Statistics
| Branch: | Revision:

root / linux-user / elfload.c @ a4c075f1

History | View | Annotate | Download (80.5 kB)

1
/* This is the Linux kernel elf-loading code, ported into user space */
2
#include <sys/time.h>
3
#include <sys/param.h>
4

    
5
#include <stdio.h>
6
#include <sys/types.h>
7
#include <fcntl.h>
8
#include <errno.h>
9
#include <unistd.h>
10
#include <sys/mman.h>
11
#include <sys/resource.h>
12
#include <stdlib.h>
13
#include <string.h>
14
#include <time.h>
15

    
16
#include "qemu.h"
17
#include "disas.h"
18

    
19
#ifdef _ARCH_PPC64
20
#undef ARCH_DLINFO
21
#undef ELF_PLATFORM
22
#undef ELF_HWCAP
23
#undef ELF_CLASS
24
#undef ELF_DATA
25
#undef ELF_ARCH
26
#endif
27

    
28
#define ELF_OSABI   ELFOSABI_SYSV
29

    
30
/* from personality.h */
31

    
32
/*
33
 * Flags for bug emulation.
34
 *
35
 * These occupy the top three bytes.
36
 */
37
enum {
38
    ADDR_NO_RANDOMIZE = 0x0040000,      /* disable randomization of VA space */
39
    FDPIC_FUNCPTRS =    0x0080000,      /* userspace function ptrs point to
40
                                           descriptors (signal handling) */
41
    MMAP_PAGE_ZERO =    0x0100000,
42
    ADDR_COMPAT_LAYOUT = 0x0200000,
43
    READ_IMPLIES_EXEC = 0x0400000,
44
    ADDR_LIMIT_32BIT =  0x0800000,
45
    SHORT_INODE =       0x1000000,
46
    WHOLE_SECONDS =     0x2000000,
47
    STICKY_TIMEOUTS =   0x4000000,
48
    ADDR_LIMIT_3GB =    0x8000000,
49
};
50

    
51
/*
52
 * Personality types.
53
 *
54
 * These go in the low byte.  Avoid using the top bit, it will
55
 * conflict with error returns.
56
 */
57
enum {
58
    PER_LINUX =         0x0000,
59
    PER_LINUX_32BIT =   0x0000 | ADDR_LIMIT_32BIT,
60
    PER_LINUX_FDPIC =   0x0000 | FDPIC_FUNCPTRS,
61
    PER_SVR4 =          0x0001 | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
62
    PER_SVR3 =          0x0002 | STICKY_TIMEOUTS | SHORT_INODE,
63
    PER_SCOSVR3 =       0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS | SHORT_INODE,
64
    PER_OSR5 =          0x0003 | STICKY_TIMEOUTS | WHOLE_SECONDS,
65
    PER_WYSEV386 =      0x0004 | STICKY_TIMEOUTS | SHORT_INODE,
66
    PER_ISCR4 =         0x0005 | STICKY_TIMEOUTS,
67
    PER_BSD =           0x0006,
68
    PER_SUNOS =         0x0006 | STICKY_TIMEOUTS,
69
    PER_XENIX =         0x0007 | STICKY_TIMEOUTS | SHORT_INODE,
70
    PER_LINUX32 =       0x0008,
71
    PER_LINUX32_3GB =   0x0008 | ADDR_LIMIT_3GB,
72
    PER_IRIX32 =        0x0009 | STICKY_TIMEOUTS,/* IRIX5 32-bit */
73
    PER_IRIXN32 =       0x000a | STICKY_TIMEOUTS,/* IRIX6 new 32-bit */
74
    PER_IRIX64 =        0x000b | STICKY_TIMEOUTS,/* IRIX6 64-bit */
75
    PER_RISCOS =        0x000c,
76
    PER_SOLARIS =       0x000d | STICKY_TIMEOUTS,
77
    PER_UW7 =           0x000e | STICKY_TIMEOUTS | MMAP_PAGE_ZERO,
78
    PER_OSF4 =          0x000f,                  /* OSF/1 v4 */
79
    PER_HPUX =          0x0010,
80
    PER_MASK =          0x00ff,
81
};
82

    
83
/*
84
 * Return the base personality without flags.
85
 */
86
#define personality(pers)       (pers & PER_MASK)
87

    
88
/* this flag is uneffective under linux too, should be deleted */
89
#ifndef MAP_DENYWRITE
90
#define MAP_DENYWRITE 0
91
#endif
92

    
93
/* should probably go in elf.h */
94
#ifndef ELIBBAD
95
#define ELIBBAD 80
96
#endif
97

    
98
#ifdef TARGET_WORDS_BIGENDIAN
99
#define ELF_DATA        ELFDATA2MSB
100
#else
101
#define ELF_DATA        ELFDATA2LSB
102
#endif
103

    
104
typedef target_ulong    target_elf_greg_t;
105
#ifdef USE_UID16
106
typedef target_ushort   target_uid_t;
107
typedef target_ushort   target_gid_t;
108
#else
109
typedef target_uint     target_uid_t;
110
typedef target_uint     target_gid_t;
111
#endif
112
typedef target_int      target_pid_t;
113

    
114
#ifdef TARGET_I386
115

    
116
#define ELF_PLATFORM get_elf_platform()
117

    
118
static const char *get_elf_platform(void)
119
{
120
    static char elf_platform[] = "i386";
121
    int family = (thread_env->cpuid_version >> 8) & 0xff;
122
    if (family > 6)
123
        family = 6;
124
    if (family >= 3)
125
        elf_platform[1] = '0' + family;
126
    return elf_platform;
127
}
128

    
129
#define ELF_HWCAP get_elf_hwcap()
130

    
131
static uint32_t get_elf_hwcap(void)
132
{
133
    return thread_env->cpuid_features;
134
}
135

    
136
#ifdef TARGET_X86_64
137
#define ELF_START_MMAP 0x2aaaaab000ULL
138
#define elf_check_arch(x) ( ((x) == ELF_ARCH) )
139

    
140
#define ELF_CLASS      ELFCLASS64
141
#define ELF_ARCH       EM_X86_64
142

    
143
static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
144
{
145
    regs->rax = 0;
146
    regs->rsp = infop->start_stack;
147
    regs->rip = infop->entry;
148
}
149

    
150
#define ELF_NREG    27
151
typedef target_elf_greg_t  target_elf_gregset_t[ELF_NREG];
152

    
153
/*
154
 * Note that ELF_NREG should be 29 as there should be place for
155
 * TRAPNO and ERR "registers" as well but linux doesn't dump
156
 * those.
157
 *
158
 * See linux kernel: arch/x86/include/asm/elf.h
159
 */
160
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
161
{
162
    (*regs)[0] = env->regs[15];
163
    (*regs)[1] = env->regs[14];
164
    (*regs)[2] = env->regs[13];
165
    (*regs)[3] = env->regs[12];
166
    (*regs)[4] = env->regs[R_EBP];
167
    (*regs)[5] = env->regs[R_EBX];
168
    (*regs)[6] = env->regs[11];
169
    (*regs)[7] = env->regs[10];
170
    (*regs)[8] = env->regs[9];
171
    (*regs)[9] = env->regs[8];
172
    (*regs)[10] = env->regs[R_EAX];
173
    (*regs)[11] = env->regs[R_ECX];
174
    (*regs)[12] = env->regs[R_EDX];
175
    (*regs)[13] = env->regs[R_ESI];
176
    (*regs)[14] = env->regs[R_EDI];
177
    (*regs)[15] = env->regs[R_EAX]; /* XXX */
178
    (*regs)[16] = env->eip;
179
    (*regs)[17] = env->segs[R_CS].selector & 0xffff;
180
    (*regs)[18] = env->eflags;
181
    (*regs)[19] = env->regs[R_ESP];
182
    (*regs)[20] = env->segs[R_SS].selector & 0xffff;
183
    (*regs)[21] = env->segs[R_FS].selector & 0xffff;
184
    (*regs)[22] = env->segs[R_GS].selector & 0xffff;
185
    (*regs)[23] = env->segs[R_DS].selector & 0xffff;
186
    (*regs)[24] = env->segs[R_ES].selector & 0xffff;
187
    (*regs)[25] = env->segs[R_FS].selector & 0xffff;
188
    (*regs)[26] = env->segs[R_GS].selector & 0xffff;
189
}
190

    
191
#else
192

    
193
#define ELF_START_MMAP 0x80000000
194

    
195
/*
196
 * This is used to ensure we don't load something for the wrong architecture.
197
 */
198
#define elf_check_arch(x) ( ((x) == EM_386) || ((x) == EM_486) )
199

    
200
/*
201
 * These are used to set parameters in the core dumps.
202
 */
203
#define ELF_CLASS       ELFCLASS32
204
#define ELF_ARCH        EM_386
205

    
206
static inline void init_thread(struct target_pt_regs *regs,
207
                               struct image_info *infop)
208
{
209
    regs->esp = infop->start_stack;
210
    regs->eip = infop->entry;
211

    
212
    /* SVR4/i386 ABI (pages 3-31, 3-32) says that when the program
213
       starts %edx contains a pointer to a function which might be
214
       registered using `atexit'.  This provides a mean for the
215
       dynamic linker to call DT_FINI functions for shared libraries
216
       that have been loaded before the code runs.
217

218
       A value of 0 tells we have no such handler.  */
219
    regs->edx = 0;
220
}
221

    
222
#define ELF_NREG    17
223
typedef target_elf_greg_t  target_elf_gregset_t[ELF_NREG];
224

    
225
/*
226
 * Note that ELF_NREG should be 19 as there should be place for
227
 * TRAPNO and ERR "registers" as well but linux doesn't dump
228
 * those.
229
 *
230
 * See linux kernel: arch/x86/include/asm/elf.h
231
 */
232
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
233
{
234
    (*regs)[0] = env->regs[R_EBX];
235
    (*regs)[1] = env->regs[R_ECX];
236
    (*regs)[2] = env->regs[R_EDX];
237
    (*regs)[3] = env->regs[R_ESI];
238
    (*regs)[4] = env->regs[R_EDI];
239
    (*regs)[5] = env->regs[R_EBP];
240
    (*regs)[6] = env->regs[R_EAX];
241
    (*regs)[7] = env->segs[R_DS].selector & 0xffff;
242
    (*regs)[8] = env->segs[R_ES].selector & 0xffff;
243
    (*regs)[9] = env->segs[R_FS].selector & 0xffff;
244
    (*regs)[10] = env->segs[R_GS].selector & 0xffff;
245
    (*regs)[11] = env->regs[R_EAX]; /* XXX */
246
    (*regs)[12] = env->eip;
247
    (*regs)[13] = env->segs[R_CS].selector & 0xffff;
248
    (*regs)[14] = env->eflags;
249
    (*regs)[15] = env->regs[R_ESP];
250
    (*regs)[16] = env->segs[R_SS].selector & 0xffff;
251
}
252
#endif
253

    
254
#define USE_ELF_CORE_DUMP
255
#define ELF_EXEC_PAGESIZE       4096
256

    
257
#endif
258

    
259
#ifdef TARGET_ARM
260

    
261
#define ELF_START_MMAP 0x80000000
262

    
263
#define elf_check_arch(x) ( (x) == EM_ARM )
264

    
265
#define ELF_CLASS       ELFCLASS32
266
#define ELF_ARCH        EM_ARM
267

    
268
static inline void init_thread(struct target_pt_regs *regs,
269
                               struct image_info *infop)
270
{
271
    abi_long stack = infop->start_stack;
272
    memset(regs, 0, sizeof(*regs));
273
    regs->ARM_cpsr = 0x10;
274
    if (infop->entry & 1)
275
        regs->ARM_cpsr |= CPSR_T;
276
    regs->ARM_pc = infop->entry & 0xfffffffe;
277
    regs->ARM_sp = infop->start_stack;
278
    /* FIXME - what to for failure of get_user()? */
279
    get_user_ual(regs->ARM_r2, stack + 8); /* envp */
280
    get_user_ual(regs->ARM_r1, stack + 4); /* envp */
281
    /* XXX: it seems that r0 is zeroed after ! */
282
    regs->ARM_r0 = 0;
283
    /* For uClinux PIC binaries.  */
284
    /* XXX: Linux does this only on ARM with no MMU (do we care ?) */
285
    regs->ARM_r10 = infop->start_data;
286
}
287

    
288
#define ELF_NREG    18
289
typedef target_elf_greg_t  target_elf_gregset_t[ELF_NREG];
290

    
291
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
292
{
293
    (*regs)[0] = tswapl(env->regs[0]);
294
    (*regs)[1] = tswapl(env->regs[1]);
295
    (*regs)[2] = tswapl(env->regs[2]);
296
    (*regs)[3] = tswapl(env->regs[3]);
297
    (*regs)[4] = tswapl(env->regs[4]);
298
    (*regs)[5] = tswapl(env->regs[5]);
299
    (*regs)[6] = tswapl(env->regs[6]);
300
    (*regs)[7] = tswapl(env->regs[7]);
301
    (*regs)[8] = tswapl(env->regs[8]);
302
    (*regs)[9] = tswapl(env->regs[9]);
303
    (*regs)[10] = tswapl(env->regs[10]);
304
    (*regs)[11] = tswapl(env->regs[11]);
305
    (*regs)[12] = tswapl(env->regs[12]);
306
    (*regs)[13] = tswapl(env->regs[13]);
307
    (*regs)[14] = tswapl(env->regs[14]);
308
    (*regs)[15] = tswapl(env->regs[15]);
309

    
310
    (*regs)[16] = tswapl(cpsr_read((CPUState *)env));
311
    (*regs)[17] = tswapl(env->regs[0]); /* XXX */
312
}
313

