1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2014 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
28 #include <bits/wordsize.h>
30 #include <sys/param.h>
32 #include <sys/types.h>
33 #include "dynamic-link.h"
35 #include <stackinfo.h>
38 #include <stap-probe.h>
42 #include <dl-map-segments.h>
43 #include <dl-unmap-segments.h>
44 #include <dl-machine-reject-phdr.h>
48 #if BYTE_ORDER == BIG_ENDIAN
49 # define byteorder ELFDATA2MSB
50 #elif BYTE_ORDER == LITTLE_ENDIAN
51 # define byteorder ELFDATA2LSB
53 # error "Unknown BYTE_ORDER " BYTE_ORDER
54 # define byteorder ELFDATANONE
57 #define STRING(x) __STRING (x)
60 int __stack_prot attribute_hidden attribute_relro
61 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
63 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
70 /* Type for the buffer we put the ELF header and hopefully the program
71 header. This buffer does not really have to be too large. In most
72 cases the program header follows the ELF header directly. If this
73 is not the case all bets are off and we can make the header
74 arbitrarily large and still won't get it read. This means the only
75 question is how large are the ELF and program header combined. The
76 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
77 bytes long. Each program header entry is again 32 and 56 bytes
78 long respectively. I.e., even with a file which has 10 program
79 header entries we only have to read 372B/624B respectively. Add to
80 this a bit of margin for program notes and reading 512B and 832B
81 for 32-bit and 64-bit files respecitvely is enough. If this
82 heuristic should really fail for some file the code in
83 `_dl_map_object_from_fd' knows how to recover. */
88 # define FILEBUF_SIZE 512
90 # define FILEBUF_SIZE 832
92 char buf
[FILEBUF_SIZE
] __attribute__ ((aligned (__alignof (ElfW(Ehdr
)))));
95 /* This is the decomposed LD_LIBRARY_PATH search path. */
96 static struct r_search_path_struct env_path_list attribute_relro
;
98 /* List of the hardware capabilities we might end up using. */
99 static const struct r_strlenpair
*capstr attribute_relro
;
100 static size_t ncapstr attribute_relro
;
101 static size_t max_capstrlen attribute_relro
;
104 /* Get the generated information about the trusted directories. */
105 #include "trusted-dirs.h"
107 static const char system_dirs
[] = SYSTEM_DIRS
;
108 static const size_t system_dirs_len
[] =
112 #define nsystem_dirs_len \
113 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
117 is_trusted_path (const char *path
, size_t len
)
119 const char *trun
= system_dirs
;
121 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
123 if (len
== system_dirs_len
[idx
] && memcmp (trun
, path
, len
) == 0)
127 trun
+= system_dirs_len
[idx
] + 1;
135 is_trusted_path_normalize (const char *path
, size_t len
)
146 char *npath
= (char *) alloca (len
+ 2);
148 while (*path
!= '\0')
154 if (path
[2] == '.' && (path
[3] == '/' || path
[3] == '\0'))
156 while (wnp
> npath
&& *--wnp
!= '/')
161 else if (path
[2] == '/' || path
[2] == '\0')
168 if (wnp
> npath
&& wnp
[-1] == '/')
178 if (wnp
== npath
|| wnp
[-1] != '/')
181 const char *trun
= system_dirs
;
183 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
185 if (wnp
- npath
>= system_dirs_len
[idx
]
186 && memcmp (trun
, npath
, system_dirs_len
[idx
]) == 0)
190 trun
+= system_dirs_len
[idx
] + 1;
198 is_dst (const char *start
, const char *name
, const char *str
,
199 int is_path
, int secure
)
202 bool is_curly
= false;
211 while (name
[len
] == str
[len
] && name
[len
] != '\0')
216 if (name
[len
] != '}')
219 /* Point again at the beginning of the name. */
221 /* Skip over closing curly brace and adjust for the --name. */
224 else if (name
[len
] != '\0' && name
[len
] != '/'
225 && (!is_path
|| name
[len
] != ':'))
228 if (__glibc_unlikely (secure
)
229 && ((name
[len
] != '\0' && name
[len
] != '/'
230 && (!is_path
|| name
[len
] != ':'))
231 || (name
!= start
+ 1 && (!is_path
|| name
[-2] != ':'))))
239 _dl_dst_count (const char *name
, int is_path
)
241 const char *const start
= name
;
248 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
249 is $ORIGIN alone) and it must always appear first in path. */
251 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
252 __libc_enable_secure
)) != 0
253 || (len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0
254 || (len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
257 name
= strchr (name
+ len
, '$');
259 while (name
!= NULL
);
266 _dl_dst_substitute (struct link_map
*l
, const char *name
, char *result
,
269 const char *const start
= name
;
271 /* Now fill the result path. While copying over the string we keep
272 track of the start of the last path element. When we come across
273 a DST we copy over the value or (if the value is not available)
274 leave the entire path element out. */
276 char *last_elem
= result
;
277 bool check_for_trusted
= false;
281 if (__glibc_unlikely (*name
== '$'))
283 const char *repl
= NULL
;
287 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
288 __libc_enable_secure
)) != 0)
291 check_for_trusted
= (__libc_enable_secure
292 && l
->l_type
== lt_executable
);
294 else if ((len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0)
295 repl
= GLRO(dl_platform
);
296 else if ((len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
299 if (repl
!= NULL
&& repl
!= (const char *) -1)
301 wp
= __stpcpy (wp
, repl
);
306 /* We cannot use this path element, the value of the
307 replacement is unknown. */
310 while (*name
!= '\0' && (!is_path
|| *name
!= ':'))
312 /* Also skip following colon if this is the first rpath
313 element, but keep an empty element at the end. */
314 if (wp
== result
&& is_path
&& *name
== ':' && name
[1] != '\0')
318 /* No DST we recognize. */
324 if (is_path
&& *name
== ':')
326 /* In SUID/SGID programs, after $ORIGIN expansion the
327 normalized path must be rooted in one of the trusted
329 if (__glibc_unlikely (check_for_trusted
)
330 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
335 check_for_trusted
= false;
339 while (*name
!= '\0');
341 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
342 path must be rooted in one of the trusted directories. */
343 if (__glibc_unlikely (check_for_trusted
)
344 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
353 /* Return copy of argument with all recognized dynamic string tokens
354 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
355 might not be possible to determine the path from which the object
356 belonging to the map is loaded. In this case the path element
357 containing $ORIGIN is left out. */
359 expand_dynamic_string_token (struct link_map
*l
, const char *s
, int is_path
)
361 /* We make two runs over the string. First we determine how large the
362 resulting string is and then we copy it over. Since this is no
363 frequently executed operation we are looking here not for performance
364 but rather for code size. */
369 /* Determine the number of DST elements. */
370 cnt
= DL_DST_COUNT (s
, is_path
);
372 /* If we do not have to replace anything simply copy the string. */
373 if (__glibc_likely (cnt
== 0))
376 /* Determine the length of the substituted string. */
377 total
= DL_DST_REQUIRED (l
, s
, strlen (s
), cnt
);
379 /* Allocate the necessary memory. */
380 result
= (char *) malloc (total
+ 1);
384 return _dl_dst_substitute (l
, s
, result
, is_path
);
388 /* Add `name' to the list of names for a particular shared object.
389 `name' is expected to have been allocated with malloc and will
390 be freed if the shared object already has this name.
