1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2014 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
28 #include <bits/wordsize.h>
30 #include <sys/param.h>
32 #include <sys/types.h>
33 #include "dynamic-link.h"
35 #include <stackinfo.h>
38 #include <stap-probe.h>
42 #include <dl-map-segments.h>
43 #include <dl-unmap-segments.h>
47 #if BYTE_ORDER == BIG_ENDIAN
48 # define byteorder ELFDATA2MSB
49 #elif BYTE_ORDER == LITTLE_ENDIAN
50 # define byteorder ELFDATA2LSB
52 # error "Unknown BYTE_ORDER " BYTE_ORDER
53 # define byteorder ELFDATANONE
56 #define STRING(x) __STRING (x)
59 int __stack_prot attribute_hidden attribute_relro
60 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
62 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
69 /* Type for the buffer we put the ELF header and hopefully the program
70 header. This buffer does not really have to be too large. In most
71 cases the program header follows the ELF header directly. If this
72 is not the case all bets are off and we can make the header
73 arbitrarily large and still won't get it read. This means the only
74 question is how large are the ELF and program header combined. The
75 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
76 bytes long. Each program header entry is again 32 and 56 bytes
77 long respectively. I.e., even with a file which has 10 program
78 header entries we only have to read 372B/624B respectively. Add to
79 this a bit of margin for program notes and reading 512B and 832B
80 for 32-bit and 64-bit files respecitvely is enough. If this
81 heuristic should really fail for some file the code in
82 `_dl_map_object_from_fd' knows how to recover. */
87 # define FILEBUF_SIZE 512
89 # define FILEBUF_SIZE 832
91 char buf
[FILEBUF_SIZE
] __attribute__ ((aligned (__alignof (ElfW(Ehdr
)))));
94 /* This is the decomposed LD_LIBRARY_PATH search path. */
95 static struct r_search_path_struct env_path_list attribute_relro
;
97 /* List of the hardware capabilities we might end up using. */
98 static const struct r_strlenpair
*capstr attribute_relro
;
99 static size_t ncapstr attribute_relro
;
100 static size_t max_capstrlen attribute_relro
;
103 /* Get the generated information about the trusted directories. */
104 #include "trusted-dirs.h"
106 static const char system_dirs
[] = SYSTEM_DIRS
;
107 static const size_t system_dirs_len
[] =
111 #define nsystem_dirs_len \
112 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
116 is_trusted_path (const char *path
, size_t len
)
118 const char *trun
= system_dirs
;
120 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
122 if (len
== system_dirs_len
[idx
] && memcmp (trun
, path
, len
) == 0)
126 trun
+= system_dirs_len
[idx
] + 1;
134 is_trusted_path_normalize (const char *path
, size_t len
)
145 char *npath
= (char *) alloca (len
+ 2);
147 while (*path
!= '\0')
153 if (path
[2] == '.' && (path
[3] == '/' || path
[3] == '\0'))
155 while (wnp
> npath
&& *--wnp
!= '/')
160 else if (path
[2] == '/' || path
[2] == '\0')
167 if (wnp
> npath
&& wnp
[-1] == '/')
177 if (wnp
== npath
|| wnp
[-1] != '/')
180 const char *trun
= system_dirs
;
182 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
184 if (wnp
- npath
>= system_dirs_len
[idx
]
185 && memcmp (trun
, npath
, system_dirs_len
[idx
]) == 0)
189 trun
+= system_dirs_len
[idx
] + 1;
197 is_dst (const char *start
, const char *name
, const char *str
,
198 int is_path
, int secure
)
201 bool is_curly
= false;
210 while (name
[len
] == str
[len
] && name
[len
] != '\0')
215 if (name
[len
] != '}')
218 /* Point again at the beginning of the name. */
220 /* Skip over closing curly brace and adjust for the --name. */
223 else if (name
[len
] != '\0' && name
[len
] != '/'
224 && (!is_path
|| name
[len
] != ':'))
227 if (__glibc_unlikely (secure
)
228 && ((name
[len
] != '\0' && name
[len
] != '/'
229 && (!is_path
|| name
[len
] != ':'))
230 || (name
!= start
+ 1 && (!is_path
|| name
[-2] != ':'))))
238 _dl_dst_count (const char *name
, int is_path
)
240 const char *const start
= name
;
247 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
248 is $ORIGIN alone) and it must always appear first in path. */
250 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
251 __libc_enable_secure
)) != 0
252 || (len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0
253 || (len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
256 name
= strchr (name
+ len
, '$');
258 while (name
!= NULL
);
265 _dl_dst_substitute (struct link_map
*l
, const char *name
, char *result
,
268 const char *const start
= name
;
270 /* Now fill the result path. While copying over the string we keep
271 track of the start of the last path element. When we come across
272 a DST we copy over the value or (if the value is not available)
273 leave the entire path element out. */
275 char *last_elem
= result
;
276 bool check_for_trusted
= false;
280 if (__glibc_unlikely (*name
== '$'))
282 const char *repl
= NULL
;
286 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
287 __libc_enable_secure
)) != 0)
290 check_for_trusted
= (__libc_enable_secure
291 && l
->l_type
== lt_executable
);
293 else if ((len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0)
294 repl
= GLRO(dl_platform
);
295 else if ((len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
298 if (repl
!= NULL
&& repl
!= (const char *) -1)
300 wp
= __stpcpy (wp
, repl
);
305 /* We cannot use this path element, the value of the
306 replacement is unknown. */
309 while (*name
!= '\0' && (!is_path
|| *name
!= ':'))
311 /* Also skip following colon if this is the first rpath
312 element, but keep an empty element at the end. */
313 if (wp
== result
&& is_path
&& *name
== ':' && name
[1] != '\0')
317 /* No DST we recognize. */
323 if (is_path
&& *name
== ':')
325 /* In SUID/SGID programs, after $ORIGIN expansion the
326 normalized path must be rooted in one of the trusted
328 if (__glibc_unlikely (check_for_trusted
)
329 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
334 check_for_trusted
= false;
338 while (*name
!= '\0');
340 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
341 path must be rooted in one of the trusted directories. */
342 if (__glibc_unlikely (check_for_trusted
)
343 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
352 /* Return copy of argument with all recognized dynamic string tokens
353 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
354 might not be possible to determine the path from which the object
355 belonging to the map is loaded. In this case the path element
356 containing $ORIGIN is left out. */
358 expand_dynamic_string_token (struct link_map
*l
, const char *s
, int is_path
)
360 /* We make two runs over the string. First we determine how large the
361 resulting string is and then we copy it over. Since this is no
362 frequently executed operation we are looking here not for performance
363 but rather for code size. */
368 /* Determine the number of DST elements. */
369 cnt
= DL_DST_COUNT (s
, is_path
);
371 /* If we do not have to replace anything simply copy the string. */
372 if (__glibc_likely (cnt
== 0))
375 /* Determine the length of the substituted string. */
376 total
= DL_DST_REQUIRED (l
, s
, strlen (s
), cnt
);
378 /* Allocate the necessary memory. */
379 result
= (char *) malloc (total
+ 1);
383 return _dl_dst_substitute (l
, s
, result
, is_path
);
387 /* Add `name' to the list of names for a particular shared object.
388 `name' is expected to have been allocated with malloc and will
389 be freed if the shared object already has this name.
