elfload.c (129736B)
1/* This is the Linux kernel elf-loading code, ported into user space */ 2#include "qemu/osdep.h" 3#include <sys/param.h> 4 5#include <sys/resource.h> 6#include <sys/shm.h> 7 8#include "qemu.h" 9#include "user-internals.h" 10#include "signal-common.h" 11#include "loader.h" 12#include "user-mmap.h" 13#include "disas/disas.h" 14#include "qemu/bitops.h" 15#include "qemu/path.h" 16#include "qemu/queue.h" 17#include "qemu/guest-random.h" 18#include "qemu/units.h" 19#include "qemu/selfmap.h" 20#include "qapi/error.h" 21#include "target_signal.h" 22 23#ifdef _ARCH_PPC64 24#undef ARCH_DLINFO 25#undef ELF_PLATFORM 26#undef ELF_HWCAP 27#undef ELF_HWCAP2 28#undef ELF_CLASS 29#undef ELF_DATA 30#undef ELF_ARCH 31#endif 32 33#define ELF_OSABI ELFOSABI_SYSV 34 35/* from personality.h */ 36 37/* 38 * Flags for bug emulation. 39 * 40 * These occupy the top three bytes. 41 */ 42enum { 43 ADDR_NO_RANDOMIZE = 0x0040000, /* disable randomization of VA space */ 44 FDPIC_FUNCPTRS = 0x0080000, /* userspace function ptrs point to 45 descriptors (signal handling) */ 46 MMAP_PAGE_ZERO = 0x0100000, 47 ADDR_COMPAT_LAYOUT = 0x0200000, 48 READ_IMPLIES_EXEC = 0x0400000, 49 ADDR_LIMIT_32BIT = 0x0800000, 50 SHORT_INODE = 0x1000000, 51 WHOLE_SECONDS = 0x2000000, 52 STICKY_TIMEOUTS = 0x4000000, 53 ADDR_LIMIT_3GB = 0x8000000, 54}; 55 56/* 57 * Personality types. 58 * 59 * These go in the low byte. Avoid using the top bit, it will 60 * conflict with error returns. 61 */ 62enum { 63 PER_LINUX = 0x0000, 64 PER_LINUX_32BIT = 0x0000 | ADDR_LIMIT_32BIT, 65 PER_LINUX_FDPIC = 0x0000 | FDPIC_FUNCPTRS, 66 PER_SVR4 = 0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 67 PER_SVR3 = 0x0002 | STICKY_TIMEOUTS | SHORT_INODE, 68 PER_SCOSVR3 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE, 69 PER_OSR5 = 0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS, 70 PER_WYSEV386 = 0x0004 | STICKY_TIMEOUTS | SHORT_INODE, 71 PER_ISCR4 = 0x0005 | STICKY_TIMEOUTS, 72 PER_BSD = 0x0006, 73 PER_SUNOS = 0x0006 | STICKY_TIMEOUTS, 74 PER_XENIX = 0x0007 | STICKY_TIMEOUTS | SHORT_INODE, 75 PER_LINUX32 = 0x0008, 76 PER_LINUX32_3GB = 0x0008 | ADDR_LIMIT_3GB, 77 PER_IRIX32 = 0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */ 78 PER_IRIXN32 = 0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */ 79 PER_IRIX64 = 0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */ 80 PER_RISCOS = 0x000c, 81 PER_SOLARIS = 0x000d | STICKY_TIMEOUTS, 82 PER_UW7 = 0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO, 83 PER_OSF4 = 0x000f, /* OSF/1 v4 */ 84 PER_HPUX = 0x0010, 85 PER_MASK = 0x00ff, 86}; 87 88/* 89 * Return the base personality without flags. 90 */ 91#define personality(pers) (pers & PER_MASK) 92 93int info_is_fdpic(struct image_info *info) 94{ 95 return info->personality == PER_LINUX_FDPIC; 96} 97 98/* this flag is uneffective under linux too, should be deleted */ 99#ifndef MAP_DENYWRITE 100#define MAP_DENYWRITE 0 101#endif 102 103/* should probably go in elf.h */ 104#ifndef ELIBBAD 105#define ELIBBAD 80 106#endif 107 108#ifdef TARGET_WORDS_BIGENDIAN 109#define ELF_DATA ELFDATA2MSB 110#else 111#define ELF_DATA ELFDATA2LSB 112#endif 113 114#ifdef TARGET_ABI_MIPSN32 115typedef abi_ullong target_elf_greg_t; 116#define tswapreg(ptr) tswap64(ptr) 117#else 118typedef abi_ulong target_elf_greg_t; 119#define tswapreg(ptr) tswapal(ptr) 120#endif 121 122#ifdef USE_UID16 123typedef abi_ushort target_uid_t; 124typedef abi_ushort target_gid_t; 125#else 126typedef abi_uint target_uid_t; 127typedef abi_uint target_gid_t; 128#endif 129typedef abi_int target_pid_t; 130 131#ifdef TARGET_I386 132 133#define ELF_PLATFORM get_elf_platform() 134 135static const char *get_elf_platform(void) 136{ 137 static char elf_platform[] = "i386"; 138 int family = object_property_get_int(OBJECT(thread_cpu), "family", NULL); 139 if (family > 6) 140 family = 6; 141 if (family >= 3) 142 elf_platform[1] = '0' + family; 143 return elf_platform; 144} 145 146#define ELF_HWCAP get_elf_hwcap() 147 148static uint32_t get_elf_hwcap(void) 149{ 150 X86CPU *cpu = X86_CPU(thread_cpu); 151 152 return cpu->env.features[FEAT_1_EDX]; 153} 154 155#ifdef TARGET_X86_64 156#define ELF_START_MMAP 0x2aaaaab000ULL 157 158#define ELF_CLASS ELFCLASS64 159#define ELF_ARCH EM_X86_64 160 161static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 162{ 163 regs->rax = 0; 164 regs->rsp = infop->start_stack; 165 regs->rip = infop->entry; 166} 167 168#define ELF_NREG 27 169typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 170 171/* 172 * Note that ELF_NREG should be 29 as there should be place for 173 * TRAPNO and ERR "registers" as well but linux doesn't dump 174 * those. 175 * 176 * See linux kernel: arch/x86/include/asm/elf.h 177 */ 178static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 179{ 180 (*regs)[0] = tswapreg(env->regs[15]); 181 (*regs)[1] = tswapreg(env->regs[14]); 182 (*regs)[2] = tswapreg(env->regs[13]); 183 (*regs)[3] = tswapreg(env->regs[12]); 184 (*regs)[4] = tswapreg(env->regs[R_EBP]); 185 (*regs)[5] = tswapreg(env->regs[R_EBX]); 186 (*regs)[6] = tswapreg(env->regs[11]); 187 (*regs)[7] = tswapreg(env->regs[10]); 188 (*regs)[8] = tswapreg(env->regs[9]); 189 (*regs)[9] = tswapreg(env->regs[8]); 190 (*regs)[10] = tswapreg(env->regs[R_EAX]); 191 (*regs)[11] = tswapreg(env->regs[R_ECX]); 192 (*regs)[12] = tswapreg(env->regs[R_EDX]); 193 (*regs)[13] = tswapreg(env->regs[R_ESI]); 194 (*regs)[14] = tswapreg(env->regs[R_EDI]); 195 (*regs)[15] = tswapreg(env->regs[R_EAX]); /* XXX */ 196 (*regs)[16] = tswapreg(env->eip); 197 (*regs)[17] = tswapreg(env->segs[R_CS].selector & 0xffff); 198 (*regs)[18] = tswapreg(env->eflags); 199 (*regs)[19] = tswapreg(env->regs[R_ESP]); 200 (*regs)[20] = tswapreg(env->segs[R_SS].selector & 0xffff); 201 (*regs)[21] = tswapreg(env->segs[R_FS].selector & 0xffff); 202 (*regs)[22] = tswapreg(env->segs[R_GS].selector & 0xffff); 203 (*regs)[23] = tswapreg(env->segs[R_DS].selector & 0xffff); 204 (*regs)[24] = tswapreg(env->segs[R_ES].selector & 0xffff); 205 (*regs)[25] = tswapreg(env->segs[R_FS].selector & 0xffff); 206 (*regs)[26] = tswapreg(env->segs[R_GS].selector & 0xffff); 207} 208 209#else 210 211#define ELF_START_MMAP 0x80000000 212 213/* 214 * This is used to ensure we don't load something for the wrong architecture. 215 */ 216#define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) ) 217 218/* 219 * These are used to set parameters in the core dumps. 220 */ 221#define ELF_CLASS ELFCLASS32 222#define ELF_ARCH EM_386 223 224static inline void init_thread(struct target_pt_regs *regs, 225 struct image_info *infop) 226{ 227 regs->esp = infop->start_stack; 228 regs->eip = infop->entry; 229 230 /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program 231 starts %edx contains a pointer to a function which might be 232 registered using `atexit'. This provides a mean for the 233 dynamic linker to call DT_FINI functions for shared libraries 234 that have been loaded before the code runs. 235 236 A value of 0 tells we have no such handler. */ 237 regs->edx = 0; 238} 239 240#define ELF_NREG 17 241typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 242 243/* 244 * Note that ELF_NREG should be 19 as there should be place for 245 * TRAPNO and ERR "registers" as well but linux doesn't dump 246 * those. 247 * 248 * See linux kernel: arch/x86/include/asm/elf.h 249 */ 250static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUX86State *env) 251{ 252 (*regs)[0] = tswapreg(env->regs[R_EBX]); 253 (*regs)[1] = tswapreg(env->regs[R_ECX]); 254 (*regs)[2] = tswapreg(env->regs[R_EDX]); 255 (*regs)[3] = tswapreg(env->regs[R_ESI]); 256 (*regs)[4] = tswapreg(env->regs[R_EDI]); 257 (*regs)[5] = tswapreg(env->regs[R_EBP]); 258 (*regs)[6] = tswapreg(env->regs[R_EAX]); 259 (*regs)[7] = tswapreg(env->segs[R_DS].selector & 0xffff); 260 (*regs)[8] = tswapreg(env->segs[R_ES].selector & 0xffff); 261 (*regs)[9] = tswapreg(env->segs[R_FS].selector & 0xffff); 262 (*regs)[10] = tswapreg(env->segs[R_GS].selector & 0xffff); 263 (*regs)[11] = tswapreg(env->regs[R_EAX]); /* XXX */ 264 (*regs)[12] = tswapreg(env->eip); 265 (*regs)[13] = tswapreg(env->segs[R_CS].selector & 0xffff); 266 (*regs)[14] = tswapreg(env->eflags); 267 (*regs)[15] = tswapreg(env->regs[R_ESP]); 268 (*regs)[16] = tswapreg(env->segs[R_SS].selector & 0xffff); 269} 270#endif 271 272#define USE_ELF_CORE_DUMP 273#define ELF_EXEC_PAGESIZE 4096 274 275#endif 276 277#ifdef TARGET_ARM 278 279#ifndef TARGET_AARCH64 280/* 32 bit ARM definitions */ 281 282#define ELF_START_MMAP 0x80000000 283 284#define ELF_ARCH EM_ARM 285#define ELF_CLASS ELFCLASS32 286 287static inline void init_thread(struct target_pt_regs *regs, 288 struct image_info *infop) 289{ 290 abi_long stack = infop->start_stack; 291 memset(regs, 0, sizeof(*regs)); 292 293 regs->uregs[16] = ARM_CPU_MODE_USR; 294 if (infop->entry & 1) { 295 regs->uregs[16] |= CPSR_T; 296 } 297 regs->uregs[15] = infop->entry & 0xfffffffe; 298 regs->uregs[13] = infop->start_stack; 299 /* FIXME - what to for failure of get_user()? */ 300 get_user_ual(regs->uregs[2], stack + 8); /* envp */ 301 get_user_ual(regs->uregs[1], stack + 4); /* envp */ 302 /* XXX: it seems that r0 is zeroed after ! */ 303 regs->uregs[0] = 0; 304 /* For uClinux PIC binaries. */ 305 /* XXX: Linux does this only on ARM with no MMU (do we care ?) */ 306 regs->uregs[10] = infop->start_data; 307 308 /* Support ARM FDPIC. */ 309 if (info_is_fdpic(infop)) { 310 /* As described in the ABI document, r7 points to the loadmap info 311 * prepared by the kernel. If an interpreter is needed, r8 points 312 * to the interpreter loadmap and r9 points to the interpreter 313 * PT_DYNAMIC info. If no interpreter is needed, r8 is zero, and 314 * r9 points to the main program PT_DYNAMIC info. 315 */ 316 regs->uregs[7] = infop->loadmap_addr; 317 if (infop->interpreter_loadmap_addr) { 318 /* Executable is dynamically loaded. */ 319 regs->uregs[8] = infop->interpreter_loadmap_addr; 320 regs->uregs[9] = infop->interpreter_pt_dynamic_addr; 321 } else { 322 regs->uregs[8] = 0; 323 regs->uregs[9] = infop->pt_dynamic_addr; 324 } 325 } 326} 327 328#define ELF_NREG 18 329typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 330 331static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUARMState *env) 332{ 333 (*regs)[0] = tswapreg(env->regs[0]); 334 (*regs)[1] = tswapreg(env->regs[1]); 335 (*regs)[2] = tswapreg(env->regs[2]); 336 (*regs)[3] = tswapreg(env->regs[3]); 337 (*regs)[4] = tswapreg(env->regs[4]); 338 (*regs)[5] = tswapreg(env->regs[5]); 339 (*regs)[6] = tswapreg(env->regs[6]); 340 (*regs)[7] = tswapreg(env->regs[7]); 341 (*regs)[8] = tswapreg(env->regs[8]); 342 (*regs)[9] = tswapreg(env->regs[9]); 343 (*regs)[10] = tswapreg(env->regs[10]); 344 (*regs)[11] = tswapreg(env->regs[11]); 345 (*regs)[12] = tswapreg(env->regs[12]); 346 (*regs)[13] = tswapreg(env->regs[13]); 347 (*regs)[14] = tswapreg(env->regs[14]); 348 (*regs)[15] = tswapreg(env->regs[15]); 349 350 (*regs)[16] = tswapreg(cpsr_read((CPUARMState *)env)); 351 (*regs)[17] = tswapreg(env->regs[0]); /* XXX */ 352} 353 354#define USE_ELF_CORE_DUMP 355#define ELF_EXEC_PAGESIZE 4096 356 357enum 358{ 359 ARM_HWCAP_ARM_SWP = 1 << 0, 360 ARM_HWCAP_ARM_HALF = 1 << 1, 361 ARM_HWCAP_ARM_THUMB = 1 << 2, 362 ARM_HWCAP_ARM_26BIT = 1 << 3, 363 ARM_HWCAP_ARM_FAST_MULT = 1 << 4, 364 ARM_HWCAP_ARM_FPA = 1 << 5, 365 ARM_HWCAP_ARM_VFP = 1 << 6, 366 ARM_HWCAP_ARM_EDSP = 1 << 7, 367 ARM_HWCAP_ARM_JAVA = 1 << 8, 368 ARM_HWCAP_ARM_IWMMXT = 1 << 9, 369 ARM_HWCAP_ARM_CRUNCH = 1 << 10, 370 ARM_HWCAP_ARM_THUMBEE = 1 << 11, 371 ARM_HWCAP_ARM_NEON = 1 << 12, 372 ARM_HWCAP_ARM_VFPv3 = 1 << 13, 373 ARM_HWCAP_ARM_VFPv3D16 = 1 << 14, 374 ARM_HWCAP_ARM_TLS = 1 << 15, 375 ARM_HWCAP_ARM_VFPv4 = 1 << 16, 376 ARM_HWCAP_ARM_IDIVA = 1 << 17, 377 ARM_HWCAP_ARM_IDIVT = 1 << 18, 378 ARM_HWCAP_ARM_VFPD32 = 1 << 19, 379 ARM_HWCAP_ARM_LPAE = 1 << 20, 380 ARM_HWCAP_ARM_EVTSTRM = 1 << 21, 381}; 382 383enum { 384 ARM_HWCAP2_ARM_AES = 1 << 0, 385 ARM_HWCAP2_ARM_PMULL = 1 << 1, 386 ARM_HWCAP2_ARM_SHA1 = 1 << 2, 387 ARM_HWCAP2_ARM_SHA2 = 1 << 3, 388 ARM_HWCAP2_ARM_CRC32 = 1 << 4, 389}; 390 391/* The commpage only exists for 32 bit kernels */ 392 393#define ARM_COMMPAGE (intptr_t)0xffff0f00u 394 395static bool init_guest_commpage(void) 396{ 397 void *want = g2h_untagged(ARM_COMMPAGE & -qemu_host_page_size); 398 void *addr = mmap(want, qemu_host_page_size, PROT_READ | PROT_WRITE, 399 MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0); 400 401 if (addr == MAP_FAILED) { 402 perror("Allocating guest commpage"); 403 exit(EXIT_FAILURE); 404 } 405 if (addr != want) { 406 return false; 407 } 408 409 /* Set kernel helper versions; rest of page is 0. */ 410 __put_user(5, (uint32_t *)g2h_untagged(0xffff0ffcu)); 411 412 if (mprotect(addr, qemu_host_page_size, PROT_READ)) { 413 perror("Protecting guest commpage"); 414 exit(EXIT_FAILURE); 415 } 416 return true; 417} 418 419#define ELF_HWCAP get_elf_hwcap() 420#define ELF_HWCAP2 get_elf_hwcap2() 421 422static uint32_t get_elf_hwcap(void) 423{ 424 ARMCPU *cpu = ARM_CPU(thread_cpu); 425 uint32_t hwcaps = 0; 426 427 hwcaps |= ARM_HWCAP_ARM_SWP; 428 hwcaps |= ARM_HWCAP_ARM_HALF; 429 hwcaps |= ARM_HWCAP_ARM_THUMB; 430 hwcaps |= ARM_HWCAP_ARM_FAST_MULT; 431 432 /* probe for the extra features */ 433#define GET_FEATURE(feat, hwcap) \ 434 do { if (arm_feature(&cpu->env, feat)) { hwcaps |= hwcap; } } while (0) 435 436#define GET_FEATURE_ID(feat, hwcap) \ 437 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 438 439 /* EDSP is in v5TE and above, but all our v5 CPUs are v5TE */ 440 GET_FEATURE(ARM_FEATURE_V5, ARM_HWCAP_ARM_EDSP); 441 GET_FEATURE(ARM_FEATURE_IWMMXT, ARM_HWCAP_ARM_IWMMXT); 442 GET_FEATURE(ARM_FEATURE_THUMB2EE, ARM_HWCAP_ARM_THUMBEE); 443 GET_FEATURE(ARM_FEATURE_NEON, ARM_HWCAP_ARM_NEON); 444 GET_FEATURE(ARM_FEATURE_V6K, ARM_HWCAP_ARM_TLS); 445 GET_FEATURE(ARM_FEATURE_LPAE, ARM_HWCAP_ARM_LPAE); 446 GET_FEATURE_ID(aa32_arm_div, ARM_HWCAP_ARM_IDIVA); 447 GET_FEATURE_ID(aa32_thumb_div, ARM_HWCAP_ARM_IDIVT); 448 GET_FEATURE_ID(aa32_vfp, ARM_HWCAP_ARM_VFP); 449 450 if (cpu_isar_feature(aa32_fpsp_v3, cpu) || 451 cpu_isar_feature(aa32_fpdp_v3, cpu)) { 452 hwcaps |= ARM_HWCAP_ARM_VFPv3; 453 if (cpu_isar_feature(aa32_simd_r32, cpu)) { 454 hwcaps |= ARM_HWCAP_ARM_VFPD32; 455 } else { 456 hwcaps |= ARM_HWCAP_ARM_VFPv3D16; 457 } 458 } 459 GET_FEATURE_ID(aa32_simdfmac, ARM_HWCAP_ARM_VFPv4); 460 461 return hwcaps; 462} 463 464static uint32_t get_elf_hwcap2(void) 465{ 466 ARMCPU *cpu = ARM_CPU(thread_cpu); 467 uint32_t hwcaps = 0; 468 469 GET_FEATURE_ID(aa32_aes, ARM_HWCAP2_ARM_AES); 470 GET_FEATURE_ID(aa32_pmull, ARM_HWCAP2_ARM_PMULL); 471 GET_FEATURE_ID(aa32_sha1, ARM_HWCAP2_ARM_SHA1); 472 GET_FEATURE_ID(aa32_sha2, ARM_HWCAP2_ARM_SHA2); 473 GET_FEATURE_ID(aa32_crc32, ARM_HWCAP2_ARM_CRC32); 474 return hwcaps; 475} 476 477#undef GET_FEATURE 478#undef GET_FEATURE_ID 479 480#define ELF_PLATFORM get_elf_platform() 481 482static const char *get_elf_platform(void) 483{ 484 CPUARMState *env = thread_cpu->env_ptr; 485 486#ifdef TARGET_WORDS_BIGENDIAN 487# define END "b" 488#else 489# define END "l" 490#endif 491 492 if (arm_feature(env, ARM_FEATURE_V8)) { 493 return "v8" END; 494 } else if (arm_feature(env, ARM_FEATURE_V7)) { 495 if (arm_feature(env, ARM_FEATURE_M)) { 496 return "v7m" END; 497 } else { 498 return "v7" END; 499 } 500 } else if (arm_feature(env, ARM_FEATURE_V6)) { 501 return "v6" END; 502 } else if (arm_feature(env, ARM_FEATURE_V5)) { 503 return "v5" END; 504 } else { 505 return "v4" END; 506 } 507 508#undef END 509} 510 511#else 512/* 64 bit ARM definitions */ 513#define ELF_START_MMAP 0x80000000 514 515#define ELF_ARCH EM_AARCH64 516#define ELF_CLASS ELFCLASS64 517#ifdef TARGET_WORDS_BIGENDIAN 518# define ELF_PLATFORM "aarch64_be" 519#else 520# define ELF_PLATFORM "aarch64" 521#endif 522 523static inline void init_thread(struct target_pt_regs *regs, 524 struct image_info *infop) 