1 // SPDX-License-Identifier: GPL-2.0-only
3 * linux/fs/binfmt_elf.c
5 * These are the functions used to load ELF format executables as used
6 * on SVr4 machines. Information on the format may be found in the book
7 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
10 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
13 #include <linux/module.h>
14 #include <linux/kernel.h>
17 #include <linux/mman.h>
18 #include <linux/errno.h>
19 #include <linux/signal.h>
20 #include <linux/binfmts.h>
21 #include <linux/string.h>
22 #include <linux/file.h>
23 #include <linux/slab.h>
24 #include <linux/personality.h>
25 #include <linux/elfcore.h>
26 #include <linux/init.h>
27 #include <linux/highuid.h>
28 #include <linux/compiler.h>
29 #include <linux/highmem.h>
30 #include <linux/pagemap.h>
31 #include <linux/vmalloc.h>
32 #include <linux/security.h>
33 #include <linux/random.h>
34 #include <linux/elf.h>
35 #include <linux/elf-randomize.h>
36 #include <linux/utsname.h>
37 #include <linux/coredump.h>
38 #include <linux/sched.h>
39 #include <linux/sched/coredump.h>
40 #include <linux/sched/task_stack.h>
41 #include <linux/sched/cputime.h>
42 #include <linux/cred.h>
43 #include <linux/dax.h>
44 #include <linux/uaccess.h>
45 #include <asm/param.h>
49 #define user_long_t long
51 #ifndef user_siginfo_t
52 #define user_siginfo_t siginfo_t
55 /* That's for binfmt_elf_fdpic to deal with */
56 #ifndef elf_check_fdpic
57 #define elf_check_fdpic(ex) false
60 static int load_elf_binary(struct linux_binprm *bprm);
63 static int load_elf_library(struct file *);
65 #define load_elf_library NULL
69 * If we don't support core dumping, then supply a NULL so we
72 #ifdef CONFIG_ELF_CORE
73 static int elf_core_dump(struct coredump_params *cprm);
75 #define elf_core_dump NULL
78 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
79 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
81 #define ELF_MIN_ALIGN PAGE_SIZE
84 #ifndef ELF_CORE_EFLAGS
85 #define ELF_CORE_EFLAGS 0
88 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
89 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
90 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
92 static struct linux_binfmt elf_format = {
93 .module = THIS_MODULE,
94 .load_binary = load_elf_binary,
95 .load_shlib = load_elf_library,
96 .core_dump = elf_core_dump,
97 .min_coredump = ELF_EXEC_PAGESIZE,
100 #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
102 static int set_brk(unsigned long start, unsigned long end, int prot)
104 start = ELF_PAGEALIGN(start);
105 end = ELF_PAGEALIGN(end);
108 * Map the last of the bss segment.
109 * If the header is requesting these pages to be
110 * executable, honour that (ppc32 needs this).
112 int error = vm_brk_flags(start, end - start,
113 prot & PROT_EXEC ? VM_EXEC : 0);
117 current->mm->start_brk = current->mm->brk = end;
121 /* We need to explicitly zero any fractional pages
122 after the data section (i.e. bss). This would
123 contain the junk from the file that should not
126 static int padzero(unsigned long elf_bss)
130 nbyte = ELF_PAGEOFFSET(elf_bss);
132 nbyte = ELF_MIN_ALIGN - nbyte;
133 if (clear_user((void __user *) elf_bss, nbyte))
139 /* Let's use some macros to make this stack manipulation a little clearer */
140 #ifdef CONFIG_STACK_GROWSUP
141 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
142 #define STACK_ROUND(sp, items) \
143 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
144 #define STACK_ALLOC(sp, len) ({ \
145 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
148 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
149 #define STACK_ROUND(sp, items) \
150 (((unsigned long) (sp - items)) &~ 15UL)
151 #define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
154 #ifndef ELF_BASE_PLATFORM
156 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
157 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
158 * will be copied to the user stack in the same manner as AT_PLATFORM.
160 #define ELF_BASE_PLATFORM NULL
164 create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
165 unsigned long load_addr, unsigned long interp_load_addr)
167 unsigned long p = bprm->p;
168 int argc = bprm->argc;
169 int envc = bprm->envc;
170 elf_addr_t __user *sp;
171 elf_addr_t __user *u_platform;
172 elf_addr_t __user *u_base_platform;
173 elf_addr_t __user *u_rand_bytes;
174 const char *k_platform = ELF_PLATFORM;
175 const char *k_base_platform = ELF_BASE_PLATFORM;
176 unsigned char k_rand_bytes[16];
178 elf_addr_t *elf_info;
180 const struct cred *cred = current_cred();
181 struct vm_area_struct *vma;
184 * In some cases (e.g. Hyper-Threading), we want to avoid L1
185 * evictions by the processes running on the same package. One
186 * thing we can do is to shuffle the initial stack for them.
189 p = arch_align_stack(p);
192 * If this architecture has a platform capability string, copy it
193 * to userspace. In some cases (Sparc), this info is impossible
194 * for userspace to get any other way, in others (i386) it is
199 size_t len = strlen(k_platform) + 1;
201 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
202 if (__copy_to_user(u_platform, k_platform, len))
207 * If this architecture has a "base" platform capability
208 * string, copy it to userspace.
210 u_base_platform = NULL;
211 if (k_base_platform) {
212 size_t len = strlen(k_base_platform) + 1;
214 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
215 if (__copy_to_user(u_base_platform, k_base_platform, len))
220 * Generate 16 random bytes for userspace PRNG seeding.
222 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
223 u_rand_bytes = (elf_addr_t __user *)
224 STACK_ALLOC(p, sizeof(k_rand_bytes));
225 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
228 /* Create the ELF interpreter info */
229 elf_info = (elf_addr_t *)current->mm->saved_auxv;
230 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
231 #define NEW_AUX_ENT(id, val) \
239 * ARCH_DLINFO must come first so PPC can do its special alignment of
241 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
242 * ARCH_DLINFO changes
246 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
247 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
248 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
249 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
250 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
251 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
252 NEW_AUX_ENT(AT_BASE, interp_load_addr);
253 NEW_AUX_ENT(AT_FLAGS, 0);
254 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
255 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
256 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
257 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
258 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
259 NEW_AUX_ENT(AT_SECURE, bprm->secureexec);
260 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
262 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
264 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
266 NEW_AUX_ENT(AT_PLATFORM,
267 (elf_addr_t)(unsigned long)u_platform);
269 if (k_base_platform) {
270 NEW_AUX_ENT(AT_BASE_PLATFORM,
271 (elf_addr_t)(unsigned long)u_base_platform);
273 if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
274 NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
277 /* AT_NULL is zero; clear the rest too */
278 memset(elf_info, 0, (char *)current->mm->saved_auxv +
279 sizeof(current->mm->saved_auxv) - (char *)elf_info);
281 /* And advance past the AT_NULL entry. */
284 ei_index = elf_info - (elf_addr_t *)current->mm->saved_auxv;
285 sp = STACK_ADD(p, ei_index);
287 items = (argc + 1) + (envc + 1) + 1;
288 bprm->p = STACK_ROUND(sp, items);
290 /* Point sp at the lowest address on the stack */
291 #ifdef CONFIG_STACK_GROWSUP
292 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
293 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
295 sp = (elf_addr_t __user *)bprm->p;
300 * Grow the stack manually; some architectures have a limit on how
301 * far ahead a user-space access may be in order to grow the stack.
