]>
Commit | Line | Data |
---|---|---|
0a54e401 | 1 | /* Map in a shared object's segments from the file. |
40e2fc8b | 2 | Copyright (C) 1995-2005, 2006, 2007, 2009 Free Software Foundation, Inc. |
afd4eb37 | 3 | This file is part of the GNU C Library. |
d66e34cd | 4 | |
afd4eb37 | 5 | The GNU C Library is free software; you can redistribute it and/or |
41bdb6e2 AJ |
6 | modify it under the terms of the GNU Lesser General Public |
7 | License as published by the Free Software Foundation; either | |
8 | version 2.1 of the License, or (at your option) any later version. | |
d66e34cd | 9 | |
afd4eb37 UD |
10 | The GNU C Library is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
41bdb6e2 | 13 | Lesser General Public License for more details. |
d66e34cd | 14 | |
41bdb6e2 AJ |
15 | You should have received a copy of the GNU Lesser General Public |
16 | License along with the GNU C Library; if not, write to the Free | |
17 | Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA | |
18 | 02111-1307 USA. */ | |
d66e34cd | 19 | |
14e9dd67 | 20 | #include <elf.h> |
0a54e401 UD |
21 | #include <errno.h> |
22 | #include <fcntl.h> | |
8e17ea58 | 23 | #include <libintl.h> |
379d4ec4 | 24 | #include <stdbool.h> |
0a54e401 | 25 | #include <stdlib.h> |
d66e34cd | 26 | #include <string.h> |
d66e34cd | 27 | #include <unistd.h> |
a42195db | 28 | #include <ldsodefs.h> |
ca97fb53 | 29 | #include <bits/wordsize.h> |
0a54e401 | 30 | #include <sys/mman.h> |
f8f7e090 | 31 | #include <sys/param.h> |
0a54e401 UD |
32 | #include <sys/stat.h> |
33 | #include <sys/types.h> | |
d66e34cd | 34 | #include "dynamic-link.h" |
a986484f | 35 | #include <abi-tag.h> |
664e7d93 | 36 | #include <stackinfo.h> |
703ccc12 | 37 | #include <caller.h> |
606832e6 | 38 | #include <sysdep.h> |
d66e34cd | 39 | |
dc5efe83 | 40 | #include <dl-dst.h> |
d66e34cd | 41 | |
9b8a44cd RM |
42 | /* On some systems, no flag bits are given to specify file mapping. */ |
43 | #ifndef MAP_FILE | |
fcf70d41 | 44 | # define MAP_FILE 0 |
9b8a44cd RM |
45 | #endif |
46 | ||
47 | /* The right way to map in the shared library files is MAP_COPY, which | |
48 | makes a virtual copy of the data at the time of the mmap call; this | |
49 | guarantees the mapped pages will be consistent even if the file is | |
50 | overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we | |
51 | get is MAP_PRIVATE, which copies each page when it is modified; this | |
52 | means if the file is overwritten, we may at some point get some pages | |
a3fcd5e8 | 53 | from the new version after starting with pages from the old version. |
a334319f | 54 | |
a3fcd5e8 RM |
55 | To make up for the lack and avoid the overwriting problem, |
56 | what Linux does have is MAP_DENYWRITE. This prevents anyone | |
57 | from modifying the file while we have it mapped. */ | |
58 | #ifndef MAP_COPY | |
59 | # ifdef MAP_DENYWRITE | |
60 | # define MAP_COPY (MAP_PRIVATE | MAP_DENYWRITE) | |
61 | # else | |
62 | # define MAP_COPY MAP_PRIVATE | |
63 | # endif | |
b34cbd14 RM |
64 | #endif |
65 | ||
f21acc89 UD |
66 | /* Some systems link their relocatable objects for another base address |
67 | than 0. We want to know the base address for these such that we can | |
68 | subtract this address from the segment addresses during mapping. | |
69 | This results in a more efficient address space usage. Defaults to | |
70 | zero for almost all systems. */ | |
71 | #ifndef MAP_BASE_ADDR | |
fcf70d41 | 72 | # define MAP_BASE_ADDR(l) 0 |
f21acc89 UD |
73 | #endif |
74 | ||
9b8a44cd | 75 | |
d66e34cd RM |
76 | #include <endian.h> |
77 | #if BYTE_ORDER == BIG_ENDIAN | |
fcf70d41 | 78 | # define byteorder ELFDATA2MSB |
d66e34cd | 79 | #elif BYTE_ORDER == LITTLE_ENDIAN |
fcf70d41 | 80 | # define byteorder ELFDATA2LSB |
d66e34cd | 81 | #else |
fcf70d41 UD |
82 | # error "Unknown BYTE_ORDER " BYTE_ORDER |
83 | # define byteorder ELFDATANONE | |
d66e34cd RM |
84 | #endif |
85 | ||
14e9dd67 | 86 | #define STRING(x) __STRING (x) |
d66e34cd | 87 | |
4cca6b86 UD |
88 | /* Handle situations where we have a preferred location in memory for |
89 | the shared objects. */ | |
90 | #ifdef ELF_PREFERRED_ADDRESS_DATA | |
91 | ELF_PREFERRED_ADDRESS_DATA; | |
92 | #endif | |
93 | #ifndef ELF_PREFERRED_ADDRESS | |
fcf70d41 | 94 | # define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref) |
4cca6b86 UD |
95 | #endif |
96 | #ifndef ELF_FIXED_ADDRESS | |
fcf70d41 | 97 | # define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0) |
4cca6b86 UD |
98 | #endif |
99 | ||
dcca3fe2 | 100 | |
664e7d93 | 101 | int __stack_prot attribute_hidden attribute_relro |
44828b9d | 102 | #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN |
ecc1d0c3 | 103 | = PROT_GROWSDOWN; |
44828b9d | 104 | #elif _STACK_GROWS_UP && defined PROT_GROWSUP |
ecc1d0c3 | 105 | = PROT_GROWSUP; |
f8286ce6 RM |
106 | #else |
107 | = 0; | |
664e7d93 UD |
108 | #endif |
109 | ||
dcca3fe2 | 110 | |
a35e137a UD |
111 | /* Type for the buffer we put the ELF header and hopefully the program |
112 | header. This buffer does not really have to be too large. In most | |
113 | cases the program header follows the ELF header directly. If this | |
6fffb9a2 UD |
114 | is not the case all bets are off and we can make the header |
115 | arbitrarily large and still won't get it read. This means the only | |
116 | question is how large are the ELF and program header combined. The | |
117 | ELF header 32-bit files is 52 bytes long and in 64-bit files is 64 | |
118 | bytes long. Each program header entry is again 32 and 56 bytes | |
23e2554f UD |
119 | long respectively. I.e., even with a file which has 10 program |
120 | header entries we only have to read 372B/624B respectively. Add to | |
121 | this a bit of margin for program notes and reading 512B and 832B | |
122 | for 32-bit and 64-bit files respecitvely is enough. If this | |
123 | heuristic should really fail for some file the code in | |
124 | `_dl_map_object_from_fd' knows how to recover. */ | |
a35e137a UD |
125 | struct filebuf |
126 | { | |
127 | ssize_t len; | |
868b9d6a | 128 | #if __WORDSIZE == 32 |
ca97fb53 UD |
129 | # define FILEBUF_SIZE 512 |
130 | #else | |
23e2554f | 131 | # define FILEBUF_SIZE 832 |
ca97fb53 | 132 | #endif |
6fffb9a2 | 133 | char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr))))); |
a35e137a UD |
134 | }; |
135 | ||
7ef90c15 | 136 | /* This is the decomposed LD_LIBRARY_PATH search path. */ |
392a6b52 | 137 | static struct r_search_path_struct env_path_list attribute_relro; |
40a55d20 | 138 | |
12264bd7 | 139 | /* List of the hardware capabilities we might end up using. */ |
392a6b52 UD |
140 | static const struct r_strlenpair *capstr attribute_relro; |
141 | static size_t ncapstr attribute_relro; | |
142 | static size_t max_capstrlen attribute_relro; | |
12264bd7 | 143 | |
40a55d20 | 144 | |
ab7eb292 UD |
145 | /* Get the generated information about the trusted directories. */ |
146 | #include "trusted-dirs.h" | |
147 | ||
148 | static const char system_dirs[] = SYSTEM_DIRS; | |
149 | static const size_t system_dirs_len[] = | |
150 | { | |
151 | SYSTEM_DIRS_LEN | |
152 | }; | |
4a6d1198 UD |
153 | #define nsystem_dirs_len \ |
154 | (sizeof (system_dirs_len) / sizeof (system_dirs_len[0])) | |
ab7eb292 | 155 | |
32c85e43 | 156 | |
706074a5 | 157 | /* Local version of `strdup' function. */ |
ff0bf753 | 158 | static char * |
706074a5 UD |
159 | local_strdup (const char *s) |
160 | { | |
161 | size_t len = strlen (s) + 1; | |
162 | void *new = malloc (len); | |
163 | ||
164 | if (new == NULL) | |
165 | return NULL; | |
166 | ||
167 | return (char *) memcpy (new, s, len); | |
168 | } | |
169 | ||
dc5efe83 | 170 | |
6d5d3ae3 | 171 | static size_t |
379d4ec4 | 172 | is_dst (const char *start, const char *name, const char *str, |
d43c8c5f | 173 | int is_path, int secure) |
6d5d3ae3 UD |
174 | { |
175 | size_t len; | |
379d4ec4 | 176 | bool is_curly = false; |
6d5d3ae3 | 177 | |
379d4ec4 UD |
178 | if (name[0] == '{') |
179 | { | |
180 | is_curly = true; | |
181 | ++name; | |
182 | } | |
183 | ||
184 | len = 0; | |
185 | while (name[len] == str[len] && name[len] != '\0') | |
186 | ++len; | |
187 | ||
188 | if (is_curly) | |
189 | { | |
190 | if (name[len] != '}') | |
191 | return 0; | |
192 | ||
193 | /* Point again at the beginning of the name. */ | |
194 | --name; | |
195 | /* Skip over closing curly brace and adjust for the --name. */ | |
196 | len += 2; | |
197 | } | |
198 | else if (name[len] != '\0' && name[len] != '/' | |
199 | && (!is_path || name[len] != ':')) | |
6d5d3ae3 UD |
200 | return 0; |
201 | ||
202 | if (__builtin_expect (secure, 0) | |
379d4ec4 | 203 | && ((name[len] != '\0' && (!is_path || name[len] != ':')) |
6d5d3ae3 UD |
204 | || (name != start + 1 && (!is_path || name[-2] != ':')))) |
205 | return 0; | |
206 | ||
207 | return len; | |
208 | } | |
209 | ||
210 | ||
dc5efe83 UD |
211 | size_t |
212 | _dl_dst_count (const char *name, int is_path) | |
f787edde | 213 | { |
2864e767 | 214 | const char *const start = name; |
f787edde | 215 | size_t cnt = 0; |
f787edde | 216 | |
dc5efe83 | 217 | do |
f787edde | 218 | { |
379d4ec4 | 219 | size_t len; |
f787edde | 220 | |
32463b1a | 221 | /* $ORIGIN is not expanded for SUID/GUID programs (except if it |
379d4ec4 UD |
222 | is $ORIGIN alone) and it must always appear first in path. */ |
223 | ++name; | |
224 | if ((len = is_dst (start, name, "ORIGIN", is_path, | |
e6caf4e1 | 225 | INTUSE(__libc_enable_secure))) != 0 |
27af5372 RM |
226 | || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 |
227 | || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) | |
f787edde UD |
228 | ++cnt; |
229 | ||
dc5efe83 | 230 | name = strchr (name + len, '$'); |
f787edde | 231 | } |
dc5efe83 | 232 | while (name != NULL); |
f787edde | 233 | |
dc5efe83 UD |
234 | return cnt; |
235 | } | |
f787edde | 236 | |
f787edde | 237 | |
dc5efe83 UD |
238 | char * |
239 | _dl_dst_substitute (struct link_map *l, const char *name, char *result, | |
240 | int is_path) | |
241 | { | |
2864e767 | 242 | const char *const start = name; |
dc5efe83 | 243 | char *last_elem, *wp; |
f787edde UD |
244 | |
245 | /* Now fill the result path. While copying over the string we keep | |
246 | track of the start of the last path element. When we come accross | |
247 | a DST we copy over the value or (if the value is not available) | |
248 | leave the entire path element out. */ | |
249 | last_elem = wp = result; | |
dc5efe83 | 250 | |
f787edde UD |
251 | do |
252 | { | |
39b3385d | 253 | if (__builtin_expect (*name == '$', 0)) |
f787edde | 254 | { |
2541eda0 | 255 | const char *repl = NULL; |
379d4ec4 | 256 | size_t len; |
2541eda0 | 257 | |
379d4ec4 UD |
258 | ++name; |
259 | if ((len = is_dst (start, name, "ORIGIN", is_path, | |
e6caf4e1 | 260 | INTUSE(__libc_enable_secure))) != 0) |
e7c8359e UD |
261 | { |
262 | #ifndef SHARED | |
263 | if (l == NULL) | |
264 | repl = _dl_get_origin (); | |
265 | else | |
266 | #endif | |
267 | repl = l->l_origin; | |
268 | } | |
27af5372 | 269 | else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) |
afdca0f2 | 270 | repl = GLRO(dl_platform); |
27af5372 RM |
271 | else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) |
272 | repl = DL_DST_LIB; | |
2541eda0 | 273 | |
2541eda0 UD |
274 | if (repl != NULL && repl != (const char *) -1) |
275 | { | |
276 | wp = __stpcpy (wp, repl); | |
277 | name += len; | |
278 | } | |
279 | else if (len > 1) | |
f787edde | 280 | { |
2541eda0 UD |
281 | /* We cannot use this path element, the value of the |
282 | replacement is unknown. */ | |
283 | wp = last_elem; | |
284 | name += len; | |
285 | while (*name != '\0' && (!is_path || *name != ':')) | |
