1 /* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2022 Free Software Foundation, Inc.
3 Copyright The GNU Toolchain Authors.
4 This file is part of the GNU C Library.
6 The GNU C Library is free software; you can redistribute it and/or
7 modify it under the terms of the GNU Lesser General Public
8 License as published by the Free Software Foundation; either
9 version 2.1 of the License, or (at your option) any later version.
11 The GNU C Library is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public
17 License along with the GNU C Library; if not, see
18 <https://www.gnu.org/licenses/>. */
29 #include <bits/wordsize.h>
31 #include <sys/param.h>
33 #include <sys/types.h>
34 #include <gnu/lib-names.h>
36 /* Type for the buffer we put the ELF header and hopefully the program
37 header. This buffer does not really have to be too large. In most
38 cases the program header follows the ELF header directly. If this
39 is not the case all bets are off and we can make the header
40 arbitrarily large and still won't get it read. This means the only
41 question is how large are the ELF and program header combined. The
42 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
43 bytes long. Each program header entry is again 32 and 56 bytes
44 long respectively. I.e., even with a file which has 10 program
45 header entries we only have to read 372B/624B respectively. Add to
46 this a bit of margin for program notes and reading 512B and 832B
47 for 32-bit and 64-bit files respecitvely is enough. If this
48 heuristic should really fail for some file the code in
49 `_dl_map_object_from_fd' knows how to recover. */
54 # define FILEBUF_SIZE 512
56 # define FILEBUF_SIZE 832
58 char buf
[FILEBUF_SIZE
] __attribute__ ((aligned (__alignof (ElfW(Ehdr
)))));
61 #include "dynamic-link.h"
62 #include "get-dynamic-info.h"
64 #include <stackinfo.h>
66 #include <stap-probe.h>
67 #include <libc-pointer-arith.h>
68 #include <array_length.h>
72 #include <dl-map-segments.h>
73 #include <dl-unmap-segments.h>
74 #include <dl-machine-reject-phdr.h>
75 #include <dl-sysdep-open.h>
77 #include <not-cancel.h>
80 #if BYTE_ORDER == BIG_ENDIAN
81 # define byteorder ELFDATA2MSB
82 #elif BYTE_ORDER == LITTLE_ENDIAN
83 # define byteorder ELFDATA2LSB
85 # error "Unknown BYTE_ORDER " BYTE_ORDER
86 # define byteorder ELFDATANONE
89 #define STRING(x) __STRING (x)
92 int __stack_prot attribute_hidden attribute_relro
93 #if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
95 #elif _STACK_GROWS_UP && defined PROT_GROWSUP
102 /* This is the decomposed LD_LIBRARY_PATH search path. */
103 struct r_search_path_struct __rtld_env_path_list attribute_relro
;
105 /* List of the hardware capabilities we might end up using. */
107 static const struct r_strlenpair
*capstr attribute_relro
;
108 static size_t ncapstr attribute_relro
;
109 static size_t max_capstrlen attribute_relro
;
111 enum { ncapstr
= 1, max_capstrlen
= 0 };
115 /* Get the generated information about the trusted directories. Use
116 an array of concatenated strings to avoid relocations. See
117 gen-trusted-dirs.awk. */
118 #include "trusted-dirs.h"
120 static const char system_dirs
[] = SYSTEM_DIRS
;
121 static const size_t system_dirs_len
[] =
125 #define nsystem_dirs_len array_length (system_dirs_len)
128 is_trusted_path_normalize (const char *path
, size_t len
)
133 char *npath
= (char *) alloca (len
+ 2);
135 while (*path
!= '\0')
141 if (path
[2] == '.' && (path
[3] == '/' || path
[3] == '\0'))
143 while (wnp
> npath
&& *--wnp
!= '/')
148 else if (path
[2] == '/' || path
[2] == '\0')
155 if (wnp
> npath
&& wnp
[-1] == '/')
165 if (wnp
== npath
|| wnp
[-1] != '/')
168 const char *trun
= system_dirs
;
170 for (size_t idx
= 0; idx
< nsystem_dirs_len
; ++idx
)
172 if (wnp
- npath
>= system_dirs_len
[idx
]
173 && memcmp (trun
, npath
, system_dirs_len
[idx
]) == 0)
177 trun
+= system_dirs_len
[idx
] + 1;
183 /* Given a substring starting at INPUT, just after the DST '$' start
184 token, determine if INPUT contains DST token REF, following the
185 ELF gABI rules for DSTs:
187 * Longest possible sequence using the rules (greedy).
189 * Must start with a $ (enforced by caller).
191 * Must follow $ with one underscore or ASCII [A-Za-z] (caller
192 follows these rules for REF) or '{' (start curly quoted name).
194 * Must follow first two characters with zero or more [A-Za-z0-9_]
195 (enforced by caller) or '}' (end curly quoted name).
197 If the sequence is a DST matching REF then the length of the DST
198 (excluding the $ sign but including curly braces, if any) is
199 returned, otherwise 0. */
201 is_dst (const char *input
, const char *ref
)
203 bool is_curly
= false;
205 /* Is a ${...} input sequence? */
212 /* Check for matching name, following closing curly brace (if
213 required), or trailing characters which are part of an
215 size_t rlen
= strlen (ref
);
216 if (strncmp (input
, ref
, rlen
) != 0
217 || (is_curly
&& input
[rlen
] != '}')
218 || ((input
[rlen
] >= 'A' && input
[rlen
] <= 'Z')
219 || (input
[rlen
] >= 'a' && input
[rlen
] <= 'z')
220 || (input
[rlen
] >= '0' && input
[rlen
] <= '9')
221 || (input
[rlen
] == '_')))
225 /* Count the two curly braces. */
231 /* INPUT should be the start of a path e.g DT_RPATH or name e.g.
232 DT_NEEDED. The return value is the number of known DSTs found. We
233 count all known DSTs regardless of __libc_enable_secure; the caller
234 is responsible for enforcing the security of the substitution rules
235 (usually _dl_dst_substitute). */
237 _dl_dst_count (const char *input
)
241 input
= strchr (input
, '$');
243 /* Most likely there is no DST. */
244 if (__glibc_likely (input
== NULL
))
252 /* All DSTs must follow ELF gABI rules, see is_dst (). */
253 if ((len
= is_dst (input
, "ORIGIN")) != 0
254 || (len
= is_dst (input
, "PLATFORM")) != 0
255 || (len
= is_dst (input
, "LIB")) != 0)
258 /* There may be more than one DST in the input. */
259 input
= strchr (input
+ len
, '$');
261 while (input
!= NULL
);
266 /* Process INPUT for DSTs and store in RESULT using the information
267 from link map L to resolve the DSTs. This function only handles one
268 path at a time and does not handle colon-separated path lists (see
269 fillin_rpath ()). Lastly the size of result in bytes should be at
270 least equal to the value returned by DL_DST_REQUIRED. Note that it
271 is possible for a DT_NEEDED, DT_AUXILIARY, and DT_FILTER entries to
272 have colons, but we treat those as literal colons here, not as path
275 _dl_dst_substitute (struct link_map
*l
, const char *input
, char *result
)
277 /* Copy character-by-character from input into the working pointer
278 looking for any DSTs. We track the start of input and if we are
279 going to check for trusted paths, all of which are part of $ORIGIN
280 handling in SUID/SGID cases (see below). In some cases, like when
281 a DST cannot be replaced, we may set result to an empty string and
284 const char *start
= input
;
285 bool check_for_trusted
= false;
289 if (__glibc_unlikely (*input
== '$'))
291 const char *repl
= NULL
;
295 if ((len
= is_dst (input
, "ORIGIN")) != 0)
297 /* For SUID/GUID programs we normally ignore the path with
298 $ORIGIN in DT_RUNPATH, or DT_RPATH. However, there is
299 one exception to this rule, and it is:
301 * $ORIGIN appears as the first path element, and is
302 the only string in the path or is immediately
303 followed by a path separator and the rest of the
308 * The path is rooted in a trusted directory.
310 This exception allows such programs to reference
311 shared libraries in subdirectories of trusted
312 directories. The use case is one of general
313 organization and deployment flexibility.
