1 // SPDX-License-Identifier: GPL-2.0-only
3 * linux/fs/binfmt_elf.c
5 * These are the functions used to load ELF format executables as used
6 * on SVr4 machines. Information on the format may be found in the book
7 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
10 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
13 #include <linux/module.h>
14 #include <linux/kernel.h>
16 #include <linux/log2.h>
18 #include <linux/mman.h>
19 #include <linux/errno.h>
20 #include <linux/signal.h>
21 #include <linux/binfmts.h>
22 #include <linux/string.h>
23 #include <linux/file.h>
24 #include <linux/slab.h>
25 #include <linux/personality.h>
26 #include <linux/elfcore.h>
27 #include <linux/init.h>
28 #include <linux/highuid.h>
29 #include <linux/compiler.h>
30 #include <linux/highmem.h>
31 #include <linux/hugetlb.h>
32 #include <linux/pagemap.h>
33 #include <linux/vmalloc.h>
34 #include <linux/security.h>
35 #include <linux/random.h>
36 #include <linux/elf.h>
37 #include <linux/elf-randomize.h>
38 #include <linux/utsname.h>
39 #include <linux/coredump.h>
40 #include <linux/sched.h>
41 #include <linux/sched/coredump.h>
42 #include <linux/sched/task_stack.h>
43 #include <linux/sched/cputime.h>
44 #include <linux/sizes.h>
45 #include <linux/types.h>
46 #include <linux/cred.h>
47 #include <linux/dax.h>
48 #include <linux/uaccess.h>
49 #include <linux/rseq.h>
50 #include <asm/param.h>
58 #define user_long_t long
60 #ifndef user_siginfo_t
61 #define user_siginfo_t siginfo_t
64 /* That's for binfmt_elf_fdpic to deal with */
65 #ifndef elf_check_fdpic
66 #define elf_check_fdpic(ex) false
69 static int load_elf_binary(struct linux_binprm *bprm);
72 static int load_elf_library(struct file *);
74 #define load_elf_library NULL
78 * If we don't support core dumping, then supply a NULL so we
81 #ifdef CONFIG_ELF_CORE
82 static int elf_core_dump(struct coredump_params *cprm);
84 #define elf_core_dump NULL
87 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
88 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
90 #define ELF_MIN_ALIGN PAGE_SIZE
93 #ifndef ELF_CORE_EFLAGS
94 #define ELF_CORE_EFLAGS 0
97 #define ELF_PAGESTART(_v) ((_v) & ~(int)(ELF_MIN_ALIGN-1))
98 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
99 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
101 static struct linux_binfmt elf_format = {
102 .module = THIS_MODULE,
103 .load_binary = load_elf_binary,
104 .load_shlib = load_elf_library,
105 #ifdef CONFIG_COREDUMP
106 .core_dump = elf_core_dump,
107 .min_coredump = ELF_EXEC_PAGESIZE,
111 #define BAD_ADDR(x) (unlikely((unsigned long)(x) >= TASK_SIZE))
113 /* We need to explicitly zero any fractional pages
114 after the data section (i.e. bss). This would
115 contain the junk from the file that should not
118 static int padzero(unsigned long elf_bss)
122 nbyte = ELF_PAGEOFFSET(elf_bss);
124 nbyte = ELF_MIN_ALIGN - nbyte;
125 if (clear_user((void __user *) elf_bss, nbyte))
131 /* Let's use some macros to make this stack manipulation a little clearer */
132 #ifdef CONFIG_STACK_GROWSUP
133 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
134 #define STACK_ROUND(sp, items) \
135 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
136 #define STACK_ALLOC(sp, len) ({ \
137 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
140 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
141 #define STACK_ROUND(sp, items) \
142 (((unsigned long) (sp - items)) &~ 15UL)
143 #define STACK_ALLOC(sp, len) (sp -= len)
146 #ifndef ELF_BASE_PLATFORM
148 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
149 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
150 * will be copied to the user stack in the same manner as AT_PLATFORM.
152 #define ELF_BASE_PLATFORM NULL
156 create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
157 unsigned long interp_load_addr,
158 unsigned long e_entry, unsigned long phdr_addr)
160 struct mm_struct *mm = current->mm;
161 unsigned long p = bprm->p;
162 int argc = bprm->argc;
163 int envc = bprm->envc;
164 elf_addr_t __user *sp;
165 elf_addr_t __user *u_platform;
166 elf_addr_t __user *u_base_platform;
167 elf_addr_t __user *u_rand_bytes;
168 const char *k_platform = ELF_PLATFORM;
169 const char *k_base_platform = ELF_BASE_PLATFORM;
170 unsigned char k_rand_bytes[16];
172 elf_addr_t *elf_info;
173 elf_addr_t flags = 0;
175 const struct cred *cred = current_cred();
176 struct vm_area_struct *vma;
179 * In some cases (e.g. Hyper-Threading), we want to avoid L1
180 * evictions by the processes running on the same package. One
181 * thing we can do is to shuffle the initial stack for them.
184 p = arch_align_stack(p);
187 * If this architecture has a platform capability string, copy it
188 * to userspace. In some cases (Sparc), this info is impossible
189 * for userspace to get any other way, in others (i386) it is
194 size_t len = strlen(k_platform) + 1;
196 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
197 if (copy_to_user(u_platform, k_platform, len))
202 * If this architecture has a "base" platform capability
203 * string, copy it to userspace.
205 u_base_platform = NULL;
206 if (k_base_platform) {
207 size_t len = strlen(k_base_platform) + 1;
209 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
210 if (copy_to_user(u_base_platform, k_base_platform, len))
215 * Generate 16 random bytes for userspace PRNG seeding.
217 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
218 u_rand_bytes = (elf_addr_t __user *)
219 STACK_ALLOC(p, sizeof(k_rand_bytes));
220 if (copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
223 /* Create the ELF interpreter info */
224 elf_info = (elf_addr_t *)mm->saved_auxv;
225 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
226 #define NEW_AUX_ENT(id, val) \
234 * ARCH_DLINFO must come first so PPC can do its special alignment of
236 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
237 * ARCH_DLINFO changes
241 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
242 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
243 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
244 NEW_AUX_ENT(AT_PHDR, phdr_addr);
245 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
246 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
247 NEW_AUX_ENT(AT_BASE, interp_load_addr);
248 if (bprm->interp_flags & BINPRM_FLAGS_PRESERVE_ARGV0)
249 flags |= AT_FLAGS_PRESERVE_ARGV0;
250 NEW_AUX_ENT(AT_FLAGS, flags);
251 NEW_AUX_ENT(AT_ENTRY, e_entry);
252 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
253 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
254 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
255 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
256 NEW_AUX_ENT(AT_SECURE, bprm->secureexec);
257 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
259 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
261 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
263 NEW_AUX_ENT(AT_PLATFORM,
264 (elf_addr_t)(unsigned long)u_platform);
266 if (k_base_platform) {
267 NEW_AUX_ENT(AT_BASE_PLATFORM,
268 (elf_addr_t)(unsigned long)u_base_platform);
270 if (bprm->have_execfd) {
271 NEW_AUX_ENT(AT_EXECFD, bprm->execfd);
274 NEW_AUX_ENT(AT_RSEQ_FEATURE_SIZE, offsetof(struct rseq, end));
275 NEW_AUX_ENT(AT_RSEQ_ALIGN, __alignof__(struct rseq));
278 /* AT_NULL is zero; clear the rest too */
279 memset(elf_info, 0, (char *)mm->saved_auxv +
280 sizeof(mm->saved_auxv) - (char *)elf_info);
282 /* And advance past the AT_NULL entry. */
285 ei_index = elf_info - (elf_addr_t *)mm->saved_auxv;
286 sp = STACK_ADD(p, ei_index);
288 items = (argc + 1) + (envc + 1) + 1;
289 bprm->p = STACK_ROUND(sp, items);
291 /* Point sp at the lowest address on the stack */
292 #ifdef CONFIG_STACK_GROWSUP
293 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
294 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
296 sp = (elf_addr_t __user *)bprm->p;
301 * Grow the stack manually; some architectures have a limit on how
302 * far ahead a user-space access may be in order to grow the stack.
