1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2014 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
28 #include <bits/wordsize.h>
30 #include <sys/param.h>
32 #include <sys/types.h>
33 #include "dynamic-link.h"
35 #include <stackinfo.h>
38 #include <stap-probe.h>
42 #include <dl-map-segments.h>
43 #include <dl-unmap-segments.h>
47 #if BYTE_ORDER == BIG_ENDIAN
48 # define byteorder ELFDATA2MSB
49 #elif BYTE_ORDER == LITTLE_ENDIAN
50 # define byteorder ELFDATA2LSB
52 # error "Unknown BYTE_ORDER " BYTE_ORDER
53 # define byteorder ELFDATANONE
56 #define STRING(x) __STRING (x)
59 int __stack_prot attribute_hidden attribute_relro
60 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
62 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
69 /* Type for the buffer we put the ELF header and hopefully the program
70 header. This buffer does not really have to be too large. In most
71 cases the program header follows the ELF header directly. If this
72 is not the case all bets are off and we can make the header
73 arbitrarily large and still won't get it read. This means the only
74 question is how large are the ELF and program header combined. The
75 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
76 bytes long. Each program header entry is again 32 and 56 bytes
77 long respectively. I.e., even with a file which has 10 program
78 header entries we only have to read 372B/624B respectively. Add to
79 this a bit of margin for program notes and reading 512B and 832B
80 for 32-bit and 64-bit files respecitvely is enough. If this
81 heuristic should really fail for some file the code in
82 `_dl_map_object_from_fd' knows how to recover. */
87 # define FILEBUF_SIZE 512
89 # define FILEBUF_SIZE 832
91 char buf
[FILEBUF_SIZE
] __attribute__ ((aligned (__alignof (ElfW(Ehdr
)))));
94 /* This is the decomposed LD_LIBRARY_PATH search path. */
95 static struct r_search_path_struct env_path_list attribute_relro
;
97 /* List of the hardware capabilities we might end up using. */
98 static const struct r_strlenpair
*capstr attribute_relro
;
99 static size_t ncapstr attribute_relro
;
100 static size_t max_capstrlen attribute_relro
;
103 /* Get the generated information about the trusted directories. */
104 #include "trusted-dirs.h"
106 static const char system_dirs
[] = SYSTEM_DIRS
;
107 static const size_t system_dirs_len
[] =
111 #define nsystem_dirs_len \
112 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
115 /* Local version of `strdup' function. */
117 local_strdup (const char *s
)
119 size_t len
= strlen (s
) + 1;
120 void *new = malloc (len
);
125 return (char *) memcpy (new, s
, len
);
130 is_trusted_path (const char *path
, size_t len
)
132 const char *trun
= system_dirs
;
134 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
136 if (len
== system_dirs_len
[idx
] && memcmp (trun
, path
, len
) == 0)
140 trun
+= system_dirs_len
[idx
] + 1;
148 is_trusted_path_normalize (const char *path
, size_t len
)
159 char *npath
= (char *) alloca (len
+ 2);
161 while (*path
!= '\0')
167 if (path
[2] == '.' && (path
[3] == '/' || path
[3] == '\0'))
169 while (wnp
> npath
&& *--wnp
!= '/')
174 else if (path
[2] == '/' || path
[2] == '\0')
181 if (wnp
> npath
&& wnp
[-1] == '/')
191 if (wnp
== npath
|| wnp
[-1] != '/')
194 const char *trun
= system_dirs
;
196 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
198 if (wnp
- npath
>= system_dirs_len
[idx
]
199 && memcmp (trun
, npath
, system_dirs_len
[idx
]) == 0)
203 trun
+= system_dirs_len
[idx
] + 1;
211 is_dst (const char *start
, const char *name
, const char *str
,
212 int is_path
, int secure
)
215 bool is_curly
= false;
224 while (name
[len
] == str
[len
] && name
[len
] != '\0')
229 if (name
[len
] != '}')
232 /* Point again at the beginning of the name. */
234 /* Skip over closing curly brace and adjust for the --name. */
237 else if (name
[len
] != '\0' && name
[len
] != '/'
238 && (!is_path
|| name
[len
] != ':'))
241 if (__glibc_unlikely (secure
)
242 && ((name
[len
] != '\0' && name
[len
] != '/'
243 && (!is_path
|| name
[len
] != ':'))
244 || (name
!= start
+ 1 && (!is_path
|| name
[-2] != ':'))))
252 _dl_dst_count (const char *name
, int is_path
)
254 const char *const start
= name
;
261 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
262 is $ORIGIN alone) and it must always appear first in path. */
264 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
265 INTUSE(__libc_enable_secure
))) != 0
266 || (len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0
267 || (len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
270 name
= strchr (name
+ len
, '$');
272 while (name
!= NULL
);
279 _dl_dst_substitute (struct link_map
*l
, const char *name
, char *result
,
282 const char *const start
= name
;
284 /* Now fill the result path. While copying over the string we keep
285 track of the start of the last path element. When we come across
286 a DST we copy over the value or (if the value is not available)
287 leave the entire path element out. */
289 char *last_elem
= result
;
290 bool check_for_trusted
= false;
294 if (__glibc_unlikely (*name
== '$'))
296 const char *repl
= NULL
;
300 if ((len
= is_dst (start
, name
, "ORIGIN", is_path
,
301 INTUSE(__libc_enable_secure
))) != 0)
304 check_for_trusted
= (INTUSE(__libc_enable_secure
)
305 && l
->l_type
== lt_executable
);
307 else if ((len
= is_dst (start
, name
, "PLATFORM", is_path
, 0)) != 0)
308 repl
= GLRO(dl_platform
);
309 else if ((len
= is_dst (start
, name
, "LIB", is_path
, 0)) != 0)
312 if (repl
!= NULL
&& repl
!= (const char *) -1)
314 wp
= __stpcpy (wp
, repl
);
319 /* We cannot use this path element, the value of the
320 replacement is unknown. */
323 while (*name
!= '\0' && (!is_path
|| *name
!= ':'))
325 /* Also skip following colon if this is the first rpath
326 element, but keep an empty element at the end. */
327 if (wp
== result
&& is_path
&& *name
== ':' && name
[1] != '\0')
331 /* No DST we recognize. */
337 if (is_path
&& *name
== ':')
339 /* In SUID/SGID programs, after $ORIGIN expansion the
340 normalized path must be rooted in one of the trusted
342 if (__glibc_unlikely (check_for_trusted
)
343 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
348 check_for_trusted
= false;
352 while (*name
!= '\0');
354 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
355 path must be rooted in one of the trusted directories. */
356 if (__glibc_unlikely (check_for_trusted
)
357 && !is_trusted_path_normalize (last_elem
, wp
- last_elem
))
366 /* Return copy of argument with all recognized dynamic string tokens
367 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
368 might not be possible to determine the path from which the object
369 belonging to the map is loaded. In this case the path element
370 containing $ORIGIN is left out. */
372 expand_dynamic_string_token (struct link_map
*l
, const char *s
, int is_path
)
374 /* We make two runs over the string. First we determine how large the
375 resulting string is and then we copy it over. Since this is no
376 frequently executed operation we are looking here not for performance
377 but rather for code size. */
382 /* Determine the number of DST elements. */
383 cnt
= DL_DST_COUNT (s
, is_path
);
385 /* If we do not have to replace anything simply copy the string. */
386 if (__glibc_likely (cnt
== 0))
387 return local_strdup (s
);
389 /* Determine the length of the substituted string. */
390 total
= DL_DST_REQUIRED (l
, s
, strlen (s
), cnt
);
392 /* Allocate the necessary memory. */
393 result
= (char *) malloc (total
+ 1);
397 return _dl_dst_substitute (l
, s
, result
, is_path
);
401 /* Add `name' to the list of names for a particular shared object.
402 `name' is expected to have been allocated with malloc and will
403 be freed if the shared object already has this name.
