search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update.
[glibc.git] / elf / dl-load.c
blobd9645e6f54541bb8d88f74d2f69d3fc0f45e204d
1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995, 1996, 1997, 1998, 1999 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Library General Public License as
7 published by the Free Software Foundation; either version 2 of the
8 License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Library General Public License for more details.
14
15 You should have received a copy of the GNU Library General Public
16 License along with the GNU C Library; see the file COPYING.LIB. If not,
17 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA. */
19
20 #include <elf.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <unistd.h>
26 #include <elf/ldsodefs.h>
27 #include <sys/mman.h>
28 #include <sys/param.h>
29 #include <sys/stat.h>
30 #include <sys/types.h>
31 #include "dynamic-link.h"
32 #include <stdio-common/_itoa.h>
33
34 #include <dl-origin.h>
35
36
37 /* On some systems, no flag bits are given to specify file mapping. */
38 #ifndef MAP_FILE
39 #define MAP_FILE 0
40 #endif
41
42 /* The right way to map in the shared library files is MAP_COPY, which
43 makes a virtual copy of the data at the time of the mmap call; this
44 guarantees the mapped pages will be consistent even if the file is
45 overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we
46 get is MAP_PRIVATE, which copies each page when it is modified; this
47 means if the file is overwritten, we may at some point get some pages
48 from the new version after starting with pages from the old version. */
49 #ifndef MAP_COPY
50 #define MAP_COPY MAP_PRIVATE
51 #endif
52
53 /* Some systems link their relocatable objects for another base address
54 than 0. We want to know the base address for these such that we can
55 subtract this address from the segment addresses during mapping.
56 This results in a more efficient address space usage. Defaults to
57 zero for almost all systems. */
58 #ifndef MAP_BASE_ADDR
59 #define MAP_BASE_ADDR(l) 0
60 #endif
61
62
63 #include <endian.h>
64 #if BYTE_ORDER == BIG_ENDIAN
65 #define byteorder ELFDATA2MSB
66 #define byteorder_name "big-endian"
67 #elif BYTE_ORDER == LITTLE_ENDIAN
68 #define byteorder ELFDATA2LSB
69 #define byteorder_name "little-endian"
70 #else
71 #error "Unknown BYTE_ORDER " BYTE_ORDER
72 #define byteorder ELFDATANONE
73 #endif
74
75 #define STRING(x) __STRING (x)
76
77 #ifdef MAP_ANON
78 /* The fd is not examined when using MAP_ANON. */
79 #define ANONFD -1
80 #else
81 int _dl_zerofd = -1;
82 #define ANONFD _dl_zerofd
83 #endif
84
85 /* Handle situations where we have a preferred location in memory for
86 the shared objects. */
87 #ifdef ELF_PREFERRED_ADDRESS_DATA
88 ELF_PREFERRED_ADDRESS_DATA;
89 #endif
90 #ifndef ELF_PREFERRED_ADDRESS
91 #define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref)
92 #endif
93 #ifndef ELF_FIXED_ADDRESS
94 #define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
95 #endif
96
97 size_t _dl_pagesize;
98
99 extern const char *_dl_platform;
100 extern size_t _dl_platformlen;
101
102 /* This is the decomposed LD_LIBRARY_PATH search path. */
103 static struct r_search_path_elem **env_path_list;
104
105 /* List of the hardware capabilities we might end up using. */
106 static const struct r_strlenpair *capstr;
107 static size_t ncapstr;
108 static size_t max_capstrlen;
109
110 const unsigned char _dl_pf_to_prot[8] =
111 {
112 [0] = PROT_NONE,
113 [PF_R] = PROT_READ,
114 [PF_W] = PROT_WRITE,
115 [PF_R | PF_W] = PROT_READ | PROT_WRITE,
116 [PF_X] = PROT_EXEC,
117 [PF_R | PF_X] = PROT_READ | PROT_EXEC,
118 [PF_W | PF_X] = PROT_WRITE | PROT_EXEC,
119 [PF_R | PF_W | PF_X] = PROT_READ | PROT_WRITE | PROT_EXEC
120 };
121
122
123 /* This function has no public prototype. */
124 extern ssize_t __libc_read (int, void *, size_t);
125
126
127 /* Local version of `strdup' function. */
128 static inline char *
129 local_strdup (const char *s)
130 {
131 size_t len = strlen (s) + 1;
132 void *new = malloc (len);
133
134 if (new == NULL)
135 return NULL;
136
137 return (char *) memcpy (new, s, len);
138 }
139
140 /* Return copy of argument with all recognized dynamic string tokens
141 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
142 might not be possible to determine the path from which the object
143 belonging to the map is loaded. In this case the path element
144 containing $ORIGIN is left out. */
145 static char *
146 expand_dynamic_string_token (struct link_map *l, const char *s)
147 {
148 /* We make two runs over the string. First we determine how large the
149 resulting string is and then we copy it over. Since this is now
150 frequently executed operation we are looking here not for performance
151 but rather for code size. */
152 const char *st, *sf;
153 size_t cnt = 0;
154 size_t origin_len;
155 size_t total;
156 char *result, *last_elem, *wp;
157
158 st = s;
159 sf = strchr (s, '$');
160 while (sf != NULL)
161 {
162 size_t len = 1;
163
164 if (((strncmp (&sf[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
165 || (strncmp (&sf[1], "PLATFORM", 8) == 0 && (len = 9) != 0))
166 && (s[len] == '\0' || s[len] == '/' || s[len] == ':'))
167 ++cnt;
168
169 st = sf + len;
170 sf = strchr (st, '$');
171 }
172
173 /* If we do not have to replace anything simply copy the string. */
174 if (cnt == 0)
175 return local_strdup (s);
176
177 /* Now we make a guess how many extra characters on top of the length
178 of S we need to represent the result. We know that we have CNT
179 replacements. Each at most can use
180 MAX (strlen (ORIGIN), strlen (_dl_platform))
181 minus 7 (which is the length of "$ORIGIN").