    
314
#define USE_ELF_CORE_DUMP
315
#define ELF_EXEC_PAGESIZE       4096
316

    
317
enum
318
{
319
    ARM_HWCAP_ARM_SWP       = 1 << 0,
320
    ARM_HWCAP_ARM_HALF      = 1 << 1,
321
    ARM_HWCAP_ARM_THUMB     = 1 << 2,
322
    ARM_HWCAP_ARM_26BIT     = 1 << 3,
323
    ARM_HWCAP_ARM_FAST_MULT = 1 << 4,
324
    ARM_HWCAP_ARM_FPA       = 1 << 5,
325
    ARM_HWCAP_ARM_VFP       = 1 << 6,
326
    ARM_HWCAP_ARM_EDSP      = 1 << 7,
327
    ARM_HWCAP_ARM_JAVA      = 1 << 8,
328
    ARM_HWCAP_ARM_IWMMXT    = 1 << 9,
329
    ARM_HWCAP_ARM_THUMBEE   = 1 << 10,
330
    ARM_HWCAP_ARM_NEON      = 1 << 11,
331
    ARM_HWCAP_ARM_VFPv3     = 1 << 12,
332
    ARM_HWCAP_ARM_VFPv3D16  = 1 << 13,
333
};
334

    
335
#define ELF_HWCAP (ARM_HWCAP_ARM_SWP | ARM_HWCAP_ARM_HALF               \
336
                   | ARM_HWCAP_ARM_THUMB | ARM_HWCAP_ARM_FAST_MULT      \
337
                   | ARM_HWCAP_ARM_FPA | ARM_HWCAP_ARM_VFP              \
338
                   | ARM_HWCAP_ARM_NEON | ARM_HWCAP_ARM_VFPv3 )
339

    
340
#endif
341

    
342
#ifdef TARGET_UNICORE32
343

    
344
#define ELF_START_MMAP          0x80000000
345

    
346
#define elf_check_arch(x)       ((x) == EM_UNICORE32)
347

    
348
#define ELF_CLASS               ELFCLASS32
349
#define ELF_DATA                ELFDATA2LSB
350
#define ELF_ARCH                EM_UNICORE32
351

    
352
static inline void init_thread(struct target_pt_regs *regs,
353
        struct image_info *infop)
354
{
355
    abi_long stack = infop->start_stack;
356
    memset(regs, 0, sizeof(*regs));
357
    regs->UC32_REG_asr = 0x10;
358
    regs->UC32_REG_pc = infop->entry & 0xfffffffe;
359
    regs->UC32_REG_sp = infop->start_stack;
360
    /* FIXME - what to for failure of get_user()? */
361
    get_user_ual(regs->UC32_REG_02, stack + 8); /* envp */
362
    get_user_ual(regs->UC32_REG_01, stack + 4); /* envp */
363
    /* XXX: it seems that r0 is zeroed after ! */
364
    regs->UC32_REG_00 = 0;
365
}
366

    
367
#define ELF_NREG    34
368
typedef target_elf_greg_t  target_elf_gregset_t[ELF_NREG];
369

    
370
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
371
{
372
    (*regs)[0] = env->regs[0];
373
    (*regs)[1] = env->regs[1];
374
    (*regs)[2] = env->regs[2];
375
    (*regs)[3] = env->regs[3];
376
    (*regs)[4] = env->regs[4];
377
    (*regs)[5] = env->regs[5];
378
    (*regs)[6] = env->regs[6];
379
    (*regs)[7] = env->regs[7];
380
    (*regs)[8] = env->regs[8];
381
    (*regs)[9] = env->regs[9];
382
    (*regs)[10] = env->regs[10];
383
    (*regs)[11] = env->regs[11];
384
    (*regs)[12] = env->regs[12];
385
    (*regs)[13] = env->regs[13];
386
    (*regs)[14] = env->regs[14];
387
    (*regs)[15] = env->regs[15];
388
    (*regs)[16] = env->regs[16];
389
    (*regs)[17] = env->regs[17];
390
    (*regs)[18] = env->regs[18];
391
    (*regs)[19] = env->regs[19];
392
    (*regs)[20] = env->regs[20];
393
    (*regs)[21] = env->regs[21];
394
    (*regs)[22] = env->regs[22];
395
    (*regs)[23] = env->regs[23];
396
    (*regs)[24] = env->regs[24];
397
    (*regs)[25] = env->regs[25];
398
    (*regs)[26] = env->regs[26];
399
    (*regs)[27] = env->regs[27];
400
    (*regs)[28] = env->regs[28];
401
    (*regs)[29] = env->regs[29];
402
    (*regs)[30] = env->regs[30];
403
    (*regs)[31] = env->regs[31];
404

    
405
    (*regs)[32] = cpu_asr_read((CPUState *)env);
406
    (*regs)[33] = env->regs[0]; /* XXX */
407
}
408

    
409
#define USE_ELF_CORE_DUMP
410
#define ELF_EXEC_PAGESIZE               4096
411

    
412
#define ELF_HWCAP                       (UC32_HWCAP_CMOV | UC32_HWCAP_UCF64)
413

    
414
#endif
415

    
416
#ifdef TARGET_SPARC
417
#ifdef TARGET_SPARC64
418

    
419
#define ELF_START_MMAP 0x80000000
420

    
421
#ifndef TARGET_ABI32
422
#define elf_check_arch(x) ( (x) == EM_SPARCV9 || (x) == EM_SPARC32PLUS )
423
#else
424
#define elf_check_arch(x) ( (x) == EM_SPARC32PLUS || (x) == EM_SPARC )
425
#endif
426

    
427
#define ELF_CLASS   ELFCLASS64
428
#define ELF_ARCH    EM_SPARCV9
429

    
430
#define STACK_BIAS              2047
431

    
432
static inline void init_thread(struct target_pt_regs *regs,
433
                               struct image_info *infop)
434
{
435
#ifndef TARGET_ABI32
436
    regs->tstate = 0;
437
#endif
438
    regs->pc = infop->entry;
439
    regs->npc = regs->pc + 4;
440
    regs->y = 0;
441
#ifdef TARGET_ABI32
442
    regs->u_regs[14] = infop->start_stack - 16 * 4;
443
#else
444
    if (personality(infop->personality) == PER_LINUX32)
445
        regs->u_regs[14] = infop->start_stack - 16 * 4;
446
    else
447
        regs->u_regs[14] = infop->start_stack - 16 * 8 - STACK_BIAS;
448
#endif
449
}
450

    
451
#else
452
#define ELF_START_MMAP 0x80000000
453

    
454
#define elf_check_arch(x) ( (x) == EM_SPARC )
455

    
456
#define ELF_CLASS   ELFCLASS32
457
#define ELF_ARCH    EM_SPARC
458

    
459
static inline void init_thread(struct target_pt_regs *regs,
460
                               struct image_info *infop)
461
{
462
    regs->psr = 0;
463
    regs->pc = infop->entry;
464
    regs->npc = regs->pc + 4;
465
    regs->y = 0;
466
    regs->u_regs[14] = infop->start_stack - 16 * 4;
467
}
468

    
469
#endif
470
#endif
471

    
472
#ifdef TARGET_PPC
473

    
474
#define ELF_START_MMAP 0x80000000
475

    
476
#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
477

    
478
#define elf_check_arch(x) ( (x) == EM_PPC64 )
479

    
480
#define ELF_CLASS       ELFCLASS64
481

    
482
#else
483

    
484
#define elf_check_arch(x) ( (x) == EM_PPC )
485

    
486
#define ELF_CLASS       ELFCLASS32
487

    
488
#endif
489

    
490
#define ELF_ARCH        EM_PPC
491

    
492
/* Feature masks for the Aux Vector Hardware Capabilities (AT_HWCAP).
493
   See arch/powerpc/include/asm/cputable.h.  */
494
enum {
495
    QEMU_PPC_FEATURE_32 = 0x80000000,
496
    QEMU_PPC_FEATURE_64 = 0x40000000,
497
    QEMU_PPC_FEATURE_601_INSTR = 0x20000000,
498
    QEMU_PPC_FEATURE_HAS_ALTIVEC = 0x10000000,
499
    QEMU_PPC_FEATURE_HAS_FPU = 0x08000000,
500
    QEMU_PPC_FEATURE_HAS_MMU = 0x04000000,
501
    QEMU_PPC_FEATURE_HAS_4xxMAC = 0x02000000,
502
    QEMU_PPC_FEATURE_UNIFIED_CACHE = 0x01000000,
503
    QEMU_PPC_FEATURE_HAS_SPE = 0x00800000,
504
    QEMU_PPC_FEATURE_HAS_EFP_SINGLE = 0x00400000,
505
    QEMU_PPC_FEATURE_HAS_EFP_DOUBLE = 0x00200000,
506
    QEMU_PPC_FEATURE_NO_TB = 0x00100000,
507
    QEMU_PPC_FEATURE_POWER4 = 0x00080000,
508
    QEMU_PPC_FEATURE_POWER5 = 0x00040000,
509
    QEMU_PPC_FEATURE_POWER5_PLUS = 0x00020000,
510
    QEMU_PPC_FEATURE_CELL = 0x00010000,
511
    QEMU_PPC_FEATURE_BOOKE = 0x00008000,
512
    QEMU_PPC_FEATURE_SMT = 0x00004000,
513
    QEMU_PPC_FEATURE_ICACHE_SNOOP = 0x00002000,
514
    QEMU_PPC_FEATURE_ARCH_2_05 = 0x00001000,
515
    QEMU_PPC_FEATURE_PA6T = 0x00000800,
516
    QEMU_PPC_FEATURE_HAS_DFP = 0x00000400,
517
    QEMU_PPC_FEATURE_POWER6_EXT = 0x00000200,
518
    QEMU_PPC_FEATURE_ARCH_2_06 = 0x00000100,
519
    QEMU_PPC_FEATURE_HAS_VSX = 0x00000080,
520
    QEMU_PPC_FEATURE_PSERIES_PERFMON_COMPAT = 0x00000040,
521

    
522
    QEMU_PPC_FEATURE_TRUE_LE = 0x00000002,
523
    QEMU_PPC_FEATURE_PPC_LE = 0x00000001,
524
};
525

    
526
#define ELF_HWCAP get_elf_hwcap()
527

    
528
static uint32_t get_elf_hwcap(void)
529
{
530
    CPUState *e = thread_env;
531
    uint32_t features = 0;
532

    
533
    /* We don't have to be terribly complete here; the high points are
534
       Altivec/FP/SPE support.  Anything else is just a bonus.  */
535
#define GET_FEATURE(flag, feature)                                      \
536
    do {if (e->insns_flags & flag) features |= feature; } while(0)
537
    GET_FEATURE(PPC_64B, QEMU_PPC_FEATURE_64);
538
    GET_FEATURE(PPC_FLOAT, QEMU_PPC_FEATURE_HAS_FPU);
539
    GET_FEATURE(PPC_ALTIVEC, QEMU_PPC_FEATURE_HAS_ALTIVEC);
540
    GET_FEATURE(PPC_SPE, QEMU_PPC_FEATURE_HAS_SPE);
541
    GET_FEATURE(PPC_SPE_SINGLE, QEMU_PPC_FEATURE_HAS_EFP_SINGLE);
542
    GET_FEATURE(PPC_SPE_DOUBLE, QEMU_PPC_FEATURE_HAS_EFP_DOUBLE);
543
    GET_FEATURE(PPC_BOOKE, QEMU_PPC_FEATURE_BOOKE);
544
    GET_FEATURE(PPC_405_MAC, QEMU_PPC_FEATURE_HAS_4xxMAC);
545
#undef GET_FEATURE
546

    
547
    return features;
548
}
549

    
550
/*
551
 * The requirements here are:
552
 * - keep the final alignment of sp (sp & 0xf)
553
 * - make sure the 32-bit value at the first 16 byte aligned position of
554
 *   AUXV is greater than 16 for glibc compatibility.
555
 *   AT_IGNOREPPC is used for that.
556
 * - for compatibility with glibc ARCH_DLINFO must always be defined on PPC,
557
 *   even if DLINFO_ARCH_ITEMS goes to zero or is undefined.
558
 */
559
#define DLINFO_ARCH_ITEMS       5
560
#define ARCH_DLINFO                                     \
561
    do {                                                \
562
        NEW_AUX_ENT(AT_DCACHEBSIZE, 0x20);              \
563
        NEW_AUX_ENT(AT_ICACHEBSIZE, 0x20);              \
564
        NEW_AUX_ENT(AT_UCACHEBSIZE, 0);                 \
565
        /*                                              \
566
         * Now handle glibc compatibility.              \
567
         */                                             \
568
        NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC);        \
569
        NEW_AUX_ENT(AT_IGNOREPPC, AT_IGNOREPPC);        \
570
    } while (0)
571

    
572
static inline void init_thread(struct target_pt_regs *_regs, struct image_info *infop)
573
{
574
    _regs->gpr[1] = infop->start_stack;
575
#if defined(TARGET_PPC64) && !defined(TARGET_ABI32)
576
    _regs->gpr[2] = ldq_raw(infop->entry + 8) + infop->load_addr;
577
    infop->entry = ldq_raw(infop->entry) + infop->load_addr;
578
#endif
579
    _regs->nip = infop->entry;
580
}
581

    
582
/* See linux kernel: arch/powerpc/include/asm/elf.h.  */
583
#define ELF_NREG 48
584
typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
585

    
586
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
587
{
588
    int i;
589
    target_ulong ccr = 0;
590

    
591
    for (i = 0; i < ARRAY_SIZE(env->gpr); i++) {
592
        (*regs)[i] = tswapl(env->gpr[i]);
593
    }
594

    
595
    (*regs)[32] = tswapl(env->nip);
596
    (*regs)[33] = tswapl(env->msr);
597
    (*regs)[35] = tswapl(env->ctr);
598
    (*regs)[36] = tswapl(env->lr);
599
    (*regs)[37] = tswapl(env->xer);
600

    
601
    for (i = 0; i < ARRAY_SIZE(env->crf); i++) {
602
        ccr |= env->crf[i] << (32 - ((i + 1) * 4));
603
    }
604
    (*regs)[38] = tswapl(ccr);
605
}
606

    
607
#define USE_ELF_CORE_DUMP
608
#define ELF_EXEC_PAGESIZE       4096
609

    
610
#endif
611

    
612
#ifdef TARGET_MIPS
613

    
614
#define ELF_START_MMAP 0x80000000
615

    
616
#define elf_check_arch(x) ( (x) == EM_MIPS )
617

    
618
#ifdef TARGET_MIPS64
619
#define ELF_CLASS   ELFCLASS64
620
#else
621
#define ELF_CLASS   ELFCLASS32
622
#endif
623
#define ELF_ARCH    EM_MIPS
624

