2 * linux/fs/binfmt_elf.c
4 * These are the functions used to load ELF format executables as used
5 * on SVr4 machines. Information on the format may be found in the book
6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
12 #include <linux/module.h>
13 #include <linux/kernel.h>
15 #include <linux/stat.h>
16 #include <linux/time.h>
18 #include <linux/mman.h>
19 #include <linux/a.out.h>
20 #include <linux/errno.h>
21 #include <linux/signal.h>
22 #include <linux/binfmts.h>
23 #include <linux/string.h>
24 #include <linux/file.h>
25 #include <linux/fcntl.h>
26 #include <linux/ptrace.h>
27 #include <linux/slab.h>
28 #include <linux/shm.h>
29 #include <linux/personality.h>
30 #include <linux/elfcore.h>
31 #include <linux/init.h>
32 #include <linux/highuid.h>
33 #include <linux/smp.h>
34 #include <linux/smp_lock.h>
35 #include <linux/compiler.h>
36 #include <linux/highmem.h>
37 #include <linux/pagemap.h>
38 #include <linux/security.h>
39 #include <linux/syscalls.h>
41 #include <asm/uaccess.h>
42 #include <asm/param.h>
43 #include <asm/pgalloc.h>
45 #include <linux/elf.h>
47 static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs);
48 static int load_elf_library(struct file*);
49 static unsigned long elf_map (struct file *, unsigned long, struct elf_phdr *, int, int);
50 extern int dump_fpu (struct pt_regs *, elf_fpregset_t *);
53 #define elf_addr_t unsigned long
57 * If we don't support core dumping, then supply a NULL so we
60 #ifdef USE_ELF_CORE_DUMP
61 static int elf_core_dump(long signr, struct pt_regs * regs, struct file * file);
63 #define elf_core_dump NULL
66 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
67 # define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
69 # define ELF_MIN_ALIGN PAGE_SIZE
72 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
73 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
74 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
76 static struct linux_binfmt elf_format = {
77 .module = THIS_MODULE,
78 .load_binary = load_elf_binary,
79 .load_shlib = load_elf_library,
80 .core_dump = elf_core_dump,
81 .min_coredump = ELF_EXEC_PAGESIZE
84 #define BAD_ADDR(x) ((unsigned long)(x) > TASK_SIZE)
86 static int set_brk(unsigned long start, unsigned long end)
88 start = ELF_PAGEALIGN(start);
89 end = ELF_PAGEALIGN(end);
91 unsigned long addr = do_brk(start, end - start);
95 current->mm->start_brk = current->mm->brk = end;
100 /* We need to explicitly zero any fractional pages
101 after the data section (i.e. bss). This would
102 contain the junk from the file that should not
106 static void padzero(unsigned long elf_bss)
110 nbyte = ELF_PAGEOFFSET(elf_bss);
112 nbyte = ELF_MIN_ALIGN - nbyte;
113 clear_user((void *) elf_bss, nbyte);
117 /* Let's use some macros to make this stack manipulation a litle clearer */
118 #ifdef CONFIG_STACK_GROWSUP
119 #define STACK_ADD(sp, items) ((elf_addr_t *)(sp) + (items))
120 #define STACK_ROUND(sp, items) \
121 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
122 #define STACK_ALLOC(sp, len) ({ elf_addr_t *old_sp = (elf_addr_t *)sp; sp += len; old_sp; })
124 #define STACK_ADD(sp, items) ((elf_addr_t *)(sp) - (items))
125 #define STACK_ROUND(sp, items) \
126 (((unsigned long) (sp - items)) &~ 15UL)
127 #define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
131 create_elf_tables(struct linux_binprm *bprm, struct elfhdr * exec,
132 int interp_aout, unsigned long load_addr,
133 unsigned long interp_load_addr)
135 unsigned long p = bprm->p;
136 int argc = bprm->argc;
137 int envc = bprm->envc;
138 elf_addr_t *argv, *envp;
139 elf_addr_t *sp, *u_platform;
140 const char *k_platform = ELF_PLATFORM;
142 elf_addr_t *elf_info;
144 struct task_struct *tsk = current;
147 * If this architecture has a platform capability string, copy it
148 * to userspace. In some cases (Sparc), this info is impossible
149 * for userspace to get any other way, in others (i386) it is
155 size_t len = strlen(k_platform) + 1;
159 * In some cases (e.g. Hyper-Threading), we want to avoid L1
160 * evictions by the processes running on the same package. One
161 * thing we can do is to shuffle the initial stack for them.
