2 * linux/fs/binfmt_elf.c
4 * These are the functions used to load ELF format executables as used
5 * on SVr4 machines. Information on the format may be found in the book
6 * "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
9 * Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
12 #include <linux/module.h>
13 #include <linux/kernel.h>
16 #include <linux/mman.h>
17 #include <linux/errno.h>
18 #include <linux/signal.h>
19 #include <linux/binfmts.h>
20 #include <linux/string.h>
21 #include <linux/file.h>
22 #include <linux/slab.h>
23 #include <linux/personality.h>
24 #include <linux/elfcore.h>
25 #include <linux/init.h>
26 #include <linux/highuid.h>
27 #include <linux/compiler.h>
28 #include <linux/highmem.h>
29 #include <linux/pagemap.h>
30 #include <linux/vmalloc.h>
31 #include <linux/security.h>
32 #include <linux/random.h>
33 #include <linux/elf.h>
34 #include <linux/elf-randomize.h>
35 #include <linux/utsname.h>
36 #include <linux/coredump.h>
37 #include <linux/sched.h>
38 #include <linux/dax.h>
39 #include <asm/uaccess.h>
40 #include <asm/param.h>
44 #define user_long_t long
46 #ifndef user_siginfo_t
47 #define user_siginfo_t siginfo_t
50 static int load_elf_binary(struct linux_binprm *bprm);
51 static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
52 int, int, unsigned long);
55 static int load_elf_library(struct file *);
57 #define load_elf_library NULL
61 * If we don't support core dumping, then supply a NULL so we
64 #ifdef CONFIG_ELF_CORE
65 static int elf_core_dump(struct coredump_params *cprm);
67 #define elf_core_dump NULL
70 #if ELF_EXEC_PAGESIZE > PAGE_SIZE
71 #define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
73 #define ELF_MIN_ALIGN PAGE_SIZE
76 #ifndef ELF_CORE_EFLAGS
77 #define ELF_CORE_EFLAGS 0
80 #define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
81 #define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
82 #define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
84 static struct linux_binfmt elf_format = {
85 .module = THIS_MODULE,
86 .load_binary = load_elf_binary,
87 .load_shlib = load_elf_library,
88 .core_dump = elf_core_dump,
89 .min_coredump = ELF_EXEC_PAGESIZE,
92 #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
94 static int set_brk(unsigned long start, unsigned long end)
96 start = ELF_PAGEALIGN(start);
97 end = ELF_PAGEALIGN(end);
100 addr = vm_brk(start, end - start);
104 current->mm->start_brk = current->mm->brk = end;
108 /* We need to explicitly zero any fractional pages
109 after the data section (i.e. bss). This would
110 contain the junk from the file that should not
113 static int padzero(unsigned long elf_bss)
117 nbyte = ELF_PAGEOFFSET(elf_bss);
119 nbyte = ELF_MIN_ALIGN - nbyte;
120 if (clear_user((void __user *) elf_bss, nbyte))
126 /* Let's use some macros to make this stack manipulation a little clearer */
127 #ifdef CONFIG_STACK_GROWSUP
128 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
129 #define STACK_ROUND(sp, items) \
130 ((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
131 #define STACK_ALLOC(sp, len) ({ \
132 elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
135 #define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
136 #define STACK_ROUND(sp, items) \
137 (((unsigned long) (sp - items)) &~ 15UL)
138 #define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
141 #ifndef ELF_BASE_PLATFORM
143 * AT_BASE_PLATFORM indicates the "real" hardware/microarchitecture.
144 * If the arch defines ELF_BASE_PLATFORM (in asm/elf.h), the value
145 * will be copied to the user stack in the same manner as AT_PLATFORM.
147 #define ELF_BASE_PLATFORM NULL
151 create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
152 unsigned long load_addr, unsigned long interp_load_addr)
154 unsigned long p = bprm->p;
155 int argc = bprm->argc;
156 int envc = bprm->envc;
157 elf_addr_t __user *argv;
158 elf_addr_t __user *envp;
159 elf_addr_t __user *sp;
160 elf_addr_t __user *u_platform;
161 elf_addr_t __user *u_base_platform;
162 elf_addr_t __user *u_rand_bytes;
163 const char *k_platform = ELF_PLATFORM;
164 const char *k_base_platform = ELF_BASE_PLATFORM;
165 unsigned char k_rand_bytes[16];
167 elf_addr_t *elf_info;
169 const struct cred *cred = current_cred();
170 struct vm_area_struct *vma;
173 * In some cases (e.g. Hyper-Threading), we want to avoid L1
174 * evictions by the processes running on the same package. One
175 * thing we can do is to shuffle the initial stack for them.
178 p = arch_align_stack(p);
181 * If this architecture has a platform capability string, copy it
182 * to userspace. In some cases (Sparc), this info is impossible
183 * for userspace to get any other way, in others (i386) it is
188 size_t len = strlen(k_platform) + 1;
190 u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
191 if (__copy_to_user(u_platform, k_platform, len))
196 * If this architecture has a "base" platform capability
197 * string, copy it to userspace.
199 u_base_platform = NULL;
200 if (k_base_platform) {
201 size_t len = strlen(k_base_platform) + 1;
203 u_base_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
204 if (__copy_to_user(u_base_platform, k_base_platform, len))
209 * Generate 16 random bytes for userspace PRNG seeding.
211 get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
212 u_rand_bytes = (elf_addr_t __user *)
213 STACK_ALLOC(p, sizeof(k_rand_bytes));
214 if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
217 /* Create the ELF interpreter info */
218 elf_info = (elf_addr_t *)current->mm->saved_auxv;
219 /* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
220 #define NEW_AUX_ENT(id, val) \
222 elf_info[ei_index++] = id; \
223 elf_info[ei_index++] = val; \
228 * ARCH_DLINFO must come first so PPC can do its special alignment of
230 * update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
231 * ARCH_DLINFO changes
235 NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
236 NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
237 NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
238 NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
239 NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
240 NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
241 NEW_AUX_ENT(AT_BASE, interp_load_addr);
242 NEW_AUX_ENT(AT_FLAGS, 0);
243 NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
244 NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid));
245 NEW_AUX_ENT(AT_EUID, from_kuid_munged(cred->user_ns, cred->euid));
246 NEW_AUX_ENT(AT_GID, from_kgid_munged(cred->user_ns, cred->gid));
247 NEW_AUX_ENT(AT_EGID, from_kgid_munged(cred->user_ns, cred->egid));
248 NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
249 NEW_AUX_ENT(AT_RANDOM, (elf_addr_t)(unsigned long)u_rand_bytes);
251 NEW_AUX_ENT(AT_HWCAP2, ELF_HWCAP2);
253 NEW_AUX_ENT(AT_EXECFN, bprm->exec);
255 NEW_AUX_ENT(AT_PLATFORM,
256 (elf_addr_t)(unsigned long)u_platform);
258 if (k_base_platform) {
259 NEW_AUX_ENT(AT_BASE_PLATFORM,
260 (elf_addr_t)(unsigned long)u_base_platform);
262 if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
263 NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
266 /* AT_NULL is zero; clear the rest too */
267 memset(&elf_info[ei_index], 0,
268 sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
270 /* And advance past the AT_NULL entry. */
273 sp = STACK_ADD(p, ei_index);
275 items = (argc + 1) + (envc + 1) + 1;
276 bprm->p = STACK_ROUND(sp, items);
278 /* Point sp at the lowest address on the stack */
279 #ifdef CONFIG_STACK_GROWSUP
280 sp = (elf_addr_t __user *)bprm->p - items - ei_index;
281 bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
283 sp = (elf_addr_t __user *)bprm->p;
288 * Grow the stack manually; some architectures have a limit on how
289 * far ahead a user-space access may be in order to grow the stack.
