search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
(__setmntent): Fix typo.
[glibc.git] / elf / dl-load.c
blob46b7d814120368c8466a5a4443b6a48b64ee891f
1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995,96,97,98,99,2000,2001 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, write to the Free
17 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
18 02111-1307 USA. */
19
20 #include <elf.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <libintl.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <ldsodefs.h>
28 #include <sys/mman.h>
29 #include <sys/param.h>
30 #include <sys/stat.h>
31 #include <sys/types.h>
32 #include "dynamic-link.h"
33 #include <abi-tag.h>
34 #include <dl-osinfo.h>
35
36 #include <dl-dst.h>
37
38 /* On some systems, no flag bits are given to specify file mapping. */
39 #ifndef MAP_FILE
40 # define MAP_FILE 0
41 #endif
42
43 /* The right way to map in the shared library files is MAP_COPY, which
44 makes a virtual copy of the data at the time of the mmap call; this
45 guarantees the mapped pages will be consistent even if the file is
46 overwritten. Some losing VM systems like Linux's lack MAP_COPY. All we
47 get is MAP_PRIVATE, which copies each page when it is modified; this
48 means if the file is overwritten, we may at some point get some pages
49 from the new version after starting with pages from the old version. */
50 #ifndef MAP_COPY
51 # define MAP_COPY MAP_PRIVATE
52 #endif
53
54 /* Some systems link their relocatable objects for another base address
55 than 0. We want to know the base address for these such that we can
56 subtract this address from the segment addresses during mapping.
57 This results in a more efficient address space usage. Defaults to
58 zero for almost all systems. */
59 #ifndef MAP_BASE_ADDR
60 # define MAP_BASE_ADDR(l) 0
61 #endif
62
63
64 #include <endian.h>
65 #if BYTE_ORDER == BIG_ENDIAN
66 # define byteorder ELFDATA2MSB
67 #elif BYTE_ORDER == LITTLE_ENDIAN
68 # define byteorder ELFDATA2LSB
69 #else
70 # error "Unknown BYTE_ORDER " BYTE_ORDER
71 # define byteorder ELFDATANONE
72 #endif
73
74 #define STRING(x) __STRING (x)
75
76 #ifdef MAP_ANON
77 /* The fd is not examined when using MAP_ANON. */
78 # define ANONFD -1
79 #else
80 int _dl_zerofd = -1;
81 # define ANONFD _dl_zerofd
82 #endif
83
84 /* Handle situations where we have a preferred location in memory for
85 the shared objects. */
86 #ifdef ELF_PREFERRED_ADDRESS_DATA
87 ELF_PREFERRED_ADDRESS_DATA;
88 #endif
89 #ifndef ELF_PREFERRED_ADDRESS
90 # define ELF_PREFERRED_ADDRESS(loader, maplength, mapstartpref) (mapstartpref)
91 #endif
92 #ifndef ELF_FIXED_ADDRESS
93 # define ELF_FIXED_ADDRESS(loader, mapstart) ((void) 0)
94 #endif
95
96 /* Type for the buffer we put the ELF header and hopefully the program
97 header. This buffer does not really have to be too large. In most
98 cases the program header follows the ELF header directly. If this
99 is not the case all bets are off and we can make the header arbitrarily
100 large and still won't get it read. This means the only question is
101 how large are the ELF and program header combined. The ELF header
102 in 64-bit files is 56 bytes long. Each program header entry is again
103 56 bytes long. I.e., even with a file which has 17 program header
104 entries we only have to read 1kB. And 17 program header entries is
105 plenty, normal files have < 10. If this heuristic should really fail
106 for some file the code in `_dl_map_object_from_fd' knows how to
107 recover. */
108 struct filebuf
109 {
110 ssize_t len;
111 char buf[1024];
112 };
113
114 size_t _dl_pagesize;
115
116 unsigned int _dl_osversion;
117
118 int _dl_clktck;
119
120 extern const char *_dl_platform;
121 extern size_t _dl_platformlen;
122
123 /* The object to be initialized first. */
124 struct link_map *_dl_initfirst;
125
126 /* This is the decomposed LD_LIBRARY_PATH search path. */
127 static struct r_search_path_struct env_path_list;
128
129 /* List of the hardware capabilities we might end up using. */
130 static const struct r_strlenpair *capstr;
131 static size_t ncapstr;
132 static size_t max_capstrlen;
133
134 const unsigned char _dl_pf_to_prot[8] =
135 {
136 [0] = PROT_NONE,
137 [PF_R] = PROT_READ,
138 [PF_W] = PROT_WRITE,
139 [PF_R | PF_W] = PROT_READ | PROT_WRITE,
140 [PF_X] = PROT_EXEC,
141 [PF_R | PF_X] = PROT_READ | PROT_EXEC,
142 [PF_W | PF_X] = PROT_WRITE | PROT_EXEC,
143 [PF_R | PF_W | PF_X] = PROT_READ | PROT_WRITE | PROT_EXEC
144 };
145
146
147 /* Get the generated information about the trusted directories. */
148 #include "trusted-dirs.h"
149
150 static const char system_dirs[] = SYSTEM_DIRS;
151 static const size_t system_dirs_len[] =
152 {
153 SYSTEM_DIRS_LEN
154 };
155 #define nsystem_dirs_len \
156 (sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
157
158
159 /* Local version of `strdup' function. */
160 static inline char *
161 local_strdup (const char *s)
162 {
163 size_t len = strlen (s) + 1;
164 void *new = malloc (len);
165
166 if (new == NULL)
167 return NULL;
168
169 return (char *) memcpy (new, s, len);
170 }
171
172
173 size_t
174 _dl_dst_count (const char *name, int is_path)
175 {
176 const char *const start = name;
177 size_t cnt = 0;
178
179 do
180 {
181 size_t len = 1;
182
183 /* $ORIGIN is not expanded for SUID/GUID programs and it must
184 always appear first in path.
