1
2 /*--------------------------------------------------------------------*/
3 /*--- User-mode execve() for ELF executables m_ume_elf.c ---*/
4 /*--------------------------------------------------------------------*/
5
6 /*
7 This file is part of Valgrind, a dynamic binary instrumentation
8 framework.
9
10 Copyright (C) 2000-2017 Julian Seward
11 jseward@acm.org
12
13 This program is free software; you can redistribute it and/or
14 modify it under the terms of the GNU General Public License as
15 published by the Free Software Foundation; either version 2 of the
16 License, or (at your option) any later version.
17
18 This program is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 General Public License for more details.
22
23 You should have received a copy of the GNU General Public License
24 along with this program; if not, write to the Free Software
25 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
26 02111-1307, USA.
27
28 The GNU General Public License is contained in the file COPYING.
29 */
30
31 #if defined(VGO_linux) || defined(VGO_solaris)
32
33 #include "pub_core_basics.h"
34 #include "pub_core_vki.h"
35
36 #include "pub_core_aspacemgr.h" // various mapping fns
37 #include "pub_core_debuglog.h"
38 #include "pub_core_libcassert.h" // VG_(exit), vg_assert
39 #include "pub_core_libcbase.h" // VG_(memcmp), etc
40 #include "pub_core_libcprint.h"
41 #include "pub_core_libcfile.h" // VG_(open) et al
42 #include "pub_core_machine.h" // VG_ELF_CLASS (XXX: which should be moved)
43 #include "pub_core_mallocfree.h" // VG_(malloc), VG_(free)
44 #include "pub_core_syscall.h" // VG_(strerror)
45 #include "pub_core_ume.h" // self
46
47 #include "priv_ume.h"
48
49 /* --- !!! --- EXTERNAL HEADERS start --- !!! --- */
50 #if defined(VGO_linux)
51 # define _GNU_SOURCE
52 # define _FILE_OFFSET_BITS 64
53 #endif
54 /* This is for ELF types etc, and also the AT_ constants. */
55 #include <elf.h>
56 #if defined(VGO_solaris)
57 # include <sys/fasttrap.h> // PT_SUNWDTRACE_SIZE
58 # if defined(SOLARIS_PT_SUNDWTRACE_THRP)
59 # define PT_SUNWDTRACE_PROTECTION (PF_R)
60 # else
61 # define PT_SUNWDTRACE_PROTECTION (PF_R | PF_W | PF_X)
62 # endif
63 #endif
64 /* --- !!! --- EXTERNAL HEADERS end --- !!! --- */
65
66
67 #if VG_WORDSIZE == 8
68 #define ESZ(x) Elf64_##x
69 #elif VG_WORDSIZE == 4
70 #define ESZ(x) Elf32_##x
71 #else
72 #error VG_WORDSIZE needs to ==4 or ==8
73 #endif
74
75 struct elfinfo
76 {
77 ESZ(Ehdr) e;
78 ESZ(Phdr) *p;
79 Int fd;
80 };
81
82 #if defined(VGO_linux)
83
84 /*
85 arch_elf_pt_proc() - check a PT_LOPROC..PT_HIPROC ELF program header
86 @ehdr: The main ELF header
87 @phdr: The program header to check
88 @fd: The ELF file filedescriptor
89 @is_interpreter: True if the phdr is from the interpreter of the ELF
90 being loaded, else false.
91 @state: Architecture-specific state preserved throughout the process
92 of loading the ELF.
93
94 Inspects the program header phdr to validate its correctness and/or
95 suitability for the system. Called once per ELF program header in the
96 range PT_LOPROC to PT_HIPROC, for both the ELF being loaded and its
97 interpreter.
98
99 Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
100 with that return code.
101
102 arch_check_elf()
103 @ehdr: The main ELF header
104 @has_interpreter: True if the ELF has an interpreter, else false.
105 @state: Architecture-specific state preserved throughout the process
106 of loading the ELF.
107
108 Provides a final opportunity for architecture code to reject the loading
109 of the ELF. This is called after all program headers to be checked by
110 arch_elf_pt_proc have been.
111
112 Return: Zero to proceed with the ELF load, non-zero to fail the ELF load
113 with that return code.
