| blob | e4e413f601b8fefabb376f76554c98859a59d114 |
1 /* Run time dynamic linker.
2 Copyright (C) 1995-2010, 2011 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
20 #include <errno.h>
21 #include <dlfcn.h>
22 #include <fcntl.h>
23 #include <stdbool.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <sys/mman.h>
28 #include <sys/param.h>
29 #include <sys/stat.h>
30 #include <ldsodefs.h>
31 #include <stdio-common/_itoa.h>
32 #include <entry.h>
33 #include <fpu_control.h>
34 #include <hp-timing.h>
35 #include <bits/libc-lock.h>
37 #include <dl-librecon.h>
38 #include <unsecvars.h>
39 #include <dl-cache.h>
40 #include <dl-osinfo.h>
41 #include <dl-procinfo.h>
42 #include <tls.h>
43 #include <stackinfo.h>
45 #include <assert.h>
47 /* Avoid PLT use for our local calls at startup. */
50 /* GCC has mental blocks about _exit. */
52 #define _exit exit_internal
54 /* Helper function to handle errors while resolving symbols. */
58 /* Helper function to handle errors when a version is missing. */
62 /* Print the various times we collected. */
65 /* Add audit objects. */
68 /* This is a list of all the modes the dynamic loader can be in. */
71 /* Process all environments variables the dynamic linker must recognize.
72 Since all of them start with `LD_' we are a bit smarter while finding
73 all the entries. */
76 #ifdef DL_ARGV_NOT_RELRO
79 /* Nonzero if we were run directly. */
81 #else
85 #endif
88 #ifndef THREAD_SET_STACK_GUARD
89 /* Only exported for architectures that don't store the stack guard canary
90 in thread local area. */
92 #endif
94 /* Only exported for architectures that don't store the pointer guard
95 value in thread local area. */
96 uintptr_t __pointer_chk_guard_local
98 #ifndef THREAD_SET_POINTER_GUARD
100 #endif
103 /* List of auditing DSOs. */
104 static struct audit_list
105 {
110 #ifndef HAVE_INLINED_SYSCALLS
111 /* Set nonzero during loading and initialization of executable and
112 libraries, cleared before the executable's entry point runs. This
113 must not be initialized to nonzero, because the unused dynamic
114 linker loaded in for libc.so's "ld.so.1" dep will provide the
115 definition seen by libc.so's initializer; that value must be zero,
116 and will be since that dynamic linker's _dl_start and dl_main will
117 never be called. */
120 #endif
122 /* This is the structure which defines all variables global to ld.so
123 (except those which cannot be added for some reason). */
125 {
126 /* Generally the default presumption without further information is an
127 * executable stack but this is not true for all platforms. */
129 #ifdef _LIBC_REENTRANT
132 #endif
135 {
138 }
139 };
140 /* If we would use strong_alias here the compiler would see a
141 non-hidden definition. This would undo the effect of the previous
142 declaration. So spell out was strong_alias does plus add the
143 visibility attribute. */
148 /* This variable is similar to _rtld_local, but all values are
149 read-only after relocation. */
151 {
152 /* Get architecture specific initializer. */
153 #include <dl-procinfo.c>
154 #ifdef NEED_DL_SYSINFO
156 #endif
166 /* Function pointers. */
176 #ifdef HAVE_DL_DISCOVER_OSVERSION
178 #endif
179 };
180 /* If we would use strong_alias here the compiler would see a
181 non-hidden definition. This would undo the effect of the previous
182 declaration. So spell out was strong_alias does plus add the
183 visibility attribute. */
191 /* These two variables cannot be moved into .data.rel.ro. */
195 /* We expect less than a second for relocation. */
196 #ifdef HP_SMALL_TIMING_AVAIL
197 # undef HP_TIMING_AVAIL
198 # define HP_TIMING_AVAIL HP_SMALL_TIMING_AVAIL
199 #endif
201 /* Variable for statistics. */
202 #ifndef HP_TIMING_NONAVAIL
206 #endif
208 /* Additional definitions needed by TLS initialization. */
209 #ifdef TLS_INIT_HELPER
210 TLS_INIT_HELPER
211 #endif
213 /* Helper function for syscall implementation. */
214 #ifdef DL_SYSINFO_IMPLEMENTATION
215 DL_SYSINFO_IMPLEMENTATION
216 #endif
218 /* Before ld.so is relocated we must not access variables which need
219 relocations. This means variables which are exported. Variables
220 declared as static are fine. If we can mark a variable hidden this
221 is fine, too. The latter is important here. We can avoid setting
222 up a temporary link map for ld.so if we can mark _rtld_global as
223 hidden. */
224 #ifdef PI_STATIC_AND_HIDDEN
225 # define DONT_USE_BOOTSTRAP_MAP 1
226 #endif
228 #ifdef DONT_USE_BOOTSTRAP_MAP
230 #else
231 struct dl_start_final_info
232 {
234 #if !defined HP_TIMING_NONAVAIL && HP_TIMING_INLINE
235 hp_timing_t start_time;
236 #endif
237 };
240 #endif
242 /* These defined magically in the linker script. */
248 #ifdef RTLD_START
249 RTLD_START
250 #else
252 #endif
254 #ifndef VALIDX
255 # define VALIDX(tag) (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGNUM \
256 + DT_EXTRANUM + DT_VALTAGIDX (tag))
257 #endif
258 #ifndef ADDRIDX