185
186 Note that it is no bug that the string in the second and
187 fourth `strncmp' call is longer than the sequence which is
188 actually tested. */
189 if (((strncmp (&name[1], "{ORIGIN}", 8) == 0 && (len = 9) != 0)
190 || (strncmp (&name[1], "{ORIGIN}" + 1, 6) == 0
191 && (name[7] == '\0' || name[7] == '/'
192 || (is_path && name[7] == ':'))
193 && (len = 7) != 0)))
194 {
195 if (__builtin_expect (!__libc_enable_secure, 1)
196 && (name == start || (is_path && name[-1] == ':')))
197 ++cnt;
198 }
199 else if ((strncmp (&name[1], "{PLATFORM}", 10) == 0
200 && (len = 11) != 0)
201 || (strncmp (&name[1], "{PLATFORM}" + 1, 8) == 0
202 && (name[9] == '\0' || name[9] == '/'
203 || (is_path && name[9] == ':'))
204 && (len = 9) != 0))
205 ++cnt;
206
207 name = strchr (name + len, '$');
208 }
209 while (name != NULL);
210
211 return cnt;
212 }
213
214
215 char *
216 _dl_dst_substitute (struct link_map *l, const char *name, char *result,
217 int is_path)
218 {
219 const char *const start = name;
220 char *last_elem, *wp;
221
222 /* Now fill the result path. While copying over the string we keep
223 track of the start of the last path element. When we come accross
224 a DST we copy over the value or (if the value is not available)
225 leave the entire path element out. */
226 last_elem = wp = result;
227
228 do
229 {
230 if (__builtin_expect (*name, 'a') == '$')
231 {
232 const char *repl = NULL;
233 size_t len = 1;
234
235 /* Note that it is no bug that the string in the second and
236 fourth `strncmp' call is longer than the sequence which
237 is actually tested. */
238 if (((strncmp (&name[1], "{ORIGIN}", 8) == 0 && (len = 9) != 0)
239 || (strncmp (&name[1], "{ORIGIN}" + 1, 6) == 0
240 && (name[7] == '\0' || name[7] == '/'
241 || (is_path && name[7] == ':'))
242 && (len = 7) != 0)))
243 {
244 if (__builtin_expect (!__libc_enable_secure, 1)
245 && (name == start || (is_path && name[-1] == ':')))
246 repl = l->l_origin;
247 }
248 else if ((strncmp (&name[1], "{PLATFORM}", 10) == 0
249 && (len = 11) != 0)
250 || (strncmp (&name[1], "{PLATFORM}" + 1, 8) == 0
251 && (name[9] == '\0' || name[9] == '/' || name[9] == ':')
252 && (len = 9) != 0))
253 repl = _dl_platform;
254
255
256 if (repl != NULL && repl != (const char *) -1)
257 {
258 wp = __stpcpy (wp, repl);
259 name += len;
260 }
261 else if (len > 1)
262 {
263 /* We cannot use this path element, the value of the
264 replacement is unknown. */
265 wp = last_elem;
266 name += len;
267 while (*name != '\0' && (!is_path || *name != ':'))
268 ++name;
269 }
270 else
271 /* No DST we recognize. */
272 *wp++ = *name++;
273 }
274 else
275 {
276 *wp++ = *name++;
277 if (is_path && *name == ':')
278 last_elem = wp;
279 }
280 }
281 while (*name != '\0');
282
283 *wp = '\0';
284
285 return result;
286 }
287
288
289 /* Return copy of argument with all recognized dynamic string tokens
290 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
291 might not be possible to determine the path from which the object
292 belonging to the map is loaded. In this case the path element
293 containing $ORIGIN is left out. */
294 static char *
295 expand_dynamic_string_token (struct link_map *l, const char *s)
296 {
297 /* We make two runs over the string. First we determine how large the
298 resulting string is and then we copy it over. Since this is now
299 frequently executed operation we are looking here not for performance
300 but rather for code size. */
301 size_t cnt;
302 size_t total;
303 char *result;
304
305 /* Determine the number of DST elements. */
306 cnt = DL_DST_COUNT (s, 1);
307
308 /* If we do not have to replace anything simply copy the string. */
309 if (__builtin_expect (cnt, 0) == 0)
310 return local_strdup (s);
311
312 /* Determine the length of the substituted string. */
313 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
314
315 /* Allocate the necessary memory. */
316 result = (char *) malloc (total + 1);
317 if (result == NULL)
318 return NULL;
319
320 return DL_DST_SUBSTITUTE (l, s, result, 1);
321 }
322
323
324 /* Add `name' to the list of names for a particular shared object.
325 `name' is expected to have been allocated with malloc and will
326 be freed if the shared object already has this name.
327 Returns false if the object already had this name. */
328 static void
329 internal_function
330 add_name_to_object (struct link_map *l, const char *name)
331 {
332 struct libname_list *lnp, *lastp;
333 struct libname_list *newname;
334 size_t name_len;
335
336 lastp = NULL;
337 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
338 if (strcmp (name, lnp->name) == 0)
339 return;
340
341 name_len = strlen (name) + 1;
342 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
343 if (newname == NULL)
344 {
345 /* No more memory. */
346 _dl_signal_error (ENOMEM, name, N_("cannot allocate name record"));
347 return;
348 }
349 /* The object should have a libname set from _dl_new_object. */
350 assert (lastp != NULL);
351
352 newname->name = memcpy (newname + 1, name, name_len);
353 newname->next = NULL;
354 newname->dont_free = 0;
355 lastp->next = newname;
356 }
357
358 /* All known directories in sorted order. */
359 struct r_search_path_elem *_dl_all_dirs;
360
361 /* All directories after startup. */
362 struct r_search_path_elem *_dl_init_all_dirs;
363
364 /* Standard search directories. */
365 static struct r_search_path_struct rtld_search_dirs;
366
367 static size_t max_dirnamelen;
368
369 static inline struct r_search_path_elem **
370 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
371 int check_trusted, const char *what, const char *where)
372 {
373 char *cp;
374 size_t nelems = 0;
375
376 while ((cp = __strsep (&rpath, sep)) != NULL)
377 {
378 struct r_search_path_elem *dirp;
379 size_t len = strlen (cp);
380
381 /* `strsep' can pass an empty string. This has to be
382 interpreted as `use the current directory'. */
383 if (len == 0)
384 {
385 static const char curwd[] = "./";
386 cp = (char *) curwd;
387 }
388
389 /* Remove trailing slashes (except for "/"). */
390 while (len > 1 && cp[len - 1] == '/')
391 --len;
392
393 /* Now add one if there is none so far. */
394 if (len > 0 && cp[len - 1] != '/')
395 cp[len++] = '/';
396
397 /* See if this directory is already known. */
398 for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next)
399 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
400 break;
401
402 if (dirp != NULL)
403 {
404 /* It is available, see whether it's on our own list. */
405 size_t cnt;
406 for (cnt = 0; cnt < nelems; ++cnt)
407 if (result[cnt] == dirp)
408 break;
409
410 if (cnt == nelems)
411 result[nelems++] = dirp;
412 }
413 else
414 {
415 size_t cnt;
416 enum r_dir_status init_val;
417 size_t where_len = where ? strlen (where) + 1 : 0;
418
419 /* It's a new directory. Create an entry and add it. */
420 dirp = (struct r_search_path_elem *)
421 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
422 + where_len + len + 1);
423 if (dirp == NULL)
424 _dl_signal_error (ENOMEM, NULL,
425 N_("cannot create cache for search path"));
426
427 dirp->dirname = ((char *) dirp + sizeof (*dirp)
428 + ncapstr * sizeof (enum r_dir_status));
429 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
430 dirp->dirnamelen = len;
431
432 if (len > max_dirnamelen)
433 max_dirnamelen = len;
434
