| 1 |
62 |
marcus.erl |
/*
|
| 2 |
|
|
* linux/fs/binfmt_elf.c
|
| 3 |
|
|
*
|
| 4 |
|
|
* These are the functions used to load ELF format executables as used
|
| 5 |
|
|
* on SVr4 machines. Information on the format may be found in the book
|
| 6 |
|
|
* "UNIX SYSTEM V RELEASE 4 Programmers Guide: Ansi C and Programming Support
|
| 7 |
|
|
* Tools".
|
| 8 |
|
|
*
|
| 9 |
|
|
* Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
|
| 10 |
|
|
*/
|
| 11 |
|
|
|
| 12 |
|
|
#include <linux/module.h>
|
| 13 |
|
|
#include <linux/kernel.h>
|
| 14 |
|
|
#include <linux/fs.h>
|
| 15 |
|
|
#include <linux/stat.h>
|
| 16 |
|
|
#include <linux/time.h>
|
| 17 |
|
|
#include <linux/mm.h>
|
| 18 |
|
|
#include <linux/mman.h>
|
| 19 |
|
|
#include <linux/a.out.h>
|
| 20 |
|
|
#include <linux/errno.h>
|
| 21 |
|
|
#include <linux/signal.h>
|
| 22 |
|
|
#include <linux/binfmts.h>
|
| 23 |
|
|
#include <linux/string.h>
|
| 24 |
|
|
#include <linux/file.h>
|
| 25 |
|
|
#include <linux/fcntl.h>
|
| 26 |
|
|
#include <linux/ptrace.h>
|
| 27 |
|
|
#include <linux/slab.h>
|
| 28 |
|
|
#include <linux/shm.h>
|
| 29 |
|
|
#include <linux/personality.h>
|
| 30 |
|
|
#include <linux/elfcore.h>
|
| 31 |
|
|
#include <linux/init.h>
|
| 32 |
|
|
#include <linux/highuid.h>
|
| 33 |
|
|
#include <linux/smp.h>
|
| 34 |
|
|
#include <linux/compiler.h>
|
| 35 |
|
|
#include <linux/highmem.h>
|
| 36 |
|
|
#include <linux/pagemap.h>
|
| 37 |
|
|
#include <linux/security.h>
|
| 38 |
|
|
#include <linux/syscalls.h>
|
| 39 |
|
|
#include <linux/random.h>
|
| 40 |
|
|
#include <linux/elf.h>
|
| 41 |
|
|
#include <linux/utsname.h>
|
| 42 |
|
|
#include <asm/uaccess.h>
|
| 43 |
|
|
#include <asm/param.h>
|
| 44 |
|
|
#include <asm/page.h>
|
| 45 |
|
|
|
| 46 |
|
|
static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs);
|
| 47 |
|
|
static int load_elf_library(struct file *);
|
| 48 |
|
|
static unsigned long elf_map (struct file *, unsigned long, struct elf_phdr *, int, int);
|
| 49 |
|
|
|
| 50 |
|
|
/*
|
| 51 |
|
|
* If we don't support core dumping, then supply a NULL so we
|
| 52 |
|
|
* don't even try.
|
| 53 |
|
|
*/
|
| 54 |
|
|
#if defined(USE_ELF_CORE_DUMP) && defined(CONFIG_ELF_CORE)
|
| 55 |
|
|
static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, unsigned long limit);
|
| 56 |
|
|
#else
|
| 57 |
|
|
#define elf_core_dump NULL
|
| 58 |
|
|
#endif
|
| 59 |
|
|
|
| 60 |
|
|
#if ELF_EXEC_PAGESIZE > PAGE_SIZE
|
| 61 |
|
|
#define ELF_MIN_ALIGN ELF_EXEC_PAGESIZE
|
| 62 |
|
|
#else
|
| 63 |
|
|
#define ELF_MIN_ALIGN PAGE_SIZE
|
| 64 |
|
|
#endif
|
| 65 |
|
|
|
| 66 |
|
|
#ifndef ELF_CORE_EFLAGS
|
| 67 |
|
|
#define ELF_CORE_EFLAGS 0
|
| 68 |
|
|
#endif
|
| 69 |
|
|
|
| 70 |
|
|
#define ELF_PAGESTART(_v) ((_v) & ~(unsigned long)(ELF_MIN_ALIGN-1))
|
| 71 |
|
|
#define ELF_PAGEOFFSET(_v) ((_v) & (ELF_MIN_ALIGN-1))
|
| 72 |
|
|
#define ELF_PAGEALIGN(_v) (((_v) + ELF_MIN_ALIGN - 1) & ~(ELF_MIN_ALIGN - 1))
|
| 73 |
|
|
|
| 74 |
|
|
static struct linux_binfmt elf_format = {
|
| 75 |
|
|
.module = THIS_MODULE,
|
| 76 |
|
|
.load_binary = load_elf_binary,
|
| 77 |
|
|
.load_shlib = load_elf_library,
|
| 78 |
|
|
.core_dump = elf_core_dump,
|
| 79 |
|
|
.min_coredump = ELF_EXEC_PAGESIZE,
|
| 80 |
|
|
.hasvdso = 1
|
| 81 |
|
|
};
|
| 82 |
|
|
|
| 83 |
|
|
#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
|
| 84 |
|
|
|
| 85 |
|
|
static int set_brk(unsigned long start, unsigned long end)
|
| 86 |
|
|
{
|
| 87 |
|
|
start = ELF_PAGEALIGN(start);
|
| 88 |
|
|
end = ELF_PAGEALIGN(end);
|
| 89 |
|
|
if (end > start) {
|
| 90 |
|
|
unsigned long addr;
|
| 91 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 92 |
|
|
addr = do_brk(start, end - start);
|
| 93 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 94 |
|
|
if (BAD_ADDR(addr))
|
| 95 |
|
|
return addr;
|
| 96 |
|
|
}
|
| 97 |
|
|
current->mm->start_brk = current->mm->brk = end;
|
| 98 |
|
|
return 0;
|
| 99 |
|
|
}
|
| 100 |
|
|
|
| 101 |
|
|
/* We need to explicitly zero any fractional pages
|
| 102 |
|
|
after the data section (i.e. bss). This would
|
| 103 |
|
|
contain the junk from the file that should not
|
| 104 |
|
|
be in memory
|
| 105 |
|
|
*/
|
| 106 |
|
|
static int padzero(unsigned long elf_bss)
|
| 107 |
|
|
{
|
| 108 |
|
|
unsigned long nbyte;
|
| 109 |
|
|
|
| 110 |
|
|
nbyte = ELF_PAGEOFFSET(elf_bss);
|
| 111 |
|
|
if (nbyte) {
|
| 112 |
|
|
nbyte = ELF_MIN_ALIGN - nbyte;
|
| 113 |
|
|
if (clear_user((void __user *) elf_bss, nbyte))
|
| 114 |
|
|
return -EFAULT;
|
| 115 |
|
|
}
|
| 116 |
|
|
return 0;
|
| 117 |
|
|
}
|
| 118 |
|
|
|
| 119 |
|
|
/* Let's use some macros to make this stack manipulation a litle clearer */
|
| 120 |
|
|
#ifdef CONFIG_STACK_GROWSUP
|
| 121 |
|
|
#define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) + (items))
|
| 122 |
|
|
#define STACK_ROUND(sp, items) \
|
| 123 |
|
|
((15 + (unsigned long) ((sp) + (items))) &~ 15UL)
|
| 124 |
|
|
#define STACK_ALLOC(sp, len) ({ \
|
| 125 |
|
|
elf_addr_t __user *old_sp = (elf_addr_t __user *)sp; sp += len; \
|
| 126 |
|
|
old_sp; })
|
| 127 |
|
|
#else
|
| 128 |
|
|
#define STACK_ADD(sp, items) ((elf_addr_t __user *)(sp) - (items))
|
| 129 |
|
|
#define STACK_ROUND(sp, items) \
|
| 130 |
|
|
(((unsigned long) (sp - items)) &~ 15UL)
|
| 131 |
|
|
#define STACK_ALLOC(sp, len) ({ sp -= len ; sp; })
|
| 132 |
|
|
#endif
|
| 133 |
|
|
|
| 134 |
|
|
static int
|
| 135 |
|
|
create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
|
| 136 |
|
|
int interp_aout, unsigned long load_addr,
|
| 137 |
|
|
unsigned long interp_load_addr)
|
| 138 |
|
|
{
|
| 139 |
|
|
unsigned long p = bprm->p;
|
| 140 |
|
|
int argc = bprm->argc;
|
| 141 |
|
|
int envc = bprm->envc;
|
| 142 |
|
|
elf_addr_t __user *argv;
|
| 143 |
|
|
elf_addr_t __user *envp;
|
| 144 |
|
|
elf_addr_t __user *sp;
|
| 145 |
|
|
elf_addr_t __user *u_platform;
|
| 146 |
|
|
const char *k_platform = ELF_PLATFORM;
|
| 147 |
|
|
int items;
|
| 148 |
|
|
elf_addr_t *elf_info;
|
| 149 |
|
|
int ei_index = 0;
|
| 150 |
|
|
struct task_struct *tsk = current;
|
| 151 |
|
|
struct vm_area_struct *vma;
|
| 152 |
|
|
|
| 153 |
|
|
/*
|
| 154 |
|
|
* In some cases (e.g. Hyper-Threading), we want to avoid L1
|
| 155 |
|
|
* evictions by the processes running on the same package. One
|
| 156 |
|
|
* thing we can do is to shuffle the initial stack for them.
|
| 157 |
|
|
*/
|
| 158 |
|
|
|
| 159 |
|
|
p = arch_align_stack(p);
|
| 160 |
|
|
|
| 161 |
|
|
/*
|
| 162 |
|
|
* If this architecture has a platform capability string, copy it
|
| 163 |
|
|
* to userspace. In some cases (Sparc), this info is impossible
|
| 164 |
|
|
* for userspace to get any other way, in others (i386) it is
|
| 165 |
|
|
* merely difficult.
|
| 166 |
|
|
*/
|
| 167 |
|
|
u_platform = NULL;
|
| 168 |
|
|
if (k_platform) {
|
| 169 |
|
|
size_t len = strlen(k_platform) + 1;
|
| 170 |
|
|
|
| 171 |
|
|
u_platform = (elf_addr_t __user *)STACK_ALLOC(p, len);
|
| 172 |
|
|
if (__copy_to_user(u_platform, k_platform, len))
|
| 173 |
|
|
return -EFAULT;
|
| 174 |
|
|
}
|
| 175 |
|
|
|
| 176 |
|
|
/* Create the ELF interpreter info */
|
| 177 |
|
|
elf_info = (elf_addr_t *)current->mm->saved_auxv;
|
| 178 |
|
|
/* update AT_VECTOR_SIZE_BASE if the number of NEW_AUX_ENT() changes */
|
| 179 |
|
|
#define NEW_AUX_ENT(id, val) \
|
| 180 |
|
|
do { \
|
| 181 |
|
|
elf_info[ei_index++] = id; \
|
| 182 |
|
|
elf_info[ei_index++] = val; \
|
| 183 |
|
|
} while (0)
|
| 184 |
|
|
|
| 185 |
|
|
#ifdef ARCH_DLINFO
|
| 186 |
|
|
/*
|
| 187 |
|
|
* ARCH_DLINFO must come first so PPC can do its special alignment of
|
| 188 |
|
|
* AUXV.
|
| 189 |
|
|
* update AT_VECTOR_SIZE_ARCH if the number of NEW_AUX_ENT() in
|
| 190 |
|
|
* ARCH_DLINFO changes
|
| 191 |
|
|
*/
|
| 192 |
|
|
ARCH_DLINFO;
|
| 193 |
|
|
#endif
|
| 194 |
|
|
NEW_AUX_ENT(AT_HWCAP, ELF_HWCAP);
|
| 195 |
|
|
NEW_AUX_ENT(AT_PAGESZ, ELF_EXEC_PAGESIZE);
|
| 196 |
|
|
NEW_AUX_ENT(AT_CLKTCK, CLOCKS_PER_SEC);
|
| 197 |
|
|
NEW_AUX_ENT(AT_PHDR, load_addr + exec->e_phoff);
|
| 198 |
|
|
NEW_AUX_ENT(AT_PHENT, sizeof(struct elf_phdr));
|
| 199 |
|
|
NEW_AUX_ENT(AT_PHNUM, exec->e_phnum);
|
| 200 |
|
|
NEW_AUX_ENT(AT_BASE, interp_load_addr);
|
| 201 |
|
|
NEW_AUX_ENT(AT_FLAGS, 0);
|
| 202 |
|
|
NEW_AUX_ENT(AT_ENTRY, exec->e_entry);
|
| 203 |
|
|
NEW_AUX_ENT(AT_UID, tsk->uid);
|
| 204 |
|
|
NEW_AUX_ENT(AT_EUID, tsk->euid);
|
| 205 |
|
|
NEW_AUX_ENT(AT_GID, tsk->gid);
|
| 206 |
|
|
NEW_AUX_ENT(AT_EGID, tsk->egid);
|
| 207 |
|
|
NEW_AUX_ENT(AT_SECURE, security_bprm_secureexec(bprm));
|
| 208 |
|
|
if (k_platform) {
|
| 209 |
|
|
NEW_AUX_ENT(AT_PLATFORM,
|
| 210 |
|
|
(elf_addr_t)(unsigned long)u_platform);
|
| 211 |
|
|
}
|
| 212 |
|
|
if (bprm->interp_flags & BINPRM_FLAGS_EXECFD) {
|
| 213 |
|
|
NEW_AUX_ENT(AT_EXECFD, bprm->interp_data);
|
| 214 |
|
|
}
|
| 215 |
|
|
#undef NEW_AUX_ENT
|
| 216 |
|
|
/* AT_NULL is zero; clear the rest too */
|
| 217 |
|
|
memset(&elf_info[ei_index], 0,
|
| 218 |
|
|
sizeof current->mm->saved_auxv - ei_index * sizeof elf_info[0]);
|
| 219 |
|
|
|
| 220 |
|
|
/* And advance past the AT_NULL entry. */
|
| 221 |
|
|
ei_index += 2;
|
| 222 |
|
|
|
| 223 |
|
|
sp = STACK_ADD(p, ei_index);
|
| 224 |
|
|
|
| 225 |
|
|
items = (argc + 1) + (envc + 1);
|
| 226 |
|
|
if (interp_aout) {
|
| 227 |
|
|
items += 3; /* a.out interpreters require argv & envp too */
|
| 228 |
|
|
} else {
|
| 229 |
|
|
items += 1; /* ELF interpreters only put argc on the stack */
|
| 230 |
|
|
}
|
| 231 |
|
|
bprm->p = STACK_ROUND(sp, items);
|
| 232 |
|
|
|
| 233 |
|
|
/* Point sp at the lowest address on the stack */
|
| 234 |
|
|
#ifdef CONFIG_STACK_GROWSUP
|
| 235 |
|
|
sp = (elf_addr_t __user *)bprm->p - items - ei_index;
|
| 236 |
|
|
bprm->exec = (unsigned long)sp; /* XXX: PARISC HACK */
|
| 237 |
|
|
#else
|
| 238 |
|
|
sp = (elf_addr_t __user *)bprm->p;
|
| 239 |
|
|
#endif
|
| 240 |
|
|
|
| 241 |
|
|
|
| 242 |
|
|
/*
|
| 243 |
|
|
* Grow the stack manually; some architectures have a limit on how
|
| 244 |
|
|
* far ahead a user-space access may be in order to grow the stack.
