1 // SPDX-License-Identifier: GPL-2.0-only
3 * linux/fs/binfmt_elf.c
5 * These are the functions used to load ELF format executables as used
6 * on SVr4 machines. Information on the format may be found in the book
7 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
10 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
13 #include <linux/module.h>
14 #include <linux/kernel.h>
16 #include <linux/log2.h>
18 #include <linux/mman.h>
19 #include <linux/errno.h>
20 #include <linux/signal.h>
21 #include <linux/binfmts.h>
22 #include <linux/string.h>
23 #include <linux/file.h>
24 #include <linux/slab.h>
25 #include <linux/personality.h>
26 #include <linux/elfcore.h>
27 #include <linux/init.h>
28 #include <linux/highuid.h>
29 #include <linux/compiler.h>
30 #include <linux/highmem.h>
31 #include <linux/hugetlb.h>
32 #include <linux/pagemap.h>
33 #include <linux/vmalloc.h>
34 #include <linux/security.h>
35 #include <linux/random.h>
36 #include <linux/elf.h>
37 #include <linux/elf-randomize.h>
38 #include <linux/utsname.h>
39 #include <linux/coredump.h>
40 #include <linux/sched.h>
41 #include <linux/sched/coredump.h>
42 #include <linux/sched/task_stack.h>
43 #include <linux/sched/cputime.h>
44 #include <linux/sizes.h>
45 #include <linux/types.h>
46 #include <linux/cred.h>
47 #include <linux/dax.h>
48 #include <linux/uaccess.h>
49 #include <asm/param.h>
57 #define user_long_t long
59 #ifndef user_siginfo_t
60 #define user_siginfo_t siginfo_t
63 /* That's for binfmt_elf_fdpic to deal with */
64 #ifndef elf_check_fdpic
65 #define elf_check_fdpic(ex) false
68 static int load_elf_binary(struct linux_binprm *bprm);
71 static int load_elf_library(struct file *);
73 #define load_elf_library NULL
77 * If we don't support core dumping, then supply a NULL so we
80 #ifdef CONFIG_ELF_CORE
81 static int elf_core_dump(struct coredump_params *cprm);
83 #define elf_core_dump NULL
86 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
87 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
89 #define ELF_MIN_ALIGN PAGE_SIZE
92 #ifndef ELF_CORE_EFLAGS
93 #define ELF_CORE_EFLAGS 0
96 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
97 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
98 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
100 static struct linux_binfmt elf_format = {
101 .module = THIS_MODULE,
102 .load_binary = load_elf_binary,
103 .load_shlib = load_elf_library,
104 .core_dump = elf_core_dump,
105 .min_coredump = ELF_EXEC_PAGESIZE,
108 #define BAD_ADDR(x) (unlikely((unsigned long)(x) >= TASK_SIZE))
110 static int set_brk(unsigned long start, unsigned long end, int prot)
112 start = ELF_PAGEALIGN(start);
113 end = ELF_PAGEALIGN(end);
116 * Map the last of the bss segment.
117 * If the header is requesting these pages to be
118 * executable, honour that (ppc32 needs this).
120 int error = vm_brk_flags(start, end - start,
121 prot & PROT_EXEC ? VM_EXEC : 0);
125 current->mm->start_brk = current->mm->brk = end;
129 /* We need to explicitly zero any fractional pages
130 after the data section (i.e. bss). This would
131 contain the junk from the file that should not
134 static int padzero(unsigned long elf_bss)
138 nbyte = ELF_PAGEOFFSET(elf_bss);
140 nbyte = ELF_MIN_ALIGN - nbyte;
141 if (clear_user((void __user *) elf_bss, nbyte))
147 /* Let's use some macros to make this stack manipulation a little clearer */
148 #ifdef CONFIG_STACK_GROWSUP
149 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
150 #define STACK_ROUND(sp, items) \
151 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
152 #define STACK_ALLOC(sp, len) ({ \
153 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
156 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
157 #define STACK_ROUND(sp, items) \
158 (((unsigned long) (sp - items)) &~ 15UL)
159 #define STACK_ALLOC(sp, len) (sp -= len)
162 #ifndef ELF_BASE_PLATFORM
164 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
165 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
166 * will be copied to the user stack in the same manner as AT_PLATFORM.
168 #define ELF_BASE_PLATFORM NULL
172 create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec,
173 unsigned long load_addr, unsigned long interp_load_addr,
174 unsigned long e_entry)
176 struct mm_struct *mm = current->mm;
177 unsigned long p = bprm->p;
178 int argc = bprm->argc;
179 int envc = bprm->envc;
180 elf_addr_t __user *sp;
181 elf_addr_t __user *u_platform;
182 elf_addr_t __user *u_base_platform;
183 elf_addr_t __user *u_rand_bytes;
184 const char *k_platform = ELF_PLATFORM;
185 const char *k_base_platform = ELF_BASE_PLATFORM;
186 unsigned char k_rand_bytes[16];
188 elf_addr_t *elf_info;
189 elf_addr_t flags = 0;
191 const struct cred *cred = current_cred();
192 struct vm_area_struct *vma;
195 * In some cases (e.g. Hyper-Threading), we want to avoid L1
196 * evictions by the processes running on the same package. One
197 * thing we can do is to shuffle the initial stack for them.
200 p = arch_align_stack(p);
203 * If this architecture has a platform capability string, copy it
204 * to userspace. In some cases (Sparc), this info is impossible
205 * for userspace to get any other way, in others (i386) it is
210 size_t len = strlen(k_platform) + 1;
212 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
213 if (copy_to_user(u_platform, k_platform, len))
218 * If this architecture has a "base" platform capability
219 * string, copy it to userspace.
221 u_base_platform = NULL;
222 if (k_base_platform) {
223 size_t len = strlen(k_base_platform) + 1;
225 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
226 if (copy_to_user(u_base_platform, k_base_platform, len))
231 * Generate 16 random bytes for userspace PRNG seeding.
233 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
234 u_rand_bytes = (elf_addr_t __user *)
235 STACK_ALLOC(p, sizeof(k_rand_bytes));
236 if (copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
239 /* Create the ELF interpreter info */
240 elf_info = (elf_addr_t *)mm->saved_auxv;
241 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
242 #define NEW_AUX_ENT(id, val) \
250 * ARCH_DLINFO must come first so PPC can do its special alignment of
252 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
253 * ARCH_DLINFO changes
257 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
258 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
259 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
260 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
261 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
262 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
263 NEW_AUX_ENT(AT_BASE, interp_load_addr);
264 if (bprm->interp_flags & BINPRM_FLAGS_PRESERVE_ARGV0)
265 flags |= AT_FLAGS_PRESERVE_ARGV0;
266 NEW_AUX_ENT(AT_FLAGS, flags);
267 NEW_AUX_ENT(AT_ENTRY, e_entry);
268 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
269 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
270 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
271 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
272 NEW_AUX_ENT(AT_SECURE, bprm->secureexec);
273 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
275 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
277 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
279 NEW_AUX_ENT(AT_PLATFORM,
280 (elf_addr_t)(unsigned long)u_platform);
282 if (k_base_platform) {
283 NEW_AUX_ENT(AT_BASE_PLATFORM,
284 (elf_addr_t)(unsigned long)u_base_platform);
286 if (bprm->have_execfd) {
287 NEW_AUX_ENT(AT_EXECFD, bprm->execfd);
290 /* AT_NULL is zero; clear the rest too */
291 memset(elf_info, 0, (char *)mm->saved_auxv +
292 sizeof(mm->saved_auxv) - (char *)elf_info);
294 /* And advance past the AT_NULL entry. */
297 ei_index = elf_info - (elf_addr_t *)mm->saved_auxv;
298 sp = STACK_ADD(p, ei_index);
300 items = (argc + 1) + (envc + 1) + 1;
301 bprm->p = STACK_ROUND(sp, items);
303 /* Point sp at the lowest address on the stack */
304 #ifdef CONFIG_STACK_GROWSUP
305 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
306 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
308 sp = (elf_addr_t __user *)bprm->p;
313 * Grow the stack manually; some architectures have a limit on how
314 * far ahead a user-space access may be in order to grow the stack.