435 /* Make sure we don't use untrusted directories if we run SUID. */
436 if (__builtin_expect (check_trusted, 0))
437 {
438 const char *trun = system_dirs;
439 size_t idx;
440
441 /* By default we don't trust anything. */
442 init_val = nonexisting;
443
444 /* All trusted directories must be complete names. */
445 if (cp[0] == '/')
446 {
447 for (idx = 0; idx < nsystem_dirs_len; ++idx)
448 {
449 if (len == system_dirs_len[idx]
450 && memcmp (trun, cp, len) == 0)
451 /* Found it. */
452 break;
453
454 trun += system_dirs_len[idx] + 1;
455 }
456
457 if (idx < nsystem_dirs_len)
458 /* It's a trusted directory so allow checking for it. */
459 init_val = unknown;
460 }
461 }
462 else
463 /* We don't have to check for trusted directories and can
464 accept everything. We have to make sure all the
465 relative directories are never ignored. The current
466 directory might change and all our saved information
467 would be void. */
468 init_val = cp[0] != '/' ? existing : unknown;
469
470 for (cnt = 0; cnt < ncapstr; ++cnt)
471 dirp->status[cnt] = init_val;
472
473 dirp->what = what;
474 if (__builtin_expect (where != NULL, 1))
475 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
476 + ncapstr * sizeof (enum r_dir_status),
477 where, where_len);
478 else
479 dirp->where = NULL;
480
481 dirp->next = _dl_all_dirs;
482 _dl_all_dirs = dirp;
483
484 /* Put it in the result array. */
485 result[nelems++] = dirp;
486 }
487 }
488
489 /* Terminate the array. */
490 result[nelems] = NULL;
491
492 return result;
493 }
494
495
496 static void
497 internal_function
498 decompose_rpath (struct r_search_path_struct *sps,
499 const char *rpath, struct link_map *l, const char *what)
500 {
501 /* Make a copy we can work with. */
502 const char *where = l->l_name;
503 char *copy;
504 char *cp;
505 struct r_search_path_elem **result;
506 size_t nelems;
507
508 /* First see whether we must forget the RUNPATH and RPATH from this
509 object. */
510 if (__builtin_expect (_dl_inhibit_rpath != NULL, 0) && !__libc_enable_secure)
511 {
512 const char *found = strstr (_dl_inhibit_rpath, where);
513 if (found != NULL)
514 {
515 size_t len = strlen (where);
516 if ((found == _dl_inhibit_rpath || found[-1] == ':')
517 && (found[len] == '\0' || found[len] == ':'))
518 {
519 /* This object is on the list of objects for which the
520 RUNPATH and RPATH must not be used. */
521 result = (struct r_search_path_elem **)
522 malloc (sizeof (*result));
523 if (result == NULL)
524 _dl_signal_error (ENOMEM, NULL,
525 N_("cannot create cache for search path"));
526 result[0] = NULL;
527
528 sps->dirs = result;
529 sps->malloced = 1;
530
531 return;
532 }
533 }
534 }
535
536 /* Make a writable copy. At the same time expand possible dynamic
537 string tokens. */
538 copy = expand_dynamic_string_token (l, rpath);
539 if (copy == NULL)
540 _dl_signal_error (ENOMEM, NULL, N_("cannot create RUNPATH/RPATH copy"));
541
542 /* Count the number of necessary elements in the result array. */
543 nelems = 0;
544 for (cp = copy; *cp != '\0'; ++cp)
545 if (*cp == ':')
546 ++nelems;
547
548 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
549 number of necessary entries. */
550 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
551 * sizeof (*result));
552 if (result == NULL)
553 _dl_signal_error (ENOMEM, NULL, N_("cannot create cache for search path"));
554
555 fillin_rpath (copy, result, ":", 0, what, where);
556
557 /* Free the copied RPATH string. `fillin_rpath' make own copies if
558 necessary. */
559 free (copy);
560
561 sps->dirs = result;
562 /* The caller will change this value if we haven't used a real malloc. */
563 sps->malloced = 1;
564 }
565
566
567 void
568 internal_function
569 _dl_init_paths (const char *llp)
570 {
571 size_t idx;
572 const char *strp;
573 struct r_search_path_elem *pelem, **aelem;
574 size_t round_size;
575 #ifdef SHARED
576 struct link_map *l;
577 #endif
578
579 /* Fill in the information about the application's RPATH and the
580 directories addressed by the LD_LIBRARY_PATH environment variable. */
581
582 /* Get the capabilities. */
583 capstr = _dl_important_hwcaps (_dl_platform, _dl_platformlen,
584 &ncapstr, &max_capstrlen);
585
586 /* First set up the rest of the default search directory entries. */
587 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
588 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
589 if (rtld_search_dirs.dirs == NULL)
590 _dl_signal_error (ENOMEM, NULL, N_("cannot create search path array"));
591
592 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
593 + ncapstr * sizeof (enum r_dir_status))
594 / sizeof (struct r_search_path_elem));
595
596 rtld_search_dirs.dirs[0] = (struct r_search_path_elem *)
597 malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
598 * round_size * sizeof (struct r_search_path_elem));
599 if (rtld_search_dirs.dirs[0] == NULL)
600 _dl_signal_error (ENOMEM, NULL, N_("cannot create cache for search path"));
601
602 rtld_search_dirs.malloced = 0;
603 pelem = _dl_all_dirs = rtld_search_dirs.dirs[0];
604 strp = system_dirs;
605 idx = 0;
606
607 do
608 {
609 size_t cnt;
610
611 *aelem++ = pelem;
612
613 pelem->what = "system search path";
614 pelem->where = NULL;
615
616 pelem->dirname = strp;
617 pelem->dirnamelen = system_dirs_len[idx];
618 strp += system_dirs_len[idx] + 1;
619
620 /* System paths must be absolute. */
621 assert (pelem->dirname[0] == '/');
622 for (cnt = 0; cnt < ncapstr; ++cnt)
623 pelem->status[cnt] = unknown;
624
625 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
626
627 pelem += round_size;
628 }
629 while (idx < nsystem_dirs_len);
630
631 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
632 *aelem = NULL;
633
634 #ifdef SHARED
635 /* This points to the map of the main object. */
636 l = _dl_loaded;
637 if (l != NULL)
638 {
639 assert (l->l_type != lt_loaded);
640
641 if (l->l_info[DT_RUNPATH])
642 {
643 /* Allocate room for the search path and fill in information
644 from RUNPATH. */
645 decompose_rpath (&l->l_runpath_dirs,
646 (const void *) (D_PTR (l, l_info[DT_STRTAB])
647 + l->l_info[DT_RUNPATH]->d_un.d_val),
648 l, "RUNPATH");
649
650 /* The RPATH is ignored. */
651 l->l_rpath_dirs.dirs = (void *) -1;
652 }
653 else
654 {
655 l->l_runpath_dirs.dirs = (void *) -1;
656
657 if (l->l_info[DT_RPATH])
658 {
659 /* Allocate room for the search path and fill in information
660 from RPATH. */
661 decompose_rpath (&l->l_rpath_dirs,
662 (const void *) (D_PTR (l, l_info[DT_STRTAB])
663 + l->l_info[DT_RPATH]->d_un.d_val),
664 l, "RPATH");
665 l->l_rpath_dirs.malloced = 0;
666 }
667 else
668 l->l_rpath_dirs.dirs = (void *) -1;
669 }
670 }
671 #endif /* SHARED */
672
673 if (llp != NULL && *llp != '\0')
674 {
675 size_t nllp;
676 const char *cp = llp;
677 char *llp_tmp = strdupa (llp);
678
679 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
680 elements it has. */
681 nllp = 1;
682 while (*cp)
683 {
684 if (*cp == ':' || *cp == ';')
685 ++nllp;
686 ++cp;
687 }
688
689 env_path_list.dirs = (struct r_search_path_elem **)
690 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
691 if (env_path_list.dirs == NULL)
692 _dl_signal_error (ENOMEM, NULL,
693 N_("cannot create cache for search path"));
694
695 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
696 __libc_enable_secure, "LD_LIBRARY_PATH", NULL);