291 vma = find_extend_vma(current->mm, bprm->p);
295 /* Now, let's put argc (and argv, envp if appropriate) on the stack */
296 if (__put_user(argc, sp++))
299 envp = argv + argc + 1;
301 /* Populate argv and envp */
302 p = current->mm->arg_end = current->mm->arg_start;
305 if (__put_user((elf_addr_t)p, argv++))
307 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
308 if (!len || len > MAX_ARG_STRLEN)
312 if (__put_user(0, argv))
314 current->mm->arg_end = current->mm->env_start = p;
317 if (__put_user((elf_addr_t)p, envp++))
319 len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
320 if (!len || len > MAX_ARG_STRLEN)
324 if (__put_user(0, envp))
326 current->mm->env_end = p;
328 /* Put the elf_info on the stack in the right place. */
329 sp = (elf_addr_t __user *)envp + 1;
330 if (copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t)))
337 static unsigned long elf_map(struct file *filep, unsigned long addr,
338 struct elf_phdr *eppnt, int prot, int type,
339 unsigned long total_size)
341 unsigned long map_addr;
342 unsigned long size = eppnt->p_filesz + ELF_PAGEOFFSET(eppnt->p_vaddr);
343 unsigned long off = eppnt->p_offset - ELF_PAGEOFFSET(eppnt->p_vaddr);
344 addr = ELF_PAGESTART(addr);
345 size = ELF_PAGEALIGN(size);
347 /* mmap() will return -EINVAL if given a zero size, but a
348 * segment with zero filesize is perfectly valid */
353 * total_size is the size of the ELF (interpreter) image.
354 * The _first_ mmap needs to know the full size, otherwise
355 * randomization might put this image into an overlapping
356 * position with the ELF binary image. (since size < total_size)
357 * So we first map the 'big' image - and unmap the remainder at
358 * the end. (which unmap is needed for ELF images with holes.)
361 total_size = ELF_PAGEALIGN(total_size);
362 map_addr = vm_mmap(filep, addr, total_size, prot, type, off);
363 if (!BAD_ADDR(map_addr))
364 vm_munmap(map_addr+size, total_size-size);
366 map_addr = vm_mmap(filep, addr, size, prot, type, off);
371 #endif /* !elf_map */
373 static unsigned long total_mapping_size(struct elf_phdr *cmds, int nr)
375 int i, first_idx = -1, last_idx = -1;
377 for (i = 0; i < nr; i++) {
378 if (cmds[i].p_type == PT_LOAD) {
387 return cmds[last_idx].p_vaddr + cmds[last_idx].p_memsz -
388 ELF_PAGESTART(cmds[first_idx].p_vaddr);
392 * load_elf_phdrs() - load ELF program headers
393 * @elf_ex: ELF header of the binary whose program headers should be loaded
394 * @elf_file: the opened ELF binary file
396 * Loads ELF program headers from the binary file elf_file, which has the ELF
397 * header pointed to by elf_ex, into a newly allocated array. The caller is
398 * responsible for freeing the allocated data. Returns an ERR_PTR upon failure.
400 static struct elf_phdr *load_elf_phdrs(struct elfhdr *elf_ex,
401 struct file *elf_file)
403 struct elf_phdr *elf_phdata = NULL;
404 int retval, size, err = -1;
407 * If the size of this structure has changed, then punt, since
408 * we will be doing the wrong thing.
410 if (elf_ex->e_phentsize != sizeof(struct elf_phdr))
413 /* Sanity check the number of program headers... */
414 if (elf_ex->e_phnum < 1 ||
415 elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
418 /* ...and their total size. */
419 size = sizeof(struct elf_phdr) * elf_ex->e_phnum;
420 if (size > ELF_MIN_ALIGN)
423 elf_phdata = kmalloc(size, GFP_KERNEL);
427 /* Read in the program headers */
428 retval = kernel_read(elf_file, elf_ex->e_phoff,
429 (char *)elf_phdata, size);
430 if (retval != size) {
431 err = (retval < 0) ? retval : -EIO;
445 #ifndef CONFIG_ARCH_BINFMT_ELF_STATE
448 * struct arch_elf_state - arch-specific ELF loading state
450 * This structure is used to preserve architecture specific data during
451 * the loading of an ELF file, throughout the checking of architecture
452 * specific ELF headers & through to the point where the ELF load is
453 * known to be proceeding (ie. SET_PERSONALITY).
455 * This implementation is a dummy for architectures which require no
458 struct arch_elf_state {
461 #define INIT_ARCH_ELF_STATE {}
464 * arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
465 * @ehdr: The main ELF header
466 * @phdr: The program header to check
467 * @elf: The open ELF file
468 * @is_interp: True if the phdr is from the interpreter of the ELF being
469 * loaded, else false.
470 * @state: Architecture-specific state preserved throughout the process
471 * of loading the ELF.
473 * Inspects the program header phdr to validate its correctness and/or
474 * suitability for the system. Called once per ELF program header in the
475 * range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
478 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
479 * with that return code.
481 static inline int arch_elf_pt_proc(struct elfhdr *ehdr,
482 struct elf_phdr *phdr,
483 struct file *elf, bool is_interp,
484 struct arch_elf_state *state)
486 /* Dummy implementation, always proceed */
491 * arch_check_elf() - check an ELF executable
492 * @ehdr: The main ELF header
493 * @has_interp: True if the ELF has an interpreter, else false.
494 * @interp_ehdr: The interpreter's ELF header
495 * @state: Architecture-specific state preserved throughout the process
496 * of loading the ELF.
498 * Provides a final opportunity for architecture code to reject the loading
499 * of the ELF & cause an exec syscall to return an error. This is called after
500 * all program headers to be checked by arch_elf_pt_proc have been.
502 * Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
503 * with that return code.
505 static inline int arch_check_elf(struct elfhdr *ehdr, bool has_interp,
506 struct elfhdr *interp_ehdr,
507 struct arch_elf_state *state)
509 /* Dummy implementation, always proceed */
513 #endif /* !CONFIG_ARCH_BINFMT_ELF_STATE */
515 /* This is much more generalized than the library routine read function,
516 so we keep this separate. Technically the library read function
517 is only provided so that we can read a.out libraries that have
520 static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
521 struct file *interpreter, unsigned long *interp_map_addr,
522 unsigned long no_base, struct elf_phdr *interp_elf_phdata)
524 struct elf_phdr *eppnt;
525 unsigned long load_addr = 0;
526 int load_addr_set = 0;
527 unsigned long last_bss = 0, elf_bss = 0;
528 unsigned long error = ~0UL;
529 unsigned long total_size;
532 /* First of all, some simple consistency checks */
533 if (interp_elf_ex->e_type != ET_EXEC &&
534 interp_elf_ex->e_type != ET_DYN)
536 if (!elf_check_arch(interp_elf_ex))
538 if (!interpreter->f_op->mmap)
541 total_size = total_mapping_size(interp_elf_phdata,
542 interp_elf_ex->e_phnum);
548 eppnt = interp_elf_phdata;
549 for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
550 if (eppnt->p_type == PT_LOAD) {
551 int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
553 unsigned long vaddr = 0;
554 unsigned long k, map_addr;
556 if (eppnt->p_flags & PF_R)
557 elf_prot = PROT_READ;
558 if (eppnt->p_flags & PF_W)
559 elf_prot |= PROT_WRITE;
560 if (eppnt->p_flags & PF_X)
561 elf_prot |= PROT_EXEC;
562 vaddr = eppnt->p_vaddr;
563 if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
564 elf_type |= MAP_FIXED;
565 else if (no_base && interp_elf_ex->e_type == ET_DYN)
568 map_addr = elf_map(interpreter, load_addr + vaddr,
569 eppnt, elf_prot, elf_type, total_size);
571 if (!*interp_map_addr)
572 *interp_map_addr = map_addr;
574 if (BAD_ADDR(map_addr))
577 if (!load_addr_set &&
578 interp_elf_ex->e_type == ET_DYN) {
579 load_addr = map_addr - ELF_PAGESTART(vaddr);
584 * Check to see if the section's size will overflow the
585 * allowed task size. Note that p_filesz must always be
586 * <= p_memsize so it's only necessary to check p_memsz.
