2 * linux/fs/binfmt_elf.c
4 * These are the functions used to load ELF format executables as used
5 * on SVr4 machines. Information on the format may be found in the book
6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
12 #include <linux/module.h>
13 #include <linux/kernel.h>
16 #include <linux/mman.h>
17 #include <linux/errno.h>
18 #include <linux/signal.h>
19 #include <linux/binfmts.h>
20 #include <linux/string.h>
21 #include <linux/file.h>
22 #include <linux/slab.h>
23 #include <linux/personality.h>
24 #include <linux/elfcore.h>
25 #include <linux/init.h>
26 #include <linux/highuid.h>
27 #include <linux/compiler.h>
28 #include <linux/highmem.h>
29 #include <linux/pagemap.h>
30 #include <linux/vmalloc.h>
31 #include <linux/security.h>
32 #include <linux/random.h>
33 #include <linux/elf.h>
34 #include <linux/utsname.h>
35 #include <linux/coredump.h>
36 #include <linux/sched.h>
37 #include <asm/uaccess.h>
38 #include <asm/param.h>
42 #define user_long_t long
44 #ifndef user_siginfo_t
45 #define user_siginfo_t siginfo_t
48 static int load_elf_binary(struct linux_binprm *bprm);
49 static int load_elf_library(struct file *);
50 static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
51 int, int, unsigned long);
54 * If we don't support core dumping, then supply a NULL so we
57 #ifdef CONFIG_ELF_CORE
58 static int elf_core_dump(struct coredump_params *cprm);
60 #define elf_core_dump NULL
63 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
64 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
66 #define ELF_MIN_ALIGN PAGE_SIZE
69 #ifndef ELF_CORE_EFLAGS
70 #define ELF_CORE_EFLAGS 0
73 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
74 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
75 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
77 static struct linux_binfmt elf_format = {
78 .module = THIS_MODULE,
79 .load_binary = load_elf_binary,
80 .load_shlib = load_elf_library,
81 .core_dump = elf_core_dump,
82 .min_coredump = ELF_EXEC_PAGESIZE,
85 #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
87 static int set_brk(unsigned long start, unsigned long end)
89 start = ELF_PAGEALIGN(start);
90 end = ELF_PAGEALIGN(end);
93 addr = vm_brk(start, end - start);
97 current->mm->start_brk = current->mm->brk = end;
101 /* We need to explicitly zero any fractional pages
102 after the data section (i.e. bss). This would
103 contain the junk from the file that should not
106 static int padzero(unsigned long elf_bss)
110 nbyte = ELF_PAGEOFFSET(elf_bss);
112 nbyte = ELF_MIN_ALIGN - nbyte;
113 if (clear_user((void __user *) elf_bss, nbyte))
119 /* Let's use some macros to make this stack manipulation a little clearer */
120 #ifdef CONFIG_STACK_GROWSUP
121 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
122 #define STACK_ROUND(sp, items) \
123 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
124 #define STACK_ALLOC(sp, len) ({ \
125 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
128 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
129 #define STACK_ROUND(sp, items) \
130 (((unsigned long) (sp - items)) &~ 15UL)
131 #define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
134 #ifndef ELF_BASE_PLATFORM
136 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
137 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
138 * will be copied to the user stack in the same manner as AT_PLATFORM.
140 #define ELF_BASE_PLATFORM NULL
144 create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
145 unsigned long load_addr, unsigned long interp_load_addr)
147 unsigned long p = bprm->p;
148 int argc = bprm->argc;
149 int envc = bprm->envc;
150 elf_addr_t __user *argv;
151 elf_addr_t __user *envp;
152 elf_addr_t __user *sp;
153 elf_addr_t __user *u_platform;
154 elf_addr_t __user *u_base_platform;
155 elf_addr_t __user *u_rand_bytes;
156 const char *k_platform = ELF_PLATFORM;
157 const char *k_base_platform = ELF_BASE_PLATFORM;
158 unsigned char k_rand_bytes[16];
160 elf_addr_t *elf_info;
162 const struct cred *cred = current_cred();
163 struct vm_area_struct *vma;
166 * In some cases (e.g. Hyper-Threading), we want to avoid L1
167 * evictions by the processes running on the same package. One
168 * thing we can do is to shuffle the initial stack for them.
171 p = arch_align_stack(p);
174 * If this architecture has a platform capability string, copy it
175 * to userspace. In some cases (Sparc), this info is impossible
176 * for userspace to get any other way, in others (i386) it is
181 size_t len = strlen(k_platform) + 1;
183 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
184 if (__copy_to_user(u_platform, k_platform, len))
189 * If this architecture has a "base" platform capability
190 * string, copy it to userspace.
192 u_base_platform = NULL;
193 if (k_base_platform) {
194 size_t len = strlen(k_base_platform) + 1;
196 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
197 if (__copy_to_user(u_base_platform, k_base_platform, len))
202 * Generate 16 random bytes for userspace PRNG seeding.
204 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
205 u_rand_bytes = (elf_addr_t __user *)
206 STACK_ALLOC(p, sizeof(k_rand_bytes));
207 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
210 /* Create the ELF interpreter info */
211 elf_info = (elf_addr_t *)current->mm->saved_auxv;
212 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
213 #define NEW_AUX_ENT(id, val) \
215 elf_info[ei_index++] = id; \
216 elf_info[ei_index++] = val; \
221 * ARCH_DLINFO must come first so PPC can do its special alignment of
223 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
224 * ARCH_DLINFO changes
228 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
229 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
230 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
231 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
232 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
233 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
234 NEW_AUX_ENT(AT_BASE, interp_load_addr);
235 NEW_AUX_ENT(AT_FLAGS, 0);
236 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
237 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
238 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
239 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
240 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
241 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
242 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
244 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
246 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
248 NEW_AUX_ENT(AT_PLATFORM,
249 (elf_addr_t)(unsigned long)u_platform);
251 if (k_base_platform) {
252 NEW_AUX_ENT(AT_BASE_PLATFORM,
253 (elf_addr_t)(unsigned long)u_base_platform);
255 if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
256 NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
259 /* AT_NULL is zero; clear the rest too */
260 memset(&elf_info[ei_index], 0,
261 sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
263 /* And advance past the AT_NULL entry. */
266 sp = STACK_ADD(p, ei_index);
268 items = (argc + 1) + (envc + 1) + 1;
269 bprm->p = STACK_ROUND(sp, items);
271 /* Point sp at the lowest address on the stack */
272 #ifdef CONFIG_STACK_GROWSUP
273 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
274 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
276 sp = (elf_addr_t __user *)bprm->p;
281 * Grow the stack manually; some architectures have a limit on how
282 * far ahead a user-space access may be in order to grow the stack.
