The regs parameter is not used anywhere, so remove it.
Signed-off-by: NWill Newton <will.newton@linaro.org>
Reviewed-by: NErik de Castro Lopo <erikd@mega-nerd.com>
Reviewed-by: NAndreas Färber <afaerber@suse.de>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

This patch adds support for AArch64 in all the small corners of
linux-user (primarily in image loading and startup code).
Signed-off-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NJohn Rigby <john.rigby@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-22-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-11-git-send-email-john.rigby@linaro.org
[PMM:
 * removed some unnecessary #defines from syscall.h
 * catch attempts to use a 32 bit only cpu with aarch64-linux-user
 * termios stuff moved into its own patch
 * we specify our minimum uname version here now
]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Introduce CPU_FOREACH(), CPU_FOREACH_SAFE() and CPU_NEXT() shorthand
macros.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Move next_cpu from CPU_COMMON to CPUState.
Move first_cpu variable to qom/cpu.h.

gdbstub needs to use CPUState::env_ptr for now.
cpu_copy() no longer needs to save and restore cpu_next.
Acked-by: NPaolo Bonzini <pbonzini@redhat.com>
[AF: Rebased, simplified cpu_copy()]
Signed-off-by: NAndreas Färber <afaerber@suse.de>

This replaces the feature-bit fields on both X86CPU and x86_def_t
structs with an array.

With this, we will be able to simplify code that simply does the same
operation on all feature words (e.g. kvm_check_features_against_host(),
filter_features_for_kvm(), add_flagname_to_bitmaps(), CPU feature-bit
property lookup/registration, and the proposed "feature-words" property)

The following field replacements were made on X86CPU and x86_def_t:

  (cpuid_)features         -> features[FEAT_1_EDX]
  (cpuid_)ext_features     -> features[FEAT_1_ECX]
  (cpuid_)ext2_features    -> features[FEAT_8000_0001_EDX]
  (cpuid_)ext3_features    -> features[FEAT_8000_0001_ECX]
  (cpuid_)ext4_features    -> features[FEAT_C000_0001_EDX]
  (cpuid_)kvm_features     -> features[FEAT_KVM]
  (cpuid_)svm_features     -> features[FEAT_SVM]
  (cpuid_)7_0_ebx_features -> features[FEAT_7_0_EBX]
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Reviewed-by: NIgor Mammedov <imammedo@redhat.com>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

The alignment is a characteristic of the ABI, not the CPU.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

The alignment is a characteristic of the ABI, not the CPU.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

The alignment is a characteristic of the ABI, not the CPU.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

Reviewed-by: NPeter Maydell <peter.maydell@redhat.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

Registers are 64-bit in size for the MIPS n32 ABI.  Define
target_elf_greg_t accordingly, and use the correct function
to do endian swaps.
Reviewed-by: NPeter Maydell <peter.maydell@redhat.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

Some fields in core dumps are 32-bit in 32-or-64 environments (ppc64abi32,
sparc32plus).  Use abi_long/ulong for those.

Also, the fields of target_elf_siginfo are ints.  Use tswap32 to convert them.
Reviewed-by: NPeter Maydell <peter.maydell@redhat.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Remove two uses of strdup (use g_path_get_basename instead),
and add a comment that this strncpy use is ok.
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NJim Meyering <meyering@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Roll the code used to initialize the guest memory space when -R
or -B is used into 'init_guest_space' and then call 'init_guest_space'
from the driver.  This way the reserved guest memory space can
be probed for.  Calling 'mmap' just once as is currently done is not
guaranteed to succeed since the host address space validation might fail.
Signed-off-by: NMeador Inge <meadori@codesourcery.com>
[PMM: Fixed minor whitespace errors.]
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Signed-off-by: NMeador Inge <meadori@codesourcery.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

Add QEMU OpenRISC linux user support.
Signed-off-by: NJia Liu <proljc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Add support for ARM BE8 userspace binaries.
i.e. big-endian data and little-endian code.
In principle LE8 mode is also possible, but AFAIK has never actually
been implemented/used.

System emulation doesn't have any useable big-endian board models,
but should in principle work once you fix that.
Dynamic endianness switching requires messing with data accesses,
preferably with TCG cooperation, and is orthogonal to BE8 support.
Signed-off-by: NPaul Brook <paul@codesourcery.com>
[PMM: various changes, mostly as per my suggestions in code review:
 * rebase
 * use EF_ defines rather than hardcoded constants
 * make bswap_code a bool for future VMSTATE macro compatibility
 * update comment in cpu.h about TB flags bit field usage
 * factor out load-code-and-swap into arm_ld*_code functions and
   get_user_code* macros
 * fix stray trailing space at end of line
 * added braces in disas.c to satisfy checkpatch
]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The cpu capabilities passed by the elf loader in AT_HWCAP where
a constant.
Make AT_HWCAP reflect the emulated cpu features in order to give
correct clues to eglibc.

