cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

qemu-binfmt-conf.sh (14037B)

      1#!/bin/sh
      2# Enable automatic program execution by the kernel.
      3
      4qemu_target_list="i386 i486 alpha arm armeb sparc sparc32plus sparc64 \
      5ppc ppc64 ppc64le m68k mips mipsel mipsn32 mipsn32el mips64 mips64el \
      6sh4 sh4eb s390x aarch64 aarch64_be hppa riscv32 riscv64 xtensa xtensaeb \
      7microblaze microblazeel or1k x86_64 hexagon"
      8
      9i386_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00'
     10i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     11i386_family=i386
     12
     13i486_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x06\x00'
     14i486_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     15i486_family=i386
     16
     17x86_64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x3e\x00'
     18x86_64_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     19x86_64_family=i386
     20
     21alpha_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x26\x90'
     22alpha_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     23alpha_family=alpha
     24
     25arm_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'
     26arm_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     27arm_family=arm
     28
     29armeb_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28'
     30armeb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     31armeb_family=armeb
     32
     33sparc_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02'
     34sparc_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     35sparc_family=sparc
     36
     37sparc32plus_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x12'
     38sparc32plus_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     39sparc32plus_family=sparc
     40
     41sparc64_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2b'
     42sparc64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     43sparc64_family=sparc
     44
     45ppc_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x14'
     46ppc_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     47ppc_family=ppc
     48
     49ppc64_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15'
     50ppc64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     51ppc64_family=ppc
     52
     53ppc64le_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15\x00'
     54ppc64le_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\x00'
     55ppc64le_family=ppcle
     56
     57m68k_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x04'
     58m68k_mask='\xff\xff\xff\xff\xff\xff\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     59m68k_family=m68k
     60
     61# FIXME: We could use the other endianness on a MIPS host.
     62
     63mips_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08'
     64mips_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     65mips_family=mips
     66
     67mipsel_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00'
     68mipsel_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     69mipsel_family=mips
     70
     71mipsn32_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08'
     72mipsn32_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     73mipsn32_family=mips
     74
     75mipsn32el_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00'
     76mipsn32el_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     77mipsn32el_family=mips
     78
     79mips64_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08'
     80mips64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     81mips64_family=mips
     82
     83mips64el_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00'
     84mips64el_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     85mips64el_family=mips
     86
     87sh4_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a\x00'
     88sh4_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
     89sh4_family=sh4
     90
     91sh4eb_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x2a'
     92sh4eb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     93sh4eb_family=sh4
     94
     95s390x_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16'
     96s390x_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
     97s390x_family=s390x
     98
     99aarch64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00'
    100aarch64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    101aarch64_family=arm
    102
    103aarch64_be_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7'
    104aarch64_be_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
    105aarch64_be_family=armeb
    106
    107hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f'
    108hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
    109hppa_family=hppa
    110
    111riscv32_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00'
    112riscv32_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    113riscv32_family=riscv
    114
