search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
3260 linker is insufficiently careful with strtok
[illumos-gate.git] / usr / src / cmd / sgs / rtld / common / setup.c
blobc5d2a2671e70853313d0a380890de210b91db62c
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
25
26 /*
27 * Copyright (c) 1988 AT&T
28 * All Rights Reserved
29 */
30
31 /*
32 * Run time linker common setup.
33 *
34 * Called from _setup to get the process going at startup.
35 */
36
37 #include <stdlib.h>
38 #include <fcntl.h>
39 #include <stdio.h>
40 #include <sys/types.h>
41 #include <sys/stat.h>
42 #include <sys/mman.h>
43 #include <string.h>
44 #include <unistd.h>
45 #include <dlfcn.h>
46 #include <sys/sysconfig.h>
47 #include <sys/auxv.h>
48 #include <debug.h>
49 #include <conv.h>
50 #include "_rtld.h"
51 #include "_audit.h"
52 #include "_elf.h"
53 #include "_a.out.h"
54 #include "msg.h"
55
56
57 extern int _end, _edata, _etext;
58 extern void _init(void);
59 extern int _brk_unlocked(void *);
60
61 #ifndef SGS_PRE_UNIFIED_PROCESS
62 /* needed for _brk_unlocked() */
63 void *_nd = &_end;
64 #endif
65
66 /*
67 * Counters that are incremented every time an object is mapped/unmapped.
68 *
69 * Note that exec() will usually map 2 objects before we receive control,
70 * but this can be 1 if ld.so.1 is executed directly. We count one of these
71 * here, and add another as necessary in setup().
72 */
73 u_longlong_t cnt_map = 1;
74 u_longlong_t cnt_unmap = 0;
75
76
77 /*
78 * Define for the executable's interpreter.
79 * Usually it is ld.so.1, but for the first release of ICL binaries
80 * it is libc.so.1. We keep this information so that we don't end
81 * up mapping libc twice if it is the interpreter.
82 */
83 static Interp _interp;
84
85 /*
86 * LD_PRELOAD objects.
87 */
88 static int
89 preload(const char *str, Rt_map *mlmp, Rt_map **clmp)
90 {
91 Alist *palp = NULL;
92 char *objs, *ptr, *next;
93 Word lmflags = lml_main.lm_flags;
94 int lddstub;
95
96 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD));
97
98 if ((objs = strdup(str)) == NULL)
99 return (0);
100
101 /*
102 * Determine if we've been called from lddstub.
103 */
104 lddstub = (lmflags & LML_FLG_TRC_ENABLE) &&
105 (FLAGS1(*clmp) & FL1_RT_LDDSTUB);
106
107
108 for (ptr = strtok_r(objs, MSG_ORIG(MSG_STR_DELIMIT), &next);
109 ptr != NULL;
110 ptr = strtok_r(NULL, MSG_ORIG(MSG_STR_DELIMIT), &next)) {
111 Rt_map *nlmp = NULL;
112 uint_t flags;
113
114 DBG_CALL(Dbg_file_preload(&lml_main, ptr));
115
116 /*
117 * Establish the flags for loading each object. If we're
118 * called via lddstub, then the first preloaded object is the
119 * object being inspected by ldd(1). This object should not be
120 * marked as an interposer, as this object is intended to act
121 * as the target object of the process.
122 */
123 if (lddstub)
124 flags = FLG_RT_PRELOAD;
125 else
126 flags = (FLG_RT_PRELOAD | FLG_RT_OBJINTPO);
127
128 /*
129 * If this a secure application, then preload errors are
130 * reduced to warnings, as the errors are non-fatal.
131 */
132 if (rtld_flags & RT_FL_SECURE)
133 rtld_flags2 |= RT_FL2_FTL2WARN;
134 if (expand_paths(*clmp, ptr, &palp, AL_CNT_NEEDED,
135 PD_FLG_EXTLOAD, 0) != 0)
136 nlmp = load_one(&lml_main, ALIST_OFF_DATA, palp, *clmp,
137 MODE(mlmp), flags, 0, NULL);
138 remove_alist(&palp, 0);
139 if (rtld_flags & RT_FL_SECURE)
140 rtld_flags2 &= ~RT_FL2_FTL2WARN;
141 if (nlmp && (bind_one(*clmp, nlmp, BND_NEEDED) == 0))
142 nlmp = NULL;
143
144 if (lddstub && nlmp) {
145 lddstub = 0;
146
147 /*
148 * Fabricate a binding between the target shared object
149 * and lddstub so that the target object isn't called
150 * out from unused() processing.
151 */
152 if (lmflags &
153 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)) {
154 if (bind_one(*clmp, nlmp, BND_REFER) == 0)
155 nlmp = NULL;
156 }
157
158 /*
159 * By identifying lddstub as the caller, several
160 * confusing ldd() diagnostics get suppressed. These
161 * diagnostics would reveal how the target shared object
162 * was found from lddstub. Now that the real target is
163 * loaded, identify the target as the caller so that all
164 * ldd() diagnostics are enabled for subsequent objects.
165 */
166 if (nlmp)
167 *clmp = nlmp;
168 }
169
170 /*
171 * If no error occurred with loading this object, indicate that
172 * this link-map list contains an interposer.