314 Trusted directories are usually such paths as "/lib64"
315 or "/usr/lib64", and the usual RPATHs take the form of
316 [$ORIGIN/../$LIB/somedir]. */
317 if (__glibc_unlikely (__libc_enable_secure
)
318 && !(input
== start
+ 1
319 && (input
[len
] == '\0' || input
[len
] == '/')))
320 repl
= (const char *) -1;
324 check_for_trusted
= (__libc_enable_secure
325 && l
->l_type
== lt_executable
);
327 else if ((len
= is_dst (input
, "PLATFORM")) != 0)
328 repl
= GLRO(dl_platform
);
329 else if ((len
= is_dst (input
, "LIB")) != 0)
332 if (repl
!= NULL
&& repl
!= (const char *) -1)
334 wp
= __stpcpy (wp
, repl
);
339 /* We found a valid DST that we know about, but we could
340 not find a replacement value for it, therefore we
341 cannot use this path and discard it. */
346 /* No DST we recognize. */
354 while (*input
!= '\0');
356 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
357 path must be rooted in one of the trusted directories. The $LIB
358 and $PLATFORM DST cannot in any way be manipulated by the caller
359 because they are fixed values that are set by the dynamic loader
360 and therefore any paths using just $LIB or $PLATFORM need not be
361 checked for trust, the authors of the binaries themselves are
362 trusted to have designed this correctly. Only $ORIGIN is tested in
363 this way because it may be manipulated in some ways with hard
365 if (__glibc_unlikely (check_for_trusted
)
366 && !is_trusted_path_normalize (result
, wp
- result
))
378 /* Return a malloc allocated copy of INPUT with all recognized DSTs
379 replaced. On some platforms it might not be possible to determine the
380 path from which the object belonging to the map is loaded. In this
381 case the path containing the DST is left out. On error NULL
384 expand_dynamic_string_token (struct link_map
*l
, const char *input
)
386 /* We make two runs over the string. First we determine how large the
387 resulting string is and then we copy it over. Since this is no
388 frequently executed operation we are looking here not for performance
389 but rather for code size. */
394 /* Determine the number of DSTs. */
395 cnt
= _dl_dst_count (input
);
397 /* If we do not have to replace anything simply copy the string. */
398 if (__glibc_likely (cnt
== 0))
399 return __strdup (input
);
401 /* Determine the length of the substituted string. */
402 total
= DL_DST_REQUIRED (l
, input
, strlen (input
), cnt
);
404 /* Allocate the necessary memory. */
405 result
= (char *) malloc (total
+ 1);
409 return _dl_dst_substitute (l
, input
, result
);
413 /* Add `name' to the list of names for a particular shared object.
414 `name' is expected to have been allocated with malloc and will
415 be freed if the shared object already has this name.
416 Returns false if the object already had this name. */
418 add_name_to_object (struct link_map
*l
, const char *name
)
420 struct libname_list
*lnp
, *lastp
;
421 struct libname_list
*newname
;
425 for (lnp
= l
->l_libname
; lnp
!= NULL
; lastp
= lnp
, lnp
= lnp
->next
)
426 if (strcmp (name
, lnp
->name
) == 0)
429 name_len
= strlen (name
) + 1;
430 newname
= (struct libname_list
*) malloc (sizeof *newname
+ name_len
);
433 /* No more memory. */
434 _dl_signal_error (ENOMEM
, name
, NULL
, N_("cannot allocate name record"));
437 /* The object should have a libname set from _dl_new_object. */
438 assert (lastp
!= NULL
);
440 newname
->name
= memcpy (newname
+ 1, name
, name_len
);
441 newname
->next
= NULL
;
442 newname
->dont_free
= 0;
443 /* CONCURRENCY NOTES:
445 Make sure the initialization of newname happens before its address is
446 read from the lastp->next store below.
448 GL(dl_load_lock) is held here (and by other writers, e.g. dlclose), so
449 readers of libname_list->next (e.g. _dl_check_caller or the reads above)
450 can use that for synchronization, however the read in _dl_name_match_p
451 may be executed without holding the lock during _dl_runtime_resolve
452 (i.e. lazy symbol resolution when a function of library l is called).
454 The release MO store below synchronizes with the acquire MO load in
455 _dl_name_match_p. Other writes need to synchronize with that load too,
456 however those happen either early when the process is single threaded
457 (dl_main) or when the library is unloaded (dlclose) and the user has to
458 synchronize library calls with unloading. */
459 atomic_store_release (&lastp
->next
, newname
);
462 /* Standard search directories. */
463 struct r_search_path_struct __rtld_search_dirs attribute_relro
;
465 static size_t max_dirnamelen
;
467 static struct r_search_path_elem
**
468 fillin_rpath (char *rpath
, struct r_search_path_elem
**result
, const char *sep
,
469 const char *what
, const char *where
, struct link_map
*l
)
474 while ((cp
= __strsep (&rpath
, sep
)) != NULL
)
476 struct r_search_path_elem
*dirp
;
477 char *to_free
= NULL
;
480 /* `strsep' can pass an empty string. */
483 to_free
= cp
= expand_dynamic_string_token (l
, cp
);
485 /* expand_dynamic_string_token can return NULL in case of empty
486 path or memory allocation failure. */
490 /* Compute the length after dynamic string token expansion and
491 ignore empty paths. */
499 /* Remove trailing slashes (except for "/"). */
500 while (len
> 1 && cp
[len
- 1] == '/')
503 /* Now add one if there is none so far. */
504 if (len
> 0 && cp
[len
- 1] != '/')
508 /* See if this directory is already known. */
509 for (dirp
= GL(dl_all_dirs
); dirp
!= NULL
; dirp
= dirp
->next
)
510 if (dirp
->dirnamelen
== len
&& memcmp (cp
, dirp
->dirname
, len
) == 0)
515 /* It is available, see whether it's on our own list. */
517 for (cnt
= 0; cnt
< nelems
; ++cnt
)
518 if (result
[cnt
] == dirp
)
522 result
[nelems
++] = dirp
;
527 enum r_dir_status init_val
;
528 size_t where_len
= where
? strlen (where
) + 1 : 0;
530 /* It's a new directory. Create an entry and add it. */
531 dirp
= (struct r_search_path_elem
*)
532 malloc (sizeof (*dirp
) + ncapstr
* sizeof (enum r_dir_status
)
533 + where_len
+ len
+ 1);
535 _dl_signal_error (ENOMEM
, NULL
, NULL
,
536 N_("cannot create cache for search path"));
538 dirp
->dirname
= ((char *) dirp
+ sizeof (*dirp
)
539 + ncapstr
* sizeof (enum r_dir_status
));
540 *((char *) __mempcpy ((char *) dirp
->dirname
, cp
, len
)) = '\0';
541 dirp
->dirnamelen
= len
;
543 if (len
> max_dirnamelen
)
544 max_dirnamelen
= len
;
546 /* We have to make sure all the relative directories are
547 never ignored. The current directory might change and
548 all our saved information would be void. */
549 init_val
= cp
[0] != '/' ? existing
: unknown
;
550 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
551 dirp
->status
[cnt
] = init_val
;
554 if (__glibc_likely (where
!= NULL
))
555 dirp
->where
= memcpy ((char *) dirp
+ sizeof (*dirp
) + len
+ 1
556 + (ncapstr
* sizeof (enum r_dir_status
)),
561 dirp
->next
= GL(dl_all_dirs
);
562 GL(dl_all_dirs
) = dirp
;
564 /* Put it in the result array. */
565 result
[nelems
++] = dirp
;
570 /* Terminate the array. */
571 result
[nelems
] = NULL
;
578 decompose_rpath (struct r_search_path_struct
*sps
,
579 const char *rpath
, struct link_map
*l
, const char *what
)
581 /* Make a copy we can work with. */
582 const char *where
= l
->l_name
;
584 struct r_search_path_elem
**result
;
586 /* Initialize to please the compiler. */
587 const char *errstring
= NULL
;
589 /* First see whether we must forget the RUNPATH and RPATH from this
591 if (__glibc_unlikely (GLRO(dl_inhibit_rpath
) != NULL
)
592 && !__libc_enable_secure
)
594 const char *inhp
= GLRO(dl_inhibit_rpath
);
598 const char *wp
= where
;
600 while (*inhp
== *wp
&& *wp
!= '\0')
606 if (*wp
== '\0' && (*inhp
== '\0' || *inhp
== ':'))
608 /* This object is on the list of objects for which the
609 RUNPATH and RPATH must not be used. */
610 sps
->dirs
= (void *) -1;
614 while (*inhp
!= '\0')
618 while (*inhp
!= '\0');
621 /* Ignore empty rpaths. */
624 sps
->dirs
= (struct r_search_path_elem
**) -1;
628 /* Make a writable copy. */
629 char *copy
= __strdup (rpath
);
632 errstring
= N_("cannot create RUNPATH/RPATH copy");
636 /* Count the number of necessary elements in the result array. */
638 for (cp
= copy
; *cp
!= '\0'; ++cp
)
642 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
643 number of necessary entries. */
644 result
= (struct r_search_path_elem
**) malloc ((nelems
+ 1 + 1)
649 errstring
= N_("cannot create cache for search path");
651 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
654 fillin_rpath (copy
, result