390 Returns false if the object already had this name. */
393 add_name_to_object (struct link_map
*l
, const char *name
)
395 struct libname_list
*lnp
, *lastp
;
396 struct libname_list
*newname
;
400 for (lnp
= l
->l_libname
; lnp
!= NULL
; lastp
= lnp
, lnp
= lnp
->next
)
401 if (strcmp (name
, lnp
->name
) == 0)
404 name_len
= strlen (name
) + 1;
405 newname
= (struct libname_list
*) malloc (sizeof *newname
+ name_len
);
408 /* No more memory. */
409 _dl_signal_error (ENOMEM
, name
, NULL
, N_("cannot allocate name record"));
412 /* The object should have a libname set from _dl_new_object. */
413 assert (lastp
!= NULL
);
415 newname
->name
= memcpy (newname
+ 1, name
, name_len
);
416 newname
->next
= NULL
;
417 newname
->dont_free
= 0;
418 lastp
->next
= newname
;
421 /* Standard search directories. */
422 static struct r_search_path_struct rtld_search_dirs attribute_relro
;
424 static size_t max_dirnamelen
;
426 static struct r_search_path_elem
**
427 fillin_rpath (char *rpath
, struct r_search_path_elem
**result
, const char *sep
,
428 int check_trusted
, const char *what
, const char *where
,
435 while ((cp
= __strsep (&rpath
, sep
)) != NULL
)
437 struct r_search_path_elem
*dirp
;
439 to_free
= cp
= expand_dynamic_string_token (l
, cp
, 1);
441 size_t len
= strlen (cp
);
443 /* `strsep' can pass an empty string. This has to be
444 interpreted as `use the current directory'. */
447 static const char curwd
[] = "./";
451 /* Remove trailing slashes (except for "/"). */
452 while (len
> 1 && cp
[len
- 1] == '/')
455 /* Now add one if there is none so far. */
456 if (len
> 0 && cp
[len
- 1] != '/')
459 /* Make sure we don't use untrusted directories if we run SUID. */
460 if (__glibc_unlikely (check_trusted
) && !is_trusted_path (cp
, len
))
466 /* See if this directory is already known. */
467 for (dirp
= GL(dl_all_dirs
); dirp
!= NULL
; dirp
= dirp
->next
)
468 if (dirp
->dirnamelen
== len
&& memcmp (cp
, dirp
->dirname
, len
) == 0)
473 /* It is available, see whether it's on our own list. */
475 for (cnt
= 0; cnt
< nelems
; ++cnt
)
476 if (result
[cnt
] == dirp
)
480 result
[nelems
++] = dirp
;
485 enum r_dir_status init_val
;
486 size_t where_len
= where
? strlen (where
) + 1 : 0;
488 /* It's a new directory. Create an entry and add it. */
489 dirp
= (struct r_search_path_elem
*)
490 malloc (sizeof (*dirp
) + ncapstr
* sizeof (enum r_dir_status
)
491 + where_len
+ len
+ 1);
493 _dl_signal_error (ENOMEM
, NULL
, NULL
,
494 N_("cannot create cache for search path"));
496 dirp
->dirname
= ((char *) dirp
+ sizeof (*dirp
)
497 + ncapstr
* sizeof (enum r_dir_status
));
498 *((char *) __mempcpy ((char *) dirp
->dirname
, cp
, len
)) = '\0';
499 dirp
->dirnamelen
= len
;
501 if (len
> max_dirnamelen
)
502 max_dirnamelen
= len
;
504 /* We have to make sure all the relative directories are
505 never ignored. The current directory might change and
506 all our saved information would be void. */
507 init_val
= cp
[0] != '/' ? existing
: unknown
;
508 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
509 dirp
->status
[cnt
] = init_val
;
512 if (__glibc_likely (where
!= NULL
))
513 dirp
->where
= memcpy ((char *) dirp
+ sizeof (*dirp
) + len
+ 1
514 + (ncapstr
* sizeof (enum r_dir_status
)),
519 dirp
->next
= GL(dl_all_dirs
);
520 GL(dl_all_dirs
) = dirp
;
522 /* Put it in the result array. */
523 result
[nelems
++] = dirp
;
528 /* Terminate the array. */
529 result
[nelems
] = NULL
;
537 decompose_rpath (struct r_search_path_struct
*sps
,
538 const char *rpath
, struct link_map
*l
, const char *what
)
540 /* Make a copy we can work with. */
541 const char *where
= l
->l_name
;
544 struct r_search_path_elem
**result
;
546 /* Initialize to please the compiler. */
547 const char *errstring
= NULL
;
549 /* First see whether we must forget the RUNPATH and RPATH from this
551 if (__glibc_unlikely (GLRO(dl_inhibit_rpath
) != NULL
)
552 && !__libc_enable_secure
)
554 const char *inhp
= GLRO(dl_inhibit_rpath
);
558 const char *wp
= where
;
560 while (*inhp
== *wp
&& *wp
!= '\0')
566 if (*wp
== '\0' && (*inhp
== '\0' || *inhp
== ':'))
568 /* This object is on the list of objects for which the
569 RUNPATH and RPATH must not be used. */
570 sps
->dirs
= (void *) -1;
574 while (*inhp
!= '\0')
578 while (*inhp
!= '\0');
581 /* Make a writable copy. */
582 copy
= __strdup (rpath
);
585 errstring
= N_("cannot create RUNPATH/RPATH copy");
589 /* Ignore empty rpaths. */
593 sps
->dirs
= (struct r_search_path_elem
**) -1;
597 /* Count the number of necessary elements in the result array. */
599 for (cp
= copy
; *cp
!= '\0'; ++cp
)
603 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
604 number of necessary entries. */
605 result
= (struct r_search_path_elem
**) malloc ((nelems
+ 1 + 1)
610 errstring
= N_("cannot create cache for search path");
612 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
615 fillin_rpath (copy
, result
, ":", 0, what
, where
, l
);
617 /* Free the copied RPATH string. `fillin_rpath' make own copies if
622 /* The caller will change this value if we haven't used a real malloc. */
627 /* Make sure cached path information is stored in *SP
628 and return true if there are any paths to search there. */
630 cache_rpath (struct link_map
*l
,
631 struct r_search_path_struct
*sp
,
635 if (sp
->dirs
== (void *) -1)
638 if (sp
->dirs
!= NULL
)
641 if (l
->l_info
[tag
] == NULL
)
643 /* There is no path. */
644 sp
->dirs
= (void *) -1;
648 /* Make sure the cache information is available. */
649 return decompose_rpath (sp
, (const char *) (D_PTR (l
, l_info
[DT_STRTAB
])
650 + l
->l_info
[tag
]->d_un
.d_val
),
657 _dl_init_paths (const char *llp
)
661 struct r_search_path_elem
*pelem
, **aelem
;
663 struct link_map
__attribute__ ((unused
)) *l
= NULL
;
664 /* Initialize to please the compiler. */
665 const char *errstring
= NULL
;
667 /* Fill in the information about the application's RPATH and the
668 directories addressed by the LD_LIBRARY_PATH environment variable. */
670 /* Get the capabilities. */
671 capstr
= _dl_important_hwcaps (GLRO(dl_platform
), GLRO(dl_platformlen
),
672 &ncapstr
, &max_capstrlen
);
674 /* First set up the rest of the default search directory entries. */
675 aelem
= rtld_search_dirs
.dirs
= (struct r_search_path_elem
**)
676 malloc ((nsystem_dirs_len
+ 1) * sizeof (struct r_search_path_elem
*));
677 if (rtld_search_dirs
.dirs
== NULL
)
679 errstring
= N_("cannot create search path array");
681 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
684 round_size
= ((2 * sizeof (struct r_search_path_elem
) - 1
685 + ncapstr
* sizeof (enum r_dir_status
))
686 / sizeof (struct r_search_path_elem
));
688 rtld_search_dirs
.dirs
[0] = (struct r_search_path_elem
*)
689 malloc ((sizeof (system_dirs
) / sizeof (system_dirs
[0]))
690 * round_size
* sizeof (struct r_search_path_elem
));
691 if (rtld_search_dirs
.dirs
[0] == NULL
)
693 errstring
= N_("cannot create cache for search path");
697 rtld_search_dirs
.malloced
= 0;
698 pelem
= GL(dl_all_dirs
) = rtld_search_dirs
.dirs
[0];
708 pelem
->what
= "system search path";
711 pelem
->dirname
= strp
;
712 pelem
->dirnamelen
= system_dirs_len
[idx
];
713 strp
+= system_dirs_len
[idx
] + 1;
715 /* System paths must be absolute. */
716 assert (pelem
->dirname
[0] == '/');
717 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
718 pelem
->status
[cnt
] = unknown
;
720 pelem
->next
= (++idx
== nsystem_dirs_len
? NULL
: (pelem
+ round_size
));
724 while (idx
< nsystem_dirs_len
);
726 max_dirnamelen
= SYSTEM_DIRS_MAX_LEN
;
730 /* This points to the map of the main object. */
731 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
734 assert (l
->l_type
!= lt_loaded
);
736 if (l
->l_info
[DT_RUNPATH
])
