1/* Map in a shared object's segments from the file.
2 Copyright (C) 1995-2017 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
18
19#include <elf.h>
20#include <errno.h>
21#include <fcntl.h>
22#include <libintl.h>
23#include <stdbool.h>
24#include <stdlib.h>
25#include <string.h>
26#include <unistd.h>
27#include <ldsodefs.h>
28#include <bits/wordsize.h>
29#include <sys/mman.h>
30#include <sys/param.h>
31#include <sys/stat.h>
32#include <sys/types.h>
33#include "dynamic-link.h"
34#include <abi-tag.h>
35#include <stackinfo.h>
36#include <caller.h>
37#include <sysdep.h>
38#include <stap-probe.h>
39#include <libc-internal.h>
40#include <array_length.h>
41
42#include <dl-dst.h>
43#include <dl-load.h>
44#include <dl-map-segments.h>
45#include <dl-unmap-segments.h>
46#include <dl-machine-reject-phdr.h>
47#include <dl-sysdep-open.h>
48
49
50#include <endian.h>
51#if BYTE_ORDER == BIG_ENDIAN
52# define byteorder ELFDATA2MSB
53#elif BYTE_ORDER == LITTLE_ENDIAN
54# define byteorder ELFDATA2LSB
55#else
56# error "Unknown BYTE_ORDER " BYTE_ORDER
57# define byteorder ELFDATANONE
58#endif
59
60#define STRING(x) __STRING (x)
61
62
63int __stack_prot attribute_hidden attribute_relro
64#if _STACK_GROWS_DOWN && defined PROT_GROWSDOWN
65 = PROT_GROWSDOWN;
66#elif _STACK_GROWS_UP && defined PROT_GROWSUP
67 = PROT_GROWSUP;
68#else
69 = 0;
70#endif
71
72
73/* Type for the buffer we put the ELF header and hopefully the program
74 header. This buffer does not really have to be too large. In most
75 cases the program header follows the ELF header directly. If this
76 is not the case all bets are off and we can make the header
77 arbitrarily large and still won't get it read. This means the only
78 question is how large are the ELF and program header combined. The
79 ELF header 32-bit files is 52 bytes long and in 64-bit files is 64
80 bytes long. Each program header entry is again 32 and 56 bytes
81 long respectively. I.e., even with a file which has 10 program
82 header entries we only have to read 372B/624B respectively. Add to
83 this a bit of margin for program notes and reading 512B and 832B
84 for 32-bit and 64-bit files respecitvely is enough. If this
85 heuristic should really fail for some file the code in
86 `_dl_map_object_from_fd' knows how to recover. */
87struct filebuf
88{
89 ssize_t len;
90#if __WORDSIZE == 32
91# define FILEBUF_SIZE 512
92#else
93# define FILEBUF_SIZE 832
94#endif
95 char buf[FILEBUF_SIZE] __attribute__ ((aligned (__alignof (ElfW(Ehdr)))));
96};
97
98/* This is the decomposed LD_LIBRARY_PATH search path. */
99static struct r_search_path_struct env_path_list attribute_relro;
100
101/* List of the hardware capabilities we might end up using. */
102static const struct r_strlenpair *capstr attribute_relro;
103static size_t ncapstr attribute_relro;
104static size_t max_capstrlen attribute_relro;
105
106
107/* Get the generated information about the trusted directories. Use
108 an array of concatenated strings to avoid relocations. See
109 gen-trusted-dirs.awk. */
110#include "trusted-dirs.h"
111
112static const char system_dirs[] = SYSTEM_DIRS;
113static const size_t system_dirs_len[] =
114{
115 SYSTEM_DIRS_LEN
116};
117#define nsystem_dirs_len array_length (system_dirs_len)
118
119static bool
120is_trusted_path (const char *path, size_t len)
121{
122 const char *trun = system_dirs;
123
124 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
125 {
126 if (len == system_dirs_len[idx] && memcmp (trun, path, len) == 0)
127 /* Found it. */
128 return true;
129
130 trun += system_dirs_len[idx] + 1;
131 }
132
133 return false;
134}
135
136
137static bool
138is_trusted_path_normalize (const char *path, size_t len)
139{
140 if (len == 0)
141 return false;
142
143 if (*path == ':')
144 {
145 ++path;
146 --len;
147 }
148
149 char *npath = (char *) alloca (len + 2);
150 char *wnp = npath;
151 while (*path != '\0')
152 {
153 if (path[0] == '/')
154 {
155 if (path[1] == '.')
156 {
157 if (path[2] == '.' && (path[3] == '/' || path[3] == '\0'))
158 {
159 while (wnp > npath && *--wnp != '/')
160 ;
161 path += 3;
162 continue;
163 }
164 else if (path[2] == '/' || path[2] == '\0')
165 {
166 path += 2;
167 continue;
168 }
169 }
170
171 if (wnp > npath && wnp[-1] == '/')
172 {
173 ++path;
174 continue;
175 }
176 }
177
178 *wnp++ = *path++;
179 }
180
181 if (wnp == npath || wnp[-1] != '/')
182 *wnp++ = '/';
183
184 const char *trun = system_dirs;
185
186 for (size_t idx = 0; idx < nsystem_dirs_len; ++idx)
187 {
188 if (wnp - npath >= system_dirs_len[idx]
189 && memcmp (trun, npath, system_dirs_len[idx]) == 0)
190 /* Found it. */
191 return true;
192
193 trun += system_dirs_len[idx] + 1;
194 }
195
196 return false;
197}
198
199
200static size_t
201is_dst (const char *start, const char *name, const char *str,
202 int is_path, int secure)
203{
204 size_t len;
205 bool is_curly = false;
206
207 if (name[0] == '{')
208 {
209 is_curly = true;
210 ++name;
211 }
212
213 len = 0;
214 while (name[len] == str[len] && name[len] != '\0')
215 ++len;
216
217 if (is_curly)
218 {
219 if (name[len] != '}')
220 return 0;
221
222 /* Point again at the beginning of the name. */
223 --name;
224 /* Skip over closing curly brace and adjust for the --name. */
225 len += 2;
226 }
227 else if (name[len] != '\0' && name[len] != '/'
228 && (!is_path || name[len] != ':'))
229 return 0;
230
231 if (__glibc_unlikely (secure)
232 && ((name[len] != '\0' && name[len] != '/'
233 && (!is_path || name[len] != ':'))
234 || (name != start + 1 && (!is_path || name[-2] != ':'))))
235 return 0;
236
237 return len;
238}
239
240
241size_t
242_dl_dst_count (const char *name, int is_path)
243{
244 const char *const start = name;
245 size_t cnt = 0;
246
247 do
248 {
249 size_t len;
250
251 /* $ORIGIN is not expanded for SUID/GUID programs (except if it
252 is $ORIGIN alone) and it must always appear first in path. */
253 ++name;
254 if ((len = is_dst (start, name, "ORIGIN", is_path,
255 __libc_enable_secure)) != 0
256 || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
257 || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
258 ++cnt;
259
260 name = strchr (name + len, '$');
261 }
262 while (name != NULL);
263
264 return cnt;
265}
266
267
268char *
269_dl_dst_substitute (struct link_map *l, const char *name, char *result,
270 int is_path)
271{
272 const char *const start = name;
273
274 /* Now fill the result path. While copying over the string we keep
275 track of the start of the last path element. When we come across
276 a DST we copy over the value or (if the value is not available)
277 leave the entire path element out. */
278 char *wp = result;
279 char *last_elem = result;
280 bool check_for_trusted = false;
281
282 do
283 {
284 if (__glibc_unlikely (*name == '$'))
285 {
286 const char *repl = NULL;
287 size_t len;
288
289 ++name;
290 if ((len = is_dst (start, name, "ORIGIN", is_path,
291 __libc_enable_secure)) != 0)
292 {
293 repl = l->l_origin;
294 check_for_trusted = (__libc_enable_secure
295 && l->l_type == lt_executable);
296 }
297 else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
298 repl = GLRO(dl_platform);
299 else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
300 repl = DL_DST_LIB;
301
302 if (repl != NULL && repl != (const char *) -1)
303 {
304 wp = __stpcpy (wp, repl);
305 name += len;
306 }
307 else if (len > 1)
308 {
309 /* We cannot use this path element, the value of the
310 replacement is unknown. */
311 wp = last_elem;
312 name += len;
313 while (*name != '\0' && (!is_path || *name != ':'))
314 ++name;
315 /* Also skip following colon if this is the first rpath
316 element, but keep an empty element at the end. */
317 if (wp == result && is_path && *name == ':' && name[1] != '\0')
318 ++name;
319 }
320 else
321 /* No DST we recognize. */
322 *wp++ = '$';
323 }
324 else
325 {
326 *wp++ = *name++;
327 if (is_path && *name == ':')
328 {
329 /* In SUID/SGID programs, after $ORIGIN expansion the
330 normalized path must be rooted in one of the trusted
331 directories. */
332 if (__glibc_unlikely (check_for_trusted)
333 && !is_trusted_path_normalize (last_elem, wp - last_elem))
334 wp = last_elem;
335 else
336 last_elem = wp;
337
338 check_for_trusted = false;
339 }
340 }
341 }
342 while (*name != '\0');
343
344 /* In SUID/SGID programs, after $ORIGIN expansion the normalized
345 path must be rooted in one of the trusted directories. */
346 if (__glibc_unlikely (check_for_trusted)
347 && !is_trusted_path_normalize (last_elem, wp - last_elem))
348 wp = last_elem;
349
350 *wp = '\0';
351
352 return result;
353}
354
355
356/* Return copy of argument with all recognized dynamic string tokens
357 ($ORIGIN and $PLATFORM for now) replaced. On some platforms it
358 might not be possible to determine the path from which the object
359 belonging to the map is loaded. In this case the path element
360 containing $ORIGIN is left out. */
361static char *
362expand_dynamic_string_token (struct link_map *l, const char *s, int is_path)
363{
364 /* We make two runs over the string. First we determine how large the
365 resulting string is and then we copy it over. Since this is no
366 frequently executed operation we are looking here not for performance
367 but rather for code size. */
368 size_t cnt;
369 size_t total;
370 char *result;
371
372 /* Determine the number of DST elements. */
373 cnt = DL_DST_COUNT (s, is_path);
374
375 /* If we do not have to replace anything simply copy the string. */
376 if (__glibc_likely (cnt == 0))
377 return __strdup (s);
378
379 /* Determine the length of the substituted string. */
380 total = DL_DST_REQUIRED (l, s, strlen (s), cnt);
381
382 /* Allocate the necessary memory. */
383 result = (char *) malloc (total + 1);
384 if (result == NULL)
385 return NULL;
386
387 return _dl_dst_substitute (l, s, result, is_path);
388}
389
390
391/* Add `name' to the list of names for a particular shared object.