316 if (mmap_read_lock_killable(mm))
318 vma = find_extend_vma(mm, bprm->p);
319 mmap_read_unlock(mm);
323 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
324 if (put_user(argc, sp++))
327 /* Populate list of argv pointers back to argv strings. */
328 p = mm->arg_end = mm->arg_start;
331 if (put_user((elf_addr_t)p, sp++))
333 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
334 if (!len || len > MAX_ARG_STRLEN)
338 if (put_user(0, sp++))
342 /* Populate list of envp pointers back to envp strings. */
343 mm->env_end = mm->env_start = p;
346 if (put_user((elf_addr_t)p, sp++))
348 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
349 if (!len || len > MAX_ARG_STRLEN)
353 if (put_user(0, sp++))
357 /* Put the elf_info on the stack in the right place. */
358 if (copy_to_user(sp, mm->saved_auxv, ei_index * sizeof(elf_addr_t)))
363 static unsigned long elf_map(struct file *filep, unsigned long addr,
364 const struct elf_phdr *eppnt, int prot, int type,
365 unsigned long total_size)
367 unsigned long map_addr;
368 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
369 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
370 addr = ELF_PAGESTART(addr);
371 size = ELF_PAGEALIGN(size);
373 /* mmap() will return -EINVAL if given a zero size, but a
374 * segment with zero filesize is perfectly valid */
379 * total_size is the size of the ELF (interpreter) image.
380 * The _first_ mmap needs to know the full size, otherwise
381 * randomization might put this image into an overlapping
382 * position with the ELF binary image. (since size < total_size)
383 * So we first map the 'big' image - and unmap the remainder at
384 * the end. (which unmap is needed for ELF images with holes.)
387 total_size = ELF_PAGEALIGN(total_size);
388 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
389 if (!BAD_ADDR(map_addr))
390 vm_munmap(map_addr+size, total_size-size);
392 map_addr = vm_mmap(filep, addr, size, prot, type, off);
394 if ((type & MAP_FIXED_NOREPLACE) &&
395 PTR_ERR((void *)map_addr) == -EEXIST)
396 pr_info("%d (%s): Uhuuh, elf segment at %px requested but the memory is mapped already\n",
397 task_pid_nr(current), current->comm, (void *)addr);
402 static unsigned long total_mapping_size(const struct elf_phdr *cmds, int nr)
404 int i, first_idx = -1, last_idx = -1;
406 for (i = 0; i < nr; i++) {
407 if (cmds[i].p_type == PT_LOAD) {
416 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
417 ELF_PAGESTART(cmds[first_idx].p_vaddr);
420 static int elf_read(struct file *file, void *buf, size_t len, loff_t pos)
424 rv = kernel_read(file, buf, len, &pos);
425 if (unlikely(rv != len)) {
426 return (rv < 0) ? rv : -EIO;
431 static unsigned long maximum_alignment(struct elf_phdr *cmds, int nr)
433 unsigned long alignment = 0;
436 for (i = 0; i < nr; i++) {
437 if (cmds[i].p_type == PT_LOAD) {
438 unsigned long p_align = cmds[i].p_align;
440 /* skip non-power of two alignments as invalid */
441 if (!is_power_of_2(p_align))
443 alignment = max(alignment, p_align);
447 /* ensure we align to at least one page */
448 return ELF_PAGEALIGN(alignment);
452 * load_elf_phdrs() - load ELF program headers
453 * @elf_ex: ELF header of the binary whose program headers should be loaded
454 * @elf_file: the opened ELF binary file
456 * Loads ELF program headers from the binary file elf_file, which has the ELF
457 * header pointed to by elf_ex, into a newly allocated array. The caller is
458 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.
460 static struct elf_phdr *load_elf_phdrs(const struct elfhdr *elf_ex,
461 struct file *elf_file)
463 struct elf_phdr *elf_phdata = NULL;
464 int retval, err = -1;
468 * If the size of this structure has changed, then punt, since
469 * we will be doing the wrong thing.
471 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
474 /* Sanity check the number of program headers... */
475 /* ...and their total size. */
476 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
477 if (size == 0 || size > 65536 || size > ELF_MIN_ALIGN)
480 elf_phdata = kmalloc(size, GFP_KERNEL);
484 /* Read in the program headers */
485 retval = elf_read(elf_file, elf_phdata, size, elf_ex->e_phoff);
501 #ifndef CONFIG_ARCH_BINFMT_ELF_STATE
504 * struct arch_elf_state - arch-specific ELF loading state
506 * This structure is used to preserve architecture specific data during
507 * the loading of an ELF file, throughout the checking of architecture
508 * specific ELF headers & through to the point where the ELF load is
509 * known to be proceeding (ie. SET_PERSONALITY).
511 * This implementation is a dummy for architectures which require no
514 struct arch_elf_state {
517 #define INIT_ARCH_ELF_STATE {}
520 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
521 * @ehdr: The main ELF header
522 * @phdr: The program header to check
523 * @elf: The open ELF file
524 * @is_interp: True if the phdr is from the interpreter of the ELF being
525 * loaded, else false.
526 * @state: Architecture-specific state preserved throughout the process
527 * of loading the ELF.
529 * Inspects the program header phdr to validate its correctness and/or
530 * suitability for the system. Called once per ELF program header in the
531 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
534 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
535 * with that return code.
537 static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
538 struct elf_phdr *phdr,
539 struct file *elf, bool is_interp,
540 struct arch_elf_state *state)
542 /* Dummy implementation, always proceed */
547 * arch_check_elf() - check an ELF executable
548 * @ehdr: The main ELF header
549 * @has_interp: True if the ELF has an interpreter, else false.
550 * @interp_ehdr: The interpreter's ELF header
551 * @state: Architecture-specific state preserved throughout the process
552 * of loading the ELF.
554 * Provides a final opportunity for architecture code to reject the loading
555 * of the ELF & cause an exec syscall to return an error. This is called after
556 * all program headers to be checked by arch_elf_pt_proc have been.
558 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
559 * with that return code.
