1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 22 /* All Rights Reserved */ 23 24 25 /* Copyright (c) 1987, 1988 Microsoft Corporation */ 26 /* All Rights Reserved */ 27 28 /* 29 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 30 * Use is subject to license terms. 31 */ 32 33 /* 34 * ELF files can exceed 2GB in size. A standard 32-bit program 35 * like 'file' cannot read past 2GB, and will be unable to see 36 * the ELF section headers that typically are at the end of the 37 * object. The simplest solution to this problem would be to make 38 * the 'file' command a 64-bit application. However, as a matter of 39 * policy, we do not want to require this. A simple command like 40 * 'file' should not carry such a requirement, especially as we 41 * support 32-bit only hardware. 42 * 43 * An alternative solution is to build this code as 32-bit 44 * large file aware. The usual way to do this is to define a pair 45 * of preprocessor definitions: 46 * 47 * _LARGEFILE64_SOURCE 48 * Map standard I/O routines to their largefile aware versions. 49 * 50 * _FILE_OFFSET_BITS=64 51 * Map off_t to off64_t 52 * 53 * The problem with this solution is that libelf is not large file capable, 54 * and the libelf header file will prevent compilation if 55 * _FILE_OFFSET_BITS is set to 64. 56 * 57 * So, the solution used in this code is to define _LARGEFILE64_SOURCE 58 * to get access to the 64-bit APIs, not to define _FILE_OFFSET_BITS, and to 59 * use our own types in place of off_t, and size_t. We read all the file 60 * data directly using pread64(), and avoid the use of libelf for anything 61 * other than the xlate functionality. 62 */ 63 #define _LARGEFILE64_SOURCE 64 #define FILE_ELF_OFF_T off64_t 65 #define FILE_ELF_SIZE_T uint64_t 66 67 #include <ctype.h> 68 #include <unistd.h> 69 #include <fcntl.h> 70 #include <stdio.h> 71 #include <libelf.h> 72 #include <stdlib.h> 73 #include <limits.h> 74 #include <locale.h> 75 #include <string.h> 76 #include <errno.h> 77 #include <procfs.h> 78 #include <sys/param.h> 79 #include <sys/types.h> 80 #include <sys/stat.h> 81 #include <sys/elf.h> 82 #include <elfcap.h> 83 #include "file.h" 84 #include "elf_read.h" 85 86 extern const char *File; 87 88 static int get_class(void); 89 static int get_version(void); 90 static int get_format(void); 91 static int process_shdr(Elf_Info *); 92 static int process_phdr(Elf_Info *); 93 static int file_xlatetom(Elf_Type, char *); 94 static int xlatetom_nhdr(Elf_Nhdr *); 95 static int get_phdr(Elf_Info *, int); 96 static int get_shdr(Elf_Info *, int); 97 98 static Elf_Ehdr EI_Ehdr; /* Elf_Ehdr to be stored */ 99 static Elf_Word EI_Ehdr_shnum; /* # section headers */ 100 static Elf_Word EI_Ehdr_phnum; /* # program headers */ 101 static Elf_Word EI_Ehdr_shstrndx; /* Index of section hdr string table */ 102 static Elf_Shdr EI_Shdr; /* recent Elf_Shdr to be stored */ 103 static Elf_Phdr EI_Phdr; /* recent Elf_Phdr to be stored */ 104 105 106 static int 107 get_class(void) 108 { 109 return (EI_Ehdr.e_ident[EI_CLASS]); 110 } 111 112 static int 113 get_version(void) 114 { 115 /* do as what libelf:_elf_config() does */ 116 return (EI_Ehdr.e_ident[EI_VERSION] ? 