182
183 First get the origin string if it is not available yet. This can
184 only happen for the map of the executable. */
185 if (l->l_origin == NULL)
186 {
187 assert (l->l_name[0] == '\0');
188 l->l_origin = get_origin ();
189 origin_len = (l->l_origin && l->l_origin != (char *) -1
190 ? strlen (l->l_origin) : 0);
191 }
192 else
193 origin_len = l->l_origin == (char *) -1 ? 0 : strlen (l->l_origin);
194
195 total = strlen (s) + cnt * (MAX (origin_len, _dl_platformlen) - 7);
196 result = (char *) malloc (total + 1);
197 if (result == NULL)
198 return NULL;
199
200 /* Now fill the result path. While copying over the string we keep
201 track of the start of the last path element. When we come accross
202 a DST we copy over the value or (if the value is not available)
203 leave the entire path element out. */
204 last_elem = wp = result;
205 do
206 {
207 if (*s == '$')
208 {
209 const char *repl;
210 size_t len;
211
212 if (((strncmp (&s[1], "ORIGIN", 6) == 0 && (len = 7) != 0)
213 || (strncmp (&s[1], "PLATFORM", 8) == 0 && (len = 9) != 0))
214 && (s[len] == '\0' || s[len] == '/' || s[len] == ':'))
215 {
216 if ((repl = len == 7 ? l->l_origin : _dl_platform) != NULL
217 && repl != (const char *) -1)
218 {
219 wp = __stpcpy (wp, repl);
220 s += len;
221 }
222 else
223 {
224 /* We cannot use this path element, the value of the
225 replacement is unknown. */
226 wp = last_elem;
227 s += len;
228 while (*s != '\0' && *s != ':')
229 ++s;
230 }
231 }
232 else
233 /* No SDK we recognize. */
234 *wp++ = *s++;
235 }
236 else if (*s == ':')
237 {
238 *wp++ = *s++;
239 last_elem = wp;
240 }
241 else
242 *wp++ = *s++;
243 }
244 while (*s != '\0');
245
246 *wp = '\0';
247
248 return result;
249 }
250
251 /* Add `name' to the list of names for a particular shared object.
252 `name' is expected to have been allocated with malloc and will
253 be freed if the shared object already has this name.
254 Returns false if the object already had this name. */
255 static void
256 internal_function
257 add_name_to_object (struct link_map *l, const char *name)
258 {
259 struct libname_list *lnp, *lastp;
260 struct libname_list *newname;
261 size_t name_len;
262
263 lastp = NULL;
264 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
265 if (strcmp (name, lnp->name) == 0)
266 return;
267
268 name_len = strlen (name) + 1;
269 newname = malloc (sizeof *newname + name_len);
270 if (newname == NULL)
271 {
272 /* No more memory. */
273 _dl_signal_error (ENOMEM, name, "cannot allocate name record");
274 return;
275 }
276 /* The object should have a libname set from _dl_new_object. */
277 assert (lastp != NULL);
278
279 newname->name = memcpy (newname + 1, name, name_len);
280 newname->next = NULL;
281 lastp->next = newname;
282 }
283
284 /* All known directories in sorted order. */
285 static struct r_search_path_elem *all_dirs;
286
287 /* Standard search directories. */
288 static struct r_search_path_elem **rtld_search_dirs;
289
290 static size_t max_dirnamelen;
291
292 static inline struct r_search_path_elem **
293 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
294 const char **trusted, const char *what, const char *where)
295 {
296 char *cp;
297 size_t nelems = 0;
298
299 while ((cp = __strsep (&rpath, sep)) != NULL)
300 {
301 struct r_search_path_elem *dirp;
302 size_t len = strlen (cp);
303
304 /* `strsep' can pass an empty string. This has to be
305 interpreted as `use the current directory'. */
306 if (len == 0)
307 {
308 static char curwd[] = "./";
309 cp = curwd;
310 }
311
312 /* Remove trailing slashes (except for "/"). */
313 while (len > 1 && cp[len - 1] == '/')
314 --len;
315
316 /* Make sure we don't use untrusted directories if we run SUID. */
317 if (trusted != NULL)
318 {
319 const char **trun = trusted;
320
321 /* All trusted directories must be complete names. */
322 if (cp[0] != '/')
323 continue;
324
325 while (*trun != NULL
326 && (memcmp (*trun, cp, len) != 0
327 || (*trun)[len] != '/'
328 || (*trun)[len + 1] != '\0'))
329 ++trun;
330
331 if (*trun == NULL)
332 /* It's no trusted directory, skip it. */
333 continue;
334 }
335
336 /* Now add one if there is none so far. */
337 if (len > 0 && cp[len - 1] != '/')
338 cp[len++] = '/';
339
340 /* See if this directory is already known. */
341 for (dirp = all_dirs; dirp != NULL; dirp = dirp->next)
342 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
343 break;
344
345 if (dirp != NULL)
346 {
347 /* It is available, see whether it's on our own list. */
348 size_t cnt;
349 for (cnt = 0; cnt < nelems; ++cnt)
350 if (result[cnt] == dirp)
351 break;
352
353 if (cnt == nelems)
354 result[nelems++] = dirp;
355 }
356 else
357 {
358 size_t cnt;
359
360 /* It's a new directory. Create an entry and add it. */
361 dirp = (struct r_search_path_elem *)
362 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status));
