]> git.proxmox.com Git - qemu.git/blame - linux-user/elfload.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge remote-tracking branch 'rth/tcg-ia64-17' into staging
[qemu.git] / linux-user / elfload.c
CommitLineData
31e31b8a 1/* This is the Linux kernel elf-loading code, ported into user space */
edf8e2af
MW		 2#include <sys/time.h>
3#include <sys/param.h>
31e31b8a
FB		 4
5#include <stdio.h>
6#include <sys/types.h>
7#include <fcntl.h>
31e31b8a
FB		 8#include <errno.h>
9#include <unistd.h>
10#include <sys/mman.h>
edf8e2af 11#include <sys/resource.h>
31e31b8a
FB		 12#include <stdlib.h>
13#include <string.h>
edf8e2af 14#include <time.h>
31e31b8a 15
3ef693a0 16#include "qemu.h"
76cad711 17#include "disas/disas.h"
31e31b8a 18
e58ffeb3 19#ifdef _ARCH_PPC64
a6cc84f4 20#undef ARCH_DLINFO
21#undef ELF_PLATFORM
22#undef ELF_HWCAP
23#undef ELF_CLASS
24#undef ELF_DATA
25#undef ELF_ARCH
26#endif
27
edf8e2af
MW		 28#define ELF_OSABI ELFOSABI_SYSV
29
cb33da57
BS		 30/* from personality.h */
31
32/*
33 * Flags for bug emulation.
34 *
35 * These occupy the top three bytes.
36 */
37enum {
d97ef72e
RH		 38 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */
39 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to
40 descriptors (signal handling) */
41 MMAP_PAGE_ZERO = 0x0100000,
42 ADDR_COMPAT_LAYOUT = 0x0200000,
43 READ_IMPLIES_EXEC = 0x0400000,
44 ADDR_LIMIT_32BIT = 0x0800000,
45 SHORT_INODE = 0x1000000,
46 WHOLE_SECONDS = 0x2000000,
47 STICKY_TIMEOUTS = 0x4000000,
48 ADDR_LIMIT_3GB = 0x8000000,
cb33da57
BS		 49};
50
51/*
52 * Personality types.
53 *
54 * These go in the low byte. Avoid using the top bit, it will
55 * conflict with error returns.
56 */
57enum {
d97ef72e
RH		 58 PER_LINUX = 0x0000,
59 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT,
60 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS,
61 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
62 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
63 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE,
64 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
65 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
66 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS,
67 PER_BSD = 0x0006,
68 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS,
69 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
70 PER_LINUX32 = 0x0008,
71 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB,
72 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
73 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
74 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
75 PER_RISCOS = 0x000c,
76 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS,
77 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
78 PER_OSF4 = 0x000f, /* OSF/1 v4 */
79 PER_HPUX = 0x0010,
80 PER_MASK = 0x00ff,
cb33da57
BS		 81};
82
83/*
84 * Return the base personality without flags.
85 */
d97ef72e 86#define personality(pers) (pers & PER_MASK)
cb33da57 87
83fb7adf
FB		 88/* this flag is uneffective under linux too, should be deleted */
89#ifndef MAP_DENYWRITE
90#define MAP_DENYWRITE 0
91#endif
92
93/* should probably go in elf.h */
94#ifndef ELIBBAD
95#define ELIBBAD 80
96#endif
97
28490231
RH		 98#ifdef TARGET_WORDS_BIGENDIAN
99#define ELF_DATA ELFDATA2MSB
100#else
101#define ELF_DATA ELFDATA2LSB
102#endif
103
a29f998d 104#ifdef TARGET_ABI_MIPSN32
918fc54c
PB		 105typedef abi_ullong target_elf_greg_t;
106#define tswapreg(ptr) tswap64(ptr)
a29f998d
PB		 107#else
108typedef abi_ulong target_elf_greg_t;
109#define tswapreg(ptr) tswapal(ptr)
110#endif
111
21e807fa 112#ifdef USE_UID16
1ddd592f
PB		 113typedef abi_ushort target_uid_t;
114typedef abi_ushort target_gid_t;
21e807fa 115#else
f8fd4fc4
PB		 116typedef abi_uint target_uid_t;
117typedef abi_uint target_gid_t;
21e807fa 118#endif
f8fd4fc4 119typedef abi_int target_pid_t;
21e807fa 120
30ac07d4
FB		 121#ifdef TARGET_I386
122
15338fd7
FB		 123#define ELF_PLATFORM get_elf_platform()
124
125static const char *get_elf_platform(void)
126{
127 static char elf_platform[] = "i386";
a2247f8e 128 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL);
15338fd7
FB		 129 if (family > 6)
130 family = 6;
131 if (family >= 3)
132 elf_platform[1] = '0' + family;
133 return elf_platform;
134}
135
136#define ELF_HWCAP get_elf_hwcap()
137
138static uint32_t get_elf_hwcap(void)
139{
a2247f8e
AF		 140 X86CPU *cpu = X86_CPU(thread_cpu);
141
142 return cpu->env.features[FEAT_1_EDX];
15338fd7
FB		 143}
144
84409ddb
JM		 145#ifdef TARGET_X86_64
146#define ELF_START_MMAP 0x2aaaaab000ULL
147#define elf_check_arch(x) ( ((x) == ELF_ARCH) )
148
149#define ELF_CLASS ELFCLASS64
84409ddb
JM		 150#define ELF_ARCH EM_X86_64
151
152static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
153{
154 regs->rax = 0;
155 regs->rsp = infop->start_stack;
156 regs->rip = infop->entry;
157}
158
9edc5d79 159#define ELF_NREG 27
c227f099 160typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
9edc5d79
MW		 161
162/*
163 * Note that ELF_NREG should be 29 as there should be place for
164 * TRAPNO and ERR "registers" as well but linux doesn't dump
165 * those.
166 *
167 * See linux kernel: arch/x86/include/asm/elf.h
168 */
05390248 169static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env)
9edc5d79
MW		 170{
171 (*regs)[0] = env->regs[15];
172 (*regs)[1] = env->regs[14];
173 (*regs)[2] = env->regs[13];
174 (*regs)[3] = env->regs[12];
175 (*regs)[4] = env->regs[R_EBP];
176 (*regs)[5] = env->regs[R_EBX];
177 (*regs)[6] = env->regs[11];
178 (*regs)[7] = env->regs[10];
179 (*regs)[8] = env->regs[9];
180 (*regs)[9] = env->regs[8];
181 (*regs)[10] = env->regs[R_EAX];
182 (*regs)[11] = env->regs[R_ECX];
183 (*regs)[12] = env->regs[R_EDX];
184 (*regs)[13] = env->regs[R_ESI];
185 (*regs)[14] = env->regs[R_EDI];
186 (*regs)[15] = env->regs[R_EAX]; /* XXX */
187 (*regs)[16] = env->eip;
188 (*regs)[17] = env->segs[R_CS].selector & 0xffff;
189 (*regs)[18] = env->eflags;
190 (*regs)[19] = env->regs[R_ESP];
191 (*regs)[20] = env->segs[R_SS].selector & 0xffff;
192 (*regs)[21] = env->segs[R_FS].selector & 0xffff;
193 (*regs)[22] = env->segs[R_GS].selector & 0xffff;
194 (*regs)[23] = env->segs[R_DS].selector & 0xffff;
195 (*regs)[24] = env->segs[R_ES].selector & 0xffff;
196 (*regs)[25] = env->segs[R_FS].selector & 0xffff;
197 (*regs)[26] = env->segs[R_GS].selector & 0xffff;
198}
199
84409ddb
JM		 200#else
201
30ac07d4
FB		 202#define ELF_START_MMAP 0x80000000
203
30ac07d4
FB		 204/*
205 * This is used to ensure we don't load something for the wrong architecture.
206 */
207#define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) )
208
209/*
210 * These are used to set parameters in the core dumps.
211 */
d97ef72e 212#define ELF_CLASS ELFCLASS32
d97ef72e 213#define ELF_ARCH EM_386
30ac07d4 214
d97ef72e
RH		 215static inline void init_thread(struct target_pt_regs *regs,
216 struct image_info *infop)
b346ff46
FB		 217{
218 regs->esp = infop->start_stack;
219 regs->eip = infop->entry;
e5fe0c52
PB		 220
221 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
222 starts %edx contains a pointer to a function which might be
223 registered using `atexit'. This provides a mean for the
224 dynamic linker to call DT_FINI functions for shared libraries
225 that have been loaded before the code runs.
226
227 A value of 0 tells we have no such handler. */
228 regs->edx = 0;
b346ff46 229}
9edc5d79 230
9edc5d79 231#define ELF_NREG 17
c227f099 232typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
9edc5d79
MW		 233
234/*
235 * Note that ELF_NREG should be 19 as there should be place for
236 * TRAPNO and ERR "registers" as well but linux doesn't dump
237 * those.
238 *
239 * See linux kernel: arch/x86/include/asm/elf.h
240 */
05390248 241static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env)
9edc5d79
MW		 242{
243 (*regs)[0] = env->regs[R_EBX];
244 (*regs)[1] = env->regs[R_ECX];
245 (*regs)[2] = env->regs[R_EDX];
246 (*regs)[3] = env->regs[R_ESI];
247 (*regs)[4] = env->regs[R_EDI];
248 (*regs)[5] = env->regs[R_EBP];
249 (*regs)[6] = env->regs[R_EAX];
250 (*regs)[7] = env->segs[R_DS].selector & 0xffff;
251 (*regs)[8] = env->segs[R_ES].selector & 0xffff;
252 (*regs)[9] = env->segs[R_FS].selector & 0xffff;
253 (*regs)[10] = env->segs[R_GS].selector & 0xffff;
254 (*regs)[11] = env->regs[R_EAX]; /* XXX */
255 (*regs)[12] = env->eip;
256 (*regs)[13] = env->segs[R_CS].selector & 0xffff;
257 (*regs)[14] = env->eflags;
258 (*regs)[15] = env->regs[R_ESP];
259 (*regs)[16] = env->segs[R_SS].selector & 0xffff;
260}
84409ddb 261#endif
b346ff46 262
9edc5d79 263#define USE_ELF_CORE_DUMP
d97ef72e 264#define ELF_EXEC_PAGESIZE 4096
b346ff46
FB		 265
266#endif
267
268#ifdef TARGET_ARM
269
270#define ELF_START_MMAP 0x80000000
271
99033cae 272#define elf_check_arch(x) ((x) == ELF_MACHINE)
b346ff46 273
99033cae
AG		 274#define ELF_ARCH ELF_MACHINE
275
276#ifdef TARGET_AARCH64
277#define ELF_CLASS ELFCLASS64
278#else
d97ef72e 279#define ELF_CLASS ELFCLASS32
99033cae 280#endif
b346ff46 281
d97ef72e
RH		 282static inline void init_thread(struct target_pt_regs *regs,
283 struct image_info *infop)
b346ff46 284{
992f48a0 285 abi_long stack = infop->start_stack;
b346ff46 286 memset(regs, 0, sizeof(*regs));
99033cae
AG		 287
288#ifdef TARGET_AARCH64
289 regs->pc = infop->entry & ~0x3ULL;
290 regs->sp = stack;
291#else
b346ff46 292 regs->ARM_cpsr = 0x10;
0240ded8 293 if (infop->entry & 1)
d97ef72e 294 regs->ARM_cpsr |= CPSR_T;
0240ded8 295 regs->ARM_pc = infop->entry & 0xfffffffe;
b346ff46 296 regs->ARM_sp = infop->start_stack;
2f619698
FB		 297 /* FIXME - what to for failure of get_user()? */
298 get_user_ual(regs->ARM_r2, stack + 8); /* envp */
299 get_user_ual(regs->ARM_r1, stack + 4); /* envp */
a1516e92 300 /* XXX: it seems that r0 is zeroed after ! */
e5fe0c52
PB		 301 regs->ARM_r0 = 0;
302 /* For uClinux PIC binaries. */
863cf0b7 303 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
e5fe0c52 304 regs->ARM_r10 = infop->start_data;
99033cae 305#endif
b346ff46
FB		 306}
307
edf8e2af 308#define ELF_NREG 18
c227f099 309typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
edf8e2af 310
05390248 311static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env)
edf8e2af 312{
86cd7b2d
PB		 313 (*regs)[0] = tswapreg(env->regs[0]);
314 (*regs)[1] = tswapreg(env->regs[1]);
315 (*regs)[2] = tswapreg(env->regs[2]);
316 (*regs)[3] = tswapreg(env->regs[3]);
317 (*regs)[4] = tswapreg(env->regs[4]);
318 (*regs)[5] = tswapreg(env->regs[5]);
319 (*regs)[6] = tswapreg(env->regs[6]);
320 (*regs)[7] = tswapreg(env->regs[7]);
321 (*regs)[8] = tswapreg(env->regs[8]);
322 (*regs)[9] = tswapreg(env->regs[9]);
323 (*regs)[10] = tswapreg(env->regs[10]);
324 (*regs)[11] = tswapreg(env->regs[11]);
325 (*regs)[12] = tswapreg(env->regs[12]);
326 (*regs)[13] = tswapreg(env->regs[13]);
327 (*regs)[14] = tswapreg(env->regs[14]);
328 (*regs)[15] = tswapreg(env->regs[15]);
329
330 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env));
331 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */
edf8e2af
MW		 332}
333
30ac07d4 334#define USE_ELF_CORE_DUMP
d97ef72e 335#define ELF_EXEC_PAGESIZE 4096
30ac07d4 336
afce2927
FB		 337enum
338{
d97ef72e
RH		 339 ARM_HWCAP_ARM_SWP = 1 << 0,
340 ARM_HWCAP_ARM_HALF = 1 << 1,
341 ARM_HWCAP_ARM_THUMB = 1 << 2,
342 ARM_HWCAP_ARM_26BIT = 1 << 3,
343 ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
344 ARM_HWCAP_ARM_FPA = 1 << 5,
345 ARM_HWCAP_ARM_VFP = 1 << 6,
346 ARM_HWCAP_ARM_EDSP = 1 << 7,
347 ARM_HWCAP_ARM_JAVA = 1 << 8,
348 ARM_HWCAP_ARM_IWMMXT = 1 << 9,
349 ARM_HWCAP_ARM_THUMBEE = 1 << 10,
350 ARM_HWCAP_ARM_NEON = 1 << 11,
351 ARM_HWCAP_ARM_VFPv3 = 1 << 12,
352 ARM_HWCAP_ARM_VFPv3D16 = 1 << 13,
afce2927
FB		 353};
354
806d1021
MI		 355#define TARGET_HAS_VALIDATE_GUEST_SPACE
356/* Return 1 if the proposed guest space is suitable for the guest.
