1/* Run time dynamic linker.
2 Copyright (C) 1995-2020 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
18
19#include <errno.h>
20#include <dlfcn.h>
21#include <fcntl.h>
22#include <stdbool.h>
23#include <stdlib.h>
24#include <string.h>
25#include <unistd.h>
26#include <sys/mman.h>
27#include <sys/param.h>
28#include <sys/stat.h>
29#include <ldsodefs.h>
30#include <_itoa.h>
31#include <entry.h>
32#include <fpu_control.h>
33#include <hp-timing.h>
34#include <libc-lock.h>
35#include "dynamic-link.h"
36#include <dl-librecon.h>
37#include <unsecvars.h>
38#include <dl-cache.h>
39#include <dl-osinfo.h>
40#include <dl-procinfo.h>
41#include <dl-prop.h>
42#include <dl-vdso.h>
43#include <dl-vdso-setup.h>
44#include <tls.h>
45#include <stap-probe.h>
46#include <stackinfo.h>
47#include <not-cancel.h>
48
49#include <assert.h>
50
51/* Only enables rtld profiling for architectures which provides non generic
52 hp-timing support. The generic support requires either syscall
53 (clock_gettime), which will incur in extra overhead on loading time.
54 Using vDSO is also an option, but it will require extra support on loader
55 to setup the vDSO pointer before its usage. */
56#if HP_TIMING_INLINE
57# define RLTD_TIMING_DECLARE(var, classifier,...) \
58 classifier hp_timing_t var __VA_ARGS__
59# define RTLD_TIMING_VAR(var) RLTD_TIMING_DECLARE (var, )
60# define RTLD_TIMING_SET(var, value) (var) = (value)
61# define RTLD_TIMING_REF(var) &(var)
62
63static inline void
64rtld_timer_start (hp_timing_t *var)
65{
66 HP_TIMING_NOW (*var);
67}
68
69static inline void
70rtld_timer_stop (hp_timing_t *var, hp_timing_t start)
71{
72 hp_timing_t stop;
73 HP_TIMING_NOW (stop);
74 HP_TIMING_DIFF (*var, start, stop);
75}
76
77static inline void
78rtld_timer_accum (hp_timing_t *sum, hp_timing_t start)
79{
80 hp_timing_t stop;
81 rtld_timer_stop (&stop, start);
82 HP_TIMING_ACCUM_NT(*sum, stop);
83}
84#else
85# define RLTD_TIMING_DECLARE(var, classifier...)
86# define RTLD_TIMING_SET(var, value)
87# define RTLD_TIMING_VAR(var)
88# define RTLD_TIMING_REF(var) 0
89# define rtld_timer_start(var)
90# define rtld_timer_stop(var, start)
91# define rtld_timer_accum(sum, start)
92#endif
93
94/* Avoid PLT use for our local calls at startup. */
95extern __typeof (__mempcpy) __mempcpy attribute_hidden;
96
97/* GCC has mental blocks about _exit. */
98extern __typeof (_exit) exit_internal asm ("_exit") attribute_hidden;
99#define _exit exit_internal
100
101/* Helper function to handle errors while resolving symbols. */
102static void print_unresolved (int errcode, const char *objname,
103 const char *errsting);
104
105/* Helper function to handle errors when a version is missing. */
106static void print_missing_version (int errcode, const char *objname,
107 const char *errsting);
108
109/* Print the various times we collected. */
110static void print_statistics (const hp_timing_t *total_timep);
111
112/* Add audit objects. */
113static void process_dl_audit (char *str);
114
115/* This is a list of all the modes the dynamic loader can be in. */
116enum mode { normal, list, verify, trace };
117
118/* Process all environments variables the dynamic linker must recognize.
119 Since all of them start with `LD_' we are a bit smarter while finding
120 all the entries. */
121static void process_envvars (enum mode *modep);
122
123#ifdef DL_ARGV_NOT_RELRO
124int _dl_argc attribute_hidden;
125char **_dl_argv = NULL;
126/* Nonzero if we were run directly. */
127unsigned int _dl_skip_args attribute_hidden;
128#else
129int _dl_argc attribute_relro attribute_hidden;
130char **_dl_argv attribute_relro = NULL;
131unsigned int _dl_skip_args attribute_relro attribute_hidden;
132#endif
133rtld_hidden_data_def (_dl_argv)
134
135#ifndef THREAD_SET_STACK_GUARD
136/* Only exported for architectures that don't store the stack guard canary
137 in thread local area. */
138uintptr_t __stack_chk_guard attribute_relro;
139#endif
140
141/* Only exported for architectures that don't store the pointer guard
142 value in thread local area. */
143uintptr_t __pointer_chk_guard_local
144 attribute_relro attribute_hidden __attribute__ ((nocommon));
145#ifndef THREAD_SET_POINTER_GUARD
146strong_alias (__pointer_chk_guard_local, __pointer_chk_guard)
147#endif
148
149/* Length limits for names and paths, to protect the dynamic linker,
150 particularly when __libc_enable_secure is active. */
151#ifdef NAME_MAX
152# define SECURE_NAME_LIMIT NAME_MAX
153#else
154# define SECURE_NAME_LIMIT 255
155#endif
156#ifdef PATH_MAX
157# define SECURE_PATH_LIMIT PATH_MAX
158#else
159# define SECURE_PATH_LIMIT 1024
160#endif
161
162/* Check that AT_SECURE=0, or that the passed name does not contain
163 directories and is not overly long. Reject empty names
164 unconditionally. */
165static bool
166dso_name_valid_for_suid (const char *p)
167{
168 if (__glibc_unlikely (__libc_enable_secure))
169 {
170 /* Ignore pathnames with directories for AT_SECURE=1
171 programs, and also skip overlong names. */
172 size_t len = strlen (p);
173 if (len >= SECURE_NAME_LIMIT || memchr (p, '/', len) != NULL)
174 return false;
175 }
176 return *p != '\0';
177}
178
179/* LD_AUDIT variable contents. Must be processed before the
180 audit_list below. */
181const char *audit_list_string;
182
183/* Cyclic list of auditing DSOs. audit_list->next is the first
184 element. */
185static struct audit_list
186{
187 const char *name;
188 struct audit_list *next;
189} *audit_list;
190
191/* Iterator for audit_list_string followed by audit_list. */
192struct audit_list_iter
193{
194 /* Tail of audit_list_string still needing processing, or NULL. */
195 const char *audit_list_tail;
196
197 /* The list element returned in the previous iteration. NULL before
198 the first element. */
199 struct audit_list *previous;
200
201 /* Scratch buffer for returning a name which is part of
202 audit_list_string. */
203 char fname[SECURE_NAME_LIMIT];
204};
205
206/* Initialize an audit list iterator. */
207static void
208audit_list_iter_init (struct audit_list_iter *iter)
209{
210 iter->audit_list_tail = audit_list_string;
211 iter->previous = NULL;
212}
213
214/* Iterate through both audit_list_string and audit_list. */
215static const char *
216audit_list_iter_next (struct audit_list_iter *iter)
217{
218 if (iter->audit_list_tail != NULL)
219 {
220 /* First iterate over audit_list_string. */
221 while (*iter->audit_list_tail != '\0')
222 {
223 /* Split audit list at colon. */
224 size_t len = strcspn (iter->audit_list_tail, ":");
225 if (len > 0 && len < sizeof (iter->fname))
226 {
227 memcpy (iter->fname, iter->audit_list_tail, len);
228 iter->fname[len] = '\0';
229 }
230 else
231 /* Do not return this name to the caller. */
232 iter->fname[0] = '\0';
233
234 /* Skip over the substring and the following delimiter. */
235 iter->audit_list_tail += len;
236 if (*iter->audit_list_tail == ':')
237 ++iter->audit_list_tail;
238
239 /* If the name is valid, return it. */
240 if (dso_name_valid_for_suid (iter->fname))
241 return iter->fname;
242 /* Otherwise, wrap around and try the next name. */
243 }
244 /* Fall through to the procesing of audit_list. */
245 }
246
247 if (iter->previous == NULL)
248 {
249 if (audit_list == NULL)
250 /* No pre-parsed audit list. */
251 return NULL;
252 /* Start of audit list. The first list element is at
253 audit_list->next (cyclic list). */
254 iter->previous = audit_list->next;
255 return iter->previous->name;
256 }
257 if (iter->previous == audit_list)
258 /* Cyclic list wrap-around. */
259 return NULL;
260 iter->previous = iter->previous->next;
261 return iter->previous->name;
262}
263
264#ifndef HAVE_INLINED_SYSCALLS
265/* Set nonzero during loading and initialization of executable and
266 libraries, cleared before the executable's entry point runs. This
267 must not be initialized to nonzero, because the unused dynamic
268 linker loaded in for libc.so's "ld.so.1" dep will provide the
269 definition seen by libc.so's initializer; that value must be zero,
270 and will be since that dynamic linker's _dl_start and dl_main will
271 never be called. */
272int _dl_starting_up = 0;
273rtld_hidden_def (_dl_starting_up)
274#endif
275
276/* This is the structure which defines all variables global to ld.so
277 (except those which cannot be added for some reason). */
278struct rtld_global _rtld_global =
279 {
280 /* Generally the default presumption without further information is an
281 * executable stack but this is not true for all platforms. */
282 ._dl_stack_flags = DEFAULT_STACK_PERMS,
283#ifdef _LIBC_REENTRANT
284 ._dl_load_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER,
285 ._dl_load_write_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER,
286#endif
287 ._dl_nns = 1,
288 ._dl_ns =
289 {
290#ifdef _LIBC_REENTRANT
291 [LM_ID_BASE] = { ._ns_unique_sym_table
292 = { .lock = _RTLD_LOCK_RECURSIVE_INITIALIZER } }
293#endif
294 }
295 };
296/* If we would use strong_alias here the compiler would see a
297 non-hidden definition. This would undo the effect of the previous
298 declaration. So spell out was strong_alias does plus add the
299 visibility attribute. */
300extern struct rtld_global _rtld_local
301 __attribute__ ((alias ("_rtld_global"), visibility ("hidden")));
302
303
304/* This variable is similar to _rtld_local, but all values are
305 read-only after relocation. */
306struct rtld_global_ro _rtld_global_ro attribute_relro =
307 {
308 /* Get architecture specific initializer. */
309#include <dl-procinfo.c>
310#ifdef NEED_DL_SYSINFO
311 ._dl_sysinfo = DL_SYSINFO_DEFAULT,
312#endif
313 ._dl_debug_fd = STDERR_FILENO,
314 ._dl_use_load_bias = -2,
315 ._dl_correct_cache_id = _DL_CACHE_DEFAULT_ID,
316#if !HAVE_TUNABLES
317 ._dl_hwcap_mask = HWCAP_IMPORTANT,
318#endif
319 ._dl_lazy = 1,
320 ._dl_fpu_control = _FPU_DEFAULT,
321 ._dl_pagesize = EXEC_PAGESIZE,
322 ._dl_inhibit_cache = 0,
323
324 /* Function pointers. */
325 ._dl_debug_printf = _dl_debug_printf,
326 ._dl_mcount = _dl_mcount,
327 ._dl_lookup_symbol_x = _dl_lookup_symbol_x,
328 ._dl_open = _dl_open,
329 ._dl_close = _dl_close,
330 ._dl_tls_get_addr_soft = _dl_tls_get_addr_soft,
331#ifdef HAVE_DL_DISCOVER_OSVERSION
332 ._dl_discover_osversion = _dl_discover_osversion
333#endif
334 };
335/* If we would use strong_alias here the compiler would see a
336 non-hidden definition. This would undo the effect of the previous
337 declaration. So spell out was strong_alias does plus add the
338 visibility attribute. */
339extern struct rtld_global_ro _rtld_local_ro
340 __attribute__ ((alias ("_rtld_global_ro"), visibility ("hidden")));
341
342
343static void dl_main (const ElfW(Phdr) *phdr, ElfW(Word) phnum,
344 ElfW(Addr) *user_entry, ElfW(auxv_t) *auxv);
345
346/* These two variables cannot be moved into .data.rel.ro. */
347static struct libname_list _dl_rtld_libname;
348static struct libname_list _dl_rtld_libname2;
349
350/* Variable for statistics. */
351RLTD_TIMING_DECLARE (relocate_time, static);
352RLTD_TIMING_DECLARE (load_time, static, attribute_relro);
353RLTD_TIMING_DECLARE (start_time, static, attribute_relro);
354
355/* Additional definitions needed by TLS initialization. */
356#ifdef TLS_INIT_HELPER
357TLS_INIT_HELPER
358#endif
359
360/* Helper function for syscall implementation. */
361#ifdef DL_SYSINFO_IMPLEMENTATION
362DL_SYSINFO_IMPLEMENTATION
363#endif
364
365/* Before ld.so is relocated we must not access variables which need
366 relocations. This means variables which are exported. Variables
367 declared as static are fine. If we can mark a variable hidden this
368 is fine, too. The latter is important here. We can avoid setting
369 up a temporary link map for ld.so if we can mark _rtld_global as
370 hidden. */
371#ifdef PI_STATIC_AND_HIDDEN
372# define DONT_USE_BOOTSTRAP_MAP 1
373#endif
374
375#ifdef DONT_USE_BOOTSTRAP_MAP
376static ElfW(Addr) _dl_start_final (void *arg);
377#else
378struct dl_start_final_info
379{
380 struct link_map l;
381 RTLD_TIMING_VAR (start_time);
382};
383static ElfW(Addr) _dl_start_final (void *arg,
384 struct dl_start_final_info *info);
385#endif
386
387/* These defined magically in the linker script. */
388extern char _begin[] attribute_hidden;
389extern char _etext[] attribute_hidden;
390extern char _end[] attribute_hidden;
391
392
393#ifdef RTLD_START
394RTLD_START
395#else
396# error "sysdeps/MACHINE/dl-machine.h fails to define RTLD_START"
397#endif
398
399/* This is the second half of _dl_start (below). It can be inlined safely
400 under DONT_USE_BOOTSTRAP_MAP, where it is careful not to make any GOT
401 references. When the tools don't permit us to avoid using a GOT entry
402 for _dl_rtld_global (no attribute_hidden support), we must make sure
403 this function is not inlined (see below). */
404
405#ifdef DONT_USE_BOOTSTRAP_MAP
406static inline ElfW(Addr) __attribute__ ((always_inline))
407_dl_start_final (void *arg)
408#else
409static ElfW(Addr) __attribute__ ((noinline))
410_dl_start_final (void *arg, struct dl_start_final_info *info)
411#endif
412{
413 ElfW(Addr) start_addr;
414
415 /* If it hasn't happen yet record the startup time. */
416 rtld_timer_start (&start_time);
417#if !defined DONT_USE_BOOTSTRAP_MAP
418 RTLD_TIMING_SET (start_time, info->start_time);
419#endif
420
421 /* Transfer data about ourselves to the permanent link_map structure. */
422#ifndef DONT_USE_BOOTSTRAP_MAP
423 GL(dl_rtld_map).l_addr = info->l.l_addr;
424 GL(dl_rtld_map).l_ld = info->l.l_ld;
425 memcpy (GL(dl_rtld_map).l_info, info->l.l_info,
426 sizeof GL(dl_rtld_map).l_info);
427 GL(dl_rtld_map).l_mach = info->l.l_mach;
428 GL(dl_rtld_map).l_relocated = 1;
429#endif
430 _dl_setup_hash (&GL(dl_rtld_map));
431 GL(dl_rtld_map).l_real = &GL(dl_rtld_map);
432 GL(dl_rtld_map).l_map_start = (ElfW(Addr)) _begin;
433 GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end;
434 GL(dl_rtld_map).l_text_end = (ElfW(Addr)) _etext;
435 /* Copy the TLS related data if necessary. */
436#ifndef DONT_USE_BOOTSTRAP_MAP
437# if NO_TLS_OFFSET != 0
438 GL(dl_rtld_map).l_tls_offset = NO_TLS_OFFSET;
439# endif
440#endif
441
442 /* Initialize the stack end variable. */
443 __libc_stack_end = __builtin_frame_address (0);
444
445 /* Call the OS-dependent function to set up life so we can do things like
446 file access. It will call `dl_main' (below) to do all the real work
447 of the dynamic linker, and then unwind our frame and run the user
448 entry point on the same stack we entered on. */
449 start_addr = _dl_sysdep_start (arg, &dl_main);
450
451 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS))
452 {
453 RTLD_TIMING_VAR (rtld_total_time);
454 rtld_timer_stop (&rtld_total_time, start_time);
455 print_statistics (RTLD_TIMING_REF(rtld_total_time));
456 }
457
458 return start_addr;
459}
460
461static ElfW(Addr) __attribute_used__
462_dl_start (void *arg)
463{
464#ifdef DONT_USE_BOOTSTRAP_MAP
465# define bootstrap_map GL(dl_rtld_map)
466#else
467 struct dl_start_final_info info;
468# define bootstrap_map info.l
469#endif
470
471 /* This #define produces dynamic linking inline functions for
472 bootstrap relocation instead of general-purpose relocation.
