1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
25
26 /*
27 * Implementation of all external interfaces between ld.so.1 and libc.
28 *
29 * This file started as a set of routines that provided synchronization and
30 * locking operations using calls to libthread. libthread has merged with libc
31 * under the Unified Process Model (UPM), and things have gotten a lot simpler.
32 * This file continues to establish and redirect various events within ld.so.1
33 * to interfaces within libc.
34 *
35 * Until libc is loaded and relocated, any external interfaces are captured
36 * locally. Each link-map list maintains its own set of external vectors, as
37 * each link-map list typically provides its own libc. Although this per-link-
38 * map list vectoring provides a degree of flexibility, there is a protocol
39 * expected when calling various libc interfaces.
40 *
41 * i. Any new alternative link-map list should call CI_THRINIT, and then call
42 * CI_TLS_MODADD to register any TLS for each object of that link-map list
43 * (this item is labeled i. as auditors can be the first objects loaded,
44 * and they exist on their own lik-map list).
45 *
46 * ii. For the primary link-map list, CI_TLS_STATMOD must be called first to
47 * register any static TLS. This routine is called regardless of there
48 * being any TLS, as this routine also establishes the link-map list as the
49 * primary list and fixes the association of uberdata). CI_THRINIT should
50 * then be called.
51 *
52 * iii. Any objects added to an existing link-map list (primary or alternative)
53 * should call CI_TLS_MODADD to register any additional TLS.
54 *
55 * These events are established by:
56 *
57 * i. Typically, libc is loaded as part of the primary dependencies of any
58 * link-map list (since the Unified Process Model (UPM), libc can't be
59 * lazily loaded). To minimize the possibility of loading and registering
60 * objects, and then tearing them down (because of a relocation error),
61 * external vectors are established as part of load_completion(). This
62 * routine is called on completion of any operation that can cause objects
63 * to be loaded. This point of control insures the objects have been fully
64 * analyzed and relocated, and moved to their controlling link-map list.
65 * The external vectors are established prior to any .inits being fired.
66 *
67 * ii. Calls to CI_THRINIT, and CI_TLS_MODADD also occur as part of
68 * load_completion(). CI_THRINIT is only called once for each link-map
69 * control list.
70 *
71 * iii. Calls to CI_TLS_STATMOD, and CI_THRINIT occur for the primary link-map
72 * list in the final stages of setup().
73 *
74 * The interfaces provide by libc can be divided into two families. The first
75 * family consists of those interfaces that should be called from the link-map
76 * list. It's possible that these interfaces convey state concerning the
77 * link-map list they are part of:
78 *
79 * CI_ATEXIT
80 * CI TLS_MODADD
81 * CI_TLS_MODREM
82 * CI_TLS_STATMOD
83 * CI_THRINIT
84 *
85 * The second family are global in nature, that is, the link-map list from
86 * which they are called provides no state information. In fact, for
87 * CI_BIND_GUARD, the calling link-map isn't even known. The link-map can only
88 * be deduced after ld.so.1's global lock has been obtained. Therefore, the
89 * following interfaces are also maintained as global:
90 *
91 * CI_LCMESSAGES
92 * CI_BIND_GUARD
93 * CI_BIND_CLEAR
94 * CI_THR_SELF
95 *
96 * Note, it is possible that these global interfaces are obtained from an
97 * alternative link-map list that gets torn down because of a processing
98 * failure (unlikely, because the link-map list components must be analyzed
99 * and relocated prior to load_completion(), but perhaps the tear down is still
100 * a possibility). Thus the global interfaces may have to be replaced. Once
101 * the interfaces have been obtained from the primary link-map, they can
102 * remain fixed, as the primary link-map isn't going to go anywhere.
103 *
104 * The last wrinkle in the puzzle is what happens if an alternative link-map
105 * is loaded with no libc dependency? In this case, the alternative objects
106 * can not call CI_THRINIT, can not be allowed to use TLS, and will not receive
107 * any atexit processing.
