2 * Copyright 1996, 1997, 1998, 1999, 2000 John D. Polstra.
3 * Copyright 2003 Alexander Kabaev <kan@FreeBSD.ORG>.
4 * Copyright 2009-2012 Konstantin Belousov <kib@FreeBSD.ORG>.
5 * Copyright 2012 John Marino <draco@marino.st>.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 * Dynamic linker for ELF.
34 * John Polstra <jdp@polstra.com>.
38 #error "GCC is needed to compile this file"
41 #include <sys/param.h>
42 #include <sys/mount.h>
45 #include <sys/sysctl.h>
47 #include <sys/utsname.h>
48 #include <sys/ktrace.h>
64 #include "rtld_printf.h"
68 #define PATH_RTLD "/libexec/ld-elf.so.1"
70 #define PATH_RTLD "/libexec/ld-elf32.so.1"
74 typedef void (*func_ptr_type)();
75 typedef void * (*path_enum_proc) (const char *path, size_t len, void *arg);
78 * Function declarations.
80 static const char *basename(const char *);
81 static void die(void) __dead2;
82 static void digest_dynamic1(Obj_Entry *, int, const Elf_Dyn **,
83 const Elf_Dyn **, const Elf_Dyn **);
84 static void digest_dynamic2(Obj_Entry *, const Elf_Dyn *, const Elf_Dyn *,
86 static void digest_dynamic(Obj_Entry *, int);
87 static Obj_Entry *digest_phdr(const Elf_Phdr *, int, caddr_t, const char *);
88 static Obj_Entry *dlcheck(void *);
89 static Obj_Entry *dlopen_object(const char *name, int fd, Obj_Entry *refobj,
90 int lo_flags, int mode, RtldLockState *lockstate);
91 static Obj_Entry *do_load_object(int, const char *, char *, struct stat *, int);
92 static int do_search_info(const Obj_Entry *obj, int, struct dl_serinfo *);
93 static bool donelist_check(DoneList *, const Obj_Entry *);
94 static void errmsg_restore(char *);
95 static char *errmsg_save(void);
96 static void *fill_search_info(const char *, size_t, void *);
97 static char *find_library(const char *, const Obj_Entry *);
98 static const char *gethints(bool);
99 static void init_dag(Obj_Entry *);
100 static void init_rtld(caddr_t, Elf_Auxinfo **);
101 static void initlist_add_neededs(Needed_Entry *, Objlist *);
102 static void initlist_add_objects(Obj_Entry *, Obj_Entry **, Objlist *);
103 static void linkmap_add(Obj_Entry *);
104 static void linkmap_delete(Obj_Entry *);
105 static void load_filtees(Obj_Entry *, int flags, RtldLockState *);
106 static void unload_filtees(Obj_Entry *);
107 static int load_needed_objects(Obj_Entry *, int);
108 static int load_preload_objects(void);
109 static Obj_Entry *load_object(const char *, int fd, const Obj_Entry *, int);
110 static void map_stacks_exec(RtldLockState *);
111 static Obj_Entry *obj_from_addr(const void *);
112 static void objlist_call_fini(Objlist *, Obj_Entry *, RtldLockState *);
113 static void objlist_call_init(Objlist *, RtldLockState *);
114 static void objlist_clear(Objlist *);
115 static Objlist_Entry *objlist_find(Objlist *, const Obj_Entry *);
116 static void objlist_init(Objlist *);
117 static void objlist_push_head(Objlist *, Obj_Entry *);
118 static void objlist_push_tail(Objlist *, Obj_Entry *);
119 static void objlist_put_after(Objlist *, Obj_Entry *, Obj_Entry *);
120 static void objlist_remove(Objlist *, Obj_Entry *);
121 static void *path_enumerate(const char *, path_enum_proc, void *);
122 static int relocate_object_dag(Obj_Entry *root, bool bind_now,
123 Obj_Entry *rtldobj, int flags, RtldLockState *lockstate);
124 static int relocate_object(Obj_Entry *obj, bool bind_now, Obj_Entry *rtldobj,
125 int flags, RtldLockState *lockstate);
126 static int relocate_objects(Obj_Entry *, bool, Obj_Entry *, int,
128 static int resolve_objects_ifunc(Obj_Entry *first, bool bind_now,
129 int flags, RtldLockState *lockstate);
130 static int rtld_dirname(const char *, char *);
131 static int rtld_dirname_abs(const char *, char *);
132 static void *rtld_dlopen(const char *name, int fd, int mode);
133 static void rtld_exit(void);
134 static char *search_library_path(const char *, const char *);
135 static const void **get_program_var_addr(const char *, RtldLockState *);
136 static void set_program_var(const char *, const void *);
137 static int symlook_default(SymLook *, const Obj_Entry *refobj);
138 static int symlook_global(SymLook *, DoneList *);
139 static void symlook_init_from_req(SymLook *, const SymLook *);
140 static int symlook_list(SymLook *, const Objlist *, DoneList *);
141 static int symlook_needed(SymLook *, const Needed_Entry *, DoneList *);
142 static int symlook_obj1_sysv(SymLook *, const Obj_Entry *);
143 static int symlook_obj1_gnu(SymLook *, const Obj_Entry *);
144 static void trace_loaded_objects(Obj_Entry *);
145 static void unlink_object(Obj_Entry *);
146 static void unload_object(Obj_Entry *);
147 static void unref_dag(Obj_Entry *);
148 static void ref_dag(Obj_Entry *);
149 static char *origin_subst_one(char *, const char *, const char *, bool);
150 static char *origin_subst(char *, const char *);
151 static void preinit_main(void);
152 static int rtld_verify_versions(const Objlist *);
153 static int rtld_verify_object_versions(Obj_Entry *);
154 static void object_add_name(Obj_Entry *, const char *);
155 static int object_match_name(const Obj_Entry *, const char *);
156 static void ld_utrace_log(int, void *, void *, size_t, int, const char *);
157 static void rtld_fill_dl_phdr_info(const Obj_Entry *obj,
158 struct dl_phdr_info *phdr_info);
159 static uint32_t gnu_hash(const char *);
160 static bool matched_symbol(SymLook *, const Obj_Entry *, Sym_Match_Result *,
161 const unsigned long);
163 void r_debug_state(struct r_debug *, struct link_map *) __noinline;
168 static char *error_message; /* Message for dlerror(), or NULL */
169 struct r_debug r_debug; /* for GDB; */
170 static bool libmap_disable; /* Disable libmap */
171 static bool ld_loadfltr; /* Immediate filters processing */
172 static char *libmap_override; /* Maps to use in addition to libmap.conf */
173 static bool trust; /* False for setuid and setgid programs */
174 static bool dangerous_ld_env; /* True if environment variables have been
175 used to affect the libraries loaded */
176 static char *ld_bind_now; /* Environment variable for immediate binding */
177 static char *ld_debug; /* Environment variable for debugging */
178 static char *ld_library_path; /* Environment variable for search path */
179 static char *ld_preload; /* Environment variable for libraries to
181 static char *ld_elf_hints_path; /* Environment variable for alternative hints path */
182 static char *ld_tracing; /* Called from ldd to print libs */
183 static char *ld_utrace; /* Use utrace() to log events. */
184 static Obj_Entry *obj_list; /* Head of linked list of shared objects */
185 static Obj_Entry **obj_tail; /* Link field of last object in list */
186 static Obj_Entry *obj_main; /* The main program shared object */
187 static Obj_Entry obj_rtld; /* The dynamic linker shared object */
188 static unsigned int obj_count; /* Number of objects in obj_list */
189 static unsigned int obj_loads; /* Number of objects in obj_list */
191 static Objlist list_global = /* Objects dlopened with RTLD_GLOBAL */
192 STAILQ_HEAD_INITIALIZER(list_global);
193 static Objlist list_main = /* Objects loaded at program startup */
194 STAILQ_HEAD_INITIALIZER(list_main);
195 static Objlist list_fini = /* Objects needing fini() calls */
196 STAILQ_HEAD_INITIALIZER(list_fini);
198 Elf_Sym sym_zero; /* For resolving undefined weak refs. */
200 #define GDB_STATE(s,m) r_debug.r_state = s; r_debug_state(&r_debug,m);
202 extern Elf_Dyn _DYNAMIC;
203 #pragma weak _DYNAMIC
204 #ifndef RTLD_IS_DYNAMIC
205 #define RTLD_IS_DYNAMIC() (&_DYNAMIC != NULL)
208 int osreldate, pagesize;
210 long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
212 static int stack_prot = PROT_READ | PROT_WRITE | RTLD_DEFAULT_STACK_EXEC;
213 static int max_stack_flags;
216 * Global declarations normally provided by crt1. The dynamic linker is
217 * not built with crt1, so we have to provide them ourselves.
223 * Used to pass argc, argv to init functions.
229 * Globals to control TLS allocation.
231 size_t tls_last_offset; /* Static TLS offset of last module */
232 size_t tls_last_size; /* Static TLS size of last module */
233 size_t tls_static_space; /* Static TLS space allocated */
234 int tls_dtv_generation = 1; /* Used to detect when dtv size changes */
235 int tls_max_index = 1; /* Largest module index allocated */
237 bool ld_library_path_rpath = false;
240 * Fill in a DoneList with an allocation large enough to hold all of
241 * the currently-loaded objects. Keep this as a macro since it calls
242 * alloca and we want that to occur within the scope of the caller.
244 #define donelist_init(dlp) \
245 ((dlp)->objs = alloca(obj_count * sizeof (dlp)->objs[0]), \
246 assert((dlp)->objs != NULL), \
247 (dlp)->num_alloc = obj_count, \
250 #define UTRACE_DLOPEN_START 1
251 #define UTRACE_DLOPEN_STOP 2
252 #define UTRACE_DLCLOSE_START 3
253 #define UTRACE_DLCLOSE_STOP 4
254 #define UTRACE_LOAD_OBJECT 5
255 #define UTRACE_UNLOAD_OBJECT 6
256 #define UTRACE_ADD_RUNDEP 7
257 #define UTRACE_PRELOAD_FINISHED 8
258 #define UTRACE_INIT_CALL 9
259 #define UTRACE_FINI_CALL 10
262 char sig[4]; /* 'RTLD' */
265 void *mapbase; /* Used for 'parent' and 'init/fini' */
267 int refcnt; /* Used for 'mode' */
268 char name[MAXPATHLEN];
271 #define LD_UTRACE(e, h, mb, ms, r, n) do { \
272 if (ld_utrace != NULL) \
273 ld_utrace_log(e, h, mb, ms, r, n); \
277 ld_utrace_log(int event, void *handle, void *mapbase, size_t mapsize,
278 int refcnt, const char *name)
280 struct utrace_rtld ut;
288 ut.mapbase = mapbase;
289 ut.mapsize = mapsize;
291 bzero(ut.name, sizeof(ut.name));
293 strlcpy(ut.name, name, sizeof(ut.name));
294 utrace(&ut, sizeof(ut));
298 * Main entry point for dynamic linking. The first argument is the
299 * stack pointer. The stack is expected to be laid out as described
300 * in the SVR4 ABI specification, Intel 386 Processor Supplement.
301 * Specifically, the stack pointer points to a word containing
302 * ARGC. Following that in the stack is a null-terminated sequence
303 * of pointers to argument strings. Then comes a null-terminated
304 * sequence of pointers to environment strings. Finally, there is a
305 * sequence of "auxiliary vector" entries.
307 * The second argument points to a place to store the dynamic linker's
308 * exit procedure pointer and the third to a place to store the main
311 * The return value is the main program's entry point.
314 _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp)
316 Elf_Auxinfo *aux_info[AT_COUNT];
324 Objlist_Entry *entry;
326 Obj_Entry **preload_tail;
327 Obj_Entry *last_interposer;
329 RtldLockState lockstate;
330 char *library_path_rpath;
335 * On entry, the dynamic linker itself has not been relocated yet.
336 * Be very careful not to reference any global data until after
337 * init_rtld has returned. It is OK to reference file-scope statics
338 * and string constants, and to call static and global functions.
341 /* Find the auxiliary vector on the stack. */
344 sp += argc + 1; /* Skip over arguments and NULL terminator */
346 while (*sp++ != 0) /* Skip over environment, and NULL terminator */
348 aux = (Elf_Auxinfo *) sp;
350 /* Digest the auxiliary vector. */
351 for (i = 0; i < AT_COUNT; i++)
353 for (auxp = aux; auxp->a_type != AT_NULL; auxp++) {
354 if (auxp->a_type < AT_COUNT)
355 aux_info[auxp->a_type] = auxp;
358 /* Initialize and relocate ourselves. */
359 assert(aux_info[AT_BASE] != NULL);
360 init_rtld((caddr_t) aux_info[AT_BASE]->a_un.a_ptr, aux_info);
362 __progname = obj_rtld.path;
363 argv0 = argv[0] != NULL ? argv[0] : "(null)";
368 if (aux_info[AT_CANARY] != NULL &&
369 aux_info[AT_CANARY]->a_un.a_ptr != NULL) {
370 i = aux_info[AT_CANARYLEN]->a_un.a_val;
371 if (i > sizeof(__stack_chk_guard))
372 i = sizeof(__stack_chk_guard);
373 memcpy(__stack_chk_guard, aux_info[AT_CANARY]->a_un.a_ptr, i);
378 len = sizeof(__stack_chk_guard);
379 if (sysctl(mib, 2, __stack_chk_guard, &len, NULL, 0) == -1 ||
380 len != sizeof(__stack_chk_guard)) {
381 /* If sysctl was unsuccessful, use the "terminator canary". */
382 ((unsigned char *)(void *)__stack_chk_guard)[0] = 0;
383 ((unsigned char *)(void *)__stack_chk_guard)[1] = 0;
384 ((unsigned char *)(void *)__stack_chk_guard)[2] = '\n';
385 ((unsigned char *)(void *)__stack_chk_guard)[3] = 255;
389 trust = !issetugid();
391 ld_bind_now = getenv(LD_ "BIND_NOW");
393 * If the process is tainted, then we un-set the dangerous environment
394 * variables. The process will be marked as tainted until setuid(2)
395 * is called. If any child process calls setuid(2) we do not want any
396 * future processes to honor the potentially un-safe variables.
