1 /* $OpenBSD: exec_elf.c,v 1.56 2006/12/29 13:04:37 pedro Exp $ */ 2 3 /* 4 * Copyright (c) 1996 Per Fogelstrom 5 * All rights reserved. 6 * 7 * Copyright (c) 1994 Christos Zoulas 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. The name of the author may not be used to endorse or promote products 19 * derived from this software without specific prior written permission 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 24 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 * 32 */ 33 34 #include <sys/param.h> 35 #include <sys/systm.h> 36 #include <sys/kernel.h> 37 #include <sys/proc.h> 38 #include <sys/malloc.h> 39 #include <sys/pool.h> 40 #include <sys/mount.h> 41 #include <sys/namei.h> 42 #include <sys/vnode.h> 43 #include <sys/exec.h> 44 #include <sys/exec_elf.h> 45 #include <sys/exec_olf.h> 46 #include <sys/file.h> 47 #include <sys/syscall.h> 48 #include <sys/signalvar.h> 49 #include <sys/stat.h> 50 51 #include <sys/mman.h> 52 #include <uvm/uvm_extern.h> 53 54 #include <machine/cpu.h> 55 #include <machine/reg.h> 56 #include <machine/exec.h> 57 58 #ifdef COMPAT_LINUX 59 #include <compat/linux/linux_exec.h> 60 #endif 61 62 #ifdef COMPAT_SVR4 63 #include <compat/svr4/svr4_exec.h> 64 #endif 65 66 #ifdef COMPAT_FREEBSD 67 #include <compat/freebsd/freebsd_exec.h> 68 #endif 69 70 #ifdef COMPAT_NETBSD 71 #include <compat/netbsd/netbsd_exec.h> 72 #endif 73 74 struct ELFNAME(probe_entry) { 75 int (*func)(struct proc *, struct exec_package *, char *, 76 u_long *, u_int8_t *); 77 int os_mask; 78 } ELFNAME(probes)[] = { 79 /* XXX - bogus, shouldn't be size independent.. */ 80 #ifdef COMPAT_FREEBSD 81 { freebsd_elf_probe, 1 << OOS_FREEBSD }, 82 #endif 83 #ifdef COMPAT_SVR4 84 { svr4_elf_probe, 85 1 << OOS_SVR4 | 1 << OOS_ESIX | 1 << OOS_SOLARIS | 1 << OOS_SCO | 86 1 << OOS_DELL | 1 << OOS_NCR }, 87 #endif 88 #ifdef COMPAT_LINUX 89 { linux_elf_probe, 1 << OOS_LINUX }, 90 #endif 91 #ifdef COMPAT_NETBSD 92 { netbsd_elf64_probe, 1 << OOS_NETBSD }, 93 #endif 94 { 0, 1 << OOS_OPENBSD } 95 }; 96 97 int ELFNAME(load_file)(struct proc *, char *, struct exec_package *, 98 struct elf_args *, Elf_Addr *); 99 int ELFNAME(check_header)(Elf_Ehdr *, int); 100 int ELFNAME(olf_check_header)(Elf_Ehdr *, int, u_int8_t *); 101 int ELFNAME(read_from)(struct proc *, struct vnode *, u_long, caddr_t, int); 102 void ELFNAME(load_psection)(struct exec_vmcmd_set *, struct vnode *, 103 Elf_Phdr *, Elf_Addr *, Elf_Addr *, int *, int); 104 105 extern char sigcode[], esigcode[]; 106 #ifdef SYSCALL_DEBUG 107 extern char *syscallnames[]; 108 #endif 109 110 /* round up and down to page boundaries. */ 111 #define ELF_ROUND(a, b) (((a) + (b) - 1) & ~((b) - 1)) 112 #define ELF_TRUNC(a, b) ((a) & ~((b) - 1)) 113 114 /* 115 * We limit the number of program headers to 32, this should 116 * be a reasonable limit for ELF, the most we have seen so far is 12 117 */ 118 #define ELF_MAX_VALID_PHDR 32 119 120 /* 121 * This is the basic elf emul. elf_probe_funcs may change to other emuls. 