2 * linux/fs/binfmt_elf.c
4 * These are the functions used to load ELF format executables as used
5 * on SVr4 machines. Information on the format may be found in the book
6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
12 #include <linux/module.h>
13 #include <linux/kernel.h>
16 #include <linux/mman.h>
17 #include <linux/errno.h>
18 #include <linux/signal.h>
19 #include <linux/binfmts.h>
20 #include <linux/string.h>
21 #include <linux/file.h>
22 #include <linux/slab.h>
23 #include <linux/personality.h>
24 #include <linux/elfcore.h>
25 #include <linux/init.h>
26 #include <linux/highuid.h>
27 #include <linux/compiler.h>
28 #include <linux/highmem.h>
29 #include <linux/pagemap.h>
30 #include <linux/vmalloc.h>
31 #include <linux/security.h>
32 #include <linux/random.h>
33 #include <linux/elf.h>
34 #include <linux/elf-randomize.h>
35 #include <linux/utsname.h>
36 #include <linux/coredump.h>
37 #include <linux/sched.h>
38 #include <linux/sched/coredump.h>
39 #include <linux/sched/task_stack.h>
40 #include <linux/sched/cputime.h>
41 #include <linux/cred.h>
42 #include <linux/dax.h>
43 #include <linux/uaccess.h>
44 #include <asm/param.h>
48 #define user_long_t long
50 #ifndef user_siginfo_t
51 #define user_siginfo_t siginfo_t
54 static int load_elf_binary(struct linux_binprm *bprm);
55 static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
56 int, int, unsigned long);
59 static int load_elf_library(struct file *);
61 #define load_elf_library NULL
65 * If we don't support core dumping, then supply a NULL so we
68 #ifdef CONFIG_ELF_CORE
69 static int elf_core_dump(struct coredump_params *cprm);
71 #define elf_core_dump NULL
74 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
75 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
77 #define ELF_MIN_ALIGN PAGE_SIZE
80 #ifndef ELF_CORE_EFLAGS
81 #define ELF_CORE_EFLAGS 0
84 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
85 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
86 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
88 static struct linux_binfmt elf_format = {
89 .module = THIS_MODULE,
90 .load_binary = load_elf_binary,
91 .load_shlib = load_elf_library,
92 .core_dump = elf_core_dump,
93 .min_coredump = ELF_EXEC_PAGESIZE,
96 #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
98 static int set_brk(unsigned long start, unsigned long end, int prot)
100 start = ELF_PAGEALIGN(start);
101 end = ELF_PAGEALIGN(end);
104 * Map the last of the bss segment.
105 * If the header is requesting these pages to be
106 * executable, honour that (ppc32 needs this).
108 int error = vm_brk_flags(start, end - start,
109 prot & PROT_EXEC ? VM_EXEC : 0);
113 current->mm->start_brk = current->mm->brk = end;
117 /* We need to explicitly zero any fractional pages
118 after the data section (i.e. bss). This would
119 contain the junk from the file that should not
122 static int padzero(unsigned long elf_bss)
126 nbyte = ELF_PAGEOFFSET(elf_bss);
128 nbyte = ELF_MIN_ALIGN - nbyte;
129 if (clear_user((void __user *) elf_bss, nbyte))
135 /* Let's use some macros to make this stack manipulation a little clearer */
136 #ifdef CONFIG_STACK_GROWSUP
137 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
138 #define STACK_ROUND(sp, items) \
139 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
140 #define STACK_ALLOC(sp, len) ({ \
141 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
144 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
145 #define STACK_ROUND(sp, items) \
146 (((unsigned long) (sp - items)) &~ 15UL)
147 #define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
150 #ifndef ELF_BASE_PLATFORM
152 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
153 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
154 * will be copied to the user stack in the same manner as AT_PLATFORM.
156 #define ELF_BASE_PLATFORM NULL
160 create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
161 unsigned long load_addr, unsigned long interp_load_addr)
163 unsigned long p = bprm->p;
164 int argc = bprm->argc;
165 int envc = bprm->envc;
166 elf_addr_t __user *argv;
167 elf_addr_t __user *envp;
168 elf_addr_t __user *sp;
169 elf_addr_t __user *u_platform;
170 elf_addr_t __user *u_base_platform;
171 elf_addr_t __user *u_rand_bytes;
172 const char *k_platform = ELF_PLATFORM;
173 const char *k_base_platform = ELF_BASE_PLATFORM;
174 unsigned char k_rand_bytes[16];
176 elf_addr_t *elf_info;
178 const struct cred *cred = current_cred();
179 struct vm_area_struct *vma;
182 * In some cases (e.g. Hyper-Threading), we want to avoid L1
183 * evictions by the processes running on the same package. One
184 * thing we can do is to shuffle the initial stack for them.
187 p = arch_align_stack(p);
190 * If this architecture has a platform capability string, copy it
191 * to userspace. In some cases (Sparc), this info is impossible
192 * for userspace to get any other way, in others (i386) it is
197 size_t len = strlen(k_platform) + 1;
199 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
200 if (__copy_to_user(u_platform, k_platform, len))
205 * If this architecture has a "base" platform capability
206 * string, copy it to userspace.
208 u_base_platform = NULL;
209 if (k_base_platform) {
210 size_t len = strlen(k_base_platform) + 1;
212 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
213 if (__copy_to_user(u_base_platform, k_base_platform, len))
218 * Generate 16 random bytes for userspace PRNG seeding.
220 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
221 u_rand_bytes = (elf_addr_t __user *)
222 STACK_ALLOC(p, sizeof(k_rand_bytes));
223 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
226 /* Create the ELF interpreter info */
227 elf_info = (elf_addr_t *)current->mm->saved_auxv;
228 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
229 #define NEW_AUX_ENT(id, val) \
231 elf_info[ei_index++] = id; \
232 elf_info[ei_index++] = val; \
237 * ARCH_DLINFO must come first so PPC can do its special alignment of
239 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
240 * ARCH_DLINFO changes
244 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
245 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
246 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
247 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
248 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
249 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
250 NEW_AUX_ENT(AT_BASE, interp_load_addr);
251 NEW_AUX_ENT(AT_FLAGS, 0);
252 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
253 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
254 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
255 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
256 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
257 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
258 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
260 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
262 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
264 NEW_AUX_ENT(AT_PLATFORM,
265 (elf_addr_t)(unsigned long)u_platform);
267 if (k_base_platform) {
268 NEW_AUX_ENT(AT_BASE_PLATFORM,
269 (elf_addr_t)(unsigned long)u_base_platform);
271 if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
272 NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
275 /* AT_NULL is zero; clear the rest too */
276 memset(&elf_info[ei_index], 0,
277 sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
279 /* And advance past the AT_NULL entry. */
282 sp = STACK_ADD(p, ei_index);
284 items = (argc + 1) + (envc + 1) + 1;
285 bprm->p = STACK_ROUND(sp, items);
287 /* Point sp at the lowest address on the stack */
288 #ifdef CONFIG_STACK_GROWSUP
289 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
290 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
292 sp = (elf_addr_t __user *)bprm->p;
297 * Grow the stack manually; some architectures have a limit on how
298 * far ahead a user-space access may be in order to grow the stack.