173 */
174 if (nlmp == NULL) {
175 if ((lmflags & LML_FLG_TRC_ENABLE) ||
176 (rtld_flags & RT_FL_SECURE))
177 continue;
178 else
179 return (0);
180 }
181 if (flags & FLG_RT_OBJINTPO)
182 lml_main.lm_flags |= LML_FLG_INTRPOSE;
183
184 }
185
186 free(palp);
187 free(objs);
188 return (1);
189 }
190
191 Rt_map *
192 setup(char **envp, auxv_t *auxv, Word _flags, char *_platform, int _syspagsz,
193 char *_rtldname, ulong_t ld_base, ulong_t interp_base, int fd, Phdr *phdr,
194 char *execname, char **argv, uid_t uid, uid_t euid, gid_t gid, gid_t egid,
195 void *aoutdyn, int auxflags, uint_t hwcap_1)
196 {
197 Rt_map *rlmp, *mlmp, *clmp, **tobj = NULL;
198 Ehdr *ehdr;
199 rtld_stat_t status;
200 int features = 0, ldsoexec = 0;
201 size_t eaddr, esize;
202 char *str, *argvname;
203 Word lmflags;
204 mmapobj_result_t *mpp;
205 Fdesc fdr = { 0 }, fdm = { 0 };
206 Rej_desc rej = { 0 };
207 APlist *ealp = NULL;
208
209 /*
210 * Now that ld.so has relocated itself, initialize our own 'environ' so
211 * as to establish an address suitable for any libc requirements.
212 */
213 _environ = (char **)((ulong_t)auxv - sizeof (char *));
214 _init();
215 _environ = envp;
216
217 /*
218 * Establish a base time. Total time diagnostics start from entering
219 * ld.so.1 here, however the base time is reset each time the ld.so.1
220 * is re-entered. Note also, there will be a large time associated
221 * with the first diagnostic from ld.so.1, as bootstrapping ld.so.1
222 * and establishing the liblddbg infrastructure takes some time.
223 */
224 (void) gettimeofday(&DBG_TOTALTIME, NULL);
225 DBG_DELTATIME = DBG_TOTALTIME;
226
227 /*
228 * Determine how ld.so.1 has been executed.
229 */
230 if ((fd == -1) && (phdr == NULL)) {
231 /*
232 * If we received neither the AT_EXECFD nor the AT_PHDR aux
233 * vector, ld.so.1 must have been invoked directly from the
234 * command line.
235 */
236 ldsoexec = 1;
237
238 /*
239 * AT_SUN_EXECNAME provides the most precise name, if it is
240 * available, otherwise fall back to argv[0]. At this time,
241 * there is no process name.
242 */
243 if (execname)
244 rtldname = execname;
245 else if (argv[0])
246 rtldname = argv[0];
247 else
248 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
249 } else {
250 /*
251 * Otherwise, we have a standard process. AT_SUN_EXECNAME
252 * provides the most precise name, if it is available,
253 * otherwise fall back to argv[0]. Provided the application
254 * is already mapped, the process is the application, so
255 * simplify the application name for use in any diagnostics.
256 */
257 if (execname)
258 argvname = execname;
259 else if (argv[0])
260 argvname = execname = argv[0];
261 else
262 argvname = execname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
263
264 if (fd == -1) {
265 if ((str = strrchr(argvname, '/')) != NULL)
266 procname = ++str;
267 else
268 procname = argvname;
269 }
270
271 /*
272 * At this point, we don't know the runtime linkers full path
273 * name. The _rtldname passed to us is the SONAME of the
274 * runtime linker, which is typically /lib/ld.so.1 no matter
275 * what the full path is. Use this for now, we'll reset the
276 * runtime linkers name once the application is analyzed.
277 */
278 if (_rtldname) {
279 if ((str = strrchr(_rtldname, '/')) != NULL)
280 rtldname = ++str;
281 else
282 rtldname = _rtldname;
283 } else
284 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
285
286 /* exec() brought in two objects for us. Count the second one */
287 cnt_map++;
288 }
289
290 /*
291 * Initialize any global variables.
292 */
293 at_flags = _flags;
294
295 if ((org_scapset->sc_plat = _platform) != NULL)
296 org_scapset->sc_platsz = strlen(_platform);
297
298 if (org_scapset->sc_plat == NULL)
299 platform_name(org_scapset);
300 if (org_scapset->sc_mach == NULL)
301 machine_name(org_scapset);
302
303 /*
304 * If pagesize is unspecified find its value.
305 */
306 if ((syspagsz = _syspagsz) == 0)
307 syspagsz = _sysconfig(_CONFIG_PAGESIZE);
308
309 /*
310 * Add the unused portion of the last data page to the free space list.
311 * The page size must be set before doing this. Here, _end refers to
312 * the end of the runtime linkers bss. Note that we do not use the
313 * unused data pages from any included .so's to supplement this free
314 * space as badly behaved .os's may corrupt this data space, and in so
315 * doing ruin our data.
316 */
317 eaddr = S_DROUND((size_t)&_end);
318 esize = eaddr % syspagsz;
319 if (esize) {
320 esize = syspagsz - esize;
321 addfree((void *)eaddr, esize);
322 }
323
324 /*
325 * Establish initial link-map list flags, and link-map list alists.
326 */
327 if (alist_append(&lml_main.lm_lists, NULL, sizeof (Lm_cntl),
328 AL_CNT_LMLISTS) == NULL)
329 return (0);
330 lml_main.lm_flags |= LML_FLG_BASELM;
331 lml_main.lm_lmid = LM_ID_BASE;
332 lml_main.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_BASE);
333
334 if (alist_append(&lml_rtld.lm_lists, NULL, sizeof (Lm_cntl),
335 AL_CNT_LMLISTS) == NULL)
336 return (0);
337 lml_rtld.lm_flags |= (LML_FLG_RTLDLM | LML_FLG_HOLDLOCK);
338 lml_rtld.lm_tflags |= LML_TFLG_NOAUDIT;
339 lml_rtld.lm_lmid = LM_ID_LDSO;
340 lml_rtld.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_LDSO);
341
342 /*
343 * Determine whether we have a secure executable.
344 */
345 security(uid, euid, gid, egid, auxflags);
346
347 /*
348 * Make an initial pass of environment variables to pick off those
349 * related to locale processing. At the same time, collect and save
350 * any LD_XXXX variables for later processing. Note that this later
351 * processing will be skipped if ld.so.1 is invoked from the command
352 * line with -e LD_NOENVIRON.