473 Since ld.so must not have any undefined symbols the result
474 is trivial: always the map of ld.so itself. */
475#define RTLD_BOOTSTRAP
476#define BOOTSTRAP_MAP (&bootstrap_map)
477#define RESOLVE_MAP(sym, version, flags) BOOTSTRAP_MAP
478#include "dynamic-link.h"
479
480#ifdef DONT_USE_BOOTSTRAP_MAP
481 rtld_timer_start (&start_time);
482#else
483 rtld_timer_start (&info.start_time);
484#endif
485
486 /* Partly clean the `bootstrap_map' structure up. Don't use
487 `memset' since it might not be built in or inlined and we cannot
488 make function calls at this point. Use '__builtin_memset' if we
489 know it is available. We do not have to clear the memory if we
490 do not have to use the temporary bootstrap_map. Global variables
491 are initialized to zero by default. */
492#ifndef DONT_USE_BOOTSTRAP_MAP
493# ifdef HAVE_BUILTIN_MEMSET
494 __builtin_memset (bootstrap_map.l_info, '\0', sizeof (bootstrap_map.l_info));
495# else
496 for (size_t cnt = 0;
497 cnt < sizeof (bootstrap_map.l_info) / sizeof (bootstrap_map.l_info[0]);
498 ++cnt)
499 bootstrap_map.l_info[cnt] = 0;
500# endif
501#endif
502
503 /* Figure out the run-time load address of the dynamic linker itself. */
504 bootstrap_map.l_addr = elf_machine_load_address ();
505
506 /* Read our own dynamic section and fill in the info array. */
507 bootstrap_map.l_ld = (void *) bootstrap_map.l_addr + elf_machine_dynamic ();
508 elf_get_dynamic_info (&bootstrap_map, NULL);
509
510#if NO_TLS_OFFSET != 0
511 bootstrap_map.l_tls_offset = NO_TLS_OFFSET;
512#endif
513
514#ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
515 ELF_MACHINE_BEFORE_RTLD_RELOC (bootstrap_map.l_info);
516#endif
517
518 if (bootstrap_map.l_addr || ! bootstrap_map.l_info[VALIDX(DT_GNU_PRELINKED)])
519 {
520 /* Relocate ourselves so we can do normal function calls and
521 data access using the global offset table. */
522
523 ELF_DYNAMIC_RELOCATE (&bootstrap_map, 0, 0, 0);
524 }
525 bootstrap_map.l_relocated = 1;
526
527 /* Please note that we don't allow profiling of this object and
528 therefore need not test whether we have to allocate the array
529 for the relocation results (as done in dl-reloc.c). */
530
531 /* Now life is sane; we can call functions and access global data.
532 Set up to use the operating system facilities, and find out from
533 the operating system's program loader where to find the program
534 header table in core. Put the rest of _dl_start into a separate
535 function, that way the compiler cannot put accesses to the GOT
536 before ELF_DYNAMIC_RELOCATE. */
537 {
538#ifdef DONT_USE_BOOTSTRAP_MAP
539 ElfW(Addr) entry = _dl_start_final (arg);
540#else
541 ElfW(Addr) entry = _dl_start_final (arg, &info);
542#endif
543
544#ifndef ELF_MACHINE_START_ADDRESS
545# define ELF_MACHINE_START_ADDRESS(map, start) (start)
546#endif
547
548 return ELF_MACHINE_START_ADDRESS (GL(dl_ns)[LM_ID_BASE]._ns_loaded, entry);
549 }
550}
551
552
553
554/* Now life is peachy; we can do all normal operations.
555 On to the real work. */
556
557/* Some helper functions. */
558
559/* Arguments to relocate_doit. */
560struct relocate_args
561{
562 struct link_map *l;
563 int reloc_mode;
564};
565
566struct map_args
567{
568 /* Argument to map_doit. */
569 const char *str;
570 struct link_map *loader;
571 int mode;
572 /* Return value of map_doit. */
573 struct link_map *map;
574};
575
576struct dlmopen_args
577{
578 const char *fname;
579 struct link_map *map;
580};
581
582struct lookup_args
583{
584 const char *name;
585 struct link_map *map;
586 void *result;
587};
588
589/* Arguments to version_check_doit. */
590struct version_check_args
591{
592 int doexit;
593 int dotrace;
594};
595
596static void
597relocate_doit (void *a)
598{
599 struct relocate_args *args = (struct relocate_args *) a;
600
601 _dl_relocate_object (args->l, args->l->l_scope, args->reloc_mode, 0);
602}
603
604static void
605map_doit (void *a)
606{
607 struct map_args *args = (struct map_args *) a;
608 int type = (args->mode == __RTLD_OPENEXEC) ? lt_executable : lt_library;
609 args->map = _dl_map_object (args->loader, args->str, type, 0,
610 args->mode, LM_ID_BASE);
611}
612
613static void
614dlmopen_doit (void *a)
615{
616 struct dlmopen_args *args = (struct dlmopen_args *) a;
617 args->map = _dl_open (args->fname,
618 (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT
619 | __RTLD_SECURE),
620 dl_main, LM_ID_NEWLM, _dl_argc, _dl_argv,
621 __environ);
622}
623
624static void
625lookup_doit (void *a)
626{
627 struct lookup_args *args = (struct lookup_args *) a;
628 const ElfW(Sym) *ref = NULL;
629 args->result = NULL;
630 lookup_t l = _dl_lookup_symbol_x (args->name, args->map, &ref,
631 args->map->l_local_scope, NULL, 0,
632 DL_LOOKUP_RETURN_NEWEST, NULL);
633 if (ref != NULL)
634 args->result = DL_SYMBOL_ADDRESS (l, ref);
635}
636
637static void
638version_check_doit (void *a)
639{
640 struct version_check_args *args = (struct version_check_args *) a;
641 if (_dl_check_all_versions (GL(dl_ns)[LM_ID_BASE]._ns_loaded, 1,
642 args->dotrace) && args->doexit)
643 /* We cannot start the application. Abort now. */
644 _exit (1);
645}
646
647
648static inline struct link_map *
649find_needed (const char *name)
650{
651 struct r_scope_elem *scope = &GL(dl_ns)[LM_ID_BASE]._ns_loaded->l_searchlist;
652 unsigned int n = scope->r_nlist;
653
654 while (n-- > 0)
655 if (_dl_name_match_p (name, scope->r_list[n]))
656 return scope->r_list[n];
657
658 /* Should never happen. */
659 return NULL;
660}
661
662static int
663match_version (const char *string, struct link_map *map)
664{
665 const char *strtab = (const void *) D_PTR (map, l_info[DT_STRTAB]);
666 ElfW(Verdef) *def;
667
668#define VERDEFTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERDEF))
669 if (map->l_info[VERDEFTAG] == NULL)
670 /* The file has no symbol versioning. */
671 return 0;
672
673 def = (ElfW(Verdef) *) ((char *) map->l_addr
674 + map->l_info[VERDEFTAG]->d_un.d_ptr);
675 while (1)
676 {
677 ElfW(Verdaux) *aux = (ElfW(Verdaux) *) ((char *) def + def->vd_aux);
678
679 /* Compare the version strings. */
680 if (strcmp (string, strtab + aux->vda_name) == 0)
681 /* Bingo! */
682 return 1;
683
684 /* If no more definitions we failed to find what we want. */
685 if (def->vd_next == 0)
686 break;
687
688 /* Next definition. */
689 def = (ElfW(Verdef) *) ((char *) def + def->vd_next);
690 }
691
692 return 0;
693}
694
695static bool tls_init_tp_called;
696
697static void *
698init_tls (void)
699{
700 /* Number of elements in the static TLS block. */
701 GL(dl_tls_static_nelem) = GL(dl_tls_max_dtv_idx);
702
703 /* Do not do this twice. The audit interface might have required
704 the DTV interfaces to be set up early. */
705 if (GL(dl_initial_dtv) != NULL)
706 return NULL;
707
708 /* Allocate the array which contains the information about the
709 dtv slots. We allocate a few entries more than needed to
710 avoid the need for reallocation. */
711 size_t nelem = GL(dl_tls_max_dtv_idx) + 1 + TLS_SLOTINFO_SURPLUS;
712
713 /* Allocate. */
714 GL(dl_tls_dtv_slotinfo_list) = (struct dtv_slotinfo_list *)
715 calloc (sizeof (struct dtv_slotinfo_list)
716 + nelem * sizeof (struct dtv_slotinfo), 1);
717 /* No need to check the return value. If memory allocation failed
718 the program would have been terminated. */
719
720 struct dtv_slotinfo *slotinfo = GL(dl_tls_dtv_slotinfo_list)->slotinfo;
721 GL(dl_tls_dtv_slotinfo_list)->len = nelem;
722 GL(dl_tls_dtv_slotinfo_list)->next = NULL;
723
724 /* Fill in the information from the loaded modules. No namespace
725 but the base one can be filled at this time. */
726 assert (GL(dl_ns)[LM_ID_BASE + 1]._ns_loaded == NULL);
727 int i = 0;
728 for (struct link_map *l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; l != NULL;
729 l = l->l_next)
730 if (l->l_tls_blocksize != 0)
731 {
732 /* This is a module with TLS data. Store the map reference.