300 vma = find_extend_vma(current->mm, bprm->p);
304 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
305 if (__put_user(argc, sp++))
308 envp = argv + argc + 1;
310 /* Populate argv and envp */
311 p = current->mm->arg_end = current->mm->arg_start;
314 if (__put_user((elf_addr_t)p, argv++))
316 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
317 if (!len || len > MAX_ARG_STRLEN)
321 if (__put_user(0, argv))
323 current->mm->arg_end = current->mm->env_start = p;
326 if (__put_user((elf_addr_t)p, envp++))
328 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
329 if (!len || len > MAX_ARG_STRLEN)
333 if (__put_user(0, envp))
335 current->mm->env_end = p;
337 /* Put the elf_info on the stack in the right place. */
338 sp = (elf_addr_t __user *)envp + 1;
339 if (copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t)))
346 static unsigned long elf_map(struct file *filep, unsigned long addr,
347 struct elf_phdr *eppnt, int prot, int type,
348 unsigned long total_size)
350 unsigned long map_addr;
351 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
352 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
353 addr = ELF_PAGESTART(addr);
354 size = ELF_PAGEALIGN(size);
356 /* mmap() will return -EINVAL if given a zero size, but a
357 * segment with zero filesize is perfectly valid */
362 * total_size is the size of the ELF (interpreter) image.
363 * The _first_ mmap needs to know the full size, otherwise
364 * randomization might put this image into an overlapping
365 * position with the ELF binary image. (since size < total_size)
366 * So we first map the 'big' image - and unmap the remainder at
367 * the end. (which unmap is needed for ELF images with holes.)
370 total_size = ELF_PAGEALIGN(total_size);
371 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
372 if (!BAD_ADDR(map_addr))
373 vm_munmap(map_addr+size, total_size-size);
375 map_addr = vm_mmap(filep, addr, size, prot, type, off);
380 #endif /* !elf_map */
382 static unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
384 int i, first_idx = -1, last_idx = -1;
386 for (i = 0; i < nr; i++) {
387 if (cmds[i].p_type == PT_LOAD) {
396 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
397 ELF_PAGESTART(cmds[first_idx].p_vaddr);
401 * load_elf_phdrs() - load ELF program headers
402 * @elf_ex: ELF header of the binary whose program headers should be loaded
403 * @elf_file: the opened ELF binary file
405 * Loads ELF program headers from the binary file elf_file, which has the ELF
406 * header pointed to by elf_ex, into a newly allocated array. The caller is
407 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.
409 static struct elf_phdr *load_elf_phdrs(struct elfhdr *elf_ex,
410 struct file *elf_file)
412 struct elf_phdr *elf_phdata = NULL;
413 int retval, size, err = -1;
416 * If the size of this structure has changed, then punt, since
417 * we will be doing the wrong thing.
419 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
422 /* Sanity check the number of program headers... */
423 if (elf_ex->e_phnum < 1 ||
424 elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
427 /* ...and their total size. */
428 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
429 if (size > ELF_MIN_ALIGN)
432 elf_phdata = kmalloc(size, GFP_KERNEL);
436 /* Read in the program headers */
437 retval = kernel_read(elf_file, elf_ex->e_phoff,
438 (char *)elf_phdata, size);
439 if (retval != size) {
440 err = (retval < 0) ? retval : -EIO;
454 #ifndef CONFIG_ARCH_BINFMT_ELF_STATE
457 * struct arch_elf_state - arch-specific ELF loading state
459 * This structure is used to preserve architecture specific data during
460 * the loading of an ELF file, throughout the checking of architecture
461 * specific ELF headers & through to the point where the ELF load is
462 * known to be proceeding (ie. SET_PERSONALITY).
464 * This implementation is a dummy for architectures which require no
467 struct arch_elf_state {
470 #define INIT_ARCH_ELF_STATE {}
473 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
474 * @ehdr: The main ELF header
475 * @phdr: The program header to check
476 * @elf: The open ELF file
477 * @is_interp: True if the phdr is from the interpreter of the ELF being
478 * loaded, else false.
479 * @state: Architecture-specific state preserved throughout the process
480 * of loading the ELF.
482 * Inspects the program header phdr to validate its correctness and/or
483 * suitability for the system. Called once per ELF program header in the
484 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
487 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
488 * with that return code.
490 static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
491 struct elf_phdr *phdr,
492 struct file *elf, bool is_interp,
493 struct arch_elf_state *state)
495 /* Dummy implementation, always proceed */
500 * arch_check_elf() - check an ELF executable
501 * @ehdr: The main ELF header
502 * @has_interp: True if the ELF has an interpreter, else false.
503 * @interp_ehdr: The interpreter's ELF header
504 * @state: Architecture-specific state preserved throughout the process
505 * of loading the ELF.
507 * Provides a final opportunity for architecture code to reject the loading
508 * of the ELF & cause an exec syscall to return an error. This is called after
509 * all program headers to be checked by arch_elf_pt_proc have been.
511 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
512 * with that return code.
514 static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
515 struct elfhdr *interp_ehdr,
516 struct arch_elf_state *state)
518 /* Dummy implementation, always proceed */
522 #endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
524 /* This is much more generalized than the library routine read function,
525 so we keep this separate. Technically the library read function
526 is only provided so that we can read a.out libraries that have
529 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
530 struct file *interpreter, unsigned long *interp_map_addr,
531 unsigned long no_base, struct elf_phdr *interp_elf_phdata)
533 struct elf_phdr *eppnt;
534 unsigned long load_addr = 0;
535 int load_addr_set = 0;
536 unsigned long last_bss = 0, elf_bss = 0;
538 unsigned long error = ~0UL;
539 unsigned long total_size;
542 /* First of all, some simple consistency checks */
543 if (interp_elf_ex->e_type != ET_EXEC &&
544 interp_elf_ex->e_type != ET_DYN)
546 if (!elf_check_arch(interp_elf_ex))
548 if (!interpreter->f_op->mmap)
551 total_size = total_mapping_size(interp_elf_phdata,
552 interp_elf_ex->e_phnum);
558 eppnt = interp_elf_phdata;
559 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
560 if (eppnt->p_type == PT_LOAD) {
561 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
563 unsigned long vaddr = 0;
564 unsigned long k, map_addr;
566 if (eppnt->p_flags & PF_R)
567 elf_prot = PROT_READ;
568 if (eppnt->p_flags & PF_W)
569 elf_prot |= PROT_WRITE;
570 if (eppnt->p_flags & PF_X)
571 elf_prot |= PROT_EXEC;
572 vaddr = eppnt->p_vaddr;
573 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
574 elf_type |= MAP_FIXED;
575 else if (no_base && interp_elf_ex->e_type == ET_DYN)
578 map_addr = elf_map(interpreter, load_addr + vaddr,
579 eppnt, elf_prot, elf_type, total_size);
581 if (!*interp_map_addr)
582 *interp_map_addr = map_addr;
584 if (BAD_ADDR(map_addr))
587 if (!load_addr_set &&
588 interp_elf_ex->e_type == ET_DYN) {
589 load_addr = map_addr - ELF_PAGESTART(vaddr);
594 * Check to see if the section's size will overflow the
595 * allowed task size. Note that p_filesz must always be
596 * <= p_memsize so it's only necessary to check p_memsz.