122 */ 123 struct emul ELFNAMEEND(emul) = { 124 "native", 125 NULL, 126 sendsig, 127 SYS_syscall, 128 SYS_MAXSYSCALL, 129 sysent, 130 #ifdef SYSCALL_DEBUG 131 syscallnames, 132 #else 133 NULL, 134 #endif 135 sizeof (AuxInfo) * ELF_AUX_ENTRIES, 136 ELFNAME(copyargs), 137 setregs, 138 ELFNAME2(exec,fixup), 139 sigcode, 140 esigcode, 141 EMUL_ENABLED | EMUL_NATIVE, 142 }; 143 144 /* 145 * Copy arguments onto the stack in the normal way, but add some 146 * space for extra information in case of dynamic binding. 147 */ 148 void * 149 ELFNAME(copyargs)(struct exec_package *pack, struct ps_strings *arginfo, 150 void *stack, void *argp) 151 { 152 stack = copyargs(pack, arginfo, stack, argp); 153 if (!stack) 154 return (NULL); 155 156 /* 157 * Push space for extra arguments on the stack needed by 158 * dynamically linked binaries. 159 */ 160 if (pack->ep_interp != NULL) { 161 pack->ep_emul_argp = stack; 162 (char *)stack += ELF_AUX_ENTRIES * sizeof (AuxInfo); 163 } 164 return (stack); 165 } 166 167 /* 168 * Check header for validity; return 0 for ok, ENOEXEC if error 169 */ 170 int 171 ELFNAME(check_header)(Elf_Ehdr *ehdr, int type) 172 { 173 /* 174 * We need to check magic, class size, endianess, and version before 175 * we look at the rest of the Elf_Ehdr structure. These few elements 176 * are represented in a machine independant fashion. 177 */ 178 if (!IS_ELF(*ehdr) || 179 ehdr->e_ident[EI_CLASS] != ELF_TARG_CLASS || 180 ehdr->e_ident[EI_DATA] != ELF_TARG_DATA || 181 ehdr->e_ident[EI_VERSION] != ELF_TARG_VER) 182 return (ENOEXEC); 183 184 /* Now check the machine dependant header */ 185 if (ehdr->e_machine != ELF_TARG_MACH || 186 ehdr->e_version != ELF_TARG_VER) 187 return (ENOEXEC); 188 189 /* Check the type */ 190 if (ehdr->e_type != type) 191 return (ENOEXEC); 192 193 /* Don't allow an insane amount of sections. */ 194 if (ehdr->e_phnum > ELF_MAX_VALID_PHDR) 195 return (ENOEXEC); 196 197 return (0); 198 } 199 200 /* 201 * Check header for validity; return 0 for ok, ENOEXEC if error. 202 * Remember OS tag for callers sake. 203 */ 204 int 205 ELFNAME(olf_check_header)(Elf_Ehdr *ehdr, int type, u_int8_t *os) 206 { 207 int i; 208 209 /* 210 * We need to check magic, class size, endianess, version, and OS 211 * before we look at the rest of the Elf_Ehdr structure. These few 212 * elements are represented in a machine independant fashion. 