, ":", what
, where
, l
);
656 /* Free the copied RPATH string. `fillin_rpath' make own copies if
660 /* There is no path after expansion. */
661 if (result
[0] == NULL
)
664 sps
->dirs
= (struct r_search_path_elem
**) -1;
669 /* The caller will change this value if we haven't used a real malloc. */
674 /* Make sure cached path information is stored in *SP
675 and return true if there are any paths to search there. */
677 cache_rpath (struct link_map
*l
,
678 struct r_search_path_struct
*sp
,
682 if (sp
->dirs
== (void *) -1)
685 if (sp
->dirs
!= NULL
)
688 if (l
->l_info
[tag
] == NULL
)
690 /* There is no path. */
691 sp
->dirs
= (void *) -1;
695 /* Make sure the cache information is available. */
696 return decompose_rpath (sp
, (const char *) (D_PTR (l
, l_info
[DT_STRTAB
])
697 + l
->l_info
[tag
]->d_un
.d_val
),
703 _dl_init_paths (const char *llp
, const char *source
,
704 const char *glibc_hwcaps_prepend
,
705 const char *glibc_hwcaps_mask
)
709 struct r_search_path_elem
*pelem
, **aelem
;
711 struct link_map
__attribute__ ((unused
)) *l
= NULL
;
712 /* Initialize to please the compiler. */
713 const char *errstring
= NULL
;
715 /* Fill in the information about the application's RPATH and the
716 directories addressed by the LD_LIBRARY_PATH environment variable. */
719 /* Get the capabilities. */
720 capstr
= _dl_important_hwcaps (glibc_hwcaps_prepend
, glibc_hwcaps_mask
,
721 &ncapstr
, &max_capstrlen
);
724 /* First set up the rest of the default search directory entries. */
725 aelem
= __rtld_search_dirs
.dirs
= (struct r_search_path_elem
**)
726 malloc ((nsystem_dirs_len
+ 1) * sizeof (struct r_search_path_elem
*));
727 if (__rtld_search_dirs
.dirs
== NULL
)
729 errstring
= N_("cannot create search path array");
731 _dl_signal_error (ENOMEM
, NULL
, NULL
, errstring
);
734 round_size
= ((2 * sizeof (struct r_search_path_elem
) - 1
735 + ncapstr
* sizeof (enum r_dir_status
))
736 / sizeof (struct r_search_path_elem
));
738 __rtld_search_dirs
.dirs
[0]
739 = malloc (nsystem_dirs_len
* round_size
740 * sizeof (*__rtld_search_dirs
.dirs
[0]));
741 if (__rtld_search_dirs
.dirs
[0] == NULL
)
743 errstring
= N_("cannot create cache for search path");
747 __rtld_search_dirs
.malloced
= 0;
748 pelem
= GL(dl_all_dirs
) = __rtld_search_dirs
.dirs
[0];
758 pelem
->what
= "system search path";
761 pelem
->dirname
= strp
;
762 pelem
->dirnamelen
= system_dirs_len
[idx
];
763 strp
+= system_dirs_len
[idx
] + 1;
765 /* System paths must be absolute. */
766 assert (pelem
->dirname
[0] == '/');
767 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
768 pelem
->status
[cnt
] = unknown
;
770 pelem
->next
= (++idx
== nsystem_dirs_len
? NULL
: (pelem
+ round_size
));
774 while (idx
< nsystem_dirs_len
);
776 max_dirnamelen
= SYSTEM_DIRS_MAX_LEN
;
779 /* This points to the map of the main object. If there is no main
780 object (e.g., under --help, use the dynamic loader itself as a
782 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
785 l
= &GL (dl_rtld_map
);
787 assert (l
->l_type
!= lt_loaded
);
789 if (l
->l_info
[DT_RUNPATH
])
791 /* Allocate room for the search path and fill in information
793 decompose_rpath (&l
->l_runpath_dirs
,
794 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
795 + l
->l_info
[DT_RUNPATH
]->d_un
.d_val
),
797 /* During rtld init the memory is allocated by the stub malloc,
798 prevent any attempt to free it by the normal malloc. */
799 l
->l_runpath_dirs
.malloced
= 0;
801 /* The RPATH is ignored. */
802 l
->l_rpath_dirs
.dirs
= (void *) -1;
806 l
->l_runpath_dirs
.dirs
= (void *) -1;
808 if (l
->l_info
[DT_RPATH
])
810 /* Allocate room for the search path and fill in information
812 decompose_rpath (&l
->l_rpath_dirs
,
813 (const void *) (D_PTR (l
, l_info
[DT_STRTAB
])
814 + l
->l_info
[DT_RPATH
]->d_un
.d_val
),
816 /* During rtld init the memory is allocated by the stub
817 malloc, prevent any attempt to free it by the normal
819 l
->l_rpath_dirs
.malloced
= 0;
822 l
->l_rpath_dirs
.dirs
= (void *) -1;
825 if (llp
!= NULL
&& *llp
!= '\0')
827 char *llp_tmp
= strdupa (llp
);
829 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
832 for (const char *cp
= llp_tmp
; *cp
!= '\0'; ++cp
)
833 if (*cp
== ':' || *cp
== ';')
836 __rtld_env_path_list
.dirs
= (struct r_search_path_elem
**)
837 malloc ((nllp
+ 1) * sizeof (struct r_search_path_elem
*));
838 if (__rtld_env_path_list
.dirs
== NULL
)
840 errstring
= N_("cannot create cache for search path");
844 (void) fillin_rpath (llp_tmp
, __rtld_env_path_list
.dirs
, ":;",
847 if (__rtld_env_path_list
.dirs
[0] == NULL
)
849 free (__rtld_env_path_list
.dirs
);
850 __rtld_env_path_list
.dirs
= (void *) -1;
853 __rtld_env_path_list
.malloced
= 0;
856 __rtld_env_path_list
.dirs
= (void *) -1;
860 /* Process PT_GNU_PROPERTY program header PH in module L after
861 PT_LOAD segments are mapped. Only one NT_GNU_PROPERTY_TYPE_0
862 note is handled which contains processor specific properties.
863 FD is -1 for the kernel mapped main executable otherwise it is
864 the fd used for loading module L. */
867 _dl_process_pt_gnu_property (struct link_map
*l
, int fd
, const ElfW(Phdr
) *ph
)
869 const ElfW(Nhdr
) *note
= (const void *) (ph
->p_vaddr
+ l
->l_addr
);
870 const ElfW(Addr
) size
= ph
->p_memsz
;
871 const ElfW(Addr
) align
= ph
->p_align
;
873 /* The NT_GNU_PROPERTY_TYPE_0 note must be aligned to 4 bytes in
874 32-bit objects and to 8 bytes in 64-bit objects. Skip notes
875 with incorrect alignment. */
876 if (align
!= (__ELF_NATIVE_CLASS
/ 8))
879 const ElfW(Addr
) start
= (ElfW(Addr
)) note
;
880 unsigned int last_type
= 0;
882 while ((ElfW(Addr
)) (note
+ 1) - start
< size
)
884 /* Find the NT_GNU_PROPERTY_TYPE_0 note. */
885 if (note
->n_namesz
== 4
886 && note
->n_type
== NT_GNU_PROPERTY_TYPE_0
887 && memcmp (note
+ 1, "GNU", 4) == 0)
889 /* Check for invalid property. */
890 if (note
->n_descsz
< 8
891 || (note
->n_descsz
% sizeof (ElfW(Addr
))) != 0)
894 /* Start and end of property array. */
895 unsigned char *ptr
= (unsigned char *) (note
+ 1) + 4;
896 unsigned char *ptr_end
= ptr
+ note
->n_descsz
;
900 unsigned int type
= *(unsigned int *) ptr
;
901 unsigned int datasz
= *(unsigned int *) (ptr
+ 4);
903 /* Property type must be in ascending order. */
904 if (type
< last_type
)
908 if ((ptr
+ datasz
) > ptr_end
)
913 /* Target specific property processing. */
914 if (_dl_process_gnu_property (l
, fd
, type
, datasz
, ptr
) == 0)
917 /* Check the next property item. */
918 ptr
+= ALIGN_UP (datasz
, sizeof (ElfW(Addr
)));
920 while ((ptr_end
- ptr
) >= 8);
922 /* Only handle one NT_GNU_PROPERTY_TYPE_0. */
926 note
= ((const void *) note
927 + ELF_NOTE_NEXT_OFFSET (note
->n_namesz
, note
->n_descsz
,
933 /* Map in the shared object NAME, actually located in REALNAME, and already
936 #ifndef EXTERNAL_MAP_FROM_FD
940 _dl_map_object_from_fd (const char *name
, const char *origname
, int fd
,
941 struct filebuf
*fbp
, char *realname
,
942 struct link_map
*loader
, int l_type
, int mode
,
943 void **stack_endp
, Lmid_t nsid
)
945 struct link_map
*l
= NULL
;
946 const ElfW(Ehdr
) *header
;
947 const ElfW(Phdr
) *phdr
;
948 const ElfW(Phdr
) *ph
;
951 /* Initialize to keep the compiler happy. */
952 const char *errstring
= NULL
;
954 struct r_debug
*r
= _dl_debug_update (nsid
);
955 bool make_consistent
= false;
957 /* Get file information. To match the kernel behavior, do not fill
958 in this information for the executable in case of an explicit
959 loader invocation. */
961 if (mode
& __RTLD_OPENEXEC
)
963 assert (nsid
== LM_ID_BASE
);
964 memset (&id
, 0, sizeof (id
));
968 if (__glibc_unlikely (!_dl_get_file_id (fd
, &id
)))
970 errstring
= N_("cannot stat shared object");
974 /* The file might already be closed. */
976 __close_nocancel (fd
);
977 if (l
!= NULL
&& l
->l_map_start
!= 0)
978 _dl_unmap_segments (l
);
979 if (l
!= NULL
&& l
->l_origin
!= (char *) -1l)
980 free ((char *) l
->l_origin
);
981 if (l
!= NULL
&& !l
->l_libname
->dont_free
)
983 if (l
!= NULL
&& l
->l_phdr_allocated
)
984 free ((void *) l
->l_phdr
);
988 if (make_consistent
&& r
!= NULL
)
990 r
->r_state
= RT_CONSISTENT
;
992 LIBC_PROBE (map_failed
, 2, nsid
, r
);
995 _dl_signal_error (errval
, name
, NULL
, errstring
);
998 /* Look again to see if the real name matched another already loaded. */
999 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
!= NULL
; l
= l
->l_next
)
1000 if (!l
->l_removed
&& _dl_file_id_match_p (&l
->l_file_id
, &id
))
1002 /* The object is already loaded.
