]>
Commit | Line | Data |
---|---|---|
0a54e401 | 1 | /* Map in a shared object's segments from the file. |
bfff8b1b | 2 | Copyright (C) 1995-2017 Free Software Foundation, Inc. |
afd4eb37 | 3 | This file is part of the GNU C Library. |
d66e34cd | 4 | |
afd4eb37 | 5 | The GNU C Library is free software; you can redistribute it and/or |
41bdb6e2 AJ |
6 | modify it under the terms of the GNU Lesser General Public |
7 | License as published by the Free Software Foundation; either | |
8 | version 2.1 of the License, or (at your option) any later version. | |
d66e34cd | 9 | |
afd4eb37 UD |
10 | The GNU C Library is distributed in the hope that it will be useful, |
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
41bdb6e2 | 13 | Lesser General Public License for more details. |
d66e34cd | 14 | |
41bdb6e2 | 15 | You should have received a copy of the GNU Lesser General Public |
59ba27a6 PE |
16 | License along with the GNU C Library; if not, see |
17 | <http://www.gnu.org/licenses/>. */ | |
d66e34cd | 18 | |
14e9dd67 | 19 | #include <elf.h> |
0a54e401 UD |
20 | #include <errno.h> |
21 | #include <fcntl.h> | |
8e17ea58 | 22 | #include <libintl.h> |
379d4ec4 | 23 | #include <stdbool.h> |
0a54e401 | 24 | #include <stdlib.h> |
d66e34cd | 25 | #include <string.h> |
d66e34cd | 26 | #include <unistd.h> |
a42195db | 27 | #include <ldsodefs.h> |
ca97fb53 | 28 | #include <bits/wordsize.h> |
0a54e401 | 29 | #include <sys/mman.h> |
f8f7e090 | 30 | #include <sys/param.h> |
0a54e401 UD |
31 | #include <sys/stat.h> |
32 | #include <sys/types.h> | |
d66e34cd | 33 | #include "dynamic-link.h" |
a986484f | 34 | #include <abi-tag.h> |
664e7d93 | 35 | #include <stackinfo.h> |
703ccc12 | 36 | #include <caller.h> |
606832e6 | 37 | #include <sysdep.h> |
815e6fa3 | 38 | #include <stap-probe.h> |
60084e34 | 39 | #include <libc-internal.h> |
d66e34cd | 40 | |
dc5efe83 | 41 | #include <dl-dst.h> |
fcccd512 RM |
42 | #include <dl-load.h> |
43 | #include <dl-map-segments.h> | |
44 | #include <dl-unmap-segments.h> | |
d6f373d2 | 45 | #include <dl-machine-reject-phdr.h> |
c0d6f2a3 | 46 | #include <dl-sysdep-open.h> |
f21acc89 | 47 | |
9b8a44cd | 48 | |
d66e34cd RM |
49 | #include <endian.h> |
50 | #if BYTE_ORDER == BIG_ENDIAN | |
fcf70d41 | 51 | # define byteorder ELFDATA2MSB |
d66e34cd | 52 | #elif BYTE_ORDER == LITTLE_ENDIAN |
fcf70d41 | 53 | # define byteorder ELFDATA2LSB |
d66e34cd | 54 | #else |
fcf70d41 UD |
55 | # error "Unknown BYTE_ORDER " BYTE_ORDER |
56 | # define byteorder ELFDATANONE | |
d66e34cd RM |
57 | #endif |
58 | ||
14e9dd67 | 59 | #define STRING(x) __STRING (x) |
d66e34cd | 60 | |
dcca3fe2 | 61 | |
664e7d93 | 62 | int __stack_prot attribute_hidden attribute_relro |
44828b9d | 63 | #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN |
ecc1d0c3 | 64 | = PROT_GROWSDOWN; |
44828b9d | 65 | #elif _STACK_GROWS_UP && defined PROT_GROWSUP |
ecc1d0c3 | 66 | = PROT_GROWSUP; |
f8286ce6 RM |
67 | #else |
68 | = 0; | |
664e7d93 UD |
69 | #endif |
70 | ||
dcca3fe2 | 71 | |
a35e137a UD |
72 | /* Type for the buffer we put the ELF header and hopefully the program |
73 | header. This buffer does not really have to be too large. In most | |
74 | cases the program header follows the ELF header directly. If this | |
6fffb9a2 UD |
75 | is not the case all bets are off and we can make the header |
76 | arbitrarily large and still won't get it read. This means the only | |
77 | question is how large are the ELF and program header combined. The | |
78 | ELF header 32-bit files is 52 bytes long and in 64-bit files is 64 | |
79 | bytes long. Each program header entry is again 32 and 56 bytes | |
23e2554f UD |
80 | long respectively. I.e., even with a file which has 10 program |
81 | header entries we only have to read 372B/624B respectively. Add to | |
82 | this a bit of margin for program notes and reading 512B and 832B | |
83 | for 32-bit and 64-bit files respecitvely is enough. If this | |
84 | heuristic should really fail for some file the code in | |
85 | `_dl_map_object_from_fd' knows how to recover. */ | |
a35e137a UD |
86 | struct filebuf |
87 | { | |
88 | ssize_t len; | |
868b9d6a | 89 | #if __WORDSIZE == 32 |
ca97fb53 UD |
90 | # define FILEBUF_SIZE 512 |
91 | #else | |
23e2554f | 92 | # define FILEBUF_SIZE 832 |
ca97fb53 | 93 | #endif |
6fffb9a2 | 94 | char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr))))); |
a35e137a UD |
95 | }; |
96 | ||
7ef90c15 | 97 | /* This is the decomposed LD_LIBRARY_PATH search path. */ |
392a6b52 | 98 | static struct r_search_path_struct env_path_list attribute_relro; |
40a55d20 | 99 | |
12264bd7 | 100 | /* List of the hardware capabilities we might end up using. */ |
392a6b52 UD |
101 | static const struct r_strlenpair *capstr attribute_relro; |
102 | static size_t ncapstr attribute_relro; | |
103 | static size_t max_capstrlen attribute_relro; | |
12264bd7 | 104 | |
40a55d20 | 105 | |
ab7eb292 UD |
106 | /* Get the generated information about the trusted directories. */ |
107 | #include "trusted-dirs.h" | |
108 | ||
109 | static const char system_dirs[] = SYSTEM_DIRS; | |
110 | static const size_t system_dirs_len[] = | |
111 | { | |
112 | SYSTEM_DIRS_LEN | |
113 | }; | |
4a6d1198 UD |
114 | #define nsystem_dirs_len \ |
115 | (sizeof (system_dirs_len) / sizeof (system_dirs_len[0])) | |
ab7eb292 | 116 | |
32c85e43 | 117 | |
47c3cd7a UD |
118 | static bool |
119 | is_trusted_path (const char *path, size_t len) | |
120 | { | |
47c3cd7a UD |
121 | const char *trun = system_dirs; |
122 | ||
123 | for (size_t idx = 0; idx < nsystem_dirs_len; ++idx) | |
124 | { | |
125 | if (len == system_dirs_len[idx] && memcmp (trun, path, len) == 0) | |
126 | /* Found it. */ | |
127 | return true; | |
128 | ||
129 | trun += system_dirs_len[idx] + 1; | |
130 | } | |
131 | ||
132 | return false; | |
133 | } | |
134 | ||
135 | ||
136 | static bool | |
137 | is_trusted_path_normalize (const char *path, size_t len) | |
138 | { | |
22836f52 UD |
139 | if (len == 0) |
140 | return false; | |
141 | ||
142 | if (*path == ':') | |
143 | { | |
144 | ++path; | |
145 | --len; | |
146 | } | |
147 | ||
47c3cd7a UD |
148 | char *npath = (char *) alloca (len + 2); |
149 | char *wnp = npath; | |
47c3cd7a UD |
150 | while (*path != '\0') |
151 | { | |
152 | if (path[0] == '/') | |
153 | { | |
154 | if (path[1] == '.') | |
155 | { | |
156 | if (path[2] == '.' && (path[3] == '/' || path[3] == '\0')) | |
157 | { | |
158 | while (wnp > npath && *--wnp != '/') | |
159 | ; | |
160 | path += 3; | |
161 | continue; | |
162 | } | |
163 | else if (path[2] == '/' || path[2] == '\0') | |
164 | { | |
165 | path += 2; | |
166 | continue; | |
167 | } | |
168 | } | |
169 | ||
170 | if (wnp > npath && wnp[-1] == '/') | |
171 | { | |
172 | ++path; | |
173 | continue; | |
174 | } | |
175 | } | |
176 | ||
177 | *wnp++ = *path++; | |
178 | } | |
22836f52 UD |
179 | |
180 | if (wnp == npath || wnp[-1] != '/') | |
47c3cd7a | 181 | *wnp++ = '/'; |
47c3cd7a | 182 | |
22836f52 UD |
183 | const char *trun = system_dirs; |
184 | ||
185 | for (size_t idx = 0; idx < nsystem_dirs_len; ++idx) | |
186 | { | |
187 | if (wnp - npath >= system_dirs_len[idx] | |
188 | && memcmp (trun, npath, system_dirs_len[idx]) == 0) | |
189 | /* Found it. */ | |
190 | return true; | |
191 | ||
192 | trun += system_dirs_len[idx] + 1; | |
193 | } | |
194 | ||
195 | return false; | |
47c3cd7a UD |
196 | } |
197 | ||
198 | ||
6d5d3ae3 | 199 | static size_t |
379d4ec4 | 200 | is_dst (const char *start, const char *name, const char *str, |
d43c8c5f | 201 | int is_path, int secure) |
6d5d3ae3 UD |
202 | { |
203 | size_t len; | |
379d4ec4 | 204 | bool is_curly = false; |
6d5d3ae3 | 205 | |
379d4ec4 UD |
206 | if (name[0] == '{') |
207 | { | |
208 | is_curly = true; | |
209 | ++name; | |
210 | } | |
211 | ||
212 | len = 0; | |
213 | while (name[len] == str[len] && name[len] != '\0') | |
214 | ++len; | |
215 | ||
216 | if (is_curly) | |
217 | { | |
218 | if (name[len] != '}') | |
219 | return 0; | |
220 | ||
221 | /* Point again at the beginning of the name. */ | |
222 | --name; | |
223 | /* Skip over closing curly brace and adjust for the --name. */ | |
224 | len += 2; | |
225 | } | |
226 | else if (name[len] != '\0' && name[len] != '/' | |
227 | && (!is_path || name[len] != ':')) | |
6d5d3ae3 UD |
228 | return 0; |
229 | ||
1b26b855 | 230 | if (__glibc_unlikely (secure) |
22836f52 UD |
231 | && ((name[len] != '\0' && name[len] != '/' |
232 | && (!is_path || name[len] != ':')) | |
6d5d3ae3 UD |
233 | || (name != start + 1 && (!is_path || name[-2] != ':')))) |
234 | return 0; | |
235 | ||
236 | return len; | |
237 | } | |
238 | ||
239 | ||
dc5efe83 UD |
240 | size_t |
241 | _dl_dst_count (const char *name, int is_path) | |
f787edde | 242 | { |
2864e767 | 243 | const char *const start = name; |
f787edde | 244 | size_t cnt = 0; |
f787edde | 245 | |
dc5efe83 | 246 | do |
f787edde | 247 | { |
379d4ec4 | 248 | size_t len; |
f787edde | 249 | |
32463b1a | 250 | /* $ORIGIN is not expanded for SUID/GUID programs (except if it |
379d4ec4 UD |
251 | is $ORIGIN alone) and it must always appear first in path. */ |
252 | ++name; | |
253 | if ((len = is_dst (start, name, "ORIGIN", is_path, | |
6bc6bd3b | 254 | __libc_enable_secure)) != 0 |
27af5372 RM |
255 | || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 |
256 | || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) | |
f787edde UD |
257 | ++cnt; |
258 | ||
dc5efe83 | 259 | name = strchr (name + len, '$'); |
f787edde | 260 | } |
dc5efe83 | 261 | while (name != NULL); |
f787edde | 262 | |
dc5efe83 UD |
263 | return cnt; |
264 | } | |
f787edde | 265 | |
f787edde | 266 | |
dc5efe83 UD |
267 | char * |
268 | _dl_dst_substitute (struct link_map *l, const char *name, char *result, | |
269 | int is_path) | |
270 | { | |
2864e767 | 271 | const char *const start = name; |
f787edde UD |
272 | |
273 | /* Now fill the result path. While copying over the string we keep | |
c0c3f78a | 274 | track of the start of the last path element. When we come across |
f787edde UD |
275 | a DST we copy over the value or (if the value is not available) |
276 | leave the entire path element out. */ | |
47c3cd7a UD |
277 | char *wp = result; |
278 | char *last_elem = result; | |
279 | bool check_for_trusted = false; | |
dc5efe83 | 280 | |
f787edde UD |
281 | do |
282 | { | |
a1ffb40e | 283 | if (__glibc_unlikely (*name == '$')) |
f787edde | 284 | { |
2541eda0 | 285 | const char *repl = NULL; |
379d4ec4 | 286 | size_t len; |
2541eda0 | 287 | |
379d4ec4 UD |
288 | ++name; |
289 | if ((len = is_dst (start, name, "ORIGIN", is_path, | |
6bc6bd3b | 290 | __libc_enable_secure)) != 0) |
e7c8359e | 291 | { |
f91f1c0f | 292 | repl = l->l_origin; |
6bc6bd3b | 293 | check_for_trusted = (__libc_enable_secure |
47c3cd7a | 294 | && l->l_type == lt_executable); |
e7c8359e | 295 | } |
27af5372 | 296 | else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) |
afdca0f2 | 297 | repl = GLRO(dl_platform); |
27af5372 RM |
298 | else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) |
299 | repl = DL_DST_LIB; | |
2541eda0 | 300 | |
2541eda0 UD |
301 | if (repl != NULL && repl != (const char *) -1) |
302 | { | |
303 | wp = __stpcpy (wp, repl); | |
304 | name += len; | |
305 | } | |
306 | else if (len > 1) | |
f787edde | 307 | { |
2541eda0 UD |
308 | /* We cannot use this path element, the value of the |
309 | replacement is unknown. */ | |
310 | wp = last_elem; | |
311 | name += len; | |
312 | while (*name != '\0' && (!is_path || *name != ':')) | |
313 | ++name; | |
34fe483e AS |
