]> git.proxmox.com Git - mirror_qemu.git/blame - linux-user/elfload.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
linux-user: implemented ELF coredump support for ARM target
[mirror_qemu.git] / linux-user / elfload.c
CommitLineData
31e31b8a 1/* This is the Linux kernel elf-loading code, ported into user space */
edf8e2af
MW		 2#include <sys/time.h>
3#include <sys/param.h>
31e31b8a
FB		 4
5#include <stdio.h>
6#include <sys/types.h>
7#include <fcntl.h>
31e31b8a
FB		 8#include <errno.h>
9#include <unistd.h>
10#include <sys/mman.h>
edf8e2af 11#include <sys/resource.h>
31e31b8a
FB		 12#include <stdlib.h>
13#include <string.h>
edf8e2af 14#include <time.h>
31e31b8a 15
3ef693a0 16#include "qemu.h"
689f936f 17#include "disas.h"
31e31b8a 18
e58ffeb3 19#ifdef _ARCH_PPC64
a6cc84f4 20#undef ARCH_DLINFO
21#undef ELF_PLATFORM
22#undef ELF_HWCAP
23#undef ELF_CLASS
24#undef ELF_DATA
25#undef ELF_ARCH
26#endif
27
edf8e2af
MW		 28#define ELF_OSABI ELFOSABI_SYSV
29
cb33da57
BS		 30/* from personality.h */
31
32/*
33 * Flags for bug emulation.
34 *
35 * These occupy the top three bytes.
36 */
37enum {
38 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */
39 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to descriptors
40 * (signal handling)
41 */
42 MMAP_PAGE_ZERO = 0x0100000,
43 ADDR_COMPAT_LAYOUT = 0x0200000,
44 READ_IMPLIES_EXEC = 0x0400000,
45 ADDR_LIMIT_32BIT = 0x0800000,
46 SHORT_INODE = 0x1000000,
47 WHOLE_SECONDS = 0x2000000,
48 STICKY_TIMEOUTS = 0x4000000,
49 ADDR_LIMIT_3GB = 0x8000000,
50};
51
52/*
53 * Personality types.
54 *
55 * These go in the low byte. Avoid using the top bit, it will
56 * conflict with error returns.
57 */
58enum {
59 PER_LINUX = 0x0000,
60 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT,
61 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS,
62 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
63 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
64 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS |
65 WHOLE_SECONDS | SHORT_INODE,
66 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
67 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
68 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS,
69 PER_BSD = 0x0006,
70 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS,
71 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
72 PER_LINUX32 = 0x0008,
73 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB,
74 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
75 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
76 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
77 PER_RISCOS = 0x000c,
78 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS,
79 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
80 PER_OSF4 = 0x000f, /* OSF/1 v4 */
81 PER_HPUX = 0x0010,
82 PER_MASK = 0x00ff,
83};
84
85/*
86 * Return the base personality without flags.
87 */
88#define personality(pers) (pers & PER_MASK)
89
83fb7adf
FB		 90/* this flag is uneffective under linux too, should be deleted */
91#ifndef MAP_DENYWRITE
92#define MAP_DENYWRITE 0
93#endif
94
95/* should probably go in elf.h */
96#ifndef ELIBBAD
97#define ELIBBAD 80
98#endif
99
30ac07d4
FB		 100#ifdef TARGET_I386
101
15338fd7
FB		 102#define ELF_PLATFORM get_elf_platform()
103
104static const char *get_elf_platform(void)
105{
106 static char elf_platform[] = "i386";
d5975363 107 int family = (thread_env->cpuid_version >> 8) & 0xff;
15338fd7
FB		 108 if (family > 6)
109 family = 6;
110 if (family >= 3)
111 elf_platform[1] = '0' + family;
112 return elf_platform;
113}
114
115#define ELF_HWCAP get_elf_hwcap()
116
117static uint32_t get_elf_hwcap(void)
118{
d5975363 119 return thread_env->cpuid_features;
15338fd7
FB		 120}
121
84409ddb
JM		 122#ifdef TARGET_X86_64
123#define ELF_START_MMAP 0x2aaaaab000ULL
124#define elf_check_arch(x) ( ((x) == ELF_ARCH) )
125
126#define ELF_CLASS ELFCLASS64
127#define ELF_DATA ELFDATA2LSB
128#define ELF_ARCH EM_X86_64
129
130static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
131{
132 regs->rax = 0;
133 regs->rsp = infop->start_stack;
134 regs->rip = infop->entry;
135}
136
137#else
138
30ac07d4
FB		 139#define ELF_START_MMAP 0x80000000
140
30ac07d4
FB		 141/*
142 * This is used to ensure we don't load something for the wrong architecture.
143 */
144#define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) )
145
146/*
147 * These are used to set parameters in the core dumps.
148 */
149#define ELF_CLASS ELFCLASS32
150#define ELF_DATA ELFDATA2LSB
151#define ELF_ARCH EM_386
152
b346ff46
FB		 153static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
154{
155 regs->esp = infop->start_stack;
156 regs->eip = infop->entry;
e5fe0c52
PB		 157
158 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
159 starts %edx contains a pointer to a function which might be
160 registered using `atexit'. This provides a mean for the
161 dynamic linker to call DT_FINI functions for shared libraries
162 that have been loaded before the code runs.
163
164 A value of 0 tells we have no such handler. */
165 regs->edx = 0;
b346ff46 166}
84409ddb 167#endif
b346ff46 168
b346ff46
FB		 169#define ELF_EXEC_PAGESIZE 4096
170
171#endif
172
173#ifdef TARGET_ARM
174
175#define ELF_START_MMAP 0x80000000
176
177#define elf_check_arch(x) ( (x) == EM_ARM )
178
179#define ELF_CLASS ELFCLASS32
180#ifdef TARGET_WORDS_BIGENDIAN
181#define ELF_DATA ELFDATA2MSB
182#else
183#define ELF_DATA ELFDATA2LSB
184#endif
185#define ELF_ARCH EM_ARM
186
b346ff46
FB		 187static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
188{
992f48a0 189 abi_long stack = infop->start_stack;
b346ff46
FB		 190 memset(regs, 0, sizeof(*regs));
191 regs->ARM_cpsr = 0x10;
0240ded8
PB		 192 if (infop->entry & 1)
193 regs->ARM_cpsr |= CPSR_T;
194 regs->ARM_pc = infop->entry & 0xfffffffe;
b346ff46 195 regs->ARM_sp = infop->start_stack;
2f619698
FB		 196 /* FIXME - what to for failure of get_user()? */
197 get_user_ual(regs->ARM_r2, stack + 8); /* envp */
198 get_user_ual(regs->ARM_r1, stack + 4); /* envp */
a1516e92 199 /* XXX: it seems that r0 is zeroed after ! */
e5fe0c52
PB		 200 regs->ARM_r0 = 0;
201 /* For uClinux PIC binaries. */
863cf0b7 202 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
e5fe0c52 203 regs->ARM_r10 = infop->start_data;
b346ff46
FB		 204}
205
edf8e2af
MW		 206typedef uint32_t elf_greg_t;
207typedef uint16_t target_uid_t;
208typedef uint16_t target_gid_t;
209typedef int32_t target_pid_t;
210
211#define ELF_NREG 18
212typedef elf_greg_t elf_gregset_t[ELF_NREG];
213
214static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env)
215{
216 (*regs)[0] = env->regs[0];
217 (*regs)[1] = env->regs[1];
218 (*regs)[2] = env->regs[2];
219 (*regs)[3] = env->regs[3];
220 (*regs)[4] = env->regs[4];
221 (*regs)[5] = env->regs[5];
222 (*regs)[6] = env->regs[6];
223 (*regs)[7] = env->regs[7];
224 (*regs)[8] = env->regs[8];
225 (*regs)[9] = env->regs[9];
226 (*regs)[10] = env->regs[10];
227 (*regs)[11] = env->regs[11];
228 (*regs)[12] = env->regs[12];
229 (*regs)[13] = env->regs[13];
230 (*regs)[14] = env->regs[14];
231 (*regs)[15] = env->regs[15];
232
233 (*regs)[16] = cpsr_read((CPUState *)env);
234 (*regs)[17] = env->regs[0]; /* XXX */
235}
236
30ac07d4
FB		 237#define USE_ELF_CORE_DUMP
238#define ELF_EXEC_PAGESIZE 4096
239
afce2927
FB		 240enum
241{
242 ARM_HWCAP_ARM_SWP = 1 << 0,
243 ARM_HWCAP_ARM_HALF = 1 << 1,
244 ARM_HWCAP_ARM_THUMB = 1 << 2,
245 ARM_HWCAP_ARM_26BIT = 1 << 3,
246 ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
247 ARM_HWCAP_ARM_FPA = 1 << 5,
248 ARM_HWCAP_ARM_VFP = 1 << 6,
249 ARM_HWCAP_ARM_EDSP = 1 << 7,
250};
251
15338fd7 252#define ELF_HWCAP (ARM_HWCAP_ARM_SWP | ARM_HWCAP_ARM_HALF \
afce2927
FB		 253 | ARM_HWCAP_ARM_THUMB | ARM_HWCAP_ARM_FAST_MULT \
254 | ARM_HWCAP_ARM_FPA | ARM_HWCAP_ARM_VFP)
255
30ac07d4
FB		 256#endif
257
853d6f7a 258#ifdef TARGET_SPARC
a315a145 259#ifdef TARGET_SPARC64
853d6f7a
FB		 260
261#define ELF_START_MMAP 0x80000000
262
992f48a0 263#ifndef TARGET_ABI32
cb33da57 264#define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS )
992f48a0
BS		 265#else
266#define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC )
267#endif
853d6f7a 268
a315a145
FB		 269#define ELF_CLASS ELFCLASS64
270#define ELF_DATA ELFDATA2MSB
5ef54116
FB		 271#define ELF_ARCH EM_SPARCV9
272
273#define STACK_BIAS 2047
a315a145 274
a315a145
FB		 275static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
276{
992f48a0 277#ifndef TARGET_ABI32
a315a145 278 regs->tstate = 0;
992f48a0 279#endif
a315a145
FB		 280 regs->pc = infop->entry;
281 regs->npc = regs->pc + 4;
282 regs->y = 0;
992f48a0
BS		 283#ifdef TARGET_ABI32
284 regs->u_regs[14] = infop->start_stack - 16 * 4;
285#else
cb33da57
BS		 286 if (personality(infop->personality) == PER_LINUX32)
287 regs->u_regs[14] = infop->start_stack - 16 * 4;
288 else
289 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
992f48a0 290#endif
a315a145
FB		 291}
292
293#else
294#define ELF_START_MMAP 0x80000000
295
296#define elf_check_arch(x) ( (x) == EM_SPARC )
297
853d6f7a
FB		 298#define ELF_CLASS ELFCLASS32
299#define ELF_DATA ELFDATA2MSB
300#define ELF_ARCH EM_SPARC
301
853d6f7a
FB		 302static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
303{
f5155289
FB		 304 regs->psr = 0;
305 regs->pc = infop->entry;
306 regs->npc = regs->pc + 4;
307 regs->y = 0;
308 regs->u_regs[14] = infop->start_stack - 16 * 4;
853d6f7a
FB		 309}
310
a315a145 311#endif
853d6f7a
FB		 312#endif
313
67867308
FB		 314#ifdef TARGET_PPC
315
316#define ELF_START_MMAP 0x80000000
317
e85e7c6e 318#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
84409ddb
JM		 319
320#define elf_check_arch(x) ( (x) == EM_PPC64 )
321
322#define ELF_CLASS ELFCLASS64
323
324#else
325
67867308
FB		 326#define elf_check_arch(x) ( (x) == EM_PPC )
327
328#define ELF_CLASS ELFCLASS32
84409ddb
JM		 329
330#endif
331
67867308
FB		 332#ifdef TARGET_WORDS_BIGENDIAN
333#define ELF_DATA ELFDATA2MSB
334#else
335#define ELF_DATA ELFDATA2LSB
336#endif
337#define ELF_ARCH EM_PPC
338
df84e4f3
NF		 339/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
340 See arch/powerpc/include/asm/cputable.h. */
341enum {
342 PPC_FEATURE_32 = 0x80000000,
343 PPC_FEATURE_64 = 0x40000000,
344 PPC_FEATURE_601_INSTR = 0x20000000,
345 PPC_FEATURE_HAS_ALTIVEC = 0x10000000,
346 PPC_FEATURE_HAS_FPU = 0x08000000,
347 PPC_FEATURE_HAS_MMU = 0x04000000,
348 PPC_FEATURE_HAS_4xxMAC = 0x02000000,
349 PPC_FEATURE_UNIFIED_CACHE = 0x01000000,
350 PPC_FEATURE_HAS_SPE = 0x00800000,
351 PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000,
352 PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000,
353 PPC_FEATURE_NO_TB = 0x00100000,
354 PPC_FEATURE_POWER4 = 0x00080000,
355 PPC_FEATURE_POWER5 = 0x00040000,
356 PPC_FEATURE_POWER5_PLUS = 0x00020000,
357 PPC_FEATURE_CELL = 0x00010000,
358 PPC_FEATURE_BOOKE = 0x00008000,
359 PPC_FEATURE_SMT = 0x00004000,
360 PPC_FEATURE_ICACHE_SNOOP = 0x00002000,
361 PPC_FEATURE_ARCH_2_05 = 0x00001000,
362 PPC_FEATURE_PA6T = 0x00000800,
363 PPC_FEATURE_HAS_DFP = 0x00000400,
364 PPC_FEATURE_POWER6_EXT = 0x00000200,
365 PPC_FEATURE_ARCH_2_06 = 0x00000100,
366 PPC_FEATURE_HAS_VSX = 0x00000080,
367 PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040,
368
369 PPC_FEATURE_TRUE_LE = 0x00000002,
370 PPC_FEATURE_PPC_LE = 0x00000001,
371};
372
373#define ELF_HWCAP get_elf_hwcap()
374
375static uint32_t get_elf_hwcap(void)
376{
377 CPUState *e = thread_env;
378 uint32_t features = 0;
379
380 /* We don't have to be terribly complete here; the high points are
381 Altivec/FP/SPE support. Anything else is just a bonus. */
382#define GET_FEATURE(flag, feature) \
383 do {if (e->insns_flags & flag) features |= feature; } while(0)
384 GET_FEATURE(PPC_64B, PPC_FEATURE_64);
385 GET_FEATURE(PPC_FLOAT, PPC_FEATURE_HAS_FPU);
386 GET_FEATURE(PPC_ALTIVEC, PPC_FEATURE_HAS_ALTIVEC);
387 GET_FEATURE(PPC_SPE, PPC_FEATURE_HAS_SPE);
388 GET_FEATURE(PPC_SPE_SINGLE, PPC_FEATURE_HAS_EFP_SINGLE);
389 GET_FEATURE(PPC_SPE_DOUBLE, PPC_FEATURE_HAS_EFP_DOUBLE);
390 GET_FEATURE(PPC_BOOKE, PPC_FEATURE_BOOKE);
391 GET_FEATURE(PPC_405_MAC, PPC_FEATURE_HAS_4xxMAC);
392#undef GET_FEATURE
393
394 return features;
395}
396
f5155289
FB		 397/*
398 * We need to put in some extra aux table entries to tell glibc what
399 * the cache block size is, so it can use the dcbz instruction safely.