525{ 526 abi_long stack = infop->start_stack; 527 memset(regs, 0, sizeof(*regs)); 528 529 regs->pc = infop->entry & ~0x3ULL; 530 regs->sp = stack; 531} 532 533#define ELF_NREG 34 534typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 535 536static void elf_core_copy_regs(target_elf_gregset_t *regs, 537 const CPUARMState *env) 538{ 539 int i; 540 541 for (i = 0; i < 32; i++) { 542 (*regs)[i] = tswapreg(env->xregs[i]); 543 } 544 (*regs)[32] = tswapreg(env->pc); 545 (*regs)[33] = tswapreg(pstate_read((CPUARMState *)env)); 546} 547 548#define USE_ELF_CORE_DUMP 549#define ELF_EXEC_PAGESIZE 4096 550 551enum { 552 ARM_HWCAP_A64_FP = 1 << 0, 553 ARM_HWCAP_A64_ASIMD = 1 << 1, 554 ARM_HWCAP_A64_EVTSTRM = 1 << 2, 555 ARM_HWCAP_A64_AES = 1 << 3, 556 ARM_HWCAP_A64_PMULL = 1 << 4, 557 ARM_HWCAP_A64_SHA1 = 1 << 5, 558 ARM_HWCAP_A64_SHA2 = 1 << 6, 559 ARM_HWCAP_A64_CRC32 = 1 << 7, 560 ARM_HWCAP_A64_ATOMICS = 1 << 8, 561 ARM_HWCAP_A64_FPHP = 1 << 9, 562 ARM_HWCAP_A64_ASIMDHP = 1 << 10, 563 ARM_HWCAP_A64_CPUID = 1 << 11, 564 ARM_HWCAP_A64_ASIMDRDM = 1 << 12, 565 ARM_HWCAP_A64_JSCVT = 1 << 13, 566 ARM_HWCAP_A64_FCMA = 1 << 14, 567 ARM_HWCAP_A64_LRCPC = 1 << 15, 568 ARM_HWCAP_A64_DCPOP = 1 << 16, 569 ARM_HWCAP_A64_SHA3 = 1 << 17, 570 ARM_HWCAP_A64_SM3 = 1 << 18, 571 ARM_HWCAP_A64_SM4 = 1 << 19, 572 ARM_HWCAP_A64_ASIMDDP = 1 << 20, 573 ARM_HWCAP_A64_SHA512 = 1 << 21, 574 ARM_HWCAP_A64_SVE = 1 << 22, 575 ARM_HWCAP_A64_ASIMDFHM = 1 << 23, 576 ARM_HWCAP_A64_DIT = 1 << 24, 577 ARM_HWCAP_A64_USCAT = 1 << 25, 578 ARM_HWCAP_A64_ILRCPC = 1 << 26, 579 ARM_HWCAP_A64_FLAGM = 1 << 27, 580 ARM_HWCAP_A64_SSBS = 1 << 28, 581 ARM_HWCAP_A64_SB = 1 << 29, 582 ARM_HWCAP_A64_PACA = 1 << 30, 583 ARM_HWCAP_A64_PACG = 1UL << 31, 584 585 ARM_HWCAP2_A64_DCPODP = 1 << 0, 586 ARM_HWCAP2_A64_SVE2 = 1 << 1, 587 ARM_HWCAP2_A64_SVEAES = 1 << 2, 588 ARM_HWCAP2_A64_SVEPMULL = 1 << 3, 589 ARM_HWCAP2_A64_SVEBITPERM = 1 << 4, 590 ARM_HWCAP2_A64_SVESHA3 = 1 << 5, 591 ARM_HWCAP2_A64_SVESM4 = 1 << 6, 592 ARM_HWCAP2_A64_FLAGM2 = 1 << 7, 593 ARM_HWCAP2_A64_FRINT = 1 << 8, 594 ARM_HWCAP2_A64_SVEI8MM = 1 << 9, 595 ARM_HWCAP2_A64_SVEF32MM = 1 << 10, 596 ARM_HWCAP2_A64_SVEF64MM = 1 << 11, 597 ARM_HWCAP2_A64_SVEBF16 = 1 << 12, 598 ARM_HWCAP2_A64_I8MM = 1 << 13, 599 ARM_HWCAP2_A64_BF16 = 1 << 14, 600 ARM_HWCAP2_A64_DGH = 1 << 15, 601 ARM_HWCAP2_A64_RNG = 1 << 16, 602 ARM_HWCAP2_A64_BTI = 1 << 17, 603 ARM_HWCAP2_A64_MTE = 1 << 18, 604}; 605 606#define ELF_HWCAP get_elf_hwcap() 607#define ELF_HWCAP2 get_elf_hwcap2() 608 609#define GET_FEATURE_ID(feat, hwcap) \ 610 do { if (cpu_isar_feature(feat, cpu)) { hwcaps |= hwcap; } } while (0) 611 612static uint32_t get_elf_hwcap(void) 613{ 614 ARMCPU *cpu = ARM_CPU(thread_cpu); 615 uint32_t hwcaps = 0; 616 617 hwcaps |= ARM_HWCAP_A64_FP; 618 hwcaps |= ARM_HWCAP_A64_ASIMD; 619 hwcaps |= ARM_HWCAP_A64_CPUID; 620 621 /* probe for the extra features */ 622 623 GET_FEATURE_ID(aa64_aes, ARM_HWCAP_A64_AES); 624 GET_FEATURE_ID(aa64_pmull, ARM_HWCAP_A64_PMULL); 625 GET_FEATURE_ID(aa64_sha1, ARM_HWCAP_A64_SHA1); 626 GET_FEATURE_ID(aa64_sha256, ARM_HWCAP_A64_SHA2); 627 GET_FEATURE_ID(aa64_sha512, ARM_HWCAP_A64_SHA512); 628 GET_FEATURE_ID(aa64_crc32, ARM_HWCAP_A64_CRC32); 629 GET_FEATURE_ID(aa64_sha3, ARM_HWCAP_A64_SHA3); 630 GET_FEATURE_ID(aa64_sm3, ARM_HWCAP_A64_SM3); 631 GET_FEATURE_ID(aa64_sm4, ARM_HWCAP_A64_SM4); 632 GET_FEATURE_ID(aa64_fp16, ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP); 633 GET_FEATURE_ID(aa64_atomics, ARM_HWCAP_A64_ATOMICS); 634 GET_FEATURE_ID(aa64_rdm, ARM_HWCAP_A64_ASIMDRDM); 635 GET_FEATURE_ID(aa64_dp, ARM_HWCAP_A64_ASIMDDP); 636 GET_FEATURE_ID(aa64_fcma, ARM_HWCAP_A64_FCMA); 637 GET_FEATURE_ID(aa64_sve, ARM_HWCAP_A64_SVE); 638 GET_FEATURE_ID(aa64_pauth, ARM_HWCAP_A64_PACA | ARM_HWCAP_A64_PACG); 639 GET_FEATURE_ID(aa64_fhm, ARM_HWCAP_A64_ASIMDFHM); 640 GET_FEATURE_ID(aa64_jscvt, ARM_HWCAP_A64_JSCVT); 641 GET_FEATURE_ID(aa64_sb, ARM_HWCAP_A64_SB); 642 GET_FEATURE_ID(aa64_condm_4, ARM_HWCAP_A64_FLAGM); 643 GET_FEATURE_ID(aa64_dcpop, ARM_HWCAP_A64_DCPOP); 644 GET_FEATURE_ID(aa64_rcpc_8_3, ARM_HWCAP_A64_LRCPC); 645 GET_FEATURE_ID(aa64_rcpc_8_4, ARM_HWCAP_A64_ILRCPC); 646 647 return hwcaps; 648} 649 650static uint32_t get_elf_hwcap2(void) 651{ 652 ARMCPU *cpu = ARM_CPU(thread_cpu); 653 uint32_t hwcaps = 0; 654 655 GET_FEATURE_ID(aa64_dcpodp, ARM_HWCAP2_A64_DCPODP); 656 GET_FEATURE_ID(aa64_sve2, ARM_HWCAP2_A64_SVE2); 657 GET_FEATURE_ID(aa64_sve2_aes, ARM_HWCAP2_A64_SVEAES); 658 GET_FEATURE_ID(aa64_sve2_pmull128, ARM_HWCAP2_A64_SVEPMULL); 659 GET_FEATURE_ID(aa64_sve2_bitperm, ARM_HWCAP2_A64_SVEBITPERM); 660 GET_FEATURE_ID(aa64_sve2_sha3, ARM_HWCAP2_A64_SVESHA3); 661 GET_FEATURE_ID(aa64_sve2_sm4, ARM_HWCAP2_A64_SVESM4); 662 GET_FEATURE_ID(aa64_condm_5, ARM_HWCAP2_A64_FLAGM2); 663 GET_FEATURE_ID(aa64_frint, ARM_HWCAP2_A64_FRINT); 664 GET_FEATURE_ID(aa64_sve_i8mm, ARM_HWCAP2_A64_SVEI8MM); 665 GET_FEATURE_ID(aa64_sve_f32mm, ARM_HWCAP2_A64_SVEF32MM); 666 GET_FEATURE_ID(aa64_sve_f64mm, ARM_HWCAP2_A64_SVEF64MM); 667 GET_FEATURE_ID(aa64_sve_bf16, ARM_HWCAP2_A64_SVEBF16); 668 GET_FEATURE_ID(aa64_i8mm, ARM_HWCAP2_A64_I8MM); 669 GET_FEATURE_ID(aa64_bf16, ARM_HWCAP2_A64_BF16); 670 GET_FEATURE_ID(aa64_rndr, ARM_HWCAP2_A64_RNG); 671 GET_FEATURE_ID(aa64_bti, ARM_HWCAP2_A64_BTI); 672 GET_FEATURE_ID(aa64_mte, ARM_HWCAP2_A64_MTE); 673 674 return hwcaps; 675} 676 677#undef GET_FEATURE_ID 678 679#endif /* not TARGET_AARCH64 */ 680#endif /* TARGET_ARM */ 681 682#ifdef TARGET_SPARC 683#ifdef TARGET_SPARC64 684 685#define ELF_START_MMAP 0x80000000 686#define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 687 | HWCAP_SPARC_MULDIV | HWCAP_SPARC_V9) 688#ifndef TARGET_ABI32 689#define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS ) 690#else 691#define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC ) 692#endif 693 694#define ELF_CLASS ELFCLASS64 695#define ELF_ARCH EM_SPARCV9 696#else 697#define ELF_START_MMAP 0x80000000 698#define ELF_HWCAP (HWCAP_SPARC_FLUSH | HWCAP_SPARC_STBAR | HWCAP_SPARC_SWAP \ 699 | HWCAP_SPARC_MULDIV) 700#define ELF_CLASS ELFCLASS32 701#define ELF_ARCH EM_SPARC 702#endif /* TARGET_SPARC64 */ 703 704static inline void init_thread(struct target_pt_regs *regs, 705 struct image_info *infop) 706{ 707 /* Note that target_cpu_copy_regs does not read psr/tstate. */ 708 regs->pc = infop->entry; 709 regs->npc = regs->pc + 4; 710 regs->y = 0; 711 regs->u_regs[14] = (infop->start_stack - 16 * sizeof(abi_ulong) 712 - TARGET_STACK_BIAS); 713} 714#endif /* TARGET_SPARC */ 715 716#ifdef TARGET_PPC 717 718#define ELF_MACHINE PPC_ELF_MACHINE 719#define ELF_START_MMAP 0x80000000 720 721#if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 722 723#define elf_check_arch(x) ( (x) == EM_PPC64 ) 724 725#define ELF_CLASS ELFCLASS64 726 727#else 728 729#define ELF_CLASS ELFCLASS32 730 731#endif 732 733#define ELF_ARCH EM_PPC 734 735/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP). 736 See arch/powerpc/include/asm/cputable.h. */ 737enum { 738 QEMU_PPC_FEATURE_32 = 0x80000000, 739 QEMU_PPC_FEATURE_64 = 0x40000000, 740 QEMU_PPC_FEATURE_601_INSTR = 0x20000000, 741 QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000, 742 QEMU_PPC_FEATURE_HAS_FPU = 0x08000000, 743 QEMU_PPC_FEATURE_HAS_MMU = 0x04000000, 744 QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000, 745 QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000, 746 QEMU_PPC_FEATURE_HAS_SPE = 0x00800000, 747 QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000, 748 QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000, 749 QEMU_PPC_FEATURE_NO_TB = 0x00100000, 750 QEMU_PPC_FEATURE_POWER4 = 0x00080000, 751 QEMU_PPC_FEATURE_POWER5 = 0x00040000, 752 QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000, 753 QEMU_PPC_FEATURE_CELL = 0x00010000, 754 QEMU_PPC_FEATURE_BOOKE = 0x00008000, 755 QEMU_PPC_FEATURE_SMT = 0x00004000, 756 QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000, 757 QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000, 758 QEMU_PPC_FEATURE_PA6T = 0x00000800, 759 QEMU_PPC_FEATURE_HAS_DFP = 0x00000400, 760 QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200, 761 QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100, 762 QEMU_PPC_FEATURE_HAS_VSX = 0x00000080, 763 QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040, 764 765 QEMU_PPC_FEATURE_TRUE_LE = 0x00000002, 766 QEMU_PPC_FEATURE_PPC_LE = 0x00000001, 767 768 /* Feature definitions in AT_HWCAP2. */ 769 QEMU_PPC_FEATURE2_ARCH_2_07 = 0x80000000, /* ISA 2.07 */ 770 QEMU_PPC_FEATURE2_HAS_HTM = 0x40000000, /* Hardware Transactional Memory */ 771 QEMU_PPC_FEATURE2_HAS_DSCR = 0x20000000, /* Data Stream Control Register */ 772 QEMU_PPC_FEATURE2_HAS_EBB = 0x10000000, /* Event Base Branching */ 773 QEMU_PPC_FEATURE2_HAS_ISEL = 0x08000000, /* Integer Select */ 774 QEMU_PPC_FEATURE2_HAS_TAR = 0x04000000, /* Target Address Register */ 775 QEMU_PPC_FEATURE2_VEC_CRYPTO = 0x02000000, 776 QEMU_PPC_FEATURE2_HTM_NOSC = 0x01000000, 777 QEMU_PPC_FEATURE2_ARCH_3_00 = 0x00800000, /* ISA 3.00 */ 778 QEMU_PPC_FEATURE2_HAS_IEEE128 = 0x00400000, /* VSX IEEE Bin Float 128-bit */ 779 QEMU_PPC_FEATURE2_DARN = 0x00200000, /* darn random number insn */ 780 QEMU_PPC_FEATURE2_SCV = 0x00100000, /* scv syscall */ 781 QEMU_PPC_FEATURE2_HTM_NO_SUSPEND = 0x00080000, /* TM w/o suspended state */ 782}; 783 784#define ELF_HWCAP get_elf_hwcap() 785 786static uint32_t get_elf_hwcap(void) 787{ 788 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 789 uint32_t features = 0; 790 791 /* We don't have to be terribly complete here; the high points are 792 Altivec/FP/SPE support. Anything else is just a bonus. */ 793#define GET_FEATURE(flag, feature) \ 794 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 795#define GET_FEATURE2(flags, feature) \ 796 do { \ 797 if ((cpu->env.insns_flags2 & flags) == flags) { \ 798 features |= feature; \ 799 } \ 800 } while (0) 801 GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64); 802 GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU); 803 GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC); 804 GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE); 805 GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE); 806 GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE); 807 GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE); 808 GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC); 809 GET_FEATURE2(PPC2_DFP, QEMU_PPC_FEATURE_HAS_DFP); 810 GET_FEATURE2(PPC2_VSX, QEMU_PPC_FEATURE_HAS_VSX); 811 GET_FEATURE2((PPC2_PERM_ISA206 | PPC2_DIVE_ISA206 | PPC2_ATOMIC_ISA206 | 812 PPC2_FP_CVT_ISA206 | PPC2_FP_TST_ISA206), 813 QEMU_PPC_FEATURE_ARCH_2_06); 814#undef GET_FEATURE 815#undef GET_FEATURE2 816 817 return features; 818} 819 820#define ELF_HWCAP2 get_elf_hwcap2() 821 822static uint32_t get_elf_hwcap2(void) 823{ 824 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); 825 uint32_t features = 0; 826 827#define GET_FEATURE(flag, feature) \ 828 do { if (cpu->env.insns_flags & flag) { features |= feature; } } while (0) 829#define GET_FEATURE2(flag, feature) \ 830 do { if (cpu->env.insns_flags2 & flag) { features |= feature; } } while (0) 831 832 GET_FEATURE(PPC_ISEL, QEMU_PPC_FEATURE2_HAS_ISEL); 833 GET_FEATURE2(PPC2_BCTAR_ISA207, QEMU_PPC_FEATURE2_HAS_TAR); 834 GET_FEATURE2((PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | 835 PPC2_ISA207S), QEMU_PPC_FEATURE2_ARCH_2_07 | 836 QEMU_PPC_FEATURE2_VEC_CRYPTO); 837 GET_FEATURE2(PPC2_ISA300, QEMU_PPC_FEATURE2_ARCH_3_00 | 838 QEMU_PPC_FEATURE2_DARN | QEMU_PPC_FEATURE2_HAS_IEEE128); 839 840#undef GET_FEATURE 841#undef GET_FEATURE2 842 843 return features; 844} 845 846/* 847 * The requirements here are: 848 * - keep the final alignment of sp (sp & 0xf) 849 * - make sure the 32-bit value at the first 16 byte aligned position of 850 * AUXV is greater than 16 for glibc compatibility. 851 * AT_IGNOREPPC is used for that. 852 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC, 853 * even if DLINFO_ARCH_ITEMS goes to zero or is undefined. 854 */ 855#define DLINFO_ARCH_ITEMS 5 856#define ARCH_DLINFO \ 857 do { \ 858 PowerPCCPU *cpu = POWERPC_CPU(thread_cpu); \ 859 /* \ 860 * Handle glibc compatibility: these magic entries must \ 861 * be at the lowest addresses in the final auxv. \ 862 */ \ 863 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 864 NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC); \ 865 NEW_AUX_ENT(AT_DCACHEBSIZE, cpu->env.dcache_line_size); \ 866 NEW_AUX_ENT(AT_ICACHEBSIZE, cpu->env.icache_line_size); \ 867 NEW_AUX_ENT(AT_UCACHEBSIZE, 0); \ 868 } while (0) 869 870static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop) 871{ 872 _regs->gpr[1] = infop->start_stack; 873#if defined(TARGET_PPC64) && !defined(TARGET_ABI32) 874 if (get_ppc64_abi(infop) < 2) { 875 uint64_t val; 876 get_user_u64(val, infop->entry + 8); 877 _regs->gpr[2] = val + infop->load_bias; 878 get_user_u64(val, infop->entry); 879 infop->entry = val + infop->load_bias; 880 } else { 881 _regs->gpr[12] = infop->entry; /* r12 set to global entry address */ 882 } 883#endif 884 _regs->nip = infop->entry; 885} 886 887/* See linux kernel: arch/powerpc/include/asm/elf.h. */ 888#define ELF_NREG 48 889typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 890 891static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUPPCState *env) 892{ 893 int i; 894 target_ulong ccr = 0; 895 896 for (i = 0; i < ARRAY_SIZE(env->gpr); i++) { 897 (*regs)[i] = tswapreg(env->gpr[i]); 898 } 899 900 (*regs)[32] = tswapreg(env->nip); 901 (*regs)[33] = tswapreg(env->msr); 902 (*regs)[35] = tswapreg(env->ctr); 903 (*regs)[36] = tswapreg(env->lr); 904 (*regs)[37] = tswapreg(env->xer); 905 906 for (i = 0; i < ARRAY_SIZE(env->crf); i++) { 907 ccr |= env->crf[i] << (32 - ((i + 1) * 4)); 908 } 909 (*regs)[38] = tswapreg(ccr); 910} 911 912#define USE_ELF_CORE_DUMP 913#define ELF_EXEC_PAGESIZE 4096 914 915#endif 916 917#ifdef TARGET_MIPS 918 919#define ELF_START_MMAP 0x80000000 920 921#ifdef TARGET_MIPS64 922#define ELF_CLASS ELFCLASS64 923#else 924#define ELF_CLASS ELFCLASS32 925#endif 926#define ELF_ARCH EM_MIPS 927 928#define elf_check_arch(x) ((x) == EM_MIPS || (x) == EM_NANOMIPS) 929 930#ifdef TARGET_ABI_MIPSN32 931#define elf_check_abi(x) ((x) & EF_MIPS_ABI2) 932#else 933#define elf_check_abi(x) (!