733 The generation counter is zero. */
734 slotinfo[i].map = l;
735 /* slotinfo[i].gen = 0; */
736 ++i;
737 }
738 assert (i == GL(dl_tls_max_dtv_idx));
739
740 /* Compute the TLS offsets for the various blocks. */
741 _dl_determine_tlsoffset ();
742
743 /* Construct the static TLS block and the dtv for the initial
744 thread. For some platforms this will include allocating memory
745 for the thread descriptor. The memory for the TLS block will
746 never be freed. It should be allocated accordingly. The dtv
747 array can be changed if dynamic loading requires it. */
748 void *tcbp = _dl_allocate_tls_storage ();
749 if (tcbp == NULL)
750 _dl_fatal_printf ("\
751cannot allocate TLS data structures for initial thread\n");
752
753 /* Store for detection of the special case by __tls_get_addr
754 so it knows not to pass this dtv to the normal realloc. */
755 GL(dl_initial_dtv) = GET_DTV (tcbp);
756
757 /* And finally install it for the main thread. */
758 const char *lossage = TLS_INIT_TP (tcbp);
759 if (__glibc_unlikely (lossage != NULL))
760 _dl_fatal_printf ("cannot set up thread-local storage: %s\n", lossage);
761 tls_init_tp_called = true;
762
763 return tcbp;
764}
765
766static unsigned int
767do_preload (const char *fname, struct link_map *main_map, const char *where)
768{
769 const char *objname;
770 const char *err_str = NULL;
771 struct map_args args;
772 bool malloced;
773
774 args.str = fname;
775 args.loader = main_map;
776 args.mode = __RTLD_SECURE;
777
778 unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
779
780 (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit, &args);
781 if (__glibc_unlikely (err_str != NULL))
782 {
783 _dl_error_printf ("\
784ERROR: ld.so: object '%s' from %s cannot be preloaded (%s): ignored.\n",
785 fname, where, err_str);
786 /* No need to call free, this is still before
787 the libc's malloc is used. */
788 }
789 else if (GL(dl_ns)[LM_ID_BASE]._ns_nloaded != old_nloaded)
790 /* It is no duplicate. */
791 return 1;
792
793 /* Nothing loaded. */
794 return 0;
795}
796
797#if defined SHARED && defined _LIBC_REENTRANT \
798 && defined __rtld_lock_default_lock_recursive
799static void
800rtld_lock_default_lock_recursive (void *lock)
801{
802 __rtld_lock_default_lock_recursive (lock);
803}
804
805static void
806rtld_lock_default_unlock_recursive (void *lock)
807{
808 __rtld_lock_default_unlock_recursive (lock);
809}
810#endif
811
812
813static void
814security_init (void)
815{
816 /* Set up the stack checker's canary. */
817 uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
818#ifdef THREAD_SET_STACK_GUARD
819 THREAD_SET_STACK_GUARD (stack_chk_guard);
820#else
821 __stack_chk_guard = stack_chk_guard;
822#endif
823
824 /* Set up the pointer guard as well, if necessary. */
825 uintptr_t pointer_chk_guard
826 = _dl_setup_pointer_guard (_dl_random, stack_chk_guard);
827#ifdef THREAD_SET_POINTER_GUARD
828 THREAD_SET_POINTER_GUARD (pointer_chk_guard);
829#endif
830 __pointer_chk_guard_local = pointer_chk_guard;
831
832 /* We do not need the _dl_random value anymore. The less
833 information we leave behind, the better, so clear the
834 variable. */
835 _dl_random = NULL;
836}
837
838#include <setup-vdso.h>
839
840/* The library search path. */
841static const char *library_path attribute_relro;
842/* The list preloaded objects. */
843static const char *preloadlist attribute_relro;
844/* Nonzero if information about versions has to be printed. */
845static int version_info attribute_relro;
846/* The preload list passed as a command argument. */
847static const char *preloadarg attribute_relro;
848
849/* The LD_PRELOAD environment variable gives list of libraries
850 separated by white space or colons that are loaded before the
851 executable's dependencies and prepended to the global scope list.
852 (If the binary is running setuid all elements containing a '/' are
853 ignored since it is insecure.) Return the number of preloads
854 performed. Ditto for --preload command argument. */
855unsigned int
856handle_preload_list (const char *preloadlist, struct link_map *main_map,
857 const char *where)
858{
859 unsigned int npreloads = 0;
860 const char *p = preloadlist;
861 char fname[SECURE_PATH_LIMIT];
862
863 while (*p != '\0')
864 {
865 /* Split preload list at space/colon. */
866 size_t len = strcspn (p, " :");
867 if (len > 0 && len < sizeof (fname))
868 {
869 memcpy (fname, p, len);
870 fname[len] = '\0';
871 }
872 else
873 fname[0] = '\0';
874
875 /* Skip over the substring and the following delimiter. */
876 p += len;
877 if (*p != '\0')
878 ++p;
879
880 if (dso_name_valid_for_suid (fname))
881 npreloads += do_preload (fname, main_map, where);
882 }
883 return npreloads;
884}
885
886/* Called if the audit DSO cannot be used: if it does not have the
887 appropriate interfaces, or it expects a more recent version library
888 version than what the dynamic linker provides. */
889static void
890unload_audit_module (struct link_map *map, int original_tls_idx)
891{
892#ifndef NDEBUG
893 Lmid_t ns = map->l_ns;
894#endif
895 _dl_close (map);
896
897 /* Make sure the namespace has been cleared entirely. */
898 assert (GL(dl_ns)[ns]._ns_loaded == NULL);
899 assert (GL(dl_ns)[ns]._ns_nloaded == 0);
900
901 GL(dl_tls_max_dtv_idx) = original_tls_idx;
902}
903
904/* Called to print an error message if loading of an audit module
905 failed. */
906static void
907report_audit_module_load_error (const char *name, const char *err_str,
908 bool malloced)
909{
910 _dl_error_printf ("\
911ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
912 name, err_str);
913 if (malloced)
914 free ((char *) err_str);
915}
916
917/* Load one audit module. */
918static void
919load_audit_module (const char *name, struct audit_ifaces **last_audit)
920{
921 int original_tls_idx = GL(dl_tls_max_dtv_idx);
922
923 struct dlmopen_args dlmargs;
924 dlmargs.fname = name;
925 dlmargs.map = NULL;
926
927 const char *objname;
928 const char *err_str = NULL;
929 bool malloced;
930 _dl_catch_error (&objname, &err_str, &malloced, dlmopen_doit, &dlmargs);
931 if (__glibc_unlikely (err_str != NULL))
932 {
933 report_audit_module_load_error (name, err_str, malloced);
934 return;
935 }
936
937 struct lookup_args largs;
938 largs.name = "la_version";
939 largs.map = dlmargs.map;
940 _dl_catch_error (&objname, &err_str, &malloced, lookup_doit, &largs);
941 if (__glibc_likely (err_str != NULL))
942 {
943 unload_audit_module (dlmargs.map, original_tls_idx);
944 report_audit_module_load_error (name, err_str, malloced);
945 return;
946 }
947
948 unsigned int (*laversion) (unsigned int) = largs.result;
949
950 /* A null symbol indicates that something is very wrong with the
951 loaded object because defined symbols are supposed to have a
952 valid, non-null address. */
953 assert (laversion != NULL);
954
955 unsigned int lav = laversion (LAV_CURRENT);
956 if (lav == 0)
957 {
958 /* Only print an error message if debugging because this can
959 happen deliberately. */
960 if (GLRO(dl_debug_mask) & DL_DEBUG_FILES)
961 _dl_debug_printf ("\
962file=%s [%lu]; audit interface function la_version returned zero; ignored.\n",
963 dlmargs.map->l_name, dlmargs.map->l_ns);
964 unload_audit_module (dlmargs.map, original_tls_idx);
965 return;
966 }
967
968 if (lav > LAV_CURRENT)
969 {
970 _dl_debug_printf ("\
971ERROR: audit interface '%s' requires version %d (maximum supported version %d); ignored.\n",
972 name, lav, LAV_CURRENT);
973 unload_audit_module (dlmargs.map, original_tls_idx);
974 return;
975 }
976
977 enum { naudit_ifaces = 8 };
978 union
979 {
980 struct audit_ifaces ifaces;
981 void (*fptr[naudit_ifaces]) (void);
982 } *newp = malloc (sizeof (*newp));
983 if (newp == NULL)
984 _dl_fatal_printf ("Out of memory while loading audit modules\n");
985
986 /* Names of the auditing interfaces. All in one
987 long string. */
988 static const char audit_iface_names[] =
989 "la_activity\0"
990 "la_objsearch\0"
991 "la_objopen\0"
992 "la_preinit\0"
993#if __ELF_NATIVE_CLASS == 32
994 "la_symbind32\0"
995#elif __ELF_NATIVE_CLASS == 64
996 "la_symbind64\0"
997#else
998# error "__ELF_NATIVE_CLASS must be defined"
999#endif
1000#define STRING(s) __STRING (s)
1001 "la_" STRING (ARCH_LA_PLTENTER) "\0"
1002 "la_" STRING (ARCH_LA_PLTEXIT) "\0"
1003 "la_objclose\0";
1004 unsigned int cnt = 0;
1005 const char *cp = audit_iface_names;
1006 do
1007 {
1008 largs.name = cp;
1009 _dl_catch_error (&objname, &err_str, &malloced, lookup_doit, &largs);
1010
1011 /* Store the pointer. */
1012 if (err_str == NULL && largs.result != NULL)
1013 newp->fptr[cnt] = largs.result;
1014 else
1015 newp->fptr[cnt] = NULL;
1016 ++cnt;
1017
1018 cp = rawmemchr (cp, '\0') + 1;
1019 }
1020 while (*cp != '\0');
1021 assert (cnt == naudit_ifaces);
1022
1023 /* Now append the new auditing interface to the list. */
1024 newp->ifaces.next = NULL;
1025 if (*last_audit == NULL)
1026 *last_audit = GLRO(dl_audit) = &newp->ifaces;
1027 else
1028 *last_audit = (*last_audit)->next = &newp->ifaces;
1029
1030 /* The dynamic linker link map is statically allocated, so the
1031 cookie in _dl_new_object has not happened. */
1032 link_map_audit_state (&GL (dl_rtld_map), GLRO (dl_naudit))->cookie
1033 = (intptr_t) &GL (dl_rtld_map);
1034
1035 ++GLRO(dl_naudit);
1036
1037 /* Mark the DSO as being used for auditing. */
1038 dlmargs.map->l_auditing = 1;
1039}
1040
1041/* Notify the the audit modules that the object MAP has already been
1042 loaded. */
1043static void
1044notify_audit_modules_of_loaded_object (struct link_map *map)
1045{
1046 struct audit_ifaces *afct = GLRO(dl_audit);
1047 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1048 {
1049 if (afct->objopen != NULL)
1050 {
1051 struct auditstate *state = link_map_audit_state (map, cnt);
1052 state->bindflags = afct->objopen (map, LM_ID_BASE, &state->cookie);
1053 map->l_audit_any_plt |= state->bindflags != 0;
1054 }
1055
1056 afct = afct->next;
1057 }
1058}
1059
1060/* Load all audit modules. */
1061static void
1062load_audit_modules (struct link_map *main_map)
1063{
1064 struct audit_ifaces *last_audit = NULL;
1065 struct audit_list_iter al_iter;
1066 audit_list_iter_init (&al_iter);
1067
1068 while (true)
1069 {
1070 const char *name = audit_list_iter_next (&al_iter);
1071 if (name == NULL)
1072 break;
1073 load_audit_module (name, &last_audit);
1074 }
1075
1076 /* Notify audit modules of the initially loaded modules (the main
1077 program and the dynamic linker itself). */
1078 if (GLRO(dl_naudit) > 0)
1079 {
1080 notify_audit_modules_of_loaded_object (main_map);
1081 notify_audit_modules_of_loaded_object (&GL(dl_rtld_map));
1082 }
1083}
1084
1085static void
1086dl_main (const ElfW(Phdr) *phdr,
1087 ElfW(Word) phnum,
1088 ElfW(Addr) *user_entry,
1089 ElfW(auxv_t) *auxv)
1090{
1091 const ElfW(Phdr) *ph;
1092 enum mode mode;
1093 struct link_map *main_map;
1094 size_t file_size;
1095 char *file;
1096 bool has_interp = false;
1097 unsigned int i;
1098 bool prelinked = false;
1099 bool rtld_is_main = false;
1100 void *tcbp = NULL;
1101
1102 GL(dl_init_static_tls) = &_dl_nothread_init_static_tls;
1103
1104#if defined SHARED && defined _LIBC_REENTRANT \
1105 && defined __rtld_lock_default_lock_recursive
1106 GL(dl_rtld_lock_recursive) = rtld_lock_default_lock_recursive;
1107 GL(dl_rtld_unlock_recursive) = rtld_lock_default_unlock_recursive;
1108#endif
1109
1110 /* The explicit initialization here is cheaper than processing the reloc
1111 in the _rtld_local definition's initializer. */
1112 GL(dl_make_stack_executable_hook) = &_dl_make_stack_executable;
1113
1114 /* Process the environment variable which control the behaviour. */
1115 process_envvars (&mode);
1116
1117#ifndef HAVE_INLINED_SYSCALLS
1118 /* Set up a flag which tells we are just starting. */
1119 _dl_starting_up = 1;
1120#endif
1121
1122 if (*user_entry == (ElfW(Addr)) ENTRY_POINT)
1123 {
1124 /* Ho ho. We are not the program interpreter! We are the program
1125 itself! This means someone ran ld.so as a command. Well, that
1126 might be convenient to do sometimes. We support it by
1127 interpreting the args like this:
1128
1129 ld.so PROGRAM ARGS...
1130
1131 The first argument is the name of a file containing an ELF
1132 executable we will load and run with the following arguments.