314 | /* Also skip following colon if this is the first rpath |
315 | element, but keep an empty element at the end. */ | |
316 | if (wp == result && is_path && *name == ':' && name[1] != '\0') | |
317 | ++name; | |
f787edde UD |
318 | } |
319 | else | |
27aa0631 | 320 | /* No DST we recognize. */ |
379d4ec4 | 321 | *wp++ = '$'; |
f787edde | 322 | } |
2541eda0 | 323 | else |
f787edde | 324 | { |
dc5efe83 | 325 | *wp++ = *name++; |
2541eda0 | 326 | if (is_path && *name == ':') |
47c3cd7a UD |
327 | { |
328 | /* In SUID/SGID programs, after $ORIGIN expansion the | |
329 | normalized path must be rooted in one of the trusted | |
330 | directories. */ | |
1b26b855 | 331 | if (__glibc_unlikely (check_for_trusted) |
22836f52 UD |
332 | && !is_trusted_path_normalize (last_elem, wp - last_elem)) |
333 | wp = last_elem; | |
47c3cd7a UD |
334 | else |
335 | last_elem = wp; | |
22836f52 UD |
336 | |
337 | check_for_trusted = false; | |
47c3cd7a | 338 | } |
f787edde | 339 | } |
f787edde | 340 | } |
dc5efe83 | 341 | while (*name != '\0'); |
f787edde | 342 | |
47c3cd7a UD |
343 | /* In SUID/SGID programs, after $ORIGIN expansion the normalized |
344 | path must be rooted in one of the trusted directories. */ | |
1b26b855 | 345 | if (__glibc_unlikely (check_for_trusted) |
22836f52 | 346 | && !is_trusted_path_normalize (last_elem, wp - last_elem)) |
47c3cd7a UD |
347 | wp = last_elem; |
348 | ||
f787edde UD |
349 | *wp = '\0'; |
350 | ||
351 | return result; | |
352 | } | |
353 | ||
dc5efe83 UD |
354 | |
355 | /* Return copy of argument with all recognized dynamic string tokens | |
356 | ($ORIGIN and $PLATFORM for now) replaced. On some platforms it | |
357 | might not be possible to determine the path from which the object | |
358 | belonging to the map is loaded. In this case the path element | |
359 | containing $ORIGIN is left out. */ | |
360 | static char * | |
34fe483e | 361 | expand_dynamic_string_token (struct link_map *l, const char *s, int is_path) |
dc5efe83 UD |
362 | { |
363 | /* We make two runs over the string. First we determine how large the | |
844c394a | 364 | resulting string is and then we copy it over. Since this is no |
dc5efe83 UD |
365 | frequently executed operation we are looking here not for performance |
366 | but rather for code size. */ | |
367 | size_t cnt; | |
368 | size_t total; | |
369 | char *result; | |
370 | ||
2864e767 | 371 | /* Determine the number of DST elements. */ |
34fe483e | 372 | cnt = DL_DST_COUNT (s, is_path); |
dc5efe83 UD |
373 | |
374 | /* If we do not have to replace anything simply copy the string. */ | |
1b26b855 | 375 | if (__glibc_likely (cnt == 0)) |
cc00cece | 376 | return __strdup (s); |
dc5efe83 UD |
377 | |
378 | /* Determine the length of the substituted string. */ | |
379 | total = DL_DST_REQUIRED (l, s, strlen (s), cnt); | |
380 | ||
381 | /* Allocate the necessary memory. */ | |
382 | result = (char *) malloc (total + 1); | |
383 | if (result == NULL) | |
384 | return NULL; | |
385 | ||
34fe483e | 386 | return _dl_dst_substitute (l, s, result, is_path); |
dc5efe83 UD |
387 | } |
388 | ||
389 | ||
0413b54c UD |
390 | /* Add `name' to the list of names for a particular shared object. |
391 | `name' is expected to have been allocated with malloc and will | |
392 | be freed if the shared object already has this name. | |
393 | Returns false if the object already had this name. */ | |
76156ea1 | 394 | static void |
12264bd7 | 395 | internal_function |
76156ea1 | 396 | add_name_to_object (struct link_map *l, const char *name) |
0a54e401 | 397 | { |
0413b54c UD |
398 | struct libname_list *lnp, *lastp; |
399 | struct libname_list *newname; | |
76156ea1 | 400 | size_t name_len; |
0413b54c UD |
401 | |
402 | lastp = NULL; | |
403 | for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next) | |
404 | if (strcmp (name, lnp->name) == 0) | |
76156ea1 | 405 | return; |
0413b54c | 406 | |
76156ea1 | 407 | name_len = strlen (name) + 1; |
839be784 | 408 | newname = (struct libname_list *) malloc (sizeof *newname + name_len); |
0413b54c | 409 | if (newname == NULL) |
da832465 UD |
410 | { |
411 | /* No more memory. */ | |
154d10bd | 412 | _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record")); |
76156ea1 | 413 | return; |
da832465 | 414 | } |
0413b54c UD |
415 | /* The object should have a libname set from _dl_new_object. */ |
416 | assert (lastp != NULL); | |
417 | ||
76156ea1 | 418 | newname->name = memcpy (newname + 1, name, name_len); |
0413b54c | 419 | newname->next = NULL; |
752a2a50 | 420 | newname->dont_free = 0; |
0413b54c | 421 | lastp->next = newname; |
0413b54c UD |
422 | } |
423 | ||
12264bd7 | 424 | /* Standard search directories. */ |
392a6b52 | 425 | static struct r_search_path_struct rtld_search_dirs attribute_relro; |
0a54e401 | 426 | |
a658675d | 427 | static size_t max_dirnamelen; |
0a54e401 | 428 | |
dd9423a6 | 429 | static struct r_search_path_elem ** |
0a54e401 | 430 | fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep, |
2a939a7e OB |
431 | int check_trusted, const char *what, const char *where, |
432 | struct link_map *l) | |
0a54e401 UD |
433 | { |
434 | char *cp; | |
435 | size_t nelems = 0; | |
2a939a7e | 436 | char *to_free; |
0a54e401 UD |
437 | |
438 | while ((cp = __strsep (&rpath, sep)) != NULL) | |
439 | { | |
440 | struct r_search_path_elem *dirp; | |
2a939a7e OB |
441 | |
442 | to_free = cp = expand_dynamic_string_token (l, cp, 1); | |
443 | ||
0a54e401 | 444 | size_t len = strlen (cp); |
12264bd7 | 445 | |
af3878df | 446 | /* `strsep' can pass an empty string. This has to be |
844c394a | 447 | interpreted as `use the current directory'. */ |
12264bd7 | 448 | if (len == 0) |
af3878df | 449 | { |
ab7eb292 UD |
450 | static const char curwd[] = "./"; |
451 | cp = (char *) curwd; | |
af3878df | 452 | } |
12264bd7 | 453 | |
143e2b96 | 454 | /* Remove trailing slashes (except for "/"). */ |
0a54e401 UD |
455 | while (len > 1 && cp[len - 1] == '/') |
456 | --len; | |
457 | ||
ab7eb292 UD |
458 | /* Now add one if there is none so far. */ |
459 | if (len > 0 && cp[len - 1] != '/') | |
460 | cp[len++] = '/'; | |
461 | ||
07ba7349 | 462 | /* Make sure we don't use untrusted directories if we run SUID. */ |
1b26b855 | 463 | if (__glibc_unlikely (check_trusted) && !is_trusted_path (cp, len)) |
2a939a7e OB |
464 | { |
465 | free (to_free); | |
466 | continue; | |
467 | } | |
07ba7349 | 468 | |
0a54e401 | 469 | /* See if this directory is already known. */ |
d6b5d570 | 470 | for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next) |
12264bd7 | 471 | if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) |
0a54e401 UD |
472 | break; |
473 | ||
474 | if (dirp != NULL) | |
475 | { | |
12264bd7 | 476 | /* It is available, see whether it's on our own list. */ |
0a54e401 UD |
477 | size_t cnt; |
478 | for (cnt = 0; cnt < nelems; ++cnt) | |
479 | if (result[cnt] == dirp) | |
480 | break; | |
481 | ||
482 | if (cnt == nelems) | |
483 | result[nelems++] = dirp; | |
484 | } | |
485 | else | |
486 | { | |
12264bd7 | 487 | size_t cnt; |
839be784 | 488 | enum r_dir_status init_val; |
4a6d1198 | 489 | size_t where_len = where ? strlen (where) + 1 : 0; |
12264bd7 | 490 | |
0a54e401 | 491 | /* It's a new directory. Create an entry and add it. */ |
12264bd7 | 492 | dirp = (struct r_search_path_elem *) |
32ee8d95 | 493 | malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status) |
f55727ca | 494 | + where_len + len + 1); |
0a54e401 | 495 | if (dirp == NULL) |
154d10bd UD |
496 | _dl_signal_error (ENOMEM, NULL, NULL, |
497 | N_("cannot create cache for search path")); | |
0a54e401 | 498 | |
f55727ca UD |
499 | dirp->dirname = ((char *) dirp + sizeof (*dirp) |
500 | + ncapstr * sizeof (enum r_dir_status)); | |
104d0bd3 | 501 | *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0'; |
0a54e401 | 502 | dirp->dirnamelen = len; |
12264bd7 UD |
503 | |
504 | if (len > max_dirnamelen) | |
505 | max_dirnamelen = len; | |
506 | ||
07ba7349 UD |
507 | /* We have to make sure all the relative directories are |
508 | never ignored. The current directory might change and | |
509 | all our saved information would be void. */ | |
510 | init_val = cp[0] != '/' ? existing : unknown; | |
839be784 UD |
511 | for (cnt = 0; cnt < ncapstr; ++cnt) |
512 | dirp->status[cnt] = init_val; | |
0a54e401 | 513 | |
b5efde2f | 514 | dirp->what = what; |
a1ffb40e | 515 | if (__glibc_likely (where != NULL)) |
f55727ca | 516 | dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1 |
d6b5d570 | 517 | + (ncapstr * sizeof (enum r_dir_status)), |
4a6d1198 UD |
518 | where, where_len); |
519 | else | |
520 | dirp->where = NULL; | |
b5efde2f | 521 | |
d6b5d570 UD |
522 | dirp->next = GL(dl_all_dirs); |
523 | GL(dl_all_dirs) = dirp; | |
0a54e401 UD |
524 | |
525 | /* Put it in the result array. */ | |
526 | result[nelems++] = dirp; | |
527 | } | |
2a939a7e | 528 | free (to_free); |
0a54e401 UD |
529 | } |
530 | ||
531 | /* Terminate the array. */ | |
532 | result[nelems] = NULL; | |
533 | ||
534 | return result; | |
535 | } | |
536 | ||
537 | ||
2692deea | 538 | static bool |
12264bd7 | 539 | internal_function |
f55727ca UD |
540 | decompose_rpath (struct r_search_path_struct *sps, |
541 | const char *rpath, struct link_map *l, const char *what) | |
0a54e401 UD |
542 | { |
543 | /* Make a copy we can work with. */ | |
f787edde | 544 | const char *where = l->l_name; |
310930c1 | 545 | char *copy; |
0a54e401 UD |
546 | char *cp; |
547 | struct r_search_path_elem **result; | |
310930c1 | 548 | size_t nelems; |
39b3385d UD |
549 | /* Initialize to please the compiler. */ |
550 | const char *errstring = NULL; | |
310930c1 | 551 | |
fcf70d41 UD |
552 | /* First see whether we must forget the RUNPATH and RPATH from this |
553 | object. */ | |
1b26b855 | 554 | if (__glibc_unlikely (GLRO(dl_inhibit_rpath) != NULL) |
6bc6bd3b | 555 | && !__libc_enable_secure) |
310930c1 | 556 | { |
afdca0f2 | 557 | const char *inhp = GLRO(dl_inhibit_rpath); |
9710f75d UD |
558 | |
559 | do | |
310930c1 | 560 | { |
9710f75d UD |
561 | const char *wp = where; |
562 | ||
563 | while (*inhp == *wp && *wp != '\0') | |
564 | { | |
565 | ++inhp; | |
566 | ++wp; | |
567 | } | |
568 | ||
569 | if (*wp == '\0' && (*inhp == '\0' || *inhp == ':')) | |
310930c1 | 570 | { |
fcf70d41 UD |
571 | /* This object is on the list of objects for which the |
572 | RUNPATH and RPATH must not be used. */ | |
2692deea UD |
573 | sps->dirs = (void *) -1; |
574 | return false; | |
310930c1 | 575 | } |
9710f75d UD |
576 | |
577 | while (*inhp != '\0') | |
578 | if (*inhp++ == ':') | |
579 | break; | |
310930c1 | 580 | } |
9710f75d | 581 | while (*inhp != '\0'); |
310930c1 | 582 | } |
0a54e401 | 583 | |
2a939a7e | 584 | /* Make a writable copy. */ |
cc00cece | 585 | copy = __strdup (rpath); |
f787edde | 586 | if (copy == NULL) |
39b3385d UD |
587 | { |
588 | errstring = N_("cannot create RUNPATH/RPATH copy"); | |
589 | goto signal_error; | |
590 | } | |
f787edde | 591 | |
34fe483e AS |
592 | /* Ignore empty rpaths. */ |
593 | if (*copy == 0) | |
594 | { | |
595 | free (copy); | |
22836f52 | 596 | sps->dirs = (struct r_search_path_elem **) -1; |
34fe483e AS |
597 | return false; |
598 | } | |
599 | ||
310930c1 | 600 | /* Count the number of necessary elements in the result array. */ |
310930c1 | 601 | nelems = 0; |
0a54e401 UD |
602 | for (cp = copy; *cp != '\0'; ++cp) |
603 | if (*cp == ':') | |
604 | ++nelems; | |
605 | ||
7ef90c15 UD |
606 | /* Allocate room for the result. NELEMS + 1 is an upper limit for the |
607 | number of necessary entries. */ | |