738 /* Allocate room for the search path and fill in information
740 decompose_rpath (&l
->l_runpath_dirs
,
741 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
742 + l
->l_info
[DT_RUNPATH
]->d_un
.d_val
),
744 /* During rtld init the memory is allocated by the stub malloc,
745 prevent any attempt to free it by the normal malloc. */
746 l
->l_runpath_dirs
.malloced
= 0;
748 /* The RPATH is ignored. */
749 l
->l_rpath_dirs
.dirs
= (void *) -1;
753 l
->l_runpath_dirs
.dirs
= (void *) -1;
755 if (l
->l_info
[DT_RPATH
])
757 /* Allocate room for the search path and fill in information
759 decompose_rpath (&l
->l_rpath_dirs
,
760 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
761 + l
->l_info
[DT_RPATH
]->d_un
.d_val
),
763 /* During rtld init the memory is allocated by the stub
764 malloc, prevent any attempt to free it by the normal
766 l
->l_rpath_dirs
.malloced
= 0;
769 l
->l_rpath_dirs
.dirs
= (void *) -1;
774 if (llp
!= NULL
&& *llp
!= '\0')
777 const char *cp
= llp
;
782 size_t cnt
= DL_DST_COUNT (llp
, 1);
783 if (__glibc_likely (cnt
== 0))
784 llp_tmp
= strdupa (llp
);
787 /* Determine the length of the substituted string. */
788 size_t total
= DL_DST_REQUIRED (l
, llp
, strlen (llp
), cnt
);
790 /* Allocate the necessary memory. */
791 llp_tmp
= (char *) alloca (total
+ 1);
792 llp_tmp
= _dl_dst_substitute (l
, llp
, llp_tmp
, 1);
795 llp_tmp
= strdupa (llp
);
798 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
803 if (*cp
== ':' || *cp
== ';')
808 env_path_list
.dirs
= (struct r_search_path_elem
**)
809 malloc ((nllp
+ 1) * sizeof (struct r_search_path_elem
*));
810 if (env_path_list
.dirs
== NULL
)
812 errstring
= N_("cannot create cache for search path");
816 (void) fillin_rpath (llp_tmp
, env_path_list
.dirs
, ":;",
817 __libc_enable_secure
, "LD_LIBRARY_PATH",
820 if (env_path_list
.dirs
[0] == NULL
)
822 free (env_path_list
.dirs
);
823 env_path_list
.dirs
= (void *) -1;
826 env_path_list
.malloced
= 0;
829 env_path_list
.dirs
= (void *) -1;
834 __attribute__ ((noreturn
, noinline
))
835 lose (int code
, int fd
, const char *name
, char *realname
, struct link_map
*l
,
836 const char *msg
, struct r_debug
*r
, Lmid_t nsid
)
838 /* The file might already be closed. */
841 if (l
!= NULL
&& l
->l_origin
!= (char *) -1l)
842 free ((char *) l
->l_origin
);
848 r
->r_state
= RT_CONSISTENT
;
850 LIBC_PROBE (map_failed
, 2, nsid
, r
);
853 _dl_signal_error (code
, name
, NULL
, msg
);
857 /* Map in the shared object NAME, actually located in REALNAME, and already
860 #ifndef EXTERNAL_MAP_FROM_FD
864 _dl_map_object_from_fd (const char *name
, int fd
, struct filebuf
*fbp
,
865 char *realname
, struct link_map
*loader
, int l_type
,
866 int mode
, void **stack_endp
, Lmid_t nsid
)
868 struct link_map
*l
= NULL
;
869 const ElfW(Ehdr
) *header
;
870 const ElfW(Phdr
) *phdr
;
871 const ElfW(Phdr
) *ph
;
875 /* Initialize to keep the compiler happy. */
876 const char *errstring
= NULL
;
878 struct r_debug
*r
= _dl_debug_initialize (0, nsid
);
879 bool make_consistent
= false;
881 /* Get file information. */
882 if (__glibc_unlikely (__fxstat64 (_STAT_VER
, fd
, &st
) < 0))
884 errstring
= N_("cannot stat shared object");
888 lose (errval
, fd
, name
, realname
, l
, errstring
,
889 make_consistent
? r
: NULL
, nsid
);
892 /* Look again to see if the real name matched another already loaded. */
893 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
894 if (l
->l_removed
== 0 && l
->l_ino
== st
.st_ino
&& l
->l_dev
== st
.st_dev
)
896 /* The object is already loaded.
897 Just bump its reference count and return it. */
900 /* If the name is not in the list of names for this object add
903 add_name_to_object (l
, name
);
909 /* When loading into a namespace other than the base one we must
910 avoid loading ld.so since there can only be one copy. Ever. */
911 if (__glibc_unlikely (nsid
!= LM_ID_BASE
)
912 && ((st
.st_ino
== GL(dl_rtld_map
).l_ino
913 && st
.st_dev
== GL(dl_rtld_map
).l_dev
)
914 || _dl_name_match_p (name
, &GL(dl_rtld_map
))))
916 /* This is indeed ld.so. Create a new link_map which refers to
917 the real one for almost everything. */
918 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
922 /* Refer to the real descriptor. */
923 l
->l_real
= &GL(dl_rtld_map
);
925 /* No need to bump the refcount of the real object, ld.so will
926 never be unloaded. */
929 /* Add the map for the mirrored object to the object list. */
930 _dl_add_to_namespace_list (l
, nsid
);
936 if (mode
& RTLD_NOLOAD
)
938 /* We are not supposed to load the object unless it is already
939 loaded. So return now. */
945 /* Print debugging message. */
946 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
947 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name
, nsid
);
949 /* This is the ELF header. We read it in `open_verify'. */
950 header
= (void *) fbp
->buf
;
954 if (_dl_zerofd
== -1)
956 _dl_zerofd
= _dl_sysdep_open_zero_fill ();
957 if (_dl_zerofd
== -1)
961 _dl_signal_error (errno
, NULL
, NULL
,
962 N_("cannot open zero fill device"));
967 /* Signal that we are going to add new objects. */
968 if (r
->r_state
== RT_CONSISTENT
)
971 /* Auditing checkpoint: we are going to add new objects. */
972 if ((mode
& __RTLD_AUDIT
) == 0
973 && __glibc_unlikely (GLRO(dl_naudit
) > 0))
975 struct link_map
*head
= GL(dl_ns
)[nsid
]._ns_loaded
;
976 /* Do not call the functions for any auditing object. */
977 if (head
->l_auditing
== 0)
979 struct audit_ifaces
*afct
= GLRO(dl_audit
);
980 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
982 if (afct
->activity
!= NULL
)
983 afct
->activity (&head
->l_audit
[cnt
].cookie
, LA_ACT_ADD
);
991 /* Notify the debugger we have added some objects. We need to
992 call _dl_debug_initialize in a static program in case dynamic
993 linking has not been used before. */
996 LIBC_PROBE (map_start
, 2, nsid
, r
);
997 make_consistent
= true;
1000 assert (r
->r_state
== RT_ADD
);
1002 /* Enter the new object in the list of loaded objects. */
1003 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
1004 if (__glibc_unlikely (l
== NULL
))
1009 errstring
= N_("cannot create shared object descriptor");
1010 goto call_lose_errno
;
1013 /* Extract the remaining details we need from the ELF header
1014 and then read in the program header table. */
1015 l
->l_entry
= header
->e_entry
;
1016 type
= header
->e_type
;
1017 l
->l_phnum
= header
->e_phnum
;
1019 maplength
= header
->e_phnum
* sizeof (ElfW(Phdr
));
1020 if (header
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1021 phdr
= (void *) (fbp
->buf
+ header
->e_phoff
);
1024 phdr
= alloca (maplength
);
1025 __lseek (fd
, header
->e_phoff
, SEEK_SET
);
1026 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1028 errstring
= N_("cannot read file data");
1029 goto call_lose_errno
;
1033 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1034 * executable. Other platforms default to a nonexecutable stack and don't
1035 * need PT_GNU_STACK to do so. */
1036 uint_fast16_t stack_flags
= DEFAULT_STACK_PERMS
;
1039 /* Scan the program header table, collecting its load commands. */
1040 struct loadcmd loadcmds
[l
->l_phnum
];
1041 size_t nloadcmds
= 0;
1042 bool has_holes
= false;
1044 /* The struct is initialized to zero so this is not necessary:
1048 for (ph
= phdr
; ph
< &phdr
[l
->l_phnum
]; ++ph
)
1051 /* These entries tell us where to find things once the file's
1052 segments are mapped in. We record the addresses it says
1053 verbatim, and later correct for the run-time load address. */
1055 l
->l_ld
= (void *) ph
->p_vaddr
;
1056 l
->l_ldnum
= ph
->p_memsz
/ sizeof (ElfW(Dyn
));
1060 l
->l_phdr
= (void *) ph
->p_vaddr
;
1064 /* A load command tells us to map in part of the file.