117 EI_Ehdr.e_ident[EI_VERSION] : 1); 118 } 119 120 static int 121 get_format(void) 122 { 123 return (EI_Ehdr.e_ident[EI_DATA]); 124 } 125 126 /* 127 * file_xlatetom: translate different headers from file 128 * representation to memory representaion. 129 */ 130 #define HDRSZ 512 131 static int 132 file_xlatetom(Elf_Type type, char *hdr) 133 { 134 Elf_Data src, dst; 135 char *hbuf[HDRSZ]; 136 int version, format; 137 138 version = get_version(); 139 format = get_format(); 140 141 /* will convert only these types */ 142 if (type != ELF_T_EHDR && type != ELF_T_PHDR && 143 type != ELF_T_SHDR && type != ELF_T_WORD && 144 type != ELF_T_CAP) 145 return (ELF_READ_FAIL); 146 147 src.d_buf = (Elf_Void *)hdr; 148 src.d_type = type; 149 src.d_version = version; 150 151 dst.d_buf = (Elf_Void *)&hbuf; 152 dst.d_version = EV_CURRENT; 153 154 src.d_size = elf_fsize(type, 1, version); 155 dst.d_size = elf_fsize(type, 1, EV_CURRENT); 156 if (elf_xlatetom(&dst, &src, format) == NULL) 157 return (ELF_READ_FAIL); 158 159 (void) memcpy(hdr, &hbuf, dst.d_size); 160 return (ELF_READ_OKAY); 161 } 162 163 /* 164 * xlatetom_nhdr: There is no routine to convert Note header 165 * so we convert each field of this header. 166 */ 167 static int 168 xlatetom_nhdr(Elf_Nhdr *nhdr) 169 { 170 int r = ELF_READ_FAIL; 171 172 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_namesz); 173 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_descsz); 174 r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_type); 175 return (r); 176 } 177 178 /* 179 * elf_read: reads elf header, program, section headers to 180 * collect all information needed for file(1) 181 * output and stores them in Elf_Info. 182 */ 183 int 184 elf_read(int fd, Elf_Info *EI) 185 { 186 FILE_ELF_SIZE_T size; 187 int ret = 1; 188 189 Elf_Ehdr *ehdr = &EI_Ehdr; 190 191 EI->elffd = fd; 192 size = sizeof (Elf_Ehdr); 193 194 if (pread64(EI->elffd, (void*)ehdr, size, 0) != size) 195 ret = 0; 196 197 198 if (file_xlatetom(ELF_T_EHDR, (char *)ehdr) == ELF_READ_FAIL) 199 ret = 0; 200 201 if (EI->file == NULL) 202 return (ELF_READ_FAIL); 203 204 /* 205 * Extended section or program indexes in use? If so, special 206 * values in the ELF header redirect us to get the real values 207 * from shdr[0]. 208 */ 209 EI_Ehdr_shnum = EI_Ehdr.e_shnum; 210 EI_Ehdr_phnum = EI_Ehdr.e_phnum; 211 EI_Ehdr_shstrndx = EI_Ehdr.e_shstrndx; 212 if (((EI_Ehdr_shnum == 0) || (EI_Ehdr_phnum == PN_XNUM)) && 213 (EI_Ehdr.e_shoff != 0)) { 214 if (get_shdr(EI, 0) == ELF_READ_FAIL) 215 return (ELF_READ_FAIL); 216 if (EI_Ehdr_shnum == 0) 217 EI_Ehdr_shnum = EI_Shdr.sh_size; 218 if ((EI_Ehdr_phnum == PN_XNUM) && (EI_Shdr.sh_info != 0)) 219 EI_Ehdr_phnum = EI_Shdr.sh_info; 220 if (EI_Ehdr_shstrndx == SHN_XINDEX) 221 EI_Ehdr_shstrndx = EI_Shdr.sh_link; 222 } 223 224 EI->type = ehdr->e_type; 225 EI->machine = ehdr->e_machine; 226 EI->flags = ehdr->e_flags; 227 228 if (ret == 0) { 229 (void) fprintf(stderr, gettext("%s: %s: can't " 230 "read ELF header\n"), File, EI->file); 231 return (ELF_READ_FAIL); 232 } 233 if (process_phdr(EI) == ELF_READ_FAIL) 234 return (ELF_READ_FAIL); 235 236 /* We don't need section info for core files */ 237 if (ehdr->e_type != ET_CORE) 238 if (process_shdr(EI) == ELF_READ_FAIL) 239 return (ELF_READ_FAIL); 240 241 return (ELF_READ_OKAY); 242 } 243 244 /* 245 * get_phdr: reads program header of specified index. 