608 | result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1) | |
0a54e401 UD |
609 | * sizeof (*result)); |
610 | if (result == NULL) | |
2692deea | 611 | { |
ce31a3b1 | 612 | free (copy); |
2692deea UD |
613 | errstring = N_("cannot create cache for search path"); |
614 | signal_error: | |
615 | _dl_signal_error (ENOMEM, NULL, NULL, errstring); | |
616 | } | |
0a54e401 | 617 | |
2a939a7e | 618 | fillin_rpath (copy, result, ":", 0, what, where, l); |
f55727ca UD |
619 | |
620 | /* Free the copied RPATH string. `fillin_rpath' make own copies if | |
621 | necessary. */ | |
622 | free (copy); | |
623 | ||
624 | sps->dirs = result; | |
625 | /* The caller will change this value if we haven't used a real malloc. */ | |
626 | sps->malloced = 1; | |
2692deea | 627 | return true; |
0a54e401 UD |
628 | } |
629 | ||
45e4762c RM |
630 | /* Make sure cached path information is stored in *SP |
631 | and return true if there are any paths to search there. */ | |
25337753 | 632 | static bool |
45e4762c RM |
633 | cache_rpath (struct link_map *l, |
634 | struct r_search_path_struct *sp, | |
635 | int tag, | |
636 | const char *what) | |
637 | { | |
638 | if (sp->dirs == (void *) -1) | |
639 | return false; | |
640 | ||
641 | if (sp->dirs != NULL) | |
642 | return true; | |
643 | ||
644 | if (l->l_info[tag] == NULL) | |
645 | { | |
646 | /* There is no path. */ | |
647 | sp->dirs = (void *) -1; | |
648 | return false; | |
649 | } | |
650 | ||
651 | /* Make sure the cache information is available. */ | |
2692deea UD |
652 | return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB]) |
653 | + l->l_info[tag]->d_un.d_val), | |
654 | l, what); | |
45e4762c RM |
655 | } |
656 | ||
0a54e401 UD |
657 | |
658 | void | |
d0fc4041 | 659 | internal_function |
880f421f | 660 | _dl_init_paths (const char *llp) |
0a54e401 | 661 | { |
ab7eb292 UD |
662 | size_t idx; |
663 | const char *strp; | |
12264bd7 UD |
664 | struct r_search_path_elem *pelem, **aelem; |
665 | size_t round_size; | |
2a939a7e | 666 | struct link_map __attribute__ ((unused)) *l = NULL; |
39b3385d UD |
667 | /* Initialize to please the compiler. */ |
668 | const char *errstring = NULL; | |
0a54e401 | 669 | |
7ef90c15 UD |
670 | /* Fill in the information about the application's RPATH and the |
671 | directories addressed by the LD_LIBRARY_PATH environment variable. */ | |
0a54e401 | 672 | |
4317f9e1 | 673 | /* Get the capabilities. */ |
afdca0f2 | 674 | capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen), |
12264bd7 UD |
675 | &ncapstr, &max_capstrlen); |
676 | ||
677 | /* First set up the rest of the default search directory entries. */ | |
f55727ca | 678 | aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **) |
4a6d1198 | 679 | malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *)); |
f55727ca | 680 | if (rtld_search_dirs.dirs == NULL) |
39b3385d UD |
681 | { |
682 | errstring = N_("cannot create search path array"); | |
683 | signal_error: | |
154d10bd | 684 | _dl_signal_error (ENOMEM, NULL, NULL, errstring); |
39b3385d | 685 | } |
12264bd7 UD |
686 | |
687 | round_size = ((2 * sizeof (struct r_search_path_elem) - 1 | |
688 | + ncapstr * sizeof (enum r_dir_status)) | |
689 | / sizeof (struct r_search_path_elem)); | |
690 | ||
f55727ca | 691 | rtld_search_dirs.dirs[0] = (struct r_search_path_elem *) |
228589d2 | 692 | malloc ((sizeof (system_dirs) / sizeof (system_dirs[0])) |
12264bd7 | 693 | * round_size * sizeof (struct r_search_path_elem)); |
f55727ca | 694 | if (rtld_search_dirs.dirs[0] == NULL) |
39b3385d UD |
695 | { |
696 | errstring = N_("cannot create cache for search path"); | |
697 | goto signal_error; | |
698 | } | |
12264bd7 | 699 | |
f55727ca | 700 | rtld_search_dirs.malloced = 0; |
d6b5d570 | 701 | pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0]; |
ab7eb292 UD |
702 | strp = system_dirs; |
703 | idx = 0; | |
704 | ||
705 | do | |
12264bd7 UD |
706 | { |
707 | size_t cnt; | |
708 | ||
709 | *aelem++ = pelem; | |
710 | ||
12264bd7 UD |
711 | pelem->what = "system search path"; |
712 | pelem->where = NULL; | |
713 | ||
ab7eb292 UD |
714 | pelem->dirname = strp; |
715 | pelem->dirnamelen = system_dirs_len[idx]; | |
716 | strp += system_dirs_len[idx] + 1; | |
12264bd7 | 717 | |
f55727ca UD |
718 | /* System paths must be absolute. */ |
719 | assert (pelem->dirname[0] == '/'); | |
720 | for (cnt = 0; cnt < ncapstr; ++cnt) | |
721 | pelem->status[cnt] = unknown; | |
ab7eb292 | 722 | |
4a6d1198 | 723 | pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size)); |
ab7eb292 UD |
724 | |
725 | pelem += round_size; | |
12264bd7 | 726 | } |
4a6d1198 | 727 | while (idx < nsystem_dirs_len); |
ab7eb292 UD |
728 | |
729 | max_dirnamelen = SYSTEM_DIRS_MAX_LEN; | |
12264bd7 | 730 | *aelem = NULL; |
4317f9e1 | 731 | |
b5567b2a | 732 | #ifdef SHARED |
81e0cb2d | 733 | /* This points to the map of the main object. */ |
c0f62c56 | 734 | l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; |
011ce8ed UD |
735 | if (l != NULL) |
736 | { | |
011ce8ed | 737 | assert (l->l_type != lt_loaded); |
40a55d20 | 738 | |
fcf70d41 UD |
739 | if (l->l_info[DT_RUNPATH]) |
740 | { | |
741 | /* Allocate room for the search path and fill in information | |
742 | from RUNPATH. */ | |
f55727ca UD |
743 | decompose_rpath (&l->l_runpath_dirs, |
744 | (const void *) (D_PTR (l, l_info[DT_STRTAB]) | |
745 | + l->l_info[DT_RUNPATH]->d_un.d_val), | |
746 | l, "RUNPATH"); | |
273cdee8 AS |
747 | /* During rtld init the memory is allocated by the stub malloc, |
748 | prevent any attempt to free it by the normal malloc. */ | |
749 | l->l_runpath_dirs.malloced = 0; | |
fcf70d41 UD |
750 | |
751 | /* The RPATH is ignored. */ | |
f55727ca | 752 | l->l_rpath_dirs.dirs = (void *) -1; |
fcf70d41 | 753 | } |
011ce8ed | 754 | else |
fcf70d41 | 755 | { |
f55727ca | 756 | l->l_runpath_dirs.dirs = (void *) -1; |
fcf70d41 UD |
757 | |
758 | if (l->l_info[DT_RPATH]) | |
f55727ca UD |
759 | { |
760 | /* Allocate room for the search path and fill in information | |
761 | from RPATH. */ | |
762 | decompose_rpath (&l->l_rpath_dirs, | |
763 | (const void *) (D_PTR (l, l_info[DT_STRTAB]) | |
fcf70d41 UD |
764 | + l->l_info[DT_RPATH]->d_un.d_val), |
765 | l, "RPATH"); | |
273cdee8 AS |
766 | /* During rtld init the memory is allocated by the stub |
767 | malloc, prevent any attempt to free it by the normal | |
768 | malloc. */ | |
f55727ca UD |
769 | l->l_rpath_dirs.malloced = 0; |
770 | } | |
fcf70d41 | 771 | else |
f55727ca | 772 | l->l_rpath_dirs.dirs = (void *) -1; |
fcf70d41 | 773 | } |
0a54e401 | 774 | } |
b5567b2a | 775 | #endif /* SHARED */ |
7ef90c15 UD |
776 | |
777 | if (llp != NULL && *llp != '\0') | |
0a54e401 | 778 | { |
7ef90c15 UD |
779 | size_t nllp; |
780 | const char *cp = llp; | |
950398e1 UD |
781 | char *llp_tmp; |
782 | ||
783 | #ifdef SHARED | |
784 | /* Expand DSTs. */ | |
785 | size_t cnt = DL_DST_COUNT (llp, 1); | |
a1ffb40e | 786 | if (__glibc_likely (cnt == 0)) |
950398e1 UD |
787 | llp_tmp = strdupa (llp); |
788 | else | |
789 | { | |
790 | /* Determine the length of the substituted string. */ | |
791 | size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt); | |
792 | ||
793 | /* Allocate the necessary memory. */ | |
794 | llp_tmp = (char *) alloca (total + 1); | |
795 | llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1); | |
796 | } | |
797 | #else | |
798 | llp_tmp = strdupa (llp); | |
799 | #endif | |
011ce8ed | 800 | |
7ef90c15 UD |
801 | /* Decompose the LD_LIBRARY_PATH contents. First determine how many |
802 | elements it has. */ | |
803 | nllp = 1; | |
804 | while (*cp) | |
0a54e401 | 805 | { |
7ef90c15 UD |
806 | if (*cp == ':' || *cp == ';') |
807 | ++nllp; | |
808 | ++cp; | |
011ce8ed | 809 | } |
7ef90c15 | 810 | |
f55727ca | 811 | env_path_list.dirs = (struct r_search_path_elem **) |
7ef90c15 | 812 | malloc ((nllp + 1) * sizeof (struct r_search_path_elem *)); |
f55727ca | 813 | if (env_path_list.dirs == NULL) |
39b3385d UD |
814 | { |
815 | errstring = N_("cannot create cache for search path"); | |
816 | goto signal_error; | |
817 | } | |
7ef90c15 | 818 | |
b0ed91ae | 819 | (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;", |
6bc6bd3b | 820 | __libc_enable_secure, "LD_LIBRARY_PATH", |
2a939a7e | 821 | NULL, l); |
6a7c9bb4 | 822 | |
f55727ca | 823 | if (env_path_list.dirs[0] == NULL) |
6a7c9bb4 | 824 | { |
f55727ca UD |
825 | free (env_path_list.dirs); |
826 | env_path_list.dirs = (void *) -1; | |
6a7c9bb4 | 827 | } |
f55727ca UD |
828 | |
829 | env_path_list.malloced = 0; | |
81e0cb2d | 830 | } |
152e7964 | 831 | else |
f55727ca | 832 | env_path_list.dirs = (void *) -1; |
0a54e401 UD |
833 | } |
834 | ||
835 | ||
a6291c3d | 836 | static void |
a481b13c | 837 | __attribute__ ((noreturn, noinline)) |
126b06f9 | 838 | lose (int code, int fd, const char *name, char *realname, struct link_map *l, |
815e6fa3 | 839 | const char *msg, struct r_debug *r, Lmid_t nsid) |
126b06f9 | 840 | { |
fb0356b9 | 841 | /* The file might already be closed. */ |
a481b13c UD |
842 | if (fd != -1) |
843 | (void) __close (fd); | |
610f9ab4 | 844 | if (l != NULL && l->l_origin != (char *) -1l) |
fde56e5c | 845 | free ((char *) l->l_origin); |
f0967738 | 846 | free (l); |
126b06f9 | 847 | free (realname); |
bca2218b UD |
848 | |
849 | if (r != NULL) | |
850 | { | |
851 | r->r_state = RT_CONSISTENT; | |
852 | _dl_debug_state (); | |
815e6fa3 | 853 | LIBC_PROBE (map_failed, 2, nsid, r); |
bca2218b UD |
854 | } |
855 | ||
154d10bd | 856 | _dl_signal_error (code, name, NULL, msg); |
126b06f9 UD |
857 | } |
858 | ||
859 | ||
ea03559a RM |
860 | /* Map in the shared object NAME, actually located in REALNAME, and already |
861 | opened on FD. */ | |
862 | ||
f787edde UD |
863 | #ifndef EXTERNAL_MAP_FROM_FD |
864 | static | |
865 | #endif | |
ea03559a | 866 | struct link_map * |
a1b85ae8 FW |
867 | _dl_map_object_from_fd (const char *name, const char *origname, int fd, |
868 | struct filebuf *fbp, char *realname, | |
869 | struct link_map *loader, int l_type, int mode, | |
870 | void **stack_endp, Lmid_t nsid) | |
ea03559a | 871 | { |
622586fb | 872 | struct link_map *l = NULL; |
266180eb RM |
873 | const ElfW(Ehdr) *header; |
874 | const ElfW(Phdr) *phdr; | |
875 | const ElfW(Phdr) *ph; | |
8193034b | 876 | size_t maplength; |
b122c703 | 877 | int type; |
39b3385d UD |
878 | /* Initialize to keep the compiler happy. */ |
879 | const char *errstring = NULL; | |
880 | int errval = 0; | |
29f97654 | 881 | struct r_debug *r = _dl_debug_initialize (0, nsid); |
9dcafc55 | 882 | bool make_consistent = false; |
61e0617a UD |
883 | |
884 | /* Get file information. */ | |
c01ae97e RM |
885 | struct r_file_id id; |
886 | if (__glibc_unlikely (!_dl_get_file_id (fd, &id))) | |
39b3385d UD |
887 | { |
888 | errstring = N_("cannot stat shared object"); | |
889 | call_lose_errno: | |
890 | errval = errno; | |
891 | call_lose: | |
bca2218b | 892 | lose (errval, fd, name, realname, l, errstring, |
815e6fa3 | 893 | make_consistent ? r : NULL, nsid); |
39b3385d | 894 | } |
d66e34cd RM |
895 | |
896 | /* Look again to see if the real name matched another already loaded. */ | |
c01ae97e RM |
897 | for (l = GL(dl_ns)[nsid]._ns_loaded; l != NULL; l = l->l_next) |
898 | if (!l->l_removed && _dl_file_id_match_p (&l->l_file_id, &id)) | |
d66e34cd RM |
899 | { |
900 | /* The object is already loaded. | |
901 | Just bump its reference count and return it. */ | |
266180eb | 902 | __close (fd); |
c84142e8 UD |
903 | |
904 | /* If the name is not in the list of names for this object add | |
905 | it. */ | |
