| blob | b8467f37cf514e6dfd176bae18d61b49e4287143 |
1 /* Run time dynamic linker.
2 Copyright (C) 1995-2023 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <errno.h>
20 #include <dlfcn.h>
21 #include <fcntl.h>
22 #include <stdbool.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <unistd.h>
26 #include <sys/mman.h>
27 #include <sys/param.h>
28 #include <sys/stat.h>
29 #include <ldsodefs.h>
30 #include <_itoa.h>
31 #include <entry.h>
32 #include <fpu_control.h>
33 #include <hp-timing.h>
34 #include <libc-lock.h>
35 #include <unsecvars.h>
36 #include <dl-cache.h>
37 #include <dl-osinfo.h>
38 #include <dl-procinfo.h>
39 #include <dl-prop.h>
40 #include <dl-vdso.h>
41 #include <dl-vdso-setup.h>
42 #include <tls.h>
43 #include <stap-probe.h>
44 #include <stackinfo.h>
45 #include <not-cancel.h>
46 #include <array_length.h>
47 #include <libc-early-init.h>
48 #include <dl-main.h>
49 #include <gnu/lib-names.h>
50 #include <dl-tunables.h>
51 #include <get-dynamic-info.h>
52 #include <dl-execve.h>
53 #include <dl-find_object.h>
54 #include <dl-audit-check.h>
55 #include <dl-call_tls_init_tp.h>
57 #include <assert.h>
59 /* This #define produces dynamic linking inline functions for
60 bootstrap relocation instead of general-purpose relocation.
61 Since ld.so must not have any undefined symbols the result
62 is trivial: always the map of ld.so itself. */
63 #define RTLD_BOOTSTRAP
64 #define RESOLVE_MAP(map, scope, sym, version, flags) map
67 /* Must include after <dl-machine.h> for DT_MIPS definition. */
68 #include <dl-debug.h>
70 /* Only enables rtld profiling for architectures which provides non generic
71 hp-timing support. The generic support requires either syscall
72 (clock_gettime), which will incur in extra overhead on loading time.
73 Using vDSO is also an option, but it will require extra support on loader
74 to setup the vDSO pointer before its usage. */
75 #if HP_TIMING_INLINE
76 # define RLTD_TIMING_DECLARE(var, classifier,...) \
77 classifier hp_timing_t var __VA_ARGS__
78 # define RTLD_TIMING_VAR(var) RLTD_TIMING_DECLARE (var, )
79 # define RTLD_TIMING_SET(var, value) (var) = (value)
80 # define RTLD_TIMING_REF(var) &(var)
84 {
86 }
90 {
91 hp_timing_t stop;
94 }
98 {
99 hp_timing_t stop;
102 }
103 #else
104 # define RLTD_TIMING_DECLARE(var, classifier...)
105 # define RTLD_TIMING_SET(var, value)
106 # define RTLD_TIMING_VAR(var)
107 # define RTLD_TIMING_REF(var) 0
108 # define rtld_timer_start(var)
109 # define rtld_timer_stop(var, start)
110 # define rtld_timer_accum(sum, start)
111 #endif
113 /* Avoid PLT use for our local calls at startup. */
116 /* GCC has mental blocks about _exit. */
118 #define _exit exit_internal
120 /* Helper function to handle errors while resolving symbols. */
124 /* Helper function to handle errors when a version is missing. */
128 /* Print the various times we collected. */
131 /* Creates an empty audit list. */
134 /* Add a string to the end of the audit list, for later parsing. Must
135 not be called after audit_list_next. */
138 /* Add the audit strings from the link map, found in the dynamic
139 segment at TG (either DT_AUDIT and DT_DEPAUDIT). Must be called
140 before audit_list_next. */
145 /* Extract the next audit module from the audit list. Only modules
146 for which dso_name_valid_for_suid is true are returned. Must be
147 called after all the audit_list_add_string,
148 audit_list_add_dynamic_tags calls. */
151 /* Initialize *STATE with the defaults. */
154 /* Process all environments variables the dynamic linker must recognize.