363 if (dirp == NULL)
364 _dl_signal_error (ENOMEM, NULL,
365 "cannot create cache for search path");
366
367 dirp->dirname = cp;
368 dirp->dirnamelen = len;
369
370 if (len > max_dirnamelen)
371 max_dirnamelen = len;
372
373 /* We have to make sure all the relative directories are never
374 ignored. The current directory might change and all our
375 saved information would be void. */
376 if (cp[0] != '/')
377 for (cnt = 0; cnt < ncapstr; ++cnt)
378 dirp->status[cnt] = existing;
379 else
380 for (cnt = 0; cnt < ncapstr; ++cnt)
381 dirp->status[cnt] = unknown;
382
383 dirp->what = what;
384 dirp->where = where;
385
386 dirp->next = all_dirs;
387 all_dirs = dirp;
388
389 /* Put it in the result array. */
390 result[nelems++] = dirp;
391 }
392 }
393
394 /* Terminate the array. */
395 result[nelems] = NULL;
396
397 return result;
398 }
399
400
401 static struct r_search_path_elem **
402 internal_function
403 decompose_rpath (const char *rpath, struct link_map *l)
404 {
405 /* Make a copy we can work with. */
406 const char *where = l->l_name;
407 char *copy;
408 char *cp;
409 struct r_search_path_elem **result;
410 size_t nelems;
411
412 /* First see whether we must forget the RPATH from this object. */
413 if (_dl_inhibit_rpath != NULL && !__libc_enable_secure)
414 {
415 const char *found = strstr (_dl_inhibit_rpath, where);
416 if (found != NULL)
417 {
418 size_t len = strlen (where);
419 if ((found == _dl_inhibit_rpath || found[-1] == ':')
420 && (found[len] == '\0' || found[len] == ':'))
421 {
422 /* This object is on the list of objects for which the RPATH
423 must not be used. */
424 result = (struct r_search_path_elem **)
425 malloc (sizeof (*result));
426 if (result == NULL)
427 _dl_signal_error (ENOMEM, NULL,
428 "cannot create cache for search path");
429 result[0] = NULL;
430
431 return result;
432 }
433 }
434 }
435
436 /* Make a writable copy. At the same time expand possible dynamic
437 string tokens. */
438 copy = expand_dynamic_string_token (l, rpath);
439 if (copy == NULL)
440 _dl_signal_error (ENOMEM, NULL, "cannot create RPATH copy");
441
442 /* Count the number of necessary elements in the result array. */
443 nelems = 0;
444 for (cp = copy; *cp != '\0'; ++cp)
445 if (*cp == ':')
446 ++nelems;
447
448 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
449 number of necessary entries. */
450 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
451 * sizeof (*result));
452 if (result == NULL)
453 _dl_signal_error (ENOMEM, NULL, "cannot create cache for search path");
454
455 return fillin_rpath (copy, result, ":", NULL, "RPATH", where);
456 }
457
458
459 void
460 internal_function
461 _dl_init_paths (const char *llp)
462 {
463 static const char *system_dirs[] =
464 {
465 #include "trusted-dirs.h"
466 NULL
467 };
468 const char **strp;
469 struct r_search_path_elem *pelem, **aelem;
470 size_t round_size;
471 #ifdef PIC
472 struct link_map *l;
473 #endif
474
475 /* Fill in the information about the application's RPATH and the
476 directories addressed by the LD_LIBRARY_PATH environment variable. */
477
478 /* Get the capabilities. */
479 capstr = _dl_important_hwcaps (_dl_platform, _dl_platformlen,
480 &ncapstr, &max_capstrlen);
481
482 /* First set up the rest of the default search directory entries. */
483 aelem = rtld_search_dirs = (struct r_search_path_elem **)
484 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
485 * sizeof (struct r_search_path_elem *));
486 if (rtld_search_dirs == NULL)
487 _dl_signal_error (ENOMEM, NULL, "cannot create search path array");
488
489 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
490 + ncapstr * sizeof (enum r_dir_status))
491 / sizeof (struct r_search_path_elem));
492
493 rtld_search_dirs[0] = (struct r_search_path_elem *)
494 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]) - 1)
495 * round_size * sizeof (struct r_search_path_elem));
496 if (rtld_search_dirs[0] == NULL)
497 _dl_signal_error (ENOMEM, NULL, "cannot create cache for search path");
498
499 pelem = all_dirs = rtld_search_dirs[0];
500 for (strp = system_dirs; *strp != NULL; ++strp, pelem += round_size)
501 {
502 size_t cnt;
503
504 *aelem++ = pelem;
505
506 pelem->next = *(strp + 1) == NULL ? NULL : (pelem + round_size);
507
508 pelem->what = "system search path";
509 pelem->where = NULL;
510
511 pelem->dirnamelen = strlen (pelem->dirname = *strp);
512 if (pelem->dirnamelen > max_dirnamelen)
513 max_dirnamelen = pelem->dirnamelen;
514
515 if (pelem->dirname[0] != '/')
516 for (cnt = 0; cnt < ncapstr; ++cnt)
517 pelem->status[cnt] = existing;
518 else
519 for (cnt = 0; cnt < ncapstr; ++cnt)
520 pelem->status[cnt] = unknown;
521 }
522 *aelem = NULL;
523
524 #ifdef PIC
525 /* This points to the map of the main object. */
526 l = _dl_loaded;
527 if (l != NULL)
528 {
529 assert (l->l_type != lt_loaded);
530
531 if (l->l_info[DT_RPATH])