    
625
static inline void init_thread(struct target_pt_regs *regs,
626
                               struct image_info *infop)
627
{
628
    regs->cp0_status = 2 << CP0St_KSU;
629
    regs->cp0_epc = infop->entry;
630
    regs->regs[29] = infop->start_stack;
631
}
632

    
633
/* See linux kernel: arch/mips/include/asm/elf.h.  */
634
#define ELF_NREG 45
635
typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
636

    
637
/* See linux kernel: arch/mips/include/asm/reg.h.  */
638
enum {
639
#ifdef TARGET_MIPS64
640
    TARGET_EF_R0 = 0,
641
#else
642
    TARGET_EF_R0 = 6,
643
#endif
644
    TARGET_EF_R26 = TARGET_EF_R0 + 26,
645
    TARGET_EF_R27 = TARGET_EF_R0 + 27,
646
    TARGET_EF_LO = TARGET_EF_R0 + 32,
647
    TARGET_EF_HI = TARGET_EF_R0 + 33,
648
    TARGET_EF_CP0_EPC = TARGET_EF_R0 + 34,
649
    TARGET_EF_CP0_BADVADDR = TARGET_EF_R0 + 35,
650
    TARGET_EF_CP0_STATUS = TARGET_EF_R0 + 36,
651
    TARGET_EF_CP0_CAUSE = TARGET_EF_R0 + 37
652
};
653

    
654
/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs.  */
655
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
656
{
657
    int i;
658

    
659
    for (i = 0; i < TARGET_EF_R0; i++) {
660
        (*regs)[i] = 0;
661
    }
662
    (*regs)[TARGET_EF_R0] = 0;
663

    
664
    for (i = 1; i < ARRAY_SIZE(env->active_tc.gpr); i++) {
665
        (*regs)[TARGET_EF_R0 + i] = tswapl(env->active_tc.gpr[i]);
666
    }
667

    
668
    (*regs)[TARGET_EF_R26] = 0;
669
    (*regs)[TARGET_EF_R27] = 0;
670
    (*regs)[TARGET_EF_LO] = tswapl(env->active_tc.LO[0]);
671
    (*regs)[TARGET_EF_HI] = tswapl(env->active_tc.HI[0]);
672
    (*regs)[TARGET_EF_CP0_EPC] = tswapl(env->active_tc.PC);
673
    (*regs)[TARGET_EF_CP0_BADVADDR] = tswapl(env->CP0_BadVAddr);
674
    (*regs)[TARGET_EF_CP0_STATUS] = tswapl(env->CP0_Status);
675
    (*regs)[TARGET_EF_CP0_CAUSE] = tswapl(env->CP0_Cause);
676
}
677

    
678
#define USE_ELF_CORE_DUMP
679
#define ELF_EXEC_PAGESIZE        4096
680

    
681
#endif /* TARGET_MIPS */
682

    
683
#ifdef TARGET_MICROBLAZE
684

    
685
#define ELF_START_MMAP 0x80000000
686

    
687
#define elf_check_arch(x) ( (x) == EM_MICROBLAZE || (x) == EM_MICROBLAZE_OLD)
688

    
689
#define ELF_CLASS   ELFCLASS32
690
#define ELF_ARCH    EM_MICROBLAZE
691

    
692
static inline void init_thread(struct target_pt_regs *regs,
693
                               struct image_info *infop)
694
{
695
    regs->pc = infop->entry;
696
    regs->r1 = infop->start_stack;
697

    
698
}
699

    
700
#define ELF_EXEC_PAGESIZE        4096
701

    
702
#define USE_ELF_CORE_DUMP
703
#define ELF_NREG 38
704
typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
705

    
706
/* See linux kernel: arch/mips/kernel/process.c:elf_dump_regs.  */
707
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
708
{
709
    int i, pos = 0;
710

    
711
    for (i = 0; i < 32; i++) {
712
        (*regs)[pos++] = tswapl(env->regs[i]);
713
    }
714

    
715
    for (i = 0; i < 6; i++) {
716
        (*regs)[pos++] = tswapl(env->sregs[i]);
717
    }
718
}
719

    
720
#endif /* TARGET_MICROBLAZE */
721

    
722
#ifdef TARGET_SH4
723

    
724
#define ELF_START_MMAP 0x80000000
725

    
726
#define elf_check_arch(x) ( (x) == EM_SH )
727

    
728
#define ELF_CLASS ELFCLASS32
729
#define ELF_ARCH  EM_SH
730

    
731
static inline void init_thread(struct target_pt_regs *regs,
732
                               struct image_info *infop)
733
{
734
    /* Check other registers XXXXX */
735
    regs->pc = infop->entry;
736
    regs->regs[15] = infop->start_stack;
737
}
738

    
739
/* See linux kernel: arch/sh/include/asm/elf.h.  */
740
#define ELF_NREG 23
741
typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
742

    
743
/* See linux kernel: arch/sh/include/asm/ptrace.h.  */
744
enum {
745
    TARGET_REG_PC = 16,
746
    TARGET_REG_PR = 17,
747
    TARGET_REG_SR = 18,
748
    TARGET_REG_GBR = 19,
749
    TARGET_REG_MACH = 20,
750
    TARGET_REG_MACL = 21,
751
    TARGET_REG_SYSCALL = 22
752
};
753

    
754
static inline void elf_core_copy_regs(target_elf_gregset_t *regs,
755
                                      const CPUState *env)
756
{
757
    int i;
758

    
759
    for (i = 0; i < 16; i++) {
760
        (*regs[i]) = tswapl(env->gregs[i]);
761
    }
762

    
763
    (*regs)[TARGET_REG_PC] = tswapl(env->pc);
764
    (*regs)[TARGET_REG_PR] = tswapl(env->pr);
765
    (*regs)[TARGET_REG_SR] = tswapl(env->sr);
766
    (*regs)[TARGET_REG_GBR] = tswapl(env->gbr);
767
    (*regs)[TARGET_REG_MACH] = tswapl(env->mach);
768
    (*regs)[TARGET_REG_MACL] = tswapl(env->macl);
769
    (*regs)[TARGET_REG_SYSCALL] = 0; /* FIXME */
770
}
771

    
772
#define USE_ELF_CORE_DUMP
773
#define ELF_EXEC_PAGESIZE        4096
774

    
775
#endif
776

    
777
#ifdef TARGET_CRIS
778

    
779
#define ELF_START_MMAP 0x80000000
780

    
781
#define elf_check_arch(x) ( (x) == EM_CRIS )
782

    
783
#define ELF_CLASS ELFCLASS32
784
#define ELF_ARCH  EM_CRIS
785

    
786
static inline void init_thread(struct target_pt_regs *regs,
787
                               struct image_info *infop)
788
{
789
    regs->erp = infop->entry;
790
}
791

    
792
#define ELF_EXEC_PAGESIZE        8192
793

    
794
#endif
795

    
796
#ifdef TARGET_M68K
797

    
798
#define ELF_START_MMAP 0x80000000
799

    
800
#define elf_check_arch(x) ( (x) == EM_68K )
801

    
802
#define ELF_CLASS       ELFCLASS32
803
#define ELF_ARCH        EM_68K
804

    
805
/* ??? Does this need to do anything?
806
   #define ELF_PLAT_INIT(_r) */
807

    
808
static inline void init_thread(struct target_pt_regs *regs,
809
                               struct image_info *infop)
810
{
811
    regs->usp = infop->start_stack;
812
    regs->sr = 0;
813
    regs->pc = infop->entry;
814
}
815

    
816
/* See linux kernel: arch/m68k/include/asm/elf.h.  */
817
#define ELF_NREG 20
818
typedef target_elf_greg_t target_elf_gregset_t[ELF_NREG];
819

    
820
static void elf_core_copy_regs(target_elf_gregset_t *regs, const CPUState *env)
821
{
822
    (*regs)[0] = tswapl(env->dregs[1]);
823
    (*regs)[1] = tswapl(env->dregs[2]);
824
    (*regs)[2] = tswapl(env->dregs[3]);
825
    (*regs)[3] = tswapl(env->dregs[4]);
826
    (*regs)[4] = tswapl(env->dregs[5]);
827
    (*regs)[5] = tswapl(env->dregs[6]);
828
    (*regs)[6] = tswapl(env->dregs[7]);
829
    (*regs)[7] = tswapl(env->aregs[0]);
830
    (*regs)[8] = tswapl(env->aregs[1]);
831
    (*regs)[9] = tswapl(env->aregs[2]);
832
    (*regs)[10] = tswapl(env->aregs[3]);
833
    (*regs)[11] = tswapl(env->aregs[4]);
834
    (*regs)[12] = tswapl(env->aregs[5]);
835
    (*regs)[13] = tswapl(env->aregs[6]);
836
    (*regs)[14] = tswapl(env->dregs[0]);
837
    (*regs)[15] = tswapl(env->aregs[7]);
838
    (*regs)[16] = tswapl(env->dregs[0]); /* FIXME: orig_d0 */
839
    (*regs)[17] = tswapl(env->sr);
840
    (*regs)[18] = tswapl(env->pc);
841
    (*regs)[19] = 0;  /* FIXME: regs->format | regs->vector */
842
}
843

    
844
#define USE_ELF_CORE_DUMP
845
#define ELF_EXEC_PAGESIZE       8192
846

    
847
#endif
848

    
849
#ifdef TARGET_ALPHA
850

    
851
#define ELF_START_MMAP (0x30000000000ULL)
852

    
853
#define elf_check_arch(x) ( (x) == ELF_ARCH )
854

    
855
#define ELF_CLASS      ELFCLASS64
856
#define ELF_ARCH       EM_ALPHA
857

    
858
static inline void init_thread(struct target_pt_regs *regs,
859
                               struct image_info *infop)
860
{
861
    regs->pc = infop->entry;
862
    regs->ps = 8;
863
    regs->usp = infop->start_stack;
864
}
865

    
866
#define ELF_EXEC_PAGESIZE        8192
867

    
868
#endif /* TARGET_ALPHA */
869

    
870
#ifdef TARGET_S390X
871

    
872
#define ELF_START_MMAP (0x20000000000ULL)
873

    
874
#define elf_check_arch(x) ( (x) == ELF_ARCH )
875

    
876
#define ELF_CLASS        ELFCLASS64
877
#define ELF_DATA        ELFDATA2MSB
878
#define ELF_ARCH        EM_S390
879

    
880
static inline void init_thread(struct target_pt_regs *regs, struct image_info *infop)
881
{
882
    regs->psw.addr = infop->entry;
883
    regs->psw.mask = PSW_MASK_64 | PSW_MASK_32;
884
    regs->gprs[15] = infop->start_stack;
885
}
886

    
887
#endif /* TARGET_S390X */
888

    
889
#ifndef ELF_PLATFORM
890
#define ELF_PLATFORM (NULL)
891
#endif
892

    
893
#ifndef ELF_HWCAP
894
#define ELF_HWCAP 0
895
#endif
896

    
897
#ifdef TARGET_ABI32
898
#undef ELF_CLASS
899
#define ELF_CLASS ELFCLASS32
900
#undef bswaptls
901
#define bswaptls(ptr) bswap32s(ptr)
902
#endif
903

    
904
#include "elf.h"
905

    
906
struct exec
907
{
908
    unsigned int a_info;   /* Use macros N_MAGIC, etc for access */
909
    unsigned int a_text;   /* length of text, in bytes */
910
    unsigned int a_data;   /* length of data, in bytes */
911
    unsigned int a_bss;    /* length of uninitialized data area, in bytes */
912
    unsigned int a_syms;   /* length of symbol table data in file, in bytes */
913
    unsigned int a_entry;  /* start address */
914
    unsigned int a_trsize; /* length of relocation info for text, in bytes */
915
    unsigned int a_drsize; /* length of relocation info for data, in bytes */
916
};
917

    
918

    
919
#define N_MAGIC(exec) ((exec).a_info & 0xffff)
920
#define OMAGIC 0407
921
#define NMAGIC 0410
922
#define ZMAGIC 0413
923
#define QMAGIC 0314
924

    
925
/* Necessary parameters */
926
#define TARGET_ELF_EXEC_PAGESIZE TARGET_PAGE_SIZE
927
#define TARGET_ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(TARGET_ELF_EXEC_PAGESIZE-1))
928
#define TARGET_ELF_PAGEOFFSET(_v) ((_v) & (TARGET_ELF_EXEC_PAGESIZE-1))
929

    
930
#define DLINFO_ITEMS 12
931

    
932
static inline void memcpy_fromfs(void * to, const void * from, unsigned long n)
933
{
934
    memcpy(to, from, n);
935
}
936

    
937
#ifdef BSWAP_NEEDED
938
static void bswap_ehdr(struct elfhdr *ehdr)
939
{
940
    bswap16s(&ehdr->e_type);            /* Object file type */
941
    bswap16s(&ehdr->e_machine);         /* Architecture */
942
    bswap32s(&ehdr->e_version);         /* Object file version */
943
    bswaptls(&ehdr->e_entry);           /* Entry point virtual address */
944
    bswaptls(&ehdr->e_phoff);           /* Program header table file offset */
945
    bswaptls(&ehdr->e_shoff);           /* Section header table file offset */
946
    bswap32s(&ehdr->e_flags);           /* Processor-specific flags */
947
    bswap16s(&ehdr->e_ehsize);          /* ELF header size in bytes */
948
    bswap16s(&ehdr->e_phentsize);       /* Program header table entry size */
949
    bswap16s(&ehdr->e_phnum);           /* Program header table entry count */
950
    bswap16s(&ehdr->e_shentsize);       /* Section header table entry size */
951
    bswap16s(&ehdr->e_shnum);           /* Section header table entry count */
952
    bswap16s(&ehdr->e_shstrndx);        /* Section header string table index */
953
}
954

    
955
static void bswap_phdr(struct elf_phdr *phdr, int phnum)
956
{
957
    int i;
958
    for (i = 0; i < phnum; ++i, ++phdr) {
959
        bswap32s(&phdr->p_type);        /* Segment type */
960
        bswap32s(&phdr->p_flags);       /* Segment flags */
961
        bswaptls(&phdr->p_offset);      /* Segment file offset */
962
        bswaptls(&phdr->p_vaddr);       /* Segment virtual address */
963
        bswaptls(&phdr->p_paddr);       /* Segment physical address */
964
        bswaptls(&phdr->p_filesz);      /* Segment size in file */
965
        bswaptls(&phdr->p_memsz);       /* Segment size in memory */
966
        bswaptls(&phdr->p_align);       /* Segment alignment */
967
    }
968
}
969