391 Returns false if the object already had this name. */
394 add_name_to_object (struct link_map
*l
, const char *name
)
396 struct libname_list
*lnp
, *lastp
;
397 struct libname_list
*newname
;
401 for (lnp
= l
->l_libname
; lnp
!= NULL
; lastp
= lnp
, lnp
= lnp
->next
)
402 if (strcmp (name
, lnp
->name
) == 0)
405 name_len
= strlen (name
) + 1;
406 newname
= (struct libname_list
*) malloc (sizeof *newname
+ name_len
);
409 /* No more memory. */
410 _dl_signal_error (ENOMEM
, name
, NULL
, N_("cannot allocate name record"));
413 /* The object should have a libname set from _dl_new_object. */
414 assert (lastp
!= NULL
);
416 newname
->name
= memcpy (newname
+ 1, name
, name_len
);
417 newname
->next
= NULL
;
418 newname
->dont_free
= 0;
419 lastp
->next
= newname
;
422 /* Standard search directories. */
423 static struct r_search_path_struct rtld_search_dirs attribute_relro
;
425 static size_t max_dirnamelen
;
427 static struct r_search_path_elem
**
428 fillin_rpath (char *rpath
, struct r_search_path_elem
**result
, const char *sep
,
429 int check_trusted
, const char *what
, const char *where
,
436 while ((cp
= __strsep (&rpath
, sep
)) != NULL
)
438 struct r_search_path_elem
*dirp
;
440 to_free
= cp
= expand_dynamic_string_token (l
, cp
, 1);
442 size_t len
= strlen (cp
);
444 /* `strsep' can pass an empty string. This has to be
445 interpreted as `use the current directory'. */
448 static const char curwd
[] = "./";
452 /* Remove trailing slashes (except for "/"). */
453 while (len
> 1 && cp
[len
- 1] == '/')
456 /* Now add one if there is none so far. */
457 if (len
> 0 && cp
[len
- 1] != '/')
460 /* Make sure we don't use untrusted directories if we run SUID. */
461 if (__glibc_unlikely (check_trusted
) && !is_trusted_path (cp
, len
))
467 /* See if this directory is already known. */
468 for (dirp
= GL(dl_all_dirs
); dirp
!= NULL
; dirp
= dirp
->next
)
469 if (dirp
->dirnamelen
== len
&& memcmp (cp
, dirp
->dirname
, len
) == 0)
474 /* It is available, see whether it's on our own list. */
476 for (cnt
= 0; cnt
< nelems
; ++cnt
)
477 if (result
[cnt
] == dirp
)
481 result
[nelems
++] = dirp
;
486 enum r_dir_status init_val
;
487 size_t where_len
= where
? strlen (where
) + 1 : 0;
489 /* It's a new directory. Create an entry and add it. */
490 dirp
= (struct r_search_path_elem
*)
491 malloc (sizeof (*dirp
) + ncapstr
* sizeof (enum r_dir_status
)
492 + where_len
+ len
+ 1);
494 _dl_signal_error (ENOMEM
, NULL
, NULL
,
495 N_("cannot create cache for search path"));
497 dirp
->dirname
= ((char *) dirp
+ sizeof (*dirp
)
498 + ncapstr
* sizeof (enum r_dir_status
));
499 *((char *) __mempcpy ((char *) dirp
->dirname
, cp
, len
)) = '\0';
500 dirp
->dirnamelen
= len
;
502 if (len
> max_dirnamelen
)
503 max_dirnamelen
= len
;
505 /* We have to make sure all the relative directories are
506 never ignored. The current directory might change and
507 all our saved information would be void. */
508 init_val
= cp
[0] != '/' ? existing
: unknown
;
509 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
510 dirp
->status
[cnt
] = init_val
;
513 if (__glibc_likely (where
!= NULL
))
514 dirp
->where
= memcpy ((char *) dirp
+ sizeof (*dirp
) + len
+ 1
515 + (ncapstr
* sizeof (enum r_dir_status
)),
520 dirp
->next
= GL(dl_all_dirs
);
521 GL(dl_all_dirs
) = dirp
;
523 /* Put it in the result array. */
524 result
[nelems
++] = dirp
;
529 /* Terminate the array. */
530 result
[nelems
] = NULL
;
538 decompose_rpath (struct r_search_path_struct
*sps
,
539 const char *rpath
, struct link_map
*l
, const char *what
)
541 /* Make a copy we can work with. */
542 const char *where
= l
->l_name
;
545 struct r_search_path_elem
**result
;
547 /* Initialize to please the compiler. */
548 const char *errstring
= NULL
;
550 /* First see whether we must forget the RUNPATH and RPATH from this
552 if (__glibc_unlikely (GLRO(dl_inhibit_rpath
) != NULL
)
553 && !__libc_enable_secure
)
555 const char *inhp
= GLRO(dl_inhibit_rpath
);
559 const char *wp
= where
;
561 while (*inhp
== *wp
&& *wp
!= '\0')
567 if (*wp
== '\0' && (*inhp
== '\0' || *inhp
== ':'))
569 /* This object is on the list of objects for which the
570 RUNPATH and RPATH must not be used. */
571 sps
->dirs
= (void *) -1;
575 while (*inhp
!= '\0')
579 while (*inhp
!= '\0');
582 /* Make a writable copy. */
583 copy
= __strdup (rpath
);
586 errstring
= N_("cannot create RUNPATH/RPATH copy");
590 /* Ignore empty rpaths. */
594 sps
->dirs
= (struct r_search_path_elem
**) -1;
598 /* Count the number of necessary elements in the result array. */
600 for (cp
= copy
; *cp
!= '\0'; ++cp
)
604 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
605 number of necessary entries. */
606 result
= (struct r_search_path_elem
**) malloc ((nelems
+ 1 + 1)
611 errstring
= N_("cannot create cache for search path");
613 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
616 fillin_rpath (copy
, result
, ":", 0, what
, where
, l
);
618 /* Free the copied RPATH string. `fillin_rpath' make own copies if
623 /* The caller will change this value if we haven't used a real malloc. */
628 /* Make sure cached path information is stored in *SP
629 and return true if there are any paths to search there. */
631 cache_rpath (struct link_map
*l
,
632 struct r_search_path_struct
*sp
,
636 if (sp
->dirs
== (void *) -1)
639 if (sp
->dirs
!= NULL
)
642 if (l
->l_info
[tag
] == NULL
)
644 /* There is no path. */
645 sp
->dirs
= (void *) -1;
649 /* Make sure the cache information is available. */
650 return decompose_rpath (sp
, (const char *) (D_PTR (l
, l_info
[DT_STRTAB
])
651 + l
->l_info
[tag
]->d_un
.d_val
),
658 _dl_init_paths (const char *llp
)
662 struct r_search_path_elem
*pelem
, **aelem
;
664 struct link_map
__attribute__ ((unused
)) *l
= NULL
;
665 /* Initialize to please the compiler. */
666 const char *errstring
= NULL
;
668 /* Fill in the information about the application's RPATH and the
669 directories addressed by the LD_LIBRARY_PATH environment variable. */
671 /* Get the capabilities. */
672 capstr
= _dl_important_hwcaps (GLRO(dl_platform
), GLRO(dl_platformlen
),
673 &ncapstr
, &max_capstrlen
);
675 /* First set up the rest of the default search directory entries. */
676 aelem
= rtld_search_dirs
.dirs
= (struct r_search_path_elem
**)
677 malloc ((nsystem_dirs_len
+ 1) * sizeof (struct r_search_path_elem
*));
678 if (rtld_search_dirs
.dirs
== NULL
)
680 errstring
= N_("cannot create search path array");
682 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
685 round_size
= ((2 * sizeof (struct r_search_path_elem
) - 1
686 + ncapstr
* sizeof (enum r_dir_status
))
687 / sizeof (struct r_search_path_elem
));
689 rtld_search_dirs
.dirs
[0] = (struct r_search_path_elem
*)
690 malloc ((sizeof (system_dirs
) / sizeof (system_dirs
[0]))
691 * round_size
* sizeof (struct r_search_path_elem
));
692 if (rtld_search_dirs
.dirs
[0] == NULL
)
694 errstring
= N_("cannot create cache for search path");
698 rtld_search_dirs
.malloced
= 0;
699 pelem
= GL(dl_all_dirs
) = rtld_search_dirs
.dirs
[0];
709 pelem
->what
= "system search path";
712 pelem
->dirname
= strp
;
713 pelem
->dirnamelen
= system_dirs_len
[idx
];
714 strp
+= system_dirs_len
[idx
] + 1;
716 /* System paths must be absolute. */
717 assert (pelem
->dirname
[0] == '/');
718 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
719 pelem
->status
[cnt
] = unknown
;
721 pelem
->next
= (++idx
== nsystem_dirs_len
? NULL
: (pelem
+ round_size
));
725 while (idx
< nsystem_dirs_len
);
727 max_dirnamelen
= SYSTEM_DIRS_MAX_LEN
;
731 /* This points to the map of the main object. */
732 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
735 assert (l
->l_type
!= lt_loaded
);
737 if (l
->l_info
[DT_RUNPATH
])
