1/* 2 * irixelf.c: Code to load IRIX ELF executables which conform to 3 * the MIPS ABI. 4 * 5 * Copyright (C) 1996 David S. Miller (dm@engr.sgi.com) 6 * 7 * Based upon work which is: 8 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com). 9 */ 10 11#include <linux/module.h> 12 13#include <linux/fs.h> 14#include <linux/stat.h> 15#include <linux/sched.h> 16#include <linux/mm.h> 17#include <linux/mman.h> 18#include <linux/a.out.h> 19#include <linux/errno.h> 20#include <linux/init.h> 21#include <linux/signal.h> 22#include <linux/binfmts.h> 23#include <linux/string.h> 24#include <linux/file.h> 25#include <linux/fcntl.h> 26#include <linux/slab.h> 27#include <linux/shm.h> 28#include <linux/personality.h> 29#include <linux/elfcore.h> 30#include <linux/smp_lock.h> 31 32#include <asm/uaccess.h> 33#include <asm/pgalloc.h> 34#include <asm/ptrace.h> 35#include <asm/mipsregs.h> 36#include <asm/prctl.h> 37 38#define DLINFO_ITEMS 12 39 40#include <linux/elf.h> 41 42#undef DEBUG_ELF 43 44static int load_irix_binary(struct linux_binprm * bprm, struct pt_regs * regs); 45static int load_irix_library(struct file *); 46static int irix_core_dump(long signr, struct pt_regs * regs, 47 struct file *file); 48extern int dump_fpu (elf_fpregset_t *); 49 50static struct linux_binfmt irix_format = { 51 NULL, THIS_MODULE, load_irix_binary, load_irix_library, 52 irix_core_dump, PAGE_SIZE 53}; 54 55#ifndef elf_addr_t 56#define elf_addr_t unsigned long 57#define elf_caddr_t char * 58#endif 59 60#ifdef DEBUG_ELF 61/* Debugging routines. */ 62static char *get_elf_p_type(Elf32_Word p_type) 63{ 64 int i = (int) p_type; 65 66 switch(i) { 67 case PT_NULL: return("PT_NULL"); break; 68 case PT_LOAD: return("PT_LOAD"); break; 69 case PT_DYNAMIC: return("PT_DYNAMIC"); break; 70 case PT_INTERP: return("PT_INTERP"); break; 71 case PT_NOTE: return("PT_NOTE"); break; 72 case PT_SHLIB: return("PT_SHLIB"); break; 73 case PT_PHDR: return("PT_PHDR"); break; 74 case PT_LOPROC: return("PT_LOPROC/REGINFO"); break; 75 case PT_HIPROC: return("PT_HIPROC"); break; 76 default: return("PT_BOGUS"); break; 77 } 78} 79 80static void print_elfhdr(struct elfhdr *ehp) 81{ 82 int i; 83 84 printk("ELFHDR: e_ident<"); 85 for(i = 0; i < (EI_NIDENT - 1); i++) printk("%x ", ehp->e_ident[i]); 86 printk("%x>\n", ehp->e_ident[i]); 87 printk(" e_type[%04x] e_machine[%04x] e_version[%08lx]\n", 88 (unsigned short) ehp->e_type, (unsigned short) ehp->e_machine, 89 (unsigned long) ehp->e_version); 90 printk(" e_entry[%08lx] e_phoff[%08lx] e_shoff[%08lx] " 91 "e_flags[%08lx]\n", 92 (unsigned long) ehp->e_entry, (unsigned long) ehp->e_phoff, 93 (unsigned long) ehp->e_shoff, (unsigned long) ehp->e_flags); 94 printk(" e_ehsize[%04x] e_phentsize[%04x] e_phnum[%04x]\n", 95 (unsigned short) ehp->e_ehsize, (unsigned short) ehp->e_phentsize, 96 (unsigned short) ehp->e_phnum); 97 printk(" e_shentsize[%04x] e_shnum[%04x] e_shstrndx[%04x]\n", 98 (unsigned short) ehp->e_shentsize, (unsigned short) ehp->e_shnum, 99 (unsigned short) ehp->e_shstrndx); 100} 101 102static void print_phdr(int i, struct elf_phdr *ep) 103{ 104 printk("PHDR[%d]: p_type[%s] p_offset[%08lx] p_vaddr[%08lx] " 105 "p_paddr[%08lx]\n", i, get_elf_p_type(ep->p_type), 106 (unsigned long) ep->p_offset, (unsigned long) ep->p_vaddr, 107 (unsigned long) ep->p_paddr); 108 printk(" p_filesz[%08lx] p_memsz[%08lx] p_flags[%08lx] " 109 "p_align[%08lx]\n", (unsigned long) ep->p_filesz, 110 (unsigned long) ep->p_memsz, (unsigned long) ep->p_flags, 111 (unsigned long) ep->p_align); 112} 113 114static void dump_phdrs(struct elf_phdr *ep, int pnum) 115{ 116 int i; 117 118 for(i = 0; i < pnum; i++, ep++) { 119 if((ep->p_type == PT_LOAD) || 120 (ep->p_type == PT_INTERP) || 121 (ep->p_type == PT_PHDR)) 122 print_phdr(i, ep); 123 } 124} 125#endif /* (DEBUG_ELF) */ 126 127static void set_brk(unsigned long start, unsigned long end) 128{ 129 start = PAGE_ALIGN(start); 130 end = PAGE_ALIGN(end); 131 if (end <= start) 132 return; 133 do_brk(start, end - start); 134} 135 136 137/* We need to explicitly zero any fractional pages 138 * after the data section (i.e. bss). This would 139 * contain the junk from the file that should not 140 * be in memory. 