1/* $NetBSD: core_elf32.c,v 1.67 2021/01/02 02:13:42 rin Exp $ */ 2 3/* 4 * Copyright (c) 2001 Wasabi Systems, Inc. 5 * All rights reserved. 6 * 7 * Written by Jason R. Thorpe for Wasabi Systems, Inc. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed for the NetBSD Project by 20 * Wasabi Systems, Inc. 21 * 4. The name of Wasabi Systems, Inc. may not be used to endorse 22 * or promote products derived from this software without specific prior 23 * written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38/* 39 * core_elf32.c/core_elf64.c: Support for the Elf32/Elf64 core file format. 40 */ 41 42#include <sys/cdefs.h> 43__KERNEL_RCSID(1, "$NetBSD: core_elf32.c,v 1.67 2021/01/02 02:13:42 rin Exp $"); 44 45#ifdef _KERNEL_OPT 46#include "opt_compat_netbsd32.h" 47#endif 48 49#ifndef ELFSIZE 50#define ELFSIZE 32 51#endif 52 53#include <sys/param.h> 54#include <sys/systm.h> 55#include <sys/proc.h> 56#include <sys/vnode.h> 57#include <sys/exec.h> 58#include <sys/exec_elf.h> 59#include <sys/ptrace.h> 60#include <sys/kmem.h> 61#include <sys/kauth.h> 62#include <sys/compat_stub.h> 63 64#include <machine/reg.h> 65 66#include <uvm/uvm_extern.h> 67 68#ifdef COMPAT_NETBSD32 69#include <compat/netbsd32/netbsd32.h> 70#endif 71 72struct writesegs_state { 73 Elf_Phdr *psections; 74 proc_t *p; 75 off_t secoff; 76 size_t npsections; 77}; 78 79/* 80 * We need to know how big the 'notes' are before we write the main header. 81 * To avoid problems with double-processing we save the data. 82 */ 83struct note_buf { 84 struct note_buf *nb_next; 85 unsigned char nb_data[4096 - sizeof (void *)]; 86}; 87 88struct note_state { 89 struct note_buf *ns_first; 90 struct note_buf *ns_last; 91 unsigned int ns_count; /* Of full buffers */ 92 unsigned int ns_offset; /* Write point in last buffer */ 93}; 94 95static int ELFNAMEEND(coredump_getseghdrs)(struct uvm_coredump_state *); 96 97static int ELFNAMEEND(coredump_notes)(struct lwp *, struct note_state *); 98static int ELFNAMEEND(coredump_note)(struct lwp *, struct note_state *); 99 100/* The 'note' section names and data are always 4-byte aligned. */ 101#define ELFROUNDSIZE 4 /* XXX Should it be sizeof(Elf_Word)? */ 102 103#define elf_read_lwpstatus CONCAT(process_read_lwpstatus, ELFSIZE) 104#define elf_lwpstatus CONCAT(process_lwpstatus, ELFSIZE) 105 106#define elf_process_read_regs CONCAT(process_read_regs, ELFSIZE) 107#define elf_process_read_fpregs CONCAT(process_read_fpregs, ELFSIZE) 108#define elf_reg CONCAT(process_reg, ELFSIZE) 109#define elf_fpreg CONCAT(process_fpreg, ELFSIZE) 110 111int 112ELFNAMEEND(real_coredump)(struct lwp *l, struct coredump_iostate *cookie) 113{ 114 Elf_Ehdr ehdr; 115 Elf_Shdr shdr; 116 Elf_Phdr *psections; 117 size_t psectionssize; 118 int npsections; 119 struct writesegs_state ws; 120 off_t notestart; 121 size_t notesize; 122 int error, i; 123 off_t offset __diagused; 124 125 struct note_state ns; 126 struct note_buf *nb; 127 128 psections = NULL; 129 130 /* Get all of the notes (mostly all the registers). */ 131 ns.ns_first = kmem_alloc(sizeof *ns.ns_first, KM_SLEEP); 132 ns.ns_last = ns.ns_first; 133 ns.ns_count = 0; 134 ns.ns_offset = 0; 135 error = ELFNAMEEND(coredump_notes)(l, &ns); 136 ns.ns_last->nb_next = NULL; 137 if (error) 138 goto out; 139 notesize = ns.ns_count * sizeof nb->nb_data + ns.ns_offset; 140 141 /* 142 * We have to make a total of 3 passes across the map: 143 * 144 * 1. Count the number of map entries (the number of 145 * PT_LOAD sections in the dump). 