399 if (unsetenv(LD_ "PRELOAD") || unsetenv(LD_ "LIBMAP") ||
400 unsetenv(LD_ "LIBRARY_PATH") || unsetenv(LD_ "LIBMAP_DISABLE") ||
401 unsetenv(LD_ "DEBUG") || unsetenv(LD_ "ELF_HINTS_PATH") ||
402 unsetenv(LD_ "LOADFLTR") || unsetenv(LD_ "LIBRARY_PATH_RPATH")) {
403 _rtld_error("environment corrupt; aborting");
407 ld_debug = getenv(LD_ "DEBUG");
408 libmap_disable = getenv(LD_ "LIBMAP_DISABLE") != NULL;
409 libmap_override = getenv(LD_ "LIBMAP");
410 ld_library_path = getenv(LD_ "LIBRARY_PATH");
411 ld_preload = getenv(LD_ "PRELOAD");
412 ld_elf_hints_path = getenv(LD_ "ELF_HINTS_PATH");
413 ld_loadfltr = getenv(LD_ "LOADFLTR") != NULL;
414 library_path_rpath = getenv(LD_ "LIBRARY_PATH_RPATH");
415 if (library_path_rpath != NULL) {
416 if (library_path_rpath[0] == 'y' ||
417 library_path_rpath[0] == 'Y' ||
418 library_path_rpath[0] == '1')
419 ld_library_path_rpath = true;
421 ld_library_path_rpath = false;
423 dangerous_ld_env = libmap_disable || (libmap_override != NULL) ||
424 (ld_library_path != NULL) || (ld_preload != NULL) ||
425 (ld_elf_hints_path != NULL) || ld_loadfltr;
426 ld_tracing = getenv(LD_ "TRACE_LOADED_OBJECTS");
427 ld_utrace = getenv(LD_ "UTRACE");
429 if ((ld_elf_hints_path == NULL) || strlen(ld_elf_hints_path) == 0)
430 ld_elf_hints_path = _PATH_ELF_HINTS;
432 if (ld_debug != NULL && *ld_debug != '\0')
434 dbg("%s is initialized, base address = %p", __progname,
435 (caddr_t) aux_info[AT_BASE]->a_un.a_ptr);
436 dbg("RTLD dynamic = %p", obj_rtld.dynamic);
437 dbg("RTLD pltgot = %p", obj_rtld.pltgot);
439 dbg("initializing thread locks");
443 * Load the main program, or process its program header if it is
446 if (aux_info[AT_EXECFD] != NULL) { /* Load the main program. */
447 int fd = aux_info[AT_EXECFD]->a_un.a_val;
448 dbg("loading main program");
449 obj_main = map_object(fd, argv0, NULL);
451 if (obj_main == NULL)
453 max_stack_flags = obj->stack_flags;
454 } else { /* Main program already loaded. */
455 const Elf_Phdr *phdr;
459 dbg("processing main program's program header");
460 assert(aux_info[AT_PHDR] != NULL);
461 phdr = (const Elf_Phdr *) aux_info[AT_PHDR]->a_un.a_ptr;
462 assert(aux_info[AT_PHNUM] != NULL);
463 phnum = aux_info[AT_PHNUM]->a_un.a_val;
464 assert(aux_info[AT_PHENT] != NULL);
465 assert(aux_info[AT_PHENT]->a_un.a_val == sizeof(Elf_Phdr));
466 assert(aux_info[AT_ENTRY] != NULL);
467 entry = (caddr_t) aux_info[AT_ENTRY]->a_un.a_ptr;
468 if ((obj_main = digest_phdr(phdr, phnum, entry, argv0)) == NULL)
472 if (aux_info[AT_EXECPATH] != 0) {
474 char buf[MAXPATHLEN];
476 kexecpath = aux_info[AT_EXECPATH]->a_un.a_ptr;
477 dbg("AT_EXECPATH %p %s", kexecpath, kexecpath);
478 if (kexecpath[0] == '/')
479 obj_main->path = kexecpath;
480 else if (getcwd(buf, sizeof(buf)) == NULL ||
481 strlcat(buf, "/", sizeof(buf)) >= sizeof(buf) ||
482 strlcat(buf, kexecpath, sizeof(buf)) >= sizeof(buf))
483 obj_main->path = xstrdup(argv0);
485 obj_main->path = xstrdup(buf);
487 dbg("No AT_EXECPATH");
488 obj_main->path = xstrdup(argv0);
490 dbg("obj_main path %s", obj_main->path);
491 obj_main->mainprog = true;
493 if (aux_info[AT_STACKPROT] != NULL &&
494 aux_info[AT_STACKPROT]->a_un.a_val != 0)
495 stack_prot = aux_info[AT_STACKPROT]->a_un.a_val;
498 * Get the actual dynamic linker pathname from the executable if
499 * possible. (It should always be possible.) That ensures that
500 * gdb will find the right dynamic linker even if a non-standard
503 if (obj_main->interp != NULL &&
504 strcmp(obj_main->interp, obj_rtld.path) != 0) {
506 obj_rtld.path = xstrdup(obj_main->interp);
507 __progname = obj_rtld.path;
510 digest_dynamic(obj_main, 0);
511 dbg("%s valid_hash_sysv %d valid_hash_gnu %d dynsymcount %d",
512 obj_main->path, obj_main->valid_hash_sysv, obj_main->valid_hash_gnu,
513 obj_main->dynsymcount);
515 linkmap_add(obj_main);
516 linkmap_add(&obj_rtld);
518 /* Link the main program into the list of objects. */
519 *obj_tail = obj_main;
520 obj_tail = &obj_main->next;
524 /* Initialize a fake symbol for resolving undefined weak references. */
525 sym_zero.st_info = ELF_ST_INFO(STB_GLOBAL, STT_NOTYPE);
526 sym_zero.st_shndx = SHN_UNDEF;
527 sym_zero.st_value = -(uintptr_t)obj_main->relocbase;
530 libmap_disable = (bool)lm_init(libmap_override);
532 dbg("loading LD_PRELOAD libraries");
533 if (load_preload_objects() == -1)
535 preload_tail = obj_tail;
537 dbg("loading needed objects");
538 if (load_needed_objects(obj_main, 0) == -1)
541 /* Make a list of all objects loaded at startup. */
542 last_interposer = obj_main;
543 for (obj = obj_list; obj != NULL; obj = obj->next) {
544 if (obj->z_interpose && obj != obj_main) {
545 objlist_put_after(&list_main, last_interposer, obj);
546 last_interposer = obj;
548 objlist_push_tail(&list_main, obj);
553 dbg("checking for required versions");
554 if (rtld_verify_versions(&list_main) == -1 && !ld_tracing)
557 if (ld_tracing) { /* We're done */
558 trace_loaded_objects(obj_main);
562 if (getenv(LD_ "DUMP_REL_PRE") != NULL) {
563 dump_relocations(obj_main);
568 * Processing tls relocations requires having the tls offsets
569 * initialized. Prepare offsets before starting initial
570 * relocation processing.
572 dbg("initializing initial thread local storage offsets");
573 STAILQ_FOREACH(entry, &list_main, link) {
575 * Allocate all the initial objects out of the static TLS
576 * block even if they didn't ask for it.
578 allocate_tls_offset(entry->obj);
581 if (relocate_objects(obj_main,
582 ld_bind_now != NULL && *ld_bind_now != '\0',
583 &obj_rtld, SYMLOOK_EARLY, NULL) == -1)
586 dbg("doing copy relocations");
587 if (do_copy_relocations(obj_main) == -1)
590 if (getenv(LD_ "DUMP_REL_POST") != NULL) {
591 dump_relocations(obj_main);
596 * Setup TLS for main thread. This must be done after the
597 * relocations are processed, since tls initialization section
598 * might be the subject for relocations.
600 dbg("initializing initial thread local storage");
601 allocate_initial_tls(obj_list);
603 dbg("initializing key program variables");
604 set_program_var("__progname", argv[0] != NULL ? basename(argv[0]) : "");
605 set_program_var("environ", env);
606 set_program_var("__elf_aux_vector", aux);
608 /* Make a list of init functions to call. */
609 objlist_init(&initlist);
610 initlist_add_objects(obj_list, preload_tail, &initlist);
612 r_debug_state(NULL, &obj_main->linkmap); /* say hello to gdb! */
614 map_stacks_exec(NULL);
616 dbg("resolving ifuncs");
617 if (resolve_objects_ifunc(obj_main,
618 ld_bind_now != NULL && *ld_bind_now != '\0', SYMLOOK_EARLY,
622 if (!obj_main->crt_no_init) {
624 * Make sure we don't call the main program's init and fini
625 * functions for binaries linked with old crt1 which calls
628 obj_main->init = obj_main->fini = (Elf_Addr)NULL;
629 obj_main->preinit_array = obj_main->init_array =
630 obj_main->fini_array = (Elf_Addr)NULL;
633 wlock_acquire(rtld_bind_lock, &lockstate);
634 if (obj_main->crt_no_init)
636 objlist_call_init(&initlist, &lockstate);
637 objlist_clear(&initlist);
638 dbg("loading filtees");
639 for (obj = obj_list->next; obj != NULL; obj = obj->next) {
640 if (ld_loadfltr || obj->z_loadfltr)
641 load_filtees(obj, 0, &lockstate);
643 lock_release(rtld_bind_lock, &lockstate);
645 dbg("transferring control to program entry point = %p", obj_main->entry);
647 /* Return the exit procedure and the program entry point. */
648 *exit_proc = rtld_exit;
650 return (func_ptr_type) obj_main->entry;
654 rtld_resolve_ifunc(const Obj_Entry *obj, const Elf_Sym *def)
659 ptr = (void *)make_function_pointer(def, obj);
660 target = ((Elf_Addr (*)(void))ptr)();
661 return ((void *)target);
665 _rtld_bind(Obj_Entry *obj, Elf_Size reloff)
669 const Obj_Entry *defobj;
672 RtldLockState lockstate;
674 rlock_acquire(rtld_bind_lock, &lockstate);
675 if (sigsetjmp(lockstate.env, 0) != 0)
676 lock_upgrade(rtld_bind_lock, &lockstate);
678 rel = (const Elf_Rel *) ((caddr_t) obj->pltrel + reloff);
680 rel = (const Elf_Rel *) ((caddr_t) obj->pltrela + reloff);
682 where = (Elf_Addr *) (obj->relocbase + rel->r_offset);
683 def = find_symdef(ELF_R_SYM(rel->r_info), obj, &defobj, true, NULL,
687 if (ELF_ST_TYPE(def->st_info) == STT_GNU_IFUNC)
688 target = (Elf_Addr)rtld_resolve_ifunc(defobj, def);
690 target = (Elf_Addr)(defobj->relocbase + def->st_value);
692 dbg("\"%s\" in \"%s\" ==> %p in \"%s\"",
693 defobj->strtab + def->st_name, basename(obj->path),
694 (void *)target, basename(defobj->path));
697 * Write the new contents for the jmpslot. Note that depending on
698 * architecture, the value which we need to return back to the
699 * lazy binding trampoline may or may not be the target
700 * address. The value returned from reloc_jmpslot() is the value
701 * that the trampoline needs.
703 target = reloc_jmpslot(where, target, defobj, obj, rel);
704 lock_release(rtld_bind_lock, &lockstate);
709 * Error reporting function. Use it like printf. If formats the message
710 * into a buffer, and sets things up so that the next call to dlerror()
711 * will return the message.
714 _rtld_error(const char *fmt, ...)
716 static char buf[512];
720 rtld_vsnprintf(buf, sizeof buf, fmt, ap);
726 * Return a dynamically-allocated copy of the current error message, if any.
731 return error_message == NULL ? NULL : xstrdup(error_message);
735 * Restore the current error message from a copy which was previously saved
736 * by errmsg_save(). The copy is freed.
739 errmsg_restore(char *saved_msg)
741 if (saved_msg == NULL)
742 error_message = NULL;
744 _rtld_error("%s", saved_msg);
750 basename(const char *name)
752 const char *p = strrchr(name, '/');
753 return p != NULL ? p + 1 : name;
756 static struct utsname uts;
759 origin_subst_one(char *real, const char *kw, const char *subst,
762 char *p, *p1, *res, *resp;
763 int subst_len, kw_len, subst_count, old_len, new_len;
768 * First, count the number of the keyword occurences, to
769 * preallocate the final string.
771 for (p = real, subst_count = 0;; p = p1 + kw_len, subst_count++) {
778 * If the keyword is not found, just return.
780 if (subst_count == 0)
781 return (may_free ? real : xstrdup(real));
784 * There is indeed something to substitute. Calculate the
785 * length of the resulting string, and allocate it.
787 subst_len = strlen(subst);
788 old_len = strlen(real);
789 new_len = old_len + (subst_len - kw_len) * subst_count;
790 res = xmalloc(new_len + 1);
793 * Now, execute the substitution loop.
795 for (p = real, resp = res, *resp = '\0';;) {
798 /* Copy the prefix before keyword. */
799 memcpy(resp, p, p1 - p);
801 /* Keyword replacement. */
802 memcpy(resp, subst, subst_len);
810 /* Copy to the end of string and finish. */
818 origin_subst(char *real, const char *origin_path)
820 char *res1, *res2, *res3, *res4;
822 if (uts.sysname[0] == '\0') {
823 if (uname(&uts) != 0) {
824 _rtld_error("utsname failed: %d", errno);
828 res1 = origin_subst_one(real, "$ORIGIN", origin_path, false);
829 res2 = origin_subst_one(res1, "$OSNAME", uts.sysname, true);
830 res3 = origin_subst_one(res2, "$OSREL", uts.release, true);
831 res4 = origin_subst_one(res3, "$PLATFORM", uts.machine, true);
838 const char *msg = dlerror();
842 rtld_fdputstr(STDERR_FILENO, msg);
843 rtld_fdputchar(STDERR_FILENO, '\n');
848 * Process a shared object's DYNAMIC section, and save the important
849 * information in its Obj_Entry structure.
852 digest_dynamic1(Obj_Entry *obj, int early, const Elf_Dyn **dyn_rpath,
853 const Elf_Dyn **dyn_soname, const Elf_Dyn **dyn_runpath)
856 Needed_Entry **needed_tail = &obj->needed;
857 Needed_Entry **needed_filtees_tail = &obj->needed_filtees;
858 Needed_Entry **needed_aux_filtees_tail = &obj->needed_aux_filtees;
859 const Elf_Hashelt *hashtab;
860 const Elf32_Word *hashval;
861 Elf32_Word bkt, nmaskwords;
864 int plttype = DT_REL;
870 obj->bind_now = false;
871 for (dynp = obj->dynamic; dynp->d_tag != DT_NULL; dynp++) {
872 switch (dynp->d_tag) {
875 obj->rel = (const Elf_Rel *) (obj->relocbase + dynp->d_un.d_ptr);
879 obj->relsize = dynp->d_un.d_val;
883 assert(dynp->d_un.d_val == sizeof(Elf_Rel));
887 obj->pltrel = (const Elf_Rel *)
888 (obj->relocbase + dynp->d_un.d_ptr);
892 obj->pltrelsize = dynp->d_un.d_val;
896 obj->rela = (const Elf_Rela *) (obj->relocbase + dynp->d_un.d_ptr);
900 obj->relasize = dynp->d_un.d_val;
904 assert(dynp->d_un.d_val == sizeof(Elf_Rela));
908 plttype = dynp->d_un.d_val;
909 assert(dynp->d_un.d_val == DT_REL || plttype == DT_RELA);
913 obj->symtab = (const Elf_Sym *)
914 (obj->relocbase + dynp->d_un.d_ptr);
918 assert(dynp->d_un.d_val == sizeof(Elf_Sym));
922 obj->strtab = (const char *) (obj->relocbase + dynp->d_un.d_ptr);
926 obj->strsize = dynp->d_un.d_val;
930 obj->verneed = (const Elf_Verneed *) (obj->relocbase +
935 obj->verneednum = dynp->d_un.d_val;
939 obj->verdef = (const Elf_Verdef *) (obj->relocbase +
944 obj->verdefnum = dynp->d_un.d_val;
948 obj->versyms = (const Elf_Versym *)(obj->relocbase +
954 hashtab = (const Elf_Hashelt *)(obj->relocbase +
956 obj->nbuckets = hashtab[0];
957 obj->nchains = hashtab[1];
958 obj->buckets = hashtab + 2;
959 obj->chains = obj->buckets + obj->nbuckets;
960 obj->valid_hash_sysv = obj->nbuckets > 0 && obj->nchains > 0 &&
961 obj->buckets != NULL;
967 hashtab = (const Elf_Hashelt *)(obj->relocbase +
969 obj->nbuckets_gnu = hashtab[0];
970 obj->symndx_gnu = hashtab[1];
971 nmaskwords = hashtab[2];
972 bloom_size32 = (__ELF_WORD_SIZE / 32) * nmaskwords;
973 /* Number of bitmask words is required to be power of 2 */
974 nmw_power2 = ((nmaskwords & (nmaskwords - 1)) == 0);
975 obj->maskwords_bm_gnu = nmaskwords - 1;
976 obj->shift2_gnu = hashtab[3];
977 obj->bloom_gnu = (Elf_Addr *) (hashtab + 4);
978 obj->buckets_gnu = hashtab + 4 + bloom_size32;
979 obj->chain_zero_gnu = obj->buckets_gnu + obj->nbuckets_gnu -
981 obj->valid_hash_gnu = nmw_power2 && obj->nbuckets_gnu > 0 &&
982 obj->buckets_gnu != NULL;
988 Needed_Entry *nep = NEW(Needed_Entry);
989 nep->name = dynp->d_un.d_val;
994 needed_tail = &nep->next;
1000 Needed_Entry *nep = NEW(Needed_Entry);
1001 nep->name = dynp->d_un.d_val;
1005 *needed_filtees_tail = nep;
1006 needed_filtees_tail = &nep->next;
1012 Needed_Entry *nep = NEW(Needed_Entry);
1013 nep->name = dynp->d_un.d_val;
1017 *needed_aux_filtees_tail = nep;
1018 needed_aux_filtees_tail = &nep->next;
1023 obj->pltgot = (Elf_Addr *) (obj->relocbase + dynp->d_un.d_ptr);
1027 obj->textrel = true;
1031 obj->symbolic = true;
1036 * We have to wait until later to process this, because we
1037 * might not have gotten the address of the string table yet.
1047 *dyn_runpath = dynp;
1051 obj->init = (Elf_Addr) (obj->relocbase + dynp->d_un.d_ptr);
1054 case DT_PREINIT_ARRAY:
1055 obj->preinit_array = (Elf_Addr)(obj->relocbase + dynp->d_un.d_ptr);
1058 case DT_PREINIT_ARRAYSZ:
1059 obj->preinit_array_num = dynp->d_un.d_val / sizeof(Elf_Addr);
1063 obj->init_array = (Elf_Addr)(obj->relocbase + dynp->d_un.d_ptr);
1066 case DT_INIT_ARRAYSZ:
1067 obj->init_array_num = dynp->d_un.d_val / sizeof(Elf_Addr);
1071 obj->fini = (Elf_Addr) (obj->relocbase + dynp->d_un.d_ptr);
1075 obj->fini_array = (Elf_Addr)(obj->relocbase + dynp->d_un.d_ptr);
1078 case DT_FINI_ARRAYSZ:
1079 obj->fini_array_num = dynp->d_un.d_val / sizeof(Elf_Addr);
1083 * Don't process DT_DEBUG on MIPS as the dynamic section
1084 * is mapped read-only. DT_MIPS_RLD_MAP is used instead.