1133 To simplify life here, PROGRAM is searched for using the
1134 normal rules for shared objects, rather than $PATH or anything
1135 like that. We just load it and use its entry point; we don't
1136 pay attention to its PT_INTERP command (we are the interpreter
1137 ourselves). This is an easy way to test a new ld.so before
1138 installing it. */
1139 rtld_is_main = true;
1140
1141 /* Note the place where the dynamic linker actually came from. */
1142 GL(dl_rtld_map).l_name = rtld_progname;
1143
1144 while (_dl_argc > 1)
1145 if (! strcmp (_dl_argv[1], "--list"))
1146 {
1147 mode = list;
1148 GLRO(dl_lazy) = -1; /* This means do no dependency analysis. */
1149
1150 ++_dl_skip_args;
1151 --_dl_argc;
1152 ++_dl_argv;
1153 }
1154 else if (! strcmp (_dl_argv[1], "--verify"))
1155 {
1156 mode = verify;
1157
1158 ++_dl_skip_args;
1159 --_dl_argc;
1160 ++_dl_argv;
1161 }
1162 else if (! strcmp (_dl_argv[1], "--inhibit-cache"))
1163 {
1164 GLRO(dl_inhibit_cache) = 1;
1165 ++_dl_skip_args;
1166 --_dl_argc;
1167 ++_dl_argv;
1168 }
1169 else if (! strcmp (_dl_argv[1], "--library-path")
1170 && _dl_argc > 2)
1171 {
1172 library_path = _dl_argv[2];
1173
1174 _dl_skip_args += 2;
1175 _dl_argc -= 2;
1176 _dl_argv += 2;
1177 }
1178 else if (! strcmp (_dl_argv[1], "--inhibit-rpath")
1179 && _dl_argc > 2)
1180 {
1181 GLRO(dl_inhibit_rpath) = _dl_argv[2];
1182
1183 _dl_skip_args += 2;
1184 _dl_argc -= 2;
1185 _dl_argv += 2;
1186 }
1187 else if (! strcmp (_dl_argv[1], "--audit") && _dl_argc > 2)
1188 {
1189 process_dl_audit (_dl_argv[2]);
1190
1191 _dl_skip_args += 2;
1192 _dl_argc -= 2;
1193 _dl_argv += 2;
1194 }
1195 else if (! strcmp (_dl_argv[1], "--preload") && _dl_argc > 2)
1196 {
1197 preloadarg = _dl_argv[2];
1198 _dl_skip_args += 2;
1199 _dl_argc -= 2;
1200 _dl_argv += 2;
1201 }
1202 else
1203 break;
1204
1205 /* If we have no further argument the program was called incorrectly.
1206 Grant the user some education. */
1207 if (_dl_argc < 2)
1208 _dl_fatal_printf ("\
1209Usage: ld.so [OPTION]... EXECUTABLE-FILE [ARGS-FOR-PROGRAM...]\n\
1210You have invoked `ld.so', the helper program for shared library executables.\n\
1211This program usually lives in the file `/lib/ld.so', and special directives\n\
1212in executable files using ELF shared libraries tell the system's program\n\
1213loader to load the helper program from this file. This helper program loads\n\
1214the shared libraries needed by the program executable, prepares the program\n\
1215to run, and runs it. You may invoke this helper program directly from the\n\
1216command line to load and run an ELF executable file; this is like executing\n\
1217that file itself, but always uses this helper program from the file you\n\
1218specified, instead of the helper program file specified in the executable\n\
1219file you run. This is mostly of use for maintainers to test new versions\n\
1220of this helper program; chances are you did not intend to run this program.\n\
1221\n\
1222 --list list all dependencies and how they are resolved\n\
1223 --verify verify that given object really is a dynamically linked\n\
1224 object we can handle\n\
1225 --inhibit-cache Do not use " LD_SO_CACHE "\n\
1226 --library-path PATH use given PATH instead of content of the environment\n\
1227 variable LD_LIBRARY_PATH\n\
1228 --inhibit-rpath LIST ignore RUNPATH and RPATH information in object names\n\
1229 in LIST\n\
1230 --audit LIST use objects named in LIST as auditors\n\
1231 --preload LIST preload objects named in LIST\n");
1232
1233 ++_dl_skip_args;
1234 --_dl_argc;
1235 ++_dl_argv;
1236
1237 /* The initialization of _dl_stack_flags done below assumes the
1238 executable's PT_GNU_STACK may have been honored by the kernel, and
1239 so a PT_GNU_STACK with PF_X set means the stack started out with
1240 execute permission. However, this is not really true if the
1241 dynamic linker is the executable the kernel loaded. For this
1242 case, we must reinitialize _dl_stack_flags to match the dynamic
1243 linker itself. If the dynamic linker was built with a
1244 PT_GNU_STACK, then the kernel may have loaded us with a
1245 nonexecutable stack that we will have to make executable when we
1246 load the program below unless it has a PT_GNU_STACK indicating
1247 nonexecutable stack is ok. */
1248
1249 for (ph = phdr; ph < &phdr[phnum]; ++ph)
1250 if (ph->p_type == PT_GNU_STACK)
1251 {
1252 GL(dl_stack_flags) = ph->p_flags;
1253 break;
1254 }
1255
1256 if (__builtin_expect (mode, normal) == verify)
1257 {
1258 const char *objname;
1259 const char *err_str = NULL;
1260 struct map_args args;
1261 bool malloced;
1262
1263 args.str = rtld_progname;
1264 args.loader = NULL;
1265 args.mode = __RTLD_OPENEXEC;
1266 (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit,
1267 &args);
1268 if (__glibc_unlikely (err_str != NULL))
1269 /* We don't free the returned string, the programs stops
1270 anyway. */
1271 _exit (EXIT_FAILURE);
1272 }
1273 else
1274 {
1275 RTLD_TIMING_VAR (start);
1276 rtld_timer_start (&start);
1277 _dl_map_object (NULL, rtld_progname, lt_executable, 0,
1278 __RTLD_OPENEXEC, LM_ID_BASE);
1279 rtld_timer_stop (&load_time, start);
1280 }
1281
1282 /* Now the map for the main executable is available. */
1283 main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
1284
1285 if (__builtin_expect (mode, normal) == normal
1286 && GL(dl_rtld_map).l_info[DT_SONAME] != NULL
1287 && main_map->l_info[DT_SONAME] != NULL
1288 && strcmp ((const char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1289 + GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_val,
1290 (const char *) D_PTR (main_map, l_info[DT_STRTAB])
1291 + main_map->l_info[DT_SONAME]->d_un.d_val) == 0)
1292 _dl_fatal_printf ("loader cannot load itself\n");
1293
1294 phdr = main_map->l_phdr;
1295 phnum = main_map->l_phnum;
1296 /* We overwrite here a pointer to a malloc()ed string. But since
1297 the malloc() implementation used at this point is the dummy
1298 implementations which has no real free() function it does not
1299 makes sense to free the old string first. */
1300 main_map->l_name = (char *) "";
1301 *user_entry = main_map->l_entry;
1302
1303#ifdef HAVE_AUX_VECTOR
1304 /* Adjust the on-stack auxiliary vector so that it looks like the
1305 binary was executed directly. */
1306 for (ElfW(auxv_t) *av = auxv; av->a_type != AT_NULL; av++)
1307 switch (av->a_type)
1308 {
1309 case AT_PHDR:
1310 av->a_un.a_val = (uintptr_t) phdr;
1311 break;
1312 case AT_PHNUM:
1313 av->a_un.a_val = phnum;
1314 break;
1315 case AT_ENTRY:
1316 av->a_un.a_val = *user_entry;
1317 break;
1318 case AT_EXECFN:
1319 av->a_un.a_val = (uintptr_t) _dl_argv[0];
1320 break;
1321 }
1322#endif
1323 }
1324 else
1325 {
1326 /* Create a link_map for the executable itself.
1327 This will be what dlopen on "" returns. */
1328 main_map = _dl_new_object ((char *) "", "", lt_executable, NULL,
1329 __RTLD_OPENEXEC, LM_ID_BASE);
1330 assert (main_map != NULL);
1331 main_map->l_phdr = phdr;
1332 main_map->l_phnum = phnum;
1333 main_map->l_entry = *user_entry;
1334
1335 /* Even though the link map is not yet fully initialized we can add
1336 it to the map list since there are no possible users running yet. */
1337 _dl_add_to_namespace_list (main_map, LM_ID_BASE);
1338 assert (main_map == GL(dl_ns)[LM_ID_BASE]._ns_loaded);
1339
1340 /* At this point we are in a bit of trouble. We would have to
1341 fill in the values for l_dev and l_ino. But in general we
1342 do not know where the file is. We also do not handle AT_EXECFD
1343 even if it would be passed up.
1344
1345 We leave the values here defined to 0. This is normally no
1346 problem as the program code itself is normally no shared
1347 object and therefore cannot be loaded dynamically. Nothing
1348 prevent the use of dynamic binaries and in these situations
1349 we might get problems. We might not be able to find out
1350 whether the object is already loaded. But since there is no
1351 easy way out and because the dynamic binary must also not
1352 have an SONAME we ignore this program for now. If it becomes
1353 a problem we can force people using SONAMEs. */
1354
1355 /* We delay initializing the path structure until we got the dynamic
1356 information for the program. */
1357 }
1358
1359 main_map->l_map_end = 0;
1360 main_map->l_text_end = 0;
1361 /* Perhaps the executable has no PT_LOAD header entries at all. */
1362 main_map->l_map_start = ~0;
1363 /* And it was opened directly. */
1364 ++main_map->l_direct_opencount;
1365
1366 /* Scan the program header table for the dynamic section. */
1367 for (ph = phdr; ph < &phdr[phnum]; ++ph)
1368 switch (ph->p_type)
1369 {
1370 case PT_PHDR:
1371 /* Find out the load address. */
1372 main_map->l_addr = (ElfW(Addr)) phdr - ph->p_vaddr;
1373 break;
1374 case PT_DYNAMIC:
1375 /* This tells us where to find the dynamic section,
1376 which tells us everything we need to do. */
1377 main_map->l_ld = (void *) main_map->l_addr + ph->p_vaddr;
1378 break;
1379 case PT_INTERP:
1380 /* This "interpreter segment" was used by the program loader to
1381 find the program interpreter, which is this program itself, the
1382 dynamic linker. We note what name finds us, so that a future
1383 dlopen call or DT_NEEDED entry, for something that wants to link
1384 against the dynamic linker as a shared library, will know that
1385 the shared object is already loaded. */
1386 _dl_rtld_libname.name = ((const char *) main_map->l_addr
1387 + ph->p_vaddr);
1388 /* _dl_rtld_libname.next = NULL; Already zero. */
1389 GL(dl_rtld_map).l_libname = &_dl_rtld_libname;
1390
1391 /* Ordinarilly, we would get additional names for the loader from
1392 our DT_SONAME. This can't happen if we were actually linked as
1393 a static executable (detect this case when we have no DYNAMIC).