400 */
401#define AT_DCACHEBSIZE 19
402#define AT_ICACHEBSIZE 20
403#define AT_UCACHEBSIZE 21
404/* A special ignored type value for PPC, for glibc compatibility. */
405#define AT_IGNOREPPC 22
406/*
407 * The requirements here are:
408 * - keep the final alignment of sp (sp & 0xf)
409 * - make sure the 32-bit value at the first 16 byte aligned position of
410 * AUXV is greater than 16 for glibc compatibility.
411 * AT_IGNOREPPC is used for that.
412 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
413 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
414 */
0bccf03d 415#define DLINFO_ARCH_ITEMS 5
f5155289
FB		 416#define ARCH_DLINFO \
417do { \
0bccf03d
FB		 418 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \
419 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \
420 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \
f5155289
FB		 421 /* \
422 * Now handle glibc compatibility. \
423 */ \
0bccf03d
FB		 424 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
425 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
f5155289
FB		 426 } while (0)
427
67867308
FB		 428static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
429{
992f48a0
BS		 430 abi_ulong pos = infop->start_stack;
431 abi_ulong tmp;
e85e7c6e 432#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
992f48a0 433 abi_ulong entry, toc;
84409ddb 434#endif
e5fe0c52 435
67867308 436 _regs->gpr[1] = infop->start_stack;
e85e7c6e 437#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
84409ddb
JM		 438 entry = ldq_raw(infop->entry) + infop->load_addr;
439 toc = ldq_raw(infop->entry + 8) + infop->load_addr;
440 _regs->gpr[2] = toc;
441 infop->entry = entry;
442#endif
67867308 443 _regs->nip = infop->entry;
e5fe0c52
PB		 444 /* Note that isn't exactly what regular kernel does
445 * but this is what the ABI wants and is needed to allow
446 * execution of PPC BSD programs.
447 */
2f619698
FB		 448 /* FIXME - what to for failure of get_user()? */
449 get_user_ual(_regs->gpr[3], pos);
992f48a0 450 pos += sizeof(abi_ulong);
e5fe0c52 451 _regs->gpr[4] = pos;
992f48a0 452 for (tmp = 1; tmp != 0; pos += sizeof(abi_ulong))
e5fe0c52
PB		 453 tmp = ldl(pos);
454 _regs->gpr[5] = pos;
67867308
FB		 455}
456
67867308
FB		 457#define ELF_EXEC_PAGESIZE 4096
458
459#endif
460
048f6b4d
FB		 461#ifdef TARGET_MIPS
462
463#define ELF_START_MMAP 0x80000000
464
465#define elf_check_arch(x) ( (x) == EM_MIPS )
466
388bb21a
TS		 467#ifdef TARGET_MIPS64
468#define ELF_CLASS ELFCLASS64
469#else
048f6b4d 470#define ELF_CLASS ELFCLASS32
388bb21a 471#endif
048f6b4d
FB		 472#ifdef TARGET_WORDS_BIGENDIAN
473#define ELF_DATA ELFDATA2MSB
474#else
475#define ELF_DATA ELFDATA2LSB
476#endif
477#define ELF_ARCH EM_MIPS
478
048f6b4d
FB		 479static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
480{
623a930e 481 regs->cp0_status = 2 << CP0St_KSU;
048f6b4d
FB		 482 regs->cp0_epc = infop->entry;
483 regs->regs[29] = infop->start_stack;
484}
485
388bb21a
TS		 486#define ELF_EXEC_PAGESIZE 4096
487
048f6b4d
FB		 488#endif /* TARGET_MIPS */
489
b779e29e
EI		 490#ifdef TARGET_MICROBLAZE
491
492#define ELF_START_MMAP 0x80000000
493
494#define elf_check_arch(x) ( (x) == EM_XILINX_MICROBLAZE )
495
496#define ELF_CLASS ELFCLASS32
497#define ELF_DATA ELFDATA2MSB
498#define ELF_ARCH EM_MIPS
499
500static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
501{
502 regs->pc = infop->entry;
503 regs->r1 = infop->start_stack;
504
505}
506
b779e29e
EI		 507#define ELF_EXEC_PAGESIZE 4096
508
509#endif /* TARGET_MICROBLAZE */
510
fdf9b3e8
FB		 511#ifdef TARGET_SH4
512
513#define ELF_START_MMAP 0x80000000
514
515#define elf_check_arch(x) ( (x) == EM_SH )
516
517#define ELF_CLASS ELFCLASS32
518#define ELF_DATA ELFDATA2LSB
519#define ELF_ARCH EM_SH
520
fdf9b3e8
FB		 521static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
522{
523 /* Check other registers XXXXX */
524 regs->pc = infop->entry;
072ae847 525 regs->regs[15] = infop->start_stack;
fdf9b3e8
FB		 526}
527
fdf9b3e8
FB		 528#define ELF_EXEC_PAGESIZE 4096
529
530#endif
531
48733d19
TS		 532#ifdef TARGET_CRIS
533
534#define ELF_START_MMAP 0x80000000
535
536#define elf_check_arch(x) ( (x) == EM_CRIS )
537
538#define ELF_CLASS ELFCLASS32
539#define ELF_DATA ELFDATA2LSB
540#define ELF_ARCH EM_CRIS
541
542static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
543{
544 regs->erp = infop->entry;
545}
546
48733d19
TS		 547#define ELF_EXEC_PAGESIZE 8192
548
549#endif
550
e6e5906b
PB		 551#ifdef TARGET_M68K
552
553#define ELF_START_MMAP 0x80000000
554
555#define elf_check_arch(x) ( (x) == EM_68K )
556
557#define ELF_CLASS ELFCLASS32
558#define ELF_DATA ELFDATA2MSB
559#define ELF_ARCH EM_68K
560
561/* ??? Does this need to do anything?
