exec_elf32.c revision 1.16
1/* $NetBSD: exec_elf32.c,v 1.16 1996/10/07 21:43:05 cgd Exp $ */ 2 3/* 4 * Copyright (c) 1996 Christopher G. Demetriou 5 * Copyright (c) 1994 Christos Zoulas 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of the author may not be used to endorse or promote products 17 * derived from this software without specific prior written permission 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31/* If not included by exec_elf64.c, ELFSIZE won't be defined. */ 32#ifndef ELFSIZE 33#define ELFSIZE 32 34#endif 35 36#include <sys/param.h> 37#include <sys/systm.h> 38#include <sys/kernel.h> 39#include <sys/proc.h> 40#include <sys/malloc.h> 41#include <sys/namei.h> 42#include <sys/vnode.h> 43#include <sys/exec.h> 44#include <sys/exec_elf.h> 45#include <sys/fcntl.h> 46#include <sys/syscall.h> 47#include <sys/signalvar.h> 48#include <sys/mount.h> 49#include <sys/stat.h> 50 51#include <sys/mman.h> 52#include <vm/vm.h> 53#include <vm/vm_param.h> 54#include <vm/vm_map.h> 55 56#include <machine/cpu.h> 57#include <machine/reg.h> 58 59#ifdef COMPAT_LINUX 60#include <compat/linux/linux_exec.h> 61#endif 62 63#ifdef COMPAT_SVR4 64#include <compat/svr4/svr4_exec.h> 65#endif 66 67#define CONCAT(x,y) __CONCAT(x,y) 68#define ELFNAME(x) CONCAT(elf,CONCAT(ELFSIZE,CONCAT(_,x))) 69#define ELFNAME2(x,y) CONCAT(x,CONCAT(_elf,CONCAT(ELFSIZE,CONCAT(_,y)))) 70#define ELFNAMEEND(x) CONCAT(x,CONCAT(_elf,ELFSIZE)) 71#define ELFDEFNNAME(x) CONCAT(ELF,CONCAT(ELFSIZE,CONCAT(_,x))) 72 73static int ELFNAME(check_header) __P((Elf_Ehdr *, int)); 74static int ELFNAME(load_file) __P((struct proc *, struct exec_package *, 75 char *, struct exec_vmcmd_set *, u_long *, struct elf_args *, 76 Elf_Addr *)); 77static void ELFNAME(load_psection) __P((struct exec_vmcmd_set *, 78 struct vnode *, Elf_Phdr *, Elf_Addr *, u_long *, int *)); 79 80extern char sigcode[], esigcode[]; 81#ifdef SYSCALL_DEBUG 82extern char *syscallnames[]; 83#endif 84 85struct emul ELFNAMEEND(emul_netbsd) = { 86 "netbsd", 87 NULL, 88 sendsig, 89 SYS_syscall, 90 SYS_MAXSYSCALL, 91 sysent, 92#ifdef SYSCALL_DEBUG 93 syscallnames, 94#else 95 NULL, 96#endif 97 ELF_AUX_ENTRIES * sizeof(AuxInfo), 98 ELFNAME(copyargs), 99 setregs, 100 sigcode, 101 esigcode, 102}; 103 104int (*ELFNAME(probe_funcs)[]) __P((struct proc *, struct exec_package *, 105 Elf_Ehdr *, char *, Elf_Addr *)) = { 106#if defined(COMPAT_SVR4) && (ELFSIZE == 32) 107 ELFNAME2(svr4,probe), /* XXX not 64-bit safe */ 108#endif 109#if defined(COMPAT_LINUX) && (ELFSIZE == 32) 110 ELFNAME2(linux,probe), /* XXX not 64-bit safe */ 111#endif 112}; 113 114#define ELF_ALIGN(a, b) ((a) & ~((b) - 1)) 115 116/* 117 * Copy arguments onto the stack in the normal way, but add some 118 * extra information in case of dynamic binding. 