739 /* Allocate room for the search path and fill in information
741 decompose_rpath (&l
->l_runpath_dirs
,
742 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
743 + l
->l_info
[DT_RUNPATH
]->d_un
.d_val
),
745 /* During rtld init the memory is allocated by the stub malloc,
746 prevent any attempt to free it by the normal malloc. */
747 l
->l_runpath_dirs
.malloced
= 0;
749 /* The RPATH is ignored. */
750 l
->l_rpath_dirs
.dirs
= (void *) -1;
754 l
->l_runpath_dirs
.dirs
= (void *) -1;
756 if (l
->l_info
[DT_RPATH
])
758 /* Allocate room for the search path and fill in information
760 decompose_rpath (&l
->l_rpath_dirs
,
761 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
762 + l
->l_info
[DT_RPATH
]->d_un
.d_val
),
764 /* During rtld init the memory is allocated by the stub
765 malloc, prevent any attempt to free it by the normal
767 l
->l_rpath_dirs
.malloced
= 0;
770 l
->l_rpath_dirs
.dirs
= (void *) -1;
775 if (llp
!= NULL
&& *llp
!= '\0')
778 const char *cp
= llp
;
783 size_t cnt
= DL_DST_COUNT (llp
, 1);
784 if (__glibc_likely (cnt
== 0))
785 llp_tmp
= strdupa (llp
);
788 /* Determine the length of the substituted string. */
789 size_t total
= DL_DST_REQUIRED (l
, llp
, strlen (llp
), cnt
);
791 /* Allocate the necessary memory. */
792 llp_tmp
= (char *) alloca (total
+ 1);
793 llp_tmp
= _dl_dst_substitute (l
, llp
, llp_tmp
, 1);
796 llp_tmp
= strdupa (llp
);
799 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
804 if (*cp
== ':' || *cp
== ';')
809 env_path_list
.dirs
= (struct r_search_path_elem
**)
810 malloc ((nllp
+ 1) * sizeof (struct r_search_path_elem
*));
811 if (env_path_list
.dirs
== NULL
)
813 errstring
= N_("cannot create cache for search path");
817 (void) fillin_rpath (llp_tmp
, env_path_list
.dirs
, ":;",
818 __libc_enable_secure
, "LD_LIBRARY_PATH",
821 if (env_path_list
.dirs
[0] == NULL
)
823 free (env_path_list
.dirs
);
824 env_path_list
.dirs
= (void *) -1;
827 env_path_list
.malloced
= 0;
830 env_path_list
.dirs
= (void *) -1;
835 __attribute__ ((noreturn
, noinline
))
836 lose (int code
, int fd
, const char *name
, char *realname
, struct link_map
*l
,
837 const char *msg
, struct r_debug
*r
, Lmid_t nsid
)
839 /* The file might already be closed. */
842 if (l
!= NULL
&& l
->l_origin
!= (char *) -1l)
843 free ((char *) l
->l_origin
);
849 r
->r_state
= RT_CONSISTENT
;
851 LIBC_PROBE (map_failed
, 2, nsid
, r
);
854 _dl_signal_error (code
, name
, NULL
, msg
);
858 /* Map in the shared object NAME, actually located in REALNAME, and already
861 #ifndef EXTERNAL_MAP_FROM_FD
865 _dl_map_object_from_fd (const char *name
, int fd
, struct filebuf
*fbp
,
866 char *realname
, struct link_map
*loader
, int l_type
,
867 int mode
, void **stack_endp
, Lmid_t nsid
)
869 struct link_map
*l
= NULL
;
870 const ElfW(Ehdr
) *header
;
871 const ElfW(Phdr
) *phdr
;
872 const ElfW(Phdr
) *ph
;
876 /* Initialize to keep the compiler happy. */
877 const char *errstring
= NULL
;
879 struct r_debug
*r
= _dl_debug_initialize (0, nsid
);
880 bool make_consistent
= false;
882 /* Get file information. */
883 if (__glibc_unlikely (__fxstat64 (_STAT_VER
, fd
, &st
) < 0))
885 errstring
= N_("cannot stat shared object");
889 lose (errval
, fd
, name
, realname
, l
, errstring
,
890 make_consistent
? r
: NULL
, nsid
);
893 /* Look again to see if the real name matched another already loaded. */
894 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
895 if (l
->l_removed
== 0 && l
->l_ino
== st
.st_ino
&& l
->l_dev
== st
.st_dev
)
897 /* The object is already loaded.
898 Just bump its reference count and return it. */
901 /* If the name is not in the list of names for this object add
904 add_name_to_object (l
, name
);
910 /* When loading into a namespace other than the base one we must
911 avoid loading ld.so since there can only be one copy. Ever. */
912 if (__glibc_unlikely (nsid
!= LM_ID_BASE
)
913 && ((st
.st_ino
== GL(dl_rtld_map
).l_ino
914 && st
.st_dev
== GL(dl_rtld_map
).l_dev
)
915 || _dl_name_match_p (name
, &GL(dl_rtld_map
))))
917 /* This is indeed ld.so. Create a new link_map which refers to
918 the real one for almost everything. */
919 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
923 /* Refer to the real descriptor. */
924 l
->l_real
= &GL(dl_rtld_map
);
926 /* No need to bump the refcount of the real object, ld.so will
927 never be unloaded. */
930 /* Add the map for the mirrored object to the object list. */
931 _dl_add_to_namespace_list (l
, nsid
);
937 if (mode
& RTLD_NOLOAD
)
939 /* We are not supposed to load the object unless it is already
940 loaded. So return now. */
946 /* Print debugging message. */
947 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
948 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name
, nsid
);
950 /* This is the ELF header. We read it in `open_verify'. */
951 header
= (void *) fbp
->buf
;
955 if (_dl_zerofd
== -1)
957 _dl_zerofd
= _dl_sysdep_open_zero_fill ();
958 if (_dl_zerofd
== -1)
962 _dl_signal_error (errno
, NULL
, NULL
,
963 N_("cannot open zero fill device"));
968 /* Signal that we are going to add new objects. */
969 if (r
->r_state
== RT_CONSISTENT
)
972 /* Auditing checkpoint: we are going to add new objects. */
973 if ((mode
& __RTLD_AUDIT
) == 0
974 && __glibc_unlikely (GLRO(dl_naudit
) > 0))
976 struct link_map
*head
= GL(dl_ns
)[nsid
]._ns_loaded
;
977 /* Do not call the functions for any auditing object. */
978 if (head
->l_auditing
== 0)
980 struct audit_ifaces
*afct
= GLRO(dl_audit
);
981 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
983 if (afct
->activity
!= NULL
)
984 afct
->activity (&head
->l_audit
[cnt
].cookie
, LA_ACT_ADD
);
992 /* Notify the debugger we have added some objects. We need to
993 call _dl_debug_initialize in a static program in case dynamic
994 linking has not been used before. */
997 LIBC_PROBE (map_start
, 2, nsid
, r
);
998 make_consistent
= true;
1001 assert (r
->r_state
== RT_ADD
);
1003 /* Enter the new object in the list of loaded objects. */
1004 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
1005 if (__glibc_unlikely (l
== NULL
))
1010 errstring
= N_("cannot create shared object descriptor");
1011 goto call_lose_errno
;
1014 /* Extract the remaining details we need from the ELF header
1015 and then read in the program header table. */
1016 l
->l_entry
= header
->e_entry
;
1017 type
= header
->e_type
;
1018 l
->l_phnum
= header
->e_phnum
;
1020 maplength
= header
->e_phnum
* sizeof (ElfW(Phdr
));
1021 if (header
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1022 phdr
= (void *) (fbp
->buf
+ header
->e_phoff
);
1025 phdr
= alloca (maplength
);
1026 __lseek (fd
, header
->e_phoff
, SEEK_SET
);
1027 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1029 errstring
= N_("cannot read file data");
1030 goto call_lose_errno
;
1034 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1035 * executable. Other platforms default to a nonexecutable stack and don't
1036 * need PT_GNU_STACK to do so. */
1037 uint_fast16_t stack_flags
= DEFAULT_STACK_PERMS
;
1040 /* Scan the program header table, collecting its load commands. */
1041 struct loadcmd loadcmds
[l
->l_phnum
];
1042 size_t nloadcmds
= 0;
1043 bool has_holes
= false;
1045 /* The struct is initialized to zero so this is not necessary:
1049 for (ph
= phdr
; ph
< &phdr
[l
->l_phnum
]; ++ph
)
1052 /* These entries tell us where to find things once the file's
1053 segments are mapped in. We record the addresses it says
1054 verbatim, and later correct for the run-time load address. */
1056 l
->l_ld
= (void *) ph
->p_vaddr
;
1057 l
->l_ldnum
= ph
->p_memsz
/ sizeof (ElfW(Dyn
));
1061 l
->l_phdr
= (void *) ph
->p_vaddr
;
1065 /* A load command tells us to map in part of the file.