303 vma = find_extend_vma(current->mm, bprm->p);
307 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
308 if (__put_user(argc, sp++))
311 /* Populate list of argv pointers back to argv strings. */
312 p = current->mm->arg_end = current->mm->arg_start;
315 if (__put_user((elf_addr_t)p, sp++))
317 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
318 if (!len || len > MAX_ARG_STRLEN)
322 if (__put_user(0, sp++))
324 current->mm->arg_end = p;
326 /* Populate list of envp pointers back to envp strings. */
327 current->mm->env_end = current->mm->env_start = p;
330 if (__put_user((elf_addr_t)p, sp++))
332 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
333 if (!len || len > MAX_ARG_STRLEN)
337 if (__put_user(0, sp++))
339 current->mm->env_end = p;
341 /* Put the elf_info on the stack in the right place. */
342 if (copy_to_user(sp, current->mm->saved_auxv, ei_index * sizeof(elf_addr_t)))
349 static unsigned long elf_map(struct file *filep, unsigned long addr,
350 const struct elf_phdr *eppnt, int prot, int type,
351 unsigned long total_size)
353 unsigned long map_addr;
354 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
355 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
356 addr = ELF_PAGESTART(addr);
357 size = ELF_PAGEALIGN(size);
359 /* mmap() will return -EINVAL if given a zero size, but a
360 * segment with zero filesize is perfectly valid */
365 * total_size is the size of the ELF (interpreter) image.
366 * The _first_ mmap needs to know the full size, otherwise
367 * randomization might put this image into an overlapping
368 * position with the ELF binary image. (since size < total_size)
369 * So we first map the 'big' image - and unmap the remainder at
370 * the end. (which unmap is needed for ELF images with holes.)
373 total_size = ELF_PAGEALIGN(total_size);
374 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
375 if (!BAD_ADDR(map_addr))
376 vm_munmap(map_addr+size, total_size-size);
378 map_addr = vm_mmap(filep, addr, size, prot, type, off);
380 if ((type & MAP_FIXED_NOREPLACE) &&
381 PTR_ERR((void *)map_addr) == -EEXIST)
382 pr_info("%d (%s): Uhuuh, elf segment at %px requested but the memory is mapped already\n",
383 task_pid_nr(current), current->comm, (void *)addr);
388 #endif /* !elf_map */
390 static unsigned long total_mapping_size(const struct elf_phdr *cmds, int nr)
392 int i, first_idx = -1, last_idx = -1;
394 for (i = 0; i < nr; i++) {
395 if (cmds[i].p_type == PT_LOAD) {
404 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
405 ELF_PAGESTART(cmds[first_idx].p_vaddr);
408 static int elf_read(struct file *file, void *buf, size_t len, loff_t pos)
412 rv = kernel_read(file, buf, len, &pos);
413 if (unlikely(rv != len)) {
414 return (rv < 0) ? rv : -EIO;
420 * load_elf_phdrs() - load ELF program headers
421 * @elf_ex: ELF header of the binary whose program headers should be loaded
422 * @elf_file: the opened ELF binary file
424 * Loads ELF program headers from the binary file elf_file, which has the ELF
425 * header pointed to by elf_ex, into a newly allocated array. The caller is
426 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.
428 static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex,
429 struct file *elf_file)
431 struct elf_phdr *elf_phdata = NULL;
432 int retval, err = -1;
436 * If the size of this structure has changed, then punt, since
437 * we will be doing the wrong thing.
439 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
442 /* Sanity check the number of program headers... */
443 /* ...and their total size. */
444 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
445 if (size == 0 || size > 65536 || size > ELF_MIN_ALIGN)
448 elf_phdata = kmalloc(size, GFP_KERNEL);
452 /* Read in the program headers */
453 retval = elf_read(elf_file, elf_phdata, size, elf_ex->e_phoff);
469 #ifndef CONFIG_ARCH_BINFMT_ELF_STATE
472 * struct arch_elf_state - arch-specific ELF loading state
474 * This structure is used to preserve architecture specific data during
475 * the loading of an ELF file, throughout the checking of architecture
476 * specific ELF headers & through to the point where the ELF load is
477 * known to be proceeding (ie. SET_PERSONALITY).
479 * This implementation is a dummy for architectures which require no
482 struct arch_elf_state {
485 #define INIT_ARCH_ELF_STATE {}
488 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
489 * @ehdr: The main ELF header
490 * @phdr: The program header to check
491 * @elf: The open ELF file
492 * @is_interp: True if the phdr is from the interpreter of the ELF being
493 * loaded, else false.
494 * @state: Architecture-specific state preserved throughout the process
495 * of loading the ELF.
497 * Inspects the program header phdr to validate its correctness and/or
498 * suitability for the system. Called once per ELF program header in the
499 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
502 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
503 * with that return code.
505 static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
506 struct elf_phdr *phdr,
507 struct file *elf, bool is_interp,
508 struct arch_elf_state *state)
510 /* Dummy implementation, always proceed */
515 * arch_check_elf() - check an ELF executable
516 * @ehdr: The main ELF header
517 * @has_interp: True if the ELF has an interpreter, else false.
518 * @interp_ehdr: The interpreter's ELF header
519 * @state: Architecture-specific state preserved throughout the process
520 * of loading the ELF.
522 * Provides a final opportunity for architecture code to reject the loading
523 * of the ELF & cause an exec syscall to return an error. This is called after
524 * all program headers to be checked by arch_elf_pt_proc have been.
526 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
527 * with that return code.
529 static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
530 struct elfhdr *interp_ehdr,
531 struct arch_elf_state *state)
533 /* Dummy implementation, always proceed */
537 #endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
539 static inline int make_prot(u32 p_flags)
552 /* This is much more generalized than the library routine read function,
553 so we keep this separate. Technically the library read function
554 is only provided so that we can read a.out libraries that have
557 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
558 struct file *interpreter,
559 unsigned long no_base, struct elf_phdr *interp_elf_phdata)
561 struct elf_phdr *eppnt;
562 unsigned long load_addr = 0;
563 int load_addr_set = 0;
564 unsigned long last_bss = 0, elf_bss = 0;
566 unsigned long error = ~0UL;
567 unsigned long total_size;
570 /* First of all, some simple consistency checks */
571 if (interp_elf_ex->e_type != ET_EXEC &&
572 interp_elf_ex->e_type != ET_DYN)
574 if (!elf_check_arch(interp_elf_ex) ||
575 elf_check_fdpic(interp_elf_ex))
577 if (!interpreter->f_op->mmap)
580 total_size = total_mapping_size(interp_elf_phdata,
581 interp_elf_ex->e_phnum);
587 eppnt = interp_elf_phdata;
588 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
589 if (eppnt->p_type == PT_LOAD) {
590 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
591 int elf_prot = make_prot(eppnt->p_flags);
592 unsigned long vaddr = 0;
593 unsigned long k, map_addr;
595 vaddr = eppnt->p_vaddr;
596 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
597 elf_type |= MAP_FIXED_NOREPLACE;
598 else if (no_base && interp_elf_ex->e_type == ET_DYN)
601 map_addr = elf_map(interpreter, load_addr + vaddr,
602 eppnt, elf_prot, elf_type, total_size);
605 if (BAD_ADDR(map_addr))
608 if (!load_addr_set &&
609 interp_elf_ex->e_type == ET_DYN) {
610 load_addr = map_addr - ELF_PAGESTART(vaddr);
615 * Check to see if the section's size will overflow the
616 * allowed task size. Note that p_filesz must always be
617 * <= p_memsize so it's only necessary to check p_memsz.