304 if (mmap_write_lock_killable(mm))
306 vma = find_extend_vma_locked(mm, bprm->p);
307 mmap_write_unlock(mm);
311 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
312 if (put_user(argc, sp++))
315 /* Populate list of argv pointers back to argv strings. */
316 p = mm->arg_end = mm->arg_start;
319 if (put_user((elf_addr_t)p, sp++))
321 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
322 if (!len || len > MAX_ARG_STRLEN)
326 if (put_user(0, sp++))
330 /* Populate list of envp pointers back to envp strings. */
331 mm->env_end = mm->env_start = p;
334 if (put_user((elf_addr_t)p, sp++))
336 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
337 if (!len || len > MAX_ARG_STRLEN)
341 if (put_user(0, sp++))
345 /* Put the elf_info on the stack in the right place. */
346 if (copy_to_user(sp, mm->saved_auxv, ei_index * sizeof(elf_addr_t)))
351 static unsigned long elf_map(struct file *filep, unsigned long addr,
352 const struct elf_phdr *eppnt, int prot, int type,
353 unsigned long total_size)
355 unsigned long map_addr;
356 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
357 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
358 addr = ELF_PAGESTART(addr);
359 size = ELF_PAGEALIGN(size);
361 /* mmap() will return -EINVAL if given a zero size, but a
362 * segment with zero filesize is perfectly valid */
367 * total_size is the size of the ELF (interpreter) image.
368 * The _first_ mmap needs to know the full size, otherwise
369 * randomization might put this image into an overlapping
370 * position with the ELF binary image. (since size < total_size)
371 * So we first map the 'big' image - and unmap the remainder at
372 * the end. (which unmap is needed for ELF images with holes.)
375 total_size = ELF_PAGEALIGN(total_size);
376 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
377 if (!BAD_ADDR(map_addr))
378 vm_munmap(map_addr+size, total_size-size);
380 map_addr = vm_mmap(filep, addr, size, prot, type, off);
382 if ((type & MAP_FIXED_NOREPLACE) &&
383 PTR_ERR((void *)map_addr) == -EEXIST)
384 pr_info("%d (%s): Uhuuh, elf segment at %px requested but the memory is mapped already\n",
385 task_pid_nr(current), current->comm, (void *)addr);
390 static unsigned long elf_load(struct file *filep, unsigned long addr,
391 const struct elf_phdr *eppnt, int prot, int type,
392 unsigned long total_size)
394 unsigned long zero_start, zero_end;
395 unsigned long map_addr;
397 if (eppnt->p_filesz) {
398 map_addr = elf_map(filep, addr, eppnt, prot, type, total_size);
399 if (BAD_ADDR(map_addr))
401 if (eppnt->p_memsz > eppnt->p_filesz) {
402 zero_start = map_addr + ELF_PAGEOFFSET(eppnt->p_vaddr) +
404 zero_end = map_addr + ELF_PAGEOFFSET(eppnt->p_vaddr) +
407 /* Zero the end of the last mapped page */
411 map_addr = zero_start = ELF_PAGESTART(addr);
412 zero_end = zero_start + ELF_PAGEOFFSET(eppnt->p_vaddr) +
415 if (eppnt->p_memsz > eppnt->p_filesz) {
417 * Map the last of the segment.
418 * If the header is requesting these pages to be
419 * executable, honour that (ppc32 needs this).
423 zero_start = ELF_PAGEALIGN(zero_start);
424 zero_end = ELF_PAGEALIGN(zero_end);
426 error = vm_brk_flags(zero_start, zero_end - zero_start,
427 prot & PROT_EXEC ? VM_EXEC : 0);
435 static unsigned long total_mapping_size(const struct elf_phdr *phdr, int nr)
437 elf_addr_t min_addr = -1;
438 elf_addr_t max_addr = 0;
439 bool pt_load = false;
442 for (i = 0; i < nr; i++) {
443 if (phdr[i].p_type == PT_LOAD) {
444 min_addr = min(min_addr, ELF_PAGESTART(phdr[i].p_vaddr));
445 max_addr = max(max_addr, phdr[i].p_vaddr + phdr[i].p_memsz);
449 return pt_load ? (max_addr - min_addr) : 0;
452 static int elf_read(struct file *file, void *buf, size_t len, loff_t pos)
456 rv = kernel_read(file, buf, len, &pos);
457 if (unlikely(rv != len)) {
458 return (rv < 0) ? rv : -EIO;
463 static unsigned long maximum_alignment(struct elf_phdr *cmds, int nr)
465 unsigned long alignment = 0;
468 for (i = 0; i < nr; i++) {
469 if (cmds[i].p_type == PT_LOAD) {
470 unsigned long p_align = cmds[i].p_align;
472 /* skip non-power of two alignments as invalid */
473 if (!is_power_of_2(p_align))
475 alignment = max(alignment, p_align);
479 /* ensure we align to at least one page */
480 return ELF_PAGEALIGN(alignment);
484 * load_elf_phdrs() - load ELF program headers
485 * @elf_ex: ELF header of the binary whose program headers should be loaded
486 * @elf_file: the opened ELF binary file
488 * Loads ELF program headers from the binary file elf_file, which has the ELF
489 * header pointed to by elf_ex, into a newly allocated array. The caller is
490 * responsible for freeing the allocated data. Returns NULL upon failure.
492 static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex,
493 struct file *elf_file)
495 struct elf_phdr *elf_phdata = NULL;
500 * If the size of this structure has changed, then punt, since
501 * we will be doing the wrong thing.
