BS		 368#ifdef TARGET_ABI32
369 regs->u_regs[14] = infop->start_stack - 16 * 4;
370#else
cb33da57
BS		 371 if (personality(infop->personality) == PER_LINUX32)
372 regs->u_regs[14] = infop->start_stack - 16 * 4;
373 else
374 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
992f48a0 375#endif
a315a145
FB		 376}
377
378#else
379#define ELF_START_MMAP 0x80000000
380
381#define elf_check_arch(x) ( (x) == EM_SPARC )
382
853d6f7a
FB		 383#define ELF_CLASS ELFCLASS32
384#define ELF_DATA ELFDATA2MSB
385#define ELF_ARCH EM_SPARC
386
853d6f7a
FB		 387static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
388{
f5155289
FB		 389 regs->psr = 0;
390 regs->pc = infop->entry;
391 regs->npc = regs->pc + 4;
392 regs->y = 0;
393 regs->u_regs[14] = infop->start_stack - 16 * 4;
853d6f7a
FB		 394}
395
a315a145 396#endif
853d6f7a
FB		 397#endif
398
67867308
FB		 399#ifdef TARGET_PPC
400
401#define ELF_START_MMAP 0x80000000
402
e85e7c6e 403#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
84409ddb
JM		 404
405#define elf_check_arch(x) ( (x) == EM_PPC64 )
406
407#define ELF_CLASS ELFCLASS64
408
409#else
410
67867308
FB		 411#define elf_check_arch(x) ( (x) == EM_PPC )
412
413#define ELF_CLASS ELFCLASS32
84409ddb
JM		 414
415#endif
416
67867308
FB		 417#ifdef TARGET_WORDS_BIGENDIAN
418#define ELF_DATA ELFDATA2MSB
419#else
420#define ELF_DATA ELFDATA2LSB
421#endif
422#define ELF_ARCH EM_PPC
423
df84e4f3
NF		 424/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
425 See arch/powerpc/include/asm/cputable.h. */
426enum {
3efa9a67 427 QEMU_PPC_FEATURE_32 = 0x80000000,
428 QEMU_PPC_FEATURE_64 = 0x40000000,
429 QEMU_PPC_FEATURE_601_INSTR = 0x20000000,
430 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000,
431 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000,
432 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000,
433 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000,
434 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000,
435 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000,
436 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000,
437 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000,
438 QEMU_PPC_FEATURE_NO_TB = 0x00100000,
439 QEMU_PPC_FEATURE_POWER4 = 0x00080000,
440 QEMU_PPC_FEATURE_POWER5 = 0x00040000,
441 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000,
442 QEMU_PPC_FEATURE_CELL = 0x00010000,
443 QEMU_PPC_FEATURE_BOOKE = 0x00008000,
444 QEMU_PPC_FEATURE_SMT = 0x00004000,
445 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000,
446 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000,
447 QEMU_PPC_FEATURE_PA6T = 0x00000800,
448 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400,
449 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200,
450 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100,
451 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080,
452 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040,
453
454 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002,
455 QEMU_PPC_FEATURE_PPC_LE = 0x00000001,
df84e4f3
NF		 456};
457
458#define ELF_HWCAP get_elf_hwcap()
459
460static uint32_t get_elf_hwcap(void)
461{
462 CPUState *e = thread_env;
463 uint32_t features = 0;
464
465 /* We don't have to be terribly complete here; the high points are
466 Altivec/FP/SPE support. Anything else is just a bonus. */
467#define GET_FEATURE(flag, feature) \
468 do {if (e->insns_flags & flag) features |= feature; } while(0)
3efa9a67 469 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64);
470 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU);
471 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC);
472 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE);
473 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE);
474 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE);
475 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE);
476 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC);
df84e4f3
NF		 477#undef GET_FEATURE
478
479 return features;
480}
481
f5155289
FB		 482/*
483 * We need to put in some extra aux table entries to tell glibc what
484 * the cache block size is, so it can use the dcbz instruction safely.
485 */
486#define AT_DCACHEBSIZE 19
487#define AT_ICACHEBSIZE 20
488#define AT_UCACHEBSIZE 21
489/* A special ignored type value for PPC, for glibc compatibility. */
490#define AT_IGNOREPPC 22
491/*
492 * The requirements here are:
493 * - keep the final alignment of sp (sp & 0xf)
494 * - make sure the 32-bit value at the first 16 byte aligned position of
495 * AUXV is greater than 16 for glibc compatibility.
496 * AT_IGNOREPPC is used for that.
497 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
498 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
499 */
0bccf03d 500#define DLINFO_ARCH_ITEMS 5
f5155289
FB		 501#define ARCH_DLINFO \
502do { \
0bccf03d
FB		 503 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \
504 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \
505 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \
f5155289
FB		 506 /* \
507 * Now handle glibc compatibility. \
508 */ \
0bccf03d
FB		 509 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
510 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
f5155289
FB		 511 } while (0)
512
67867308
FB		 513static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
514{
992f48a0
BS		 515 abi_ulong pos = infop->start_stack;
516 abi_ulong tmp;
e85e7c6e 517#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
992f48a0 518 abi_ulong entry, toc;
84409ddb 519#endif
e5fe0c52 520
67867308 521 _regs->gpr[1] = infop->start_stack;
e85e7c6e 522#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
84409ddb
JM		 523 entry = ldq_raw(infop->entry) + infop->load_addr;
524 toc = ldq_raw(infop->entry + 8) + infop->load_addr;
525 _regs->gpr[2] = toc;
526 infop->entry = entry;
527#endif
67867308 528 _regs->nip = infop->entry;
e5fe0c52
PB		 529 /* Note that isn't exactly what regular kernel does
530 * but this is what the ABI wants and is needed to allow
531 * execution of PPC BSD programs.
532 */
2f619698
FB		 533 /* FIXME - what to for failure of get_user()? */
534 get_user_ual(_regs->gpr[3], pos);
992f48a0 535 pos += sizeof(abi_ulong);
e5fe0c52 536 _regs->gpr[4] = pos;
992f48a0 537 for (tmp = 1; tmp != 0; pos += sizeof(abi_ulong))
e5fe0c52
PB		 538 tmp = ldl(pos);
539 _regs->gpr[5] = pos;
67867308
FB		 540}
541
e2f3e741
NF		 542/* See linux kernel: arch/powerpc/include/asm/elf.h. */
543#define ELF_NREG 48
544typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
545
546static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
547{
548 int i;
549 target_ulong ccr = 0;
550
551 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) {
552 (*regs)[i] = tswapl(env->gpr[i]);
553 }
554
555 (*regs)[32] = tswapl(env->nip);
556 (*regs)[33] = tswapl(env->msr);
557 (*regs)[35] = tswapl(env->ctr);
558 (*regs)[36] = tswapl(env->lr);
559 (*regs)[37] = tswapl(env->xer);
560
561 for (i = 0; i < ARRAY_SIZE(env->crf); i++) {
562 ccr |= env->crf[i] << (32 - ((i + 1) * 4));
563 }
564 (*regs)[38] = tswapl(ccr);
565}
566
567#define USE_ELF_CORE_DUMP
67867308
FB		 568#define ELF_EXEC_PAGESIZE 4096
569
570#endif
571
048f6b4d
FB		 572#ifdef TARGET_MIPS
573
574#define ELF_START_MMAP 0x80000000
575
576#define elf_check_arch(x) ( (x) == EM_MIPS )
577
388bb21a
TS		 578#ifdef TARGET_MIPS64
579#define ELF_CLASS ELFCLASS64
580#else
048f6b4d 581#define ELF_CLASS ELFCLASS32
388bb21a 582#endif
048f6b4d
FB		 583#ifdef TARGET_WORDS_BIGENDIAN
584#define ELF_DATA ELFDATA2MSB
585#else
586#define ELF_DATA ELFDATA2LSB
587#endif
588#define ELF_ARCH EM_MIPS
589
048f6b4d
FB		 590static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
591{
623a930e 592 regs->cp0_status = 2 << CP0St_KSU;
048f6b4d
FB		 593 regs->cp0_epc = infop->entry;
594 regs->regs[29] = infop->start_stack;
595}
596
51e52606
NF		 597/* See linux kernel: arch/mips/include/asm/elf.h. */
598#define ELF_NREG 45
599typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
600
601/* See linux kernel: arch/mips/include/asm/reg.h. */
602enum {
603#ifdef TARGET_MIPS64
604 TARGET_EF_R0 = 0,
605#else
606 TARGET_EF_R0 = 6,
607#endif
608 TARGET_EF_R26 = TARGET_EF_R0 + 26,
609 TARGET_EF_R27 = TARGET_EF_R0 + 27,
610 TARGET_EF_LO = TARGET_EF_R0 + 32,
611 TARGET_EF_HI = TARGET_EF_R0 + 33,
612 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34,
613 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35,
614 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36,
615 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37
616};
617
618/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */
619static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
620{
621 int i;
622
623 for (i = 0; i < TARGET_EF_R0; i++) {
624 (*regs)[i] = 0;
625 }
626 (*regs)[TARGET_EF_R0] = 0;
627
628 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) {
629 (*regs)[TARGET_EF_R0 + i] = tswapl(env->active_tc.gpr[i]);
630 }
631
632 (*regs)[TARGET_EF_R26] = 0;
633 (*regs)[TARGET_EF_R27] = 0;
634 (*regs)[TARGET_EF_LO] = tswapl(env->active_tc.LO[0]);
635 (*regs)[TARGET_EF_HI] = tswapl(env->active_tc.HI[0]);
636 (*regs)[TARGET_EF_CP0_EPC] = tswapl(env->active_tc.PC);
637 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapl(env->CP0_BadVAddr);
638 (*regs)[TARGET_EF_CP0_STATUS] = tswapl(env->CP0_Status);
639 (*regs)[TARGET_EF_CP0_CAUSE] = tswapl(env->CP0_Cause);
640}
641
642#define USE_ELF_CORE_DUMP
388bb21a
TS		 643#define ELF_EXEC_PAGESIZE 4096
644
048f6b4d
FB		 645#endif /* TARGET_MIPS */
646
b779e29e
EI		 647#ifdef TARGET_MICROBLAZE
648
649#define ELF_START_MMAP 0x80000000
650
651#define elf_check_arch(x) ( (x) == EM_XILINX_MICROBLAZE )
652
653#define ELF_CLASS ELFCLASS32
654#define ELF_DATA ELFDATA2MSB
655#define ELF_ARCH EM_MIPS
656
657static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
658{
659 regs->pc = infop->entry;
660 regs->r1 = infop->start_stack;
661
662}
663
b779e29e
EI		 664#define ELF_EXEC_PAGESIZE 4096
665
666#endif /* TARGET_MICROBLAZE */
667
fdf9b3e8
FB		 668#ifdef TARGET_SH4
669
670#define ELF_START_MMAP 0x80000000
671
672#define elf_check_arch(x) ( (x) == EM_SH )
673
674#define ELF_CLASS ELFCLASS32
675#define ELF_DATA ELFDATA2LSB
676#define ELF_ARCH EM_SH
677
fdf9b3e8
FB		 678static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
679{
680 /* Check other registers XXXXX */
681 regs->pc = infop->entry;
072ae847 682 regs->regs[15] = infop->start_stack;
fdf9b3e8
FB		 683}
684
fdf9b3e8
FB		 685#define ELF_EXEC_PAGESIZE 4096
686
687#endif
688
48733d19
TS		 689#ifdef TARGET_CRIS
690
691#define ELF_START_MMAP 0x80000000
692
693#define elf_check_arch(x) ( (x) == EM_CRIS )
694
695#define ELF_CLASS ELFCLASS32
696#define ELF_DATA ELFDATA2LSB
697#define ELF_ARCH EM_CRIS
698
699static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
700{
701 regs->erp = infop->entry;
702}
703
48733d19
TS		 704#define ELF_EXEC_PAGESIZE 8192
705
706#endif
707
e6e5906b
PB		 708#ifdef TARGET_M68K
709
710#define ELF_START_MMAP 0x80000000
711
712#define elf_check_arch(x) ( (x) == EM_68K )
713
714#define ELF_CLASS ELFCLASS32
715#define ELF_DATA ELFDATA2MSB
716#define ELF_ARCH EM_68K
717
718/* ??? Does this need to do anything?
