Update.
[glibc.git] / elf / dl-load.c
blob098da6c2c5b62863c4b7c47c7e19990ea7463934
1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995,96,97,98,99,2000,2001 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Library General Public License as
7 published by the Free Software Foundation; either version 2 of the
8 License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Library General Public License for more details.
15 You should have received a copy of the GNU Library General Public
16 License along with the GNU C Library; see the file COPYING.LIB. If not,
17 write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA. */
20 #include <elf.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <libintl.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <ldsodefs.h>
28 #include <sys/mman.h>
29 #include <sys/param.h>
30 #include <sys/stat.h>
31 #include <sys/types.h>
32 #include "dynamic-link.h"
33 #include <abi-tag.h>
34 #include <dl-osinfo.h>
36 #include <dl-dst.h>
38 /* On some systems, no flag bits are given to specify file mapping. */
39 #ifndef MAP_FILE
40 # define MAP_FILE 0
41 #endif
43 /* The right way to map in the shared library files is MAP_COPY, which
44 makes a virtual copy of the data at the time of the mmap call; this
45 guarantees the mapped pages will be consistent even if the file is
46 overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we
47 get is MAP_PRIVATE, which copies each page when it is modified; this
48 means if the file is overwritten, we may at some point get some pages
49 from the new version after starting with pages from the old version. */
50 #ifndef MAP_COPY
51 # define MAP_COPY MAP_PRIVATE
52 #endif
54 /* Some systems link their relocatable objects for another base address
55 than 0. We want to know the base address for these such that we can
56 subtract this address from the segment addresses during mapping.
57 This results in a more efficient address space usage. Defaults to
58 zero for almost all systems. */
59 #ifndef MAP_BASE_ADDR
60 # define MAP_BASE_ADDR(l) 0
61 #endif
64 #include <endian.h>
65 #if BYTE_ORDER == BIG_ENDIAN
66 # define byteorder ELFDATA2MSB
67 #elif BYTE_ORDER == LITTLE_ENDIAN
68 # define byteorder ELFDATA2LSB
69 #else
70 # error "Unknown BYTE_ORDER " BYTE_ORDER
71 # define byteorder ELFDATANONE
72 #endif
74 #define STRING(x) __STRING (x)
76 #ifdef MAP_ANON
77 /* The fd is not examined when using MAP_ANON. */
78 # define ANONFD -1
79 #else
80 int _dl_zerofd = -1;
81 # define ANONFD _dl_zerofd
82 #endif
84 /* Handle situations where we have a preferred location in memory for
85 the shared objects. */
86 #ifdef ELF_PREFERRED_ADDRESS_DATA
87 ELF_PREFERRED_ADDRESS_DATA;
88 #endif
89 #ifndef ELF_PREFERRED_ADDRESS
90 # define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref)
91 #endif
92 #ifndef ELF_FIXED_ADDRESS
93 # define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
94 #endif
96 /* Type for the buffer we put the ELF header and hopefully the program
97 header. This buffer does not really have to be too large. In most
98 cases the program header follows the ELF header directly. If this
99 is not the case all bets are off and we can make the header arbitrarily
100 large and still won't get it read. This means the only question is
101 how large are the ELF and program header combined. The ELF header
102 in 64-bit files is 56 bytes long. Each program header entry is again
103 56 bytes long. I.e., even with a file which has 17 program header
104 entries we only have to read 1kB. And 17 program header entries is
105 plenty, normal files have < 10. If this heuristic should really fail
106 for some file the code in `_dl_map_object_from_fd' knows how to
107 recover. */
108 struct filebuf
110 ssize_t len;
111 char buf[1024];
114 size_t _dl_pagesize;
116 unsigned int _dl_osversion;
118 int _dl_clktck;
120 extern const char *_dl_platform;
121 extern size_t _dl_platformlen;
123 /* The object to be initialized first. */
124 struct link_map *_dl_initfirst;
126 /* This is the decomposed LD_LIBRARY_PATH search path. */
127 static struct r_search_path_struct env_path_list;
129 /* List of the hardware capabilities we might end up using. */
130 static const struct r_strlenpair *capstr;
131 static size_t ncapstr;
132 static size_t max_capstrlen;
134 const unsigned char _dl_pf_to_prot[8] =
136 [0] = PROT_NONE,
137 [PF_R] = PROT_READ,
138 [PF_W] = PROT_WRITE,
139 [PF_R | PF_W] = PROT_READ | PROT_WRITE,
140 [PF_X] = PROT_EXEC,
141 [PF_R | PF_X] = PROT_READ | PROT_EXEC,
142 [PF_W | PF_X] = PROT_WRITE | PROT_EXEC,
143 [PF_R | PF_W | PF_X] = PROT_READ | PROT_WRITE | PROT_EXEC
147 /* Get the generated information about the trusted directories. */
148 #include "trusted-dirs.h"
150 static const char system_dirs[] = SYSTEM_DIRS;
151 static const size_t system_dirs_len[] =
153 SYSTEM_DIRS_LEN
155 #define nsystem_dirs_len \
156 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
159 /* Local version of `strdup' function. */
160 static inline char *
161 local_strdup (const char *s)
163 size_t len = strlen (s) + 1;
164 void *new = malloc (len);
166 if (new == NULL)
167 return NULL;
169 return (char *) memcpy (new, s, len);
173 size_t
174 _dl_dst_count (const char *name, int is_path)
176 const char *const start = name;
177 size_t cnt = 0;
181 size_t len = 1;
183 /* $ORIGIN is not expanded for SUID/GUID programs and it must
184 always appear first in path.