561 static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
562 struct elfhdr *interp_ehdr,
563 struct arch_elf_state *state)
565 /* Dummy implementation, always proceed */
569 #endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
571 static inline int make_prot(u32 p_flags, struct arch_elf_state *arch_state,
572 bool has_interp, bool is_interp)
583 return arch_elf_adjust_prot(prot, arch_state, has_interp, is_interp);
586 /* This is much more generalized than the library routine read function,
587 so we keep this separate. Technically the library read function
588 is only provided so that we can read a.out libraries that have
591 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
592 struct file *interpreter,
593 unsigned long no_base, struct elf_phdr *interp_elf_phdata,
594 struct arch_elf_state *arch_state)
596 struct elf_phdr *eppnt;
597 unsigned long load_addr = 0;
598 int load_addr_set = 0;
599 unsigned long last_bss = 0, elf_bss = 0;
601 unsigned long error = ~0UL;
602 unsigned long total_size;
605 /* First of all, some simple consistency checks */
606 if (interp_elf_ex->e_type != ET_EXEC &&
607 interp_elf_ex->e_type != ET_DYN)
609 if (!elf_check_arch(interp_elf_ex) ||
610 elf_check_fdpic(interp_elf_ex))
612 if (!interpreter->f_op->mmap)
615 total_size = total_mapping_size(interp_elf_phdata,
616 interp_elf_ex->e_phnum);
622 eppnt = interp_elf_phdata;
623 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
624 if (eppnt->p_type == PT_LOAD) {
625 int elf_type = MAP_PRIVATE;
626 int elf_prot = make_prot(eppnt->p_flags, arch_state,
628 unsigned long vaddr = 0;
629 unsigned long k, map_addr;
631 vaddr = eppnt->p_vaddr;
632 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
633 elf_type |= MAP_FIXED;
634 else if (no_base && interp_elf_ex->e_type == ET_DYN)
637 map_addr = elf_map(interpreter, load_addr + vaddr,
638 eppnt, elf_prot, elf_type, total_size);
641 if (BAD_ADDR(map_addr))
644 if (!load_addr_set &&
645 interp_elf_ex->e_type == ET_DYN) {
646 load_addr = map_addr - ELF_PAGESTART(vaddr);
651 * Check to see if the section's size will overflow the
652 * allowed task size. Note that p_filesz must always be
653 * <= p_memsize so it's only necessary to check p_memsz.
655 k = load_addr + eppnt->p_vaddr;
657 eppnt->p_filesz > eppnt->p_memsz ||
658 eppnt->p_memsz > TASK_SIZE ||
659 TASK_SIZE - eppnt->p_memsz < k) {
665 * Find the end of the file mapping for this phdr, and
666 * keep track of the largest address we see for this.
668 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
673 * Do the same thing for the memory mapping - between
674 * elf_bss and last_bss is the bss section.
676 k = load_addr + eppnt->p_vaddr + eppnt->p_memsz;
685 * Now fill out the bss section: first pad the last page from
686 * the file up to the page boundary, and zero it from elf_bss
687 * up to the end of the page.
689 if (padzero(elf_bss)) {
694 * Next, align both the file and mem bss up to the page size,
695 * since this is where elf_bss was just zeroed up to, and where
696 * last_bss will end after the vm_brk_flags() below.
698 elf_bss = ELF_PAGEALIGN(elf_bss);
699 last_bss = ELF_PAGEALIGN(last_bss);
700 /* Finally, if there is still more bss to allocate, do it. */
701 if (last_bss > elf_bss) {
702 error = vm_brk_flags(elf_bss, last_bss - elf_bss,
703 bss_prot & PROT_EXEC ? VM_EXEC : 0);
714 * These are the functions used to load ELF style executables and shared
715 * libraries. There is no binary dependent code anywhere else.
718 static int parse_elf_property(const char *data, size_t *off, size_t datasz,
719 struct arch_elf_state *arch,
720 bool have_prev_type, u32 *prev_type)
723 const struct gnu_property *pr;
729 if (WARN_ON_ONCE(*off > datasz || *off % ELF_GNU_PROPERTY_ALIGN))
734 if (datasz < sizeof(*pr))
736 pr = (const struct gnu_property *)(data + o);
738 datasz -= sizeof(*pr);
740 if (pr->pr_datasz > datasz)
743 WARN_ON_ONCE(o % ELF_GNU_PROPERTY_ALIGN);
744 step = round_up(pr->pr_datasz, ELF_GNU_PROPERTY_ALIGN);
748 /* Properties are supposed to be unique and sorted on pr_type: */
749 if (have_prev_type && pr->pr_type <= *prev_type)
751 *prev_type = pr->pr_type;
753 ret = arch_parse_elf_property(pr->pr_type, data + o,
754 pr->pr_datasz, ELF_COMPAT, arch);
762 #define NOTE_DATA_SZ SZ_1K
763 #define GNU_PROPERTY_TYPE_0_NAME "GNU"
764 #define NOTE_NAME_SZ (sizeof(GNU_PROPERTY_TYPE_0_NAME))
766 static int parse_elf_properties(struct file *f, const struct elf_phdr *phdr,
767 struct arch_elf_state *arch)
770 struct elf_note nhdr;
771 char data[NOTE_DATA_SZ];
780 if (!IS_ENABLED(CONFIG_ARCH_USE_GNU_PROPERTY) || !phdr)
783 /* load_elf_binary() shouldn't call us unless this is true... */
784 if (WARN_ON_ONCE(phdr->p_type != PT_GNU_PROPERTY))
787 /* If the properties are crazy large, that's too bad (for now): */
788 if (phdr->p_filesz > sizeof(note))
791 pos = phdr->p_offset;
792 n = kernel_read(f, ¬e, phdr->p_filesz, &pos);
794 BUILD_BUG_ON(sizeof(note) < sizeof(note.nhdr) + NOTE_NAME_SZ);
795 if (n < 0 || n < sizeof(note.nhdr) + NOTE_NAME_SZ)
798 if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 ||
799 note.nhdr.n_namesz != NOTE_NAME_SZ ||
800 strncmp(note.data + sizeof(note.nhdr),
801 GNU_PROPERTY_TYPE_0_NAME, n - sizeof(note.nhdr)))
804 off = round_up(sizeof(note.nhdr) + NOTE_NAME_SZ,
805 ELF_GNU_PROPERTY_ALIGN);
809 if (note.nhdr.n_descsz > n - off)
811 datasz = off + note.nhdr.n_descsz;
813 have_prev_type = false;
815 ret = parse_elf_property(note.data, &off, datasz, arch,
816 have_prev_type, &prev_type);
817 have_prev_type = true;
820 return ret == -ENOENT ? 0 : ret;
823 static int load_elf_binary(struct linux_binprm *bprm)
825 struct file *interpreter = NULL; /* to shut gcc up */
826 unsigned long load_addr = 0, load_bias = 0;
827 int load_addr_set = 0;
829 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
830 struct elf_phdr *elf_property_phdata = NULL;
831 unsigned long elf_bss, elf_brk;
834 unsigned long elf_entry;
835 unsigned long e_entry;
836 unsigned long interp_load_addr = 0;
837 unsigned long start_code, end_code, start_data, end_data;
838 unsigned long reloc_func_desc __maybe_unused = 0;
839 int executable_stack = EXSTACK_DEFAULT;
840 struct elfhdr *elf_ex = (struct elfhdr *)bprm->buf;
841 struct elfhdr *interp_elf_ex = NULL;
842 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
843 struct mm_struct *mm;
844 struct pt_regs *regs;
847 /* First of all, some simple consistency checks */
848 if (memcmp(elf_ex->e_ident, ELFMAG, SELFMAG) != 0)
851 if (elf_ex->e_type != ET_EXEC && elf_ex->e_type != ET_DYN)
853 if (!elf_check_arch(elf_ex))
855 if (elf_check_fdpic(elf_ex))
857 if (!bprm->file->f_op->mmap)
860 elf_phdata = load_elf_phdrs(elf_ex, bprm->file);
864 elf_ppnt = elf_phdata;
865 for (i = 0; i < elf_ex->e_phnum; i++, elf_ppnt++) {
866 char *elf_interpreter;
868 if (elf_ppnt->p_type == PT_GNU_PROPERTY) {
869 elf_property_phdata = elf_ppnt;
873 if (elf_ppnt->p_type != PT_INTERP)
877 * This is the program interpreter used for shared libraries -
878 * for now assume that this is an a.out format binary.