588 k = load_addr + eppnt->p_vaddr;
590 eppnt->p_filesz > eppnt->p_memsz ||
591 eppnt->p_memsz > TASK_SIZE ||
592 TASK_SIZE - eppnt->p_memsz < k) {
598 * Find the end of the file mapping for this phdr, and
599 * keep track of the largest address we see for this.
601 k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
606 * Do the same thing for the memory mapping - between
607 * elf_bss and last_bss is the bss section.
609 k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
615 if (last_bss > elf_bss) {
617 * Now fill out the bss section. First pad the last page up
618 * to the page boundary, and then perform a mmap to make sure
619 * that there are zero-mapped pages up to and including the
622 if (padzero(elf_bss)) {
627 /* What we have mapped so far */
628 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1);
630 /* Map the last of the bss segment */
631 error = vm_brk(elf_bss, last_bss - elf_bss);
642 * These are the functions used to load ELF style executables and shared
643 * libraries. There is no binary dependent code anywhere else.
646 #ifndef STACK_RND_MASK
647 #define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
650 static unsigned long randomize_stack_top(unsigned long stack_top)
652 unsigned long random_variable = 0;
654 if ((current->flags & PF_RANDOMIZE) &&
655 !(current->personality & ADDR_NO_RANDOMIZE)) {
656 random_variable = get_random_long();
657 random_variable &= STACK_RND_MASK;
658 random_variable <<= PAGE_SHIFT;
660 #ifdef CONFIG_STACK_GROWSUP
661 return PAGE_ALIGN(stack_top) + random_variable;
663 return PAGE_ALIGN(stack_top) - random_variable;
667 static int load_elf_binary(struct linux_binprm *bprm)
669 struct file *interpreter = NULL; /* to shut gcc up */
670 unsigned long load_addr = 0, load_bias = 0;
671 int load_addr_set = 0;
672 char * elf_interpreter = NULL;
674 struct elf_phdr *elf_ppnt, *elf_phdata, *interp_elf_phdata = NULL;
675 unsigned long elf_bss, elf_brk;
677 unsigned long elf_entry;
678 unsigned long interp_load_addr = 0;
679 unsigned long start_code, end_code, start_data, end_data;
680 unsigned long reloc_func_desc __maybe_unused = 0;
681 int executable_stack = EXSTACK_DEFAULT;
682 struct pt_regs *regs = current_pt_regs();
684 struct elfhdr elf_ex;
685 struct elfhdr interp_elf_ex;
687 struct arch_elf_state arch_state = INIT_ARCH_ELF_STATE;
689 loc = kmalloc(sizeof(*loc), GFP_KERNEL);
695 /* Get the exec-header */
696 loc->elf_ex = *((struct elfhdr *)bprm->buf);
699 /* First of all, some simple consistency checks */
700 if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
703 if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
705 if (!elf_check_arch(&loc->elf_ex))
707 if (!bprm->file->f_op->mmap)
710 elf_phdata = load_elf_phdrs(&loc->elf_ex, bprm->file);
714 elf_ppnt = elf_phdata;
723 for (i = 0; i < loc->elf_ex.e_phnum; i++) {
724 if (elf_ppnt->p_type == PT_INTERP) {
725 /* This is the program interpreter used for
726 * shared libraries - for now assume that this
727 * is an a.out format binary
730 if (elf_ppnt->p_filesz > PATH_MAX ||
731 elf_ppnt->p_filesz < 2)
735 elf_interpreter = kmalloc(elf_ppnt->p_filesz,
737 if (!elf_interpreter)
740 retval = kernel_read(bprm->file, elf_ppnt->p_offset,
743 if (retval != elf_ppnt->p_filesz) {
746 goto out_free_interp;
748 /* make sure path is NULL terminated */
750 if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
751 goto out_free_interp;
753 interpreter = open_exec(elf_interpreter);
754 retval = PTR_ERR(interpreter);
755 if (IS_ERR(interpreter))
756 goto out_free_interp;
759 * If the binary is not readable then enforce
760 * mm->dumpable = 0 regardless of the interpreter's
763 would_dump(bprm, interpreter);
765 /* Get the exec headers */
766 retval = kernel_read(interpreter, 0,
767 (void *)&loc->interp_elf_ex,
768 sizeof(loc->interp_elf_ex));
769 if (retval != sizeof(loc->interp_elf_ex)) {
772 goto out_free_dentry;
780 elf_ppnt = elf_phdata;
781 for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
782 switch (elf_ppnt->p_type) {
784 if (elf_ppnt->p_flags & PF_X)
785 executable_stack = EXSTACK_ENABLE_X;
787 executable_stack = EXSTACK_DISABLE_X;
790 case PT_LOPROC ... PT_HIPROC:
791 retval = arch_elf_pt_proc(&loc->elf_ex, elf_ppnt,
795 goto out_free_dentry;
799 /* Some simple consistency checks for the interpreter */
800 if (elf_interpreter) {
802 /* Not an ELF interpreter */
803 if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
804 goto out_free_dentry;
805 /* Verify the interpreter has a valid arch */
806 if (!elf_check_arch(&loc->interp_elf_ex))
807 goto out_free_dentry;
809 /* Load the interpreter program headers */
810 interp_elf_phdata = load_elf_phdrs(&loc->interp_elf_ex,
812 if (!interp_elf_phdata)
813 goto out_free_dentry;
815 /* Pass PT_LOPROC..PT_HIPROC headers to arch code */
816 elf_ppnt = interp_elf_phdata;
817 for (i = 0; i < loc->interp_elf_ex.e_phnum; i++, elf_ppnt++)
818 switch (elf_ppnt->p_type) {
819 case PT_LOPROC ... PT_HIPROC:
820 retval = arch_elf_pt_proc(&loc->interp_elf_ex,
821 elf_ppnt, interpreter,
824 goto out_free_dentry;
830 * Allow arch code to reject the ELF at this point, whilst it's
831 * still possible to return an error to the code that invoked
834 retval = arch_check_elf(&loc->elf_ex,
835 !!interpreter, &loc->interp_elf_ex,
838 goto out_free_dentry;
840 /* Flush all traces of the currently running executable */
841 retval = flush_old_exec(bprm);
843 goto out_free_dentry;
845 /* Do this immediately, since STACK_TOP as used in setup_arg_pages
846 may depend on the personality. */
847 SET_PERSONALITY2(loc->elf_ex, &arch_state);
848 if (elf_read_implies_exec(loc->elf_ex, executable_stack))
849 current->personality |= READ_IMPLIES_EXEC;
851 if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
852 current->flags |= PF_RANDOMIZE;
854 setup_new_exec(bprm);
856 /* Do this so that we can load the interpreter, if need be. We will
857 change some of these later */
858 retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
861 goto out_free_dentry;
863 current->mm->start_stack = bprm->p;
865 /* Now we do a little grungy work by mmapping the ELF image into
866 the correct location in memory. */
867 for(i = 0, elf_ppnt = elf_phdata;
868 i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
869 int elf_prot = 0, elf_flags;
870 unsigned long k, vaddr;
871 unsigned long total_size = 0;
873 if (elf_ppnt->p_type != PT_LOAD)
876 if (unlikely (elf_brk > elf_bss)) {
879 /* There was a PT_LOAD segment with p_memsz > p_filesz
880 before this one. Map anonymous pages, if needed,
881 and clear the area. */
882 retval = set_brk(elf_bss + load_bias,
883 elf_brk + load_bias);
885 goto out_free_dentry;
886 nbyte = ELF_PAGEOFFSET(elf_bss);
888 nbyte = ELF_MIN_ALIGN - nbyte;
889 if (nbyte > elf_brk - elf_bss)
890 nbyte = elf_brk - elf_bss;
891 if (clear_user((void __user *)elf_bss +
894 * This bss-zeroing can fail if the ELF
895 * file specifies odd protections. So
896 * we don't check the return value
902 if (elf_ppnt->p_flags & PF_R)
903 elf_prot |= PROT_READ;
904 if (elf_ppnt->p_flags & PF_W)
905 elf_prot |= PROT_WRITE;
906 if (elf_ppnt->p_flags & PF_X)
907 elf_prot |= PROT_EXEC;
909 elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
911 vaddr = elf_ppnt->p_vaddr;
912 if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
913 elf_flags |= MAP_FIXED;
914 } else if (loc->elf_ex.e_type == ET_DYN) {
915 /* Try and get dynamic programs out of the way of the
916 * default mmap base, as well as whatever program they
917 * might try to exec. This is because the brk will
918 * follow the loader, and is not movable. */
919 load_bias = ELF_ET_DYN_BASE - vaddr;
920 if (current->flags & PF_RANDOMIZE)
921 load_bias += arch_mmap_rnd();
922 load_bias = ELF_PAGESTART(load_bias);
923 total_size = total_mapping_size(elf_phdata,
924 loc->elf_ex.e_phnum);
927 goto out_free_dentry;
931 error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
932 elf_prot, elf_flags, total_size);
933 if (BAD_ADDR(error)) {
934 retval = IS_ERR((void *)error) ?