719#define ELF_PLAT_INIT(_r) */
720
721static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
722{
723 regs->usp = infop->start_stack;
724 regs->sr = 0;
725 regs->pc = infop->entry;
726}
727
7a93cc55
NF		 728/* See linux kernel: arch/m68k/include/asm/elf.h. */
729#define ELF_NREG 20
730typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
731
732static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
733{
734 (*regs)[0] = tswapl(env->dregs[1]);
735 (*regs)[1] = tswapl(env->dregs[2]);
736 (*regs)[2] = tswapl(env->dregs[3]);
737 (*regs)[3] = tswapl(env->dregs[4]);
738 (*regs)[4] = tswapl(env->dregs[5]);
739 (*regs)[5] = tswapl(env->dregs[6]);
740 (*regs)[6] = tswapl(env->dregs[7]);
741 (*regs)[7] = tswapl(env->aregs[0]);
742 (*regs)[8] = tswapl(env->aregs[1]);
743 (*regs)[9] = tswapl(env->aregs[2]);
744 (*regs)[10] = tswapl(env->aregs[3]);
745 (*regs)[11] = tswapl(env->aregs[4]);
746 (*regs)[12] = tswapl(env->aregs[5]);
747 (*regs)[13] = tswapl(env->aregs[6]);
748 (*regs)[14] = tswapl(env->dregs[0]);
749 (*regs)[15] = tswapl(env->aregs[7]);
750 (*regs)[16] = tswapl(env->dregs[0]); /* FIXME: orig_d0 */
751 (*regs)[17] = tswapl(env->sr);
752 (*regs)[18] = tswapl(env->pc);
753 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */
754}
755
756#define USE_ELF_CORE_DUMP
e6e5906b
PB		 757#define ELF_EXEC_PAGESIZE 8192
758
759#endif
760
7a3148a9
JM		 761#ifdef TARGET_ALPHA
762
763#define ELF_START_MMAP (0x30000000000ULL)
764
765#define elf_check_arch(x) ( (x) == ELF_ARCH )
766
767#define ELF_CLASS ELFCLASS64
768#define ELF_DATA ELFDATA2MSB
769#define ELF_ARCH EM_ALPHA
770
771static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
772{
773 regs->pc = infop->entry;
774 regs->ps = 8;
775 regs->usp = infop->start_stack;
7a3148a9
JM		 776}
777
7a3148a9
JM		 778#define ELF_EXEC_PAGESIZE 8192
779
780#endif /* TARGET_ALPHA */
781
15338fd7
FB		 782#ifndef ELF_PLATFORM
783#define ELF_PLATFORM (NULL)
784#endif
785
786#ifndef ELF_HWCAP
787#define ELF_HWCAP 0
788#endif
789
992f48a0 790#ifdef TARGET_ABI32
cb33da57 791#undef ELF_CLASS
992f48a0 792#define ELF_CLASS ELFCLASS32
cb33da57
BS		 793#undef bswaptls
794#define bswaptls(ptr) bswap32s(ptr)
795#endif
796
31e31b8a 797#include "elf.h"
09bfb054 798
09bfb054
FB		 799struct exec
800{
801 unsigned int a_info; /* Use macros N_MAGIC, etc for access */
802 unsigned int a_text; /* length of text, in bytes */
803 unsigned int a_data; /* length of data, in bytes */
804 unsigned int a_bss; /* length of uninitialized data area, in bytes */
805 unsigned int a_syms; /* length of symbol table data in file, in bytes */
806 unsigned int a_entry; /* start address */
807 unsigned int a_trsize; /* length of relocation info for text, in bytes */
808 unsigned int a_drsize; /* length of relocation info for data, in bytes */
809};
810
811
812#define N_MAGIC(exec) ((exec).a_info & 0xffff)
813#define OMAGIC 0407
814#define NMAGIC 0410
815#define ZMAGIC 0413
816#define QMAGIC 0314
817
09bfb054
FB		 818/* max code+data+bss space allocated to elf interpreter */
819#define INTERP_MAP_SIZE (32 * 1024 * 1024)
820
821/* max code+data+bss+brk space allocated to ET_DYN executables */
822#define ET_DYN_MAP_SIZE (128 * 1024 * 1024)
823
31e31b8a 824/* Necessary parameters */
54936004
FB		 825#define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE
826#define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1))
827#define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1))
31e31b8a
FB		 828
829#define INTERPRETER_NONE 0
830#define INTERPRETER_AOUT 1
831#define INTERPRETER_ELF 2
832
15338fd7 833#define DLINFO_ITEMS 12
31e31b8a 834
09bfb054
FB		 835static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
836{
837 memcpy(to, from, n);
838}
d691f669 839
31e31b8a
FB		 840static int load_aout_interp(void * exptr, int interp_fd);
841
842#ifdef BSWAP_NEEDED
92a31b1f 843static void bswap_ehdr(struct elfhdr *ehdr)
31e31b8a
FB		 844{
845 bswap16s(&ehdr->e_type); /* Object file type */
846 bswap16s(&ehdr->e_machine); /* Architecture */
847 bswap32s(&ehdr->e_version); /* Object file version */
92a31b1f
FB		 848 bswaptls(&ehdr->e_entry); /* Entry point virtual address */
849 bswaptls(&ehdr->e_phoff); /* Program header table file offset */
850 bswaptls(&ehdr->e_shoff); /* Section header table file offset */
31e31b8a
FB		 851 bswap32s(&ehdr->e_flags); /* Processor-specific flags */
852 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */
853 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */
854 bswap16s(&ehdr->e_phnum); /* Program header table entry count */
855 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */
856 bswap16s(&ehdr->e_shnum); /* Section header table entry count */
857 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */
858}
859
92a31b1f 860static void bswap_phdr(struct elf_phdr *phdr)
31e31b8a
FB		 861{
862 bswap32s(&phdr->p_type); /* Segment type */
92a31b1f
FB		 863 bswaptls(&phdr->p_offset); /* Segment file offset */
864 bswaptls(&phdr->p_vaddr); /* Segment virtual address */
865 bswaptls(&phdr->p_paddr); /* Segment physical address */
866 bswaptls(&phdr->p_filesz); /* Segment size in file */
867 bswaptls(&phdr->p_memsz); /* Segment size in memory */
31e31b8a 868 bswap32s(&phdr->p_flags); /* Segment flags */
92a31b1f 869 bswaptls(&phdr->p_align); /* Segment alignment */
31e31b8a 870}
689f936f 871
92a31b1f 872static void bswap_shdr(struct elf_shdr *shdr)
689f936f
FB		 873{
874 bswap32s(&shdr->sh_name);
875 bswap32s(&shdr->sh_type);
92a31b1f
FB		 876 bswaptls(&shdr->sh_flags);
877 bswaptls(&shdr->sh_addr);
878 bswaptls(&shdr->sh_offset);
879 bswaptls(&shdr->sh_size);
689f936f
FB		 880 bswap32s(&shdr->sh_link);
881 bswap32s(&shdr->sh_info);
92a31b1f
FB		 882 bswaptls(&shdr->sh_addralign);
883 bswaptls(&shdr->sh_entsize);
689f936f
FB		 884}
885
7a3148a9 886static void bswap_sym(struct elf_sym *sym)
689f936f
FB		 887{
888 bswap32s(&sym->st_name);
7a3148a9
JM		 889 bswaptls(&sym->st_value);
890 bswaptls(&sym->st_size);
689f936f
FB		 891 bswap16s(&sym->st_shndx);
892}
31e31b8a
FB		 893#endif
894
edf8e2af
MW		 895#ifdef USE_ELF_CORE_DUMP
896static int elf_core_dump(int, const CPUState *);
897
898#ifdef BSWAP_NEEDED
899static void bswap_note(struct elf_note *en)
900{
9fdca5aa 901 bswap32s(&en->n_namesz);
902 bswap32s(&en->n_descsz);
903 bswap32s(&en->n_type);
edf8e2af
MW		 904}
905#endif /* BSWAP_NEEDED */
906
907#endif /* USE_ELF_CORE_DUMP */
908
31e31b8a 909/*
e5fe0c52 910 * 'copy_elf_strings()' copies argument/envelope strings from user
31e31b8a
FB		 911 * memory to free pages in kernel mem. These are in a format ready
912 * to be put directly into the top of new user memory.
913 *
914 */
992f48a0
BS		 915static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
916 abi_ulong p)
31e31b8a
FB		 917{
918 char *tmp, *tmp1, *pag = NULL;
919 int len, offset = 0;
920
921 if (!p) {
922 return 0; /* bullet-proofing */
923 }
924 while (argc-- > 0) {
edf779ff
FB		 925 tmp = argv[argc];
926 if (!tmp) {
31e31b8a
FB		 927 fprintf(stderr, "VFS: argc is wrong");
928 exit(-1);
929 }
edf779ff
FB		 930 tmp1 = tmp;
931 while (*tmp++);
31e31b8a
FB		 932 len = tmp - tmp1;
933 if (p < len) { /* this shouldn't happen - 128kB */
934 return 0;
935 }
936 while (len) {
937 --p; --tmp; --len;
938 if (--offset < 0) {
54936004 939 offset = p % TARGET_PAGE_SIZE;
53a5960a 940 pag = (char *)page[p/TARGET_PAGE_SIZE];
44a91cae 941 if (!pag) {
53a5960a 942 pag = (char *)malloc(TARGET_PAGE_SIZE);
4118a970 943 memset(pag, 0, TARGET_PAGE_SIZE);
53a5960a 944 page[p/TARGET_PAGE_SIZE] = pag;
44a91cae
FB		 945 if (!pag)
946 return 0;
31e31b8a
FB		 947 }
948 }
949 if (len == 0 || offset == 0) {
edf779ff 950 *(pag + offset) = *tmp;
31e31b8a
FB		 951 }
952 else {
953 int bytes_to_copy = (len > offset) ? offset : len;
954 tmp -= bytes_to_copy;
955 p -= bytes_to_copy;
956 offset -= bytes_to_copy;
957 len -= bytes_to_copy;
958 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
959 }
960 }
961 }
962 return p;
963}
964
992f48a0
BS		 965static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
966 struct image_info *info)
53a5960a 967{
992f48a0 968 abi_ulong stack_base, size, error;
31e31b8a 969 int i;
31e31b8a 970
09bfb054
FB		 971 /* Create enough stack to hold everything. If we don't use
972 * it for args, we'll use it for something else...