    115riscv64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00'
    116riscv64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    117riscv64_family=riscv
    118
    119xtensa_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x5e\x00'
    120xtensa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    121xtensa_family=xtensa
    122
    123xtensaeb_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x5e'
    124xtensaeb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
    125xtensaeb_family=xtensaeb
    126
    127microblaze_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xba\xab'
    128microblaze_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    129microblaze_family=microblaze
    130
    131microblazeel_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xab\xba'
    132microblazeel_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    133microblazeel_family=microblazeel
    134
    135or1k_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x5c'
    136or1k_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
    137or1k_family=or1k
    138
    139hexagon_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xa4\x00'
    140hexagon_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
    141hexagon_family=hexagon
    142
    143qemu_get_family() {
    144    cpu=${HOST_ARCH:-$(uname -m)}
    145    case "$cpu" in
    146    amd64|i386|i486|i586|i686|i86pc|BePC|x86_64)
    147        echo "i386"
    148        ;;
    149    mips*)
    150        echo "mips"
    151        ;;
    152    "Power Macintosh"|ppc64|powerpc|ppc)
    153        echo "ppc"
    154        ;;
    155    ppc64el|ppc64le)
    156        echo "ppcle"
    157        ;;
    158    arm|armel|armhf|arm64|armv[4-9]*l|aarch64)
    159        echo "arm"
    160        ;;
    161    armeb|armv[4-9]*b|aarch64_be)
    162        echo "armeb"
    163        ;;
    164    sparc*)
    165        echo "sparc"
    166        ;;
    167    riscv*)
    168        echo "riscv"
    169        ;;
    170    *)
    171        echo "$cpu"
    172        ;;
    173    esac
    174}
    175
    176usage() {
    177    cat <<EOF
    178Usage: qemu-binfmt-conf.sh [--qemu-path PATH][--debian][--systemd CPU]
    179                           [--help][--credential yes|no][--exportdir PATH]
    180                           [--persistent yes|no][--qemu-suffix SUFFIX]
    181                           [--preserve-argv0 yes|no]
    182
    183       Configure binfmt_misc to use qemu interpreter
    184
    185       --help:          display this usage
    186       --qemu-path:     set path to qemu interpreter ($QEMU_PATH)
    187       --qemu-suffix:   add a suffix to the default interpreter name
    188       --debian:        don't write into /proc,
    189                        instead generate update-binfmts templates
    190       --systemd:       don't write into /proc,
    191                        instead generate file for systemd-binfmt.service
    192                        for the given CPU. If CPU is "ALL", generate a
    193                        file for all known cpus
    194       --exportdir:     define where to write configuration files
    195                        (default: $SYSTEMDDIR or $DEBIANDIR)
    196       --credential:    if yes, credential and security tokens are
    197                        calculated according to the binary to interpret
    198       --persistent:    if yes, the interpreter is loaded when binfmt is
    199                        configured and remains in memory. All future uses
    200                        are cloned from the open file.
    201       --preserve-argv0 preserve argv[0]
    202
    203    To import templates with update-binfmts, use :
    204
    205        sudo update-binfmts --importdir ${EXPORTDIR:-$DEBIANDIR} --import qemu-CPU
    206
    207    To remove interpreter, use :
    208
    209        sudo update-binfmts --package qemu-CPU --remove qemu-CPU $QEMU_PATH
    210
    211    With systemd, binfmt files are loaded by systemd-binfmt.service
    212
    213    The environment variable HOST_ARCH allows to override 'uname' to generate
    214    configuration files for a different architecture than the current one.
    215
    216    where CPU is one of:
    217
    218        $qemu_target_list
    219
    220EOF
    221}
    222
    223qemu_check_access() {
    224    if [ ! -w "$1" ] ; then
    225        echo "ERROR: cannot write to $1" 1>&2
    226        exit 1
    227    fi
    228}
    229
    230qemu_check_bintfmt_misc() {
    231    # load the binfmt_misc module
    232    if [ ! -d /proc/sys/fs/binfmt_misc ]; then
    233      if ! /sbin/modprobe binfmt_misc ; then
    234          exit 1
    235      fi
    236    fi
    237    if [ ! -f /proc/sys/fs/binfmt_misc/register ]; then
    238      if ! mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc ; then
    239          exit 1
    240      fi
    241    fi
    242
    243    qemu_check_access /proc/sys/fs/binfmt_misc/register
    244}