1065 We record the load commands and process them all later. */
1066 if (__glibc_unlikely ((ph
->p_align
& (GLRO(dl_pagesize
) - 1)) != 0))
1068 errstring
= N_("ELF load command alignment not page-aligned");
1071 if (__glibc_unlikely (((ph
->p_vaddr
- ph
->p_offset
)
1072 & (ph
->p_align
- 1)) != 0))
1075 = N_("ELF load command address/offset not properly aligned");
1079 struct loadcmd
*c
= &loadcmds
[nloadcmds
++];
1080 c
->mapstart
= ph
->p_vaddr
& ~(GLRO(dl_pagesize
) - 1);
1081 c
->mapend
= ((ph
->p_vaddr
+ ph
->p_filesz
+ GLRO(dl_pagesize
) - 1)
1082 & ~(GLRO(dl_pagesize
) - 1));
1083 c
->dataend
= ph
->p_vaddr
+ ph
->p_filesz
;
1084 c
->allocend
= ph
->p_vaddr
+ ph
->p_memsz
;
1085 c
->mapoff
= ph
->p_offset
& ~(GLRO(dl_pagesize
) - 1);
1087 /* Determine whether there is a gap between the last segment
1089 if (nloadcmds
> 1 && c
[-1].mapend
!= c
->mapstart
)
1092 /* Optimize a common case. */
1093 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1094 c
->prot
= (PF_TO_PROT
1095 >> ((ph
->p_flags
& (PF_R
| PF_W
| PF_X
)) * 4)) & 0xf;
1098 if (ph
->p_flags
& PF_R
)
1099 c
->prot
|= PROT_READ
;
1100 if (ph
->p_flags
& PF_W
)
1101 c
->prot
|= PROT_WRITE
;
1102 if (ph
->p_flags
& PF_X
)
1103 c
->prot
|= PROT_EXEC
;
1108 if (ph
->p_memsz
== 0)
1109 /* Nothing to do for an empty segment. */
1112 l
->l_tls_blocksize
= ph
->p_memsz
;
1113 l
->l_tls_align
= ph
->p_align
;
1114 if (ph
->p_align
== 0)
1115 l
->l_tls_firstbyte_offset
= 0;
1117 l
->l_tls_firstbyte_offset
= ph
->p_vaddr
& (ph
->p_align
- 1);
1118 l
->l_tls_initimage_size
= ph
->p_filesz
;
1119 /* Since we don't know the load address yet only store the
1120 offset. We will adjust it later. */
1121 l
->l_tls_initimage
= (void *) ph
->p_vaddr
;
1123 /* If not loading the initial set of shared libraries,
1124 check whether we should permit loading a TLS segment. */
1125 if (__glibc_likely (l
->l_type
== lt_library
)
1126 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1127 not set up TLS data structures, so don't use them now. */
1128 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list
) != NULL
))
1130 /* Assign the next available module ID. */
1131 l
->l_tls_modid
= _dl_next_tls_modid ();
1136 if (l
->l_prev
== NULL
|| (mode
& __RTLD_AUDIT
) != 0)
1137 /* We are loading the executable itself when the dynamic linker
1138 was executed directly. The setup will happen later. */
1141 # ifdef _LIBC_REENTRANT
1142 /* In a static binary there is no way to tell if we dynamically
1143 loaded libpthread. */
1144 if (GL(dl_error_catch_tsd
) == &_dl_initial_error_catch_tsd
)
1148 /* We have not yet loaded libpthread.
1149 We can do the TLS setup right now! */
1153 /* The first call allocates TLS bookkeeping data structures.
1154 Then we allocate the TCB for the initial thread. */
1155 if (__glibc_unlikely (_dl_tls_setup ())
1156 || __glibc_unlikely ((tcb
= _dl_allocate_tls (NULL
)) == NULL
))
1160 cannot allocate TLS data structures for initial thread");
1164 /* Now we install the TCB in the thread register. */
1165 errstring
= TLS_INIT_TP (tcb
);
1166 if (__glibc_likely (errstring
== NULL
))
1168 /* Now we are all good. */
1169 l
->l_tls_modid
= ++GL(dl_tls_max_dtv_idx
);
1173 /* The kernel is too old or somesuch. */
1175 _dl_deallocate_tls (tcb
, 1);
1179 /* Uh-oh, the binary expects TLS support but we cannot
1182 errstring
= N_("cannot handle TLS data");
1187 stack_flags
= ph
->p_flags
;
1191 l
->l_relro_addr
= ph
->p_vaddr
;
1192 l
->l_relro_size
= ph
->p_memsz
;
1196 if (__glibc_unlikely (nloadcmds
== 0))
1198 /* This only happens for a bogus object that will be caught with
1199 another error below. But we don't want to go through the
1200 calculations below using NLOADCMDS - 1. */
1201 errstring
= N_("object file has no loadable segments");
1205 if (__glibc_unlikely (type
!= ET_DYN
)
1206 && __glibc_unlikely ((mode
& __RTLD_OPENEXEC
) == 0))
1208 /* This object is loaded at a fixed address. This must never
1209 happen for objects loaded with dlopen. */
1210 errstring
= N_("cannot dynamically load executable");
1214 /* Length of the sections to be loaded. */
1215 maplength
= loadcmds
[nloadcmds
- 1].allocend
- loadcmds
[0].mapstart
;
1217 /* Now process the load commands and map segments into memory.
1218 This is responsible for filling in:
1219 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1221 errstring
= _dl_map_segments (l
, fd
, header
, type
, loadcmds
, nloadcmds
,
1222 maplength
, has_holes
, loader
);
1223 if (__glibc_unlikely (errstring
!= NULL
))
1229 if (__glibc_unlikely (type
== ET_DYN
))
1231 errstring
= N_("object file has no dynamic section");
1236 l
->l_ld
= (ElfW(Dyn
) *) ((ElfW(Addr
)) l
->l_ld
+ l
->l_addr
);
1238 elf_get_dynamic_info (l
, NULL
);
1240 /* Make sure we are not dlopen'ing an object that has the
1241 DF_1_NOOPEN flag set. */
1242 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NOOPEN
)
1243 && (mode
& __RTLD_DLOPEN
))
1245 /* We are not supposed to load this object. Free all resources. */
1246 _dl_unmap_segments (l
);
1248 if (!l
->l_libname
->dont_free
)
1249 free (l
->l_libname
);
1251 if (l
->l_phdr_allocated
)
1252 free ((void *) l
->l_phdr
);
1254 errstring
= N_("shared object cannot be dlopen()ed");
1258 if (l
->l_phdr
== NULL
)
1260 /* The program header is not contained in any of the segments.