246 */ 247 static int 248 get_phdr(Elf_Info *EI, int inx) 249 { 250 FILE_ELF_OFF_T off = 0; 251 FILE_ELF_SIZE_T size; 252 253 if (inx >= EI_Ehdr_phnum) 254 return (ELF_READ_FAIL); 255 256 size = sizeof (Elf_Phdr); 257 off = (FILE_ELF_OFF_T)EI_Ehdr.e_phoff + (inx * size); 258 if (pread64(EI->elffd, (void *)&EI_Phdr, size, off) != size) 259 return (ELF_READ_FAIL); 260 261 if (file_xlatetom(ELF_T_PHDR, (char *)&EI_Phdr) == ELF_READ_FAIL) 262 return (ELF_READ_FAIL); 263 264 return (ELF_READ_OKAY); 265 } 266 267 /* 268 * get_shdr: reads section header of specified index. 269 */ 270 static int 271 get_shdr(Elf_Info *EI, int inx) 272 { 273 FILE_ELF_OFF_T off = 0; 274 FILE_ELF_SIZE_T size; 275 276 /* 277 * Prevent access to non-existent section headers. 278 * 279 * A value of 0 for e_shoff means that there is no section header 280 * array in the file. A value of 0 for e_shndx does not necessarily 281 * mean this - there can still be a 1-element section header array 282 * to support extended section or program header indexes that 283 * exceed the 16-bit fields used in the ELF header to represent them. 284 */ 285 if ((EI_Ehdr.e_shoff == 0) || ((inx > 0) && (inx >= EI_Ehdr_shnum))) 286 return (ELF_READ_FAIL); 287 288 size = sizeof (Elf_Shdr); 289 off = (FILE_ELF_OFF_T)EI_Ehdr.e_shoff + (inx * size); 290 291 if (pread64(EI->elffd, (void *)&EI_Shdr, size, off) != size) 292 return (ELF_READ_FAIL); 293 294 if (file_xlatetom(ELF_T_SHDR, (char *)&EI_Shdr) == ELF_READ_FAIL) 295 return (ELF_READ_FAIL); 296 297 return (ELF_READ_OKAY); 298 } 299 300 /* 301 * process_phdr: Read Program Headers and see if it is a core 302 * file of either new or (pre-restructured /proc) 303 * type, read the name of the file that dumped this 304 * core, else see if this is a dynamically linked. 305 */ 306 static int 307 process_phdr(Elf_Info *EI) 308 { 309 register int inx; 310 311 Elf_Nhdr Nhdr, *nhdr; /* note header just read */ 312 Elf_Phdr *phdr = &EI_Phdr; 313 314 FILE_ELF_SIZE_T nsz, nmsz, dsz; 315 FILE_ELF_OFF_T offset; 316 int class; 317 int ntype; 318 char *psinfo, *fname; 319 320 nsz = sizeof (Elf_Nhdr); 321 nhdr = &Nhdr; 322 class = get_class(); 323 for (inx = 0; inx < EI_Ehdr_phnum; inx++) { 324 if (get_phdr(EI, inx) == ELF_READ_FAIL) 325 return (ELF_READ_FAIL); 326 327 /* read the note if it is a core */ 328 if (phdr->p_type == PT_NOTE && 329 EI_Ehdr.e_type == ET_CORE) { 330 /* 331 * If the next segment is also a note, use it instead. 