Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 1 | /* |
| 2 | * elf header parsing. |
| 3 | * |
| 4 | * Copyright (C) 2013 Google, Inc. |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or modify |
| 7 | * it under the terms of the GNU General Public License as published by |
| 8 | * the Free Software Foundation; version 2 of the License. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License |
| 16 | * along with this program; if not, write to the Free Software |
| 17 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA, 02110-1301 USA |
| 18 | */ |
| 19 | |
| 20 | #include <stdio.h> |
| 21 | #include <stdlib.h> |
| 22 | #include <string.h> |
| 23 | |
Aaron Durbin | 54ef306 | 2014-03-05 12:12:09 -0600 | [diff] [blame] | 24 | #include "elfparsing.h" |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 25 | #include "common.h" |
| 26 | #include "cbfs.h" |
| 27 | |
| 28 | /* |
| 29 | * Short form: this is complicated, but we've tried making it simple |
| 30 | * and we keep hitting problems with our ELF parsing. |
| 31 | * |
| 32 | * The ELF parsing situation has always been a bit tricky. In fact, |
| 33 | * we (and most others) have been getting it wrong in small ways for |
| 34 | * years. Recently this has caused real trouble for the ARM V8 build. |
| 35 | * In this file we attempt to finally get it right for all variations |
| 36 | * of endian-ness and word size and target architectures and |
| 37 | * architectures we might get run on. Phew!. To do this we borrow a |
| 38 | * page from the FreeBSD NFS xdr model (see elf_ehdr and elf_phdr), |
| 39 | * the Plan 9 endianness functions (see xdr.c), and Go interfaces (see |
| 40 | * how we use buffer structs in this file). This ends up being a bit |
| 41 | * wordy at the lowest level, but greatly simplifies the elf parsing |
| 42 | * code and removes a common source of bugs, namely, forgetting to |
| 43 | * flip type endianness when referencing a struct member. |
| 44 | * |
| 45 | * ELF files can have four combinations of data layout: 32/64, and |
| 46 | * big/little endian. Further, to add to the fun, depending on the |
| 47 | * word size, the size of the ELF structs varies. The coreboot SELF |
| 48 | * format is simpler in theory: it's supposed to be always BE, and the |
| 49 | * various struct members allow room for growth: the entry point is |
| 50 | * always 64 bits, for example, so the size of a SELF struct is |
| 51 | * constant, regardless of target architecture word size. Hence, we |
| 52 | * need to do some transformation of the ELF files. |
| 53 | * |
| 54 | * A given architecture, realistically, only supports one of the four |
| 55 | * combinations at a time as the 'native' format. Hence, our code has |
| 56 | * been sprinkled with every variation of [nh]to[hn][sll] over the |
| 57 | * years. We've never quite gotten it all right, however, and a quick |
| 58 | * pass over this code revealed another bug. It's all worked because, |
| 59 | * until now, all the working platforms that had CBFS were 32 LE. Even then, |
| 60 | * however, bugs crept in: we recently realized that we're not |
| 61 | * transforming the entry point to big format when we store into the |
| 62 | * SELF image. |
| 63 | * |
| 64 | * The problem is essentially an XDR operation: |
| 65 | * we have something in a foreign format and need to transform it. |
| 66 | * It's most like XDR because: |
| 67 | * 1) the byte order can be wrong |
| 68 | * 2) the word size can be wrong |