503 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
506 /* Sanity check the number of program headers... */
507 /* ...and their total size. */
508 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
509 if (size == 0 || size > 65536 || size > ELF_MIN_ALIGN)
512 elf_phdata = kmalloc(size, GFP_KERNEL);
516 /* Read in the program headers */
517 retval = elf_read(elf_file, elf_phdata, size, elf_ex->e_phoff);
527 #ifndef CONFIG_ARCH_BINFMT_ELF_STATE
530 * struct arch_elf_state - arch-specific ELF loading state
532 * This structure is used to preserve architecture specific data during
533 * the loading of an ELF file, throughout the checking of architecture
534 * specific ELF headers & through to the point where the ELF load is
535 * known to be proceeding (ie. SET_PERSONALITY).
537 * This implementation is a dummy for architectures which require no
540 struct arch_elf_state {
543 #define INIT_ARCH_ELF_STATE {}
546 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
547 * @ehdr: The main ELF header
548 * @phdr: The program header to check
549 * @elf: The open ELF file
550 * @is_interp: True if the phdr is from the interpreter of the ELF being
551 * loaded, else false.
552 * @state: Architecture-specific state preserved throughout the process
553 * of loading the ELF.
555 * Inspects the program header phdr to validate its correctness and/or
556 * suitability for the system. Called once per ELF program header in the
557 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
560 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
561 * with that return code.
563 static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
564 struct elf_phdr *phdr,
565 struct file *elf, bool is_interp,
566 struct arch_elf_state *state)
568 /* Dummy implementation, always proceed */
573 * arch_check_elf() - check an ELF executable
574 * @ehdr: The main ELF header
575 * @has_interp: True if the ELF has an interpreter, else false.
576 * @interp_ehdr: The interpreter's ELF header
577 * @state: Architecture-specific state preserved throughout the process
578 * of loading the ELF.
580 * Provides a final opportunity for architecture code to reject the loading
581 * of the ELF & cause an exec syscall to return an error. This is called after
582 * all program headers to be checked by arch_elf_pt_proc have been.
584 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
585 * with that return code.
587 static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
588 struct elfhdr *interp_ehdr,
589 struct arch_elf_state *state)
591 /* Dummy implementation, always proceed */
595 #endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
597 static inline int make_prot(u32 p_flags, struct arch_elf_state *arch_state,
598 bool has_interp, bool is_interp)
609 return arch_elf_adjust_prot(prot, arch_state, has_interp, is_interp);
612 /* This is much more generalized than the library routine read function,
613 so we keep this separate. Technically the library read function
614 is only provided so that we can read a.out libraries that have
617 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
618 struct file *interpreter,
619 unsigned long no_base, struct elf_phdr *interp_elf_phdata,
620 struct arch_elf_state *arch_state)
622 struct elf_phdr *eppnt;
623 unsigned long load_addr = 0;
624 int load_addr_set = 0;
625 unsigned long error = ~0UL;
626 unsigned long total_size;
629 /* First of all, some simple consistency checks */
630 if (interp_elf_ex->e_type != ET_EXEC &&
631 interp_elf_ex->e_type != ET_DYN)
633 if (!elf_check_arch(interp_elf_ex) ||
634 elf_check_fdpic(interp_elf_ex))
636 if (!interpreter->f_op->mmap)
639 total_size = total_mapping_size(interp_elf_phdata,
640 interp_elf_ex->e_phnum);
646 eppnt = interp_elf_phdata;
647 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
648 if (eppnt->p_type == PT_LOAD) {
649 int elf_type = MAP_PRIVATE;
650 int elf_prot = make_prot(eppnt->p_flags, arch_state,
652 unsigned long vaddr = 0;
653 unsigned long k, map_addr;
655 vaddr = eppnt->p_vaddr;
656 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
657 elf_type |= MAP_FIXED;
658 else if (no_base && interp_elf_ex->e_type == ET_DYN)
661 map_addr = elf_load(interpreter, load_addr + vaddr,
662 eppnt, elf_prot, elf_type, total_size);
665 if (BAD_ADDR(map_addr))
668 if (!load_addr_set &&
669 interp_elf_ex->e_type == ET_DYN) {
670 load_addr = map_addr - ELF_PAGESTART(vaddr);
675 * Check to see if the section's size will overflow the
676 * allowed task size. Note that p_filesz must always be
677 * <= p_memsize so it's only necessary to check p_memsz.
679 k = load_addr + eppnt->p_vaddr;
681 eppnt->p_filesz > eppnt->p_memsz ||
682 eppnt->p_memsz > TASK_SIZE ||
683 TASK_SIZE - eppnt->p_memsz < k) {
696 * These are the functions used to load ELF style executables and shared
697 * libraries. There is no binary dependent code anywhere else.
700 static int parse_elf_property(const char *data, size_t *off, size_t datasz,
701 struct arch_elf_state *arch,
702 bool have_prev_type, u32 *prev_type)
705 const struct gnu_property *pr;
711 if (WARN_ON_ONCE(*off > datasz || *off % ELF_GNU_PROPERTY_ALIGN))
716 if (datasz < sizeof(*pr))
718 pr = (const struct gnu_property *)(data + o);
720 datasz -= sizeof(*pr);
722 if (pr->pr_datasz > datasz)
725 WARN_ON_ONCE(o % ELF_GNU_PROPERTY_ALIGN);
726 step = round_up(pr->pr_datasz, ELF_GNU_PROPERTY_ALIGN);
730 /* Properties are supposed to be unique and sorted on pr_type: */
731 if (have_prev_type && pr->pr_type <= *prev_type)
733 *prev_type = pr->pr_type;
735 ret = arch_parse_elf_property(pr->pr_type, data + o,
736 pr->pr_datasz, ELF_COMPAT, arch);
744 #define NOTE_DATA_SZ SZ_1K
745 #define GNU_PROPERTY_TYPE_0_NAME "GNU"
746 #define NOTE_NAME_SZ (sizeof(GNU_PROPERTY_TYPE_0_NAME))
748 static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr,
749 struct arch_elf_state *arch)
752 struct elf_note nhdr;
753 char data[NOTE_DATA_SZ];
762 if (!IS_ENABLED(CONFIG_ARCH_USE_GNU_PROPERTY) || !phdr)
765 /* load_elf_binary() shouldn't call us unless this is true... */
766 if (WARN_ON_ONCE(phdr->p_type != PT_GNU_PROPERTY))
769 /* If the properties are crazy large, that's too bad (for now): */