619 k = load_addr + eppnt->p_vaddr;
621 eppnt->p_filesz > eppnt->p_memsz ||
622 eppnt->p_memsz > TASK_SIZE ||
623 TASK_SIZE - eppnt->p_memsz < k) {
629 * Find the end of the file mapping for this phdr, and
630 * keep track of the largest address we see for this.
632 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
637 * Do the same thing for the memory mapping - between
638 * elf_bss and last_bss is the bss section.
640 k = load_addr + eppnt->p_vaddr + eppnt->p_memsz;
649 * Now fill out the bss section: first pad the last page from
650 * the file up to the page boundary, and zero it from elf_bss
651 * up to the end of the page.
653 if (padzero(elf_bss)) {
658 * Next, align both the file and mem bss up to the page size,
659 * since this is where elf_bss was just zeroed up to, and where
660 * last_bss will end after the vm_brk_flags() below.
662 elf_bss = ELF_PAGEALIGN(elf_bss);
663 last_bss = ELF_PAGEALIGN(last_bss);
664 /* Finally, if there is still more bss to allocate, do it. */
665 if (last_bss > elf_bss) {
666 error = vm_brk_flags(elf_bss, last_bss - elf_bss,
667 bss_prot & PROT_EXEC ? VM_EXEC : 0);
678 * These are the functions used to load ELF style executables and shared
679 * libraries. There is no binary dependent code anywhere else.
682 static int load_elf_binary(struct linux_binprm *bprm)
684 struct file *interpreter = NULL; /* to shut gcc up */
685 unsigned long load_addr = 0, load_bias = 0;
686 int load_addr_set = 0;
688 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
689 unsigned long elf_bss, elf_brk;
692 unsigned long elf_entry;
693 unsigned long interp_load_addr = 0;
694 unsigned long start_code, end_code, start_data, end_data;
695 unsigned long reloc_func_desc __maybe_unused = 0;
696 int executable_stack = EXSTACK_DEFAULT;
698 struct elfhdr elf_ex;
699 struct elfhdr interp_elf_ex;
701 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
702 struct pt_regs *regs;
704 loc = kmalloc(sizeof(*loc), GFP_KERNEL);
710 /* Get the exec-header */
711 loc->elf_ex = *((struct elfhdr *)bprm->buf);
714 /* First of all, some simple consistency checks */
715 if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
718 if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
720 if (!elf_check_arch(&loc->elf_ex))
722 if (elf_check_fdpic(&loc->elf_ex))
724 if (!bprm->file->f_op->mmap)
727 elf_phdata = load_elf_phdrs(&loc->elf_ex, bprm->file);
731 elf_ppnt = elf_phdata;
732 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
733 char *elf_interpreter;
735 if (elf_ppnt->p_type != PT_INTERP)
739 * This is the program interpreter used for shared libraries -
740 * for now assume that this is an a.out format binary.
743 if (elf_ppnt->p_filesz > PATH_MAX || elf_ppnt->p_filesz < 2)
747 elf_interpreter = kmalloc(elf_ppnt->p_filesz, GFP_KERNEL);
748 if (!elf_interpreter)
751 retval = elf_read(bprm->file, elf_interpreter, elf_ppnt->p_filesz,
754 goto out_free_interp;
755 /* make sure path is NULL terminated */
757 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
758 goto out_free_interp;
760 interpreter = open_exec(elf_interpreter);
761 kfree(elf_interpreter);
762 retval = PTR_ERR(interpreter);
763 if (IS_ERR(interpreter))
767 * If the binary is not readable then enforce mm->dumpable = 0
768 * regardless of the interpreter's permissions.
770 would_dump(bprm, interpreter);
772 /* Get the exec headers */
773 retval = elf_read(interpreter, &loc->interp_elf_ex,
774 sizeof(loc->interp_elf_ex), 0);
776 goto out_free_dentry;
781 kfree(elf_interpreter);
785 elf_ppnt = elf_phdata;
786 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
787 switch (elf_ppnt->p_type) {
789 if (elf_ppnt->p_flags & PF_X)
790 executable_stack = EXSTACK_ENABLE_X;
792 executable_stack = EXSTACK_DISABLE_X;
795 case PT_LOPROC ... PT_HIPROC:
796 retval = arch_elf_pt_proc(&loc->elf_ex, elf_ppnt,
800 goto out_free_dentry;
804 /* Some simple consistency checks for the interpreter */
807 /* Not an ELF interpreter */
808 if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
809 goto out_free_dentry;
810 /* Verify the interpreter has a valid arch */
811 if (!elf_check_arch(&loc->interp_elf_ex) ||
812 elf_check_fdpic(&loc->interp_elf_ex))
813 goto out_free_dentry;
815 /* Load the interpreter program headers */
816 interp_elf_phdata = load_elf_phdrs(&loc->interp_elf_ex,
818 if (!interp_elf_phdata)
819 goto out_free_dentry;
821 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
822 elf_ppnt = interp_elf_phdata;
823 for (i = 0; i < loc->interp_elf_ex.e_phnum; i++, elf_ppnt++)
824 switch (elf_ppnt->p_type) {
825 case PT_LOPROC ... PT_HIPROC:
826 retval = arch_elf_pt_proc(&loc->interp_elf_ex,
827 elf_ppnt, interpreter,
830 goto out_free_dentry;
836 * Allow arch code to reject the ELF at this point, whilst it's
837 * still possible to return an error to the code that invoked
840 retval = arch_check_elf(&loc->elf_ex,
841 !!interpreter, &loc->interp_elf_ex,
844 goto out_free_dentry;
846 /* Flush all traces of the currently running executable */
847 retval = flush_old_exec(bprm);
849 goto out_free_dentry;
851 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
852 may depend on the personality. */
853 SET_PERSONALITY2(loc->elf_ex, &arch_state);
854 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
855 current->personality |= READ_IMPLIES_EXEC;
857 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
858 current->flags |= PF_RANDOMIZE;
860 setup_new_exec(bprm);
861 install_exec_creds(bprm);
863 /* Do this so that we can load the interpreter, if need be. We will
864 change some of these later */
865 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
868 goto out_free_dentry;
878 /* Now we do a little grungy work by mmapping the ELF image into
879 the correct location in memory. */
880 for(i = 0, elf_ppnt = elf_phdata;
881 i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
882 int elf_prot, elf_flags;
883 unsigned long k, vaddr;
884 unsigned long total_size = 0;
886 if (elf_ppnt->p_type != PT_LOAD)
889 if (unlikely (elf_brk > elf_bss)) {
892 /* There was a PT_LOAD segment with p_memsz > p_filesz
893 before this one. Map anonymous pages, if needed,
894 and clear the area. */
895 retval = set_brk(elf_bss + load_bias,
899 goto out_free_dentry;
900 nbyte = ELF_PAGEOFFSET(elf_bss);
902 nbyte = ELF_MIN_ALIGN - nbyte;
903 if (nbyte > elf_brk - elf_bss)
904 nbyte = elf_brk - elf_bss;
905 if (clear_user((void __user *)elf_bss +
908 * This bss-zeroing can fail if the ELF
909 * file specifies odd protections. So
910 * we don't check the return value
916 elf_prot = make_prot(elf_ppnt->p_flags);
918 elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
920 vaddr = elf_ppnt->p_vaddr;
922 * If we are loading ET_EXEC or we have already performed
923 * the ET_DYN load_addr calculations, proceed normally.