532 /* Allocate room for the search path and fill in information
533 from RPATH. */
534 l->l_rpath_dirs =
535 decompose_rpath ((const void *) (l->l_info[DT_STRTAB]->d_un.d_ptr
536 + l->l_info[DT_RPATH]->d_un.d_val),
537 l);
538 else
539 l->l_rpath_dirs = NULL;
540 }
541 #endif /* PIC */
542
543 if (llp != NULL && *llp != '\0')
544 {
545 size_t nllp;
546 const char *cp = llp;
547
548 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
549 elements it has. */
550 nllp = 1;
551 while (*cp)
552 {
553 if (*cp == ':' || *cp == ';')
554 ++nllp;
555 ++cp;
556 }
557
558 env_path_list = (struct r_search_path_elem **)
559 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
560 if (env_path_list == NULL)
561 _dl_signal_error (ENOMEM, NULL,
562 "cannot create cache for search path");
563
564 (void) fillin_rpath (local_strdup (llp), env_path_list, ":;",
565 __libc_enable_secure ? system_dirs : NULL,
566 "LD_LIBRARY_PATH", NULL);
567 }
568 }
569
570
571 /* Think twice before changing anything in this function. It is placed
572 here and prepared using the `alloca' magic to prevent it from being
573 inlined. The function is only called in case of an error. But then
574 performance does not count. The function used to be "inlinable" and
575 the compiled did so all the time. This increased the code size for
576 absolutely no good reason. */
577 #define LOSE(code, s) lose (code, fd, name, realname, l, s)
578 static void
579 __attribute__ ((noreturn))
580 lose (int code, int fd, const char *name, char *realname, struct link_map *l,
581 const char *msg)
582 {
583 /* The use of `alloca' here looks ridiculous but it helps. The goal
584 is to avoid the function from being inlined. There is no official
585 way to do this so we use this trick. gcc never inlines functions
586 which use `alloca'. */
587 int *a = alloca (sizeof (int));
588 a[0] = fd;
589 (void) __close (a[0]);
590 if (l != NULL)
591 {
592 /* Remove the stillborn object from the list and free it. */
593 if (l->l_prev)
594 l->l_prev->l_next = l->l_next;
595 if (l->l_next)
596 l->l_next->l_prev = l->l_prev;
597 free (l);
598 }
599 free (realname);
600 _dl_signal_error (code, name, msg);
601 }
602
603
604 /* Map in the shared object NAME, actually located in REALNAME, and already
605 opened on FD. */
606
607 #ifndef EXTERNAL_MAP_FROM_FD
608 static
609 #endif
610 struct link_map *
611 _dl_map_object_from_fd (const char *name, int fd, char *realname,
612 struct link_map *loader, int l_type)
613 {
614 /* This is the expected ELF header. */
615 #define ELF32_CLASS ELFCLASS32
616 #define ELF64_CLASS ELFCLASS64
617 static const unsigned char expected[EI_PAD] =
618 {
619 [EI_MAG0] = ELFMAG0,
620 [EI_MAG1] = ELFMAG1,
621 [EI_MAG2] = ELFMAG2,
622 [EI_MAG3] = ELFMAG3,
623 [EI_CLASS] = ELFW(CLASS),
624 [EI_DATA] = byteorder,
625 [EI_VERSION] = EV_CURRENT,
626 [EI_OSABI] = ELFOSABI_SYSV,
627 [EI_ABIVERSION] = 0
628 };
629 struct link_map *l = NULL;
630
631 inline caddr_t map_segment (ElfW(Addr) mapstart, size_t len,
632 int prot, int fixed, off_t offset)
633 {
634 caddr_t mapat = __mmap ((caddr_t) mapstart, len, prot,
635 fixed|MAP_COPY|MAP_FILE,
636 fd, offset);
637 if (mapat == MAP_FAILED)
638 LOSE (errno, "failed to map segment from shared object");
639 return mapat;
640 }
641
642 const ElfW(Ehdr) *header;
643 const ElfW(Phdr) *phdr;
644 const ElfW(Phdr) *ph;
645 size_t maplength;
646 int type;
647 char *readbuf;
648 ssize_t readlength;
649 struct stat st;
650
651 /* Get file information. */
652 if (__fxstat (_STAT_VER, fd, &st) < 0)
653 LOSE (errno, "cannot stat shared object");
654
655 /* Look again to see if the real name matched another already loaded. */
656 for (l = _dl_loaded; l; l = l->l_next)
657 if (l->l_ino == st.st_ino && l->l_dev == st.st_dev)
658 {
659 /* The object is already loaded.
660 Just bump its reference count and return it. */
661 __close (fd);
662
663 /* If the name is not in the list of names for this object add
664 it. */
665 free (realname);
666 add_name_to_object (l, name);
667 ++l->l_opencount;
668 return l;
669 }
670
671 /* Print debugging message. */
672 if (_dl_debug_files)
673 _dl_debug_message (1, "file=", name, "; generating link map\n", NULL);
674
675 /* Read the header directly. */
676 readbuf = alloca (_dl_pagesize);
677 readlength = __libc_read (fd, readbuf, _dl_pagesize);
678 if (readlength < (ssize_t) sizeof (*header))
679 LOSE (errno, "cannot read file data");
680 header = (void *) readbuf;
681
682 /* Check the header for basic validity. */
683 if (memcmp (header->e_ident, expected, EI_PAD) != 0)
684 {
685 /* Something is wrong. */
686 if (*(Elf32_Word *) &header->e_ident !=
687 #if BYTE_ORDER == LITTLE_ENDIAN
688 ((ELFMAG0 << (EI_MAG0 * 8)) |
689 (ELFMAG1 << (EI_MAG1 * 8)) |
690 (ELFMAG2 << (EI_MAG2 * 8)) |
691 (ELFMAG3 << (EI_MAG3 * 8)))
692 #else
693 ((ELFMAG0 << (EI_MAG3 * 8)) |