119 */ 120void * 121ELFNAME(copyargs)(pack, arginfo, stack, argp) 122 struct exec_package *pack; 123 struct ps_strings *arginfo; 124 void *stack; 125 void *argp; 126{ 127 size_t len; 128 AuxInfo ai[ELF_AUX_ENTRIES], *a; 129 struct elf_args *ap; 130 131 stack = copyargs(pack, arginfo, stack, argp); 132 if (!stack) 133 return NULL; 134 135 /* 136 * Push extra arguments on the stack needed by dynamically 137 * linked binaries 138 */ 139 if ((ap = (struct elf_args *) pack->ep_emul_arg)) { 140 a = ai; 141 142 a->au_id = AUX_phdr; 143 a->au_v = ap->arg_phaddr; 144 a++; 145 146 a->au_id = AUX_phent; 147 a->au_v = ap->arg_phentsize; 148 a++; 149 150 a->au_id = AUX_phnum; 151 a->au_v = ap->arg_phnum; 152 a++; 153 154 a->au_id = AUX_pagesz; 155 a->au_v = NBPG; 156 a++; 157 158 a->au_id = AUX_base; 159 a->au_v = ap->arg_interp; 160 a++; 161 162 a->au_id = AUX_flags; 163 a->au_v = 0; 164 a++; 165 166 a->au_id = AUX_entry; 167 a->au_v = ap->arg_entry; 168 a++; 169 170 a->au_id = AUX_null; 171 a->au_v = 0; 172 a++; 173 174 free((char *) ap, M_TEMP); 175 pack->ep_emul_arg = NULL; 176 len = ELF_AUX_ENTRIES * sizeof (AuxInfo); 177 if (copyout(ai, stack, len)) 178 return NULL; 179 stack += len; 180 } 181 return stack; 182} 183 184/* 185 * elf_check_header(): 186 * 187 * Check header for validity; return 0 of ok ENOEXEC if error 188 */ 189static int 190ELFNAME(check_header)(eh, type) 191 Elf_Ehdr *eh; 192 int type; 193{ 194 195 if (bcmp(eh->e_ident, Elf_e_ident, Elf_e_siz) != 0) 196 return ENOEXEC; 197 198 switch (eh->e_machine) { 199 200 ELFDEFNNAME(MACHDEP_ID_CASES) 201 202 default: 203 return ENOEXEC; 204 } 205 206 if (eh->e_type != type) 207 return ENOEXEC; 208 209 return 0; 210} 211 212/* 213 * elf_load_psection(): 214 * 215 * Load a psection at the appropriate address 216 */ 217static void 218ELFNAME(load_psection)(vcset, vp, ph, addr, size, prot) 219 struct exec_vmcmd_set *vcset; 220 struct vnode *vp; 221 Elf_Phdr *ph; 222 Elf_Addr *addr; 223 u_long *size; 224 int *prot; 225{ 226 u_long uaddr, msize, psize, rm, rf; 227 long diff, offset; 228 229 /* 230 * If the user specified an address, then we load there. 231 */ 232 if (*addr != ELFDEFNNAME(NO_ADDR)) { 233 if (ph->p_align > 1) { 234 *addr = ELF_ALIGN(*addr + ph->p_align, ph->p_align); 235 uaddr = ELF_ALIGN(ph->p_vaddr, ph->p_align); 236 } else 237 uaddr = ph->p_vaddr; 238 diff = ph->p_vaddr - uaddr; 239 } else { 240 *addr = uaddr = ph->p_vaddr; 241 if (ph->p_align > 1) 242 *addr = ELF_ALIGN(uaddr, ph->p_align); 243 diff = uaddr - *addr; 244 } 245 246 *prot |= (ph->p_flags & Elf_pf_r) ? VM_PROT_READ : 0; 247 *prot |= (ph->p_flags & Elf_pf_w) ? VM_PROT_WRITE : 0; 248 *prot |= (ph->p_flags & Elf_pf_x) ? VM_PROT_EXECUTE : 0; 249 250 offset = ph->p_offset - diff; 251 *size = ph->p_filesz + diff; 252 msize = ph->p_memsz + diff; 253 psize = round_page(*size); 254 255 if ((ph->p_flags & Elf_pf_w) != 0) { 256 /* 257 * Because the pagedvn pager can't handle zero fill of the last 258 * data page if it's not page aligned we map the last page 259 * readvn. 260 */ 261 psize = trunc_page(*size); 262 NEW_VMCMD(vcset, vmcmd_map_pagedvn, psize, *addr, vp, 263 offset, *prot); 264 if(psize != *size) 265 NEW_VMCMD(vcset, vmcmd_map_readvn, *size - psize, 266 *addr + psize, vp, offset + psize, *prot); 267 } else 268 NEW_VMCMD(vcset, vmcmd_map_pagedvn, psize, *addr, vp, 269 offset, *prot); 270 271 /* 272 * Check if we need to extend the size of the segment 273 */ 274 rm = round_page(*addr + msize); 275 rf = round_page(*addr + *size); 276 277 if (rm != rf) { 278 NEW_VMCMD(vcset, vmcmd_map_zero, rm - rf, rf, NULLVP, 0, *prot); 279 *size = msize; 280 } 281} 282 283/* 284 * elf_read_from(): 285 * 286 * Read from vnode into buffer at offset. 