xref: /titanic_52/usr/src/cmd/file/elf_read.c (revision 85e6b6747d07050e01ec91acef2453655821f9ab)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
22 /*	  All Rights Reserved  	*/
23 
24 
25 /*	Copyright (c) 1987, 1988 Microsoft Corporation	*/
26 /*	  All Rights Reserved	*/
27 
28 /*
29  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
30  * Use is subject to license terms.
31  */
32 
33 /*
34  * ELF files can exceed 2GB in size. A standard 32-bit program
35  * like 'file' cannot read past 2GB, and will be unable to see
36  * the ELF section headers that typically are at the end of the
37  * object. The simplest solution to this problem would be to make
38  * the 'file' command a 64-bit application. However, as a matter of
39  * policy, we do not want to require this. A simple command like
40  * 'file' should not carry such a requirement, especially as we
41  * support 32-bit only hardware.
42  *
43  * An alternative solution is to build this code as 32-bit
44  * large file aware. The usual way to do this is to define a pair
45  * of preprocessor definitions:
46  *
47  *	_LARGEFILE64_SOURCE
48  *		Map standard I/O routines to their largefile aware versions.
49  *
50  *	_FILE_OFFSET_BITS=64
51  *		Map off_t to off64_t
52  *
53  * The problem with this solution is that libelf is not large file capable,
54  * and the libelf header file will prevent compilation if
55  * _FILE_OFFSET_BITS is set to 64.
56  *
57  * So, the solution used in this code is to define _LARGEFILE64_SOURCE
58  * to get access to the 64-bit APIs, not to define _FILE_OFFSET_BITS, and to
59  * use our own types in place of off_t, and size_t. We read all the file
60  * data directly using pread64(), and avoid the use of libelf for anything
61  * other than the xlate functionality.
62  */
63 #define	_LARGEFILE64_SOURCE
64 #define	FILE_ELF_OFF_T	off64_t
65 #define	FILE_ELF_SIZE_T	uint64_t
66 
67 #include <ctype.h>
68 #include <unistd.h>
69 #include <fcntl.h>
70 #include <stdio.h>
71 #include <libelf.h>
72 #include <stdlib.h>
73 #include <limits.h>
74 #include <locale.h>
75 #include <string.h>
76 #include <errno.h>
77 #include <procfs.h>
78 #include <sys/param.h>
79 #include <sys/types.h>
80 #include <sys/stat.h>
81 #include <sys/elf.h>
82 #include <elfcap.h>
83 #include "file.h"
84 #include "elf_read.h"
85 
86 extern const char *File;
87 
88 static int get_class(void);
89 static int get_version(void);
90 static int get_format(void);
91 static int process_shdr(Elf_Info *);
92 static int process_phdr(Elf_Info *);
93 static int file_xlatetom(Elf_Type, char *);
94 static int xlatetom_nhdr(Elf_Nhdr *);
95 static int get_phdr(Elf_Info *, int);
96 static int get_shdr(Elf_Info *, int);
97 
98 static Elf_Ehdr	EI_Ehdr;		/* Elf_Ehdr to be stored */
99 static Elf_Word	EI_Ehdr_shnum;		/* # section headers */
100 static Elf_Word	EI_Ehdr_phnum;		/* # program headers */
101 static Elf_Word	EI_Ehdr_shstrndx;	/* Index of section hdr string table */
102 static Elf_Shdr	EI_Shdr;		/* recent Elf_Shdr to be stored */
103 static Elf_Phdr	EI_Phdr;		/* recent Elf_Phdr to be stored */
104 
105 
106 static int
107 get_class(void)
108 {
109 	return (EI_Ehdr.e_ident[EI_CLASS]);
110 }
111 
112 static int
113 get_version(void)
114 {
115 	/* do as what libelf:_elf_config() does */
116 	return (EI_Ehdr.e_ident[EI_VERSION] ?
117 	    EI_Ehdr.e_ident[EI_VERSION] : 1);
118 }
119 
120 static int
121 get_format(void)
122 {
123 	return (EI_Ehdr.e_ident[EI_DATA]);
124 }
125 
126 /*
127  * file_xlatetom:	translate different headers from file
128  * 			representation to memory representaion.