| 69 | * 3) the size of elements in the stream depends on the value |
| 70 | * of other elements in the stream |
| 71 | * it's not like XDR because: |
| 72 | * 1) the byte order can be right |
| 73 | * 2) the word size can be right |
| 74 | * 3) the struct members are all on a natural alignment |
| 75 | * |
| 76 | * Hence, this new approach. To cover word size issues, we *always* |
| 77 | * transform the two structs we care about, the file header and |
| 78 | * program header, into a native struct in the 64 bit format: |
| 79 | * |
| 80 | * [32,little] -> [Elf64_Ehdr, Elf64_Phdr] |
| 81 | * [64,little] -> [Elf64_Ehdr, Elf64_Phdr] |
| 82 | * [32,big] -> [Elf64_Ehdr, Elf64_Phdr] |
| 83 | * [64,big] -> [Elf64_Ehdr, Elf64_Phdr] |
| 84 | * Then we just use those structs, and all the need for inline ntoh* goes away, |
| 85 | * as well as all the chances for error. |
| 86 | * This works because all the SELF structs have fields large enough for |
| 87 | * the largest ELF 64 struct members, and all the Elf64 struct members |
| 88 | * are at least large enough for all ELF 32 struct members. |
| 89 | * We end up with one function to do all our ELF parsing, and two functions |
| 90 | * to transform the headers. For the put case, we also have |
| 91 | * XDR functions, and hopefully we'll never again spend 5 years with the |
| 92 | * wrong endian-ness on an output value :-) |
| 93 | * This should work for all word sizes and endianness we hope to target. |
| 94 | * I *really* don't want to be here for 128 bit addresses. |
| 95 | * |
| 96 | * The parse functions are called with a pointer to an input buffer |
| 97 | * struct. One might ask: are there enough bytes in the input buffer? |
| 98 | * We know there need to be at *least* sizeof(Elf32_Ehdr) + |
| 99 | * sizeof(Elf32_Phdr) bytes. Realistically, there has to be some data |
| 100 | * too. If we start to worry, though we have not in the past, we |
| 101 | * might apply the simple test: the input buffer needs to be at least |
| 102 | * sizeof(Elf64_Ehdr) + sizeof(Elf64_Phdr) bytes because, even if it's |
| 103 | * ELF 32, there's got to be *some* data! This is not theoretically |
| 104 | * accurate but it is actually good enough in practice. It allows the |
| 105 | * header transformation code to ignore the possibility of underrun. |
| 106 | * |
| 107 | * We also must accomodate different ELF files, and hence formats, |
| 108 | * in the same cbfs invocation. We might load a 64-bit payload |
| 109 | * on a 32-bit machine; we might even have a mixed armv7/armv8 |
| 110 | * SOC or even a system with an x86/ARM! |
| 111 | * |
| 112 | * A possibly problematic (though unlikely to be so) assumption |
| 113 | * is that we expect the BIOS to remain in the lowest 32 bits |
| 114 | * of the physical address space. Since ARMV8 has standardized |
| 115 | * on that, and x86_64 also has, this seems a safe assumption. |
| 116 | * |
| 117 | * To repeat, ELF structs are different sizes because ELF struct |
| 118 | * members are different sizes, depending on values in the ELF file |
| 119 | * header. For this we use the functions defined in xdr.c, which |
| 120 | * consume bytes, convert the endianness, and advance the data pointer |
| 121 | * in the buffer struct. |
| 122 | */ |
| 123 | |
Aaron Durbin | aa8784c | 2014-03-05 12:01:36 -0600 | [diff] [blame] | 124 | |
| 125 | static int iself(const void *input) |
| 126 | { |
| 127 | const Elf32_Ehdr *ehdr = input; |
| 128 | return !memcmp(ehdr->e_ident, ELFMAG, 4); |
| 129 | } |