287 */ 288int 289ELFNAME(read_from)(p, vp, off, buf, size) 290 struct vnode *vp; 291 u_long off; 292 struct proc *p; 293 caddr_t buf; 294 int size; 295{ 296 int error; 297 int resid; 298 299 if ((error = vn_rdwr(UIO_READ, vp, buf, size, 300 off, UIO_SYSSPACE, 0, p->p_ucred, 301 &resid, p)) != 0) 302 return error; 303 /* 304 * See if we got all of it 305 */ 306 if (resid != 0) 307 return ENOEXEC; 308 return 0; 309} 310 311/* 312 * elf_load_file(): 313 * 314 * Load a file (interpreter/library) pointed to by path 315 * [stolen from coff_load_shlib()]. Made slightly generic 316 * so it might be used externally. 317 */ 318static int 319ELFNAME(load_file)(p, epp, path, vcset, entry, ap, last) 320 struct proc *p; 321 struct exec_package *epp; 322 char *path; 323 struct exec_vmcmd_set *vcset; 324 u_long *entry; 325 struct elf_args *ap; 326 Elf_Addr *last; 327{ 328 int error, i; 329 struct nameidata nd; 330 struct vnode *vp; 331 struct vattr attr; 332 Elf_Ehdr eh; 333 Elf_Phdr *ph = NULL; 334 u_long phsize; 335 char *bp = NULL; 336 Elf_Addr addr = *last; 337 338 bp = path; 339 /* 340 * 1. open file 341 * 2. read filehdr 342 * 3. map text, data, and bss out of it using VM_* 343 */ 344 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, path, p); 345 if ((error = namei(&nd)) != 0) 346 return error; 347 vp = nd.ni_vp; 348 349 /* check for regular file */ 350 if (vp->v_type != VREG) { 351 error = EACCES; 352 goto badunlock; 353 } 354 355 /* get attributes */ 356 if ((error = VOP_GETATTR(vp, &attr, p->p_ucred, p)) != 0) 357 goto badunlock; 358 359 /* 360 * Check mount point. Though we're not trying to exec this binary, 361 * we will be executing code from it, so if the mount point 362 * disallows execution or set-id-ness, we punt or kill the set-id. 363 */ 364 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 365 error = EACCES; 366 goto badunlock; 367 } 368 if (vp->v_mount->mnt_flag & MNT_NOSUID) 369 epp->ep_vap->va_mode &= ~(VSUID | VSGID); 370 371 /* 372 * Similarly, if it's not marked as executable, we don't allow 373 * it to be used. For root we have to see if any exec bit on. 374 */ 375 if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0) 376 goto badunlock; 377 if ((attr.va_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) { 378 error = EACCES; 379 goto badunlock; 380 } 381 382#ifdef notyet /* XXX cgd 960926 */ 383 XXX cgd 960926: (maybe) VOP_OPEN it (and VOP_CLOSE in copyargs?) 384#endif 385 VOP_UNLOCK(vp); 386 387 if ((error = ELFNAME(read_from)(p, vp, 0, (caddr_t) &eh, 388 sizeof(eh))) != 0) 389 goto bad; 390 391 if ((error = ELFNAME(check_header)(&eh, Elf_et_dyn)) != 0) 392 goto bad; 393 394 phsize = eh.e_phnum * sizeof(Elf_Phdr); 395 ph = (Elf_Phdr *) malloc(phsize, M_TEMP, M_WAITOK); 396 397 if ((error = ELFNAME(read_from)(p, vp, eh.e_phoff, 398 (caddr_t) ph, phsize)) != 0) 399 goto bad; 400 401 /* 402 * Load all the necessary sections 403 */ 404 for (i = 0; i < eh.e_phnum; i++) { 