129  */
130 #define	HDRSZ 512
131 static int
132 file_xlatetom(Elf_Type type, char *hdr)
133 {
134 	Elf_Data src, dst;
135 	char *hbuf[HDRSZ];
136 	int version, format;
137 
138 	version = get_version();
139 	format = get_format();
140 
141 	/* will convert only these types */
142 	if (type != ELF_T_EHDR && type != ELF_T_PHDR &&
143 	    type != ELF_T_SHDR && type != ELF_T_WORD &&
144 	    type != ELF_T_CAP)
145 		return (ELF_READ_FAIL);
146 
147 	src.d_buf = (Elf_Void *)hdr;
148 	src.d_type = type;
149 	src.d_version = version;
150 
151 	dst.d_buf = (Elf_Void *)&hbuf;
152 	dst.d_version = EV_CURRENT;
153 
154 	src.d_size = elf_fsize(type, 1, version);
155 	dst.d_size = elf_fsize(type, 1, EV_CURRENT);
156 	if (elf_xlatetom(&dst, &src, format) == NULL)
157 		return (ELF_READ_FAIL);
158 
159 	(void) memcpy(hdr, &hbuf, dst.d_size);
160 	return (ELF_READ_OKAY);
161 }
162 
163 /*
164  * xlatetom_nhdr:	There is no routine to convert Note header
165  * 			so we convert each field of this header.
166  */
167 static int
168 xlatetom_nhdr(Elf_Nhdr *nhdr)
169 {
170 	int r = ELF_READ_FAIL;
171 
172 	r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_namesz);
173 	r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_descsz);
174 	r |= file_xlatetom(ELF_T_WORD, (char *)&nhdr->n_type);
175 	return (r);
176 }
177 
178 /*
179  * elf_read:	reads elf header, program, section headers to
180  * 		collect all information needed for file(1)
181  *		output and stores them in Elf_Info.
182  */
183 int
184 elf_read(int fd, Elf_Info *EI)
185 {
186 	FILE_ELF_SIZE_T	size;
187 	int		ret = 1;
188 
189 	Elf_Ehdr *ehdr = &EI_Ehdr;
190 
191 	EI->elffd = fd;
192 	size = sizeof (Elf_Ehdr);
193 
194 	if (pread64(EI->elffd, (void*)ehdr, size, 0) != size)
195 		ret = 0;
196 
197 
198 	if (file_xlatetom(ELF_T_EHDR, (char *)ehdr) == ELF_READ_FAIL)
199 		ret = 0;
200 
201 	if (EI->file == NULL)
202 		return (ELF_READ_FAIL);
203 
204 	/*
205 	 * Extended section or program indexes in use? If so, special
206 	 * values in the ELF header redirect us to get the real values
207 	 * from shdr[0].
208 	 */
209 	EI_Ehdr_shnum = EI_Ehdr.e_shnum;
210 	EI_Ehdr_phnum = EI_Ehdr.e_phnum;
211 	EI_Ehdr_shstrndx = EI_Ehdr.e_shstrndx;
212 	if (((EI_Ehdr_shnum == 0) || (EI_Ehdr_phnum == PN_XNUM)) &&
213 	    (EI_Ehdr.e_shoff != 0)) {
214 		if (get_shdr(EI, 0) == ELF_READ_FAIL)
215 			return (ELF_READ_FAIL);
216 		if (EI_Ehdr_shnum == 0)
217 			EI_Ehdr_shnum = EI_Shdr.sh_size;
218 		if ((EI_Ehdr_phnum == PN_XNUM) && (EI_Shdr.sh_info != 0))
219 			EI_Ehdr_phnum = EI_Shdr.sh_info;
220 		if (EI_Ehdr_shstrndx == SHN_XINDEX)
221 			EI_Ehdr_shstrndx = EI_Shdr.sh_link;
222 	}
223 
224 	EI->type = ehdr->e_type;
225 	EI->machine = ehdr->e_machine;
226 	EI->flags = ehdr->e_flags;
227 
228 	if (ret == 0) {
229 		(void) fprintf(stderr, gettext("%s: %s: can't "
230 		    "read ELF header\n"), File, EI->file);
231 		return (ELF_READ_FAIL);
232 	}
233 	if (process_phdr(EI) == ELF_READ_FAIL)
234 		return (ELF_READ_FAIL);
235 
236 	/* We don't need section info for core files */
237 	if (ehdr->e_type != ET_CORE)
238 		if (process_shdr(EI) == ELF_READ_FAIL)
239 			return (ELF_READ_FAIL);
240 
241 	return (ELF_READ_OKAY);
242 }
243 
244 /*
245  * get_phdr:	reads program header of specified index.
