1 /* This is the Linux kernel elf-loading code, ported into user space */ 2 #include "qemu/osdep.h" 3 #include <sys/param.h> 4 5 #include <sys/resource.h> 6 7 #include "qemu.h" 8 #include "disas/disas.h" 9 #include "qemu/path.h" 10 11 #ifdef _ARCH_PPC64 12 #undef ARCH_DLINFO 13 #undef ELF_PLATFORM 14 #undef ELF_HWCAP 15 #undef ELF_HWCAP2 16 #undef ELF_CLASS 17 #undef ELF_DATA 18 #undef ELF_ARCH 19 #endif 20 21 #define ELF_OSABI ELFOSABI_SYSV 22 23 /* from personality.h */ 24 25 /* 26 * Flags for bug emulation. 27 * 28 * These occupy the top three bytes. 29 */ 30 enum { 31 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 32 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 33 descriptors (signal handling) */ 34 MMAP_PAGE_ZERO = 0x0100000, 35 ADDR_COMPAT_LAYOUT = 0x0200000, 36 READ_IMPLIES_EXEC = 0x0400000, 37 ADDR_LIMIT_32BIT = 0x0800000, 38 SHORT_INODE = 0x1000000, 39 WHOLE_SECONDS = 0x2000000, 40 STICKY_TIMEOUTS = 0x4000000, 41 ADDR_LIMIT_3GB = 0x8000000, 42 }; 43 44 /* 45 * Personality types. 46 * 47 * These go in the low byte. Avoid using the top bit, it will 48 * conflict with error returns. 49 */ 50 enum { 51 PER_LINUX = 0x0000, 52 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 53 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 54 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 55 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 56 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 57 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 58 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 59 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 60 PER_BSD = 0x0006, 61 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 62 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 63 PER_LINUX32 = 0x0008, 64 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 65 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 66 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 67 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 68 PER_RISCOS = 0x000c, 69 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 70 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 71 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 72 PER_HPUX = 0x0010, 73 PER_MASK = 0x00ff, 74 }; 75 76 /* 77 * Return the base personality without flags. 78 */ 79 #define personality(pers) (pers & PER_MASK) 80 81 /* this flag is uneffective under linux too, should be deleted */ 82 #ifndef MAP_DENYWRITE 83 #define MAP_DENYWRITE 0 84 #endif 85 86 /* should probably go in elf.h */ 87 #ifndef ELIBBAD 88 #define ELIBBAD 80 89 #endif 90 91 #ifdef TARGET_WORDS_BIGENDIAN 92 #define ELF_DATA ELFDATA2MSB 93 #else 94 #define ELF_DATA ELFDATA2LSB 95 #endif 96 97 #ifdef TARGET_ABI_MIPSN32 98 typedef abi_ullong target_elf_greg_t; 99 #define tswapreg(ptr) tswap64(ptr) 100 #else 101 typedef abi_ulong target_elf_greg_t; 102 #define tswapreg(ptr) tswapal(ptr) 103 #endif 104 105 #ifdef USE_UID16 106 typedef abi_ushort target_uid_t; 107 typedef abi_ushort target_gid_t; 108 #else 109 typedef abi_uint target_uid_t; 110 typedef abi_uint target_gid_t; 111 #endif 112 typedef abi_int target_pid_t; 113 114 #ifdef TARGET_I386 115 116 #define ELF_PLATFORM get_elf_platform() 117 118 static const char *get_elf_platform(void) 119 { 120 static char elf_platform[] = "i386"; 121 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 122 if (family > 6) 123 family = 6; 124 if (family >= 3) 125 elf_platform[1] = '0' + family; 126 return elf_platform; 127 } 128 129 #define ELF_HWCAP get_elf_hwcap() 130 131 static uint32_t get_elf_hwcap(void) 132 { 133 X86CPU *cpu = X86_CPU(thread_cpu); 134 135 return cpu->env.features[FEAT_1_EDX]; 136 } 137 138 #ifdef TARGET_X86_64 139 #define ELF_START_MMAP 0x2aaaaab000ULL 140 141 #define ELF_CLASS ELFCLASS64 142 #define ELF_ARCH EM_X86_64 143 144 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 145 { 146 regs->rax = 0; 147 regs->rsp = infop->start_stack; 148 regs->rip = infop->entry; 149 } 150 151 #define ELF_NREG 27 152 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 153 154 /* 155 * Note that ELF_NREG should be 29 as there should be place for 156 * TRAPNO and ERR "registers" as well but linux doesn't dump 157 * those. 158 * 159 * See linux kernel: arch/x86/include/asm/elf.h 160 */ 161 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 162 { 163 (*regs)[0] = env->regs[15]; 164 (*regs)[1] = env->regs[14]; 165 (*regs)[2] = env->regs[13]; 166 (*regs)[3] = env->regs[12]; 167 (*regs)[4] = env->regs[R_EBP]; 168 (*regs)[5] = env->regs[R_EBX]; 169 (*regs)[6] = env->regs[11]; 170 (*regs)[7] = env->regs[10]; 171 (*regs)[8] = env->regs[9]; 172 (*regs)[9] = env->regs[8]; 173 (*regs)[10] = env->regs[R_EAX]; 174 (*regs)[11] = env->regs[R_ECX]; 175 (*regs)[12] = env->regs[R_EDX]; 176 (*regs)[13] = env->regs[R_ESI]; 177 (*regs)[14] = env->regs[R_EDI]; 178 (*regs)[15] = env->regs[R_EAX]; /* XXX */ 179 (*regs)[16] = env->eip; 180 (*regs)[17] = env->segs[R_CS].selector & 0xffff; 181 (*regs)[18] = env->eflags; 182 (*regs)[19] = env->regs[R_ESP]; 183 (*regs)[20] = env->segs[R_SS].selector & 0xffff; 184 (*regs)[21] = env->segs[R_FS].selector & 0xffff; 185 (*regs)[22] = env->segs[R_GS].selector & 0xffff; 186 (*regs)[23] = env->segs[R_DS].selector & 0xffff; 187 (*regs)[24] = env->segs[R_ES].selector & 0xffff; 188 (*regs)[25] = env->segs[R_FS].selector & 0xffff; 189 (*regs)[26] = env->segs[R_GS].selector & 0xffff; 190 } 191 192 #else 193 194 #define ELF_START_MMAP 0x80000000 195 196 /* 197 * This is used to ensure we don't load something for the wrong architecture. 198 */ 199 #define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 200 201 /* 202 * These are used to set parameters in the core dumps. 203 */ 204 #define ELF_CLASS ELFCLASS32 205 #define ELF_ARCH EM_386 206 207 static inline void init_thread(struct target_pt_regs *regs, 208 struct image_info *infop) 209 { 210 regs->esp = infop->start_stack; 211 regs->eip = infop->entry; 212 213 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 214 starts %edx contains a pointer to a function which might be 215 registered using `atexit'. This provides a mean for the 216 dynamic linker to call DT_FINI functions for shared libraries 217 that have been loaded before the code runs. 218 219 A value of 0 tells we have no such handler. */ 220 regs->edx = 0; 221 } 222 223 #define ELF_NREG 17 224 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 225 226 /* 227 * Note that ELF_NREG should be 19 as there should be place for 228 * TRAPNO and ERR "registers" as well but linux doesn't dump 229 * those. 230 * 231 * See linux kernel: arch/x86/include/asm/elf.h 232 */ 233 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 234 { 235 (*regs)[0] = env->regs[R_EBX]; 236 (*regs)[1] = env->regs[R_ECX]; 237 (*regs)[2] = env->regs[R_EDX]; 238 (*regs)[3] = env->regs[R_ESI]; 239 (*regs)[4] = env->regs[R_EDI]; 240 (*regs)[5] = env->regs[R_EBP]; 241 (*regs)[6] = env->regs[R_EAX]; 242 (*regs)[7] = env->segs[R_DS].selector & 0xffff; 243 (*regs)[8] = env->segs[R_ES].selector & 0xffff; 244 (*regs)[9] = env->segs[R_FS].selector & 0xffff; 245 (*regs)[10] = env->segs[R_GS].selector & 0xffff; 246 (*regs)[11] = env->regs[R_EAX]; /* XXX */ 247 (*regs)[12] = env->eip; 248 (*regs)[13] = env->segs[R_CS].selector & 0xffff; 249 (*regs)[14] = env->eflags; 250 (*regs)[15] = env->regs[R_ESP]; 251 (*regs)[16] = env->segs[R_SS].selector & 0xffff; 252 } 253 #endif 254 255 #define USE_ELF_CORE_DUMP 256 #define ELF_EXEC_PAGESIZE 4096 257 258 #endif 259 260 #ifdef TARGET_ARM 261 262 #ifndef TARGET_AARCH64 263 /* 32 bit ARM definitions */ 264 265 #define ELF_START_MMAP 0x80000000 266 267 #define ELF_ARCH EM_ARM 268 #define ELF_CLASS ELFCLASS32 269 270 static inline void init_thread(struct target_pt_regs *regs, 271 struct image_info *infop) 272 { 273 abi_long stack = infop->start_stack; 274 memset(regs, 0, sizeof(*regs)); 275 276 regs->uregs[16] = ARM_CPU_MODE_USR; 277 if (infop->entry & 1) { 278 regs->uregs[16] |= CPSR_T; 279 } 280 regs->uregs[15] = infop->entry & 0xfffffffe; 281 regs->uregs[13] = infop->start_stack; 282 /* FIXME - what to for failure of get_user()? */ 283 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 284 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 285 /* XXX: it seems that r0 is zeroed after ! */ 286 regs->uregs[0] = 0; 287 /* For uClinux PIC binaries. */ 288 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 289 regs->uregs[10] = infop->start_data; 290 } 291 292 #define ELF_NREG 18 293 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 294 295 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 296 { 297 (*regs)[0] = tswapreg(env->regs[0]); 298 (*regs)[1] = tswapreg(env->regs[1]); 299 (*regs)[2] = tswapreg(env->regs[2]); 300 (*regs)[3] = tswapreg(env->regs[3]); 301 (*regs)[4] = tswapreg(env->regs[4]); 302 (*regs)[5] = tswapreg(env->regs[5]); 303 (*regs)[6] = tswapreg(env->regs[6]); 304 (*regs)[7] = tswapreg(env->regs[7]); 305 (*regs)[8] = tswapreg(env->regs[8]); 306 (*regs)[9] = tswapreg(env->regs[9]); 307 (*regs)[10] = tswapreg(env->regs[10]); 308 (*regs)[11] = tswapreg(env->regs[11]); 309 (*regs)[12] = tswapreg(env->regs[12]); 310 (*regs)[13] = tswapreg(env->regs[13]); 311 (*regs)[14] = tswapreg(env->regs[14]); 312 (*regs)[15] = tswapreg(env->regs[15]); 313 314 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 315 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 316 } 317 318 #define USE_ELF_CORE_DUMP 319 #define ELF_EXEC_PAGESIZE 4096 320 321 enum 322 { 323 ARM_HWCAP_ARM_SWP = 1 << 0, 324 ARM_HWCAP_ARM_HALF = 1 << 1, 325 ARM_HWCAP_ARM_THUMB = 1 << 2, 326 ARM_HWCAP_ARM_26BIT = 1 << 3, 327 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 328 ARM_HWCAP_ARM_FPA = 1 << 5, 329 ARM_HWCAP_ARM_VFP = 1 << 6, 330 ARM_HWCAP_ARM_EDSP = 1 << 7, 331 ARM_HWCAP_ARM_JAVA = 1 << 8, 332 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 333 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 334 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 335 ARM_HWCAP_ARM_NEON = 1 << 12, 336 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 337 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 338 ARM_HWCAP_ARM_TLS = 1 << 15, 339 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 340 ARM_HWCAP_ARM_IDIVA = 1 << 17, 341 ARM_HWCAP_ARM_IDIVT = 1 << 18, 342 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 343 ARM_HWCAP_ARM_LPAE = 1 << 20, 344 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 345 }; 346 347 enum { 348 ARM_HWCAP2_ARM_AES = 1 << 0, 349 ARM_HWCAP2_ARM_PMULL = 1 << 1, 350 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 351 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 352 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 353 }; 354 355 /* The commpage only exists for 32 bit kernels */ 356 357 #define TARGET_HAS_VALIDATE_GUEST_SPACE 358 /* Return 1 if the proposed guest space is suitable for the guest. 359 * Return 0 if the proposed guest space isn't suitable, but another 360 * address space should be tried. 361 * Return -1 if there is no way the proposed guest space can be 362 * valid regardless of the base. 363 * The guest code may leave a page mapped and populate it if the 364 * address is suitable. 