141 */ 142static void padzero(unsigned long elf_bss) 143{ 144 unsigned long nbyte; 145 146 nbyte = elf_bss & (PAGE_SIZE-1); 147 if (nbyte) { 148 nbyte = PAGE_SIZE - nbyte; 149 clear_user((void *) elf_bss, nbyte); 150 } 151} 152 153unsigned long * create_irix_tables(char * p, int argc, int envc, 154 struct elfhdr * exec, unsigned int load_addr, 155 unsigned int interp_load_addr, 156 struct pt_regs *regs, struct elf_phdr *ephdr) 157{ 158 elf_caddr_t *argv; 159 elf_caddr_t *envp; 160 elf_addr_t *sp, *csp; 161 162#ifdef DEBUG_ELF 163 printk("create_irix_tables: p[%p] argc[%d] envc[%d] " 164 "load_addr[%08x] interp_load_addr[%08x]\n", 165 p, argc, envc, load_addr, interp_load_addr); 166#endif 167 sp = (elf_addr_t *) (~15UL & (unsigned long) p); 168 csp = sp; 169 csp -= exec ? DLINFO_ITEMS*2 : 2; 170 csp -= envc+1; 171 csp -= argc+1; 172 csp -= 1; /* argc itself */ 173 if ((unsigned long)csp & 15UL) { 174 sp -= (16UL - ((unsigned long)csp & 15UL)) / sizeof(*sp); 175 } 176 177 /* 178 * Put the ELF interpreter info on the stack 179 */ 180#define NEW_AUX_ENT(nr, id, val) \ 181 __put_user ((id), sp+(nr*2)); \ 182 __put_user ((val), sp+(nr*2+1)); \ 183 184 sp -= 2; 185 NEW_AUX_ENT(0, AT_NULL, 0); 186 187 if(exec) { 188 sp -= 11*2; 189 190 NEW_AUX_ENT (0, AT_PHDR, load_addr + exec->e_phoff); 191 NEW_AUX_ENT (1, AT_PHENT, sizeof (struct elf_phdr)); 192 NEW_AUX_ENT (2, AT_PHNUM, exec->e_phnum); 193 NEW_AUX_ENT (3, AT_PAGESZ, ELF_EXEC_PAGESIZE); 194 NEW_AUX_ENT (4, AT_BASE, interp_load_addr); 195 NEW_AUX_ENT (5, AT_FLAGS, 0); 196 NEW_AUX_ENT (6, AT_ENTRY, (elf_addr_t) exec->e_entry); 197 NEW_AUX_ENT (7, AT_UID, (elf_addr_t) current->uid); 198 NEW_AUX_ENT (8, AT_EUID, (elf_addr_t) current->euid); 199 NEW_AUX_ENT (9, AT_GID, (elf_addr_t) current->gid); 200 NEW_AUX_ENT (10, AT_EGID, (elf_addr_t) current->egid); 201 } 202#undef NEW_AUX_ENT 203 204 sp -= envc+1; 205 envp = (elf_caddr_t *) sp; 206 sp -= argc+1; 207 argv = (elf_caddr_t *) sp; 208 209 __put_user((elf_addr_t)argc,--sp); 210 current->mm->arg_start = (unsigned long) p; 211 while (argc-->0) { 212 __put_user((elf_caddr_t)(unsigned long)p,argv++); 213 p += strlen_user(p); 214 } 215 __put_user(NULL, argv); 216 current->mm->arg_end = current->mm->env_start = (unsigned long) p; 217 while (envc-->0) { 218 __put_user((elf_caddr_t)(unsigned long)p,envp++); 219 p += strlen_user(p); 220 } 221 __put_user(NULL, envp); 222 current->mm->env_end = (unsigned long) p; 223 return sp; 224} 225 226 227/* This is much more generalized than the library routine read function, 228 * so we keep this separate. Technically the library read function 229 * is only provided so that we can read a.out libraries that have 230 * an ELF header. 231 */ 232static unsigned int load_irix_interp(struct elfhdr * interp_elf_ex, 233 struct file * interpreter, 234 unsigned int *interp_load_addr) 235{ 236 struct elf_phdr *elf_phdata = NULL; 237 struct elf_phdr *eppnt; 238 unsigned int len; 239 unsigned int load_addr; 240 int elf_bss; 241 int retval; 242 unsigned int last_bss; 243 int error; 244 int i; 245 unsigned int k; 246 247 elf_bss = 0; 248 last_bss = 0; 249 error = load_addr = 0; 250 251#ifdef DEBUG_ELF 252 print_elfhdr(interp_elf_ex); 253#endif 254 255 /* First of all, some simple consistency checks */ 256 if ((interp_elf_ex->e_type != ET_EXEC && 257 interp_elf_ex->e_type != ET_DYN) || 258 !irix_elf_check_arch(interp_elf_ex) || 259 !interpreter->f_op->mmap) { 260 printk("IRIX interp has bad e_type %d\n", interp_elf_ex->e_type); 261 return 0xffffffff; 262 } 263 264 /* Now read in all of the header information */ 265 if(sizeof(struct elf_phdr) * interp_elf_ex->e_phnum > PAGE_SIZE) { 266 printk("IRIX interp header bigger than a page (%d)\n", 267 (sizeof(struct elf_phdr) * interp_elf_ex->e_phnum)); 268 return 0xffffffff; 269 } 270 271 elf_phdata = (struct elf_phdr *) 272 kmalloc(sizeof(struct elf_phdr) * interp_elf_ex->e_phnum, 273 GFP_KERNEL); 274 275 if(!elf_phdata) { 276 printk("Cannot kmalloc phdata for IRIX interp.\n"); 277 return 0xffffffff; 278 } 279 280 /* If the size of this structure has changed, then punt, since 281 * we will be doing the wrong thing. 