1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 22 /* All Rights Reserved */ 23 24 25 /* Copyright (c) 1987, 1988 Microsoft Corporation */ 26 /* All Rights Reserved */ 27 28 /* 29 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 30 * Use is subject to license terms. 31 */ 32 33 #pragma ident "%Z%%M% %I% %E% SMI" 34 35 /* 36 * ELF files can exceed 2GB in size. A standard 32-bit program 37 * like 'file' cannot read past 2GB, and will be unable to see 38 * the ELF section headers that typically are at the end of the 39 * object. The simplest solution to this problem would be to make 40 * the 'file' command a 64-bit application. However, as a matter of 41 * policy, we do not want to require this. A simple command like 42 * 'file' should not carry such a requirement, especially as we 43 * support 32-bit only hardware. 44 * 45 * An alternative solution is to build this code as 32-bit 46 * large file aware. The usual way to do this is to define a pair 47 * of preprocessor definitions: 48 * 49 * _LARGEFILE64_SOURCE 50 * Map standard I/O routines to their largefile aware versions. 51 * 52 * _FILE_OFFSET_BITS=64 53 * Map off_t to off64_t 54 * 55 * The problem with this solution is that libelf is not large file capable, 56 * and the libelf header file will prevent compilation if 57 * _FILE_OFFSET_BITS is set to 64. 58 * 59 * So, the solution used in this code is to define _LARGEFILE64_SOURCE 60 * to get access to the 64-bit APIs, not to define _FILE_OFFSET_BITS, and to 61 * use our own types in place of off_t, and size_t. We read all the file 62 * data directly using pread64(), and avoid the use of libelf for anything 63 * other than the xlate functionality. 64 */ 65 #define _LARGEFILE64_SOURCE 66 #define FILE_ELF_OFF_T off64_t 67 #define FILE_ELF_SIZE_T uint64_t 68 69 #include <ctype.h> 70 #include <unistd.h> 71 #include <fcntl.h> 72 #include <stdio.h> 73 #include <libelf.h> 74 #include <stdlib.h> 75 #include <limits.h> 76 #include <locale.h> 77 #include <string.h> 78 #include <errno.h> 79 #include <procfs.h> 80 #include <sys/param.h> 81 #include <sys/types.h> 82 #include <sys/stat.h> 83 #include <sys/elf.h> 84 #include <elfcap.h> 85 #include "file.h" 86 #include "elf_read.h" 87 88 extern const char *File; 89 90 static int get_class(void); 91 static int get_version(void); 92 static int get_format(void); 93 static int process_shdr(Elf_Info *); 94 static int process_phdr(Elf_Info *); 95 static int file_xlatetom(Elf_Type, char *); 96 static int xlatetom_nhdr(Elf_Nhdr *); 97 static int get_phdr(Elf_Info *, int); 98 static int get_shdr(Elf_Info *, int); 99 100 static Elf_Ehdr EI_Ehdr; /* Elf_Ehdr to be stored */ 101 static Elf_Word EI_Ehdr_shnum; /* # section headers */ 102 static Elf_Word EI_Ehdr_phnum; /* # program headers */ 103 static Elf_Word EI_Ehdr_shstrndx; /* Index of section hdr string table */ 104 static Elf_Shdr EI_Shdr; /* recent Elf_Shdr to be stored */ 105 static Elf_Phdr EI_Phdr; /* recent Elf_Phdr to be stored */ 106 107 108 static int 109 get_class(void) 110 { 111 return (EI_Ehdr.e_ident[EI_CLASS]); 112 } 113 114 static int 115 get_version(void) 116 { 117 /* do as what libelf:_elf_config() does */ 118 return (EI_Ehdr.e_ident[EI_VERSION] ? 