Riku Voipio: fixed to apply to current head

Fix :  [Bug 887516] [NEW] VFP support reported for the PXA270
Signed-off-by: NBenoit Canet <benoit.canet@gmail.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Scripted conversion:
  for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
    sed -i "s/CPUState/CPUArchState/g" $file
  done

All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NAnthony Liguori <aliguori@us.ibm.com>

In target-specific code use CPU*State.

While at it, fix indentation on those lines.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

We create our own AUXV segment on stack and save a pointer to it.
However we don't save the length of it, so any code that wants to
do anything useful with it later on has to walk it again.

Instead, let's remember the length of our AUXV segment. This
simplifies later uses by a lot.

(edited by Riku to apply to qemu HEAD)
Signed-off-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NRiku Voipio <riku.voipio@iki.fi>

Coverity complained about local variable key which was only partially
initiated. Only key.st_value was set. As this was also the only part
of key which was used in function symfind, the code could be optimized
by directly passing a pointer to orig_addr.

In bsd-user/elfload.c, fix ec822001
was missing. This was a simple replacement of > by >= in symfind, so
I fixed it here without creating an additional patch.
Signed-off-by: NStefan Weil <sw@weilnetz.de>
Signed-off-by: NAndrzej Zaborowski <andrew.zaborowski@intel.com>

Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: NDong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com>

If a malloc() in copy_elf_strings() failed we would call memset()
before the "did malloc fail?" check. Fix this by moving to the
glib alloc/free routines for this memory so we can use g_try_malloc0
rather than having a separate memset(). Spotted by Coverity (see
bug 887883).
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

Don't confuse the load address with the load bias.  They're equal
for ET_DYN objects (i.e. ld.so) but different for ET_EXEC objects
(i.e. statically linked).
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

linux-user: Implement new ARM 64 bit cmpxchg kernel helper

Linux 3.1 will have a new kernel-page helper for ARM implementing
64 bit cmpxchg. Implement this helper in QEMU linux-user mode:
 * Provide kernel helper emulation for 64bit cmpxchg
 * Allow guest to object to guest offset to ensure it can map a page
 * Populate page with kernel helper version
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NDr. David Alan Gilbert <david.gilbert@linaro.org>

qemu_malloc/qemu_free no longer exist after this commit.
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

setting ELF_HWCAP fixes dynamic library loading for Linux/sparc64
This patch allows loading busybox from Debian 6 initrd
Signed-off-by: NArtyom Tarasenko <atar4qemu@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

The dynamic linker from the GNU C library v2.10+ uses the ELF
auxiliary vector AT_RANDOM [1] as a pointer to 16 bytes with random
values to initialize the stack protection mechanism.  Technically the
emulated GNU dynamic linker crashes due to a NULL pointer
derefencement if it is built with stack protection enabled and if
AT_RANDOM is not defined by the QEMU ELF loader.

[1] This ELF auxiliary vector was introduced in Linux v2.6.29.

This patch can be tested with the code above:

    #include <elf.h>       /* Elf*_auxv_t, AT_RANDOM, */
    #include <stdio.h>     /* printf(3), */
    #include <stdlib.h>    /* exit(3), EXIT_*, */
    #include <stdint.h>    /* uint8_t, */
    #include <string.h>    /* memcpy(3), */

    #if defined(__LP64__) || defined(__ILP64__) || defined(__LLP64__)
    #    define Elf_auxv_t Elf64_auxv_t
    #else
    #    define Elf_auxv_t Elf32_auxv_t
    #endif

    main(int argc, char* argv[], char* envp[])
    {
        Elf_auxv_t *auxv;

        /* *envp = NULL marks end of envp. */
        while (*envp++ != NULL);

        /* auxv->a_type = AT_NULL marks the end of auxv. */
        for (auxv = (Elf_auxv_t *)envp; auxv->a_type != AT_NULL; auxv++) {
            if (auxv->a_type == AT_RANDOM) {
                int i;
                uint8_t rand_bytes[16];

                printf("AT_RANDOM is: 0x%x\n", auxv->a_un.a_val);
                memcpy(rand_bytes, (const uint8_t *)auxv->a_un.a_val, sizeof(rand_bytes));
                printf("it points to: ");
                for (i = 0; i < 16; i++) {
                    printf("0x%02x ", rand_bytes[i]);
                }
                printf("\n");
                exit(EXIT_SUCCESS);
            }
        }
        exit(EXIT_FAILURE);
    }

Changes introduced in v2 and v3:

    * Fix typos + thinko (AT_RANDOM is used for stack canary, not for
      ASLR)

    * AT_RANDOM points to 16 random bytes stored inside the user
      stack.