357 * Return 0 if the proposed guest space isn't suitable, but another
358 * address space should be tried.
359 * Return -1 if there is no way the proposed guest space can be
360 * valid regardless of the base.
361 * The guest code may leave a page mapped and populate it if the
362 * address is suitable.
363 */
364static int validate_guest_space(unsigned long guest_base,
365 unsigned long guest_size)
97cc7560
DDAG		 366{
367 unsigned long real_start, test_page_addr;
368
369 /* We need to check that we can force a fault on access to the
370 * commpage at 0xffff0fxx
371 */
372 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask);
806d1021
MI		 373
374 /* If the commpage lies within the already allocated guest space,
375 * then there is no way we can allocate it.
376 */
377 if (test_page_addr >= guest_base
378 && test_page_addr <= (guest_base + guest_size)) {
379 return -1;
380 }
381
97cc7560
DDAG		 382 /* Note it needs to be writeable to let us initialise it */
383 real_start = (unsigned long)
384 mmap((void *)test_page_addr, qemu_host_page_size,
385 PROT_READ | PROT_WRITE,
386 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
387
388 /* If we can't map it then try another address */
389 if (real_start == -1ul) {
390 return 0;
391 }
392
393 if (real_start != test_page_addr) {
394 /* OS didn't put the page where we asked - unmap and reject */
395 munmap((void *)real_start, qemu_host_page_size);
396 return 0;
397 }
398
399 /* Leave the page mapped
400 * Populate it (mmap should have left it all 0'd)
401 */
402
403 /* Kernel helper versions */
404 __put_user(5, (uint32_t *)g2h(0xffff0ffcul));
405
406 /* Now it's populated make it RO */
407 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) {
408 perror("Protecting guest commpage");
409 exit(-1);
410 }
411
412 return 1; /* All good */
413}
414
adf050b1
BC		 415
416#define ELF_HWCAP get_elf_hwcap()
417
418static uint32_t get_elf_hwcap(void)
419{
a2247f8e 420 ARMCPU *cpu = ARM_CPU(thread_cpu);
adf050b1
BC		 421 uint32_t hwcaps = 0;
422
423 hwcaps |= ARM_HWCAP_ARM_SWP;
424 hwcaps |= ARM_HWCAP_ARM_HALF;
425 hwcaps |= ARM_HWCAP_ARM_THUMB;
426 hwcaps |= ARM_HWCAP_ARM_FAST_MULT;
427 hwcaps |= ARM_HWCAP_ARM_FPA;
428
429 /* probe for the extra features */
430#define GET_FEATURE(feat, hwcap) \
a2247f8e 431 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0)
adf050b1
BC		 432 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP);
433 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT);
434 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE);
435 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON);
436 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3);
437 GET_FEATURE(ARM_FEATURE_VFP_FP16, ARM_HWCAP_ARM_VFPv3D16);
438#undef GET_FEATURE
439
440 return hwcaps;
441}
afce2927 442
30ac07d4
FB		 443#endif
444
d2fbca94
GX		 445#ifdef TARGET_UNICORE32
446
447#define ELF_START_MMAP 0x80000000
448
449#define elf_check_arch(x) ((x) == EM_UNICORE32)
450
451#define ELF_CLASS ELFCLASS32
452#define ELF_DATA ELFDATA2LSB
453#define ELF_ARCH EM_UNICORE32
454
455static inline void init_thread(struct target_pt_regs *regs,
456 struct image_info *infop)
457{
458 abi_long stack = infop->start_stack;
459 memset(regs, 0, sizeof(*regs));
460 regs->UC32_REG_asr = 0x10;
461 regs->UC32_REG_pc = infop->entry & 0xfffffffe;
462 regs->UC32_REG_sp = infop->start_stack;
463 /* FIXME - what to for failure of get_user()? */
464 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */
465 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */
466 /* XXX: it seems that r0 is zeroed after ! */
467 regs->UC32_REG_00 = 0;
468}
469
470#define ELF_NREG 34
471typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
472
05390248 473static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env)
d2fbca94
GX		 474{
475 (*regs)[0] = env->regs[0];
476 (*regs)[1] = env->regs[1];
477 (*regs)[2] = env->regs[2];
478 (*regs)[3] = env->regs[3];
479 (*regs)[4] = env->regs[4];
480 (*regs)[5] = env->regs[5];
481 (*regs)[6] = env->regs[6];
482 (*regs)[7] = env->regs[7];
483 (*regs)[8] = env->regs[8];
484 (*regs)[9] = env->regs[9];
485 (*regs)[10] = env->regs[10];
486 (*regs)[11] = env->regs[11];
487 (*regs)[12] = env->regs[12];
488 (*regs)[13] = env->regs[13];
489 (*regs)[14] = env->regs[14];
490 (*regs)[15] = env->regs[15];
491 (*regs)[16] = env->regs[16];
492 (*regs)[17] = env->regs[17];
493 (*regs)[18] = env->regs[18];
494 (*regs)[19] = env->regs[19];
495 (*regs)[20] = env->regs[20];
496 (*regs)[21] = env->regs[21];
497 (*regs)[22] = env->regs[22];
498 (*regs)[23] = env->regs[23];
499 (*regs)[24] = env->regs[24];
500 (*regs)[25] = env->regs[25];
501 (*regs)[26] = env->regs[26];
502 (*regs)[27] = env->regs[27];
503 (*regs)[28] = env->regs[28];
504 (*regs)[29] = env->regs[29];
505 (*regs)[30] = env->regs[30];
506 (*regs)[31] = env->regs[31];
507
05390248 508 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env);
d2fbca94
GX		 509 (*regs)[33] = env->regs[0]; /* XXX */
510}
511
512#define USE_ELF_CORE_DUMP
513#define ELF_EXEC_PAGESIZE 4096
514
515#define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64)
516
517#endif
518
853d6f7a 519#ifdef TARGET_SPARC
a315a145 520#ifdef TARGET_SPARC64
853d6f7a
FB		 521
522#define ELF_START_MMAP 0x80000000
cf973e46
AT		 523#define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \
524 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9)
992f48a0 525#ifndef TARGET_ABI32
cb33da57 526#define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS )
992f48a0
BS		 527#else
528#define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC )
529#endif
853d6f7a 530
a315a145 531#define ELF_CLASS ELFCLASS64
5ef54116
FB		 532#define ELF_ARCH EM_SPARCV9
533
d97ef72e 534#define STACK_BIAS 2047
a315a145 535
d97ef72e
RH		 536static inline void init_thread(struct target_pt_regs *regs,
537 struct image_info *infop)
a315a145 538{
992f48a0 539#ifndef TARGET_ABI32
a315a145 540 regs->tstate = 0;
992f48a0 541#endif
a315a145
FB		 542 regs->pc = infop->entry;
543 regs->npc = regs->pc + 4;
544 regs->y = 0;
992f48a0
BS		 545#ifdef TARGET_ABI32
546 regs->u_regs[14] = infop->start_stack - 16 * 4;
547#else
cb33da57
BS		 548 if (personality(infop->personality) == PER_LINUX32)
549 regs->u_regs[14] = infop->start_stack - 16 * 4;
550 else
551 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
992f48a0 552#endif
a315a145
FB		 553}
554
555#else
556#define ELF_START_MMAP 0x80000000
cf973e46
AT		 557#define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \
558 | HWCAP_SPARC_MULDIV)
a315a145
FB		 559#define elf_check_arch(x) ( (x) == EM_SPARC )
560
853d6f7a 561#define ELF_CLASS ELFCLASS32
853d6f7a
FB		 562#define ELF_ARCH EM_SPARC
563
d97ef72e
RH		 564static inline void init_thread(struct target_pt_regs *regs,
565 struct image_info *infop)
853d6f7a 566{
f5155289
FB		 567 regs->psr = 0;
568 regs->pc = infop->entry;
569 regs->npc = regs->pc + 4;
570 regs->y = 0;
571 regs->u_regs[14] = infop->start_stack - 16 * 4;
853d6f7a
FB		 572}
573
a315a145 574#endif
853d6f7a
FB		 575#endif
576
67867308
FB		 577#ifdef TARGET_PPC
578
579#define ELF_START_MMAP 0x80000000
580
e85e7c6e 581#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
84409ddb
JM		 582
583#define elf_check_arch(x) ( (x) == EM_PPC64 )
584
d97ef72e 585#define ELF_CLASS ELFCLASS64
84409ddb
JM		 586
587#else
588
67867308
FB		 589#define elf_check_arch(x) ( (x) == EM_PPC )
590
d97ef72e 591#define ELF_CLASS ELFCLASS32
84409ddb
JM		 592
593#endif
594
d97ef72e 595#define ELF_ARCH EM_PPC
67867308 596
df84e4f3
NF		 597/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
598 See arch/powerpc/include/asm/cputable.h. */
599enum {
3efa9a67 600 QEMU_PPC_FEATURE_32 = 0x80000000,
601 QEMU_PPC_FEATURE_64 = 0x40000000,
602 QEMU_PPC_FEATURE_601_INSTR = 0x20000000,
603 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000,
604 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000,
605 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000,
606 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000,
607 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000,
608 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000,
609 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000,
610 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000,
611 QEMU_PPC_FEATURE_NO_TB = 0x00100000,
612 QEMU_PPC_FEATURE_POWER4 = 0x00080000,
613 QEMU_PPC_FEATURE_POWER5 = 0x00040000,
614 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000,
615 QEMU_PPC_FEATURE_CELL = 0x00010000,
616 QEMU_PPC_FEATURE_BOOKE = 0x00008000,
617 QEMU_PPC_FEATURE_SMT = 0x00004000,
618 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000,
619 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000,
620 QEMU_PPC_FEATURE_PA6T = 0x00000800,
621 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400,
622 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200,
623 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100,
624 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080,
625 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040,
626
627 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002,
628 QEMU_PPC_FEATURE_PPC_LE = 0x00000001,
df84e4f3
NF		 629};
630
631#define ELF_HWCAP get_elf_hwcap()
632
633static uint32_t get_elf_hwcap(void)
634{
a2247f8e 635 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu);
df84e4f3
NF		 636 uint32_t features = 0;
637
638 /* We don't have to be terribly complete here; the high points are
639 Altivec/FP/SPE support. Anything else is just a bonus. */
d97ef72e 640#define GET_FEATURE(flag, feature) \
a2247f8e 641 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0)
3efa9a67 642 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64);
643 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU);
644 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC);
645 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE);
646 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE);
647 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE);
648 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE);
649 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC);
df84e4f3
NF		 650#undef GET_FEATURE
651
652 return features;
653}
654
f5155289
FB		 655/*
656 * The requirements here are:
657 * - keep the final alignment of sp (sp & 0xf)
658 * - make sure the 32-bit value at the first 16 byte aligned position of
659 * AUXV is greater than 16 for glibc compatibility.
660 * AT_IGNOREPPC is used for that.