365 */ 366 static int validate_guest_space(unsigned long guest_base, 367 unsigned long guest_size) 368 { 369 unsigned long real_start, test_page_addr; 370 371 /* We need to check that we can force a fault on access to the 372 * commpage at 0xffff0fxx 373 */ 374 test_page_addr = guest_base + (0xffff0f00 & qemu_host_page_mask); 375 376 /* If the commpage lies within the already allocated guest space, 377 * then there is no way we can allocate it. 378 */ 379 if (test_page_addr >= guest_base 380 && test_page_addr <= (guest_base + guest_size)) { 381 return -1; 382 } 383 384 /* Note it needs to be writeable to let us initialise it */ 385 real_start = (unsigned long) 386 mmap((void *)test_page_addr, qemu_host_page_size, 387 PROT_READ | PROT_WRITE, 388 MAP_ANONYMOUS | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 389 390 /* If we can't map it then try another address */ 391 if (real_start == -1ul) { 392 return 0; 393 } 394 395 if (real_start != test_page_addr) { 396 /* OS didn't put the page where we asked - unmap and reject */ 397 munmap((void *)real_start, qemu_host_page_size); 398 return 0; 399 } 400 401 /* Leave the page mapped 402 * Populate it (mmap should have left it all 0'd) 403 */ 404 405 /* Kernel helper versions */ 406 __put_user(5, (uint32_t *)g2h(0xffff0ffcul)); 407 408 /* Now it's populated make it RO */ 409 if (mprotect((void *)test_page_addr, qemu_host_page_size, PROT_READ)) { 410 perror("Protecting guest commpage"); 411 exit(-1); 412 } 413 414 return 1; /* All good */ 415 } 416 417 #define ELF_HWCAP get_elf_hwcap() 418 #define ELF_HWCAP2 get_elf_hwcap2() 419 420 static uint32_t get_elf_hwcap(void) 421 { 422 ARMCPU *cpu = ARM_CPU(thread_cpu); 423 uint32_t hwcaps = 0; 424 425 hwcaps |= ARM_HWCAP_ARM_SWP; 426 hwcaps |= ARM_HWCAP_ARM_HALF; 427 hwcaps |= ARM_HWCAP_ARM_THUMB; 428 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 429 430 /* probe for the extra features */ 431 #define GET_FEATURE(feat, hwcap) \ 432 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 433 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 434 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 435 GET_FEATURE(ARM_FEATURE_VFP, ARM_HWCAP_ARM_VFP); 436 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 437 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 438 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 439 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPv3); 440 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 441 GET_FEATURE(ARM_FEATURE_VFP4, ARM_HWCAP_ARM_VFPv4); 442 GET_FEATURE(ARM_FEATURE_ARM_DIV, ARM_HWCAP_ARM_IDIVA); 443 GET_FEATURE(ARM_FEATURE_THUMB_DIV, ARM_HWCAP_ARM_IDIVT); 444 /* All QEMU's VFPv3 CPUs have 32 registers, see VFP_DREG in translate.c. 445 * Note that the ARM_HWCAP_ARM_VFPv3D16 bit is always the inverse of 446 * ARM_HWCAP_ARM_VFPD32 (and so always clear for QEMU); it is unrelated 447 * to our VFP_FP16 feature bit. 448 */ 449 GET_FEATURE(ARM_FEATURE_VFP3, ARM_HWCAP_ARM_VFPD32); 450 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 451 452 return hwcaps; 453 } 454 455 static uint32_t get_elf_hwcap2(void) 456 { 457 ARMCPU *cpu = ARM_CPU(thread_cpu); 458 uint32_t hwcaps = 0; 459 460 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP2_ARM_AES); 461 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP2_ARM_PMULL); 462 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP2_ARM_SHA1); 463 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP2_ARM_SHA2); 464 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP2_ARM_CRC32); 465 return hwcaps; 466 } 467 468 #undef GET_FEATURE 469 470 #else 471 /* 64 bit ARM definitions */ 472 #define ELF_START_MMAP 0x80000000 473 474 #define ELF_ARCH EM_AARCH64 475 #define ELF_CLASS ELFCLASS64 476 #define ELF_PLATFORM "aarch64" 477 478 static inline void init_thread(struct target_pt_regs *regs, 479 struct image_info *infop) 480 { 481 abi_long stack = infop->start_stack; 482 memset(regs, 0, sizeof(*regs)); 483 484 regs->pc = infop->entry & ~0x3ULL; 485 regs->sp = stack; 486 } 487 488 #define ELF_NREG 34 489 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 490 491 static void elf_core_copy_regs(target_elf_gregset_t *regs, 492 const CPUARMState *env) 493 { 494 int i; 495 496 for (i = 0; i < 32; i++) { 497 (*regs)[i] = tswapreg(env->xregs[i]); 498 } 499 (*regs)[32] = tswapreg(env->pc); 500 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 501 } 502 503 #define USE_ELF_CORE_DUMP 504 #define ELF_EXEC_PAGESIZE 4096 505 506 enum { 507 ARM_HWCAP_A64_FP = 1 << 0, 508 ARM_HWCAP_A64_ASIMD = 1 << 1, 509 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 510 ARM_HWCAP_A64_AES = 1 << 3, 511 ARM_HWCAP_A64_PMULL = 1 << 4, 512 ARM_HWCAP_A64_SHA1 = 1 << 5, 513 ARM_HWCAP_A64_SHA2 = 1 << 6, 514 ARM_HWCAP_A64_CRC32 = 1 << 7, 515 }; 516 517 #define ELF_HWCAP get_elf_hwcap() 518 519 static uint32_t get_elf_hwcap(void) 520 { 521 ARMCPU *cpu = ARM_CPU(thread_cpu); 522 uint32_t hwcaps = 0; 523 524 hwcaps |= ARM_HWCAP_A64_FP; 525 hwcaps |= ARM_HWCAP_A64_ASIMD; 526 527 /* probe for the extra features */ 528 #define GET_FEATURE(feat, hwcap) \ 529 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 530 GET_FEATURE(ARM_FEATURE_V8_AES, ARM_HWCAP_A64_AES); 531 GET_FEATURE(ARM_FEATURE_V8_PMULL, ARM_HWCAP_A64_PMULL); 532 GET_FEATURE(ARM_FEATURE_V8_SHA1, ARM_HWCAP_A64_SHA1); 533 GET_FEATURE(ARM_FEATURE_V8_SHA256, ARM_HWCAP_A64_SHA2); 534 GET_FEATURE(ARM_FEATURE_CRC, ARM_HWCAP_A64_CRC32); 535 #undef GET_FEATURE 536 537 return hwcaps; 538 } 539 540 #endif /* not TARGET_AARCH64 */ 541 #endif /* TARGET_ARM */ 542 543 #ifdef TARGET_UNICORE32 544 545 #define ELF_START_MMAP 0x80000000 546 547 #define ELF_CLASS ELFCLASS32 548 #define ELF_DATA ELFDATA2LSB 549 #define ELF_ARCH EM_UNICORE32 550 551 static inline void init_thread(struct target_pt_regs *regs, 552 struct image_info *infop) 553 { 554 abi_long stack = infop->start_stack; 555 memset(regs, 0, sizeof(*regs)); 556 regs->UC32_REG_asr = 0x10; 557 regs->UC32_REG_pc = infop->entry & 0xfffffffe; 558 regs->UC32_REG_sp = infop->start_stack; 559 /* FIXME - what to for failure of get_user()? */ 560 get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */ 561 get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */ 562 /* XXX: it seems that r0 is zeroed after ! */ 563 regs->UC32_REG_00 = 0; 564 } 565 566 #define ELF_NREG 34 567 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 568 569 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUUniCore32State *env) 570 { 571 (*regs)[0] = env->regs[0]; 572 (*regs)[1] = env->regs[1]; 573 (*regs)[2] = env->regs[2]; 574 (*regs)[3] = env->regs[3]; 575 (*regs)[4] = env->regs[4]; 576 (*regs)[5] = env->regs[5]; 577 (*regs)[6] = env->regs[6]; 578 (*regs)[7] = env->regs[7]; 579 (*regs)[8] = env->regs[8]; 580 (*regs)[9] = env->regs[9]; 581 (*regs)[10] = env->regs[10]; 582 (*regs)[11] = env->regs[11]; 583 (*regs)[12] = env->regs[12]; 584 (*regs)[13] = env->regs[13]; 585 (*regs)[14] = env->regs[14]; 586 (*regs)[15] = env->regs[15]; 587 (*regs)[16] = env->regs[16]; 588 (*regs)[17] = env->regs[17]; 589 (*regs)[18] = env->regs[18]; 590 (*regs)[19] = env->regs[19]; 591 (*regs)[20] = env->regs[20]; 592 (*regs)[21] = env->regs[21]; 593 (*regs)[22] = env->regs[22]; 594 (*regs)[23] = env->regs[23]; 595 (*regs)[24] = env->regs[24]; 596 (*regs)[25] = env->regs[25]; 597 (*regs)[26] = env->regs[26]; 598 (*regs)[27] = env->regs[27]; 599 (*regs)[28] = env->regs[28]; 600 (*regs)[29] = env->regs[29]; 601 (*regs)[30] = env->regs[30]; 602 (*regs)[31] = env->regs[31]; 603 604 (*regs)[32] = cpu_asr_read((CPUUniCore32State *)env); 605 (*regs)[33] = env->regs[0]; /* XXX */ 606 } 607 608 #define USE_ELF_CORE_DUMP 609 #define ELF_EXEC_PAGESIZE 4096 610 611 #define ELF_HWCAP (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64) 612 613 #endif 614 615 #ifdef TARGET_SPARC 616 #ifdef TARGET_SPARC64 617 618 #define ELF_START_MMAP 0x80000000 619 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 620 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 621 #ifndef TARGET_ABI32 622 #define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 623 #else 624 #define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 625 #endif 626 627 #define ELF_CLASS ELFCLASS64 628 #define ELF_ARCH EM_SPARCV9 629 630 #define STACK_BIAS 2047 631 632 static inline void init_thread(struct target_pt_regs *regs, 633 struct image_info *infop) 634 { 635 #ifndef TARGET_ABI32 636 regs->tstate = 0; 637 #endif 638 regs->pc = infop->entry; 639 regs->npc = regs->pc + 4; 640 regs->y = 0; 641 #ifdef TARGET_ABI32 642 regs->u_regs[14] = infop->start_stack - 16 * 4; 643 #else 644 if (personality(infop->personality) == PER_LINUX32) 645 regs->u_regs[14] = infop->start_stack - 16 * 4; 646 else 647 regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS; 648 #endif 649 } 650 651 #else 652 #define ELF_START_MMAP 0x80000000 653 #define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 654 | HWCAP_SPARC_MULDIV) 655 656 #define ELF_CLASS ELFCLASS32 657 #define ELF_ARCH EM_SPARC 658 659 static inline void init_thread(struct target_pt_regs *regs, 660 struct image_info *infop) 661 { 662 regs->psr = 0; 663 regs->pc = infop->entry; 664 regs->npc = regs->pc + 4; 665 regs->y = 0; 666 regs->u_regs[14] = infop->start_stack - 16 * 4; 667 } 668 669 #endif 670 #endif 671 672 #ifdef TARGET_PPC 673 674 #define ELF_MACHINE PPC_ELF_MACHINE 675 #define ELF_START_MMAP 0x80000000 676 677 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 678 679 #define elf_check_arch(x) ( (x) == EM_PPC64 ) 680 681 #define ELF_CLASS ELFCLASS64 682 683 #else 684 685 #define ELF_CLASS ELFCLASS32 686 687 #endif 688 689 #define ELF_ARCH EM_PPC 690 691 /* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 692 See arch/powerpc/include/asm/cputable.h. */ 693 enum { 694 QEMU_PPC_FEATURE_32 = 0x80000000, 695 QEMU_PPC_FEATURE_64 = 0x40000000, 696 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 697 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 698 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 699 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 700 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 701 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 702 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 703 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 704 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 705 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 706 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 707 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 708 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 709 QEMU_PPC_FEATURE_CELL = 0x00010000, 710 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 711 QEMU_PPC_FEATURE_SMT = 0x00004000, 712 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 713 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 714 QEMU_PPC_FEATURE_PA6T = 0x00000800, 715 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 716 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 717 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 718 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 719 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 720 721 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 722 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 723 724 /* Feature definitions in AT_HWCAP2. */ 725 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 726 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 727 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 728 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 729 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 730 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 731 }; 732 733 #define ELF_HWCAP get_elf_hwcap() 734 735 static uint32_t get_elf_hwcap(void) 736 { 737 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 738 uint32_t features = 0; 739 740 /* We don't have to be terribly complete here; the high points are 741 Altivec/FP/SPE support. Anything else is just a bonus. */ 742 #define GET_FEATURE(flag, feature) \ 743 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 744 #define GET_FEATURE2(flags, feature) \ 745 do { \ 746 if ((cpu->env.insns_flags2 & flags) == flags) { \ 747 features |= feature; \ 748 } \ 749 } while (0) 750 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 751 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 752 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 753 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 754 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 755 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 756 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 757 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 758 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 759 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 760 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 761 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 762 QEMU_PPC_FEATURE_ARCH_2_06); 763 #undef GET_FEATURE 764 #undef GET_FEATURE2 765 766 return features; 767 } 768 769 #define ELF_HWCAP2 get_elf_hwcap2() 770 771 static uint32_t get_elf_hwcap2(void) 772 { 773 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 774 uint32_t features = 0; 775 776 #define GET_FEATURE(flag, feature) \ 777 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 778 #define GET_FEATURE2(flag, feature) \ 779 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 780 781 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 782 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 783 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 784 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07); 785 786 #undef GET_FEATURE 787 #undef GET_FEATURE2 788 789 return features; 790 } 791 792 /* 793 * The requirements here are: 794 * - keep the final alignment of sp (sp & 0xf) 795 * - make sure the 32-bit value at the first 16 byte aligned position of 796 * AUXV is greater than 16 for glibc compatibility. 