881 if (elf_ppnt->p_filesz > PATH_MAX || elf_ppnt->p_filesz < 2)
885 elf_interpreter = kmalloc(elf_ppnt->p_filesz, GFP_KERNEL);
886 if (!elf_interpreter)
889 retval = elf_read(bprm->file, elf_interpreter, elf_ppnt->p_filesz,
892 goto out_free_interp;
893 /* make sure path is NULL terminated */
895 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
896 goto out_free_interp;
898 interpreter = open_exec(elf_interpreter);
899 kfree(elf_interpreter);
900 retval = PTR_ERR(interpreter);
901 if (IS_ERR(interpreter))
905 * If the binary is not readable then enforce mm->dumpable = 0
906 * regardless of the interpreter's permissions.
908 would_dump(bprm, interpreter);
910 interp_elf_ex = kmalloc(sizeof(*interp_elf_ex), GFP_KERNEL);
911 if (!interp_elf_ex) {
916 /* Get the exec headers */
917 retval = elf_read(interpreter, interp_elf_ex,
918 sizeof(*interp_elf_ex), 0);
920 goto out_free_dentry;
925 kfree(elf_interpreter);
929 elf_ppnt = elf_phdata;
930 for (i = 0; i < elf_ex->e_phnum; i++, elf_ppnt++)
931 switch (elf_ppnt->p_type) {
933 if (elf_ppnt->p_flags & PF_X)
934 executable_stack = EXSTACK_ENABLE_X;
936 executable_stack = EXSTACK_DISABLE_X;
939 case PT_LOPROC ... PT_HIPROC:
940 retval = arch_elf_pt_proc(elf_ex, elf_ppnt,
944 goto out_free_dentry;
948 /* Some simple consistency checks for the interpreter */
951 /* Not an ELF interpreter */
952 if (memcmp(interp_elf_ex->e_ident, ELFMAG, SELFMAG) != 0)
953 goto out_free_dentry;
954 /* Verify the interpreter has a valid arch */
955 if (!elf_check_arch(interp_elf_ex) ||
956 elf_check_fdpic(interp_elf_ex))
957 goto out_free_dentry;
959 /* Load the interpreter program headers */
960 interp_elf_phdata = load_elf_phdrs(interp_elf_ex,
962 if (!interp_elf_phdata)
963 goto out_free_dentry;
965 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
966 elf_property_phdata = NULL;
967 elf_ppnt = interp_elf_phdata;
968 for (i = 0; i < interp_elf_ex->e_phnum; i++, elf_ppnt++)
969 switch (elf_ppnt->p_type) {
970 case PT_GNU_PROPERTY:
971 elf_property_phdata = elf_ppnt;
974 case PT_LOPROC ... PT_HIPROC:
975 retval = arch_elf_pt_proc(interp_elf_ex,
976 elf_ppnt, interpreter,
979 goto out_free_dentry;
984 retval = parse_elf_properties(interpreter ?: bprm->file,
985 elf_property_phdata, &arch_state);
987 goto out_free_dentry;
990 * Allow arch code to reject the ELF at this point, whilst it's
991 * still possible to return an error to the code that invoked
994 retval = arch_check_elf(elf_ex,
995 !!interpreter, interp_elf_ex,
998 goto out_free_dentry;
1000 /* Flush all traces of the currently running executable */
1001 retval = begin_new_exec(bprm);
1003 goto out_free_dentry;
1005 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
1006 may depend on the personality. */
1007 SET_PERSONALITY2(*elf_ex, &arch_state);
1008 if (elf_read_implies_exec(*elf_ex, executable_stack))
1009 current->personality |= READ_IMPLIES_EXEC;
1011 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
1012 current->flags |= PF_RANDOMIZE;
1014 setup_new_exec(bprm);
1016 /* Do this so that we can load the interpreter, if need be. We will
1017 change some of these later */
1018 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
1021 goto out_free_dentry;
1031 /* Now we do a little grungy work by mmapping the ELF image into
1032 the correct location in memory. */
1033 for(i = 0, elf_ppnt = elf_phdata;
1034 i < elf_ex->e_phnum; i++, elf_ppnt++) {
1035 int elf_prot, elf_flags;
1036 unsigned long k, vaddr;
1037 unsigned long total_size = 0;
1038 unsigned long alignment;
1040 if (elf_ppnt->p_type != PT_LOAD)
1043 if (unlikely (elf_brk > elf_bss)) {
1044 unsigned long nbyte;
1046 /* There was a PT_LOAD segment with p_memsz > p_filesz
1047 before this one. Map anonymous pages, if needed,
1048 and clear the area. */
1049 retval = set_brk(elf_bss + load_bias,
1050 elf_brk + load_bias,
1053 goto out_free_dentry;
1054 nbyte = ELF_PAGEOFFSET(elf_bss);
1056 nbyte = ELF_MIN_ALIGN - nbyte;
1057 if (nbyte > elf_brk - elf_bss)
1058 nbyte = elf_brk - elf_bss;
1059 if (clear_user((void __user *)elf_bss +
1060 load_bias, nbyte)) {
1062 * This bss-zeroing can fail if the ELF
1063 * file specifies odd protections. So
1064 * we don't check the return value
1070 elf_prot = make_prot(elf_ppnt->p_flags, &arch_state,
1071 !!interpreter, false);
1073 elf_flags = MAP_PRIVATE;
1075 vaddr = elf_ppnt->p_vaddr;
1077 * The first time through the loop, load_addr_set is false:
1078 * layout will be calculated. Once set, use MAP_FIXED since
1079 * we know we've already safely mapped the entire region with
1080 * MAP_FIXED_NOREPLACE in the once-per-binary logic following.
1082 if (load_addr_set) {
1083 elf_flags |= MAP_FIXED;
1084 } else if (elf_ex->e_type == ET_EXEC) {
1086 * This logic is run once for the first LOAD Program
1087 * Header for ET_EXEC binaries. No special handling
1090 elf_flags |= MAP_FIXED_NOREPLACE;
1091 } else if (elf_ex->e_type == ET_DYN) {
1093 * This logic is run once for the first LOAD Program
1094 * Header for ET_DYN binaries to calculate the
1095 * randomization (load_bias) for all the LOAD
1098 * There are effectively two types of ET_DYN
1099 * binaries: programs (i.e. PIE: ET_DYN with INTERP)
1100 * and loaders (ET_DYN without INTERP, since they
1101 * _are_ the ELF interpreter). The loaders must
1102 * be loaded away from programs since the program
1103 * may otherwise collide with the loader (especially
1104 * for ET_EXEC which does not have a randomized
1105 * position). For example to handle invocations of
1106 * "./ld.so someprog" to test out a new version of
1107 * the loader, the subsequent program that the
1108 * loader loads must avoid the loader itself, so
1109 * they cannot share the same load range. Sufficient
1110 * room for the brk must be allocated with the
1111 * loader as well, since brk must be available with
1114 * Therefore, programs are loaded offset from
1115 * ELF_ET_DYN_BASE and loaders are loaded into the
1116 * independently randomized mmap region (0 load_bias
1117 * without MAP_FIXED nor MAP_FIXED_NOREPLACE).
