1/* 2 * linux/fs/binfmt_elf.c 3 * 4 * These are the functions used to load ELF format executables as used 5 * on SVr4 machines. Information on the format may be found in the book 6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support 7 * Tools". 8 * 9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com). 10 */ 11 12#include <linux/module.h> 13 14#include <linux/fs.h> 15#include <linux/stat.h> 16#include <linux/sched.h> 17#include <linux/mm.h> 18#include <linux/mman.h> 19#include <linux/a.out.h> 20#include <linux/errno.h> 21#include <linux/signal.h> 22#include <linux/binfmts.h> 23#include <linux/string.h> 24#include <linux/file.h> 25#include <linux/fcntl.h> 26#include <linux/ptrace.h> 27#include <linux/slab.h> 28#include <linux/shm.h> 29#include <linux/personality.h> 30#include <linux/elfcore.h> 31#include <linux/init.h> 32#include <linux/highuid.h> 33#include <linux/smp_lock.h> 34#include <linux/compiler.h> 35#include <linux/highmem.h> 36 37#include <asm/uaccess.h> 38#include <asm/param.h> 39#include <asm/pgalloc.h> 40 41#define DLINFO_ITEMS 13 42 43#include <linux/elf.h> 44 45static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs); 46static int load_elf_library(struct file*); 47static unsigned long elf_map (struct file *, unsigned long, struct elf_phdr *, int, int); 48extern int dump_fpu (struct pt_regs *, elf_fpregset_t *); 49extern void dump_thread(struct pt_regs *, struct user *); 50 51#ifndef elf_addr_t 52#define elf_addr_t unsigned long 53#define elf_caddr_t char * 54#endif 55 56/* 57 * If we don't support core dumping, then supply a NULL so we 58 * don't even try. 59 */ 60#ifdef USE_ELF_CORE_DUMP 61static int elf_core_dump(long signr, struct pt_regs * regs, struct file * file); 62#else 63#define elf_core_dump NULL 64#endif 65 66#if ELF_EXEC_PAGESIZE > PAGE_SIZE 67# define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE 68#else 69# define ELF_MIN_ALIGN PAGE_SIZE 70#endif 71 72#define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1)) 73#define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1)) 74#define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1)) 75 76static struct linux_binfmt elf_format = { 77 NULL, THIS_MODULE, load_elf_binary, load_elf_library, elf_core_dump, ELF_EXEC_PAGESIZE 78}; 79 80#define BAD_ADDR(x) ((unsigned long)(x) > TASK_SIZE) 81 82static void set_brk(unsigned long start, unsigned long end) 83{ 84 start = ELF_PAGEALIGN(start); 85 end = ELF_PAGEALIGN(end); 86 if (end <= start) 87 return; 88 do_brk(start, end - start); 89} 90 91 92/* We need to explicitly zero any fractional pages 93 after the data section (i.e. bss). This would 94 contain the junk from the file that should not 95 be in memory */ 96 97 98static void padzero(unsigned long elf_bss) 99{ 100 unsigned long nbyte; 101 102 nbyte = ELF_PAGEOFFSET(elf_bss); 103 if (nbyte) { 104 nbyte = ELF_MIN_ALIGN - nbyte; 105 clear_user((void *) elf_bss, nbyte); 106 } 107} 108 109static elf_addr_t * 110create_elf_tables(char *p, int argc, int envc, 111 struct elfhdr * exec, 112 unsigned long load_addr, 113 unsigned long load_bias, 114 unsigned long interp_load_addr, int ibcs) 115{ 116 elf_caddr_t *argv; 117 elf_caddr_t *envp; 118 elf_addr_t *sp, *csp; 119 char *k_platform, *u_platform; 120 long hwcap; 121 size_t platform_len = 0; 122 size_t len; 123 124 /* 125 * Get hold of platform and hardware capabilities masks for 126 * the machine we are running on. In some cases (Sparc), 127 * this info is impossible to get, in others (i386) it is 128 * merely difficult. 129 */ 130 131 hwcap = ELF_HWCAP; 132 k_platform = ELF_PLATFORM; 133 134 if (k_platform) { 135 platform_len = strlen(k_platform) + 1; 136 u_platform = p - platform_len; 137 __copy_to_user(u_platform, k_platform, platform_len); 138 } else 139 u_platform = p; 140 141#if defined(__i386__) && defined(CONFIG_SMP) 142 /* 143 * In some cases (e.g. Hyper-Threading), we want to avoid L1 evictions 144 * by the processes running on the same package. One thing we can do 145 * is to shuffle the initial stack for them. 146 * 147 * The conditionals here are unneeded, but kept in to make the 148 * code behaviour the same as pre change unless we have hyperthreaded 149 * processors. This keeps Mr Marcelo Person happier but should be 150 * removed for 2.5 151 */ 152 153 if(smp_num_siblings > 1) 154 u_platform = u_platform - ((current->pid % 64) << 7); 155#endif 156 157 /* 158 * Force 16 byte _final_ alignment here for generality. 159 */ 160 sp = (elf_addr_t *)(~15UL & (unsigned long)(u_platform)); 161 csp = sp; 162 csp -= (1+DLINFO_ITEMS)*2 + (k_platform ? 2 : 0); 163#ifdef DLINFO_ARCH_ITEMS 164 csp -= DLINFO_ARCH_ITEMS*2; 165#endif 166 csp -= envc+1; 167 csp -= argc+1; 168 csp -= (!ibcs ? 