114
115 Ref: linux/fs/binfmt_elf.c
116 */
117
118 # if defined(VGP_mips32_linux)
119
120 /* Ref: linux/arch/mips/kernel/elf.c */
arch_elf_pt_proc(ESZ (Ehdr)* ehdr,ESZ (Phdr)* phdr,Int fd,Bool is_interpreter,struct vki_arch_elf_state * state)121 static inline Int arch_elf_pt_proc(ESZ(Ehdr) *ehdr,
122 ESZ(Phdr) *phdr,
123 Int fd, Bool is_interpreter,
124 struct vki_arch_elf_state *state)
125 {
126 struct vki_mips_elf_abiflags_v0 abiflags;
127 SysRes sres;
128
129 if ( (ehdr->e_ident[EI_CLASS] == ELFCLASS32) &&
130 (ehdr->e_flags & VKI_EF_MIPS_FP64) ) {
131 /*
132 * Set MIPS_ABI_FP_OLD_64 for EF_MIPS_FP64. We will override it
133 * later if needed
134 */
135 if (is_interpreter)
136 state->interp_fp_abi = VKI_MIPS_ABI_FP_OLD_64;
137 else
138 state->fp_abi = VKI_MIPS_ABI_FP_OLD_64;
139 }
140
141 if (phdr->p_type != VKI_PT_MIPS_ABIFLAGS)
142 return 0;
143
144 if (phdr->p_filesz < sizeof(abiflags))
145 return VKI_EINVAL;
146
147 sres = VG_(pread)(fd, &abiflags, sizeof(abiflags), phdr->p_offset);
148
149 if (sr_isError(sres))
150 return sr_Err(sres);
151
152 if (sr_Res(sres) != sizeof(abiflags))
153 return VKI_EIO;
154
155 /* Record the required FP ABIs for use by arch_check_elf */
156 if (is_interpreter)
157 state->interp_fp_abi = abiflags.fp_abi;
158 else
159 state->fp_abi = abiflags.fp_abi;
160
161 return 0;
162 }
163
164 /* Ref: linux/arch/mips/kernel/elf.c */
arch_check_elf(ESZ (Ehdr)* ehdr,Bool has_interpreter,struct vki_arch_elf_state * state)165 static inline Int arch_check_elf(ESZ(Ehdr) *ehdr,
166 Bool has_interpreter,
167 struct vki_arch_elf_state *state)
168 {
169 struct mode_req {
170 Bool single;
171 Bool soft;
172 Bool fr1;
173 Bool frdefault;
174 Bool fre;
175 };
176
177 struct mode_req fpu_reqs[] = {
178 [VKI_MIPS_ABI_FP_ANY] = { True, True, True, True, True },
179 [VKI_MIPS_ABI_FP_DOUBLE] = { False, False, False, True, True },
180 [VKI_MIPS_ABI_FP_SINGLE] = { True, False, False, False, False },
181 [VKI_MIPS_ABI_FP_SOFT] = { False, True, False, False, False },
182 [VKI_MIPS_ABI_FP_OLD_64] = { False, False, False, False, False },
183 [VKI_MIPS_ABI_FP_XX] = { False, False, True, True, True },
184 [VKI_MIPS_ABI_FP_64] = { False, False, True, False, False },
185 [VKI_MIPS_ABI_FP_64A] = { False, False, True, False, True }
186 };
187
188 /* Mode requirements when .MIPS.abiflags is not present in the ELF.
189 Not present means that everything is acceptable except FR1. */
190 struct mode_req none_req = { True, True, False, True, True };
191
192 struct mode_req prog_req, interp_req;
193 Int fp_abi, interp_fp_abi, abi0, abi1, max_abi;
194 Bool is_mips64;
195
196 VexArchInfo vai;
197 VG_(machine_get_VexArchInfo)(NULL, &vai);
198
199 fp_abi = state->fp_abi;
200
201 if (has_interpreter) {
202 interp_fp_abi = state->interp_fp_abi;
203
204 abi0 = VG_MIN(fp_abi, interp_fp_abi);
205 abi1 = VG_MAX(fp_abi, interp_fp_abi);
206 } else {
207 abi0 = abi1 = fp_abi;
208 }
209
210 is_mips64 = (ehdr->e_ident[EI_CLASS] == ELFCLASS64) ||
211 (ehdr->e_flags & EF_MIPS_ABI2);
212
213 if (is_mips64) {
214 /* MIPS64 code always uses FR=1, thus the default is easy */
215 state->overall_fp_mode = VKI_FP_FR1;
216
217 /* Disallow access to the various FPXX & FP64 ABIs */
218 max_abi = VKI_MIPS_ABI_FP_SOFT;
219 } else {
220 /* Default to a mode capable of running code expecting FR=0 */
221
222 /* TODO: Should be changed during implementation of MIPS-R6 support.