1003 Just bump its reference count and return it. */
1004 __close_nocancel (fd
);
1006 /* If the name is not in the list of names for this object add
1009 add_name_to_object (l
, name
);
1016 /* When loading into a namespace other than the base one we must
1017 avoid loading ld.so since there can only be one copy. Ever. */
1018 if (__glibc_unlikely (nsid
!= LM_ID_BASE
)
1019 && (_dl_file_id_match_p (&id
, &GL(dl_rtld_map
).l_file_id
)
1020 || _dl_name_match_p (name
, &GL(dl_rtld_map
))))
1022 /* This is indeed ld.so. Create a new link_map which refers to
1023 the real one for almost everything. */
1024 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
1028 /* Refer to the real descriptor. */
1029 l
->l_real
= &GL(dl_rtld_map
);
1031 /* Copy l_addr and l_ld to avoid a GDB warning with dlmopen(). */
1032 l
->l_addr
= l
->l_real
->l_addr
;
1033 l
->l_ld
= l
->l_real
->l_ld
;
1035 /* No need to bump the refcount of the real object, ld.so will
1036 never be unloaded. */
1037 __close_nocancel (fd
);
1039 /* Add the map for the mirrored object to the object list. */
1040 _dl_add_to_namespace_list (l
, nsid
);
1046 if (mode
& RTLD_NOLOAD
)
1048 /* We are not supposed to load the object unless it is already
1049 loaded. So return now. */
1051 __close_nocancel (fd
);
1055 /* Print debugging message. */
1056 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
1057 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name
, nsid
);
1059 /* This is the ELF header. We read it in `open_verify'. */
1060 header
= (void *) fbp
->buf
;
1062 /* Enter the new object in the list of loaded objects. */
1063 l
= _dl_new_object (realname
, name
, l_type
, loader
, mode
, nsid
);
1064 if (__glibc_unlikely (l
== NULL
))
1069 errstring
= N_("cannot create shared object descriptor");
1073 /* Extract the remaining details we need from the ELF header
1074 and then read in the program header table. */
1075 l
->l_entry
= header
->e_entry
;
1076 type
= header
->e_type
;
1077 l
->l_phnum
= header
->e_phnum
;
1079 maplength
= header
->e_phnum
* sizeof (ElfW(Phdr
));
1080 if (header
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1081 phdr
= (void *) (fbp
->buf
+ header
->e_phoff
);
1084 phdr
= alloca (maplength
);
1085 if ((size_t) __pread64_nocancel (fd
, (void *) phdr
, maplength
,
1086 header
->e_phoff
) != maplength
)
1088 errstring
= N_("cannot read file data");
1093 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1094 * executable. Other platforms default to a nonexecutable stack and don't
1095 * need PT_GNU_STACK to do so. */
1096 uint_fast16_t stack_flags
= DEFAULT_STACK_PERMS
;
1099 /* Scan the program header table, collecting its load commands. */
1100 struct loadcmd loadcmds
[l
->l_phnum
];
1101 size_t nloadcmds
= 0;
1102 bool has_holes
= false;
1103 bool empty_dynamic
= false;
1105 /* The struct is initialized to zero so this is not necessary:
1109 for (ph
= phdr
; ph
< &phdr
[l
->l_phnum
]; ++ph
)
1112 /* These entries tell us where to find things once the file's
1113 segments are mapped in. We record the addresses it says
1114 verbatim, and later correct for the run-time load address. */
1116 if (ph
->p_filesz
== 0)
1117 empty_dynamic
= true; /* Usually separate debuginfo. */
1120 /* Debuginfo only files from "objcopy --only-keep-debug"
1121 contain a PT_DYNAMIC segment with p_filesz == 0. Skip
1122 such a segment to avoid a crash later. */
1123 l
->l_ld
= (void *) ph
->p_vaddr
;
1124 l
->l_ldnum
= ph
->p_memsz
/ sizeof (ElfW(Dyn
));
1125 l
->l_ld_readonly
= (ph
->p_flags
& PF_W
) == 0;
1130 l
->l_phdr
= (void *) ph
->p_vaddr
;
1134 /* A load command tells us to map in part of the file.
1135 We record the load commands and process them all later. */
1136 if (__glibc_unlikely (((ph
->p_vaddr
- ph
->p_offset
)
1137 & (GLRO(dl_pagesize
) - 1)) != 0))
1140 = N_("ELF load command address/offset not page-aligned");
1144 struct loadcmd
*c
= &loadcmds
[nloadcmds
++];
1145 c
->mapstart
= ALIGN_DOWN (ph
->p_vaddr
, GLRO(dl_pagesize
));
1146 c
->mapend
= ALIGN_UP (ph
->p_vaddr
+ ph
->p_filesz
, GLRO(dl_pagesize
));
1147 c
->dataend
= ph
->p_vaddr
+ ph
->p_filesz
;
1148 c
->allocend
= ph
->p_vaddr
+ ph
->p_memsz
;
1149 c
->mapalign
= ph
->p_align
;
1150 c
->mapoff
= ALIGN_DOWN (ph
->p_offset
, GLRO(dl_pagesize
));
1152 /* Determine whether there is a gap between the last segment
1154 if (nloadcmds
> 1 && c
[-1].mapend
!= c
->mapstart
)
1157 /* Optimize a common case. */
1158 #if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1159 c
->prot
= (PF_TO_PROT
1160 >> ((ph
->p_flags
& (PF_R
| PF_W
| PF_X
)) * 4)) & 0xf;
1163 if (ph
->p_flags
& PF_R
)
1164 c
->prot
|= PROT_READ
;
1165 if (ph
->p_flags
& PF_W
)
1166 c
->prot
|= PROT_WRITE
;
1167 if (ph
->p_flags
& PF_X
)
1168 c
->prot
|= PROT_EXEC
;
1173 if (ph
->p_memsz
== 0)
1174 /* Nothing to do for an empty segment. */
1177 l
->l_tls_blocksize
= ph
->p_memsz
;
1178 l
->l_tls_align
= ph
->p_align
;
1179 if (ph
->p_align
== 0)
1180 l
->l_tls_firstbyte_offset
= 0;
1182 l
->l_tls_firstbyte_offset
= ph
->p_vaddr
& (ph
->p_align
- 1);
1183 l
->l_tls_initimage_size
= ph
->p_filesz
;
1184 /* Since we don't know the load address yet only store the
1185 offset. We will adjust it later. */
1186 l
->l_tls_initimage
= (void *) ph
->p_vaddr
;
1188 /* l->l_tls_modid is assigned below, once there is no
1189 possibility for failure. */
1191 if (l
->l_type
!= lt_library
1192 && GL(dl_tls_dtv_slotinfo_list
) == NULL
)
1195 /* We are loading the executable itself when the dynamic
1196 linker was executed directly. The setup will happen
1198 assert (l
->l_prev
== NULL
|| (mode
& __RTLD_AUDIT
) != 0);
1200 assert (false && "TLS not initialized in static application");
1206 stack_flags
= ph
->p_flags
;
1210 l
->l_relro_addr
= ph
->p_vaddr
;
1211 l
->l_relro_size
= ph
->p_memsz
;
1215 if (__glibc_unlikely (nloadcmds
== 0))
1217 /* This only happens for a bogus object that will be caught with
1218 another error below. But we don't want to go through the
1219 calculations below using NLOADCMDS - 1. */
1220 errstring
= N_("object file has no loadable segments");
1224 /* dlopen of an executable is not valid because it is not possible
1225 to perform proper relocations, handle static TLS, or run the
1226 ELF constructors. For PIE, the check needs the dynamic
1227 section, so there is another check below. */
1228 if (__glibc_unlikely (type
!= ET_DYN
)
1229 && __glibc_unlikely ((mode
& __RTLD_OPENEXEC
) == 0))
1231 /* This object is loaded at a fixed address. This must never
1232 happen for objects loaded with dlopen. */
1233 errstring
= N_("cannot dynamically load executable");
1237 /* This check recognizes most separate debuginfo files. */
1238 if (__glibc_unlikely ((l
->l_ld
== 0 && type
== ET_DYN
) || empty_dynamic
))
1240 errstring
= N_("object file has no dynamic section");
1244 /* Length of the sections to be loaded. */
1245 maplength
= loadcmds
[nloadcmds
- 1].allocend
- loadcmds
[0].mapstart
;
1247 /* Now process the load commands and map segments into memory.
1248 This is responsible for filling in:
1249 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1251 errstring
= _dl_map_segments (l
, fd
, header
, type
, loadcmds
, nloadcmds
,
1252 maplength
, has_holes
, loader
);
1253 if (__glibc_unlikely (errstring
!= NULL
))
1255 /* Mappings can be in an inconsistent state: avoid unmap. */
1256 l
->l_map_start
= l
->l_map_end
= 0;
1262 l
->l_ld
= (ElfW(Dyn
) *) ((ElfW(Addr
)) l
->l_ld
+ l
->l_addr
);
1264 elf_get_dynamic_info (l
, false, false);
1266 /* Make sure we are not dlopen'ing an object that has the
1267 DF_1_NOOPEN flag set, or a PIE object. */
1268 if ((__glibc_unlikely (l
->l_flags_1
& DF_1_NOOPEN
)
1269 && (mode
& __RTLD_DLOPEN
))
1270 || (__glibc_unlikely (l
->l_flags_1
& DF_1_PIE
)
1271 && __glibc_unlikely ((mode
& __RTLD_OPENEXEC
) == 0)))
1273 if (l
->l_flags_1
& DF_1_PIE
)
1275 = N_("cannot dynamically load position-independent executable");
1277 errstring
= N_("shared object cannot be dlopen()ed");
1281 if (l
->l_phdr
== NULL
)
1283 /* The program header is not contained in any of the segments.