925 if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
926 elf_flags |= MAP_FIXED;
927 } else if (loc->elf_ex.e_type == ET_DYN) {
929 * This logic is run once for the first LOAD Program
930 * Header for ET_DYN binaries to calculate the
931 * randomization (load_bias) for all the LOAD
932 * Program Headers, and to calculate the entire
933 * size of the ELF mapping (total_size). (Note that
934 * load_addr_set is set to true later once the
935 * initial mapping is performed.)
937 * There are effectively two types of ET_DYN
938 * binaries: programs (i.e. PIE: ET_DYN with INTERP)
939 * and loaders (ET_DYN without INTERP, since they
940 * _are_ the ELF interpreter). The loaders must
941 * be loaded away from programs since the program
942 * may otherwise collide with the loader (especially
943 * for ET_EXEC which does not have a randomized
944 * position). For example to handle invocations of
945 * "./ld.so someprog" to test out a new version of
946 * the loader, the subsequent program that the
947 * loader loads must avoid the loader itself, so
948 * they cannot share the same load range. Sufficient
949 * room for the brk must be allocated with the
950 * loader as well, since brk must be available with
953 * Therefore, programs are loaded offset from
954 * ELF_ET_DYN_BASE and loaders are loaded into the
955 * independently randomized mmap region (0 load_bias
956 * without MAP_FIXED).
959 load_bias = ELF_ET_DYN_BASE;
960 if (current->flags & PF_RANDOMIZE)
961 load_bias += arch_mmap_rnd();
962 elf_flags |= MAP_FIXED;
967 * Since load_bias is used for all subsequent loading
968 * calculations, we must lower it by the first vaddr
969 * so that the remaining calculations based on the
970 * ELF vaddrs will be correctly offset. The result
971 * is then page aligned.
973 load_bias = ELF_PAGESTART(load_bias - vaddr);
975 total_size = total_mapping_size(elf_phdata,
976 loc->elf_ex.e_phnum);
979 goto out_free_dentry;
983 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
984 elf_prot, elf_flags, total_size);
985 if (BAD_ADDR(error)) {
986 retval = IS_ERR((void *)error) ?
987 PTR_ERR((void*)error) : -EINVAL;
988 goto out_free_dentry;
991 if (!load_addr_set) {
993 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
994 if (loc->elf_ex.e_type == ET_DYN) {
996 ELF_PAGESTART(load_bias + vaddr);
997 load_addr += load_bias;
998 reloc_func_desc = load_bias;
1001 k = elf_ppnt->p_vaddr;
1002 if ((elf_ppnt->p_flags & PF_X) && k < start_code)
1008 * Check to see if the section's size will overflow the
1009 * allowed task size. Note that p_filesz must always be
1010 * <= p_memsz so it is only necessary to check p_memsz.
1012 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
1013 elf_ppnt->p_memsz > TASK_SIZE ||
1014 TASK_SIZE - elf_ppnt->p_memsz < k) {
1015 /* set_brk can never work. Avoid overflows. */
1017 goto out_free_dentry;
1020 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
1024 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
1028 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1030 bss_prot = elf_prot;
1035 loc->elf_ex.e_entry += load_bias;
1036 elf_bss += load_bias;
1037 elf_brk += load_bias;
1038 start_code += load_bias;
1039 end_code += load_bias;
1040 start_data += load_bias;
1041 end_data += load_bias;
1043 /* Calling set_brk effectively mmaps the pages that we need
1044 * for the bss and break sections. We must do this before
1045 * mapping in the interpreter, to make sure it doesn't wind
1046 * up getting placed where the bss needs to go.
1048 retval = set_brk(elf_bss, elf_brk, bss_prot);
1050 goto out_free_dentry;
1051 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
1052 retval = -EFAULT; /* Nobody gets to see this, but.. */
1053 goto out_free_dentry;
1057 elf_entry = load_elf_interp(&loc->interp_elf_ex,
1059 load_bias, interp_elf_phdata);
1060 if (!IS_ERR((void *)elf_entry)) {
1062 * load_elf_interp() returns relocation
1065 interp_load_addr = elf_entry;
1066 elf_entry += loc->interp_elf_ex.e_entry;
1068 if (BAD_ADDR(elf_entry)) {
1069 retval = IS_ERR((void *)elf_entry) ?
1070 (int)elf_entry : -EINVAL;
1071 goto out_free_dentry;
1073 reloc_func_desc = interp_load_addr;
1075 allow_write_access(interpreter);
1078 elf_entry = loc->elf_ex.e_entry;
1079 if (BAD_ADDR(elf_entry)) {
1081 goto out_free_dentry;
1085 kfree(interp_elf_phdata);
1088 set_binfmt(&elf_format);
1090 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
1091 retval = arch_setup_additional_pages(bprm, !!interpreter);
1094 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1096 retval = create_elf_tables(bprm, &loc->elf_ex,
1097 load_addr, interp_load_addr);
1100 current->mm->end_code = end_code;
1101 current->mm->start_code = start_code;
1102 current->mm->start_data = start_data;
1103 current->mm->end_data = end_data;
1104 current->mm->start_stack = bprm->p;
1106 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
1108 * For architectures with ELF randomization, when executing
1109 * a loader directly (i.e. no interpreter listed in ELF
1110 * headers), move the brk area out of the mmap region
1111 * (since it grows up, and may collide early with the stack
1112 * growing down), and into the unused ELF_ET_DYN_BASE region.
1114 if (IS_ENABLED(CONFIG_ARCH_HAS_ELF_RANDOMIZE) &&
1115 loc->elf_ex.e_type == ET_DYN && !interpreter)
1116 current->mm->brk = current->mm->start_brk =
1119 current->mm->brk = current->mm->start_brk =
1120 arch_randomize_brk(current->mm);
1121 #ifdef compat_brk_randomized
1122 current->brk_randomized = 1;
1126 if (current->personality & MMAP_PAGE_ZERO) {
1127 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1128 and some applications "depend" upon this behavior.
1129 Since we do not have the power to recompile these, we
1130 emulate the SVr4 behavior. Sigh. */
1131 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1132 MAP_FIXED | MAP_PRIVATE, 0);
1135 regs = current_pt_regs();
1136 #ifdef ELF_PLAT_INIT
1138 * The ABI may specify that certain registers be set up in special
1139 * ways (on i386 %edx is the address of a DT_FINI function, for
1140 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1141 * that the e_entry field is the address of the function descriptor
1142 * for the startup routine, rather than the address of the startup
1143 * routine itself. This macro performs whatever initialization to
1144 * the regs structure is required as well as any relocations to the
1145 * function descriptor entries when executing dynamically links apps.
