]> git.ipfire.org Git - thirdparty/glibc.git/blame - elf/dl-load.c
projects / thirdparty / glibc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix typos.
[thirdparty/glibc.git] / elf / dl-load.c
CommitLineData
0a54e401 1/* Map in a shared object's segments from the file.
568035b7 2 Copyright (C) 1995-2013 Free Software Foundation, Inc.
afd4eb37 3 This file is part of the GNU C Library.
d66e34cd 4
afd4eb37 5 The GNU C Library is free software; you can redistribute it and/or
41bdb6e2
AJ		 6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
d66e34cd 9
afd4eb37
UD		 10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
41bdb6e2 13 Lesser General Public License for more details.
d66e34cd 14
41bdb6e2 15 You should have received a copy of the GNU Lesser General Public
59ba27a6
PE		 16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
d66e34cd 18
14e9dd67 19#include <elf.h>
0a54e401
UD		 20#include <errno.h>
21#include <fcntl.h>
8e17ea58 22#include <libintl.h>
379d4ec4 23#include <stdbool.h>
0a54e401 24#include <stdlib.h>
d66e34cd 25#include <string.h>
d66e34cd 26#include <unistd.h>
a42195db 27#include <ldsodefs.h>
ca97fb53 28#include <bits/wordsize.h>
0a54e401 29#include <sys/mman.h>
f8f7e090 30#include <sys/param.h>
0a54e401
UD		 31#include <sys/stat.h>
32#include <sys/types.h>
d66e34cd 33#include "dynamic-link.h"
a986484f 34#include <abi-tag.h>
664e7d93 35#include <stackinfo.h>
703ccc12 36#include <caller.h>
606832e6 37#include <sysdep.h>
815e6fa3 38#include <stap-probe.h>
d66e34cd 39
dc5efe83 40#include <dl-dst.h>
d66e34cd 41
9b8a44cd
RM		 42/* On some systems, no flag bits are given to specify file mapping. */
43#ifndef MAP_FILE
fcf70d41 44# define MAP_FILE 0
9b8a44cd
RM		 45#endif
46
47/* The right way to map in the shared library files is MAP_COPY, which
48 makes a virtual copy of the data at the time of the mmap call; this
49 guarantees the mapped pages will be consistent even if the file is
50 overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we
51 get is MAP_PRIVATE, which copies each page when it is modified; this
52 means if the file is overwritten, we may at some point get some pages
a3fcd5e8 53 from the new version after starting with pages from the old version.
a334319f 54
a3fcd5e8
RM		 55 To make up for the lack and avoid the overwriting problem,
56 what Linux does have is MAP_DENYWRITE. This prevents anyone
57 from modifying the file while we have it mapped. */
58#ifndef MAP_COPY
59# ifdef MAP_DENYWRITE
60# define MAP_COPY (MAP_PRIVATE | MAP_DENYWRITE)
61# else
62# define MAP_COPY MAP_PRIVATE
63# endif
b34cbd14
RM		 64#endif
65
f21acc89
UD		 66/* Some systems link their relocatable objects for another base address
67 than 0. We want to know the base address for these such that we can
68 subtract this address from the segment addresses during mapping.
69 This results in a more efficient address space usage. Defaults to
70 zero for almost all systems. */
71#ifndef MAP_BASE_ADDR
fcf70d41 72# define MAP_BASE_ADDR(l) 0
f21acc89
UD		 73#endif
74
9b8a44cd 75
d66e34cd
RM		 76#include <endian.h>
77#if BYTE_ORDER == BIG_ENDIAN
fcf70d41 78# define byteorder ELFDATA2MSB
d66e34cd 79#elif BYTE_ORDER == LITTLE_ENDIAN
fcf70d41 80# define byteorder ELFDATA2LSB
d66e34cd 81#else
fcf70d41
UD		 82# error "Unknown BYTE_ORDER " BYTE_ORDER
83# define byteorder ELFDATANONE
d66e34cd
RM		 84#endif
85
14e9dd67 86#define STRING(x) __STRING (x)
d66e34cd 87
4cca6b86
UD		 88/* Handle situations where we have a preferred location in memory for
89 the shared objects. */
90#ifdef ELF_PREFERRED_ADDRESS_DATA
91ELF_PREFERRED_ADDRESS_DATA;
92#endif
93#ifndef ELF_PREFERRED_ADDRESS
fcf70d41 94# define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref)
4cca6b86
UD		 95#endif
96#ifndef ELF_FIXED_ADDRESS
fcf70d41 97# define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
4cca6b86
UD		 98#endif
99
dcca3fe2 100
664e7d93 101int __stack_prot attribute_hidden attribute_relro
44828b9d 102#if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
ecc1d0c3 103 = PROT_GROWSDOWN;
44828b9d 104#elif _STACK_GROWS_UP && defined PROT_GROWSUP
ecc1d0c3 105 = PROT_GROWSUP;
f8286ce6
RM		 106#else
107 = 0;
664e7d93
UD		 108#endif
109
dcca3fe2 110
a35e137a
UD		 111/* Type for the buffer we put the ELF header and hopefully the program
112 header. This buffer does not really have to be too large. In most
113 cases the program header follows the ELF header directly. If this
6fffb9a2
UD		 114 is not the case all bets are off and we can make the header
115 arbitrarily large and still won't get it read. This means the only
116 question is how large are the ELF and program header combined. The
117 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
118 bytes long. Each program header entry is again 32 and 56 bytes
23e2554f
UD		 119 long respectively. I.e., even with a file which has 10 program
120 header entries we only have to read 372B/624B respectively. Add to
121 this a bit of margin for program notes and reading 512B and 832B
122 for 32-bit and 64-bit files respecitvely is enough. If this
123 heuristic should really fail for some file the code in
124 `_dl_map_object_from_fd' knows how to recover. */
a35e137a
UD		 125struct filebuf
126{
127 ssize_t len;
868b9d6a 128#if __WORDSIZE == 32
ca97fb53
UD		 129# define FILEBUF_SIZE 512
130#else
23e2554f 131# define FILEBUF_SIZE 832
ca97fb53 132#endif
6fffb9a2 133 char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr)))));
a35e137a
UD		 134};
135
7ef90c15 136/* This is the decomposed LD_LIBRARY_PATH search path. */
392a6b52 137static struct r_search_path_struct env_path_list attribute_relro;
40a55d20 138
12264bd7 139/* List of the hardware capabilities we might end up using. */
392a6b52
UD		 140static const struct r_strlenpair *capstr attribute_relro;
141static size_t ncapstr attribute_relro;
142static size_t max_capstrlen attribute_relro;
12264bd7 143
40a55d20 144
ab7eb292
UD		 145/* Get the generated information about the trusted directories. */
146#include "trusted-dirs.h"
147
148static const char system_dirs[] = SYSTEM_DIRS;
149static const size_t system_dirs_len[] =
150{
151 SYSTEM_DIRS_LEN
152};
4a6d1198
UD		 153#define nsystem_dirs_len \
154 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
ab7eb292 155
32c85e43 156
706074a5 157/* Local version of `strdup' function. */
ff0bf753 158static char *
706074a5
UD		 159local_strdup (const char *s)
160{
161 size_t len = strlen (s) + 1;
162 void *new = malloc (len);
163
164 if (new == NULL)
165 return NULL;
166
167 return (char *) memcpy (new, s, len);
168}
169
dc5efe83 170
47c3cd7a
UD		 171static bool
172is_trusted_path (const char *path, size_t len)
173{
47c3cd7a
UD		 174 const char *trun = system_dirs;
175
176 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
177 {
178 if (len == system_dirs_len[idx] && memcmp (trun, path, len) == 0)
179 /* Found it. */
180 return true;
181
182 trun += system_dirs_len[idx] + 1;
183 }
184
185 return false;
186}
187
188
189static bool
190is_trusted_path_normalize (const char *path, size_t len)
191{
22836f52
UD		 192 if (len == 0)
193 return false;
194
195 if (*path == ':')
196 {
197 ++path;
198 --len;
199 }
200
47c3cd7a
UD		 201 char *npath = (char *) alloca (len + 2);
202 char *wnp = npath;
47c3cd7a
UD		 203 while (*path != '\0')
204 {
205 if (path[0] == '/')
206 {
207 if (path[1] == '.')
208 {
209 if (path[2] == '.' && (path[3] == '/' || path[3] == '\0'))
210 {
211 while (wnp > npath && *--wnp != '/')
212 ;
213 path += 3;
214 continue;
215 }
216 else if (path[2] == '/' || path[2] == '\0')
217 {
218 path += 2;
219 continue;
220 }
221 }
222
223 if (wnp > npath && wnp[-1] == '/')
224 {
225 ++path;
226 continue;
227 }
228 }
229
230 *wnp++ = *path++;
231 }
22836f52
UD		 232
233 if (wnp == npath || wnp[-1] != '/')
47c3cd7a 234 *wnp++ = '/';
47c3cd7a 235
22836f52
UD		 236 const char *trun = system_dirs;
237
238 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
239 {
240 if (wnp - npath >= system_dirs_len[idx]
241 && memcmp (trun, npath, system_dirs_len[idx]) == 0)
242 /* Found it. */
243 return true;
244
245 trun += system_dirs_len[idx] + 1;
246 }
247
248 return false;
47c3cd7a
UD		 249}
250
251
6d5d3ae3 252static size_t
379d4ec4 253is_dst (const char *start, const char *name, const char *str,
d43c8c5f 254 int is_path, int secure)
6d5d3ae3
UD		 255{
256 size_t len;
379d4ec4 257 bool is_curly = false;
6d5d3ae3 258
379d4ec4
UD		 259 if (name[0] == '{')
260 {
261 is_curly = true;
262 ++name;
263 }
264
265 len = 0;
266 while (name[len] == str[len] && name[len] != '\0')
267 ++len;
268
269 if (is_curly)
270 {
271 if (name[len] != '}')
272 return 0;
273
274 /* Point again at the beginning of the name. */
275 --name;
276 /* Skip over closing curly brace and adjust for the --name. */
277 len += 2;
278 }
279 else if (name[len] != '\0' && name[len] != '/'
280 && (!is_path || name[len] != ':'))
6d5d3ae3
UD		 281 return 0;
282
283 if (__builtin_expect (secure, 0)
22836f52
UD		 284 && ((name[len] != '\0' && name[len] != '/'
285 && (!is_path || name[len] != ':'))
6d5d3ae3
UD		 286 || (name != start + 1 && (!is_path || name[-2] != ':'))))
287 return 0;
288
289 return len;
290}
291
292
dc5efe83
UD		 293size_t
294_dl_dst_count (const char *name, int is_path)
f787edde 295{
2864e767 296 const char *const start = name;
f787edde 297 size_t cnt = 0;
f787edde 298
dc5efe83 299 do
f787edde 300 {
379d4ec4 301 size_t len;
f787edde 302
32463b1a 303 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
379d4ec4
UD		 304 is $ORIGIN alone) and it must always appear first in path. */
305 ++name;
306 if ((len = is_dst (start, name, "ORIGIN", is_path,
e6caf4e1 307 INTUSE(__libc_enable_secure))) != 0
27af5372
RM		 308 || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
309 || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
f787edde
UD		 310 ++cnt;
311
dc5efe83 312 name = strchr (name + len, '$');
f787edde 313 }
dc5efe83 314 while (name != NULL);
f787edde 315
dc5efe83
UD		 316 return cnt;
317}
f787edde 318
f787edde 319
dc5efe83
UD		 320char *
321_dl_dst_substitute (struct link_map *l, const char *name, char *result,
322 int is_path)
323{
2864e767 324 const char *const start = name;
f787edde
UD		 325
326 /* Now fill the result path. While copying over the string we keep
c0c3f78a 327 track of the start of the last path element. When we come across