    
970
static void bswap_shdr(struct elf_shdr *shdr, int shnum)
971
{
972
    int i;
973
    for (i = 0; i < shnum; ++i, ++shdr) {
974
        bswap32s(&shdr->sh_name);
975
        bswap32s(&shdr->sh_type);
976
        bswaptls(&shdr->sh_flags);
977
        bswaptls(&shdr->sh_addr);
978
        bswaptls(&shdr->sh_offset);
979
        bswaptls(&shdr->sh_size);
980
        bswap32s(&shdr->sh_link);
981
        bswap32s(&shdr->sh_info);
982
        bswaptls(&shdr->sh_addralign);
983
        bswaptls(&shdr->sh_entsize);
984
    }
985
}
986

    
987
static void bswap_sym(struct elf_sym *sym)
988
{
989
    bswap32s(&sym->st_name);
990
    bswaptls(&sym->st_value);
991
    bswaptls(&sym->st_size);
992
    bswap16s(&sym->st_shndx);
993
}
994
#else
995
static inline void bswap_ehdr(struct elfhdr *ehdr) { }
996
static inline void bswap_phdr(struct elf_phdr *phdr, int phnum) { }
997
static inline void bswap_shdr(struct elf_shdr *shdr, int shnum) { }
998
static inline void bswap_sym(struct elf_sym *sym) { }
999
#endif
1000

    
1001
#ifdef USE_ELF_CORE_DUMP
1002
static int elf_core_dump(int, const CPUState *);
1003
#endif /* USE_ELF_CORE_DUMP */
1004
static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias);
1005

    
1006
/* Verify the portions of EHDR within E_IDENT for the target.
1007
   This can be performed before bswapping the entire header.  */
1008
static bool elf_check_ident(struct elfhdr *ehdr)
1009
{
1010
    return (ehdr->e_ident[EI_MAG0] == ELFMAG0
1011
            && ehdr->e_ident[EI_MAG1] == ELFMAG1
1012
            && ehdr->e_ident[EI_MAG2] == ELFMAG2
1013
            && ehdr->e_ident[EI_MAG3] == ELFMAG3
1014
            && ehdr->e_ident[EI_CLASS] == ELF_CLASS
1015
            && ehdr->e_ident[EI_DATA] == ELF_DATA
1016
            && ehdr->e_ident[EI_VERSION] == EV_CURRENT);
1017
}
1018

    
1019
/* Verify the portions of EHDR outside of E_IDENT for the target.
1020
   This has to wait until after bswapping the header.  */
1021
static bool elf_check_ehdr(struct elfhdr *ehdr)
1022
{
1023
    return (elf_check_arch(ehdr->e_machine)
1024
            && ehdr->e_ehsize == sizeof(struct elfhdr)
1025
            && ehdr->e_phentsize == sizeof(struct elf_phdr)
1026
            && ehdr->e_shentsize == sizeof(struct elf_shdr)
1027
            && (ehdr->e_type == ET_EXEC || ehdr->e_type == ET_DYN));
1028
}
1029

    
1030
/*
1031
 * 'copy_elf_strings()' copies argument/envelope strings from user
1032
 * memory to free pages in kernel mem. These are in a format ready
1033
 * to be put directly into the top of new user memory.
1034
 *
1035
 */
1036
static abi_ulong copy_elf_strings(int argc,char ** argv, void **page,
1037
                                  abi_ulong p)
1038
{
1039
    char *tmp, *tmp1, *pag = NULL;
1040
    int len, offset = 0;
1041

    
1042
    if (!p) {
1043
        return 0;       /* bullet-proofing */
1044
    }
1045
    while (argc-- > 0) {
1046
        tmp = argv[argc];
1047
        if (!tmp) {
1048
            fprintf(stderr, "VFS: argc is wrong");
1049
            exit(-1);
1050
        }
1051
        tmp1 = tmp;
1052
        while (*tmp++);
1053
        len = tmp - tmp1;
1054
        if (p < len) {  /* this shouldn't happen - 128kB */
1055
            return 0;
1056
        }
1057
        while (len) {
1058
            --p; --tmp; --len;
1059
            if (--offset < 0) {
1060
                offset = p % TARGET_PAGE_SIZE;
1061
                pag = (char *)page[p/TARGET_PAGE_SIZE];
1062
                if (!pag) {
1063
                    pag = (char *)malloc(TARGET_PAGE_SIZE);
1064
                    memset(pag, 0, TARGET_PAGE_SIZE);
1065
                    page[p/TARGET_PAGE_SIZE] = pag;
1066
                    if (!pag)
1067
                        return 0;
1068
                }
1069
            }
1070
            if (len == 0 || offset == 0) {
1071
                *(pag + offset) = *tmp;
1072
            }
1073
            else {
1074
                int bytes_to_copy = (len > offset) ? offset : len;
1075
                tmp -= bytes_to_copy;
1076
                p -= bytes_to_copy;
1077
                offset -= bytes_to_copy;
1078
                len -= bytes_to_copy;
1079
                memcpy_fromfs(pag + offset, tmp, bytes_to_copy + 1);
1080
            }
1081
        }
1082
    }
1083
    return p;
1084
}
1085

    
1086
static abi_ulong setup_arg_pages(abi_ulong p, struct linux_binprm *bprm,
1087
                                 struct image_info *info)
1088
{
1089
    abi_ulong stack_base, size, error, guard;
1090
    int i;
1091

    
1092
    /* Create enough stack to hold everything.  If we don't use
1093
       it for args, we'll use it for something else.  */
1094
    size = guest_stack_size;
1095
    if (size < MAX_ARG_PAGES*TARGET_PAGE_SIZE) {
1096
        size = MAX_ARG_PAGES*TARGET_PAGE_SIZE;
1097
    }
1098
    guard = TARGET_PAGE_SIZE;
1099
    if (guard < qemu_real_host_page_size) {
1100
        guard = qemu_real_host_page_size;
1101
    }
1102

    
1103
    error = target_mmap(0, size + guard, PROT_READ | PROT_WRITE,
1104
                        MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
1105
    if (error == -1) {
1106
        perror("mmap stack");
1107
        exit(-1);
1108
    }
1109

    
1110
    /* We reserve one extra page at the top of the stack as guard.  */
1111
    target_mprotect(error, guard, PROT_NONE);
1112

    
1113
    info->stack_limit = error + guard;
1114
    stack_base = info->stack_limit + size - MAX_ARG_PAGES*TARGET_PAGE_SIZE;
1115
    p += stack_base;
1116

    
1117
    for (i = 0 ; i < MAX_ARG_PAGES ; i++) {
1118
        if (bprm->page[i]) {
1119
            info->rss++;
1120
            /* FIXME - check return value of memcpy_to_target() for failure */
1121
            memcpy_to_target(stack_base, bprm->page[i], TARGET_PAGE_SIZE);
1122
            free(bprm->page[i]);
1123
        }
1124
        stack_base += TARGET_PAGE_SIZE;
1125
    }
1126
    return p;
1127
}
1128

    
1129
/* Map and zero the bss.  We need to explicitly zero any fractional pages
1130
   after the data section (i.e. bss).  */
1131
static void zero_bss(abi_ulong elf_bss, abi_ulong last_bss, int prot)
1132
{
1133
    uintptr_t host_start, host_map_start, host_end;
1134

    
1135
    last_bss = TARGET_PAGE_ALIGN(last_bss);
1136

    
1137
    /* ??? There is confusion between qemu_real_host_page_size and
1138
       qemu_host_page_size here and elsewhere in target_mmap, which
1139
       may lead to the end of the data section mapping from the file
1140
       not being mapped.  At least there was an explicit test and
1141
       comment for that here, suggesting that "the file size must
1142
       be known".  The comment probably pre-dates the introduction
1143
       of the fstat system call in target_mmap which does in fact
1144
       find out the size.  What isn't clear is if the workaround
1145
       here is still actually needed.  For now, continue with it,
1146
       but merge it with the "normal" mmap that would allocate the bss.  */
1147

    
1148
    host_start = (uintptr_t) g2h(elf_bss);
1149
    host_end = (uintptr_t) g2h(last_bss);
1150
    host_map_start = (host_start + qemu_real_host_page_size - 1);
1151
    host_map_start &= -qemu_real_host_page_size;
1152

    
1153
    if (host_map_start < host_end) {
1154
        void *p = mmap((void *)host_map_start, host_end - host_map_start,
1155
                       prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
1156
        if (p == MAP_FAILED) {
1157
            perror("cannot mmap brk");
1158
            exit(-1);
1159
        }
1160

    
1161
        /* Since we didn't use target_mmap, make sure to record
1162
           the validity of the pages with qemu.  */
1163
        page_set_flags(elf_bss & TARGET_PAGE_MASK, last_bss, prot|PAGE_VALID);
1164
    }
1165

    
1166
    if (host_start < host_map_start) {
1167
        memset((void *)host_start, 0, host_map_start - host_start);
1168
    }
1169
}
1170

    
1171
#ifdef CONFIG_USE_FDPIC
1172
static abi_ulong loader_build_fdpic_loadmap(struct image_info *info, abi_ulong sp)
1173
{
1174
    uint16_t n;
1175
    struct elf32_fdpic_loadseg *loadsegs = info->loadsegs;
1176

    
1177
    /* elf32_fdpic_loadseg */
1178
    n = info->nsegs;
1179
    while (n--) {
1180
        sp -= 12;
1181
        put_user_u32(loadsegs[n].addr, sp+0);
1182
        put_user_u32(loadsegs[n].p_vaddr, sp+4);
1183
        put_user_u32(loadsegs[n].p_memsz, sp+8);
1184
    }
1185

    
1186
    /* elf32_fdpic_loadmap */
1187
    sp -= 4;
1188
    put_user_u16(0, sp+0); /* version */
1189
    put_user_u16(info->nsegs, sp+2); /* nsegs */
1190

    
1191
    info->personality = PER_LINUX_FDPIC;
1192
    info->loadmap_addr = sp;
1193

    
1194
    return sp;
1195
}
1196
#endif
1197

    
1198
static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
1199
                                   struct elfhdr *exec,
1200
                                   struct image_info *info,
1201
                                   struct image_info *interp_info)
1202
{
1203
    abi_ulong sp;
1204
    int size;
1205
    abi_ulong u_platform;
1206
    const char *k_platform;
1207
    const int n = sizeof(elf_addr_t);
1208

    
1209
    sp = p;
1210

    
1211
#ifdef CONFIG_USE_FDPIC
1212
    /* Needs to be before we load the env/argc/... */
1213
    if (elf_is_fdpic(exec)) {
1214
        /* Need 4 byte alignment for these structs */
1215
        sp &= ~3;
1216
        sp = loader_build_fdpic_loadmap(info, sp);
1217
        info->other_info = interp_info;
1218
        if (interp_info) {
1219
            interp_info->other_info = info;
1220
            sp = loader_build_fdpic_loadmap(interp_info, sp);
1221
        }
1222
    }
1223
#endif
1224

    
1225
    u_platform = 0;
1226
    k_platform = ELF_PLATFORM;
1227
    if (k_platform) {
1228
        size_t len = strlen(k_platform) + 1;
1229
        sp -= (len + n - 1) & ~(n - 1);
1230
        u_platform = sp;
1231
        /* FIXME - check return value of memcpy_to_target() for failure */
1232
        memcpy_to_target(sp, k_platform, len);
1233
    }
1234
    /*
1235
     * Force 16 byte _final_ alignment here for generality.
1236
     */
1237
    sp = sp &~ (abi_ulong)15;
1238
    size = (DLINFO_ITEMS + 1) * 2;
1239
    if (k_platform)
1240
        size += 2;
1241
#ifdef DLINFO_ARCH_ITEMS
1242
    size += DLINFO_ARCH_ITEMS * 2;
1243
#endif
1244
    size += envc + argc + 2;
1245
    size += 1;  /* argc itself */
1246
    size *= n;
1247
    if (size & 15)
1248
        sp -= 16 - (size & 15);
1249

    
1250
    /* This is correct because Linux defines
1251
     * elf_addr_t as Elf32_Off / Elf64_Off
1252
     */
1253
#define NEW_AUX_ENT(id, val) do {               \
1254
        sp -= n; put_user_ual(val, sp);         \
1255
        sp -= n; put_user_ual(id, sp);          \
1256
    } while(0)
1257

    
1258
    NEW_AUX_ENT (AT_NULL, 0);
1259

    
1260
    /* There must be exactly DLINFO_ITEMS entries here.  */
1261
    NEW_AUX_ENT(AT_PHDR, (abi_ulong)(info->load_addr + exec->e_phoff));
1262
    NEW_AUX_ENT(AT_PHENT, (abi_ulong)(sizeof (struct elf_phdr)));
1263
    NEW_AUX_ENT(AT_PHNUM, (abi_ulong)(exec->e_phnum));
1264
    NEW_AUX_ENT(AT_PAGESZ, (abi_ulong)(TARGET_PAGE_SIZE));
1265
    NEW_AUX_ENT(AT_BASE, (abi_ulong)(interp_info ? interp_info->load_addr : 0));
1266
    NEW_AUX_ENT(AT_FLAGS, (abi_ulong)0);
1267
    NEW_AUX_ENT(AT_ENTRY, info->entry);
1268
    NEW_AUX_ENT(AT_UID, (abi_ulong) getuid());
1269
    NEW_AUX_ENT(AT_EUID, (abi_ulong) geteuid());
1270
    NEW_AUX_ENT(AT_GID, (abi_ulong) getgid());
1271
    NEW_AUX_ENT(AT_EGID, (abi_ulong) getegid());
1272
    NEW_AUX_ENT(AT_HWCAP, (abi_ulong) ELF_HWCAP);
1273
    NEW_AUX_ENT(AT_CLKTCK, (abi_ulong) sysconf(_SC_CLK_TCK));
1274
    if (k_platform)
1275
        NEW_AUX_ENT(AT_PLATFORM, u_platform);
1276
#ifdef ARCH_DLINFO
1277
    /*
1278
     * ARCH_DLINFO must come last so platform specific code can enforce
1279
     * special alignment requirements on the AUXV if necessary (eg. PPC).
1280
     */
1281
    ARCH_DLINFO;
1282
#endif
1283
#undef NEW_AUX_ENT
1284