| 130 | |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 131 | /* Get the ident array, so we can figure out |
| 132 | * endian-ness, word size, and in future other useful |
| 133 | * parameters |
| 134 | */ |
| 135 | static void |
| 136 | elf_eident(struct buffer *input, Elf64_Ehdr *ehdr) |
| 137 | { |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 138 | bgets(input, ehdr->e_ident, sizeof(ehdr->e_ident)); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 139 | } |
| 140 | |
| 141 | |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 142 | static int |
| 143 | check_size(const struct buffer *b, size_t offset, size_t size, const char *desc) |
| 144 | { |
| 145 | if (size == 0) |
| 146 | return 0; |
| 147 | |
| 148 | if (offset >= buffer_size(b) || (offset + size) > buffer_size(b)) { |
| 149 | ERROR("The file is not large enough for the '%s'. " |
| 150 | "%ld bytes @ offset %zu, input %zu bytes.\n", |
| 151 | desc, size, offset, buffer_size(b)); |
| 152 | return -1; |
| 153 | } |
| 154 | return 0; |
| 155 | } |
| 156 | |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 157 | static void |
| 158 | elf_ehdr(struct buffer *input, Elf64_Ehdr *ehdr, struct xdr *xdr, int bit64) |
| 159 | { |
| 160 | ehdr->e_type = xdr->get16(input); |
| 161 | ehdr->e_machine = xdr->get16(input); |
| 162 | ehdr->e_version = xdr->get32(input); |
| 163 | if (bit64){ |
| 164 | ehdr->e_entry = xdr->get64(input); |
| 165 | ehdr->e_phoff = xdr->get64(input); |
| 166 | ehdr->e_shoff = xdr->get64(input); |
| 167 | } else { |
| 168 | ehdr->e_entry = xdr->get32(input); |
| 169 | ehdr->e_phoff = xdr->get32(input); |
| 170 | ehdr->e_shoff = xdr->get32(input); |
| 171 | } |
| 172 | ehdr->e_flags = xdr->get32(input); |
| 173 | ehdr->e_ehsize = xdr->get16(input); |
| 174 | ehdr->e_phentsize = xdr->get16(input); |
| 175 | ehdr->e_phnum = xdr->get16(input); |
| 176 | ehdr->e_shentsize = xdr->get16(input); |
| 177 | ehdr->e_shnum = xdr->get16(input); |
| 178 | ehdr->e_shstrndx = xdr->get16(input); |
| 179 | } |
| 180 | |
| 181 | static void |
| 182 | elf_phdr(struct buffer *pinput, Elf64_Phdr *phdr, |
| 183 | int entsize, struct xdr *xdr, int bit64) |
| 184 | { |
| 185 | /* |
| 186 | * The entsize need not be sizeof(*phdr). |
| 187 | * Hence, it is easier to keep a copy of the input, |
| 188 | * as the xdr functions may not advance the input |
| 189 | * pointer the full entsize; rather than get tricky |
| 190 | * we just advance it below. |
| 191 | */ |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 192 | struct buffer input; |
| 193 | buffer_clone(&input, pinput); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 194 | if (bit64){ |
| 195 | phdr->p_type = xdr->get32(&input); |
| 196 | phdr->p_flags = xdr->get32(&input); |
| 197 | phdr->p_offset = xdr->get64(&input); |
| 198 | phdr->p_vaddr = xdr->get64(&input); |
| 199 | phdr->p_paddr = xdr->get64(&input); |
| 200 | phdr->p_filesz = xdr->get64(&input); |
| 201 | phdr->p_memsz = xdr->get64(&input); |
| 202 | phdr->p_align = xdr->get64(&input); |
| 203 | } else { |
| 204 | phdr->p_type = xdr->get32(&input); |
| 205 | phdr->p_offset = xdr->get32(&input); |
| 206 | phdr->p_vaddr = xdr->get32(&input); |
| 207 | phdr->p_paddr = xdr->get32(&input); |
| 208 | phdr->p_filesz = xdr->get32(&input); |
| 209 | phdr->p_memsz = xdr->get32(&input); |
| 210 | phdr->p_flags = xdr->get32(&input); |
| 211 | phdr->p_align = xdr->get32(&input); |