119 EI_Ehdr.e_ident[EI_VERSION] : 1); 120 } 121 122 static int 123 get_format(void) 124 { 125 return (EI_Ehdr.e_ident[EI_DATA]); 126 } 127 128 /* 129 * file_xlatetom: translate different headers from file 130 * representation to memory representaion. 131 */ 132 #define HDRSZ 512 133 static int 134 file_xlatetom(Elf_Type type, char *hdr) 135 { 136 Elf_Data src, dst; 137 char *hbuf[HDRSZ]; 138 int version, format; 139 140 version = get_version(); 141 format = get_format(); 142 143 /* will convert only these types */ 144 if (type != ELF_T_EHDR && type != ELF_T_PHDR && 145 type != ELF_T_SHDR && type != ELF_T_WORD && 146 type != ELF_T_CAP) 147 return (ELF_READ_FAIL); 148 149 src.d_buf = (Elf_Void *)hdr; 150 src.d_type = type; 151 src.d_version = version; 152 153 dst.d_buf = (Elf_Void *)&hbuf; 154 dst.d_version = EV_CURRENT; 155 156 src.d_size = elf_fsize(type, 1, version); 157 dst.d_size = elf_fsize(type, 1, EV_CURRENT); 158 if (elf_xlatetom(&dst, &src, format) == NULL) 159 return (ELF_READ_FAIL); 160 161 (void) memcpy(hdr, &hbuf, dst.d_size); 162 return (ELF_READ_OKAY); 163 } 164 165 /* 166 * xlatetom_nhdr: There is no routine to convert Note header 167 * so we convert each field of this header. 168 */ 169 static int 170 xlatetom_nhdr(Elf_Nhdr *nhdr) 171 { 172 int r = ELF_READ_FAIL; 173 174 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_namesz); 175 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_descsz); 176 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_type); 177 return (r); 178 } 179 180 /* 181 * elf_read: reads elf header, program, section headers to 182 * collect all information needed for file(1) 183 * output and stores them in Elf_Info. 184 */ 185 int 186 elf_read(int fd, Elf_Info *EI) 187 { 188 FILE_ELF_SIZE_T size; 189 int ret = 1; 190 191 Elf_Ehdr *ehdr = &EI_Ehdr; 192 193 EI->elffd = fd; 194 size = sizeof (Elf_Ehdr); 195 196 if (pread64(EI->elffd, (void*)ehdr, size, 0) != size) 197 ret = 0; 198 199 200 if (file_xlatetom(ELF_T_EHDR, (char *)ehdr) == ELF_READ_FAIL) 201 ret = 0; 202 203 if (EI->file == NULL) 204 return (ELF_READ_FAIL); 205 206 /* 207 * Extended section or program indexes in use? If so, special 208 * values in the ELF header redirect us to get the real values 209 * from shdr[0]. 210 */ 211 EI_Ehdr_shnum = EI_Ehdr.e_shnum; 212 EI_Ehdr_phnum = EI_Ehdr.e_phnum; 213 EI_Ehdr_shstrndx = EI_Ehdr.e_shstrndx; 214 if (((EI_Ehdr_shnum == 0) || (EI_Ehdr_phnum == PN_XNUM)) && 215 (EI_Ehdr.e_shoff != 0)) { 216 if (get_shdr(EI, 0) == ELF_READ_FAIL) 217 return (ELF_READ_FAIL); 218 if (EI_Ehdr_shnum == 0) 219 EI_Ehdr_shnum = EI_Shdr.sh_size; 220 if ((EI_Ehdr_phnum == PN_XNUM) && (EI_Shdr.sh_info != 0)) 221 EI_Ehdr_phnum = EI_Shdr.sh_info; 222 if (EI_Ehdr_shstrndx == SHN_XINDEX) 223 