598 k = load_addr + eppnt->p_vaddr;
600 eppnt->p_filesz > eppnt->p_memsz ||
601 eppnt->p_memsz > TASK_SIZE ||
602 TASK_SIZE - eppnt->p_memsz < k) {
608 * Find the end of the file mapping for this phdr, and
609 * keep track of the largest address we see for this.
611 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
616 * Do the same thing for the memory mapping - between
617 * elf_bss and last_bss is the bss section.
619 k = load_addr + eppnt->p_vaddr + eppnt->p_memsz;
628 * Now fill out the bss section: first pad the last page from
629 * the file up to the page boundary, and zero it from elf_bss
630 * up to the end of the page.
632 if (padzero(elf_bss)) {
637 * Next, align both the file and mem bss up to the page size,
638 * since this is where elf_bss was just zeroed up to, and where
639 * last_bss will end after the vm_brk_flags() below.
641 elf_bss = ELF_PAGEALIGN(elf_bss);
642 last_bss = ELF_PAGEALIGN(last_bss);
643 /* Finally, if there is still more bss to allocate, do it. */
644 if (last_bss > elf_bss) {
645 error = vm_brk_flags(elf_bss, last_bss - elf_bss,
646 bss_prot & PROT_EXEC ? VM_EXEC : 0);
657 * These are the functions used to load ELF style executables and shared
658 * libraries. There is no binary dependent code anywhere else.
661 #ifndef STACK_RND_MASK
662 #define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
665 static unsigned long randomize_stack_top(unsigned long stack_top)
667 unsigned long random_variable = 0;
669 if ((current->flags & PF_RANDOMIZE) &&
670 !(current->personality & ADDR_NO_RANDOMIZE)) {
671 random_variable = get_random_long();
672 random_variable &= STACK_RND_MASK;
673 random_variable <<= PAGE_SHIFT;
675 #ifdef CONFIG_STACK_GROWSUP
676 return PAGE_ALIGN(stack_top) + random_variable;
678 return PAGE_ALIGN(stack_top) - random_variable;
682 static int load_elf_binary(struct linux_binprm *bprm)
684 struct file *interpreter = NULL; /* to shut gcc up */
685 unsigned long load_addr = 0, load_bias = 0;
686 int load_addr_set = 0;
687 char * elf_interpreter = NULL;
689 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
690 unsigned long elf_bss, elf_brk;
693 unsigned long elf_entry;
694 unsigned long interp_load_addr = 0;
695 unsigned long start_code, end_code, start_data, end_data;
696 unsigned long reloc_func_desc __maybe_unused = 0;
697 int executable_stack = EXSTACK_DEFAULT;
698 struct pt_regs *regs = current_pt_regs();
700 struct elfhdr elf_ex;
701 struct elfhdr interp_elf_ex;
703 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
705 loc = kmalloc(sizeof(*loc), GFP_KERNEL);
711 /* Get the exec-header */
712 loc->elf_ex = *((struct elfhdr *)bprm->buf);
715 /* First of all, some simple consistency checks */
716 if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
719 if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
721 if (!elf_check_arch(&loc->elf_ex))
723 if (!bprm->file->f_op->mmap)
726 elf_phdata = load_elf_phdrs(&loc->elf_ex, bprm->file);
730 elf_ppnt = elf_phdata;
739 for (i = 0; i < loc->elf_ex.e_phnum; i++) {
740 if (elf_ppnt->p_type == PT_INTERP) {
741 /* This is the program interpreter used for
742 * shared libraries - for now assume that this
743 * is an a.out format binary
746 if (elf_ppnt->p_filesz > PATH_MAX ||
747 elf_ppnt->p_filesz < 2)
751 elf_interpreter = kmalloc(elf_ppnt->p_filesz,
753 if (!elf_interpreter)
756 retval = kernel_read(bprm->file, elf_ppnt->p_offset,
759 if (retval != elf_ppnt->p_filesz) {
762 goto out_free_interp;
764 /* make sure path is NULL terminated */
766 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
767 goto out_free_interp;
769 interpreter = open_exec(elf_interpreter);
770 retval = PTR_ERR(interpreter);
771 if (IS_ERR(interpreter))
772 goto out_free_interp;
775 * If the binary is not readable then enforce
776 * mm->dumpable = 0 regardless of the interpreter's
779 would_dump(bprm, interpreter);
781 /* Get the exec headers */
782 retval = kernel_read(interpreter, 0,
783 (void *)&loc->interp_elf_ex,
784 sizeof(loc->interp_elf_ex));
785 if (retval != sizeof(loc->interp_elf_ex)) {
788 goto out_free_dentry;
796 elf_ppnt = elf_phdata;
797 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
798 switch (elf_ppnt->p_type) {
800 if (elf_ppnt->p_flags & PF_X)
801 executable_stack = EXSTACK_ENABLE_X;
803 executable_stack = EXSTACK_DISABLE_X;
806 case PT_LOPROC ... PT_HIPROC:
807 retval = arch_elf_pt_proc(&loc->elf_ex, elf_ppnt,
811 goto out_free_dentry;
815 /* Some simple consistency checks for the interpreter */
816 if (elf_interpreter) {
818 /* Not an ELF interpreter */
819 if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
820 goto out_free_dentry;
821 /* Verify the interpreter has a valid arch */
822 if (!elf_check_arch(&loc->interp_elf_ex))
823 goto out_free_dentry;
825 /* Load the interpreter program headers */
826 interp_elf_phdata = load_elf_phdrs(&loc->interp_elf_ex,
828 if (!interp_elf_phdata)
829 goto out_free_dentry;
831 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
832 elf_ppnt = interp_elf_phdata;
833 for (i = 0; i < loc->interp_elf_ex.e_phnum; i++, elf_ppnt++)
834 switch (elf_ppnt->p_type) {
835 case PT_LOPROC ... PT_HIPROC:
836 retval = arch_elf_pt_proc(&loc->interp_elf_ex,
837 elf_ppnt, interpreter,
840 goto out_free_dentry;
846 * Allow arch code to reject the ELF at this point, whilst it's
847 * still possible to return an error to the code that invoked
850 retval = arch_check_elf(&loc->elf_ex,
851 !!interpreter, &loc->interp_elf_ex,
854 goto out_free_dentry;
856 /* Flush all traces of the currently running executable */
857 retval = flush_old_exec(bprm);
859 goto out_free_dentry;
861 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
862 may depend on the personality. */
863 SET_PERSONALITY2(loc->elf_ex, &arch_state);
864 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
865 current->personality |= READ_IMPLIES_EXEC;
867 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
868 current->flags |= PF_RANDOMIZE;
870 setup_new_exec(bprm);
871 install_exec_creds(bprm);
873 /* Do this so that we can load the interpreter, if need be. We will