284 vma = find_extend_vma(current->mm, bprm->p);
288 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
289 if (__put_user(argc, sp++))
292 envp = argv + argc + 1;
294 /* Populate argv and envp */
295 p = current->mm->arg_end = current->mm->arg_start;
298 if (__put_user((elf_addr_t)p, argv++))
300 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
301 if (!len || len > MAX_ARG_STRLEN)
305 if (__put_user(0, argv))
307 current->mm->arg_end = current->mm->env_start = p;
310 if (__put_user((elf_addr_t)p, envp++))
312 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
313 if (!len || len > MAX_ARG_STRLEN)
317 if (__put_user(0, envp))
319 current->mm->env_end = p;
321 /* Put the elf_info on the stack in the right place. */
322 sp = (elf_addr_t __user *)envp + 1;
323 if (copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t)))
330 static unsigned long elf_map(struct file *filep, unsigned long addr,
331 struct elf_phdr *eppnt, int prot, int type,
332 unsigned long total_size)
334 unsigned long map_addr;
335 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
336 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
337 addr = ELF_PAGESTART(addr);
338 size = ELF_PAGEALIGN(size);
340 /* mmap() will return -EINVAL if given a zero size, but a
341 * segment with zero filesize is perfectly valid */
346 * total_size is the size of the ELF (interpreter) image.
347 * The _first_ mmap needs to know the full size, otherwise
348 * randomization might put this image into an overlapping
349 * position with the ELF binary image. (since size < total_size)
350 * So we first map the 'big' image - and unmap the remainder at
351 * the end. (which unmap is needed for ELF images with holes.)
354 total_size = ELF_PAGEALIGN(total_size);
355 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
356 if (!BAD_ADDR(map_addr))
357 vm_munmap(map_addr+size, total_size-size);
359 map_addr = vm_mmap(filep, addr, size, prot, type, off);
364 #endif /* !elf_map */
366 static unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
368 int i, first_idx = -1, last_idx = -1;
370 for (i = 0; i < nr; i++) {
371 if (cmds[i].p_type == PT_LOAD) {
380 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
381 ELF_PAGESTART(cmds[first_idx].p_vaddr);
385 /* This is much more generalized than the library routine read function,
386 so we keep this separate. Technically the library read function
387 is only provided so that we can read a.out libraries that have
390 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
391 struct file *interpreter, unsigned long *interp_map_addr,
392 unsigned long no_base)
394 struct elf_phdr *elf_phdata;
395 struct elf_phdr *eppnt;
396 unsigned long load_addr = 0;
397 int load_addr_set = 0;
398 unsigned long last_bss = 0, elf_bss = 0;
399 unsigned long error = ~0UL;
400 unsigned long total_size;
403 /* First of all, some simple consistency checks */
404 if (interp_elf_ex->e_type != ET_EXEC &&
405 interp_elf_ex->e_type != ET_DYN)
407 if (!elf_check_arch(interp_elf_ex))
409 if (!interpreter->f_op || !interpreter->f_op->mmap)
413 * If the size of this structure has changed, then punt, since
414 * we will be doing the wrong thing.
416 if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
418 if (interp_elf_ex->e_phnum < 1 ||
419 interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
422 /* Now read in all of the header information */
423 size = sizeof(struct elf_phdr) * interp_elf_ex->e_phnum;
424 if (size > ELF_MIN_ALIGN)
426 elf_phdata = kmalloc(size, GFP_KERNEL);
430 retval = kernel_read(interpreter, interp_elf_ex->e_phoff,
431 (char *)elf_phdata, size);
433 if (retval != size) {
439 total_size = total_mapping_size(elf_phdata, interp_elf_ex->e_phnum);
446 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
447 if (eppnt->p_type == PT_LOAD) {
448 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
450 unsigned long vaddr = 0;
451 unsigned long k, map_addr;
453 if (eppnt->p_flags & PF_R)
454 elf_prot = PROT_READ;
455 if (eppnt->p_flags & PF_W)
456 elf_prot |= PROT_WRITE;
457 if (eppnt->p_flags & PF_X)
458 elf_prot |= PROT_EXEC;
459 vaddr = eppnt->p_vaddr;
460 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
461 elf_type |= MAP_FIXED;
462 else if (no_base && interp_elf_ex->e_type == ET_DYN)
465 map_addr = elf_map(interpreter, load_addr + vaddr,
466 eppnt, elf_prot, elf_type, total_size);
468 if (!*interp_map_addr)
469 *interp_map_addr = map_addr;
471 if (BAD_ADDR(map_addr))
474 if (!load_addr_set &&
475 interp_elf_ex->e_type == ET_DYN) {
476 load_addr = map_addr - ELF_PAGESTART(vaddr);
481 * Check to see if the section's size will overflow the
482 * allowed task size. Note that p_filesz must always be
483 * <= p_memsize so it's only necessary to check p_memsz.
485 k = load_addr + eppnt->p_vaddr;
487 eppnt->p_filesz > eppnt->p_memsz ||
488 eppnt->p_memsz > TASK_SIZE ||
489 TASK_SIZE - eppnt->p_memsz < k) {
495 * Find the end of the file mapping for this phdr, and
496 * keep track of the largest address we see for this.
498 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
503 * Do the same thing for the memory mapping - between
504 * elf_bss and last_bss is the bss section.
506 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
512 if (last_bss > elf_bss) {
514 * Now fill out the bss section. First pad the last page up
515 * to the page boundary, and then perform a mmap to make sure
516 * that there are zero-mapped pages up to and including the
519 if (padzero(elf_bss)) {
524 /* What we have mapped so far */
525 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1);
527 /* Map the last of the bss segment */
528 error = vm_brk(elf_bss, last_bss - elf_bss);
542 * These are the functions used to load ELF style executables and shared
543 * libraries. There is no binary dependent code anywhere else.