1261 We have to allocate memory ourself and copy it over from out
1263 ElfW(Phdr
) *newp
= (ElfW(Phdr
) *) malloc (header
->e_phnum
1264 * sizeof (ElfW(Phdr
)));
1267 errstring
= N_("cannot allocate memory for program header");
1268 goto call_lose_errno
;
1271 l
->l_phdr
= memcpy (newp
, phdr
,
1272 (header
->e_phnum
* sizeof (ElfW(Phdr
))));
1273 l
->l_phdr_allocated
= 1;
1276 /* Adjust the PT_PHDR value by the runtime load address. */
1277 l
->l_phdr
= (ElfW(Phdr
) *) ((ElfW(Addr
)) l
->l_phdr
+ l
->l_addr
);
1279 if (__glibc_unlikely ((stack_flags
&~ GL(dl_stack_flags
)) & PF_X
))
1281 if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso
) != 0))
1283 errstring
= N_("invalid caller");
1287 /* The stack is presently not executable, but this module
1288 requires that it be executable. We must change the
1289 protection of the variable which contains the flags used in
1290 the mprotect calls. */
1292 if ((mode
& (__RTLD_DLOPEN
| __RTLD_AUDIT
)) == __RTLD_DLOPEN
)
1294 const uintptr_t p
= (uintptr_t) &__stack_prot
& -GLRO(dl_pagesize
);
1295 const size_t s
= (uintptr_t) (&__stack_prot
+ 1) - p
;
1297 struct link_map
*const m
= &GL(dl_rtld_map
);
1298 const uintptr_t relro_end
= ((m
->l_addr
+ m
->l_relro_addr
1300 & -GLRO(dl_pagesize
));
1301 if (__glibc_likely (p
+ s
<= relro_end
))
1303 /* The variable lies in the region protected by RELRO. */
1304 if (__mprotect ((void *) p
, s
, PROT_READ
|PROT_WRITE
) < 0)
1306 errstring
= N_("cannot change memory protections");
1307 goto call_lose_errno
;
1309 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1310 __mprotect ((void *) p
, s
, PROT_READ
);
1313 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1317 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1319 #ifdef check_consistency
1320 check_consistency ();
1323 errval
= (*GL(dl_make_stack_executable_hook
)) (stack_endp
);
1327 cannot enable executable stack as shared object requires");
1332 /* Adjust the address of the TLS initialization image. */
1333 if (l
->l_tls_initimage
!= NULL
)
1334 l
->l_tls_initimage
= (char *) l
->l_tls_initimage
+ l
->l_addr
;
1336 /* We are done mapping in the file. We no longer need the descriptor. */
1337 if (__glibc_unlikely (__close (fd
) != 0))
1339 errstring
= N_("cannot close file descriptor");
1340 goto call_lose_errno
;
1342 /* Signal that we closed the file. */
1345 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1346 assert (type
!= ET_EXEC
|| l
->l_type
== lt_executable
);
1348 l
->l_entry
+= l
->l_addr
;
1350 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
1351 _dl_debug_printf ("\
1352 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1353 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1354 (int) sizeof (void *) * 2,
1355 (unsigned long int) l
->l_ld
,
1356 (int) sizeof (void *) * 2,
1357 (unsigned long int) l
->l_addr
,
1358 (int) sizeof (void *) * 2, maplength
,
1359 (int) sizeof (void *) * 2,
1360 (unsigned long int) l
->l_entry
,
1361 (int) sizeof (void *) * 2,
1362 (unsigned long int) l
->l_phdr
,
1363 (int) sizeof (void *) * 2, l
->l_phnum
);
1365 /* Set up the symbol hash table. */
1368 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1369 have to do this for the main map. */
1370 if ((mode
& RTLD_DEEPBIND
) == 0
1371 && __glibc_unlikely (l
->l_info
[DT_SYMBOLIC
] != NULL
)
1372 && &l
->l_searchlist
!= l
->l_scope
[0])
1374 /* Create an appropriate searchlist. It contains only this map.
1375 This is the definition of DT_SYMBOLIC in SysVr4. */
1376 l
->l_symbolic_searchlist
.r_list
[0] = l
;
1377 l
->l_symbolic_searchlist
.r_nlist
= 1;
1379 /* Now move the existing entries one back. */
1380 memmove (&l
->l_scope
[1], &l
->l_scope
[0],
1381 (l
->l_scope_max
- 1) * sizeof (l
->l_scope
[0]));
1383 /* Now add the new entry. */
1384 l
->l_scope
[0] = &l
->l_symbolic_searchlist
;
1387 /* Remember whether this object must be initialized first. */
1388 if (l
->l_flags_1
& DF_1_INITFIRST
)
1389 GL(dl_initfirst
) = l
;
1391 /* Finally the file information. */
1392 l
->l_dev
= st
.st_dev
;
1393 l
->l_ino
= st
.st_ino
;
1395 /* When we profile the SONAME might be needed for something else but
1396 loading. Add it right away. */
1397 if (__glibc_unlikely (GLRO(dl_profile
) != NULL
)
1398 && l
->l_info
[DT_SONAME
] != NULL
)
1399 add_name_to_object (l
, ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1400 + l
->l_info
[DT_SONAME
]->d_un
.d_val
));
1402 #ifdef DL_AFTER_LOAD
1406 /* Now that the object is fully initialized add it to the object list. */
1407 _dl_add_to_namespace_list (l
, nsid
);
1410 /* Auditing checkpoint: we have a new object. */
1411 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1412 && !GL(dl_ns
)[l
->l_ns
]._ns_loaded
->l_auditing
)
1414 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1415 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1417 if (afct
->objopen
!= NULL
)
1419 l
->l_audit
[cnt
].bindflags
1420 = afct
->objopen (l
, nsid
, &l
->l_audit
[cnt
].cookie
);
1422 l
->l_audit_any_plt
|= l
->l_audit
[cnt
].bindflags
!= 0;
1433 /* Print search path. */
1435 print_search_path (struct r_search_path_elem
**list
,
1436 const char *what
, const char *name
)
1438 char buf
[max_dirnamelen
+ max_capstrlen
];
1441 _dl_debug_printf (" search path=");
1443 while (*list
!= NULL
&& (*list
)->what
== what
) /* Yes, ==. */
1445 char *endp
= __mempcpy (buf
, (*list
)->dirname
, (*list
)->dirnamelen
);
1448 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
1449 if ((*list
)->status
[cnt
] != nonexisting
)
1451 char *cp
= __mempcpy (endp
, capstr
[cnt
].str
, capstr
[cnt
].len
);
1452 if (cp
== buf
|| (cp
== buf
+ 1 && buf
[0] == '/'))
1457 _dl_debug_printf_c (first
? "%s" : ":%s", buf
);
1465 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what
,
1466 DSO_FILENAME (name
));
1468 _dl_debug_printf_c ("\t\t(%s)\n", what
);
1471 /* Open a file and verify it is an ELF file for this architecture. We
1472 ignore only ELF files for other architectures. Non-ELF files and
1473 ELF files with different header information cause fatal errors since
1474 this could mean there is something wrong in the installation and the
1475 user might want to know about this. */
1477 open_verify (const char *name
, struct filebuf
*fbp
, struct link_map
*loader
,
1478 int whatcode
, int mode
, bool *found_other_class
, bool free_name
)
1480 /* This is the expected ELF header. */
