1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2013 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
28 #include <bits/wordsize.h>
30 #include <sys/param.h>
32 #include <sys/types.h>
33 #include "dynamic-link.h"
35 #include <stackinfo.h>
38 #include <stap-probe.h>
42 /* On some systems, no flag bits are given to specify file mapping. */
47 /* The right way to map in the shared library files is MAP_COPY, which
48 makes a virtual copy of the data at the time of the mmap call; this
49 guarantees the mapped pages will be consistent even if the file is
50 overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we
51 get is MAP_PRIVATE, which copies each page when it is modified; this
52 means if the file is overwritten, we may at some point get some pages
53 from the new version after starting with pages from the old version.
55 To make up for the lack and avoid the overwriting problem,
56 what Linux does have is MAP_DENYWRITE. This prevents anyone
57 from modifying the file while we have it mapped. */
60 # define MAP_COPY (MAP_PRIVATE | MAP_DENYWRITE)
62 # define MAP_COPY MAP_PRIVATE
66 /* Some systems link their relocatable objects for another base address
67 than 0. We want to know the base address for these such that we can
68 subtract this address from the segment addresses during mapping.
69 This results in a more efficient address space usage. Defaults to
70 zero for almost all systems. */
72 # define MAP_BASE_ADDR(l) 0
77 #if BYTE_ORDER == BIG_ENDIAN
78 # define byteorder ELFDATA2MSB
79 #elif BYTE_ORDER == LITTLE_ENDIAN
80 # define byteorder ELFDATA2LSB
82 # error "Unknown BYTE_ORDER " BYTE_ORDER
83 # define byteorder ELFDATANONE
86 #define STRING(x) __STRING (x)
88 /* Handle situations where we have a preferred location in memory for
89 the shared objects. */
90 #ifdef ELF_PREFERRED_ADDRESS_DATA
91 ELF_PREFERRED_ADDRESS_DATA;
93 #ifndef ELF_PREFERRED_ADDRESS
94 # define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref)
96 #ifndef ELF_FIXED_ADDRESS
97 # define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
101 int __stack_prot attribute_hidden attribute_relro
102 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
104 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
111 /* Type for the buffer we put the ELF header and hopefully the program
112 header. This buffer does not really have to be too large. In most
113 cases the program header follows the ELF header directly. If this
114 is not the case all bets are off and we can make the header
115 arbitrarily large and still won't get it read. This means the only
116 question is how large are the ELF and program header combined. The
117 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
118 bytes long. Each program header entry is again 32 and 56 bytes
119 long respectively. I.e., even with a file which has 10 program
120 header entries we only have to read 372B/624B respectively. Add to
121 this a bit of margin for program notes and reading 512B and 832B
122 for 32-bit and 64-bit files respecitvely is enough. If this
123 heuristic should really fail for some file the code in
124 `_dl_map_object_from_fd' knows how to recover. */
129 # define FILEBUF_SIZE 512
131 # define FILEBUF_SIZE 832
133 char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr)))));
136 /* This is the decomposed LD_LIBRARY_PATH search path. */
137 static struct r_search_path_struct env_path_list attribute_relro;
139 /* List of the hardware capabilities we might end up using. */
140 static const struct r_strlenpair *capstr attribute_relro;
141 static size_t ncapstr attribute_relro;
142 static size_t max_capstrlen attribute_relro;
145 /* Get the generated information about the trusted directories. */
146 #include "trusted-dirs.h"
148 static const char system_dirs[] = SYSTEM_DIRS;
149 static const size_t system_dirs_len[] =
153 #define nsystem_dirs_len \
154 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
157 /* Local version of `strdup' function. */
159 local_strdup (const char *s)
161 size_t len = strlen (s) + 1;
162 void *new = malloc (len);
167 return (char *) memcpy (new, s, len);
172 is_trusted_path (const char *path, size_t len)
174 const char *trun = system_dirs;
176 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
178 if (len == system_dirs_len[idx] && memcmp (trun, path, len) == 0)
182 trun += system_dirs_len[idx] + 1;
190 is_trusted_path_normalize (const char *path, size_t len)
201 char *npath = (char *) alloca (len + 2);
203 while (*path != '\0')
209 if (path[2] == '.' && (path[3] == '/' || path[3] == '\0'))
211 while (wnp > npath && *--wnp != '/')
216 else if (path[2] == '/' || path[2] == '\0')
223 if (wnp > npath && wnp[-1] == '/')
233 if (wnp == npath || wnp[-1] != '/')
236 const char *trun = system_dirs;
238 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
240 if (wnp - npath >= system_dirs_len[idx]
241 && memcmp (trun, npath, system_dirs_len[idx]) == 0)
245 trun += system_dirs_len[idx] + 1;
253 is_dst (const char *start, const char *name, const char *str,
254 int is_path, int secure)
257 bool is_curly = false;
266 while (name[len] == str[len] && name[len] != '\0')
271 if (name[len] != '}')
274 /* Point again at the beginning of the name. */
276 /* Skip over closing curly brace and adjust for the --name. */
279 else if (name[len] != '\0' && name[len] != '/'
280 && (!is_path || name[len] != ':'))
283 if (__builtin_expect (secure, 0)
284 && ((name[len] != '\0' && name[len] != '/'
285 && (!is_path || name[len] != ':'))
286 || (name != start + 1 && (!is_path || name[-2] != ':'))))
294 _dl_dst_count (const char *name, int is_path)
296 const char *const start = name;
303 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
304 is $ORIGIN alone) and it must always appear first in path. */
306 if ((len = is_dst (start, name, "ORIGIN", is_path,
307 INTUSE(__libc_enable_secure))) != 0
308 || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
309 || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
312 name = strchr (name + len, '$');
314 while (name != NULL);
321 _dl_dst_substitute (struct link_map *l, const char *name, char *result,
324 const char *const start = name;
326 /* Now fill the result path. While copying over the string we keep
327 track of the start of the last path element. When we come across
328 a DST we copy over the value or (if the value is not available)
329 leave the entire path element out. */
331 char *last_elem = result;
332 bool check_for_trusted = false;
336 if (__builtin_expect (*name == '$', 0))
338 const char *repl = NULL;
342 if ((len = is_dst (start, name, "ORIGIN", is_path,
343 INTUSE(__libc_enable_secure))) != 0)
346 check_for_trusted = (INTUSE(__libc_enable_secure)
347 && l->l_type == lt_executable);
349 else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
350 repl = GLRO(dl_platform);
351 else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
354 if (repl != NULL && repl != (const char *) -1)
356 wp = __stpcpy (wp, repl);
361 /* We cannot use this path element, the value of the
362 replacement is unknown. */
365 while (*name != '\0' && (!is_path || *name != ':'))
367 /* Also skip following colon if this is the first rpath
368 element, but keep an empty element at the end. */
369 if (wp == result && is_path && *name == ':' && name[1] != '\0')
373 /* No DST we recognize. */
379 if (is_path && *name == ':')
381 /* In SUID/SGID programs, after $ORIGIN expansion the
382 normalized path must be rooted in one of the trusted
384 if (__builtin_expect (check_for_trusted, false)
385 && !is_trusted_path_normalize (last_elem, wp - last_elem))
390 check_for_trusted = false;
394 while (*name != '\0');
396 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
397 path must be rooted in one of the trusted directories. */
398 if (__builtin_expect (check_for_trusted, false)
399 && !is_trusted_path_normalize (last_elem, wp - last_elem))
408 /* Return copy of argument with all recognized dynamic string tokens
409 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
410 might not be possible to determine the path from which the object
411 belonging to the map is loaded. In this case the path element
412 containing $ORIGIN is left out. */
414 expand_dynamic_string_token (struct link_map *l, const char *s, int is_path)
416 /* We make two runs over the string. First we determine how large the
417 resulting string is and then we copy it over. Since this is no
418 frequently executed operation we are looking here not for performance
419 but rather for code size. */
424 /* Determine the number of DST elements. */
425 cnt = DL_DST_COUNT (s, is_path);
427 /* If we do not have to replace anything simply copy the string. */
428 if (__builtin_expect (cnt, 0) == 0)
429 return local_strdup (s);
431 /* Determine the length of the substituted string. */
432 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
434 /* Allocate the necessary memory. */
435 result = (char *) malloc (total + 1);
439 return _dl_dst_substitute (l, s, result, is_path);
443 /* Add `name' to the list of names for a particular shared object.