246  */
247 static int
248 get_phdr(Elf_Info *EI, int inx)
249 {
250 	FILE_ELF_OFF_T	off = 0;
251 	FILE_ELF_SIZE_T	size;
252 
253 	if (inx >= EI_Ehdr_phnum)
254 		return (ELF_READ_FAIL);
255 
256 	size = sizeof (Elf_Phdr);
257 	off = (FILE_ELF_OFF_T)EI_Ehdr.e_phoff + (inx * size);
258 	if (pread64(EI->elffd, (void *)&EI_Phdr, size, off) != size)
259 		return (ELF_READ_FAIL);
260 
261 	if (file_xlatetom(ELF_T_PHDR, (char *)&EI_Phdr) == ELF_READ_FAIL)
262 		return (ELF_READ_FAIL);
263 
264 	return (ELF_READ_OKAY);
265 }
266 
267 /*
268  * get_shdr:	reads section header of specified index.
269  */
270 static int
271 get_shdr(Elf_Info *EI, int inx)
272 {
273 	FILE_ELF_OFF_T	off = 0;
274 	FILE_ELF_SIZE_T	size;
275 
276 	/*
277 	 * Prevent access to non-existent section headers.
278 	 *
279 	 * A value of 0 for e_shoff means that there is no section header
280 	 * array in the file. A value of 0 for e_shndx does not necessarily
281 	 * mean this - there can still be a 1-element section header array
282 	 * to support extended section or program header indexes that
283 	 * exceed the 16-bit fields used in the ELF header to represent them.
284 	 */
285 	if ((EI_Ehdr.e_shoff == 0) || ((inx > 0) && (inx >= EI_Ehdr_shnum)))
286 		return (ELF_READ_FAIL);
287 
288 	size = sizeof (Elf_Shdr);
289 	off = (FILE_ELF_OFF_T)EI_Ehdr.e_shoff + (inx * size);
290 
291 	if (pread64(EI->elffd, (void *)&EI_Shdr, size, off) != size)
292 		return (ELF_READ_FAIL);
293 
294 	if (file_xlatetom(ELF_T_SHDR, (char *)&EI_Shdr) == ELF_READ_FAIL)
295 		return (ELF_READ_FAIL);
296 
297 	return (ELF_READ_OKAY);
298 }
299 
300 /*
301  * process_phdr:	Read Program Headers and see if it is a core
302  *			file of either new or (pre-restructured /proc)
303  * 			type, read the name of the file that dumped this
304  *			core, else see if this is a dynamically linked.
305  */
306 static int
307 process_phdr(Elf_Info *EI)
308 {
309 	register int inx;
310 
311 	Elf_Nhdr	Nhdr, *nhdr;	/* note header just read */
312 	Elf_Phdr	*phdr = &EI_Phdr;
313 
314 	FILE_ELF_SIZE_T	nsz, nmsz, dsz;
315 	FILE_ELF_OFF_T	offset;
316 	int	class;
317 	int	ntype;
318 	char	*psinfo, *fname;
319 
320 	nsz = sizeof (Elf_Nhdr);
321 	nhdr = &Nhdr;
322 	class = get_class();
323 	for (inx = 0; inx < EI_Ehdr_phnum; inx++) {
324 		if (get_phdr(EI, inx) == ELF_READ_FAIL)
325 			return (ELF_READ_FAIL);
326 
327 		/* read the note if it is a core */
328 		if (phdr->p_type == PT_NOTE &&
329 		    EI_Ehdr.e_type == ET_CORE) {
330 			/*
331 			 * If the next segment is also a note, use it instead.