973 */
974 size = x86_stack_size;
54936004
FB		 975 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE)
976 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
5fafdf24 977 error = target_mmap(0,
83fb7adf 978 size + qemu_host_page_size,
54936004
FB		 979 PROT_READ | PROT_WRITE,
980 MAP_PRIVATE | MAP_ANONYMOUS,
981 -1, 0);
09bfb054
FB		 982 if (error == -1) {
983 perror("stk mmap");
984 exit(-1);
985 }
986 /* we reserve one extra page at the top of the stack as guard */
83fb7adf 987 target_mprotect(error + size, qemu_host_page_size, PROT_NONE);
31e31b8a 988
54936004 989 stack_base = error + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
31e31b8a 990 p += stack_base;
09bfb054 991
31e31b8a
FB		 992 for (i = 0 ; i < MAX_ARG_PAGES ; i++) {
993 if (bprm->page[i]) {
994 info->rss++;
579a97f7 995 /* FIXME - check return value of memcpy_to_target() for failure */
53a5960a
PB		 996 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE);
997 free(bprm->page[i]);
31e31b8a 998 }
53a5960a 999 stack_base += TARGET_PAGE_SIZE;
31e31b8a
FB		 1000 }
1001 return p;
1002}
1003
992f48a0 1004static void set_brk(abi_ulong start, abi_ulong end)
31e31b8a
FB		 1005{
1006 /* page-align the start and end addresses... */
54936004
FB		 1007 start = HOST_PAGE_ALIGN(start);
1008 end = HOST_PAGE_ALIGN(end);
31e31b8a
FB		 1009 if (end <= start)
1010 return;
54936004
FB		 1011 if(target_mmap(start, end - start,
1012 PROT_READ | PROT_WRITE | PROT_EXEC,
1013 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0) == -1) {
31e31b8a
FB		 1014 perror("cannot mmap brk");
1015 exit(-1);
1016 }
1017}
1018
1019
853d6f7a
FB		 1020/* We need to explicitly zero any fractional pages after the data
1021 section (i.e. bss). This would contain the junk from the file that
1022 should not be in memory. */
992f48a0 1023static void padzero(abi_ulong elf_bss, abi_ulong last_bss)
31e31b8a 1024{
992f48a0 1025 abi_ulong nbyte;
31e31b8a 1026
768a4a36
TS		 1027 if (elf_bss >= last_bss)
1028 return;
1029
853d6f7a
FB		 1030 /* XXX: this is really a hack : if the real host page size is
1031 smaller than the target page size, some pages after the end
1032 of the file may not be mapped. A better fix would be to
1033 patch target_mmap(), but it is more complicated as the file
1034 size must be known */
83fb7adf 1035 if (qemu_real_host_page_size < qemu_host_page_size) {
992f48a0 1036 abi_ulong end_addr, end_addr1;
5fafdf24 1037 end_addr1 = (elf_bss + qemu_real_host_page_size - 1) &
83fb7adf 1038 ~(qemu_real_host_page_size - 1);
853d6f7a
FB		 1039 end_addr = HOST_PAGE_ALIGN(elf_bss);
1040 if (end_addr1 < end_addr) {
863cf0b7 1041 mmap((void *)g2h(end_addr1), end_addr - end_addr1,
853d6f7a
FB		 1042 PROT_READ|PROT_WRITE|PROT_EXEC,
1043 MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
1044 }
1045 }
1046
83fb7adf 1047 nbyte = elf_bss & (qemu_host_page_size-1);
31e31b8a 1048 if (nbyte) {
83fb7adf 1049 nbyte = qemu_host_page_size - nbyte;
31e31b8a 1050 do {
2f619698
FB		 1051 /* FIXME - what to do if put_user() fails? */
1052 put_user_u8(0, elf_bss);
53a5960a 1053 elf_bss++;
31e31b8a
FB		 1054 } while (--nbyte);
1055 }
1056}
1057
53a5960a 1058
992f48a0
BS		 1059static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
1060 struct elfhdr * exec,
1061 abi_ulong load_addr,
1062 abi_ulong load_bias,
1063 abi_ulong interp_load_addr, int ibcs,
1064 struct image_info *info)
31e31b8a 1065{
992f48a0 1066 abi_ulong sp;
53a5960a 1067 int size;
992f48a0 1068 abi_ulong u_platform;
15338fd7 1069 const char *k_platform;
863cf0b7 1070 const int n = sizeof(elf_addr_t);
edf779ff 1071
53a5960a
PB		 1072 sp = p;
1073 u_platform = 0;
15338fd7
FB		 1074 k_platform = ELF_PLATFORM;
1075 if (k_platform) {
1076 size_t len = strlen(k_platform) + 1;
53a5960a
PB		 1077 sp -= (len + n - 1) & ~(n - 1);
1078 u_platform = sp;
579a97f7 1079 /* FIXME - check return value of memcpy_to_target() for failure */
53a5960a 1080 memcpy_to_target(sp, k_platform, len);
15338fd7 1081 }
53a5960a
PB		 1082 /*
1083 * Force 16 byte _final_ alignment here for generality.
1084 */
992f48a0 1085 sp = sp &~ (abi_ulong)15;
53a5960a 1086 size = (DLINFO_ITEMS + 1) * 2;
15338fd7 1087 if (k_platform)
53a5960a 1088 size += 2;
f5155289 1089#ifdef DLINFO_ARCH_ITEMS
53a5960a 1090 size += DLINFO_ARCH_ITEMS * 2;
f5155289 1091#endif
53a5960a
PB		 1092 size += envc + argc + 2;
1093 size += (!ibcs ? 3 : 1); /* argc itself */
1094 size *= n;
1095 if (size & 15)
1096 sp -= 16 - (size & 15);
3b46e624 1097
863cf0b7
JM		 1098 /* This is correct because Linux defines
1099 * elf_addr_t as Elf32_Off / Elf64_Off
1100 */
2f619698
FB		 1101#define NEW_AUX_ENT(id, val) do { \
1102 sp -= n; put_user_ual(val, sp); \
1103 sp -= n; put_user_ual(id, sp); \
53a5960a 1104 } while(0)
2f619698 1105
0bccf03d
FB		 1106 NEW_AUX_ENT (AT_NULL, 0);
1107
1108 /* There must be exactly DLINFO_ITEMS entries here. */
992f48a0
BS		 1109 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(load_addr + exec->e_phoff));
1110 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr)));
1111 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum));
1112 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE));
1113 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_load_addr));
1114 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0);
0bccf03d 1115 NEW_AUX_ENT(AT_ENTRY, load_bias + exec->e_entry);
992f48a0
BS		 1116 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid());
1117 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid());
1118 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid());
1119 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid());
1120 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP);
a07c67df 1121 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK));
15338fd7 1122 if (k_platform)
53a5960a 1123 NEW_AUX_ENT(AT_PLATFORM, u_platform);
f5155289 1124#ifdef ARCH_DLINFO
5fafdf24 1125 /*
f5155289
FB		 1126 * ARCH_DLINFO must come last so platform specific code can enforce
1127 * special alignment requirements on the AUXV if necessary (eg. PPC).
1128 */
1129 ARCH_DLINFO;
1130#endif
1131#undef NEW_AUX_ENT
1132
edf8e2af
MW		 1133 info->saved_auxv = sp;
1134
e5fe0c52 1135 sp = loader_build_argptr(envc, argc, sp, p, !ibcs);
31e31b8a
FB		 1136 return sp;
1137}
1138
1139
992f48a0
BS		 1140static abi_ulong load_elf_interp(struct elfhdr * interp_elf_ex,
1141 int interpreter_fd,
1142 abi_ulong *interp_load_addr)
31e31b8a
FB		 1143{
1144 struct elf_phdr *elf_phdata = NULL;
1145 struct elf_phdr *eppnt;
992f48a0 1146 abi_ulong load_addr = 0;
31e31b8a
FB		 1147 int load_addr_set = 0;
1148 int retval;
992f48a0
BS		 1149 abi_ulong last_bss, elf_bss;
1150 abi_ulong error;
31e31b8a 1151 int i;
5fafdf24 1152
31e31b8a
FB		 1153 elf_bss = 0;
1154 last_bss = 0;
1155 error = 0;
1156
644c433c
FB		 1157#ifdef BSWAP_NEEDED
1158 bswap_ehdr(interp_elf_ex);
1159#endif
31e31b8a 1160 /* First of all, some simple consistency checks */
5fafdf24
TS		 1161 if ((interp_elf_ex->e_type != ET_EXEC &&
1162 interp_elf_ex->e_type != ET_DYN) ||
31e31b8a 1163 !elf_check_arch(interp_elf_ex->e_machine)) {
992f48a0 1164 return ~((abi_ulong)0UL);
31e31b8a 1165 }
5fafdf24 1166
644c433c 1167
31e31b8a 1168 /* Now read in all of the header information */
5fafdf24 1169
54936004 1170 if (sizeof(struct elf_phdr) * interp_elf_ex->e_phnum > TARGET_PAGE_SIZE)
992f48a0 1171 return ~(abi_ulong)0UL;
5fafdf24
TS		 1172
1173 elf_phdata = (struct elf_phdr *)
31e31b8a
FB		 1174 malloc(sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
1175
1176 if (!elf_phdata)
992f48a0 1177 return ~((abi_ulong)0UL);
5fafdf24 1178
31e31b8a
FB		 1179 /*
1180 * If the size of this structure has changed, then punt, since
1181 * we will be doing the wrong thing.
1182 */
09bfb054 1183 if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr)) {
31e31b8a 1184 free(elf_phdata);
992f48a0 1185 return ~((abi_ulong)0UL);
09bfb054 1186 }
31e31b8a
FB		 1187
1188 retval = lseek(interpreter_fd, interp_elf_ex->e_phoff, SEEK_SET);
1189 if(retval >= 0) {
1190 retval = read(interpreter_fd,
1191 (char *) elf_phdata,
1192 sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
1193 }
31e31b8a
FB		 1194 if (retval < 0) {
1195 perror("load_elf_interp");
1196 exit(-1);
1197 free (elf_phdata);
1198 return retval;
1199 }
1200#ifdef BSWAP_NEEDED
1201 eppnt = elf_phdata;
1202 for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) {
1203 bswap_phdr(eppnt);
1204 }
1205#endif
09bfb054
FB		 1206
1207 if (interp_elf_ex->e_type == ET_DYN) {
e91c8a77 1208 /* in order to avoid hardcoding the interpreter load
09bfb054 1209 address in qemu, we allocate a big enough memory zone */
54936004 1210 error = target_mmap(0, INTERP_MAP_SIZE,
5fafdf24 1211 PROT_NONE, MAP_PRIVATE | MAP_ANON,
54936004 1212 -1, 0);
09bfb054
FB		 1213 if (error == -1) {
1214 perror("mmap");
1215 exit(-1);
1216 }
1217 load_addr = error;
1218 load_addr_set = 1;
1219 }
1220
31e31b8a
FB		 1221 eppnt = elf_phdata;
1222 for(i=0; i<interp_elf_ex->e_phnum; i++, eppnt++)
1223 if (eppnt->p_type == PT_LOAD) {
1224 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
1225 int elf_prot = 0;
992f48a0
BS		 1226 abi_ulong vaddr = 0;
1227 abi_ulong k;
31e31b8a
FB		 1228
1229 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ;
1230 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1231 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1232 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set) {
1233 elf_type |= MAP_FIXED;
1234 vaddr = eppnt->p_vaddr;
1235 }
54936004
FB		 1236 error = target_mmap(load_addr+TARGET_ELF_PAGESTART(vaddr),
1237 eppnt->p_filesz + TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr),
31e31b8a
FB		 1238 elf_prot,
1239 elf_type,
1240 interpreter_fd,
54936004 1241 eppnt->p_offset - TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr));
3b46e624 1242
e89f07d3 1243 if (error == -1) {
31e31b8a
FB		 1244 /* Real error */
1245 close(interpreter_fd);
1246 free(elf_phdata);
992f48a0 1247 return ~((abi_ulong)0UL);
31e31b8a
FB		 1248 }
1249
1250 if (!load_addr_set && interp_elf_ex->e_type == ET_DYN) {
1251 load_addr = error;
1252 load_addr_set = 1;
1253 }
1254
1255 /*
1256 * Find the end of the file mapping for this phdr, and keep
1257 * track of the largest address we see for this.