444 `name' is expected to have been allocated with malloc and will
445 be freed if the shared object already has this name.
446 Returns false if the object already had this name. */
449 add_name_to_object (struct link_map *l, const char *name)
451 struct libname_list *lnp, *lastp;
452 struct libname_list *newname;
456 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
457 if (strcmp (name, lnp->name) == 0)
460 name_len = strlen (name) + 1;
461 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
464 /* No more memory. */
465 _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record"));
468 /* The object should have a libname set from _dl_new_object. */
469 assert (lastp != NULL);
471 newname->name = memcpy (newname + 1, name, name_len);
472 newname->next = NULL;
473 newname->dont_free = 0;
474 lastp->next = newname;
477 /* Standard search directories. */
478 static struct r_search_path_struct rtld_search_dirs attribute_relro;
480 static size_t max_dirnamelen;
482 static struct r_search_path_elem **
483 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
484 int check_trusted, const char *what, const char *where,
491 while ((cp = __strsep (&rpath, sep)) != NULL)
493 struct r_search_path_elem *dirp;
495 to_free = cp = expand_dynamic_string_token (l, cp, 1);
497 size_t len = strlen (cp);
499 /* `strsep' can pass an empty string. This has to be
500 interpreted as `use the current directory'. */
503 static const char curwd[] = "./";
507 /* Remove trailing slashes (except for "/"). */
508 while (len > 1 && cp[len - 1] == '/')
511 /* Now add one if there is none so far. */
512 if (len > 0 && cp[len - 1] != '/')
515 /* Make sure we don't use untrusted directories if we run SUID. */
516 if (__builtin_expect (check_trusted, 0) && !is_trusted_path (cp, len))
522 /* See if this directory is already known. */
523 for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next)
524 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
529 /* It is available, see whether it's on our own list. */
531 for (cnt = 0; cnt < nelems; ++cnt)
532 if (result[cnt] == dirp)
536 result[nelems++] = dirp;
541 enum r_dir_status init_val;
542 size_t where_len = where ? strlen (where) + 1 : 0;
544 /* It's a new directory. Create an entry and add it. */
545 dirp = (struct r_search_path_elem *)
546 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
547 + where_len + len + 1);
549 _dl_signal_error (ENOMEM, NULL, NULL,
550 N_("cannot create cache for search path"));
552 dirp->dirname = ((char *) dirp + sizeof (*dirp)
553 + ncapstr * sizeof (enum r_dir_status));
554 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
555 dirp->dirnamelen = len;
557 if (len > max_dirnamelen)
558 max_dirnamelen = len;
560 /* We have to make sure all the relative directories are
561 never ignored. The current directory might change and
562 all our saved information would be void. */
563 init_val = cp[0] != '/' ? existing : unknown;
564 for (cnt = 0; cnt < ncapstr; ++cnt)
565 dirp->status[cnt] = init_val;
568 if (__builtin_expect (where != NULL, 1))
569 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
570 + (ncapstr * sizeof (enum r_dir_status)),
575 dirp->next = GL(dl_all_dirs);
576 GL(dl_all_dirs) = dirp;
578 /* Put it in the result array. */
579 result[nelems++] = dirp;
584 /* Terminate the array. */
585 result[nelems] = NULL;
593 decompose_rpath (struct r_search_path_struct *sps,
594 const char *rpath, struct link_map *l, const char *what)
596 /* Make a copy we can work with. */
597 const char *where = l->l_name;
600 struct r_search_path_elem **result;
602 /* Initialize to please the compiler. */
603 const char *errstring = NULL;
605 /* First see whether we must forget the RUNPATH and RPATH from this
607 if (__builtin_expect (GLRO(dl_inhibit_rpath) != NULL, 0)
608 && !INTUSE(__libc_enable_secure))
610 const char *inhp = GLRO(dl_inhibit_rpath);
614 const char *wp = where;
616 while (*inhp == *wp && *wp != '\0')
622 if (*wp == '\0' && (*inhp == '\0' || *inhp == ':'))
624 /* This object is on the list of objects for which the
625 RUNPATH and RPATH must not be used. */
626 sps->dirs = (void *) -1;
630 while (*inhp != '\0')
634 while (*inhp != '\0');
637 /* Make a writable copy. */
638 copy = local_strdup (rpath);
641 errstring = N_("cannot create RUNPATH/RPATH copy");
645 /* Ignore empty rpaths. */
649 sps->dirs = (struct r_search_path_elem **) -1;
653 /* Count the number of necessary elements in the result array. */
655 for (cp = copy; *cp != '\0'; ++cp)
659 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
660 number of necessary entries. */
661 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
666 errstring = N_("cannot create cache for search path");
668 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
671 fillin_rpath (copy, result, ":", 0, what, where, l);
673 /* Free the copied RPATH string. `fillin_rpath' make own copies if
678 /* The caller will change this value if we haven't used a real malloc. */
683 /* Make sure cached path information is stored in *SP
684 and return true if there are any paths to search there. */
686 cache_rpath (struct link_map *l,
687 struct r_search_path_struct *sp,
691 if (sp->dirs == (void *) -1)
694 if (sp->dirs != NULL)
697 if (l->l_info[tag] == NULL)
699 /* There is no path. */
700 sp->dirs = (void *) -1;
704 /* Make sure the cache information is available. */
705 return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB])
706 + l->l_info[tag]->d_un.d_val),
713 _dl_init_paths (const char *llp)
717 struct r_search_path_elem *pelem, **aelem;
719 struct link_map __attribute__ ((unused)) *l = NULL;
720 /* Initialize to please the compiler. */
721 const char *errstring = NULL;
723 /* Fill in the information about the application's RPATH and the
724 directories addressed by the LD_LIBRARY_PATH environment variable. */
726 /* Get the capabilities. */
727 capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen),
728 &ncapstr, &max_capstrlen);
730 /* First set up the rest of the default search directory entries. */
731 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
732 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
733 if (rtld_search_dirs.dirs == NULL)
735 errstring = N_("cannot create search path array");
737 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
740 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
741 + ncapstr * sizeof (enum r_dir_status))
742 / sizeof (struct r_search_path_elem));
744 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)
745 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
746 * round_size * sizeof (struct r_search_path_elem));
747 if (rtld_search_dirs.dirs[0] == NULL)
749 errstring = N_("cannot create cache for search path");
753 rtld_search_dirs.malloced = 0;
754 pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0];
764 pelem->what = "system search path";
767 pelem->dirname = strp;
768 pelem->dirnamelen = system_dirs_len[idx];
769 strp += system_dirs_len[idx] + 1;
771 /* System paths must be absolute. */
772 assert (pelem->dirname[0] == '/');
773 for (cnt = 0; cnt < ncapstr; ++cnt)
774 pelem->status[cnt] = unknown;
776 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
780 while (idx < nsystem_dirs_len);
782 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
786 /* This points to the map of the main object. */
787 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
790 assert (l->l_type != lt_loaded);
792 if (l->l_info[DT_RUNPATH])
794 /* Allocate room for the search path and fill in information