661 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
662 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
663 */
0bccf03d 664#define DLINFO_ARCH_ITEMS 5
d97ef72e
RH		 665#define ARCH_DLINFO \
666 do { \
667 NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20); \
668 NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20); \
669 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \
670 /* \
671 * Now handle glibc compatibility. \
672 */ \
673 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
674 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \
675 } while (0)
f5155289 676
67867308
FB		 677static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
678{
67867308 679 _regs->gpr[1] = infop->start_stack;
e85e7c6e 680#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
8e78064e
RH		 681 _regs->gpr[2] = ldq_raw(infop->entry + 8) + infop->load_bias;
682 infop->entry = ldq_raw(infop->entry) + infop->load_bias;
84409ddb 683#endif
67867308
FB		 684 _regs->nip = infop->entry;
685}
686
e2f3e741
NF		 687/* See linux kernel: arch/powerpc/include/asm/elf.h. */
688#define ELF_NREG 48
689typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
690
05390248 691static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env)
e2f3e741
NF		 692{
693 int i;
694 target_ulong ccr = 0;
695
696 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) {
86cd7b2d 697 (*regs)[i] = tswapreg(env->gpr[i]);
e2f3e741
NF		 698 }
699
86cd7b2d
PB		 700 (*regs)[32] = tswapreg(env->nip);
701 (*regs)[33] = tswapreg(env->msr);
702 (*regs)[35] = tswapreg(env->ctr);
703 (*regs)[36] = tswapreg(env->lr);
704 (*regs)[37] = tswapreg(env->xer);
e2f3e741
NF		 705
706 for (i = 0; i < ARRAY_SIZE(env->crf); i++) {
707 ccr |= env->crf[i] << (32 - ((i + 1) * 4));
708 }
86cd7b2d 709 (*regs)[38] = tswapreg(ccr);
e2f3e741
NF		 710}
711
712#define USE_ELF_CORE_DUMP
d97ef72e 713#define ELF_EXEC_PAGESIZE 4096
67867308
FB		 714
715#endif
716
048f6b4d
FB		 717#ifdef TARGET_MIPS
718
719#define ELF_START_MMAP 0x80000000
720
721#define elf_check_arch(x) ( (x) == EM_MIPS )
722
388bb21a
TS		 723#ifdef TARGET_MIPS64
724#define ELF_CLASS ELFCLASS64
725#else
048f6b4d 726#define ELF_CLASS ELFCLASS32
388bb21a 727#endif
048f6b4d
FB		 728#define ELF_ARCH EM_MIPS
729
d97ef72e
RH		 730static inline void init_thread(struct target_pt_regs *regs,
731 struct image_info *infop)
048f6b4d 732{
623a930e 733 regs->cp0_status = 2 << CP0St_KSU;
048f6b4d
FB		 734 regs->cp0_epc = infop->entry;
735 regs->regs[29] = infop->start_stack;
736}
737
51e52606
NF		 738/* See linux kernel: arch/mips/include/asm/elf.h. */
739#define ELF_NREG 45
740typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
741
742/* See linux kernel: arch/mips/include/asm/reg.h. */
743enum {
744#ifdef TARGET_MIPS64
745 TARGET_EF_R0 = 0,
746#else
747 TARGET_EF_R0 = 6,
748#endif
749 TARGET_EF_R26 = TARGET_EF_R0 + 26,
750 TARGET_EF_R27 = TARGET_EF_R0 + 27,
751 TARGET_EF_LO = TARGET_EF_R0 + 32,
752 TARGET_EF_HI = TARGET_EF_R0 + 33,
753 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34,
754 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35,
755 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36,
756 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37
757};
758
759/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */
05390248 760static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env)
51e52606
NF		 761{
762 int i;
763
764 for (i = 0; i < TARGET_EF_R0; i++) {
765 (*regs)[i] = 0;
766 }
767 (*regs)[TARGET_EF_R0] = 0;
768
769 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) {
a29f998d 770 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]);
51e52606
NF		 771 }
772
773 (*regs)[TARGET_EF_R26] = 0;
774 (*regs)[TARGET_EF_R27] = 0;
a29f998d
PB		 775 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]);
776 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]);
777 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC);
778 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr);
779 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status);
780 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause);
51e52606
NF		 781}
782
783#define USE_ELF_CORE_DUMP
388bb21a
TS		 784#define ELF_EXEC_PAGESIZE 4096
785
048f6b4d
FB		 786#endif /* TARGET_MIPS */
787
b779e29e
EI		 788#ifdef TARGET_MICROBLAZE
789
790#define ELF_START_MMAP 0x80000000
791
0d5d4699 792#define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD)
b779e29e
EI		 793
794#define ELF_CLASS ELFCLASS32
0d5d4699 795#define ELF_ARCH EM_MICROBLAZE
b779e29e 796
d97ef72e
RH		 797static inline void init_thread(struct target_pt_regs *regs,
798 struct image_info *infop)
b779e29e
EI		 799{
800 regs->pc = infop->entry;
801 regs->r1 = infop->start_stack;
802
803}
804
b779e29e
EI		 805#define ELF_EXEC_PAGESIZE 4096
806
e4cbd44d
EI		 807#define USE_ELF_CORE_DUMP
808#define ELF_NREG 38
809typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
810
811/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */
05390248 812static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env)
e4cbd44d
EI		 813{
814 int i, pos = 0;
815
816 for (i = 0; i < 32; i++) {
86cd7b2d 817 (*regs)[pos++] = tswapreg(env->regs[i]);
e4cbd44d
EI		 818 }
819
820 for (i = 0; i < 6; i++) {
86cd7b2d 821 (*regs)[pos++] = tswapreg(env->sregs[i]);
e4cbd44d
EI		 822 }
823}
824
b779e29e
EI		 825#endif /* TARGET_MICROBLAZE */
826
d962783e
JL		 827#ifdef TARGET_OPENRISC
828
829#define ELF_START_MMAP 0x08000000
830
831#define elf_check_arch(x) ((x) == EM_OPENRISC)
832
833#define ELF_ARCH EM_OPENRISC
834#define ELF_CLASS ELFCLASS32
835#define ELF_DATA ELFDATA2MSB
836
837static inline void init_thread(struct target_pt_regs *regs,
838 struct image_info *infop)
839{
840 regs->pc = infop->entry;
841 regs->gpr[1] = infop->start_stack;
842}
843
844#define USE_ELF_CORE_DUMP
845#define ELF_EXEC_PAGESIZE 8192
846
847/* See linux kernel arch/openrisc/include/asm/elf.h. */
848#define ELF_NREG 34 /* gprs and pc, sr */
849typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
850
851static void elf_core_copy_regs(target_elf_gregset_t *regs,
852 const CPUOpenRISCState *env)
853{
854 int i;
855
856 for (i = 0; i < 32; i++) {
86cd7b2d 857 (*regs)[i] = tswapreg(env->gpr[i]);
d962783e
JL		 858 }
859
86cd7b2d
PB		 860 (*regs)[32] = tswapreg(env->pc);
861 (*regs)[33] = tswapreg(env->sr);
d962783e
JL		 862}
863#define ELF_HWCAP 0
864#define ELF_PLATFORM NULL
865
866#endif /* TARGET_OPENRISC */
867
fdf9b3e8
FB		 868#ifdef TARGET_SH4
869
870#define ELF_START_MMAP 0x80000000
871
872#define elf_check_arch(x) ( (x) == EM_SH )
873
874#define ELF_CLASS ELFCLASS32
fdf9b3e8
FB		 875#define ELF_ARCH EM_SH
876
d97ef72e
RH		 877static inline void init_thread(struct target_pt_regs *regs,
878 struct image_info *infop)
fdf9b3e8 879{
d97ef72e
RH		 880 /* Check other registers XXXXX */
881 regs->pc = infop->entry;
882 regs->regs[15] = infop->start_stack;
fdf9b3e8
FB		 883}
884
7631c97e
NF		 885/* See linux kernel: arch/sh/include/asm/elf.h. */
886#define ELF_NREG 23
887typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
888
889/* See linux kernel: arch/sh/include/asm/ptrace.h. */
890enum {
891 TARGET_REG_PC = 16,
892 TARGET_REG_PR = 17,
893 TARGET_REG_SR = 18,
894 TARGET_REG_GBR = 19,
895 TARGET_REG_MACH = 20,
896 TARGET_REG_MACL = 21,
897 TARGET_REG_SYSCALL = 22
898};
899
d97ef72e 900static inline void elf_core_copy_regs(target_elf_gregset_t *regs,
05390248 901 const CPUSH4State *env)
7631c97e
NF		 902{
903 int i;
904
905 for (i = 0; i < 16; i++) {
86cd7b2d 906 (*regs[i]) = tswapreg(env->gregs[i]);
7631c97e
NF		 907 }
908
86cd7b2d
PB		 909 (*regs)[TARGET_REG_PC] = tswapreg(env->pc);
910 (*regs)[TARGET_REG_PR] = tswapreg(env->pr);
911 (*regs)[TARGET_REG_SR] = tswapreg(env->sr);
912 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr);
913 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach);
914 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl);
7631c97e
NF		 915 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */
916}
917
918#define USE_ELF_CORE_DUMP
fdf9b3e8
FB		 919#define ELF_EXEC_PAGESIZE 4096
920
921#endif
922
48733d19
TS		 923#ifdef TARGET_CRIS
924
925#define ELF_START_MMAP 0x80000000
926
927#define elf_check_arch(x) ( (x) == EM_CRIS )
928
929#define ELF_CLASS ELFCLASS32
48733d19
TS		 930#define ELF_ARCH EM_CRIS
931
d97ef72e
RH		 932static inline void init_thread(struct target_pt_regs *regs,
933 struct image_info *infop)
48733d19 934{
d97ef72e 935 regs->erp = infop->entry;
48733d19
TS		 936}
937
48733d19
TS		 938#define ELF_EXEC_PAGESIZE 8192
939
940#endif
941
e6e5906b
PB		 942#ifdef TARGET_M68K
943
944#define ELF_START_MMAP 0x80000000
945
946#define elf_check_arch(x) ( (x) == EM_68K )
947
d97ef72e 948#define ELF_CLASS ELFCLASS32
d97ef72e 949#define ELF_ARCH EM_68K
e6e5906b
PB		 950
951/* ??? Does this need to do anything?
d97ef72e 952 #define ELF_PLAT_INIT(_r) */
e6e5906b 953
d97ef72e
RH		 954static inline void init_thread(struct target_pt_regs *regs,
955 struct image_info *infop)
e6e5906b
PB		 956{
957 regs->usp = infop->start_stack;
958 regs->sr = 0;
959 regs->pc = infop->entry;
960}
961
7a93cc55
NF		 962/* See linux kernel: arch/m68k/include/asm/elf.h. */
963#define ELF_NREG 20
964typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
965
05390248 966static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env)
7a93cc55 967{
86cd7b2d
PB		 968 (*regs)[0] = tswapreg(env->dregs[1]);
969 (*regs)[1] = tswapreg(env->dregs[2]);
970 (*regs)[2] = tswapreg(env->dregs[3]);
971 (*regs)[3] = tswapreg(env->dregs[4]);
972 (*regs)[4] = tswapreg(env->dregs[5]);
973 (*regs)[5] = tswapreg(env->dregs[6]);
974 (*regs)[6] = tswapreg(env->dregs[7]);
975 (*regs)[7] = tswapreg(env->aregs[0]);
976 (*regs)[8] = tswapreg(env->aregs[1]);
977 (*regs)[9] = tswapreg(env->aregs[2]);
978 (*regs)[10] = tswapreg(env->aregs[3]);
979 (*regs)[11] = tswapreg(env->aregs[4]);
980 (*regs)[12] = tswapreg(env->aregs[5]);
981 (*regs)[13] = tswapreg(env->aregs[6]);
982 (*regs)[14] = tswapreg(env->dregs[0]);
983 (*regs)[15] = tswapreg(env->aregs[7]);
984 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */
985 (*regs)[17] = tswapreg(env->sr);
986 (*regs)[18] = tswapreg(env->pc);
7a93cc55
NF		 987 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */
988}
989
990#define USE_ELF_CORE_DUMP
d97ef72e 991#define ELF_EXEC_PAGESIZE 8192
e6e5906b
PB		 992
993#endif
994
7a3148a9
JM		 995#ifdef TARGET_ALPHA
996
997#define ELF_START_MMAP (0x30000000000ULL)
998
999#define elf_check_arch(x) ( (x) == ELF_ARCH )
1000
1001#define ELF_CLASS ELFCLASS64
7a3148a9
JM		 1002#define ELF_ARCH EM_ALPHA
1003
d97ef72e
RH		 1004static inline void init_thread(struct target_pt_regs *regs,
1005 struct image_info *infop)
7a3148a9
JM		 1006{
1007 regs->pc = infop->entry;
1008 regs->ps = 8;
1009 regs->usp = infop->start_stack;
7a3148a9
JM		 1010}
1011
7a3148a9
JM		 1012#define ELF_EXEC_PAGESIZE 8192
1013
1014#endif /* TARGET_ALPHA */
1015
a4c075f1
UH		 1016#ifdef TARGET_S390X
1017
1018#define ELF_START_MMAP (0x20000000000ULL)
1019
1020#define elf_check_arch(x) ( (x) == ELF_ARCH )
1021
1022#define ELF_CLASS ELFCLASS64
1023#define ELF_DATA ELFDATA2MSB
1024#define ELF_ARCH EM_S390
1025
1026static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
1027{
1028 regs->psw.addr = infop->entry;
1029 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32;
1030 regs->gprs[15] = infop->start_stack;
1031}
1032
1033#endif /* TARGET_S390X */
1034
15338fd7
FB		 1035#ifndef ELF_PLATFORM
1036#define ELF_PLATFORM (NULL)
1037#endif
1038
1039#ifndef ELF_HWCAP
1040#define ELF_HWCAP 0
1041#endif
1042
992f48a0 1043#ifdef TARGET_ABI32
cb33da57 1044#undef ELF_CLASS
992f48a0 1045#define ELF_CLASS ELFCLASS32
cb33da57
BS		 1046#undef bswaptls
1047#define bswaptls(ptr) bswap32s(ptr)
1048#endif
1049
31e31b8a 1050#include "elf.h"
09bfb054 1051
09bfb054
FB		 1052struct exec
1053{
d97ef72e
RH		 1054 unsigned int a_info; /* Use macros N_MAGIC, etc for access */
1055 unsigned int a_text; /* length of text, in bytes */
1056 unsigned int a_data; /* length of data, in bytes */
1057 unsigned int a_bss; /* length of uninitialized data area, in bytes */
1058 unsigned int a_syms; /* length of symbol table data in file, in bytes */
1059 unsigned int a_entry; /* start address */
1060 unsigned int a_trsize; /* length of relocation info for text, in bytes */
1061 unsigned int a_drsize; /* length of relocation info for data, in bytes */
09bfb054
FB		 1062};
1063
1064
1065#define N_MAGIC(exec) ((exec).a_info & 0xffff)
1066#define OMAGIC 0407
1067#define NMAGIC 0410
1068#define ZMAGIC 0413
1069#define QMAGIC 0314
1070
31e31b8a 1071/* Necessary parameters */
54936004
FB		 1072#define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE
1073#define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1))
1074#define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1))
31e31b8a 1075
14322bad 1076#define DLINFO_ITEMS 13
31e31b8a 1077
09bfb054
FB		 1078static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
1079{
d97ef72e 1080 memcpy(to, from, n);
09bfb054 1081}
d691f669 1082
31e31b8a 1083#ifdef BSWAP_NEEDED
92a31b1f 1084static void bswap_ehdr(struct elfhdr *ehdr)
31e31b8a 1085{
d97ef72e
RH		 1086 bswap16s(&ehdr->e_type); /* Object file type */
1087 bswap16s(&ehdr->e_machine); /* Architecture */
1088 bswap32s(&ehdr->e_version); /* Object file version */
1089 bswaptls(&ehdr->e_entry); /* Entry point virtual address */
1090 bswaptls(&ehdr->e_phoff); /* Program header table file offset */
1091 bswaptls(&ehdr->e_shoff); /* Section header table file offset */
1092 bswap32s(&ehdr->e_flags); /* Processor-specific flags */
1093 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */
1094 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */
1095 bswap16s(&ehdr->e_phnum); /* Program header table entry count */
1096 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */
1097 bswap16s(&ehdr->e_shnum); /* Section header table entry count */
1098 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */
31e31b8a
FB		 1099}
1100
991f8f0c 1101static void bswap_phdr(struct elf_phdr *phdr, int phnum)
31e31b8a 1102{
991f8f0c
RH		 1103 int i;
1104 for (i = 0; i < phnum; ++i, ++phdr) {
1105 bswap32s(&phdr->p_type); /* Segment type */
1106 bswap32s(&phdr->p_flags); /* Segment flags */
1107 bswaptls(&phdr->p_offset); /* Segment file offset */
1108 bswaptls(&phdr->p_vaddr); /* Segment virtual address */
1109 bswaptls(&phdr->p_paddr); /* Segment physical address */
1110 bswaptls(&phdr->p_filesz); /* Segment size in file */
1111 bswaptls(&phdr->p_memsz); /* Segment size in memory */
1112 bswaptls(&phdr->p_align); /* Segment alignment */
1113 }
31e31b8a 1114}
689f936f 1115
991f8f0c 1116static void bswap_shdr(struct elf_shdr *shdr, int shnum)
689f936f 1117{
991f8f0c
RH		 1118 int i;
1119 for (i = 0; i < shnum; ++i, ++shdr) {
1120 bswap32s(&shdr->sh_name);
1121 bswap32s(&shdr->sh_type);
1122 bswaptls(&shdr->sh_flags);
1123 bswaptls(&shdr->sh_addr);
1124 bswaptls(&shdr->sh_offset);
1125 bswaptls(&shdr->sh_size);
1126 bswap32s(&shdr->sh_link);
1127 bswap32s(&shdr->sh_info);
1128 bswaptls(&shdr->sh_addralign);
1129 bswaptls(&shdr->sh_entsize);
1130 }
689f936f
FB		 1131}
1132
7a3148a9 1133static void bswap_sym(struct elf_sym *sym)
689f936f
FB		 1134{
1135 bswap32s(&sym->st_name);
7a3148a9
JM		 1136 bswaptls(&sym->st_value);
1137 bswaptls(&sym->st_size);
689f936f
FB		 1138 bswap16s(&sym->st_shndx);
1139}
991f8f0c
RH		 1140#else
1141static inline void bswap_ehdr(struct elfhdr *ehdr) { }
1142static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { }
1143static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { }
1144static inline void bswap_sym(struct elf_sym *sym) { }
31e31b8a
FB		 1145#endif
1146
edf8e2af 1147#ifdef USE_ELF_CORE_DUMP
9349b4f9 1148static int elf_core_dump(int, const CPUArchState *);
edf8e2af 1149#endif /* USE_ELF_CORE_DUMP */
682674b8 1150static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias);
edf8e2af 1151
9058abdd
RH		 1152/* Verify the portions of EHDR within E_IDENT for the target.