286 | ++name; | |
f787edde UD |
287 | } |
288 | else | |
27aa0631 | 289 | /* No DST we recognize. */ |
379d4ec4 | 290 | *wp++ = '$'; |
f787edde | 291 | } |
2541eda0 | 292 | else |
f787edde | 293 | { |
dc5efe83 | 294 | *wp++ = *name++; |
2541eda0 UD |
295 | if (is_path && *name == ':') |
296 | last_elem = wp; | |
f787edde | 297 | } |
f787edde | 298 | } |
dc5efe83 | 299 | while (*name != '\0'); |
f787edde UD |
300 | |
301 | *wp = '\0'; | |
302 | ||
303 | return result; | |
304 | } | |
305 | ||
dc5efe83 UD |
306 | |
307 | /* Return copy of argument with all recognized dynamic string tokens | |
308 | ($ORIGIN and $PLATFORM for now) replaced. On some platforms it | |
309 | might not be possible to determine the path from which the object | |
310 | belonging to the map is loaded. In this case the path element | |
311 | containing $ORIGIN is left out. */ | |
312 | static char * | |
313 | expand_dynamic_string_token (struct link_map *l, const char *s) | |
314 | { | |
315 | /* We make two runs over the string. First we determine how large the | |
316 | resulting string is and then we copy it over. Since this is now | |
317 | frequently executed operation we are looking here not for performance | |
318 | but rather for code size. */ | |
319 | size_t cnt; | |
320 | size_t total; | |
321 | char *result; | |
322 | ||
2864e767 | 323 | /* Determine the number of DST elements. */ |
dc5efe83 UD |
324 | cnt = DL_DST_COUNT (s, 1); |
325 | ||
326 | /* If we do not have to replace anything simply copy the string. */ | |
55c91021 | 327 | if (__builtin_expect (cnt, 0) == 0) |
dc5efe83 UD |
328 | return local_strdup (s); |
329 | ||
330 | /* Determine the length of the substituted string. */ | |
331 | total = DL_DST_REQUIRED (l, s, strlen (s), cnt); | |
332 | ||
333 | /* Allocate the necessary memory. */ | |
334 | result = (char *) malloc (total + 1); | |
335 | if (result == NULL) | |
336 | return NULL; | |
337 | ||
154d10bd | 338 | return _dl_dst_substitute (l, s, result, 1); |
dc5efe83 UD |
339 | } |
340 | ||
341 | ||
0413b54c UD |
342 | /* Add `name' to the list of names for a particular shared object. |
343 | `name' is expected to have been allocated with malloc and will | |
344 | be freed if the shared object already has this name. | |
345 | Returns false if the object already had this name. */ | |
76156ea1 | 346 | static void |
12264bd7 | 347 | internal_function |
76156ea1 | 348 | add_name_to_object (struct link_map *l, const char *name) |
0a54e401 | 349 | { |
0413b54c UD |
350 | struct libname_list *lnp, *lastp; |
351 | struct libname_list *newname; | |
76156ea1 | 352 | size_t name_len; |
0413b54c UD |
353 | |
354 | lastp = NULL; | |
355 | for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next) | |
356 | if (strcmp (name, lnp->name) == 0) | |
76156ea1 | 357 | return; |
0413b54c | 358 | |
76156ea1 | 359 | name_len = strlen (name) + 1; |
839be784 | 360 | newname = (struct libname_list *) malloc (sizeof *newname + name_len); |
0413b54c | 361 | if (newname == NULL) |
da832465 UD |
362 | { |
363 | /* No more memory. */ | |
154d10bd | 364 | _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record")); |
76156ea1 | 365 | return; |
da832465 | 366 | } |
0413b54c UD |
367 | /* The object should have a libname set from _dl_new_object. */ |
368 | assert (lastp != NULL); | |
369 | ||
76156ea1 | 370 | newname->name = memcpy (newname + 1, name, name_len); |
0413b54c | 371 | newname->next = NULL; |
752a2a50 | 372 | newname->dont_free = 0; |
0413b54c | 373 | lastp->next = newname; |
0413b54c UD |
374 | } |
375 | ||
12264bd7 | 376 | /* Standard search directories. */ |
392a6b52 | 377 | static struct r_search_path_struct rtld_search_dirs attribute_relro; |
0a54e401 | 378 | |
a658675d | 379 | static size_t max_dirnamelen; |
0a54e401 | 380 | |
dd9423a6 | 381 | static struct r_search_path_elem ** |
0a54e401 | 382 | fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep, |
ab7eb292 | 383 | int check_trusted, const char *what, const char *where) |
0a54e401 UD |
384 | { |
385 | char *cp; | |
386 | size_t nelems = 0; | |
387 | ||
388 | while ((cp = __strsep (&rpath, sep)) != NULL) | |
389 | { | |
390 | struct r_search_path_elem *dirp; | |
391 | size_t len = strlen (cp); | |
12264bd7 | 392 | |
af3878df UD |
393 | /* `strsep' can pass an empty string. This has to be |
394 | interpreted as `use the current directory'. */ | |
12264bd7 | 395 | if (len == 0) |
af3878df | 396 | { |
ab7eb292 UD |
397 | static const char curwd[] = "./"; |
398 | cp = (char *) curwd; | |
af3878df | 399 | } |
12264bd7 | 400 | |
143e2b96 | 401 | /* Remove trailing slashes (except for "/"). */ |
0a54e401 UD |
402 | while (len > 1 && cp[len - 1] == '/') |
403 | --len; | |
404 | ||
ab7eb292 UD |
405 | /* Now add one if there is none so far. */ |
406 | if (len > 0 && cp[len - 1] != '/') | |
407 | cp[len++] = '/'; | |
408 | ||
07ba7349 UD |
409 | /* Make sure we don't use untrusted directories if we run SUID. */ |
410 | if (__builtin_expect (check_trusted, 0)) | |
411 | { | |
412 | const char *trun = system_dirs; | |
413 | size_t idx; | |
414 | int unsecure = 1; | |
415 | ||
416 | /* All trusted directories must be complete names. */ | |
417 | if (cp[0] == '/') | |
418 | { | |
419 | for (idx = 0; idx < nsystem_dirs_len; ++idx) | |
420 | { | |
421 | if (len == system_dirs_len[idx] | |
422 | && memcmp (trun, cp, len) == 0) | |
423 | { | |
424 | /* Found it. */ | |
425 | unsecure = 0; | |
426 | break; | |
427 | } | |
428 | ||
429 | trun += system_dirs_len[idx] + 1; | |
430 | } | |
431 | } | |
432 | ||
433 | if (unsecure) | |
434 | /* Simply drop this directory. */ | |
435 | continue; | |
436 | } | |
437 | ||
0a54e401 | 438 | /* See if this directory is already known. */ |
d6b5d570 | 439 | for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next) |
12264bd7 | 440 | if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) |
0a54e401 UD |
441 | break; |
442 | ||
443 | if (dirp != NULL) | |
444 | { | |
12264bd7 | 445 | /* It is available, see whether it's on our own list. */ |
0a54e401 UD |
446 | size_t cnt; |
447 | for (cnt = 0; cnt < nelems; ++cnt) | |
448 | if (result[cnt] == dirp) | |
449 | break; | |
450 | ||
451 | if (cnt == nelems) | |
452 | result[nelems++] = dirp; | |
453 | } | |
454 | else | |
455 | { | |
12264bd7 | 456 | size_t cnt; |
839be784 | 457 | enum r_dir_status init_val; |
4a6d1198 | 458 | size_t where_len = where ? strlen (where) + 1 : 0; |
12264bd7 | 459 | |
0a54e401 | 460 | /* It's a new directory. Create an entry and add it. */ |
12264bd7 | 461 | dirp = (struct r_search_path_elem *) |
32ee8d95 | 462 | malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status) |
f55727ca | 463 | + where_len + len + 1); |
0a54e401 | 464 | if (dirp == NULL) |
154d10bd UD |
465 | _dl_signal_error (ENOMEM, NULL, NULL, |
466 | N_("cannot create cache for search path")); | |
0a54e401 | 467 | |
f55727ca UD |
468 | dirp->dirname = ((char *) dirp + sizeof (*dirp) |
469 | + ncapstr * sizeof (enum r_dir_status)); | |
104d0bd3 | 470 | *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0'; |
0a54e401 | 471 | dirp->dirnamelen = len; |
12264bd7 UD |
472 | |
473 | if (len > max_dirnamelen) | |
474 | max_dirnamelen = len; | |
475 | ||
07ba7349 UD |
476 | /* We have to make sure all the relative directories are |
477 | never ignored. The current directory might change and | |
478 | all our saved information would be void. */ | |
479 | init_val = cp[0] != '/' ? existing : unknown; | |
839be784 UD |
480 | for (cnt = 0; cnt < ncapstr; ++cnt) |
481 | dirp->status[cnt] = init_val; | |
0a54e401 | 482 | |
b5efde2f | 483 | dirp->what = what; |
4a6d1198 | 484 | if (__builtin_expect (where != NULL, 1)) |
f55727ca | 485 | dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1 |
d6b5d570 | 486 | + (ncapstr * sizeof (enum r_dir_status)), |
4a6d1198 UD |
487 | where, where_len); |
488 | else | |
489 | dirp->where = NULL; | |
b5efde2f | 490 | |
d6b5d570 UD |
491 | dirp->next = GL(dl_all_dirs); |
492 | GL(dl_all_dirs) = dirp; | |
0a54e401 UD |
493 | |
494 | /* Put it in the result array. */ | |
495 | result[nelems++] = dirp; | |
496 | } | |
497 | } | |
498 | ||
499 | /* Terminate the array. */ | |
500 | result[nelems] = NULL; | |
501 | ||
502 | return result; | |
503 | } | |
504 | ||
505 | ||
2692deea | 506 | static bool |
12264bd7 | 507 | internal_function |
f55727ca UD |
508 | decompose_rpath (struct r_search_path_struct *sps, |
509 | const char *rpath, struct link_map *l, const char *what) | |
0a54e401 UD |
510 | { |
511 | /* Make a copy we can work with. */ | |
f787edde | 512 | const char *where = l->l_name; |
310930c1 | 513 | char *copy; |
0a54e401 UD |
514 | char *cp; |
515 | struct r_search_path_elem **result; | |
310930c1 | 516 | size_t nelems; |
39b3385d UD |
517 | /* Initialize to please the compiler. */ |
518 | const char *errstring = NULL; | |
310930c1 | 519 | |
fcf70d41 UD |
520 | /* First see whether we must forget the RUNPATH and RPATH from this |
521 | object. */ | |
afdca0f2 | 522 | if (__builtin_expect (GLRO(dl_inhibit_rpath) != NULL, 0) |
e6caf4e1 | 523 | && !INTUSE(__libc_enable_secure)) |
310930c1 | 524 | { |
afdca0f2 | 525 | const char *inhp = GLRO(dl_inhibit_rpath); |
9710f75d UD |
526 | |
527 | do | |
310930c1 | 528 | { |
9710f75d UD |
529 | const char *wp = where; |
530 | ||
531 | while (*inhp == *wp && *wp != '\0') | |
532 | { | |
533 | ++inhp; | |
534 | ++wp; | |
535 | } | |
536 | ||
537 | if (*wp == '\0' && (*inhp == '\0' || *inhp == ':')) | |
310930c1 | 538 | { |
fcf70d41 UD |
539 | /* This object is on the list of objects for which the |
540 | RUNPATH and RPATH must not be used. */ | |
2692deea UD |
541 | sps->dirs = (void *) -1; |
542 | return false; | |
310930c1 | 543 | } |
9710f75d UD |
544 | |
545 | while (*inhp != '\0') | |
546 | if (*inhp++ == ':') | |
547 | break; | |
310930c1 | 548 | } |
9710f75d | 549 | while (*inhp != '\0'); |
310930c1 | 550 | } |
0a54e401 | 551 | |
f787edde UD |
552 | /* Make a writable copy. At the same time expand possible dynamic |
553 | string tokens. */ | |
554 | copy = expand_dynamic_string_token (l, rpath); | |
555 | if (copy == NULL) | |
39b3385d UD |
556 | { |
557 | errstring = N_("cannot create RUNPATH/RPATH copy"); | |
558 | goto signal_error; | |
559 | } | |
f787edde | 560 | |
310930c1 | 561 | /* Count the number of necessary elements in the result array. */ |
310930c1 | 562 | nelems = 0; |
0a54e401 UD |
563 | for (cp = copy; *cp != '\0'; ++cp) |
564 | if (*cp == ':') | |
565 | ++nelems; | |
566 | ||
7ef90c15 UD |
567 | /* Allocate room for the result. NELEMS + 1 is an upper limit for the |
568 | number of necessary entries. */ | |
569 | result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1) | |
0a54e401 UD |
570 | * sizeof (*result)); |
571 | if (result == NULL) | |
2692deea | 572 | { |
ce31a3b1 | 573 | free (copy); |
2692deea UD |
574 | errstring = N_("cannot create cache for search path"); |
575 | signal_error: | |
576 | _dl_signal_error (ENOMEM, NULL, NULL, errstring); | |
577 | } | |
0a54e401 | 578 | |
f55727ca UD |
579 | fillin_rpath (copy, result, ":", 0, what, where); |
580 | ||
581 | /* Free the copied RPATH string. `fillin_rpath' make own copies if | |
582 | necessary. */ | |
583 | free (copy); | |
584 | ||
585 | sps->dirs = result; | |
586 | /* The caller will change this value if we haven't used a real malloc. */ | |
587 | sps->malloced = 1; | |
2692deea | 588 | return true; |
0a54e401 UD |
589 | } |
590 | ||
45e4762c RM |
591 | /* Make sure cached path information is stored in *SP |
592 | and return true if there are any paths to search there. */ | |
25337753 | 593 | static bool |
45e4762c RM |
594 | cache_rpath (struct link_map *l, |
