| blob | 882b070cc01f227a5e44e82223b6b6af13afdf0b |
1 /* Run time dynamic linker.
2 Copyright (C) 1995-2020 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <errno.h>
20 #include <dlfcn.h>
21 #include <fcntl.h>
22 #include <stdbool.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <unistd.h>
26 #include <sys/mman.h>
27 #include <sys/param.h>
28 #include <sys/stat.h>
29 #include <ldsodefs.h>
30 #include <_itoa.h>
31 #include <entry.h>
32 #include <fpu_control.h>
33 #include <hp-timing.h>
34 #include <libc-lock.h>
36 #include <dl-librecon.h>
37 #include <unsecvars.h>
38 #include <dl-cache.h>
39 #include <dl-osinfo.h>
40 #include <dl-procinfo.h>
41 #include <dl-prop.h>
42 #include <dl-vdso.h>
43 #include <dl-vdso-setup.h>
44 #include <tls.h>
45 #include <stap-probe.h>
46 #include <stackinfo.h>
47 #include <not-cancel.h>
48 #include <array_length.h>
49 #include <libc-early-init.h>
51 #include <assert.h>
53 /* Only enables rtld profiling for architectures which provides non generic
54 hp-timing support. The generic support requires either syscall
55 (clock_gettime), which will incur in extra overhead on loading time.
56 Using vDSO is also an option, but it will require extra support on loader
57 to setup the vDSO pointer before its usage. */
58 #if HP_TIMING_INLINE
59 # define RLTD_TIMING_DECLARE(var, classifier,...) \
60 classifier hp_timing_t var __VA_ARGS__
61 # define RTLD_TIMING_VAR(var) RLTD_TIMING_DECLARE (var, )
62 # define RTLD_TIMING_SET(var, value) (var) = (value)
63 # define RTLD_TIMING_REF(var) &(var)
67 {
69 }
73 {
74 hp_timing_t stop;
77 }
81 {
82 hp_timing_t stop;
85 }
86 #else
87 # define RLTD_TIMING_DECLARE(var, classifier...)
88 # define RTLD_TIMING_SET(var, value)
89 # define RTLD_TIMING_VAR(var)
90 # define RTLD_TIMING_REF(var) 0
91 # define rtld_timer_start(var)
92 # define rtld_timer_stop(var, start)
93 # define rtld_timer_accum(sum, start)
94 #endif
96 /* Avoid PLT use for our local calls at startup. */
99 /* GCC has mental blocks about _exit. */
101 #define _exit exit_internal
103 /* Helper function to handle errors while resolving symbols. */
107 /* Helper function to handle errors when a version is missing. */
111 /* Print the various times we collected. */
114 /* Length limits for names and paths, to protect the dynamic linker,
115 particularly when __libc_enable_secure is active. */
116 #ifdef NAME_MAX
117 # define SECURE_NAME_LIMIT NAME_MAX
118 #else
119 # define SECURE_NAME_LIMIT 255
120 #endif
121 #ifdef PATH_MAX
122 # define SECURE_PATH_LIMIT PATH_MAX
123 #else
124 # define SECURE_PATH_LIMIT 1024
125 #endif
127 /* Strings containing colon-separated lists of audit modules. */
128 struct audit_list
129 {
130 /* Array of strings containing colon-separated path lists. Each
131 audit module needs its own namespace, so pre-allocate the largest
132 possible list. */
135 /* Number of entries added to audit_strings. */
138 /* Index into the audit_strings array (for the iteration phase). */
141 /* Tail of audit_strings[current_index] which still needs
142 processing. */
145 /* Scratch buffer for returning a name which is part of the strings
146 in audit_strings. */
148 };
150 /* Creates an empty audit list. */
153 /* Add a string to the end of the audit list, for later parsing. Must
154 not be called after audit_list_next. */
157 /* Add the audit strings from the link map, found in the dynamic
158 segment at TG (either DT_AUDIT and DT_DEPAUDIT). Must be called
159 before audit_list_next. */
164 /* Extract the next audit module from the audit list. Only modules
165 for which dso_name_valid_for_suid is true are returned. Must be
166 called after all the audit_list_add_string,
167 audit_list_add_dynamic_tags calls. */
170 /* This is a list of all the modes the dynamic loader can be in. */
173 /* Process all environments variables the dynamic linker must recognize.