697
698 if (env_path_list.dirs[0] == NULL)
699 {
700 free (env_path_list.dirs);
701 env_path_list.dirs = (void *) -1;
702 }
703
704 env_path_list.malloced = 0;
705 }
706 else
707 env_path_list.dirs = (void *) -1;
708
709 /* Remember the last search directory added at startup. */
710 _dl_init_all_dirs = _dl_all_dirs;
711 }
712
713
714 /* Think twice before changing anything in this function. It is placed
715 here and prepared using the `alloca' magic to prevent it from being
716 inlined. The function is only called in case of an error. But then
717 performance does not count. The function used to be "inlinable" and
718 the compiled did so all the time. This increased the code size for
719 absolutely no good reason. */
720 #define LOSE(code, s) lose (code, fd, name, realname, l, s)
721 static void
722 __attribute__ ((noreturn))
723 lose (int code, int fd, const char *name, char *realname, struct link_map *l,
724 const char *msg)
725 {
726 /* The use of `alloca' here looks ridiculous but it helps. The goal
727 is to avoid the function from being inlined. There is no official
728 way to do this so we use this trick. gcc never inlines functions
729 which use `alloca'. */
730 int *a = alloca (sizeof (int));
731 a[0] = fd;
732 (void) __close (a[0]);
733 if (l != NULL)
734 {
735 /* Remove the stillborn object from the list and free it. */
736 if (l->l_prev)
737 l->l_prev->l_next = l->l_next;
738 if (l->l_next)
739 l->l_next->l_prev = l->l_prev;
740 --_dl_nloaded;
741 free (l);
742 }
743 free (realname);
744 _dl_signal_error (code, name, msg);
745 }
746
747
748 /* Map in the shared object NAME, actually located in REALNAME, and already
749 opened on FD. */
750
751 #ifndef EXTERNAL_MAP_FROM_FD
752 static
753 #endif
754 struct link_map *
755 _dl_map_object_from_fd (const char *name, int fd, struct filebuf *fbp,
756 char *realname, struct link_map *loader, int l_type,
757 int mode)
758 {
759 struct link_map *l = NULL;
760
761 auto inline caddr_t map_segment (ElfW(Addr) mapstart, size_t len,
762 int prot, int fixed, off_t offset);
763
764 inline caddr_t map_segment (ElfW(Addr) mapstart, size_t len,
765 int prot, int fixed, off_t offset)
766 {
767 caddr_t mapat = __mmap ((caddr_t) mapstart, len, prot,
768 fixed|MAP_COPY|MAP_FILE,
769 fd, offset);
770 if (mapat == MAP_FAILED)
771 LOSE (errno, N_("failed to map segment from shared object"));
772 return mapat;
773 }
774
775 const ElfW(Ehdr) *header;
776 const ElfW(Phdr) *phdr;
777 const ElfW(Phdr) *ph;
778 size_t maplength;
779 int type;
780 struct stat64 st;
781
782 /* Get file information. */
783 if (__fxstat64 (_STAT_VER, fd, &st) < 0)
784 LOSE (errno, N_("cannot stat shared object"));
785
786 /* Look again to see if the real name matched another already loaded. */
787 for (l = _dl_loaded; l; l = l->l_next)
788 if (l->l_ino == st.st_ino && l->l_dev == st.st_dev)
789 {
790 /* The object is already loaded.
791 Just bump its reference count and return it. */
792 __close (fd);
793
794 /* If the name is not in the list of names for this object add
795 it. */
796 free (realname);
797 add_name_to_object (l, name);
798
799 return l;
800 }
801
802 if (mode & RTLD_NOLOAD)
803 /* We are not supposed to load the object unless it is already
804 loaded. So return now. */
805 return NULL;
806
807 /* Print debugging message. */
808 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0))
809 _dl_debug_printf ("file=%s; generating link map\n", name);
810
811 /* This is the ELF header. We read it in `open_verify'. */
812 header = (void *) fbp->buf;
813
814 #ifndef MAP_ANON
815 # define MAP_ANON 0
816 if (_dl_zerofd == -1)
817 {
818 _dl_zerofd = _dl_sysdep_open_zero_fill ();
819 if (_dl_zerofd == -1)
820 {
821 __close (fd);
822 _dl_signal_error (errno, NULL, N_("cannot open zero fill device"));
823 }
824 }
825 #endif
826
827 /* Enter the new object in the list of loaded objects. */
828 l = _dl_new_object (realname, name, l_type, loader);
829 if (__builtin_expect (! l, 0))
830 LOSE (ENOMEM, N_("cannot create shared object descriptor"));
831
832 /* Extract the remaining details we need from the ELF header
833 and then read in the program header table. */
834 l->l_entry = header->e_entry;
835 type = header->e_type;
836 l->l_phnum = header->e_phnum;
837
838 maplength = header->e_phnum * sizeof (ElfW(Phdr));
839 if (header->e_phoff + maplength <= fbp->len)
840 phdr = (void *) (fbp->buf + header->e_phoff);
841 else
842 {
843 phdr = alloca (maplength);
844 __lseek (fd, SEEK_SET, header->e_phoff);
845 if (__libc_read (fd, (void *) phdr, maplength) != maplength)
846 LOSE (errno, N_("cannot read file data"));
847 }
848
849 {
850 /* Scan the program header table, collecting its load commands. */
851 struct loadcmd
852 {
853 ElfW(Addr) mapstart, mapend, dataend, allocend;
854 off_t mapoff;
855 int prot;
856 } loadcmds[l->l_phnum], *c;
857 size_t nloadcmds = 0;
858
859 /* The struct is initialized to zero so this is not necessary:
860 l->l_ld = 0;
861 l->l_phdr = 0;
862 l->l_addr = 0; */
863 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
864 switch (ph->p_type)
865 {
866 /* These entries tell us where to find things once the file's
867 segments are mapped in. We record the addresses it says
868 verbatim, and later correct for the run-time load address. */
869 case PT_DYNAMIC:
870 l->l_ld = (void *) ph->p_vaddr;
871 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
872 break;
873 case PT_PHDR:
874 l->l_phdr = (void *) ph->p_vaddr;
875 break;
876
877 case PT_LOAD:
878 /* A load command tells us to map in part of the file.
879 We record the load commands and process them all later. */
880 if (ph->p_align % _dl_pagesize != 0)
881 LOSE (0, N_("ELF load command alignment not page-aligned"));
882 if ((ph->p_vaddr - ph->p_offset) % ph->p_align)
883 LOSE (0,
884 N_("ELF load command address/offset not properly aligned"));
885 {
886 struct loadcmd *c = &loadcmds[nloadcmds++];
887 c->mapstart = ph->p_vaddr & ~(ph->p_align - 1);
888 c->mapend = ((ph->p_vaddr + ph->p_filesz + _dl_pagesize - 1)
889 & ~(_dl_pagesize - 1));
890 c->dataend = ph->p_vaddr + ph->p_filesz;
891 c->allocend = ph->p_vaddr + ph->p_memsz;
892 c->mapoff = ph->p_offset & ~(ph->p_align - 1);
893
894 /* Optimize a common case. */
895 if ((PF_R | PF_W | PF_X) == 7
896 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7)
897 c->prot = _dl_pf_to_prot[ph->p_flags & (PF_R | PF_W | PF_X)];
898 else
899 {
900 c->prot = 0;
901 if (ph->p_flags & PF_R)
902 c->prot |= PROT_READ;
903 if (ph->p_flags & PF_W)
904 c->prot |= PROT_WRITE;
905 if (ph->p_flags & PF_X)
906 c->prot |= PROT_EXEC;
907 }
908 }
909 break;
910 }
911
912 /* Now process the load commands and map segments into memory. */
913 c = loadcmds;
914
915 /* Length of the sections to be loaded. */
916 maplength = loadcmds[nloadcmds - 1].allocend - c->mapstart;
917
918 if (__builtin_expect (type, ET_DYN) == ET_DYN)
919 {
920 /* This is a position-independent shared object. We can let the
921 kernel map it anywhere it likes, but we must have space for all
922 the segments in their specified positions relative to the first.
923 So we map the first segment without MAP_FIXED, but with its
924 extent increased to cover all the segments. Then we remove
925 access from excess portion, and there is known sufficient space
926 there to remap from the later segments.