f787edde
UD		 328 a DST we copy over the value or (if the value is not available)
329 leave the entire path element out. */
47c3cd7a
UD		 330 char *wp = result;
331 char *last_elem = result;
332 bool check_for_trusted = false;
dc5efe83 333
f787edde
UD		 334 do
335 {
39b3385d 336 if (__builtin_expect (*name == '$', 0))
f787edde 337 {
2541eda0 338 const char *repl = NULL;
379d4ec4 339 size_t len;
2541eda0 340
379d4ec4
UD		 341 ++name;
342 if ((len = is_dst (start, name, "ORIGIN", is_path,
e6caf4e1 343 INTUSE(__libc_enable_secure))) != 0)
e7c8359e 344 {
f91f1c0f 345 repl = l->l_origin;
47c3cd7a
UD		 346 check_for_trusted = (INTUSE(__libc_enable_secure)
347 && l->l_type == lt_executable);
e7c8359e 348 }
27af5372 349 else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
afdca0f2 350 repl = GLRO(dl_platform);
27af5372
RM		 351 else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
352 repl = DL_DST_LIB;
2541eda0 353
2541eda0
UD		 354 if (repl != NULL && repl != (const char *) -1)
355 {
356 wp = __stpcpy (wp, repl);
357 name += len;
358 }
359 else if (len > 1)
f787edde 360 {
2541eda0
UD		 361 /* We cannot use this path element, the value of the
362 replacement is unknown. */
363 wp = last_elem;
364 name += len;
365 while (*name != '\0' && (!is_path || *name != ':'))
366 ++name;
34fe483e
AS		 367 /* Also skip following colon if this is the first rpath
368 element, but keep an empty element at the end. */
369 if (wp == result && is_path && *name == ':' && name[1] != '\0')
370 ++name;
f787edde
UD		 371 }
372 else
27aa0631 373 /* No DST we recognize. */
379d4ec4 374 *wp++ = '$';
f787edde 375 }
2541eda0 376 else
f787edde 377 {
dc5efe83 378 *wp++ = *name++;
2541eda0 379 if (is_path && *name == ':')
47c3cd7a
UD		 380 {
381 /* In SUID/SGID programs, after $ORIGIN expansion the
382 normalized path must be rooted in one of the trusted
383 directories. */
384 if (__builtin_expect (check_for_trusted, false)
22836f52
UD		 385 && !is_trusted_path_normalize (last_elem, wp - last_elem))
386 wp = last_elem;
47c3cd7a
UD		 387 else
388 last_elem = wp;
22836f52
UD		 389
390 check_for_trusted = false;
47c3cd7a 391 }
f787edde 392 }
f787edde 393 }
dc5efe83 394 while (*name != '\0');
f787edde 395
47c3cd7a
UD		 396 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
397 path must be rooted in one of the trusted directories. */
398 if (__builtin_expect (check_for_trusted, false)
22836f52 399 && !is_trusted_path_normalize (last_elem, wp - last_elem))
47c3cd7a
UD		 400 wp = last_elem;
401
f787edde
UD		 402 *wp = '\0';
403
404 return result;
405}
406
dc5efe83
UD		 407
408/* Return copy of argument with all recognized dynamic string tokens
409 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
410 might not be possible to determine the path from which the object
411 belonging to the map is loaded. In this case the path element
412 containing $ORIGIN is left out. */
413static char *
34fe483e 414expand_dynamic_string_token (struct link_map *l, const char *s, int is_path)
dc5efe83
UD		 415{
416 /* We make two runs over the string. First we determine how large the
844c394a 417 resulting string is and then we copy it over. Since this is no
dc5efe83
UD		 418 frequently executed operation we are looking here not for performance
419 but rather for code size. */
420 size_t cnt;
421 size_t total;
422 char *result;
423
2864e767 424 /* Determine the number of DST elements. */
34fe483e 425 cnt = DL_DST_COUNT (s, is_path);
dc5efe83
UD		 426
427 /* If we do not have to replace anything simply copy the string. */
55c91021 428 if (__builtin_expect (cnt, 0) == 0)
dc5efe83
UD		 429 return local_strdup (s);
430
431 /* Determine the length of the substituted string. */
432 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
433
434 /* Allocate the necessary memory. */
435 result = (char *) malloc (total + 1);
436 if (result == NULL)
437 return NULL;
438
34fe483e 439 return _dl_dst_substitute (l, s, result, is_path);
dc5efe83
UD		 440}
441
442
0413b54c
UD		 443/* Add `name' to the list of names for a particular shared object.
444 `name' is expected to have been allocated with malloc and will
445 be freed if the shared object already has this name.
446 Returns false if the object already had this name. */
76156ea1 447static void
12264bd7 448internal_function
76156ea1 449add_name_to_object (struct link_map *l, const char *name)
0a54e401 450{
0413b54c
UD		 451 struct libname_list *lnp, *lastp;
452 struct libname_list *newname;
76156ea1 453 size_t name_len;
0413b54c
UD		 454
455 lastp = NULL;
456 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
457 if (strcmp (name, lnp->name) == 0)
76156ea1 458 return;
0413b54c 459
76156ea1 460 name_len = strlen (name) + 1;
839be784 461 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
0413b54c 462 if (newname == NULL)
da832465
UD		 463 {
464 /* No more memory. */
154d10bd 465 _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record"));
76156ea1 466 return;
da832465 467 }
0413b54c
UD		 468 /* The object should have a libname set from _dl_new_object. */
469 assert (lastp != NULL);
470
76156ea1 471 newname->name = memcpy (newname + 1, name, name_len);
0413b54c 472 newname->next = NULL;
752a2a50 473 newname->dont_free = 0;
0413b54c 474 lastp->next = newname;
0413b54c
UD		 475}
476
12264bd7 477/* Standard search directories. */
392a6b52 478static struct r_search_path_struct rtld_search_dirs attribute_relro;
0a54e401 479
a658675d 480static size_t max_dirnamelen;
0a54e401 481
dd9423a6 482static struct r_search_path_elem **
0a54e401 483fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
ab7eb292 484 int check_trusted, const char *what, const char *where)
0a54e401
UD		 485{
486 char *cp;
487 size_t nelems = 0;
488
489 while ((cp = __strsep (&rpath, sep)) != NULL)
490 {
491 struct r_search_path_elem *dirp;
492 size_t len = strlen (cp);
12264bd7 493
af3878df 494 /* `strsep' can pass an empty string. This has to be
844c394a 495 interpreted as `use the current directory'. */
12264bd7 496 if (len == 0)
af3878df 497 {
ab7eb292
UD		 498 static const char curwd[] = "./";
499 cp = (char *) curwd;
af3878df 500 }
12264bd7 501
143e2b96 502 /* Remove trailing slashes (except for "/"). */
0a54e401
UD		 503 while (len > 1 && cp[len - 1] == '/')
504 --len;
505
ab7eb292
UD		 506 /* Now add one if there is none so far. */
507 if (len > 0 && cp[len - 1] != '/')
508 cp[len++] = '/';
509
07ba7349 510 /* Make sure we don't use untrusted directories if we run SUID. */
47c3cd7a
UD		 511 if (__builtin_expect (check_trusted, 0) && !is_trusted_path (cp, len))
512 continue;
07ba7349 513
0a54e401 514 /* See if this directory is already known. */
d6b5d570 515 for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next)
12264bd7 516 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
0a54e401
UD		 517 break;
518
519 if (dirp != NULL)
520 {
12264bd7 521 /* It is available, see whether it's on our own list. */
0a54e401
UD		 522 size_t cnt;
523 for (cnt = 0; cnt < nelems; ++cnt)
524 if (result[cnt] == dirp)
525 break;
526
527 if (cnt == nelems)
528 result[nelems++] = dirp;
529 }
530 else
531 {
12264bd7 532 size_t cnt;
839be784 533 enum r_dir_status init_val;
4a6d1198 534 size_t where_len = where ? strlen (where) + 1 : 0;
12264bd7 535
0a54e401 536 /* It's a new directory. Create an entry and add it. */
12264bd7 537 dirp = (struct r_search_path_elem *)
32ee8d95 538 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
f55727ca 539 + where_len + len + 1);
0a54e401 540 if (dirp == NULL)
154d10bd
UD		 541 _dl_signal_error (ENOMEM, NULL, NULL,
542 N_("cannot create cache for search path"));
0a54e401 543
f55727ca
UD		 544 dirp->dirname = ((char *) dirp + sizeof (*dirp)
545 + ncapstr * sizeof (enum r_dir_status));
104d0bd3 546 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
0a54e401 547 dirp->dirnamelen = len;
12264bd7
UD		 548
549 if (len > max_dirnamelen)
550 max_dirnamelen = len;
551
07ba7349
UD		 552 /* We have to make sure all the relative directories are
553 never ignored. The current directory might change and
554 all our saved information would be void. */
555 init_val = cp[0] != '/' ? existing : unknown;
839be784
UD		 556 for (cnt = 0; cnt < ncapstr; ++cnt)
557 dirp->status[cnt] = init_val;
0a54e401 558
b5efde2f 559 dirp->what = what;
4a6d1198 560 if (__builtin_expect (where != NULL, 1))
f55727ca 561 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
d6b5d570 562 + (ncapstr * sizeof (enum r_dir_status)),
4a6d1198
UD		 563 where, where_len);
564 else
565 dirp->where = NULL;
b5efde2f 566
d6b5d570
UD		 567 dirp->next = GL(dl_all_dirs);
568 GL(dl_all_dirs) = dirp;
0a54e401
UD		 569
570 /* Put it in the result array. */
571 result[nelems++] = dirp;
572 }
573 }
574
575 /* Terminate the array. */
576 result[nelems] = NULL;
577
578 return result;
579}
580
581
2692deea 582static bool
12264bd7 583internal_function
f55727ca
UD		 584decompose_rpath (struct r_search_path_struct *sps,
585 const char *rpath, struct link_map *l, const char *what)
0a54e401
UD		 586{
587 /* Make a copy we can work with. */
f787edde 588 const char *where = l->l_name;
310930c1 589 char *copy;
0a54e401
UD		 590 char *cp;
591 struct r_search_path_elem **result;
310930c1 592 size_t nelems;
39b3385d
UD		 593 /* Initialize to please the compiler. */
594 const char *errstring = NULL;
310930c1 595
fcf70d41
UD		 596 /* First see whether we must forget the RUNPATH and RPATH from this
597 object. */
afdca0f2 598 if (__builtin_expect (GLRO(dl_inhibit_rpath) != NULL, 0)
e6caf4e1 599 && !INTUSE(__libc_enable_secure))
310930c1 600 {
afdca0f2 601 const char *inhp = GLRO(dl_inhibit_rpath);
9710f75d
UD		 602
603 do
310930c1 604 {
9710f75d
UD		 605 const char *wp = where;
606
607 while (*inhp == *wp && *wp != '\0')
608 {
609 ++inhp;
610 ++wp;
611 }
612
613 if (*wp == '\0' && (*inhp == '\0' || *inhp == ':'))
310930c1 614 {
fcf70d41
UD		 615 /* This object is on the list of objects for which the
616 RUNPATH and RPATH must not be used. */
2692deea
UD		 617 sps->dirs = (void *) -1;
618 return false;
310930c1 619 }
9710f75d
UD		 620
621 while (*inhp != '\0')
622 if (*inhp++ == ':')
623 break;
310930c1 624 }
9710f75d 625 while (*inhp != '\0');
310930c1 626 }
0a54e401 627
f787edde
UD		 628 /* Make a writable copy. At the same time expand possible dynamic
629 string tokens. */