    
1285
    info->saved_auxv = sp;
1286

    
1287
    sp = loader_build_argptr(envc, argc, sp, p, 0);
1288
    return sp;
1289
}
1290

    
1291
/* Load an ELF image into the address space.
1292

1293
   IMAGE_NAME is the filename of the image, to use in error messages.
1294
   IMAGE_FD is the open file descriptor for the image.
1295

1296
   BPRM_BUF is a copy of the beginning of the file; this of course
1297
   contains the elf file header at offset 0.  It is assumed that this
1298
   buffer is sufficiently aligned to present no problems to the host
1299
   in accessing data at aligned offsets within the buffer.
1300

1301
   On return: INFO values will be filled in, as necessary or available.  */
1302

    
1303
static void load_elf_image(const char *image_name, int image_fd,
1304
                           struct image_info *info, char **pinterp_name,
1305
                           char bprm_buf[BPRM_BUF_SIZE])
1306
{
1307
    struct elfhdr *ehdr = (struct elfhdr *)bprm_buf;
1308
    struct elf_phdr *phdr;
1309
    abi_ulong load_addr, load_bias, loaddr, hiaddr, error;
1310
    int i, retval;
1311
    const char *errmsg;
1312

    
1313
    /* First of all, some simple consistency checks */
1314
    errmsg = "Invalid ELF image for this architecture";
1315
    if (!elf_check_ident(ehdr)) {
1316
        goto exit_errmsg;
1317
    }
1318
    bswap_ehdr(ehdr);
1319
    if (!elf_check_ehdr(ehdr)) {
1320
        goto exit_errmsg;
1321
    }
1322

    
1323
    i = ehdr->e_phnum * sizeof(struct elf_phdr);
1324
    if (ehdr->e_phoff + i <= BPRM_BUF_SIZE) {
1325
        phdr = (struct elf_phdr *)(bprm_buf + ehdr->e_phoff);
1326
    } else {
1327
        phdr = (struct elf_phdr *) alloca(i);
1328
        retval = pread(image_fd, phdr, i, ehdr->e_phoff);
1329
        if (retval != i) {
1330
            goto exit_read;
1331
        }
1332
    }
1333
    bswap_phdr(phdr, ehdr->e_phnum);
1334

    
1335
#ifdef CONFIG_USE_FDPIC
1336
    info->nsegs = 0;
1337
    info->pt_dynamic_addr = 0;
1338
#endif
1339

    
1340
    /* Find the maximum size of the image and allocate an appropriate
1341
       amount of memory to handle that.  */
1342
    loaddr = -1, hiaddr = 0;
1343
    for (i = 0; i < ehdr->e_phnum; ++i) {
1344
        if (phdr[i].p_type == PT_LOAD) {
1345
            abi_ulong a = phdr[i].p_vaddr;
1346
            if (a < loaddr) {
1347
                loaddr = a;
1348
            }
1349
            a += phdr[i].p_memsz;
1350
            if (a > hiaddr) {
1351
                hiaddr = a;
1352
            }
1353
#ifdef CONFIG_USE_FDPIC
1354
            ++info->nsegs;
1355
#endif
1356
        }
1357
    }
1358

    
1359
    load_addr = loaddr;
1360
    if (ehdr->e_type == ET_DYN) {
1361
        /* The image indicates that it can be loaded anywhere.  Find a
1362
           location that can hold the memory space required.  If the
1363
           image is pre-linked, LOADDR will be non-zero.  Since we do
1364
           not supply MAP_FIXED here we'll use that address if and
1365
           only if it remains available.  */
1366
        load_addr = target_mmap(loaddr, hiaddr - loaddr, PROT_NONE,
1367
                                MAP_PRIVATE | MAP_ANON | MAP_NORESERVE,
1368
                                -1, 0);
1369
        if (load_addr == -1) {
1370
            goto exit_perror;
1371
        }
1372
    } else if (pinterp_name != NULL) {
1373
        /* This is the main executable.  Make sure that the low
1374
           address does not conflict with MMAP_MIN_ADDR or the
1375
           QEMU application itself.  */
1376
#if defined(CONFIG_USE_GUEST_BASE)
1377
        /*
1378
         * In case where user has not explicitly set the guest_base, we
1379
         * probe here that should we set it automatically.
1380
         */
1381
        if (!have_guest_base && !reserved_va) {
1382
            unsigned long host_start, real_start, host_size;
1383

    
1384
            /* Round addresses to page boundaries.  */
1385
            loaddr &= qemu_host_page_mask;
1386
            hiaddr = HOST_PAGE_ALIGN(hiaddr);
1387

    
1388
            if (loaddr < mmap_min_addr) {
1389
                host_start = HOST_PAGE_ALIGN(mmap_min_addr);
1390
            } else {
1391
                host_start = loaddr;
1392
                if (host_start != loaddr) {
1393
                    errmsg = "Address overflow loading ELF binary";
1394
                    goto exit_errmsg;
1395
                }
1396
            }
1397
            host_size = hiaddr - loaddr;
1398
            while (1) {
1399
                /* Do not use mmap_find_vma here because that is limited to the
1400
                   guest address space.  We are going to make the
1401
                   guest address space fit whatever we're given.  */
1402
                real_start = (unsigned long)
1403
                    mmap((void *)host_start, host_size, PROT_NONE,
1404
                         MAP_ANONYMOUS | MAP_PRIVATE | MAP_NORESERVE, -1, 0);
1405
                if (real_start == (unsigned long)-1) {
1406
                    goto exit_perror;
1407
                }
1408
                if (real_start == host_start) {
1409
                    break;
1410
                }
1411
                /* That address didn't work.  Unmap and try a different one.
1412
                   The address the host picked because is typically right at
1413
                   the top of the host address space and leaves the guest with
1414
                   no usable address space.  Resort to a linear search.  We
1415
                   already compensated for mmap_min_addr, so this should not
1416
                   happen often.  Probably means we got unlucky and host
1417
                   address space randomization put a shared library somewhere
1418
                   inconvenient.  */
1419
                munmap((void *)real_start, host_size);
1420
                host_start += qemu_host_page_size;
1421
                if (host_start == loaddr) {
1422
                    /* Theoretically possible if host doesn't have any suitably
1423
                       aligned areas.  Normally the first mmap will fail.  */
1424
                    errmsg = "Unable to find space for application";
1425
                    goto exit_errmsg;
1426
                }
1427
            }
1428
            qemu_log("Relocating guest address space from 0x"
1429
                     TARGET_ABI_FMT_lx " to 0x%lx\n", loaddr, real_start);
1430
            guest_base = real_start - loaddr;
1431
        }
1432
#endif
1433
    }
1434
    load_bias = load_addr - loaddr;
1435

    
1436
#ifdef CONFIG_USE_FDPIC
1437
    {
1438
        struct elf32_fdpic_loadseg *loadsegs = info->loadsegs =
1439
            qemu_malloc(sizeof(*loadsegs) * info->nsegs);
1440

    
1441
        for (i = 0; i < ehdr->e_phnum; ++i) {
1442
            switch (phdr[i].p_type) {
1443
            case PT_DYNAMIC:
1444
                info->pt_dynamic_addr = phdr[i].p_vaddr + load_bias;
1445
                break;
1446
            case PT_LOAD:
1447
                loadsegs->addr = phdr[i].p_vaddr + load_bias;
1448
                loadsegs->p_vaddr = phdr[i].p_vaddr;
1449
                loadsegs->p_memsz = phdr[i].p_memsz;
1450
                ++loadsegs;
1451
                break;
1452
            }
1453
        }
1454
    }
1455
#endif
1456

    
1457
    info->load_bias = load_bias;
1458
    info->load_addr = load_addr;
1459
    info->entry = ehdr->e_entry + load_bias;
1460
    info->start_code = -1;
1461
    info->end_code = 0;
1462
    info->start_data = -1;
1463
    info->end_data = 0;
1464
    info->brk = 0;
1465

    
1466
    for (i = 0; i < ehdr->e_phnum; i++) {
1467
        struct elf_phdr *eppnt = phdr + i;
1468
        if (eppnt->p_type == PT_LOAD) {
1469
            abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em;
1470
            int elf_prot = 0;
1471

    
1472
            if (eppnt->p_flags & PF_R) elf_prot =  PROT_READ;
1473
            if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
1474
            if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
1475

    
1476
            vaddr = load_bias + eppnt->p_vaddr;
1477
            vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr);
1478
            vaddr_ps = TARGET_ELF_PAGESTART(vaddr);
1479

    
1480
            error = target_mmap(vaddr_ps, eppnt->p_filesz + vaddr_po,
1481
                                elf_prot, MAP_PRIVATE | MAP_FIXED,
1482
                                image_fd, eppnt->p_offset - vaddr_po);
1483
            if (error == -1) {
1484
                goto exit_perror;
1485
            }
1486

    
1487
            vaddr_ef = vaddr + eppnt->p_filesz;
1488
            vaddr_em = vaddr + eppnt->p_memsz;
1489

    
1490
            /* If the load segment requests extra zeros (e.g. bss), map it.  */
1491
            if (vaddr_ef < vaddr_em) {
1492
                zero_bss(vaddr_ef, vaddr_em, elf_prot);
1493
            }
1494

    
1495
            /* Find the full program boundaries.  */
1496
            if (elf_prot & PROT_EXEC) {
1497
                if (vaddr < info->start_code) {
1498
                    info->start_code = vaddr;
1499
                }
1500
                if (vaddr_ef > info->end_code) {
1501
                    info->end_code = vaddr_ef;
1502
                }
1503
            }
1504
            if (elf_prot & PROT_WRITE) {
1505
                if (vaddr < info->start_data) {
1506
                    info->start_data = vaddr;
1507
                }
1508
                if (vaddr_ef > info->end_data) {
1509
                    info->end_data = vaddr_ef;
1510
                }
1511
                if (vaddr_em > info->brk) {
1512
                    info->brk = vaddr_em;
1513
                }
1514
            }
1515
        } else if (eppnt->p_type == PT_INTERP && pinterp_name) {
1516
            char *interp_name;
1517

    
1518
            if (*pinterp_name) {
1519
                errmsg = "Multiple PT_INTERP entries";
1520
                goto exit_errmsg;
1521
            }
1522
            interp_name = malloc(eppnt->p_filesz);
1523
            if (!interp_name) {
1524
                goto exit_perror;
1525
            }
1526

    
1527
            if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
1528
                memcpy(interp_name, bprm_buf + eppnt->p_offset,
1529
                       eppnt->p_filesz);
1530
            } else {
1531
                retval = pread(image_fd, interp_name, eppnt->p_filesz,
1532
                               eppnt->p_offset);
1533
                if (retval != eppnt->p_filesz) {
1534
                    goto exit_perror;
1535
                }
1536
            }
1537
            if (interp_name[eppnt->p_filesz - 1] != 0) {
1538
                errmsg = "Invalid PT_INTERP entry";
1539
                goto exit_errmsg;
1540
            }
1541
            *pinterp_name = interp_name;
1542
        }
1543
    }
1544

    
1545
    if (info->end_data == 0) {
1546
        info->start_data = info->end_code;
1547
        info->end_data = info->end_code;
1548
        info->brk = info->end_code;
1549
    }
1550

    
1551
    if (qemu_log_enabled()) {
1552
        load_symbols(ehdr, image_fd, load_bias);
1553
    }
1554

    
1555
    close(image_fd);
1556
    return;
1557

    
1558
 exit_read:
1559
    if (retval >= 0) {
1560
        errmsg = "Incomplete read of file header";
1561
        goto exit_errmsg;
1562
    }
1563
 exit_perror:
1564
    errmsg = strerror(errno);
1565
 exit_errmsg:
1566
    fprintf(stderr, "%s: %s\n", image_name, errmsg);
1567
    exit(-1);
1568
}
1569

    
1570
static void load_elf_interp(const char *filename, struct image_info *info,
1571
                            char bprm_buf[BPRM_BUF_SIZE])
1572
{
1573
    int fd, retval;
1574

    
1575
    fd = open(path(filename), O_RDONLY);
1576
    if (fd < 0) {
1577
        goto exit_perror;
1578
    }
1579

    
1580
    retval = read(fd, bprm_buf, BPRM_BUF_SIZE);
1581
    if (retval < 0) {
1582
        goto exit_perror;
1583
    }
1584
    if (retval < BPRM_BUF_SIZE) {
1585
        memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval);
1586
    }
1587

    
1588
    load_elf_image(filename, fd, info, NULL, bprm_buf);
1589
    return;
1590

    
1591
 exit_perror:
1592
    fprintf(stderr, "%s: %s\n", filename, strerror(errno));
1593
    exit(-1);
1594
}
1595

    
1596
static int symfind(const void *s0, const void *s1)
1597
{
1598
    struct elf_sym *key = (struct elf_sym *)s0;
1599
    struct elf_sym *sym = (struct elf_sym *)s1;
1600
    int result = 0;
1601
    if (key->st_value < sym->st_value) {
1602
        result = -1;
1603
    } else if (key->st_value >= sym->st_value + sym->st_size) {
1604
        result = 1;
1605
    }
1606
    return result;
1607
}
1608

    
1609
static const char *lookup_symbolxx(struct syminfo *s, target_ulong orig_addr)
1610
{
1611
#if ELF_CLASS == ELFCLASS32
1612
    struct elf_sym *syms = s->disas_symtab.elf32;
1613
#else
1614
    struct elf_sym *syms = s->disas_symtab.elf64;
1615
#endif
1616

    
1617
    // binary search
1618
    struct elf_sym key;
1619
    struct elf_sym *sym;
1620

    
1621
    key.st_value = orig_addr;
1622

    
1623
    sym = bsearch(&key, syms, s->disas_num_syms, sizeof(*syms), symfind);
1624
    if (sym != NULL) {
1625
        return s->disas_strtab + sym->st_name;
1626
    }
1627