796 decompose_rpath (&l->l_runpath_dirs,
797 (const void *) (D_PTR (l, l_info[DT_STRTAB])
798 + l->l_info[DT_RUNPATH]->d_un.d_val),
800 /* During rtld init the memory is allocated by the stub malloc,
801 prevent any attempt to free it by the normal malloc. */
802 l->l_runpath_dirs.malloced = 0;
804 /* The RPATH is ignored. */
805 l->l_rpath_dirs.dirs = (void *) -1;
809 l->l_runpath_dirs.dirs = (void *) -1;
811 if (l->l_info[DT_RPATH])
813 /* Allocate room for the search path and fill in information
815 decompose_rpath (&l->l_rpath_dirs,
816 (const void *) (D_PTR (l, l_info[DT_STRTAB])
817 + l->l_info[DT_RPATH]->d_un.d_val),
819 /* During rtld init the memory is allocated by the stub
820 malloc, prevent any attempt to free it by the normal
822 l->l_rpath_dirs.malloced = 0;
825 l->l_rpath_dirs.dirs = (void *) -1;
830 if (llp != NULL && *llp != '\0')
833 const char *cp = llp;
838 size_t cnt = DL_DST_COUNT (llp, 1);
839 if (__builtin_expect (cnt == 0, 1))
840 llp_tmp = strdupa (llp);
843 /* Determine the length of the substituted string. */
844 size_t total = DL_DST_REQUIRED (l, llp, strlen (llp), cnt);
846 /* Allocate the necessary memory. */
847 llp_tmp = (char *) alloca (total + 1);
848 llp_tmp = _dl_dst_substitute (l, llp, llp_tmp, 1);
851 llp_tmp = strdupa (llp);
854 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
859 if (*cp == ':' || *cp == ';')
864 env_path_list.dirs = (struct r_search_path_elem **)
865 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
866 if (env_path_list.dirs == NULL)
868 errstring = N_("cannot create cache for search path");
872 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
873 INTUSE(__libc_enable_secure), "LD_LIBRARY_PATH",
876 if (env_path_list.dirs[0] == NULL)
878 free (env_path_list.dirs);
879 env_path_list.dirs = (void *) -1;
882 env_path_list.malloced = 0;
885 env_path_list.dirs = (void *) -1;
890 __attribute__ ((noreturn, noinline))
891 lose (int code, int fd, const char *name, char *realname, struct link_map *l,
892 const char *msg, struct r_debug *r, Lmid_t nsid)
894 /* The file might already be closed. */
897 if (l != NULL && l->l_origin != (char *) -1l)
898 free ((char *) l->l_origin);
904 r->r_state = RT_CONSISTENT;
906 LIBC_PROBE (map_failed, 2, nsid, r);
909 _dl_signal_error (code, name, NULL, msg);
913 /* Map in the shared object NAME, actually located in REALNAME, and already
916 #ifndef EXTERNAL_MAP_FROM_FD
920 _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
921 char *realname, struct link_map *loader, int l_type,
922 int mode, void **stack_endp, Lmid_t nsid)
924 struct link_map *l = NULL;
925 const ElfW(Ehdr) *header;
926 const ElfW(Phdr) *phdr;
927 const ElfW(Phdr) *ph;
931 /* Initialize to keep the compiler happy. */
932 const char *errstring = NULL;
934 struct r_debug *r = _dl_debug_initialize (0, nsid);
935 bool make_consistent = false;
937 /* Get file information. */
938 if (__builtin_expect (__fxstat64 (_STAT_VER, fd, &st) < 0, 0))
940 errstring = N_("cannot stat shared object");
944 lose (errval, fd, name, realname, l, errstring,
945 make_consistent ? r : NULL, nsid);
948 /* Look again to see if the real name matched another already loaded. */
949 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
950 if (l->l_removed == 0 && l->l_ino == st.st_ino && l->l_dev == st.st_dev)
952 /* The object is already loaded.
953 Just bump its reference count and return it. */
956 /* If the name is not in the list of names for this object add
959 add_name_to_object (l, name);
965 /* When loading into a namespace other than the base one we must
966 avoid loading ld.so since there can only be one copy. Ever. */
967 if (__builtin_expect (nsid != LM_ID_BASE, 0)
968 && ((st.st_ino == GL(dl_rtld_map).l_ino
969 && st.st_dev == GL(dl_rtld_map).l_dev)
970 || _dl_name_match_p (name, &GL(dl_rtld_map))))
972 /* This is indeed ld.so. Create a new link_map which refers to
973 the real one for almost everything. */
974 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
978 /* Refer to the real descriptor. */
979 l->l_real = &GL(dl_rtld_map);
981 /* No need to bump the refcount of the real object, ld.so will
982 never be unloaded. */
985 /* Add the map for the mirrored object to the object list. */
986 _dl_add_to_namespace_list (l, nsid);
992 if (mode & RTLD_NOLOAD)
994 /* We are not supposed to load the object unless it is already
995 loaded. So return now. */
1001 /* Print debugging message. */
1002 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
1003 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid);
1005 /* This is the ELF header. We read it in `open_verify'. */
1006 header = (void *) fbp->buf;
1010 if (_dl_zerofd == -1)
1012 _dl_zerofd = _dl_sysdep_open_zero_fill ();
1013 if (_dl_zerofd == -1)
1017 _dl_signal_error (errno, NULL, NULL,
1018 N_("cannot open zero fill device"));
1023 /* Signal that we are going to add new objects. */
1024 if (r->r_state == RT_CONSISTENT)
1027 /* Auditing checkpoint: we are going to add new objects. */
1028 if ((mode & __RTLD_AUDIT) == 0
1029 && __builtin_expect (GLRO(dl_naudit) > 0, 0))
1031 struct link_map *head = GL(dl_ns)[nsid]._ns_loaded;
1032 /* Do not call the functions for any auditing object. */
1033 if (head->l_auditing == 0)
1035 struct audit_ifaces *afct = GLRO(dl_audit);
1036 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1038 if (afct->activity != NULL)
1039 afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD);
1047 /* Notify the debugger we have added some objects. We need to
1048 call _dl_debug_initialize in a static program in case dynamic
1049 linking has not been used before. */
1050 r->r_state = RT_ADD;
1052 LIBC_PROBE (map_start, 2, nsid, r);
1053 make_consistent = true;
1056 assert (r->r_state == RT_ADD);
1058 /* Enter the new object in the list of loaded objects. */
1059 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
1060 if (__builtin_expect (l == NULL, 0))
1065 errstring = N_("cannot create shared object descriptor");
1066 goto call_lose_errno;
1069 /* Extract the remaining details we need from the ELF header
1070 and then read in the program header table. */
1071 l->l_entry = header->e_entry;
1072 type = header->e_type;
1073 l->l_phnum = header->e_phnum;
1075 maplength = header->e_phnum * sizeof (ElfW(Phdr));
1076 if (header->e_phoff + maplength <= (size_t) fbp->len)
1077 phdr = (void *) (fbp->buf + header->e_phoff);
1080 phdr = alloca (maplength);
1081 __lseek (fd, header->e_phoff, SEEK_SET);
1082 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1084 errstring = N_("cannot read file data");
1085 goto call_lose_errno;
1089 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1090 * executable. Other platforms default to a nonexecutable stack and don't
1091 * need PT_GNU_STACK to do so. */
1092 uint_fast16_t stack_flags = DEFAULT_STACK_PERMS;
1095 /* Scan the program header table, collecting its load commands. */
1098 ElfW(Addr) mapstart, mapend, dataend, allocend;
1101 } loadcmds[l->l_phnum], *c;
1102 size_t nloadcmds = 0;
1103 bool has_holes = false;
1105 /* The struct is initialized to zero so this is not necessary:
1109 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
1112 /* These entries tell us where to find things once the file's
1113 segments are mapped in. We record the addresses it says
1114 verbatim, and later correct for the run-time load address. */
1116 l->l_ld = (void *) ph->p_vaddr;
1117 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
1121 l->l_phdr = (void *) ph->p_vaddr;
1125 /* A load command tells us to map in part of the file.