((x) & EF_MIPS_ABI2)) 934#endif 935 936static inline void init_thread(struct target_pt_regs *regs, 937 struct image_info *infop) 938{ 939 regs->cp0_status = 2 << CP0St_KSU; 940 regs->cp0_epc = infop->entry; 941 regs->regs[29] = infop->start_stack; 942} 943 944/* See linux kernel: arch/mips/include/asm/elf.h. */ 945#define ELF_NREG 45 946typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 947 948/* See linux kernel: arch/mips/include/asm/reg.h. */ 949enum { 950#ifdef TARGET_MIPS64 951 TARGET_EF_R0 = 0, 952#else 953 TARGET_EF_R0 = 6, 954#endif 955 TARGET_EF_R26 = TARGET_EF_R0 + 26, 956 TARGET_EF_R27 = TARGET_EF_R0 + 27, 957 TARGET_EF_LO = TARGET_EF_R0 + 32, 958 TARGET_EF_HI = TARGET_EF_R0 + 33, 959 TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34, 960 TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35, 961 TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36, 962 TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37 963}; 964 965/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 966static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMIPSState *env) 967{ 968 int i; 969 970 for (i = 0; i < TARGET_EF_R0; i++) { 971 (*regs)[i] = 0; 972 } 973 (*regs)[TARGET_EF_R0] = 0; 974 975 for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) { 976 (*regs)[TARGET_EF_R0 + i] = tswapreg(env->active_tc.gpr[i]); 977 } 978 979 (*regs)[TARGET_EF_R26] = 0; 980 (*regs)[TARGET_EF_R27] = 0; 981 (*regs)[TARGET_EF_LO] = tswapreg(env->active_tc.LO[0]); 982 (*regs)[TARGET_EF_HI] = tswapreg(env->active_tc.HI[0]); 983 (*regs)[TARGET_EF_CP0_EPC] = tswapreg(env->active_tc.PC); 984 (*regs)[TARGET_EF_CP0_BADVADDR] = tswapreg(env->CP0_BadVAddr); 985 (*regs)[TARGET_EF_CP0_STATUS] = tswapreg(env->CP0_Status); 986 (*regs)[TARGET_EF_CP0_CAUSE] = tswapreg(env->CP0_Cause); 987} 988 989#define USE_ELF_CORE_DUMP 990#define ELF_EXEC_PAGESIZE 4096 991 992/* See arch/mips/include/uapi/asm/hwcap.h. */ 993enum { 994 HWCAP_MIPS_R6 = (1 << 0), 995 HWCAP_MIPS_MSA = (1 << 1), 996 HWCAP_MIPS_CRC32 = (1 << 2), 997 HWCAP_MIPS_MIPS16 = (1 << 3), 998 HWCAP_MIPS_MDMX = (1 << 4), 999 HWCAP_MIPS_MIPS3D = (1 << 5), 1000 HWCAP_MIPS_SMARTMIPS = (1 << 6), 1001 HWCAP_MIPS_DSP = (1 << 7), 1002 HWCAP_MIPS_DSP2 = (1 << 8), 1003 HWCAP_MIPS_DSP3 = (1 << 9), 1004 HWCAP_MIPS_MIPS16E2 = (1 << 10), 1005 HWCAP_LOONGSON_MMI = (1 << 11), 1006 HWCAP_LOONGSON_EXT = (1 << 12), 1007 HWCAP_LOONGSON_EXT2 = (1 << 13), 1008 HWCAP_LOONGSON_CPUCFG = (1 << 14), 1009}; 1010 1011#define ELF_HWCAP get_elf_hwcap() 1012 1013#define GET_FEATURE_INSN(_flag, _hwcap) \ 1014 do { if (cpu->env.insn_flags & (_flag)) { hwcaps |= _hwcap; } } while (0) 1015 1016#define GET_FEATURE_REG_SET(_reg, _mask, _hwcap) \ 1017 do { if (cpu->env._reg & (_mask)) { hwcaps |= _hwcap; } } while (0) 1018 1019#define GET_FEATURE_REG_EQU(_reg, _start, _length, _val, _hwcap) \ 1020 do { \ 1021 if (extract32(cpu->env._reg, (_start), (_length)) == (_val)) { \ 1022 hwcaps |= _hwcap; \ 1023 } \ 1024 } while (0) 1025 1026static uint32_t get_elf_hwcap(void) 1027{ 1028 MIPSCPU *cpu = MIPS_CPU(thread_cpu); 1029 uint32_t hwcaps = 0; 1030 1031 GET_FEATURE_REG_EQU(CP0_Config0, CP0C0_AR, CP0C0_AR_LENGTH, 1032 2, HWCAP_MIPS_R6); 1033 GET_FEATURE_REG_SET(CP0_Config3, 1 << CP0C3_MSAP, HWCAP_MIPS_MSA); 1034 GET_FEATURE_INSN(ASE_LMMI, HWCAP_LOONGSON_MMI); 1035 GET_FEATURE_INSN(ASE_LEXT, HWCAP_LOONGSON_EXT); 1036 1037 return hwcaps; 1038} 1039 1040#undef GET_FEATURE_REG_EQU 1041#undef GET_FEATURE_REG_SET 1042#undef GET_FEATURE_INSN 1043 1044#endif /* TARGET_MIPS */ 1045 1046#ifdef TARGET_MICROBLAZE 1047 1048#define ELF_START_MMAP 0x80000000 1049 1050#define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD) 1051 1052#define ELF_CLASS ELFCLASS32 1053#define ELF_ARCH EM_MICROBLAZE 1054 1055static inline void init_thread(struct target_pt_regs *regs, 1056 struct image_info *infop) 1057{ 1058 regs->pc = infop->entry; 1059 regs->r1 = infop->start_stack; 1060 1061} 1062 1063#define ELF_EXEC_PAGESIZE 4096 1064 1065#define USE_ELF_CORE_DUMP 1066#define ELF_NREG 38 1067typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1068 1069/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1070static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUMBState *env) 1071{ 1072 int i, pos = 0; 1073 1074 for (i = 0; i < 32; i++) { 1075 (*regs)[pos++] = tswapreg(env->regs[i]); 1076 } 1077 1078 (*regs)[pos++] = tswapreg(env->pc); 1079 (*regs)[pos++] = tswapreg(mb_cpu_read_msr(env)); 1080 (*regs)[pos++] = 0; 1081 (*regs)[pos++] = tswapreg(env->ear); 1082 (*regs)[pos++] = 0; 1083 (*regs)[pos++] = tswapreg(env->esr); 1084} 1085 1086#endif /* TARGET_MICROBLAZE */ 1087 1088#ifdef TARGET_NIOS2 1089 1090#define ELF_START_MMAP 0x80000000 1091 1092#define elf_check_arch(x) ((x) == EM_ALTERA_NIOS2) 1093 1094#define ELF_CLASS ELFCLASS32 1095#define ELF_ARCH EM_ALTERA_NIOS2 1096 1097static void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1098{ 1099 regs->ea = infop->entry; 1100 regs->sp = infop->start_stack; 1101 regs->estatus = 0x3; 1102} 1103 1104#define ELF_EXEC_PAGESIZE 4096 1105 1106#define USE_ELF_CORE_DUMP 1107#define ELF_NREG 49 1108typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1109 1110/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs. */ 1111static void elf_core_copy_regs(target_elf_gregset_t *regs, 1112 const CPUNios2State *env) 1113{ 1114 int i; 1115 1116 (*regs)[0] = -1; 1117 for (i = 1; i < 8; i++) /* r0-r7 */ 1118 (*regs)[i] = tswapreg(env->regs[i + 7]); 1119 1120 for (i = 8; i < 16; i++) /* r8-r15 */ 1121 (*regs)[i] = tswapreg(env->regs[i - 8]); 1122 1123 for (i = 16; i < 24; i++) /* r16-r23 */ 1124 (*regs)[i] = tswapreg(env->regs[i + 7]); 1125 (*regs)[24] = -1; /* R_ET */ 1126 (*regs)[25] = -1; /* R_BT */ 1127 (*regs)[26] = tswapreg(env->regs[R_GP]); 1128 (*regs)[27] = tswapreg(env->regs[R_SP]); 1129 (*regs)[28] = tswapreg(env->regs[R_FP]); 1130 (*regs)[29] = tswapreg(env->regs[R_EA]); 1131 (*regs)[30] = -1; /* R_SSTATUS */ 1132 (*regs)[31] = tswapreg(env->regs[R_RA]); 1133 1134 (*regs)[32] = tswapreg(env->regs[R_PC]); 1135 1136 (*regs)[33] = -1; /* R_STATUS */ 1137 (*regs)[34] = tswapreg(env->regs[CR_ESTATUS]); 1138 1139 for (i = 35; i < 49; i++) /* ... */ 1140 (*regs)[i] = -1; 1141} 1142 1143#endif /* TARGET_NIOS2 */ 1144 1145#ifdef TARGET_OPENRISC 1146 1147#define ELF_START_MMAP 0x08000000 1148 1149#define ELF_ARCH EM_OPENRISC 1150#define ELF_CLASS ELFCLASS32 1151#define ELF_DATA ELFDATA2MSB 1152 1153static inline void init_thread(struct target_pt_regs *regs, 1154 struct image_info *infop) 1155{ 1156 regs->pc = infop->entry; 1157 regs->gpr[1] = infop->start_stack; 1158} 1159 1160#define USE_ELF_CORE_DUMP 1161#define ELF_EXEC_PAGESIZE 8192 1162 1163/* See linux kernel arch/openrisc/include/asm/elf.h. */ 1164#define ELF_NREG 34 /* gprs and pc, sr */ 1165typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1166 1167static void elf_core_copy_regs(target_elf_gregset_t *regs, 1168 const CPUOpenRISCState *env) 1169{ 1170 int i; 1171 1172 for (i = 0; i < 32; i++) { 1173 (*regs)[i] = tswapreg(cpu_get_gpr(env, i)); 1174 } 1175 (*regs)[32] = tswapreg(env->pc); 1176 (*regs)[33] = tswapreg(cpu_get_sr(env)); 1177} 1178#define ELF_HWCAP 0 1179#define ELF_PLATFORM NULL 1180 1181#endif /* TARGET_OPENRISC */ 1182 1183#ifdef TARGET_SH4 1184 1185#define ELF_START_MMAP 0x80000000 1186 1187#define ELF_CLASS ELFCLASS32 1188#define ELF_ARCH EM_SH 1189 1190static inline void init_thread(struct target_pt_regs *regs, 1191 struct image_info *infop) 1192{ 1193 /* Check other registers XXXXX */ 1194 regs->pc = infop->entry; 1195 regs->regs[15] = infop->start_stack; 1196} 1197 1198/* See linux kernel: arch/sh/include/asm/elf.h. */ 1199#define ELF_NREG 23 1200typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1201 1202/* See linux kernel: arch/sh/include/asm/ptrace.h. */ 1203enum { 1204 TARGET_REG_PC = 16, 1205 TARGET_REG_PR = 17, 1206 TARGET_REG_SR = 18, 1207 TARGET_REG_GBR = 19, 1208 TARGET_REG_MACH = 20, 1209 TARGET_REG_MACL = 21, 1210 TARGET_REG_SYSCALL = 22 1211}; 1212 1213static inline void elf_core_copy_regs(target_elf_gregset_t *regs, 1214 const CPUSH4State *env) 1215{ 1216 int i; 1217 1218 for (i = 0; i < 16; i++) { 1219 (*regs)[i] = tswapreg(env->gregs[i]); 1220 } 1221 1222 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1223 (*regs)[TARGET_REG_PR] = tswapreg(env->pr); 1224 (*regs)[TARGET_REG_SR] = tswapreg(env->sr); 1225 (*regs)[TARGET_REG_GBR] = tswapreg(env->gbr); 1226 (*regs)[TARGET_REG_MACH] = tswapreg(env->mach); 1227 (*regs)[TARGET_REG_MACL] = tswapreg(env->macl); 1228 (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */ 1229} 1230 1231#define USE_ELF_CORE_DUMP 1232#define ELF_EXEC_PAGESIZE 4096 1233 1234enum { 1235 SH_CPU_HAS_FPU = 0x0001, /* Hardware FPU support */ 1236 SH_CPU_HAS_P2_FLUSH_BUG = 0x0002, /* Need to flush the cache in P2 area */ 1237 SH_CPU_HAS_MMU_PAGE_ASSOC = 0x0004, /* SH3: TLB way selection bit support */ 1238 SH_CPU_HAS_DSP = 0x0008, /* SH-DSP: DSP support */ 1239 SH_CPU_HAS_PERF_COUNTER = 0x0010, /* Hardware performance counters */ 1240 SH_CPU_HAS_PTEA = 0x0020, /* PTEA register */ 1241 SH_CPU_HAS_LLSC = 0x0040, /* movli.l/movco.l */ 1242 SH_CPU_HAS_L2_CACHE = 0x0080, /* Secondary cache / URAM */ 1243 SH_CPU_HAS_OP32 = 0x0100, /* 32-bit instruction support */ 1244 SH_CPU_HAS_PTEAEX = 0x0200, /* PTE ASID Extension support */ 1245}; 1246 1247#define ELF_HWCAP get_elf_hwcap() 1248 1249static uint32_t get_elf_hwcap(void) 1250{ 1251 SuperHCPU *cpu = SUPERH_CPU(thread_cpu); 1252 uint32_t hwcap = 0; 1253 1254 hwcap |= SH_CPU_HAS_FPU; 1255 1256 if (cpu->env.features & SH_FEATURE_SH4A) { 1257 hwcap |= SH_CPU_HAS_LLSC; 1258 } 1259 1260 return hwcap; 1261} 1262 1263#endif 1264 1265#ifdef TARGET_CRIS 1266 1267#define ELF_START_MMAP 0x80000000 1268 1269#define ELF_CLASS ELFCLASS32 1270#define ELF_ARCH EM_CRIS 1271 1272static inline void init_thread(struct target_pt_regs *regs, 1273 struct image_info *infop) 1274{ 1275 regs->erp = infop->entry; 1276} 1277 1278#define ELF_EXEC_PAGESIZE 8192 1279 1280#endif 1281 1282#ifdef TARGET_M68K 1283 1284#define ELF_START_MMAP 0x80000000 1285 1286#define ELF_CLASS ELFCLASS32 1287#define ELF_ARCH EM_68K 1288 1289/* ??? Does this need to do anything? 1290 #define ELF_PLAT_INIT(_r) */ 1291 1292static inline void init_thread(struct target_pt_regs *regs, 1293 struct image_info *infop) 1294{ 1295 regs->usp = infop->start_stack; 1296 regs->sr = 0; 1297 regs->pc = infop->entry; 1298} 1299 1300/* See linux kernel: arch/m68k/include/asm/elf.h. */ 1301#define ELF_NREG 20 1302typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1303 1304static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUM68KState *env) 1305{ 1306 (*regs)[0] = tswapreg(env->dregs[1]); 1307 (*regs)[1] = tswapreg(env->dregs[2]); 1308 (*regs)[2] = tswapreg(env->dregs[3]); 1309 (*regs)[3] = tswapreg(env->dregs[4]); 1310 (*regs)[4] = tswapreg(env->dregs[5]); 1311 (*regs)[5] = tswapreg(env->dregs[6]); 1312 (*regs)[6] = tswapreg(env->dregs[7]); 1313 (*regs)[7] = tswapreg(env->aregs[0]); 1314 (*regs)[8] = tswapreg(env->aregs[1]); 1315 (*regs)[9] = tswapreg(env->aregs[2]); 1316 (*regs)[10] = tswapreg(env->aregs[3]); 1317 (*regs)[11] = tswapreg(env->aregs[4]); 1318 (*regs)[12] = tswapreg(env->aregs[5]); 1319 (*regs)[13] = tswapreg(env->aregs[6]); 1320 (*regs)[14] = tswapreg(env->dregs[0]); 1321 (*regs)[15] = tswapreg(env->aregs[7]); 1322 (*regs)[16] = tswapreg(env->dregs[0]); /* FIXME: orig_d0 */ 1323 (*regs)[17] = tswapreg(env->sr); 1324 (*regs)[18] = tswapreg(env->pc); 1325 (*regs)[19] = 0; /* FIXME: regs->format | regs->vector */ 1326} 1327 1328#define USE_ELF_CORE_DUMP 1329#define ELF_EXEC_PAGESIZE 8192 1330 1331#endif 1332 1333#ifdef TARGET_ALPHA 1334 1335#define ELF_START_MMAP (0x30000000000ULL) 1336 1337#define ELF_CLASS ELFCLASS64 1338#define ELF_ARCH EM_ALPHA 1339 1340static inline void init_thread(struct target_pt_regs *regs, 1341 struct image_info *infop) 1342{ 1343 regs->pc = infop->entry; 1344 regs->ps = 8; 1345 regs->usp = infop->start_stack; 1346} 1347 1348#define ELF_EXEC_PAGESIZE 8192 1349 1350#endif /* TARGET_ALPHA */ 1351 1352#ifdef TARGET_S390X 1353 1354#define ELF_START_MMAP (0x20000000000ULL) 1355 1356#define ELF_CLASS ELFCLASS64 1357#define ELF_DATA ELFDATA2MSB 1358#define ELF_ARCH EM_S390 1359 1360#include "elf.h" 1361 1362#define ELF_HWCAP get_elf_hwcap() 1363 1364#define GET_FEATURE(_feat, _hwcap) \ 1365 do { if (s390_has_feat(_feat)) { hwcap |= _hwcap; } } while (0) 1366 1367static uint32_t get_elf_hwcap(void) 1368{ 1369 /* 1370 * Let's assume we always have esan3 and zarch. 1371 * 31-bit processes can use 64-bit registers (high gprs). 1372 */ 1373 uint32_t hwcap = HWCAP_S390_ESAN3 | HWCAP_S390_ZARCH | HWCAP_S390_HIGH_GPRS; 1374 1375 GET_FEATURE(S390_FEAT_STFLE, HWCAP_S390_STFLE); 1376 GET_FEATURE(S390_FEAT_MSA, HWCAP_S390_MSA); 1377 GET_FEATURE(S390_FEAT_LONG_DISPLACEMENT, HWCAP_S390_LDISP); 1378 GET_FEATURE(S390_FEAT_EXTENDED_IMMEDIATE, HWCAP_S390_EIMM); 1379 if (s390_has_feat(S390_FEAT_EXTENDED_TRANSLATION_3) && 1380 s390_has_feat(S390_FEAT_ETF3_ENH)) { 1381 hwcap |= HWCAP_S390_ETF3EH; 1382 } 1383 GET_FEATURE(S390_FEAT_VECTOR, HWCAP_S390_VXRS); 1384 GET_FEATURE(S390_FEAT_VECTOR_ENH, HWCAP_S390_VXRS_EXT); 1385 1386 return hwcap; 1387} 1388 1389static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop) 1390{ 1391 regs->psw.addr = infop->entry; 1392 regs->psw.mask = PSW_MASK_64 | PSW_MASK_32; 1393 regs->gprs[15] = infop->start_stack; 1394} 1395 1396/* See linux kernel: arch/s390/include/uapi/asm/ptrace.h (s390_regs). */ 1397#define ELF_NREG 27 1398typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1399 1400enum { 1401 TARGET_REG_PSWM = 0, 1402 TARGET_REG_PSWA = 1, 1403 TARGET_REG_GPRS = 2, 1404 TARGET_REG_ARS = 18, 1405 TARGET_REG_ORIG_R2 = 26, 1406}; 1407 1408static void elf_core_copy_regs(target_elf_gregset_t *regs, 1409 const CPUS390XState *env) 1410{ 1411 int i; 1412 uint32_t *aregs; 1413 1414 (*regs)[TARGET_REG_PSWM] = tswapreg(env->psw.mask); 1415 (*regs)[TARGET_REG_PSWA] = tswapreg(env->psw.addr); 1416 for (i = 0; i < 16; i++) { 1417 (*regs)[TARGET_REG_GPRS + i] = tswapreg(env->regs[i]); 1418 } 1419 aregs = (uint32_t *)&((*regs)[TARGET_REG_ARS]); 1420 for (i = 0; i < 16; i++) { 1421 aregs[i] = tswap32(env->aregs[i]); 1422 } 1423 (*regs)[TARGET_REG_ORIG_R2] = 0; 1424} 1425 1426#define USE_ELF_CORE_DUMP 1427#define ELF_EXEC_PAGESIZE 4096 1428 1429#endif /* TARGET_S390X */ 1430 1431#ifdef TARGET_RISCV 1432 1433#define ELF_START_MMAP 0x80000000 1434#define ELF_ARCH EM_RISCV 1435 1436#ifdef TARGET_RISCV32 1437#define ELF_CLASS ELFCLASS32 1438#else 1439#define ELF_CLASS ELFCLASS64 1440#endif 1441 1442#define ELF_HWCAP get_elf_hwcap() 1443 1444static uint32_t get_elf_hwcap(void) 1445{ 1446#define MISA_BIT(EXT) (1 << (EXT - 'A')) 1447 RISCVCPU *cpu = RISCV_CPU(thread_cpu); 1448 uint32_t mask = MISA_BIT('I') | MISA_BIT('M') | MISA_BIT('A') 1449 | MISA_BIT('F') | MISA_BIT('D') | MISA_BIT('C'); 1450 1451 return cpu->env.misa & mask; 1452#undef MISA_BIT 1453} 1454 1455static inline void init_thread(struct target_pt_regs *regs, 1456 struct image_info *infop) 1457{ 1458 regs->sepc = infop->entry; 1459 regs->sp = infop->start_stack; 1460} 1461 1462#define ELF_EXEC_PAGESIZE 4096 1463 1464#endif /* TARGET_RISCV */ 1465 1466#ifdef TARGET_HPPA 1467 1468#define ELF_START_MMAP 0x80000000 1469#define ELF_CLASS ELFCLASS32 1470#define ELF_ARCH EM_PARISC 1471#define ELF_PLATFORM "PARISC" 1472#define STACK_GROWS_DOWN 0 1473#define STACK_ALIGNMENT 64 1474 1475static inline void init_thread(struct target_pt_regs *regs, 1476 struct image_info *infop) 1477{ 1478 regs->iaoq[0] = infop->entry; 1479 regs->iaoq[1] = infop->entry + 4; 1480 regs->gr[23] = 0; 1481 regs->gr[24] = infop->arg_start; 1482 regs->gr[25] = (infop->arg_end - infop->arg_start) / sizeof(abi_ulong); 1483 /* The top-of-stack contains a linkage buffer. */ 1484 regs->gr[30] = infop->start_stack + 64; 1485 regs->gr[31] = infop->entry; 1486} 1487 1488#endif /* TARGET_HPPA */ 1489 1490#ifdef TARGET_XTENSA 1491 1492#define ELF_START_MMAP 0x20000000 1493 1494#define ELF_CLASS ELFCLASS32 1495#define ELF_ARCH EM_XTENSA 1496 1497static inline void init_thread(struct target_pt_regs *regs, 1498 struct image_info *infop) 1499{ 1500 regs->windowbase = 0; 1501 regs->windowstart = 1; 1502 regs->areg[1] = infop->start_stack; 1503 regs->pc = infop->entry; 1504} 1505 1506/* See linux kernel: arch/xtensa/include/asm/elf.h. */ 1507#define ELF_NREG 128 1508typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG]; 1509 1510enum { 1511 TARGET_REG_PC, 1512 TARGET_REG_PS, 1513 TARGET_REG_LBEG, 1514 TARGET_REG_LEND, 1515 TARGET_REG_LCOUNT, 1516 TARGET_REG_SAR, 1517 TARGET_REG_WINDOWSTART, 1518 TARGET_REG_WINDOWBASE, 1519 TARGET_REG_THREADPTR, 1520 TARGET_REG_AR0 = 64, 1521}; 1522 1523static void elf_core_copy_regs(target_elf_gregset_t *regs, 1524 const CPUXtensaState *env) 1525{ 1526 unsigned i; 1527 1528 (*regs)[TARGET_REG_PC] = tswapreg(env->pc); 1529 (*regs)[TARGET_REG_PS] = tswapreg(env->sregs[PS] & ~PS_EXCM); 1530 (*regs)[TARGET_REG_LBEG] = tswapreg(env->sregs[LBEG]); 1531 (*regs)[TARGET_REG_LEND] = tswapreg(env->sregs[LEND]); 1532 (*regs)[TARGET_REG_LCOUNT] = tswapreg(env->sregs[LCOUNT]); 1533 (*regs)[TARGET_REG_SAR] = tswapreg(env->sregs[SAR]); 1534 (*regs)[TARGET_REG_WINDOWSTART] = tswapreg(env->sregs[WINDOW_START]); 1535 (*regs)[TARGET_REG_WINDOWBASE] = tswapreg(env->sregs[WINDOW_BASE]); 1536 (*regs)[TARGET_REG_THREADPTR] = tswapreg(env->uregs[THREADPTR]); 1537 xtensa_sync_phys_from_window((CPUXtensaState *)env); 1538 for (i = 0; i < env->config->nareg; ++i) { 