    
1628
    return "";
1629
}
1630

    
1631
/* FIXME: This should use elf_ops.h  */
1632
static int symcmp(const void *s0, const void *s1)
1633
{
1634
    struct elf_sym *sym0 = (struct elf_sym *)s0;
1635
    struct elf_sym *sym1 = (struct elf_sym *)s1;
1636
    return (sym0->st_value < sym1->st_value)
1637
        ? -1
1638
        : ((sym0->st_value > sym1->st_value) ? 1 : 0);
1639
}
1640

    
1641
/* Best attempt to load symbols from this ELF object. */
1642
static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias)
1643
{
1644
    int i, shnum, nsyms, sym_idx = 0, str_idx = 0;
1645
    struct elf_shdr *shdr;
1646
    char *strings;
1647
    struct syminfo *s;
1648
    struct elf_sym *syms, *new_syms;
1649

    
1650
    shnum = hdr->e_shnum;
1651
    i = shnum * sizeof(struct elf_shdr);
1652
    shdr = (struct elf_shdr *)alloca(i);
1653
    if (pread(fd, shdr, i, hdr->e_shoff) != i) {
1654
        return;
1655
    }
1656

    
1657
    bswap_shdr(shdr, shnum);
1658
    for (i = 0; i < shnum; ++i) {
1659
        if (shdr[i].sh_type == SHT_SYMTAB) {
1660
            sym_idx = i;
1661
            str_idx = shdr[i].sh_link;
1662
            goto found;
1663
        }
1664
    }
1665

    
1666
    /* There will be no symbol table if the file was stripped.  */
1667
    return;
1668

    
1669
 found:
1670
    /* Now know where the strtab and symtab are.  Snarf them.  */
1671
    s = malloc(sizeof(*s));
1672
    if (!s) {
1673
        return;
1674
    }
1675

    
1676
    i = shdr[str_idx].sh_size;
1677
    s->disas_strtab = strings = malloc(i);
1678
    if (!strings || pread(fd, strings, i, shdr[str_idx].sh_offset) != i) {
1679
        free(s);
1680
        free(strings);
1681
        return;
1682
    }
1683

    
1684
    i = shdr[sym_idx].sh_size;
1685
    syms = malloc(i);
1686
    if (!syms || pread(fd, syms, i, shdr[sym_idx].sh_offset) != i) {
1687
        free(s);
1688
        free(strings);
1689
        free(syms);
1690
        return;
1691
    }
1692

    
1693
    nsyms = i / sizeof(struct elf_sym);
1694
    for (i = 0; i < nsyms; ) {
1695
        bswap_sym(syms + i);
1696
        /* Throw away entries which we do not need.  */
1697
        if (syms[i].st_shndx == SHN_UNDEF
1698
            || syms[i].st_shndx >= SHN_LORESERVE
1699
            || ELF_ST_TYPE(syms[i].st_info) != STT_FUNC) {
1700
            if (i < --nsyms) {
1701
                syms[i] = syms[nsyms];
1702
            }
1703
        } else {
1704
#if defined(TARGET_ARM) || defined (TARGET_MIPS)
1705
            /* The bottom address bit marks a Thumb or MIPS16 symbol.  */
1706
            syms[i].st_value &= ~(target_ulong)1;
1707
#endif
1708
            syms[i].st_value += load_bias;
1709
            i++;
1710
        }
1711
    }
1712

    
1713
    /* Attempt to free the storage associated with the local symbols
1714
       that we threw away.  Whether or not this has any effect on the
1715
       memory allocation depends on the malloc implementation and how
1716
       many symbols we managed to discard.  */
1717
    new_syms = realloc(syms, nsyms * sizeof(*syms));
1718
    if (new_syms == NULL) {
1719
        free(s);
1720
        free(syms);
1721
        free(strings);
1722
        return;
1723
    }
1724
    syms = new_syms;
1725

    
1726
    qsort(syms, nsyms, sizeof(*syms), symcmp);
1727

    
1728
    s->disas_num_syms = nsyms;
1729
#if ELF_CLASS == ELFCLASS32
1730
    s->disas_symtab.elf32 = syms;
1731
#else
1732
    s->disas_symtab.elf64 = syms;
1733
#endif
1734
    s->lookup_symbol = lookup_symbolxx;
1735
    s->next = syminfos;
1736
    syminfos = s;
1737
}
1738

    
1739
int load_elf_binary(struct linux_binprm * bprm, struct target_pt_regs * regs,
1740
                    struct image_info * info)
1741
{
1742
    struct image_info interp_info;
1743
    struct elfhdr elf_ex;
1744
    char *elf_interpreter = NULL;
1745

    
1746
    info->start_mmap = (abi_ulong)ELF_START_MMAP;
1747
    info->mmap = 0;
1748
    info->rss = 0;
1749

    
1750
    load_elf_image(bprm->filename, bprm->fd, info,
1751
                   &elf_interpreter, bprm->buf);
1752

    
1753
    /* ??? We need a copy of the elf header for passing to create_elf_tables.
1754
       If we do nothing, we'll have overwritten this when we re-use bprm->buf
1755
       when we load the interpreter.  */
1756
    elf_ex = *(struct elfhdr *)bprm->buf;
1757

    
1758
    bprm->p = copy_elf_strings(1, &bprm->filename, bprm->page, bprm->p);
1759
    bprm->p = copy_elf_strings(bprm->envc,bprm->envp,bprm->page,bprm->p);
1760
    bprm->p = copy_elf_strings(bprm->argc,bprm->argv,bprm->page,bprm->p);
1761
    if (!bprm->p) {
1762
        fprintf(stderr, "%s: %s\n", bprm->filename, strerror(E2BIG));
1763
        exit(-1);
1764
    }
1765

    
1766
    /* Do this so that we can load the interpreter, if need be.  We will
1767
       change some of these later */
1768
    bprm->p = setup_arg_pages(bprm->p, bprm, info);
1769

    
1770
    if (elf_interpreter) {
1771
        load_elf_interp(elf_interpreter, &interp_info, bprm->buf);
1772

    
1773
        /* If the program interpreter is one of these two, then assume
1774
           an iBCS2 image.  Otherwise assume a native linux image.  */
1775

    
1776
        if (strcmp(elf_interpreter, "/usr/lib/libc.so.1") == 0
1777
            || strcmp(elf_interpreter, "/usr/lib/ld.so.1") == 0) {
1778
            info->personality = PER_SVR4;
1779

    
1780
            /* Why this, you ask???  Well SVr4 maps page 0 as read-only,
1781
               and some applications "depend" upon this behavior.  Since
1782
               we do not have the power to recompile these, we emulate
1783
               the SVr4 behavior.  Sigh.  */
1784
            target_mmap(0, qemu_host_page_size, PROT_READ | PROT_EXEC,
1785
                        MAP_FIXED | MAP_PRIVATE, -1, 0);
1786
        }
1787
    }
1788

    
1789
    bprm->p = create_elf_tables(bprm->p, bprm->argc, bprm->envc, &elf_ex,
1790
                                info, (elf_interpreter ? &interp_info : NULL));
1791
    info->start_stack = bprm->p;
1792

    
1793
    /* If we have an interpreter, set that as the program's entry point.
1794
       Copy the load_addr as well, to help PPC64 interpret the entry
1795
       point as a function descriptor.  Do this after creating elf tables
1796
       so that we copy the original program entry point into the AUXV.  */
1797
    if (elf_interpreter) {
1798
        info->load_addr = interp_info.load_addr;
1799
        info->entry = interp_info.entry;
1800
        free(elf_interpreter);
1801
    }
1802

    
1803
#ifdef USE_ELF_CORE_DUMP
1804
    bprm->core_dump = &elf_core_dump;
1805
#endif
1806

    
1807
    return 0;
1808
}
1809

    
1810
#ifdef USE_ELF_CORE_DUMP
1811
/*
1812
 * Definitions to generate Intel SVR4-like core files.
1813
 * These mostly have the same names as the SVR4 types with "target_elf_"
1814
 * tacked on the front to prevent clashes with linux definitions,
1815
 * and the typedef forms have been avoided.  This is mostly like
1816
 * the SVR4 structure, but more Linuxy, with things that Linux does
1817
 * not support and which gdb doesn't really use excluded.
1818
 *
1819
 * Fields we don't dump (their contents is zero) in linux-user qemu
1820
 * are marked with XXX.
1821
 *
1822
 * Core dump code is copied from linux kernel (fs/binfmt_elf.c).
1823
 *
1824
 * Porting ELF coredump for target is (quite) simple process.  First you
1825
 * define USE_ELF_CORE_DUMP in target ELF code (where init_thread() for
1826
 * the target resides):
1827
 *
1828
 * #define USE_ELF_CORE_DUMP
1829
 *
1830
 * Next you define type of register set used for dumping.  ELF specification
1831
 * says that it needs to be array of elf_greg_t that has size of ELF_NREG.
1832
 *
1833
 * typedef <target_regtype> target_elf_greg_t;
1834
 * #define ELF_NREG <number of registers>
1835
 * typedef taret_elf_greg_t target_elf_gregset_t[ELF_NREG];
1836
 *
1837
 * Last step is to implement target specific function that copies registers
1838
 * from given cpu into just specified register set.  Prototype is:
1839
 *
1840
 * static void elf_core_copy_regs(taret_elf_gregset_t *regs,
1841
 *                                const CPUState *env);
1842
 *
1843
 * Parameters:
1844
 *     regs - copy register values into here (allocated and zeroed by caller)
1845
 *     env - copy registers from here
1846
 *
1847
 * Example for ARM target is provided in this file.
1848
 */
1849

    
1850
/* An ELF note in memory */
1851
struct memelfnote {
1852
    const char *name;
1853
    size_t     namesz;
1854
    size_t     namesz_rounded;
1855
    int        type;
1856
    size_t     datasz;
1857
    size_t     datasz_rounded;
1858
    void       *data;
1859
    size_t     notesz;
1860
};
1861

    
1862
struct target_elf_siginfo {
1863
    target_int  si_signo; /* signal number */
1864
    target_int  si_code;  /* extra code */
1865
    target_int  si_errno; /* errno */
1866
};
1867

    
1868
struct target_elf_prstatus {
1869
    struct target_elf_siginfo pr_info;      /* Info associated with signal */
1870
    target_short       pr_cursig;    /* Current signal */
1871
    target_ulong       pr_sigpend;   /* XXX */
1872
    target_ulong       pr_sighold;   /* XXX */
1873
    target_pid_t       pr_pid;
1874
    target_pid_t       pr_ppid;
1875
    target_pid_t       pr_pgrp;
1876
    target_pid_t       pr_sid;
1877
    struct target_timeval pr_utime;  /* XXX User time */
1878
    struct target_timeval pr_stime;  /* XXX System time */
1879
    struct target_timeval pr_cutime; /* XXX Cumulative user time */
1880
    struct target_timeval pr_cstime; /* XXX Cumulative system time */
1881
    target_elf_gregset_t      pr_reg;       /* GP registers */
1882
    target_int         pr_fpvalid;   /* XXX */
1883
};
1884

    
1885
#define ELF_PRARGSZ     (80) /* Number of chars for args */
1886

    
1887
struct target_elf_prpsinfo {
1888
    char         pr_state;       /* numeric process state */
1889
    char         pr_sname;       /* char for pr_state */
1890
    char         pr_zomb;        /* zombie */
1891
    char         pr_nice;        /* nice val */
1892
    target_ulong pr_flag;        /* flags */
1893
    target_uid_t pr_uid;
1894
    target_gid_t pr_gid;
1895
    target_pid_t pr_pid, pr_ppid, pr_pgrp, pr_sid;
1896
    /* Lots missing */
1897
    char    pr_fname[16];           /* filename of executable */
1898
    char    pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
1899
};
1900

    
1901
/* Here is the structure in which status of each thread is captured. */
1902
struct elf_thread_status {
1903
    QTAILQ_ENTRY(elf_thread_status)  ets_link;
1904
    struct target_elf_prstatus prstatus;   /* NT_PRSTATUS */
1905
#if 0
1906
    elf_fpregset_t fpu;             /* NT_PRFPREG */
1907
    struct task_struct *thread;
1908
    elf_fpxregset_t xfpu;           /* ELF_CORE_XFPREG_TYPE */
1909
#endif
1910
    struct memelfnote notes[1];
1911
    int num_notes;
1912
};
1913

    
1914
struct elf_note_info {
1915
    struct memelfnote   *notes;
1916
    struct target_elf_prstatus *prstatus;  /* NT_PRSTATUS */
1917
    struct target_elf_prpsinfo *psinfo;    /* NT_PRPSINFO */
1918

    
1919
    QTAILQ_HEAD(thread_list_head, elf_thread_status) thread_list;
1920
#if 0
1921
    /*
1922
     * Current version of ELF coredump doesn't support
1923
     * dumping fp regs etc.
1924
     */
1925
    elf_fpregset_t *fpu;
1926
    elf_fpxregset_t *xfpu;
1927
    int thread_status_size;
1928
#endif
1929
    int notes_size;
1930
    int numnote;
1931
};
1932

    
1933
struct vm_area_struct {
1934
    abi_ulong   vma_start;  /* start vaddr of memory region */
1935
    abi_ulong   vma_end;    /* end vaddr of memory region */
1936
    abi_ulong   vma_flags;  /* protection etc. flags for the region */
1937
    QTAILQ_ENTRY(vm_area_struct) vma_link;
1938
};
1939

    
1940
struct mm_struct {
1941
    QTAILQ_HEAD(, vm_area_struct) mm_mmap;
1942
    int mm_count;           /* number of mappings */
1943
};
1944

    
1945
static struct mm_struct *vma_init(void);
1946
static void vma_delete(struct mm_struct *);
1947
static int vma_add_mapping(struct mm_struct *, abi_ulong,
1948
                           abi_ulong, abi_ulong);
1949
static int vma_get_mapping_count(const struct mm_struct *);
1950
static struct vm_area_struct *vma_first(const struct mm_struct *);
1951
static struct vm_area_struct *vma_next(struct vm_area_struct *);
1952
static abi_ulong vma_dump_size(const struct vm_area_struct *);
1953
static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
1954
                      unsigned long flags);
1955