797 * AT_IGNOREPPC is used for that. 798 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 799 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 800 */ 801 #define DLINFO_ARCH_ITEMS 5 802 #define ARCH_DLINFO \ 803 do { \ 804 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 805 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 806 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 807 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 808 /* \ 809 * Now handle glibc compatibility. \ 810 */ \ 811 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 812 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 813 } while (0) 814 815 static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 816 { 817 _regs->gpr[1] = infop->start_stack; 818 #if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 819 if (get_ppc64_abi(infop) < 2) { 820 uint64_t val; 821 get_user_u64(val, infop->entry + 8); 822 _regs->gpr[2] = val + infop->load_bias; 823 get_user_u64(val, infop->entry); 824 infop->entry = val + infop->load_bias; 825 } else { 826 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 827 } 828 #endif 829 _regs->nip = infop->entry; 830 } 831 832 /* See linux kernel: arch/powerpc/include/asm/elf.h. */ 833 #define ELF_NREG 48 834 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 835 836 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 837 { 838 int i; 839 target_ulong ccr = 0; 840 841 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 842 (*regs)[i] = tswapreg(env->gpr[i]); 843 } 844 845 (*regs)[32] = tswapreg(env->nip); 846 (*regs)[33] = tswapreg(env->msr); 847 (*regs)[35] = tswapreg(env->ctr); 848 (*regs)[36] = tswapreg(env->lr); 849 (*regs)[37] = tswapreg(env->xer); 850 851 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 852 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 853 } 854 (*regs)[38] = tswapreg(ccr); 855 } 856 857 #define USE_ELF_CORE_DUMP 858 #define ELF_EXEC_PAGESIZE 4096 859 860 #endif 861 862 #ifdef TARGET_MIPS 863 864 #define ELF_START_MMAP 0x80000000 865 866 #ifdef TARGET_MIPS64 867 #define ELF_CLASS ELFCLASS64 868 #else 869 #define ELF_CLASS ELFCLASS32 870 #endif 871 #define ELF_ARCH EM_MIPS 872 873 static inline void init_thread(struct target_pt_regs *regs, 874 struct image_info *infop) 875 { 876 regs->cp0_status = 2 << CP0St_KSU; 877 regs->cp0_epc = infop->entry; 878 regs->regs[29] = infop->start_stack; 879 } 880 881 /* See linux kernel: arch/mips/include/asm/elf.h. */ 882 #define ELF_NREG 45 883 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 884 885 /* See linux kernel: arch/mips/include/asm/reg.h. */ 886 enum { 887 #ifdef TARGET_MIPS64 888 TARGET_EF_R0 = 0, 889 #else 890 TARGET_EF_R0 = 6, 891 #endif 892 TARGET_EF_R26 = TARGET_EF_R0 + 26, 893 TARGET_EF_R27 = TARGET_EF_R0 + 27, 894 TARGET_EF_LO = TARGET_EF_R0 + 32, 895 TARGET_EF_HI = TARGET_EF_R0 + 33, 896 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 897 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 898 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 899 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 900 }; 901 902 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 903 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 904 { 905 int i; 906 907 for (i = 0; i < TARGET_EF_R0; i++) { 908 (*regs)[i] = 0; 909 } 910 (*regs)[TARGET_EF_R0] = 0; 911 912 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 913 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 914 } 915 916 (*regs)[TARGET_EF_R26] = 0; 917 (*regs)[TARGET_EF_R27] = 0; 918 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 919 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 920 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 921 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 922 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 923 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 924 } 925 926 #define USE_ELF_CORE_DUMP 927 #define ELF_EXEC_PAGESIZE 4096 928 929 #endif /* TARGET_MIPS */ 930 931 #ifdef TARGET_MICROBLAZE 932 933 #define ELF_START_MMAP 0x80000000 934 935 #define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 936 937 #define ELF_CLASS ELFCLASS32 938 #define ELF_ARCH EM_MICROBLAZE 939 940 static inline void init_thread(struct target_pt_regs *regs, 941 struct image_info *infop) 942 { 943 regs->pc = infop->entry; 944 regs->r1 = infop->start_stack; 945 946 } 947 948 #define ELF_EXEC_PAGESIZE 4096 949 950 #define USE_ELF_CORE_DUMP 951 #define ELF_NREG 38 952 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 953 954 /* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 955 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 956 { 957 int i, pos = 0; 958 959 for (i = 0; i < 32; i++) { 960 (*regs)[pos++] = tswapreg(env->regs[i]); 961 } 962 963 for (i = 0; i < 6; i++) { 964 (*regs)[pos++] = tswapreg(env->sregs[i]); 965 } 966 } 967 968 #endif /* TARGET_MICROBLAZE */ 969 970 #ifdef TARGET_OPENRISC 971 972 #define ELF_START_MMAP 0x08000000 973 974 #define ELF_ARCH EM_OPENRISC 975 #define ELF_CLASS ELFCLASS32 976 #define ELF_DATA ELFDATA2MSB 977 978 static inline void init_thread(struct target_pt_regs *regs, 979 struct image_info *infop) 980 { 981 regs->pc = infop->entry; 982 regs->gpr[1] = infop->start_stack; 983 } 984 985 #define USE_ELF_CORE_DUMP 986 #define ELF_EXEC_PAGESIZE 8192 987 988 /* See linux kernel arch/openrisc/include/asm/elf.h. */ 989 #define ELF_NREG 34 /* gprs and pc, sr */ 990 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 991 992 static void elf_core_copy_regs(target_elf_gregset_t *regs, 993 const CPUOpenRISCState *env) 994 { 995 int i; 996 997 for (i = 0; i < 32; i++) { 998 (*regs)[i] = tswapreg(env->gpr[i]); 999 } 1000 1001 (*regs)[32] = tswapreg(env->pc); 1002 (*regs)[33] = tswapreg(env->sr); 1003 } 1004 #define ELF_HWCAP 0 1005 #define ELF_PLATFORM NULL 1006 1007 #endif /* TARGET_OPENRISC */ 1008 1009 #ifdef TARGET_SH4 1010 1011 #define ELF_START_MMAP 0x80000000 1012 1013 #define ELF_CLASS ELFCLASS32 1014 #define ELF_ARCH EM_SH 1015 1016 static inline void init_thread(struct target_pt_regs *regs, 1017 struct image_info *infop) 1018 { 1019 /* Check other registers XXXXX */ 1020 regs->pc = infop->entry; 1021 regs->regs[15] = infop->start_stack; 1022 } 1023 1024 /* See linux kernel: arch/sh/include/asm/elf.h. */ 1025 #define ELF_NREG 23 1026 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1027 1028 /* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1029 enum { 1030 TARGET_REG_PC = 16, 1031 TARGET_REG_PR = 17, 1032 TARGET_REG_SR = 18, 1033 TARGET_REG_GBR = 19, 1034 TARGET_REG_MACH = 20, 1035 TARGET_REG_MACL = 21, 1036 TARGET_REG_SYSCALL = 22 1037 }; 1038 1039 static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1040 const CPUSH4State *env) 1041 { 1042 int i; 1043 1044 for (i = 0; i < 16; i++) { 1045 (*regs[i]) = tswapreg(env->gregs[i]); 1046 } 1047 1048 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1049 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1050 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1051 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1052 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1053 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1054 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1055 } 1056 1057 #define USE_ELF_CORE_DUMP 1058 #define ELF_EXEC_PAGESIZE 4096 1059 1060 enum { 1061 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1062 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1063 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1064 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1065 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1066 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1067 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1068 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1069 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1070 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1071 }; 1072 1073 #define ELF_HWCAP get_elf_hwcap() 1074 1075 static uint32_t get_elf_hwcap(void) 1076 { 1077 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1078 uint32_t hwcap = 0; 1079 1080 hwcap |= SH_CPU_HAS_FPU; 1081 1082 if (cpu->env.features & SH_FEATURE_SH4A) { 1083 hwcap |= SH_CPU_HAS_LLSC; 1084 } 1085 1086 return hwcap; 1087 } 1088 1089 #endif 1090 1091 #ifdef TARGET_CRIS 1092 1093 #define ELF_START_MMAP 0x80000000 1094 1095 #define ELF_CLASS ELFCLASS32 1096 #define ELF_ARCH EM_CRIS 1097 1098 static inline void init_thread(struct target_pt_regs *regs, 1099 struct image_info *infop) 1100 { 1101 regs->erp = infop->entry; 1102 } 1103 1104 #define ELF_EXEC_PAGESIZE 8192 1105 1106 #endif 1107 1108 #ifdef TARGET_M68K 1109 1110 #define ELF_START_MMAP 0x80000000 1111 1112 #define ELF_CLASS ELFCLASS32 1113 #define ELF_ARCH EM_68K 1114 1115 /* ??? Does this need to do anything? 