282 */ 283 if(interp_elf_ex->e_phentsize != 32) { 284 printk("IRIX interp e_phentsize == %d != 32 ", 285 interp_elf_ex->e_phentsize); 286 kfree(elf_phdata); 287 return 0xffffffff; 288 } 289 290 retval = kernel_read(interpreter, interp_elf_ex->e_phoff, 291 (char *) elf_phdata, 292 sizeof(struct elf_phdr) * interp_elf_ex->e_phnum); 293 294#ifdef DEBUG_ELF 295 dump_phdrs(elf_phdata, interp_elf_ex->e_phnum); 296#endif 297 298 eppnt = elf_phdata; 299 for(i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) { 300 if(eppnt->p_type == PT_LOAD) { 301 int elf_type = MAP_PRIVATE | MAP_DENYWRITE; 302 int elf_prot = 0; 303 unsigned long vaddr = 0; 304 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 305 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 306 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 307 elf_type |= MAP_FIXED; 308 vaddr = eppnt->p_vaddr; 309 310#ifdef DEBUG_ELF 311 printk("INTERP do_mmap(%p, %08lx, %08lx, %08lx, %08lx, %08lx) ", 312 interpreter, vaddr, 313 (unsigned long) (eppnt->p_filesz + (eppnt->p_vaddr & 0xfff)), 314 (unsigned long) elf_prot, (unsigned long) elf_type, 315 (unsigned long) (eppnt->p_offset & 0xfffff000)); 316#endif 317 down_write(¤t->mm->mmap_sem); 318 error = do_mmap(interpreter, vaddr, 319 eppnt->p_filesz + (eppnt->p_vaddr & 0xfff), 320 elf_prot, elf_type, 321 eppnt->p_offset & 0xfffff000); 322 up_write(¤t->mm->mmap_sem); 323 324 if(error < 0 && error > -1024) { 325 printk("Aieee IRIX interp mmap error=%d\n", error); 326 break; /* Real error */ 327 } 328#ifdef DEBUG_ELF 329 printk("error=%08lx ", (unsigned long) error); 330#endif 331 if(!load_addr && interp_elf_ex->e_type == ET_DYN) { 332 load_addr = error; 333#ifdef DEBUG_ELF 334 printk("load_addr = error "); 335#endif 336 } 337 338 /* Find the end of the file mapping for this phdr, and keep 339 * track of the largest address we see for this. 340 */ 341 k = eppnt->p_vaddr + eppnt->p_filesz; 342 if(k > elf_bss) elf_bss = k; 343 344 /* Do the same thing for the memory mapping - between 345 * elf_bss and last_bss is the bss section. 346 */ 347 k = eppnt->p_memsz + eppnt->p_vaddr; 348 if(k > last_bss) last_bss = k; 349#ifdef DEBUG_ELF 350 printk("\n"); 351#endif 352 } 353 } 354 355 /* Now use mmap to map the library into memory. */ 356 if(error < 0 && error > -1024) { 357#ifdef DEBUG_ELF 358 printk("got error %d\n", error); 359#endif 360 kfree(elf_phdata); 361 return 0xffffffff; 362 } 363 364 /* Now fill out the bss section. First pad the last page up 365 * to the page boundary, and then perform a mmap to make sure 366 * that there are zero-mapped pages up to and including the 367 * last bss page. 368 */ 369#ifdef DEBUG_ELF 370 printk("padzero(%08lx) ", (unsigned long) (elf_bss)); 371#endif 372 padzero(elf_bss); 373 len = (elf_bss + 0xfff) & 0xfffff000; /* What we have mapped so far */ 374 375#ifdef DEBUG_ELF 376 printk("last_bss[%08lx] len[%08lx]\n", (unsigned long) last_bss, 377 (unsigned long) len); 378#endif 379 380 /* Map the last of the bss segment */ 381 if (last_bss > len) { 382 do_brk(len, (last_bss - len)); 383 } 384 kfree(elf_phdata); 385 386 *interp_load_addr = load_addr; 387 return ((unsigned int) interp_elf_ex->e_entry); 388} 389 390/* Check sanity of IRIX elf executable header. */ 391static int verify_binary(struct elfhdr *ehp, struct linux_binprm *bprm) 392{ 393 if (memcmp(ehp->e_ident, ELFMAG, SELFMAG) != 0) 394 return -ENOEXEC; 395 396 /* First of all, some simple consistency checks */ 397 if((ehp->e_type != ET_EXEC && ehp->e_type != ET_DYN) || 398 !irix_elf_check_arch(ehp) || !bprm->file->f_op->mmap) { 399 return -ENOEXEC; 400 } 401 402 /* Only support MIPS ARCH2 or greater IRIX binaries for now. */ 403 if(!(ehp->e_flags & EF_MIPS_ARCH) && !(ehp->e_flags & 0x04)) { 404 return -ENOEXEC; 405 } 406 407 if((ehp->e_flags & 0x20)) { 408 return -ENOEXEC; 409 } 410 411 return 0; /* It's ok. */ 412} 413 414#define IRIX_INTERP_PREFIX "/usr/gnemul/irix" 415 416/* Look for an IRIX ELF interpreter. */ 417static inline int look_for_irix_interpreter(char **name, 418 struct file **interpreter, 419 struct elfhdr *interp_elf_ex, 420 struct elf_phdr *epp, 421 struct linux_binprm *bprm, int pnum) 422{ 423 int i; 424 int retval = -EINVAL; 425 struct file *file = NULL; 426 427 *name = NULL; 428 for(i = 0; i < pnum; i++, epp++) { 429 if (epp->p_type != PT_INTERP) 430 continue; 431 432 /* It is illegal to have two interpreters for one executable. */ 433 if (*name != NULL) 434 goto out; 435 436 *name = (char *) kmalloc((epp->p_filesz + 437 strlen(IRIX_INTERP_PREFIX)), 438 GFP_KERNEL); 439 if (!