ea03559a | 906 | free (realname); |
0413b54c | 907 | add_name_to_object (l, name); |
8699e7b1 | 908 | |
d66e34cd RM |
909 | return l; |
910 | } | |
911 | ||
c0f62c56 UD |
912 | #ifdef SHARED |
913 | /* When loading into a namespace other than the base one we must | |
914 | avoid loading ld.so since there can only be one copy. Ever. */ | |
1b26b855 | 915 | if (__glibc_unlikely (nsid != LM_ID_BASE) |
c01ae97e | 916 | && (_dl_file_id_match_p (&id, &GL(dl_rtld_map).l_file_id) |
c0f62c56 UD |
917 | || _dl_name_match_p (name, &GL(dl_rtld_map)))) |
918 | { | |
919 | /* This is indeed ld.so. Create a new link_map which refers to | |
920 | the real one for almost everything. */ | |
921 | l = _dl_new_object (realname, name, l_type, loader, mode, nsid); | |
922 | if (l == NULL) | |
923 | goto fail_new; | |
924 | ||
925 | /* Refer to the real descriptor. */ | |
926 | l->l_real = &GL(dl_rtld_map); | |
927 | ||
928 | /* No need to bump the refcount of the real object, ld.so will | |
929 | never be unloaded. */ | |
930 | __close (fd); | |
931 | ||
f0967738 AK |
932 | /* Add the map for the mirrored object to the object list. */ |
933 | _dl_add_to_namespace_list (l, nsid); | |
934 | ||
c0f62c56 UD |
935 | return l; |
936 | } | |
937 | #endif | |
938 | ||
2f54c82d | 939 | if (mode & RTLD_NOLOAD) |
96961bf7 AS |
940 | { |
941 | /* We are not supposed to load the object unless it is already | |
942 | loaded. So return now. */ | |
4bff6e01 | 943 | free (realname); |
96961bf7 AS |
944 | __close (fd); |
945 | return NULL; | |
946 | } | |
bf8b3e74 | 947 | |
8193034b | 948 | /* Print debugging message. */ |
a1ffb40e | 949 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)) |
c0f62c56 | 950 | _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid); |
8193034b | 951 | |
a35e137a UD |
952 | /* This is the ELF header. We read it in `open_verify'. */ |
953 | header = (void *) fbp->buf; | |
d66e34cd | 954 | |
2064087b | 955 | #ifndef MAP_ANON |
126b06f9 | 956 | # define MAP_ANON 0 |
d66e34cd RM |
957 | if (_dl_zerofd == -1) |
958 | { | |
959 | _dl_zerofd = _dl_sysdep_open_zero_fill (); | |
960 | if (_dl_zerofd == -1) | |
ba79d61b | 961 | { |
4bff6e01 | 962 | free (realname); |
ba79d61b | 963 | __close (fd); |
154d10bd UD |
964 | _dl_signal_error (errno, NULL, NULL, |
965 | N_("cannot open zero fill device")); | |
ba79d61b | 966 | } |
d66e34cd | 967 | } |
2064087b | 968 | #endif |
d66e34cd | 969 | |
9dcafc55 UD |
970 | /* Signal that we are going to add new objects. */ |
971 | if (r->r_state == RT_CONSISTENT) | |
972 | { | |
973 | #ifdef SHARED | |
974 | /* Auditing checkpoint: we are going to add new objects. */ | |
2ca285b0 | 975 | if ((mode & __RTLD_AUDIT) == 0 |
1b26b855 | 976 | && __glibc_unlikely (GLRO(dl_naudit) > 0)) |
9dcafc55 UD |
977 | { |
978 | struct link_map *head = GL(dl_ns)[nsid]._ns_loaded; | |
979 | /* Do not call the functions for any auditing object. */ | |
980 | if (head->l_auditing == 0) | |
981 | { | |
982 | struct audit_ifaces *afct = GLRO(dl_audit); | |
983 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
984 | { | |
985 | if (afct->activity != NULL) | |
986 | afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD); | |
987 | ||
988 | afct = afct->next; | |
989 | } | |
990 | } | |
991 | } | |
992 | #endif | |
993 | ||
994 | /* Notify the debugger we have added some objects. We need to | |
995 | call _dl_debug_initialize in a static program in case dynamic | |
996 | linking has not been used before. */ | |
997 | r->r_state = RT_ADD; | |
998 | _dl_debug_state (); | |
815e6fa3 | 999 | LIBC_PROBE (map_start, 2, nsid, r); |
9dcafc55 UD |
1000 | make_consistent = true; |
1001 | } | |
1002 | else | |
1003 | assert (r->r_state == RT_ADD); | |
1004 | ||
ba79d61b | 1005 | /* Enter the new object in the list of loaded objects. */ |
c0f62c56 | 1006 | l = _dl_new_object (realname, name, l_type, loader, mode, nsid); |
a1ffb40e | 1007 | if (__glibc_unlikely (l == NULL)) |
39b3385d | 1008 | { |
7cb92a99 | 1009 | #ifdef SHARED |
c0f62c56 | 1010 | fail_new: |
7cb92a99 | 1011 | #endif |
39b3385d UD |
1012 | errstring = N_("cannot create shared object descriptor"); |
1013 | goto call_lose_errno; | |
1014 | } | |
ba79d61b | 1015 | |
b122c703 | 1016 | /* Extract the remaining details we need from the ELF header |
32c85e43 | 1017 | and then read in the program header table. */ |
b122c703 RM |
1018 | l->l_entry = header->e_entry; |
1019 | type = header->e_type; | |
1020 | l->l_phnum = header->e_phnum; | |
32c85e43 UD |
1021 | |
1022 | maplength = header->e_phnum * sizeof (ElfW(Phdr)); | |
6dd67bd5 | 1023 | if (header->e_phoff + maplength <= (size_t) fbp->len) |
a35e137a | 1024 | phdr = (void *) (fbp->buf + header->e_phoff); |
32c85e43 UD |
1025 | else |
1026 | { | |
1027 | phdr = alloca (maplength); | |
0e15c4b6 | 1028 | __lseek (fd, header->e_phoff, SEEK_SET); |
6dd67bd5 | 1029 | if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength) |
39b3385d UD |
1030 | { |
1031 | errstring = N_("cannot read file data"); | |
1032 | goto call_lose_errno; | |
1033 | } | |
32c85e43 | 1034 | } |
879bf2e6 | 1035 | |
30950a5f RA |
1036 | /* On most platforms presume that PT_GNU_STACK is absent and the stack is |
1037 | * executable. Other platforms default to a nonexecutable stack and don't | |
1038 | * need PT_GNU_STACK to do so. */ | |
1039 | uint_fast16_t stack_flags = DEFAULT_STACK_PERMS; | |
ecdeaac0 | 1040 | |
b122c703 RM |
1041 | { |
1042 | /* Scan the program header table, collecting its load commands. */ | |
fcccd512 | 1043 | struct loadcmd loadcmds[l->l_phnum]; |
b122c703 | 1044 | size_t nloadcmds = 0; |
6fffb9a2 | 1045 | bool has_holes = false; |
d66e34cd | 1046 | |
126b06f9 | 1047 | /* The struct is initialized to zero so this is not necessary: |
d66e34cd | 1048 | l->l_ld = 0; |
b122c703 | 1049 | l->l_phdr = 0; |
126b06f9 | 1050 | l->l_addr = 0; */ |
d66e34cd RM |
1051 | for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph) |
1052 | switch (ph->p_type) | |
1053 | { | |
1054 | /* These entries tell us where to find things once the file's | |
1055 | segments are mapped in. We record the addresses it says | |
1056 | verbatim, and later correct for the run-time load address. */ | |
1057 | case PT_DYNAMIC: | |
1058 | l->l_ld = (void *) ph->p_vaddr; | |
dacc8ffa | 1059 | l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn)); |
d66e34cd | 1060 | break; |
39b3385d | 1061 | |
d66e34cd RM |
1062 | case PT_PHDR: |
1063 | l->l_phdr = (void *) ph->p_vaddr; | |
1064 | break; | |
1065 | ||
1066 | case PT_LOAD: | |
b122c703 RM |
1067 | /* A load command tells us to map in part of the file. |
1068 | We record the load commands and process them all later. */ | |
1b26b855 | 1069 | if (__glibc_unlikely ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0)) |
39b3385d UD |
1070 | { |
1071 | errstring = N_("ELF load command alignment not page-aligned"); | |
1072 | goto call_lose; | |
1073 | } | |
1b26b855 PP |
1074 | if (__glibc_unlikely (((ph->p_vaddr - ph->p_offset) |
1075 | & (ph->p_align - 1)) != 0)) | |
39b3385d UD |
1076 | { |
1077 | errstring | |
1078 | = N_("ELF load command address/offset not properly aligned"); | |
1079 | goto call_lose; | |
1080 | } | |
1081 | ||
fcccd512 | 1082 | struct loadcmd *c = &loadcmds[nloadcmds++]; |
60084e34 CD |
1083 | c->mapstart = ALIGN_DOWN (ph->p_vaddr, GLRO(dl_pagesize)); |
1084 | c->mapend = ALIGN_UP (ph->p_vaddr + ph->p_filesz, GLRO(dl_pagesize)); | |
cc12f2a4 UD |
1085 | c->dataend = ph->p_vaddr + ph->p_filesz; |
1086 | c->allocend = ph->p_vaddr + ph->p_memsz; | |
60084e34 | 1087 | c->mapoff = ALIGN_DOWN (ph->p_offset, GLRO(dl_pagesize)); |
cc12f2a4 | 1088 | |
6fffb9a2 UD |
1089 | /* Determine whether there is a gap between the last segment |
1090 | and this one. */ | |
1091 | if (nloadcmds > 1 && c[-1].mapend != c->mapstart) | |
1092 | has_holes = true; | |
1093 | ||
cc12f2a4 | 1094 | /* Optimize a common case. */ |
94a758fe | 1095 | #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7 |
cc12f2a4 UD |
1096 | c->prot = (PF_TO_PROT |
1097 | >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf; | |
94a758fe | 1098 | #else |
cc12f2a4 UD |
1099 | c->prot = 0; |
1100 | if (ph->p_flags & PF_R) | |
1101 | c->prot |= PROT_READ; | |
1102 | if (ph->p_flags & PF_W) | |
1103 | c->prot |= PROT_WRITE; | |
1104 | if (ph->p_flags & PF_X) | |
1105 | c->prot |= PROT_EXEC; | |
94a758fe | 1106 | #endif |
55c91021 | 1107 | break; |
96f208a4 | 1108 | |
96f208a4 | 1109 | case PT_TLS: |
2d148689 RM |
1110 | if (ph->p_memsz == 0) |
1111 | /* Nothing to do for an empty segment. */ | |
1112 | break; | |
1113 | ||
216455bc RM |
1114 | l->l_tls_blocksize = ph->p_memsz; |
1115 | l->l_tls_align = ph->p_align; | |
99fe3b0e UD |
1116 | if (ph->p_align == 0) |
1117 | l->l_tls_firstbyte_offset = 0; | |
1118 | else | |
1119 | l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1); | |
216455bc RM |
1120 | l->l_tls_initimage_size = ph->p_filesz; |
1121 | /* Since we don't know the load address yet only store the | |
1122 | offset. We will adjust it later. */ | |
1123 | l->l_tls_initimage = (void *) ph->p_vaddr; | |
1124 | ||
2d148689 RM |
1125 | /* If not loading the initial set of shared libraries, |
1126 | check whether we should permit loading a TLS segment. */ | |
1b26b855 | 1127 | if (__glibc_likely (l->l_type == lt_library) |
850dcfca UD |
1128 | /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did |
1129 | not set up TLS data structures, so don't use them now. */ | |
1b26b855 | 1130 | || __glibc_likely (GL(dl_tls_dtv_slotinfo_list) != NULL)) |
96f208a4 | 1131 | { |
aed283dd UD |
1132 | /* Assign the next available module ID. */ |
1133 | l->l_tls_modid = _dl_next_tls_modid (); | |
2d148689 | 1134 | break; |
96f208a4 | 1135 | } |
2d148689 | 1136 | |
11bf311e | 1137 | #ifdef SHARED |
7a5e3d9d FW |
1138 | /* We are loading the executable itself when the dynamic |
1139 | linker was executed directly. The setup will happen | |
1140 | later. Otherwise, the TLS data structures are already | |
1141 | initialized, and we assigned a TLS modid above. */ | |
1142 | assert (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0); | |
1143 | #else | |
1144 | assert (false && "TLS not initialized in static application"); | |
11bf311e | 1145 | #endif |
807bce82 | 1146 | break; |
ecdeaac0 RM |
1147 | |
1148 | case PT_GNU_STACK: | |
1149 | stack_flags = ph->p_flags; | |
1150 | break; | |
ed20b3d9 UD |
1151 | |
1152 | case PT_GNU_RELRO: | |
1153 | l->l_relro_addr = ph->p_vaddr; | |
1154 | l->l_relro_size = ph->p_memsz; | |
1155 | break; | |
b122c703 | 1156 | } |
d66e34cd | 1157 | |
a1ffb40e | 1158 | if (__glibc_unlikely (nloadcmds == 0)) |
d8a5edc2 RM |
1159 | { |
1160 | /* This only happens for a bogus object that will be caught with | |
1161 | another error below. But we don't want to go through the | |
1162 | calculations below using NLOADCMDS - 1. */ | |
1163 | errstring = N_("object file has no loadable segments"); | |
1164 | goto call_lose; | |
1165 | } | |
1166 | ||
fcccd512 RM |
1167 | if (__glibc_unlikely (type != ET_DYN) |
1168 | && __glibc_unlikely ((mode & __RTLD_OPENEXEC) == 0)) | |
efec5079 | 1169 | { |
fcccd512 RM |
1170 | /* This object is loaded at a fixed address. This must never |
1171 | happen for objects loaded with dlopen. */ | |
efec5079 UD |
1172 | errstring = N_("cannot dynamically load executable"); |
1173 | goto call_lose; | |
4cca6b86 | 1174 | } |
b122c703 | 1175 | |
fcccd512 RM |
1176 | /* Length of the sections to be loaded. */ |
1177 | maplength = loadcmds[nloadcmds - 1].allocend - loadcmds[0].mapstart; | |