770 if (phdr->p_filesz > sizeof(note))
773 pos = phdr->p_offset;
774 n = kernel_read(f, ¬e, phdr->p_filesz, &pos);
776 BUILD_BUG_ON(sizeof(note) < sizeof(note.nhdr) + NOTE_NAME_SZ);
777 if (n < 0 || n < sizeof(note.nhdr) + NOTE_NAME_SZ)
780 if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 ||
781 note.nhdr.n_namesz != NOTE_NAME_SZ ||
782 strncmp(note.data + sizeof(note.nhdr),
783 GNU_PROPERTY_TYPE_0_NAME, n - sizeof(note.nhdr)))
786 off = round_up(sizeof(note.nhdr) + NOTE_NAME_SZ,
787 ELF_GNU_PROPERTY_ALIGN);
791 if (note.nhdr.n_descsz > n - off)
793 datasz = off + note.nhdr.n_descsz;
795 have_prev_type = false;
797 ret = parse_elf_property(note.data, &off, datasz, arch,
798 have_prev_type, &prev_type);
799 have_prev_type = true;
802 return ret == -ENOENT ? 0 : ret;
805 static int load_elf_binary(struct linux_binprm *bprm)
807 struct file *interpreter = NULL; /* to shut gcc up */
808 unsigned long load_bias = 0, phdr_addr = 0;
809 int first_pt_load = 1;
811 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
812 struct elf_phdr *elf_property_phdata = NULL;
813 unsigned long elf_brk;
815 unsigned long elf_entry;
816 unsigned long e_entry;
817 unsigned long interp_load_addr = 0;
818 unsigned long start_code, end_code, start_data, end_data;
819 unsigned long reloc_func_desc __maybe_unused = 0;
820 int executable_stack = EXSTACK_DEFAULT;
821 struct elfhdr *elf_ex = (struct elfhdr *)bprm->buf;
822 struct elfhdr *interp_elf_ex = NULL;
823 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
824 struct mm_struct *mm;
825 struct pt_regs *regs;
828 /* First of all, some simple consistency checks */
829 if (memcmp(elf_ex->e_ident, ELFMAG, SELFMAG) != 0)
832 if (elf_ex->e_type != ET_EXEC && elf_ex->e_type != ET_DYN)
834 if (!elf_check_arch(elf_ex))
836 if (elf_check_fdpic(elf_ex))
838 if (!bprm->file->f_op->mmap)
841 elf_phdata = load_elf_phdrs(elf_ex, bprm->file);
845 elf_ppnt = elf_phdata;
846 for (i = 0; i < elf_ex->e_phnum; i++, elf_ppnt++) {
847 char *elf_interpreter;
849 if (elf_ppnt->p_type == PT_GNU_PROPERTY) {
850 elf_property_phdata = elf_ppnt;
854 if (elf_ppnt->p_type != PT_INTERP)
858 * This is the program interpreter used for shared libraries -
859 * for now assume that this is an a.out format binary.
862 if (elf_ppnt->p_filesz > PATH_MAX || elf_ppnt->p_filesz < 2)
866 elf_interpreter = kmalloc(elf_ppnt->p_filesz, GFP_KERNEL);
867 if (!elf_interpreter)
870 retval = elf_read(bprm->file, elf_interpreter, elf_ppnt->p_filesz,
873 goto out_free_interp;
874 /* make sure path is NULL terminated */
876 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
877 goto out_free_interp;
879 interpreter = open_exec(elf_interpreter);
880 kfree(elf_interpreter);
881 retval = PTR_ERR(interpreter);
882 if (IS_ERR(interpreter))
886 * If the binary is not readable then enforce mm->dumpable = 0
887 * regardless of the interpreter's permissions.
889 would_dump(bprm, interpreter);
891 interp_elf_ex = kmalloc(sizeof(*interp_elf_ex), GFP_KERNEL);
892 if (!interp_elf_ex) {
897 /* Get the exec headers */
898 retval = elf_read(interpreter, interp_elf_ex,
899 sizeof(*interp_elf_ex), 0);
901 goto out_free_dentry;
906 kfree(elf_interpreter);
910 elf_ppnt = elf_phdata;
911 for (i = 0; i < elf_ex->e_phnum; i++, elf_ppnt++)
912 switch (elf_ppnt->p_type) {
914 if (elf_ppnt->p_flags & PF_X)
915 executable_stack = EXSTACK_ENABLE_X;
917 executable_stack = EXSTACK_DISABLE_X;
920 case PT_LOPROC ... PT_HIPROC:
921 retval = arch_elf_pt_proc(elf_ex, elf_ppnt,
925 goto out_free_dentry;
929 /* Some simple consistency checks for the interpreter */
932 /* Not an ELF interpreter */
933 if (memcmp(interp_elf_ex->e_ident, ELFMAG, SELFMAG) != 0)
934 goto out_free_dentry;
935 /* Verify the interpreter has a valid arch */
936 if (!elf_check_arch(interp_elf_ex) ||
937 elf_check_fdpic(interp_elf_ex))
938 goto out_free_dentry;
940 /* Load the interpreter program headers */
941 interp_elf_phdata = load_elf_phdrs(interp_elf_ex,
943 if (!interp_elf_phdata)
944 goto out_free_dentry;
946 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
947 elf_property_phdata = NULL;
948 elf_ppnt = interp_elf_phdata;
949 for (i = 0; i < interp_elf_ex->e_phnum; i++, elf_ppnt++)
950 switch (elf_ppnt->p_type) {
951 case PT_GNU_PROPERTY:
952 elf_property_phdata = elf_ppnt;
955 case PT_LOPROC ... PT_HIPROC:
956 retval = arch_elf_pt_proc(interp_elf_ex,
957 elf_ppnt, interpreter,
960 goto out_free_dentry;
965 retval = parse_elf_properties(interpreter ?: bprm->file,
966 elf_property_phdata, &arch_state);
968 goto out_free_dentry;
971 * Allow arch code to reject the ELF at this point, whilst it's
972 * still possible to return an error to the code that invoked
975 retval = arch_check_elf(elf_ex,
976 !!interpreter, interp_elf_ex,
979 goto out_free_dentry;
981 /* Flush all traces of the currently running executable */
982 retval = begin_new_exec(bprm);
984 goto out_free_dentry;
986 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
987 may depend on the personality. */
988 SET_PERSONALITY2(*elf_ex, &arch_state);
989 if (elf_read_implies_exec(*elf_ex, executable_stack))
990 current->personality |= READ_IMPLIES_EXEC;
992 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
993 current->flags |= PF_RANDOMIZE;
995 setup_new_exec(bprm);
997 /* Do this so that we can load the interpreter, if need be. We will
998 change some of these later */
999 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
1002 goto out_free_dentry;
1011 /* Now we do a little grungy work by mmapping the ELF image into
1012 the correct location in memory. */
1013 for(i = 0, elf_ppnt = elf_phdata;
1014 i < elf_ex->e_phnum; i++, elf_ppnt++) {
1015 int elf_prot, elf_flags;
1016 unsigned long k, vaddr;
1017 unsigned long total_size = 0;
1018 unsigned long alignment;
1020 if (elf_ppnt->p_type != PT_LOAD)
1023 elf_prot = make_prot(elf_ppnt->p_flags, &arch_state,
1024 !!interpreter, false);
1026 elf_flags = MAP_PRIVATE;
1028 vaddr = elf_ppnt->p_vaddr;
1030 * The first time through the loop, first_pt_load is true:
1031 * layout will be calculated. Once set, use MAP_FIXED since
1032 * we know we've already safely mapped the entire region with
1033 * MAP_FIXED_NOREPLACE in the once-per-binary logic following.