EI_Ehdr_shstrndx = EI_Shdr.sh_link; 224 } 225 226 EI->type = ehdr->e_type; 227 EI->machine = ehdr->e_machine; 228 EI->flags = ehdr->e_flags; 229 230 if (ret == 0) { 231 (void) fprintf(stderr, gettext("%s: %s: can't " 232 "read ELF header\n"), File, EI->file); 233 return (ELF_READ_FAIL); 234 } 235 if (process_phdr(EI) == ELF_READ_FAIL) 236 return (ELF_READ_FAIL); 237 238 /* We don't need section info for core files */ 239 if (ehdr->e_type != ET_CORE) 240 if (process_shdr(EI) == ELF_READ_FAIL) 241 return (ELF_READ_FAIL); 242 243 return (ELF_READ_OKAY); 244 } 245 246 /* 247 * get_phdr: reads program header of specified index. 248 */ 249 static int 250 get_phdr(Elf_Info *EI, int inx) 251 { 252 FILE_ELF_OFF_T off = 0; 253 FILE_ELF_SIZE_T size; 254 255 if (inx >= EI_Ehdr_phnum) 256 return (ELF_READ_FAIL); 257 258 size = sizeof (Elf_Phdr); 259 off = (FILE_ELF_OFF_T)EI_Ehdr.e_phoff + (inx * size); 260 if (pread64(EI->elffd, (void *)&EI_Phdr, size, off) != size) 261 return (ELF_READ_FAIL); 262 263 if (file_xlatetom(ELF_T_PHDR, (char *)&EI_Phdr) == ELF_READ_FAIL) 264 return (ELF_READ_FAIL); 265 266 return (ELF_READ_OKAY); 267 } 268 269 /* 270 * get_shdr: reads section header of specified index. 271 */ 272 static int 273 get_shdr(Elf_Info *EI, int inx) 274 { 275 FILE_ELF_OFF_T off = 0; 276 FILE_ELF_SIZE_T size; 277 278 /* 279 * Prevent access to non-existent section headers. 280 * 281 * A value of 0 for e_shoff means that there is no section header 282 * array in the file. A value of 0 for e_shndx does not necessarily 283 * mean this - there can still be a 1-element section header array 284 * to support extended section or program header indexes that 285 * exceed the 16-bit fields used in the ELF header to represent them. 286 */ 287 if ((EI_Ehdr.e_shoff == 0) || ((inx > 0) && (inx >= EI_Ehdr_shnum))) 288 return (ELF_READ_FAIL); 289 290 size = sizeof (Elf_Shdr); 291 off = (FILE_ELF_OFF_T)EI_Ehdr.e_shoff + (inx * size); 292 293 if (pread64(EI->elffd, (void *)&EI_Shdr, size, off) != size) 294 return (ELF_READ_FAIL); 295 296 if (file_xlatetom(ELF_T_SHDR, (char *)&EI_Shdr) == ELF_READ_FAIL) 297 return (ELF_READ_FAIL); 298 299 return (ELF_READ_OKAY); 300 } 301 302 /* 303 * process_phdr: Read Program Headers and see if it is a core 304 * file of either new or (pre-restructured /proc) 305 * type, read the name of the file that dumped this 306 * core, else see if this is a dynamically linked. 307 */ 308 static int 309 process_phdr(Elf_Info *EI) 310 { 311 register int inx; 312 313 Elf_Nhdr Nhdr, *nhdr; /* note header just read */ 314 Elf_Phdr *phdr = &EI_Phdr; 315 316 FILE_ELF_SIZE_T nsz, nmsz, dsz; 317 FILE_ELF_OFF_T offset; 318 int class; 319 int ntype; 320 char *psinfo, *fname; 321 322 nsz = sizeof (Elf_Nhdr); 323 nhdr = &Nhdr; 324 class = get_class(); 325 for (inx = 0; inx < EI_Ehdr_phnum; inx++) { 326 if (get_phdr(EI, inx) == ELF_READ_FAIL) 327 return (ELF_READ_FAIL); 328 329 /* read the note if it is a core */ 330 if (phdr->p_type == PT_NOTE && 331 EI_Ehdr.e_type == ET_CORE) { 332 /* 333 * If the next segment is also a note, use it instead. 