935 PTR_ERR((void*)error) : -EINVAL;
936 goto out_free_dentry;
939 if (!load_addr_set) {
941 load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
942 if (loc->elf_ex.e_type == ET_DYN) {
944 ELF_PAGESTART(load_bias + vaddr);
945 load_addr += load_bias;
946 reloc_func_desc = load_bias;
949 k = elf_ppnt->p_vaddr;
956 * Check to see if the section's size will overflow the
957 * allowed task size. Note that p_filesz must always be
958 * <= p_memsz so it is only necessary to check p_memsz.
960 if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
961 elf_ppnt->p_memsz > TASK_SIZE ||
962 TASK_SIZE - elf_ppnt->p_memsz < k) {
963 /* set_brk can never work. Avoid overflows. */
965 goto out_free_dentry;
968 k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
972 if ((elf_ppnt->p_flags & PF_X) && end_code < k)
976 k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
981 loc->elf_ex.e_entry += load_bias;
982 elf_bss += load_bias;
983 elf_brk += load_bias;
984 start_code += load_bias;
985 end_code += load_bias;
986 start_data += load_bias;
987 end_data += load_bias;
989 /* Calling set_brk effectively mmaps the pages that we need
990 * for the bss and break sections. We must do this before
991 * mapping in the interpreter, to make sure it doesn't wind
992 * up getting placed where the bss needs to go.
994 retval = set_brk(elf_bss, elf_brk);
996 goto out_free_dentry;
997 if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
998 retval = -EFAULT; /* Nobody gets to see this, but.. */
999 goto out_free_dentry;
1002 if (elf_interpreter) {
1003 unsigned long interp_map_addr = 0;
1005 elf_entry = load_elf_interp(&loc->interp_elf_ex,
1008 load_bias, interp_elf_phdata);
1009 if (!IS_ERR((void *)elf_entry)) {
1011 * load_elf_interp() returns relocation
1014 interp_load_addr = elf_entry;
1015 elf_entry += loc->interp_elf_ex.e_entry;
1017 if (BAD_ADDR(elf_entry)) {
1018 retval = IS_ERR((void *)elf_entry) ?
1019 (int)elf_entry : -EINVAL;
1020 goto out_free_dentry;
1022 reloc_func_desc = interp_load_addr;
1024 allow_write_access(interpreter);
1026 kfree(elf_interpreter);
1028 elf_entry = loc->elf_ex.e_entry;
1029 if (BAD_ADDR(elf_entry)) {
1031 goto out_free_dentry;
1035 kfree(interp_elf_phdata);
1038 set_binfmt(&elf_format);
1040 #ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
1041 retval = arch_setup_additional_pages(bprm, !!elf_interpreter);
1044 #endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
1046 install_exec_creds(bprm);
1047 retval = create_elf_tables(bprm, &loc->elf_ex,
1048 load_addr, interp_load_addr);
1051 /* N.B. passed_fileno might not be initialized? */
1052 current->mm->end_code = end_code;
1053 current->mm->start_code = start_code;
1054 current->mm->start_data = start_data;
1055 current->mm->end_data = end_data;
1056 current->mm->start_stack = bprm->p;
1058 if ((current->flags & PF_RANDOMIZE) && (randomize_va_space > 1)) {
1059 current->mm->brk = current->mm->start_brk =
1060 arch_randomize_brk(current->mm);
1061 #ifdef compat_brk_randomized
1062 current->brk_randomized = 1;
1066 if (current->personality & MMAP_PAGE_ZERO) {
1067 /* Why this, you ask??? Well SVr4 maps page 0 as read-only,
1068 and some applications "depend" upon this behavior.
1069 Since we do not have the power to recompile these, we
1070 emulate the SVr4 behavior. Sigh. */
1071 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
1072 MAP_FIXED | MAP_PRIVATE, 0);
1075 #ifdef ELF_PLAT_INIT
1077 * The ABI may specify that certain registers be set up in special
1078 * ways (on i386 %edx is the address of a DT_FINI function, for
1079 * example. In addition, it may also specify (eg, PowerPC64 ELF)
1080 * that the e_entry field is the address of the function descriptor
1081 * for the startup routine, rather than the address of the startup
1082 * routine itself. This macro performs whatever initialization to
1083 * the regs structure is required as well as any relocations to the
1084 * function descriptor entries when executing dynamically links apps.
1086 ELF_PLAT_INIT(regs, reloc_func_desc);
1089 start_thread(regs, elf_entry, bprm->p);
1098 kfree(interp_elf_phdata);
1099 allow_write_access(interpreter);
1103 kfree(elf_interpreter);
1109 #ifdef CONFIG_USELIB
1110 /* This is really simpleminded and specialized - we are loading an
1111 a.out library that is given an ELF header. */
1112 static int load_elf_library(struct file *file)
1114 struct elf_phdr *elf_phdata;
1115 struct elf_phdr *eppnt;
1116 unsigned long elf_bss, bss, len;
1117 int retval, error, i, j;
1118 struct elfhdr elf_ex;
1121 retval = kernel_read(file, 0, (char *)&elf_ex, sizeof(elf_ex));
1122 if (retval != sizeof(elf_ex))
1125 if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
1128 /* First of all, some simple consistency checks */
1129 if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
1130 !elf_check_arch(&elf_ex) || !file->f_op->mmap)
1133 /* Now read in all of the header information */
1135 j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
1136 /* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
1139 elf_phdata = kmalloc(j, GFP_KERNEL);
1145 retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
1149 for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
1150 if ((eppnt + i)->p_type == PT_LOAD)
1155 while (eppnt->p_type != PT_LOAD)
1158 /* Now use mmap to map the library into memory. */
1159 error = vm_mmap(file,
1160 ELF_PAGESTART(eppnt->p_vaddr),
1162 ELF_PAGEOFFSET(eppnt->p_vaddr)),
1163 PROT_READ | PROT_WRITE | PROT_EXEC,
1164 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
1166 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1167 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1170 elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
1171 if (padzero(elf_bss)) {
1176 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
1178 bss = eppnt->p_memsz + eppnt->p_vaddr;
1180 error = vm_brk(len, bss - len);
1181 if (BAD_ADDR(error))
1191 #endif /* #ifdef CONFIG_USELIB */
1193 #ifdef CONFIG_ELF_CORE
1197 * Modelled on fs/exec.c:aout_core_dump()
1198 * Jeremy Fitzhardinge <jeremy@sw.oz.au>
1202 * The purpose of always_dump_vma() is to make sure that special kernel mappings
1203 * that are useful for post-mortem analysis are included in every core dump.