546 #define INTERPRETER_NONE 0
547 #define INTERPRETER_ELF 2
549 #ifndef STACK_RND_MASK
550 #define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
553 static unsigned long randomize_stack_top(unsigned long stack_top)
555 unsigned long random_variable = 0;
557 if ((current->flags & PF_RANDOMIZE) &&
558 !(current->personality & ADDR_NO_RANDOMIZE)) {
559 random_variable = (unsigned long) get_random_int();
560 random_variable &= STACK_RND_MASK;
561 random_variable <<= PAGE_SHIFT;
563 #ifdef CONFIG_STACK_GROWSUP
564 return PAGE_ALIGN(stack_top) + random_variable;
566 return PAGE_ALIGN(stack_top) - random_variable;
570 static int load_elf_binary(struct linux_binprm *bprm)
572 struct file *interpreter = NULL; /* to shut gcc up */
573 unsigned long load_addr = 0, load_bias = 0;
574 int load_addr_set = 0;
575 char * elf_interpreter = NULL;
577 struct elf_phdr *elf_ppnt, *elf_phdata;
578 unsigned long elf_bss, elf_brk;
581 unsigned long elf_entry;
582 unsigned long interp_load_addr = 0;
583 unsigned long start_code, end_code, start_data, end_data;
584 unsigned long reloc_func_desc __maybe_unused = 0;
585 int executable_stack = EXSTACK_DEFAULT;
586 unsigned long def_flags = 0;
587 struct pt_regs *regs = current_pt_regs();
589 struct elfhdr elf_ex;
590 struct elfhdr interp_elf_ex;
593 loc = kmalloc(sizeof(*loc), GFP_KERNEL);
599 /* Get the exec-header */
600 loc->elf_ex = *((struct elfhdr *)bprm->buf);
603 /* First of all, some simple consistency checks */
604 if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
607 if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
609 if (!elf_check_arch(&loc->elf_ex))
611 if (!bprm->file->f_op || !bprm->file->f_op->mmap)
614 /* Now read in all of the header information */
615 if (loc->elf_ex.e_phentsize != sizeof(struct elf_phdr))
617 if (loc->elf_ex.e_phnum < 1 ||
618 loc->elf_ex.e_phnum > 65536U / sizeof(struct elf_phdr))
620 size = loc->elf_ex.e_phnum * sizeof(struct elf_phdr);
622 elf_phdata = kmalloc(size, GFP_KERNEL);
626 retval = kernel_read(bprm->file, loc->elf_ex.e_phoff,
627 (char *)elf_phdata, size);
628 if (retval != size) {
634 elf_ppnt = elf_phdata;
643 for (i = 0; i < loc->elf_ex.e_phnum; i++) {
644 if (elf_ppnt->p_type == PT_INTERP) {
645 /* This is the program interpreter used for
646 * shared libraries - for now assume that this
647 * is an a.out format binary
650 if (elf_ppnt->p_filesz > PATH_MAX ||
651 elf_ppnt->p_filesz < 2)
655 elf_interpreter = kmalloc(elf_ppnt->p_filesz,
657 if (!elf_interpreter)
660 retval = kernel_read(bprm->file, elf_ppnt->p_offset,
663 if (retval != elf_ppnt->p_filesz) {
666 goto out_free_interp;
668 /* make sure path is NULL terminated */
670 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
671 goto out_free_interp;
673 interpreter = open_exec(elf_interpreter);
674 retval = PTR_ERR(interpreter);
675 if (IS_ERR(interpreter))
676 goto out_free_interp;
679 * If the binary is not readable then enforce
680 * mm->dumpable = 0 regardless of the interpreter's
683 would_dump(bprm, interpreter);
685 retval = kernel_read(interpreter, 0, bprm->buf,
687 if (retval != BINPRM_BUF_SIZE) {
690 goto out_free_dentry;
693 /* Get the exec headers */
694 loc->interp_elf_ex = *((struct elfhdr *)bprm->buf);
700 elf_ppnt = elf_phdata;
701 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
702 if (elf_ppnt->p_type == PT_GNU_STACK) {
703 if (elf_ppnt->p_flags & PF_X)
704 executable_stack = EXSTACK_ENABLE_X;
706 executable_stack = EXSTACK_DISABLE_X;
710 /* Some simple consistency checks for the interpreter */
711 if (elf_interpreter) {
713 /* Not an ELF interpreter */
714 if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
715 goto out_free_dentry;
716 /* Verify the interpreter has a valid arch */
717 if (!elf_check_arch(&loc->interp_elf_ex))
718 goto out_free_dentry;
721 /* Flush all traces of the currently running executable */
722 retval = flush_old_exec(bprm);
724 goto out_free_dentry;
726 /* OK, This is the point of no return */
727 current->mm->def_flags = def_flags;
729 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
730 may depend on the personality. */
731 SET_PERSONALITY(loc->elf_ex);
732 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
733 current->personality |= READ_IMPLIES_EXEC;
735 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
736 current->flags |= PF_RANDOMIZE;
738 setup_new_exec(bprm);
740 /* Do this so that we can load the interpreter, if need be. We will
741 change some of these later */
742 current->mm->free_area_cache = current->mm->mmap_base;
743 current->mm->cached_hole_size = 0;
744 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
747 send_sig(SIGKILL, current, 0);
748 goto out_free_dentry;
751 current->mm->start_stack = bprm->p;
753 /* Now we do a little grungy work by mmapping the ELF image into
754 the correct location in memory. */
755 for(i = 0, elf_ppnt = elf_phdata;
756 i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
757 int elf_prot = 0, elf_flags;
758 unsigned long k, vaddr;
760 if (elf_ppnt->p_type != PT_LOAD)
763 if (unlikely (elf_brk > elf_bss)) {
766 /* There was a PT_LOAD segment with p_memsz > p_filesz
767 before this one. Map anonymous pages, if needed,
768 and clear the area. */
769 retval = set_brk(elf_bss + load_bias,
770 elf_brk + load_bias);
772 send_sig(SIGKILL, current, 0);
773 goto out_free_dentry;
775 nbyte = ELF_PAGEOFFSET(elf_bss);
777 nbyte = ELF_MIN_ALIGN - nbyte;
778 if (nbyte > elf_brk - elf_bss)
779 nbyte = elf_brk - elf_bss;
780 if (clear_user((void __user *)elf_bss +
783 * This bss-zeroing can fail if the ELF
784 * file specifies odd protections. So
785 * we don't check the return value
791 if (elf_ppnt->p_flags & PF_R)
792 elf_prot |= PROT_READ;
793 if (elf_ppnt->p_flags & PF_W)
794 elf_prot |= PROT_WRITE;
795 if (elf_ppnt->p_flags & PF_X)
796 elf_prot |= PROT_EXEC;
798 elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
800 vaddr = elf_ppnt->p_vaddr;
801 if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
802 elf_flags |= MAP_FIXED;
803 } else if (loc->elf_ex.e_type == ET_DYN) {
804 /* Try and get dynamic programs out of the way of the
805 * default mmap base, as well as whatever program they
806 * might try to exec. This is because the brk will
807 * follow the loader, and is not movable. */
808 #ifdef CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE
809 /* Memory randomization might have been switched off
810 * in runtime via sysctl or explicit setting of
812 * If that is the case, retain the original non-zero
813 * load_bias value in order to establish proper
814 * non-randomized mappings.
816 if (current->flags & PF_RANDOMIZE)
819 load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
821 load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
825 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
826 elf_prot, elf_flags, 0);
827 if (BAD_ADDR(error)) {
828 send_sig(SIGKILL, current, 0);
829 retval = IS_ERR((void *)error) ?