1089 /* XXX - not implemented yet */
1091 dbg("Filling in DT_DEBUG entry");
1092 ((Elf_Dyn*)dynp)->d_un.d_ptr = (Elf_Addr) &r_debug;
1097 if ((dynp->d_un.d_val & DF_ORIGIN) && trust)
1098 obj->z_origin = true;
1099 if (dynp->d_un.d_val & DF_SYMBOLIC)
1100 obj->symbolic = true;
1101 if (dynp->d_un.d_val & DF_TEXTREL)
1102 obj->textrel = true;
1103 if (dynp->d_un.d_val & DF_BIND_NOW)
1104 obj->bind_now = true;
1105 /*if (dynp->d_un.d_val & DF_STATIC_TLS)
1109 case DT_MIPS_LOCAL_GOTNO:
1110 obj->local_gotno = dynp->d_un.d_val;
1113 case DT_MIPS_SYMTABNO:
1114 obj->symtabno = dynp->d_un.d_val;
1117 case DT_MIPS_GOTSYM:
1118 obj->gotsym = dynp->d_un.d_val;
1121 case DT_MIPS_RLD_MAP:
1122 *((Elf_Addr *)(dynp->d_un.d_ptr)) = (Elf_Addr) &r_debug;
1127 if (dynp->d_un.d_val & DF_1_NOOPEN)
1128 obj->z_noopen = true;
1129 if ((dynp->d_un.d_val & DF_1_ORIGIN) && trust)
1130 obj->z_origin = true;
1131 /*if (dynp->d_un.d_val & DF_1_GLOBAL)
1133 if (dynp->d_un.d_val & DF_1_BIND_NOW)
1134 obj->bind_now = true;
1135 if (dynp->d_un.d_val & DF_1_NODELETE)
1136 obj->z_nodelete = true;
1137 if (dynp->d_un.d_val & DF_1_LOADFLTR)
1138 obj->z_loadfltr = true;
1139 if (dynp->d_un.d_val & DF_1_INTERPOSE)
1140 obj->z_interpose = true;
1141 if (dynp->d_un.d_val & DF_1_NODEFLIB)
1142 obj->z_nodeflib = true;
1147 dbg("Ignoring d_tag %ld = %#lx", (long)dynp->d_tag,
1154 obj->traced = false;
1156 if (plttype == DT_RELA) {
1157 obj->pltrela = (const Elf_Rela *) obj->pltrel;
1159 obj->pltrelasize = obj->pltrelsize;
1160 obj->pltrelsize = 0;
1163 /* Determine size of dynsym table (equal to nchains of sysv hash) */
1164 if (obj->valid_hash_sysv)
1165 obj->dynsymcount = obj->nchains;
1166 else if (obj->valid_hash_gnu) {
1167 obj->dynsymcount = 0;
1168 for (bkt = 0; bkt < obj->nbuckets_gnu; bkt++) {
1169 if (obj->buckets_gnu[bkt] == 0)
1171 hashval = &obj->chain_zero_gnu[obj->buckets_gnu[bkt]];
1174 while ((*hashval++ & 1u) == 0);
1176 obj->dynsymcount += obj->symndx_gnu;
1181 digest_dynamic2(Obj_Entry *obj, const Elf_Dyn *dyn_rpath,
1182 const Elf_Dyn *dyn_soname, const Elf_Dyn *dyn_runpath)
1185 if (obj->z_origin && obj->origin_path == NULL) {
1186 obj->origin_path = xmalloc(PATH_MAX);
1187 if (rtld_dirname_abs(obj->path, obj->origin_path) == -1)
1191 if (dyn_runpath != NULL) {
1192 obj->runpath = (char *)obj->strtab + dyn_runpath->d_un.d_val;
1194 obj->runpath = origin_subst(obj->runpath, obj->origin_path);
1196 else if (dyn_rpath != NULL) {
1197 obj->rpath = (char *)obj->strtab + dyn_rpath->d_un.d_val;
1199 obj->rpath = origin_subst(obj->rpath, obj->origin_path);
1202 if (dyn_soname != NULL)
1203 object_add_name(obj, obj->strtab + dyn_soname->d_un.d_val);
1207 digest_dynamic(Obj_Entry *obj, int early)
1209 const Elf_Dyn *dyn_rpath;
1210 const Elf_Dyn *dyn_soname;
1211 const Elf_Dyn *dyn_runpath;
1213 digest_dynamic1(obj, early, &dyn_rpath, &dyn_soname, &dyn_runpath);
1214 digest_dynamic2(obj, dyn_rpath, dyn_soname, dyn_runpath);
1218 * Process a shared object's program header. This is used only for the
1219 * main program, when the kernel has already loaded the main program
1220 * into memory before calling the dynamic linker. It creates and
1221 * returns an Obj_Entry structure.
1224 digest_phdr(const Elf_Phdr *phdr, int phnum, caddr_t entry, const char *path)
1227 const Elf_Phdr *phlimit = phdr + phnum;
1229 Elf_Addr note_start, note_end;
1233 for (ph = phdr; ph < phlimit; ph++) {
1234 if (ph->p_type != PT_PHDR)
1238 obj->phsize = ph->p_memsz;
1239 obj->relocbase = (caddr_t)phdr - ph->p_vaddr;
1243 obj->stack_flags = PF_X | PF_R | PF_W;
1245 for (ph = phdr; ph < phlimit; ph++) {
1246 switch (ph->p_type) {
1249 obj->interp = (const char *)(ph->p_vaddr + obj->relocbase);
1253 if (nsegs == 0) { /* First load segment */
1254 obj->vaddrbase = trunc_page(ph->p_vaddr);
1255 obj->mapbase = obj->vaddrbase + obj->relocbase;
1256 obj->textsize = round_page(ph->p_vaddr + ph->p_memsz) -
1258 } else { /* Last load segment */
1259 obj->mapsize = round_page(ph->p_vaddr + ph->p_memsz) -
1266 obj->dynamic = (const Elf_Dyn *)(ph->p_vaddr + obj->relocbase);
1271 obj->tlssize = ph->p_memsz;
1272 obj->tlsalign = ph->p_align;
1273 obj->tlsinitsize = ph->p_filesz;
1274 obj->tlsinit = (void*)(ph->p_vaddr + obj->relocbase);
1278 obj->stack_flags = ph->p_flags;
1282 obj->relro_page = obj->relocbase + trunc_page(ph->p_vaddr);
1283 obj->relro_size = round_page(ph->p_memsz);
1287 note_start = (Elf_Addr)obj->relocbase + ph->p_vaddr;
1288 note_end = note_start + ph->p_filesz;
1289 digest_notes(obj, note_start, note_end);
1294 _rtld_error("%s: too few PT_LOAD segments", path);
1303 digest_notes(Obj_Entry *obj, Elf_Addr note_start, Elf_Addr note_end)
1305 const Elf_Note *note;
1306 const char *note_name;
1309 for (note = (const Elf_Note *)note_start; (Elf_Addr)note < note_end;
1310 note = (const Elf_Note *)((const char *)(note + 1) +
1311 roundup2(note->n_namesz, sizeof(Elf32_Addr)) +
1312 roundup2(note->n_descsz, sizeof(Elf32_Addr)))) {
1313 if (note->n_namesz != sizeof(NOTE_FREEBSD_VENDOR) ||
1314 note->n_descsz != sizeof(int32_t))
1316 if (note->n_type != ABI_NOTETYPE &&
1317 note->n_type != CRT_NOINIT_NOTETYPE)
1319 note_name = (const char *)(note + 1);
1320 if (strncmp(NOTE_FREEBSD_VENDOR, note_name,
1321 sizeof(NOTE_FREEBSD_VENDOR)) != 0)
1323 switch (note->n_type) {
1325 /* FreeBSD osrel note */
1326 p = (uintptr_t)(note + 1);
1327 p += roundup2(note->n_namesz, sizeof(Elf32_Addr));
1328 obj->osrel = *(const int32_t *)(p);
1329 dbg("note osrel %d", obj->osrel);
1331 case CRT_NOINIT_NOTETYPE:
1332 /* FreeBSD 'crt does not call init' note */
1333 obj->crt_no_init = true;
1334 dbg("note crt_no_init");
1341 dlcheck(void *handle)
1345 for (obj = obj_list; obj != NULL; obj = obj->next)
1346 if (obj == (Obj_Entry *) handle)
1349 if (obj == NULL || obj->refcount == 0 || obj->dl_refcount == 0) {
1350 _rtld_error("Invalid shared object handle %p", handle);
1357 * If the given object is already in the donelist, return true. Otherwise
1358 * add the object to the list and return false.
1361 donelist_check(DoneList *dlp, const Obj_Entry *obj)
1365 for (i = 0; i < dlp->num_used; i++)
1366 if (dlp->objs[i] == obj)
1369 * Our donelist allocation should always be sufficient. But if
1370 * our threads locking isn't working properly, more shared objects
1371 * could have been loaded since we allocated the list. That should
1372 * never happen, but we'll handle it properly just in case it does.
1374 if (dlp->num_used < dlp->num_alloc)
1375 dlp->objs[dlp->num_used++] = obj;
1380 * Hash function for symbol table lookup. Don't even think about changing
1381 * this. It is specified by the System V ABI.
1384 elf_hash(const char *name)
1386 const unsigned char *p = (const unsigned char *) name;
1387 unsigned long h = 0;
1390 while (*p != '\0') {
1391 h = (h << 4) + *p++;
1392 if ((g = h & 0xf0000000) != 0)
1400 * The GNU hash function is the Daniel J. Bernstein hash clipped to 32 bits
1401 * unsigned in case it's implemented with a wider type.
1404 gnu_hash(const char *s)
1410 for (c = *s; c != '\0'; c = *++s)
1412 return (h & 0xffffffff);
1416 * Find the library with the given name, and return its full pathname.
1417 * The returned string is dynamically allocated. Generates an error
1418 * message and returns NULL if the library cannot be found.
1420 * If the second argument is non-NULL, then it refers to an already-
1421 * loaded shared object, whose library search path will be searched.
1423 * The search order is:
1424 * DT_RPATH in the referencing file _unless_ DT_RUNPATH is present (1)
1425 * DT_RPATH of the main object if DSO without defined DT_RUNPATH (1)
1427 * DT_RUNPATH in the referencing file
1428 * ldconfig hints (if -z nodefaultlib, filter out default library directories
1430 * /lib:/usr/lib _unless_ the referencing file is linked with -z nodefaultlib
1432 * (1) Handled in digest_dynamic2 - rpath left NULL if runpath defined.
1435 find_library(const char *xname, const Obj_Entry *refobj)
1439 bool nodeflib, objgiven;
1441 objgiven = refobj != NULL;
1442 if (strchr(xname, '/') != NULL) { /* Hard coded pathname */
1443 if (xname[0] != '/' && !trust) {
1444 _rtld_error("Absolute pathname required for shared object \"%s\"",
1448 if (objgiven && refobj->z_origin) {
1449 return (origin_subst(__DECONST(char *, xname),
1450 refobj->origin_path));
1452 return (xstrdup(xname));
1456 if (libmap_disable || !objgiven ||
1457 (name = lm_find(refobj->path, xname)) == NULL)
1458 name = (char *)xname;
1460 dbg(" Searching for \"%s\"", name);
1463 * If refobj->rpath != NULL, then refobj->runpath is NULL. Fall
1464 * back to pre-conforming behaviour if user requested so with
1465 * LD_LIBRARY_PATH_RPATH environment variable and ignore -z
1468 if (objgiven && refobj->rpath != NULL && ld_library_path_rpath) {
1469 if ((pathname = search_library_path(name, ld_library_path)) != NULL ||
1471 (pathname = search_library_path(name, refobj->rpath)) != NULL) ||
1472 (pathname = search_library_path(name, gethints(false))) != NULL ||
1473 (pathname = search_library_path(name, STANDARD_LIBRARY_PATH)) != NULL)
1476 nodeflib = objgiven ? refobj->z_nodeflib : false;
1478 (pathname = search_library_path(name, refobj->rpath)) != NULL) ||
1479 (objgiven && refobj->runpath == NULL && refobj != obj_main &&
1480 (pathname = search_library_path(name, obj_main->rpath)) != NULL) ||
1481 (pathname = search_library_path(name, ld_library_path)) != NULL ||
1483 (pathname = search_library_path(name, refobj->runpath)) != NULL) ||
1484 (pathname = search_library_path(name, gethints(nodeflib))) != NULL ||
1485 (objgiven && !nodeflib &&
1486 (pathname = search_library_path(name, STANDARD_LIBRARY_PATH)) != NULL))
1490 if (objgiven && refobj->path != NULL) {
1491 _rtld_error("Shared object \"%s\" not found, required by \"%s\"",
1492 name, basename(refobj->path));
1494 _rtld_error("Shared object \"%s\" not found", name);
1500 * Given a symbol number in a referencing object, find the corresponding
1501 * definition of the symbol. Returns a pointer to the symbol, or NULL if
1502 * no definition was found. Returns a pointer to the Obj_Entry of the
1503 * defining object via the reference parameter DEFOBJ_OUT.
1506 find_symdef(unsigned long symnum, const Obj_Entry *refobj,
1507 const Obj_Entry **defobj_out, int flags, SymCache *cache,
1508 RtldLockState *lockstate)
1512 const Obj_Entry *defobj;
1518 * If we have already found this symbol, get the information from
1521 if (symnum >= refobj->dynsymcount)
1522 return NULL; /* Bad object */
1523 if (cache != NULL && cache[symnum].sym != NULL) {
1524 *defobj_out = cache[symnum].obj;
1525 return cache[symnum].sym;
1528 ref = refobj->symtab + symnum;
1529 name = refobj->strtab + ref->st_name;
1534 * We don't have to do a full scale lookup if the symbol is local.
1535 * We know it will bind to the instance in this load module; to
1536 * which we already have a pointer (ie ref). By not doing a lookup,
1537 * we not only improve performance, but it also avoids unresolvable
1538 * symbols when local symbols are not in the hash table. This has
1539 * been seen with the ia64 toolchain.
1541 if (ELF_ST_BIND(ref->st_info) != STB_LOCAL) {
1542 if (ELF_ST_TYPE(ref->st_info) == STT_SECTION) {
1543 _rtld_error("%s: Bogus symbol table entry %lu", refobj->path,
1546 symlook_init(&req, name);
1548 req.ventry = fetch_ventry(refobj, symnum);
1549 req.lockstate = lockstate;
1550 res = symlook_default(&req, refobj);
1553 defobj = req.defobj_out;
1561 * If we found no definition and the reference is weak, treat the
1562 * symbol as having the value zero.
1564 if (def == NULL && ELF_ST_BIND(ref->st_info) == STB_WEAK) {
1570 *defobj_out = defobj;
1571 /* Record the information in the cache to avoid subsequent lookups. */
1572 if (cache != NULL) {
1573 cache[symnum].sym = def;
1574 cache[symnum].obj = defobj;
1577 if (refobj != &obj_rtld)
1578 _rtld_error("%s: Undefined symbol \"%s\"", refobj->path, name);
1584 * Return the search path from the ldconfig hints file, reading it if
1585 * necessary. If nostdlib is true, then the default search paths are
1586 * not added to result.
1588 * Returns NULL if there are problems with the hints file,
1589 * or if the search path there is empty.
1592 gethints(bool nostdlib)
1594 static char *hints, *filtered_path;
1595 struct elfhints_hdr hdr;
1596 struct fill_search_info_args sargs, hargs;
1597 struct dl_serinfo smeta, hmeta, *SLPinfo, *hintinfo;
1598 struct dl_serpath *SLPpath, *hintpath;
1600 unsigned int SLPndx, hintndx, fndx, fcount;
1605 /* First call, read the hints file */
1606 if (hints == NULL) {
1607 /* Keep from trying again in case the hints file is bad. */
1610 if ((fd = open(ld_elf_hints_path, O_RDONLY | O_CLOEXEC)) == -1)
1612 if (read(fd, &hdr, sizeof hdr) != sizeof hdr ||
1613 hdr.magic != ELFHINTS_MAGIC ||
1618 p = xmalloc(hdr.dirlistlen + 1);
1619 if (lseek(fd, hdr.strtab + hdr.dirlist, SEEK_SET) == -1 ||
1620 read(fd, p, hdr.dirlistlen + 1) !=
1621 (ssize_t)hdr.dirlistlen + 1) {
1631 * If caller agreed to receive list which includes the default
1632 * paths, we are done. Otherwise, if we still did not
1633 * calculated filtered result, do it now.
1636 return (hints[0] != '\0' ? hints : NULL);
1637 if (filtered_path != NULL)
1641 * Obtain the list of all configured search paths, and the
1642 * list of the default paths.
1644 * First estimate the size of the results.
1646 smeta.dls_size = __offsetof(struct dl_serinfo, dls_serpath);
1648 hmeta.dls_size = __offsetof(struct dl_serinfo, dls_serpath);
1651 sargs.request = RTLD_DI_SERINFOSIZE;
1652 sargs.serinfo = &smeta;
1653 hargs.request = RTLD_DI_SERINFOSIZE;
1654 hargs.serinfo = &hmeta;
1656 path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &sargs);
1657 path_enumerate(p, fill_search_info, &hargs);
1659 SLPinfo = xmalloc(smeta.dls_size);
1660 hintinfo = xmalloc(hmeta.dls_size);
1663 * Next fetch both sets of paths.
1665 sargs.request = RTLD_DI_SERINFO;
1666 sargs.serinfo = SLPinfo;
1667 sargs.serpath = &SLPinfo->dls_serpath[0];
1668 sargs.strspace = (char *)&SLPinfo->dls_serpath[smeta.dls_cnt];
1670 hargs.request = RTLD_DI_SERINFO;
1671 hargs.serinfo = hintinfo;
1672 hargs.serpath = &hintinfo->dls_serpath[0];
1673 hargs.strspace = (char *)&hintinfo->dls_serpath[hmeta.dls_cnt];
1675 path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &sargs);
1676 path_enumerate(p, fill_search_info, &hargs);
1679 * Now calculate the difference between two sets, by excluding
1680 * standard paths from the full set.