1204 * In that way we ensure that the core dump is fully interpretable later
1205 * without matching up the same kernel and hardware config to see what PC values
1206 * meant. These special mappings include - vDSO, vsyscall, and other
1207 * architecture specific mappings
1209 static bool always_dump_vma(struct vm_area_struct *vma)
1211 /* Any vsyscall mappings? */
1212 if (vma == get_gate_vma(vma->vm_mm))
1216 * Assume that all vmas with a .name op should always be dumped.
1217 * If this changes, a new vm_ops field can easily be added.
1219 if (vma->vm_ops && vma->vm_ops->name && vma->vm_ops->name(vma))
1223 * arch_vma_name() returns non-NULL for special architecture mappings,
1224 * such as vDSO sections.
1226 if (arch_vma_name(vma))
1233 * Decide what to dump of a segment, part, all or none.
1235 static unsigned long vma_dump_size(struct vm_area_struct *vma,
1236 unsigned long mm_flags)
1238 #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
1240 /* always dump the vdso and vsyscall sections */
1241 if (always_dump_vma(vma))
1244 if (vma->vm_flags & VM_DONTDUMP)
1247 /* support for DAX */
1248 if (vma_is_dax(vma)) {
1249 if ((vma->vm_flags & VM_SHARED) && FILTER(DAX_SHARED))
1251 if (!(vma->vm_flags & VM_SHARED) && FILTER(DAX_PRIVATE))
1256 /* Hugetlb memory check */
1257 if (vma->vm_flags & VM_HUGETLB) {
1258 if ((vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_SHARED))
1260 if (!(vma->vm_flags & VM_SHARED) && FILTER(HUGETLB_PRIVATE))
1265 /* Do not dump I/O mapped devices or special mappings */
1266 if (vma->vm_flags & VM_IO)
1269 /* By default, dump shared memory if mapped from an anonymous file. */
1270 if (vma->vm_flags & VM_SHARED) {
1271 if (file_inode(vma->vm_file)->i_nlink == 0 ?
1272 FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
1277 /* Dump segments that have been written to. */
1278 if (vma->anon_vma && FILTER(ANON_PRIVATE))
1280 if (vma->vm_file == NULL)
1283 if (FILTER(MAPPED_PRIVATE))
1287 * If this looks like the beginning of a DSO or executable mapping,
1288 * check for an ELF header. If we find one, dump the first page to
1289 * aid in determining what was mapped here.
1291 if (FILTER(ELF_HEADERS) &&
1292 vma->vm_pgoff == 0 && (vma->vm_flags & VM_READ)) {
1293 u32 __user *header = (u32 __user *) vma->vm_start;
1295 mm_segment_t fs = get_fs();
1297 * Doing it this way gets the constant folded by GCC.
1301 char elfmag[SELFMAG];
1303 BUILD_BUG_ON(SELFMAG != sizeof word);
1304 magic.elfmag[EI_MAG0] = ELFMAG0;
1305 magic.elfmag[EI_MAG1] = ELFMAG1;
1306 magic.elfmag[EI_MAG2] = ELFMAG2;
1307 magic.elfmag[EI_MAG3] = ELFMAG3;
1309 * Switch to the user "segment" for get_user(),
1310 * then put back what elf_core_dump() had in place.
1313 if (unlikely(get_user(word, header)))
1316 if (word == magic.cmp)
1325 return vma->vm_end - vma->vm_start;
1328 /* An ELF note in memory */
1333 unsigned int datasz;
1337 static int notesize(struct memelfnote *en)
1341 sz = sizeof(struct elf_note);
1342 sz += roundup(strlen(en->name) + 1, 4);
1343 sz += roundup(en->datasz, 4);
1348 static int writenote(struct memelfnote *men, struct coredump_params *cprm)
1351 en.n_namesz = strlen(men->name) + 1;
1352 en.n_descsz = men->datasz;
1353 en.n_type = men->type;
1355 return dump_emit(cprm, &en, sizeof(en)) &&
1356 dump_emit(cprm, men->name, en.n_namesz) && dump_align(cprm, 4) &&
1357 dump_emit(cprm, men->data, men->datasz) && dump_align(cprm, 4);
1360 static void fill_elf_header(struct elfhdr *elf, int segs,
1361 u16 machine, u32 flags)
1363 memset(elf, 0, sizeof(*elf));
1365 memcpy(elf->e_ident, ELFMAG, SELFMAG);
1366 elf->e_ident[EI_CLASS] = ELF_CLASS;
1367 elf->e_ident[EI_DATA] = ELF_DATA;
1368 elf->e_ident[EI_VERSION] = EV_CURRENT;
1369 elf->e_ident[EI_OSABI] = ELF_OSABI;
1371 elf->e_type = ET_CORE;
1372 elf->e_machine = machine;
1373 elf->e_version = EV_CURRENT;
1374 elf->e_phoff = sizeof(struct elfhdr);
1375 elf->e_flags = flags;
1376 elf->e_ehsize = sizeof(struct elfhdr);
1377 elf->e_phentsize = sizeof(struct elf_phdr);
1378 elf->e_phnum = segs;
1383 static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
1385 phdr->p_type = PT_NOTE;
1386 phdr->p_offset = offset;
1389 phdr->p_filesz = sz;
1396 static void fill_note(struct memelfnote *note, const char *name, int type,
1397 unsigned int sz, void *data)
1407 * fill up all the fields in prstatus from the given task struct, except
1408 * registers which need to be filled up separately.
1410 static void fill_prstatus(struct elf_prstatus *prstatus,
1411 struct task_struct *p, long signr)
1413 prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
1414 prstatus->pr_sigpend = p->pending.signal.sig[0];
1415 prstatus->pr_sighold = p->blocked.sig[0];
1417 prstatus->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1419 prstatus->pr_pid = task_pid_vnr(p);
1420 prstatus->pr_pgrp = task_pgrp_vnr(p);
1421 prstatus->pr_sid = task_session_vnr(p);
1422 if (thread_group_leader(p)) {
1423 struct task_cputime cputime;
1426 * This is the record for the group leader. It shows the
1427 * group-wide total, not its individual thread total.
1429 thread_group_cputime(p, &cputime);
1430 cputime_to_timeval(cputime.utime, &prstatus->pr_utime);
1431 cputime_to_timeval(cputime.stime, &prstatus->pr_stime);
1433 cputime_t utime, stime;
1435 task_cputime(p, &utime, &stime);
1436 cputime_to_timeval(utime, &prstatus->pr_utime);
1437 cputime_to_timeval(stime, &prstatus->pr_stime);
1439 cputime_to_timeval(p->signal->cutime, &prstatus->pr_cutime);
1440 cputime_to_timeval(p->signal->cstime, &prstatus->pr_cstime);
1443 static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
1444 struct mm_struct *mm)
1446 const struct cred *cred;
1447 unsigned int i, len;
1449 /* first copy the parameters from user space */
1450 memset(psinfo, 0, sizeof(struct elf_prpsinfo));
1452 len = mm->arg_end - mm->arg_start;
1453 if (len >= ELF_PRARGSZ)
1454 len = ELF_PRARGSZ-1;
1455 if (copy_from_user(&psinfo->pr_psargs,
1456 (const char __user *)mm->arg_start, len))
1458 for(i = 0; i < len; i++)
1459 if (psinfo->pr_psargs[i] == 0)
1460 psinfo->pr_psargs[i] = ' ';
1461 psinfo->pr_psargs[len] = 0;
1464 psinfo->pr_ppid = task_pid_vnr(rcu_dereference(p->real_parent));
1466 psinfo->pr_pid = task_pid_vnr(p);
1467 psinfo->pr_pgrp = task_pgrp_vnr(p);
1468 psinfo->pr_sid = task_session_vnr(p);
1470 i = p->state ? ffz(~p->state) + 1 : 0;
1471 psinfo->pr_state = i;
1472 psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
1473 psinfo->pr_zomb = psinfo->pr_sname == 'Z';
1474 psinfo->pr_nice = task_nice(p);
1475 psinfo->pr_flag = p->flags;
1477 cred = __task_cred(p);
1478 SET_UID(psinfo->pr_uid, from_kuid_munged(cred->user_ns, cred->uid));
1479 SET_GID(psinfo->pr_gid, from_kgid_munged(cred->user_ns, cred->gid));
1481 strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
1486 static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm)
1488 elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv;
1492 while (auxv[i - 2] != AT_NULL);
1493 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv);
1496 static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata,
1497 const siginfo_t *siginfo)
1499 mm_segment_t old_fs = get_fs();
1501 copy_siginfo_to_user((user_siginfo_t __user *) csigdata, siginfo);
1503 fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata);
1506 #define MAX_FILE_NOTE_SIZE (4*1024*1024)
1508 * Format of NT_FILE note:
1510 * long count -- how many files are mapped
1511 * long page_size -- units for file_ofs
1512 * array of [COUNT] elements of
1516 * followed by COUNT filenames in ASCII: "FILE1" NUL "FILE2" NUL...