1539 (*regs)[TARGET_REG_AR0 + i] = tswapreg(env->phys_regs[i]); 1540 } 1541} 1542 1543#define USE_ELF_CORE_DUMP 1544#define ELF_EXEC_PAGESIZE 4096 1545 1546#endif /* TARGET_XTENSA */ 1547 1548#ifdef TARGET_HEXAGON 1549 1550#define ELF_START_MMAP 0x20000000 1551 1552#define ELF_CLASS ELFCLASS32 1553#define ELF_ARCH EM_HEXAGON 1554 1555static inline void init_thread(struct target_pt_regs *regs, 1556 struct image_info *infop) 1557{ 1558 regs->sepc = infop->entry; 1559 regs->sp = infop->start_stack; 1560} 1561 1562#endif /* TARGET_HEXAGON */ 1563 1564#ifndef ELF_PLATFORM 1565#define ELF_PLATFORM (NULL) 1566#endif 1567 1568#ifndef ELF_MACHINE 1569#define ELF_MACHINE ELF_ARCH 1570#endif 1571 1572#ifndef elf_check_arch 1573#define elf_check_arch(x) ((x) == ELF_ARCH) 1574#endif 1575 1576#ifndef elf_check_abi 1577#define elf_check_abi(x) (1) 1578#endif 1579 1580#ifndef ELF_HWCAP 1581#define ELF_HWCAP 0 1582#endif 1583 1584#ifndef STACK_GROWS_DOWN 1585#define STACK_GROWS_DOWN 1 1586#endif 1587 1588#ifndef STACK_ALIGNMENT 1589#define STACK_ALIGNMENT 16 1590#endif 1591 1592#ifdef TARGET_ABI32 1593#undef ELF_CLASS 1594#define ELF_CLASS ELFCLASS32 1595#undef bswaptls 1596#define bswaptls(ptr) bswap32s(ptr) 1597#endif 1598 1599#include "elf.h" 1600 1601/* We must delay the following stanzas until after "elf.h". */ 1602#if defined(TARGET_AARCH64) 1603 1604static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 1605 const uint32_t *data, 1606 struct image_info *info, 1607 Error **errp) 1608{ 1609 if (pr_type == GNU_PROPERTY_AARCH64_FEATURE_1_AND) { 1610 if (pr_datasz != sizeof(uint32_t)) { 1611 error_setg(errp, "Ill-formed GNU_PROPERTY_AARCH64_FEATURE_1_AND"); 1612 return false; 1613 } 1614 /* We will extract GNU_PROPERTY_AARCH64_FEATURE_1_BTI later. */ 1615 info->note_flags = *data; 1616 } 1617 return true; 1618} 1619#define ARCH_USE_GNU_PROPERTY 1 1620 1621#else 1622 1623static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz, 1624 const uint32_t *data, 1625 struct image_info *info, 1626 Error **errp) 1627{ 1628 g_assert_not_reached(); 1629} 1630#define ARCH_USE_GNU_PROPERTY 0 1631 1632#endif 1633 1634struct exec 1635{ 1636 unsigned int a_info; /* Use macros N_MAGIC, etc for access */ 1637 unsigned int a_text; /* length of text, in bytes */ 1638 unsigned int a_data; /* length of data, in bytes */ 1639 unsigned int a_bss; /* length of uninitialized data area, in bytes */ 1640 unsigned int a_syms; /* length of symbol table data in file, in bytes */ 1641 unsigned int a_entry; /* start address */ 1642 unsigned int a_trsize; /* length of relocation info for text, in bytes */ 1643 unsigned int a_drsize; /* length of relocation info for data, in bytes */ 1644}; 1645 1646 1647#define N_MAGIC(exec) ((exec).a_info & 0xffff) 1648#define OMAGIC 0407 1649#define NMAGIC 0410 1650#define ZMAGIC 0413 1651#define QMAGIC 0314 1652 1653/* Necessary parameters */ 1654#define TARGET_ELF_EXEC_PAGESIZE \ 1655 (((eppnt->p_align & ~qemu_host_page_mask) != 0) ? \ 1656 TARGET_PAGE_SIZE : MAX(qemu_host_page_size, TARGET_PAGE_SIZE)) 1657#define TARGET_ELF_PAGELENGTH(_v) ROUND_UP((_v), TARGET_ELF_EXEC_PAGESIZE) 1658#define TARGET_ELF_PAGESTART(_v) ((_v) & \ 1659 ~(abi_ulong)(TARGET_ELF_EXEC_PAGESIZE-1)) 1660#define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1)) 1661 1662#define DLINFO_ITEMS 16 1663 1664static inline void memcpy_fromfs(void * to, const void * from, unsigned long n) 1665{ 1666 memcpy(to, from, n); 1667} 1668 1669#ifdef BSWAP_NEEDED 1670static void bswap_ehdr(struct elfhdr *ehdr) 1671{ 1672 bswap16s(&ehdr->e_type); /* Object file type */ 1673 bswap16s(&ehdr->e_machine); /* Architecture */ 1674 bswap32s(&ehdr->e_version); /* Object file version */ 1675 bswaptls(&ehdr->e_entry); /* Entry point virtual address */ 1676 bswaptls(&ehdr->e_phoff); /* Program header table file offset */ 1677 bswaptls(&ehdr->e_shoff); /* Section header table file offset */ 1678 bswap32s(&ehdr->e_flags); /* Processor-specific flags */ 1679 bswap16s(&ehdr->e_ehsize); /* ELF header size in bytes */ 1680 bswap16s(&ehdr->e_phentsize); /* Program header table entry size */ 1681 bswap16s(&ehdr->e_phnum); /* Program header table entry count */ 1682 bswap16s(&ehdr->e_shentsize); /* Section header table entry size */ 1683 bswap16s(&ehdr->e_shnum); /* Section header table entry count */ 1684 bswap16s(&ehdr->e_shstrndx); /* Section header string table index */ 1685} 1686 1687static void bswap_phdr(struct elf_phdr *phdr, int phnum) 1688{ 1689 int i; 1690 for (i = 0; i < phnum; ++i, ++phdr) { 1691 bswap32s(&phdr->p_type); /* Segment type */ 1692 bswap32s(&phdr->p_flags); /* Segment flags */ 1693 bswaptls(&phdr->p_offset); /* Segment file offset */ 1694 bswaptls(&phdr->p_vaddr); /* Segment virtual address */ 1695 bswaptls(&phdr->p_paddr); /* Segment physical address */ 1696 bswaptls(&phdr->p_filesz); /* Segment size in file */ 1697 bswaptls(&phdr->p_memsz); /* Segment size in memory */ 1698 bswaptls(&phdr->p_align); /* Segment alignment */ 1699 } 1700} 1701 1702static void bswap_shdr(struct elf_shdr *shdr, int shnum) 1703{ 1704 int i; 1705 for (i = 0; i < shnum; ++i, ++shdr) { 1706 bswap32s(&shdr->sh_name); 1707 bswap32s(&shdr->sh_type); 1708 bswaptls(&shdr->sh_flags); 1709 bswaptls(&shdr->sh_addr); 1710 bswaptls(&shdr->sh_offset); 1711 bswaptls(&shdr->sh_size); 1712 bswap32s(&shdr->sh_link); 1713 bswap32s(&shdr->sh_info); 1714 bswaptls(&shdr->sh_addralign); 1715 bswaptls(&shdr->sh_entsize); 1716 } 1717} 1718 1719static void bswap_sym(struct elf_sym *sym) 1720{ 1721 bswap32s(&sym->st_name); 1722 bswaptls(&sym->st_value); 1723 bswaptls(&sym->st_size); 1724 bswap16s(&sym->st_shndx); 1725} 1726 1727#ifdef TARGET_MIPS 1728static void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) 1729{ 1730 bswap16s(&abiflags->version); 1731 bswap32s(&abiflags->ases); 1732 bswap32s(&abiflags->isa_ext); 1733 bswap32s(&abiflags->flags1); 1734 bswap32s(&abiflags->flags2); 1735} 1736#endif 1737#else 1738static inline void bswap_ehdr(struct elfhdr *ehdr) { } 1739static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { } 1740static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { } 1741static inline void bswap_sym(struct elf_sym *sym) { } 1742#ifdef TARGET_MIPS 1743static inline void bswap_mips_abiflags(Mips_elf_abiflags_v0 *abiflags) { } 1744#endif 1745#endif 1746 1747#ifdef USE_ELF_CORE_DUMP 1748static int elf_core_dump(int, const CPUArchState *); 1749#endif /* USE_ELF_CORE_DUMP */ 1750static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias); 1751 1752/* Verify the portions of EHDR within E_IDENT for the target. 1753 This can be performed before bswapping the entire header. */ 1754static bool elf_check_ident(struct elfhdr *ehdr) 1755{ 1756 return (ehdr->e_ident[EI_MAG0] == ELFMAG0 1757 && ehdr->e_ident[EI_MAG1] == ELFMAG1 1758 && ehdr->e_ident[EI_MAG2] == ELFMAG2 1759 && ehdr->e_ident[EI_MAG3] == ELFMAG3 1760 && ehdr->e_ident[EI_CLASS] == ELF_CLASS 1761 && ehdr->e_ident[EI_DATA] == ELF_DATA 1762 && ehdr->e_ident[EI_VERSION] == EV_CURRENT); 1763} 1764 1765/* Verify the portions of EHDR outside of E_IDENT for the target. 1766 This has to wait until after bswapping the header. */ 1767static bool elf_check_ehdr(struct elfhdr *ehdr) 1768{ 1769 return (elf_check_arch(ehdr->e_machine) 1770 && elf_check_abi(ehdr->e_flags) 1771 && ehdr->e_ehsize == sizeof(struct elfhdr) 1772 && ehdr->e_phentsize == sizeof(struct elf_phdr) 1773 && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN)); 1774} 1775 1776/* 1777 * 'copy_elf_strings()' copies argument/envelope strings from user 1778 * memory to free pages in kernel mem. These are in a format ready 1779 * to be put directly into the top of new user memory. 1780 * 1781 */ 1782static abi_ulong copy_elf_strings(int argc, char **argv, char *scratch, 1783 abi_ulong p, abi_ulong stack_limit) 1784{ 1785 char *tmp; 1786 int len, i; 1787 abi_ulong top = p; 1788 1789 if (!p) { 1790 return 0; /* bullet-proofing */ 1791 } 1792 1793 if (STACK_GROWS_DOWN) { 1794 int offset = ((p - 1) % TARGET_PAGE_SIZE) + 1; 1795 for (i = argc - 1; i >= 0; --i) { 1796 tmp = argv[i]; 1797 if (!tmp) { 1798 fprintf(stderr, "VFS: argc is wrong"); 1799 exit(-1); 1800 } 1801 len = strlen(tmp) + 1; 1802 tmp += len; 1803 1804 if (len > (p - stack_limit)) { 1805 return 0; 1806 } 1807 while (len) { 1808 int bytes_to_copy = (len > offset) ? offset : len; 1809 tmp -= bytes_to_copy; 1810 p -= bytes_to_copy; 1811 offset -= bytes_to_copy; 1812 len -= bytes_to_copy; 1813 1814 memcpy_fromfs(scratch + offset, tmp, bytes_to_copy); 1815 1816 if (offset == 0) { 1817 memcpy_to_target(p, scratch, top - p); 1818 top = p; 1819 offset = TARGET_PAGE_SIZE; 1820 } 1821 } 1822 } 1823 if (p != top) { 1824 memcpy_to_target(p, scratch + offset, top - p); 1825 } 1826 } else { 1827 int remaining = TARGET_PAGE_SIZE - (p % TARGET_PAGE_SIZE); 1828 for (i = 0; i < argc; ++i) { 1829 tmp = argv[i]; 1830 if (!tmp) { 1831 fprintf(stderr, "VFS: argc is wrong"); 1832 exit(-1); 1833 } 1834 len = strlen(tmp) + 1; 1835 if (len > (stack_limit - p)) { 1836 return 0; 1837 } 1838 while (len) { 1839 int bytes_to_copy = (len > remaining) ? remaining : len; 1840 1841 memcpy_fromfs(scratch + (p - top), tmp, bytes_to_copy); 1842 1843 tmp += bytes_to_copy; 1844 remaining -= bytes_to_copy; 1845 p += bytes_to_copy; 1846 len -= bytes_to_copy; 1847 1848 if (remaining == 0) { 1849 memcpy_to_target(top, scratch, p - top); 1850 top = p; 1851 remaining = TARGET_PAGE_SIZE; 1852 } 1853 } 1854 } 1855 if (p != top) { 1856 memcpy_to_target(top, scratch, p - top); 1857 } 1858 } 1859 1860 return p; 1861} 1862 1863/* Older linux kernels provide up to MAX_ARG_PAGES (default: 32) of 1864 * argument/environment space. Newer kernels (>2.6.33) allow more, 1865 * dependent on stack size, but guarantee at least 32 pages for 1866 * backwards compatibility. 1867 */ 1868#define STACK_LOWER_LIMIT (32 * TARGET_PAGE_SIZE) 1869 1870static abi_ulong setup_arg_pages(struct linux_binprm *bprm, 1871 struct image_info *info) 1872{ 1873 abi_ulong size, error, guard; 1874 1875 size = guest_stack_size; 1876 if (size < STACK_LOWER_LIMIT) { 1877 size = STACK_LOWER_LIMIT; 1878 } 1879 guard = TARGET_PAGE_SIZE; 1880 if (guard < qemu_real_host_page_size) { 1881 guard = qemu_real_host_page_size; 1882 } 1883 1884 error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE, 1885 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1886 if (error == -1) { 1887 perror("mmap stack"); 1888 exit(-1); 1889 } 1890 1891 /* We reserve one extra page at the top of the stack as guard. */ 1892 if (STACK_GROWS_DOWN) { 1893 target_mprotect(error, guard, PROT_NONE); 1894 info->stack_limit = error + guard; 1895 return info->stack_limit + size - sizeof(void *); 1896 } else { 1897 target_mprotect(error + size, guard, PROT_NONE); 1898 info->stack_limit = error + size; 1899 return error; 1900 } 1901} 1902 1903/* Map and zero the bss. We need to explicitly zero any fractional pages 1904 after the data section (i.e. bss). */ 1905static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot) 1906{ 1907 uintptr_t host_start, host_map_start, host_end; 1908 1909 last_bss = TARGET_PAGE_ALIGN(last_bss); 1910 1911 /* ??? There is confusion between qemu_real_host_page_size and 1912 qemu_host_page_size here and elsewhere in target_mmap, which 1913 may lead to the end of the data section mapping from the file 1914 not being mapped. At least there was an explicit test and 1915 comment for that here, suggesting that "the file size must 1916 be known". The comment probably pre-dates the introduction 1917 of the fstat system call in target_mmap which does in fact 1918 find out the size. What isn't clear is if the workaround 1919 here is still actually needed. For now, continue with it, 1920 but merge it with the "normal" mmap that would allocate the bss. */ 1921 1922 host_start = (uintptr_t) g2h_untagged(elf_bss); 1923 host_end = (uintptr_t) g2h_untagged(last_bss); 1924 host_map_start = REAL_HOST_PAGE_ALIGN(host_start); 1925 1926 if (host_map_start < host_end) { 1927 void *p = mmap((void *)host_map_start, host_end - host_map_start, 1928 prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 1929 if (p == MAP_FAILED) { 1930 perror("cannot mmap brk"); 1931 exit(-1); 1932 } 1933 } 1934 1935 /* Ensure that the bss page(s) are valid */ 1936 if ((page_get_flags(last_bss-1) & prot) != prot) { 1937 page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot | PAGE_VALID); 1938 } 1939 1940 if (host_start < host_map_start) { 1941 memset((void *)host_start, 0, host_map_start - host_start); 1942 } 1943} 1944 1945#ifdef TARGET_ARM 1946static int elf_is_fdpic(struct elfhdr *exec) 1947{ 1948 return exec->e_ident[EI_OSABI] == ELFOSABI_ARM_FDPIC; 1949} 1950#else 1951/* Default implementation, always false. */ 1952static int elf_is_fdpic(struct elfhdr *exec) 1953{ 1954 return 0; 1955} 1956#endif 1957 1958static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp) 1959{ 1960 uint16_t n; 1961 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs; 1962 1963 /* elf32_fdpic_loadseg */ 1964 n = info->nsegs; 1965 while (n--) { 1966 sp -= 12; 1967 put_user_u32(loadsegs[n].addr, sp+0); 1968 put_user_u32(loadsegs[n].p_vaddr, sp+4); 1969 put_user_u32(loadsegs[n].p_memsz, sp+8); 1970 } 1971 1972 /* elf32_fdpic_loadmap */ 1973 sp -= 4; 1974 put_user_u16(0, sp+0); /* version */ 1975 put_user_u16(info->nsegs, sp+2); /* nsegs */ 1976 1977 info->personality = PER_LINUX_FDPIC; 1978 info->loadmap_addr = sp; 1979 1980 return sp; 1981} 1982 1983static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc, 1984 struct elfhdr *exec, 1985 struct image_info *info, 1986 struct image_info *interp_info) 1987{ 1988 abi_ulong sp; 1989 abi_ulong u_argc, u_argv, u_envp, u_auxv; 1990 int size; 1991 int i; 1992 abi_ulong u_rand_bytes; 1993 uint8_t k_rand_bytes[16]; 1994 abi_ulong u_platform; 1995 const char *k_platform; 1996 const int n = sizeof(elf_addr_t); 1997 1998 sp = p; 1999 2000 /* Needs to be before we load the env/argc/... */ 2001 if (elf_is_fdpic(exec)) { 2002 /* Need 4 byte alignment for these structs */ 2003 sp &= ~3; 2004 sp = loader_build_fdpic_loadmap(info, sp); 2005 info->other_info = interp_info; 2006 if (interp_info) { 2007 interp_info->other_info = info; 2008 sp = loader_build_fdpic_loadmap(interp_info, sp); 2009 info->interpreter_loadmap_addr = interp_info->loadmap_addr; 2010 info->interpreter_pt_dynamic_addr = interp_info->pt_dynamic_addr; 2011 } else { 2012 info->interpreter_loadmap_addr = 0; 2013 info->interpreter_pt_dynamic_addr = 0; 2014 } 2015 } 2016 2017 u_platform = 0; 2018 k_platform = ELF_PLATFORM; 2019 if (k_platform) { 2020 size_t len = strlen(k_platform) + 1; 2021 if (STACK_GROWS_DOWN) { 2022 sp -= (len + n - 1) & ~(n - 1); 2023 u_platform = sp; 2024 /* FIXME - check return value of memcpy_to_target() for failure */ 2025 memcpy_to_target(sp, k_platform, len); 2026 } else { 2027 memcpy_to_target(sp, k_platform, len); 2028 u_platform = sp; 2029 sp += len + 1; 2030 } 2031 } 2032 2033 /* Provide 16 byte alignment for the PRNG, and basic alignment for 2034 * the argv and envp pointers. 2035 */ 2036 if (STACK_GROWS_DOWN) { 2037 sp = QEMU_ALIGN_DOWN(sp, 16); 2038 } else { 2039 sp = QEMU_ALIGN_UP(sp, 16); 2040 } 2041 2042 /* 2043 * Generate 16 random bytes for userspace PRNG seeding. 