1153 This can be performed before bswapping the entire header. */
1154static bool elf_check_ident(struct elfhdr *ehdr)
1155{
1156 return (ehdr->e_ident[EI_MAG0] == ELFMAG0
1157 && ehdr->e_ident[EI_MAG1] == ELFMAG1
1158 && ehdr->e_ident[EI_MAG2] == ELFMAG2
1159 && ehdr->e_ident[EI_MAG3] == ELFMAG3
1160 && ehdr->e_ident[EI_CLASS] == ELF_CLASS
1161 && ehdr->e_ident[EI_DATA] == ELF_DATA
1162 && ehdr->e_ident[EI_VERSION] == EV_CURRENT);
1163}
1164
1165/* Verify the portions of EHDR outside of E_IDENT for the target.
1166 This has to wait until after bswapping the header. */
1167static bool elf_check_ehdr(struct elfhdr *ehdr)
1168{
1169 return (elf_check_arch(ehdr->e_machine)
1170 && ehdr->e_ehsize == sizeof(struct elfhdr)
1171 && ehdr->e_phentsize == sizeof(struct elf_phdr)
1172 && ehdr->e_shentsize == sizeof(struct elf_shdr)
1173 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN));
1174}
1175
31e31b8a 1176/*
e5fe0c52 1177 * 'copy_elf_strings()' copies argument/envelope strings from user
31e31b8a
FB		 1178 * memory to free pages in kernel mem. These are in a format ready
1179 * to be put directly into the top of new user memory.
1180 *
1181 */
992f48a0
BS		 1182static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
1183 abi_ulong p)
31e31b8a
FB		 1184{
1185 char *tmp, *tmp1, *pag = NULL;
1186 int len, offset = 0;
1187
1188 if (!p) {
d97ef72e 1189 return 0; /* bullet-proofing */
31e31b8a
FB		 1190 }
1191 while (argc-- > 0) {
edf779ff
FB		 1192 tmp = argv[argc];
1193 if (!tmp) {
d97ef72e
RH		 1194 fprintf(stderr, "VFS: argc is wrong");
1195 exit(-1);
1196 }
edf779ff 1197 tmp1 = tmp;
d97ef72e
RH		 1198 while (*tmp++);
1199 len = tmp - tmp1;
1200 if (p < len) { /* this shouldn't happen - 128kB */
1201 return 0;
1202 }
1203 while (len) {
1204 --p; --tmp; --len;
1205 if (--offset < 0) {
1206 offset = p % TARGET_PAGE_SIZE;
53a5960a 1207 pag = (char *)page[p/TARGET_PAGE_SIZE];
44a91cae 1208 if (!pag) {
7dd47667 1209 pag = g_try_malloc0(TARGET_PAGE_SIZE);
53a5960a 1210 page[p/TARGET_PAGE_SIZE] = pag;
44a91cae
FB		 1211 if (!pag)
1212 return 0;
d97ef72e
RH		 1213 }
1214 }
1215 if (len == 0 || offset == 0) {
1216 *(pag + offset) = *tmp;
1217 }
1218 else {
1219 int bytes_to_copy = (len > offset) ? offset : len;
1220 tmp -= bytes_to_copy;
1221 p -= bytes_to_copy;
1222 offset -= bytes_to_copy;
1223 len -= bytes_to_copy;
1224 memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
1225 }
1226 }
31e31b8a
FB		 1227 }
1228 return p;
1229}
1230
992f48a0
BS		 1231static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
1232 struct image_info *info)
53a5960a 1233{
60dcbcb5 1234 abi_ulong stack_base, size, error, guard;
31e31b8a 1235 int i;
31e31b8a 1236
09bfb054 1237 /* Create enough stack to hold everything. If we don't use
60dcbcb5 1238 it for args, we'll use it for something else. */
703e0e89 1239 size = guest_stack_size;
60dcbcb5 1240 if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE) {
54936004 1241 size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
60dcbcb5
RH		 1242 }
1243 guard = TARGET_PAGE_SIZE;
1244 if (guard < qemu_real_host_page_size) {
1245 guard = qemu_real_host_page_size;
1246 }
1247
1248 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE,
1249 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
09bfb054 1250 if (error == -1) {
60dcbcb5 1251 perror("mmap stack");
09bfb054
FB		 1252 exit(-1);
1253 }
31e31b8a 1254
60dcbcb5
RH		 1255 /* We reserve one extra page at the top of the stack as guard. */
1256 target_mprotect(error, guard, PROT_NONE);
1257
1258 info->stack_limit = error + guard;
1259 stack_base = info->stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
31e31b8a 1260 p += stack_base;
09bfb054 1261
31e31b8a 1262 for (i = 0 ; i < MAX_ARG_PAGES ; i++) {
d97ef72e
RH		 1263 if (bprm->page[i]) {
1264 info->rss++;
579a97f7 1265 /* FIXME - check return value of memcpy_to_target() for failure */
d97ef72e 1266 memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE);
7dd47667 1267 g_free(bprm->page[i]);
d97ef72e 1268 }
53a5960a 1269 stack_base += TARGET_PAGE_SIZE;
31e31b8a
FB		 1270 }
1271 return p;
1272}
1273
cf129f3a
RH		 1274/* Map and zero the bss. We need to explicitly zero any fractional pages
1275 after the data section (i.e. bss). */
1276static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot)
31e31b8a 1277{
cf129f3a
RH		 1278 uintptr_t host_start, host_map_start, host_end;
1279
1280 last_bss = TARGET_PAGE_ALIGN(last_bss);
1281
1282 /* ??? There is confusion between qemu_real_host_page_size and
1283 qemu_host_page_size here and elsewhere in target_mmap, which
1284 may lead to the end of the data section mapping from the file
1285 not being mapped. At least there was an explicit test and
1286 comment for that here, suggesting that "the file size must
1287 be known". The comment probably pre-dates the introduction
1288 of the fstat system call in target_mmap which does in fact
1289 find out the size. What isn't clear is if the workaround
1290 here is still actually needed. For now, continue with it,
1291 but merge it with the "normal" mmap that would allocate the bss. */
1292
1293 host_start = (uintptr_t) g2h(elf_bss);
1294 host_end = (uintptr_t) g2h(last_bss);
1295 host_map_start = (host_start + qemu_real_host_page_size - 1);
1296 host_map_start &= -qemu_real_host_page_size;
1297
1298 if (host_map_start < host_end) {
1299 void *p = mmap((void *)host_map_start, host_end - host_map_start,
1300 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
1301 if (p == MAP_FAILED) {
1302 perror("cannot mmap brk");
1303 exit(-1);
853d6f7a
FB		 1304 }
1305
cf129f3a
RH		 1306 /* Since we didn't use target_mmap, make sure to record
1307 the validity of the pages with qemu. */
1308 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot|PAGE_VALID);
1309 }
31e31b8a 1310
cf129f3a
RH		 1311 if (host_start < host_map_start) {
1312 memset((void *)host_start, 0, host_map_start - host_start);
1313 }
1314}
53a5960a 1315
1af02e83
MF		 1316#ifdef CONFIG_USE_FDPIC
1317static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp)
1318{
1319 uint16_t n;
1320 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs;
1321
1322 /* elf32_fdpic_loadseg */
1323 n = info->nsegs;
1324 while (n--) {
1325 sp -= 12;
1326 put_user_u32(loadsegs[n].addr, sp+0);
1327 put_user_u32(loadsegs[n].p_vaddr, sp+4);
1328 put_user_u32(loadsegs[n].p_memsz, sp+8);
1329 }
1330
1331 /* elf32_fdpic_loadmap */
1332 sp -= 4;
1333 put_user_u16(0, sp+0); /* version */
1334 put_user_u16(info->nsegs, sp+2); /* nsegs */
1335
1336 info->personality = PER_LINUX_FDPIC;
1337 info->loadmap_addr = sp;
1338
1339 return sp;
1340}
1341#endif
1342
992f48a0 1343static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
8e62a717
RH		 1344 struct elfhdr *exec,
1345 struct image_info *info,
1346 struct image_info *interp_info)
31e31b8a 1347{
d97ef72e 1348 abi_ulong sp;
125b0f55 1349 abi_ulong sp_auxv;
d97ef72e 1350 int size;
14322bad
LA		 1351 int i;
1352 abi_ulong u_rand_bytes;
1353 uint8_t k_rand_bytes[16];
d97ef72e
RH		 1354 abi_ulong u_platform;
1355 const char *k_platform;
1356 const int n = sizeof(elf_addr_t);
1357
1358 sp = p;
1af02e83
MF		 1359
1360#ifdef CONFIG_USE_FDPIC
1361 /* Needs to be before we load the env/argc/... */
1362 if (elf_is_fdpic(exec)) {
1363 /* Need 4 byte alignment for these structs */
1364 sp &= ~3;
1365 sp = loader_build_fdpic_loadmap(info, sp);
1366 info->other_info = interp_info;
1367 if (interp_info) {
1368 interp_info->other_info = info;
1369 sp = loader_build_fdpic_loadmap(interp_info, sp);
1370 }
1371 }
1372#endif
1373
d97ef72e
RH		 1374 u_platform = 0;
1375 k_platform = ELF_PLATFORM;
1376 if (k_platform) {
1377 size_t len = strlen(k_platform) + 1;
1378 sp -= (len + n - 1) & ~(n - 1);
1379 u_platform = sp;
1380 /* FIXME - check return value of memcpy_to_target() for failure */
1381 memcpy_to_target(sp, k_platform, len);
1382 }
14322bad
LA		 1383
1384 /*
1385 * Generate 16 random bytes for userspace PRNG seeding (not
1386 * cryptically secure but it's not the aim of QEMU).
1387 */
1388 srand((unsigned int) time(NULL));
1389 for (i = 0; i < 16; i++) {
1390 k_rand_bytes[i] = rand();
1391 }
1392 sp -= 16;
1393 u_rand_bytes = sp;
1394 /* FIXME - check return value of memcpy_to_target() for failure */
1395 memcpy_to_target(sp, k_rand_bytes, 16);
1396
d97ef72e
RH		 1397 /*
1398 * Force 16 byte _final_ alignment here for generality.
1399 */
1400 sp = sp &~ (abi_ulong)15;
1401 size = (DLINFO_ITEMS + 1) * 2;
1402 if (k_platform)
1403 size += 2;
f5155289 1404#ifdef DLINFO_ARCH_ITEMS
d97ef72e 1405 size += DLINFO_ARCH_ITEMS * 2;
f5155289 1406#endif
d97ef72e 1407 size += envc + argc + 2;
b9329d4b 1408 size += 1; /* argc itself */
d97ef72e
RH		 1409 size *= n;
1410 if (size & 15)
1411 sp -= 16 - (size & 15);
1412
1413 /* This is correct because Linux defines
1414 * elf_addr_t as Elf32_Off / Elf64_Off
1415 */
1416#define NEW_AUX_ENT(id, val) do { \
1417 sp -= n; put_user_ual(val, sp); \
1418 sp -= n; put_user_ual(id, sp); \
1419 } while(0)
1420
125b0f55 1421 sp_auxv = sp;
d97ef72e
RH		 1422 NEW_AUX_ENT (AT_NULL, 0);
1423
1424 /* There must be exactly DLINFO_ITEMS entries here. */
8e62a717 1425 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff));
d97ef72e
RH		 1426 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr)));
1427 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum));
1428 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE));
8e62a717 1429 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0));
d97ef72e 1430 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0);
8e62a717 1431 NEW_AUX_ENT(AT_ENTRY, info->entry);
d97ef72e
RH		 1432 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid());
1433 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid());
1434 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid());
1435 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid());
1436 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP);
1437 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK));
14322bad
LA		 1438 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes);
1439
d97ef72e
RH		 1440 if (k_platform)
1441 NEW_AUX_ENT(AT_PLATFORM, u_platform);
f5155289 1442#ifdef ARCH_DLINFO
d97ef72e
RH		 1443 /*
1444 * ARCH_DLINFO must come last so platform specific code can enforce
1445 * special alignment requirements on the AUXV if necessary (eg. PPC).