155 Since all of them start with `LD_' we are a bit smarter while finding
156 all the entries. */
164 #ifndef THREAD_SET_STACK_GUARD
165 /* Only exported for architectures that don't store the stack guard canary
166 in thread local area. */
168 #endif
170 /* Only exported for architectures that don't store the pointer guard
171 value in thread local area. */
173 #ifndef THREAD_SET_POINTER_GUARD
175 #endif
177 /* Check that AT_SECURE=0, or that the passed name does not contain
178 directories and is not overly long. Reject empty names
179 unconditionally. */
180 static bool
182 {
184 {
185 /* Ignore pathnames with directories for AT_SECURE=1
186 programs, and also skip overlong names. */
190 }
192 }
194 static void
196 {
200 }
202 static void
204 {
205 /* Empty strings do not load anything. */
214 /* Initialize processing of the first string for
215 audit_list_next. */
218 }
220 static void
223 {
228 }
232 {
237 {
238 /* Advance to the next string in audit_strings if the current
239 string has been exhausted. */
241 {
244 {
247 }
249 }
251 /* Split the in-string audit list at the next colon colon. */
254 {
257 }
258 else
259 /* Mark the name as unusable for dso_name_valid_for_suid. */
262 /* Skip over the substring and the following delimiter. */
267 /* If the name is valid, return it. */
271 /* Otherwise wrap around to find the next list element. . */
272 }
273 }
275 /* Count audit modules before they are loaded so GLRO(dl_naudit)
276 is not yet usable. */
277 static size_t
279 {
280 /* Restore the audit_list iterator state at the end. */
286 naudit++;
290 }
292 static void
294 {
305 }
307 #ifndef HAVE_INLINED_SYSCALLS
308 /* Set nonzero during loading and initialization of executable and
309 libraries, cleared before the executable's entry point runs. This
310 must not be initialized to nonzero, because the unused dynamic
311 linker loaded in for libc.so's "ld.so.1" dep will provide the
312 definition seen by libc.so's initializer; that value must be zero,
313 and will be since that dynamic linker's _dl_start and dl_main will
314 never be called. */
317 #endif
319 /* This is the structure which defines all variables global to ld.so
320 (except those which cannot be added for some reason). */
322 {
323 /* Get architecture specific initializer. */
324 #include <dl-procruntime.c>
325 /* Generally the default presumption without further information is an
326 * executable stack but this is not true for all platforms. */
328 #ifdef _LIBC_REENTRANT
332 #endif
335 {
336 #ifdef _LIBC_REENTRANT
339 #endif
340 }
341 };
342 /* If we would use strong_alias here the compiler would see a
343 non-hidden definition. This would undo the effect of the previous
344 declaration. So spell out what strong_alias does plus add the
345 visibility attribute. */
350 /* This variable is similar to _rtld_local, but all values are
351 read-only after relocation. */
353 {
354 /* Get architecture specific initializer. */
355 #include <dl-procinfo.c>
356 #ifdef NEED_DL_SYSINFO
358 #endif
360 #if !HAVE_TUNABLES
362 #endif
368 /* Function pointers. */
378 };
379 /* If we would use strong_alias here the compiler would see a
380 non-hidden definition. This would undo the effect of the previous
381 declaration. So spell out was strong_alias does plus add the
382 visibility attribute. */
390 /* These two variables cannot be moved into .data.rel.ro. */
394 /* Variable for statistics. */
399 /* Additional definitions needed by TLS initialization. */
400 #ifdef TLS_INIT_HELPER
401 TLS_INIT_HELPER
402 #endif
404 /* Helper function for syscall implementation. */
405 #ifdef DL_SYSINFO_IMPLEMENTATION
406 DL_SYSINFO_IMPLEMENTATION
407 #endif
409 /* Before ld.so is relocated we must not access variables which need
410 relocations. This means variables which are exported. Variables
411 declared as static are fine. If we can mark a variable hidden this
412 is fine, too. The latter is important here. We can avoid setting
413 up a temporary link map for ld.so if we can mark _rtld_global as
414 hidden. */
415 #ifndef HIDDEN_VAR_NEEDS_DYNAMIC_RELOC
416 # define DONT_USE_BOOTSTRAP_MAP 1
417 #endif
419 #ifdef DONT_USE_BOOTSTRAP_MAP
421 #else
422 struct dl_start_final_info
423 {
426 };
429 #endif
431 /* These are defined magically by the linker. */
437 #ifdef RTLD_START
438 RTLD_START
439 #else
441 #endif
443 /* This is the second half of _dl_start (below). It can be inlined safely
444 under DONT_USE_BOOTSTRAP_MAP, where it is careful not to make any GOT
445 references. When the tools don't permit us to avoid using a GOT entry
446 for _dl_rtld_global (no attribute_hidden support), we must make sure
447 this function is not inlined (see below). */
449 #ifdef DONT_USE_BOOTSTRAP_MAP
452 #else
455 #endif
456 {
459 /* Do not use an initializer for these members because it would
460 intefere with __rtld_static_init. */
463 /* If it hasn't happen yet record the startup time. */
465 #if !defined DONT_USE_BOOTSTRAP_MAP
467 #endif
469 /* Transfer data about ourselves to the permanent link_map structure. */
470 #ifndef DONT_USE_BOOTSTRAP_MAP
478 #endif
484 /* Copy the TLS related data if necessary. */
485 #ifndef DONT_USE_BOOTSTRAP_MAP
486 # if NO_TLS_OFFSET != 0
488 # endif
489 #endif
491 /* Initialize the stack end variable. */
494 /* Call the OS-dependent function to set up life so we can do things like
495 file access. It will call `dl_main' (below) to do all the real work
496 of the dynamic linker, and then unwind our frame and run the user
497 entry point on the same stack we entered on. */
501 {
505 }
507 #ifndef ELF_MACHINE_START_ADDRESS
508 # define ELF_MACHINE_START_ADDRESS(map, start) (start)
509 #endif
511 }
513 #ifdef DONT_USE_BOOTSTRAP_MAP
514 # define bootstrap_map GL(dl_rtld_map)
515 #else
516 # define bootstrap_map info.l
517 #endif
521 {
522 #ifdef DONT_USE_BOOTSTRAP_MAP
524 #else
527 #endif
529 /* Partly clean the `bootstrap_map' structure up. Don't use
530 `memset' since it might not be built in or inlined and we cannot
531 make function calls at this point. Use '__builtin_memset' if we
532 know it is available. We do not have to clear the memory if we
533 do not have to use the temporary bootstrap_map. Global variables
534 are initialized to zero by default. */
535 #ifndef DONT_USE_BOOTSTRAP_MAP
536 # ifdef HAVE_BUILTIN_MEMSET
538 # else
543 # endif
544 #endif
546 /* Figure out the run-time load address of the dynamic linker itself. */
549 /* Read our own dynamic section and fill in the info array. */
554 #if NO_TLS_OFFSET != 0
556 #endif
558 #ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
560 #endif
563 {
564 /* Relocate ourselves so we can do normal function calls and
565 data access using the global offset table. */
568 }
571 /* Please note that we don't allow profiling of this object and
572 therefore need not test whether we have to allocate the array
573 for the relocation results (as done in dl-reloc.c). */
575 /* Now life is sane; we can call functions and access global data.