2044 */ 2045 qemu_guest_getrandom_nofail(k_rand_bytes, sizeof(k_rand_bytes)); 2046 if (STACK_GROWS_DOWN) { 2047 sp -= 16; 2048 u_rand_bytes = sp; 2049 /* FIXME - check return value of memcpy_to_target() for failure */ 2050 memcpy_to_target(sp, k_rand_bytes, 16); 2051 } else { 2052 memcpy_to_target(sp, k_rand_bytes, 16); 2053 u_rand_bytes = sp; 2054 sp += 16; 2055 } 2056 2057 size = (DLINFO_ITEMS + 1) * 2; 2058 if (k_platform) 2059 size += 2; 2060#ifdef DLINFO_ARCH_ITEMS 2061 size += DLINFO_ARCH_ITEMS * 2; 2062#endif 2063#ifdef ELF_HWCAP2 2064 size += 2; 2065#endif 2066 info->auxv_len = size * n; 2067 2068 size += envc + argc + 2; 2069 size += 1; /* argc itself */ 2070 size *= n; 2071 2072 /* Allocate space and finalize stack alignment for entry now. */ 2073 if (STACK_GROWS_DOWN) { 2074 u_argc = QEMU_ALIGN_DOWN(sp - size, STACK_ALIGNMENT); 2075 sp = u_argc; 2076 } else { 2077 u_argc = sp; 2078 sp = QEMU_ALIGN_UP(sp + size, STACK_ALIGNMENT); 2079 } 2080 2081 u_argv = u_argc + n; 2082 u_envp = u_argv + (argc + 1) * n; 2083 u_auxv = u_envp + (envc + 1) * n; 2084 info->saved_auxv = u_auxv; 2085 info->arg_start = u_argv; 2086 info->arg_end = u_argv + argc * n; 2087 2088 /* This is correct because Linux defines 2089 * elf_addr_t as Elf32_Off / Elf64_Off 2090 */ 2091#define NEW_AUX_ENT(id, val) do { \ 2092 put_user_ual(id, u_auxv); u_auxv += n; \ 2093 put_user_ual(val, u_auxv); u_auxv += n; \ 2094 } while(0) 2095 2096#ifdef ARCH_DLINFO 2097 /* 2098 * ARCH_DLINFO must come first so platform specific code can enforce 2099 * special alignment requirements on the AUXV if necessary (eg. PPC). 2100 */ 2101 ARCH_DLINFO; 2102#endif 2103 /* There must be exactly DLINFO_ITEMS entries here, or the assert 2104 * on info->auxv_len will trigger. 2105 */ 2106 NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff)); 2107 NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr))); 2108 NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum)); 2109 if ((info->alignment & ~qemu_host_page_mask) != 0) { 2110 /* Target doesn't support host page size alignment */ 2111 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE)); 2112 } else { 2113 NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(MAX(TARGET_PAGE_SIZE, 2114 qemu_host_page_size))); 2115 } 2116 NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0)); 2117 NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0); 2118 NEW_AUX_ENT(AT_ENTRY, info->entry); 2119 NEW_AUX_ENT(AT_UID, (abi_ulong) getuid()); 2120 NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid()); 2121 NEW_AUX_ENT(AT_GID, (abi_ulong) getgid()); 2122 NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid()); 2123 NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP); 2124 NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK)); 2125 NEW_AUX_ENT(AT_RANDOM, (abi_ulong) u_rand_bytes); 2126 NEW_AUX_ENT(AT_SECURE, (abi_ulong) qemu_getauxval(AT_SECURE)); 2127 NEW_AUX_ENT(AT_EXECFN, info->file_string); 2128 2129#ifdef ELF_HWCAP2 2130 NEW_AUX_ENT(AT_HWCAP2, (abi_ulong) ELF_HWCAP2); 2131#endif 2132 2133 if (u_platform) { 2134 NEW_AUX_ENT(AT_PLATFORM, u_platform); 2135 } 2136 NEW_AUX_ENT (AT_NULL, 0); 2137#undef NEW_AUX_ENT 2138 2139 /* Check that our initial calculation of the auxv length matches how much 2140 * we actually put into it. 2141 */ 2142 assert(info->auxv_len == u_auxv - info->saved_auxv); 2143 2144 put_user_ual(argc, u_argc); 2145 2146 p = info->arg_strings; 2147 for (i = 0; i < argc; ++i) { 2148 put_user_ual(p, u_argv); 2149 u_argv += n; 2150 p += target_strlen(p) + 1; 2151 } 2152 put_user_ual(0, u_argv); 2153 2154 p = info->env_strings; 2155 for (i = 0; i < envc; ++i) { 2156 put_user_ual(p, u_envp); 2157 u_envp += n; 2158 p += target_strlen(p) + 1; 2159 } 2160 put_user_ual(0, u_envp); 2161 2162 return sp; 2163} 2164 2165#ifndef ARM_COMMPAGE 2166#define ARM_COMMPAGE 0 2167#define init_guest_commpage() true 2168#endif 2169 2170static void pgb_fail_in_use(const char *image_name) 2171{ 2172 error_report("%s: requires virtual address space that is in use " 2173 "(omit the -B option or choose a different value)", 2174 image_name); 2175 exit(EXIT_FAILURE); 2176} 2177 2178static void pgb_have_guest_base(const char *image_name, abi_ulong guest_loaddr, 2179 abi_ulong guest_hiaddr, long align) 2180{ 2181 const int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 2182 void *addr, *test; 2183 2184 if (!QEMU_IS_ALIGNED(guest_base, align)) { 2185 fprintf(stderr, "Requested guest base %p does not satisfy " 2186 "host minimum alignment (0x%lx)\n", 2187 (void *)guest_base, align); 2188 exit(EXIT_FAILURE); 2189 } 2190 2191 /* Sanity check the guest binary. */ 2192 if (reserved_va) { 2193 if (guest_hiaddr > reserved_va) { 2194 error_report("%s: requires more than reserved virtual " 2195 "address space (0x%" PRIx64 " > 0x%lx)", 2196 image_name, (uint64_t)guest_hiaddr, reserved_va); 2197 exit(EXIT_FAILURE); 2198 } 2199 } else { 2200#if HOST_LONG_BITS < TARGET_ABI_BITS 2201 if ((guest_hiaddr - guest_base) > ~(uintptr_t)0) { 2202 error_report("%s: requires more virtual address space " 2203 "than the host can provide (0x%" PRIx64 ")", 2204 image_name, (uint64_t)guest_hiaddr - guest_base); 2205 exit(EXIT_FAILURE); 2206 } 2207#endif 2208 } 2209 2210 /* 2211 * Expand the allocation to the entire reserved_va. 2212 * Exclude the mmap_min_addr hole. 2213 */ 2214 if (reserved_va) { 2215 guest_loaddr = (guest_base >= mmap_min_addr ? 0 2216 : mmap_min_addr - guest_base); 2217 guest_hiaddr = reserved_va; 2218 } 2219 2220 /* Reserve the address space for the binary, or reserved_va. */ 2221 test = g2h_untagged(guest_loaddr); 2222 addr = mmap(test, guest_hiaddr - guest_loaddr, PROT_NONE, flags, -1, 0); 2223 if (test != addr) { 2224 pgb_fail_in_use(image_name); 2225 } 2226} 2227 2228/** 2229 * pgd_find_hole_fallback: potential mmap address 2230 * @guest_size: size of available space 2231 * @brk: location of break 2232 * @align: memory alignment 2233 * 2234 * This is a fallback method for finding a hole in the host address 2235 * space if we don't have the benefit of being able to access 2236 * /proc/self/map. It can potentially take a very long time as we can 2237 * only dumbly iterate up the host address space seeing if the 2238 * allocation would work. 2239 */ 2240static uintptr_t pgd_find_hole_fallback(uintptr_t guest_size, uintptr_t brk, 2241 long align, uintptr_t offset) 2242{ 2243 uintptr_t base; 2244 2245 /* Start (aligned) at the bottom and work our way up */ 2246 base = ROUND_UP(mmap_min_addr, align); 2247 2248 while (true) { 2249 uintptr_t align_start, end; 2250 align_start = ROUND_UP(base, align); 2251 end = align_start + guest_size + offset; 2252 2253 /* if brk is anywhere in the range give ourselves some room to grow. */ 2254 if (align_start <= brk && brk < end) { 2255 base = brk + (16 * MiB); 2256 continue; 2257 } else if (align_start + guest_size < align_start) { 2258 /* we have run out of space */ 2259 return -1; 2260 } else { 2261 int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE | 2262 MAP_FIXED_NOREPLACE; 2263 void * mmap_start = mmap((void *) align_start, guest_size, 2264 PROT_NONE, flags, -1, 0); 2265 if (mmap_start != MAP_FAILED) { 2266 munmap(mmap_start, guest_size); 2267 if (mmap_start == (void *) align_start) { 2268 return (uintptr_t) mmap_start + offset; 2269 } 2270 } 2271 base += qemu_host_page_size; 2272 } 2273 } 2274} 2275 2276/* Return value for guest_base, or -1 if no hole found. */ 2277static uintptr_t pgb_find_hole(uintptr_t guest_loaddr, uintptr_t guest_size, 2278 long align, uintptr_t offset) 2279{ 2280 GSList *maps, *iter; 2281 uintptr_t this_start, this_end, next_start, brk; 2282 intptr_t ret = -1; 2283 2284 assert(QEMU_IS_ALIGNED(guest_loaddr, align)); 2285 2286 maps = read_self_maps(); 2287 2288 /* Read brk after we've read the maps, which will malloc. */ 2289 brk = (uintptr_t)sbrk(0); 2290 2291 if (!maps) { 2292 ret = pgd_find_hole_fallback(guest_size, brk, align, offset); 2293 return ret == -1 ? -1 : ret - guest_loaddr; 2294 } 2295 2296 /* The first hole is before the first map entry. */ 2297 this_start = mmap_min_addr; 2298 2299 for (iter = maps; iter; 2300 this_start = next_start, iter = g_slist_next(iter)) { 2301 uintptr_t align_start, hole_size; 2302 2303 this_end = ((MapInfo *)iter->data)->start; 2304 next_start = ((MapInfo *)iter->data)->end; 2305 align_start = ROUND_UP(this_start + offset, align); 2306 2307 /* Skip holes that are too small. */ 2308 if (align_start >= this_end) { 2309 continue; 2310 } 2311 hole_size = this_end - align_start; 2312 if (hole_size < guest_size) { 2313 continue; 2314 } 2315 2316 /* If this hole contains brk, give ourselves some room to grow. */ 2317 if (this_start <= brk && brk < this_end) { 2318 hole_size -= guest_size; 2319 if (sizeof(uintptr_t) == 8 && hole_size >= 1 * GiB) { 2320 align_start += 1 * GiB; 2321 } else if (hole_size >= 16 * MiB) { 2322 align_start += 16 * MiB; 2323 } else { 2324 align_start = (this_end - guest_size) & -align; 2325 if (align_start < this_start) { 2326 continue; 2327 } 2328 } 2329 } 2330 2331 /* Record the lowest successful match. */ 2332 if (ret < 0) { 2333 ret = align_start - guest_loaddr; 2334 } 2335 /* If this hole contains the identity map, select it. */ 2336 if (align_start <= guest_loaddr && 2337 guest_loaddr + guest_size <= this_end) { 2338 ret = 0; 2339 } 2340 /* If this hole ends above the identity map, stop looking. */ 2341 if (this_end >= guest_loaddr) { 2342 break; 2343 } 2344 } 2345 free_self_maps(maps); 2346 2347 return ret; 2348} 2349 2350static void pgb_static(const char *image_name, abi_ulong orig_loaddr, 2351 abi_ulong orig_hiaddr, long align) 2352{ 2353 uintptr_t loaddr = orig_loaddr; 2354 uintptr_t hiaddr = orig_hiaddr; 2355 uintptr_t offset = 0; 2356 uintptr_t addr; 2357 2358 if (hiaddr != orig_hiaddr) { 2359 error_report("%s: requires virtual address space that the " 2360 "host cannot provide (0x%" PRIx64 ")", 2361 image_name, (uint64_t)orig_hiaddr); 2362 exit(EXIT_FAILURE); 2363 } 2364 2365 loaddr &= -align; 2366 if (ARM_COMMPAGE) { 2367 /* 2368 * Extend the allocation to include the commpage. 2369 * For a 64-bit host, this is just 4GiB; for a 32-bit host we 2370 * need to ensure there is space bellow the guest_base so we 2371 * can map the commpage in the place needed when the address 2372 * arithmetic wraps around. 2373 */ 2374 if (sizeof(uintptr_t) == 8 || loaddr >= 0x80000000u) { 2375 hiaddr = (uintptr_t) 4 << 30; 2376 } else { 2377 offset = -(ARM_COMMPAGE & -align); 2378 } 2379 } 2380 2381 addr = pgb_find_hole(loaddr, hiaddr - loaddr, align, offset); 2382 if (addr == -1) { 2383 /* 2384 * If ARM_COMMPAGE, there *might* be a non-consecutive allocation 2385 * that can satisfy both. But as the normal arm32 link base address 2386 * is ~32k, and we extend down to include the commpage, making the 2387 * overhead only ~96k, this is unlikely. 2388 */ 2389 error_report("%s: Unable to allocate %#zx bytes of " 2390 "virtual address space", image_name, 2391 (size_t)(hiaddr - loaddr)); 2392 exit(EXIT_FAILURE); 2393 } 2394 2395 guest_base = addr; 2396} 2397 2398static void pgb_dynamic(const char *image_name, long align) 2399{ 2400 /* 2401 * The executable is dynamic and does not require a fixed address. 2402 * All we need is a commpage that satisfies align. 2403 * If we do not need a commpage, leave guest_base == 0. 2404 */ 2405 if (ARM_COMMPAGE) { 2406 uintptr_t addr, commpage; 2407 2408 /* 64-bit hosts should have used reserved_va. */ 2409 assert(sizeof(uintptr_t) == 4); 2410 2411 /* 2412 * By putting the commpage at the first hole, that puts guest_base 2413 * just above that, and maximises the positive guest addresses. 2414 */ 2415 commpage = ARM_COMMPAGE & -align; 2416 addr = pgb_find_hole(commpage, -commpage, align, 0); 2417 assert(addr != -1); 2418 guest_base = addr; 2419 } 2420} 2421 2422static void pgb_reserved_va(const char *image_name, abi_ulong guest_loaddr, 2423 abi_ulong guest_hiaddr, long align) 2424{ 2425 int flags = MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE; 2426 void *addr, *test; 2427 2428 if (guest_hiaddr > reserved_va) { 2429 error_report("%s: requires more than reserved virtual " 2430 "address space (0x%" PRIx64 " > 0x%lx)", 2431 image_name, (uint64_t)guest_hiaddr, reserved_va); 2432 exit(EXIT_FAILURE); 2433 } 2434 2435 /* Widen the "image" to the entire reserved address space. */ 2436 pgb_static(image_name, 0, reserved_va, align); 2437 2438 /* osdep.h defines this as 0 if it's missing */ 2439 flags |= MAP_FIXED_NOREPLACE; 2440 2441 /* Reserve the memory on the host. */ 2442 assert(guest_base != 0); 2443 test = g2h_untagged(0); 2444 addr = mmap(test, reserved_va, PROT_NONE, flags, -1, 0); 2445 if (addr == MAP_FAILED || addr != test) { 2446 error_report("Unable to reserve 0x%lx bytes of virtual address " 2447 "space at %p (%s) for use as guest address space (check your" 2448 "virtual memory ulimit setting, min_mmap_addr or reserve less " 2449 "using -R option)", reserved_va, test, strerror(errno)); 2450 exit(EXIT_FAILURE); 2451 } 2452} 2453 2454void probe_guest_base(const char *image_name, abi_ulong guest_loaddr, 2455 abi_ulong guest_hiaddr) 2456{ 2457 /* In order to use host shmat, we must be able to honor SHMLBA. */ 2458 uintptr_t align = MAX(SHMLBA, qemu_host_page_size); 2459 2460 if (have_guest_base) { 2461 pgb_have_guest_base(image_name, guest_loaddr, guest_hiaddr, align); 2462 } else if (reserved_va) { 2463 pgb_reserved_va(image_name, guest_loaddr, guest_hiaddr, align); 2464 } else if (guest_loaddr) { 2465 pgb_static(image_name, guest_loaddr, guest_hiaddr, align); 2466 } else { 2467 pgb_dynamic(image_name, align); 2468 } 2469 2470 /* Reserve and initialize the commpage. */ 2471 if (!init_guest_commpage()) { 2472 /* 2473 * With have_guest_base, the user has selected the address and 2474 * we are trying to work with that. Otherwise, we have selected 2475 * free space and init_guest_commpage must succeeded. 2476 */ 2477 assert(have_guest_base); 2478 pgb_fail_in_use(image_name); 2479 } 2480 2481 assert(QEMU_IS_ALIGNED(guest_base, align)); 2482 qemu_log_mask(CPU_LOG_PAGE, "Locating guest address space " 2483 "@ 0x%" PRIx64 "\n", (uint64_t)guest_base); 2484} 2485 2486enum { 2487 /* The string "GNU\0" as a magic number. */ 2488 GNU0_MAGIC = const_le32('G' | 'N' << 8 | 'U' << 16), 2489 NOTE_DATA_SZ = 1 * KiB, 2490 NOTE_NAME_SZ = 4, 2491 ELF_GNU_PROPERTY_ALIGN = ELF_CLASS == ELFCLASS32 ? 4 : 8, 2492}; 2493 2494/* 2495 * Process a single gnu_property entry. 2496 * Return false for error. 2497 */ 2498static bool parse_elf_property(const uint32_t *data, int *off, int datasz, 2499 struct image_info *info, bool have_prev_type, 2500 uint32_t *prev_type, Error **errp) 2501{ 2502 uint32_t pr_type, pr_datasz, step; 2503 2504 if (*off > datasz || !QEMU_IS_ALIGNED(*off, ELF_GNU_PROPERTY_ALIGN)) { 2505 goto error_data; 2506 } 2507 datasz -= *off; 2508 data += *off / sizeof(uint32_t); 2509 2510 if (datasz < 2 * sizeof(uint32_t)) { 2511 goto error_data; 2512 } 2513 pr_type = data[0]; 2514 pr_datasz = data[1]; 2515 data += 2; 2516 datasz -= 2 * sizeof(uint32_t); 2517 step = ROUND_UP(pr_datasz, ELF_GNU_PROPERTY_ALIGN); 2518 if (step > datasz) { 2519 goto error_data; 2520 } 2521 2522 /* Properties are supposed to be unique and sorted on pr_type. */ 2523 if (have_prev_type && pr_type <= *prev_type) { 2524 if (pr_type == *prev_type) { 2525 error_setg(errp, "Duplicate property in PT_GNU_PROPERTY"); 2526 } else { 2527 error_setg(errp, "Unsorted property in PT_GNU_PROPERTY"); 2528 } 2529 return false; 2530 } 2531 *prev_type = pr_type; 2532 2533 if (!arch_parse_elf_property(pr_type, pr_datasz, data, info, errp)) { 2534 return false; 2535 } 2536 2537 *off += 2 * sizeof(uint32_t) + step; 2538 return true; 2539 2540 error_data: 2541 error_setg(errp, "Ill-formed property in PT_GNU_PROPERTY"); 2542 return false; 2543} 2544 2545/* Process NT_GNU_PROPERTY_TYPE_0. */ 2546static bool parse_elf_properties(int image_fd, 2547 struct image_info *info, 2548 const struct elf_phdr *phdr, 2549 char bprm_buf[BPRM_BUF_SIZE], 2550 Error **errp) 2551{ 2552 union { 2553 struct elf_note nhdr; 2554 uint32_t data[NOTE_DATA_SZ / sizeof(uint32_t)]; 2555 } note; 2556 2557 int n, off, datasz; 2558 bool have_prev_type; 2559 uint32_t prev_type; 2560 2561 /* Unless the arch requires properties, ignore them. */ 2562 if (!ARCH_USE_GNU_PROPERTY) { 2563 return true; 2564 } 2565 2566 /* If the properties are crazy large, that's too bad. */ 2567 n = phdr->p_filesz; 2568 if (n > sizeof(note)) { 2569 error_setg(errp, "PT_GNU_PROPERTY too large"); 2570 return false; 2571 } 2572 if (n < sizeof(note.nhdr)) { 2573 error_setg(errp, "PT_GNU_PROPERTY too small"); 2574 return false; 2575 } 2576 2577 if (phdr->p_offset + n <= BPRM_BUF_SIZE) { 2578 memcpy(¬e, bprm_buf + phdr->p_offset, n); 2579 } else { 2580 ssize_t len = pread(image_fd, ¬e, n, phdr->p_offset); 2581 if (len != n) { 2582 error_setg_errno(errp, errno, "Error reading file header"); 2583 return false; 2584 } 2585 } 2586 2587 /* 2588 * The contents of a valid PT_GNU_PROPERTY is a sequence 2589 * of uint32_t -- swap them all now. 2590 */ 2591#ifdef BSWAP_NEEDED 2592 for (int i = 0; i < n / 4; i++) { 2593 bswap32s(note.data + i); 2594 } 2595#endif 2596 2597 /* 2598 * Note that nhdr is 3 words, and that the "name" described by namesz 2599 * immediately follows nhdr and is thus at the 4th word. Further, all 2600 * of the inputs to the kernel's round_up are multiples of 4. 