392 `name' is expected to have been allocated with malloc and will
393 be freed if the shared object already has this name.
394 Returns false if the object already had this name. */
395static void
396internal_function
397add_name_to_object (struct link_map *l, const char *name)
398{
399 struct libname_list *lnp, *lastp;
400 struct libname_list *newname;
401 size_t name_len;
402
403 lastp = NULL;
404 for (lnp = l->l_libname; lnp != NULL; lastp = lnp, lnp = lnp->next)
405 if (strcmp (name, lnp->name) == 0)
406 return;
407
408 name_len = strlen (name) + 1;
409 newname = (struct libname_list *) malloc (sizeof *newname + name_len);
410 if (newname == NULL)
411 {
412 /* No more memory. */
413 _dl_signal_error (ENOMEM, name, NULL, N_("cannot allocate name record"));
414 return;
415 }
416 /* The object should have a libname set from _dl_new_object. */
417 assert (lastp != NULL);
418
419 newname->name = memcpy (newname + 1, name, name_len);
420 newname->next = NULL;
421 newname->dont_free = 0;
422 lastp->next = newname;
423}
424
425/* Standard search directories. */
426static struct r_search_path_struct rtld_search_dirs attribute_relro;
427
428static size_t max_dirnamelen;
429
430static struct r_search_path_elem **
431fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
432 int check_trusted, const char *what, const char *where,
433 struct link_map *l)
434{
435 char *cp;
436 size_t nelems = 0;
437
438 while ((cp = __strsep (&rpath, sep)) != NULL)
439 {
440 struct r_search_path_elem *dirp;
441 char *to_free = NULL;
442 size_t len = 0;
443
444 /* `strsep' can pass an empty string. */
445 if (*cp != '\0')
446 {
447 to_free = cp = expand_dynamic_string_token (l, cp, 1);
448
449 /* expand_dynamic_string_token can return NULL in case of empty
450 path or memory allocation failure. */
451 if (cp == NULL)
452 continue;
453
454 /* Compute the length after dynamic string token expansion and
455 ignore empty paths. */
456 len = strlen (cp);
457 if (len == 0)
458 {
459 free (to_free);
460 continue;
461 }
462
463 /* Remove trailing slashes (except for "/"). */
464 while (len > 1 && cp[len - 1] == '/')
465 --len;
466
467 /* Now add one if there is none so far. */
468 if (len > 0 && cp[len - 1] != '/')
469 cp[len++] = '/';
470 }
471
472 /* Make sure we don't use untrusted directories if we run SUID. */
473 if (__glibc_unlikely (check_trusted) && !is_trusted_path (cp, len))
474 {
475 free (to_free);
476 continue;
477 }
478
479 /* See if this directory is already known. */
480 for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next)
481 if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
482 break;
483
484 if (dirp != NULL)
485 {
486 /* It is available, see whether it's on our own list. */
487 size_t cnt;
488 for (cnt = 0; cnt < nelems; ++cnt)
489 if (result[cnt] == dirp)
490 break;
491
492 if (cnt == nelems)
493 result[nelems++] = dirp;
494 }
495 else
496 {
497 size_t cnt;
498 enum r_dir_status init_val;
499 size_t where_len = where ? strlen (where) + 1 : 0;
500
501 /* It's a new directory. Create an entry and add it. */
502 dirp = (struct r_search_path_elem *)
503 malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
504 + where_len + len + 1);
505 if (dirp == NULL)
506 _dl_signal_error (ENOMEM, NULL, NULL,
507 N_("cannot create cache for search path"));
508
509 dirp->dirname = ((char *) dirp + sizeof (*dirp)
510 + ncapstr * sizeof (enum r_dir_status));
511 *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
512 dirp->dirnamelen = len;
513
514 if (len > max_dirnamelen)
515 max_dirnamelen = len;
516
517 /* We have to make sure all the relative directories are
518 never ignored. The current directory might change and
519 all our saved information would be void. */
520 init_val = cp[0] != '/' ? existing : unknown;
521 for (cnt = 0; cnt < ncapstr; ++cnt)
522 dirp->status[cnt] = init_val;
523
524 dirp->what = what;
525 if (__glibc_likely (where != NULL))
526 dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
527 + (ncapstr * sizeof (enum r_dir_status)),
528 where, where_len);
529 else
530 dirp->where = NULL;
531
532 dirp->next = GL(dl_all_dirs);
533 GL(dl_all_dirs) = dirp;
534
535 /* Put it in the result array. */
536 result[nelems++] = dirp;
537 }
538 free (to_free);
539 }
540
541 /* Terminate the array. */
542 result[nelems] = NULL;
543
544 return result;
545}
546
547
548static bool
549internal_function
550decompose_rpath (struct r_search_path_struct *sps,
551 const char *rpath, struct link_map *l, const char *what)
552{
553 /* Make a copy we can work with. */
554 const char *where = l->l_name;
555 char *copy;
556 char *cp;
557 struct r_search_path_elem **result;
558 size_t nelems;
559 /* Initialize to please the compiler. */
560 const char *errstring = NULL;
561
562 /* First see whether we must forget the RUNPATH and RPATH from this
563 object. */
564 if (__glibc_unlikely (GLRO(dl_inhibit_rpath) != NULL)
565 && !__libc_enable_secure)
566 {
567 const char *inhp = GLRO(dl_inhibit_rpath);
568
569 do
570 {
571 const char *wp = where;
572
573 while (*inhp == *wp && *wp != '\0')
574 {
575 ++inhp;
576 ++wp;
577 }
578
579 if (*wp == '\0' && (*inhp == '\0' || *inhp == ':'))
580 {
581 /* This object is on the list of objects for which the
582 RUNPATH and RPATH must not be used. */
583 sps->dirs = (void *) -1;
584 return false;
585 }
586
587 while (*inhp != '\0')
588 if (*inhp++ == ':')
589 break;
590 }
591 while (*inhp != '\0');
592 }
593
594 /* Make a writable copy. */
595 copy = __strdup (rpath);
596 if (copy == NULL)
597 {
598 errstring = N_("cannot create RUNPATH/RPATH copy");
599 goto signal_error;
600 }
601
602 /* Ignore empty rpaths. */
603 if (*copy == 0)
604 {
605 free (copy);
606 sps->dirs = (struct r_search_path_elem **) -1;
607 return false;
608 }
609
610 /* Count the number of necessary elements in the result array. */
611 nelems = 0;
612 for (cp = copy; *cp != '\0'; ++cp)
613 if (*cp == ':')
614 ++nelems;
615
616 /* Allocate room for the result. NELEMS + 1 is an upper limit for the
617 number of necessary entries. */
618 result = (struct r_search_path_elem **) malloc ((nelems + 1 + 1)
619 * sizeof (*result));
620 if (result == NULL)
621 {
622 free (copy);
623 errstring = N_("cannot create cache for search path");
624 signal_error:
625 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
626 }
627
628 fillin_rpath (copy, result, ":", 0, what, where, l);
629
630 /* Free the copied RPATH string. `fillin_rpath' make own copies if
631 necessary. */
632 free (copy);
633
634 /* There is no path after expansion. */
635 if (result[0] == NULL)
636 {
637 free (result);
638 sps->dirs = (struct r_search_path_elem **) -1;
639 return false;
640 }
641
642 sps->dirs = result;
643 /* The caller will change this value if we haven't used a real malloc. */
644 sps->malloced = 1;
645 return true;
646}
647
648/* Make sure cached path information is stored in *SP
649 and return true if there are any paths to search there. */
650static bool
651cache_rpath (struct link_map *l,
652 struct r_search_path_struct *sp,
653 int tag,
654 const char *what)
655{
656 if (sp->dirs == (void *) -1)
657 return false;
658
659 if (sp->dirs != NULL)
660 return true;
661
662 if (l->l_info[tag] == NULL)
663 {
664 /* There is no path. */
665 sp->dirs = (void *) -1;
666 return false;
667 }
668
669 /* Make sure the cache information is available. */
670 return decompose_rpath (sp, (const char *) (D_PTR (l, l_info[DT_STRTAB])
671 + l->l_info[tag]->d_un.d_val),
672 l, what);
673}
674
675
676void
677internal_function
678_dl_init_paths (const char *llp)
679{
680 size_t idx;
681 const char *strp;
682 struct r_search_path_elem *pelem, **aelem;
683 size_t round_size;
684 struct link_map __attribute__ ((unused)) *l = NULL;
685 /* Initialize to please the compiler. */
686 const char *errstring = NULL;
687
688 /* Fill in the information about the application's RPATH and the
689 directories addressed by the LD_LIBRARY_PATH environment variable. */
690
691 /* Get the capabilities. */
692 capstr = _dl_important_hwcaps (GLRO(dl_platform), GLRO(dl_platformlen),
693 &ncapstr, &max_capstrlen);
694
695 /* First set up the rest of the default search directory entries. */
696 aelem = rtld_search_dirs.dirs = (struct r_search_path_elem **)
697 malloc ((nsystem_dirs_len + 1) * sizeof (struct r_search_path_elem *));
698 if (rtld_search_dirs.dirs == NULL)
699 {
700 errstring = N_("cannot create search path array");
701 signal_error:
702 _dl_signal_error (ENOMEM, NULL, NULL, errstring);
703 }
704
705 round_size = ((2 * sizeof (struct r_search_path_elem) - 1
706 + ncapstr * sizeof (enum r_dir_status))
707 / sizeof (struct r_search_path_elem));
708
709 rtld_search_dirs.dirs[0] = malloc (nsystem_dirs_len * round_size
710 * sizeof (*rtld_search_dirs.dirs[0]));
711 if (rtld_search_dirs.dirs[0] == NULL)
712 {
713 errstring = N_("cannot create cache for search path");
714 goto signal_error;
715 }
716
717 rtld_search_dirs.malloced = 0;
718 pelem = GL(dl_all_dirs) = rtld_search_dirs.dirs[0];
719 strp = system_dirs;
720 idx = 0;
721
722 do
723 {
724 size_t cnt;
725
726 *aelem++ = pelem;
727
728 pelem->what = "system search path";
729 pelem->where = NULL;
730
731 pelem->dirname = strp;
732 pelem->dirnamelen = system_dirs_len[idx];
733 strp += system_dirs_len[idx] + 1;
734
735 /* System paths must be absolute. */
736 assert (pelem->dirname[0] == '/');
737 for (cnt = 0; cnt < ncapstr; ++cnt)