108 *
109 * The history of these external interfaces is defined by their version:
110 *
111 * TI_VERSION == 1
112 * Under this model libthread provided rw_rwlock/rw_unlock, through which
113 * all rt_mutex_lock/rt_mutex_unlock calls were vectored.
114 * Under libc/libthread these interfaces provided _sigon/_sigoff (unlike
115 * lwp/libthread that provided signal blocking via bind_guard/bind_clear).
116 *
117 * TI_VERSION == 2
118 * Under this model only libthreads bind_guard/bind_clear and thr_self
119 * interfaces were used. Both libthreads blocked signals under the
120 * bind_guard/bind_clear interfaces. Lower level locking is derived
121 * from internally bound _lwp_ interfaces. This removes recursive
122 * problems encountered when obtaining locking interfaces from libthread.
123 * The use of mutexes over reader/writer locks also enables the use of
124 * condition variables for controlling thread concurrency (allows access
125 * to objects only after their .init has completed).
126 *
127 * NOTE, the TI_VERSION indicated the ti_interface version number, where the
128 * ti_interface was a large vector of functions passed to both libc (to override
129 * the thread stub interfaces) and ld.so.1. ld.so.1 used only a small subset of
130 * these interfaces.
131 *
132 * CI_VERSION == 1
133 * Introduced with CI_VERSION & CI_ATEXIT
134 *
135 * CI_VERSION == 2 (Solaris 8 update 2).
136 * Added support for CI_LCMESSAGES
137 *
138 * CI_VERSION == 3 (Solaris 9).
139 * Added the following versions to the CI table:
140 *
141 * CI_BIND_GUARD, CI_BIND_CLEAR, CI_THR_SELF
142 * CI_TLS_MODADD, CI_TLS_MOD_REMOVE, CI_TLS_STATMOD
143 *
144 * This version introduced the DT_SUNW_RTLDINFO structure as a mechanism
145 * to handshake with ld.so.1.
146 *
147 * CI_VERSION == 4 (Solaris 10).
148 * Added the CI_THRINIT handshake as part of the libc/libthread unified
149 * process model. libc now initializes the current thread pointer from
150 * this interface (and no longer relies on the INITFIRST flag - which
151 * others have started to camp out on).
152 *
153 * CI_VERSION == 5 (Solaris 11).
154 * Use of "protected" references within libc, so that symbols are
155 * pre-bound, and don't require ld.so.1 binding. This implementation
156 * protects libc's critical regions from being vectored to auditors.
157 *
158 * CI_VERSION == 6 (Solaris 11).
159 * Added the CI_CRITICAL handshake, to allow "mem*" family to be reexposed
160 * as "global", and thus be redirected to auxiliary filters.
161 *
162 * Release summary:
163 *
164 * Solaris 8 CI_ATEXIT via _ld_libc()
165 * TI_* via _ld_concurrency()
166 *
167 * Solaris 9 CI_ATEXIT and CI_LCMESSAGES via _ld_libc()
168 * CI_* via RTLDINFO and _ld_libc() - new libthread
169 * TI_* via _ld_concurrency() - old libthread
170 *
171 * Solaris 10 CI_ATEXIT and CI_LCMESSAGES via _ld_libc()
172 * CI_* via RTLDINFO and _ld_libc() - new libthread
173 */
174
175 #include <sys/debug.h>
176 #include <synch.h>
177 #include <signal.h>
178 #include <thread.h>
179 #include <synch.h>
180 #include <strings.h>
181 #include <stdio.h>
182 #include <debug.h>
183 #include <libc_int.h>
184 #include "_elf.h"
185 #include "_rtld.h"
186
187 /*
188 * This interface provides the unified process model communication between
189 * ld.so.1 and libc. This interface can be called a number of times:
190 *
191 * - Initially, this interface is called to process RTLDINFO. This data
192 * structure is typically provided by libc, and contains the address of
193 * libc interfaces that must be called to initialize threads information.