1394 If so, assume the filename component of the interpreter path to
1395 be our SONAME, and add it to our name list. */
1396 if (GL(dl_rtld_map).l_ld == NULL)
1397 {
1398 const char *p = NULL;
1399 const char *cp = _dl_rtld_libname.name;
1400
1401 /* Find the filename part of the path. */
1402 while (*cp != '\0')
1403 if (*cp++ == '/')
1404 p = cp;
1405
1406 if (p != NULL)
1407 {
1408 _dl_rtld_libname2.name = p;
1409 /* _dl_rtld_libname2.next = NULL; Already zero. */
1410 _dl_rtld_libname.next = &_dl_rtld_libname2;
1411 }
1412 }
1413
1414 has_interp = true;
1415 break;
1416 case PT_LOAD:
1417 {
1418 ElfW(Addr) mapstart;
1419 ElfW(Addr) allocend;
1420
1421 /* Remember where the main program starts in memory. */
1422 mapstart = (main_map->l_addr
1423 + (ph->p_vaddr & ~(GLRO(dl_pagesize) - 1)));
1424 if (main_map->l_map_start > mapstart)
1425 main_map->l_map_start = mapstart;
1426
1427 /* Also where it ends. */
1428 allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz;
1429 if (main_map->l_map_end < allocend)
1430 main_map->l_map_end = allocend;
1431 if ((ph->p_flags & PF_X) && allocend > main_map->l_text_end)
1432 main_map->l_text_end = allocend;
1433 }
1434 break;
1435
1436 case PT_TLS:
1437 if (ph->p_memsz > 0)
1438 {
1439 /* Note that in the case the dynamic linker we duplicate work
1440 here since we read the PT_TLS entry already in
1441 _dl_start_final. But the result is repeatable so do not
1442 check for this special but unimportant case. */
1443 main_map->l_tls_blocksize = ph->p_memsz;
1444 main_map->l_tls_align = ph->p_align;
1445 if (ph->p_align == 0)
1446 main_map->l_tls_firstbyte_offset = 0;
1447 else
1448 main_map->l_tls_firstbyte_offset = (ph->p_vaddr
1449 & (ph->p_align - 1));
1450 main_map->l_tls_initimage_size = ph->p_filesz;
1451 main_map->l_tls_initimage = (void *) ph->p_vaddr;
1452
1453 /* This image gets the ID one. */
1454 GL(dl_tls_max_dtv_idx) = main_map->l_tls_modid = 1;
1455 }
1456 break;
1457
1458 case PT_GNU_STACK:
1459 GL(dl_stack_flags) = ph->p_flags;
1460 break;
1461
1462 case PT_GNU_RELRO:
1463 main_map->l_relro_addr = ph->p_vaddr;
1464 main_map->l_relro_size = ph->p_memsz;
1465 break;
1466
1467 case PT_NOTE:
1468 if (_rtld_process_pt_note (main_map, ph))
1469 _dl_error_printf ("\
1470ERROR: '%s': cannot process note segment.\n", _dl_argv[0]);
1471 break;
1472 }
1473
1474 /* Adjust the address of the TLS initialization image in case
1475 the executable is actually an ET_DYN object. */
1476 if (main_map->l_tls_initimage != NULL)
1477 main_map->l_tls_initimage
1478 = (char *) main_map->l_tls_initimage + main_map->l_addr;
1479 if (! main_map->l_map_end)
1480 main_map->l_map_end = ~0;
1481 if (! main_map->l_text_end)
1482 main_map->l_text_end = ~0;
1483 if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name)
1484 {
1485 /* We were invoked directly, so the program might not have a
1486 PT_INTERP. */
1487 _dl_rtld_libname.name = GL(dl_rtld_map).l_name;
1488 /* _dl_rtld_libname.next = NULL; Already zero. */
1489 GL(dl_rtld_map).l_libname = &_dl_rtld_libname;
1490 }
1491 else
1492 assert (GL(dl_rtld_map).l_libname); /* How else did we get here? */
1493
1494 /* If the current libname is different from the SONAME, add the
1495 latter as well. */
1496 if (GL(dl_rtld_map).l_info[DT_SONAME] != NULL
1497 && strcmp (GL(dl_rtld_map).l_libname->name,
1498 (const char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1499 + GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_val) != 0)
1500 {
1501 static struct libname_list newname;
1502 newname.name = ((char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1503 + GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_ptr);
1504 newname.next = NULL;
1505 newname.dont_free = 1;
1506
1507 assert (GL(dl_rtld_map).l_libname->next == NULL);
1508 GL(dl_rtld_map).l_libname->next = &newname;
1509 }
1510 /* The ld.so must be relocated since otherwise loading audit modules
1511 will fail since they reuse the very same ld.so. */
1512 assert (GL(dl_rtld_map).l_relocated);
1513
1514 if (! rtld_is_main)
1515 {
1516 /* Extract the contents of the dynamic section for easy access. */
1517 elf_get_dynamic_info (main_map, NULL);
1518 /* Set up our cache of pointers into the hash table. */
1519 _dl_setup_hash (main_map);
1520 }
1521
1522 if (__builtin_expect (mode, normal) == verify)
1523 {
1524 /* We were called just to verify that this is a dynamic
1525 executable using us as the program interpreter. Exit with an
1526 error if we were not able to load the binary or no interpreter
1527 is specified (i.e., this is no dynamically linked binary. */
1528 if (main_map->l_ld == NULL)
1529 _exit (1);
1530
1531 /* We allow here some platform specific code. */
1532#ifdef DISTINGUISH_LIB_VERSIONS
1533 DISTINGUISH_LIB_VERSIONS;
1534#endif
1535 _exit (has_interp ? 0 : 2);
1536 }
1537
1538 struct link_map **first_preload = &GL(dl_rtld_map).l_next;
1539 /* Set up the data structures for the system-supplied DSO early,
1540 so they can influence _dl_init_paths. */
1541 setup_vdso (main_map, &first_preload);
1542
1543 /* With vDSO setup we can initialize the function pointers. */
1544 setup_vdso_pointers ();
1545
1546#ifdef DL_SYSDEP_OSCHECK
1547 DL_SYSDEP_OSCHECK (_dl_fatal_printf);
1548#endif
1549
1550 /* Initialize the data structures for the search paths for shared
1551 objects. */
1552 _dl_init_paths (library_path);
1553
1554 /* Initialize _r_debug. */
1555 struct r_debug *r = _dl_debug_initialize (GL(dl_rtld_map).l_addr,
1556 LM_ID_BASE);
1557 r->r_state = RT_CONSISTENT;
1558
1559 /* Put the link_map for ourselves on the chain so it can be found by
1560 name. Note that at this point the global chain of link maps contains
1561 exactly one element, which is pointed to by dl_loaded. */
1562 if (! GL(dl_rtld_map).l_name)
1563 /* If not invoked directly, the dynamic linker shared object file was
1564 found by the PT_INTERP name. */
1565 GL(dl_rtld_map).l_name = (char *) GL(dl_rtld_map).l_libname->name;
1566 GL(dl_rtld_map).l_type = lt_library;
1567 main_map->l_next = &GL(dl_rtld_map);
1568 GL(dl_rtld_map).l_prev = main_map;
1569 ++GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
1570 ++GL(dl_load_adds);
1571
1572 /* If LD_USE_LOAD_BIAS env variable has not been seen, default
1573 to not using bias for non-prelinked PIEs and libraries
1574 and using it for executables or prelinked PIEs or libraries. */
1575 if (GLRO(dl_use_load_bias) == (ElfW(Addr)) -2)
1576 GLRO(dl_use_load_bias) = main_map->l_addr == 0 ? -1 : 0;
1577
1578 /* Set up the program header information for the dynamic linker
1579 itself. It is needed in the dl_iterate_phdr callbacks. */
1580 const ElfW(Ehdr) *rtld_ehdr;
1581
1582 /* Starting from binutils-2.23, the linker will define the magic symbol
1583 __ehdr_start to point to our own ELF header if it is visible in a
1584 segment that also includes the phdrs. If that's not available, we use
1585 the old method that assumes the beginning of the file is part of the
1586 lowest-addressed PT_LOAD segment. */
1587#ifdef HAVE_EHDR_START
1588 extern const ElfW(Ehdr) __ehdr_start __attribute__ ((visibility ("hidden")));
1589 rtld_ehdr = &__ehdr_start;
1590#else
1591 rtld_ehdr = (void *) GL(dl_rtld_map).l_map_start;
1592#endif
1593 assert (rtld_ehdr->e_ehsize == sizeof *rtld_ehdr);
1594 assert (rtld_ehdr->e_phentsize == sizeof (ElfW(Phdr)));
1595
1596 const ElfW(Phdr) *rtld_phdr = (const void *) rtld_ehdr + rtld_ehdr->e_phoff;
1597
1598 GL(dl_rtld_map).l_phdr = rtld_phdr;
1599 GL(dl_rtld_map).l_phnum = rtld_ehdr->e_phnum;
1600
1601
1602 /* PT_GNU_RELRO is usually the last phdr. */
1603 size_t cnt = rtld_ehdr->e_phnum;
1604 while (cnt-- > 0)
1605 if (rtld_phdr[cnt].p_type == PT_GNU_RELRO)
1606 {
1607 GL(dl_rtld_map).l_relro_addr = rtld_phdr[cnt].p_vaddr;
1608 GL(dl_rtld_map).l_relro_size = rtld_phdr[cnt].p_memsz;
1609 break;
1610 }
1611
1612 /* Add the dynamic linker to the TLS list if it also uses TLS. */
1613 if (GL(dl_rtld_map).l_tls_blocksize != 0)
1614 /* Assign a module ID. Do this before loading any audit modules. */
1615 GL(dl_rtld_map).l_tls_modid = _dl_next_tls_modid ();
1616
1617 /* If we have auditing DSOs to load, do it now. */
1618 bool need_security_init = true;
1619 if (__glibc_unlikely (audit_list != NULL)
1620 || __glibc_unlikely (audit_list_string != NULL))
1621 {
1622 /* Since we start using the auditing DSOs right away we need to
1623 initialize the data structures now. */
1624 tcbp = init_tls ();
1625
1626 /* Initialize security features. We need to do it this early
1627 since otherwise the constructors of the audit libraries will
1628 use different values (especially the pointer guard) and will
1629 fail later on. */
1630 security_init ();
1631 need_security_init = false;
1632
1633 load_audit_modules (main_map);
1634 }
1635
1636 /* Keep track of the currently loaded modules to count how many
1637 non-audit modules which use TLS are loaded. */
1638 size_t count_modids = _dl_count_modids ();
1639
1640 /* Set up debugging before the debugger is notified for the first time. */
1641#ifdef ELF_MACHINE_DEBUG_SETUP
1642 /* Some machines (e.g. MIPS) don't use DT_DEBUG in this way. */
1643 ELF_MACHINE_DEBUG_SETUP (main_map, r);
1644 ELF_MACHINE_DEBUG_SETUP (&GL(dl_rtld_map), r);
1645#else
1646 if (main_map->l_info[DT_DEBUG] != NULL)
1647 /* There is a DT_DEBUG entry in the dynamic section. Fill it in
1648 with the run-time address of the r_debug structure */
1649 main_map->l_info[DT_DEBUG]->d_un.d_ptr = (ElfW(Addr)) r;
1650
1651 /* Fill in the pointer in the dynamic linker's own dynamic section, in
1652 case you run gdb on the dynamic linker directly. */
1653 if (GL(dl_rtld_map).l_info[DT_DEBUG] != NULL)
1654 GL(dl_rtld_map).l_info[DT_DEBUG]->d_un.d_ptr = (ElfW(Addr)) r;
1655#endif
1656
1657 /* We start adding objects. */
1658 r->r_state = RT_ADD;
1659 _dl_debug_state ();
1660 LIBC_PROBE (init_start, 2, LM_ID_BASE, r);
1661
1662 /* Auditing checkpoint: we are ready to signal that the initial map
1663 is being constructed. */
1664 if (__glibc_unlikely (GLRO(dl_naudit) > 0))
1665 {
1666 struct audit_ifaces *afct = GLRO(dl_audit);
1667 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
1668 {
1669 if (afct->activity != NULL)
1670 afct->activity (&link_map_audit_state (main_map, cnt)->cookie,
1671 LA_ACT_ADD);
1672
1673 afct = afct->next;
1674 }
1675 }
1676
1677 /* We have two ways to specify objects to preload: via environment
1678 variable and via the file /etc/ld.so.preload. The latter can also
1679 be used when security is enabled. */
1680 assert (*first_preload == NULL);
1681 struct link_map **preloads = NULL;
1682 unsigned int npreloads = 0;
1683
1684 if (__glibc_unlikely (preloadlist != NULL))
1685 {
1686 RTLD_TIMING_VAR (start);
1687 rtld_timer_start (&start);
1688 npreloads += handle_preload_list (preloadlist, main_map, "LD_PRELOAD");
1689 rtld_timer_accum (&load_time, start);
1690 }
1691
1692 if (__glibc_unlikely (preloadarg != NULL))
1693 {
1694 RTLD_TIMING_VAR (start);
1695 rtld_timer_start (&start);
1696 npreloads += handle_preload_list (preloadarg, main_map, "--preload");
1697 rtld_timer_accum (&load_time, start);
1698 }
1699
1700 /* There usually is no ld.so.preload file, it should only be used
1701 for emergencies and testing. So the open call etc should usually
1702 fail. Using access() on a non-existing file is faster than using
1703 open(). So we do this first. If it succeeds we do almost twice
1704 the work but this does not matter, since it is not for production
1705 use. */
1706 static const char preload_file[] = "/etc/ld.so.preload";
1707 if (__glibc_unlikely (__access (preload_file, R_OK) == 0))
1708 {
1709 /* Read the contents of the file. */
1710 file = _dl_sysdep_read_whole_file (preload_file, &file_size,
1711 PROT_READ | PROT_WRITE);
1712 if (__glibc_unlikely (file != MAP_FAILED))
1713 {
1714 /* Parse the file. It contains names of libraries to be loaded,
1715 separated by white spaces or `:'. It may also contain
1716 comments introduced by `#'. */
1717 char *problem;
1718 char *runp;
1719 size_t rest;
1720
1721 /* Eliminate comments. */
1722 runp = file;
1723 rest = file_size;
1724 while (rest > 0)
1725 {
1726 char *comment = memchr (runp, '#', rest);
1727 if (comment == NULL)
1728 break;
1729
1730 rest -= comment - runp;
1731 do
1732 *comment = ' ';
1733 while (--rest > 0 && *++comment != '\n');
1734 }
1735
1736 /* We have one problematic case: if we have a name at the end of
1737 the file without a trailing terminating characters, we cannot
1738 place the \0. Handle the case separately. */
1739 if (file[file_size - 1] != ' ' && file[file_size - 1] != '\t'
1740 && file[file_size - 1] != '\n' && file[file_size - 1] != ':')
1741 {
1742 problem = &file[file_size];
1743 while (problem > file && problem[-1] != ' '
1744 && problem[-1] != '\t'
1745 && problem[-1] != '\n' && problem[-1] != ':')
1746 --problem;
1747
1748 if (problem > file)
1749 problem[-1] = '\0';
1750 }
1751 else
1752 {
1753 problem = NULL;
1754 file[file_size - 1] = '\0';
1755 }
1756
1757 RTLD_TIMING_VAR (start);
1758 rtld_timer_start (&start);
1759
1760 if (file != problem)
1761 {
1762 char *p;
1763 runp = file;
1764 while ((p = strsep (&runp, ": \t\n")) != NULL)
1765 if (p[0] != '\0')
1766 npreloads += do_preload (p, main_map, preload_file);
1767 }
1768
1769 if (problem != NULL)
1770 {
1771 char *p = strndupa (problem, file_size - (problem - file));
1772
1773 npreloads += do_preload (p, main_map, preload_file);
1774 }
1775
1776 rtld_timer_accum (&load_time, start);
1777
1778 /* We don't need the file anymore. */
1779 __munmap (file, file_size);
1780 }
1781 }
1782
1783 if (__glibc_unlikely (*first_preload != NULL))
1784 {
1785 /* Set up PRELOADS with a vector of the preloaded libraries. */
1786 struct link_map *l = *first_preload;
1787 preloads = __alloca (npreloads * sizeof preloads[0]);
1788 i = 0;
1789 do
1790 {
1791 preloads[i++] = l;
1792 l = l->l_next;
1793 } while (l);
1794 assert (i == npreloads);
1795 }
1796
1797 /* Load all the libraries specified by DT_NEEDED entries. If LD_PRELOAD
1798 specified some libraries to load, these are inserted before the actual
1799 dependencies in the executable's searchlist for symbol resolution. */
1800 {
1801 RTLD_TIMING_VAR (start);
1802 rtld_timer_start (&start);
1803 _dl_map_object_deps (main_map, preloads, npreloads, mode == trace, 0);
1804 rtld_timer_accum (&load_time, start);
1805 }
1806
1807 /* Mark all objects as being in the global scope. */
1808 for (i = main_map->l_searchlist.r_nlist; i > 0; )
1809 main_map->l_searchlist.r_list[--i]->l_global = 1;
1810
1811 /* Remove _dl_rtld_map from the chain. */
1812 GL(dl_rtld_map).l_prev->l_next = GL(dl_rtld_map).l_next;
1813 if (GL(dl_rtld_map).l_next != NULL)
1814 GL(dl_rtld_map).l_next->l_prev = GL(dl_rtld_map).l_prev;
1815
1816 for (i = 1; i < main_map->l_searchlist.r_nlist; ++i)
1817 if (main_map->l_searchlist.r_list[i] == &GL(dl_rtld_map))
1818 break;
1819
1820 bool rtld_multiple_ref = false;
1821 if (__glibc_likely (i < main_map->l_searchlist.r_nlist))
1822 {
1823 /* Some DT_NEEDED entry referred to the interpreter object itself, so
1824 put it back in the list of visible objects. We insert it into the
1825 chain in symbol search order because gdb uses the chain's order as
1826 its symbol search order. */
1827 rtld_multiple_ref = true;
1828
1829 GL(dl_rtld_map).l_prev = main_map->l_searchlist.r_list[i - 1];
1830 if (__builtin_expect (mode, normal) == normal)
1831 {
1832 GL(dl_rtld_map).l_next = (i + 1 < main_map->l_searchlist.r_nlist
1833 ? main_map->l_searchlist.r_list[i + 1]
1834 : NULL);
1835#ifdef NEED_DL_SYSINFO_DSO
1836 if (GLRO(dl_sysinfo_map) != NULL
1837 && GL(dl_rtld_map).l_prev->l_next == GLRO(dl_sysinfo_map)
1838 && GL(dl_rtld_map).l_next != GLRO(dl_sysinfo_map))
1839 GL(dl_rtld_map).l_prev = GLRO(dl_sysinfo_map);
1840#endif
1841 }
1842 else
1843 /* In trace mode there might be an invisible object (which we
1844 could not find) after the previous one in the search list.