404 Returns false if the object already had this name. */
407 add_name_to_object (struct link_map
*l
, const char *name
)
409 struct libname_list
*lnp
, *lastp
;
410 struct libname_list
*newname
;
414 for (lnp
= l
->l_libname
; lnp
!= NULL
; lastp
= lnp
, lnp
= lnp
->next
)
415 if (strcmp (name
, lnp
->name
) == 0)
418 name_len
= strlen (name
) + 1;
419 newname
= (struct libname_list
*) malloc (sizeof *newname
+ name_len
);
422 /* No more memory. */
423 _dl_signal_error (ENOMEM
, name
, NULL
, N_("cannot allocate name record"));
426 /* The object should have a libname set from _dl_new_object. */
427 assert (lastp
!= NULL
);
429 newname
->name
= memcpy (newname
+ 1, name
, name_len
);
430 newname
->next
= NULL
;
431 newname
->dont_free
= 0;
432 lastp
->next
= newname
;
435 /* Standard search directories. */
436 static struct r_search_path_struct rtld_search_dirs attribute_relro
;
438 static size_t max_dirnamelen
;
440 static struct r_search_path_elem
**
441 fillin_rpath (char *rpath
, struct r_search_path_elem
**result
, const char *sep
,
442 int check_trusted
, const char *what
, const char *where
,
449 while ((cp
= __strsep (&rpath
, sep
)) != NULL
)
451 struct r_search_path_elem
*dirp
;
453 to_free
= cp
= expand_dynamic_string_token (l
, cp
, 1);
455 size_t len
= strlen (cp
);
457 /* `strsep' can pass an empty string. This has to be
458 interpreted as `use the current directory'. */
461 static const char curwd
[] = "./";
465 /* Remove trailing slashes (except for "/"). */
466 while (len
> 1 && cp
[len
- 1] == '/')
469 /* Now add one if there is none so far. */
470 if (len
> 0 && cp
[len
- 1] != '/')
473 /* Make sure we don't use untrusted directories if we run SUID. */
474 if (__glibc_unlikely (check_trusted
) && !is_trusted_path (cp
, len
))
480 /* See if this directory is already known. */
481 for (dirp
= GL(dl_all_dirs
); dirp
!= NULL
; dirp
= dirp
->next
)
482 if (dirp
->dirnamelen
== len
&& memcmp (cp
, dirp
->dirname
, len
) == 0)
487 /* It is available, see whether it's on our own list. */
489 for (cnt
= 0; cnt
< nelems
; ++cnt
)
490 if (result
[cnt
] == dirp
)
494 result
[nelems
++] = dirp
;
499 enum r_dir_status init_val
;
500 size_t where_len
= where
? strlen (where
) + 1 : 0;
502 /* It's a new directory. Create an entry and add it. */
503 dirp
= (struct r_search_path_elem
*)
504 malloc (sizeof (*dirp
) + ncapstr
* sizeof (enum r_dir_status
)
505 + where_len
+ len
+ 1);
507 _dl_signal_error (ENOMEM
, NULL
, NULL
,
508 N_("cannot create cache for search path"));
510 dirp
->dirname
= ((char *) dirp
+ sizeof (*dirp
)
511 + ncapstr
* sizeof (enum r_dir_status
));
512 *((char *) __mempcpy ((char *) dirp
->dirname
, cp
, len
)) = '\0';
513 dirp
->dirnamelen
= len
;
515 if (len
> max_dirnamelen
)
516 max_dirnamelen
= len
;
518 /* We have to make sure all the relative directories are
519 never ignored. The current directory might change and
520 all our saved information would be void. */
521 init_val
= cp
[0] != '/' ? existing
: unknown
;
522 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
523 dirp
->status
[cnt
] = init_val
;
526 if (__glibc_likely (where
!= NULL
))
527 dirp
->where
= memcpy ((char *) dirp
+ sizeof (*dirp
) + len
+ 1
528 + (ncapstr
* sizeof (enum r_dir_status
)),
533 dirp
->next
= GL(dl_all_dirs
);
534 GL(dl_all_dirs
) = dirp
;
536 /* Put it in the result array. */
537 result
[nelems
++] = dirp
;
542 /* Terminate the array. */
543 result
[nelems
] = NULL
;
551 decompose_rpath (struct r_search_path_struct
*sps
,
552 const char *rpath
, struct link_map
*l
, const char *what
)
554 /* Make a copy we can work with. */
555 const char *where
= l
->l_name
;
558 struct r_search_path_elem
**result
;
560 /* Initialize to please the compiler. */
561 const char *errstring
= NULL
;
563 /* First see whether we must forget the RUNPATH and RPATH from this
565 if (__glibc_unlikely (GLRO(dl_inhibit_rpath
) != NULL
)
566 && !INTUSE(__libc_enable_secure
))
568 const char *inhp
= GLRO(dl_inhibit_rpath
);
572 const char *wp
= where
;
574 while (*inhp
== *wp
&& *wp
!= '\0')
580 if (*wp
== '\0' && (*inhp
== '\0' || *inhp
== ':'))
582 /* This object is on the list of objects for which the
583 RUNPATH and RPATH must not be used. */
584 sps
->dirs
= (void *) -1;
588 while (*inhp
!= '\0')
592 while (*inhp
!= '\0');
595 /* Make a writable copy. */
596 copy
= local_strdup (rpath
);
599 errstring
= N_("cannot create RUNPATH/RPATH copy");
603 /* Ignore empty rpaths. */
607 sps
->dirs
= (struct r_search_path_elem
**) -1;
611 /* Count the number of necessary elements in the result array. */
613 for (cp
= copy
; *cp
!= '\0'; ++cp
)
617 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
618 number of necessary entries. */
619 result
= (struct r_search_path_elem
**) malloc ((nelems
+ 1 + 1)
624 errstring
= N_("cannot create cache for search path");
626 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
629 fillin_rpath (copy
, result
, ":", 0, what
, where
, l
);
631 /* Free the copied RPATH string. `fillin_rpath' make own copies if
636 /* The caller will change this value if we haven't used a real malloc. */
641 /* Make sure cached path information is stored in *SP
642 and return true if there are any paths to search there. */
644 cache_rpath (struct link_map
*l
,
645 struct r_search_path_struct
*sp
,
649 if (sp
->dirs
== (void *) -1)
652 if (sp
->dirs
!= NULL
)
655 if (l
->l_info
[tag
] == NULL
)
657 /* There is no path. */
658 sp
->dirs
= (void *) -1;
662 /* Make sure the cache information is available. */
663 return decompose_rpath (sp
, (const char *) (D_PTR (l
, l_info
[DT_STRTAB
])
664 + l
->l_info
[tag
]->d_un
.d_val
),
671 _dl_init_paths (const char *llp
)
675 struct r_search_path_elem
*pelem
, **aelem
;
677 struct link_map
__attribute__ ((unused
)) *l
= NULL
;
678 /* Initialize to please the compiler. */
679 const char *errstring
= NULL
;
681 /* Fill in the information about the application's RPATH and the
682 directories addressed by the LD_LIBRARY_PATH environment variable. */
684 /* Get the capabilities. */
685 capstr
= _dl_important_hwcaps (GLRO(dl_platform
), GLRO(dl_platformlen
),
686 &ncapstr
, &max_capstrlen
);
688 /* First set up the rest of the default search directory entries. */
689 aelem
= rtld_search_dirs
.dirs
= (struct r_search_path_elem
**)
690 malloc ((nsystem_dirs_len
+ 1) * sizeof (struct r_search_path_elem
*));
691 if (rtld_search_dirs
.dirs
== NULL
)
693 errstring
= N_("cannot create search path array");
695 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
698 round_size
= ((2 * sizeof (struct r_search_path_elem
) - 1
699 + ncapstr
* sizeof (enum r_dir_status
))
700 / sizeof (struct r_search_path_elem
));
702 rtld_search_dirs
.dirs
[0] = (struct r_search_path_elem
*)
703 malloc ((sizeof (system_dirs
) / sizeof (system_dirs
[0]))
704 * round_size
* sizeof (struct r_search_path_elem
));
705 if (rtld_search_dirs
.dirs
[0] == NULL
)
707 errstring
= N_("cannot create cache for search path");
711 rtld_search_dirs
.malloced
= 0;
712 pelem
= GL(dl_all_dirs
) = rtld_search_dirs
.dirs
[0];
722 pelem
->what
= "system search path";
725 pelem
->dirname
= strp
;
726 pelem
->dirnamelen
= system_dirs_len
[idx
];
727 strp
+= system_dirs_len
[idx
] + 1;
729 /* System paths must be absolute. */
730 assert (pelem
->dirname
[0] == '/');
731 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
732 pelem
->status
[cnt
] = unknown
;
734 pelem
->next
= (++idx
== nsystem_dirs_len
? NULL
: (pelem
+ round_size
));
738 while (idx
< nsystem_dirs_len
);
740 max_dirnamelen
= SYSTEM_DIRS_MAX_LEN
;
744 /* This points to the map of the main object. */
745 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
748 assert (l
->l_type
!= lt_loaded
);
750 if (l
->l_info
[DT_RUNPATH
])