1035 if (!first_pt_load) {
1036 elf_flags |= MAP_FIXED;
1037 } else if (elf_ex->e_type == ET_EXEC) {
1039 * This logic is run once for the first LOAD Program
1040 * Header for ET_EXEC binaries. No special handling
1043 elf_flags |= MAP_FIXED_NOREPLACE;
1044 } else if (elf_ex->e_type == ET_DYN) {
1046 * This logic is run once for the first LOAD Program
1047 * Header for ET_DYN binaries to calculate the
1048 * randomization (load_bias) for all the LOAD
1051 * There are effectively two types of ET_DYN
1052 * binaries: programs (i.e. PIE: ET_DYN with INTERP)
1053 * and loaders (ET_DYN without INTERP, since they
1054 * _are_ the ELF interpreter). The loaders must
1055 * be loaded away from programs since the program
1056 * may otherwise collide with the loader (especially
1057 * for ET_EXEC which does not have a randomized
1058 * position). For example to handle invocations of
1059 * "./ld.so someprog" to test out a new version of
1060 * the loader, the subsequent program that the
1061 * loader loads must avoid the loader itself, so
1062 * they cannot share the same load range. Sufficient
1063 * room for the brk must be allocated with the
1064 * loader as well, since brk must be available with
1067 * Therefore, programs are loaded offset from
1068 * ELF_ET_DYN_BASE and loaders are loaded into the
1069 * independently randomized mmap region (0 load_bias
1070 * without MAP_FIXED nor MAP_FIXED_NOREPLACE).
1073 load_bias = ELF_ET_DYN_BASE;
1074 if (current->flags & PF_RANDOMIZE)
1075 load_bias += arch_mmap_rnd();
1076 alignment = maximum_alignment(elf_phdata, elf_ex->e_phnum);
1078 load_bias &= ~(alignment - 1);
1079 elf_flags |= MAP_FIXED_NOREPLACE;
1084 * Since load_bias is used for all subsequent loading
1085 * calculations, we must lower it by the first vaddr
1086 * so that the remaining calculations based on the
1087 * ELF vaddrs will be correctly offset. The result
1088 * is then page aligned.
1090 load_bias = ELF_PAGESTART(load_bias - vaddr);
1093 * Calculate the entire size of the ELF mapping
1094 * (total_size), used for the initial mapping,
1095 * due to load_addr_set which is set to true later
1096 * once the initial mapping is performed.
1098 * Note that this is only sensible when the LOAD
1099 * segments are contiguous (or overlapping). If
1100 * used for LOADs that are far apart, this would
1101 * cause the holes between LOADs to be mapped,
1102 * running the risk of having the mapping fail,
1103 * as it would be larger than the ELF file itself.
1105 * As a result, only ET_DYN does this, since
1106 * some ET_EXEC (e.g. ia64) may have large virtual
1107 * memory holes between LOADs.
1110 total_size = total_mapping_size(elf_phdata,
1114 goto out_free_dentry;
1118 error = elf_load(bprm->file, load_bias + vaddr, elf_ppnt,
1119 elf_prot, elf_flags, total_size);
1120 if (BAD_ADDR(error)) {
1121 retval = IS_ERR_VALUE(error) ?
1122 PTR_ERR((void*)error) : -EINVAL;
1123 goto out_free_dentry;
1126 if (first_pt_load) {
1128 if (elf_ex->e_type == ET_DYN) {
1129 load_bias += error -
1130 ELF_PAGESTART(load_bias + vaddr);
1131 reloc_func_desc = load_bias;
1136 * Figure out which segment in the file contains the Program
1137 * Header table, and map to the associated memory address.
1139 if (elf_ppnt->p_offset <= elf_ex->e_phoff &&
1140 elf_ex->e_phoff < elf_ppnt->p_offset + elf_ppnt->p_filesz) {
1141 phdr_addr = elf_ex->e_phoff - elf_ppnt->p_offset +
1145 k = elf_ppnt->p_vaddr;
1146 if ((elf_ppnt->p_flags & PF_X) && k < start_code)
1152 * Check to see if the section's size will overflow the
1153 * allowed task size. Note that p_filesz must always be
1154 * <= p_memsz so it is only necessary to check p_memsz.
1156 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
1157 elf_ppnt->p_memsz > TASK_SIZE ||
1158 TASK_SIZE - elf_ppnt->p_memsz < k) {
1159 /* set_brk can never work. Avoid overflows. */
1161 goto out_free_dentry;
1164 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
1166 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
1170 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1175 e_entry = elf_ex->e_entry + load_bias;
1176 phdr_addr += load_bias;
1177 elf_brk += load_bias;
1178 start_code += load_bias;
1179 end_code += load_bias;
1180 start_data += load_bias;
1181 end_data += load_bias;
1183 current->mm->start_brk = current->mm->brk = ELF_PAGEALIGN(elf_brk);
1186 elf_entry = load_elf_interp(interp_elf_ex,
1188 load_bias, interp_elf_phdata,
1190 if (!IS_ERR_VALUE(elf_entry)) {
1192 * load_elf_interp() returns relocation
1195 interp_load_addr = elf_entry;
1196 elf_entry += interp_elf_ex->e_entry;
1198 if (BAD_ADDR(elf_entry)) {
1199 retval = IS_ERR_VALUE(elf_entry) ?
1200 (int)elf_entry : -EINVAL;
1201 goto out_free_dentry;
1203 reloc_func_desc = interp_load_addr;
1205 allow_write_access(interpreter);
1208 kfree(interp_elf_ex);
1209 kfree(interp_elf_phdata);
1211 elf_entry = e_entry;
1212 if (BAD_ADDR(elf_entry)) {
1214 goto out_free_dentry;
1220 set_binfmt(&elf_format);
1222 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
1223 retval = ARCH_SETUP_ADDITIONAL_PAGES(bprm, elf_ex, !!interpreter);
1226 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1228 retval = create_elf_tables(bprm, elf_ex, interp_load_addr,
1229 e_entry, phdr_addr);
1234 mm->end_code = end_code;
1235 mm->start_code = start_code;
1236 mm->start_data = start_data;
1237 mm->end_data = end_data;
1238 mm->start_stack = bprm->p;
1240 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
1242 * For architectures with ELF randomization, when executing
1243 * a loader directly (i.e. no interpreter listed in ELF
1244 * headers), move the brk area out of the mmap region
1245 * (since it grows up, and may collide early with the stack
1246 * growing down), and into the unused ELF_ET_DYN_BASE region.
1248 if (IS_ENABLED(CONFIG_ARCH_HAS_ELF_RANDOMIZE) &&
1249 elf_ex->e_type == ET_DYN && !interpreter) {
1250 mm->brk = mm->start_brk = ELF_ET_DYN_BASE;
1253 mm->brk = mm->start_brk = arch_randomize_brk(mm);
1254 #ifdef compat_brk_randomized
1255 current->brk_randomized = 1;
1259 if (current->personality & MMAP_PAGE_ZERO) {
1260 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1261 and some applications "depend" upon this behavior.