|
| 245 |
|
|
*/
|
| 246 |
|
|
vma = find_extend_vma(current->mm, bprm->p);
|
| 247 |
|
|
if (!vma)
|
| 248 |
|
|
return -EFAULT;
|
| 249 |
|
|
|
| 250 |
|
|
/* Now, let's put argc (and argv, envp if appropriate) on the stack */
|
| 251 |
|
|
if (__put_user(argc, sp++))
|
| 252 |
|
|
return -EFAULT;
|
| 253 |
|
|
if (interp_aout) {
|
| 254 |
|
|
argv = sp + 2;
|
| 255 |
|
|
envp = argv + argc + 1;
|
| 256 |
|
|
if (__put_user((elf_addr_t)(unsigned long)argv, sp++) ||
|
| 257 |
|
|
__put_user((elf_addr_t)(unsigned long)envp, sp++))
|
| 258 |
|
|
return -EFAULT;
|
| 259 |
|
|
} else {
|
| 260 |
|
|
argv = sp;
|
| 261 |
|
|
envp = argv + argc + 1;
|
| 262 |
|
|
}
|
| 263 |
|
|
|
| 264 |
|
|
/* Populate argv and envp */
|
| 265 |
|
|
p = current->mm->arg_end = current->mm->arg_start;
|
| 266 |
|
|
while (argc-- > 0) {
|
| 267 |
|
|
size_t len;
|
| 268 |
|
|
if (__put_user((elf_addr_t)p, argv++))
|
| 269 |
|
|
return -EFAULT;
|
| 270 |
|
|
len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
|
| 271 |
|
|
if (!len || len > MAX_ARG_STRLEN)
|
| 272 |
|
|
return 0;
|
| 273 |
|
|
p += len;
|
| 274 |
|
|
}
|
| 275 |
|
|
if (__put_user(0, argv))
|
| 276 |
|
|
return -EFAULT;
|
| 277 |
|
|
current->mm->arg_end = current->mm->env_start = p;
|
| 278 |
|
|
while (envc-- > 0) {
|
| 279 |
|
|
size_t len;
|
| 280 |
|
|
if (__put_user((elf_addr_t)p, envp++))
|
| 281 |
|
|
return -EFAULT;
|
| 282 |
|
|
len = strnlen_user((void __user *)p, MAX_ARG_STRLEN);
|
| 283 |
|
|
if (!len || len > MAX_ARG_STRLEN)
|
| 284 |
|
|
return 0;
|
| 285 |
|
|
p += len;
|
| 286 |
|
|
}
|
| 287 |
|
|
if (__put_user(0, envp))
|
| 288 |
|
|
return -EFAULT;
|
| 289 |
|
|
current->mm->env_end = p;
|
| 290 |
|
|
|
| 291 |
|
|
/* Put the elf_info on the stack in the right place. */
|
| 292 |
|
|
sp = (elf_addr_t __user *)envp + 1;
|
| 293 |
|
|
if (copy_to_user(sp, elf_info, ei_index * sizeof(elf_addr_t)))
|
| 294 |
|
|
return -EFAULT;
|
| 295 |
|
|
return 0;
|
| 296 |
|
|
}
|
| 297 |
|
|
|
| 298 |
|
|
#ifndef elf_map
|
| 299 |
|
|
|
| 300 |
|
|
static unsigned long elf_map(struct file *filep, unsigned long addr,
|
| 301 |
|
|
struct elf_phdr *eppnt, int prot, int type)
|
| 302 |
|
|
{
|
| 303 |
|
|
unsigned long map_addr;
|
| 304 |
|
|
unsigned long pageoffset = ELF_PAGEOFFSET(eppnt->p_vaddr);
|
| 305 |
|
|
|
| 306 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 307 |
|
|
/* mmap() will return -EINVAL if given a zero size, but a
|
| 308 |
|
|
* segment with zero filesize is perfectly valid */
|
| 309 |
|
|
if (eppnt->p_filesz + pageoffset)
|
| 310 |
|
|
map_addr = do_mmap(filep, ELF_PAGESTART(addr),
|
| 311 |
|
|
eppnt->p_filesz + pageoffset, prot, type,
|
| 312 |
|
|
eppnt->p_offset - pageoffset);
|
| 313 |
|
|
else
|
| 314 |
|
|
map_addr = ELF_PAGESTART(addr);
|
| 315 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 316 |
|
|
return(map_addr);
|
| 317 |
|
|
}
|
| 318 |
|
|
|
| 319 |
|
|
#endif /* !elf_map */
|
| 320 |
|
|
|
| 321 |
|
|
/* This is much more generalized than the library routine read function,
|
| 322 |
|
|
so we keep this separate. Technically the library read function
|
| 323 |
|
|
is only provided so that we can read a.out libraries that have
|
| 324 |
|
|
an ELF header */
|
| 325 |
|
|
|
| 326 |
|
|
static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
|
| 327 |
|
|
struct file *interpreter, unsigned long *interp_load_addr)
|
| 328 |
|
|
{
|
| 329 |
|
|
struct elf_phdr *elf_phdata;
|
| 330 |
|
|
struct elf_phdr *eppnt;
|
| 331 |
|
|
unsigned long load_addr = 0;
|
| 332 |
|
|
int load_addr_set = 0;
|
| 333 |
|
|
unsigned long last_bss = 0, elf_bss = 0;
|
| 334 |
|
|
unsigned long error = ~0UL;
|
| 335 |
|
|
int retval, i, size;
|
| 336 |
|
|
|
| 337 |
|
|
/* First of all, some simple consistency checks */
|
| 338 |
|
|
if (interp_elf_ex->e_type != ET_EXEC &&
|
| 339 |
|
|
interp_elf_ex->e_type != ET_DYN)
|
| 340 |
|
|
goto out;
|
| 341 |
|
|
if (!elf_check_arch(interp_elf_ex))
|
| 342 |
|
|
goto out;
|
| 343 |
|
|
if (!interpreter->f_op || !interpreter->f_op->mmap)
|
| 344 |
|
|
goto out;
|
| 345 |
|
|
|
| 346 |
|
|
/*
|
| 347 |
|
|
* If the size of this structure has changed, then punt, since
|
| 348 |
|
|
* we will be doing the wrong thing.
|
| 349 |
|
|
*/
|
| 350 |
|
|
if (interp_elf_ex->e_phentsize != sizeof(struct elf_phdr))
|
| 351 |
|
|
goto out;
|
| 352 |
|
|
if (interp_elf_ex->e_phnum < 1 ||
|
| 353 |
|
|
interp_elf_ex->e_phnum > 65536U / sizeof(struct elf_phdr))
|
| 354 |
|
|
goto out;
|
| 355 |
|
|
|
| 356 |
|
|
/* Now read in all of the header information */
|
| 357 |
|
|
size = sizeof(struct elf_phdr) * interp_elf_ex->e_phnum;
|
| 358 |
|
|
if (size > ELF_MIN_ALIGN)
|
| 359 |
|
|
goto out;
|
| 360 |
|
|
elf_phdata = kmalloc(size, GFP_KERNEL);
|
| 361 |
|
|
if (!elf_phdata)
|
| 362 |
|
|
goto out;
|
| 363 |
|
|
|
| 364 |
|
|
retval = kernel_read(interpreter, interp_elf_ex->e_phoff,
|
| 365 |
|
|
(char *)elf_phdata,size);
|
| 366 |
|
|
error = -EIO;
|
| 367 |
|
|
if (retval != size) {
|
| 368 |
|
|
if (retval < 0)
|
| 369 |
|
|
error = retval;
|
| 370 |
|
|
goto out_close;
|
| 371 |
|
|
}
|
| 372 |
|
|
|
| 373 |
|
|
eppnt = elf_phdata;
|
| 374 |
|
|
for (i = 0; i < interp_elf_ex->e_phnum; i++, eppnt++) {
|
| 375 |
|
|
if (eppnt->p_type == PT_LOAD) {
|
| 376 |
|
|
int elf_type = MAP_PRIVATE | MAP_DENYWRITE;
|
| 377 |
|
|
int elf_prot = 0;
|
| 378 |
|
|
unsigned long vaddr = 0;
|
| 379 |
|
|
unsigned long k, map_addr;
|
| 380 |
|
|
|
| 381 |
|
|
if (eppnt->p_flags & PF_R)
|
| 382 |
|
|
elf_prot = PROT_READ;
|
| 383 |
|
|
if (eppnt->p_flags & PF_W)
|
| 384 |
|
|
elf_prot |= PROT_WRITE;
|
| 385 |
|
|
if (eppnt->p_flags & PF_X)
|
| 386 |
|
|
elf_prot |= PROT_EXEC;
|
| 387 |
|
|
vaddr = eppnt->p_vaddr;
|
| 388 |
|
|
if (interp_elf_ex->e_type == ET_EXEC || load_addr_set)
|
| 389 |
|
|
elf_type |= MAP_FIXED;
|
| 390 |
|
|
|
| 391 |
|
|
map_addr = elf_map(interpreter, load_addr + vaddr,
|
| 392 |
|
|
eppnt, elf_prot, elf_type);
|
| 393 |
|
|
error = map_addr;
|
| 394 |
|
|
if (BAD_ADDR(map_addr))
|
| 395 |
|
|
goto out_close;
|
| 396 |
|
|
|
| 397 |
|
|
if (!load_addr_set &&
|
| 398 |
|
|
interp_elf_ex->e_type == ET_DYN) {
|
| 399 |
|
|
load_addr = map_addr - ELF_PAGESTART(vaddr);
|
| 400 |
|
|
load_addr_set = 1;
|
| 401 |
|
|
}
|
| 402 |
|
|
|
| 403 |
|
|
/*
|
| 404 |
|
|
* Check to see if the section's size will overflow the
|
| 405 |
|
|
* allowed task size. Note that p_filesz must always be
|
| 406 |
|
|
* <= p_memsize so it's only necessary to check p_memsz.
|
| 407 |
|
|
*/
|
| 408 |
|
|
k = load_addr + eppnt->p_vaddr;
|
| 409 |
|
|
if (BAD_ADDR(k) ||
|
| 410 |
|
|
eppnt->p_filesz > eppnt->p_memsz ||
|
| 411 |
|
|
eppnt->p_memsz > TASK_SIZE ||
|
| 412 |
|
|
TASK_SIZE - eppnt->p_memsz < k) {
|
| 413 |
|
|
error = -ENOMEM;
|
| 414 |
|
|
goto out_close;
|
| 415 |
|
|
}
|
| 416 |
|
|
|
| 417 |
|
|
/*
|
| 418 |
|
|
* Find the end of the file mapping for this phdr, and
|
| 419 |
|
|
* keep track of the largest address we see for this.
|
| 420 |
|
|
*/
|
| 421 |
|
|
k = load_addr + eppnt->p_vaddr + eppnt->p_filesz;
|
| 422 |
|
|
if (k > elf_bss)
|
| 423 |
|
|
elf_bss = k;
|
| 424 |
|
|
|
| 425 |
|
|
/*
|
| 426 |
|
|
* Do the same thing for the memory mapping - between
|
| 427 |
|
|
* elf_bss and last_bss is the bss section.
|
| 428 |
|
|
*/
|
| 429 |
|
|
k = load_addr + eppnt->p_memsz + eppnt->p_vaddr;
|
| 430 |
|
|
if (k > last_bss)
|
| 431 |
|
|
last_bss = k;
|
| 432 |
|
|
}
|
| 433 |
|
|
}
|
| 434 |
|
|
|
| 435 |
|
|
/*
|
| 436 |
|
|
* Now fill out the bss section. First pad the last page up
|
| 437 |
|
|
* to the page boundary, and then perform a mmap to make sure
|
| 438 |
|
|
* that there are zero-mapped pages up to and including the
|
| 439 |
|
|
* last bss page.