1684 filtered_path = xmalloc(hdr.dirlistlen + 1);
1685 hintpath = &hintinfo->dls_serpath[0];
1686 for (hintndx = 0; hintndx < hmeta.dls_cnt; hintndx++, hintpath++) {
1688 SLPpath = &SLPinfo->dls_serpath[0];
1690 * Check each standard path against current.
1692 for (SLPndx = 0; SLPndx < smeta.dls_cnt; SLPndx++, SLPpath++) {
1693 /* matched, skip the path */
1694 if (!strcmp(hintpath->dls_name, SLPpath->dls_name)) {
1702 * Not matched against any standard path, add the path
1703 * to result. Separate consequtive paths with ':'.
1706 filtered_path[fndx] = ':';
1710 flen = strlen(hintpath->dls_name);
1711 strncpy((filtered_path + fndx), hintpath->dls_name, flen);
1714 filtered_path[fndx] = '\0';
1720 return (filtered_path[0] != '\0' ? filtered_path : NULL);
1724 init_dag(Obj_Entry *root)
1726 const Needed_Entry *needed;
1727 const Objlist_Entry *elm;
1730 if (root->dag_inited)
1732 donelist_init(&donelist);
1734 /* Root object belongs to own DAG. */
1735 objlist_push_tail(&root->dldags, root);
1736 objlist_push_tail(&root->dagmembers, root);
1737 donelist_check(&donelist, root);
1740 * Add dependencies of root object to DAG in breadth order
1741 * by exploiting the fact that each new object get added
1742 * to the tail of the dagmembers list.
1744 STAILQ_FOREACH(elm, &root->dagmembers, link) {
1745 for (needed = elm->obj->needed; needed != NULL; needed = needed->next) {
1746 if (needed->obj == NULL || donelist_check(&donelist, needed->obj))
1748 objlist_push_tail(&needed->obj->dldags, root);
1749 objlist_push_tail(&root->dagmembers, needed->obj);
1752 root->dag_inited = true;
1756 process_nodelete(Obj_Entry *root)
1758 const Objlist_Entry *elm;
1761 * Walk over object DAG and process every dependent object that
1762 * is marked as DF_1_NODELETE. They need to grow their own DAG,
1763 * which then should have its reference upped separately.
1765 STAILQ_FOREACH(elm, &root->dagmembers, link) {
1766 if (elm->obj != NULL && elm->obj->z_nodelete &&
1767 !elm->obj->ref_nodel) {
1768 dbg("obj %s nodelete", elm->obj->path);
1771 elm->obj->ref_nodel = true;
1776 * Initialize the dynamic linker. The argument is the address at which
1777 * the dynamic linker has been mapped into memory. The primary task of
1778 * this function is to relocate the dynamic linker.
1781 init_rtld(caddr_t mapbase, Elf_Auxinfo **aux_info)
1783 Obj_Entry objtmp; /* Temporary rtld object */
1784 const Elf_Dyn *dyn_rpath;
1785 const Elf_Dyn *dyn_soname;
1786 const Elf_Dyn *dyn_runpath;
1789 * Conjure up an Obj_Entry structure for the dynamic linker.
1791 * The "path" member can't be initialized yet because string constants
1792 * cannot yet be accessed. Below we will set it correctly.
1794 memset(&objtmp, 0, sizeof(objtmp));
1797 objtmp.mapbase = mapbase;
1799 objtmp.relocbase = mapbase;
1801 if (RTLD_IS_DYNAMIC()) {
1802 objtmp.dynamic = rtld_dynamic(&objtmp);
1803 digest_dynamic1(&objtmp, 1, &dyn_rpath, &dyn_soname, &dyn_runpath);
1804 assert(objtmp.needed == NULL);
1805 #if !defined(__mips__)
1806 /* MIPS has a bogus DT_TEXTREL. */
1807 assert(!objtmp.textrel);
1811 * Temporarily put the dynamic linker entry into the object list, so
1812 * that symbols can be found.
1815 relocate_objects(&objtmp, true, &objtmp, 0, NULL);
1818 /* Initialize the object list. */
1819 obj_tail = &obj_list;
1821 /* Now that non-local variables can be accesses, copy out obj_rtld. */
1822 memcpy(&obj_rtld, &objtmp, sizeof(obj_rtld));
1824 if (aux_info[AT_PAGESZ] != NULL)
1825 pagesize = aux_info[AT_PAGESZ]->a_un.a_val;
1826 if (aux_info[AT_OSRELDATE] != NULL)
1827 osreldate = aux_info[AT_OSRELDATE]->a_un.a_val;
1829 digest_dynamic2(&obj_rtld, dyn_rpath, dyn_soname, dyn_runpath);
1831 /* Replace the path with a dynamically allocated copy. */
1832 obj_rtld.path = xstrdup(PATH_RTLD);
1834 r_debug.r_brk = r_debug_state;
1835 r_debug.r_state = RT_CONSISTENT;
1839 * Add the init functions from a needed object list (and its recursive
1840 * needed objects) to "list". This is not used directly; it is a helper
1841 * function for initlist_add_objects(). The write lock must be held
1842 * when this function is called.
1845 initlist_add_neededs(Needed_Entry *needed, Objlist *list)
1847 /* Recursively process the successor needed objects. */
1848 if (needed->next != NULL)
1849 initlist_add_neededs(needed->next, list);
1851 /* Process the current needed object. */
1852 if (needed->obj != NULL)
1853 initlist_add_objects(needed->obj, &needed->obj->next, list);
1857 * Scan all of the DAGs rooted in the range of objects from "obj" to
1858 * "tail" and add their init functions to "list". This recurses over
1859 * the DAGs and ensure the proper init ordering such that each object's
1860 * needed libraries are initialized before the object itself. At the
1861 * same time, this function adds the objects to the global finalization
1862 * list "list_fini" in the opposite order. The write lock must be
1863 * held when this function is called.
1866 initlist_add_objects(Obj_Entry *obj, Obj_Entry **tail, Objlist *list)
1869 if (obj->init_scanned || obj->init_done)
1871 obj->init_scanned = true;
1873 /* Recursively process the successor objects. */
1874 if (&obj->next != tail)
1875 initlist_add_objects(obj->next, tail, list);
1877 /* Recursively process the needed objects. */
1878 if (obj->needed != NULL)
1879 initlist_add_neededs(obj->needed, list);
1880 if (obj->needed_filtees != NULL)
1881 initlist_add_neededs(obj->needed_filtees, list);
1882 if (obj->needed_aux_filtees != NULL)
1883 initlist_add_neededs(obj->needed_aux_filtees, list);
1885 /* Add the object to the init list. */
1886 if (obj->preinit_array != (Elf_Addr)NULL || obj->init != (Elf_Addr)NULL ||
1887 obj->init_array != (Elf_Addr)NULL)
1888 objlist_push_tail(list, obj);
1890 /* Add the object to the global fini list in the reverse order. */
1891 if ((obj->fini != (Elf_Addr)NULL || obj->fini_array != (Elf_Addr)NULL)
1892 && !obj->on_fini_list) {
1893 objlist_push_head(&list_fini, obj);
1894 obj->on_fini_list = true;
1899 #define FPTR_TARGET(f) ((Elf_Addr) (f))
1903 free_needed_filtees(Needed_Entry *n)
1905 Needed_Entry *needed, *needed1;
1907 for (needed = n; needed != NULL; needed = needed->next) {
1908 if (needed->obj != NULL) {
1909 dlclose(needed->obj);
1913 for (needed = n; needed != NULL; needed = needed1) {
1914 needed1 = needed->next;
1920 unload_filtees(Obj_Entry *obj)
1923 free_needed_filtees(obj->needed_filtees);
1924 obj->needed_filtees = NULL;
1925 free_needed_filtees(obj->needed_aux_filtees);
1926 obj->needed_aux_filtees = NULL;
1927 obj->filtees_loaded = false;
1931 load_filtee1(Obj_Entry *obj, Needed_Entry *needed, int flags,
1932 RtldLockState *lockstate)
1935 for (; needed != NULL; needed = needed->next) {
1936 needed->obj = dlopen_object(obj->strtab + needed->name, -1, obj,
1937 flags, ((ld_loadfltr || obj->z_loadfltr) ? RTLD_NOW : RTLD_LAZY) |
1938 RTLD_LOCAL, lockstate);
1943 load_filtees(Obj_Entry *obj, int flags, RtldLockState *lockstate)
1946 lock_restart_for_upgrade(lockstate);
1947 if (!obj->filtees_loaded) {
1948 load_filtee1(obj, obj->needed_filtees, flags, lockstate);
1949 load_filtee1(obj, obj->needed_aux_filtees, flags, lockstate);
1950 obj->filtees_loaded = true;
1955 process_needed(Obj_Entry *obj, Needed_Entry *needed, int flags)
1959 for (; needed != NULL; needed = needed->next) {
1960 obj1 = needed->obj = load_object(obj->strtab + needed->name, -1, obj,
1961 flags & ~RTLD_LO_NOLOAD);
1962 if (obj1 == NULL && !ld_tracing && (flags & RTLD_LO_FILTEES) == 0)
1969 * Given a shared object, traverse its list of needed objects, and load
1970 * each of them. Returns 0 on success. Generates an error message and
1971 * returns -1 on failure.
1974 load_needed_objects(Obj_Entry *first, int flags)
1978 for (obj = first; obj != NULL; obj = obj->next) {
1979 if (process_needed(obj, obj->needed, flags) == -1)
1986 load_preload_objects(void)
1988 char *p = ld_preload;
1990 static const char delim[] = " \t:;";
1995 p += strspn(p, delim);
1996 while (*p != '\0') {
1997 size_t len = strcspn(p, delim);
2002 obj = load_object(p, -1, NULL, 0);
2004 return -1; /* XXX - cleanup */
2005 obj->z_interpose = true;
2008 p += strspn(p, delim);
2010 LD_UTRACE(UTRACE_PRELOAD_FINISHED, NULL, NULL, 0, 0, NULL);
2015 printable_path(const char *path)
2018 return (path == NULL ? "<unknown>" : path);
2022 * Load a shared object into memory, if it is not already loaded. The
2023 * object may be specified by name or by user-supplied file descriptor
2024 * fd_u. In the later case, the fd_u descriptor is not closed, but its
2027 * Returns a pointer to the Obj_Entry for the object. Returns NULL
2031 load_object(const char *name, int fd_u, const Obj_Entry *refobj, int flags)
2039 for (obj = obj_list->next; obj != NULL; obj = obj->next) {
2040 if (object_match_name(obj, name))
2044 path = find_library(name, refobj);
2051 * If we didn't find a match by pathname, or the name is not
2052 * supplied, open the file and check again by device and inode.
2053 * This avoids false mismatches caused by multiple links or ".."
2056 * To avoid a race, we open the file and use fstat() rather than
2061 if ((fd = open(path, O_RDONLY | O_CLOEXEC)) == -1) {
2062 _rtld_error("Cannot open \"%s\"", path);
2067 fd = fcntl(fd_u, F_DUPFD_CLOEXEC, 0);
2069 _rtld_error("Cannot dup fd");
2074 if (fstat(fd, &sb) == -1) {
2075 _rtld_error("Cannot fstat \"%s\"", printable_path(path));
2080 for (obj = obj_list->next; obj != NULL; obj = obj->next)
2081 if (obj->ino == sb.st_ino && obj->dev == sb.st_dev)
2083 if (obj != NULL && name != NULL) {
2084 object_add_name(obj, name);
2089 if (flags & RTLD_LO_NOLOAD) {
2095 /* First use of this object, so we must map it in */
2096 obj = do_load_object(fd, name, path, &sb, flags);
2105 do_load_object(int fd, const char *name, char *path, struct stat *sbp,
2112 * but first, make sure that environment variables haven't been
2113 * used to circumvent the noexec flag on a filesystem.
2115 if (dangerous_ld_env) {
2116 if (fstatfs(fd, &fs) != 0) {
2117 _rtld_error("Cannot fstatfs \"%s\"", printable_path(path));
2120 if (fs.f_flags & MNT_NOEXEC) {
2121 _rtld_error("Cannot execute objects on %s\n", fs.f_mntonname);
2125 dbg("loading \"%s\"", printable_path(path));
2126 obj = map_object(fd, printable_path(path), sbp);
2131 * If DT_SONAME is present in the object, digest_dynamic2 already
2132 * added it to the object names.
2135 object_add_name(obj, name);
2137 digest_dynamic(obj, 0);
2138 dbg("%s valid_hash_sysv %d valid_hash_gnu %d dynsymcount %d", obj->path,
2139 obj->valid_hash_sysv, obj->valid_hash_gnu, obj->dynsymcount);
2140 if (obj->z_noopen && (flags & (RTLD_LO_DLOPEN | RTLD_LO_TRACE)) ==
2142 dbg("refusing to load non-loadable \"%s\"", obj->path);
2143 _rtld_error("Cannot dlopen non-loadable %s", obj->path);
2144 munmap(obj->mapbase, obj->mapsize);
2150 obj_tail = &obj->next;
2153 linkmap_add(obj); /* for GDB & dlinfo() */
2154 max_stack_flags |= obj->stack_flags;
2156 dbg(" %p .. %p: %s", obj->mapbase,
2157 obj->mapbase + obj->mapsize - 1, obj->path);
2159 dbg(" WARNING: %s has impure text", obj->path);
2160 LD_UTRACE(UTRACE_LOAD_OBJECT, obj, obj->mapbase, obj->mapsize, 0,
2167 obj_from_addr(const void *addr)
2171 for (obj = obj_list; obj != NULL; obj = obj->next) {
2172 if (addr < (void *) obj->mapbase)
2174 if (addr < (void *) (obj->mapbase + obj->mapsize))
2183 Elf_Addr *preinit_addr;
2186 preinit_addr = (Elf_Addr *)obj_main->preinit_array;
2187 if (preinit_addr == NULL)
2190 for (index = 0; index < obj_main->preinit_array_num; index++) {
2191 if (preinit_addr[index] != 0 && preinit_addr[index] != 1) {
2192 dbg("calling preinit function for %s at %p", obj_main->path,
2193 (void *)preinit_addr[index]);
2194 LD_UTRACE(UTRACE_INIT_CALL, obj_main, (void *)preinit_addr[index],
2195 0, 0, obj_main->path);
2196 call_init_pointer(obj_main, preinit_addr[index]);
2202 * Call the finalization functions for each of the objects in "list"
2203 * belonging to the DAG of "root" and referenced once. If NULL "root"
2204 * is specified, every finalization function will be called regardless
2205 * of the reference count and the list elements won't be freed. All of
2206 * the objects are expected to have non-NULL fini functions.
2209 objlist_call_fini(Objlist *list, Obj_Entry *root, RtldLockState *lockstate)
2213 Elf_Addr *fini_addr;
2216 assert(root == NULL || root->refcount == 1);
2219 * Preserve the current error message since a fini function might
2220 * call into the dynamic linker and overwrite it.
2222 saved_msg = errmsg_save();
2224 STAILQ_FOREACH(elm, list, link) {
2225 if (root != NULL && (elm->obj->refcount != 1 ||
2226 objlist_find(&root->dagmembers, elm->obj) == NULL))
2228 /* Remove object from fini list to prevent recursive invocation. */
2229 STAILQ_REMOVE(list, elm, Struct_Objlist_Entry, link);
2231 * XXX: If a dlopen() call references an object while the
2232 * fini function is in progress, we might end up trying to
2233 * unload the referenced object in dlclose() or the object
2234 * won't be unloaded although its fini function has been
2237 lock_release(rtld_bind_lock, lockstate);
2240 * It is legal to have both DT_FINI and DT_FINI_ARRAY defined.
2241 * When this happens, DT_FINI_ARRAY is processed first.
2243 fini_addr = (Elf_Addr *)elm->obj->fini_array;
2244 if (fini_addr != NULL && elm->obj->fini_array_num > 0) {
2245 for (index = elm->obj->fini_array_num - 1; index >= 0;
2247 if (fini_addr[index] != 0 && fini_addr[index] != 1) {
2248 dbg("calling fini function for %s at %p",
2249 elm->obj->path, (void *)fini_addr[index]);
2250 LD_UTRACE(UTRACE_FINI_CALL, elm->obj,
2251 (void *)fini_addr[index], 0, 0, elm->obj->path);
2252 call_initfini_pointer(elm->obj, fini_addr[index]);
2256 if (elm->obj->fini != (Elf_Addr)NULL) {
2257 dbg("calling fini function for %s at %p", elm->obj->path,
2258 (void *)elm->obj->fini);
2259 LD_UTRACE(UTRACE_FINI_CALL, elm->obj, (void *)elm->obj->fini,
2260 0, 0, elm->obj->path);
2261 call_initfini_pointer(elm->obj, elm->obj->fini);
2263 wlock_acquire(rtld_bind_lock, lockstate);
2264 /* No need to free anything if process is going down. */
2268 * We must restart the list traversal after every fini call
2269 * because a dlclose() call from the fini function or from
2270 * another thread might have modified the reference counts.
