static void
add(int fd, const char *name)
{
LIST *p;
cap_rights_t rights;
if (fd == STDOUT_FILENO) {
if (caph_limit_stdout() == -1)
err(EXIT_FAILURE, "unable to limit stdout");
} else {
cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT);
if (caph_rights_limit(fd, &rights) < 0)
err(EXIT_FAILURE, "unable to limit rights");
}
if ((p = malloc(sizeof(LIST))) == NULL)
err(1, "malloc");
p->fd = fd;
p->name = name;
p->next = head;
head = p;
}
int
main(int ac, char **av)
{
cap_rights_t rights;
u_int64_t phoff;
u_int64_t shoff;
u_int64_t phentsize;
u_int64_t phnum;
u_int64_t shentsize;
u_int64_t shnum;
u_int64_t shstrndx;
u_int64_t offset;
u_int64_t name;
u_int64_t type;
struct stat sb;
u_int flags;
Elf32_Ehdr *e;
void *p;
void *sh;
void *v;
int fd;
int ch;
int i;
out = stdout;
flags = 0;
while ((ch = getopt(ac, av, "acdeiGhnprsw:")) != -1)
switch (ch) {
case 'a':
flags = ED_ALL;
break;
case 'c':
flags |= ED_SHDR;
break;
case 'd':
flags |= ED_DYN;
break;
case 'e':
flags |= ED_EHDR;
break;
case 'i':
flags |= ED_INTERP;
break;
case 'G':
flags |= ED_GOT;
break;
case 'h':
flags |= ED_HASH;
break;
case 'n':
flags |= ED_NOTE;
break;
case 'p':
flags |= ED_PHDR;
break;
case 'r':
flags |= ED_REL;
break;
case 's':
flags |= ED_SYMTAB;
break;
case 'w':
if ((out = fopen(optarg, "w")) == NULL)
err(1, "%s", optarg);
cap_rights_init(&rights, CAP_FSTAT, CAP_WRITE);
if (cap_rights_limit(fileno(out), &rights) < 0 && errno != ENOSYS)
err(1, "unable to limit rights for %s", optarg);
break;
case '?':
default:
usage();
}
ac -= optind;
av += optind;
if (ac == 0 || flags == 0)
usage();
if ((fd = open(*av, O_RDONLY)) < 0 ||
fstat(fd, &sb) < 0)
err(1, "%s", *av);
cap_rights_init(&rights, CAP_MMAP_R);
if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS)
err(1, "unable to limit rights for %s", *av);
cap_rights_init(&rights);
if ((cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) ||
caph_limit_stdout() < 0 || caph_limit_stderr() < 0) {
err(1, "unable to limit rights for stdio");
}
if (cap_enter() < 0 && errno != ENOSYS)
err(1, "unable to enter capability mode");
e = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (e == MAP_FAILED)
err(1, NULL);
if (!IS_ELF(*(Elf32_Ehdr *)e))
errx(1, "not an elf file");
phoff = elf_get_off(e, e, E_PHOFF);
shoff = elf_get_off(e, e, E_SHOFF);
phentsize = elf_get_quarter(e, e, E_PHENTSIZE);
phnum = elf_get_quarter(e, e, E_PHNUM);
shentsize = elf_get_quarter(e, e, E_SHENTSIZE);
p = (char *)e + phoff;
if (shoff > 0) {
sh = (char *)e + shoff;
shnum = elf_get_shnum(e, sh);
shstrndx = elf_get_shstrndx(e, sh);
offset = elf_get_off(e, (char *)sh + shstrndx * shentsize,
SH_OFFSET);
shstrtab = (char *)e + offset;
} else {
sh = NULL;
shnum = 0;
shstrndx = 0;
shstrtab = NULL;
}
for (i = 0; (u_int64_t)i < shnum; i++) {
name = elf_get_word(e, (char *)sh + i * shentsize, SH_NAME);
offset = elf_get_off(e, (char *)sh + i * shentsize, SH_OFFSET);
if (strcmp(shstrtab + name, ".strtab") == 0)
strtab = (char *)e + offset;
if (strcmp(shstrtab + name, ".dynstr") == 0)