752 /* Allocate room for the search path and fill in information
754 decompose_rpath (&l
->l_runpath_dirs
,
755 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
756 + l
->l_info
[DT_RUNPATH
]->d_un
.d_val
),
758 /* During rtld init the memory is allocated by the stub malloc,
759 prevent any attempt to free it by the normal malloc. */
760 l
->l_runpath_dirs
.malloced
= 0;
762 /* The RPATH is ignored. */
763 l
->l_rpath_dirs
.dirs
= (void *) -1;
767 l
->l_runpath_dirs
.dirs
= (void *) -1;
769 if (l
->l_info
[DT_RPATH
])
771 /* Allocate room for the search path and fill in information
773 decompose_rpath (&l
->l_rpath_dirs
,
774 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
775 + l
->l_info
[DT_RPATH
]->d_un
.d_val
),
777 /* During rtld init the memory is allocated by the stub
778 malloc, prevent any attempt to free it by the normal
780 l
->l_rpath_dirs
.malloced
= 0;
783 l
->l_rpath_dirs
.dirs
= (void *) -1;
788 if (llp
!= NULL
&& *llp
!= '\0')
791 const char *cp
= llp
;
796 size_t cnt
= DL_DST_COUNT (llp
, 1);
797 if (__glibc_likely (cnt
== 0))
798 llp_tmp
= strdupa (llp
);
801 /* Determine the length of the substituted string. */
802 size_t total
= DL_DST_REQUIRED (l
, llp
, strlen (llp
), cnt
);
804 /* Allocate the necessary memory. */
805 llp_tmp
= (char *) alloca (total
+ 1);
806 llp_tmp
= _dl_dst_substitute (l
, llp
, llp_tmp
, 1);
809 llp_tmp
= strdupa (llp
);
812 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
817 if (*cp
== ':' || *cp
== ';')
822 env_path_list
.dirs
= (struct r_search_path_elem
**)
823 malloc ((nllp
+ 1) * sizeof (struct r_search_path_elem
*));
824 if (env_path_list
.dirs
== NULL
)
826 errstring
= N_("cannot create cache for search path");
830 (void) fillin_rpath (llp_tmp
, env_path_list
.dirs
, ":;",
831 INTUSE(__libc_enable_secure
), "LD_LIBRARY_PATH",
834 if (env_path_list
.dirs
[0] == NULL
)
836 free (env_path_list
.dirs
);
837 env_path_list
.dirs
= (void *) -1;
840 env_path_list
.malloced
= 0;
843 env_path_list
.dirs
= (void *) -1;
848 __attribute__ ((noreturn
, noinline
))
849 lose (int code
, int fd
, const char *name
, char *realname
, struct link_map
*l
,
850 const char *msg
, struct r_debug
*r
, Lmid_t nsid
)
852 /* The file might already be closed. */
855 if (l
!= NULL
&& l
->l_origin
!= (char *) -1l)
856 free ((char *) l
->l_origin
);
862 r
->r_state
= RT_CONSISTENT
;
864 LIBC_PROBE (map_failed
, 2, nsid
, r
);
867 _dl_signal_error (code
, name
, NULL
, msg
);
871 /* Map in the shared object NAME, actually located in REALNAME, and already
874 #ifndef EXTERNAL_MAP_FROM_FD
878 _dl_map_object_from_fd (const char *name
, int fd
, struct filebuf
*fbp
,
879 char *realname
, struct link_map
*loader
, int l_type
,
880 int mode
, void **stack_endp
, Lmid_t nsid
)
882 struct link_map
*l
= NULL
;
883 const ElfW(Ehdr
) *header
;
884 const ElfW(Phdr
) *phdr
;
885 const ElfW(Phdr
) *ph
;
889 /* Initialize to keep the compiler happy. */
890 const char *errstring
= NULL
;
892 struct r_debug
*r
= _dl_debug_initialize (0, nsid
);
893 bool make_consistent
= false;
895 /* Get file information. */
896 if (__glibc_unlikely (__fxstat64 (_STAT_VER
, fd
, &st
) < 0))
898 errstring
= N_("cannot stat shared object");
902 lose (errval
, fd
, name
, realname
, l
, errstring
,
903 make_consistent
? r
: NULL
, nsid
);
906 /* Look again to see if the real name matched another already loaded. */
907 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
908 if (l
->l_removed
== 0 && l
->l_ino
== st
.st_ino
&& l
->l_dev
== st
.st_dev
)
910 /* The object is already loaded.
911 Just bump its reference count and return it. */
914 /* If the name is not in the list of names for this object add
917 add_name_to_object (l
, name
);
923 /* When loading into a namespace other than the base one we must
924 avoid loading ld.so since there can only be one copy. Ever. */
925 if (__glibc_unlikely (nsid
!= LM_ID_BASE
)
926 && ((st
.st_ino
== GL(dl_rtld_map
).l_ino
927 && st
.st_dev
== GL(dl_rtld_map
).l_dev
)
928 || _dl_name_match_p (name
, &GL(dl_rtld_map
))))
930 /* This is indeed ld.so. Create a new link_map which refers to
931 the real one for almost everything. */
932 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
936 /* Refer to the real descriptor. */
937 l
->l_real
= &GL(dl_rtld_map
);
939 /* No need to bump the refcount of the real object, ld.so will
940 never be unloaded. */
943 /* Add the map for the mirrored object to the object list. */
944 _dl_add_to_namespace_list (l
, nsid
);
950 if (mode
& RTLD_NOLOAD
)
952 /* We are not supposed to load the object unless it is already
953 loaded. So return now. */
959 /* Print debugging message. */
960 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
961 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name
, nsid
);
963 /* This is the ELF header. We read it in `open_verify'. */
964 header
= (void *) fbp
->buf
;
968 if (_dl_zerofd
== -1)
970 _dl_zerofd
= _dl_sysdep_open_zero_fill ();
971 if (_dl_zerofd
== -1)
975 _dl_signal_error (errno
, NULL
, NULL
,
976 N_("cannot open zero fill device"));
981 /* Signal that we are going to add new objects. */
982 if (r
->r_state
== RT_CONSISTENT
)
985 /* Auditing checkpoint: we are going to add new objects. */
986 if ((mode
& __RTLD_AUDIT
) == 0
987 && __glibc_unlikely (GLRO(dl_naudit
) > 0))
989 struct link_map
*head
= GL(dl_ns
)[nsid
]._ns_loaded
;
990 /* Do not call the functions for any auditing object. */
991 if (head
->l_auditing
== 0)
993 struct audit_ifaces
*afct
= GLRO(dl_audit
);
994 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
996 if (afct
->activity
!= NULL
)
997 afct
->activity (&head
->l_audit
[cnt
].cookie
, LA_ACT_ADD
);
1005 /* Notify the debugger we have added some objects. We need to
1006 call _dl_debug_initialize in a static program in case dynamic
1007 linking has not been used before. */
1008 r
->r_state
= RT_ADD
;
1010 LIBC_PROBE (map_start
, 2, nsid
, r
);
1011 make_consistent
= true;
1014 assert (r
->r_state
== RT_ADD
);
1016 /* Enter the new object in the list of loaded objects. */
1017 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
1018 if (__glibc_unlikely (l
== NULL
))
1023 errstring
= N_("cannot create shared object descriptor");
1024 goto call_lose_errno
;
1027 /* Extract the remaining details we need from the ELF header
1028 and then read in the program header table. */
1029 l
->l_entry
= header
->e_entry
;
1030 type
= header
->e_type
;
1031 l
->l_phnum
= header
->e_phnum
;
1033 maplength
= header
->e_phnum
* sizeof (ElfW(Phdr
));
1034 if (header
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1035 phdr
= (void *) (fbp
->buf
+ header
->e_phoff
);
1038 phdr
= alloca (maplength
);
1039 __lseek (fd
, header
->e_phoff
, SEEK_SET
);
1040 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1042 errstring
= N_("cannot read file data");
1043 goto call_lose_errno
;
1047 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1048 * executable. Other platforms default to a nonexecutable stack and don't
1049 * need PT_GNU_STACK to do so. */
1050 uint_fast16_t stack_flags
= DEFAULT_STACK_PERMS
;
1053 /* Scan the program header table, collecting its load commands. */
1054 struct loadcmd loadcmds
[l
->l_phnum
];
1055 size_t nloadcmds
= 0;
1056 bool has_holes
= false;
1058 /* The struct is initialized to zero so this is not necessary:
1062 for (ph
= phdr
; ph
< &phdr
[l
->l_phnum
]; ++ph
)
1065 /* These entries tell us where to find things once the file's
1066 segments are mapped in. We record the addresses it says
1067 verbatim, and later correct for the run-time load address. */
1069 l
->l_ld
= (void *) ph
->p_vaddr
;
1070 l
->l_ldnum
= ph
->p_memsz
/ sizeof (ElfW(Dyn
));
1074 l
->l_phdr
= (void *) ph
->p_vaddr
;
1078 /* A load command tells us to map in part of the file.