1262 Since we do not have the power to recompile these, we
1263 emulate the SVr4 behavior. Sigh. */
1264 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1265 MAP_FIXED | MAP_PRIVATE, 0);
1268 regs = current_pt_regs();
1269 #ifdef ELF_PLAT_INIT
1271 * The ABI may specify that certain registers be set up in special
1272 * ways (on i386 %edx is the address of a DT_FINI function, for
1273 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1274 * that the e_entry field is the address of the function descriptor
1275 * for the startup routine, rather than the address of the startup
1276 * routine itself. This macro performs whatever initialization to
1277 * the regs structure is required as well as any relocations to the
1278 * function descriptor entries when executing dynamically links apps.
1280 ELF_PLAT_INIT(regs, reloc_func_desc);
1283 finalize_exec(bprm);
1284 START_THREAD(elf_ex, regs, elf_entry, bprm->p);
1291 kfree(interp_elf_ex);
1292 kfree(interp_elf_phdata);
1294 allow_write_access(interpreter);
1302 #ifdef CONFIG_USELIB
1303 /* This is really simpleminded and specialized - we are loading an
1304 a.out library that is given an ELF header. */
1305 static int load_elf_library(struct file *file)
1307 struct elf_phdr *elf_phdata;
1308 struct elf_phdr *eppnt;
1309 unsigned long elf_bss, bss, len;
1310 int retval, error, i, j;
1311 struct elfhdr elf_ex;
1314 retval = elf_read(file, &elf_ex, sizeof(elf_ex), 0);
1318 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1321 /* First of all, some simple consistency checks */
1322 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1323 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1325 if (elf_check_fdpic(&elf_ex))
1328 /* Now read in all of the header information */
1330 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1331 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1334 elf_phdata = kmalloc(j, GFP_KERNEL);
1340 retval = elf_read(file, eppnt, j, elf_ex.e_phoff);
1344 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1345 if ((eppnt + i)->p_type == PT_LOAD)
1350 while (eppnt->p_type != PT_LOAD)
1353 /* Now use mmap to map the library into memory. */
1354 error = vm_mmap(file,
1355 ELF_PAGESTART(eppnt->p_vaddr),
1357 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1358 PROT_READ | PROT_WRITE | PROT_EXEC,
1359 MAP_FIXED_NOREPLACE | MAP_PRIVATE,
1361 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1362 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1365 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1366 if (padzero(elf_bss)) {
1371 len = ELF_PAGEALIGN(eppnt->p_filesz + eppnt->p_vaddr);
1372 bss = ELF_PAGEALIGN(eppnt->p_memsz + eppnt->p_vaddr);
1374 error = vm_brk(len, bss - len);
1385 #endif /* #ifdef CONFIG_USELIB */
1387 #ifdef CONFIG_ELF_CORE
1391 * Modelled on fs/exec.c:aout_core_dump()
1392 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1395 /* An ELF note in memory */
1400 unsigned int datasz;
1404 static int notesize(struct memelfnote *en)
1408 sz = sizeof(struct elf_note);
1409 sz += roundup(strlen(en->name) + 1, 4);
1410 sz += roundup(en->datasz, 4);
1415 static int writenote(struct memelfnote *men, struct coredump_params *cprm)
1418 en.n_namesz = strlen(men->name) + 1;
1419 en.n_descsz = men->datasz;
1420 en.n_type = men->type;
1422 return dump_emit(cprm, &en, sizeof(en)) &&
1423 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1424 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1427 static void fill_elf_header(struct elfhdr *elf, int segs,
1428 u16 machine, u32 flags)
1430 memset(elf, 0, sizeof(*elf));
1432 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1433 elf->e_ident[EI_CLASS] = ELF_CLASS;
1434 elf->e_ident[EI_DATA] = ELF_DATA;
1435 elf->e_ident[EI_VERSION] = EV_CURRENT;
1436 elf->e_ident[EI_OSABI] = ELF_OSABI;
1438 elf->e_type = ET_CORE;
1439 elf->e_machine = machine;
1440 elf->e_version = EV_CURRENT;
1441 elf->e_phoff = sizeof(struct elfhdr);
1442 elf->e_flags = flags;
1443 elf->e_ehsize = sizeof(struct elfhdr);
1444 elf->e_phentsize = sizeof(struct elf_phdr);
1445 elf->e_phnum = segs;
1448 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1450 phdr->p_type = PT_NOTE;
1451 phdr->p_offset = offset;
1454 phdr->p_filesz = sz;
1460 static void fill_note(struct memelfnote *note, const char *name, int type,
1461 unsigned int sz, void *data)
1470 * fill up all the fields in prstatus from the given task struct, except
1471 * registers which need to be filled up separately.
1473 static void fill_prstatus(struct elf_prstatus_common *prstatus,
1474 struct task_struct *p, long signr)
1476 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1477 prstatus->pr_sigpend = p->pending.signal.sig[0];
1478 prstatus->pr_sighold = p->blocked.sig[0];
1480 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1482 prstatus->pr_pid = task_pid_vnr(p);
1483 prstatus->pr_pgrp = task_pgrp_vnr(p);
1484 prstatus->pr_sid = task_session_vnr(p);
1485 if (thread_group_leader(p)) {
1486 struct task_cputime cputime;
1489 * This is the record for the group leader. It shows the
1490 * group-wide total, not its individual thread total.
1492 thread_group_cputime(p, &cputime);
1493 prstatus->pr_utime = ns_to_kernel_old_timeval(cputime.utime);
1494 prstatus->pr_stime = ns_to_kernel_old_timeval(cputime.stime);
1498 task_cputime(p, &utime, &stime);
1499 prstatus->pr_utime = ns_to_kernel_old_timeval(utime);
1500 prstatus->pr_stime = ns_to_kernel_old_timeval(stime);
1503 prstatus->pr_cutime = ns_to_kernel_old_timeval(p->signal->cutime);
1504 prstatus->pr_cstime = ns_to_kernel_old_timeval(p->signal->cstime);
1507 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1508 struct mm_struct *mm)
1510 const struct cred *cred;
1511 unsigned int i, len;
1514 /* first copy the parameters from user space */
1515 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1517 len = mm->arg_end - mm->arg_start;
1518 if (len >= ELF_PRARGSZ)
1519 len = ELF_PRARGSZ-1;
1520 if (copy_from_user(&psinfo->pr_psargs,
1521 (const char __user *)mm->arg_start, len))
1523 for(i = 0; i < len; i++)
1524 if (psinfo->pr_psargs[i] == 0)
1525 psinfo->pr_psargs[i] = ' ';
1526 psinfo->pr_psargs[len] = 0;
1529 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1531 psinfo->pr_pid = task_pid_vnr(p);
1532 psinfo->pr_pgrp = task_pgrp_vnr(p);
1533 psinfo->pr_sid = task_session_vnr(p);
1535 state = READ_ONCE(p->__state);
1536 i = state ? ffz(~state) + 1 : 0;
1537 psinfo->pr_state = i;
1538 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1539 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1540 psinfo->pr_nice = task_nice(p);
1541 psinfo->pr_flag = p->flags;
1543 cred = __task_cred(p);
1544 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1545 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1547 get_task_comm(psinfo->pr_fname, p);
1552 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1554 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1558 while (auxv[i - 2] != AT_NULL);
1559 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1562 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1563 const kernel_siginfo_t *siginfo)
1565 copy_siginfo_to_external(csigdata, siginfo);
1566 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1569 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1571 * Format of NT_FILE note:
1573 * long count -- how many files are mapped
1574 * long page_size -- units for file_ofs
1575 * array of [COUNT] elements of
1579 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1581 static int fill_files_note(struct memelfnote *note, struct coredump_params *cprm)
1583 unsigned count, size, names_ofs, remaining, n;
1585 user_long_t *start_end_ofs;
1586 char *name_base, *name_curpos;
1589 /* *Estimated* file count and total data size needed */
1590 count = cprm->vma_count;
1591 if (count > UINT_MAX / 64)
1595 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1597 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1599 size = round_up(size, PAGE_SIZE);
1601 * "size" can be 0 here legitimately.