1126 We record the load commands and process them all later. */
1127 if (__builtin_expect ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0,
1130 errstring = N_("ELF load command alignment not page-aligned");
1133 if (__builtin_expect (((ph->p_vaddr - ph->p_offset)
1134 & (ph->p_align - 1)) != 0, 0))
1137 = N_("ELF load command address/offset not properly aligned");
1141 c = &loadcmds[nloadcmds++];
1142 c->mapstart = ph->p_vaddr & ~(GLRO(dl_pagesize) - 1);
1143 c->mapend = ((ph->p_vaddr + ph->p_filesz + GLRO(dl_pagesize) - 1)
1144 & ~(GLRO(dl_pagesize) - 1));
1145 c->dataend = ph->p_vaddr + ph->p_filesz;
1146 c->allocend = ph->p_vaddr + ph->p_memsz;
1147 c->mapoff = ph->p_offset & ~(GLRO(dl_pagesize) - 1);
1149 /* Determine whether there is a gap between the last segment
1151 if (nloadcmds > 1 && c[-1].mapend != c->mapstart)
1154 /* Optimize a common case. */
1155 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1156 c->prot = (PF_TO_PROT
1157 >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf;
1160 if (ph->p_flags & PF_R)
1161 c->prot |= PROT_READ;
1162 if (ph->p_flags & PF_W)
1163 c->prot |= PROT_WRITE;
1164 if (ph->p_flags & PF_X)
1165 c->prot |= PROT_EXEC;
1170 if (ph->p_memsz == 0)
1171 /* Nothing to do for an empty segment. */
1174 l->l_tls_blocksize = ph->p_memsz;
1175 l->l_tls_align = ph->p_align;
1176 if (ph->p_align == 0)
1177 l->l_tls_firstbyte_offset = 0;
1179 l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1);
1180 l->l_tls_initimage_size = ph->p_filesz;
1181 /* Since we don't know the load address yet only store the
1182 offset. We will adjust it later. */
1183 l->l_tls_initimage = (void *) ph->p_vaddr;
1185 /* If not loading the initial set of shared libraries,
1186 check whether we should permit loading a TLS segment. */
1187 if (__builtin_expect (l->l_type == lt_library, 1)
1188 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1189 not set up TLS data structures, so don't use them now. */
1190 || __builtin_expect (GL(dl_tls_dtv_slotinfo_list) != NULL, 1))
1192 /* Assign the next available module ID. */
1193 l->l_tls_modid = _dl_next_tls_modid ();
1198 if (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0)
1199 /* We are loading the executable itself when the dynamic linker
1200 was executed directly. The setup will happen later. */
1203 # ifdef _LIBC_REENTRANT
1204 /* In a static binary there is no way to tell if we dynamically
1205 loaded libpthread. */
1206 if (GL(dl_error_catch_tsd) == &_dl_initial_error_catch_tsd)
1210 /* We have not yet loaded libpthread.
1211 We can do the TLS setup right now! */
1215 /* The first call allocates TLS bookkeeping data structures.
1216 Then we allocate the TCB for the initial thread. */
1217 if (__builtin_expect (_dl_tls_setup (), 0)
1218 || __builtin_expect ((tcb = _dl_allocate_tls (NULL)) == NULL,
1223 cannot allocate TLS data structures for initial thread");
1227 /* Now we install the TCB in the thread register. */
1228 errstring = TLS_INIT_TP (tcb, 0);
1229 if (__builtin_expect (errstring == NULL, 1))
1231 /* Now we are all good. */
1232 l->l_tls_modid = ++GL(dl_tls_max_dtv_idx);
1236 /* The kernel is too old or somesuch. */
1238 _dl_deallocate_tls (tcb, 1);
1242 /* Uh-oh, the binary expects TLS support but we cannot
1245 errstring = N_("cannot handle TLS data");
1250 stack_flags = ph->p_flags;
1254 l->l_relro_addr = ph->p_vaddr;
1255 l->l_relro_size = ph->p_memsz;
1259 if (__builtin_expect (nloadcmds == 0, 0))
1261 /* This only happens for a bogus object that will be caught with
1262 another error below. But we don't want to go through the
1263 calculations below using NLOADCMDS - 1. */
1264 errstring = N_("object file has no loadable segments");
1268 /* Now process the load commands and map segments into memory. */
1271 /* Length of the sections to be loaded. */
1272 maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart;
1274 if (__builtin_expect (type, ET_DYN) == ET_DYN)
1276 /* This is a position-independent shared object. We can let the
1277 kernel map it anywhere it likes, but we must have space for all
1278 the segments in their specified positions relative to the first.
1279 So we map the first segment without MAP_FIXED, but with its
1280 extent increased to cover all the segments. Then we remove
1281 access from excess portion, and there is known sufficient space
1282 there to remap from the later segments.