332 */ 333 if (get_phdr(EI, inx+1) == ELF_READ_FAIL) 334 return (ELF_READ_FAIL); 335 if (phdr->p_type != PT_NOTE) { 336 /* read the first phdr back */ 337 if (get_phdr(EI, inx) == ELF_READ_FAIL) 338 return (ELF_READ_FAIL); 339 } 340 offset = phdr->p_offset; 341 if (pread64(EI->elffd, (void *)nhdr, nsz, offset) 342 != nsz) 343 return (ELF_READ_FAIL); 344 345 /* Translate the ELF note header */ 346 if (xlatetom_nhdr(nhdr) == ELF_READ_FAIL) 347 return (ELF_READ_FAIL); 348 349 ntype = nhdr->n_type; 350 nmsz = nhdr->n_namesz; 351 dsz = nhdr->n_descsz; 352 353 offset += nsz + ((nmsz + 0x03) & ~0x3); 354 if ((psinfo = malloc(dsz)) == NULL) { 355 int err = errno; 356 (void) fprintf(stderr, gettext("%s: malloc " 357 "failed: %s\n"), File, strerror(err)); 358 exit(1); 359 } 360 if (pread64(EI->elffd, psinfo, dsz, offset) != dsz) 361 return (ELF_READ_FAIL); 362 /* 363 * We want to print the string contained 364 * in psinfo->pr_fname[], where 'psinfo' 365 * is either an old NT_PRPSINFO structure 366 * or a new NT_PSINFO structure. 367 * 368 * Old core files have only type NT_PRPSINFO. 369 * New core files have type NT_PSINFO. 370 * 371 * These structures are also different by 372 * virtue of being contained in a core file 373 * of either 32-bit or 64-bit type. 374 * 375 * To further complicate matters, we ourself 376 * might be compiled either 32-bit or 64-bit. 377 * 378 * For these reason, we just *know* the offsets of 379 * pr_fname[] into the four different structures 380 * here, regardless of how we are compiled. 381 */ 382 if (class == ELFCLASS32) { 383 /* 32-bit core file, 32-bit structures */ 384 if (ntype == NT_PSINFO) 385 fname = psinfo + 88; 386 else /* old: NT_PRPSINFO */ 387 fname = psinfo + 84; 388 } else if (class == ELFCLASS64) { 389 /* 64-bit core file, 64-bit structures */ 390 if (ntype == NT_PSINFO) 391 fname = psinfo + 136; 392 else /* old: NT_PRPSINFO */ 393 fname = psinfo + 120; 394 } 395 EI->core_type = (ntype == NT_PRPSINFO)? 396 EC_OLDCORE : EC_NEWCORE; 397 (void) memcpy(EI->fname, fname, strlen(fname)); 398 free(psinfo); 399 } 400 if (phdr->p_type == PT_DYNAMIC) { 401 EI->dynamic = B_TRUE; 402 } 403 } 404 return (ELF_READ_OKAY); 405 } 406 407 /* 408 * process_shdr: Read Section Headers to attempt to get HW/SW 409 * capabilities by looking at the SUNW_cap 410 * section and set string in Elf_Info. 411 * Also look for symbol tables and debug 412 * information sections. Set the "stripped" field 413 * in Elf_Info with corresponding flags. 414 */ 415 static int 416 process_shdr(Elf_Info *EI) 417 { 418 int capn, mac; 419 int i, j, idx; 420 FILE_ELF_OFF_T cap_off; 421 FILE_ELF_SIZE_T csize; 422 char *strtab; 423 size_t strtab_sz; 424 Elf_Cap Chdr; 425 Elf_Shdr *shdr = &EI_Shdr; 426 427 428 csize = sizeof (Elf_Cap); 429 mac = EI_Ehdr.e_machine; 430 431 /* if there are no sections, return success anyway */ 432 if (EI_Ehdr.e_shoff == 0 && EI_Ehdr_shnum == 0) 433 return (ELF_READ_OKAY); 434 435 /* read section names from String Section */ 436 if (get_shdr(EI, EI_Ehdr_shstrndx) == ELF_READ_FAIL) 437 return (ELF_READ_FAIL); 438 439 if ((strtab = malloc(shdr->sh_size)) == NULL) 440 return (ELF_READ_FAIL); 441 442 if (pread64(EI->elffd, strtab, shdr->sh_size, shdr->sh_offset) 443 != shdr->sh_size) 444 return (ELF_READ_FAIL); 445 446 strtab_sz = shdr->sh_size; 447 448 /* read all the sections and