*name) 440 return -ENOMEM; 441 442 strcpy(*name, IRIX_INTERP_PREFIX); 443 retval = kernel_read(bprm->file, epp->p_offset, (*name + 16), 444 epp->p_filesz); 445 if (retval < 0) 446 goto out; 447 448 file = open_exec(*name); 449 if (IS_ERR(file)) { 450 retval = PTR_ERR(file); 451 goto out; 452 } 453 retval = kernel_read(file, 0, bprm->buf, 128); 454 if (retval < 0) 455 goto dput_and_out; 456 457 *interp_elf_ex = *(struct elfhdr *) bprm->buf; 458 } 459 *interpreter = file; 460 return 0; 461 462dput_and_out: 463 fput(file); 464out: 465 kfree(*name); 466 return retval; 467} 468 469static inline int verify_irix_interpreter(struct elfhdr *ihp) 470{ 471 if (memcmp(ihp->e_ident, ELFMAG, SELFMAG) != 0) 472 return -ELIBBAD; 473 return 0; 474} 475 476#define EXEC_MAP_FLAGS (MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE) 477 478static inline void map_executable(struct file *fp, struct elf_phdr *epp, int pnum, 479 unsigned int *estack, unsigned int *laddr, 480 unsigned int *scode, unsigned int *ebss, 481 unsigned int *ecode, unsigned int *edata, 482 unsigned int *ebrk) 483{ 484 unsigned int tmp; 485 int i, prot; 486 487 for(i = 0; i < pnum; i++, epp++) { 488 if(epp->p_type != PT_LOAD) 489 continue; 490 491 /* Map it. */ 492 prot = (epp->p_flags & PF_R) ? PROT_READ : 0; 493 prot |= (epp->p_flags & PF_W) ? PROT_WRITE : 0; 494 prot |= (epp->p_flags & PF_X) ? PROT_EXEC : 0; 495 down_write(¤t->mm->mmap_sem); 496 (void) do_mmap(fp, (epp->p_vaddr & 0xfffff000), 497 (epp->p_filesz + (epp->p_vaddr & 0xfff)), 498 prot, EXEC_MAP_FLAGS, 499 (epp->p_offset & 0xfffff000)); 500 up_write(¤t->mm->mmap_sem); 501 502 /* Fixup location tracking vars. */ 503 if((epp->p_vaddr & 0xfffff000) < *estack) 504 *estack = (epp->p_vaddr & 0xfffff000); 505 if(!*laddr) 506 *laddr = epp->p_vaddr - epp->p_offset; 507 if(epp->p_vaddr < *scode) 508 *scode = epp->p_vaddr; 509 510 tmp = epp->p_vaddr + epp->p_filesz; 511 if(tmp > *ebss) 512 *ebss = tmp; 513 if((epp->p_flags & PF_X) && *ecode < tmp) 514 *ecode = tmp; 515 if(*edata < tmp) 516 *edata = tmp; 517 518 tmp = epp->p_vaddr + epp->p_memsz; 519 if(tmp > *ebrk) 520 *ebrk = tmp; 521 } 522 523} 524 525static inline int map_interpreter(struct elf_phdr *epp, struct elfhdr *ihp, 526 struct file *interp, unsigned int *iladdr, 527 int pnum, mm_segment_t old_fs, 528 unsigned int *eentry) 529{ 530 int i; 531 532 *eentry = 0xffffffff; 533 for(i = 0; i < pnum; i++, epp++) { 534 if(epp->p_type != PT_INTERP) 535 continue; 536 537 /* We should have fielded this error elsewhere... */ 538 if(*eentry != 0xffffffff) 539 return -1; 540 541 set_fs(old_fs); 542 *eentry = load_irix_interp(ihp, interp, iladdr); 543 old_fs = get_fs(); 544 set_fs(get_ds()); 545 546 fput(interp); 547 548 if (*eentry == 0xffffffff) 549 return -1; 550 } 551 return 0; 552} 553 554/* 555 * IRIX maps a page at 0x200000 that holds information about the 556 * process and the system, here we map the page and fill the 557 * structure 558 */ 559void irix_map_prda_page (void) 560{ 561 unsigned long v; 562 struct prda *pp; 563 564 v = do_brk (PRDA_ADDRESS, PAGE_SIZE); 565 566 if (v < 0) 567 return; 568 569 pp = (struct prda *) v; 570 pp->prda_sys.t_pid = current->pid; 571 pp->prda_sys.t_prid = read_c0_prid(); 572 pp->prda_sys.t_rpid = current->pid; 573 574 /* We leave the rest set to zero */ 575} 576 577 578 579/* These are the functions used to load ELF style executables and shared 580 * libraries. There is no binary dependent code anywhere else. 581 */ 582static int load_irix_binary(struct linux_binprm * bprm, struct pt_regs * regs) 583{ 584 struct elfhdr elf_ex, interp_elf_ex; 585 struct file *interpreter; 586 struct elf_phdr *elf_phdata, *elf_ihdr, *elf_ephdr; 587 unsigned int load_addr, elf_bss, elf_brk; 588 unsigned int elf_entry, interp_load_addr = 0; 589 unsigned int start_code, end_code, end_data, elf_stack; 590 int retval, has_interp, has_ephdr, size, i; 591 char *elf_interpreter; 592 mm_segment_t old_fs; 593 594 load_addr = 0; 595 has_interp = has_ephdr = 0; 596 elf_ihdr = elf_ephdr = 0; 597 elf_ex = *((struct elfhdr *) bprm->buf); 598 retval = -ENOEXEC; 599 600 if (verify_binary(&elf_ex, bprm)) 601 goto out; 602 603#ifdef DEBUG_ELF 604 print_elfhdr(&elf_ex); 605#endif 606 607 /* Now read in all of the header information */ 608 size = elf_ex.e_phentsize * elf_ex.e_phnum; 609 if (size > 65536) 610 goto out; 611 elf_phdata = (struct elf_phdr *) kmalloc(size, GFP_KERNEL); 612 if (elf_phdata == NULL) { 613 retval = -ENOMEM; 614 goto out; 615 } 616 617 retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *)elf_phdata, size); 618 if (retval < 0) 619 goto out_free_ph; 620 621#ifdef DEBUG_ELF 622 dump_phdrs(elf_phdata, elf_ex.e_phnum); 623#endif 624 625 /* Set some things for later. */ 626 for(i = 0; i < elf_ex.e_phnum; i++) { 627 switch(elf_phdata[i].p_type) { 628 case PT_INTERP: 629 has_interp = 1; 630 elf_ihdr = &elf_phdata[i]; 631 break; 632 case PT_PHDR: 633 has_ephdr = 1; 634 elf_ephdr = &elf_phdata[i]; 635 break; 636 }; 637 } 638#ifdef DEBUG_ELF 639 printk("\n"); 640#endif 641 