| 212 | } |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 213 | buffer_seek(pinput, entsize); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 214 | } |
| 215 | |
| 216 | static void |
| 217 | elf_shdr(struct buffer *pinput, Elf64_Shdr *shdr, |
| 218 | int entsize, struct xdr *xdr, int bit64) |
| 219 | { |
| 220 | /* |
| 221 | * The entsize need not be sizeof(*shdr). |
| 222 | * Hence, it is easier to keep a copy of the input, |
| 223 | * as the xdr functions may not advance the input |
| 224 | * pointer the full entsize; rather than get tricky |
| 225 | * we just advance it below. |
| 226 | */ |
| 227 | struct buffer input = *pinput; |
| 228 | if (bit64){ |
| 229 | shdr->sh_name = xdr->get32(&input); |
| 230 | shdr->sh_type = xdr->get32(&input); |
| 231 | shdr->sh_flags = xdr->get64(&input); |
| 232 | shdr->sh_addr = xdr->get64(&input); |
| 233 | shdr->sh_offset = xdr->get64(&input); |
| 234 | shdr->sh_size= xdr->get64(&input); |
| 235 | shdr->sh_link = xdr->get32(&input); |
| 236 | shdr->sh_info = xdr->get32(&input); |
| 237 | shdr->sh_addralign = xdr->get64(&input); |
| 238 | shdr->sh_entsize = xdr->get64(&input); |
| 239 | } else { |
| 240 | shdr->sh_name = xdr->get32(&input); |
| 241 | shdr->sh_type = xdr->get32(&input); |
| 242 | shdr->sh_flags = xdr->get32(&input); |
| 243 | shdr->sh_addr = xdr->get32(&input); |
| 244 | shdr->sh_offset = xdr->get32(&input); |
| 245 | shdr->sh_size = xdr->get32(&input); |
| 246 | shdr->sh_link = xdr->get32(&input); |
| 247 | shdr->sh_info = xdr->get32(&input); |
| 248 | shdr->sh_addralign = xdr->get32(&input); |
| 249 | shdr->sh_entsize = xdr->get32(&input); |
| 250 | } |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 251 | buffer_seek(pinput, entsize); |
| 252 | } |
| 253 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 254 | static int |
| 255 | phdr_read(const struct buffer *in, struct parsed_elf *pelf, |
| 256 | struct xdr *xdr, int bit64) |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 257 | { |
| 258 | struct buffer b; |
| 259 | Elf64_Phdr *phdr; |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 260 | Elf64_Ehdr *ehdr; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 261 | int i; |
| 262 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 263 | ehdr = &pelf->ehdr; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 264 | /* cons up an input buffer for the headers. |
| 265 | * Note that the program headers can be anywhere, |
| 266 | * per the ELF spec, You'd be surprised how many ELF |
| 267 | * readers miss this little detail. |
| 268 | */ |
| 269 | buffer_splice(&b, in, ehdr->e_phoff, ehdr->e_phentsize * ehdr->e_phnum); |
| 270 | if (check_size(in, ehdr->e_phoff, buffer_size(&b), "program headers")) |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 271 | return -1; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 272 | |
| 273 | /* gather up all the phdrs. |
| 274 | * We do them all at once because there is more |
| 275 | * than one loop over all the phdrs. |
| 276 | */ |
Aaron Durbin | b1b5118 | 2014-03-05 14:54:13 -0600 | [diff] [blame] | 277 | phdr = calloc(ehdr->e_phnum, sizeof(*phdr)); |
Aaron Durbin | a31ff73 | 2014-03-07 15:23:05 -0600 | [diff] [blame] | 278 | for (i = 0; i < ehdr->e_phnum; i++) { |
| 279 | DEBUG("Parsing segment %d\n", i); |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 280 | elf_phdr(&b, &phdr[i], ehdr->e_phentsize, xdr, bit64); |
| 281 | |
Aaron Durbin | a31ff73 | 2014-03-07 15:23:05 -0600 | [diff] [blame] | 282 | /* Ensure the contents are valid within the elf file. */ |