1258 */
1259 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
1260 if (k > elf_bss) elf_bss = k;
1261
1262 /*
1263 * Do the same thing for the memory mapping - between
1264 * elf_bss and last_bss is the bss section.
1265 */
1266 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
1267 if (k > last_bss) last_bss = k;
1268 }
5fafdf24 1269
31e31b8a
FB		 1270 /* Now use mmap to map the library into memory. */
1271
1272 close(interpreter_fd);
1273
1274 /*
1275 * Now fill out the bss section. First pad the last page up
1276 * to the page boundary, and then perform a mmap to make sure
1277 * that there are zeromapped pages up to and including the last
1278 * bss page.
1279 */
768a4a36 1280 padzero(elf_bss, last_bss);
83fb7adf 1281 elf_bss = TARGET_ELF_PAGESTART(elf_bss + qemu_host_page_size - 1); /* What we have mapped so far */
31e31b8a
FB		 1282
1283 /* Map the last of the bss segment */
1284 if (last_bss > elf_bss) {
54936004
FB		 1285 target_mmap(elf_bss, last_bss-elf_bss,
1286 PROT_READ|PROT_WRITE|PROT_EXEC,
1287 MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
31e31b8a
FB		 1288 }
1289 free(elf_phdata);
1290
1291 *interp_load_addr = load_addr;
992f48a0 1292 return ((abi_ulong) interp_elf_ex->e_entry) + load_addr;
31e31b8a
FB		 1293}
1294
49918a75
PB		 1295static int symfind(const void *s0, const void *s1)
1296{
1297 struct elf_sym *key = (struct elf_sym *)s0;
1298 struct elf_sym *sym = (struct elf_sym *)s1;
1299 int result = 0;
1300 if (key->st_value < sym->st_value) {
1301 result = -1;
ec822001 1302 } else if (key->st_value >= sym->st_value + sym->st_size) {
49918a75
PB		 1303 result = 1;
1304 }
1305 return result;
1306}
1307
1308static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1309{
1310#if ELF_CLASS == ELFCLASS32
1311 struct elf_sym *syms = s->disas_symtab.elf32;
1312#else
1313 struct elf_sym *syms = s->disas_symtab.elf64;
1314#endif
1315
1316 // binary search
1317 struct elf_sym key;
1318 struct elf_sym *sym;
1319
1320 key.st_value = orig_addr;
1321
1322 sym = bsearch(&key, syms, s->disas_num_syms, sizeof(*syms), symfind);
7cba04f6 1323 if (sym != NULL) {
49918a75
PB		 1324 return s->disas_strtab + sym->st_name;
1325 }
1326
1327 return "";
1328}
1329
1330/* FIXME: This should use elf_ops.h */
1331static int symcmp(const void *s0, const void *s1)
1332{
1333 struct elf_sym *sym0 = (struct elf_sym *)s0;
1334 struct elf_sym *sym1 = (struct elf_sym *)s1;
1335 return (sym0->st_value < sym1->st_value)
1336 ? -1
1337 : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1338}
1339
689f936f
FB		 1340/* Best attempt to load symbols from this ELF object. */
1341static void load_symbols(struct elfhdr *hdr, int fd)
1342{
49918a75 1343 unsigned int i, nsyms;
689f936f
FB		 1344 struct elf_shdr sechdr, symtab, strtab;
1345 char *strings;
e80cfcfc 1346 struct syminfo *s;
49918a75 1347 struct elf_sym *syms;
689f936f
FB		 1348
1349 lseek(fd, hdr->e_shoff, SEEK_SET);
1350 for (i = 0; i < hdr->e_shnum; i++) {
49918a75
PB		 1351 if (read(fd, &sechdr, sizeof(sechdr)) != sizeof(sechdr))
1352 return;
689f936f 1353#ifdef BSWAP_NEEDED
49918a75 1354 bswap_shdr(&sechdr);
689f936f 1355#endif
49918a75
PB		 1356 if (sechdr.sh_type == SHT_SYMTAB) {
1357 symtab = sechdr;
1358 lseek(fd, hdr->e_shoff
1359 + sizeof(sechdr) * sechdr.sh_link, SEEK_SET);
1360 if (read(fd, &strtab, sizeof(strtab))
1361 != sizeof(strtab))
1362 return;
689f936f 1363#ifdef BSWAP_NEEDED
49918a75 1364 bswap_shdr(&strtab);
689f936f 1365#endif
49918a75
PB		 1366 goto found;
1367 }
689f936f
FB		 1368 }
1369 return; /* Shouldn't happen... */
1370
1371 found:
1372 /* Now know where the strtab and symtab are. Snarf them. */
e80cfcfc 1373 s = malloc(sizeof(*s));
49918a75
PB		 1374 syms = malloc(symtab.sh_size);
1375 if (!syms)
1376 return;
e80cfcfc 1377 s->disas_strtab = strings = malloc(strtab.sh_size);
49918a75
PB		 1378 if (!s->disas_strtab)
1379 return;
5fafdf24 1380
689f936f 1381 lseek(fd, symtab.sh_offset, SEEK_SET);
49918a75
PB		 1382 if (read(fd, syms, symtab.sh_size) != symtab.sh_size)
1383 return;
1384
1385 nsyms = symtab.sh_size / sizeof(struct elf_sym);
31e31b8a 1386
49918a75
PB		 1387 i = 0;
1388 while (i < nsyms) {
689f936f 1389#ifdef BSWAP_NEEDED
49918a75 1390 bswap_sym(syms + i);
689f936f 1391#endif
49918a75
PB		 1392 // Throw away entries which we do not need.
1393 if (syms[i].st_shndx == SHN_UNDEF ||
1394 syms[i].st_shndx >= SHN_LORESERVE ||
1395 ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) {
1396 nsyms--;
1397 if (i < nsyms) {
1398 syms[i] = syms[nsyms];
1399 }
1400 continue;
1401 }
1402#if defined(TARGET_ARM) || defined (TARGET_MIPS)
1403 /* The bottom address bit marks a Thumb or MIPS16 symbol. */
1404 syms[i].st_value &= ~(target_ulong)1;
0774bed1 1405#endif
49918a75 1406 i++;
0774bed1 1407 }
49918a75
PB		 1408 syms = realloc(syms, nsyms * sizeof(*syms));
1409
1410 qsort(syms, nsyms, sizeof(*syms), symcmp);
689f936f
FB		 1411
1412 lseek(fd, strtab.sh_offset, SEEK_SET);
1413 if (read(fd, strings, strtab.sh_size) != strtab.sh_size)
49918a75
PB		 1414 return;
1415 s->disas_num_syms = nsyms;
1416#if ELF_CLASS == ELFCLASS32
1417 s->disas_symtab.elf32 = syms;
ca20cf32 1418 s->lookup_symbol = (lookup_symbol_t)lookup_symbolxx;
49918a75
PB		 1419#else
1420 s->disas_symtab.elf64 = syms;
ca20cf32 1421 s->lookup_symbol = (lookup_symbol_t)lookup_symbolxx;
49918a75 1422#endif
e80cfcfc
FB		 1423 s->next = syminfos;
1424 syminfos = s;
689f936f 1425}
31e31b8a 1426
e5fe0c52
PB		 1427int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
1428 struct image_info * info)
31e31b8a
FB		 1429{
1430 struct elfhdr elf_ex;
1431 struct elfhdr interp_elf_ex;
1432 struct exec interp_ex;
1433 int interpreter_fd = -1; /* avoid warning */
992f48a0 1434 abi_ulong load_addr, load_bias;
31e31b8a
FB		 1435 int load_addr_set = 0;
1436 unsigned int interpreter_type = INTERPRETER_NONE;
1437 unsigned char ibcs2_interpreter;
1438 int i;
992f48a0 1439 abi_ulong mapped_addr;
31e31b8a
FB		 1440 struct elf_phdr * elf_ppnt;
1441 struct elf_phdr *elf_phdata;
992f48a0 1442 abi_ulong elf_bss, k, elf_brk;
31e31b8a
FB		 1443 int retval;
1444 char * elf_interpreter;
992f48a0 1445 abi_ulong elf_entry, interp_load_addr = 0;
31e31b8a 1446 int status;
992f48a0
BS		 1447 abi_ulong start_code, end_code, start_data, end_data;
1448 abi_ulong reloc_func_desc = 0;
1449 abi_ulong elf_stack;
31e31b8a
FB		 1450 char passed_fileno[6];
1451
1452 ibcs2_interpreter = 0;
1453 status = 0;
1454 load_addr = 0;
09bfb054 1455 load_bias = 0;
31e31b8a
FB		 1456 elf_ex = *((struct elfhdr *) bprm->buf); /* exec-header */
1457#ifdef BSWAP_NEEDED
1458 bswap_ehdr(&elf_ex);
1459#endif
1460
31e31b8a
FB		 1461 /* First of all, some simple consistency checks */
1462 if ((elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN) ||
1463 (! elf_check_arch(elf_ex.e_machine))) {
1464 return -ENOEXEC;
1465 }
1466
e5fe0c52
PB		 1467 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
1468 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
1469 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
1470 if (!bprm->p) {
1471 retval = -E2BIG;
1472 }
1473
31e31b8a 1474 /* Now read in all of the header information */
31e31b8a
FB		 1475 elf_phdata = (struct elf_phdr *)malloc(elf_ex.e_phentsize*elf_ex.e_phnum);
1476 if (elf_phdata == NULL) {
1477 return -ENOMEM;
1478 }
1479
1480 retval = lseek(bprm->fd, elf_ex.e_phoff, SEEK_SET);
1481 if(retval > 0) {
5fafdf24 1482 retval = read(bprm->fd, (char *) elf_phdata,
31e31b8a
FB		 1483 elf_ex.e_phentsize * elf_ex.e_phnum);
1484 }
1485
1486 if (retval < 0) {
1487 perror("load_elf_binary");
1488 exit(-1);
1489 free (elf_phdata);
1490 return -errno;
1491 }
1492
b17780d5
FB		 1493#ifdef BSWAP_NEEDED
1494 elf_ppnt = elf_phdata;
1495 for (i=0; i<elf_ex.e_phnum; i++, elf_ppnt++) {
1496 bswap_phdr(elf_ppnt);
1497 }
1498#endif
31e31b8a
FB		 1499 elf_ppnt = elf_phdata;
1500
1501 elf_bss = 0;
1502 elf_brk = 0;
1503
1504
992f48a0 1505 elf_stack = ~((abi_ulong)0UL);
31e31b8a 1506 elf_interpreter = NULL;
992f48a0 1507 start_code = ~((abi_ulong)0UL);
31e31b8a 1508 end_code = 0;
863cf0b7 1509 start_data = 0;
31e31b8a 1510 end_data = 0;
98448f58 1511 interp_ex.a_info = 0;
31e31b8a
FB		 1512
1513 for(i=0;i < elf_ex.e_phnum; i++) {
1514 if (elf_ppnt->p_type == PT_INTERP) {
1515 if ( elf_interpreter != NULL )
1516 {
1517 free (elf_phdata);
1518 free(elf_interpreter);
1519 close(bprm->fd);
1520 return -EINVAL;
1521 }
1522
1523 /* This is the program interpreter used for
1524 * shared libraries - for now assume that this
1525 * is an a.out format binary
1526 */
1527
32ce6337 1528 elf_interpreter = (char *)malloc(elf_ppnt->p_filesz);
31e31b8a
FB		 1529
1530 if (elf_interpreter == NULL) {
1531 free (elf_phdata);
1532 close(bprm->fd);
1533 return -ENOMEM;
1534 }
1535
31e31b8a
FB		 1536 retval = lseek(bprm->fd, elf_ppnt->p_offset, SEEK_SET);
1537 if(retval >= 0) {
32ce6337 1538 retval = read(bprm->fd, elf_interpreter, elf_ppnt->p_filesz);
31e31b8a
FB		 1539 }
1540 if(retval < 0) {
1541 perror("load_elf_binary2");
1542 exit(-1);
5fafdf24 1543 }
31e31b8a
FB		 1544
1545 /* If the program interpreter is one of these two,
1546 then assume an iBCS2 image. Otherwise assume
1547 a native linux image. */
1548
1549 /* JRP - Need to add X86 lib dir stuff here... */
1550
1551 if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 ||