576 Set up to use the operating system facilities, and find out from
577 the operating system's program loader where to find the program
578 header table in core. Put the rest of _dl_start into a separate
579 function, that way the compiler cannot put accesses to the GOT
580 before ELF_DYNAMIC_RELOCATE. */
584 #ifdef DONT_USE_BOOTSTRAP_MAP
586 #else
588 #endif
589 }
593 /* Now life is peachy; we can do all normal operations.
594 On to the real work. */
596 /* Some helper functions. */
598 /* Arguments to relocate_doit. */
599 struct relocate_args
600 {
603 };
605 struct map_args
606 {
607 /* Argument to map_doit. */
611 /* Return value of map_doit. */
613 };
615 struct dlmopen_args
616 {
619 };
621 struct lookup_args
622 {
626 };
628 /* Arguments to version_check_doit. */
629 struct version_check_args
630 {
633 };
635 static void
637 {
641 }
643 static void
645 {
650 }
652 static void
654 {
660 __environ);
661 }
663 static void
665 {
674 }
676 static void
678 {
682 /* We cannot start the application. Abort now. */
684 }
689 {
697 /* Should never happen. */
699 }
701 static int
703 {
707 #define VERDEFTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERDEF))
709 /* The file has no symbol versioning. */
715 {
718 /* Compare the version strings. */
720 /* Bingo! */
723 /* If no more definitions we failed to find what we want. */
727 /* Next definition. */
729 }
732 }
738 {
739 /* Number of elements in the static TLS block. */
742 /* Do not do this twice. The audit interface might have required
743 the DTV interfaces to be set up early. */
747 /* Allocate the array which contains the information about the
748 dtv slots. We allocate a few entries more than needed to
749 avoid the need for reallocation. */
752 /* Allocate. */
756 /* No need to check the return value. If memory allocation failed
757 the program would have been terminated. */
763 /* Fill in the information from the loaded modules. No namespace
764 but the base one can be filled at this time. */
770 {
771 /* This is a module with TLS data. Store the map reference.
772 The generation counter is zero. */
774 /* slotinfo[i].gen = 0; */
776 }
779 /* Calculate the size of the static TLS surplus. */
782 /* Compute the TLS offsets for the various blocks. */
785 /* Construct the static TLS block and the dtv for the initial
786 thread. For some platforms this will include allocating memory
787 for the thread descriptor. The memory for the TLS block will
788 never be freed. It should be allocated accordingly. The dtv
789 array can be changed if dynamic loading requires it. */
795 /* Store for detection of the special case by __tls_get_addr
796 so it knows not to pass this dtv to the normal realloc. */
799 /* And finally install it for the main thread. */
804 }
806 static unsigned int
808 {
822 {
826 /* No need to call free, this is still before
827 the libc's malloc is used. */
828 }
830 /* It is no duplicate. */
833 /* Nothing loaded. */
835 }
837 static void
839 {
840 /* Set up the stack checker's canary. */
842 #ifdef THREAD_SET_STACK_GUARD
844 #else
846 #endif
848 /* Set up the pointer guard as well, if necessary. */
849 uintptr_t pointer_chk_guard
851 #ifdef THREAD_SET_POINTER_GUARD
853 #endif
856 /* We do not need the _dl_random value anymore. The less
857 information we leave behind, the better, so clear the
858 variable. */
860 }
862 #include <setup-vdso.h>
864 /* The LD_PRELOAD environment variable gives list of libraries
865 separated by white space or colons that are loaded before the
866 executable's dependencies and prepended to the global scope list.