146 * 147 * 2. Write the P-section headers. 148 * 149 * 3. Write the P-sections. 150 */ 151 152 /* Pass 1: count the entries. */ 153 MODULE_HOOK_CALL(uvm_coredump_count_segs_hook, 154 (l->l_proc), 0, npsections); 155 /* Allow for the PT_NOTE section. */ 156 npsections++; 157 158 /* Build the main elf header */ 159 memset(&ehdr.e_ident[EI_PAD], 0, sizeof(ehdr.e_ident) - EI_PAD); 160 memcpy(ehdr.e_ident, ELFMAG, SELFMAG); 161#if ELFSIZE == 32 162 ehdr.e_ident[EI_CLASS] = ELFCLASS32; 163#elif ELFSIZE == 64 164 ehdr.e_ident[EI_CLASS] = ELFCLASS64; 165#endif 166 ehdr.e_ident[EI_DATA] = ELFDEFNNAME(MACHDEP_ENDIANNESS); 167 ehdr.e_ident[EI_VERSION] = EV_CURRENT; 168 /* 169 * NetBSD sets generic SYSV OSABI and ABI version 0 170 * Native ELF files are distinguishable with NetBSD specific notes 171 */ 172 ehdr.e_ident[EI_OSABI] = ELFOSABI_SYSV; 173 ehdr.e_ident[EI_ABIVERSION] = 0; 174 175 ehdr.e_type = ET_CORE; 176 /* XXX This should be the e_machine of the executable. */ 177 ehdr.e_machine = ELFDEFNNAME(MACHDEP_ID); 178 ehdr.e_version = EV_CURRENT; 179 ehdr.e_entry = 0; 180 ehdr.e_flags = 0; 181 ehdr.e_ehsize = sizeof(ehdr); 182 ehdr.e_phentsize = sizeof(Elf_Phdr); 183 if (npsections < PN_XNUM) { 184 ehdr.e_phnum = npsections; 185 ehdr.e_shentsize = 0; 186 ehdr.e_shnum = 0; 187 ehdr.e_shoff = 0; 188 ehdr.e_phoff = sizeof(ehdr); 189 } else { 190 ehdr.e_phnum = PN_XNUM; 191 ehdr.e_shentsize = sizeof(Elf_Shdr); 192 ehdr.e_shnum = 1; 193 ehdr.e_shoff = sizeof(ehdr); 194 ehdr.e_phoff = sizeof(ehdr) + sizeof(shdr); 195 } 196 ehdr.e_shstrndx = 0; 197 198#ifdef ELF_MD_COREDUMP_SETUP 199 ELF_MD_COREDUMP_SETUP(l, &ehdr); 200#endif 201 202 /* Write out the ELF header. */ 203 MODULE_HOOK_CALL(coredump_write_hook, (cookie, UIO_SYSSPACE, &ehdr, 204 sizeof(ehdr)), ENOSYS, error); 205 if (error) 206 goto out; 207 208 /* Write out sections, if needed */ 209 if (npsections >= PN_XNUM) { 210 memset(&shdr, 0, sizeof(shdr)); 211 shdr.sh_type = SHT_NULL; 212 shdr.sh_info = npsections; 213 MODULE_HOOK_CALL(coredump_write_hook, (cookie, UIO_SYSSPACE, 214 &shdr, sizeof(shdr)), ENOSYS, error); 215 if (error) 216 goto out; 217 } 218 219 psectionssize = npsections * sizeof(*psections); 220 notestart = ehdr.e_phoff + psectionssize; 221 222 psections = kmem_zalloc(psectionssize, KM_SLEEP); 223 224 /* Pass 2: now find the P-section headers. */ 225 ws.secoff = notestart + notesize; 226 ws.psections = psections; 227 ws.npsections = npsections - 1; 228 ws.p = l->l_proc; 229 MODULE_HOOK_CALL(uvm_coredump_walkmap_hook, 230 (l->l_proc, ELFNAMEEND(coredump_getseghdrs), &ws), ENOSYS, error); 231 if (error) 232 goto out; 233 if (ws.npsections != 0) { 234 /* A section went away */ 235 error = ENOMEM; 236 goto out; 237 } 238 239 /* Add the PT_NOTE header after the P-section headers. */ 240 