595 | struct r_search_path_struct *sp, | |
596 | int tag, | |
597 | const char *what) | |
598 | { | |
599 | if (sp->dirs == (void *) -1) | |
600 | return false; | |
601 | ||
602 | if (sp->dirs != NULL) | |
603 | return true; | |
604 | ||
605 | if (l->l_info[tag] == NULL) | |
606 | { | |
607 | /* There is no path. */ | |
608 | sp->dirs = (void *) -1; | |
609 | return false; | |
610 | } | |
611 | ||
612 | /* Make sure the cache information is available. */ | |
2692deea UD |
613 | return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB]) |
614 | + l->l_info[tag]->d_un.d_val), | |
615 | l, what); | |
45e4762c RM |
616 | } |
617 | ||
0a54e401 UD |
618 | |
619 | void | |
d0fc4041 | 620 | internal_function |
880f421f | 621 | _dl_init_paths (const char *llp) |
0a54e401 | 622 | { |
ab7eb292 UD |
623 | size_t idx; |
624 | const char *strp; | |
12264bd7 UD |
625 | struct r_search_path_elem *pelem, **aelem; |
626 | size_t round_size; | |
b5567b2a | 627 | #ifdef SHARED |
c94a8080 UD |
628 | struct link_map *l; |
629 | #endif | |
39b3385d UD |
630 | /* Initialize to please the compiler. */ |
631 | const char *errstring = NULL; | |
0a54e401 | 632 | |
7ef90c15 UD |
633 | /* Fill in the information about the application's RPATH and the |
634 | directories addressed by the LD_LIBRARY_PATH environment variable. */ | |
0a54e401 | 635 | |
4317f9e1 | 636 | /* Get the capabilities. */ |
afdca0f2 | 637 | capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen), |
12264bd7 UD |
638 | &ncapstr, &max_capstrlen); |
639 | ||
640 | /* First set up the rest of the default search directory entries. */ | |
f55727ca | 641 | aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **) |
4a6d1198 | 642 | malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *)); |
f55727ca | 643 | if (rtld_search_dirs.dirs == NULL) |
39b3385d UD |
644 | { |
645 | errstring = N_("cannot create search path array"); | |
646 | signal_error: | |
154d10bd | 647 | _dl_signal_error (ENOMEM, NULL, NULL, errstring); |
39b3385d | 648 | } |
12264bd7 UD |
649 | |
650 | round_size = ((2 * sizeof (struct r_search_path_elem) - 1 | |
651 | + ncapstr * sizeof (enum r_dir_status)) | |
652 | / sizeof (struct r_search_path_elem)); | |
653 | ||
f55727ca | 654 | rtld_search_dirs.dirs[0] = (struct r_search_path_elem *) |
228589d2 | 655 | malloc ((sizeof (system_dirs) / sizeof (system_dirs[0])) |
12264bd7 | 656 | * round_size * sizeof (struct r_search_path_elem)); |
f55727ca | 657 | if (rtld_search_dirs.dirs[0] == NULL) |
39b3385d UD |
658 | { |
659 | errstring = N_("cannot create cache for search path"); | |
660 | goto signal_error; | |
661 | } | |
12264bd7 | 662 | |
f55727ca | 663 | rtld_search_dirs.malloced = 0; |
d6b5d570 | 664 | pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0]; |
ab7eb292 UD |
665 | strp = system_dirs; |
666 | idx = 0; | |
667 | ||
668 | do | |
12264bd7 UD |
669 | { |
670 | size_t cnt; | |
671 | ||
672 | *aelem++ = pelem; | |
673 | ||
12264bd7 UD |
674 | pelem->what = "system search path"; |
675 | pelem->where = NULL; | |
676 | ||
ab7eb292 UD |
677 | pelem->dirname = strp; |
678 | pelem->dirnamelen = system_dirs_len[idx]; | |
679 | strp += system_dirs_len[idx] + 1; | |
12264bd7 | 680 | |
f55727ca UD |
681 | /* System paths must be absolute. */ |
682 | assert (pelem->dirname[0] == '/'); | |
683 | for (cnt = 0; cnt < ncapstr; ++cnt) | |
684 | pelem->status[cnt] = unknown; | |
ab7eb292 | 685 | |
4a6d1198 | 686 | pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size)); |
ab7eb292 UD |
687 | |
688 | pelem += round_size; | |
12264bd7 | 689 | } |
4a6d1198 | 690 | while (idx < nsystem_dirs_len); |
ab7eb292 UD |
691 | |
692 | max_dirnamelen = SYSTEM_DIRS_MAX_LEN; | |
12264bd7 | 693 | *aelem = NULL; |
4317f9e1 | 694 | |
b5567b2a | 695 | #ifdef SHARED |
81e0cb2d | 696 | /* This points to the map of the main object. */ |
c0f62c56 | 697 | l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; |
011ce8ed UD |
698 | if (l != NULL) |
699 | { | |
011ce8ed | 700 | assert (l->l_type != lt_loaded); |
40a55d20 | 701 | |
fcf70d41 UD |
702 | if (l->l_info[DT_RUNPATH]) |
703 | { | |
704 | /* Allocate room for the search path and fill in information | |
705 | from RUNPATH. */ | |
f55727ca UD |
706 | decompose_rpath (&l->l_runpath_dirs, |
707 | (const void *) (D_PTR (l, l_info[DT_STRTAB]) | |
708 | + l->l_info[DT_RUNPATH]->d_un.d_val), | |
709 | l, "RUNPATH"); | |
fcf70d41 UD |
710 | |
711 | /* The RPATH is ignored. */ | |
f55727ca | 712 | l->l_rpath_dirs.dirs = (void *) -1; |
fcf70d41 | 713 | } |
011ce8ed | 714 | else |
fcf70d41 | 715 | { |
f55727ca | 716 | l->l_runpath_dirs.dirs = (void *) -1; |
fcf70d41 UD |
717 | |
718 | if (l->l_info[DT_RPATH]) | |
f55727ca UD |
719 | { |
720 | /* Allocate room for the search path and fill in information | |
721 | from RPATH. */ | |
722 | decompose_rpath (&l->l_rpath_dirs, | |
723 | (const void *) (D_PTR (l, l_info[DT_STRTAB]) | |
fcf70d41 UD |
724 | + l->l_info[DT_RPATH]->d_un.d_val), |
725 | l, "RPATH"); | |
f55727ca UD |
726 | l->l_rpath_dirs.malloced = 0; |
727 | } | |
fcf70d41 | 728 | else |
f55727ca | 729 | l->l_rpath_dirs.dirs = (void *) -1; |
fcf70d41 | 730 | } |
0a54e401 | 731 | } |
b5567b2a | 732 | #endif /* SHARED */ |
7ef90c15 UD |
733 | |
734 | if (llp != NULL && *llp != '\0') | |
0a54e401 | 735 | { |
7ef90c15 UD |
736 | size_t nllp; |
737 | const char *cp = llp; | |
950398e1 UD |
738 | char *llp_tmp; |
739 | ||
740 | #ifdef SHARED | |
741 | /* Expand DSTs. */ | |
742 | size_t cnt = DL_DST_COUNT (llp, 1); | |
743 | if (__builtin_expect (cnt == 0, 1)) | |
744 | llp_tmp = strdupa (llp); | |
745 | else | |
746 | { | |
747 | /* Determine the length of the substituted string. */ | |
748 | size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt); | |
749 | ||
750 | /* Allocate the necessary memory. */ | |
751 | llp_tmp = (char *) alloca (total + 1); | |
752 | llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1); | |
753 | } | |
754 | #else | |
755 | llp_tmp = strdupa (llp); | |
756 | #endif | |
011ce8ed | 757 | |
7ef90c15 UD |
758 | /* Decompose the LD_LIBRARY_PATH contents. First determine how many |
759 | elements it has. */ | |
760 | nllp = 1; | |
761 | while (*cp) | |
0a54e401 | 762 | { |
7ef90c15 UD |
763 | if (*cp == ':' || *cp == ';') |
764 | ++nllp; | |
765 | ++cp; | |
011ce8ed | 766 | } |
7ef90c15 | 767 | |
f55727ca | 768 | env_path_list.dirs = (struct r_search_path_elem **) |
7ef90c15 | 769 | malloc ((nllp + 1) * sizeof (struct r_search_path_elem *)); |
f55727ca | 770 | if (env_path_list.dirs == NULL) |
39b3385d UD |
771 | { |
772 | errstring = N_("cannot create cache for search path"); | |
773 | goto signal_error; | |
774 | } | |
7ef90c15 | 775 | |
b0ed91ae | 776 | (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;", |
e6caf4e1 UD |
777 | INTUSE(__libc_enable_secure), "LD_LIBRARY_PATH", |
778 | NULL); | |
6a7c9bb4 | 779 | |
f55727ca | 780 | if (env_path_list.dirs[0] == NULL) |
6a7c9bb4 | 781 | { |
f55727ca UD |
782 | free (env_path_list.dirs); |
783 | env_path_list.dirs = (void *) -1; | |
6a7c9bb4 | 784 | } |
f55727ca UD |
785 | |
786 | env_path_list.malloced = 0; | |
81e0cb2d | 787 | } |
152e7964 | 788 | else |
f55727ca UD |
789 | env_path_list.dirs = (void *) -1; |
790 | ||
791 | /* Remember the last search directory added at startup. */ | |
c31e278f | 792 | GLRO(dl_init_all_dirs) = GL(dl_all_dirs); |
0a54e401 UD |
793 | } |
794 | ||
795 | ||
a6291c3d | 796 | static void |
a481b13c | 797 | __attribute__ ((noreturn, noinline)) |
126b06f9 | 798 | lose (int code, int fd, const char *name, char *realname, struct link_map *l, |
bca2218b | 799 | const char *msg, struct r_debug *r) |
126b06f9 | 800 | { |
fb0356b9 | 801 | /* The file might already be closed. */ |
a481b13c UD |
802 | if (fd != -1) |
803 | (void) __close (fd); | |
126b06f9 UD |
804 | if (l != NULL) |
805 | { | |
806 | /* Remove the stillborn object from the list and free it. */ | |
8bbd5f84 | 807 | assert (l->l_next == NULL); |
8bbd5f84 | 808 | if (l->l_prev == NULL) |
1a640298 RM |
809 | /* No other module loaded. This happens only in the static library, |
810 | or in rtld under --verify. */ | |
c0f62c56 | 811 | GL(dl_ns)[l->l_ns]._ns_loaded = NULL; |
8bbd5f84 | 812 | else |
8bbd5f84 | 813 | l->l_prev->l_next = NULL; |
c0f62c56 | 814 | --GL(dl_ns)[l->l_ns]._ns_nloaded; |
126b06f9 UD |
815 | free (l); |
816 | } | |
817 | free (realname); | |
bca2218b UD |
818 | |
819 | if (r != NULL) | |
820 | { | |
821 | r->r_state = RT_CONSISTENT; | |
822 | _dl_debug_state (); | |
823 | } | |
824 | ||
154d10bd | 825 | _dl_signal_error (code, name, NULL, msg); |
126b06f9 UD |
826 | } |
827 | ||
828 | ||
ea03559a RM |
829 | /* Map in the shared object NAME, actually located in REALNAME, and already |
830 | opened on FD. */ | |
831 | ||
f787edde UD |
832 | #ifndef EXTERNAL_MAP_FROM_FD |
833 | static | |
834 | #endif | |
ea03559a | 835 | struct link_map * |
a35e137a UD |
836 | _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp, |
837 | char *realname, struct link_map *loader, int l_type, | |
c0f62c56 | 838 | int mode, void **stack_endp, Lmid_t nsid) |
ea03559a | 839 | { |
622586fb | 840 | struct link_map *l = NULL; |
266180eb RM |
841 | const ElfW(Ehdr) *header; |
842 | const ElfW(Phdr) *phdr; | |
843 | const ElfW(Phdr) *ph; | |
8193034b | 844 | size_t maplength; |
b122c703 | 845 | int type; |
5763742f | 846 | struct stat64 st; |
39b3385d UD |
847 | /* Initialize to keep the compiler happy. */ |
848 | const char *errstring = NULL; | |
849 | int errval = 0; | |
29f97654 | 850 | struct r_debug *r = _dl_debug_initialize (0, nsid); |
9dcafc55 | 851 | bool make_consistent = false; |
61e0617a UD |
852 | |
853 | /* Get file information. */ | |
39b3385d UD |
854 | if (__builtin_expect (__fxstat64 (_STAT_VER, fd, &st) < 0, 0)) |
855 | { | |
856 | errstring = N_("cannot stat shared object"); | |
857 | call_lose_errno: | |
858 | errval = errno; | |
859 | call_lose: | |
bca2218b UD |
860 | lose (errval, fd, name, realname, l, errstring, |
861 | make_consistent ? r : NULL); | |
39b3385d | 862 | } |
d66e34cd RM |
863 | |
864 | /* Look again to see if the real name matched another already loaded. */ | |
c0f62c56 | 865 | for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next) |
20fe49b9 | 866 | if (l->l_removed == 0 && l->l_ino == st.st_ino && l->l_dev == st.st_dev) |
d66e34cd RM |
867 | { |
868 | /* The object is already loaded. | |
869 | Just bump its reference count and return it. */ | |
266180eb | 870 | __close (fd); |
c84142e8 UD |
871 | |
872 | /* If the name is not in the list of names for this object add | |
873 | it. */ | |
ea03559a | 874 | free (realname); |
0413b54c | 875 | add_name_to_object (l, name); |
8699e7b1 | 876 | |
d66e34cd RM |
877 | return l; |
878 | } | |
879 | ||
c0f62c56 UD |
880 | #ifdef SHARED |
881 | /* When loading into a namespace other than the base one we must | |
882 | avoid loading ld.so since there can only be one copy. Ever. */ | |
883 | if (__builtin_expect (nsid != LM_ID_BASE, 0) | |
884 | && ((st.st_ino == GL(dl_rtld_map).l_ino | |
885 | && st.st_dev == GL(dl_rtld_map).l_dev) | |
886 | || _dl_name_match_p (name, &GL(dl_rtld_map)))) | |
887 | { | |
888 | /* This is indeed ld.so. Create a new link_map which refers to | |
889 | the real one for almost everything. */ | |
890 | l = _dl_new_object (realname, name, l_type, loader, mode, nsid); | |
891 | if (l == NULL) | |
892 | goto fail_new; | |
893 | ||
894 | /* Refer to the real descriptor. */ | |
895 | l->l_real = &GL(dl_rtld_map); | |
896 | ||
897 | /* No need to bump the refcount of the real object, ld.so will | |
898 | never be unloaded. */ | |
899 | __close (fd); | |
900 | ||
901 | return l; | |
902 | } | |
903 | #endif | |