867 (If the binary is running setuid all elements containing a '/' are
868 ignored since it is insecure.) Return the number of preloads
869 performed. Ditto for --preload command argument. */
870 unsigned int
873 {
879 {
880 /* Split preload list at space/colon. */
883 {
886 }
887 else
890 /* Skip over the substring and the following delimiter. */
897 }
899 }
901 /* Called if the audit DSO cannot be used: if it does not have the
902 appropriate interfaces, or it expects a more recent version library
903 version than what the dynamic linker provides. */
904 static void
906 {
907 #ifndef NDEBUG
909 #endif
912 /* Make sure the namespace has been cleared entirely. */
917 }
919 /* Called to print an error message if loading of an audit module
920 failed. */
921 static void
924 {
930 }
932 /* Load one audit module. */
933 static void
935 {
947 {
950 }
957 {
961 }
965 /* A null symbol indicates that something is very wrong with the
966 loaded object because defined symbols are supposed to have a
967 valid, non-null address. */
972 {
973 /* Only print an error message if debugging because this can
974 happen deliberately. */
981 }
984 {
990 }
993 union
994 {
1001 /* Names of the auditing interfaces. All in one
1002 long string. */
1004 "la_activity\0"
1005 "la_objsearch\0"
1006 "la_objopen\0"
1007 "la_preinit\0"
1008 LA_SYMBIND "\0"
1009 #define STRING(s) __STRING (s)
1015 do
1016 {
1020 /* Store the pointer. */
1023 else
1028 }
1032 /* Now append the new auditing interface to the list. */
1036 else
1039 /* The dynamic linker link map is statically allocated, so the
1040 cookie in _dl_new_object has not happened. */
1046 /* Mark the DSO as being used for auditing. */
1048 }
1050 /* Load all audit modules. */
1051 static void
1053 {
1057 {
1062 }
1064 /* Notify audit modules of the initially loaded modules (the main
1065 program and the dynamic linker itself). */
1067 {
1070 }
1071 }
1073 /* Check if the executable is not actualy dynamically linked, and
1074 invoke it directly in that case. */
1075 static void
1077 {
1078 /* The dynamic loader run against itself. */
1088 /* With DT_NEEDED dependencies, the executable is dynamically
1089 linked. */
1093 /* If the executable has program interpreter, it is dynamically
1094 linked. */
1107 else
1110 }
1112 /* Called to complete the initialization of the link map for the main
1113 executable. Returns true if there is a PT_INTERP segment. */
1114 static bool
1116 {
1117 /* This have already been filled in right after _dl_new_object, or
1118 as part of _dl_map_object. */
1126 /* Perhaps the executable has no PT_LOAD header entries at all. */
1128 /* And it was opened directly. */
1132 /* A PT_LOAD segment at an unexpected address will clear the
1133 l_contiguous flag. The ELF specification says that PT_LOAD
1134 segments need to be sorted in in increasing order, but perhaps
1135 not all executables follow this requirement. Having l_contiguous
1136 equal to 1 is just an optimization, so the code below does not
1137 try to sort the segments in case they are unordered.
1139 There is one corner case in which l_contiguous is not set to 1,
1140 but where it could be set: If a PIE (ET_DYN) binary is loaded by
1141 glibc itself (not the kernel), it is always contiguous due to the
1142 way the glibc loader works. However, the kernel loader may still
1143 create holes in this case, and the code here still uses 0
1144 conservatively for the glibc-loaded case, too. */
1147 /* Scan the program header table for the dynamic section. */
1150 {
1152 /* Find out the load address. */
1156 /* This tells us where to find the dynamic section,
1157 which tells us everything we need to do. */
1162 /* This "interpreter segment" was used by the program loader to
1163 find the program interpreter, which is this program itself, the
1164 dynamic linker. We note what name finds us, so that a future
1165 dlopen call or DT_NEEDED entry, for something that wants to link
1166 against the dynamic linker as a shared library, will know that
1167 the shared object is already loaded. */
1170 /* _dl_rtld_libname.next = NULL; Already zero. */
1173 /* Ordinarilly, we would get additional names for the loader from
1174 our DT_SONAME. This can't happen if we were actually linked as
1175 a static executable (detect this case when we have no DYNAMIC).
1176 If so, assume the filename component of the interpreter path to
1177 be our SONAME, and add it to our name list. */
1179 {
1183 /* Find the filename part of the path. */
1189 {
1191 /* _dl_rtld_libname2.next = NULL; Already zero. */
1193 }
1194 }
1199 {
1203 /* Remember where the main program starts in memory. */
1213 /* Also where it ends. */
1220 /* The next expected address is the page following this load
1221 segment. */
1224 }
1229 {
1230 /* Note that in the case the dynamic linker we duplicate work
1231 here since we read the PT_TLS entry already in
1232 _dl_start_final. But the result is repeatable so do not
1233 check for this special but unimportant case. */
1238 else
1244 /* This image gets the ID one. */
1246 }
1257 }
1258 /* Process program headers again, but scan them backwards so
1259 that PT_NOTE can be skipped if PT_GNU_PROPERTY exits. */
1262 {
1269 }
1271 /* Adjust the address of the TLS initialization image in case
1272 the executable is actually an ET_DYN object. */
1274 main_map->l_tls_initimage
1281 {
1282 /* We were invoked directly, so the program might not have a
1283 PT_INTERP. */
1285 /* _dl_rtld_libname.next = NULL; Already zero. */
1287 }
1288 else
1292 }
1294 /* Adjusts the contents of the stack and related globals for the user
1295 entry point. The ld.so processed skip_args arguments and bumped
1296 _dl_argv and _dl_argc accordingly. Those arguments are removed from
1297 argv here. */
1298 static void
1300 {
1307 /* Sanity check. */
1311 /* Adjust argc on stack. */
1314 /* Update globals in rtld. */
1318 /* Shuffle argv down. */
1319 do
1325 /* Shuffle envp down. */
1326 do
1330 #ifdef HAVE_AUX_VECTOR
1335 /* Shuffle auxv down. */
1339 do
1340 {
1345 }
1347 #endif
1348 }
1350 static void
1355 {
1368 #if !PTHREAD_IN_LIBC
1369 /* The explicit initialization here is cheaper than processing the reloc
1370 in the _rtld_local definition's initializer. */
1372 #endif
1374 /* Process the environment variable which control the behaviour. */
1377 #ifndef HAVE_INLINED_SYSCALLS
1378 /* Set up a flag which tells we are just starting. */
1380 #endif
1384 {
1385 /* Ho ho. We are not the program interpreter! We are the program
1386 itself! This means someone ran ld.so as a command. Well, that
1387 might be convenient to do sometimes. We support it by
1388 interpreting the args like this:
1390 ld.so PROGRAM ARGS...