642 elf_bss = 0; 643 elf_brk = 0; 644 645 elf_stack = 0xffffffff; 646 elf_interpreter = NULL; 647 start_code = 0xffffffff; 648 end_code = 0; 649 end_data = 0; 650 651 retval = look_for_irix_interpreter(&elf_interpreter, 652 &interpreter, 653 &interp_elf_ex, elf_phdata, bprm, 654 elf_ex.e_phnum); 655 if (retval) 656 goto out_free_file; 657 658 if (elf_interpreter) { 659 retval = verify_irix_interpreter(&interp_elf_ex); 660 if(retval) 661 goto out_free_interp; 662 } 663 664 /* OK, we are done with that, now set up the arg stuff, 665 * and then start this sucker up. 666 */ 667 retval = -E2BIG; 668 if (!bprm->sh_bang && !bprm->p) 669 goto out_free_interp; 670 671 /* Flush all traces of the currently running executable */ 672 retval = flush_old_exec(bprm); 673 if (retval) 674 goto out_free_dentry; 675 676 /* OK, This is the point of no return */ 677 current->mm->end_data = 0; 678 current->mm->end_code = 0; 679 current->mm->mmap = NULL; 680 current->flags &= ~PF_FORKNOEXEC; 681 elf_entry = (unsigned int) elf_ex.e_entry; 682 683 /* Do this so that we can load the interpreter, if need be. We will 684 * change some of these later. 685 */ 686 current->mm->rss = 0; 687 setup_arg_pages(bprm); 688 current->mm->start_stack = bprm->p; 689 690 /* At this point, we assume that the image should be loaded at 691 * fixed address, not at a variable address. 692 */ 693 old_fs = get_fs(); 694 set_fs(get_ds()); 695 696 map_executable(bprm->file, elf_phdata, elf_ex.e_phnum, &elf_stack, 697 &load_addr, &start_code, &elf_bss, &end_code, 698 &end_data, &elf_brk); 699 700 if(elf_interpreter) { 701 retval = map_interpreter(elf_phdata, &interp_elf_ex, 702 interpreter, &interp_load_addr, 703 elf_ex.e_phnum, old_fs, &elf_entry); 704 kfree(elf_interpreter); 705 if(retval) { 706 set_fs(old_fs); 707 printk("Unable to load IRIX ELF interpreter\n"); 708 send_sig(SIGSEGV, current, 0); 709 retval = 0; 710 goto out_free_file; 711 } 712 } 713 714 set_fs(old_fs); 715 716 kfree(elf_phdata); 717 set_personality(PER_IRIX32); 718 set_binfmt(&irix_format); 719 compute_creds(bprm); 720 current->flags &= ~PF_FORKNOEXEC; 721 bprm->p = (unsigned long) 722 create_irix_tables((char *)bprm->p, bprm->argc, bprm->envc, 723 (elf_interpreter ? &elf_ex : NULL), 724 load_addr, interp_load_addr, regs, elf_ephdr); 725 current->mm->start_brk = current->mm->brk = elf_brk; 726 current->mm->end_code = end_code; 727 current->mm->start_code = start_code; 728 current->mm->end_data = end_data; 729 current->mm->start_stack = bprm->p; 730 731 /* Calling set_brk effectively mmaps the pages that we need for the 732 * bss and break sections. 733 */ 734 set_brk(elf_bss, elf_brk); 735 736 /* 737 * IRIX maps a page at 0x200000 which holds some system 738 * information. Programs depend on this. 739 */ 740 irix_map_prda_page (); 741 742 padzero(elf_bss); 743 744#ifdef DEBUG_ELF 745 printk("(start_brk) %lx\n" , (long) current->mm->start_brk); 746 printk("(end_code) %lx\n" , (long) current->mm->end_code); 747 printk("(start_code) %lx\n" , (long) current->mm->start_code); 748 printk("(end_data) %lx\n" , (long) current->mm->end_data); 749 printk("(start_stack) %lx\n" , (long) current->mm->start_stack); 750 printk("(brk) %lx\n" , (long) current->mm->brk); 751#endif 752 753 754 start_thread(regs, elf_entry, bprm->p); 755 if (current->ptrace & PT_PTRACED) 756 send_sig(SIGTRAP, current, 0); 757 return 0; 758out: 759 return retval; 760 761out_free_dentry: 762 allow_write_access(interpreter); 763 fput(interpreter); 764out_free_interp: 765 if (elf_interpreter) 766 kfree(elf_interpreter); 767out_free_file: 768out_free_ph: 769 kfree (elf_phdata); 770 goto out; 771} 772 773/* This is really simpleminded and specialized - we are loading an 774 * a.out library that is given an ELF header. 775 */ 776static int load_irix_library(struct file *file) 777{ 778 struct elfhdr elf_ex; 779 struct elf_phdr *elf_phdata = NULL; 780 unsigned int len = 0; 781 int elf_bss = 0; 782 int retval; 783 unsigned int bss; 784 int error; 785 int i,j, k; 786 787 error = kernel_read(file, 0, (char *) &elf_ex, sizeof(elf_ex)); 788 if (error != sizeof(elf_ex)) 789 return -ENOEXEC; 790 791 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0) 792 return -ENOEXEC; 793 794 /* First of all, some simple consistency checks. */ 795 if(elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 || 796 !irix_elf_check_arch(&elf_ex) || !file->f_op->mmap) 797 return -ENOEXEC; 798 799 /* Now read in all of the header information. */ 