1284 We have to allocate memory ourself and copy it over from out
1286 ElfW(Phdr
) *newp
= (ElfW(Phdr
) *) malloc (header
->e_phnum
1287 * sizeof (ElfW(Phdr
)));
1290 errstring
= N_("cannot allocate memory for program header");
1294 l
->l_phdr
= memcpy (newp
, phdr
,
1295 (header
->e_phnum
* sizeof (ElfW(Phdr
))));
1296 l
->l_phdr_allocated
= 1;
1299 /* Adjust the PT_PHDR value by the runtime load address. */
1300 l
->l_phdr
= (ElfW(Phdr
) *) ((ElfW(Addr
)) l
->l_phdr
+ l
->l_addr
);
1302 if (__glibc_unlikely ((stack_flags
&~ GL(dl_stack_flags
)) & PF_X
))
1304 /* The stack is presently not executable, but this module
1305 requires that it be executable. We must change the
1306 protection of the variable which contains the flags used in
1307 the mprotect calls. */
1309 if ((mode
& (__RTLD_DLOPEN
| __RTLD_AUDIT
)) == __RTLD_DLOPEN
)
1311 const uintptr_t p
= (uintptr_t) &__stack_prot
& -GLRO(dl_pagesize
);
1312 const size_t s
= (uintptr_t) (&__stack_prot
+ 1) - p
;
1314 struct link_map
*const m
= &GL(dl_rtld_map
);
1315 const uintptr_t relro_end
= ((m
->l_addr
+ m
->l_relro_addr
1317 & -GLRO(dl_pagesize
));
1318 if (__glibc_likely (p
+ s
<= relro_end
))
1320 /* The variable lies in the region protected by RELRO. */
1321 if (__mprotect ((void *) p
, s
, PROT_READ
|PROT_WRITE
) < 0)
1323 errstring
= N_("cannot change memory protections");
1326 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1327 __mprotect ((void *) p
, s
, PROT_READ
);
1330 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1334 __stack_prot
|= PROT_READ
|PROT_WRITE
|PROT_EXEC
;
1336 #ifdef check_consistency
1337 check_consistency ();
1341 errval
= _dl_make_stacks_executable (stack_endp
);
1343 errval
= (*GL(dl_make_stack_executable_hook
)) (stack_endp
);
1348 cannot enable executable stack as shared object requires");
1353 /* Adjust the address of the TLS initialization image. */
1354 if (l
->l_tls_initimage
!= NULL
)
1355 l
->l_tls_initimage
= (char *) l
->l_tls_initimage
+ l
->l_addr
;
1357 /* Process program headers again after load segments are mapped in
1358 case processing requires accessing those segments. Scan program
1359 headers backward so that PT_NOTE can be skipped if PT_GNU_PROPERTY
1361 for (ph
= &l
->l_phdr
[l
->l_phnum
]; ph
!= l
->l_phdr
; --ph
)
1362 switch (ph
[-1].p_type
)
1365 _dl_process_pt_note (l
, fd
, &ph
[-1]);
1367 case PT_GNU_PROPERTY
:
1368 _dl_process_pt_gnu_property (l
, fd
, &ph
[-1]);
1372 /* We are done mapping in the file. We no longer need the descriptor. */
1373 if (__glibc_unlikely (__close_nocancel (fd
) != 0))
1375 errstring
= N_("cannot close file descriptor");
1378 /* Signal that we closed the file. */
1381 /* Failures before this point are handled locally via lose.
1382 There are no more failures in this function until return,
1383 to change that the cleanup handling needs to be updated. */
1385 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1386 assert (type
!= ET_EXEC
|| l
->l_type
== lt_executable
);
1388 l
->l_entry
+= l
->l_addr
;
1390 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
))
1391 _dl_debug_printf ("\
1392 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1393 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1394 (int) sizeof (void *) * 2,
1395 (unsigned long int) l
->l_ld
,
1396 (int) sizeof (void *) * 2,
1397 (unsigned long int) l
->l_addr
,
1398 (int) sizeof (void *) * 2, maplength
,
1399 (int) sizeof (void *) * 2,
1400 (unsigned long int) l
->l_entry
,
1401 (int) sizeof (void *) * 2,
1402 (unsigned long int) l
->l_phdr
,
1403 (int) sizeof (void *) * 2, l
->l_phnum
);
1405 /* Set up the symbol hash table. */
1408 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1409 have to do this for the main map. */
1410 if ((mode
& RTLD_DEEPBIND
) == 0
1411 && __glibc_unlikely (l
->l_info
[DT_SYMBOLIC
] != NULL
)
1412 && &l
->l_searchlist
!= l
->l_scope
[0])
1414 /* Create an appropriate searchlist. It contains only this map.
1415 This is the definition of DT_SYMBOLIC in SysVr4. */
1416 l
->l_symbolic_searchlist
.r_list
[0] = l
;
1417 l
->l_symbolic_searchlist
.r_nlist
= 1;
1419 /* Now move the existing entries one back. */
1420 memmove (&l
->l_scope
[1], &l
->l_scope
[0],
1421 (l
->l_scope_max
- 1) * sizeof (l
->l_scope
[0]));
1423 /* Now add the new entry. */
1424 l
->l_scope
[0] = &l
->l_symbolic_searchlist
;
1427 /* Remember whether this object must be initialized first. */
1428 if (l
->l_flags_1
& DF_1_INITFIRST
)
1429 GL(dl_initfirst
) = l
;
1431 /* Finally the file information. */
1435 /* When auditing is used the recorded names might not include the
1436 name by which the DSO is actually known. Add that as well. */
1437 if (__glibc_unlikely (origname
!= NULL
))
1438 add_name_to_object (l
, origname
);
1440 /* Audit modules only exist when linking is dynamic so ORIGNAME
1441 cannot be non-NULL. */
1442 assert (origname
== NULL
);
1445 /* When we profile the SONAME might be needed for something else but
1446 loading. Add it right away. */
1447 if (__glibc_unlikely (GLRO(dl_profile
) != NULL
)
1448 && l
->l_info
[DT_SONAME
] != NULL
)
1449 add_name_to_object (l
, ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1450 + l
->l_info
[DT_SONAME
]->d_un
.d_val
));
1452 /* If we have newly loaded libc.so, update the namespace
1454 if (GL(dl_ns
)[nsid
].libc_map
== NULL
1455 && l
->l_info
[DT_SONAME
] != NULL
1456 && strcmp (((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
1457 + l
->l_info
[DT_SONAME
]->d_un
.d_val
), LIBC_SO
) == 0)
1458 GL(dl_ns
)[nsid
].libc_map
= l
;
1460 /* _dl_close can only eventually undo the module ID assignment (via
1461 remove_slotinfo) if this function returns a pointer to a link
1462 map. Therefore, delay this step until all possibilities for
1463 failure have been excluded. */
1464 if (l
->l_tls_blocksize
> 0
1465 && (__glibc_likely (l
->l_type
== lt_library
)
1466 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1467 not set up TLS data structures, so don't use them now. */
1468 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list
) != NULL
)))
1469 /* Assign the next available module ID. */
1470 _dl_assign_tls_modid (l
);
1472 #ifdef DL_AFTER_LOAD
1476 /* Now that the object is fully initialized add it to the object list. */
1477 _dl_add_to_namespace_list (l
, nsid
);
1479 /* Signal that we are going to add new objects. */
1480 if (r
->r_state
== RT_CONSISTENT
)
1483 /* Auditing checkpoint: we are going to add new objects. Since this
1484 is called after _dl_add_to_namespace_list the namespace is guaranteed
1486 if ((mode
& __RTLD_AUDIT
) == 0)
1487 _dl_audit_activity_nsid (nsid
, LA_ACT_ADD
);
1490 /* Notify the debugger we have added some objects. We need to
1491 call _dl_debug_initialize in a static program in case dynamic
1492 linking has not been used before. */
1493 r
->r_state
= RT_ADD
;
1495 LIBC_PROBE (map_start
, 2, nsid
, r
);
1496 make_consistent
= true;
1499 assert (r
->r_state
== RT_ADD
);
1502 /* Auditing checkpoint: we have a new object. */
1503 if (!GL(dl_ns
)[l
->l_ns
]._ns_loaded
->l_auditing
)
1504 _dl_audit_objopen (l
, nsid
);
1510 /* Print search path. */
1512 print_search_path (struct r_search_path_elem
**list
,
1513 const char *what
, const char *name
)
1515 char buf
[max_dirnamelen
+ max_capstrlen
];
1518 _dl_debug_printf (" search path=");
1520 while (*list
!= NULL
&& (*list
)->what
== what
) /* Yes, ==. */
1522 char *endp
= __mempcpy (buf
, (*list
)->dirname
, (*list
)->dirnamelen
);
1525 for (cnt
= 0; cnt
< ncapstr
; ++cnt
)
1526 if ((*list
)->status
[cnt
] != nonexisting
)
1529 char *cp
= __mempcpy (endp
, capstr
[cnt
].str
, capstr
[cnt
].len
);
1530 if (cp
== buf
|| (cp
== buf
+ 1 && buf
[0] == '/'))
1538 _dl_debug_printf_c (first
? "%s" : ":%s", buf
);
1546 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what
,
1547 DSO_FILENAME (name
));
1549 _dl_debug_printf_c ("\t\t(%s)\n", what
);
1552 /* Open a file and verify it is an ELF file for this architecture. We
1553 ignore only ELF files for other architectures. Non-ELF files and
1554 ELF files with different header information cause fatal errors since
1555 this could mean there is something wrong in the installation and the
1556 user might want to know about this.