process them */ 449 for (idx = 1, i = 0; i < EI_Ehdr_shnum; idx++, i++) { 450 char *shnam; 451 452 if (get_shdr(EI, i) == ELF_READ_FAIL) 453 return (ELF_READ_FAIL); 454 455 if (shdr->sh_type == SHT_NULL) { 456 idx--; 457 continue; 458 } 459 460 cap_off = shdr->sh_offset; 461 if (shdr->sh_type == SHT_SUNW_cap) { 462 char capstr[128]; 463 464 if (shdr->sh_size == 0 || shdr->sh_entsize == 0) { 465 (void) fprintf(stderr, ELF_ERR_ELFCAP1, 466 File, EI->file); 467 return (ELF_READ_FAIL); 468 } 469 capn = (shdr->sh_size / shdr->sh_entsize); 470 for (j = 0; j < capn; j++) { 471 /* 472 * read cap and xlate the values 473 */ 474 if (pread64(EI->elffd, &Chdr, csize, cap_off) 475 != csize || 476 file_xlatetom(ELF_T_CAP, (char *)&Chdr) 477 == 0) { 478 (void) fprintf(stderr, ELF_ERR_ELFCAP2, 479 File, EI->file); 480 return (ELF_READ_FAIL); 481 } 482 483 cap_off += csize; 484 485 /* 486 * Each capatibility group is terminated with 487 * CA_SUNW_NULL. Groups other than the first 488 * represent symbol capabilities, and aren't 489 * interesting here. 490 */ 491 if (Chdr.c_tag == CA_SUNW_NULL) 492 break; 493 494 (void) elfcap_tag_to_str(ELFCAP_STYLE_UC, 495 Chdr.c_tag, Chdr.c_un.c_val, capstr, 496 sizeof (capstr), ELFCAP_FMT_SNGSPACE, 497 mac); 498 499 if ((*EI->cap_str != '\0') && (*capstr != '\0')) 500 (void) strlcat(EI->cap_str, " ", 501 sizeof (EI->cap_str)); 502 503 (void) strlcat(EI->cap_str, capstr, 504 sizeof (EI->cap_str)); 505 } 506 } 507 508 /* 509 * Definition time: 510 * - "not stripped" means that an executable file 511 * contains a Symbol Table (.symtab) 512 * - "stripped" means that an executable file 513 * does not contain a Symbol Table. 514 * When strip -l or strip -x is run, it strips the 515 * debugging information (.line section name (strip -l), 516 * .line, .debug*, .stabs*, .dwarf* section names 517 * and SHT_SUNW_DEBUGSTR and SHT_SUNW_DEBUG 518 * section types (strip -x), however the Symbol 519 * Table will still be present. 520 * Therefore, if 521 * - No Symbol Table present, then report 522 * "stripped" 523 * - Symbol Table present with debugging 524 * information (line number or debug section names, 525 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section 526 * types) then report: 527 * "not stripped" 528 * - Symbol Table present with no debugging 529 * information (line number or debug section names, 530 * or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section 531 * types) then report: 532 * "not stripped, no debugging information 533 * available" 534 */ 535 if ((EI->stripped & E_NOSTRIP) == E_NOSTRIP) 536 continue; 537 538 if (!(EI->stripped & E_SYMTAB) && 539 (shdr->sh_type == SHT_SYMTAB)) { 540 EI->stripped |= E_SYMTAB; 541 continue; 542 } 543 544 if (shdr->sh_name >= strtab_sz) 545 shnam = NULL; 546 else 547 shnam = &strtab[shdr->sh_name]; 548 549 if (!(EI->stripped & E_DBGINF) && 550 ((shdr->sh_type == SHT_SUNW_DEBUG) || 551 (shdr->sh_type == SHT_SUNW_DEBUGSTR) || 552 (shnam != NULL && is_in_list(shnam)))) { 553 EI->stripped |= E_DBGINF; 554 } 555 } 556 free(strtab); 557 558 return (ELF_READ_OKAY); 559 } 560