927
928 As a refinement, sometimes we have an address that we would
929 prefer to map such objects at; but this is only a preference,
930 the OS can do whatever it likes. */
931 ElfW(Addr) mappref;
932 mappref = (ELF_PREFERRED_ADDRESS (loader, maplength, c->mapstart)
933 - MAP_BASE_ADDR (l));
934
935 /* Remember which part of the address space this object uses. */
936 l->l_map_start = (ElfW(Addr)) map_segment (mappref, maplength, c->prot,
937 0, c->mapoff);
938 l->l_map_end = l->l_map_start + maplength;
939 l->l_addr = l->l_map_start - c->mapstart;
940
941 /* Change protection on the excess portion to disallow all access;
942 the portions we do not remap later will be inaccessible as if
943 unallocated. Then jump into the normal segment-mapping loop to
944 handle the portion of the segment past the end of the file
945 mapping. */
946 __mprotect ((caddr_t) (l->l_addr + c->mapend),
947 loadcmds[nloadcmds - 1].allocend - c->mapend,
948 0);
949
950 goto postmap;
951 }
952 else
953 {
954 /* This object is loaded at a fixed address. This must never
955 happen for objects loaded with dlopen(). */
956 if (__builtin_expect (mode & __RTLD_DLOPEN, 0))
957 {
958 LOSE (0, N_("cannot dynamically load executable"));
959 }
960
961 /* Notify ELF_PREFERRED_ADDRESS that we have to load this one
962 fixed. */
963 ELF_FIXED_ADDRESS (loader, c->mapstart);
964 }
965
966 /* Remember which part of the address space this object uses. */
967 l->l_map_start = c->mapstart + l->l_addr;
968 l->l_map_end = l->l_map_start + maplength;
969
970 while (c < &loadcmds[nloadcmds])
971 {
972 if (c->mapend > c->mapstart)
973 /* Map the segment contents from the file. */
974 map_segment (l->l_addr + c->mapstart, c->mapend - c->mapstart,
975 c->prot, MAP_FIXED, c->mapoff);
976
977 postmap:
978 if (l->l_phdr == 0
979 && c->mapoff <= header->e_phoff
980 && (c->mapend - c->mapstart + c->mapoff
981 >= header->e_phoff + header->e_phnum * sizeof (ElfW(Phdr))))
982 /* Found the program header in this segment. */
983 l->l_phdr = (void *) (c->mapstart + header->e_phoff - c->mapoff);
984
985 if (c->allocend > c->dataend)
986 {
987 /* Extra zero pages should appear at the end of this segment,
988 after the data mapped from the file. */
989 ElfW(Addr) zero, zeroend, zeropage;
990
991 zero = l->l_addr + c->dataend;
992 zeroend = l->l_addr + c->allocend;
993 zeropage = (zero + _dl_pagesize - 1) & ~(_dl_pagesize - 1);
994
995 if (zeroend < zeropage)
996 /* All the extra data is in the last page of the segment.
997 We can just zero it. */
998 zeropage = zeroend;
999
1000 if (zeropage > zero)
1001 {
1002 /* Zero the final part of the last page of the segment. */
1003 if ((c->prot & PROT_WRITE) == 0)
1004 {
1005 /* Dag nab it. */
1006 if (__mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
1007 _dl_pagesize, c->prot|PROT_WRITE) < 0)
1008 LOSE (errno, N_("cannot change memory protections"));
1009 }
1010 memset ((void *) zero, '\0', zeropage - zero);
1011 if ((c->prot & PROT_WRITE) == 0)
1012 __mprotect ((caddr_t) (zero & ~(_dl_pagesize - 1)),
1013 _dl_pagesize, c->prot);
1014 }
1015
1016 if (zeroend > zeropage)
1017 {
1018 /* Map the remaining zero pages in from the zero fill FD. */
1019 caddr_t mapat;
1020 mapat = __mmap ((caddr_t) zeropage, zeroend - zeropage,
1021 c->prot, MAP_ANON|MAP_PRIVATE|MAP_FIXED,
1022 ANONFD, 0);
1023 if (mapat == MAP_FAILED)
1024 LOSE (errno, N_("cannot map zero-fill pages"));
1025 }
1026 }
1027
1028 ++c;
1029 }
1030
1031 if (l->l_phdr == NULL)
1032 {
1033 /* The program header is not contained in any of the segments.
1034 We have to allocate memory ourself and copy it over from
1035 out temporary place. */
1036 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1037 * sizeof (ElfW(Phdr)));
1038 if (newp == NULL)
1039 LOSE (ENOMEM, N_("cannot allocate memory for program header"));
1040
1041 l->l_phdr = memcpy (newp, phdr,
1042 (header->e_phnum * sizeof (ElfW(Phdr))));
1043 l->l_phdr_allocated = 1;
1044 }
1045 else
1046 /* Adjust the PT_PHDR value by the runtime load address. */
1047 (ElfW(Addr)) l->l_phdr += l->l_addr;
1048 }
1049
1050 /* We are done mapping in the file. We no longer need the descriptor. */
1051 __close (fd);
1052
1053 if (l->l_type == lt_library && type == ET_EXEC)
1054 l->l_type = lt_executable;
1055
1056 if (l->l_ld == 0)
1057 {
1058 if (type == ET_DYN)
1059 LOSE (0, N_("object file has no dynamic section"));
1060 }
1061 else
1062 (ElfW(Addr)) l->l_ld += l->l_addr;
1063
1064 l->l_entry += l->l_addr;
1065
1066 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0))
1067 _dl_debug_printf (" dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n"
1068 " entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1069 (int) sizeof (void *) * 2, (unsigned long int) l->l_ld,
1070 (int) sizeof (void *) * 2, (unsigned long int) l->l_addr,
1071 (int) sizeof (void *) * 2, maplength,
1072 (int) sizeof (void *) * 2, (unsigned long int) l->l_entry,
1073 (int) sizeof (void *) * 2, (unsigned long int) l->l_phdr,
1074 (int) sizeof (void *) * 2, l->l_phnum);
1075
1076 elf_get_dynamic_info (l);
1077
1078 /* Make sure we are dlopen()ing an object which has the DF_1_NOOPEN
1079 flag set. */
1080 if (__builtin_expect (l->l_flags_1 & DF_1_NOOPEN, 0)
1081 && (mode & __RTLD_DLOPEN))
1082 {
1083 /* Remove from the module list. */
1084 assert (l->l_next == NULL);
1085 #ifndef SHARED
1086 if (l->l_prev == NULL)
1087 /* No other module loaded. */
1088 _dl_loaded = NULL;
1089 else
1090 #endif
1091 l->l_prev->l_next = NULL;
1092 --_dl_nloaded;
1093
1094 /* We are not supposed to load this object. Free all resources. */
1095 __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start);
1096
1097 free (l->l_libname);
1098
1099 if (l->l_phdr_allocated)
1100 free ((void *) l->l_phdr);
1101
1102 free (l);
1103
1104 _dl_signal_error (0, name, N_("shared object cannot be dlopen()ed"));
1105 }
1106
1107 if (l->l_info[DT_HASH])
1108 _dl_setup_hash (l);
1109
1110 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1111 have to do this for the main map. */
1112 if (__builtin_expect (l->l_info[DT_SYMBOLIC] != NULL, 0)
1113 && &l->l_searchlist != l->l_scope[0])
1114 {
1115 /* Create an appropriate searchlist. It contains only this map.