1558 If FD is not -1, then the file is already open and FD refers to it.
1559 In that case, FD is consumed for both successful and error returns. */
1561 open_verify (const char *name
, int fd
,
1562 struct filebuf
*fbp
, struct link_map
*loader
,
1563 int whatcode
, int mode
, bool *found_other_class
, bool free_name
)
1565 /* This is the expected ELF header. */
1566 #define ELF32_CLASS ELFCLASS32
1567 #define ELF64_CLASS ELFCLASS64
1568 #ifndef VALID_ELF_HEADER
1569 # define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1570 # define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1571 # define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1572 #elif defined MORE_ELF_HEADER_DATA
1573 MORE_ELF_HEADER_DATA
;
1575 static const unsigned char expected
[EI_NIDENT
] =
1577 [EI_MAG0
] = ELFMAG0
,
1578 [EI_MAG1
] = ELFMAG1
,
1579 [EI_MAG2
] = ELFMAG2
,
1580 [EI_MAG3
] = ELFMAG3
,
1581 [EI_CLASS
] = ELFW(CLASS
),
1582 [EI_DATA
] = byteorder
,
1583 [EI_VERSION
] = EV_CURRENT
,
1584 [EI_OSABI
] = ELFOSABI_SYSV
,
1589 ElfW(Word
) vendorlen
;
1593 } expected_note
= { 4, 16, 1, "GNU" };
1594 /* Initialize it to make the compiler happy. */
1595 const char *errstring
= NULL
;
1599 /* Give the auditing libraries a chance. */
1600 if (__glibc_unlikely (GLRO(dl_naudit
) > 0))
1602 const char *original_name
= name
;
1603 name
= _dl_audit_objsearch (name
, loader
, whatcode
);
1607 if (fd
!= -1 && name
!= original_name
&& strcmp (name
, original_name
))
1609 /* An audit library changed what we're supposed to open,
1610 so FD no longer matches it. */
1611 __close_nocancel (fd
);
1618 /* Open the file. We always open files read-only. */
1619 fd
= __open64_nocancel (name
, O_RDONLY
| O_CLOEXEC
);
1624 ElfW(Phdr
) *phdr
, *ph
;
1625 ElfW(Word
) *abi_note
;
1626 ElfW(Word
) *abi_note_malloced
= NULL
;
1627 unsigned int osversion
;
1630 /* We successfully opened the file. Now verify it is a file
1634 assert (sizeof (fbp
->buf
) > sizeof (ElfW(Ehdr
)));
1635 /* Read in the header. */
1638 ssize_t retlen
= __read_nocancel (fd
, fbp
->buf
+ fbp
->len
,
1639 sizeof (fbp
->buf
) - fbp
->len
);
1644 while (__glibc_unlikely (fbp
->len
< sizeof (ElfW(Ehdr
))));
1646 /* This is where the ELF header is loaded. */
1647 ehdr
= (ElfW(Ehdr
) *) fbp
->buf
;
1649 /* Now run the tests. */
1650 if (__glibc_unlikely (fbp
->len
< (ssize_t
) sizeof (ElfW(Ehdr
))))
1653 errstring
= (errval
== 0
1654 ? N_("file too short") : N_("cannot read file data"));
1658 char *realname
= (char *) name
;
1659 name
= strdupa (realname
);
1662 __close_nocancel (fd
);
1663 _dl_signal_error (errval
, name
, NULL
, errstring
);
1666 /* See whether the ELF header is what we expect. */
1667 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr
->e_ident
, expected
,
1669 || !VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1670 ehdr
->e_ident
[EI_ABIVERSION
])
1671 || memcmp (&ehdr
->e_ident
[EI_PAD
],
1673 EI_NIDENT
- EI_PAD
) != 0))
1675 /* Something is wrong. */
1676 const Elf32_Word
*magp
= (const void *) ehdr
->e_ident
;
1678 #if BYTE_ORDER == LITTLE_ENDIAN
1679 ((ELFMAG0
<< (EI_MAG0
* 8))
1680 | (ELFMAG1
<< (EI_MAG1
* 8))
1681 | (ELFMAG2
<< (EI_MAG2
* 8))
1682 | (ELFMAG3
<< (EI_MAG3
* 8)))
1684 ((ELFMAG0
<< (EI_MAG3
* 8))
1685 | (ELFMAG1
<< (EI_MAG2
* 8))
1686 | (ELFMAG2
<< (EI_MAG1
* 8))
1687 | (ELFMAG3
<< (EI_MAG0
* 8)))
1690 errstring
= N_("invalid ELF header");
1691 else if (ehdr
->e_ident
[EI_CLASS
] != ELFW(CLASS
))
1693 /* This is not a fatal error. On architectures where
1694 32-bit and 64-bit binaries can be run this might
1696 *found_other_class
= true;
1699 else if (ehdr
->e_ident
[EI_DATA
] != byteorder
)
1701 if (BYTE_ORDER
== BIG_ENDIAN
)
1702 errstring
= N_("ELF file data encoding not big-endian");
1704 errstring
= N_("ELF file data encoding not little-endian");
1706 else if (ehdr
->e_ident
[EI_VERSION
] != EV_CURRENT
)
1708 = N_("ELF file version ident does not match current one");
1709 /* XXX We should be able so set system specific versions which are
1711 else if (!VALID_ELF_OSABI (ehdr
->e_ident
[EI_OSABI
]))
1712 errstring
= N_("ELF file OS ABI invalid");
1713 else if (!VALID_ELF_ABIVERSION (ehdr
->e_ident
[EI_OSABI
],
1714 ehdr
->e_ident
[EI_ABIVERSION
]))
1715 errstring
= N_("ELF file ABI version invalid");
1716 else if (memcmp (&ehdr
->e_ident
[EI_PAD
], &expected
[EI_PAD
],
1717 EI_NIDENT
- EI_PAD
) != 0)
1718 errstring
= N_("nonzero padding in e_ident");
1720 /* Otherwise we don't know what went wrong. */
1721 errstring
= N_("internal error");
1726 if (__glibc_unlikely (ehdr
->e_version
!= EV_CURRENT
))
1728 errstring
= N_("ELF file version does not match current one");
1731 if (! __glibc_likely (elf_machine_matches_host (ehdr
)))
1733 else if (__glibc_unlikely (ehdr
->e_type
!= ET_DYN
1734 && ehdr
->e_type
!= ET_EXEC
))
1736 errstring
= N_("only ET_DYN and ET_EXEC can be loaded");
1739 else if (__glibc_unlikely (ehdr
->e_phentsize
!= sizeof (ElfW(Phdr
))))
1741 errstring
= N_("ELF file's phentsize not the expected size");
1745 maplength
= ehdr
->e_phnum
* sizeof (ElfW(Phdr
));
1746 if (ehdr
->e_phoff
+ maplength
<= (size_t) fbp
->len
)
1747 phdr
= (void *) (fbp
->buf
+ ehdr
->e_phoff
);
1750 phdr
= alloca (maplength
);
1751 if ((size_t) __pread64_nocancel (fd
, (void *) phdr
, maplength
,
1752 ehdr
->e_phoff
) != maplength
)
1756 errstring
= N_("cannot read file data");
1761 if (__glibc_unlikely (elf_machine_reject_phdr_p
1762 (phdr
, ehdr
->e_phnum
, fbp
->buf
, fbp
->len
,
1766 /* Check .note.ABI-tag if present. */
1767 for (ph
= phdr
; ph
< &phdr
[ehdr
->e_phnum
]; ++ph
)
1768 if (ph
->p_type
== PT_NOTE
&& ph
->p_filesz
>= 32
1769 && (ph
->p_align
== 4 || ph
->p_align
== 8))
1771 ElfW(Addr
) size
= ph
->p_filesz
;
1773 if (ph
->p_offset
+ size
<= (size_t) fbp
->len
)
1774 abi_note
= (void *) (fbp
->buf
+ ph
->p_offset
);
1777 /* Note: __libc_use_alloca is not usable here, because
1778 thread info may not have been set up yet. */
1779 if (size
< __MAX_ALLOCA_CUTOFF
)
1780 abi_note
= alloca (size
);
1783 /* There could be multiple PT_NOTEs. */
1784 abi_note_malloced
= realloc (abi_note_malloced
, size
);
1785 if (abi_note_malloced
== NULL
)
1788 abi_note
= abi_note_malloced
;
1790 if (__pread64_nocancel (fd
, (void *) abi_note
, size
,
1791 ph
->p_offset
) != size
)
1793 free (abi_note_malloced
);
1798 while (memcmp (abi_note
, &expected_note
, sizeof (expected_note
)))
1800 ElfW(Addr
) note_size
1801 = ELF_NOTE_NEXT_OFFSET (abi_note
[0], abi_note
[1],
1804 if (size
- 32 < note_size
)
1810 abi_note
= (void *) abi_note
+ note_size
;
1816 osversion
= (abi_note
[5] & 0xff) * 65536
1817 + (abi_note
[6] & 0xff) * 256
1818 + (abi_note
[7] & 0xff);
1819 if (abi_note
[4] != __ABI_TAG_OS
1820 || (GLRO(dl_osversion
) && GLRO(dl_osversion
) < osversion
))
1823 __close_nocancel (fd
);
1824 __set_errno (ENOENT
);
1830 free (abi_note_malloced
);
1836 /* Try to open NAME in one of the directories in *DIRSP.