334 */ 335 if (get_phdr(EI, inx+1) == ELF_READ_FAIL) 336 return (ELF_READ_FAIL); 337 if (phdr->p_type != PT_NOTE) { 338 /* read the first phdr back */ 339 if (get_phdr(EI, inx) == ELF_READ_FAIL) 340 return (ELF_READ_FAIL); 341 } 342 offset = phdr->p_offset; 343 if (pread64(EI->elffd, (void *)nhdr, nsz, offset) 344 != nsz) 345 return (ELF_READ_FAIL); 346 347 /* Translate the ELF note header */ 348 if (xlatetom_nhdr(nhdr) == ELF_READ_FAIL) 349 return (ELF_READ_FAIL); 350 351 ntype = nhdr->n_type; 352 nmsz = nhdr->n_namesz; 353 dsz = nhdr->n_descsz; 354 355 offset += nsz + ((nmsz + 0x03) & ~0x3); 356 if ((psinfo = malloc(dsz)) == NULL) { 357 int err = errno; 358 (void) fprintf(stderr, gettext("%s: malloc " 359 "failed: %s\n"), File, strerror(err)); 360 exit(1); 361 } 362 if (pread64(EI->elffd, psinfo, dsz, offset) != dsz) 363 return (ELF_READ_FAIL); 364 /* 365 * We want to print the string contained 366 * in psinfo->pr_fname[], where 'psinfo' 367 * is either an old NT_PRPSINFO structure 368 * or a new NT_PSINFO structure. 369 * 370 * Old core files have only type NT_PRPSINFO. 371 * New core files have type NT_PSINFO. 372 * 373 * These structures are also different by 374 * virtue of being contained in a core file 375 * of either 32-bit or 64-bit type. 376 * 377 * To further complicate matters, we ourself 378 * might be compiled either 32-bit or 64-bit. 379 * 380 * For these reason, we just *know* the offsets of 381 * pr_fname[] into the four different structures 382 * here, regardless of how we are compiled. 383 */ 384 if (class == ELFCLASS32) { 385 /* 32-bit core file, 32-bit structures */ 386 if (ntype == NT_PSINFO) 387 fname = psinfo + 88; 388 else /* old: NT_PRPSINFO */ 389 fname = psinfo + 84; 390 } else if (class == ELFCLASS64) { 391 /* 64-bit core file, 64-bit structures */ 392 if (ntype == NT_PSINFO) 393 fname = psinfo + 136; 394 else /* old: NT_PRPSINFO */ 395 fname = psinfo + 120; 396 } 397 EI->core_type = (ntype == NT_PRPSINFO)? 398 EC_OLDCORE : EC_NEWCORE; 399 (void) memcpy(EI->fname, fname, strlen(fname)); 400 free(psinfo); 401 } 402 if (phdr->p_type == PT_DYNAMIC) { 403 EI->dynamic = B_TRUE; 404 } 405 } 406 return (ELF_READ_OKAY); 407 } 408 409 /* 410 * process_shdr: Read Section Headers to attempt to get HW/SW 411 * capabilities by looking at the SUNW_cap 412 * section and set string in Elf_Info. 413 * Also look for symbol tables and debug 414 * information sections. Set the "stripped" field 415 * in Elf_Info with corresponding flags. 