1116 #define ELF_PLAT_INIT(_r) */ 1117 1118 static inline void init_thread(struct target_pt_regs *regs, 1119 struct image_info *infop) 1120 { 1121 regs->usp = infop->start_stack; 1122 regs->sr = 0; 1123 regs->pc = infop->entry; 1124 } 1125 1126 /* See linux kernel: arch/m68k/include/asm/elf.h. */ 1127 #define ELF_NREG 20 1128 typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1129 1130 static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1131 { 1132 (*regs)[0] = tswapreg(env->dregs[1]); 1133 (*regs)[1] = tswapreg(env->dregs[2]); 1134 (*regs)[2] = tswapreg(env->dregs[3]); 1135 (*regs)[3] = tswapreg(env->dregs[4]); 1136 (*regs)[4] = tswapreg(env->dregs[5]); 1137 (*regs)[5] = tswapreg(env->dregs[6]); 1138 (*regs)[6] = tswapreg(env->dregs[7]); 1139 (*regs)[7] = tswapreg(env->aregs[0]); 1140 (*regs)[8] = tswapreg(env->aregs[1]); 1141 (*regs)[9] = tswapreg(env->aregs[2]); 1142 (*regs)[10] = tswapreg(env->aregs[3]); 1143 (*regs)[11] = tswapreg(env->aregs[4]); 1144 (*regs)[12] = tswapreg(env->aregs[5]); 1145 (*regs)[13] = tswapreg(env->aregs[6]); 1146 (*regs)[14] = tswapreg(env->dregs[0]); 1147 (*regs)[15] = tswapreg(env->aregs[7]); 1148 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1149 (*regs)[17] = tswapreg(env->sr); 1150 (*regs)[18] = tswapreg(env->pc); 1151 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1152 } 1153 1154 #define USE_ELF_CORE_DUMP 1155 #define ELF_EXEC_PAGESIZE 8192 1156 1157 #endif 1158 1159 #ifdef TARGET_ALPHA 1160 1161 #define ELF_START_MMAP (0x30000000000ULL) 1162 1163 #define ELF_CLASS ELFCLASS64 1164 #define ELF_ARCH EM_ALPHA 1165 1166 static inline void init_thread(struct target_pt_regs *regs, 1167 struct image_info *infop) 1168 { 1169 regs->pc = infop->entry; 1170 regs->ps = 8; 1171 regs->usp = infop->start_stack; 1172 } 1173 1174 #define ELF_EXEC_PAGESIZE 8192 1175 1176 #endif /* TARGET_ALPHA */ 1177 1178 #ifdef TARGET_S390X 1179 1180 #define ELF_START_MMAP (0x20000000000ULL) 1181 1182 #define ELF_CLASS ELFCLASS64 1183 #define ELF_DATA ELFDATA2MSB 1184 #define ELF_ARCH EM_S390 1185 1186 static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1187 { 1188 regs->psw.addr = infop->entry; 1189 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1190 regs->gprs[15] = infop->start_stack; 1191 } 1192 1193 #endif /* TARGET_S390X */ 1194 1195 #ifdef TARGET_TILEGX 1196 1197 /* 42 bits real used address, a half for user mode */ 1198 #define ELF_START_MMAP (0x00000020000000000ULL) 1199 1200 #define elf_check_arch(x) ((x) == EM_TILEGX) 1201 1202 #define ELF_CLASS ELFCLASS64 1203 #define ELF_DATA ELFDATA2LSB 1204 #define ELF_ARCH EM_TILEGX 1205 1206 static inline void init_thread(struct target_pt_regs *regs, 1207 struct image_info *infop) 1208 { 1209 regs->pc = infop->entry; 1210 regs->sp = infop->start_stack; 1211 1212 } 1213 1214 #define ELF_EXEC_PAGESIZE 65536 /* TILE-Gx page size is 64KB */ 1215 1216 #endif /* TARGET_TILEGX */ 1217 1218 #ifndef ELF_PLATFORM 1219 #define ELF_PLATFORM (NULL) 1220 #endif 1221 1222 #ifndef ELF_MACHINE 1223 #define ELF_MACHINE ELF_ARCH 1224 #endif 1225 1226 #ifndef elf_check_arch 1227 #define elf_check_arch(x) ((x) == ELF_ARCH) 1228 #endif 1229 1230 #ifndef ELF_HWCAP 1231 #define ELF_HWCAP 0 1232 #endif 1233 1234 #ifdef TARGET_ABI32 1235 #undef ELF_CLASS 1236 #define ELF_CLASS ELFCLASS32 1237 #undef bswaptls 1238 #define bswaptls(ptr) bswap32s(ptr) 1239 #endif 1240 1241 #include "elf.h" 1242 1243 struct exec 1244 { 1245 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1246 unsigned int a_text; /* length of text, in bytes */ 1247 unsigned int a_data; /* length of data, in bytes */ 1248 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1249 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1250 unsigned int a_entry; /* start address */ 1251 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1252 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1253 }; 1254 1255 1256 #define N_MAGIC(exec) ((exec).a_info & 0xffff) 1257 #define OMAGIC 0407 1258 #define NMAGIC 0410 1259 #define ZMAGIC 0413 1260 #define QMAGIC 0314 1261 1262 /* Necessary parameters */ 1263 #define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE 1264 #define TARGET_ELF_PAGESTART(_v) ((_v) & \ 1265 ~(abi_ulong)(TARGET_ELF_EXEC_PAGESIZE-1)) 1266 #define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1267 1268 #define DLINFO_ITEMS 14 1269 1270 static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1271 { 1272 memcpy(to, from, n); 1273 } 1274 1275 #ifdef BSWAP_NEEDED 1276 static void bswap_ehdr(struct elfhdr *ehdr) 1277 { 1278 bswap16s(&ehdr->e_type); /* Object file type */ 1279 bswap16s(&ehdr->e_machine); /* Architecture */ 1280 bswap32s(&ehdr->e_version); /* Object file version */ 1281 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1282 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1283 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1284 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1285 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1286 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1287 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1288 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1289 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1290 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1291 } 1292 1293 static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1294 { 1295 int i; 1296 for (i = 0; i < phnum; ++i, ++phdr) { 1297 bswap32s(&phdr->p_type); /* Segment type */ 1298 bswap32s(&phdr->p_flags); /* Segment flags */ 1299 bswaptls(&phdr->p_offset); /* Segment file offset */ 1300 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1301 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1302 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1303 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1304 bswaptls(&phdr->p_align); /* Segment alignment */ 1305 } 1306 } 1307 1308 static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1309 { 1310 int i; 1311 for (i = 0; i < shnum; ++i, ++shdr) { 1312 bswap32s(&shdr->sh_name); 1313 bswap32s(&shdr->sh_type); 1314 bswaptls(&shdr->sh_flags); 1315 bswaptls(&shdr->sh_addr); 1316 bswaptls(&shdr->sh_offset); 1317 bswaptls(&shdr->sh_size); 1318 bswap32s(&shdr->sh_link); 1319 bswap32s(&shdr->sh_info); 1320 bswaptls(&shdr->sh_addralign); 1321 bswaptls(&shdr->sh_entsize); 1322 } 1323 } 1324 1325 static void bswap_sym(struct elf_sym *sym) 1326 { 1327 bswap32s(&sym->st_name); 1328 bswaptls(&sym->st_value); 1329 bswaptls(&sym->st_size); 1330 bswap16s(&sym->st_shndx); 1331 } 1332 #else 1333 static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1334 static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1335 static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1336 static inline void bswap_sym(struct elf_sym *sym) { } 1337 #endif 1338 1339 #ifdef USE_ELF_CORE_DUMP 1340 static int elf_core_dump(int, const CPUArchState *); 1341 #endif /* USE_ELF_CORE_DUMP */ 1342 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1343 1344 /* Verify the portions of EHDR within E_IDENT for the target. 1345 This can be performed before bswapping the entire header. */ 1346 static bool elf_check_ident(struct elfhdr *ehdr) 1347 { 1348 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1349 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1350 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1351 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1352 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1353 && ehdr->e_ident[EI_DATA] == ELF_DATA 1354 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1355 } 1356 1357 /* Verify the portions of EHDR outside of E_IDENT for the target. 1358 This has to wait until after bswapping the header. */ 1359 static bool elf_check_ehdr(struct elfhdr *ehdr) 1360 { 1361 return (elf_check_arch(ehdr->e_machine) 1362 && ehdr->e_ehsize == sizeof(struct elfhdr) 1363 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1364 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1365 } 1366 1367 /* 1368 * 'copy_elf_strings()' copies argument/envelope strings from user 1369 * memory to free pages in kernel mem. These are in a format ready 1370 * to be put directly into the top of new user memory. 1371 * 1372 */ 1373 static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 1374 abi_ulong p, abi_ulong stack_limit) 1375 { 1376 char *tmp; 1377 int len, offset; 1378 abi_ulong top = p; 1379 1380 if (!p) { 1381 return 0; /* bullet-proofing */ 1382 } 1383 1384 offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 1385 1386 while (argc-- > 0) { 1387 tmp = argv[argc]; 1388 if (!tmp) { 1389 fprintf(stderr, "VFS: argc is wrong"); 1390 exit(-1); 1391 } 1392 len = strlen(tmp) + 1; 1393 tmp += len; 1394 1395 if (len > (p - stack_limit)) { 1396 return 0; 1397 } 1398 while (len) { 1399 int bytes_to_copy = (len > offset) ? offset : len; 1400 tmp -= bytes_to_copy; 1401 p -= bytes_to_copy; 1402 offset -= bytes_to_copy; 1403 len -= bytes_to_copy; 1404 1405 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 1406 1407 if (offset == 0) { 1408 memcpy_to_target(p, scratch, top - p); 1409 top = p; 1410 offset = TARGET_PAGE_SIZE; 1411 } 1412 } 1413 } 1414 if (offset) { 1415 memcpy_to_target(p, scratch + offset, top - p); 1416 } 1417 1418 return p; 1419 } 1420 1421 /* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 1422 * argument/environment space. Newer kernels (>2.6.33) allow more, 1423 * dependent on stack size, but guarantee at least 32 pages for 1424 * backwards compatibility. 1425 */ 1426 #define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 1427 1428 static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 1429 struct image_info *info) 1430 { 1431 abi_ulong size, error, guard; 1432 1433 size = guest_stack_size; 1434 if (size < STACK_LOWER_LIMIT) { 1435 size = STACK_LOWER_LIMIT; 1436 } 1437 guard = TARGET_PAGE_SIZE; 1438 if (guard < qemu_real_host_page_size) { 1439 guard = qemu_real_host_page_size; 1440 } 1441 1442 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1443 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1444 if (error == -1) { 1445 perror("mmap stack"); 1446 exit(-1); 1447 } 1448 1449 /* We reserve one extra page at the top of the stack as guard. */ 1450 target_mprotect(error, guard, PROT_NONE); 1451 1452 info->stack_limit = error + guard; 1453 1454 return info->stack_limit + size - sizeof(void *); 1455 } 1456 1457 /* Map and zero the bss. We need to explicitly zero any fractional pages 1458 after the data section (i.e. bss). */ 1459 static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1460 { 1461 uintptr_t host_start, host_map_start, host_end; 1462 1463 last_bss = TARGET_PAGE_ALIGN(last_bss); 1464 1465 /* ??? There is confusion between qemu_real_host_page_size and 1466 qemu_host_page_size here and elsewhere in target_mmap, which 1467 may lead to the end of the data section mapping from the file 1468 not being mapped. At least there was an explicit test and 1469 comment for that here, suggesting that "the file size must 1470 be known". The comment probably pre-dates the introduction 1471 of the fstat system call in target_mmap which does in fact 1472 find out the size. What isn't clear is if the workaround 1473 here is still actually needed. For now, continue with it, 1474 but merge it with the "normal" mmap that would allocate the bss. */ 1475 1476 host_start = (uintptr_t) g2h(elf_bss); 1477 host_end = (uintptr_t) g2h(last_bss); 1478 host_map_start = REAL_HOST_PAGE_ALIGN(host_start); 1479 1480 if (host_map_start < host_end) { 1481 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1482 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1483 if (p == MAP_FAILED) { 1484 perror("cannot mmap brk"); 1485 exit(-1); 1486 } 1487 } 1488 1489 /* Ensure that the bss page(s) are valid */ 1490 if ((page_get_flags(last_bss-1) & prot) != prot) { 1491 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot | PAGE_VALID); 1492 } 1493 1494 if (host_start < host_map_start) { 1495 memset((void *)host_start, 0, host_map_start - host_start); 1496 } 1497 } 1498 1499 #ifdef CONFIG_USE_FDPIC 1500 static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1501 { 1502 uint16_t n; 1503 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1504 1505 /* elf32_fdpic_loadseg */ 1506 n = info->nsegs; 1507 while (n--) { 1508 sp -= 12; 1509 put_user_u32(loadsegs[n].addr, sp+0); 1510 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1511 put_user_u32(loadsegs[n].p_memsz, sp+8); 1512 } 1513 1514 /* elf32_fdpic_loadmap */ 1515 sp -= 4; 1516 put_user_u16(0, sp+0); /* version */ 1517 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1518 1519 info->personality = PER_LINUX_FDPIC; 1520 info->loadmap_addr = sp; 1521 1522 return sp; 1523 } 1524 #endif 1525 1526 static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1527 struct elfhdr *exec, 1528 struct image_info *info, 1529 struct image_info *interp_info) 1530 { 1531 abi_ulong sp; 1532 abi_ulong sp_auxv; 1533 int size; 1534 int i; 1535 abi_ulong u_rand_bytes; 1536 uint8_t k_rand_bytes[16]; 1537 abi_ulong u_platform; 1538 const char *k_platform; 1539 const int n = sizeof(elf_addr_t); 1540 1541 sp = p; 1542 1543 #ifdef CONFIG_USE_FDPIC 1544 /* Needs to be before we load the env/argc/... */ 1545 if (elf_is_fdpic(exec)) { 1546 /* Need 4 byte alignment for these structs */ 1547 sp &= ~3; 1548 sp = loader_build_fdpic_loadmap(info, sp); 1549 info->other_info = interp_info; 1550 if (interp_info) { 1551 interp_info->other_info = info; 1552 sp = loader_build_fdpic_loadmap(interp_info, sp); 1553 } 1554 } 1555 #endif 1556 1557 u_platform = 0; 1558 k_platform = ELF_PLATFORM; 1559 if (k_platform) { 1560 size_t len = strlen(k_platform) + 1; 1561 sp -= (len + n - 1) & ~(n - 1); 1562 u_platform = sp; 1563 /* FIXME - check return value of memcpy_to_target() for failure */ 1564 memcpy_to_target(sp, k_platform, len); 1565 } 1566 1567 /* 1568 * Generate 16 random bytes for userspace PRNG seeding (not 1569 * cryptically secure but it's not the aim of QEMU). 