163 * The conditionals here are unneeded, but kept in to make the
164 * code behaviour the same as pre change unless we have
165 * hyperthreaded processors. This should be cleaned up
169 if (smp_num_siblings > 1)
170 STACK_ALLOC(p, ((current->pid % 64) << 7));
172 u_platform = (elf_addr_t *)STACK_ALLOC(p, len);
173 __copy_to_user(u_platform, k_platform, len);
176 /* Create the ELF interpreter info */
177 elf_info = (elf_addr_t *) current->mm->saved_auxv;
178 #define NEW_AUX_ENT(id, val) \
179 do { elf_info[ei_index++] = id; elf_info[ei_index++] = val; } while (0)
183 * ARCH_DLINFO must come first so PPC can do its special alignment of
188 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
189 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
190 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
191 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
192 NEW_AUX_ENT(AT_PHENT, sizeof (struct elf_phdr));
193 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
194 NEW_AUX_ENT(AT_BASE, interp_load_addr);
195 NEW_AUX_ENT(AT_FLAGS, 0);
196 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
197 NEW_AUX_ENT(AT_UID, (elf_addr_t) tsk->uid);
198 NEW_AUX_ENT(AT_EUID, (elf_addr_t) tsk->euid);
199 NEW_AUX_ENT(AT_GID, (elf_addr_t) tsk->gid);
200 NEW_AUX_ENT(AT_EGID, (elf_addr_t) tsk->egid);
201 NEW_AUX_ENT(AT_SECURE, (elf_addr_t) security_bprm_secureexec(bprm));
203 NEW_AUX_ENT(AT_PLATFORM, (elf_addr_t)(long)u_platform);
206 /* AT_NULL is zero; clear the rest too */
207 memset(&elf_info[ei_index], 0,
208 sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
210 /* And advance past the AT_NULL entry. */
213 sp = STACK_ADD(p, ei_index);
215 items = (argc + 1) + (envc + 1);
217 items += 3; /* a.out interpreters require argv & envp too */
219 items += 1; /* ELF interpreters only put argc on the stack */
221 bprm->p = STACK_ROUND(sp, items);
223 /* Point sp at the lowest address on the stack */
224 #ifdef CONFIG_STACK_GROWSUP
225 sp = (elf_addr_t *)bprm->p - items - ei_index;
226 bprm->exec = (unsigned long) sp; /* XXX: PARISC HACK */
228 sp = (elf_addr_t *)bprm->p;
231 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
232 __put_user(argc, sp++);
235 envp = argv + argc + 1;
236 __put_user((elf_addr_t)(long)argv, sp++);
237 __put_user((elf_addr_t)(long)envp, sp++);
240 envp = argv + argc + 1;
243 /* Populate argv and envp */
244 p = current->mm->arg_start;
247 __put_user((elf_addr_t)p, argv++);
248 len = strnlen_user((void *)p, PAGE_SIZE*MAX_ARG_PAGES);
249 if (!len || len > PAGE_SIZE*MAX_ARG_PAGES)
254 current->mm->arg_end = current->mm->env_start = p;
257 __put_user((elf_addr_t)p, envp++);
258 len = strnlen_user((void *)p, PAGE_SIZE*MAX_ARG_PAGES);
259 if (!len || len > PAGE_SIZE*MAX_ARG_PAGES)
264 current->mm->env_end = p;
266 /* Put the elf_info on the stack in the right place. */
267 sp = (elf_addr_t *)envp + 1;
268 copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t));
273 static unsigned long elf_map(struct file *filep, unsigned long addr,
274 struct elf_phdr *eppnt, int prot, int type)
276 unsigned long map_addr;
278 down_write(¤t->mm->mmap_sem);
279 map_addr = do_mmap(filep, ELF_PAGESTART(addr),
280 eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr), prot, type,
281 eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr));
282 up_write(¤t->mm->mmap_sem);
286 #endif /* !elf_map */
288 /* This is much more generalized than the library routine read function,
289 so we keep this separate. Technically the library read function
290 is only provided so that we can read a.out libraries that have
293 static unsigned long load_elf_interp(struct elfhdr * interp_elf_ex,
294 struct file * interpreter,
295 unsigned long *interp_load_addr)
297 struct elf_phdr *elf_phdata;
298 struct elf_phdr *eppnt;
299 unsigned long load_addr = 0;
300 int load_addr_set = 0;
301 unsigned long last_bss = 0, elf_bss = 0;
302 unsigned long error = ~0UL;
305 /* First of all, some simple consistency checks */
306 if (interp_elf_ex->e_type != ET_EXEC &&
307 interp_elf_ex->e_type != ET_DYN)
309 if (!elf_check_arch(interp_elf_ex))
311 if (!interpreter->f_op || !interpreter->f_op->mmap)
315 * If the size of this structure has changed, then punt, since
316 * we will be doing the wrong thing.
318 if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
320 if (interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
323 /* Now read in all of the header information */
325 size = sizeof(struct elf_phdr) * interp_elf_ex->e_phnum;
326 if (size > ELF_MIN_ALIGN)
328 elf_phdata = (struct elf_phdr *) kmalloc(size, GFP_KERNEL);
332 retval = kernel_read(interpreter,interp_elf_ex->e_phoff,(char *)elf_phdata,size);
338 for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) {
339 if (eppnt->p_type == PT_LOAD) {
340 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
342 unsigned long vaddr = 0;
343 unsigned long k, map_addr;
345 if (eppnt->p_flags & PF_R) elf_prot = PROT_READ;
346 if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
347 if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
348 vaddr = eppnt->p_vaddr;
349 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
350 elf_type |= MAP_FIXED;
352 map_addr = elf_map(interpreter, load_addr + vaddr, eppnt, elf_prot, elf_type);
354 if (BAD_ADDR(map_addr))
357 if (!load_addr_set && interp_elf_ex->e_type == ET_DYN) {
358 load_addr = map_addr - ELF_PAGESTART(vaddr);
363 * Check to see if the section's size will overflow the
364 * allowed task size. Note that p_filesz must always be
365 * <= p_memsize so it is only necessary to check p_memsz.
367 k = load_addr + eppnt->p_vaddr;
368 if (k > TASK_SIZE || eppnt->p_filesz > eppnt->p_memsz ||
369 eppnt->p_memsz > TASK_SIZE || TASK_SIZE - eppnt->p_memsz < k) {
375 * Find the end of the file mapping for this phdr, and keep
376 * track of the largest address we see for this.