1178 | ||
1179 | /* Now process the load commands and map segments into memory. | |
1180 | This is responsible for filling in: | |
1181 | l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr | |
1182 | */ | |
1183 | errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds, | |
c01ae97e | 1184 | maplength, has_holes, loader); |
fcccd512 RM |
1185 | if (__glibc_unlikely (errstring != NULL)) |
1186 | goto call_lose; | |
b122c703 | 1187 | } |
d66e34cd | 1188 | |
b122c703 RM |
1189 | if (l->l_ld == 0) |
1190 | { | |
a1ffb40e | 1191 | if (__glibc_unlikely (type == ET_DYN)) |
39b3385d UD |
1192 | { |
1193 | errstring = N_("object file has no dynamic section"); | |
1194 | goto call_lose; | |
1195 | } | |
b122c703 RM |
1196 | } |
1197 | else | |
14755b91 | 1198 | l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr); |
879bf2e6 | 1199 | |
479aa8ec | 1200 | elf_get_dynamic_info (l, NULL); |
2f54c82d | 1201 | |
efec5079 UD |
1202 | /* Make sure we are not dlopen'ing an object that has the |
1203 | DF_1_NOOPEN flag set. */ | |
1b26b855 | 1204 | if (__glibc_unlikely (l->l_flags_1 & DF_1_NOOPEN) |
2f54c82d UD |
1205 | && (mode & __RTLD_DLOPEN)) |
1206 | { | |
2f54c82d | 1207 | /* We are not supposed to load this object. Free all resources. */ |
fcccd512 | 1208 | _dl_unmap_segments (l); |
2f54c82d | 1209 | |
11810621 UD |
1210 | if (!l->l_libname->dont_free) |
1211 | free (l->l_libname); | |
2f54c82d UD |
1212 | |
1213 | if (l->l_phdr_allocated) | |
1214 | free ((void *) l->l_phdr); | |
1215 | ||
fb0356b9 UD |
1216 | errstring = N_("shared object cannot be dlopen()ed"); |
1217 | goto call_lose; | |
2f54c82d UD |
1218 | } |
1219 | ||
efec5079 UD |
1220 | if (l->l_phdr == NULL) |
1221 | { | |
1222 | /* The program header is not contained in any of the segments. | |
1223 | We have to allocate memory ourself and copy it over from out | |
1224 | temporary place. */ | |
1225 | ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum | |
1226 | * sizeof (ElfW(Phdr))); | |
1227 | if (newp == NULL) | |
1228 | { | |
1229 | errstring = N_("cannot allocate memory for program header"); | |
1230 | goto call_lose_errno; | |
1231 | } | |
1232 | ||
1233 | l->l_phdr = memcpy (newp, phdr, | |
1234 | (header->e_phnum * sizeof (ElfW(Phdr)))); | |
1235 | l->l_phdr_allocated = 1; | |
1236 | } | |
1237 | else | |
1238 | /* Adjust the PT_PHDR value by the runtime load address. */ | |
1239 | l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr); | |
1240 | ||
a1ffb40e | 1241 | if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X)) |
dcca3fe2 | 1242 | { |
1b26b855 | 1243 | if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso) != 0)) |
e751d282 RM |
1244 | { |
1245 | errstring = N_("invalid caller"); | |
1246 | goto call_lose; | |
1247 | } | |
1248 | ||
dcca3fe2 UD |
1249 | /* The stack is presently not executable, but this module |
1250 | requires that it be executable. We must change the | |
1251 | protection of the variable which contains the flags used in | |
1252 | the mprotect calls. */ | |
11bf311e | 1253 | #ifdef SHARED |
3e539cb4 | 1254 | if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN) |
dcca3fe2 | 1255 | { |
e751d282 RM |
1256 | const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize); |
1257 | const size_t s = (uintptr_t) (&__stack_prot + 1) - p; | |
1258 | ||
1259 | struct link_map *const m = &GL(dl_rtld_map); | |
1260 | const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr | |
1261 | + m->l_relro_size) | |
1262 | & -GLRO(dl_pagesize)); | |
a1ffb40e | 1263 | if (__glibc_likely (p + s <= relro_end)) |
e751d282 RM |
1264 | { |
1265 | /* The variable lies in the region protected by RELRO. */ | |
0432680e PY |
1266 | if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0) |
1267 | { | |
1268 | errstring = N_("cannot change memory protections"); | |
1269 | goto call_lose_errno; | |
1270 | } | |
e751d282 RM |
1271 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; |
1272 | __mprotect ((void *) p, s, PROT_READ); | |
1273 | } | |
1274 | else | |
ecc1d0c3 | 1275 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; |
dcca3fe2 UD |
1276 | } |
1277 | else | |
1278 | #endif | |
ecc1d0c3 | 1279 | __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC; |
dcca3fe2 | 1280 | |
606832e6 UD |
1281 | #ifdef check_consistency |
1282 | check_consistency (); | |
1283 | #endif | |
1284 | ||
dcca3fe2 UD |
1285 | errval = (*GL(dl_make_stack_executable_hook)) (stack_endp); |
1286 | if (errval) | |
1287 | { | |
1288 | errstring = N_("\ | |
1289 | cannot enable executable stack as shared object requires"); | |
1290 | goto call_lose; | |
1291 | } | |
1292 | } | |
1293 | ||
efec5079 UD |
1294 | /* Adjust the address of the TLS initialization image. */ |
1295 | if (l->l_tls_initimage != NULL) | |
1296 | l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr; | |
efec5079 UD |
1297 | |
1298 | /* We are done mapping in the file. We no longer need the descriptor. */ | |
a1ffb40e | 1299 | if (__glibc_unlikely (__close (fd) != 0)) |
efec5079 UD |
1300 | { |
1301 | errstring = N_("cannot close file descriptor"); | |
1302 | goto call_lose_errno; | |
1303 | } | |
1304 | /* Signal that we closed the file. */ | |
1305 | fd = -1; | |
1306 | ||
798212a0 PP |
1307 | /* If this is ET_EXEC, we should have loaded it as lt_executable. */ |
1308 | assert (type != ET_EXEC || l->l_type == lt_executable); | |
efec5079 UD |
1309 | |
1310 | l->l_entry += l->l_addr; | |
1311 | ||
a1ffb40e | 1312 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)) |
efec5079 UD |
1313 | _dl_debug_printf ("\ |
1314 | dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\ | |
1315 | entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n", | |
1316 | (int) sizeof (void *) * 2, | |
1317 | (unsigned long int) l->l_ld, | |
1318 | (int) sizeof (void *) * 2, | |
1319 | (unsigned long int) l->l_addr, | |
1320 | (int) sizeof (void *) * 2, maplength, | |
1321 | (int) sizeof (void *) * 2, | |
1322 | (unsigned long int) l->l_entry, | |
1323 | (int) sizeof (void *) * 2, | |
1324 | (unsigned long int) l->l_phdr, | |
1325 | (int) sizeof (void *) * 2, l->l_phnum); | |
1326 | ||
1327 | /* Set up the symbol hash table. */ | |
1328 | _dl_setup_hash (l); | |
d66e34cd | 1329 | |
be935610 UD |
1330 | /* If this object has DT_SYMBOLIC set modify now its scope. We don't |
1331 | have to do this for the main map. */ | |
1fc07491 | 1332 | if ((mode & RTLD_DEEPBIND) == 0 |
1b26b855 | 1333 | && __glibc_unlikely (l->l_info[DT_SYMBOLIC] != NULL) |
c0a777e8 | 1334 | && &l->l_searchlist != l->l_scope[0]) |
be935610 UD |
1335 | { |
1336 | /* Create an appropriate searchlist. It contains only this map. | |
1fc07491 | 1337 | This is the definition of DT_SYMBOLIC in SysVr4. */ |
be935610 UD |
1338 | l->l_symbolic_searchlist.r_list[0] = l; |
1339 | l->l_symbolic_searchlist.r_nlist = 1; | |
be935610 UD |
1340 | |
1341 | /* Now move the existing entries one back. */ | |
c0a777e8 UD |
1342 | memmove (&l->l_scope[1], &l->l_scope[0], |
1343 | (l->l_scope_max - 1) * sizeof (l->l_scope[0])); | |
be935610 UD |
1344 | |
1345 | /* Now add the new entry. */ | |
c0a777e8 | 1346 | l->l_scope[0] = &l->l_symbolic_searchlist; |
be935610 UD |
1347 | } |
1348 | ||
5d916713 | 1349 | /* Remember whether this object must be initialized first. */ |
39b3385d | 1350 | if (l->l_flags_1 & DF_1_INITFIRST) |
d6b5d570 | 1351 | GL(dl_initfirst) = l; |
5d916713 | 1352 | |
61e0617a | 1353 | /* Finally the file information. */ |
c01ae97e | 1354 | l->l_file_id = id; |
61e0617a | 1355 | |
a1b85ae8 FW |
1356 | #ifdef SHARED |
1357 | /* When auditing is used the recorded names might not include the | |
1358 | name by which the DSO is actually known. Add that as well. */ | |
1359 | if (__glibc_unlikely (origname != NULL)) | |
1360 | add_name_to_object (l, origname); | |
1361 | #else | |
1362 | /* Audit modules only exist when linking is dynamic so ORIGNAME | |
1363 | cannot be non-NULL. */ | |
1364 | assert (origname == NULL); | |
1365 | #endif | |
1366 | ||
51f38e87 UD |
1367 | /* When we profile the SONAME might be needed for something else but |
1368 | loading. Add it right away. */ | |
1b26b855 | 1369 | if (__glibc_unlikely (GLRO(dl_profile) != NULL) |
51f38e87 UD |
1370 | && l->l_info[DT_SONAME] != NULL) |
1371 | add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB]) | |
1372 | + l->l_info[DT_SONAME]->d_un.d_val)); | |
1373 | ||
47cc1490 CM |
1374 | #ifdef DL_AFTER_LOAD |
1375 | DL_AFTER_LOAD (l); | |
1376 | #endif | |
1377 | ||
f0967738 AK |
1378 | /* Now that the object is fully initialized add it to the object list. */ |
1379 | _dl_add_to_namespace_list (l, nsid); | |
1380 | ||
9dcafc55 UD |
1381 | #ifdef SHARED |
1382 | /* Auditing checkpoint: we have a new object. */ | |
1b26b855 | 1383 | if (__glibc_unlikely (GLRO(dl_naudit) > 0) |
29f97654 | 1384 | && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing) |
9dcafc55 UD |
1385 | { |
1386 | struct audit_ifaces *afct = GLRO(dl_audit); | |
1387 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
1388 | { | |
1389 | if (afct->objopen != NULL) | |
1390 | { | |
1391 | l->l_audit[cnt].bindflags | |
1392 | = afct->objopen (l, nsid, &l->l_audit[cnt].cookie); | |
1393 | ||
1394 | l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0; | |
1395 | } | |
1396 | ||
1397 | afct = afct->next; | |
1398 | } | |
1399 | } | |
1400 | #endif | |
1401 | ||
d66e34cd RM |
1402 | return l; |
1403 | } | |
ba79d61b | 1404 | \f |
b5efde2f UD |
1405 | /* Print search path. */ |
1406 | static void | |
1407 | print_search_path (struct r_search_path_elem **list, | |
844c394a | 1408 | const char *what, const char *name) |
b5efde2f | 1409 | { |
12264bd7 | 1410 | char buf[max_dirnamelen + max_capstrlen]; |
b5efde2f UD |
1411 | int first = 1; |
1412 | ||
154d10bd | 1413 | _dl_debug_printf (" search path="); |
b5efde2f UD |
1414 | |
1415 | while (*list != NULL && (*list)->what == what) /* Yes, ==. */ | |
1416 | { | |
12264bd7 UD |
1417 | char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen); |
1418 | size_t cnt; | |
1419 | ||
1420 | for (cnt = 0; cnt < ncapstr; ++cnt) | |
1421 | if ((*list)->status[cnt] != nonexisting) | |
1422 | { | |
1423 | char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len); | |
143e2b96 UD |
1424 | if (cp == buf || (cp == buf + 1 && buf[0] == '/')) |
1425 | cp[0] = '\0'; | |
1426 | else | |
1427 | cp[-1] = '\0'; | |
fb0356b9 UD |
1428 | |
1429 | _dl_debug_printf_c (first ? "%s" : ":%s", buf); | |
1430 | first = 0; | |
12264bd7 | 1431 | } |
b5efde2f | 1432 | |
b5efde2f UD |
1433 | ++list; |
1434 | } | |
1435 | ||
1436 | if (name != NULL) | |
35fc382a | 1437 | _dl_debug_printf_c ("\t\t(%s from file %s)\n", what, |
b9375348 | 1438 | DSO_FILENAME (name)); |
b5efde2f | 1439 | else |
35fc382a | 1440 | _dl_debug_printf_c ("\t\t(%s)\n", what); |
b5efde2f UD |
1441 | } |
1442 | \f | |
a35e137a UD |
1443 | /* Open a file and verify it is an ELF file for this architecture. We |
1444 | ignore only ELF files for other architectures. Non-ELF files and | |
1445 | ELF files with different header information cause fatal errors since | |
1446 | this could mean there is something wrong in the installation and the | |
c0d6f2a3 RM |
1447 | user might want to know about this. |
1448 | ||
1449 | If FD is not -1, then the file is already open and FD refers to it. | |
1450 | In that case, FD is consumed for both successful and error returns. */ | |
a35e137a | 1451 | static int |
c0d6f2a3 RM |
1452 | open_verify (const char *name, int fd, |
1453 | struct filebuf *fbp, struct link_map *loader, | |