3 : 1); /* argc itself */ 169 if ((unsigned long)csp & 15UL) 170 sp -= ((unsigned long)csp & 15UL) / sizeof(*sp); 171 172 /* 173 * Put the ELF interpreter info on the stack 174 */ 175#define NEW_AUX_ENT(nr, id, val) \ 176 __put_user ((id), sp+(nr*2)); \ 177 __put_user ((val), sp+(nr*2+1)); \ 178 179 sp -= 2; 180 NEW_AUX_ENT(0, AT_NULL, 0); 181 if (k_platform) { 182 sp -= 2; 183 NEW_AUX_ENT(0, AT_PLATFORM, (elf_addr_t)(unsigned long) u_platform); 184 } 185 sp -= DLINFO_ITEMS*2; 186 NEW_AUX_ENT( 0, AT_HWCAP, hwcap); 187 NEW_AUX_ENT( 1, AT_PAGESZ, ELF_EXEC_PAGESIZE); 188 NEW_AUX_ENT( 2, AT_CLKTCK, CLOCKS_PER_SEC); 189 NEW_AUX_ENT( 3, AT_PHDR, load_addr + exec->e_phoff); 190 NEW_AUX_ENT( 4, AT_PHENT, sizeof (struct elf_phdr)); 191 NEW_AUX_ENT( 5, AT_PHNUM, exec->e_phnum); 192 NEW_AUX_ENT( 6, AT_BASE, interp_load_addr); 193 NEW_AUX_ENT( 7, AT_FLAGS, 0); 194 NEW_AUX_ENT( 8, AT_ENTRY, load_bias + exec->e_entry); 195 NEW_AUX_ENT( 9, AT_UID, (elf_addr_t) current->uid); 196 NEW_AUX_ENT(10, AT_EUID, (elf_addr_t) current->euid); 197 NEW_AUX_ENT(11, AT_GID, (elf_addr_t) current->gid); 198 NEW_AUX_ENT(12, AT_EGID, (elf_addr_t) current->egid); 199#ifdef ARCH_DLINFO 200 /* 201 * ARCH_DLINFO must come last so platform specific code can enforce 202 * special alignment requirements on the AUXV if necessary (eg. PPC). 203 */ 204 ARCH_DLINFO; 205#endif 206#undef NEW_AUX_ENT 207 208 sp -= envc+1; 209 envp = (elf_caddr_t *) sp; 210 sp -= argc+1; 211 argv = (elf_caddr_t *) sp; 212 if (!ibcs) { 213 __put_user((elf_addr_t)(unsigned long) envp,--sp); 214 __put_user((elf_addr_t)(unsigned long) argv,--sp); 215 } 216 217 __put_user((elf_addr_t)argc,--sp); 218 current->mm->arg_start = (unsigned long) p; 219 while (argc-->0) { 220 __put_user((elf_caddr_t)(unsigned long)p,argv++); 221 len = strnlen_user(p, PAGE_SIZE*MAX_ARG_PAGES); 222 if (!len || len > PAGE_SIZE*MAX_ARG_PAGES) 223 return NULL; 224 p += len; 225 } 226 __put_user(NULL, argv); 227 current->mm->arg_end = current->mm->env_start = (unsigned long) p; 228 while (envc-->0) { 229 __put_user((elf_caddr_t)(unsigned long)p,envp++); 230 len = strnlen_user(p, PAGE_SIZE*MAX_ARG_PAGES); 231 if (!len || len > PAGE_SIZE*MAX_ARG_PAGES) 232 return NULL; 233 p += len; 234 } 235 __put_user(NULL, envp); 236 current->mm->env_end = (unsigned long) p; 237 return sp; 238} 239 240#ifndef elf_map 241 242static inline unsigned long 243elf_map (struct file *filep, unsigned long addr, struct elf_phdr *eppnt, int prot, int type) 244{ 245 unsigned long map_addr; 246 247 down_write(¤t->mm->mmap_sem); 248 map_addr = do_mmap(filep, ELF_PAGESTART(addr), 249 eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr), prot, type, 250 eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr)); 251 up_write(¤t->mm->mmap_sem); 252 return(map_addr); 253} 254 255#endif /* !elf_map */ 256 257/* This is much more generalized than the library routine read function, 258 so we keep this separate. Technically the library read function 259 is only provided so that we can read a.out libraries that have 260 an ELF header */ 261 262static unsigned long load_elf_interp(struct elfhdr * interp_elf_ex, 263 struct file * interpreter, 264 unsigned long *interp_load_addr) 265{ 266 struct elf_phdr *elf_phdata; 267 struct elf_phdr *eppnt; 268 unsigned long load_addr = 0; 269 int load_addr_set = 0; 270 unsigned long last_bss = 0, elf_bss = 0; 271 unsigned long error = ~0UL; 272 int retval, i, size; 273 274 /* First of all, some simple consistency checks */ 275 if (interp_elf_ex->e_type != ET_EXEC && 276 interp_elf_ex->e_type != ET_DYN) 277 goto out; 278 if (!elf_check_arch(interp_elf_ex)) 279 goto out; 280 if (!interpreter->f_op || !interpreter->f_op->mmap) 281 goto out; 282 283 /* 284 * If the size of this structure has changed, then punt, since 285 * we will be doing the wrong thing. 286 */ 287 if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr)) 288 goto out; 289 if (interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr)) 290 goto out; 291 292 /* Now read in all of the header information */ 293 294 size = sizeof(struct elf_phdr) * interp_elf_ex->e_phnum; 295 if (size > ELF_MIN_ALIGN) 296 goto out; 297 elf_phdata = (struct elf_phdr *) kmalloc(size, GFP_KERNEL); 298 if (!elf_phdata) 299 goto out; 300 301 retval = kernel_read(interpreter,interp_elf_ex->e_phoff,(char *)elf_phdata,size); 302 error = retval; 303 if (retval < 0) 304 goto out_close; 305 306 eppnt = elf_phdata; 307 for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) { 308 if (eppnt->p_type == PT_LOAD) { 309 int elf_type = MAP_PRIVATE | MAP_DENYWRITE; 310 int elf_prot = 0; 311 unsigned long