830 PTR_ERR((void*)error) : -EINVAL;
831 goto out_free_dentry;
834 if (!load_addr_set) {
836 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
837 if (loc->elf_ex.e_type == ET_DYN) {
839 ELF_PAGESTART(load_bias + vaddr);
840 load_addr += load_bias;
841 reloc_func_desc = load_bias;
844 k = elf_ppnt->p_vaddr;
851 * Check to see if the section's size will overflow the
852 * allowed task size. Note that p_filesz must always be
853 * <= p_memsz so it is only necessary to check p_memsz.
855 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
856 elf_ppnt->p_memsz > TASK_SIZE ||
857 TASK_SIZE - elf_ppnt->p_memsz < k) {
858 /* set_brk can never work. Avoid overflows. */
859 send_sig(SIGKILL, current, 0);
861 goto out_free_dentry;
864 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
868 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
872 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
877 loc->elf_ex.e_entry += load_bias;
878 elf_bss += load_bias;
879 elf_brk += load_bias;
880 start_code += load_bias;
881 end_code += load_bias;
882 start_data += load_bias;
883 end_data += load_bias;
885 /* Calling set_brk effectively mmaps the pages that we need
886 * for the bss and break sections. We must do this before
887 * mapping in the interpreter, to make sure it doesn't wind
888 * up getting placed where the bss needs to go.
890 retval = set_brk(elf_bss, elf_brk);
892 send_sig(SIGKILL, current, 0);
893 goto out_free_dentry;
895 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
896 send_sig(SIGSEGV, current, 0);
897 retval = -EFAULT; /* Nobody gets to see this, but.. */
898 goto out_free_dentry;
901 if (elf_interpreter) {
902 unsigned long interp_map_addr = 0;
904 elf_entry = load_elf_interp(&loc->interp_elf_ex,
908 if (!IS_ERR((void *)elf_entry)) {
910 * load_elf_interp() returns relocation
913 interp_load_addr = elf_entry;
914 elf_entry += loc->interp_elf_ex.e_entry;
916 if (BAD_ADDR(elf_entry)) {
917 force_sig(SIGSEGV, current);
918 retval = IS_ERR((void *)elf_entry) ?
919 (int)elf_entry : -EINVAL;
920 goto out_free_dentry;
922 reloc_func_desc = interp_load_addr;
924 allow_write_access(interpreter);
926 kfree(elf_interpreter);
928 elf_entry = loc->elf_ex.e_entry;
929 if (BAD_ADDR(elf_entry)) {
930 force_sig(SIGSEGV, current);
932 goto out_free_dentry;
938 set_binfmt(&elf_format);
940 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
941 retval = arch_setup_additional_pages(bprm, !!elf_interpreter);
943 send_sig(SIGKILL, current, 0);
946 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
948 install_exec_creds(bprm);
949 retval = create_elf_tables(bprm, &loc->elf_ex,
950 load_addr, interp_load_addr);
952 send_sig(SIGKILL, current, 0);
955 /* N.B. passed_fileno might not be initialized? */
956 current->mm->end_code = end_code;
957 current->mm->start_code = start_code;
958 current->mm->start_data = start_data;
959 current->mm->end_data = end_data;
960 current->mm->start_stack = bprm->p;
962 #ifdef arch_randomize_brk
963 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
964 current->mm->brk = current->mm->start_brk =
965 arch_randomize_brk(current->mm);
966 #ifdef CONFIG_COMPAT_BRK
967 current->brk_randomized = 1;
972 if (current->personality & MMAP_PAGE_ZERO) {
973 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
974 and some applications "depend" upon this behavior.
975 Since we do not have the power to recompile these, we
976 emulate the SVr4 behavior. Sigh. */
977 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
978 MAP_FIXED | MAP_PRIVATE, 0);
983 * The ABI may specify that certain registers be set up in special
984 * ways (on i386 %edx is the address of a DT_FINI function, for
985 * example. In addition, it may also specify (eg, PowerPC64 ELF)
986 * that the e_entry field is the address of the function descriptor
987 * for the startup routine, rather than the address of the startup
988 * routine itself. This macro performs whatever initialization to
989 * the regs structure is required as well as any relocations to the
990 * function descriptor entries when executing dynamically links apps.
992 ELF_PLAT_INIT(regs, reloc_func_desc);
995 start_thread(regs, elf_entry, bprm->p);
1004 allow_write_access(interpreter);
1008 kfree(elf_interpreter);
1014 /* This is really simpleminded and specialized - we are loading an
1015 a.out library that is given an ELF header. */
1016 static int load_elf_library(struct file *file)
1018 struct elf_phdr *elf_phdata;
1019 struct elf_phdr *eppnt;
1020 unsigned long elf_bss, bss, len;
1021 int retval, error, i, j;
1022 struct elfhdr elf_ex;
1025 retval = kernel_read(file, 0, (char *)&elf_ex, sizeof(elf_ex));
1026 if (retval != sizeof(elf_ex))
1029 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1032 /* First of all, some simple consistency checks */
1033 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1034 !elf_check_arch(&elf_ex) || !file->f_op || !file->f_op->mmap)
1037 /* Now read in all of the header information */
1039 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1040 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1043 elf_phdata = kmalloc(j, GFP_KERNEL);
1049 retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
1053 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1054 if ((eppnt + i)->p_type == PT_LOAD)
1059 while (eppnt->p_type != PT_LOAD)
1062 /* Now use mmap to map the library into memory. */
1063 error = vm_mmap(file,
1064 ELF_PAGESTART(eppnt->p_vaddr),
1066 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1067 PROT_READ | PROT_WRITE | PROT_EXEC,
1068 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
1070 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1071 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1074 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1075 if (padzero(elf_bss)) {
1080 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
1082 bss = eppnt->p_memsz + eppnt->p_vaddr;
1084 vm_brk(len, bss - len);
1093 #ifdef CONFIG_ELF_CORE
1097 * Modelled on fs/exec.c:aout_core_dump()
1098 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1102 * The purpose of always_dump_vma() is to make sure that special kernel mappings
1103 * that are useful for post-mortem analysis are included in every core dump.
1104 * In that way we ensure that the core dump is fully interpretable later
1105 * without matching up the same kernel and hardware config to see what PC values
1106 * meant. These special mappings include - vDSO, vsyscall, and other
1107 * architecture specific mappings
1109 static bool always_dump_vma(struct vm_area_struct *vma)
1111 /* Any vsyscall mappings? */
1112 if (vma == get_gate_vma(vma->vm_mm))
1115 * arch_vma_name() returns non-NULL for special architecture mappings,
1116 * such as vDSO sections.
1118 if (arch_vma_name(vma))
1125 * Decide what to dump of a segment, part, all or none.