874 change some of these later */
875 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
878 goto out_free_dentry;
880 current->mm->start_stack = bprm->p;
882 /* Now we do a little grungy work by mmapping the ELF image into
883 the correct location in memory. */
884 for(i = 0, elf_ppnt = elf_phdata;
885 i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
886 int elf_prot = 0, elf_flags;
887 unsigned long k, vaddr;
888 unsigned long total_size = 0;
890 if (elf_ppnt->p_type != PT_LOAD)
893 if (unlikely (elf_brk > elf_bss)) {
896 /* There was a PT_LOAD segment with p_memsz > p_filesz
897 before this one. Map anonymous pages, if needed,
898 and clear the area. */
899 retval = set_brk(elf_bss + load_bias,
903 goto out_free_dentry;
904 nbyte = ELF_PAGEOFFSET(elf_bss);
906 nbyte = ELF_MIN_ALIGN - nbyte;
907 if (nbyte > elf_brk - elf_bss)
908 nbyte = elf_brk - elf_bss;
909 if (clear_user((void __user *)elf_bss +
912 * This bss-zeroing can fail if the ELF
913 * file specifies odd protections. So
914 * we don't check the return value
920 if (elf_ppnt->p_flags & PF_R)
921 elf_prot |= PROT_READ;
922 if (elf_ppnt->p_flags & PF_W)
923 elf_prot |= PROT_WRITE;
924 if (elf_ppnt->p_flags & PF_X)
925 elf_prot |= PROT_EXEC;
927 elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
929 vaddr = elf_ppnt->p_vaddr;
930 if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
931 elf_flags |= MAP_FIXED;
932 } else if (loc->elf_ex.e_type == ET_DYN) {
933 /* Try and get dynamic programs out of the way of the
934 * default mmap base, as well as whatever program they
935 * might try to exec. This is because the brk will
936 * follow the loader, and is not movable. */
937 load_bias = ELF_ET_DYN_BASE - vaddr;
938 if (current->flags & PF_RANDOMIZE)
939 load_bias += arch_mmap_rnd();
940 load_bias = ELF_PAGESTART(load_bias);
941 total_size = total_mapping_size(elf_phdata,
942 loc->elf_ex.e_phnum);
945 goto out_free_dentry;
949 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
950 elf_prot, elf_flags, total_size);
951 if (BAD_ADDR(error)) {
952 retval = IS_ERR((void *)error) ?
953 PTR_ERR((void*)error) : -EINVAL;
954 goto out_free_dentry;
957 if (!load_addr_set) {
959 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
960 if (loc->elf_ex.e_type == ET_DYN) {
962 ELF_PAGESTART(load_bias + vaddr);
963 load_addr += load_bias;
964 reloc_func_desc = load_bias;
967 k = elf_ppnt->p_vaddr;
974 * Check to see if the section's size will overflow the
975 * allowed task size. Note that p_filesz must always be
976 * <= p_memsz so it is only necessary to check p_memsz.
978 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
979 elf_ppnt->p_memsz > TASK_SIZE ||
980 TASK_SIZE - elf_ppnt->p_memsz < k) {
981 /* set_brk can never work. Avoid overflows. */
983 goto out_free_dentry;
986 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
990 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
994 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1001 loc->elf_ex.e_entry += load_bias;
1002 elf_bss += load_bias;
1003 elf_brk += load_bias;
1004 start_code += load_bias;
1005 end_code += load_bias;
1006 start_data += load_bias;
1007 end_data += load_bias;
1009 /* Calling set_brk effectively mmaps the pages that we need
1010 * for the bss and break sections. We must do this before
1011 * mapping in the interpreter, to make sure it doesn't wind
1012 * up getting placed where the bss needs to go.
1014 retval = set_brk(elf_bss, elf_brk, bss_prot);
1016 goto out_free_dentry;
1017 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
1018 retval = -EFAULT; /* Nobody gets to see this, but.. */
1019 goto out_free_dentry;
1022 if (elf_interpreter) {
1023 unsigned long interp_map_addr = 0;
1025 elf_entry = load_elf_interp(&loc->interp_elf_ex,
1028 load_bias, interp_elf_phdata);
1029 if (!IS_ERR((void *)elf_entry)) {
1031 * load_elf_interp() returns relocation
1034 interp_load_addr = elf_entry;
1035 elf_entry += loc->interp_elf_ex.e_entry;
1037 if (BAD_ADDR(elf_entry)) {
1038 retval = IS_ERR((void *)elf_entry) ?
1039 (int)elf_entry : -EINVAL;
1040 goto out_free_dentry;
1042 reloc_func_desc = interp_load_addr;
1044 allow_write_access(interpreter);
1046 kfree(elf_interpreter);
1048 elf_entry = loc->elf_ex.e_entry;
1049 if (BAD_ADDR(elf_entry)) {
1051 goto out_free_dentry;
1055 kfree(interp_elf_phdata);
1058 set_binfmt(&elf_format);
1060 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
1061 retval = arch_setup_additional_pages(bprm, !!elf_interpreter);
1064 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1066 retval = create_elf_tables(bprm, &loc->elf_ex,
1067 load_addr, interp_load_addr);
1070 /* N.B. passed_fileno might not be initialized? */
1071 current->mm->end_code = end_code;
1072 current->mm->start_code = start_code;
1073 current->mm->start_data = start_data;
1074 current->mm->end_data = end_data;
1075 current->mm->start_stack = bprm->p;
1077 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
1078 current->mm->brk = current->mm->start_brk =
1079 arch_randomize_brk(current->mm);
1080 #ifdef compat_brk_randomized
1081 current->brk_randomized = 1;
1085 if (current->personality & MMAP_PAGE_ZERO) {
1086 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1087 and some applications "depend" upon this behavior.
1088 Since we do not have the power to recompile these, we
1089 emulate the SVr4 behavior. Sigh. */
1090 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1091 MAP_FIXED | MAP_PRIVATE, 0);
1094 #ifdef ELF_PLAT_INIT
1096 * The ABI may specify that certain registers be set up in special
1097 * ways (on i386 %edx is the address of a DT_FINI function, for
1098 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1099 * that the e_entry field is the address of the function descriptor
1100 * for the startup routine, rather than the address of the startup
1101 * routine itself. This macro performs whatever initialization to
1102 * the regs structure is required as well as any relocations to the
1103 * function descriptor entries when executing dynamically links apps.
