]> git.ipfire.org Git - thirdparty/glibc.git/blob - elf/dl-load.c
projects / thirdparty / glibc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
elf/dl-load.c: Use __strdup.
[thirdparty/glibc.git] / elf / dl-load.c
1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2014 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
18
19 #include <elf.h>
20 #include <errno.h>
21 #include <fcntl.h>
22 #include <libintl.h>
23 #include <stdbool.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <ldsodefs.h>
28 #include <bits/wordsize.h>
29 #include <sys/mman.h>
30 #include <sys/param.h>
31 #include <sys/stat.h>
32 #include <sys/types.h>
33 #include "dynamic-link.h"
34 #include <abi-tag.h>
35 #include <stackinfo.h>
36 #include <caller.h>
37 #include <sysdep.h>
38 #include <stap-probe.h>
39
40 #include <dl-dst.h>
41 #include <dl-load.h>
42 #include <dl-map-segments.h>
43 #include <dl-unmap-segments.h>
44
45
46 #include <endian.h>
47 #if BYTE_ORDER == BIG_ENDIAN
48 # define byteorder ELFDATA2MSB
49 #elif BYTE_ORDER == LITTLE_ENDIAN
50 # define byteorder ELFDATA2LSB
51 #else
52 # error "Unknown BYTE_ORDER " BYTE_ORDER
53 # define byteorder ELFDATANONE
54 #endif
55
56 #define STRING(x) __STRING (x)
57
58
59 int __stack_prot attribute_hidden attribute_relro
60 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
61 = PROT_GROWSDOWN;
62 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
63 = PROT_GROWSUP;
64 #else
65 = 0;
66 #endif
67
68
69 /* Type for the buffer we put the ELF header and hopefully the program
70 header. This buffer does not really have to be too large. In most
71 cases the program header follows the ELF header directly. If this
72 is not the case all bets are off and we can make the header
73 arbitrarily large and still won't get it read. This means the only
74 question is how large are the ELF and program header combined. The
75 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
76 bytes long. Each program header entry is again 32 and 56 bytes
77 long respectively. I.e., even with a file which has 10 program
78 header entries we only have to read 372B/624B respectively. Add to
79 this a bit of margin for program notes and reading 512B and 832B
80 for 32-bit and 64-bit files respecitvely is enough. If this
81 heuristic should really fail for some file the code in
82 `_dl_map_object_from_fd' knows how to recover. */
83 struct filebuf
84 {
85 ssize_t len;
86 #if __WORDSIZE == 32
87 # define FILEBUF_SIZE 512
88 #else
89 # define FILEBUF_SIZE 832
90 #endif
91 char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr)))));
92 };
93
94 /* This is the decomposed LD_LIBRARY_PATH search path. */
95 static struct r_search_path_struct env_path_list attribute_relro;
96
97 /* List of the hardware capabilities we might end up using. */
98 static const struct r_strlenpair *capstr attribute_relro;
99 static size_t ncapstr attribute_relro;
100 static size_t max_capstrlen attribute_relro;
101
102
103 /* Get the generated information about the trusted directories. */
104 #include "trusted-dirs.h"
105
106 static const char system_dirs[] = SYSTEM_DIRS;
107 static const size_t system_dirs_len[] =
108 {
109 SYSTEM_DIRS_LEN
110 };
111 #define nsystem_dirs_len \
112 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
113
114
115 static bool
116 is_trusted_path (const char *path, size_t len)
117 {
118 const char *trun = system_dirs;
119
120 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
121 {
122 if (len == system_dirs_len[idx] && memcmp (trun, path, len) == 0)
123 /* Found it. */
124 return true;
125
126 trun += system_dirs_len[idx] + 1;
127 }
128
129 return false;
130 }
131
132
133 static bool
134 is_trusted_path_normalize (const char *path, size_t len)
135 {
136 if (len == 0)
137 return false;
138
139 if (*path == ':')
140 {
141 ++path;
142 --len;
143 }
144
145 char *npath = (char *) alloca (len + 2);
146 char *wnp = npath;
147 while (*path != '\0')
148 {
149 if (path[0] == '/')
150 {
151 if (path[1] == '.')
152 {
153 if (path[2] == '.' && (path[3] == '/' || path[3] == '\0'))
154 {
155 while (wnp > npath && *--wnp != '/')
156 ;
157 path += 3;
158 continue;
159 }
160 else if (path[2] == '/' || path[2] == '\0')
161 {
162 path += 2;
163 continue;
164 }
165 }
166
167 if (wnp > npath && wnp[-1] == '/')
168 {
169 ++path;
170 continue;
171 }
172 }
173
174 *wnp++ = *path++;
175 }
176
177 if (wnp == npath || wnp[-1] != '/')
178 *wnp++ = '/';
179
180 const char *trun = system_dirs;
181
182 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
183 {
184 if (wnp - npath >= system_dirs_len[idx]
185 && memcmp (trun, npath, system_dirs_len[idx]) == 0)
186 /* Found it. */
187 return true;
188
189 trun += system_dirs_len[idx] + 1;
190 }
191
192 return false;
193 }
194
195
196 static size_t
197 is_dst (const char *start, const char *name, const char *str,
198 int is_path, int secure)
199 {
200 size_t len;
201 bool is_curly = false;
202
203 if (name[0] == '{')
204 {
205 is_curly = true;
206 ++name;
207 }
208
209 len = 0;
210 while (name[len] == str[len] && name[len] != '\0')
211 ++len;
212
213 if (is_curly)
214 {
215 if (name[len] != '}')
216 return 0;
217
218 /* Point again at the beginning of the name. */
219 --name;
220 /* Skip over closing curly brace and adjust for the --name. */
221 len += 2;
222 }
223 else if (name[len] != '\0' && name[len] != '/'
224 && (!is_path || name[len] != ':'))
225 return 0;
226
227 if (__glibc_unlikely (secure)
228 && ((name[len] != '\0' && name[len] != '/'
229 && (!is_path || name[len] != ':'))
230 || (name != start + 1 && (!is_path || name[-2] != ':'))))
231 return 0;
232
233 return len;
234 }
235
236
237 size_t
238 _dl_dst_count (const char *name, int is_path)
239 {
240 const char *const start = name;
241 size_t cnt = 0;
242
243 do
244 {
245 size_t len;
246
247 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
248 is $ORIGIN alone) and it must always appear first in path. */
249 ++name;
250 if ((len = is_dst (start, name, "ORIGIN", is_path,
251 __libc_enable_secure)) != 0
252 || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
253 || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
254 ++cnt;
255
256 name = strchr (name + len, '$');
257 }
258 while (name != NULL);
259
260 return cnt;
261 }
262
263
264 char *
265 _dl_dst_substitute (struct link_map *l, const char *name, char *result,
266 int is_path)
267 {
268 const char *const start = name;
269
270 /* Now fill the result path. While copying over the string we keep
271 track of the start of the last path element. When we come across
272 a DST we copy over the value or (if the value is not available)
273 leave the entire path element out. */
274 char *wp = result;
275 char *last_elem = result;
276 bool check_for_trusted = false;
277
278 do
279 {
280 if (__glibc_unlikely (*name == '$'))
281 {
282 const char *repl = NULL;
283 size_t len;
284
285 ++name;
286 if ((len = is_dst (start, name, "ORIGIN", is_path,
287 __libc_enable_secure)) != 0)
288 {
289 repl = l->l_origin;
290 check_for_trusted = (__libc_enable_secure
291 && l->l_type == lt_executable);
292 }
293 else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
294 repl = GLRO(dl_platform);
295 else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
296 repl = DL_DST_LIB;
297
298 if (repl != NULL && repl != (const char *) -1)
299 {
300 wp = __stpcpy (wp, repl);
301 name += len;
302 }
303 else if (len > 1)
304 {
305 /* We cannot use this path element, the value of the
306 replacement is unknown. */
307 wp = last_elem;
308 name += len;
309 while (*name != '\0' && (!is_path || *name != ':'))
310 ++name;
311 /* Also skip following colon if this is the first rpath
312 element, but keep an empty element at the end. */
313 if (wp == result && is_path && *name == ':' && name[1] != '\0')
314 ++name;
315 }
316 else
317 /* No DST we recognize. */
318 *wp++ = '$';
319 }
320 else
321 {
322 *wp++ = *name++;
323 if (is_path && *name == ':')
324 {
325 /* In SUID/SGID programs, after $ORIGIN expansion the
326 normalized path must be rooted in one of the trusted
327 directories. */
328 if (__glibc_unlikely (check_for_trusted)
329 && !is_trusted_path_normalize (last_elem, wp - last_elem))
330 wp = last_elem;
331 else
332 last_elem = wp;
333
334 check_for_trusted = false;
335 }
336 }
337 }
338 while (*name != '\0');
339
340 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
341 path must be rooted in one of the trusted directories. */
342 if (__glibc_unlikely (check_for_trusted)
343 && !is_trusted_path_normalize (last_elem, wp - last_elem))
344 wp = last_elem;
345
346 *wp = '\0';
347
348 return result;
349 }
350
351
352 /* Return copy of argument with all recognized dynamic string tokens
353 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
354 might not be possible to determine the path from which the object
355 belonging to the map is loaded. In this case the path element
356 containing $ORIGIN is left out. */
357 static char *
358 expand_dynamic_string_token (struct link_map *l, const char *s, int is_path)
359 {
360 /* We make two runs over the string. First we determine how large the
361 resulting string is and then we copy it over. Since this is no
362 frequently executed operation we are looking here not for performance
363 but rather for code size. */
364 size_t cnt;
365 size_t total;
366 char *result;
367
368 /* Determine the number of DST elements. */
369 cnt = DL_DST_COUNT (s, is_path);
370
371 /* If we do not have to replace anything simply copy the string. */
372 if (__glibc_likely (cnt == 0))
373 return __strdup (s);
374
375 /* Determine the length of the substituted string. */
376 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
377
378 /* Allocate the necessary memory. */
379 result = (char *) malloc (total + 1);
380 if (result == NULL)
381 return NULL;
382
383 return _dl_dst_substitute (l, s, result, is_path);
384 }
385
386
387 /* Add `name' to the list of names for a particular shared object.