1570 */ 1571 for (i = 0; i < 16; i++) { 1572 k_rand_bytes[i] = rand(); 1573 } 1574 sp -= 16; 1575 u_rand_bytes = sp; 1576 /* FIXME - check return value of memcpy_to_target() for failure */ 1577 memcpy_to_target(sp, k_rand_bytes, 16); 1578 1579 /* 1580 * Force 16 byte _final_ alignment here for generality. 1581 */ 1582 sp = sp &~ (abi_ulong)15; 1583 size = (DLINFO_ITEMS + 1) * 2; 1584 if (k_platform) 1585 size += 2; 1586 #ifdef DLINFO_ARCH_ITEMS 1587 size += DLINFO_ARCH_ITEMS * 2; 1588 #endif 1589 #ifdef ELF_HWCAP2 1590 size += 2; 1591 #endif 1592 size += envc + argc + 2; 1593 size += 1; /* argc itself */ 1594 size *= n; 1595 if (size & 15) 1596 sp -= 16 - (size & 15); 1597 1598 /* This is correct because Linux defines 1599 * elf_addr_t as Elf32_Off / Elf64_Off 1600 */ 1601 #define NEW_AUX_ENT(id, val) do { \ 1602 sp -= n; put_user_ual(val, sp); \ 1603 sp -= n; put_user_ual(id, sp); \ 1604 } while(0) 1605 1606 sp_auxv = sp; 1607 NEW_AUX_ENT (AT_NULL, 0); 1608 1609 /* There must be exactly DLINFO_ITEMS entries here. */ 1610 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 1611 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 1612 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 1613 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(MAX(TARGET_PAGE_SIZE, getpagesize()))); 1614 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 1615 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 1616 NEW_AUX_ENT(AT_ENTRY, info->entry); 1617 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 1618 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 1619 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 1620 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 1621 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 1622 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 1623 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 1624 1625 #ifdef ELF_HWCAP2 1626 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 1627 #endif 1628 1629 if (k_platform) 1630 NEW_AUX_ENT(AT_PLATFORM, u_platform); 1631 #ifdef ARCH_DLINFO 1632 /* 1633 * ARCH_DLINFO must come last so platform specific code can enforce 1634 * special alignment requirements on the AUXV if necessary (eg. PPC). 1635 */ 1636 ARCH_DLINFO; 1637 #endif 1638 #undef NEW_AUX_ENT 1639 1640 info->saved_auxv = sp; 1641 info->auxv_len = sp_auxv - sp; 1642 1643 sp = loader_build_argptr(envc, argc, sp, p, 0); 1644 /* Check the right amount of stack was allocated for auxvec, envp & argv. */ 1645 assert(sp_auxv - sp == size); 1646 return sp; 1647 } 1648 1649 #ifndef TARGET_HAS_VALIDATE_GUEST_SPACE 1650 /* If the guest doesn't have a validation function just agree */ 1651 static int validate_guest_space(unsigned long guest_base, 1652 unsigned long guest_size) 1653 { 1654 return 1; 1655 } 1656 #endif 1657 1658 unsigned long init_guest_space(unsigned long host_start, 1659 unsigned long host_size, 1660 unsigned long guest_start, 1661 bool fixed) 1662 { 1663 unsigned long current_start, real_start; 1664 int flags; 1665 1666 assert(host_start || host_size); 1667 1668 /* If just a starting address is given, then just verify that 1669 * address. */ 1670 if (host_start && !host_size) { 1671 if (validate_guest_space(host_start, host_size) == 1) { 1672 return host_start; 1673 } else { 1674 return (unsigned long)-1; 1675 } 1676 } 1677 1678 /* Setup the initial flags and start address. */ 1679 current_start = host_start & qemu_host_page_mask; 1680 flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 1681 if (fixed) { 1682 flags |= MAP_FIXED; 1683 } 1684 1685 /* Otherwise, a non-zero size region of memory needs to be mapped 1686 * and validated. */ 1687 while (1) { 1688 unsigned long real_size = host_size; 1689 1690 /* Do not use mmap_find_vma here because that is limited to the 1691 * guest address space. We are going to make the 1692 * guest address space fit whatever we're given. 1693 */ 1694 real_start = (unsigned long) 1695 mmap((void *)current_start, host_size, PROT_NONE, flags, -1, 0); 1696 if (real_start == (unsigned long)-1) { 1697 return (unsigned long)-1; 1698 } 1699 1700 /* Ensure the address is properly aligned. */ 1701 if (real_start & ~qemu_host_page_mask) { 1702 munmap((void *)real_start, host_size); 1703 real_size = host_size + qemu_host_page_size; 1704 real_start = (unsigned long) 1705 mmap((void *)real_start, real_size, PROT_NONE, flags, -1, 0); 1706 if (real_start == (unsigned long)-1) { 1707 return (unsigned long)-1; 1708 } 1709 real_start = HOST_PAGE_ALIGN(real_start); 1710 } 1711 1712 /* Check to see if the address is valid. */ 1713 if (!host_start || real_start == current_start) { 1714 int valid = validate_guest_space(real_start - guest_start, 1715 real_size); 1716 if (valid == 1) { 1717 break; 1718 } else if (valid == -1) { 1719 return (unsigned long)-1; 1720 } 1721 /* valid == 0, so try again. */ 1722 } 1723 1724 /* That address didn't work. Unmap and try a different one. 1725 * The address the host picked because is typically right at 1726 * the top of the host address space and leaves the guest with 1727 * no usable address space. Resort to a linear search. We 1728 * already compensated for mmap_min_addr, so this should not 1729 * happen often. Probably means we got unlucky and host 1730 * address space randomization put a shared library somewhere 1731 * inconvenient. 1732 */ 1733 munmap((void *)real_start, host_size); 1734 current_start += qemu_host_page_size; 1735 if (host_start == current_start) { 1736 /* Theoretically possible if host doesn't have any suitably 1737 * aligned areas. Normally the first mmap will fail. 1738 */ 1739 return (unsigned long)-1; 1740 } 1741 } 1742 1743 qemu_log_mask(CPU_LOG_PAGE, "Reserved 0x%lx bytes of guest address space\n", host_size); 1744 1745 return real_start; 1746 } 1747 1748 static void probe_guest_base(const char *image_name, 1749 abi_ulong loaddr, abi_ulong hiaddr) 1750 { 1751 /* Probe for a suitable guest base address, if the user has not set 1752 * it explicitly, and set guest_base appropriately. 1753 * In case of error we will print a suitable message and exit. 1754 */ 1755 const char *errmsg; 1756 if (!have_guest_base && !reserved_va) { 1757 unsigned long host_start, real_start, host_size; 1758 1759 /* Round addresses to page boundaries. */ 1760 loaddr &= qemu_host_page_mask; 1761 hiaddr = HOST_PAGE_ALIGN(hiaddr); 1762 1763 if (loaddr < mmap_min_addr) { 1764 host_start = HOST_PAGE_ALIGN(mmap_min_addr); 1765 } else { 1766 host_start = loaddr; 1767 if (host_start != loaddr) { 1768 errmsg = "Address overflow loading ELF binary"; 1769 goto exit_errmsg; 1770 } 1771 } 1772 host_size = hiaddr - loaddr; 1773 1774 /* Setup the initial guest memory space with ranges gleaned from 1775 * the ELF image that is being loaded. 1776 */ 1777 real_start = init_guest_space(host_start, host_size, loaddr, false); 1778 if (real_start == (unsigned long)-1) { 1779 errmsg = "Unable to find space for application"; 1780 goto exit_errmsg; 1781 } 1782 guest_base = real_start - loaddr; 1783 1784 qemu_log_mask(CPU_LOG_PAGE, "Relocating guest address space from 0x" 1785 TARGET_ABI_FMT_lx " to 0x%lx\n", 1786 loaddr, real_start); 1787 } 1788 return; 1789 1790 exit_errmsg: 1791 fprintf(stderr, "%s: %s\n", image_name, errmsg); 1792 exit(-1); 1793 } 1794 1795 1796 /* Load an ELF image into the address space. 1797 1798 IMAGE_NAME is the filename of the image, to use in error messages. 1799 IMAGE_FD is the open file descriptor for the image. 1800 1801 BPRM_BUF is a copy of the beginning of the file; this of course 1802 contains the elf file header at offset 0. It is assumed that this 1803 buffer is sufficiently aligned to present no problems to the host 1804 in accessing data at aligned offsets within the buffer. 1805 1806 On return: INFO values will be filled in, as necessary or available. */ 1807 1808 static void load_elf_image(const char *image_name, int image_fd, 1809 struct image_info *info, char **pinterp_name, 1810 char bprm_buf[BPRM_BUF_SIZE]) 1811 { 1812 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 1813 struct elf_phdr *phdr; 1814 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 1815 int i, retval; 1816 const char *errmsg; 1817 1818 /* First of all, some simple consistency checks */ 1819 errmsg = "Invalid ELF image for this architecture"; 1820 if (!elf_check_ident(ehdr)) { 1821 goto exit_errmsg; 1822 } 1823 bswap_ehdr(ehdr); 1824 if (!elf_check_ehdr(ehdr)) { 1825 goto exit_errmsg; 1826 } 1827 1828 i = ehdr->e_phnum * sizeof(struct elf_phdr); 1829 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 1830 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 1831 } else { 1832 phdr = (struct elf_phdr *) alloca(i); 1833 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 1834 if (retval != i) { 1835 goto exit_read; 1836 } 1837 } 1838 bswap_phdr(phdr, ehdr->e_phnum); 1839 1840 #ifdef CONFIG_USE_FDPIC 1841 info->nsegs = 0; 1842 info->pt_dynamic_addr = 0; 1843 #endif 1844 1845 /* Find the maximum size of the image and allocate an appropriate 1846 amount of memory to handle that. */ 1847 loaddr = -1, hiaddr = 0; 1848 for (i = 0; i < ehdr->e_phnum; ++i) { 1849 if (phdr[i].p_type == PT_LOAD) { 1850 abi_ulong a = phdr[i].p_vaddr - phdr[i].p_offset; 1851 if (a < loaddr) { 1852 loaddr = a; 1853 } 1854 a = phdr[i].p_vaddr + phdr[i].p_memsz; 1855 if (a > hiaddr) { 1856 hiaddr = a; 1857 } 1858 #ifdef CONFIG_USE_FDPIC 1859 ++info->nsegs; 1860 #endif 1861 } 1862 } 1863 1864 load_addr = loaddr; 1865 if (ehdr->e_type == ET_DYN) { 1866 /* The image indicates that it can be loaded anywhere. Find a 1867 location that can hold the memory space required. If the 1868 image is pre-linked, LOADDR will be non-zero. Since we do 1869 not supply MAP_FIXED here we'll use that address if and 1870 only if it remains available. */ 1871 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 1872 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, 1873 -1, 0); 1874 if (load_addr == -1) { 1875 goto exit_perror; 1876 } 1877 } else if (pinterp_name != NULL) { 1878 /* This is the main executable. Make sure that the low 1879 address does not conflict with MMAP_MIN_ADDR or the 1880 QEMU application itself. */ 1881 probe_guest_base(image_name, loaddr, hiaddr); 1882 } 1883 load_bias = load_addr - loaddr; 1884 1885 #ifdef CONFIG_USE_FDPIC 1886 { 1887 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 1888 g_malloc(sizeof(*loadsegs) * info->nsegs); 1889 1890 for (i = 0; i < ehdr->e_phnum; ++i) { 1891 switch (phdr[i].p_type) { 1892 case PT_DYNAMIC: 1893 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 1894 break; 1895 case PT_LOAD: 1896 loadsegs->addr = phdr[i].p_vaddr + load_bias; 1897 loadsegs->p_vaddr = phdr[i].p_vaddr; 1898 loadsegs->p_memsz = phdr[i].p_memsz; 1899 ++loadsegs; 1900 break; 1901 } 1902 } 1903 } 1904 #endif 1905 1906 info->load_bias = load_bias; 1907 info->load_addr = load_addr; 1908 info->entry = ehdr->e_entry + load_bias; 1909 info->start_code = -1; 1910 info->end_code = 0; 1911 info->start_data = -1; 1912 info->end_data = 0; 1913 info->brk = 0; 1914 info->elf_flags = ehdr->e_flags; 1915 1916 for (i = 0; i < ehdr->e_phnum; i++) { 1917 struct elf_phdr *eppnt = phdr + i; 1918 if (eppnt->p_type == PT_LOAD) { 1919 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em; 1920 int elf_prot = 0; 1921 1922 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 1923 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 1924 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 1925 1926 vaddr = load_bias + eppnt->p_vaddr; 1927 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 1928 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 