1147 ELF_PLAT_INIT(regs, reloc_func_desc);
1150 finalize_exec(bprm);
1151 start_thread(regs, elf_entry, bprm->p);
1160 kfree(interp_elf_phdata);
1161 allow_write_access(interpreter);
1169 #ifdef CONFIG_USELIB
1170 /* This is really simpleminded and specialized - we are loading an
1171 a.out library that is given an ELF header. */
1172 static int load_elf_library(struct file *file)
1174 struct elf_phdr *elf_phdata;
1175 struct elf_phdr *eppnt;
1176 unsigned long elf_bss, bss, len;
1177 int retval, error, i, j;
1178 struct elfhdr elf_ex;
1181 retval = elf_read(file, &elf_ex, sizeof(elf_ex), 0);
1185 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1188 /* First of all, some simple consistency checks */
1189 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1190 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1192 if (elf_check_fdpic(&elf_ex))
1195 /* Now read in all of the header information */
1197 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1198 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1201 elf_phdata = kmalloc(j, GFP_KERNEL);
1207 retval = elf_read(file, eppnt, j, elf_ex.e_phoff);
1211 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1212 if ((eppnt + i)->p_type == PT_LOAD)
1217 while (eppnt->p_type != PT_LOAD)
1220 /* Now use mmap to map the library into memory. */
1221 error = vm_mmap(file,
1222 ELF_PAGESTART(eppnt->p_vaddr),
1224 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1225 PROT_READ | PROT_WRITE | PROT_EXEC,
1226 MAP_FIXED_NOREPLACE | MAP_PRIVATE | MAP_DENYWRITE,
1228 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1229 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1232 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1233 if (padzero(elf_bss)) {
1238 len = ELF_PAGEALIGN(eppnt->p_filesz + eppnt->p_vaddr);
1239 bss = ELF_PAGEALIGN(eppnt->p_memsz + eppnt->p_vaddr);
1241 error = vm_brk(len, bss - len);
1252 #endif /* #ifdef CONFIG_USELIB */
1254 #ifdef CONFIG_ELF_CORE
1258 * Modelled on fs/exec.c:aout_core_dump()
1259 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1263 * The purpose of always_dump_vma() is to make sure that special kernel mappings
1264 * that are useful for post-mortem analysis are included in every core dump.
1265 * In that way we ensure that the core dump is fully interpretable later
1266 * without matching up the same kernel and hardware config to see what PC values
1267 * meant. These special mappings include - vDSO, vsyscall, and other
1268 * architecture specific mappings
1270 static bool always_dump_vma(struct vm_area_struct *vma)
1272 /* Any vsyscall mappings? */
1273 if (vma == get_gate_vma(vma->vm_mm))
1277 * Assume that all vmas with a .name op should always be dumped.
1278 * If this changes, a new vm_ops field can easily be added.
1280 if (vma->vm_ops && vma->vm_ops->name && vma->vm_ops->name(vma))
1284 * arch_vma_name() returns non-NULL for special architecture mappings,
1285 * such as vDSO sections.
1287 if (arch_vma_name(vma))
1294 * Decide what to dump of a segment, part, all or none.
1296 static unsigned long vma_dump_size(struct vm_area_struct *vma,
1297 unsigned long mm_flags)
1299 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
1301 /* always dump the vdso and vsyscall sections */
1302 if (always_dump_vma(vma))
1305 if (vma->vm_flags & VM_DONTDUMP)
1308 /* support for DAX */
1309 if (vma_is_dax(vma)) {
1310 if ((vma->vm_flags & VM_SHARED) && FILTER(DAX_SHARED))
1312 if (!(vma->vm_flags & VM_SHARED) && FILTER(DAX_PRIVATE))
1317 /* Hugetlb memory check */
1318 if (vma->vm_flags & VM_HUGETLB) {
1319 if ((vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_SHARED))
1321 if (!(vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_PRIVATE))
1326 /* Do not dump I/O mapped devices or special mappings */
1327 if (vma->vm_flags & VM_IO)
1330 /* By default, dump shared memory if mapped from an anonymous file. */
1331 if (vma->vm_flags & VM_SHARED) {
1332 if (file_inode(vma->vm_file)->i_nlink == 0 ?
1333 FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
1338 /* Dump segments that have been written to. */
1339 if (vma->anon_vma && FILTER(ANON_PRIVATE))
1341 if (vma->vm_file == NULL)
1344 if (FILTER(MAPPED_PRIVATE))
1348 * If this looks like the beginning of a DSO or executable mapping,
1349 * check for an ELF header. If we find one, dump the first page to
1350 * aid in determining what was mapped here.
1352 if (FILTER(ELF_HEADERS) &&
1353 vma->vm_pgoff == 0 && (vma->vm_flags & VM_READ)) {
1354 u32 __user *header = (u32 __user *) vma->vm_start;
1356 mm_segment_t fs = get_fs();
1358 * Doing it this way gets the constant folded by GCC.
1362 char elfmag[SELFMAG];
1364 BUILD_BUG_ON(SELFMAG != sizeof word);
1365 magic.elfmag[EI_MAG0] = ELFMAG0;
1366 magic.elfmag[EI_MAG1] = ELFMAG1;
1367 magic.elfmag[EI_MAG2] = ELFMAG2;
1368 magic.elfmag[EI_MAG3] = ELFMAG3;
1370 * Switch to the user "segment" for get_user(),
1371 * then put back what elf_core_dump() had in place.
1374 if (unlikely(get_user(word, header)))
1377 if (word == magic.cmp)
1386 return vma->vm_end - vma->vm_start;
1389 /* An ELF note in memory */
1394 unsigned int datasz;
1398 static int notesize(struct memelfnote *en)
1402 sz = sizeof(struct elf_note);
1403 sz += roundup(strlen(en->name) + 1, 4);
1404 sz += roundup(en->datasz, 4);
1409 static int writenote(struct memelfnote *men, struct coredump_params *cprm)
1412 en.n_namesz = strlen(men->name) + 1;
1413 en.n_descsz = men->datasz;
1414 en.n_type = men->type;
1416 return dump_emit(cprm, &en, sizeof(en)) &&
1417 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1418 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1421 static void fill_elf_header(struct elfhdr *elf, int segs,
1422 u16 machine, u32 flags)
1424 memset(elf, 0, sizeof(*elf));
1426 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1427 elf->e_ident[EI_CLASS] = ELF_CLASS;
1428 elf->e_ident[EI_DATA] = ELF_DATA;
1429 elf->e_ident[EI_VERSION] = EV_CURRENT;
1430 elf->e_ident[EI_OSABI] = ELF_OSABI;
1432 elf->e_type = ET_CORE;
1433 elf->e_machine = machine;
1434 elf->e_version = EV_CURRENT;
1435 elf->e_phoff = sizeof(struct elfhdr);
1436 elf->e_flags = flags;
1437 elf->e_ehsize = sizeof(struct elfhdr);
1438 elf->e_phentsize = sizeof(struct elf_phdr);
1439 elf->e_phnum = segs;
1442 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1444 phdr->p_type = PT_NOTE;
1445 phdr->p_offset = offset;
1448 phdr->p_filesz = sz;
1454 static void fill_note(struct memelfnote *note, const char *name, int type,
1455 unsigned int sz, void *data)
1464 * fill up all the fields in prstatus from the given task struct, except
1465 * registers which need to be filled up separately.