223 state->overall_fp_mode = cpu_has_mips_r6 ? VKI_FP_FRE : VKI_FP_FR0; */
224 state->overall_fp_mode = VKI_FP_FR0;
225
226 /* Allow all ABIs we know about */
227 max_abi = VKI_MIPS_ABI_FP_64A;
228 }
229
230 if ((abi0 > max_abi && abi0 != VKI_MIPS_ABI_FP_UNKNOWN) ||
231 (abi1 > max_abi && abi1 != VKI_MIPS_ABI_FP_UNKNOWN))
232 return VKI_ELIBBAD;
233
234 /* It's time to determine the FPU mode requirements */
235 prog_req = (abi0 == VKI_MIPS_ABI_FP_UNKNOWN) ? none_req : fpu_reqs[abi0];
236 interp_req = (abi1 == VKI_MIPS_ABI_FP_UNKNOWN) ? none_req : fpu_reqs[abi1];
237
238 /* Check whether the program's and interp's ABIs have a matching FPU
239 mode requirement. */
240 prog_req.single = interp_req.single && prog_req.single;
241 prog_req.soft = interp_req.soft && prog_req.soft;
242 prog_req.fr1 = interp_req.fr1 && prog_req.fr1;
243 prog_req.frdefault = interp_req.frdefault && prog_req.frdefault;
244 prog_req.fre = interp_req.fre && prog_req.fre;
245
246 /* Determine the desired FPU mode
247
248 Decision making:
249
250 - We want FR_FRE if FRE=1 and both FR=1 and FR=0 are false. This
251 means that we have a combination of program and interpreter
252 that inherently require the hybrid FP mode.
253 - If FR1 and FRDEFAULT is true, that means we hit the any-abi or
254 fpxx case. This is because, in any-ABI (or no-ABI) we have no FPU
255 instructions so we don't care about the mode. We will simply use
256 the one preferred by the hardware. In fpxx case, that ABI can
257 handle both FR=1 and FR=0, so, again, we simply choose the one
258 preferred by the hardware. Next, if we only use single-precision
259 FPU instructions, and the default ABI FPU mode is not good
260 (ie single + any ABI combination), we set again the FPU mode to the
261 one is preferred by the hardware. Next, if we know that the code
262 will only use single-precision instructions, shown by single being
263 true but frdefault being false, then we again set the FPU mode to
264 the one that is preferred by the hardware.
265 - We want FP_FR1 if that's the only matching mode and the default one
266 is not good.
267 - Return with ELIBADD if we can't find a matching FPU mode. */
268 if (prog_req.fre && !prog_req.frdefault && !prog_req.fr1)
269 state->overall_fp_mode = VKI_FP_FRE;
270 else if ((prog_req.fr1 && prog_req.frdefault) ||
271 (prog_req.single && !prog_req.frdefault))
272 state->overall_fp_mode = VEX_MIPS_HOST_FP_MODE(vai.hwcaps) ?
273 VKI_FP_FR1 : VKI_FP_FR0;
274 else if (prog_req.fr1)
275 state->overall_fp_mode = VKI_FP_FR1;
276 else if (!prog_req.fre && !prog_req.frdefault &&
277 !prog_req.fr1 && !prog_req.single && !prog_req.soft)
278 return VKI_ELIBBAD;
279
280 /* TODO: Currently, Valgrind doesn't support FRE and doesn't support FR1
281 emulation on FR0 system, so in those cases we are forced to
282 reject the ELF. */
283 if ((state->overall_fp_mode == VKI_FP_FRE) ||
284 ((state->overall_fp_mode == VKI_FP_FR1) &&
285 !VEX_MIPS_HOST_FP_MODE(vai.hwcaps)))
286 return VKI_ELIBBAD;
287
288 return 0;
289 }
290
291 # else
292
arch_elf_pt_proc(ESZ (Ehdr)* ehdr,ESZ (Phdr)* phdr,Int fd,Bool is_interpreter,struct vki_arch_elf_state * state)293 static inline Int arch_elf_pt_proc(ESZ(Ehdr) *ehdr,
294 ESZ(Phdr) *phdr,
295 Int fd, Bool is_interpreter,
296 struct vki_arch_elf_state *state)
297 {
298 /* Dummy implementation, always proceed */
299 return 0;
300 }
301
arch_check_elf(ESZ (Ehdr)* ehdr,Bool has_interpreter,struct vki_arch_elf_state * state)302 static inline Int arch_check_elf(ESZ(Ehdr) *ehdr,
303 Bool has_interpreter,
304 struct vki_arch_elf_state *state)
305 {
306 /* Dummy implementation, always proceed */
307 return 0;
308 }
309
310 # endif
311 #endif
312
check_mmap(SysRes res,Addr base,SizeT len)313 static void check_mmap(SysRes res, Addr base, SizeT len)