1284 As a refinement, sometimes we have an address that we would
1285 prefer to map such objects at; but this is only a preference,
1286 the OS can do whatever it likes. */
1288 mappref = (ELF_PREFERRED_ADDRESS (loader, maplength,
1289 c->mapstart & GLRO(dl_use_load_bias))
1290 - MAP_BASE_ADDR (l));
1292 /* Remember which part of the address space this object uses. */
1293 l->l_map_start = (ElfW(Addr)) __mmap ((void *) mappref, maplength,
1297 if (__builtin_expect ((void *) l->l_map_start == MAP_FAILED, 0))
1300 errstring = N_("failed to map segment from shared object");
1301 goto call_lose_errno;
1304 l->l_map_end = l->l_map_start + maplength;
1305 l->l_addr = l->l_map_start - c->mapstart;
1308 /* Change protection on the excess portion to disallow all access;
1309 the portions we do not remap later will be inaccessible as if
1310 unallocated. Then jump into the normal segment-mapping loop to
1311 handle the portion of the segment past the end of the file
1313 __mprotect ((caddr_t) (l->l_addr + c->mapend),
1314 loadcmds[nloadcmds - 1].mapstart - c->mapend,
1317 l->l_contiguous = 1;
1322 /* This object is loaded at a fixed address. This must never
1323 happen for objects loaded with dlopen(). */
1324 if (__builtin_expect ((mode & __RTLD_OPENEXEC) == 0, 0))
1326 errstring = N_("cannot dynamically load executable");
1330 /* Notify ELF_PREFERRED_ADDRESS that we have to load this one
1332 ELF_FIXED_ADDRESS (loader, c->mapstart);
1335 /* Remember which part of the address space this object uses. */
1336 l->l_map_start = c->mapstart + l->l_addr;
1337 l->l_map_end = l->l_map_start + maplength;
1338 l->l_contiguous = !has_holes;
1340 while (c < &loadcmds[nloadcmds])
1342 if (c->mapend > c->mapstart
1343 /* Map the segment contents from the file. */
1344 && (__mmap ((void *) (l->l_addr + c->mapstart),
1345 c->mapend - c->mapstart, c->prot,
1346 MAP_FIXED|MAP_COPY|MAP_FILE,
1352 if (c->prot & PROT_EXEC)
1353 l->l_text_end = l->l_addr + c->mapend;
1356 && c->mapoff <= header->e_phoff
1357 && ((size_t) (c->mapend - c->mapstart + c->mapoff)
1358 >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr))))
1359 /* Found the program header in this segment. */
1360 l->l_phdr = (void *) (uintptr_t) (c->mapstart + header->e_phoff
1363 if (c->allocend > c->dataend)
1365 /* Extra zero pages should appear at the end of this segment,
1366 after the data mapped from the file. */
1367 ElfW(Addr) zero, zeroend, zeropage;
1369 zero = l->l_addr + c->dataend;
1370 zeroend = l->l_addr + c->allocend;
1371 zeropage = ((zero + GLRO(dl_pagesize) - 1)
1372 & ~(GLRO(dl_pagesize) - 1));
1374 if (zeroend < zeropage)
1375 /* All the extra data is in the last page of the segment.
1376 We can just zero it. */
1379 if (zeropage > zero)
1381 /* Zero the final part of the last page of the segment. */
1382 if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0))
1385 if (__mprotect ((caddr_t) (zero
1386 & ~(GLRO(dl_pagesize) - 1)),
1387 GLRO(dl_pagesize), c->prot|PROT_WRITE) < 0)
1389 errstring = N_("cannot change memory protections");
1390 goto call_lose_errno;
1393 memset ((void *) zero, '\0', zeropage - zero);
1394 if (__builtin_expect ((c->prot & PROT_WRITE) == 0, 0))
1395 __mprotect ((caddr_t) (zero & ~(GLRO(dl_pagesize) - 1)),
1396 GLRO(dl_pagesize), c->prot);
1399 if (zeroend > zeropage)
1401 /* Map the remaining zero pages in from the zero fill FD. */
1403 mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage,
1404 c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED,
1406 if (__builtin_expect (mapat == MAP_FAILED, 0))
1408 errstring = N_("cannot map zero-fill pages");
1409 goto call_lose_errno;
1420 if (__builtin_expect (type == ET_DYN, 0))
1422 errstring = N_("object file has no dynamic section");
1427 l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr);
1429 elf_get_dynamic_info (l, NULL);
1431 /* Make sure we are not dlopen'ing an object that has the
1432 DF_1_NOOPEN flag set. */
1433 if (__builtin_expect (l->l_flags_1 & DF_1_NOOPEN, 0)
1434 && (mode & __RTLD_DLOPEN))
1436 /* We are not supposed to load this object. Free all resources. */
1437 __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start);
1439 if (!l->l_libname->dont_free)
1440 free (l->l_libname);
1442 if (l->l_phdr_allocated)
1443 free ((void *) l->l_phdr);
1445 errstring = N_("shared object cannot be dlopen()ed");
1449 if (l->l_phdr == NULL)
1451 /* The program header is not contained in any of the segments.
1452 We have to allocate memory ourself and copy it over from out
1454 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1455 * sizeof (ElfW(Phdr)));
1458 errstring = N_("cannot allocate memory for program header");
1459 goto call_lose_errno;
1462 l->l_phdr = memcpy (newp, phdr,
1463 (header->e_phnum * sizeof (ElfW(Phdr))));
1464 l->l_phdr_allocated = 1;
1467 /* Adjust the PT_PHDR value by the runtime load address. */
1468 l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr);
1470 if (__builtin_expect ((stack_flags &~ GL(dl_stack_flags)) & PF_X, 0))
1472 if (__builtin_expect (__check_caller (RETURN_ADDRESS (0), allow_ldso),
1475 errstring = N_("invalid caller");
1479 /* The stack is presently not executable, but this module
1480 requires that it be executable. We must change the
1481 protection of the variable which contains the flags used in
1482 the mprotect calls. */
1484 if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN)
1486 const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize);
1487 const size_t s = (uintptr_t) (&__stack_prot + 1) - p;
1489 struct link_map *const m = &GL(dl_rtld_map);
1490 const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr
1492 & -GLRO(dl_pagesize));
1493 if (__builtin_expect (p + s <= relro_end, 1))
1495 /* The variable lies in the region protected by RELRO. */
1496 if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0)
1498 errstring = N_("cannot change memory protections");
1499 goto call_lose_errno;
1501 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1502 __mprotect ((void *) p, s, PROT_READ);
1505 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1509 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1511 #ifdef check_consistency
1512 check_consistency ();
1515 errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
1519 cannot enable executable stack as shared object requires");
1524 /* Adjust the address of the TLS initialization image. */
1525 if (l->l_tls_initimage != NULL)
1526 l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr;
1528 /* We are done mapping in the file. We no longer need the descriptor. */
1529 if (__builtin_expect (__close (fd) != 0, 0))
1531 errstring = N_("cannot close file descriptor");
1532 goto call_lose_errno;
1534 /* Signal that we closed the file. */
1537 if (l->l_type == lt_library && type == ET_EXEC)
1538 l->l_type = lt_executable;
1540 l->l_entry += l->l_addr;
1542 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0))
1543 _dl_debug_printf ("\
1544 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1545 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1546 (int) sizeof (void *) * 2,
1547 (unsigned long int) l->l_ld,
1548 (int) sizeof (void *) * 2,
1549 (unsigned long int) l->l_addr,
1550 (int) sizeof (void *) * 2, maplength,
1551 (int) sizeof (void *) * 2,
1552 (unsigned long int) l->l_entry,
1553 (int) sizeof (void *) * 2,
1554 (unsigned long int) l->l_phdr,
1555 (int) sizeof (void *) * 2, l->l_phnum);
1557 /* Set up the symbol hash table. */
1560 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1561 have to do this for the main map. */
1562 if ((mode & RTLD_DEEPBIND) == 0
1563 && __builtin_expect (l->l_info[DT_SYMBOLIC] != NULL, 0)
1564 && &l->l_searchlist != l->l_scope[0])
1566 /* Create an appropriate searchlist. It contains only this map.