ws.psections->p_type = PT_NOTE; 241 ws.psections->p_offset = notestart; 242 ws.psections->p_vaddr = 0; 243 ws.psections->p_paddr = 0; 244 ws.psections->p_filesz = notesize; 245 ws.psections->p_memsz = 0; 246 ws.psections->p_flags = PF_R; 247 ws.psections->p_align = ELFROUNDSIZE; 248 249 /* Write the P-section headers followed by the PT_NOTE header */ 250 MODULE_HOOK_CALL(coredump_write_hook, (cookie, UIO_SYSSPACE, psections, 251 psectionssize), ENOSYS, error); 252 if (error) 253 goto out; 254 255#ifdef DIAGNOSTIC 256 MODULE_HOOK_CALL(coredump_offset_hook, (cookie), 0, offset); 257 if (offset != notestart) 258 panic("coredump: offset %lld != notestart %lld", 259 (long long) offset, 260 (long long) notestart); 261#endif 262 263 /* Write out the notes. */ 264 for (nb = ns.ns_first; nb != NULL; nb = nb->nb_next) { 265 MODULE_HOOK_CALL(coredump_write_hook, (cookie, UIO_SYSSPACE, 266 nb->nb_data, 267 nb->nb_next == NULL ? ns.ns_offset : sizeof nb->nb_data), 268 ENOSYS, error); 269 if (error) 270 goto out; 271 } 272 273 /* Finally, write the sections themselves. */ 274 for (i = 0; i < npsections - 1; i++) { 275 if (psections[i].p_filesz == 0) 276 continue; 277 278#ifdef DIAGNOSTIC 279 MODULE_HOOK_CALL(coredump_offset_hook, (cookie), 0, offset); 280 if (offset != psections[i].p_offset) 281 panic("coredump: offset %lld != p_offset[%d] %lld", 282 (long long) offset, i, 283 (long long) psections[i].p_filesz); 284#endif 285 286 MODULE_HOOK_CALL(coredump_write_hook, (cookie, UIO_USERSPACE, 287 (void *)(vaddr_t)psections[i].p_vaddr, 288 psections[i].p_filesz), ENOSYS, error); 289 if (error) 290 goto out; 291 } 292 293 out: 294 if (psections) 295 kmem_free(psections, psectionssize); 296 while ((nb = ns.ns_first) != NULL) { 297 ns.ns_first = nb->nb_next; 298 kmem_free(nb, sizeof *nb); 299 } 300 return (error); 301} 302 303static int 304ELFNAMEEND(coredump_getseghdrs)(struct uvm_coredump_state *us) 305{ 306 struct writesegs_state *ws = us->cookie; 307 Elf_Phdr phdr; 308 vsize_t size, realsize; 309 vaddr_t end; 310 int error; 311 312 /* Don't overrun if there are more sections */ 313 if (ws->npsections == 0) 314 return ENOMEM; 315 ws->npsections--; 316 317 size = us->end - us->start; 318 realsize = us->realend - us->start; 319 end = us->realend; 320 321 /* Don't bother writing out trailing zeros */ 322 while (realsize > 0) { 323 long buf[1024 / sizeof(long)]; 324 size_t slen = realsize > sizeof(buf) ? sizeof(buf) : realsize; 325 const long *ep; 326 int i; 327 328 end -= slen; 329 if ((error = copyin_proc(ws->p, (void *)end, buf, slen)) != 0) { 330 /* 331 * In case of any errors of scanning the segments reset 332 * their content to a default value with zeros. This is 333 * achieved with shortening the p_filesz parameter. 