174 Since all of them start with `LD_' we are a bit smarter while finding
175 all the entries. */
178 #ifdef DL_ARGV_NOT_RELRO
181 /* Nonzero if we were run directly. */
183 #else
187 #endif
190 #ifndef THREAD_SET_STACK_GUARD
191 /* Only exported for architectures that don't store the stack guard canary
192 in thread local area. */
194 #endif
196 /* Only exported for architectures that don't store the pointer guard
197 value in thread local area. */
198 uintptr_t __pointer_chk_guard_local
200 #ifndef THREAD_SET_POINTER_GUARD
202 #endif
204 /* Check that AT_SECURE=0, or that the passed name does not contain
205 directories and is not overly long. Reject empty names
206 unconditionally. */
207 static bool
209 {
211 {
212 /* Ignore pathnames with directories for AT_SECURE=1
213 programs, and also skip overlong names. */
217 }
219 }
221 static void
223 {
227 }
229 static void
231 {
232 /* Empty strings do not load anything. */
241 /* Initialize processing of the first string for
242 audit_list_next. */
245 }
247 static void
250 {
255 }
259 {
264 {
265 /* Advance to the next string in audit_strings if the current
266 string has been exhausted. */
268 {
271 {
274 }
276 }
278 /* Split the in-string audit list at the next colon colon. */
281 {
284 }
285 else
286 /* Mark the name as unusable for dso_name_valid_for_suid. */
289 /* Skip over the substring and the following delimiter. */
294 /* If the name is valid, return it. */
298 /* Otherwise wrap around to find the next list element. . */
299 }
300 }
302 #ifndef HAVE_INLINED_SYSCALLS
303 /* Set nonzero during loading and initialization of executable and
304 libraries, cleared before the executable's entry point runs. This
305 must not be initialized to nonzero, because the unused dynamic
306 linker loaded in for libc.so's "ld.so.1" dep will provide the
307 definition seen by libc.so's initializer; that value must be zero,
308 and will be since that dynamic linker's _dl_start and dl_main will
309 never be called. */
312 #endif
314 /* This is the structure which defines all variables global to ld.so
315 (except those which cannot be added for some reason). */
317 {
318 /* Get architecture specific initializer. */
319 #include <dl-procruntime.c>
320 /* Generally the default presumption without further information is an
321 * executable stack but this is not true for all platforms. */
323 #ifdef _LIBC_REENTRANT
326 #endif
329 {
330 #ifdef _LIBC_REENTRANT
333 #endif
334 }
335 };
336 /* If we would use strong_alias here the compiler would see a
337 non-hidden definition. This would undo the effect of the previous
338 declaration. So spell out was strong_alias does plus add the
339 visibility attribute. */
344 /* This variable is similar to _rtld_local, but all values are
345 read-only after relocation. */
347 {
348 /* Get architecture specific initializer. */
349 #include <dl-procinfo.c>
350 #ifdef NEED_DL_SYSINFO
352 #endif
356 #if !HAVE_TUNABLES
358 #endif
364 /* Function pointers. */
371 #ifdef HAVE_DL_DISCOVER_OSVERSION
373 #endif
374 };
375 /* If we would use strong_alias here the compiler would see a
376 non-hidden definition. This would undo the effect of the previous
377 declaration. So spell out was strong_alias does plus add the
378 visibility attribute. */
386 /* These two variables cannot be moved into .data.rel.ro. */
390 /* Variable for statistics. */
395 /* Additional definitions needed by TLS initialization. */
396 #ifdef TLS_INIT_HELPER
397 TLS_INIT_HELPER
398 #endif
400 /* Helper function for syscall implementation. */
401 #ifdef DL_SYSINFO_IMPLEMENTATION
402 DL_SYSINFO_IMPLEMENTATION
403 #endif
405 /* Before ld.so is relocated we must not access variables which need
406 relocations. This means variables which are exported. Variables
407 declared as static are fine. If we can mark a variable hidden this
408 is fine, too. The latter is important here. We can avoid setting
409 up a temporary link map for ld.so if we can mark _rtld_global as
410 hidden. */
411 #ifdef PI_STATIC_AND_HIDDEN
412 # define DONT_USE_BOOTSTRAP_MAP 1
413 #endif
415 #ifdef DONT_USE_BOOTSTRAP_MAP
417 #else
418 struct dl_start_final_info
419 {
422 };
425 #endif
427 /* These defined magically in the linker script. */
433 #ifdef RTLD_START
434 RTLD_START
435 #else
437 #endif
439 /* This is the second half of _dl_start (below). It can be inlined safely
440 under DONT_USE_BOOTSTRAP_MAP, where it is careful not to make any GOT
441 references. When the tools don't permit us to avoid using a GOT entry
442 for _dl_rtld_global (no attribute_hidden support), we must make sure
443 this function is not inlined (see below). */
445 #ifdef DONT_USE_BOOTSTRAP_MAP
448 #else
451 #endif
452 {
455 /* If it hasn't happen yet record the startup time. */
457 #if !defined DONT_USE_BOOTSTRAP_MAP
459 #endif
461 /* Transfer data about ourselves to the permanent link_map structure. */
462 #ifndef DONT_USE_BOOTSTRAP_MAP
469 #endif
475 /* Copy the TLS related data if necessary. */
476 #ifndef DONT_USE_BOOTSTRAP_MAP
477 # if NO_TLS_OFFSET != 0
479 # endif
480 #endif
482 /* Initialize the stack end variable. */
485 /* Call the OS-dependent function to set up life so we can do things like
486 file access. It will call `dl_main' (below) to do all the real work
487 of the dynamic linker, and then unwind our frame and run the user
488 entry point on the same stack we entered on. */
492 {
496 }
499 }
503 {
504 #ifdef DONT_USE_BOOTSTRAP_MAP
505 # define bootstrap_map GL(dl_rtld_map)
506 #else
508 # define bootstrap_map info.l
509 #endif
511 /* This #define produces dynamic linking inline functions for
512 bootstrap relocation instead of general-purpose relocation.
