Some PT_LOAD segments may be completely zeroed out and their p_filesize
is zero, in that case the loader should just allocate a page that's at
least p_memsz bytes large (plus eventual alignment padding).

Calling zero_bss does this job for us, all we have to do is make sure we
don't try to mmap a zero-length page.
Signed-off-by: NGiuseppe Musacchio <thatlemon@gmail.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Message-Id: <20190503122007.lkjsvztgt4ycovac@debian>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
    inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
    inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
    inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: NAlistair Francis <alistair.francis@wdc.com>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Message-Id: <c4d2b1de9efadcf1c900b91361af9302823a72a9.1556666645.git.alistair.francis@wdc.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Message-Id: <20190212074840.13542-3-richard.henderson@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

The 32-bit kernel has strings for v4, v5, v6, v7, v7m.
The 64-bit kernel, in compat mode, has strings for v8.

Fixes: https://bugs.launchpad.net/bugs/1813034Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Message-Id: <20190212074840.13542-2-richard.henderson@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Tested-by: NLaurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20190301200501.16533-8-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[PMM: fixed up block comment style]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20190301200501.16533-3-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20190219222952.22183-6-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Userspace programs should (in theory) query the ELF HWCAP before
probing these registers. Now we have implemented them all make it
public.
Signed-off-by: NAlex Bennée <alex.bennee@linaro.org>
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20190205190224.2198-6-alex.bennee@linaro.org
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Most list head structs need not be given a name.  In most cases the
name is given just in case one is going to use QTAILQ_LAST, QTAILQ_PREV
or reverse iteration, but this does not apply to lists of other kinds,
and even for QTAILQ in practice this is only rarely needed.  In addition,
we will soon reimplement those macros completely so that they do not
need a name for the head struct.  So clean up everything, not giving a
name except in the rare case where it is necessary.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Set fp_abi and interp_fp_abi values to current fp_abi value read from
MIPS.abiflags.
Reviewed-by: NAleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: NStefan Markovic <smarkovic@wavecomp.com>

Read MIPS.abiflags section from ELF file into Mips_elf_abiflags_v0 struct.
Reviewed-by: NAleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: NStefan Markovic <smarkovic@wavecomp.com>

Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20181016223115.24100-9-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20181016223115.24100-8-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Both arm and thumb2 division are controlled by the same ISAR field,
which takes care of the arm implies thumb case.  Having M imply
thumb2 division was wrong for cortex-m0, which is v6m and does not
have thumb2 at all, much less thumb2 division.
Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20181016223115.24100-5-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Most of the v8 extensions are self-contained within the ISAR
registers and are not implied by other feature bits, which
makes them the easiest to convert.
Reviewed-by: NPhilippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20181016223115.24100-4-richard.henderson@linaro.org
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

If the hostpage size is greater than the TARGET_PAGESIZE, the
target-pages of size TARGET_PAGESIZE are marked valid only till the
length requested during the elfload. The glibc attempts to consume unused
space in the last page of data segment(__libc_memalign() in
elf/dl-minimal.c). If PT_LOAD p_align is greater than or
equal to hostpage size, the GLRO(dl_pagesize) is actually the host pagesize
as set in the auxillary vectors. So, there is no explicit mmap request for
the remaining target-pages on the last hostpage. The glibc assumes that
particular space as available and subsequent attempts to use
those addresses lead to crash as the target_mmap has not marked them valid
for those target-pages.

The issue is seen when trying to chroot to 16.04-x86_64 ubuntu on a PPC64
host where the fork fails to access the thread_id as it is allocated on a
page not marked valid. The recent glibc doesn't have checks for thread-id in
fork, but the issue can manifest somewhere else, none the less.

The fix here is to map all the target-pages of the hostpage during the
elfload if the p_align is greater than or equal to hostpage size, for
data segment to allow the glibc for proper consumption.
Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Message-Id: <153553435604.51992.5640085189104207249.stgit@lep8c.aus.stglabs.ibm.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

This adds the HWCAP2 bit to detect if a linux user process is
running on an ISA 3.0 compliant cpu like POWER9. This can be
verified using a simple test program that prints the value in
the auxiliary vector for AT_HWCAP2 as shown below.