1119 alignment = maximum_alignment(elf_phdata, elf_ex->e_phnum);
1120 if (interpreter || alignment > ELF_MIN_ALIGN) {
1121 load_bias = ELF_ET_DYN_BASE;
1122 if (current->flags & PF_RANDOMIZE)
1123 load_bias += arch_mmap_rnd();
1125 load_bias &= ~(alignment - 1);
1126 elf_flags |= MAP_FIXED_NOREPLACE;
1131 * Since load_bias is used for all subsequent loading
1132 * calculations, we must lower it by the first vaddr
1133 * so that the remaining calculations based on the
1134 * ELF vaddrs will be correctly offset. The result
1135 * is then page aligned.
1137 load_bias = ELF_PAGESTART(load_bias - vaddr);
1140 * Calculate the entire size of the ELF mapping
1141 * (total_size), used for the initial mapping,
1142 * due to load_addr_set which is set to true later
1143 * once the initial mapping is performed.
1145 * Note that this is only sensible when the LOAD
1146 * segments are contiguous (or overlapping). If
1147 * used for LOADs that are far apart, this would
1148 * cause the holes between LOADs to be mapped,
1149 * running the risk of having the mapping fail,
1150 * as it would be larger than the ELF file itself.
1152 * As a result, only ET_DYN does this, since
1153 * some ET_EXEC (e.g. ia64) may have large virtual
1154 * memory holes between LOADs.
1157 total_size = total_mapping_size(elf_phdata,
1161 goto out_free_dentry;
1165 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
1166 elf_prot, elf_flags, total_size);
1167 if (BAD_ADDR(error)) {
1168 retval = IS_ERR((void *)error) ?
1169 PTR_ERR((void*)error) : -EINVAL;
1170 goto out_free_dentry;
1173 if (!load_addr_set) {
1175 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
1176 if (elf_ex->e_type == ET_DYN) {
1177 load_bias += error -
1178 ELF_PAGESTART(load_bias + vaddr);
1179 load_addr += load_bias;
1180 reloc_func_desc = load_bias;
1183 k = elf_ppnt->p_vaddr;
1184 if ((elf_ppnt->p_flags & PF_X) && k < start_code)
1190 * Check to see if the section's size will overflow the
1191 * allowed task size. Note that p_filesz must always be
1192 * <= p_memsz so it is only necessary to check p_memsz.
1194 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
1195 elf_ppnt->p_memsz > TASK_SIZE ||
1196 TASK_SIZE - elf_ppnt->p_memsz < k) {
1197 /* set_brk can never work. Avoid overflows. */
1199 goto out_free_dentry;
1202 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
1206 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
1210 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
1212 bss_prot = elf_prot;
1217 e_entry = elf_ex->e_entry + load_bias;
1218 elf_bss += load_bias;
1219 elf_brk += load_bias;
1220 start_code += load_bias;
1221 end_code += load_bias;
1222 start_data += load_bias;
1223 end_data += load_bias;
1225 /* Calling set_brk effectively mmaps the pages that we need
1226 * for the bss and break sections. We must do this before
1227 * mapping in the interpreter, to make sure it doesn't wind
1228 * up getting placed where the bss needs to go.
1230 retval = set_brk(elf_bss, elf_brk, bss_prot);
1232 goto out_free_dentry;
1233 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
1234 retval = -EFAULT; /* Nobody gets to see this, but.. */
1235 goto out_free_dentry;
1239 elf_entry = load_elf_interp(interp_elf_ex,
1241 load_bias, interp_elf_phdata,
1243 if (!IS_ERR((void *)elf_entry)) {
1245 * load_elf_interp() returns relocation
1248 interp_load_addr = elf_entry;
1249 elf_entry += interp_elf_ex->e_entry;
1251 if (BAD_ADDR(elf_entry)) {
1252 retval = IS_ERR((void *)elf_entry) ?
1253 (int)elf_entry : -EINVAL;
1254 goto out_free_dentry;
1256 reloc_func_desc = interp_load_addr;
1258 allow_write_access(interpreter);
1261 kfree(interp_elf_ex);
1262 kfree(interp_elf_phdata);
1264 elf_entry = e_entry;
1265 if (BAD_ADDR(elf_entry)) {
1267 goto out_free_dentry;
1273 set_binfmt(&elf_format);
1275 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
1276 retval = ARCH_SETUP_ADDITIONAL_PAGES(bprm, elf_ex, !!interpreter);
1279 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1281 retval = create_elf_tables(bprm, elf_ex,
1282 load_addr, interp_load_addr, e_entry);
1287 mm->end_code = end_code;
1288 mm->start_code = start_code;
1289 mm->start_data = start_data;
1290 mm->end_data = end_data;
1291 mm->start_stack = bprm->p;
1293 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
1295 * For architectures with ELF randomization, when executing
1296 * a loader directly (i.e. no interpreter listed in ELF
1297 * headers), move the brk area out of the mmap region
1298 * (since it grows up, and may collide early with the stack
1299 * growing down), and into the unused ELF_ET_DYN_BASE region.
1301 if (IS_ENABLED(CONFIG_ARCH_HAS_ELF_RANDOMIZE) &&
1302 elf_ex->e_type == ET_DYN && !interpreter) {
1303 mm->brk = mm->start_brk = ELF_ET_DYN_BASE;
1306 mm->brk = mm->start_brk = arch_randomize_brk(mm);
1307 #ifdef compat_brk_randomized
1308 current->brk_randomized = 1;
1312 if (current->personality & MMAP_PAGE_ZERO) {
1313 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1314 and some applications "depend" upon this behavior.
1315 Since we do not have the power to recompile these, we
1316 emulate the SVr4 behavior. Sigh. */
1317 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1318 MAP_FIXED | MAP_PRIVATE, 0);
1321 regs = current_pt_regs();
1322 #ifdef ELF_PLAT_INIT
1324 * The ABI may specify that certain registers be set up in special
1325 * ways (on i386 %edx is the address of a DT_FINI function, for
1326 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1327 * that the e_entry field is the address of the function descriptor
1328 * for the startup routine, rather than the address of the startup
1329 * routine itself. This macro performs whatever initialization to
1330 * the regs structure is required as well as any relocations to the
1331 * function descriptor entries when executing dynamically links apps.