378 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
383 * Do the same thing for the memory mapping - between
384 * elf_bss and last_bss is the bss section.
386 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
393 * Now fill out the bss section. First pad the last page up
394 * to the page boundary, and then perform a mmap to make sure
395 * that there are zero-mapped pages up to and including the
399 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1); /* What we have mapped so far */
401 /* Map the last of the bss segment */
402 if (last_bss > elf_bss) {
403 error = do_brk(elf_bss, last_bss - elf_bss);
408 *interp_load_addr = load_addr;
409 error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
417 static unsigned long load_aout_interp(struct exec * interp_ex,
418 struct file * interpreter)
420 unsigned long text_data, elf_entry = ~0UL;
424 current->mm->end_code = interp_ex->a_text;
425 text_data = interp_ex->a_text + interp_ex->a_data;
426 current->mm->end_data = text_data;
427 current->mm->brk = interp_ex->a_bss + text_data;
429 switch (N_MAGIC(*interp_ex)) {
436 offset = N_TXTOFF(*interp_ex);
437 addr = (char *) N_TXTADDR(*interp_ex);
443 do_brk(0, text_data);
444 if (!interpreter->f_op || !interpreter->f_op->read)
446 if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
448 flush_icache_range((unsigned long)addr,
449 (unsigned long)addr + text_data);
451 do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
453 elf_entry = interp_ex->a_entry;
460 * These are the functions used to load ELF style executables and shared
461 * libraries. There is no binary dependent code anywhere else.
464 #define INTERPRETER_NONE 0
465 #define INTERPRETER_AOUT 1
466 #define INTERPRETER_ELF 2
469 static int load_elf_binary(struct linux_binprm * bprm, struct pt_regs * regs)
471 struct file *interpreter = NULL; /* to shut gcc up */
472 unsigned long load_addr = 0, load_bias = 0;
473 int load_addr_set = 0;
474 char * elf_interpreter = NULL;
475 unsigned int interpreter_type = INTERPRETER_NONE;
476 unsigned char ibcs2_interpreter = 0;
478 struct elf_phdr * elf_ppnt, *elf_phdata;
479 unsigned long elf_bss, elf_brk;
483 unsigned long elf_entry, interp_load_addr = 0;
484 unsigned long start_code, end_code, start_data, end_data;
485 unsigned long reloc_func_desc = 0;
486 struct elfhdr elf_ex;
487 struct elfhdr interp_elf_ex;
488 struct exec interp_ex;
489 char passed_fileno[6];
490 struct files_struct *files;
491 int executable_stack = EXSTACK_DEFAULT;
493 /* Get the exec-header */
494 elf_ex = *((struct elfhdr *) bprm->buf);
497 /* First of all, some simple consistency checks */
498 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
501 if (elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN)
503 if (!elf_check_arch(&elf_ex))
505 if (!bprm->file->f_op||!bprm->file->f_op->mmap)
508 /* Now read in all of the header information */
511 if (elf_ex.e_phentsize != sizeof(struct elf_phdr))
513 if (elf_ex.e_phnum > 65536U / sizeof(struct elf_phdr))
515 size = elf_ex.e_phnum * sizeof(struct elf_phdr);
516 elf_phdata = (struct elf_phdr *) kmalloc(size, GFP_KERNEL);
520 retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *) elf_phdata, size);
524 files = current->files; /* Refcounted so ok */
525 retval = unshare_files();
528 if (files == current->files) {
529 put_files_struct(files);
533 /* exec will make our files private anyway, but for the a.out
534 loader stuff we need to do it earlier */
536 retval = get_unused_fd();
539 get_file(bprm->file);
540 fd_install(elf_exec_fileno = retval, bprm->file);
542 elf_ppnt = elf_phdata;
551 for (i = 0; i < elf_ex.e_phnum; i++) {
552 if (elf_ppnt->p_type == PT_INTERP) {
553 /* This is the program interpreter used for
554 * shared libraries - for now assume that this
555 * is an a.out format binary
559 if (elf_ppnt->p_filesz > PATH_MAX)
561 elf_interpreter = (char *) kmalloc(elf_ppnt->p_filesz,
563 if (!elf_interpreter)
566 retval = kernel_read(bprm->file, elf_ppnt->p_offset,
570 goto out_free_interp;
571 /* If the program interpreter is one of these two,
572 * then assume an iBCS2 image. Otherwise assume
573 * a native linux image.
575 if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 ||
576 strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0)
577 ibcs2_interpreter = 1;
580 * The early SET_PERSONALITY here is so that the lookup
581 * for the interpreter happens in the namespace of the
582 * to-be-execed image. SET_PERSONALITY can select an
585 * However, SET_PERSONALITY is NOT allowed to switch
586 * this task into the new images's memory mapping
587 * policy - that is, TASK_SIZE must still evaluate to
588 * that which is appropriate to the execing application.
589 * This is because exit_mmap() needs to have TASK_SIZE
590 * evaluate to the size of the old image.