1446 */
1447 ARCH_DLINFO;
f5155289
FB		 1448#endif
1449#undef NEW_AUX_ENT
1450
d97ef72e 1451 info->saved_auxv = sp;
125b0f55 1452 info->auxv_len = sp_auxv - sp;
edf8e2af 1453
b9329d4b 1454 sp = loader_build_argptr(envc, argc, sp, p, 0);
d97ef72e 1455 return sp;
31e31b8a
FB		 1456}
1457
806d1021 1458#ifndef TARGET_HAS_VALIDATE_GUEST_SPACE
97cc7560 1459/* If the guest doesn't have a validation function just agree */
806d1021
MI		 1460static int validate_guest_space(unsigned long guest_base,
1461 unsigned long guest_size)
97cc7560
DDAG		 1462{
1463 return 1;
1464}
1465#endif
1466
dce10401
MI		 1467unsigned long init_guest_space(unsigned long host_start,
1468 unsigned long host_size,
1469 unsigned long guest_start,
1470 bool fixed)
1471{
1472 unsigned long current_start, real_start;
1473 int flags;
1474
1475 assert(host_start || host_size);
1476
1477 /* If just a starting address is given, then just verify that
1478 * address. */
1479 if (host_start && !host_size) {
806d1021 1480 if (validate_guest_space(host_start, host_size) == 1) {
dce10401
MI		 1481 return host_start;
1482 } else {
1483 return (unsigned long)-1;
1484 }
1485 }
1486
1487 /* Setup the initial flags and start address. */
1488 current_start = host_start & qemu_host_page_mask;
1489 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE;
1490 if (fixed) {
1491 flags |= MAP_FIXED;
1492 }
1493
1494 /* Otherwise, a non-zero size region of memory needs to be mapped
1495 * and validated. */
1496 while (1) {
806d1021
MI		 1497 unsigned long real_size = host_size;
1498
dce10401
MI		 1499 /* Do not use mmap_find_vma here because that is limited to the
1500 * guest address space. We are going to make the
1501 * guest address space fit whatever we're given.
1502 */
1503 real_start = (unsigned long)
1504 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0);
1505 if (real_start == (unsigned long)-1) {
1506 return (unsigned long)-1;
1507 }
1508
806d1021
MI		 1509 /* Ensure the address is properly aligned. */
1510 if (real_start & ~qemu_host_page_mask) {
1511 munmap((void *)real_start, host_size);
1512 real_size = host_size + qemu_host_page_size;
1513 real_start = (unsigned long)
1514 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0);
1515 if (real_start == (unsigned long)-1) {
1516 return (unsigned long)-1;
1517 }
1518 real_start = HOST_PAGE_ALIGN(real_start);
1519 }
1520
1521 /* Check to see if the address is valid. */
1522 if (!host_start || real_start == current_start) {
1523 int valid = validate_guest_space(real_start - guest_start,
1524 real_size);
1525 if (valid == 1) {
1526 break;
1527 } else if (valid == -1) {
1528 return (unsigned long)-1;
1529 }
1530 /* valid == 0, so try again. */
dce10401
MI		 1531 }
1532
1533 /* That address didn't work. Unmap and try a different one.
1534 * The address the host picked because is typically right at
1535 * the top of the host address space and leaves the guest with
1536 * no usable address space. Resort to a linear search. We
1537 * already compensated for mmap_min_addr, so this should not
1538 * happen often. Probably means we got unlucky and host
1539 * address space randomization put a shared library somewhere
1540 * inconvenient.
1541 */
1542 munmap((void *)real_start, host_size);
1543 current_start += qemu_host_page_size;
1544 if (host_start == current_start) {
1545 /* Theoretically possible if host doesn't have any suitably
1546 * aligned areas. Normally the first mmap will fail.
1547 */
1548 return (unsigned long)-1;
1549 }
1550 }
1551
806d1021
MI		 1552 qemu_log("Reserved 0x%lx bytes of guest address space\n", host_size);
1553
dce10401
MI		 1554 return real_start;
1555}
1556
f3ed1f5d
PM		 1557static void probe_guest_base(const char *image_name,
1558 abi_ulong loaddr, abi_ulong hiaddr)
1559{
1560 /* Probe for a suitable guest base address, if the user has not set
1561 * it explicitly, and set guest_base appropriately.
1562 * In case of error we will print a suitable message and exit.
1563 */
1564#if defined(CONFIG_USE_GUEST_BASE)
1565 const char *errmsg;
1566 if (!have_guest_base && !reserved_va) {
1567 unsigned long host_start, real_start, host_size;
1568
1569 /* Round addresses to page boundaries. */
1570 loaddr &= qemu_host_page_mask;
1571 hiaddr = HOST_PAGE_ALIGN(hiaddr);
1572
1573 if (loaddr < mmap_min_addr) {
1574 host_start = HOST_PAGE_ALIGN(mmap_min_addr);
1575 } else {
1576 host_start = loaddr;
1577 if (host_start != loaddr) {
1578 errmsg = "Address overflow loading ELF binary";
1579 goto exit_errmsg;
1580 }
1581 }
1582 host_size = hiaddr - loaddr;
dce10401
MI		 1583
1584 /* Setup the initial guest memory space with ranges gleaned from
1585 * the ELF image that is being loaded.
1586 */
1587 real_start = init_guest_space(host_start, host_size, loaddr, false);
1588 if (real_start == (unsigned long)-1) {
1589 errmsg = "Unable to find space for application";
1590 goto exit_errmsg;
f3ed1f5d 1591 }
dce10401
MI		 1592 guest_base = real_start - loaddr;
1593
f3ed1f5d
PM		 1594 qemu_log("Relocating guest address space from 0x"
1595 TARGET_ABI_FMT_lx " to 0x%lx\n",
1596 loaddr, real_start);
f3ed1f5d
PM		 1597 }
1598 return;
1599
f3ed1f5d
PM		 1600exit_errmsg:
1601 fprintf(stderr, "%s: %s\n", image_name, errmsg);
1602 exit(-1);
1603#endif
1604}
1605
1606
8e62a717 1607/* Load an ELF image into the address space.
31e31b8a 1608
8e62a717
RH		 1609 IMAGE_NAME is the filename of the image, to use in error messages.
1610 IMAGE_FD is the open file descriptor for the image.
1611
1612 BPRM_BUF is a copy of the beginning of the file; this of course
1613 contains the elf file header at offset 0. It is assumed that this
1614 buffer is sufficiently aligned to present no problems to the host
1615 in accessing data at aligned offsets within the buffer.
1616
1617 On return: INFO values will be filled in, as necessary or available. */
1618
1619static void load_elf_image(const char *image_name, int image_fd,
bf858897 1620 struct image_info *info, char **pinterp_name,
8e62a717 1621 char bprm_buf[BPRM_BUF_SIZE])
31e31b8a 1622{
8e62a717
RH		 1623 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf;
1624 struct elf_phdr *phdr;
1625 abi_ulong load_addr, load_bias, loaddr, hiaddr, error;
1626 int i, retval;
1627 const char *errmsg;
5fafdf24 1628
8e62a717
RH		 1629 /* First of all, some simple consistency checks */
1630 errmsg = "Invalid ELF image for this architecture";
1631 if (!elf_check_ident(ehdr)) {
1632 goto exit_errmsg;
1633 }
1634 bswap_ehdr(ehdr);
1635 if (!elf_check_ehdr(ehdr)) {
1636 goto exit_errmsg;
d97ef72e 1637 }
5fafdf24 1638
8e62a717
RH		 1639 i = ehdr->e_phnum * sizeof(struct elf_phdr);
1640 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) {
1641 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff);
9955ffac 1642 } else {
8e62a717
RH		 1643 phdr = (struct elf_phdr *) alloca(i);
1644 retval = pread(image_fd, phdr, i, ehdr->e_phoff);
9955ffac 1645 if (retval != i) {
8e62a717 1646 goto exit_read;
9955ffac 1647 }
d97ef72e 1648 }
8e62a717 1649 bswap_phdr(phdr, ehdr->e_phnum);
09bfb054 1650
1af02e83
MF		 1651#ifdef CONFIG_USE_FDPIC
1652 info->nsegs = 0;
1653 info->pt_dynamic_addr = 0;
1654#endif
1655
682674b8
RH		 1656 /* Find the maximum size of the image and allocate an appropriate
1657 amount of memory to handle that. */
1658 loaddr = -1, hiaddr = 0;
8e62a717
RH		 1659 for (i = 0; i < ehdr->e_phnum; ++i) {
1660 if (phdr[i].p_type == PT_LOAD) {
1661 abi_ulong a = phdr[i].p_vaddr;
682674b8
RH		 1662 if (a < loaddr) {
1663 loaddr = a;
1664 }
8e62a717 1665 a += phdr[i].p_memsz;
682674b8
RH		 1666 if (a > hiaddr) {
1667 hiaddr = a;
1668 }
1af02e83
MF		 1669#ifdef CONFIG_USE_FDPIC
1670 ++info->nsegs;
1671#endif
682674b8
RH		 1672 }
1673 }
1674
1675 load_addr = loaddr;
8e62a717 1676 if (ehdr->e_type == ET_DYN) {
682674b8
RH		 1677 /* The image indicates that it can be loaded anywhere. Find a
1678 location that can hold the memory space required. If the
1679 image is pre-linked, LOADDR will be non-zero. Since we do
1680 not supply MAP_FIXED here we'll use that address if and
1681 only if it remains available. */
1682 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE,
1683 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE,
1684 -1, 0);
1685 if (load_addr == -1) {
8e62a717 1686 goto exit_perror;
d97ef72e 1687 }
bf858897
RH		 1688 } else if (pinterp_name != NULL) {
1689 /* This is the main executable. Make sure that the low
1690 address does not conflict with MMAP_MIN_ADDR or the
1691 QEMU application itself. */
f3ed1f5d 1692 probe_guest_base(image_name, loaddr, hiaddr);
d97ef72e 1693 }
682674b8 1694 load_bias = load_addr - loaddr;
d97ef72e 1695
1af02e83
MF		 1696#ifdef CONFIG_USE_FDPIC
1697 {
1698 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs =
7267c094 1699 g_malloc(sizeof(*loadsegs) * info->nsegs);
1af02e83
MF		 1700
1701 for (i = 0; i < ehdr->e_phnum; ++i) {
1702 switch (phdr[i].p_type) {
1703 case PT_DYNAMIC:
1704 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias;
1705 break;
1706 case PT_LOAD:
1707 loadsegs->addr = phdr[i].p_vaddr + load_bias;
1708 loadsegs->p_vaddr = phdr[i].p_vaddr;
1709 loadsegs->p_memsz = phdr[i].p_memsz;
1710 ++loadsegs;
1711 break;
1712 }
1713 }
1714 }
1715#endif
1716
8e62a717
RH		 1717 info->load_bias = load_bias;
1718 info->load_addr = load_addr;
1719 info->entry = ehdr->e_entry + load_bias;
1720 info->start_code = -1;
1721 info->end_code = 0;
1722 info->start_data = -1;
1723 info->end_data = 0;
1724 info->brk = 0;
d8fd2954 1725 info->elf_flags = ehdr->e_flags;
8e62a717
RH		 1726
1727 for (i = 0; i < ehdr->e_phnum; i++) {
1728 struct elf_phdr *eppnt = phdr + i;
d97ef72e 1729 if (eppnt->p_type == PT_LOAD) {
682674b8 1730 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em;
d97ef72e 1731 int elf_prot = 0;
d97ef72e
RH		 1732
1733 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ;
1734 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1735 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
d97ef72e 1736
682674b8
RH		 1737 vaddr = load_bias + eppnt->p_vaddr;
1738 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr);
1739 vaddr_ps = TARGET_ELF_PAGESTART(vaddr);
1740
1741 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po,
1742 elf_prot, MAP_PRIVATE | MAP_FIXED,
8e62a717 1743 image_fd, eppnt->p_offset - vaddr_po);
09bfb054 1744 if (error == -1) {
8e62a717 1745 goto exit_perror;
09bfb054 1746 }
09bfb054 1747
682674b8
RH		 1748 vaddr_ef = vaddr + eppnt->p_filesz;
1749 vaddr_em = vaddr + eppnt->p_memsz;
31e31b8a 1750
cf129f3a 1751 /* If the load segment requests extra zeros (e.g. bss), map it. */
682674b8
RH		 1752 if (vaddr_ef < vaddr_em) {
1753 zero_bss(vaddr_ef, vaddr_em, elf_prot);
cf129f3a 1754 }
8e62a717
RH		 1755
1756 /* Find the full program boundaries. */
1757 if (elf_prot & PROT_EXEC) {
1758 if (vaddr < info->start_code) {
1759 info->start_code = vaddr;
1760 }
1761 if (vaddr_ef > info->end_code) {
1762 info->end_code = vaddr_ef;
1763 }
1764 }
1765 if (elf_prot & PROT_WRITE) {
1766 if (vaddr < info->start_data) {
1767 info->start_data = vaddr;
1768 }
1769 if (vaddr_ef > info->end_data) {
1770 info->end_data = vaddr_ef;
1771 }
1772 if (vaddr_em > info->brk) {
1773 info->brk = vaddr_em;
1774 }
1775 }
bf858897
RH		 1776 } else if (eppnt->p_type == PT_INTERP && pinterp_name) {
1777 char *interp_name;
1778
1779 if (*pinterp_name) {
1780 errmsg = "Multiple PT_INTERP entries";
1781 goto exit_errmsg;
1782 }
1783 interp_name = malloc(eppnt->p_filesz);
1784 if (!interp_name) {
1785 goto exit_perror;
1786 }
1787
1788 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
1789 memcpy(interp_name, bprm_buf + eppnt->p_offset,
1790 eppnt->p_filesz);
1791 } else {
1792 retval = pread(image_fd, interp_name, eppnt->p_filesz,
1793 eppnt->p_offset);
1794 if (retval != eppnt->p_filesz) {
1795 goto exit_perror;
1796 }
1797 }
1798 if (interp_name[eppnt->p_filesz - 1] != 0) {
1799 errmsg = "Invalid PT_INTERP entry";
1800 goto exit_errmsg;
1801 }
1802 *pinterp_name = interp_name;
d97ef72e 1803 }
682674b8 1804 }
5fafdf24 1805
8e62a717
RH		 1806 if (info->end_data == 0) {
1807 info->start_data = info->end_code;
1808 info->end_data = info->end_code;
1809 info->brk = info->end_code;
1810 }
1811
682674b8 1812 if (qemu_log_enabled()) {
8e62a717 1813 load_symbols(ehdr, image_fd, load_bias);
682674b8 1814 }
31e31b8a 1815
8e62a717
RH		 1816 close(image_fd);
1817 return;
1818
1819 exit_read:
1820 if (retval >= 0) {
1821 errmsg = "Incomplete read of file header";
1822 goto exit_errmsg;
1823 }
1824 exit_perror:
1825 errmsg = strerror(errno);
1826 exit_errmsg:
1827 fprintf(stderr, "%s: %s\n", image_name, errmsg);
1828 exit(-1);
1829}
1830