694 (ELFMAG1 << (EI_MAG2 * 8)) |
695 (ELFMAG2 << (EI_MAG1 * 8)) |
696 (ELFMAG3 << (EI_MAG0 * 8)))
697 #endif
698 )
699 LOSE (0, "invalid ELF header");
700 if (header->e_ident[EI_CLASS] != ELFW(CLASS))
701 LOSE (0, "ELF file class not " STRING(__ELF_NATIVE_CLASS) "-bit");
702 if (header->e_ident[EI_DATA] != byteorder)
703 LOSE (0, "ELF file data encoding not " byteorder_name);
704 if (header->e_ident[EI_VERSION] != EV_CURRENT)
705 LOSE (0, "ELF file version ident not " STRING(EV_CURRENT));
706 /* XXX We should be able so set system specific versions which are
707 allowed here. */
708 if (header->e_ident[EI_OSABI] != ELFOSABI_SYSV)
709 LOSE (0, "ELF file OS ABI not " STRING(ELFOSABI_SYSV));
710 if (header->e_ident[EI_ABIVERSION] != 0)
711 LOSE (0, "ELF file ABI version not 0");
712 LOSE (0, "internal error");
713 }
714
715 if (header->e_version != EV_CURRENT)
716 LOSE (0, "ELF file version not " STRING(EV_CURRENT));
717 if (! elf_machine_matches_host (header->e_machine))
718 LOSE (0, "ELF file machine architecture not " ELF_MACHINE_NAME);
719 if (header->e_phentsize != sizeof (ElfW(Phdr)))
720 LOSE (0, "ELF file's phentsize not the expected size");
721
722 #ifndef MAP_ANON
723 # define MAP_ANON 0
724 if (_dl_zerofd == -1)
725 {
726 _dl_zerofd = _dl_sysdep_open_zero_fill ();
727 if (_dl_zerofd == -1)
728 {
729 __close (fd);
730 _dl_signal_error (errno, NULL, "cannot open zero fill device");
731 }
732 }
733 #endif
734
735 /* Enter the new object in the list of loaded objects. */
736 l = _dl_new_object (realname, name, l_type, loader);
737 if (! l)
738 LOSE (ENOMEM, "cannot create shared object descriptor");
739 l->l_opencount = 1;
740
741 /* Extract the remaining details we need from the ELF header
742 and then read in the program header table. */
743 l->l_entry = header->e_entry;
744 type = header->e_type;
745 l->l_phnum = header->e_phnum;
746
747 maplength = header->e_phnum * sizeof (ElfW(Phdr));
748 if (header->e_phoff + maplength <= readlength)
749 phdr = (void *) (readbuf + header->e_phoff);
750 else
751 {
752 phdr = alloca (maplength);
753 __lseek (fd, SEEK_SET, header->e_phoff);
754 if (__libc_read (fd, (void *) phdr, maplength) != maplength)
755 LOSE (errno, "cannot read file data");
756 }
757
758 {
759 /* Scan the program header table, collecting its load commands. */
760 struct loadcmd
761 {
762 ElfW(Addr) mapstart, mapend, dataend, allocend;
763 off_t mapoff;
764 int prot;
765 } loadcmds[l->l_phnum], *c;
766 size_t nloadcmds = 0;
767
768 /* The struct is initialized to zero so this is not necessary:
769 l->l_ld = 0;
770 l->l_phdr = 0;
771 l->l_addr = 0; */
772 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
773 switch (ph->p_type)
774 {
775 /* These entries tell us where to find things once the file's
776 segments are mapped in. We record the addresses it says
777 verbatim, and later correct for the run-time load address. */
778 case PT_DYNAMIC:
779 l->l_ld = (void *) ph->p_vaddr;
780 break;
781 case PT_PHDR:
782 l->l_phdr = (void *) ph->p_vaddr;
783 break;
784
785 case PT_LOAD:
786 /* A load command tells us to map in part of the file.
787 We record the load commands and process them all later. */
788 if (ph->p_align % _dl_pagesize != 0)
789 LOSE (0, "ELF load command alignment not page-aligned");
790 if ((ph->p_vaddr - ph->p_offset) % ph->p_align)
791 LOSE (0, "ELF load command address/offset not properly aligned");
792 {
793 struct loadcmd *c = &loadcmds[nloadcmds++];
794 c->mapstart = ph->p_vaddr & ~(ph->p_align - 1);
795 c->mapend = ((ph->p_vaddr + ph->p_filesz + _dl_pagesize - 1)
796 & ~(_dl_pagesize - 1));
797 c->dataend = ph->p_vaddr + ph->p_filesz;
798 c->allocend = ph->p_vaddr + ph->p_memsz;
799 c->mapoff = ph->p_offset & ~(ph->p_align - 1);
800
801 /* Optimize a common case. */
802 if ((PF_R | PF_W | PF_X) == 7
803 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7)
804 c->prot = _dl_pf_to_prot[ph->p_flags & (PF_R | PF_W | PF_X)];
805 else
806 {
807 c->prot = 0;
808 if (ph->p_flags & PF_R)
809 c->prot |= PROT_READ;
810 if (ph->p_flags & PF_W)
811 c->prot |= PROT_WRITE;
812 if (ph->p_flags & PF_X)
813 c->prot |= PROT_EXEC;
814 }
815 break;
816 }
817 }
818
819 /* Now process the load commands and map segments into memory. */
820 c = loadcmds;
821
822 /* Length of the sections to be loaded. */
823 maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart;
824
825 if (type == ET_DYN || type == ET_REL)
826 {
827 /* This is a position-independent shared object. We can let the
828 kernel map it anywhere it likes, but we must have space for all
829 the segments in their specified positions relative to the first.
830 So we map the first segment without MAP_FIXED, but with its
831 extent increased to cover all the segments. Then we remove
832 access from excess portion, and there is known sufficient space
833 there to remap from the later segments.