904 | ||
2f54c82d | 905 | if (mode & RTLD_NOLOAD) |
96961bf7 AS |
906 | { |
907 | /* We are not supposed to load the object unless it is already | |
908 | loaded. So return now. */ | |
909 | __close (fd); | |
910 | return NULL; | |
911 | } | |
bf8b3e74 | 912 | |
8193034b | 913 | /* Print debugging message. */ |
afdca0f2 | 914 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)) |
c0f62c56 | 915 | _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid); |
8193034b | 916 | |
a35e137a UD |
917 | /* This is the ELF header. We read it in `open_verify'. */ |
918 | header = (void *) fbp->buf; | |
d66e34cd | 919 | |
2064087b | 920 | #ifndef MAP_ANON |
126b06f9 | 921 | # define MAP_ANON 0 |
d66e34cd RM |
922 | if (_dl_zerofd == -1) |
923 | { | |
924 | _dl_zerofd = _dl_sysdep_open_zero_fill (); | |
925 | if (_dl_zerofd == -1) | |
ba79d61b RM |
926 | { |
927 | __close (fd); | |
154d10bd UD |
928 | _dl_signal_error (errno, NULL, NULL, |
929 | N_("cannot open zero fill device")); | |
ba79d61b | 930 | } |
d66e34cd | 931 | } |
2064087b | 932 | #endif |
d66e34cd | 933 | |
9dcafc55 UD |
934 | /* Signal that we are going to add new objects. */ |
935 | if (r->r_state == RT_CONSISTENT) | |
936 | { | |
937 | #ifdef SHARED | |
938 | /* Auditing checkpoint: we are going to add new objects. */ | |
2ca285b0 UD |
939 | if ((mode & __RTLD_AUDIT) == 0 |
940 | && __builtin_expect (GLRO(dl_naudit) > 0, 0)) | |
9dcafc55 UD |
941 | { |
942 | struct link_map *head = GL(dl_ns)[nsid]._ns_loaded; | |
943 | /* Do not call the functions for any auditing object. */ | |
944 | if (head->l_auditing == 0) | |
945 | { | |
946 | struct audit_ifaces *afct = GLRO(dl_audit); | |
947 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
948 | { | |
949 | if (afct->activity != NULL) | |
950 | afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD); | |
951 | ||
952 | afct = afct->next; | |
953 | } | |
954 | } | |
955 | } | |
956 | #endif | |
957 | ||
958 | /* Notify the debugger we have added some objects. We need to | |
959 | call _dl_debug_initialize in a static program in case dynamic | |
960 | linking has not been used before. */ | |
961 | r->r_state = RT_ADD; | |
962 | _dl_debug_state (); | |
963 | make_consistent = true; | |
964 | } | |
965 | else | |
966 | assert (r->r_state == RT_ADD); | |
967 | ||
ba79d61b | 968 | /* Enter the new object in the list of loaded objects. */ |
c0f62c56 UD |
969 | l = _dl_new_object (realname, name, l_type, loader, mode, nsid); |
970 | if (__builtin_expect (l == NULL, 0)) | |
39b3385d | 971 | { |
7cb92a99 | 972 | #ifdef SHARED |
c0f62c56 | 973 | fail_new: |
7cb92a99 | 974 | #endif |
39b3385d UD |
975 | errstring = N_("cannot create shared object descriptor"); |
976 | goto call_lose_errno; | |
977 | } | |
ba79d61b | 978 | |
b122c703 | 979 | /* Extract the remaining details we need from the ELF header |
32c85e43 | 980 | and then read in the program header table. */ |
b122c703 RM |
981 | l->l_entry = header->e_entry; |
982 | type = header->e_type; | |
983 | l->l_phnum = header->e_phnum; | |
32c85e43 UD |
984 | |
985 | maplength = header->e_phnum * sizeof (ElfW(Phdr)); | |
6dd67bd5 | 986 | if (header->e_phoff + maplength <= (size_t) fbp->len) |
a35e137a | 987 | phdr = (void *) (fbp->buf + header->e_phoff); |
32c85e43 UD |
988 | else |
989 | { | |
990 | phdr = alloca (maplength); | |
0e15c4b6 | 991 | __lseek (fd, header->e_phoff, SEEK_SET); |
6dd67bd5 | 992 | if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength) |
39b3385d UD |
993 | { |
994 | errstring = N_("cannot read file data"); | |
995 | goto call_lose_errno; | |
996 | } | |
32c85e43 | 997 | } |
879bf2e6 | 998 | |
ecdeaac0 RM |
999 | /* Presumed absent PT_GNU_STACK. */ |
1000 | uint_fast16_t stack_flags = PF_R|PF_W|PF_X; | |
1001 | ||
b122c703 RM |
1002 | { |
1003 | /* Scan the program header table, collecting its load commands. */ | |
1004 | struct loadcmd | |
1005 | { | |
266180eb | 1006 | ElfW(Addr) mapstart, mapend, dataend, allocend; |
b122c703 RM |
1007 | off_t mapoff; |
1008 | int prot; | |
1009 | } loadcmds[l->l_phnum], *c; | |
1010 | size_t nloadcmds = 0; | |
6fffb9a2 | 1011 | bool has_holes = false; |
d66e34cd | 1012 | |
126b06f9 | 1013 | /* The struct is initialized to zero so this is not necessary: |
d66e34cd | 1014 | l->l_ld = 0; |
b122c703 | 1015 | l->l_phdr = 0; |
126b06f9 | 1016 | l->l_addr = 0; */ |
d66e34cd RM |
1017 | for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph) |
1018 | switch (ph->p_type) | |
1019 | { | |
1020 | /* These entries tell us where to find things once the file's | |
1021 | segments are mapped in. We record the addresses it says | |
1022 | verbatim, and later correct for the run-time load address. */ | |
1023 | case PT_DYNAMIC: | |
1024 | l->l_ld = (void *) ph->p_vaddr; | |
dacc8ffa | 1025 | l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn)); |
d66e34cd | 1026 | break; |
39b3385d | 1027 | |
d66e34cd RM |
1028 | case PT_PHDR: |
1029 | l->l_phdr = (void *) ph->p_vaddr; | |
1030 | break; | |
1031 | ||
1032 | case PT_LOAD: | |
b122c703 RM |
1033 | /* A load command tells us to map in part of the file. |
1034 | We record the load commands and process them all later. */ | |
afdca0f2 | 1035 | if (__builtin_expect ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0, |
fd77c361 | 1036 | 0)) |
39b3385d UD |
1037 | { |
1038 | errstring = N_("ELF load command alignment not page-aligned"); | |
1039 | goto call_lose; | |
1040 | } | |
fd77c361 UD |
1041 | if (__builtin_expect (((ph->p_vaddr - ph->p_offset) |
1042 | & (ph->p_align - 1)) != 0, 0)) | |
39b3385d UD |
1043 | { |
1044 | errstring | |
1045 | = N_("ELF load command address/offset not properly aligned"); | |
1046 | goto call_lose; | |
1047 | } | |
1048 | ||
cc12f2a4 | 1049 | c = &loadcmds[nloadcmds++]; |
410828e4 | 1050 | c->mapstart = ph->p_vaddr & ~(GLRO(dl_pagesize) - 1); |
afdca0f2 UD |
1051 | c->mapend = ((ph->p_vaddr + ph->p_filesz + GLRO(dl_pagesize) - 1) |
1052 | & ~(GLRO(dl_pagesize) - 1)); | |
cc12f2a4 UD |
1053 | c->dataend = ph->p_vaddr + ph->p_filesz; |
1054 | c->allocend = ph->p_vaddr + ph->p_memsz; | |
410828e4 | 1055 | c->mapoff = ph->p_offset & ~(GLRO(dl_pagesize) - 1); |
cc12f2a4 | 1056 | |
6fffb9a2 UD |
1057 | /* Determine whether there is a gap between the last segment |
1058 | and this one. */ | |
1059 | if (nloadcmds > 1 && c[-1].mapend != c->mapstart) | |
1060 | has_holes = true; | |
1061 | ||
cc12f2a4 | 1062 | /* Optimize a common case. */ |
94a758fe | 1063 | #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7 |
cc12f2a4 UD |
1064 | c->prot = (PF_TO_PROT |
1065 | >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf; | |
94a758fe | 1066 | #else |
cc12f2a4 UD |
1067 | c->prot = 0; |
1068 | if (ph->p_flags & PF_R) | |
1069 | c->prot |= PROT_READ; | |
1070 | if (ph->p_flags & PF_W) | |
1071 | c->prot |= PROT_WRITE; | |
1072 | if (ph->p_flags & PF_X) | |
1073 | c->prot |= PROT_EXEC; | |
94a758fe | 1074 | #endif |
55c91021 | 1075 | break; |
96f208a4 | 1076 | |
96f208a4 | 1077 | case PT_TLS: |
2d148689 RM |
1078 | if (ph->p_memsz == 0) |
1079 | /* Nothing to do for an empty segment. */ | |
1080 | break; | |
1081 | ||
216455bc RM |
1082 | l->l_tls_blocksize = ph->p_memsz; |
1083 | l->l_tls_align = ph->p_align; | |
99fe3b0e UD |
1084 | if (ph->p_align == 0) |
1085 | l->l_tls_firstbyte_offset = 0; | |
1086 | else | |
1087 | l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1); | |
216455bc RM |
1088 | l->l_tls_initimage_size = ph->p_filesz; |
1089 | /* Since we don't know the load address yet only store the | |
1090 | offset. We will adjust it later. */ | |
1091 | l->l_tls_initimage = (void *) ph->p_vaddr; | |
1092 | ||
2d148689 RM |
1093 | /* If not loading the initial set of shared libraries, |
1094 | check whether we should permit loading a TLS segment. */ | |
216455bc | 1095 | if (__builtin_expect (l->l_type == lt_library, 1) |
850dcfca UD |
1096 | /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did |
1097 | not set up TLS data structures, so don't use them now. */ | |
1098 | || __builtin_expect (GL(dl_tls_dtv_slotinfo_list) != NULL, 1)) | |
96f208a4 | 1099 | { |
aed283dd UD |
1100 | /* Assign the next available module ID. */ |
1101 | l->l_tls_modid = _dl_next_tls_modid (); | |
2d148689 | 1102 | break; |
96f208a4 | 1103 | } |
2d148689 | 1104 | |
11bf311e | 1105 | #ifdef SHARED |
785290ea | 1106 | if (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0) |
2d148689 RM |
1107 | /* We are loading the executable itself when the dynamic linker |
1108 | was executed directly. The setup will happen later. */ | |
1109 | break; | |
216455bc RM |
1110 | |
1111 | /* In a static binary there is no way to tell if we dynamically | |
1112 | loaded libpthread. */ | |
1113 | if (GL(dl_error_catch_tsd) == &_dl_initial_error_catch_tsd) | |
11bf311e | 1114 | #endif |
216455bc RM |
1115 | { |
1116 | /* We have not yet loaded libpthread. | |
1117 | We can do the TLS setup right now! */ | |
1118 | ||
1119 | void *tcb; | |
1120 | ||
1121 | /* The first call allocates TLS bookkeeping data structures. | |
1122 | Then we allocate the TCB for the initial thread. */ | |
1123 | if (__builtin_expect (_dl_tls_setup (), 0) | |
1124 | || __builtin_expect ((tcb = _dl_allocate_tls (NULL)) == NULL, | |
1125 | 0)) | |
1126 | { | |
1127 | errval = ENOMEM; | |
1128 | errstring = N_("\ | |
1129 | cannot allocate TLS data structures for initial thread"); | |
1130 | goto call_lose; | |
1131 | } | |
1132 | ||
1133 | /* Now we install the TCB in the thread register. */ | |
fde89ad0 RM |
1134 | errstring = TLS_INIT_TP (tcb, 0); |
1135 | if (__builtin_expect (errstring == NULL, 1)) | |
216455bc RM |
1136 | { |
1137 | /* Now we are all good. */ | |
1138 | l->l_tls_modid = ++GL(dl_tls_max_dtv_idx); | |
1139 | break; | |
1140 | } | |
1141 | ||
1142 | /* The kernel is too old or somesuch. */ | |
fde89ad0 | 1143 | errval = 0; |
216455bc | 1144 | _dl_deallocate_tls (tcb, 1); |
fde89ad0 | 1145 | goto call_lose; |
216455bc | 1146 | } |
2d148689 | 1147 | |
807bce82 UD |
1148 | /* Uh-oh, the binary expects TLS support but we cannot |
1149 | provide it. */ | |
2430d57a RM |
1150 | errval = 0; |
1151 | errstring = N_("cannot handle TLS data"); | |
1152 | goto call_lose; | |
807bce82 | 1153 | break; |
ecdeaac0 RM |
1154 | |
1155 | case PT_GNU_STACK: | |
1156 | stack_flags = ph->p_flags; | |
1157 | break; | |
ed20b3d9 UD |
1158 | |
1159 | case PT_GNU_RELRO: | |
1160 | l->l_relro_addr = ph->p_vaddr; | |
1161 | l->l_relro_size = ph->p_memsz; | |
1162 | break; | |
b122c703 | 1163 | } |
d66e34cd | 1164 | |
d8a5edc2 RM |
1165 | if (__builtin_expect (nloadcmds == 0, 0)) |
1166 | { | |
1167 | /* This only happens for a bogus object that will be caught with | |
1168 | another error below. But we don't want to go through the | |
1169 | calculations below using NLOADCMDS - 1. */ | |
1170 | errstring = N_("object file has no loadable segments"); | |
1171 | goto call_lose; | |
1172 | } | |
1173 | ||
b122c703 RM |
1174 | /* Now process the load commands and map segments into memory. */ |
1175 | c = loadcmds; | |
1176 | ||
8193034b UD |
1177 | /* Length of the sections to be loaded. */ |
1178 | maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart; | |
1179 | ||
9987236e | 1180 | if (__builtin_expect (type, ET_DYN) == ET_DYN) |
b122c703 RM |
1181 | { |
1182 | /* This is a position-independent shared object. We can let the | |
1183 | kernel map it anywhere it likes, but we must have space for all | |
1184 | the segments in their specified positions relative to the first. | |
1185 | So we map the first segment without MAP_FIXED, but with its | |
22930c9b RM |
1186 | extent increased to cover all the segments. Then we remove |