1518 static int fill_files_note(struct memelfnote *note)
1520 struct vm_area_struct *vma;
1521 unsigned count, size, names_ofs, remaining, n;
1523 user_long_t *start_end_ofs;
1524 char *name_base, *name_curpos;
1526 /* *Estimated* file count and total data size needed */
1527 count = current->mm->map_count;
1530 names_ofs = (2 + 3 * count) * sizeof(data[0]);
1532 if (size >= MAX_FILE_NOTE_SIZE) /* paranoia check */
1534 size = round_up(size, PAGE_SIZE);
1535 data = vmalloc(size);
1539 start_end_ofs = data + 2;
1540 name_base = name_curpos = ((char *)data) + names_ofs;
1541 remaining = size - names_ofs;
1543 for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
1545 const char *filename;
1547 file = vma->vm_file;
1550 filename = file_path(file, name_curpos, remaining);
1551 if (IS_ERR(filename)) {
1552 if (PTR_ERR(filename) == -ENAMETOOLONG) {
1554 size = size * 5 / 4;
1560 /* file_path() fills at the end, move name down */
1561 /* n = strlen(filename) + 1: */
1562 n = (name_curpos + remaining) - filename;
1563 remaining = filename - name_curpos;
1564 memmove(name_curpos, filename, n);
1567 *start_end_ofs++ = vma->vm_start;
1568 *start_end_ofs++ = vma->vm_end;
1569 *start_end_ofs++ = vma->vm_pgoff;
1573 /* Now we know exact count of files, can store it */
1575 data[1] = PAGE_SIZE;
1577 * Count usually is less than current->mm->map_count,
1578 * we need to move filenames down.
1580 n = current->mm->map_count - count;
1582 unsigned shift_bytes = n * 3 * sizeof(data[0]);
1583 memmove(name_base - shift_bytes, name_base,
1584 name_curpos - name_base);
1585 name_curpos -= shift_bytes;
1588 size = name_curpos - (char *)data;
1589 fill_note(note, "CORE", NT_FILE, size, data);
1593 #ifdef CORE_DUMP_USE_REGSET
1594 #include <linux/regset.h>
1596 struct elf_thread_core_info {
1597 struct elf_thread_core_info *next;
1598 struct task_struct *task;
1599 struct elf_prstatus prstatus;
1600 struct memelfnote notes[0];
1603 struct elf_note_info {
1604 struct elf_thread_core_info *thread;
1605 struct memelfnote psinfo;
1606 struct memelfnote signote;
1607 struct memelfnote auxv;
1608 struct memelfnote files;
1609 user_siginfo_t csigdata;
1615 * When a regset has a writeback hook, we call it on each thread before
1616 * dumping user memory. On register window machines, this makes sure the
1617 * user memory backing the register data is up to date before we read it.
1619 static void do_thread_regset_writeback(struct task_struct *task,
1620 const struct user_regset *regset)
1622 if (regset->writeback)
1623 regset->writeback(task, regset, 1);
1627 #define PR_REG_SIZE(S) sizeof(S)
1630 #ifndef PRSTATUS_SIZE
1631 #define PRSTATUS_SIZE(S) sizeof(S)
1635 #define PR_REG_PTR(S) (&((S)->pr_reg))
1638 #ifndef SET_PR_FPVALID
1639 #define SET_PR_FPVALID(S, V) ((S)->pr_fpvalid = (V))
1642 static int fill_thread_core_info(struct elf_thread_core_info *t,
1643 const struct user_regset_view *view,
1644 long signr, size_t *total)
1649 * NT_PRSTATUS is the one special case, because the regset data
1650 * goes into the pr_reg field inside the note contents, rather
1651 * than being the whole note contents. We fill the reset in here.
1652 * We assume that regset 0 is NT_PRSTATUS.
1654 fill_prstatus(&t->prstatus, t->task, signr);
1655 (void) view->regsets[0].get(t->task, &view->regsets[0],
1656 0, PR_REG_SIZE(t->prstatus.pr_reg),
1657 PR_REG_PTR(&t->prstatus), NULL);
1659 fill_note(&t->notes[0], "CORE", NT_PRSTATUS,
1660 PRSTATUS_SIZE(t->prstatus), &t->prstatus);
1661 *total += notesize(&t->notes[0]);
1663 do_thread_regset_writeback(t->task, &view->regsets[0]);
1666 * Each other regset might generate a note too. For each regset
1667 * that has no core_note_type or is inactive, we leave t->notes[i]
1668 * all zero and we'll know to skip writing it later.
1670 for (i = 1; i < view->n; ++i) {
1671 const struct user_regset *regset = &view->regsets[i];
1672 do_thread_regset_writeback(t->task, regset);
1673 if (regset->core_note_type && regset->get &&
1674 (!regset->active || regset->active(t->task, regset))) {
1676 size_t size = regset->n * regset->size;
1677 void *data = kmalloc(size, GFP_KERNEL);
1678 if (unlikely(!data))
1680 ret = regset->get(t->task, regset,
1681 0, size, data, NULL);
1685 if (regset->core_note_type != NT_PRFPREG)
1686 fill_note(&t->notes[i], "LINUX",
1687 regset->core_note_type,
1690 SET_PR_FPVALID(&t->prstatus, 1);
1691 fill_note(&t->notes[i], "CORE",
1692 NT_PRFPREG, size, data);
1694 *total += notesize(&t->notes[i]);
1702 static int fill_note_info(struct elfhdr *elf, int phdrs,
1703 struct elf_note_info *info,
1704 const siginfo_t *siginfo, struct pt_regs *regs)
1706 struct task_struct *dump_task = current;
1707 const struct user_regset_view *view = task_user_regset_view(dump_task);
1708 struct elf_thread_core_info *t;
1709 struct elf_prpsinfo *psinfo;
1710 struct core_thread *ct;
1714 info->thread = NULL;
1716 psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
1717 if (psinfo == NULL) {
1718 info->psinfo.data = NULL; /* So we don't free this wrongly */
1722 fill_note(&info->psinfo, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
1725 * Figure out how many notes we're going to need for each thread.
1727 info->thread_notes = 0;
1728 for (i = 0; i < view->n; ++i)
1729 if (view->regsets[i].core_note_type != 0)
1730 ++info->thread_notes;
1733 * Sanity check. We rely on regset 0 being in NT_PRSTATUS,
1734 * since it is our one special case.