186 Note that it is no bug that the string in the second and
187 fourth `strncmp' call is longer than the sequence which is
188 actually tested. */
189 if (((strncmp (&name[1], "{ORIGIN}", 8) == 0 && (len = 9) != 0)
190 || (strncmp (&name[1], "{ORIGIN}" + 1, 6) == 0
191 && (name[7] == '\0' || name[7] == '/'
192 || (is_path && name[7] == ':'))
193 && (len = 7) != 0)))
195 if (__builtin_expect (!__libc_enable_secure, 1)
196 && (name == start || (is_path && name[-1] == ':')))
197 ++cnt;
199 else if ((strncmp (&name[1], "{PLATFORM}", 10) == 0
200 && (len = 11) != 0)
201 || (strncmp (&name[1], "{PLATFORM}" + 1, 8) == 0
202 && (name[9] == '\0' || name[9] == '/'
203 || (is_path && name[9] == ':'))
204 && (len = 9) != 0))
205 ++cnt;
207 name = strchr (name + len, '$');
209 while (name != NULL);
211 return cnt;
215 char *
216 _dl_dst_substitute (struct link_map *l, const char *name, char *result,
217 int is_path)
219 const char *const start = name;
220 char *last_elem, *wp;
222 /* Now fill the result path. While copying over the string we keep
223 track of the start of the last path element. When we come accross
224 a DST we copy over the value or (if the value is not available)
225 leave the entire path element out. */
226 last_elem = wp = result;
230 if (__builtin_expect (*name, 'a') == '$')
232 const char *repl = NULL;
233 size_t len = 1;
235 /* Note that it is no bug that the string in the second and
236 fourth `strncmp' call is longer than the sequence which
237 is actually tested. */
238 if (((strncmp (&name[1], "{ORIGIN}", 8) == 0 && (len = 9) != 0)
239 || (strncmp (&name[1], "{ORIGIN}" + 1, 6) == 0
240 && (name[7] == '\0' || name[7] == '/'
241 || (is_path && name[7] == ':'))
242 && (len = 7) != 0)))
244 if (__builtin_expect (!__libc_enable_secure, 1)
245 && (name == start || (is_path && name[-1] == ':')))
246 repl = l->l_origin;
248 else if ((strncmp (&name[1], "{PLATFORM}", 10) == 0
249 && (len = 11) != 0)
250 || (strncmp (&name[1], "{PLATFORM}" + 1, 8) == 0
251 && (name[9] == '\0' || name[9] == '/' || name[9] == ':')
252 && (len = 9) != 0))
253 repl = _dl_platform;
256 if (repl != NULL && repl != (const char *) -1)
258 wp = __stpcpy (wp, repl);
259 name += len;
261 else if (len > 1)
263 /* We cannot use this path element, the value of the
264 replacement is unknown. */
265 wp = last_elem;
266 name += len;
267 while (*name != '\0' && (!is_path || *name != ':'))
268 ++name;
270 else
271 /* No DST we recognize. */
272 *wp++ = *name++;
274 else
276 *wp++ = *name++;
277 if (is_path && *name == ':')
278 last_elem = wp;
281 while (*name != '\0');
283 *wp = '\0';
285 return result;
289 /* Return copy of argument with all recognized dynamic string tokens
290 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
291 might not be possible to determine the path from which the object
292 belonging to the map is loaded. In this case the path element
293 containing $ORIGIN is left out. */
294 static char *
295 expand_dynamic_string_token (struct link_map *l, const char *s)
297 /* We make two runs over the string. First we determine how large the
298 resulting string is and then we copy it over. Since this is now
299 frequently executed operation we are looking here not for performance
300 but rather for code size. */
301 size_t cnt;
302 size_t total;
303 char *result;
305 /* Determine the number of DST elements. */
306 cnt = DL_DST_COUNT (s, 1);
308 /* If we do not have to replace anything simply copy the string. */
309 if (__builtin_expect (cnt, 0) == 0)
310 return local_strdup (s);
312 /* Determine the length of the substituted string. */
313 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
315 /* Allocate the necessary memory. */
316 result = (char *) malloc (total + 1);
317 if (result == NULL)
318 return NULL;
320 return DL_DST_SUBSTITUTE (l, s, result, 1);
324 /* Add `name' to the list of names for a particular shared object.
325 `name' is expected to have been allocated with malloc and will
326 be freed if the shared object already has this name.
327 Returns false if the object already had this name. */
328 static void
329 internal_function
330 add_name_to_object (struct link_map *l, const char *name)
332 struct libname_list *lnp, *lastp;
333 struct libname_list *newname;
334 size_t name_len;
336 lastp = NULL;
337 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
338 if (strcmp (name, lnp->name) == 0)
339 return;
341 name_len = strlen (name) + 1;
342 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
343 if (newname == NULL)
345 /* No more memory. */
346 _dl_signal_error (ENOMEM, name, N_("cannot allocate name record"));
347 return;
349 /* The object should have a libname set from _dl_new_object. */
350 assert (lastp != NULL);
352 newname->name = memcpy (newname + 1, name, name_len);
353 newname->next = NULL;
354 newname->dont_free = 0;
355 lastp->next = newname;
358 /* All known directories in sorted order. */
359 struct r_search_path_elem *_dl_all_dirs;
361 /* All directories after startup. */
362 struct r_search_path_elem *_dl_init_all_dirs;
364 /* Standard search directories. */
365 static struct r_search_path_struct rtld_search_dirs;
367 static size_t max_dirnamelen;
369 static inline struct r_search_path_elem **
370 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
371 int check_trusted, const char *what, const char *where)
373 char *cp;
374 size_t nelems = 0;
376 while ((cp = __strsep (&rpath, sep)) != NULL)
378 struct r_search_path_elem *dirp;
379 size_t len = strlen (cp);
381 /* `strsep' can pass an empty string. This has to be
382 interpreted as `use the current directory'. */
383 if (len == 0)
385 static const char curwd[] = "./";
386 cp = (char *) curwd;
389 /* Remove trailing slashes (except for "/"). */
390 while (len > 1 && cp[len - 1] == '/')
391 --len;
393 /* Now add one if there is none so far. */
394 if (len > 0 && cp[len - 1] != '/')
395 cp[len++] = '/';
397 /* See if this directory is already known. */
398 for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next)
399 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
400 break;
402 if (dirp != NULL)
404 /* It is available, see whether it's on our own list. */
405 size_t cnt;
406 for (cnt = 0; cnt < nelems; ++cnt)
407 if (result[cnt] == dirp)
408 break;
410 if (cnt == nelems)
411 result[nelems++] = dirp;
413 else
415 size_t cnt;
416 enum r_dir_status init_val;
417 size_t where_len = where ? strlen (where) + 1 : 0;
419 /* It's a new directory. Create an entry and add it. */
420 dirp = (struct r_search_path_elem *)
421 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
422 + where_len + len + 1);
423 if (dirp == NULL)
424 _dl_signal_error (ENOMEM, NULL,
425 N_("cannot create cache for search path"));
427 dirp->dirname = ((char *) dirp + sizeof (*dirp)
428 + ncapstr * sizeof (enum r_dir_status));
429 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
430 dirp->dirnamelen = len;