|
| 440 |
|
|
*/
|
| 441 |
|
|
if (padzero(elf_bss)) {
|
| 442 |
|
|
error = -EFAULT;
|
| 443 |
|
|
goto out_close;
|
| 444 |
|
|
}
|
| 445 |
|
|
|
| 446 |
|
|
/* What we have mapped so far */
|
| 447 |
|
|
elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1);
|
| 448 |
|
|
|
| 449 |
|
|
/* Map the last of the bss segment */
|
| 450 |
|
|
if (last_bss > elf_bss) {
|
| 451 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 452 |
|
|
error = do_brk(elf_bss, last_bss - elf_bss);
|
| 453 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 454 |
|
|
if (BAD_ADDR(error))
|
| 455 |
|
|
goto out_close;
|
| 456 |
|
|
}
|
| 457 |
|
|
|
| 458 |
|
|
*interp_load_addr = load_addr;
|
| 459 |
|
|
error = ((unsigned long)interp_elf_ex->e_entry) + load_addr;
|
| 460 |
|
|
|
| 461 |
|
|
out_close:
|
| 462 |
|
|
kfree(elf_phdata);
|
| 463 |
|
|
out:
|
| 464 |
|
|
return error;
|
| 465 |
|
|
}
|
| 466 |
|
|
|
| 467 |
|
|
static unsigned long load_aout_interp(struct exec *interp_ex,
|
| 468 |
|
|
struct file *interpreter)
|
| 469 |
|
|
{
|
| 470 |
|
|
unsigned long text_data, elf_entry = ~0UL;
|
| 471 |
|
|
char __user * addr;
|
| 472 |
|
|
loff_t offset;
|
| 473 |
|
|
|
| 474 |
|
|
current->mm->end_code = interp_ex->a_text;
|
| 475 |
|
|
text_data = interp_ex->a_text + interp_ex->a_data;
|
| 476 |
|
|
current->mm->end_data = text_data;
|
| 477 |
|
|
current->mm->brk = interp_ex->a_bss + text_data;
|
| 478 |
|
|
|
| 479 |
|
|
switch (N_MAGIC(*interp_ex)) {
|
| 480 |
|
|
case OMAGIC:
|
| 481 |
|
|
offset = 32;
|
| 482 |
|
|
addr = (char __user *)0;
|
| 483 |
|
|
break;
|
| 484 |
|
|
case ZMAGIC:
|
| 485 |
|
|
case QMAGIC:
|
| 486 |
|
|
offset = N_TXTOFF(*interp_ex);
|
| 487 |
|
|
addr = (char __user *)N_TXTADDR(*interp_ex);
|
| 488 |
|
|
break;
|
| 489 |
|
|
default:
|
| 490 |
|
|
goto out;
|
| 491 |
|
|
}
|
| 492 |
|
|
|
| 493 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 494 |
|
|
do_brk(0, text_data);
|
| 495 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 496 |
|
|
if (!interpreter->f_op || !interpreter->f_op->read)
|
| 497 |
|
|
goto out;
|
| 498 |
|
|
if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
|
| 499 |
|
|
goto out;
|
| 500 |
|
|
flush_icache_range((unsigned long)addr,
|
| 501 |
|
|
(unsigned long)addr + text_data);
|
| 502 |
|
|
|
| 503 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 504 |
|
|
do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
|
| 505 |
|
|
interp_ex->a_bss);
|
| 506 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 507 |
|
|
elf_entry = interp_ex->a_entry;
|
| 508 |
|
|
|
| 509 |
|
|
out:
|
| 510 |
|
|
return elf_entry;
|
| 511 |
|
|
}
|
| 512 |
|
|
|
| 513 |
|
|
/*
|
| 514 |
|
|
* These are the functions used to load ELF style executables and shared
|
| 515 |
|
|
* libraries. There is no binary dependent code anywhere else.
|
| 516 |
|
|
*/
|
| 517 |
|
|
|
| 518 |
|
|
#define INTERPRETER_NONE 0
|
| 519 |
|
|
#define INTERPRETER_AOUT 1
|
| 520 |
|
|
#define INTERPRETER_ELF 2
|
| 521 |
|
|
|
| 522 |
|
|
#ifndef STACK_RND_MASK
|
| 523 |
|
|
#define STACK_RND_MASK (0x7ff >> (PAGE_SHIFT - 12)) /* 8MB of VA */
|
| 524 |
|
|
#endif
|
| 525 |
|
|
|
| 526 |
|
|
static unsigned long randomize_stack_top(unsigned long stack_top)
|
| 527 |
|
|
{
|
| 528 |
|
|
unsigned int random_variable = 0;
|
| 529 |
|
|
|
| 530 |
|
|
if ((current->flags & PF_RANDOMIZE) &&
|
| 531 |
|
|
!(current->personality & ADDR_NO_RANDOMIZE)) {
|
| 532 |
|
|
random_variable = get_random_int() & STACK_RND_MASK;
|
| 533 |
|
|
random_variable <<= PAGE_SHIFT;
|
| 534 |
|
|
}
|
| 535 |
|
|
#ifdef CONFIG_STACK_GROWSUP
|
| 536 |
|
|
return PAGE_ALIGN(stack_top) + random_variable;
|
| 537 |
|
|
#else
|
| 538 |
|
|
return PAGE_ALIGN(stack_top) - random_variable;
|
| 539 |
|
|
#endif
|
| 540 |
|
|
}
|
| 541 |
|
|
|
| 542 |
|
|
static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
|
| 543 |
|
|
{
|
| 544 |
|
|
struct file *interpreter = NULL; /* to shut gcc up */
|
| 545 |
|
|
unsigned long load_addr = 0, load_bias = 0;
|
| 546 |
|
|
int load_addr_set = 0;
|
| 547 |
|
|
char * elf_interpreter = NULL;
|
| 548 |
|
|
unsigned int interpreter_type = INTERPRETER_NONE;
|
| 549 |
|
|
unsigned char ibcs2_interpreter = 0;
|
| 550 |
|
|
unsigned long error;
|
| 551 |
|
|
struct elf_phdr *elf_ppnt, *elf_phdata;
|
| 552 |
|
|
unsigned long elf_bss, elf_brk;
|
| 553 |
|
|
int elf_exec_fileno;
|
| 554 |
|
|
int retval, i;
|
| 555 |
|
|
unsigned int size;
|
| 556 |
|
|
unsigned long elf_entry, interp_load_addr = 0;
|
| 557 |
|
|
unsigned long start_code, end_code, start_data, end_data;
|
| 558 |
|
|
unsigned long reloc_func_desc = 0;
|
| 559 |
|
|
char passed_fileno[6];
|
| 560 |
|
|
struct files_struct *files;
|
| 561 |
|
|
int executable_stack = EXSTACK_DEFAULT;
|
| 562 |
|
|
unsigned long def_flags = 0;
|
| 563 |
|
|
struct {
|
| 564 |
|
|
struct elfhdr elf_ex;
|
| 565 |
|
|
struct elfhdr interp_elf_ex;
|
| 566 |
|
|
struct exec interp_ex;
|
| 567 |
|
|
} *loc;
|
| 568 |
|
|
|
| 569 |
|
|
loc = kmalloc(sizeof(*loc), GFP_KERNEL);
|
| 570 |
|
|
if (!loc) {
|
| 571 |
|
|
retval = -ENOMEM;
|
| 572 |
|
|
goto out_ret;
|
| 573 |
|
|
}
|
| 574 |
|
|
|
| 575 |
|
|
/* Get the exec-header */
|
| 576 |
|
|
loc->elf_ex = *((struct elfhdr *)bprm->buf);
|
| 577 |
|
|
|
| 578 |
|
|
retval = -ENOEXEC;
|
| 579 |
|
|
/* First of all, some simple consistency checks */
|
| 580 |
|
|
if (memcmp(loc->elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
|
| 581 |
|
|
goto out;
|
| 582 |
|
|
|
| 583 |
|
|
if (loc->elf_ex.e_type != ET_EXEC && loc->elf_ex.e_type != ET_DYN)
|
| 584 |
|
|
goto out;
|
| 585 |
|
|
if (!elf_check_arch(&loc->elf_ex))
|
| 586 |
|
|
goto out;
|
| 587 |
|
|
if (!bprm->file->f_op||!bprm->file->f_op->mmap)
|
| 588 |
|
|
goto out;
|
| 589 |
|
|
|
| 590 |
|
|
/* Now read in all of the header information */
|
| 591 |
|
|
if (loc->elf_ex.e_phentsize != sizeof(struct elf_phdr))
|
| 592 |
|
|
goto out;
|
| 593 |
|
|
if (loc->elf_ex.e_phnum < 1 ||
|
| 594 |
|
|
loc->elf_ex.e_phnum > 65536U / sizeof(struct elf_phdr))
|
| 595 |
|
|
goto out;
|
| 596 |
|
|
size = loc->elf_ex.e_phnum * sizeof(struct elf_phdr);
|
| 597 |
|
|
retval = -ENOMEM;
|
| 598 |
|
|
elf_phdata = kmalloc(size, GFP_KERNEL);
|
| 599 |
|
|
if (!elf_phdata)
|
| 600 |
|
|
goto out;
|
| 601 |
|
|
|
| 602 |
|
|
retval = kernel_read(bprm->file, loc->elf_ex.e_phoff,
|
| 603 |
|
|
(char *)elf_phdata, size);
|
| 604 |
|
|
if (retval != size) {
|
| 605 |
|
|
if (retval >= 0)
|
| 606 |
|
|
retval = -EIO;
|
| 607 |
|
|
goto out_free_ph;
|
| 608 |
|
|
}
|
| 609 |
|
|
|
| 610 |
|
|
files = current->files; /* Refcounted so ok */
|
| 611 |
|
|
retval = unshare_files();
|
| 612 |
|
|
if (retval < 0)
|
| 613 |
|
|
goto out_free_ph;
|
| 614 |
|
|
if (files == current->files) {
|
| 615 |
|
|
put_files_struct(files);
|
| 616 |
|
|
files = NULL;
|
| 617 |
|
|
}
|
| 618 |
|
|
|
| 619 |
|
|
/* exec will make our files private anyway, but for the a.out
|
| 620 |
|
|
loader stuff we need to do it earlier */
|
| 621 |
|
|
retval = get_unused_fd();
|
| 622 |
|
|
if (retval < 0)
|
| 623 |
|
|
goto out_free_fh;
|
| 624 |
|
|
get_file(bprm->file);
|
| 625 |
|
|
fd_install(elf_exec_fileno = retval, bprm->file);
|
| 626 |
|
|
|
| 627 |
|
|
elf_ppnt = elf_phdata;
|
| 628 |
|
|
elf_bss = 0;
|
| 629 |
|
|
elf_brk = 0;
|
| 630 |
|
|
|
| 631 |
|
|
start_code = ~0UL;
|
| 632 |
|
|
end_code = 0;
|
| 633 |
|
|
start_data = 0;
|
| 634 |
|
|
end_data = 0;
|
| 635 |
|
|
|
| 636 |
|
|
for (i = 0; i < loc->elf_ex.e_phnum; i++) {
|
| 637 |
|
|
if (elf_ppnt->p_type == PT_INTERP) {
|
| 638 |
|
|
/* This is the program interpreter used for
|
| 639 |
|
|
* shared libraries - for now assume that this
|
| 640 |
|
|
* is an a.out format binary
|
| 641 |
|
|
*/
|
| 642 |
|
|
retval = -ENOEXEC;
|
| 643 |
|
|
if (elf_ppnt->p_filesz > PATH_MAX ||
|
| 644 |
|
|
elf_ppnt->p_filesz < 2)
|
| 645 |
|
|
goto out_free_file;
|
| 646 |
|
|
|
| 647 |
|
|
retval = -ENOMEM;
|
| 648 |
|
|
elf_interpreter = kmalloc(elf_ppnt->p_filesz,
|
| 649 |
|
|
GFP_KERNEL);
|
| 650 |
|
|
if (!elf_interpreter)
|
| 651 |
|
|
goto out_free_file;
|
| 652 |
|
|
|
| 653 |
|
|
retval = kernel_read(bprm->file, elf_ppnt->p_offset,
|
| 654 |
|
|
elf_interpreter,
|
| 655 |
|
|
elf_ppnt->p_filesz);
|
| 656 |
|
|
if (retval != elf_ppnt->p_filesz) {
|
| 657 |
|
|
if (retval >= 0)
|
| 658 |
|
|
retval = -EIO;
|
| 659 |
|
|
goto out_free_interp;
|
| 660 |
|
|
}
|
| 661 |
|
|
/* make sure path is NULL terminated */
|
| 662 |
|
|
retval = -ENOEXEC;
|
| 663 |
|
|
if (elf_interpreter[elf_ppnt->p_filesz - 1] != '\0')
|
| 664 |
|
|
goto out_free_interp;
|
| 665 |
|
|
|
| 666 |
|
|
/* If the program interpreter is one of these two,
|
| 667 |
|
|
* then assume an iBCS2 image. Otherwise assume
|
| 668 |
|
|
* a native linux image.
|
| 669 |
|
|
*/
|
| 670 |
|
|
if (strcmp(elf_interpreter,"/usr/lib/libc.so.1") == 0 ||
|
| 671 |
|
|
strcmp(elf_interpreter,"/usr/lib/ld.so.1") == 0)
|
| 672 |
|
|
ibcs2_interpreter = 1;
|
| 673 |
|
|
|
| 674 |
|
|
/*
|
| 675 |
|
|
* The early SET_PERSONALITY here is so that the lookup
|
| 676 |
|
|
* for the interpreter happens in the namespace of the
|
| 677 |
|
|
* to-be-execed image. SET_PERSONALITY can select an
|
| 678 |
|
|
* alternate root.
|
| 679 |
|
|
*
|
| 680 |
|
|
* However, SET_PERSONALITY is NOT allowed to switch
|
| 681 |
|
|
* this task into the new images's memory mapping
|
| 682 |
|
|
* policy - that is, TASK_SIZE must still evaluate to
|
| 683 |
|
|
* that which is appropriate to the execing application.
|
| 684 |
|
|
* This is because exit_mmap() needs to have TASK_SIZE
|
| 685 |
|
|
* evaluate to the size of the old image.
|
| 686 |
|
|
*
|
| 687 |
|
|
* So if (say) a 64-bit application is execing a 32-bit
|
| 688 |
|
|
* application it is the architecture's responsibility
|
| 689 |
|
|
* to defer changing the value of TASK_SIZE until the
|
| 690 |
|
|
* switch really is going to happen - do this in
|
| 691 |
|
|
* flush_thread(). - akpm
|
| 692 |
|
|
*/
|
| 693 |
|
|
SET_PERSONALITY(loc->elf_ex, ibcs2_interpreter);
|
| 694 |
|
|
|
| 695 |
|
|
interpreter = open_exec(elf_interpreter);
|
| 696 |
|
|
retval = PTR_ERR(interpreter);
|
| 697 |
|
|
if (IS_ERR(interpreter))
|
| 698 |
|
|
goto out_free_interp;
|
| 699 |
|
|
|
| 700 |
|
|
/*
|
| 701 |
|
|
* If the binary is not readable then enforce
|
| 702 |
|
|
* mm->dumpable = 0 regardless of the interpreter's
|
| 703 |
|
|
* permissions.