1481 #define ELF32_CLASS ELFCLASS32
1482 #define ELF64_CLASS ELFCLASS64
1483 #ifndef VALID_ELF_HEADER
1484 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1485 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1486 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1487 #elif defined MORE_ELF_HEADER_DATA
1488 MORE_ELF_HEADER_DATA
;
1490 static const unsigned char expected
[EI_NIDENT
] =
1492 [EI_MAG0
] = ELFMAG0
,
1493 [EI_MAG1
] = ELFMAG1
,
1494 [EI_MAG2
] = ELFMAG2
,
1495 [EI_MAG3
] = ELFMAG3
,
1496 [EI_CLASS
] = ELFW(CLASS
),
1497 [EI_DATA
] = byteorder
,
1498 [EI_VERSION
] = EV_CURRENT
,
1499 [EI_OSABI
] = ELFOSABI_SYSV
,
1504 ElfW(Word
) vendorlen
;
1508 } expected_note
= { 4, 16, 1, "GNU" };
1509 /* Initialize it to make the compiler happy. */
1510 const char *errstring
= NULL
;
1514 /* Give the auditing libraries a chance. */
1515 if (__glibc_unlikely (GLRO(dl_naudit
) > 0) && whatcode
!= 0
1516 && loader
->l_auditing
== 0)
1518 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1519 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1521 if (afct
->objsearch
!= NULL
)
1523 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1526 /* Ignore the path. */
1535 /* Open the file. We always open files read-only. */
1536 int fd
= __open (name
, O_RDONLY
| O_CLOEXEC
);
1540 ElfW(Phdr
) *phdr
, *ph
;
1541 ElfW(Word
) *abi_note
;
1542 unsigned int osversion
;
1545 /* We successfully opened the file. Now verify it is a file
1549 assert (sizeof (fbp
->buf
) > sizeof (ElfW(Ehdr
)));
1550 /* Read in the header. */
1553 ssize_t retlen
= __libc_read (fd
, fbp
->buf
+ fbp
->len
,
1554 sizeof (fbp
->buf
) - fbp
->len
);
1559 while (__glibc_unlikely (fbp
->len
< sizeof (ElfW(Ehdr
))));
1561 /* This is where the ELF header is loaded. */
1562 ehdr
= (ElfW(Ehdr
) *) fbp
->buf
;
1564 /* Now run the tests. */
1565 if (__glibc_unlikely (fbp
->len
< (ssize_t
) sizeof (ElfW(Ehdr
))))
1568 errstring
= (errval
== 0
1569 ? N_("file too short") : N_("cannot read file data"));
1573 char *realname
= (char *) name
;
1574 name
= strdupa (realname
);
1577 lose (errval
, fd
, name
, NULL
, NULL
, errstring
, NULL
, 0);
1580 /* See whether the ELF header is what we expect. */
1581 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr
->e_ident
, expected
,
1583 || !VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1584 ehdr
->e_ident
[EI_ABIVERSION
])
1585 || memcmp (&ehdr
->e_ident
[EI_PAD
],
1587 EI_NIDENT
- EI_PAD
) != 0))
1589 /* Something is wrong. */
1590 const Elf32_Word
*magp
= (const void *) ehdr
->e_ident
;
1592 #if BYTE_ORDER == LITTLE_ENDIAN
1593 ((ELFMAG0
<< (EI_MAG0
* 8)) |
1594 (ELFMAG1
<< (EI_MAG1
* 8)) |
1595 (ELFMAG2
<< (EI_MAG2
* 8)) |
1596 (ELFMAG3
<< (EI_MAG3
* 8)))
1598 ((ELFMAG0
<< (EI_MAG3
* 8)) |
1599 (ELFMAG1
<< (EI_MAG2
* 8)) |
1600 (ELFMAG2
<< (EI_MAG1
* 8)) |
1601 (ELFMAG3
<< (EI_MAG0
* 8)))
1604 errstring
= N_("invalid ELF header");
1605 else if (ehdr
->e_ident
[EI_CLASS
] != ELFW(CLASS
))
1607 /* This is not a fatal error. On architectures where
1608 32-bit and 64-bit binaries can be run this might
1610 *found_other_class
= true;
1613 else if (ehdr
->e_ident
[EI_DATA
] != byteorder
)
1615 if (BYTE_ORDER
== BIG_ENDIAN
)
1616 errstring
= N_("ELF file data encoding not big-endian");
1618 errstring
= N_("ELF file data encoding not little-endian");
1620 else if (ehdr
->e_ident
[EI_VERSION
] != EV_CURRENT
)
1622 = N_("ELF file version ident does not match current one");
1623 /* XXX We should be able so set system specific versions which are
1625 else if (!VALID_ELF_OSABI (ehdr
->e_ident
[EI_OSABI
]))
1626 errstring
= N_("ELF file OS ABI invalid");
1627 else if (!VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1628 ehdr
->e_ident
[EI_ABIVERSION
]))
1629 errstring
= N_("ELF file ABI version invalid");
1630 else if (memcmp (&ehdr
->e_ident
[EI_PAD
], &expected
[EI_PAD
],
1631 EI_NIDENT
- EI_PAD
) != 0)
1632 errstring
= N_("nonzero padding in e_ident");
1634 /* Otherwise we don't know what went wrong. */
1635 errstring
= N_("internal error");
1640 if (__glibc_unlikely (ehdr
->e_version
!= EV_CURRENT
))
1642 errstring
= N_("ELF file version does not match current one");
1645 if (! __glibc_likely (elf_machine_matches_host (ehdr
)))
1647 else if (__glibc_unlikely (ehdr
->e_type
!= ET_DYN
1648 && ehdr
->e_type
!= ET_EXEC
))
1650 errstring
= N_("only ET_DYN and ET_EXEC can be loaded");
1653 else if (__glibc_unlikely (ehdr
->e_type
== ET_EXEC
1654 && (mode
& __RTLD_OPENEXEC
) == 0))
1656 /* BZ #16634. It is an error to dlopen ET_EXEC (unless
1657 __RTLD_OPENEXEC is explicitly set). We return error here
1658 so that code in _dl_map_object_from_fd does not try to set
1659 l_tls_modid for this module. */
1661 errstring
= N_("cannot dynamically load executable");
1664 else if (__glibc_unlikely (ehdr
->e_phentsize
!= sizeof (ElfW(Phdr
))))
1666 errstring
= N_("ELF file's phentsize not the expected size");
1670 maplength
= ehdr
->e_phnum
* sizeof (ElfW(Phdr
));
1671 if (ehdr
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1672 phdr
= (void *) (fbp
->buf
+ ehdr
->e_phoff
);
1675 phdr
= alloca (maplength
);
1676 __lseek (fd
, ehdr
->e_phoff
, SEEK_SET
);
1677 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1681 errstring
= N_("cannot read file data");
1686 /* Check .note.ABI-tag if present. */
1687 for (ph
= phdr
; ph
< &phdr
[ehdr
->e_phnum
]; ++ph
)
1688 if (ph
->p_type
== PT_NOTE
&& ph
->p_filesz
>= 32 && ph
->p_align
>= 4)
1690 ElfW(Addr
) size
= ph
->p_filesz
;
1692 if (ph
->p_offset
+ size
<= (size_t) fbp
->len
)
1693 abi_note
= (void *) (fbp
->buf
+ ph
->p_offset
);
1696 abi_note
= alloca (size
);
1697 __lseek (fd
, ph
->p_offset
, SEEK_SET
);
1698 if (__libc_read (fd
, (void *) abi_note
, size
) != size
)
1702 while (memcmp (abi_note
, &expected_note
, sizeof (expected_note
)))
1704 #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1705 ElfW(Addr
) note_size
= 3 * sizeof (ElfW(Word
))
1706 + ROUND (abi_note
[0])
1707 + ROUND (abi_note
[1]);
1709 if (size
- 32 < note_size
)
1715 abi_note
= (void *) abi_note
+ note_size
;
1721 osversion
= (abi_note
[5] & 0xff) * 65536
1722 + (abi_note
[6] & 0xff) * 256
1723 + (abi_note
[7] & 0xff);
1724 if (abi_note
[4] != __ABI_TAG_OS
1725 || (GLRO(dl_osversion
) && GLRO(dl_osversion
) < osversion
))
1729 __set_errno (ENOENT
);
1740 /* Try to open NAME in one of the directories in *DIRSP.