834
835 As a refinement, sometimes we have an address that we would
836 prefer to map such objects at; but this is only a preference,
837 the OS can do whatever it likes. */
838 caddr_t mapat;
839 ElfW(Addr) mappref;
840 mappref = (ELF_PREFERRED_ADDRESS (loader, maplength, c->mapstart)
841 - MAP_BASE_ADDR (l));
842 mapat = map_segment (mappref, maplength, c->prot, 0, c->mapoff);
843 l->l_addr = (ElfW(Addr)) mapat - c->mapstart;
844
845 /* Change protection on the excess portion to disallow all access;
846 the portions we do not remap later will be inaccessible as if
847 unallocated. Then jump into the normal segment-mapping loop to
848 handle the portion of the segment past the end of the file
849 mapping. */
850 __mprotect ((caddr_t) (l->l_addr + c->mapend),
851 loadcmds[nloadcmds - 1].allocend - c->mapend,
852 0);
853
854 /* Remember which part of the address space this object uses. */
855 l->l_map_start = c->mapstart + l->l_addr;
856 l->l_map_end = l->l_map_start + maplength;
857
858 goto postmap;
859 }
860 else
861 {
862 /* Notify ELF_PREFERRED_ADDRESS that we have to load this one
863 fixed. */
864 ELF_FIXED_ADDRESS (loader, c->mapstart);
865 }
866
867 /* Remember which part of the address space this object uses. */
868 l->l_map_start = c->mapstart + l->l_addr;
869 l->l_map_end = l->l_map_start + maplength;
870
871 while (c < &loadcmds[nloadcmds])
872 {
873 if (c->mapend > c->mapstart)
874 /* Map the segment contents from the file. */
875 map_segment (l->l_addr + c->mapstart, c->mapend - c->mapstart,
876 c->prot, MAP_FIXED, c->mapoff);
877
878 postmap:
879 if (c->allocend > c->dataend)
880 {
881 /* Extra zero pages should appear at the end of this segment,
882 after the data mapped from the file. */
883 ElfW(Addr) zero, zeroend, zeropage;
884
885 zero = l->l_addr + c->dataend;
886 zeroend = l->l_addr + c->allocend;
887 zeropage = (zero + _dl_pagesize - 1) & ~(_dl_pagesize - 1);
888
889 if (zeroend < zeropage)
890 /* All the extra data is in the last page of the segment.
891 We can just zero it. */
892 zeropage = zeroend;
893
894 if (zeropage > zero)
895 {
896 /* Zero the final part of the last page of the segment. */
897 if ((c->prot & PROT_WRITE) == 0)
898 {
899 /* Dag nab it. */
900 if (__mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
901 _dl_pagesize, c->prot|PROT_WRITE) < 0)
902 LOSE (errno, "cannot change memory protections");
903 }
904 memset ((void *) zero, 0, zeropage - zero);
905 if ((c->prot & PROT_WRITE) == 0)
906 __mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
907 _dl_pagesize, c->prot);
908 }
909
910 if (zeroend > zeropage)
911 {
912 /* Map the remaining zero pages in from the zero fill FD. */
913 caddr_t mapat;
914 mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage,
915 c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED,
916 ANONFD, 0);
917 if (mapat == MAP_FAILED)
918 LOSE (errno, "cannot map zero-fill pages");
919 }
920 }
921
922 ++c;
923 }
924
925 if (l->l_phdr == 0)
926 {
927 /* There was no PT_PHDR specified. We need to find the phdr in the
928 load image ourselves. We assume it is in fact in the load image
929 somewhere. */
930 for (c = loadcmds; c < &loadcmds[nloadcmds]; c++)
931 if (c->mapoff <= header->e_phoff
932 && (c->mapend - c->mapstart + c->mapoff
933 >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr))))
934 {
935 ElfW(Addr) bof = l->l_addr + c->mapstart;
936 l->l_phdr = (void *) (bof + header->e_phoff - c->mapoff);
937 break;
938 }
939 if (l->l_phdr == 0)
940 LOSE (0, "program headers not contained in any loaded segment");
941 }
942 else
943 /* Adjust the PT_PHDR value by the runtime load address. */
944 (ElfW(Addr)) l->l_phdr += l->l_addr;
945 }
946
947 /* We are done mapping in the file. We no longer need the descriptor. */
948 __close (fd);
949
950 if (l->l_type == lt_library && type == ET_EXEC)
951 l->l_type = lt_executable;
952
953 if (l->l_ld == 0)
954 {
955 if (type == ET_DYN)
956 LOSE (0, "object file has no dynamic section");
957 }
958 else
959 (ElfW(Addr)) l->l_ld += l->l_addr;
960
961 l->l_entry += l->l_addr;
962
963 if (_dl_debug_files)
964 {
965 const size_t nibbles = sizeof (void *) * 2;
966 char buf1[nibbles + 1];
967 char buf2[nibbles + 1];
968 char buf3[nibbles + 1];
969
970 buf1[nibbles] = '\0';
971 buf2[nibbles] = '\0';
972 buf3[nibbles] = '\0';
973
974 memset (buf1, '0', nibbles);
975 memset (buf2, '0', nibbles);
976 memset (buf3, '0', nibbles);
977 _itoa_word ((unsigned long int) l->l_ld, &buf1[nibbles], 16, 0);
978 _itoa_word ((unsigned long int) l->l_addr, &buf2[nibbles], 16, 0);
979 _itoa_word (maplength, &buf3[nibbles], 16, 0);
980
981 _dl_debug_message (1, " dynamic: 0x", buf1, " base: 0x", buf2,
982 " size: 0x", buf3, "\n", NULL);
983 memset (buf1, '0', nibbles);
984 memset (buf2, '0', nibbles);
985 memset (buf3, ' ', nibbles);
986 _itoa_word ((unsigned long int) l->l_entry, &buf1[nibbles], 16, 0);
987 _itoa_word ((unsigned long int) l->l_phdr, &buf2[nibbles], 16, 0);
988 _itoa_word (l->l_phnum, &buf3[nibbles], 10, 0);
989 _dl_debug_message (1, " entry: 0x", buf1, " phdr: 0x", buf2,
990 " phnum: ", buf3, "\n\n", NULL);
991 }
992
993 elf_get_dynamic_info (l->l_ld, l->l_addr, l->l_info);
994 if (l->l_info[DT_HASH])
995 _dl_setup_hash (l);
996
997 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
998 have to do this for the main map. */
999 if (l->l_info[DT_SYMBOLIC] && &l->l_searchlist != l->l_scope[0])
1000 {
1001 /* Create an appropriate searchlist. It contains only this map.