213 */ 214 if (!IS_OLF(*ehdr) || 215 ehdr->e_ident[OI_CLASS] != ELF_TARG_CLASS || 216 ehdr->e_ident[OI_DATA] != ELF_TARG_DATA || 217 ehdr->e_ident[OI_VERSION] != ELF_TARG_VER) 218 return (ENOEXEC); 219 220 for (i = 0; 221 i < sizeof(ELFNAME(probes)) / sizeof(ELFNAME(probes)[0]); 222 i++) { 223 if ((1 << ehdr->e_ident[OI_OS]) & ELFNAME(probes)[i].os_mask) 224 goto os_ok; 225 } 226 return (ENOEXEC); 227 228 os_ok: 229 /* Now check the machine dependant header */ 230 if (ehdr->e_machine != ELF_TARG_MACH || 231 ehdr->e_version != ELF_TARG_VER) 232 return (ENOEXEC); 233 234 /* Check the type */ 235 if (ehdr->e_type != type) 236 return (ENOEXEC); 237 238 /* Don't allow an insane amount of sections. */ 239 if (ehdr->e_phnum > ELF_MAX_VALID_PHDR) 240 return (ENOEXEC); 241 242 *os = ehdr->e_ident[OI_OS]; 243 return (0); 244 } 245 246 /* 247 * Load a psection at the appropriate address 248 */ 249 void 250 ELFNAME(load_psection)(struct exec_vmcmd_set *vcset, struct vnode *vp, 251 Elf_Phdr *ph, Elf_Addr *addr, Elf_Addr *size, int *prot, int flags) 252 { 253 u_long uaddr, msize, lsize, psize, rm, rf; 254 long diff, offset, bdiff; 255 Elf_Addr base; 256 257 /* 258 * If the user specified an address, then we load there. 259 */ 260 if (*addr != ELFDEFNNAME(NO_ADDR)) { 261 if (ph->p_align > 1) { 262 *addr = ELF_TRUNC(*addr, ph->p_align); 263 diff = ph->p_vaddr - ELF_TRUNC(ph->p_vaddr, ph->p_align); 264 /* page align vaddr */ 265 base = *addr + trunc_page(ph->p_vaddr) 266 - ELF_TRUNC(ph->p_vaddr, ph->p_align); 267 268 bdiff = ph->p_vaddr - trunc_page(ph->p_vaddr); 269 270 } else 271 diff = 0; 272 } else { 273 *addr = uaddr = ph->p_vaddr; 274 if (ph->p_align > 1) 275 *addr = ELF_TRUNC(uaddr, ph->p_align); 276 base = trunc_page(uaddr); 277 bdiff = uaddr - base; 278 diff = uaddr - *addr; 279 } 280 281 *prot |= (ph->p_flags & PF_R) ? VM_PROT_READ : 0; 282 *prot |= (ph->p_flags & PF_W) ? VM_PROT_WRITE : 0; 283 *prot |= (ph->p_flags & PF_X) ? VM_PROT_EXECUTE : 0; 284 285 msize = ph->p_memsz + diff; 286 offset = ph->p_offset - bdiff; 287 lsize = ph->p_filesz + bdiff; 288 psize = round_page(lsize); 289 290 /* 291 * Because the pagedvn pager can't handle zero fill of the last 292 * data page if it's not page aligned we map the last page readvn. 293 */ 294 if (ph->p_flags & PF_W) { 295 psize = trunc_page(lsize); 296 if (psize > 0) 297 NEW_VMCMD2(vcset, vmcmd_map_pagedvn, psize, base, vp, 298 offset, *prot, flags); 299 if (psize != lsize) { 300 NEW_VMCMD2(vcset, vmcmd_map_readvn, lsize - psize, 301 base + psize, vp, offset + psize, *prot, flags); 302 } 303 } else { 304 NEW_VMCMD2(vcset, vmcmd_map_pagedvn, psize, base, vp, offset, 305 *prot, flags); 306 } 307 308 /* 309 * Check if we need to extend the size of the segment 310 */ 311 rm = round_page(*addr + ph->p_memsz + diff); 312 rf = round_page(*addr + ph->p_filesz + diff); 313 314 if (rm != rf) { 315 NEW_VMCMD2(vcset, vmcmd_map_zero, rm - rf, rf, NULLVP, 0, 316 *prot, flags); 317 } 318 *size = msize; 319 } 320 321 /* 322 * Read from vnode into buffer at offset. 323 */ 324 int 325 ELFNAME(read_from)(struct proc *p, struct vnode *vp, u_long off, caddr_t buf, 326 int size) 327 { 328 int error; 329 size_t resid; 330 331 if ((error = vn_rdwr(UIO_READ, vp, buf, size, off, UIO_SYSSPACE, 332 0, p->p_ucred, &resid, p)) != 0) 333 return error; 334 /* 335 * See if we got all of it 336 */ 337 if (resid != 0) 338 return (ENOEXEC); 339 return (0); 340 } 341 342 /* 343 * Load a file (interpreter/library) pointed to by path [stolen from 344 * coff_load_shlib()]. Made slightly generic so it might be used externally. 