1079 We record the load commands and process them all later. */
1080 if (__glibc_unlikely ((ph
->p_align
& (GLRO(dl_pagesize
) - 1)) != 0))
1082 errstring
= N_("ELF load command alignment not page-aligned");
1085 if (__glibc_unlikely (((ph
->p_vaddr
- ph
->p_offset
)
1086 & (ph
->p_align
- 1)) != 0))
1089 = N_("ELF load command address/offset not properly aligned");
1093 struct loadcmd
*c
= &loadcmds
[nloadcmds
++];
1094 c
->mapstart
= ph
->p_vaddr
& ~(GLRO(dl_pagesize
) - 1);
1095 c
->mapend
= ((ph
->p_vaddr
+ ph
->p_filesz
+ GLRO(dl_pagesize
) - 1)
1096 & ~(GLRO(dl_pagesize
) - 1));
1097 c
->dataend
= ph
->p_vaddr
+ ph
->p_filesz
;
1098 c
->allocend
= ph
->p_vaddr
+ ph
->p_memsz
;
1099 c
->mapoff
= ph
->p_offset
& ~(GLRO(dl_pagesize
) - 1);
1101 /* Determine whether there is a gap between the last segment
1103 if (nloadcmds
> 1 && c
[-1].mapend
!= c
->mapstart
)
1106 /* Optimize a common case. */
1107 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1108 c
->prot
= (PF_TO_PROT
1109 >> ((ph
->p_flags
& (PF_R
| PF_W
| PF_X
)) * 4)) & 0xf;
1112 if (ph
->p_flags
& PF_R
)
1113 c
->prot
|= PROT_READ
;
1114 if (ph
->p_flags
& PF_W
)
1115 c
->prot
|= PROT_WRITE
;
1116 if (ph
->p_flags
& PF_X
)
1117 c
->prot
|= PROT_EXEC
;
1122 if (ph
->p_memsz
== 0)
1123 /* Nothing to do for an empty segment. */
1126 l
->l_tls_blocksize
= ph
->p_memsz
;
1127 l
->l_tls_align
= ph
->p_align
;
1128 if (ph
->p_align
== 0)
1129 l
->l_tls_firstbyte_offset
= 0;
1131 l
->l_tls_firstbyte_offset
= ph
->p_vaddr
& (ph
->p_align
- 1);
1132 l
->l_tls_initimage_size
= ph
->p_filesz
;
1133 /* Since we don't know the load address yet only store the
1134 offset. We will adjust it later. */
1135 l
->l_tls_initimage
= (void *) ph
->p_vaddr
;
1137 /* If not loading the initial set of shared libraries,
1138 check whether we should permit loading a TLS segment. */
1139 if (__glibc_likely (l
->l_type
== lt_library
)
1140 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1141 not set up TLS data structures, so don't use them now. */
1142 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list
) != NULL
))
1144 /* Assign the next available module ID. */
1145 l
->l_tls_modid
= _dl_next_tls_modid ();
1150 if (l
->l_prev
== NULL
|| (mode
& __RTLD_AUDIT
) != 0)
1151 /* We are loading the executable itself when the dynamic linker
1152 was executed directly. The setup will happen later. */
1155 # ifdef _LIBC_REENTRANT
1156 /* In a static binary there is no way to tell if we dynamically
1157 loaded libpthread. */
1158 if (GL(dl_error_catch_tsd
) == &_dl_initial_error_catch_tsd
)
1162 /* We have not yet loaded libpthread.
1163 We can do the TLS setup right now! */
1167 /* The first call allocates TLS bookkeeping data structures.
1168 Then we allocate the TCB for the initial thread. */
1169 if (__glibc_unlikely (_dl_tls_setup ())
1170 || __glibc_unlikely ((tcb
= _dl_allocate_tls (NULL
)) == NULL
))
1174 cannot allocate TLS data structures for initial thread");
1178 /* Now we install the TCB in the thread register. */
1179 errstring
= TLS_INIT_TP (tcb
);
1180 if (__glibc_likely (errstring
== NULL
))
1182 /* Now we are all good. */
1183 l
->l_tls_modid
= ++GL(dl_tls_max_dtv_idx
);
1187 /* The kernel is too old or somesuch. */
1189 _dl_deallocate_tls (tcb
, 1);
1193 /* Uh-oh, the binary expects TLS support but we cannot
1196 errstring
= N_("cannot handle TLS data");
1201 stack_flags
= ph
->p_flags
;
1205 l
->l_relro_addr
= ph
->p_vaddr
;
1206 l
->l_relro_size
= ph
->p_memsz
;
1210 if (__glibc_unlikely (nloadcmds
== 0))
1212 /* This only happens for a bogus object that will be caught with
1213 another error below. But we don't want to go through the
1214 calculations below using NLOADCMDS - 1. */
1215 errstring
= N_("object file has no loadable segments");
1219 if (__glibc_unlikely (type
!= ET_DYN
)
1220 && __glibc_unlikely ((mode
& __RTLD_OPENEXEC
) == 0))
1222 /* This object is loaded at a fixed address. This must never
1223 happen for objects loaded with dlopen. */
1224 errstring
= N_("cannot dynamically load executable");
1228 /* Length of the sections to be loaded. */
1229 maplength
= loadcmds
[nloadcmds
- 1].allocend
- loadcmds
[0].mapstart
;
1231 /* Now process the load commands and map segments into memory.
1232 This is responsible for filling in:
1233 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1235 errstring
= _dl_map_segments (l
, fd
, header
, type
, loadcmds
, nloadcmds
,
1236 maplength
, has_holes
, loader
);
1237 if (__glibc_unlikely (errstring
!= NULL
))
1243 if (__glibc_unlikely (type
== ET_DYN
))
1245 errstring
= N_("object file has no dynamic section");
1250 l
->l_ld
= (ElfW(Dyn
) *) ((ElfW(Addr
)) l
->l_ld
+ l
->l_addr
);
1252 elf_get_dynamic_info (l
, NULL
);
1254 /* Make sure we are not dlopen'ing an object that has the
1255 DF_1_NOOPEN flag set. */
1256 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NOOPEN
)
1257 && (mode
& __RTLD_DLOPEN
))
1259 /* We are not supposed to load this object. Free all resources. */
1260 _dl_unmap_segments (l
);
1262 if (!l
->l_libname
->dont_free
)
1263 free (l
->l_libname
);
1265 if (l
->l_phdr_allocated
)
1266 free ((void *) l
->l_phdr
);
1268 errstring
= N_("shared object cannot be dlopen()ed");
1272 if (l
->l_phdr
== NULL
)
1274 /* The program header is not contained in any of the segments.