1187 | access from excess portion, and there is known sufficient space | |
4cca6b86 UD |
1188 | there to remap from the later segments. |
1189 | ||
1190 | As a refinement, sometimes we have an address that we would | |
1191 | prefer to map such objects at; but this is only a preference, | |
1192 | the OS can do whatever it likes. */ | |
4cca6b86 | 1193 | ElfW(Addr) mappref; |
97fd3a30 | 1194 | mappref = (ELF_PREFERRED_ADDRESS (loader, maplength, |
afdca0f2 | 1195 | c->mapstart & GLRO(dl_use_load_bias)) |
f21acc89 | 1196 | - MAP_BASE_ADDR (l)); |
c0282c06 UD |
1197 | |
1198 | /* Remember which part of the address space this object uses. */ | |
39b3385d | 1199 | l->l_map_start = (ElfW(Addr)) __mmap ((void *) mappref, maplength, |
1773d1ba | 1200 | c->prot, |
a3fcd5e8 | 1201 | MAP_COPY|MAP_FILE, |
39b3385d | 1202 | fd, c->mapoff); |
fd77c361 | 1203 | if (__builtin_expect ((void *) l->l_map_start == MAP_FAILED, 0)) |
39b3385d UD |
1204 | { |
1205 | map_error: | |
1206 | errstring = N_("failed to map segment from shared object"); | |
1207 | goto call_lose_errno; | |
1208 | } | |
1209 | ||
c0282c06 | 1210 | l->l_map_end = l->l_map_start + maplength; |
c77ec56d | 1211 | l->l_addr = l->l_map_start - c->mapstart; |
b122c703 | 1212 | |
6fffb9a2 UD |
1213 | if (has_holes) |
1214 | /* Change protection on the excess portion to disallow all access; | |
1215 | the portions we do not remap later will be inaccessible as if | |
1216 | unallocated. Then jump into the normal segment-mapping loop to | |
1217 | handle the portion of the segment past the end of the file | |
1218 | mapping. */ | |
3fb035f6 | 1219 | __mprotect ((caddr_t) (l->l_addr + c->mapend), |
fc072bad | 1220 | loadcmds[nloadcmds - 1].mapstart - c->mapend, |
6fffb9a2 | 1221 | PROT_NONE); |
052b6a6c | 1222 | |
9be09e06 UD |
1223 | l->l_contiguous = 1; |
1224 | ||
b122c703 RM |
1225 | goto postmap; |
1226 | } | |
48da1092 | 1227 | |
efec5079 UD |
1228 | /* This object is loaded at a fixed address. This must never |
1229 | happen for objects loaded with dlopen(). */ | |
1230 | if (__builtin_expect ((mode & __RTLD_OPENEXEC) == 0, 0)) | |
1231 | { | |
1232 | errstring = N_("cannot dynamically load executable"); | |
1233 | goto call_lose; | |
4cca6b86 | 1234 | } |
b122c703 | 1235 | |
efec5079 UD |
1236 | /* Notify ELF_PREFERRED_ADDRESS that we have to load this one |
1237 | fixed. */ | |
1238 | ELF_FIXED_ADDRESS (loader, c->mapstart); | |
1239 | ||
1240 | ||
052b6a6c UD |
1241 | /* Remember which part of the address space this object uses. */ |
1242 | l->l_map_start = c->mapstart + l->l_addr; | |
1243 | l->l_map_end = l->l_map_start + maplength; | |
9be09e06 | 1244 | l->l_contiguous = !has_holes; |
052b6a6c | 1245 | |
b122c703 RM |
1246 | while (c < &loadcmds[nloadcmds]) |
1247 | { | |
39b3385d UD |
1248 | if (c->mapend > c->mapstart |
1249 | /* Map the segment contents from the file. */ | |
1250 | && (__mmap ((void *) (l->l_addr + c->mapstart), | |
1251 | c->mapend - c->mapstart, c->prot, | |
a3fcd5e8 | 1252 | MAP_FIXED|MAP_COPY|MAP_FILE, |
1773d1ba | 1253 | fd, c->mapoff) |
39b3385d UD |
1254 | == MAP_FAILED)) |
1255 | goto map_error; | |
b122c703 RM |
1256 | |
1257 | postmap: | |
eec8b6ca UD |
1258 | if (c->prot & PROT_EXEC) |
1259 | l->l_text_end = l->l_addr + c->mapend; | |
1260 | ||
7bcaca43 | 1261 | if (l->l_phdr == 0 |
6dd67bd5 UD |
1262 | && (ElfW(Off)) c->mapoff <= header->e_phoff |
1263 | && ((size_t) (c->mapend - c->mapstart + c->mapoff) | |
7bcaca43 UD |
1264 | >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr)))) |
1265 | /* Found the program header in this segment. */ | |
1266 | l->l_phdr = (void *) (c->mapstart + header->e_phoff - c->mapoff); | |
1267 | ||
b122c703 RM |
1268 | if (c->allocend > c->dataend) |
1269 | { | |
1270 | /* Extra zero pages should appear at the end of this segment, | |
1271 | after the data mapped from the file. */ | |
266180eb | 1272 | ElfW(Addr) zero, zeroend, zeropage; |
b122c703 RM |
1273 | |
1274 | zero = l->l_addr + c->dataend; | |
1275 | zeroend = l->l_addr + c->allocend; | |
afdca0f2 UD |
1276 | zeropage = ((zero + GLRO(dl_pagesize) - 1) |
1277 | & ~(GLRO(dl_pagesize) - 1)); | |
d66e34cd | 1278 | |
b122c703 RM |
1279 | if (zeroend < zeropage) |
1280 | /* All the extra data is in the last page of the segment. | |
1281 | We can just zero it. */ | |
1282 | zeropage = zeroend; | |
1283 | ||
1284 | if (zeropage > zero) | |
d66e34cd | 1285 | { |
b122c703 | 1286 | /* Zero the final part of the last page of the segment. */ |
6fffb9a2 | 1287 | if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0)) |
d66e34cd | 1288 | { |
b122c703 | 1289 | /* Dag nab it. */ |
afdca0f2 UD |
1290 | if (__mprotect ((caddr_t) (zero |
1291 | & ~(GLRO(dl_pagesize) - 1)), | |
1292 | GLRO(dl_pagesize), c->prot|PROT_WRITE) < 0) | |
39b3385d UD |
1293 | { |
1294 | errstring = N_("cannot change memory protections"); | |
1295 | goto call_lose_errno; | |
1296 | } | |
d66e34cd | 1297 | } |
55c91021 | 1298 | memset ((void *) zero, '\0', zeropage - zero); |
6fffb9a2 | 1299 | if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0)) |
afdca0f2 UD |
1300 | __mprotect ((caddr_t) (zero & ~(GLRO(dl_pagesize) - 1)), |
1301 | GLRO(dl_pagesize), c->prot); | |
b122c703 | 1302 | } |
d66e34cd | 1303 | |
b122c703 RM |
1304 | if (zeroend > zeropage) |
1305 | { | |
1306 | /* Map the remaining zero pages in from the zero fill FD. */ | |
1307 | caddr_t mapat; | |
266180eb RM |
1308 | mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage, |
1309 | c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED, | |
20739e54 | 1310 | -1, 0); |
fd77c361 | 1311 | if (__builtin_expect (mapat == MAP_FAILED, 0)) |
39b3385d UD |
1312 | { |
1313 | errstring = N_("cannot map zero-fill pages"); | |
1314 | goto call_lose_errno; | |
1315 | } | |
d66e34cd RM |
1316 | } |
1317 | } | |
d66e34cd | 1318 | |
b122c703 | 1319 | ++c; |
879bf2e6 | 1320 | } |
b122c703 | 1321 | } |
d66e34cd | 1322 | |
b122c703 RM |
1323 | if (l->l_ld == 0) |
1324 | { | |
fd77c361 | 1325 | if (__builtin_expect (type == ET_DYN, 0)) |
39b3385d UD |
1326 | { |
1327 | errstring = N_("object file has no dynamic section"); | |
1328 | goto call_lose; | |
1329 | } | |
b122c703 RM |
1330 | } |
1331 | else | |
14755b91 | 1332 | l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr); |
879bf2e6 | 1333 | |
479aa8ec | 1334 | elf_get_dynamic_info (l, NULL); |
2f54c82d | 1335 | |
efec5079 UD |
1336 | /* Make sure we are not dlopen'ing an object that has the |
1337 | DF_1_NOOPEN flag set. */ | |
2430d57a | 1338 | if (__builtin_expect (l->l_flags_1 & DF_1_NOOPEN, 0) |
2f54c82d UD |
1339 | && (mode & __RTLD_DLOPEN)) |
1340 | { | |
2f54c82d UD |
1341 | /* We are not supposed to load this object. Free all resources. */ |
1342 | __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start); | |
1343 | ||
11810621 UD |
1344 | if (!l->l_libname->dont_free) |
1345 | free (l->l_libname); | |
2f54c82d UD |
1346 | |
1347 | if (l->l_phdr_allocated) | |
1348 | free ((void *) l->l_phdr); | |
1349 | ||
fb0356b9 UD |
1350 | errstring = N_("shared object cannot be dlopen()ed"); |
1351 | goto call_lose; | |
2f54c82d UD |
1352 | } |
1353 | ||
efec5079 UD |
1354 | if (l->l_phdr == NULL) |
1355 | { | |
1356 | /* The program header is not contained in any of the segments. | |
1357 | We have to allocate memory ourself and copy it over from out | |
1358 | temporary place. */ | |
1359 | ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum | |
1360 | * sizeof (ElfW(Phdr))); | |
1361 | if (newp == NULL) | |
1362 | { | |
1363 | errstring = N_("cannot allocate memory for program header"); | |
1364 | goto call_lose_errno; | |
1365 | } | |
1366 | ||
1367 | l->l_phdr = memcpy (newp, phdr, | |
1368 | (header->e_phnum * sizeof (ElfW(Phdr)))); | |
1369 | l->l_phdr_allocated = 1; | |
1370 | } | |
1371 | else | |
1372 | /* Adjust the PT_PHDR value by the runtime load address. */ | |
1373 | l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr); | |
1374 | ||
dcca3fe2 UD |
1375 | if (__builtin_expect ((stack_flags &~ GL(dl_stack_flags)) & PF_X, 0)) |
1376 | { | |
e751d282 RM |
1377 | if (__builtin_expect (__check_caller (RETURN_ADDRESS (0), allow_ldso), |
1378 | 0) != 0) | |
1379 | { | |
1380 | errstring = N_("invalid caller"); | |
1381 | goto call_lose; | |
1382 | } | |
1383 | ||
dcca3fe2 UD |
1384 | /* The stack is presently not executable, but this module |
1385 | requires that it be executable. We must change the | |
1386 | protection of the variable which contains the flags used in | |
1387 | the mprotect calls. */ | |
11bf311e | 1388 | #ifdef SHARED |
3e539cb4 | 1389 | if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN) |
dcca3fe2 | 1390 | { |
e751d282 RM |
1391 | const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize); |
1392 | const size_t s = (uintptr_t) (&__stack_prot + 1) - p; | |
1393 | ||
1394 | struct link_map *const m = &GL(dl_rtld_map); | |
1395 | const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr | |
1396 | + m->l_relro_size) | |
1397 | & -GLRO(dl_pagesize)); | |
1398 | if (__builtin_expect (p + s <= relro_end, 1)) | |
1399 | { | |
1400 | /* The variable lies in the region protected by RELRO. */ | |
1401 | __mprotect ((void *) p, s, PROT_READ|PROT_WRITE); | |
1402 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; | |
1403 | __mprotect ((void *) p, s, PROT_READ); | |
1404 | } | |
1405 | else | |
ecc1d0c3 | 1406 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; |
dcca3fe2 UD |
1407 | } |
1408 | else | |
1409 | #endif | |
ecc1d0c3 | 1410 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; |
dcca3fe2 | 1411 | |
606832e6 UD |
1412 | #ifdef check_consistency |
1413 | check_consistency (); | |
1414 | #endif | |
1415 | ||
dcca3fe2 UD |
1416 | errval = (*GL(dl_make_stack_executable_hook)) (stack_endp); |
1417 | if (errval) | |
1418 | { | |
1419 | errstring = N_("\ | |
1420 | cannot enable executable stack as shared object requires"); | |
1421 | goto call_lose; | |
1422 | } | |
1423 | } | |
1424 | ||
efec5079 UD |
1425 | /* Adjust the address of the TLS initialization image. */ |
1426 | if (l->l_tls_initimage != NULL) | |
1427 | l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr; | |
efec5079 UD |
1428 | |
1429 | /* We are done mapping in the file. We no longer need the descriptor. */ | |
1430 | if (__builtin_expect (__close (fd) != 0, 0)) | |
1431 | { | |
1432 | errstring = N_("cannot close file descriptor"); | |
1433 | goto call_lose_errno; | |
1434 | } | |
1435 | /* Signal that we closed the file. */ | |
1436 | fd = -1; | |
1437 | ||
1438 | if (l->l_type == lt_library && type == ET_EXEC) | |
1439 | l->l_type = lt_executable; | |
1440 | ||
1441 | l->l_entry += l->l_addr; | |
1442 | ||
1443 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)) | |
1444 | _dl_debug_printf ("\ | |
1445 | dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\ | |
1446 | entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n", | |
1447 | (int) sizeof (void *) * 2, | |
1448 | (unsigned long int) l->l_ld, | |
1449 | (int) sizeof (void *) * 2, | |
1450 | (unsigned long int) l->l_addr, | |
1451 | (int) sizeof (void *) * 2, maplength, | |
1452 | (int) sizeof (void *) * 2, | |
1453 | (unsigned long int) l->l_entry, | |
1454 | (int) sizeof (void *) * 2, | |
1455 | (unsigned long int) l->l_phdr, | |
1456 | (int) sizeof (void *) * 2, l->l_phnum); | |
1457 | ||
1458 | /* Set up the symbol hash table. */ | |
1459 | _dl_setup_hash (l); | |
d66e34cd | 1460 | |
be935610 UD |
1461 | /* If this object has DT_SYMBOLIC set modify now its scope. We don't |
1462 | have to do this for the main map. */ | |
1fc07491 UD |
1463 | if ((mode & RTLD_DEEPBIND) == 0 |