259 # define ADDRIDX(tag) (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGNUM \
260 + DT_EXTRANUM + DT_VALNUM + DT_ADDRTAGIDX (tag))
261 #endif
263 /* This is the second half of _dl_start (below). It can be inlined safely
264 under DONT_USE_BOOTSTRAP_MAP, where it is careful not to make any GOT
265 references. When the tools don't permit us to avoid using a GOT entry
266 for _dl_rtld_global (no attribute_hidden support), we must make sure
267 this function is not inlined (see below). */
269 #ifdef DONT_USE_BOOTSTRAP_MAP
272 #else
275 #endif
276 {
280 {
281 /* If it hasn't happen yet record the startup time. */
284 #if !defined DONT_USE_BOOTSTRAP_MAP && !defined HP_TIMING_NONAVAIL
285 else
287 #endif
289 /* Initialize the timing functions. */
291 }
293 /* Transfer data about ourselves to the permanent link_map structure. */
294 #ifndef DONT_USE_BOOTSTRAP_MAP
301 #endif
307 /* Copy the TLS related data if necessary. */
308 #ifndef DONT_USE_BOOTSTRAP_MAP
309 # if USE___THREAD
318 # else
319 # if NO_TLS_OFFSET != 0
321 # endif
322 # endif
324 #endif
326 #if HP_TIMING_AVAIL
328 #endif
330 /* Initialize the stack end variable. */
333 /* Call the OS-dependent function to set up life so we can do things like
334 file access. It will call `dl_main' (below) to do all the real work
335 of the dynamic linker, and then unwind our frame and run the user
336 entry point on the same stack we entered on. */
339 #ifndef HP_TIMING_NONAVAIL
340 hp_timing_t rtld_total_time;
342 {
343 hp_timing_t end_time;
345 /* Get the current time. */
348 /* Compute the difference. */
350 }
351 #endif
354 {
355 #ifndef HP_TIMING_NONAVAIL
357 #else
359 #endif
360 }
363 }
367 {
368 #ifdef DONT_USE_BOOTSTRAP_MAP
369 # define bootstrap_map GL(dl_rtld_map)
370 #else
372 # define bootstrap_map info.l
373 #endif
375 /* This #define produces dynamic linking inline functions for
376 bootstrap relocation instead of general-purpose relocation.
377 Since ld.so must not have any undefined symbols the result
378 is trivial: always the map of ld.so itself. */
379 #define RTLD_BOOTSTRAP
380 #define RESOLVE_MAP(sym, version, flags) (&bootstrap_map)
384 #ifdef DONT_USE_BOOTSTRAP_MAP
386 #else
388 #endif
390 /* Partly clean the `bootstrap_map' structure up. Don't use
391 `memset' since it might not be built in or inlined and we cannot
392 make function calls at this point. Use '__builtin_memset' if we
393 know it is available. We do not have to clear the memory if we
394 do not have to use the temporary bootstrap_map. Global variables
395 are initialized to zero by default. */
396 #ifndef DONT_USE_BOOTSTRAP_MAP
397 # ifdef HAVE_BUILTIN_MEMSET
399 # else
404 # endif
405 # if USE___THREAD
407 # endif
408 #endif
410 /* Figure out the run-time load address of the dynamic linker itself. */
413 /* Read our own dynamic section and fill in the info array. */
417 #if NO_TLS_OFFSET != 0
419 #endif
421 /* Get the dynamic linker's own program header. First we need the ELF
422 file header. The `_begin' symbol created by the linker script points
423 to it. When we have something like GOTOFF relocs, we can use a plain
424 reference to find the runtime address. Without that, we have to rely
425 on the `l_addr' value, which is not the value we want when prelinked. */
426 #if USE___THREAD
429 # ifdef DONT_USE_BOOTSTRAP_MAP
431 # else
432 # error This will not work with prelink.
434 # endif
439 {
448 else
456 /* We can now allocate the initial TLS block. This can happen
457 on the stack. We'll get the final memory later when we
458 know all about the various objects loaded at startup
459 time. */
460 # if TLS_TCB_AT_TP
462 TLS_INIT_TCB_ALIGN)
463 + TLS_INIT_TCB_SIZE
465 # elif TLS_DTV_AT_TP
470 # else
471 /* In case a model with a different layout for the TCB and DTV
472 is defined add another #elif here and in the following #ifs. */
474 # endif
475 /* Align the TLS block. */
479 /* Initialize the dtv. [0] is the length, [1] the generation
480 counter. */
484 /* Initialize the TLS block. */
485 # if TLS_TCB_AT_TP
487 # elif TLS_DTV_AT_TP
491 # else
493 # endif
496 # ifdef HAVE_BUILTIN_MEMSET
499 # else
500 {
505 }
506 # endif
508 /* Install the pointer to the dtv. */
510 /* Initialize the thread pointer. */
511 # if TLS_TCB_AT_TP
512 bootstrap_map.l_tls_offset
516 initdtv);
520 # elif TLS_DTV_AT_TP
523 # else
525 # endif
528 lossage);
530 /* So far this is module number one. */
533 /* There can only be one PT_TLS entry. */
535 }
538 #ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
540 #endif
543 {
544 /* Relocate ourselves so we can do normal function calls and
545 data access using the global offset table. */
548 }
551 /* Please note that we don't allow profiling of this object and
552 therefore need not test whether we have to allocate the array
553 for the relocation results (as done in dl-reloc.c). */
555 /* Now life is sane; we can call functions and access global data.