738 pelem->status[cnt] = unknown;
739
740 pelem->next = (++idx == nsystem_dirs_len ? NULL : (pelem + round_size));
741
742 pelem += round_size;
743 }
744 while (idx < nsystem_dirs_len);
745
746 max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
747 *aelem = NULL;
748
749#ifdef SHARED
750 /* This points to the map of the main object. */
751 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
752 if (l != NULL)
753 {
754 assert (l->l_type != lt_loaded);
755
756 if (l->l_info[DT_RUNPATH])
757 {
758 /* Allocate room for the search path and fill in information
759 from RUNPATH. */
760 decompose_rpath (&l->l_runpath_dirs,
761 (const void *) (D_PTR (l, l_info[DT_STRTAB])
762 + l->l_info[DT_RUNPATH]->d_un.d_val),
763 l, "RUNPATH");
764 /* During rtld init the memory is allocated by the stub malloc,
765 prevent any attempt to free it by the normal malloc. */
766 l->l_runpath_dirs.malloced = 0;
767
768 /* The RPATH is ignored. */
769 l->l_rpath_dirs.dirs = (void *) -1;
770 }
771 else
772 {
773 l->l_runpath_dirs.dirs = (void *) -1;
774
775 if (l->l_info[DT_RPATH])
776 {
777 /* Allocate room for the search path and fill in information
778 from RPATH. */
779 decompose_rpath (&l->l_rpath_dirs,
780 (const void *) (D_PTR (l, l_info[DT_STRTAB])
781 + l->l_info[DT_RPATH]->d_un.d_val),
782 l, "RPATH");
783 /* During rtld init the memory is allocated by the stub
784 malloc, prevent any attempt to free it by the normal
785 malloc. */
786 l->l_rpath_dirs.malloced = 0;
787 }
788 else
789 l->l_rpath_dirs.dirs = (void *) -1;
790 }
791 }
792#endif /* SHARED */
793
794 if (llp != NULL && *llp != '\0')
795 {
796 char *llp_tmp = strdupa (llp);
797
798 /* Decompose the LD_LIBRARY_PATH contents. First determine how many
799 elements it has. */
800 size_t nllp = 1;
801 for (const char *cp = llp_tmp; *cp != '\0'; ++cp)
802 if (*cp == ':' || *cp == ';')
803 ++nllp;
804
805 env_path_list.dirs = (struct r_search_path_elem **)
806 malloc ((nllp + 1) * sizeof (struct r_search_path_elem *));
807 if (env_path_list.dirs == NULL)
808 {
809 errstring = N_("cannot create cache for search path");
810 goto signal_error;
811 }
812
813 (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
814 __libc_enable_secure, "LD_LIBRARY_PATH",
815 NULL, l);
816
817 if (env_path_list.dirs[0] == NULL)
818 {
819 free (env_path_list.dirs);
820 env_path_list.dirs = (void *) -1;
821 }
822
823 env_path_list.malloced = 0;
824 }
825 else
826 env_path_list.dirs = (void *) -1;
827}
828
829
830static void
831__attribute__ ((noreturn, noinline))
832lose (int code, int fd, const char *name, char *realname, struct link_map *l,
833 const char *msg, struct r_debug *r, Lmid_t nsid)
834{
835 /* The file might already be closed. */
836 if (fd != -1)
837 (void) __close (fd);
838 if (l != NULL && l->l_origin != (char *) -1l)
839 free ((char *) l->l_origin);
840 free (l);
841 free (realname);
842
843 if (r != NULL)
844 {
845 r->r_state = RT_CONSISTENT;
846 _dl_debug_state ();
847 LIBC_PROBE (map_failed, 2, nsid, r);
848 }
849
850 _dl_signal_error (code, name, NULL, msg);
851}
852
853
854/* Map in the shared object NAME, actually located in REALNAME, and already
855 opened on FD. */
856
857#ifndef EXTERNAL_MAP_FROM_FD
858static
859#endif
860struct link_map *
861_dl_map_object_from_fd (const char *name, const char *origname, int fd,
862 struct filebuf *fbp, char *realname,
863 struct link_map *loader, int l_type, int mode,
864 void **stack_endp, Lmid_t nsid)
865{
866 struct link_map *l = NULL;
867 const ElfW(Ehdr) *header;
868 const ElfW(Phdr) *phdr;
869 const ElfW(Phdr) *ph;
870 size_t maplength;
871 int type;
872 /* Initialize to keep the compiler happy. */
873 const char *errstring = NULL;
874 int errval = 0;
875 struct r_debug *r = _dl_debug_initialize (0, nsid);
876 bool make_consistent = false;
877
878 /* Get file information. */
879 struct r_file_id id;
880 if (__glibc_unlikely (!_dl_get_file_id (fd, &id)))
881 {
882 errstring = N_("cannot stat shared object");
883 call_lose_errno:
884 errval = errno;
885 call_lose:
886 lose (errval, fd, name, realname, l, errstring,
887 make_consistent ? r : NULL, nsid);
888 }
889
890 /* Look again to see if the real name matched another already loaded. */
891 for (l = GL(dl_ns)[nsid]._ns_loaded; l != NULL; l = l->l_next)
892 if (!l->l_removed && _dl_file_id_match_p (&l->l_file_id, &id))
893 {
894 /* The object is already loaded.
895 Just bump its reference count and return it. */
896 __close (fd);
897
898 /* If the name is not in the list of names for this object add
899 it. */
900 free (realname);
901 add_name_to_object (l, name);
902
903 return l;
904 }
905
906#ifdef SHARED
907 /* When loading into a namespace other than the base one we must
908 avoid loading ld.so since there can only be one copy. Ever. */
909 if (__glibc_unlikely (nsid != LM_ID_BASE)
910 && (_dl_file_id_match_p (&id, &GL(dl_rtld_map).l_file_id)
911 || _dl_name_match_p (name, &GL(dl_rtld_map))))
912 {
913 /* This is indeed ld.so. Create a new link_map which refers to
914 the real one for almost everything. */
915 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
916 if (l == NULL)
917 goto fail_new;
918
919 /* Refer to the real descriptor. */
920 l->l_real = &GL(dl_rtld_map);
921
922 /* No need to bump the refcount of the real object, ld.so will
923 never be unloaded. */
924 __close (fd);
925
926 /* Add the map for the mirrored object to the object list. */
927 _dl_add_to_namespace_list (l, nsid);
928
929 return l;
930 }
931#endif
932
933 if (mode & RTLD_NOLOAD)
934 {
935 /* We are not supposed to load the object unless it is already
936 loaded. So return now. */
937 free (realname);
938 __close (fd);
939 return NULL;
940 }
941
942 /* Print debugging message. */
943 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
944 _dl_debug_printf ("file=%s [%lu]; generating link map\n", name, nsid);
945
946 /* This is the ELF header. We read it in `open_verify'. */
947 header = (void *) fbp->buf;
948
949#ifndef MAP_ANON
950# define MAP_ANON 0
951 if (_dl_zerofd == -1)
952 {
953 _dl_zerofd = _dl_sysdep_open_zero_fill ();
954 if (_dl_zerofd == -1)
955 {
956 free (realname);
957 __close (fd);
958 _dl_signal_error (errno, NULL, NULL,
959 N_("cannot open zero fill device"));
960 }
961 }
962#endif
963
964 /* Signal that we are going to add new objects. */
965 if (r->r_state == RT_CONSISTENT)
966 {
967#ifdef SHARED
968 /* Auditing checkpoint: we are going to add new objects. */
969 if ((mode & __RTLD_AUDIT) == 0
970 && __glibc_unlikely (GLRO(dl_naudit) > 0))
971 {
972 struct link_map *head = GL(dl_ns)[nsid]._ns_loaded;
973 /* Do not call the functions for any auditing object. */
974 if (head->l_auditing == 0)
975 {
976 struct audit_ifaces *afct = GLRO(dl_audit);
977 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
978 {
979 if (afct->activity != NULL)
980 afct->activity (&head->l_audit[cnt].cookie, LA_ACT_ADD);
981
982 afct = afct->next;
983 }
984 }
985 }
986#endif
987
988 /* Notify the debugger we have added some objects. We need to
989 call _dl_debug_initialize in a static program in case dynamic
990 linking has not been used before. */
991 r->r_state = RT_ADD;
992 _dl_debug_state ();
993 LIBC_PROBE (map_start, 2, nsid, r);
994 make_consistent = true;
995 }
996 else
997 assert (r->r_state == RT_ADD);
998
999 /* Enter the new object in the list of loaded objects. */
1000 l = _dl_new_object (realname, name, l_type, loader, mode, nsid);
1001 if (__glibc_unlikely (l == NULL))
1002 {
1003#ifdef SHARED
1004 fail_new:
1005#endif
1006 errstring = N_("cannot create shared object descriptor");
1007 goto call_lose_errno;
1008 }
1009
1010 /* Extract the remaining details we need from the ELF header
1011 and then read in the program header table. */
1012 l->l_entry = header->e_entry;
1013 type = header->e_type;
1014 l->l_phnum = header->e_phnum;
1015
1016 maplength = header->e_phnum * sizeof (ElfW(Phdr));
1017 if (header->e_phoff + maplength <= (size_t) fbp->len)
1018 phdr = (void *) (fbp->buf + header->e_phoff);
1019 else
1020 {
1021 phdr = alloca (maplength);
1022 __lseek (fd, header->e_phoff, SEEK_SET);
1023 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1024 {
1025 errstring = N_("cannot read file data");
1026 goto call_lose_errno;
1027 }
1028 }
1029
1030 /* On most platforms presume that PT_GNU_STACK is absent and the stack is
1031 * executable. Other platforms default to a nonexecutable stack and don't
1032 * need PT_GNU_STACK to do so. */
1033 uint_fast16_t stack_flags = DEFAULT_STACK_PERMS;
1034
1035 {
1036 /* Scan the program header table, collecting its load commands. */
1037 struct loadcmd loadcmds[l->l_phnum];
1038 size_t nloadcmds = 0;
1039 bool has_holes = false;
1040
1041 /* The struct is initialized to zero so this is not necessary:
1042 l->l_ld = 0;
1043 l->l_phdr = 0;
1044 l->l_addr = 0; */
1045 for (ph = phdr; ph < &phdr[l->l_phnum]; ++ph)
1046 switch (ph->p_type)
1047 {
1048 /* These entries tell us where to find things once the file's
1049 segments are mapped in. We record the addresses it says
1050 verbatim, and later correct for the run-time load address. */
1051 case PT_DYNAMIC:
1052 l->l_ld = (void *) ph->p_vaddr;
1053 l->l_ldnum = ph->p_memsz / sizeof (ElfW(Dyn));
1054 break;
1055
1056 case PT_PHDR:
1057 l->l_phdr = (void *) ph->p_vaddr;
1058 break;
1059
1060 case PT_LOAD:
1061 /* A load command tells us to map in part of the file.