1333 ELF_PLAT_INIT(regs, reloc_func_desc);
1336 finalize_exec(bprm);
1337 START_THREAD(elf_ex, regs, elf_entry, bprm->p);
1344 kfree(interp_elf_ex);
1345 kfree(interp_elf_phdata);
1346 allow_write_access(interpreter);
1354 #ifdef CONFIG_USELIB
1355 /* This is really simpleminded and specialized - we are loading an
1356 a.out library that is given an ELF header. */
1357 static int load_elf_library(struct file *file)
1359 struct elf_phdr *elf_phdata;
1360 struct elf_phdr *eppnt;
1361 unsigned long elf_bss, bss, len;
1362 int retval, error, i, j;
1363 struct elfhdr elf_ex;
1366 retval = elf_read(file, &elf_ex, sizeof(elf_ex), 0);
1370 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1373 /* First of all, some simple consistency checks */
1374 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1375 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1377 if (elf_check_fdpic(&elf_ex))
1380 /* Now read in all of the header information */
1382 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1383 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1386 elf_phdata = kmalloc(j, GFP_KERNEL);
1392 retval = elf_read(file, eppnt, j, elf_ex.e_phoff);
1396 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1397 if ((eppnt + i)->p_type == PT_LOAD)
1402 while (eppnt->p_type != PT_LOAD)
1405 /* Now use mmap to map the library into memory. */
1406 error = vm_mmap(file,
1407 ELF_PAGESTART(eppnt->p_vaddr),
1409 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1410 PROT_READ | PROT_WRITE | PROT_EXEC,
1411 MAP_FIXED_NOREPLACE | MAP_PRIVATE,
1413 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1414 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1417 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1418 if (padzero(elf_bss)) {
1423 len = ELF_PAGEALIGN(eppnt->p_filesz + eppnt->p_vaddr);
1424 bss = ELF_PAGEALIGN(eppnt->p_memsz + eppnt->p_vaddr);
1426 error = vm_brk(len, bss - len);
1437 #endif /* #ifdef CONFIG_USELIB */
1439 #ifdef CONFIG_ELF_CORE
1443 * Modelled on fs/exec.c:aout_core_dump()
1444 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1447 /* An ELF note in memory */
1452 unsigned int datasz;
1456 static int notesize(struct memelfnote *en)
1460 sz = sizeof(struct elf_note);
1461 sz += roundup(strlen(en->name) + 1, 4);
1462 sz += roundup(en->datasz, 4);
1467 static int writenote(struct memelfnote *men, struct coredump_params *cprm)
1470 en.n_namesz = strlen(men->name) + 1;
1471 en.n_descsz = men->datasz;
1472 en.n_type = men->type;
1474 return dump_emit(cprm, &en, sizeof(en)) &&
1475 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1476 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1479 static void fill_elf_header(struct elfhdr *elf, int segs,
1480 u16 machine, u32 flags)
1482 memset(elf, 0, sizeof(*elf));
1484 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1485 elf->e_ident[EI_CLASS] = ELF_CLASS;
1486 elf->e_ident[EI_DATA] = ELF_DATA;
1487 elf->e_ident[EI_VERSION] = EV_CURRENT;
1488 elf->e_ident[EI_OSABI] = ELF_OSABI;
1490 elf->e_type = ET_CORE;
1491 elf->e_machine = machine;
1492 elf->e_version = EV_CURRENT;
1493 elf->e_phoff = sizeof(struct elfhdr);
1494 elf->e_flags = flags;
1495 elf->e_ehsize = sizeof(struct elfhdr);
1496 elf->e_phentsize = sizeof(struct elf_phdr);
1497 elf->e_phnum = segs;
1500 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1502 phdr->p_type = PT_NOTE;
1503 phdr->p_offset = offset;
1506 phdr->p_filesz = sz;
1512 static void fill_note(struct memelfnote *note, const char *name, int type,
1513 unsigned int sz, void *data)
1522 * fill up all the fields in prstatus from the given task struct, except
1523 * registers which need to be filled up separately.
1525 static void fill_prstatus(struct elf_prstatus_common *prstatus,
1526 struct task_struct *p, long signr)
1528 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1529 prstatus->pr_sigpend = p->pending.signal.sig[0];
1530 prstatus->pr_sighold = p->blocked.sig[0];
1532 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1534 prstatus->pr_pid = task_pid_vnr(p);
1535 prstatus->pr_pgrp = task_pgrp_vnr(p);
1536 prstatus->pr_sid = task_session_vnr(p);
1537 if (thread_group_leader(p)) {
1538 struct task_cputime cputime;
1541 * This is the record for the group leader. It shows the
1542 * group-wide total, not its individual thread total.
1544 thread_group_cputime(p, &cputime);
1545 prstatus->pr_utime = ns_to_kernel_old_timeval(cputime.utime);
1546 prstatus->pr_stime = ns_to_kernel_old_timeval(cputime.stime);
1550 task_cputime(p, &utime, &stime);
1551 prstatus->pr_utime = ns_to_kernel_old_timeval(utime);
1552 prstatus->pr_stime = ns_to_kernel_old_timeval(stime);
1555 prstatus->pr_cutime = ns_to_kernel_old_timeval(p->signal->cutime);
1556 prstatus->pr_cstime = ns_to_kernel_old_timeval(p->signal->cstime);
1559 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1560 struct mm_struct *mm)
1562 const struct cred *cred;
1563 unsigned int i, len;
1566 /* first copy the parameters from user space */
1567 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1569 len = mm->arg_end - mm->arg_start;
1570 if (len >= ELF_PRARGSZ)
1571 len = ELF_PRARGSZ-1;
1572 if (copy_from_user(&psinfo->pr_psargs,
1573 (const char __user *)mm->arg_start, len))
1575 for(i = 0; i < len; i++)
1576 if (psinfo->pr_psargs[i] == 0)
1577 psinfo->pr_psargs[i] = ' ';
1578 psinfo->pr_psargs[len] = 0;
1581 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1583 psinfo->pr_pid = task_pid_vnr(p);
1584 psinfo->pr_pgrp = task_pgrp_vnr(p);
1585 psinfo->pr_sid = task_session_vnr(p);
1587 state = READ_ONCE(p->__state);
1588 i = state ? ffz(~state) + 1 : 0;
1589 psinfo->pr_state = i;
1590 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1591 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1592 psinfo->pr_nice = task_nice(p);
1593 psinfo->pr_flag = p->flags;
1595 cred = __task_cred(p);
1596 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1597 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1599 get_task_comm(psinfo->pr_fname, p);
1604 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1606 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1610 while (auxv[i - 2] != AT_NULL);
1611 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1614 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1615 const kernel_siginfo_t *siginfo)
1617 copy_siginfo_to_external(csigdata, siginfo);
1618 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1621 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1623 * Format of NT_FILE note:
1625 * long count -- how many files are mapped
1626 * long page_size -- units for file_ofs
1627 * array of [COUNT] elements of
1631 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1633 static int fill_files_note(struct memelfnote *note)
1635 struct mm_struct *mm = current->mm;
1636 struct vm_area_struct *vma;
1637 unsigned count, size, names_ofs, remaining, n;
1639 user_long_t *start_end_ofs;
1640 char *name_base, *name_curpos;
1642 /* *Estimated* file count and total data size needed */
1643 count = mm->map_count;
1644 if (count > UINT_MAX / 64)
1648 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1650 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1652 size = round_up(size, PAGE_SIZE);
1654 * "size" can be 0 here legitimately.
1655 * Let it ENOMEM and omit NT_FILE section which will be empty anyway.
1657 data = kvmalloc(size, GFP_KERNEL);
1658 if (ZERO_OR_NULL_PTR(data))
1661 start_end_ofs = data + 2;
1662 name_base = name_curpos = ((char *)data) + names_ofs;
1663 remaining = size - names_ofs;
1665 for (vma = mm->mmap; vma != NULL; vma = vma->vm_next) {
1667 const char *filename;
1669 file = vma->vm_file;
1672 filename = file_path(file, name_curpos, remaining);
1673 if (IS_ERR(filename)) {
1674 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1676 size = size * 5 / 4;
1682 /* file_path() fills at the end, move name down */
1683 /* n = strlen(filename) + 1: */
1684 n = (name_curpos + remaining) - filename;
1685 remaining = filename - name_curpos;
1686 memmove(name_curpos, filename, n);
1689 *start_end_ofs++ = vma->vm_start;
1690 *start_end_ofs++ = vma->vm_end;
1691 *start_end_ofs++ = vma->vm_pgoff;
1695 /* Now we know exact count of files, can store it */
1697 data[1] = PAGE_SIZE;
1699 * Count usually is less than mm->map_count,
1700 * we need to move filenames down.