432 if (len > max_dirnamelen)
433 max_dirnamelen = len;
435 /* Make sure we don't use untrusted directories if we run SUID. */
436 if (__builtin_expect (check_trusted, 0))
438 const char *trun = system_dirs;
439 size_t idx;
441 /* By default we don't trust anything. */
442 init_val = nonexisting;
444 /* All trusted directories must be complete names. */
445 if (cp[0] == '/')
447 for (idx = 0; idx < nsystem_dirs_len; ++idx)
449 if (len == system_dirs_len[idx]
450 && memcmp (trun, cp, len) == 0)
451 /* Found it. */
452 break;
454 trun += system_dirs_len[idx] + 1;
457 if (idx < nsystem_dirs_len)
458 /* It's a trusted directory so allow checking for it. */
459 init_val = unknown;
462 else
463 /* We don't have to check for trusted directories and can
464 accept everything. We have to make sure all the
465 relative directories are never ignored. The current
466 directory might change and all our saved information
467 would be void. */
468 init_val = cp[0] != '/' ? existing : unknown;
470 for (cnt = 0; cnt < ncapstr; ++cnt)
471 dirp->status[cnt] = init_val;
473 dirp->what = what;
474 if (__builtin_expect (where != NULL, 1))
475 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
476 + ncapstr * sizeof (enum r_dir_status),
477 where, where_len);
478 else
479 dirp->where = NULL;
481 dirp->next = _dl_all_dirs;
482 _dl_all_dirs = dirp;
484 /* Put it in the result array. */
485 result[nelems++] = dirp;
489 /* Terminate the array. */
490 result[nelems] = NULL;
492 return result;
496 static void
497 internal_function
498 decompose_rpath (struct r_search_path_struct *sps,
499 const char *rpath, struct link_map *l, const char *what)
501 /* Make a copy we can work with. */
502 const char *where = l->l_name;
503 char *copy;
504 char *cp;
505 struct r_search_path_elem **result;
506 size_t nelems;
508 /* First see whether we must forget the RUNPATH and RPATH from this
509 object. */
510 if (__builtin_expect (_dl_inhibit_rpath != NULL, 0) && !__libc_enable_secure)
512 const char *found = strstr (_dl_inhibit_rpath, where);
513 if (found != NULL)
515 size_t len = strlen (where);
516 if ((found == _dl_inhibit_rpath || found[-1] == ':')
517 && (found[len] == '\0' || found[len] == ':'))
519 /* This object is on the list of objects for which the
520 RUNPATH and RPATH must not be used. */
521 result = (struct r_search_path_elem **)
522 malloc (sizeof (*result));
523 if (result == NULL)
524 _dl_signal_error (ENOMEM, NULL,
525 N_("cannot create cache for search path"));
526 result[0] = NULL;
528 sps->dirs = result;
529 sps->malloced = 1;
531 return;
536 /* Make a writable copy. At the same time expand possible dynamic
537 string tokens. */
538 copy = expand_dynamic_string_token (l, rpath);
539 if (copy == NULL)
540 _dl_signal_error (ENOMEM, NULL, N_("cannot create RUNPATH/RPATH copy"));
542 /* Count the number of necessary elements in the result array. */
543 nelems = 0;
544 for (cp = copy; *cp != '\0'; ++cp)
545 if (*cp == ':')
546 ++nelems;
548 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
549 number of necessary entries. */
550 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
551 * sizeof (*result));
552 if (result == NULL)
553 _dl_signal_error (ENOMEM, NULL, N_("cannot create cache for search path"));
555 fillin_rpath (copy, result, ":", 0, what, where);
557 /* Free the copied RPATH string. `fillin_rpath' make own copies if
558 necessary. */
559 free (copy);
561 sps->dirs = result;
562 /* The caller will change this value if we haven't used a real malloc. */
563 sps->malloced = 1;
567 void
568 internal_function
569 _dl_init_paths (const char *llp)
571 size_t idx;
572 const char *strp;
573 struct r_search_path_elem *pelem, **aelem;
574 size_t round_size;
575 #ifdef SHARED
576 struct link_map *l;
577 #endif
579 /* Fill in the information about the application's RPATH and the
580 directories addressed by the LD_LIBRARY_PATH environment variable. */
582 /* Get the capabilities. */
583 capstr = _dl_important_hwcaps (_dl_platform, _dl_platformlen,
584 &ncapstr, &max_capstrlen);
586 /* First set up the rest of the default search directory entries. */
587 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
588 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
589 if (rtld_search_dirs.dirs == NULL)
590 _dl_signal_error (ENOMEM, NULL, N_("cannot create search path array"));
592 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
593 + ncapstr * sizeof (enum r_dir_status))
594 / sizeof (struct r_search_path_elem));
596 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)
597 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
598 * round_size * sizeof (struct r_search_path_elem));
599 if (rtld_search_dirs.dirs[0] == NULL)
600 _dl_signal_error (ENOMEM, NULL, N_("cannot create cache for search path"));
602 rtld_search_dirs.malloced = 0;
603 pelem = _dl_all_dirs = rtld_search_dirs.dirs[0];
604 strp = system_dirs;
605 idx = 0;
609 size_t cnt;
611 *aelem++ = pelem;
613 pelem->what = "system search path";
614 pelem->where = NULL;
616 pelem->dirname = strp;
617 pelem->dirnamelen = system_dirs_len[idx];
618 strp += system_dirs_len[idx] + 1;
620 /* System paths must be absolute. */
621 assert (pelem->dirname[0] == '/');
622 for (cnt = 0; cnt < ncapstr; ++cnt)
623 pelem->status[cnt] = unknown;
625 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
627 pelem += round_size;
629 while (idx < nsystem_dirs_len);
631 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
632 *aelem = NULL;
634 #ifdef SHARED
635 /* This points to the map of the main object. */
636 l = _dl_loaded;
637 if (l != NULL)
639 assert (l->l_type != lt_loaded);
641 if (l->l_info[DT_RUNPATH])
643 /* Allocate room for the search path and fill in information
644 from RUNPATH. */
645 decompose_rpath (&l->l_runpath_dirs,
646 (const void *) (D_PTR (l, l_info[DT_STRTAB])
647 + l->l_info[DT_RUNPATH]->d_un.d_val),
648 l, "RUNPATH");
650 /* The RPATH is ignored. */
651 l->l_rpath_dirs.dirs = (void *) -1;
653 else
655 l->l_runpath_dirs.dirs = (void *) -1;
657 if (l->l_info[DT_RPATH])
659 /* Allocate room for the search path and fill in information
660 from RPATH. */
661 decompose_rpath (&l->l_rpath_dirs,
662 (const void *) (D_PTR (l, l_info[DT_STRTAB])
663 + l->l_info[DT_RPATH]->d_un.d_val),
664 l, "RPATH");
665 l->l_rpath_dirs.malloced = 0;
667 else
668 l->l_rpath_dirs.dirs = (void *) -1;
671 #endif /* SHARED */
673 if (llp != NULL && *llp != '\0')
675 size_t nllp;
676 const char *cp = llp;
677 char *llp_tmp = strdupa (llp);
679 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
680 elements it has. */
681 nllp = 1;
682 while (*cp)
684 if (*cp == ':' || *cp == ';')
685 ++nllp;
686 ++cp;
689 env_path_list.dirs = (struct r_search_path_elem **)
690 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
691 if (env_path_list.dirs == NULL)
692 _dl_signal_error (ENOMEM, NULL,
693 N_("cannot create cache for search path"));