1552 strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0) {
1553 ibcs2_interpreter = 1;
1554 }
1555
1556#if 0
3bc0bdca 1557 printf("Using ELF interpreter %s\n", path(elf_interpreter));
31e31b8a
FB		 1558#endif
1559 if (retval >= 0) {
32ce6337 1560 retval = open(path(elf_interpreter), O_RDONLY);
31e31b8a
FB		 1561 if(retval >= 0) {
1562 interpreter_fd = retval;
1563 }
1564 else {
1565 perror(elf_interpreter);
1566 exit(-1);
1567 /* retval = -errno; */
1568 }
1569 }
1570
1571 if (retval >= 0) {
1572 retval = lseek(interpreter_fd, 0, SEEK_SET);
1573 if(retval >= 0) {
1574 retval = read(interpreter_fd,bprm->buf,128);
1575 }
1576 }
1577 if (retval >= 0) {
1578 interp_ex = *((struct exec *) bprm->buf); /* aout exec-header */
6ece4df6 1579 interp_elf_ex = *((struct elfhdr *) bprm->buf); /* elf exec-header */
31e31b8a
FB		 1580 }
1581 if (retval < 0) {
1582 perror("load_elf_binary3");
1583 exit(-1);
1584 free (elf_phdata);
1585 free(elf_interpreter);
1586 close(bprm->fd);
1587 return retval;
1588 }
1589 }
1590 elf_ppnt++;
1591 }
1592
1593 /* Some simple consistency checks for the interpreter */
1594 if (elf_interpreter){
1595 interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT;
1596
1597 /* Now figure out which format our binary is */
1598 if ((N_MAGIC(interp_ex) != OMAGIC) && (N_MAGIC(interp_ex) != ZMAGIC) &&
1599 (N_MAGIC(interp_ex) != QMAGIC)) {
1600 interpreter_type = INTERPRETER_ELF;
1601 }
1602
1603 if (interp_elf_ex.e_ident[0] != 0x7f ||
b55266b5 1604 strncmp((char *)&interp_elf_ex.e_ident[1], "ELF",3) != 0) {
31e31b8a
FB		 1605 interpreter_type &= ~INTERPRETER_ELF;
1606 }
1607
1608 if (!interpreter_type) {
1609 free(elf_interpreter);
1610 free(elf_phdata);
1611 close(bprm->fd);
1612 return -ELIBBAD;
1613 }
1614 }
1615
1616 /* OK, we are done with that, now set up the arg stuff,
1617 and then start this sucker up */
1618
e5fe0c52 1619 {
31e31b8a
FB		 1620 char * passed_p;
1621
1622 if (interpreter_type == INTERPRETER_AOUT) {
eba2af63 1623 snprintf(passed_fileno, sizeof(passed_fileno), "%d", bprm->fd);
31e31b8a
FB		 1624 passed_p = passed_fileno;
1625
1626 if (elf_interpreter) {
e5fe0c52 1627 bprm->p = copy_elf_strings(1,&passed_p,bprm->page,bprm->p);
31e31b8a
FB		 1628 bprm->argc++;
1629 }
1630 }
1631 if (!bprm->p) {
1632 if (elf_interpreter) {
1633 free(elf_interpreter);
1634 }
1635 free (elf_phdata);
1636 close(bprm->fd);
1637 return -E2BIG;
1638 }
1639 }
1640
1641 /* OK, This is the point of no return */
1642 info->end_data = 0;
1643 info->end_code = 0;
992f48a0 1644 info->start_mmap = (abi_ulong)ELF_START_MMAP;
31e31b8a 1645 info->mmap = 0;
992f48a0 1646 elf_entry = (abi_ulong) elf_ex.e_entry;
31e31b8a 1647
379f6698
PB		 1648#if defined(CONFIG_USE_GUEST_BASE)
1649 /*
1650 * In case where user has not explicitly set the guest_base, we
1651 * probe here that should we set it automatically.
1652 */
1653 if (!have_guest_base) {
1654 /*
1655 * Go through ELF program header table and find out whether
1656 * any of the segments drop below our current mmap_min_addr and
1657 * in that case set guest_base to corresponding address.
1658 */
1659 for (i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum;
1660 i++, elf_ppnt++) {
1661 if (elf_ppnt->p_type != PT_LOAD)
1662 continue;
1663 if (HOST_PAGE_ALIGN(elf_ppnt->p_vaddr) < mmap_min_addr) {
1664 guest_base = HOST_PAGE_ALIGN(mmap_min_addr);
1665 break;
1666 }
1667 }
1668 }
1669#endif /* CONFIG_USE_GUEST_BASE */
1670
31e31b8a
FB		 1671 /* Do this so that we can load the interpreter, if need be. We will
1672 change some of these later */
1673 info->rss = 0;
1674 bprm->p = setup_arg_pages(bprm->p, bprm, info);
1675 info->start_stack = bprm->p;
1676
1677 /* Now we do a little grungy work by mmaping the ELF image into
1678 * the correct location in memory. At this point, we assume that
1679 * the image should be loaded at fixed address, not at a variable
1680 * address.
1681 */
1682
31e31b8a 1683 for(i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum; i++, elf_ppnt++) {
09bfb054
FB		 1684 int elf_prot = 0;
1685 int elf_flags = 0;
992f48a0 1686 abi_ulong error;
3b46e624 1687
09bfb054
FB		 1688 if (elf_ppnt->p_type != PT_LOAD)
1689 continue;
3b46e624 1690
09bfb054
FB		 1691 if (elf_ppnt->p_flags & PF_R) elf_prot |= PROT_READ;
1692 if (elf_ppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1693 if (elf_ppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1694 elf_flags = MAP_PRIVATE | MAP_DENYWRITE;
1695 if (elf_ex.e_type == ET_EXEC || load_addr_set) {
1696 elf_flags |= MAP_FIXED;
1697 } else if (elf_ex.e_type == ET_DYN) {
1698 /* Try and get dynamic programs out of the way of the default mmap
1699 base, as well as whatever program they might try to exec. This
1700 is because the brk will follow the loader, and is not movable. */
1701 /* NOTE: for qemu, we do a big mmap to get enough space
e91c8a77 1702 without hardcoding any address */
54936004 1703 error = target_mmap(0, ET_DYN_MAP_SIZE,
5fafdf24 1704 PROT_NONE, MAP_PRIVATE | MAP_ANON,
54936004 1705 -1, 0);
09bfb054
FB		 1706 if (error == -1) {
1707 perror("mmap");
1708 exit(-1);
1709 }
54936004 1710 load_bias = TARGET_ELF_PAGESTART(error - elf_ppnt->p_vaddr);
09bfb054 1711 }
3b46e624 1712
54936004
FB		 1713 error = target_mmap(TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr),
1714 (elf_ppnt->p_filesz +
1715 TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)),
1716 elf_prot,
1717 (MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE),
1718 bprm->fd,
5fafdf24 1719 (elf_ppnt->p_offset -
54936004 1720 TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)));
09bfb054
FB		 1721 if (error == -1) {
1722 perror("mmap");
1723 exit(-1);
1724 }
31e31b8a
FB		 1725
1726#ifdef LOW_ELF_STACK
54936004
FB		 1727 if (TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr) < elf_stack)
1728 elf_stack = TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr);
31e31b8a 1729#endif
3b46e624 1730
09bfb054
FB		 1731 if (!load_addr_set) {
1732 load_addr_set = 1;
1733 load_addr = elf_ppnt->p_vaddr - elf_ppnt->p_offset;
1734 if (elf_ex.e_type == ET_DYN) {
1735 load_bias += error -
54936004 1736 TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr);
09bfb054 1737 load_addr += load_bias;
84409ddb 1738 reloc_func_desc = load_bias;
09bfb054
FB		 1739 }
1740 }
1741 k = elf_ppnt->p_vaddr;
5fafdf24 1742 if (k < start_code)
09bfb054 1743 start_code = k;
863cf0b7
JM		 1744 if (start_data < k)
1745 start_data = k;
09bfb054 1746 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
5fafdf24 1747 if (k > elf_bss)
09bfb054
FB		 1748 elf_bss = k;
1749 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
1750 end_code = k;
5fafdf24 1751 if (end_data < k)
09bfb054
FB		 1752 end_data = k;
1753 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1754 if (k > elf_brk) elf_brk = k;
31e31b8a
FB		 1755 }
1756
09bfb054
FB		 1757 elf_entry += load_bias;
1758 elf_bss += load_bias;
1759 elf_brk += load_bias;
1760 start_code += load_bias;
1761 end_code += load_bias;
863cf0b7 1762 start_data += load_bias;
09bfb054
FB		 1763 end_data += load_bias;
1764
31e31b8a
FB		 1765 if (elf_interpreter) {
1766 if (interpreter_type & 1) {
1767 elf_entry = load_aout_interp(&interp_ex, interpreter_fd);
1768 }
1769 else if (interpreter_type & 2) {
1770 elf_entry = load_elf_interp(&interp_elf_ex, interpreter_fd,
1771 &interp_load_addr);
1772 }
84409ddb 1773 reloc_func_desc = interp_load_addr;
31e31b8a
FB		 1774
1775 close(interpreter_fd);
1776 free(elf_interpreter);
1777
992f48a0 1778 if (elf_entry == ~((abi_ulong)0UL)) {
31e31b8a
FB		 1779 printf("Unable to load interpreter\n");
1780 free(elf_phdata);
1781 exit(-1);
1782 return 0;
1783 }
1784 }
1785
1786 free(elf_phdata);
1787
93fcfe39 1788 if (qemu_log_enabled())
689f936f
FB		 1789 load_symbols(&elf_ex, bprm->fd);
1790
31e31b8a
FB		 1791 if (interpreter_type != INTERPRETER_AOUT) close(bprm->fd);
1792 info->personality = (ibcs2_interpreter ? PER_SVR4 : PER_LINUX);
1793
1794#ifdef LOW_ELF_STACK
1795 info->start_stack = bprm->p = elf_stack - 4;
1796#endif
53a5960a 1797 bprm->p = create_elf_tables(bprm->p,
31e31b8a
FB		 1798 bprm->argc,
1799 bprm->envc,
a1516e92 1800 &elf_ex,
09bfb054 1801 load_addr, load_bias,
31e31b8a
FB		 1802 interp_load_addr,
1803 (interpreter_type == INTERPRETER_AOUT ? 0 : 1),
1804 info);
92a343da 1805 info->load_addr = reloc_func_desc;
31e31b8a
FB		 1806 info->start_brk = info->brk = elf_brk;
1807 info->end_code = end_code;
1808 info->start_code = start_code;
863cf0b7 1809 info->start_data = start_data;
31e31b8a
FB		 1810 info->end_data = end_data;
1811 info->start_stack = bprm->p;
1812
1813 /* Calling set_brk effectively mmaps the pages that we need for the bss and break
1814 sections */
1815 set_brk(elf_bss, elf_brk);
1816
768a4a36 1817 padzero(elf_bss, elf_brk);
31e31b8a
FB		 1818
1819#if 0
1820 printf("(start_brk) %x\n" , info->start_brk);
1821 printf("(end_code) %x\n" , info->end_code);
1822 printf("(start_code) %x\n" , info->start_code);
1823 printf("(end_data) %x\n" , info->end_data);
1824 printf("(start_stack) %x\n" , info->start_stack);
1825 printf("(brk) %x\n" , info->brk);
1826#endif
1827
1828 if ( info->personality == PER_SVR4 )
1829 {
1830 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1831 and some applications "depend" upon this behavior.