1845 In this case it doesn't matter much where we put the
1846 interpreter object, so we just initialize the list pointer so
1847 that the assertion below holds. */
1848 GL(dl_rtld_map).l_next = GL(dl_rtld_map).l_prev->l_next;
1849
1850 assert (GL(dl_rtld_map).l_prev->l_next == GL(dl_rtld_map).l_next);
1851 GL(dl_rtld_map).l_prev->l_next = &GL(dl_rtld_map);
1852 if (GL(dl_rtld_map).l_next != NULL)
1853 {
1854 assert (GL(dl_rtld_map).l_next->l_prev == GL(dl_rtld_map).l_prev);
1855 GL(dl_rtld_map).l_next->l_prev = &GL(dl_rtld_map);
1856 }
1857 }
1858
1859 /* Now let us see whether all libraries are available in the
1860 versions we need. */
1861 {
1862 struct version_check_args args;
1863 args.doexit = mode == normal;
1864 args.dotrace = mode == trace;
1865 _dl_receive_error (print_missing_version, version_check_doit, &args);
1866 }
1867
1868 /* We do not initialize any of the TLS functionality unless any of the
1869 initial modules uses TLS. This makes dynamic loading of modules with
1870 TLS impossible, but to support it requires either eagerly doing setup
1871 now or lazily doing it later. Doing it now makes us incompatible with
1872 an old kernel that can't perform TLS_INIT_TP, even if no TLS is ever
1873 used. Trying to do it lazily is too hairy to try when there could be
1874 multiple threads (from a non-TLS-using libpthread). */
1875 bool was_tls_init_tp_called = tls_init_tp_called;
1876 if (tcbp == NULL)
1877 tcbp = init_tls ();
1878
1879 if (__glibc_likely (need_security_init))
1880 /* Initialize security features. But only if we have not done it
1881 earlier. */
1882 security_init ();
1883
1884 if (__builtin_expect (mode, normal) != normal)
1885 {
1886 /* We were run just to list the shared libraries. It is
1887 important that we do this before real relocation, because the
1888 functions we call below for output may no longer work properly
1889 after relocation. */
1890 struct link_map *l;
1891
1892 if (GLRO(dl_debug_mask) & DL_DEBUG_PRELINK)
1893 {
1894 struct r_scope_elem *scope = &main_map->l_searchlist;
1895
1896 for (i = 0; i < scope->r_nlist; i++)
1897 {
1898 l = scope->r_list [i];
1899 if (l->l_faked)
1900 {
1901 _dl_printf ("\t%s => not found\n", l->l_libname->name);
1902 continue;
1903 }
1904 if (_dl_name_match_p (GLRO(dl_trace_prelink), l))
1905 GLRO(dl_trace_prelink_map) = l;
1906 _dl_printf ("\t%s => %s (0x%0*Zx, 0x%0*Zx)",
1907 DSO_FILENAME (l->l_libname->name),
1908 DSO_FILENAME (l->l_name),
1909 (int) sizeof l->l_map_start * 2,
1910 (size_t) l->l_map_start,
1911 (int) sizeof l->l_addr * 2,
1912 (size_t) l->l_addr);
1913
1914 if (l->l_tls_modid)
1915 _dl_printf (" TLS(0x%Zx, 0x%0*Zx)\n", l->l_tls_modid,
1916 (int) sizeof l->l_tls_offset * 2,
1917 (size_t) l->l_tls_offset);
1918 else
1919 _dl_printf ("\n");
1920 }
1921 }
1922 else if (GLRO(dl_debug_mask) & DL_DEBUG_UNUSED)
1923 {
1924 /* Look through the dependencies of the main executable
1925 and determine which of them is not actually
1926 required. */
1927 struct link_map *l = main_map;
1928
1929 /* Relocate the main executable. */
1930 struct relocate_args args = { .l = l,
1931 .reloc_mode = ((GLRO(dl_lazy)
1932 ? RTLD_LAZY : 0)
1933 | __RTLD_NOIFUNC) };
1934 _dl_receive_error (print_unresolved, relocate_doit, &args);
1935
1936 /* This loop depends on the dependencies of the executable to
1937 correspond in number and order to the DT_NEEDED entries. */
1938 ElfW(Dyn) *dyn = main_map->l_ld;
1939 bool first = true;
1940 while (dyn->d_tag != DT_NULL)
1941 {
1942 if (dyn->d_tag == DT_NEEDED)
1943 {
1944 l = l->l_next;
1945#ifdef NEED_DL_SYSINFO_DSO
1946 /* Skip the VDSO since it's not part of the list
1947 of objects we brought in via DT_NEEDED entries. */
1948 if (l == GLRO(dl_sysinfo_map))
1949 l = l->l_next;
1950#endif
1951 if (!l->l_used)
1952 {
1953 if (first)
1954 {
1955 _dl_printf ("Unused direct dependencies:\n");
1956 first = false;
1957 }
1958
1959 _dl_printf ("\t%s\n", l->l_name);
1960 }
1961 }
1962
1963 ++dyn;
1964 }
1965
1966 _exit (first != true);
1967 }
1968 else if (! main_map->l_info[DT_NEEDED])
1969 _dl_printf ("\tstatically linked\n");
1970 else
1971 {
1972 for (l = main_map->l_next; l; l = l->l_next)
1973 if (l->l_faked)
1974 /* The library was not found. */
1975 _dl_printf ("\t%s => not found\n", l->l_libname->name);
1976 else if (strcmp (l->l_libname->name, l->l_name) == 0)
1977 _dl_printf ("\t%s (0x%0*Zx)\n", l->l_libname->name,
1978 (int) sizeof l->l_map_start * 2,
1979 (size_t) l->l_map_start);
1980 else
1981 _dl_printf ("\t%s => %s (0x%0*Zx)\n", l->l_libname->name,
1982 l->l_name, (int) sizeof l->l_map_start * 2,
1983 (size_t) l->l_map_start);
1984 }
1985
1986 if (__builtin_expect (mode, trace) != trace)
1987 for (i = 1; i < (unsigned int) _dl_argc; ++i)
1988 {
1989 const ElfW(Sym) *ref = NULL;
1990 ElfW(Addr) loadbase;
1991 lookup_t result;
1992
1993 result = _dl_lookup_symbol_x (_dl_argv[i], main_map,
1994 &ref, main_map->l_scope,
1995 NULL, ELF_RTYPE_CLASS_PLT,
1996 DL_LOOKUP_ADD_DEPENDENCY, NULL);
1997
1998 loadbase = LOOKUP_VALUE_ADDRESS (result, false);
1999
2000 _dl_printf ("%s found at 0x%0*Zd in object at 0x%0*Zd\n",
2001 _dl_argv[i],
2002 (int) sizeof ref->st_value * 2,
2003 (size_t) ref->st_value,
2004 (int) sizeof loadbase * 2, (size_t) loadbase);
2005 }
2006 else
2007 {
2008 /* If LD_WARN is set, warn about undefined symbols. */
2009 if (GLRO(dl_lazy) >= 0 && GLRO(dl_verbose))
2010 {
2011 /* We have to do symbol dependency testing. */
2012 struct relocate_args args;
2013 unsigned int i;
2014
2015 args.reloc_mode = ((GLRO(dl_lazy) ? RTLD_LAZY : 0)
2016 | __RTLD_NOIFUNC);
2017
2018 i = main_map->l_searchlist.r_nlist;
2019 while (i-- > 0)
2020 {
2021 struct link_map *l = main_map->l_initfini[i];
2022 if (l != &GL(dl_rtld_map) && ! l->l_faked)
2023 {
2024 args.l = l;
2025 _dl_receive_error (print_unresolved, relocate_doit,
2026 &args);
2027 }
2028 }
2029
2030 if ((GLRO(dl_debug_mask) & DL_DEBUG_PRELINK)
2031 && rtld_multiple_ref)
2032 {
2033 /* Mark the link map as not yet relocated again. */
2034 GL(dl_rtld_map).l_relocated = 0;
2035 _dl_relocate_object (&GL(dl_rtld_map),
2036 main_map->l_scope, __RTLD_NOIFUNC, 0);
2037 }
2038 }
2039#define VERNEEDTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERNEED))
2040 if (version_info)
2041 {
2042 /* Print more information. This means here, print information
2043 about the versions needed. */
2044 int first = 1;
2045 struct link_map *map;
2046
2047 for (map = main_map; map != NULL; map = map->l_next)
2048 {
2049 const char *strtab;
2050 ElfW(Dyn) *dyn = map->l_info[VERNEEDTAG];
2051 ElfW(Verneed) *ent;
2052
2053 if (dyn == NULL)
2054 continue;
2055
2056 strtab = (const void *) D_PTR (map, l_info[DT_STRTAB]);
2057 ent = (ElfW(Verneed) *) (map->l_addr + dyn->d_un.d_ptr);
2058
2059 if (first)
2060 {
2061 _dl_printf ("\n\tVersion information:\n");
2062 first = 0;
2063 }
2064
2065 _dl_printf ("\t%s:\n", DSO_FILENAME (map->l_name));
2066
2067 while (1)
2068 {
2069 ElfW(Vernaux) *aux;
2070 struct link_map *needed;
2071
2072 needed = find_needed (strtab + ent->vn_file);
2073 aux = (ElfW(Vernaux) *) ((char *) ent + ent->vn_aux);
2074
2075 while (1)
2076 {
2077 const char *fname = NULL;
2078
2079 if (needed != NULL
2080 && match_version (strtab + aux->vna_name,
2081 needed))
2082 fname = needed->l_name;
2083
2084 _dl_printf ("\t\t%s (%s) %s=> %s\n",
2085 strtab + ent->vn_file,
2086 strtab + aux->vna_name,
2087 aux->vna_flags & VER_FLG_WEAK
2088 ? "[WEAK] " : "",
2089 fname ?: "not found");
2090
2091 if (aux->vna_next == 0)
2092 /* No more symbols. */
2093 break;
2094
2095 /* Next symbol. */
2096 aux = (ElfW(Vernaux) *) ((char *) aux
2097 + aux->vna_next);
2098 }
2099
2100 if (ent->vn_next == 0)
2101 /* No more dependencies. */
2102 break;
2103
2104 /* Next dependency. */
2105 ent = (ElfW(Verneed) *) ((char *) ent + ent->vn_next);
2106 }
2107 }
2108 }
2109 }
2110
2111 _exit (0);
2112 }
2113
2114 if (main_map->l_info[ADDRIDX (DT_GNU_LIBLIST)]
2115 && ! __builtin_expect (GLRO(dl_profile) != NULL, 0)
2116 && ! __builtin_expect (GLRO(dl_dynamic_weak), 0))
2117 {
2118 ElfW(Lib) *liblist, *liblistend;
2119 struct link_map **r_list, **r_listend, *l;
2120 const char *strtab = (const void *) D_PTR (main_map, l_info[DT_STRTAB]);
2121
2122 assert (main_map->l_info[VALIDX (DT_GNU_LIBLISTSZ)] != NULL);
2123 liblist = (ElfW(Lib) *)
2124 main_map->l_info[ADDRIDX (DT_GNU_LIBLIST)]->d_un.d_ptr;
2125 liblistend = (ElfW(Lib) *)
2126 ((char *) liblist
2127 + main_map->l_info[VALIDX (DT_GNU_LIBLISTSZ)]->d_un.d_val);
2128 r_list = main_map->l_searchlist.r_list;
2129 r_listend = r_list + main_map->l_searchlist.r_nlist;
2130
2131 for (; r_list < r_listend && liblist < liblistend; r_list++)
2132 {
2133 l = *r_list;
2134
2135 if (l == main_map)
2136 continue;
2137
2138 /* If the library is not mapped where it should, fail. */
2139 if (l->l_addr)
2140 break;
2141
2142 /* Next, check if checksum matches. */
2143 if (l->l_info [VALIDX(DT_CHECKSUM)] == NULL
2144 || l->l_info [VALIDX(DT_CHECKSUM)]->d_un.d_val
2145 != liblist->l_checksum)
2146 break;
2147
2148 if (l->l_info [VALIDX(DT_GNU_PRELINKED)] == NULL
2149 || l->l_info [VALIDX(DT_GNU_PRELINKED)]->d_un.d_val
2150 != liblist->l_time_stamp)
2151 break;
2152
2153 if (! _dl_name_match_p (strtab + liblist->l_name, l))
2154 break;
2155
2156 ++liblist;
2157 }
2158
2159
2160 if (r_list == r_listend && liblist == liblistend)
2161 prelinked = true;
2162
2163 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_LIBS))
2164 _dl_debug_printf ("\nprelink checking: %s\n",
2165 prelinked ? "ok" : "failed");
2166 }
2167
2168
2169 /* Now set up the variable which helps the assembler startup code. */
2170 GL(dl_ns)[LM_ID_BASE]._ns_main_searchlist = &main_map->l_searchlist;
2171
2172 /* Save the information about the original global scope list since
2173 we need it in the memory handling later. */
2174 GLRO(dl_initial_searchlist) = *GL(dl_ns)[LM_ID_BASE]._ns_main_searchlist;
2175
2176 /* Remember the last search directory added at startup, now that
2177 malloc will no longer be the one from dl-minimal.c. As a side
2178 effect, this marks ld.so as initialized, so that the rtld_active
2179 function returns true from now on. */
2180 GLRO(dl_init_all_dirs) = GL(dl_all_dirs);
2181
2182 /* Print scope information. */
2183 if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_SCOPES))
2184 {
2185 _dl_debug_printf ("\nInitial object scopes\n");
2186
2187 for (struct link_map *l = main_map; l != NULL; l = l->l_next)
2188 _dl_show_scope (l, 0);
2189 }
2190
2191 _rtld_main_check (main_map, _dl_argv[0]);
2192
2193 if (prelinked)
2194 {
2195 if (main_map->l_info [ADDRIDX (DT_GNU_CONFLICT)] != NULL)
2196 {
2197 ElfW(Rela) *conflict, *conflictend;
2198
2199 RTLD_TIMING_VAR (start);
2200 rtld_timer_start (&start);
2201
2202 assert (main_map->l_info [VALIDX (DT_GNU_CONFLICTSZ)] != NULL);
2203 conflict = (ElfW(Rela) *)
2204 main_map->l_info [ADDRIDX (DT_GNU_CONFLICT)]->d_un.d_ptr;