194 *
195 * - _ld_libc(), this interface can also be called by libc at process
196 * initialization, after libc has been loaded and relocated, but before
197 * control has been passed to any user code (.init's or main()). This
198 * call provides additional libc interface information that ld.so.1 must
199 * call during process execution.
200 *
201 * - _ld_libc() can also be called by libc during process execution to
202 * re-establish interfaces such as the locale.
203 */
204 static void
get_lcinterface(Rt_map * lmp,Lc_interface * funcs)205 get_lcinterface(Rt_map *lmp, Lc_interface *funcs)
206 {
207 int threaded = 0, entry = 0, tag;
208 Lm_list *lml;
209 Lc_desc *lcp;
210
211 if ((lmp == NULL) || (funcs == NULL))
212 return;
213
214 /*
215 * Once the process is active, ensure we grab a lock.
216 */
217 if (rtld_flags & RT_FL_APPLIC)
218 entry = enter(0);
219
220 lml = LIST(lmp);
221 lcp = &lml->lm_lcs[0];
222
223 DBG_CALL(Dbg_util_nl(lml, DBG_NL_STD));
224
225 for (tag = funcs->ci_tag; tag; tag = (++funcs)->ci_tag) {
226 char *gptr;
227 char *lptr = funcs->ci_un.ci_ptr;
228
229 DBG_CALL(Dbg_util_lcinterface(lmp, tag, lptr));
230
231 if (tag >= CI_MAX)
232 continue;
233
234 /*
235 * Maintain all interfaces on a per-link-map basis. Note, for
236 * most interfaces, only the first interface is used for any
237 * link-map list. This prevents accidents with developers who
238 * manage to load two different versions of libc.
239 */
240 if ((lcp[tag].lc_lmp) &&
241 (tag != CI_LCMESSAGES) && (tag != CI_VERSION)) {
242 DBG_CALL(Dbg_unused_lcinterface(lmp,
243 lcp[tag].lc_lmp, tag));
244 continue;
245 }
246
247 lcp[tag].lc_un.lc_ptr = lptr;
248 lcp[tag].lc_lmp = lmp;
249
250 gptr = glcs[tag].lc_un.lc_ptr;
251
252 /*
253 * Process any interfaces that must be maintained on a global
254 * basis.
255 */
256 switch (tag) {
257 case CI_ATEXIT:
258 break;
259
260 case CI_LCMESSAGES:
261 /*
262 * At startup, ld.so.1 can establish a locale from one
263 * of the locale family of environment variables (see
264 * ld_str_env() and readenv_user()). During process
265 * execution the locale can also be changed by the user.
266 * This interface is called from libc should the locale
267 * be modified. Presently, only one global locale is
268 * maintained for all link-map lists, and only objects
269 * on the primrary link-map may change this locale.
270 */
271 if ((lml->lm_flags & LML_FLG_BASELM) &&
272 ((gptr == NULL) || (strcmp(gptr, lptr) != 0))) {
273 /*
274 * If we've obtained a message locale (typically
275 * supplied via libc's setlocale()), then
276 * register the locale for use in dgettext() so
277 * as to reestablish the locale for ld.so.1's
278 * messages.
279 */
280 if (gptr) {
281 free((void *)gptr);
282 rtld_flags |= RT_FL_NEWLOCALE;
283 }
284 glcs[tag].lc_un.lc_ptr = strdup(lptr);
285
286 /*
287 * Clear any cached messages.
288 */
289 bzero(err_strs, sizeof (err_strs));
290 nosym_str = NULL;
291 }
292 break;
293
294 case CI_BIND_GUARD:
295 case CI_BIND_CLEAR:
296 case CI_THR_SELF:
297 case CI_CRITICAL:
298 /*
299 * If the global vector is unset, or this is the primary
300 * link-map, set the global vector.