353 */
354 if (envp && (readenv_user((const char **)envp, &ealp) == 1))
355 return (0);
356
357 /*
358 * If ld.so.1 has been invoked directly, process its arguments.
359 */
360 if (ldsoexec) {
361 /*
362 * Process any arguments that are specific to ld.so.1, and
363 * reorganize the process stack to effectively remove ld.so.1
364 * from the stack. Reinitialize the environment pointer, as
365 * this pointer may have been shifted after skipping ld.so.1's
366 * arguments.
367 */
368 if (rtld_getopt(argv, &envp, &auxv, &(lml_main.lm_flags),
369 &(lml_main.lm_tflags), (aoutdyn != 0)) == 1) {
370 eprintf(&lml_main, ERR_NONE, MSG_INTL(MSG_USG_BADOPT));
371 return (0);
372 }
373 _environ = envp;
374
375 /*
376 * Open the object that ld.so.1 is to execute.
377 */
378 argvname = execname = argv[0];
379
380 if ((fd = open(argvname, O_RDONLY)) == -1) {
381 int err = errno;
382 eprintf(&lml_main, ERR_FATAL, MSG_INTL(MSG_SYS_OPEN),
383 argvname, strerror(err));
384 return (0);
385 }
386 }
387
388 /*
389 * Having processed any ld.so.1 command line options, return to process
390 * any LD_XXXX environment variables.
391 */
392 if (ealp) {
393 if (((rtld_flags & RT_FL_NOENVIRON) == 0) &&
394 (procenv_user(ealp, &(lml_main.lm_flags),
395 &(lml_main.lm_tflags), (aoutdyn != 0)) == 1))
396 return (0);
397 free(ealp);
398 }
399
400 /*
401 * Initialize a hardware capability descriptor for use in comparing
402 * each loaded object. The aux vector must provide AF_SUN_HWCAPVERIFY,
403 * as prior to this setting any hardware capabilities that were found
404 * could not be relied upon.
405 */
406 if (auxflags & AF_SUN_HWCAPVERIFY) {
407 rtld_flags2 |= RT_FL2_HWCAP;
408 org_scapset->sc_hw_1 = (Xword)hwcap_1;
409 }
410
411 /*
412 * Create a mapping descriptor for ld.so.1. We can determine our
413 * two segments information from known symbols.
414 */
415 if ((mpp = calloc(2, sizeof (mmapobj_result_t))) == NULL)
416 return (0);
417 mpp[0].mr_addr = (caddr_t)M_PTRUNC(ld_base);
418 mpp[0].mr_msize = (caddr_t)&_etext - mpp[0].mr_addr;
419 mpp[0].mr_fsize = mpp[0].mr_msize;
420 mpp[0].mr_prot = (PROT_READ | PROT_EXEC);
421
422 mpp[1].mr_addr = (caddr_t)M_PTRUNC((uintptr_t)&r_debug);
423 mpp[1].mr_msize = (caddr_t)&_end - mpp[1].mr_addr;
424 mpp[1].mr_fsize = (caddr_t)&_edata - mpp[1].mr_addr;
425 mpp[1].mr_prot = (PROT_READ | PROT_WRITE | PROT_EXEC);
426
427 if ((fdr.fd_nname = stravl_insert(_rtldname, 0, 0, 0)) == NULL)
428 return (0);
429 if ((rlmp = elf_new_lmp(&lml_rtld, ALIST_OFF_DATA, &fdr,
430 (Addr)mpp->mr_addr, (size_t)((uintptr_t)eaddr - (uintptr_t)ld_base),
431 NULL, NULL, NULL)) == NULL)
432 return (0);
433
434 MMAPS(rlmp) = mpp;
435 MMAPCNT(rlmp) = 2;
436 PADSTART(rlmp) = (ulong_t)mpp[0].mr_addr;
437 PADIMLEN(rlmp) = (ulong_t)mpp[0].mr_addr + (ulong_t)mpp[1].mr_addr +
438 (ulong_t)mpp[1].mr_msize;
439
440 MODE(rlmp) |= (RTLD_LAZY | RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD);
441 FLAGS(rlmp) |= (FLG_RT_ANALYZED | FLG_RT_RELOCED | FLG_RT_INITDONE |
442 FLG_RT_INITCLCT | FLG_RT_FINICLCT | FLG_RT_MODESET);
443
444 /*
445 * Initialize the runtime linkers information.
446 */
447 interp = &_interp;
448 interp->i_name = (char *)rtldname;
449 interp->i_faddr = (caddr_t)ADDR(rlmp);
450 ldso_plt_init(rlmp);
451
452 /*
453 * Map in the file, if exec has not already done so, or if the file
454 * was passed as an argument to an explicit execution of ld.so.1 from
455 * the command line.
456 */
457 if (fd != -1) {
458 /*
459 * Map the file. Once the object is mapped we no longer need
460 * the file descriptor.
461 */
462 (void) rtld_fstat(fd, &status);
463 fdm.fd_oname = argvname;
464 fdm.fd_ftp = map_obj(&lml_main, &fdm, status.st_size, argvname,
465 fd, &rej);
466 (void) close(fd);
467
468 if (fdm.fd_ftp == NULL) {
469 Conv_reject_desc_buf_t rej_buf;
470
471 eprintf(&lml_main, ERR_FATAL,
472 MSG_INTL(err_reject[rej.rej_type]), argvname,
473 conv_reject_desc(&rej, &rej_buf, M_MACH));
474 return (0);
475 }
476
477 /*
478 * Finish processing the loading of the file.
479 */
480 if ((fdm.fd_nname = stravl_insert(argvname, 0, 0, 0)) == NULL)
481 return (0);
482 fdm.fd_dev = status.st_dev;
483 fdm.fd_ino = status.st_ino;
484
485 if ((mlmp = load_file(&lml_main, ALIST_OFF_DATA, NULL, &fdm,
486 NULL)) == NULL)
487 return (0);
488
489 /*
490 * We now have a process name for error diagnostics.