    245
    246installed_dpkg() {
    247    dpkg --status "$1" > /dev/null 2>&1
    248}
    249
    250qemu_check_debian() {
    251    if [ ! -e /etc/debian_version ] ; then
    252        echo "WARNING: your system is not a Debian based distro" 1>&2
    253    elif ! installed_dpkg binfmt-support ; then
    254        echo "WARNING: package binfmt-support is needed" 1>&2
    255    fi
    256    qemu_check_access "$EXPORTDIR"
    257}
    258
    259qemu_check_systemd() {
    260    if ! systemctl -q is-enabled systemd-binfmt.service ; then
    261        echo "WARNING: systemd-binfmt.service is missing or disabled" 1>&2
    262    fi
    263    qemu_check_access "$EXPORTDIR"
    264}
    265
    266qemu_generate_register() {
    267    flags=""
    268    if [ "$CREDENTIAL" = "yes" ] ; then
    269        flags="OC"
    270    fi
    271    if [ "$PERSISTENT" = "yes" ] ; then
    272        flags="${flags}F"
    273    fi
    274    if [ "$PRESERVE_ARG0" = "yes" ] ; then
    275        flags="${flags}P"
    276    fi
    277
    278    echo ":qemu-$cpu:M::$magic:$mask:$qemu:$flags"
    279}
    280
    281qemu_register_interpreter() {
    282    echo "Setting $qemu as binfmt interpreter for $cpu"
    283    qemu_generate_register > /proc/sys/fs/binfmt_misc/register
    284}
    285
    286qemu_generate_systemd() {
    287    echo "Setting $qemu as binfmt interpreter for $cpu for systemd-binfmt.service"
    288    qemu_generate_register > "$EXPORTDIR/qemu-$cpu.conf"
    289}
    290
    291qemu_generate_debian() {
    292    cat > "$EXPORTDIR/qemu-$cpu" <<EOF
    293package qemu-$cpu
    294interpreter $qemu
    295magic $magic
    296mask $mask
    297credentials $CREDENTIAL
    298preserve $PRESERVE_ARG0
    299fix_binary $PERSISTENT
    300EOF
    301}
    302
    303qemu_set_binfmts() {
    304    # probe cpu type
    305    host_family=$(qemu_get_family)
    306
    307    # register the interpreter for each cpu except for the native one
    308
    309    for cpu in ${qemu_target_list} ; do
    310        magic=$(eval echo \$${cpu}_magic)
    311        mask=$(eval echo \$${cpu}_mask)
    312        family=$(eval echo \$${cpu}_family)
    313
    314        if [ "$magic" = "" ] || [ "$mask" = "" ] || [ "$family" = "" ] ; then
    315            echo "INTERNAL ERROR: unknown cpu $cpu" 1>&2
    316            continue
    317        fi
    318
    319        qemu="$QEMU_PATH/qemu-$cpu"
    320        if [ "$cpu" = "i486" ] ; then
    321            qemu="$QEMU_PATH/qemu-i386"
    322        fi
    323
    324        qemu="$qemu$QEMU_SUFFIX"
    325        if [ "$host_family" != "$family" ] ; then
    326            $BINFMT_SET
    327        fi
    328    done
    329}
    330
    331CHECK=qemu_check_bintfmt_misc
    332BINFMT_SET=qemu_register_interpreter
    333
    334SYSTEMDDIR="/etc/binfmt.d"
    335DEBIANDIR="/usr/share/binfmts"
    336
    337QEMU_PATH=/usr/local/bin
    338CREDENTIAL=no
    339PERSISTENT=no
    340PRESERVE_ARG0=no
    341QEMU_SUFFIX=""
    342
    343options=$(getopt -o ds:Q:S:e:hc:p:g: -l debian,systemd:,qemu-path:,qemu-suffix:,exportdir:,help,credential:,persistent:,preserve-argv0: -- "$@")
    344eval set -- "$options"
    345
    346while true ; do
    347    case "$1" in
    348    -d|--debian)
    349        CHECK=qemu_check_debian
    350        BINFMT_SET=qemu_generate_debian
    351        EXPORTDIR=${EXPORTDIR:-$DEBIANDIR}
    352        ;;
    353    -s|--systemd)
    354        CHECK=qemu_check_systemd
    355        BINFMT_SET=qemu_generate_systemd
    356        EXPORTDIR=${EXPORTDIR:-$SYSTEMDDIR}
    357        shift
    358        # check given cpu is in the supported CPU list
    359        if [ "$1" != "ALL" ] ; then
    360            for cpu in ${qemu_target_list} ; do
    361                if [ "$cpu" = "$1" ] ; then
    362                    break
    363                fi
    364            done
    365
    366            if [ "$cpu" = "$1" ] ; then
    367                qemu_target_list="$1"
    368            else
    369                echo "ERROR: unknown CPU \"$1\"" 1>&2
    370                usage
    371                exit 1
    372            fi
    373        fi
    374        ;;
    375    -Q|--qemu-path)
    376        shift
    377        QEMU_PATH="$1"
    378        ;;
    379    -F|--qemu-suffix)
    380        shift
    381        QEMU_SUFFIX="$1"
    382        ;;
    383    -e|--exportdir)
    384        shift
    385        EXPORTDIR="$1"
    386        ;;
    387    -h|--help)
    388        usage
    389        exit 1
    390        ;;
    391    -c|--credential)
    392        shift
    393        CREDENTIAL="$1"
    394        ;;
    395    -p|--persistent)
    396        shift
    397        PERSISTENT="$1"
    398        ;;
    399    -g|--preserve-argv0)
    400        shift
    401        PRESERVE_ARG0="$1"
    402        ;;
    403    *)
    404        break
    405        ;;
    406    esac
    407    shift
    408done
    409
    410$CHECK
    411qemu_set_binfmts