562#define ELF_PLAT_INIT(_r) */
563
564static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
565{
566 regs->usp = infop->start_stack;
567 regs->sr = 0;
568 regs->pc = infop->entry;
569}
570
e6e5906b
PB		 571#define ELF_EXEC_PAGESIZE 8192
572
573#endif
574
7a3148a9
JM		 575#ifdef TARGET_ALPHA
576
577#define ELF_START_MMAP (0x30000000000ULL)
578
579#define elf_check_arch(x) ( (x) == ELF_ARCH )
580
581#define ELF_CLASS ELFCLASS64
582#define ELF_DATA ELFDATA2MSB
583#define ELF_ARCH EM_ALPHA
584
585static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
586{
587 regs->pc = infop->entry;
588 regs->ps = 8;
589 regs->usp = infop->start_stack;
590 regs->unique = infop->start_data; /* ? */
591 printf("Set unique value to " TARGET_FMT_lx " (" TARGET_FMT_lx ")\n",
592 regs->unique, infop->start_data);
593}
594
7a3148a9
JM		 595#define ELF_EXEC_PAGESIZE 8192
596
597#endif /* TARGET_ALPHA */
598
15338fd7
FB		 599#ifndef ELF_PLATFORM
600#define ELF_PLATFORM (NULL)
601#endif
602
603#ifndef ELF_HWCAP
604#define ELF_HWCAP 0
605#endif
606
992f48a0 607#ifdef TARGET_ABI32
cb33da57 608#undef ELF_CLASS
992f48a0 609#define ELF_CLASS ELFCLASS32
cb33da57
BS		 610#undef bswaptls
611#define bswaptls(ptr) bswap32s(ptr)
612#endif
613
31e31b8a 614#include "elf.h"
09bfb054 615
09bfb054
FB		 616struct exec
617{
618 unsigned int a_info; /* Use macros N_MAGIC, etc for access */
619 unsigned int a_text; /* length of text, in bytes */
620 unsigned int a_data; /* length of data, in bytes */
621 unsigned int a_bss; /* length of uninitialized data area, in bytes */
622 unsigned int a_syms; /* length of symbol table data in file, in bytes */
623 unsigned int a_entry; /* start address */
624 unsigned int a_trsize; /* length of relocation info for text, in bytes */
625 unsigned int a_drsize; /* length of relocation info for data, in bytes */
626};
627
628
629#define N_MAGIC(exec) ((exec).a_info & 0xffff)
630#define OMAGIC 0407
631#define NMAGIC 0410
632#define ZMAGIC 0413
633#define QMAGIC 0314
634
09bfb054
FB		 635/* max code+data+bss space allocated to elf interpreter */
636#define INTERP_MAP_SIZE (32 * 1024 * 1024)
637
638/* max code+data+bss+brk space allocated to ET_DYN executables */
639#define ET_DYN_MAP_SIZE (128 * 1024 * 1024)
640
31e31b8a 641/* Necessary parameters */
54936004
FB		 642#define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE
643#define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1))
644#define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1))
31e31b8a
FB		 645
646#define INTERPRETER_NONE 0
647#define INTERPRETER_AOUT 1
648#define INTERPRETER_ELF 2
649
15338fd7 650#define DLINFO_ITEMS 12
31e31b8a 651
09bfb054
FB		 652static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
653{
654 memcpy(to, from, n);
655}
d691f669 656
31e31b8a
FB		 657static int load_aout_interp(void * exptr, int interp_fd);
658
659#ifdef BSWAP_NEEDED
92a31b1f 660static void bswap_ehdr(struct elfhdr *ehdr)
31e31b8a
FB		 661{
662 bswap16s(&ehdr->e_type); /* Object file type */
663 bswap16s(&ehdr->e_machine); /* Architecture */
664 bswap32s(&ehdr->e_version); /* Object file version */
92a31b1f
FB		 665 bswaptls(&ehdr->e_entry); /* Entry point virtual address */
666 bswaptls(&ehdr->e_phoff); /* Program header table file offset */
667 bswaptls(&ehdr->e_shoff); /* Section header table file offset */
31e31b8a
FB		 668 bswap32s(&ehdr->e_flags); /* Processor-specific flags */
669 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */
670 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */
671 bswap16s(&ehdr->e_phnum); /* Program header table entry count */
672 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */
673 bswap16s(&ehdr->e_shnum); /* Section header table entry count */
674 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */
675}
676
92a31b1f 677static void bswap_phdr(struct elf_phdr *phdr)
31e31b8a
FB		 678{
679 bswap32s(&phdr->p_type); /* Segment type */
92a31b1f
FB		 680 bswaptls(&phdr->p_offset); /* Segment file offset */
681 bswaptls(&phdr->p_vaddr); /* Segment virtual address */
682 bswaptls(&phdr->p_paddr); /* Segment physical address */
683 bswaptls(&phdr->p_filesz); /* Segment size in file */
684 bswaptls(&phdr->p_memsz); /* Segment size in memory */
31e31b8a 685 bswap32s(&phdr->p_flags); /* Segment flags */
92a31b1f 686 bswaptls(&phdr->p_align); /* Segment alignment */
31e31b8a 687}
689f936f 688
92a31b1f 689static void bswap_shdr(struct elf_shdr *shdr)
689f936f
FB		 690{
691 bswap32s(&shdr->sh_name);
692 bswap32s(&shdr->sh_type);
92a31b1f
FB		 693 bswaptls(&shdr->sh_flags);
694 bswaptls(&shdr->sh_addr);
695 bswaptls(&shdr->sh_offset);
696 bswaptls(&shdr->sh_size);
689f936f
FB		 697 bswap32s(&shdr->sh_link);
698 bswap32s(&shdr->sh_info);
92a31b1f
FB		 699 bswaptls(&shdr->sh_addralign);
700 bswaptls(&shdr->sh_entsize);
689f936f
FB		 701}
702
7a3148a9 703static void bswap_sym(struct elf_sym *sym)
689f936f
FB		 704{
705 bswap32s(&sym->st_name);
7a3148a9
JM		 706 bswaptls(&sym->st_value);
707 bswaptls(&sym->st_size);
689f936f
FB		 708 bswap16s(&sym->st_shndx);
709}
31e31b8a
FB		 710#endif
711
edf8e2af
MW		 712#ifdef USE_ELF_CORE_DUMP
713static int elf_core_dump(int, const CPUState *);
714
715#ifdef BSWAP_NEEDED
716static void bswap_note(struct elf_note *en)
717{
718 bswaptls(&en->n_namesz);
719 bswaptls(&en->n_descsz);
720 bswaptls(&en->n_type);
721}
722#endif /* BSWAP_NEEDED */
723
724#endif /* USE_ELF_CORE_DUMP */
725
31e31b8a 726/*
e5fe0c52 727 * 'copy_elf_strings()' copies argument/envelope strings from user
31e31b8a
FB		 728 * memory to free pages in kernel mem. These are in a format ready
729 * to be put directly into the top of new user memory.
730 *
731 */
992f48a0
BS		 732static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
733 abi_ulong p)
31e31b8a
FB		 734{
735 char *tmp, *tmp1, *pag = NULL;
736 int len, offset = 0;
737
738 if (!p) {
739 return 0; /* bullet-proofing */
740 }
741 while (argc-- > 0) {
edf779ff
FB		 742 tmp = argv[argc];
743 if (!tmp) {
31e31b8a
FB		 744 fprintf(stderr, "VFS: argc is wrong");
745 exit(-1);
746 }
edf779ff
FB		 747 tmp1 = tmp;
748 while (*tmp++);
31e31b8a
FB		 749 len = tmp - tmp1;
750 if (p < len) { /* this shouldn't happen - 128kB */
751 return 0;
752 }
753 while (len) {
754 --p; --tmp; --len;
755 if (--offset < 0) {
54936004 756 offset = p % TARGET_PAGE_SIZE;
53a5960a 757 pag = (char *)page[p/TARGET_PAGE_SIZE];
44a91cae 758 if (!pag) {
53a5960a 759 pag = (char *)malloc(TARGET_PAGE_SIZE);
4118a970 760 memset(pag, 0, TARGET_PAGE_SIZE);
53a5960a 761 page[p/TARGET_PAGE_SIZE] = pag;
44a91cae
FB		 762 if (!pag)
763 return 0;
31e31b8a
FB		 764 }
765 }
766 if (len == 0 || offset == 0) {
edf779ff 767 *(pag + offset) = *tmp;
31e31b8a
FB		 768 }
769 else {
770 int bytes_to_copy = (len > offset) ? offset : len;
771 tmp -= bytes_to_copy;
772 p -= bytes_to_copy;
773 offset -= bytes_to_copy;
774 len -= bytes_to_copy;
775 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
776 }
777 }
778 }
779 return p;
780}
781
992f48a0
BS		 782static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
783 struct image_info *info)
53a5960a 784{
992f48a0 785 abi_ulong stack_base, size, error;
31e31b8a 786 int i;
31e31b8a 787
09bfb054
FB		 788 /* Create enough stack to hold everything. If we don't use
789 * it for args, we'll use it for something else...
790 */
791 size = x86_stack_size;
54936004
FB		 792 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE)
793 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
5fafdf24 794 error = target_mmap(0,
83fb7adf 795 size + qemu_host_page_size,
54936004
FB		 796 PROT_READ | PROT_WRITE,
797 MAP_PRIVATE | MAP_ANONYMOUS,
798 -1, 0);
09bfb054
FB		 799 if (error == -1) {
800 perror("stk mmap");
801 exit(-1);
802 }
803 /* we reserve one extra page at the top of the stack as guard */
83fb7adf 804 target_mprotect(error + size, qemu_host_page_size, PROT_NONE);
31e31b8a 805
54936004 806 stack_base = error + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
31e31b8a 807 p += stack_base;
09bfb054 808
31e31b8a
FB		 809 for (i = 0 ; i < MAX_ARG_PAGES ; i++) {
810 if (bprm->page[i]) {
811 info->rss++;
579a97f7 812 /* FIXME - check return value of memcpy_to_target() for failure */
53a5960a
PB		 813 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE);
814 free(bprm->page[i]);
31e31b8a 815 }
53a5960a 816 stack_base += TARGET_PAGE_SIZE;
31e31b8a
FB		 817 }
818 return p;
819}
820
992f48a0 821static void set_brk(abi_ulong start, abi_ulong end)
31e31b8a
FB		 822{
823 /* page-align the start and end addresses... */
54936004
FB		 824 start = HOST_PAGE_ALIGN(start);
825 end = HOST_PAGE_ALIGN(end);
31e31b8a
FB		 826 if (end <= start)
827 return;
54936004
FB		 828 if(target_mmap(start, end - start,
829 PROT_READ | PROT_WRITE | PROT_EXEC,
830 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0) == -1) {
31e31b8a
FB		 831 perror("cannot mmap brk");
832 exit(-1);
833 }
834}
835
836
853d6f7a
FB		 837/* We need to explicitly zero any fractional pages after the data
838 section (i.e. bss). This would contain the junk from the file that
839 should not be in memory. */
992f48a0 840static void padzero(abi_ulong elf_bss, abi_ulong last_bss)
31e31b8a 841{
992f48a0 842 abi_ulong nbyte;
31e31b8a 843
768a4a36
TS		 844 if (elf_bss >= last_bss)
845 return;
846
853d6f7a
FB		 847 /* XXX: this is really a hack : if the real host page size is
848 smaller than the target page size, some pages after the end
849 of the file may not be mapped. A better fix would be to
850 patch target_mmap(), but it is more complicated as the file
851 size must be known */
83fb7adf 852 if (qemu_real_host_page_size < qemu_host_page_size) {
992f48a0 853 abi_ulong end_addr, end_addr1;
5fafdf24 854 end_addr1 = (elf_bss + qemu_real_host_page_size - 1) &
83fb7adf 855 ~(qemu_real_host_page_size - 1);
853d6f7a
FB		 856 end_addr = HOST_PAGE_ALIGN(elf_bss);
857 if (end_addr1 < end_addr) {
863cf0b7 858 mmap((void *)g2h(end_addr1), end_addr - end_addr1,
853d6f7a
FB		 859 PROT_READ|PROT_WRITE|PROT_EXEC,
860 MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
861 }
862 }
863
83fb7adf 864 nbyte = elf_bss & (qemu_host_page_size-1);
31e31b8a 865 if (nbyte) {
83fb7adf 866 nbyte = qemu_host_page_size - nbyte;
31e31b8a 867 do {
2f619698
FB		 868 /* FIXME - what to do if put_user() fails? */
869 put_user_u8(0, elf_bss);
53a5960a 870 elf_bss++;
31e31b8a
FB		 871 } while (--nbyte);
872 }
873}
874
53a5960a 875
992f48a0
BS		 876static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
877 struct elfhdr * exec,
878 abi_ulong load_addr,
879 abi_ulong load_bias,
880 abi_ulong interp_load_addr, int ibcs,
881 struct image_info *info)
31e31b8a 882{
992f48a0 883 abi_ulong sp;
53a5960a 884 int size;
992f48a0 885 abi_ulong u_platform;
15338fd7 886 const char *k_platform;
863cf0b7 887 const int n = sizeof(elf_addr_t);
edf779ff 888
53a5960a
PB		 889 sp = p;
890 u_platform = 0;
15338fd7
FB		 891 k_platform = ELF_PLATFORM;
892 if (k_platform) {
893 size_t len = strlen(k_platform) + 1;
53a5960a
PB		 894 sp -= (len + n - 1) & ~(n - 1);
895 u_platform = sp;
579a97f7 896 /* FIXME - check return value of memcpy_to_target() for failure */
53a5960a 897 memcpy_to_target(sp, k_platform, len);
15338fd7 898 }
53a5960a
PB		 899 /*
900 * Force 16 byte _final_ alignment here for generality.
901 */
992f48a0 902 sp = sp &~ (abi_ulong)15;
53a5960a 903 size = (DLINFO_ITEMS + 1) * 2;
15338fd7 904 if (k_platform)
53a5960a 905 size += 2;
f5155289 906#ifdef DLINFO_ARCH_ITEMS
53a5960a 907 size += DLINFO_ARCH_ITEMS * 2;
f5155289 908#endif
53a5960a
PB		 909 size += envc + argc + 2;
910 size += (!ibcs ? 3 : 1); /* argc itself */
911 size *= n;
912 if (size & 15)
913 sp -= 16 - (size & 15);
3b46e624 914
863cf0b7
JM		 915 /* This is correct because Linux defines
916 * elf_addr_t as Elf32_Off / Elf64_Off
917 */
2f619698
FB		 918#define NEW_AUX_ENT(id, val) do { \
919 sp -= n; put_user_ual(val, sp); \
920 sp -= n; put_user_ual(id, sp); \
53a5960a 921 } while(0)
2f619698 922
0bccf03d
FB		 923 NEW_AUX_ENT (AT_NULL, 0);
924
925 /* There must be exactly DLINFO_ITEMS entries here. */
992f48a0
BS		 926 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(load_addr + exec->e_phoff));
927 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr)));
928 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum));
929 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE));
930 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_load_addr));
931 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0);
0bccf03d 932 NEW_AUX_ENT(AT_ENTRY, load_bias + exec->e_entry);
992f48a0
BS		 933 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid());
934 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid());
935 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid());
936 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid());
937 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP);
a07c67df 938 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK));
15338fd7 939 if (k_platform)
53a5960a 940 NEW_AUX_ENT(AT_PLATFORM, u_platform);
f5155289 941#ifdef ARCH_DLINFO
5fafdf24 942 /*
f5155289
FB		 943 * ARCH_DLINFO must come last so platform specific code can enforce
944 * special alignment requirements on the AUXV if necessary (eg. PPC).