345 */ 346 int 347 ELFNAME(load_file)(struct proc *p, char *path, struct exec_package *epp, 348 struct elf_args *ap, Elf_Addr *last) 349 { 350 int error, i; 351 struct nameidata nd; 352 Elf_Ehdr eh; 353 Elf_Phdr *ph = NULL; 354 u_long phsize; 355 char *bp = NULL; 356 Elf_Addr addr; 357 struct vnode *vp; 358 u_int8_t os; /* Just a dummy in this routine */ 359 Elf_Phdr *base_ph = NULL; 360 struct interp_ld_sec { 361 Elf_Addr vaddr; 362 u_long memsz; 363 } loadmap[ELF_MAX_VALID_PHDR]; 364 int nload, idx = 0; 365 Elf_Addr pos = *last; 366 int file_align; 367 368 bp = path; 369 NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, path, p); 370 if ((error = namei(&nd)) != 0) { 371 return (error); 372 } 373 vp = nd.ni_vp; 374 if (vp->v_type != VREG) { 375 error = EACCES; 376 goto bad; 377 } 378 if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0) 379 goto bad; 380 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 381 error = EACCES; 382 goto bad; 383 } 384 if ((error = VOP_ACCESS(vp, VREAD, p->p_ucred, p)) != 0) 385 goto bad1; 386 if ((error = ELFNAME(read_from)(p, nd.ni_vp, 0, 387 (caddr_t)&eh, sizeof(eh))) != 0) 388 goto bad1; 389 390 if (ELFNAME(check_header)(&eh, ET_DYN) && 391 ELFNAME(olf_check_header)(&eh, ET_DYN, &os)) { 392 error = ENOEXEC; 393 goto bad1; 394 } 395 396 phsize = eh.e_phnum * sizeof(Elf_Phdr); 397 ph = malloc(phsize, M_TEMP, M_WAITOK); 398 399 if ((error = ELFNAME(read_from)(p, nd.ni_vp, eh.e_phoff, (caddr_t)ph, 400 phsize)) != 0) 401 goto bad1; 402 403 for (i = 0; i < eh.e_phnum; i++) { 404 if (ph[i].p_type == PT_LOAD) { 405 loadmap[idx].vaddr = trunc_page(ph[i].p_vaddr); 406 loadmap[idx].memsz = round_page (ph[i].p_vaddr + 407 ph[i].p_memsz - loadmap[idx].vaddr); 408 file_align = ph[i].p_align; 409 idx++; 410 } 411 } 412 nload = idx; 413 414 /* 415 * If no position to load the interpreter was set by a probe 416 * function, pick the same address that a non-fixed mmap(0, ..) 417 * would (i.e. something safely out of the way). 418 */ 419 if (pos == ELFDEFNNAME(NO_ADDR)) { 420 pos = uvm_map_hint(p, VM_PROT_EXECUTE); 421 } 422 423 pos = ELF_ROUND(pos, file_align); 424 *last = epp->ep_interp_pos = pos; 425 for (i = 0; i < nload;/**/) { 426 vaddr_t addr; 427 struct uvm_object *uobj; 428 off_t uoff; 429 size_t size; 430 431 #ifdef this_needs_fixing 432 if (i == 0) { 433 uobj = &vp->v_uvm.u_obj; 434 /* need to fix uoff */ 435 } else { 436 #endif 437 uobj = NULL; 438 uoff = 0; 439 #ifdef this_needs_fixing 440 } 441 #endif 442 443 addr = trunc_page(pos + loadmap[i].vaddr); 444 size = round_page(addr + loadmap[i].memsz) - addr; 445 446 /* CRAP - map_findspace