34fe483e 630 copy = expand_dynamic_string_token (l, rpath, 1);
f787edde 631 if (copy == NULL)
39b3385d
UD		 632 {
633 errstring = N_("cannot create RUNPATH/RPATH copy");
634 goto signal_error;
635 }
f787edde 636
34fe483e
AS		 637 /* Ignore empty rpaths. */
638 if (*copy == 0)
639 {
640 free (copy);
22836f52 641 sps->dirs = (struct r_search_path_elem **) -1;
34fe483e
AS		 642 return false;
643 }
644
310930c1 645 /* Count the number of necessary elements in the result array. */
310930c1 646 nelems = 0;
0a54e401
UD		 647 for (cp = copy; *cp != '\0'; ++cp)
648 if (*cp == ':')
649 ++nelems;
650
7ef90c15
UD		 651 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
652 number of necessary entries. */
653 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
0a54e401
UD		 654 * sizeof (*result));
655 if (result == NULL)
2692deea 656 {
ce31a3b1 657 free (copy);
2692deea
UD		 658 errstring = N_("cannot create cache for search path");
659 signal_error:
660 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
661 }
0a54e401 662
f55727ca
UD		 663 fillin_rpath (copy, result, ":", 0, what, where);
664
665 /* Free the copied RPATH string. `fillin_rpath' make own copies if
666 necessary. */
667 free (copy);
668
669 sps->dirs = result;
670 /* The caller will change this value if we haven't used a real malloc. */
671 sps->malloced = 1;
2692deea 672 return true;
0a54e401
UD		 673}
674
45e4762c
RM		 675/* Make sure cached path information is stored in *SP
676 and return true if there are any paths to search there. */
25337753 677static bool
45e4762c
RM		 678cache_rpath (struct link_map *l,
679 struct r_search_path_struct *sp,
680 int tag,
681 const char *what)
682{
683 if (sp->dirs == (void *) -1)
684 return false;
685
686 if (sp->dirs != NULL)
687 return true;
688
689 if (l->l_info[tag] == NULL)
690 {
691 /* There is no path. */
692 sp->dirs = (void *) -1;
693 return false;
694 }
695
696 /* Make sure the cache information is available. */
2692deea
UD		 697 return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB])
698 + l->l_info[tag]->d_un.d_val),
699 l, what);
45e4762c
RM		 700}
701
0a54e401
UD		 702
703void
d0fc4041 704internal_function
880f421f 705_dl_init_paths (const char *llp)
0a54e401 706{
ab7eb292
UD		 707 size_t idx;
708 const char *strp;
12264bd7
UD		 709 struct r_search_path_elem *pelem, **aelem;
710 size_t round_size;
b5567b2a 711#ifdef SHARED
c94a8080
UD		 712 struct link_map *l;
713#endif
39b3385d
UD		 714 /* Initialize to please the compiler. */
715 const char *errstring = NULL;
0a54e401 716
7ef90c15
UD		 717 /* Fill in the information about the application's RPATH and the
718 directories addressed by the LD_LIBRARY_PATH environment variable. */
0a54e401 719
4317f9e1 720 /* Get the capabilities. */
afdca0f2 721 capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen),
12264bd7
UD		 722 &ncapstr, &max_capstrlen);
723
724 /* First set up the rest of the default search directory entries. */
f55727ca 725 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
4a6d1198 726 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
f55727ca 727 if (rtld_search_dirs.dirs == NULL)
39b3385d
UD		 728 {
729 errstring = N_("cannot create search path array");
730 signal_error:
154d10bd 731 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
39b3385d 732 }
12264bd7
UD		 733
734 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
735 + ncapstr * sizeof (enum r_dir_status))
736 / sizeof (struct r_search_path_elem));
737
f55727ca 738 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)
228589d2 739 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
12264bd7 740 * round_size * sizeof (struct r_search_path_elem));
f55727ca 741 if (rtld_search_dirs.dirs[0] == NULL)
39b3385d
UD		 742 {
743 errstring = N_("cannot create cache for search path");
744 goto signal_error;
745 }
12264bd7 746
f55727ca 747 rtld_search_dirs.malloced = 0;
d6b5d570 748 pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0];
ab7eb292
UD		 749 strp = system_dirs;
750 idx = 0;
751
752 do
12264bd7
UD		 753 {
754 size_t cnt;
755
756 *aelem++ = pelem;
757
12264bd7
UD		 758 pelem->what = "system search path";
759 pelem->where = NULL;
760
ab7eb292
UD		 761 pelem->dirname = strp;
762 pelem->dirnamelen = system_dirs_len[idx];
763 strp += system_dirs_len[idx] + 1;
12264bd7 764
f55727ca
UD		 765 /* System paths must be absolute. */
766 assert (pelem->dirname[0] == '/');
767 for (cnt = 0; cnt < ncapstr; ++cnt)
768 pelem->status[cnt] = unknown;
ab7eb292 769
4a6d1198 770 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
ab7eb292
UD		 771
772 pelem += round_size;
12264bd7 773 }
4a6d1198 774 while (idx < nsystem_dirs_len);
ab7eb292
UD		 775
776 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
12264bd7 777 *aelem = NULL;
4317f9e1 778
b5567b2a 779#ifdef SHARED
81e0cb2d 780 /* This points to the map of the main object. */
c0f62c56 781 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
011ce8ed
UD		 782 if (l != NULL)
783 {
011ce8ed 784 assert (l->l_type != lt_loaded);
40a55d20 785
fcf70d41
UD		 786 if (l->l_info[DT_RUNPATH])
787 {
788 /* Allocate room for the search path and fill in information
789 from RUNPATH. */
f55727ca
UD		 790 decompose_rpath (&l->l_runpath_dirs,
791 (const void *) (D_PTR (l, l_info[DT_STRTAB])
792 + l->l_info[DT_RUNPATH]->d_un.d_val),
793 l, "RUNPATH");
273cdee8
AS		 794 /* During rtld init the memory is allocated by the stub malloc,
795 prevent any attempt to free it by the normal malloc. */
796 l->l_runpath_dirs.malloced = 0;
fcf70d41
UD		 797
798 /* The RPATH is ignored. */
f55727ca 799 l->l_rpath_dirs.dirs = (void *) -1;
fcf70d41 800 }
011ce8ed 801 else
fcf70d41 802 {
f55727ca 803 l->l_runpath_dirs.dirs = (void *) -1;
fcf70d41
UD		 804
805 if (l->l_info[DT_RPATH])
f55727ca
UD		 806 {
807 /* Allocate room for the search path and fill in information
808 from RPATH. */
809 decompose_rpath (&l->l_rpath_dirs,
810 (const void *) (D_PTR (l, l_info[DT_STRTAB])
fcf70d41
UD		 811 + l->l_info[DT_RPATH]->d_un.d_val),
812 l, "RPATH");
273cdee8
AS		 813 /* During rtld init the memory is allocated by the stub
814 malloc, prevent any attempt to free it by the normal
815 malloc. */
f55727ca
UD		 816 l->l_rpath_dirs.malloced = 0;
817 }
fcf70d41 818 else
f55727ca 819 l->l_rpath_dirs.dirs = (void *) -1;
fcf70d41 820 }
0a54e401 821 }
b5567b2a 822#endif /* SHARED */
7ef90c15
UD		 823
824 if (llp != NULL && *llp != '\0')
0a54e401 825 {
7ef90c15
UD		 826 size_t nllp;
827 const char *cp = llp;
950398e1
UD		 828 char *llp_tmp;
829
830#ifdef SHARED
831 /* Expand DSTs. */
832 size_t cnt = DL_DST_COUNT (llp, 1);
833 if (__builtin_expect (cnt == 0, 1))
834 llp_tmp = strdupa (llp);
835 else
836 {
837 /* Determine the length of the substituted string. */
838 size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt);
839
840 /* Allocate the necessary memory. */
841 llp_tmp = (char *) alloca (total + 1);
842 llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1);
843 }
844#else
845 llp_tmp = strdupa (llp);
846#endif
011ce8ed 847
7ef90c15
UD		 848 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
849 elements it has. */
850 nllp = 1;
851 while (*cp)
0a54e401 852 {
7ef90c15
UD		 853 if (*cp == ':' || *cp == ';')
854 ++nllp;
855 ++cp;
011ce8ed 856 }
7ef90c15 857
f55727ca 858 env_path_list.dirs = (struct r_search_path_elem **)
7ef90c15 859 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
f55727ca 860 if (env_path_list.dirs == NULL)
39b3385d
UD		 861 {
862 errstring = N_("cannot create cache for search path");
863 goto signal_error;
864 }
7ef90c15 865
b0ed91ae 866 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
e6caf4e1
UD		 867 INTUSE(__libc_enable_secure), "LD_LIBRARY_PATH",
868 NULL);
6a7c9bb4 869
f55727ca 870 if (env_path_list.dirs[0] == NULL)
6a7c9bb4 871 {
f55727ca
UD		 872 free (env_path_list.dirs);
873 env_path_list.dirs = (void *) -1;
6a7c9bb4 874 }
f55727ca
UD		 875
876 env_path_list.malloced = 0;
81e0cb2d 877 }
152e7964 878 else
f55727ca 879 env_path_list.dirs = (void *) -1;
0a54e401
UD		 880}
881
882
a6291c3d 883static void
a481b13c 884__attribute__ ((noreturn, noinline))
126b06f9 885lose (int code, int fd, const char *name, char *realname, struct link_map *l,
815e6fa3 886 const char *msg, struct r_debug *r, Lmid_t nsid)
126b06f9 887{
fb0356b9 888 /* The file might already be closed. */
a481b13c
UD		 889 if (fd != -1)
890 (void) __close (fd);
610f9ab4 891 if (l != NULL && l->l_origin != (char *) -1l)
fde56e5c 892 free ((char *) l->l_origin);
f0967738 893 free (l);
126b06f9 894 free (realname);
bca2218b
UD		 895
896 if (r != NULL)
897 {
898 r->r_state = RT_CONSISTENT;
899 _dl_debug_state ();
815e6fa3 900 LIBC_PROBE (map_failed, 2, nsid, r);
bca2218b
UD		 901 }
902
154d10bd 903 _dl_signal_error (code, name, NULL, msg);
126b06f9
UD		 904}
905
906
ea03559a
RM		 907/* Map in the shared object NAME, actually located in REALNAME, and already
908 opened on FD. */
909
f787edde
UD		 910#ifndef EXTERNAL_MAP_FROM_FD
911static
912#endif
ea03559a 913struct link_map *
a35e137a
UD		 914_dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
915 char *realname, struct link_map *loader, int l_type,
c0f62c56 916 int mode, void **stack_endp, Lmid_t nsid)
ea03559a 917{
622586fb 918 struct link_map *l = NULL;
266180eb
RM		 919 const ElfW(Ehdr) *header;
920 const ElfW(Phdr) *phdr;
921 const ElfW(Phdr) *ph;
8193034b 922 size_t maplength;
b122c703 923 int type;
5763742f 924 struct stat64 st;
39b3385d
UD		 925 /* Initialize to keep the compiler happy. */
926 const char *errstring = NULL;
927 int errval = 0;
29f97654 928 struct r_debug *r = _dl_debug_initialize (0, nsid);
9dcafc55 929 bool make_consistent = false;
61e0617a
UD		 930
931 /* Get file information. */
39b3385d
UD		 932 if (__builtin_expect (__fxstat64 (_STAT_VER, fd, &st) < 0, 0))
933 {
934 errstring = N_("cannot stat shared object");
935 call_lose_errno:
936 errval = errno;
937 call_lose:
bca2218b 938 lose (errval, fd, name, realname, l, errstring,
815e6fa3 939 make_consistent ? r : NULL, nsid);
39b3385d 940 }
d66e34cd
RM		 941
942 /* Look again to see if the real name matched another already loaded. */
c0f62c56 943 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
20fe49b9 944 if (l->l_removed == 0 && l->l_ino == st.st_ino && l->l_dev == st.st_dev)
d66e34cd
RM		 945 {
946 /* The object is already loaded.