405 u_long size = 0; 406 int prot = 0; 407 408 switch (ph[i].p_type) { 409 case Elf_pt_load: 410 ELFNAME(load_psection)(vcset, vp, &ph[i], &addr, 411 &size, &prot); 412 /* If entry is within this section it must be text */ 413 if (eh.e_entry >= ph[i].p_vaddr && 414 eh.e_entry < (ph[i].p_vaddr + size)) { 415 *entry = addr + eh.e_entry; 416 ap->arg_interp = addr; 417 } 418 addr += size; 419 break; 420 421 case Elf_pt_dynamic: 422 case Elf_pt_phdr: 423 case Elf_pt_note: 424 break; 425 426 default: 427 break; 428 } 429 } 430 431 free((char *) ph, M_TEMP); 432 *last = addr; 433 vrele(vp); 434 return 0; 435 436badunlock: 437 VOP_UNLOCK(vp); 438 439bad: 440 if (ph != NULL) 441 free((char *) ph, M_TEMP); 442#ifdef notyet /* XXX cgd 960926 */ 443 (maybe) VOP_CLOSE it 444#endif 445 vrele(vp); 446 return error; 447} 448 449/* 450 * exec_elf_makecmds(): Prepare an Elf binary's exec package 451 * 452 * First, set of the various offsets/lengths in the exec package. 453 * 454 * Then, mark the text image busy (so it can be demand paged) or error 455 * out if this is not possible. Finally, set up vmcmds for the 456 * text, data, bss, and stack segments. 457 */ 458int 459ELFNAME2(exec,makecmds)(p, epp) 460 struct proc *p; 461 struct exec_package *epp; 462{ 463 Elf_Ehdr *eh = epp->ep_hdr; 464 Elf_Phdr *ph, *pp; 465 Elf_Addr phdr = 0, pos = 0; 466 int error, i, n, nload; 467 char interp[MAXPATHLEN]; 468 u_long phsize; 469 470 if (epp->ep_hdrvalid < sizeof(Elf_Ehdr)) 471 return ENOEXEC; 472 473 if (ELFNAME(check_header)(eh, Elf_et_exec)) 474 return ENOEXEC; 475 476 /* 477 * check if vnode is in open for writing, because we want to 478 * demand-page out of it. if it is, don't do it, for various 479 * reasons 480 */ 481 if (epp->ep_vp->v_writecount != 0) { 482#ifdef DIAGNOSTIC 483 if (epp->ep_vp->v_flag & VTEXT) 484 panic("exec: a VTEXT vnode has writecount != 0\n"); 485#endif 486 return ETXTBSY; 487 } 488 /* 489 * Allocate space to hold all the program headers, and read them 490 * from the file 491 */ 492 phsize = eh->e_phnum * sizeof(Elf_Phdr); 493 ph = (Elf_Phdr *) malloc(phsize, M_TEMP, M_WAITOK); 494 495 if ((error = ELFNAME(read_from)(p, epp->ep_vp, eh->e_phoff, 496 (caddr_t) ph, phsize)) != 0) 497 goto bad; 498 499 epp->ep_tsize = ELFDEFNNAME(NO_ADDR); 500 epp->ep_dsize = ELFDEFNNAME(NO_ADDR); 501 502 interp[0] = '\0'; 503 504 for (i = 0; i < eh->e_phnum; i++) { 505 pp = &ph[i]; 506 if (pp->p_type == Elf_pt_interp) { 507 if (pp->p_filesz >= sizeof(interp)) 508 goto bad; 509 if ((error = ELFNAME(read_from)(p, epp->ep_vp, pp->p_offset, 510 (caddr_t) interp, pp->p_filesz)) != 0) 511 goto bad; 512 break; 513 } 514 } 515 516 /* 517 * Setup things for native emulation. 518 */ 519 epp->ep_emul = &ELFNAMEEND(emul_netbsd); 520 pos = ELFDEFNNAME(NO_ADDR); 521 522 /* 523 * On the same architecture, we may be emulating different systems. 524 * See which one will accept this executable. This currently only 525 * applies to Linux and SVR4 on the i386. 526 * 527 * Probe functions would normally see if the interpreter (if any) 528 * exists. Emulation packages may possibly replace the interpreter in 529 * interp[] with a changed path (/emul/xxx/<path>), and also 530 * set the ep_emul field in the exec package structure. 