1392 The first argument is the name of a file containing an ELF
1393 executable we will load and run with the following arguments.
1394 To simplify life here, PROGRAM is searched for using the
1395 normal rules for shared objects, rather than $PATH or anything
1396 like that. We just load it and use its entry point; we don't
1397 pay attention to its PT_INTERP command (we are the interpreter
1398 ourselves). This is an easy way to test a new ld.so before
1399 installing it. */
1405 /* Note the place where the dynamic linker actually came from. */
1410 {
1412 {
1414 /* This means do no dependency analysis. */
1416 }
1420 }
1422 {
1428 }
1430 {
1434 }
1437 {
1443 }
1446 {
1451 }
1453 {
1458 }
1460 {
1464 }
1466 {
1471 }
1474 {
1478 }
1481 {
1485 }
1486 #if HAVE_TUNABLES
1488 {
1493 }
1494 #endif
1496 {
1501 }
1503 {
1507 }
1511 {
1513 /* End of option list. */
1515 else
1516 /* Unrecognized option. */
1518 }
1519 else
1522 #if HAVE_TUNABLES
1524 {
1527 }
1528 #endif
1533 /* If we have no further argument the program was called incorrectly.
1534 Grant the user some education. */
1536 {
1538 /* --help without an executable is not an error. */
1540 else
1542 }
1547 /* The initialization of _dl_stack_flags done below assumes the
1548 executable's PT_GNU_STACK may have been honored by the kernel, and
1549 so a PT_GNU_STACK with PF_X set means the stack started out with
1550 execute permission. However, this is not really true if the
1551 dynamic linker is the executable the kernel loaded. For this
1552 case, we must reinitialize _dl_stack_flags to match the dynamic
1553 linker itself. If the dynamic linker was built with a
1554 PT_GNU_STACK, then the kernel may have loaded us with a
1555 nonexecutable stack that we will have to make executable when we
1556 load the program below unless it has a PT_GNU_STACK indicating
1557 nonexecutable stack is ok. */
1561 {
1564 }
1568 {
1580 {
1581 /* We don't free the returned string, the programs stops
1582 anyway. */
1584 /* Mask the failure to load the main object. The help
1585 message contains less information in this case. */
1587 else
1589 }
1590 }
1591 else
1592 {
1598 }
1600 /* Now the map for the main executable is available. */
1608 /* We overwrite here a pointer to a malloc()ed string. But since
1609 the malloc() implementation used at this point is the dummy
1610 implementations which has no real free() function it does not
1611 makes sense to free the old string first. */
1615 /* Set bit indicating this is the main program map. */
1618 #ifdef HAVE_AUX_VECTOR
1619 /* Adjust the on-stack auxiliary vector so that it looks like the
1620 binary was executed directly. */
1623 {
1636 }
1637 #endif
1639 /* Set the argv[0] string now that we've processed the executable. */
1643 /* Adjust arguments for the application entry point. */
1645 }
1646 else
1647 {
1648 /* Create a link_map for the executable itself.
1649 This will be what dlopen on "" returns. */
1657 /* Even though the link map is not yet fully initialized we can add
1658 it to the map list since there are no possible users running yet. */
1662 /* At this point we are in a bit of trouble. We would have to
1663 fill in the values for l_dev and l_ino. But in general we
1664 do not know where the file is. We also do not handle AT_EXECFD
1665 even if it would be passed up.