388 `name' is expected to have been allocated with malloc and will
389 be freed if the shared object already has this name.
390 Returns false if the object already had this name. */
391 static void
392 internal_function
393 add_name_to_object (struct link_map *l, const char *name)
394 {
395 struct libname_list *lnp, *lastp;
396 struct libname_list *newname;
397 size_t name_len;
398
399 lastp = NULL;
400 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
401 if (strcmp (name, lnp->name) == 0)
402 return;
403
404 name_len = strlen (name) + 1;
405 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
406 if (newname == NULL)
407 {
408 /* No more memory. */
409 _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record"));
410 return;
411 }
412 /* The object should have a libname set from _dl_new_object. */
413 assert (lastp != NULL);
414
415 newname->name = memcpy (newname + 1, name, name_len);
416 newname->next = NULL;
417 newname->dont_free = 0;
418 lastp->next = newname;
419 }
420
421 /* Standard search directories. */
422 static struct r_search_path_struct rtld_search_dirs attribute_relro;
423
424 static size_t max_dirnamelen;
425
426 static struct r_search_path_elem **
427 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
428 int check_trusted, const char *what, const char *where,
429 struct link_map *l)
430 {
431 char *cp;
432 size_t nelems = 0;
433 char *to_free;
434
435 while ((cp = __strsep (&rpath, sep)) != NULL)
436 {
437 struct r_search_path_elem *dirp;
438
439 to_free = cp = expand_dynamic_string_token (l, cp, 1);
440
441 size_t len = strlen (cp);
442
443 /* `strsep' can pass an empty string. This has to be
444 interpreted as `use the current directory'. */
445 if (len == 0)
446 {
447 static const char curwd[] = "./";
448 cp = (char *) curwd;
449 }
450
451 /* Remove trailing slashes (except for "/"). */
452 while (len > 1 && cp[len - 1] == '/')
453 --len;
454
455 /* Now add one if there is none so far. */
456 if (len > 0 && cp[len - 1] != '/')
457 cp[len++] = '/';
458
459 /* Make sure we don't use untrusted directories if we run SUID. */
460 if (__glibc_unlikely (check_trusted) && !is_trusted_path (cp, len))
461 {
462 free (to_free);
463 continue;
464 }
465
466 /* See if this directory is already known. */
467 for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next)
468 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
469 break;
470
471 if (dirp != NULL)
472 {
473 /* It is available, see whether it's on our own list. */
474 size_t cnt;
475 for (cnt = 0; cnt < nelems; ++cnt)
476 if (result[cnt] == dirp)
477 break;
478
479 if (cnt == nelems)
480 result[nelems++] = dirp;
481 }
482 else
483 {
484 size_t cnt;
485 enum r_dir_status init_val;
486 size_t where_len = where ? strlen (where) + 1 : 0;
487
488 /* It's a new directory. Create an entry and add it. */
489 dirp = (struct r_search_path_elem *)
490 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
491 + where_len + len + 1);
492 if (dirp == NULL)
493 _dl_signal_error (ENOMEM, NULL, NULL,
494 N_("cannot create cache for search path"));
495
496 dirp->dirname = ((char *) dirp + sizeof (*dirp)
497 + ncapstr * sizeof (enum r_dir_status));
498 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
499 dirp->dirnamelen = len;
500
501 if (len > max_dirnamelen)
502 max_dirnamelen = len;
503
504 /* We have to make sure all the relative directories are
505 never ignored. The current directory might change and
506 all our saved information would be void. */
507 init_val = cp[0] != '/' ? existing : unknown;
508 for (cnt = 0; cnt < ncapstr; ++cnt)
509 dirp->status[cnt] = init_val;
510
511 dirp->what = what;
512 if (__glibc_likely (where != NULL))
513 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
514 + (ncapstr * sizeof (enum r_dir_status)),
515 where, where_len);
516 else
517 dirp->where = NULL;
518
519 dirp->next = GL(dl_all_dirs);
520 GL(dl_all_dirs) = dirp;
521
522 /* Put it in the result array. */
523 result[nelems++] = dirp;
524 }
525 free (to_free);
526 }
527
528 /* Terminate the array. */
529 result[nelems] = NULL;
530
531 return result;
532 }
533
534
535 static bool
536 internal_function
537 decompose_rpath (struct r_search_path_struct *sps,
538 const char *rpath, struct link_map *l, const char *what)
539 {
540 /* Make a copy we can work with. */
541 const char *where = l->l_name;
542 char *copy;
543 char *cp;
544 struct r_search_path_elem **result;
545 size_t nelems;
546 /* Initialize to please the compiler. */
547 const char *errstring = NULL;
548
549 /* First see whether we must forget the RUNPATH and RPATH from this
550 object. */
551 if (__glibc_unlikely (GLRO(dl_inhibit_rpath) != NULL)
552 && !__libc_enable_secure)
553 {
554 const char *inhp = GLRO(dl_inhibit_rpath);
555
556 do
557 {
558 const char *wp = where;
559
560 while (*inhp == *wp && *wp != '\0')
561 {
562 ++inhp;
563 ++wp;
564 }
565
566 if (*wp == '\0' && (*inhp == '\0' || *inhp == ':'))
567 {
568 /* This object is on the list of objects for which the
569 RUNPATH and RPATH must not be used. */
570 sps->dirs = (void *) -1;
571 return false;
572 }
573
574 while (*inhp != '\0')
575 if (*inhp++ == ':')
576 break;
577 }
578 while (*inhp != '\0');
579 }
580
581 /* Make a writable copy. */
582 copy = __strdup (rpath);
583 if (copy == NULL)
584 {
585 errstring = N_("cannot create RUNPATH/RPATH copy");
586 goto signal_error;
587 }
588
589 /* Ignore empty rpaths. */
590 if (*copy == 0)
591 {
592 free (copy);
593 sps->dirs = (struct r_search_path_elem **) -1;
594 return false;
595 }
596
597 /* Count the number of necessary elements in the result array. */
598 nelems = 0;
599 for (cp = copy; *cp != '\0'; ++cp)
600 if (*cp == ':')
601 ++nelems;
602
603 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
604 number of necessary entries. */
605 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
606 * sizeof (*result));
607 if (result == NULL)
608 {
609 free (copy);
610 errstring = N_("cannot create cache for search path");
611 signal_error:
612 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
613 }
614
615 fillin_rpath (copy, result, ":", 0, what, where, l);
616
617 /* Free the copied RPATH string. `fillin_rpath' make own copies if
618 necessary. */
619 free (copy);
620
621 sps->dirs = result;
622 /* The caller will change this value if we haven't used a real malloc. */
623 sps->malloced = 1;
624 return true;
625 }
626
627 /* Make sure cached path information is stored in *SP
628 and return true if there are any paths to search there. */
629 static bool
630 cache_rpath (struct link_map *l,
631 struct r_search_path_struct *sp,
632 int tag,
633 const char *what)
634 {
635 if (sp->dirs == (void *) -1)
636 return false;
637
638 if (sp->dirs != NULL)
639 return true;
640
641 if (l->l_info[tag] == NULL)
642 {
643 /* There is no path. */
644 sp->dirs = (void *) -1;
645 return false;
646 }
647
648 /* Make sure the cache information is available. */