2205 conflictend = (ElfW(Rela) *)
2206 ((char *) conflict
2207 + main_map->l_info [VALIDX (DT_GNU_CONFLICTSZ)]->d_un.d_val);
2208 _dl_resolve_conflicts (main_map, conflict, conflictend);
2209
2210 rtld_timer_stop (&relocate_time, start);
2211 }
2212
2213
2214 /* Mark all the objects so we know they have been already relocated. */
2215 for (struct link_map *l = main_map; l != NULL; l = l->l_next)
2216 {
2217 l->l_relocated = 1;
2218 if (l->l_relro_size)
2219 _dl_protect_relro (l);
2220
2221 /* Add object to slot information data if necessasy. */
2222 if (l->l_tls_blocksize != 0 && tls_init_tp_called)
2223 _dl_add_to_slotinfo (l, true);
2224 }
2225 }
2226 else
2227 {
2228 /* Now we have all the objects loaded. Relocate them all except for
2229 the dynamic linker itself. We do this in reverse order so that copy
2230 relocs of earlier objects overwrite the data written by later
2231 objects. We do not re-relocate the dynamic linker itself in this
2232 loop because that could result in the GOT entries for functions we
2233 call being changed, and that would break us. It is safe to relocate
2234 the dynamic linker out of order because it has no copy relocs (we
2235 know that because it is self-contained). */
2236
2237 int consider_profiling = GLRO(dl_profile) != NULL;
2238
2239 /* If we are profiling we also must do lazy reloaction. */
2240 GLRO(dl_lazy) |= consider_profiling;
2241
2242 RTLD_TIMING_VAR (start);
2243 rtld_timer_start (&start);
2244 unsigned i = main_map->l_searchlist.r_nlist;
2245 while (i-- > 0)
2246 {
2247 struct link_map *l = main_map->l_initfini[i];
2248
2249 /* While we are at it, help the memory handling a bit. We have to
2250 mark some data structures as allocated with the fake malloc()
2251 implementation in ld.so. */
2252 struct libname_list *lnp = l->l_libname->next;
2253
2254 while (__builtin_expect (lnp != NULL, 0))
2255 {
2256 lnp->dont_free = 1;
2257 lnp = lnp->next;
2258 }
2259 /* Also allocated with the fake malloc(). */
2260 l->l_free_initfini = 0;
2261
2262 if (l != &GL(dl_rtld_map))
2263 _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0,
2264 consider_profiling);
2265
2266 /* Add object to slot information data if necessasy. */
2267 if (l->l_tls_blocksize != 0 && tls_init_tp_called)
2268 _dl_add_to_slotinfo (l, true);
2269 }
2270 rtld_timer_stop (&relocate_time, start);
2271
2272 /* Now enable profiling if needed. Like the previous call,
2273 this has to go here because the calls it makes should use the
2274 rtld versions of the functions (particularly calloc()), but it
2275 needs to have _dl_profile_map set up by the relocator. */
2276 if (__glibc_unlikely (GL(dl_profile_map) != NULL))
2277 /* We must prepare the profiling. */
2278 _dl_start_profile ();
2279 }
2280
2281 if ((!was_tls_init_tp_called && GL(dl_tls_max_dtv_idx) > 0)
2282 || count_modids != _dl_count_modids ())
2283 ++GL(dl_tls_generation);
2284
2285 /* Now that we have completed relocation, the initializer data
2286 for the TLS blocks has its final values and we can copy them
2287 into the main thread's TLS area, which we allocated above.
2288 Note: thread-local variables must only be accessed after completing
2289 the next step. */
2290 _dl_allocate_tls_init (tcbp);
2291
2292 /* And finally install it for the main thread. */
2293 if (! tls_init_tp_called)
2294 {
2295 const char *lossage = TLS_INIT_TP (tcbp);
2296 if (__glibc_unlikely (lossage != NULL))
2297 _dl_fatal_printf ("cannot set up thread-local storage: %s\n",
2298 lossage);
2299 }
2300
2301 /* Make sure no new search directories have been added. */
2302 assert (GLRO(dl_init_all_dirs) == GL(dl_all_dirs));
2303
2304 if (! prelinked && rtld_multiple_ref)
2305 {
2306 /* There was an explicit ref to the dynamic linker as a shared lib.
2307 Re-relocate ourselves with user-controlled symbol definitions.
2308
2309 We must do this after TLS initialization in case after this
2310 re-relocation, we might call a user-supplied function
2311 (e.g. calloc from _dl_relocate_object) that uses TLS data. */
2312
2313 RTLD_TIMING_VAR (start);
2314 rtld_timer_start (&start);
2315
2316 /* Mark the link map as not yet relocated again. */
2317 GL(dl_rtld_map).l_relocated = 0;
2318 _dl_relocate_object (&GL(dl_rtld_map), main_map->l_scope, 0, 0);
2319
2320 rtld_timer_accum (&relocate_time, start);
2321 }
2322
2323 /* Do any necessary cleanups for the startup OS interface code.
2324 We do these now so that no calls are made after rtld re-relocation
2325 which might be resolved to different functions than we expect.
2326 We cannot do this before relocating the other objects because
2327 _dl_relocate_object might need to call `mprotect' for DT_TEXTREL. */
2328 _dl_sysdep_start_cleanup ();
2329
2330#ifdef SHARED
2331 /* Auditing checkpoint: we have added all objects. */
2332 if (__glibc_unlikely (GLRO(dl_naudit) > 0))
2333 {
2334 struct link_map *head = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
2335 /* Do not call the functions for any auditing object. */
2336 if (head->l_auditing == 0)
2337 {
2338 struct audit_ifaces *afct = GLRO(dl_audit);
2339 for (unsigned int cnt = 0; cnt < GLRO(dl_naudit); ++cnt)
2340 {
2341 if (afct->activity != NULL)
2342 afct->activity (&link_map_audit_state (head, cnt)->cookie,
2343 LA_ACT_CONSISTENT);
2344
2345 afct = afct->next;
2346 }
2347 }
2348 }
2349#endif
2350
2351 /* Notify the debugger all new objects are now ready to go. We must re-get
2352 the address since by now the variable might be in another object. */
2353 r = _dl_debug_initialize (0, LM_ID_BASE);
2354 r->r_state = RT_CONSISTENT;
2355 _dl_debug_state ();
2356 LIBC_PROBE (init_complete, 2, LM_ID_BASE, r);
2357
2358#if defined USE_LDCONFIG && !defined MAP_COPY
2359 /* We must munmap() the cache file. */
2360 _dl_unload_cache ();
2361#endif
2362
2363 /* Once we return, _dl_sysdep_start will invoke
2364 the DT_INIT functions and then *USER_ENTRY. */
2365}
2366
2367/* This is a little helper function for resolving symbols while
2368 tracing the binary. */
2369static void
2370print_unresolved (int errcode __attribute__ ((unused)), const char *objname,
2371 const char *errstring)
2372{
2373 if (objname[0] == '\0')
2374 objname = RTLD_PROGNAME;
2375 _dl_error_printf ("%s (%s)\n", errstring, objname);
2376}
2377
2378/* This is a little helper function for resolving symbols while
2379 tracing the binary. */
2380static void
2381print_missing_version (int errcode __attribute__ ((unused)),
2382 const char *objname, const char *errstring)
2383{
2384 _dl_error_printf ("%s: %s: %s\n", RTLD_PROGNAME,
2385 objname, errstring);
2386}
2387
2388/* Nonzero if any of the debugging options is enabled. */
2389static int any_debug attribute_relro;
2390
2391/* Process the string given as the parameter which explains which debugging
2392 options are enabled. */
2393static void
2394process_dl_debug (const char *dl_debug)
2395{
2396 /* When adding new entries make sure that the maximal length of a name
2397 is correctly handled in the LD_DEBUG_HELP code below. */
2398 static const struct
2399 {
2400 unsigned char len;
2401 const char name[10];
2402 const char helptext[41];
2403 unsigned short int mask;
2404 } debopts[] =
2405 {
2406#define LEN_AND_STR(str) sizeof (str) - 1, str
2407 { LEN_AND_STR ("libs"), "display library search paths",
2408 DL_DEBUG_LIBS | DL_DEBUG_IMPCALLS },
2409 { LEN_AND_STR ("reloc"), "display relocation processing",
2410 DL_DEBUG_RELOC | DL_DEBUG_IMPCALLS },
2411 { LEN_AND_STR ("files"), "display progress for input file",
2412 DL_DEBUG_FILES | DL_DEBUG_IMPCALLS },
2413 { LEN_AND_STR ("symbols"), "display symbol table processing",
2414 DL_DEBUG_SYMBOLS | DL_DEBUG_IMPCALLS },
2415 { LEN_AND_STR ("bindings"), "display information about symbol binding",
2416 DL_DEBUG_BINDINGS | DL_DEBUG_IMPCALLS },
2417 { LEN_AND_STR ("versions"), "display version dependencies",
2418 DL_DEBUG_VERSIONS | DL_DEBUG_IMPCALLS },
2419 { LEN_AND_STR ("scopes"), "display scope information",
2420 DL_DEBUG_SCOPES },
2421 { LEN_AND_STR ("all"), "all previous options combined",
2422 DL_DEBUG_LIBS | DL_DEBUG_RELOC | DL_DEBUG_FILES | DL_DEBUG_SYMBOLS
2423 | DL_DEBUG_BINDINGS | DL_DEBUG_VERSIONS | DL_DEBUG_IMPCALLS
2424 | DL_DEBUG_SCOPES },
2425 { LEN_AND_STR ("statistics"), "display relocation statistics",
2426 DL_DEBUG_STATISTICS },
2427 { LEN_AND_STR ("unused"), "determined unused DSOs",
2428 DL_DEBUG_UNUSED },
2429 { LEN_AND_STR ("help"), "display this help message and exit",
2430 DL_DEBUG_HELP },
2431 };
2432#define ndebopts (sizeof (debopts) / sizeof (debopts[0]))
2433
2434 /* Skip separating white spaces and commas. */
2435 while (*dl_debug != '\0')
2436 {
2437 if (*dl_debug != ' ' && *dl_debug != ',' && *dl_debug != ':')
2438 {
2439 size_t cnt;
2440 size_t len = 1;
2441
2442 while (dl_debug[len] != '\0' && dl_debug[len] != ' '
2443 && dl_debug[len] != ',' && dl_debug[len] != ':')
2444 ++len;
2445
2446 for (cnt = 0; cnt < ndebopts; ++cnt)
2447 if (debopts[cnt].len == len
2448 && memcmp (dl_debug, debopts[cnt].name, len) == 0)
2449 {
2450 GLRO(dl_debug_mask) |= debopts[cnt].mask;
2451 any_debug = 1;
2452 break;
2453 }
2454
2455 if (cnt == ndebopts)
2456 {
2457 /* Display a warning and skip everything until next
2458 separator. */
2459 char *copy = strndupa (dl_debug, len);
2460 _dl_error_printf ("\
2461warning: debug option `%s' unknown; try LD_DEBUG=help\n", copy);
2462 }
2463
2464 dl_debug += len;
2465 continue;
2466 }
2467
2468 ++dl_debug;
2469 }
2470
2471 if (GLRO(dl_debug_mask) & DL_DEBUG_UNUSED)
2472 {
2473 /* In order to get an accurate picture of whether a particular
2474 DT_NEEDED entry is actually used we have to process both
2475 the PLT and non-PLT relocation entries. */
2476 GLRO(dl_lazy) = 0;
2477 }
2478
2479 if (GLRO(dl_debug_mask) & DL_DEBUG_HELP)
2480 {
2481 size_t cnt;
2482
2483 _dl_printf ("\
2484Valid options for the LD_DEBUG environment variable are:\n\n");
2485
2486 for (cnt = 0; cnt < ndebopts; ++cnt)
2487 _dl_printf (" %.*s%s%s\n", debopts[cnt].len, debopts[cnt].name,
2488 " " + debopts[cnt].len - 3,
2489 debopts[cnt].helptext);
2490
2491 _dl_printf ("\n\
2492To direct the debugging output into a file instead of standard output\n\
2493a filename can be specified using the LD_DEBUG_OUTPUT environment variable.\n");
2494 _exit (0);
2495 }
2496}
2497
2498static void
2499process_dl_audit (char *str)
2500{
2501 /* The parameter is a colon separated list of DSO names. */
2502 char *p;
2503
2504 while ((p = (strsep) (&str, ":")) != NULL)
2505 if (dso_name_valid_for_suid (p))
2506 {
2507 /* This is using the local malloc, not the system malloc. The
2508 memory can never be freed. */
2509 struct audit_list *newp = malloc (sizeof (*newp));
2510 newp->name = p;
2511
2512 if (audit_list == NULL)
2513 audit_list = newp->next = newp;
2514 else
2515 {
2516 newp->next = audit_list->next;
2517 audit_list = audit_list->next = newp;
2518 }
2519 }
2520}
2521
2522/* Process all environments variables the dynamic linker must recognize.