556 Set up to use the operating system facilities, and find out from
557 the operating system's program loader where to find the program
558 header table in core. Put the rest of _dl_start into a separate
559 function, that way the compiler cannot put accesses to the GOT
560 before ELF_DYNAMIC_RELOCATE. */
561 {
562 #ifdef DONT_USE_BOOTSTRAP_MAP
564 #else
566 #endif
568 #ifndef ELF_MACHINE_START_ADDRESS
569 # define ELF_MACHINE_START_ADDRESS(map, start) (start)
570 #endif
573 }
574 }
578 /* Now life is peachy; we can do all normal operations.
579 On to the real work. */
581 /* Some helper functions. */
583 /* Arguments to relocate_doit. */
584 struct relocate_args
585 {
588 };
590 struct map_args
591 {
592 /* Argument to map_doit. */
596 /* Return value of map_doit. */
598 };
600 struct dlmopen_args
601 {
604 };
606 struct lookup_args
607 {
611 };
613 /* Arguments to version_check_doit. */
614 struct version_check_args
615 {
618 };
620 static void
622 {
626 }
628 static void
630 {
634 }
636 static void
638 {
644 __environ);
645 }
647 static void
649 {
658 }
660 static void
662 {
666 /* We cannot start the application. Abort now. */
668 }
673 {
681 /* Should never happen. */
683 }
685 static int
687 {
691 #define VERDEFTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERDEF))
693 /* The file has no symbol versioning. */
699 {
702 /* Compare the version strings. */
704 /* Bingo! */
707 /* If no more definitions we failed to find what we want. */
711 /* Next definition. */
713 }
716 }
722 {
723 /* Number of elements in the static TLS block. */
726 /* Do not do this twice. The audit interface might have required
727 the DTV interfaces to be set up early. */
731 /* Allocate the array which contains the information about the
732 dtv slots. We allocate a few entries more than needed to
733 avoid the need for reallocation. */
736 /* Allocate. */
740 /* No need to check the return value. If memory allocation failed
741 the program would have been terminated. */
747 /* Fill in the information from the loaded modules. No namespace
748 but the base one can be filled at this time. */
754 {
755 /* This is a module with TLS data. Store the map reference.
756 The generation counter is zero. */
758 /* slotinfo[i].gen = 0; */
760 }
763 /* Compute the TLS offsets for the various blocks. */
766 /* Construct the static TLS block and the dtv for the initial
767 thread. For some platforms this will include allocating memory
768 for the thread descriptor. The memory for the TLS block will
769 never be freed. It should be allocated accordingly. The dtv
770 array can be changed if dynamic loading requires it. */
776 /* Store for detection of the special case by __tls_get_addr
777 so it knows not to pass this dtv to the normal realloc. */
780 /* And finally install it for the main thread. If ld.so itself uses
781 TLS we know the thread pointer was initialized earlier. */
783 #ifdef USE___THREAD
785 #else
787 #endif
793 }
795 #ifdef _LIBC_REENTRANT
796 /* _dl_error_catch_tsd points to this for the single-threaded case.
797 It's reset by the thread library for multithreaded programs. */
800 {
803 }
804 #endif
807 static unsigned int
809 {
823 {
827 /* No need to call free, this is still before
828 the libc's malloc is used. */
829 }
831 /* It is no duplicate. */
834 /* Nothing loaded. */
836 }
838 #if defined SHARED && defined _LIBC_REENTRANT \
839 && defined __rtld_lock_default_lock_recursive
840 static void
842 {
844 }
846 static void
848 {
850 }
851 #endif
854 static void
856 {
857 /* Set up the stack checker's canary. */
859 #ifdef THREAD_SET_STACK_GUARD
861 #else
863 #endif
865 /* Set up the pointer guard as well, if necessary. */
867 {
869 stack_chk_guard);
870 #ifdef THREAD_SET_POINTER_GUARD
872 #endif
874 }
876 /* We do not need the _dl_random value anymore. The less
877 information we leave behind, the better, so clear the
878 variable. */
880 }
883 /* The library search path. */
885 /* The list preloaded objects. */
887 /* Nonzero if information about versions has to be printed. */
890 static void
895 {
905 #ifndef HP_TIMING_NONAVAIL
906 hp_timing_t start;
907 hp_timing_t stop;
908 hp_timing_t diff;
909 #endif
912 #ifdef _LIBC_REENTRANT
913 /* Explicit initialization since the reloc would just be more work. */
915 #endif
919 #if defined SHARED && defined _LIBC_REENTRANT \
920 && defined __rtld_lock_default_lock_recursive
923 #endif
925 /* The explicit initialization here is cheaper than processing the reloc
926 in the _rtld_local definition's initializer. */
929 /* Process the environment variable which control the behaviour. */
932 #ifndef HAVE_INLINED_SYSCALLS
933 /* Set up a flag which tells we are just starting. */
935 #endif
938 {
939 /* Ho ho. We are not the program interpreter! We are the program
940 itself! This means someone ran ld.so as a command. Well, that
941 might be convenient to do sometimes. We support it by
942 interpreting the args like this:
944 ld.so PROGRAM ARGS...