1567 This is the definition of DT_SYMBOLIC in SysVr4. */
1568 l->l_symbolic_searchlist.r_list[0] = l;
1569 l->l_symbolic_searchlist.r_nlist = 1;
1571 /* Now move the existing entries one back. */
1572 memmove (&l->l_scope[1], &l->l_scope[0],
1573 (l->l_scope_max - 1) * sizeof (l->l_scope[0]));
1575 /* Now add the new entry. */
1576 l->l_scope[0] = &l->l_symbolic_searchlist;
1579 /* Remember whether this object must be initialized first. */
1580 if (l->l_flags_1 & DF_1_INITFIRST)
1581 GL(dl_initfirst) = l;
1583 /* Finally the file information. */
1584 l->l_dev = st.st_dev;
1585 l->l_ino = st.st_ino;
1587 /* When we profile the SONAME might be needed for something else but
1588 loading. Add it right away. */
1589 if (__builtin_expect (GLRO(dl_profile) != NULL, 0)
1590 && l->l_info[DT_SONAME] != NULL)
1591 add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB])
1592 + l->l_info[DT_SONAME]->d_un.d_val));
1594 #ifdef DL_AFTER_LOAD
1598 /* Now that the object is fully initialized add it to the object list. */
1599 _dl_add_to_namespace_list (l, nsid);
1602 /* Auditing checkpoint: we have a new object. */
1603 if (__builtin_expect (GLRO(dl_naudit) > 0, 0)
1604 && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing)
1606 struct audit_ifaces *afct = GLRO(dl_audit);
1607 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1609 if (afct->objopen != NULL)
1611 l->l_audit[cnt].bindflags
1612 = afct->objopen (l, nsid, &l->l_audit[cnt].cookie);
1614 l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0;
1625 /* Print search path. */
1627 print_search_path (struct r_search_path_elem **list,
1628 const char *what, const char *name)
1630 char buf[max_dirnamelen + max_capstrlen];
1633 _dl_debug_printf (" search path=");
1635 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1637 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1640 for (cnt = 0; cnt < ncapstr; ++cnt)
1641 if ((*list)->status[cnt] != nonexisting)
1643 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1644 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1649 _dl_debug_printf_c (first ? "%s" : ":%s", buf);
1657 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
1658 DSO_FILENAME (name));
1660 _dl_debug_printf_c ("\t\t(%s)\n", what);
1663 /* Open a file and verify it is an ELF file for this architecture. We
1664 ignore only ELF files for other architectures. Non-ELF files and
1665 ELF files with different header information cause fatal errors since
1666 this could mean there is something wrong in the installation and the
1667 user might want to know about this. */
1669 open_verify (const char *name, struct filebuf *fbp, struct link_map *loader,
1670 int whatcode, bool *found_other_class, bool free_name)
1672 /* This is the expected ELF header. */
1673 #define ELF32_CLASS ELFCLASS32
1674 #define ELF64_CLASS ELFCLASS64
1675 #ifndef VALID_ELF_HEADER
1676 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1677 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1678 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1679 #elif defined MORE_ELF_HEADER_DATA
1680 MORE_ELF_HEADER_DATA;
1682 static const unsigned char expected[EI_NIDENT] =
1684 [EI_MAG0] = ELFMAG0,
1685 [EI_MAG1] = ELFMAG1,
1686 [EI_MAG2] = ELFMAG2,
1687 [EI_MAG3] = ELFMAG3,
1688 [EI_CLASS] = ELFW(CLASS),
1689 [EI_DATA] = byteorder,
1690 [EI_VERSION] = EV_CURRENT,
1691 [EI_OSABI] = ELFOSABI_SYSV,
1696 ElfW(Word) vendorlen;
1700 } expected_note = { 4, 16, 1, "GNU" };
1701 /* Initialize it to make the compiler happy. */
1702 const char *errstring = NULL;
1706 /* Give the auditing libraries a chance. */
1707 if (__builtin_expect (GLRO(dl_naudit) > 0, 0) && whatcode != 0
1708 && loader->l_auditing == 0)
1710 struct audit_ifaces *afct = GLRO(dl_audit);
1711 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1713 if (afct->objsearch != NULL)
1715 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1718 /* Ignore the path. */
1727 /* Open the file. We always open files read-only. */
1728 int fd = __open (name, O_RDONLY | O_CLOEXEC);
1732 ElfW(Phdr) *phdr, *ph;
1733 ElfW(Word) *abi_note;
1734 unsigned int osversion;
1737 /* We successfully openened the file. Now verify it is a file
1741 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1742 /* Read in the header. */
1745 ssize_t retlen = __libc_read (fd, fbp->buf + fbp->len,
1746 sizeof (fbp->buf) - fbp->len);
1751 while (__builtin_expect (fbp->len < sizeof (ElfW(Ehdr)), 0));
1753 /* This is where the ELF header is loaded. */
1754 ehdr = (ElfW(Ehdr) *) fbp->buf;
1756 /* Now run the tests. */
1757 if (__builtin_expect (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)), 0))
1760 errstring = (errval == 0
1761 ? N_("file too short") : N_("cannot read file data"));
1765 char *realname = (char *) name;
1766 name = strdupa (realname);
1769 lose (errval, fd, name, NULL, NULL, errstring, NULL, 0);
1772 /* See whether the ELF header is what we expect. */
1773 if (__builtin_expect (! VALID_ELF_HEADER (ehdr->e_ident, expected,
1775 || !VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1776 ehdr->e_ident[EI_ABIVERSION])
1777 || memcmp (&ehdr->e_ident[EI_PAD],
1779 EI_NIDENT - EI_PAD) != 0,
1782 /* Something is wrong. */
1783 const Elf32_Word *magp = (const void *) ehdr->e_ident;
1785 #if BYTE_ORDER == LITTLE_ENDIAN
1786 ((ELFMAG0 << (EI_MAG0 * 8)) |
1787 (ELFMAG1 << (EI_MAG1 * 8)) |
1788 (ELFMAG2 << (EI_MAG2 * 8)) |
1789 (ELFMAG3 << (EI_MAG3 * 8)))
1791 ((ELFMAG0 << (EI_MAG3 * 8)) |
1792 (ELFMAG1 << (EI_MAG2 * 8)) |
1793 (ELFMAG2 << (EI_MAG1 * 8)) |
1794 (ELFMAG3 << (EI_MAG0 * 8)))
1797 errstring = N_("invalid ELF header");
1798 else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
1800 /* This is not a fatal error. On architectures where
1801 32-bit and 64-bit binaries can be run this might
1803 *found_other_class = true;
1806 else if (ehdr->e_ident[EI_DATA] != byteorder)
1808 if (BYTE_ORDER == BIG_ENDIAN)
1809 errstring = N_("ELF file data encoding not big-endian");
1811 errstring = N_("ELF file data encoding not little-endian");
1813 else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1815 = N_("ELF file version ident does not match current one");
1816 /* XXX We should be able so set system specific versions which are
1818 else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1819 errstring = N_("ELF file OS ABI invalid");
1820 else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1821 ehdr->e_ident[EI_ABIVERSION]))
1822 errstring = N_("ELF file ABI version invalid");
1823 else if (memcmp (&ehdr->e_ident[EI_PAD], &expected[EI_PAD],
1824 EI_NIDENT - EI_PAD) != 0)
1825 errstring = N_("nonzero padding in e_ident");
1827 /* Otherwise we don't know what went wrong. */
1828 errstring = N_("internal error");
1833 if (__builtin_expect (ehdr->e_version, EV_CURRENT) != EV_CURRENT)
1835 errstring = N_("ELF file version does not match current one");
1838 if (! __builtin_expect (elf_machine_matches_host (ehdr), 1))
1840 else if (__builtin_expect (ehdr->e_type, ET_DYN) != ET_DYN
1841 && __builtin_expect (ehdr->e_type, ET_EXEC) != ET_EXEC)
1843 errstring = N_("only ET_DYN and ET_EXEC can be loaded");
1846 else if (__builtin_expect (ehdr->e_phentsize, sizeof (ElfW(Phdr)))
1847 != sizeof (ElfW(Phdr)))
1849 errstring = N_("ELF file's phentsize not the expected size");
1853 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
1854 if (ehdr->e_phoff + maplength <= (size_t) fbp->len)
1855 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1858 phdr = alloca (maplength);
1859 __lseek (fd, ehdr->e_phoff, SEEK_SET);
1860 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1864 errstring = N_("cannot read file data");
1869 /* Check .note.ABI-tag if present. */
1870 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
1871 if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
1873 ElfW(Addr) size = ph->p_filesz;
1875 if (ph->p_offset + size <= (size_t) fbp->len)
1876 abi_note = (void *) (fbp->buf + ph->p_offset);
1879 abi_note = alloca (size);
1880 __lseek (fd, ph->p_offset, SEEK_SET);
1881 if (__libc_read (fd, (void *) abi_note, size) != size)
1885 while (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1887 #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1888 ElfW(Addr) note_size = 3 * sizeof (ElfW(Word))
1889 + ROUND (abi_note[0])
1890 + ROUND (abi_note[1]);
1892 if (size - 32 < note_size)
1898 abi_note = (void *) abi_note + note_size;
1904 osversion = (abi_note[5] & 0xff) * 65536
1905 + (abi_note[6] & 0xff) * 256
1906 + (abi_note[7] & 0xff);
1907 if (abi_note[4] != __ABI_TAG_OS
1908 || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion))
1912 __set_errno (ENOENT);
1923 /* Try to open NAME in one of the directories in *DIRSP.