1736 if (unlikely(info->thread_notes == 0) ||
1737 unlikely(view->regsets[0].core_note_type != NT_PRSTATUS)) {
1743 * Initialize the ELF file header.
1745 fill_elf_header(elf, phdrs,
1746 view->e_machine, view->e_flags);
1749 * Allocate a structure for each thread.
1751 for (ct = &dump_task->mm->core_state->dumper; ct; ct = ct->next) {
1752 t = kzalloc(offsetof(struct elf_thread_core_info,
1753 notes[info->thread_notes]),
1759 if (ct->task == dump_task || !info->thread) {
1760 t->next = info->thread;
1764 * Make sure to keep the original task at
1765 * the head of the list.
1767 t->next = info->thread->next;
1768 info->thread->next = t;
1773 * Now fill in each thread's information.
1775 for (t = info->thread; t != NULL; t = t->next)
1776 if (!fill_thread_core_info(t, view, siginfo->si_signo, &info->size))
1780 * Fill in the two process-wide notes.
1782 fill_psinfo(psinfo, dump_task->group_leader, dump_task->mm);
1783 info->size += notesize(&info->psinfo);
1785 fill_siginfo_note(&info->signote, &info->csigdata, siginfo);
1786 info->size += notesize(&info->signote);
1788 fill_auxv_note(&info->auxv, current->mm);
1789 info->size += notesize(&info->auxv);
1791 if (fill_files_note(&info->files) == 0)
1792 info->size += notesize(&info->files);
1797 static size_t get_note_info_size(struct elf_note_info *info)
1803 * Write all the notes for each thread. When writing the first thread, the
1804 * process-wide notes are interleaved after the first thread-specific note.
1806 static int write_note_info(struct elf_note_info *info,
1807 struct coredump_params *cprm)
1810 struct elf_thread_core_info *t = info->thread;
1815 if (!writenote(&t->notes[0], cprm))
1818 if (first && !writenote(&info->psinfo, cprm))
1820 if (first && !writenote(&info->signote, cprm))
1822 if (first && !writenote(&info->auxv, cprm))
1824 if (first && info->files.data &&
1825 !writenote(&info->files, cprm))
1828 for (i = 1; i < info->thread_notes; ++i)
1829 if (t->notes[i].data &&
1830 !writenote(&t->notes[i], cprm))
1840 static void free_note_info(struct elf_note_info *info)
1842 struct elf_thread_core_info *threads = info->thread;
1845 struct elf_thread_core_info *t = threads;
1847 WARN_ON(t->notes[0].data && t->notes[0].data != &t->prstatus);
1848 for (i = 1; i < info->thread_notes; ++i)
1849 kfree(t->notes[i].data);
1852 kfree(info->psinfo.data);
1853 vfree(info->files.data);
1858 /* Here is the structure in which status of each thread is captured. */
1859 struct elf_thread_status
1861 struct list_head list;
1862 struct elf_prstatus prstatus; /* NT_PRSTATUS */
1863 elf_fpregset_t fpu; /* NT_PRFPREG */
1864 struct task_struct *thread;
1865 #ifdef ELF_CORE_COPY_XFPREGS
1866 elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
1868 struct memelfnote notes[3];
1873 * In order to add the specific thread information for the elf file format,
1874 * we need to keep a linked list of every threads pr_status and then create
1875 * a single section for them in the final core file.
1877 static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
1880 struct task_struct *p = t->thread;
1883 fill_prstatus(&t->prstatus, p, signr);
1884 elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
1886 fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
1889 sz += notesize(&t->notes[0]);
1891 if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
1893 fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
1896 sz += notesize(&t->notes[1]);
1899 #ifdef ELF_CORE_COPY_XFPREGS
1900 if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
1901 fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
1902 sizeof(t->xfpu), &t->xfpu);
1904 sz += notesize(&t->notes[2]);
1910 struct elf_note_info {
1911 struct memelfnote *notes;
1912 struct memelfnote *notes_files;
1913 struct elf_prstatus *prstatus; /* NT_PRSTATUS */
1914 struct elf_prpsinfo *psinfo; /* NT_PRPSINFO */
1915 struct list_head thread_list;
1916 elf_fpregset_t *fpu;
1917 #ifdef ELF_CORE_COPY_XFPREGS
1918 elf_fpxregset_t *xfpu;
1920 user_siginfo_t csigdata;
1921 int thread_status_size;
1925 static int elf_note_info_init(struct elf_note_info *info)
1927 memset(info, 0, sizeof(*info));
1928 INIT_LIST_HEAD(&info->thread_list);
1930 /* Allocate space for ELF notes */
1931 info->notes = kmalloc(8 * sizeof(struct memelfnote), GFP_KERNEL);
1934 info->psinfo = kmalloc(sizeof(*info->psinfo), GFP_KERNEL);
1937 info->prstatus = kmalloc(sizeof(*info->prstatus), GFP_KERNEL);
1938 if (!info->prstatus)
1940 info->fpu = kmalloc(sizeof(*info->fpu), GFP_KERNEL);
1943 #ifdef ELF_CORE_COPY_XFPREGS
1944 info->xfpu = kmalloc(sizeof(*info->xfpu), GFP_KERNEL);
1951 static int fill_note_info(struct elfhdr *elf, int phdrs,
1952 struct elf_note_info *info,
1953 const siginfo_t *siginfo, struct pt_regs *regs)
1955 struct list_head *t;
1956 struct core_thread *ct;
1957 struct elf_thread_status *ets;
1959 if (!elf_note_info_init(info))
1962 for (ct = current->mm->core_state->dumper.next;
1963 ct; ct = ct->next) {
1964 ets = kzalloc(sizeof(*ets), GFP_KERNEL);
1968 ets->thread = ct->task;
1969 list_add(&ets->list, &info->thread_list);
1972 list_for_each(t, &info->thread_list) {
1975 ets = list_entry(t, struct elf_thread_status, list);
1976 sz = elf_dump_thread_status(siginfo->si_signo, ets);
1977 info->thread_status_size += sz;
1979 /* now collect the dump for the current */
1980 memset(info->prstatus, 0, sizeof(*info->prstatus));
1981 fill_prstatus(info->prstatus, current, siginfo->si_signo);
1982 elf_core_copy_regs(&info->prstatus->pr_reg, regs);
1985 fill_elf_header(elf, phdrs, ELF_ARCH, ELF_CORE_EFLAGS);
1988 * Set up the notes in similar form to SVR4 core dumps made
1989 * with info from their /proc.