334 * 335 * This allows to emit core(5) files for a process 336 * regardless of its state of mappings, such as mapping 337 * pages after EOF in a file. 338 */ 339 realsize -= slen; 340 continue; 341 } 342 343 ep = (const long *) &buf[slen / sizeof(buf[0])]; 344 for (i = 0, ep--; buf <= ep; ep--, i++) { 345 if (*ep) 346 break; 347 } 348 realsize -= i * sizeof(buf[0]); 349 if (i * sizeof(buf[0]) < slen) 350 break; 351 } 352 353 phdr.p_type = PT_LOAD; 354 phdr.p_offset = ws->secoff; 355 phdr.p_vaddr = us->start; 356 phdr.p_paddr = 0; 357 phdr.p_filesz = realsize; 358 phdr.p_memsz = size; 359 phdr.p_flags = 0; 360 if (us->prot & VM_PROT_READ) 361 phdr.p_flags |= PF_R; 362 if (us->prot & VM_PROT_WRITE) 363 phdr.p_flags |= PF_W; 364 if (us->prot & VM_PROT_EXECUTE) 365 phdr.p_flags |= PF_X; 366 phdr.p_align = PAGE_SIZE; 367 368 ws->secoff += phdr.p_filesz; 369 *ws->psections++ = phdr; 370 371 return (0); 372} 373 374static void 375coredump_note_procinfo(struct lwp *l, struct note_state *ns) 376{ 377 struct proc *p; 378 struct netbsd_elfcore_procinfo cpi; 379 380 p = l->l_proc; 381 382 /* First, write an elfcore_procinfo. */ 383 cpi.cpi_version = NETBSD_ELFCORE_PROCINFO_VERSION; 384 cpi.cpi_cpisize = sizeof(cpi); 385 cpi.cpi_signo = p->p_sigctx.ps_info._signo; 386 cpi.cpi_sigcode = p->p_sigctx.ps_info._code; 387 cpi.cpi_siglwp = p->p_sigctx.ps_lwp; 388 389 /* 390 * per-LWP pending signals are stored in PT_LWPSTATUS@nnn. 391 */ 392 memcpy(&cpi.cpi_sigpend, &p->p_sigpend.sp_set, sizeof(cpi.cpi_sigpend)); 393 394 /* 395 * Signal mask is stored on a per-LWP basis in PT_LWPSTATUS@nnn. 396 * For compatibility purposes, cpi_sigmask is present, but zeroed. 397 */ 398 memset(&cpi.cpi_sigmask, 0, sizeof(cpi.cpi_sigmask)); 399 400 memcpy(&cpi.cpi_sigignore, &p->p_sigctx.ps_sigignore, 401 sizeof(cpi.cpi_sigignore)); 402 memcpy(&cpi.cpi_sigcatch, &p->p_sigctx.ps_sigcatch, 403 sizeof(cpi.cpi_sigcatch)); 404 405 cpi.cpi_pid = p->p_pid; 406 mutex_enter(&proc_lock); 407 cpi.cpi_ppid = p->p_pptr->p_pid; 408 cpi.cpi_pgrp = p->p_pgid; 409 cpi.cpi_sid = p->p_session->s_sid; 410 mutex_exit(&proc_lock); 411 412 cpi.cpi_ruid = kauth_cred_getuid(l->l_cred); 413 cpi.cpi_euid = kauth_cred_geteuid(l->l_cred); 414 cpi.cpi_svuid = kauth_cred_getsvuid(l->l_cred); 415 416 cpi.cpi_rgid = kauth_cred_getgid(l->l_cred); 417 cpi.cpi_egid = kauth_cred_getegid(l->l_cred); 418 cpi.cpi_svgid = kauth_cred_getsvgid(l->l_cred); 419 420 cpi.cpi_nlwps = p->p_nlwps; 421 (void)strncpy(cpi.cpi_name, p->p_comm, sizeof(cpi.cpi_name)); 422 cpi.cpi_name[sizeof(cpi.cpi_name) - 1] = '\0'; 423 424 ELFNAMEEND(coredump_savenote)(ns, ELF_NOTE_NETBSD_CORE_PROCINFO, 425 ELF_NOTE_NETBSD_CORE_NAME, &cpi, sizeof(cpi)); 426} 427 428static int 429coredump_note_auxv(struct lwp *l, struct note_state *ns) 430{ 431 int error; 432 size_t len; 433 void *kauxv; 434 435 if ((error = proc_getauxv(l->l_proc, &kauxv, &len)) != 0) 436 return error; 437 438 ELFNAMEEND(coredump_savenote)(ns, ELF_NOTE_NETBSD_CORE_AUXV, 439 ELF_NOTE_NETBSD_CORE_NAME, kauxv, len); 440 441 kmem_free(kauxv, len); 442 return 0; 443} 444 445static int 446ELFNAMEEND(coredump_notes)(struct lwp *l, struct note_state *ns) 447{ 448 int error; 449 struct lwp *l0; 450 struct proc *p = l->l_proc; 451 452 coredump_note_procinfo(l, ns); 453 error = coredump_note_auxv(l, ns); 454 if (error) 455 return error; 456 457 /* XXX Add hook for machdep per-proc notes. */ 458 459 /* 460 * Now write the register info for the thread that caused the 461 * coredump. 