649 return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB])
650 + l->l_info[tag]->d_un.d_val),
651 l, what);
652 }
653
654
655 void
656 internal_function
657 _dl_init_paths (const char *llp)
658 {
659 size_t idx;
660 const char *strp;
661 struct r_search_path_elem *pelem, **aelem;
662 size_t round_size;
663 struct link_map __attribute__ ((unused)) *l = NULL;
664 /* Initialize to please the compiler. */
665 const char *errstring = NULL;
666
667 /* Fill in the information about the application's RPATH and the
668 directories addressed by the LD_LIBRARY_PATH environment variable. */
669
670 /* Get the capabilities. */
671 capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen),
672 &ncapstr, &max_capstrlen);
673
674 /* First set up the rest of the default search directory entries. */
675 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
676 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
677 if (rtld_search_dirs.dirs == NULL)
678 {
679 errstring = N_("cannot create search path array");
680 signal_error:
681 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
682 }
683
684 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
685 + ncapstr * sizeof (enum r_dir_status))
686 / sizeof (struct r_search_path_elem));
687
688 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)
689 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
690 * round_size * sizeof (struct r_search_path_elem));
691 if (rtld_search_dirs.dirs[0] == NULL)
692 {
693 errstring = N_("cannot create cache for search path");
694 goto signal_error;
695 }
696
697 rtld_search_dirs.malloced = 0;
698 pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0];
699 strp = system_dirs;
700 idx = 0;
701
702 do
703 {
704 size_t cnt;
705
706 *aelem++ = pelem;
707
708 pelem->what = "system search path";
709 pelem->where = NULL;
710
711 pelem->dirname = strp;
712 pelem->dirnamelen = system_dirs_len[idx];
713 strp += system_dirs_len[idx] + 1;
714
715 /* System paths must be absolute. */
716 assert (pelem->dirname[0] == '/');
717 for (cnt = 0; cnt < ncapstr; ++cnt)
718 pelem->status[cnt] = unknown;
719
720 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
721
722 pelem += round_size;
723 }
724 while (idx < nsystem_dirs_len);
725
726 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
727 *aelem = NULL;
728
729 #ifdef SHARED
730 /* This points to the map of the main object. */
731 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
732 if (l != NULL)
733 {
734 assert (l->l_type != lt_loaded);
735
736 if (l->l_info[DT_RUNPATH])
737 {
738 /* Allocate room for the search path and fill in information
739 from RUNPATH. */
740 decompose_rpath (&l->l_runpath_dirs,
741 (const void *) (D_PTR (l, l_info[DT_STRTAB])
742 + l->l_info[DT_RUNPATH]->d_un.d_val),
743 l, "RUNPATH");
744 /* During rtld init the memory is allocated by the stub malloc,
745 prevent any attempt to free it by the normal malloc. */
746 l->l_runpath_dirs.malloced = 0;
747
748 /* The RPATH is ignored. */
749 l->l_rpath_dirs.dirs = (void *) -1;
750 }
751 else
752 {
753 l->l_runpath_dirs.dirs = (void *) -1;
754
755 if (l->l_info[DT_RPATH])
756 {
757 /* Allocate room for the search path and fill in information
758 from RPATH. */
759 decompose_rpath (&l->l_rpath_dirs,
760 (const void *) (D_PTR (l, l_info[DT_STRTAB])
761 + l->l_info[DT_RPATH]->d_un.d_val),
762 l, "RPATH");
763 /* During rtld init the memory is allocated by the stub
764 malloc, prevent any attempt to free it by the normal
765 malloc. */
766 l->l_rpath_dirs.malloced = 0;
767 }
768 else
769 l->l_rpath_dirs.dirs = (void *) -1;
770 }
771 }
772 #endif /* SHARED */
773
774 if (llp != NULL && *llp != '\0')
775 {
776 size_t nllp;
777 const char *cp = llp;
778 char *llp_tmp;
779
780 #ifdef SHARED
781 /* Expand DSTs. */
782 size_t cnt = DL_DST_COUNT (llp, 1);
783 if (__glibc_likely (cnt == 0))
784 llp_tmp = strdupa (llp);
785 else
786 {
787 /* Determine the length of the substituted string. */
788 size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt);
789
790 /* Allocate the necessary memory. */
791 llp_tmp = (char *) alloca (total + 1);
792 llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1);
793 }
794 #else
795 llp_tmp = strdupa (llp);
796 #endif
797
798 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
799 elements it has. */
800 nllp = 1;
801 while (*cp)
802 {
803 if (*cp == ':' || *cp == ';')
804 ++nllp;
805 ++cp;
806 }
807
808 env_path_list.dirs = (struct r_search_path_elem **)
809 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
810 if (env_path_list.dirs == NULL)
811 {
812 errstring = N_("cannot create cache for search path");
813 goto signal_error;
814 }
815
816 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
817 __libc_enable_secure, "LD_LIBRARY_PATH",
818 NULL, l);
819
820 if (env_path_list.dirs[0] == NULL)
821 {
822 free (env_path_list.dirs);
823 env_path_list.dirs = (void *) -1;
824 }
825
826 env_path_list.malloced = 0;
827 }
828 else
829 env_path_list.dirs = (void *) -1;
830 }
831
832
833 static void
834 __attribute__ ((noreturn, noinline))
835 lose (int code, int fd, const char *name, char *realname, struct link_map *l,
836 const char *msg, struct r_debug *r, Lmid_t nsid)
837 {
838 /* The file might already be closed. */
839 if (fd != -1)
840 (void) __close (fd);
841 if (l != NULL && l->l_origin != (char *) -1l)
842 free ((char *) l->l_origin);
843 free (l);
844 free (realname);
845
846 if (r != NULL)
847 {
848 r->r_state = RT_CONSISTENT;
849 _dl_debug_state ();
850 LIBC_PROBE (map_failed, 2, nsid, r);
851 }
852
853 _dl_signal_error (code, name, NULL, msg);
854 }
855
856
857 /* Map in the shared object NAME, actually located in REALNAME, and already
858 opened on FD. */
859
860 #ifndef EXTERNAL_MAP_FROM_FD
861 static
862 #endif
863 struct link_map *
864 _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
865 char *realname, struct link_map *loader, int l_type,
866 int mode, void **stack_endp, Lmid_t nsid)
867 {
868 struct link_map *l = NULL;
869 const ElfW(Ehdr) *header;
870 const ElfW(Phdr) *phdr;
871 const ElfW(Phdr) *ph;
872 size_t maplength;
873 int type;
874 struct stat64 st;
875 /* Initialize to keep the compiler happy. */
876 const char *errstring = NULL;
877 int errval = 0;
878 struct r_debug *r = _dl_debug_initialize (0, nsid);
879 bool make_consistent = false;
880
881 /* Get file information. */
882 if (__glibc_unlikely (__fxstat64 (_STAT_VER, fd, &st) < 0))
883 {
884 errstring = N_("cannot stat shared object");
885 call_lose_errno:
886 errval = errno;
887 call_lose:
888 lose (errval, fd, name, realname, l, errstring,
889 make_consistent ? r : NULL, nsid);
890 }
891
892 /* Look again to see if the real name matched another already loaded. */
893 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
894 if (l->l_removed == 0 && l->l_ino == st.st_ino && l->l_dev == st.st_dev)
895 {
896 /* The object is already loaded.