vaddr = 0; 312 unsigned long k, map_addr; 313 314 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ; 315 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 316 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 317 vaddr = eppnt->p_vaddr; 318 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set) 319 elf_type |= MAP_FIXED; 320 321 map_addr = elf_map(interpreter, load_addr + vaddr, eppnt, elf_prot, elf_type); 322 if (BAD_ADDR(map_addr)) 323 goto out_close; 324 325 if (!load_addr_set && interp_elf_ex->e_type == ET_DYN) { 326 load_addr = map_addr - ELF_PAGESTART(vaddr); 327 load_addr_set = 1; 328 } 329 330 /* 331 * Find the end of the file mapping for this phdr, and keep 332 * track of the largest address we see for this. 333 */ 334 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz; 335 if (k > elf_bss) 336 elf_bss = k; 337 338 /* 339 * Do the same thing for the memory mapping - between 340 * elf_bss and last_bss is the bss section. 341 */ 342 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr; 343 if (k > last_bss) 344 last_bss = k; 345 } 346 } 347 348 /* Now use mmap to map the library into memory. */ 349 350 /* 351 * Now fill out the bss section. First pad the last page up 352 * to the page boundary, and then perform a mmap to make sure 353 * that there are zero-mapped pages up to and including the 354 * last bss page. 355 */ 356 padzero(elf_bss); 357 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1); /* What we have mapped so far */ 358 359 /* Map the last of the bss segment */ 360 if (last_bss > elf_bss) 361 do_brk(elf_bss, last_bss - elf_bss); 362 363 *interp_load_addr = load_addr; 364 error = ((unsigned long) interp_elf_ex->e_entry) + load_addr; 365 366out_close: 367 kfree(elf_phdata); 368out: 369 return error; 370} 371 372static unsigned long load_aout_interp(struct exec * interp_ex, 373 struct file * interpreter) 374{ 375 unsigned long text_data, elf_entry = ~0UL; 376 char * addr; 377 loff_t offset; 378 int retval; 379 380 current->mm->end_code = interp_ex->a_text; 381 text_data = interp_ex->a_text + interp_ex->a_data; 382 current->mm->end_data = text_data; 383 current->mm->brk = interp_ex->a_bss + text_data; 384 385 switch (N_MAGIC(*interp_ex)) { 386 case OMAGIC: 387 offset = 32; 388 addr = (char *) 0; 389 break; 390 case ZMAGIC: 391 case QMAGIC: 392 offset = N_TXTOFF(*interp_ex); 393 addr = (char *) N_TXTADDR(*interp_ex); 394 break; 395 default: 396 goto out; 397 } 398 399 do_brk(0, text_data); 400 retval = -ENOEXEC; 401 if (!interpreter->f_op || !interpreter->f_op->read) 402 goto out; 403 retval = interpreter->f_op->read(interpreter, addr, text_data, &offset); 404 if (retval < 0) 405 goto out; 406 flush_icache_range((unsigned long)addr, 407 (unsigned long)addr + text_data); 408 409 do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1), 410 interp_ex->a_bss); 411 elf_entry = interp_ex->a_entry; 412 413out: 414 return elf_entry; 415} 416 417/* 418 * These are the functions used to load ELF style executables and shared 419 * libraries. There is no binary dependent code anywhere else. 420 */ 421 422#define INTERPRETER_NONE 0 423#define INTERPRETER_AOUT 1 424#define INTERPRETER_ELF 2 425 426 427static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs) 428{ 429 struct file *interpreter = NULL; /* to shut gcc up */ 430 unsigned long load_addr = 0, load_bias = 0; 431 int load_addr_set = 0; 432 char * elf_interpreter = NULL; 433 unsigned int interpreter_type = INTERPRETER_NONE; 434 unsigned char ibcs2_interpreter = 0; 435 unsigned long error; 436 struct elf_phdr * elf_ppnt, *elf_phdata; 437 unsigned long elf_bss, k, elf_brk; 438 int elf_exec_fileno; 439 int retval, i; 440 unsigned int size; 441 unsigned long elf_entry, interp_load_addr = 0; 442 unsigned long start_code, end_code, start_data, end_data; 443 struct elfhdr elf_ex; 444 struct elfhdr interp_elf_ex; 445 struct exec interp_ex; 446 char passed_fileno[6]; 447 448 /* Get the exec-header */ 449 elf_ex = *((struct elfhdr *) bprm->buf); 450 451 retval = -ENOEXEC; 452 /* First of all, some simple consistency checks */ 453 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0) 454 goto out; 455 456 if (elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN) 457 goto out; 458 if (!elf_check_arch(&elf_ex)) 459 goto out; 460 if (!bprm->file->f_op||!bprm->file->f_op->mmap) 461 goto out; 462 463 /* Now read in all of the header information */ 464 465 retval = -ENOMEM; 466 if (elf_ex.e_phentsize != sizeof(struct elf_phdr)) 467 goto out; 468 if (elf_ex.e_phnum > 65536U / sizeof(struct elf_phdr)) 469 goto out; 470 size = elf_ex.e_phnum * sizeof(struct elf_phdr); 471 elf_phdata = (struct elf_phdr *) kmalloc(size, GFP_KERNEL); 472 if (!elf_phdata) 473 goto out; 474 475 retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *) elf_phdata, size); 476 if (retval < 0) 477 goto out_free_ph; 478 479 retval = get_unused_fd(); 480 if (retval < 0) 481 goto out_free_ph; 482 get_file(bprm->file); 483 fd_install(elf_exec_fileno = retval, bprm->file); 484 485 elf_ppnt = elf_phdata; 486 elf_bss = 0; 487 elf_brk = 0; 488 489 start_code = ~0UL; 490 end_code = 0; 491 start_data = 0; 492 end_data = 0; 493 494 for (i = 0; i < elf_ex.e_phnum; i++) { 495 if (elf_ppnt->p_type == PT_INTERP) { 496 /* This is the program interpreter used for 497 * shared libraries - for now assume that this 498 * is an a.out format binary 499 */ 500 501 retval = -ENOMEM; 502 if (elf_ppnt->p_filesz > PATH_MAX) 503 goto out_free_file; 504 elf_interpreter = (char *) kmalloc(elf_ppnt->p_filesz, 505 GFP_KERNEL); 506 if (!elf_interpreter) 507 goto out_free_file; 508 509 retval = kernel_read(bprm->file, elf_ppnt->p_offset, 510 elf_interpreter, 511 elf_ppnt->p_filesz); 512 if (retval < 0) 513 goto out_free_interp; 514 /* If the program interpreter is one of these two, 515 * then assume an iBCS2 image. Otherwise assume 516 * a native linux image. 517 */ 518 if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 || 519 strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0) 520 ibcs2_interpreter = 1; 521 522 SET_PERSONALITY(elf_ex, ibcs2_interpreter); 523 524 interpreter = open_exec(elf_interpreter); 525 retval = PTR_ERR(interpreter); 526 if (IS_ERR(interpreter)) 527 goto out_free_interp; 528 retval = kernel_read(interpreter, 0, bprm->buf, BINPRM_BUF_SIZE); 529 if (retval < 0) 530 goto out_free_dentry; 531 532 /* Get the exec headers */ 533 interp_ex = *((struct exec *) bprm->buf); 534 interp_elf_ex = *((struct elfhdr *) bprm->buf); 535 break; 536 } 537 elf_ppnt++; 538 } 539 540 /* Some simple consistency checks for the interpreter */ 541 if (elf_interpreter) { 542 interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT; 543 544 /* Now figure out which format our binary is */ 545 if ((N_MAGIC(interp_ex) != OMAGIC) && 546 (N_MAGIC(interp_ex) != ZMAGIC) && 547 (N_MAGIC(interp_ex) != QMAGIC)) 548 interpreter_type = INTERPRETER_ELF; 549 550 if (memcmp(interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0) 551 interpreter_type &= ~INTERPRETER_ELF; 552 553 retval = -ELIBBAD; 554 if (!interpreter_type) 555 goto out_free_dentry; 556 557 /* Make sure only one type was selected */ 558 if ((interpreter_type & INTERPRETER_ELF) && 559 interpreter_type != INTERPRETER_ELF) { 560 // FIXME - ratelimit this before re-enabling 561 // printk(KERN_WARNING "ELF: Ambiguous type, using ELF\n"); 562 interpreter_type = INTERPRETER_ELF; 563 } 564 } else { 565 /* Executables without an interpreter also need a personality */ 566 SET_PERSONALITY(elf_ex, ibcs2_interpreter); 567 } 568 569 /* OK, we are done with that, now set up the arg stuff, 570 and then start this sucker up */ 571 572 if (!bprm->sh_bang) { 573 char * passed_p; 574 575 if (interpreter_type == INTERPRETER_AOUT) { 576 sprintf(passed_fileno, "%d", elf_exec_fileno); 577 passed_p = passed_fileno; 578 579 if (elf_interpreter) { 580 retval = copy_strings_kernel(1,&passed_p,bprm); 581 if (retval) 582 goto out_free_dentry; 583 bprm->argc++; 584 } 585 } 586 } else { 587 /* Executables without an interpreter also need a personality */ 588 SET_PERSONALITY(elf_ex, ibcs2_interpreter); 589 } 590 591 /* Flush all traces of the currently running executable */ 592 retval = flush_old_exec(bprm); 593 if (retval) 594 goto out_free_dentry; 595 596 /* OK, This is the point of no return */ 597 current->mm->start_data = 0; 598 current->mm->end_data = 0; 599 current->mm->end_code = 0; 600 current->mm->mmap = NULL; 601 current->flags &= ~PF_FORKNOEXEC; 602 elf_entry = (unsigned long) elf_ex.e_entry; 603 604 /* Do this so that we can load the interpreter, if need be. We will 605 change some of these later */ 606 current->mm->rss = 0; 607 retval = setup_arg_pages(bprm); 608 if (retval < 0) { 609 send_sig(SIGKILL, current, 0); 610 return retval; 611 } 612 613 current->mm->start_stack = bprm->p; 614 615 /* Now we do a little grungy work by mmaping the ELF image into 616 the correct location in memory. At this point, we assume that 617 the image should be loaded at fixed address, not at a variable 618 address. */ 619 620 for(i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum; i++, elf_ppnt++) { 621 int elf_prot = 0, elf_flags; 622 unsigned long vaddr; 623 624 if (elf_ppnt->p_type != PT_LOAD) 625 continue; 626 627 if (unlikely (elf_brk > elf_bss)) { 628 unsigned long nbyte; 629 630 /* There was a PT_LOAD segment