1127 static unsigned long vma_dump_size(struct vm_area_struct *vma,
1128 unsigned long mm_flags)
1130 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
1132 /* always dump the vdso and vsyscall sections */
1133 if (always_dump_vma(vma))
1136 if (vma->vm_flags & VM_DONTDUMP)
1139 /* Hugetlb memory check */
1140 if (vma->vm_flags & VM_HUGETLB) {
1141 if ((vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_SHARED))
1143 if (!(vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_PRIVATE))
1148 /* Do not dump I/O mapped devices or special mappings */
1149 if (vma->vm_flags & VM_IO)
1152 /* By default, dump shared memory if mapped from an anonymous file. */
1153 if (vma->vm_flags & VM_SHARED) {
1154 if (file_inode(vma->vm_file)->i_nlink == 0 ?
1155 FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
1160 /* Dump segments that have been written to. */
1161 if (vma->anon_vma && FILTER(ANON_PRIVATE))
1163 if (vma->vm_file == NULL)
1166 if (FILTER(MAPPED_PRIVATE))
1170 * If this looks like the beginning of a DSO or executable mapping,
1171 * check for an ELF header. If we find one, dump the first page to
1172 * aid in determining what was mapped here.
1174 if (FILTER(ELF_HEADERS) &&
1175 vma->vm_pgoff == 0 && (vma->vm_flags & VM_READ)) {
1176 u32 __user *header = (u32 __user *) vma->vm_start;
1178 mm_segment_t fs = get_fs();
1180 * Doing it this way gets the constant folded by GCC.
1184 char elfmag[SELFMAG];
1186 BUILD_BUG_ON(SELFMAG != sizeof word);
1187 magic.elfmag[EI_MAG0] = ELFMAG0;
1188 magic.elfmag[EI_MAG1] = ELFMAG1;
1189 magic.elfmag[EI_MAG2] = ELFMAG2;
1190 magic.elfmag[EI_MAG3] = ELFMAG3;
1192 * Switch to the user "segment" for get_user(),
1193 * then put back what elf_core_dump() had in place.
1196 if (unlikely(get_user(word, header)))
1199 if (word == magic.cmp)
1208 return vma->vm_end - vma->vm_start;
1211 /* An ELF note in memory */
1216 unsigned int datasz;
1220 static int notesize(struct memelfnote *en)
1224 sz = sizeof(struct elf_note);
1225 sz += roundup(strlen(en->name) + 1, 4);
1226 sz += roundup(en->datasz, 4);
1231 #define DUMP_WRITE(addr, nr, foffset) \
1232 do { if (!dump_write(file, (addr), (nr))) return 0; *foffset += (nr); } while(0)
1234 static int alignfile(struct file *file, loff_t *foffset)
1236 static const char buf[4] = { 0, };
1237 DUMP_WRITE(buf, roundup(*foffset, 4) - *foffset, foffset);
1241 static int writenote(struct memelfnote *men, struct file *file,
1245 en.n_namesz = strlen(men->name) + 1;
1246 en.n_descsz = men->datasz;
1247 en.n_type = men->type;
1249 DUMP_WRITE(&en, sizeof(en), foffset);
1250 DUMP_WRITE(men->name, en.n_namesz, foffset);
1251 if (!alignfile(file, foffset))
1253 DUMP_WRITE(men->data, men->datasz, foffset);
1254 if (!alignfile(file, foffset))
1261 static void fill_elf_header(struct elfhdr *elf, int segs,
1262 u16 machine, u32 flags)
1264 memset(elf, 0, sizeof(*elf));
1266 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1267 elf->e_ident[EI_CLASS] = ELF_CLASS;
1268 elf->e_ident[EI_DATA] = ELF_DATA;
1269 elf->e_ident[EI_VERSION] = EV_CURRENT;
1270 elf->e_ident[EI_OSABI] = ELF_OSABI;
1272 elf->e_type = ET_CORE;
1273 elf->e_machine = machine;
1274 elf->e_version = EV_CURRENT;
1275 elf->e_phoff = sizeof(struct elfhdr);
1276 elf->e_flags = flags;
1277 elf->e_ehsize = sizeof(struct elfhdr);
1278 elf->e_phentsize = sizeof(struct elf_phdr);
1279 elf->e_phnum = segs;
1284 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1286 phdr->p_type = PT_NOTE;
1287 phdr->p_offset = offset;
1290 phdr->p_filesz = sz;
1297 static void fill_note(struct memelfnote *note, const char *name, int type,
1298 unsigned int sz, void *data)
1308 * fill up all the fields in prstatus from the given task struct, except
1309 * registers which need to be filled up separately.
1311 static void fill_prstatus(struct elf_prstatus *prstatus,
1312 struct task_struct *p, long signr)
1314 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1315 prstatus->pr_sigpend = p->pending.signal.sig[0];
1316 prstatus->pr_sighold = p->blocked.sig[0];
1318 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1320 prstatus->pr_pid = task_pid_vnr(p);
1321 prstatus->pr_pgrp = task_pgrp_vnr(p);
1322 prstatus->pr_sid = task_session_vnr(p);
1323 if (thread_group_leader(p)) {
1324 struct task_cputime cputime;
1327 * This is the record for the group leader. It shows the
1328 * group-wide total, not its individual thread total.
1330 thread_group_cputime(p, &cputime);
1331 cputime_to_timeval(cputime.utime, &prstatus->pr_utime);
1332 cputime_to_timeval(cputime.stime, &prstatus->pr_stime);
1334 cputime_t utime, stime;
1336 task_cputime(p, &utime, &stime);
1337 cputime_to_timeval(utime, &prstatus->pr_utime);
1338 cputime_to_timeval(stime, &prstatus->pr_stime);
1340 cputime_to_timeval(p->signal->cutime, &prstatus->pr_cutime);
1341 cputime_to_timeval(p->signal->cstime, &prstatus->pr_cstime);
1344 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1345 struct mm_struct *mm)
1347 const struct cred *cred;
1348 unsigned int i, len;
1350 /* first copy the parameters from user space */
1351 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1353 len = mm->arg_end - mm->arg_start;
1354 if (len >= ELF_PRARGSZ)
1355 len = ELF_PRARGSZ-1;
1356 if (copy_from_user(&psinfo->pr_psargs,
1357 (const char __user *)mm->arg_start, len))
1359 for(i = 0; i < len; i++)
1360 if (psinfo->pr_psargs[i] == 0)
1361 psinfo->pr_psargs[i] = ' ';
1362 psinfo->pr_psargs[len] = 0;
1365 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1367 psinfo->pr_pid = task_pid_vnr(p);
1368 psinfo->pr_pgrp = task_pgrp_vnr(p);
1369 psinfo->pr_sid = task_session_vnr(p);
1371 i = p->state ? ffz(~p->state) + 1 : 0;
1372 psinfo->pr_state = i;
1373 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1374 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1375 psinfo->pr_nice = task_nice(p);
1376 psinfo->pr_flag = p->flags;
1378 cred = __task_cred(p);
1379 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1380 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1382 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1387 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1389 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1393 while (auxv[i - 2] != AT_NULL);
1394 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1397 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1400 mm_segment_t old_fs = get_fs();
1402 copy_siginfo_to_user((user_siginfo_t __user *) csigdata, siginfo);
1404 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1407 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1409 * Format of NT_FILE note:
1411 * long count -- how many files are mapped
1412 * long page_size -- units for file_ofs
1413 * array of [COUNT] elements of
1417 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1419 static int fill_files_note(struct memelfnote *note)
1421 struct vm_area_struct *vma;
1422 unsigned count, size, names_ofs, remaining, n;
1424 user_long_t *start_end_ofs;
1425 char *name_base, *name_curpos;
1427 /* *Estimated* file count and total data size needed */
1428 count = current->mm->map_count;
1431 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1433 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1435 size = round_up(size, PAGE_SIZE);
1436 data = vmalloc(size);
1440 start_end_ofs = data + 2;
1441 name_base = name_curpos = ((char *)data) + names_ofs;
1442 remaining = size - names_ofs;
1444 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1446 const char *filename;
1448 file = vma->vm_file;
1451 filename = d_path(&file->f_path, name_curpos, remaining);
1452 if (IS_ERR(filename)) {
1453 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1455 size = size * 5 / 4;
1461 /* d_path() fills at the end, move name down */
1462 /* n = strlen(filename) + 1: */
1463 n = (name_curpos + remaining) - filename;
1464 remaining = filename - name_curpos;
1465 memmove(name_curpos, filename, n);
1468 *start_end_ofs++ = vma->vm_start;
1469 *start_end_ofs++ = vma->vm_end;
1470 *start_end_ofs++ = vma->vm_pgoff;
1474 /* Now we know exact count of files, can store it */
1476 data[1] = PAGE_SIZE;
1478 * Count usually is less than current->mm->map_count,
1479 * we need to move filenames down.