1467 static void fill_prstatus(struct elf_prstatus *prstatus,
1468 struct task_struct *p, long signr)
1470 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1471 prstatus->pr_sigpend = p->pending.signal.sig[0];
1472 prstatus->pr_sighold = p->blocked.sig[0];
1474 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1476 prstatus->pr_pid = task_pid_vnr(p);
1477 prstatus->pr_pgrp = task_pgrp_vnr(p);
1478 prstatus->pr_sid = task_session_vnr(p);
1479 if (thread_group_leader(p)) {
1480 struct task_cputime cputime;
1483 * This is the record for the group leader. It shows the
1484 * group-wide total, not its individual thread total.
1486 thread_group_cputime(p, &cputime);
1487 prstatus->pr_utime = ns_to_kernel_old_timeval(cputime.utime);
1488 prstatus->pr_stime = ns_to_kernel_old_timeval(cputime.stime);
1492 task_cputime(p, &utime, &stime);
1493 prstatus->pr_utime = ns_to_kernel_old_timeval(utime);
1494 prstatus->pr_stime = ns_to_kernel_old_timeval(stime);
1497 prstatus->pr_cutime = ns_to_kernel_old_timeval(p->signal->cutime);
1498 prstatus->pr_cstime = ns_to_kernel_old_timeval(p->signal->cstime);
1501 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1502 struct mm_struct *mm)
1504 const struct cred *cred;
1505 unsigned int i, len;
1507 /* first copy the parameters from user space */
1508 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1510 len = mm->arg_end - mm->arg_start;
1511 if (len >= ELF_PRARGSZ)
1512 len = ELF_PRARGSZ-1;
1513 if (copy_from_user(&psinfo->pr_psargs,
1514 (const char __user *)mm->arg_start, len))
1516 for(i = 0; i < len; i++)
1517 if (psinfo->pr_psargs[i] == 0)
1518 psinfo->pr_psargs[i] = ' ';
1519 psinfo->pr_psargs[len] = 0;
1522 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1524 psinfo->pr_pid = task_pid_vnr(p);
1525 psinfo->pr_pgrp = task_pgrp_vnr(p);
1526 psinfo->pr_sid = task_session_vnr(p);
1528 i = p->state ? ffz(~p->state) + 1 : 0;
1529 psinfo->pr_state = i;
1530 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1531 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1532 psinfo->pr_nice = task_nice(p);
1533 psinfo->pr_flag = p->flags;
1535 cred = __task_cred(p);
1536 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1537 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1539 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1544 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1546 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1550 while (auxv[i - 2] != AT_NULL);
1551 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1554 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1555 const kernel_siginfo_t *siginfo)
1557 mm_segment_t old_fs = get_fs();
1559 copy_siginfo_to_user((user_siginfo_t __user *) csigdata, siginfo);
1561 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1564 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1566 * Format of NT_FILE note:
1568 * long count -- how many files are mapped
1569 * long page_size -- units for file_ofs
1570 * array of [COUNT] elements of
1574 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1576 static int fill_files_note(struct memelfnote *note)
1578 struct vm_area_struct *vma;
1579 unsigned count, size, names_ofs, remaining, n;
1581 user_long_t *start_end_ofs;
1582 char *name_base, *name_curpos;
1584 /* *Estimated* file count and total data size needed */
1585 count = current->mm->map_count;
1586 if (count > UINT_MAX / 64)
1590 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1592 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1594 size = round_up(size, PAGE_SIZE);
1595 data = kvmalloc(size, GFP_KERNEL);
1596 if (ZERO_OR_NULL_PTR(data))
1599 start_end_ofs = data + 2;
1600 name_base = name_curpos = ((char *)data) + names_ofs;
1601 remaining = size - names_ofs;
1603 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1605 const char *filename;
1607 file = vma->vm_file;
1610 filename = file_path(file, name_curpos, remaining);
1611 if (IS_ERR(filename)) {
1612 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1614 size = size * 5 / 4;
1620 /* file_path() fills at the end, move name down */
1621 /* n = strlen(filename) + 1: */
1622 n = (name_curpos + remaining) - filename;
1623 remaining = filename - name_curpos;
1624 memmove(name_curpos, filename, n);
1627 *start_end_ofs++ = vma->vm_start;
1628 *start_end_ofs++ = vma->vm_end;
1629 *start_end_ofs++ = vma->vm_pgoff;
1633 /* Now we know exact count of files, can store it */
1635 data[1] = PAGE_SIZE;
1637 * Count usually is less than current->mm->map_count,
1638 * we need to move filenames down.
1640 n = current->mm->map_count - count;
1642 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1643 memmove(name_base - shift_bytes, name_base,
1644 name_curpos - name_base);
1645 name_curpos -= shift_bytes;
1648 size = name_curpos - (char *)data;
1649 fill_note(note, "CORE", NT_FILE, size, data);
1653 #ifdef CORE_DUMP_USE_REGSET
1654 #include <linux/regset.h>
1656 struct elf_thread_core_info {
1657 struct elf_thread_core_info *next;
1658 struct task_struct *task;
1659 struct elf_prstatus prstatus;
1660 struct memelfnote notes[0];
1663 struct elf_note_info {
1664 struct elf_thread_core_info *thread;
1665 struct memelfnote psinfo;
1666 struct memelfnote signote;
1667 struct memelfnote auxv;
1668 struct memelfnote files;
1669 user_siginfo_t csigdata;
1675 * When a regset has a writeback hook, we call it on each thread before
1676 * dumping user memory. On register window machines, this makes sure the
1677 * user memory backing the register data is up to date before we read it.
1679 static void do_thread_regset_writeback(struct task_struct *task,
1680 const struct user_regset *regset)
1682 if (regset->writeback)
1683 regset->writeback(task, regset, 1);
1686 #ifndef PRSTATUS_SIZE
1687 #define PRSTATUS_SIZE(S, R) sizeof(S)
1690 #ifndef SET_PR_FPVALID
1691 #define SET_PR_FPVALID(S, V, R) ((S)->pr_fpvalid = (V))
1694 static int fill_thread_core_info(struct elf_thread_core_info *t,
1695 const struct user_regset_view *view,
1696 long signr, size_t *total)
1699 unsigned int regset0_size = regset_size(t->task, &view->regsets[0]);
1702 * NT_PRSTATUS is the one special case, because the regset data
1703 * goes into the pr_reg field inside the note contents, rather
1704 * than being the whole note contents. We fill the reset in here.
1705 * We assume that regset 0 is NT_PRSTATUS.
1707 fill_prstatus(&t->prstatus, t->task, signr);
1708 (void) view->regsets[0].get(t->task, &view->regsets[0], 0, regset0_size,
1709 &t->prstatus.pr_reg, NULL);
1711 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1712 PRSTATUS_SIZE(t->prstatus, regset0_size), &t->prstatus);
1713 *total += notesize(&t->notes[0]);
1715 do_thread_regset_writeback(t->task, &view->regsets[0]);
1718 * Each other regset might generate a note too. For each regset
1719 * that has no core_note_type or is inactive, we leave t->notes[i]
1720 * all zero and we'll know to skip writing it later.