1066 We record the load commands and process them all later. */
1067 if (__glibc_unlikely ((ph
->p_align
& (GLRO(dl_pagesize
) - 1)) != 0))
1069 errstring
= N_("ELF load command alignment not page-aligned");
1072 if (__glibc_unlikely (((ph
->p_vaddr
- ph
->p_offset
)
1073 & (ph
->p_align
- 1)) != 0))
1076 = N_("ELF load command address/offset not properly aligned");
1080 struct loadcmd
*c
= &loadcmds
[nloadcmds
++];
1081 c
->mapstart
= ph
->p_vaddr
& ~(GLRO(dl_pagesize
) - 1);
1082 c
->mapend
= ((ph
->p_vaddr
+ ph
->p_filesz
+ GLRO(dl_pagesize
) - 1)
1083 & ~(GLRO(dl_pagesize
) - 1));
1084 c
->dataend
= ph
->p_vaddr
+ ph
->p_filesz
;
1085 c
->allocend
= ph
->p_vaddr
+ ph
->p_memsz
;
1086 c
->mapoff
= ph
->p_offset
& ~(GLRO(dl_pagesize
) - 1);
1088 /* Determine whether there is a gap between the last segment
1090 if (nloadcmds
> 1 && c
[-1].mapend
!= c
->mapstart
)
1093 /* Optimize a common case. */
1094 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1095 c
->prot
= (PF_TO_PROT
1096 >> ((ph
->p_flags
& (PF_R
| PF_W
| PF_X
)) * 4)) & 0xf;
1099 if (ph
->p_flags
& PF_R
)
1100 c
->prot
|= PROT_READ
;
1101 if (ph
->p_flags
& PF_W
)
1102 c
->prot
|= PROT_WRITE
;
1103 if (ph
->p_flags
& PF_X
)
1104 c
->prot
|= PROT_EXEC
;
1109 if (ph
->p_memsz
== 0)
1110 /* Nothing to do for an empty segment. */
1113 l
->l_tls_blocksize
= ph
->p_memsz
;
1114 l
->l_tls_align
= ph
->p_align
;
1115 if (ph
->p_align
== 0)
1116 l
->l_tls_firstbyte_offset
= 0;
1118 l
->l_tls_firstbyte_offset
= ph
->p_vaddr
& (ph
->p_align
- 1);
1119 l
->l_tls_initimage_size
= ph
->p_filesz
;
1120 /* Since we don't know the load address yet only store the
1121 offset. We will adjust it later. */
1122 l
->l_tls_initimage
= (void *) ph
->p_vaddr
;
1124 /* If not loading the initial set of shared libraries,
1125 check whether we should permit loading a TLS segment. */
1126 if (__glibc_likely (l
->l_type
== lt_library
)
1127 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1128 not set up TLS data structures, so don't use them now. */
1129 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list
) != NULL
))
1131 /* Assign the next available module ID. */
1132 l
->l_tls_modid
= _dl_next_tls_modid ();
1137 if (l
->l_prev
== NULL
|| (mode
& __RTLD_AUDIT
) != 0)
1138 /* We are loading the executable itself when the dynamic linker
1139 was executed directly. The setup will happen later. */
1142 # ifdef _LIBC_REENTRANT
1143 /* In a static binary there is no way to tell if we dynamically
1144 loaded libpthread. */
1145 if (GL(dl_error_catch_tsd
) == &_dl_initial_error_catch_tsd
)
1149 /* We have not yet loaded libpthread.
1150 We can do the TLS setup right now! */
1154 /* The first call allocates TLS bookkeeping data structures.
1155 Then we allocate the TCB for the initial thread. */
1156 if (__glibc_unlikely (_dl_tls_setup ())
1157 || __glibc_unlikely ((tcb
= _dl_allocate_tls (NULL
)) == NULL
))
1161 cannot allocate TLS data structures for initial thread");
1165 /* Now we install the TCB in the thread register. */
1166 errstring
= TLS_INIT_TP (tcb
);
1167 if (__glibc_likely (errstring
== NULL
))
1169 /* Now we are all good. */
1170 l
->l_tls_modid
= ++GL(dl_tls_max_dtv_idx
);
1174 /* The kernel is too old or somesuch. */
1176 _dl_deallocate_tls (tcb
, 1);
1180 /* Uh-oh, the binary expects TLS support but we cannot
1183 errstring
= N_("cannot handle TLS data");
1188 stack_flags
= ph
->p_flags
;
1192 l
->l_relro_addr
= ph
->p_vaddr
;
1193 l
->l_relro_size
= ph
->p_memsz
;
1197 if (__glibc_unlikely (nloadcmds
== 0))
1199 /* This only happens for a bogus object that will be caught with
1200 another error below. But we don't want to go through the
1201 calculations below using NLOADCMDS - 1. */
1202 errstring
= N_("object file has no loadable segments");
1206 if (__glibc_unlikely (type
!= ET_DYN
)
1207 && __glibc_unlikely ((mode
& __RTLD_OPENEXEC
) == 0))
1209 /* This object is loaded at a fixed address. This must never
1210 happen for objects loaded with dlopen. */
1211 errstring
= N_("cannot dynamically load executable");
1215 /* Length of the sections to be loaded. */
1216 maplength
= loadcmds
[nloadcmds
- 1].allocend
- loadcmds
[0].mapstart
;
1218 /* Now process the load commands and map segments into memory.
1219 This is responsible for filling in:
1220 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1222 errstring
= _dl_map_segments (l
, fd
, header
, type
, loadcmds
, nloadcmds
,
1223 maplength
, has_holes
, loader
);
1224 if (__glibc_unlikely (errstring
!= NULL
))
1230 if (__glibc_unlikely (type
== ET_DYN
))
1232 errstring
= N_("object file has no dynamic section");
1237 l
->l_ld
= (ElfW(Dyn
) *) ((ElfW(Addr
)) l
->l_ld
+ l
->l_addr
);
1239 elf_get_dynamic_info (l
, NULL
);
1241 /* Make sure we are not dlopen'ing an object that has the
1242 DF_1_NOOPEN flag set. */
1243 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NOOPEN
)
1244 && (mode
& __RTLD_DLOPEN
))
1246 /* We are not supposed to load this object. Free all resources. */
1247 _dl_unmap_segments (l
);
1249 if (!l
->l_libname
->dont_free
)
1250 free (l
->l_libname
);
1252 if (l
->l_phdr_allocated
)
1253 free ((void *) l
->l_phdr
);
1255 errstring
= N_("shared object cannot be dlopen()ed");
1259 if (l
->l_phdr
== NULL
)
1261 /* The program header is not contained in any of the segments.