301 */
302 if ((gptr == NULL) || (lml->lm_flags & LML_FLG_BASELM))
303 glcs[tag].lc_un.lc_ptr = lptr;
304
305 /* FALLTHROUGH */
306
307 case CI_TLS_MODADD:
308 case CI_TLS_MODREM:
309 case CI_TLS_STATMOD:
310 case CI_THRINIT:
311 threaded++;
312 break;
313
314 case CI_VERSION:
315 if ((rtld_flags2 & RT_FL2_RTLDSEEN) == 0) {
316 Aliste idx;
317 Lm_list *lml2;
318 int version;
319
320 rtld_flags2 |= RT_FL2_RTLDSEEN;
321
322 version = funcs->ci_un.ci_val;
323 #if defined(CI_V_FIVE)
324 if (version >= CI_V_FIVE) {
325 thr_flg_nolock = THR_FLG_NOLOCK;
326 thr_flg_reenter = THR_FLG_REENTER;
327 }
328 #endif
329 if (version < CI_V_FOUR)
330 break;
331
332 rtld_flags2 |= RT_FL2_UNIFPROC;
333
334 /*
335 * We might have seen an auditor which is not
336 * dependent on libc. Such an auditor's link
337 * map list has LML_FLG_HOLDLOCK set. This
338 * lock needs to be dropped. Refer to
339 * audit_setup() in audit.c.
340 */
341 if ((rtld_flags2 & RT_FL2_HASAUDIT) == 0)
342 break;
343
344 /*
345 * Yes, we did. Take care of them.
346 */
347 for (APLIST_TRAVERSE(dynlm_list, idx, lml2)) {
348 Rt_map *map = (Rt_map *)lml2->lm_head;
349
350 if (FLAGS(map) & FLG_RT_AUDIT) {
351 lml2->lm_flags &=
352 ~LML_FLG_HOLDLOCK;
353 }
354 }
355 }
356 break;
357
358 default:
359 break;
360 }
361 }
362
363 if (threaded) {
364 /*
365 * If a version of libc gives us only a subset of the TLS
366 * interfaces, it's confused and we discard the whole lot.
367 */
368 if ((lcp[CI_TLS_MODADD].lc_un.lc_func &&
369 lcp[CI_TLS_MODREM].lc_un.lc_func &&
370 lcp[CI_TLS_STATMOD].lc_un.lc_func) == NULL) {
371 lcp[CI_TLS_MODADD].lc_un.lc_func = NULL;
372 lcp[CI_TLS_MODREM].lc_un.lc_func = NULL;
373 lcp[CI_TLS_STATMOD].lc_un.lc_func = NULL;
374 }
375
376 /*
377 * Indicate that we're now thread capable.
378 */
379 if ((lml->lm_flags & LML_FLG_RTLDLM) == 0)
380 rtld_flags |= RT_FL_THREADS;
381 }
382
383 if (entry)
384 leave(lml, 0);
385 }
386
387 /*
388 * At this point we know we have a set of objects that have been fully analyzed
389 * and relocated. Prior to the next major step of running .init sections (ie.
390 * running user code), retrieve any RTLDINFO interfaces.
391 */
392 int
rt_get_extern(Lm_list * lml,Rt_map * lmp)393 rt_get_extern(Lm_list *lml, Rt_map *lmp)
394 {
395 if (lml->lm_rti) {
396 Aliste idx;
397 Rti_desc *rti;
398
399 for (ALIST_TRAVERSE(lml->lm_rti, idx, rti))
400 get_lcinterface(rti->rti_lmp, rti->rti_info);
401
402 free(lml->lm_rti);
403 lml->lm_rti = 0;
404 }
405
406 /*
407 * Perform some sanity checks. If we have TLS requirements we better
408 * have the associated external interfaces.
409 */
410 if (lml->lm_tls &&
411 (lml->lm_lcs[CI_TLS_STATMOD].lc_un.lc_func == NULL)) {
412 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_TLS_NOSUPPORT),
413 NAME(lmp));
414 return (0);
415 }
416 return (1);
417 }
418
419 /*
420 * Provide an interface for libc to communicate additional interface
421 * information.
422 */
423 void
_ld_libc(void * ptr)424 _ld_libc(void *ptr)
425 {
426 get_lcinterface(_caller(caller(), CL_EXECDEF), (Lc_interface *)ptr);
427 }
428
429 static int bindmask = 0;
430
431 int
rt_bind_guard(int flags)432 rt_bind_guard(int flags)
433 {
434 int (*fptr)(int);
435 int bindflag;
436
437 if ((fptr = glcs[CI_BIND_GUARD].lc_un.lc_func) != NULL) {
438 return ((*fptr)(flags));
439 } else {
440 bindflag = (flags & THR_FLG_RTLD);
441 if ((bindflag & bindmask) == 0) {
442 bindmask |= bindflag;
443 return (1);
444 }
445 return (0);
446 }
447 }
448
449 int
rt_bind_clear(int flags)450 rt_bind_clear(int flags)
451 {
452 int (*fptr)(int);
453 int bindflag;
454
455 if ((fptr = glcs[CI_BIND_CLEAR].lc_un.lc_func) != NULL) {
456 return ((*fptr)(flags));
457 } else {
458 bindflag = (flags & THR_FLG_RTLD);
459 if (bindflag == 0)
460 return (bindmask);
461 else {
462 bindmask &= ~bindflag;
463 return (0);
464 }
465 }
466 }
467
468 /*
469 * Make sure threads have been initialized. This interface is called once for
470 * each link-map list.
471 */
472 void
rt_thr_init(Lm_list * lml)473 rt_thr_init(Lm_list *lml)
474 {
475 void (*fptr)(void);
476
477 if ((fptr =
478 (void (*)())lml->lm_lcs[CI_THRINIT].lc_un.lc_func) != NULL) {
479 lml->lm_lcs[CI_THRINIT].lc_un.lc_func = NULL;
480
481 leave(lml, thr_flg_reenter);
482 (*fptr)();
483 (void) enter(thr_flg_reenter);
484
485 /*
486 * If this is an alternative link-map list, and this is the
487 * first call to initialize threads, don't let the destination
488 * libc be deleted. It is possible that an auditors complete
489 * initialization fails, but there is presently no main link-map
490 * list. As this libc has established the thread pointer, don't
491 * delete this libc, otherwise the initialization of libc on the
492 * main link-map can be compromised during its threads
493 * initialization.
494 */
495 if (((lml->lm_flags & LML_FLG_BASELM) == 0) &&
496 ((rtld_flags2 & RT_FL2_PLMSETUP) == 0))
497 MODE(lml->lm_lcs[CI_THRINIT].lc_lmp) |= RTLD_NODELETE;
498 }
499 }
500
501 thread_t
rt_thr_self()502 rt_thr_self()
503 {
504 thread_t (*fptr)(void);
505
506 if ((fptr = (thread_t (*)())glcs[CI_THR_SELF].lc_un.lc_func) != NULL)
507 return ((*fptr)());
508
509 return (1);
510 }
511
512 int
rt_mutex_lock(Rt_lock * mp)513 rt_mutex_lock(Rt_lock *mp)
514 {
515 return (_lwp_mutex_lock((lwp_mutex_t *)mp));
516 }
517
518 int
rt_mutex_unlock(Rt_lock * mp)519 rt_mutex_unlock(Rt_lock *mp)
520 {
521 return (_lwp_mutex_unlock((lwp_mutex_t *)mp));
522 }
523
524 /*
525 * Test whether we're in a libc critical region. Certain function references,
526 * like the "mem*" family, might require binding. Although these functions can
527 * safely bind to auxiliary filtees, they should not be captured by auditors.
528 */
529 int
rt_critical()530 rt_critical()
531 {
532 int (*fptr)(void);
533
534 if ((fptr = glcs[CI_CRITICAL].lc_un.lc_func) != NULL)
535 return ((*fptr)());
536
537 return (0);
538 }
539
540 /*
541 * Mutex interfaces to resolve references from any objects extracted from
542 * libc_pic.a. Note, as ld.so.1 is essentially single threaded these can be
543 * noops.
544 */
545 #pragma weak lmutex_lock = mutex_lock
546 /* ARGSUSED */
547 int
mutex_lock(mutex_t * mp)548 mutex_lock(mutex_t *mp)
549 {
550 return (0);
551 }
552
553 #pragma weak lmutex_unlock = mutex_unlock
554 /* ARGSUSED */
555 int
mutex_unlock(mutex_t * mp)556 mutex_unlock(mutex_t *mp)
557 {
558 return (0);
559 }
560
561 /* ARGSUSED */
562 int
mutex_init(mutex_t * mp,int type,void * arg)563 mutex_init(mutex_t *mp, int type, void *arg)
564 {
565 return (0);
566 }
567
568 /* ARGSUSED */
569 int
mutex_destroy(mutex_t * mp)570 mutex_destroy(mutex_t *mp)
571 {
572 return (0);
573 }
574
575 /*
576 * This is needed to satisfy sysconf() (case _SC_THREAD_STACK_MIN)
577 */
578 size_t
thr_min_stack()579 thr_min_stack()
580 {
581 return (sizeof (uintptr_t) * 1024);
582 }
583
584 /*
585 * Local str[n]casecmp() interfaces for the dynamic linker,
586 * to avoid problems when linking with libc_pic.a
587 */
588 int
strcasecmp(const char * s1,const char * s2)589 strcasecmp(const char *s1, const char *s2)
590 {
591 extern int ascii_strcasecmp(const char *, const char *);
592
593 return (ascii_strcasecmp(s1, s2));
594 }
595
596 int
strncasecmp(const char * s1,const char * s2,size_t n)597 strncasecmp(const char *s1, const char *s2, size_t n)
598 {
599 extern int ascii_strncasecmp(const char *, const char *, size_t);
600
601 return (ascii_strncasecmp(s1, s2, n));
602 }
603
604 /*
605 * The following functions are cancellation points in libc.
606 * They are called from other functions in libc that we extract
607 * and use directly. We don't do cancellation while we are in
608 * the dynamic linker, so we redefine these to call the primitive,
609 * non-cancellation interfaces.
610 */
611 int
close(int fildes)612 close(int fildes)
613 {
614 extern int __close(int);
615
616 return (__close(fildes));
617 }
618
619 int
fcntl(int fildes,int cmd,...)620 fcntl(int fildes, int cmd, ...)
621 {
622 extern int __fcntl(int, int, ...);
623 intptr_t arg;
624 va_list ap;
625
626 va_start(ap, cmd);
627 arg = va_arg(ap, intptr_t);
628 va_end(ap);
629 return (__fcntl(fildes, cmd, arg));
630 }
631
632 int
open(const char * path,int oflag,...)633 open(const char *path, int oflag, ...)
634 {
635 extern int __open(const char *, int, mode_t);
636 mode_t mode;
637 va_list ap;
638
639 va_start(ap, oflag);
640 mode = va_arg(ap, mode_t);
641 va_end(ap);
642 return (__open(path, oflag, mode));
643 }
644
645 int
openat(int fd,const char * path,int oflag,...)646 openat(int fd, const char *path, int oflag, ...)
647 {
648 extern int __openat(int, const char *, int, mode_t);
649 mode_t mode;
650 va_list ap;
651
652 va_start(ap, oflag);
653 mode = va_arg(ap, mode_t);
654 va_end(ap);
655 return (__openat(fd, path, oflag, mode));
656 }
657
658 ssize_t
read(int fd,void * buf,size_t size)659 read(int fd, void *buf, size_t size)
660 {
661 extern ssize_t __read(int, void *, size_t);
662 return (__read(fd, buf, size));
663 }
664
665 ssize_t
write(int fd,const void * buf,size_t size)666 write(int fd, const void *buf, size_t size)
667 {
668 extern ssize_t __write(int, const void *, size_t);
669 return (__write(fd, buf, size));
670 }
671