946 The first argument is the name of a file containing an ELF
947 executable we will load and run with the following arguments.
948 To simplify life here, PROGRAM is searched for using the
949 normal rules for shared objects, rather than $PATH or anything
950 like that. We just load it and use its entry point; we don't
951 pay attention to its PT_INTERP command (we are the interpreter
952 ourselves). This is an easy way to test a new ld.so before
953 installing it. */
956 /* Note the place where the dynamic linker actually came from. */
961 {
968 }
970 {
976 }
979 {
985 }
988 {
994 }
996 {
1002 }
1003 else
1006 /* If we have no further argument the program was called incorrectly.
1007 Grant the user some education. */
1036 /* The initialization of _dl_stack_flags done below assumes the
1037 executable's PT_GNU_STACK may have been honored by the kernel, and
1038 so a PT_GNU_STACK with PF_X set means the stack started out with
1039 execute permission. However, this is not really true if the
1040 dynamic linker is the executable the kernel loaded. For this
1041 case, we must reinitialize _dl_stack_flags to match the dynamic
1042 linker itself. If the dynamic linker was built with a
1043 PT_GNU_STACK, then the kernel may have loaded us with a
1044 nonexecutable stack that we will have to make executable when we
1045 load the program below unless it has a PT_GNU_STACK indicating
1046 nonexecutable stack is ok. */
1050 {
1053 }
1056 {
1068 /* We don't free the returned string, the programs stops
1069 anyway. */
1071 }
1072 else
1073 {
1080 }
1082 /* Now the map for the main executable is available. */
1095 /* We overwrite here a pointer to a malloc()ed string. But since
1096 the malloc() implementation used at this point is the dummy
1097 implementations which has no real free() function it does not
1098 makes sense to free the old string first. */
1102 #ifdef HAVE_AUX_VECTOR
1103 /* Adjust the on-stack auxiliary vector so that it looks like the
1104 binary was executed directly. */
1107 {
1117 }
1118 #endif
1119 }
1120 else
1121 {
1122 /* Create a link_map for the executable itself.
1123 This will be what dlopen on "" returns. */
1131 /* Even though the link map is not yet fully initialized we can add
1132 it to the map list since there are no possible users running yet. */
1136 /* At this point we are in a bit of trouble. We would have to
1137 fill in the values for l_dev and l_ino. But in general we
1138 do not know where the file is. We also do not handle AT_EXECFD
1139 even if it would be passed up.
1141 We leave the values here defined to 0. This is normally no
1142 problem as the program code itself is normally no shared
1143 object and therefore cannot be loaded dynamically. Nothing
1144 prevent the use of dynamic binaries and in these situations
1145 we might get problems. We might not be able to find out
1146 whether the object is already loaded. But since there is no
1147 easy way out and because the dynamic binary must also not
1148 have an SONAME we ignore this program for now. If it becomes
1149 a problem we can force people using SONAMEs. */
1151 /* We delay initializing the path structure until we got the dynamic
1152 information for the program. */
1153 }
1157 /* Perhaps the executable has no PT_LOAD header entries at all. */
1159 /* And it was opened directly. */
1162 /* Scan the program header table for the dynamic section. */
1165 {
1167 /* Find out the load address. */
1171 /* This tells us where to find the dynamic section,
1172 which tells us everything we need to do. */
1176 /* This "interpreter segment" was used by the program loader to
1177 find the program interpreter, which is this program itself, the
1178 dynamic linker. We note what name finds us, so that a future
1179 dlopen call or DT_NEEDED entry, for something that wants to link
1180 against the dynamic linker as a shared library, will know that
1181 the shared object is already loaded. */
1184 /* _dl_rtld_libname.next = NULL; Already zero. */
1187 /* Ordinarilly, we would get additional names for the loader from
1188 our DT_SONAME. This can't happen if we were actually linked as
1189 a static executable (detect this case when we have no DYNAMIC).