a42faf59 | 1454 | int whatcode, int mode, bool *found_other_class, bool free_name) |
a35e137a UD |
1455 | { |
1456 | /* This is the expected ELF header. */ | |
1457 | #define ELF32_CLASS ELFCLASS32 | |
1458 | #define ELF64_CLASS ELFCLASS64 | |
1459 | #ifndef VALID_ELF_HEADER | |
1460 | # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0) | |
1461 | # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV) | |
d8c47894 | 1462 | # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0) |
40e2fc8b UD |
1463 | #elif defined MORE_ELF_HEADER_DATA |
1464 | MORE_ELF_HEADER_DATA; | |
a35e137a | 1465 | #endif |
04f2902d | 1466 | static const unsigned char expected[EI_NIDENT] = |
a35e137a UD |
1467 | { |
1468 | [EI_MAG0] = ELFMAG0, | |
1469 | [EI_MAG1] = ELFMAG1, | |
1470 | [EI_MAG2] = ELFMAG2, | |
1471 | [EI_MAG3] = ELFMAG3, | |
1472 | [EI_CLASS] = ELFW(CLASS), | |
1473 | [EI_DATA] = byteorder, | |
1474 | [EI_VERSION] = EV_CURRENT, | |
1475 | [EI_OSABI] = ELFOSABI_SYSV, | |
1476 | [EI_ABIVERSION] = 0 | |
1477 | }; | |
39b3385d UD |
1478 | static const struct |
1479 | { | |
1480 | ElfW(Word) vendorlen; | |
1481 | ElfW(Word) datalen; | |
1482 | ElfW(Word) type; | |
55c91021 | 1483 | char vendor[4]; |
a986484f | 1484 | } expected_note = { 4, 16, 1, "GNU" }; |
39b3385d UD |
1485 | /* Initialize it to make the compiler happy. */ |
1486 | const char *errstring = NULL; | |
1487 | int errval = 0; | |
a35e137a | 1488 | |
9dcafc55 UD |
1489 | #ifdef SHARED |
1490 | /* Give the auditing libraries a chance. */ | |
1b26b855 | 1491 | if (__glibc_unlikely (GLRO(dl_naudit) > 0) && whatcode != 0 |
9dcafc55 UD |
1492 | && loader->l_auditing == 0) |
1493 | { | |
c0d6f2a3 | 1494 | const char *original_name = name; |
9dcafc55 UD |
1495 | struct audit_ifaces *afct = GLRO(dl_audit); |
1496 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
1497 | { | |
1498 | if (afct->objsearch != NULL) | |
1499 | { | |
1500 | name = afct->objsearch (name, &loader->l_audit[cnt].cookie, | |
1501 | whatcode); | |
1502 | if (name == NULL) | |
1503 | /* Ignore the path. */ | |
1504 | return -1; | |
1505 | } | |
1506 | ||
1507 | afct = afct->next; | |
1508 | } | |
c0d6f2a3 RM |
1509 | |
1510 | if (fd != -1 && name != original_name && strcmp (name, original_name)) | |
1511 | { | |
1512 | /* An audit library changed what we're supposed to open, | |
1513 | so FD no longer matches it. */ | |
1514 | __close (fd); | |
1515 | fd = -1; | |
1516 | } | |
9dcafc55 UD |
1517 | } |
1518 | #endif | |
1519 | ||
c0d6f2a3 RM |
1520 | if (fd == -1) |
1521 | /* Open the file. We always open files read-only. */ | |
1522 | fd = __open (name, O_RDONLY | O_CLOEXEC); | |
1523 | ||
a35e137a UD |
1524 | if (fd != -1) |
1525 | { | |
1526 | ElfW(Ehdr) *ehdr; | |
a986484f | 1527 | ElfW(Phdr) *phdr, *ph; |
2f6773b5 | 1528 | ElfW(Word) *abi_note; |
a986484f UD |
1529 | unsigned int osversion; |
1530 | size_t maplength; | |
a35e137a | 1531 | |
9f236c49 | 1532 | /* We successfully opened the file. Now verify it is a file |
a35e137a UD |
1533 | we can use. */ |
1534 | __set_errno (0); | |
88481c16 SP |
1535 | fbp->len = 0; |
1536 | assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr))); | |
1537 | /* Read in the header. */ | |
1538 | do | |
fcccd512 RM |
1539 | { |
1540 | ssize_t retlen = __libc_read (fd, fbp->buf + fbp->len, | |
88481c16 SP |
1541 | sizeof (fbp->buf) - fbp->len); |
1542 | if (retlen <= 0) | |
1543 | break; | |
1544 | fbp->len += retlen; | |
1545 | } | |
1b26b855 | 1546 | while (__glibc_unlikely (fbp->len < sizeof (ElfW(Ehdr)))); |
a35e137a UD |
1547 | |
1548 | /* This is where the ELF header is loaded. */ | |
a35e137a UD |
1549 | ehdr = (ElfW(Ehdr) *) fbp->buf; |
1550 | ||
1551 | /* Now run the tests. */ | |
a1ffb40e | 1552 | if (__glibc_unlikely (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)))) |
39b3385d UD |
1553 | { |
1554 | errval = errno; | |
1555 | errstring = (errval == 0 | |
1556 | ? N_("file too short") : N_("cannot read file data")); | |
1557 | call_lose: | |
2e0fc40c UD |
1558 | if (free_name) |
1559 | { | |
1560 | char *realname = (char *) name; | |
1561 | name = strdupa (realname); | |
1562 | free (realname); | |
1563 | } | |
815e6fa3 | 1564 | lose (errval, fd, name, NULL, NULL, errstring, NULL, 0); |
39b3385d | 1565 | } |
a35e137a UD |
1566 | |
1567 | /* See whether the ELF header is what we expect. */ | |
277ae3f1 | 1568 | if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr->e_ident, expected, |
92ad15a8 | 1569 | EI_ABIVERSION) |
d8c47894 | 1570 | || !VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI], |
04f2902d UD |
1571 | ehdr->e_ident[EI_ABIVERSION]) |
1572 | || memcmp (&ehdr->e_ident[EI_PAD], | |
1573 | &expected[EI_PAD], | |
277ae3f1 | 1574 | EI_NIDENT - EI_PAD) != 0)) |
a35e137a UD |
1575 | { |
1576 | /* Something is wrong. */ | |
6cc8844f UD |
1577 | const Elf32_Word *magp = (const void *) ehdr->e_ident; |
1578 | if (*magp != | |
a35e137a UD |
1579 | #if BYTE_ORDER == LITTLE_ENDIAN |
1580 | ((ELFMAG0 << (EI_MAG0 * 8)) | | |
1581 | (ELFMAG1 << (EI_MAG1 * 8)) | | |
1582 | (ELFMAG2 << (EI_MAG2 * 8)) | | |
1583 | (ELFMAG3 << (EI_MAG3 * 8))) | |
1584 | #else | |
1585 | ((ELFMAG0 << (EI_MAG3 * 8)) | | |
1586 | (ELFMAG1 << (EI_MAG2 * 8)) | | |
1587 | (ELFMAG2 << (EI_MAG1 * 8)) | | |
1588 | (ELFMAG3 << (EI_MAG0 * 8))) | |
1589 | #endif | |
1590 | ) | |
39b3385d UD |
1591 | errstring = N_("invalid ELF header"); |
1592 | else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS)) | |
7f71c55d UD |
1593 | { |
1594 | /* This is not a fatal error. On architectures where | |
1595 | 32-bit and 64-bit binaries can be run this might | |
1596 | happen. */ | |
1597 | *found_other_class = true; | |
1598 | goto close_and_out; | |
1599 | } | |
39b3385d | 1600 | else if (ehdr->e_ident[EI_DATA] != byteorder) |
a35e137a UD |
1601 | { |
1602 | if (BYTE_ORDER == BIG_ENDIAN) | |
39b3385d | 1603 | errstring = N_("ELF file data encoding not big-endian"); |
a35e137a | 1604 | else |
39b3385d | 1605 | errstring = N_("ELF file data encoding not little-endian"); |
a35e137a | 1606 | } |
39b3385d UD |
1607 | else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT) |
1608 | errstring | |
1609 | = N_("ELF file version ident does not match current one"); | |
a35e137a UD |
1610 | /* XXX We should be able so set system specific versions which are |
1611 | allowed here. */ | |
39b3385d UD |
1612 | else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI])) |
1613 | errstring = N_("ELF file OS ABI invalid"); | |
d8c47894 UD |
1614 | else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI], |
1615 | ehdr->e_ident[EI_ABIVERSION])) | |
39b3385d | 1616 | errstring = N_("ELF file ABI version invalid"); |
04f2902d UD |
1617 | else if (memcmp (&ehdr->e_ident[EI_PAD], &expected[EI_PAD], |
1618 | EI_NIDENT - EI_PAD) != 0) | |
1619 | errstring = N_("nonzero padding in e_ident"); | |
39b3385d UD |
1620 | else |
1621 | /* Otherwise we don't know what went wrong. */ | |
1622 | errstring = N_("internal error"); | |
1623 | ||
1624 | goto call_lose; | |
a35e137a UD |
1625 | } |
1626 | ||
1b26b855 | 1627 | if (__glibc_unlikely (ehdr->e_version != EV_CURRENT)) |
39b3385d UD |
1628 | { |
1629 | errstring = N_("ELF file version does not match current one"); | |
1630 | goto call_lose; | |
1631 | } | |
277ae3f1 | 1632 | if (! __glibc_likely (elf_machine_matches_host (ehdr))) |
a986484f | 1633 | goto close_and_out; |
277ae3f1 PP |
1634 | else if (__glibc_unlikely (ehdr->e_type != ET_DYN |
1635 | && ehdr->e_type != ET_EXEC)) | |
39b3385d UD |
1636 | { |
1637 | errstring = N_("only ET_DYN and ET_EXEC can be loaded"); | |
1638 | goto call_lose; | |
1639 | } | |
a42faf59 PP |
1640 | else if (__glibc_unlikely (ehdr->e_type == ET_EXEC |
1641 | && (mode & __RTLD_OPENEXEC) == 0)) | |
1642 | { | |
1643 | /* BZ #16634. It is an error to dlopen ET_EXEC (unless | |
1644 | __RTLD_OPENEXEC is explicitly set). We return error here | |
1645 | so that code in _dl_map_object_from_fd does not try to set | |
1646 | l_tls_modid for this module. */ | |
1647 | ||
1648 | errstring = N_("cannot dynamically load executable"); | |
1649 | goto call_lose; | |
1650 | } | |
1b26b855 | 1651 | else if (__glibc_unlikely (ehdr->e_phentsize != sizeof (ElfW(Phdr)))) |
5ce98c3f UD |
1652 | { |
1653 | errstring = N_("ELF file's phentsize not the expected size"); | |
1654 | goto call_lose; | |
1655 | } | |
a986484f UD |
1656 | |
1657 | maplength = ehdr->e_phnum * sizeof (ElfW(Phdr)); | |
6dd67bd5 | 1658 | if (ehdr->e_phoff + maplength <= (size_t) fbp->len) |
a986484f UD |
1659 | phdr = (void *) (fbp->buf + ehdr->e_phoff); |
1660 | else | |
1661 | { | |
1662 | phdr = alloca (maplength); | |
0e15c4b6 | 1663 | __lseek (fd, ehdr->e_phoff, SEEK_SET); |
6dd67bd5 | 1664 | if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength) |
39b3385d UD |
1665 | { |
1666 | read_error: | |
1667 | errval = errno; | |
1668 | errstring = N_("cannot read file data"); | |
1669 | goto call_lose; | |
1670 | } | |
a986484f UD |
1671 | } |
1672 | ||
d6f373d2 MF |
1673 | if (__glibc_unlikely (elf_machine_reject_phdr_p |
1674 | (phdr, ehdr->e_phnum, fbp->buf, fbp->len, | |
1675 | loader, fd))) | |
1676 | goto close_and_out; | |
1677 | ||
a986484f UD |
1678 | /* Check .note.ABI-tag if present. */ |
1679 | for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph) | |
2f6773b5 | 1680 | if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4) |
a986484f | 1681 | { |
2f6773b5 UD |
1682 | ElfW(Addr) size = ph->p_filesz; |
1683 | ||
1684 | if (ph->p_offset + size <= (size_t) fbp->len) | |
a986484f UD |
1685 | abi_note = (void *) (fbp->buf + ph->p_offset); |
1686 | else | |
1687 | { | |
2f6773b5 | 1688 | abi_note = alloca (size); |
0e15c4b6 | 1689 | __lseek (fd, ph->p_offset, SEEK_SET); |
2f6773b5 | 1690 | if (__libc_read (fd, (void *) abi_note, size) != size) |
39b3385d | 1691 | goto read_error; |
2f6773b5 UD |
1692 | } |
1693 | ||
1694 | while (memcmp (abi_note, &expected_note, sizeof (expected_note))) | |
1695 | { | |
1696 | #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word))) | |
1697 | ElfW(Addr) note_size = 3 * sizeof (ElfW(Word)) | |
1698 | + ROUND (abi_note[0]) | |
1699 | + ROUND (abi_note[1]); | |
39b3385d | 1700 | |
2f6773b5 UD |
1701 | if (size - 32 < note_size) |
1702 | { | |
1703 | size = 0; | |
1704 | break; | |
1705 | } | |
1706 | size -= note_size; | |
1707 | abi_note = (void *) abi_note + note_size; | |
a986484f UD |
1708 | } |
1709 | ||
2f6773b5 | 1710 | if (size == 0) |
a986484f UD |
1711 | continue; |
1712 | ||
55c91021 UD |
1713 | osversion = (abi_note[5] & 0xff) * 65536 |
1714 | + (abi_note[6] & 0xff) * 256 | |
1715 | + (abi_note[7] & 0xff); | |
1716 | if (abi_note[4] != __ABI_TAG_OS | |
afdca0f2 | 1717 | || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion)) |
a986484f UD |
1718 | { |
1719 | close_and_out: | |
1720 | __close (fd); | |
1721 | __set_errno (ENOENT); | |
1722 | fd = -1; | |
1723 | } | |
1724 | ||
1725 | break; | |
1726 | } | |
a35e137a UD |
1727 | } |
1728 | ||
1729 | return fd; | |
1730 | } | |
1731 | \f | |
04ea3b0f | 1732 | /* Try to open NAME in one of the directories in *DIRSP. |
ba79d61b | 1733 | Return the fd, or -1. If successful, fill in *REALNAME |
04ea3b0f UD |
1734 | with the malloc'd full directory name. If it turns out |
1735 | that none of the directories in *DIRSP exists, *DIRSP is | |
1736 | replaced with (void *) -1, and the old value is free()d | |
1737 | if MAY_FREE_DIRS is true. */ | |
ba79d61b RM |
1738 | |
1739 | static int | |
a42faf59 | 1740 | open_path (const char *name, size_t namelen, int mode, |