416 */ 417 static int 418 process_shdr(Elf_Info *EI) 419 { 420 int capn, mac; 421 int i, j, idx; 422 FILE_ELF_OFF_T cap_off; 423 FILE_ELF_SIZE_T csize; 424 char *section_name; 425 Elf_Cap Chdr; 426 Elf_Shdr *shdr = &EI_Shdr; 427 428 429 csize = sizeof (Elf_Cap); 430 mac = EI_Ehdr.e_machine; 431 432 /* if there are no sections, return success anyway */ 433 if (EI_Ehdr.e_shoff == 0 && EI_Ehdr_shnum == 0) 434 return (ELF_READ_OKAY); 435 436 /* read section names from String Section */ 437 if (get_shdr(EI, EI_Ehdr_shstrndx) == ELF_READ_FAIL) 438 return (ELF_READ_FAIL); 439 440 if ((section_name = malloc(shdr->sh_size)) == NULL) 441 return (ELF_READ_FAIL); 442 443 if (pread64(EI->elffd, section_name, shdr->sh_size, shdr->sh_offset) 444 != shdr->sh_size) 445 return (ELF_READ_FAIL); 446 447 /* read all the sections and process them */ 448 for (idx = 1, i = 0; i < EI_Ehdr_shnum; idx++, i++) { 449 char *str; 450 451 if (get_shdr(EI, i) == ELF_READ_FAIL) 452 return (ELF_READ_FAIL); 453 454 if (shdr->sh_type == SHT_NULL) { 455 idx--; 456 continue; 457 } 458 459 cap_off = shdr->sh_offset; 460 if (shdr->sh_type == SHT_SUNW_cap) { 461 if (shdr->sh_size == 0 || shdr->sh_entsize == 0) { 462 (void) fprintf(stderr, ELF_ERR_ELFCAP1, 463 File, EI->file); 464 return (ELF_READ_FAIL); 465 } 466 capn = (shdr->sh_size / shdr->sh_entsize); 467 for (j = 0; j < capn; j++) { 468 /* 469 * read cap and xlate the values 470 */ 471 if (pread64(EI->elffd, &Chdr, csize, cap_off) 472 != csize || 473 file_xlatetom(ELF_T_CAP, (char *)&Chdr) 474 == 0) { 475 (void) fprintf(stderr, ELF_ERR_ELFCAP2, 476 File, EI->file); 477 return (ELF_READ_FAIL); 478 } 479 480 if (Chdr.c_tag != CA_SUNW_NULL) { 481 (void) cap_val2str(Chdr.c_tag, 482 Chdr.c_un.c_val, EI->cap_str, 483 sizeof (EI->cap_str), 0, mac); 484 } 485 cap_off += csize; 486 } 487 } 488 489 /* 490 * Definition time: 491 * - "not stripped" means that an executable file 492 * contains a Symbol Table (.symtab) 493 * - "stripped" means that an executable file 494 * does not contain a Symbol Table. 495 * When strip -l or strip -x is run, it strips the 496 * debugging information (.line section name (strip -l), 497 * .line, .debug*, .stabs*, .dwarf* section names 498 * and SHT_SUNW_DEBUGSTR and SHT_SUNW_DEBUG 499 * section types (strip -x), however the Symbol 500 * Table will still be present. 501 * Therefore, if 502 * - No Symbol Table present, then report 503 * "stripped" 504 * - Symbol Table present with debugging 505 * information (line number or debug section names, 506 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section 507 * types) then report: 508 * "not stripped" 509 * - Symbol Table present with no debugging 510 * information (line number or debug section names, 511 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section 512 * types) then report: 513 * "not stripped, no debugging information 514 * available" 515 */ 516 if ((EI->stripped & E_NOSTRIP) == E_NOSTRIP) 517 continue; 518 519 if (!(EI->stripped & E_SYMTAB) && 520 (shdr->sh_type == SHT_SYMTAB)) { 521 EI->stripped |= E_SYMTAB; 522 continue; 523 } 524 525 str = §ion_name[shdr->sh_name]; 526 527 if (!(EI->stripped & E_DBGINF) && 528 ((shdr->sh_type == SHT_SUNW_DEBUG) || 529 (shdr->sh_type == SHT_SUNW_DEBUGSTR) || 530 (is_in_list(str)))) { 531 EI->stripped |= E_DBGINF; 532 } 533 } 534 free(section_name); 535 536 return (ELF_READ_OKAY); 537 } 538