1116
1117 XXX This is the definition of DT_SYMBOLIC in SysVr4. The old
1118 GNU ld.so implementation had a different interpretation which
1119 is more reasonable. We are prepared to add this possibility
1120 back as part of a GNU extension of the ELF format. */
1121 l->l_symbolic_searchlist.r_list =
1122 (struct link_map **) malloc (sizeof (struct link_map *));
1123
1124 if (l->l_symbolic_searchlist.r_list == NULL)
1125 LOSE (ENOMEM, N_("cannot create searchlist"));
1126
1127 l->l_symbolic_searchlist.r_list[0] = l;
1128 l->l_symbolic_searchlist.r_nlist = 1;
1129
1130 /* Now move the existing entries one back. */
1131 memmove (&l->l_scope[1], &l->l_scope[0],
1132 sizeof (l->l_scope) - sizeof (l->l_scope[0]));
1133
1134 /* Now add the new entry. */
1135 l->l_scope[0] = &l->l_symbolic_searchlist;
1136 }
1137
1138 /* Remember whether this object must be initialized first. */
1139 if (__builtin_expect (l->l_flags_1 & DF_1_INITFIRST, 0))
1140 _dl_initfirst = l;
1141
1142 /* Finally the file information. */
1143 l->l_dev = st.st_dev;
1144 l->l_ino = st.st_ino;
1145
1146 return l;
1147 }
1148 \f
1149 /* Print search path. */
1150 static void
1151 print_search_path (struct r_search_path_elem **list,
1152 const char *what, const char *name)
1153 {
1154 char buf[max_dirnamelen + max_capstrlen];
1155 int first = 1;
1156
1157 _dl_debug_printf (" search path=");
1158
1159 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1160 {
1161 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1162 size_t cnt;
1163
1164 for (cnt = 0; cnt < ncapstr; ++cnt)
1165 if ((*list)->status[cnt] != nonexisting)
1166 {
1167 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1168 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1169 cp[0] = '\0';
1170 else
1171 cp[-1] = '\0';
1172 if (first)
1173 {
1174 _dl_debug_printf_c ("%s", buf);
1175 first = 0;
1176 }
1177 else
1178 _dl_debug_printf_c (":%s", buf);
1179 }
1180
1181 ++list;
1182 }
1183
1184 if (name != NULL)
1185 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
1186 name[0] ? name : _dl_argv[0]);
1187 else
1188 _dl_debug_printf_c ("\t\t(%s)\n", what);
1189 }
1190 \f
1191 /* Open a file and verify it is an ELF file for this architecture. We
1192 ignore only ELF files for other architectures. Non-ELF files and
1193 ELF files with different header information cause fatal errors since
1194 this could mean there is something wrong in the installation and the
1195 user might want to know about this. */
1196 static int
1197 open_verify (const char *name, struct filebuf *fbp)
1198 {
1199 /* This is the expected ELF header. */
1200 #define ELF32_CLASS ELFCLASS32
1201 #define ELF64_CLASS ELFCLASS64
1202 #ifndef VALID_ELF_HEADER
1203 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1204 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1205 # define VALID_ELF_ABIVERSION(ver) (ver == 0)
1206 #endif
1207 static const unsigned char expected[EI_PAD] =
1208 {
1209 [EI_MAG0] = ELFMAG0,
1210 [EI_MAG1] = ELFMAG1,
1211 [EI_MAG2] = ELFMAG2,
1212 [EI_MAG3] = ELFMAG3,
1213 [EI_CLASS] = ELFW(CLASS),
1214 [EI_DATA] = byteorder,
1215 [EI_VERSION] = EV_CURRENT,
1216 [EI_OSABI] = ELFOSABI_SYSV,
1217 [EI_ABIVERSION] = 0
1218 };
1219 static const struct {
1220 ElfW(Word) vendorlen, datalen, type;
1221 char vendor[4];
1222 } expected_note = { 4, 16, 1, "GNU" };
1223 int fd;
1224
1225 /* Open the file. We always open files read-only. */
1226 fd = __open (name, O_RDONLY);
1227 if (fd != -1)
1228 {
1229 ElfW(Ehdr) *ehdr;
1230 ElfW(Phdr) *phdr, *ph;
1231 ElfW(Word) *abi_note, abi_note_buf[8];
1232 unsigned int osversion;
1233 size_t maplength;
1234
1235 /* We successfully openened the file. Now verify it is a file
1236 we can use. */
1237 __set_errno (0);
1238 fbp->len = __libc_read (fd, fbp->buf, sizeof (fbp->buf));
1239
1240 /* This is where the ELF header is loaded. */
1241 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1242 ehdr = (ElfW(Ehdr) *) fbp->buf;
1243
1244 /* Now run the tests. */
1245 if (__builtin_expect (fbp->len < (ssize_t) sizeof (ElfW(Ehdr)), 0))
1246 lose (errno, fd, name, NULL, NULL,
1247 errno == 0 ? N_("file too short") : N_("cannot read file data"));
1248
1249 /* See whether the ELF header is what we expect. */
1250 if (__builtin_expect (! VALID_ELF_HEADER (ehdr->e_ident, expected,
1251 EI_PAD), 0))
1252 {
1253 /* Something is wrong. */
1254 if (*(Elf32_Word *) &ehdr->e_ident !=
1255 #if BYTE_ORDER == LITTLE_ENDIAN
1256 ((ELFMAG0 << (EI_MAG0 * 8)) |
1257 (ELFMAG1 << (EI_MAG1 * 8)) |
1258 (ELFMAG2 << (EI_MAG2 * 8)) |
1259 (ELFMAG3 << (EI_MAG3 * 8)))
1260 #else
1261 ((ELFMAG0 << (EI_MAG3 * 8)) |
1262 (ELFMAG1 << (EI_MAG2 * 8)) |
1263 (ELFMAG2 << (EI_MAG1 * 8)) |
1264 (ELFMAG3 << (EI_MAG0 * 8)))
1265 #endif
1266 )
1267 lose (0, fd, name, NULL, NULL, N_("invalid ELF header"));
1268
1269 if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
1270 /* This is not a fatal error. On architectures where
1271 32-bit and 64-bit binaries can be run this might
1272 happen. */
1273 goto close_and_out;
1274
1275 if (ehdr->e_ident[EI_DATA] != byteorder)
1276 {
1277 if (BYTE_ORDER == BIG_ENDIAN)
1278 lose (0, fd, name, NULL, NULL,
1279 "ELF file data encoding not big-endian");
1280 else
1281 lose (0, fd, name, NULL, NULL,
1282 "ELF file data encoding not little-endian");
1283 }
1284 if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1285 lose (0, fd, name, NULL, NULL,
1286 N_("ELF file version ident does not match current one"));
1287 /* XXX We should be able so set system specific versions which are
1288 allowed here. */
1289 if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1290 lose (0, fd, name, NULL, NULL, N_("ELF file OS ABI invalid"));
1291 if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_ABIVERSION]))
1292 lose (0, fd, name, NULL, NULL,
1293 N_("ELF file ABI version invalid"));
1294 lose (0, fd, name, NULL, NULL, N_("internal error"));
1295 }
1296
1297 if (__builtin_expect (ehdr->e_version, EV_CURRENT) != EV_CURRENT)
1298 lose (0, fd, name, NULL, NULL,
1299 N_("ELF file version does not match current one"));
1300 if (! __builtin_expect (elf_machine_matches_host (ehdr), 1))
1301 goto close_and_out;
1302 else if (__builtin_expect (ehdr->e_phentsize, sizeof (ElfW(Phdr)))
1303 != sizeof (ElfW(Phdr)))
1304 lose (0, fd, name, NULL, NULL,
1305 N_("ELF file's phentsize not the expected size"));
1306 else if (__builtin_expect (ehdr->e_type, ET_DYN) != ET_DYN
1307 && __builtin_expect (ehdr->e_type, ET_EXEC) != ET_EXEC)
1308 lose (0, fd, name, NULL, NULL,
1309 N_("only ET_DYN and ET_EXEC can be loaded"));
1310
1311 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
1312 if (ehdr->e_phoff + maplength <= fbp->len)
1313 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1314 else
1315 {
1316 phdr = alloca (maplength);
1317 __lseek (fd, SEEK_SET, ehdr->e_phoff);
1318 if (__libc_read (fd, (void *) phdr, maplength) != maplength)
1319 lose (errno, fd, name, NULL, NULL, N_("cannot read file data"));
1320 }
1321
1322 /* Check .note.ABI-tag if present. */
1323 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
1324 if (ph->p_type == PT_NOTE && ph->p_filesz == 32 && ph->p_align >= 4)
1325 {
1326 if (ph->p_offset + 32 <= fbp->len)
1327 abi_note = (void *) (fbp->buf + ph->p_offset);
1328 else
1329 {
1330 __lseek (fd, SEEK_SET, ph->p_offset);
1331 if (__libc_read (fd, (void *) abi_note_buf, 32) != 32)
1332 lose (errno, fd, name, NULL, NULL,
1333 N_("cannot read file data"));
1334 abi_note = abi_note_buf;
1335 }
1336
1337 if (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1338 continue;
1339
1340 osversion = (abi_note[5] & 0xff) * 65536
1341 + (abi_note[6] & 0xff) * 256
1342 + (abi_note[7] & 0xff);
1343 if (abi_note[4] != __ABI_TAG_OS
1344 || (_dl_osversion && _dl_osversion < osversion))
1345 {
1346 close_and_out:
1347 __close (fd);
1348 __set_errno (ENOENT);
1349 fd = -1;
1350 }
1351
1352 break;
1353 }
1354 }
1355
1356 return fd;
1357 }
1358 \f
1359 /* Try to open NAME in one of the directories in *DIRSP.