1190 If so, assume the filename component of the interpreter path to
1191 be our SONAME, and add it to our name list. */
1193 {
1197 /* Find the filename part of the path. */
1203 {
1205 /* _dl_rtld_libname2.next = NULL; Already zero. */
1207 }
1208 }
1213 {
1217 /* Remember where the main program starts in memory. */
1223 /* Also where it ends. */
1229 }
1234 {
1235 /* Note that in the case the dynamic linker we duplicate work
1236 here since we read the PT_TLS entry already in
1237 _dl_start_final. But the result is repeatable so do not
1238 check for this special but unimportant case. */
1243 else
1249 /* This image gets the ID one. */
1251 }
1262 }
1264 /* Adjust the address of the TLS initialization image in case
1265 the executable is actually an ET_DYN object. */
1267 main_map->l_tls_initimage
1274 {
1275 /* We were invoked directly, so the program might not have a
1276 PT_INTERP. */
1278 /* _dl_rtld_libname.next = NULL; Already zero. */
1280 }
1281 else
1284 /* If the current libname is different from the SONAME, add the
1285 latter as well. */
1290 {
1299 }
1300 /* The ld.so must be relocated since otherwise loading audit modules
1301 will fail since they reuse the very same ld.so. */
1305 {
1306 /* Extract the contents of the dynamic section for easy access. */
1308 /* Set up our cache of pointers into the hash table. */
1310 }
1313 {
1314 /* We were called just to verify that this is a dynamic
1315 executable using us as the program interpreter. Exit with an
1316 error if we were not able to load the binary or no interpreter
1317 is specified (i.e., this is no dynamically linked binary. */
1321 /* We allow here some platform specific code. */
1322 #ifdef DISTINGUISH_LIB_VERSIONS
1323 DISTINGUISH_LIB_VERSIONS;
1324 #endif
1326 }
1329 #if defined NEED_DL_SYSINFO || defined NEED_DL_SYSINFO_DSO
1330 /* Set up the data structures for the system-supplied DSO early,
1331 so they can influence _dl_init_paths. */
1333 {
1334 /* Do an abridged version of the work _dl_map_object_from_fd would do
1335 to map in the object. It's already mapped and prelinked (and
1336 better be, since it's read-only and so we couldn't relocate it).
1337 We just want our data structures to describe it as if we had just
1338 mapped and relocated it normally. */
1342 {
1349 {
1352 {
1355 }
1357 {
1365 }
1366 else
1367 /* There must be no TLS segment. */
1369 }
1379 /* Initialize l_local_scope to contain just this map. This allows
1380 the use of dl_lookup_symbol_x to resolve symbols within the vdso.
1381 So we create a single entry list pointing to l_real as its only
1382 element */
1386 /* Now that we have the info handy, use the DSO image's soname
1387 so this object can be looked up by name. Note that we do not
1388 set l_name here. That field gives the file name of the DSO,
1389 and this DSO is not associated with any file. */
1391 {
1392 /* Work around a kernel problem. The kernel cannot handle
1393 addresses in the vsyscall DSO pages in writev() calls. */
1401 }
1403 /* Add the vDSO to the object list. */
1406 /* Rearrange the list so this DSO appears after rtld_map. */
1413 /* We have a prelinked DSO preloaded by the system. */
1415 # ifdef NEED_DL_SYSINFO
1418 # endif
1419 }
1420 }
1421 #endif
1423 #ifdef DL_SYSDEP_OSCHECK
1425 #endif
1427 /* Initialize the data structures for the search paths for shared
1428 objects. */
1431 /* Initialize _r_debug. */
1433 LM_ID_BASE);
1436 /* Put the link_map for ourselves on the chain so it can be found by
1437 name. Note that at this point the global chain of link maps contains
1438 exactly one element, which is pointed to by dl_loaded. */
1440 /* If not invoked directly, the dynamic linker shared object file was
1441 found by the PT_INTERP name. */
1449 /* If LD_USE_LOAD_BIAS env variable has not been seen, default
1450 to not using bias for non-prelinked PIEs and libraries
1451 and using it for executables or prelinked PIEs or libraries. */
1455 /* Set up the program header information for the dynamic linker
1456 itself. It is needed in the dl_iterate_phdr() callbacks. */
1464 /* PT_GNU_RELRO is usually the last phdr. */
1468 {
1472 }
1474 /* Add the dynamic linker to the TLS list if it also uses TLS. */
1476 /* Assign a module ID. Do this before loading any audit modules. */
1479 /* If we have auditing DSOs to load, do it now. */
1481 {
1482 /* Iterate over all entries in the list. The order is important. */
1486 /* Since we start using the auditing DSOs right away we need to
1487 initialize the data structures now. */
1490 /* Initialize security features. We need to do it this early
1491 since otherwise the constructors of the audit libraries will
1492 use different values (especially the pointer guard) and will
1493 fail later on. */
1496 do
1497 {
1500 /* Now it is time to determine the layout of the static TLS
1501 block and allocate it for the initial thread. Note that we
1502 always allocate the static block, we never defer it even if
1503 no DF_STATIC_TLS bit is set. The reason is that we know
1504 glibc will use the static model. */
1515 {
1516 not_loaded:
1522 }
1523 else
1524 {
1529 /* Check whether the interface version matches. */
1539 {
1540 /* Allocate structure for the callback function pointers.