1275 We have to allocate memory ourself and copy it over from out
1277 ElfW(Phdr
) *newp
= (ElfW(Phdr
) *) malloc (header
->e_phnum
1278 * sizeof (ElfW(Phdr
)));
1281 errstring
= N_("cannot allocate memory for program header");
1282 goto call_lose_errno
;
1285 l
->l_phdr
= memcpy (newp
, phdr
,
1286 (header
->e_phnum
* sizeof (ElfW(Phdr
))));
1287 l
->l_phdr_allocated
= 1;
1290 /* Adjust the PT_PHDR value by the runtime load address. */
1291 l
->l_phdr
= (ElfW(Phdr
) *) ((ElfW(Addr
)) l
->l_phdr
+ l
->l_addr
);
1293 if (__glibc_unlikely ((stack_flags
&~ GL(dl_stack_flags
)) & PF_X
))
1295 if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso
) != 0))
1297 errstring
= N_("invalid caller");
1301 /* The stack is presently not executable, but this module
1302 requires that it be executable. We must change the
1303 protection of the variable which contains the flags used in
1304 the mprotect calls. */
1306 if ((mode
& (__RTLD_DLOPEN
| __RTLD_AUDIT
)) == __RTLD_DLOPEN
)
1308 const uintptr_t p
= (uintptr_t) &__stack_prot
& -GLRO(dl_pagesize
);
1309 const size_t s
= (uintptr_t) (&__stack_prot
+ 1) - p
;
1311 struct link_map
*const m
= &GL(dl_rtld_map
);
1312 const uintptr_t relro_end
= ((m
->l_addr
+ m
->l_relro_addr
1314 & -GLRO(dl_pagesize
));
1315 if (__glibc_likely (p
+ s
<= relro_end
))
1317 /* The variable lies in the region protected by RELRO. */
1318 if (__mprotect ((void *) p
, s
, PROT_READ
|PROT_WRITE
) < 0)
1320 errstring
= N_("cannot change memory protections");
1321 goto call_lose_errno
;
1323 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1324 __mprotect ((void *) p
, s
, PROT_READ
);
1327 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1331 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1333 #ifdef check_consistency
1334 check_consistency ();
1337 errval
= (*GL(dl_make_stack_executable_hook
)) (stack_endp
);
1341 cannot enable executable stack as shared object requires");
1346 /* Adjust the address of the TLS initialization image. */
1347 if (l
->l_tls_initimage
!= NULL
)
1348 l
->l_tls_initimage
= (char *) l
->l_tls_initimage
+ l
->l_addr
;
1350 /* We are done mapping in the file. We no longer need the descriptor. */
1351 if (__glibc_unlikely (__close (fd
) != 0))
1353 errstring
= N_("cannot close file descriptor");
1354 goto call_lose_errno
;
1356 /* Signal that we closed the file. */
1359 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1360 assert (type
!= ET_EXEC
|| l
->l_type
== lt_executable
);
1362 l
->l_entry
+= l
->l_addr
;
1364 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
1365 _dl_debug_printf ("\
1366 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1367 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1368 (int) sizeof (void *) * 2,
1369 (unsigned long int) l
->l_ld
,
1370 (int) sizeof (void *) * 2,
1371 (unsigned long int) l
->l_addr
,
1372 (int) sizeof (void *) * 2, maplength
,
1373 (int) sizeof (void *) * 2,
1374 (unsigned long int) l
->l_entry
,
1375 (int) sizeof (void *) * 2,
1376 (unsigned long int) l
->l_phdr
,
1377 (int) sizeof (void *) * 2, l
->l_phnum
);
1379 /* Set up the symbol hash table. */
1382 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1383 have to do this for the main map. */
1384 if ((mode
& RTLD_DEEPBIND
) == 0
1385 && __glibc_unlikely (l
->l_info
[DT_SYMBOLIC
] != NULL
)
1386 && &l
->l_searchlist
!= l
->l_scope
[0])
1388 /* Create an appropriate searchlist. It contains only this map.
1389 This is the definition of DT_SYMBOLIC in SysVr4. */
1390 l
->l_symbolic_searchlist
.r_list
[0] = l
;
1391 l
->l_symbolic_searchlist
.r_nlist
= 1;
1393 /* Now move the existing entries one back. */
1394 memmove (&l
->l_scope
[1], &l
->l_scope
[0],
1395 (l
->l_scope_max
- 1) * sizeof (l
->l_scope
[0]));
1397 /* Now add the new entry. */
1398 l
->l_scope
[0] = &l
->l_symbolic_searchlist
;
1401 /* Remember whether this object must be initialized first. */
1402 if (l
->l_flags_1
& DF_1_INITFIRST
)
1403 GL(dl_initfirst
) = l
;
1405 /* Finally the file information. */
1406 l
->l_dev
= st
.st_dev
;
1407 l
->l_ino
= st
.st_ino
;
1409 /* When we profile the SONAME might be needed for something else but
1410 loading. Add it right away. */
1411 if (__glibc_unlikely (GLRO(dl_profile
) != NULL
)
1412 && l
->l_info
[DT_SONAME
] != NULL
)
1413 add_name_to_object (l
, ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1414 + l
->l_info
[DT_SONAME
]->d_un
.d_val
));
1416 #ifdef DL_AFTER_LOAD
1420 /* Now that the object is fully initialized add it to the object list. */
1421 _dl_add_to_namespace_list (l
, nsid
);
1424 /* Auditing checkpoint: we have a new object. */
1425 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1426 && !GL(dl_ns
)[l
->l_ns
]._ns_loaded
->l_auditing
)
1428 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1429 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1431 if (afct
->objopen
!= NULL
)
1433 l
->l_audit
[cnt
].bindflags
1434 = afct
->objopen (l
, nsid
, &l
->l_audit
[cnt
].cookie
);
1436 l
->l_audit_any_plt
|= l
->l_audit
[cnt
].bindflags
!= 0;
1447 /* Print search path. */
1449 print_search_path (struct r_search_path_elem
**list
,
1450 const char *what
, const char *name
)
1452 char buf
[max_dirnamelen
+ max_capstrlen
];
1455 _dl_debug_printf (" search path=");
1457 while (*list
!= NULL
&& (*list
)->what
== what
) /* Yes, ==. */
1459 char *endp
= __mempcpy (buf
, (*list
)->dirname
, (*list
)->dirnamelen
);
1462 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
1463 if ((*list
)->status
[cnt
] != nonexisting
)
1465 char *cp
= __mempcpy (endp
, capstr
[cnt
].str
, capstr
[cnt
].len
);
1466 if (cp
== buf
|| (cp
== buf
+ 1 && buf
[0] == '/'))
1471 _dl_debug_printf_c (first
? "%s" : ":%s", buf
);
1479 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what
,
1480 DSO_FILENAME (name
));
1482 _dl_debug_printf_c ("\t\t(%s)\n", what
);
1485 /* Open a file and verify it is an ELF file for this architecture. We
1486 ignore only ELF files for other architectures. Non-ELF files and
1487 ELF files with different header information cause fatal errors since
1488 this could mean there is something wrong in the installation and the
1489 user might want to know about this. */
1491 open_verify (const char *name
, struct filebuf
*fbp
, struct link_map
*loader
,
1492 int whatcode
, int mode
, bool *found_other_class
, bool free_name
)
1494 /* This is the expected ELF header. */