314 {
315 if (sr_isError(res)) {
316 VG_(printf)("valgrind: mmap(0x%llx, %lld) failed in UME "
317 "with error %lu (%s).\n",
318 (ULong)base, (Long)len,
319 sr_Err(res), VG_(strerror)(sr_Err(res)) );
320 if (sr_Err(res) == VKI_EINVAL) {
321 VG_(printf)("valgrind: this can be caused by executables with "
322 "very large text, data or bss segments.\n");
323 }
324 VG_(exit)(1);
325 }
326 }
327
328 /*------------------------------------------------------------*/
329 /*--- Loading ELF files ---*/
330 /*------------------------------------------------------------*/
331
332 static
readelf(Int fd,const HChar * filename)333 struct elfinfo *readelf(Int fd, const HChar *filename)
334 {
335 SysRes sres;
336 struct elfinfo *e = VG_(malloc)("ume.re.1", sizeof(*e));
337 Int phsz;
338
339 e->fd = fd;
340
341 sres = VG_(pread)(fd, &e->e, sizeof(e->e), 0);
342 if (sr_isError(sres) || sr_Res(sres) != sizeof(e->e)) {
343 VG_(printf)("valgrind: %s: can't read ELF header: %s\n",
344 filename, VG_(strerror)(sr_Err(sres)));
345 goto bad;
346 }
347
348 if (VG_(memcmp)(&e->e.e_ident[0], ELFMAG, SELFMAG) != 0) {
349 VG_(printf)("valgrind: %s: bad ELF magic number\n", filename);
350 goto bad;
351 }
352 if (e->e.e_ident[EI_CLASS] != VG_ELF_CLASS) {
353 VG_(printf)("valgrind: wrong ELF executable class "
354 "(eg. 32-bit instead of 64-bit)\n");
355 goto bad;
356 }
357 if (e->e.e_ident[EI_DATA] != VG_ELF_DATA2XXX) {
358 VG_(printf)("valgrind: executable has wrong endian-ness\n");
359 goto bad;
360 }
361 if (!(e->e.e_type == ET_EXEC || e->e.e_type == ET_DYN)) {
362 VG_(printf)("valgrind: this is not an executable\n");
363 goto bad;
364 }
365
366 if (e->e.e_machine != VG_ELF_MACHINE) {
367 VG_(printf)("valgrind: executable is not for "
368 "this architecture\n");
369 goto bad;
370 }
371
372 if (e->e.e_phentsize != sizeof(ESZ(Phdr))) {
373 VG_(printf)("valgrind: sizeof ELF Phdr wrong\n");
374 goto bad;
375 }
376
377 phsz = sizeof(ESZ(Phdr)) * e->e.e_phnum;
378 e->p = VG_(malloc)("ume.re.2", phsz);
379
380 sres = VG_(pread)(fd, e->p, phsz, e->e.e_phoff);
381 if (sr_isError(sres) || sr_Res(sres) != phsz) {
382 VG_(printf)("valgrind: can't read phdr: %s\n",
383 VG_(strerror)(sr_Err(sres)));
384 VG_(free)(e->p);
385 goto bad;
386 }
387
388 return e;
389
390 bad:
391 VG_(free)(e);
392 return NULL;
393 }
394
395 /* Map an ELF file. Returns the brk address. */
396 static
mapelf(struct elfinfo * e,ESZ (Addr)base)397 ESZ(Addr) mapelf(struct elfinfo *e, ESZ(Addr) base)
398 {
399 Int i;
400 SysRes res;
401 ESZ(Addr) elfbrk = 0;
402
403 for (i = 0; i < e->e.e_phnum; i++) {
404 ESZ(Phdr) *ph = &e->p[i];
405 ESZ(Addr) addr, brkaddr;
406 ESZ(Word) memsz;
407
408 if (ph->p_type != PT_LOAD)
409 continue;
410
411 addr = ph->p_vaddr+base;
412 memsz = ph->p_memsz;
413 brkaddr = addr+memsz;
414
415 if (brkaddr > elfbrk)
416 elfbrk = brkaddr;
417 }
418
419 for (i = 0; i < e->e.e_phnum; i++) {
420 ESZ(Phdr) *ph = &e->p[i];
421 ESZ(Addr) addr, bss, brkaddr;
422 ESZ(Off) off;
423 ESZ(Word) filesz;
424 ESZ(Word) memsz;
425 unsigned prot = 0;
426
427 if (ph->p_type != PT_LOAD)
428 continue;
429
430 if (ph->p_flags & PF_X) prot |= VKI_PROT_EXEC;
431 if (ph->p_flags & PF_W) prot |= VKI_PROT_WRITE;
432 if (ph->p_flags & PF_R) prot |= VKI_PROT_READ;
433
434 addr = ph->p_vaddr+base;
435 off = ph->p_offset;
436 filesz = ph->p_filesz;
437 bss = addr+filesz;
438 memsz = ph->p_memsz;
439 brkaddr = addr+memsz;
440
441 // Tom says: In the following, do what the Linux kernel does and only
442 // map the pages that are required instead of rounding everything to
443 // the specified alignment (ph->p_align). (AMD64 doesn't work if you
444 // use ph->p_align -- part of stage2's memory gets trashed somehow.)