491 */
492 if ((str = strrchr(argvname, '/')) != NULL)
493 procname = ++str;
494 else
495 procname = argvname;
496
497 if (ldsoexec) {
498 mmapobj_result_t *mpp = MMAPS(mlmp);
499 uint_t mnum, mapnum = MMAPCNT(mlmp);
500 void *brkbase = NULL;
501
502 /*
503 * Since ld.so.1 was the primary executed object - the
504 * brk() base has not yet been initialized, we need to
505 * initialize it. For an executable, initialize it to
506 * the end of the object. For a shared object (ET_DYN)
507 * initialize it to the first page in memory.
508 */
509 for (mnum = 0; mnum < mapnum; mnum++, mpp++)
510 brkbase = mpp->mr_addr + mpp->mr_msize;
511
512 if (brkbase == NULL)
513 brkbase = (void *)syspagsz;
514
515 if (_brk_unlocked(brkbase) == -1) {
516 int err = errno;
517
518 eprintf(&lml_main, ERR_FATAL,
519 MSG_INTL(MSG_SYS_BRK), argvname,
520 strerror(err));
521 return (0);
522 }
523 }
524 } else {
525 /*
526 * Set up function ptr and arguments according to the type
527 * of file class the executable is. (Currently only supported
528 * types are ELF and a.out format.) Then create a link map
529 * for the executable.
530 */
531 if (aoutdyn) {
532 #ifdef A_OUT
533 mmapobj_result_t *mpp;
534
535 /*
536 * Create a mapping structure sufficient to describe
537 * a single two segments. The ADDR() of the a.out is
538 * established as 0, which is required but the AOUT
539 * relocation code.
540 */
541 if ((mpp =
542 calloc(sizeof (mmapobj_result_t), 2)) == NULL)
543 return (0);
544
545 if ((fdm.fd_nname =
546 stravl_insert(execname, 0, 0, 0)) == NULL)
547 return (0);
548 if ((mlmp = aout_new_lmp(&lml_main, ALIST_OFF_DATA,
549 &fdm, 0, 0, aoutdyn, NULL, NULL)) == NULL)
550 return (0);
551
552 /*
553 * Establish the true mapping information for the a.out.
554 */
555 if (aout_get_mmap(&lml_main, mpp)) {
556 free(mpp);
557 return (0);
558 }
559
560 MSIZE(mlmp) =
561 (size_t)(mpp[1].mr_addr + mpp[1].mr_msize) -
562 S_ALIGN((size_t)mpp[0].mr_addr, syspagsz);
563 MMAPS(mlmp) = mpp;
564 MMAPCNT(mlmp) = 2;
565 PADSTART(mlmp) = (ulong_t)mpp->mr_addr;
566 PADIMLEN(mlmp) = mpp->mr_msize;
567
568 /*
569 * Disable any object configuration cache (BCP apps
570 * bring in sbcp which can benefit from any object
571 * cache, but both the app and sbcp can't use the same
572 * objects).
573 */
574 rtld_flags |= RT_FL_NOOBJALT;
575
576 /*
577 * Make sure no-direct bindings are in effect.
578 */
579 lml_main.lm_tflags |= LML_TFLG_NODIRECT;
580 #else
581 eprintf(&lml_main, ERR_FATAL,
582 MSG_INTL(MSG_ERR_REJ_UNKFILE), argvname);
583 return (0);
584 #endif
585 } else if (phdr) {
586 Phdr *pptr;
587 Off i_offset = 0;
588 Addr base = 0;
589 ulong_t phsize;
590 mmapobj_result_t *mpp, *fmpp, *hmpp = NULL;
591 uint_t mapnum = 0;
592 int i;
593 size_t msize;
594
595 /*
596 * Using the executables phdr address determine the base
597 * address of the input file. NOTE, this assumes the
598 * program headers and elf header are part of the same
599 * mapped segment. Although this has held for many
600 * years now, it might be more flexible if the kernel
601 * gave use the ELF headers start address, rather than
602 * the Program headers.
603 *
604 * Determine from the ELF header if we're been called
605 * from a shared object or dynamic executable. If the
606 * latter, then any addresses within the object are used
607 * as is. Addresses within shared objects must be added
608 * to the process's base address.
609 */
610 ehdr = (Ehdr *)((Addr)phdr - phdr->p_offset);
611 phsize = ehdr->e_phentsize;
612 if (ehdr->e_type == ET_DYN)
613 base = (Addr)ehdr;
614
615 /*
616 * Allocate a mapping array to retain mapped segment
617 * information.
618 */
619 if ((fmpp = mpp = calloc(ehdr->e_phnum,
620 sizeof (mmapobj_result_t))) == NULL)
621 return (0);
622
623 /*
624 * Extract the needed information from the segment
625 * headers.
626 */
627 for (i = 0, pptr = phdr; i < ehdr->e_phnum; i++) {
628 if (pptr->p_type == PT_INTERP) {
629 i_offset = pptr->p_offset;
630 interp->i_faddr =
631 (caddr_t)interp_base;
632 }
633 if ((pptr->p_type == PT_LOAD) &&
634 (pptr->p_filesz || pptr->p_memsz)) {
635 int perm = (PROT_READ | PROT_EXEC);
636 size_t off;
637
638 if (i_offset && pptr->p_filesz &&
639 (i_offset >= pptr->p_offset) &&
640 (i_offset <=
641 (pptr->p_memsz + pptr->p_offset))) {
642 interp->i_name = (char *)
643 pptr->p_vaddr + i_offset -
644 pptr->p_offset + base;
645 i_offset = 0;
646 }
647
648 if (pptr->p_flags & PF_W)
649 perm |= PROT_WRITE;
650
651 /*
652 * Retain segments mapping info. Round
653 * each segment to a page boundary, as
654 * this insures addresses are suitable
655 * for mprotect() if required.