1722 for (i = 1; i < view->n; ++i) {
1723 const struct user_regset *regset = &view->regsets[i];
1724 do_thread_regset_writeback(t->task, regset);
1725 if (regset->core_note_type && regset->get &&
1726 (!regset->active || regset->active(t->task, regset) > 0)) {
1728 size_t size = regset_size(t->task, regset);
1729 void *data = kmalloc(size, GFP_KERNEL);
1730 if (unlikely(!data))
1732 ret = regset->get(t->task, regset,
1733 0, size, data, NULL);
1737 if (regset->core_note_type != NT_PRFPREG)
1738 fill_note(&t->notes[i], "LINUX",
1739 regset->core_note_type,
1742 SET_PR_FPVALID(&t->prstatus,
1744 fill_note(&t->notes[i], "CORE",
1745 NT_PRFPREG, size, data);
1747 *total += notesize(&t->notes[i]);
1755 static int fill_note_info(struct elfhdr *elf, int phdrs,
1756 struct elf_note_info *info,
1757 const kernel_siginfo_t *siginfo, struct pt_regs *regs)
1759 struct task_struct *dump_task = current;
1760 const struct user_regset_view *view = task_user_regset_view(dump_task);
1761 struct elf_thread_core_info *t;
1762 struct elf_prpsinfo *psinfo;
1763 struct core_thread *ct;
1767 info->thread = NULL;
1769 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1770 if (psinfo == NULL) {
1771 info->psinfo.data = NULL; /* So we don't free this wrongly */
1775 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1778 * Figure out how many notes we're going to need for each thread.
1780 info->thread_notes = 0;
1781 for (i = 0; i < view->n; ++i)
1782 if (view->regsets[i].core_note_type != 0)
1783 ++info->thread_notes;
1786 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1787 * since it is our one special case.
1789 if (unlikely(info->thread_notes == 0) ||
1790 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1796 * Initialize the ELF file header.
1798 fill_elf_header(elf, phdrs,
1799 view->e_machine, view->e_flags);
1802 * Allocate a structure for each thread.
1804 for (ct = &dump_task->mm->core_state->dumper; ct; ct = ct->next) {
1805 t = kzalloc(offsetof(struct elf_thread_core_info,
1806 notes[info->thread_notes]),
1812 if (ct->task == dump_task || !info->thread) {
1813 t->next = info->thread;
1817 * Make sure to keep the original task at
1818 * the head of the list.
1820 t->next = info->thread->next;
1821 info->thread->next = t;
1826 * Now fill in each thread's information.
1828 for (t = info->thread; t != NULL; t = t->next)
1829 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
1833 * Fill in the two process-wide notes.
1835 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1836 info->size += notesize(&info->psinfo);
1838 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1839 info->size += notesize(&info->signote);
1841 fill_auxv_note(&info->auxv, current->mm);
1842 info->size += notesize(&info->auxv);
1844 if (fill_files_note(&info->files) == 0)
1845 info->size += notesize(&info->files);
1850 static size_t get_note_info_size(struct elf_note_info *info)
1856 * Write all the notes for each thread. When writing the first thread, the
1857 * process-wide notes are interleaved after the first thread-specific note.
1859 static int write_note_info(struct elf_note_info *info,
1860 struct coredump_params *cprm)
1863 struct elf_thread_core_info *t = info->thread;
1868 if (!writenote(&t->notes[0], cprm))
1871 if (first && !writenote(&info->psinfo, cprm))
1873 if (first && !writenote(&info->signote, cprm))
1875 if (first && !writenote(&info->auxv, cprm))
1877 if (first && info->files.data &&
1878 !writenote(&info->files, cprm))
1881 for (i = 1; i < info->thread_notes; ++i)
1882 if (t->notes[i].data &&
1883 !writenote(&t->notes[i], cprm))
1893 static void free_note_info(struct elf_note_info *info)
1895 struct elf_thread_core_info *threads = info->thread;
1898 struct elf_thread_core_info *t = threads;
1900 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1901 for (i = 1; i < info->thread_notes; ++i)
1902 kfree(t->notes[i].data);
1905 kfree(info->psinfo.data);
1906 kvfree(info->files.data);
1911 /* Here is the structure in which status of each thread is captured. */
1912 struct elf_thread_status
1914 struct list_head list;
1915 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1916 elf_fpregset_t fpu; /* NT_PRFPREG */
1917 struct task_struct *thread;
1918 #ifdef ELF_CORE_COPY_XFPREGS
1919 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1921 struct memelfnote notes[3];
1926 * In order to add the specific thread information for the elf file format,
1927 * we need to keep a linked list of every threads pr_status and then create
1928 * a single section for them in the final core file.
1930 static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1933 struct task_struct *p = t->thread;
1936 fill_prstatus(&t->prstatus, p, signr);
1937 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1939 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1942 sz += notesize(&t->notes[0]);
1944 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
1946 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
1949 sz += notesize(&t->notes[1]);
1952 #ifdef ELF_CORE_COPY_XFPREGS
1953 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
1954 fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
1955 sizeof(t->xfpu), &t->xfpu);
1957 sz += notesize(&t->notes[2]);
1963 struct elf_note_info {
1964 struct memelfnote *notes;
1965 struct memelfnote *notes_files;
1966 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1967 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1968 struct list_head thread_list;
1969 elf_fpregset_t *fpu;
1970 #ifdef ELF_CORE_COPY_XFPREGS
1971 elf_fpxregset_t *xfpu;
1973 user_siginfo_t csigdata;
1974 int thread_status_size;
1978 static int elf_note_info_init(struct elf_note_info *info)
1980 memset(info, 0, sizeof(*info));
1981 INIT_LIST_HEAD(&info->thread_list);
1983 /* Allocate space for ELF notes */
1984 info->notes = kmalloc_array(8, sizeof(struct memelfnote), GFP_KERNEL);
1987 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
1990 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
1991 if (!info->prstatus)
1993 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
1996 #ifdef ELF_CORE_COPY_XFPREGS
1997 info->xfpu = kmalloc(sizeof(*info->xfpu), GFP_KERNEL);
2004 static int fill_note_info(struct elfhdr *elf, int phdrs,
2005 struct elf_note_info *info,
2006 const kernel_siginfo_t *siginfo, struct pt_regs *regs)
2008 struct core_thread *ct;
2009 struct elf_thread_status *ets;
2011 if (!elf_note_info_init(info))
2014 for (ct = current->mm->core_state->dumper.next;
2015 ct; ct = ct->next) {
2016 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
2020 ets->thread = ct->task;
2021 list_add(&ets->list, &info->thread_list);
2024 list_for_each_entry(ets, &info->thread_list, list) {
2027 sz = elf_dump_thread_status(siginfo->si_signo, ets);
2028 info->thread_status_size += sz;
2030 /* now collect the dump for the current */
2031 memset(info->prstatus, 0, sizeof(*info->prstatus));
2032 fill_prstatus(info->prstatus, current, siginfo->si_signo);
2033 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
2036 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
2039 * Set up the notes in similar form to SVR4 core dumps made
2040 * with info from their /proc.