1105 ELF_PLAT_INIT(regs, reloc_func_desc);
1108 start_thread(regs, elf_entry, bprm->p);
1117 kfree(interp_elf_phdata);
1118 allow_write_access(interpreter);
1122 kfree(elf_interpreter);
1128 #ifdef CONFIG_USELIB
1129 /* This is really simpleminded and specialized - we are loading an
1130 a.out library that is given an ELF header. */
1131 static int load_elf_library(struct file *file)
1133 struct elf_phdr *elf_phdata;
1134 struct elf_phdr *eppnt;
1135 unsigned long elf_bss, bss, len;
1136 int retval, error, i, j;
1137 struct elfhdr elf_ex;
1140 retval = kernel_read(file, 0, (char *)&elf_ex, sizeof(elf_ex));
1141 if (retval != sizeof(elf_ex))
1144 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1147 /* First of all, some simple consistency checks */
1148 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1149 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1152 /* Now read in all of the header information */
1154 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1155 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1158 elf_phdata = kmalloc(j, GFP_KERNEL);
1164 retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
1168 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1169 if ((eppnt + i)->p_type == PT_LOAD)
1174 while (eppnt->p_type != PT_LOAD)
1177 /* Now use mmap to map the library into memory. */
1178 error = vm_mmap(file,
1179 ELF_PAGESTART(eppnt->p_vaddr),
1181 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1182 PROT_READ | PROT_WRITE | PROT_EXEC,
1183 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
1185 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1186 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1189 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1190 if (padzero(elf_bss)) {
1195 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
1197 bss = eppnt->p_memsz + eppnt->p_vaddr;
1199 error = vm_brk(len, bss - len);
1210 #endif /* #ifdef CONFIG_USELIB */
1212 #ifdef CONFIG_ELF_CORE
1216 * Modelled on fs/exec.c:aout_core_dump()
1217 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1221 * The purpose of always_dump_vma() is to make sure that special kernel mappings
1222 * that are useful for post-mortem analysis are included in every core dump.
1223 * In that way we ensure that the core dump is fully interpretable later
1224 * without matching up the same kernel and hardware config to see what PC values
1225 * meant. These special mappings include - vDSO, vsyscall, and other
1226 * architecture specific mappings
1228 static bool always_dump_vma(struct vm_area_struct *vma)
1230 /* Any vsyscall mappings? */
1231 if (vma == get_gate_vma(vma->vm_mm))
1235 * Assume that all vmas with a .name op should always be dumped.
1236 * If this changes, a new vm_ops field can easily be added.
1238 if (vma->vm_ops && vma->vm_ops->name && vma->vm_ops->name(vma))
1242 * arch_vma_name() returns non-NULL for special architecture mappings,
1243 * such as vDSO sections.
1245 if (arch_vma_name(vma))
1252 * Decide what to dump of a segment, part, all or none.
1254 static unsigned long vma_dump_size(struct vm_area_struct *vma,
1255 unsigned long mm_flags)
1257 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
1259 /* always dump the vdso and vsyscall sections */
1260 if (always_dump_vma(vma))
1263 if (vma->vm_flags & VM_DONTDUMP)
1266 /* support for DAX */
1267 if (vma_is_dax(vma)) {
1268 if ((vma->vm_flags & VM_SHARED) && FILTER(DAX_SHARED))
1270 if (!(vma->vm_flags & VM_SHARED) && FILTER(DAX_PRIVATE))
1275 /* Hugetlb memory check */
1276 if (vma->vm_flags & VM_HUGETLB) {
1277 if ((vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_SHARED))
1279 if (!(vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_PRIVATE))
1284 /* Do not dump I/O mapped devices or special mappings */
1285 if (vma->vm_flags & VM_IO)
1288 /* By default, dump shared memory if mapped from an anonymous file. */
1289 if (vma->vm_flags & VM_SHARED) {
1290 if (file_inode(vma->vm_file)->i_nlink == 0 ?
1291 FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
1296 /* Dump segments that have been written to. */
1297 if (vma->anon_vma && FILTER(ANON_PRIVATE))
1299 if (vma->vm_file == NULL)
1302 if (FILTER(MAPPED_PRIVATE))
1306 * If this looks like the beginning of a DSO or executable mapping,
1307 * check for an ELF header. If we find one, dump the first page to
1308 * aid in determining what was mapped here.
1310 if (FILTER(ELF_HEADERS) &&
1311 vma->vm_pgoff == 0 && (vma->vm_flags & VM_READ)) {
1312 u32 __user *header = (u32 __user *) vma->vm_start;
1314 mm_segment_t fs = get_fs();
1316 * Doing it this way gets the constant folded by GCC.
1320 char elfmag[SELFMAG];
1322 BUILD_BUG_ON(SELFMAG != sizeof word);
1323 magic.elfmag[EI_MAG0] = ELFMAG0;
1324 magic.elfmag[EI_MAG1] = ELFMAG1;
1325 magic.elfmag[EI_MAG2] = ELFMAG2;
1326 magic.elfmag[EI_MAG3] = ELFMAG3;
1328 * Switch to the user "segment" for get_user(),
1329 * then put back what elf_core_dump() had in place.
1332 if (unlikely(get_user(word, header)))
1335 if (word == magic.cmp)
1344 return vma->vm_end - vma->vm_start;
1347 /* An ELF note in memory */
1352 unsigned int datasz;
1356 static int notesize(struct memelfnote *en)
1360 sz = sizeof(struct elf_note);
1361 sz += roundup(strlen(en->name) + 1, 4);
1362 sz += roundup(en->datasz, 4);
1367 static int writenote(struct memelfnote *men, struct coredump_params *cprm)
1370 en.n_namesz = strlen(men->name) + 1;
1371 en.n_descsz = men->datasz;
1372 en.n_type = men->type;
1374 return dump_emit(cprm, &en, sizeof(en)) &&
1375 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1376 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1379 static void fill_elf_header(struct elfhdr *elf, int segs,
1380 u16 machine, u32 flags)
1382 memset(elf, 0, sizeof(*elf));
1384 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1385 elf->e_ident[EI_CLASS] = ELF_CLASS;
1386 elf->e_ident[EI_DATA] = ELF_DATA;
1387 elf->e_ident[EI_VERSION] = EV_CURRENT;
1388 elf->e_ident[EI_OSABI] = ELF_OSABI;
1390 elf->e_type = ET_CORE;
1391 elf->e_machine = machine;
1392 elf->e_version = EV_CURRENT;
1393 elf->e_phoff = sizeof(struct elfhdr);
1394 elf->e_flags = flags;
1395 elf->e_ehsize = sizeof(struct elfhdr);
1396 elf->e_phentsize = sizeof(struct elf_phdr);
1397 elf->e_phnum = segs;
1402 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1404 phdr->p_type = PT_NOTE;
1405 phdr->p_offset = offset;
1408 phdr->p_filesz = sz;
1415 static void fill_note(struct memelfnote *note, const char *name, int type,
1416 unsigned int sz, void *data)
1426 * fill up all the fields in prstatus from the given task struct, except
1427 * registers which need to be filled up separately.
1429 static void fill_prstatus(struct elf_prstatus *prstatus,
1430 struct task_struct *p, long signr)
1432 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1433 prstatus->pr_sigpend = p->pending.signal.sig[0];
1434 prstatus->pr_sighold = p->blocked.sig[0];
1436 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1438 prstatus->pr_pid = task_pid_vnr(p);
1439 prstatus->pr_pgrp = task_pgrp_vnr(p);
1440 prstatus->pr_sid = task_session_vnr(p);
1441 if (thread_group_leader(p)) {
1442 struct task_cputime cputime;
1445 * This is the record for the group leader. It shows the
1446 * group-wide total, not its individual thread total.