656 */
657 off = pptr->p_vaddr + base;
658 if (hmpp == NULL) {
659 hmpp = mpp;
660 mpp->mr_addr = (caddr_t)ehdr;
661 } else
662 mpp->mr_addr = (caddr_t)off;
663
664 off -= (size_t)(uintptr_t)mpp->mr_addr;
665 mpp->mr_msize = pptr->p_memsz + off;
666 mpp->mr_fsize = pptr->p_filesz + off;
667 mpp->mr_prot = perm;
668
669 mpp++, mapnum++;
670 }
671
672 pptr = (Phdr *)((ulong_t)pptr + phsize);
673 }
674
675 mpp--;
676 msize = (size_t)(mpp->mr_addr + mpp->mr_msize) -
677 S_ALIGN((size_t)fmpp->mr_addr, syspagsz);
678
679 if ((fdm.fd_nname =
680 stravl_insert(execname, 0, 0, 0)) == NULL)
681 return (0);
682 if ((mlmp = elf_new_lmp(&lml_main, ALIST_OFF_DATA,
683 &fdm, (Addr)hmpp->mr_addr, msize,
684 NULL, NULL, NULL)) == NULL)
685 return (0);
686
687 MMAPS(mlmp) = fmpp;
688 MMAPCNT(mlmp) = mapnum;
689 PADSTART(mlmp) = (ulong_t)fmpp->mr_addr;
690 PADIMLEN(mlmp) = (ulong_t)fmpp->mr_addr +
691 (ulong_t)mpp->mr_addr + (ulong_t)mpp->mr_msize;
692 }
693 }
694
695 /*
696 * Establish the interpretors name as that defined within the initial
697 * object (executable). This provides for ORIGIN processing of ld.so.1
698 * dependencies. Note, the NAME() of the object remains that which was
699 * passed to us as the SONAME on execution.
700 */
701 if (ldsoexec == 0) {
702 size_t len = strlen(interp->i_name);
703
704 if (expand(&interp->i_name, &len, 0, 0,
705 (PD_TKN_ISALIST | PD_TKN_CAP), rlmp) & PD_TKN_RESOLVED)
706 fdr.fd_flags |= FLG_FD_RESOLVED;
707 }
708 fdr.fd_pname = interp->i_name;
709 (void) fullpath(rlmp, &fdr);
710
711 /*
712 * The runtime linker acts as a filtee for various dl*() functions that
713 * are defined in libc (and libdl). Make sure this standard name for
714 * the runtime linker is also registered in the FullPathNode AVL tree.
715 */
716 (void) fpavl_insert(&lml_rtld, rlmp, _rtldname, 0);
717
718 /*
719 * Having established the true runtime linkers name, simplify the name
720 * for error diagnostics.
721 */
722 if ((str = strrchr(PATHNAME(rlmp), '/')) != NULL)
723 rtldname = ++str;
724 else
725 rtldname = PATHNAME(rlmp);
726
727 /*
728 * Expand the fullpath name of the application. This typically occurs
729 * as a part of loading an object, but as the kernel probably mapped
730 * it in, complete this processing now.
731 */
732 (void) fullpath(mlmp, 0);
733
734 /*
735 * Some troublesome programs will change the value of argv[0]. Dupping
736 * the process string protects us, and insures the string is left in
737 * any core files.
738 */
739 if ((str = (char *)strdup(procname)) == NULL)
740 return (0);
741 procname = str;
742
743 FLAGS(mlmp) |= (FLG_RT_ISMAIN | FLG_RT_MODESET);
744 FLAGS1(mlmp) |= FL1_RT_USED;
745
746 /*
747 * It's the responsibility of MAIN(crt0) to call it's _init and _fini
748 * section, therefore null out any INIT/FINI so that this object isn't
749 * collected during tsort processing. And, if the application has no
750 * initarray or finiarray we can economize on establishing bindings.
751 */
752 INIT(mlmp) = FINI(mlmp) = NULL;
753 if ((INITARRAY(mlmp) == NULL) && (FINIARRAY(mlmp) == NULL))
754 FLAGS1(mlmp) |= FL1_RT_NOINIFIN;
755
756 /*
757 * Identify lddstub if necessary.
758 */
759 if (lml_main.lm_flags & LML_FLG_TRC_LDDSTUB)
760 FLAGS1(mlmp) |= FL1_RT_LDDSTUB;
761
762 /*
763 * Retain our argument information for use in dlinfo.
764 */
765 argsinfo.dla_argv = argv--;
766 argsinfo.dla_argc = (long)*argv;
767 argsinfo.dla_envp = envp;
768 argsinfo.dla_auxv = auxv;
769
770 (void) enter(0);
771
772 /*
773 * Add our two main link-maps to the dynlm_list
774 */
775 if (aplist_append(&dynlm_list, &lml_main, AL_CNT_DYNLIST) == NULL)
776 return (0);
777
778 if (aplist_append(&dynlm_list, &lml_rtld, AL_CNT_DYNLIST) == NULL)
779 return (0);
780
781 /*
782 * Reset the link-map counts for both lists. The init count is used to
783 * track how many objects have pending init sections, this gets incre-
784 * mented each time an object is relocated. Since ld.so.1 relocates
785 * itself, it's init count will remain zero.
786 * The object count is used to track how many objects have pending fini
787 * sections, as ld.so.1 handles its own fini we can zero its count.
788 */
789 lml_main.lm_obj = 1;
790 lml_rtld.lm_obj = 0;
791
792 /*
793 * Initialize debugger information structure. Some parts of this
794 * structure were initialized statically.