897 Just bump its reference count and return it. */
898 __close (fd);
899
900 /* If the name is not in the list of names for this object add
901 it. */
902 free (realname);
903 add_name_to_object (l, name);
904
905 return l;
906 }
907
908 #ifdef SHARED
909 /* When loading into a namespace other than the base one we must
910 avoid loading ld.so since there can only be one copy. Ever. */
911 if (__glibc_unlikely (nsid != LM_ID_BASE)
912 && ((st.st_ino == GL(dl_rtld_map).l_ino
913 && st.st_dev == GL(dl_rtld_map).l_dev)
914 || _dl_name_match_p (name, &GL(dl_rtld_map))))
915 {
916 /* This is indeed ld.so. Create a new link_map which refers to
917 the real one for almost everything. */
918 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
919 if (l == NULL)
920 goto fail_new;
921
922 /* Refer to the real descriptor. */
923 l->l_real = &GL(dl_rtld_map);
924
925 /* No need to bump the refcount of the real object, ld.so will
926 never be unloaded. */
927 __close (fd);
928
929 /* Add the map for the mirrored object to the object list. */
930 _dl_add_to_namespace_list (l, nsid);
931
932 return l;
933 }
934 #endif
935
936 if (mode & RTLD_NOLOAD)
937 {
938 /* We are not supposed to load the object unless it is already
939 loaded. So return now. */
940 free (realname);
941 __close (fd);
942 return NULL;
943 }
944
945 /* Print debugging message. */
946 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
947 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid);
948
949 /* This is the ELF header. We read it in `open_verify'. */
950 header = (void *) fbp->buf;
951
952 #ifndef MAP_ANON
953 # define MAP_ANON 0
954 if (_dl_zerofd == -1)
955 {
956 _dl_zerofd = _dl_sysdep_open_zero_fill ();
957 if (_dl_zerofd == -1)
958 {
959 free (realname);
960 __close (fd);
961 _dl_signal_error (errno, NULL, NULL,
962 N_("cannot open zero fill device"));
963 }
964 }
965 #endif
966
967 /* Signal that we are going to add new objects. */
968 if (r->r_state == RT_CONSISTENT)
969 {
970 #ifdef SHARED
971 /* Auditing checkpoint: we are going to add new objects. */
972 if ((mode & __RTLD_AUDIT) == 0
973 && __glibc_unlikely (GLRO(dl_naudit) > 0))
974 {
975 struct link_map *head = GL(dl_ns)[nsid]._ns_loaded;
976 /* Do not call the functions for any auditing object. */
977 if (head->l_auditing == 0)
978 {
979 struct audit_ifaces *afct = GLRO(dl_audit);
980 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
981 {
982 if (afct->activity != NULL)
983 afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD);
984
985 afct = afct->next;
986 }
987 }
988 }
989 #endif
990
991 /* Notify the debugger we have added some objects. We need to
992 call _dl_debug_initialize in a static program in case dynamic
993 linking has not been used before. */
994 r->r_state = RT_ADD;
995 _dl_debug_state ();
996 LIBC_PROBE (map_start, 2, nsid, r);
997 make_consistent = true;
998 }
999 else
1000 assert (r->r_state == RT_ADD);
1001
1002 /* Enter the new object in the list of loaded objects. */
1003 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
1004 if (__glibc_unlikely (l == NULL))
1005 {
1006 #ifdef SHARED
1007 fail_new:
1008 #endif
1009 errstring = N_("cannot create shared object descriptor");
1010 goto call_lose_errno;
1011 }
1012
1013 /* Extract the remaining details we need from the ELF header
1014 and then read in the program header table. */
1015 l->l_entry = header->e_entry;
1016 type = header->e_type;
1017 l->l_phnum = header->e_phnum;
1018
1019 maplength = header->e_phnum * sizeof (ElfW(Phdr));
1020 if (header->e_phoff + maplength <= (size_t) fbp->len)
1021 phdr = (void *) (fbp->buf + header->e_phoff);
1022 else
1023 {
1024 phdr = alloca (maplength);
1025 __lseek (fd, header->e_phoff, SEEK_SET);
1026 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1027 {
1028 errstring = N_("cannot read file data");
1029 goto call_lose_errno;
1030 }
1031 }
1032
1033 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1034 * executable. Other platforms default to a nonexecutable stack and don't
1035 * need PT_GNU_STACK to do so. */
1036 uint_fast16_t stack_flags = DEFAULT_STACK_PERMS;
1037
1038 {
1039 /* Scan the program header table, collecting its load commands. */
1040 struct loadcmd loadcmds[l->l_phnum];
1041 size_t nloadcmds = 0;
1042 bool has_holes = false;
1043
1044 /* The struct is initialized to zero so this is not necessary:
1045 l->l_ld = 0;
1046 l->l_phdr = 0;
1047 l->l_addr = 0; */
1048 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
1049 switch (ph->p_type)
1050 {
1051 /* These entries tell us where to find things once the file's
1052 segments are mapped in. We record the addresses it says
1053 verbatim, and later correct for the run-time load address. */
1054 case PT_DYNAMIC:
1055 l->l_ld = (void *) ph->p_vaddr;
1056 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
1057 break;
1058
1059 case PT_PHDR:
1060 l->l_phdr = (void *) ph->p_vaddr;
1061 break;
1062
1063 case PT_LOAD:
1064 /* A load command tells us to map in part of the file.
1065 We record the load commands and process them all later. */
1066 if (__glibc_unlikely ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0))
1067 {
1068 errstring = N_("ELF load command alignment not page-aligned");
1069 goto call_lose;
1070 }
1071 if (__glibc_unlikely (((ph->p_vaddr - ph->p_offset)
1072 & (ph->p_align - 1)) != 0))
1073 {
1074 errstring
1075 = N_("ELF load command address/offset not properly aligned");
1076 goto call_lose;
1077 }
1078
1079 struct loadcmd *c = &loadcmds[nloadcmds++];
1080 c->mapstart = ph->p_vaddr & ~(GLRO(dl_pagesize) - 1);
1081 c->mapend = ((ph->p_vaddr + ph->p_filesz + GLRO(dl_pagesize) - 1)
1082 & ~(GLRO(dl_pagesize) - 1));
1083 c->dataend = ph->p_vaddr + ph->p_filesz;
1084 c->allocend = ph->p_vaddr + ph->p_memsz;
1085 c->mapoff = ph->p_offset & ~(GLRO(dl_pagesize) - 1);
1086
1087 /* Determine whether there is a gap between the last segment
1088 and this one. */
1089 if (nloadcmds > 1 && c[-1].mapend != c->mapstart)
1090 has_holes = true;
1091
1092 /* Optimize a common case. */
1093 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1094 c->prot = (PF_TO_PROT
1095 >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf;
1096 #else
1097 c->prot = 0;
1098 if (ph->p_flags & PF_R)
1099 c->prot |= PROT_READ;
1100 if (ph->p_flags & PF_W)
1101 c->prot |= PROT_WRITE;
1102 if (ph->p_flags & PF_X)
1103 c->prot |= PROT_EXEC;
1104 #endif
1105 break;
1106
1107 case PT_TLS:
1108 if (ph->p_memsz == 0)
1109 /* Nothing to do for an empty segment. */
1110 break;
1111
1112 l->l_tls_blocksize = ph->p_memsz;
1113 l->l_tls_align = ph->p_align;
1114 if (ph->p_align == 0)
1115 l->l_tls_firstbyte_offset = 0;
1116 else
1117 l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1);
1118 l->l_tls_initimage_size = ph->p_filesz;
1119 /* Since we don't know the load address yet only store the
1120 offset. We will adjust it later. */
1121 l->l_tls_initimage = (void *) ph->p_vaddr;
1122
1123 /* If not loading the initial set of shared libraries,
1124 check whether we should permit loading a TLS segment. */
1125 if (__glibc_likely (l->l_type == lt_library)
1126 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1127 not set up TLS data structures, so don't use them now. */
1128 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list) != NULL))
1129 {
1130 /* Assign the next available module ID. */
1131 l->l_tls_modid = _dl_next_tls_modid ();
1132 break;
1133 }
1134
1135 #ifdef SHARED
1136 if (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0)
1137 /* We are loading the executable itself when the dynamic linker
1138 was executed directly. The setup will happen later. */
1139 break;
1140
1141 # ifdef _LIBC_REENTRANT
1142 /* In a static binary there is no way to tell if we dynamically
1143 loaded libpthread. */
1144 if (GL(dl_error_catch_tsd) == &_dl_initial_error_catch_tsd)
1145 # endif
1146 #endif
1147 {
1148 /* We have not yet loaded libpthread.
1149 We can do the TLS setup right now! */
1150
1151 void *tcb;
1152
1153 /* The first call allocates TLS bookkeeping data structures.
1154 Then we allocate the TCB for the initial thread. */
1155 if (__glibc_unlikely (_dl_tls_setup ())
1156 || __glibc_unlikely ((tcb = _dl_allocate_tls (NULL)) == NULL))
1157 {
1158 errval = ENOMEM;
1159 errstring = N_("\
1160 cannot allocate TLS data structures for initial thread");
1161 goto call_lose;
1162 }
1163
1164 /* Now we install the TCB in the thread register. */
1165 errstring = TLS_INIT_TP (tcb);
1166 if (__glibc_likely (errstring == NULL))
1167 {
1168 /* Now we are all good. */
1169 l->l_tls_modid = ++GL(dl_tls_max_dtv_idx);
1170 break;
1171 }
1172
1173 /* The kernel is too old or somesuch. */
1174 errval = 0;
1175 _dl_deallocate_tls (tcb, 1);
1176 goto call_lose;
1177 }
1178
1179 /* Uh-oh, the binary expects TLS support but we cannot
1180 provide it. */
1181 errval = 0;
1182 errstring = N_("cannot handle TLS data");
1183 goto call_lose;
1184 break;
1185
1186 case PT_GNU_STACK:
1187 stack_flags = ph->p_flags;
1188 break;
1189
1190 case PT_GNU_RELRO:
1191 l->l_relro_addr = ph->p_vaddr;
1192 l->l_relro_size = ph->p_memsz;
1193 break;
1194 }
1195
1196 if (__glibc_unlikely (nloadcmds == 0))
1197 {
1198 /* This only happens for a bogus object that will be caught with
1199 another error below. But we don't want to go through the
1200 calculations below using NLOADCMDS - 1. */
1201 errstring = N_("object file has no loadable segments");
1202 goto call_lose;
1203 }
1204
1205 if (__glibc_unlikely (type != ET_DYN)
1206 && __glibc_unlikely ((mode & __RTLD_OPENEXEC) == 0))
1207 {
1208 /* This object is loaded at a fixed address. This must never
1209 happen for objects loaded with dlopen. */
1210 errstring = N_("cannot dynamically load executable");
1211 goto call_lose;
1212 }
1213
1214 /* Length of the sections to be loaded. */
1215 maplength = loadcmds[nloadcmds - 1].allocend - loadcmds[0].mapstart;
1216
1217 /* Now process the load commands and map segments into memory.