|
| 704 |
|
|
*/
|
| 705 |
|
|
if (file_permission(interpreter, MAY_READ) < 0)
|
| 706 |
|
|
bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
|
| 707 |
|
|
|
| 708 |
|
|
retval = kernel_read(interpreter, 0, bprm->buf,
|
| 709 |
|
|
BINPRM_BUF_SIZE);
|
| 710 |
|
|
if (retval != BINPRM_BUF_SIZE) {
|
| 711 |
|
|
if (retval >= 0)
|
| 712 |
|
|
retval = -EIO;
|
| 713 |
|
|
goto out_free_dentry;
|
| 714 |
|
|
}
|
| 715 |
|
|
|
| 716 |
|
|
/* Get the exec headers */
|
| 717 |
|
|
loc->interp_ex = *((struct exec *)bprm->buf);
|
| 718 |
|
|
loc->interp_elf_ex = *((struct elfhdr *)bprm->buf);
|
| 719 |
|
|
break;
|
| 720 |
|
|
}
|
| 721 |
|
|
elf_ppnt++;
|
| 722 |
|
|
}
|
| 723 |
|
|
|
| 724 |
|
|
elf_ppnt = elf_phdata;
|
| 725 |
|
|
for (i = 0; i < loc->elf_ex.e_phnum; i++, elf_ppnt++)
|
| 726 |
|
|
if (elf_ppnt->p_type == PT_GNU_STACK) {
|
| 727 |
|
|
if (elf_ppnt->p_flags & PF_X)
|
| 728 |
|
|
executable_stack = EXSTACK_ENABLE_X;
|
| 729 |
|
|
else
|
| 730 |
|
|
executable_stack = EXSTACK_DISABLE_X;
|
| 731 |
|
|
break;
|
| 732 |
|
|
}
|
| 733 |
|
|
|
| 734 |
|
|
/* Some simple consistency checks for the interpreter */
|
| 735 |
|
|
if (elf_interpreter) {
|
| 736 |
|
|
static int warn;
|
| 737 |
|
|
interpreter_type = INTERPRETER_ELF | INTERPRETER_AOUT;
|
| 738 |
|
|
|
| 739 |
|
|
/* Now figure out which format our binary is */
|
| 740 |
|
|
if ((N_MAGIC(loc->interp_ex) != OMAGIC) &&
|
| 741 |
|
|
(N_MAGIC(loc->interp_ex) != ZMAGIC) &&
|
| 742 |
|
|
(N_MAGIC(loc->interp_ex) != QMAGIC))
|
| 743 |
|
|
interpreter_type = INTERPRETER_ELF;
|
| 744 |
|
|
|
| 745 |
|
|
if (memcmp(loc->interp_elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
|
| 746 |
|
|
interpreter_type &= ~INTERPRETER_ELF;
|
| 747 |
|
|
|
| 748 |
|
|
if (interpreter_type == INTERPRETER_AOUT && warn < 10) {
|
| 749 |
|
|
printk(KERN_WARNING "a.out ELF interpreter %s is "
|
| 750 |
|
|
"deprecated and will not be supported "
|
| 751 |
|
|
"after Linux 2.6.25\n", elf_interpreter);
|
| 752 |
|
|
warn++;
|
| 753 |
|
|
}
|
| 754 |
|
|
|
| 755 |
|
|
retval = -ELIBBAD;
|
| 756 |
|
|
if (!interpreter_type)
|
| 757 |
|
|
goto out_free_dentry;
|
| 758 |
|
|
|
| 759 |
|
|
/* Make sure only one type was selected */
|
| 760 |
|
|
if ((interpreter_type & INTERPRETER_ELF) &&
|
| 761 |
|
|
interpreter_type != INTERPRETER_ELF) {
|
| 762 |
|
|
// FIXME - ratelimit this before re-enabling
|
| 763 |
|
|
// printk(KERN_WARNING "ELF: Ambiguous type, using ELF\n");
|
| 764 |
|
|
interpreter_type = INTERPRETER_ELF;
|
| 765 |
|
|
}
|
| 766 |
|
|
/* Verify the interpreter has a valid arch */
|
| 767 |
|
|
if ((interpreter_type == INTERPRETER_ELF) &&
|
| 768 |
|
|
!elf_check_arch(&loc->interp_elf_ex))
|
| 769 |
|
|
goto out_free_dentry;
|
| 770 |
|
|
} else {
|
| 771 |
|
|
/* Executables without an interpreter also need a personality */
|
| 772 |
|
|
SET_PERSONALITY(loc->elf_ex, ibcs2_interpreter);
|
| 773 |
|
|
}
|
| 774 |
|
|
|
| 775 |
|
|
/* OK, we are done with that, now set up the arg stuff,
|
| 776 |
|
|
and then start this sucker up */
|
| 777 |
|
|
if ((!bprm->sh_bang) && (interpreter_type == INTERPRETER_AOUT)) {
|
| 778 |
|
|
char *passed_p = passed_fileno;
|
| 779 |
|
|
sprintf(passed_fileno, "%d", elf_exec_fileno);
|
| 780 |
|
|
|
| 781 |
|
|
if (elf_interpreter) {
|
| 782 |
|
|
retval = copy_strings_kernel(1, &passed_p, bprm);
|
| 783 |
|
|
if (retval)
|
| 784 |
|
|
goto out_free_dentry;
|
| 785 |
|
|
bprm->argc++;
|
| 786 |
|
|
}
|
| 787 |
|
|
}
|
| 788 |
|
|
|
| 789 |
|
|
/* Flush all traces of the currently running executable */
|
| 790 |
|
|
retval = flush_old_exec(bprm);
|
| 791 |
|
|
if (retval)
|
| 792 |
|
|
goto out_free_dentry;
|
| 793 |
|
|
|
| 794 |
|
|
/* Discard our unneeded old files struct */
|
| 795 |
|
|
if (files) {
|
| 796 |
|
|
put_files_struct(files);
|
| 797 |
|
|
files = NULL;
|
| 798 |
|
|
}
|
| 799 |
|
|
|
| 800 |
|
|
/* OK, This is the point of no return */
|
| 801 |
|
|
current->flags &= ~PF_FORKNOEXEC;
|
| 802 |
|
|
current->mm->def_flags = def_flags;
|
| 803 |
|
|
|
| 804 |
|
|
/* Do this immediately, since STACK_TOP as used in setup_arg_pages
|
| 805 |
|
|
may depend on the personality. */
|
| 806 |
|
|
SET_PERSONALITY(loc->elf_ex, ibcs2_interpreter);
|
| 807 |
|
|
if (elf_read_implies_exec(loc->elf_ex, executable_stack))
|
| 808 |
|
|
current->personality |= READ_IMPLIES_EXEC;
|
| 809 |
|
|
|
| 810 |
|
|
if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
|
| 811 |
|
|
current->flags |= PF_RANDOMIZE;
|
| 812 |
|
|
arch_pick_mmap_layout(current->mm);
|
| 813 |
|
|
|
| 814 |
|
|
/* Do this so that we can load the interpreter, if need be. We will
|
| 815 |
|
|
change some of these later */
|
| 816 |
|
|
current->mm->free_area_cache = current->mm->mmap_base;
|
| 817 |
|
|
current->mm->cached_hole_size = 0;
|
| 818 |
|
|
retval = setup_arg_pages(bprm, randomize_stack_top(STACK_TOP),
|
| 819 |
|
|
executable_stack);
|
| 820 |
|
|
if (retval < 0) {
|
| 821 |
|
|
send_sig(SIGKILL, current, 0);
|
| 822 |
|
|
goto out_free_dentry;
|
| 823 |
|
|
}
|
| 824 |
|
|
|
| 825 |
|
|
current->mm->start_stack = bprm->p;
|
| 826 |
|
|
|
| 827 |
|
|
/* Now we do a little grungy work by mmaping the ELF image into
|
| 828 |
|
|
the correct location in memory. At this point, we assume that
|
| 829 |
|
|
the image should be loaded at fixed address, not at a variable
|
| 830 |
|
|
address. */
|
| 831 |
|
|
for(i = 0, elf_ppnt = elf_phdata;
|
| 832 |
|
|
i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
|
| 833 |
|
|
int elf_prot = 0, elf_flags;
|
| 834 |
|
|
unsigned long k, vaddr;
|
| 835 |
|
|
|
| 836 |
|
|
if (elf_ppnt->p_type != PT_LOAD)
|
| 837 |
|
|
continue;
|
| 838 |
|
|
|
| 839 |
|
|
if (unlikely (elf_brk > elf_bss)) {
|
| 840 |
|
|
unsigned long nbyte;
|
| 841 |
|
|
|
| 842 |
|
|
/* There was a PT_LOAD segment with p_memsz > p_filesz
|
| 843 |
|
|
before this one. Map anonymous pages, if needed,
|
| 844 |
|
|
and clear the area. */
|
| 845 |
|
|
retval = set_brk (elf_bss + load_bias,
|
| 846 |
|
|
elf_brk + load_bias);
|
| 847 |
|
|
if (retval) {
|
| 848 |
|
|
send_sig(SIGKILL, current, 0);
|
| 849 |
|
|
goto out_free_dentry;
|
| 850 |
|
|
}
|
| 851 |
|
|
nbyte = ELF_PAGEOFFSET(elf_bss);
|
| 852 |
|
|
if (nbyte) {
|
| 853 |
|
|
nbyte = ELF_MIN_ALIGN - nbyte;
|
| 854 |
|
|
if (nbyte > elf_brk - elf_bss)
|
| 855 |
|
|
nbyte = elf_brk - elf_bss;
|
| 856 |
|
|
if (clear_user((void __user *)elf_bss +
|
| 857 |
|
|
load_bias, nbyte)) {
|
| 858 |
|
|
/*
|
| 859 |
|
|
* This bss-zeroing can fail if the ELF
|
| 860 |
|
|
* file specifies odd protections. So
|
| 861 |
|
|
* we don't check the return value
|
| 862 |
|
|
*/
|
| 863 |
|
|
}
|
| 864 |
|
|
}
|
| 865 |
|
|
}
|
| 866 |
|
|
|
| 867 |
|
|
if (elf_ppnt->p_flags & PF_R)
|
| 868 |
|
|
elf_prot |= PROT_READ;
|
| 869 |
|
|
if (elf_ppnt->p_flags & PF_W)
|
| 870 |
|
|
elf_prot |= PROT_WRITE;
|
| 871 |
|
|
if (elf_ppnt->p_flags & PF_X)
|
| 872 |
|
|
elf_prot |= PROT_EXEC;
|
| 873 |
|
|
|
| 874 |
|
|
elf_flags = MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE;
|
| 875 |
|
|
|
| 876 |
|
|
vaddr = elf_ppnt->p_vaddr;
|
| 877 |
|
|
if (loc->elf_ex.e_type == ET_EXEC || load_addr_set) {
|
| 878 |
|
|
elf_flags |= MAP_FIXED;
|
| 879 |
|
|
} else if (loc->elf_ex.e_type == ET_DYN) {
|
| 880 |
|
|
/* Try and get dynamic programs out of the way of the
|
| 881 |
|
|
* default mmap base, as well as whatever program they
|
| 882 |
|
|
* might try to exec. This is because the brk will
|
| 883 |
|
|
* follow the loader, and is not movable. */
|
| 884 |
|
|
load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr);
|
| 885 |
|
|
}
|
| 886 |
|
|
|
| 887 |
|
|
error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt,
|
| 888 |
|
|
elf_prot, elf_flags);
|
| 889 |
|
|
if (BAD_ADDR(error)) {
|
| 890 |
|
|
send_sig(SIGKILL, current, 0);
|
| 891 |
|
|
retval = IS_ERR((void *)error) ?
|
| 892 |
|
|
PTR_ERR((void*)error) : -EINVAL;
|
| 893 |
|
|
goto out_free_dentry;
|
| 894 |
|
|
}
|
| 895 |
|
|
|
| 896 |
|
|
if (!load_addr_set) {
|
| 897 |
|
|
load_addr_set = 1;
|
| 898 |
|
|
load_addr = (elf_ppnt->p_vaddr - elf_ppnt->p_offset);
|
| 899 |
|
|
if (loc->elf_ex.e_type == ET_DYN) {
|
| 900 |
|
|
load_bias += error -
|
| 901 |
|
|
ELF_PAGESTART(load_bias + vaddr);
|
| 902 |
|
|
load_addr += load_bias;
|
| 903 |
|
|
reloc_func_desc = load_bias;
|
| 904 |
|
|
}
|
| 905 |
|
|
}
|
| 906 |
|
|
k = elf_ppnt->p_vaddr;
|
| 907 |
|
|
if (k < start_code)
|
| 908 |
|
|
start_code = k;
|
| 909 |
|
|
if (start_data < k)
|
| 910 |
|
|
start_data = k;
|
| 911 |
|
|
|
| 912 |
|
|
/*
|
| 913 |
|
|
* Check to see if the section's size will overflow the
|
| 914 |
|
|
* allowed task size. Note that p_filesz must always be
|
| 915 |
|
|
* <= p_memsz so it is only necessary to check p_memsz.