947 Just bump its reference count and return it. */
266180eb 948 __close (fd);
c84142e8
UD		 949
950 /* If the name is not in the list of names for this object add
951 it. */
ea03559a 952 free (realname);
0413b54c 953 add_name_to_object (l, name);
8699e7b1 954
d66e34cd
RM		 955 return l;
956 }
957
c0f62c56
UD		 958#ifdef SHARED
959 /* When loading into a namespace other than the base one we must
960 avoid loading ld.so since there can only be one copy. Ever. */
961 if (__builtin_expect (nsid != LM_ID_BASE, 0)
962 && ((st.st_ino == GL(dl_rtld_map).l_ino
963 && st.st_dev == GL(dl_rtld_map).l_dev)
964 || _dl_name_match_p (name, &GL(dl_rtld_map))))
965 {
966 /* This is indeed ld.so. Create a new link_map which refers to
967 the real one for almost everything. */
968 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
969 if (l == NULL)
970 goto fail_new;
971
972 /* Refer to the real descriptor. */
973 l->l_real = &GL(dl_rtld_map);
974
975 /* No need to bump the refcount of the real object, ld.so will
976 never be unloaded. */
977 __close (fd);
978
f0967738
AK		 979 /* Add the map for the mirrored object to the object list. */
980 _dl_add_to_namespace_list (l, nsid);
981
c0f62c56
UD		 982 return l;
983 }
984#endif
985
2f54c82d 986 if (mode & RTLD_NOLOAD)
96961bf7
AS		 987 {
988 /* We are not supposed to load the object unless it is already
989 loaded. So return now. */
4bff6e01 990 free (realname);
96961bf7
AS		 991 __close (fd);
992 return NULL;
993 }
bf8b3e74 994
8193034b 995 /* Print debugging message. */
afdca0f2 996 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
c0f62c56 997 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid);
8193034b 998
a35e137a
UD		 999 /* This is the ELF header. We read it in `open_verify'. */
1000 header = (void *) fbp->buf;
d66e34cd 1001
2064087b 1002#ifndef MAP_ANON
126b06f9 1003# define MAP_ANON 0
d66e34cd
RM		 1004 if (_dl_zerofd == -1)
1005 {
1006 _dl_zerofd = _dl_sysdep_open_zero_fill ();
1007 if (_dl_zerofd == -1)
ba79d61b 1008 {
4bff6e01 1009 free (realname);
ba79d61b 1010 __close (fd);
154d10bd
UD		 1011 _dl_signal_error (errno, NULL, NULL,
1012 N_("cannot open zero fill device"));
ba79d61b 1013 }
d66e34cd 1014 }
2064087b 1015#endif
d66e34cd 1016
9dcafc55
UD		 1017 /* Signal that we are going to add new objects. */
1018 if (r->r_state == RT_CONSISTENT)
1019 {
1020#ifdef SHARED
1021 /* Auditing checkpoint: we are going to add new objects. */
2ca285b0
UD		 1022 if ((mode & __RTLD_AUDIT) == 0
1023 && __builtin_expect (GLRO(dl_naudit) > 0, 0))
9dcafc55
UD		 1024 {
1025 struct link_map *head = GL(dl_ns)[nsid]._ns_loaded;
1026 /* Do not call the functions for any auditing object. */
1027 if (head->l_auditing == 0)
1028 {
1029 struct audit_ifaces *afct = GLRO(dl_audit);
1030 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1031 {
1032 if (afct->activity != NULL)
1033 afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD);
1034
1035 afct = afct->next;
1036 }
1037 }
1038 }
1039#endif
1040
1041 /* Notify the debugger we have added some objects. We need to
1042 call _dl_debug_initialize in a static program in case dynamic
1043 linking has not been used before. */
1044 r->r_state = RT_ADD;
1045 _dl_debug_state ();
815e6fa3 1046 LIBC_PROBE (map_start, 2, nsid, r);
9dcafc55
UD		 1047 make_consistent = true;
1048 }
1049 else
1050 assert (r->r_state == RT_ADD);
1051
ba79d61b 1052 /* Enter the new object in the list of loaded objects. */
c0f62c56
UD		 1053 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
1054 if (__builtin_expect (l == NULL, 0))
39b3385d 1055 {
7cb92a99 1056#ifdef SHARED
c0f62c56 1057 fail_new:
7cb92a99 1058#endif
39b3385d
UD		 1059 errstring = N_("cannot create shared object descriptor");
1060 goto call_lose_errno;
1061 }
ba79d61b 1062
b122c703 1063 /* Extract the remaining details we need from the ELF header
32c85e43 1064 and then read in the program header table. */
b122c703
RM		 1065 l->l_entry = header->e_entry;
1066 type = header->e_type;
1067 l->l_phnum = header->e_phnum;
32c85e43
UD		 1068
1069 maplength = header->e_phnum * sizeof (ElfW(Phdr));
6dd67bd5 1070 if (header->e_phoff + maplength <= (size_t) fbp->len)
a35e137a 1071 phdr = (void *) (fbp->buf + header->e_phoff);
32c85e43
UD		 1072 else
1073 {
1074 phdr = alloca (maplength);
0e15c4b6 1075 __lseek (fd, header->e_phoff, SEEK_SET);
6dd67bd5 1076 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
39b3385d
UD		 1077 {
1078 errstring = N_("cannot read file data");
1079 goto call_lose_errno;
1080 }
32c85e43 1081 }
879bf2e6 1082
30950a5f
RA		 1083 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1084 * executable. Other platforms default to a nonexecutable stack and don't
1085 * need PT_GNU_STACK to do so. */
1086 uint_fast16_t stack_flags = DEFAULT_STACK_PERMS;
ecdeaac0 1087
b122c703
RM		 1088 {
1089 /* Scan the program header table, collecting its load commands. */
1090 struct loadcmd
1091 {
266180eb 1092 ElfW(Addr) mapstart, mapend, dataend, allocend;
408223d4 1093 ElfW(Off) mapoff;
b122c703
RM		 1094 int prot;
1095 } loadcmds[l->l_phnum], *c;
1096 size_t nloadcmds = 0;
6fffb9a2 1097 bool has_holes = false;
d66e34cd 1098
126b06f9 1099 /* The struct is initialized to zero so this is not necessary:
d66e34cd 1100 l->l_ld = 0;
b122c703 1101 l->l_phdr = 0;
126b06f9 1102 l->l_addr = 0; */
d66e34cd
RM		 1103 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
1104 switch (ph->p_type)
1105 {
1106 /* These entries tell us where to find things once the file's
1107 segments are mapped in. We record the addresses it says
1108 verbatim, and later correct for the run-time load address. */
1109 case PT_DYNAMIC:
1110 l->l_ld = (void *) ph->p_vaddr;
dacc8ffa 1111 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
d66e34cd 1112 break;
39b3385d 1113
d66e34cd
RM		 1114 case PT_PHDR:
1115 l->l_phdr = (void *) ph->p_vaddr;
1116 break;
1117
1118 case PT_LOAD:
b122c703
RM		 1119 /* A load command tells us to map in part of the file.
1120 We record the load commands and process them all later. */
afdca0f2 1121 if (__builtin_expect ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0,
fd77c361 1122 0))
39b3385d
UD		 1123 {
1124 errstring = N_("ELF load command alignment not page-aligned");
1125 goto call_lose;
1126 }
fd77c361
UD		 1127 if (__builtin_expect (((ph->p_vaddr - ph->p_offset)
1128 & (ph->p_align - 1)) != 0, 0))
39b3385d
UD		 1129 {
1130 errstring
1131 = N_("ELF load command address/offset not properly aligned");
1132 goto call_lose;
1133 }
1134
cc12f2a4 1135 c = &loadcmds[nloadcmds++];
410828e4 1136 c->mapstart = ph->p_vaddr & ~(GLRO(dl_pagesize) - 1);
afdca0f2
UD		 1137 c->mapend = ((ph->p_vaddr + ph->p_filesz + GLRO(dl_pagesize) - 1)
1138 & ~(GLRO(dl_pagesize) - 1));
cc12f2a4
UD		 1139 c->dataend = ph->p_vaddr + ph->p_filesz;
1140 c->allocend = ph->p_vaddr + ph->p_memsz;
410828e4 1141 c->mapoff = ph->p_offset & ~(GLRO(dl_pagesize) - 1);
cc12f2a4 1142
6fffb9a2
UD		 1143 /* Determine whether there is a gap between the last segment
1144 and this one. */
1145 if (nloadcmds > 1 && c[-1].mapend != c->mapstart)
1146 has_holes = true;
1147
cc12f2a4 1148 /* Optimize a common case. */
94a758fe 1149#if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
cc12f2a4
UD		 1150 c->prot = (PF_TO_PROT
1151 >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf;
94a758fe 1152#else
cc12f2a4
UD		 1153 c->prot = 0;
1154 if (ph->p_flags & PF_R)
1155 c->prot |= PROT_READ;
1156 if (ph->p_flags & PF_W)
1157 c->prot |= PROT_WRITE;
1158 if (ph->p_flags & PF_X)
1159 c->prot |= PROT_EXEC;
94a758fe 1160#endif
55c91021 1161 break;
96f208a4 1162
96f208a4 1163 case PT_TLS:
2d148689
RM		 1164 if (ph->p_memsz == 0)
1165 /* Nothing to do for an empty segment. */
1166 break;
1167
216455bc
RM		 1168 l->l_tls_blocksize = ph->p_memsz;
1169 l->l_tls_align = ph->p_align;
99fe3b0e
UD		 1170 if (ph->p_align == 0)
1171 l->l_tls_firstbyte_offset = 0;
1172 else
1173 l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1);
216455bc
RM		 1174 l->l_tls_initimage_size = ph->p_filesz;
1175 /* Since we don't know the load address yet only store the
1176 offset. We will adjust it later. */
1177 l->l_tls_initimage = (void *) ph->p_vaddr;
1178
2d148689
RM		 1179 /* If not loading the initial set of shared libraries,
1180 check whether we should permit loading a TLS segment. */
216455bc 1181 if (__builtin_expect (l->l_type == lt_library, 1)
850dcfca
UD		 1182 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1183 not set up TLS data structures, so don't use them now. */
1184 || __builtin_expect (GL(dl_tls_dtv_slotinfo_list) != NULL, 1))
96f208a4 1185 {
aed283dd
UD		 1186 /* Assign the next available module ID. */
1187 l->l_tls_modid = _dl_next_tls_modid ();
2d148689 1188 break;
96f208a4 1189 }
2d148689 1190
11bf311e 1191#ifdef SHARED
785290ea 1192 if (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0)
2d148689
RM		 1193 /* We are loading the executable itself when the dynamic linker
1194 was executed directly. The setup will happen later. */
1195 break;
216455bc 1196
4b4f2771 1197# ifdef _LIBC_REENTRANT
216455bc
RM		 1198 /* In a static binary there is no way to tell if we dynamically
1199 loaded libpthread. */
1200 if (GL(dl_error_catch_tsd) == &_dl_initial_error_catch_tsd)
4b4f2771 1201# endif
11bf311e 1202#endif
216455bc
RM		 1203 {
1204 /* We have not yet loaded libpthread.
1205 We can do the TLS setup right now! */
1206
1207 void *tcb;
1208
1209 /* The first call allocates TLS bookkeeping data structures.
1210 Then we allocate the TCB for the initial thread. */
1211 if (__builtin_expect (_dl_tls_setup (), 0)
1212 || __builtin_expect ((tcb = _dl_allocate_tls (NULL)) == NULL,
1213 0))
1214 {
1215 errval = ENOMEM;
1216 errstring = N_("\
1217cannot allocate TLS data structures for initial thread");
1218 goto call_lose;
1219 }
1220
1221 /* Now we install the TCB in the thread register. */
fde89ad0
RM		 1222 errstring = TLS_INIT_TP (tcb, 0);
1223 if (__builtin_expect (errstring == NULL, 1))
216455bc
RM		 1224 {
1225 /* Now we are all good. */
1226 l->l_tls_modid = ++GL(dl_tls_max_dtv_idx);
1227 break;
1228 }
1229
1230 /* The kernel is too old or somesuch. */
fde89ad0 1231 errval = 0;
216455bc 1232 _dl_deallocate_tls (tcb, 1);
fde89ad0 1233 goto call_lose;
216455bc 1234 }
2d148689 1235
807bce82
UD		 1236 /* Uh-oh, the binary expects TLS support but we cannot
1237 provide it. */
2430d57a
RM		 1238 errval = 0;
1239 errstring = N_("cannot handle TLS data");
1240 goto call_lose;
807bce82 1241 break;
ecdeaac0
RM		 1242
1243 case PT_GNU_STACK:
1244 stack_flags = ph->p_flags;
1245 break;
ed20b3d9
UD		 1246
1247 case PT_GNU_RELRO:
1248 l->l_relro_addr = ph->p_vaddr;
1249 l->l_relro_size = ph->p_memsz;
1250 break;
b122c703 1251 }
d66e34cd 1252
d8a5edc2
RM		 1253 if (__builtin_expect (nloadcmds == 0, 0))
1254 {
1255 /* This only happens for a bogus object that will be caught with
1256 another error below. But we don't want to go through the
1257 calculations below using NLOADCMDS - 1. */
1258 errstring = N_("object file has no loadable segments");
1259 goto call_lose;
1260 }
1261
b122c703
RM		 1262 /* Now process the load commands and map segments into memory. */
1263 c = loadcmds;
1264
8193034b
UD		 1265 /* Length of the sections to be loaded. */
1266 maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart;
1267
9987236e 1268 if (__builtin_expect (type, ET_DYN) == ET_DYN)
b122c703
RM		 1269 {
1270 /* This is a position-independent shared object. We can let the
1271 kernel map it anywhere it likes, but we must have space for all
1272 the segments in their specified positions relative to the first.
1273 So we map the first segment without MAP_FIXED, but with its
22930c9b
RM		 1274 extent increased to cover all the segments. Then we remove
1275 access from excess portion, and there is known sufficient space
4cca6b86
UD		 1276 there to remap from the later segments.