    
1956
static void fill_elf_header(struct elfhdr *, int, uint16_t, uint32_t);
1957
static void fill_note(struct memelfnote *, const char *, int,
1958
                      unsigned int, void *);
1959
static void fill_prstatus(struct target_elf_prstatus *, const TaskState *, int);
1960
static int fill_psinfo(struct target_elf_prpsinfo *, const TaskState *);
1961
static void fill_auxv_note(struct memelfnote *, const TaskState *);
1962
static void fill_elf_note_phdr(struct elf_phdr *, int, off_t);
1963
static size_t note_size(const struct memelfnote *);
1964
static void free_note_info(struct elf_note_info *);
1965
static int fill_note_info(struct elf_note_info *, long, const CPUState *);
1966
static void fill_thread_info(struct elf_note_info *, const CPUState *);
1967
static int core_dump_filename(const TaskState *, char *, size_t);
1968

    
1969
static int dump_write(int, const void *, size_t);
1970
static int write_note(struct memelfnote *, int);
1971
static int write_note_info(struct elf_note_info *, int);
1972

    
1973
#ifdef BSWAP_NEEDED
1974
static void bswap_prstatus(struct target_elf_prstatus *prstatus)
1975
{
1976
    prstatus->pr_info.si_signo = tswapl(prstatus->pr_info.si_signo);
1977
    prstatus->pr_info.si_code = tswapl(prstatus->pr_info.si_code);
1978
    prstatus->pr_info.si_errno = tswapl(prstatus->pr_info.si_errno);
1979
    prstatus->pr_cursig = tswap16(prstatus->pr_cursig);
1980
    prstatus->pr_sigpend = tswapl(prstatus->pr_sigpend);
1981
    prstatus->pr_sighold = tswapl(prstatus->pr_sighold);
1982
    prstatus->pr_pid = tswap32(prstatus->pr_pid);
1983
    prstatus->pr_ppid = tswap32(prstatus->pr_ppid);
1984
    prstatus->pr_pgrp = tswap32(prstatus->pr_pgrp);
1985
    prstatus->pr_sid = tswap32(prstatus->pr_sid);
1986
    /* cpu times are not filled, so we skip them */
1987
    /* regs should be in correct format already */
1988
    prstatus->pr_fpvalid = tswap32(prstatus->pr_fpvalid);
1989
}
1990

    
1991
static void bswap_psinfo(struct target_elf_prpsinfo *psinfo)
1992
{
1993
    psinfo->pr_flag = tswapl(psinfo->pr_flag);
1994
    psinfo->pr_uid = tswap16(psinfo->pr_uid);
1995
    psinfo->pr_gid = tswap16(psinfo->pr_gid);
1996
    psinfo->pr_pid = tswap32(psinfo->pr_pid);
1997
    psinfo->pr_ppid = tswap32(psinfo->pr_ppid);
1998
    psinfo->pr_pgrp = tswap32(psinfo->pr_pgrp);
1999
    psinfo->pr_sid = tswap32(psinfo->pr_sid);
2000
}
2001

    
2002
static void bswap_note(struct elf_note *en)
2003
{
2004
    bswap32s(&en->n_namesz);
2005
    bswap32s(&en->n_descsz);
2006
    bswap32s(&en->n_type);
2007
}
2008
#else
2009
static inline void bswap_prstatus(struct target_elf_prstatus *p) { }
2010
static inline void bswap_psinfo(struct target_elf_prpsinfo *p) {}
2011
static inline void bswap_note(struct elf_note *en) { }
2012
#endif /* BSWAP_NEEDED */
2013

    
2014
/*
2015
 * Minimal support for linux memory regions.  These are needed
2016
 * when we are finding out what memory exactly belongs to
2017
 * emulated process.  No locks needed here, as long as
2018
 * thread that received the signal is stopped.
2019
 */
2020

    
2021
static struct mm_struct *vma_init(void)
2022
{
2023
    struct mm_struct *mm;
2024

    
2025
    if ((mm = qemu_malloc(sizeof (*mm))) == NULL)
2026
        return (NULL);
2027

    
2028
    mm->mm_count = 0;
2029
    QTAILQ_INIT(&mm->mm_mmap);
2030

    
2031
    return (mm);
2032
}
2033

    
2034
static void vma_delete(struct mm_struct *mm)
2035
{
2036
    struct vm_area_struct *vma;
2037

    
2038
    while ((vma = vma_first(mm)) != NULL) {
2039
        QTAILQ_REMOVE(&mm->mm_mmap, vma, vma_link);
2040
        qemu_free(vma);
2041
    }
2042
    qemu_free(mm);
2043
}
2044

    
2045
static int vma_add_mapping(struct mm_struct *mm, abi_ulong start,
2046
                           abi_ulong end, abi_ulong flags)
2047
{
2048
    struct vm_area_struct *vma;
2049

    
2050
    if ((vma = qemu_mallocz(sizeof (*vma))) == NULL)
2051
        return (-1);
2052

    
2053
    vma->vma_start = start;
2054
    vma->vma_end = end;
2055
    vma->vma_flags = flags;
2056

    
2057
    QTAILQ_INSERT_TAIL(&mm->mm_mmap, vma, vma_link);
2058
    mm->mm_count++;
2059

    
2060
    return (0);
2061
}
2062

    
2063
static struct vm_area_struct *vma_first(const struct mm_struct *mm)
2064
{
2065
    return (QTAILQ_FIRST(&mm->mm_mmap));
2066
}
2067

    
2068
static struct vm_area_struct *vma_next(struct vm_area_struct *vma)
2069
{
2070
    return (QTAILQ_NEXT(vma, vma_link));
2071
}
2072

    
2073
static int vma_get_mapping_count(const struct mm_struct *mm)
2074
{
2075
    return (mm->mm_count);
2076
}
2077

    
2078
/*
2079
 * Calculate file (dump) size of given memory region.
2080
 */
2081
static abi_ulong vma_dump_size(const struct vm_area_struct *vma)
2082
{
2083
    /* if we cannot even read the first page, skip it */
2084
    if (!access_ok(VERIFY_READ, vma->vma_start, TARGET_PAGE_SIZE))
2085
        return (0);
2086

    
2087
    /*
2088
     * Usually we don't dump executable pages as they contain
2089
     * non-writable code that debugger can read directly from
2090
     * target library etc.  However, thread stacks are marked
2091
     * also executable so we read in first page of given region
2092
     * and check whether it contains elf header.  If there is
2093
     * no elf header, we dump it.
2094
     */
2095
    if (vma->vma_flags & PROT_EXEC) {
2096
        char page[TARGET_PAGE_SIZE];
2097

    
2098
        copy_from_user(page, vma->vma_start, sizeof (page));
2099
        if ((page[EI_MAG0] == ELFMAG0) &&
2100
            (page[EI_MAG1] == ELFMAG1) &&
2101
            (page[EI_MAG2] == ELFMAG2) &&
2102
            (page[EI_MAG3] == ELFMAG3)) {
2103
            /*
2104
             * Mappings are possibly from ELF binary.  Don't dump
2105
             * them.
2106
             */
2107
            return (0);
2108
        }
2109
    }
2110

    
2111
    return (vma->vma_end - vma->vma_start);
2112
}
2113

    
2114
static int vma_walker(void *priv, abi_ulong start, abi_ulong end,
2115
                      unsigned long flags)
2116
{
2117
    struct mm_struct *mm = (struct mm_struct *)priv;
2118

    
2119
    vma_add_mapping(mm, start, end, flags);
2120
    return (0);
2121
}
2122

    
2123
static void fill_note(struct memelfnote *note, const char *name, int type,
2124
                      unsigned int sz, void *data)
2125
{
2126
    unsigned int namesz;
2127

    
2128
    namesz = strlen(name) + 1;
2129
    note->name = name;
2130
    note->namesz = namesz;
2131
    note->namesz_rounded = roundup(namesz, sizeof (int32_t));
2132
    note->type = type;
2133
    note->datasz = sz;
2134
    note->datasz_rounded = roundup(sz, sizeof (int32_t));
2135

    
2136
    note->data = data;
2137

    
2138
    /*
2139
     * We calculate rounded up note size here as specified by
2140
     * ELF document.
2141
     */
2142
    note->notesz = sizeof (struct elf_note) +
2143
        note->namesz_rounded + note->datasz_rounded;
2144
}
2145

    
2146
static void fill_elf_header(struct elfhdr *elf, int segs, uint16_t machine,
2147
                            uint32_t flags)
2148
{
2149
    (void) memset(elf, 0, sizeof(*elf));
2150

    
2151
    (void) memcpy(elf->e_ident, ELFMAG, SELFMAG);
2152
    elf->e_ident[EI_CLASS] = ELF_CLASS;
2153
    elf->e_ident[EI_DATA] = ELF_DATA;
2154
    elf->e_ident[EI_VERSION] = EV_CURRENT;
2155
    elf->e_ident[EI_OSABI] = ELF_OSABI;
2156

    
2157
    elf->e_type = ET_CORE;
2158
    elf->e_machine = machine;
2159
    elf->e_version = EV_CURRENT;
2160
    elf->e_phoff = sizeof(struct elfhdr);
2161
    elf->e_flags = flags;
2162
    elf->e_ehsize = sizeof(struct elfhdr);
2163
    elf->e_phentsize = sizeof(struct elf_phdr);
2164
    elf->e_phnum = segs;
2165

    
2166
    bswap_ehdr(elf);
2167
}
2168

    
2169
static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
2170
{
2171
    phdr->p_type = PT_NOTE;
2172
    phdr->p_offset = offset;
2173
    phdr->p_vaddr = 0;
2174
    phdr->p_paddr = 0;
2175
    phdr->p_filesz = sz;
2176
    phdr->p_memsz = 0;
2177
    phdr->p_flags = 0;
2178
    phdr->p_align = 0;
2179

    
2180
    bswap_phdr(phdr, 1);
2181
}
2182

    
2183
static size_t note_size(const struct memelfnote *note)
2184
{
2185
    return (note->notesz);
2186
}
2187

    
2188
static void fill_prstatus(struct target_elf_prstatus *prstatus,
2189
                          const TaskState *ts, int signr)
2190
{
2191
    (void) memset(prstatus, 0, sizeof (*prstatus));
2192
    prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
2193
    prstatus->pr_pid = ts->ts_tid;
2194
    prstatus->pr_ppid = getppid();
2195
    prstatus->pr_pgrp = getpgrp();
2196
    prstatus->pr_sid = getsid(0);
2197

    
2198
    bswap_prstatus(prstatus);
2199
}
2200

    
2201
static int fill_psinfo(struct target_elf_prpsinfo *psinfo, const TaskState *ts)
2202
{
2203
    char *filename, *base_filename;
2204
    unsigned int i, len;
2205

    
2206
    (void) memset(psinfo, 0, sizeof (*psinfo));
2207

    
2208
    len = ts->info->arg_end - ts->info->arg_start;
2209
    if (len >= ELF_PRARGSZ)
2210
        len = ELF_PRARGSZ - 1;
2211
    if (copy_from_user(&psinfo->pr_psargs, ts->info->arg_start, len))
2212
        return -EFAULT;
2213
    for (i = 0; i < len; i++)
2214
        if (psinfo->pr_psargs[i] == 0)
2215
            psinfo->pr_psargs[i] = ' ';
2216
    psinfo->pr_psargs[len] = 0;
2217

    
2218
    psinfo->pr_pid = getpid();
2219
    psinfo->pr_ppid = getppid();
2220
    psinfo->pr_pgrp = getpgrp();
2221
    psinfo->pr_sid = getsid(0);
2222
    psinfo->pr_uid = getuid();
2223
    psinfo->pr_gid = getgid();
2224

    
2225
    filename = strdup(ts->bprm->filename);
2226
    base_filename = strdup(basename(filename));
2227
    (void) strncpy(psinfo->pr_fname, base_filename,
2228
                   sizeof(psinfo->pr_fname));
2229
    free(base_filename);
2230
    free(filename);
2231

    
2232
    bswap_psinfo(psinfo);
2233
    return (0);
2234
}
2235

    
2236
static void fill_auxv_note(struct memelfnote *note, const TaskState *ts)
2237
{
2238
    elf_addr_t auxv = (elf_addr_t)ts->info->saved_auxv;
2239
    elf_addr_t orig_auxv = auxv;
2240
    abi_ulong val;
2241
    void *ptr;
2242
    int i, len;
2243

    
2244
    /*
2245
     * Auxiliary vector is stored in target process stack.  It contains
2246
     * {type, value} pairs that we need to dump into note.  This is not
2247
     * strictly necessary but we do it here for sake of completeness.
2248
     */
2249

    
2250
    /* find out lenght of the vector, AT_NULL is terminator */
2251
    i = len = 0;
2252
    do {
2253
        get_user_ual(val, auxv);
2254
        i += 2;
2255
        auxv += 2 * sizeof (elf_addr_t);
2256
    } while (val != AT_NULL);
2257
    len = i * sizeof (elf_addr_t);
2258

    
2259
    /* read in whole auxv vector and copy it to memelfnote */
2260
    ptr = lock_user(VERIFY_READ, orig_auxv, len, 0);
2261
    if (ptr != NULL) {
2262
        fill_note(note, "CORE", NT_AUXV, len, ptr);
2263
        unlock_user(ptr, auxv, len);
2264
    }
2265
}
2266

    
2267
/*
2268
 * Constructs name of coredump file.  We have following convention
2269
 * for the name:
2270
 *     qemu_<basename-of-target-binary>_<date>-<time>_<pid>.core
2271
 *
2272
 * Returns 0 in case of success, -1 otherwise (errno is set).
2273
 */
2274
static int core_dump_filename(const TaskState *ts, char *buf,
2275
                              size_t bufsize)
2276
{
2277
    char timestamp[64];
2278
    char *filename = NULL;
2279
    char *base_filename = NULL;
2280
    struct timeval tv;
2281
    struct tm tm;
2282

    
2283
    assert(bufsize >= PATH_MAX);
2284

    
2285
    if (gettimeofday(&tv, NULL) < 0) {
2286
        (void) fprintf(stderr, "unable to get current timestamp: %s",
2287
                       strerror(errno));
2288
        return (-1);
2289
    }
2290