592 * So if (say) a 64-bit application is execing a 32-bit
593 * application it is the architecture's responsibility
594 * to defer changing the value of TASK_SIZE until the
595 * switch really is going to happen - do this in
596 * flush_thread(). - akpm
598 SET_PERSONALITY(elf_ex, ibcs2_interpreter);
600 interpreter = open_exec(elf_interpreter);
601 retval = PTR_ERR(interpreter);
602 if (IS_ERR(interpreter))
603 goto out_free_interp;
604 retval = kernel_read(interpreter, 0, bprm->buf, BINPRM_BUF_SIZE);
606 goto out_free_dentry;
608 /* Get the exec headers */
609 interp_ex = *((struct exec *) bprm->buf);
610 interp_elf_ex = *((struct elfhdr *) bprm->buf);
616 elf_ppnt = elf_phdata;
617 for (i = 0; i < elf_ex.e_phnum; i++, elf_ppnt++)
618 if (elf_ppnt->p_type == PT_GNU_STACK) {
619 if (elf_ppnt->p_flags & PF_X)
620 executable_stack = EXSTACK_ENABLE_X;
622 executable_stack = EXSTACK_DISABLE_X;
625 /* Some simple consistency checks for the interpreter */
626 if (elf_interpreter) {
627 interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT;
629 /* Now figure out which format our binary is */
630 if ((N_MAGIC(interp_ex) != OMAGIC) &&
631 (N_MAGIC(interp_ex) != ZMAGIC) &&
632 (N_MAGIC(interp_ex) != QMAGIC))
633 interpreter_type = INTERPRETER_ELF;
635 if (memcmp(interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
636 interpreter_type &= ~INTERPRETER_ELF;
639 if (!interpreter_type)
640 goto out_free_dentry;
642 /* Make sure only one type was selected */
643 if ((interpreter_type & INTERPRETER_ELF) &&
644 interpreter_type != INTERPRETER_ELF) {
645 // FIXME - ratelimit this before re-enabling
646 // printk(KERN_WARNING "ELF: Ambiguous type, using ELF\n");
647 interpreter_type = INTERPRETER_ELF;
649 /* Verify the interpreter has a valid arch */
650 if ((interpreter_type == INTERPRETER_ELF) &&
651 !elf_check_arch(&interp_elf_ex))
652 goto out_free_dentry;
654 /* Executables without an interpreter also need a personality */
655 SET_PERSONALITY(elf_ex, ibcs2_interpreter);
658 /* OK, we are done with that, now set up the arg stuff,
659 and then start this sucker up */
661 if ((!bprm->sh_bang) && (interpreter_type == INTERPRETER_AOUT)) {
662 char *passed_p = passed_fileno;
663 sprintf(passed_fileno, "%d", elf_exec_fileno);
665 if (elf_interpreter) {
666 retval = copy_strings_kernel(1, &passed_p, bprm);
668 goto out_free_dentry;
673 /* Flush all traces of the currently running executable */
674 retval = flush_old_exec(bprm);
676 goto out_free_dentry;
678 /* Discard our unneeded old files struct */
681 put_files_struct(files);
685 /* OK, This is the point of no return */
686 current->mm->start_data = 0;
687 current->mm->end_data = 0;
688 current->mm->end_code = 0;
689 current->mm->mmap = NULL;
690 current->flags &= ~PF_FORKNOEXEC;
692 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
693 may depend on the personality. */
694 SET_PERSONALITY(elf_ex, ibcs2_interpreter);
696 /* Do this so that we can load the interpreter, if need be. We will
697 change some of these later */
698 current->mm->rss = 0;
699 current->mm->free_area_cache = TASK_UNMAPPED_BASE;
700 retval = setup_arg_pages(bprm, executable_stack);
702 send_sig(SIGKILL, current, 0);
703 goto out_free_dentry;
706 current->mm->start_stack = bprm->p;
708 /* Now we do a little grungy work by mmaping the ELF image into
709 the correct location in memory. At this point, we assume that
710 the image should be loaded at fixed address, not at a variable
713 for(i = 0, elf_ppnt = elf_phdata; i < elf_ex.e_phnum; i++, elf_ppnt++) {
714 int elf_prot = 0, elf_flags;
715 unsigned long k, vaddr;
717 if (elf_ppnt->p_type != PT_LOAD)
720 if (unlikely (elf_brk > elf_bss)) {
723 /* There was a PT_LOAD segment with p_memsz > p_filesz
724 before this one. Map anonymous pages, if needed,
725 and clear the area. */
726 retval = set_brk (elf_bss + load_bias,
727 elf_brk + load_bias);
729 send_sig(SIGKILL, current, 0);
730 goto out_free_dentry;
732 nbyte = ELF_PAGEOFFSET(elf_bss);
734 nbyte = ELF_MIN_ALIGN - nbyte;
735 if (nbyte > elf_brk - elf_bss)
736 nbyte = elf_brk - elf_bss;
737 clear_user((void *) elf_bss + load_bias, nbyte);
741 if (elf_ppnt->p_flags & PF_R) elf_prot |= PROT_READ;
742 if (elf_ppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
743 if (elf_ppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
745 elf_flags = MAP_PRIVATE|MAP_DENYWRITE|MAP_EXECUTABLE;
747 vaddr = elf_ppnt->p_vaddr;
748 if (elf_ex.e_type == ET_EXEC || load_addr_set) {
749 elf_flags |= MAP_FIXED;
750 } else if (elf_ex.e_type == ET_DYN) {
751 /* Try and get dynamic programs out of the way of the default mmap
752 base, as well as whatever program they might try to exec. This
753 is because the brk will follow the loader, and is not movable. */
754 load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
757 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags);
761 if (!load_addr_set) {
763 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
764 if (elf_ex.e_type == ET_DYN) {
766 ELF_PAGESTART(load_bias + vaddr);
767 load_addr += load_bias;
768 reloc_func_desc = load_bias;
771 k = elf_ppnt->p_vaddr;
772 if (k < start_code) start_code = k;
773 if (start_data < k) start_data = k;
776 * Check to see if the section's size will overflow the
777 * allowed task size. Note that p_filesz must always be
778 * <= p_memsz so it is only necessary to check p_memsz.