1277
1278 As a refinement, sometimes we have an address that we would
1279 prefer to map such objects at; but this is only a preference,
1280 the OS can do whatever it likes. */
4cca6b86 1281 ElfW(Addr) mappref;
97fd3a30 1282 mappref = (ELF_PREFERRED_ADDRESS (loader, maplength,
afdca0f2 1283 c->mapstart & GLRO(dl_use_load_bias))
f21acc89 1284 - MAP_BASE_ADDR (l));
c0282c06
UD		 1285
1286 /* Remember which part of the address space this object uses. */
39b3385d 1287 l->l_map_start = (ElfW(Addr)) __mmap ((void *) mappref, maplength,
1773d1ba 1288 c->prot,
a3fcd5e8 1289 MAP_COPY|MAP_FILE,
39b3385d 1290 fd, c->mapoff);
fd77c361 1291 if (__builtin_expect ((void *) l->l_map_start == MAP_FAILED, 0))
39b3385d
UD		 1292 {
1293 map_error:
1294 errstring = N_("failed to map segment from shared object");
1295 goto call_lose_errno;
1296 }
1297
c0282c06 1298 l->l_map_end = l->l_map_start + maplength;
c77ec56d 1299 l->l_addr = l->l_map_start - c->mapstart;
b122c703 1300
6fffb9a2
UD		 1301 if (has_holes)
1302 /* Change protection on the excess portion to disallow all access;
1303 the portions we do not remap later will be inaccessible as if
1304 unallocated. Then jump into the normal segment-mapping loop to
1305 handle the portion of the segment past the end of the file
1306 mapping. */
3fb035f6 1307 __mprotect ((caddr_t) (l->l_addr + c->mapend),
fc072bad 1308 loadcmds[nloadcmds - 1].mapstart - c->mapend,
6fffb9a2 1309 PROT_NONE);
052b6a6c 1310
9be09e06
UD		 1311 l->l_contiguous = 1;
1312
b122c703
RM		 1313 goto postmap;
1314 }
48da1092 1315
efec5079
UD		 1316 /* This object is loaded at a fixed address. This must never
1317 happen for objects loaded with dlopen(). */
1318 if (__builtin_expect ((mode & __RTLD_OPENEXEC) == 0, 0))
1319 {
1320 errstring = N_("cannot dynamically load executable");
1321 goto call_lose;
4cca6b86 1322 }
b122c703 1323
efec5079
UD		 1324 /* Notify ELF_PREFERRED_ADDRESS that we have to load this one
1325 fixed. */
1326 ELF_FIXED_ADDRESS (loader, c->mapstart);
1327
1328
052b6a6c
UD		 1329 /* Remember which part of the address space this object uses. */
1330 l->l_map_start = c->mapstart + l->l_addr;
1331 l->l_map_end = l->l_map_start + maplength;
9be09e06 1332 l->l_contiguous = !has_holes;
052b6a6c 1333
b122c703
RM		 1334 while (c < &loadcmds[nloadcmds])
1335 {
39b3385d
UD		 1336 if (c->mapend > c->mapstart
1337 /* Map the segment contents from the file. */
1338 && (__mmap ((void *) (l->l_addr + c->mapstart),
1339 c->mapend - c->mapstart, c->prot,
a3fcd5e8 1340 MAP_FIXED|MAP_COPY|MAP_FILE,
1773d1ba 1341 fd, c->mapoff)
39b3385d
UD		 1342 == MAP_FAILED))
1343 goto map_error;
b122c703
RM		 1344
1345 postmap:
eec8b6ca
UD		 1346 if (c->prot & PROT_EXEC)
1347 l->l_text_end = l->l_addr + c->mapend;
1348
7bcaca43 1349 if (l->l_phdr == 0
408223d4 1350 && c->mapoff <= header->e_phoff
6dd67bd5 1351 && ((size_t) (c->mapend - c->mapstart + c->mapoff)
7bcaca43
UD		 1352 >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr))))
1353 /* Found the program header in this segment. */
c515fb51
L		 1354 l->l_phdr = (void *) (uintptr_t) (c->mapstart + header->e_phoff
1355 - c->mapoff);
7bcaca43 1356
b122c703
RM		 1357 if (c->allocend > c->dataend)
1358 {
1359 /* Extra zero pages should appear at the end of this segment,
1360 after the data mapped from the file. */
266180eb 1361 ElfW(Addr) zero, zeroend, zeropage;
b122c703
RM		 1362
1363 zero = l->l_addr + c->dataend;
1364 zeroend = l->l_addr + c->allocend;
afdca0f2
UD		 1365 zeropage = ((zero + GLRO(dl_pagesize) - 1)
1366 & ~(GLRO(dl_pagesize) - 1));
d66e34cd 1367
b122c703
RM		 1368 if (zeroend < zeropage)
1369 /* All the extra data is in the last page of the segment.
1370 We can just zero it. */
1371 zeropage = zeroend;
1372
1373 if (zeropage > zero)
d66e34cd 1374 {
b122c703 1375 /* Zero the final part of the last page of the segment. */
6fffb9a2 1376 if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0))
d66e34cd 1377 {
b122c703 1378 /* Dag nab it. */
afdca0f2
UD		 1379 if (__mprotect ((caddr_t) (zero
1380 & ~(GLRO(dl_pagesize) - 1)),
1381 GLRO(dl_pagesize), c->prot|PROT_WRITE) < 0)
39b3385d
UD		 1382 {
1383 errstring = N_("cannot change memory protections");
1384 goto call_lose_errno;
1385 }
d66e34cd 1386 }
55c91021 1387 memset ((void *) zero, '\0', zeropage - zero);
6fffb9a2 1388 if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0))
afdca0f2
UD		 1389 __mprotect ((caddr_t) (zero & ~(GLRO(dl_pagesize) - 1)),
1390 GLRO(dl_pagesize), c->prot);
b122c703 1391 }
d66e34cd 1392
b122c703
RM		 1393 if (zeroend > zeropage)
1394 {
1395 /* Map the remaining zero pages in from the zero fill FD. */
1396 caddr_t mapat;
266180eb
RM		 1397 mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage,
1398 c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED,
20739e54 1399 -1, 0);
fd77c361 1400 if (__builtin_expect (mapat == MAP_FAILED, 0))
39b3385d
UD		 1401 {
1402 errstring = N_("cannot map zero-fill pages");
1403 goto call_lose_errno;
1404 }
d66e34cd
RM		 1405 }
1406 }
d66e34cd 1407
b122c703 1408 ++c;
879bf2e6 1409 }
b122c703 1410 }
d66e34cd 1411
b122c703
RM		 1412 if (l->l_ld == 0)
1413 {
fd77c361 1414 if (__builtin_expect (type == ET_DYN, 0))
39b3385d
UD		 1415 {
1416 errstring = N_("object file has no dynamic section");
1417 goto call_lose;
1418 }
b122c703
RM		 1419 }
1420 else
14755b91 1421 l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr);
879bf2e6 1422
479aa8ec 1423 elf_get_dynamic_info (l, NULL);
2f54c82d 1424
efec5079
UD		 1425 /* Make sure we are not dlopen'ing an object that has the
1426 DF_1_NOOPEN flag set. */
2430d57a 1427 if (__builtin_expect (l->l_flags_1 & DF_1_NOOPEN, 0)
2f54c82d
UD		 1428 && (mode & __RTLD_DLOPEN))
1429 {
2f54c82d
UD		 1430 /* We are not supposed to load this object. Free all resources. */
1431 __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start);
1432
11810621
UD		 1433 if (!l->l_libname->dont_free)
1434 free (l->l_libname);
2f54c82d
UD		 1435
1436 if (l->l_phdr_allocated)
1437 free ((void *) l->l_phdr);
1438
fb0356b9
UD		 1439 errstring = N_("shared object cannot be dlopen()ed");
1440 goto call_lose;
2f54c82d
UD		 1441 }
1442
efec5079
UD		 1443 if (l->l_phdr == NULL)
1444 {
1445 /* The program header is not contained in any of the segments.
1446 We have to allocate memory ourself and copy it over from out
1447 temporary place. */
1448 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1449 * sizeof (ElfW(Phdr)));
1450 if (newp == NULL)
1451 {
1452 errstring = N_("cannot allocate memory for program header");
1453 goto call_lose_errno;
1454 }
1455
1456 l->l_phdr = memcpy (newp, phdr,
1457 (header->e_phnum * sizeof (ElfW(Phdr))));
1458 l->l_phdr_allocated = 1;
1459 }
1460 else
1461 /* Adjust the PT_PHDR value by the runtime load address. */
1462 l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr);
1463
dcca3fe2
UD		 1464 if (__builtin_expect ((stack_flags &~ GL(dl_stack_flags)) & PF_X, 0))
1465 {
e751d282
RM		 1466 if (__builtin_expect (__check_caller (RETURN_ADDRESS (0), allow_ldso),
1467 0) != 0)
1468 {
1469 errstring = N_("invalid caller");
1470 goto call_lose;
1471 }
1472
dcca3fe2
UD		 1473 /* The stack is presently not executable, but this module
1474 requires that it be executable. We must change the
1475 protection of the variable which contains the flags used in
1476 the mprotect calls. */
11bf311e 1477#ifdef SHARED
3e539cb4 1478 if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN)
dcca3fe2 1479 {
e751d282
RM		 1480 const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize);
1481 const size_t s = (uintptr_t) (&__stack_prot + 1) - p;
1482
1483 struct link_map *const m = &GL(dl_rtld_map);
1484 const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr
1485 + m->l_relro_size)
1486 & -GLRO(dl_pagesize));
1487 if (__builtin_expect (p + s <= relro_end, 1))
1488 {
1489 /* The variable lies in the region protected by RELRO. */
0432680e
PY		 1490 if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0)
1491 {
1492 errstring = N_("cannot change memory protections");
1493 goto call_lose_errno;
1494 }
e751d282
RM		 1495 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1496 __mprotect ((void *) p, s, PROT_READ);
1497 }
1498 else
ecc1d0c3 1499 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
dcca3fe2
UD		 1500 }
1501 else
1502#endif
ecc1d0c3 1503 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
dcca3fe2 1504
606832e6
UD		 1505#ifdef check_consistency
1506 check_consistency ();
1507#endif
1508
dcca3fe2
UD		 1509 errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
1510 if (errval)
1511 {
1512 errstring = N_("\
1513cannot enable executable stack as shared object requires");
1514 goto call_lose;
1515 }
1516 }
1517
efec5079
UD		 1518 /* Adjust the address of the TLS initialization image. */
1519 if (l->l_tls_initimage != NULL)
1520 l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr;
efec5079
UD		 1521
1522 /* We are done mapping in the file. We no longer need the descriptor. */
1523 if (__builtin_expect (__close (fd) != 0, 0))
1524 {
1525 errstring = N_("cannot close file descriptor");
1526 goto call_lose_errno;
1527 }
1528 /* Signal that we closed the file. */
1529 fd = -1;
1530
1531 if (l->l_type == lt_library && type == ET_EXEC)
1532 l->l_type = lt_executable;
1533
1534 l->l_entry += l->l_addr;
1535
1536 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
1537 _dl_debug_printf ("\
1538 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1539 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1540 (int) sizeof (void *) * 2,
1541 (unsigned long int) l->l_ld,
1542 (int) sizeof (void *) * 2,
1543 (unsigned long int) l->l_addr,
1544 (int) sizeof (void *) * 2, maplength,
1545 (int) sizeof (void *) * 2,
1546 (unsigned long int) l->l_entry,
1547 (int) sizeof (void *) * 2,
1548 (unsigned long int) l->l_phdr,
1549 (int) sizeof (void *) * 2, l->l_phnum);
1550
1551 /* Set up the symbol hash table. */
1552 _dl_setup_hash (l);
d66e34cd 1553
be935610
UD		 1554 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1555 have to do this for the main map. */
1fc07491
UD		 1556 if ((mode & RTLD_DEEPBIND) == 0
1557 && __builtin_expect (l->l_info[DT_SYMBOLIC] != NULL, 0)
c0a777e8 1558 && &l->l_searchlist != l->l_scope[0])
be935610
UD		 1559 {
1560 /* Create an appropriate searchlist. It contains only this map.