795 */
796 r_debug.rtd_rdebug.r_map = (Link_map *)lml_main.lm_head;
797 r_debug.rtd_rdebug.r_ldsomap = (Link_map *)lml_rtld.lm_head;
798 r_debug.rtd_rdebug.r_ldbase = r_debug.rtd_rdebug.r_ldsomap->l_addr;
799 r_debug.rtd_dynlmlst = &dynlm_list;
800
801 /*
802 * Determine the dev/inode information for the executable to complete
803 * load_so() checking for those who might dlopen(a.out).
804 */
805 if (rtld_stat(PATHNAME(mlmp), &status) == 0) {
806 STDEV(mlmp) = status.st_dev;
807 STINO(mlmp) = status.st_ino;
808 }
809
810 /*
811 * Initialize any configuration information.
812 */
813 if (!(rtld_flags & RT_FL_NOCFG)) {
814 if ((features = elf_config(mlmp, (aoutdyn != 0))) == -1)
815 return (0);
816 }
817
818 #if defined(_ELF64)
819 /*
820 * If this is a 64-bit process, determine whether this process has
821 * restricted the process address space to 32-bits. Any dependencies
822 * that are restricted to a 32-bit address space can only be loaded if
823 * the executable has established this requirement.
824 */
825 if (CAPSET(mlmp).sc_sf_1 & SF1_SUNW_ADDR32)
826 rtld_flags2 |= RT_FL2_ADDR32;
827 #endif
828 /*
829 * Establish any alternative capabilities, and validate this object
830 * if it defines it's own capabilities information.
831 */
832 if (cap_alternative() == 0)
833 return (0);
834
835 if (cap_check_lmp(mlmp, &rej) == 0) {
836 if (lml_main.lm_flags & LML_FLG_TRC_ENABLE) {
837 /* LINTED */
838 (void) printf(MSG_INTL(ldd_warn[rej.rej_type]),
839 NAME(mlmp), rej.rej_str);
840 } else {
841 /* LINTED */
842 eprintf(&lml_main, ERR_FATAL,
843 MSG_INTL(err_reject[rej.rej_type]),
844 NAME(mlmp), rej.rej_str);
845 return (0);
846 }
847 }
848
849 /*
850 * Establish the modes of the initial object. These modes are
851 * propagated to any preloaded objects and explicit shared library
852 * dependencies.
853 *
854 * If we're generating a configuration file using crle(1), remove
855 * any RTLD_NOW use, as we don't want to trigger any relocation proc-
856 * essing during crle(1)'s first past (this would just be unnecessary
857 * overhead). Any filters are explicitly loaded, and thus RTLD_NOW is
858 * not required to trigger filter loading.
859 *
860 * Note, RTLD_NOW may have been established during analysis of the
861 * application had the application been built -z now.
862 */
863 MODE(mlmp) |= (RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD);
864
865 if (rtld_flags & RT_FL_CONFGEN) {
866 MODE(mlmp) |= RTLD_CONFGEN;
867 MODE(mlmp) &= ~RTLD_NOW;
868 rtld_flags2 &= ~RT_FL2_BINDNOW;
869 }
870
871 if ((MODE(mlmp) & RTLD_NOW) == 0) {
872 if (rtld_flags2 & RT_FL2_BINDNOW)
873 MODE(mlmp) |= RTLD_NOW;
874 else
875 MODE(mlmp) |= RTLD_LAZY;
876 }
877
878 /*
879 * If debugging was requested initialize things now that any cache has
880 * been established. A user can specify LD_DEBUG=help to discover the
881 * list of debugging tokens available without running the application.
882 * However, don't allow this setting from a configuration file.
883 *
884 * Note, to prevent recursion issues caused by loading and binding the
885 * debugging libraries themselves, a local debugging descriptor is
886 * initialized. Once the debugging setup has completed, this local
887 * descriptor is copied to the global descriptor which effectively
888 * enables diagnostic output.
889 *
890 * Ignore any debugging request if we're being monitored by a process
891 * that expects the old getpid() initialization handshake.
892 */
893 if ((rpl_debug || prm_debug) && ((rtld_flags & RT_FL_DEBUGGER) == 0)) {
894 Dbg_desc _dbg_desc = {0};
895 struct timeval total = DBG_TOTALTIME;
896 struct timeval delta = DBG_DELTATIME;
897
898 if (rpl_debug) {
899 if (dbg_setup(rpl_debug, &_dbg_desc) == 0)
900 return (0);
901 if (_dbg_desc.d_extra & DBG_E_HELP_EXIT)
902 rtldexit(&lml_main, 0);
903 }
904 if (prm_debug)
905 (void) dbg_setup(prm_debug, &_dbg_desc);
906
907 *dbg_desc = _dbg_desc;
908 DBG_TOTALTIME = total;
909 DBG_DELTATIME = delta;
910 }
911
912 /*
913 * Now that debugging is enabled generate any diagnostics from any
914 * previous events.
915 */
916 if (DBG_ENABLED) {
917 DBG_CALL(Dbg_cap_val(&lml_main, org_scapset, alt_scapset,
918 M_MACH));
919 DBG_CALL(Dbg_file_config_dis(&lml_main, config->c_name,
920 features));
921
922 DBG_CALL(Dbg_file_ldso(rlmp, envp, auxv,
923 LIST(rlmp)->lm_lmidstr, ALIST_OFF_DATA));
924
925 if (THIS_IS_ELF(mlmp)) {
926 DBG_CALL(Dbg_file_elf(&lml_main, PATHNAME(mlmp),
927 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr,
928 ALIST_OFF_DATA));
929 } else {
930 DBG_CALL(Dbg_file_aout(&lml_main, PATHNAME(mlmp),
931 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr,
932 ALIST_OFF_DATA));
933 }
934 }
935
936 /*
937 * Enable auditing.
938 */
939 if (rpl_audit || prm_audit || profile_lib) {
940 int ndx;
941 const char *aud[3];
942
943 aud[0] = rpl_audit;
944 aud[1] = prm_audit;
945 aud[2] = profile_lib;
946
947 /*
948 * Any global auditing (set using LD_AUDIT or LD_PROFILE) that
949 * can't be established is non-fatal.