2274 } while (elm != NULL);
2275 errmsg_restore(saved_msg);
2279 * Call the initialization functions for each of the objects in
2280 * "list". All of the objects are expected to have non-NULL init
2284 objlist_call_init(Objlist *list, RtldLockState *lockstate)
2289 Elf_Addr *init_addr;
2293 * Clean init_scanned flag so that objects can be rechecked and
2294 * possibly initialized earlier if any of vectors called below
2295 * cause the change by using dlopen.
2297 for (obj = obj_list; obj != NULL; obj = obj->next)
2298 obj->init_scanned = false;
2301 * Preserve the current error message since an init function might
2302 * call into the dynamic linker and overwrite it.
2304 saved_msg = errmsg_save();
2305 STAILQ_FOREACH(elm, list, link) {
2306 if (elm->obj->init_done) /* Initialized early. */
2309 * Race: other thread might try to use this object before current
2310 * one completes the initilization. Not much can be done here
2311 * without better locking.
2313 elm->obj->init_done = true;
2314 lock_release(rtld_bind_lock, lockstate);
2317 * It is legal to have both DT_INIT and DT_INIT_ARRAY defined.
2318 * When this happens, DT_INIT is processed first.
2320 if (elm->obj->init != (Elf_Addr)NULL) {
2321 dbg("calling init function for %s at %p", elm->obj->path,
2322 (void *)elm->obj->init);
2323 LD_UTRACE(UTRACE_INIT_CALL, elm->obj, (void *)elm->obj->init,
2324 0, 0, elm->obj->path);
2325 call_initfini_pointer(elm->obj, elm->obj->init);
2327 init_addr = (Elf_Addr *)elm->obj->init_array;
2328 if (init_addr != NULL) {
2329 for (index = 0; index < elm->obj->init_array_num; index++) {
2330 if (init_addr[index] != 0 && init_addr[index] != 1) {
2331 dbg("calling init function for %s at %p", elm->obj->path,
2332 (void *)init_addr[index]);
2333 LD_UTRACE(UTRACE_INIT_CALL, elm->obj,
2334 (void *)init_addr[index], 0, 0, elm->obj->path);
2335 call_init_pointer(elm->obj, init_addr[index]);
2339 wlock_acquire(rtld_bind_lock, lockstate);
2341 errmsg_restore(saved_msg);
2345 objlist_clear(Objlist *list)
2349 while (!STAILQ_EMPTY(list)) {
2350 elm = STAILQ_FIRST(list);
2351 STAILQ_REMOVE_HEAD(list, link);
2356 static Objlist_Entry *
2357 objlist_find(Objlist *list, const Obj_Entry *obj)
2361 STAILQ_FOREACH(elm, list, link)
2362 if (elm->obj == obj)
2368 objlist_init(Objlist *list)
2374 objlist_push_head(Objlist *list, Obj_Entry *obj)
2378 elm = NEW(Objlist_Entry);
2380 STAILQ_INSERT_HEAD(list, elm, link);
2384 objlist_push_tail(Objlist *list, Obj_Entry *obj)
2388 elm = NEW(Objlist_Entry);
2390 STAILQ_INSERT_TAIL(list, elm, link);
2394 objlist_put_after(Objlist *list, Obj_Entry *listobj, Obj_Entry *obj)
2396 Objlist_Entry *elm, *listelm;
2398 STAILQ_FOREACH(listelm, list, link) {
2399 if (listelm->obj == listobj)
2402 elm = NEW(Objlist_Entry);
2404 if (listelm != NULL)
2405 STAILQ_INSERT_AFTER(list, listelm, elm, link);
2407 STAILQ_INSERT_TAIL(list, elm, link);
2411 objlist_remove(Objlist *list, Obj_Entry *obj)
2415 if ((elm = objlist_find(list, obj)) != NULL) {
2416 STAILQ_REMOVE(list, elm, Struct_Objlist_Entry, link);
2422 * Relocate dag rooted in the specified object.
2423 * Returns 0 on success, or -1 on failure.
2427 relocate_object_dag(Obj_Entry *root, bool bind_now, Obj_Entry *rtldobj,
2428 int flags, RtldLockState *lockstate)
2434 STAILQ_FOREACH(elm, &root->dagmembers, link) {
2435 error = relocate_object(elm->obj, bind_now, rtldobj, flags,
2444 * Relocate single object.
2445 * Returns 0 on success, or -1 on failure.
2448 relocate_object(Obj_Entry *obj, bool bind_now, Obj_Entry *rtldobj,
2449 int flags, RtldLockState *lockstate)
2454 obj->relocated = true;
2456 dbg("relocating \"%s\"", obj->path);
2458 if (obj->symtab == NULL || obj->strtab == NULL ||
2459 !(obj->valid_hash_sysv || obj->valid_hash_gnu)) {
2460 _rtld_error("%s: Shared object has no run-time symbol table",
2466 /* There are relocations to the write-protected text segment. */
2467 if (mprotect(obj->mapbase, obj->textsize,
2468 PROT_READ|PROT_WRITE|PROT_EXEC) == -1) {
2469 _rtld_error("%s: Cannot write-enable text segment: %s",
2470 obj->path, rtld_strerror(errno));
2475 /* Process the non-PLT relocations. */
2476 if (reloc_non_plt(obj, rtldobj, flags, lockstate))
2479 if (obj->textrel) { /* Re-protected the text segment. */
2480 if (mprotect(obj->mapbase, obj->textsize,
2481 PROT_READ|PROT_EXEC) == -1) {
2482 _rtld_error("%s: Cannot write-protect text segment: %s",
2483 obj->path, rtld_strerror(errno));
2489 /* Set the special PLT or GOT entries. */
2492 /* Process the PLT relocations. */
2493 if (reloc_plt(obj) == -1)
2495 /* Relocate the jump slots if we are doing immediate binding. */
2496 if (obj->bind_now || bind_now)
2497 if (reloc_jmpslots(obj, flags, lockstate) == -1)
2500 if (obj->relro_size > 0) {
2501 if (mprotect(obj->relro_page, obj->relro_size,
2503 _rtld_error("%s: Cannot enforce relro protection: %s",
2504 obj->path, rtld_strerror(errno));
2510 * Set up the magic number and version in the Obj_Entry. These
2511 * were checked in the crt1.o from the original ElfKit, so we
2512 * set them for backward compatibility.
2514 obj->magic = RTLD_MAGIC;
2515 obj->version = RTLD_VERSION;
2521 * Relocate newly-loaded shared objects. The argument is a pointer to
2522 * the Obj_Entry for the first such object. All objects from the first
2523 * to the end of the list of objects are relocated. Returns 0 on success,
2527 relocate_objects(Obj_Entry *first, bool bind_now, Obj_Entry *rtldobj,
2528 int flags, RtldLockState *lockstate)
2533 for (error = 0, obj = first; obj != NULL; obj = obj->next) {
2534 error = relocate_object(obj, bind_now, rtldobj, flags,
2543 * The handling of R_MACHINE_IRELATIVE relocations and jumpslots
2544 * referencing STT_GNU_IFUNC symbols is postponed till the other
2545 * relocations are done. The indirect functions specified as
2546 * ifunc are allowed to call other symbols, so we need to have
2547 * objects relocated before asking for resolution from indirects.
2549 * The R_MACHINE_IRELATIVE slots are resolved in greedy fashion,
2550 * instead of the usual lazy handling of PLT slots. It is
2551 * consistent with how GNU does it.
2554 resolve_object_ifunc(Obj_Entry *obj, bool bind_now, int flags,
2555 RtldLockState *lockstate)
2557 if (obj->irelative && reloc_iresolve(obj, lockstate) == -1)
2559 if ((obj->bind_now || bind_now) && obj->gnu_ifunc &&
2560 reloc_gnu_ifunc(obj, flags, lockstate) == -1)
2566 resolve_objects_ifunc(Obj_Entry *first, bool bind_now, int flags,
2567 RtldLockState *lockstate)
2571 for (obj = first; obj != NULL; obj = obj->next) {
2572 if (resolve_object_ifunc(obj, bind_now, flags, lockstate) == -1)
2579 initlist_objects_ifunc(Objlist *list, bool bind_now, int flags,
2580 RtldLockState *lockstate)
2584 STAILQ_FOREACH(elm, list, link) {
2585 if (resolve_object_ifunc(elm->obj, bind_now, flags,
2593 * Cleanup procedure. It will be called (by the atexit mechanism) just
2594 * before the process exits.
2599 RtldLockState lockstate;
2601 wlock_acquire(rtld_bind_lock, &lockstate);
2603 objlist_call_fini(&list_fini, NULL, &lockstate);
2604 /* No need to remove the items from the list, since we are exiting. */
2605 if (!libmap_disable)
2607 lock_release(rtld_bind_lock, &lockstate);
2611 * Iterate over a search path, translate each element, and invoke the
2612 * callback on the result.
2615 path_enumerate(const char *path, path_enum_proc callback, void *arg)
2621 path += strspn(path, ":;");
2622 while (*path != '\0') {
2626 len = strcspn(path, ":;");
2627 trans = lm_findn(NULL, path, len);
2629 res = callback(trans, strlen(trans), arg);
2631 res = callback(path, len, arg);
2637 path += strspn(path, ":;");
2643 struct try_library_args {
2651 try_library_path(const char *dir, size_t dirlen, void *param)
2653 struct try_library_args *arg;
2656 if (*dir == '/' || trust) {
2659 if (dirlen + 1 + arg->namelen + 1 > arg->buflen)
2662 pathname = arg->buffer;
2663 strncpy(pathname, dir, dirlen);
2664 pathname[dirlen] = '/';
2665 strcpy(pathname + dirlen + 1, arg->name);
2667 dbg(" Trying \"%s\"", pathname);
2668 if (access(pathname, F_OK) == 0) { /* We found it */
2669 pathname = xmalloc(dirlen + 1 + arg->namelen + 1);
2670 strcpy(pathname, arg->buffer);
2678 search_library_path(const char *name, const char *path)
2681 struct try_library_args arg;
2687 arg.namelen = strlen(name);
2688 arg.buffer = xmalloc(PATH_MAX);
2689 arg.buflen = PATH_MAX;
2691 p = path_enumerate(path, try_library_path, &arg);
2699 dlclose(void *handle)
2702 RtldLockState lockstate;
2704 wlock_acquire(rtld_bind_lock, &lockstate);
2705 root = dlcheck(handle);
2707 lock_release(rtld_bind_lock, &lockstate);
2710 LD_UTRACE(UTRACE_DLCLOSE_START, handle, NULL, 0, root->dl_refcount,
2713 /* Unreference the object and its dependencies. */
2714 root->dl_refcount--;
2716 if (root->refcount == 1) {
2718 * The object will be no longer referenced, so we must unload it.
2719 * First, call the fini functions.
2721 objlist_call_fini(&list_fini, root, &lockstate);
2725 /* Finish cleaning up the newly-unreferenced objects. */
2726 GDB_STATE(RT_DELETE,&root->linkmap);
2727 unload_object(root);
2728 GDB_STATE(RT_CONSISTENT,NULL);
2732 LD_UTRACE(UTRACE_DLCLOSE_STOP, handle, NULL, 0, 0, NULL);
2733 lock_release(rtld_bind_lock, &lockstate);
2740 char *msg = error_message;
2741 error_message = NULL;
2746 * This function is deprecated and has no effect.
2749 dllockinit(void *context,
2750 void *(*lock_create)(void *context),
2751 void (*rlock_acquire)(void *lock),
2752 void (*wlock_acquire)(void *lock),
2753 void (*lock_release)(void *lock),
2754 void (*lock_destroy)(void *lock),
2755 void (*context_destroy)(void *context))
2757 static void *cur_context;
2758 static void (*cur_context_destroy)(void *);
2760 /* Just destroy the context from the previous call, if necessary. */
2761 if (cur_context_destroy != NULL)
2762 cur_context_destroy(cur_context);
2763 cur_context = context;
2764 cur_context_destroy = context_destroy;
2768 dlopen(const char *name, int mode)
2771 return (rtld_dlopen(name, -1, mode));
2775 fdlopen(int fd, int mode)
2778 return (rtld_dlopen(NULL, fd, mode));
2782 rtld_dlopen(const char *name, int fd, int mode)
2784 RtldLockState lockstate;
2787 LD_UTRACE(UTRACE_DLOPEN_START, NULL, NULL, 0, mode, name);
2788 ld_tracing = (mode & RTLD_TRACE) == 0 ? NULL : "1";
2789 if (ld_tracing != NULL) {
2790 rlock_acquire(rtld_bind_lock, &lockstate);
2791 if (sigsetjmp(lockstate.env, 0) != 0)
2792 lock_upgrade(rtld_bind_lock, &lockstate);
2793 environ = (char **)*get_program_var_addr("environ", &lockstate);
2794 lock_release(rtld_bind_lock, &lockstate);
2796 lo_flags = RTLD_LO_DLOPEN;
2797 if (mode & RTLD_NODELETE)
2798 lo_flags |= RTLD_LO_NODELETE;
2799 if (mode & RTLD_NOLOAD)
2800 lo_flags |= RTLD_LO_NOLOAD;
2801 if (ld_tracing != NULL)
2802 lo_flags |= RTLD_LO_TRACE;
2804 return (dlopen_object(name, fd, obj_main, lo_flags,
2805 mode & (RTLD_MODEMASK | RTLD_GLOBAL), NULL));
2809 dlopen_cleanup(Obj_Entry *obj)
2814 if (obj->refcount == 0)
2819 dlopen_object(const char *name, int fd, Obj_Entry *refobj, int lo_flags,
2820 int mode, RtldLockState *lockstate)
2822 Obj_Entry **old_obj_tail;
2825 RtldLockState mlockstate;
2828 objlist_init(&initlist);
2830 if (lockstate == NULL && !(lo_flags & RTLD_LO_EARLY)) {
2831 wlock_acquire(rtld_bind_lock, &mlockstate);
2832 lockstate = &mlockstate;
2834 GDB_STATE(RT_ADD,NULL);
2836 old_obj_tail = obj_tail;
2838 if (name == NULL && fd == -1) {
2842 obj = load_object(name, fd, refobj, lo_flags);
2847 if (mode & RTLD_GLOBAL && objlist_find(&list_global, obj) == NULL)
2848 objlist_push_tail(&list_global, obj);
2849 if (*old_obj_tail != NULL) { /* We loaded something new. */
2850 assert(*old_obj_tail == obj);
2851 result = load_needed_objects(obj,
2852 lo_flags & (RTLD_LO_DLOPEN | RTLD_LO_EARLY));
2856 result = rtld_verify_versions(&obj->dagmembers);
2857 if (result != -1 && ld_tracing)
2859 if (result == -1 || relocate_object_dag(obj,
2860 (mode & RTLD_MODEMASK) == RTLD_NOW, &obj_rtld,
2861 (lo_flags & RTLD_LO_EARLY) ? SYMLOOK_EARLY : 0,
2863 dlopen_cleanup(obj);
2865 } else if (lo_flags & RTLD_LO_EARLY) {
2867 * Do not call the init functions for early loaded
2868 * filtees. The image is still not initialized enough
2871 * Our object is found by the global object list and
2872 * will be ordered among all init calls done right
2873 * before transferring control to main.
2876 /* Make list of init functions to call. */
2877 initlist_add_objects(obj, &obj->next, &initlist);
2880 * Process all no_delete objects here, given them own
2881 * DAGs to prevent their dependencies from being unloaded.
2882 * This has to be done after we have loaded all of the
2883 * dependencies, so that we do not miss any.
2886 process_nodelete(obj);
2889 * Bump the reference counts for objects on this DAG. If
2890 * this is the first dlopen() call for the object that was
2891 * already loaded as a dependency, initialize the dag
2897 if ((lo_flags & RTLD_LO_TRACE) != 0)
2900 if (obj != NULL && ((lo_flags & RTLD_LO_NODELETE) != 0 ||
2901 obj->z_nodelete) && !obj->ref_nodel) {
2902 dbg("obj %s nodelete", obj->path);
2904 obj->z_nodelete = obj->ref_nodel = true;
2908 LD_UTRACE(UTRACE_DLOPEN_STOP, obj, NULL, 0, obj ? obj->dl_refcount : 0,
2910 GDB_STATE(RT_CONSISTENT,obj ? &obj->linkmap : NULL);
2912 if (!(lo_flags & RTLD_LO_EARLY)) {
2913 map_stacks_exec(lockstate);
2916 if (initlist_objects_ifunc(&initlist, (mode & RTLD_MODEMASK) == RTLD_NOW,
2917 (lo_flags & RTLD_LO_EARLY) ? SYMLOOK_EARLY : 0,
2919 objlist_clear(&initlist);
2920 dlopen_cleanup(obj);
2921 if (lockstate == &mlockstate)
2922 lock_release(rtld_bind_lock, lockstate);
2926 if (!(lo_flags & RTLD_LO_EARLY)) {
2927 /* Call the init functions. */
2928 objlist_call_init(&initlist, lockstate);
2930 objlist_clear(&initlist);
2931 if (lockstate == &mlockstate)
2932 lock_release(rtld_bind_lock, lockstate);
2935 trace_loaded_objects(obj);
2936 if (lockstate == &mlockstate)
2937 lock_release(rtld_bind_lock, lockstate);
2942 do_dlsym(void *handle, const char *name, void *retaddr, const Ver_Entry *ve,
2946 const Obj_Entry *obj, *defobj;
2949 RtldLockState lockstate;
2957 symlook_init(&req, name);
2959 req.flags = flags | SYMLOOK_IN_PLT;
2960 req.lockstate = &lockstate;
2962 rlock_acquire(rtld_bind_lock, &lockstate);
2963 if (sigsetjmp(lockstate.env, 0) != 0)
2964 lock_upgrade(rtld_bind_lock, &lockstate);
2965 if (handle == NULL || handle == RTLD_NEXT ||
2966 handle == RTLD_DEFAULT || handle == RTLD_SELF) {
2968 if ((obj = obj_from_addr(retaddr)) == NULL) {
2969 _rtld_error("Cannot determine caller's shared object");
2970 lock_release(rtld_bind_lock, &lockstate);
2973 if (handle == NULL) { /* Just the caller's shared object. */
2974 res = symlook_obj(&req, obj);
2977 defobj = req.defobj_out;
2979 } else if (handle == RTLD_NEXT || /* Objects after caller's */
2980 handle == RTLD_SELF) { /* ... caller included */
2981 if (handle == RTLD_NEXT)
2983 for (; obj != NULL; obj = obj->next) {
2984 res = symlook_obj(&req, obj);
2987 ELF_ST_BIND(req.sym_out->st_info) != STB_WEAK) {
2989 defobj = req.defobj_out;
2990 if (ELF_ST_BIND(def->st_info) != STB_WEAK)
2996 * Search the dynamic linker itself, and possibly resolve the
2997 * symbol from there. This is how the application links to
2998 * dynamic linker services such as dlopen.