1464 | && __builtin_expect (l->l_info[DT_SYMBOLIC] != NULL, 0) | |
c0a777e8 | 1465 | && &l->l_searchlist != l->l_scope[0]) |
be935610 UD |
1466 | { |
1467 | /* Create an appropriate searchlist. It contains only this map. | |
1fc07491 | 1468 | This is the definition of DT_SYMBOLIC in SysVr4. */ |
be935610 UD |
1469 | l->l_symbolic_searchlist.r_list[0] = l; |
1470 | l->l_symbolic_searchlist.r_nlist = 1; | |
be935610 UD |
1471 | |
1472 | /* Now move the existing entries one back. */ | |
c0a777e8 UD |
1473 | memmove (&l->l_scope[1], &l->l_scope[0], |
1474 | (l->l_scope_max - 1) * sizeof (l->l_scope[0])); | |
be935610 UD |
1475 | |
1476 | /* Now add the new entry. */ | |
c0a777e8 | 1477 | l->l_scope[0] = &l->l_symbolic_searchlist; |
be935610 UD |
1478 | } |
1479 | ||
5d916713 | 1480 | /* Remember whether this object must be initialized first. */ |
39b3385d | 1481 | if (l->l_flags_1 & DF_1_INITFIRST) |
d6b5d570 | 1482 | GL(dl_initfirst) = l; |
5d916713 | 1483 | |
61e0617a UD |
1484 | /* Finally the file information. */ |
1485 | l->l_dev = st.st_dev; | |
1486 | l->l_ino = st.st_ino; | |
1487 | ||
51f38e87 UD |
1488 | /* When we profile the SONAME might be needed for something else but |
1489 | loading. Add it right away. */ | |
afdca0f2 | 1490 | if (__builtin_expect (GLRO(dl_profile) != NULL, 0) |
51f38e87 UD |
1491 | && l->l_info[DT_SONAME] != NULL) |
1492 | add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB]) | |
1493 | + l->l_info[DT_SONAME]->d_un.d_val)); | |
1494 | ||
9dcafc55 UD |
1495 | #ifdef SHARED |
1496 | /* Auditing checkpoint: we have a new object. */ | |
29f97654 UD |
1497 | if (__builtin_expect (GLRO(dl_naudit) > 0, 0) |
1498 | && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing) | |
9dcafc55 UD |
1499 | { |
1500 | struct audit_ifaces *afct = GLRO(dl_audit); | |
1501 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
1502 | { | |
1503 | if (afct->objopen != NULL) | |
1504 | { | |
1505 | l->l_audit[cnt].bindflags | |
1506 | = afct->objopen (l, nsid, &l->l_audit[cnt].cookie); | |
1507 | ||
1508 | l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0; | |
1509 | } | |
1510 | ||
1511 | afct = afct->next; | |
1512 | } | |
1513 | } | |
1514 | #endif | |
1515 | ||
d66e34cd RM |
1516 | return l; |
1517 | } | |
ba79d61b | 1518 | \f |
b5efde2f UD |
1519 | /* Print search path. */ |
1520 | static void | |
1521 | print_search_path (struct r_search_path_elem **list, | |
1522 | const char *what, const char *name) | |
1523 | { | |
12264bd7 | 1524 | char buf[max_dirnamelen + max_capstrlen]; |
b5efde2f UD |
1525 | int first = 1; |
1526 | ||
154d10bd | 1527 | _dl_debug_printf (" search path="); |
b5efde2f UD |
1528 | |
1529 | while (*list != NULL && (*list)->what == what) /* Yes, ==. */ | |
1530 | { | |
12264bd7 UD |
1531 | char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen); |
1532 | size_t cnt; | |
1533 | ||
1534 | for (cnt = 0; cnt < ncapstr; ++cnt) | |
1535 | if ((*list)->status[cnt] != nonexisting) | |
1536 | { | |
1537 | char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len); | |
143e2b96 UD |
1538 | if (cp == buf || (cp == buf + 1 && buf[0] == '/')) |
1539 | cp[0] = '\0'; | |
1540 | else | |
1541 | cp[-1] = '\0'; | |
fb0356b9 UD |
1542 | |
1543 | _dl_debug_printf_c (first ? "%s" : ":%s", buf); | |
1544 | first = 0; | |
12264bd7 | 1545 | } |
b5efde2f | 1546 | |
b5efde2f UD |
1547 | ++list; |
1548 | } | |
1549 | ||
1550 | if (name != NULL) | |
35fc382a | 1551 | _dl_debug_printf_c ("\t\t(%s from file %s)\n", what, |
e6caf4e1 | 1552 | name[0] ? name : rtld_progname); |
b5efde2f | 1553 | else |
35fc382a | 1554 | _dl_debug_printf_c ("\t\t(%s)\n", what); |
b5efde2f UD |
1555 | } |
1556 | \f | |
a35e137a UD |
1557 | /* Open a file and verify it is an ELF file for this architecture. We |
1558 | ignore only ELF files for other architectures. Non-ELF files and | |
1559 | ELF files with different header information cause fatal errors since | |
1560 | this could mean there is something wrong in the installation and the | |
1561 | user might want to know about this. */ | |
1562 | static int | |
9dcafc55 | 1563 | open_verify (const char *name, struct filebuf *fbp, struct link_map *loader, |
2e0fc40c | 1564 | int whatcode, bool *found_other_class, bool free_name) |
a35e137a UD |
1565 | { |
1566 | /* This is the expected ELF header. */ | |
1567 | #define ELF32_CLASS ELFCLASS32 | |
1568 | #define ELF64_CLASS ELFCLASS64 | |
1569 | #ifndef VALID_ELF_HEADER | |
1570 | # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0) | |
1571 | # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV) | |
1572 | # define VALID_ELF_ABIVERSION(ver) (ver == 0) | |
40e2fc8b UD |
1573 | #elif defined MORE_ELF_HEADER_DATA |
1574 | MORE_ELF_HEADER_DATA; | |
a35e137a UD |
1575 | #endif |
1576 | static const unsigned char expected[EI_PAD] = | |
1577 | { | |
1578 | [EI_MAG0] = ELFMAG0, | |
1579 | [EI_MAG1] = ELFMAG1, | |
1580 | [EI_MAG2] = ELFMAG2, | |
1581 | [EI_MAG3] = ELFMAG3, | |
1582 | [EI_CLASS] = ELFW(CLASS), | |
1583 | [EI_DATA] = byteorder, | |
1584 | [EI_VERSION] = EV_CURRENT, | |
1585 | [EI_OSABI] = ELFOSABI_SYSV, | |
1586 | [EI_ABIVERSION] = 0 | |
1587 | }; | |
39b3385d UD |
1588 | static const struct |
1589 | { | |
1590 | ElfW(Word) vendorlen; | |
1591 | ElfW(Word) datalen; | |
1592 | ElfW(Word) type; | |
55c91021 | 1593 | char vendor[4]; |
a986484f | 1594 | } expected_note = { 4, 16, 1, "GNU" }; |
39b3385d UD |
1595 | /* Initialize it to make the compiler happy. */ |
1596 | const char *errstring = NULL; | |
1597 | int errval = 0; | |
a35e137a | 1598 | |
9dcafc55 UD |
1599 | #ifdef SHARED |
1600 | /* Give the auditing libraries a chance. */ | |
1601 | if (__builtin_expect (GLRO(dl_naudit) > 0, 0) && whatcode != 0 | |
1602 | && loader->l_auditing == 0) | |
1603 | { | |
1604 | struct audit_ifaces *afct = GLRO(dl_audit); | |
1605 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
1606 | { | |
1607 | if (afct->objsearch != NULL) | |
1608 | { | |
1609 | name = afct->objsearch (name, &loader->l_audit[cnt].cookie, | |
1610 | whatcode); | |
1611 | if (name == NULL) | |
1612 | /* Ignore the path. */ | |
1613 | return -1; | |
1614 | } | |
1615 | ||
1616 | afct = afct->next; | |
1617 | } | |
1618 | } | |
1619 | #endif | |
1620 | ||
a35e137a | 1621 | /* Open the file. We always open files read-only. */ |
9dcafc55 | 1622 | int fd = __open (name, O_RDONLY); |
a35e137a UD |
1623 | if (fd != -1) |
1624 | { | |
1625 | ElfW(Ehdr) *ehdr; | |
a986484f | 1626 | ElfW(Phdr) *phdr, *ph; |
2f6773b5 | 1627 | ElfW(Word) *abi_note; |
a986484f UD |
1628 | unsigned int osversion; |
1629 | size_t maplength; | |
a35e137a UD |
1630 | |
1631 | /* We successfully openened the file. Now verify it is a file | |
1632 | we can use. */ | |
1633 | __set_errno (0); | |
1634 | fbp->len = __libc_read (fd, fbp->buf, sizeof (fbp->buf)); | |
1635 | ||
1636 | /* This is where the ELF header is loaded. */ | |
1637 | assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr))); | |
1638 | ehdr = (ElfW(Ehdr) *) fbp->buf; | |
1639 | ||
1640 | /* Now run the tests. */ | |
1641 | if (__builtin_expect (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)), 0)) | |
39b3385d UD |
1642 | { |
1643 | errval = errno; | |
1644 | errstring = (errval == 0 | |
1645 | ? N_("file too short") : N_("cannot read file data")); | |
1646 | call_lose: | |
2e0fc40c UD |
1647 | if (free_name) |
1648 | { | |
1649 | char *realname = (char *) name; | |
1650 | name = strdupa (realname); | |
1651 | free (realname); | |
1652 | } | |
bca2218b | 1653 | lose (errval, fd, name, NULL, NULL, errstring, NULL); |
39b3385d | 1654 | } |
a35e137a UD |
1655 | |
1656 | /* See whether the ELF header is what we expect. */ | |
1657 | if (__builtin_expect (! VALID_ELF_HEADER (ehdr->e_ident, expected, | |
1658 | EI_PAD), 0)) | |
1659 | { | |
1660 | /* Something is wrong. */ | |
6cc8844f UD |
1661 | const Elf32_Word *magp = (const void *) ehdr->e_ident; |
1662 | if (*magp != | |
a35e137a UD |
1663 | #if BYTE_ORDER == LITTLE_ENDIAN |
1664 | ((ELFMAG0 << (EI_MAG0 * 8)) | | |
1665 | (ELFMAG1 << (EI_MAG1 * 8)) | | |
1666 | (ELFMAG2 << (EI_MAG2 * 8)) | | |
1667 | (ELFMAG3 << (EI_MAG3 * 8))) | |
1668 | #else | |
1669 | ((ELFMAG0 << (EI_MAG3 * 8)) | | |
1670 | (ELFMAG1 << (EI_MAG2 * 8)) | | |
1671 | (ELFMAG2 << (EI_MAG1 * 8)) | | |
1672 | (ELFMAG3 << (EI_MAG0 * 8))) | |
1673 | #endif | |
1674 | ) | |
39b3385d UD |
1675 | errstring = N_("invalid ELF header"); |
1676 | else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS)) | |
7f71c55d UD |
1677 | { |
1678 | /* This is not a fatal error. On architectures where | |
1679 | 32-bit and 64-bit binaries can be run this might | |
1680 | happen. */ | |
1681 | *found_other_class = true; | |
1682 | goto close_and_out; | |
1683 | } | |
39b3385d | 1684 | else if (ehdr->e_ident[EI_DATA] != byteorder) |
a35e137a UD |
1685 | { |
1686 | if (BYTE_ORDER == BIG_ENDIAN) | |
39b3385d | 1687 | errstring = N_("ELF file data encoding not big-endian"); |
a35e137a | 1688 | else |
39b3385d | 1689 | errstring = N_("ELF file data encoding not little-endian"); |
a35e137a | 1690 | } |
39b3385d UD |
1691 | else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT) |
1692 | errstring | |
1693 | = N_("ELF file version ident does not match current one"); | |
a35e137a UD |
1694 | /* XXX We should be able so set system specific versions which are |
1695 | allowed here. */ | |
39b3385d UD |
1696 | else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI])) |
1697 | errstring = N_("ELF file OS ABI invalid"); | |
1698 | else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_ABIVERSION])) | |
1699 | errstring = N_("ELF file ABI version invalid"); | |
1700 | else | |
1701 | /* Otherwise we don't know what went wrong. */ | |
1702 | errstring = N_("internal error"); | |
1703 | ||
1704 | goto call_lose; | |
a35e137a UD |
1705 | } |
1706 | ||
1707 | if (__builtin_expect (ehdr->e_version, EV_CURRENT) != EV_CURRENT) | |
39b3385d UD |
1708 | { |
1709 | errstring = N_("ELF file version does not match current one"); | |
1710 | goto call_lose; | |
1711 | } | |
a35e137a | 1712 | if (! __builtin_expect (elf_machine_matches_host (ehdr), 1)) |
a986484f | 1713 | goto close_and_out; |
9987236e UD |
1714 | else if (__builtin_expect (ehdr->e_type, ET_DYN) != ET_DYN |
1715 | && __builtin_expect (ehdr->e_type, ET_EXEC) != ET_EXEC) | |
39b3385d UD |
1716 | { |
1717 | errstring = N_("only ET_DYN and ET_EXEC can be loaded"); | |
1718 | goto call_lose; | |
1719 | } | |
5ce98c3f UD |
1720 | else if (__builtin_expect (ehdr->e_phentsize, sizeof (ElfW(Phdr))) |
1721 | != sizeof (ElfW(Phdr))) | |
1722 | { | |
1723 | errstring = N_("ELF file's phentsize not the expected size"); | |
1724 | goto call_lose; | |
1725 | } | |
a986484f UD |
1726 | |
1727 | maplength = ehdr->e_phnum * sizeof (ElfW(Phdr)); | |
6dd67bd5 | 1728 | if (ehdr->e_phoff + maplength <= (size_t) fbp->len) |
a986484f UD |
1729 | phdr = (void *) (fbp->buf + ehdr->e_phoff); |
1730 | else | |
1731 | { | |
1732 | phdr = alloca (maplength); | |
0e15c4b6 | 1733 | __lseek (fd, ehdr->e_phoff, SEEK_SET); |
6dd67bd5 | 1734 | if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength) |
39b3385d UD |
1735 | { |
1736 | read_error: | |
1737 | errval = errno; | |
1738 | errstring = N_("cannot read file data"); | |
1739 | goto call_lose; | |
1740 | } | |
a986484f UD |
1741 | } |
1742 | ||
1743 | /* Check .note.ABI-tag if present. */ | |
1744 | for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph) | |
2f6773b5 | 1745 | if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4) |
a986484f | 1746 | { |
2f6773b5 UD |
1747 | ElfW(Addr) size = ph->p_filesz; |
1748 | ||
1749 | if (ph->p_offset + size <= (size_t) fbp->len) | |