| 283 | if (check_size(in, phdr[i].p_offset, phdr[i].p_filesz, |
| 284 | "segment contents")) |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 285 | return -1; |
Aaron Durbin | a31ff73 | 2014-03-07 15:23:05 -0600 | [diff] [blame] | 286 | } |
| 287 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 288 | pelf->phdr = phdr; |
| 289 | |
| 290 | return 0; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 291 | } |
| 292 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 293 | static int |
| 294 | shdr_read(const struct buffer *in, struct parsed_elf *pelf, |
| 295 | struct xdr *xdr, int bit64) |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 296 | { |
| 297 | struct buffer b; |
| 298 | Elf64_Shdr *shdr; |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 299 | Elf64_Ehdr *ehdr; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 300 | int i; |
| 301 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 302 | ehdr = &pelf->ehdr; |
| 303 | |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 304 | /* cons up an input buffer for the section headers. |
| 305 | * Note that the section headers can be anywhere, |
| 306 | * per the ELF spec, You'd be surprised how many ELF |
| 307 | * readers miss this little detail. |
| 308 | */ |
| 309 | buffer_splice(&b, in, ehdr->e_shoff, ehdr->e_shentsize * ehdr->e_shnum); |
| 310 | if (check_size(in, ehdr->e_shoff, buffer_size(&b), "section headers")) |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 311 | return -1; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 312 | |
| 313 | /* gather up all the shdrs. */ |
Aaron Durbin | b1b5118 | 2014-03-05 14:54:13 -0600 | [diff] [blame] | 314 | shdr = calloc(ehdr->e_shnum, sizeof(*shdr)); |
Aaron Durbin | a31ff73 | 2014-03-07 15:23:05 -0600 | [diff] [blame] | 315 | for (i = 0; i < ehdr->e_shnum; i++) { |
| 316 | DEBUG("Parsing section %d\n", i); |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 317 | elf_shdr(&b, &shdr[i], ehdr->e_shentsize, xdr, bit64); |
Aaron Durbin | a31ff73 | 2014-03-07 15:23:05 -0600 | [diff] [blame] | 318 | } |
| 319 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 320 | pelf->shdr = shdr; |
| 321 | |
| 322 | return 0; |
| 323 | } |
| 324 | |
Aaron Durbin | ccb5ad8 | 2014-03-05 13:57:30 -0600 | [diff] [blame] | 325 | static int |
| 326 | reloc_read(const struct buffer *in, struct parsed_elf *pelf, |
| 327 | struct xdr *xdr, int bit64) |
| 328 | { |
| 329 | struct buffer b; |
| 330 | Elf64_Word i; |
| 331 | Elf64_Ehdr *ehdr; |
| 332 | |
| 333 | ehdr = &pelf->ehdr; |
| 334 | pelf->relocs = calloc(ehdr->e_shnum, sizeof(Elf64_Rela *)); |
| 335 | |
| 336 | /* Allocate array for each section that contains relocation entries. */ |
| 337 | for (i = 0; i < ehdr->e_shnum; i++) { |
| 338 | Elf64_Shdr *shdr; |
| 339 | Elf64_Rela *rela; |
| 340 | Elf64_Xword j; |
| 341 | Elf64_Xword nrelocs; |
| 342 | int is_rela; |
| 343 | |
| 344 | shdr = &pelf->shdr[i]; |
| 345 | |
| 346 | /* Only process REL and RELA sections. */ |
| 347 | if (shdr->sh_type != SHT_REL && shdr->sh_type != SHT_RELA) |
| 348 | continue; |
| 349 | |
| 350 | DEBUG("Checking relocation section %u\n", i); |
| 351 | |
| 352 | /* Ensure the section that relocations apply is a valid. */ |
| 353 | if (shdr->sh_info >= ehdr->e_shnum || |
| 354 | shdr->sh_info == SHN_UNDEF) { |
| 355 | ERROR("Relocations apply to an invalid section: %u\n", |
| 356 | shdr[i].sh_info); |
| 357 | return -1; |
| 358 | } |
| 359 | |
| 360 | is_rela = shdr->sh_type == SHT_RELA; |