1360 Return the fd, or -1. If successful, fill in *REALNAME
1361 with the malloc'd full directory name. If it turns out
1362 that none of the directories in *DIRSP exists, *DIRSP is
1363 replaced with (void *) -1, and the old value is free()d
1364 if MAY_FREE_DIRS is true. */
1365
1366 static int
1367 open_path (const char *name, size_t namelen, int preloaded,
1368 struct r_search_path_struct *sps, char **realname,
1369 struct filebuf *fbp)
1370 {
1371 struct r_search_path_elem **dirs = sps->dirs;
1372 char *buf;
1373 int fd = -1;
1374 const char *current_what = NULL;
1375 int any = 0;
1376
1377 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1378 do
1379 {
1380 struct r_search_path_elem *this_dir = *dirs;
1381 size_t buflen = 0;
1382 size_t cnt;
1383 char *edp;
1384 int here_any = 0;
1385 int err;
1386
1387 /* If we are debugging the search for libraries print the path
1388 now if it hasn't happened now. */
1389 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0)
1390 && current_what != this_dir->what)
1391 {
1392 current_what = this_dir->what;
1393 print_search_path (dirs, current_what, this_dir->where);
1394 }
1395
1396 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1397 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1398 {
1399 /* Skip this directory if we know it does not exist. */
1400 if (this_dir->status[cnt] == nonexisting)
1401 continue;
1402
1403 buflen =
1404 ((char *) __mempcpy (__mempcpy (edp,
1405 capstr[cnt].str, capstr[cnt].len),
1406 name, namelen)
1407 - buf);
1408
1409 /* Print name we try if this is wanted. */
1410 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1411 _dl_debug_printf (" trying file=%s\n", buf);
1412
1413 fd = open_verify (buf, fbp);
1414 if (this_dir->status[cnt] == unknown)
1415 {
1416 if (fd != -1)
1417 this_dir->status[cnt] = existing;
1418 else
1419 {
1420 /* We failed to open machine dependent library. Let's
1421 test whether there is any directory at all. */
1422 struct stat64 st;
1423
1424 buf[buflen - namelen - 1] = '\0';
1425
1426 if (__xstat64 (_STAT_VER, buf, &st) != 0
1427 || ! S_ISDIR (st.st_mode))
1428 /* The directory does not exist or it is no directory. */
1429 this_dir->status[cnt] = nonexisting;
1430 else
1431 this_dir->status[cnt] = existing;
1432 }
1433 }
1434
1435 /* Remember whether we found any existing directory. */
1436 here_any |= this_dir->status[cnt] == existing;
1437
1438 if (fd != -1 && __builtin_expect (preloaded, 0)
1439 && __libc_enable_secure)
1440 {
1441 /* This is an extra security effort to make sure nobody can
1442 preload broken shared objects which are in the trusted
1443 directories and so exploit the bugs. */
1444 struct stat64 st;
1445
1446 if (__fxstat64 (_STAT_VER, fd, &st) != 0
1447 || (st.st_mode & S_ISUID) == 0)
1448 {
1449 /* The shared object cannot be tested for being SUID
1450 or this bit is not set. In this case we must not
1451 use this object. */
1452 __close (fd);
1453 fd = -1;
1454 /* We simply ignore the file, signal this by setting
1455 the error value which would have been set by `open'. */
1456 errno = ENOENT;
1457 }
1458 }
1459 }
1460
1461 if (fd != -1)
1462 {
1463 *realname = malloc (buflen);
1464 if (*realname != NULL)
1465 {
1466 memcpy (*realname, buf, buflen);
1467 return fd;
1468 }
1469 else
1470 {
1471 /* No memory for the name, we certainly won't be able
1472 to load and link it. */
1473 __close (fd);
1474 return -1;
1475 }
1476 }
1477 if (here_any && (err = errno) != ENOENT && err != EACCES)
1478 /* The file exists and is readable, but something went wrong. */
1479 return -1;
1480
1481 /* Remember whether we found anything. */
1482 any |= here_any;
1483 }
1484 while (*++dirs != NULL);
1485
1486 /* Remove the whole path if none of the directories exists. */
1487 if (__builtin_expect (! any, 0))
1488 {
1489 /* Paths which were allocated using the minimal malloc() in ld.so
1490 must not be freed using the general free() in libc. */
1491 if (sps->malloced)
1492 free (sps->dirs);
1493 sps->dirs = (void *) -1;
1494 }
1495
1496 return -1;
1497 }
1498
1499 /* Map in the shared object file NAME. */
1500
1501 struct link_map *
1502 internal_function
1503 _dl_map_object (struct link_map *loader, const char *name, int preloaded,
1504 int type, int trace_mode, int mode)
1505 {
1506 int fd;
1507 char *realname;
1508 char *name_copy;
1509 struct link_map *l;
1510 struct filebuf fb;
1511
1512 /* Look for this name among those already loaded. */
1513 for (l = _dl_loaded; l; l = l->l_next)
1514 {
1515 /* If the requested name matches the soname of a loaded object,
1516 use that object. Elide this check for names that have not
1517 yet been opened. */
1518 if (__builtin_expect (l->l_faked, 0) != 0)
1519 continue;
1520 if (!_dl_name_match_p (name, l))
1521 {
1522 const char *soname;
1523
1524 if (__builtin_expect (l->l_soname_added, 1)
1525 || l->l_info[DT_SONAME] == NULL)
1526 continue;
1527
1528 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
1529 + l->l_info[DT_SONAME]->d_un.d_val);
1530 if (strcmp (name, soname) != 0)
1531 continue;
1532
1533 /* We have a match on a new name -- cache it. */
1534 add_name_to_object (l, soname);
1535 l->l_soname_added = 1;
1536 }
1537
1538 /* We have a match. */
1539 return l;
1540 }
1541
1542 /* Display information if we are debugging. */
1543 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_FILES, 0) && loader != NULL)
1544 _dl_debug_printf ("\nfile=%s; needed by %s\n", name,
1545 loader->l_name[0] ? loader->l_name : _dl_argv[0]);
1546
1547 if (strchr (name, '/') == NULL)
1548 {
1549 /* Search for NAME in several places. */
1550
1551 size_t namelen = strlen (name) + 1;
1552