1602 * Let it ENOMEM and omit NT_FILE section which will be empty anyway.
1604 data = kvmalloc(size, GFP_KERNEL);
1605 if (ZERO_OR_NULL_PTR(data))
1608 start_end_ofs = data + 2;
1609 name_base = name_curpos = ((char *)data) + names_ofs;
1610 remaining = size - names_ofs;
1612 for (i = 0; i < cprm->vma_count; i++) {
1613 struct core_vma_metadata *m = &cprm->vma_meta[i];
1615 const char *filename;
1620 filename = file_path(file, name_curpos, remaining);
1621 if (IS_ERR(filename)) {
1622 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1624 size = size * 5 / 4;
1630 /* file_path() fills at the end, move name down */
1631 /* n = strlen(filename) + 1: */
1632 n = (name_curpos + remaining) - filename;
1633 remaining = filename - name_curpos;
1634 memmove(name_curpos, filename, n);
1637 *start_end_ofs++ = m->start;
1638 *start_end_ofs++ = m->end;
1639 *start_end_ofs++ = m->pgoff;
1643 /* Now we know exact count of files, can store it */
1645 data[1] = PAGE_SIZE;
1647 * Count usually is less than mm->map_count,
1648 * we need to move filenames down.
1650 n = cprm->vma_count - count;
1652 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1653 memmove(name_base - shift_bytes, name_base,
1654 name_curpos - name_base);
1655 name_curpos -= shift_bytes;
1658 size = name_curpos - (char *)data;
1659 fill_note(note, "CORE", NT_FILE, size, data);
1663 #include <linux/regset.h>
1665 struct elf_thread_core_info {
1666 struct elf_thread_core_info *next;
1667 struct task_struct *task;
1668 struct elf_prstatus prstatus;
1669 struct memelfnote notes[];
1672 struct elf_note_info {
1673 struct elf_thread_core_info *thread;
1674 struct memelfnote psinfo;
1675 struct memelfnote signote;
1676 struct memelfnote auxv;
1677 struct memelfnote files;
1678 user_siginfo_t csigdata;
1683 #ifdef CORE_DUMP_USE_REGSET
1685 * When a regset has a writeback hook, we call it on each thread before
1686 * dumping user memory. On register window machines, this makes sure the
1687 * user memory backing the register data is up to date before we read it.
1689 static void do_thread_regset_writeback(struct task_struct *task,
1690 const struct user_regset *regset)
1692 if (regset->writeback)
1693 regset->writeback(task, regset, 1);
1696 #ifndef PRSTATUS_SIZE
1697 #define PRSTATUS_SIZE sizeof(struct elf_prstatus)
1700 #ifndef SET_PR_FPVALID
1701 #define SET_PR_FPVALID(S) ((S)->pr_fpvalid = 1)
1704 static int fill_thread_core_info(struct elf_thread_core_info *t,
1705 const struct user_regset_view *view,
1706 long signr, struct elf_note_info *info)
1708 unsigned int note_iter, view_iter;
1711 * NT_PRSTATUS is the one special case, because the regset data
1712 * goes into the pr_reg field inside the note contents, rather
1713 * than being the whole note contents. We fill the regset in here.
1714 * We assume that regset 0 is NT_PRSTATUS.
1716 fill_prstatus(&t->prstatus.common, t->task, signr);
1717 regset_get(t->task, &view->regsets[0],
1718 sizeof(t->prstatus.pr_reg), &t->prstatus.pr_reg);
1720 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1721 PRSTATUS_SIZE, &t->prstatus);
1722 info->size += notesize(&t->notes[0]);
1724 do_thread_regset_writeback(t->task, &view->regsets[0]);
1727 * Each other regset might generate a note too. For each regset
1728 * that has no core_note_type or is inactive, skip it.
1731 for (view_iter = 1; view_iter < view->n; ++view_iter) {
1732 const struct user_regset *regset = &view->regsets[view_iter];
1733 int note_type = regset->core_note_type;
1734 bool is_fpreg = note_type == NT_PRFPREG;
1738 do_thread_regset_writeback(t->task, regset);
1739 if (!note_type) // not for coredumps
1741 if (regset->active && regset->active(t->task, regset) <= 0)
1744 ret = regset_get_alloc(t->task, regset, ~0U, &data);
1748 if (WARN_ON_ONCE(note_iter >= info->thread_notes))
1752 SET_PR_FPVALID(&t->prstatus);
1754 fill_note(&t->notes[note_iter], is_fpreg ? "CORE" : "LINUX",
1755 note_type, ret, data);
1757 info->size += notesize(&t->notes[note_iter]);
1764 static int fill_thread_core_info(struct elf_thread_core_info *t,
1765 const struct user_regset_view *view,
1766 long signr, struct elf_note_info *info)
1768 struct task_struct *p = t->task;
1769 elf_fpregset_t *fpu;
1771 fill_prstatus(&t->prstatus.common, p, signr);
1772 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1774 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1776 info->size += notesize(&t->notes[0]);
1778 fpu = kzalloc(sizeof(elf_fpregset_t), GFP_KERNEL);
1779 if (!fpu || !elf_core_copy_task_fpregs(p, fpu)) {
1784 t->prstatus.pr_fpvalid = 1;
1785 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(*fpu), fpu);
1786 info->size += notesize(&t->notes[1]);
1792 static int fill_note_info(struct elfhdr *elf, int phdrs,
1793 struct elf_note_info *info,
1794 struct coredump_params *cprm)
1796 struct task_struct *dump_task = current;
1797 const struct user_regset_view *view;
1798 struct elf_thread_core_info *t;
1799 struct elf_prpsinfo *psinfo;
1800 struct core_thread *ct;
1802 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1805 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1807 #ifdef CORE_DUMP_USE_REGSET
1808 view = task_user_regset_view(dump_task);
1811 * Figure out how many notes we're going to need for each thread.