dynstr = (char *)e + offset;
}
if (flags & ED_EHDR)
elf_print_ehdr(e, sh);
if (flags & ED_PHDR)
elf_print_phdr(e, p);
if (flags & ED_SHDR)
elf_print_shdr(e, sh);
for (i = 0; (u_int64_t)i < phnum; i++) {
v = (char *)p + i * phentsize;
type = elf_get_word(e, v, P_TYPE);
switch (type) {
case PT_INTERP:
if (flags & ED_INTERP)
elf_print_interp(e, v);
break;
case PT_NULL:
case PT_LOAD:
case PT_DYNAMIC:
case PT_NOTE:
case PT_SHLIB:
case PT_PHDR:
break;
}
}
for (i = 0; (u_int64_t)i < shnum; i++) {
v = (char *)sh + i * shentsize;
type = elf_get_word(e, v, SH_TYPE);
switch (type) {
case SHT_SYMTAB:
if (flags & ED_SYMTAB)
elf_print_symtab(e, v, strtab);
break;
case SHT_DYNAMIC:
if (flags & ED_DYN)
elf_print_dynamic(e, v);
break;
case SHT_RELA:
if (flags & ED_REL)
elf_print_rela(e, v);
break;
case SHT_REL:
if (flags & ED_REL)
elf_print_rel(e, v);
break;
case SHT_NOTE:
name = elf_get_word(e, v, SH_NAME);
if (flags & ED_NOTE &&
strcmp(shstrtab + name, ".note.ABI-tag") == 0)
elf_print_note(e, v);
break;
case SHT_DYNSYM:
if (flags & ED_SYMTAB)
elf_print_symtab(e, v, dynstr);
break;
case SHT_PROGBITS:
name = elf_get_word(e, v, SH_NAME);
if (flags & ED_GOT &&
strcmp(shstrtab + name, ".got") == 0)
elf_print_got(e, v);
break;
case SHT_HASH:
if (flags & ED_HASH)
elf_print_hash(e, v);
break;
case SHT_NULL:
case SHT_STRTAB:
case SHT_NOBITS:
case SHT_SHLIB:
break;
}
}
return 0;
}
int
main(int argc, char *argv[])
{
struct stat sb1, sb2;
off_t skip1, skip2;
int ch, fd1, fd2, oflag, special;
const char *file1, *file2;
cap_rights_t rights;
uint32_t fcntls;
oflag = O_RDONLY;
while ((ch = getopt(argc, argv, "hlsxz")) != -1)
switch (ch) {
case 'h': /* Don't follow symlinks */
oflag |= O_NOFOLLOW;
break;
case 'l': /* print all differences */
lflag = 1;
break;
case 's': /* silent run */
sflag = 1;
zflag = 1;
break;
case 'x': /* hex output */
lflag = 1;
xflag = 1;
break;
case 'z': /* compare size first */
zflag = 1;
break;
case '?':
default:
usage();
}
argv += optind;
argc -= optind;
if (lflag && sflag)
errx(ERR_EXIT, "specifying -s with -l or -x is not permitted");
if (argc < 2 || argc > 4)
usage();
/* Backward compatibility -- handle "-" meaning stdin. */
special = 0;
if (strcmp(file1 = argv[0], "-") == 0) {
special = 1;
fd1 = 0;
file1 = "stdin";
}
else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) {
if (!sflag)
err(ERR_EXIT, "%s", file1);
else
exit(ERR_EXIT);
}
if (strcmp(file2 = argv[1], "-") == 0) {
if (special)
errx(ERR_EXIT,
"standard input may only be specified once");
special = 1;
fd2 = 0;
file2 = "stdin";
}
else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) {
if (!sflag)
err(ERR_EXIT, "%s", file2);
else
exit(ERR_EXIT);
}
skip1 = argc > 2 ? strtol(argv[2], NULL, 0) : 0;
skip2 = argc == 4 ? strtol(argv[3], NULL, 0) : 0;
if (fd1 == -1) {
if (fd2 == -1) {
c_link(file1, skip1, file2, skip2);
exit(0);
} else if (!sflag)
errx(ERR_EXIT, "%s: Not a symbolic link", file2);
else
exit(ERR_EXIT);
} else if (fd2 == -1) {
if (!sflag)
errx(ERR_EXIT, "%s: Not a symbolic link", file1);
else
exit(ERR_EXIT);
}
cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, CAP_MMAP_R);
if (cap_rights_limit(fd1, &rights) < 0 && errno != ENOSYS)
err(ERR_EXIT, "unable to limit rights for %s", file1);
if (cap_rights_limit(fd2, &rights) < 0 && errno != ENOSYS)
err(ERR_EXIT, "unable to limit rights for %s", file2);
/* Required for fdopen(3). */
fcntls = CAP_FCNTL_GETFL;
if (cap_fcntls_limit(fd1, fcntls) < 0 && errno != ENOSYS)
err(ERR_EXIT, "unable to limit fcntls for %s", file1);
if (cap_fcntls_limit(fd2, fcntls) < 0 && errno != ENOSYS)
err(ERR_EXIT, "unable to limit fcntls for %s", file2);
if (!special) {
cap_rights_init(&rights);
if (cap_rights_limit(STDIN_FILENO, &rights) < 0 &&
errno != ENOSYS) {
err(ERR_EXIT, "unable to limit stdio");
}
}
if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1)
err(ERR_EXIT, "unable to limit stdio");
caph_cache_catpages();
if (cap_enter() < 0 && errno != ENOSYS)
err(ERR_EXIT, "unable to enter capability mode");
if (!special) {
if (fstat(fd1, &sb1)) {
if (!sflag)
err(ERR_EXIT, "%s", file1);
else
exit(ERR_EXIT);
}
if (!S_ISREG(sb1.st_mode))
special = 1;
else {
if (fstat(fd2, &sb2)) {
if (!sflag)
err(ERR_EXIT, "%s", file2);
else
exit(ERR_EXIT);
}
if (!S_ISREG(sb2.st_mode))
special = 1;
}
}
if (special)
c_special(fd1, file1, skip1, fd2, file2, skip2);
else {
if (zflag && sb1.st_size != sb2.st_size) {
if (!sflag)
(void) printf("%s %s differ: size\n",
file1, file2);
exit(DIFF_EXIT);
}
c_regular(fd1, file1, skip1, sb1.st_size,
fd2, file2, skip2, sb2.st_size);
}
exit(0);
}
int
main(int argc, char *argv[])
{
int c, error, dbg_port, gdb_port, err, bvmcons;
int max_vcpus, mptgen, memflags;
int rtc_localtime;
bool gdb_stop;
struct vmctx *ctx;
uint64_t rip;
size_t memsize;
char *optstr;
bvmcons = 0;
progname = basename(argv[0]);
dbg_port = 0;
gdb_port = 0;
gdb_stop = false;
guest_ncpus = 1;
sockets = cores = threads = 1;
maxcpus = 0;
memsize = 256 * MB;
mptgen = 1;
rtc_localtime = 1;
memflags = 0;
optstr = "abehuwxACHIPSWYp:g:G:c:s:m:l:U:";
while ((c = getopt(argc, argv, optstr)) != -1) {
switch (c) {
case 'a':
x2apic_mode = 0;
break;
case 'A':
acpi = 1;
break;
case 'b':
bvmcons = 1;
break;
case 'p':
if (pincpu_parse(optarg) != 0) {
errx(EX_USAGE, "invalid vcpu pinning "
"configuration '%s'", optarg);
}
break;
case 'c':
if (topology_parse(optarg) != 0) {
errx(EX_USAGE, "invalid cpu topology "
"'%s'", optarg);
}
break;
case 'C':
memflags |= VM_MEM_F_INCORE;
break;
case 'g':
dbg_port = atoi(optarg);
break;
case 'G':
if (optarg[0] == 'w') {
gdb_stop = true;
optarg++;
}
gdb_port = atoi(optarg);
break;
case 'l':
if (lpc_device_parse(optarg) != 0) {
errx(EX_USAGE, "invalid lpc device "
"configuration '%s'", optarg);
}
break;
case 's':
if (pci_parse_slot(optarg) != 0)
exit(1);
else
break;
case 'S':
memflags |= VM_MEM_F_WIRED;
break;
case 'm':
error = vm_parse_memsize(optarg, &memsize);
if (error)
errx(EX_USAGE, "invalid memsize '%s'", optarg);
break;
case 'H':
guest_vmexit_on_hlt = 1;
break;
case 'I':
/*
* The "-I" option was used to add an ioapic to the
* virtual machine.