1741 Return the fd, or -1. If successful, fill in *REALNAME
1742 with the malloc'd full directory name. If it turns out
1743 that none of the directories in *DIRSP exists, *DIRSP is
1744 replaced with (void *) -1, and the old value is free()d
1745 if MAY_FREE_DIRS is true. */
1748 open_path (const char *name
, size_t namelen
, int mode
,
1749 struct r_search_path_struct
*sps
, char **realname
,
1750 struct filebuf
*fbp
, struct link_map
*loader
, int whatcode
,
1751 bool *found_other_class
)
1753 struct r_search_path_elem
**dirs
= sps
->dirs
;
1756 const char *current_what
= NULL
;
1759 if (__glibc_unlikely (dirs
== NULL
))
1760 /* We're called before _dl_init_paths when loading the main executable
1761 given on the command line when rtld is run directly. */
1764 buf
= alloca (max_dirnamelen
+ max_capstrlen
+ namelen
);
1767 struct r_search_path_elem
*this_dir
= *dirs
;
1774 /* If we are debugging the search for libraries print the path
1775 now if it hasn't happened now. */
1776 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
)
1777 && current_what
!= this_dir
->what
)
1779 current_what
= this_dir
->what
;
1780 print_search_path (dirs
, current_what
, this_dir
->where
);
1783 edp
= (char *) __mempcpy (buf
, this_dir
->dirname
, this_dir
->dirnamelen
);
1784 for (cnt
= 0; fd
== -1 && cnt
< ncapstr
; ++cnt
)
1786 /* Skip this directory if we know it does not exist. */
1787 if (this_dir
->status
[cnt
] == nonexisting
)
1791 ((char *) __mempcpy (__mempcpy (edp
, capstr
[cnt
].str
,
1796 /* Print name we try if this is wanted. */
1797 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1798 _dl_debug_printf (" trying file=%s\n", buf
);
1800 fd
= open_verify (buf
, fbp
, loader
, whatcode
, mode
,
1801 found_other_class
, false);
1802 if (this_dir
->status
[cnt
] == unknown
)
1805 this_dir
->status
[cnt
] = existing
;
1806 /* Do not update the directory information when loading
1807 auditing code. We must try to disturb the program as
1808 little as possible. */
1809 else if (loader
== NULL
1810 || GL(dl_ns
)[loader
->l_ns
]._ns_loaded
->l_auditing
== 0)
1812 /* We failed to open machine dependent library. Let's
1813 test whether there is any directory at all. */
1816 buf
[buflen
- namelen
- 1] = '\0';
1818 if (__xstat64 (_STAT_VER
, buf
, &st
) != 0
1819 || ! S_ISDIR (st
.st_mode
))
1820 /* The directory does not exist or it is no directory. */
1821 this_dir
->status
[cnt
] = nonexisting
;
1823 this_dir
->status
[cnt
] = existing
;
1827 /* Remember whether we found any existing directory. */
1828 here_any
|= this_dir
->status
[cnt
] != nonexisting
;
1830 if (fd
!= -1 && __glibc_unlikely (mode
& __RTLD_SECURE
)
1831 && __libc_enable_secure
)
1833 /* This is an extra security effort to make sure nobody can
1834 preload broken shared objects which are in the trusted
1835 directories and so exploit the bugs. */
1838 if (__fxstat64 (_STAT_VER
, fd
, &st
) != 0
1839 || (st
.st_mode
& S_ISUID
) == 0)
1841 /* The shared object cannot be tested for being SUID
1842 or this bit is not set. In this case we must not
1846 /* We simply ignore the file, signal this by setting
1847 the error value which would have been set by `open'. */
1855 *realname
= (char *) malloc (buflen
);
1856 if (*realname
!= NULL
)
1858 memcpy (*realname
, buf
, buflen
);
1863 /* No memory for the name, we certainly won't be able
1864 to load and link it. */
1869 if (here_any
&& (err
= errno
) != ENOENT
&& err
!= EACCES
)
1870 /* The file exists and is readable, but something went wrong. */
1873 /* Remember whether we found anything. */
1876 while (*++dirs
!= NULL
);
1878 /* Remove the whole path if none of the directories exists. */
1879 if (__glibc_unlikely (! any
))
1881 /* Paths which were allocated using the minimal malloc() in ld.so
1882 must not be freed using the general free() in libc. */
1886 /* rtld_search_dirs is attribute_relro, therefore avoid writing
1888 if (sps
!= &rtld_search_dirs
)
1889 sps
->dirs
= (void *) -1;
1895 /* Map in the shared object file NAME. */
1899 _dl_map_object (struct link_map
*loader
, const char *name
,
1900 int type
, int trace_mode
, int mode
, Lmid_t nsid
)
1909 assert (nsid
< GL(dl_nns
));
1911 /* Look for this name among those already loaded. */
1912 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
1914 /* If the requested name matches the soname of a loaded object,
1915 use that object. Elide this check for names that have not
1917 if (__glibc_unlikely ((l
->l_faked
| l
->l_removed
) != 0))
1919 if (!_dl_name_match_p (name
, l
))
1923 if (__glibc_likely (l
->l_soname_added
)
1924 || l
->l_info
[DT_SONAME
] == NULL
)
1927 soname
= ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1928 + l
->l_info
[DT_SONAME
]->d_un
.d_val
);
1929 if (strcmp (name
, soname
) != 0)
1932 /* We have a match on a new name -- cache it. */
1933 add_name_to_object (l
, soname
);
1934 l
->l_soname_added
= 1;
1937 /* We have a match. */
1941 /* Display information if we are debugging. */
1942 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
)
1944 _dl_debug_printf ((mode
& __RTLD_CALLMAP
) == 0
1945 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
1946 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
1947 name
, nsid
, DSO_FILENAME (loader
->l_name
), loader
->l_ns
);
1950 /* Give the auditing libraries a chance to change the name before we
1952 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1953 && (loader
== NULL
|| loader
->l_auditing
== 0))
1955 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1956 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1958 if (afct
->objsearch
!= NULL
)
1960 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1964 /* Do not try anything further. */
1975 /* Will be true if we found a DSO which is of the other ELF class. */
1976 bool found_other_class
= false;
1978 if (strchr (name
, '/') == NULL
)
1980 /* Search for NAME in several places. */
1982 size_t namelen
= strlen (name
) + 1;
1984 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1985 _dl_debug_printf ("find library=%s [%lu]; searching\n", name
, nsid
);
1989 /* When the object has the RUNPATH information we don't use any
1991 if (loader
== NULL
|| loader
->l_info
[DT_RUNPATH
] == NULL
)
1993 /* This is the executable's map (if there is one). Make sure that
1994 we do not look at it twice. */
1995 struct link_map
*main_map
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
1996 bool did_main_map
= false;
1998 /* First try the DT_RPATH of the dependent object that caused NAME
1999 to be loaded. Then that object's dependent, and on up. */
2000 for (l
= loader
; l
; l
= l
->l_loader
)
2001 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2003 fd
= open_path (name
, namelen
, mode
,
2005 &realname
, &fb
, loader
, LA_SER_RUNPATH
,
2006 &found_other_class
);
2010 did_main_map
|= l
== main_map
;
2013 /* If dynamically linked, try the DT_RPATH of the executable
2014 itself. NB: we do this for lookups in any namespace. */
2015 if (fd
== -1 && !did_main_map
2016 && main_map
!= NULL
&& main_map
->l_type
!= lt_loaded
2017 && cache_rpath (main_map
, &main_map
->l_rpath_dirs
, DT_RPATH
,
2019 fd
= open_path (name
, namelen
, mode
,
2020 &main_map
->l_rpath_dirs
,
2021 &realname
, &fb
, loader
?: main_map
, LA_SER_RUNPATH
,
2022 &found_other_class
);
2025 /* Try the LD_LIBRARY_PATH environment variable. */
2026 if (fd
== -1 && env_path_list
.dirs
!= (void *) -1)
2027 fd
= open_path (name
, namelen
, mode
, &env_path_list
,
2029 loader
?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
,
2030 LA_SER_LIBPATH
, &found_other_class
);
2032 /* Look at the RUNPATH information for this binary. */
2033 if (fd
== -1 && loader
!= NULL
2034 && cache_rpath (loader
, &loader
->l_runpath_dirs
,
2035 DT_RUNPATH
, "RUNPATH"))
2036 fd
= open_path (name
, namelen
, mode
,
2037 &loader
->l_runpath_dirs
, &realname
, &fb
, loader
,
2038 LA_SER_RUNPATH
, &found_other_class
);
2042 && (__glibc_likely ((mode
& __RTLD_SECURE
) == 0)
2043 || ! __libc_enable_secure
)
2044 && __glibc_likely (GLRO(dl_inhibit_cache
) == 0))
2046 /* Check the list of libraries in the file /etc/ld.so.cache,
2047 for compatibility with Linux's ldconfig program. */
2048 const char *cached
= _dl_load_cache_lookup (name
);
2052 // XXX Correct to unconditionally default to namespace 0?