1837 Return the fd, or -1. If successful, fill in *REALNAME
1838 with the malloc'd full directory name. If it turns out
1839 that none of the directories in *DIRSP exists, *DIRSP is
1840 replaced with (void *) -1, and the old value is free()d
1841 if MAY_FREE_DIRS is true. */
1844 open_path (const char *name
, size_t namelen
, int mode
,
1845 struct r_search_path_struct
*sps
, char **realname
,
1846 struct filebuf
*fbp
, struct link_map
*loader
, int whatcode
,
1847 bool *found_other_class
)
1849 struct r_search_path_elem
**dirs
= sps
->dirs
;
1852 const char *current_what
= NULL
;
1855 if (__glibc_unlikely (dirs
== NULL
))
1856 /* We're called before _dl_init_paths when loading the main executable
1857 given on the command line when rtld is run directly. */
1860 buf
= alloca (max_dirnamelen
+ max_capstrlen
+ namelen
);
1863 struct r_search_path_elem
*this_dir
= *dirs
;
1870 /* If we are debugging the search for libraries print the path
1871 now if it hasn't happened now. */
1872 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
)
1873 && current_what
!= this_dir
->what
)
1875 current_what
= this_dir
->what
;
1876 print_search_path (dirs
, current_what
, this_dir
->where
);
1879 edp
= (char *) __mempcpy (buf
, this_dir
->dirname
, this_dir
->dirnamelen
);
1880 for (cnt
= 0; fd
== -1 && cnt
< ncapstr
; ++cnt
)
1882 /* Skip this directory if we know it does not exist. */
1883 if (this_dir
->status
[cnt
] == nonexisting
)
1888 ((char *) __mempcpy (__mempcpy (edp
, capstr
[cnt
].str
,
1893 buflen
= (char *) __mempcpy (edp
, name
, namelen
) - buf
;
1896 /* Print name we try if this is wanted. */
1897 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
1898 _dl_debug_printf (" trying file=%s\n", buf
);
1900 fd
= open_verify (buf
, -1, fbp
, loader
, whatcode
, mode
,
1901 found_other_class
, false);
1902 if (this_dir
->status
[cnt
] == unknown
)
1905 this_dir
->status
[cnt
] = existing
;
1906 /* Do not update the directory information when loading
1907 auditing code. We must try to disturb the program as
1908 little as possible. */
1909 else if (loader
== NULL
1910 || GL(dl_ns
)[loader
->l_ns
]._ns_loaded
->l_auditing
== 0)
1912 /* We failed to open machine dependent library. Let's
1913 test whether there is any directory at all. */
1914 struct __stat64_t64 st
;
1916 buf
[buflen
- namelen
- 1] = '\0';
1918 if (__stat64_time64 (buf
, &st
) != 0
1919 || ! S_ISDIR (st
.st_mode
))
1920 /* The directory does not exist or it is no directory. */
1921 this_dir
->status
[cnt
] = nonexisting
;
1923 this_dir
->status
[cnt
] = existing
;
1927 /* Remember whether we found any existing directory. */
1928 here_any
|= this_dir
->status
[cnt
] != nonexisting
;
1930 if (fd
!= -1 && __glibc_unlikely (mode
& __RTLD_SECURE
)
1931 && __libc_enable_secure
)
1933 /* This is an extra security effort to make sure nobody can
1934 preload broken shared objects which are in the trusted
1935 directories and so exploit the bugs. */
1936 struct __stat64_t64 st
;
1938 if (__fstat64_time64 (fd
, &st
) != 0
1939 || (st
.st_mode
& S_ISUID
) == 0)
1941 /* The shared object cannot be tested for being SUID
1942 or this bit is not set. In this case we must not
1944 __close_nocancel (fd
);
1946 /* We simply ignore the file, signal this by setting
1947 the error value which would have been set by `open'. */
1955 *realname
= (char *) malloc (buflen
);
1956 if (*realname
!= NULL
)
1958 memcpy (*realname
, buf
, buflen
);
1963 /* No memory for the name, we certainly won't be able
1964 to load and link it. */
1965 __close_nocancel (fd
);
1969 if (here_any
&& (err
= errno
) != ENOENT
&& err
!= EACCES
)
1970 /* The file exists and is readable, but something went wrong. */
1973 /* Remember whether we found anything. */
1976 while (*++dirs
!= NULL
);
1978 /* Remove the whole path if none of the directories exists. */
1979 if (__glibc_unlikely (! any
))
1981 /* Paths which were allocated using the minimal malloc() in ld.so
1982 must not be freed using the general free() in libc. */
1986 /* __rtld_search_dirs and __rtld_env_path_list are
1987 attribute_relro, therefore avoid writing to them. */
1988 if (sps
!= &__rtld_search_dirs
&& sps
!= &__rtld_env_path_list
)
1989 sps
->dirs
= (void *) -1;
1995 /* Map in the shared object file NAME. */
1998 _dl_map_object (struct link_map
*loader
, const char *name
,
1999 int type
, int trace_mode
, int mode
, Lmid_t nsid
)
2002 const char *origname
= NULL
;
2009 assert (nsid
< GL(dl_nns
));
2011 /* Look for this name among those already loaded. */
2012 for (l
= GL(dl_ns
)[nsid
]._ns_loaded
; l
; l
= l
->l_next
)
2014 /* If the requested name matches the soname of a loaded object,
2015 use that object. Elide this check for names that have not
2017 if (__glibc_unlikely ((l
->l_faked
| l
->l_removed
) != 0))
2019 if (!_dl_name_match_p (name
, l
))
2023 if (__glibc_likely (l
->l_soname_added
)
2024 || l
->l_info
[DT_SONAME
] == NULL
)
2027 soname
= ((const char *) D_PTR (l
, l_info
[DT_STRTAB
])
2028 + l
->l_info
[DT_SONAME
]->d_un
.d_val
);
2029 if (strcmp (name
, soname
) != 0)
2032 /* We have a match on a new name -- cache it. */
2033 add_name_to_object (l
, soname
);
2034 l
->l_soname_added
= 1;
2037 /* We have a match. */
2041 /* Display information if we are debugging. */
2042 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_FILES
)
2044 _dl_debug_printf ((mode
& __RTLD_CALLMAP
) == 0
2045 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
2046 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
2047 name
, nsid
, DSO_FILENAME (loader
->l_name
), loader
->l_ns
);
2050 /* Give the auditing libraries a chance to change the name before we
2052 if (__glibc_unlikely (GLRO(dl_naudit
) > 0))
2054 const char *before
= name
;
2055 name
= _dl_audit_objsearch (name
, loader
, LA_SER_ORIG
);
2061 if (before
!= name
&& strcmp (before
, name
) != 0)
2066 /* Will be true if we found a DSO which is of the other ELF class. */
2067 bool found_other_class
= false;
2069 if (strchr (name
, '/') == NULL
)
2071 /* Search for NAME in several places. */
2073 size_t namelen
= strlen (name
) + 1;
2075 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
2076 _dl_debug_printf ("find library=%s [%lu]; searching\n", name
, nsid
);
2080 /* When the object has the RUNPATH information we don't use any
2082 if (loader
== NULL
|| loader
->l_info
[DT_RUNPATH
] == NULL
)
2084 /* This is the executable's map (if there is one). Make sure that
2085 we do not look at it twice. */
2086 struct link_map
*main_map
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2087 bool did_main_map
= false;
2089 /* First try the DT_RPATH of the dependent object that caused NAME
2090 to be loaded. Then that object's dependent, and on up. */
2091 for (l
= loader
; l
; l
= l
->l_loader
)
2092 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2094 fd
= open_path (name
, namelen
, mode
,
2096 &realname
, &fb
, loader
, LA_SER_RUNPATH
,
2097 &found_other_class
);
2101 did_main_map
|= l
== main_map
;
2104 /* If dynamically linked, try the DT_RPATH of the executable
2105 itself. NB: we do this for lookups in any namespace. */
2106 if (fd
== -1 && !did_main_map
2107 && main_map
!= NULL
&& main_map
->l_type
!= lt_loaded
2108 && cache_rpath (main_map
, &main_map
->l_rpath_dirs
, DT_RPATH
,
2110 fd
= open_path (name
, namelen
, mode
,
2111 &main_map
->l_rpath_dirs
,
2112 &realname
, &fb
, loader
?: main_map
, LA_SER_RUNPATH
,
2113 &found_other_class
);
2115 /* Also try DT_RUNPATH in the executable for LD_AUDIT dlopen
2117 if (__glibc_unlikely (mode
& __RTLD_AUDIT
)
2118 && fd
== -1 && !did_main_map
2119 && main_map
!= NULL
&& main_map
->l_type
!= lt_loaded
)
2121 struct r_search_path_struct l_rpath_dirs
;
2122 l_rpath_dirs
.dirs
= NULL
;
2123 if (cache_rpath (main_map
, &l_rpath_dirs
,
2124 DT_RUNPATH
, "RUNPATH"))
2125 fd
= open_path (name
, namelen
, mode
, &l_rpath_dirs
,
2126 &realname
, &fb
, loader
?: main_map
,
2127 LA_SER_RUNPATH
, &found_other_class
);
2131 /* Try the LD_LIBRARY_PATH environment variable. */
2132 if (fd
== -1 && __rtld_env_path_list
.dirs
!= (void *) -1)
2133 fd
= open_path (name
, namelen
, mode
, &__rtld_env_path_list
,
2135 loader
?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
,
2136 LA_SER_LIBPATH
, &found_other_class
);
2138 /* Look at the RUNPATH information for this binary. */
2139 if (fd
== -1 && loader
!= NULL
2140 && cache_rpath (loader
, &loader
->l_runpath_dirs
,
2141 DT_RUNPATH
, "RUNPATH"))
2142 fd
= open_path (name
, namelen
, mode
,
2143 &loader
->l_runpath_dirs
, &realname
, &fb
, loader
,
2144 LA_SER_RUNPATH
, &found_other_class
);
2148 realname
= _dl_sysdep_open_object (name
, namelen
, &fd
);
2149 if (realname
!= NULL
)
2151 fd
= open_verify (realname
, fd
,
2152 &fb
, loader
?: GL(dl_ns
)[nsid
]._ns_loaded
,
2153 LA_SER_CONFIG
, mode
, &found_other_class
,
2162 && (__glibc_likely ((mode
& __RTLD_SECURE
) == 0)
2163 || ! __libc_enable_secure
)
2164 && __glibc_likely (GLRO(dl_inhibit_cache
) == 0))
2166 /* Check the list of libraries in the file /etc/ld.so.cache,
2167 for compatibility with Linux's ldconfig program. */
2168 char *cached
= _dl_load_cache_lookup (name
);
2172 // XXX Correct to unconditionally default to namespace 0?