1831static void load_elf_interp(const char *filename, struct image_info *info,
1832 char bprm_buf[BPRM_BUF_SIZE])
1833{
1834 int fd, retval;
1835
1836 fd = open(path(filename), O_RDONLY);
1837 if (fd < 0) {
1838 goto exit_perror;
1839 }
31e31b8a 1840
8e62a717
RH		 1841 retval = read(fd, bprm_buf, BPRM_BUF_SIZE);
1842 if (retval < 0) {
1843 goto exit_perror;
1844 }
1845 if (retval < BPRM_BUF_SIZE) {
1846 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval);
1847 }
1848
bf858897 1849 load_elf_image(filename, fd, info, NULL, bprm_buf);
8e62a717
RH		 1850 return;
1851
1852 exit_perror:
1853 fprintf(stderr, "%s: %s\n", filename, strerror(errno));
1854 exit(-1);
31e31b8a
FB		 1855}
1856
49918a75
PB		 1857static int symfind(const void *s0, const void *s1)
1858{
c7c530cd 1859 target_ulong addr = *(target_ulong *)s0;
49918a75
PB		 1860 struct elf_sym *sym = (struct elf_sym *)s1;
1861 int result = 0;
c7c530cd 1862 if (addr < sym->st_value) {
49918a75 1863 result = -1;
c7c530cd 1864 } else if (addr >= sym->st_value + sym->st_size) {
49918a75
PB		 1865 result = 1;
1866 }
1867 return result;
1868}
1869
1870static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1871{
1872#if ELF_CLASS == ELFCLASS32
1873 struct elf_sym *syms = s->disas_symtab.elf32;
1874#else
1875 struct elf_sym *syms = s->disas_symtab.elf64;
1876#endif
1877
1878 // binary search
49918a75
PB		 1879 struct elf_sym *sym;
1880
c7c530cd 1881 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind);
7cba04f6 1882 if (sym != NULL) {
49918a75
PB		 1883 return s->disas_strtab + sym->st_name;
1884 }
1885
1886 return "";
1887}
1888
1889/* FIXME: This should use elf_ops.h */
1890static int symcmp(const void *s0, const void *s1)
1891{
1892 struct elf_sym *sym0 = (struct elf_sym *)s0;
1893 struct elf_sym *sym1 = (struct elf_sym *)s1;
1894 return (sym0->st_value < sym1->st_value)
1895 ? -1
1896 : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1897}
1898
689f936f 1899/* Best attempt to load symbols from this ELF object. */
682674b8 1900static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias)
689f936f 1901{
682674b8
RH		 1902 int i, shnum, nsyms, sym_idx = 0, str_idx = 0;
1903 struct elf_shdr *shdr;
b9475279
CV		 1904 char *strings = NULL;
1905 struct syminfo *s = NULL;
1906 struct elf_sym *new_syms, *syms = NULL;
689f936f 1907
682674b8
RH		 1908 shnum = hdr->e_shnum;
1909 i = shnum * sizeof(struct elf_shdr);
1910 shdr = (struct elf_shdr *)alloca(i);
1911 if (pread(fd, shdr, i, hdr->e_shoff) != i) {
1912 return;
1913 }
1914
1915 bswap_shdr(shdr, shnum);
1916 for (i = 0; i < shnum; ++i) {
1917 if (shdr[i].sh_type == SHT_SYMTAB) {
1918 sym_idx = i;
1919 str_idx = shdr[i].sh_link;
49918a75
PB		 1920 goto found;
1921 }
689f936f 1922 }
682674b8
RH		 1923
1924 /* There will be no symbol table if the file was stripped. */
1925 return;
689f936f
FB		 1926
1927 found:
682674b8 1928 /* Now know where the strtab and symtab are. Snarf them. */
e80cfcfc 1929 s = malloc(sizeof(*s));
682674b8 1930 if (!s) {
b9475279 1931 goto give_up;
682674b8 1932 }
5fafdf24 1933
682674b8
RH		 1934 i = shdr[str_idx].sh_size;
1935 s->disas_strtab = strings = malloc(i);
1936 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) {
b9475279 1937 goto give_up;
682674b8 1938 }
49918a75 1939
682674b8
RH		 1940 i = shdr[sym_idx].sh_size;
1941 syms = malloc(i);
1942 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) {
b9475279 1943 goto give_up;
682674b8 1944 }
31e31b8a 1945
682674b8
RH		 1946 nsyms = i / sizeof(struct elf_sym);
1947 for (i = 0; i < nsyms; ) {
49918a75 1948 bswap_sym(syms + i);
682674b8
RH		 1949 /* Throw away entries which we do not need. */
1950 if (syms[i].st_shndx == SHN_UNDEF
1951 || syms[i].st_shndx >= SHN_LORESERVE
1952 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) {
1953 if (i < --nsyms) {
49918a75
PB		 1954 syms[i] = syms[nsyms];
1955 }
682674b8 1956 } else {
49918a75 1957#if defined(TARGET_ARM) || defined (TARGET_MIPS)
682674b8
RH		 1958 /* The bottom address bit marks a Thumb or MIPS16 symbol. */
1959 syms[i].st_value &= ~(target_ulong)1;
0774bed1 1960#endif
682674b8
RH		 1961 syms[i].st_value += load_bias;
1962 i++;
1963 }
0774bed1 1964 }
49918a75 1965
b9475279
CV		 1966 /* No "useful" symbol. */
1967 if (nsyms == 0) {
1968 goto give_up;
1969 }
1970
5d5c9930
RH		 1971 /* Attempt to free the storage associated with the local symbols
1972 that we threw away. Whether or not this has any effect on the
1973 memory allocation depends on the malloc implementation and how
1974 many symbols we managed to discard. */
8d79de6e
SW		 1975 new_syms = realloc(syms, nsyms * sizeof(*syms));
1976 if (new_syms == NULL) {
b9475279 1977 goto give_up;
5d5c9930 1978 }
8d79de6e 1979 syms = new_syms;
5d5c9930 1980
49918a75 1981 qsort(syms, nsyms, sizeof(*syms), symcmp);
689f936f 1982
49918a75
PB		 1983 s->disas_num_syms = nsyms;
1984#if ELF_CLASS == ELFCLASS32
1985 s->disas_symtab.elf32 = syms;
49918a75
PB		 1986#else
1987 s->disas_symtab.elf64 = syms;
49918a75 1988#endif
682674b8 1989 s->lookup_symbol = lookup_symbolxx;
e80cfcfc
FB		 1990 s->next = syminfos;
1991 syminfos = s;
b9475279
CV		 1992
1993 return;
1994
1995give_up:
1996 free(s);
1997 free(strings);
1998 free(syms);
689f936f 1999}
31e31b8a 2000
e5fe0c52
PB		 2001int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
2002 struct image_info * info)
31e31b8a 2003{
8e62a717 2004 struct image_info interp_info;
31e31b8a 2005 struct elfhdr elf_ex;
8e62a717 2006 char *elf_interpreter = NULL;
31e31b8a 2007
bf858897
RH		 2008 info->start_mmap = (abi_ulong)ELF_START_MMAP;
2009 info->mmap = 0;
2010 info->rss = 0;
2011
2012 load_elf_image(bprm->filename, bprm->fd, info,
2013 &elf_interpreter, bprm->buf);
31e31b8a 2014
bf858897
RH		 2015 /* ??? We need a copy of the elf header for passing to create_elf_tables.
2016 If we do nothing, we'll have overwritten this when we re-use bprm->buf
2017 when we load the interpreter. */
2018 elf_ex = *(struct elfhdr *)bprm->buf;
31e31b8a 2019
e5fe0c52
PB		 2020 bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
2021 bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
2022 bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
2023 if (!bprm->p) {
bf858897
RH		 2024 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG));
2025 exit(-1);
379f6698 2026 }
379f6698 2027
31e31b8a
FB		 2028 /* Do this so that we can load the interpreter, if need be. We will
2029 change some of these later */
31e31b8a 2030 bprm->p = setup_arg_pages(bprm->p, bprm, info);
31e31b8a 2031
8e62a717
RH		 2032 if (elf_interpreter) {
2033 load_elf_interp(elf_interpreter, &interp_info, bprm->buf);
31e31b8a 2034
8e62a717
RH		 2035 /* If the program interpreter is one of these two, then assume
2036 an iBCS2 image. Otherwise assume a native linux image. */
2037
2038 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0
2039 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) {
2040 info->personality = PER_SVR4;
31e31b8a 2041
8e62a717
RH		 2042 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
2043 and some applications "depend" upon this behavior. Since
2044 we do not have the power to recompile these, we emulate
2045 the SVr4 behavior. Sigh. */
2046 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC,
2047 MAP_FIXED | MAP_PRIVATE, -1, 0);
2048 }
31e31b8a
FB		 2049 }
2050
8e62a717
RH		 2051 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex,
2052 info, (elf_interpreter ? &interp_info : NULL));
2053 info->start_stack = bprm->p;
2054
2055 /* If we have an interpreter, set that as the program's entry point.
8e78064e 2056 Copy the load_bias as well, to help PPC64 interpret the entry
8e62a717
RH		 2057 point as a function descriptor. Do this after creating elf tables
2058 so that we copy the original program entry point into the AUXV. */
2059 if (elf_interpreter) {
8e78064e 2060 info->load_bias = interp_info.load_bias;
8e62a717 2061 info->entry = interp_info.entry;
bf858897 2062 free(elf_interpreter);
8e62a717 2063 }
31e31b8a 2064
edf8e2af
MW		 2065#ifdef USE_ELF_CORE_DUMP
2066 bprm->core_dump = &elf_core_dump;
2067#endif
2068
31e31b8a
FB		 2069 return 0;
2070}
2071
edf8e2af 2072#ifdef USE_ELF_CORE_DUMP
edf8e2af
MW		 2073/*
2074 * Definitions to generate Intel SVR4-like core files.
a2547a13 2075 * These mostly have the same names as the SVR4 types with "target_elf_"
edf8e2af
MW		 2076 * tacked on the front to prevent clashes with linux definitions,
2077 * and the typedef forms have been avoided. This is mostly like
2078 * the SVR4 structure, but more Linuxy, with things that Linux does
2079 * not support and which gdb doesn't really use excluded.
2080 *
2081 * Fields we don't dump (their contents is zero) in linux-user qemu
2082 * are marked with XXX.
2083 *
2084 * Core dump code is copied from linux kernel (fs/binfmt_elf.c).
2085 *
2086 * Porting ELF coredump for target is (quite) simple process. First you
dd0a3651 2087 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for
edf8e2af
MW		 2088 * the target resides):
2089 *
2090 * #define USE_ELF_CORE_DUMP
2091 *
2092 * Next you define type of register set used for dumping. ELF specification
2093 * says that it needs to be array of elf_greg_t that has size of ELF_NREG.
2094 *
c227f099 2095 * typedef <target_regtype> target_elf_greg_t;
edf8e2af 2096 * #define ELF_NREG <number of registers>
c227f099 2097 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG];
edf8e2af 2098 *
edf8e2af
MW		 2099 * Last step is to implement target specific function that copies registers
2100 * from given cpu into just specified register set. Prototype is:
2101 *
c227f099 2102 * static void elf_core_copy_regs(taret_elf_gregset_t *regs,
9349b4f9 2103 * const CPUArchState *env);
edf8e2af
MW		 2104 *
2105 * Parameters:
2106 * regs - copy register values into here (allocated and zeroed by caller)
2107 * env - copy registers from here
2108 *
2109 * Example for ARM target is provided in this file.
2110 */
2111
2112/* An ELF note in memory */
2113struct memelfnote {
2114 const char *name;
2115 size_t namesz;
2116 size_t namesz_rounded;
2117 int type;
2118 size_t datasz;
80f5ce75 2119 size_t datasz_rounded;
edf8e2af
MW		 2120 void *data;
2121 size_t notesz;
2122};
2123
a2547a13 2124struct target_elf_siginfo {
f8fd4fc4
PB		 2125 abi_int si_signo; /* signal number */
2126 abi_int si_code; /* extra code */
2127 abi_int si_errno; /* errno */
edf8e2af
MW		 2128};
2129
a2547a13
LD		 2130struct target_elf_prstatus {
2131 struct target_elf_siginfo pr_info; /* Info associated with signal */
1ddd592f 2132 abi_short pr_cursig; /* Current signal */
ca98ac83
PB		 2133 abi_ulong pr_sigpend; /* XXX */
2134 abi_ulong pr_sighold; /* XXX */
c227f099
AL		 2135 target_pid_t pr_pid;
2136 target_pid_t pr_ppid;
2137 target_pid_t pr_pgrp;
2138 target_pid_t pr_sid;
edf8e2af
MW		 2139 struct target_timeval pr_utime; /* XXX User time */
2140 struct target_timeval pr_stime; /* XXX System time */
2141 struct target_timeval pr_cutime; /* XXX Cumulative user time */
2142 struct target_timeval pr_cstime; /* XXX Cumulative system time */
c227f099 2143 target_elf_gregset_t pr_reg; /* GP registers */
f8fd4fc4 2144 abi_int pr_fpvalid; /* XXX */
edf8e2af
MW		 2145};
2146
2147#define ELF_PRARGSZ (80) /* Number of chars for args */
2148
a2547a13 2149struct target_elf_prpsinfo {
edf8e2af
MW		 2150 char pr_state; /* numeric process state */
2151 char pr_sname; /* char for pr_state */
2152 char pr_zomb; /* zombie */
2153 char pr_nice; /* nice val */
ca98ac83 2154 abi_ulong pr_flag; /* flags */
c227f099
AL		 2155 target_uid_t pr_uid;
2156 target_gid_t pr_gid;
2157 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
edf8e2af
MW		 2158 /* Lots missing */
2159 char pr_fname[16]; /* filename of executable */
2160 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
2161};
2162
2163/* Here is the structure in which status of each thread is captured. */
2164struct elf_thread_status {
72cf2d4f 2165 QTAILQ_ENTRY(elf_thread_status) ets_link;
a2547a13 2166 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */
edf8e2af
MW		 2167#if 0
2168 elf_fpregset_t fpu; /* NT_PRFPREG */
2169 struct task_struct *thread;
2170 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
2171#endif
2172 struct memelfnote notes[1];
2173 int num_notes;
2174};
2175
2176struct elf_note_info {
2177 struct memelfnote *notes;
a2547a13
LD		 2178 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */
2179 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */
edf8e2af 2180
72cf2d4f 2181 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list;
edf8e2af
MW		 2182#if 0
2183 /*
2184 * Current version of ELF coredump doesn't support
2185 * dumping fp regs etc.