695 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
696 __libc_enable_secure, "LD_LIBRARY_PATH", NULL);
698 if (env_path_list.dirs[0] == NULL)
700 free (env_path_list.dirs);
701 env_path_list.dirs = (void *) -1;
704 env_path_list.malloced = 0;
706 else
707 env_path_list.dirs = (void *) -1;
709 /* Remember the last search directory added at startup. */
710 _dl_init_all_dirs = _dl_all_dirs;
714 /* Think twice before changing anything in this function. It is placed
715 here and prepared using the `alloca' magic to prevent it from being
716 inlined. The function is only called in case of an error. But then
717 performance does not count. The function used to be "inlinable" and
718 the compiled did so all the time. This increased the code size for
719 absolutely no good reason. */
720 #define LOSE(code, s) lose (code, fd, name, realname, l, s)
721 static void
722 __attribute__ ((noreturn))
723 lose (int code, int fd, const char *name, char *realname, struct link_map *l,
724 const char *msg)
726 /* The use of `alloca' here looks ridiculous but it helps. The goal
727 is to avoid the function from being inlined. There is no official
728 way to do this so we use this trick. gcc never inlines functions
729 which use `alloca'. */
730 int *a = alloca (sizeof (int));
731 a[0] = fd;
732 (void) __close (a[0]);
733 if (l != NULL)
735 /* Remove the stillborn object from the list and free it. */
736 if (l->l_prev)
737 l->l_prev->l_next = l->l_next;
738 if (l->l_next)
739 l->l_next->l_prev = l->l_prev;
740 --_dl_nloaded;
741 free (l);
743 free (realname);
744 _dl_signal_error (code, name, msg);
748 /* Map in the shared object NAME, actually located in REALNAME, and already
749 opened on FD. */
751 #ifndef EXTERNAL_MAP_FROM_FD
752 static
753 #endif
754 struct link_map *
755 _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
756 char *realname, struct link_map *loader, int l_type,
757 int mode)
759 struct link_map *l = NULL;
761 auto inline caddr_t map_segment (ElfW(Addr) mapstart, size_t len,
762 int prot, int fixed, off_t offset);
764 inline caddr_t map_segment (ElfW(Addr) mapstart, size_t len,
765 int prot, int fixed, off_t offset)
767 caddr_t mapat = __mmap ((caddr_t) mapstart, len, prot,
768 fixed|MAP_COPY|MAP_FILE,
769 fd, offset);
770 if (mapat == MAP_FAILED)
771 LOSE (errno, N_("failed to map segment from shared object"));
772 return mapat;
775 const ElfW(Ehdr) *header;
776 const ElfW(Phdr) *phdr;
777 const ElfW(Phdr) *ph;
778 size_t maplength;
779 int type;
780 struct stat64 st;
782 /* Get file information. */
783 if (__fxstat64 (_STAT_VER, fd, &st) < 0)
784 LOSE (errno, N_("cannot stat shared object"));
786 /* Look again to see if the real name matched another already loaded. */
787 for (l = _dl_loaded; l; l = l->l_next)
788 if (l->l_ino == st.st_ino && l->l_dev == st.st_dev)
790 /* The object is already loaded.
791 Just bump its reference count and return it. */
792 __close (fd);
794 /* If the name is not in the list of names for this object add
795 it. */
796 free (realname);
797 add_name_to_object (l, name);
799 return l;
802 if (mode & RTLD_NOLOAD)
803 /* We are not supposed to load the object unless it is already
804 loaded. So return now. */
805 return NULL;
807 /* Print debugging message. */
808 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0))
809 _dl_debug_printf ("file=%s; generating link map\n", name);
811 /* This is the ELF header. We read it in `open_verify'. */
812 header = (void *) fbp->buf;
814 #ifndef MAP_ANON
815 # define MAP_ANON 0
816 if (_dl_zerofd == -1)
818 _dl_zerofd = _dl_sysdep_open_zero_fill ();
819 if (_dl_zerofd == -1)
821 __close (fd);
822 _dl_signal_error (errno, NULL, N_("cannot open zero fill device"));
825 #endif
827 /* Enter the new object in the list of loaded objects. */
828 l = _dl_new_object (realname, name, l_type, loader);
829 if (__builtin_expect (! l, 0))
830 LOSE (ENOMEM, N_("cannot create shared object descriptor"));
832 /* Extract the remaining details we need from the ELF header
833 and then read in the program header table. */
834 l->l_entry = header->e_entry;
835 type = header->e_type;
836 l->l_phnum = header->e_phnum;
838 maplength = header->e_phnum * sizeof (ElfW(Phdr));
839 if (header->e_phoff + maplength <= fbp->len)
840 phdr = (void *) (fbp->buf + header->e_phoff);
841 else
843 phdr = alloca (maplength);
844 __lseek (fd, SEEK_SET, header->e_phoff);
845 if (__libc_read (fd, (void *) phdr, maplength) != maplength)
846 LOSE (errno, N_("cannot read file data"));
850 /* Scan the program header table, collecting its load commands. */
851 struct loadcmd
853 ElfW(Addr) mapstart, mapend, dataend, allocend;
854 off_t mapoff;
855 int prot;
856 } loadcmds[l->l_phnum], *c;
857 size_t nloadcmds = 0;
859 /* The struct is initialized to zero so this is not necessary:
860 l->l_ld = 0;
861 l->l_phdr = 0;
862 l->l_addr = 0; */
863 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
864 switch (ph->p_type)
866 /* These entries tell us where to find things once the file's
867 segments are mapped in. We record the addresses it says
868 verbatim, and later correct for the run-time load address. */
869 case PT_DYNAMIC:
870 l->l_ld = (void *) ph->p_vaddr;
871 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
872 break;
873 case PT_PHDR:
874 l->l_phdr = (void *) ph->p_vaddr;
875 break;
877 case PT_LOAD:
878 /* A load command tells us to map in part of the file.
879 We record the load commands and process them all later. */
880 if (ph->p_align % _dl_pagesize != 0)
881 LOSE (0, N_("ELF load command alignment not page-aligned"));
882 if ((ph->p_vaddr - ph->p_offset) % ph->p_align)
883 LOSE (0,
884 N_("ELF load command address/offset not properly aligned"));
886 struct loadcmd *c = &loadcmds[nloadcmds++];
887 c->mapstart = ph->p_vaddr & ~(ph->p_align - 1);
888 c->mapend = ((ph->p_vaddr + ph->p_filesz + _dl_pagesize - 1)
889 & ~(_dl_pagesize - 1));
890 c->dataend = ph->p_vaddr + ph->p_filesz;
891 c->allocend = ph->p_vaddr + ph->p_memsz;
892 c->mapoff = ph->p_offset & ~(ph->p_align - 1);
894 /* Optimize a common case. */
895 if ((PF_R | PF_W | PF_X) == 7
896 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7)
897 c->prot = _dl_pf_to_prot[ph->p_flags & (PF_R | PF_W | PF_X)];
898 else
900 c->prot = 0;
901 if (ph->p_flags & PF_R)
902 c->prot |= PROT_READ;
903 if (ph->p_flags & PF_W)
904 c->prot |= PROT_WRITE;
905 if (ph->p_flags & PF_X)
906 c->prot |= PROT_EXEC;
909 break;
912 /* Now process the load commands and map segments into memory. */
913 c = loadcmds;
915 /* Length of the sections to be loaded. */
916 maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart;
918 if (__builtin_expect (type, ET_DYN) == ET_DYN)
920 /* This is a position-independent shared object. We can let the
921 kernel map it anywhere it likes, but we must have space for all
922 the segments in their specified positions relative to the first.