does not avoid daddr+MAXDSIZ */ 447 if ((addr + size > (vaddr_t)p->p_vmspace->vm_daddr) && 448 (addr < (vaddr_t)p->p_vmspace->vm_daddr + MAXDSIZ)) 449 addr = round_page((vaddr_t)p->p_vmspace->vm_daddr + 450 MAXDSIZ); 451 452 if (uvm_map_findspace(&p->p_vmspace->vm_map, addr, size, 453 &addr, uobj, uoff, 0, UVM_FLAG_FIXED) == NULL) { 454 if (uvm_map_findspace(&p->p_vmspace->vm_map, addr, size, 455 &addr, uobj, uoff, 0, 0) == NULL) { 456 error = ENOMEM; /* XXX */ 457 goto bad1; 458 } 459 } 460 if (addr != pos + loadmap[i].vaddr) { 461 /* base changed. */ 462 pos = addr - trunc_page(loadmap[i].vaddr); 463 pos = ELF_ROUND(pos,file_align); 464 epp->ep_interp_pos = *last = pos; 465 i = 0; 466 continue; 467 } 468 469 i++; 470 } 471 472 /* 473 * Load all the necessary sections 474 */ 475 for (i = 0; i < eh.e_phnum; i++) { 476 Elf_Addr size = 0; 477 int prot = 0; 478 int flags; 479 480 switch (ph[i].p_type) { 481 case PT_LOAD: 482 if (base_ph == NULL) { 483 flags = VMCMD_BASE; 484 addr = *last; 485 base_ph = &ph[i]; 486 } else { 487 flags = VMCMD_RELATIVE; 488 addr = ph[i].p_vaddr - base_ph->p_vaddr; 489 } 490 ELFNAME(load_psection)(&epp->ep_vmcmds, nd.ni_vp, 491 &ph[i], &addr, &size, &prot, flags); 492 /* If entry is within this section it must be text */ 493 if (eh.e_entry >= ph[i].p_vaddr && 494 eh.e_entry < (ph[i].p_vaddr + size)) { 495 epp->ep_entry = addr + eh.e_entry - 496 ELF_TRUNC(ph[i].p_vaddr,ph[i].p_align); 497 ap->arg_interp = addr; 498 } 499 addr += size; 500 break; 501 502 case PT_DYNAMIC: 503 case PT_PHDR: 504 case PT_NOTE: 505 break; 506 507 default: 508 break; 509 } 510 } 511 512 vn_marktext(nd.ni_vp); 513 514 bad1: 515 VOP_CLOSE(nd.ni_vp, FREAD, p->p_ucred, p); 516 bad: 517 if (ph != NULL) 518 free(ph, M_TEMP); 519 520 *last = addr; 521 vput(nd.ni_vp); 522 return (error); 523 } 524 525 /* 526 * Prepare an Elf binary's exec package 527 * 528 * First, set of the various offsets/lengths in the exec package. 529 * 530 * Then, mark the text image busy (so it can be demand paged) or error out if 531 * this is not possible. Finally, set up vmcmds for the text, data, bss, and 532 * stack segments. 533 */ 534 int 535 ELFNAME2(exec,makecmds)(struct proc *p, struct exec_package *epp) 536 { 537 Elf_Ehdr *eh = epp->ep_hdr; 538 Elf_Phdr *ph, *pp; 539 Elf_Addr phdr = 0; 540 int error, i; 541 char *interp = NULL; 542 u_long pos = 0, phsize; 543 u_int8_t os = OOS_NULL; 544 545 if (epp->ep_hdrvalid < sizeof(Elf_Ehdr)) 546 return (ENOEXEC); 547 548 if (ELFNAME(check_header)(eh, ET_EXEC) && 549 ELFNAME(olf_check_header)(eh, ET_EXEC, &os)) 550 return (ENOEXEC); 551 552 /* 553 * check if vnode is in open for writing, because we want to demand- 554 * page out of it. if it is, don't do it, for various reasons. 