513 Since ld.so must not have any undefined symbols the result
514 is trivial: always the map of ld.so itself. */
515 #define RTLD_BOOTSTRAP
516 #define BOOTSTRAP_MAP (&bootstrap_map)
517 #define RESOLVE_MAP(sym, version, flags) BOOTSTRAP_MAP
520 #ifdef DONT_USE_BOOTSTRAP_MAP
522 #else
524 #endif
526 /* Partly clean the `bootstrap_map' structure up. Don't use
527 `memset' since it might not be built in or inlined and we cannot
528 make function calls at this point. Use '__builtin_memset' if we
529 know it is available. We do not have to clear the memory if we
530 do not have to use the temporary bootstrap_map. Global variables
531 are initialized to zero by default. */
532 #ifndef DONT_USE_BOOTSTRAP_MAP
533 # ifdef HAVE_BUILTIN_MEMSET
535 # else
540 # endif
541 #endif
543 /* Figure out the run-time load address of the dynamic linker itself. */
546 /* Read our own dynamic section and fill in the info array. */
550 #if NO_TLS_OFFSET != 0
552 #endif
554 #ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
556 #endif
559 {
560 /* Relocate ourselves so we can do normal function calls and
561 data access using the global offset table. */
564 }
567 /* Please note that we don't allow profiling of this object and
568 therefore need not test whether we have to allocate the array
569 for the relocation results (as done in dl-reloc.c). */
571 /* Now life is sane; we can call functions and access global data.
572 Set up to use the operating system facilities, and find out from
573 the operating system's program loader where to find the program
574 header table in core. Put the rest of _dl_start into a separate
575 function, that way the compiler cannot put accesses to the GOT
576 before ELF_DYNAMIC_RELOCATE. */
580 {
581 #ifdef DONT_USE_BOOTSTRAP_MAP
583 #else
585 #endif
587 #ifndef ELF_MACHINE_START_ADDRESS
588 # define ELF_MACHINE_START_ADDRESS(map, start) (start)
589 #endif
592 }
593 }
597 /* Now life is peachy; we can do all normal operations.
598 On to the real work. */
600 /* Some helper functions. */
602 /* Arguments to relocate_doit. */
603 struct relocate_args
604 {
607 };
609 struct map_args
610 {
611 /* Argument to map_doit. */
615 /* Return value of map_doit. */
617 };
619 struct dlmopen_args
620 {
623 };
625 struct lookup_args
626 {
630 };
632 /* Arguments to version_check_doit. */
633 struct version_check_args
634 {
637 };
639 static void
641 {
645 }
647 static void
649 {
654 }
656 static void
658 {
664 __environ);
665 }
667 static void
669 {
678 }
680 static void
682 {
686 /* We cannot start the application. Abort now. */
688 }
693 {
701 /* Should never happen. */
703 }
705 static int
707 {
711 #define VERDEFTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERDEF))
713 /* The file has no symbol versioning. */
719 {
722 /* Compare the version strings. */
724 /* Bingo! */
727 /* If no more definitions we failed to find what we want. */
731 /* Next definition. */
733 }
736 }
742 {
743 /* Number of elements in the static TLS block. */
746 /* Do not do this twice. The audit interface might have required
747 the DTV interfaces to be set up early. */
751 /* Allocate the array which contains the information about the
752 dtv slots. We allocate a few entries more than needed to
753 avoid the need for reallocation. */
756 /* Allocate. */
760 /* No need to check the return value. If memory allocation failed
761 the program would have been terminated. */
767 /* Fill in the information from the loaded modules. No namespace
768 but the base one can be filled at this time. */
774 {
775 /* This is a module with TLS data. Store the map reference.
776 The generation counter is zero. */
778 /* slotinfo[i].gen = 0; */
780 }
783 /* Compute the TLS offsets for the various blocks. */
786 /* Construct the static TLS block and the dtv for the initial
787 thread. For some platforms this will include allocating memory
788 for the thread descriptor. The memory for the TLS block will
789 never be freed. It should be allocated accordingly. The dtv
790 array can be changed if dynamic loading requires it. */
796 /* Store for detection of the special case by __tls_get_addr
797 so it knows not to pass this dtv to the normal realloc. */
800 /* And finally install it for the main thread. */
807 }
809 static unsigned int
811 {
825 {
829 /* No need to call free, this is still before
830 the libc's malloc is used. */
831 }
833 /* It is no duplicate. */
836 /* Nothing loaded. */
838 }
840 #if defined SHARED && defined _LIBC_REENTRANT \
841 && defined __rtld_lock_default_lock_recursive
842 static void
844 {
846 }
848 static void
850 {
852 }
853 #endif
856 static void
858 {
859 /* Set up the stack checker's canary. */
861 #ifdef THREAD_SET_STACK_GUARD
863 #else
865 #endif
867 /* Set up the pointer guard as well, if necessary. */
868 uintptr_t pointer_chk_guard
870 #ifdef THREAD_SET_POINTER_GUARD
872 #endif
875 /* We do not need the _dl_random value anymore. The less
876 information we leave behind, the better, so clear the
877 variable. */
879 }
881 #include <setup-vdso.h>
883 /* The library search path. */
885 /* The list preloaded objects. */
887 /* Nonzero if information about versions has to be printed. */
889 /* The preload list passed as a command argument. */
892 /* The LD_PRELOAD environment variable gives list of libraries
893 separated by white space or colons that are loaded before the
894 executable's dependencies and prepended to the global scope list.