923 So we map the first segment without MAP_FIXED, but with its
924 extent increased to cover all the segments. Then we remove
925 access from excess portion, and there is known sufficient space
926 there to remap from the later segments.
928 As a refinement, sometimes we have an address that we would
929 prefer to map such objects at; but this is only a preference,
930 the OS can do whatever it likes. */
931 ElfW(Addr) mappref;
932 mappref = (ELF_PREFERRED_ADDRESS (loader, maplength, c->mapstart)
933 - MAP_BASE_ADDR (l));
935 /* Remember which part of the address space this object uses. */
936 l->l_map_start = (ElfW(Addr)) map_segment (mappref, maplength, c->prot,
937 0, c->mapoff);
938 l->l_map_end = l->l_map_start + maplength;
939 l->l_addr = l->l_map_start - c->mapstart;
941 /* Change protection on the excess portion to disallow all access;
942 the portions we do not remap later will be inaccessible as if
943 unallocated. Then jump into the normal segment-mapping loop to
944 handle the portion of the segment past the end of the file
945 mapping. */
946 __mprotect ((caddr_t) (l->l_addr + c->mapend),
947 loadcmds[nloadcmds - 1].allocend - c->mapend,
950 goto postmap;
952 else
954 /* This object is loaded at a fixed address. This must never
955 happen for objects loaded with dlopen(). */
956 if (__builtin_expect (mode & __RTLD_DLOPEN, 0))
958 LOSE (0, N_("cannot dynamically load executable"));
961 /* Notify ELF_PREFERRED_ADDRESS that we have to load this one
962 fixed. */
963 ELF_FIXED_ADDRESS (loader, c->mapstart);
966 /* Remember which part of the address space this object uses. */
967 l->l_map_start = c->mapstart + l->l_addr;
968 l->l_map_end = l->l_map_start + maplength;
970 while (c < &loadcmds[nloadcmds])
972 if (c->mapend > c->mapstart)
973 /* Map the segment contents from the file. */
974 map_segment (l->l_addr + c->mapstart, c->mapend - c->mapstart,
975 c->prot, MAP_FIXED, c->mapoff);
977 postmap:
978 if (l->l_phdr == 0
979 && c->mapoff <= header->e_phoff
980 && (c->mapend - c->mapstart + c->mapoff
981 >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr))))
982 /* Found the program header in this segment. */
983 l->l_phdr = (void *) (c->mapstart + header->e_phoff - c->mapoff);
985 if (c->allocend > c->dataend)
987 /* Extra zero pages should appear at the end of this segment,
988 after the data mapped from the file. */
989 ElfW(Addr) zero, zeroend, zeropage;
991 zero = l->l_addr + c->dataend;
992 zeroend = l->l_addr + c->allocend;
993 zeropage = (zero + _dl_pagesize - 1) & ~(_dl_pagesize - 1);
995 if (zeroend < zeropage)
996 /* All the extra data is in the last page of the segment.
997 We can just zero it. */
998 zeropage = zeroend;
1000 if (zeropage > zero)
1002 /* Zero the final part of the last page of the segment. */
1003 if ((c->prot & PROT_WRITE) == 0)
1005 /* Dag nab it. */
1006 if (__mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
1007 _dl_pagesize, c->prot|PROT_WRITE) < 0)
1008 LOSE (errno, N_("cannot change memory protections"));
1010 memset ((void *) zero, '\0', zeropage - zero);
1011 if ((c->prot & PROT_WRITE) == 0)
1012 __mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
1013 _dl_pagesize, c->prot);
1016 if (zeroend > zeropage)
1018 /* Map the remaining zero pages in from the zero fill FD. */
1019 caddr_t mapat;
1020 mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage,
1021 c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED,
1022 ANONFD, 0);
1023 if (mapat == MAP_FAILED)
1024 LOSE (errno, N_("cannot map zero-fill pages"));
1028 ++c;
1031 if (l->l_phdr == NULL)
1033 /* The program header is not contained in any of the segments.
1034 We have to allocate memory ourself and copy it over from
1035 out temporary place. */
1036 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1037 * sizeof (ElfW(Phdr)));
1038 if (newp == NULL)
1039 LOSE (ENOMEM, N_("cannot allocate memory for program header"));
1041 l->l_phdr = memcpy (newp, phdr,
1042 (header->e_phnum * sizeof (ElfW(Phdr))));
1043 l->l_phdr_allocated = 1;
1045 else
1046 /* Adjust the PT_PHDR value by the runtime load address. */
1047 (ElfW(Addr)) l->l_phdr += l->l_addr;
1050 /* We are done mapping in the file. We no longer need the descriptor. */
1051 __close (fd);
1053 if (l->l_type == lt_library && type == ET_EXEC)
1054 l->l_type = lt_executable;
1056 if (l->l_ld == 0)
1058 if (type == ET_DYN)
1059 LOSE (0, N_("object file has no dynamic section"));
1061 else
1062 (ElfW(Addr)) l->l_ld += l->l_addr;
1064 l->l_entry += l->l_addr;
1066 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0))
1067 _dl_debug_printf (" dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n"
1068 " entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1069 (int) sizeof (void *) * 2, (unsigned long int) l->l_ld,
1070 (int) sizeof (void *) * 2, (unsigned long int) l->l_addr,
1071 (int) sizeof (void *) * 2, maplength,
1072 (int) sizeof (void *) * 2, (unsigned long int) l->l_entry,
1073 (int) sizeof (void *) * 2, (unsigned long int) l->l_phdr,
1074 (int) sizeof (void *) * 2, l->l_phnum);
1076 elf_get_dynamic_info (l);
1078 /* Make sure we are dlopen()ing an object which has the DF_1_NOOPEN
1079 flag set. */
1080 if (__builtin_expect (l->l_flags_1 & DF_1_NOOPEN, 0)
1081 && (mode & __RTLD_DLOPEN))
1083 /* Remove from the module list. */
1084 assert (l->l_next == NULL);
1085 #ifndef SHARED
1086 if (l->l_prev == NULL)
1087 /* No other module loaded. */
1088 _dl_loaded = NULL;
1089 else
1090 #endif
1091 l->l_prev->l_next = NULL;
1092 --_dl_nloaded;
1094 /* We are not supposed to load this object. Free all resources. */
1095 __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start);
1097 free (l->l_libname);
1099 if (l->l_phdr_allocated)
1100 free ((void *) l->l_phdr);
1102 free (l);
1104 _dl_signal_error (0, name, N_("shared object cannot be dlopen()ed"));
1107 if (l->l_info[DT_HASH])
1108 _dl_setup_hash (l);
1110 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1111 have to do this for the main map. */
1112 if (__builtin_expect (l->l_info[DT_SYMBOLIC] != NULL, 0)
1113 && &l->l_searchlist != l->l_scope[0])
1115 /* Create an appropriate searchlist. It contains only this map.