1fc07491 1561 This is the definition of DT_SYMBOLIC in SysVr4. */
be935610
UD		 1562 l->l_symbolic_searchlist.r_list[0] = l;
1563 l->l_symbolic_searchlist.r_nlist = 1;
be935610
UD		 1564
1565 /* Now move the existing entries one back. */
c0a777e8
UD		 1566 memmove (&l->l_scope[1], &l->l_scope[0],
1567 (l->l_scope_max - 1) * sizeof (l->l_scope[0]));
be935610
UD		 1568
1569 /* Now add the new entry. */
c0a777e8 1570 l->l_scope[0] = &l->l_symbolic_searchlist;
be935610
UD		 1571 }
1572
5d916713 1573 /* Remember whether this object must be initialized first. */
39b3385d 1574 if (l->l_flags_1 & DF_1_INITFIRST)
d6b5d570 1575 GL(dl_initfirst) = l;
5d916713 1576
61e0617a
UD		 1577 /* Finally the file information. */
1578 l->l_dev = st.st_dev;
1579 l->l_ino = st.st_ino;
1580
51f38e87
UD		 1581 /* When we profile the SONAME might be needed for something else but
1582 loading. Add it right away. */
afdca0f2 1583 if (__builtin_expect (GLRO(dl_profile) != NULL, 0)
51f38e87
UD		 1584 && l->l_info[DT_SONAME] != NULL)
1585 add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB])
1586 + l->l_info[DT_SONAME]->d_un.d_val));
1587
47cc1490
CM		 1588#ifdef DL_AFTER_LOAD
1589 DL_AFTER_LOAD (l);
1590#endif
1591
f0967738
AK		 1592 /* Now that the object is fully initialized add it to the object list. */
1593 _dl_add_to_namespace_list (l, nsid);
1594
9dcafc55
UD		 1595#ifdef SHARED
1596 /* Auditing checkpoint: we have a new object. */
29f97654
UD		 1597 if (__builtin_expect (GLRO(dl_naudit) > 0, 0)
1598 && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing)
9dcafc55
UD		 1599 {
1600 struct audit_ifaces *afct = GLRO(dl_audit);
1601 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1602 {
1603 if (afct->objopen != NULL)
1604 {
1605 l->l_audit[cnt].bindflags
1606 = afct->objopen (l, nsid, &l->l_audit[cnt].cookie);
1607
1608 l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0;
1609 }
1610
1611 afct = afct->next;
1612 }
1613 }
1614#endif
1615
d66e34cd
RM		 1616 return l;
1617}
ba79d61b 1618\f
b5efde2f
UD		 1619/* Print search path. */
1620static void
1621print_search_path (struct r_search_path_elem **list,
844c394a 1622 const char *what, const char *name)
b5efde2f 1623{
12264bd7 1624 char buf[max_dirnamelen + max_capstrlen];
b5efde2f
UD		 1625 int first = 1;
1626
154d10bd 1627 _dl_debug_printf (" search path=");
b5efde2f
UD		 1628
1629 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1630 {
12264bd7
UD		 1631 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1632 size_t cnt;
1633
1634 for (cnt = 0; cnt < ncapstr; ++cnt)
1635 if ((*list)->status[cnt] != nonexisting)
1636 {
1637 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
143e2b96
UD		 1638 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1639 cp[0] = '\0';
1640 else
1641 cp[-1] = '\0';
fb0356b9
UD		 1642
1643 _dl_debug_printf_c (first ? "%s" : ":%s", buf);
1644 first = 0;
12264bd7 1645 }
b5efde2f 1646
b5efde2f
UD		 1647 ++list;
1648 }
1649
1650 if (name != NULL)
35fc382a 1651 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
b9375348 1652 DSO_FILENAME (name));
b5efde2f 1653 else
35fc382a 1654 _dl_debug_printf_c ("\t\t(%s)\n", what);
b5efde2f
UD		 1655}
1656\f
a35e137a
UD		 1657/* Open a file and verify it is an ELF file for this architecture. We
1658 ignore only ELF files for other architectures. Non-ELF files and
1659 ELF files with different header information cause fatal errors since
1660 this could mean there is something wrong in the installation and the
1661 user might want to know about this. */
1662static int
9dcafc55 1663open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
2e0fc40c 1664 int whatcode, bool *found_other_class, bool free_name)
a35e137a
UD		 1665{
1666 /* This is the expected ELF header. */
1667#define ELF32_CLASS ELFCLASS32
1668#define ELF64_CLASS ELFCLASS64
1669#ifndef VALID_ELF_HEADER
1670# define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1671# define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
d8c47894 1672# define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
40e2fc8b
UD		 1673#elif defined MORE_ELF_HEADER_DATA
1674 MORE_ELF_HEADER_DATA;
a35e137a 1675#endif
04f2902d 1676 static const unsigned char expected[EI_NIDENT] =
a35e137a
UD		 1677 {
1678 [EI_MAG0] = ELFMAG0,
1679 [EI_MAG1] = ELFMAG1,
1680 [EI_MAG2] = ELFMAG2,
1681 [EI_MAG3] = ELFMAG3,
1682 [EI_CLASS] = ELFW(CLASS),
1683 [EI_DATA] = byteorder,
1684 [EI_VERSION] = EV_CURRENT,
1685 [EI_OSABI] = ELFOSABI_SYSV,
1686 [EI_ABIVERSION] = 0
1687 };
39b3385d
UD		 1688 static const struct
1689 {
1690 ElfW(Word) vendorlen;
1691 ElfW(Word) datalen;
1692 ElfW(Word) type;
55c91021 1693 char vendor[4];
a986484f 1694 } expected_note = { 4, 16, 1, "GNU" };
39b3385d
UD		 1695 /* Initialize it to make the compiler happy. */
1696 const char *errstring = NULL;
1697 int errval = 0;
a35e137a 1698
9dcafc55
UD		 1699#ifdef SHARED
1700 /* Give the auditing libraries a chance. */
1701 if (__builtin_expect (GLRO(dl_naudit) > 0, 0) && whatcode != 0
1702 && loader->l_auditing == 0)
1703 {
1704 struct audit_ifaces *afct = GLRO(dl_audit);
1705 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1706 {
1707 if (afct->objsearch != NULL)
1708 {
1709 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1710 whatcode);
1711 if (name == NULL)
1712 /* Ignore the path. */
1713 return -1;
1714 }
1715
1716 afct = afct->next;
1717 }
1718 }
1719#endif
1720
a35e137a 1721 /* Open the file. We always open files read-only. */
b49865be 1722 int fd = __open (name, O_RDONLY | O_CLOEXEC);
a35e137a
UD		 1723 if (fd != -1)
1724 {
1725 ElfW(Ehdr) *ehdr;
a986484f 1726 ElfW(Phdr) *phdr, *ph;
2f6773b5 1727 ElfW(Word) *abi_note;
a986484f
UD		 1728 unsigned int osversion;
1729 size_t maplength;
a35e137a
UD		 1730
1731 /* We successfully openened the file. Now verify it is a file
1732 we can use. */
1733 __set_errno (0);
88481c16
SP		 1734 fbp->len = 0;
1735 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1736 /* Read in the header. */
1737 do
1738 {
1739 ssize_t retlen = __libc_read (fd, fbp->buf + fbp->len,
1740 sizeof (fbp->buf) - fbp->len);
1741 if (retlen <= 0)
1742 break;
1743 fbp->len += retlen;
1744 }
1745 while (__builtin_expect (fbp->len < sizeof (ElfW(Ehdr)), 0));
a35e137a
UD		 1746
1747 /* This is where the ELF header is loaded. */
a35e137a
UD		 1748 ehdr = (ElfW(Ehdr) *) fbp->buf;
1749
1750 /* Now run the tests. */
1751 if (__builtin_expect (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)), 0))
39b3385d
UD		 1752 {
1753 errval = errno;
1754 errstring = (errval == 0
1755 ? N_("file too short") : N_("cannot read file data"));
1756 call_lose:
2e0fc40c
UD		 1757 if (free_name)
1758 {
1759 char *realname = (char *) name;
1760 name = strdupa (realname);
1761 free (realname);
1762 }
815e6fa3 1763 lose (errval, fd, name, NULL, NULL, errstring, NULL, 0);
39b3385d 1764 }
a35e137a
UD		 1765
1766 /* See whether the ELF header is what we expect. */
1767 if (__builtin_expect (! VALID_ELF_HEADER (ehdr->e_ident, expected,
92ad15a8 1768 EI_ABIVERSION)
d8c47894 1769 || !VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
04f2902d
UD		 1770 ehdr->e_ident[EI_ABIVERSION])
1771 || memcmp (&ehdr->e_ident[EI_PAD],
1772 &expected[EI_PAD],
1773 EI_NIDENT - EI_PAD) != 0,
92ad15a8 1774 0))
a35e137a
UD		 1775 {
1776 /* Something is wrong. */
6cc8844f
UD		 1777 const Elf32_Word *magp = (const void *) ehdr->e_ident;
1778 if (*magp !=
a35e137a
UD		 1779#if BYTE_ORDER == LITTLE_ENDIAN
1780 ((ELFMAG0 << (EI_MAG0 * 8)) |
1781 (ELFMAG1 << (EI_MAG1 * 8)) |
1782 (ELFMAG2 << (EI_MAG2 * 8)) |
1783 (ELFMAG3 << (EI_MAG3 * 8)))
1784#else
1785 ((ELFMAG0 << (EI_MAG3 * 8)) |
1786 (ELFMAG1 << (EI_MAG2 * 8)) |
1787 (ELFMAG2 << (EI_MAG1 * 8)) |
1788 (ELFMAG3 << (EI_MAG0 * 8)))
1789#endif
1790 )
39b3385d
UD		 1791 errstring = N_("invalid ELF header");
1792 else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
7f71c55d
UD		 1793 {
1794 /* This is not a fatal error. On architectures where
1795 32-bit and 64-bit binaries can be run this might
1796 happen. */
1797 *found_other_class = true;
1798 goto close_and_out;
1799 }
39b3385d 1800 else if (ehdr->e_ident[EI_DATA] != byteorder)
a35e137a
UD		 1801 {
1802 if (BYTE_ORDER == BIG_ENDIAN)
39b3385d 1803 errstring = N_("ELF file data encoding not big-endian");
a35e137a 1804 else
39b3385d 1805 errstring = N_("ELF file data encoding not little-endian");
a35e137a 1806 }
39b3385d
UD		 1807 else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1808 errstring
1809 = N_("ELF file version ident does not match current one");
a35e137a
UD		 1810 /* XXX We should be able so set system specific versions which are
1811 allowed here. */
39b3385d
UD		 1812 else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1813 errstring = N_("ELF file OS ABI invalid");
d8c47894
UD		 1814 else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1815 ehdr->e_ident[EI_ABIVERSION]))
39b3385d 1816 errstring = N_("ELF file ABI version invalid");
04f2902d
UD		 1817 else if (memcmp (&ehdr->e_ident[EI_PAD], &expected[EI_PAD],
1818 EI_NIDENT - EI_PAD) != 0)
1819 errstring = N_("nonzero padding in e_ident");
39b3385d
UD		 1820 else
1821 /* Otherwise we don't know what went wrong. */
1822 errstring = N_("internal error");
1823
1824 goto call_lose;
a35e137a
UD		 1825 }
1826
1827 if (__builtin_expect (ehdr->e_version, EV_CURRENT) != EV_CURRENT)
39b3385d
UD		 1828 {
1829 errstring = N_("ELF file version does not match current one");
1830 goto call_lose;
1831 }
a35e137a 1832 if (! __builtin_expect (elf_machine_matches_host (ehdr), 1))
a986484f 1833 goto close_and_out;
9987236e
UD		 1834 else if (__builtin_expect (ehdr->e_type, ET_DYN) != ET_DYN
1835 && __builtin_expect (ehdr->e_type, ET_EXEC) != ET_EXEC)
39b3385d
UD		 1836 {
1837 errstring = N_("only ET_DYN and ET_EXEC can be loaded");
1838 goto call_lose;
1839 }
5ce98c3f
UD		 1840 else if (__builtin_expect (ehdr->e_phentsize, sizeof (ElfW(Phdr)))
1841 != sizeof (ElfW(Phdr)))
1842 {
1843 errstring = N_("ELF file's phentsize not the expected size");
1844 goto call_lose;
1845 }
a986484f
UD		 1846
1847 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
6dd67bd5 1848 if (ehdr->e_phoff + maplength <= (size_t) fbp->len)
a986484f
UD		 1849 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1850 else
1851 {
1852 phdr = alloca (maplength);
0e15c4b6 1853 __lseek (fd, ehdr->e_phoff, SEEK_SET);
6dd67bd5 1854 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
39b3385d
UD		 1855 {
1856 read_error:
1857 errval = errno;
1858 errstring = N_("cannot read file data");
1859 goto call_lose;
1860 }
a986484f
UD		 1861 }
1862
1863 /* Check .note.ABI-tag if present. */
1864 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
2f6773b5 1865 if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
a986484f 1866 {
2f6773b5
UD		 1867 ElfW(Addr) size = ph->p_filesz;
1868
1869 if (ph->p_offset + size <= (size_t) fbp->len)
a986484f
UD		 1870 abi_note = (void *) (fbp->buf + ph->p_offset);
1871 else
1872 {
2f6773b5 1873 abi_note = alloca (size);
0e15c4b6 1874 __lseek (fd, ph->p_offset, SEEK_SET);
2f6773b5 1875 if (__libc_read (fd, (void *) abi_note, size) != size)
39b3385d 1876 goto read_error;
2f6773b5
UD		 1877 }
1878
1879 while (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1880 {
1881#define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1882 ElfW(Addr) note_size = 3 * sizeof (ElfW(Word))
1883 + ROUND (abi_note[0])
1884 + ROUND (abi_note[1]);
39b3385d 1885
2f6773b5
UD		 1886 if (size - 32 < note_size)
1887 {
1888 size = 0;
1889 break;
1890 }
1891 size -= note_size;
1892 abi_note = (void *) abi_note + note_size;
a986484f
UD		 1893 }
1894
2f6773b5 1895 if (size == 0)
a986484f
UD		 1896 continue;
1897
55c91021
UD		 1898 osversion = (abi_note[5] & 0xff) * 65536
1899 + (abi_note[6] & 0xff) * 256
1900 + (abi_note[7] & 0xff);
1901 if (abi_note[4] != __ABI_TAG_OS
afdca0f2 1902 || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion))
a986484f
UD		 1903 {
1904 close_and_out:
1905 __close (fd);
1906 __set_errno (ENOENT);
1907 fd = -1;
1908 }
1909
1910 break;
1911 }
a35e137a
UD		 1912 }
1913
1914 return fd;
1915}
1916\f
04ea3b0f 1917/* Try to open NAME in one of the directories in *DIRSP.