780 if (k > TASK_SIZE || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
781 elf_ppnt->p_memsz > TASK_SIZE ||
782 TASK_SIZE - elf_ppnt->p_memsz < k) {
783 /* set_brk can never work. Avoid overflows. */
784 send_sig(SIGKILL, current, 0);
785 goto out_free_dentry;
788 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
792 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
796 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
801 elf_ex.e_entry += load_bias;
802 elf_bss += load_bias;
803 elf_brk += load_bias;
804 start_code += load_bias;
805 end_code += load_bias;
806 start_data += load_bias;
807 end_data += load_bias;
809 /* Calling set_brk effectively mmaps the pages that we need
810 * for the bss and break sections. We must do this before
811 * mapping in the interpreter, to make sure it doesn't wind
812 * up getting placed where the bss needs to go.
814 retval = set_brk(elf_bss, elf_brk);
816 send_sig(SIGKILL, current, 0);
817 goto out_free_dentry;
821 if (elf_interpreter) {
822 if (interpreter_type == INTERPRETER_AOUT)
823 elf_entry = load_aout_interp(&interp_ex,
826 elf_entry = load_elf_interp(&interp_elf_ex,
829 if (BAD_ADDR(elf_entry)) {
830 printk(KERN_ERR "Unable to load interpreter\n");
831 send_sig(SIGSEGV, current, 0);
832 retval = -ENOEXEC; /* Nobody gets to see this, but.. */
833 goto out_free_dentry;
835 reloc_func_desc = interp_load_addr;
837 allow_write_access(interpreter);
839 kfree(elf_interpreter);
841 elf_entry = elf_ex.e_entry;
846 if (interpreter_type != INTERPRETER_AOUT)
847 sys_close(elf_exec_fileno);
849 set_binfmt(&elf_format);
852 current->flags &= ~PF_FORKNOEXEC;
853 create_elf_tables(bprm, &elf_ex, (interpreter_type == INTERPRETER_AOUT),
854 load_addr, interp_load_addr);
855 /* N.B. passed_fileno might not be initialized? */
856 if (interpreter_type == INTERPRETER_AOUT)
857 current->mm->arg_start += strlen(passed_fileno) + 1;
858 current->mm->end_code = end_code;
859 current->mm->start_code = start_code;
860 current->mm->start_data = start_data;
861 current->mm->end_data = end_data;
862 current->mm->start_stack = bprm->p;
864 if (current->personality & MMAP_PAGE_ZERO) {
865 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
866 and some applications "depend" upon this behavior.
867 Since we do not have the power to recompile these, we
868 emulate the SVr4 behavior. Sigh. */
869 down_write(¤t->mm->mmap_sem);
870 error = do_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
871 MAP_FIXED | MAP_PRIVATE, 0);
872 up_write(¤t->mm->mmap_sem);
877 * The ABI may specify that certain registers be set up in special
878 * ways (on i386 %edx is the address of a DT_FINI function, for
879 * example. In addition, it may also specify (eg, PowerPC64 ELF)
880 * that the e_entry field is the address of the function descriptor
881 * for the startup routine, rather than the address of the startup
882 * routine itself. This macro performs whatever initialization to
883 * the regs structure is required as well as any relocations to the
884 * function descriptor entries when executing dynamically links apps.
886 ELF_PLAT_INIT(regs, reloc_func_desc);
889 start_thread(regs, elf_entry, bprm->p);
890 if (unlikely(current->ptrace & PT_PTRACED)) {
891 if (current->ptrace & PT_TRACE_EXEC)
892 ptrace_notify ((PTRACE_EVENT_EXEC << 8) | SIGTRAP);
894 send_sig(SIGTRAP, current, 0);
902 allow_write_access(interpreter);
907 kfree(elf_interpreter);
909 sys_close(elf_exec_fileno);
912 put_files_struct(current->files);
913 current->files = files;
920 /* This is really simpleminded and specialized - we are loading an
921 a.out library that is given an ELF header. */
923 static int load_elf_library(struct file *file)
925 struct elf_phdr *elf_phdata;
926 unsigned long elf_bss, bss, len;
927 int retval, error, i, j;
928 struct elfhdr elf_ex;
931 retval = kernel_read(file, 0, (char *) &elf_ex, sizeof(elf_ex));
932 if (retval != sizeof(elf_ex))
935 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
938 /* First of all, some simple consistency checks */
939 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
940 !elf_check_arch(&elf_ex) || !file->f_op || !file->f_op->mmap)
943 /* Now read in all of the header information */
945 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
946 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
949 elf_phdata = (struct elf_phdr *) kmalloc(j, GFP_KERNEL);
954 retval = kernel_read(file, elf_ex.e_phoff, (char *) elf_phdata, j);
958 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
959 if ((elf_phdata + i)->p_type == PT_LOAD) j++;
963 while (elf_phdata->p_type != PT_LOAD) elf_phdata++;
965 /* Now use mmap to map the library into memory. */
966 down_write(¤t->mm->mmap_sem);
967 error = do_mmap(file,
968 ELF_PAGESTART(elf_phdata->p_vaddr),
969 (elf_phdata->p_filesz +
970 ELF_PAGEOFFSET(elf_phdata->p_vaddr)),
971 PROT_READ | PROT_WRITE | PROT_EXEC,
972 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
973 (elf_phdata->p_offset -
974 ELF_PAGEOFFSET(elf_phdata->p_vaddr)));
975 up_write(¤t->mm->mmap_sem);
976 if (error != ELF_PAGESTART(elf_phdata->p_vaddr))
979 elf_bss = elf_phdata->p_vaddr + elf_phdata->p_filesz;
982 len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
983 bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
985 do_brk(len, bss - len);
995 * Note that some platforms still use traditional core dumps and not
996 * the ELF core dump. Each platform can select it as appropriate.