950 */
951 if ((auditors = calloc(1, sizeof (Audit_desc))) == NULL)
952 return (0);
953
954 for (ndx = 0; ndx < 3; ndx++) {
955 if (aud[ndx]) {
956 if ((auditors->ad_name =
957 strdup(aud[ndx])) == NULL)
958 return (0);
959 rtld_flags2 |= RT_FL2_FTL2WARN;
960 (void) audit_setup(mlmp, auditors,
961 PD_FLG_EXTLOAD, NULL);
962 rtld_flags2 &= ~RT_FL2_FTL2WARN;
963 }
964 }
965 lml_main.lm_tflags |= auditors->ad_flags;
966 }
967 if (AUDITORS(mlmp)) {
968 /*
969 * Any object required auditing (set with a DT_DEPAUDIT dynamic
970 * entry) that can't be established is fatal.
971 */
972 if (FLAGS1(mlmp) & FL1_RT_GLOBAUD) {
973 /*
974 * If this object requires global auditing, use the
975 * local auditing information to set the global
976 * auditing descriptor. The effect is that a
977 * DT_DEPAUDIT act as an LD_AUDIT.
978 */
979 if ((auditors == NULL) && ((auditors = calloc(1,
980 sizeof (Audit_desc))) == NULL))
981 return (0);
982
983 auditors->ad_name = AUDITORS(mlmp)->ad_name;
984 if (audit_setup(mlmp, auditors, 0, NULL) == 0)
985 return (0);
986 lml_main.lm_tflags |= auditors->ad_flags;
987
988 /*
989 * Clear the local auditor information.
990 */
991 free((void *) AUDITORS(mlmp));
992 AUDITORS(mlmp) = NULL;
993
994 } else {
995 /*
996 * Establish any local auditing.
997 */
998 if (audit_setup(mlmp, AUDITORS(mlmp), 0, NULL) == 0)
999 return (0);
1000
1001 AFLAGS(mlmp) |= AUDITORS(mlmp)->ad_flags;
1002 lml_main.lm_flags |= LML_FLG_LOCAUDIT;
1003 }
1004 }
1005
1006 /*
1007 * Explicitly add the initial object and ld.so.1 to those objects being
1008 * audited. Note, although the ld.so.1 link-map isn't auditable,
1009 * establish a cookie for ld.so.1 as this may be bound to via the
1010 * dl*() family.
1011 */
1012 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_MASK) {
1013 if (((audit_objopen(mlmp, mlmp) == 0) ||
1014 (audit_objopen(mlmp, rlmp) == 0)) &&
1015 (AFLAGS(mlmp) & LML_TFLG_AUD_MASK))
1016 return (0);
1017 }
1018
1019 /*
1020 * Map in any preloadable shared objects. Establish the caller as the
1021 * head of the main link-map list. In the case of being exercised from
1022 * lddstub, the caller gets reassigned to the first target shared object
1023 * so as to provide intuitive diagnostics from ldd().
1024 *
1025 * Note, it is valid to preload a 4.x shared object with a 5.0
1026 * executable (or visa-versa), as this functionality is required by
1027 * ldd(1).
1028 */
1029 clmp = mlmp;
1030 if (rpl_preload && (preload(rpl_preload, mlmp, &clmp) == 0))
1031 return (0);
1032 if (prm_preload && (preload(prm_preload, mlmp, &clmp) == 0))
1033 return (0);
1034
1035 /*
1036 * Load all dependent (needed) objects.
1037 */
1038 if (analyze_lmc(&lml_main, ALIST_OFF_DATA, mlmp, mlmp, NULL) == NULL)
1039 return (0);
1040
1041 /*
1042 * Relocate all the dependencies we've just added.
1043 *
1044 * If this process has been established via crle(1), the environment
1045 * variable LD_CONFGEN will have been set. crle(1) may create this
1046 * process twice. The first time crle only needs to gather dependency
1047 * information. The second time, is to dldump() the images.
1048 *
1049 * If we're only gathering dependencies, relocation is unnecessary.
1050 * As crle(1) may be building an arbitrary family of objects, they may
1051 * not fully relocate either. Hence the relocation phase is not carried
1052 * out now, but will be called by crle(1) once all objects have been
1053 * loaded.
1054 */
1055 if ((rtld_flags & RT_FL_CONFGEN) == 0) {
1056
1057 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD));
1058
1059 if (relocate_lmc(&lml_main, ALIST_OFF_DATA, mlmp,
1060 mlmp, NULL) == 0)
1061 return (0);
1062
1063 /*
1064 * Inform the debuggers that basic process initialization is
1065 * complete, and that the state of ld.so.1 (link-map lists,
1066 * etc.) is stable. This handshake enables the debugger to
1067 * initialize themselves, and consequently allows the user to
1068 * set break points in .init code.
1069 *
1070 * Most new debuggers use librtld_db to monitor activity events.
1071 * Older debuggers indicated their presence by setting the
1072 * DT_DEBUG entry in the dynamic executable (see elf_new_lm()).
1073 * In this case, getpid() is called so that the debugger can
1074 * catch the system call. This old mechanism has some
1075 * restrictions, as getpid() should not be called prior to
1076 * basic process initialization being completed. This
1077 * restriction has become increasingly difficult to maintain,
1078 * as the use of auditors, LD_DEBUG, and the initialization
1079 * handshake with libc can result in "premature" getpid()
1080 * calls. The use of this getpid() handshake is expected to
1081 * disappear at some point in the future, and there is intent
1082 * to work towards that goal.