1062 We record the load commands and process them all later. */
1063 if (__glibc_unlikely ((ph->p_align & (GLRO(dl_pagesize) - 1)) != 0))
1064 {
1065 errstring = N_("ELF load command alignment not page-aligned");
1066 goto call_lose;
1067 }
1068 if (__glibc_unlikely (((ph->p_vaddr - ph->p_offset)
1069 & (ph->p_align - 1)) != 0))
1070 {
1071 errstring
1072 = N_("ELF load command address/offset not properly aligned");
1073 goto call_lose;
1074 }
1075
1076 struct loadcmd *c = &loadcmds[nloadcmds++];
1077 c->mapstart = ALIGN_DOWN (ph->p_vaddr, GLRO(dl_pagesize));
1078 c->mapend = ALIGN_UP (ph->p_vaddr + ph->p_filesz, GLRO(dl_pagesize));
1079 c->dataend = ph->p_vaddr + ph->p_filesz;
1080 c->allocend = ph->p_vaddr + ph->p_memsz;
1081 c->mapoff = ALIGN_DOWN (ph->p_offset, GLRO(dl_pagesize));
1082
1083 /* Determine whether there is a gap between the last segment
1084 and this one. */
1085 if (nloadcmds > 1 && c[-1].mapend != c->mapstart)
1086 has_holes = true;
1087
1088 /* Optimize a common case. */
1089#if (PF_R | PF_W | PF_X) == 7 && (PROT_READ | PROT_WRITE | PROT_EXEC) == 7
1090 c->prot = (PF_TO_PROT
1091 >> ((ph->p_flags & (PF_R | PF_W | PF_X)) * 4)) & 0xf;
1092#else
1093 c->prot = 0;
1094 if (ph->p_flags & PF_R)
1095 c->prot |= PROT_READ;
1096 if (ph->p_flags & PF_W)
1097 c->prot |= PROT_WRITE;
1098 if (ph->p_flags & PF_X)
1099 c->prot |= PROT_EXEC;
1100#endif
1101 break;
1102
1103 case PT_TLS:
1104 if (ph->p_memsz == 0)
1105 /* Nothing to do for an empty segment. */
1106 break;
1107
1108 l->l_tls_blocksize = ph->p_memsz;
1109 l->l_tls_align = ph->p_align;
1110 if (ph->p_align == 0)
1111 l->l_tls_firstbyte_offset = 0;
1112 else
1113 l->l_tls_firstbyte_offset = ph->p_vaddr & (ph->p_align - 1);
1114 l->l_tls_initimage_size = ph->p_filesz;
1115 /* Since we don't know the load address yet only store the
1116 offset. We will adjust it later. */
1117 l->l_tls_initimage = (void *) ph->p_vaddr;
1118
1119 /* If not loading the initial set of shared libraries,
1120 check whether we should permit loading a TLS segment. */
1121 if (__glibc_likely (l->l_type == lt_library)
1122 /* If GL(dl_tls_dtv_slotinfo_list) == NULL, then rtld.c did
1123 not set up TLS data structures, so don't use them now. */
1124 || __glibc_likely (GL(dl_tls_dtv_slotinfo_list) != NULL))
1125 {
1126 /* Assign the next available module ID. */
1127 l->l_tls_modid = _dl_next_tls_modid ();
1128 break;
1129 }
1130
1131#ifdef SHARED
1132 /* We are loading the executable itself when the dynamic
1133 linker was executed directly. The setup will happen
1134 later. Otherwise, the TLS data structures are already
1135 initialized, and we assigned a TLS modid above. */
1136 assert (l->l_prev == NULL || (mode & __RTLD_AUDIT) != 0);
1137#else
1138 assert (false && "TLS not initialized in static application");
1139#endif
1140 break;
1141
1142 case PT_GNU_STACK:
1143 stack_flags = ph->p_flags;
1144 break;
1145
1146 case PT_GNU_RELRO:
1147 l->l_relro_addr = ph->p_vaddr;
1148 l->l_relro_size = ph->p_memsz;
1149 break;
1150 }
1151
1152 if (__glibc_unlikely (nloadcmds == 0))
1153 {
1154 /* This only happens for a bogus object that will be caught with
1155 another error below. But we don't want to go through the
1156 calculations below using NLOADCMDS - 1. */
1157 errstring = N_("object file has no loadable segments");
1158 goto call_lose;
1159 }
1160
1161 if (__glibc_unlikely (type != ET_DYN)
1162 && __glibc_unlikely ((mode & __RTLD_OPENEXEC) == 0))
1163 {
1164 /* This object is loaded at a fixed address. This must never
1165 happen for objects loaded with dlopen. */
1166 errstring = N_("cannot dynamically load executable");
1167 goto call_lose;
1168 }
1169
1170 /* Length of the sections to be loaded. */
1171 maplength = loadcmds[nloadcmds - 1].allocend - loadcmds[0].mapstart;
1172
1173 /* Now process the load commands and map segments into memory.
1174 This is responsible for filling in:
1175 l_map_start, l_map_end, l_addr, l_contiguous, l_text_end, l_phdr
1176 */
1177 errstring = _dl_map_segments (l, fd, header, type, loadcmds, nloadcmds,
1178 maplength, has_holes, loader);
1179 if (__glibc_unlikely (errstring != NULL))
1180 goto call_lose;
1181 }
1182
1183 if (l->l_ld == 0)
1184 {
1185 if (__glibc_unlikely (type == ET_DYN))
1186 {
1187 errstring = N_("object file has no dynamic section");
1188 goto call_lose;
1189 }
1190 }
1191 else
1192 l->l_ld = (ElfW(Dyn) *) ((ElfW(Addr)) l->l_ld + l->l_addr);
1193
1194 elf_get_dynamic_info (l, NULL);
1195
1196 /* Make sure we are not dlopen'ing an object that has the
1197 DF_1_NOOPEN flag set. */
1198 if (__glibc_unlikely (l->l_flags_1 & DF_1_NOOPEN)
1199 && (mode & __RTLD_DLOPEN))
1200 {
1201 /* We are not supposed to load this object. Free all resources. */
1202 _dl_unmap_segments (l);
1203
1204 if (!l->l_libname->dont_free)
1205 free (l->l_libname);
1206
1207 if (l->l_phdr_allocated)
1208 free ((void *) l->l_phdr);
1209
1210 errstring = N_("shared object cannot be dlopen()ed");
1211 goto call_lose;
1212 }
1213
1214 if (l->l_phdr == NULL)
1215 {
1216 /* The program header is not contained in any of the segments.