998 #ifdef USE_ELF_CORE_DUMP
1003 * Modelled on fs/exec.c:aout_core_dump()
1004 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1007 * These are the only things you should do on a core-file: use only these
1008 * functions to write out all the necessary info.
1010 static int dump_write(struct file *file, const void *addr, int nr)
1012 return file->f_op->write(file, addr, nr, &file->f_pos) == nr;
1015 static int dump_seek(struct file *file, off_t off)
1017 if (file->f_op->llseek) {
1018 if (file->f_op->llseek(file, off, 0) != off)
1026 * Decide whether a segment is worth dumping; default is yes to be
1027 * sure (missing info is worse than too much; etc).
1028 * Personally I'd include everything, and use the coredump limit...
1030 * I think we should skip something. But I am not sure how. H.J.
1032 static int maydump(struct vm_area_struct *vma)
1035 * If we may not read the contents, don't allow us to dump
1036 * them either. "dump_write()" can't handle it anyway.
1038 if (!(vma->vm_flags & VM_READ))
1041 /* Do not dump I/O mapped devices! -DaveM */
1042 if (vma->vm_flags & VM_IO)
1045 if (vma->vm_flags & (VM_WRITE|VM_GROWSUP|VM_GROWSDOWN))
1047 if (vma->vm_flags & (VM_READ|VM_EXEC|VM_EXECUTABLE|VM_SHARED))
1053 #define roundup(x, y) ((((x)+((y)-1))/(y))*(y))
1055 /* An ELF note in memory */
1060 unsigned int datasz;
1064 static int notesize(struct memelfnote *en)
1068 sz = sizeof(struct elf_note);
1069 sz += roundup(strlen(en->name) + 1, 4);
1070 sz += roundup(en->datasz, 4);
1075 #define DUMP_WRITE(addr, nr) \
1076 do { if (!dump_write(file, (addr), (nr))) return 0; } while(0)
1077 #define DUMP_SEEK(off) \
1078 do { if (!dump_seek(file, (off))) return 0; } while(0)
1080 static int writenote(struct memelfnote *men, struct file *file)
1084 en.n_namesz = strlen(men->name) + 1;
1085 en.n_descsz = men->datasz;
1086 en.n_type = men->type;
1088 DUMP_WRITE(&en, sizeof(en));
1089 DUMP_WRITE(men->name, en.n_namesz);
1090 /* XXX - cast from long long to long to avoid need for libgcc.a */
1091 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); /* XXX */
1092 DUMP_WRITE(men->data, men->datasz);
1093 DUMP_SEEK(roundup((unsigned long)file->f_pos, 4)); /* XXX */
1100 #define DUMP_WRITE(addr, nr) \
1101 if ((size += (nr)) > limit || !dump_write(file, (addr), (nr))) \
1103 #define DUMP_SEEK(off) \
1104 if (!dump_seek(file, (off))) \
1107 static inline void fill_elf_header(struct elfhdr *elf, int segs)
1109 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1110 elf->e_ident[EI_CLASS] = ELF_CLASS;
1111 elf->e_ident[EI_DATA] = ELF_DATA;
1112 elf->e_ident[EI_VERSION] = EV_CURRENT;
1113 elf->e_ident[EI_OSABI] = ELF_OSABI;
1114 memset(elf->e_ident+EI_PAD, 0, EI_NIDENT-EI_PAD);
1116 elf->e_type = ET_CORE;
1117 elf->e_machine = ELF_ARCH;
1118 elf->e_version = EV_CURRENT;
1120 elf->e_phoff = sizeof(struct elfhdr);
1123 elf->e_ehsize = sizeof(struct elfhdr);
1124 elf->e_phentsize = sizeof(struct elf_phdr);
1125 elf->e_phnum = segs;
1126 elf->e_shentsize = 0;
1128 elf->e_shstrndx = 0;
1132 static inline void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
1134 phdr->p_type = PT_NOTE;
1135 phdr->p_offset = offset;
1138 phdr->p_filesz = sz;
1145 static void fill_note(struct memelfnote *note, const char *name, int type,
1146 unsigned int sz, void *data)
1156 * fill up all the fields in prstatus from the given task struct, except registers
1157 * which need to be filled up separately.