1262 We have to allocate memory ourself and copy it over from out
1264 ElfW(Phdr
) *newp
= (ElfW(Phdr
) *) malloc (header
->e_phnum
1265 * sizeof (ElfW(Phdr
)));
1268 errstring
= N_("cannot allocate memory for program header");
1269 goto call_lose_errno
;
1272 l
->l_phdr
= memcpy (newp
, phdr
,
1273 (header
->e_phnum
* sizeof (ElfW(Phdr
))));
1274 l
->l_phdr_allocated
= 1;
1277 /* Adjust the PT_PHDR value by the runtime load address. */
1278 l
->l_phdr
= (ElfW(Phdr
) *) ((ElfW(Addr
)) l
->l_phdr
+ l
->l_addr
);
1280 if (__glibc_unlikely ((stack_flags
&~ GL(dl_stack_flags
)) & PF_X
))
1282 if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso
) != 0))
1284 errstring
= N_("invalid caller");
1288 /* The stack is presently not executable, but this module
1289 requires that it be executable. We must change the
1290 protection of the variable which contains the flags used in
1291 the mprotect calls. */
1293 if ((mode
& (__RTLD_DLOPEN
| __RTLD_AUDIT
)) == __RTLD_DLOPEN
)
1295 const uintptr_t p
= (uintptr_t) &__stack_prot
& -GLRO(dl_pagesize
);
1296 const size_t s
= (uintptr_t) (&__stack_prot
+ 1) - p
;
1298 struct link_map
*const m
= &GL(dl_rtld_map
);
1299 const uintptr_t relro_end
= ((m
->l_addr
+ m
->l_relro_addr
1301 & -GLRO(dl_pagesize
));
1302 if (__glibc_likely (p
+ s
<= relro_end
))
1304 /* The variable lies in the region protected by RELRO. */
1305 if (__mprotect ((void *) p
, s
, PROT_READ
|PROT_WRITE
) < 0)
1307 errstring
= N_("cannot change memory protections");
1308 goto call_lose_errno
;
1310 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1311 __mprotect ((void *) p
, s
, PROT_READ
);
1314 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1318 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1320 #ifdef check_consistency
1321 check_consistency ();
1324 errval
= (*GL(dl_make_stack_executable_hook
)) (stack_endp
);
1328 cannot enable executable stack as shared object requires");
1333 /* Adjust the address of the TLS initialization image. */
1334 if (l
->l_tls_initimage
!= NULL
)
1335 l
->l_tls_initimage
= (char *) l
->l_tls_initimage
+ l
->l_addr
;
1337 /* We are done mapping in the file. We no longer need the descriptor. */
1338 if (__glibc_unlikely (__close (fd
) != 0))
1340 errstring
= N_("cannot close file descriptor");
1341 goto call_lose_errno
;
1343 /* Signal that we closed the file. */
1346 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1347 assert (type
!= ET_EXEC
|| l
->l_type
== lt_executable
);
1349 l
->l_entry
+= l
->l_addr
;
1351 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
1352 _dl_debug_printf ("\
1353 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1354 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1355 (int) sizeof (void *) * 2,
1356 (unsigned long int) l
->l_ld
,
1357 (int) sizeof (void *) * 2,
1358 (unsigned long int) l
->l_addr
,
1359 (int) sizeof (void *) * 2, maplength
,
1360 (int) sizeof (void *) * 2,
1361 (unsigned long int) l
->l_entry
,
1362 (int) sizeof (void *) * 2,
1363 (unsigned long int) l
->l_phdr
,
1364 (int) sizeof (void *) * 2, l
->l_phnum
);
1366 /* Set up the symbol hash table. */
1369 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1370 have to do this for the main map. */
1371 if ((mode
& RTLD_DEEPBIND
) == 0
1372 && __glibc_unlikely (l
->l_info
[DT_SYMBOLIC
] != NULL
)
1373 && &l
->l_searchlist
!= l
->l_scope
[0])
1375 /* Create an appropriate searchlist. It contains only this map.
1376 This is the definition of DT_SYMBOLIC in SysVr4. */
1377 l
->l_symbolic_searchlist
.r_list
[0] = l
;
1378 l
->l_symbolic_searchlist
.r_nlist
= 1;
1380 /* Now move the existing entries one back. */
1381 memmove (&l
->l_scope
[1], &l
->l_scope
[0],
1382 (l
->l_scope_max
- 1) * sizeof (l
->l_scope
[0]));
1384 /* Now add the new entry. */
1385 l
->l_scope
[0] = &l
->l_symbolic_searchlist
;
1388 /* Remember whether this object must be initialized first. */
1389 if (l
->l_flags_1
& DF_1_INITFIRST
)
1390 GL(dl_initfirst
) = l
;
1392 /* Finally the file information. */
1393 l
->l_dev
= st
.st_dev
;
1394 l
->l_ino
= st
.st_ino
;
1396 /* When we profile the SONAME might be needed for something else but
1397 loading. Add it right away. */
1398 if (__glibc_unlikely (GLRO(dl_profile
) != NULL
)
1399 && l
->l_info
[DT_SONAME
] != NULL
)
1400 add_name_to_object (l
, ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1401 + l
->l_info
[DT_SONAME
]->d_un
.d_val
));
1403 #ifdef DL_AFTER_LOAD
1407 /* Now that the object is fully initialized add it to the object list. */
1408 _dl_add_to_namespace_list (l
, nsid
);
1411 /* Auditing checkpoint: we have a new object. */
1412 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1413 && !GL(dl_ns
)[l
->l_ns
]._ns_loaded
->l_auditing
)
1415 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1416 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1418 if (afct
->objopen
!= NULL
)
1420 l
->l_audit
[cnt
].bindflags
1421 = afct
->objopen (l
, nsid
, &l
->l_audit
[cnt
].cookie
);
1423 l
->l_audit_any_plt
|= l
->l_audit
[cnt
].bindflags
!= 0;
1434 /* Print search path. */
1436 print_search_path (struct r_search_path_elem
**list
,
1437 const char *what
, const char *name
)
1439 char buf
[max_dirnamelen
+ max_capstrlen
];
1442 _dl_debug_printf (" search path=");
1444 while (*list
!= NULL
&& (*list
)->what
== what
) /* Yes, ==. */
1446 char *endp
= __mempcpy (buf
, (*list
)->dirname
, (*list
)->dirnamelen
);
1449 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
1450 if ((*list
)->status
[cnt
] != nonexisting
)
1452 char *cp
= __mempcpy (endp
, capstr
[cnt
].str
, capstr
[cnt
].len
);
1453 if (cp
== buf
|| (cp
== buf
+ 1 && buf
[0] == '/'))
1458 _dl_debug_printf_c (first
? "%s" : ":%s", buf
);
1466 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what
,
1467 DSO_FILENAME (name
));
1469 _dl_debug_printf_c ("\t\t(%s)\n", what
);
1472 /* Open a file and verify it is an ELF file for this architecture. We
1473 ignore only ELF files for other architectures. Non-ELF files and
1474 ELF files with different header information cause fatal errors since
1475 this could mean there is something wrong in the installation and the
1476 user might want to know about this. */
1478 open_verify (const char *name
, struct filebuf
*fbp
, struct link_map
*loader
,
1479 int whatcode
, int mode
, bool *found_other_class
, bool free_name
)
1481 /* This is the expected ELF header. */
1482 #define ELF32_CLASS ELFCLASS32