with p_memsz > p_filesz 631 before this one. Map anonymous pages, if needed, 632 and clear the area. */ 633 set_brk (elf_bss + load_bias, elf_brk + load_bias); 634 nbyte = ELF_PAGEOFFSET(elf_bss); 635 if (nbyte) { 636 nbyte = ELF_MIN_ALIGN - nbyte; 637 if (nbyte > elf_brk - elf_bss) 638 nbyte = elf_brk - elf_bss; 639 clear_user((void *) elf_bss + load_bias, nbyte); 640 } 641 } 642 643 if (elf_ppnt->p_flags & PF_R) elf_prot |= PROT_READ; 644 if (elf_ppnt->p_flags & PF_W) elf_prot |= PROT_WRITE; 645 if (elf_ppnt->p_flags & PF_X) elf_prot |= PROT_EXEC; 646 647 elf_flags = MAP_PRIVATE|MAP_DENYWRITE|MAP_EXECUTABLE; 648 649 vaddr = elf_ppnt->p_vaddr; 650 if (elf_ex.e_type == ET_EXEC || load_addr_set) { 651 elf_flags |= MAP_FIXED; 652 } else if (elf_ex.e_type == ET_DYN) { 653 /* Try and get dynamic programs out of the way of the default mmap 654 base, as well as whatever program they might try to exec. This 655 is because the brk will follow the loader, and is not movable. */ 656 load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); 657 } 658 659 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags); 660 if (BAD_ADDR(error)) 661 continue; 662 663 if (!load_addr_set) { 664 load_addr_set = 1; 665 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset); 666 if (elf_ex.e_type == ET_DYN) { 667 load_bias += error - 668 ELF_PAGESTART(load_bias + vaddr); 669 load_addr += load_bias; 670 } 671 } 672 k = elf_ppnt->p_vaddr; 673 if (k < start_code) start_code = k; 674 if (start_data < k) start_data = k; 675 676 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz; 677 678 if (k > elf_bss) 679 elf_bss = k; 680 if ((elf_ppnt->p_flags & PF_X) && end_code < k) 681 end_code = k; 682 if (end_data < k) 683 end_data = k; 684 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz; 685 if (k > elf_brk) 686 elf_brk = k; 687 } 688 689 elf_entry += load_bias; 690 elf_bss += load_bias; 691 elf_brk += load_bias; 692 start_code += load_bias; 693 end_code += load_bias; 694 start_data += load_bias; 695 end_data += load_bias; 696 697 if (elf_interpreter) { 698 if (interpreter_type == INTERPRETER_AOUT) 699 elf_entry = load_aout_interp(&interp_ex, 700 interpreter); 701 else 702 elf_entry = load_elf_interp(&interp_elf_ex, 703 interpreter, 704 &interp_load_addr); 705 706 allow_write_access(interpreter); 707 fput(interpreter); 708 kfree(elf_interpreter); 709 710 if (BAD_ADDR(elf_entry)) { 711 printk(KERN_ERR "Unable to load interpreter\n"); 712 kfree(elf_phdata); 713 send_sig(SIGSEGV, current, 0); 714 return 0; 715 } 716 } 717 718 kfree(elf_phdata); 719 720 if (interpreter_type != INTERPRETER_AOUT) 721 sys_close(elf_exec_fileno); 722 723 set_binfmt(&elf_format); 724 725 compute_creds(bprm); 726 current->flags &= ~PF_FORKNOEXEC; 727 bprm->p = (unsigned long) 728 create_elf_tables((char *)bprm->p, 729 bprm->argc, 730 bprm->envc, 731 &elf_ex, 732 load_addr, load_bias, 733 interp_load_addr, 734 (interpreter_type == INTERPRETER_AOUT ? 0 : 1)); 735 /* N.B. passed_fileno might not be initialized? */ 736 if (interpreter_type == INTERPRETER_AOUT) 737 current->mm->arg_start += strlen(passed_fileno) + 1; 738 current->mm->start_brk = current->mm->brk = elf_brk; 739 current->mm->end_code = end_code; 740 current->mm->start_code = start_code; 741 current->mm->start_data = start_data; 742 current->mm->end_data = end_data; 743 current->mm->start_stack = bprm->p; 744 745 /* Calling set_brk effectively mmaps the pages that we need 746 * for the bss and break sections 747 */ 748 set_brk(elf_bss, elf_brk); 749 750 padzero(elf_bss); 751 752 753 if (current->personality & MMAP_PAGE_ZERO) { 754 /* Why this, you ask??? Well SVr4 maps page 0 as read-only, 755 and some applications "depend" upon this behavior. 756 Since we do not have the power to recompile these, we 757 emulate the SVr4 behavior. Sigh. */ 758 /* N.B. Shouldn't the size here be PAGE_SIZE?? */ 759 down_write(¤t->mm->mmap_sem); 760 error = do_mmap(NULL, 0, 4096, PROT_READ | PROT_EXEC, 761 MAP_FIXED | MAP_PRIVATE, 0); 762 up_write(¤t->mm->mmap_sem); 763 } 764 765#ifdef ELF_PLAT_INIT 766 /* 767 * The ABI may specify that certain registers be set up in special 768 * ways (on i386 %edx is the address of a DT_FINI function, for 769 * example. This macro performs whatever initialization to 770 * the regs structure is required. 