1832 Since we do not have the power to recompile these, we
1833 emulate the SVr4 behavior. Sigh. */
83fb7adf 1834 mapped_addr = target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC,
54936004 1835 MAP_FIXED | MAP_PRIVATE, -1, 0);
31e31b8a
FB		 1836 }
1837
31e31b8a
FB		 1838 info->entry = elf_entry;
1839
edf8e2af
MW		 1840#ifdef USE_ELF_CORE_DUMP
1841 bprm->core_dump = &elf_core_dump;
1842#endif
1843
31e31b8a
FB		 1844 return 0;
1845}
1846
edf8e2af
MW		 1847#ifdef USE_ELF_CORE_DUMP
1848
1849/*
1850 * Definitions to generate Intel SVR4-like core files.
a2547a13 1851 * These mostly have the same names as the SVR4 types with "target_elf_"
edf8e2af
MW		 1852 * tacked on the front to prevent clashes with linux definitions,
1853 * and the typedef forms have been avoided. This is mostly like
1854 * the SVR4 structure, but more Linuxy, with things that Linux does
1855 * not support and which gdb doesn't really use excluded.
1856 *
1857 * Fields we don't dump (their contents is zero) in linux-user qemu
1858 * are marked with XXX.
1859 *
1860 * Core dump code is copied from linux kernel (fs/binfmt_elf.c).
1861 *
1862 * Porting ELF coredump for target is (quite) simple process. First you
dd0a3651 1863 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for
edf8e2af
MW		 1864 * the target resides):
1865 *
1866 * #define USE_ELF_CORE_DUMP
1867 *
1868 * Next you define type of register set used for dumping. ELF specification
1869 * says that it needs to be array of elf_greg_t that has size of ELF_NREG.
1870 *
c227f099 1871 * typedef <target_regtype> target_elf_greg_t;
edf8e2af 1872 * #define ELF_NREG <number of registers>
c227f099 1873 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG];
edf8e2af 1874 *
edf8e2af
MW		 1875 * Last step is to implement target specific function that copies registers
1876 * from given cpu into just specified register set. Prototype is:
1877 *
c227f099 1878 * static void elf_core_copy_regs(taret_elf_gregset_t *regs,
a2547a13 1879 * const CPUState *env);
edf8e2af
MW		 1880 *
1881 * Parameters:
1882 * regs - copy register values into here (allocated and zeroed by caller)
1883 * env - copy registers from here
1884 *
1885 * Example for ARM target is provided in this file.
1886 */
1887
1888/* An ELF note in memory */
1889struct memelfnote {
1890 const char *name;
1891 size_t namesz;
1892 size_t namesz_rounded;
1893 int type;
1894 size_t datasz;
1895 void *data;
1896 size_t notesz;
1897};
1898
a2547a13 1899struct target_elf_siginfo {
edf8e2af
MW		 1900 int si_signo; /* signal number */
1901 int si_code; /* extra code */
1902 int si_errno; /* errno */
1903};
1904
a2547a13
LD		 1905struct target_elf_prstatus {
1906 struct target_elf_siginfo pr_info; /* Info associated with signal */
edf8e2af
MW		 1907 short pr_cursig; /* Current signal */
1908 target_ulong pr_sigpend; /* XXX */
1909 target_ulong pr_sighold; /* XXX */
c227f099
AL		 1910 target_pid_t pr_pid;
1911 target_pid_t pr_ppid;
1912 target_pid_t pr_pgrp;
1913 target_pid_t pr_sid;
edf8e2af
MW		 1914 struct target_timeval pr_utime; /* XXX User time */
1915 struct target_timeval pr_stime; /* XXX System time */
1916 struct target_timeval pr_cutime; /* XXX Cumulative user time */
1917 struct target_timeval pr_cstime; /* XXX Cumulative system time */
c227f099 1918 target_elf_gregset_t pr_reg; /* GP registers */
edf8e2af
MW		 1919 int pr_fpvalid; /* XXX */
1920};
1921
1922#define ELF_PRARGSZ (80) /* Number of chars for args */
1923
a2547a13 1924struct target_elf_prpsinfo {
edf8e2af
MW		 1925 char pr_state; /* numeric process state */
1926 char pr_sname; /* char for pr_state */
1927 char pr_zomb; /* zombie */
1928 char pr_nice; /* nice val */
1929 target_ulong pr_flag; /* flags */
c227f099
AL		 1930 target_uid_t pr_uid;
1931 target_gid_t pr_gid;
1932 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
edf8e2af
MW		 1933 /* Lots missing */
1934 char pr_fname[16]; /* filename of executable */
1935 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
1936};
1937
1938/* Here is the structure in which status of each thread is captured. */
1939struct elf_thread_status {
72cf2d4f 1940 QTAILQ_ENTRY(elf_thread_status) ets_link;
a2547a13 1941 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */
edf8e2af
MW		 1942#if 0
1943 elf_fpregset_t fpu; /* NT_PRFPREG */
1944 struct task_struct *thread;
1945 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1946#endif
1947 struct memelfnote notes[1];
1948 int num_notes;
1949};
1950
1951struct elf_note_info {
1952 struct memelfnote *notes;
a2547a13
LD		 1953 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */
1954 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */
edf8e2af 1955
72cf2d4f 1956 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list;
edf8e2af
MW		 1957#if 0
1958 /*
1959 * Current version of ELF coredump doesn't support
1960 * dumping fp regs etc.
1961 */
1962 elf_fpregset_t *fpu;
1963 elf_fpxregset_t *xfpu;
1964 int thread_status_size;
1965#endif
1966 int notes_size;
1967 int numnote;
1968};
1969
1970struct vm_area_struct {
1971 abi_ulong vma_start; /* start vaddr of memory region */
1972 abi_ulong vma_end; /* end vaddr of memory region */
1973 abi_ulong vma_flags; /* protection etc. flags for the region */
72cf2d4f 1974 QTAILQ_ENTRY(vm_area_struct) vma_link;
edf8e2af
MW		 1975};
1976
1977struct mm_struct {
72cf2d4f 1978 QTAILQ_HEAD(, vm_area_struct) mm_mmap;
edf8e2af
MW		 1979 int mm_count; /* number of mappings */
1980};
1981
1982static struct mm_struct *vma_init(void);
1983static void vma_delete(struct mm_struct *);
1984static int vma_add_mapping(struct mm_struct *, abi_ulong,
1985 abi_ulong, abi_ulong);
1986static int vma_get_mapping_count(const struct mm_struct *);
1987static struct vm_area_struct *vma_first(const struct mm_struct *);
1988static struct vm_area_struct *vma_next(struct vm_area_struct *);
1989static abi_ulong vma_dump_size(const struct vm_area_struct *);
1990static int vma_walker(void *priv, unsigned long start, unsigned long end,
1991 unsigned long flags);
1992
1993static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t);
1994static void fill_note(struct memelfnote *, const char *, int,
1995 unsigned int, void *);
a2547a13
LD		 1996static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int);
1997static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *);
edf8e2af
MW		 1998static void fill_auxv_note(struct memelfnote *, const TaskState *);
1999static void fill_elf_note_phdr(struct elf_phdr *, int, off_t);
2000static size_t note_size(const struct memelfnote *);
2001static void free_note_info(struct elf_note_info *);
2002static int fill_note_info(struct elf_note_info *, long, const CPUState *);
2003static void fill_thread_info(struct elf_note_info *, const CPUState *);
2004static int core_dump_filename(const TaskState *, char *, size_t);
2005
2006static int dump_write(int, const void *, size_t);
2007static int write_note(struct memelfnote *, int);
2008static int write_note_info(struct elf_note_info *, int);
2009
2010#ifdef BSWAP_NEEDED
a2547a13
LD		 2011static void bswap_prstatus(struct target_elf_prstatus *);
2012static void bswap_psinfo(struct target_elf_prpsinfo *);
edf8e2af 2013
a2547a13 2014static void bswap_prstatus(struct target_elf_prstatus *prstatus)
edf8e2af
MW		 2015{
2016 prstatus->pr_info.si_signo = tswapl(prstatus->pr_info.si_signo);
2017 prstatus->pr_info.si_code = tswapl(prstatus->pr_info.si_code);
2018 prstatus->pr_info.si_errno = tswapl(prstatus->pr_info.si_errno);
2019 prstatus->pr_cursig = tswap16(prstatus->pr_cursig);
2020 prstatus->pr_sigpend = tswapl(prstatus->pr_sigpend);
2021 prstatus->pr_sighold = tswapl(prstatus->pr_sighold);
2022 prstatus->pr_pid = tswap32(prstatus->pr_pid);
2023 prstatus->pr_ppid = tswap32(prstatus->pr_ppid);
2024 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp);
2025 prstatus->pr_sid = tswap32(prstatus->pr_sid);
2026 /* cpu times are not filled, so we skip them */
2027 /* regs should be in correct format already */
2028 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid);
2029}
2030
a2547a13 2031static void bswap_psinfo(struct target_elf_prpsinfo *psinfo)
edf8e2af
MW		 2032{
2033 psinfo->pr_flag = tswapl(psinfo->pr_flag);
2034 psinfo->pr_uid = tswap16(psinfo->pr_uid);
2035 psinfo->pr_gid = tswap16(psinfo->pr_gid);
2036 psinfo->pr_pid = tswap32(psinfo->pr_pid);
2037 psinfo->pr_ppid = tswap32(psinfo->pr_ppid);
2038 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp);
2039 psinfo->pr_sid = tswap32(psinfo->pr_sid);
2040}
2041#endif /* BSWAP_NEEDED */
2042
2043/*
2044 * Minimal support for linux memory regions. These are needed
2045 * when we are finding out what memory exactly belongs to
2046 * emulated process. No locks needed here, as long as
2047 * thread that received the signal is stopped.