1117 XXX This is the definition of DT_SYMBOLIC in SysVr4. The old
1118 GNU ld.so implementation had a different interpretation which
1119 is more reasonable. We are prepared to add this possibility
1120 back as part of a GNU extension of the ELF format. */
1121 l->l_symbolic_searchlist.r_list =
1122 (struct link_map **) malloc (sizeof (struct link_map *));
1124 if (l->l_symbolic_searchlist.r_list == NULL)
1125 LOSE (ENOMEM, N_("cannot create searchlist"));
1127 l->l_symbolic_searchlist.r_list[0] = l;
1128 l->l_symbolic_searchlist.r_nlist = 1;
1129 l->l_symbolic_searchlist.r_duplist = l->l_symbolic_searchlist.r_list;
1130 l->l_symbolic_searchlist.r_nduplist = 1;
1132 /* Now move the existing entries one back. */
1133 memmove (&l->l_scope[1], &l->l_scope[0],
1134 sizeof (l->l_scope) - sizeof (l->l_scope[0]));
1136 /* Now add the new entry. */
1137 l->l_scope[0] = &l->l_symbolic_searchlist;
1140 /* Remember whether this object must be initialized first. */
1141 if (__builtin_expect (l->l_flags_1 & DF_1_INITFIRST, 0))
1142 _dl_initfirst = l;
1144 /* Finally the file information. */
1145 l->l_dev = st.st_dev;
1146 l->l_ino = st.st_ino;
1148 return l;
1151 /* Print search path. */
1152 static void
1153 print_search_path (struct r_search_path_elem **list,
1154 const char *what, const char *name)
1156 char buf[max_dirnamelen + max_capstrlen];
1157 int first = 1;
1159 _dl_debug_printf (" search path=");
1161 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1163 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1164 size_t cnt;
1166 for (cnt = 0; cnt < ncapstr; ++cnt)
1167 if ((*list)->status[cnt] != nonexisting)
1169 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1170 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1171 cp[0] = '\0';
1172 else
1173 cp[-1] = '\0';
1174 if (first)
1176 _dl_debug_printf_c ("%s", buf);
1177 first = 0;
1179 else
1180 _dl_debug_printf_c (":%s", buf);
1183 ++list;
1186 if (name != NULL)
1187 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
1188 name[0] ? name : _dl_argv[0]);
1189 else
1190 _dl_debug_printf_c ("\t\t(%s)\n", what);
1193 /* Open a file and verify it is an ELF file for this architecture. We
1194 ignore only ELF files for other architectures. Non-ELF files and
1195 ELF files with different header information cause fatal errors since
1196 this could mean there is something wrong in the installation and the
1197 user might want to know about this. */
1198 static int
1199 open_verify (const char *name, struct filebuf *fbp)
1201 /* This is the expected ELF header. */
1202 #define ELF32_CLASS ELFCLASS32
1203 #define ELF64_CLASS ELFCLASS64
1204 #ifndef VALID_ELF_HEADER
1205 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1206 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1207 # define VALID_ELF_ABIVERSION(ver) (ver == 0)
1208 #endif
1209 static const unsigned char expected[EI_PAD] =
1211 [EI_MAG0] = ELFMAG0,
1212 [EI_MAG1] = ELFMAG1,
1213 [EI_MAG2] = ELFMAG2,
1214 [EI_MAG3] = ELFMAG3,
1215 [EI_CLASS] = ELFW(CLASS),
1216 [EI_DATA] = byteorder,
1217 [EI_VERSION] = EV_CURRENT,
1218 [EI_OSABI] = ELFOSABI_SYSV,
1219 [EI_ABIVERSION] = 0
1221 static const struct {
1222 ElfW(Word) vendorlen, datalen, type;
1223 char vendor[4];
1224 } expected_note = { 4, 16, 1, "GNU" };
1225 int fd;
1227 /* Open the file. We always open files read-only. */
1228 fd = __open (name, O_RDONLY);
1229 if (fd != -1)
1231 ElfW(Ehdr) *ehdr;
1232 ElfW(Phdr) *phdr, *ph;
1233 ElfW(Word) *abi_note, abi_note_buf[8];
1234 unsigned int osversion;
1235 size_t maplength;
1237 /* We successfully openened the file. Now verify it is a file
1238 we can use. */
1239 __set_errno (0);
1240 fbp->len = __libc_read (fd, fbp->buf, sizeof (fbp->buf));
1242 /* This is where the ELF header is loaded. */
1243 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1244 ehdr = (ElfW(Ehdr) *) fbp->buf;
1246 /* Now run the tests. */
1247 if (__builtin_expect (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)), 0))
1248 lose (errno, fd, name, NULL, NULL,
1249 errno == 0 ? N_("file too short") : N_("cannot read file data"));
1251 /* See whether the ELF header is what we expect. */
1252 if (__builtin_expect (! VALID_ELF_HEADER (ehdr->e_ident, expected,
1253 EI_PAD), 0))
1255 /* Something is wrong. */
1256 if (*(Elf32_Word *) &ehdr->e_ident !=
1257 #if BYTE_ORDER == LITTLE_ENDIAN
1258 ((ELFMAG0 << (EI_MAG0 * 8)) |
1259 (ELFMAG1 << (EI_MAG1 * 8)) |
1260 (ELFMAG2 << (EI_MAG2 * 8)) |
1261 (ELFMAG3 << (EI_MAG3 * 8)))
1262 #else
1263 ((ELFMAG0 << (EI_MAG3 * 8)) |
1264 (ELFMAG1 << (EI_MAG2 * 8)) |
1265 (ELFMAG2 << (EI_MAG1 * 8)) |
1266 (ELFMAG3 << (EI_MAG0 * 8)))
1267 #endif
1269 lose (0, fd, name, NULL, NULL, N_("invalid ELF header"));
1271 if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
1272 /* This is not a fatal error. On architectures where
1273 32-bit and 64-bit binaries can be run this might
1274 happen. */
1275 goto close_and_out;
1277 if (ehdr->e_ident[EI_DATA] != byteorder)
1279 if (BYTE_ORDER == BIG_ENDIAN)
1280 lose (0, fd, name, NULL, NULL,
1281 "ELF file data encoding not big-endian");
1282 else
1283 lose (0, fd, name, NULL, NULL,
1284 "ELF file data encoding not little-endian");
1286 if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1287 lose (0, fd, name, NULL, NULL,
1288 N_("ELF file version ident does not match current one"));
1289 /* XXX We should be able so set system specific versions which are
1290 allowed here. */
1291 if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1292 lose (0, fd, name, NULL, NULL, N_("ELF file OS ABI invalid"));
1293 if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_ABIVERSION]))
1294 lose (0, fd, name, NULL, NULL,
1295 N_("ELF file ABI version invalid"));
1296 lose (0, fd, name, NULL, NULL, N_("internal error"));
1299 if (__builtin_expect (ehdr->e_version, EV_CURRENT) != EV_CURRENT)
1300 lose (0, fd, name, NULL, NULL,
1301 N_("ELF file version does not match current one"));
1302 if (! __builtin_expect (elf_machine_matches_host (ehdr), 1))
1303 goto close_and_out;
1304 else if (__builtin_expect (ehdr->e_phentsize, sizeof (ElfW(Phdr)))