1217 We have to allocate memory ourself and copy it over from out
1218 temporary place. */
1219 ElfW(Phdr) *newp = (ElfW(Phdr) *) malloc (header->e_phnum
1220 * sizeof (ElfW(Phdr)));
1221 if (newp == NULL)
1222 {
1223 errstring = N_("cannot allocate memory for program header");
1224 goto call_lose_errno;
1225 }
1226
1227 l->l_phdr = memcpy (newp, phdr,
1228 (header->e_phnum * sizeof (ElfW(Phdr))));
1229 l->l_phdr_allocated = 1;
1230 }
1231 else
1232 /* Adjust the PT_PHDR value by the runtime load address. */
1233 l->l_phdr = (ElfW(Phdr) *) ((ElfW(Addr)) l->l_phdr + l->l_addr);
1234
1235 if (__glibc_unlikely ((stack_flags &~ GL(dl_stack_flags)) & PF_X))
1236 {
1237 if (__glibc_unlikely (__check_caller (RETURN_ADDRESS (0), allow_ldso) != 0))
1238 {
1239 errstring = N_("invalid caller");
1240 goto call_lose;
1241 }
1242
1243 /* The stack is presently not executable, but this module
1244 requires that it be executable. We must change the
1245 protection of the variable which contains the flags used in
1246 the mprotect calls. */
1247#ifdef SHARED
1248 if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN)
1249 {
1250 const uintptr_t p = (uintptr_t) &__stack_prot & -GLRO(dl_pagesize);
1251 const size_t s = (uintptr_t) (&__stack_prot + 1) - p;
1252
1253 struct link_map *const m = &GL(dl_rtld_map);
1254 const uintptr_t relro_end = ((m->l_addr + m->l_relro_addr
1255 + m->l_relro_size)
1256 & -GLRO(dl_pagesize));
1257 if (__glibc_likely (p + s <= relro_end))
1258 {
1259 /* The variable lies in the region protected by RELRO. */
1260 if (__mprotect ((void *) p, s, PROT_READ|PROT_WRITE) < 0)
1261 {
1262 errstring = N_("cannot change memory protections");
1263 goto call_lose_errno;
1264 }
1265 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1266 __mprotect ((void *) p, s, PROT_READ);
1267 }
1268 else
1269 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1270 }
1271 else
1272#endif
1273 __stack_prot |= PROT_READ|PROT_WRITE|PROT_EXEC;
1274
1275#ifdef check_consistency
1276 check_consistency ();
1277#endif
1278
1279 errval = (*GL(dl_make_stack_executable_hook)) (stack_endp);
1280 if (errval)
1281 {
1282 errstring = N_("\
1283cannot enable executable stack as shared object requires");
1284 goto call_lose;
1285 }
1286 }
1287
1288 /* Adjust the address of the TLS initialization image. */
1289 if (l->l_tls_initimage != NULL)
1290 l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr;
1291
1292 /* We are done mapping in the file. We no longer need the descriptor. */
1293 if (__glibc_unlikely (__close (fd) != 0))
1294 {
1295 errstring = N_("cannot close file descriptor");
1296 goto call_lose_errno;
1297 }
1298 /* Signal that we closed the file. */
1299 fd = -1;
1300
1301 /* If this is ET_EXEC, we should have loaded it as lt_executable. */
1302 assert (type != ET_EXEC || l->l_type == lt_executable);
1303
1304 l->l_entry += l->l_addr;
1305
1306 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
1307 _dl_debug_printf ("\
1308 dynamic: 0x%0*lx base: 0x%0*lx size: 0x%0*Zx\n\
1309 entry: 0x%0*lx phdr: 0x%0*lx phnum: %*u\n\n",
1310 (int) sizeof (void *) * 2,
1311 (unsigned long int) l->l_ld,
1312 (int) sizeof (void *) * 2,
1313 (unsigned long int) l->l_addr,
1314 (int) sizeof (void *) * 2, maplength,
1315 (int) sizeof (void *) * 2,
1316 (unsigned long int) l->l_entry,
1317 (int) sizeof (void *) * 2,
1318 (unsigned long int) l->l_phdr,
1319 (int) sizeof (void *) * 2, l->l_phnum);
1320
1321 /* Set up the symbol hash table. */
1322 _dl_setup_hash (l);
1323
1324 /* If this object has DT_SYMBOLIC set modify now its scope. We don't
1325 have to do this for the main map. */
1326 if ((mode & RTLD_DEEPBIND) == 0
1327 && __glibc_unlikely (l->l_info[DT_SYMBOLIC] != NULL)
1328 && &l->l_searchlist != l->l_scope[0])
1329 {
1330 /* Create an appropriate searchlist. It contains only this map.
1331 This is the definition of DT_SYMBOLIC in SysVr4. */
1332 l->l_symbolic_searchlist.r_list[0] = l;
1333 l->l_symbolic_searchlist.r_nlist = 1;
1334
1335 /* Now move the existing entries one back. */
1336 memmove (&l->l_scope[1], &l->l_scope[0],
1337 (l->l_scope_max - 1) * sizeof (l->l_scope[0]));
1338
1339 /* Now add the new entry. */
1340 l->l_scope[0] = &l->l_symbolic_searchlist;
1341 }
1342
1343 /* Remember whether this object must be initialized first. */
1344 if (l->l_flags_1 & DF_1_INITFIRST)
1345 GL(dl_initfirst) = l;
1346
1347 /* Finally the file information. */
1348 l->l_file_id = id;
1349
1350#ifdef SHARED
1351 /* When auditing is used the recorded names might not include the
1352 name by which the DSO is actually known. Add that as well. */
1353 if (__glibc_unlikely (origname != NULL))
1354 add_name_to_object (l, origname);
1355#else
1356 /* Audit modules only exist when linking is dynamic so ORIGNAME
1357 cannot be non-NULL. */
1358 assert (origname == NULL);
1359#endif
1360
1361 /* When we profile the SONAME might be needed for something else but
1362 loading. Add it right away. */
1363 if (__glibc_unlikely (GLRO(dl_profile) != NULL)
1364 && l->l_info[DT_SONAME] != NULL)
1365 add_name_to_object (l, ((const char *) D_PTR (l, l_info[DT_STRTAB])
1366 + l->l_info[DT_SONAME]->d_un.d_val));
1367
1368#ifdef DL_AFTER_LOAD
1369 DL_AFTER_LOAD (l);
1370#endif
1371
1372 /* Now that the object is fully initialized add it to the object list. */
1373 _dl_add_to_namespace_list (l, nsid);
1374
1375#ifdef SHARED
1376 /* Auditing checkpoint: we have a new object. */
1377 if (__glibc_unlikely (GLRO(dl_naudit) > 0)
1378 && !GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing)
1379 {
1380 struct audit_ifaces *afct = GLRO(dl_audit);
1381 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1382 {
1383 if (afct->objopen != NULL)
1384 {
1385 l->l_audit[cnt].bindflags
1386 = afct->objopen (l, nsid, &l->l_audit[cnt].cookie);
1387
1388 l->l_audit_any_plt |= l->l_audit[cnt].bindflags != 0;
1389 }
1390
1391 afct = afct->next;
1392 }
1393 }
1394#endif
1395
1396 return l;
1397}
1398
1399/* Print search path. */
1400static void
1401print_search_path (struct r_search_path_elem **list,
1402 const char *what, const char *name)
1403{
1404 char buf[max_dirnamelen + max_capstrlen];
1405 int first = 1;
1406
1407 _dl_debug_printf (" search path=");
1408
1409 while (*list != NULL && (*list)->what == what) /* Yes, ==. */
1410 {
1411 char *endp = __mempcpy (buf, (*list)->dirname, (*list)->dirnamelen);
1412 size_t cnt;
1413
1414 for (cnt = 0; cnt < ncapstr; ++cnt)
1415 if ((*list)->status[cnt] != nonexisting)
1416 {
1417 char *cp = __mempcpy (endp, capstr[cnt].str, capstr[cnt].len);
1418 if (cp == buf || (cp == buf + 1 && buf[0] == '/'))
1419 cp[0] = '\0';
1420 else
1421 cp[-1] = '\0';
1422
1423 _dl_debug_printf_c (first ? "%s" : ":%s", buf);
1424 first = 0;
1425 }
1426
1427 ++list;
1428 }
1429
1430 if (name != NULL)
1431 _dl_debug_printf_c ("\t\t(%s from file %s)\n", what,
1432 DSO_FILENAME (name));
1433 else
1434 _dl_debug_printf_c ("\t\t(%s)\n", what);
1435}
1436
1437/* Open a file and verify it is an ELF file for this architecture. We
1438 ignore only ELF files for other architectures. Non-ELF files and
1439 ELF files with different header information cause fatal errors since
1440 this could mean there is something wrong in the installation and the
1441 user might want to know about this.