|
| 916 |
|
|
*/
|
| 917 |
|
|
if (BAD_ADDR(k) || elf_ppnt->p_filesz > elf_ppnt->p_memsz ||
|
| 918 |
|
|
elf_ppnt->p_memsz > TASK_SIZE ||
|
| 919 |
|
|
TASK_SIZE - elf_ppnt->p_memsz < k) {
|
| 920 |
|
|
/* set_brk can never work. Avoid overflows. */
|
| 921 |
|
|
send_sig(SIGKILL, current, 0);
|
| 922 |
|
|
retval = -EINVAL;
|
| 923 |
|
|
goto out_free_dentry;
|
| 924 |
|
|
}
|
| 925 |
|
|
|
| 926 |
|
|
k = elf_ppnt->p_vaddr + elf_ppnt->p_filesz;
|
| 927 |
|
|
|
| 928 |
|
|
if (k > elf_bss)
|
| 929 |
|
|
elf_bss = k;
|
| 930 |
|
|
if ((elf_ppnt->p_flags & PF_X) && end_code < k)
|
| 931 |
|
|
end_code = k;
|
| 932 |
|
|
if (end_data < k)
|
| 933 |
|
|
end_data = k;
|
| 934 |
|
|
k = elf_ppnt->p_vaddr + elf_ppnt->p_memsz;
|
| 935 |
|
|
if (k > elf_brk)
|
| 936 |
|
|
elf_brk = k;
|
| 937 |
|
|
}
|
| 938 |
|
|
|
| 939 |
|
|
loc->elf_ex.e_entry += load_bias;
|
| 940 |
|
|
elf_bss += load_bias;
|
| 941 |
|
|
elf_brk += load_bias;
|
| 942 |
|
|
start_code += load_bias;
|
| 943 |
|
|
end_code += load_bias;
|
| 944 |
|
|
start_data += load_bias;
|
| 945 |
|
|
end_data += load_bias;
|
| 946 |
|
|
|
| 947 |
|
|
/* Calling set_brk effectively mmaps the pages that we need
|
| 948 |
|
|
* for the bss and break sections. We must do this before
|
| 949 |
|
|
* mapping in the interpreter, to make sure it doesn't wind
|
| 950 |
|
|
* up getting placed where the bss needs to go.
|
| 951 |
|
|
*/
|
| 952 |
|
|
retval = set_brk(elf_bss, elf_brk);
|
| 953 |
|
|
if (retval) {
|
| 954 |
|
|
send_sig(SIGKILL, current, 0);
|
| 955 |
|
|
goto out_free_dentry;
|
| 956 |
|
|
}
|
| 957 |
|
|
if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) {
|
| 958 |
|
|
send_sig(SIGSEGV, current, 0);
|
| 959 |
|
|
retval = -EFAULT; /* Nobody gets to see this, but.. */
|
| 960 |
|
|
goto out_free_dentry;
|
| 961 |
|
|
}
|
| 962 |
|
|
|
| 963 |
|
|
if (elf_interpreter) {
|
| 964 |
|
|
if (interpreter_type == INTERPRETER_AOUT)
|
| 965 |
|
|
elf_entry = load_aout_interp(&loc->interp_ex,
|
| 966 |
|
|
interpreter);
|
| 967 |
|
|
else
|
| 968 |
|
|
elf_entry = load_elf_interp(&loc->interp_elf_ex,
|
| 969 |
|
|
interpreter,
|
| 970 |
|
|
&interp_load_addr);
|
| 971 |
|
|
if (BAD_ADDR(elf_entry)) {
|
| 972 |
|
|
force_sig(SIGSEGV, current);
|
| 973 |
|
|
retval = IS_ERR((void *)elf_entry) ?
|
| 974 |
|
|
(int)elf_entry : -EINVAL;
|
| 975 |
|
|
goto out_free_dentry;
|
| 976 |
|
|
}
|
| 977 |
|
|
reloc_func_desc = interp_load_addr;
|
| 978 |
|
|
|
| 979 |
|
|
allow_write_access(interpreter);
|
| 980 |
|
|
fput(interpreter);
|
| 981 |
|
|
kfree(elf_interpreter);
|
| 982 |
|
|
} else {
|
| 983 |
|
|
elf_entry = loc->elf_ex.e_entry;
|
| 984 |
|
|
if (BAD_ADDR(elf_entry)) {
|
| 985 |
|
|
force_sig(SIGSEGV, current);
|
| 986 |
|
|
retval = -EINVAL;
|
| 987 |
|
|
goto out_free_dentry;
|
| 988 |
|
|
}
|
| 989 |
|
|
}
|
| 990 |
|
|
|
| 991 |
|
|
kfree(elf_phdata);
|
| 992 |
|
|
|
| 993 |
|
|
if (interpreter_type != INTERPRETER_AOUT)
|
| 994 |
|
|
sys_close(elf_exec_fileno);
|
| 995 |
|
|
|
| 996 |
|
|
set_binfmt(&elf_format);
|
| 997 |
|
|
|
| 998 |
|
|
#ifdef ARCH_HAS_SETUP_ADDITIONAL_PAGES
|
| 999 |
|
|
retval = arch_setup_additional_pages(bprm, executable_stack);
|
| 1000 |
|
|
if (retval < 0) {
|
| 1001 |
|
|
send_sig(SIGKILL, current, 0);
|
| 1002 |
|
|
goto out;
|
| 1003 |
|
|
}
|
| 1004 |
|
|
#endif /* ARCH_HAS_SETUP_ADDITIONAL_PAGES */
|
| 1005 |
|
|
|
| 1006 |
|
|
compute_creds(bprm);
|
| 1007 |
|
|
current->flags &= ~PF_FORKNOEXEC;
|
| 1008 |
|
|
retval = create_elf_tables(bprm, &loc->elf_ex,
|
| 1009 |
|
|
(interpreter_type == INTERPRETER_AOUT),
|
| 1010 |
|
|
load_addr, interp_load_addr);
|
| 1011 |
|
|
if (retval < 0) {
|
| 1012 |
|
|
send_sig(SIGKILL, current, 0);
|
| 1013 |
|
|
goto out;
|
| 1014 |
|
|
}
|
| 1015 |
|
|
/* N.B. passed_fileno might not be initialized? */
|
| 1016 |
|
|
if (interpreter_type == INTERPRETER_AOUT)
|
| 1017 |
|
|
current->mm->arg_start += strlen(passed_fileno) + 1;
|
| 1018 |
|
|
current->mm->end_code = end_code;
|
| 1019 |
|
|
current->mm->start_code = start_code;
|
| 1020 |
|
|
current->mm->start_data = start_data;
|
| 1021 |
|
|
current->mm->end_data = end_data;
|
| 1022 |
|
|
current->mm->start_stack = bprm->p;
|
| 1023 |
|
|
|
| 1024 |
|
|
if (current->personality & MMAP_PAGE_ZERO) {
|
| 1025 |
|
|
/* Why this, you ask??? Well SVr4 maps page 0 as read-only,
|
| 1026 |
|
|
and some applications "depend" upon this behavior.
|
| 1027 |
|
|
Since we do not have the power to recompile these, we
|
| 1028 |
|
|
emulate the SVr4 behavior. Sigh. */
|
| 1029 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 1030 |
|
|
error = do_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
|
| 1031 |
|
|
MAP_FIXED | MAP_PRIVATE, 0);
|
| 1032 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 1033 |
|
|
}
|
| 1034 |
|
|
|
| 1035 |
|
|
#ifdef ELF_PLAT_INIT
|
| 1036 |
|
|
/*
|
| 1037 |
|
|
* The ABI may specify that certain registers be set up in special
|
| 1038 |
|
|
* ways (on i386 %edx is the address of a DT_FINI function, for
|
| 1039 |
|
|
* example. In addition, it may also specify (eg, PowerPC64 ELF)
|
| 1040 |
|
|
* that the e_entry field is the address of the function descriptor
|
| 1041 |
|
|
* for the startup routine, rather than the address of the startup
|
| 1042 |
|
|
* routine itself. This macro performs whatever initialization to
|
| 1043 |
|
|
* the regs structure is required as well as any relocations to the
|
| 1044 |
|
|
* function descriptor entries when executing dynamically links apps.
|
| 1045 |
|
|
*/
|
| 1046 |
|
|
ELF_PLAT_INIT(regs, reloc_func_desc);
|
| 1047 |
|
|
#endif
|
| 1048 |
|
|
|
| 1049 |
|
|
start_thread(regs, elf_entry, bprm->p);
|
| 1050 |
|
|
if (unlikely(current->ptrace & PT_PTRACED)) {
|
| 1051 |
|
|
if (current->ptrace & PT_TRACE_EXEC)
|
| 1052 |
|
|
ptrace_notify ((PTRACE_EVENT_EXEC << 8) | SIGTRAP);
|
| 1053 |
|
|
else
|
| 1054 |
|
|
send_sig(SIGTRAP, current, 0);
|
| 1055 |
|
|
}
|
| 1056 |
|
|
retval = 0;
|
| 1057 |
|
|
out:
|
| 1058 |
|
|
kfree(loc);
|
| 1059 |
|
|
out_ret:
|
| 1060 |
|
|
return retval;
|
| 1061 |
|
|
|
| 1062 |
|
|
/* error cleanup */
|
| 1063 |
|
|
out_free_dentry:
|
| 1064 |
|
|
allow_write_access(interpreter);
|
| 1065 |
|
|
if (interpreter)
|
| 1066 |
|
|
fput(interpreter);
|
| 1067 |
|
|
out_free_interp:
|
| 1068 |
|
|
kfree(elf_interpreter);
|
| 1069 |
|
|
out_free_file:
|
| 1070 |
|
|
sys_close(elf_exec_fileno);
|
| 1071 |
|
|
out_free_fh:
|
| 1072 |
|
|
if (files)
|
| 1073 |
|
|
reset_files_struct(current, files);
|
| 1074 |
|
|
out_free_ph:
|
| 1075 |
|
|
kfree(elf_phdata);
|
| 1076 |
|
|
goto out;
|
| 1077 |
|
|
}
|
| 1078 |
|
|
|
| 1079 |
|
|
/* This is really simpleminded and specialized - we are loading an
|
| 1080 |
|
|
a.out library that is given an ELF header. */
|
| 1081 |
|
|
static int load_elf_library(struct file *file)
|
| 1082 |
|
|
{
|
| 1083 |
|
|
struct elf_phdr *elf_phdata;
|
| 1084 |
|
|
struct elf_phdr *eppnt;
|
| 1085 |
|
|
unsigned long elf_bss, bss, len;
|
| 1086 |
|
|
int retval, error, i, j;
|
| 1087 |
|
|
struct elfhdr elf_ex;
|
| 1088 |
|
|
|
| 1089 |
|
|
error = -ENOEXEC;
|
| 1090 |
|
|
retval = kernel_read(file, 0, (char *)&elf_ex, sizeof(elf_ex));
|
| 1091 |
|
|
if (retval != sizeof(elf_ex))
|
| 1092 |
|
|
goto out;
|
| 1093 |
|
|
|
| 1094 |
|
|
if (memcmp(elf_ex.e_ident, ELFMAG, SELFMAG) != 0)
|
| 1095 |
|
|
goto out;
|
| 1096 |
|
|
|
| 1097 |
|
|
/* First of all, some simple consistency checks */
|
| 1098 |
|
|
if (elf_ex.e_type != ET_EXEC || elf_ex.e_phnum > 2 ||
|
| 1099 |
|
|
!elf_check_arch(&elf_ex) || !file->f_op || !file->f_op->mmap)
|
| 1100 |
|
|
goto out;
|
| 1101 |
|
|
|
| 1102 |
|
|
/* Now read in all of the header information */
|
| 1103 |
|
|
|
| 1104 |
|
|
j = sizeof(struct elf_phdr) * elf_ex.e_phnum;
|
| 1105 |
|
|
/* j < ELF_MIN_ALIGN because elf_ex.e_phnum <= 2 */
|
| 1106 |
|
|
|
| 1107 |
|
|
error = -ENOMEM;
|
| 1108 |
|
|
elf_phdata = kmalloc(j, GFP_KERNEL);
|
| 1109 |
|
|
if (!elf_phdata)
|
| 1110 |
|
|
goto out;
|
| 1111 |
|
|
|
| 1112 |
|
|
eppnt = elf_phdata;
|
| 1113 |
|
|
error = -ENOEXEC;
|
| 1114 |
|
|
retval = kernel_read(file, elf_ex.e_phoff, (char *)eppnt, j);
|
| 1115 |
|
|
if (retval != j)
|
| 1116 |
|
|
goto out_free_ph;
|
| 1117 |
|
|
|
| 1118 |
|
|
for (j = 0, i = 0; i<elf_ex.e_phnum; i++)
|
| 1119 |
|
|
if ((eppnt + i)->p_type == PT_LOAD)
|
| 1120 |
|
|
j++;
|
| 1121 |
|
|
if (j != 1)
|
| 1122 |
|
|
goto out_free_ph;
|
| 1123 |
|
|
|
| 1124 |
|
|
while (eppnt->p_type != PT_LOAD)
|
| 1125 |
|
|
eppnt++;
|
| 1126 |
|
|
|
| 1127 |
|
|
/* Now use mmap to map the library into memory. */
|
| 1128 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 1129 |
|
|
error = do_mmap(file,
|
| 1130 |
|
|
ELF_PAGESTART(eppnt->p_vaddr),
|
| 1131 |
|
|
(eppnt->p_filesz +
|
| 1132 |
|
|
ELF_PAGEOFFSET(eppnt->p_vaddr)),
|
| 1133 |
|
|
PROT_READ | PROT_WRITE | PROT_EXEC,
|
| 1134 |
|
|
MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
|
| 1135 |
|
|
(eppnt->p_offset -
|
| 1136 |
|
|
ELF_PAGEOFFSET(eppnt->p_vaddr)));
|
| 1137 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 1138 |
|
|
if (error != ELF_PAGESTART(eppnt->p_vaddr))
|
| 1139 |
|
|
goto out_free_ph;
|
| 1140 |
|
|
|
| 1141 |
|
|
elf_bss = eppnt->p_vaddr + eppnt->p_filesz;
|
| 1142 |
|
|
if (padzero(elf_bss)) {
|
| 1143 |
|
|
error = -EFAULT;
|
| 1144 |
|
|
goto out_free_ph;
|
| 1145 |
|
|
}
|
| 1146 |
|
|
|
| 1147 |
|
|
len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
|
| 1148 |
|
|
ELF_MIN_ALIGN - 1);
|
| 1149 |
|
|
bss = eppnt->p_memsz + eppnt->p_vaddr;
|
| 1150 |
|
|
if (bss > len) {
|
| 1151 |
|
|
down_write(¤t->mm->mmap_sem);
|
| 1152 |
|
|
do_brk(len, bss - len);
|
| 1153 |
|
|
up_write(¤t->mm->mmap_sem);
|
| 1154 |
|
|
}
|
| 1155 |
|
|
error = 0;
|
| 1156 |
|
|
|
| 1157 |
|
|
out_free_ph:
|
| 1158 |
|
|
kfree(elf_phdata);
|
| 1159 |
|
|
out:
|
| 1160 |
|
|
return error;
|
| 1161 |
|
|
}
|
| 1162 |
|
|
|
| 1163 |
|
|
/*
|
| 1164 |
|
|
* Note that some platforms still use traditional core dumps and not
|
| 1165 |
|
|
* the ELF core dump. Each platform can select it as appropriate.