1667 We leave the values here defined to 0. This is normally no
1668 problem as the program code itself is normally no shared
1669 object and therefore cannot be loaded dynamically. Nothing
1670 prevent the use of dynamic binaries and in these situations
1671 we might get problems. We might not be able to find out
1672 whether the object is already loaded. But since there is no
1673 easy way out and because the dynamic binary must also not
1674 have an SONAME we ignore this program for now. If it becomes
1675 a problem we can force people using SONAMEs. */
1677 /* We delay initializing the path structure until we got the dynamic
1678 information for the program. */
1679 }
1683 /* If the current libname is different from the SONAME, add the
1684 latter as well. */
1689 {
1698 }
1699 /* The ld.so must be relocated since otherwise loading audit modules
1700 will fail since they reuse the very same ld.so. */
1704 {
1705 /* Extract the contents of the dynamic section for easy access. */
1708 /* If the main map is libc.so, update the base namespace to
1709 refer to this map. If libc.so is loaded later, this happens
1710 in _dl_map_object_from_fd. */
1717 /* Set up our cache of pointers into the hash table. */
1719 }
1722 {
1723 /* We were called just to verify that this is a dynamic
1724 executable using us as the program interpreter. Exit with an
1725 error if we were not able to load the binary or no interpreter
1726 is specified (i.e., this is no dynamically linked binary. */
1731 }
1734 /* Set up the data structures for the system-supplied DSO early,
1735 so they can influence _dl_init_paths. */
1738 /* With vDSO setup we can initialize the function pointers. */
1741 /* Initialize the data structures for the search paths for shared
1742 objects. */
1745 /* Initialize _r_debug_extended. */
1747 LM_ID_BASE);
1750 /* Put the link_map for ourselves on the chain so it can be found by
1751 name. Note that at this point the global chain of link maps contains
1752 exactly one element, which is pointed to by dl_loaded. */
1754 /* If not invoked directly, the dynamic linker shared object file was
1755 found by the PT_INTERP name. */
1763 /* Starting from binutils-2.23, the linker will define the magic symbol
1764 __ehdr_start to point to our own ELF header if it is visible in a
1765 segment that also includes the phdrs. If that's not available, we use
1766 the old method that assumes the beginning of the file is part of the
1767 lowest-addressed PT_LOAD segment. */
1769 /* Set up the program header information for the dynamic linker
1770 itself. It is needed in the dl_iterate_phdr callbacks. */
1781 /* PT_GNU_RELRO is usually the last phdr. */
1785 {
1789 }
1791 /* Add the dynamic linker to the TLS list if it also uses TLS. */
1793 /* Assign a module ID. Do this before loading any audit modules. */
1799 /* At this point, all data has been obtained that is included in the
1800 --help output. */
1804 /* If we have auditing DSOs to load, do it now. */
1807 {
1810 /* Since we start using the auditing DSOs right away we need to
1811 initialize the data structures now. */
1814 /* Initialize security features. We need to do it this early
1815 since otherwise the constructors of the audit libraries will
1816 use different values (especially the pointer guard) and will
1817 fail later on. */
1823 /* The count based on audit strings may overestimate the number
1824 of audit modules that got loaded, but not underestimate. */
1826 }
1828 /* Keep track of the currently loaded modules to count how many
1829 non-audit modules which use TLS are loaded. */
1832 /* Set up debugging before the debugger is notified for the first time. */
1835 /* We start adding objects. */
1840 /* Auditing checkpoint: we are ready to signal that the initial map
1841 is being constructed. */
1844 /* We have two ways to specify objects to preload: via environment
1845 variable and via the file /etc/ld.so.preload. The latter can also
1846 be used when security is enabled. */
1852 {
1858 }
1861 {
1867 }
1869 /* There usually is no ld.so.preload file, it should only be used
1870 for emergencies and testing. So the open call etc should usually
1871 fail. Using access() on a non-existing file is faster than using
1872 open(). So we do this first. If it succeeds we do almost twice
1873 the work but this does not matter, since it is not for production
1874 use. */
1877 {
1878 /* Read the contents of the file. */
1882 {
1883 /* Parse the file. It contains names of libraries to be loaded,
1884 separated by white spaces or `:'. It may also contain
1885 comments introduced by `#'. */
1890 /* Eliminate comments. */
1894 {
1900 do
1903 }
1905 /* We have one problematic case: if we have a name at the end of
1906 the file without a trailing terminating characters, we cannot
1907 place the \0. Handle the case separately. */
1910 {
1919 }
1920 else
1921 {
1924 }
1930 {
1936 }
1939 {
1943 }
1947 /* We don't need the file anymore. */
1949 }
1950 }
1953 {
1954 /* Set up PRELOADS with a vector of the preloaded libraries. */
1958 do
1959 {
1964 }
1966 #ifdef NEED_DL_SYSINFO_DSO
1967 /* Now that the audit modules are opened, call la_objopen for the vDSO. */
1970 #endif
1972 /* Load all the libraries specified by DT_NEEDED entries. If LD_PRELOAD
1973 specified some libraries to load, these are inserted before the actual
1974 dependencies in the executable's searchlist for symbol resolution. */
1975 {
1981 }
1983 /* Mark all objects as being in the global scope. */
1987 /* Remove _dl_rtld_map from the chain. */
1998 {
1999 /* Some DT_NEEDED entry referred to the interpreter object itself, so
2000 put it back in the list of visible objects. We insert it into the
2001 chain in symbol search order because gdb uses the chain's order as
2002 its symbol search order. */
2007 {
2011 #ifdef NEED_DL_SYSINFO_DSO
2016 #endif
2017 }
2018 else
2019 /* In trace mode there might be an invisible object (which we
2020 could not find) after the previous one in the search list.