1442
1443 If FD is not -1, then the file is already open and FD refers to it.
1444 In that case, FD is consumed for both successful and error returns. */
1445static int
1446open_verify (const char *name, int fd,
1447 struct filebuf *fbp, struct link_map *loader,
1448 int whatcode, int mode, bool *found_other_class, bool free_name)
1449{
1450 /* This is the expected ELF header. */
1451#define ELF32_CLASS ELFCLASS32
1452#define ELF64_CLASS ELFCLASS64
1453#ifndef VALID_ELF_HEADER
1454# define VALID_ELF_HEADER(hdr,exp,size) (memcmp (hdr, exp, size) == 0)
1455# define VALID_ELF_OSABI(osabi) (osabi == ELFOSABI_SYSV)
1456# define VALID_ELF_ABIVERSION(osabi,ver) (ver == 0)
1457#elif defined MORE_ELF_HEADER_DATA
1458 MORE_ELF_HEADER_DATA;
1459#endif
1460 static const unsigned char expected[EI_NIDENT] =
1461 {
1462 [EI_MAG0] = ELFMAG0,
1463 [EI_MAG1] = ELFMAG1,
1464 [EI_MAG2] = ELFMAG2,
1465 [EI_MAG3] = ELFMAG3,
1466 [EI_CLASS] = ELFW(CLASS),
1467 [EI_DATA] = byteorder,
1468 [EI_VERSION] = EV_CURRENT,
1469 [EI_OSABI] = ELFOSABI_SYSV,
1470 [EI_ABIVERSION] = 0
1471 };
1472 static const struct
1473 {
1474 ElfW(Word) vendorlen;
1475 ElfW(Word) datalen;
1476 ElfW(Word) type;
1477 char vendor[4];
1478 } expected_note = { 4, 16, 1, "GNU" };
1479 /* Initialize it to make the compiler happy. */
1480 const char *errstring = NULL;
1481 int errval = 0;
1482
1483#ifdef SHARED
1484 /* Give the auditing libraries a chance. */
1485 if (__glibc_unlikely (GLRO(dl_naudit) > 0) && whatcode != 0
1486 && loader->l_auditing == 0)
1487 {
1488 const char *original_name = name;
1489 struct audit_ifaces *afct = GLRO(dl_audit);
1490 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1491 {
1492 if (afct->objsearch != NULL)
1493 {
1494 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1495 whatcode);
1496 if (name == NULL)
1497 /* Ignore the path. */
1498 return -1;
1499 }
1500
1501 afct = afct->next;
1502 }
1503
1504 if (fd != -1 && name != original_name && strcmp (name, original_name))
1505 {
1506 /* An audit library changed what we're supposed to open,
1507 so FD no longer matches it. */
1508 __close (fd);
1509 fd = -1;
1510 }
1511 }
1512#endif
1513
1514 if (fd == -1)
1515 /* Open the file. We always open files read-only. */
1516 fd = __open (name, O_RDONLY | O_CLOEXEC);
1517
1518 if (fd != -1)
1519 {
1520 ElfW(Ehdr) *ehdr;
1521 ElfW(Phdr) *phdr, *ph;
1522 ElfW(Word) *abi_note;
1523 unsigned int osversion;
1524 size_t maplength;
1525
1526 /* We successfully opened the file. Now verify it is a file
1527 we can use. */
1528 __set_errno (0);
1529 fbp->len = 0;
1530 assert (sizeof (fbp->buf) > sizeof (ElfW(Ehdr)));
1531 /* Read in the header. */
1532 do
1533 {
1534 ssize_t retlen = __libc_read (fd, fbp->buf + fbp->len,
1535 sizeof (fbp->buf) - fbp->len);
1536 if (retlen <= 0)
1537 break;
1538 fbp->len += retlen;
1539 }
1540 while (__glibc_unlikely (fbp->len < sizeof (ElfW(Ehdr))));
1541
1542 /* This is where the ELF header is loaded. */
1543 ehdr = (ElfW(Ehdr) *) fbp->buf;
1544
1545 /* Now run the tests. */
1546 if (__glibc_unlikely (fbp->len < (ssize_t) sizeof (ElfW(Ehdr))))
1547 {
1548 errval = errno;
1549 errstring = (errval == 0
1550 ? N_("file too short") : N_("cannot read file data"));
1551 call_lose:
1552 if (free_name)
1553 {
1554 char *realname = (char *) name;
1555 name = strdupa (realname);
1556 free (realname);
1557 }
1558 lose (errval, fd, name, NULL, NULL, errstring, NULL, 0);
1559 }
1560
1561 /* See whether the ELF header is what we expect. */
1562 if (__glibc_unlikely (! VALID_ELF_HEADER (ehdr->e_ident, expected,
1563 EI_ABIVERSION)
1564 || !VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1565 ehdr->e_ident[EI_ABIVERSION])
1566 || memcmp (&ehdr->e_ident[EI_PAD],
1567 &expected[EI_PAD],
1568 EI_NIDENT - EI_PAD) != 0))
1569 {
1570 /* Something is wrong. */
1571 const Elf32_Word *magp = (const void *) ehdr->e_ident;
1572 if (*magp !=
1573#if BYTE_ORDER == LITTLE_ENDIAN
1574 ((ELFMAG0 << (EI_MAG0 * 8)) |
1575 (ELFMAG1 << (EI_MAG1 * 8)) |
1576 (ELFMAG2 << (EI_MAG2 * 8)) |
1577 (ELFMAG3 << (EI_MAG3 * 8)))
1578#else
1579 ((ELFMAG0 << (EI_MAG3 * 8)) |
1580 (ELFMAG1 << (EI_MAG2 * 8)) |
1581 (ELFMAG2 << (EI_MAG1 * 8)) |
1582 (ELFMAG3 << (EI_MAG0 * 8)))
1583#endif
1584 )
1585 errstring = N_("invalid ELF header");
1586 else if (ehdr->e_ident[EI_CLASS] != ELFW(CLASS))
1587 {
1588 /* This is not a fatal error. On architectures where
1589 32-bit and 64-bit binaries can be run this might
1590 happen. */
1591 *found_other_class = true;
1592 goto close_and_out;
1593 }
1594 else if (ehdr->e_ident[EI_DATA] != byteorder)
1595 {
1596 if (BYTE_ORDER == BIG_ENDIAN)
1597 errstring = N_("ELF file data encoding not big-endian");
1598 else
1599 errstring = N_("ELF file data encoding not little-endian");
1600 }
1601 else if (ehdr->e_ident[EI_VERSION] != EV_CURRENT)
1602 errstring
1603 = N_("ELF file version ident does not match current one");
1604 /* XXX We should be able so set system specific versions which are
1605 allowed here. */
1606 else if (!VALID_ELF_OSABI (ehdr->e_ident[EI_OSABI]))
1607 errstring = N_("ELF file OS ABI invalid");
1608 else if (!VALID_ELF_ABIVERSION (ehdr->e_ident[EI_OSABI],
1609 ehdr->e_ident[EI_ABIVERSION]))
1610 errstring = N_("ELF file ABI version invalid");
1611 else if (memcmp (&ehdr->e_ident[EI_PAD], &expected[EI_PAD],
1612 EI_NIDENT - EI_PAD) != 0)
1613 errstring = N_("nonzero padding in e_ident");
1614 else
1615 /* Otherwise we don't know what went wrong. */
1616 errstring = N_("internal error");
1617
1618 goto call_lose;
1619 }
1620
1621 if (__glibc_unlikely (ehdr->e_version != EV_CURRENT))
1622 {
1623 errstring = N_("ELF file version does not match current one");
1624 goto call_lose;
1625 }
1626 if (! __glibc_likely (elf_machine_matches_host (ehdr)))
1627 goto close_and_out;
1628 else if (__glibc_unlikely (ehdr->e_type != ET_DYN
1629 && ehdr->e_type != ET_EXEC))
1630 {
1631 errstring = N_("only ET_DYN and ET_EXEC can be loaded");
1632 goto call_lose;
1633 }
1634 else if (__glibc_unlikely (ehdr->e_type == ET_EXEC
1635 && (mode & __RTLD_OPENEXEC) == 0))
1636 {
1637 /* BZ #16634. It is an error to dlopen ET_EXEC (unless
1638 __RTLD_OPENEXEC is explicitly set). We return error here
1639 so that code in _dl_map_object_from_fd does not try to set
1640 l_tls_modid for this module. */
1641
1642 errstring = N_("cannot dynamically load executable");
1643 goto call_lose;
1644 }
1645 else if (__glibc_unlikely (ehdr->e_phentsize != sizeof (ElfW(Phdr))))
1646 {
1647 errstring = N_("ELF file's phentsize not the expected size");
1648 goto call_lose;
1649 }
1650
1651 maplength = ehdr->e_phnum * sizeof (ElfW(Phdr));
1652 if (ehdr->e_phoff + maplength <= (size_t) fbp->len)
1653 phdr = (void *) (fbp->buf + ehdr->e_phoff);
1654 else
1655 {
1656 phdr = alloca (maplength);
1657 __lseek (fd, ehdr->e_phoff, SEEK_SET);
1658 if ((size_t) __libc_read (fd, (void *) phdr, maplength) != maplength)
1659 {
1660 read_error:
1661 errval = errno;
1662 errstring = N_("cannot read file data");
1663 goto call_lose;
1664 }
1665 }
1666
1667 if (__glibc_unlikely (elf_machine_reject_phdr_p
1668 (phdr, ehdr->e_phnum, fbp->buf, fbp->len,
1669 loader, fd)))
1670 goto close_and_out;
1671
1672 /* Check .note.ABI-tag if present. */
1673 for (ph = phdr; ph < &phdr[ehdr->e_phnum]; ++ph)
1674 if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4)
1675 {
1676 ElfW(Addr) size = ph->p_filesz;
1677
1678 if (ph->p_offset + size <= (size_t) fbp->len)
1679 abi_note = (void *) (fbp->buf + ph->p_offset);
1680 else
1681 {
1682 abi_note = alloca (size);
1683 __lseek (fd, ph->p_offset, SEEK_SET);
1684 if (__libc_read (fd, (void *) abi_note, size) != size)
1685 goto read_error;
1686 }
1687
1688 while (memcmp (abi_note, &expected_note, sizeof (expected_note)))
1689 {
1690#define ROUND(len) (((len) + sizeof (ElfW(Word)) - 1) & -sizeof (ElfW(Word)))
1691 ElfW(Addr) note_size = 3 * sizeof (ElfW(Word))
1692 + ROUND (abi_note[0])
1693 + ROUND (abi_note[1]);
1694
1695 if (size - 32 < note_size)
1696 {
1697 size = 0;
1698 break;
1699 }
1700 size -= note_size;
1701 abi_note = (void *) abi_note + note_size;
1702 }
1703
1704 if (size == 0)
1705 continue;
1706
1707 osversion = (abi_note[5] & 0xff) * 65536
1708 + (abi_note[6] & 0xff) * 256
1709 + (abi_note[7] & 0xff);
1710 if (abi_note[4] != __ABI_TAG_OS
1711 || (GLRO(dl_osversion) && GLRO(dl_osversion) < osversion))
1712 {
1713 close_and_out:
1714 __close (fd);
1715 __set_errno (ENOENT);
1716 fd = -1;
1717 }
1718
1719 break;
1720 }
1721 }
1722
1723 return fd;
1724}
1725
1726/* Try to open NAME in one of the directories in *DIRSP.