1702 n = mm->map_count - count;
1704 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1705 memmove(name_base - shift_bytes, name_base,
1706 name_curpos - name_base);
1707 name_curpos -= shift_bytes;
1710 size = name_curpos - (char *)data;
1711 fill_note(note, "CORE", NT_FILE, size, data);
1715 #ifdef CORE_DUMP_USE_REGSET
1716 #include <linux/regset.h>
1718 struct elf_thread_core_info {
1719 struct elf_thread_core_info *next;
1720 struct task_struct *task;
1721 struct elf_prstatus prstatus;
1722 struct memelfnote notes[];
1725 struct elf_note_info {
1726 struct elf_thread_core_info *thread;
1727 struct memelfnote psinfo;
1728 struct memelfnote signote;
1729 struct memelfnote auxv;
1730 struct memelfnote files;
1731 user_siginfo_t csigdata;
1737 * When a regset has a writeback hook, we call it on each thread before
1738 * dumping user memory. On register window machines, this makes sure the
1739 * user memory backing the register data is up to date before we read it.
1741 static void do_thread_regset_writeback(struct task_struct *task,
1742 const struct user_regset *regset)
1744 if (regset->writeback)
1745 regset->writeback(task, regset, 1);
1748 #ifndef PRSTATUS_SIZE
1749 #define PRSTATUS_SIZE sizeof(struct elf_prstatus)
1752 #ifndef SET_PR_FPVALID
1753 #define SET_PR_FPVALID(S) ((S)->pr_fpvalid = 1)
1756 static int fill_thread_core_info(struct elf_thread_core_info *t,
1757 const struct user_regset_view *view,
1758 long signr, size_t *total)
1763 * NT_PRSTATUS is the one special case, because the regset data
1764 * goes into the pr_reg field inside the note contents, rather
1765 * than being the whole note contents. We fill the reset in here.
1766 * We assume that regset 0 is NT_PRSTATUS.
1768 fill_prstatus(&t->prstatus.common, t->task, signr);
1769 regset_get(t->task, &view->regsets[0],
1770 sizeof(t->prstatus.pr_reg), &t->prstatus.pr_reg);
1772 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1773 PRSTATUS_SIZE, &t->prstatus);
1774 *total += notesize(&t->notes[0]);
1776 do_thread_regset_writeback(t->task, &view->regsets[0]);
1779 * Each other regset might generate a note too. For each regset
1780 * that has no core_note_type or is inactive, we leave t->notes[i]
1781 * all zero and we'll know to skip writing it later.
1783 for (i = 1; i < view->n; ++i) {
1784 const struct user_regset *regset = &view->regsets[i];
1785 int note_type = regset->core_note_type;
1786 bool is_fpreg = note_type == NT_PRFPREG;
1790 do_thread_regset_writeback(t->task, regset);
1791 if (!note_type) // not for coredumps
1793 if (regset->active && regset->active(t->task, regset) <= 0)
1796 ret = regset_get_alloc(t->task, regset, ~0U, &data);
1801 SET_PR_FPVALID(&t->prstatus);
1803 fill_note(&t->notes[i], is_fpreg ? "CORE" : "LINUX",
1804 note_type, ret, data);
1806 *total += notesize(&t->notes[i]);
1812 static int fill_note_info(struct elfhdr *elf, int phdrs,
1813 struct elf_note_info *info,
1814 const kernel_siginfo_t *siginfo, struct pt_regs *regs)
1816 struct task_struct *dump_task = current;
1817 const struct user_regset_view *view = task_user_regset_view(dump_task);
1818 struct elf_thread_core_info *t;
1819 struct elf_prpsinfo *psinfo;
1820 struct core_thread *ct;
1824 info->thread = NULL;
1826 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1827 if (psinfo == NULL) {
1828 info->psinfo.data = NULL; /* So we don't free this wrongly */
1832 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1835 * Figure out how many notes we're going to need for each thread.
1837 info->thread_notes = 0;
1838 for (i = 0; i < view->n; ++i)
1839 if (view->regsets[i].core_note_type != 0)
1840 ++info->thread_notes;
1843 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1844 * since it is our one special case.
1846 if (unlikely(info->thread_notes == 0) ||
1847 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1853 * Initialize the ELF file header.
1855 fill_elf_header(elf, phdrs,
1856 view->e_machine, view->e_flags);
1859 * Allocate a structure for each thread.
1861 for (ct = &dump_task->signal->core_state->dumper; ct; ct = ct->next) {
1862 t = kzalloc(offsetof(struct elf_thread_core_info,
1863 notes[info->thread_notes]),
1869 if (ct->task == dump_task || !info->thread) {
1870 t->next = info->thread;
1874 * Make sure to keep the original task at
1875 * the head of the list.
1877 t->next = info->thread->next;
1878 info->thread->next = t;
1883 * Now fill in each thread's information.
1885 for (t = info->thread; t != NULL; t = t->next)
1886 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
1890 * Fill in the two process-wide notes.
1892 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1893 info->size += notesize(&info->psinfo);
1895 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1896 info->size += notesize(&info->signote);
1898 fill_auxv_note(&info->auxv, current->mm);
1899 info->size += notesize(&info->auxv);
1901 if (fill_files_note(&info->files) == 0)
1902 info->size += notesize(&info->files);
1907 static size_t get_note_info_size(struct elf_note_info *info)
1913 * Write all the notes for each thread. When writing the first thread, the
1914 * process-wide notes are interleaved after the first thread-specific note.
1916 static int write_note_info(struct elf_note_info *info,
1917 struct coredump_params *cprm)
1920 struct elf_thread_core_info *t = info->thread;
1925 if (!writenote(&t->notes[0], cprm))
1928 if (first && !writenote(&info->psinfo, cprm))
1930 if (first && !writenote(&info->signote, cprm))
1932 if (first && !writenote(&info->auxv, cprm))
1934 if (first && info->files.data &&
1935 !writenote(&info->files, cprm))
1938 for (i = 1; i < info->thread_notes; ++i)
1939 if (t->notes[i].data &&
1940 !writenote(&t->notes[i], cprm))
1950 static void free_note_info(struct elf_note_info *info)
1952 struct elf_thread_core_info *threads = info->thread;
1955 struct elf_thread_core_info *t = threads;
1957 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1958 for (i = 1; i < info->thread_notes; ++i)
1959 kfree(t->notes[i].data);
1962 kfree(info->psinfo.data);
1963 kvfree(info->files.data);
1968 /* Here is the structure in which status of each thread is captured. */
1969 struct elf_thread_status
1971 struct list_head list;
1972 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1973 elf_fpregset_t fpu; /* NT_PRFPREG */
1974 struct task_struct *thread;
1975 struct memelfnote notes[3];
1980 * In order to add the specific thread information for the elf file format,
1981 * we need to keep a linked list of every threads pr_status and then create
1982 * a single section for them in the final core file.