895 (If the binary is running setuid all elements containing a '/' are
896 ignored since it is insecure.) Return the number of preloads
897 performed. Ditto for --preload command argument. */
898 unsigned int
901 {
907 {
908 /* Split preload list at space/colon. */
911 {
914 }
915 else
918 /* Skip over the substring and the following delimiter. */
925 }
927 }
929 /* Called if the audit DSO cannot be used: if it does not have the
930 appropriate interfaces, or it expects a more recent version library
931 version than what the dynamic linker provides. */
932 static void
934 {
935 #ifndef NDEBUG
937 #endif
940 /* Make sure the namespace has been cleared entirely. */
945 }
947 /* Called to print an error message if loading of an audit module
948 failed. */
949 static void
952 {
958 }
960 /* Load one audit module. */
961 static void
963 {
975 {
978 }
985 {
989 }
993 /* A null symbol indicates that something is very wrong with the
994 loaded object because defined symbols are supposed to have a
995 valid, non-null address. */
1000 {
1001 /* Only print an error message if debugging because this can
1002 happen deliberately. */
1009 }
1012 {
1018 }
1021 union
1022 {
1029 /* Names of the auditing interfaces. All in one
1030 long string. */
1032 "la_activity\0"
1033 "la_objsearch\0"
1034 "la_objopen\0"
1035 "la_preinit\0"
1036 #if __ELF_NATIVE_CLASS == 32
1037 "la_symbind32\0"
1038 #elif __ELF_NATIVE_CLASS == 64
1039 "la_symbind64\0"
1040 #else
1042 #endif
1043 #define STRING(s) __STRING (s)
1049 do
1050 {
1054 /* Store the pointer. */
1057 else
1062 }
1066 /* Now append the new auditing interface to the list. */
1070 else
1073 /* The dynamic linker link map is statically allocated, so the
1074 cookie in _dl_new_object has not happened. */
1080 /* Mark the DSO as being used for auditing. */
1082 }
1084 /* Notify the the audit modules that the object MAP has already been
1085 loaded. */
1086 static void
1088 {
1091 {
1093 {
1097 }
1100 }
1101 }
1103 /* Load all audit modules. */
1104 static void
1106 {
1110 {
1115 }
1117 /* Notify audit modules of the initially loaded modules (the main
1118 program and the dynamic linker itself). */
1120 {
1123 }
1124 }
1126 static void
1131 {
1148 #if defined SHARED && defined _LIBC_REENTRANT \
1149 && defined __rtld_lock_default_lock_recursive
1152 #endif
1154 /* The explicit initialization here is cheaper than processing the reloc
1155 in the _rtld_local definition's initializer. */
1158 /* Process the environment variable which control the behaviour. */
1161 #ifndef HAVE_INLINED_SYSCALLS
1162 /* Set up a flag which tells we are just starting. */
1164 #endif
1167 {
1168 /* Ho ho. We are not the program interpreter! We are the program
1169 itself! This means someone ran ld.so as a command. Well, that
1170 might be convenient to do sometimes. We support it by
1171 interpreting the args like this:
1173 ld.so PROGRAM ARGS...
1175 The first argument is the name of a file containing an ELF
1176 executable we will load and run with the following arguments.
1177 To simplify life here, PROGRAM is searched for using the
1178 normal rules for shared objects, rather than $PATH or anything
1179 like that. We just load it and use its entry point; we don't
1180 pay attention to its PT_INTERP command (we are the interpreter
1181 ourselves). This is an easy way to test a new ld.so before
1182 installing it. */
1185 /* Note the place where the dynamic linker actually came from. */
1190 {
1197 }
1199 {
1205 }
1207 {
1212 }
1215 {
1221 }
1224 {
1230 }
1232 {
1238 }
1240 {
1245 }
1246 else
1249 /* If we have no further argument the program was called incorrectly.
1250 Grant the user some education. */
1281 /* The initialization of _dl_stack_flags done below assumes the
1282 executable's PT_GNU_STACK may have been honored by the kernel, and
1283 so a PT_GNU_STACK with PF_X set means the stack started out with
1284 execute permission. However, this is not really true if the
1285 dynamic linker is the executable the kernel loaded. For this
1286 case, we must reinitialize _dl_stack_flags to match the dynamic
1287 linker itself. If the dynamic linker was built with a
1288 PT_GNU_STACK, then the kernel may have loaded us with a
1289 nonexecutable stack that we will have to make executable when we
1290 load the program below unless it has a PT_GNU_STACK indicating
1291 nonexecutable stack is ok. */
1295 {
1298 }
1301 {
1313 /* We don't free the returned string, the programs stops
1314 anyway. */
1316 }
1317 else
1318 {
1324 }
1326 /* Now the map for the main executable is available. */
1340 /* We overwrite here a pointer to a malloc()ed string. But since
1341 the malloc() implementation used at this point is the dummy
1342 implementations which has no real free() function it does not
1343 makes sense to free the old string first. */
1347 #ifdef HAVE_AUX_VECTOR
1348 /* Adjust the on-stack auxiliary vector so that it looks like the
1349 binary was executed directly. */
1352 {
1365 }
1366 #endif
1367 }
1368 else
1369 {
1370 /* Create a link_map for the executable itself.