1159 static void fill_prstatus(struct elf_prstatus *prstatus,
1160 struct task_struct *p, long signr)
1162 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1163 prstatus->pr_sigpend = p->pending.signal.sig[0];
1164 prstatus->pr_sighold = p->blocked.sig[0];
1165 prstatus->pr_pid = p->pid;
1166 prstatus->pr_ppid = p->parent->pid;
1167 prstatus->pr_pgrp = process_group(p);
1168 prstatus->pr_sid = p->signal->session;
1169 jiffies_to_timeval(p->utime, &prstatus->pr_utime);
1170 jiffies_to_timeval(p->stime, &prstatus->pr_stime);
1171 jiffies_to_timeval(p->cutime, &prstatus->pr_cutime);
1172 jiffies_to_timeval(p->cstime, &prstatus->pr_cstime);
1175 static void fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1176 struct mm_struct *mm)
1180 /* first copy the parameters from user space */
1181 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1183 len = mm->arg_end - mm->arg_start;
1184 if (len >= ELF_PRARGSZ)
1185 len = ELF_PRARGSZ-1;
1186 copy_from_user(&psinfo->pr_psargs,
1187 (const char *)mm->arg_start, len);
1188 for(i = 0; i < len; i++)
1189 if (psinfo->pr_psargs[i] == 0)
1190 psinfo->pr_psargs[i] = ' ';
1191 psinfo->pr_psargs[len] = 0;
1193 psinfo->pr_pid = p->pid;
1194 psinfo->pr_ppid = p->parent->pid;
1195 psinfo->pr_pgrp = process_group(p);
1196 psinfo->pr_sid = p->signal->session;
1198 i = p->state ? ffz(~p->state) + 1 : 0;
1199 psinfo->pr_state = i;
1200 psinfo->pr_sname = (i < 0 || i > 5) ? '.' : "RSDTZW"[i];
1201 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1202 psinfo->pr_nice = task_nice(p);
1203 psinfo->pr_flag = p->flags;
1204 SET_UID(psinfo->pr_uid, p->uid);
1205 SET_GID(psinfo->pr_gid, p->gid);
1206 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1211 /* Here is the structure in which status of each thread is captured. */
1212 struct elf_thread_status
1214 struct list_head list;
1215 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1216 elf_fpregset_t fpu; /* NT_PRFPREG */
1217 #ifdef ELF_CORE_COPY_XFPREGS
1218 elf_fpxregset_t xfpu; /* NT_PRXFPREG */
1220 struct memelfnote notes[3];
1225 * In order to add the specific thread information for the elf file format,
1226 * we need to keep a linked list of every threads pr_status and then
1227 * create a single section for them in the final core file.
1229 static int elf_dump_thread_status(long signr, struct task_struct * p, struct list_head * thread_list)
1232 struct elf_thread_status *t;
1235 t = kmalloc(sizeof(*t), GFP_ATOMIC);
1238 memset(t, 0, sizeof(*t));
1240 INIT_LIST_HEAD(&t->list);
1243 fill_prstatus(&t->prstatus, p, signr);
1244 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1246 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus), &(t->prstatus));
1248 sz += notesize(&t->notes[0]);
1250 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL, &t->fpu))) {
1251 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu), &(t->fpu));
1253 sz += notesize(&t->notes[1]);
1256 #ifdef ELF_CORE_COPY_XFPREGS
1257 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
1258 fill_note(&t->notes[2], "LINUX", NT_PRXFPREG, sizeof(t->xfpu), &t->xfpu);
1260 sz += notesize(&t->notes[2]);
1263 list_add(&t->list, thread_list);
1270 * This is a two-pass process; first we find the offsets of the bits,
1271 * and then they are actually written out. If we run out of core limit
1274 static int elf_core_dump(long signr, struct pt_regs * regs, struct file * file)
1282 struct vm_area_struct *vma;
1283 struct elfhdr *elf = NULL;
1284 off_t offset = 0, dataoff;
1285 unsigned long limit = current->rlim[RLIMIT_CORE].rlim_cur;
1287 struct memelfnote *notes = NULL;
1288 struct elf_prstatus *prstatus = NULL; /* NT_PRSTATUS */
1289 struct elf_prpsinfo *psinfo = NULL; /* NT_PRPSINFO */
1290 struct task_struct *g, *p;
1291 LIST_HEAD(thread_list);
1292 struct list_head *t;
1293 elf_fpregset_t *fpu = NULL;
1294 #ifdef ELF_CORE_COPY_XFPREGS
1295 elf_fpxregset_t *xfpu = NULL;
1297 int thread_status_size = 0;
1301 * We no longer stop all VM operations.
1303 * This is because those proceses that could possibly change map_count or
1304 * the mmap / vma pages are now blocked in do_exit on current finishing
1307 * Only ptrace can touch these memory addresses, but it doesn't change
1308 * the map_count or the pages allocated. So no possibility of crashing
1309 * exists while dumping the mm->vm_next areas to the core file.
1312 /* alloc memory for large data structures: too large to be on stack */
1313 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
1316 prstatus = kmalloc(sizeof(*prstatus), GFP_KERNEL);
1319 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1322 notes = kmalloc(NUM_NOTES * sizeof(struct memelfnote), GFP_KERNEL);
1325 fpu = kmalloc(sizeof(*fpu), GFP_KERNEL);
1328 #ifdef ELF_CORE_COPY_XFPREGS
1329 xfpu = kmalloc(sizeof(*xfpu), GFP_KERNEL);
1334 /* capture the status of all other threads */
1336 read_lock(&tasklist_lock);
1338 if (current->mm == p->mm && current != p) {
1339 int sz = elf_dump_thread_status(signr, p, &thread_list);
1341 read_unlock(&tasklist_lock);
1344 thread_status_size += sz;
1346 while_each_thread(g,p);
1347 read_unlock(&tasklist_lock);
1350 /* now collect the dump for the current */
1351 memset(prstatus, 0, sizeof(*prstatus));
1352 fill_prstatus(prstatus, current, signr);
1353 elf_core_copy_regs(&prstatus->pr_reg, regs);
1355 segs = current->mm->map_count;
1356 #ifdef ELF_CORE_EXTRA_PHDRS
1357 segs += ELF_CORE_EXTRA_PHDRS;
1361 fill_elf_header(elf, segs+1); /* including notes section */
1364 current->flags |= PF_DUMPCORE;
1367 * Set up the notes in similar form to SVR4 core dumps made
1368 * with info from their /proc.