1541 This call can never fail. */
1542 union
1543 {
1545 #define naudit_ifaces 8
1549 /* Names of the auditing interfaces. All in one
1550 long string. */
1552 "la_activity\0"
1553 "la_objsearch\0"
1554 "la_objopen\0"
1555 "la_preinit\0"
1556 #if __ELF_NATIVE_CLASS == 32
1557 "la_symbind32\0"
1558 #elif __ELF_NATIVE_CLASS == 64
1559 "la_symbind64\0"
1560 #else
1562 #endif
1563 #define STRING(s) __STRING (s)
1569 do
1570 {
1575 /* Store the pointer. */
1577 {
1580 /* The dynamic linker link map is statically
1581 allocated, initialize the data now. */
1584 }
1585 else
1590 }
1594 /* Now append the new auditing interface to the list. */
1598 else
1602 /* Mark the DSO as being used for auditing. */
1604 }
1605 else
1606 {
1607 /* We cannot use the DSO, it does not have the
1608 appropriate interfaces or it expects something
1609 more recent. */
1610 #ifndef NDEBUG
1612 #endif
1615 /* Make sure the namespace has been cleared entirely. */
1621 }
1622 }
1625 }
1628 /* If we have any auditing modules, announce that we already
1629 have two objects loaded. */
1631 {
1635 {
1638 {
1640 {
1647 }
1650 }
1651 }
1652 }
1653 }
1655 /* Set up debugging before the debugger is notified for the first time. */
1656 #ifdef ELF_MACHINE_DEBUG_SETUP
1657 /* Some machines (e.g. MIPS) don't use DT_DEBUG in this way. */
1660 #else
1662 /* There is a DT_DEBUG entry in the dynamic section. Fill it in
1663 with the run-time address of the r_debug structure */
1666 /* Fill in the pointer in the dynamic linker's own dynamic section, in
1667 case you run gdb on the dynamic linker directly. */
1670 #endif
1672 /* We start adding objects. */
1676 /* Auditing checkpoint: we are ready to signal that the initial map
1677 is being constructed. */
1679 {
1682 {
1687 }
1688 }
1690 /* We have two ways to specify objects to preload: via environment
1691 variable and via the file /etc/ld.so.preload. The latter can also
1692 be used when security is enabled. */
1698 {
1699 /* The LD_PRELOAD environment variable gives list of libraries
1700 separated by white space or colons that are loaded before the
1701 executable's dependencies and prepended to the global scope
1702 list. If the binary is running setuid all elements
1703 containing a '/' are ignored since it is insecure. */
1709 /* Prevent optimizing strsep. Speed is not important here. */
1719 }
1721 /* There usually is no ld.so.preload file, it should only be used
1722 for emergencies and testing. So the open call etc should usually
1723 fail. Using access() on a non-existing file is faster than using
1724 open(). So we do this first. If it succeeds we do almost twice
1725 the work but this does not matter, since it is not for production
1726 use. */
1729 {
1730 /* Read the contents of the file. */
1734 {
1735 /* Parse the file. It contains names of libraries to be loaded,
1736 separated by white spaces or `:'. It may also contain
1737 comments introduced by `#'. */
1742 /* Eliminate comments. */
1746 {
1752 do
1755 }
1757 /* We have one problematic case: if we have a name at the end of
1758 the file without a trailing terminating characters, we cannot
1759 place the \0. Handle the case separately. */
1762 {
1771 }
1772 else
1773 {
1776 }
1781 {
1787 }
1790 {
1794 }
1800 /* We don't need the file anymore. */
1802 }
1803 }
1806 {
1807 /* Set up PRELOADS with a vector of the preloaded libraries. */
1811 do
1812 {
1817 }
1819 /* Load all the libraries specified by DT_NEEDED entries. If LD_PRELOAD
1820 specified some libraries to load, these are inserted before the actual
1821 dependencies in the executable's searchlist for symbol resolution. */
1828 /* Mark all objects as being in the global scope. */
1832 /* Remove _dl_rtld_map from the chain. */
1843 {
1844 /* Some DT_NEEDED entry referred to the interpreter object itself, so
1845 put it back in the list of visible objects. We insert it into the
1846 chain in symbol search order because gdb uses the chain's order as
1847 its symbol search order. */
1852 {
1856 #if defined NEED_DL_SYSINFO || defined NEED_DL_SYSINFO_DSO
1861 #endif
1862 }
1863 else
1864 /* In trace mode there might be an invisible object (which we
1865 could not find) after the previous one in the search list.