2054 ?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
2060 /* If the loader has the DF_1_NODEFLIB flag set we must not
2061 use a cache entry from any of these directories. */
2062 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NODEFLIB
))
2064 const char *dirp
= system_dirs
;
2065 unsigned int cnt
= 0;
2069 if (memcmp (cached
, dirp
, system_dirs_len
[cnt
]) == 0)
2071 /* The prefix matches. Don't use the entry. */
2076 dirp
+= system_dirs_len
[cnt
] + 1;
2079 while (cnt
< nsystem_dirs_len
);
2084 fd
= open_verify (cached
,
2085 &fb
, loader
?: GL(dl_ns
)[nsid
]._ns_loaded
,
2086 LA_SER_CONFIG
, mode
, &found_other_class
,
2088 if (__glibc_likely (fd
!= -1))
2090 realname
= __strdup (cached
);
2091 if (realname
== NULL
)
2102 /* Finally, try the default path. */
2104 && ((l
= loader
?: GL(dl_ns
)[nsid
]._ns_loaded
) == NULL
2105 || __glibc_likely (!(l
->l_flags_1
& DF_1_NODEFLIB
)))
2106 && rtld_search_dirs
.dirs
!= (void *) -1)
2107 fd
= open_path (name
, namelen
, mode
, &rtld_search_dirs
,
2108 &realname
, &fb
, l
, LA_SER_DEFAULT
, &found_other_class
);
2110 /* Add another newline when we are tracing the library loading. */
2111 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
2112 _dl_debug_printf ("\n");
2116 /* The path may contain dynamic string tokens. */
2118 ? expand_dynamic_string_token (loader
, name
, 0)
2120 if (realname
== NULL
)
2124 fd
= open_verify (realname
, &fb
,
2125 loader
?: GL(dl_ns
)[nsid
]._ns_loaded
, 0, mode
,
2126 &found_other_class
, true);
2127 if (__glibc_unlikely (fd
== -1))
2135 /* In case the LOADER information has only been provided to get to
2136 the appropriate RUNPATH/RPATH information we do not need it
2138 if (mode
& __RTLD_CALLMAP
)
2141 if (__glibc_unlikely (fd
== -1))
2144 && __glibc_likely ((GLRO(dl_debug_mask
) & DL_DEBUG_PRELINK
) == 0))
2146 /* We haven't found an appropriate library. But since we
2147 are only interested in the list of libraries this isn't
2148 so severe. Fake an entry with all the information we
2150 static const Elf_Symndx dummy_bucket
= STN_UNDEF
;
2152 /* Allocate a new object map. */
2153 if ((name_copy
= __strdup (name
)) == NULL
2154 || (l
= _dl_new_object (name_copy
, name
, type
, loader
,
2155 mode
, nsid
)) == NULL
)
2158 _dl_signal_error (ENOMEM
, name
, NULL
,
2159 N_("cannot create shared object descriptor"));
2161 /* Signal that this is a faked entry. */
2163 /* Since the descriptor is initialized with zero we do not
2165 l->l_reserved = 0; */
2166 l
->l_buckets
= &dummy_bucket
;
2170 /* Enter the object in the object list. */
2171 _dl_add_to_namespace_list (l
, nsid
);
2175 else if (found_other_class
)
2176 _dl_signal_error (0, name
, NULL
,
2177 ELFW(CLASS
) == ELFCLASS32
2178 ? N_("wrong ELF class: ELFCLASS64")
2179 : N_("wrong ELF class: ELFCLASS32"));
2181 _dl_signal_error (errno
, name
, NULL
,
2182 N_("cannot open shared object file"));
2185 void *stack_end
= __libc_stack_end
;
2186 return _dl_map_object_from_fd (name
, fd
, &fb
, realname
, loader
, type
, mode
,
2190 struct add_path_state
2199 add_path (struct add_path_state
*p
, const struct r_search_path_struct
*sps
,
2202 if (sps
->dirs
!= (void *) -1)
2204 struct r_search_path_elem
**dirs
= sps
->dirs
;
2207 const struct r_search_path_elem
*const r
= *dirs
++;
2211 p
->si
->dls_size
+= MAX (2, r
->dirnamelen
);
2215 Dl_serpath
*const sp
= &p
->si
->dls_serpath
[p
->idx
++];
2216 sp
->dls_name
= p
->allocptr
;
2217 if (r
->dirnamelen
< 2)
2218 *p
->allocptr
++ = r
->dirnamelen
? '/' : '.';
2220 p
->allocptr
= __mempcpy (p
->allocptr
,
2221 r
->dirname
, r
->dirnamelen
- 1);
2222 *p
->allocptr
++ = '\0';
2223 sp
->dls_flags
= flags
;
2226 while (*dirs
!= NULL
);
2232 _dl_rtld_di_serinfo (struct link_map
*loader
, Dl_serinfo
*si
, bool counting
)
2240 struct add_path_state p
=
2242 .counting
= counting
,
2245 .allocptr
= (char *) &si
->dls_serpath
[si
->dls_cnt
]
2248 # define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */
2250 /* When the object has the RUNPATH information we don't use any RPATHs. */
2251 if (loader
->l_info
[DT_RUNPATH
] == NULL
)
2253 /* First try the DT_RPATH of the dependent object that caused NAME
2254 to be loaded. Then that object's dependent, and on up. */
2256 struct link_map
*l
= loader
;
2259 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2260 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2265 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2266 if (loader
->l_ns
== LM_ID_BASE
)
2268 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2269 if (l
!= NULL
&& l
->l_type
!= lt_loaded
&& l
!= loader
)
2270 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2271 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2275 /* Try the LD_LIBRARY_PATH environment variable. */
2276 add_path (&p
, &env_path_list
, XXX_ENV
);
2278 /* Look at the RUNPATH information for this binary. */
2279 if (cache_rpath (loader
, &loader
->l_runpath_dirs
, DT_RUNPATH
, "RUNPATH"))
2280 add_path (&p
, &loader
->l_runpath_dirs
, XXX_RUNPATH
);
2283 Here is where ld.so.cache gets checked, but we don't have
2284 a way to indicate that in the results for Dl_serinfo. */
2286 /* Finally, try the default path. */
2287 if (!(loader
->l_flags_1
& DF_1_NODEFLIB
))
2288 add_path (&p
, &rtld_search_dirs
, XXX_default
);
2291 /* Count the struct size before the string area, which we didn't
2292 know before we completed dls_cnt. */
2293 si
->dls_size
+= (char *) &si
->dls_serpath
[si
->dls_cnt
] - (char *) si
;