Before:
  $ qemu-ppc64le -cpu power8 test
  0x8c000000

  $ qemu-ppc64le -cpu power9 test
  0x8c000000

After:
  $ qemu-ppc64le -cpu power8 test
  0x8c000000

  $ qemu-ppc64le -cpu power9 test
  0x8c800000
Signed-off-by: NSandipan Das <sandipan@linux.ibm.com>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NDavid Gibson <david@gibson.dropbear.id.au>

Starting from nanoMIPS introduction, machine variant can be
EM_MIPS or EM_NANOMIPS.
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
Signed-off-by: NAleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: NStefan Markovic <smarkovic@wavecomp.com>

When we try to use some targets on ppc64, it can happen the target
doesn't support the host page size to align ELF load sections and
fails with:

  ELF load command alignment not page-aligned

Since commit a70daba3 ("linux-user: Tell guest about big host
page sizes") the host page size is used to align ELF sections, but
this doesn't work if the alignment required by the load section is
smaller than the host one.  For these cases, we continue to use the
TARGET_PAGE_SIZE instead of the host one.

I have tested this change on ppc64, and it fixes qemu linux-user for:
  s390x, m68k, i386, arm, aarch64, hppa
and I have tested it doesn't break the following targets:
  x86_64, mips64el, sh4
mips and mipsel abort, but I think for another reason.
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Reviewed-by: NRichard Henderson <richard.henderson@linaro.org>
[lv: fixed "info->alignment = 0"]
Message-Id: <20180716195349.29959-1-laurent@vivier.eu>

We've already added the helpers with an SVE patch, all that remains
is to wire up the aa64 and aa32 translators.  Enable the feature
within -cpu max for CONFIG_USER_ONLY.
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20180627043328.11531-36-richard.henderson@linaro.org
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Enable ARM_FEATURE_SVE for the generic "max" cpu.
Tested-by: NAlex Bennée <alex.bennee@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20180627043328.11531-35-richard.henderson@linaro.org
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

The insns in the ARMv8.1-Atomics are added to the existing
load/store exclusive and load/store reg opcode spaces.
Rearrange the top-level decoders for these to accomodate.
The Atomics insns themselves still generate Unallocated.
Signed-off-by: NRichard Henderson <richard.henderson@linaro.org>
Message-id: 20180508151437.4232-8-richard.henderson@linaro.org
[PMM: Drop the ARM_FEATURE_V8_1 feature flag]
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Add FDPIC info into image_info structure since interpreter info is on
stack and needs to be saved to be accessed later on.
Co-Authored-By: NMickaël Guêné <mickael.guene@st.com>
Signed-off-by: NChristophe Lyon <christophe.lyon@st.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Message-Id: <20180430080404.7323-4-christophe.lyon@st.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Define an ARM-specific version of elf_is_fdpic:
FDPIC ELF objects are identified with e_ident[EI_OSABI] ==
ELFOSABI_ARM_FDPIC.
Co-Authored-By: NMickaël Guêné <mickael.guene@st.com>
Signed-off-by: NChristophe Lyon <christophe.lyon@st.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Message-Id: <20180430080404.7323-3-christophe.lyon@st.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

We want to avoid code disabled by default, because it ends up less
tested. This patch removes all instances of #ifdef CONFIG_USE_FDPIC,
most of which can be safely kept. For the ones that should be
conditionally executed, we define elf_is_fdpic(). Without this patch,
defining CONFIG_USE_FDPIC would prevent QEMU from building precisely
because elf_is_fdpic is not defined.
Signed-off-by: NChristophe Lyon <christophe.lyon@st.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Message-Id: <20180430080404.7323-2-christophe.lyon@st.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Add support for the two currently defined HWCAP bits on MIPS - R6 and
MSA.

Buglink: https://bugs.launchpad.net/qemu/+bug/1754372Signed-off-by: NJames Cowgill <james.cowgill@mips.com>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Message-Id: <20180315151348.6451-1-james.cowgill@mips.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

At a fixed distance after the usable memory that init_guest_space maps, for
32-bit ARM targets we also need to map a commpage.  The normal
init_guest_space logic doesn't keep this in mind when searching for an
address range.