a986484f UD |
1750 | abi_note = (void *) (fbp->buf + ph->p_offset); |
1751 | else | |
1752 | { | |
2f6773b5 | 1753 | abi_note = alloca (size); |
0e15c4b6 | 1754 | __lseek (fd, ph->p_offset, SEEK_SET); |
2f6773b5 | 1755 | if (__libc_read (fd, (void *) abi_note, size) != size) |
39b3385d | 1756 | goto read_error; |
2f6773b5 UD |
1757 | } |
1758 | ||
1759 | while (memcmp (abi_note, &expected_note, sizeof (expected_note))) | |
1760 | { | |
1761 | #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word))) | |
1762 | ElfW(Addr) note_size = 3 * sizeof (ElfW(Word)) | |
1763 | + ROUND (abi_note[0]) | |
1764 | + ROUND (abi_note[1]); | |
39b3385d | 1765 | |
2f6773b5 UD |
1766 | if (size - 32 < note_size) |
1767 | { | |
1768 | size = 0; | |
1769 | break; | |
1770 | } | |
1771 | size -= note_size; | |
1772 | abi_note = (void *) abi_note + note_size; | |
a986484f UD |
1773 | } |
1774 | ||
2f6773b5 | 1775 | if (size == 0) |
a986484f UD |
1776 | continue; |
1777 | ||
55c91021 UD |
1778 | osversion = (abi_note[5] & 0xff) * 65536 |
1779 | + (abi_note[6] & 0xff) * 256 | |
1780 | + (abi_note[7] & 0xff); | |
1781 | if (abi_note[4] != __ABI_TAG_OS | |
afdca0f2 | 1782 | || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion)) |
a986484f UD |
1783 | { |
1784 | close_and_out: | |
1785 | __close (fd); | |
1786 | __set_errno (ENOENT); | |
1787 | fd = -1; | |
1788 | } | |
1789 | ||
1790 | break; | |
1791 | } | |
a35e137a UD |
1792 | } |
1793 | ||
1794 | return fd; | |
1795 | } | |
1796 | \f | |
04ea3b0f | 1797 | /* Try to open NAME in one of the directories in *DIRSP. |
ba79d61b | 1798 | Return the fd, or -1. If successful, fill in *REALNAME |
04ea3b0f UD |
1799 | with the malloc'd full directory name. If it turns out |
1800 | that none of the directories in *DIRSP exists, *DIRSP is | |
1801 | replaced with (void *) -1, and the old value is free()d | |
1802 | if MAY_FREE_DIRS is true. */ | |
ba79d61b RM |
1803 | |
1804 | static int | |
c6222ab9 | 1805 | open_path (const char *name, size_t namelen, int preloaded, |
a35e137a | 1806 | struct r_search_path_struct *sps, char **realname, |
7f71c55d UD |
1807 | struct filebuf *fbp, struct link_map *loader, int whatcode, |
1808 | bool *found_other_class) | |
ba79d61b | 1809 | { |
f55727ca | 1810 | struct r_search_path_elem **dirs = sps->dirs; |
ba79d61b | 1811 | char *buf; |
0a54e401 | 1812 | int fd = -1; |
b5efde2f | 1813 | const char *current_what = NULL; |
152e7964 | 1814 | int any = 0; |
ba79d61b | 1815 | |
ab1d521d RM |
1816 | if (__builtin_expect (dirs == NULL, 0)) |
1817 | /* We're called before _dl_init_paths when loading the main executable | |
1818 | given on the command line when rtld is run directly. */ | |
1819 | return -1; | |
1820 | ||
5431ece5 | 1821 | buf = alloca (max_dirnamelen + max_capstrlen + namelen); |
ba79d61b RM |
1822 | do |
1823 | { | |
0a54e401 UD |
1824 | struct r_search_path_elem *this_dir = *dirs; |
1825 | size_t buflen = 0; | |
12264bd7 | 1826 | size_t cnt; |
b0b67c47 | 1827 | char *edp; |
f5858039 | 1828 | int here_any = 0; |
55c91021 | 1829 | int err; |
ba79d61b | 1830 | |
b5efde2f UD |
1831 | /* If we are debugging the search for libraries print the path |
1832 | now if it hasn't happened now. */ | |
afdca0f2 | 1833 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0) |
cf197e41 | 1834 | && current_what != this_dir->what) |
b5efde2f UD |
1835 | { |
1836 | current_what = this_dir->what; | |
1837 | print_search_path (dirs, current_what, this_dir->where); | |
1838 | } | |
1839 | ||
b0b67c47 | 1840 | edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen); |
12264bd7 | 1841 | for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt) |
fd26970f | 1842 | { |
12264bd7 UD |
1843 | /* Skip this directory if we know it does not exist. */ |
1844 | if (this_dir->status[cnt] == nonexisting) | |
1845 | continue; | |
0a54e401 | 1846 | |
12264bd7 | 1847 | buflen = |
d6b5d570 UD |
1848 | ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str, |
1849 | capstr[cnt].len), | |
12264bd7 UD |
1850 | name, namelen) |
1851 | - buf); | |
1852 | ||
1853 | /* Print name we try if this is wanted. */ | |
afdca0f2 | 1854 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0)) |
154d10bd | 1855 | _dl_debug_printf (" trying file=%s\n", buf); |
b5efde2f | 1856 | |
2e0fc40c UD |
1857 | fd = open_verify (buf, fbp, loader, whatcode, found_other_class, |
1858 | false); | |
12264bd7 | 1859 | if (this_dir->status[cnt] == unknown) |
6e4c40ba UD |
1860 | { |
1861 | if (fd != -1) | |
1862 | this_dir->status[cnt] = existing; | |
9dcafc55 UD |
1863 | /* Do not update the directory information when loading |
1864 | auditing code. We must try to disturb the program as | |
1865 | little as possible. */ | |
1866 | else if (loader == NULL | |
361a3706 | 1867 | || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0) |
6e4c40ba UD |
1868 | { |
1869 | /* We failed to open machine dependent library. Let's | |
1870 | test whether there is any directory at all. */ | |
5763742f | 1871 | struct stat64 st; |
6e4c40ba UD |
1872 | |
1873 | buf[buflen - namelen - 1] = '\0'; | |
1874 | ||
5763742f | 1875 | if (__xstat64 (_STAT_VER, buf, &st) != 0 |
6e4c40ba UD |
1876 | || ! S_ISDIR (st.st_mode)) |
1877 | /* The directory does not exist or it is no directory. */ | |
1878 | this_dir->status[cnt] = nonexisting; | |
1879 | else | |
1880 | this_dir->status[cnt] = existing; | |
1881 | } | |
1882 | } | |
fd26970f | 1883 | |
152e7964 | 1884 | /* Remember whether we found any existing directory. */ |
9dcafc55 | 1885 | here_any |= this_dir->status[cnt] != nonexisting; |
152e7964 | 1886 | |
55c91021 | 1887 | if (fd != -1 && __builtin_expect (preloaded, 0) |
e6caf4e1 | 1888 | && INTUSE(__libc_enable_secure)) |
c6222ab9 UD |
1889 | { |
1890 | /* This is an extra security effort to make sure nobody can | |
1891 | preload broken shared objects which are in the trusted | |
1892 | directories and so exploit the bugs. */ | |
5763742f | 1893 | struct stat64 st; |
c6222ab9 | 1894 | |
5763742f | 1895 | if (__fxstat64 (_STAT_VER, fd, &st) != 0 |
c6222ab9 UD |
1896 | || (st.st_mode & S_ISUID) == 0) |
1897 | { | |
1898 | /* The shared object cannot be tested for being SUID | |
1899 | or this bit is not set. In this case we must not | |
1900 | use this object. */ | |
1901 | __close (fd); | |
1902 | fd = -1; | |
1903 | /* We simply ignore the file, signal this by setting | |
1904 | the error value which would have been set by `open'. */ | |
1905 | errno = ENOENT; | |
1906 | } | |
1907 | } | |
ba79d61b RM |
1908 | } |
1909 | ||
ba79d61b RM |
1910 | if (fd != -1) |
1911 | { | |
2f653c01 | 1912 | *realname = (char *) malloc (buflen); |
c6222ab9 | 1913 | if (*realname != NULL) |
ba79d61b RM |
1914 | { |
1915 | memcpy (*realname, buf, buflen); | |
1916 | return fd; | |
1917 | } | |
1918 | else | |
1919 | { | |
1920 | /* No memory for the name, we certainly won't be able | |
1921 | to load and link it. */ | |
1922 | __close (fd); | |
1923 | return -1; | |
1924 | } | |
1925 | } | |
55c91021 | 1926 | if (here_any && (err = errno) != ENOENT && err != EACCES) |
ba79d61b RM |
1927 | /* The file exists and is readable, but something went wrong. */ |
1928 | return -1; | |
f5858039 UD |
1929 | |
1930 | /* Remember whether we found anything. */ | |
1931 | any |= here_any; | |
ba79d61b | 1932 | } |
0a54e401 | 1933 | while (*++dirs != NULL); |
ba79d61b | 1934 | |
152e7964 | 1935 | /* Remove the whole path if none of the directories exists. */ |
55c91021 | 1936 | if (__builtin_expect (! any, 0)) |
152e7964 | 1937 | { |
04ea3b0f UD |
1938 | /* Paths which were allocated using the minimal malloc() in ld.so |
1939 | must not be freed using the general free() in libc. */ | |
f55727ca UD |
1940 | if (sps->malloced) |
1941 | free (sps->dirs); | |
11bf311e | 1942 | |
ecc1d0c3 UD |
1943 | /* rtld_search_dirs is attribute_relro, therefore avoid writing |
1944 | into it. */ | |
1945 | if (sps != &rtld_search_dirs) | |
ecc1d0c3 | 1946 | sps->dirs = (void *) -1; |
152e7964 UD |
1947 | } |
1948 | ||
ba79d61b RM |
1949 | return -1; |
1950 | } | |
1951 | ||
1952 | /* Map in the shared object file NAME. */ | |
1953 | ||
1954 | struct link_map * | |
d0fc4041 | 1955 | internal_function |
c6222ab9 | 1956 | _dl_map_object (struct link_map *loader, const char *name, int preloaded, |
c0f62c56 | 1957 | int type, int trace_mode, int mode, Lmid_t nsid) |
ba79d61b RM |
1958 | { |
1959 | int fd; | |
1960 | char *realname; | |
14bab8de | 1961 | char *name_copy; |
ba79d61b | 1962 | struct link_map *l; |
a35e137a | 1963 | struct filebuf fb; |
ba79d61b | 1964 | |
c0f62c56 | 1965 | assert (nsid >= 0); |
22c83193 | 1966 | assert (nsid < GL(dl_nns)); |
c0f62c56 | 1967 | |
ba79d61b | 1968 | /* Look for this name among those already loaded. */ |
c0f62c56 | 1969 | for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next) |
f41c8091 UD |
1970 | { |
1971 | /* If the requested name matches the soname of a loaded object, | |
1972 | use that object. Elide this check for names that have not | |
1973 | yet been opened. */ | |
20fe49b9 UD |
1974 | if (__builtin_expect (l->l_faked, 0) != 0 |
1975 | || __builtin_expect (l->l_removed, 0) != 0) | |
f41c8091 UD |
1976 | continue; |
1977 | if (!_dl_name_match_p (name, l)) | |
1978 | { | |
1979 | const char *soname; | |
1980 | ||
c91bc73e UD |
1981 | if (__builtin_expect (l->l_soname_added, 1) |
1982 | || l->l_info[DT_SONAME] == NULL) | |
f41c8091 UD |
1983 | continue; |
1984 | ||
8699e7b1 UD |
1985 | soname = ((const char *) D_PTR (l, l_info[DT_STRTAB]) |
1986 | + l->l_info[DT_SONAME]->d_un.d_val); | |
f41c8091 UD |
1987 | if (strcmp (name, soname) != 0) |
1988 | continue; | |
1989 | ||
1990 | /* We have a match on a new name -- cache it. */ | |
76156ea1 | 1991 | add_name_to_object (l, soname); |
c91bc73e | 1992 | l->l_soname_added = 1; |
f41c8091 UD |
1993 | } |
1994 | ||
42c4f32a | 1995 | /* We have a match. */ |
f41c8091 UD |
1996 | return l; |
1997 | } | |
ba79d61b | 1998 | |
8193034b | 1999 | /* Display information if we are debugging. */ |
afdca0f2 | 2000 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0) |
7969407a | 2001 | && loader != NULL) |
c0f62c56 | 2002 | _dl_debug_printf ("\nfile=%s [%lu]; needed by %s [%lu]\n", name, nsid, |
e6caf4e1 | 2003 | loader->l_name[0] |
c0f62c56 | 2004 | ? loader->l_name : rtld_progname, loader->l_ns); |
8193034b | 2005 | |
9dcafc55 UD |
2006 | #ifdef SHARED |
2007 | /* Give the auditing libraries a chance to change the name before we | |
2008 | try anything. */ | |
2009 | if (__builtin_expect (GLRO(dl_naudit) > 0, 0) | |
2010 | && (loader == NULL || loader->l_auditing == 0)) | |
2011 | { | |
2012 | struct audit_ifaces *afct = GLRO(dl_audit); | |
2013 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
2014 | { | |
2015 | if (afct->objsearch != NULL) | |
2016 | { | |
2017 | name = afct->objsearch (name, &loader->l_audit[cnt].cookie, | |
2018 | LA_SER_ORIG); | |
2019 | if (name == NULL) | |
2020 | { | |
2021 | /* Do not try anything further. */ | |
2022 | fd = -1; | |
2023 | goto no_file; | |
2024 | } | |
2025 | } | |
2026 | ||
2027 | afct = afct->next; | |
2028 | } | |
2029 | } | |
2030 | #endif | |
2031 | ||
7f71c55d UD |
2032 | /* Will be true if we found a DSO which is of the other ELF class. */ |
2033 | bool found_other_class = false; | |
2034 | ||
ba79d61b RM |
2035 | if (strchr (name, '/') == NULL) |
2036 | { | |
2037 | /* Search for NAME in several places. */ | |
2038 | ||
2039 | size_t namelen = strlen (name) + 1; | |
2040 | ||
afdca0f2 | 2041 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0)) |
c0f62c56 | 2042 | _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid); |
b5efde2f | 2043 | |