771 */ 772 ELF_PLAT_INIT(regs); 773#endif 774 775 start_thread(regs, elf_entry, bprm->p); 776 if (current->ptrace & PT_PTRACED) 777 send_sig(SIGTRAP, current, 0); 778 retval = 0; 779out: 780 return retval; 781 782 /* error cleanup */ 783out_free_dentry: 784 allow_write_access(interpreter); 785 fput(interpreter); 786out_free_interp: 787 if (elf_interpreter) 788 kfree(elf_interpreter); 789out_free_file: 790 sys_close(elf_exec_fileno); 791out_free_ph: 792 kfree(elf_phdata); 793 goto out; 794} 795 796/* This is really simpleminded and specialized - we are loading an 797 a.out library that is given an ELF header. */ 798 799static int load_elf_library(struct file *file) 800{ 801 struct elf_phdr *elf_phdata; 802 unsigned long elf_bss, bss, len; 803 int retval, error, i, j; 804 struct elfhdr elf_ex; 805 806 error = -ENOEXEC; 807 retval = kernel_read(file, 0, (char *) &elf_ex, sizeof(elf_ex)); 808 if (retval != sizeof(elf_ex)) 809 goto out; 810 811 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0) 812 goto out; 813 814 /* First of all, some simple consistency checks */ 815 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 || 816 !elf_check_arch(&elf_ex) || !file->f_op || !file->f_op->mmap) 817 goto out; 818 819 /* Now read in all of the header information */ 820 821 j = sizeof(struct elf_phdr) * elf_ex.e_phnum; 822 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */ 823 824 error = -ENOMEM; 825 elf_phdata = (struct elf_phdr *) kmalloc(j, GFP_KERNEL); 826 if (!elf_phdata) 827 goto out; 828 829 error = -ENOEXEC; 830 retval = kernel_read(file, elf_ex.e_phoff, (char *) elf_phdata, j); 831 if (retval != j) 832 goto out_free_ph; 833 834 for (j = 0, i = 0; i<elf_ex.e_phnum; i++) 835 if ((elf_phdata + i)->p_type == PT_LOAD) j++; 836 if (j != 1) 837 goto out_free_ph; 838 839 while (elf_phdata->p_type != PT_LOAD) elf_phdata++; 840 841 /* Now use mmap to map the library into memory. */ 842 down_write(¤t->mm->mmap_sem); 843 error = do_mmap(file, 844 ELF_PAGESTART(elf_phdata->p_vaddr), 845 (elf_phdata->p_filesz + 846 ELF_PAGEOFFSET(elf_phdata->p_vaddr)), 847 PROT_READ | PROT_WRITE | PROT_EXEC, 848 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, 849 (elf_phdata->p_offset - 850 ELF_PAGEOFFSET(elf_phdata->p_vaddr))); 851 up_write(¤t->mm->mmap_sem); 852 if (error != ELF_PAGESTART(elf_phdata->p_vaddr)) 853 goto out_free_ph; 854 855 elf_bss = elf_phdata->p_vaddr + elf_phdata->p_filesz; 856 padzero(elf_bss); 857 858 len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1); 859 bss = elf_phdata->p_memsz + elf_phdata->p_vaddr; 860 if (bss > len) 861 do_brk(len, bss - len); 862 error = 0; 863 864out_free_ph: 865 kfree(elf_phdata); 866out: 867 return error; 868} 869 870/* 871 * Note that some platforms still use traditional core dumps and not 872 * the ELF core dump. Each platform can select it as appropriate. 873 */ 874#ifdef USE_ELF_CORE_DUMP 875 876/* 877 * ELF core dumper 878 * 879 * Modelled on fs/exec.c:aout_core_dump() 880 * Jeremy Fitzhardinge <jeremy@sw.oz.au> 881 */ 882/* 883 * These are the only things you should do on a core-file: use only these 884 * functions to write out all the necessary info. 885 */ 886static int dump_write(struct file *file, const void *addr, int nr) 887{ 888 return file->f_op->write(file, addr, nr, &file->f_pos) == nr; 889} 890 891static int dump_seek(struct file *file, off_t off) 892{ 893 if (file->f_op->llseek) { 894 if (file->f_op->llseek(file, off, 0) != off) 895 return 0; 896 } else 897 file->f_pos = off; 898 return 1; 899} 900 901/* 902 * Decide whether a segment is worth dumping; default is yes to be 903 * sure (missing info is worse than too much; etc). 904 * Personally I'd include everything, and use the coredump limit... 905 * 906 * I think we should skip something. But I am not sure how. H.J. 907 */ 908static inline int maydump(struct vm_area_struct *vma) 909{ 910 /* 911 * If we may not read the contents, don't allow us to dump 912 * them either. "dump_write()" can't handle it anyway. 913 */ 914 if (!(vma->vm_flags & VM_READ)) 915 return 0; 916 917 /* Do not dump I/O mapped devices! -DaveM */ 918 if (vma->vm_flags & VM_IO) 919 return 0; 920 if (vma->vm_flags & (VM_WRITE|VM_GROWSUP|VM_GROWSDOWN)) 921 return 1; 922 if (vma->vm_flags & (VM_READ|VM_EXEC|VM_EXECUTABLE|VM_SHARED)) 923 return 0; 924 return 1; 925} 926 927#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) 928 929/* An ELF note in memory */ 930struct memelfnote 931{ 932 const char *name; 933 int type; 934 unsigned int datasz; 935 void *data; 936}; 937 938static int notesize(struct memelfnote *en) 939{ 940 int sz; 941 942 sz = sizeof(struct elf_note); 943 sz += roundup(strlen(en->name), 4); 944 sz += roundup(en->datasz, 4); 945 946 return sz; 947} 948 949/* #define DEBUG */ 950 951#ifdef DEBUG 952static void dump_regs(const char *str, elf_greg_t *r) 953{ 954 int i; 955 static const char *regs[] = { "ebx", "ecx", "edx", "esi", "edi", "ebp", 956 "eax", "ds", "es", "fs", "gs", 957 "orig_eax", "eip", "cs", 958 "efl", "uesp", "ss"}; 959 printk("Registers: %s\n", str); 960 961 for(i = 0; i < ELF_NGREG; i++) 962 { 963 unsigned long val = r[i]; 964 printk(" %-2d %-5s=%08lx %lu\n", i, regs[i], val, val); 965 } 966} 967#endif 968 969#define DUMP_WRITE(addr, nr) \ 970 do { if (!dump_write(file, (addr), (nr))) return 0; } while(0) 971#define DUMP_SEEK(off) \ 972 do { if (!dump_seek(file, (off))) return 0; } while(0) 973 974static int writenote(struct memelfnote *men, struct file *file) 975{ 976 struct elf_note en; 977 978 en.n_namesz = strlen(men->name); 979 en.n_descsz = men->datasz; 980 en.n_type = men->type; 981 982 DUMP_WRITE(&en, sizeof(en)); 983 DUMP_WRITE(men->name, en.n_namesz); 984 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); 985 DUMP_WRITE(men->data, men->datasz); 986 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); 987 988 return 1; 989} 990#undef DUMP_WRITE 991#undef DUMP_SEEK 992 993#define DUMP_WRITE(addr, nr) \ 994 if ((size += (nr)) > limit || !dump_write(file, (addr), (nr))) \ 995 goto end_coredump; 996#define DUMP_SEEK(off) \ 997 if (!dump_seek(file, (off))) \ 998 goto end_coredump; 999/* 1000 * Actual dumper 1001 * 1002 * This is a two-pass process; first we find the offsets of the bits, 1003 * and then they are actually written out. If we run out of core limit 1004 * we just truncate. 1005 */ 1006static int elf_core_dump(long signr, struct pt_regs * regs, struct file * file) 1007{ 1008 int has_dumped = 0; 1009 mm_segment_t fs; 1010 int segs; 1011 size_t size = 0; 1012 int i; 1013 struct vm_area_struct *vma; 1014 struct elfhdr elf; 1015 off_t offset = 0, dataoff; 1016 unsigned long limit = current->rlim[RLIMIT_CORE].rlim_cur; 1017 int numnote = 4; 1018 struct memelfnote notes[4]; 1019 struct elf_prstatus prstatus; /* NT_PRSTATUS */ 1020 elf_fpregset_t fpu; /* NT_PRFPREG */ 1021 struct elf_prpsinfo psinfo; /* NT_PRPSINFO */ 1022 1023 /* first copy the parameters from user space */ 1024 memset(&psinfo, 0, sizeof(psinfo)); 1025 { 1026 int i, len; 1027 1028 len = current->mm->arg_end - current->mm->arg_start; 1029 if (len >= ELF_PRARGSZ) 1030 len = ELF_PRARGSZ-1; 1031 copy_from_user(&psinfo.pr_psargs, 1032 (const char *)current->mm->arg_start, len); 1033 for(i = 0; i < len; i++) 1034 if (psinfo.pr_psargs[i] == 0) 1035 psinfo.pr_psargs[i] = ' '; 1036 psinfo.pr_psargs[len] = 0; 1037 1038 } 1039 1040 memset(&prstatus, 0, sizeof(prstatus)); 1041 /* 1042 * This transfers the registers from regs into the standard 1043 * coredump arrangement, whatever that is. 1044 */ 1045#ifdef ELF_CORE_COPY_REGS 1046 ELF_CORE_COPY_REGS(prstatus.pr_reg, regs) 1047#else 1048 if (sizeof(elf_gregset_t) != sizeof(struct pt_regs)) 1049 { 1050 printk("sizeof(elf_gregset_t) (%ld) != sizeof(struct pt_regs) (%ld)\n", 1051 (long)sizeof(elf_gregset_t), (long)sizeof(struct pt_regs)); 1052 } 1053 else 1054 *(struct pt_regs *)&prstatus.pr_reg = *regs; 1055#endif 1056 1057 /* now stop all vm operations */ 1058 down_write(¤t->mm->mmap_sem); 1059 segs = current->mm->map_count; 1060 1061#ifdef DEBUG 1062 printk("elf_core_dump: %d segs %lu limit\n", segs, limit); 1063#endif 1064 1065 /* Set up header */ 1066 memcpy(elf.e_ident, ELFMAG, SELFMAG); 1067 elf.e_ident[EI_CLASS] = ELF_CLASS; 1068 elf.e_ident[EI_DATA] = ELF_DATA; 1069 elf.e_ident[EI_VERSION] = EV_CURRENT; 1070 memset(elf.e_ident+EI_PAD, 0, EI_NIDENT-EI_PAD); 1071 1072 elf.e_type = ET_CORE; 1073 elf.e_machine = ELF_ARCH; 1074 elf.e_version = EV_CURRENT; 1075 elf.e_entry = 0; 1076 elf.e_phoff = sizeof(elf); 1077 elf.e_shoff = 0; 1078#ifdef ELF_CORE_EFLAGS 1079 elf.e_flags = ELF_CORE_EFLAGS; 1080#else 1081 elf.e_flags = 0; 1082#endif 1083 elf.e_ehsize = sizeof(elf); 1084 elf.e_phentsize = sizeof(struct elf_phdr); 1085 elf.e_phnum = segs+1; /* Include notes */ 1086 elf.e_shentsize = 0; 1087 elf.e_shnum = 0; 1088 elf.e_shstrndx = 0; 1089 1090 fs = get_fs(); 1091 set_fs(KERNEL_DS); 1092 1093 has_dumped = 1; 1094 current->flags |= PF_DUMPCORE; 1095 1096 DUMP_WRITE(&elf, sizeof(elf)); 1097 offset += sizeof(elf); /* Elf header */ 1098 offset += (segs+1) * sizeof(struct elf_phdr); /* Program headers */ 1099 1100 /* 1101 * Set up the notes in similar form to SVR4 core dumps made 1102 * with info from their /proc. 1103 */ 1104 1105 notes[0].name = "CORE"; 1106 notes[0].type = NT_PRSTATUS; 1107 notes[0].datasz = sizeof(prstatus); 1108 notes[0].data = &prstatus; 1109 prstatus.pr_info.si_signo = prstatus.pr_cursig = signr; 1110 prstatus.pr_sigpend = current->pending.signal.sig[0]; 1111 prstatus.pr_sighold = current->blocked.sig[0]; 1112 psinfo.pr_pid = prstatus.pr_pid = current->pid; 1113 psinfo.pr_ppid = prstatus.pr_ppid = current->p_pptr->pid; 1114 psinfo.pr_pgrp = prstatus.pr_pgrp = current->pgrp; 