ba79d61b 1918 Return the fd, or -1. If successful, fill in *REALNAME
04ea3b0f
UD		 1919 with the malloc'd full directory name. If it turns out
1920 that none of the directories in *DIRSP exists, *DIRSP is
1921 replaced with (void *) -1, and the old value is free()d
1922 if MAY_FREE_DIRS is true. */
ba79d61b
RM		 1923
1924static int
8e9f92e9 1925open_path (const char *name, size_t namelen, int secure,
a35e137a 1926 struct r_search_path_struct *sps, char **realname,
7f71c55d
UD		 1927 struct filebuf *fbp, struct link_map *loader, int whatcode,
1928 bool *found_other_class)
ba79d61b 1929{
f55727ca 1930 struct r_search_path_elem **dirs = sps->dirs;
ba79d61b 1931 char *buf;
0a54e401 1932 int fd = -1;
b5efde2f 1933 const char *current_what = NULL;
152e7964 1934 int any = 0;
ba79d61b 1935
ab1d521d
RM		 1936 if (__builtin_expect (dirs == NULL, 0))
1937 /* We're called before _dl_init_paths when loading the main executable
1938 given on the command line when rtld is run directly. */
1939 return -1;
1940
5431ece5 1941 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
ba79d61b
RM		 1942 do
1943 {
0a54e401
UD		 1944 struct r_search_path_elem *this_dir = *dirs;
1945 size_t buflen = 0;
12264bd7 1946 size_t cnt;
b0b67c47 1947 char *edp;
f5858039 1948 int here_any = 0;
55c91021 1949 int err;
ba79d61b 1950
b5efde2f
UD		 1951 /* If we are debugging the search for libraries print the path
1952 now if it hasn't happened now. */
afdca0f2 1953 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0)
cf197e41 1954 && current_what != this_dir->what)
b5efde2f
UD		 1955 {
1956 current_what = this_dir->what;
1957 print_search_path (dirs, current_what, this_dir->where);
1958 }
1959
b0b67c47 1960 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
12264bd7 1961 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
fd26970f 1962 {
12264bd7
UD		 1963 /* Skip this directory if we know it does not exist. */
1964 if (this_dir->status[cnt] == nonexisting)
1965 continue;
0a54e401 1966
12264bd7 1967 buflen =
d6b5d570
UD		 1968 ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str,
1969 capstr[cnt].len),
12264bd7
UD		 1970 name, namelen)
1971 - buf);
1972
1973 /* Print name we try if this is wanted. */
afdca0f2 1974 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
154d10bd 1975 _dl_debug_printf (" trying file=%s\n", buf);
b5efde2f 1976
2e0fc40c
UD		 1977 fd = open_verify (buf, fbp, loader, whatcode, found_other_class,
1978 false);
12264bd7 1979 if (this_dir->status[cnt] == unknown)
6e4c40ba
UD		 1980 {
1981 if (fd != -1)
1982 this_dir->status[cnt] = existing;
9dcafc55
UD		 1983 /* Do not update the directory information when loading
1984 auditing code. We must try to disturb the program as
1985 little as possible. */
1986 else if (loader == NULL
361a3706 1987 || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0)
6e4c40ba
UD		 1988 {
1989 /* We failed to open machine dependent library. Let's
1990 test whether there is any directory at all. */
5763742f 1991 struct stat64 st;
6e4c40ba
UD		 1992
1993 buf[buflen - namelen - 1] = '\0';
1994
5763742f 1995 if (__xstat64 (_STAT_VER, buf, &st) != 0
6e4c40ba
UD		 1996 || ! S_ISDIR (st.st_mode))
1997 /* The directory does not exist or it is no directory. */
1998 this_dir->status[cnt] = nonexisting;
1999 else
2000 this_dir->status[cnt] = existing;
2001 }
2002 }
fd26970f 2003
152e7964 2004 /* Remember whether we found any existing directory. */
9dcafc55 2005 here_any |= this_dir->status[cnt] != nonexisting;
152e7964 2006
8e9f92e9 2007 if (fd != -1 && __builtin_expect (secure, 0)
e6caf4e1 2008 && INTUSE(__libc_enable_secure))
c6222ab9
UD		 2009 {
2010 /* This is an extra security effort to make sure nobody can
2011 preload broken shared objects which are in the trusted
2012 directories and so exploit the bugs. */
5763742f 2013 struct stat64 st;
c6222ab9 2014
5763742f 2015 if (__fxstat64 (_STAT_VER, fd, &st) != 0
c6222ab9
UD		 2016 || (st.st_mode & S_ISUID) == 0)
2017 {
2018 /* The shared object cannot be tested for being SUID
2019 or this bit is not set. In this case we must not
2020 use this object. */
2021 __close (fd);
2022 fd = -1;
2023 /* We simply ignore the file, signal this by setting
2024 the error value which would have been set by `open'. */
2025 errno = ENOENT;
2026 }
2027 }
ba79d61b
RM		 2028 }
2029
ba79d61b
RM		 2030 if (fd != -1)
2031 {
2f653c01 2032 *realname = (char *) malloc (buflen);
c6222ab9 2033 if (*realname != NULL)
ba79d61b
RM		 2034 {
2035 memcpy (*realname, buf, buflen);
2036 return fd;
2037 }
2038 else
2039 {
2040 /* No memory for the name, we certainly won't be able
2041 to load and link it. */
2042 __close (fd);
2043 return -1;
2044 }
2045 }
55c91021 2046 if (here_any && (err = errno) != ENOENT && err != EACCES)
ba79d61b
RM		 2047 /* The file exists and is readable, but something went wrong. */
2048 return -1;
f5858039
UD		 2049
2050 /* Remember whether we found anything. */
2051 any |= here_any;
ba79d61b 2052 }
0a54e401 2053 while (*++dirs != NULL);
ba79d61b 2054
152e7964 2055 /* Remove the whole path if none of the directories exists. */
55c91021 2056 if (__builtin_expect (! any, 0))
152e7964 2057 {
04ea3b0f
UD		 2058 /* Paths which were allocated using the minimal malloc() in ld.so
2059 must not be freed using the general free() in libc. */
f55727ca
UD		 2060 if (sps->malloced)
2061 free (sps->dirs);
11bf311e 2062
ecc1d0c3
UD		 2063 /* rtld_search_dirs is attribute_relro, therefore avoid writing
2064 into it. */
2065 if (sps != &rtld_search_dirs)
ecc1d0c3 2066 sps->dirs = (void *) -1;
152e7964
UD		 2067 }
2068
ba79d61b
RM		 2069 return -1;
2070}
2071
2072/* Map in the shared object file NAME. */
2073
2074struct link_map *
d0fc4041 2075internal_function
8e9f92e9 2076_dl_map_object (struct link_map *loader, const char *name,
c0f62c56 2077 int type, int trace_mode, int mode, Lmid_t nsid)
ba79d61b
RM		 2078{
2079 int fd;
2080 char *realname;
14bab8de 2081 char *name_copy;
ba79d61b 2082 struct link_map *l;
a35e137a 2083 struct filebuf fb;
ba79d61b 2084
c0f62c56 2085 assert (nsid >= 0);
22c83193 2086 assert (nsid < GL(dl_nns));
c0f62c56 2087
ba79d61b 2088 /* Look for this name among those already loaded. */
c0f62c56 2089 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
f41c8091
UD		 2090 {
2091 /* If the requested name matches the soname of a loaded object,
2092 use that object. Elide this check for names that have not
2093 yet been opened. */
20fe49b9
UD		 2094 if (__builtin_expect (l->l_faked, 0) != 0
2095 || __builtin_expect (l->l_removed, 0) != 0)
f41c8091
UD		 2096 continue;
2097 if (!_dl_name_match_p (name, l))
2098 {
2099 const char *soname;
2100
c91bc73e
UD		 2101 if (__builtin_expect (l->l_soname_added, 1)
2102 || l->l_info[DT_SONAME] == NULL)
f41c8091
UD		 2103 continue;
2104
8699e7b1
UD		 2105 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
2106 + l->l_info[DT_SONAME]->d_un.d_val);
f41c8091
UD		 2107 if (strcmp (name, soname) != 0)
2108 continue;
2109
2110 /* We have a match on a new name -- cache it. */
76156ea1 2111 add_name_to_object (l, soname);
c91bc73e 2112 l->l_soname_added = 1;
f41c8091
UD		 2113 }
2114
42c4f32a 2115 /* We have a match. */
f41c8091
UD		 2116 return l;
2117 }
ba79d61b 2118
8193034b 2119 /* Display information if we are debugging. */
afdca0f2 2120 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)
7969407a 2121 && loader != NULL)
07df30d9 2122 _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0
9ac533d3
UD		 2123 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
2124 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
b9375348 2125 name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns);
8193034b 2126
9dcafc55
UD		 2127#ifdef SHARED
2128 /* Give the auditing libraries a chance to change the name before we
2129 try anything. */
2130 if (__builtin_expect (GLRO(dl_naudit) > 0, 0)
2131 && (loader == NULL || loader->l_auditing == 0))
2132 {
2133 struct audit_ifaces *afct = GLRO(dl_audit);
2134 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
2135 {
2136 if (afct->objsearch != NULL)
2137 {
2138 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
2139 LA_SER_ORIG);
2140 if (name == NULL)
2141 {
2142 /* Do not try anything further. */
2143 fd = -1;
2144 goto no_file;
2145 }
2146 }
2147
2148 afct = afct->next;
2149 }
2150 }
2151#endif
2152
7f71c55d
UD		 2153 /* Will be true if we found a DSO which is of the other ELF class. */
2154 bool found_other_class = false;
2155
ba79d61b
RM		 2156 if (strchr (name, '/') == NULL)
2157 {
2158 /* Search for NAME in several places. */
2159
2160 size_t namelen = strlen (name) + 1;
2161
afdca0f2 2162 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
c0f62c56 2163 _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid);
b5efde2f 2164
ba79d61b 2165 fd = -1;
a23db8e4 2166
fcf70d41 2167 /* When the object has the RUNPATH information we don't use any
844c394a 2168 RPATHs. */
4c540916 2169 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
fcf70d41 2170 {
a1f0de82
UD		 2171 /* This is the executable's map (if there is one). Make sure that
2172 we do not look at it twice. */
2173 struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2174 bool did_main_map = false;
2175
fcf70d41
UD		 2176 /* First try the DT_RPATH of the dependent object that caused NAME
2177 to be loaded. Then that object's dependent, and on up. */
a1f0de82 2178 for (l = loader; l; l = l->l_loader)
45e4762c 2179 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
a1f0de82 2180 {
8e9f92e9
AS		 2181 fd = open_path (name, namelen, mode & __RTLD_SECURE,
2182 &l->l_rpath_dirs,
a1f0de82
UD		 2183 &realname, &fb, loader, LA_SER_RUNPATH,
2184 &found_other_class);
2185 if (fd != -1)
2186 break;
2187
2188 did_main_map |= l == main_map;
2189 }
0a54e401 2190
fcf70d41 2191 /* If dynamically linked, try the DT_RPATH of the executable
844c394a 2192 itself. NB: we do this for lookups in any namespace. */
a1f0de82
UD		 2193 if (fd == -1 && !did_main_map
2194 && main_map != NULL && main_map->l_type != lt_loaded
2195 && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
2196 "RPATH"))
8e9f92e9
AS		 2197 fd = open_path (name, namelen, mode & __RTLD_SECURE,
2198 &main_map->l_rpath_dirs,
a1f0de82
UD		 2199 &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
2200 &found_other_class);
fcf70d41 2201 }
fd26970f 2202
7ef90c15 2203 /* Try the LD_LIBRARY_PATH environment variable. */
f55727ca 2204 if (fd == -1 && env_path_list.dirs != (void *) -1)
8e9f92e9 2205 fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list,
9dcafc55
UD		 2206 &realname, &fb,
2207 loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
7f71c55d 2208 LA_SER_LIBPATH, &found_other_class);
40a55d20 2209
45e4762c
RM		 2210 /* Look at the RUNPATH information for this binary. */
2211 if (fd == -1 && loader != NULL
2212 && cache_rpath (loader, &loader->l_runpath_dirs,
2213 DT_RUNPATH, "RUNPATH"))
8e9f92e9 2214 fd = open_path (name, namelen, mode & __RTLD_SECURE,
9dcafc55 2215 &loader->l_runpath_dirs, &realname, &fb, loader,
7f71c55d 2216 LA_SER_RUNPATH, &found_other_class);
fcf70d41 2217
f57f8055 2218#ifdef USE_LDCONFIG
55c91021 2219 if (fd == -1
8e9f92e9 2220 && (__builtin_expect (! (mode & __RTLD_SECURE), 1)
73d65cc3
SP		 2221 || ! INTUSE(__libc_enable_secure))
2222 && __builtin_expect (GLRO(dl_inhibit_cache) == 0, 1))
f18edac3
RM		 2223 {
2224 /* Check the list of libraries in the file /etc/ld.so.cache,
2225 for compatibility with Linux's ldconfig program. */
f18edac3 2226 const char *cached = _dl_load_cache_lookup (name);
0f6b172f 2227
2f653c01
UD		 2228 if (cached != NULL)
2229 {
f57f8055 2230# ifdef SHARED
c0f62c56 2231 // XXX Correct to unconditionally default to namespace 0?