945 */
946 ARCH_DLINFO;
947#endif
948#undef NEW_AUX_ENT
949
edf8e2af
MW		 950 info->saved_auxv = sp;
951
e5fe0c52 952 sp = loader_build_argptr(envc, argc, sp, p, !ibcs);
31e31b8a
FB		 953 return sp;
954}
955
956
992f48a0
BS		 957static abi_ulong load_elf_interp(struct elfhdr * interp_elf_ex,
958 int interpreter_fd,
959 abi_ulong *interp_load_addr)
31e31b8a
FB		 960{
961 struct elf_phdr *elf_phdata = NULL;
962 struct elf_phdr *eppnt;
992f48a0 963 abi_ulong load_addr = 0;
31e31b8a
FB		 964 int load_addr_set = 0;
965 int retval;
992f48a0
BS		 966 abi_ulong last_bss, elf_bss;
967 abi_ulong error;
31e31b8a 968 int i;
5fafdf24 969
31e31b8a
FB		 970 elf_bss = 0;
971 last_bss = 0;
972 error = 0;
973
644c433c
FB		 974#ifdef BSWAP_NEEDED
975 bswap_ehdr(interp_elf_ex);
976#endif
31e31b8a 977 /* First of all, some simple consistency checks */
5fafdf24
TS		 978 if ((interp_elf_ex->e_type != ET_EXEC &&
979 interp_elf_ex->e_type != ET_DYN) ||
31e31b8a 980 !elf_check_arch(interp_elf_ex->e_machine)) {
992f48a0 981 return ~((abi_ulong)0UL);
31e31b8a 982 }
5fafdf24 983
644c433c 984
31e31b8a 985 /* Now read in all of the header information */
5fafdf24 986
54936004 987 if (sizeof(struct elf_phdr) * interp_elf_ex->e_phnum > TARGET_PAGE_SIZE)
992f48a0 988 return ~(abi_ulong)0UL;
5fafdf24
TS		 989
990 elf_phdata = (struct elf_phdr *)
31e31b8a
FB		 991 malloc(sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
992
993 if (!elf_phdata)
992f48a0 994 return ~((abi_ulong)0UL);
5fafdf24 995
31e31b8a
FB		 996 /*
997 * If the size of this structure has changed, then punt, since
998 * we will be doing the wrong thing.
999 */
09bfb054 1000 if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr)) {
31e31b8a 1001 free(elf_phdata);
992f48a0 1002 return ~((abi_ulong)0UL);
09bfb054 1003 }
31e31b8a
FB		 1004
1005 retval = lseek(interpreter_fd, interp_elf_ex->e_phoff, SEEK_SET);
1006 if(retval >= 0) {
1007 retval = read(interpreter_fd,
1008 (char *) elf_phdata,
1009 sizeof(struct elf_phdr) * interp_elf_ex->e_phnum);
1010 }
31e31b8a
FB		 1011 if (retval < 0) {
1012 perror("load_elf_interp");
1013 exit(-1);
1014 free (elf_phdata);
1015 return retval;
1016 }
1017#ifdef BSWAP_NEEDED
1018 eppnt = elf_phdata;
1019 for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) {
1020 bswap_phdr(eppnt);
1021 }
1022#endif
09bfb054
FB		 1023
1024 if (interp_elf_ex->e_type == ET_DYN) {
e91c8a77 1025 /* in order to avoid hardcoding the interpreter load
09bfb054 1026 address in qemu, we allocate a big enough memory zone */
54936004 1027 error = target_mmap(0, INTERP_MAP_SIZE,
5fafdf24 1028 PROT_NONE, MAP_PRIVATE | MAP_ANON,
54936004 1029 -1, 0);
09bfb054
FB		 1030 if (error == -1) {
1031 perror("mmap");
1032 exit(-1);
1033 }
1034 load_addr = error;
1035 load_addr_set = 1;
1036 }
1037
31e31b8a
FB		 1038 eppnt = elf_phdata;
1039 for(i=0; i<interp_elf_ex->e_phnum; i++, eppnt++)
1040 if (eppnt->p_type == PT_LOAD) {
1041 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
1042 int elf_prot = 0;
992f48a0
BS		 1043 abi_ulong vaddr = 0;
1044 abi_ulong k;
31e31b8a
FB		 1045
1046 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ;
1047 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1048 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1049 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set) {
1050 elf_type |= MAP_FIXED;
1051 vaddr = eppnt->p_vaddr;
1052 }
54936004
FB		 1053 error = target_mmap(load_addr+TARGET_ELF_PAGESTART(vaddr),
1054 eppnt->p_filesz + TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr),
31e31b8a
FB		 1055 elf_prot,
1056 elf_type,
1057 interpreter_fd,
54936004 1058 eppnt->p_offset - TARGET_ELF_PAGEOFFSET(eppnt->p_vaddr));
3b46e624 1059
e89f07d3 1060 if (error == -1) {
31e31b8a
FB		 1061 /* Real error */
1062 close(interpreter_fd);
1063 free(elf_phdata);
992f48a0 1064 return ~((abi_ulong)0UL);
31e31b8a
FB		 1065 }
1066
1067 if (!load_addr_set && interp_elf_ex->e_type == ET_DYN) {
1068 load_addr = error;
1069 load_addr_set = 1;
1070 }
1071
1072 /*
1073 * Find the end of the file mapping for this phdr, and keep
1074 * track of the largest address we see for this.
1075 */
1076 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
1077 if (k > elf_bss) elf_bss = k;
1078
1079 /*
1080 * Do the same thing for the memory mapping - between
1081 * elf_bss and last_bss is the bss section.
1082 */
1083 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
1084 if (k > last_bss) last_bss = k;
1085 }
5fafdf24 1086
31e31b8a
FB		 1087 /* Now use mmap to map the library into memory. */
1088
1089 close(interpreter_fd);
1090
1091 /*
1092 * Now fill out the bss section. First pad the last page up
1093 * to the page boundary, and then perform a mmap to make sure
1094 * that there are zeromapped pages up to and including the last
1095 * bss page.
1096 */
768a4a36 1097 padzero(elf_bss, last_bss);
83fb7adf 1098 elf_bss = TARGET_ELF_PAGESTART(elf_bss + qemu_host_page_size - 1); /* What we have mapped so far */
31e31b8a
FB		 1099
1100 /* Map the last of the bss segment */
1101 if (last_bss > elf_bss) {
54936004
FB		 1102 target_mmap(elf_bss, last_bss-elf_bss,
1103 PROT_READ|PROT_WRITE|PROT_EXEC,
1104 MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
31e31b8a
FB		 1105 }
1106 free(elf_phdata);
1107
1108 *interp_load_addr = load_addr;
992f48a0 1109 return ((abi_ulong) interp_elf_ex->e_entry) + load_addr;
31e31b8a
FB		 1110}
1111
49918a75
PB		 1112static int symfind(const void *s0, const void *s1)
1113{
1114 struct elf_sym *key = (struct elf_sym *)s0;
1115 struct elf_sym *sym = (struct elf_sym *)s1;
1116 int result = 0;
1117 if (key->st_value < sym->st_value) {
1118 result = -1;
1119 } else if (key->st_value > sym->st_value + sym->st_size) {
1120 result = 1;
1121 }
1122 return result;
1123}
1124
1125static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1126{
1127#if ELF_CLASS == ELFCLASS32
1128 struct elf_sym *syms = s->disas_symtab.elf32;
1129#else
1130 struct elf_sym *syms = s->disas_symtab.elf64;
1131#endif
1132
1133 // binary search
1134 struct elf_sym key;
1135 struct elf_sym *sym;
1136
1137 key.st_value = orig_addr;
1138
1139 sym = bsearch(&key, syms, s->disas_num_syms, sizeof(*syms), symfind);
1140 if (sym != 0) {
1141 return s->disas_strtab + sym->st_name;
1142 }
1143
1144 return "";
1145}
1146
1147/* FIXME: This should use elf_ops.h */
1148static int symcmp(const void *s0, const void *s1)
1149{
1150 struct elf_sym *sym0 = (struct elf_sym *)s0;
1151 struct elf_sym *sym1 = (struct elf_sym *)s1;
1152 return (sym0->st_value < sym1->st_value)
1153 ? -1
1154 : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1155}
1156
689f936f
FB		 1157/* Best attempt to load symbols from this ELF object. */
1158static void load_symbols(struct elfhdr *hdr, int fd)
1159{
49918a75 1160 unsigned int i, nsyms;
689f936f
FB		 1161 struct elf_shdr sechdr, symtab, strtab;
1162 char *strings;
e80cfcfc 1163 struct syminfo *s;
49918a75 1164 struct elf_sym *syms;
689f936f
FB		 1165
1166 lseek(fd, hdr->e_shoff, SEEK_SET);
1167 for (i = 0; i < hdr->e_shnum; i++) {
49918a75
PB		 1168 if (read(fd, &sechdr, sizeof(sechdr)) != sizeof(sechdr))
1169 return;
689f936f 1170#ifdef BSWAP_NEEDED
49918a75 1171 bswap_shdr(&sechdr);
689f936f 1172#endif
49918a75
PB		 1173 if (sechdr.sh_type == SHT_SYMTAB) {
1174 symtab = sechdr;
1175 lseek(fd, hdr->e_shoff
1176 + sizeof(sechdr) * sechdr.sh_link, SEEK_SET);
1177 if (read(fd, &strtab, sizeof(strtab))
1178 != sizeof(strtab))
1179 return;
689f936f 1180#ifdef BSWAP_NEEDED
49918a75 1181 bswap_shdr(&strtab);
689f936f 1182#endif
49918a75
PB		 1183 goto found;
1184 }
689f936f
FB		 1185 }
1186 return; /* Shouldn't happen... */
1187
1188 found:
1189 /* Now know where the strtab and symtab are. Snarf them. */
e80cfcfc 1190 s = malloc(sizeof(*s));
49918a75
PB		 1191 syms = malloc(symtab.sh_size);
1192 if (!syms)
1193 return;
e80cfcfc 1194 s->disas_strtab = strings = malloc(strtab.sh_size);
49918a75
PB		 1195 if (!s->disas_strtab)
1196 return;
5fafdf24 1197
689f936f 1198 lseek(fd, symtab.sh_offset, SEEK_SET);
49918a75
PB		 1199 if (read(fd, syms, symtab.sh_size) != symtab.sh_size)
1200 return;
1201
1202 nsyms = symtab.sh_size / sizeof(struct elf_sym);
31e31b8a 1203
49918a75
PB		 1204 i = 0;
1205 while (i < nsyms) {
689f936f 1206#ifdef BSWAP_NEEDED
49918a75 1207 bswap_sym(syms + i);
689f936f 1208#endif
49918a75
PB		 1209 // Throw away entries which we do not need.