2601 */ 2602 if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 || 2603 note.nhdr.n_namesz != NOTE_NAME_SZ || 2604 note.data[3] != GNU0_MAGIC) { 2605 error_setg(errp, "Invalid note in PT_GNU_PROPERTY"); 2606 return false; 2607 } 2608 off = sizeof(note.nhdr) + NOTE_NAME_SZ; 2609 2610 datasz = note.nhdr.n_descsz + off; 2611 if (datasz > n) { 2612 error_setg(errp, "Invalid note size in PT_GNU_PROPERTY"); 2613 return false; 2614 } 2615 2616 have_prev_type = false; 2617 prev_type = 0; 2618 while (1) { 2619 if (off == datasz) { 2620 return true; /* end, exit ok */ 2621 } 2622 if (!parse_elf_property(note.data, &off, datasz, info, 2623 have_prev_type, &prev_type, errp)) { 2624 return false; 2625 } 2626 have_prev_type = true; 2627 } 2628} 2629 2630/* Load an ELF image into the address space. 2631 2632 IMAGE_NAME is the filename of the image, to use in error messages. 2633 IMAGE_FD is the open file descriptor for the image. 2634 2635 BPRM_BUF is a copy of the beginning of the file; this of course 2636 contains the elf file header at offset 0. It is assumed that this 2637 buffer is sufficiently aligned to present no problems to the host 2638 in accessing data at aligned offsets within the buffer. 2639 2640 On return: INFO values will be filled in, as necessary or available. */ 2641 2642static void load_elf_image(const char *image_name, int image_fd, 2643 struct image_info *info, char **pinterp_name, 2644 char bprm_buf[BPRM_BUF_SIZE]) 2645{ 2646 struct elfhdr *ehdr = (struct elfhdr *)bprm_buf; 2647 struct elf_phdr *phdr; 2648 abi_ulong load_addr, load_bias, loaddr, hiaddr, error; 2649 int i, retval, prot_exec; 2650 Error *err = NULL; 2651 2652 /* First of all, some simple consistency checks */ 2653 if (!elf_check_ident(ehdr)) { 2654 error_setg(&err, "Invalid ELF image for this architecture"); 2655 goto exit_errmsg; 2656 } 2657 bswap_ehdr(ehdr); 2658 if (!elf_check_ehdr(ehdr)) { 2659 error_setg(&err, "Invalid ELF image for this architecture"); 2660 goto exit_errmsg; 2661 } 2662 2663 i = ehdr->e_phnum * sizeof(struct elf_phdr); 2664 if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) { 2665 phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff); 2666 } else { 2667 phdr = (struct elf_phdr *) alloca(i); 2668 retval = pread(image_fd, phdr, i, ehdr->e_phoff); 2669 if (retval != i) { 2670 goto exit_read; 2671 } 2672 } 2673 bswap_phdr(phdr, ehdr->e_phnum); 2674 2675 info->nsegs = 0; 2676 info->pt_dynamic_addr = 0; 2677 2678 mmap_lock(); 2679 2680 /* 2681 * Find the maximum size of the image and allocate an appropriate 2682 * amount of memory to handle that. Locate the interpreter, if any. 2683 */ 2684 loaddr = -1, hiaddr = 0; 2685 info->alignment = 0; 2686 for (i = 0; i < ehdr->e_phnum; ++i) { 2687 struct elf_phdr *eppnt = phdr + i; 2688 if (eppnt->p_type == PT_LOAD) { 2689 abi_ulong a = eppnt->p_vaddr - eppnt->p_offset; 2690 if (a < loaddr) { 2691 loaddr = a; 2692 } 2693 a = eppnt->p_vaddr + eppnt->p_memsz; 2694 if (a > hiaddr) { 2695 hiaddr = a; 2696 } 2697 ++info->nsegs; 2698 info->alignment |= eppnt->p_align; 2699 } else if (eppnt->p_type == PT_INTERP && pinterp_name) { 2700 g_autofree char *interp_name = NULL; 2701 2702 if (*pinterp_name) { 2703 error_setg(&err, "Multiple PT_INTERP entries"); 2704 goto exit_errmsg; 2705 } 2706 2707 interp_name = g_malloc(eppnt->p_filesz); 2708 2709 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2710 memcpy(interp_name, bprm_buf + eppnt->p_offset, 2711 eppnt->p_filesz); 2712 } else { 2713 retval = pread(image_fd, interp_name, eppnt->p_filesz, 2714 eppnt->p_offset); 2715 if (retval != eppnt->p_filesz) { 2716 goto exit_read; 2717 } 2718 } 2719 if (interp_name[eppnt->p_filesz - 1] != 0) { 2720 error_setg(&err, "Invalid PT_INTERP entry"); 2721 goto exit_errmsg; 2722 } 2723 *pinterp_name = g_steal_pointer(&interp_name); 2724 } else if (eppnt->p_type == PT_GNU_PROPERTY) { 2725 if (!parse_elf_properties(image_fd, info, eppnt, bprm_buf, &err)) { 2726 goto exit_errmsg; 2727 } 2728 } 2729 } 2730 2731 if (pinterp_name != NULL) { 2732 /* 2733 * This is the main executable. 2734 * 2735 * Reserve extra space for brk. 2736 * We hold on to this space while placing the interpreter 2737 * and the stack, lest they be placed immediately after 2738 * the data segment and block allocation from the brk. 2739 * 2740 * 16MB is chosen as "large enough" without being so large 2741 * as to allow the result to not fit with a 32-bit guest on 2742 * a 32-bit host. 2743 */ 2744 info->reserve_brk = 16 * MiB; 2745 hiaddr += info->reserve_brk; 2746 2747 if (ehdr->e_type == ET_EXEC) { 2748 /* 2749 * Make sure that the low address does not conflict with 2750 * MMAP_MIN_ADDR or the QEMU application itself. 2751 */ 2752 probe_guest_base(image_name, loaddr, hiaddr); 2753 } else { 2754 /* 2755 * The binary is dynamic, but we still need to 2756 * select guest_base. In this case we pass a size. 2757 */ 2758 probe_guest_base(image_name, 0, hiaddr - loaddr); 2759 } 2760 } 2761 2762 /* 2763 * Reserve address space for all of this. 2764 * 2765 * In the case of ET_EXEC, we supply MAP_FIXED so that we get 2766 * exactly the address range that is required. 2767 * 2768 * Otherwise this is ET_DYN, and we are searching for a location 2769 * that can hold the memory space required. If the image is 2770 * pre-linked, LOADDR will be non-zero, and the kernel should 2771 * honor that address if it happens to be free. 2772 * 2773 * In both cases, we will overwrite pages in this range with mappings 2774 * from the executable. 2775 */ 2776 load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE, 2777 MAP_PRIVATE | MAP_ANON | MAP_NORESERVE | 2778 (ehdr->e_type == ET_EXEC ? MAP_FIXED : 0), 2779 -1, 0); 2780 if (load_addr == -1) { 2781 goto exit_mmap; 2782 } 2783 load_bias = load_addr - loaddr; 2784 2785 if (elf_is_fdpic(ehdr)) { 2786 struct elf32_fdpic_loadseg *loadsegs = info->loadsegs = 2787 g_malloc(sizeof(*loadsegs) * info->nsegs); 2788 2789 for (i = 0; i < ehdr->e_phnum; ++i) { 2790 switch (phdr[i].p_type) { 2791 case PT_DYNAMIC: 2792 info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias; 2793 break; 2794 case PT_LOAD: 2795 loadsegs->addr = phdr[i].p_vaddr + load_bias; 2796 loadsegs->p_vaddr = phdr[i].p_vaddr; 2797 loadsegs->p_memsz = phdr[i].p_memsz; 2798 ++loadsegs; 2799 break; 2800 } 2801 } 2802 } 2803 2804 info->load_bias = load_bias; 2805 info->code_offset = load_bias; 2806 info->data_offset = load_bias; 2807 info->load_addr = load_addr; 2808 info->entry = ehdr->e_entry + load_bias; 2809 info->start_code = -1; 2810 info->end_code = 0; 2811 info->start_data = -1; 2812 info->end_data = 0; 2813 info->brk = 0; 2814 info->elf_flags = ehdr->e_flags; 2815 2816 prot_exec = PROT_EXEC; 2817#ifdef TARGET_AARCH64 2818 /* 2819 * If the BTI feature is present, this indicates that the executable 2820 * pages of the startup binary should be mapped with PROT_BTI, so that 2821 * branch targets are enforced. 2822 * 2823 * The startup binary is either the interpreter or the static executable. 2824 * The interpreter is responsible for all pages of a dynamic executable. 2825 * 2826 * Elf notes are backward compatible to older cpus. 2827 * Do not enable BTI unless it is supported. 2828 */ 2829 if ((info->note_flags & GNU_PROPERTY_AARCH64_FEATURE_1_BTI) 2830 && (pinterp_name == NULL || *pinterp_name == 0) 2831 && cpu_isar_feature(aa64_bti, ARM_CPU(thread_cpu))) { 2832 prot_exec |= TARGET_PROT_BTI; 2833 } 2834#endif 2835 2836 for (i = 0; i < ehdr->e_phnum; i++) { 2837 struct elf_phdr *eppnt = phdr + i; 2838 if (eppnt->p_type == PT_LOAD) { 2839 abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em, vaddr_len; 2840 int elf_prot = 0; 2841 2842 if (eppnt->p_flags & PF_R) { 2843 elf_prot |= PROT_READ; 2844 } 2845 if (eppnt->p_flags & PF_W) { 2846 elf_prot |= PROT_WRITE; 2847 } 2848 if (eppnt->p_flags & PF_X) { 2849 elf_prot |= prot_exec; 2850 } 2851 2852 vaddr = load_bias + eppnt->p_vaddr; 2853 vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr); 2854 vaddr_ps = TARGET_ELF_PAGESTART(vaddr); 2855 2856 vaddr_ef = vaddr + eppnt->p_filesz; 2857 vaddr_em = vaddr + eppnt->p_memsz; 2858 2859 /* 2860 * Some segments may be completely empty, with a non-zero p_memsz 2861 * but no backing file segment. 2862 */ 2863 if (eppnt->p_filesz != 0) { 2864 vaddr_len = TARGET_ELF_PAGELENGTH(eppnt->p_filesz + vaddr_po); 2865 error = target_mmap(vaddr_ps, vaddr_len, elf_prot, 2866 MAP_PRIVATE | MAP_FIXED, 2867 image_fd, eppnt->p_offset - vaddr_po); 2868 2869 if (error == -1) { 2870 goto exit_mmap; 2871 } 2872 2873 /* 2874 * If the load segment requests extra zeros (e.g. bss), map it. 2875 */ 2876 if (eppnt->p_filesz < eppnt->p_memsz) { 2877 zero_bss(vaddr_ef, vaddr_em, elf_prot); 2878 } 2879 } else if (eppnt->p_memsz != 0) { 2880 vaddr_len = TARGET_ELF_PAGELENGTH(eppnt->p_memsz + vaddr_po); 2881 error = target_mmap(vaddr_ps, vaddr_len, elf_prot, 2882 MAP_PRIVATE | MAP_FIXED | MAP_ANONYMOUS, 2883 -1, 0); 2884 2885 if (error == -1) { 2886 goto exit_mmap; 2887 } 2888 } 2889 2890 /* Find the full program boundaries. */ 2891 if (elf_prot & PROT_EXEC) { 2892 if (vaddr < info->start_code) { 2893 info->start_code = vaddr; 2894 } 2895 if (vaddr_ef > info->end_code) { 2896 info->end_code = vaddr_ef; 2897 } 2898 } 2899 if (elf_prot & PROT_WRITE) { 2900 if (vaddr < info->start_data) { 2901 info->start_data = vaddr; 2902 } 2903 if (vaddr_ef > info->end_data) { 2904 info->end_data = vaddr_ef; 2905 } 2906 } 2907 if (vaddr_em > info->brk) { 2908 info->brk = vaddr_em; 2909 } 2910#ifdef TARGET_MIPS 2911 } else if (eppnt->p_type == PT_MIPS_ABIFLAGS) { 2912 Mips_elf_abiflags_v0 abiflags; 2913 if (eppnt->p_filesz < sizeof(Mips_elf_abiflags_v0)) { 2914 error_setg(&err, "Invalid PT_MIPS_ABIFLAGS entry"); 2915 goto exit_errmsg; 2916 } 2917 if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) { 2918 memcpy(&abiflags, bprm_buf + eppnt->p_offset, 2919 sizeof(Mips_elf_abiflags_v0)); 2920 } else { 2921 retval = pread(image_fd, &abiflags, sizeof(Mips_elf_abiflags_v0), 2922 eppnt->p_offset); 2923 if (retval != sizeof(Mips_elf_abiflags_v0)) { 2924 goto exit_read; 2925 } 2926 } 2927 bswap_mips_abiflags(&abiflags); 2928 info->fp_abi = abiflags.fp_abi; 2929#endif 2930 } 2931 } 2932 2933 if (info->end_data == 0) { 2934 info->start_data = info->end_code; 2935 info->end_data = info->end_code; 2936 } 2937 2938 if (qemu_log_enabled()) { 2939 load_symbols(ehdr, image_fd, load_bias); 2940 } 2941 2942 mmap_unlock(); 2943 2944 close(image_fd); 2945 return; 2946 2947 exit_read: 2948 if (retval >= 0) { 2949 error_setg(&err, "Incomplete read of file header"); 2950 } else { 2951 error_setg_errno(&err, errno, "Error reading file header"); 2952 } 2953 goto exit_errmsg; 2954 exit_mmap: 2955 error_setg_errno(&err, errno, "Error mapping file"); 2956 goto exit_errmsg; 2957 exit_errmsg: 2958 error_reportf_err(err, "%s: ", image_name); 2959 exit(-1); 2960} 2961 2962static void load_elf_interp(const char *filename, struct image_info *info, 2963 char bprm_buf[BPRM_BUF_SIZE]) 2964{ 2965 int fd, retval; 2966 Error *err = NULL; 2967 2968 fd = open(path(filename), O_RDONLY); 2969 if (fd < 0) { 2970 error_setg_file_open(&err, errno, filename); 2971 error_report_err(err); 2972 exit(-1); 2973 } 2974 2975 retval = read(fd, bprm_buf, BPRM_BUF_SIZE); 2976 if (retval < 0) { 2977 error_setg_errno(&err, errno, "Error reading file header"); 2978 error_reportf_err(err, "%s: ", filename); 2979 exit(-1); 2980 } 2981 2982 if (retval < BPRM_BUF_SIZE) { 2983 memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval); 2984 } 2985 2986 load_elf_image(filename, fd, info, NULL, bprm_buf); 2987} 2988 2989static int symfind(const void *s0, const void *s1) 2990{ 2991 target_ulong addr = *(target_ulong *)s0; 2992 struct elf_sym *sym = (struct elf_sym *)s1; 2993 int result = 0; 2994 if (addr < sym->st_value) { 2995 result = -1; 2996 } else if (addr >= sym->st_value + sym->st_size) { 2997 result = 1; 2998 } 2999 return result; 3000} 3001 3002static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr) 3003{ 3004#if ELF_CLASS == ELFCLASS32 3005 struct elf_sym *syms = s->disas_symtab.elf32; 3006#else 3007 struct elf_sym *syms = s->disas_symtab.elf64; 3008#endif 3009 3010 // binary search 3011 struct elf_sym *sym; 3012 3013 sym = bsearch(&orig_addr, syms, s->disas_num_syms, sizeof(*syms), symfind); 3014 if (sym != NULL) { 3015 return s->disas_strtab + sym->st_name; 3016 } 3017 3018 return ""; 3019} 3020 3021/* FIXME: This should use elf_ops.h */ 3022static int symcmp(const void *s0, const void *s1) 3023{ 3024 struct elf_sym *sym0 = (struct elf_sym *)s0; 3025 struct elf_sym *sym1 = (struct elf_sym *)s1; 3026 return (sym0->st_value < sym1->st_value) 3027 ? -1 3028 : ((sym0->st_value > sym1->st_value) ? 1 : 0); 3029} 3030 3031/* Best attempt to load symbols from this ELF object. */ 3032static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias) 3033{ 3034 int i, shnum, nsyms, sym_idx = 0, str_idx = 0; 3035 uint64_t segsz; 3036 struct elf_shdr *shdr; 3037 char *strings = NULL; 3038 struct syminfo *s = NULL; 3039 struct elf_sym *new_syms, *syms = NULL; 3040 3041 shnum = hdr->e_shnum; 3042 i = shnum * sizeof(struct elf_shdr); 3043 shdr = (struct elf_shdr *)alloca(i); 3044 if (pread(fd, shdr, i, hdr->e_shoff) != i) { 3045 return; 3046 } 3047 3048 bswap_shdr(shdr, shnum); 3049 for (i = 0; i < shnum; ++i) { 3050 if (shdr[i].sh_type == SHT_SYMTAB) { 3051 sym_idx = i; 3052 str_idx = shdr[i].sh_link; 3053 goto found; 3054 } 3055 } 3056 3057 /* There will be no symbol table if the file was stripped. */ 3058 return; 3059 3060 found: 3061 /* Now know where the strtab and symtab are. Snarf them. */ 3062 s = g_try_new(struct syminfo, 1); 3063 if (!s) { 3064 goto give_up; 3065 } 3066 3067 segsz = shdr[str_idx].sh_size; 3068 s->disas_strtab = strings = g_try_malloc(segsz); 3069 if (!strings || 3070 pread(fd, strings, segsz, shdr[str_idx].sh_offset) != segsz) { 3071 goto give_up; 3072 } 3073 3074 segsz = shdr[sym_idx].sh_size; 3075 syms = g_try_malloc(segsz); 3076 if (!syms || pread(fd, syms, segsz, shdr[sym_idx].sh_offset) != segsz) { 3077 goto give_up; 3078 } 3079 3080 if (segsz / sizeof(struct elf_sym) > INT_MAX) { 3081 /* Implausibly large symbol table: give up rather than ploughing 3082 * on with the number of symbols calculation overflowing 3083 */ 3084 goto give_up; 3085 } 3086 nsyms = segsz / sizeof(struct elf_sym); 3087 for (i = 0; i < nsyms; ) { 3088 bswap_sym(syms + i); 3089 /* Throw away entries which we do not need. */ 3090 if (syms[i].st_shndx == SHN_UNDEF 3091 || syms[i].st_shndx >= SHN_LORESERVE 3092 || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) { 3093 if (i < --nsyms) { 3094 syms[i] = syms[nsyms]; 3095 } 3096 } else { 3097#if defined(TARGET_ARM) || defined (TARGET_MIPS) 3098 /* The bottom address bit marks a Thumb or MIPS16 symbol. */ 3099 syms[i].st_value &= ~(target_ulong)1; 3100#endif 3101 syms[i].st_value += load_bias; 3102 i++; 3103 } 3104 } 3105 3106 /* No "useful" symbol. */ 3107 if (nsyms == 0) { 3108 goto give_up; 3109 } 3110 3111 /* Attempt to free the storage associated with the local symbols 3112 that we threw away. Whether or not this has any effect on the 3113 memory allocation depends on the malloc implementation and how 3114 many symbols we managed to discard. */ 3115 new_syms = g_try_renew(struct elf_sym, syms, nsyms); 3116 if (new_syms == NULL) { 3117 goto give_up; 3118 } 3119 syms = new_syms; 3120 3121 qsort(syms, nsyms, sizeof(*syms), symcmp); 3122 3123 s->disas_num_syms = nsyms; 3124#if ELF_CLASS == ELFCLASS32 3125 s->disas_symtab.elf32 = syms; 3126#else 3127 s->disas_symtab.elf64 = syms; 3128#endif 3129 s->lookup_symbol = lookup_symbolxx; 3130 s->next = syminfos; 3131 syminfos = s; 3132 3133 return; 3134 3135give_up: 3136 g_free(s); 3137 g_free(strings); 3138 g_free(syms); 3139} 3140 3141uint32_t get_elf_eflags(int fd) 3142{ 3143 struct elfhdr ehdr; 3144 off_t offset; 3145 int ret; 3146 3147 /* Read ELF header */ 3148 offset = lseek(fd, 0, SEEK_SET); 3149 if (offset == (off_t) -1) { 3150 return 0; 3151 } 3152 ret = read(fd, &ehdr, sizeof(ehdr)); 3153 if (ret < sizeof(ehdr)) { 3154 return 0; 3155 } 3156 offset = lseek(fd, offset, SEEK_SET); 3157 if (offset == (off_t) -1) { 3158 return 0; 3159 } 3160 3161 /* Check ELF signature */ 3162 if (!elf_check_ident(&ehdr)) { 3163 return 0; 3164 } 3165 3166 /* check header */ 3167 bswap_ehdr(&ehdr); 3168 if (!elf_check_ehdr(&ehdr)) { 3169 return 0; 3170 } 3171 3172 /* return architecture id */ 3173 return ehdr.e_flags; 3174} 3175 3176int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) 3177{ 3178 struct image_info interp_info; 3179 struct elfhdr elf_ex; 3180 char *elf_interpreter = NULL; 3181 char *scratch; 3182 3183 memset(&interp_info, 0, sizeof(interp_info)); 3184#ifdef TARGET_MIPS 3185 interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN; 3186#endif 3187 3188 info->start_mmap = (abi_ulong)ELF_START_MMAP; 3189 3190 load_elf_image(bprm->filename, bprm->fd, info, 3191 &elf_interpreter, bprm->buf); 3192 3193 /* ??? We need a copy of the elf header for passing to create_elf_tables. 