2174 ?: GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
2180 /* If the loader has the DF_1_NODEFLIB flag set we must not
2181 use a cache entry from any of these directories. */
2182 if (__glibc_unlikely (l
->l_flags_1
& DF_1_NODEFLIB
))
2184 const char *dirp
= system_dirs
;
2185 unsigned int cnt
= 0;
2189 if (memcmp (cached
, dirp
, system_dirs_len
[cnt
]) == 0)
2191 /* The prefix matches. Don't use the entry. */
2197 dirp
+= system_dirs_len
[cnt
] + 1;
2200 while (cnt
< nsystem_dirs_len
);
2205 fd
= open_verify (cached
, -1,
2206 &fb
, loader
?: GL(dl_ns
)[nsid
]._ns_loaded
,
2207 LA_SER_CONFIG
, mode
, &found_other_class
,
2209 if (__glibc_likely (fd
!= -1))
2218 /* Finally, try the default path. */
2220 && ((l
= loader
?: GL(dl_ns
)[nsid
]._ns_loaded
) == NULL
2221 || __glibc_likely (!(l
->l_flags_1
& DF_1_NODEFLIB
)))
2222 && __rtld_search_dirs
.dirs
!= (void *) -1)
2223 fd
= open_path (name
, namelen
, mode
, &__rtld_search_dirs
,
2224 &realname
, &fb
, l
, LA_SER_DEFAULT
, &found_other_class
);
2226 /* Add another newline when we are tracing the library loading. */
2227 if (__glibc_unlikely (GLRO(dl_debug_mask
) & DL_DEBUG_LIBS
))
2228 _dl_debug_printf ("\n");
2232 /* The path may contain dynamic string tokens. */
2234 ? expand_dynamic_string_token (loader
, name
)
2236 if (realname
== NULL
)
2240 fd
= open_verify (realname
, -1, &fb
,
2241 loader
?: GL(dl_ns
)[nsid
]._ns_loaded
, 0, mode
,
2242 &found_other_class
, true);
2243 if (__glibc_unlikely (fd
== -1))
2251 /* In case the LOADER information has only been provided to get to
2252 the appropriate RUNPATH/RPATH information we do not need it
2254 if (mode
& __RTLD_CALLMAP
)
2257 if (__glibc_unlikely (fd
== -1))
2260 && __glibc_likely ((GLRO(dl_debug_mask
) & DL_DEBUG_PRELINK
) == 0))
2262 /* We haven't found an appropriate library. But since we
2263 are only interested in the list of libraries this isn't
2264 so severe. Fake an entry with all the information we
2266 static const Elf_Symndx dummy_bucket
= STN_UNDEF
;
2268 /* Allocate a new object map. */
2269 if ((name_copy
= __strdup (name
)) == NULL
2270 || (l
= _dl_new_object (name_copy
, name
, type
, loader
,
2271 mode
, nsid
)) == NULL
)
2274 _dl_signal_error (ENOMEM
, name
, NULL
,
2275 N_("cannot create shared object descriptor"));
2277 /* Signal that this is a faked entry. */
2279 /* Since the descriptor is initialized with zero we do not
2281 l->l_reserved = 0; */
2282 l
->l_buckets
= &dummy_bucket
;
2286 /* Enter the object in the object list. */
2287 _dl_add_to_namespace_list (l
, nsid
);
2291 else if (found_other_class
)
2292 _dl_signal_error (0, name
, NULL
,
2293 ELFW(CLASS
) == ELFCLASS32
2294 ? N_("wrong ELF class: ELFCLASS64")
2295 : N_("wrong ELF class: ELFCLASS32"));
2297 _dl_signal_error (errno
, name
, NULL
,
2298 N_("cannot open shared object file"));
2301 void *stack_end
= __libc_stack_end
;
2302 return _dl_map_object_from_fd (name
, origname
, fd
, &fb
, realname
, loader
,
2303 type
, mode
, &stack_end
, nsid
);
2306 struct add_path_state
2315 add_path (struct add_path_state
*p
, const struct r_search_path_struct
*sps
,
2318 if (sps
->dirs
!= (void *) -1)
2320 struct r_search_path_elem
**dirs
= sps
->dirs
;
2323 const struct r_search_path_elem
*const r
= *dirs
++;
2327 p
->si
->dls_size
+= MAX (2, r
->dirnamelen
);
2331 Dl_serpath
*const sp
= &p
->si
->dls_serpath
[p
->idx
++];
2332 sp
->dls_name
= p
->allocptr
;
2333 if (r
->dirnamelen
< 2)
2334 *p
->allocptr
++ = r
->dirnamelen
? '/' : '.';
2336 p
->allocptr
= __mempcpy (p
->allocptr
,
2337 r
->dirname
, r
->dirnamelen
- 1);
2338 *p
->allocptr
++ = '\0';
2339 sp
->dls_flags
= flags
;
2342 while (*dirs
!= NULL
);
2347 _dl_rtld_di_serinfo (struct link_map
*loader
, Dl_serinfo
*si
, bool counting
)
2355 struct add_path_state p
=
2357 .counting
= counting
,
2360 .allocptr
= (char *) &si
->dls_serpath
[si
->dls_cnt
]
2363 # define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */
2365 /* When the object has the RUNPATH information we don't use any RPATHs. */
2366 if (loader
->l_info
[DT_RUNPATH
] == NULL
)
2368 /* First try the DT_RPATH of the dependent object that caused NAME
2369 to be loaded. Then that object's dependent, and on up. */
2371 struct link_map
*l
= loader
;
2374 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2375 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2380 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2381 if (loader
->l_ns
== LM_ID_BASE
)
2383 l
= GL(dl_ns
)[LM_ID_BASE
]._ns_loaded
;
2384 if (l
!= NULL
&& l
->l_type
!= lt_loaded
&& l
!= loader
)
2385 if (cache_rpath (l
, &l
->l_rpath_dirs
, DT_RPATH
, "RPATH"))
2386 add_path (&p
, &l
->l_rpath_dirs
, XXX_RPATH
);
2390 /* Try the LD_LIBRARY_PATH environment variable. */
2391 add_path (&p
, &__rtld_env_path_list
, XXX_ENV
);
2393 /* Look at the RUNPATH information for this binary. */
2394 if (cache_rpath (loader
, &loader
->l_runpath_dirs
, DT_RUNPATH
, "RUNPATH"))
2395 add_path (&p
, &loader
->l_runpath_dirs
, XXX_RUNPATH
);
2398 Here is where ld.so.cache gets checked, but we don't have
2399 a way to indicate that in the results for Dl_serinfo. */
2401 /* Finally, try the default path. */
2402 if (!(loader
->l_flags_1
& DF_1_NODEFLIB
))
2403 add_path (&p
, &__rtld_search_dirs
, XXX_default
);
2406 /* Count the struct size before the string area, which we didn't
2407 know before we completed dls_cnt. */
2408 si
->dls_size
+= (char *) &si
->dls_serpath
[si
->dls_cnt
] - (char *) si
;