1813 info->thread_notes = 0;
1814 for (int i = 0; i < view->n; ++i)
1815 if (view->regsets[i].core_note_type != 0)
1816 ++info->thread_notes;
1819 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1820 * since it is our one special case.
1822 if (unlikely(info->thread_notes == 0) ||
1823 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1829 * Initialize the ELF file header.
1831 fill_elf_header(elf, phdrs,
1832 view->e_machine, view->e_flags);
1835 info->thread_notes = 2;
1836 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
1840 * Allocate a structure for each thread.
1842 info->thread = kzalloc(offsetof(struct elf_thread_core_info,
1843 notes[info->thread_notes]),
1845 if (unlikely(!info->thread))
1848 info->thread->task = dump_task;
1849 for (ct = dump_task->signal->core_state->dumper.next; ct; ct = ct->next) {
1850 t = kzalloc(offsetof(struct elf_thread_core_info,
1851 notes[info->thread_notes]),
1857 t->next = info->thread->next;
1858 info->thread->next = t;
1862 * Now fill in each thread's information.
1864 for (t = info->thread; t != NULL; t = t->next)
1865 if (!fill_thread_core_info(t, view, cprm->siginfo->si_signo, info))
1869 * Fill in the two process-wide notes.
1871 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1872 info->size += notesize(&info->psinfo);
1874 fill_siginfo_note(&info->signote, &info->csigdata, cprm->siginfo);
1875 info->size += notesize(&info->signote);
1877 fill_auxv_note(&info->auxv, current->mm);
1878 info->size += notesize(&info->auxv);
1880 if (fill_files_note(&info->files, cprm) == 0)
1881 info->size += notesize(&info->files);
1887 * Write all the notes for each thread. When writing the first thread, the
1888 * process-wide notes are interleaved after the first thread-specific note.
1890 static int write_note_info(struct elf_note_info *info,
1891 struct coredump_params *cprm)
1894 struct elf_thread_core_info *t = info->thread;
1899 if (!writenote(&t->notes[0], cprm))
1902 if (first && !writenote(&info->psinfo, cprm))
1904 if (first && !writenote(&info->signote, cprm))
1906 if (first && !writenote(&info->auxv, cprm))
1908 if (first && info->files.data &&
1909 !writenote(&info->files, cprm))
1912 for (i = 1; i < info->thread_notes; ++i)
1913 if (t->notes[i].data &&
1914 !writenote(&t->notes[i], cprm))
1924 static void free_note_info(struct elf_note_info *info)
1926 struct elf_thread_core_info *threads = info->thread;
1929 struct elf_thread_core_info *t = threads;
1931 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1932 for (i = 1; i < info->thread_notes; ++i)
1933 kfree(t->notes[i].data);
1936 kfree(info->psinfo.data);
1937 kvfree(info->files.data);
1940 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
1941 elf_addr_t e_shoff, int segs)
1943 elf->e_shoff = e_shoff;
1944 elf->e_shentsize = sizeof(*shdr4extnum);
1946 elf->e_shstrndx = SHN_UNDEF;
1948 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
1950 shdr4extnum->sh_type = SHT_NULL;
1951 shdr4extnum->sh_size = elf->e_shnum;
1952 shdr4extnum->sh_link = elf->e_shstrndx;
1953 shdr4extnum->sh_info = segs;
1959 * This is a two-pass process; first we find the offsets of the bits,
1960 * and then they are actually written out. If we run out of core limit
1963 static int elf_core_dump(struct coredump_params *cprm)
1968 loff_t offset = 0, dataoff;
1969 struct elf_note_info info = { };
1970 struct elf_phdr *phdr4note = NULL;
1971 struct elf_shdr *shdr4extnum = NULL;
1976 * The number of segs are recored into ELF header as 16bit value.
1977 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
1979 segs = cprm->vma_count + elf_core_extra_phdrs(cprm);
1981 /* for notes section */
1984 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
1985 * this, kernel supports extended numbering. Have a look at
1986 * include/linux/elf.h for further information. */
1987 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
1990 * Collect all the non-memory information about the process for the
1991 * notes. This also sets up the file header.
1993 if (!fill_note_info(&elf, e_phnum, &info, cprm))
1998 offset += sizeof(elf); /* ELF header */
1999 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2001 /* Write notes phdr entry */
2003 size_t sz = info.size;
2005 /* For cell spufs */
2006 sz += elf_coredump_extra_notes_size();
2008 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2012 fill_elf_note_phdr(phdr4note, sz, offset);
2016 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2018 offset += cprm->vma_data_size;
2019 offset += elf_core_extra_data_size(cprm);
2022 if (e_phnum == PN_XNUM) {
2023 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2026 fill_extnum_info(&elf, shdr4extnum, e_shoff, segs);
2031 if (!dump_emit(cprm, &elf, sizeof(elf)))
2034 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
2037 /* Write program headers for segments dump */
2038 for (i = 0; i < cprm->vma_count; i++) {
2039 struct core_vma_metadata *meta = cprm->vma_meta + i;
2040 struct elf_phdr phdr;
2042 phdr.p_type = PT_LOAD;
2043 phdr.p_offset = offset;
2044 phdr.p_vaddr = meta->start;
2046 phdr.p_filesz = meta->dump_size;
2047 phdr.p_memsz = meta->end - meta->start;
2048 offset += phdr.p_filesz;
2050 if (meta->flags & VM_READ)
2051 phdr.p_flags |= PF_R;
2052 if (meta->flags & VM_WRITE)
2053 phdr.p_flags |= PF_W;
2054 if (meta->flags & VM_EXEC)
2055 phdr.p_flags |= PF_X;
2056 phdr.p_align = ELF_EXEC_PAGESIZE;
2058 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
2062 if (!elf_core_write_extra_phdrs(cprm, offset))
2065 /* write out the notes section */
2066 if (!write_note_info(&info, cprm))
2069 /* For cell spufs */
2070 if (elf_coredump_extra_notes_write(cprm))
2074 dump_skip_to(cprm, dataoff);
2076 for (i = 0; i < cprm->vma_count; i++) {
2077 struct core_vma_metadata *meta = cprm->vma_meta + i;
2079 if (!dump_user_range(cprm, meta->start, meta->dump_size))
2083 if (!elf_core_write_extra_data(cprm))
2086 if (e_phnum == PN_XNUM) {
2087 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
2092 free_note_info(&info);
2098 #endif /* CONFIG_ELF_CORE */
2100 static int __init init_elf_binfmt(void)
2102 register_binfmt(&elf_format);
2106 static void __exit exit_elf_binfmt(void)
2108 /* Remove the COFF and ELF loaders. */
2109 unregister_binfmt(&elf_format);
2112 core_initcall(init_elf_binfmt);
2113 module_exit(exit_elf_binfmt);
2115 #ifdef CONFIG_BINFMT_ELF_KUNIT_TEST
2116 #include "binfmt_elf_test.c"
projects / linux-2.6-microblaze.git / blob