1727 Return the fd, or -1. If successful, fill in *REALNAME
1728 with the malloc'd full directory name. If it turns out
1729 that none of the directories in *DIRSP exists, *DIRSP is
1730 replaced with (void *) -1, and the old value is free()d
1731 if MAY_FREE_DIRS is true. */
1732
1733static int
1734open_path (const char *name, size_t namelen, int mode,
1735 struct r_search_path_struct *sps, char **realname,
1736 struct filebuf *fbp, struct link_map *loader, int whatcode,
1737 bool *found_other_class)
1738{
1739 struct r_search_path_elem **dirs = sps->dirs;
1740 char *buf;
1741 int fd = -1;
1742 const char *current_what = NULL;
1743 int any = 0;
1744
1745 if (__glibc_unlikely (dirs == NULL))
1746 /* We're called before _dl_init_paths when loading the main executable
1747 given on the command line when rtld is run directly. */
1748 return -1;
1749
1750 buf = alloca (max_dirnamelen + max_capstrlen + namelen);
1751 do
1752 {
1753 struct r_search_path_elem *this_dir = *dirs;
1754 size_t buflen = 0;
1755 size_t cnt;
1756 char *edp;
1757 int here_any = 0;
1758 int err;
1759
1760 /* If we are debugging the search for libraries print the path
1761 now if it hasn't happened now. */
1762 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS)
1763 && current_what != this_dir->what)
1764 {
1765 current_what = this_dir->what;
1766 print_search_path (dirs, current_what, this_dir->where);
1767 }
1768
1769 edp = (char *) __mempcpy (buf, this_dir->dirname, this_dir->dirnamelen);
1770 for (cnt = 0; fd == -1 && cnt < ncapstr; ++cnt)
1771 {
1772 /* Skip this directory if we know it does not exist. */
1773 if (this_dir->status[cnt] == nonexisting)
1774 continue;
1775
1776 buflen =
1777 ((char *) __mempcpy (__mempcpy (edp, capstr[cnt].str,
1778 capstr[cnt].len),
1779 name, namelen)
1780 - buf);
1781
1782 /* Print name we try if this is wanted. */
1783 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
1784 _dl_debug_printf (" trying file=%s\n", buf);
1785
1786 fd = open_verify (buf, -1, fbp, loader, whatcode, mode,
1787 found_other_class, false);
1788 if (this_dir->status[cnt] == unknown)
1789 {
1790 if (fd != -1)
1791 this_dir->status[cnt] = existing;
1792 /* Do not update the directory information when loading
1793 auditing code. We must try to disturb the program as
1794 little as possible. */
1795 else if (loader == NULL
1796 || GL(dl_ns)[loader->l_ns]._ns_loaded->l_auditing == 0)
1797 {
1798 /* We failed to open machine dependent library. Let's
1799 test whether there is any directory at all. */
1800 struct stat64 st;
1801
1802 buf[buflen - namelen - 1] = '\0';
1803
1804 if (__xstat64 (_STAT_VER, buf, &st) != 0
1805 || ! S_ISDIR (st.st_mode))
1806 /* The directory does not exist or it is no directory. */
1807 this_dir->status[cnt] = nonexisting;
1808 else
1809 this_dir->status[cnt] = existing;
1810 }
1811 }
1812
1813 /* Remember whether we found any existing directory. */
1814 here_any |= this_dir->status[cnt] != nonexisting;
1815
1816 if (fd != -1 && __glibc_unlikely (mode & __RTLD_SECURE)
1817 && __libc_enable_secure)
1818 {
1819 /* This is an extra security effort to make sure nobody can
1820 preload broken shared objects which are in the trusted
1821 directories and so exploit the bugs. */
1822 struct stat64 st;
1823
1824 if (__fxstat64 (_STAT_VER, fd, &st) != 0
1825 || (st.st_mode & S_ISUID) == 0)
1826 {
1827 /* The shared object cannot be tested for being SUID
1828 or this bit is not set. In this case we must not
1829 use this object. */
1830 __close (fd);
1831 fd = -1;
1832 /* We simply ignore the file, signal this by setting
1833 the error value which would have been set by `open'. */
1834 errno = ENOENT;
1835 }
1836 }
1837 }
1838
1839 if (fd != -1)
1840 {
1841 *realname = (char *) malloc (buflen);
1842 if (*realname != NULL)
1843 {
1844 memcpy (*realname, buf, buflen);
1845 return fd;
1846 }
1847 else
1848 {
1849 /* No memory for the name, we certainly won't be able
1850 to load and link it. */
1851 __close (fd);
1852 return -1;
1853 }
1854 }
1855 if (here_any && (err = errno) != ENOENT && err != EACCES)
1856 /* The file exists and is readable, but something went wrong. */
1857 return -1;
1858
1859 /* Remember whether we found anything. */
1860 any |= here_any;
1861 }
1862 while (*++dirs != NULL);
1863
1864 /* Remove the whole path if none of the directories exists. */
1865 if (__glibc_unlikely (! any))
1866 {
1867 /* Paths which were allocated using the minimal malloc() in ld.so
1868 must not be freed using the general free() in libc. */
1869 if (sps->malloced)
1870 free (sps->dirs);
1871
1872 /* rtld_search_dirs and env_path_list are attribute_relro, therefore
1873 avoid writing into it. */
1874 if (sps != &rtld_search_dirs && sps != &env_path_list)
1875 sps->dirs = (void *) -1;
1876 }
1877
1878 return -1;
1879}
1880
1881/* Map in the shared object file NAME. */
1882
1883struct link_map *
1884internal_function
1885_dl_map_object (struct link_map *loader, const char *name,
1886 int type, int trace_mode, int mode, Lmid_t nsid)
1887{
1888 int fd;
1889 const char *origname = NULL;
1890 char *realname;
1891 char *name_copy;
1892 struct link_map *l;
1893 struct filebuf fb;
1894
1895 assert (nsid >= 0);
1896 assert (nsid < GL(dl_nns));
1897
1898 /* Look for this name among those already loaded. */
1899 for (l = GL(dl_ns)[nsid]._ns_loaded; l; l = l->l_next)
1900 {
1901 /* If the requested name matches the soname of a loaded object,
1902 use that object. Elide this check for names that have not
1903 yet been opened. */
1904 if (__glibc_unlikely ((l->l_faked | l->l_removed) != 0))
1905 continue;
1906 if (!_dl_name_match_p (name, l))
1907 {
1908 const char *soname;
1909
1910 if (__glibc_likely (l->l_soname_added)
1911 || l->l_info[DT_SONAME] == NULL)
1912 continue;
1913
1914 soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
1915 + l->l_info[DT_SONAME]->d_un.d_val);
1916 if (strcmp (name, soname) != 0)
1917 continue;
1918
1919 /* We have a match on a new name -- cache it. */
1920 add_name_to_object (l, soname);
1921 l->l_soname_added = 1;
1922 }
1923
1924 /* We have a match. */
1925 return l;
1926 }
1927
1928 /* Display information if we are debugging. */
1929 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)
1930 && loader != NULL)
1931 _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0
1932 ? "\nfile=%s [%lu]; needed by %s [%lu]\n"
1933 : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n",
1934 name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns);
1935
1936#ifdef SHARED
1937 /* Give the auditing libraries a chance to change the name before we
1938 try anything. */
1939 if (__glibc_unlikely (GLRO(dl_naudit) > 0)
1940 && (loader == NULL || loader->l_auditing == 0))
1941 {
1942 struct audit_ifaces *afct = GLRO(dl_audit);
1943 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1944 {
1945 if (afct->objsearch != NULL)
1946 {
1947 const char *before = name;
1948 name = afct->objsearch (name, &loader->l_audit[cnt].cookie,
1949 LA_SER_ORIG);
1950 if (name == NULL)
1951 {
1952 /* Do not try anything further. */
1953 fd = -1;
1954 goto no_file;
1955 }
1956 if (before != name && strcmp (before, name) != 0)
1957 {
1958 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES))
1959 _dl_debug_printf ("audit changed filename %s -> %s\n",
1960 before, name);
1961
1962 if (origname == NULL)
1963 origname = before;
1964 }
1965 }
1966
1967 afct = afct->next;
1968 }
1969 }
1970#endif
1971
1972 /* Will be true if we found a DSO which is of the other ELF class. */
1973 bool found_other_class = false;
1974
1975 if (strchr (name, '/') == NULL)
1976 {
1977 /* Search for NAME in several places. */
1978
1979 size_t namelen = strlen (name) + 1;
1980
1981 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
1982 _dl_debug_printf ("find library=%s [%lu]; searching\n", name, nsid);
1983
1984 fd = -1;
1985
1986 /* When the object has the RUNPATH information we don't use any
1987 RPATHs. */
1988 if (loader == NULL || loader->l_info[DT_RUNPATH] == NULL)
1989 {
1990 /* This is the executable's map (if there is one). Make sure that
1991 we do not look at it twice. */
1992 struct link_map *main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
1993 bool did_main_map = false;
1994
1995 /* First try the DT_RPATH of the dependent object that caused NAME
1996 to be loaded. Then that object's dependent, and on up. */
1997 for (l = loader; l; l = l->l_loader)
1998 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
1999 {
2000 fd = open_path (name, namelen, mode,
2001 &l->l_rpath_dirs,
2002 &realname, &fb, loader, LA_SER_RUNPATH,
2003 &found_other_class);
2004 if (fd != -1)
2005 break;
2006
2007 did_main_map |= l == main_map;
2008 }
2009
2010 /* If dynamically linked, try the DT_RPATH of the executable
2011 itself. NB: we do this for lookups in any namespace. */
2012 if (fd == -1 && !did_main_map
2013 && main_map != NULL && main_map->l_type != lt_loaded
2014 && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH,
2015 "RPATH"))
2016 fd = open_path (name, namelen, mode,
2017 &main_map->l_rpath_dirs,
2018 &realname, &fb, loader ?: main_map, LA_SER_RUNPATH,
2019 &found_other_class);
2020 }
2021
2022 /* Try the LD_LIBRARY_PATH environment variable. */
2023 if (fd == -1 && env_path_list.dirs != (void *) -1)
2024 fd = open_path (name, namelen, mode, &env_path_list,
2025 &realname, &fb,
2026 loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded,
2027 LA_SER_LIBPATH, &found_other_class);
2028
2029 /* Look at the RUNPATH information for this binary. */
2030 if (fd == -1 && loader != NULL
2031 && cache_rpath (loader, &loader->l_runpath_dirs,
2032 DT_RUNPATH, "RUNPATH"))
2033 fd = open_path (name, namelen, mode,
2034 &loader->l_runpath_dirs, &realname, &fb, loader,
2035 LA_SER_RUNPATH, &found_other_class);
2036
2037 if (fd == -1)
2038 {
2039 realname = _dl_sysdep_open_object (name, namelen, &fd);
2040 if (realname != NULL)
2041 {
2042 fd = open_verify (realname, fd,
2043 &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded,
2044 LA_SER_CONFIG, mode, &found_other_class,
2045 false);
2046 if (fd == -1)
2047 free (realname);
2048 }
2049 }
2050
2051#ifdef USE_LDCONFIG
2052 if (fd == -1
2053 && (__glibc_likely ((mode & __RTLD_SECURE) == 0)
2054 || ! __libc_enable_secure)
2055 && __glibc_likely (GLRO(dl_inhibit_cache) == 0))
2056 {
2057 /* Check the list of libraries in the file /etc/ld.so.cache,
2058 for compatibility with Linux's ldconfig program. */
2059 char *cached = _dl_load_cache_lookup (name);
2060
2061 if (cached != NULL)
2062 {
2063 // XXX Correct to unconditionally default to namespace 0?