*
* An ioapic is now provided unconditionally for each
* virtual machine and this option is now deprecated.
*/
break;
case 'P':
guest_vmexit_on_pause = 1;
break;
case 'e':
strictio = 1;
break;
case 'u':
rtc_localtime = 0;
break;
case 'U':
guest_uuid_str = optarg;
break;
case 'w':
strictmsr = 0;
break;
case 'W':
virtio_msix = 0;
break;
case 'x':
x2apic_mode = 1;
break;
case 'Y':
mptgen = 0;
break;
case 'h':
usage(0);
default:
usage(1);
}
}
argc -= optind;
argv += optind;
if (argc != 1)
usage(1);
vmname = argv[0];
ctx = do_open(vmname);
max_vcpus = num_vcpus_allowed(ctx);
if (guest_ncpus > max_vcpus) {
fprintf(stderr, "%d vCPUs requested but only %d available\n",
guest_ncpus, max_vcpus);
exit(1);
}
fbsdrun_set_capabilities(ctx, BSP);
vm_set_memflags(ctx, memflags);
err = vm_setup_memory(ctx, memsize, VM_MMAP_ALL);
if (err) {
fprintf(stderr, "Unable to setup memory (%d)\n", errno);
exit(1);
}
error = init_msr();
if (error) {
fprintf(stderr, "init_msr error %d", error);
exit(1);
}
init_mem();
init_inout();
atkbdc_init(ctx);
pci_irq_init(ctx);
ioapic_init(ctx);
rtc_init(ctx, rtc_localtime);
sci_init(ctx);
/*
* Exit if a device emulation finds an error in its initilization
*/
if (init_pci(ctx) != 0)
exit(1);
if (dbg_port != 0)
init_dbgport(dbg_port);
if (gdb_port != 0)
init_gdb(ctx, gdb_port, gdb_stop);
if (bvmcons)
init_bvmcons();
if (lpc_bootrom()) {
if (vm_set_capability(ctx, BSP, VM_CAP_UNRESTRICTED_GUEST, 1)) {
fprintf(stderr, "ROM boot failed: unrestricted guest "
"capability not available\n");
exit(1);
}
error = vcpu_reset(ctx, BSP);
assert(error == 0);
}
error = vm_get_register(ctx, BSP, VM_REG_GUEST_RIP, &rip);
assert(error == 0);
/*
* build the guest tables, MP etc.
*/
if (mptgen) {
error = mptable_build(ctx, guest_ncpus);
if (error)
exit(1);
}
error = smbios_build(ctx);
assert(error == 0);
if (acpi) {
error = acpi_build(ctx, guest_ncpus);
assert(error == 0);
}
if (lpc_bootrom())
fwctl_init();
#ifndef WITHOUT_CAPSICUM
caph_cache_catpages();
if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1)
errx(EX_OSERR, "Unable to apply rights for sandbox");
if (cap_enter() == -1 && errno != ENOSYS)
errx(EX_OSERR, "cap_enter() failed");
#endif
/*
* Change the proc title to include the VM name.
*/
setproctitle("%s", vmname);
/*
* Add CPU 0
*/
fbsdrun_addcpu(ctx, BSP, BSP, rip);
/*
* Head off to the main event dispatch loop
*/
mevent_dispatch();
exit(1);
}