1210 if (syms[i].st_shndx == SHN_UNDEF ||
1211 syms[i].st_shndx >= SHN_LORESERVE ||
1212 ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) {
1213 nsyms--;
1214 if (i < nsyms) {
1215 syms[i] = syms[nsyms];
1216 }
1217 continue;
1218 }
1219#if defined(TARGET_ARM) || defined (TARGET_MIPS)
1220 /* The bottom address bit marks a Thumb or MIPS16 symbol. */
1221 syms[i].st_value &= ~(target_ulong)1;
0774bed1 1222#endif
49918a75 1223 i++;
0774bed1 1224 }
49918a75
PB		 1225 syms = realloc(syms, nsyms * sizeof(*syms));
1226
1227 qsort(syms, nsyms, sizeof(*syms), symcmp);
689f936f
FB		 1228
1229 lseek(fd, strtab.sh_offset, SEEK_SET);
1230 if (read(fd, strings, strtab.sh_size) != strtab.sh_size)
49918a75
PB		 1231 return;
1232 s->disas_num_syms = nsyms;
1233#if ELF_CLASS == ELFCLASS32
1234 s->disas_symtab.elf32 = syms;
1235 s->lookup_symbol = lookup_symbolxx;
1236#else
1237 s->disas_symtab.elf64 = syms;
1238 s->lookup_symbol = lookup_symbolxx;
1239#endif
e80cfcfc
FB		 1240 s->next = syminfos;
1241 syminfos = s;
689f936f 1242}
31e31b8a 1243
e5fe0c52
PB		 1244int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
1245 struct image_info * info)
31e31b8a
FB		 1246{
1247 struct elfhdr elf_ex;
1248 struct elfhdr interp_elf_ex;
1249 struct exec interp_ex;
1250 int interpreter_fd = -1; /* avoid warning */
992f48a0 1251 abi_ulong load_addr, load_bias;
31e31b8a
FB		 1252 int load_addr_set = 0;
1253 unsigned int interpreter_type = INTERPRETER_NONE;
1254 unsigned char ibcs2_interpreter;
1255 int i;
992f48a0 1256 abi_ulong mapped_addr;
31e31b8a
FB		 1257 struct elf_phdr * elf_ppnt;
1258 struct elf_phdr *elf_phdata;
992f48a0 1259 abi_ulong elf_bss, k, elf_brk;
31e31b8a
FB		 1260 int retval;
1261 char * elf_interpreter;
992f48a0 1262 abi_ulong elf_entry, interp_load_addr = 0;
31e31b8a 1263 int status;
992f48a0
BS		 1264 abi_ulong start_code, end_code, start_data, end_data;
1265 abi_ulong reloc_func_desc = 0;
1266 abi_ulong elf_stack;
31e31b8a
FB		 1267 char passed_fileno[6];
1268
1269 ibcs2_interpreter = 0;
1270 status = 0;
1271 load_addr = 0;
09bfb054 1272 load_bias = 0;
31e31b8a
FB		 1273 elf_ex = *((struct elfhdr *) bprm->buf); /* exec-header */
1274#ifdef BSWAP_NEEDED
1275 bswap_ehdr(&elf_ex);
1276#endif
1277
31e31b8a
FB		 1278 /* First of all, some simple consistency checks */
1279 if ((elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN) ||
1280 (! elf_check_arch(elf_ex.e_machine))) {
1281 return -ENOEXEC;
1282 }
1283
e5fe0c52
PB		 1284 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
1285 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
1286 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
1287 if (!bprm->p) {
1288 retval = -E2BIG;
1289 }
1290
31e31b8a 1291 /* Now read in all of the header information */
31e31b8a
FB		 1292 elf_phdata = (struct elf_phdr *)malloc(elf_ex.e_phentsize*elf_ex.e_phnum);
1293 if (elf_phdata == NULL) {
1294 return -ENOMEM;
1295 }
1296
1297 retval = lseek(bprm->fd, elf_ex.e_phoff, SEEK_SET);
1298 if(retval > 0) {
5fafdf24 1299 retval = read(bprm->fd, (char *) elf_phdata,
31e31b8a
FB		 1300 elf_ex.e_phentsize * elf_ex.e_phnum);
1301 }
1302
1303 if (retval < 0) {
1304 perror("load_elf_binary");
1305 exit(-1);
1306 free (elf_phdata);
1307 return -errno;
1308 }
1309
b17780d5
FB		 1310#ifdef BSWAP_NEEDED
1311 elf_ppnt = elf_phdata;
1312 for (i=0; i<elf_ex.e_phnum; i++, elf_ppnt++) {
1313 bswap_phdr(elf_ppnt);
1314 }
1315#endif
31e31b8a
FB		 1316 elf_ppnt = elf_phdata;
1317
1318 elf_bss = 0;
1319 elf_brk = 0;
1320
1321
992f48a0 1322 elf_stack = ~((abi_ulong)0UL);
31e31b8a 1323 elf_interpreter = NULL;
992f48a0 1324 start_code = ~((abi_ulong)0UL);
31e31b8a 1325 end_code = 0;
863cf0b7 1326 start_data = 0;
31e31b8a 1327 end_data = 0;
98448f58 1328 interp_ex.a_info = 0;
31e31b8a
FB		 1329
1330 for(i=0;i < elf_ex.e_phnum; i++) {
1331 if (elf_ppnt->p_type == PT_INTERP) {
1332 if ( elf_interpreter != NULL )
1333 {
1334 free (elf_phdata);
1335 free(elf_interpreter);
1336 close(bprm->fd);
1337 return -EINVAL;
1338 }
1339
1340 /* This is the program interpreter used for
1341 * shared libraries - for now assume that this
1342 * is an a.out format binary
1343 */
1344
32ce6337 1345 elf_interpreter = (char *)malloc(elf_ppnt->p_filesz);
31e31b8a
FB		 1346
1347 if (elf_interpreter == NULL) {
1348 free (elf_phdata);
1349 close(bprm->fd);
1350 return -ENOMEM;
1351 }
1352
31e31b8a
FB		 1353 retval = lseek(bprm->fd, elf_ppnt->p_offset, SEEK_SET);
1354 if(retval >= 0) {
32ce6337 1355 retval = read(bprm->fd, elf_interpreter, elf_ppnt->p_filesz);
31e31b8a
FB		 1356 }
1357 if(retval < 0) {
1358 perror("load_elf_binary2");
1359 exit(-1);
5fafdf24 1360 }
31e31b8a
FB		 1361
1362 /* If the program interpreter is one of these two,
1363 then assume an iBCS2 image. Otherwise assume
1364 a native linux image. */
1365
1366 /* JRP - Need to add X86 lib dir stuff here... */
1367
1368 if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 ||
1369 strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0) {
1370 ibcs2_interpreter = 1;
1371 }
1372
1373#if 0
1374 printf("Using ELF interpreter %s\n", elf_interpreter);
1375#endif
1376 if (retval >= 0) {
32ce6337 1377 retval = open(path(elf_interpreter), O_RDONLY);
31e31b8a
FB		 1378 if(retval >= 0) {
1379 interpreter_fd = retval;
1380 }
1381 else {
1382 perror(elf_interpreter);
1383 exit(-1);
1384 /* retval = -errno; */
1385 }
1386 }
1387
1388 if (retval >= 0) {
1389 retval = lseek(interpreter_fd, 0, SEEK_SET);
1390 if(retval >= 0) {
1391 retval = read(interpreter_fd,bprm->buf,128);
1392 }
1393 }
1394 if (retval >= 0) {
1395 interp_ex = *((struct exec *) bprm->buf); /* aout exec-header */
1396 interp_elf_ex=*((struct elfhdr *) bprm->buf); /* elf exec-header */
1397 }
1398 if (retval < 0) {
1399 perror("load_elf_binary3");
1400 exit(-1);
1401 free (elf_phdata);
1402 free(elf_interpreter);
1403 close(bprm->fd);
1404 return retval;
1405 }
1406 }
1407 elf_ppnt++;
1408 }
1409
1410 /* Some simple consistency checks for the interpreter */
1411 if (elf_interpreter){
1412 interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT;
1413
1414 /* Now figure out which format our binary is */
1415 if ((N_MAGIC(interp_ex) != OMAGIC) && (N_MAGIC(interp_ex) != ZMAGIC) &&
1416 (N_MAGIC(interp_ex) != QMAGIC)) {
1417 interpreter_type = INTERPRETER_ELF;
1418 }
1419
1420 if (interp_elf_ex.e_ident[0] != 0x7f ||
b55266b5 1421 strncmp((char *)&interp_elf_ex.e_ident[1], "ELF",3) != 0) {
31e31b8a
FB		 1422 interpreter_type &= ~INTERPRETER_ELF;
1423 }
1424
1425 if (!interpreter_type) {
1426 free(elf_interpreter);
1427 free(elf_phdata);
1428 close(bprm->fd);
1429 return -ELIBBAD;
1430 }
1431 }
1432
1433 /* OK, we are done with that, now set up the arg stuff,
1434 and then start this sucker up */
1435
e5fe0c52 1436 {
31e31b8a
FB		 1437 char * passed_p;
1438
1439 if (interpreter_type == INTERPRETER_AOUT) {
eba2af63 1440 snprintf(passed_fileno, sizeof(passed_fileno), "%d", bprm->fd);
31e31b8a
FB		 1441 passed_p = passed_fileno;
1442
1443 if (elf_interpreter) {
e5fe0c52 1444 bprm->p = copy_elf_strings(1,&passed_p,bprm->page,bprm->p);
31e31b8a
FB		 1445 bprm->argc++;
1446 }
1447 }
1448 if (!bprm->p) {
1449 if (elf_interpreter) {
1450 free(elf_interpreter);
1451 }
1452 free (elf_phdata);
1453 close(bprm->fd);
1454 return -E2BIG;
1455 }
1456 }
1457
1458 /* OK, This is the point of no return */
1459 info->end_data = 0;
1460 info->end_code = 0;
992f48a0 1461 info->start_mmap = (abi_ulong)ELF_START_MMAP;
31e31b8a 1462 info->mmap = 0;
992f48a0 1463 elf_entry = (abi_ulong) elf_ex.e_entry;
31e31b8a
FB		 1464
1465 /* Do this so that we can load the interpreter, if need be. We will
1466 change some of these later */
1467 info->rss = 0;
1468 bprm->p = setup_arg_pages(bprm->p, bprm, info);
1469 info->start_stack = bprm->p;
1470
1471 /* Now we do a little grungy work by mmaping the ELF image into
1472 * the correct location in memory. At this point, we assume that
1473 * the image should be loaded at fixed address, not at a variable
1474 * address.