555 */ 556 if (epp->ep_vp->v_writecount != 0) { 557 #ifdef DIAGNOSTIC 558 if (epp->ep_vp->v_flag & VTEXT) 559 panic("exec: a VTEXT vnode has writecount != 0"); 560 #endif 561 return (ETXTBSY); 562 } 563 /* 564 * Allocate space to hold all the program headers, and read them 565 * from the file 566 */ 567 phsize = eh->e_phnum * sizeof(Elf_Phdr); 568 ph = malloc(phsize, M_TEMP, M_WAITOK); 569 570 if ((error = ELFNAME(read_from)(p, epp->ep_vp, eh->e_phoff, (caddr_t)ph, 571 phsize)) != 0) 572 goto bad; 573 574 epp->ep_tsize = ELFDEFNNAME(NO_ADDR); 575 epp->ep_dsize = ELFDEFNNAME(NO_ADDR); 576 577 for (i = 0; i < eh->e_phnum; i++) { 578 pp = &ph[i]; 579 if (pp->p_type == PT_INTERP) { 580 if (pp->p_filesz >= MAXPATHLEN) 581 goto bad; 582 interp = pool_get(&namei_pool, PR_WAITOK); 583 if ((error = ELFNAME(read_from)(p, epp->ep_vp, 584 pp->p_offset, interp, pp->p_filesz)) != 0) { 585 goto bad; 586 } 587 break; 588 } 589 } 590 591 /* 592 * OK, we want a slightly different twist of the 593 * standard emulation package for "real" elf. 594 */ 595 epp->ep_emul = &ELFNAMEEND(emul); 596 pos = ELFDEFNNAME(NO_ADDR); 597 598 /* 599 * On the same architecture, we may be emulating different systems. 600 * See which one will accept this executable. 601 * 602 * Probe functions would normally see if the interpreter (if any) 603 * exists. Emulation packages may possibly replace the interpreter in 604 * *interp with a changed path (/emul/xxx/<path>), and also 605 * set the ep_emul field in the exec package structure. 606 */ 607 error = ENOEXEC; 608 p->p_os = OOS_OPENBSD; 609 #ifdef NATIVE_EXEC_ELF 610 if (ELFNAME(os_pt_note)(p, epp, epp->ep_hdr, "OpenBSD", 8, 4) == 0) { 611 goto native; 612 } 613 #endif 614 for (i = 0; 615 i < sizeof(ELFNAME(probes)) / sizeof(ELFNAME(probes)[0]) && error; 616 i++) { 617 if (os == OOS_NULL || ((1 << os) & ELFNAME(probes)[i].os_mask)) 618 error = ELFNAME(probes)[i].func ? 619 (*ELFNAME(probes)[i].func)(p, epp, interp, &pos, &os) : 620 0; 621 } 622 if (!error) 623 p->p_os = os; 624 #ifndef NATIVE_EXEC_ELF 625 else 626 goto bad; 627 #else 628 native: 629 #endif /* NATIVE_EXEC_ELF */ 630 /* 631 * Load all the necessary sections 632 */ 633 for (i = 0; i < eh->e_phnum; i++) { 634 Elf_Addr addr = ELFDEFNNAME(NO_ADDR), size = 0; 635 int prot = 0; 636 637 pp = &ph[i]; 638 639 switch (ph[i].p_type) { 640 case PT_LOAD: 641 /* 642 * Calculates size of text and data segments 643 * by starting at first and going to end of last. 644 * 'rwx' sections are treated as data. 645 * this is correct for BSS_PLT, but may not be 646 * for DATA_PLT, is fine for TEXT_PLT. 647 */ 648 ELFNAME(load_psection)(&epp->ep_vmcmds, epp->ep_vp, 649 &ph[i], &addr, &size, &prot, 0); 650 /* 651 * Decide whether it's text or data by looking 652 * at the protection of the section 653 */ 654 if (prot & VM_PROT_WRITE) { 655 /* data section */ 656 if (epp->ep_dsize == ELFDEFNNAME(NO_ADDR)) { 657 epp->ep_daddr = addr; 658 epp->ep_dsize = size; 659 } else { 660 if (addr < epp->ep_daddr) { 661 epp->ep_dsize = 662 epp->ep_dsize + 663 