    
2291
    filename = strdup(ts->bprm->filename);
2292
    base_filename = strdup(basename(filename));
2293
    (void) strftime(timestamp, sizeof (timestamp), "%Y%m%d-%H%M%S",
2294
                    localtime_r(&tv.tv_sec, &tm));
2295
    (void) snprintf(buf, bufsize, "qemu_%s_%s_%d.core",
2296
                    base_filename, timestamp, (int)getpid());
2297
    free(base_filename);
2298
    free(filename);
2299

    
2300
    return (0);
2301
}
2302

    
2303
static int dump_write(int fd, const void *ptr, size_t size)
2304
{
2305
    const char *bufp = (const char *)ptr;
2306
    ssize_t bytes_written, bytes_left;
2307
    struct rlimit dumpsize;
2308
    off_t pos;
2309

    
2310
    bytes_written = 0;
2311
    getrlimit(RLIMIT_CORE, &dumpsize);
2312
    if ((pos = lseek(fd, 0, SEEK_CUR))==-1) {
2313
        if (errno == ESPIPE) { /* not a seekable stream */
2314
            bytes_left = size;
2315
        } else {
2316
            return pos;
2317
        }
2318
    } else {
2319
        if (dumpsize.rlim_cur <= pos) {
2320
            return -1;
2321
        } else if (dumpsize.rlim_cur == RLIM_INFINITY) {
2322
            bytes_left = size;
2323
        } else {
2324
            size_t limit_left=dumpsize.rlim_cur - pos;
2325
            bytes_left = limit_left >= size ? size : limit_left ;
2326
        }
2327
    }
2328

    
2329
    /*
2330
     * In normal conditions, single write(2) should do but
2331
     * in case of socket etc. this mechanism is more portable.
2332
     */
2333
    do {
2334
        bytes_written = write(fd, bufp, bytes_left);
2335
        if (bytes_written < 0) {
2336
            if (errno == EINTR)
2337
                continue;
2338
            return (-1);
2339
        } else if (bytes_written == 0) { /* eof */
2340
            return (-1);
2341
        }
2342
        bufp += bytes_written;
2343
        bytes_left -= bytes_written;
2344
    } while (bytes_left > 0);
2345

    
2346
    return (0);
2347
}
2348

    
2349
static int write_note(struct memelfnote *men, int fd)
2350
{
2351
    struct elf_note en;
2352

    
2353
    en.n_namesz = men->namesz;
2354
    en.n_type = men->type;
2355
    en.n_descsz = men->datasz;
2356

    
2357
    bswap_note(&en);
2358

    
2359
    if (dump_write(fd, &en, sizeof(en)) != 0)
2360
        return (-1);
2361
    if (dump_write(fd, men->name, men->namesz_rounded) != 0)
2362
        return (-1);
2363
    if (dump_write(fd, men->data, men->datasz_rounded) != 0)
2364
        return (-1);
2365

    
2366
    return (0);
2367
}
2368

    
2369
static void fill_thread_info(struct elf_note_info *info, const CPUState *env)
2370
{
2371
    TaskState *ts = (TaskState *)env->opaque;
2372
    struct elf_thread_status *ets;
2373

    
2374
    ets = qemu_mallocz(sizeof (*ets));
2375
    ets->num_notes = 1; /* only prstatus is dumped */
2376
    fill_prstatus(&ets->prstatus, ts, 0);
2377
    elf_core_copy_regs(&ets->prstatus.pr_reg, env);
2378
    fill_note(&ets->notes[0], "CORE", NT_PRSTATUS, sizeof (ets->prstatus),
2379
              &ets->prstatus);
2380

    
2381
    QTAILQ_INSERT_TAIL(&info->thread_list, ets, ets_link);
2382

    
2383
    info->notes_size += note_size(&ets->notes[0]);
2384
}
2385

    
2386
static int fill_note_info(struct elf_note_info *info,
2387
                          long signr, const CPUState *env)
2388
{
2389
#define NUMNOTES 3
2390
    CPUState *cpu = NULL;
2391
    TaskState *ts = (TaskState *)env->opaque;
2392
    int i;
2393

    
2394
    (void) memset(info, 0, sizeof (*info));
2395

    
2396
    QTAILQ_INIT(&info->thread_list);
2397

    
2398
    info->notes = qemu_mallocz(NUMNOTES * sizeof (struct memelfnote));
2399
    if (info->notes == NULL)
2400
        return (-ENOMEM);
2401
    info->prstatus = qemu_mallocz(sizeof (*info->prstatus));
2402
    if (info->prstatus == NULL)
2403
        return (-ENOMEM);
2404
    info->psinfo = qemu_mallocz(sizeof (*info->psinfo));
2405
    if (info->prstatus == NULL)
2406
        return (-ENOMEM);
2407

    
2408
    /*
2409
     * First fill in status (and registers) of current thread
2410
     * including process info & aux vector.
2411
     */
2412
    fill_prstatus(info->prstatus, ts, signr);
2413
    elf_core_copy_regs(&info->prstatus->pr_reg, env);
2414
    fill_note(&info->notes[0], "CORE", NT_PRSTATUS,
2415
              sizeof (*info->prstatus), info->prstatus);
2416
    fill_psinfo(info->psinfo, ts);
2417
    fill_note(&info->notes[1], "CORE", NT_PRPSINFO,
2418
              sizeof (*info->psinfo), info->psinfo);
2419
    fill_auxv_note(&info->notes[2], ts);
2420
    info->numnote = 3;
2421

    
2422
    info->notes_size = 0;
2423
    for (i = 0; i < info->numnote; i++)
2424
        info->notes_size += note_size(&info->notes[i]);
2425

    
2426
    /* read and fill status of all threads */
2427
    cpu_list_lock();
2428
    for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
2429
        if (cpu == thread_env)
2430
            continue;
2431
        fill_thread_info(info, cpu);
2432
    }
2433
    cpu_list_unlock();
2434

    
2435
    return (0);
2436
}
2437

    
2438
static void free_note_info(struct elf_note_info *info)
2439
{
2440
    struct elf_thread_status *ets;
2441

    
2442
    while (!QTAILQ_EMPTY(&info->thread_list)) {
2443
        ets = QTAILQ_FIRST(&info->thread_list);
2444
        QTAILQ_REMOVE(&info->thread_list, ets, ets_link);
2445
        qemu_free(ets);
2446
    }
2447

    
2448
    qemu_free(info->prstatus);
2449
    qemu_free(info->psinfo);
2450
    qemu_free(info->notes);
2451
}
2452

    
2453
static int write_note_info(struct elf_note_info *info, int fd)
2454
{
2455
    struct elf_thread_status *ets;
2456
    int i, error = 0;
2457

    
2458
    /* write prstatus, psinfo and auxv for current thread */
2459
    for (i = 0; i < info->numnote; i++)
2460
        if ((error = write_note(&info->notes[i], fd)) != 0)
2461
            return (error);
2462

    
2463
    /* write prstatus for each thread */
2464
    for (ets = info->thread_list.tqh_first; ets != NULL;
2465
         ets = ets->ets_link.tqe_next) {
2466
        if ((error = write_note(&ets->notes[0], fd)) != 0)
2467
            return (error);
2468
    }
2469

    
2470
    return (0);
2471
}
2472

    
2473
/*
2474
 * Write out ELF coredump.
2475
 *
2476
 * See documentation of ELF object file format in:
2477
 * http://www.caldera.com/developers/devspecs/gabi41.pdf
2478
 *
2479
 * Coredump format in linux is following:
2480
 *
2481
 * 0   +----------------------+         \
2482
 *     | ELF header           | ET_CORE  |
2483
 *     +----------------------+          |
2484
 *     | ELF program headers  |          |--- headers
2485
 *     | - NOTE section       |          |
2486
 *     | - PT_LOAD sections   |          |
2487
 *     +----------------------+         /
2488
 *     | NOTEs:               |
2489
 *     | - NT_PRSTATUS        |
2490
 *     | - NT_PRSINFO         |
2491
 *     | - NT_AUXV            |
2492
 *     +----------------------+ <-- aligned to target page
2493
 *     | Process memory dump  |
2494
 *     :                      :
2495
 *     .                      .
2496
 *     :                      :
2497
 *     |                      |
2498
 *     +----------------------+
2499
 *
2500
 * NT_PRSTATUS -> struct elf_prstatus (per thread)
2501
 * NT_PRSINFO  -> struct elf_prpsinfo
2502
 * NT_AUXV is array of { type, value } pairs (see fill_auxv_note()).
2503
 *
2504
 * Format follows System V format as close as possible.  Current
2505
 * version limitations are as follows:
2506
 *     - no floating point registers are dumped
2507
 *
2508
 * Function returns 0 in case of success, negative errno otherwise.
2509
 *
2510
 * TODO: make this work also during runtime: it should be
2511
 * possible to force coredump from running process and then
2512
 * continue processing.  For example qemu could set up SIGUSR2
2513
 * handler (provided that target process haven't registered
2514
 * handler for that) that does the dump when signal is received.
2515
 */
2516
static int elf_core_dump(int signr, const CPUState *env)
2517
{
2518
    const TaskState *ts = (const TaskState *)env->opaque;
2519
    struct vm_area_struct *vma = NULL;
2520
    char corefile[PATH_MAX];
2521
    struct elf_note_info info;
2522
    struct elfhdr elf;
2523
    struct elf_phdr phdr;
2524
    struct rlimit dumpsize;
2525
    struct mm_struct *mm = NULL;
2526
    off_t offset = 0, data_offset = 0;
2527
    int segs = 0;
2528
    int fd = -1;
2529

    
2530
    errno = 0;
2531
    getrlimit(RLIMIT_CORE, &dumpsize);
2532
    if (dumpsize.rlim_cur == 0)
2533
        return 0;
2534

    
2535
    if (core_dump_filename(ts, corefile, sizeof (corefile)) < 0)
2536
        return (-errno);
2537

    
2538
    if ((fd = open(corefile, O_WRONLY | O_CREAT,
2539
                   S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0)
2540
        return (-errno);
2541

    
2542
    /*
2543
     * Walk through target process memory mappings and
2544
     * set up structure containing this information.  After
2545
     * this point vma_xxx functions can be used.
2546
     */
2547
    if ((mm = vma_init()) == NULL)
2548
        goto out;
2549

    
2550
    walk_memory_regions(mm, vma_walker);
2551
    segs = vma_get_mapping_count(mm);
2552

    
2553
    /*
2554
     * Construct valid coredump ELF header.  We also
2555
     * add one more segment for notes.
2556
     */
2557
    fill_elf_header(&elf, segs + 1, ELF_MACHINE, 0);
2558
    if (dump_write(fd, &elf, sizeof (elf)) != 0)
2559
        goto out;
2560

    
2561
    /* fill in in-memory version of notes */
2562
    if (fill_note_info(&info, signr, env) < 0)
2563
        goto out;
2564

    
2565
    offset += sizeof (elf);                             /* elf header */
2566
    offset += (segs + 1) * sizeof (struct elf_phdr);    /* program headers */
2567

    
2568
    /* write out notes program header */
2569
    fill_elf_note_phdr(&phdr, info.notes_size, offset);
2570

    
2571
    offset += info.notes_size;
2572
    if (dump_write(fd, &phdr, sizeof (phdr)) != 0)
2573
        goto out;
2574

    
2575
    /*
2576
     * ELF specification wants data to start at page boundary so
2577
     * we align it here.
2578
     */
2579
    data_offset = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2580

    
2581
    /*
2582
     * Write program headers for memory regions mapped in
2583
     * the target process.
2584
     */
2585
    for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2586
        (void) memset(&phdr, 0, sizeof (phdr));
2587

    
2588
        phdr.p_type = PT_LOAD;
2589
        phdr.p_offset = offset;
2590
        phdr.p_vaddr = vma->vma_start;
2591
        phdr.p_paddr = 0;
2592
        phdr.p_filesz = vma_dump_size(vma);
2593
        offset += phdr.p_filesz;
2594
        phdr.p_memsz = vma->vma_end - vma->vma_start;
2595
        phdr.p_flags = vma->vma_flags & PROT_READ ? PF_R : 0;
2596
        if (vma->vma_flags & PROT_WRITE)
2597
            phdr.p_flags |= PF_W;
2598
        if (vma->vma_flags & PROT_EXEC)
2599
            phdr.p_flags |= PF_X;
2600
        phdr.p_align = ELF_EXEC_PAGESIZE;
2601

    
2602
        bswap_phdr(&phdr, 1);
2603
        dump_write(fd, &phdr, sizeof (phdr));
2604
    }
2605

    
2606
    /*
2607
     * Next we write notes just after program headers.  No
2608
     * alignment needed here.
2609
     */
2610
    if (write_note_info(&info, fd) < 0)
2611
        goto out;
2612

    
2613
    /* align data to page boundary */
2614
    if (lseek(fd, data_offset, SEEK_SET) != data_offset)
2615
        goto out;
2616

    
2617
    /*
2618
     * Finally we can dump process memory into corefile as well.
2619
     */
2620
    for (vma = vma_first(mm); vma != NULL; vma = vma_next(vma)) {
2621
        abi_ulong addr;
2622
        abi_ulong end;
2623

    
2624
        end = vma->vma_start + vma_dump_size(vma);
2625

    
2626
        for (addr = vma->vma_start; addr < end;
2627
             addr += TARGET_PAGE_SIZE) {
2628
            char page[TARGET_PAGE_SIZE];
2629
            int error;
2630

    
2631
            /*
2632
             *  Read in page from target process memory and
2633
             *  write it to coredump file.
2634
             */
2635
            error = copy_from_user(page, addr, sizeof (page));
2636
            if (error != 0) {
2637
                (void) fprintf(stderr, "unable to dump " TARGET_ABI_FMT_lx "\n",
2638
                               addr);
2639
                errno = -error;
2640
                goto out;
2641
            }
2642
            if (dump_write(fd, page, TARGET_PAGE_SIZE) < 0)
2643
                goto out;
2644
        }
2645
    }
2646

    
2647
 out:
2648
    free_note_info(&info);
2649
    if (mm != NULL)
2650
        vma_delete(mm);
2651
    (void) close(fd);
2652

    
2653
    if (errno != 0)
2654
        return (-errno);
2655
    return (0);
2656
}
2657
#endif /* USE_ELF_CORE_DUMP */
2658

    
2659
void do_init_thread(struct target_pt_regs *regs, struct image_info *infop)
2660
{
2661
    init_thread(regs, infop);
2662
}