1495 #define ELF32_CLASS ELFCLASS32
1496 #define ELF64_CLASS ELFCLASS64
1497 #ifndef VALID_ELF_HEADER
1498 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1499 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1500 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1501 #elif defined MORE_ELF_HEADER_DATA
1502 MORE_ELF_HEADER_DATA
;
1504 static const unsigned char expected
[EI_NIDENT
] =
1506 [EI_MAG0
] = ELFMAG0
,
1507 [EI_MAG1
] = ELFMAG1
,
1508 [EI_MAG2
] = ELFMAG2
,
1509 [EI_MAG3
] = ELFMAG3
,
1510 [EI_CLASS
] = ELFW(CLASS
),
1511 [EI_DATA
] = byteorder
,
1512 [EI_VERSION
] = EV_CURRENT
,
1513 [EI_OSABI
] = ELFOSABI_SYSV
,
1518 ElfW(Word
) vendorlen
;
1522 } expected_note
= { 4, 16, 1, "GNU" };
1523 /* Initialize it to make the compiler happy. */
1524 const char *errstring
= NULL
;
1528 /* Give the auditing libraries a chance. */
1529 if (__glibc_unlikely (GLRO(dl_naudit
) > 0) && whatcode
!= 0
1530 && loader
->l_auditing
== 0)
1532 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1533 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1535 if (afct
->objsearch
!= NULL
)
1537 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1540 /* Ignore the path. */
1549 /* Open the file. We always open files read-only. */
1550 int fd
= __open (name
, O_RDONLY
| O_CLOEXEC
);
1554 ElfW(Phdr
) *phdr
, *ph
;
1555 ElfW(Word
) *abi_note
;
1556 unsigned int osversion
;
1559 /* We successfully opened the file. Now verify it is a file
1563 assert (sizeof (fbp
->buf
) > sizeof (ElfW(Ehdr
)));
1564 /* Read in the header. */
1567 ssize_t retlen
= __libc_read (fd
, fbp
->buf
+ fbp
->len
,
1568 sizeof (fbp
->buf
) - fbp
->len
);
1573 while (__glibc_unlikely (fbp
->len
< sizeof (ElfW(Ehdr
))));
1575 /* This is where the ELF header is loaded. */
1576 ehdr
= (ElfW(Ehdr
) *) fbp
->buf
;
1578 /* Now run the tests. */
1579 if (__glibc_unlikely (fbp
->len
< (ssize_t
) sizeof (ElfW(Ehdr
))))
1582 errstring
= (errval
== 0
1583 ? N_("file too short") : N_("cannot read file data"));
1587 char *realname
= (char *) name
;
1588 name
= strdupa (realname
);
1591 lose (errval
, fd
, name
, NULL
, NULL
, errstring
, NULL
, 0);
1594 /* See whether the ELF header is what we expect. */
1595 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr
->e_ident
, expected
,
1597 || !VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1598 ehdr
->e_ident
[EI_ABIVERSION
])
1599 || memcmp (&ehdr
->e_ident
[EI_PAD
],
1601 EI_NIDENT
- EI_PAD
) != 0))
1603 /* Something is wrong. */
1604 const Elf32_Word
*magp
= (const void *) ehdr
->e_ident
;
1606 #if BYTE_ORDER == LITTLE_ENDIAN
1607 ((ELFMAG0
<< (EI_MAG0
* 8)) |
1608 (ELFMAG1
<< (EI_MAG1
* 8)) |
1609 (ELFMAG2
<< (EI_MAG2
* 8)) |
1610 (ELFMAG3
<< (EI_MAG3
* 8)))
1612 ((ELFMAG0
<< (EI_MAG3
* 8)) |
1613 (ELFMAG1
<< (EI_MAG2
* 8)) |
1614 (ELFMAG2
<< (EI_MAG1
* 8)) |
1615 (ELFMAG3
<< (EI_MAG0
* 8)))
1618 errstring
= N_("invalid ELF header");
1619 else if (ehdr
->e_ident
[EI_CLASS
] != ELFW(CLASS
))
1621 /* This is not a fatal error. On architectures where
1622 32-bit and 64-bit binaries can be run this might
1624 *found_other_class
= true;
1627 else if (ehdr
->e_ident
[EI_DATA
] != byteorder
)
1629 if (BYTE_ORDER
== BIG_ENDIAN
)
1630 errstring
= N_("ELF file data encoding not big-endian");
1632 errstring
= N_("ELF file data encoding not little-endian");
1634 else if (ehdr
->e_ident
[EI_VERSION
] != EV_CURRENT
)
1636 = N_("ELF file version ident does not match current one");
1637 /* XXX We should be able so set system specific versions which are
1639 else if (!VALID_ELF_OSABI (ehdr
->e_ident
[EI_OSABI
]))
1640 errstring
= N_("ELF file OS ABI invalid");
1641 else if (!VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1642 ehdr
->e_ident
[EI_ABIVERSION
]))
1643 errstring
= N_("ELF file ABI version invalid");
1644 else if (memcmp (&ehdr
->e_ident
[EI_PAD
], &expected
[EI_PAD
],
1645 EI_NIDENT
- EI_PAD
) != 0)
1646 errstring
= N_("nonzero padding in e_ident");
1648 /* Otherwise we don't know what went wrong. */
1649 errstring
= N_("internal error");
1654 if (__glibc_unlikely (ehdr
->e_version
!= EV_CURRENT
))
1656 errstring
= N_("ELF file version does not match current one");
1659 if (! __glibc_likely (elf_machine_matches_host (ehdr
)))
1661 else if (__glibc_unlikely (ehdr
->e_type
!= ET_DYN
1662 && ehdr
->e_type
!= ET_EXEC
))
1664 errstring
= N_("only ET_DYN and ET_EXEC can be loaded");
1667 else if (__glibc_unlikely (ehdr
->e_type
== ET_EXEC
1668 && (mode
& __RTLD_OPENEXEC
) == 0))
1670 /* BZ #16634. It is an error to dlopen ET_EXEC (unless
1671 __RTLD_OPENEXEC is explicitly set). We return error here
1672 so that code in _dl_map_object_from_fd does not try to set
1673 l_tls_modid for this module. */
1675 errstring
= N_("cannot dynamically load executable");
1678 else if (__glibc_unlikely (ehdr
->e_phentsize
!= sizeof (ElfW(Phdr
))))
1680 errstring
= N_("ELF file's phentsize not the expected size");
1684 maplength
= ehdr
->e_phnum
* sizeof (ElfW(Phdr
));
1685 if (ehdr
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1686 phdr
= (void *) (fbp
->buf
+ ehdr
->e_phoff
);
1689 phdr
= alloca (maplength
);
1690 __lseek (fd
, ehdr
->e_phoff
, SEEK_SET
);
1691 if ((size_t) __libc_read (fd
, (void *) phdr
, maplength
) != maplength
)
1695 errstring
= N_("cannot read file data");
1700 /* Check .note.ABI-tag if present. */
1701 for (ph
= phdr
; ph
< &phdr
[ehdr
->e_phnum
]; ++ph
)
1702 if (ph
->p_type
== PT_NOTE
&& ph
->p_filesz
>= 32 && ph
->p_align
>= 4)
1704 ElfW(Addr
) size
= ph
->p_filesz
;
1706 if (ph
->p_offset
+ size
<= (size_t) fbp
->len
)
1707 abi_note
= (void *) (fbp
->buf
+ ph
->p_offset
);
1710 abi_note
= alloca (size
);
1711 __lseek (fd
, ph
->p_offset
, SEEK_SET
);
1712 if (__libc_read (fd
, (void *) abi_note
, size
) != size
)
1716 while (memcmp (abi_note
, &expected_note
, sizeof (expected_note
)))
1718 #define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1719 ElfW(Addr
) note_size
= 3 * sizeof (ElfW(Word
))
1720 + ROUND (abi_note
[0])
1721 + ROUND (abi_note
[1]);
1723 if (size
- 32 < note_size
)
1729 abi_note
= (void *) abi_note
+ note_size
;
1735 osversion
= (abi_note
[5] & 0xff) * 65536
1736 + (abi_note
[6] & 0xff) * 256
1737 + (abi_note
[7] & 0xff);
1738 if (abi_note
[4] != __ABI_TAG_OS
1739 || (GLRO(dl_osversion
) && GLRO(dl_osversion
) < osversion
))
1743 __set_errno (ENOENT
);
1754 /* Try to open NAME in one of the directories in *DIRSP.