    * Add a small test program.
Signed-off-by: NCédric VINCENT <cedric.vincent@st.com>
Signed-off-by: NLaurent ALFONSI <laurent.alfonsi@st.com>
Signed-off-by: NRiku Voipio <riku.voipio@iki.fi>

Fix a bug in the linux-user ELF loader code where it was not correctly
handling images where the lowest vaddr to be loaded was not page aligned.
The problem was that the code to probe for a suitable guest base address
was changing the 'loaddr' variable (by rounding it to a page boundary),
which meant that the load bias would then be incorrectly calculated
unless loaddr happened to already be page-aligned.

Binaries generated by gcc with the default linker script do start with
a loadable segment at a page-aligned vaddr, so were unaffected. This
bug was noticed with a binary created by the Google Go toolchain for ARM.

We fix the bug by refactoring the "probe for guest base" code out into
its own self-contained function.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@iki.fi>

This patch fixes a "double free()" due to "realloc(syms, 0)" in the
loader when the ELF file has no "useful" symbol, as with the following
example (compiled with "sh4-linux-gcc -nostdlib"):

    .text
    .align 1
    .global _start
    _start:
        mov     #1, r3
        trapa   #40     // syscall(__NR_exit)
        nop

The bug appears when the log (option "-d") is enabled.
Signed-off-by: NCédric VINCENT <cedric.vincent@st.com>
Signed-off-by: NYves JANIN <yves.janin@st.com>
Signed-off-by: NRiku Voipio <riku.voipio@iki.fi>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

This patch adds support for running s390x binaries in the linux-user emulation
code.
Signed-off-by: NUlrich Hecht <uli@suse.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>

Signed-off-by: NGuan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

This patch allows to really use the core dumped by qemu with guest
architecture tools.

- it adds a missing bswap_phdr() for the program headers
  of memory regions.

  "objdump -x" sample:

BEFORE:

0x1000000 off    0x00200000 vaddr 0x00000400 paddr 0x00000000 align 2**21
         filesz 0x00000000 memsz 0x00100000 flags ---
0x1000000 off    0x00200000 vaddr 0x00100400 paddr 0x00000000 align 2**21
         filesz 0x00000000 memsz 0x00080000 flags --- 6000000

AFTER:

    LOAD off    0x00002000 vaddr 0x00040000 paddr 0x00000000 align 2**13
         filesz 0x00000000 memsz 0x00001000 flags ---
    LOAD off    0x00002000 vaddr 0x00041000 paddr 0x00000000 align 2**13
         filesz 0x00000000 memsz 0x00000800 flags rw-

- it doesn't pad the note size to sizeof(int32_t).
  On m68k the NT_PRSTATUS note size is 154 and
  must not be rounded up to 156, because this value is checked by
  objdump and gdb.

  "gdb" symptoms:

      "warning: Couldn't find general-purpose registers in core file."

  "objdump -x" sample:

BEFORE:

Sections:
Idx Name          Size      VMA       LMA       File off  Algn
  0 note0         000001c4  00000000  00000000  000003b4  2**0
                  CONTENTS, READONLY
  1 .auxv         00000070  00000000  00000000  00000508  2**2
                  CONTENTS
  2 proc1         00100000  00000400  00000000  00200000  2**10
                  READONLY

AFTER:

Sections:
Idx Name          Size      VMA       LMA       File off  Algn
  0 note0         000001c4  00000000  00000000  000003b4  2**0
                  CONTENTS, READONLY
  1 .reg/19022    00000050  00000000  00000000  0000040e  2**2
                  CONTENTS
  2 .reg          00000050  00000000  00000000  0000040e  2**2
                  CONTENTS
  3 .auxv         00000070  00000000  00000000  00000508  2**2
                  CONTENTS
  4 load1         00000000  00040000  00000000  00002000  2**13
                  ALLOC, READONLY
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@nokia.com>

Signed-off-by: NMike Frysinger <vapier@gentoo.org>
Signed-off-by: NRiku Voipio <riku.voipio@nokia.com>

Extract from "man realloc":
"If realloc() fails the original block is left untouched;
it is not freed or moved."

Fix a possible memory leak (reported by cppcheck).

Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: NStefan Weil <weil@mail.berlios.de>
Signed-off-by: NRiku Voipio <riku.voipio@nokia.com>

Cc: malc <av1474@comtv.ru>
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: Nmalc <av1474@comtv.ru>

This requires moving the PT_INTERP extraction and GUEST_BASE
handling into load_elf_image.  Key this off a non-null pointer
argument to receive the interpreter name.
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

Moving toward a single copy of the elf binary loading code.
Fill in the details of the loaded image into a struct image_info.

Adjust create_elf_tables to read from such structures instead
of from a collection of passed arguments.  Don't return error
values from load_elf_interp; always exit(-1) with a message to
stderr.  Collect elf_interpreter handling in load_elf_binary
to a common spot.
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>