| 361 | |
| 362 | /* Determine the number relocations in this section. */ |
| 363 | nrelocs = shdr->sh_size / shdr->sh_entsize; |
| 364 | |
| 365 | pelf->relocs[i] = calloc(nrelocs, sizeof(Elf64_Rela)); |
| 366 | |
| 367 | buffer_splice(&b, in, shdr->sh_offset, shdr->sh_size); |
| 368 | if (check_size(in, shdr->sh_offset, buffer_size(&b), |
| 369 | "relocation section")) { |
| 370 | ERROR("Relocation section %u failed.\n", i); |
| 371 | return -1; |
| 372 | } |
| 373 | |
| 374 | rela = pelf->relocs[i]; |
| 375 | for (j = 0; j < nrelocs; j++) { |
| 376 | if (bit64) { |
| 377 | rela->r_offset = xdr->get64(&b); |
| 378 | rela->r_info = xdr->get64(&b); |
| 379 | if (is_rela) |
| 380 | rela->r_addend = xdr->get64(&b); |
| 381 | } else { |
| 382 | uint32_t r_info; |
| 383 | |
| 384 | rela->r_offset = xdr->get32(&b); |
| 385 | r_info = xdr->get32(&b); |
| 386 | rela->r_info = ELF64_R_INFO(ELF32_R_SYM(r_info), |
| 387 | ELF32_R_TYPE(r_info)); |
| 388 | if (is_rela) |
| 389 | rela->r_addend = xdr->get32(&b); |
| 390 | } |
| 391 | rela++; |
| 392 | } |
| 393 | } |
| 394 | |
| 395 | return 0; |
| 396 | } |
| 397 | |
Aaron Durbin | c3e6e14 | 2014-03-05 14:33:42 -0600 | [diff] [blame] | 398 | static int strtab_read(const struct buffer *in, struct parsed_elf *pelf) |
| 399 | { |
| 400 | Elf64_Ehdr *ehdr; |
| 401 | Elf64_Word i; |
| 402 | |
| 403 | ehdr = &pelf->ehdr; |
| 404 | |
| 405 | if (ehdr->e_shstrndx >= ehdr->e_shnum) { |
| 406 | ERROR("Section header string table index out of range: %d\n", |
| 407 | ehdr->e_shstrndx); |
| 408 | return -1; |
| 409 | } |
| 410 | |
| 411 | /* For each section of type SHT_STRTAB create a symtab buffer. */ |
| 412 | pelf->strtabs = calloc(ehdr->e_shnum, sizeof(struct buffer *)); |
| 413 | |
| 414 | for (i = 0; i < ehdr->e_shnum; i++) { |
| 415 | struct buffer *b; |
| 416 | Elf64_Shdr *shdr = &pelf->shdr[i]; |
| 417 | |
| 418 | if (shdr->sh_type != SHT_STRTAB) |
| 419 | continue; |
| 420 | |
| 421 | b = calloc(1, sizeof(*b)); |
| 422 | buffer_splice(b, in, shdr->sh_offset, shdr->sh_size); |
| 423 | if (check_size(in, shdr->sh_offset, buffer_size(b), "strtab")) { |
| 424 | ERROR("STRTAB section not within bounds: %d\n", i); |
| 425 | return -1; |
| 426 | } |
| 427 | pelf->strtabs[i] = b; |
| 428 | } |
| 429 | |
| 430 | return 0; |
| 431 | } |
| 432 | |
Aaron Durbin | c078094 | 2014-03-05 16:41:27 -0600 | [diff] [blame^] | 433 | static int |
| 434 | symtab_read(const struct buffer *in, struct parsed_elf *pelf, |
| 435 | struct xdr *xdr, int bit64) |
| 436 | { |
| 437 | Elf64_Ehdr *ehdr; |
| 438 | Elf64_Shdr *shdr; |
| 439 | Elf64_Half i; |
| 440 | Elf64_Xword nsyms; |
| 441 | Elf64_Sym *sym; |
| 442 | struct buffer b; |
| 443 | |
| 444 | ehdr = &pelf->ehdr; |
| 445 | |
| 446 | shdr = NULL; |
| 447 | for (i = 0; i < ehdr->e_shnum; i++) { |
| 448 | if (pelf->shdr[i].sh_type != SHT_SYMTAB) |
| 449 | continue; |
| 450 | |
| 451 | if (shdr != NULL) { |
| 452 | ERROR("Multiple symbol sections found. %u and %u\n", |
| 453 | (unsigned int)(shdr - pelf->shdr), i); |
| 454 | return -1; |
| 455 | } |
| 456 | |
| 457 | shdr = &pelf->shdr[i]; |
| 458 | } |
| 459 | |
| 460 | if (shdr == NULL) { |
| 461 | ERROR("No symbol table found.\n"); |
| 462 | return -1; |
| 463 | } |
| 464 | |
| 465 | buffer_splice(&b, in, shdr->sh_offset, shdr->sh_size); |
| 466 | if (check_size(in, shdr->sh_offset, buffer_size(&b), "symtab")) |
| 467 | return -1; |
| 468 | |
| 469 | nsyms = shdr->sh_size / shdr->sh_entsize; |
| 470 | |