1866 In this case it doesn't matter much where we put the
1867 interpreter object, so we just initialize the list pointer so
1868 that the assertion below holds. */
1874 {
1877 }
1878 }
1880 /* Now let us see whether all libraries are available in the
1881 versions we need. */
1882 {
1887 }
1889 /* We do not initialize any of the TLS functionality unless any of the
1890 initial modules uses TLS. This makes dynamic loading of modules with
1891 TLS impossible, but to support it requires either eagerly doing setup
1892 now or lazily doing it later. Doing it now makes us incompatible with
1893 an old kernel that can't perform TLS_INIT_TP, even if no TLS is ever
1894 used. Trying to do it lazily is too hairy to try when there could be
1895 multiple threads (from a non-TLS-using libpthread). */
1901 /* Initialize security features. But only if we have not done it
1902 earlier. */
1906 {
1907 /* We were run just to list the shared libraries. It is
1908 important that we do this before real relocation, because the
1909 functions we call below for output may no longer work properly
1910 after relocation. */
1914 {
1918 {
1921 {
1924 }
1941 else
1943 }
1944 }
1946 {
1947 /* Look through the dependencies of the main executable
1948 and determine which of them is not actually
1949 required. */
1952 /* Relocate the main executable. */
1959 /* This loop depends on the dependencies of the executable to
1960 correspond in number and order to the DT_NEEDED entries. */
1964 {
1966 {
1970 {
1972 {
1975 }
1978 }
1979 }
1982 }
1985 }
1988 else
1989 {
1992 /* The library was not found. */
1998 else
2002 }
2006 {
2009 lookup_t result;
2023 }
2024 else
2025 {
2026 /* If LD_WARN is set, warn about undefined symbols. */
2028 {
2029 /* We have to do symbol dependency testing. */
2038 {
2041 {
2045 }
2046 }
2050 {
2051 /* Mark the link map as not yet relocated again. */
2055 }
2056 }
2057 #define VERNEEDTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERNEED))
2059 {
2060 /* Print more information. This means here, print information
2061 about the versions needed. */
2066 {
2078 {
2081 }
2087 {
2095 {
2100 needed))
2111 /* No more symbols. */
2114 /* Next symbol. */
2117 }
2120 /* No more dependencies. */
2123 /* Next dependency. */
2125 }
2126 }
2127 }
2128 }
2131 }
2136 {
2151 {
2157 /* If the library is not mapped where it should, fail. */
2161 /* Next, check if checksum matches. */
2176 }
2185 }
2188 /* Now set up the variable which helps the assembler startup code. */
2191 /* Save the information about the original global scope list since
2192 we need it in the memory handling later. */
2195 /* Remember the last search directory added at startup, now that
2196 malloc will no longer be the one from dl-minimal.c. */
2199 /* Print scope information. */
2201 {
2206 }
2209 {
2211 {
2213 #ifndef HP_TIMING_NONAVAIL
2214 hp_timing_t start;
2215 hp_timing_t stop;
2216 #endif
2228 }
2231 /* Mark all the objects so we know they have been already relocated. */
2233 {
2238 /* Add object to slot information data if necessasy. */
2241 }
2242 }
2243 else
2244 {
2245 /* Now we have all the objects loaded. Relocate them all except for
2246 the dynamic linker itself. We do this in reverse order so that copy
2247 relocs of earlier objects overwrite the data written by later
2248 objects. We do not re-relocate the dynamic linker itself in this
2249 loop because that could result in the GOT entries for functions we
2250 call being changed, and that would break us. It is safe to relocate
2251 the dynamic linker out of order because it has no copy relocs (we
2252 know that because it is self-contained). */
2255 #ifndef HP_TIMING_NONAVAIL
2256 hp_timing_t start;
2257 hp_timing_t stop;
2258 #endif
2260 /* If we are profiling we also must do lazy reloaction. */
2266 {
2269 /* While we are at it, help the memory handling a bit. We have to
2270 mark some data structures as allocated with the fake malloc()
2271 implementation in ld.so. */
2275 {
2278 }
2282 consider_profiling);
2284 /* Add object to slot information data if necessasy. */
2287 }
2292 /* Now enable profiling if needed. Like the previous call,
2293 this has to go here because the calls it makes should use the
2294 rtld versions of the functions (particularly calloc()), but it
2295 needs to have _dl_profile_map set up by the relocator. */
2297 /* We must prepare the profiling. */
2299 }
2301 #ifndef NONTLS_INIT_TP
2302 # define NONTLS_INIT_TP do { } while (0)
2303 #endif
2308 /* Now that we have completed relocation, the initializer data
2309 for the TLS blocks has its final values and we can copy them
2310 into the main thread's TLS area, which we allocated above. */
2313 /* And finally install it for the main thread. If ld.so itself uses
2314 TLS we know the thread pointer was initialized earlier. */
2316 {
2318 #ifdef USE___THREAD
2320 #else
2322 #endif
2325 lossage);
2326 }
2328 /* Make sure no new search directories have been added. */
2332 {
2333 /* There was an explicit ref to the dynamic linker as a shared lib.
2334 Re-relocate ourselves with user-controlled symbol definitions.
2336 We must do this after TLS initialization in case after this
2337 re-relocation, we might call a user-supplied function
2338 (e.g. calloc from _dl_relocate_object) that uses TLS data. */
2340 #ifndef HP_TIMING_NONAVAIL
2341 hp_timing_t start;
2342 hp_timing_t stop;
2343 hp_timing_t add;
2344 #endif
2347 /* Mark the link map as not yet relocated again. */
2353 }
2355 /* Do any necessary cleanups for the startup OS interface code.
2356 We do these now so that no calls are made after rtld re-relocation
2357 which might be resolved to different functions than we expect.