1483 #define ELF64_CLASS ELFCLASS64
1484 #ifndef VALID_ELF_HEADER
1485 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1486 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1487 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1488 #elif defined MORE_ELF_HEADER_DATA
1489 MORE_ELF_HEADER_DATA
;
1491 static const unsigned char expected
[EI_NIDENT
] =
1493 [EI_MAG0
] = ELFMAG0
,
1494 [EI_MAG1
] = ELFMAG1
,
1495 [EI_MAG2
] = ELFMAG2
,
1496 [EI_MAG3
] = ELFMAG3
,
1497 [EI_CLASS
] = ELFW(CLASS
),
1498 [EI_DATA
] = byteorder
,
1499 [EI_VERSION
] = EV_CURRENT
,
1500 [EI_OSABI
] = ELFOSABI_SYSV
,
1505 ElfW(Word
) vendorlen
;
1509 } expected_note
= { 4, 16, 1, "GNU" };
1510 /* Initialize it to make the compiler happy. */
1511 const char *errstring
= NULL
;
1515 /* Give the auditing libraries a chance. */
1516 if (__glibc_unlikely (GLRO(dl_naudit
) > 0) && whatcode
!= 0
1517 && loader
->l_auditing
== 0)
1519 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1520 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1522 if (afct
->objsearch
!= NULL
)
1524 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1527 /* Ignore the path. */
1536 /* Open the file. We always open files read-only. */
1537 int fd
= __open (name
, O_RDONLY
| O_CLOEXEC
);
1541 ElfW(Phdr
) *phdr
, *ph
;
1542 ElfW(Word
) *abi_note
;
1543 unsigned int osversion
;
1546 /* We successfully opened the file. Now verify it is a file
1550 assert (sizeof (fbp
->buf
) > sizeof (ElfW(Ehdr
)));
1551 /* Read in the header. */
1554 ssize_t retlen
= __libc_read (fd
, fbp
->buf
+ fbp
->len
,
1555 sizeof (fbp
->buf
) - fbp
->len
);
1560 while (__glibc_unlikely (fbp
->len
< sizeof (ElfW(Ehdr
))));
1562 /* This is where the ELF header is loaded. */
1563 ehdr
= (ElfW(Ehdr
) *) fbp
->buf
;
1565 /* Now run the tests. */
1566 if (__glibc_unlikely (fbp
->len
< (ssize_t
) sizeof (ElfW(Ehdr
))))
1569 errstring
= (errval
== 0
1570 ? N_("file too short") : N_("cannot read file data"));
1574 char *realname
= (char *) name
;
1575 name
= strdupa (realname
);
1578 lose (errval
, fd
, name
, NULL
, NULL
, errstring
, NULL
, 0);
1581 /* See whether the ELF header is what we expect. */
1582 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr
->e_ident
, expected
,
1584 || !VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1585 ehdr
->e_ident
[EI_ABIVERSION
])
1586 || memcmp (&ehdr
->e_ident
[EI_PAD
],
1588 EI_NIDENT
- EI_PAD
) != 0))
1590 /* Something is wrong. */
1591 const Elf32_Word
*magp
= (const void *) ehdr
->e_ident
;
1593 #if BYTE_ORDER == LITTLE_ENDIAN
1594 ((ELFMAG0
<< (EI_MAG0
* 8)) |
1595 (ELFMAG1
<< (EI_MAG1
* 8)) |
1596 (ELFMAG2
<< (EI_MAG2
* 8)) |
1597 (ELFMAG3
<< (EI_MAG3
* 8)))
1599 ((ELFMAG0
<< (EI_MAG3
* 8)) |
1600 (ELFMAG1
<< (EI_MAG2
* 8)) |
1601 (ELFMAG2
<< (EI_MAG1
* 8)) |
1602 (ELFMAG3
<< (EI_MAG0
* 8)))
1605 errstring
= N_("invalid ELF header");
1606 else if (ehdr
->e_ident
[EI_CLASS
] != ELFW(CLASS
))
1608 /* This is not a fatal error. On architectures where
1609 32-bit and 64-bit binaries can be run this might
1611 *found_other_class
= true;
1614 else if (ehdr
->e_ident
[EI_DATA
] != byteorder
)
1616 if (BYTE_ORDER
== BIG_ENDIAN
)
1617 errstring
= N_("ELF file data encoding not big-endian");
1619 errstring
= N_("ELF file data encoding not little-endian");
1621 else if (ehdr
->e_ident
[EI_VERSION
] != EV_CURRENT
)
1623 = N_("ELF file version ident does not match current one");
1624 /* XXX We should be able so set system specific versions which are
1626 else if (!VALID_ELF_OSABI (ehdr
->e_ident
[EI_OSABI
]))
1627 errstring
= N_("ELF file OS ABI invalid");
1628 else if (!VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1629 ehdr
->e_ident
[EI_ABIVERSION
]))
1630 errstring
= N_("ELF file ABI version invalid");
1631 else if (memcmp (&ehdr
->e_ident
[EI_PAD
], &expected
[EI_PAD
],
1632 EI_NIDENT
- EI_PAD
) != 0)
1633 errstring
= N_("nonzero padding in e_ident");
1635 /* Otherwise we don't know what went wrong. */
1636 errstring
= N_("internal error");
1641 if (__glibc_unlikely (ehdr
->e_version
!= EV_CURRENT
))
1643 errstring
= N_("ELF file version does not match current one");
1646 if (! __glibc_likely (elf_machine_matches_host (ehdr
)))
1648 else if (__glibc_unlikely (ehdr
->e_type
!= ET_DYN
1649 && ehdr
->e_type
!= ET_EXEC
))
1651 errstring
= N_("only ET_DYN and ET_EXEC can be loaded");
1654 else if (__glibc_unlikely (ehdr
->e_type
== ET_EXEC
1655 && (mode
& __RTLD_OPENEXEC
) == 0))
1657 /* BZ #16634. It is an error to dlopen ET_EXEC (unless
1658 __RTLD_OPENEXEC is explicitly set). We return error here
1659 so that code in _dl_map_object_from_fd does not try to set
1660 l_tls_modid for this module. */
1662 errstring
= N_("cannot dynamically load executable");
1665 else if (__glibc_unlikely (ehdr
->e_phentsize
!= sizeof (ElfW(Phdr
))))
1667 errstring
= N_("ELF file's phentsize not the expected size");
1671 maplength
= ehdr
->e_phnum
* sizeof (ElfW(Phdr
));
1672 if (ehdr
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1673 phdr
= (void *) (fbp
->buf
+ ehdr
->e_phoff
);
1676 phdr
= alloca (maplength
);
1677 __lseek (fd
, ehdr
->e_phoff
, SEEK_SET
);
1678 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1682 errstring
= N_("cannot read file data");
1687 if (__glibc_unlikely (elf_machine_reject_phdr_p
1688 (phdr
, ehdr
->e_phnum
, fbp
->buf
, fbp
->len
,
1692 /* Check .note.ABI-tag if present. */
1693 for (ph
= phdr
; ph
< &phdr
[ehdr
->e_phnum
]; ++ph
)
1694 if (ph
->p_type
== PT_NOTE
&& ph
->p_filesz
>= 32 && ph
->p_align
>= 4)
1696 ElfW(Addr
) size
= ph
->p_filesz
;
1698 if (ph
->p_offset
+ size
<= (size_t) fbp
->len
)
1699 abi_note
= (void *) (fbp
->buf
+ ph
->p_offset
);
1702 abi_note
= alloca (size
);
1703 __lseek (fd
, ph
->p_offset
, SEEK_SET
);
1704 if (__libc_read (fd
, (void *) abi_note
, size
) != size
)
1708 while (memcmp (abi_note
, &expected_note
, sizeof (expected_note
)))
1710 #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1711 ElfW(Addr
) note_size
= 3 * sizeof (ElfW(Word
))
1712 + ROUND (abi_note
[0])
1713 + ROUND (abi_note
[1]);
1715 if (size
- 32 < note_size
)
1721 abi_note
= (void *) abi_note
+ note_size
;
1727 osversion
= (abi_note
[5] & 0xff) * 65536
1728 + (abi_note
[6] & 0xff) * 256
1729 + (abi_note
[7] & 0xff);
1730 if (abi_note
[4] != __ABI_TAG_OS
1731 || (GLRO(dl_osversion
) && GLRO(dl_osversion
) < osversion
))
1735 __set_errno (ENOENT
);
1746 /* Try to open NAME in one of the directories in *DIRSP.