531 */ 532 if ((n = sizeof ELFNAME(probe_funcs) / sizeof ELFNAME(probe_funcs)[0])) { 533 error = ENOEXEC; 534 for (i = 0; i < n && error; i++) 535 error = ELFNAME(probe_funcs)[i](p, epp, eh, interp, &pos); 536 537#ifdef notyet 538 /* 539 * We should really use a signature in our native binaries 540 * and have our own probe function for matching binaries, 541 * before trying the emulations. For now, if the emulation 542 * probes failed we default to native. 543 */ 544 if (error) 545 goto bad; 546#endif 547 } 548 549 /* 550 * Load all the necessary sections 551 */ 552 for (i = nload = 0; i < eh->e_phnum; i++) { 553 Elf_Addr addr = ELFDEFNNAME(NO_ADDR); 554 u_long size = 0; 555 int prot = 0; 556 557 pp = &ph[i]; 558 559 switch (ph[i].p_type) { 560 case Elf_pt_load: 561 /* 562 * XXX 563 * Can handle only 2 sections: text and data 564 */ 565 if (nload++ == 2) 566 goto bad; 567 ELFNAME(load_psection)(&epp->ep_vmcmds, epp->ep_vp, 568 &ph[i], &addr, &size, &prot); 569 /* 570 * Decide whether it's text or data by looking 571 * at the entry point. 572 */ 573 if (eh->e_entry >= addr && eh->e_entry < (addr + size)){ 574 epp->ep_taddr = addr; 575 epp->ep_tsize = size; 576 } else { 577 epp->ep_daddr = addr; 578 epp->ep_dsize = size; 579 } 580 break; 581 582 case Elf_pt_shlib: 583 error = ENOEXEC; 584 goto bad; 585 586 case Elf_pt_interp: 587 /* Already did this one */ 588 case Elf_pt_dynamic: 589 case Elf_pt_note: 590 break; 591 592 case Elf_pt_phdr: 593 /* Note address of program headers (in text segment) */ 594 phdr = pp->p_vaddr; 595 break; 596 597 default: 598 /* 599 * Not fatal; we don't need to understand everything. 600 */ 601 break; 602 } 603 } 604 605 /* 606 * If no position to load the interpreter was set by a probe 607 * function, pick the same address that a non-fixed mmap(0, ..) 608 * would (i.e. something safely out of the way). 609 */ 610 if (pos == ELFDEFNNAME(NO_ADDR) && 611 epp->ep_emul == &ELFNAMEEND(emul_netbsd)) 612 pos = round_page(epp->ep_daddr + MAXDSIZ); 613 614 /* 615 * Check if we found a dynamically linked binary and arrange to load 616 * it's interpreter 617 */ 618 if (interp[0]) { 619 struct elf_args *ap; 620 621 ap = (struct elf_args *) malloc(sizeof(struct elf_args), 622 M_TEMP, M_WAITOK); 623 if ((error = ELFNAME(load_file)(p, epp, interp, 624 &epp->ep_vmcmds, &epp->ep_entry, ap, &pos)) != 0) { 625 free((char *) ap, M_TEMP); 626 goto bad; 627 } 628 pos += phsize; 629 ap->arg_phaddr = phdr; 630 631 ap->arg_phentsize = eh->e_phentsize; 632 ap->arg_phnum = eh->e_phnum; 633 ap->arg_entry = eh->e_entry; 634 635 epp->ep_emul_arg = ap; 636 } else 637 epp->ep_entry = eh->e_entry; 638 639#ifdef ELF_MAP_PAGE_ZERO 640 /* Dell SVR4 maps page zero, yeuch! */ 641 NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_readvn, NBPG, 0, epp->ep_vp, 0, 642 VM_PROT_READ); 643#endif 644 free((char *) ph, M_TEMP); 645 epp->ep_vp->v_flag |= VTEXT; 646 return exec_elf_setup_stack(p, epp); 647 648bad: 649 free((char *) ph, M_TEMP); 650 kill_vmcmds(&epp->ep_vmcmds); 651 return ENOEXEC; 652} 653