1475 */
1476
31e31b8a 1477 for(i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum; i++, elf_ppnt++) {
09bfb054
FB		 1478 int elf_prot = 0;
1479 int elf_flags = 0;
992f48a0 1480 abi_ulong error;
3b46e624 1481
09bfb054
FB		 1482 if (elf_ppnt->p_type != PT_LOAD)
1483 continue;
3b46e624 1484
09bfb054
FB		 1485 if (elf_ppnt->p_flags & PF_R) elf_prot |= PROT_READ;
1486 if (elf_ppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1487 if (elf_ppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1488 elf_flags = MAP_PRIVATE | MAP_DENYWRITE;
1489 if (elf_ex.e_type == ET_EXEC || load_addr_set) {
1490 elf_flags |= MAP_FIXED;
1491 } else if (elf_ex.e_type == ET_DYN) {
1492 /* Try and get dynamic programs out of the way of the default mmap
1493 base, as well as whatever program they might try to exec. This
1494 is because the brk will follow the loader, and is not movable. */
1495 /* NOTE: for qemu, we do a big mmap to get enough space
e91c8a77 1496 without hardcoding any address */
54936004 1497 error = target_mmap(0, ET_DYN_MAP_SIZE,
5fafdf24 1498 PROT_NONE, MAP_PRIVATE | MAP_ANON,
54936004 1499 -1, 0);
09bfb054
FB		 1500 if (error == -1) {
1501 perror("mmap");
1502 exit(-1);
1503 }
54936004 1504 load_bias = TARGET_ELF_PAGESTART(error - elf_ppnt->p_vaddr);
09bfb054 1505 }
3b46e624 1506
54936004
FB		 1507 error = target_mmap(TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr),
1508 (elf_ppnt->p_filesz +
1509 TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)),
1510 elf_prot,
1511 (MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE),
1512 bprm->fd,
5fafdf24 1513 (elf_ppnt->p_offset -
54936004 1514 TARGET_ELF_PAGEOFFSET(elf_ppnt->p_vaddr)));
09bfb054
FB		 1515 if (error == -1) {
1516 perror("mmap");
1517 exit(-1);
1518 }
31e31b8a
FB		 1519
1520#ifdef LOW_ELF_STACK
54936004
FB		 1521 if (TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr) < elf_stack)
1522 elf_stack = TARGET_ELF_PAGESTART(elf_ppnt->p_vaddr);
31e31b8a 1523#endif
3b46e624 1524
09bfb054
FB		 1525 if (!load_addr_set) {
1526 load_addr_set = 1;
1527 load_addr = elf_ppnt->p_vaddr - elf_ppnt->p_offset;
1528 if (elf_ex.e_type == ET_DYN) {
1529 load_bias += error -
54936004 1530 TARGET_ELF_PAGESTART(load_bias + elf_ppnt->p_vaddr);
09bfb054 1531 load_addr += load_bias;
84409ddb 1532 reloc_func_desc = load_bias;
09bfb054
FB		 1533 }
1534 }
1535 k = elf_ppnt->p_vaddr;
5fafdf24 1536 if (k < start_code)
09bfb054 1537 start_code = k;
863cf0b7
JM		 1538 if (start_data < k)
1539 start_data = k;
09bfb054 1540 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
5fafdf24 1541 if (k > elf_bss)
09bfb054
FB		 1542 elf_bss = k;
1543 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
1544 end_code = k;
5fafdf24 1545 if (end_data < k)
09bfb054
FB		 1546 end_data = k;
1547 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1548 if (k > elf_brk) elf_brk = k;
31e31b8a
FB		 1549 }
1550
09bfb054
FB		 1551 elf_entry += load_bias;
1552 elf_bss += load_bias;
1553 elf_brk += load_bias;
1554 start_code += load_bias;
1555 end_code += load_bias;
863cf0b7 1556 start_data += load_bias;
09bfb054
FB		 1557 end_data += load_bias;
1558
31e31b8a
FB		 1559 if (elf_interpreter) {
1560 if (interpreter_type & 1) {
1561 elf_entry = load_aout_interp(&interp_ex, interpreter_fd);
1562 }
1563 else if (interpreter_type & 2) {
1564 elf_entry = load_elf_interp(&interp_elf_ex, interpreter_fd,
1565 &interp_load_addr);
1566 }
84409ddb 1567 reloc_func_desc = interp_load_addr;
31e31b8a
FB		 1568
1569 close(interpreter_fd);
1570 free(elf_interpreter);
1571
992f48a0 1572 if (elf_entry == ~((abi_ulong)0UL)) {
31e31b8a
FB		 1573 printf("Unable to load interpreter\n");
1574 free(elf_phdata);
1575 exit(-1);
1576 return 0;
1577 }
1578 }
1579
1580 free(elf_phdata);
1581
93fcfe39 1582 if (qemu_log_enabled())
689f936f
FB		 1583 load_symbols(&elf_ex, bprm->fd);
1584
31e31b8a
FB		 1585 if (interpreter_type != INTERPRETER_AOUT) close(bprm->fd);
1586 info->personality = (ibcs2_interpreter ? PER_SVR4 : PER_LINUX);
1587
1588#ifdef LOW_ELF_STACK
1589 info->start_stack = bprm->p = elf_stack - 4;
1590#endif
53a5960a 1591 bprm->p = create_elf_tables(bprm->p,
31e31b8a
FB		 1592 bprm->argc,
1593 bprm->envc,
a1516e92 1594 &elf_ex,
09bfb054 1595 load_addr, load_bias,
31e31b8a
FB		 1596 interp_load_addr,
1597 (interpreter_type == INTERPRETER_AOUT ? 0 : 1),
1598 info);
92a343da 1599 info->load_addr = reloc_func_desc;
31e31b8a
FB		 1600 info->start_brk = info->brk = elf_brk;
1601 info->end_code = end_code;
1602 info->start_code = start_code;
863cf0b7 1603 info->start_data = start_data;
31e31b8a
FB		 1604 info->end_data = end_data;
1605 info->start_stack = bprm->p;
1606
1607 /* Calling set_brk effectively mmaps the pages that we need for the bss and break
1608 sections */
1609 set_brk(elf_bss, elf_brk);
1610
768a4a36 1611 padzero(elf_bss, elf_brk);
31e31b8a
FB		 1612
1613#if 0
1614 printf("(start_brk) %x\n" , info->start_brk);
1615 printf("(end_code) %x\n" , info->end_code);
1616 printf("(start_code) %x\n" , info->start_code);
1617 printf("(end_data) %x\n" , info->end_data);
1618 printf("(start_stack) %x\n" , info->start_stack);
1619 printf("(brk) %x\n" , info->brk);
1620#endif
1621
1622 if ( info->personality == PER_SVR4 )
1623 {
1624 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1625 and some applications "depend" upon this behavior.
1626 Since we do not have the power to recompile these, we
1627 emulate the SVr4 behavior. Sigh. */
83fb7adf 1628 mapped_addr = target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC,
54936004 1629 MAP_FIXED | MAP_PRIVATE, -1, 0);
31e31b8a
FB		 1630 }
1631
31e31b8a
FB		 1632 info->entry = elf_entry;
1633
edf8e2af
MW		 1634#ifdef USE_ELF_CORE_DUMP
1635 bprm->core_dump = &elf_core_dump;
1636#endif
1637
31e31b8a
FB		 1638 return 0;
1639}
1640
edf8e2af
MW		 1641#ifdef USE_ELF_CORE_DUMP
1642
1643/*
1644 * Definitions to generate Intel SVR4-like core files.
1645 * These mostly have the same names as the SVR4 types with "elf_"
1646 * tacked on the front to prevent clashes with linux definitions,
1647 * and the typedef forms have been avoided. This is mostly like
1648 * the SVR4 structure, but more Linuxy, with things that Linux does
1649 * not support and which gdb doesn't really use excluded.
1650 *
1651 * Fields we don't dump (their contents is zero) in linux-user qemu
1652 * are marked with XXX.
1653 *
1654 * Core dump code is copied from linux kernel (fs/binfmt_elf.c).
1655 *
1656 * Porting ELF coredump for target is (quite) simple process. First you
1657 * define ELF_USE_CORE_DUMP in target ELF code (where init_thread() for
1658 * the target resides):
1659 *
1660 * #define USE_ELF_CORE_DUMP
1661 *
1662 * Next you define type of register set used for dumping. ELF specification
1663 * says that it needs to be array of elf_greg_t that has size of ELF_NREG.
1664 *
1665 * typedef <target_regtype> elf_greg_t;
1666 * #define ELF_NREG <number of registers>
1667 * typedef elf_greg_t elf_gregset_t[ELF_NREG];
1668 *
1669 * Then define following types to match target types. Actual types can
1670 * be found from linux kernel (arch/<ARCH>/include/asm/posix_types.h):
1671 *
1672 * typedef <target_uid_type> target_uid_t;
1673 * typedef <target_gid_type> target_gid_t;
1674 * typedef <target_pid_type> target_pid_t;
1675 *
1676 * Last step is to implement target specific function that copies registers
1677 * from given cpu into just specified register set. Prototype is:
1678 *
1679 * static void elf_core_copy_regs(elf_gregset_t *regs, const CPUState *env);
1680 *
1681 * Parameters:
1682 * regs - copy register values into here (allocated and zeroed by caller)
1683 * env - copy registers from here
1684 *
1685 * Example for ARM target is provided in this file.
1686 */
1687
1688/* An ELF note in memory */
1689struct memelfnote {
1690 const char *name;
1691 size_t namesz;
1692 size_t namesz_rounded;
1693 int type;
1694 size_t datasz;
1695 void *data;
1696 size_t notesz;
1697};
1698
1699struct elf_siginfo {
1700 int si_signo; /* signal number */
1701 int si_code; /* extra code */
1702 int si_errno; /* errno */
1703};
1704
1705struct elf_prstatus {
1706 struct elf_siginfo pr_info; /* Info associated with signal */
1707 short pr_cursig; /* Current signal */
1708 target_ulong pr_sigpend; /* XXX */
1709 target_ulong pr_sighold; /* XXX */
1710 target_pid_t pr_pid;
1711 target_pid_t pr_ppid;
1712 target_pid_t pr_pgrp;
1713 target_pid_t pr_sid;
1714 struct target_timeval pr_utime; /* XXX User time */
1715 struct target_timeval pr_stime; /* XXX System time */
1716 struct target_timeval pr_cutime; /* XXX Cumulative user time */
1717 struct target_timeval pr_cstime; /* XXX Cumulative system time */
1718 elf_gregset_t pr_reg; /* GP registers */
1719 int pr_fpvalid; /* XXX */
1720};
1721
1722#define ELF_PRARGSZ (80) /* Number of chars for args */
1723
1724struct elf_prpsinfo {
1725 char pr_state; /* numeric process state */
1726 char pr_sname; /* char for pr_state */
1727 char pr_zomb; /* zombie */
1728 char pr_nice; /* nice val */
1729 target_ulong pr_flag; /* flags */
1730 target_uid_t pr_uid;
1731 target_gid_t pr_gid;
1732 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
1733 /* Lots missing */
1734 char pr_fname[16]; /* filename of executable */
1735 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
1736};
1737
1738/* Here is the structure in which status of each thread is captured. */
1739struct elf_thread_status {
1740 TAILQ_ENTRY(elf_thread_status) ets_link;
1741 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1742#if 0
1743 elf_fpregset_t fpu; /* NT_PRFPREG */
1744 struct task_struct *thread;
1745 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1746#endif
1747 struct memelfnote notes[1];
1748 int num_notes;
1749};
1750
1751struct elf_note_info {
1752 struct memelfnote *notes;
1753 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1754 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1755
1756 TAILQ_HEAD(thread_list_head, elf_thread_status) thread_list;
1757#if 0
1758 /*
1759 * Current version of ELF coredump doesn't support
1760 * dumping fp regs etc.
1761 */
1762 elf_fpregset_t *fpu;
1763 elf_fpxregset_t *xfpu;
1764 int thread_status_size;
1765#endif
1766 int notes_size;
1767 int numnote;
1768};
1769
1770struct vm_area_struct {
1771 abi_ulong vma_start; /* start vaddr of memory region */
1772 abi_ulong vma_end; /* end vaddr of memory region */
1773 abi_ulong vma_flags; /* protection etc. flags for the region */
1774 TAILQ_ENTRY(vm_area_struct) vma_link;
1775};
1776
1777struct mm_struct {
1778 TAILQ_HEAD(, vm_area_struct) mm_mmap;
1779 int mm_count; /* number of mappings */
1780};
1781
1782static struct mm_struct *vma_init(void);
1783static void vma_delete(struct mm_struct *);
1784static int vma_add_mapping(struct mm_struct *, abi_ulong,
1785 abi_ulong, abi_ulong);
1786static int vma_get_mapping_count(const struct mm_struct *);
1787static struct vm_area_struct *vma_first(const struct mm_struct *);
1788static struct vm_area_struct *vma_next(struct vm_area_struct *);
1789static abi_ulong vma_dump_size(const struct vm_area_struct *);
1790static int vma_walker(void *priv, unsigned long start, unsigned long end,
1791 unsigned long flags);
1792
1793static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t);
1794static void fill_note(struct memelfnote *, const char *, int,
1795 unsigned int, void *);
1796static void fill_prstatus(struct elf_prstatus *, const TaskState *, int);
1797static int fill_psinfo(struct elf_prpsinfo *, const TaskState *);
1798static void fill_auxv_note(struct memelfnote *, const TaskState *);
1799static void fill_elf_note_phdr(struct elf_phdr *, int, off_t);
1800static size_t note_size(const struct memelfnote *);
1801static void free_note_info(struct elf_note_info *);
1802static int fill_note_info(struct elf_note_info *, long, const CPUState *);
1803static void fill_thread_info(struct elf_note_info *, const CPUState *);
1804static int core_dump_filename(const TaskState *, char *, size_t);
1805
1806static int dump_write(int, const void *, size_t);
1807static int write_note(struct memelfnote *, int);
1808static int write_note_info(struct elf_note_info *, int);
1809
1810#ifdef BSWAP_NEEDED
1811static void bswap_prstatus(struct elf_prstatus *);
1812static void bswap_psinfo(struct elf_prpsinfo *);
1813
1814static void bswap_prstatus(struct elf_prstatus *prstatus)
1815{
1816 prstatus->pr_info.si_signo = tswapl(prstatus->pr_info.si_signo);
1817 prstatus->pr_info.si_code = tswapl(prstatus->pr_info.si_code);
1818 prstatus->pr_info.si_errno = tswapl(prstatus->pr_info.si_errno);
1819 prstatus->pr_cursig = tswap16(prstatus->pr_cursig);
1820 prstatus->pr_sigpend = tswapl(prstatus->pr_sigpend);
1821 prstatus->pr_sighold = tswapl(prstatus->pr_sighold);
1822 prstatus->pr_pid = tswap32(prstatus->pr_pid);
1823 prstatus->pr_ppid = tswap32(prstatus->pr_ppid);
1824 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp);
1825 prstatus->pr_sid = tswap32(prstatus->pr_sid);
1826 /* cpu times are not filled, so we skip them */
1827 /* regs should be in correct format already */
1828 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid);
1829}
1830
1831static void bswap_psinfo(struct elf_prpsinfo *psinfo)
1832{
1833 psinfo->pr_flag = tswapl(psinfo->pr_flag);
1834 psinfo->pr_uid = tswap16(psinfo->pr_uid);
1835 psinfo->pr_gid = tswap16(psinfo->pr_gid);
1836 psinfo->pr_pid = tswap32(psinfo->pr_pid);
1837 psinfo->pr_ppid = tswap32(psinfo->pr_ppid);
1838 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp);
1839 psinfo->pr_sid = tswap32(psinfo->pr_sid);
1840}
1841#endif /* BSWAP_NEEDED */
1842
1843/*
1844 * Minimal support for linux memory regions. These are needed
1845 * when we are finding out what memory exactly belongs to
1846 * emulated process. No locks needed here, as long as
1847 * thread that received the signal is stopped.