1305 != sizeof (ElfW(Phdr)))
1306 lose (0, fd, name, NULL, NULL,
1307 N_("ELF file's phentsize not the expected size"));
1308 else if (__builtin_expect (ehdr->e_type, ET_DYN) != ET_DYN
1309 && __builtin_expect (ehdr->e_type, ET_EXEC) != ET_EXEC)
1310 lose (0, fd, name, NULL, NULL,
1311 N_("only ET_DYN and ET_EXEC can be loaded"));
1313 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
1314 if (ehdr->e_phoff + maplength <= fbp->len)
1315 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1316 else
1318 phdr = alloca (maplength);
1319 __lseek (fd, SEEK_SET, ehdr->e_phoff);
1320 if (__libc_read (fd, (void *) phdr, maplength) != maplength)
1321 lose (errno, fd, name, NULL, NULL, N_("cannot read file data"));
1324 /* Check .note.ABI-tag if present. */
1325 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
1326 if (ph->p_type == PT_NOTE && ph->p_filesz == 32 && ph->p_align >= 4)
1328 if (ph->p_offset + 32 <= fbp->len)
1329 abi_note = (void *) (fbp->buf + ph->p_offset);
1330 else
1332 __lseek (fd, SEEK_SET, ph->p_offset);
1333 if (__libc_read (fd, (void *) abi_note_buf, 32) != 32)
1334 lose (errno, fd, name, NULL, NULL,
1335 N_("cannot read file data"));
1336 abi_note = abi_note_buf;
1339 if (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1340 continue;
1342 osversion = (abi_note[5] & 0xff) * 65536
1343 + (abi_note[6] & 0xff) * 256
1344 + (abi_note[7] & 0xff);
1345 if (abi_note[4] != __ABI_TAG_OS
1346 || (_dl_osversion && _dl_osversion < osversion))
1348 close_and_out:
1349 __close (fd);
1350 __set_errno (ENOENT);
1351 fd = -1;
1354 break;
1358 return fd;
1361 /* Try to open NAME in one of the directories in *DIRSP.
1362 Return the fd, or -1. If successful, fill in *REALNAME
1363 with the malloc'd full directory name. If it turns out
1364 that none of the directories in *DIRSP exists, *DIRSP is
1365 replaced with (void *) -1, and the old value is free()d
1366 if MAY_FREE_DIRS is true. */
1368 static int
1369 open_path (const char *name, size_t namelen, int preloaded,
1370 struct r_search_path_struct *sps, char **realname,
1371 struct filebuf *fbp)
1373 struct r_search_path_elem **dirs = sps->dirs;
1374 char *buf;
1375 int fd = -1;
1376 const char *current_what = NULL;
1377 int any = 0;
1379 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1382 struct r_search_path_elem *this_dir = *dirs;
1383 size_t buflen = 0;
1384 size_t cnt;
1385 char *edp;
1386 int here_any = 0;
1387 int err;
1389 /* If we are debugging the search for libraries print the path
1390 now if it hasn't happened now. */
1391 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0)
1392 && current_what != this_dir->what)
1394 current_what = this_dir->what;
1395 print_search_path (dirs, current_what, this_dir->where);
1398 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1399 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1401 /* Skip this directory if we know it does not exist. */
1402 if (this_dir->status[cnt] == nonexisting)
1403 continue;
1405 buflen =
1406 ((char *) __mempcpy (__mempcpy (edp,
1407 capstr[cnt].str, capstr[cnt].len),
1408 name, namelen)
1409 - buf);
1411 /* Print name we try if this is wanted. */
1412 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1413 _dl_debug_printf (" trying file=%s\n", buf);
1415 fd = open_verify (buf, fbp);
1416 if (this_dir->status[cnt] == unknown)
1418 if (fd != -1)
1419 this_dir->status[cnt] = existing;
1420 else
1422 /* We failed to open machine dependent library. Let's
1423 test whether there is any directory at all. */
1424 struct stat64 st;
1426 buf[buflen - namelen - 1] = '\0';
1428 if (__xstat64 (_STAT_VER, buf, &st) != 0
1429 || ! S_ISDIR (st.st_mode))
1430 /* The directory does not exist or it is no directory. */
1431 this_dir->status[cnt] = nonexisting;
1432 else
1433 this_dir->status[cnt] = existing;
1437 /* Remember whether we found any existing directory. */
1438 here_any |= this_dir->status[cnt] == existing;
1440 if (fd != -1 && __builtin_expect (preloaded, 0)
1441 && __libc_enable_secure)
1443 /* This is an extra security effort to make sure nobody can
1444 preload broken shared objects which are in the trusted
1445 directories and so exploit the bugs. */
1446 struct stat64 st;
1448 if (__fxstat64 (_STAT_VER, fd, &st) != 0
1449 || (st.st_mode & S_ISUID) == 0)
1451 /* The shared object cannot be tested for being SUID
1452 or this bit is not set. In this case we must not
1453 use this object. */
1454 __close (fd);
1455 fd = -1;
1456 /* We simply ignore the file, signal this by setting
1457 the error value which would have been set by `open'. */
1458 errno = ENOENT;
1463 if (fd != -1)
1465 *realname = malloc (buflen);
1466 if (*realname != NULL)
1468 memcpy (*realname, buf, buflen);
1469 return fd;
1471 else
1473 /* No memory for the name, we certainly won't be able
1474 to load and link it. */
1475 __close (fd);
1476 return -1;
1479 if (here_any && (err = errno) != ENOENT && err != EACCES)
1480 /* The file exists and is readable, but something went wrong. */
1481 return -1;
1483 /* Remember whether we found anything. */
1484 any |= here_any;
1486 while (*++dirs != NULL);
1488 /* Remove the whole path if none of the directories exists. */
1489 if (__builtin_expect (! any, 0))
1491 /* Paths which were allocated using the minimal malloc() in ld.so
1492 must not be freed using the general free() in libc. */
1493 if (sps->malloced)
1494 free (sps->dirs);
1495 sps->dirs = (void *) -1;
1498 return -1;
1501 /* Map in the shared object file NAME. */
1503 struct link_map *
1504 internal_function
1505 _dl_map_object (struct link_map *loader, const char *name, int preloaded,
1506 int type, int trace_mode, int mode)
1508 int fd;
1509 char *realname;
1510 char *name_copy;
1511 struct link_map *l;
1512 struct filebuf fb;
1514 /* Look for this name among those already loaded. */
1515 for (l = _dl_loaded; l; l = l->l_next)
1517 /* If the requested name matches the soname of a loaded object,
1518 use that object. Elide this check for names that have not
1519 yet been opened. */
1520 if (__builtin_expect (l->l_faked, 0) != 0)
1521 continue;
1522 if (!_dl_name_match_p (name, l))