1083 */
1084 rd_event(&lml_main, RD_DLACTIVITY, RT_CONSISTENT);
1085 rd_event(&lml_rtld, RD_DLACTIVITY, RT_CONSISTENT);
1086
1087 if (rtld_flags & RT_FL_DEBUGGER) {
1088 r_debug.rtd_rdebug.r_flags |= RD_FL_ODBG;
1089 (void) getpid();
1090 }
1091 }
1092
1093 /*
1094 * Indicate preinit activity, and call any auditing routines. These
1095 * routines are called before initializing any threads via libc, or
1096 * before collecting the complete set of .inits on the primary link-map.
1097 * Although most libc interfaces are encapsulated in local routines
1098 * within libc, they have been known to escape (ie. call a .plt). As
1099 * the appcert auditor uses preinit as a trigger to establish some
1100 * external interfaces to the main link-maps libc, we need to activate
1101 * this trigger before exercising any code within libc. Additionally,
1102 * I wouldn't put it past an auditor to add additional objects to the
1103 * primary link-map. Hence, we collect .inits after the audit call.
1104 */
1105 rd_event(&lml_main, RD_PREINIT, 0);
1106
1107 if (aud_activity ||
1108 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_ACTIVITY))
1109 audit_activity(mlmp, LA_ACT_CONSISTENT);
1110 if (aud_preinit ||
1111 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_PREINIT))
1112 audit_preinit(mlmp);
1113
1114 /*
1115 * If we're creating initial configuration information, we're done
1116 * now that the auditing step has been called.
1117 */
1118 if (rtld_flags & RT_FL_CONFGEN) {
1119 leave(LIST(mlmp), 0);
1120 return (mlmp);
1121 }
1122
1123 /*
1124 * Sort the .init sections of all objects we've added. If we're
1125 * tracing we only need to execute this under ldd(1) with the -i or -u
1126 * options.
1127 */
1128 lmflags = lml_main.lm_flags;
1129 if (((lmflags & LML_FLG_TRC_ENABLE) == 0) ||
1130 (lmflags & (LML_FLG_TRC_INIT | LML_FLG_TRC_UNREF))) {
1131 if ((tobj = tsort(mlmp, LIST(mlmp)->lm_init,
1132 RT_SORT_REV)) == (Rt_map **)S_ERROR)
1133 return (0);
1134 }
1135
1136 /*
1137 * If we are tracing we're done. This is the one legitimate use of a
1138 * direct call to rtldexit() rather than return, as we don't want to
1139 * return and jump to the application.
1140 */
1141 if (lmflags & LML_FLG_TRC_ENABLE) {
1142 unused(&lml_main);
1143 rtldexit(&lml_main, 0);
1144 }
1145
1146 /*
1147 * Check if this instance of the linker should have a primary link
1148 * map. This flag allows multiple copies of the -same- -version-
1149 * of the linker (and libc) to run in the same address space.
1150 *
1151 * Without this flag we only support one copy of the linker in a
1152 * process because by default the linker will always try to
1153 * initialize at one primary link map The copy of libc which is
1154 * initialized on a primary link map will initialize global TLS
1155 * data which can be shared with other copies of libc in the
1156 * process. The problem is that if there is more than one copy
1157 * of the linker, only one copy should link libc onto a primary
1158 * link map, otherwise libc will attempt to re-initialize global
1159 * TLS data. So when a copy of the linker is loaded with this
1160 * flag set, it will not initialize any primary link maps since
1161 * presumably another copy of the linker will do this.
1162 *
1163 * Note that this flag only allows multiple copies of the -same-
1164 * -version- of the linker (and libc) to coexist. This approach
1165 * will not work if we are trying to load different versions of
1166 * the linker and libc into the same process. The reason for
1167 * this is that the format of the global TLS data may not be
1168 * the same for different versions of libc. In this case each
1169 * different version of libc must have it's own primary link map
1170 * and be able to maintain it's own TLS data. The only way this
1171 * can be done is by carefully managing TLS pointers on transitions
1172 * between code associated with each of the different linkers.
1173 * Note that this is actually what is done for processes in lx
1174 * branded zones. Although in the lx branded zone case, the
1175 * other linker and libc are actually gld and glibc. But the
1176 * same general TLS management mechanism used by the lx brand
1177 * would apply to any attempts to run multiple versions of the
1178 * solaris linker and libc in a single process.
1179 */
1180 if (auxflags & AF_SUN_NOPLM)
1181 rtld_flags2 |= RT_FL2_NOPLM;
1182
1183 /*
1184 * Establish any static TLS for this primary link-map. Note, regardless
1185 * of whether TLS is available, an initial handshake occurs with libc to
1186 * indicate we're processing the primary link-map. Having identified
1187 * the primary link-map, initialize threads.
1188 */
1189 if (rt_get_extern(&lml_main, mlmp) == 0)
1190 return (0);
1191
1192 if ((rtld_flags2 & RT_FL2_NOPLM) == 0) {
1193 if (tls_statmod(&lml_main, mlmp) == 0)
1194 return (0);
1195 rt_thr_init(&lml_main);
1196 rtld_flags2 |= RT_FL2_PLMSETUP;
1197 } else {
1198 rt_thr_init(&lml_main);
1199 }
1200
1201 /*
1202 * Fire all dependencies .init sections. Identify any unused
1203 * dependencies, and leave the runtime linker - effectively calling
1204 * the dynamic executables entry point.
1205 */
1206 call_array(PREINITARRAY(mlmp), (uint_t)PREINITARRAYSZ(mlmp), mlmp,
1207 SHT_PREINIT_ARRAY);
1208
1209 if (tobj)
1210 call_init(tobj, DBG_INIT_SORT);
1211
1212 rd_event(&lml_main, RD_POSTINIT, 0);
1213
1214 unused(&lml_main);
1215
1216 DBG_CALL(Dbg_util_call_main(mlmp));
1217
1218 rtld_flags |= (RT_FL_OPERATION | RT_FL_APPLIC);
1219
1220 leave(LIST(mlmp), 0);
1221
1222 return (mlmp);
1223 }
Community developed and maintained version of the OS/Net consolidation