1448 thread_group_cputime(p, &cputime);
1449 prstatus->pr_utime = ns_to_timeval(cputime.utime);
1450 prstatus->pr_stime = ns_to_timeval(cputime.stime);
1454 task_cputime(p, &utime, &stime);
1455 prstatus->pr_utime = ns_to_timeval(utime);
1456 prstatus->pr_stime = ns_to_timeval(stime);
1459 prstatus->pr_cutime = ns_to_timeval(p->signal->cutime);
1460 prstatus->pr_cstime = ns_to_timeval(p->signal->cstime);
1463 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1464 struct mm_struct *mm)
1466 const struct cred *cred;
1467 unsigned int i, len;
1469 /* first copy the parameters from user space */
1470 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1472 len = mm->arg_end - mm->arg_start;
1473 if (len >= ELF_PRARGSZ)
1474 len = ELF_PRARGSZ-1;
1475 if (copy_from_user(&psinfo->pr_psargs,
1476 (const char __user *)mm->arg_start, len))
1478 for(i = 0; i < len; i++)
1479 if (psinfo->pr_psargs[i] == 0)
1480 psinfo->pr_psargs[i] = ' ';
1481 psinfo->pr_psargs[len] = 0;
1484 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1486 psinfo->pr_pid = task_pid_vnr(p);
1487 psinfo->pr_pgrp = task_pgrp_vnr(p);
1488 psinfo->pr_sid = task_session_vnr(p);
1490 i = p->state ? ffz(~p->state) + 1 : 0;
1491 psinfo->pr_state = i;
1492 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1493 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1494 psinfo->pr_nice = task_nice(p);
1495 psinfo->pr_flag = p->flags;
1497 cred = __task_cred(p);
1498 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1499 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1501 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1506 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1508 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1512 while (auxv[i - 2] != AT_NULL);
1513 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1516 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1517 const siginfo_t *siginfo)
1519 mm_segment_t old_fs = get_fs();
1521 copy_siginfo_to_user((user_siginfo_t __user *) csigdata, siginfo);
1523 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1526 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1528 * Format of NT_FILE note:
1530 * long count -- how many files are mapped
1531 * long page_size -- units for file_ofs
1532 * array of [COUNT] elements of
1536 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1538 static int fill_files_note(struct memelfnote *note)
1540 struct vm_area_struct *vma;
1541 unsigned count, size, names_ofs, remaining, n;
1543 user_long_t *start_end_ofs;
1544 char *name_base, *name_curpos;
1546 /* *Estimated* file count and total data size needed */
1547 count = current->mm->map_count;
1550 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1552 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1554 size = round_up(size, PAGE_SIZE);
1555 data = vmalloc(size);
1559 start_end_ofs = data + 2;
1560 name_base = name_curpos = ((char *)data) + names_ofs;
1561 remaining = size - names_ofs;
1563 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1565 const char *filename;
1567 file = vma->vm_file;
1570 filename = file_path(file, name_curpos, remaining);
1571 if (IS_ERR(filename)) {
1572 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1574 size = size * 5 / 4;
1580 /* file_path() fills at the end, move name down */
1581 /* n = strlen(filename) + 1: */
1582 n = (name_curpos + remaining) - filename;
1583 remaining = filename - name_curpos;
1584 memmove(name_curpos, filename, n);
1587 *start_end_ofs++ = vma->vm_start;
1588 *start_end_ofs++ = vma->vm_end;
1589 *start_end_ofs++ = vma->vm_pgoff;
1593 /* Now we know exact count of files, can store it */
1595 data[1] = PAGE_SIZE;
1597 * Count usually is less than current->mm->map_count,
1598 * we need to move filenames down.
1600 n = current->mm->map_count - count;
1602 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1603 memmove(name_base - shift_bytes, name_base,
1604 name_curpos - name_base);
1605 name_curpos -= shift_bytes;
1608 size = name_curpos - (char *)data;
1609 fill_note(note, "CORE", NT_FILE, size, data);
1613 #ifdef CORE_DUMP_USE_REGSET
1614 #include <linux/regset.h>
1616 struct elf_thread_core_info {
1617 struct elf_thread_core_info *next;
1618 struct task_struct *task;
1619 struct elf_prstatus prstatus;
1620 struct memelfnote notes[0];
1623 struct elf_note_info {
1624 struct elf_thread_core_info *thread;
1625 struct memelfnote psinfo;
1626 struct memelfnote signote;
1627 struct memelfnote auxv;
1628 struct memelfnote files;
1629 user_siginfo_t csigdata;
1635 * When a regset has a writeback hook, we call it on each thread before
1636 * dumping user memory. On register window machines, this makes sure the
1637 * user memory backing the register data is up to date before we read it.
1639 static void do_thread_regset_writeback(struct task_struct *task,
1640 const struct user_regset *regset)
1642 if (regset->writeback)
1643 regset->writeback(task, regset, 1);
1646 #ifndef PRSTATUS_SIZE
1647 #define PRSTATUS_SIZE(S, R) sizeof(S)
1650 #ifndef SET_PR_FPVALID
1651 #define SET_PR_FPVALID(S, V, R) ((S)->pr_fpvalid = (V))
1654 static int fill_thread_core_info(struct elf_thread_core_info *t,
1655 const struct user_regset_view *view,
1656 long signr, size_t *total)
1659 unsigned int regset_size = view->regsets[0].n * view->regsets[0].size;
1662 * NT_PRSTATUS is the one special case, because the regset data
1663 * goes into the pr_reg field inside the note contents, rather
1664 * than being the whole note contents. We fill the reset in here.
1665 * We assume that regset 0 is NT_PRSTATUS.
1667 fill_prstatus(&t->prstatus, t->task, signr);
1668 (void) view->regsets[0].get(t->task, &view->regsets[0], 0, regset_size,
1669 &t->prstatus.pr_reg, NULL);
1671 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1672 PRSTATUS_SIZE(t->prstatus, regset_size), &t->prstatus);
1673 *total += notesize(&t->notes[0]);
1675 do_thread_regset_writeback(t->task, &view->regsets[0]);
1678 * Each other regset might generate a note too. For each regset
1679 * that has no core_note_type or is inactive, we leave t->notes[i]
1680 * all zero and we'll know to skip writing it later.
1682 for (i = 1; i < view->n; ++i) {
1683 const struct user_regset *regset = &view->regsets[i];
1684 do_thread_regset_writeback(t->task, regset);
1685 if (regset->core_note_type && regset->get &&
1686 (!regset->active || regset->active(t->task, regset))) {
1688 size_t size = regset->n * regset->size;
1689 void *data = kmalloc(size, GFP_KERNEL);
1690 if (unlikely(!data))
1692 ret = regset->get(t->task, regset,
1693 0, size, data, NULL);
1697 if (regset->core_note_type != NT_PRFPREG)
1698 fill_note(&t->notes[i], "LINUX",
1699 regset->core_note_type,
1702 SET_PR_FPVALID(&t->prstatus,
1704 fill_note(&t->notes[i], "CORE",
1705 NT_PRFPREG, size, data);
1707 *total += notesize(&t->notes[i]);
1715 static int fill_note_info(struct elfhdr *elf, int phdrs,
1716 struct elf_note_info *info,
1717 const siginfo_t *siginfo, struct pt_regs *regs)
1719 struct task_struct *dump_task = current;
1720 const struct user_regset_view *view = task_user_regset_view(dump_task);
1721 struct elf_thread_core_info *t;
1722 struct elf_prpsinfo *psinfo;
1723 struct core_thread *ct;
1727 info->thread = NULL;
1729 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1730 if (psinfo == NULL) {
1731 info->psinfo.data = NULL; /* So we don't free this wrongly */
1735 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1738 * Figure out how many notes we're going to need for each thread.