1481 n = current->mm->map_count - count;
1483 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1484 memmove(name_base - shift_bytes, name_base,
1485 name_curpos - name_base);
1486 name_curpos -= shift_bytes;
1489 size = name_curpos - (char *)data;
1490 fill_note(note, "CORE", NT_FILE, size, data);
1494 #ifdef CORE_DUMP_USE_REGSET
1495 #include <linux/regset.h>
1497 struct elf_thread_core_info {
1498 struct elf_thread_core_info *next;
1499 struct task_struct *task;
1500 struct elf_prstatus prstatus;
1501 struct memelfnote notes[0];
1504 struct elf_note_info {
1505 struct elf_thread_core_info *thread;
1506 struct memelfnote psinfo;
1507 struct memelfnote signote;
1508 struct memelfnote auxv;
1509 struct memelfnote files;
1510 user_siginfo_t csigdata;
1516 * When a regset has a writeback hook, we call it on each thread before
1517 * dumping user memory. On register window machines, this makes sure the
1518 * user memory backing the register data is up to date before we read it.
1520 static void do_thread_regset_writeback(struct task_struct *task,
1521 const struct user_regset *regset)
1523 if (regset->writeback)
1524 regset->writeback(task, regset, 1);
1528 #define PR_REG_SIZE(S) sizeof(S)
1531 #ifndef PRSTATUS_SIZE
1532 #define PRSTATUS_SIZE(S) sizeof(S)
1536 #define PR_REG_PTR(S) (&((S)->pr_reg))
1539 #ifndef SET_PR_FPVALID
1540 #define SET_PR_FPVALID(S, V) ((S)->pr_fpvalid = (V))
1543 static int fill_thread_core_info(struct elf_thread_core_info *t,
1544 const struct user_regset_view *view,
1545 long signr, size_t *total)
1550 * NT_PRSTATUS is the one special case, because the regset data
1551 * goes into the pr_reg field inside the note contents, rather
1552 * than being the whole note contents. We fill the reset in here.
1553 * We assume that regset 0 is NT_PRSTATUS.
1555 fill_prstatus(&t->prstatus, t->task, signr);
1556 (void) view->regsets[0].get(t->task, &view->regsets[0],
1557 0, PR_REG_SIZE(t->prstatus.pr_reg),
1558 PR_REG_PTR(&t->prstatus), NULL);
1560 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1561 PRSTATUS_SIZE(t->prstatus), &t->prstatus);
1562 *total += notesize(&t->notes[0]);
1564 do_thread_regset_writeback(t->task, &view->regsets[0]);
1567 * Each other regset might generate a note too. For each regset
1568 * that has no core_note_type or is inactive, we leave t->notes[i]
1569 * all zero and we'll know to skip writing it later.
1571 for (i = 1; i < view->n; ++i) {
1572 const struct user_regset *regset = &view->regsets[i];
1573 do_thread_regset_writeback(t->task, regset);
1574 if (regset->core_note_type && regset->get &&
1575 (!regset->active || regset->active(t->task, regset))) {
1577 size_t size = regset->n * regset->size;
1578 void *data = kmalloc(size, GFP_KERNEL);
1579 if (unlikely(!data))
1581 ret = regset->get(t->task, regset,
1582 0, size, data, NULL);
1586 if (regset->core_note_type != NT_PRFPREG)
1587 fill_note(&t->notes[i], "LINUX",
1588 regset->core_note_type,
1591 SET_PR_FPVALID(&t->prstatus, 1);
1592 fill_note(&t->notes[i], "CORE",
1593 NT_PRFPREG, size, data);
1595 *total += notesize(&t->notes[i]);
1603 static int fill_note_info(struct elfhdr *elf, int phdrs,
1604 struct elf_note_info *info,
1605 siginfo_t *siginfo, struct pt_regs *regs)
1607 struct task_struct *dump_task = current;
1608 const struct user_regset_view *view = task_user_regset_view(dump_task);
1609 struct elf_thread_core_info *t;
1610 struct elf_prpsinfo *psinfo;
1611 struct core_thread *ct;
1615 info->thread = NULL;
1617 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1618 if (psinfo == NULL) {
1619 info->psinfo.data = NULL; /* So we don't free this wrongly */
1623 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1626 * Figure out how many notes we're going to need for each thread.
1628 info->thread_notes = 0;
1629 for (i = 0; i < view->n; ++i)
1630 if (view->regsets[i].core_note_type != 0)
1631 ++info->thread_notes;
1634 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1635 * since it is our one special case.
1637 if (unlikely(info->thread_notes == 0) ||
1638 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1644 * Initialize the ELF file header.
1646 fill_elf_header(elf, phdrs,
1647 view->e_machine, view->e_flags);
1650 * Allocate a structure for each thread.
1652 for (ct = &dump_task->mm->core_state->dumper; ct; ct = ct->next) {
1653 t = kzalloc(offsetof(struct elf_thread_core_info,
1654 notes[info->thread_notes]),
1660 if (ct->task == dump_task || !info->thread) {
1661 t->next = info->thread;
1665 * Make sure to keep the original task at
1666 * the head of the list.