1848 */
1849
1850static struct mm_struct *vma_init(void)
1851{
1852 struct mm_struct *mm;
1853
1854 if ((mm = qemu_malloc(sizeof (*mm))) == NULL)
1855 return (NULL);
1856
1857 mm->mm_count = 0;
1858 TAILQ_INIT(&mm->mm_mmap);
1859
1860 return (mm);
1861}
1862
1863static void vma_delete(struct mm_struct *mm)
1864{
1865 struct vm_area_struct *vma;
1866
1867 while ((vma = vma_first(mm)) != NULL) {
1868 TAILQ_REMOVE(&mm->mm_mmap, vma, vma_link);
1869 qemu_free(vma);
1870 }
1871 qemu_free(mm);
1872}
1873
1874static int vma_add_mapping(struct mm_struct *mm, abi_ulong start,
1875 abi_ulong end, abi_ulong flags)
1876{
1877 struct vm_area_struct *vma;
1878
1879 if ((vma = qemu_mallocz(sizeof (*vma))) == NULL)
1880 return (-1);
1881
1882 vma->vma_start = start;
1883 vma->vma_end = end;
1884 vma->vma_flags = flags;
1885
1886 TAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link);
1887 mm->mm_count++;
1888
1889 return (0);
1890}
1891
1892static struct vm_area_struct *vma_first(const struct mm_struct *mm)
1893{
1894 return (TAILQ_FIRST(&mm->mm_mmap));
1895}
1896
1897static struct vm_area_struct *vma_next(struct vm_area_struct *vma)
1898{
1899 return (TAILQ_NEXT(vma, vma_link));
1900}
1901
1902static int vma_get_mapping_count(const struct mm_struct *mm)
1903{
1904 return (mm->mm_count);
1905}
1906
1907/*
1908 * Calculate file (dump) size of given memory region.
1909 */
1910static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
1911{
1912 /* if we cannot even read the first page, skip it */
1913 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
1914 return (0);
1915
1916 /*
1917 * Usually we don't dump executable pages as they contain
1918 * non-writable code that debugger can read directly from
1919 * target library etc. However, thread stacks are marked
1920 * also executable so we read in first page of given region
1921 * and check whether it contains elf header. If there is
1922 * no elf header, we dump it.
1923 */
1924 if (vma->vma_flags & PROT_EXEC) {
1925 char page[TARGET_PAGE_SIZE];
1926
1927 copy_from_user(page, vma->vma_start, sizeof (page));
1928 if ((page[EI_MAG0] == ELFMAG0) &&
1929 (page[EI_MAG1] == ELFMAG1) &&
1930 (page[EI_MAG2] == ELFMAG2) &&
1931 (page[EI_MAG3] == ELFMAG3)) {
1932 /*
1933 * Mappings are possibly from ELF binary. Don't dump
1934 * them.
1935 */
1936 return (0);
1937 }
1938 }
1939
1940 return (vma->vma_end - vma->vma_start);
1941}
1942
1943static int vma_walker(void *priv, unsigned long start, unsigned long end,
1944 unsigned long flags)
1945{
1946 struct mm_struct *mm = (struct mm_struct *)priv;
1947
1948 /*
1949 * Don't dump anything that qemu has reserved for internal use.
1950 */
1951 if (flags & PAGE_RESERVED)
1952 return (0);
1953
1954 vma_add_mapping(mm, start, end, flags);
1955 return (0);
1956}
1957
1958static void fill_note(struct memelfnote *note, const char *name, int type,
1959 unsigned int sz, void *data)
1960{
1961 unsigned int namesz;
1962
1963 namesz = strlen(name) + 1;
1964 note->name = name;
1965 note->namesz = namesz;
1966 note->namesz_rounded = roundup(namesz, sizeof (int32_t));
1967 note->type = type;
1968 note->datasz = roundup(sz, sizeof (int32_t));;
1969 note->data = data;
1970
1971 /*
1972 * We calculate rounded up note size here as specified by
1973 * ELF document.
1974 */
1975 note->notesz = sizeof (struct elf_note) +
1976 note->namesz_rounded + note->datasz;
1977}
1978
1979static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine,
1980 uint32_t flags)
1981{
1982 (void) memset(elf, 0, sizeof(*elf));
1983
1984 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG);
1985 elf->e_ident[EI_CLASS] = ELF_CLASS;
1986 elf->e_ident[EI_DATA] = ELF_DATA;
1987 elf->e_ident[EI_VERSION] = EV_CURRENT;
1988 elf->e_ident[EI_OSABI] = ELF_OSABI;
1989
1990 elf->e_type = ET_CORE;
1991 elf->e_machine = machine;
1992 elf->e_version = EV_CURRENT;
1993 elf->e_phoff = sizeof(struct elfhdr);
1994 elf->e_flags = flags;
1995 elf->e_ehsize = sizeof(struct elfhdr);
1996 elf->e_phentsize = sizeof(struct elf_phdr);
1997 elf->e_phnum = segs;
1998
1999#ifdef BSWAP_NEEDED
2000 bswap_ehdr(elf);
2001#endif
2002}
2003
2004static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
2005{
2006 phdr->p_type = PT_NOTE;
2007 phdr->p_offset = offset;
2008 phdr->p_vaddr = 0;
2009 phdr->p_paddr = 0;
2010 phdr->p_filesz = sz;
2011 phdr->p_memsz = 0;
2012 phdr->p_flags = 0;
2013 phdr->p_align = 0;
2014
2015#ifdef BSWAP_NEEDED
2016 bswap_phdr(phdr);
2017#endif
2018}
2019
2020static size_t note_size(const struct memelfnote *note)
2021{
2022 return (note->notesz);
2023}
2024
2025static void fill_prstatus(struct elf_prstatus *prstatus,
2026 const TaskState *ts, int signr)
2027{
2028 (void) memset(prstatus, 0, sizeof (*prstatus));
2029 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
2030 prstatus->pr_pid = ts->ts_tid;
2031 prstatus->pr_ppid = getppid();
2032 prstatus->pr_pgrp = getpgrp();
2033 prstatus->pr_sid = getsid(0);
2034
2035#ifdef BSWAP_NEEDED
2036 bswap_prstatus(prstatus);
2037#endif
2038}
2039
2040static int fill_psinfo(struct elf_prpsinfo *psinfo, const TaskState *ts)
2041{
2042 char *filename, *base_filename;
2043 unsigned int i, len;
2044
2045 (void) memset(psinfo, 0, sizeof (*psinfo));
2046
2047 len = ts->info->arg_end - ts->info->arg_start;
2048 if (len >= ELF_PRARGSZ)
2049 len = ELF_PRARGSZ - 1;
2050 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len))
2051 return -EFAULT;
2052 for (i = 0; i < len; i++)
2053 if (psinfo->pr_psargs[i] == 0)
2054 psinfo->pr_psargs[i] = ' ';
2055 psinfo->pr_psargs[len] = 0;
2056
2057 psinfo->pr_pid = getpid();
2058 psinfo->pr_ppid = getppid();
2059 psinfo->pr_pgrp = getpgrp();
2060 psinfo->pr_sid = getsid(0);
2061 psinfo->pr_uid = getuid();
2062 psinfo->pr_gid = getgid();
2063
2064 filename = strdup(ts->bprm->filename);
2065 base_filename = strdup(basename(filename));
2066 (void) strncpy(psinfo->pr_fname, base_filename,
2067 sizeof(psinfo->pr_fname));
2068 free(base_filename);
2069 free(filename);
2070
2071#ifdef BSWAP_NEEDED
2072 bswap_psinfo(psinfo);
2073#endif
2074 return (0);
2075}
2076
2077static void fill_auxv_note(struct memelfnote *note, const TaskState *ts)
2078{
2079 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv;
2080 elf_addr_t orig_auxv = auxv;
2081 abi_ulong val;
2082 void *ptr;
2083 int i, len;
2084
2085 /*
2086 * Auxiliary vector is stored in target process stack. It contains
2087 * {type, value} pairs that we need to dump into note. This is not
2088 * strictly necessary but we do it here for sake of completeness.
2089 */
2090
2091 /* find out lenght of the vector, AT_NULL is terminator */
2092 i = len = 0;
2093 do {
2094 get_user_ual(val, auxv);
2095 i += 2;
2096 auxv += 2 * sizeof (elf_addr_t);
2097 } while (val != AT_NULL);
2098 len = i * sizeof (elf_addr_t);
2099
2100 /* read in whole auxv vector and copy it to memelfnote */
2101 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0);
2102 if (ptr != NULL) {
2103 fill_note(note, "CORE", NT_AUXV, len, ptr);
2104 unlock_user(ptr, auxv, len);
2105 }
2106}
2107
2108/*
2109 * Constructs name of coredump file. We have following convention
2110 * for the name:
2111 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core
2112 *
2113 * Returns 0 in case of success, -1 otherwise (errno is set).
2114 */
2115static int core_dump_filename(const TaskState *ts, char *buf,
2116 size_t bufsize)
2117{
2118 char timestamp[64];
2119 char *filename = NULL;
2120 char *base_filename = NULL;
2121 struct timeval tv;
2122 struct tm tm;
2123
2124 assert(bufsize >= PATH_MAX);
2125
2126 if (gettimeofday(&tv, NULL) < 0) {
2127 (void) fprintf(stderr, "unable to get current timestamp: %s",
2128 strerror(errno));
2129 return (-1);
2130 }
2131
2132 filename = strdup(ts->bprm->filename);
2133 base_filename = strdup(basename(filename));
2134 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S",
2135 localtime_r(&tv.tv_sec, &tm));
2136 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core",
2137 base_filename, timestamp, (int)getpid());
2138 free(base_filename);
2139 free(filename);
2140
2141 return (0);
2142}
2143
2144static int dump_write(int fd, const void *ptr, size_t size)
2145{
2146 const char *bufp = (const char *)ptr;
2147 ssize_t bytes_written, bytes_left;
2148 struct rlimit dumpsize;
2149 off_t pos;
2150
2151 bytes_written = 0;
2152 getrlimit(RLIMIT_CORE, &dumpsize);
2153 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) {
2154 if (errno == ESPIPE) { /* not a seekable stream */
2155 bytes_left = size;
2156 } else {
2157 return pos;
2158 }
2159 } else {
2160 if (dumpsize.rlim_cur <= pos) {
2161 return -1;
2162 } else if (dumpsize.rlim_cur == RLIM_INFINITY) {
2163 bytes_left = size;
2164 } else {
2165 size_t limit_left=dumpsize.rlim_cur - pos;
2166 bytes_left = limit_left >= size ? size : limit_left ;
2167 }
2168 }
2169
2170 /*
2171 * In normal conditions, single write(2) should do but
2172 * in case of socket etc. this mechanism is more portable.