2358 We cannot do this before relocating the other objects because
2359 _dl_relocate_object might need to call `mprotect' for DT_TEXTREL. */
2362 #ifdef SHARED
2363 /* Auditing checkpoint: we have added all objects. */
2365 {
2367 /* Do not call the functions for any auditing object. */
2369 {
2372 {
2377 }
2378 }
2379 }
2380 #endif
2382 /* Notify the debugger all new objects are now ready to go. We must re-get
2383 the address since by now the variable might be in another object. */
2388 #ifndef MAP_COPY
2389 /* We must munmap() the cache file. */
2391 #endif
2393 /* Once we return, _dl_sysdep_start will invoke
2394 the DT_INIT functions and then *USER_ENTRY. */
2395 }
2396 \f
2397 /* This is a little helper function for resolving symbols while
2398 tracing the binary. */
2399 static void
2402 {
2406 }
2407 \f
2408 /* This is a little helper function for resolving symbols while
2409 tracing the binary. */
2410 static void
2413 {
2416 }
2417 \f
2418 /* Nonzero if any of the debugging options is enabled. */
2421 /* Process the string given as the parameter which explains which debugging
2422 options are enabled. */
2423 static void
2425 {
2426 /* When adding new entries make sure that the maximal length of a name
2427 is correctly handled in the LD_DEBUG_HELP code below. */
2428 static const struct
2429 {
2435 {
2436 #define LEN_AND_STR(str) sizeof (str) - 1, str
2450 DL_DEBUG_SCOPES },
2456 DL_DEBUG_STATISTICS },
2458 DL_DEBUG_UNUSED },
2460 DL_DEBUG_HELP },
2461 };
2462 #define ndebopts (sizeof (debopts) / sizeof (debopts[0]))
2464 /* Skip separating white spaces and commas. */
2466 {
2468 {
2479 {
2483 }
2486 {
2487 /* Display a warning and skip everything until next
2488 separator. */
2492 }
2496 }
2499 }
2502 {
2517 }
2518 }
2519 \f
2520 static void
2522 {
2523 /* The parameter is a colon separated list of DSO names. */
2530 {
2531 /* This is using the local malloc, not the system malloc. The
2532 memory can never be freed. */
2538 else
2539 {
2542 }
2543 }
2544 }
2545 \f
2546 /* Process all environments variables the dynamic linker must recognize.
2547 Since all of them start with `LD_' we are a bit smarter while finding
2548 all the entries. */
2552 static void
2554 {
2560 /* This is the default place for profiling data file. */
2565 {
2572 /* This is a "LD_" variable at the end of the string without
2573 a '=' character. Ignore it since otherwise we will access
2574 invalid memory below. */
2578 {
2580 /* Warning level, verbose or not. */
2586 /* Debugging of the dynamic linker? */
2588 {
2591 }
2597 /* Print information about versions. */
2599 {
2602 }
2604 /* List of objects to be preloaded. */
2606 {
2609 }
2611 /* Which shared object shall be profiled. */
2617 /* Do we bind early? */
2619 {
2622 }
2628 /* Test whether we want to see the content of the auxiliary
2629 array passed up from the kernel. */
2636 /* Mask for the important hardware capabilities. */
2643 /* Path where the binary is found. */
2650 /* The library search path. */
2652 {
2655 }
2657 /* Where to place the profiling data file. */
2659 {
2662 }
2670 /* We might have some extra environment variable with length 13
2671 to handle. */
2672 #ifdef EXTRA_LD_ENVVARS_13
2673 EXTRA_LD_ENVVARS_13
2674 #endif
2677 {
2680 }
2687 /* Where to place the profiling data file. */
2695 /* The mode of the dynamic linker can be set. */
2697 {
2702 }
2706 /* The mode of the dynamic linker can be set. */
2711 /* We might have some extra environment variable to handle. This
2712 is tricky due to the pre-processing of the length of the name
2713 in the switch statement here. The code here assumes that added
2714 environment variables have a different length. */
2715 #ifdef EXTRA_LD_ENVVARS
2716 EXTRA_LD_ENVVARS
2717 #endif
2718 }
2719 }
2721 /* The caller wants this information. */
2724 /* Extra security for SUID binaries. Remove all dangerous environment
2725 variables. */
2727 {
2729 #ifdef EXTRA_UNSECURE_ENVVARS
2730 EXTRA_UNSECURE_ENVVARS
2731 #endif
2732 UNSECURE_ENVVARS;
2736 do
2737 {
2739 /* We could use rawmemchr but this need not be fast. */
2741 }
2745 {
2748 }
2752 }
2753 /* If we have to run the dynamic linker in debugging mode and the
2754 LD_DEBUG_OUTPUT environment variable is given, we write the debug
2755 messages to this file. */
2757 {
2758 #ifdef O_NOFOLLOW
2760 #else
2762 #endif
2774 /* We use standard output if opening the file failed. */
2776 }
2777 }
2780 /* Print the various times we collected. */
2781 static void
2784 {
2785 #ifndef HP_TIMING_NONAVAIL
2790 /* Total time rtld used. */
2792 {
2797 /* Print relocation statistics. */
2804 {
2812 }
2816 }
2817 #endif
2821 {
2828 {
2832 num_relative_relocations
2834 #ifndef ELF_MACHINE_REL_RELATIVE
2835 /* Relative relocations are processed on these architectures if
2836 library is loaded to different address than p_vaddr or
2837 if not prelinked. */
2840 #else
2841 /* On e.g. IA-64 or Alpha, relative relocations are processed
2842 only if library is loaded to different address than p_vaddr. */
2844 #endif
2845 num_relative_relocations
2847 }
2848 }
2855 num_relative_relocations);
2857 #ifndef HP_TIMING_NONAVAIL
2858 /* Time spend while loading the object and the dependencies. */
2860 {
2867 {
2875 }
2880 }
2881 #endif
2882 }