1668 t->next = info->thread->next;
1669 info->thread->next = t;
1674 * Now fill in each thread's information.
1676 for (t = info->thread; t != NULL; t = t->next)
1677 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
1681 * Fill in the two process-wide notes.
1683 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1684 info->size += notesize(&info->psinfo);
1686 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1687 info->size += notesize(&info->signote);
1689 fill_auxv_note(&info->auxv, current->mm);
1690 info->size += notesize(&info->auxv);
1692 if (fill_files_note(&info->files) == 0)
1693 info->size += notesize(&info->files);
1698 static size_t get_note_info_size(struct elf_note_info *info)
1704 * Write all the notes for each thread. When writing the first thread, the
1705 * process-wide notes are interleaved after the first thread-specific note.
1707 static int write_note_info(struct elf_note_info *info,
1708 struct file *file, loff_t *foffset)
1711 struct elf_thread_core_info *t = info->thread;
1716 if (!writenote(&t->notes[0], file, foffset))
1719 if (first && !writenote(&info->psinfo, file, foffset))
1721 if (first && !writenote(&info->signote, file, foffset))
1723 if (first && !writenote(&info->auxv, file, foffset))
1725 if (first && info->files.data &&
1726 !writenote(&info->files, file, foffset))
1729 for (i = 1; i < info->thread_notes; ++i)
1730 if (t->notes[i].data &&
1731 !writenote(&t->notes[i], file, foffset))
1741 static void free_note_info(struct elf_note_info *info)
1743 struct elf_thread_core_info *threads = info->thread;
1746 struct elf_thread_core_info *t = threads;
1748 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1749 for (i = 1; i < info->thread_notes; ++i)
1750 kfree(t->notes[i].data);
1753 kfree(info->psinfo.data);
1754 vfree(info->files.data);
1759 /* Here is the structure in which status of each thread is captured. */
1760 struct elf_thread_status
1762 struct list_head list;
1763 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1764 elf_fpregset_t fpu; /* NT_PRFPREG */
1765 struct task_struct *thread;
1766 #ifdef ELF_CORE_COPY_XFPREGS
1767 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1769 struct memelfnote notes[3];
1774 * In order to add the specific thread information for the elf file format,
1775 * we need to keep a linked list of every threads pr_status and then create
1776 * a single section for them in the final core file.
1778 static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1781 struct task_struct *p = t->thread;
1784 fill_prstatus(&t->prstatus, p, signr);
1785 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1787 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1790 sz += notesize(&t->notes[0]);
1792 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
1794 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
1797 sz += notesize(&t->notes[1]);
1800 #ifdef ELF_CORE_COPY_XFPREGS
1801 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
1802 fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
1803 sizeof(t->xfpu), &t->xfpu);
1805 sz += notesize(&t->notes[2]);
1811 struct elf_note_info {
1812 struct memelfnote *notes;
1813 struct memelfnote *notes_files;
1814 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1815 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1816 struct list_head thread_list;
1817 elf_fpregset_t *fpu;
1818 #ifdef ELF_CORE_COPY_XFPREGS
1819 elf_fpxregset_t *xfpu;
1821 user_siginfo_t csigdata;
1822 int thread_status_size;
1826 static int elf_note_info_init(struct elf_note_info *info)
1828 memset(info, 0, sizeof(*info));
1829 INIT_LIST_HEAD(&info->thread_list);
1831 /* Allocate space for ELF notes */
1832 info->notes = kmalloc(8 * sizeof(struct memelfnote), GFP_KERNEL);
1835 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
1838 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
1839 if (!info->prstatus)
1841 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
1844 #ifdef ELF_CORE_COPY_XFPREGS
1845 info->xfpu = kmalloc(sizeof(*info->xfpu), GFP_KERNEL);
1852 static int fill_note_info(struct elfhdr *elf, int phdrs,
1853 struct elf_note_info *info,
1854 siginfo_t *siginfo, struct pt_regs *regs)
1856 struct list_head *t;
1858 if (!elf_note_info_init(info))
1861 if (siginfo->si_signo) {
1862 struct core_thread *ct;
1863 struct elf_thread_status *ets;
1865 for (ct = current->mm->core_state->dumper.next;
1866 ct; ct = ct->next) {
1867 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
1871 ets->thread = ct->task;
1872 list_add(&ets->list, &info->thread_list);
1875 list_for_each(t, &info->thread_list) {
1878 ets = list_entry(t, struct elf_thread_status, list);
1879 sz = elf_dump_thread_status(siginfo->si_signo, ets);
1880 info->thread_status_size += sz;
1883 /* now collect the dump for the current */
1884 memset(info->prstatus, 0, sizeof(*info->prstatus));
1885 fill_prstatus(info->prstatus, current, siginfo->si_signo);
1886 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
1889 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
1892 * Set up the notes in similar form to SVR4 core dumps made
1893 * with info from their /proc.
1896 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
1897 sizeof(*info->prstatus), info->prstatus);
1898 fill_psinfo(info->psinfo, current->group_leader, current->mm);
1899 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
1900 sizeof(*info->psinfo), info->psinfo);
1902 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
1903 fill_auxv_note(info->notes + 3, current->mm);
1906 if (fill_files_note(info->notes + info->numnote) == 0) {
1907 info->notes_files = info->notes + info->numnote;
1911 /* Try to dump the FPU. */
1912 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
1914 if (info->prstatus->pr_fpvalid)
1915 fill_note(info->notes + info->numnote++,
1916 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
1917 #ifdef ELF_CORE_COPY_XFPREGS
1918 if (elf_core_copy_task_xfpregs(current, info->xfpu))
1919 fill_note(info->notes + info->numnote++,
1920 "LINUX", ELF_CORE_XFPREG_TYPE,
1921 sizeof(*info->xfpu), info->xfpu);
1927 static size_t get_note_info_size(struct elf_note_info *info)
1932 for (i = 0; i < info->numnote; i++)
1933 sz += notesize(info->notes + i);
1935 sz += info->thread_status_size;
1940 static int write_note_info(struct elf_note_info *info,
1941 struct file *file, loff_t *foffset)
1944 struct list_head *t;
1946 for (i = 0; i < info->numnote; i++)
1947 if (!writenote(info->notes + i, file, foffset))
1950 /* write out the thread status notes section */
1951 list_for_each(t, &info->thread_list) {
1952 struct elf_thread_status *tmp =
1953 list_entry(t, struct elf_thread_status, list);
1955 for (i = 0; i < tmp->num_notes; i++)
1956 if (!writenote(&tmp->notes[i], file, foffset))
1963 static void free_note_info(struct elf_note_info *info)
1965 while (!list_empty(&info->thread_list)) {
1966 struct list_head *tmp = info->thread_list.next;
1968 kfree(list_entry(tmp, struct elf_thread_status, list));
1971 /* Free data possibly allocated by fill_files_note(): */
1972 if (info->notes_files)
1973 vfree(info->notes_files->data);
1975 kfree(info->prstatus);
1976 kfree(info->psinfo);
1979 #ifdef ELF_CORE_COPY_XFPREGS
1986 static struct vm_area_struct *first_vma(struct task_struct *tsk,
1987 struct vm_area_struct *gate_vma)
1989 struct vm_area_struct *ret = tsk->mm->mmap;
1996 * Helper function for iterating across a vma list. It ensures that the caller
1997 * will visit `gate_vma' prior to terminating the search.
