From 6818f32f74981d9bccec8afbab37c42b50ab58be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Thu, 4 Jul 2013 15:50:36 +0300 Subject: [RFC PATCH] elfload: load PIE executables to right address MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit PIE images are ET_DYN images. Check first for pinterp_name to make sure the main executable always is loaded to correct place. See below for current behaviour of PIE executables: Reserved 0x7f000000 bytes of guest address space host mmap_min_addr=0x1000 guest_base 0x7f7cb41d5000 start end size prot 0037f400-003fe400 0007f000 r-x 003fe400-003ff400 00001000 --- 003ff400-003fe400 fffff000 rw- 003fe400-003ff400 00001000 --- 003ff400-003ffc00 00000800 rw- 003ffc00-003fec00 fffff000 r-x 003fec00-003ffc00 00001000 --- 003ffc00-0007f000 ffc7f400 rw- start_brk 0x00000000 end_code 0x7eff7ac0 start_code 0x7eff7000 start_data 0x7efffac0 end_data 0x7efffc18 start_stack 0x7eff6dc8 brk 0x7efffc34 entry 0x7e799b30 00000000-00005000 ---p 00000000 00:00 0 00005000-00015000 rw-p 00000000 00:00 0 00015000-7e77d000 ---p 00000000 00:00 0 7e77d000-7e7ec000 r-xp 00000000 68:03 14326298 /lib/libc.so 7e7ec000-7e7f3000 ---p 00000000 00:00 0 7e7f3000-7e7f4000 rw-p 0006e000 68:03 14326298 /lib/libc.so 7e7f4000-7e7f6000 rw-p 00000000 00:00 0 7e7f6000-7e7f7000 ---p 00000000 00:00 0 7e7f7000-7eff7000 rw-p 00000000 00:00 0 7eff7000-7eff8000 r-xp 00000000 68:03 9731305 /usr/bin/brk 7eff8000-7efff000 ---p 00000000 00:00 0 7e7f7000-7eff7000 rw-p 00000000 00:00 0 [stack] Showing how the main binary got loaded to wrong place. Signed-off-by: Timo Teräs <timo.teras@iki.fi> --- I assume pinterp_name is only ever set for the main executable. Quick grep would indicate that this is indeed the case. linux-user/elfload.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/linux-user/elfload.c b/linux-user/elfload.c index ddef23e..d6e00cd 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -1660,7 +1660,12 @@ static void load_elf_image(const char *image_name, int image_fd, } load_addr = loaddr; - if (ehdr->e_type == ET_DYN) { + if (pinterp_name != NULL) { + /* This is the main executable. Make sure that the low + address does not conflict with MMAP_MIN_ADDR or the + QEMU application itself. */ + probe_guest_base(image_name, loaddr, hiaddr); + } else if (ehdr->e_type == ET_DYN) { /* The image indicates that it can be loaded anywhere. Find a location that can hold the memory space required. If the image is pre-linked, LOADDR will be non-zero. Since we do @@ -1672,11 +1677,6 @@ static void load_elf_image(const char *image_name, int image_fd, if (load_addr == -1) { goto exit_perror; } - } else if (pinterp_name != NULL) { - /* This is the main executable. Make sure that the low - address does not conflict with MMAP_MIN_ADDR or the - QEMU application itself. */ - probe_guest_base(image_name, loaddr, hiaddr); } load_bias = load_addr - loaddr; -- 1.8.3.2