800 if(sizeof(struct elf_phdr) * elf_ex.e_phnum > PAGE_SIZE) 801 return -ENOEXEC; 802 803 elf_phdata = (struct elf_phdr *) 804 kmalloc(sizeof(struct elf_phdr) * elf_ex.e_phnum, GFP_KERNEL); 805 if (elf_phdata == NULL) 806 return -ENOMEM; 807 808 retval = kernel_read(file, elf_ex.e_phoff, (char *) elf_phdata, 809 sizeof(struct elf_phdr) * elf_ex.e_phnum); 810 811 j = 0; 812 for(i=0; i<elf_ex.e_phnum; i++) 813 if((elf_phdata + i)->p_type == PT_LOAD) j++; 814 815 if(j != 1) { 816 kfree(elf_phdata); 817 return -ENOEXEC; 818 } 819 820 while(elf_phdata->p_type != PT_LOAD) elf_phdata++; 821 822 /* Now use mmap to map the library into memory. */ 823 down_write(¤t->mm->mmap_sem); 824 error = do_mmap(file, 825 elf_phdata->p_vaddr & 0xfffff000, 826 elf_phdata->p_filesz + (elf_phdata->p_vaddr & 0xfff), 827 PROT_READ | PROT_WRITE | PROT_EXEC, 828 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, 829 elf_phdata->p_offset & 0xfffff000); 830 up_write(¤t->mm->mmap_sem); 831 832 k = elf_phdata->p_vaddr + elf_phdata->p_filesz; 833 if (k > elf_bss) elf_bss = k; 834 835 if (error != (elf_phdata->p_vaddr & 0xfffff000)) { 836 kfree(elf_phdata); 837 return error; 838 } 839 840 padzero(elf_bss); 841 842 len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000; 843 bss = elf_phdata->p_memsz + elf_phdata->p_vaddr; 844 if (bss > len) 845 do_brk(len, bss-len); 846 kfree(elf_phdata); 847 return 0; 848} 849 850/* Called through irix_syssgi() to map an elf image given an FD, 851 * a phdr ptr USER_PHDRP in userspace, and a count CNT telling how many 852 * phdrs there are in the USER_PHDRP array. We return the vaddr the 853 * first phdr was successfully mapped to. 854 */ 855unsigned long irix_mapelf(int fd, struct elf_phdr *user_phdrp, int cnt) 856{ 857 struct elf_phdr *hp; 858 struct file *filp; 859 int i, retval; 860 861#ifdef DEBUG_ELF 862 printk("irix_mapelf: fd[%d] user_phdrp[%p] cnt[%d]\n", 863 fd, user_phdrp, cnt); 864#endif 865 866 /* First get the verification out of the way. */ 867 hp = user_phdrp; 868 retval = verify_area(VERIFY_READ, hp, (sizeof(struct elf_phdr) * cnt)); 869 if(retval) { 870#ifdef DEBUG_ELF 871 printk("irix_mapelf: verify_area fails!\n"); 872#endif 873 return retval; 874 } 875 876#ifdef DEBUG_ELF 877 dump_phdrs(user_phdrp, cnt); 878#endif 879 880 for(i = 0; i < cnt; i++, hp++) 881 if(hp->p_type != PT_LOAD) { 882 printk("irix_mapelf: One section is not PT_LOAD!\n"); 883 return -ENOEXEC; 884 } 885 886 filp = fget(fd); 887 if (!filp) 888 return -EACCES; 889 if(!filp->f_op) { 890 printk("irix_mapelf: Bogon filp!\n"); 891 fput(filp); 892 return -EACCES; 893 } 894 895 hp = user_phdrp; 896 for(i = 0; i < cnt; i++, hp++) { 897 int prot; 898 899 prot = (hp->p_flags & PF_R) ? PROT_READ : 0; 900 prot |= (hp->p_flags & PF_W) ? PROT_WRITE : 0; 901 prot |= (hp->p_flags & PF_X) ? PROT_EXEC : 0; 902 down_write(¤t->mm->mmap_sem); 903 retval = do_mmap(filp, (hp->p_vaddr & 0xfffff000), 904 (hp->p_filesz + (hp->p_vaddr & 0xfff)), 905 prot, (MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE), 906 (hp->p_offset & 0xfffff000)); 907 up_write(¤t->mm->mmap_sem); 908 909 if(retval != (hp->p_vaddr & 0xfffff000)) { 910 printk("irix_mapelf: do_mmap fails with %d!\n", retval); 911 fput(filp); 912 return retval; 913 } 914 } 915 916#ifdef DEBUG_ELF 917 printk("irix_mapelf: Success, returning %08lx\n", user_phdrp->p_vaddr); 918#endif 919 fput(filp); 920 return user_phdrp->p_vaddr; 921} 922 923/* 924 * ELF core dumper 925 * 926 * Modelled on fs/exec.c:aout_core_dump() 927 * Jeremy Fitzhardinge <jeremy@sw.oz.au> 928 */ 929 930/* These are the only things you should do on a core-file: use only these 931 * functions to write out all the necessary info. 932 */ 933static int dump_write(struct file *file, const void *addr, int nr) 934{ 935 return file->f_op->write(file, addr, nr, &file->f_pos) == nr; 936} 937 938static int dump_seek(struct file *file, off_t off) 939{ 940 if (file->f_op->llseek) { 941 if (file->f_op->llseek(file, off, 0) != off) 942 return 0; 943 } else 944 file->f_pos = off; 945 return 1; 946} 947 948/* Decide whether a segment is worth dumping; default is yes to be 949 * sure (missing info is worse than too much; etc). 950 * Personally I'd include everything, and use the coredump limit... 951 * 952 * I think we should skip something. But I am not sure how. H.J. 953 */ 954static inline int maydump(struct vm_area_struct *vma) 955{ 956 if (!