1999 static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
2000 struct vm_area_struct *gate_vma)
2002 struct vm_area_struct *ret;
2004 ret = this_vma->vm_next;
2007 if (this_vma == gate_vma)
2012 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2013 elf_addr_t e_shoff, int segs)
2015 elf->e_shoff = e_shoff;
2016 elf->e_shentsize = sizeof(*shdr4extnum);
2018 elf->e_shstrndx = SHN_UNDEF;
2020 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2022 shdr4extnum->sh_type = SHT_NULL;
2023 shdr4extnum->sh_size = elf->e_shnum;
2024 shdr4extnum->sh_link = elf->e_shstrndx;
2025 shdr4extnum->sh_info = segs;
2028 static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma,
2029 unsigned long mm_flags)
2031 struct vm_area_struct *vma;
2034 for (vma = first_vma(current, gate_vma); vma != NULL;
2035 vma = next_vma(vma, gate_vma))
2036 size += vma_dump_size(vma, mm_flags);
2043 * This is a two-pass process; first we find the offsets of the bits,
2044 * and then they are actually written out. If we run out of core limit
2047 static int elf_core_dump(struct coredump_params *cprm)
2053 struct vm_area_struct *vma, *gate_vma;
2054 struct elfhdr *elf = NULL;
2055 loff_t offset = 0, dataoff, foffset;
2056 struct elf_note_info info = { };
2057 struct elf_phdr *phdr4note = NULL;
2058 struct elf_shdr *shdr4extnum = NULL;
2063 * We no longer stop all VM operations.
2065 * This is because those proceses that could possibly change map_count
2066 * or the mmap / vma pages are now blocked in do_exit on current
2067 * finishing this core dump.
2069 * Only ptrace can touch these memory addresses, but it doesn't change
2070 * the map_count or the pages allocated. So no possibility of crashing
2071 * exists while dumping the mm->vm_next areas to the core file.
2074 /* alloc memory for large data structures: too large to be on stack */
2075 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
2079 * The number of segs are recored into ELF header as 16bit value.
2080 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2082 segs = current->mm->map_count;
2083 segs += elf_core_extra_phdrs();
2085 gate_vma = get_gate_vma(current->mm);
2086 if (gate_vma != NULL)
2089 /* for notes section */
2092 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2093 * this, kernel supports extended numbering. Have a look at
2094 * include/linux/elf.h for further information. */
2095 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2098 * Collect all the non-memory information about the process for the
2099 * notes. This also sets up the file header.
2101 if (!fill_note_info(elf, e_phnum, &info, cprm->siginfo, cprm->regs))
2109 offset += sizeof(*elf); /* Elf header */
2110 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2113 /* Write notes phdr entry */
2115 size_t sz = get_note_info_size(&info);
2117 sz += elf_coredump_extra_notes_size();
2119 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2123 fill_elf_note_phdr(phdr4note, sz, offset);
2127 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2129 offset += elf_core_vma_data_size(gate_vma, cprm->mm_flags);
2130 offset += elf_core_extra_data_size();
2133 if (e_phnum == PN_XNUM) {
2134 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2137 fill_extnum_info(elf, shdr4extnum, e_shoff, segs);
2142 size += sizeof(*elf);
2143 if (size > cprm->limit || !dump_write(cprm->file, elf, sizeof(*elf)))
2146 size += sizeof(*phdr4note);
2147 if (size > cprm->limit
2148 || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note)))
2151 /* Write program headers for segments dump */
2152 for (vma = first_vma(current, gate_vma); vma != NULL;
2153 vma = next_vma(vma, gate_vma)) {
2154 struct elf_phdr phdr;
2156 phdr.p_type = PT_LOAD;
2157 phdr.p_offset = offset;
2158 phdr.p_vaddr = vma->vm_start;
2160 phdr.p_filesz = vma_dump_size(vma, cprm->mm_flags);
2161 phdr.p_memsz = vma->vm_end - vma->vm_start;
2162 offset += phdr.p_filesz;
2163 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
2164 if (vma->vm_flags & VM_WRITE)
2165 phdr.p_flags |= PF_W;
2166 if (vma->vm_flags & VM_EXEC)
2167 phdr.p_flags |= PF_X;
2168 phdr.p_align = ELF_EXEC_PAGESIZE;
2170 size += sizeof(phdr);
2171 if (size > cprm->limit
2172 || !dump_write(cprm->file, &phdr, sizeof(phdr)))
2176 if (!elf_core_write_extra_phdrs(cprm->file, offset, &size, cprm->limit))
2179 /* write out the notes section */
2180 if (!write_note_info(&info, cprm->file, &foffset))
2183 if (elf_coredump_extra_notes_write(cprm->file, &foffset))
2187 if (!dump_seek(cprm->file, dataoff - foffset))
2190 for (vma = first_vma(current, gate_vma); vma != NULL;
2191 vma = next_vma(vma, gate_vma)) {
2195 end = vma->vm_start + vma_dump_size(vma, cprm->mm_flags);
2197 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
2201 page = get_dump_page(addr);
2203 void *kaddr = kmap(page);
2204 stop = ((size += PAGE_SIZE) > cprm->limit) ||
2205 !dump_write(cprm->file, kaddr,
2208 page_cache_release(page);
2210 stop = !dump_seek(cprm->file, PAGE_SIZE);
2216 if (!elf_core_write_extra_data(cprm->file, &size, cprm->limit))
2219 if (e_phnum == PN_XNUM) {
2220 size += sizeof(*shdr4extnum);
2221 if (size > cprm->limit
2222 || !dump_write(cprm->file, shdr4extnum,
2223 sizeof(*shdr4extnum)))
2231 free_note_info(&info);
2239 #endif /* CONFIG_ELF_CORE */
2241 static int __init init_elf_binfmt(void)
2243 register_binfmt(&elf_format);
2247 static void __exit exit_elf_binfmt(void)
2249 /* Remove the COFF and ELF loaders. */
2250 unregister_binfmt(&elf_format);
2253 core_initcall(init_elf_binfmt);
2254 module_exit(exit_elf_binfmt);
2255 MODULE_LICENSE("GPL");
projects / firefly-linux-kernel-4.4.55.git / blob