3000 if (def == NULL || ELF_ST_BIND(def->st_info) == STB_WEAK) {
3001 res = symlook_obj(&req, &obj_rtld);
3004 defobj = req.defobj_out;
3008 assert(handle == RTLD_DEFAULT);
3009 res = symlook_default(&req, obj);
3011 defobj = req.defobj_out;
3016 if ((obj = dlcheck(handle)) == NULL) {
3017 lock_release(rtld_bind_lock, &lockstate);
3021 donelist_init(&donelist);
3022 if (obj->mainprog) {
3023 /* Handle obtained by dlopen(NULL, ...) implies global scope. */
3024 res = symlook_global(&req, &donelist);
3027 defobj = req.defobj_out;
3030 * Search the dynamic linker itself, and possibly resolve the
3031 * symbol from there. This is how the application links to
3032 * dynamic linker services such as dlopen.
3034 if (def == NULL || ELF_ST_BIND(def->st_info) == STB_WEAK) {
3035 res = symlook_obj(&req, &obj_rtld);
3038 defobj = req.defobj_out;
3043 /* Search the whole DAG rooted at the given object. */
3044 res = symlook_list(&req, &obj->dagmembers, &donelist);
3047 defobj = req.defobj_out;
3053 lock_release(rtld_bind_lock, &lockstate);
3056 * The value required by the caller is derived from the value
3057 * of the symbol. For the ia64 architecture, we need to
3058 * construct a function descriptor which the caller can use to
3059 * call the function with the right 'gp' value. For other
3060 * architectures and for non-functions, the value is simply
3061 * the relocated value of the symbol.
3063 if (ELF_ST_TYPE(def->st_info) == STT_FUNC)
3064 return (make_function_pointer(def, defobj));
3065 else if (ELF_ST_TYPE(def->st_info) == STT_GNU_IFUNC)
3066 return (rtld_resolve_ifunc(defobj, def));
3067 else if (ELF_ST_TYPE(def->st_info) == STT_TLS) {
3069 return (__tls_get_addr(defobj->tlsindex, def->st_value));
3071 ti.ti_module = defobj->tlsindex;
3072 ti.ti_offset = def->st_value;
3073 return (__tls_get_addr(&ti));
3076 return (defobj->relocbase + def->st_value);
3079 _rtld_error("Undefined symbol \"%s\"", name);
3080 lock_release(rtld_bind_lock, &lockstate);
3085 dlsym(void *handle, const char *name)
3087 return do_dlsym(handle, name, __builtin_return_address(0), NULL,
3092 dlfunc(void *handle, const char *name)
3099 rv.d = do_dlsym(handle, name, __builtin_return_address(0), NULL,
3105 dlvsym(void *handle, const char *name, const char *version)
3109 ventry.name = version;
3111 ventry.hash = elf_hash(version);
3113 return do_dlsym(handle, name, __builtin_return_address(0), &ventry,
3118 _rtld_addr_phdr(const void *addr, struct dl_phdr_info *phdr_info)
3120 const Obj_Entry *obj;
3121 RtldLockState lockstate;
3123 rlock_acquire(rtld_bind_lock, &lockstate);
3124 obj = obj_from_addr(addr);
3126 _rtld_error("No shared object contains address");
3127 lock_release(rtld_bind_lock, &lockstate);
3130 rtld_fill_dl_phdr_info(obj, phdr_info);
3131 lock_release(rtld_bind_lock, &lockstate);
3136 dladdr(const void *addr, Dl_info *info)
3138 const Obj_Entry *obj;
3141 unsigned long symoffset;
3142 RtldLockState lockstate;
3144 rlock_acquire(rtld_bind_lock, &lockstate);
3145 obj = obj_from_addr(addr);
3147 _rtld_error("No shared object contains address");
3148 lock_release(rtld_bind_lock, &lockstate);
3151 info->dli_fname = obj->path;
3152 info->dli_fbase = obj->mapbase;
3153 info->dli_saddr = (void *)0;
3154 info->dli_sname = NULL;
3157 * Walk the symbol list looking for the symbol whose address is
3158 * closest to the address sent in.
3160 for (symoffset = 0; symoffset < obj->dynsymcount; symoffset++) {
3161 def = obj->symtab + symoffset;
3164 * For skip the symbol if st_shndx is either SHN_UNDEF or
3167 if (def->st_shndx == SHN_UNDEF || def->st_shndx == SHN_COMMON)
3171 * If the symbol is greater than the specified address, or if it
3172 * is further away from addr than the current nearest symbol,
3175 symbol_addr = obj->relocbase + def->st_value;
3176 if (symbol_addr > addr || symbol_addr < info->dli_saddr)
3179 /* Update our idea of the nearest symbol. */
3180 info->dli_sname = obj->strtab + def->st_name;
3181 info->dli_saddr = symbol_addr;
3184 if (info->dli_saddr == addr)
3187 lock_release(rtld_bind_lock, &lockstate);
3192 dlinfo(void *handle, int request, void *p)
3194 const Obj_Entry *obj;
3195 RtldLockState lockstate;
3198 rlock_acquire(rtld_bind_lock, &lockstate);
3200 if (handle == NULL || handle == RTLD_SELF) {
3203 retaddr = __builtin_return_address(0); /* __GNUC__ only */
3204 if ((obj = obj_from_addr(retaddr)) == NULL)
3205 _rtld_error("Cannot determine caller's shared object");
3207 obj = dlcheck(handle);
3210 lock_release(rtld_bind_lock, &lockstate);
3216 case RTLD_DI_LINKMAP:
3217 *((struct link_map const **)p) = &obj->linkmap;
3219 case RTLD_DI_ORIGIN:
3220 error = rtld_dirname(obj->path, p);
3223 case RTLD_DI_SERINFOSIZE:
3224 case RTLD_DI_SERINFO:
3225 error = do_search_info(obj, request, (struct dl_serinfo *)p);
3229 _rtld_error("Invalid request %d passed to dlinfo()", request);
3233 lock_release(rtld_bind_lock, &lockstate);
3239 rtld_fill_dl_phdr_info(const Obj_Entry *obj, struct dl_phdr_info *phdr_info)
3242 phdr_info->dlpi_addr = (Elf_Addr)obj->relocbase;
3243 phdr_info->dlpi_name = STAILQ_FIRST(&obj->names) ?
3244 STAILQ_FIRST(&obj->names)->name : obj->path;
3245 phdr_info->dlpi_phdr = obj->phdr;
3246 phdr_info->dlpi_phnum = obj->phsize / sizeof(obj->phdr[0]);
3247 phdr_info->dlpi_tls_modid = obj->tlsindex;
3248 phdr_info->dlpi_tls_data = obj->tlsinit;
3249 phdr_info->dlpi_adds = obj_loads;
3250 phdr_info->dlpi_subs = obj_loads - obj_count;
3254 dl_iterate_phdr(__dl_iterate_hdr_callback callback, void *param)
3256 struct dl_phdr_info phdr_info;
3257 const Obj_Entry *obj;
3258 RtldLockState bind_lockstate, phdr_lockstate;
3261 wlock_acquire(rtld_phdr_lock, &phdr_lockstate);
3262 rlock_acquire(rtld_bind_lock, &bind_lockstate);
3266 for (obj = obj_list; obj != NULL; obj = obj->next) {
3267 rtld_fill_dl_phdr_info(obj, &phdr_info);
3268 if ((error = callback(&phdr_info, sizeof phdr_info, param)) != 0)
3272 lock_release(rtld_bind_lock, &bind_lockstate);
3273 lock_release(rtld_phdr_lock, &phdr_lockstate);
3279 fill_search_info(const char *dir, size_t dirlen, void *param)
3281 struct fill_search_info_args *arg;
3285 if (arg->request == RTLD_DI_SERINFOSIZE) {
3286 arg->serinfo->dls_cnt ++;
3287 arg->serinfo->dls_size += sizeof(struct dl_serpath) + dirlen + 1;
3289 struct dl_serpath *s_entry;
3291 s_entry = arg->serpath;
3292 s_entry->dls_name = arg->strspace;
3293 s_entry->dls_flags = arg->flags;
3295 strncpy(arg->strspace, dir, dirlen);
3296 arg->strspace[dirlen] = '\0';
3298 arg->strspace += dirlen + 1;
3306 do_search_info(const Obj_Entry *obj, int request, struct dl_serinfo *info)
3308 struct dl_serinfo _info;
3309 struct fill_search_info_args args;
3311 args.request = RTLD_DI_SERINFOSIZE;
3312 args.serinfo = &_info;
3314 _info.dls_size = __offsetof(struct dl_serinfo, dls_serpath);
3317 path_enumerate(obj->rpath, fill_search_info, &args);
3318 path_enumerate(ld_library_path, fill_search_info, &args);
3319 path_enumerate(obj->runpath, fill_search_info, &args);
3320 path_enumerate(gethints(obj->z_nodeflib), fill_search_info, &args);
3321 if (!obj->z_nodeflib)
3322 path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &args);
3325 if (request == RTLD_DI_SERINFOSIZE) {
3326 info->dls_size = _info.dls_size;
3327 info->dls_cnt = _info.dls_cnt;
3331 if (info->dls_cnt != _info.dls_cnt || info->dls_size != _info.dls_size) {
3332 _rtld_error("Uninitialized Dl_serinfo struct passed to dlinfo()");
3336 args.request = RTLD_DI_SERINFO;
3337 args.serinfo = info;
3338 args.serpath = &info->dls_serpath[0];
3339 args.strspace = (char *)&info->dls_serpath[_info.dls_cnt];
3341 args.flags = LA_SER_RUNPATH;
3342 if (path_enumerate(obj->rpath, fill_search_info, &args) != NULL)
3345 args.flags = LA_SER_LIBPATH;
3346 if (path_enumerate(ld_library_path, fill_search_info, &args) != NULL)
3349 args.flags = LA_SER_RUNPATH;
3350 if (path_enumerate(obj->runpath, fill_search_info, &args) != NULL)
3353 args.flags = LA_SER_CONFIG;
3354 if (path_enumerate(gethints(obj->z_nodeflib), fill_search_info, &args)
3358 args.flags = LA_SER_DEFAULT;
3359 if (!obj->z_nodeflib &&
3360 path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &args) != NULL)
3366 rtld_dirname(const char *path, char *bname)
3370 /* Empty or NULL string gets treated as "." */
3371 if (path == NULL || *path == '\0') {
3377 /* Strip trailing slashes */
3378 endp = path + strlen(path) - 1;
3379 while (endp > path && *endp == '/')
3382 /* Find the start of the dir */
3383 while (endp > path && *endp != '/')
3386 /* Either the dir is "/" or there are no slashes */
3388 bname[0] = *endp == '/' ? '/' : '.';
3394 } while (endp > path && *endp == '/');
3397 if (endp - path + 2 > PATH_MAX)
3399 _rtld_error("Filename is too long: %s", path);
3403 strncpy(bname, path, endp - path + 1);
3404 bname[endp - path + 1] = '\0';
3409 rtld_dirname_abs(const char *path, char *base)
3411 char base_rel[PATH_MAX];
3413 if (rtld_dirname(path, base) == -1)
3417 if (getcwd(base_rel, sizeof(base_rel)) == NULL ||
3418 strlcat(base_rel, "/", sizeof(base_rel)) >= sizeof(base_rel) ||
3419 strlcat(base_rel, base, sizeof(base_rel)) >= sizeof(base_rel))
3421 strcpy(base, base_rel);
3426 linkmap_add(Obj_Entry *obj)
3428 struct link_map *l = &obj->linkmap;
3429 struct link_map *prev;
3431 obj->linkmap.l_name = obj->path;
3432 obj->linkmap.l_addr = obj->mapbase;
3433 obj->linkmap.l_ld = obj->dynamic;
3435 /* GDB needs load offset on MIPS to use the symbols */
3436 obj->linkmap.l_offs = obj->relocbase;
3439 if (r_debug.r_map == NULL) {
3445 * Scan to the end of the list, but not past the entry for the
3446 * dynamic linker, which we want to keep at the very end.
3448 for (prev = r_debug.r_map;
3449 prev->l_next != NULL && prev->l_next != &obj_rtld.linkmap;
3450 prev = prev->l_next)
3453 /* Link in the new entry. */
3455 l->l_next = prev->l_next;
3456 if (l->l_next != NULL)
3457 l->l_next->l_prev = l;
3462 linkmap_delete(Obj_Entry *obj)
3464 struct link_map *l = &obj->linkmap;
3466 if (l->l_prev == NULL) {
3467 if ((r_debug.r_map = l->l_next) != NULL)
3468 l->l_next->l_prev = NULL;
3472 if ((l->l_prev->l_next = l->l_next) != NULL)
3473 l->l_next->l_prev = l->l_prev;
3477 * Function for the debugger to set a breakpoint on to gain control.
3479 * The two parameters allow the debugger to easily find and determine
3480 * what the runtime loader is doing and to whom it is doing it.
3482 * When the loadhook trap is hit (r_debug_state, set at program
3483 * initialization), the arguments can be found on the stack:
3485 * +8 struct link_map *m
3486 * +4 struct r_debug *rd
3490 r_debug_state(struct r_debug* rd, struct link_map *m)
3493 * The following is a hack to force the compiler to emit calls to
3494 * this function, even when optimizing. If the function is empty,
3495 * the compiler is not obliged to emit any code for calls to it,
3496 * even when marked __noinline. However, gdb depends on those
3499 __asm __volatile("" : : : "memory");
3503 * Get address of the pointer variable in the main program.
3504 * Prefer non-weak symbol over the weak one.
3506 static const void **
3507 get_program_var_addr(const char *name, RtldLockState *lockstate)
3512 symlook_init(&req, name);
3513 req.lockstate = lockstate;
3514 donelist_init(&donelist);
3515 if (symlook_global(&req, &donelist) != 0)
3517 if (ELF_ST_TYPE(req.sym_out->st_info) == STT_FUNC)
3518 return ((const void **)make_function_pointer(req.sym_out,
3520 else if (ELF_ST_TYPE(req.sym_out->st_info) == STT_GNU_IFUNC)
3521 return ((const void **)rtld_resolve_ifunc(req.defobj_out, req.sym_out));
3523 return ((const void **)(req.defobj_out->relocbase +
3524 req.sym_out->st_value));
3528 * Set a pointer variable in the main program to the given value. This
3529 * is used to set key variables such as "environ" before any of the
3530 * init functions are called.
3533 set_program_var(const char *name, const void *value)
3537 if ((addr = get_program_var_addr(name, NULL)) != NULL) {
3538 dbg("\"%s\": *%p <-- %p", name, addr, value);
3544 * Search the global objects, including dependencies and main object,
3545 * for the given symbol.
3548 symlook_global(SymLook *req, DoneList *donelist)
3551 const Objlist_Entry *elm;
3554 symlook_init_from_req(&req1, req);
3556 /* Search all objects loaded at program start up. */
3557 if (req->defobj_out == NULL ||
3558 ELF_ST_BIND(req->sym_out->st_info) == STB_WEAK) {
3559 res = symlook_list(&req1, &list_main, donelist);
3560 if (res == 0 && (req->defobj_out == NULL ||
3561 ELF_ST_BIND(req1.sym_out->st_info) != STB_WEAK)) {
3562 req->sym_out = req1.sym_out;
3563 req->defobj_out = req1.defobj_out;
3564 assert(req->defobj_out != NULL);
3568 /* Search all DAGs whose roots are RTLD_GLOBAL objects. */
3569 STAILQ_FOREACH(elm, &list_global, link) {
3570 if (req->defobj_out != NULL &&
3571 ELF_ST_BIND(req->sym_out->st_info) != STB_WEAK)
3573 res = symlook_list(&req1, &elm->obj->dagmembers, donelist);
3574 if (res == 0 && (req->defobj_out == NULL ||
3575 ELF_ST_BIND(req1.sym_out->st_info) != STB_WEAK)) {
3576 req->sym_out = req1.sym_out;
3577 req->defobj_out = req1.defobj_out;
3578 assert(req->defobj_out != NULL);
3582 return (req->sym_out != NULL ? 0 : ESRCH);
3586 * Given a symbol name in a referencing object, find the corresponding
3587 * definition of the symbol. Returns a pointer to the symbol, or NULL if
3588 * no definition was found. Returns a pointer to the Obj_Entry of the
3589 * defining object via the reference parameter DEFOBJ_OUT.