1002
1003 XXX This is the definition of DT_SYMBOLIC in SysVr4. The old
1004 GNU ld.so implementation had a different interpretation which
1005 is more reasonable. We are prepared to add this possibility
1006 back as part of a GNU extension of the ELF format. */
1007 l->l_symbolic_searchlist.r_list =
1008 (struct link_map **) malloc (sizeof (struct link_map *));
1009
1010 if (l->l_symbolic_searchlist.r_list == NULL)
1011 LOSE (ENOMEM, "cannot create searchlist");
1012
1013 l->l_symbolic_searchlist.r_list[0] = l;
1014 l->l_symbolic_searchlist.r_nlist = 1;
1015 l->l_symbolic_searchlist.r_duplist = l->l_symbolic_searchlist.r_list;
1016 l->l_symbolic_searchlist.r_nduplist = 1;
1017
1018 /* Now move the existing entries one back. */
1019 memmove (&l->l_scope[1], &l->l_scope[0],
1020 sizeof (l->l_scope) - sizeof (l->l_scope[0]));
1021
1022 /* Now add the new entry. */
1023 l->l_scope[0] = &l->l_symbolic_searchlist;
1024 }
1025
1026 /* Finally the file information. */
1027 l->l_dev = st.st_dev;
1028 l->l_ino = st.st_ino;
1029
1030 return l;
1031 }
1032 \f
1033 /* Print search path. */
1034 static void
1035 print_search_path (struct r_search_path_elem **list,
1036 const char *what, const char *name)
1037 {
1038 char buf[max_dirnamelen + max_capstrlen];
1039 int first = 1;
1040
1041 _dl_debug_message (1, " search path=", NULL);
1042
1043 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1044 {
1045 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1046 size_t cnt;
1047
1048 for (cnt = 0; cnt < ncapstr; ++cnt)
1049 if ((*list)->status[cnt] != nonexisting)
1050 {
1051 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1052 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1053 cp[0] = '\0';
1054 else
1055 cp[-1] = '\0';
1056 _dl_debug_message (0, first ? "" : ":", buf, NULL);
1057 first = 0;
1058 }
1059
1060 ++list;
1061 }
1062
1063 if (name != NULL)
1064 _dl_debug_message (0, "\t\t(", what, " from file ",
1065 name[0] ? name : _dl_argv[0], ")\n", NULL);
1066 else
1067 _dl_debug_message (0, "\t\t(", what, ")\n", NULL);
1068 }
1069 \f
1070 /* Try to open NAME in one of the directories in DIRS.
1071 Return the fd, or -1. If successful, fill in *REALNAME
1072 with the malloc'd full directory name. */
1073
1074 static int
1075 open_path (const char *name, size_t namelen, int preloaded,
1076 struct r_search_path_elem **dirs,
1077 char **realname)
1078 {
1079 char *buf;
1080 int fd = -1;
1081 const char *current_what = NULL;
1082
1083 if (dirs == NULL || *dirs == NULL)
1084 {
1085 __set_errno (ENOENT);
1086 return -1;
1087 }
1088
1089 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1090 do
1091 {
1092 struct r_search_path_elem *this_dir = *dirs;
1093 size_t buflen = 0;
1094 size_t cnt;
1095 char *edp;
1096
1097 /* If we are debugging the search for libraries print the path
1098 now if it hasn't happened now. */
1099 if (_dl_debug_libs && current_what != this_dir->what)
1100 {
1101 current_what = this_dir->what;
1102 print_search_path (dirs, current_what, this_dir->where);
1103 }
1104
1105 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1106 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1107 {
1108 /* Skip this directory if we know it does not exist. */
1109 if (this_dir->status[cnt] == nonexisting)
1110 continue;
1111
1112 buflen =
1113 ((char *) __mempcpy (__mempcpy (edp,
1114 capstr[cnt].str, capstr[cnt].len),
1115 name, namelen)
1116 - buf);
1117
1118 /* Print name we try if this is wanted. */
1119 if (_dl_debug_libs)
1120 _dl_debug_message (1, " trying file=", buf, "\n", NULL);
1121
1122 fd = __open (buf, O_RDONLY);
1123 if (this_dir->status[cnt] == unknown)
1124 {
1125 if (fd != -1)
1126 this_dir->status[cnt] = existing;
1127 else
1128 {
1129 /* We failed to open machine dependent library. Let's
1130 test whether there is any directory at all. */
1131 struct stat st;
1132
1133 buf[buflen - namelen - 1] = '\0';
1134
1135 if (__xstat (_STAT_VER, buf, &st) != 0
1136 || ! S_ISDIR (st.st_mode))
1137 /* The directory does not exist or it is no directory. */
1138 this_dir->status[cnt] = nonexisting;
1139 else
1140 this_dir->status[cnt] = existing;
1141 }
1142 }
1143
1144 if (fd != -1 && preloaded && __libc_enable_secure)
1145 {
1146 /* This is an extra security effort to make sure nobody can
1147 preload broken shared objects which are in the trusted
1148 directories and so exploit the bugs. */
1149 struct stat st;
1150
1151 if (__fxstat (_STAT_VER, fd, &st) != 0
1152 || (st.st_mode & S_ISUID) == 0)
1153 {
1154 /* The shared object cannot be tested for being SUID
1155 or this bit is not set. In this case we must not
1156 use this object. */
1157 __close (fd);
1158 fd = -1;
1159 /* We simply ignore the file, signal this by setting
1160 the error value which would have been set by `open'. */
1161 errno = ENOENT;
1162 }
1163 }
1164 }
1165
1166 if (fd != -1)
1167 {
1168 *realname = malloc (buflen);
1169 if (*realname != NULL)
1170 {
1171 memcpy (*realname, buf, buflen);
1172 return fd;
1173 }
1174 else
1175 {
1176 /* No memory for the name, we certainly won't be able
1177 to load and link it. */
1178 __close (fd);
1179 return -1;
1180 }