1747 Return the fd, or -1. If successful, fill in *REALNAME
1748 with the malloc'd full directory name. If it turns out
1749 that none of the directories in *DIRSP exists, *DIRSP is
1750 replaced with (void *) -1, and the old value is free()d
1751 if MAY_FREE_DIRS is true. */
1754 open_path (const char *name
, size_t namelen
, int mode
,
1755 struct r_search_path_struct
*sps
, char **realname
,
1756 struct filebuf
*fbp
, struct link_map
*loader
, int whatcode
,
1757 bool *found_other_class
)
1759 struct r_search_path_elem
**dirs
= sps
->dirs
;
1762 const char *current_what
= NULL
;
1765 if (__glibc_unlikely (dirs
== NULL
))
1766 /* We're called before _dl_init_paths when loading the main executable
1767 given on the command line when rtld is run directly. */
1770 buf
= alloca (max_dirnamelen
+ max_capstrlen
+ namelen
);
1773 struct r_search_path_elem
*this_dir
= *dirs
;
1780 /* If we are debugging the search for libraries print the path
1781 now if it hasn't happened now. */
1782 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
)
1783 && current_what
!= this_dir
->what
)
1785 current_what
= this_dir
->what
;
1786 print_search_path (dirs
, current_what
, this_dir
->where
);
1789 edp
= (char *) __mempcpy (buf
, this_dir
->dirname
, this_dir
->dirnamelen
);
1790 for (cnt
= 0; fd
== -1 && cnt
< ncapstr
; ++cnt
)
1792 /* Skip this directory if we know it does not exist. */
1793 if (this_dir
->status
[cnt
] == nonexisting
)
1797 ((char *) __mempcpy (__mempcpy (edp
, capstr
[cnt
].str
,
1802 /* Print name we try if this is wanted. */
1803 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1804 _dl_debug_printf (" trying file=%s\n", buf
);
1806 fd
= open_verify (buf
, fbp
, loader
, whatcode
, mode
,
1807 found_other_class
, false);
1808 if (this_dir
->status
[cnt
] == unknown
)
1811 this_dir
->status
[cnt
] = existing
;
1812 /* Do not update the directory information when loading
1813 auditing code. We must try to disturb the program as
1814 little as possible. */
1815 else if (loader
== NULL
1816 || GL(dl_ns
)[loader
->l_ns
]._ns_loaded
->l_auditing
== 0)
1818 /* We failed to open machine dependent library. Let's
1819 test whether there is any directory at all. */
1822 buf
[buflen
- namelen
- 1] = '\0';
1824 if (__xstat64 (_STAT_VER
, buf
, &st
) != 0
1825 || ! S_ISDIR (st
.st_mode
))
1826 /* The directory does not exist or it is no directory. */
1827 this_dir
->status
[cnt
] = nonexisting
;
1829 this_dir
->status
[cnt
] = existing
;
1833 /* Remember whether we found any existing directory. */
1834 here_any
|= this_dir
->status
[cnt
] != nonexisting
;
1836 if (fd
!= -1 && __glibc_unlikely (mode
& __RTLD_SECURE
)
1837 && __libc_enable_secure
)
1839 /* This is an extra security effort to make sure nobody can
1840 preload broken shared objects which are in the trusted
1841 directories and so exploit the bugs. */
1844 if (__fxstat64 (_STAT_VER
, fd
, &st
) != 0
1845 || (st
.st_mode
& S_ISUID
) == 0)
1847 /* The shared object cannot be tested for being SUID
1848 or this bit is not set. In this case we must not
1852 /* We simply ignore the file, signal this by setting
1853 the error value which would have been set by `open'. */
1861 *realname
= (char *) malloc (buflen
);
1862 if (*realname
!= NULL
)
1864 memcpy (*realname
, buf
, buflen
);
1869 /* No memory for the name, we certainly won't be able
1870 to load and link it. */
1875 if (here_any
&& (err
= errno
) != ENOENT
&& err
!= EACCES
)
1876 /* The file exists and is readable, but something went wrong. */
1879 /* Remember whether we found anything. */
1882 while (*++dirs
!= NULL
);
1884 /* Remove the whole path if none of the directories exists. */
1885 if (__glibc_unlikely (! any
))
1887 /* Paths which were allocated using the minimal malloc() in ld.so
1888 must not be freed using the general free() in libc. */
1892 /* rtld_search_dirs is attribute_relro, therefore avoid writing
1894 if (sps
!= &rtld_search_dirs
)
1895 sps
->dirs
= (void *) -1;
1901 /* Map in the shared object file NAME. */
1905 _dl_map_object (struct link_map
*loader
, const char *name
,
1906 int type
, int trace_mode
, int mode
, Lmid_t nsid
)
1915 assert (nsid
< GL(dl_nns
));
1917 /* Look for this name among those already loaded. */
1918 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
1920 /* If the requested name matches the soname of a loaded object,
1921 use that object. Elide this check for names that have not
1923 if (__glibc_unlikely ((l
->l_faked
| l
->l_removed
) != 0))
1925 if (!_dl_name_match_p (name
, l
))
1929 if (__glibc_likely (l
->l_soname_added
)
1930 || l
->l_info
[DT_SONAME
] == NULL
)
1933 soname
= ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1934 + l
->l_info
[DT_SONAME
]->d_un
.d_val
);
1935 if (strcmp (name
, soname
) != 0)
1938 /* We have a match on a new name -- cache it. */
1939 add_name_to_object (l
, soname
);
1940 l
->l_soname_added
= 1;
1943 /* We have a match. */
1947 /* Display information if we are debugging. */
1948 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
)
1950 _dl_debug_printf ((mode
& __RTLD_CALLMAP
) == 0
1951 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
1952 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
1953 name
, nsid
, DSO_FILENAME (loader
->l_name
), loader
->l_ns
);
1956 /* Give the auditing libraries a chance to change the name before we
1958 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1959 && (loader
== NULL
|| loader
->l_auditing
== 0))
1961 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1962 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1964 if (afct
->objsearch
!= NULL
)
1966 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1970 /* Do not try anything further. */
1981 /* Will be true if we found a DSO which is of the other ELF class. */
1982 bool found_other_class
= false;
1984 if (strchr (name
, '/') == NULL
)
1986 /* Search for NAME in several places. */
1988 size_t namelen
= strlen (name
) + 1;
1990 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1991 _dl_debug_printf ("find library=%s [%lu]; searching\n", name
, nsid
);
1995 /* When the object has the RUNPATH information we don't use any
1997 if (loader
== NULL
|| loader
->l_info
[DT_RUNPATH
] == NULL
)
1999 /* This is the executable's map (if there is one). Make sure that
2000 we do not look at it twice. */
2001 struct link_map
*main_map
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2002 bool did_main_map
= false;
2004 /* First try the DT_RPATH of the dependent object that caused NAME
2005 to be loaded. Then that object's dependent, and on up. */
2006 for (l
= loader
; l
; l
= l
->l_loader
)
2007 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2009 fd
= open_path (name
, namelen
, mode
,
2011 &realname
, &fb
, loader
, LA_SER_RUNPATH
,
2012 &found_other_class
);
2016 did_main_map
|= l
== main_map
;
2019 /* If dynamically linked, try the DT_RPATH of the executable
2020 itself. NB: we do this for lookups in any namespace. */
2021 if (fd
== -1 && !did_main_map
2022 && main_map
!= NULL
&& main_map
->l_type
!= lt_loaded
2023 && cache_rpath (main_map
, &main_map
->l_rpath_dirs
, DT_RPATH
,
2025 fd
= open_path (name
, namelen
, mode
,
2026 &main_map
->l_rpath_dirs
,
2027 &realname
, &fb
, loader
?: main_map
, LA_SER_RUNPATH
,
2028 &found_other_class
);
2031 /* Try the LD_LIBRARY_PATH environment variable. */
2032 if (fd
== -1 && env_path_list
.dirs
!= (void *) -1)
2033 fd
= open_path (name
, namelen
, mode
, &env_path_list
,
2035 loader
?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
,
2036 LA_SER_LIBPATH
, &found_other_class
);
2038 /* Look at the RUNPATH information for this binary. */
2039 if (fd
== -1 && loader
!= NULL
2040 && cache_rpath (loader
, &loader
->l_runpath_dirs
,
2041 DT_RUNPATH
, "RUNPATH"))
2042 fd
= open_path (name
, namelen
, mode
,
2043 &loader
->l_runpath_dirs
, &realname
, &fb
, loader
,
2044 LA_SER_RUNPATH
, &found_other_class
);
2048 && (__glibc_likely ((mode
& __RTLD_SECURE
) == 0)
2049 || ! __libc_enable_secure
)
2050 && __glibc_likely (GLRO(dl_inhibit_cache
) == 0))
2052 /* Check the list of libraries in the file /etc/ld.so.cache,
2053 for compatibility with Linux's ldconfig program. */
2054 const char *cached
= _dl_load_cache_lookup (name
);
2058 // XXX Correct to unconditionally default to namespace 0?