1371 fill_note(notes +0, "CORE", NT_PRSTATUS, sizeof(*prstatus), prstatus);
1373 fill_psinfo(psinfo, current->group_leader, current->mm);
1374 fill_note(notes +1, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1376 fill_note(notes +2, "CORE", NT_TASKSTRUCT, sizeof(*current), current);
1380 auxv = (elf_addr_t *) current->mm->saved_auxv;
1385 while (auxv[i - 2] != AT_NULL);
1386 fill_note(¬es[numnote++], "CORE", NT_AUXV,
1387 i * sizeof (elf_addr_t), auxv);
1389 /* Try to dump the FPU. */
1390 if ((prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs, fpu)))
1391 fill_note(notes + numnote++,
1392 "CORE", NT_PRFPREG, sizeof(*fpu), fpu);
1393 #ifdef ELF_CORE_COPY_XFPREGS
1394 if (elf_core_copy_task_xfpregs(current, xfpu))
1395 fill_note(notes + numnote++,
1396 "LINUX", NT_PRXFPREG, sizeof(*xfpu), xfpu);
1402 DUMP_WRITE(elf, sizeof(*elf));
1403 offset += sizeof(*elf); /* Elf header */
1404 offset += (segs+1) * sizeof(struct elf_phdr); /* Program headers */
1406 /* Write notes phdr entry */
1408 struct elf_phdr phdr;
1411 for (i = 0; i < numnote; i++)
1412 sz += notesize(notes + i);
1414 sz += thread_status_size;
1416 fill_elf_note_phdr(&phdr, sz, offset);
1418 DUMP_WRITE(&phdr, sizeof(phdr));
1421 /* Page-align dumped data */
1422 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
1424 /* Write program headers for segments dump */
1425 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1426 struct elf_phdr phdr;
1429 sz = vma->vm_end - vma->vm_start;
1431 phdr.p_type = PT_LOAD;
1432 phdr.p_offset = offset;
1433 phdr.p_vaddr = vma->vm_start;
1435 phdr.p_filesz = maydump(vma) ? sz : 0;
1437 offset += phdr.p_filesz;
1438 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
1439 if (vma->vm_flags & VM_WRITE) phdr.p_flags |= PF_W;
1440 if (vma->vm_flags & VM_EXEC) phdr.p_flags |= PF_X;
1441 phdr.p_align = ELF_EXEC_PAGESIZE;
1443 DUMP_WRITE(&phdr, sizeof(phdr));
1446 #ifdef ELF_CORE_WRITE_EXTRA_PHDRS
1447 ELF_CORE_WRITE_EXTRA_PHDRS;
1450 /* write out the notes section */
1451 for (i = 0; i < numnote; i++)
1452 if (!writenote(notes + i, file))
1455 /* write out the thread status notes section */
1456 list_for_each(t, &thread_list) {
1457 struct elf_thread_status *tmp = list_entry(t, struct elf_thread_status, list);
1458 for (i = 0; i < tmp->num_notes; i++)
1459 if (!writenote(&tmp->notes[i], file))
1465 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1471 for (addr = vma->vm_start;
1473 addr += PAGE_SIZE) {
1475 struct vm_area_struct *vma;
1477 if (get_user_pages(current, current->mm, addr, 1, 0, 1,
1478 &page, &vma) <= 0) {
1479 DUMP_SEEK (file->f_pos + PAGE_SIZE);
1481 if (page == ZERO_PAGE(addr)) {
1482 DUMP_SEEK (file->f_pos + PAGE_SIZE);
1485 flush_cache_page(vma, addr);
1487 if ((size += PAGE_SIZE) > limit ||
1488 !dump_write(file, kaddr,
1491 page_cache_release(page);
1496 page_cache_release(page);
1501 #ifdef ELF_CORE_WRITE_EXTRA_DATA
1502 ELF_CORE_WRITE_EXTRA_DATA;
1505 if ((off_t) file->f_pos != offset) {
1507 printk("elf_core_dump: file->f_pos (%ld) != offset (%ld)\n",
1508 (off_t) file->f_pos, offset);
1515 while(!list_empty(&thread_list)) {
1516 struct list_head *tmp = thread_list.next;
1518 kfree(list_entry(tmp, struct elf_thread_status, list));
1526 #ifdef ELF_CORE_COPY_XFPREGS
1533 #endif /* USE_ELF_CORE_DUMP */
1535 static int __init init_elf_binfmt(void)
1537 return register_binfmt(&elf_format);
1540 static void __exit exit_elf_binfmt(void)
1542 /* Remove the COFF and ELF loaders. */
1543 unregister_binfmt(&elf_format);
1546 module_init(init_elf_binfmt)
1547 module_exit(exit_elf_binfmt)
1548 MODULE_LICENSE("GPL");