2064 l = (loader
2065 ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded
2066# ifdef SHARED
2067 ?: &GL(dl_rtld_map)
2068# endif
2069 );
2070
2071 /* If the loader has the DF_1_NODEFLIB flag set we must not
2072 use a cache entry from any of these directories. */
2073 if (__glibc_unlikely (l->l_flags_1 & DF_1_NODEFLIB))
2074 {
2075 const char *dirp = system_dirs;
2076 unsigned int cnt = 0;
2077
2078 do
2079 {
2080 if (memcmp (cached, dirp, system_dirs_len[cnt]) == 0)
2081 {
2082 /* The prefix matches. Don't use the entry. */
2083 free (cached);
2084 cached = NULL;
2085 break;
2086 }
2087
2088 dirp += system_dirs_len[cnt] + 1;
2089 ++cnt;
2090 }
2091 while (cnt < nsystem_dirs_len);
2092 }
2093
2094 if (cached != NULL)
2095 {
2096 fd = open_verify (cached, -1,
2097 &fb, loader ?: GL(dl_ns)[nsid]._ns_loaded,
2098 LA_SER_CONFIG, mode, &found_other_class,
2099 false);
2100 if (__glibc_likely (fd != -1))
2101 realname = cached;
2102 else
2103 free (cached);
2104 }
2105 }
2106 }
2107#endif
2108
2109 /* Finally, try the default path. */
2110 if (fd == -1
2111 && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL
2112 || __glibc_likely (!(l->l_flags_1 & DF_1_NODEFLIB)))
2113 && rtld_search_dirs.dirs != (void *) -1)
2114 fd = open_path (name, namelen, mode, &rtld_search_dirs,
2115 &realname, &fb, l, LA_SER_DEFAULT, &found_other_class);
2116
2117 /* Add another newline when we are tracing the library loading. */
2118 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
2119 _dl_debug_printf ("\n");
2120 }
2121 else
2122 {
2123 /* The path may contain dynamic string tokens. */
2124 realname = (loader
2125 ? expand_dynamic_string_token (loader, name, 0)
2126 : __strdup (name));
2127 if (realname == NULL)
2128 fd = -1;
2129 else
2130 {
2131 fd = open_verify (realname, -1, &fb,
2132 loader ?: GL(dl_ns)[nsid]._ns_loaded, 0, mode,
2133 &found_other_class, true);
2134 if (__glibc_unlikely (fd == -1))
2135 free (realname);
2136 }
2137 }
2138
2139#ifdef SHARED
2140 no_file:
2141#endif
2142 /* In case the LOADER information has only been provided to get to
2143 the appropriate RUNPATH/RPATH information we do not need it
2144 anymore. */
2145 if (mode & __RTLD_CALLMAP)
2146 loader = NULL;
2147
2148 if (__glibc_unlikely (fd == -1))
2149 {
2150 if (trace_mode
2151 && __glibc_likely ((GLRO(dl_debug_mask) & DL_DEBUG_PRELINK) == 0))
2152 {
2153 /* We haven't found an appropriate library. But since we
2154 are only interested in the list of libraries this isn't
2155 so severe. Fake an entry with all the information we
2156 have. */
2157 static const Elf_Symndx dummy_bucket = STN_UNDEF;
2158
2159 /* Allocate a new object map. */
2160 if ((name_copy = __strdup (name)) == NULL
2161 || (l = _dl_new_object (name_copy, name, type, loader,
2162 mode, nsid)) == NULL)
2163 {
2164 free (name_copy);
2165 _dl_signal_error (ENOMEM, name, NULL,
2166 N_("cannot create shared object descriptor"));
2167 }
2168 /* Signal that this is a faked entry. */
2169 l->l_faked = 1;
2170 /* Since the descriptor is initialized with zero we do not
2171 have do this here.
2172 l->l_reserved = 0; */
2173 l->l_buckets = &dummy_bucket;
2174 l->l_nbuckets = 1;
2175 l->l_relocated = 1;
2176
2177 /* Enter the object in the object list. */
2178 _dl_add_to_namespace_list (l, nsid);
2179
2180 return l;
2181 }
2182 else if (found_other_class)
2183 _dl_signal_error (0, name, NULL,
2184 ELFW(CLASS) == ELFCLASS32
2185 ? N_("wrong ELF class: ELFCLASS64")
2186 : N_("wrong ELF class: ELFCLASS32"));
2187 else
2188 _dl_signal_error (errno, name, NULL,
2189 N_("cannot open shared object file"));
2190 }
2191
2192 void *stack_end = __libc_stack_end;
2193 return _dl_map_object_from_fd (name, origname, fd, &fb, realname, loader,
2194 type, mode, &stack_end, nsid);
2195}
2196
2197struct add_path_state
2198{
2199 bool counting;
2200 unsigned int idx;
2201 Dl_serinfo *si;
2202 char *allocptr;
2203};
2204
2205static void
2206add_path (struct add_path_state *p, const struct r_search_path_struct *sps,
2207 unsigned int flags)
2208{
2209 if (sps->dirs != (void *) -1)
2210 {
2211 struct r_search_path_elem **dirs = sps->dirs;
2212 do
2213 {
2214 const struct r_search_path_elem *const r = *dirs++;
2215 if (p->counting)
2216 {
2217 p->si->dls_cnt++;
2218 p->si->dls_size += MAX (2, r->dirnamelen);
2219 }
2220 else
2221 {
2222 Dl_serpath *const sp = &p->si->dls_serpath[p->idx++];
2223 sp->dls_name = p->allocptr;
2224 if (r->dirnamelen < 2)
2225 *p->allocptr++ = r->dirnamelen ? '/' : '.';
2226 else
2227 p->allocptr = __mempcpy (p->allocptr,
2228 r->dirname, r->dirnamelen - 1);
2229 *p->allocptr++ = '\0';
2230 sp->dls_flags = flags;
2231 }
2232 }
2233 while (*dirs != NULL);
2234 }
2235}
2236
2237void
2238internal_function
2239_dl_rtld_di_serinfo (struct link_map *loader, Dl_serinfo *si, bool counting)
2240{
2241 if (counting)
2242 {
2243 si->dls_cnt = 0;
2244 si->dls_size = 0;
2245 }
2246
2247 struct add_path_state p =
2248 {
2249 .counting = counting,
2250 .idx = 0,
2251 .si = si,
2252 .allocptr = (char *) &si->dls_serpath[si->dls_cnt]
2253 };
2254
2255# define add_path(p, sps, flags) add_path(p, sps, 0) /* XXX */
2256
2257 /* When the object has the RUNPATH information we don't use any RPATHs. */
2258 if (loader->l_info[DT_RUNPATH] == NULL)
2259 {
2260 /* First try the DT_RPATH of the dependent object that caused NAME
2261 to be loaded. Then that object's dependent, and on up. */
2262
2263 struct link_map *l = loader;
2264 do
2265 {
2266 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2267 add_path (&p, &l->l_rpath_dirs, XXX_RPATH);
2268 l = l->l_loader;
2269 }
2270 while (l != NULL);
2271
2272 /* If dynamically linked, try the DT_RPATH of the executable itself. */
2273 if (loader->l_ns == LM_ID_BASE)
2274 {
2275 l = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2276 if (l != NULL && l->l_type != lt_loaded && l != loader)
2277 if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH"))
2278 add_path (&p, &l->l_rpath_dirs, XXX_RPATH);
2279 }
2280 }
2281
2282 /* Try the LD_LIBRARY_PATH environment variable. */
2283 add_path (&p, &env_path_list, XXX_ENV);
2284
2285 /* Look at the RUNPATH information for this binary. */
2286 if (cache_rpath (loader, &loader->l_runpath_dirs, DT_RUNPATH, "RUNPATH"))
2287 add_path (&p, &loader->l_runpath_dirs, XXX_RUNPATH);
2288
2289 /* XXX
2290 Here is where ld.so.cache gets checked, but we don't have
2291 a way to indicate that in the results for Dl_serinfo. */
2292
2293 /* Finally, try the default path. */
2294 if (!(loader->l_flags_1 & DF_1_NODEFLIB))
2295 add_path (&p, &rtld_search_dirs, XXX_default);
2296
2297 if (counting)
2298 /* Count the struct size before the string area, which we didn't
2299 know before we completed dls_cnt. */
2300 si->dls_size += (char *) &si->dls_serpath[si->dls_cnt] - (char *) si;
2301}
2302