2048 */
2049
2050static struct mm_struct *vma_init(void)
2051{
2052 struct mm_struct *mm;
2053
2054 if ((mm = qemu_malloc(sizeof (*mm))) == NULL)
2055 return (NULL);
2056
2057 mm->mm_count = 0;
72cf2d4f 2058 QTAILQ_INIT(&mm->mm_mmap);
edf8e2af
MW		 2059
2060 return (mm);
2061}
2062
2063static void vma_delete(struct mm_struct *mm)
2064{
2065 struct vm_area_struct *vma;
2066
2067 while ((vma = vma_first(mm)) != NULL) {
72cf2d4f 2068 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link);
edf8e2af
MW		 2069 qemu_free(vma);
2070 }
2071 qemu_free(mm);
2072}
2073
2074static int vma_add_mapping(struct mm_struct *mm, abi_ulong start,
2075 abi_ulong end, abi_ulong flags)
2076{
2077 struct vm_area_struct *vma;
2078
2079 if ((vma = qemu_mallocz(sizeof (*vma))) == NULL)
2080 return (-1);
2081
2082 vma->vma_start = start;
2083 vma->vma_end = end;
2084 vma->vma_flags = flags;
2085
72cf2d4f 2086 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link);
edf8e2af
MW		 2087 mm->mm_count++;
2088
2089 return (0);
2090}
2091
2092static struct vm_area_struct *vma_first(const struct mm_struct *mm)
2093{
72cf2d4f 2094 return (QTAILQ_FIRST(&mm->mm_mmap));
edf8e2af
MW		 2095}
2096
2097static struct vm_area_struct *vma_next(struct vm_area_struct *vma)
2098{
72cf2d4f 2099 return (QTAILQ_NEXT(vma, vma_link));
edf8e2af
MW		 2100}
2101
2102static int vma_get_mapping_count(const struct mm_struct *mm)
2103{
2104 return (mm->mm_count);
2105}
2106
2107/*
2108 * Calculate file (dump) size of given memory region.
2109 */
2110static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
2111{
2112 /* if we cannot even read the first page, skip it */
2113 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
2114 return (0);
2115
2116 /*
2117 * Usually we don't dump executable pages as they contain
2118 * non-writable code that debugger can read directly from
2119 * target library etc. However, thread stacks are marked
2120 * also executable so we read in first page of given region
2121 * and check whether it contains elf header. If there is
2122 * no elf header, we dump it.
2123 */
2124 if (vma->vma_flags & PROT_EXEC) {
2125 char page[TARGET_PAGE_SIZE];
2126
2127 copy_from_user(page, vma->vma_start, sizeof (page));
2128 if ((page[EI_MAG0] == ELFMAG0) &&
2129 (page[EI_MAG1] == ELFMAG1) &&
2130 (page[EI_MAG2] == ELFMAG2) &&
2131 (page[EI_MAG3] == ELFMAG3)) {
2132 /*
2133 * Mappings are possibly from ELF binary. Don't dump
2134 * them.
2135 */
2136 return (0);
2137 }
2138 }
2139
2140 return (vma->vma_end - vma->vma_start);
2141}
2142
2143static int vma_walker(void *priv, unsigned long start, unsigned long end,
2144 unsigned long flags)
2145{
2146 struct mm_struct *mm = (struct mm_struct *)priv;
2147
2148 /*
2149 * Don't dump anything that qemu has reserved for internal use.
2150 */
2151 if (flags & PAGE_RESERVED)
2152 return (0);
2153
2154 vma_add_mapping(mm, start, end, flags);
2155 return (0);
2156}
2157
2158static void fill_note(struct memelfnote *note, const char *name, int type,
2159 unsigned int sz, void *data)
2160{
2161 unsigned int namesz;
2162
2163 namesz = strlen(name) + 1;
2164 note->name = name;
2165 note->namesz = namesz;
2166 note->namesz_rounded = roundup(namesz, sizeof (int32_t));
2167 note->type = type;
2168 note->datasz = roundup(sz, sizeof (int32_t));;
2169 note->data = data;
2170
2171 /*
2172 * We calculate rounded up note size here as specified by
2173 * ELF document.
2174 */
2175 note->notesz = sizeof (struct elf_note) +
2176 note->namesz_rounded + note->datasz;
2177}
2178
2179static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine,
2180 uint32_t flags)
2181{
2182 (void) memset(elf, 0, sizeof(*elf));
2183
2184 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG);
2185 elf->e_ident[EI_CLASS] = ELF_CLASS;
2186 elf->e_ident[EI_DATA] = ELF_DATA;
2187 elf->e_ident[EI_VERSION] = EV_CURRENT;
2188 elf->e_ident[EI_OSABI] = ELF_OSABI;
2189
2190 elf->e_type = ET_CORE;
2191 elf->e_machine = machine;
2192 elf->e_version = EV_CURRENT;
2193 elf->e_phoff = sizeof(struct elfhdr);
2194 elf->e_flags = flags;
2195 elf->e_ehsize = sizeof(struct elfhdr);
2196 elf->e_phentsize = sizeof(struct elf_phdr);
2197 elf->e_phnum = segs;
2198
2199#ifdef BSWAP_NEEDED
2200 bswap_ehdr(elf);
2201#endif
2202}
2203
2204static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
2205{
2206 phdr->p_type = PT_NOTE;
2207 phdr->p_offset = offset;
2208 phdr->p_vaddr = 0;
2209 phdr->p_paddr = 0;
2210 phdr->p_filesz = sz;
2211 phdr->p_memsz = 0;
2212 phdr->p_flags = 0;
2213 phdr->p_align = 0;
2214
2215#ifdef BSWAP_NEEDED
2216 bswap_phdr(phdr);
2217#endif
2218}
2219
2220static size_t note_size(const struct memelfnote *note)
2221{
2222 return (note->notesz);
2223}
2224
a2547a13 2225static void fill_prstatus(struct target_elf_prstatus *prstatus,
edf8e2af
MW		 2226 const TaskState *ts, int signr)
2227{
2228 (void) memset(prstatus, 0, sizeof (*prstatus));
2229 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
2230 prstatus->pr_pid = ts->ts_tid;
2231 prstatus->pr_ppid = getppid();
2232 prstatus->pr_pgrp = getpgrp();
2233 prstatus->pr_sid = getsid(0);
2234
2235#ifdef BSWAP_NEEDED
2236 bswap_prstatus(prstatus);
2237#endif
2238}
2239
a2547a13 2240static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
edf8e2af
MW		 2241{
2242 char *filename, *base_filename;
2243 unsigned int i, len;
2244
2245 (void) memset(psinfo, 0, sizeof (*psinfo));
2246
2247 len = ts->info->arg_end - ts->info->arg_start;
2248 if (len >= ELF_PRARGSZ)
2249 len = ELF_PRARGSZ - 1;
2250 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len))
2251 return -EFAULT;
2252 for (i = 0; i < len; i++)
2253 if (psinfo->pr_psargs[i] == 0)
2254 psinfo->pr_psargs[i] = ' ';
2255 psinfo->pr_psargs[len] = 0;
2256
2257 psinfo->pr_pid = getpid();
2258 psinfo->pr_ppid = getppid();
2259 psinfo->pr_pgrp = getpgrp();
2260 psinfo->pr_sid = getsid(0);
2261 psinfo->pr_uid = getuid();
2262 psinfo->pr_gid = getgid();
2263
2264 filename = strdup(ts->bprm->filename);
2265 base_filename = strdup(basename(filename));
2266 (void) strncpy(psinfo->pr_fname, base_filename,
2267 sizeof(psinfo->pr_fname));
2268 free(base_filename);
2269 free(filename);
2270
2271#ifdef BSWAP_NEEDED
2272 bswap_psinfo(psinfo);
2273#endif
2274 return (0);
2275}
2276
2277static void fill_auxv_note(struct memelfnote *note, const TaskState *ts)
2278{
2279 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv;
2280 elf_addr_t orig_auxv = auxv;
2281 abi_ulong val;
2282 void *ptr;
2283 int i, len;
2284
2285 /*
2286 * Auxiliary vector is stored in target process stack. It contains
2287 * {type, value} pairs that we need to dump into note. This is not
2288 * strictly necessary but we do it here for sake of completeness.
2289 */
2290
2291 /* find out lenght of the vector, AT_NULL is terminator */
2292 i = len = 0;
2293 do {
2294 get_user_ual(val, auxv);
2295 i += 2;
2296 auxv += 2 * sizeof (elf_addr_t);
2297 } while (val != AT_NULL);
2298 len = i * sizeof (elf_addr_t);
2299
2300 /* read in whole auxv vector and copy it to memelfnote */
2301 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0);
2302 if (ptr != NULL) {
2303 fill_note(note, "CORE", NT_AUXV, len, ptr);
2304 unlock_user(ptr, auxv, len);
2305 }
2306}
2307
2308/*
2309 * Constructs name of coredump file. We have following convention
2310 * for the name:
2311 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core
2312 *
2313 * Returns 0 in case of success, -1 otherwise (errno is set).
2314 */
2315static int core_dump_filename(const TaskState *ts, char *buf,
2316 size_t bufsize)
2317{
2318 char timestamp[64];
2319 char *filename = NULL;
2320 char *base_filename = NULL;
2321 struct timeval tv;
2322 struct tm tm;
2323
2324 assert(bufsize >= PATH_MAX);
2325
2326 if (gettimeofday(&tv, NULL) < 0) {
2327 (void) fprintf(stderr, "unable to get current timestamp: %s",
2328 strerror(errno));
2329 return (-1);
2330 }
2331
2332 filename = strdup(ts->bprm->filename);
2333 base_filename = strdup(basename(filename));
2334 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S",
2335 localtime_r(&tv.tv_sec, &tm));
2336 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core",
2337 base_filename, timestamp, (int)getpid());
2338 free(base_filename);
2339 free(filename);
2340
2341 return (0);
2342}
2343
2344static int dump_write(int fd, const void *ptr, size_t size)
2345{
2346 const char *bufp = (const char *)ptr;
2347 ssize_t bytes_written, bytes_left;
2348 struct rlimit dumpsize;
2349 off_t pos;
2350
2351 bytes_written = 0;
2352 getrlimit(RLIMIT_CORE, &dumpsize);
2353 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) {
2354 if (errno == ESPIPE) { /* not a seekable stream */
2355 bytes_left = size;
2356 } else {
2357 return pos;
2358 }
2359 } else {
2360 if (dumpsize.rlim_cur <= pos) {
2361 return -1;
2362 } else if (dumpsize.rlim_cur == RLIM_INFINITY) {
2363 bytes_left = size;
2364 } else {
2365 size_t limit_left=dumpsize.rlim_cur - pos;
2366 bytes_left = limit_left >= size ? size : limit_left ;
2367 }
2368 }
2369
2370 /*
2371 * In normal conditions, single write(2) should do but
2372 * in case of socket etc. this mechanism is more portable.
