From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NuELL-0000cW-Rm
	for qemu-devel@nongnu.org; Tue, 23 Mar 2010 20:21:07 -0400
Received: from [140.186.70.92] (port=37587 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NuELJ-0000cO-L7
	for qemu-devel@nongnu.org; Tue, 23 Mar 2010 20:21:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <paul@codesourcery.com>) id 1NuELH-0000Dc-Pt
	for qemu-devel@nongnu.org; Tue, 23 Mar 2010 20:21:05 -0400
Received: from mx20.gnu.org ([199.232.41.8]:35375)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <paul@codesourcery.com>) id 1NuELH-0000DY-MV
	for qemu-devel@nongnu.org; Tue, 23 Mar 2010 20:21:03 -0400
Received: from mail.codesourcery.com ([38.113.113.100])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <paul@codesourcery.com>) id 1NuELH-0005OR-1H
	for qemu-devel@nongnu.org; Tue, 23 Mar 2010 20:21:03 -0400
From: Paul Brook <paul@codesourcery.com>
Subject: Re: [Qemu-devel] Execute a char buffer without loading ELF
Date: Wed, 24 Mar 2010 00:20:57 +0000
References: <37a0fa861003230950q4f875079xc681b77349359cbc@mail.gmail.com>
In-Reply-To: <37a0fa861003230950q4f875079xc681b77349359cbc@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-15"
Content-Transfer-Encoding: 7bit
Message-Id: <201003240020.58807.paul@codesourcery.com>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: John Vele <jveleg@gmail.com>

> I am involved in a project that we use Qemu user mode for i386
> (./i386-linux-user/qemu-i386). I want to modify the source code
> in such a way to make qemu execute a buffer of bytes (given from the comman
> line for example) rather than loading
> an ELF file and executing. I started looking at linux-user/linuxload.c
> loader_exec() function  and linux-user/elfload.c load_elf_binary()
> function. Is there a way to bypass the loading of an ELF file and load a
> single buffer of bytes (that is i386 code) into memory
> and make Qemu start execution on it?

Short answer is no.

Long answer is:
- Creating an ELF image from a blob of data if fairly trivial, so you don't 
really need this functionality.
- You're using linux usermode emulation. Linux doesn't load and execute random 
data. Neither do we.
- Loading a blob of code at an arbitrary location probably won't do what you 
want anyway.

Paul