3194 If we do nothing, we'll have overwritten this when we re-use bprm->buf 3195 when we load the interpreter. */ 3196 elf_ex = *(struct elfhdr *)bprm->buf; 3197 3198 /* Do this so that we can load the interpreter, if need be. We will 3199 change some of these later */ 3200 bprm->p = setup_arg_pages(bprm, info); 3201 3202 scratch = g_new0(char, TARGET_PAGE_SIZE); 3203 if (STACK_GROWS_DOWN) { 3204 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3205 bprm->p, info->stack_limit); 3206 info->file_string = bprm->p; 3207 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3208 bprm->p, info->stack_limit); 3209 info->env_strings = bprm->p; 3210 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3211 bprm->p, info->stack_limit); 3212 info->arg_strings = bprm->p; 3213 } else { 3214 info->arg_strings = bprm->p; 3215 bprm->p = copy_elf_strings(bprm->argc, bprm->argv, scratch, 3216 bprm->p, info->stack_limit); 3217 info->env_strings = bprm->p; 3218 bprm->p = copy_elf_strings(bprm->envc, bprm->envp, scratch, 3219 bprm->p, info->stack_limit); 3220 info->file_string = bprm->p; 3221 bprm->p = copy_elf_strings(1, &bprm->filename, scratch, 3222 bprm->p, info->stack_limit); 3223 } 3224 3225 g_free(scratch); 3226 3227 if (!bprm->p) { 3228 fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG)); 3229 exit(-1); 3230 } 3231 3232 if (elf_interpreter) { 3233 load_elf_interp(elf_interpreter, &interp_info, bprm->buf); 3234 3235 /* If the program interpreter is one of these two, then assume 3236 an iBCS2 image. Otherwise assume a native linux image. */ 3237 3238 if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0 3239 || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) { 3240 info->personality = PER_SVR4; 3241 3242 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 3243 and some applications "depend" upon this behavior. Since 3244 we do not have the power to recompile these, we emulate 3245 the SVr4 behavior. Sigh. */ 3246 target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC, 3247 MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 3248 } 3249#ifdef TARGET_MIPS 3250 info->interp_fp_abi = interp_info.fp_abi; 3251#endif 3252 } 3253 3254 /* 3255 * TODO: load a vdso, which would also contain the signal trampolines. 3256 * Otherwise, allocate a private page to hold them. 3257 */ 3258 if (TARGET_ARCH_HAS_SIGTRAMP_PAGE) { 3259 abi_ulong tramp_page = target_mmap(0, TARGET_PAGE_SIZE, 3260 PROT_READ | PROT_WRITE, 3261 MAP_PRIVATE | MAP_ANON, -1, 0); 3262 setup_sigtramp(tramp_page); 3263 target_mprotect(tramp_page, TARGET_PAGE_SIZE, PROT_READ | PROT_EXEC); 3264 } 3265 3266 bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex, 3267 info, (elf_interpreter ? &interp_info : NULL)); 3268 info->start_stack = bprm->p; 3269 3270 /* If we have an interpreter, set that as the program's entry point. 3271 Copy the load_bias as well, to help PPC64 interpret the entry 3272 point as a function descriptor. Do this after creating elf tables 3273 so that we copy the original program entry point into the AUXV. */ 3274 if (elf_interpreter) { 3275 info->load_bias = interp_info.load_bias; 3276 info->entry = interp_info.entry; 3277 g_free(elf_interpreter); 3278 } 3279 3280#ifdef USE_ELF_CORE_DUMP 3281 bprm->core_dump = &elf_core_dump; 3282#endif 3283 3284 /* 3285 * If we reserved extra space for brk, release it now. 3286 * The implementation of do_brk in syscalls.c expects to be able 3287 * to mmap pages in this space. 3288 */ 3289 if (info->reserve_brk) { 3290 abi_ulong start_brk = HOST_PAGE_ALIGN(info->brk); 3291 abi_ulong end_brk = HOST_PAGE_ALIGN(info->brk + info->reserve_brk); 3292 target_munmap(start_brk, end_brk - start_brk); 3293 } 3294 3295 return 0; 3296} 3297 3298#ifdef USE_ELF_CORE_DUMP 3299/* 3300 * Definitions to generate Intel SVR4-like core files. 3301 * These mostly have the same names as the SVR4 types with "target_elf_" 3302 * tacked on the front to prevent clashes with linux definitions, 3303 * and the typedef forms have been avoided. This is mostly like 3304 * the SVR4 structure, but more Linuxy, with things that Linux does 3305 * not support and which gdb doesn't really use excluded. 3306 * 3307 * Fields we don't dump (their contents is zero) in linux-user qemu 3308 * are marked with XXX. 3309 * 3310 * Core dump code is copied from linux kernel (fs/binfmt_elf.c). 3311 * 3312 * Porting ELF coredump for target is (quite) simple process. First you 3313 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for 3314 * the target resides): 3315 * 3316 * #define USE_ELF_CORE_DUMP 3317 * 3318 * Next you define type of register set used for dumping. ELF specification 3319 * says that it needs to be array of elf_greg_t that has size of ELF_NREG. 3320 * 3321 * typedef <target_regtype> target_elf_greg_t; 3322 * #define ELF_NREG <number of registers> 3323 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG]; 3324 * 3325 * Last step is to implement target specific function that copies registers 3326 * from given cpu into just specified register set. Prototype is: 3327 * 3328 * static void elf_core_copy_regs(taret_elf_gregset_t *regs, 3329 * const CPUArchState *env); 3330 * 3331 * Parameters: 3332 * regs - copy register values into here (allocated and zeroed by caller) 3333 * env - copy registers from here 3334 * 3335 * Example for ARM target is provided in this file. 3336 */ 3337 3338/* An ELF note in memory */ 3339struct memelfnote { 3340 const char *name; 3341 size_t namesz; 3342 size_t namesz_rounded; 3343 int type; 3344 size_t datasz; 3345 size_t datasz_rounded; 3346 void *data; 3347 size_t notesz; 3348}; 3349 3350struct target_elf_siginfo { 3351 abi_int si_signo; /* signal number */ 3352 abi_int si_code; /* extra code */ 3353 abi_int si_errno; /* errno */ 3354}; 3355 3356struct target_elf_prstatus { 3357 struct target_elf_siginfo pr_info; /* Info associated with signal */ 3358 abi_short pr_cursig; /* Current signal */ 3359 abi_ulong pr_sigpend; /* XXX */ 3360 abi_ulong pr_sighold; /* XXX */ 3361 target_pid_t pr_pid; 3362 target_pid_t pr_ppid; 3363 target_pid_t pr_pgrp; 3364 target_pid_t pr_sid; 3365 struct target_timeval pr_utime; /* XXX User time */ 3366 struct target_timeval pr_stime; /* XXX System time */ 3367 struct target_timeval pr_cutime; /* XXX Cumulative user time */ 3368 struct target_timeval pr_cstime; /* XXX Cumulative system time */ 3369 target_elf_gregset_t pr_reg; /* GP registers */ 3370 abi_int pr_fpvalid; /* XXX */ 3371}; 3372 3373#define ELF_PRARGSZ (80) /* Number of chars for args */ 3374 3375struct target_elf_prpsinfo { 3376 char pr_state; /* numeric process state */ 3377 char pr_sname; /* char for pr_state */ 3378 char pr_zomb; /* zombie */ 3379 char pr_nice; /* nice val */ 3380 abi_ulong pr_flag; /* flags */ 3381 target_uid_t pr_uid; 3382 target_gid_t pr_gid; 3383 target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid; 3384 /* Lots missing */ 3385 char pr_fname[16] QEMU_NONSTRING; /* filename of executable */ 3386 char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */ 3387}; 3388 3389/* Here is the structure in which status of each thread is captured. */ 3390struct elf_thread_status { 3391 QTAILQ_ENTRY(elf_thread_status) ets_link; 3392 struct target_elf_prstatus prstatus; /* NT_PRSTATUS */ 3393#if 0 3394 elf_fpregset_t fpu; /* NT_PRFPREG */ 3395 struct task_struct *thread; 3396 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */ 3397#endif 3398 struct memelfnote notes[1]; 3399 int num_notes; 3400}; 3401 3402struct elf_note_info { 3403 struct memelfnote *notes; 3404 struct target_elf_prstatus *prstatus; /* NT_PRSTATUS */ 3405 struct target_elf_prpsinfo *psinfo; /* NT_PRPSINFO */ 3406 3407 QTAILQ_HEAD(, elf_thread_status) thread_list; 3408#if 0 3409 /* 3410 * Current version of ELF coredump doesn't support 3411 * dumping fp regs etc. 3412 */ 3413 elf_fpregset_t *fpu; 3414 elf_fpxregset_t *xfpu; 3415 int thread_status_size; 3416#endif 3417 int notes_size; 3418 int numnote; 3419}; 3420 3421struct vm_area_struct { 3422 target_ulong vma_start; /* start vaddr of memory region */ 3423 target_ulong vma_end; /* end vaddr of memory region */ 3424 abi_ulong vma_flags; /* protection etc. flags for the region */ 3425 QTAILQ_ENTRY(vm_area_struct) vma_link; 3426}; 3427 3428struct mm_struct { 3429 QTAILQ_HEAD(, vm_area_struct) mm_mmap; 3430 int mm_count; /* number of mappings */ 3431}; 3432 3433static struct mm_struct *vma_init(void); 3434static void vma_delete(struct mm_struct *); 3435static int vma_add_mapping(struct mm_struct *, target_ulong, 3436 target_ulong, abi_ulong); 3437static int vma_get_mapping_count(const struct mm_struct *); 3438static struct vm_area_struct *vma_first(const struct mm_struct *); 3439static struct vm_area_struct *vma_next(struct vm_area_struct *); 3440static abi_ulong vma_dump_size(const struct vm_area_struct *); 3441static int vma_walker(void *priv, target_ulong start, target_ulong end, 3442 unsigned long flags); 3443 3444static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t); 3445static void fill_note(struct memelfnote *, const char *, int, 3446 unsigned int, void *); 3447static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int); 3448static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *); 3449static void fill_auxv_note(struct memelfnote *, const TaskState *); 3450static void fill_elf_note_phdr(struct elf_phdr *, int, off_t); 3451static size_t note_size(const struct memelfnote *); 3452static void free_note_info(struct elf_note_info *); 3453static int fill_note_info(struct elf_note_info *, long, const CPUArchState *); 3454static void fill_thread_info(struct elf_note_info *, const CPUArchState *); 3455 3456static int dump_write(int, const void *, size_t); 3457static int write_note(struct memelfnote *, int); 3458static int write_note_info(struct elf_note_info *, int); 3459 3460#ifdef BSWAP_NEEDED 3461static void bswap_prstatus(struct target_elf_prstatus *prstatus) 3462{ 3463 prstatus->pr_info.si_signo = tswap32(prstatus->pr_info.si_signo); 3464 prstatus->pr_info.si_code = tswap32(prstatus->pr_info.si_code); 3465 prstatus->pr_info.si_errno = tswap32(prstatus->pr_info.si_errno); 3466 prstatus->pr_cursig = tswap16(prstatus->pr_cursig); 3467 prstatus->pr_sigpend = tswapal(prstatus->pr_sigpend); 3468 prstatus->pr_sighold = tswapal(prstatus->pr_sighold); 3469 prstatus->pr_pid = tswap32(prstatus->pr_pid); 3470 prstatus->pr_ppid = tswap32(prstatus->pr_ppid); 3471 prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp); 3472 prstatus->pr_sid = tswap32(prstatus->pr_sid); 3473 /* cpu times are not filled, so we skip them */ 3474 /* regs should be in correct format already */ 3475 prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid); 3476} 3477 3478static void bswap_psinfo(struct target_elf_prpsinfo *psinfo) 3479{ 3480 psinfo->pr_flag = tswapal(psinfo->pr_flag); 3481 psinfo->pr_uid = tswap16(psinfo->pr_uid); 3482 psinfo->pr_gid = tswap16(psinfo->pr_gid); 3483 psinfo->pr_pid = tswap32(psinfo->pr_pid); 3484 psinfo->pr_ppid = tswap32(psinfo->pr_ppid); 3485 psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp); 3486 psinfo->pr_sid = tswap32(psinfo->pr_sid); 3487} 3488 3489static void bswap_note(struct elf_note *en) 3490{ 3491 bswap32s(&en->n_namesz); 3492 bswap32s(&en->n_descsz); 3493 bswap32s(&en->n_type); 3494} 3495#else 3496static inline void bswap_prstatus(struct target_elf_prstatus *p) { } 3497static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {} 3498static inline void bswap_note(struct elf_note *en) { } 3499#endif /* BSWAP_NEEDED */ 3500 3501/* 3502 * Minimal support for linux memory regions. These are needed 3503 * when we are finding out what memory exactly belongs to 3504 * emulated process. No locks needed here, as long as 3505 * thread that received the signal is stopped. 3506 */ 3507 3508static struct mm_struct *vma_init(void) 3509{ 3510 struct mm_struct *mm; 3511 3512 if ((mm = g_malloc(sizeof (*mm))) == NULL) 3513 return (NULL); 3514 3515 mm->mm_count = 0; 3516 QTAILQ_INIT(&mm->mm_mmap); 3517 3518 return (mm); 3519} 3520 3521static void vma_delete(struct mm_struct *mm) 3522{ 3523 struct vm_area_struct *vma; 3524 3525 while ((vma = vma_first(mm)) != NULL) { 3526 QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link); 3527 g_free(vma); 3528 } 3529 g_free(mm); 3530} 3531 3532static int vma_add_mapping(struct mm_struct *mm, target_ulong start, 3533 target_ulong end, abi_ulong flags) 3534{ 3535 struct vm_area_struct *vma; 3536 3537 if ((vma = g_malloc0(sizeof (*vma))) == NULL) 3538 return (-1); 3539 3540 vma->vma_start = start; 3541 vma->vma_end = end; 3542 vma->vma_flags = flags; 3543 3544 QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link); 3545 mm->mm_count++; 3546 3547 return (0); 3548} 3549 3550static struct vm_area_struct *vma_first(const struct mm_struct *mm) 3551{ 3552 return (QTAILQ_FIRST(&mm->mm_mmap)); 3553} 3554 3555static struct vm_area_struct *vma_next(struct vm_area_struct *vma) 3556{ 3557 return (QTAILQ_NEXT(vma, vma_link)); 3558} 3559 3560static int vma_get_mapping_count(const struct mm_struct *mm) 3561{ 3562 return (mm->mm_count); 3563} 3564 3565/* 3566 * Calculate file (dump) size of given memory region. 