If !host_start, then try to find a big continuous segment where we can put
both the usable memory and the commpage; we then munmap that segment and
set current_start to that address; and let the normal code mmap the usable
memory and the commpage separately.  That is: if we don't have hint of
where to start looking for memory, come up with one that is better than
NULL.  Depending on host_size and guest_start, there may or may not be a
gap between the usable memory and the commpage, so this is slightly more
restrictive than it needs to be; but it's only a hint, so that's OK.

We only do that for !host start, because if host_start, then either:
 - we got an address passed in with -B, in which case we don't want to
   interfere with what the user said;
 - or host_start is based off of the ELF image's loaddr.  The check "if
   (host_start && real_start != current_start)" suggests that we really
   want lowest available address that is >= loaddr.  I don't know why that
   is, but I'm trusting that Paul Brook knew what he was doing when he
   wrote the original version of that check in
   c581deda way back in 2010.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-11-lukeshu@lukeshu.com>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Import list of syscalls from the kernel source. Conditionalize code/data
that is only used with softmmu. Implement exception handlers. Implement
signal hander (only the core registers for now, no coprocessors or TIE).

Cc: Riku Voipio <riku.voipio@iki.fi>
Cc: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com>

Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-10-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

If the ensure-alignment code gets triggered, then the
"if (host_start && real_start != current_start)" check will always trigger,
so save 2 syscalls and put that check first.

Note that we can't just switch to using MAP_FIXED for that check, because
then we couldn't differentiate between a failure because "there isn't
enough space" and "there isn't enough space *here*".
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-9-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Instead of doing

        if (check1) {
            if (check2) {
               success;
            }
        }

        retry;

Do a clearer

        if (!check1) {
           goto try_again;
        }

        if (!check2) {
           goto try_again;
        }

        success;

    try_again:
        retry;

Besides being clearer, this makes it easier to insert more checks that
need to trigger a retry on check failure, or rearrange them, or anything
like that.

Because some indentation is changing, "ignore space change" may be useful
for viewing this patch.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-8-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[lv: modified to try again fi valid == 0, not valid == -1 (error case)]
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-7-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

There are 3 parts to this change:
 - Add a comment showing the relative sizes and positions of the blocks of
   memory
 - introduce and use new aligned_{start,size} instead of adjusting
   real_{start_size}
 - When we clean up (on failure), munmap(real_start, real_size) instead of
   munmap(aligned_start, aligned_size).  It *shouldn't* make any
   difference, but I will admit that this does mean we are making the
   syscall with different values, so this isn't quite a no-op patch.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-6-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

init_guest_commpage  needs to check if the mapped space, which ends at
real_start+real_size overlaps with where it needs to put the commpage,
which is (assuming sane qemu_host_page_size) guest_base + 0xffff000, where
guest_base is real_start - guest_start.

    [guest_base][       0xffff0000      ][commpage]
    [guest_base][guest_start][real_size] [commpage]
    [       real_start      ][real_size] [commpage]
                                        ^
                                 fail if this gap < 0

Since init_guest_commpage wants to do everything relative to guest_base
(rather than real_start), it obviously needs to be comparing 0xffff0000
against guest_start+real_size, not just real_size.

This bug has been present since 806d1021 in
2012, but guest_start is usually 0, and prior to v2.11 real_size was
usually much smaller than 0xffff0000, so it was uncommon for it to have
made a difference.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-5-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

We'll just exit with an error anyway, so it doesn't really matter, but it
is cleaned up in all of the other places were we error out.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-4-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

init_guest_commpage is a much more honest description of what the function
does.  validate_guest_space not only suggests that the function has no
side-effects, but also introduces confusion as to why it is only needed on
32-bit ARM targets.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-3-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

Instead of defining a bogus validate_guest_space that always returns 1 on
targets other than 32-bit ARM, use #if blocks to only call it on 32-bit ARM
targets.  This makes the "normal" flow control clearer.
Signed-off-by: NLuke Shumaker <lukeshu@parabola.nu>
Message-Id: <20171228180814.9749-2-lukeshu@lukeshu.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[lv: fix condition to "!= 1" as requested by Peter]
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>

We dropped the unicore32-linux-user target in commit 5e2b40f7
in 2016. Nobody has made any attempt to fix the issues that
caused us to drop it, so remove the associated code.
(The system emulation parts of unicore32 remain.)
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NLaurent Vivier <laurent@vivier.eu>
Message-Id: <20180308144733.25615-2-peter.maydell@linaro.org>
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>