3592 symlook_default(SymLook *req, const Obj_Entry *refobj)
3595 const Objlist_Entry *elm;
3599 donelist_init(&donelist);
3600 symlook_init_from_req(&req1, req);
3602 /* Look first in the referencing object if linked symbolically. */
3603 if (refobj->symbolic && !donelist_check(&donelist, refobj)) {
3604 res = symlook_obj(&req1, refobj);
3606 req->sym_out = req1.sym_out;
3607 req->defobj_out = req1.defobj_out;
3608 assert(req->defobj_out != NULL);
3612 symlook_global(req, &donelist);
3614 /* Search all dlopened DAGs containing the referencing object. */
3615 STAILQ_FOREACH(elm, &refobj->dldags, link) {
3616 if (req->sym_out != NULL &&
3617 ELF_ST_BIND(req->sym_out->st_info) != STB_WEAK)
3619 res = symlook_list(&req1, &elm->obj->dagmembers, &donelist);
3620 if (res == 0 && (req->sym_out == NULL ||
3621 ELF_ST_BIND(req1.sym_out->st_info) != STB_WEAK)) {
3622 req->sym_out = req1.sym_out;
3623 req->defobj_out = req1.defobj_out;
3624 assert(req->defobj_out != NULL);
3629 * Search the dynamic linker itself, and possibly resolve the
3630 * symbol from there. This is how the application links to
3631 * dynamic linker services such as dlopen.
3633 if (req->sym_out == NULL ||
3634 ELF_ST_BIND(req->sym_out->st_info) == STB_WEAK) {
3635 res = symlook_obj(&req1, &obj_rtld);
3637 req->sym_out = req1.sym_out;
3638 req->defobj_out = req1.defobj_out;
3639 assert(req->defobj_out != NULL);
3643 return (req->sym_out != NULL ? 0 : ESRCH);
3647 symlook_list(SymLook *req, const Objlist *objlist, DoneList *dlp)
3650 const Obj_Entry *defobj;
3651 const Objlist_Entry *elm;
3657 STAILQ_FOREACH(elm, objlist, link) {
3658 if (donelist_check(dlp, elm->obj))
3660 symlook_init_from_req(&req1, req);
3661 if ((res = symlook_obj(&req1, elm->obj)) == 0) {
3662 if (def == NULL || ELF_ST_BIND(req1.sym_out->st_info) != STB_WEAK) {
3664 defobj = req1.defobj_out;
3665 if (ELF_ST_BIND(def->st_info) != STB_WEAK)
3672 req->defobj_out = defobj;
3679 * Search the chain of DAGS cointed to by the given Needed_Entry
3680 * for a symbol of the given name. Each DAG is scanned completely
3681 * before advancing to the next one. Returns a pointer to the symbol,
3682 * or NULL if no definition was found.
3685 symlook_needed(SymLook *req, const Needed_Entry *needed, DoneList *dlp)
3688 const Needed_Entry *n;
3689 const Obj_Entry *defobj;
3695 symlook_init_from_req(&req1, req);
3696 for (n = needed; n != NULL; n = n->next) {
3697 if (n->obj == NULL ||
3698 (res = symlook_list(&req1, &n->obj->dagmembers, dlp)) != 0)
3700 if (def == NULL || ELF_ST_BIND(req1.sym_out->st_info) != STB_WEAK) {
3702 defobj = req1.defobj_out;
3703 if (ELF_ST_BIND(def->st_info) != STB_WEAK)
3709 req->defobj_out = defobj;
3716 * Search the symbol table of a single shared object for a symbol of
3717 * the given name and version, if requested. Returns a pointer to the
3718 * symbol, or NULL if no definition was found. If the object is
3719 * filter, return filtered symbol from filtee.
3721 * The symbol's hash value is passed in for efficiency reasons; that
3722 * eliminates many recomputations of the hash value.
3725 symlook_obj(SymLook *req, const Obj_Entry *obj)
3729 int flags, res, mres;
3732 * If there is at least one valid hash at this point, we prefer to
3733 * use the faster GNU version if available.
3735 if (obj->valid_hash_gnu)
3736 mres = symlook_obj1_gnu(req, obj);
3737 else if (obj->valid_hash_sysv)
3738 mres = symlook_obj1_sysv(req, obj);
3743 if (obj->needed_filtees != NULL) {
3744 flags = (req->flags & SYMLOOK_EARLY) ? RTLD_LO_EARLY : 0;
3745 load_filtees(__DECONST(Obj_Entry *, obj), flags, req->lockstate);
3746 donelist_init(&donelist);
3747 symlook_init_from_req(&req1, req);
3748 res = symlook_needed(&req1, obj->needed_filtees, &donelist);
3750 req->sym_out = req1.sym_out;
3751 req->defobj_out = req1.defobj_out;
3755 if (obj->needed_aux_filtees != NULL) {
3756 flags = (req->flags & SYMLOOK_EARLY) ? RTLD_LO_EARLY : 0;
3757 load_filtees(__DECONST(Obj_Entry *, obj), flags, req->lockstate);
3758 donelist_init(&donelist);
3759 symlook_init_from_req(&req1, req);
3760 res = symlook_needed(&req1, obj->needed_aux_filtees, &donelist);
3762 req->sym_out = req1.sym_out;
3763 req->defobj_out = req1.defobj_out;
3771 /* Symbol match routine common to both hash functions */
3773 matched_symbol(SymLook *req, const Obj_Entry *obj, Sym_Match_Result *result,
3774 const unsigned long symnum)
3777 const Elf_Sym *symp;
3780 symp = obj->symtab + symnum;
3781 strp = obj->strtab + symp->st_name;
3783 switch (ELF_ST_TYPE(symp->st_info)) {
3789 if (symp->st_value == 0)
3793 if (symp->st_shndx != SHN_UNDEF)
3796 else if (((req->flags & SYMLOOK_IN_PLT) == 0) &&
3797 (ELF_ST_TYPE(symp->st_info) == STT_FUNC))
3804 if (req->name[0] != strp[0] || strcmp(req->name, strp) != 0)
3807 if (req->ventry == NULL) {
3808 if (obj->versyms != NULL) {
3809 verndx = VER_NDX(obj->versyms[symnum]);
3810 if (verndx > obj->vernum) {
3812 "%s: symbol %s references wrong version %d",
3813 obj->path, obj->strtab + symnum, verndx);
3817 * If we are not called from dlsym (i.e. this
3818 * is a normal relocation from unversioned
3819 * binary), accept the symbol immediately if
3820 * it happens to have first version after this
3821 * shared object became versioned. Otherwise,
3822 * if symbol is versioned and not hidden,
3823 * remember it. If it is the only symbol with
3824 * this name exported by the shared object, it
3825 * will be returned as a match by the calling
3826 * function. If symbol is global (verndx < 2)
3827 * accept it unconditionally.
3829 if ((req->flags & SYMLOOK_DLSYM) == 0 &&
3830 verndx == VER_NDX_GIVEN) {
3831 result->sym_out = symp;
3834 else if (verndx >= VER_NDX_GIVEN) {
3835 if ((obj->versyms[symnum] & VER_NDX_HIDDEN)
3837 if (result->vsymp == NULL)
3838 result->vsymp = symp;
3844 result->sym_out = symp;
3847 if (obj->versyms == NULL) {
3848 if (object_match_name(obj, req->ventry->name)) {
3849 _rtld_error("%s: object %s should provide version %s "
3850 "for symbol %s", obj_rtld.path, obj->path,
3851 req->ventry->name, obj->strtab + symnum);
3855 verndx = VER_NDX(obj->versyms[symnum]);
3856 if (verndx > obj->vernum) {
3857 _rtld_error("%s: symbol %s references wrong version %d",
3858 obj->path, obj->strtab + symnum, verndx);
3861 if (obj->vertab[verndx].hash != req->ventry->hash ||
3862 strcmp(obj->vertab[verndx].name, req->ventry->name)) {
3864 * Version does not match. Look if this is a
3865 * global symbol and if it is not hidden. If
3866 * global symbol (verndx < 2) is available,
3867 * use it. Do not return symbol if we are
3868 * called by dlvsym, because dlvsym looks for
3869 * a specific version and default one is not
3870 * what dlvsym wants.
3872 if ((req->flags & SYMLOOK_DLSYM) ||
3873 (verndx >= VER_NDX_GIVEN) ||
3874 (obj->versyms[symnum] & VER_NDX_HIDDEN))
3878 result->sym_out = symp;
3883 * Search for symbol using SysV hash function.
3884 * obj->buckets is known not to be NULL at this point; the test for this was
3885 * performed with the obj->valid_hash_sysv assignment.
3888 symlook_obj1_sysv(SymLook *req, const Obj_Entry *obj)
3890 unsigned long symnum;
3891 Sym_Match_Result matchres;
3893 matchres.sym_out = NULL;
3894 matchres.vsymp = NULL;
3895 matchres.vcount = 0;
3897 for (symnum = obj->buckets[req->hash % obj->nbuckets];
3898 symnum != STN_UNDEF; symnum = obj->chains[symnum]) {
3899 if (symnum >= obj->nchains)
3900 return (ESRCH); /* Bad object */
3902 if (matched_symbol(req, obj, &matchres, symnum)) {
3903 req->sym_out = matchres.sym_out;
3904 req->defobj_out = obj;
3908 if (matchres.vcount == 1) {
3909 req->sym_out = matchres.vsymp;
3910 req->defobj_out = obj;
3916 /* Search for symbol using GNU hash function */
3918 symlook_obj1_gnu(SymLook *req, const Obj_Entry *obj)
3920 Elf_Addr bloom_word;
3921 const Elf32_Word *hashval;
3923 Sym_Match_Result matchres;
3924 unsigned int h1, h2;
3925 unsigned long symnum;
3927 matchres.sym_out = NULL;
3928 matchres.vsymp = NULL;
3929 matchres.vcount = 0;
3931 /* Pick right bitmask word from Bloom filter array */
3932 bloom_word = obj->bloom_gnu[(req->hash_gnu / __ELF_WORD_SIZE) &
3933 obj->maskwords_bm_gnu];
3935 /* Calculate modulus word size of gnu hash and its derivative */
3936 h1 = req->hash_gnu & (__ELF_WORD_SIZE - 1);
3937 h2 = ((req->hash_gnu >> obj->shift2_gnu) & (__ELF_WORD_SIZE - 1));
3939 /* Filter out the "definitely not in set" queries */
3940 if (((bloom_word >> h1) & (bloom_word >> h2) & 1) == 0)
3943 /* Locate hash chain and corresponding value element*/
3944 bucket = obj->buckets_gnu[req->hash_gnu % obj->nbuckets_gnu];
3947 hashval = &obj->chain_zero_gnu[bucket];
3949 if (((*hashval ^ req->hash_gnu) >> 1) == 0) {
3950 symnum = hashval - obj->chain_zero_gnu;
3951 if (matched_symbol(req, obj, &matchres, symnum)) {
3952 req->sym_out = matchres.sym_out;
3953 req->defobj_out = obj;
3957 } while ((*hashval++ & 1) == 0);
3958 if (matchres.vcount == 1) {
3959 req->sym_out = matchres.vsymp;
3960 req->defobj_out = obj;
3967 trace_loaded_objects(Obj_Entry *obj)
3969 char *fmt1, *fmt2, *fmt, *main_local, *list_containers;
3972 if ((main_local = getenv(LD_ "TRACE_LOADED_OBJECTS_PROGNAME")) == NULL)
3975 if ((fmt1 = getenv(LD_ "TRACE_LOADED_OBJECTS_FMT1")) == NULL)
3976 fmt1 = "\t%o => %p (%x)\n";
3978 if ((fmt2 = getenv(LD_ "TRACE_LOADED_OBJECTS_FMT2")) == NULL)
3979 fmt2 = "\t%o (%x)\n";
3981 list_containers = getenv(LD_ "TRACE_LOADED_OBJECTS_ALL");
3983 for (; obj; obj = obj->next) {
3984 Needed_Entry *needed;
3988 if (list_containers && obj->needed != NULL)
3989 rtld_printf("%s:\n", obj->path);
3990 for (needed = obj->needed; needed; needed = needed->next) {
3991 if (needed->obj != NULL) {
3992 if (needed->obj->traced && !list_containers)
3994 needed->obj->traced = true;
3995 path = needed->obj->path;
3999 name = (char *)obj->strtab + needed->name;
4000 is_lib = strncmp(name, "lib", 3) == 0; /* XXX - bogus */
4002 fmt = is_lib ? fmt1 : fmt2;
4003 while ((c = *fmt++) != '\0') {
4029 rtld_putstr(main_local);
4032 rtld_putstr(obj_main->path);
4039 rtld_printf("%d", sodp->sod_major);
4042 rtld_printf("%d", sodp->sod_minor);
4049 rtld_printf("%p", needed->obj ? needed->obj->mapbase :
4062 * Unload a dlopened object and its dependencies from memory and from
4063 * our data structures. It is assumed that the DAG rooted in the
4064 * object has already been unreferenced, and that the object has a
4065 * reference count of 0.
4068 unload_object(Obj_Entry *root)
4073 assert(root->refcount == 0);
4076 * Pass over the DAG removing unreferenced objects from
4077 * appropriate lists.
4079 unlink_object(root);
4081 /* Unmap all objects that are no longer referenced. */
4082 linkp = &obj_list->next;
4083 while ((obj = *linkp) != NULL) {
4084 if (obj->refcount == 0) {
4085 LD_UTRACE(UTRACE_UNLOAD_OBJECT, obj, obj->mapbase, obj->mapsize, 0,
4087 dbg("unloading \"%s\"", obj->path);
4088 unload_filtees(root);
4089 munmap(obj->mapbase, obj->mapsize);
4090 linkmap_delete(obj);
4101 unlink_object(Obj_Entry *root)
4105 if (root->refcount == 0) {
4106 /* Remove the object from the RTLD_GLOBAL list. */
4107 objlist_remove(&list_global, root);
4109 /* Remove the object from all objects' DAG lists. */
4110 STAILQ_FOREACH(elm, &root->dagmembers, link) {
4111 objlist_remove(&elm->obj->dldags, root);
4112 if (elm->obj != root)
4113 unlink_object(elm->obj);
4119 ref_dag(Obj_Entry *root)
4123 assert(root->dag_inited);
4124 STAILQ_FOREACH(elm, &root->dagmembers, link)
4125 elm->obj->refcount++;
4129 unref_dag(Obj_Entry *root)
4133 assert(root->dag_inited);
4134 STAILQ_FOREACH(elm, &root->dagmembers, link)
4135 elm->obj->refcount--;
4139 * Common code for MD __tls_get_addr().
4141 static void *tls_get_addr_slow(Elf_Addr **, int, size_t) __noinline;
4143 tls_get_addr_slow(Elf_Addr **dtvp, int index, size_t offset)
4145 Elf_Addr *newdtv, *dtv;
4146 RtldLockState lockstate;
4150 /* Check dtv generation in case new modules have arrived */
4151 if (dtv[0] != tls_dtv_generation) {
4152 wlock_acquire(rtld_bind_lock, &lockstate);
4153 newdtv = xcalloc(tls_max_index + 2, sizeof(Elf_Addr));
4155 if (to_copy > tls_max_index)
4156 to_copy = tls_max_index;
4157 memcpy(&newdtv[2], &dtv[2], to_copy * sizeof(Elf_Addr));
4158 newdtv[0] = tls_dtv_generation;
4159 newdtv[1] = tls_max_index;
4161 lock_release(rtld_bind_lock, &lockstate);
4162 dtv = *dtvp = newdtv;
4165 /* Dynamically allocate module TLS if necessary */
4166 if (dtv[index + 1] == 0) {
4167 /* Signal safe, wlock will block out signals. */
4168 wlock_acquire(rtld_bind_lock, &lockstate);
4169 if (!dtv[index + 1])
4170 dtv[index + 1] = (Elf_Addr)allocate_module_tls(index);
4171 lock_release(rtld_bind_lock, &lockstate);
4173 return ((void *)(dtv[index + 1] + offset));
4177 tls_get_addr_common(Elf_Addr **dtvp, int index, size_t offset)
4182 /* Check dtv generation in case new modules have arrived */
4183 if (__predict_true(dtv[0] == tls_dtv_generation &&
4184 dtv[index + 1] != 0))
4185 return ((void *)(dtv[index + 1] + offset));
4186 return (tls_get_addr_slow(dtvp, index, offset));
4189 #if defined(__arm__) || defined(__ia64__) || defined(__mips__) || defined(__powerpc__)
4192 * Allocate Static TLS using the Variant I method.