|
| 1166 |
|
|
*/
|
| 1167 |
|
|
#if defined(USE_ELF_CORE_DUMP) && defined(CONFIG_ELF_CORE)
|
| 1168 |
|
|
|
| 1169 |
|
|
/*
|
| 1170 |
|
|
* ELF core dumper
|
| 1171 |
|
|
*
|
| 1172 |
|
|
* Modelled on fs/exec.c:aout_core_dump()
|
| 1173 |
|
|
* Jeremy Fitzhardinge <jeremy@sw.oz.au>
|
| 1174 |
|
|
*/
|
| 1175 |
|
|
/*
|
| 1176 |
|
|
* These are the only things you should do on a core-file: use only these
|
| 1177 |
|
|
* functions to write out all the necessary info.
|
| 1178 |
|
|
*/
|
| 1179 |
|
|
static int dump_write(struct file *file, const void *addr, int nr)
|
| 1180 |
|
|
{
|
| 1181 |
|
|
return file->f_op->write(file, addr, nr, &file->f_pos) == nr;
|
| 1182 |
|
|
}
|
| 1183 |
|
|
|
| 1184 |
|
|
static int dump_seek(struct file *file, loff_t off)
|
| 1185 |
|
|
{
|
| 1186 |
|
|
if (file->f_op->llseek && file->f_op->llseek != no_llseek) {
|
| 1187 |
|
|
if (file->f_op->llseek(file, off, SEEK_CUR) < 0)
|
| 1188 |
|
|
return 0;
|
| 1189 |
|
|
} else {
|
| 1190 |
|
|
char *buf = (char *)get_zeroed_page(GFP_KERNEL);
|
| 1191 |
|
|
if (!buf)
|
| 1192 |
|
|
return 0;
|
| 1193 |
|
|
while (off > 0) {
|
| 1194 |
|
|
unsigned long n = off;
|
| 1195 |
|
|
if (n > PAGE_SIZE)
|
| 1196 |
|
|
n = PAGE_SIZE;
|
| 1197 |
|
|
if (!dump_write(file, buf, n))
|
| 1198 |
|
|
return 0;
|
| 1199 |
|
|
off -= n;
|
| 1200 |
|
|
}
|
| 1201 |
|
|
free_page((unsigned long)buf);
|
| 1202 |
|
|
}
|
| 1203 |
|
|
return 1;
|
| 1204 |
|
|
}
|
| 1205 |
|
|
|
| 1206 |
|
|
/*
|
| 1207 |
|
|
* Decide what to dump of a segment, part, all or none.
|
| 1208 |
|
|
*/
|
| 1209 |
|
|
static unsigned long vma_dump_size(struct vm_area_struct *vma,
|
| 1210 |
|
|
unsigned long mm_flags)
|
| 1211 |
|
|
{
|
| 1212 |
|
|
/* The vma can be set up to tell us the answer directly. */
|
| 1213 |
|
|
if (vma->vm_flags & VM_ALWAYSDUMP)
|
| 1214 |
|
|
goto whole;
|
| 1215 |
|
|
|
| 1216 |
|
|
/* Do not dump I/O mapped devices or special mappings */
|
| 1217 |
|
|
if (vma->vm_flags & (VM_IO | VM_RESERVED))
|
| 1218 |
|
|
return 0;
|
| 1219 |
|
|
|
| 1220 |
|
|
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
|
| 1221 |
|
|
|
| 1222 |
|
|
/* By default, dump shared memory if mapped from an anonymous file. */
|
| 1223 |
|
|
if (vma->vm_flags & VM_SHARED) {
|
| 1224 |
|
|
if (vma->vm_file->f_path.dentry->d_inode->i_nlink == 0 ?
|
| 1225 |
|
|
FILTER(ANON_SHARED) : FILTER(MAPPED_SHARED))
|
| 1226 |
|
|
goto whole;
|
| 1227 |
|
|
return 0;
|
| 1228 |
|
|
}
|
| 1229 |
|
|
|
| 1230 |
|
|
/* Dump segments that have been written to. */
|
| 1231 |
|
|
if (vma->anon_vma && FILTER(ANON_PRIVATE))
|
| 1232 |
|
|
goto whole;
|
| 1233 |
|
|
if (vma->vm_file == NULL)
|
| 1234 |
|
|
return 0;
|
| 1235 |
|
|
|
| 1236 |
|
|
if (FILTER(MAPPED_PRIVATE))
|
| 1237 |
|
|
goto whole;
|
| 1238 |
|
|
|
| 1239 |
|
|
/*
|
| 1240 |
|
|
* If this looks like the beginning of a DSO or executable mapping,
|
| 1241 |
|
|
* check for an ELF header. If we find one, dump the first page to
|
| 1242 |
|
|
* aid in determining what was mapped here.
|
| 1243 |
|
|
*/
|
| 1244 |
|
|
if (FILTER(ELF_HEADERS) && vma->vm_file != NULL && vma->vm_pgoff == 0) {
|
| 1245 |
|
|
u32 __user *header = (u32 __user *) vma->vm_start;
|
| 1246 |
|
|
u32 word;
|
| 1247 |
|
|
/*
|
| 1248 |
|
|
* Doing it this way gets the constant folded by GCC.
|
| 1249 |
|
|
*/
|
| 1250 |
|
|
union {
|
| 1251 |
|
|
u32 cmp;
|
| 1252 |
|
|
char elfmag[SELFMAG];
|
| 1253 |
|
|
} magic;
|
| 1254 |
|
|
BUILD_BUG_ON(SELFMAG != sizeof word);
|
| 1255 |
|
|
magic.elfmag[EI_MAG0] = ELFMAG0;
|
| 1256 |
|
|
magic.elfmag[EI_MAG1] = ELFMAG1;
|
| 1257 |
|
|
magic.elfmag[EI_MAG2] = ELFMAG2;
|
| 1258 |
|
|
magic.elfmag[EI_MAG3] = ELFMAG3;
|
| 1259 |
|
|
if (get_user(word, header) == 0 && word == magic.cmp)
|
| 1260 |
|
|
return PAGE_SIZE;
|
| 1261 |
|
|
}
|
| 1262 |
|
|
|
| 1263 |
|
|
#undef FILTER
|
| 1264 |
|
|
|
| 1265 |
|
|
return 0;
|
| 1266 |
|
|
|
| 1267 |
|
|
whole:
|
| 1268 |
|
|
return vma->vm_end - vma->vm_start;
|
| 1269 |
|
|
}
|
| 1270 |
|
|
|
| 1271 |
|
|
/* An ELF note in memory */
|
| 1272 |
|
|
struct memelfnote
|
| 1273 |
|
|
{
|
| 1274 |
|
|
const char *name;
|
| 1275 |
|
|
int type;
|
| 1276 |
|
|
unsigned int datasz;
|
| 1277 |
|
|
void *data;
|
| 1278 |
|
|
};
|
| 1279 |
|
|
|
| 1280 |
|
|
static int notesize(struct memelfnote *en)
|
| 1281 |
|
|
{
|
| 1282 |
|
|
int sz;
|
| 1283 |
|
|
|
| 1284 |
|
|
sz = sizeof(struct elf_note);
|
| 1285 |
|
|
sz += roundup(strlen(en->name) + 1, 4);
|
| 1286 |
|
|
sz += roundup(en->datasz, 4);
|
| 1287 |
|
|
|
| 1288 |
|
|
return sz;
|
| 1289 |
|
|
}
|
| 1290 |
|
|
|
| 1291 |
|
|
#define DUMP_WRITE(addr, nr, foffset) \
|
| 1292 |
|
|
do { if (!dump_write(file, (addr), (nr))) return 0; *foffset += (nr); } while(0)
|
| 1293 |
|
|
|
| 1294 |
|
|
static int alignfile(struct file *file, loff_t *foffset)
|
| 1295 |
|
|
{
|
| 1296 |
|
|
static const char buf[4] = { 0, };
|
| 1297 |
|
|
DUMP_WRITE(buf, roundup(*foffset, 4) - *foffset, foffset);
|
| 1298 |
|
|
return 1;
|
| 1299 |
|
|
}
|
| 1300 |
|
|
|
| 1301 |
|
|
static int writenote(struct memelfnote *men, struct file *file,
|
| 1302 |
|
|
loff_t *foffset)
|
| 1303 |
|
|
{
|
| 1304 |
|
|
struct elf_note en;
|
| 1305 |
|
|
en.n_namesz = strlen(men->name) + 1;
|
| 1306 |
|
|
en.n_descsz = men->datasz;
|
| 1307 |
|
|
en.n_type = men->type;
|
| 1308 |
|
|
|
| 1309 |
|
|
DUMP_WRITE(&en, sizeof(en), foffset);
|
| 1310 |
|
|
DUMP_WRITE(men->name, en.n_namesz, foffset);
|
| 1311 |
|
|
if (!alignfile(file, foffset))
|
| 1312 |
|
|
return 0;
|
| 1313 |
|
|
DUMP_WRITE(men->data, men->datasz, foffset);
|
| 1314 |
|
|
if (!alignfile(file, foffset))
|
| 1315 |
|
|
return 0;
|
| 1316 |
|
|
|
| 1317 |
|
|
return 1;
|
| 1318 |
|
|
}
|
| 1319 |
|
|
#undef DUMP_WRITE
|
| 1320 |
|
|
|
| 1321 |
|
|
#define DUMP_WRITE(addr, nr) \
|
| 1322 |
|
|
if ((size += (nr)) > limit || !dump_write(file, (addr), (nr))) \
|
| 1323 |
|
|
goto end_coredump;
|
| 1324 |
|
|
#define DUMP_SEEK(off) \
|
| 1325 |
|
|
if (!dump_seek(file, (off))) \
|
| 1326 |
|
|
goto end_coredump;
|
| 1327 |
|
|
|
| 1328 |
|
|
static void fill_elf_header(struct elfhdr *elf, int segs)
|
| 1329 |
|
|
{
|
| 1330 |
|
|
memcpy(elf->e_ident, ELFMAG, SELFMAG);
|
| 1331 |
|
|
elf->e_ident[EI_CLASS] = ELF_CLASS;
|
| 1332 |
|
|
elf->e_ident[EI_DATA] = ELF_DATA;
|
| 1333 |
|
|
elf->e_ident[EI_VERSION] = EV_CURRENT;
|
| 1334 |
|
|
elf->e_ident[EI_OSABI] = ELF_OSABI;
|
| 1335 |
|
|
memset(elf->e_ident+EI_PAD, 0, EI_NIDENT-EI_PAD);
|
| 1336 |
|
|
|
| 1337 |
|
|
elf->e_type = ET_CORE;
|
| 1338 |
|
|
elf->e_machine = ELF_ARCH;
|
| 1339 |
|
|
elf->e_version = EV_CURRENT;
|
| 1340 |
|
|
elf->e_entry = 0;
|
| 1341 |
|
|
elf->e_phoff = sizeof(struct elfhdr);
|
| 1342 |
|
|
elf->e_shoff = 0;
|
| 1343 |
|
|
elf->e_flags = ELF_CORE_EFLAGS;
|
| 1344 |
|
|
elf->e_ehsize = sizeof(struct elfhdr);
|
| 1345 |
|
|
elf->e_phentsize = sizeof(struct elf_phdr);
|
| 1346 |
|
|
elf->e_phnum = segs;
|
| 1347 |
|
|
elf->e_shentsize = 0;
|
| 1348 |
|
|
elf->e_shnum = 0;
|
| 1349 |
|
|
elf->e_shstrndx = 0;
|
| 1350 |
|
|
return;
|
| 1351 |
|
|
}
|
| 1352 |
|
|
|
| 1353 |
|
|
static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
|
| 1354 |
|
|
{
|
| 1355 |
|
|
phdr->p_type = PT_NOTE;
|
| 1356 |
|
|
phdr->p_offset = offset;
|
| 1357 |
|
|
phdr->p_vaddr = 0;
|
| 1358 |
|
|
phdr->p_paddr = 0;
|
| 1359 |
|
|
phdr->p_filesz = sz;
|
| 1360 |
|
|
phdr->p_memsz = 0;
|
| 1361 |
|
|
phdr->p_flags = 0;
|
| 1362 |
|
|
phdr->p_align = 0;
|
| 1363 |
|
|
return;
|
| 1364 |
|
|
}
|
| 1365 |
|
|
|
| 1366 |
|
|
static void fill_note(struct memelfnote *note, const char *name, int type,
|
| 1367 |
|
|
unsigned int sz, void *data)
|
| 1368 |
|
|
{
|
| 1369 |
|
|
note->name = name;
|
| 1370 |
|
|
note->type = type;
|
| 1371 |
|
|
note->datasz = sz;
|
| 1372 |
|
|
note->data = data;
|
| 1373 |
|
|
return;
|
| 1374 |
|
|
}
|
| 1375 |
|
|
|
| 1376 |
|
|
/*
|
| 1377 |
|
|
* fill up all the fields in prstatus from the given task struct, except
|
| 1378 |
|
|
* registers which need to be filled up separately.
|
| 1379 |
|
|
*/
|
| 1380 |
|
|
static void fill_prstatus(struct elf_prstatus *prstatus,
|
| 1381 |
|
|
struct task_struct *p, long signr)
|
| 1382 |
|
|
{
|
| 1383 |
|
|
prstatus->pr_info.si_signo = prstatus->pr_cursig = signr;
|
| 1384 |
|
|
prstatus->pr_sigpend = p->pending.signal.sig[0];
|
| 1385 |
|
|
prstatus->pr_sighold = p->blocked.sig[0];
|
| 1386 |
|
|
prstatus->pr_pid = task_pid_vnr(p);
|
| 1387 |
|
|
prstatus->pr_ppid = task_pid_vnr(p->real_parent);
|
| 1388 |
|
|
prstatus->pr_pgrp = task_pgrp_vnr(p);
|
| 1389 |
|
|
prstatus->pr_sid = task_session_vnr(p);
|
| 1390 |
|
|
if (thread_group_leader(p)) {
|
| 1391 |
|
|
/*
|
| 1392 |
|
|
* This is the record for the group leader. Add in the
|
| 1393 |
|
|
* cumulative times of previous dead threads. This total
|
| 1394 |
|
|
* won't include the time of each live thread whose state
|
| 1395 |
|
|
* is included in the core dump. The final total reported
|
| 1396 |
|
|
* to our parent process when it calls wait4 will include
|
| 1397 |
|
|
* those sums as well as the little bit more time it takes
|
| 1398 |
|
|
* this and each other thread to finish dying after the
|
| 1399 |
|
|
* core dump synchronization phase.
|
| 1400 |
|
|
*/
|
| 1401 |
|
|
cputime_to_timeval(cputime_add(p->utime, p->signal->utime),
|
| 1402 |
|
|
&prstatus->pr_utime);
|
| 1403 |
|
|
cputime_to_timeval(cputime_add(p->stime, p->signal->stime),
|
| 1404 |
|
|
&prstatus->pr_stime);
|
| 1405 |
|
|
} else {
|
| 1406 |
|
|
cputime_to_timeval(p->utime, &prstatus->pr_utime);
|
| 1407 |
|
|
cputime_to_timeval(p->stime, &prstatus->pr_stime);
|
| 1408 |
|
|
}
|
| 1409 |
|
|
cputime_to_timeval(p->signal->cutime, &prstatus->pr_cutime);
|
| 1410 |
|
|
cputime_to_timeval(p->signal->cstime, &prstatus->pr_cstime);
|
| 1411 |
|
|
}
|
| 1412 |
|
|
|
| 1413 |
|
|
static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p,
|
| 1414 |
|
|
struct mm_struct *mm)
|
| 1415 |
|
|
{
|
| 1416 |
|
|
unsigned int i, len;
|
| 1417 |
|
|
|
| 1418 |
|
|
/* first copy the parameters from user space */
|
| 1419 |
|
|
memset(psinfo, 0, sizeof(struct elf_prpsinfo));
|
| 1420 |
|
|
|
| 1421 |
|
|
len = mm->arg_end - mm->arg_start;
|
| 1422 |
|
|
if (len >= ELF_PRARGSZ)
|
| 1423 |
|
|
len = ELF_PRARGSZ-1;
|
| 1424 |
|
|
if (copy_from_user(&psinfo->pr_psargs,
|
| 1425 |
|
|
(const char __user *)mm->arg_start, len))
|
| 1426 |
|
|
return -EFAULT;
|
| 1427 |
|
|
for(i = 0; i < len; i++)
|
| 1428 |
|
|
if (psinfo->pr_psargs[i] == 0)
|
| 1429 |
|
|
psinfo->pr_psargs[i] = ' ';
|
| 1430 |
|
|
psinfo->pr_psargs[len] = 0;
|
| 1431 |
|
|
|
| 1432 |
|
|
psinfo->pr_pid = task_pid_vnr(p);
|
| 1433 |
|
|
psinfo->pr_ppid = task_pid_vnr(p->real_parent);
|
| 1434 |
|
|
psinfo->pr_pgrp = task_pgrp_vnr(p);
|
| 1435 |
|
|
psinfo->pr_sid = task_session_vnr(p);
|
| 1436 |
|
|
|
| 1437 |
|
|
i = p->state ? ffz(~p->state) + 1 : 0;
|
| 1438 |
|
|
psinfo->pr_state = i;
|
| 1439 |
|
|
psinfo->pr_sname = (i > 5) ? '.' : "RSDTZW"[i];
|
| 1440 |
|
|
psinfo->pr_zomb = psinfo->pr_sname == 'Z';
|
| 1441 |
|
|
psinfo->pr_nice = task_nice(p);
|
| 1442 |
|
|
psinfo->pr_flag = p->flags;
|
| 1443 |
|
|
SET_UID(psinfo->pr_uid, p->uid);
|
| 1444 |
|
|
SET_GID(psinfo->pr_gid, p->gid);
|
| 1445 |
|
|
strncpy(psinfo->pr_fname, p->comm, sizeof(psinfo->pr_fname));
|
| 1446 |
|
|
|
| 1447 |
|
|
return 0;
|
| 1448 |
|
|
}
|
| 1449 |
|
|
|
| 1450 |
|
|
/* Here is the structure in which status of each thread is captured. */
|
| 1451 |
|
|
struct elf_thread_status
|
| 1452 |
|
|
{
|
| 1453 |
|
|
struct list_head list;
|
| 1454 |
|
|
struct elf_prstatus prstatus; /* NT_PRSTATUS */
|
| 1455 |
|
|
elf_fpregset_t fpu; /* NT_PRFPREG */
|
| 1456 |
|
|
struct task_struct *thread;
|
| 1457 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1458 |
|
|
elf_fpxregset_t xfpu; /* ELF_CORE_XFPREG_TYPE */
|
| 1459 |
|
|
#endif
|
| 1460 |
|
|
struct memelfnote notes[3];
|
| 1461 |
|
|
int num_notes;
|
| 1462 |
|
|
};
|
| 1463 |
|
|
|
| 1464 |
|
|
/*
|
| 1465 |
|
|
* In order to add the specific thread information for the elf file format,
|
| 1466 |
|
|
* we need to keep a linked list of every threads pr_status and then create
|
| 1467 |
|
|
* a single section for them in the final core file.
|
| 1468 |
|
|
*/
|
| 1469 |
|
|
static int elf_dump_thread_status(long signr, struct elf_thread_status *t)
|
| 1470 |
|
|
{
|
| 1471 |
|
|
int sz = 0;
|
| 1472 |
|
|
struct task_struct *p = t->thread;
|
| 1473 |
|
|
t->num_notes = 0;
|
| 1474 |
|
|
|
| 1475 |
|
|
fill_prstatus(&t->prstatus, p, signr);
|
| 1476 |
|
|
elf_core_copy_task_regs(p, &t->prstatus.pr_reg);
|
| 1477 |
|
|
|
| 1478 |
|
|
fill_note(&t->notes[0], "CORE", NT_PRSTATUS, sizeof(t->prstatus),
|
| 1479 |
|
|
&(t->prstatus));
|
| 1480 |
|
|
t->num_notes++;
|
| 1481 |
|
|
sz += notesize(&t->notes[0]);
|
| 1482 |
|
|
|
| 1483 |
|
|
if ((t->prstatus.pr_fpvalid = elf_core_copy_task_fpregs(p, NULL,
|
| 1484 |
|
|
&t->fpu))) {
|
| 1485 |
|
|
fill_note(&t->notes[1], "CORE", NT_PRFPREG, sizeof(t->fpu),
|
| 1486 |
|
|
&(t->fpu));
|
| 1487 |
|
|
t->num_notes++;
|
| 1488 |
|
|
sz += notesize(&t->notes[1]);
|
| 1489 |
|
|
}
|
| 1490 |
|
|
|
| 1491 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1492 |
|
|
if (elf_core_copy_task_xfpregs(p, &t->xfpu)) {
|
| 1493 |
|
|
fill_note(&t->notes[2], "LINUX", ELF_CORE_XFPREG_TYPE,
|
| 1494 |
|
|
sizeof(t->xfpu), &t->xfpu);
|
| 1495 |
|
|
t->num_notes++;
|
| 1496 |
|
|
sz += notesize(&t->notes[2]);
|
| 1497 |
|
|
}
|
| 1498 |
|
|
#endif
|
| 1499 |
|
|
return sz;
|
| 1500 |
|
|
}
|
| 1501 |
|
|
|
| 1502 |
|
|
static struct vm_area_struct *first_vma(struct task_struct *tsk,
|
| 1503 |
|
|
struct vm_area_struct *gate_vma)
|
| 1504 |
|
|
{
|
| 1505 |
|
|
struct vm_area_struct *ret = tsk->mm->mmap;
|
| 1506 |
|
|
|
| 1507 |
|
|
if (ret)
|
| 1508 |
|
|
return ret;
|
| 1509 |
|
|
return gate_vma;
|
| 1510 |
|
|
}
|
| 1511 |
|
|
/*
|
| 1512 |
|
|
* Helper function for iterating across a vma list. It ensures that the caller
|
| 1513 |
|
|
* will visit `gate_vma' prior to terminating the search.
|
| 1514 |
|
|
*/
|
| 1515 |
|
|
static struct vm_area_struct *next_vma(struct vm_area_struct *this_vma,
|
| 1516 |
|
|
struct vm_area_struct *gate_vma)
|
| 1517 |
|
|
{
|
| 1518 |
|
|
struct vm_area_struct *ret;
|
| 1519 |
|
|
|
| 1520 |
|
|
ret = this_vma->vm_next;
|
| 1521 |
|
|
if (ret)
|
| 1522 |
|
|
return ret;
|
| 1523 |
|
|
if (this_vma == gate_vma)
|
| 1524 |
|
|
return NULL;
|
| 1525 |
|
|
return gate_vma;
|
| 1526 |
|
|
}
|
| 1527 |
|
|
|
| 1528 |
|
|
/*
|
| 1529 |
|
|
* Actual dumper
|
| 1530 |
|
|
*
|
| 1531 |
|
|
* This is a two-pass process; first we find the offsets of the bits,
|
| 1532 |
|
|
* and then they are actually written out. If we run out of core limit
|
| 1533 |
|
|
* we just truncate.
|
| 1534 |
|
|
*/
|
| 1535 |
|
|
static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file, unsigned long limit)
|
| 1536 |
|
|
{
|
| 1537 |
|
|
#define NUM_NOTES 6
|
| 1538 |
|
|
int has_dumped = 0;
|
| 1539 |
|
|
mm_segment_t fs;
|
| 1540 |
|
|
int segs;
|
| 1541 |
|
|
size_t size = 0;
|
| 1542 |
|
|
int i;
|
| 1543 |
|
|
struct vm_area_struct *vma, *gate_vma;
|
| 1544 |
|
|
struct elfhdr *elf = NULL;
|
| 1545 |
|
|
loff_t offset = 0, dataoff, foffset;
|
| 1546 |
|
|
int numnote;
|
| 1547 |
|
|
struct memelfnote *notes = NULL;
|
| 1548 |
|
|
struct elf_prstatus *prstatus = NULL; /* NT_PRSTATUS */
|
| 1549 |
|
|
struct elf_prpsinfo *psinfo = NULL; /* NT_PRPSINFO */
|
| 1550 |
|
|
struct task_struct *g, *p;
|
| 1551 |
|
|
LIST_HEAD(thread_list);
|
| 1552 |
|
|
struct list_head *t;
|
| 1553 |
|
|
elf_fpregset_t *fpu = NULL;
|
| 1554 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1555 |
|
|
elf_fpxregset_t *xfpu = NULL;
|
| 1556 |
|
|
#endif
|
| 1557 |
|
|
int thread_status_size = 0;
|
| 1558 |
|
|
elf_addr_t *auxv;
|
| 1559 |
|
|
unsigned long mm_flags;
|
| 1560 |
|
|
|
| 1561 |
|
|
/*
|
| 1562 |
|
|
* We no longer stop all VM operations.
|
| 1563 |
|
|
*
|
| 1564 |
|
|
* This is because those proceses that could possibly change map_count
|
| 1565 |
|
|
* or the mmap / vma pages are now blocked in do_exit on current
|
| 1566 |
|
|
* finishing this core dump.
|
| 1567 |
|
|
*
|
| 1568 |
|
|
* Only ptrace can touch these memory addresses, but it doesn't change
|
| 1569 |
|
|
* the map_count or the pages allocated. So no possibility of crashing
|
| 1570 |
|
|
* exists while dumping the mm->vm_next areas to the core file.