a35e137a | 1741 | struct r_search_path_struct *sps, char **realname, |
7f71c55d UD |
1742 | struct filebuf *fbp, struct link_map *loader, int whatcode, |
1743 | bool *found_other_class) | |
ba79d61b | 1744 | { |
f55727ca | 1745 | struct r_search_path_elem **dirs = sps->dirs; |
ba79d61b | 1746 | char *buf; |
0a54e401 | 1747 | int fd = -1; |
b5efde2f | 1748 | const char *current_what = NULL; |
152e7964 | 1749 | int any = 0; |
ba79d61b | 1750 | |
a1ffb40e | 1751 | if (__glibc_unlikely (dirs == NULL)) |
ab1d521d RM |
1752 | /* We're called before _dl_init_paths when loading the main executable |
1753 | given on the command line when rtld is run directly. */ | |
1754 | return -1; | |
1755 | ||
5431ece5 | 1756 | buf = alloca (max_dirnamelen + max_capstrlen + namelen); |
ba79d61b RM |
1757 | do |
1758 | { | |
0a54e401 UD |
1759 | struct r_search_path_elem *this_dir = *dirs; |
1760 | size_t buflen = 0; | |
12264bd7 | 1761 | size_t cnt; |
b0b67c47 | 1762 | char *edp; |
f5858039 | 1763 | int here_any = 0; |
55c91021 | 1764 | int err; |
ba79d61b | 1765 | |
b5efde2f UD |
1766 | /* If we are debugging the search for libraries print the path |
1767 | now if it hasn't happened now. */ | |
1b26b855 | 1768 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS) |
cf197e41 | 1769 | && current_what != this_dir->what) |
b5efde2f UD |
1770 | { |
1771 | current_what = this_dir->what; | |
1772 | print_search_path (dirs, current_what, this_dir->where); | |
1773 | } | |
1774 | ||
b0b67c47 | 1775 | edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen); |
12264bd7 | 1776 | for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt) |
fd26970f | 1777 | { |
12264bd7 UD |
1778 | /* Skip this directory if we know it does not exist. */ |
1779 | if (this_dir->status[cnt] == nonexisting) | |
1780 | continue; | |
0a54e401 | 1781 | |
12264bd7 | 1782 | buflen = |
d6b5d570 UD |
1783 | ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str, |
1784 | capstr[cnt].len), | |
12264bd7 UD |
1785 | name, namelen) |
1786 | - buf); | |
1787 | ||
1788 | /* Print name we try if this is wanted. */ | |
a1ffb40e | 1789 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)) |
154d10bd | 1790 | _dl_debug_printf (" trying file=%s\n", buf); |
b5efde2f | 1791 | |
c0d6f2a3 | 1792 | fd = open_verify (buf, -1, fbp, loader, whatcode, mode, |
a42faf59 | 1793 | found_other_class, false); |
12264bd7 | 1794 | if (this_dir->status[cnt] == unknown) |
6e4c40ba UD |
1795 | { |
1796 | if (fd != -1) | |
1797 | this_dir->status[cnt] = existing; | |
9dcafc55 UD |
1798 | /* Do not update the directory information when loading |
1799 | auditing code. We must try to disturb the program as | |
1800 | little as possible. */ | |
1801 | else if (loader == NULL | |
361a3706 | 1802 | || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0) |
6e4c40ba UD |
1803 | { |
1804 | /* We failed to open machine dependent library. Let's | |
1805 | test whether there is any directory at all. */ | |
5763742f | 1806 | struct stat64 st; |
6e4c40ba UD |
1807 | |
1808 | buf[buflen - namelen - 1] = '\0'; | |
1809 | ||
5763742f | 1810 | if (__xstat64 (_STAT_VER, buf, &st) != 0 |
6e4c40ba UD |
1811 | || ! S_ISDIR (st.st_mode)) |
1812 | /* The directory does not exist or it is no directory. */ | |
1813 | this_dir->status[cnt] = nonexisting; | |
1814 | else | |
1815 | this_dir->status[cnt] = existing; | |
1816 | } | |
1817 | } | |
fd26970f | 1818 | |
152e7964 | 1819 | /* Remember whether we found any existing directory. */ |
9dcafc55 | 1820 | here_any |= this_dir->status[cnt] != nonexisting; |
152e7964 | 1821 | |
1b26b855 | 1822 | if (fd != -1 && __glibc_unlikely (mode & __RTLD_SECURE) |
6bc6bd3b | 1823 | && __libc_enable_secure) |
c6222ab9 UD |
1824 | { |
1825 | /* This is an extra security effort to make sure nobody can | |
1826 | preload broken shared objects which are in the trusted | |
1827 | directories and so exploit the bugs. */ | |
5763742f | 1828 | struct stat64 st; |
c6222ab9 | 1829 | |
5763742f | 1830 | if (__fxstat64 (_STAT_VER, fd, &st) != 0 |
c6222ab9 UD |
1831 | || (st.st_mode & S_ISUID) == 0) |
1832 | { | |
1833 | /* The shared object cannot be tested for being SUID | |
1834 | or this bit is not set. In this case we must not | |
1835 | use this object. */ | |
1836 | __close (fd); | |
1837 | fd = -1; | |
1838 | /* We simply ignore the file, signal this by setting | |
1839 | the error value which would have been set by `open'. */ | |
1840 | errno = ENOENT; | |
1841 | } | |
1842 | } | |
ba79d61b RM |
1843 | } |
1844 | ||
ba79d61b RM |
1845 | if (fd != -1) |
1846 | { | |
2f653c01 | 1847 | *realname = (char *) malloc (buflen); |
c6222ab9 | 1848 | if (*realname != NULL) |
ba79d61b RM |
1849 | { |
1850 | memcpy (*realname, buf, buflen); | |
1851 | return fd; | |
1852 | } | |
1853 | else | |
1854 | { | |
1855 | /* No memory for the name, we certainly won't be able | |
1856 | to load and link it. */ | |
1857 | __close (fd); | |
1858 | return -1; | |
1859 | } | |
1860 | } | |
55c91021 | 1861 | if (here_any && (err = errno) != ENOENT && err != EACCES) |
ba79d61b RM |
1862 | /* The file exists and is readable, but something went wrong. */ |
1863 | return -1; | |
f5858039 UD |
1864 | |
1865 | /* Remember whether we found anything. */ | |
1866 | any |= here_any; | |
ba79d61b | 1867 | } |
0a54e401 | 1868 | while (*++dirs != NULL); |
ba79d61b | 1869 | |
152e7964 | 1870 | /* Remove the whole path if none of the directories exists. */ |
a1ffb40e | 1871 | if (__glibc_unlikely (! any)) |
152e7964 | 1872 | { |
04ea3b0f UD |
1873 | /* Paths which were allocated using the minimal malloc() in ld.so |
1874 | must not be freed using the general free() in libc. */ | |
f55727ca UD |
1875 | if (sps->malloced) |
1876 | free (sps->dirs); | |
11bf311e | 1877 | |
9317ea65 | 1878 | /* rtld_search_dirs and env_path_list are attribute_relro, therefore |
c01ae97e | 1879 | avoid writing into it. */ |
9317ea65 | 1880 | if (sps != &rtld_search_dirs && sps != &env_path_list) |
ecc1d0c3 | 1881 | sps->dirs = (void *) -1; |
152e7964 UD |
1882 | } |
1883 | ||
ba79d61b RM |
1884 | return -1; |
1885 | } | |
1886 | ||
1887 | /* Map in the shared object file NAME. */ | |
1888 | ||
1889 | struct link_map * | |
d0fc4041 | 1890 | internal_function |
8e9f92e9 | 1891 | _dl_map_object (struct link_map *loader, const char *name, |
c0f62c56 | 1892 | int type, int trace_mode, int mode, Lmid_t nsid) |
ba79d61b RM |
1893 | { |
1894 | int fd; | |
a1b85ae8 | 1895 | const char *origname = NULL; |
ba79d61b | 1896 | char *realname; |
14bab8de | 1897 | char *name_copy; |
ba79d61b | 1898 | struct link_map *l; |
a35e137a | 1899 | struct filebuf fb; |
ba79d61b | 1900 | |
c0f62c56 | 1901 | assert (nsid >= 0); |
22c83193 | 1902 | assert (nsid < GL(dl_nns)); |
c0f62c56 | 1903 | |
ba79d61b | 1904 | /* Look for this name among those already loaded. */ |
c0f62c56 | 1905 | for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next) |
f41c8091 UD |
1906 | { |
1907 | /* If the requested name matches the soname of a loaded object, | |
1908 | use that object. Elide this check for names that have not | |
1909 | yet been opened. */ | |
277ae3f1 | 1910 | if (__glibc_unlikely ((l->l_faked | l->l_removed) != 0)) |
f41c8091 UD |
1911 | continue; |
1912 | if (!_dl_name_match_p (name, l)) | |
1913 | { | |
1914 | const char *soname; | |
1915 | ||
1b26b855 | 1916 | if (__glibc_likely (l->l_soname_added) |
c91bc73e | 1917 | || l->l_info[DT_SONAME] == NULL) |
f41c8091 UD |
1918 | continue; |
1919 | ||
8699e7b1 UD |
1920 | soname = ((const char *) D_PTR (l, l_info[DT_STRTAB]) |
1921 | + l->l_info[DT_SONAME]->d_un.d_val); | |
f41c8091 UD |
1922 | if (strcmp (name, soname) != 0) |
1923 | continue; | |
1924 | ||
1925 | /* We have a match on a new name -- cache it. */ | |
76156ea1 | 1926 | add_name_to_object (l, soname); |
c91bc73e | 1927 | l->l_soname_added = 1; |
f41c8091 UD |
1928 | } |
1929 | ||
42c4f32a | 1930 | /* We have a match. */ |
f41c8091 UD |
1931 | return l; |
1932 | } | |
ba79d61b | 1933 | |
8193034b | 1934 | /* Display information if we are debugging. */ |
1b26b855 | 1935 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES) |
7969407a | 1936 | && loader != NULL) |
07df30d9 | 1937 | _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0 |
9ac533d3 UD |
1938 | ? "\nfile=%s [%lu]; needed by %s [%lu]\n" |
1939 | : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n", | |
b9375348 | 1940 | name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns); |
8193034b | 1941 | |
9dcafc55 UD |
1942 | #ifdef SHARED |
1943 | /* Give the auditing libraries a chance to change the name before we | |
1944 | try anything. */ | |
1b26b855 | 1945 | if (__glibc_unlikely (GLRO(dl_naudit) > 0) |
9dcafc55 UD |
1946 | && (loader == NULL || loader->l_auditing == 0)) |
1947 | { | |
1948 | struct audit_ifaces *afct = GLRO(dl_audit); | |
1949 | for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt) | |
1950 | { | |
1951 | if (afct->objsearch != NULL) | |
1952 | { | |
a1b85ae8 | 1953 | const char *before = name; |
9dcafc55 UD |
1954 | name = afct->objsearch (name, &loader->l_audit[cnt].cookie, |
1955 | LA_SER_ORIG); | |
1956 | if (name == NULL) | |
1957 | { | |
1958 | /* Do not try anything further. */ | |
1959 | fd = -1; | |
1960 | goto no_file; | |
1961 | } | |
a1b85ae8 FW |
1962 | if (before != name && strcmp (before, name) != 0) |
1963 | { | |
1964 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)) | |
1965 | _dl_debug_printf ("audit changed filename %s -> %s\n", | |
1966 | before, name); | |
1967 | ||
1968 | if (origname == NULL) | |
1969 | origname = before; | |
1970 | } | |
9dcafc55 UD |
1971 | } |
1972 | ||
1973 | afct = afct->next; | |
1974 | } | |
1975 | } | |
1976 | #endif | |
1977 | ||
7f71c55d UD |
1978 | /* Will be true if we found a DSO which is of the other ELF class. */ |
1979 | bool found_other_class = false; | |
1980 | ||
ba79d61b RM |
1981 | if (strchr (name, '/') == NULL) |
1982 | { | |
1983 | /* Search for NAME in several places. */ | |
1984 | ||
1985 | size_t namelen = strlen (name) + 1; | |
1986 | ||
a1ffb40e | 1987 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)) |
c0f62c56 | 1988 | _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid); |
b5efde2f | 1989 | |
ba79d61b | 1990 | fd = -1; |
a23db8e4 | 1991 | |
fcf70d41 | 1992 | /* When the object has the RUNPATH information we don't use any |
844c394a | 1993 | RPATHs. */ |
4c540916 | 1994 | if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL) |
fcf70d41 | 1995 | { |
a1f0de82 UD |
1996 | /* This is the executable's map (if there is one). Make sure that |
1997 | we do not look at it twice. */ | |
1998 | struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded; | |
1999 | bool did_main_map = false; | |
2000 | ||
fcf70d41 UD |
2001 | /* First try the DT_RPATH of the dependent object that caused NAME |
2002 | to be loaded. Then that object's dependent, and on up. */ | |
a1f0de82 | 2003 | for (l = loader; l; l = l->l_loader) |
45e4762c | 2004 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) |
a1f0de82 | 2005 | { |
a42faf59 | 2006 | fd = open_path (name, namelen, mode, |
8e9f92e9 | 2007 | &l->l_rpath_dirs, |
a1f0de82 UD |
2008 | &realname, &fb, loader, LA_SER_RUNPATH, |
2009 | &found_other_class); | |
2010 | if (fd != -1) | |
2011 | break; | |
2012 | ||
2013 | did_main_map |= l == main_map; | |
2014 | } | |
0a54e401 | 2015 | |
fcf70d41 | 2016 | /* If dynamically linked, try the DT_RPATH of the executable |
844c394a | 2017 | itself. NB: we do this for lookups in any namespace. */ |
a1f0de82 UD |
2018 | if (fd == -1 && !did_main_map |
2019 | && main_map != NULL && main_map->l_type != lt_loaded | |
2020 | && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH, | |
2021 | "RPATH")) | |
a42faf59 | 2022 | fd = open_path (name, namelen, mode, |
8e9f92e9 | 2023 | &main_map->l_rpath_dirs, |
a1f0de82 UD |
2024 | &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, |
2025 | &found_other_class); | |
fcf70d41 | 2026 | } |
fd26970f | 2027 | |
7ef90c15 | 2028 | /* Try the LD_LIBRARY_PATH environment variable. */ |
f55727ca | 2029 | if (fd == -1 && env_path_list.dirs != (void *) -1) |
a42faf59 | 2030 | fd = open_path (name, namelen, mode, &env_path_list, |
9dcafc55 UD |
2031 | &realname, &fb, |
2032 | loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, | |
7f71c55d | 2033 | LA_SER_LIBPATH, &found_other_class); |
40a55d20 | 2034 | |
45e4762c RM |
2035 | /* Look at the RUNPATH information for this binary. */ |
2036 | if (fd == -1 && loader != NULL | |
2037 | && cache_rpath (loader, &loader->l_runpath_dirs, | |
2038 | DT_RUNPATH, "RUNPATH")) | |
a42faf59 | 2039 | fd = open_path (name, namelen, mode, |
9dcafc55 | 2040 | &loader->l_runpath_dirs, &realname, &fb, loader, |
7f71c55d | 2041 | LA_SER_RUNPATH, &found_other_class); |
fcf70d41 | 2042 | |
c0d6f2a3 RM |
2043 | if (fd == -1) |
2044 | { | |
2045 | realname = _dl_sysdep_open_object (name, namelen, &fd); | |
2046 | if (realname != NULL) | |
2047 | { | |
2048 | fd = open_verify (realname, fd, | |
2049 | &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded, | |
2050 | LA_SER_CONFIG, mode, &found_other_class, | |
2051 | false); | |
2052 | if (fd == -1) | |
2053 | free (realname); | |
2054 | } | |
2055 | } | |
2056 | ||
f57f8055 | 2057 | #ifdef USE_LDCONFIG |
55c91021 | 2058 | if (fd == -1 |
277ae3f1 | 2059 | && (__glibc_likely ((mode & __RTLD_SECURE) == 0) |
6bc6bd3b | 2060 | || ! __libc_enable_secure) |
1b26b855 | 2061 | && __glibc_likely (GLRO(dl_inhibit_cache) == 0)) |
f18edac3 RM |
2062 | { |
2063 | /* Check the list of libraries in the file /etc/ld.so.cache, | |
2064 | for compatibility with Linux's ldconfig program. */ | |
ccdb048d | 2065 | char *cached = _dl_load_cache_lookup (name); |
0f6b172f | 2066 | |
2f653c01 UD |
2067 | if (cached != NULL) |
2068 | { | |
c0f62c56 | 2069 | // XXX Correct to unconditionally default to namespace 0? |
6a5ee102 UD |
2070 | l = (loader |
2071 | ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded | |
0d23a5c1 MR |
2072 | # ifdef SHARED |
2073 | ?: &GL(dl_rtld_map) | |
f57f8055 | 2074 | # endif |
0d23a5c1 | 2075 | ); |
0f6b172f | 2076 | |
266bb989 UD |
2077 | /* If the loader has the DF_1_NODEFLIB flag set we must not |
2078 | use a cache entry from any of these directories. */ | |
1b26b855 | 2079 | if (__glibc_unlikely (l->l_flags_1 & DF_1_NODEFLIB)) |
266bb989 UD |
2080 | { |
2081 | const char *dirp = system_dirs; | |
2e47aff5 | 2082 | unsigned int cnt = 0; |
266bb989 UD |
2083 | |
2084 | do | |
2085 | { | |
2086 | if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0) | |
2087 | { | |
2088 | /* The prefix matches. Don't use the entry. */ | |
ccdb048d | 2089 | free (cached); |
266bb989 UD |
2090 | cached = NULL; |
2091 | break; | |
2092 | } | |
2093 | ||
2094 | dirp += system_dirs_len[cnt] + 1; | |
2095 | ++cnt; | |
2096 | } | |
4a6d1198 | 2097 | while (cnt < nsystem_dirs_len); |
266bb989 UD |
2098 | } |
2099 | ||
2f653c01 | 2100 | if (cached != NULL) |
f18edac3 | 2101 | { |
c0d6f2a3 | 2102 | fd = open_verify (cached, -1, |
9dcafc55 | 2103 | &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded, |
a42faf59 PP |
2104 | LA_SER_CONFIG, mode, &found_other_class, |
2105 | false); | |
a1ffb40e | 2106 | if (__glibc_likely (fd != -1)) |
ccdb048d CD |
2107 | realname = cached; |
2108 | else | |
2109 | free (cached); | |
f18edac3 RM |
2110 | } |
2111 | } | |
2112 | } | |
f57f8055 | 2113 | #endif |
0a54e401 | 2114 | |
a23db8e4 | 2115 | /* Finally, try the default path. */ |
266bb989 | 2116 | if (fd == -1 |
c0f62c56 | 2117 | && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL |
1b26b855 | 2118 | || __glibc_likely (!(l->l_flags_1 & DF_1_NODEFLIB))) |
f55727ca | 2119 | && rtld_search_dirs.dirs != (void *) -1) |
a42faf59 | 2120 | fd = open_path (name, namelen, mode, &rtld_search_dirs, |
7f71c55d | 2121 | &realname, &fb, l, LA_SER_DEFAULT, &found_other_class); |
b5efde2f | 2122 | |
fd77c361 | 2123 | /* Add another newline when we are tracing the library loading. */ |
a1ffb40e | 2124 | if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)) |
844c394a | 2125 | _dl_debug_printf ("\n"); |
ba79d61b RM |
2126 | } |
2127 | else | |
2128 | { | |
f787edde UD |
2129 | /* The path may contain dynamic string tokens. */ |
2130 | realname = (loader | |
34fe483e | 2131 | ? expand_dynamic_string_token (loader, name, 0) |
cc00cece | 2132 | : __strdup (name)); |
f787edde UD |
2133 | if (realname == NULL) |
2134 | fd = -1; | |
2135 | else | |
ba79d61b | 2136 | { |
c0d6f2a3 | 2137 | fd = open_verify (realname, -1, &fb, |
a42faf59 | 2138 | loader ?: GL(dl_ns)[nsid]._ns_loaded, 0, mode, |
2e0fc40c | 2139 | &found_other_class, true); |
1b26b855 | 2140 | if (__glibc_unlikely (fd == -1)) |
f787edde | 2141 | free (realname); |
ba79d61b RM |
2142 | } |
2143 | } | |
2144 | ||
9dcafc55 UD |
2145 | #ifdef SHARED |
2146 | no_file: | |
2147 | #endif | |
c14e9135 UD |
2148 | /* In case the LOADER information has only been provided to get to |
2149 | the appropriate RUNPATH/RPATH information we do not need it | |
2150 | anymore. */ | |
2151 | if (mode & __RTLD_CALLMAP) | |
2152 | loader = NULL; | |
2153 | ||
1b26b855 | 2154 | if (__glibc_unlikely (fd == -1)) |
46ec036d | 2155 | { |
32e6df36 | 2156 | if (trace_mode |
1b26b855 | 2157 | && __glibc_likely ((GLRO(dl_debug_mask) & DL_DEBUG_PRELINK) == 0)) |
46ec036d UD |
2158 | { |
2159 | /* We haven't found an appropriate library. But since we | |
2160 | are only interested in the list of libraries this isn't | |
2161 | so severe. Fake an entry with all the information we | |
1ef32c3d | 2162 | have. */ |
a1eca9f3 | 2163 | static const Elf_Symndx dummy_bucket = STN_UNDEF; |
46ec036d | 2164 | |
f0967738 | 2165 | /* Allocate a new object map. */ |
cc00cece | 2166 | if ((name_copy = __strdup (name)) == NULL |
1fc07491 | 2167 | || (l = _dl_new_object (name_copy, name, type, loader, |
c0f62c56 | 2168 | mode, nsid)) == NULL) |
2e0fc40c UD |
2169 | { |
2170 | free (name_copy); | |
2171 | _dl_signal_error (ENOMEM, name, NULL, | |
2172 | N_("cannot create shared object descriptor")); | |
2173 | } | |
a881e0a0 UD |
2174 | /* Signal that this is a faked entry. */ |
2175 | l->l_faked = 1; | |
2176 | /* Since the descriptor is initialized with zero we do not | |
126b06f9 | 2177 | have do this here. |
126b06f9 | 2178 | l->l_reserved = 0; */ |
fd26970f UD |
2179 | l->l_buckets = &dummy_bucket; |
2180 | l->l_nbuckets = 1; | |
2181 | l->l_relocated = 1; | |
2182 | ||
f0967738 AK |
2183 | /* Enter the object in the object list. */ |
2184 | _dl_add_to_namespace_list (l, nsid); | |
2185 | ||
fd26970f | 2186 | return l; |
46ec036d | 2187 | } |
7f71c55d UD |
2188 | else if (found_other_class) |
2189 | _dl_signal_error (0, name, NULL, | |
2190 | ELFW(CLASS) == ELFCLASS32 | |
2191 | ? N_("wrong ELF class: ELFCLASS64") | |
2192 | : N_("wrong ELF class: ELFCLASS32")); | |
46ec036d | 2193 | else |
154d10bd UD |
2194 | _dl_signal_error (errno, name, NULL, |
2195 | N_("cannot open shared object file")); | |
46ec036d | 2196 | } |
ba79d61b | 2197 | |
d1fc817e | 2198 | void *stack_end = __libc_stack_end; |
a1b85ae8 FW |
2199 | return _dl_map_object_from_fd (name, origname, fd, &fb, realname, loader, |
2200 | type, mode, &stack_end, nsid); | |
ba79d61b | 2201 | } |
154d10bd | 2202 | |
b8c80a7e KS |
2203 | struct add_path_state |
2204 | { | |
2205 | bool counting; | |
2206 | unsigned int idx; | |
2207 | Dl_serinfo *si; | |
2208 | char *allocptr; | |
2209 | }; | |
2210 | ||
2211 | static void | |
2212 | add_path (struct add_path_state *p, const struct r_search_path_struct *sps, | |
2213 | unsigned int flags) | |
2214 | { | |
2215 | if (sps->dirs != (void *) -1) | |
2216 | { | |
2217 | struct r_search_path_elem **dirs = sps->dirs; | |
2218 | do | |
2219 | { | |
2220 | const struct r_search_path_elem *const r = *dirs++; | |
2221 | if (p->counting) | |
2222 | { | |
2223 | p->si->dls_cnt++; | |
2224 | p->si->dls_size += MAX (2, r->dirnamelen); | |
2225 | } | |
2226 | else | |
2227 | { | |
2228 | Dl_serpath *const sp = &p->si->dls_serpath[p->idx++]; | |
2229 | sp->dls_name = p->allocptr; | |
2230 | if (r->dirnamelen < 2) | |
2231 | *p->allocptr++ = r->dirnamelen ? '/' : '.'; | |
2232 | else | |
2233 | p->allocptr = __mempcpy (p->allocptr, | |
2234 | r->dirname, r->dirnamelen - 1); | |
2235 | *p->allocptr++ = '\0'; | |
2236 | sp->dls_flags = flags; | |
2237 | } | |
2238 | } | |
2239 | while (*dirs != NULL); | |
2240 | } | |
2241 | } | |
45e4762c RM |
2242 | |
2243 | void | |
2244 | internal_function | |
2245 | _dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting) | |
2246 | { | |
2247 | if (counting) | |
2248 | { | |
2249 | si->dls_cnt = 0; | |
2250 | si->dls_size = 0; | |
2251 | } | |
2252 | ||
b8c80a7e | 2253 | struct add_path_state p = |
45e4762c | 2254 | { |
b8c80a7e KS |
2255 | .counting = counting, |
2256 | .idx = 0, | |
2257 | .si = si, | |
2258 | .allocptr = (char *) &si->dls_serpath[si->dls_cnt] | |
2259 | }; | |
2260 | ||
2261 | # define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */ | |
45e4762c RM |
2262 | |
2263 | /* When the object has the RUNPATH information we don't use any RPATHs. */ | |
2264 | if (loader->l_info[DT_RUNPATH] == NULL) | |
2265 | { | |
2266 | /* First try the DT_RPATH of the dependent object that caused NAME | |
2267 | to be loaded. Then that object's dependent, and on up. */ | |
2268 | ||
2269 | struct link_map *l = loader; | |
2270 | do | |
2271 | { | |
2272 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) | |
b8c80a7e | 2273 | add_path (&p, &l->l_rpath_dirs, XXX_RPATH); |
45e4762c RM |
2274 | l = l->l_loader; |
2275 | } | |
2276 | while (l != NULL); | |
2277 | ||
2278 | /* If dynamically linked, try the DT_RPATH of the executable itself. */ | |
c0f62c56 UD |
2279 | if (loader->l_ns == LM_ID_BASE) |
2280 | { | |
2281 | l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; | |
2282 | if (l != NULL && l->l_type != lt_loaded && l != loader) | |
2283 | if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) | |
b8c80a7e | 2284 | add_path (&p, &l->l_rpath_dirs, XXX_RPATH); |
c0f62c56 | 2285 | } |
45e4762c RM |
2286 | } |
2287 | ||
2288 | /* Try the LD_LIBRARY_PATH environment variable. */ | |
b8c80a7e | 2289 | add_path (&p, &env_path_list, XXX_ENV); |
45e4762c RM |
2290 | |
2291 | /* Look at the RUNPATH information for this binary. */ | |
2292 | if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH")) | |
b8c80a7e | 2293 | add_path (&p, &loader->l_runpath_dirs, XXX_RUNPATH); |
45e4762c RM |
2294 | |
2295 | /* XXX | |
2296 | Here is where ld.so.cache gets checked, but we don't have | |
2297 | a way to indicate that in the results for Dl_serinfo. */ | |
2298 | ||
2299 | /* Finally, try the default path. */ | |
2300 | if (!(loader->l_flags_1 & DF_1_NODEFLIB)) | |
b8c80a7e | 2301 | add_path (&p, &rtld_search_dirs, XXX_default); |
45e4762c RM |
2302 | |
2303 | if (counting) | |
2304 | /* Count the struct size before the string area, which we didn't | |
2305 | know before we completed dls_cnt. */ | |
2306 | si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si; | |
2307 | } |