2186 */
2187 elf_fpregset_t *fpu;
2188 elf_fpxregset_t *xfpu;
2189 int thread_status_size;
2190#endif
2191 int notes_size;
2192 int numnote;
2193};
2194
2195struct vm_area_struct {
2196 abi_ulong vma_start; /* start vaddr of memory region */
2197 abi_ulong vma_end; /* end vaddr of memory region */
2198 abi_ulong vma_flags; /* protection etc. flags for the region */
72cf2d4f 2199 QTAILQ_ENTRY(vm_area_struct) vma_link;
edf8e2af
MW		 2200};
2201
2202struct mm_struct {
72cf2d4f 2203 QTAILQ_HEAD(, vm_area_struct) mm_mmap;
edf8e2af
MW		 2204 int mm_count; /* number of mappings */
2205};
2206
2207static struct mm_struct *vma_init(void);
2208static void vma_delete(struct mm_struct *);
2209static int vma_add_mapping(struct mm_struct *, abi_ulong,
d97ef72e 2210 abi_ulong, abi_ulong);
edf8e2af
MW		 2211static int vma_get_mapping_count(const struct mm_struct *);
2212static struct vm_area_struct *vma_first(const struct mm_struct *);
2213static struct vm_area_struct *vma_next(struct vm_area_struct *);
2214static abi_ulong vma_dump_size(const struct vm_area_struct *);
b480d9b7 2215static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
d97ef72e 2216 unsigned long flags);
edf8e2af
MW		 2217
2218static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t);
2219static void fill_note(struct memelfnote *, const char *, int,
d97ef72e 2220 unsigned int, void *);
a2547a13
LD		 2221static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int);
2222static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *);
edf8e2af
MW		 2223static void fill_auxv_note(struct memelfnote *, const TaskState *);
2224static void fill_elf_note_phdr(struct elf_phdr *, int, off_t);
2225static size_t note_size(const struct memelfnote *);
2226static void free_note_info(struct elf_note_info *);
9349b4f9
AF		 2227static int fill_note_info(struct elf_note_info *, long, const CPUArchState *);
2228static void fill_thread_info(struct elf_note_info *, const CPUArchState *);
edf8e2af
MW		 2229static int core_dump_filename(const TaskState *, char *, size_t);
2230
2231static int dump_write(int, const void *, size_t);
2232static int write_note(struct memelfnote *, int);
2233static int write_note_info(struct elf_note_info *, int);
2234
2235#ifdef BSWAP_NEEDED
a2547a13 2236static void bswap_prstatus(struct target_elf_prstatus *prstatus)
edf8e2af 2237{
ca98ac83
PB		 2238 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo);
2239 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code);
2240 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno);
edf8e2af 2241 prstatus->pr_cursig = tswap16(prstatus->pr_cursig);
ca98ac83
PB		 2242 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend);
2243 prstatus->pr_sighold = tswapal(prstatus->pr_sighold);
edf8e2af
MW		 2244 prstatus->pr_pid = tswap32(prstatus->pr_pid);
2245 prstatus->pr_ppid = tswap32(prstatus->pr_ppid);
2246 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp);
2247 prstatus->pr_sid = tswap32(prstatus->pr_sid);
2248 /* cpu times are not filled, so we skip them */
2249 /* regs should be in correct format already */
2250 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid);
2251}
2252
a2547a13 2253static void bswap_psinfo(struct target_elf_prpsinfo *psinfo)
edf8e2af 2254{
ca98ac83 2255 psinfo->pr_flag = tswapal(psinfo->pr_flag);
edf8e2af
MW		 2256 psinfo->pr_uid = tswap16(psinfo->pr_uid);
2257 psinfo->pr_gid = tswap16(psinfo->pr_gid);
2258 psinfo->pr_pid = tswap32(psinfo->pr_pid);
2259 psinfo->pr_ppid = tswap32(psinfo->pr_ppid);
2260 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp);
2261 psinfo->pr_sid = tswap32(psinfo->pr_sid);
2262}
991f8f0c
RH		 2263
2264static void bswap_note(struct elf_note *en)
2265{
2266 bswap32s(&en->n_namesz);
2267 bswap32s(&en->n_descsz);
2268 bswap32s(&en->n_type);
2269}
2270#else
2271static inline void bswap_prstatus(struct target_elf_prstatus *p) { }
2272static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {}
2273static inline void bswap_note(struct elf_note *en) { }
edf8e2af
MW		 2274#endif /* BSWAP_NEEDED */
2275
2276/*
2277 * Minimal support for linux memory regions. These are needed
2278 * when we are finding out what memory exactly belongs to
2279 * emulated process. No locks needed here, as long as
2280 * thread that received the signal is stopped.
2281 */
2282
2283static struct mm_struct *vma_init(void)
2284{
2285 struct mm_struct *mm;
2286
7267c094 2287 if ((mm = g_malloc(sizeof (*mm))) == NULL)
edf8e2af
MW		 2288 return (NULL);
2289
2290 mm->mm_count = 0;
72cf2d4f 2291 QTAILQ_INIT(&mm->mm_mmap);
edf8e2af
MW		 2292
2293 return (mm);
2294}
2295
2296static void vma_delete(struct mm_struct *mm)
2297{
2298 struct vm_area_struct *vma;
2299
2300 while ((vma = vma_first(mm)) != NULL) {
72cf2d4f 2301 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link);
7267c094 2302 g_free(vma);
edf8e2af 2303 }
7267c094 2304 g_free(mm);
edf8e2af
MW		 2305}
2306
2307static int vma_add_mapping(struct mm_struct *mm, abi_ulong start,
d97ef72e 2308 abi_ulong end, abi_ulong flags)
edf8e2af
MW		 2309{
2310 struct vm_area_struct *vma;
2311
7267c094 2312 if ((vma = g_malloc0(sizeof (*vma))) == NULL)
edf8e2af
MW		 2313 return (-1);
2314
2315 vma->vma_start = start;
2316 vma->vma_end = end;
2317 vma->vma_flags = flags;
2318
72cf2d4f 2319 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link);
edf8e2af
MW		 2320 mm->mm_count++;
2321
2322 return (0);
2323}
2324
2325static struct vm_area_struct *vma_first(const struct mm_struct *mm)
2326{
72cf2d4f 2327 return (QTAILQ_FIRST(&mm->mm_mmap));
edf8e2af
MW		 2328}
2329
2330static struct vm_area_struct *vma_next(struct vm_area_struct *vma)
2331{
72cf2d4f 2332 return (QTAILQ_NEXT(vma, vma_link));
edf8e2af
MW		 2333}
2334
2335static int vma_get_mapping_count(const struct mm_struct *mm)
2336{
2337 return (mm->mm_count);
2338}
2339
2340/*
2341 * Calculate file (dump) size of given memory region.
2342 */
2343static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
2344{
2345 /* if we cannot even read the first page, skip it */
2346 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
2347 return (0);
2348
2349 /*
2350 * Usually we don't dump executable pages as they contain
2351 * non-writable code that debugger can read directly from
2352 * target library etc. However, thread stacks are marked
2353 * also executable so we read in first page of given region
2354 * and check whether it contains elf header. If there is
2355 * no elf header, we dump it.
2356 */
2357 if (vma->vma_flags & PROT_EXEC) {
2358 char page[TARGET_PAGE_SIZE];
2359
2360 copy_from_user(page, vma->vma_start, sizeof (page));
2361 if ((page[EI_MAG0] == ELFMAG0) &&
2362 (page[EI_MAG1] == ELFMAG1) &&
2363 (page[EI_MAG2] == ELFMAG2) &&
2364 (page[EI_MAG3] == ELFMAG3)) {
2365 /*
2366 * Mappings are possibly from ELF binary. Don't dump
2367 * them.
2368 */
2369 return (0);
2370 }
2371 }
2372
2373 return (vma->vma_end - vma->vma_start);
2374}
2375
b480d9b7 2376static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
d97ef72e 2377 unsigned long flags)
edf8e2af
MW		 2378{
2379 struct mm_struct *mm = (struct mm_struct *)priv;
2380
edf8e2af
MW		 2381 vma_add_mapping(mm, start, end, flags);
2382 return (0);
2383}
2384
2385static void fill_note(struct memelfnote *note, const char *name, int type,
d97ef72e 2386 unsigned int sz, void *data)
edf8e2af
MW		 2387{
2388 unsigned int namesz;
2389
2390 namesz = strlen(name) + 1;
2391 note->name = name;
2392 note->namesz = namesz;
2393 note->namesz_rounded = roundup(namesz, sizeof (int32_t));
2394 note->type = type;
80f5ce75
LV		 2395 note->datasz = sz;
2396 note->datasz_rounded = roundup(sz, sizeof (int32_t));
2397
edf8e2af
MW		 2398 note->data = data;
2399
2400 /*
2401 * We calculate rounded up note size here as specified by
2402 * ELF document.
2403 */
2404 note->notesz = sizeof (struct elf_note) +
80f5ce75 2405 note->namesz_rounded + note->datasz_rounded;
edf8e2af
MW		 2406}
2407
2408static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine,
d97ef72e 2409 uint32_t flags)
edf8e2af
MW		 2410{
2411 (void) memset(elf, 0, sizeof(*elf));
2412
2413 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG);
2414 elf->e_ident[EI_CLASS] = ELF_CLASS;
2415 elf->e_ident[EI_DATA] = ELF_DATA;
2416 elf->e_ident[EI_VERSION] = EV_CURRENT;
2417 elf->e_ident[EI_OSABI] = ELF_OSABI;
2418
2419 elf->e_type = ET_CORE;
2420 elf->e_machine = machine;
2421 elf->e_version = EV_CURRENT;
2422 elf->e_phoff = sizeof(struct elfhdr);
2423 elf->e_flags = flags;
2424 elf->e_ehsize = sizeof(struct elfhdr);
2425 elf->e_phentsize = sizeof(struct elf_phdr);
2426 elf->e_phnum = segs;
2427
edf8e2af 2428 bswap_ehdr(elf);
edf8e2af
MW		 2429}
2430
2431static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
2432{
2433 phdr->p_type = PT_NOTE;
2434 phdr->p_offset = offset;
2435 phdr->p_vaddr = 0;
2436 phdr->p_paddr = 0;
2437 phdr->p_filesz = sz;
2438 phdr->p_memsz = 0;
2439 phdr->p_flags = 0;
2440 phdr->p_align = 0;
2441
991f8f0c 2442 bswap_phdr(phdr, 1);
edf8e2af
MW		 2443}
2444
2445static size_t note_size(const struct memelfnote *note)
2446{
2447 return (note->notesz);
2448}
2449
a2547a13 2450static void fill_prstatus(struct target_elf_prstatus *prstatus,
d97ef72e 2451 const TaskState *ts, int signr)
edf8e2af
MW		 2452{
2453 (void) memset(prstatus, 0, sizeof (*prstatus));
2454 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
2455 prstatus->pr_pid = ts->ts_tid;
2456 prstatus->pr_ppid = getppid();
2457 prstatus->pr_pgrp = getpgrp();
2458 prstatus->pr_sid = getsid(0);
2459
edf8e2af 2460 bswap_prstatus(prstatus);
edf8e2af
MW		 2461}
2462
a2547a13 2463static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
edf8e2af 2464{
900cfbca 2465 char *base_filename;
edf8e2af
MW		 2466 unsigned int i, len;
2467
2468 (void) memset(psinfo, 0, sizeof (*psinfo));
2469
2470 len = ts->info->arg_end - ts->info->arg_start;
2471 if (len >= ELF_PRARGSZ)
2472 len = ELF_PRARGSZ - 1;
2473 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len))
2474 return -EFAULT;
2475 for (i = 0; i < len; i++)
2476 if (psinfo->pr_psargs[i] == 0)
2477 psinfo->pr_psargs[i] = ' ';
2478 psinfo->pr_psargs[len] = 0;
2479
2480 psinfo->pr_pid = getpid();
2481 psinfo->pr_ppid = getppid();
2482 psinfo->pr_pgrp = getpgrp();
2483 psinfo->pr_sid = getsid(0);
2484 psinfo->pr_uid = getuid();
2485 psinfo->pr_gid = getgid();
2486
900cfbca
JM		 2487 base_filename = g_path_get_basename(ts->bprm->filename);
2488 /*
2489 * Using strncpy here is fine: at max-length,
2490 * this field is not NUL-terminated.
2491 */
edf8e2af 2492 (void) strncpy(psinfo->pr_fname, base_filename,
d97ef72e 2493 sizeof(psinfo->pr_fname));
edf8e2af 2494
900cfbca 2495 g_free(base_filename);
edf8e2af 2496 bswap_psinfo(psinfo);
edf8e2af
MW		 2497 return (0);
2498}
2499
2500static void fill_auxv_note(struct memelfnote *note, const TaskState *ts)
2501{
2502 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv;
2503 elf_addr_t orig_auxv = auxv;
edf8e2af 2504 void *ptr;
125b0f55 2505 int len = ts->info->auxv_len;
edf8e2af
MW		 2506
2507 /*
2508 * Auxiliary vector is stored in target process stack. It contains
2509 * {type, value} pairs that we need to dump into note. This is not
2510 * strictly necessary but we do it here for sake of completeness.
2511 */
2512
edf8e2af
MW		 2513 /* read in whole auxv vector and copy it to memelfnote */
2514 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0);
2515 if (ptr != NULL) {
2516 fill_note(note, "CORE", NT_AUXV, len, ptr);
2517 unlock_user(ptr, auxv, len);
2518 }
2519}
2520
2521/*
2522 * Constructs name of coredump file. We have following convention
2523 * for the name:
2524 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core
2525 *
2526 * Returns 0 in case of success, -1 otherwise (errno is set).