1929 1930 error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po, 1931 elf_prot, MAP_PRIVATE | MAP_FIXED, 1932 image_fd, eppnt->p_offset - vaddr_po); 1933 if (error == -1) { 1934 goto exit_perror; 1935 } 1936 1937 vaddr_ef = vaddr + eppnt->p_filesz; 1938 vaddr_em = vaddr + eppnt->p_memsz; 1939 1940 /* If the load segment requests extra zeros (e.g. bss), map it. */ 1941 if (vaddr_ef < vaddr_em) { 1942 zero_bss(vaddr_ef, vaddr_em, elf_prot); 1943 } 1944 1945 /* Find the full program boundaries. */ 1946 if (elf_prot & PROT_EXEC) { 1947 if (vaddr < info->start_code) { 1948 info->start_code = vaddr; 1949 } 1950 if (vaddr_ef > info->end_code) { 1951 info->end_code = vaddr_ef; 1952 } 1953 } 1954 if (elf_prot & PROT_WRITE) { 1955 if (vaddr < info->start_data) { 1956 info->start_data = vaddr; 1957 } 1958 if (vaddr_ef > info->end_data) { 1959 info->end_data = vaddr_ef; 1960 } 1961 if (vaddr_em > info->brk) { 1962 info->brk = vaddr_em; 1963 } 1964 } 1965 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 1966 char *interp_name; 1967 1968 if (*pinterp_name) { 1969 errmsg = "Multiple PT_INTERP entries"; 1970 goto exit_errmsg; 1971 } 1972 interp_name = malloc(eppnt->p_filesz); 1973 if (!interp_name) { 1974 goto exit_perror; 1975 } 1976 1977 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 1978 memcpy(interp_name, bprm_buf + eppnt->p_offset, 1979 eppnt->p_filesz); 1980 } else { 1981 retval = pread(image_fd, interp_name, eppnt->p_filesz, 1982 eppnt->p_offset); 1983 if (retval != eppnt->p_filesz) { 1984 goto exit_perror; 1985 } 1986 } 1987 if (interp_name[eppnt->p_filesz - 1] != 0) { 1988 errmsg = "Invalid PT_INTERP entry"; 1989 goto exit_errmsg; 1990 } 1991 *pinterp_name = interp_name; 1992 } 1993 } 1994 1995 if (info->end_data == 0) { 1996 info->start_data = info->end_code; 1997 info->end_data = info->end_code; 1998 info->brk = info->end_code; 1999 } 2000 2001 if (qemu_log_enabled()) { 2002 load_symbols(ehdr, image_fd, load_bias); 2003 } 2004 2005 close(image_fd); 2006 return; 2007 2008 exit_read: 2009 if (retval >= 0) { 2010 errmsg = "Incomplete read of file header"; 2011 goto exit_errmsg; 2012 } 2013 exit_perror: 2014 errmsg = strerror(errno); 2015 exit_errmsg: 2016 fprintf(stderr, "%s: %s\n", image_name, errmsg); 2017 exit(-1); 2018 } 2019 2020 static void load_elf_interp(const char *filename, struct image_info *info, 2021 char bprm_buf[BPRM_BUF_SIZE]) 2022 { 2023 int fd, retval; 2024 2025 fd = open(path(filename), O_RDONLY); 2026 if (fd < 0) { 2027 goto exit_perror; 2028 } 2029 2030 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 2031 if (retval < 0) { 2032 goto exit_perror; 2033 } 2034 if (retval < BPRM_BUF_SIZE) { 2035 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 2036 } 2037 2038 load_elf_image(filename, fd, info, NULL, bprm_buf); 2039 return; 2040 2041 exit_perror: 2042 fprintf(stderr, "%s: %s\n", filename, strerror(errno)); 2043 exit(-1); 2044 } 2045 2046 static int symfind(const void *s0, const void *s1) 2047 { 2048 target_ulong addr = *(target_ulong *)s0; 2049 struct elf_sym *sym = (struct elf_sym *)s1; 2050 int result = 0; 2051 if (addr < sym->st_value) { 2052 result = -1; 2053 } else if (addr >= sym->st_value + sym->st_size) { 2054 result = 1; 2055 } 2056 return result; 2057 } 2058 2059 static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 2060 { 2061 #if ELF_CLASS == ELFCLASS32 2062 struct elf_sym *syms = s->disas_symtab.elf32; 2063 #else 2064 struct elf_sym *syms = s->disas_symtab.elf64; 2065 #endif 2066 2067 // binary search 2068 struct elf_sym *sym; 2069 2070 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 2071 if (sym != NULL) { 2072 return s->disas_strtab + sym->st_name; 2073 } 2074 2075 return ""; 2076 } 2077 2078 /* FIXME: This should use elf_ops.h */ 2079 static int symcmp(const void *s0, const void *s1) 2080 { 2081 struct elf_sym *sym0 = (struct elf_sym *)s0; 2082 struct elf_sym *sym1 = (struct elf_sym *)s1; 2083 return (sym0->st_value < sym1->st_value) 2084 ? -1 2085 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 2086 } 2087 2088 /* Best attempt to load symbols from this ELF object. */ 2089 static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 2090 { 2091 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 2092 struct elf_shdr *shdr; 2093 char *strings = NULL; 2094 struct syminfo *s = NULL; 2095 struct elf_sym *new_syms, *syms = NULL; 2096 2097 shnum = hdr->e_shnum; 2098 i = shnum * sizeof(struct elf_shdr); 2099 shdr = (struct elf_shdr *)alloca(i); 2100 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 2101 return; 2102 } 2103 2104 bswap_shdr(shdr, shnum); 2105 for (i = 0; i < shnum; ++i) { 2106 if (shdr[i].sh_type == SHT_SYMTAB) { 2107 sym_idx = i; 2108 str_idx = shdr[i].sh_link; 2109 goto found; 2110 } 2111 } 2112 2113 /* There will be no symbol table if the file was stripped. */ 2114 return; 2115 2116 found: 2117 /* Now know where the strtab and symtab are. Snarf them. */ 2118 s = g_try_new(struct syminfo, 1); 2119 if (!s) { 2120 goto give_up; 2121 } 2122 2123 i = shdr[str_idx].sh_size; 2124 s->disas_strtab = strings = g_try_malloc(i); 2125 if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) { 2126 goto give_up; 2127 } 2128 2129 i = shdr[sym_idx].sh_size; 2130 syms = g_try_malloc(i); 2131 if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) { 2132 goto give_up; 2133 } 2134 2135 nsyms = i / sizeof(struct elf_sym); 2136 for (i = 0; i < nsyms; ) { 2137 bswap_sym(syms + i); 2138 /* Throw away entries which we do not need. */ 2139 if (syms[i].st_shndx == SHN_UNDEF 2140 || syms[i].st_shndx >= SHN_LORESERVE 2141 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 2142 if (i < --nsyms) { 2143 syms[i] = syms[nsyms]; 2144 } 2145 } else { 2146 #if defined(TARGET_ARM) || defined (TARGET_MIPS) 2147 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 2148 syms[i].st_value &= ~(target_ulong)1; 2149 #endif 2150 syms[i].st_value += load_bias; 2151 i++; 2152 } 2153 } 2154 2155 /* No "useful" symbol. */ 2156 if (nsyms == 0) { 2157 goto give_up; 2158 } 2159 2160 /* Attempt to free the storage associated with the local symbols 2161 that we threw away. Whether or not this has any effect on the 2162 memory allocation depends on the malloc implementation and how 2163 many symbols we managed to discard. */ 2164 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 2165 if (new_syms == NULL) { 2166 goto give_up; 2167 } 2168 syms = new_syms; 2169 2170 qsort(syms, nsyms, sizeof(*syms), symcmp); 2171 2172 s->disas_num_syms = nsyms; 2173 #if ELF_CLASS == ELFCLASS32 2174 s->disas_symtab.elf32 = syms; 2175 #else 2176 s->disas_symtab.elf64 = syms; 2177 #endif 2178 s->lookup_symbol = lookup_symbolxx; 2179 s->next = syminfos; 2180 syminfos = s; 2181 2182 return; 2183 2184 give_up: 2185 g_free(s); 2186 g_free(strings); 2187 g_free(syms); 2188 } 2189 2190 int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 2191 { 2192 struct image_info interp_info; 2193 struct elfhdr elf_ex; 2194 char *elf_interpreter = NULL; 2195 char *scratch; 2196 2197 info->start_mmap = (abi_ulong)ELF_START_MMAP; 2198 2199 load_elf_image(bprm->filename, bprm->fd, info, 2200 &elf_interpreter, bprm->buf); 2201 2202 /* ??? We need a copy of the elf header for passing to create_elf_tables. 2203 If we do nothing, we'll have overwritten this when we re-use bprm->buf 2204 when we load the interpreter. */ 2205 elf_ex = *(struct elfhdr *)bprm->buf; 2206 2207 /* Do this so that we can load the interpreter, if need be. We will 2208 change some of these later */ 2209 bprm->p = setup_arg_pages(bprm, info); 2210 2211 scratch = g_new0(char, TARGET_PAGE_SIZE); 2212 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 2213 bprm->p, info->stack_limit); 2214 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 2215 bprm->p, info->stack_limit); 2216 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 2217 bprm->p, info->stack_limit); 2218 g_free(scratch); 2219 2220 if (!bprm->p) { 2221 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 2222 exit(-1); 2223 } 2224 2225 if (elf_interpreter) { 2226 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 2227 2228 /* If the program interpreter is one of these two, then assume 2229 an iBCS2 image. Otherwise assume a native linux image. */ 2230 2231 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 2232 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 2233 info->personality = PER_SVR4; 2234 2235 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 2236 and some applications "depend" upon this behavior. Since 2237 we do not have the power to recompile these, we emulate 2238 the SVr4 behavior. Sigh. */ 2239 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 2240 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 2241 } 2242 } 2243 2244 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 2245 info, (elf_interpreter ? &interp_info : NULL)); 2246 info->start_stack = bprm->p; 2247 2248 /* If we have an interpreter, set that as the program's entry point. 2249 Copy the load_bias as well, to help PPC64 interpret the entry 2250 point as a function descriptor. Do this after creating elf tables 2251 so that we copy the original program entry point into the AUXV. */ 2252 if (elf_interpreter) { 2253 info->load_bias = interp_info.load_bias; 2254 info->entry = interp_info.entry; 2255 free(elf_interpreter); 2256 } 2257 2258 #ifdef USE_ELF_CORE_DUMP 2259 bprm->core_dump = &elf_core_dump; 2260 #endif 2261 2262 return 0; 2263 } 2264 2265 #ifdef USE_ELF_CORE_DUMP 2266 /* 2267 * Definitions to generate Intel SVR4-like core files. 2268 * These mostly have the same names as the SVR4 types with "target_elf_" 2269 * tacked on the front to prevent clashes with linux definitions, 2270 * and the typedef forms have been avoided. This is mostly like 2271 * the SVR4 structure, but more Linuxy, with things that Linux does 2272 * not support and which gdb doesn't really use excluded. 2273 * 2274 * Fields we don't dump (their contents is zero) in linux-user qemu 2275 * are marked with XXX. 2276 * 2277 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 2278 * 2279 * Porting ELF coredump for target is (quite) simple process. First you 2280 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 2281 * the target resides): 2282 * 2283 * #define USE_ELF_CORE_DUMP 2284 * 2285 * Next you define type of register set used for dumping. ELF specification 2286 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 2287 * 2288 * typedef <target_regtype> target_elf_greg_t; 2289 * #define ELF_NREG <number of registers> 2290 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 2291 * 2292 * Last step is to implement target specific function that copies registers 2293 * from given cpu into just specified register set. Prototype is: 2294 * 2295 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 2296 * const CPUArchState *env); 2297 * 2298 * Parameters: 2299 * regs - copy register values into here (allocated and zeroed by caller) 2300 * env - copy registers from here 2301 * 2302 * Example for ARM target is provided in this file. 2303 */ 2304 2305 /* An ELF note in memory */ 2306 struct memelfnote { 2307 const char *name; 2308 size_t namesz; 2309 size_t namesz_rounded; 2310 int type; 2311 size_t datasz; 2312 size_t datasz_rounded; 2313 void *data; 2314 size_t notesz; 2315 }; 2316 2317 struct target_elf_siginfo { 2318 abi_int si_signo; /* signal number */ 2319 abi_int si_code; /* extra code */ 2320 abi_int si_errno; /* errno */ 2321 }; 2322 2323 struct target_elf_prstatus { 2324 struct target_elf_siginfo pr_info; /* Info associated with signal */ 2325 abi_short pr_cursig; /* Current signal */ 2326 abi_ulong pr_sigpend; /* XXX */ 2327 abi_ulong pr_sighold; /* XXX */ 2328 target_pid_t pr_pid; 2329 target_pid_t pr_ppid; 2330 target_pid_t pr_pgrp; 2331 target_pid_t pr_sid; 2332 struct target_timeval pr_utime; /* XXX User time */ 2333 struct target_timeval pr_stime; /* XXX System time */ 2334 