epp->ep_daddr - 664 addr; 665 epp->ep_daddr = addr; 666 } else 667 epp->ep_dsize = addr+size - 668 epp->ep_daddr; 669 } 670 } else if (prot & VM_PROT_EXECUTE) { 671 /* text section */ 672 if (epp->ep_tsize == ELFDEFNNAME(NO_ADDR)) { 673 epp->ep_taddr = addr; 674 epp->ep_tsize = size; 675 } else { 676 if (addr < epp->ep_taddr) { 677 epp->ep_tsize = 678 epp->ep_tsize + 679 epp->ep_taddr - 680 addr; 681 epp->ep_taddr = addr; 682 } else 683 epp->ep_tsize = addr+size - 684 epp->ep_taddr; 685 } 686 } 687 break; 688 689 case PT_SHLIB: 690 error = ENOEXEC; 691 goto bad; 692 693 case PT_INTERP: 694 /* Already did this one */ 695 case PT_DYNAMIC: 696 case PT_NOTE: 697 break; 698 699 case PT_PHDR: 700 /* Note address of program headers (in text segment) */ 701 phdr = pp->p_vaddr; 702 break; 703 704 default: 705 /* 706 * Not fatal, we don't need to understand everything 707 * :-) 708 */ 709 break; 710 } 711 } 712 713 /* 714 * Strangely some linux programs may have all load sections marked 715 * writeable, in this case, textsize is not -1, but rather 0; 716 */ 717 if (epp->ep_tsize == ELFDEFNNAME(NO_ADDR)) 718 epp->ep_tsize = 0; 719 /* 720 * Another possibility is that it has all load sections marked 721 * read-only. Fake a zero-sized data segment right after the 722 * text segment. 723 */ 724 if (epp->ep_dsize == ELFDEFNNAME(NO_ADDR)) { 725 epp->ep_daddr = round_page(epp->ep_taddr + epp->ep_tsize); 726 epp->ep_dsize = 0; 727 } 728 729 epp->ep_interp = interp; 730 epp->ep_entry = eh->e_entry; 731 732 /* 733 * Check if we found a dynamically linked binary and arrange to load 734 * it's interpreter when the exec file is released. 735 */ 736 if (interp) { 737 struct elf_args *ap; 738 739 ap = malloc(sizeof(struct elf_args), M_TEMP, M_WAITOK); 740 741 ap->arg_phaddr = phdr; 742 ap->arg_phentsize = eh->e_phentsize; 743 ap->arg_phnum = eh->e_phnum; 744 ap->arg_entry = eh->e_entry; 745 ap->arg_os = os; 746 747 epp->ep_emul_arg = ap; 748 epp->ep_interp_pos = pos; 749 } 750 751 #if defined(COMPAT_SVR4) && defined(i386) 752 #ifndef ELF_MAP_PAGE_ZERO 753 /* Dell SVR4 maps page zero, yeuch! */ 754 if (p->p_os == OOS_DELL) 755 #endif 756 NEW_VMCMD(&epp->ep_vmcmds, vmcmd_map_readvn, PAGE_SIZE, 0, 757 epp->ep_vp, 0, VM_PROT_READ); 758 #endif 759 760 free(ph, M_TEMP); 761 vn_marktext(epp->ep_vp); 762 return (exec_setup_stack(p, epp)); 763 764 bad: 765 if (interp) 766 pool_put(&namei_pool, interp); 767 free(ph, M_TEMP); 768 kill_vmcmds(&epp->ep_vmcmds); 769 return (ENOEXEC); 770 } 771 772 /* 773 * Phase II of load. It is now safe to load the interpreter. Info collected 774 * when loading the program is available for setup of the interpreter. 