(vma->vm_flags & (VM_READ|VM_WRITE|VM_EXEC))) 957 return 0; 958 if (vma->vm_flags & (VM_WRITE|VM_GROWSUP|VM_GROWSDOWN)) 959 return 1; 960 if (vma->vm_flags & (VM_READ|VM_EXEC|VM_EXECUTABLE|VM_SHARED)) 961 return 0; 962 return 1; 963} 964 965#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) 966 967/* An ELF note in memory. */ 968struct memelfnote 969{ 970 const char *name; 971 int type; 972 unsigned int datasz; 973 void *data; 974}; 975 976static int notesize(struct memelfnote *en) 977{ 978 int sz; 979 980 sz = sizeof(struct elf_note); 981 sz += roundup(strlen(en->name), 4); 982 sz += roundup(en->datasz, 4); 983 984 return sz; 985} 986 987/* #define DEBUG */ 988 989#define DUMP_WRITE(addr, nr) \ 990 if (!dump_write(file, (addr), (nr))) \ 991 goto end_coredump; 992#define DUMP_SEEK(off) \ 993 if (!dump_seek(file, (off))) \ 994 goto end_coredump; 995 996static int writenote(struct memelfnote *men, struct file *file) 997{ 998 struct elf_note en; 999 1000 en.n_namesz = strlen(men->name); 1001 en.n_descsz = men->datasz; 1002 en.n_type = men->type; 1003 1004 DUMP_WRITE(&en, sizeof(en)); 1005 DUMP_WRITE(men->name, en.n_namesz); 1006 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); 1007 DUMP_WRITE(men->data, men->datasz); 1008 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); 1009 1010 return 1; 1011 1012end_coredump: 1013 return 0; 1014} 1015#undef DUMP_WRITE 1016#undef DUMP_SEEK 1017 1018#define DUMP_WRITE(addr, nr) \ 1019 if (!dump_write(file, (addr), (nr))) \ 1020 goto end_coredump; 1021#define DUMP_SEEK(off) \ 1022 if (!dump_seek(file, (off))) \ 1023 goto end_coredump; 1024 1025/* Actual dumper. 1026 * 1027 * This is a two-pass process; first we find the offsets of the bits, 1028 * and then they are actually written out. If we run out of core limit 1029 * we just truncate. 1030 */ 1031static int irix_core_dump(long signr, struct pt_regs * regs, struct file *file) 1032{ 1033 int has_dumped = 0; 1034 mm_segment_t fs; 1035 int segs; 1036 int i; 1037 size_t size; 1038 struct vm_area_struct *vma; 1039 struct elfhdr elf; 1040 off_t offset = 0, dataoff; 1041 int limit = current->rlim[RLIMIT_CORE].rlim_cur; 1042 int numnote = 4; 1043 struct memelfnote notes[4]; 1044 struct elf_prstatus prstatus; /* NT_PRSTATUS */ 1045 elf_fpregset_t fpu; /* NT_PRFPREG */ 1046 struct elf_prpsinfo psinfo; /* NT_PRPSINFO */ 1047 1048 /* Count what's needed to dump, up to the limit of coredump size. */ 1049 segs = 0; 1050 size = 0; 1051 for(vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) { 1052 if (maydump(vma)) 1053 { 1054 int sz = vma->vm_end-vma->vm_start; 1055 1056 if (size+sz >= limit) 1057 break; 1058 else 1059 size += sz; 1060 } 1061 1062 segs++; 1063 } 1064#ifdef DEBUG 1065 printk("irix_core_dump: %d segs taking %d bytes\n", segs, size); 1066#endif 1067 1068 /* Set up header. */ 1069 memcpy(elf.e_ident, ELFMAG, SELFMAG); 1070 elf.e_ident[EI_CLASS] = ELFCLASS32; 1071 elf.e_ident[EI_DATA] = ELFDATA2LSB; 1072 elf.e_ident[EI_VERSION] = EV_CURRENT; 1073 memset(elf.e_ident+EI_PAD, 0, EI_NIDENT-EI_PAD); 1074 1075 elf.e_type = ET_CORE; 1076 elf.e_machine = ELF_ARCH; 1077 elf.e_version = EV_CURRENT; 1078 elf.e_entry = 0; 1079 elf.e_phoff = sizeof(elf); 1080 elf.e_shoff = 0; 1081 elf.e_flags = 0; 1082 elf.e_ehsize = sizeof(elf); 1083 elf.e_phentsize = sizeof(struct elf_phdr); 1084 elf.e_phnum = segs+1; /* Include notes. */ 1085 elf.e_shentsize = 0; 1086 elf.e_shnum = 0; 1087 elf.e_shstrndx = 0; 1088 1089 fs = get_fs(); 1090 set_fs(KERNEL_DS); 1091 1092 has_dumped = 1; 1093 current->flags |= PF_DUMPCORE; 1094 1095 DUMP_WRITE(&elf, sizeof(elf)); 1096 offset += sizeof(elf); /* Elf header. */ 1097 offset += (segs+1) * sizeof(struct elf_phdr); /* Program headers. */ 1098 1099 /* Set up the notes in similar form to SVR4 core dumps made 1100 * with info from their /proc. 1101 */ 1102 memset(&psinfo, 0, sizeof(psinfo)); 1103 memset(&prstatus, 0, sizeof(prstatus)); 1104 1105 notes[0].name = "CORE"; 1106 notes[0].type = NT_PRSTATUS; 1107 notes[0].datasz = sizeof(prstatus); 1108 notes[0].data = &prstatus; 1109 prstatus.pr_info.si_signo = prstatus.pr_cursig = signr; 1110 prstatus.pr_sigpend = current->pending.signal.sig[0]; 1111 prstatus.pr_sighold = current->blocked.sig[0]; 1112 psinfo.pr_pid = prstatus.pr_pid = current->pid; 1113 psinfo.pr_ppid = prstatus.pr_ppid = current->p_pptr->pid; 1114 psinfo.pr_pgrp = prstatus.pr_pgrp = current->pgrp; 1115 psinfo.pr_sid = prstatus.pr_sid = current->session; 1116 prstatus.pr_utime.tv_sec = CT_TO_SECS(current->times.tms_utime); 1117 prstatus.pr_utime.tv_usec = CT_TO_USECS(current->times.tms_utime); 1118 prstatus.pr_stime.tv_sec = CT_TO_SECS(current->times.tms_stime); 1119 prstatus.pr_stime.tv_usec = CT_TO_USECS(current->times.tms_stime); 1120 prstatus.pr_cutime.tv_sec = CT_TO_SECS(current->times.tms_cutime); 1121 prstatus.pr_cutime.tv_usec = CT_TO_USECS(current->times.tms_cutime); 1122 prstatus.pr_cstime.tv_sec = CT_TO_SECS(current->times.tms_cstime); 1123 prstatus.pr_cstime.tv_usec = CT_TO_USECS(current->times.tms_cstime); 1124 if (sizeof(elf_gregset_t) != sizeof(struct pt_regs)) { 1125 printk("sizeof(elf_gregset_t) (%d) != sizeof(struct pt_regs) " 1126 "(%d)\n", sizeof(elf_gregset_t), sizeof(struct pt_regs)); 1127 } else { 1128 *(struct pt_regs *)&prstatus.pr_reg = *regs; 1129 } 1130 1131 notes[1].name = "CORE"; 1132 notes[1].type = NT_PRPSINFO; 1133 notes[1].datasz = sizeof(psinfo); 1134 notes[1].data = &psinfo; 1135 i = current->state ? ffz(~current->state) + 1 : 0; 1136 psinfo.pr_state = i; 1137 psinfo.pr_sname = (i < 0 || i > 5) ? '.' : "RSDZTD"[i]; 1138 psinfo.pr_zomb = psinfo.pr_sname == 'Z'; 1139 psinfo.pr_nice = current->nice; 1140 psinfo.pr_flag = current->flags; 1141 psinfo.pr_uid = current->uid; 1142 psinfo.pr_gid = current->gid; 1143 { 1144 int i, len; 1145 1146 set_fs(fs); 1147 1148 len = current->mm->arg_end - current->mm->arg_start; 1149 len = len >= ELF_PRARGSZ ? ELF_PRARGSZ : len; 1150 copy_from_user(&psinfo.pr_psargs, 1151 (const char *)current->mm->arg_start, len); 1152 for(i = 0; i < len; i++) 1153 if (psinfo.pr_psargs[i] == 0) 1154 psinfo.pr_psargs[i] = ' '; 1155 psinfo.pr_psargs[len] = 0; 1156 1157 set_fs(KERNEL_DS); 1158 } 1159 strncpy(psinfo.pr_fname, current->comm, sizeof(psinfo.pr_fname)); 1160 1161 notes[2].name = "CORE"; 1162 notes[2].type = NT_TASKSTRUCT; 1163 notes[2].datasz = sizeof(*current); 1164 notes[2].data = current; 1165 1166 /* Try to dump the FPU. */ 1167 prstatus.pr_fpvalid = dump_fpu (&fpu); 1168 if (!prstatus.pr_fpvalid) { 1169 numnote--; 1170 } else { 1171 notes[3].name = "CORE"; 1172 notes[3].type = NT_PRFPREG; 1173 notes[3].datasz = sizeof(fpu); 1174 notes[3].data = &fpu; 1175 } 1176 1177 /* Write notes phdr entry. */ 1178 { 1179 struct elf_phdr phdr; 1180 int sz = 0; 1181 1182 for(i = 0; i < numnote; i++) 1183 sz += notesize(¬es[i]); 1184 1185 phdr.p_type = PT_NOTE; 1186 phdr.p_offset = offset; 1187 phdr.p_vaddr = 0; 1188 phdr.p_paddr = 0; 1189 phdr.p_filesz = sz; 1190 phdr.p_memsz = 0; 1191 phdr.p_flags = 0; 1192 phdr.p_align = 0; 1193 1194 offset += phdr.p_filesz; 1195 DUMP_WRITE(&phdr, sizeof(phdr)); 1196 } 1197 1198 /* Page-align dumped data. */ 1199 dataoff = offset = roundup(offset, PAGE_SIZE); 1200 1201 /* Write program headers for segments dump. */ 1202 for(vma = current->mm->mmap, i = 0; 1203 i < segs && vma != NULL; vma = vma->vm_next) { 1204 struct elf_phdr phdr; 1205 size_t sz; 1206 1207 i++; 1208 1209 sz = vma->vm_end - vma->vm_start; 1210 1211 phdr.p_type = PT_LOAD; 1212 phdr.p_offset = offset; 1213 phdr.p_vaddr = vma->vm_start; 1214 phdr.p_paddr = 0; 1215 phdr.p_filesz = maydump(vma) ? sz : 0; 1216 phdr.p_memsz = sz; 1217 offset += phdr.p_filesz; 1218 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; 1219 if (vma->vm_flags & VM_WRITE) phdr.p_flags |= PF_W; 1220 if (vma->vm_flags & VM_EXEC) phdr.p_flags |= PF_X; 1221 phdr.p_align = PAGE_SIZE; 1222 1223 DUMP_WRITE(&phdr, sizeof(phdr)); 1224 } 1225 1226 for(i = 0; i < numnote; i++) 1227 if (!writenote(¬es[i], file)) 1228 goto end_coredump; 1229 1230 set_fs(fs); 1231 1232 DUMP_SEEK(dataoff); 1233 1234 for(i = 0, vma = current->mm->mmap; 1235 i < segs && vma != NULL; 1236 vma = vma->vm_next) { 1237 unsigned long addr = vma->vm_start; 1238 unsigned long len = vma->vm_end - vma->vm_start; 1239 1240 if (!maydump(vma)) 1241 continue; 1242 i++; 1243#ifdef DEBUG 1244 printk("elf_core_dump: writing %08lx %lx\n", addr, len); 1245#endif 1246 DUMP_WRITE((void *)addr, len); 1247 } 1248 1249 if ((off_t) file->f_pos != offset) { 1250 /* Sanity check. */ 1251 printk("elf_core_dump: file->f_pos (%ld) != offset (%ld)\n", 1252 (off_t) file->f_pos, offset); 1253 } 1254 1255end_coredump: 1256 set_fs(fs); 1257 return has_dumped; 1258} 1259 1260static int __init init_irix_binfmt(void) 1261{ 1262 return register_binfmt(&irix_format); 1263} 1264 1265static void __exit exit_irix_binfmt(void) 1266{ 1267 /* Remove the IRIX ELF loaders. */ 1268 unregister_binfmt(&irix_format); 1269} 1270 1271module_init(init_irix_binfmt) 1272module_exit(exit_irix_binfmt) 1273