1740 info->thread_notes = 0;
1741 for (i = 0; i < view->n; ++i)
1742 if (view->regsets[i].core_note_type != 0)
1743 ++info->thread_notes;
1746 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1747 * since it is our one special case.
1749 if (unlikely(info->thread_notes == 0) ||
1750 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1756 * Initialize the ELF file header.
1758 fill_elf_header(elf, phdrs,
1759 view->e_machine, view->e_flags);
1762 * Allocate a structure for each thread.
1764 for (ct = &dump_task->mm->core_state->dumper; ct; ct = ct->next) {
1765 t = kzalloc(offsetof(struct elf_thread_core_info,
1766 notes[info->thread_notes]),
1772 if (ct->task == dump_task || !info->thread) {
1773 t->next = info->thread;
1777 * Make sure to keep the original task at
1778 * the head of the list.
1780 t->next = info->thread->next;
1781 info->thread->next = t;
1786 * Now fill in each thread's information.
1788 for (t = info->thread; t != NULL; t = t->next)
1789 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
1793 * Fill in the two process-wide notes.
1795 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1796 info->size += notesize(&info->psinfo);
1798 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1799 info->size += notesize(&info->signote);
1801 fill_auxv_note(&info->auxv, current->mm);
1802 info->size += notesize(&info->auxv);
1804 if (fill_files_note(&info->files) == 0)
1805 info->size += notesize(&info->files);
1810 static size_t get_note_info_size(struct elf_note_info *info)
1816 * Write all the notes for each thread. When writing the first thread, the
1817 * process-wide notes are interleaved after the first thread-specific note.
1819 static int write_note_info(struct elf_note_info *info,
1820 struct coredump_params *cprm)
1823 struct elf_thread_core_info *t = info->thread;
1828 if (!writenote(&t->notes[0], cprm))
1831 if (first && !writenote(&info->psinfo, cprm))
1833 if (first && !writenote(&info->signote, cprm))
1835 if (first && !writenote(&info->auxv, cprm))
1837 if (first && info->files.data &&
1838 !writenote(&info->files, cprm))
1841 for (i = 1; i < info->thread_notes; ++i)
1842 if (t->notes[i].data &&
1843 !writenote(&t->notes[i], cprm))
1853 static void free_note_info(struct elf_note_info *info)
1855 struct elf_thread_core_info *threads = info->thread;
1858 struct elf_thread_core_info *t = threads;
1860 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1861 for (i = 1; i < info->thread_notes; ++i)
1862 kfree(t->notes[i].data);
1865 kfree(info->psinfo.data);
1866 vfree(info->files.data);
1871 /* Here is the structure in which status of each thread is captured. */
1872 struct elf_thread_status
1874 struct list_head list;
1875 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1876 elf_fpregset_t fpu; /* NT_PRFPREG */
1877 struct task_struct *thread;
1878 #ifdef ELF_CORE_COPY_XFPREGS
1879 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1881 struct memelfnote notes[3];
1886 * In order to add the specific thread information for the elf file format,
1887 * we need to keep a linked list of every threads pr_status and then create
1888 * a single section for them in the final core file.
1890 static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1893 struct task_struct *p = t->thread;
1896 fill_prstatus(&t->prstatus, p, signr);
1897 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1899 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1902 sz += notesize(&t->notes[0]);
1904 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
1906 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
1909 sz += notesize(&t->notes[1]);
1912 #ifdef ELF_CORE_COPY_XFPREGS
1913 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
1914 fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
1915 sizeof(t->xfpu), &t->xfpu);
1917 sz += notesize(&t->notes[2]);
1923 struct elf_note_info {
1924 struct memelfnote *notes;
1925 struct memelfnote *notes_files;
1926 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1927 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1928 struct list_head thread_list;
1929 elf_fpregset_t *fpu;
1930 #ifdef ELF_CORE_COPY_XFPREGS
1931 elf_fpxregset_t *xfpu;
1933 user_siginfo_t csigdata;
1934 int thread_status_size;
1938 static int elf_note_info_init(struct elf_note_info *info)
1940 memset(info, 0, sizeof(*info));
1941 INIT_LIST_HEAD(&info->thread_list);
1943 /* Allocate space for ELF notes */
1944 info->notes = kmalloc(8 * sizeof(struct memelfnote), GFP_KERNEL);
1947 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
1950 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
1951 if (!info->prstatus)
1953 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
1956 #ifdef ELF_CORE_COPY_XFPREGS
1957 info->xfpu = kmalloc(sizeof(*info->xfpu), GFP_KERNEL);
1964 static int fill_note_info(struct elfhdr *elf, int phdrs,
1965 struct elf_note_info *info,
1966 const siginfo_t *siginfo, struct pt_regs *regs)
1968 struct list_head *t;
1969 struct core_thread *ct;
1970 struct elf_thread_status *ets;
1972 if (!elf_note_info_init(info))
1975 for (ct = current->mm->core_state->dumper.next;
1976 ct; ct = ct->next) {
1977 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
1981 ets->thread = ct->task;
1982 list_add(&ets->list, &info->thread_list);
1985 list_for_each(t, &info->thread_list) {
1988 ets = list_entry(t, struct elf_thread_status, list);
1989 sz = elf_dump_thread_status(siginfo->si_signo, ets);
1990 info->thread_status_size += sz;
1992 /* now collect the dump for the current */
1993 memset(info->prstatus, 0, sizeof(*info->prstatus));
1994 fill_prstatus(info->prstatus, current, siginfo->si_signo);
1995 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
1998 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
2001 * Set up the notes in similar form to SVR4 core dumps made
2002 * with info from their /proc.