332 			 */
333 			if (get_phdr(EI, inx+1) == ELF_READ_FAIL)
334 				return (ELF_READ_FAIL);
335 			if (phdr->p_type != PT_NOTE) {
336 				/* read the first phdr back */
337 				if (get_phdr(EI, inx) == ELF_READ_FAIL)
338 					return (ELF_READ_FAIL);
339 			}
340 			offset = phdr->p_offset;
341 			if (pread64(EI->elffd, (void *)nhdr, nsz, offset)
342 			    != nsz)
343 				return (ELF_READ_FAIL);
344 
345 			/* Translate the ELF note header */
346 			if (xlatetom_nhdr(nhdr) == ELF_READ_FAIL)
347 				return (ELF_READ_FAIL);
348 
349 			ntype = nhdr->n_type;
350 			nmsz = nhdr->n_namesz;
351 			dsz = nhdr->n_descsz;
352 
353 			offset += nsz + ((nmsz + 0x03) & ~0x3);
354 			if ((psinfo = malloc(dsz)) == NULL) {
355 				int err = errno;
356 				(void) fprintf(stderr, gettext("%s: malloc "
357 				    "failed: %s\n"), File, strerror(err));
358 				exit(1);
359 			}
360 			if (pread64(EI->elffd, psinfo, dsz, offset) != dsz)
361 				return (ELF_READ_FAIL);
362 			/*
363 			 * We want to print the string contained
364 			 * in psinfo->pr_fname[], where 'psinfo'
365 			 * is either an old NT_PRPSINFO structure
366 			 * or a new NT_PSINFO structure.
367 			 *
368 			 * Old core files have only type NT_PRPSINFO.
369 			 * New core files have type NT_PSINFO.
370 			 *
371 			 * These structures are also different by
372 			 * virtue of being contained in a core file
373 			 * of either 32-bit or 64-bit type.
374 			 *
375 			 * To further complicate matters, we ourself
376 			 * might be compiled either 32-bit or 64-bit.
377 			 *
378 			 * For these reason, we just *know* the offsets of
379 			 * pr_fname[] into the four different structures
380 			 * here, regardless of how we are compiled.
381 			 */
382 			if (class == ELFCLASS32) {
383 				/* 32-bit core file, 32-bit structures */
384 				if (ntype == NT_PSINFO)
385 					fname = psinfo + 88;
386 				else	/* old: NT_PRPSINFO */
387 					fname = psinfo + 84;
388 			} else if (class == ELFCLASS64) {
389 				/* 64-bit core file, 64-bit structures */
390 				if (ntype == NT_PSINFO)
391 					fname = psinfo + 136;
392 				else	/* old: NT_PRPSINFO */
393 					fname = psinfo + 120;
394 			}
395 			EI->core_type = (ntype == NT_PRPSINFO)?
396 			    EC_OLDCORE : EC_NEWCORE;
397 			(void) memcpy(EI->fname, fname, strlen(fname));
398 			free(psinfo);
399 		}
400 		if (phdr->p_type == PT_DYNAMIC) {
401 			EI->dynamic = B_TRUE;
402 		}
403 	}
404 	return (ELF_READ_OKAY);
405 }
406 
407 /*
408  * process_shdr:	Read Section Headers to attempt to get HW/SW
409  *			capabilities by looking at the SUNW_cap
410  *			section and set string in Elf_Info.
411  *			Also look for symbol tables and debug
412  *			information sections. Set the "stripped" field
413  *			in Elf_Info with corresponding flags.
414  */
415 static int
416 process_shdr(Elf_Info *EI)
417 {
418 	int 		capn, mac;
419 	int 		i, j, idx;
420 	FILE_ELF_OFF_T	cap_off;
421 	FILE_ELF_SIZE_T	csize;
422 	char		*section_name;
423 	Elf_Cap 	Chdr;
424 	Elf_Shdr	*shdr = &EI_Shdr;
425 
426 
427 	csize = sizeof (Elf_Cap);
428 	mac = EI_Ehdr.e_machine;
429 
430 	/* if there are no sections, return success anyway */
431 	if (EI_Ehdr.e_shoff == 0 && EI_Ehdr_shnum == 0)
432 		return (ELF_READ_OKAY);
433 
434 	/* read section names from String Section */
435 	if (get_shdr(EI, EI_Ehdr_shstrndx) == ELF_READ_FAIL)
436 		return (ELF_READ_FAIL);
437 
438 	if ((section_name = malloc(shdr->sh_size)) == NULL)
439 		return (ELF_READ_FAIL);
440 
441 	if (pread64(EI->elffd, section_name, shdr->sh_size, shdr->sh_offset)