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 2335 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 2336 target_elf_gregset_t pr_reg; /* GP registers */ 2337 abi_int pr_fpvalid; /* XXX */ 2338 }; 2339 2340 #define ELF_PRARGSZ (80) /* Number of chars for args */ 2341 2342 struct target_elf_prpsinfo { 2343 char pr_state; /* numeric process state */ 2344 char pr_sname; /* char for pr_state */ 2345 char pr_zomb; /* zombie */ 2346 char pr_nice; /* nice val */ 2347 abi_ulong pr_flag; /* flags */ 2348 target_uid_t pr_uid; 2349 target_gid_t pr_gid; 2350 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 2351 /* Lots missing */ 2352 char pr_fname[16]; /* filename of executable */ 2353 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 2354 }; 2355 2356 /* Here is the structure in which status of each thread is captured. */ 2357 struct elf_thread_status { 2358 QTAILQ_ENTRY(elf_thread_status) ets_link; 2359 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 2360 #if 0 2361 elf_fpregset_t fpu; /* NT_PRFPREG */ 2362 struct task_struct *thread; 2363 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 2364 #endif 2365 struct memelfnote notes[1]; 2366 int num_notes; 2367 }; 2368 2369 struct elf_note_info { 2370 struct memelfnote *notes; 2371 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 2372 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 2373 2374 QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list; 2375 #if 0 2376 /* 2377 * Current version of ELF coredump doesn't support 2378 * dumping fp regs etc. 2379 */ 2380 elf_fpregset_t *fpu; 2381 elf_fpxregset_t *xfpu; 2382 int thread_status_size; 2383 #endif 2384 int notes_size; 2385 int numnote; 2386 }; 2387 2388 struct vm_area_struct { 2389 target_ulong vma_start; /* start vaddr of memory region */ 2390 target_ulong vma_end; /* end vaddr of memory region */ 2391 abi_ulong vma_flags; /* protection etc. flags for the region */ 2392 QTAILQ_ENTRY(vm_area_struct) vma_link; 2393 }; 2394 2395 struct mm_struct { 2396 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 2397 int mm_count; /* number of mappings */ 2398 }; 2399 2400 static struct mm_struct *vma_init(void); 2401 static void vma_delete(struct mm_struct *); 2402 static int vma_add_mapping(struct mm_struct *, target_ulong, 2403 target_ulong, abi_ulong); 2404 static int vma_get_mapping_count(const struct mm_struct *); 2405 static struct vm_area_struct *vma_first(const struct mm_struct *); 2406 static struct vm_area_struct *vma_next(struct vm_area_struct *); 2407 static abi_ulong vma_dump_size(const struct vm_area_struct *); 2408 static int vma_walker(void *priv, target_ulong start, target_ulong end, 2409 unsigned long flags); 2410 2411 static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 2412 static void fill_note(struct memelfnote *, const char *, int, 2413 unsigned int, void *); 2414 static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 2415 static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 2416 static void fill_auxv_note(struct memelfnote *, const TaskState *); 2417 static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 2418 static size_t note_size(const struct memelfnote *); 2419 static void free_note_info(struct elf_note_info *); 2420 static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 2421 static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 2422 static int core_dump_filename(const TaskState *, char *, size_t); 2423 2424 static int dump_write(int, const void *, size_t); 2425 static int write_note(struct memelfnote *, int); 2426 static int write_note_info(struct elf_note_info *, int); 2427 2428 #ifdef BSWAP_NEEDED 2429 static void bswap_prstatus(struct target_elf_prstatus *prstatus) 2430 { 2431 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 2432 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 2433 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 2434 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 2435 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 2436 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 2437 prstatus->pr_pid = tswap32(prstatus->pr_pid); 2438 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 2439 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 2440 prstatus->pr_sid = tswap32(prstatus->pr_sid); 2441 /* cpu times are not filled, so we skip them */ 2442 /* regs should be in correct format already */ 2443 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 2444 } 2445 2446 static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 2447 { 2448 psinfo->pr_flag = tswapal(psinfo->pr_flag); 2449 psinfo->pr_uid = tswap16(psinfo->pr_uid); 2450 psinfo->pr_gid = tswap16(psinfo->pr_gid); 2451 psinfo->pr_pid = tswap32(psinfo->pr_pid); 2452 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 2453 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 2454 psinfo->pr_sid = tswap32(psinfo->pr_sid); 2455 } 2456 2457 static void bswap_note(struct elf_note *en) 2458 { 2459 bswap32s(&en->n_namesz); 2460 bswap32s(&en->n_descsz); 2461 bswap32s(&en->n_type); 2462 } 2463 #else 2464 static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 2465 static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 2466 static inline void bswap_note(struct elf_note *en) { } 2467 #endif /* BSWAP_NEEDED */ 2468 2469 /* 2470 * Minimal support for linux memory regions. These are needed 2471 * when we are finding out what memory exactly belongs to 2472 * emulated process. No locks needed here, as long as 2473 * thread that received the signal is stopped. 2474 */ 2475 2476 static struct mm_struct *vma_init(void) 2477 { 2478 struct mm_struct *mm; 2479 2480 if ((mm = g_malloc(sizeof (*mm))) == NULL) 2481 return (NULL); 2482 2483 mm->mm_count = 0; 2484 QTAILQ_INIT(&mm->mm_mmap); 2485 2486 return (mm); 2487 } 2488 2489 static void vma_delete(struct mm_struct *mm) 2490 { 2491 struct vm_area_struct *vma; 2492 2493 while ((vma = vma_first(mm)) != NULL) { 2494 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 2495 g_free(vma); 2496 } 2497 g_free(mm); 2498 } 2499 2500 static int vma_add_mapping(struct mm_struct *mm, target_ulong start, 2501 target_ulong end, abi_ulong flags) 2502 { 2503 struct vm_area_struct *vma; 2504 2505 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 2506 return (-1); 2507 2508 vma->vma_start = start; 2509 vma->vma_end = end; 2510 vma->vma_flags = flags; 2511 2512 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 2513 mm->mm_count++; 2514 2515 return (0); 2516 } 2517 2518 static struct vm_area_struct *vma_first(const struct mm_struct *mm) 2519 { 2520 return (QTAILQ_FIRST(&mm->mm_mmap)); 2521 } 2522 2523 static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 2524 { 2525 return (QTAILQ_NEXT(vma, vma_link)); 2526 } 2527 2528 static int vma_get_mapping_count(const struct mm_struct *mm) 2529 { 2530 return (mm->mm_count); 2531 } 2532 2533 /* 2534 * Calculate file (dump) size of given memory region. 2535 */ 2536 static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 2537 { 2538 /* if we cannot even read the first page, skip it */ 2539 if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 2540 return (0); 2541 2542 /* 2543 * Usually we don't dump executable pages as they contain 2544 * non-writable code that debugger can read directly from 2545 * target library etc. However, thread stacks are marked 2546 * also executable so we read in first page of given region 2547 * and check whether it contains elf header. If there is 2548 * no elf header, we dump it. 2549 */ 2550 if (vma->vma_flags & PROT_EXEC) { 2551 char page[TARGET_PAGE_SIZE]; 2552 2553 copy_from_user(page, vma->vma_start, sizeof (page)); 2554 if ((page[EI_MAG0] == ELFMAG0) && 2555 (page[EI_MAG1] == ELFMAG1) && 2556 (page[EI_MAG2] == ELFMAG2) && 2557 (page[EI_MAG3] == ELFMAG3)) { 2558 /* 2559 * Mappings are possibly from ELF binary. Don't dump 2560 * them. 2561 */ 2562 return (0); 2563 } 2564 } 2565 2566 return (vma->vma_end - vma->vma_start); 2567 } 2568 2569 static int vma_walker(void *priv, target_ulong start, target_ulong end, 2570 unsigned long flags) 2571 { 2572 struct mm_struct *mm = (struct mm_struct *)priv; 2573 2574 vma_add_mapping(mm, start, end, flags); 2575 return (0); 2576 } 2577 2578 static void fill_note(struct memelfnote *note, const char *name, int type, 2579 unsigned int sz, void *data) 2580 { 2581 unsigned int namesz; 2582 2583 namesz = strlen(name) + 1; 2584 note->name = name; 2585 note->namesz = namesz; 2586 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 2587 note->type = type; 2588 note->datasz = sz; 2589 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 2590 2591 note->data = data; 2592 2593 /* 2594 * We calculate rounded up note size here as specified by 2595 * ELF document. 2596 */ 2597 note->notesz = sizeof (struct elf_note) + 2598 note->namesz_rounded + note->datasz_rounded; 2599 } 2600 2601 static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 2602 uint32_t flags) 2603 { 2604 (void) memset(elf, 0, sizeof(*elf)); 2605 2606 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 2607 elf->e_ident[EI_CLASS] = ELF_CLASS; 2608 elf->e_ident[EI_DATA] = ELF_DATA; 2609 elf->e_ident[EI_VERSION] = EV_CURRENT; 2610 elf->e_ident[EI_OSABI] = ELF_OSABI; 2611 2612 elf->e_type = ET_CORE; 2613 elf->e_machine = machine; 2614 elf->e_version = EV_CURRENT; 2615 elf->e_phoff = sizeof(struct elfhdr); 2616 elf->e_flags = flags; 2617 elf->e_ehsize = sizeof(struct elfhdr); 2618 elf->e_phentsize = sizeof(struct elf_phdr); 2619 elf->e_phnum = segs; 2620 2621 bswap_ehdr(elf); 2622 } 2623 2624 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 2625 { 2626 phdr->p_type = PT_NOTE; 2627 phdr->p_offset = offset; 2628 phdr->p_vaddr = 0; 2629 phdr->p_paddr = 0; 2630 phdr->p_filesz = sz; 2631 phdr->p_memsz = 0; 2632 phdr->p_flags = 0; 2633 phdr->p_align = 0; 2634 2635 bswap_phdr(phdr, 1); 2636 } 2637 2638 static size_t note_size(const struct memelfnote *note) 2639 { 2640 return (note->notesz); 2641 } 2642 2643 static void fill_prstatus(struct target_elf_prstatus *prstatus, 2644 const TaskState *ts, int signr) 2645 { 2646 (void) memset(prstatus, 0, sizeof (*prstatus)); 2647 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 2648 prstatus->pr_pid = ts->ts_tid; 2649 prstatus->pr_ppid = getppid(); 2650 prstatus->pr_pgrp = getpgrp(); 2651 prstatus->pr_sid = getsid(0); 2652 2653 bswap_prstatus(prstatus); 2654 } 2655 2656 static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 2657 { 2658 char *base_filename; 2659 unsigned int i, len; 2660 2661 (void) memset(psinfo, 0, sizeof (*psinfo)); 2662 2663 len = ts->info->arg_end - ts->info->arg_start; 2664 if (len >= ELF_PRARGSZ) 2665 len = ELF_PRARGSZ - 1; 2666 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len)) 2667 return -EFAULT; 2668 for (i = 0; i < len; i++) 2669 if (psinfo->pr_psargs[i] == 0) 2670 psinfo->pr_psargs[i] = ' '; 2671 psinfo->pr_psargs[len] = 0; 2672 2673 psinfo->pr_pid = getpid(); 2674 psinfo->pr_ppid = getppid(); 2675 psinfo->pr_pgrp = getpgrp(); 2676 psinfo->pr_sid = getsid(0); 2677 psinfo->pr_uid = getuid(); 2678 psinfo->pr_gid = getgid(); 2679 2680 base_filename = g_path_get_basename(ts->bprm->filename); 2681 /* 2682 * Using strncpy here is fine: at max-length, 2683 * this field is not NUL-terminated. 2684 */ 2685 (void) strncpy(psinfo->pr_fname, base_filename, 2686 sizeof(psinfo->pr_fname)); 2687 2688 g_free(base_filename); 2689 bswap_psinfo(psinfo); 2690 return (0); 2691 } 2692 2693 static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 2694 { 2695 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 2696 elf_addr_t orig_auxv = auxv; 2697 void *ptr; 2698 int len = ts->info->auxv_len; 2699 2700 /* 2701 * Auxiliary vector is stored in target process stack. It contains 2702 * {type, value} pairs that we need to dump into note. This is not 2703 * strictly necessary but we do it here for sake of completeness. 