1218 This is responsible for filling in:
1219 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1220 */
1221 errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds,
1222 maplength, has_holes, loader);
1223 if (__glibc_unlikely (errstring != NULL))
1224 goto call_lose;
1225 }
1226
1227 if (l->l_ld == 0)
1228 {
1229 if (__glibc_unlikely (type == ET_DYN))
1230 {
1231 errstring = N_("object file has no dynamic section");
1232 goto call_lose;
1233 }
1234 }
1235 else
1236 l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr);
1237
1238 elf_get_dynamic_info (l, NULL);
1239
1240 /* Make sure we are not dlopen'ing an object that has the
1241 DF_1_NOOPEN flag set. */
1242 if (__glibc_unlikely (l->l_flags_1 & DF_1_NOOPEN)
1243 && (mode & __RTLD_DLOPEN))
1244 {
1245 /* We are not supposed to load this object. Free all resources. */
1246 _dl_unmap_segments (l);
1247
1248 if (!l->l_libname->dont_free)
1249 free (l->l_libname);
1250
1251 if (l->l_phdr_allocated)
1252 free ((void *) l->l_phdr);
1253
1254 errstring = N_("shared object cannot be dlopen()ed");
1255 goto call_lose;
1256 }
1257
1258 if (l->l_phdr == NULL)
1259 {
1260 /* The program header is not contained in any of the segments.
1261 We have to allocate memory ourself and copy it over from out
1262 temporary place. */
1263 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1264 * sizeof (ElfW(Phdr)));
1265 if (newp == NULL)
1266 {
1267 errstring = N_("cannot allocate memory for program header");
1268 goto call_lose_errno;
1269 }
1270
1271 l->l_phdr = memcpy (newp, phdr,
1272 (header->e_phnum * sizeof (ElfW(Phdr))));
1273 l->l_phdr_allocated = 1;
1274 }
1275 else
1276 /* Adjust the PT_PHDR value by the runtime load address. */
1277 l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr);
1278
1279 if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X))
1280 {
1281 if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso) != 0))
1282 {
1283 errstring = N_("invalid caller");
1284 goto call_lose;
1285 }
1286
1287 /* The stack is presently not executable, but this module
1288 requires that it be executable. We must change the
1289 protection of the variable which contains the flags used in
1290 the mprotect calls. */
1291 #ifdef SHARED
1292 if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN)
1293 {
1294 const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize);
1295 const size_t s = (uintptr_t) (&__stack_prot + 1) - p;
1296
1297 struct link_map *const m = &GL(dl_rtld_map);
1298 const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr
1299 + m->l_relro_size)
1300 & -GLRO(dl_pagesize));
1301 if (__glibc_likely (p + s <= relro_end))
1302 {
1303 /* The variable lies in the region protected by RELRO. */
1304 if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0)
1305 {
1306 errstring = N_("cannot change memory protections");
1307 goto call_lose_errno;
1308 }
1309 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1310 __mprotect ((void *) p, s, PROT_READ);
1311 }
1312 else
1313 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1314 }
1315 else
1316 #endif
1317 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1318
1319 #ifdef check_consistency
1320 check_consistency ();
1321 #endif
1322
1323 errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
1324 if (errval)
1325 {
1326 errstring = N_("\
1327 cannot enable executable stack as shared object requires");
1328 goto call_lose;
1329 }
1330 }
1331
1332 /* Adjust the address of the TLS initialization image. */
1333 if (l->l_tls_initimage != NULL)
1334 l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr;
1335
1336 /* We are done mapping in the file. We no longer need the descriptor. */
1337 if (__glibc_unlikely (__close (fd) != 0))
1338 {
1339 errstring = N_("cannot close file descriptor");
1340 goto call_lose_errno;
1341 }
1342 /* Signal that we closed the file. */
1343 fd = -1;
1344
1345 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1346 assert (type != ET_EXEC || l->l_type == lt_executable);
1347
1348 l->l_entry += l->l_addr;
1349
1350 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
1351 _dl_debug_printf ("\
1352 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1353 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1354 (int) sizeof (void *) * 2,
1355 (unsigned long int) l->l_ld,
1356 (int) sizeof (void *) * 2,
1357 (unsigned long int) l->l_addr,
1358 (int) sizeof (void *) * 2, maplength,
1359 (int) sizeof (void *) * 2,
1360 (unsigned long int) l->l_entry,
1361 (int) sizeof (void *) * 2,
1362 (unsigned long int) l->l_phdr,
1363 (int) sizeof (void *) * 2, l->l_phnum);
1364
1365 /* Set up the symbol hash table. */
1366 _dl_setup_hash (l);
1367
1368 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1369 have to do this for the main map. */
1370 if ((mode & RTLD_DEEPBIND) == 0
1371 && __glibc_unlikely (l->l_info[DT_SYMBOLIC] != NULL)
1372 && &l->l_searchlist != l->l_scope[0])
1373 {
1374 /* Create an appropriate searchlist. It contains only this map.
1375 This is the definition of DT_SYMBOLIC in SysVr4. */
1376 l->l_symbolic_searchlist.r_list[0] = l;
1377 l->l_symbolic_searchlist.r_nlist = 1;
1378
1379 /* Now move the existing entries one back. */
1380 memmove (&l->l_scope[1], &l->l_scope[0],
1381 (l->l_scope_max - 1) * sizeof (l->l_scope[0]));
1382
1383 /* Now add the new entry. */
1384 l->l_scope[0] = &l->l_symbolic_searchlist;
1385 }
1386
1387 /* Remember whether this object must be initialized first. */
1388 if (l->l_flags_1 & DF_1_INITFIRST)
1389 GL(dl_initfirst) = l;
1390
1391 /* Finally the file information. */
1392 l->l_dev = st.st_dev;
1393 l->l_ino = st.st_ino;
1394
1395 /* When we profile the SONAME might be needed for something else but
1396 loading. Add it right away. */
1397 if (__glibc_unlikely (GLRO(dl_profile) != NULL)
1398 && l->l_info[DT_SONAME] != NULL)
1399 add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB])
1400 + l->l_info[DT_SONAME]->d_un.d_val));
1401
1402 #ifdef DL_AFTER_LOAD
1403 DL_AFTER_LOAD (l);
1404 #endif
1405
1406 /* Now that the object is fully initialized add it to the object list. */
1407 _dl_add_to_namespace_list (l, nsid);
1408
1409 #ifdef SHARED
1410 /* Auditing checkpoint: we have a new object. */
1411 if (__glibc_unlikely (GLRO(dl_naudit) > 0)
1412 && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing)
1413 {
1414 struct audit_ifaces *afct = GLRO(dl_audit);
1415 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1416 {
1417 if (afct->objopen != NULL)
1418 {
1419 l->l_audit[cnt].bindflags
1420 = afct->objopen (l, nsid, &l->l_audit[cnt].cookie);
1421
1422 l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0;
1423 }
1424
1425 afct = afct->next;
1426 }
1427 }
1428 #endif
1429
1430 return l;
1431 }
1432 \f
1433 /* Print search path. */
1434 static void
1435 print_search_path (struct r_search_path_elem **list,
1436 const char *what, const char *name)
1437 {
1438 char buf[max_dirnamelen + max_capstrlen];
1439 int first = 1;
1440
1441 _dl_debug_printf (" search path=");
1442
1443 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1444 {
1445 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1446 size_t cnt;
1447
1448 for (cnt = 0; cnt < ncapstr; ++cnt)
1449 if ((*list)->status[cnt] != nonexisting)
1450 {
1451 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1452 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1453 cp[0] = '\0';
1454 else
1455 cp[-1] = '\0';
1456
1457 _dl_debug_printf_c (first ? "%s" : ":%s", buf);
1458 first = 0;
1459 }
1460
1461 ++list;
1462 }
1463
1464 if (name != NULL)
1465 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
1466 DSO_FILENAME (name));
1467 else
1468 _dl_debug_printf_c ("\t\t(%s)\n", what);
1469 }
1470 \f
1471 /* Open a file and verify it is an ELF file for this architecture. We
1472 ignore only ELF files for other architectures. Non-ELF files and
1473 ELF files with different header information cause fatal errors since
1474 this could mean there is something wrong in the installation and the