3567 */ 3568static abi_ulong vma_dump_size(const struct vm_area_struct *vma) 3569{ 3570 /* if we cannot even read the first page, skip it */ 3571 if (!access_ok_untagged(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE)) 3572 return (0); 3573 3574 /* 3575 * Usually we don't dump executable pages as they contain 3576 * non-writable code that debugger can read directly from 3577 * target library etc. However, thread stacks are marked 3578 * also executable so we read in first page of given region 3579 * and check whether it contains elf header. If there is 3580 * no elf header, we dump it. 3581 */ 3582 if (vma->vma_flags & PROT_EXEC) { 3583 char page[TARGET_PAGE_SIZE]; 3584 3585 if (copy_from_user(page, vma->vma_start, sizeof (page))) { 3586 return 0; 3587 } 3588 if ((page[EI_MAG0] == ELFMAG0) && 3589 (page[EI_MAG1] == ELFMAG1) && 3590 (page[EI_MAG2] == ELFMAG2) && 3591 (page[EI_MAG3] == ELFMAG3)) { 3592 /* 3593 * Mappings are possibly from ELF binary. Don't dump 3594 * them. 3595 */ 3596 return (0); 3597 } 3598 } 3599 3600 return (vma->vma_end - vma->vma_start); 3601} 3602 3603static int vma_walker(void *priv, target_ulong start, target_ulong end, 3604 unsigned long flags) 3605{ 3606 struct mm_struct *mm = (struct mm_struct *)priv; 3607 3608 vma_add_mapping(mm, start, end, flags); 3609 return (0); 3610} 3611 3612static void fill_note(struct memelfnote *note, const char *name, int type, 3613 unsigned int sz, void *data) 3614{ 3615 unsigned int namesz; 3616 3617 namesz = strlen(name) + 1; 3618 note->name = name; 3619 note->namesz = namesz; 3620 note->namesz_rounded = roundup(namesz, sizeof (int32_t)); 3621 note->type = type; 3622 note->datasz = sz; 3623 note->datasz_rounded = roundup(sz, sizeof (int32_t)); 3624 3625 note->data = data; 3626 3627 /* 3628 * We calculate rounded up note size here as specified by 3629 * ELF document. 3630 */ 3631 note->notesz = sizeof (struct elf_note) + 3632 note->namesz_rounded + note->datasz_rounded; 3633} 3634 3635static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine, 3636 uint32_t flags) 3637{ 3638 (void) memset(elf, 0, sizeof(*elf)); 3639 3640 (void) memcpy(elf->e_ident, ELFMAG, SELFMAG); 3641 elf->e_ident[EI_CLASS] = ELF_CLASS; 3642 elf->e_ident[EI_DATA] = ELF_DATA; 3643 elf->e_ident[EI_VERSION] = EV_CURRENT; 3644 elf->e_ident[EI_OSABI] = ELF_OSABI; 3645 3646 elf->e_type = ET_CORE; 3647 elf->e_machine = machine; 3648 elf->e_version = EV_CURRENT; 3649 elf->e_phoff = sizeof(struct elfhdr); 3650 elf->e_flags = flags; 3651 elf->e_ehsize = sizeof(struct elfhdr); 3652 elf->e_phentsize = sizeof(struct elf_phdr); 3653 elf->e_phnum = segs; 3654 3655 bswap_ehdr(elf); 3656} 3657 3658static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset) 3659{ 3660 phdr->p_type = PT_NOTE; 3661 phdr->p_offset = offset; 3662 phdr->p_vaddr = 0; 3663 phdr->p_paddr = 0; 3664 phdr->p_filesz = sz; 3665 phdr->p_memsz = 0; 3666 phdr->p_flags = 0; 3667 phdr->p_align = 0; 3668 3669 bswap_phdr(phdr, 1); 3670} 3671 3672static size_t note_size(const struct memelfnote *note) 3673{ 3674 return (note->notesz); 3675} 3676 3677static void fill_prstatus(struct target_elf_prstatus *prstatus, 3678 const TaskState *ts, int signr) 3679{ 3680 (void) memset(prstatus, 0, sizeof (*prstatus)); 3681 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr; 3682 prstatus->pr_pid = ts->ts_tid; 3683 prstatus->pr_ppid = getppid(); 3684 prstatus->pr_pgrp = getpgrp(); 3685 prstatus->pr_sid = getsid(0); 3686 3687 bswap_prstatus(prstatus); 3688} 3689 3690static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts) 3691{ 3692 char *base_filename; 3693 unsigned int i, len; 3694 3695 (void) memset(psinfo, 0, sizeof (*psinfo)); 3696 3697 len = ts->info->env_strings - ts->info->arg_strings; 3698 if (len >= ELF_PRARGSZ) 3699 len = ELF_PRARGSZ - 1; 3700 if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_strings, len)) { 3701 return -EFAULT; 3702 } 3703 for (i = 0; i < len; i++) 3704 if (psinfo->pr_psargs[i] == 0) 3705 psinfo->pr_psargs[i] = ' '; 3706 psinfo->pr_psargs[len] = 0; 3707 3708 psinfo->pr_pid = getpid(); 3709 psinfo->pr_ppid = getppid(); 3710 psinfo->pr_pgrp = getpgrp(); 3711 psinfo->pr_sid = getsid(0); 3712 psinfo->pr_uid = getuid(); 3713 psinfo->pr_gid = getgid(); 3714 3715 base_filename = g_path_get_basename(ts->bprm->filename); 3716 /* 3717 * Using strncpy here is fine: at max-length, 3718 * this field is not NUL-terminated. 3719 */ 3720 (void) strncpy(psinfo->pr_fname, base_filename, 3721 sizeof(psinfo->pr_fname)); 3722 3723 g_free(base_filename); 3724 bswap_psinfo(psinfo); 3725 return (0); 3726} 3727 3728static void fill_auxv_note(struct memelfnote *note, const TaskState *ts) 3729{ 3730 elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv; 3731 elf_addr_t orig_auxv = auxv; 3732 void *ptr; 3733 int len = ts->info->auxv_len; 3734 3735 /* 3736 * Auxiliary vector is stored in target process stack. It contains 3737 * {type, value} pairs that we need to dump into note. This is not 3738 * strictly necessary but we do it here for sake of completeness. 3739 */ 3740 3741 /* read in whole auxv vector and copy it to memelfnote */ 3742 ptr = lock_user(VERIFY_READ, orig_auxv, len, 0); 3743 if (ptr != NULL) { 3744 fill_note(note, "CORE", NT_AUXV, len, ptr); 3745 unlock_user(ptr, auxv, len); 3746 } 3747} 3748 3749/* 3750 * Constructs name of coredump file. We have following convention 3751 * for the name: 3752 * qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core 3753 * 3754 * Returns the filename 3755 */ 3756static char *core_dump_filename(const TaskState *ts) 3757{ 3758 g_autoptr(GDateTime) now = g_date_time_new_now_local(); 3759 g_autofree char *nowstr = g_date_time_format(now, "%Y%m%d-%H%M%S"); 3760 g_autofree char *base_filename = g_path_get_basename(ts->bprm->filename); 3761 3762 return g_strdup_printf("qemu_%s_%s_%d.core", 3763 base_filename, nowstr, (int)getpid()); 3764} 3765 3766static int dump_write(int fd, const void *ptr, size_t size) 3767{ 3768 const char *bufp = (const char *)ptr; 3769 ssize_t bytes_written, bytes_left; 3770 struct rlimit dumpsize; 3771 off_t pos; 3772 3773 bytes_written = 0; 3774 getrlimit(RLIMIT_CORE, &dumpsize); 3775 if ((pos = lseek(fd, 0, SEEK_CUR))==-1) { 3776 if (errno == ESPIPE) { /* not a seekable stream */ 3777 bytes_left = size; 3778 } else { 3779 return pos; 3780 } 3781 } else { 3782 if (dumpsize.rlim_cur <= pos) { 3783 return -1; 3784 } else if (dumpsize.rlim_cur == RLIM_INFINITY) { 3785 bytes_left = size; 3786 } else { 3787 size_t limit_left=dumpsize.rlim_cur - pos; 3788 bytes_left = limit_left >= size ? size : limit_left ; 3789 } 3790 } 3791 3792 /* 3793 * In normal conditions, single write(2) should do but 3794 * in case of socket etc. this mechanism is more portable. 3795 */ 3796 do { 3797 bytes_written = write(fd, bufp, bytes_left); 3798 if (bytes_written < 0) { 3799 if (errno == EINTR) 3800 continue; 3801 return (-1); 3802 } else if (bytes_written == 0) { /* eof */ 3803 return (-1); 3804 } 3805 bufp += bytes_written; 3806 bytes_left -= bytes_written; 3807 } while (bytes_left > 0); 3808 3809 return (0); 3810} 3811 3812static int write_note(struct memelfnote *men, int fd) 3813{ 3814 struct elf_note en; 3815 3816 en.n_namesz = men->namesz; 3817 en.n_type = men->type; 3818 en.n_descsz = men->datasz; 3819 3820 bswap_note(&en); 3821 3822 if (dump_write(fd, &en, sizeof(en)) != 0) 3823 return (-1); 3824 if (dump_write(fd, men->name, men->namesz_rounded) != 0) 3825 return (-1); 3826 if (dump_write(fd, men->data, men->datasz_rounded) != 0) 3827 return (-1); 3828 3829 return (0); 3830} 3831 3832static void fill_thread_info(struct elf_note_info *info, const CPUArchState *env) 3833{ 3834 CPUState *cpu = env_cpu((CPUArchState *)env); 3835 TaskState *ts = (TaskState *)cpu->opaque; 3836 struct elf_thread_status *ets; 3837 3838 ets = g_malloc0(sizeof (*ets)); 3839 ets->num_notes = 1; /* only prstatus is dumped */ 3840 fill_prstatus(&ets->prstatus, ts, 0); 3841 elf_core_copy_regs(&ets->prstatus.pr_reg, env); 3842 fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus), 3843 &ets->prstatus); 3844 3845 QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link); 3846 3847 info->notes_size += note_size(&ets->notes[0]); 3848} 3849 3850static void init_note_info(struct elf_note_info *info) 3851{ 3852 /* Initialize the elf_note_info structure so that it is at 3853 * least safe to call free_note_info() on it. Must be 3854 * called before calling fill_note_info(). 3855 */ 3856 memset(info, 0, sizeof (*info)); 3857 QTAILQ_INIT(&info->thread_list); 3858} 3859 3860static int fill_note_info(struct elf_note_info *info, 3861 long signr, const CPUArchState *env) 3862{ 3863#define NUMNOTES 3 3864 CPUState *cpu = env_cpu((CPUArchState *)env); 3865 TaskState *ts = (TaskState *)cpu->opaque; 3866 int i; 3867 3868 info->notes = g_new0(struct memelfnote, NUMNOTES); 3869 if (info->notes == NULL) 3870 return (-ENOMEM); 3871 info->prstatus = g_malloc0(sizeof (*info->prstatus)); 3872 if (info->prstatus == NULL) 3873 return (-ENOMEM); 3874 info->psinfo = g_malloc0(sizeof (*info->psinfo)); 3875 if (info->prstatus == NULL) 3876 return (-ENOMEM); 3877 3878 /* 3879 * First fill in status (and registers) of current thread 3880 * including process info & aux vector. 3881 */ 3882 fill_prstatus(info->prstatus, ts, signr); 3883 elf_core_copy_regs(&info->prstatus->pr_reg, env); 3884 fill_note(&info->notes[0], "CORE", NT_PRSTATUS, 3885 sizeof (*info->prstatus), info->prstatus); 3886 fill_psinfo(info->psinfo, ts); 3887 fill_note(&info->notes[1], "CORE", NT_PRPSINFO, 3888 sizeof (*info->psinfo), info->psinfo); 3889 fill_auxv_note(&info->notes[2], ts); 3890 info->numnote = 3; 3891 3892 info->notes_size = 0; 3893 for (i = 0; i < info->numnote; i++) 3894 info->notes_size += note_size(&info->notes[i]); 3895 3896 /* read and fill status of all threads */ 3897 cpu_list_lock(); 3898 CPU_FOREACH(cpu) { 3899 if (cpu == thread_cpu) { 3900 continue; 3901 } 3902 fill_thread_info(info, (CPUArchState *)cpu->env_ptr); 3903 } 3904 cpu_list_unlock(); 3905 3906 return (0); 3907} 3908 3909static void free_note_info(struct elf_note_info *info) 3910{ 3911 struct elf_thread_status *ets; 3912 3913 while (!QTAILQ_EMPTY(&info->thread_list)) { 3914 ets = QTAILQ_FIRST(&info->thread_list); 3915 QTAILQ_REMOVE(&info->thread_list, ets, ets_link); 3916 g_free(ets); 3917 } 3918 3919 g_free(info->prstatus); 3920 g_free(info->psinfo); 3921 g_free(info->notes); 3922} 3923 3924static int write_note_info(struct elf_note_info *info, int fd) 3925{ 3926 struct elf_thread_status *ets; 3927 int i, error = 0; 3928 3929 /* write prstatus, psinfo and auxv for current thread */ 3930 for (i = 0; i < info->numnote; i++) 3931 if ((error = write_note(&info->notes[i], fd)) != 0) 3932 return (error); 3933 3934 /* write prstatus for each thread */ 3935 QTAILQ_FOREACH(ets, &info->thread_list, ets_link) { 3936 if ((error = write_note(&ets->notes[0], fd)) != 0) 3937 return (error); 3938 } 3939 3940 return (0); 3941} 3942 3943/* 3944 * Write out ELF coredump. 3945 * 3946 * See documentation of ELF object file format in: 3947 * http://www.caldera.com/developers/devspecs/gabi41.pdf 3948 * 3949 * Coredump format in linux is following: 3950 * 3951 * 0 +----------------------+ \ 3952 * | ELF header | ET_CORE | 3953 * +----------------------+ | 3954 * | ELF program headers | |--- headers 3955 * | - NOTE section | | 3956 * | - PT_LOAD sections | | 3957 * +----------------------+ / 3958 * | NOTEs: | 3959 * | - NT_PRSTATUS | 3960 * | - NT_PRSINFO | 3961 * | - NT_AUXV | 3962 * +----------------------+ <-- aligned to target page 3963 * | Process memory dump | 3964 * : : 3965 * . . 3966 * : : 3967 * | | 3968 * +----------------------+ 3969 * 3970 * NT_PRSTATUS -> struct elf_prstatus (per thread) 3971 * NT_PRSINFO -> struct elf_prpsinfo 3972 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()). 3973 * 3974 * Format follows System V format as close as possible. Current 3975 * version limitations are as follows: 3976 * - no floating point registers are dumped 3977 * 3978 * Function returns 0 in case of success, negative errno otherwise. 3979 * 3980 * TODO: make this work also during runtime: it should be 3981 * possible to force coredump from running process and then 3982 * continue processing. For example qemu could set up SIGUSR2 3983 * handler (provided that target process haven't registered 3984 * handler for that) that does the dump when signal is received. 3985 */ 3986static int elf_core_dump(int signr, const CPUArchState *env) 3987{ 3988 const CPUState *cpu = env_cpu((CPUArchState *)env); 3989 const TaskState *ts = (const TaskState *)cpu->opaque; 3990 struct vm_area_struct *vma = NULL; 3991 g_autofree char *corefile = NULL; 3992 struct elf_note_info info; 3993 struct elfhdr elf; 3994 struct elf_phdr phdr; 3995 struct rlimit dumpsize; 3996 struct mm_struct *mm = NULL; 3997 off_t offset = 0, data_offset = 0; 3998 int segs = 0; 3999 int fd = -1; 4000 4001 init_note_info(&info); 4002 4003 errno = 0; 4004 getrlimit(RLIMIT_CORE, &dumpsize); 4005 if (dumpsize.rlim_cur == 0) 4006 return 0; 4007 4008 corefile = core_dump_filename(ts); 4009 4010 if ((fd = open(corefile, O_WRONLY | O_CREAT, 4011 S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) 4012 return (-errno); 4013 4014 /* 4015 * Walk through target process memory mappings and 4016 * set up structure containing this information. After 4017 * this point vma_xxx functions can be used. 4018 */ 4019 if ((mm = vma_init()) == NULL) 4020 goto out; 4021 4022 walk_memory_regions(mm, vma_walker); 4023 segs = vma_get_mapping_count(mm); 4024 4025 /* 4026 * Construct valid coredump ELF header. We also 4027 * add one more segment for notes. 4028 */ 4029 fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0); 4030 if (dump_write(fd, &elf, sizeof (elf)) != 0) 4031 goto out; 4032 4033 /* fill in the in-memory version of notes */ 4034 if (fill_note_info(&info, signr, env) < 0) 4035 goto out; 4036 4037 offset += sizeof (elf); /* elf header */ 4038 offset += (segs + 1) * sizeof (struct elf_phdr); /* program headers */ 4039 4040 /* write out notes program header */ 4041 fill_elf_note_phdr(&phdr, info.notes_size, offset); 4042 4043 offset += info.notes_size; 4044 if (dump_write(fd, &phdr, sizeof (phdr)) != 0) 4045 goto out; 4046 4047 /* 4048 * ELF specification wants data to start at page boundary so 4049 * we align it here. 4050 */ 4051 data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE); 4052 4053 /* 4054 * Write program headers for memory regions mapped in 4055 * the target process. 4056 */ 4057 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 4058 (void) memset(&phdr, 0, sizeof (phdr)); 4059 4060 phdr.p_type = PT_LOAD; 4061 phdr.p_offset = offset; 4062 phdr.p_vaddr = vma->vma_start; 4063 phdr.p_paddr = 0; 4064 phdr.p_filesz = vma_dump_size(vma); 4065 offset += phdr.p_filesz; 4066 phdr.p_memsz = vma->vma_end - vma->vma_start; 4067 phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0; 4068 if (vma->vma_flags & PROT_WRITE) 4069 phdr.p_flags |= PF_W; 4070 if (vma->vma_flags & PROT_EXEC) 4071 phdr.p_flags |= PF_X; 4072 phdr.p_align = ELF_EXEC_PAGESIZE; 4073 4074 bswap_phdr(&phdr, 1); 4075 if (dump_write(fd, &phdr, sizeof(phdr)) != 0) { 4076 goto out; 4077 } 4078 } 4079 4080 /* 4081 * Next we write notes just after program headers. No 4082 * alignment needed here. 4083 */ 4084 if (write_note_info(&info, fd) < 0) 4085 goto out; 4086 4087 /* align data to page boundary */ 4088 if (lseek(fd, data_offset, SEEK_SET) != data_offset) 4089 goto out; 4090 4091 /* 4092 * Finally we can dump process memory into corefile as well. 4093 */ 4094 for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) { 4095 abi_ulong addr; 4096 abi_ulong end; 4097 4098 end = vma->vma_start + vma_dump_size(vma); 4099 4100 for (addr = vma->vma_start; addr < end; 4101 addr += TARGET_PAGE_SIZE) { 4102 char page[TARGET_PAGE_SIZE]; 4103 int error; 4104 4105 /* 4106 * Read in page from target process memory and 4107 * write it to coredump file. 4108 */ 4109 error = copy_from_user(page, addr, sizeof (page)); 4110 if (error != 0) { 4111 (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n", 4112 addr); 4113 errno = -error; 4114 goto out; 4115 } 4116 if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0) 4117 goto out; 4118 } 4119 } 4120 4121 out: 4122 free_note_info(&info); 4123 if (mm != NULL) 4124 vma_delete(mm); 4125 (void) close(fd); 4126 4127 if (errno != 0) 4128 return (-errno); 4129 return (0); 4130} 4131#endif /* USE_ELF_CORE_DUMP */ 4132 4133void do_init_thread(struct target_pt_regs *regs, struct image_info *infop) 4134{ 4135 init_thread(regs, infop); 4136}