2060 ?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
2066 /* If the loader has the DF_1_NODEFLIB flag set we must not
2067 use a cache entry from any of these directories. */
2068 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NODEFLIB
))
2070 const char *dirp
= system_dirs
;
2071 unsigned int cnt
= 0;
2075 if (memcmp (cached
, dirp
, system_dirs_len
[cnt
]) == 0)
2077 /* The prefix matches. Don't use the entry. */
2082 dirp
+= system_dirs_len
[cnt
] + 1;
2085 while (cnt
< nsystem_dirs_len
);
2090 fd
= open_verify (cached
,
2091 &fb
, loader
?: GL(dl_ns
)[nsid
]._ns_loaded
,
2092 LA_SER_CONFIG
, mode
, &found_other_class
,
2094 if (__glibc_likely (fd
!= -1))
2096 realname
= __strdup (cached
);
2097 if (realname
== NULL
)
2108 /* Finally, try the default path. */
2110 && ((l
= loader
?: GL(dl_ns
)[nsid
]._ns_loaded
) == NULL
2111 || __glibc_likely (!(l
->l_flags_1
& DF_1_NODEFLIB
)))
2112 && rtld_search_dirs
.dirs
!= (void *) -1)
2113 fd
= open_path (name
, namelen
, mode
, &rtld_search_dirs
,
2114 &realname
, &fb
, l
, LA_SER_DEFAULT
, &found_other_class
);
2116 /* Add another newline when we are tracing the library loading. */
2117 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
2118 _dl_debug_printf ("\n");
2122 /* The path may contain dynamic string tokens. */
2124 ? expand_dynamic_string_token (loader
, name
, 0)
2126 if (realname
== NULL
)
2130 fd
= open_verify (realname
, &fb
,
2131 loader
?: GL(dl_ns
)[nsid
]._ns_loaded
, 0, mode
,
2132 &found_other_class
, true);
2133 if (__glibc_unlikely (fd
== -1))
2141 /* In case the LOADER information has only been provided to get to
2142 the appropriate RUNPATH/RPATH information we do not need it
2144 if (mode
& __RTLD_CALLMAP
)
2147 if (__glibc_unlikely (fd
== -1))
2150 && __glibc_likely ((GLRO(dl_debug_mask
) & DL_DEBUG_PRELINK
) == 0))
2152 /* We haven't found an appropriate library. But since we
2153 are only interested in the list of libraries this isn't
2154 so severe. Fake an entry with all the information we
2156 static const Elf_Symndx dummy_bucket
= STN_UNDEF
;
2158 /* Allocate a new object map. */
2159 if ((name_copy
= __strdup (name
)) == NULL
2160 || (l
= _dl_new_object (name_copy
, name
, type
, loader
,
2161 mode
, nsid
)) == NULL
)
2164 _dl_signal_error (ENOMEM
, name
, NULL
,
2165 N_("cannot create shared object descriptor"));
2167 /* Signal that this is a faked entry. */
2169 /* Since the descriptor is initialized with zero we do not
2171 l->l_reserved = 0; */
2172 l
->l_buckets
= &dummy_bucket
;
2176 /* Enter the object in the object list. */
2177 _dl_add_to_namespace_list (l
, nsid
);
2181 else if (found_other_class
)
2182 _dl_signal_error (0, name
, NULL
,
2183 ELFW(CLASS
) == ELFCLASS32
2184 ? N_("wrong ELF class: ELFCLASS64")
2185 : N_("wrong ELF class: ELFCLASS32"));
2187 _dl_signal_error (errno
, name
, NULL
,
2188 N_("cannot open shared object file"));
2191 void *stack_end
= __libc_stack_end
;
2192 return _dl_map_object_from_fd (name
, fd
, &fb
, realname
, loader
, type
, mode
,
2196 struct add_path_state
2205 add_path (struct add_path_state
*p
, const struct r_search_path_struct
*sps
,
2208 if (sps
->dirs
!= (void *) -1)
2210 struct r_search_path_elem
**dirs
= sps
->dirs
;
2213 const struct r_search_path_elem
*const r
= *dirs
++;
2217 p
->si
->dls_size
+= MAX (2, r
->dirnamelen
);
2221 Dl_serpath
*const sp
= &p
->si
->dls_serpath
[p
->idx
++];
2222 sp
->dls_name
= p
->allocptr
;
2223 if (r
->dirnamelen
< 2)
2224 *p
->allocptr
++ = r
->dirnamelen
? '/' : '.';
2226 p
->allocptr
= __mempcpy (p
->allocptr
,
2227 r
->dirname
, r
->dirnamelen
- 1);
2228 *p
->allocptr
++ = '\0';
2229 sp
->dls_flags
= flags
;
2232 while (*dirs
!= NULL
);
2238 _dl_rtld_di_serinfo (struct link_map
*loader
, Dl_serinfo
*si
, bool counting
)
2246 struct add_path_state p
=
2248 .counting
= counting
,
2251 .allocptr
= (char *) &si
->dls_serpath
[si
->dls_cnt
]
2254 # define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */
2256 /* When the object has the RUNPATH information we don't use any RPATHs. */
2257 if (loader
->l_info
[DT_RUNPATH
] == NULL
)
2259 /* First try the DT_RPATH of the dependent object that caused NAME
2260 to be loaded. Then that object's dependent, and on up. */
2262 struct link_map
*l
= loader
;
2265 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2266 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2271 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2272 if (loader
->l_ns
== LM_ID_BASE
)
2274 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2275 if (l
!= NULL
&& l
->l_type
!= lt_loaded
&& l
!= loader
)
2276 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2277 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2281 /* Try the LD_LIBRARY_PATH environment variable. */
2282 add_path (&p
, &env_path_list
, XXX_ENV
);
2284 /* Look at the RUNPATH information for this binary. */
2285 if (cache_rpath (loader
, &loader
->l_runpath_dirs
, DT_RUNPATH
, "RUNPATH"))
2286 add_path (&p
, &loader
->l_runpath_dirs
, XXX_RUNPATH
);
2289 Here is where ld.so.cache gets checked, but we don't have
2290 a way to indicate that in the results for Dl_serinfo. */
2292 /* Finally, try the default path. */
2293 if (!(loader
->l_flags_1
& DF_1_NODEFLIB
))
2294 add_path (&p
, &rtld_search_dirs
, XXX_default
);
2297 /* Count the struct size before the string area, which we didn't
2298 know before we completed dls_cnt. */
2299 si
->dls_size
+= (char *) &si
->dls_serpath
[si
->dls_cnt
] - (char *) si
;