1992 fill_note(info->notes + 0, "CORE", NT_PRSTATUS,
1993 sizeof(*info->prstatus), info->prstatus);
1994 fill_psinfo(info->psinfo, current->group_leader, current->mm);
1995 fill_note(info->notes + 1, "CORE", NT_PRPSINFO,
1996 sizeof(*info->psinfo), info->psinfo);
1998 fill_siginfo_note(info->notes + 2, &info->csigdata, siginfo);
1999 fill_auxv_note(info->notes + 3, current->mm);
2002 if (fill_files_note(info->notes + info->numnote) == 0) {
2003 info->notes_files = info->notes + info->numnote;
2007 /* Try to dump the FPU. */
2008 info->prstatus->pr_fpvalid = elf_core_copy_task_fpregs(current, regs,
2010 if (info->prstatus->pr_fpvalid)
2011 fill_note(info->notes + info->numnote++,
2012 "CORE", NT_PRFPREG, sizeof(*info->fpu), info->fpu);
2013 #ifdef ELF_CORE_COPY_XFPREGS
2014 if (elf_core_copy_task_xfpregs(current, info->xfpu))
2015 fill_note(info->notes + info->numnote++,
2016 "LINUX", ELF_CORE_XFPREG_TYPE,
2017 sizeof(*info->xfpu), info->xfpu);
2023 static size_t get_note_info_size(struct elf_note_info *info)
2028 for (i = 0; i < info->numnote; i++)
2029 sz += notesize(info->notes + i);
2031 sz += info->thread_status_size;
2036 static int write_note_info(struct elf_note_info *info,
2037 struct coredump_params *cprm)
2040 struct list_head *t;
2042 for (i = 0; i < info->numnote; i++)
2043 if (!writenote(info->notes + i, cprm))
2046 /* write out the thread status notes section */
2047 list_for_each(t, &info->thread_list) {
2048 struct elf_thread_status *tmp =
2049 list_entry(t, struct elf_thread_status, list);
2051 for (i = 0; i < tmp->num_notes; i++)
2052 if (!writenote(&tmp->notes[i], cprm))
2059 static void free_note_info(struct elf_note_info *info)
2061 while (!list_empty(&info->thread_list)) {
2062 struct list_head *tmp = info->thread_list.next;
2064 kfree(list_entry(tmp, struct elf_thread_status, list));
2067 /* Free data possibly allocated by fill_files_note(): */
2068 if (info->notes_files)
2069 vfree(info->notes_files->data);
2071 kfree(info->prstatus);
2072 kfree(info->psinfo);
2075 #ifdef ELF_CORE_COPY_XFPREGS
2082 static struct vm_area_struct *first_vma(struct task_struct *tsk,
2083 struct vm_area_struct *gate_vma)
2085 struct vm_area_struct *ret = tsk->mm->mmap;
2092 * Helper function for iterating across a vma list. It ensures that the caller
2093 * will visit `gate_vma' prior to terminating the search.
2095 static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
2096 struct vm_area_struct *gate_vma)
2098 struct vm_area_struct *ret;
2100 ret = this_vma->vm_next;
2103 if (this_vma == gate_vma)
2108 static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum,
2109 elf_addr_t e_shoff, int segs)
2111 elf->e_shoff = e_shoff;
2112 elf->e_shentsize = sizeof(*shdr4extnum);
2114 elf->e_shstrndx = SHN_UNDEF;
2116 memset(shdr4extnum, 0, sizeof(*shdr4extnum));
2118 shdr4extnum->sh_type = SHT_NULL;
2119 shdr4extnum->sh_size = elf->e_shnum;
2120 shdr4extnum->sh_link = elf->e_shstrndx;
2121 shdr4extnum->sh_info = segs;
2127 * This is a two-pass process; first we find the offsets of the bits,
2128 * and then they are actually written out. If we run out of core limit
2131 static int elf_core_dump(struct coredump_params *cprm)
2136 size_t vma_data_size = 0;
2137 struct vm_area_struct *vma, *gate_vma;
2138 struct elfhdr *elf = NULL;
2139 loff_t offset = 0, dataoff;
2140 struct elf_note_info info = { };
2141 struct elf_phdr *phdr4note = NULL;
2142 struct elf_shdr *shdr4extnum = NULL;
2145 elf_addr_t *vma_filesz = NULL;
2148 * We no longer stop all VM operations.
2150 * This is because those proceses that could possibly change map_count
2151 * or the mmap / vma pages are now blocked in do_exit on current
2152 * finishing this core dump.
2154 * Only ptrace can touch these memory addresses, but it doesn't change
2155 * the map_count or the pages allocated. So no possibility of crashing
2156 * exists while dumping the mm->vm_next areas to the core file.
2159 /* alloc memory for large data structures: too large to be on stack */
2160 elf = kmalloc(sizeof(*elf), GFP_KERNEL);
2164 * The number of segs are recored into ELF header as 16bit value.
2165 * Please check DEFAULT_MAX_MAP_COUNT definition when you modify here.
2167 segs = current->mm->map_count;
2168 segs += elf_core_extra_phdrs();
2170 gate_vma = get_gate_vma(current->mm);
2171 if (gate_vma != NULL)
2174 /* for notes section */
2177 /* If segs > PN_XNUM(0xffff), then e_phnum overflows. To avoid
2178 * this, kernel supports extended numbering. Have a look at
2179 * include/linux/elf.h for further information. */
2180 e_phnum = segs > PN_XNUM ? PN_XNUM : segs;
2183 * Collect all the non-memory information about the process for the
2184 * notes. This also sets up the file header.
2186 if (!fill_note_info(elf, e_phnum, &info, cprm->siginfo, cprm->regs))
2194 offset += sizeof(*elf); /* Elf header */
2195 offset += segs * sizeof(struct elf_phdr); /* Program headers */
2197 /* Write notes phdr entry */
2199 size_t sz = get_note_info_size(&info);
2201 sz += elf_coredump_extra_notes_size();
2203 phdr4note = kmalloc(sizeof(*phdr4note), GFP_KERNEL);
2207 fill_elf_note_phdr(phdr4note, sz, offset);
2211 dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
2213 vma_filesz = kmalloc_array(segs - 1, sizeof(*vma_filesz), GFP_KERNEL);
2217 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2218 vma = next_vma(vma, gate_vma)) {
2219 unsigned long dump_size;
2221 dump_size = vma_dump_size(vma, cprm->mm_flags);
2222 vma_filesz[i++] = dump_size;
2223 vma_data_size += dump_size;
2226 offset += vma_data_size;
2227 offset += elf_core_extra_data_size();
2230 if (e_phnum == PN_XNUM) {
2231 shdr4extnum = kmalloc(sizeof(*shdr4extnum), GFP_KERNEL);
2234 fill_extnum_info(elf, shdr4extnum, e_shoff, segs);
2239 if (!dump_emit(cprm, elf, sizeof(*elf)))
2242 if (!dump_emit(cprm, phdr4note, sizeof(*phdr4note)))
2245 /* Write program headers for segments dump */
2246 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2247 vma = next_vma(vma, gate_vma)) {
2248 struct elf_phdr phdr;
2250 phdr.p_type = PT_LOAD;
2251 phdr.p_offset = offset;
2252 phdr.p_vaddr = vma->vm_start;
2254 phdr.p_filesz = vma_filesz[i++];
2255 phdr.p_memsz = vma->vm_end - vma->vm_start;
2256 offset += phdr.p_filesz;
2257 phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
2258 if (vma->vm_flags & VM_WRITE)
2259 phdr.p_flags |= PF_W;
2260 if (vma->vm_flags & VM_EXEC)
2261 phdr.p_flags |= PF_X;
2262 phdr.p_align = ELF_EXEC_PAGESIZE;
2264 if (!dump_emit(cprm, &phdr, sizeof(phdr)))
2268 if (!elf_core_write_extra_phdrs(cprm, offset))
2271 /* write out the notes section */
2272 if (!write_note_info(&info, cprm))
2275 if (elf_coredump_extra_notes_write(cprm))
2279 if (!dump_skip(cprm, dataoff - cprm->file->f_pos))
2282 for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
2283 vma = next_vma(vma, gate_vma)) {
2287 end = vma->vm_start + vma_filesz[i++];
2289 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
2293 page = get_dump_page(addr);
2295 void *kaddr = kmap(page);
2296 stop = !dump_emit(cprm, kaddr, PAGE_SIZE);
2300 stop = !dump_skip(cprm, PAGE_SIZE);
2306 if (!elf_core_write_extra_data(cprm))
2309 if (e_phnum == PN_XNUM) {
2310 if (!dump_emit(cprm, shdr4extnum, sizeof(*shdr4extnum)))
2318 free_note_info(&info);
2327 #endif /* CONFIG_ELF_CORE */
2329 static int __init init_elf_binfmt(void)
2331 register_binfmt(&elf_format);
2335 static void __exit exit_elf_binfmt(void)
2337 /* Remove the COFF and ELF loaders. */
2338 unregister_binfmt(&elf_format);
2341 core_initcall(init_elf_binfmt);
2342 module_exit(exit_elf_binfmt);
2343 MODULE_LICENSE("GPL");
projects / cascardo / linux.git / blob