1755 Return the fd, or -1. If successful, fill in *REALNAME
1756 with the malloc'd full directory name. If it turns out
1757 that none of the directories in *DIRSP exists, *DIRSP is
1758 replaced with (void *) -1, and the old value is free()d
1759 if MAY_FREE_DIRS is true. */
1762 open_path (const char *name
, size_t namelen
, int mode
,
1763 struct r_search_path_struct
*sps
, char **realname
,
1764 struct filebuf
*fbp
, struct link_map
*loader
, int whatcode
,
1765 bool *found_other_class
)
1767 struct r_search_path_elem
**dirs
= sps
->dirs
;
1770 const char *current_what
= NULL
;
1773 if (__glibc_unlikely (dirs
== NULL
))
1774 /* We're called before _dl_init_paths when loading the main executable
1775 given on the command line when rtld is run directly. */
1778 buf
= alloca (max_dirnamelen
+ max_capstrlen
+ namelen
);
1781 struct r_search_path_elem
*this_dir
= *dirs
;
1788 /* If we are debugging the search for libraries print the path
1789 now if it hasn't happened now. */
1790 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
)
1791 && current_what
!= this_dir
->what
)
1793 current_what
= this_dir
->what
;
1794 print_search_path (dirs
, current_what
, this_dir
->where
);
1797 edp
= (char *) __mempcpy (buf
, this_dir
->dirname
, this_dir
->dirnamelen
);
1798 for (cnt
= 0; fd
== -1 && cnt
< ncapstr
; ++cnt
)
1800 /* Skip this directory if we know it does not exist. */
1801 if (this_dir
->status
[cnt
] == nonexisting
)
1805 ((char *) __mempcpy (__mempcpy (edp
, capstr
[cnt
].str
,
1810 /* Print name we try if this is wanted. */
1811 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1812 _dl_debug_printf (" trying file=%s\n", buf
);
1814 fd
= open_verify (buf
, fbp
, loader
, whatcode
, mode
,
1815 found_other_class
, false);
1816 if (this_dir
->status
[cnt
] == unknown
)
1819 this_dir
->status
[cnt
] = existing
;
1820 /* Do not update the directory information when loading
1821 auditing code. We must try to disturb the program as
1822 little as possible. */
1823 else if (loader
== NULL
1824 || GL(dl_ns
)[loader
->l_ns
]._ns_loaded
->l_auditing
== 0)
1826 /* We failed to open machine dependent library. Let's
1827 test whether there is any directory at all. */
1830 buf
[buflen
- namelen
- 1] = '\0';
1832 if (__xstat64 (_STAT_VER
, buf
, &st
) != 0
1833 || ! S_ISDIR (st
.st_mode
))
1834 /* The directory does not exist or it is no directory. */
1835 this_dir
->status
[cnt
] = nonexisting
;
1837 this_dir
->status
[cnt
] = existing
;
1841 /* Remember whether we found any existing directory. */
1842 here_any
|= this_dir
->status
[cnt
] != nonexisting
;
1844 if (fd
!= -1 && __glibc_unlikely (mode
& __RTLD_SECURE
)
1845 && INTUSE(__libc_enable_secure
))
1847 /* This is an extra security effort to make sure nobody can
1848 preload broken shared objects which are in the trusted
1849 directories and so exploit the bugs. */
1852 if (__fxstat64 (_STAT_VER
, fd
, &st
) != 0
1853 || (st
.st_mode
& S_ISUID
) == 0)
1855 /* The shared object cannot be tested for being SUID
1856 or this bit is not set. In this case we must not
1860 /* We simply ignore the file, signal this by setting
1861 the error value which would have been set by `open'. */
1869 *realname
= (char *) malloc (buflen
);
1870 if (*realname
!= NULL
)
1872 memcpy (*realname
, buf
, buflen
);
1877 /* No memory for the name, we certainly won't be able
1878 to load and link it. */
1883 if (here_any
&& (err
= errno
) != ENOENT
&& err
!= EACCES
)
1884 /* The file exists and is readable, but something went wrong. */
1887 /* Remember whether we found anything. */
1890 while (*++dirs
!= NULL
);
1892 /* Remove the whole path if none of the directories exists. */
1893 if (__glibc_unlikely (! any
))
1895 /* Paths which were allocated using the minimal malloc() in ld.so
1896 must not be freed using the general free() in libc. */
1900 /* rtld_search_dirs is attribute_relro, therefore avoid writing
1902 if (sps
!= &rtld_search_dirs
)
1903 sps
->dirs
= (void *) -1;
1909 /* Map in the shared object file NAME. */
1913 _dl_map_object (struct link_map
*loader
, const char *name
,
1914 int type
, int trace_mode
, int mode
, Lmid_t nsid
)
1923 assert (nsid
< GL(dl_nns
));
1925 /* Look for this name among those already loaded. */
1926 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
1928 /* If the requested name matches the soname of a loaded object,
1929 use that object. Elide this check for names that have not
1931 if (__glibc_unlikely ((l
->l_faked
| l
->l_removed
) != 0))
1933 if (!_dl_name_match_p (name
, l
))
1937 if (__glibc_likely (l
->l_soname_added
)
1938 || l
->l_info
[DT_SONAME
] == NULL
)
1941 soname
= ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1942 + l
->l_info
[DT_SONAME
]->d_un
.d_val
);
1943 if (strcmp (name
, soname
) != 0)
1946 /* We have a match on a new name -- cache it. */
1947 add_name_to_object (l
, soname
);
1948 l
->l_soname_added
= 1;
1951 /* We have a match. */
1955 /* Display information if we are debugging. */
1956 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
)
1958 _dl_debug_printf ((mode
& __RTLD_CALLMAP
) == 0
1959 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
1960 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
1961 name
, nsid
, DSO_FILENAME (loader
->l_name
), loader
->l_ns
);
1964 /* Give the auditing libraries a chance to change the name before we
1966 if (__glibc_unlikely (GLRO(dl_naudit
) > 0)
1967 && (loader
== NULL
|| loader
->l_auditing
== 0))
1969 struct audit_ifaces
*afct
= GLRO(dl_audit
);
1970 for (unsigned int cnt
= 0; cnt
< GLRO(dl_naudit
); ++cnt
)
1972 if (afct
->objsearch
!= NULL
)
1974 name
= afct
->objsearch (name
, &loader
->l_audit
[cnt
].cookie
,
1978 /* Do not try anything further. */
1989 /* Will be true if we found a DSO which is of the other ELF class. */
1990 bool found_other_class
= false;
1992 if (strchr (name
, '/') == NULL
)
1994 /* Search for NAME in several places. */
1996 size_t namelen
= strlen (name
) + 1;
1998 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1999 _dl_debug_printf ("find library=%s [%lu]; searching\n", name
, nsid
);
2003 /* When the object has the RUNPATH information we don't use any
2005 if (loader
== NULL
|| loader
->l_info
[DT_RUNPATH
] == NULL
)
2007 /* This is the executable's map (if there is one). Make sure that
2008 we do not look at it twice. */
2009 struct link_map
*main_map
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2010 bool did_main_map
= false;
2012 /* First try the DT_RPATH of the dependent object that caused NAME
2013 to be loaded. Then that object's dependent, and on up. */
2014 for (l
= loader
; l
; l
= l
->l_loader
)
2015 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2017 fd
= open_path (name
, namelen
, mode
,
2019 &realname
, &fb
, loader
, LA_SER_RUNPATH
,
2020 &found_other_class
);
2024 did_main_map
|= l
== main_map
;
2027 /* If dynamically linked, try the DT_RPATH of the executable
2028 itself. NB: we do this for lookups in any namespace. */
2029 if (fd
== -1 && !did_main_map
2030 && main_map
!= NULL
&& main_map
->l_type
!= lt_loaded
2031 && cache_rpath (main_map
, &main_map
->l_rpath_dirs
, DT_RPATH
,
2033 fd
= open_path (name
, namelen
, mode
,
2034 &main_map
->l_rpath_dirs
,
2035 &realname
, &fb
, loader
?: main_map
, LA_SER_RUNPATH
,
2036 &found_other_class
);
2039 /* Try the LD_LIBRARY_PATH environment variable. */
2040 if (fd
== -1 && env_path_list
.dirs
!= (void *) -1)
2041 fd
= open_path (name
, namelen
, mode
, &env_path_list
,
2043 loader
?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
,
2044 LA_SER_LIBPATH
, &found_other_class
);
2046 /* Look at the RUNPATH information for this binary. */
2047 if (fd
== -1 && loader
!= NULL
2048 && cache_rpath (loader
, &loader
->l_runpath_dirs
,
2049 DT_RUNPATH
, "RUNPATH"))
2050 fd
= open_path (name
, namelen
, mode
,
2051 &loader
->l_runpath_dirs
, &realname
, &fb
, loader
,
2052 LA_SER_RUNPATH
, &found_other_class
);
2056 && (__glibc_likely ((mode
& __RTLD_SECURE
) == 0)
2057 || ! INTUSE(__libc_enable_secure
))
2058 && __glibc_likely (GLRO(dl_inhibit_cache
) == 0))
2060 /* Check the list of libraries in the file /etc/ld.so.cache,
2061 for compatibility with Linux's ldconfig program. */
2062 const char *cached
= _dl_load_cache_lookup (name
);
2066 // XXX Correct to unconditionally default to namespace 0?