ba79d61b | 2044 | fd = -1; |
a23db8e4 | 2045 | |
fcf70d41 UD |
2046 | /* When the object has the RUNPATH information we don't use any |
2047 | RPATHs. */ | |
4c540916 | 2048 | if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL) |
fcf70d41 | 2049 | { |
a1f0de82 UD |
2050 | /* This is the executable's map (if there is one). Make sure that |
2051 | we do not look at it twice. */ | |
2052 | struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded; | |
2053 | bool did_main_map = false; | |
2054 | ||
fcf70d41 UD |
2055 | /* First try the DT_RPATH of the dependent object that caused NAME |
2056 | to be loaded. Then that object's dependent, and on up. */ | |
a1f0de82 | 2057 | for (l = loader; l; l = l->l_loader) |
45e4762c | 2058 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) |
a1f0de82 UD |
2059 | { |
2060 | fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs, | |
2061 | &realname, &fb, loader, LA_SER_RUNPATH, | |
2062 | &found_other_class); | |
2063 | if (fd != -1) | |
2064 | break; | |
2065 | ||
2066 | did_main_map |= l == main_map; | |
2067 | } | |
0a54e401 | 2068 | |
fcf70d41 | 2069 | /* If dynamically linked, try the DT_RPATH of the executable |
c0f62c56 | 2070 | itself. NB: we do this for lookups in any namespace. */ |
a1f0de82 UD |
2071 | if (fd == -1 && !did_main_map |
2072 | && main_map != NULL && main_map->l_type != lt_loaded | |
2073 | && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH, | |
2074 | "RPATH")) | |
2075 | fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs, | |
2076 | &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, | |
2077 | &found_other_class); | |
fcf70d41 | 2078 | } |
fd26970f | 2079 | |
7ef90c15 | 2080 | /* Try the LD_LIBRARY_PATH environment variable. */ |
f55727ca UD |
2081 | if (fd == -1 && env_path_list.dirs != (void *) -1) |
2082 | fd = open_path (name, namelen, preloaded, &env_path_list, | |
9dcafc55 UD |
2083 | &realname, &fb, |
2084 | loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, | |
7f71c55d | 2085 | LA_SER_LIBPATH, &found_other_class); |
40a55d20 | 2086 | |
45e4762c RM |
2087 | /* Look at the RUNPATH information for this binary. */ |
2088 | if (fd == -1 && loader != NULL | |
2089 | && cache_rpath (loader, &loader->l_runpath_dirs, | |
2090 | DT_RUNPATH, "RUNPATH")) | |
2091 | fd = open_path (name, namelen, preloaded, | |
9dcafc55 | 2092 | &loader->l_runpath_dirs, &realname, &fb, loader, |
7f71c55d | 2093 | LA_SER_RUNPATH, &found_other_class); |
fcf70d41 | 2094 | |
55c91021 | 2095 | if (fd == -1 |
e6caf4e1 UD |
2096 | && (__builtin_expect (! preloaded, 1) |
2097 | || ! INTUSE(__libc_enable_secure))) | |
f18edac3 RM |
2098 | { |
2099 | /* Check the list of libraries in the file /etc/ld.so.cache, | |
2100 | for compatibility with Linux's ldconfig program. */ | |
f18edac3 | 2101 | const char *cached = _dl_load_cache_lookup (name); |
0f6b172f | 2102 | |
2f653c01 UD |
2103 | if (cached != NULL) |
2104 | { | |
0f6b172f | 2105 | #ifdef SHARED |
c0f62c56 UD |
2106 | // XXX Correct to unconditionally default to namespace 0? |
2107 | l = loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded; | |
0f6b172f | 2108 | #else |
2f653c01 | 2109 | l = loader; |
0f6b172f UD |
2110 | #endif |
2111 | ||
266bb989 UD |
2112 | /* If the loader has the DF_1_NODEFLIB flag set we must not |
2113 | use a cache entry from any of these directories. */ | |
2f653c01 UD |
2114 | if ( |
2115 | #ifndef SHARED | |
2116 | /* 'l' is always != NULL for dynamically linked objects. */ | |
2117 | l != NULL && | |
2118 | #endif | |
2119 | __builtin_expect (l->l_flags_1 & DF_1_NODEFLIB, 0)) | |
266bb989 UD |
2120 | { |
2121 | const char *dirp = system_dirs; | |
2e47aff5 | 2122 | unsigned int cnt = 0; |
266bb989 UD |
2123 | |
2124 | do | |
2125 | { | |
2126 | if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0) | |
2127 | { | |
2128 | /* The prefix matches. Don't use the entry. */ | |
2129 | cached = NULL; | |
2130 | break; | |
2131 | } | |
2132 | ||
2133 | dirp += system_dirs_len[cnt] + 1; | |
2134 | ++cnt; | |
2135 | } | |
4a6d1198 | 2136 | while (cnt < nsystem_dirs_len); |
266bb989 UD |
2137 | } |
2138 | ||
2f653c01 | 2139 | if (cached != NULL) |
f18edac3 | 2140 | { |
9dcafc55 UD |
2141 | fd = open_verify (cached, |
2142 | &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded, | |
2e0fc40c | 2143 | LA_SER_CONFIG, &found_other_class, false); |
2f653c01 | 2144 | if (__builtin_expect (fd != -1, 1)) |
f18edac3 | 2145 | { |
266bb989 UD |
2146 | realname = local_strdup (cached); |
2147 | if (realname == NULL) | |
2148 | { | |
2149 | __close (fd); | |
2150 | fd = -1; | |
2151 | } | |
f18edac3 RM |
2152 | } |
2153 | } | |
2154 | } | |
2155 | } | |
0a54e401 | 2156 | |
a23db8e4 | 2157 | /* Finally, try the default path. */ |
266bb989 | 2158 | if (fd == -1 |
c0f62c56 | 2159 | && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL |
db2ebcef | 2160 | || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1)) |
f55727ca UD |
2161 | && rtld_search_dirs.dirs != (void *) -1) |
2162 | fd = open_path (name, namelen, preloaded, &rtld_search_dirs, | |
7f71c55d | 2163 | &realname, &fb, l, LA_SER_DEFAULT, &found_other_class); |
b5efde2f | 2164 | |
fd77c361 | 2165 | /* Add another newline when we are tracing the library loading. */ |
afdca0f2 | 2166 | if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0)) |
154d10bd | 2167 | _dl_debug_printf ("\n"); |
ba79d61b RM |
2168 | } |
2169 | else | |
2170 | { | |
f787edde UD |
2171 | /* The path may contain dynamic string tokens. */ |
2172 | realname = (loader | |
2173 | ? expand_dynamic_string_token (loader, name) | |
2174 | : local_strdup (name)); | |
2175 | if (realname == NULL) | |
2176 | fd = -1; | |
2177 | else | |
ba79d61b | 2178 | { |
9dcafc55 | 2179 | fd = open_verify (realname, &fb, |
7f71c55d | 2180 | loader ?: GL(dl_ns)[nsid]._ns_loaded, 0, |
2e0fc40c | 2181 | &found_other_class, true); |
55c91021 | 2182 | if (__builtin_expect (fd, 0) == -1) |
f787edde | 2183 | free (realname); |
ba79d61b RM |
2184 | } |
2185 | } | |
2186 | ||
9dcafc55 UD |
2187 | #ifdef SHARED |
2188 | no_file: | |
2189 | #endif | |
c14e9135 UD |
2190 | /* In case the LOADER information has only been provided to get to |
2191 | the appropriate RUNPATH/RPATH information we do not need it | |
2192 | anymore. */ | |
2193 | if (mode & __RTLD_CALLMAP) | |
2194 | loader = NULL; | |
2195 | ||
55c91021 | 2196 | if (__builtin_expect (fd, 0) == -1) |
46ec036d | 2197 | { |
32e6df36 | 2198 | if (trace_mode |
afdca0f2 | 2199 | && __builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_PRELINK, 0) == 0) |
46ec036d UD |
2200 | { |
2201 | /* We haven't found an appropriate library. But since we | |
2202 | are only interested in the list of libraries this isn't | |
2203 | so severe. Fake an entry with all the information we | |
1ef32c3d | 2204 | have. */ |
a1eca9f3 | 2205 | static const Elf_Symndx dummy_bucket = STN_UNDEF; |
46ec036d UD |
2206 | |
2207 | /* Enter the new object in the list of loaded objects. */ | |
2208 | if ((name_copy = local_strdup (name)) == NULL | |
1fc07491 | 2209 | || (l = _dl_new_object (name_copy, name, type, loader, |
c0f62c56 | 2210 | mode, nsid)) == NULL) |
2e0fc40c UD |
2211 | { |
2212 | free (name_copy); | |
2213 | _dl_signal_error (ENOMEM, name, NULL, | |
2214 | N_("cannot create shared object descriptor")); | |
2215 | } | |
a881e0a0 UD |
2216 | /* Signal that this is a faked entry. */ |
2217 | l->l_faked = 1; | |
2218 | /* Since the descriptor is initialized with zero we do not | |
126b06f9 | 2219 | have do this here. |
126b06f9 | 2220 | l->l_reserved = 0; */ |
fd26970f UD |
2221 | l->l_buckets = &dummy_bucket; |
2222 | l->l_nbuckets = 1; | |
2223 | l->l_relocated = 1; | |
2224 | ||
2225 | return l; | |
46ec036d | 2226 | } |
7f71c55d UD |
2227 | else if (found_other_class) |
2228 | _dl_signal_error (0, name, NULL, | |
2229 | ELFW(CLASS) == ELFCLASS32 | |
2230 | ? N_("wrong ELF class: ELFCLASS64") | |
2231 | : N_("wrong ELF class: ELFCLASS32")); | |
46ec036d | 2232 | else |
154d10bd UD |
2233 | _dl_signal_error (errno, name, NULL, |
2234 | N_("cannot open shared object file")); | |
46ec036d | 2235 | } |
ba79d61b | 2236 | |
d1fc817e UD |
2237 | void *stack_end = __libc_stack_end; |
2238 | return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode, | |
c0f62c56 | 2239 | &stack_end, nsid); |
ba79d61b | 2240 | } |
154d10bd | 2241 | |
45e4762c RM |
2242 | |
2243 | void | |
2244 | internal_function | |
2245 | _dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting) | |
2246 | { | |
2247 | if (counting) | |
2248 | { | |
2249 | si->dls_cnt = 0; | |
2250 | si->dls_size = 0; | |
2251 | } | |
2252 | ||
2253 | unsigned int idx = 0; | |
2254 | char *allocptr = (char *) &si->dls_serpath[si->dls_cnt]; | |
dd9423a6 | 2255 | void add_path (const struct r_search_path_struct *sps, unsigned int flags) |
45e4762c RM |
2256 | # define add_path(sps, flags) add_path(sps, 0) /* XXX */ |
2257 | { | |
2258 | if (sps->dirs != (void *) -1) | |
2259 | { | |
2260 | struct r_search_path_elem **dirs = sps->dirs; | |
2261 | do | |
2262 | { | |
2263 | const struct r_search_path_elem *const r = *dirs++; | |
2264 | if (counting) | |
2265 | { | |
2266 | si->dls_cnt++; | |
88197030 | 2267 | si->dls_size += MAX (2, r->dirnamelen); |
45e4762c RM |
2268 | } |
2269 | else | |
2270 | { | |
2271 | Dl_serpath *const sp = &si->dls_serpath[idx++]; | |
2272 | sp->dls_name = allocptr; | |
1c298d08 UD |
2273 | if (r->dirnamelen < 2) |
2274 | *allocptr++ = r->dirnamelen ? '/' : '.'; | |
2275 | else | |
2276 | allocptr = __mempcpy (allocptr, | |
2277 | r->dirname, r->dirnamelen - 1); | |
45e4762c RM |
2278 | *allocptr++ = '\0'; |
2279 | sp->dls_flags = flags; | |
2280 | } | |
2281 | } | |
2282 | while (*dirs != NULL); | |
2283 | } | |
2284 | } | |
2285 | ||
2286 | /* When the object has the RUNPATH information we don't use any RPATHs. */ | |
2287 | if (loader->l_info[DT_RUNPATH] == NULL) | |
2288 | { | |
2289 | /* First try the DT_RPATH of the dependent object that caused NAME | |
2290 | to be loaded. Then that object's dependent, and on up. */ | |
2291 | ||
2292 | struct link_map *l = loader; | |
2293 | do | |
2294 | { | |
2295 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) | |
2296 | add_path (&l->l_rpath_dirs, XXX_RPATH); | |
2297 | l = l->l_loader; | |
2298 | } | |
2299 | while (l != NULL); | |
2300 | ||
2301 | /* If dynamically linked, try the DT_RPATH of the executable itself. */ | |
c0f62c56 UD |
2302 | if (loader->l_ns == LM_ID_BASE) |
2303 | { | |
2304 | l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; | |
2305 | if (l != NULL && l->l_type != lt_loaded && l != loader) | |
2306 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) | |
2307 | add_path (&l->l_rpath_dirs, XXX_RPATH); | |
2308 | } | |
45e4762c RM |
2309 | } |
2310 | ||
2311 | /* Try the LD_LIBRARY_PATH environment variable. */ | |
2312 | add_path (&env_path_list, XXX_ENV); | |
2313 | ||
2314 | /* Look at the RUNPATH information for this binary. */ | |
2315 | if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH")) | |
2316 | add_path (&loader->l_runpath_dirs, XXX_RUNPATH); | |
2317 | ||
2318 | /* XXX | |
2319 | Here is where ld.so.cache gets checked, but we don't have | |
2320 | a way to indicate that in the results for Dl_serinfo. */ | |
2321 | ||
2322 | /* Finally, try the default path. */ | |
2323 | if (!(loader->l_flags_1 & DF_1_NODEFLIB)) | |
2324 | add_path (&rtld_search_dirs, XXX_default); | |
2325 | ||
2326 | if (counting) | |
2327 | /* Count the struct size before the string area, which we didn't | |
2328 | know before we completed dls_cnt. */ | |
2329 | si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si; | |
2330 | } |