1371 This will be what dlopen on "" returns. */
1379 /* Even though the link map is not yet fully initialized we can add
1380 it to the map list since there are no possible users running yet. */
1384 /* At this point we are in a bit of trouble. We would have to
1385 fill in the values for l_dev and l_ino. But in general we
1386 do not know where the file is. We also do not handle AT_EXECFD
1387 even if it would be passed up.
1389 We leave the values here defined to 0. This is normally no
1390 problem as the program code itself is normally no shared
1391 object and therefore cannot be loaded dynamically. Nothing
1392 prevent the use of dynamic binaries and in these situations
1393 we might get problems. We might not be able to find out
1394 whether the object is already loaded. But since there is no
1395 easy way out and because the dynamic binary must also not
1396 have an SONAME we ignore this program for now. If it becomes
1397 a problem we can force people using SONAMEs. */
1399 /* We delay initializing the path structure until we got the dynamic
1400 information for the program. */
1401 }
1405 /* Perhaps the executable has no PT_LOAD header entries at all. */
1407 /* And it was opened directly. */
1410 /* Scan the program header table for the dynamic section. */
1413 {
1415 /* Find out the load address. */
1419 /* This tells us where to find the dynamic section,
1420 which tells us everything we need to do. */
1424 /* This "interpreter segment" was used by the program loader to
1425 find the program interpreter, which is this program itself, the
1426 dynamic linker. We note what name finds us, so that a future
1427 dlopen call or DT_NEEDED entry, for something that wants to link
1428 against the dynamic linker as a shared library, will know that
1429 the shared object is already loaded. */
1432 /* _dl_rtld_libname.next = NULL; Already zero. */
1435 /* Ordinarilly, we would get additional names for the loader from
1436 our DT_SONAME. This can't happen if we were actually linked as
1437 a static executable (detect this case when we have no DYNAMIC).
1438 If so, assume the filename component of the interpreter path to
1439 be our SONAME, and add it to our name list. */
1441 {
1445 /* Find the filename part of the path. */
1451 {
1453 /* _dl_rtld_libname2.next = NULL; Already zero. */
1455 }
1456 }
1461 {
1465 /* Remember where the main program starts in memory. */
1471 /* Also where it ends. */
1477 }
1482 {
1483 /* Note that in the case the dynamic linker we duplicate work
1484 here since we read the PT_TLS entry already in
1485 _dl_start_final. But the result is repeatable so do not
1486 check for this special but unimportant case. */
1491 else
1497 /* This image gets the ID one. */
1499 }
1516 }
1518 /* Adjust the address of the TLS initialization image in case
1519 the executable is actually an ET_DYN object. */
1521 main_map->l_tls_initimage
1528 {
1529 /* We were invoked directly, so the program might not have a
1530 PT_INTERP. */
1532 /* _dl_rtld_libname.next = NULL; Already zero. */
1534 }
1535 else
1538 /* If the current libname is different from the SONAME, add the
1539 latter as well. */
1544 {
1553 }
1554 /* The ld.so must be relocated since otherwise loading audit modules
1555 will fail since they reuse the very same ld.so. */
1559 {
1560 /* Extract the contents of the dynamic section for easy access. */
1562 /* Set up our cache of pointers into the hash table. */
1564 }
1567 {
1568 /* We were called just to verify that this is a dynamic
1569 executable using us as the program interpreter. Exit with an
1570 error if we were not able to load the binary or no interpreter
1571 is specified (i.e., this is no dynamically linked binary. */
1575 /* We allow here some platform specific code. */
1576 #ifdef DISTINGUISH_LIB_VERSIONS
1577 DISTINGUISH_LIB_VERSIONS;
1578 #endif
1580 }
1583 /* Set up the data structures for the system-supplied DSO early,
1584 so they can influence _dl_init_paths. */
1587 /* With vDSO setup we can initialize the function pointers. */
1590 #ifdef DL_SYSDEP_OSCHECK
1592 #endif
1594 /* Initialize the data structures for the search paths for shared
1595 objects. */
1598 /* Initialize _r_debug. */
1600 LM_ID_BASE);
1603 /* Put the link_map for ourselves on the chain so it can be found by
1604 name. Note that at this point the global chain of link maps contains