445 //
446 // The condition handles the case of a zero-length segment.
447 if (VG_PGROUNDUP(bss)-VG_PGROUNDDN(addr) > 0) {
448 if (0) VG_(debugLog)(0,"ume","mmap_file_fixed_client #1\n");
449 res = VG_(am_mmap_file_fixed_client)(
450 VG_PGROUNDDN(addr),
451 VG_PGROUNDUP(bss)-VG_PGROUNDDN(addr),
452 prot, /*VKI_MAP_FIXED|VKI_MAP_PRIVATE, */
453 e->fd, VG_PGROUNDDN(off)
454 );
455 if (0) VG_(am_show_nsegments)(0,"after #1");
456 check_mmap(res, VG_PGROUNDDN(addr),
457 VG_PGROUNDUP(bss)-VG_PGROUNDDN(addr));
458 }
459
460 // if memsz > filesz, fill the remainder with zeroed pages
461 if (memsz > filesz) {
462 UInt bytes;
463
464 bytes = VG_PGROUNDUP(brkaddr)-VG_PGROUNDUP(bss);
465 if (bytes > 0) {
466 if (0) VG_(debugLog)(0,"ume","mmap_anon_fixed_client #2\n");
467 res = VG_(am_mmap_anon_fixed_client)(
468 VG_PGROUNDUP(bss), bytes,
469 prot
470 );
471 if (0) VG_(am_show_nsegments)(0,"after #2");
472 check_mmap(res, VG_PGROUNDUP(bss), bytes);
473 }
474
475 bytes = bss & (VKI_PAGE_SIZE - 1);
476
477 // The 'prot' condition allows for a read-only bss
478 if ((prot & VKI_PROT_WRITE) && (bytes > 0)) {
479 bytes = VKI_PAGE_SIZE - bytes;
480 VG_(memset)((void *)bss, 0, bytes);
481 }
482 }
483 }
484
485 return elfbrk;
486 }
487
VG_(match_ELF)488 Bool VG_(match_ELF)(const void *hdr, SizeT len)
489 {
490 const ESZ(Ehdr) *e = hdr;
491 return (len > sizeof(*e)) && VG_(memcmp)(&e->e_ident[0], ELFMAG, SELFMAG) == 0;
492 }
493
494
495 /* load_ELF pulls an ELF executable into the address space, prepares
496 it for execution, and writes info about it into INFO. In
497 particular it fills in .init_eip, which is the starting point.
498
499 Returns zero on success, non-zero (a VKI_E.. value) on failure.
500
501 The sequence of activities is roughly as follows:
502
503 - use readelf() to extract program header info from the exe file.
504
505 - scan the program header, collecting info (not sure what all those
506 info-> fields are, or whether they are used, but still) and in
507 particular looking out fo the PT_INTERP header, which describes
508 the interpreter. If such a field is found, the space needed to
509 hold the interpreter is computed into interp_size.
510
511 - map the executable in, by calling mapelf(). This maps in all
512 loadable sections, and I _think_ also creates any .bss areas
513 required. mapelf() returns the address just beyond the end of
514 the furthest-along mapping it creates. The executable is mapped
515 starting at EBASE, which is usually read from it (eg, 0x8048000
516 etc) except if it's a PIE, in which case I'm not sure what
517 happens.
518
519 The returned address is recorded in info->brkbase as the start
520 point of the brk (data) segment, as it is traditional to place
521 the data segment just after the executable. Neither load_ELF nor
522 mapelf creates the brk segment, though: that is for the caller of
523 load_ELF to attend to.
524
525 - If the initial phdr scan didn't find any mention of an
526 interpreter (interp == NULL), this must be a statically linked
527 executable, and we're pretty much done.
528
529 - Otherwise, we need to use mapelf() a second time to load the
530 interpreter. The interpreter can go anywhere, but mapelf() wants
531 to be told a specific address to put it at. So an advisory query
532 is passed to aspacem, asking where it would put an anonymous
533 client mapping of size INTERP_SIZE. That address is then used
534 as the mapping address for the interpreter.
535
536 - The entry point in INFO is set to the interpreter's entry point,
537 and we're done. */
VG_(load_ELF)538 Int VG_(load_ELF)(Int fd, const HChar* name, /*MOD*/ExeInfo* info)
539 {
540 SysRes sres;
541 struct elfinfo *e;
542 struct elfinfo *interp = NULL;
543 ESZ(Addr) minaddr = ~0; /* lowest mapped address */
544 ESZ(Addr) maxaddr = 0; /* highest mapped address */
545 ESZ(Addr) interp_addr = 0; /* interpreter (ld.so) address */
546 ESZ(Word) interp_size = 0; /* interpreter size */
547 /* ESZ(Word) interp_align = VKI_PAGE_SIZE; */ /* UNUSED */
548 Int i;
549 void *entry;
550 ESZ(Addr) ebase = 0;
551 # if defined(VGO_solaris)
552 ESZ(Addr) thrptr_addr = 0;
553 # endif
554
555 # if defined(VGO_linux)
556 Int retval;
557 # endif
558
559 # if defined(HAVE_PIE)
560 ebase = info->exe_base;
561 # endif
562
563 e = readelf(fd, name);
564
565 if (e == NULL)
566 return VKI_ENOEXEC;
567
568 /* The kernel maps position-independent executables at TASK_SIZE*2/3;
569 duplicate this behavior as close as we can. */
570 if (e->e.e_type == ET_DYN && ebase == 0) {
571 ebase = VG_PGROUNDDN(info->exe_base
572 + (info->exe_end - info->exe_base) * 2 / 3);
573 /* We really don't want to load PIEs at zero or too close. It
574 works, but it's unrobust (NULL pointer reads and writes
575 become legit, which is really bad) and causes problems for
576 exp-ptrcheck, which assumes all numbers below 1MB are
577 nonpointers. So, hackily, move it above 1MB. */
578 /* Later .. it appears ppc32-linux tries to put [vdso] at 1MB,
579 which totally screws things up, because nothing else can go
580 there. The size of [vdso] is around 2 or 3 pages, so bump
581 the hacky load address along by 8 * VKI_PAGE_SIZE to be safe. */
582 /* Later .. on mips64 we can't use 0x108000, because mapelf will
583 fail. */
584 # if defined(VGP_mips64_linux)
585 if (ebase < 0x100000)
586 ebase = 0x100000;
587 # else
588 vg_assert(VKI_PAGE_SIZE >= 4096); /* stay sane */
589 ESZ(Addr) hacky_load_address = 0x100000 + 8 * VKI_PAGE_SIZE;
590 if (ebase < hacky_load_address)
591 ebase = hacky_load_address;
592 # endif
593
594 # if defined(VGO_solaris)
595 /* Record for later use in AT_BASE. */
596 info->interp_offset = ebase;
597 # endif
598 }
599
600 info->phnum = e->e.e_phnum;
601 info->entry = e->e.e_entry + ebase;
602 info->phdr = 0;
603 info->stack_prot = VKI_PROT_READ|VKI_PROT_WRITE|VKI_PROT_EXEC;
604
605 for (i = 0; i < e->e.e_phnum; i++) {
606 ESZ(Phdr) *ph = &e->p[i];
607
608 switch(ph->p_type) {
609 case PT_PHDR:
610 info->phdr = ph->p_vaddr + ebase;
611 # if defined(VGO_solaris)
612 info->real_phdr_present = True;
613 # endif
614 break;
615
616 case PT_LOAD:
617 if (ph->p_vaddr < minaddr)
618 minaddr = ph->p_vaddr;
619 if (ph->p_vaddr+ph->p_memsz > maxaddr)
620 maxaddr = ph->p_vaddr+ph->p_memsz;
621 break;
622
623 # if defined(VGO_solaris)
624 case PT_SUNWDTRACE:
625 if (ph->p_memsz < PT_SUNWDTRACE_SIZE) {
626 VG_(printf)("valgrind: m_ume.c: too small SUNWDTRACE size\n");
627 return VKI_ENOEXEC;
628 }
629 if ((ph->p_flags & (PF_R | PF_W | PF_X)) != PT_SUNWDTRACE_PROTECTION) {
630 VG_(printf)("valgrind: m_ume.c: SUNWDTRACE protection mismatch\n");
631 return VKI_ENOEXEC;
632 }
633
634 info->init_thrptr = ph->p_vaddr + ebase;
635 break;
636 # endif
637
638 case PT_INTERP: {
639 HChar *buf = VG_(malloc)("ume.LE.1", ph->p_filesz+1);
640 Int j;
641 Int intfd;
642 Int baseaddr_set;
643
644 VG_(pread)(fd, buf, ph->p_filesz, ph->p_offset);
645 buf[ph->p_filesz] = '\0';
646
647 sres = VG_(open)(buf, VKI_O_RDONLY, 0);
648 if (sr_isError(sres)) {
649 VG_(printf)("valgrind: m_ume.c: can't open interpreter\n");
650 VG_(exit)(1);
651 }
652 intfd = sr_Res(sres);
653
654 interp = readelf(intfd, buf);
655 if (interp == NULL) {
656 VG_(printf)("valgrind: m_ume.c: can't read interpreter\n");
657 return 1;
658 }
659 VG_(free)(buf);
660
661 baseaddr_set = 0;
662 for (j = 0; j < interp->e.e_phnum; j++) {
663 ESZ(Phdr) *iph = &interp->p[j];
664 ESZ(Addr) end;
665
666 # if defined(VGO_solaris)
667 if (iph->p_type == PT_SUNWDTRACE) {
668 if (iph->p_memsz < PT_SUNWDTRACE_SIZE) {
669 VG_(printf)("valgrind: m_ume.c: too small SUNWDTRACE size\n");
670 return VKI_ENOEXEC;
671 }
672 if ((iph->p_flags & (PF_R | PF_W | PF_X))
673 != PT_SUNWDTRACE_PROTECTION) {
674 VG_(printf)("valgrind: m_ume.c: SUNWDTRACE protection "
675 "mismatch\n");
676 return VKI_ENOEXEC;
677 }
678
679 /* Store the thrptr value into a temporary because we do not
680 know yet where the interpreter is mapped. */
681 thrptr_addr = iph->p_vaddr;
682 }
683 # endif
684
685 # if defined(VGO_linux)
686 if ((iph->p_type >= PT_LOPROC) && (iph->p_type <= PT_HIPROC)) {
687 retval = arch_elf_pt_proc(&interp->e, iph, intfd, True,
688 info->arch_elf_state);
689 if (retval)
690 return retval;
691 }
692 # endif
693
694 if (iph->p_type != PT_LOAD || iph->p_memsz == 0)
695 continue;
696
697 if (!baseaddr_set) {
698 interp_addr = iph->p_vaddr;
699 /* interp_align = iph->p_align; */ /* UNUSED */
700 baseaddr_set = 1;
701 }
702
703 /* assumes that all segments in the interp are close */
704 end = (iph->p_vaddr - interp_addr) + iph->p_memsz;
705
706 if (end > interp_size)
707 interp_size = end;
708 }
709 break;
710 }
711
712 # if defined(PT_GNU_STACK) || defined(PT_SUNWSTACK)
713 # if defined(PT_GNU_STACK)
714 /* Android's elf.h doesn't appear to have PT_GNU_STACK. */
715 case PT_GNU_STACK:
716 # endif
717 # if defined(PT_SUNWSTACK)
718 /* Solaris-specific program header. */
719 case PT_SUNWSTACK:
720 # endif
721 if ((ph->p_flags & PF_X) == 0) info->stack_prot &= ~VKI_PROT_EXEC;
722 if ((ph->p_flags & PF_W) == 0) info->stack_prot &= ~VKI_PROT_WRITE;
723 if ((ph->p_flags & PF_R) == 0) info->stack_prot &= ~VKI_PROT_READ;
724 break;
725 # endif
726
727 # if defined(PT_SUNW_SYSSTAT)
728 /* Solaris-specific program header which requires link-time support. */
729 case PT_SUNW_SYSSTAT:
730 VG_(unimplemented)("Support for program header PT_SUNW_SYSSTAT.");
731 break;
732 # endif
733 # if defined(PT_SUNW_SYSSTAT_ZONE)
734 /* Solaris-specific program header which requires link-time support. */
735 case PT_SUNW_SYSSTAT_ZONE:
736 VG_(unimplemented)("Support for program header PT_SUNW_SYSSTAT_ZONE.");
737 break;
738 # endif
739
740 # if defined(VGO_linux)
741 case PT_LOPROC ... PT_HIPROC:
742 retval = arch_elf_pt_proc(&e->e, ph, fd, False, info->arch_elf_state);
743 if (retval)
744 return retval;
745 break;
746 # endif
747
748 default:
749 // do nothing
750 break;
751 }
752 }
753
754 # if defined(VGO_linux)
755 retval = arch_check_elf(&e->e,
756 interp != NULL,
757 info->arch_elf_state);
758 if (retval)
759 return retval;
760 # endif
761
762 if (info->phdr == 0)
763 info->phdr = minaddr + ebase + e->e.e_phoff;
764
765 if (info->exe_base != info->exe_end) {
766 if (minaddr >= maxaddr ||
767 (minaddr + ebase < info->exe_base ||
768 maxaddr + ebase > info->exe_end)) {
769 VG_(printf)("Executable range %p-%p is outside the\n"
770 "acceptable range %p-%p\n",
771 (char *)minaddr + ebase, (char *)maxaddr + ebase,
772 (char *)info->exe_base, (char *)info->exe_end);
773 return VKI_ENOMEM;
774 }
775 }
776
777 info->brkbase = mapelf(e, ebase); /* map the executable */
778
779 if (info->brkbase == 0)
780 return VKI_ENOMEM;
781
782 if (interp != NULL) {
783 /* reserve a chunk of address space for interpreter */
784 MapRequest mreq;
785 Addr advised;
786 Bool ok;
787
788 /* Don't actually reserve the space. Just get an advisory
789 indicating where it would be allocated, and pass that to
790 mapelf(), which in turn asks aspacem to do some fixed maps at
791 the specified address. This is a bit of hack, but it should
792 work because there should be no intervening transactions with
793 aspacem which could cause those fixed maps to fail.
794
795 Placement policy is:
796
797 if the interpreter asks to be loaded at zero
798 ignore that and put it wherever we like (mappings at zero
799 are bad news)
800 else
801 try and put it where it asks for, but if that doesn't work,
802 just put it anywhere.
803 */
804 if (interp_addr == 0) {
805 mreq.rkind = MAny;
806 mreq.start = 0;
807 mreq.len = interp_size;
808 } else {
809 mreq.rkind = MHint;
810 mreq.start = interp_addr;
811 mreq.len = interp_size;
812 }
813
814 advised = VG_(am_get_advisory)( &mreq, True/*client*/, &ok );
815
816 if (!ok) {
817 /* bomb out */
818 SysRes res = VG_(mk_SysRes_Error)(VKI_EINVAL);
819 if (0) VG_(printf)("reserve for interp: failed\n");
820 check_mmap(res, (Addr)interp_addr, interp_size);
821 /*NOTREACHED*/
822 }
823
824 (void)mapelf(interp, (ESZ(Addr))advised - interp_addr);
825
826 VG_(close)(interp->fd);
827
828 entry = (void *)(advised - interp_addr + interp->e.e_entry);
829
830 info->interp_offset = advised - interp_addr;
831 # if defined(VGO_solaris)
832 if (thrptr_addr)
833 info->init_thrptr = thrptr_addr + info->interp_offset;
834 # endif
835
836 VG_(free)(interp->p);
837 VG_(free)(interp);
838 } else {
839 entry = (void *)(ebase + e->e.e_entry);
840
841 # if defined(VGO_solaris)
842 if (e->e.e_type == ET_DYN)
843 info->ldsoexec = True;
844 # endif
845 }
846
847 info->exe_base = minaddr + ebase;
848 info->exe_end = maxaddr + ebase;
849
850 #if defined(VGP_ppc64be_linux)
851 /* On PPC64BE, ELF ver 1, a func ptr is represented by a TOC entry ptr.
852 This TOC entry contains three words; the first word is the function
853 address, the second word is the TOC ptr (r2), and the third word
854 is the static chain value. */
855 info->init_ip = ((ULong*)entry)[0];
856 info->init_toc = ((ULong*)entry)[1];
857 info->init_ip += info->interp_offset;
858 info->init_toc += info->interp_offset;
859 #elif defined(VGP_ppc64le_linux)
860 /* On PPC64LE, ELF ver 2. API doesn't use a func ptr */
861 info->init_ip = (Addr)entry;
862 info->init_toc = 0; /* meaningless on this platform */
863 #else
864 info->init_ip = (Addr)entry;
865 info->init_toc = 0; /* meaningless on this platform */
866 #endif
867 VG_(free)(e->p);
868 VG_(free)(e);
869
870 return 0;
871 }
872
873 #endif // defined(VGO_linux) || defined(VGO_solaris)
874
875 /*--------------------------------------------------------------------*/
876 /*--- end ---*/
877 /*--------------------------------------------------------------------*/
878