2523 Since all of them start with `LD_' we are a bit smarter while finding
2524 all the entries. */
2525extern char **_environ attribute_hidden;
2526
2527
2528static void
2529process_envvars (enum mode *modep)
2530{
2531 char **runp = _environ;
2532 char *envline;
2533 enum mode mode = normal;
2534 char *debug_output = NULL;
2535
2536 /* This is the default place for profiling data file. */
2537 GLRO(dl_profile_output)
2538 = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0];
2539
2540 while ((envline = _dl_next_ld_env_entry (&runp)) != NULL)
2541 {
2542 size_t len = 0;
2543
2544 while (envline[len] != '\0' && envline[len] != '=')
2545 ++len;
2546
2547 if (envline[len] != '=')
2548 /* This is a "LD_" variable at the end of the string without
2549 a '=' character. Ignore it since otherwise we will access
2550 invalid memory below. */
2551 continue;
2552
2553 switch (len)
2554 {
2555 case 4:
2556 /* Warning level, verbose or not. */
2557 if (memcmp (envline, "WARN", 4) == 0)
2558 GLRO(dl_verbose) = envline[5] != '\0';
2559 break;
2560
2561 case 5:
2562 /* Debugging of the dynamic linker? */
2563 if (memcmp (envline, "DEBUG", 5) == 0)
2564 {
2565 process_dl_debug (&envline[6]);
2566 break;
2567 }
2568 if (memcmp (envline, "AUDIT", 5) == 0)
2569 audit_list_string = &envline[6];
2570 break;
2571
2572 case 7:
2573 /* Print information about versions. */
2574 if (memcmp (envline, "VERBOSE", 7) == 0)
2575 {
2576 version_info = envline[8] != '\0';
2577 break;
2578 }
2579
2580 /* List of objects to be preloaded. */
2581 if (memcmp (envline, "PRELOAD", 7) == 0)
2582 {
2583 preloadlist = &envline[8];
2584 break;
2585 }
2586
2587 /* Which shared object shall be profiled. */
2588 if (memcmp (envline, "PROFILE", 7) == 0 && envline[8] != '\0')
2589 GLRO(dl_profile) = &envline[8];
2590 break;
2591
2592 case 8:
2593 /* Do we bind early? */
2594 if (memcmp (envline, "BIND_NOW", 8) == 0)
2595 {
2596 GLRO(dl_lazy) = envline[9] == '\0';
2597 break;
2598 }
2599 if (memcmp (envline, "BIND_NOT", 8) == 0)
2600 GLRO(dl_bind_not) = envline[9] != '\0';
2601 break;
2602
2603 case 9:
2604 /* Test whether we want to see the content of the auxiliary
2605 array passed up from the kernel. */
2606 if (!__libc_enable_secure
2607 && memcmp (envline, "SHOW_AUXV", 9) == 0)
2608 _dl_show_auxv ();
2609 break;
2610
2611#if !HAVE_TUNABLES
2612 case 10:
2613 /* Mask for the important hardware capabilities. */
2614 if (!__libc_enable_secure
2615 && memcmp (envline, "HWCAP_MASK", 10) == 0)
2616 GLRO(dl_hwcap_mask) = _dl_strtoul (&envline[11], NULL);
2617 break;
2618#endif
2619
2620 case 11:
2621 /* Path where the binary is found. */
2622 if (!__libc_enable_secure
2623 && memcmp (envline, "ORIGIN_PATH", 11) == 0)
2624 GLRO(dl_origin_path) = &envline[12];
2625 break;
2626
2627 case 12:
2628 /* The library search path. */
2629 if (!__libc_enable_secure
2630 && memcmp (envline, "LIBRARY_PATH", 12) == 0)
2631 {
2632 library_path = &envline[13];
2633 break;
2634 }
2635
2636 /* Where to place the profiling data file. */
2637 if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0)
2638 {
2639 debug_output = &envline[13];
2640 break;
2641 }
2642
2643 if (!__libc_enable_secure
2644 && memcmp (envline, "DYNAMIC_WEAK", 12) == 0)
2645 GLRO(dl_dynamic_weak) = 1;
2646 break;
2647
2648 case 13:
2649 /* We might have some extra environment variable with length 13
2650 to handle. */
2651#ifdef EXTRA_LD_ENVVARS_13
2652 EXTRA_LD_ENVVARS_13
2653#endif
2654 if (!__libc_enable_secure
2655 && memcmp (envline, "USE_LOAD_BIAS", 13) == 0)
2656 {
2657 GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0;
2658 break;
2659 }
2660 break;
2661
2662 case 14:
2663 /* Where to place the profiling data file. */
2664 if (!__libc_enable_secure
2665 && memcmp (envline, "PROFILE_OUTPUT", 14) == 0
2666 && envline[15] != '\0')
2667 GLRO(dl_profile_output) = &envline[15];
2668 break;
2669
2670 case 16:
2671 /* The mode of the dynamic linker can be set. */
2672 if (memcmp (envline, "TRACE_PRELINKING", 16) == 0)
2673 {
2674 mode = trace;
2675 GLRO(dl_verbose) = 1;
2676 GLRO(dl_debug_mask) |= DL_DEBUG_PRELINK;
2677 GLRO(dl_trace_prelink) = &envline[17];
2678 }
2679 break;
2680
2681 case 20:
2682 /* The mode of the dynamic linker can be set. */
2683 if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0)
2684 mode = trace;
2685 break;
2686
2687 /* We might have some extra environment variable to handle. This
2688 is tricky due to the pre-processing of the length of the name
2689 in the switch statement here. The code here assumes that added
2690 environment variables have a different length. */
2691#ifdef EXTRA_LD_ENVVARS
2692 EXTRA_LD_ENVVARS
2693#endif
2694 }
2695 }
2696
2697 /* The caller wants this information. */
2698 *modep = mode;
2699
2700 /* Extra security for SUID binaries. Remove all dangerous environment
2701 variables. */
2702 if (__builtin_expect (__libc_enable_secure, 0))
2703 {
2704 static const char unsecure_envvars[] =
2705#ifdef EXTRA_UNSECURE_ENVVARS
2706 EXTRA_UNSECURE_ENVVARS
2707#endif
2708 UNSECURE_ENVVARS;
2709 const char *nextp;
2710
2711 nextp = unsecure_envvars;
2712 do
2713 {
2714 unsetenv (nextp);
2715 /* We could use rawmemchr but this need not be fast. */
2716 nextp = (char *) (strchr) (nextp, '\0') + 1;
2717 }
2718 while (*nextp != '\0');
2719
2720 if (__access ("/etc/suid-debug", F_OK) != 0)
2721 {
2722#if !HAVE_TUNABLES
2723 unsetenv ("MALLOC_CHECK_");
2724#endif
2725 GLRO(dl_debug_mask) = 0;
2726 }
2727
2728 if (mode != normal)
2729 _exit (5);
2730 }
2731 /* If we have to run the dynamic linker in debugging mode and the
2732 LD_DEBUG_OUTPUT environment variable is given, we write the debug
2733 messages to this file. */
2734 else if (any_debug && debug_output != NULL)
2735 {
2736 const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW;
2737 size_t name_len = strlen (debug_output);
2738 char buf[name_len + 12];
2739 char *startp;
2740
2741 buf[name_len + 11] = '\0';
2742 startp = _itoa (__getpid (), &buf[name_len + 11], 10, 0);
2743 *--startp = '.';
2744 startp = memcpy (startp - name_len, debug_output, name_len);
2745
2746 GLRO(dl_debug_fd) = __open64_nocancel (startp, flags, DEFFILEMODE);
2747 if (GLRO(dl_debug_fd) == -1)
2748 /* We use standard output if opening the file failed. */
2749 GLRO(dl_debug_fd) = STDOUT_FILENO;
2750 }
2751}
2752
2753#if HP_TIMING_INLINE
2754static void
2755print_statistics_item (const char *title, hp_timing_t time,
2756 hp_timing_t total)
2757{
2758 char cycles[HP_TIMING_PRINT_SIZE];
2759 HP_TIMING_PRINT (cycles, sizeof (cycles), time);
2760
2761 char relative[3 * sizeof (hp_timing_t) + 2];
2762 char *cp = _itoa ((1000ULL * time) / total, relative + sizeof (relative),
2763 10, 0);
2764 /* Sets the decimal point. */
2765 char *wp = relative;
2766 switch (relative + sizeof (relative) - cp)
2767 {
2768 case 3:
2769 *wp++ = *cp++;
2770 /* Fall through. */
2771 case 2:
2772 *wp++ = *cp++;
2773 /* Fall through. */
2774 case 1:
2775 *wp++ = '.';
2776 *wp++ = *cp++;
2777 }
2778 *wp = '\0';
2779 _dl_debug_printf ("%s: %s cycles (%s%%)\n", title, cycles, relative);
2780}
2781#endif
2782
2783/* Print the various times we collected. */
2784static void
2785__attribute ((noinline))
2786print_statistics (const hp_timing_t *rtld_total_timep)
2787{
2788#if HP_TIMING_INLINE
2789 {
2790 char cycles[HP_TIMING_PRINT_SIZE];
2791 HP_TIMING_PRINT (cycles, sizeof (cycles), *rtld_total_timep);
2792 _dl_debug_printf ("\nruntime linker statistics:\n"
2793 " total startup time in dynamic loader: %s cycles\n",
2794 cycles);
2795 print_statistics_item (" time needed for relocation",
2796 relocate_time, *rtld_total_timep);
2797 }
2798#endif
2799
2800 unsigned long int num_relative_relocations = 0;
2801 for (Lmid_t ns = 0; ns < GL(dl_nns); ++ns)
2802 {
2803 if (GL(dl_ns)[ns]._ns_loaded == NULL)
2804 continue;
2805
2806 struct r_scope_elem *scope = &GL(dl_ns)[ns]._ns_loaded->l_searchlist;
2807
2808 for (unsigned int i = 0; i < scope->r_nlist; i++)
2809 {
2810 struct link_map *l = scope->r_list [i];
2811
2812 if (l->l_addr != 0 && l->l_info[VERSYMIDX (DT_RELCOUNT)])
2813 num_relative_relocations
2814 += l->l_info[VERSYMIDX (DT_RELCOUNT)]->d_un.d_val;
2815#ifndef ELF_MACHINE_REL_RELATIVE
2816 /* Relative relocations are processed on these architectures if
2817 library is loaded to different address than p_vaddr or
2818 if not prelinked. */
2819 if ((l->l_addr != 0 || !l->l_info[VALIDX(DT_GNU_PRELINKED)])
2820 && l->l_info[VERSYMIDX (DT_RELACOUNT)])
2821#else
2822 /* On e.g. IA-64 or Alpha, relative relocations are processed
2823 only if library is loaded to different address than p_vaddr. */
2824 if (l->l_addr != 0 && l->l_info[VERSYMIDX (DT_RELACOUNT)])
2825#endif
2826 num_relative_relocations
2827 += l->l_info[VERSYMIDX (DT_RELACOUNT)]->d_un.d_val;
2828 }
2829 }
2830
2831 _dl_debug_printf (" number of relocations: %lu\n"
2832 " number of relocations from cache: %lu\n"
2833 " number of relative relocations: %lu\n",
2834 GL(dl_num_relocations),
2835 GL(dl_num_cache_relocations),
2836 num_relative_relocations);
2837
2838#if HP_TIMING_INLINE
2839 print_statistics_item (" time needed to load objects",
2840 load_time, *rtld_total_timep);
2841#endif
2842}
2843