1924 Return the fd, or -1. If successful, fill in *REALNAME
1925 with the malloc'd full directory name. If it turns out
1926 that none of the directories in *DIRSP exists, *DIRSP is
1927 replaced with (void *) -1, and the old value is free()d
1928 if MAY_FREE_DIRS is true. */
1931 open_path (const char *name, size_t namelen, int secure,
1932 struct r_search_path_struct *sps, char **realname,
1933 struct filebuf *fbp, struct link_map *loader, int whatcode,
1934 bool *found_other_class)
1936 struct r_search_path_elem **dirs = sps->dirs;
1939 const char *current_what = NULL;
1942 if (__builtin_expect (dirs == NULL, 0))
1943 /* We're called before _dl_init_paths when loading the main executable
1944 given on the command line when rtld is run directly. */
1947 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1950 struct r_search_path_elem *this_dir = *dirs;
1957 /* If we are debugging the search for libraries print the path
1958 now if it hasn't happened now. */
1959 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0)
1960 && current_what != this_dir->what)
1962 current_what = this_dir->what;
1963 print_search_path (dirs, current_what, this_dir->where);
1966 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1967 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1969 /* Skip this directory if we know it does not exist. */
1970 if (this_dir->status[cnt] == nonexisting)
1974 ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str,
1979 /* Print name we try if this is wanted. */
1980 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
1981 _dl_debug_printf (" trying file=%s\n", buf);
1983 fd = open_verify (buf, fbp, loader, whatcode, found_other_class,
1985 if (this_dir->status[cnt] == unknown)
1988 this_dir->status[cnt] = existing;
1989 /* Do not update the directory information when loading
1990 auditing code. We must try to disturb the program as
1991 little as possible. */
1992 else if (loader == NULL
1993 || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0)
1995 /* We failed to open machine dependent library. Let's
1996 test whether there is any directory at all. */
1999 buf[buflen - namelen - 1] = '\0';
2001 if (__xstat64 (_STAT_VER, buf, &st) != 0
2002 || ! S_ISDIR (st.st_mode))
2003 /* The directory does not exist or it is no directory. */
2004 this_dir->status[cnt] = nonexisting;
2006 this_dir->status[cnt] = existing;
2010 /* Remember whether we found any existing directory. */
2011 here_any |= this_dir->status[cnt] != nonexisting;
2013 if (fd != -1 && __builtin_expect (secure, 0)
2014 && INTUSE(__libc_enable_secure))
2016 /* This is an extra security effort to make sure nobody can
2017 preload broken shared objects which are in the trusted
2018 directories and so exploit the bugs. */
2021 if (__fxstat64 (_STAT_VER, fd, &st) != 0
2022 || (st.st_mode & S_ISUID) == 0)
2024 /* The shared object cannot be tested for being SUID
2025 or this bit is not set. In this case we must not
2029 /* We simply ignore the file, signal this by setting
2030 the error value which would have been set by `open'. */
2038 *realname = (char *) malloc (buflen);
2039 if (*realname != NULL)
2041 memcpy (*realname, buf, buflen);
2046 /* No memory for the name, we certainly won't be able
2047 to load and link it. */
2052 if (here_any && (err = errno) != ENOENT && err != EACCES)
2053 /* The file exists and is readable, but something went wrong. */
2056 /* Remember whether we found anything. */
2059 while (*++dirs != NULL);
2061 /* Remove the whole path if none of the directories exists. */
2062 if (__builtin_expect (! any, 0))
2064 /* Paths which were allocated using the minimal malloc() in ld.so
2065 must not be freed using the general free() in libc. */
2069 /* rtld_search_dirs is attribute_relro, therefore avoid writing
2071 if (sps != &rtld_search_dirs)
2072 sps->dirs = (void *) -1;
2078 /* Map in the shared object file NAME. */
2082 _dl_map_object (struct link_map *loader, const char *name,
2083 int type, int trace_mode, int mode, Lmid_t nsid)
2092 assert (nsid < GL(dl_nns));
2094 /* Look for this name among those already loaded. */
2095 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
2097 /* If the requested name matches the soname of a loaded object,
2098 use that object. Elide this check for names that have not
2100 if (__builtin_expect (l->l_faked, 0) != 0
2101 || __builtin_expect (l->l_removed, 0) != 0)
2103 if (!_dl_name_match_p (name, l))
2107 if (__builtin_expect (l->l_soname_added, 1)
2108 || l->l_info[DT_SONAME] == NULL)
2111 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
2112 + l->l_info[DT_SONAME]->d_un.d_val);
2113 if (strcmp (name, soname) != 0)
2116 /* We have a match on a new name -- cache it. */
2117 add_name_to_object (l, soname);
2118 l->l_soname_added = 1;
2121 /* We have a match. */
2125 /* Display information if we are debugging. */
2126 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)
2128 _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0
2129 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
2130 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
2131 name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns);
2134 /* Give the auditing libraries a chance to change the name before we
2136 if (__builtin_expect (GLRO(dl_naudit) > 0, 0)
2137 && (loader == NULL || loader->l_auditing == 0))
2139 struct audit_ifaces *afct = GLRO(dl_audit);
2140 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
2142 if (afct->objsearch != NULL)
2144 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
2148 /* Do not try anything further. */
2159 /* Will be true if we found a DSO which is of the other ELF class. */
2160 bool found_other_class = false;
2162 if (strchr (name, '/') == NULL)
2164 /* Search for NAME in several places. */
2166 size_t namelen = strlen (name) + 1;
2168 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
2169 _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid);
2173 /* When the object has the RUNPATH information we don't use any
2175 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
2177 /* This is the executable's map (if there is one). Make sure that
2178 we do not look at it twice. */
2179 struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2180 bool did_main_map = false;
2182 /* First try the DT_RPATH of the dependent object that caused NAME
2183 to be loaded. Then that object's dependent, and on up. */
2184 for (l = loader; l; l = l->l_loader)
2185 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2187 fd = open_path (name, namelen, mode & __RTLD_SECURE,
2189 &realname, &fb, loader, LA_SER_RUNPATH,
2190 &found_other_class);
2194 did_main_map |= l == main_map;
2197 /* If dynamically linked, try the DT_RPATH of the executable
2198 itself. NB: we do this for lookups in any namespace. */
2199 if (fd == -1 && !did_main_map
2200 && main_map != NULL && main_map->l_type != lt_loaded
2201 && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
2203 fd = open_path (name, namelen, mode & __RTLD_SECURE,
2204 &main_map->l_rpath_dirs,
2205 &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
2206 &found_other_class);
2209 /* Try the LD_LIBRARY_PATH environment variable. */
2210 if (fd == -1 && env_path_list.dirs != (void *) -1)
2211 fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list,
2213 loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
2214 LA_SER_LIBPATH, &found_other_class);
2216 /* Look at the RUNPATH information for this binary. */
2217 if (fd == -1 && loader != NULL
2218 && cache_rpath (loader, &loader->l_runpath_dirs,
2219 DT_RUNPATH, "RUNPATH"))
2220 fd = open_path (name, namelen, mode & __RTLD_SECURE,
2221 &loader->l_runpath_dirs, &realname, &fb, loader,
2222 LA_SER_RUNPATH, &found_other_class);
2226 && (__builtin_expect (! (mode & __RTLD_SECURE), 1)
2227 || ! INTUSE(__libc_enable_secure))
2228 && __builtin_expect (GLRO(dl_inhibit_cache) == 0, 1))
2230 /* Check the list of libraries in the file /etc/ld.so.cache,
2231 for compatibility with Linux's ldconfig program. */
2232 const char *cached = _dl_load_cache_lookup (name);
2237 // XXX Correct to unconditionally default to namespace 0?