2173 */
2174 do {
2175 bytes_written = write(fd, bufp, bytes_left);
2176 if (bytes_written < 0) {
2177 if (errno == EINTR)
2178 continue;
2179 return (-1);
2180 } else if (bytes_written == 0) { /* eof */
2181 return (-1);
2182 }
2183 bufp += bytes_written;
2184 bytes_left -= bytes_written;
2185 } while (bytes_left > 0);
2186
2187 return (0);
2188}
2189
2190static int write_note(struct memelfnote *men, int fd)
2191{
2192 struct elf_note en;
2193
2194 en.n_namesz = men->namesz;
2195 en.n_type = men->type;
2196 en.n_descsz = men->datasz;
2197
2198#ifdef BSWAP_NEEDED
2199 bswap_note(&en);
2200#endif
2201
2202 if (dump_write(fd, &en, sizeof(en)) != 0)
2203 return (-1);
2204 if (dump_write(fd, men->name, men->namesz_rounded) != 0)
2205 return (-1);
2206 if (dump_write(fd, men->data, men->datasz) != 0)
2207 return (-1);
2208
2209 return (0);
2210}
2211
2212static void fill_thread_info(struct elf_note_info *info, const CPUState *env)
2213{
2214 TaskState *ts = (TaskState *)env->opaque;
2215 struct elf_thread_status *ets;
2216
2217 ets = qemu_mallocz(sizeof (*ets));
2218 ets->num_notes = 1; /* only prstatus is dumped */
2219 fill_prstatus(&ets->prstatus, ts, 0);
2220 elf_core_copy_regs(&ets->prstatus.pr_reg, env);
2221 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus),
2222 &ets->prstatus);
2223
2224 TAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link);
2225
2226 info->notes_size += note_size(&ets->notes[0]);
2227}
2228
2229static int fill_note_info(struct elf_note_info *info,
2230 long signr, const CPUState *env)
2231{
2232#define NUMNOTES 3
2233 CPUState *cpu = NULL;
2234 TaskState *ts = (TaskState *)env->opaque;
2235 int i;
2236
2237 (void) memset(info, 0, sizeof (*info));
2238
2239 TAILQ_INIT(&info->thread_list);
2240
2241 info->notes = qemu_mallocz(NUMNOTES * sizeof (struct memelfnote));
2242 if (info->notes == NULL)
2243 return (-ENOMEM);
2244 info->prstatus = qemu_mallocz(sizeof (*info->prstatus));
2245 if (info->prstatus == NULL)
2246 return (-ENOMEM);
2247 info->psinfo = qemu_mallocz(sizeof (*info->psinfo));
2248 if (info->prstatus == NULL)
2249 return (-ENOMEM);
2250
2251 /*
2252 * First fill in status (and registers) of current thread
2253 * including process info & aux vector.
2254 */
2255 fill_prstatus(info->prstatus, ts, signr);
2256 elf_core_copy_regs(&info->prstatus->pr_reg, env);
2257 fill_note(&info->notes[0], "CORE", NT_PRSTATUS,
2258 sizeof (*info->prstatus), info->prstatus);
2259 fill_psinfo(info->psinfo, ts);
2260 fill_note(&info->notes[1], "CORE", NT_PRPSINFO,
2261 sizeof (*info->psinfo), info->psinfo);
2262 fill_auxv_note(&info->notes[2], ts);
2263 info->numnote = 3;
2264
2265 info->notes_size = 0;
2266 for (i = 0; i < info->numnote; i++)
2267 info->notes_size += note_size(&info->notes[i]);
2268
2269 /* read and fill status of all threads */
2270 cpu_list_lock();
2271 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
2272 if (cpu == thread_env)
2273 continue;
2274 fill_thread_info(info, cpu);
2275 }
2276 cpu_list_unlock();
2277
2278 return (0);
2279}
2280
2281static void free_note_info(struct elf_note_info *info)
2282{
2283 struct elf_thread_status *ets;
2284
2285 while (!TAILQ_EMPTY(&info->thread_list)) {
2286 ets = TAILQ_FIRST(&info->thread_list);
2287 TAILQ_REMOVE(&info->thread_list, ets, ets_link);
2288 qemu_free(ets);
2289 }
2290
2291 qemu_free(info->prstatus);
2292 qemu_free(info->psinfo);
2293 qemu_free(info->notes);
2294}
2295
2296static int write_note_info(struct elf_note_info *info, int fd)
2297{
2298 struct elf_thread_status *ets;
2299 int i, error = 0;
2300
2301 /* write prstatus, psinfo and auxv for current thread */
2302 for (i = 0; i < info->numnote; i++)
2303 if ((error = write_note(&info->notes[i], fd)) != 0)
2304 return (error);
2305
2306 /* write prstatus for each thread */
2307 for (ets = info->thread_list.tqh_first; ets != NULL;
2308 ets = ets->ets_link.tqe_next) {
2309 if ((error = write_note(&ets->notes[0], fd)) != 0)
2310 return (error);
2311 }
2312
2313 return (0);
2314}
2315
2316/*
2317 * Write out ELF coredump.
2318 *
2319 * See documentation of ELF object file format in:
2320 * http://www.caldera.com/developers/devspecs/gabi41.pdf
2321 *
2322 * Coredump format in linux is following:
2323 *
2324 * 0 +----------------------+ \
2325 * | ELF header | ET_CORE |
2326 * +----------------------+ |
2327 * | ELF program headers | |--- headers
2328 * | - NOTE section | |
2329 * | - PT_LOAD sections | |
2330 * +----------------------+ /
2331 * | NOTEs: |
2332 * | - NT_PRSTATUS |
2333 * | - NT_PRSINFO |
2334 * | - NT_AUXV |
2335 * +----------------------+ <-- aligned to target page
2336 * | Process memory dump |
2337 * : :
2338 * . .
2339 * : :
2340 * | |
2341 * +----------------------+
2342 *
2343 * NT_PRSTATUS -> struct elf_prstatus (per thread)
2344 * NT_PRSINFO -> struct elf_prpsinfo
2345 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()).
2346 *
2347 * Format follows System V format as close as possible. Current
2348 * version limitations are as follows:
2349 * - no floating point registers are dumped
2350 *
2351 * Function returns 0 in case of success, negative errno otherwise.
2352 *
2353 * TODO: make this work also during runtime: it should be
2354 * possible to force coredump from running process and then
2355 * continue processing. For example qemu could set up SIGUSR2
2356 * handler (provided that target process haven't registered
2357 * handler for that) that does the dump when signal is received.
2358 */
2359static int elf_core_dump(int signr, const CPUState *env)
2360{
2361 const TaskState *ts = (const TaskState *)env->opaque;
2362 struct vm_area_struct *vma = NULL;
2363 char corefile[PATH_MAX];
2364 struct elf_note_info info;
2365 struct elfhdr elf;
2366 struct elf_phdr phdr;
2367 struct rlimit dumpsize;
2368 struct mm_struct *mm = NULL;
2369 off_t offset = 0, data_offset = 0;
2370 int segs = 0;
2371 int fd = -1;
2372
2373 errno = 0;
2374 getrlimit(RLIMIT_CORE, &dumpsize);
2375 if (dumpsize.rlim_cur == 0)
2376 return 0;
2377
2378 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0)
2379 return (-errno);
2380
2381 if ((fd = open(corefile, O_WRONLY | O_CREAT,
2382 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0)
2383 return (-errno);
2384
2385 /*
2386 * Walk through target process memory mappings and
2387 * set up structure containing this information. After
2388 * this point vma_xxx functions can be used.
2389 */
2390 if ((mm = vma_init()) == NULL)
2391 goto out;
2392
2393 walk_memory_regions(mm, vma_walker);
2394 segs = vma_get_mapping_count(mm);
2395
2396 /*
2397 * Construct valid coredump ELF header. We also
2398 * add one more segment for notes.
2399 */
2400 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0);
2401 if (dump_write(fd, &elf, sizeof (elf)) != 0)
2402 goto out;
2403
2404 /* fill in in-memory version of notes */
2405 if (fill_note_info(&info, signr, env) < 0)
2406 goto out;
2407
2408 offset += sizeof (elf); /* elf header */
2409 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */
2410
2411 /* write out notes program header */
2412 fill_elf_note_phdr(&phdr, info.notes_size, offset);
2413
2414 offset += info.notes_size;
2415 if (dump_write(fd, &phdr, sizeof (phdr)) != 0)
2416 goto out;
2417
2418 /*
2419 * ELF specification wants data to start at page boundary so
2420 * we align it here.
2421 */
2422 offset = roundup(offset, ELF_EXEC_PAGESIZE);
2423
2424 /*
2425 * Write program headers for memory regions mapped in
2426 * the target process.
2427 */
2428 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2429 (void) memset(&phdr, 0, sizeof (phdr));
2430
2431 phdr.p_type = PT_LOAD;
2432 phdr.p_offset = offset;
2433 phdr.p_vaddr = vma->vma_start;
2434 phdr.p_paddr = 0;
2435 phdr.p_filesz = vma_dump_size(vma);
2436 offset += phdr.p_filesz;
2437 phdr.p_memsz = vma->vma_end - vma->vma_start;
2438 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0;
2439 if (vma->vma_flags & PROT_WRITE)
2440 phdr.p_flags |= PF_W;
2441 if (vma->vma_flags & PROT_EXEC)
2442 phdr.p_flags |= PF_X;
2443 phdr.p_align = ELF_EXEC_PAGESIZE;
2444
2445 dump_write(fd, &phdr, sizeof (phdr));
2446 }
2447
2448 /*
2449 * Next we write notes just after program headers. No
2450 * alignment needed here.
2451 */
2452 if (write_note_info(&info, fd) < 0)
2453 goto out;
2454
2455 /* align data to page boundary */
2456 data_offset = lseek(fd, 0, SEEK_CUR);
2457 data_offset = TARGET_PAGE_ALIGN(data_offset);
2458 if (lseek(fd, data_offset, SEEK_SET) != data_offset)
2459 goto out;
2460
2461 /*
2462 * Finally we can dump process memory into corefile as well.
2463 */
2464 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2465 abi_ulong addr;
2466 abi_ulong end;
2467
2468 end = vma->vma_start + vma_dump_size(vma);
2469
2470 for (addr = vma->vma_start; addr < end;
2471 addr += TARGET_PAGE_SIZE) {
2472 char page[TARGET_PAGE_SIZE];
2473 int error;
2474
2475 /*
2476 * Read in page from target process memory and
2477 * write it to coredump file.
2478 */
2479 error = copy_from_user(page, addr, sizeof (page));
2480 if (error != 0) {
2481 (void) fprintf(stderr, "unable to dump " TARGET_FMT_lx "\n",
2482 addr);
2483 errno = -error;
2484 goto out;
2485 }
2486 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0)
2487 goto out;
2488 }
2489 }
2490
2491out:
2492 free_note_info(&info);
2493 if (mm != NULL)
2494 vma_delete(mm);
2495 (void) close(fd);
2496
2497 if (errno != 0)
2498 return (-errno);
2499 return (0);
2500}
2501
2502#endif /* USE_ELF_CORE_DUMP */
2503
31e31b8a
FB		 2504static int load_aout_interp(void * exptr, int interp_fd)
2505{
2506 printf("a.out interpreter not yet supported\n");
2507 return(0);
2508}
2509
e5fe0c52
PB		 2510void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
2511{
2512 init_thread(regs, infop);
2513}
QEMU mirror