| 471 | pelf->syms = calloc(nsyms, sizeof(Elf64_Sym)); |
| 472 | |
| 473 | for (i = 0; i < nsyms; i++) { |
| 474 | sym = &pelf->syms[i]; |
| 475 | |
| 476 | if (bit64) { |
| 477 | sym->st_name = xdr->get32(&b); |
| 478 | sym->st_info = xdr->get8(&b); |
| 479 | sym->st_other = xdr->get8(&b); |
| 480 | sym->st_shndx = xdr->get16(&b); |
| 481 | sym->st_value = xdr->get64(&b); |
| 482 | sym->st_size = xdr->get64(&b); |
| 483 | } else { |
| 484 | sym->st_name = xdr->get32(&b); |
| 485 | sym->st_value = xdr->get32(&b); |
| 486 | sym->st_size = xdr->get32(&b); |
| 487 | sym->st_info = xdr->get8(&b); |
| 488 | sym->st_other = xdr->get8(&b); |
| 489 | sym->st_shndx = xdr->get16(&b); |
| 490 | } |
| 491 | } |
| 492 | |
| 493 | return 0; |
| 494 | } |
| 495 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 496 | int parse_elf(const struct buffer *pinput, struct parsed_elf *pelf, int flags) |
| 497 | { |
| 498 | struct xdr *xdr = &xdr_le; |
| 499 | int bit64 = 0; |
| 500 | struct buffer input; |
| 501 | Elf64_Ehdr *ehdr; |
| 502 | |
| 503 | /* Zero out the parsed elf structure. */ |
| 504 | memset(pelf, 0, sizeof(*pelf)); |
| 505 | |
| 506 | if (!iself(buffer_get(pinput))) { |
| 507 | ERROR("The stage file is not in ELF format!\n"); |
| 508 | return -1; |
| 509 | } |
| 510 | |
| 511 | buffer_clone(&input, pinput); |
| 512 | ehdr = &pelf->ehdr; |
| 513 | elf_eident(&input, ehdr); |
| 514 | bit64 = ehdr->e_ident[EI_CLASS] == ELFCLASS64; |
| 515 | /* Assume LE unless we are sure otherwise. |
| 516 | * We're not going to take on the task of |
| 517 | * fully validating the ELF file. That way |
| 518 | * lies madness. |
| 519 | */ |
| 520 | if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) |
| 521 | xdr = &xdr_be; |
| 522 | |
| 523 | elf_ehdr(&input, ehdr, xdr, bit64); |
| 524 | |
Aaron Durbin | ccb5ad8 | 2014-03-05 13:57:30 -0600 | [diff] [blame] | 525 | /* Relocation processing requires section header parsing. */ |
| 526 | if (flags & ELF_PARSE_RELOC) |
| 527 | flags |= ELF_PARSE_SHDR; |
| 528 | |
Aaron Durbin | c3e6e14 | 2014-03-05 14:33:42 -0600 | [diff] [blame] | 529 | /* String table processing requires section header parsing. */ |
| 530 | if (flags & ELF_PARSE_STRTAB) |
| 531 | flags |= ELF_PARSE_SHDR; |
| 532 | |
Aaron Durbin | c078094 | 2014-03-05 16:41:27 -0600 | [diff] [blame^] | 533 | /* Symbole table processing requires section header parsing. */ |
| 534 | if (flags & ELF_PARSE_SYMTAB) |
| 535 | flags |= ELF_PARSE_SHDR; |
| 536 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 537 | if ((flags & ELF_PARSE_PHDR) && phdr_read(pinput, pelf, xdr, bit64)) |
| 538 | goto fail; |
| 539 | |
| 540 | if ((flags & ELF_PARSE_SHDR) && shdr_read(pinput, pelf, xdr, bit64)) |
| 541 | goto fail; |
| 542 | |
Aaron Durbin | ccb5ad8 | 2014-03-05 13:57:30 -0600 | [diff] [blame] | 543 | if ((flags & ELF_PARSE_RELOC) && reloc_read(pinput, pelf, xdr, bit64)) |
| 544 | goto fail; |
| 545 | |
Aaron Durbin | c3e6e14 | 2014-03-05 14:33:42 -0600 | [diff] [blame] | 546 | if ((flags & ELF_PARSE_STRTAB) && strtab_read(pinput, pelf)) |
| 547 | goto fail; |
| 548 | |
Aaron Durbin | c078094 | 2014-03-05 16:41:27 -0600 | [diff] [blame^] | 549 | if ((flags & ELF_PARSE_SYMTAB) && symtab_read(pinput, pelf, xdr, bit64)) |
| 550 | goto fail; |
| 551 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 552 | return 0; |
| 553 | |
| 554 | fail: |
| 555 | parsed_elf_destroy(pelf); |
| 556 | return -1; |
| 557 | } |
| 558 | |
| 559 | void parsed_elf_destroy(struct parsed_elf *pelf) |