2021 In this case it doesn't matter much where we put the
2022 interpreter object, so we just initialize the list pointer so
2023 that the assertion below holds. */
2029 {
2032 }
2033 }
2035 /* Now let us see whether all libraries are available in the
2036 versions we need. */
2037 {
2042 }
2044 /* We do not initialize any of the TLS functionality unless any of the
2045 initial modules uses TLS. This makes dynamic loading of modules with
2046 TLS impossible, but to support it requires either eagerly doing setup
2047 now or lazily doing it later. Doing it now makes us incompatible with
2048 an old kernel that can't perform TLS_INIT_TP, even if no TLS is ever
2049 used. Trying to do it lazily is too hairy to try when there could be
2050 multiple threads (from a non-TLS-using libpthread). */
2056 /* Initialize security features. But only if we have not done it
2057 earlier. */
2061 {
2062 /* We were run just to list the shared libraries. It is
2063 important that we do this before real relocation, because the
2064 functions we call below for output may no longer work properly
2065 after relocation. */
2069 {
2070 /* Look through the dependencies of the main executable
2071 and determine which of them is not actually
2072 required. */
2075 /* Relocate the main executable. */
2082 /* This loop depends on the dependencies of the executable to
2083 correspond in number and order to the DT_NEEDED entries. */
2087 {
2089 {
2091 #ifdef NEED_DL_SYSINFO_DSO
2092 /* Skip the VDSO since it's not part of the list
2093 of objects we brought in via DT_NEEDED entries. */
2096 #endif
2098 {
2100 {
2103 }
2106 }
2107 }
2110 }
2113 }
2116 else
2117 {
2121 /* The library was not found. */
2124 /* Print vDSO like libraries without duplicate name. Some
2125 consumers depend of this format. */
2129 else
2135 }
2136 }
2140 {
2143 lookup_t result;
2157 }
2158 else
2159 {
2160 /* If LD_WARN is set, warn about undefined symbols. */
2162 {
2163 /* We have to do symbol dependency testing. */
2172 {
2175 {
2179 }
2180 }
2182 }
2183 #define VERNEEDTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERNEED))
2185 {
2186 /* Print more information. This means here, print information
2187 about the versions needed. */
2192 {
2204 {
2207 }
2212 {
2220 {
2225 needed))
2236 /* No more symbols. */
2239 /* Next symbol. */
2242 }
2245 /* No more dependencies. */
2248 /* Next dependency. */
2250 }
2251 }
2252 }
2253 }
2256 }
2258 /* Now set up the variable which helps the assembler startup code. */
2261 /* Save the information about the original global scope list since
2262 we need it in the memory handling later. */
2265 /* Remember the last search directory added at startup, now that
2266 malloc will no longer be the one from dl-minimal.c. As a side
2267 effect, this marks ld.so as initialized, so that the rtld_active
2268 function returns true from now on. */
2271 /* Print scope information. */
2273 {
2278 }
2282 /* Now we have all the objects loaded. Relocate them all except for
2283 the dynamic linker itself. We do this in reverse order so that copy
2284 relocs of earlier objects overwrite the data written by later
2285 objects. We do not re-relocate the dynamic linker itself in this
2286 loop because that could result in the GOT entries for functions we
2287 call being changed, and that would break us. It is safe to relocate
2288 the dynamic linker out of order because it has no copy relocs (we
2289 know that because it is self-contained). */
2293 /* If we are profiling we also must do lazy reloaction. */
2298 {
2301 {
2304 /* While we are at it, help the memory handling a bit. We have to
2305 mark some data structures as allocated with the fake malloc()
2306 implementation in ld.so. */
2310 {
2313 }
2314 /* Also allocated with the fake malloc(). */
2319 consider_profiling);
2321 /* Add object to slot information data if necessasy. */
2324 }
2325 }
2328 /* Now enable profiling if needed. Like the previous call,
2329 this has to go here because the calls it makes should use the
2330 rtld versions of the functions (particularly calloc()), but it
2331 needs to have _dl_profile_map set up by the relocator. */
2333 /* We must prepare the profiling. */
2340 /* Now that we have completed relocation, the initializer data
2341 for the TLS blocks has its final values and we can copy them
2342 into the main thread's TLS area, which we allocated above.
2343 Note: thread-local variables must only be accessed after completing
2344 the next step. */
2347 /* And finally install it for the main thread. */
2351 /* Make sure no new search directories have been added. */
2355 {
2356 /* There was an explicit ref to the dynamic linker as a shared lib.
2357 Re-relocate ourselves with user-controlled symbol definitions.
2359 We must do this after TLS initialization in case after this
2360 re-relocation, we might call a user-supplied function
2361 (e.g. calloc from _dl_relocate_object) that uses TLS data. */
2363 /* Set up the object lookup structures. */
2366 /* The malloc implementation has been relocated, so resolving
2367 its symbols (and potentially calling IFUNC resolvers) is safe
2368 at this point. */
2371 /* Likewise for the locking implementation. */
2377 /* Mark the link map as not yet relocated again. */
2382 }
2384 /* Relocation is complete. Perform early libc initialization. This
2385 is the initial libc, even if audit modules have been loaded with
2386 other libcs. */
2389 /* Do any necessary cleanups for the startup OS interface code.