|
| 1571 |
|
|
*/
|
| 1572 |
|
|
|
| 1573 |
|
|
/* alloc memory for large data structures: too large to be on stack */
|
| 1574 |
|
|
elf = kmalloc(sizeof(*elf), GFP_KERNEL);
|
| 1575 |
|
|
if (!elf)
|
| 1576 |
|
|
goto cleanup;
|
| 1577 |
|
|
prstatus = kmalloc(sizeof(*prstatus), GFP_KERNEL);
|
| 1578 |
|
|
if (!prstatus)
|
| 1579 |
|
|
goto cleanup;
|
| 1580 |
|
|
psinfo = kmalloc(sizeof(*psinfo), GFP_KERNEL);
|
| 1581 |
|
|
if (!psinfo)
|
| 1582 |
|
|
goto cleanup;
|
| 1583 |
|
|
notes = kmalloc(NUM_NOTES * sizeof(struct memelfnote), GFP_KERNEL);
|
| 1584 |
|
|
if (!notes)
|
| 1585 |
|
|
goto cleanup;
|
| 1586 |
|
|
fpu = kmalloc(sizeof(*fpu), GFP_KERNEL);
|
| 1587 |
|
|
if (!fpu)
|
| 1588 |
|
|
goto cleanup;
|
| 1589 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1590 |
|
|
xfpu = kmalloc(sizeof(*xfpu), GFP_KERNEL);
|
| 1591 |
|
|
if (!xfpu)
|
| 1592 |
|
|
goto cleanup;
|
| 1593 |
|
|
#endif
|
| 1594 |
|
|
|
| 1595 |
|
|
if (signr) {
|
| 1596 |
|
|
struct elf_thread_status *tmp;
|
| 1597 |
|
|
rcu_read_lock();
|
| 1598 |
|
|
do_each_thread(g,p)
|
| 1599 |
|
|
if (current->mm == p->mm && current != p) {
|
| 1600 |
|
|
tmp = kzalloc(sizeof(*tmp), GFP_ATOMIC);
|
| 1601 |
|
|
if (!tmp) {
|
| 1602 |
|
|
rcu_read_unlock();
|
| 1603 |
|
|
goto cleanup;
|
| 1604 |
|
|
}
|
| 1605 |
|
|
tmp->thread = p;
|
| 1606 |
|
|
list_add(&tmp->list, &thread_list);
|
| 1607 |
|
|
}
|
| 1608 |
|
|
while_each_thread(g,p);
|
| 1609 |
|
|
rcu_read_unlock();
|
| 1610 |
|
|
list_for_each(t, &thread_list) {
|
| 1611 |
|
|
struct elf_thread_status *tmp;
|
| 1612 |
|
|
int sz;
|
| 1613 |
|
|
|
| 1614 |
|
|
tmp = list_entry(t, struct elf_thread_status, list);
|
| 1615 |
|
|
sz = elf_dump_thread_status(signr, tmp);
|
| 1616 |
|
|
thread_status_size += sz;
|
| 1617 |
|
|
}
|
| 1618 |
|
|
}
|
| 1619 |
|
|
/* now collect the dump for the current */
|
| 1620 |
|
|
memset(prstatus, 0, sizeof(*prstatus));
|
| 1621 |
|
|
fill_prstatus(prstatus, current, signr);
|
| 1622 |
|
|
elf_core_copy_regs(&prstatus->pr_reg, regs);
|
| 1623 |
|
|
|
| 1624 |
|
|
segs = current->mm->map_count;
|
| 1625 |
|
|
#ifdef ELF_CORE_EXTRA_PHDRS
|
| 1626 |
|
|
segs += ELF_CORE_EXTRA_PHDRS;
|
| 1627 |
|
|
#endif
|
| 1628 |
|
|
|
| 1629 |
|
|
gate_vma = get_gate_vma(current);
|
| 1630 |
|
|
if (gate_vma != NULL)
|
| 1631 |
|
|
segs++;
|
| 1632 |
|
|
|
| 1633 |
|
|
/* Set up header */
|
| 1634 |
|
|
fill_elf_header(elf, segs + 1); /* including notes section */
|
| 1635 |
|
|
|
| 1636 |
|
|
has_dumped = 1;
|
| 1637 |
|
|
current->flags |= PF_DUMPCORE;
|
| 1638 |
|
|
|
| 1639 |
|
|
/*
|
| 1640 |
|
|
* Set up the notes in similar form to SVR4 core dumps made
|
| 1641 |
|
|
* with info from their /proc.
|
| 1642 |
|
|
*/
|
| 1643 |
|
|
|
| 1644 |
|
|
fill_note(notes + 0, "CORE", NT_PRSTATUS, sizeof(*prstatus), prstatus);
|
| 1645 |
|
|
fill_psinfo(psinfo, current->group_leader, current->mm);
|
| 1646 |
|
|
fill_note(notes + 1, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo);
|
| 1647 |
|
|
|
| 1648 |
|
|
numnote = 2;
|
| 1649 |
|
|
|
| 1650 |
|
|
auxv = (elf_addr_t *)current->mm->saved_auxv;
|
| 1651 |
|
|
|
| 1652 |
|
|
i = 0;
|
| 1653 |
|
|
do
|
| 1654 |
|
|
i += 2;
|
| 1655 |
|
|
while (auxv[i - 2] != AT_NULL);
|
| 1656 |
|
|
fill_note(¬es[numnote++], "CORE", NT_AUXV,
|
| 1657 |
|
|
i * sizeof(elf_addr_t), auxv);
|
| 1658 |
|
|
|
| 1659 |
|
|
/* Try to dump the FPU. */
|
| 1660 |
|
|
if ((prstatus->pr_fpvalid =
|
| 1661 |
|
|
elf_core_copy_task_fpregs(current, regs, fpu)))
|
| 1662 |
|
|
fill_note(notes + numnote++,
|
| 1663 |
|
|
"CORE", NT_PRFPREG, sizeof(*fpu), fpu);
|
| 1664 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1665 |
|
|
if (elf_core_copy_task_xfpregs(current, xfpu))
|
| 1666 |
|
|
fill_note(notes + numnote++,
|
| 1667 |
|
|
"LINUX", ELF_CORE_XFPREG_TYPE, sizeof(*xfpu), xfpu);
|
| 1668 |
|
|
#endif
|
| 1669 |
|
|
|
| 1670 |
|
|
fs = get_fs();
|
| 1671 |
|
|
set_fs(KERNEL_DS);
|
| 1672 |
|
|
|
| 1673 |
|
|
DUMP_WRITE(elf, sizeof(*elf));
|
| 1674 |
|
|
offset += sizeof(*elf); /* Elf header */
|
| 1675 |
|
|
offset += (segs + 1) * sizeof(struct elf_phdr); /* Program headers */
|
| 1676 |
|
|
foffset = offset;
|
| 1677 |
|
|
|
| 1678 |
|
|
/* Write notes phdr entry */
|
| 1679 |
|
|
{
|
| 1680 |
|
|
struct elf_phdr phdr;
|
| 1681 |
|
|
int sz = 0;
|
| 1682 |
|
|
|
| 1683 |
|
|
for (i = 0; i < numnote; i++)
|
| 1684 |
|
|
sz += notesize(notes + i);
|
| 1685 |
|
|
|
| 1686 |
|
|
sz += thread_status_size;
|
| 1687 |
|
|
|
| 1688 |
|
|
sz += elf_coredump_extra_notes_size();
|
| 1689 |
|
|
|
| 1690 |
|
|
fill_elf_note_phdr(&phdr, sz, offset);
|
| 1691 |
|
|
offset += sz;
|
| 1692 |
|
|
DUMP_WRITE(&phdr, sizeof(phdr));
|
| 1693 |
|
|
}
|
| 1694 |
|
|
|
| 1695 |
|
|
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
|
| 1696 |
|
|
|
| 1697 |
|
|
/*
|
| 1698 |
|
|
* We must use the same mm->flags while dumping core to avoid
|
| 1699 |
|
|
* inconsistency between the program headers and bodies, otherwise an
|
| 1700 |
|
|
* unusable core file can be generated.
|
| 1701 |
|
|
*/
|
| 1702 |
|
|
mm_flags = current->mm->flags;
|
| 1703 |
|
|
|
| 1704 |
|
|
/* Write program headers for segments dump */
|
| 1705 |
|
|
for (vma = first_vma(current, gate_vma); vma != NULL;
|
| 1706 |
|
|
vma = next_vma(vma, gate_vma)) {
|
| 1707 |
|
|
struct elf_phdr phdr;
|
| 1708 |
|
|
|
| 1709 |
|
|
phdr.p_type = PT_LOAD;
|
| 1710 |
|
|
phdr.p_offset = offset;
|
| 1711 |
|
|
phdr.p_vaddr = vma->vm_start;
|
| 1712 |
|
|
phdr.p_paddr = 0;
|
| 1713 |
|
|
phdr.p_filesz = vma_dump_size(vma, mm_flags);
|
| 1714 |
|
|
phdr.p_memsz = vma->vm_end - vma->vm_start;
|
| 1715 |
|
|
offset += phdr.p_filesz;
|
| 1716 |
|
|
phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0;
|
| 1717 |
|
|
if (vma->vm_flags & VM_WRITE)
|
| 1718 |
|
|
phdr.p_flags |= PF_W;
|
| 1719 |
|
|
if (vma->vm_flags & VM_EXEC)
|
| 1720 |
|
|
phdr.p_flags |= PF_X;
|
| 1721 |
|
|
phdr.p_align = ELF_EXEC_PAGESIZE;
|
| 1722 |
|
|
|
| 1723 |
|
|
DUMP_WRITE(&phdr, sizeof(phdr));
|
| 1724 |
|
|
}
|
| 1725 |
|
|
|
| 1726 |
|
|
#ifdef ELF_CORE_WRITE_EXTRA_PHDRS
|
| 1727 |
|
|
ELF_CORE_WRITE_EXTRA_PHDRS;
|
| 1728 |
|
|
#endif
|
| 1729 |
|
|
|
| 1730 |
|
|
/* write out the notes section */
|
| 1731 |
|
|
for (i = 0; i < numnote; i++)
|
| 1732 |
|
|
if (!writenote(notes + i, file, &foffset))
|
| 1733 |
|
|
goto end_coredump;
|
| 1734 |
|
|
|
| 1735 |
|
|
if (elf_coredump_extra_notes_write(file, &foffset))
|
| 1736 |
|
|
goto end_coredump;
|
| 1737 |
|
|
|
| 1738 |
|
|
/* write out the thread status notes section */
|
| 1739 |
|
|
list_for_each(t, &thread_list) {
|
| 1740 |
|
|
struct elf_thread_status *tmp =
|
| 1741 |
|
|
list_entry(t, struct elf_thread_status, list);
|
| 1742 |
|
|
|
| 1743 |
|
|
for (i = 0; i < tmp->num_notes; i++)
|
| 1744 |
|
|
if (!writenote(&tmp->notes[i], file, &foffset))
|
| 1745 |
|
|
goto end_coredump;
|
| 1746 |
|
|
}
|
| 1747 |
|
|
|
| 1748 |
|
|
/* Align to page */
|
| 1749 |
|
|
DUMP_SEEK(dataoff - foffset);
|
| 1750 |
|
|
|
| 1751 |
|
|
for (vma = first_vma(current, gate_vma); vma != NULL;
|
| 1752 |
|
|
vma = next_vma(vma, gate_vma)) {
|
| 1753 |
|
|
unsigned long addr;
|
| 1754 |
|
|
unsigned long end;
|
| 1755 |
|
|
|
| 1756 |
|
|
end = vma->vm_start + vma_dump_size(vma, mm_flags);
|
| 1757 |
|
|
|
| 1758 |
|
|
for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) {
|
| 1759 |
|
|
struct page *page;
|
| 1760 |
|
|
struct vm_area_struct *vma;
|
| 1761 |
|
|
|
| 1762 |
|
|
if (get_user_pages(current, current->mm, addr, 1, 0, 1,
|
| 1763 |
|
|
&page, &vma) <= 0) {
|
| 1764 |
|
|
DUMP_SEEK(PAGE_SIZE);
|
| 1765 |
|
|
} else {
|
| 1766 |
|
|
if (page == ZERO_PAGE(0)) {
|
| 1767 |
|
|
if (!dump_seek(file, PAGE_SIZE)) {
|
| 1768 |
|
|
page_cache_release(page);
|
| 1769 |
|
|
goto end_coredump;
|
| 1770 |
|
|
}
|
| 1771 |
|
|
} else {
|
| 1772 |
|
|
void *kaddr;
|
| 1773 |
|
|
flush_cache_page(vma, addr,
|
| 1774 |
|
|
page_to_pfn(page));
|
| 1775 |
|
|
kaddr = kmap(page);
|
| 1776 |
|
|
if ((size += PAGE_SIZE) > limit ||
|
| 1777 |
|
|
!dump_write(file, kaddr,
|
| 1778 |
|
|
PAGE_SIZE)) {
|
| 1779 |
|
|
kunmap(page);
|
| 1780 |
|
|
page_cache_release(page);
|
| 1781 |
|
|
goto end_coredump;
|
| 1782 |
|
|
}
|
| 1783 |
|
|
kunmap(page);
|
| 1784 |
|
|
}
|
| 1785 |
|
|
page_cache_release(page);
|
| 1786 |
|
|
}
|
| 1787 |
|
|
}
|
| 1788 |
|
|
}
|
| 1789 |
|
|
|
| 1790 |
|
|
#ifdef ELF_CORE_WRITE_EXTRA_DATA
|
| 1791 |
|
|
ELF_CORE_WRITE_EXTRA_DATA;
|
| 1792 |
|
|
#endif
|
| 1793 |
|
|
|
| 1794 |
|
|
end_coredump:
|
| 1795 |
|
|
set_fs(fs);
|
| 1796 |
|
|
|
| 1797 |
|
|
cleanup:
|
| 1798 |
|
|
while (!list_empty(&thread_list)) {
|
| 1799 |
|
|
struct list_head *tmp = thread_list.next;
|
| 1800 |
|
|
list_del(tmp);
|
| 1801 |
|
|
kfree(list_entry(tmp, struct elf_thread_status, list));
|
| 1802 |
|
|
}
|
| 1803 |
|
|
|
| 1804 |
|
|
kfree(elf);
|
| 1805 |
|
|
kfree(prstatus);
|
| 1806 |
|
|
kfree(psinfo);
|
| 1807 |
|
|
kfree(notes);
|
| 1808 |
|
|
kfree(fpu);
|
| 1809 |
|
|
#ifdef ELF_CORE_COPY_XFPREGS
|
| 1810 |
|
|
kfree(xfpu);
|
| 1811 |
|
|
#endif
|
| 1812 |
|
|
return has_dumped;
|
| 1813 |
|
|
#undef NUM_NOTES
|
| 1814 |
|
|
}
|
| 1815 |
|
|
|
| 1816 |
|
|
#endif /* USE_ELF_CORE_DUMP */
|
| 1817 |
|
|
|
| 1818 |
|
|
static int __init init_elf_binfmt(void)
|
| 1819 |
|
|
{
|
| 1820 |
|
|
return register_binfmt(&elf_format);
|
| 1821 |
|
|
}
|
| 1822 |
|
|
|
| 1823 |
|
|
static void __exit exit_elf_binfmt(void)
|
| 1824 |
|
|
{
|
| 1825 |
|
|
/* Remove the COFF and ELF loaders. */
|
| 1826 |
|
|
unregister_binfmt(&elf_format);
|
| 1827 |
|
|
}
|
| 1828 |
|
|
|
| 1829 |
|
|
core_initcall(init_elf_binfmt);
|
| 1830 |
|
|
module_exit(exit_elf_binfmt);
|
| 1831 |
|
|
MODULE_LICENSE("GPL");
|