2527 */
2528static int core_dump_filename(const TaskState *ts, char *buf,
d97ef72e 2529 size_t bufsize)
edf8e2af
MW		 2530{
2531 char timestamp[64];
2532 char *filename = NULL;
2533 char *base_filename = NULL;
2534 struct timeval tv;
2535 struct tm tm;
2536
2537 assert(bufsize >= PATH_MAX);
2538
2539 if (gettimeofday(&tv, NULL) < 0) {
2540 (void) fprintf(stderr, "unable to get current timestamp: %s",
d97ef72e 2541 strerror(errno));
edf8e2af
MW		 2542 return (-1);
2543 }
2544
2545 filename = strdup(ts->bprm->filename);
2546 base_filename = strdup(basename(filename));
2547 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S",
d97ef72e 2548 localtime_r(&tv.tv_sec, &tm));
edf8e2af 2549 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core",
d97ef72e 2550 base_filename, timestamp, (int)getpid());
edf8e2af
MW		 2551 free(base_filename);
2552 free(filename);
2553
2554 return (0);
2555}
2556
2557static int dump_write(int fd, const void *ptr, size_t size)
2558{
2559 const char *bufp = (const char *)ptr;
2560 ssize_t bytes_written, bytes_left;
2561 struct rlimit dumpsize;
2562 off_t pos;
2563
2564 bytes_written = 0;
2565 getrlimit(RLIMIT_CORE, &dumpsize);
2566 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) {
2567 if (errno == ESPIPE) { /* not a seekable stream */
2568 bytes_left = size;
2569 } else {
2570 return pos;
2571 }
2572 } else {
2573 if (dumpsize.rlim_cur <= pos) {
2574 return -1;
2575 } else if (dumpsize.rlim_cur == RLIM_INFINITY) {
2576 bytes_left = size;
2577 } else {
2578 size_t limit_left=dumpsize.rlim_cur - pos;
2579 bytes_left = limit_left >= size ? size : limit_left ;
2580 }
2581 }
2582
2583 /*
2584 * In normal conditions, single write(2) should do but
2585 * in case of socket etc. this mechanism is more portable.
2586 */
2587 do {
2588 bytes_written = write(fd, bufp, bytes_left);
2589 if (bytes_written < 0) {
2590 if (errno == EINTR)
2591 continue;
2592 return (-1);
2593 } else if (bytes_written == 0) { /* eof */
2594 return (-1);
2595 }
2596 bufp += bytes_written;
2597 bytes_left -= bytes_written;
2598 } while (bytes_left > 0);
2599
2600 return (0);
2601}
2602
2603static int write_note(struct memelfnote *men, int fd)
2604{
2605 struct elf_note en;
2606
2607 en.n_namesz = men->namesz;
2608 en.n_type = men->type;
2609 en.n_descsz = men->datasz;
2610
edf8e2af 2611 bswap_note(&en);
edf8e2af
MW		 2612
2613 if (dump_write(fd, &en, sizeof(en)) != 0)
2614 return (-1);
2615 if (dump_write(fd, men->name, men->namesz_rounded) != 0)
2616 return (-1);
80f5ce75 2617 if (dump_write(fd, men->data, men->datasz_rounded) != 0)
edf8e2af
MW		 2618 return (-1);
2619
2620 return (0);
2621}
2622
9349b4f9 2623static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env)
edf8e2af
MW		 2624{
2625 TaskState *ts = (TaskState *)env->opaque;
2626 struct elf_thread_status *ets;
2627
7267c094 2628 ets = g_malloc0(sizeof (*ets));
edf8e2af
MW		 2629 ets->num_notes = 1; /* only prstatus is dumped */
2630 fill_prstatus(&ets->prstatus, ts, 0);
2631 elf_core_copy_regs(&ets->prstatus.pr_reg, env);
2632 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus),
d97ef72e 2633 &ets->prstatus);
edf8e2af 2634
72cf2d4f 2635 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link);
edf8e2af
MW		 2636
2637 info->notes_size += note_size(&ets->notes[0]);
2638}
2639
2640static int fill_note_info(struct elf_note_info *info,
9349b4f9 2641 long signr, const CPUArchState *env)
edf8e2af
MW		 2642{
2643#define NUMNOTES 3
182735ef 2644 CPUState *cpu = NULL;
edf8e2af
MW		 2645 TaskState *ts = (TaskState *)env->opaque;
2646 int i;
2647
2648 (void) memset(info, 0, sizeof (*info));
2649
72cf2d4f 2650 QTAILQ_INIT(&info->thread_list);
edf8e2af 2651
7267c094 2652 info->notes = g_malloc0(NUMNOTES * sizeof (struct memelfnote));
edf8e2af
MW		 2653 if (info->notes == NULL)
2654 return (-ENOMEM);
7267c094 2655 info->prstatus = g_malloc0(sizeof (*info->prstatus));
edf8e2af
MW		 2656 if (info->prstatus == NULL)
2657 return (-ENOMEM);
7267c094 2658 info->psinfo = g_malloc0(sizeof (*info->psinfo));
edf8e2af
MW		 2659 if (info->prstatus == NULL)
2660 return (-ENOMEM);
2661
2662 /*
2663 * First fill in status (and registers) of current thread
2664 * including process info & aux vector.
2665 */
2666 fill_prstatus(info->prstatus, ts, signr);
2667 elf_core_copy_regs(&info->prstatus->pr_reg, env);
2668 fill_note(&info->notes[0], "CORE", NT_PRSTATUS,
d97ef72e 2669 sizeof (*info->prstatus), info->prstatus);
edf8e2af
MW		 2670 fill_psinfo(info->psinfo, ts);
2671 fill_note(&info->notes[1], "CORE", NT_PRPSINFO,
d97ef72e 2672 sizeof (*info->psinfo), info->psinfo);
edf8e2af
MW		 2673 fill_auxv_note(&info->notes[2], ts);
2674 info->numnote = 3;
2675
2676 info->notes_size = 0;
2677 for (i = 0; i < info->numnote; i++)
2678 info->notes_size += note_size(&info->notes[i]);
2679
2680 /* read and fill status of all threads */
2681 cpu_list_lock();
bdc44640 2682 CPU_FOREACH(cpu) {
a2247f8e 2683 if (cpu == thread_cpu) {
edf8e2af 2684 continue;
182735ef
AF		 2685 }
2686 fill_thread_info(info, (CPUArchState *)cpu->env_ptr);
edf8e2af
MW		 2687 }
2688 cpu_list_unlock();
2689
2690 return (0);
2691}
2692
2693static void free_note_info(struct elf_note_info *info)
2694{
2695 struct elf_thread_status *ets;
2696
72cf2d4f
BS		 2697 while (!QTAILQ_EMPTY(&info->thread_list)) {
2698 ets = QTAILQ_FIRST(&info->thread_list);
2699 QTAILQ_REMOVE(&info->thread_list, ets, ets_link);
7267c094 2700 g_free(ets);
edf8e2af
MW		 2701 }
2702
7267c094
AL		 2703 g_free(info->prstatus);
2704 g_free(info->psinfo);
2705 g_free(info->notes);
edf8e2af
MW		 2706}
2707
2708static int write_note_info(struct elf_note_info *info, int fd)
2709{
2710 struct elf_thread_status *ets;
2711 int i, error = 0;
2712
2713 /* write prstatus, psinfo and auxv for current thread */
2714 for (i = 0; i < info->numnote; i++)
2715 if ((error = write_note(&info->notes[i], fd)) != 0)
2716 return (error);
2717
2718 /* write prstatus for each thread */
2719 for (ets = info->thread_list.tqh_first; ets != NULL;
d97ef72e 2720 ets = ets->ets_link.tqe_next) {
edf8e2af
MW		 2721 if ((error = write_note(&ets->notes[0], fd)) != 0)
2722 return (error);
2723 }
2724
2725 return (0);
2726}
2727
2728/*
2729 * Write out ELF coredump.
2730 *
2731 * See documentation of ELF object file format in:
2732 * http://www.caldera.com/developers/devspecs/gabi41.pdf
2733 *
2734 * Coredump format in linux is following:
2735 *
2736 * 0 +----------------------+ \
2737 * | ELF header | ET_CORE |
2738 * +----------------------+ |
2739 * | ELF program headers | |--- headers
2740 * | - NOTE section | |
2741 * | - PT_LOAD sections | |
2742 * +----------------------+ /
2743 * | NOTEs: |
2744 * | - NT_PRSTATUS |
2745 * | - NT_PRSINFO |
2746 * | - NT_AUXV |
2747 * +----------------------+ <-- aligned to target page
2748 * | Process memory dump |
2749 * : :
2750 * . .
2751 * : :
2752 * | |
2753 * +----------------------+
2754 *
2755 * NT_PRSTATUS -> struct elf_prstatus (per thread)
2756 * NT_PRSINFO -> struct elf_prpsinfo
2757 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()).
2758 *
2759 * Format follows System V format as close as possible. Current
2760 * version limitations are as follows:
2761 * - no floating point registers are dumped
2762 *
2763 * Function returns 0 in case of success, negative errno otherwise.
2764 *
2765 * TODO: make this work also during runtime: it should be
2766 * possible to force coredump from running process and then
2767 * continue processing. For example qemu could set up SIGUSR2
2768 * handler (provided that target process haven't registered
2769 * handler for that) that does the dump when signal is received.
2770 */
9349b4f9 2771static int elf_core_dump(int signr, const CPUArchState *env)
edf8e2af
MW		 2772{
2773 const TaskState *ts = (const TaskState *)env->opaque;
2774 struct vm_area_struct *vma = NULL;
2775 char corefile[PATH_MAX];
2776 struct elf_note_info info;
2777 struct elfhdr elf;
2778 struct elf_phdr phdr;
2779 struct rlimit dumpsize;
2780 struct mm_struct *mm = NULL;
2781 off_t offset = 0, data_offset = 0;
2782 int segs = 0;
2783 int fd = -1;
2784
2785 errno = 0;
2786 getrlimit(RLIMIT_CORE, &dumpsize);
2787 if (dumpsize.rlim_cur == 0)
d97ef72e 2788 return 0;
edf8e2af
MW		 2789
2790 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0)
2791 return (-errno);
2792
2793 if ((fd = open(corefile, O_WRONLY | O_CREAT,
d97ef72e 2794 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0)
edf8e2af
MW		 2795 return (-errno);
2796
2797 /*
2798 * Walk through target process memory mappings and
2799 * set up structure containing this information. After
2800 * this point vma_xxx functions can be used.
2801 */
2802 if ((mm = vma_init()) == NULL)
2803 goto out;
2804
2805 walk_memory_regions(mm, vma_walker);
2806 segs = vma_get_mapping_count(mm);
2807
2808 /*
2809 * Construct valid coredump ELF header. We also
2810 * add one more segment for notes.
2811 */
2812 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0);
2813 if (dump_write(fd, &elf, sizeof (elf)) != 0)
2814 goto out;
2815
2816 /* fill in in-memory version of notes */
2817 if (fill_note_info(&info, signr, env) < 0)
2818 goto out;
2819
2820 offset += sizeof (elf); /* elf header */
2821 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */
2822
2823 /* write out notes program header */
2824 fill_elf_note_phdr(&phdr, info.notes_size, offset);
2825
2826 offset += info.notes_size;
2827 if (dump_write(fd, &phdr, sizeof (phdr)) != 0)
2828 goto out;
2829
2830 /*
2831 * ELF specification wants data to start at page boundary so
2832 * we align it here.
2833 */
80f5ce75 2834 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE);
edf8e2af
MW		 2835
2836 /*
2837 * Write program headers for memory regions mapped in
2838 * the target process.
2839 */
2840 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2841 (void) memset(&phdr, 0, sizeof (phdr));
2842
2843 phdr.p_type = PT_LOAD;
2844 phdr.p_offset = offset;
2845 phdr.p_vaddr = vma->vma_start;
2846 phdr.p_paddr = 0;
2847 phdr.p_filesz = vma_dump_size(vma);
2848 offset += phdr.p_filesz;
2849 phdr.p_memsz = vma->vma_end - vma->vma_start;
2850 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0;
2851 if (vma->vma_flags & PROT_WRITE)
2852 phdr.p_flags |= PF_W;
2853 if (vma->vma_flags & PROT_EXEC)
2854 phdr.p_flags |= PF_X;
2855 phdr.p_align = ELF_EXEC_PAGESIZE;
2856
80f5ce75 2857 bswap_phdr(&phdr, 1);
edf8e2af
MW		 2858 dump_write(fd, &phdr, sizeof (phdr));
2859 }
2860
2861 /*
2862 * Next we write notes just after program headers. No
2863 * alignment needed here.
2864 */
2865 if (write_note_info(&info, fd) < 0)
2866 goto out;
2867
2868 /* align data to page boundary */
edf8e2af
MW		 2869 if (lseek(fd, data_offset, SEEK_SET) != data_offset)
2870 goto out;
2871
2872 /*
2873 * Finally we can dump process memory into corefile as well.
2874 */
2875 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2876 abi_ulong addr;
2877 abi_ulong end;
2878
2879 end = vma->vma_start + vma_dump_size(vma);
2880
2881 for (addr = vma->vma_start; addr < end;
d97ef72e 2882 addr += TARGET_PAGE_SIZE) {
edf8e2af
MW		 2883 char page[TARGET_PAGE_SIZE];
2884 int error;
2885
2886 /*
2887 * Read in page from target process memory and
2888 * write it to coredump file.
2889 */
2890 error = copy_from_user(page, addr, sizeof (page));
2891 if (error != 0) {
49995e17 2892 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n",
d97ef72e 2893 addr);
edf8e2af
MW		 2894 errno = -error;
2895 goto out;
2896 }
2897 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0)
2898 goto out;
2899 }
2900 }
2901
d97ef72e 2902 out:
edf8e2af
MW		 2903 free_note_info(&info);
2904 if (mm != NULL)
2905 vma_delete(mm);
2906 (void) close(fd);
2907
2908 if (errno != 0)
2909 return (-errno);
2910 return (0);
2911}
edf8e2af
MW		 2912#endif /* USE_ELF_CORE_DUMP */
2913
e5fe0c52
PB		 2914void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
2915{
2916 init_thread(regs, infop);
2917}
Qemu copy for testing