462 */ 463 error = ELFNAMEEND(coredump_note)(l, ns); 464 if (error) 465 return error; 466 467 /* 468 * Now, for each LWP, write the register info and any other 469 * per-LWP notes. 470 * Lock in case this is a gcore requested dump. 471 */ 472 mutex_enter(p->p_lock); 473 LIST_FOREACH(l0, &p->p_lwps, l_sibling) { 474 if (l0 == l) /* we've taken care of this thread */ 475 continue; 476 error = ELFNAMEEND(coredump_note)(l0, ns); 477 if (error) 478 break; 479 } 480 mutex_exit(p->p_lock); 481 482 return error; 483} 484 485struct elf_coredump_note_data { 486 char name[64]; 487 elf_lwpstatus els; 488 elf_reg intreg; 489#ifdef PT_GETFPREGS 490 elf_fpreg freg; 491#endif 492}; 493 494static int 495ELFNAMEEND(coredump_note)(struct lwp *l, struct note_state *ns) 496{ 497 struct elf_coredump_note_data *d; 498#ifdef PT_GETFPREGS 499 size_t freglen; 500#endif 501 int error; 502 503 d = kmem_alloc(sizeof(*d), KM_SLEEP); 504 505 snprintf(d->name, sizeof(d->name), "%s@%d", 506 ELF_NOTE_NETBSD_CORE_NAME, l->l_lid); 507 508 elf_read_lwpstatus(l, &d->els); 509 510 ELFNAMEEND(coredump_savenote)(ns, PT_LWPSTATUS, d->name, &d->els, 511 sizeof(d->els)); 512 513 error = elf_process_read_regs(l, &d->intreg); 514 if (error) 515 goto out; 516 517 ELFNAMEEND(coredump_savenote)(ns, 518#if ELFSIZE == 32 && defined(PT32_GETREGS) 519 PT32_GETREGS, 520#else 521 PT_GETREGS, 522#endif 523 d->name, &d->intreg, sizeof(d->intreg)); 524 525#ifdef PT_GETFPREGS 526 freglen = sizeof(d->freg); 527 error = elf_process_read_fpregs(l, &d->freg, &freglen); 528 if (error) 529 goto out; 530 531 ELFNAMEEND(coredump_savenote)(ns, 532# if ELFSIZE == 32 && defined(PT32_GETFPREGS) 533 PT32_GETFPREGS, 534# else 535 PT_GETFPREGS, 536# endif 537 d->name, &d->freg, freglen); 538#endif 539 540#ifdef COREDUMP_MACHDEP_LWP_NOTES 541 COREDUMP_MACHDEP_LWP_NOTES(l, ns, d->name); 542#endif 543 544 out: 545 kmem_free(d, sizeof(*d)); 546 return (error); 547} 548 549static void 550save_note_bytes(struct note_state *ns, const void *data, size_t len) 551{ 552 struct note_buf *nb = ns->ns_last; 553 size_t copylen; 554 unsigned char *wp; 555 556 /* 557 * Just copy the data into a buffer list. 558 * All but the last buffer is full. 559 */ 560 for (;;) { 561 copylen = uimin(len, sizeof(nb->nb_data) - ns->ns_offset); 562 wp = nb->nb_data + ns->ns_offset; 563 memcpy(wp, data, copylen); 564 if (copylen == len) 565 break; 566 nb->nb_next = kmem_alloc(sizeof(*nb->nb_next), KM_SLEEP); 567 nb = nb->nb_next; 568 ns->ns_last = nb; 569 ns->ns_count++; 570 ns->ns_offset = 0; 571 len -= copylen; 572 data = (const unsigned char *)data + copylen; 573 } 574 575 while ((copylen & (ELFROUNDSIZE - 1)) && 576 wp + copylen < nb->nb_data + sizeof(nb->nb_data)) 577 wp[copylen++] = 0; 578 579 ns->ns_offset += copylen; 580} 581 582void 583ELFNAMEEND(coredump_savenote)(struct note_state *ns, unsigned int type, 584 const char *name, void *data, size_t data_len) 585{ 586 Elf_Nhdr nhdr; 587 588 nhdr.n_namesz = strlen(name) + 1; 589 nhdr.n_descsz = data_len; 590 nhdr.n_type = type; 591 592 save_note_bytes(ns, &nhdr, sizeof (nhdr)); 593 save_note_bytes(ns, name, nhdr.n_namesz); 594 save_note_bytes(ns, data, data_len); 595} 596