2704 */ 2705 2706 /* read in whole auxv vector and copy it to memelfnote */ 2707 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 2708 if (ptr != NULL) { 2709 fill_note(note, "CORE", NT_AUXV, len, ptr); 2710 unlock_user(ptr, auxv, len); 2711 } 2712 } 2713 2714 /* 2715 * Constructs name of coredump file. We have following convention 2716 * for the name: 2717 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 2718 * 2719 * Returns 0 in case of success, -1 otherwise (errno is set). 2720 */ 2721 static int core_dump_filename(const TaskState *ts, char *buf, 2722 size_t bufsize) 2723 { 2724 char timestamp[64]; 2725 char *base_filename = NULL; 2726 struct timeval tv; 2727 struct tm tm; 2728 2729 assert(bufsize >= PATH_MAX); 2730 2731 if (gettimeofday(&tv, NULL) < 0) { 2732 (void) fprintf(stderr, "unable to get current timestamp: %s", 2733 strerror(errno)); 2734 return (-1); 2735 } 2736 2737 base_filename = g_path_get_basename(ts->bprm->filename); 2738 (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S", 2739 localtime_r(&tv.tv_sec, &tm)); 2740 (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core", 2741 base_filename, timestamp, (int)getpid()); 2742 g_free(base_filename); 2743 2744 return (0); 2745 } 2746 2747 static int dump_write(int fd, const void *ptr, size_t size) 2748 { 2749 const char *bufp = (const char *)ptr; 2750 ssize_t bytes_written, bytes_left; 2751 struct rlimit dumpsize; 2752 off_t pos; 2753 2754 bytes_written = 0; 2755 getrlimit(RLIMIT_CORE, &dumpsize); 2756 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 2757 if (errno == ESPIPE) { /* not a seekable stream */ 2758 bytes_left = size; 2759 } else { 2760 return pos; 2761 } 2762 } else { 2763 if (dumpsize.rlim_cur <= pos) { 2764 return -1; 2765 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 2766 bytes_left = size; 2767 } else { 2768 size_t limit_left=dumpsize.rlim_cur - pos; 2769 bytes_left = limit_left >= size ? size : limit_left ; 2770 } 2771 } 2772 2773 /* 2774 * In normal conditions, single write(2) should do but 2775 * in case of socket etc. this mechanism is more portable. 2776 */ 2777 do { 2778 bytes_written = write(fd, bufp, bytes_left); 2779 if (bytes_written < 0) { 2780 if (errno == EINTR) 2781 continue; 2782 return (-1); 2783 } else if (bytes_written == 0) { /* eof */ 2784 return (-1); 2785 } 2786 bufp += bytes_written; 2787 bytes_left -= bytes_written; 2788 } while (bytes_left > 0); 2789 2790 return (0); 2791 } 2792 2793 static int write_note(struct memelfnote *men, int fd) 2794 { 2795 struct elf_note en; 2796 2797 en.n_namesz = men->namesz; 2798 en.n_type = men->type; 2799 en.n_descsz = men->datasz; 2800 2801 bswap_note(&en); 2802 2803 if (dump_write(fd, &en, sizeof(en)) != 0) 2804 return (-1); 2805 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 2806 return (-1); 2807 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 2808 return (-1); 2809 2810 return (0); 2811 } 2812 2813 static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 2814 { 2815 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2816 TaskState *ts = (TaskState *)cpu->opaque; 2817 struct elf_thread_status *ets; 2818 2819 ets = g_malloc0(sizeof (*ets)); 2820 ets->num_notes = 1; /* only prstatus is dumped */ 2821 fill_prstatus(&ets->prstatus, ts, 0); 2822 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 2823 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 2824 &ets->prstatus); 2825 2826 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 2827 2828 info->notes_size += note_size(&ets->notes[0]); 2829 } 2830 2831 static void init_note_info(struct elf_note_info *info) 2832 { 2833 /* Initialize the elf_note_info structure so that it is at 2834 * least safe to call free_note_info() on it. Must be 2835 * called before calling fill_note_info(). 2836 */ 2837 memset(info, 0, sizeof (*info)); 2838 QTAILQ_INIT(&info->thread_list); 2839 } 2840 2841 static int fill_note_info(struct elf_note_info *info, 2842 long signr, const CPUArchState *env) 2843 { 2844 #define NUMNOTES 3 2845 CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2846 TaskState *ts = (TaskState *)cpu->opaque; 2847 int i; 2848 2849 info->notes = g_new0(struct memelfnote, NUMNOTES); 2850 if (info->notes == NULL) 2851 return (-ENOMEM); 2852 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 2853 if (info->prstatus == NULL) 2854 return (-ENOMEM); 2855 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 2856 if (info->prstatus == NULL) 2857 return (-ENOMEM); 2858 2859 /* 2860 * First fill in status (and registers) of current thread 2861 * including process info & aux vector. 2862 */ 2863 fill_prstatus(info->prstatus, ts, signr); 2864 elf_core_copy_regs(&info->prstatus->pr_reg, env); 2865 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 2866 sizeof (*info->prstatus), info->prstatus); 2867 fill_psinfo(info->psinfo, ts); 2868 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 2869 sizeof (*info->psinfo), info->psinfo); 2870 fill_auxv_note(&info->notes[2], ts); 2871 info->numnote = 3; 2872 2873 info->notes_size = 0; 2874 for (i = 0; i < info->numnote; i++) 2875 info->notes_size += note_size(&info->notes[i]); 2876 2877 /* read and fill status of all threads */ 2878 cpu_list_lock(); 2879 CPU_FOREACH(cpu) { 2880 if (cpu == thread_cpu) { 2881 continue; 2882 } 2883 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 2884 } 2885 cpu_list_unlock(); 2886 2887 return (0); 2888 } 2889 2890 static void free_note_info(struct elf_note_info *info) 2891 { 2892 struct elf_thread_status *ets; 2893 2894 while (!QTAILQ_EMPTY(&info->thread_list)) { 2895 ets = QTAILQ_FIRST(&info->thread_list); 2896 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 2897 g_free(ets); 2898 } 2899 2900 g_free(info->prstatus); 2901 g_free(info->psinfo); 2902 g_free(info->notes); 2903 } 2904 2905 static int write_note_info(struct elf_note_info *info, int fd) 2906 { 2907 struct elf_thread_status *ets; 2908 int i, error = 0; 2909 2910 /* write prstatus, psinfo and auxv for current thread */ 2911 for (i = 0; i < info->numnote; i++) 2912 if ((error = write_note(&info->notes[i], fd)) != 0) 2913 return (error); 2914 2915 /* write prstatus for each thread */ 2916 QTAILQ_FOREACH(ets, &info->thread_list, ets_link) { 2917 if ((error = write_note(&ets->notes[0], fd)) != 0) 2918 return (error); 2919 } 2920 2921 return (0); 2922 } 2923 2924 /* 2925 * Write out ELF coredump. 2926 * 2927 * See documentation of ELF object file format in: 2928 * http://www.caldera.com/developers/devspecs/gabi41.pdf 2929 * 2930 * Coredump format in linux is following: 2931 * 2932 * 0 +----------------------+ \ 2933 * | ELF header | ET_CORE | 2934 * +----------------------+ | 2935 * | ELF program headers | |--- headers 2936 * | - NOTE section | | 2937 * | - PT_LOAD sections | | 2938 * +----------------------+ / 2939 * | NOTEs: | 2940 * | - NT_PRSTATUS | 2941 * | - NT_PRSINFO | 2942 * | - NT_AUXV | 2943 * +----------------------+ <-- aligned to target page 2944 * | Process memory dump | 2945 * : : 2946 * . . 2947 * : : 2948 * | | 2949 * +----------------------+ 2950 * 2951 * NT_PRSTATUS -> struct elf_prstatus (per thread) 2952 * NT_PRSINFO -> struct elf_prpsinfo 2953 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 2954 * 2955 * Format follows System V format as close as possible. Current 2956 * version limitations are as follows: 2957 * - no floating point registers are dumped 2958 * 2959 * Function returns 0 in case of success, negative errno otherwise. 2960 * 2961 * TODO: make this work also during runtime: it should be 2962 * possible to force coredump from running process and then 2963 * continue processing. For example qemu could set up SIGUSR2 2964 * handler (provided that target process haven't registered 2965 * handler for that) that does the dump when signal is received. 2966 */ 2967 static int elf_core_dump(int signr, const CPUArchState *env) 2968 { 2969 const CPUState *cpu = ENV_GET_CPU((CPUArchState *)env); 2970 const TaskState *ts = (const TaskState *)cpu->opaque; 2971 struct vm_area_struct *vma = NULL; 2972 char corefile[PATH_MAX]; 2973 struct elf_note_info info; 2974 struct elfhdr elf; 2975 struct elf_phdr phdr; 2976 struct rlimit dumpsize; 2977 struct mm_struct *mm = NULL; 2978 off_t offset = 0, data_offset = 0; 2979 int segs = 0; 2980 int fd = -1; 2981 2982 init_note_info(&info); 2983 2984 errno = 0; 2985 getrlimit(RLIMIT_CORE, &dumpsize); 2986 if (dumpsize.rlim_cur == 0) 2987 return 0; 2988 2989 if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0) 2990 return (-errno); 2991 2992 if ((fd = open(corefile, O_WRONLY | O_CREAT, 2993 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 2994 return (-errno); 2995 2996 /* 2997 * Walk through target process memory mappings and 2998 * set up structure containing this information. After 2999 * this point vma_xxx functions can be used. 3000 */ 3001 if ((mm = vma_init()) == NULL) 3002 goto out; 3003 3004 walk_memory_regions(mm, vma_walker); 3005 segs = vma_get_mapping_count(mm); 3006 3007 /* 3008 * Construct valid coredump ELF header. We also 3009 * add one more segment for notes. 3010 */ 3011 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 3012 if (dump_write(fd, &elf, sizeof (elf)) != 0) 3013 goto out; 3014 3015 /* fill in the in-memory version of notes */ 3016 if (fill_note_info(&info, signr, env) < 0) 3017 goto out; 3018 3019 offset += sizeof (elf); /* elf header */ 3020 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 3021 3022 /* write out notes program header */ 3023 fill_elf_note_phdr(&phdr, info.notes_size, offset); 3024 3025 offset += info.notes_size; 3026 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 3027 goto out; 3028 3029 /* 3030 * ELF specification wants data to start at page boundary so 3031 * we align it here. 3032 */ 3033 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 3034 3035 /* 3036 * Write program headers for memory regions mapped in 3037 * the target process. 3038 */ 3039 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3040 (void) memset(&phdr, 0, sizeof (phdr)); 3041 3042 phdr.p_type = PT_LOAD; 3043 phdr.p_offset = offset; 3044 phdr.p_vaddr = vma->vma_start; 3045 phdr.p_paddr = 0; 3046 phdr.p_filesz = vma_dump_size(vma); 3047 offset += phdr.p_filesz; 3048 phdr.p_memsz = vma->vma_end - vma->vma_start; 3049 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 3050 if (vma->vma_flags & PROT_WRITE) 3051 phdr.p_flags |= PF_W; 3052 if (vma->vma_flags & PROT_EXEC) 3053 phdr.p_flags |= PF_X; 3054 phdr.p_align = ELF_EXEC_PAGESIZE; 3055 3056 bswap_phdr(&phdr, 1); 3057 if (dump_write(fd, &phdr, sizeof(phdr)) != 0) { 3058 goto out; 3059 } 3060 } 3061 3062 /* 3063 * Next we write notes just after program headers. No 3064 * alignment needed here. 3065 */ 3066 if (write_note_info(&info, fd) < 0) 3067 goto out; 3068 3069 /* align data to page boundary */ 3070 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 3071 goto out; 3072 3073 /* 3074 * Finally we can dump process memory into corefile as well. 3075 */ 3076 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 3077 abi_ulong addr; 3078 abi_ulong end; 3079 3080 end = vma->vma_start + vma_dump_size(vma); 3081 3082 for (addr = vma->vma_start; addr < end; 3083 addr += TARGET_PAGE_SIZE) { 3084 char page[TARGET_PAGE_SIZE]; 3085 int error; 3086 3087 /* 3088 * Read in page from target process memory and 3089 * write it to coredump file. 3090 */ 3091 error = copy_from_user(page, addr, sizeof (page)); 3092 if (error != 0) { 3093 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 3094 addr); 3095 errno = -error; 3096 goto out; 3097 } 3098 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 3099 goto out; 3100 } 3101 } 3102 3103 out: 3104 free_note_info(&info); 3105 if (mm != NULL) 3106 vma_delete(mm); 3107 (void) close(fd); 3108 3109 if (errno != 0) 3110 return (-errno); 3111 return (0); 3112 } 3113 #endif /* USE_ELF_CORE_DUMP */ 3114 3115 void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 3116 { 3117 init_thread(regs, infop); 3118 } 3119