2390 We do these now so that no calls are made after rtld re-relocation
2391 which might be resolved to different functions than we expect.
2392 We cannot do this before relocating the other objects because
2393 _dl_relocate_object might need to call `mprotect' for DT_TEXTREL. */
2396 #ifdef SHARED
2397 /* Auditing checkpoint: we have added all objects. */
2399 #endif
2401 /* Notify the debugger all new objects are now ready to go. We must re-get
2402 the address since by now the variable might be in another object. */
2408 #if defined USE_LDCONFIG && !defined MAP_COPY
2409 /* We must munmap() the cache file. */
2411 #endif
2413 /* Once we return, _dl_sysdep_start will invoke
2414 the DT_INIT functions and then *USER_ENTRY. */
2415 }
2416 \f
2417 /* This is a little helper function for resolving symbols while
2418 tracing the binary. */
2419 static void
2422 {
2426 }
2427 \f
2428 /* This is a little helper function for resolving symbols while
2429 tracing the binary. */
2430 static void
2433 {
2436 }
2437 \f
2438 /* Process the string given as the parameter which explains which debugging
2439 options are enabled. */
2440 static void
2442 {
2443 /* When adding new entries make sure that the maximal length of a name
2444 is correctly handled in the LD_DEBUG_HELP code below. */
2445 static const struct
2446 {
2452 {
2453 #define LEN_AND_STR(str) sizeof (str) - 1, str
2467 DL_DEBUG_SCOPES },
2473 DL_DEBUG_STATISTICS },
2475 DL_DEBUG_UNUSED },
2477 DL_DEBUG_HELP },
2478 };
2479 #define ndebopts (sizeof (debopts) / sizeof (debopts[0]))
2481 /* Skip separating white spaces and commas. */
2483 {
2485 {
2496 {
2500 }
2503 {
2504 /* Display a warning and skip everything until next
2505 separator. */
2509 }
2513 }
2516 }
2519 {
2520 /* In order to get an accurate picture of whether a particular
2521 DT_NEEDED entry is actually used we have to process both
2522 the PLT and non-PLT relocation entries. */
2524 }
2527 {
2542 }
2543 }
2544 \f
2545 static void
2547 {
2552 /* This is the default place for profiling data file. */
2557 {
2564 /* This is a "LD_" variable at the end of the string without
2565 a '=' character. Ignore it since otherwise we will access
2566 invalid memory below. */
2570 {
2572 /* Warning level, verbose or not. */
2578 /* Debugging of the dynamic linker? */
2580 {
2583 }
2589 /* Print information about versions. */
2591 {
2594 }
2596 /* List of objects to be preloaded. */
2598 {
2601 }
2603 /* Which shared object shall be profiled. */
2609 /* Do we bind early? */
2611 {
2614 }
2620 /* Test whether we want to see the content of the auxiliary
2621 array passed up from the kernel. */
2627 #if !HAVE_TUNABLES
2629 /* Mask for the important hardware capabilities. */
2634 #endif
2637 /* Path where the binary is found. */
2644 /* The library search path. */
2647 {
2651 }
2653 /* Where to place the profiling data file. */
2655 {
2658 }
2666 /* Where to place the profiling data file. */
2674 /* The mode of the dynamic linker can be set. */
2676 {
2678 state->mode_trace_program
2680 }
2682 }
2683 }
2685 /* Extra security for SUID binaries. Remove all dangerous environment
2686 variables. */
2688 {
2690 do
2691 {
2693 /* We could use rawmemchr but this need not be fast. */
2695 }
2699 {
2700 #if !HAVE_TUNABLES
2702 #endif
2704 }
2708 }
2709 /* If we have to run the dynamic linker in debugging mode and the
2710 LD_DEBUG_OUTPUT environment variable is given, we write the debug
2711 messages to this file. */
2713 {
2726 /* We use standard output if opening the file failed. */
2728 }
2729 }
2731 #if HP_TIMING_INLINE
2732 static void
2734 hp_timing_t total)
2735 {
2742 /* Sets the decimal point. */
2745 {
2748 /* Fall through. */
2751 /* Fall through. */
2755 }
2758 }
2759 #endif
2761 /* Print the various times we collected. */
2762 static void
2765 {
2766 #if HP_TIMING_INLINE
2767 {
2772 cycles);
2775 }
2776 #endif
2780 {
2787 {
2791 num_relative_relocations
2793 #ifndef ELF_MACHINE_REL_RELATIVE
2794 /* Relative relocations are processed on these architectures if
2795 library is loaded to different address than p_vaddr. */
2798 #else
2799 /* On e.g. IA-64 or Alpha, relative relocations are processed
2800 only if library is loaded to different address than p_vaddr. */
2802 #endif
2803 num_relative_relocations
2805 }
2806 }
2813 num_relative_relocations);
2815 #if HP_TIMING_INLINE
2818 #endif
2819 }