2373 */
2374 do {
2375 bytes_written = write(fd, bufp, bytes_left);
2376 if (bytes_written < 0) {
2377 if (errno == EINTR)
2378 continue;
2379 return (-1);
2380 } else if (bytes_written == 0) { /* eof */
2381 return (-1);
2382 }
2383 bufp += bytes_written;
2384 bytes_left -= bytes_written;
2385 } while (bytes_left > 0);
2386
2387 return (0);
2388}
2389
2390static int write_note(struct memelfnote *men, int fd)
2391{
2392 struct elf_note en;
2393
2394 en.n_namesz = men->namesz;
2395 en.n_type = men->type;
2396 en.n_descsz = men->datasz;
2397
2398#ifdef BSWAP_NEEDED
2399 bswap_note(&en);
2400#endif
2401
2402 if (dump_write(fd, &en, sizeof(en)) != 0)
2403 return (-1);
2404 if (dump_write(fd, men->name, men->namesz_rounded) != 0)
2405 return (-1);
2406 if (dump_write(fd, men->data, men->datasz) != 0)
2407 return (-1);
2408
2409 return (0);
2410}
2411
2412static void fill_thread_info(struct elf_note_info *info, const CPUState *env)
2413{
2414 TaskState *ts = (TaskState *)env->opaque;
2415 struct elf_thread_status *ets;
2416
2417 ets = qemu_mallocz(sizeof (*ets));
2418 ets->num_notes = 1; /* only prstatus is dumped */
2419 fill_prstatus(&ets->prstatus, ts, 0);
2420 elf_core_copy_regs(&ets->prstatus.pr_reg, env);
2421 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus),
2422 &ets->prstatus);
2423
72cf2d4f 2424 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link);
edf8e2af
MW		 2425
2426 info->notes_size += note_size(&ets->notes[0]);
2427}
2428
2429static int fill_note_info(struct elf_note_info *info,
2430 long signr, const CPUState *env)
2431{
2432#define NUMNOTES 3
2433 CPUState *cpu = NULL;
2434 TaskState *ts = (TaskState *)env->opaque;
2435 int i;
2436
2437 (void) memset(info, 0, sizeof (*info));
2438
72cf2d4f 2439 QTAILQ_INIT(&info->thread_list);
edf8e2af
MW		 2440
2441 info->notes = qemu_mallocz(NUMNOTES * sizeof (struct memelfnote));
2442 if (info->notes == NULL)
2443 return (-ENOMEM);
2444 info->prstatus = qemu_mallocz(sizeof (*info->prstatus));
2445 if (info->prstatus == NULL)
2446 return (-ENOMEM);
2447 info->psinfo = qemu_mallocz(sizeof (*info->psinfo));
2448 if (info->prstatus == NULL)
2449 return (-ENOMEM);
2450
2451 /*
2452 * First fill in status (and registers) of current thread
2453 * including process info & aux vector.
2454 */
2455 fill_prstatus(info->prstatus, ts, signr);
2456 elf_core_copy_regs(&info->prstatus->pr_reg, env);
2457 fill_note(&info->notes[0], "CORE", NT_PRSTATUS,
2458 sizeof (*info->prstatus), info->prstatus);
2459 fill_psinfo(info->psinfo, ts);
2460 fill_note(&info->notes[1], "CORE", NT_PRPSINFO,
2461 sizeof (*info->psinfo), info->psinfo);
2462 fill_auxv_note(&info->notes[2], ts);
2463 info->numnote = 3;
2464
2465 info->notes_size = 0;
2466 for (i = 0; i < info->numnote; i++)
2467 info->notes_size += note_size(&info->notes[i]);
2468
2469 /* read and fill status of all threads */
2470 cpu_list_lock();
2471 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
2472 if (cpu == thread_env)
2473 continue;
2474 fill_thread_info(info, cpu);
2475 }
2476 cpu_list_unlock();
2477
2478 return (0);
2479}
2480
2481static void free_note_info(struct elf_note_info *info)
2482{
2483 struct elf_thread_status *ets;
2484
72cf2d4f
BS		 2485 while (!QTAILQ_EMPTY(&info->thread_list)) {
2486 ets = QTAILQ_FIRST(&info->thread_list);
2487 QTAILQ_REMOVE(&info->thread_list, ets, ets_link);
edf8e2af
MW		 2488 qemu_free(ets);
2489 }
2490
2491 qemu_free(info->prstatus);
2492 qemu_free(info->psinfo);
2493 qemu_free(info->notes);
2494}
2495
2496static int write_note_info(struct elf_note_info *info, int fd)
2497{
2498 struct elf_thread_status *ets;
2499 int i, error = 0;
2500
2501 /* write prstatus, psinfo and auxv for current thread */
2502 for (i = 0; i < info->numnote; i++)
2503 if ((error = write_note(&info->notes[i], fd)) != 0)
2504 return (error);
2505
2506 /* write prstatus for each thread */
2507 for (ets = info->thread_list.tqh_first; ets != NULL;
2508 ets = ets->ets_link.tqe_next) {
2509 if ((error = write_note(&ets->notes[0], fd)) != 0)
2510 return (error);
2511 }
2512
2513 return (0);
2514}
2515
2516/*
2517 * Write out ELF coredump.
2518 *
2519 * See documentation of ELF object file format in:
2520 * http://www.caldera.com/developers/devspecs/gabi41.pdf
2521 *
2522 * Coredump format in linux is following:
2523 *
2524 * 0 +----------------------+ \
2525 * | ELF header | ET_CORE |
2526 * +----------------------+ |
2527 * | ELF program headers | |--- headers
2528 * | - NOTE section | |
2529 * | - PT_LOAD sections | |
2530 * +----------------------+ /
2531 * | NOTEs: |
2532 * | - NT_PRSTATUS |
2533 * | - NT_PRSINFO |
2534 * | - NT_AUXV |
2535 * +----------------------+ <-- aligned to target page
2536 * | Process memory dump |
2537 * : :
2538 * . .
2539 * : :
2540 * | |
2541 * +----------------------+
2542 *
2543 * NT_PRSTATUS -> struct elf_prstatus (per thread)
2544 * NT_PRSINFO -> struct elf_prpsinfo
2545 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()).
2546 *
2547 * Format follows System V format as close as possible. Current
2548 * version limitations are as follows:
2549 * - no floating point registers are dumped
2550 *
2551 * Function returns 0 in case of success, negative errno otherwise.
2552 *
2553 * TODO: make this work also during runtime: it should be
2554 * possible to force coredump from running process and then
2555 * continue processing. For example qemu could set up SIGUSR2
2556 * handler (provided that target process haven't registered
2557 * handler for that) that does the dump when signal is received.
2558 */
2559static int elf_core_dump(int signr, const CPUState *env)
2560{
2561 const TaskState *ts = (const TaskState *)env->opaque;
2562 struct vm_area_struct *vma = NULL;
2563 char corefile[PATH_MAX];
2564 struct elf_note_info info;
2565 struct elfhdr elf;
2566 struct elf_phdr phdr;
2567 struct rlimit dumpsize;
2568 struct mm_struct *mm = NULL;
2569 off_t offset = 0, data_offset = 0;
2570 int segs = 0;
2571 int fd = -1;
2572
2573 errno = 0;
2574 getrlimit(RLIMIT_CORE, &dumpsize);
2575 if (dumpsize.rlim_cur == 0)
2576 return 0;
2577
2578 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0)
2579 return (-errno);
2580
2581 if ((fd = open(corefile, O_WRONLY | O_CREAT,
2582 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0)
2583 return (-errno);
2584
2585 /*
2586 * Walk through target process memory mappings and
2587 * set up structure containing this information. After
2588 * this point vma_xxx functions can be used.
2589 */
2590 if ((mm = vma_init()) == NULL)
2591 goto out;
2592
2593 walk_memory_regions(mm, vma_walker);
2594 segs = vma_get_mapping_count(mm);
2595
2596 /*
2597 * Construct valid coredump ELF header. We also
2598 * add one more segment for notes.
2599 */
2600 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0);
2601 if (dump_write(fd, &elf, sizeof (elf)) != 0)
2602 goto out;
2603
2604 /* fill in in-memory version of notes */
2605 if (fill_note_info(&info, signr, env) < 0)
2606 goto out;
2607
2608 offset += sizeof (elf); /* elf header */
2609 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */
2610
2611 /* write out notes program header */
2612 fill_elf_note_phdr(&phdr, info.notes_size, offset);
2613
2614 offset += info.notes_size;
2615 if (dump_write(fd, &phdr, sizeof (phdr)) != 0)
2616 goto out;
2617
2618 /*
2619 * ELF specification wants data to start at page boundary so
2620 * we align it here.
2621 */
2622 offset = roundup(offset, ELF_EXEC_PAGESIZE);
2623
2624 /*
2625 * Write program headers for memory regions mapped in
2626 * the target process.
2627 */
2628 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2629 (void) memset(&phdr, 0, sizeof (phdr));
2630
2631 phdr.p_type = PT_LOAD;
2632 phdr.p_offset = offset;
2633 phdr.p_vaddr = vma->vma_start;
2634 phdr.p_paddr = 0;
2635 phdr.p_filesz = vma_dump_size(vma);
2636 offset += phdr.p_filesz;
2637 phdr.p_memsz = vma->vma_end - vma->vma_start;
2638 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0;
2639 if (vma->vma_flags & PROT_WRITE)
2640 phdr.p_flags |= PF_W;
2641 if (vma->vma_flags & PROT_EXEC)
2642 phdr.p_flags |= PF_X;
2643 phdr.p_align = ELF_EXEC_PAGESIZE;
2644
2645 dump_write(fd, &phdr, sizeof (phdr));
2646 }
2647
2648 /*
2649 * Next we write notes just after program headers. No
2650 * alignment needed here.
2651 */
2652 if (write_note_info(&info, fd) < 0)
2653 goto out;
2654
2655 /* align data to page boundary */
2656 data_offset = lseek(fd, 0, SEEK_CUR);
2657 data_offset = TARGET_PAGE_ALIGN(data_offset);
2658 if (lseek(fd, data_offset, SEEK_SET) != data_offset)
2659 goto out;
2660
2661 /*
2662 * Finally we can dump process memory into corefile as well.
2663 */
2664 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2665 abi_ulong addr;
2666 abi_ulong end;
2667
2668 end = vma->vma_start + vma_dump_size(vma);
2669
2670 for (addr = vma->vma_start; addr < end;
2671 addr += TARGET_PAGE_SIZE) {
2672 char page[TARGET_PAGE_SIZE];
2673 int error;
2674
2675 /*
2676 * Read in page from target process memory and
2677 * write it to coredump file.
2678 */
2679 error = copy_from_user(page, addr, sizeof (page));
2680 if (error != 0) {
49995e17 2681 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n",
edf8e2af
MW		 2682 addr);
2683 errno = -error;
2684 goto out;
2685 }
2686 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0)
2687 goto out;
2688 }
2689 }
2690
2691out:
2692 free_note_info(&info);
2693 if (mm != NULL)
2694 vma_delete(mm);
2695 (void) close(fd);
2696
2697 if (errno != 0)
2698 return (-errno);
2699 return (0);
2700}
2701
2702#endif /* USE_ELF_CORE_DUMP */
2703
31e31b8a
FB		 2704static int load_aout_interp(void * exptr, int interp_fd)
2705{
2706 printf("a.out interpreter not yet supported\n");
2707 return(0);
2708}
2709
e5fe0c52
PB		 2710void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
2711{
2712 init_thread(regs, infop);
2713}
Qemu copy for testing