4195 allocate_tls(Obj_Entry *objs, void *oldtcb, size_t tcbsize, size_t tcbalign)
4204 if (oldtcb != NULL && tcbsize == TLS_TCB_SIZE)
4207 assert(tcbsize >= TLS_TCB_SIZE);
4208 tcb = xcalloc(1, tls_static_space - TLS_TCB_SIZE + tcbsize);
4209 tls = (Elf_Addr **)(tcb + tcbsize - TLS_TCB_SIZE);
4211 if (oldtcb != NULL) {
4212 memcpy(tls, oldtcb, tls_static_space);
4215 /* Adjust the DTV. */
4217 for (i = 0; i < dtv[1]; i++) {
4218 if (dtv[i+2] >= (Elf_Addr)oldtcb &&
4219 dtv[i+2] < (Elf_Addr)oldtcb + tls_static_space) {
4220 dtv[i+2] = dtv[i+2] - (Elf_Addr)oldtcb + (Elf_Addr)tls;
4224 dtv = xcalloc(tls_max_index + 2, sizeof(Elf_Addr));
4226 dtv[0] = tls_dtv_generation;
4227 dtv[1] = tls_max_index;
4229 for (obj = objs; obj; obj = obj->next) {
4230 if (obj->tlsoffset > 0) {
4231 addr = (Elf_Addr)tls + obj->tlsoffset;
4232 if (obj->tlsinitsize > 0)
4233 memcpy((void*) addr, obj->tlsinit, obj->tlsinitsize);
4234 if (obj->tlssize > obj->tlsinitsize)
4235 memset((void*) (addr + obj->tlsinitsize), 0,
4236 obj->tlssize - obj->tlsinitsize);
4237 dtv[obj->tlsindex + 1] = addr;
4246 free_tls(void *tcb, size_t tcbsize, size_t tcbalign)
4249 Elf_Addr tlsstart, tlsend;
4252 assert(tcbsize >= TLS_TCB_SIZE);
4254 tlsstart = (Elf_Addr)tcb + tcbsize - TLS_TCB_SIZE;
4255 tlsend = tlsstart + tls_static_space;
4257 dtv = *(Elf_Addr **)tlsstart;
4259 for (i = 0; i < dtvsize; i++) {
4260 if (dtv[i+2] && (dtv[i+2] < tlsstart || dtv[i+2] >= tlsend)) {
4261 free((void*)dtv[i+2]);
4270 #if defined(__i386__) || defined(__amd64__) || defined(__sparc64__)
4273 * Allocate Static TLS using the Variant II method.
4276 allocate_tls(Obj_Entry *objs, void *oldtls, size_t tcbsize, size_t tcbalign)
4281 Elf_Addr *dtv, *olddtv;
4282 Elf_Addr segbase, oldsegbase, addr;
4285 size = round(tls_static_space, tcbalign);
4287 assert(tcbsize >= 2*sizeof(Elf_Addr));
4288 tls = xcalloc(1, size + tcbsize);
4289 dtv = xcalloc(tls_max_index + 2, sizeof(Elf_Addr));
4291 segbase = (Elf_Addr)(tls + size);
4292 ((Elf_Addr*)segbase)[0] = segbase;
4293 ((Elf_Addr*)segbase)[1] = (Elf_Addr) dtv;
4295 dtv[0] = tls_dtv_generation;
4296 dtv[1] = tls_max_index;
4300 * Copy the static TLS block over whole.
4302 oldsegbase = (Elf_Addr) oldtls;
4303 memcpy((void *)(segbase - tls_static_space),
4304 (const void *)(oldsegbase - tls_static_space),
4308 * If any dynamic TLS blocks have been created tls_get_addr(),
4311 olddtv = ((Elf_Addr**)oldsegbase)[1];
4312 for (i = 0; i < olddtv[1]; i++) {
4313 if (olddtv[i+2] < oldsegbase - size || olddtv[i+2] > oldsegbase) {
4314 dtv[i+2] = olddtv[i+2];
4320 * We assume that this block was the one we created with
4321 * allocate_initial_tls().
4323 free_tls(oldtls, 2*sizeof(Elf_Addr), sizeof(Elf_Addr));
4325 for (obj = objs; obj; obj = obj->next) {
4326 if (obj->tlsoffset) {
4327 addr = segbase - obj->tlsoffset;
4328 memset((void*) (addr + obj->tlsinitsize),
4329 0, obj->tlssize - obj->tlsinitsize);
4331 memcpy((void*) addr, obj->tlsinit, obj->tlsinitsize);
4332 dtv[obj->tlsindex + 1] = addr;
4337 return (void*) segbase;
4341 free_tls(void *tls, size_t tcbsize, size_t tcbalign)
4346 Elf_Addr tlsstart, tlsend;
4349 * Figure out the size of the initial TLS block so that we can
4350 * find stuff which ___tls_get_addr() allocated dynamically.
4352 size = round(tls_static_space, tcbalign);
4354 dtv = ((Elf_Addr**)tls)[1];
4356 tlsend = (Elf_Addr) tls;
4357 tlsstart = tlsend - size;
4358 for (i = 0; i < dtvsize; i++) {
4359 if (dtv[i+2] && (dtv[i+2] < tlsstart || dtv[i+2] > tlsend)) {
4360 free((void*) dtv[i+2]);
4364 free((void*) tlsstart);
4371 * Allocate TLS block for module with given index.
4374 allocate_module_tls(int index)
4379 for (obj = obj_list; obj; obj = obj->next) {
4380 if (obj->tlsindex == index)
4384 _rtld_error("Can't find module with TLS index %d", index);
4388 p = malloc(obj->tlssize);
4390 _rtld_error("Cannot allocate TLS block for index %d", index);
4393 memcpy(p, obj->tlsinit, obj->tlsinitsize);
4394 memset(p + obj->tlsinitsize, 0, obj->tlssize - obj->tlsinitsize);
4400 allocate_tls_offset(Obj_Entry *obj)
4407 if (obj->tlssize == 0) {
4408 obj->tls_done = true;
4412 if (obj->tlsindex == 1)
4413 off = calculate_first_tls_offset(obj->tlssize, obj->tlsalign);
4415 off = calculate_tls_offset(tls_last_offset, tls_last_size,
4416 obj->tlssize, obj->tlsalign);
4419 * If we have already fixed the size of the static TLS block, we
4420 * must stay within that size. When allocating the static TLS, we
4421 * leave a small amount of space spare to be used for dynamically
4422 * loading modules which use static TLS.
4424 if (tls_static_space) {
4425 if (calculate_tls_end(off, obj->tlssize) > tls_static_space)
4429 tls_last_offset = obj->tlsoffset = off;
4430 tls_last_size = obj->tlssize;
4431 obj->tls_done = true;
4437 free_tls_offset(Obj_Entry *obj)
4441 * If we were the last thing to allocate out of the static TLS
4442 * block, we give our space back to the 'allocator'. This is a
4443 * simplistic workaround to allow libGL.so.1 to be loaded and
4444 * unloaded multiple times.
4446 if (calculate_tls_end(obj->tlsoffset, obj->tlssize)
4447 == calculate_tls_end(tls_last_offset, tls_last_size)) {
4448 tls_last_offset -= obj->tlssize;
4454 _rtld_allocate_tls(void *oldtls, size_t tcbsize, size_t tcbalign)
4457 RtldLockState lockstate;
4459 wlock_acquire(rtld_bind_lock, &lockstate);
4460 ret = allocate_tls(obj_list, oldtls, tcbsize, tcbalign);
4461 lock_release(rtld_bind_lock, &lockstate);
4466 _rtld_free_tls(void *tcb, size_t tcbsize, size_t tcbalign)
4468 RtldLockState lockstate;
4470 wlock_acquire(rtld_bind_lock, &lockstate);
4471 free_tls(tcb, tcbsize, tcbalign);
4472 lock_release(rtld_bind_lock, &lockstate);
4476 object_add_name(Obj_Entry *obj, const char *name)
4482 entry = malloc(sizeof(Name_Entry) + len);
4484 if (entry != NULL) {
4485 strcpy(entry->name, name);
4486 STAILQ_INSERT_TAIL(&obj->names, entry, link);
4491 object_match_name(const Obj_Entry *obj, const char *name)
4495 STAILQ_FOREACH(entry, &obj->names, link) {
4496 if (strcmp(name, entry->name) == 0)
4503 locate_dependency(const Obj_Entry *obj, const char *name)
4505 const Objlist_Entry *entry;
4506 const Needed_Entry *needed;
4508 STAILQ_FOREACH(entry, &list_main, link) {
4509 if (object_match_name(entry->obj, name))
4513 for (needed = obj->needed; needed != NULL; needed = needed->next) {
4514 if (strcmp(obj->strtab + needed->name, name) == 0 ||
4515 (needed->obj != NULL && object_match_name(needed->obj, name))) {
4517 * If there is DT_NEEDED for the name we are looking for,
4518 * we are all set. Note that object might not be found if
4519 * dependency was not loaded yet, so the function can
4520 * return NULL here. This is expected and handled
4521 * properly by the caller.
4523 return (needed->obj);
4526 _rtld_error("%s: Unexpected inconsistency: dependency %s not found",
4532 check_object_provided_version(Obj_Entry *refobj, const Obj_Entry *depobj,
4533 const Elf_Vernaux *vna)
4535 const Elf_Verdef *vd;
4536 const char *vername;
4538 vername = refobj->strtab + vna->vna_name;
4539 vd = depobj->verdef;
4541 _rtld_error("%s: version %s required by %s not defined",
4542 depobj->path, vername, refobj->path);
4546 if (vd->vd_version != VER_DEF_CURRENT) {
4547 _rtld_error("%s: Unsupported version %d of Elf_Verdef entry",
4548 depobj->path, vd->vd_version);
4551 if (vna->vna_hash == vd->vd_hash) {
4552 const Elf_Verdaux *aux = (const Elf_Verdaux *)
4553 ((char *)vd + vd->vd_aux);
4554 if (strcmp(vername, depobj->strtab + aux->vda_name) == 0)
4557 if (vd->vd_next == 0)
4559 vd = (const Elf_Verdef *) ((char *)vd + vd->vd_next);
4561 if (vna->vna_flags & VER_FLG_WEAK)
4563 _rtld_error("%s: version %s required by %s not found",
4564 depobj->path, vername, refobj->path);
4569 rtld_verify_object_versions(Obj_Entry *obj)
4571 const Elf_Verneed *vn;
4572 const Elf_Verdef *vd;
4573 const Elf_Verdaux *vda;
4574 const Elf_Vernaux *vna;
4575 const Obj_Entry *depobj;
4576 int maxvernum, vernum;
4578 if (obj->ver_checked)
4580 obj->ver_checked = true;
4584 * Walk over defined and required version records and figure out
4585 * max index used by any of them. Do very basic sanity checking
4589 while (vn != NULL) {
4590 if (vn->vn_version != VER_NEED_CURRENT) {
4591 _rtld_error("%s: Unsupported version %d of Elf_Verneed entry",
4592 obj->path, vn->vn_version);
4595 vna = (const Elf_Vernaux *) ((char *)vn + vn->vn_aux);
4597 vernum = VER_NEED_IDX(vna->vna_other);
4598 if (vernum > maxvernum)
4600 if (vna->vna_next == 0)
4602 vna = (const Elf_Vernaux *) ((char *)vna + vna->vna_next);
4604 if (vn->vn_next == 0)
4606 vn = (const Elf_Verneed *) ((char *)vn + vn->vn_next);
4610 while (vd != NULL) {
4611 if (vd->vd_version != VER_DEF_CURRENT) {
4612 _rtld_error("%s: Unsupported version %d of Elf_Verdef entry",
4613 obj->path, vd->vd_version);
4616 vernum = VER_DEF_IDX(vd->vd_ndx);
4617 if (vernum > maxvernum)
4619 if (vd->vd_next == 0)
4621 vd = (const Elf_Verdef *) ((char *)vd + vd->vd_next);
4628 * Store version information in array indexable by version index.
4629 * Verify that object version requirements are satisfied along the
4632 obj->vernum = maxvernum + 1;
4633 obj->vertab = xcalloc(obj->vernum, sizeof(Ver_Entry));
4636 while (vd != NULL) {
4637 if ((vd->vd_flags & VER_FLG_BASE) == 0) {
4638 vernum = VER_DEF_IDX(vd->vd_ndx);
4639 assert(vernum <= maxvernum);
4640 vda = (const Elf_Verdaux *)((char *)vd + vd->vd_aux);
4641 obj->vertab[vernum].hash = vd->vd_hash;
4642 obj->vertab[vernum].name = obj->strtab + vda->vda_name;
4643 obj->vertab[vernum].file = NULL;
4644 obj->vertab[vernum].flags = 0;
4646 if (vd->vd_next == 0)
4648 vd = (const Elf_Verdef *) ((char *)vd + vd->vd_next);
4652 while (vn != NULL) {
4653 depobj = locate_dependency(obj, obj->strtab + vn->vn_file);
4656 vna = (const Elf_Vernaux *) ((char *)vn + vn->vn_aux);
4658 if (check_object_provided_version(obj, depobj, vna))
4660 vernum = VER_NEED_IDX(vna->vna_other);
4661 assert(vernum <= maxvernum);
4662 obj->vertab[vernum].hash = vna->vna_hash;
4663 obj->vertab[vernum].name = obj->strtab + vna->vna_name;
4664 obj->vertab[vernum].file = obj->strtab + vn->vn_file;
4665 obj->vertab[vernum].flags = (vna->vna_other & VER_NEED_HIDDEN) ?
4666 VER_INFO_HIDDEN : 0;
4667 if (vna->vna_next == 0)
4669 vna = (const Elf_Vernaux *) ((char *)vna + vna->vna_next);
4671 if (vn->vn_next == 0)
4673 vn = (const Elf_Verneed *) ((char *)vn + vn->vn_next);
4679 rtld_verify_versions(const Objlist *objlist)
4681 Objlist_Entry *entry;
4685 STAILQ_FOREACH(entry, objlist, link) {
4687 * Skip dummy objects or objects that have their version requirements
4690 if (entry->obj->strtab == NULL || entry->obj->vertab != NULL)
4692 if (rtld_verify_object_versions(entry->obj) == -1) {
4694 if (ld_tracing == NULL)
4698 if (rc == 0 || ld_tracing != NULL)
4699 rc = rtld_verify_object_versions(&obj_rtld);
4704 fetch_ventry(const Obj_Entry *obj, unsigned long symnum)
4709 vernum = VER_NDX(obj->versyms[symnum]);
4710 if (vernum >= obj->vernum) {
4711 _rtld_error("%s: symbol %s has wrong verneed value %d",
4712 obj->path, obj->strtab + symnum, vernum);
4713 } else if (obj->vertab[vernum].hash != 0) {
4714 return &obj->vertab[vernum];
4721 _rtld_get_stack_prot(void)
4724 return (stack_prot);
4728 map_stacks_exec(RtldLockState *lockstate)
4730 void (*thr_map_stacks_exec)(void);
4732 if ((max_stack_flags & PF_X) == 0 || (stack_prot & PROT_EXEC) != 0)
4734 thr_map_stacks_exec = (void (*)(void))(uintptr_t)
4735 get_program_var_addr("__pthread_map_stacks_exec", lockstate);
4736 if (thr_map_stacks_exec != NULL) {
4737 stack_prot |= PROT_EXEC;
4738 thr_map_stacks_exec();
4743 symlook_init(SymLook *dst, const char *name)
4746 bzero(dst, sizeof(*dst));
4748 dst->hash = elf_hash(name);
4749 dst->hash_gnu = gnu_hash(name);
4753 symlook_init_from_req(SymLook *dst, const SymLook *src)
4756 dst->name = src->name;
4757 dst->hash = src->hash;
4758 dst->hash_gnu = src->hash_gnu;
4759 dst->ventry = src->ventry;
4760 dst->flags = src->flags;
4761 dst->defobj_out = NULL;
4762 dst->sym_out = NULL;
4763 dst->lockstate = src->lockstate;
4767 * Overrides for libc_pic-provided functions.
4771 __getosreldate(void)
4781 oid[1] = KERN_OSRELDATE;
4783 len = sizeof(osrel);
4784 error = sysctl(oid, 2, &osrel, &len, NULL, 0);
4785 if (error == 0 && osrel > 0 && len == sizeof(osrel))
4797 void (*__cleanup)(void);
4798 int __isthreaded = 0;
4799 int _thread_autoinit_dummy_decl = 1;
4802 * No unresolved symbols for rtld.
4805 __pthread_cxa_finalize(struct dl_phdr_info *a)
4810 __stack_chk_fail(void)
4813 _rtld_error("stack overflow detected; terminated");
4816 __weak_reference(__stack_chk_fail, __stack_chk_fail_local);
4822 _rtld_error("buffer overflow detected; terminated");
4827 rtld_strerror(int errnum)
4830 if (errnum < 0 || errnum >= sys_nerr)
4831 return ("Unknown error");
4832 return (sys_errlist[errnum]);
projects / FreeBSD / releng / 10.0.git / blob