2239 ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded
2240 ?: &GL(dl_rtld_map));
2245 /* If the loader has the DF_1_NODEFLIB flag set we must not
2246 use a cache entry from any of these directories. */
2249 /* 'l' is always != NULL for dynamically linked objects. */
2252 __builtin_expect (l->l_flags_1 & DF_1_NODEFLIB, 0))
2254 const char *dirp = system_dirs;
2255 unsigned int cnt = 0;
2259 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
2261 /* The prefix matches. Don't use the entry. */
2266 dirp += system_dirs_len[cnt] + 1;
2269 while (cnt < nsystem_dirs_len);
2274 fd = open_verify (cached,
2275 &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded,
2276 LA_SER_CONFIG, &found_other_class, false);
2277 if (__builtin_expect (fd != -1, 1))
2279 realname = local_strdup (cached);
2280 if (realname == NULL)
2291 /* Finally, try the default path. */
2293 && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
2294 || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
2295 && rtld_search_dirs.dirs != (void *) -1)
2296 fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs,
2297 &realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
2299 /* Add another newline when we are tracing the library loading. */
2300 if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_LIBS, 0))
2301 _dl_debug_printf ("\n");
2305 /* The path may contain dynamic string tokens. */
2307 ? expand_dynamic_string_token (loader, name, 0)
2308 : local_strdup (name));
2309 if (realname == NULL)
2313 fd = open_verify (realname, &fb,
2314 loader ?: GL(dl_ns)[nsid]._ns_loaded, 0,
2315 &found_other_class, true);
2316 if (__builtin_expect (fd, 0) == -1)
2324 /* In case the LOADER information has only been provided to get to
2325 the appropriate RUNPATH/RPATH information we do not need it
2327 if (mode & __RTLD_CALLMAP)
2330 if (__builtin_expect (fd, 0) == -1)
2333 && __builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_PRELINK, 0) == 0)
2335 /* We haven't found an appropriate library. But since we
2336 are only interested in the list of libraries this isn't
2337 so severe. Fake an entry with all the information we
2339 static const Elf_Symndx dummy_bucket = STN_UNDEF;
2341 /* Allocate a new object map. */
2342 if ((name_copy = local_strdup (name)) == NULL
2343 || (l = _dl_new_object (name_copy, name, type, loader,
2344 mode, nsid)) == NULL)
2347 _dl_signal_error (ENOMEM, name, NULL,
2348 N_("cannot create shared object descriptor"));
2350 /* Signal that this is a faked entry. */
2352 /* Since the descriptor is initialized with zero we do not
2354 l->l_reserved = 0; */
2355 l->l_buckets = &dummy_bucket;
2359 /* Enter the object in the object list. */
2360 _dl_add_to_namespace_list (l, nsid);
2364 else if (found_other_class)
2365 _dl_signal_error (0, name, NULL,
2366 ELFW(CLASS) == ELFCLASS32
2367 ? N_("wrong ELF class: ELFCLASS64")
2368 : N_("wrong ELF class: ELFCLASS32"));
2370 _dl_signal_error (errno, name, NULL,
2371 N_("cannot open shared object file"));
2374 void *stack_end = __libc_stack_end;
2375 return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode,
2382 _dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting)
2390 unsigned int idx = 0;
2391 char *allocptr = (char *) &si->dls_serpath[si->dls_cnt];
2392 void add_path (const struct r_search_path_struct *sps, unsigned int flags)
2393 # define add_path(sps, flags) add_path(sps, 0) /* XXX */
2395 if (sps->dirs != (void *) -1)
2397 struct r_search_path_elem **dirs = sps->dirs;
2400 const struct r_search_path_elem *const r = *dirs++;
2404 si->dls_size += MAX (2, r->dirnamelen);
2408 Dl_serpath *const sp = &si->dls_serpath[idx++];
2409 sp->dls_name = allocptr;
2410 if (r->dirnamelen < 2)
2411 *allocptr++ = r->dirnamelen ? '/' : '.';
2413 allocptr = __mempcpy (allocptr,
2414 r->dirname, r->dirnamelen - 1);
2416 sp->dls_flags = flags;
2419 while (*dirs != NULL);
2423 /* When the object has the RUNPATH information we don't use any RPATHs. */
2424 if (loader->l_info[DT_RUNPATH] == NULL)
2426 /* First try the DT_RPATH of the dependent object that caused NAME
2427 to be loaded. Then that object's dependent, and on up. */
2429 struct link_map *l = loader;
2432 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2433 add_path (&l->l_rpath_dirs, XXX_RPATH);
2438 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2439 if (loader->l_ns == LM_ID_BASE)
2441 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2442 if (l != NULL && l->l_type != lt_loaded && l != loader)
2443 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2444 add_path (&l->l_rpath_dirs, XXX_RPATH);
2448 /* Try the LD_LIBRARY_PATH environment variable. */
2449 add_path (&env_path_list, XXX_ENV);
2451 /* Look at the RUNPATH information for this binary. */
2452 if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH"))
2453 add_path (&loader->l_runpath_dirs, XXX_RUNPATH);
2456 Here is where ld.so.cache gets checked, but we don't have
2457 a way to indicate that in the results for Dl_serinfo. */
2459 /* Finally, try the default path. */
2460 if (!(loader->l_flags_1 & DF_1_NODEFLIB))
2461 add_path (&rtld_search_dirs, XXX_default);
2464 /* Count the struct size before the string area, which we didn't
2465 know before we completed dls_cnt. */
2466 si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si;
projects / platform / upstream / glibc.git / blob