| 560 | { |
Aaron Durbin | c3e6e14 | 2014-03-05 14:33:42 -0600 | [diff] [blame] | 561 | Elf64_Half i; |
| 562 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 563 | free(pelf->phdr); |
| 564 | free(pelf->shdr); |
Aaron Durbin | ccb5ad8 | 2014-03-05 13:57:30 -0600 | [diff] [blame] | 565 | if (pelf->relocs != NULL) { |
Aaron Durbin | ccb5ad8 | 2014-03-05 13:57:30 -0600 | [diff] [blame] | 566 | for (i = 0; i < pelf->ehdr.e_shnum; i++) |
| 567 | free(pelf->relocs[i]); |
| 568 | } |
| 569 | free(pelf->relocs); |
Aaron Durbin | c3e6e14 | 2014-03-05 14:33:42 -0600 | [diff] [blame] | 570 | |
| 571 | if (pelf->strtabs != NULL) { |
| 572 | for (i = 0; i < pelf->ehdr.e_shnum; i++) |
| 573 | free(pelf->strtabs[i]); |
| 574 | } |
| 575 | free(pelf->strtabs); |
Aaron Durbin | c078094 | 2014-03-05 16:41:27 -0600 | [diff] [blame^] | 576 | free(pelf->syms); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 577 | } |
| 578 | |
| 579 | /* Get the headers from the buffer. |
| 580 | * Return -1 in the event of an error. |
| 581 | * The section headers are optional; if NULL |
| 582 | * is passed in for pshdr they won't be parsed. |
| 583 | * We don't (yet) make payload parsing optional |
| 584 | * because we've never seen a use case. |
| 585 | */ |
| 586 | int |
| 587 | elf_headers(const struct buffer *pinput, |
Alexandru Gagniuc | 35850ae | 2014-02-02 22:37:28 -0600 | [diff] [blame] | 588 | uint32_t arch, |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 589 | Elf64_Ehdr *ehdr, |
| 590 | Elf64_Phdr **pphdr, |
| 591 | Elf64_Shdr **pshdr) |
| 592 | { |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 593 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 594 | struct parsed_elf pelf; |
| 595 | int flags; |
Aaron Durbin | a983cea | 2014-03-04 22:08:05 -0600 | [diff] [blame] | 596 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 597 | flags = ELF_PARSE_PHDR; |
| 598 | |
| 599 | if (pshdr != NULL) |
| 600 | flags |= ELF_PARSE_SHDR; |
| 601 | |
| 602 | if (parse_elf(pinput, &pelf, flags)) |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 603 | return -1; |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 604 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 605 | /* Copy out the parsed elf header. */ |
| 606 | memcpy(ehdr, &pelf.ehdr, sizeof(*ehdr)); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 607 | |
| 608 | // The tool may work in architecture-independent way. |
| 609 | if (arch != CBFS_ARCHITECTURE_UNKNOWN && |
| 610 | !((ehdr->e_machine == EM_ARM) && (arch == CBFS_ARCHITECTURE_ARMV7)) && |
| 611 | !((ehdr->e_machine == EM_386) && (arch == CBFS_ARCHITECTURE_X86))) { |
| 612 | ERROR("The stage file has the wrong architecture\n"); |
| 613 | return -1; |
| 614 | } |
| 615 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 616 | *pphdr = calloc(ehdr->e_phnum, sizeof(Elf64_Phdr)); |
| 617 | memcpy(*pphdr, pelf.phdr, ehdr->e_phnum * sizeof(Elf64_Phdr)); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 618 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 619 | if (pshdr != NULL) { |
| 620 | *pshdr = calloc(ehdr->e_shnum, sizeof(Elf64_Shdr)); |
| 621 | memcpy(*pshdr, pelf.shdr, ehdr->e_shnum * sizeof(Elf64_Shdr)); |
| 622 | } |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 623 | |
Aaron Durbin | d0f6165 | 2014-03-05 13:09:55 -0600 | [diff] [blame] | 624 | parsed_elf_destroy(&pelf); |
Ronald G. Minnich | a8a133d | 2013-12-30 13:16:18 -0800 | [diff] [blame] | 625 | |
| 626 | return 0; |
| 627 | } |