2068 ?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
2074 /* If the loader has the DF_1_NODEFLIB flag set we must not
2075 use a cache entry from any of these directories. */
2076 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NODEFLIB
))
2078 const char *dirp
= system_dirs
;
2079 unsigned int cnt
= 0;
2083 if (memcmp (cached
, dirp
, system_dirs_len
[cnt
]) == 0)
2085 /* The prefix matches. Don't use the entry. */
2090 dirp
+= system_dirs_len
[cnt
] + 1;
2093 while (cnt
< nsystem_dirs_len
);
2098 fd
= open_verify (cached
,
2099 &fb
, loader
?: GL(dl_ns
)[nsid
]._ns_loaded
,
2100 LA_SER_CONFIG
, mode
, &found_other_class
,
2102 if (__glibc_likely (fd
!= -1))
2104 realname
= local_strdup (cached
);
2105 if (realname
== NULL
)
2116 /* Finally, try the default path. */
2118 && ((l
= loader
?: GL(dl_ns
)[nsid
]._ns_loaded
) == NULL
2119 || __glibc_likely (!(l
->l_flags_1
& DF_1_NODEFLIB
)))
2120 && rtld_search_dirs
.dirs
!= (void *) -1)
2121 fd
= open_path (name
, namelen
, mode
, &rtld_search_dirs
,
2122 &realname
, &fb
, l
, LA_SER_DEFAULT
, &found_other_class
);
2124 /* Add another newline when we are tracing the library loading. */
2125 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
2126 _dl_debug_printf ("\n");
2130 /* The path may contain dynamic string tokens. */
2132 ? expand_dynamic_string_token (loader
, name
, 0)
2133 : local_strdup (name
));
2134 if (realname
== NULL
)
2138 fd
= open_verify (realname
, &fb
,
2139 loader
?: GL(dl_ns
)[nsid
]._ns_loaded
, 0, mode
,
2140 &found_other_class
, true);
2141 if (__glibc_unlikely (fd
== -1))
2149 /* In case the LOADER information has only been provided to get to
2150 the appropriate RUNPATH/RPATH information we do not need it
2152 if (mode
& __RTLD_CALLMAP
)
2155 if (__glibc_unlikely (fd
== -1))
2158 && __glibc_likely ((GLRO(dl_debug_mask
) & DL_DEBUG_PRELINK
) == 0))
2160 /* We haven't found an appropriate library. But since we
2161 are only interested in the list of libraries this isn't
2162 so severe. Fake an entry with all the information we
2164 static const Elf_Symndx dummy_bucket
= STN_UNDEF
;
2166 /* Allocate a new object map. */
2167 if ((name_copy
= local_strdup (name
)) == NULL
2168 || (l
= _dl_new_object (name_copy
, name
, type
, loader
,
2169 mode
, nsid
)) == NULL
)
2172 _dl_signal_error (ENOMEM
, name
, NULL
,
2173 N_("cannot create shared object descriptor"));
2175 /* Signal that this is a faked entry. */
2177 /* Since the descriptor is initialized with zero we do not
2179 l->l_reserved = 0; */
2180 l
->l_buckets
= &dummy_bucket
;
2184 /* Enter the object in the object list. */
2185 _dl_add_to_namespace_list (l
, nsid
);
2189 else if (found_other_class
)
2190 _dl_signal_error (0, name
, NULL
,
2191 ELFW(CLASS
) == ELFCLASS32
2192 ? N_("wrong ELF class: ELFCLASS64")
2193 : N_("wrong ELF class: ELFCLASS32"));
2195 _dl_signal_error (errno
, name
, NULL
,
2196 N_("cannot open shared object file"));
2199 void *stack_end
= __libc_stack_end
;
2200 return _dl_map_object_from_fd (name
, fd
, &fb
, realname
, loader
, type
, mode
,
2207 _dl_rtld_di_serinfo (struct link_map
*loader
, Dl_serinfo
*si
, bool counting
)
2215 unsigned int idx
= 0;
2216 char *allocptr
= (char *) &si
->dls_serpath
[si
->dls_cnt
];
2217 void add_path (const struct r_search_path_struct
*sps
, unsigned int flags
)
2218 # define add_path(sps, flags) add_path(sps, 0) /* XXX */
2220 if (sps
->dirs
!= (void *) -1)
2222 struct r_search_path_elem
**dirs
= sps
->dirs
;
2225 const struct r_search_path_elem
*const r
= *dirs
++;
2229 si
->dls_size
+= MAX (2, r
->dirnamelen
);
2233 Dl_serpath
*const sp
= &si
->dls_serpath
[idx
++];
2234 sp
->dls_name
= allocptr
;
2235 if (r
->dirnamelen
< 2)
2236 *allocptr
++ = r
->dirnamelen
? '/' : '.';
2238 allocptr
= __mempcpy (allocptr
,
2239 r
->dirname
, r
->dirnamelen
- 1);
2241 sp
->dls_flags
= flags
;
2244 while (*dirs
!= NULL
);
2248 /* When the object has the RUNPATH information we don't use any RPATHs. */
2249 if (loader
->l_info
[DT_RUNPATH
] == NULL
)
2251 /* First try the DT_RPATH of the dependent object that caused NAME
2252 to be loaded. Then that object's dependent, and on up. */
2254 struct link_map
*l
= loader
;
2257 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2258 add_path (&l
->l_rpath_dirs
, XXX_RPATH
);
2263 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2264 if (loader
->l_ns
== LM_ID_BASE
)
2266 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2267 if (l
!= NULL
&& l
->l_type
!= lt_loaded
&& l
!= loader
)
2268 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2269 add_path (&l
->l_rpath_dirs
, XXX_RPATH
);
2273 /* Try the LD_LIBRARY_PATH environment variable. */
2274 add_path (&env_path_list
, XXX_ENV
);
2276 /* Look at the RUNPATH information for this binary. */
2277 if (cache_rpath (loader
, &loader
->l_runpath_dirs
, DT_RUNPATH
, "RUNPATH"))
2278 add_path (&loader
->l_runpath_dirs
, XXX_RUNPATH
);
2281 Here is where ld.so.cache gets checked, but we don't have
2282 a way to indicate that in the results for Dl_serinfo. */
2284 /* Finally, try the default path. */
2285 if (!(loader
->l_flags_1
& DF_1_NODEFLIB
))
2286 add_path (&rtld_search_dirs
, XXX_default
);
2289 /* Count the struct size before the string area, which we didn't
2290 know before we completed dls_cnt. */
2291 si
->dls_size
+= (char *) &si
->dls_serpath
[si
->dls_cnt
] - (char *) si
;