442 	    != shdr->sh_size)
443 		return (ELF_READ_FAIL);
444 
445 	/* read all the sections and process them */
446 	for (idx = 1, i = 0; i < EI_Ehdr_shnum; idx++, i++) {
447 		char *str;
448 
449 		if (get_shdr(EI, i) == ELF_READ_FAIL)
450 			return (ELF_READ_FAIL);
451 
452 		if (shdr->sh_type == SHT_NULL) {
453 			idx--;
454 			continue;
455 		}
456 
457 		cap_off = shdr->sh_offset;
458 		if (shdr->sh_type == SHT_SUNW_cap) {
459 			char capstr[128];
460 
461 			if (shdr->sh_size == 0 || shdr->sh_entsize == 0) {
462 				(void) fprintf(stderr, ELF_ERR_ELFCAP1,
463 				    File, EI->file);
464 				return (ELF_READ_FAIL);
465 			}
466 			capn = (shdr->sh_size / shdr->sh_entsize);
467 			for (j = 0; j < capn; j++) {
468 				/*
469 				 * read cap and xlate the values
470 				 */
471 				if (pread64(EI->elffd, &Chdr, csize, cap_off)
472 				    != csize ||
473 				    file_xlatetom(ELF_T_CAP, (char *)&Chdr)
474 				    == 0) {
475 					(void) fprintf(stderr, ELF_ERR_ELFCAP2,
476 					    File, EI->file);
477 					return (ELF_READ_FAIL);
478 				}
479 
480 				cap_off += csize;
481 
482 				/*
483 				 * Each capatibility group is terminated with
484 				 * CA_SUNW_NULL.  Groups other than the first
485 				 * represent symbol capabilities, and aren't
486 				 * interesting here.
487 				 */
488 				if (Chdr.c_tag == CA_SUNW_NULL)
489 					break;
490 
491 				(void) elfcap_tag_to_str(ELFCAP_STYLE_UC,
492 				    Chdr.c_tag, Chdr.c_un.c_val, capstr,
493 				    sizeof (capstr), ELFCAP_FMT_SNGSPACE,
494 				    mac);
495 
496 				if ((*EI->cap_str != '\0') && (*capstr != '\0'))
497 					(void) strlcat(EI->cap_str, " ",
498 					    sizeof (EI->cap_str));
499 
500 				(void) strlcat(EI->cap_str, capstr,
501 				    sizeof (EI->cap_str));
502 			}
503 		}
504 
505 		/*
506 		 * Definition time:
507 		 *	- "not stripped" means that an executable file
508 		 *	contains a Symbol Table (.symtab)
509 		 *	- "stripped" means that an executable file
510 		 *	does not contain a Symbol Table.
511 		 * When strip -l or strip -x is run, it strips the
512 		 * debugging information (.line section name (strip -l),
513 		 * .line, .debug*, .stabs*, .dwarf* section names
514 		 * and SHT_SUNW_DEBUGSTR and SHT_SUNW_DEBUG
515 		 * section types (strip -x), however the Symbol
516 		 * Table will still be present.
517 		 * Therefore, if
518 		 *	- No Symbol Table present, then report
519 		 *		"stripped"
520 		 *	- Symbol Table present with debugging
521 		 *	information (line number or debug section names,
522 		 *	or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section
523 		 *	types) then report:
524 		 *		"not stripped"
525 		 *	- Symbol Table present with no debugging
526 		 *	information (line number or debug section names,
527 		 *	or SHT_SUNW_DEBUGSTR or SHT_SUNW_DEBUG section
528 		 *	types) then report:
529 		 *		"not stripped, no debugging information
530 		 *		available"
531 		 */
532 		if ((EI->stripped & E_NOSTRIP) == E_NOSTRIP)
533 			continue;
534 
535 		if (!(EI->stripped & E_SYMTAB) &&
536 		    (shdr->sh_type == SHT_SYMTAB)) {
537 			EI->stripped |= E_SYMTAB;
538 			continue;
539 		}
540 
541 		str = &section_name[shdr->sh_name];
542 
543 		if (!(EI->stripped & E_DBGINF) &&
544 		    ((shdr->sh_type == SHT_SUNW_DEBUG) ||
545 		    (shdr->sh_type == SHT_SUNW_DEBUGSTR) ||
546 		    (is_in_list(str)))) {
547 			EI->stripped |= E_DBGINF;
548 		}
549 	}
550 	free(section_name);
551 
552 	return (ELF_READ_OKAY);
553 }
554