1181 }
1182 if (errno != ENOENT && errno != EACCES)
1183 /* The file exists and is readable, but something went wrong. */
1184 return -1;
1185 }
1186 while (*++dirs != NULL);
1187
1188 return -1;
1189 }
1190
1191 /* Map in the shared object file NAME. */
1192
1193 struct link_map *
1194 internal_function
1195 _dl_map_object (struct link_map *loader, const char *name, int preloaded,
1196 int type, int trace_mode)
1197 {
1198 int fd;
1199 char *realname;
1200 char *name_copy;
1201 struct link_map *l;
1202
1203 /* Look for this name among those already loaded. */
1204 for (l = _dl_loaded; l; l = l->l_next)
1205 {
1206 /* If the requested name matches the soname of a loaded object,
1207 use that object. Elide this check for names that have not
1208 yet been opened. */
1209 if (l->l_opencount <= 0)
1210 continue;
1211 if (!_dl_name_match_p (name, l))
1212 {
1213 const char *soname;
1214
1215 if (l->l_info[DT_SONAME] == NULL)
1216 continue;
1217
1218 soname = (const void *) (l->l_info[DT_STRTAB]->d_un.d_ptr
1219 + l->l_info[DT_SONAME]->d_un.d_val);
1220 if (strcmp (name, soname) != 0)
1221 continue;
1222
1223 /* We have a match on a new name -- cache it. */
1224 add_name_to_object (l, soname);
1225 }
1226
1227 /* We have a match -- bump the reference count and return it. */
1228 ++l->l_opencount;
1229 return l;
1230 }
1231
1232 /* Display information if we are debugging. */
1233 if (_dl_debug_files && loader != NULL)
1234 _dl_debug_message (1, "\nfile=", name, "; needed by ",
1235 loader->l_name[0] ? loader->l_name : _dl_argv[0],
1236 "\n", NULL);
1237
1238 if (strchr (name, '/') == NULL)
1239 {
1240 /* Search for NAME in several places. */
1241
1242 size_t namelen = strlen (name) + 1;
1243
1244 if (_dl_debug_libs)
1245 _dl_debug_message (1, "find library=", name, "; searching\n", NULL);
1246
1247 fd = -1;
1248
1249 /* First try the DT_RPATH of the dependent object that caused NAME
1250 to be loaded. Then that object's dependent, and on up. */
1251 for (l = loader; fd == -1 && l; l = l->l_loader)
1252 if (l->l_info[DT_RPATH])
1253 {
1254 /* Make sure the cache information is available. */
1255 if (l->l_rpath_dirs == NULL)
1256 {
1257 size_t ptrval = (l->l_info[DT_STRTAB]->d_un.d_ptr
1258 + l->l_info[DT_RPATH]->d_un.d_val);
1259 l->l_rpath_dirs =
1260 decompose_rpath ((const char *) ptrval, l);
1261 }
1262
1263 if (l->l_rpath_dirs != NULL)
1264 fd = open_path (name, namelen, preloaded, l->l_rpath_dirs,
1265 &realname);
1266 }
1267
1268 /* If dynamically linked, try the DT_RPATH of the executable itself. */
1269 l = _dl_loaded;
1270 if (fd == -1 && l && l->l_type != lt_loaded && l != loader
1271 && l->l_rpath_dirs != NULL)
1272 fd = open_path (name, namelen, preloaded, l->l_rpath_dirs, &realname);
1273
1274 /* Try the LD_LIBRARY_PATH environment variable. */
1275 if (fd == -1 && env_path_list != NULL)
1276 fd = open_path (name, namelen, preloaded, env_path_list, &realname);
1277
1278 if (fd == -1)
1279 {
1280 /* Check the list of libraries in the file /etc/ld.so.cache,
1281 for compatibility with Linux's ldconfig program. */
1282 extern const char *_dl_load_cache_lookup (const char *name);
1283 const char *cached = _dl_load_cache_lookup (name);
1284 if (cached)
1285 {
1286 fd = __open (cached, O_RDONLY);
1287 if (fd != -1)
1288 {
1289 realname = local_strdup (cached);
1290 if (realname == NULL)
1291 {
1292 __close (fd);
1293 fd = -1;
1294 }
1295 }
1296 }
1297 }
1298
1299 /* Finally, try the default path. */
1300 if (fd == -1)
1301 fd = open_path (name, namelen, preloaded, rtld_search_dirs, &realname);
1302
1303 /* Add another newline when we a tracing the library loading. */
1304 if (_dl_debug_libs)
1305 _dl_debug_message (1, "\n", NULL);
1306 }
1307 else
1308 {
1309 /* The path may contain dynamic string tokens. */
1310 realname = (loader
1311 ? expand_dynamic_string_token (loader, name)
1312 : local_strdup (name));
1313 if (realname == NULL)
1314 fd = -1;
1315 else
1316 {
1317 fd = __open (realname, O_RDONLY);
1318 if (fd == -1)
1319 free (realname);
1320 }
1321 }
1322
1323 if (fd == -1)
1324 {
1325 if (trace_mode)
1326 {
1327 /* We haven't found an appropriate library. But since we
1328 are only interested in the list of libraries this isn't
1329 so severe. Fake an entry with all the information we
1330 have. */
1331 static const ElfW(Symndx) dummy_bucket = STN_UNDEF;
1332
1333 /* Enter the new object in the list of loaded objects. */
1334 if ((name_copy = local_strdup (name)) == NULL
1335 || (l = _dl_new_object (name_copy, name, type, loader)) == NULL)
1336 _dl_signal_error (ENOMEM, name,
1337 "cannot create shared object descriptor");
1338 /* We use an opencount of 0 as a sign for the faked entry.
1339 Since the descriptor is initialized with zero we do not
1340 have do this here.
1341 l->l_opencount = 0;
1342 l->l_reserved = 0; */
1343 l->l_buckets = &dummy_bucket;
1344 l->l_nbuckets = 1;
1345 l->l_relocated = 1;
1346
1347 return l;
1348 }
1349 else
1350 _dl_signal_error (errno, name, "cannot open shared object file");
1351 }
1352
1353 return _dl_map_object_from_fd (name, fd, realname, loader, type);
1354 }
sources.redhat.com git mirror of glibc CVS