1475 user might want to know about this. */
1476 static int
1477 open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
1478 int whatcode, int mode, bool *found_other_class, bool free_name)
1479 {
1480 /* This is the expected ELF header. */
1481 #define ELF32_CLASS ELFCLASS32
1482 #define ELF64_CLASS ELFCLASS64
1483 #ifndef VALID_ELF_HEADER
1484 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1485 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1486 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1487 #elif defined MORE_ELF_HEADER_DATA
1488 MORE_ELF_HEADER_DATA;
1489 #endif
1490 static const unsigned char expected[EI_NIDENT] =
1491 {
1492 [EI_MAG0] = ELFMAG0,
1493 [EI_MAG1] = ELFMAG1,
1494 [EI_MAG2] = ELFMAG2,
1495 [EI_MAG3] = ELFMAG3,
1496 [EI_CLASS] = ELFW(CLASS),
1497 [EI_DATA] = byteorder,
1498 [EI_VERSION] = EV_CURRENT,
1499 [EI_OSABI] = ELFOSABI_SYSV,
1500 [EI_ABIVERSION] = 0
1501 };
1502 static const struct
1503 {
1504 ElfW(Word) vendorlen;
1505 ElfW(Word) datalen;
1506 ElfW(Word) type;
1507 char vendor[4];
1508 } expected_note = { 4, 16, 1, "GNU" };
1509 /* Initialize it to make the compiler happy. */
1510 const char *errstring = NULL;
1511 int errval = 0;
1512
1513 #ifdef SHARED
1514 /* Give the auditing libraries a chance. */
1515 if (__glibc_unlikely (GLRO(dl_naudit) > 0) && whatcode != 0
1516 && loader->l_auditing == 0)
1517 {
1518 struct audit_ifaces *afct = GLRO(dl_audit);
1519 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1520 {
1521 if (afct->objsearch != NULL)
1522 {
1523 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1524 whatcode);
1525 if (name == NULL)
1526 /* Ignore the path. */
1527 return -1;
1528 }
1529
1530 afct = afct->next;
1531 }
1532 }
1533 #endif
1534
1535 /* Open the file. We always open files read-only. */
1536 int fd = __open (name, O_RDONLY | O_CLOEXEC);
1537 if (fd != -1)
1538 {
1539 ElfW(Ehdr) *ehdr;
1540 ElfW(Phdr) *phdr, *ph;
1541 ElfW(Word) *abi_note;
1542 unsigned int osversion;
1543 size_t maplength;
1544
1545 /* We successfully opened the file. Now verify it is a file
1546 we can use. */
1547 __set_errno (0);
1548 fbp->len = 0;
1549 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1550 /* Read in the header. */
1551 do
1552 {
1553 ssize_t retlen = __libc_read (fd, fbp->buf + fbp->len,
1554 sizeof (fbp->buf) - fbp->len);
1555 if (retlen <= 0)
1556 break;
1557 fbp->len += retlen;
1558 }
1559 while (__glibc_unlikely (fbp->len < sizeof (ElfW(Ehdr))));
1560
1561 /* This is where the ELF header is loaded. */
1562 ehdr = (ElfW(Ehdr) *) fbp->buf;
1563
1564 /* Now run the tests. */
1565 if (__glibc_unlikely (fbp->len < (ssize_t) sizeof (ElfW(Ehdr))))
1566 {
1567 errval = errno;
1568 errstring = (errval == 0
1569 ? N_("file too short") : N_("cannot read file data"));
1570 call_lose:
1571 if (free_name)
1572 {
1573 char *realname = (char *) name;
1574 name = strdupa (realname);
1575 free (realname);
1576 }
1577 lose (errval, fd, name, NULL, NULL, errstring, NULL, 0);
1578 }
1579
1580 /* See whether the ELF header is what we expect. */
1581 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr->e_ident, expected,
1582 EI_ABIVERSION)
1583 || !VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1584 ehdr->e_ident[EI_ABIVERSION])
1585 || memcmp (&ehdr->e_ident[EI_PAD],
1586 &expected[EI_PAD],
1587 EI_NIDENT - EI_PAD) != 0))
1588 {
1589 /* Something is wrong. */
1590 const Elf32_Word *magp = (const void *) ehdr->e_ident;
1591 if (*magp !=
1592 #if BYTE_ORDER == LITTLE_ENDIAN
1593 ((ELFMAG0 << (EI_MAG0 * 8)) |
1594 (ELFMAG1 << (EI_MAG1 * 8)) |
1595 (ELFMAG2 << (EI_MAG2 * 8)) |
1596 (ELFMAG3 << (EI_MAG3 * 8)))
1597 #else
1598 ((ELFMAG0 << (EI_MAG3 * 8)) |
1599 (ELFMAG1 << (EI_MAG2 * 8)) |
1600 (ELFMAG2 << (EI_MAG1 * 8)) |
1601 (ELFMAG3 << (EI_MAG0 * 8)))
1602 #endif
1603 )
1604 errstring = N_("invalid ELF header");
1605 else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
1606 {
1607 /* This is not a fatal error. On architectures where
1608 32-bit and 64-bit binaries can be run this might
1609 happen. */
1610 *found_other_class = true;
1611 goto close_and_out;
1612 }
1613 else if (ehdr->e_ident[EI_DATA] != byteorder)
1614 {
1615 if (BYTE_ORDER == BIG_ENDIAN)
1616 errstring = N_("ELF file data encoding not big-endian");
1617 else
1618 errstring = N_("ELF file data encoding not little-endian");
1619 }
1620 else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1621 errstring
1622 = N_("ELF file version ident does not match current one");
1623 /* XXX We should be able so set system specific versions which are
1624 allowed here. */
1625 else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1626 errstring = N_("ELF file OS ABI invalid");
1627 else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1628 ehdr->e_ident[EI_ABIVERSION]))
1629 errstring = N_("ELF file ABI version invalid");
1630 else if (memcmp (&ehdr->e_ident[EI_PAD], &expected[EI_PAD],
1631 EI_NIDENT - EI_PAD) != 0)
1632 errstring = N_("nonzero padding in e_ident");
1633 else
1634 /* Otherwise we don't know what went wrong. */
1635 errstring = N_("internal error");
1636
1637 goto call_lose;
1638 }
1639
1640 if (__glibc_unlikely (ehdr->e_version != EV_CURRENT))
1641 {
1642 errstring = N_("ELF file version does not match current one");
1643 goto call_lose;
1644 }
1645 if (! __glibc_likely (elf_machine_matches_host (ehdr)))
1646 goto close_and_out;
1647 else if (__glibc_unlikely (ehdr->e_type != ET_DYN
1648 && ehdr->e_type != ET_EXEC))
1649 {
1650 errstring = N_("only ET_DYN and ET_EXEC can be loaded");
1651 goto call_lose;
1652 }
1653 else if (__glibc_unlikely (ehdr->e_type == ET_EXEC
1654 && (mode & __RTLD_OPENEXEC) == 0))
1655 {
1656 /* BZ #16634. It is an error to dlopen ET_EXEC (unless
1657 __RTLD_OPENEXEC is explicitly set). We return error here
1658 so that code in _dl_map_object_from_fd does not try to set
1659 l_tls_modid for this module. */
1660
1661 errstring = N_("cannot dynamically load executable");
1662 goto call_lose;
1663 }
1664 else if (__glibc_unlikely (ehdr->e_phentsize != sizeof (ElfW(Phdr))))
1665 {
1666 errstring = N_("ELF file's phentsize not the expected size");
1667 goto call_lose;
1668 }
1669
1670 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
1671 if (ehdr->e_phoff + maplength <= (size_t) fbp->len)
1672 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1673 else
1674 {
1675 phdr = alloca (maplength);
1676 __lseek (fd, ehdr->e_phoff, SEEK_SET);
1677 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1678 {
1679 read_error:
1680 errval = errno;
1681 errstring = N_("cannot read file data");
1682 goto call_lose;
1683 }
1684 }
1685
1686 /* Check .note.ABI-tag if present. */
1687 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
1688 if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
1689 {
1690 ElfW(Addr) size = ph->p_filesz;
1691
1692 if (ph->p_offset + size <= (size_t) fbp->len)
1693 abi_note = (void *) (fbp->buf + ph->p_offset);
1694 else
1695 {
1696 abi_note = alloca (size);
1697 __lseek (fd, ph->p_offset, SEEK_SET);
1698 if (__libc_read (fd, (void *) abi_note, size) != size)
1699 goto read_error;
1700 }
1701
1702 while (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1703 {
1704 #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1705 ElfW(Addr) note_size = 3 * sizeof (ElfW(Word))
1706 + ROUND (abi_note[0])
1707 + ROUND (abi_note[1]);
1708
1709 if (size - 32 < note_size)
1710 {
1711 size = 0;
1712 break;
1713 }
1714 size -= note_size;
1715 abi_note = (void *) abi_note + note_size;
1716 }
1717
1718 if (size == 0)
1719 continue;
1720
1721 osversion = (abi_note[5] & 0xff) * 65536
1722 + (abi_note[6] & 0xff) * 256
1723 + (abi_note[7] & 0xff);
1724 if (abi_note[4] != __ABI_TAG_OS
1725 || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion))
1726 {
1727 close_and_out:
1728 __close (fd);
1729 __set_errno (ENOENT);
1730 fd = -1;
1731 }
1732
1733 break;
1734 }
1735 }
1736
1737 return fd;
1738 }
1739 \f
1740 /* Try to open NAME in one of the directories in *DIRSP.