1984 static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1987 struct task_struct *p = t->thread;
1990 fill_prstatus(&t->prstatus.common, p, signr);
1991 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1993 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1996 sz += notesize(&t->notes[0]);
1998 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
2000 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
2003 sz += notesize(&t->notes[1]);
2008 struct elf_note_info {
2009 struct memelfnote *notes;
2010 struct memelfnote *notes_files;
2011 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
2012 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
2013 struct list_head thread_list;
2014 elf_fpregset_t *fpu;
2015 user_siginfo_t csigdata;
2016 int thread_status_size;
2020 static int elf_note_info_init(struct elf_note_info *info)
2022 memset(info, 0, sizeof(*info));
2023 INIT_LIST_HEAD(&info->thread_list);
2025 /* Allocate space for ELF notes */
2026 info->notes = kmalloc_array(8, sizeof(struct memelfnote), GFP_KERNEL);
2029 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
2032 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
2033 if (!info->prstatus)
2035 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
2041 static int fill_note_info(struct elfhdr *elf, int phdrs,
2042 struct elf_note_info *info,
2043 const kernel_siginfo_t *siginfo, struct pt_regs *regs)
2045 struct core_thread *ct;
2046 struct elf_thread_status *ets;
2048 if (!elf_note_info_init(info))
2051 for (ct = current->signal->core_state->dumper.next;
2052 ct; ct = ct->next) {
2053 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
2057 ets->thread = ct->task;
2058 list_add(&ets->list, &info->thread_list);
2061 list_for_each_entry(ets, &info->thread_list, list) {
2064 sz = elf_dump_thread_status(siginfo->si_signo, ets);
2065 info->thread_status_size += sz;
2067 /* now collect the dump for the current */
2068 memset(info->prstatus, 0, sizeof(*info->prstatus));
2069 fill_prstatus(&info->prstatus->common, current, siginfo->si_signo);
2070 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
2073 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
2076 * Set up the notes in similar form to SVR4 core dumps made
2077 * with info from their /proc.
2080 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
2081 sizeof(*info->prstatus), info->prstatus);
2082 fill_psinfo(info->psinfo, current->group_leader, current->mm);
2083 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
2084 sizeof(*info->psinfo), info->psinfo);
2086 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
2087 fill_auxv_note(info->notes + 3, current->mm);
2090 if (fill_files_note(info->notes + info->numnote) == 0) {
2091 info->notes_files = info->notes + info->numnote;
2095 /* Try to dump the FPU. */
2096 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
2098 if (info->prstatus->pr_fpvalid)
2099 fill_note(info->notes + info->numnote++,
2100 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
2104 static size_t get_note_info_size(struct elf_note_info *info)
2109 for (i = 0; i < info->numnote; i++)
2110 sz += notesize(info->notes + i);
2112 sz += info->thread_status_size;
2117 static int write_note_info(struct elf_note_info *info,
2118 struct coredump_params *cprm)
2120 struct elf_thread_status *ets;
2123 for (i = 0; i < info->numnote; i++)
2124 if (!writenote(info->notes + i, cprm))
2127 /* write out the thread status notes section */
2128 list_for_each_entry(ets, &info->thread_list, list) {
2129 for (i = 0; i < ets->num_notes; i++)
2130 if (!writenote(&ets->notes[i], cprm))
2137 static void free_note_info(struct elf_note_info *info)
2139 while (!list_empty(&info->thread_list)) {
2140 struct list_head *tmp = info->thread_list.next;
2142 kfree(list_entry(tmp, struct elf_thread_status, list));
2145 /* Free data possibly allocated by fill_files_note(): */
2146 if (info->notes_files)
2147 kvfree(info->notes_files->data);
2149 kfree(info->prstatus);
2150 kfree(info->psinfo);
2157 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2158 elf_addr_t e_shoff, int segs)
2160 elf->e_shoff = e_shoff;
2161 elf->e_shentsize = sizeof(*shdr4extnum);
2163 elf->e_shstrndx = SHN_UNDEF;
2165 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2167 shdr4extnum->sh_type = SHT_NULL;
2168 shdr4extnum->sh_size = elf->e_shnum;
2169 shdr4extnum->sh_link = elf->e_shstrndx;
2170 shdr4extnum->sh_info = segs;
2176 * This is a two-pass process; first we find the offsets of the bits,
2177 * and then they are actually written out. If we run out of core limit
2180 static int elf_core_dump(struct coredump_params *cprm)
2183 int vma_count, segs, i;
2184 size_t vma_data_size;
2186 loff_t offset = 0, dataoff;
2187 struct elf_note_info info = { };
2188 struct elf_phdr *phdr4note = NULL;
2189 struct elf_shdr *shdr4extnum = NULL;
2192 struct core_vma_metadata *vma_meta;
2194 if (dump_vma_snapshot(cprm, &vma_count, &vma_meta, &vma_data_size))
2198 * The number of segs are recored into ELF header as 16bit value.
2199 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2201 segs = vma_count + elf_core_extra_phdrs();
2203 /* for notes section */
2206 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2207 * this, kernel supports extended numbering. Have a look at
2208 * include/linux/elf.h for further information. */
2209 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2212 * Collect all the non-memory information about the process for the
2213 * notes. This also sets up the file header.
2215 if (!fill_note_info(&elf, e_phnum, &info, cprm->siginfo, cprm->regs))
2220 offset += sizeof(elf); /* Elf header */
2221 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2223 /* Write notes phdr entry */
2225 size_t sz = get_note_info_size(&info);
2227 /* For cell spufs */
2228 sz += elf_coredump_extra_notes_size();
2230 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2234 fill_elf_note_phdr(phdr4note, sz, offset);
2238 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2240 offset += vma_data_size;
2241 offset += elf_core_extra_data_size();
2244 if (e_phnum == PN_XNUM) {
2245 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2248 fill_extnum_info(&elf, shdr4extnum, e_shoff, segs);
2253 if (!dump_emit(cprm, &elf, sizeof(elf)))
2256 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
2259 /* Write program headers for segments dump */
2260 for (i = 0; i < vma_count; i++) {
2261 struct core_vma_metadata *meta = vma_meta + i;
2262 struct elf_phdr phdr;
2264 phdr.p_type = PT_LOAD;
2265 phdr.p_offset = offset;
2266 phdr.p_vaddr = meta->start;
2268 phdr.p_filesz = meta->dump_size;
2269 phdr.p_memsz = meta->end - meta->start;
2270 offset += phdr.p_filesz;
2272 if (meta->flags & VM_READ)
2273 phdr.p_flags |= PF_R;
2274 if (meta->flags & VM_WRITE)
2275 phdr.p_flags |= PF_W;
2276 if (meta->flags & VM_EXEC)
2277 phdr.p_flags |= PF_X;
2278 phdr.p_align = ELF_EXEC_PAGESIZE;
2280 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
2284 if (!elf_core_write_extra_phdrs(cprm, offset))
2287 /* write out the notes section */
2288 if (!write_note_info(&info, cprm))
2291 /* For cell spufs */
2292 if (elf_coredump_extra_notes_write(cprm))
2296 dump_skip_to(cprm, dataoff);
2298 for (i = 0; i < vma_count; i++) {
2299 struct core_vma_metadata *meta = vma_meta + i;
2301 if (!dump_user_range(cprm, meta->start, meta->dump_size))
2305 if (!elf_core_write_extra_data(cprm))
2308 if (e_phnum == PN_XNUM) {
2309 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
2314 free_note_info(&info);
2321 #endif /* CONFIG_ELF_CORE */
2323 static int __init init_elf_binfmt(void)
2325 register_binfmt(&elf_format);
2329 static void __exit exit_elf_binfmt(void)
2331 /* Remove the COFF and ELF loaders. */
2332 unregister_binfmt(&elf_format);
2335 core_initcall(init_elf_binfmt);
2336 module_exit(exit_elf_binfmt);
2337 MODULE_LICENSE("GPL");
projects / platform / kernel / linux-starfive.git / blob