2043 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
2044 sizeof(*info->prstatus), info->prstatus);
2045 fill_psinfo(info->psinfo, current->group_leader, current->mm);
2046 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
2047 sizeof(*info->psinfo), info->psinfo);
2049 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
2050 fill_auxv_note(info->notes + 3, current->mm);
2053 if (fill_files_note(info->notes + info->numnote) == 0) {
2054 info->notes_files = info->notes + info->numnote;
2058 /* Try to dump the FPU. */
2059 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
2061 if (info->prstatus->pr_fpvalid)
2062 fill_note(info->notes + info->numnote++,
2063 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
2064 #ifdef ELF_CORE_COPY_XFPREGS
2065 if (elf_core_copy_task_xfpregs(current, info->xfpu))
2066 fill_note(info->notes + info->numnote++,
2067 "LINUX", ELF_CORE_XFPREG_TYPE,
2068 sizeof(*info->xfpu), info->xfpu);
2074 static size_t get_note_info_size(struct elf_note_info *info)
2079 for (i = 0; i < info->numnote; i++)
2080 sz += notesize(info->notes + i);
2082 sz += info->thread_status_size;
2087 static int write_note_info(struct elf_note_info *info,
2088 struct coredump_params *cprm)
2090 struct elf_thread_status *ets;
2093 for (i = 0; i < info->numnote; i++)
2094 if (!writenote(info->notes + i, cprm))
2097 /* write out the thread status notes section */
2098 list_for_each_entry(ets, &info->thread_list, list) {
2099 for (i = 0; i < ets->num_notes; i++)
2100 if (!writenote(&ets->notes[i], cprm))
2107 static void free_note_info(struct elf_note_info *info)
2109 while (!list_empty(&info->thread_list)) {
2110 struct list_head *tmp = info->thread_list.next;
2112 kfree(list_entry(tmp, struct elf_thread_status, list));
2115 /* Free data possibly allocated by fill_files_note(): */
2116 if (info->notes_files)
2117 kvfree(info->notes_files->data);
2119 kfree(info->prstatus);
2120 kfree(info->psinfo);
2123 #ifdef ELF_CORE_COPY_XFPREGS
2130 static struct vm_area_struct *first_vma(struct task_struct *tsk,
2131 struct vm_area_struct *gate_vma)
2133 struct vm_area_struct *ret = tsk->mm->mmap;
2140 * Helper function for iterating across a vma list. It ensures that the caller
2141 * will visit `gate_vma' prior to terminating the search.
2143 static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
2144 struct vm_area_struct *gate_vma)
2146 struct vm_area_struct *ret;
2148 ret = this_vma->vm_next;
2151 if (this_vma == gate_vma)
2156 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2157 elf_addr_t e_shoff, int segs)
2159 elf->e_shoff = e_shoff;
2160 elf->e_shentsize = sizeof(*shdr4extnum);
2162 elf->e_shstrndx = SHN_UNDEF;
2164 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2166 shdr4extnum->sh_type = SHT_NULL;
2167 shdr4extnum->sh_size = elf->e_shnum;
2168 shdr4extnum->sh_link = elf->e_shstrndx;
2169 shdr4extnum->sh_info = segs;
2175 * This is a two-pass process; first we find the offsets of the bits,
2176 * and then they are actually written out. If we run out of core limit
2179 static int elf_core_dump(struct coredump_params *cprm)
2184 size_t vma_data_size = 0;
2185 struct vm_area_struct *vma, *gate_vma;
2186 struct elfhdr *elf = NULL;
2187 loff_t offset = 0, dataoff;
2188 struct elf_note_info info = { };
2189 struct elf_phdr *phdr4note = NULL;
2190 struct elf_shdr *shdr4extnum = NULL;
2193 elf_addr_t *vma_filesz = NULL;
2196 * We no longer stop all VM operations.
2198 * This is because those proceses that could possibly change map_count
2199 * or the mmap / vma pages are now blocked in do_exit on current
2200 * finishing this core dump.
2202 * Only ptrace can touch these memory addresses, but it doesn't change
2203 * the map_count or the pages allocated. So no possibility of crashing
2204 * exists while dumping the mm->vm_next areas to the core file.
2207 /* alloc memory for large data structures: too large to be on stack */
2208 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
2212 * The number of segs are recored into ELF header as 16bit value.
2213 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2215 segs = current->mm->map_count;
2216 segs += elf_core_extra_phdrs();
2218 gate_vma = get_gate_vma(current->mm);
2219 if (gate_vma != NULL)
2222 /* for notes section */
2225 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2226 * this, kernel supports extended numbering. Have a look at
2227 * include/linux/elf.h for further information. */
2228 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2231 * Collect all the non-memory information about the process for the
2232 * notes. This also sets up the file header.
2234 if (!fill_note_info(elf, e_phnum, &info, cprm->siginfo, cprm->regs))
2242 offset += sizeof(*elf); /* Elf header */
2243 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2245 /* Write notes phdr entry */
2247 size_t sz = get_note_info_size(&info);
2249 sz += elf_coredump_extra_notes_size();
2251 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2255 fill_elf_note_phdr(phdr4note, sz, offset);
2259 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2261 if (segs - 1 > ULONG_MAX / sizeof(*vma_filesz))
2263 vma_filesz = kvmalloc(array_size(sizeof(*vma_filesz), (segs - 1)),
2265 if (ZERO_OR_NULL_PTR(vma_filesz))
2268 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2269 vma = next_vma(vma, gate_vma)) {
2270 unsigned long dump_size;
2272 dump_size = vma_dump_size(vma, cprm->mm_flags);
2273 vma_filesz[i++] = dump_size;
2274 vma_data_size += dump_size;
2277 offset += vma_data_size;
2278 offset += elf_core_extra_data_size();
2281 if (e_phnum == PN_XNUM) {
2282 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2285 fill_extnum_info(elf, shdr4extnum, e_shoff, segs);
2290 if (!dump_emit(cprm, elf, sizeof(*elf)))
2293 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
2296 /* Write program headers for segments dump */
2297 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2298 vma = next_vma(vma, gate_vma)) {
2299 struct elf_phdr phdr;
2301 phdr.p_type = PT_LOAD;
2302 phdr.p_offset = offset;
2303 phdr.p_vaddr = vma->vm_start;
2305 phdr.p_filesz = vma_filesz[i++];
2306 phdr.p_memsz = vma->vm_end - vma->vm_start;
2307 offset += phdr.p_filesz;
2308 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
2309 if (vma->vm_flags & VM_WRITE)
2310 phdr.p_flags |= PF_W;
2311 if (vma->vm_flags & VM_EXEC)
2312 phdr.p_flags |= PF_X;
2313 phdr.p_align = ELF_EXEC_PAGESIZE;
2315 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
2319 if (!elf_core_write_extra_phdrs(cprm, offset))
2322 /* write out the notes section */
2323 if (!write_note_info(&info, cprm))
2326 if (elf_coredump_extra_notes_write(cprm))
2330 if (!dump_skip(cprm, dataoff - cprm->pos))
2333 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2334 vma = next_vma(vma, gate_vma)) {
2338 end = vma->vm_start + vma_filesz[i++];
2340 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
2344 page = get_dump_page(addr);
2346 void *kaddr = kmap(page);
2347 stop = !dump_emit(cprm, kaddr, PAGE_SIZE);
2351 stop = !dump_skip(cprm, PAGE_SIZE);
2356 dump_truncate(cprm);
2358 if (!elf_core_write_extra_data(cprm))
2361 if (e_phnum == PN_XNUM) {
2362 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
2370 free_note_info(&info);
2379 #endif /* CONFIG_ELF_CORE */
2381 static int __init init_elf_binfmt(void)
2383 register_binfmt(&elf_format);
2387 static void __exit exit_elf_binfmt(void)
2389 /* Remove the COFF and ELF loaders. */
2390 unregister_binfmt(&elf_format);
2393 core_initcall(init_elf_binfmt);
2394 module_exit(exit_elf_binfmt);
2395 MODULE_LICENSE("GPL");
projects / linux-2.6-microblaze.git / blob