1741 Return the fd, or -1. If successful, fill in *REALNAME
1742 with the malloc'd full directory name. If it turns out
1743 that none of the directories in *DIRSP exists, *DIRSP is
1744 replaced with (void *) -1, and the old value is free()d
1745 if MAY_FREE_DIRS is true. */
1746
1747 static int
1748 open_path (const char *name, size_t namelen, int mode,
1749 struct r_search_path_struct *sps, char **realname,
1750 struct filebuf *fbp, struct link_map *loader, int whatcode,
1751 bool *found_other_class)
1752 {
1753 struct r_search_path_elem **dirs = sps->dirs;
1754 char *buf;
1755 int fd = -1;
1756 const char *current_what = NULL;
1757 int any = 0;
1758
1759 if (__glibc_unlikely (dirs == NULL))
1760 /* We're called before _dl_init_paths when loading the main executable
1761 given on the command line when rtld is run directly. */
1762 return -1;
1763
1764 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1765 do
1766 {
1767 struct r_search_path_elem *this_dir = *dirs;
1768 size_t buflen = 0;
1769 size_t cnt;
1770 char *edp;
1771 int here_any = 0;
1772 int err;
1773
1774 /* If we are debugging the search for libraries print the path
1775 now if it hasn't happened now. */
1776 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)
1777 && current_what != this_dir->what)
1778 {
1779 current_what = this_dir->what;
1780 print_search_path (dirs, current_what, this_dir->where);
1781 }
1782
1783 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1784 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1785 {
1786 /* Skip this directory if we know it does not exist. */
1787 if (this_dir->status[cnt] == nonexisting)
1788 continue;
1789
1790 buflen =
1791 ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str,
1792 capstr[cnt].len),
1793 name, namelen)
1794 - buf);
1795
1796 /* Print name we try if this is wanted. */
1797 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
1798 _dl_debug_printf (" trying file=%s\n", buf);
1799
1800 fd = open_verify (buf, fbp, loader, whatcode, mode,
1801 found_other_class, false);
1802 if (this_dir->status[cnt] == unknown)
1803 {
1804 if (fd != -1)
1805 this_dir->status[cnt] = existing;
1806 /* Do not update the directory information when loading
1807 auditing code. We must try to disturb the program as
1808 little as possible. */
1809 else if (loader == NULL
1810 || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0)
1811 {
1812 /* We failed to open machine dependent library. Let's
1813 test whether there is any directory at all. */
1814 struct stat64 st;
1815
1816 buf[buflen - namelen - 1] = '\0';
1817
1818 if (__xstat64 (_STAT_VER, buf, &st) != 0
1819 || ! S_ISDIR (st.st_mode))
1820 /* The directory does not exist or it is no directory. */
1821 this_dir->status[cnt] = nonexisting;
1822 else
1823 this_dir->status[cnt] = existing;
1824 }
1825 }
1826
1827 /* Remember whether we found any existing directory. */
1828 here_any |= this_dir->status[cnt] != nonexisting;
1829
1830 if (fd != -1 && __glibc_unlikely (mode & __RTLD_SECURE)
1831 && __libc_enable_secure)
1832 {
1833 /* This is an extra security effort to make sure nobody can
1834 preload broken shared objects which are in the trusted
1835 directories and so exploit the bugs. */
1836 struct stat64 st;
1837
1838 if (__fxstat64 (_STAT_VER, fd, &st) != 0
1839 || (st.st_mode & S_ISUID) == 0)
1840 {
1841 /* The shared object cannot be tested for being SUID
1842 or this bit is not set. In this case we must not
1843 use this object. */
1844 __close (fd);
1845 fd = -1;
1846 /* We simply ignore the file, signal this by setting
1847 the error value which would have been set by `open'. */
1848 errno = ENOENT;
1849 }
1850 }
1851 }
1852
1853 if (fd != -1)
1854 {
1855 *realname = (char *) malloc (buflen);
1856 if (*realname != NULL)
1857 {
1858 memcpy (*realname, buf, buflen);
1859 return fd;
1860 }
1861 else
1862 {
1863 /* No memory for the name, we certainly won't be able
1864 to load and link it. */
1865 __close (fd);
1866 return -1;
1867 }
1868 }
1869 if (here_any && (err = errno) != ENOENT && err != EACCES)
1870 /* The file exists and is readable, but something went wrong. */
1871 return -1;
1872
1873 /* Remember whether we found anything. */
1874 any |= here_any;
1875 }
1876 while (*++dirs != NULL);
1877
1878 /* Remove the whole path if none of the directories exists. */
1879 if (__glibc_unlikely (! any))
1880 {
1881 /* Paths which were allocated using the minimal malloc() in ld.so
1882 must not be freed using the general free() in libc. */
1883 if (sps->malloced)
1884 free (sps->dirs);
1885
1886 /* rtld_search_dirs is attribute_relro, therefore avoid writing
1887 into it. */
1888 if (sps != &rtld_search_dirs)
1889 sps->dirs = (void *) -1;
1890 }
1891
1892 return -1;
1893 }
1894
1895 /* Map in the shared object file NAME. */
1896
1897 struct link_map *
1898 internal_function
1899 _dl_map_object (struct link_map *loader, const char *name,
1900 int type, int trace_mode, int mode, Lmid_t nsid)
1901 {
1902 int fd;
1903 char *realname;
1904 char *name_copy;
1905 struct link_map *l;
1906 struct filebuf fb;
1907
1908 assert (nsid >= 0);
1909 assert (nsid < GL(dl_nns));
1910
1911 /* Look for this name among those already loaded. */
1912 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
1913 {
1914 /* If the requested name matches the soname of a loaded object,
1915 use that object. Elide this check for names that have not
1916 yet been opened. */
1917 if (__glibc_unlikely ((l->l_faked | l->l_removed) != 0))
1918 continue;
1919 if (!_dl_name_match_p (name, l))
1920 {
1921 const char *soname;
1922
1923 if (__glibc_likely (l->l_soname_added)
1924 || l->l_info[DT_SONAME] == NULL)
1925 continue;
1926
1927 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
1928 + l->l_info[DT_SONAME]->d_un.d_val);
1929 if (strcmp (name, soname) != 0)
1930 continue;
1931
1932 /* We have a match on a new name -- cache it. */
1933 add_name_to_object (l, soname);
1934 l->l_soname_added = 1;
1935 }
1936
1937 /* We have a match. */
1938 return l;
1939 }
1940
1941 /* Display information if we are debugging. */
1942 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)
1943 && loader != NULL)
1944 _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0
1945 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
1946 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
1947 name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns);
1948
1949 #ifdef SHARED
1950 /* Give the auditing libraries a chance to change the name before we
1951 try anything. */
1952 if (__glibc_unlikely (GLRO(dl_naudit) > 0)
1953 && (loader == NULL || loader->l_auditing == 0))
1954 {
1955 struct audit_ifaces *afct = GLRO(dl_audit);
1956 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1957 {
1958 if (afct->objsearch != NULL)
1959 {
1960 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1961 LA_SER_ORIG);
1962 if (name == NULL)
1963 {
1964 /* Do not try anything further. */
1965 fd = -1;
1966 goto no_file;
1967 }
1968 }
1969
1970 afct = afct->next;
1971 }
1972 }
1973 #endif
1974
1975 /* Will be true if we found a DSO which is of the other ELF class. */
1976 bool found_other_class = false;
1977
1978 if (strchr (name, '/') == NULL)
1979 {
1980 /* Search for NAME in several places. */
1981
1982 size_t namelen = strlen (name) + 1;
1983
1984 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
1985 _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid);
1986
1987 fd = -1;
1988
1989 /* When the object has the RUNPATH information we don't use any
1990 RPATHs. */
1991 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
1992 {
1993 /* This is the executable's map (if there is one). Make sure that
1994 we do not look at it twice. */
1995 struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
1996 bool did_main_map = false;
1997
1998 /* First try the DT_RPATH of the dependent object that caused NAME
1999 to be loaded. Then that object's dependent, and on up. */
2000 for (l = loader; l; l = l->l_loader)
2001 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2002 {
2003 fd = open_path (name, namelen, mode,
2004 &l->l_rpath_dirs,
2005 &realname, &fb, loader, LA_SER_RUNPATH,
2006 &found_other_class);
2007 if (fd != -1)
2008 break;
2009
2010 did_main_map |= l == main_map;
2011 }
2012
2013 /* If dynamically linked, try the DT_RPATH of the executable
2014 itself. NB: we do this for lookups in any namespace. */
2015 if (fd == -1 && !did_main_map
2016 && main_map != NULL && main_map->l_type != lt_loaded
2017 && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
2018 "RPATH"))
2019 fd = open_path (name, namelen, mode,
2020 &main_map->l_rpath_dirs,
2021 &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
2022 &found_other_class);
2023 }
2024
2025 /* Try the LD_LIBRARY_PATH environment variable. */
2026 if (fd == -1 && env_path_list.dirs != (void *) -1)
2027 fd = open_path (name, namelen, mode, &env_path_list,
2028 &realname, &fb,
2029 loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
2030 LA_SER_LIBPATH, &found_other_class);
2031
2032 /* Look at the RUNPATH information for this binary. */
2033 if (fd == -1 && loader != NULL
2034 && cache_rpath (loader, &loader->l_runpath_dirs,
2035 DT_RUNPATH, "RUNPATH"))
2036 fd = open_path (name, namelen, mode,
2037 &loader->l_runpath_dirs, &realname, &fb, loader,
2038 LA_SER_RUNPATH, &found_other_class);
2039
2040 #ifdef USE_LDCONFIG
2041 if (fd == -1
2042 && (__glibc_likely ((mode & __RTLD_SECURE) == 0)
2043 || ! __libc_enable_secure)
2044 && __glibc_likely (GLRO(dl_inhibit_cache) == 0))
2045 {
2046 /* Check the list of libraries in the file /etc/ld.so.cache,
2047 for compatibility with Linux's ldconfig program. */
2048 const char *cached = _dl_load_cache_lookup (name);
2049
2050 if (cached != NULL)
2051 {
2052 // XXX Correct to unconditionally default to namespace 0?