1605 exactly one element, which is pointed to by dl_loaded. */
1607 /* If not invoked directly, the dynamic linker shared object file was
1608 found by the PT_INTERP name. */
1616 /* If LD_USE_LOAD_BIAS env variable has not been seen, default
1617 to not using bias for non-prelinked PIEs and libraries
1618 and using it for executables or prelinked PIEs or libraries. */
1622 /* Set up the program header information for the dynamic linker
1623 itself. It is needed in the dl_iterate_phdr callbacks. */
1626 /* Starting from binutils-2.23, the linker will define the magic symbol
1627 __ehdr_start to point to our own ELF header if it is visible in a
1628 segment that also includes the phdrs. If that's not available, we use
1629 the old method that assumes the beginning of the file is part of the
1630 lowest-addressed PT_LOAD segment. */
1631 #ifdef HAVE_EHDR_START
1634 #else
1636 #endif
1646 /* PT_GNU_RELRO is usually the last phdr. */
1650 {
1654 }
1656 /* Add the dynamic linker to the TLS list if it also uses TLS. */
1658 /* Assign a module ID. Do this before loading any audit modules. */
1664 /* If we have auditing DSOs to load, do it now. */
1667 {
1668 /* Since we start using the auditing DSOs right away we need to
1669 initialize the data structures now. */
1672 /* Initialize security features. We need to do it this early
1673 since otherwise the constructors of the audit libraries will
1674 use different values (especially the pointer guard) and will
1675 fail later on. */
1680 }
1682 /* Keep track of the currently loaded modules to count how many
1683 non-audit modules which use TLS are loaded. */
1686 /* Set up debugging before the debugger is notified for the first time. */
1687 #ifdef ELF_MACHINE_DEBUG_SETUP
1688 /* Some machines (e.g. MIPS) don't use DT_DEBUG in this way. */
1691 #else
1693 /* There is a DT_DEBUG entry in the dynamic section. Fill it in
1694 with the run-time address of the r_debug structure */
1697 /* Fill in the pointer in the dynamic linker's own dynamic section, in
1698 case you run gdb on the dynamic linker directly. */
1701 #endif
1703 /* We start adding objects. */
1708 /* Auditing checkpoint: we are ready to signal that the initial map
1709 is being constructed. */
1711 {
1714 {
1717 LA_ACT_ADD);
1720 }
1721 }
1723 /* We have two ways to specify objects to preload: via environment
1724 variable and via the file /etc/ld.so.preload. The latter can also
1725 be used when security is enabled. */
1731 {
1736 }
1739 {
1744 }
1746 /* There usually is no ld.so.preload file, it should only be used
1747 for emergencies and testing. So the open call etc should usually
1748 fail. Using access() on a non-existing file is faster than using
1749 open(). So we do this first. If it succeeds we do almost twice
1750 the work but this does not matter, since it is not for production
1751 use. */
1754 {
1755 /* Read the contents of the file. */
1759 {
1760 /* Parse the file. It contains names of libraries to be loaded,
1761 separated by white spaces or `:'. It may also contain
1762 comments introduced by `#'. */
1767 /* Eliminate comments. */
1771 {
1777 do
1780 }
1782 /* We have one problematic case: if we have a name at the end of
1783 the file without a trailing terminating characters, we cannot
1784 place the \0. Handle the case separately. */
1787 {
1796 }
1797 else
1798 {
1801 }
1807 {
1813 }
1816 {
1820 }
1824 /* We don't need the file anymore. */
1826 }
1827 }
1830 {
1831 /* Set up PRELOADS with a vector of the preloaded libraries. */
1835 do
1836 {
1841 }
1843 /* Load all the libraries specified by DT_NEEDED entries. If LD_PRELOAD
1844 specified some libraries to load, these are inserted before the actual
1845 dependencies in the executable's searchlist for symbol resolution. */
1846 {
1851 }
1853 /* Mark all objects as being in the global scope. */
1857 /* Remove _dl_rtld_map from the chain. */
1868 {
1869 /* Some DT_NEEDED entry referred to the interpreter object itself, so
1870 put it back in the list of visible objects. We insert it into the
1871 chain in symbol search order because gdb uses the chain's order as
1872 its symbol search order. */
1877 {
1881 #ifdef NEED_DL_SYSINFO_DSO
1886 #endif
1887 }
1888 else
1889 /* In trace mode there might be an invisible object (which we
1890 could not find) after the previous one in the search list.