775 */ 776 int 777 ELFNAME2(exec,fixup)(struct proc *p, struct exec_package *epp) 778 { 779 char *interp; 780 int error; 781 struct elf_args *ap; 782 AuxInfo ai[ELF_AUX_ENTRIES], *a; 783 Elf_Addr pos = epp->ep_interp_pos; 784 785 if (epp->ep_interp == NULL) { 786 return (0); 787 } 788 789 interp = epp->ep_interp; 790 ap = epp->ep_emul_arg; 791 792 if ((error = ELFNAME(load_file)(p, interp, epp, ap, &pos)) != 0) { 793 free(ap, M_TEMP); 794 pool_put(&namei_pool, interp); 795 kill_vmcmds(&epp->ep_vmcmds); 796 return (error); 797 } 798 /* 799 * We have to do this ourselves... 800 */ 801 error = exec_process_vmcmds(p, epp); 802 803 /* 804 * Push extra arguments on the stack needed by dynamically 805 * linked binaries 806 */ 807 if (error == 0) { 808 a = ai; 809 810 a->au_id = AUX_phdr; 811 a->au_v = ap->arg_phaddr; 812 a++; 813 814 a->au_id = AUX_phent; 815 a->au_v = ap->arg_phentsize; 816 a++; 817 818 a->au_id = AUX_phnum; 819 a->au_v = ap->arg_phnum; 820 a++; 821 822 a->au_id = AUX_pagesz; 823 a->au_v = PAGE_SIZE; 824 a++; 825 826 a->au_id = AUX_base; 827 a->au_v = ap->arg_interp; 828 a++; 829 830 a->au_id = AUX_flags; 831 a->au_v = 0; 832 a++; 833 834 a->au_id = AUX_entry; 835 a->au_v = ap->arg_entry; 836 a++; 837 838 a->au_id = AUX_null; 839 a->au_v = 0; 840 a++; 841 842 error = copyout(ai, epp->ep_emul_argp, sizeof ai); 843 } 844 free(ap, M_TEMP); 845 pool_put(&namei_pool, interp); 846 return (error); 847 } 848 849 /* 850 * Older ELF binaries use EI_ABIVERSION (formerly EI_BRAND) to brand 851 * executables. Newer ELF binaries use EI_OSABI instead. 852 */ 853 char * 854 ELFNAME(check_brand)(Elf_Ehdr *eh) 855 { 856 if (eh->e_ident[EI_ABIVERSION] == '\0') 857 return (NULL); 858 return (&eh->e_ident[EI_ABIVERSION]); 859 } 860 861 int 862 ELFNAME(os_pt_note)(struct proc *p, struct exec_package *epp, Elf_Ehdr *eh, 863 char *os_name, size_t name_size, size_t desc_size) 864 { 865 Elf_Phdr *hph, *ph; 866 Elf_Note *np = NULL; 867 size_t phsize; 868 int error; 869 870 phsize = eh->e_phnum * sizeof(Elf_Phdr); 871 hph = malloc(phsize, M_TEMP, M_WAITOK); 872 if ((error = ELFNAME(read_from)(p, epp->ep_vp, eh->e_phoff, 873 (caddr_t)hph, phsize)) != 0) 874 goto out1; 875 876 for (ph = hph; ph < &hph[eh->e_phnum]; ph++) { 877 if (ph->p_type != PT_NOTE || 878 ph->p_filesz > 1024 || 879 ph->p_filesz < sizeof(Elf_Note) + name_size) 880 continue; 881 882 np = malloc(ph->p_filesz, M_TEMP, M_WAITOK); 883 if ((error = ELFNAME(read_from)(p, epp->ep_vp, ph->p_offset, 884 (caddr_t)np, ph->p_filesz)) != 0) 885 goto out2; 886 887 #if 0 888 if (np->type != ELF_NOTE_TYPE_OSVERSION) { 889 free(np, M_TEMP); 890 np = NULL; 891 continue; 892 } 893 #endif 894 895 /* Check the name and description sizes. */ 896 if (np->namesz != name_size || 897 np->descsz != desc_size) 898 goto out3; 899 900 if (bcmp((np + 1), os_name, name_size)) 901 goto out3; 902 903 /* XXX: We could check for the specific emulation here */ 904 /* All checks succeeded. */ 905 error = 0; 906 goto out2; 907 } 908 909 out3: 910 error = ENOEXEC; 911 out2: 912 if (np) 913 free(np, M_TEMP); 914 out1: 915 free(hph, M_TEMP); 916 return error; 917 } 918