2053 l = (loader
2054 ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded
2055 # ifdef SHARED
2056 ?: &GL(dl_rtld_map)
2057 # endif
2058 );
2059
2060 /* If the loader has the DF_1_NODEFLIB flag set we must not
2061 use a cache entry from any of these directories. */
2062 if (__glibc_unlikely (l->l_flags_1 & DF_1_NODEFLIB))
2063 {
2064 const char *dirp = system_dirs;
2065 unsigned int cnt = 0;
2066
2067 do
2068 {
2069 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
2070 {
2071 /* The prefix matches. Don't use the entry. */
2072 cached = NULL;
2073 break;
2074 }
2075
2076 dirp += system_dirs_len[cnt] + 1;
2077 ++cnt;
2078 }
2079 while (cnt < nsystem_dirs_len);
2080 }
2081
2082 if (cached != NULL)
2083 {
2084 fd = open_verify (cached,
2085 &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded,
2086 LA_SER_CONFIG, mode, &found_other_class,
2087 false);
2088 if (__glibc_likely (fd != -1))
2089 {
2090 realname = __strdup (cached);
2091 if (realname == NULL)
2092 {
2093 __close (fd);
2094 fd = -1;
2095 }
2096 }
2097 }
2098 }
2099 }
2100 #endif
2101
2102 /* Finally, try the default path. */
2103 if (fd == -1
2104 && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
2105 || __glibc_likely (!(l->l_flags_1 & DF_1_NODEFLIB)))
2106 && rtld_search_dirs.dirs != (void *) -1)
2107 fd = open_path (name, namelen, mode, &rtld_search_dirs,
2108 &realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
2109
2110 /* Add another newline when we are tracing the library loading. */
2111 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
2112 _dl_debug_printf ("\n");
2113 }
2114 else
2115 {
2116 /* The path may contain dynamic string tokens. */
2117 realname = (loader
2118 ? expand_dynamic_string_token (loader, name, 0)
2119 : __strdup (name));
2120 if (realname == NULL)
2121 fd = -1;
2122 else
2123 {
2124 fd = open_verify (realname, &fb,
2125 loader ?: GL(dl_ns)[nsid]._ns_loaded, 0, mode,
2126 &found_other_class, true);
2127 if (__glibc_unlikely (fd == -1))
2128 free (realname);
2129 }
2130 }
2131
2132 #ifdef SHARED
2133 no_file:
2134 #endif
2135 /* In case the LOADER information has only been provided to get to
2136 the appropriate RUNPATH/RPATH information we do not need it
2137 anymore. */
2138 if (mode & __RTLD_CALLMAP)
2139 loader = NULL;
2140
2141 if (__glibc_unlikely (fd == -1))
2142 {
2143 if (trace_mode
2144 && __glibc_likely ((GLRO(dl_debug_mask) & DL_DEBUG_PRELINK) == 0))
2145 {
2146 /* We haven't found an appropriate library. But since we
2147 are only interested in the list of libraries this isn't
2148 so severe. Fake an entry with all the information we
2149 have. */
2150 static const Elf_Symndx dummy_bucket = STN_UNDEF;
2151
2152 /* Allocate a new object map. */
2153 if ((name_copy = __strdup (name)) == NULL
2154 || (l = _dl_new_object (name_copy, name, type, loader,
2155 mode, nsid)) == NULL)
2156 {
2157 free (name_copy);
2158 _dl_signal_error (ENOMEM, name, NULL,
2159 N_("cannot create shared object descriptor"));
2160 }
2161 /* Signal that this is a faked entry. */
2162 l->l_faked = 1;
2163 /* Since the descriptor is initialized with zero we do not
2164 have do this here.
2165 l->l_reserved = 0; */
2166 l->l_buckets = &dummy_bucket;
2167 l->l_nbuckets = 1;
2168 l->l_relocated = 1;
2169
2170 /* Enter the object in the object list. */
2171 _dl_add_to_namespace_list (l, nsid);
2172
2173 return l;
2174 }
2175 else if (found_other_class)
2176 _dl_signal_error (0, name, NULL,
2177 ELFW(CLASS) == ELFCLASS32
2178 ? N_("wrong ELF class: ELFCLASS64")
2179 : N_("wrong ELF class: ELFCLASS32"));
2180 else
2181 _dl_signal_error (errno, name, NULL,
2182 N_("cannot open shared object file"));
2183 }
2184
2185 void *stack_end = __libc_stack_end;
2186 return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode,
2187 &stack_end, nsid);
2188 }
2189
2190 struct add_path_state
2191 {
2192 bool counting;
2193 unsigned int idx;
2194 Dl_serinfo *si;
2195 char *allocptr;
2196 };
2197
2198 static void
2199 add_path (struct add_path_state *p, const struct r_search_path_struct *sps,
2200 unsigned int flags)
2201 {
2202 if (sps->dirs != (void *) -1)
2203 {
2204 struct r_search_path_elem **dirs = sps->dirs;
2205 do
2206 {
2207 const struct r_search_path_elem *const r = *dirs++;
2208 if (p->counting)
2209 {
2210 p->si->dls_cnt++;
2211 p->si->dls_size += MAX (2, r->dirnamelen);
2212 }
2213 else
2214 {
2215 Dl_serpath *const sp = &p->si->dls_serpath[p->idx++];
2216 sp->dls_name = p->allocptr;
2217 if (r->dirnamelen < 2)
2218 *p->allocptr++ = r->dirnamelen ? '/' : '.';
2219 else
2220 p->allocptr = __mempcpy (p->allocptr,
2221 r->dirname, r->dirnamelen - 1);
2222 *p->allocptr++ = '\0';
2223 sp->dls_flags = flags;
2224 }
2225 }
2226 while (*dirs != NULL);
2227 }
2228 }
2229
2230 void
2231 internal_function
2232 _dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting)
2233 {
2234 if (counting)
2235 {
2236 si->dls_cnt = 0;
2237 si->dls_size = 0;
2238 }
2239
2240 struct add_path_state p =
2241 {
2242 .counting = counting,
2243 .idx = 0,
2244 .si = si,
2245 .allocptr = (char *) &si->dls_serpath[si->dls_cnt]
2246 };
2247
2248 # define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */
2249
2250 /* When the object has the RUNPATH information we don't use any RPATHs. */
2251 if (loader->l_info[DT_RUNPATH] == NULL)
2252 {
2253 /* First try the DT_RPATH of the dependent object that caused NAME
2254 to be loaded. Then that object's dependent, and on up. */
2255
2256 struct link_map *l = loader;
2257 do
2258 {
2259 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2260 add_path (&p, &l->l_rpath_dirs, XXX_RPATH);
2261 l = l->l_loader;
2262 }
2263 while (l != NULL);
2264
2265 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2266 if (loader->l_ns == LM_ID_BASE)
2267 {
2268 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2269 if (l != NULL && l->l_type != lt_loaded && l != loader)
2270 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2271 add_path (&p, &l->l_rpath_dirs, XXX_RPATH);
2272 }
2273 }
2274
2275 /* Try the LD_LIBRARY_PATH environment variable. */
2276 add_path (&p, &env_path_list, XXX_ENV);
2277
2278 /* Look at the RUNPATH information for this binary. */
2279 if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH"))
2280 add_path (&p, &loader->l_runpath_dirs, XXX_RUNPATH);
2281
2282 /* XXX
2283 Here is where ld.so.cache gets checked, but we don't have
2284 a way to indicate that in the results for Dl_serinfo. */
2285
2286 /* Finally, try the default path. */
2287 if (!(loader->l_flags_1 & DF_1_NODEFLIB))
2288 add_path (&p, &rtld_search_dirs, XXX_default);
2289
2290 if (counting)
2291 /* Count the struct size before the string area, which we didn't
2292 know before we completed dls_cnt. */
2293 si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si;
2294 }
A mirror of the official glibc repository