1553 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1554 _dl_debug_printf ("find library=%s; searching\n", name);
1555
1556 fd = -1;
1557
1558 /* When the object has the RUNPATH information we don't use any
1559 RPATHs. */
1560 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
1561 {
1562 /* First try the DT_RPATH of the dependent object that caused NAME
1563 to be loaded. Then that object's dependent, and on up. */
1564 for (l = loader; fd == -1 && l; l = l->l_loader)
1565 {
1566 if (l->l_rpath_dirs.dirs == NULL)
1567 {
1568 if (l->l_info[DT_RPATH] == NULL)
1569 /* There is no path. */
1570 l->l_rpath_dirs.dirs = (void *) -1;
1571 else
1572 {
1573 /* Make sure the cache information is available. */
1574 size_t ptrval = (D_PTR (l, l_info[DT_STRTAB])
1575 + l->l_info[DT_RPATH]->d_un.d_val);
1576 decompose_rpath (&l->l_rpath_dirs,
1577 (const char *) ptrval, l, "RPATH");
1578
1579 if (l->l_rpath_dirs.dirs != (void *) -1)
1580 fd = open_path (name, namelen, preloaded,
1581 &l->l_rpath_dirs, &realname, &fb);
1582 }
1583 }
1584 else if (l->l_rpath_dirs.dirs != (void *) -1)
1585 fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
1586 &realname, &fb);
1587 }
1588
1589 /* If dynamically linked, try the DT_RPATH of the executable
1590 itself. */
1591 l = _dl_loaded;
1592 if (fd == -1 && l && l->l_type != lt_loaded && l != loader
1593 && l->l_rpath_dirs.dirs != (void *) -1)
1594 fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs,
1595 &realname, &fb);
1596 }
1597
1598 /* Try the LD_LIBRARY_PATH environment variable. */
1599 if (fd == -1 && env_path_list.dirs != (void *) -1)
1600 fd = open_path (name, namelen, preloaded, &env_path_list,
1601 &realname, &fb);
1602
1603 /* Look at the RUNPATH information for this binary. */
1604 if (loader != NULL && loader->l_runpath_dirs.dirs != (void *) -1)
1605 {
1606 if (loader->l_runpath_dirs.dirs == NULL)
1607 {
1608 if (loader->l_info[DT_RUNPATH] == NULL)
1609 /* No RUNPATH. */
1610 loader->l_runpath_dirs.dirs = (void *) -1;
1611 else
1612 {
1613 /* Make sure the cache information is available. */
1614 size_t ptrval = (D_PTR (loader, l_info[DT_STRTAB])
1615 + loader->l_info[DT_RUNPATH]->d_un.d_val);
1616 decompose_rpath (&loader->l_runpath_dirs,
1617 (const char *) ptrval, loader, "RUNPATH");
1618
1619 if (loader->l_runpath_dirs.dirs != (void *) -1)
1620 fd = open_path (name, namelen, preloaded,
1621 &loader->l_runpath_dirs, &realname, &fb);
1622 }
1623 }
1624 else if (loader->l_runpath_dirs.dirs != (void *) -1)
1625 fd = open_path (name, namelen, preloaded,
1626 &loader->l_runpath_dirs, &realname, &fb);
1627 }
1628
1629 if (fd == -1
1630 && (__builtin_expect (! preloaded, 1) || ! __libc_enable_secure))
1631 {
1632 /* Check the list of libraries in the file /etc/ld.so.cache,
1633 for compatibility with Linux's ldconfig program. */
1634 const char *cached = _dl_load_cache_lookup (name);
1635
1636 #ifdef SHARED
1637 l = loader ?: _dl_loaded;
1638 #else
1639 l = loader;
1640 #endif
1641
1642 if (cached)
1643 {
1644 /* If the loader has the DF_1_NODEFLIB flag set we must not
1645 use a cache entry from any of these directories. */
1646 if (l && __builtin_expect (l->l_flags_1 & DF_1_NODEFLIB, 0))
1647 {
1648 const char *dirp = system_dirs;
1649 unsigned int cnt = 0;
1650
1651 do
1652 {
1653 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
1654 {
1655 /* The prefix matches. Don't use the entry. */
1656 cached = NULL;
1657 break;
1658 }
1659
1660 dirp += system_dirs_len[cnt] + 1;
1661 ++cnt;
1662 }
1663 while (cnt < nsystem_dirs_len);
1664 }
1665
1666 if (cached)
1667 {
1668 fd = open_verify (cached, &fb);
1669 if (__builtin_expect (fd, 0) != -1)
1670 {
1671 realname = local_strdup (cached);
1672 if (realname == NULL)
1673 {
1674 __close (fd);
1675 fd = -1;
1676 }
1677 }
1678 }
1679 }
1680 }
1681
1682 /* Finally, try the default path. */
1683 if (fd == -1
1684 && (l == NULL ||
1685 __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1))
1686 && rtld_search_dirs.dirs != (void *) -1)
1687 fd = open_path (name, namelen, preloaded, &rtld_search_dirs,
1688 &realname, &fb);
1689
1690 /* Add another newline when we a tracing the library loading. */
1691 if (__builtin_expect (_dl_debug_mask & DL_DEBUG_LIBS, 0))
1692 _dl_debug_printf ("\n");
1693 }
1694 else
1695 {
1696 /* The path may contain dynamic string tokens. */
1697 realname = (loader
1698 ? expand_dynamic_string_token (loader, name)
1699 : local_strdup (name));
1700 if (realname == NULL)
1701 fd = -1;
1702 else
1703 {
1704 fd = open_verify (realname, &fb);
1705 if (__builtin_expect (fd, 0) == -1)
1706 free (realname);
1707 }
1708 }
1709
1710 if (__builtin_expect (fd, 0) == -1)
1711 {
1712 if (trace_mode)
1713 {
1714 /* We haven't found an appropriate library. But since we
1715 are only interested in the list of libraries this isn't
1716 so severe. Fake an entry with all the information we
1717 have. */
1718 static const Elf_Symndx dummy_bucket = STN_UNDEF;
1719
1720 /* Enter the new object in the list of loaded objects. */
1721 if ((name_copy = local_strdup (name)) == NULL
1722 || (l = _dl_new_object (name_copy, name, type, loader)) == NULL)
1723 _dl_signal_error (ENOMEM, name,
1724 N_("cannot create shared object descriptor"));
1725 /* Signal that this is a faked entry. */
1726 l->l_faked = 1;
1727 /* Since the descriptor is initialized with zero we do not
1728 have do this here.
1729 l->l_reserved = 0; */
1730 l->l_buckets = &dummy_bucket;
1731 l->l_nbuckets = 1;
1732 l->l_relocated = 1;
1733
1734 return l;
1735 }
1736 else
1737 _dl_signal_error (errno, name, N_("cannot open shared object file"));
1738 }
1739
1740 return _dl_map_object_from_fd (name, fd, &fb, realname, loader, type, mode);
1741 }
sources.redhat.com git mirror of glibc CVS