1891 In this case it doesn't matter much where we put the
1892 interpreter object, so we just initialize the list pointer so
1893 that the assertion below holds. */
1899 {
1902 }
1903 }
1905 /* Now let us see whether all libraries are available in the
1906 versions we need. */
1907 {
1912 }
1914 /* We do not initialize any of the TLS functionality unless any of the
1915 initial modules uses TLS. This makes dynamic loading of modules with
1916 TLS impossible, but to support it requires either eagerly doing setup
1917 now or lazily doing it later. Doing it now makes us incompatible with
1918 an old kernel that can't perform TLS_INIT_TP, even if no TLS is ever
1919 used. Trying to do it lazily is too hairy to try when there could be
1920 multiple threads (from a non-TLS-using libpthread). */
1926 /* Initialize security features. But only if we have not done it
1927 earlier. */
1931 {
1932 /* We were run just to list the shared libraries. It is
1933 important that we do this before real relocation, because the
1934 functions we call below for output may no longer work properly
1935 after relocation. */
1939 {
1943 {
1946 {
1949 }
1964 else
1966 }
1967 }
1969 {
1970 /* Look through the dependencies of the main executable
1971 and determine which of them is not actually
1972 required. */
1975 /* Relocate the main executable. */
1982 /* This loop depends on the dependencies of the executable to
1983 correspond in number and order to the DT_NEEDED entries. */
1987 {
1989 {
1991 #ifdef NEED_DL_SYSINFO_DSO
1992 /* Skip the VDSO since it's not part of the list
1993 of objects we brought in via DT_NEEDED entries. */
1996 #endif
1998 {
2000 {
2003 }
2006 }
2007 }
2010 }
2013 }
2016 else
2017 {
2020 /* The library was not found. */
2026 else
2030 }
2034 {
2037 lookup_t result;
2051 }
2052 else
2053 {
2054 /* If LD_WARN is set, warn about undefined symbols. */
2056 {
2057 /* We have to do symbol dependency testing. */
2066 {
2069 {
2073 }
2074 }
2078 {
2079 /* Mark the link map as not yet relocated again. */
2083 }
2084 }
2085 #define VERNEEDTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERNEED))
2087 {
2088 /* Print more information. This means here, print information
2089 about the versions needed. */
2094 {
2106 {
2109 }
2114 {
2122 {
2127 needed))
2138 /* No more symbols. */
2141 /* Next symbol. */
2144 }
2147 /* No more dependencies. */
2150 /* Next dependency. */
2152 }
2153 }
2154 }
2155 }
2158 }
2163 {
2178 {
2184 /* If the library is not mapped where it should, fail. */
2188 /* Next, check if checksum matches. */
2203 }
2212 }
2215 /* Now set up the variable which helps the assembler startup code. */
2218 /* Save the information about the original global scope list since
2219 we need it in the memory handling later. */
2222 /* Remember the last search directory added at startup, now that
2223 malloc will no longer be the one from dl-minimal.c. As a side
2224 effect, this marks ld.so as initialized, so that the rtld_active
2225 function returns true from now on. */
2228 /* Print scope information. */
2230 {
2235 }
2240 {
2242 {
2257 }
2259 /* The library defining malloc has already been relocated due to
2260 prelinking. Resolve the malloc symbols for the dynamic
2261 loader. */
2264 /* Mark all the objects so we know they have been already relocated. */
2266 {
2271 /* Add object to slot information data if necessasy. */
2274 }
2275 }
2276 else
2277 {
2278 /* Now we have all the objects loaded. Relocate them all except for
2279 the dynamic linker itself. We do this in reverse order so that copy
2280 relocs of earlier objects overwrite the data written by later
2281 objects. We do not re-relocate the dynamic linker itself in this
2282 loop because that could result in the GOT entries for functions we
2283 call being changed, and that would break us. It is safe to relocate
2284 the dynamic linker out of order because it has no copy relocs (we
2285 know that because it is self-contained). */
2289 /* If we are profiling we also must do lazy reloaction. */
2296 {
2299 /* While we are at it, help the memory handling a bit. We have to
2300 mark some data structures as allocated with the fake malloc()
2301 implementation in ld.so. */
2305 {
2308 }
2309 /* Also allocated with the fake malloc(). */
2314 consider_profiling);
2316 /* Add object to slot information data if necessasy. */
2319 }
2322 /* Now enable profiling if needed. Like the previous call,
2323 this has to go here because the calls it makes should use the
2324 rtld versions of the functions (particularly calloc()), but it
2325 needs to have _dl_profile_map set up by the relocator. */
2327 /* We must prepare the profiling. */
2329 }
2335 /* Now that we have completed relocation, the initializer data
2336 for the TLS blocks has its final values and we can copy them
2337 into the main thread's TLS area, which we allocated above.
2338 Note: thread-local variables must only be accessed after completing
2339 the next step. */
2342 /* And finally install it for the main thread. */
2344 {
2348 lossage);
2349 }
2351 /* Make sure no new search directories have been added. */
2355 {
2356 /* There was an explicit ref to the dynamic linker as a shared lib.
2357 Re-relocate ourselves with user-controlled symbol definitions.
2359 We must do this after TLS initialization in case after this
2360 re-relocation, we might call a user-supplied function
2361 (e.g. calloc from _dl_relocate_object) that uses TLS data. */
2363 /* The malloc implementation has been relocated, so resolving
2364 its symbols (and potentially calling IFUNC resolvers) is safe
2365 at this point. */
2371 /* Mark the link map as not yet relocated again. */
2376 }
2378 /* Relocation is complete. Perform early libc initialization. This
2379 is the initial libc, even if audit modules have been loaded with
2380 other libcs. */
2383 /* Do any necessary cleanups for the startup OS interface code.
2384 We do these now so that no calls are made after rtld re-relocation
2385 which might be resolved to different functions than we expect.