2005 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
2006 sizeof(*info->prstatus), info->prstatus);
2007 fill_psinfo(info->psinfo, current->group_leader, current->mm);
2008 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
2009 sizeof(*info->psinfo), info->psinfo);
2011 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
2012 fill_auxv_note(info->notes + 3, current->mm);
2015 if (fill_files_note(info->notes + info->numnote) == 0) {
2016 info->notes_files = info->notes + info->numnote;
2020 /* Try to dump the FPU. */
2021 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
2023 if (info->prstatus->pr_fpvalid)
2024 fill_note(info->notes + info->numnote++,
2025 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
2026 #ifdef ELF_CORE_COPY_XFPREGS
2027 if (elf_core_copy_task_xfpregs(current, info->xfpu))
2028 fill_note(info->notes + info->numnote++,
2029 "LINUX", ELF_CORE_XFPREG_TYPE,
2030 sizeof(*info->xfpu), info->xfpu);
2036 static size_t get_note_info_size(struct elf_note_info *info)
2041 for (i = 0; i < info->numnote; i++)
2042 sz += notesize(info->notes + i);
2044 sz += info->thread_status_size;
2049 static int write_note_info(struct elf_note_info *info,
2050 struct coredump_params *cprm)
2053 struct list_head *t;
2055 for (i = 0; i < info->numnote; i++)
2056 if (!writenote(info->notes + i, cprm))
2059 /* write out the thread status notes section */
2060 list_for_each(t, &info->thread_list) {
2061 struct elf_thread_status *tmp =
2062 list_entry(t, struct elf_thread_status, list);
2064 for (i = 0; i < tmp->num_notes; i++)
2065 if (!writenote(&tmp->notes[i], cprm))
2072 static void free_note_info(struct elf_note_info *info)
2074 while (!list_empty(&info->thread_list)) {
2075 struct list_head *tmp = info->thread_list.next;
2077 kfree(list_entry(tmp, struct elf_thread_status, list));
2080 /* Free data possibly allocated by fill_files_note(): */
2081 if (info->notes_files)
2082 vfree(info->notes_files->data);
2084 kfree(info->prstatus);
2085 kfree(info->psinfo);
2088 #ifdef ELF_CORE_COPY_XFPREGS
2095 static struct vm_area_struct *first_vma(struct task_struct *tsk,
2096 struct vm_area_struct *gate_vma)
2098 struct vm_area_struct *ret = tsk->mm->mmap;
2105 * Helper function for iterating across a vma list. It ensures that the caller
2106 * will visit `gate_vma' prior to terminating the search.
2108 static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
2109 struct vm_area_struct *gate_vma)
2111 struct vm_area_struct *ret;
2113 ret = this_vma->vm_next;
2116 if (this_vma == gate_vma)
2121 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2122 elf_addr_t e_shoff, int segs)
2124 elf->e_shoff = e_shoff;
2125 elf->e_shentsize = sizeof(*shdr4extnum);
2127 elf->e_shstrndx = SHN_UNDEF;
2129 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2131 shdr4extnum->sh_type = SHT_NULL;
2132 shdr4extnum->sh_size = elf->e_shnum;
2133 shdr4extnum->sh_link = elf->e_shstrndx;
2134 shdr4extnum->sh_info = segs;
2140 * This is a two-pass process; first we find the offsets of the bits,
2141 * and then they are actually written out. If we run out of core limit
2144 static int elf_core_dump(struct coredump_params *cprm)
2149 size_t vma_data_size = 0;
2150 struct vm_area_struct *vma, *gate_vma;
2151 struct elfhdr *elf = NULL;
2152 loff_t offset = 0, dataoff;
2153 struct elf_note_info info = { };
2154 struct elf_phdr *phdr4note = NULL;
2155 struct elf_shdr *shdr4extnum = NULL;
2158 elf_addr_t *vma_filesz = NULL;
2161 * We no longer stop all VM operations.
2163 * This is because those proceses that could possibly change map_count
2164 * or the mmap / vma pages are now blocked in do_exit on current
2165 * finishing this core dump.
2167 * Only ptrace can touch these memory addresses, but it doesn't change
2168 * the map_count or the pages allocated. So no possibility of crashing
2169 * exists while dumping the mm->vm_next areas to the core file.
2172 /* alloc memory for large data structures: too large to be on stack */
2173 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
2177 * The number of segs are recored into ELF header as 16bit value.
2178 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2180 segs = current->mm->map_count;
2181 segs += elf_core_extra_phdrs();
2183 gate_vma = get_gate_vma(current->mm);
2184 if (gate_vma != NULL)
2187 /* for notes section */
2190 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2191 * this, kernel supports extended numbering. Have a look at
2192 * include/linux/elf.h for further information. */
2193 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2196 * Collect all the non-memory information about the process for the
2197 * notes. This also sets up the file header.
2199 if (!fill_note_info(elf, e_phnum, &info, cprm->siginfo, cprm->regs))
2207 offset += sizeof(*elf); /* Elf header */
2208 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2210 /* Write notes phdr entry */
2212 size_t sz = get_note_info_size(&info);
2214 sz += elf_coredump_extra_notes_size();
2216 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2220 fill_elf_note_phdr(phdr4note, sz, offset);
2224 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2226 if (segs - 1 > ULONG_MAX / sizeof(*vma_filesz))
2228 vma_filesz = vmalloc((segs - 1) * sizeof(*vma_filesz));
2232 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2233 vma = next_vma(vma, gate_vma)) {
2234 unsigned long dump_size;
2236 dump_size = vma_dump_size(vma, cprm->mm_flags);
2237 vma_filesz[i++] = dump_size;
2238 vma_data_size += dump_size;
2241 offset += vma_data_size;
2242 offset += elf_core_extra_data_size();
2245 if (e_phnum == PN_XNUM) {
2246 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2249 fill_extnum_info(elf, shdr4extnum, e_shoff, segs);
2254 if (!dump_emit(cprm, elf, sizeof(*elf)))
2257 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
2260 /* Write program headers for segments dump */
2261 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2262 vma = next_vma(vma, gate_vma)) {
2263 struct elf_phdr phdr;
2265 phdr.p_type = PT_LOAD;
2266 phdr.p_offset = offset;
2267 phdr.p_vaddr = vma->vm_start;
2269 phdr.p_filesz = vma_filesz[i++];
2270 phdr.p_memsz = vma->vm_end - vma->vm_start;
2271 offset += phdr.p_filesz;
2272 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
2273 if (vma->vm_flags & VM_WRITE)
2274 phdr.p_flags |= PF_W;
2275 if (vma->vm_flags & VM_EXEC)
2276 phdr.p_flags |= PF_X;
2277 phdr.p_align = ELF_EXEC_PAGESIZE;
2279 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
2283 if (!elf_core_write_extra_phdrs(cprm, offset))
2286 /* write out the notes section */
2287 if (!write_note_info(&info, cprm))
2290 if (elf_coredump_extra_notes_write(cprm))
2294 if (!dump_skip(cprm, dataoff - cprm->pos))
2297 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2298 vma = next_vma(vma, gate_vma)) {
2302 end = vma->vm_start + vma_filesz[i++];
2304 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
2308 page = get_dump_page(addr);
2310 void *kaddr = kmap(page);
2311 stop = !dump_emit(cprm, kaddr, PAGE_SIZE);
2315 stop = !dump_skip(cprm, PAGE_SIZE);
2320 dump_truncate(cprm);
2322 if (!elf_core_write_extra_data(cprm))
2325 if (e_phnum == PN_XNUM) {
2326 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
2334 free_note_info(&info);
2343 #endif /* CONFIG_ELF_CORE */
2345 static int __init init_elf_binfmt(void)
2347 register_binfmt(&elf_format);
2351 static void __exit exit_elf_binfmt(void)
2353 /* Remove the COFF and ELF loaders. */
2354 unregister_binfmt(&elf_format);
2357 core_initcall(init_elf_binfmt);
2358 module_exit(exit_elf_binfmt);
2359 MODULE_LICENSE("GPL");
projects / karo-tx-linux.git / blob