1115 psinfo.pr_sid = prstatus.pr_sid = current->session; 1116 prstatus.pr_utime.tv_sec = CT_TO_SECS(current->times.tms_utime); 1117 prstatus.pr_utime.tv_usec = CT_TO_USECS(current->times.tms_utime); 1118 prstatus.pr_stime.tv_sec = CT_TO_SECS(current->times.tms_stime); 1119 prstatus.pr_stime.tv_usec = CT_TO_USECS(current->times.tms_stime); 1120 prstatus.pr_cutime.tv_sec = CT_TO_SECS(current->times.tms_cutime); 1121 prstatus.pr_cutime.tv_usec = CT_TO_USECS(current->times.tms_cutime); 1122 prstatus.pr_cstime.tv_sec = CT_TO_SECS(current->times.tms_cstime); 1123 prstatus.pr_cstime.tv_usec = CT_TO_USECS(current->times.tms_cstime); 1124 1125#ifdef DEBUG 1126 dump_regs("Passed in regs", (elf_greg_t *)regs); 1127 dump_regs("prstatus regs", (elf_greg_t *)&prstatus.pr_reg); 1128#endif 1129 1130 notes[1].name = "CORE"; 1131 notes[1].type = NT_PRPSINFO; 1132 notes[1].datasz = sizeof(psinfo); 1133 notes[1].data = &psinfo; 1134 i = current->state ? ffz(~current->state) + 1 : 0; 1135 psinfo.pr_state = i; 1136 psinfo.pr_sname = (i < 0 || i > 5) ? '.' : "RSDZTD"[i]; 1137 psinfo.pr_zomb = psinfo.pr_sname == 'Z'; 1138 psinfo.pr_nice = current->nice; 1139 psinfo.pr_flag = current->flags; 1140 psinfo.pr_uid = NEW_TO_OLD_UID(current->uid); 1141 psinfo.pr_gid = NEW_TO_OLD_GID(current->gid); 1142 strncpy(psinfo.pr_fname, current->comm, sizeof(psinfo.pr_fname)); 1143 1144 notes[2].name = "CORE"; 1145 notes[2].type = NT_TASKSTRUCT; 1146 notes[2].datasz = sizeof(*current); 1147 notes[2].data = current; 1148 1149 /* Try to dump the FPU. */ 1150 prstatus.pr_fpvalid = dump_fpu (regs, &fpu); 1151 if (!prstatus.pr_fpvalid) 1152 { 1153 numnote--; 1154 } 1155 else 1156 { 1157 notes[3].name = "CORE"; 1158 notes[3].type = NT_PRFPREG; 1159 notes[3].datasz = sizeof(fpu); 1160 notes[3].data = &fpu; 1161 } 1162 1163 /* Write notes phdr entry */ 1164 { 1165 struct elf_phdr phdr; 1166 int sz = 0; 1167 1168 for(i = 0; i < numnote; i++) 1169 sz += notesize(¬es[i]); 1170 1171 phdr.p_type = PT_NOTE; 1172 phdr.p_offset = offset; 1173 phdr.p_vaddr = 0; 1174 phdr.p_paddr = 0; 1175 phdr.p_filesz = sz; 1176 phdr.p_memsz = 0; 1177 phdr.p_flags = 0; 1178 phdr.p_align = 0; 1179 1180 offset += phdr.p_filesz; 1181 DUMP_WRITE(&phdr, sizeof(phdr)); 1182 } 1183 1184 /* Page-align dumped data */ 1185 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); 1186 1187 /* Write program headers for segments dump */ 1188 for(vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) { 1189 struct elf_phdr phdr; 1190 size_t sz; 1191 1192 sz = vma->vm_end - vma->vm_start; 1193 1194 phdr.p_type = PT_LOAD; 1195 phdr.p_offset = offset; 1196 phdr.p_vaddr = vma->vm_start; 1197 phdr.p_paddr = 0; 1198 phdr.p_filesz = maydump(vma) ? sz : 0; 1199 phdr.p_memsz = sz; 1200 offset += phdr.p_filesz; 1201 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; 1202 if (vma->vm_flags & VM_WRITE) phdr.p_flags |= PF_W; 1203 if (vma->vm_flags & VM_EXEC) phdr.p_flags |= PF_X; 1204 phdr.p_align = ELF_EXEC_PAGESIZE; 1205 1206 DUMP_WRITE(&phdr, sizeof(phdr)); 1207 } 1208 1209 for(i = 0; i < numnote; i++) 1210 if (!writenote(¬es[i], file)) 1211 goto end_coredump; 1212 1213 DUMP_SEEK(dataoff); 1214 1215 for(vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) { 1216 unsigned long addr; 1217 1218 if (!maydump(vma)) 1219 continue; 1220 1221#ifdef DEBUG 1222 printk("elf_core_dump: writing %08lx-%08lx\n", vma->vm_start, vma->vm_end); 1223#endif 1224 1225 for (addr = vma->vm_start; 1226 addr < vma->vm_end; 1227 addr += PAGE_SIZE) { 1228 struct page* page; 1229 struct vm_area_struct *vma; 1230 1231 if (get_user_pages(current, current->mm, addr, 1, 0, 1, 1232 &page, &vma) <= 0) { 1233 DUMP_SEEK (file->f_pos + PAGE_SIZE); 1234 } else { 1235 if (page == ZERO_PAGE(addr)) { 1236 DUMP_SEEK (file->f_pos + PAGE_SIZE); 1237 } else { 1238 void *kaddr; 1239 flush_cache_page(vma, addr); 1240 kaddr = kmap(page); 1241 DUMP_WRITE(kaddr, PAGE_SIZE); 1242 flush_page_to_ram(page); 1243 kunmap(page); 1244 } 1245 put_page(page); 1246 } 1247 } 1248 } 1249 1250 if ((off_t) file->f_pos != offset) { 1251 /* Sanity check */ 1252 printk("elf_core_dump: file->f_pos (%ld) != offset (%ld)\n", 1253 (off_t) file->f_pos, offset); 1254 } 1255 1256 end_coredump: 1257 set_fs(fs); 1258 up_write(¤t->mm->mmap_sem); 1259 return has_dumped; 1260} 1261#endif /* USE_ELF_CORE_DUMP */ 1262 1263static int __init init_elf_binfmt(void) 1264{ 1265 return register_binfmt(&elf_format); 1266} 1267 1268static void __exit exit_elf_binfmt(void) 1269{ 1270 /* Remove the COFF and ELF loaders. */ 1271 unregister_binfmt(&elf_format); 1272} 1273 1274module_init(init_elf_binfmt) 1275module_exit(exit_elf_binfmt) 1276MODULE_LICENSE("GPL"); 1277