2386 We cannot do this before relocating the other objects because
2387 _dl_relocate_object might need to call `mprotect' for DT_TEXTREL. */
2390 #ifdef SHARED
2391 /* Auditing checkpoint: we have added all objects. */
2393 {
2395 /* Do not call the functions for any auditing object. */
2397 {
2400 {
2403 LA_ACT_CONSISTENT);
2406 }
2407 }
2408 }
2409 #endif
2411 /* Notify the debugger all new objects are now ready to go. We must re-get
2412 the address since by now the variable might be in another object. */
2418 #if defined USE_LDCONFIG && !defined MAP_COPY
2419 /* We must munmap() the cache file. */
2421 #endif
2423 /* Once we return, _dl_sysdep_start will invoke
2424 the DT_INIT functions and then *USER_ENTRY. */
2425 }
2426 \f
2427 /* This is a little helper function for resolving symbols while
2428 tracing the binary. */
2429 static void
2432 {
2436 }
2437 \f
2438 /* This is a little helper function for resolving symbols while
2439 tracing the binary. */
2440 static void
2443 {
2446 }
2447 \f
2448 /* Nonzero if any of the debugging options is enabled. */
2451 /* Process the string given as the parameter which explains which debugging
2452 options are enabled. */
2453 static void
2455 {
2456 /* When adding new entries make sure that the maximal length of a name
2457 is correctly handled in the LD_DEBUG_HELP code below. */
2458 static const struct
2459 {
2465 {
2466 #define LEN_AND_STR(str) sizeof (str) - 1, str
2480 DL_DEBUG_SCOPES },
2486 DL_DEBUG_STATISTICS },
2488 DL_DEBUG_UNUSED },
2490 DL_DEBUG_HELP },
2491 };
2492 #define ndebopts (sizeof (debopts) / sizeof (debopts[0]))
2494 /* Skip separating white spaces and commas. */
2496 {
2498 {
2509 {
2513 }
2516 {
2517 /* Display a warning and skip everything until next
2518 separator. */
2522 }
2526 }
2529 }
2532 {
2533 /* In order to get an accurate picture of whether a particular
2534 DT_NEEDED entry is actually used we have to process both
2535 the PLT and non-PLT relocation entries. */
2537 }
2540 {
2555 }
2556 }
2557 \f
2558 /* Process all environments variables the dynamic linker must recognize.
2559 Since all of them start with `LD_' we are a bit smarter while finding
2560 all the entries. */
2564 static void
2566 {
2572 /* This is the default place for profiling data file. */
2577 {
2584 /* This is a "LD_" variable at the end of the string without
2585 a '=' character. Ignore it since otherwise we will access
2586 invalid memory below. */
2590 {
2592 /* Warning level, verbose or not. */
2598 /* Debugging of the dynamic linker? */
2600 {
2603 }
2609 /* Print information about versions. */
2611 {
2614 }
2616 /* List of objects to be preloaded. */
2618 {
2621 }
2623 /* Which shared object shall be profiled. */
2629 /* Do we bind early? */
2631 {
2634 }
2640 /* Test whether we want to see the content of the auxiliary
2641 array passed up from the kernel. */
2647 #if !HAVE_TUNABLES
2649 /* Mask for the important hardware capabilities. */
2654 #endif
2657 /* Path where the binary is found. */
2664 /* The library search path. */
2667 {
2670 }
2672 /* Where to place the profiling data file. */
2674 {
2677 }
2685 /* We might have some extra environment variable with length 13
2686 to handle. */
2687 #ifdef EXTRA_LD_ENVVARS_13
2688 EXTRA_LD_ENVVARS_13
2689 #endif
2692 {
2695 }
2699 /* Where to place the profiling data file. */
2707 /* The mode of the dynamic linker can be set. */
2709 {
2714 }
2718 /* The mode of the dynamic linker can be set. */
2723 /* We might have some extra environment variable to handle. This
2724 is tricky due to the pre-processing of the length of the name
2725 in the switch statement here. The code here assumes that added
2726 environment variables have a different length. */
2727 #ifdef EXTRA_LD_ENVVARS
2728 EXTRA_LD_ENVVARS
2729 #endif
2730 }
2731 }
2733 /* The caller wants this information. */
2736 /* Extra security for SUID binaries. Remove all dangerous environment
2737 variables. */
2739 {
2741 #ifdef EXTRA_UNSECURE_ENVVARS
2742 EXTRA_UNSECURE_ENVVARS
2743 #endif
2744 UNSECURE_ENVVARS;
2748 do
2749 {
2751 /* We could use rawmemchr but this need not be fast. */
2753 }
2757 {
2758 #if !HAVE_TUNABLES
2760 #endif
2762 }
2766 }
2767 /* If we have to run the dynamic linker in debugging mode and the
2768 LD_DEBUG_OUTPUT environment variable is given, we write the debug
2769 messages to this file. */
2771 {
2784 /* We use standard output if opening the file failed. */
2786 }
2787 }
2789 #if HP_TIMING_INLINE
2790 static void
2792 hp_timing_t total)
2793 {
2800 /* Sets the decimal point. */
2803 {
2806 /* Fall through. */
2809 /* Fall through. */
2813 }
2816 }
2817 #endif
2819 /* Print the various times we collected. */
2820 static void
2823 {
2824 #if HP_TIMING_INLINE
2825 {
2830 cycles);
2833 }
2834 #endif
2838 {
2845 {
2849 num_relative_relocations
2851 #ifndef ELF_MACHINE_REL_RELATIVE
2852 /* Relative relocations are processed on these architectures if
2853 library is loaded to different address than p_vaddr or
2854 if not prelinked. */
2857 #else
2858 /* On e.g. IA-64 or Alpha, relative relocations are processed
2859 only if library is loaded to different address than p_vaddr. */
2861 #endif
2862 num_relative_relocations
2864 }
2865 }
2872 num_relative_relocations);
2874 #if HP_TIMING_INLINE
2877 #endif
2878 }