6a5ee102
UD		 2232 l = (loader
2233 ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded
2234 ?: &GL(dl_rtld_map));
f57f8055 2235# else
2f653c01 2236 l = loader;
f57f8055 2237# endif
0f6b172f 2238
266bb989
UD		 2239 /* If the loader has the DF_1_NODEFLIB flag set we must not
2240 use a cache entry from any of these directories. */
2f653c01 2241 if (
f57f8055 2242# ifndef SHARED
2f653c01
UD		 2243 /* 'l' is always != NULL for dynamically linked objects. */
2244 l != NULL &&
f57f8055 2245# endif
2f653c01 2246 __builtin_expect (l->l_flags_1 & DF_1_NODEFLIB, 0))
266bb989
UD		 2247 {
2248 const char *dirp = system_dirs;
2e47aff5 2249 unsigned int cnt = 0;
266bb989
UD		 2250
2251 do
2252 {
2253 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
2254 {
2255 /* The prefix matches. Don't use the entry. */
2256 cached = NULL;
2257 break;
2258 }
2259
2260 dirp += system_dirs_len[cnt] + 1;
2261 ++cnt;
2262 }
4a6d1198 2263 while (cnt < nsystem_dirs_len);
266bb989
UD		 2264 }
2265
2f653c01 2266 if (cached != NULL)
f18edac3 2267 {
9dcafc55
UD		 2268 fd = open_verify (cached,
2269 &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded,
2e0fc40c 2270 LA_SER_CONFIG, &found_other_class, false);
2f653c01 2271 if (__builtin_expect (fd != -1, 1))
f18edac3 2272 {
266bb989
UD		 2273 realname = local_strdup (cached);
2274 if (realname == NULL)
2275 {
2276 __close (fd);
2277 fd = -1;
2278 }
f18edac3
RM		 2279 }
2280 }
2281 }
2282 }
f57f8055 2283#endif
0a54e401 2284
a23db8e4 2285 /* Finally, try the default path. */
266bb989 2286 if (fd == -1
c0f62c56 2287 && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
db2ebcef 2288 || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
f55727ca 2289 && rtld_search_dirs.dirs != (void *) -1)
8e9f92e9 2290 fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs,
7f71c55d 2291 &realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
b5efde2f 2292
fd77c361 2293 /* Add another newline when we are tracing the library loading. */
afdca0f2 2294 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
844c394a 2295 _dl_debug_printf ("\n");
ba79d61b
RM		 2296 }
2297 else
2298 {
f787edde
UD		 2299 /* The path may contain dynamic string tokens. */
2300 realname = (loader
34fe483e 2301 ? expand_dynamic_string_token (loader, name, 0)
f787edde
UD		 2302 : local_strdup (name));
2303 if (realname == NULL)
2304 fd = -1;
2305 else
ba79d61b 2306 {
9dcafc55 2307 fd = open_verify (realname, &fb,
7f71c55d 2308 loader ?: GL(dl_ns)[nsid]._ns_loaded, 0,
2e0fc40c 2309 &found_other_class, true);
55c91021 2310 if (__builtin_expect (fd, 0) == -1)
f787edde 2311 free (realname);
ba79d61b
RM		 2312 }
2313 }
2314
9dcafc55
UD		 2315#ifdef SHARED
2316 no_file:
2317#endif
c14e9135
UD		 2318 /* In case the LOADER information has only been provided to get to
2319 the appropriate RUNPATH/RPATH information we do not need it
2320 anymore. */
2321 if (mode & __RTLD_CALLMAP)
2322 loader = NULL;
2323
55c91021 2324 if (__builtin_expect (fd, 0) == -1)
46ec036d 2325 {
32e6df36 2326 if (trace_mode
afdca0f2 2327 && __builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_PRELINK, 0) == 0)
46ec036d
UD		 2328 {
2329 /* We haven't found an appropriate library. But since we
2330 are only interested in the list of libraries this isn't
2331 so severe. Fake an entry with all the information we
1ef32c3d 2332 have. */
a1eca9f3 2333 static const Elf_Symndx dummy_bucket = STN_UNDEF;
46ec036d 2334
f0967738 2335 /* Allocate a new object map. */
46ec036d 2336 if ((name_copy = local_strdup (name)) == NULL
1fc07491 2337 || (l = _dl_new_object (name_copy, name, type, loader,
c0f62c56 2338 mode, nsid)) == NULL)
2e0fc40c
UD		 2339 {
2340 free (name_copy);
2341 _dl_signal_error (ENOMEM, name, NULL,
2342 N_("cannot create shared object descriptor"));
2343 }
a881e0a0
UD		 2344 /* Signal that this is a faked entry. */
2345 l->l_faked = 1;
2346 /* Since the descriptor is initialized with zero we do not
126b06f9 2347 have do this here.
126b06f9 2348 l->l_reserved = 0; */
fd26970f
UD		 2349 l->l_buckets = &dummy_bucket;
2350 l->l_nbuckets = 1;
2351 l->l_relocated = 1;
2352
f0967738
AK		 2353 /* Enter the object in the object list. */
2354 _dl_add_to_namespace_list (l, nsid);
2355
fd26970f 2356 return l;
46ec036d 2357 }
7f71c55d
UD		 2358 else if (found_other_class)
2359 _dl_signal_error (0, name, NULL,
2360 ELFW(CLASS) == ELFCLASS32
2361 ? N_("wrong ELF class: ELFCLASS64")
2362 : N_("wrong ELF class: ELFCLASS32"));
46ec036d 2363 else
154d10bd
UD		 2364 _dl_signal_error (errno, name, NULL,
2365 N_("cannot open shared object file"));
46ec036d 2366 }
ba79d61b 2367
d1fc817e
UD		 2368 void *stack_end = __libc_stack_end;
2369 return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode,
c0f62c56 2370 &stack_end, nsid);
ba79d61b 2371}
154d10bd 2372
45e4762c
RM		 2373
2374void
2375internal_function
2376_dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting)
2377{
2378 if (counting)
2379 {
2380 si->dls_cnt = 0;
2381 si->dls_size = 0;
2382 }
2383
2384 unsigned int idx = 0;
2385 char *allocptr = (char *) &si->dls_serpath[si->dls_cnt];
dd9423a6 2386 void add_path (const struct r_search_path_struct *sps, unsigned int flags)
45e4762c
RM		 2387# define add_path(sps, flags) add_path(sps, 0) /* XXX */
2388 {
2389 if (sps->dirs != (void *) -1)
2390 {
2391 struct r_search_path_elem **dirs = sps->dirs;
2392 do
2393 {
2394 const struct r_search_path_elem *const r = *dirs++;
2395 if (counting)
2396 {
2397 si->dls_cnt++;
88197030 2398 si->dls_size += MAX (2, r->dirnamelen);
45e4762c
RM		 2399 }
2400 else
2401 {
2402 Dl_serpath *const sp = &si->dls_serpath[idx++];
2403 sp->dls_name = allocptr;
1c298d08
UD		 2404 if (r->dirnamelen < 2)
2405 *allocptr++ = r->dirnamelen ? '/' : '.';
2406 else
2407 allocptr = __mempcpy (allocptr,
2408 r->dirname, r->dirnamelen - 1);
45e4762c
RM		 2409 *allocptr++ = '\0';
2410 sp->dls_flags = flags;
2411 }
2412 }
2413 while (*dirs != NULL);
2414 }
2415 }
2416
2417 /* When the object has the RUNPATH information we don't use any RPATHs. */
2418 if (loader->l_info[DT_RUNPATH] == NULL)
2419 {
2420 /* First try the DT_RPATH of the dependent object that caused NAME
2421 to be loaded. Then that object's dependent, and on up. */
2422
2423 struct link_map *l = loader;
2424 do
2425 {
2426 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2427 add_path (&l->l_rpath_dirs, XXX_RPATH);
2428 l = l->l_loader;
2429 }
2430 while (l != NULL);
2431
2432 /* If dynamically linked, try the DT_RPATH of the executable itself. */
c0f62c56
UD		 2433 if (loader->l_ns == LM_ID_BASE)
2434 {
2435 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2436 if (l != NULL && l->l_type != lt_loaded && l != loader)
2437 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2438 add_path (&l->l_rpath_dirs, XXX_RPATH);
2439 }
45e4762c
RM		 2440 }
2441
2442 /* Try the LD_LIBRARY_PATH environment variable. */
2443 add_path (&env_path_list, XXX_ENV);
2444
2445 /* Look at the RUNPATH information for this binary. */
2446 if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH"))
2447 add_path (&loader->l_runpath_dirs, XXX_RUNPATH);
2448
2449 /* XXX
2450 Here is where ld.so.cache gets checked, but we don't have
2451 a way to indicate that in the results for Dl_serinfo. */
2452
2453 /* Finally, try the default path. */
2454 if (!(loader->l_flags_1 & DF_1_NODEFLIB))
2455 add_path (&rtld_search_dirs, XXX_default);
2456
2457 if (counting)
2458 /* Count the struct size before the string area, which we didn't
2459 know before we completed dls_cnt. */
2460 si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si;
2461}
A mirror of the official glibc repository