1524 const char *soname;
1526 if (__builtin_expect (l->l_soname_added, 1)
1527 || l->l_info[DT_SONAME] == NULL)
1528 continue;
1530 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
1531 + l->l_info[DT_SONAME]->d_un.d_val);
1532 if (strcmp (name, soname) != 0)
1533 continue;
1535 /* We have a match on a new name -- cache it. */
1536 add_name_to_object (l, soname);
1537 l->l_soname_added = 1;
1540 /* We have a match. */
1541 return l;
1544 /* Display information if we are debugging. */
1545 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0) && loader != NULL)
1546 _dl_debug_printf ("\nfile=%s; needed by %s\n", name,
1547 loader->l_name[0] ? loader->l_name : _dl_argv[0]);
1549 if (strchr (name, '/') == NULL)
1551 /* Search for NAME in several places. */
1553 size_t namelen = strlen (name) + 1;
1555 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1556 _dl_debug_printf ("find library=%s; searching\n", name);
1558 fd = -1;
1560 /* When the object has the RUNPATH information we don't use any
1561 RPATHs. */
1562 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
1564 /* First try the DT_RPATH of the dependent object that caused NAME
1565 to be loaded. Then that object's dependent, and on up. */
1566 for (l = loader; fd == -1 && l; l = l->l_loader)
1568 if (l->l_rpath_dirs.dirs == NULL)
1570 if (l->l_info[DT_RPATH] == NULL)
1571 /* There is no path. */
1572 l->l_rpath_dirs.dirs = (void *) -1;
1573 else
1575 /* Make sure the cache information is available. */
1576 size_t ptrval = (D_PTR (l, l_info[DT_STRTAB])
1577 + l->l_info[DT_RPATH]->d_un.d_val);
1578 decompose_rpath (&l->l_rpath_dirs,
1579 (const char *) ptrval, l, "RPATH");
1581 if (l->l_rpath_dirs.dirs != (void *) -1)
1582 fd = open_path (name, namelen, preloaded,
1583 &l->l_rpath_dirs, &realname, &fb);
1586 else if (l->l_rpath_dirs.dirs != (void *) -1)
1587 fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
1588 &realname, &fb);
1591 /* If dynamically linked, try the DT_RPATH of the executable
1592 itself. */
1593 l = _dl_loaded;
1594 if (fd == -1 && l && l->l_type != lt_loaded && l != loader
1595 && l->l_rpath_dirs.dirs != (void *) -1)
1596 fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
1597 &realname, &fb);
1600 /* Try the LD_LIBRARY_PATH environment variable. */
1601 if (fd == -1 && env_path_list.dirs != (void *) -1)
1602 fd = open_path (name, namelen, preloaded, &env_path_list,
1603 &realname, &fb);
1605 /* Look at the RUNPATH information for this binary. */
1606 if (loader != NULL && loader->l_runpath_dirs.dirs != (void *) -1)
1608 if (loader->l_runpath_dirs.dirs == NULL)
1610 if (loader->l_info[DT_RUNPATH] == NULL)
1611 /* No RUNPATH. */
1612 loader->l_runpath_dirs.dirs = (void *) -1;
1613 else
1615 /* Make sure the cache information is available. */
1616 size_t ptrval = (D_PTR (loader, l_info[DT_STRTAB])
1617 + loader->l_info[DT_RUNPATH]->d_un.d_val);
1618 decompose_rpath (&loader->l_runpath_dirs,
1619 (const char *) ptrval, loader, "RUNPATH");
1621 if (loader->l_runpath_dirs.dirs != (void *) -1)
1622 fd = open_path (name, namelen, preloaded,
1623 &loader->l_runpath_dirs, &realname, &fb);
1626 else if (loader->l_runpath_dirs.dirs != (void *) -1)
1627 fd = open_path (name, namelen, preloaded,
1628 &loader->l_runpath_dirs, &realname, &fb);
1631 if (fd == -1
1632 && (__builtin_expect (! preloaded, 1) || ! __libc_enable_secure))
1634 /* Check the list of libraries in the file /etc/ld.so.cache,
1635 for compatibility with Linux's ldconfig program. */
1636 const char *cached = _dl_load_cache_lookup (name);
1638 #ifdef SHARED
1639 l = loader ?: _dl_loaded;
1640 #else
1641 l = loader;
1642 #endif
1644 if (cached)
1646 /* If the loader has the DF_1_NODEFLIB flag set we must not
1647 use a cache entry from any of these directories. */
1648 if (l && __builtin_expect (l->l_flags_1 & DF_1_NODEFLIB, 0))
1650 const char *dirp = system_dirs;
1651 unsigned int cnt = 0;
1655 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
1657 /* The prefix matches. Don't use the entry. */
1658 cached = NULL;
1659 break;
1662 dirp += system_dirs_len[cnt] + 1;
1663 ++cnt;
1665 while (cnt < nsystem_dirs_len);
1668 if (cached)
1670 fd = open_verify (cached, &fb);
1671 if (__builtin_expect (fd, 0) != -1)
1673 realname = local_strdup (cached);
1674 if (realname == NULL)
1676 __close (fd);
1677 fd = -1;
1684 /* Finally, try the default path. */
1685 if (fd == -1
1686 && (l == NULL ||
1687 __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
1688 && rtld_search_dirs.dirs != (void *) -1)
1689 fd = open_path (name, namelen, preloaded, &rtld_search_dirs,
1690 &realname, &fb);
1692 /* Add another newline when we a tracing the library loading. */
1693 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1694 _dl_debug_printf ("\n");
1696 else
1698 /* The path may contain dynamic string tokens. */
1699 realname = (loader
1700 ? expand_dynamic_string_token (loader, name)
1701 : local_strdup (name));
1702 if (realname == NULL)
1703 fd = -1;
1704 else
1706 fd = open_verify (realname, &fb);
1707 if (__builtin_expect (fd, 0) == -1)
1708 free (realname);
1712 if (__builtin_expect (fd, 0) == -1)
1714 if (trace_mode)
1716 /* We haven't found an appropriate library. But since we
1717 are only interested in the list of libraries this isn't
1718 so severe. Fake an entry with all the information we
1719 have. */
1720 static const Elf_Symndx dummy_bucket = STN_UNDEF;
1722 /* Enter the new object in the list of loaded objects. */
1723 if ((name_copy = local_strdup (name)) == NULL
1724 || (l = _dl_new_object (name_copy, name, type, loader)) == NULL)
1725 _dl_signal_error (ENOMEM, name,
1726 N_("cannot create shared object descriptor"));
1727 /* Signal that this is a faked entry. */
1728 l->l_faked = 1;
1729 /* Since the descriptor is initialized with zero we do not
1730 have do this here.
1731 l->l_reserved = 0; */
1732 l->l_buckets = &dummy_bucket;
1733 l->l_nbuckets = 1;
1734 l->l_relocated = 1;
1736 return l;
1738 else
1739 _dl_signal_error (errno, name, N_("cannot open shared object file"));
1742 return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode);