1 /* $NetBSD: rtld.c,v 1.215 2023/07/30 09:20:14 riastradh Exp $ */ 2 3 /* 4 * Copyright 1996 John D. Polstra. 5 * Copyright 1996 Matt Thomas <matt@3am-software.com> 6 * Copyright 2002 Charles M. Hannum <root@ihack.net> 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by John Polstra. 20 * 4. The name of the author may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 /* 36 * Dynamic linker for ELF. 37 * 38 * John Polstra <jdp@polstra.com>. 39 */ 40 41 #include <sys/cdefs.h> 42 #ifndef lint 43 __RCSID("$NetBSD: rtld.c,v 1.215 2023/07/30 09:20:14 riastradh Exp $"); 44 #endif /* not lint */ 45 46 #include <sys/param.h> 47 #include <sys/atomic.h> 48 #include <sys/mman.h> 49 #include <err.h> 50 #include <errno.h> 51 #include <fcntl.h> 52 #include <lwp.h> 53 #include <stdarg.h> 54 #include <stdio.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <unistd.h> 58 #include <dirent.h> 59 60 #include <ctype.h> 61 62 #include <dlfcn.h> 63 64 #include "debug.h" 65 #include "hash.h" 66 #include "rtld.h" 67 68 #if !defined(lint) 69 #include "sysident.h" 70 #endif 71 72 /* 73 * Function declarations. 74 */ 75 static void _rtld_init(caddr_t, caddr_t, const char *); 76 static void _rtld_exit(void); 77 78 Elf_Addr _rtld(Elf_Addr *, Elf_Addr); 79 80 81 /* 82 * Data declarations. 83 */ 84 static char *error_message; /* Message for dlopen(), or NULL */ 85 86 struct r_debug _rtld_debug; /* The SVR4 interface for the debugger */ 87 bool _rtld_trust; /* False for setuid and setgid programs */ 88 Obj_Entry *_rtld_objlist; /* Head of linked list of shared objects */ 89 Obj_Entry **_rtld_objtail; /* Link field of last object in list */ 90 Obj_Entry *_rtld_objmain; /* The main program shared object */ 91 Obj_Entry _rtld_objself; /* The dynamic linker shared object */ 92 u_int _rtld_objcount; /* Number of objects in _rtld_objlist */ 93 u_int _rtld_objloads; /* Number of objects loaded in _rtld_objlist */ 94 u_int _rtld_objgen; /* Generation count for _rtld_objlist */ 95 const char _rtld_path[] = _PATH_RTLD; 96 97 /* Initialize a fake symbol for resolving undefined weak references. */ 98 Elf_Sym _rtld_sym_zero = { 99 .st_info = ELF_ST_INFO(STB_GLOBAL, STT_NOTYPE), 100 .st_shndx = SHN_ABS, 101 }; 102 size_t _rtld_pagesz; /* Page size, as provided by kernel */ 103 104 Search_Path *_rtld_default_paths; 105 Search_Path *_rtld_paths; 106 107 Library_Xform *_rtld_xforms; 108 static void *auxinfo; 109 110 /* 111 * Global declarations normally provided by crt0. 112 */ 113 char *__progname; 114 char **environ; 115 116 static volatile bool _rtld_mutex_may_recurse; 117 118 #if defined(RTLD_DEBUG) 119 #ifndef __sh__ 120 extern Elf_Addr _GLOBAL_OFFSET_TABLE_[]; 121 #else /* 32-bit SuperH */ 122 register Elf_Addr *_GLOBAL_OFFSET_TABLE_ asm("r12"); 123 #endif 124 #endif /* RTLD_DEBUG */ 125 extern Elf_Dyn _DYNAMIC; 126 127 static void _rtld_call_fini_functions(sigset_t *, int); 128 static void _rtld_call_init_functions(sigset_t *); 129 static void _rtld_initlist_visit(Objlist *, Obj_Entry *, int); 130 static void _rtld_initlist_tsort(Objlist *, int); 131 static Obj_Entry *_rtld_dlcheck(void *); 132 static void _rtld_init_dag(Obj_Entry *); 133 static void _rtld_init_dag1(Obj_Entry *, Obj_Entry *); 134 static void _rtld_objlist_remove(Objlist *, Obj_Entry *); 135 static void _rtld_objlist_clear(Objlist *); 136 static void _rtld_unload_object(sigset_t *, Obj_Entry *, bool); 137 static void _rtld_unref_dag(Obj_Entry *); 138 static Obj_Entry *_rtld_obj_from_addr(const void *); 139 static void _rtld_fill_dl_phdr_info(const Obj_Entry *, struct dl_phdr_info *); 140 141 static inline void 142 _rtld_call_initfini_function(fptr_t func, sigset_t *mask) 143 { 144 _rtld_exclusive_exit(mask); 145 (*func)(); 146 _rtld_exclusive_enter(mask); 147 } 148 149 static void 150 _rtld_call_fini_function(Obj_Entry *obj, sigset_t *mask, u_int cur_objgen) 151 { 152 if (obj->fini_arraysz == 0 && (obj->fini == NULL || obj->fini_called)) 153 return; 154 155 if (obj->fini != NULL && !obj->fini_called) { 156 dbg (("calling fini function %s at %p%s", obj->path, 157 (void *)obj->fini, 158 obj->z_initfirst ? " (DF_1_INITFIRST)" : "")); 159 obj->fini_called = 1; 160 _rtld_call_initfini_function(obj->fini, mask); 161 } 162 #ifdef HAVE_INITFINI_ARRAY 163 /* 164 * Now process the fini_array if it exists. Simply go from 165 * start to end. We need to make restartable so just advance 166 * the array pointer and decrement the size each time through 167 * the loop. 168 */ 169 while (obj->fini_arraysz > 0 && _rtld_objgen == cur_objgen) { 170 fptr_t fini = *obj->fini_array++; 171 obj->fini_arraysz--; 172 dbg (("calling fini array function %s at %p%s", obj->path, 173 (void *)fini, 174 obj->z_initfirst ? " (DF_1_INITFIRST)" : "")); 175 _rtld_call_initfini_function(fini, mask); 176 } 177 #endif /* HAVE_INITFINI_ARRAY */ 178 } 179 180 static void 181 _rtld_call_fini_functions(sigset_t *mask, int force) 182 { 183 Objlist_Entry *elm; 184 Objlist finilist; 185 u_int cur_objgen; 186 187 dbg(("_rtld_call_fini_functions(%d)", force)); 188 189 restart: 190 cur_objgen = ++_rtld_objgen; 191 SIMPLEQ_INIT(&finilist); 192 _rtld_initlist_tsort(&finilist, 1); 193 194 /* First pass: objects _not_ marked with DF_1_INITFIRST. */ 195 SIMPLEQ_FOREACH(elm, &finilist, link) { 196 Obj_Entry * const obj = elm->obj; 197 if (!obj->z_initfirst) { 198 if (obj->refcount > 0 && !force) { 199 continue; 200 } 201 /* 202 * XXX This can race against a concurrent dlclose(). 203 * XXX In that case, the object could be unmapped before 204 * XXX the fini() call or the fini_array has completed. 205 */ 206 _rtld_call_fini_function(obj, mask, cur_objgen); 207 if (_rtld_objgen != cur_objgen) { 208 dbg(("restarting fini iteration")); 209 _rtld_objlist_clear(&finilist); 210 goto restart; 211 } 212 } 213 } 214 215 /* Second pass: objects marked with DF_1_INITFIRST. */ 216 SIMPLEQ_FOREACH(elm, &finilist, link) { 217 Obj_Entry * const obj = elm->obj; 218 if (obj->refcount > 0 && !force) { 219 continue; 220 } 221 /* XXX See above for the race condition here */ 222 _rtld_call_fini_function(obj, mask, cur_objgen); 223 if (_rtld_objgen != cur_objgen) { 224 dbg(("restarting fini iteration")); 225 _rtld_objlist_clear(&finilist); 226 goto restart; 227 } 228 } 229 230 _rtld_objlist_clear(&finilist); 231 } 232 233 static void 234 _rtld_call_init_function(Obj_Entry *obj, sigset_t *mask, u_int cur_objgen) 235 { 236 if (obj->init_arraysz == 0 && (obj->init_called || obj->init == NULL)) 237 return; 238 239 if (!obj->init_called && obj->init != NULL) { 240 dbg (("calling init function %s at %p%s", 241 obj->path, (void *)obj->init, 242 obj->z_initfirst ? " (DF_1_INITFIRST)" : "")); 243 obj->init_called = 1; 244 _rtld_call_initfini_function(obj->init, mask); 245 } 246 247 #ifdef HAVE_INITFINI_ARRAY 248 /* 249 * Now process the init_array if it exists. Simply go from 250 * start to end. We need to make restartable so just advance 251 * the array pointer and decrement the size each time through 252 * the loop. 253 */ 254 while (obj->init_arraysz > 0 && _rtld_objgen == cur_objgen) { 255 fptr_t init = *obj->init_array++; 256 obj->init_arraysz--; 257 dbg (("calling init_array function %s at %p%s", 258 obj->path, (void *)init, 259 obj->z_initfirst ? " (DF_1_INITFIRST)" : "")); 260 _rtld_call_initfini_function(init, mask); 261 } 262 #endif /* HAVE_INITFINI_ARRAY */ 263 } 264 265 static bool 266 _rtld_call_ifunc_functions(sigset_t *mask, Obj_Entry *obj, u_int cur_objgen) 267 { 268 if (obj->ifunc_remaining 269 #if defined(IFUNC_NONPLT) 270 || obj->ifunc_remaining_nonplt 271 #endif 272 ) { 273 _rtld_call_ifunc(obj, mask, cur_objgen); 274 if (_rtld_objgen != cur_objgen) { 275 return true; 276 } 277 } 278 return false; 279 } 280 281 static void 282 _rtld_call_init_functions(sigset_t *mask) 283 { 284 Objlist_Entry *elm; 285 Objlist initlist; 286 u_int cur_objgen; 287 288 dbg(("_rtld_call_init_functions()")); 289 290 restart: 291 cur_objgen = ++_rtld_objgen; 292 SIMPLEQ_INIT(&initlist); 293 _rtld_initlist_tsort(&initlist, 0); 294 295 /* First pass: objects with IRELATIVE relocations. */ 296 SIMPLEQ_FOREACH(elm, &initlist, link) { 297 if (_rtld_call_ifunc_functions(mask, elm->obj, cur_objgen)) { 298 dbg(("restarting init iteration")); 299 _rtld_objlist_clear(&initlist); 300 goto restart; 301 } 302 } 303 /* 304 * XXX: For historic reasons, init/fini of the main object are called 305 * from crt0. Don't introduce that mistake for ifunc, so look at 306 * the head of _rtld_objlist that _rtld_initlist_tsort skipped. 307 */ 308 if (_rtld_call_ifunc_functions(mask, _rtld_objlist, cur_objgen)) { 309 dbg(("restarting init iteration")); 310 _rtld_objlist_clear(&initlist); 311 goto restart; 312 } 313 314 /* Second pass: objects marked with DF_1_INITFIRST. */ 315 SIMPLEQ_FOREACH(elm, &initlist, link) { 316 Obj_Entry * const obj = elm->obj; 317 if (obj->z_initfirst) { 318 _rtld_call_init_function(obj, mask, cur_objgen); 319 if (_rtld_objgen != cur_objgen) { 320 dbg(("restarting init iteration")); 321 _rtld_objlist_clear(&initlist); 322 goto restart; 323 } 324 } 325 } 326 327 /* Third pass: all other objects. */ 328 SIMPLEQ_FOREACH(elm, &initlist, link) { 329 _rtld_call_init_function(elm->obj, mask, cur_objgen); 330 if (_rtld_objgen != cur_objgen) { 331 dbg(("restarting init iteration")); 332 _rtld_objlist_clear(&initlist); 333 goto restart; 334 } 335 } 336 337 _rtld_objlist_clear(&initlist); 338 } 339 340 /* 341 * Initialize the dynamic linker. The argument is the address at which 342 * the dynamic linker has been mapped into memory. The primary task of 343 * this function is to create an Obj_Entry for the dynamic linker and 344 * to resolve the PLT relocation for platforms that need it (those that 345 * define __HAVE_FUNCTION_DESCRIPTORS 346 */ 347 static void 348 _rtld_init(caddr_t mapbase, caddr_t relocbase, const char *execname) 349 { 350 const Elf_Ehdr *ehdr; 351 352 /* Conjure up an Obj_Entry structure for the dynamic linker. */ 353 _rtld_objself.path = __UNCONST(_rtld_path); 354 _rtld_objself.pathlen = sizeof(_rtld_path)-1; 355 _rtld_objself.rtld = true; 356 _rtld_objself.mapbase = mapbase; 357 _rtld_objself.relocbase = relocbase; 358 _rtld_objself.dynamic = (Elf_Dyn *) &_DYNAMIC; 359 _rtld_objself.strtab = "_rtld_sym_zero"; 360 361 /* 362 * Set value to -relocbase so that 363 * 364 * _rtld_objself.relocbase + _rtld_sym_zero.st_value == 0 365 * 366 * This allows unresolved references to weak symbols to be computed 367 * to a value of 0. 368 */ 369 _rtld_sym_zero.st_value = -(uintptr_t)relocbase; 370 371 _rtld_digest_dynamic(_rtld_path, &_rtld_objself); 372 assert(!_rtld_objself.needed); 373 #if !defined(__hppa__) 374 assert(!_rtld_objself.pltrel && !_rtld_objself.pltrela); 375 #else 376 _rtld_relocate_plt_objects(&_rtld_objself); 377 #endif 378 #if !defined(__mips__) && !defined(__hppa__) 379 assert(!_rtld_objself.pltgot); 380 #endif 381 #if !defined(__arm__) && !defined(__mips__) && !defined(__sh__) 382 /* ARM, MIPS and SH{3,5} have a bogus DT_TEXTREL. */ 383 assert(!_rtld_objself.textrel); 384 #endif 385 386 _rtld_add_paths(execname, &_rtld_default_paths, 387 RTLD_DEFAULT_LIBRARY_PATH); 388 389 #ifdef RTLD_ARCH_SUBDIR 390 _rtld_add_paths(execname, &_rtld_default_paths, 391 RTLD_DEFAULT_LIBRARY_PATH "/" RTLD_ARCH_SUBDIR); 392 #endif 393 394 /* Make the object list empty. */ 395 _rtld_objlist = NULL; 396 _rtld_objtail = &_rtld_objlist; 397 _rtld_objcount = 0; 398 399 _rtld_debug.r_version = R_DEBUG_VERSION; 400 _rtld_debug.r_brk = _rtld_debug_state; 401 _rtld_debug.r_state = RT_CONSISTENT; 402 _rtld_debug.r_ldbase = _rtld_objself.relocbase; 403 404 ehdr = (Elf_Ehdr *)mapbase; 405 _rtld_objself.phdr = (Elf_Phdr *)((char *)mapbase + ehdr->e_phoff); 406 _rtld_objself.phsize = ehdr->e_phnum * sizeof(_rtld_objself.phdr[0]); 407 } 408 409 /* 410 * Cleanup procedure. It will be called (by the atexit() mechanism) just 411 * before the process exits. 412 */ 413 static void 414 _rtld_exit(void) 415 { 416 sigset_t mask; 417 418 dbg(("rtld_exit()")); 419 420 _rtld_exclusive_enter(&mask); 421 422 _rtld_call_fini_functions(&mask, 1); 423 424 _rtld_exclusive_exit(&mask); 425 } 426 427 __dso_public void * 428 _dlauxinfo(void) 429 { 430 return auxinfo; 431 } 432 433 /* 434 * Main entry point for dynamic linking. The argument is the stack 435 * pointer. The stack is expected to be laid out as described in the 436 * SVR4 ABI specification, Intel 386 Processor Supplement. Specifically, 437 * the stack pointer points to a word containing ARGC. Following that 438 * in the stack is a null-terminated sequence of pointers to argument 439 * strings. Then comes a null-terminated sequence of pointers to 440 * environment strings. Finally, there is a sequence of "auxiliary 441 * vector" entries. 442 * 443 * This function returns the entry point for the main program, the dynamic 444 * linker's exit procedure in sp[0], and a pointer to the main object in 445 * sp[1]. 446 */ 447 Elf_Addr 448 _rtld(Elf_Addr *sp, Elf_Addr relocbase) 449 { 450 const AuxInfo *pAUX_base, *pAUX_entry, *pAUX_execfd, *pAUX_phdr, 451 *pAUX_phent, *pAUX_phnum, *pAUX_euid, *pAUX_egid, 452 *pAUX_ruid, *pAUX_rgid; 453 const AuxInfo *pAUX_pagesz; 454 char **env, **oenvp; 455 const AuxInfo *auxp; 456 Obj_Entry *obj; 457 Elf_Addr *const osp = sp; 458 bool bind_now = 0; 459 const char *ld_bind_now, *ld_preload, *ld_library_path; 460 const char **argv; 461 const char *execname; 462 long argc; 463 const char **real___progname; 464 const Obj_Entry **real___mainprog_obj; 465 char ***real_environ; 466 sigset_t mask; 467 #ifdef DEBUG 468 const char *ld_debug; 469 #endif 470 #ifdef RTLD_DEBUG 471 int i = 0; 472 #endif 473 474 /* 475 * On entry, the dynamic linker itself has not been relocated yet. 476 * Be very careful not to reference any global data until after 477 * _rtld_init has returned. It is OK to reference file-scope statics 478 * and string constants, and to call static and global functions. 479 */ 480 /* Find the auxiliary vector on the stack. */ 481 /* first Elf_Word reserved to address of exit routine */ 482 #if defined(RTLD_DEBUG) 483 debug = 1; 484 dbg(("sp = %p, argc = %ld, argv = %p <%s> relocbase %p", sp, 485 (long)sp[2], &sp[3], (char *) sp[3], (void *)relocbase)); 486 #ifndef __x86_64__ 487 dbg(("got is at %p, dynamic is at %p", _GLOBAL_OFFSET_TABLE_, 488 &_DYNAMIC)); 489 #endif 490 #endif 491 492 sp += 2; /* skip over return argument space */ 493 argv = (const char **) &sp[1]; 494 argc = *(long *)sp; 495 sp += 2 + argc; /* Skip over argc, arguments, and NULL 496 * terminator */ 497 env = (char **) sp; 498 while (*sp++ != 0) { /* Skip over environment, and NULL terminator */ 499 #if defined(RTLD_DEBUG) 500 dbg(("env[%d] = %p %s", i++, (void *)sp[-1], (char *)sp[-1])); 501 #endif 502 } 503 auxinfo = (AuxInfo *) sp; 504 505 pAUX_base = pAUX_entry = pAUX_execfd = NULL; 506 pAUX_phdr = pAUX_phent = pAUX_phnum = NULL; 507 pAUX_euid = pAUX_ruid = pAUX_egid = pAUX_rgid = NULL; 508 pAUX_pagesz = NULL; 509 510 execname = NULL; 511 512 /* Digest the auxiliary vector. */ 513 for (auxp = auxinfo; auxp->a_type != AT_NULL; ++auxp) { 514 switch (auxp->a_type) { 515 case AT_BASE: 516 pAUX_base = auxp; 517 break; 518 case AT_ENTRY: 519 pAUX_entry = auxp; 520 break; 521 case AT_EXECFD: 522 pAUX_execfd = auxp; 523 break; 524 case AT_PHDR: 525 pAUX_phdr = auxp; 526 break; 527 case AT_PHENT: 528 pAUX_phent = auxp; 529 break; 530 case AT_PHNUM: 531 pAUX_phnum = auxp; 532 break; 533 #ifdef AT_EUID 534 case AT_EUID: 535 pAUX_euid = auxp; 536 break; 537 case AT_RUID: 538 pAUX_ruid = auxp; 539 break; 540 case AT_EGID: 541 pAUX_egid = auxp; 542 break; 543 case AT_RGID: 544 pAUX_rgid = auxp; 545 break; 546 #endif 547 #ifdef AT_SUN_EXECNAME 548 case AT_SUN_EXECNAME: 549 execname = (const char *)(const void *)auxp->a_v; 550 break; 551 #endif 552 case AT_PAGESZ: 553 pAUX_pagesz = auxp; 554 break; 555 } 556 } 557 558 /* Initialize and relocate ourselves. */ 559 if (pAUX_base == NULL) { 560 _rtld_error("Bad pAUX_base"); 561 _rtld_die(); 562 } 563 assert(pAUX_pagesz != NULL); 564 _rtld_pagesz = (int)pAUX_pagesz->a_v; 565 _rtld_init((caddr_t)pAUX_base->a_v, (caddr_t)relocbase, execname); 566 567 __progname = _rtld_objself.path; 568 environ = env; 569 570 _rtld_trust = ((pAUX_euid ? (uid_t)pAUX_euid->a_v : geteuid()) == 571 (pAUX_ruid ? (uid_t)pAUX_ruid->a_v : getuid())) && 572 ((pAUX_egid ? (gid_t)pAUX_egid->a_v : getegid()) == 573 (pAUX_rgid ? (gid_t)pAUX_rgid->a_v : getgid())); 574 575 #ifdef DEBUG 576 ld_debug = NULL; 577 #endif 578 ld_bind_now = NULL; 579 ld_library_path = NULL; 580 ld_preload = NULL; 581 /* 582 * Inline avoid using normal getenv/unsetenv here as the libc 583 * code is quite a bit more complicated. 584 */ 585 for (oenvp = env; *env != NULL; ++env) { 586 static const char bind_var[] = "LD_BIND_NOW="; 587 static const char debug_var[] = "LD_DEBUG="; 588 static const char path_var[] = "LD_LIBRARY_PATH="; 589 static const char preload_var[] = "LD_PRELOAD="; 590 #define LEN(x) (sizeof(x) - 1) 591 592 if ((*env)[0] != 'L' || (*env)[1] != 'D') { 593 /* 594 * Special case to skip most entries without 595 * the more expensive calls to strncmp. 596 */ 597 *oenvp++ = *env; 598 } else if (strncmp(*env, debug_var, LEN(debug_var)) == 0) { 599 if (_rtld_trust) { 600 #ifdef DEBUG 601 ld_debug = *env + LEN(debug_var); 602 #endif 603 *oenvp++ = *env; 604 } 605 } else if (strncmp(*env, bind_var, LEN(bind_var)) == 0) { 606 if (_rtld_trust) { 607 ld_bind_now = *env + LEN(bind_var); 608 *oenvp++ = *env; 609 } 610 } else if (strncmp(*env, path_var, LEN(path_var)) == 0) { 611 if (_rtld_trust) { 612 ld_library_path = *env + LEN(path_var); 613 *oenvp++ = *env; 614 } 615 } else if (strncmp(*env, preload_var, LEN(preload_var)) == 0) { 616 if (_rtld_trust) { 617 ld_preload = *env + LEN(preload_var); 618 *oenvp++ = *env; 619 } 620 } else { 621 *oenvp++ = *env; 622 } 623 #undef LEN 624 } 625 *oenvp++ = NULL; 626 627 if (ld_bind_now != NULL && *ld_bind_now != '\0') 628 bind_now = true; 629 if (_rtld_trust) { 630 #ifdef DEBUG 631 #ifdef RTLD_DEBUG 632 debug = 0; 633 #endif 634 if (ld_debug != NULL && *ld_debug != '\0') 635 debug = 1; 636 #endif 637 _rtld_add_paths(execname, &_rtld_paths, ld_library_path); 638 } else { 639 execname = NULL; 640 } 641 _rtld_process_hints(execname, &_rtld_paths, &_rtld_xforms, 642 _PATH_LD_HINTS); 643 dbg(("dynamic linker is initialized, mapbase=%p, relocbase=%p", 644 _rtld_objself.mapbase, _rtld_objself.relocbase)); 645 646 /* 647 * Load the main program, or process its program header if it is 648 * already loaded. 649 */ 650 if (pAUX_execfd != NULL) { /* Load the main program. */ 651 int fd = pAUX_execfd->a_v; 652 const char *obj_name = argv[0] ? argv[0] : "main program"; 653 dbg(("loading main program")); 654 _rtld_objmain = _rtld_map_object(obj_name, fd, NULL); 655 close(fd); 656 if (_rtld_objmain == NULL) 657 _rtld_die(); 658 } else { /* Main program already loaded. */ 659 const Elf_Phdr *phdr; 660 int phnum; 661 caddr_t entry; 662 663 dbg(("processing main program's program header")); 664 assert(pAUX_phdr != NULL); 665 phdr = (const Elf_Phdr *) pAUX_phdr->a_v; 666 assert(pAUX_phnum != NULL); 667 phnum = pAUX_phnum->a_v; 668 assert(pAUX_phent != NULL); 669 assert(pAUX_phent->a_v == sizeof(Elf_Phdr)); 670 assert(pAUX_entry != NULL); 671 entry = (caddr_t) pAUX_entry->a_v; 672 _rtld_objmain = _rtld_digest_phdr(phdr, phnum, entry); 673 _rtld_objmain->path = xstrdup(argv[0] ? argv[0] : 674 "main program"); 675 _rtld_objmain->pathlen = strlen(_rtld_objmain->path); 676 } 677 678 _rtld_objmain->mainprog = true; 679 680 /* 681 * Get the actual dynamic linker pathname from the executable if 682 * possible. (It should always be possible.) That ensures that 683 * the debugger will find the right dynamic linker even if a 684 * non-standard one is being used. 685 */ 686 if (_rtld_objmain->interp != NULL && 687 strcmp(_rtld_objmain->interp, _rtld_objself.path) != 0) { 688 _rtld_objself.path = xstrdup(_rtld_objmain->interp); 689 _rtld_objself.pathlen = strlen(_rtld_objself.path); 690 } 691 dbg(("actual dynamic linker is %s", _rtld_objself.path)); 692 693 _rtld_digest_dynamic(execname, _rtld_objmain); 694 695 /* Link the main program into the list of objects. */ 696 *_rtld_objtail = _rtld_objmain; 697 _rtld_objtail = &_rtld_objmain->next; 698 _rtld_objcount++; 699 _rtld_objloads++; 700 701 _rtld_linkmap_add(_rtld_objmain); 702 _rtld_objself.path = xstrdup(_rtld_objself.path); 703 _rtld_linkmap_add(&_rtld_objself); 704 705 ++_rtld_objmain->refcount; 706 _rtld_objmain->mainref = 1; 707 _rtld_objlist_push_tail(&_rtld_list_main, _rtld_objmain); 708 709 if (ld_preload) { 710 /* 711 * Pre-load user-specified objects after the main program 712 * but before any shared object dependencies. 713 */ 714 dbg(("preloading objects")); 715 if (_rtld_preload(ld_preload) == -1) 716 _rtld_die(); 717 } 718 719 dbg(("loading needed objects")); 720 if (_rtld_load_needed_objects(_rtld_objmain, _RTLD_MAIN) == -1) 721 _rtld_die(); 722 723 dbg(("checking for required versions")); 724 for (obj = _rtld_objlist; obj != NULL; obj = obj->next) { 725 if (_rtld_verify_object_versions(obj) == -1) 726 _rtld_die(); 727 } 728 729 #if defined(__HAVE_TLS_VARIANT_I) || defined(__HAVE_TLS_VARIANT_II) 730 dbg(("initializing initial Thread Local Storage offsets")); 731 /* 732 * All initial objects get the TLS space from the static block. 733 */ 734 for (obj = _rtld_objlist; obj != NULL; obj = obj->next) 735 _rtld_tls_offset_allocate(obj); 736 #endif 737 738 dbg(("relocating objects")); 739 if (_rtld_relocate_objects(_rtld_objmain, bind_now) == -1) 740 _rtld_die(); 741 742 dbg(("doing copy relocations")); 743 if (_rtld_do_copy_relocations(_rtld_objmain) == -1) 744 _rtld_die(); 745 746 #if defined(__HAVE_TLS_VARIANT_I) || defined(__HAVE_TLS_VARIANT_II) 747 dbg(("initializing Thread Local Storage for main thread")); 748 /* 749 * Set up TLS area for the main thread. 750 * This has to be done after all relocations are processed, 751 * since .tdata may contain relocations. 752 */ 753 _rtld_tls_initial_allocation(); 754 #endif 755 756 /* 757 * Set the __progname, environ and, __mainprog_obj before 758 * calling anything that might use them. 759 */ 760 real___progname = _rtld_objmain_sym("__progname"); 761 if (real___progname) { 762 if (argv[0] != NULL) { 763 if ((*real___progname = strrchr(argv[0], '/')) == NULL) 764 (*real___progname) = argv[0]; 765 else 766 (*real___progname)++; 767 } else { 768 (*real___progname) = NULL; 769 } 770 } 771 real_environ = _rtld_objmain_sym("environ"); 772 if (real_environ) 773 *real_environ = environ; 774 /* 775 * Set __mainprog_obj for old binaries. 776 */ 777 real___mainprog_obj = _rtld_objmain_sym("__mainprog_obj"); 778 if (real___mainprog_obj) 779 *real___mainprog_obj = _rtld_objmain; 780 781 _rtld_debug_state(); /* say hello to the debugger! */ 782 783 _rtld_exclusive_enter(&mask); 784 785 dbg(("calling _init functions")); 786 _rtld_call_init_functions(&mask); 787 788 dbg(("control at program entry point = %p, obj = %p, exit = %p", 789 _rtld_objmain->entry, _rtld_objmain, _rtld_exit)); 790 791 _rtld_exclusive_exit(&mask); 792 793 /* 794 * Return with the entry point and the exit procedure in at the top 795 * of stack. 796 */ 797 798 ((void **) osp)[0] = _rtld_exit; 799 ((void **) osp)[1] = __UNCONST(_rtld_compat_obj); 800 return (Elf_Addr) _rtld_objmain->entry; 801 } 802 803 void 804 _rtld_die(void) 805 { 806 const char *msg = dlerror(); 807 808 if (msg == NULL) 809 msg = "Fatal error"; 810 xerrx(1, "%s", msg); 811 } 812 813 static Obj_Entry * 814 _rtld_dlcheck(void *handle) 815 { 816 Obj_Entry *obj; 817 818 for (obj = _rtld_objlist; obj != NULL; obj = obj->next) 819 if (obj == (Obj_Entry *) handle) 820 break; 821 822 if (obj == NULL || obj->dl_refcount == 0) { 823 _rtld_error("Invalid shared object handle %p", handle); 824 return NULL; 825 } 826 return obj; 827 } 828 829 static void 830 _rtld_initlist_visit(Objlist* list, Obj_Entry *obj, int rev) 831 { 832 Needed_Entry* elm; 833 834 /* dbg(("_rtld_initlist_visit(%s)", obj->path)); */ 835 836 if (obj->init_done) 837 return; 838 obj->init_done = 1; 839 840 for (elm = obj->needed; elm != NULL; elm = elm->next) { 841 if (elm->obj != NULL) { 842 _rtld_initlist_visit(list, elm->obj, rev); 843 } 844 } 845 846 if (rev) { 847 _rtld_objlist_push_head(list, obj); 848 } else { 849 _rtld_objlist_push_tail(list, obj); 850 } 851 } 852 853 static void 854 _rtld_initlist_tsort(Objlist* list, int rev) 855 { 856 dbg(("_rtld_initlist_tsort")); 857 858 Obj_Entry* obj; 859 860 /* 861 * We don't include objmain here (starting from next) 862 * because csu handles it 863 */ 864 for (obj = _rtld_objlist->next; obj; obj = obj->next) { 865 obj->init_done = 0; 866 } 867 868 for (obj = _rtld_objlist->next; obj; obj = obj->next) { 869 _rtld_initlist_visit(list, obj, rev); 870 } 871 } 872 873 static void 874 _rtld_init_dag(Obj_Entry *root) 875 { 876 877 _rtld_init_dag1(root, root); 878 } 879 880 static void 881 _rtld_init_dag1(Obj_Entry *root, Obj_Entry *obj) 882 { 883 const Needed_Entry *needed; 884 885 if (!obj->mainref) { 886 if (_rtld_objlist_find(&obj->dldags, root)) 887 return; 888 dbg(("add %p (%s) to %p (%s) DAG", obj, obj->path, root, 889 root->path)); 890 _rtld_objlist_push_tail(&obj->dldags, root); 891 _rtld_objlist_push_tail(&root->dagmembers, obj); 892 } 893 for (needed = obj->needed; needed != NULL; needed = needed->next) 894 if (needed->obj != NULL) 895 _rtld_init_dag1(root, needed->obj); 896 } 897 898 /* 899 * Note, this is called only for objects loaded by dlopen(). 900 */ 901 static void 902 _rtld_unload_object(sigset_t *mask, Obj_Entry *root, bool do_fini_funcs) 903 { 904 905 _rtld_unref_dag(root); 906 if (root->refcount == 0) { /* We are finished with some objects. */ 907 Obj_Entry *obj; 908 Obj_Entry **linkp; 909 Objlist_Entry *elm; 910 911 /* Finalize objects that are about to be unmapped. */ 912 if (do_fini_funcs) 913 _rtld_call_fini_functions(mask, 0); 914 915 /* Remove the DAG from all objects' DAG lists. */ 916 SIMPLEQ_FOREACH(elm, &root->dagmembers, link) 917 _rtld_objlist_remove(&elm->obj->dldags, root); 918 919 /* Remove the DAG from the RTLD_GLOBAL list. */ 920 if (root->globalref) { 921 root->globalref = 0; 922 _rtld_objlist_remove(&_rtld_list_global, root); 923 } 924 925 /* Unmap all objects that are no longer referenced. */ 926 linkp = &_rtld_objlist->next; 927 while ((obj = *linkp) != NULL) { 928 if (obj->refcount == 0) { 929 dbg(("unloading \"%s\"", obj->path)); 930 if (obj->ehdr != MAP_FAILED) 931 munmap(obj->ehdr, _rtld_pagesz); 932 munmap(obj->mapbase, obj->mapsize); 933 _rtld_objlist_remove(&_rtld_list_global, obj); 934 _rtld_linkmap_delete(obj); 935 *linkp = obj->next; 936 _rtld_objcount--; 937 _rtld_obj_free(obj); 938 } else 939 linkp = &obj->next; 940 } 941 _rtld_objtail = linkp; 942 } 943 } 944 945 void 946 _rtld_ref_dag(Obj_Entry *root) 947 { 948 const Needed_Entry *needed; 949 950 assert(root); 951 952 ++root->refcount; 953 954 dbg(("incremented reference on \"%s\" (%d)", root->path, 955 root->refcount)); 956 for (needed = root->needed; needed != NULL; 957 needed = needed->next) { 958 if (needed->obj != NULL) 959 _rtld_ref_dag(needed->obj); 960 } 961 } 962 963 static void 964 _rtld_unref_dag(Obj_Entry *root) 965 { 966 967 assert(root); 968 assert(root->refcount != 0); 969 970 --root->refcount; 971 dbg(("decremented reference on \"%s\" (%d)", root->path, 972 root->refcount)); 973 974 if (root->refcount == 0) { 975 const Needed_Entry *needed; 976 977 for (needed = root->needed; needed != NULL; 978 needed = needed->next) { 979 if (needed->obj != NULL) 980 _rtld_unref_dag(needed->obj); 981 } 982 } 983 } 984 985 __strong_alias(__dlclose,dlclose) 986 int 987 dlclose(void *handle) 988 { 989 Obj_Entry *root; 990 sigset_t mask; 991 992 dbg(("dlclose of %p", handle)); 993 994 _rtld_exclusive_enter(&mask); 995 996 root = _rtld_dlcheck(handle); 997 998 if (root == NULL) { 999 _rtld_exclusive_exit(&mask); 1000 return -1; 1001 } 1002 1003 _rtld_debug.r_state = RT_DELETE; 1004 _rtld_debug_state(); 1005 1006 --root->dl_refcount; 1007 _rtld_unload_object(&mask, root, true); 1008 1009 _rtld_debug.r_state = RT_CONSISTENT; 1010 _rtld_debug_state(); 1011 1012 _rtld_exclusive_exit(&mask); 1013 1014 return 0; 1015 } 1016 1017 __strong_alias(__dlerror,dlerror) 1018 char * 1019 dlerror(void) 1020 { 1021 char *msg = error_message; 1022 1023 error_message = NULL; 1024 return msg; 1025 } 1026 1027 __strong_alias(__dlopen,dlopen) 1028 void * 1029 dlopen(const char *name, int mode) 1030 { 1031 Obj_Entry **old_obj_tail; 1032 Obj_Entry *obj = NULL; 1033 int flags = _RTLD_DLOPEN; 1034 bool nodelete; 1035 bool now; 1036 sigset_t mask; 1037 int result; 1038 1039 dbg(("dlopen of %s 0x%x", name, mode)); 1040 1041 _rtld_exclusive_enter(&mask); 1042 1043 old_obj_tail = _rtld_objtail; 1044 1045 flags |= (mode & RTLD_GLOBAL) ? _RTLD_GLOBAL : 0; 1046 flags |= (mode & RTLD_NOLOAD) ? _RTLD_NOLOAD : 0; 1047 1048 nodelete = (mode & RTLD_NODELETE) ? true : false; 1049 now = ((mode & RTLD_MODEMASK) == RTLD_NOW) ? true : false; 1050 1051 _rtld_debug.r_state = RT_ADD; 1052 _rtld_debug_state(); 1053 1054 if (name == NULL) { 1055 obj = _rtld_objmain; 1056 obj->refcount++; 1057 } else 1058 obj = _rtld_load_library(name, _rtld_objmain, flags); 1059 1060 1061 if (obj != NULL) { 1062 ++obj->dl_refcount; 1063 if (*old_obj_tail != NULL) { /* We loaded something new. */ 1064 assert(*old_obj_tail == obj); 1065 1066 result = _rtld_load_needed_objects(obj, flags); 1067 if (result != -1) { 1068 Objlist_Entry *entry; 1069 _rtld_init_dag(obj); 1070 SIMPLEQ_FOREACH(entry, &obj->dagmembers, link) { 1071 result = _rtld_verify_object_versions(entry->obj); 1072 if (result == -1) 1073 break; 1074 } 1075 } 1076 if (result == -1 || _rtld_relocate_objects(obj, 1077 (now || obj->z_now)) == -1) { 1078 _rtld_unload_object(&mask, obj, false); 1079 obj->dl_refcount--; 1080 obj = NULL; 1081 } else { 1082 _rtld_call_init_functions(&mask); 1083 } 1084 } 1085 if (obj != NULL) { 1086 if ((nodelete || obj->z_nodelete) && !obj->ref_nodel) { 1087 dbg(("dlopen obj %s nodelete", obj->path)); 1088 _rtld_ref_dag(obj); 1089 obj->z_nodelete = obj->ref_nodel = true; 1090 } 1091 } 1092 } 1093 _rtld_debug.r_state = RT_CONSISTENT; 1094 _rtld_debug_state(); 1095 1096 dbg(("dlopen of %s 0x%x returned %p%s%s%s", name, mode, obj, 1097 obj ? "" : " (", obj ? "" : error_message, obj ? "" : ")")); 1098 1099 _rtld_exclusive_exit(&mask); 1100 1101 return obj; 1102 } 1103 1104 /* 1105 * Find a symbol in the main program. 1106 */ 1107 void * 1108 _rtld_objmain_sym(const char *name) 1109 { 1110 Elf_Hash hash; 1111 const Elf_Sym *def; 1112 const Obj_Entry *obj; 1113 DoneList donelist; 1114 1115 hash.sysv = _rtld_sysv_hash(name); 1116 hash.gnu = _rtld_gnu_hash(name); 1117 obj = _rtld_objmain; 1118 _rtld_donelist_init(&donelist); 1119 1120 def = _rtld_symlook_list(name, &hash, &_rtld_list_main, &obj, 0, 1121 NULL, &donelist); 1122 1123 if (def != NULL) 1124 return obj->relocbase + def->st_value; 1125 return NULL; 1126 } 1127 1128 #if defined(__powerpc__) && !defined(__clang__) 1129 static __noinline void * 1130 hackish_return_address(void) 1131 { 1132 #if __GNUC_PREREQ__(6,0) 1133 #pragma GCC diagnostic push 1134 #pragma GCC diagnostic ignored "-Wframe-address" 1135 #endif 1136 return __builtin_return_address(1); 1137 #if __GNUC_PREREQ__(6,0) 1138 #pragma GCC diagnostic pop 1139 #endif 1140 } 1141 #endif 1142 1143 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1144 #define lookup_mutex_enter() _rtld_exclusive_enter(&mask) 1145 #define lookup_mutex_exit() _rtld_exclusive_exit(&mask) 1146 #else 1147 #define lookup_mutex_enter() _rtld_shared_enter() 1148 #define lookup_mutex_exit() _rtld_shared_exit() 1149 #endif 1150 1151 static void * 1152 do_dlsym(void *handle, const char *name, const Ver_Entry *ventry, void *retaddr) 1153 { 1154 const Obj_Entry *obj; 1155 Elf_Hash hash; 1156 const Elf_Sym *def; 1157 const Obj_Entry *defobj; 1158 DoneList donelist; 1159 const u_int flags = SYMLOOK_DLSYM | SYMLOOK_IN_PLT; 1160 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1161 sigset_t mask; 1162 #endif 1163 1164 lookup_mutex_enter(); 1165 1166 hash.sysv = _rtld_sysv_hash(name); 1167 hash.gnu = _rtld_gnu_hash(name); 1168 def = NULL; 1169 defobj = NULL; 1170 1171 switch ((intptr_t)handle) { 1172 case (intptr_t)NULL: 1173 case (intptr_t)RTLD_NEXT: 1174 case (intptr_t)RTLD_DEFAULT: 1175 case (intptr_t)RTLD_SELF: 1176 if ((obj = _rtld_obj_from_addr(retaddr)) == NULL) { 1177 _rtld_error("Cannot determine caller's shared object"); 1178 lookup_mutex_exit(); 1179 return NULL; 1180 } 1181 1182 switch ((intptr_t)handle) { 1183 case (intptr_t)NULL: /* Just the caller's shared object. */ 1184 def = _rtld_symlook_obj(name, &hash, obj, flags, ventry); 1185 defobj = obj; 1186 break; 1187 1188 case (intptr_t)RTLD_NEXT: /* Objects after callers */ 1189 obj = obj->next; 1190 /*FALLTHROUGH*/ 1191 1192 case (intptr_t)RTLD_SELF: /* Caller included */ 1193 for (; obj; obj = obj->next) { 1194 if ((def = _rtld_symlook_obj(name, &hash, obj, 1195 flags, ventry)) != NULL) { 1196 defobj = obj; 1197 break; 1198 } 1199 } 1200 /* 1201 * Search the dynamic linker itself, and possibly 1202 * resolve the symbol from there if it is not defined 1203 * already or weak. This is how the application links 1204 * to dynamic linker services such as dlopen. 1205 */ 1206 if (!def || ELF_ST_BIND(def->st_info) == STB_WEAK) { 1207 const Elf_Sym *symp = _rtld_symlook_obj(name, 1208 &hash, &_rtld_objself, flags, ventry); 1209 if (symp != NULL) { 1210 def = symp; 1211 defobj = &_rtld_objself; 1212 } 1213 } 1214 break; 1215 1216 case (intptr_t)RTLD_DEFAULT: 1217 def = _rtld_symlook_default(name, &hash, obj, &defobj, 1218 flags, ventry); 1219 break; 1220 1221 default: 1222 abort(); 1223 } 1224 break; 1225 1226 default: 1227 if ((obj = _rtld_dlcheck(handle)) == NULL) { 1228 lookup_mutex_exit(); 1229 return NULL; 1230 } 1231 1232 _rtld_donelist_init(&donelist); 1233 1234 if (obj->mainprog) { 1235 /* Search main program and all libraries loaded by it */ 1236 def = _rtld_symlook_list(name, &hash, &_rtld_list_main, 1237 &defobj, flags, ventry, &donelist); 1238 } else { 1239 Needed_Entry fake; 1240 DoneList depth; 1241 1242 /* Search the object and all the libraries loaded by it. */ 1243 fake.next = NULL; 1244 fake.obj = __UNCONST(obj); 1245 fake.name = 0; 1246 1247 _rtld_donelist_init(&depth); 1248 def = _rtld_symlook_needed(name, &hash, &fake, &defobj, 1249 flags, ventry, &donelist, &depth); 1250 } 1251 1252 break; 1253 } 1254 1255 if (def != NULL) { 1256 void *p; 1257 1258 if (ELF_ST_TYPE(def->st_info) == STT_GNU_IFUNC) { 1259 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1260 lookup_mutex_exit(); 1261 _rtld_shared_enter(); 1262 #endif 1263 p = (void *)_rtld_resolve_ifunc(defobj, def); 1264 _rtld_shared_exit(); 1265 return p; 1266 } 1267 1268 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1269 if (ELF_ST_TYPE(def->st_info) == STT_FUNC) { 1270 p = (void *)_rtld_function_descriptor_alloc(defobj, 1271 def, 0); 1272 lookup_mutex_exit(); 1273 return p; 1274 } 1275 #endif /* __HAVE_FUNCTION_DESCRIPTORS */ 1276 p = defobj->relocbase + def->st_value; 1277 lookup_mutex_exit(); 1278 return p; 1279 } 1280 1281 _rtld_error("Undefined symbol \"%s\"", name); 1282 lookup_mutex_exit(); 1283 return NULL; 1284 } 1285 1286 __strong_alias(__dlsym,dlsym) 1287 void * 1288 dlsym(void *handle, const char *name) 1289 { 1290 void *retaddr; 1291 1292 dbg(("dlsym of %s in %p", name, handle)); 1293 1294 #if defined(__powerpc__) && !defined(__clang__) 1295 retaddr = hackish_return_address(); 1296 #else 1297 retaddr = __builtin_return_address(0); 1298 #endif 1299 return do_dlsym(handle, name, NULL, retaddr); 1300 } 1301 1302 __strong_alias(__dlvsym,dlvsym) 1303 void * 1304 dlvsym(void *handle, const char *name, const char *version) 1305 { 1306 Ver_Entry *ventry = NULL; 1307 Ver_Entry ver_entry; 1308 void *retaddr; 1309 1310 dbg(("dlvsym of %s@%s in %p", name, version ? version : NULL, handle)); 1311 1312 if (version != NULL) { 1313 ver_entry.name = version; 1314 ver_entry.file = NULL; 1315 ver_entry.hash = _rtld_sysv_hash(version); 1316 ver_entry.flags = 0; 1317 ventry = &ver_entry; 1318 } 1319 #if defined(__powerpc__) && !defined(__clang__) 1320 retaddr = hackish_return_address(); 1321 #else 1322 retaddr = __builtin_return_address(0); 1323 #endif 1324 return do_dlsym(handle, name, ventry, retaddr); 1325 } 1326 1327 __strong_alias(__dladdr,dladdr) 1328 int 1329 dladdr(const void *addr, Dl_info *info) 1330 { 1331 const Obj_Entry *obj; 1332 const Elf_Sym *def, *best_def; 1333 void *symbol_addr; 1334 unsigned long symoffset; 1335 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1336 sigset_t mask; 1337 #endif 1338 1339 dbg(("dladdr of %p", addr)); 1340 1341 lookup_mutex_enter(); 1342 1343 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1344 addr = _rtld_function_descriptor_function(addr); 1345 #endif /* __HAVE_FUNCTION_DESCRIPTORS */ 1346 1347 obj = _rtld_obj_from_addr(addr); 1348 if (obj == NULL) { 1349 _rtld_error("No shared object contains address"); 1350 lookup_mutex_exit(); 1351 return 0; 1352 } 1353 info->dli_fname = obj->path; 1354 info->dli_fbase = obj->mapbase; 1355 info->dli_saddr = (void *)0; 1356 info->dli_sname = NULL; 1357 1358 /* 1359 * Walk the symbol list looking for the symbol whose address is 1360 * closest to the address sent in. 1361 */ 1362 best_def = NULL; 1363 for (symoffset = 0; symoffset < obj->nchains; symoffset++) { 1364 def = obj->symtab + symoffset; 1365 1366 /* 1367 * For skip the symbol if st_shndx is either SHN_UNDEF or 1368 * SHN_COMMON. 1369 */ 1370 if (def->st_shndx == SHN_UNDEF || def->st_shndx == SHN_COMMON) 1371 continue; 1372 1373 /* 1374 * If the symbol is greater than the specified address, or if it 1375 * is further away from addr than the current nearest symbol, 1376 * then reject it. 1377 */ 1378 symbol_addr = obj->relocbase + def->st_value; 1379 if (symbol_addr > addr || symbol_addr < info->dli_saddr) 1380 continue; 1381 1382 /* Update our idea of the nearest symbol. */ 1383 info->dli_sname = obj->strtab + def->st_name; 1384 info->dli_saddr = symbol_addr; 1385 best_def = def; 1386 1387 1388 /* Exact match? */ 1389 if (info->dli_saddr == addr) 1390 break; 1391 } 1392 1393 #ifdef __HAVE_FUNCTION_DESCRIPTORS 1394 if (best_def != NULL && ELF_ST_TYPE(best_def->st_info) == STT_FUNC) 1395 info->dli_saddr = (void *)_rtld_function_descriptor_alloc(obj, 1396 best_def, 0); 1397 #else 1398 __USE(best_def); 1399 #endif /* __HAVE_FUNCTION_DESCRIPTORS */ 1400 1401 lookup_mutex_exit(); 1402 return 1; 1403 } 1404 1405 __strong_alias(__dlinfo,dlinfo) 1406 int 1407 dlinfo(void *handle, int req, void *v) 1408 { 1409 const Obj_Entry *obj; 1410 void *retaddr; 1411 1412 dbg(("dlinfo for %p %d", handle, req)); 1413 1414 _rtld_shared_enter(); 1415 1416 if (handle == RTLD_SELF) { 1417 #if defined(__powerpc__) && !defined(__clang__) 1418 retaddr = hackish_return_address(); 1419 #else 1420 retaddr = __builtin_return_address(0); 1421 #endif 1422 if ((obj = _rtld_obj_from_addr(retaddr)) == NULL) { 1423 _rtld_error("Cannot determine caller's shared object"); 1424 _rtld_shared_exit(); 1425 return -1; 1426 } 1427 } else { 1428 if ((obj = _rtld_dlcheck(handle)) == NULL) { 1429 _rtld_shared_exit(); 1430 return -1; 1431 } 1432 } 1433 1434 switch (req) { 1435 case RTLD_DI_LINKMAP: 1436 { 1437 const struct link_map **map = v; 1438 1439 *map = &obj->linkmap; 1440 break; 1441 } 1442 1443 default: 1444 _rtld_error("Invalid request"); 1445 _rtld_shared_exit(); 1446 return -1; 1447 } 1448 1449 _rtld_shared_exit(); 1450 return 0; 1451 } 1452 1453 static void 1454 _rtld_fill_dl_phdr_info(const Obj_Entry *obj, struct dl_phdr_info *phdr_info) 1455 { 1456 1457 phdr_info->dlpi_addr = (Elf_Addr)obj->relocbase; 1458 /* XXX: wrong but not fixing it yet */ 1459 phdr_info->dlpi_name = obj->path; 1460 phdr_info->dlpi_phdr = obj->phdr; 1461 phdr_info->dlpi_phnum = obj->phsize / sizeof(obj->phdr[0]); 1462 #if defined(__HAVE_TLS_VARIANT_I) || defined(__HAVE_TLS_VARIANT_II) 1463 phdr_info->dlpi_tls_modid = obj->tlsindex; 1464 phdr_info->dlpi_tls_data = obj->tlsinit; 1465 #else 1466 phdr_info->dlpi_tls_modid = 0; 1467 phdr_info->dlpi_tls_data = 0; 1468 #endif 1469 phdr_info->dlpi_adds = _rtld_objloads; 1470 phdr_info->dlpi_subs = _rtld_objloads - _rtld_objcount; 1471 } 1472 1473 __strong_alias(__dl_iterate_phdr,dl_iterate_phdr); 1474 int 1475 dl_iterate_phdr(int (*callback)(struct dl_phdr_info *, size_t, void *), void *param) 1476 { 1477 struct dl_phdr_info phdr_info; 1478 const Obj_Entry *obj; 1479 int error = 0; 1480 1481 dbg(("dl_iterate_phdr")); 1482 1483 _rtld_shared_enter(); 1484 1485 for (obj = _rtld_objlist; obj != NULL; obj = obj->next) { 1486 _rtld_fill_dl_phdr_info(obj, &phdr_info); 1487 1488 /* XXXlocking: exit point */ 1489 error = callback(&phdr_info, sizeof(phdr_info), param); 1490 if (error) 1491 break; 1492 } 1493 1494 if (error == 0) { 1495 _rtld_fill_dl_phdr_info(&_rtld_objself, &phdr_info); 1496 1497 /* XXXlocking: exit point */ 1498 error = callback(&phdr_info, sizeof(phdr_info), param); 1499 } 1500 1501 _rtld_shared_exit(); 1502 return error; 1503 } 1504 1505 void 1506 __dl_cxa_refcount(void *addr, ssize_t delta) 1507 { 1508 sigset_t mask; 1509 Obj_Entry *obj; 1510 1511 if (delta == 0) 1512 return; 1513 1514 dbg(("__dl_cxa_refcount of %p with %zd", addr, delta)); 1515 1516 _rtld_exclusive_enter(&mask); 1517 obj = _rtld_obj_from_addr(addr); 1518 1519 if (obj == NULL) { 1520 dbg(("__dl_cxa_refcont: address not found")); 1521 _rtld_error("No shared object contains address"); 1522 _rtld_exclusive_exit(&mask); 1523 return; 1524 } 1525 if (delta > 0 && obj->cxa_refcount > SIZE_MAX - delta) 1526 _rtld_error("Reference count overflow"); 1527 else if (delta < 0 && obj->cxa_refcount < -1 + (size_t)-(delta + 1)) 1528 _rtld_error("Reference count underflow"); 1529 else { 1530 if (obj->cxa_refcount == 0) 1531 ++obj->refcount; 1532 obj->cxa_refcount += delta; 1533 dbg(("new reference count: %zu", obj->cxa_refcount)); 1534 if (obj->cxa_refcount == 0) { 1535 --obj->refcount; 1536 if (obj->refcount == 0) 1537 _rtld_unload_object(&mask, obj, true); 1538 } 1539 } 1540 1541 _rtld_exclusive_exit(&mask); 1542 } 1543 1544 pid_t __fork(void); 1545 1546 __dso_public pid_t 1547 __locked_fork(int *my_errno) 1548 { 1549 pid_t result; 1550 1551 _rtld_shared_enter(); 1552 result = __fork(); 1553 if (result == -1) 1554 *my_errno = errno; 1555 _rtld_shared_exit(); 1556 1557 return result; 1558 } 1559 1560 /* 1561 * Error reporting function. Use it like printf. If formats the message 1562 * into a buffer, and sets things up so that the next call to dlerror() 1563 * will return the message. 1564 */ 1565 void 1566 _rtld_error(const char *fmt,...) 1567 { 1568 static char buf[512]; 1569 va_list ap; 1570 1571 va_start(ap, fmt); 1572 xvsnprintf(buf, sizeof buf, fmt, ap); 1573 dbg(("%s: %s", __func__, buf)); 1574 error_message = buf; 1575 va_end(ap); 1576 } 1577 1578 void 1579 _rtld_debug_state(void) 1580 { 1581 #if defined(__hppa__) 1582 __asm volatile("nop" ::: "memory"); 1583 #endif 1584 1585 /* Prevent optimizer from removing calls to this function */ 1586 __insn_barrier(); 1587 } 1588 1589 void 1590 _rtld_linkmap_add(Obj_Entry *obj) 1591 { 1592 struct link_map *l = &obj->linkmap; 1593 struct link_map *prev; 1594 1595 obj->linkmap.l_name = obj->path; 1596 obj->linkmap.l_addr = obj->relocbase; 1597 obj->linkmap.l_ld = obj->dynamic; 1598 #ifdef __mips__ 1599 /* XXX This field is not standard and will be removed eventually. */ 1600 obj->linkmap.l_offs = obj->relocbase; 1601 #endif 1602 1603 if (_rtld_debug.r_map == NULL) { 1604 _rtld_debug.r_map = l; 1605 return; 1606 } 1607 1608 /* 1609 * Scan to the end of the list, but not past the entry for the 1610 * dynamic linker, which we want to keep at the very end. 1611 */ 1612 for (prev = _rtld_debug.r_map; 1613 prev->l_next != NULL && prev->l_next != &_rtld_objself.linkmap; 1614 prev = prev->l_next); 1615 1616 l->l_prev = prev; 1617 l->l_next = prev->l_next; 1618 if (l->l_next != NULL) 1619 l->l_next->l_prev = l; 1620 prev->l_next = l; 1621 } 1622 1623 void 1624 _rtld_linkmap_delete(Obj_Entry *obj) 1625 { 1626 struct link_map *l = &obj->linkmap; 1627 1628 if (l->l_prev == NULL) { 1629 if ((_rtld_debug.r_map = l->l_next) != NULL) 1630 l->l_next->l_prev = NULL; 1631 return; 1632 } 1633 if ((l->l_prev->l_next = l->l_next) != NULL) 1634 l->l_next->l_prev = l->l_prev; 1635 } 1636 1637 static Obj_Entry * 1638 _rtld_obj_from_addr(const void *addr) 1639 { 1640 Obj_Entry *obj; 1641 1642 for (obj = _rtld_objlist; obj != NULL; obj = obj->next) { 1643 if (addr < (void *) obj->mapbase) 1644 continue; 1645 if (addr < (void *) (obj->mapbase + obj->mapsize)) 1646 return obj; 1647 } 1648 return NULL; 1649 } 1650 1651 static void 1652 _rtld_objlist_clear(Objlist *list) 1653 { 1654 while (!SIMPLEQ_EMPTY(list)) { 1655 Objlist_Entry* elm = SIMPLEQ_FIRST(list); 1656 SIMPLEQ_REMOVE_HEAD(list, link); 1657 xfree(elm); 1658 } 1659 } 1660 1661 static void 1662 _rtld_objlist_remove(Objlist *list, Obj_Entry *obj) 1663 { 1664 Objlist_Entry *elm; 1665 1666 if ((elm = _rtld_objlist_find(list, obj)) != NULL) { 1667 SIMPLEQ_REMOVE(list, elm, Struct_Objlist_Entry, link); 1668 xfree(elm); 1669 } 1670 } 1671 1672 #define RTLD_EXCLUSIVE_MASK 0x80000000U 1673 static volatile unsigned int _rtld_mutex; 1674 static volatile unsigned int _rtld_waiter_exclusive; 1675 static volatile unsigned int _rtld_waiter_shared; 1676 1677 void 1678 _rtld_shared_enter(void) 1679 { 1680 unsigned int cur; 1681 lwpid_t waiter, self = 0; 1682 1683 for (;;) { 1684 cur = _rtld_mutex; 1685 /* 1686 * First check if we are currently not exclusively locked. 1687 */ 1688 if ((cur & RTLD_EXCLUSIVE_MASK) == 0) { 1689 /* Yes, so increment use counter */ 1690 if (atomic_cas_uint(&_rtld_mutex, cur, cur + 1) != cur) 1691 continue; 1692 membar_acquire(); 1693 return; 1694 } 1695 /* 1696 * Someone has an exclusive lock. Puts us on the waiter list. 1697 */ 1698 if (!self) 1699 self = _lwp_self(); 1700 if (cur == (self | RTLD_EXCLUSIVE_MASK)) { 1701 if (_rtld_mutex_may_recurse) 1702 return; 1703 _rtld_error("%s: dead lock detected", __func__); 1704 _rtld_die(); 1705 } 1706 waiter = atomic_swap_uint(&_rtld_waiter_shared, self); 1707 /* 1708 * Check for race against _rtld_exclusive_exit before sleeping. 1709 */ 1710 membar_sync(); 1711 if ((_rtld_mutex & RTLD_EXCLUSIVE_MASK) || 1712 _rtld_waiter_exclusive) 1713 _lwp_park(CLOCK_REALTIME, 0, NULL, 0, 1714 __UNVOLATILE(&_rtld_mutex), NULL); 1715 /* Try to remove us from the waiter list. */ 1716 atomic_cas_uint(&_rtld_waiter_shared, self, 0); 1717 if (waiter) 1718 _lwp_unpark(waiter, __UNVOLATILE(&_rtld_mutex)); 1719 } 1720 } 1721 1722 void 1723 _rtld_shared_exit(void) 1724 { 1725 lwpid_t waiter; 1726 1727 /* 1728 * Shared lock taken after an exclusive lock. 1729 * Just assume this is a partial recursion. 1730 */ 1731 if (_rtld_mutex & RTLD_EXCLUSIVE_MASK) 1732 return; 1733 1734 /* 1735 * Wakeup LWPs waiting for an exclusive lock if this is the last 1736 * LWP on the shared lock. 1737 */ 1738 membar_release(); 1739 if (atomic_dec_uint_nv(&_rtld_mutex)) 1740 return; 1741 membar_sync(); 1742 if ((waiter = _rtld_waiter_exclusive) != 0) 1743 _lwp_unpark(waiter, __UNVOLATILE(&_rtld_mutex)); 1744 } 1745 1746 void 1747 _rtld_exclusive_enter(sigset_t *mask) 1748 { 1749 lwpid_t waiter, self = _lwp_self(); 1750 unsigned int locked_value = (unsigned int)self | RTLD_EXCLUSIVE_MASK; 1751 unsigned int cur; 1752 sigset_t blockmask; 1753 1754 sigfillset(&blockmask); 1755 sigdelset(&blockmask, SIGTRAP); /* Allow the debugger */ 1756 sigprocmask(SIG_BLOCK, &blockmask, mask); 1757 1758 for (;;) { 1759 if (atomic_cas_uint(&_rtld_mutex, 0, locked_value) == 0) { 1760 membar_acquire(); 1761 break; 1762 } 1763 waiter = atomic_swap_uint(&_rtld_waiter_exclusive, self); 1764 membar_sync(); 1765 cur = _rtld_mutex; 1766 if (cur == locked_value) { 1767 _rtld_error("%s: dead lock detected", __func__); 1768 _rtld_die(); 1769 } 1770 if (cur) 1771 _lwp_park(CLOCK_REALTIME, 0, NULL, 0, 1772 __UNVOLATILE(&_rtld_mutex), NULL); 1773 atomic_cas_uint(&_rtld_waiter_exclusive, self, 0); 1774 if (waiter) 1775 _lwp_unpark(waiter, __UNVOLATILE(&_rtld_mutex)); 1776 } 1777 } 1778 1779 void 1780 _rtld_exclusive_exit(sigset_t *mask) 1781 { 1782 lwpid_t waiter; 1783 1784 membar_release(); 1785 _rtld_mutex = 0; 1786 membar_sync(); 1787 if ((waiter = _rtld_waiter_exclusive) != 0) 1788 _lwp_unpark(waiter, __UNVOLATILE(&_rtld_mutex)); 1789 1790 if ((waiter = _rtld_waiter_shared) != 0) 1791 _lwp_unpark(waiter, __UNVOLATILE(&_rtld_mutex)); 1792 1793 sigprocmask(SIG_SETMASK, mask, NULL); 1794 } 1795 1796 int 1797 _rtld_relro(const Obj_Entry *obj, bool wantmain) 1798 { 1799 #ifdef GNU_RELRO 1800 /* 1801 * If our VM page size is larger than the page size used by the 1802 * linker when laying out the object, we could end up making data 1803 * read-only that is unintended. Detect and avoid this situation. 1804 * It may mean we are unable to protect everything we'd like, but 1805 * it's better than crashing. 1806 */ 1807 uintptr_t relro_end = (uintptr_t)obj->relro_page + obj->relro_size; 1808 uintptr_t relro_start = round_down((uintptr_t)obj->relro_page); 1809 assert(relro_end >= relro_start); 1810 size_t relro_size = round_down(relro_end) - relro_start; 1811 1812 if (relro_size == 0) 1813 return 0; 1814 if (wantmain != (obj ==_rtld_objmain)) 1815 return 0; 1816 1817 dbg(("RELRO %s %p %zx\n", obj->path, (void *)relro_start, relro_size)); 1818 if (mprotect((void *)relro_start, relro_size, PROT_READ) == -1) { 1819 _rtld_error("%s: Cannot enforce relro " "protection: %s", 1820 obj->path, xstrerror(errno)); 1821 return -1; 1822 } 1823 #endif 1824 return 0; 1825 } 1826