Cross Reference: /freebsd-10.1-release/libexec/rtld-elf/rtld.c

Deleted Added

sdiff udiff text old ( 70677 ) new ( 76296 )

full compact

rtld.c (70677)	rtld.c (76296)
1/- 2 Copyright 1996, 1997, 1998, 1999, 2000 John D. Polstra. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 *	1/- 2 Copyright 1996, 1997, 1998, 1999, 2000 John D. Polstra. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 *
25 * $FreeBSD: head/libexec/rtld-elf/rtld.c 70677 2001-01-05 04:36:17Z jdp $	25 * $FreeBSD: head/libexec/rtld-elf/rtld.c 76296 2001-05-05 23:21:05Z jdp $
26 / 27 28/ 29 * Dynamic linker for ELF. 30 * 31 * John Polstra <jdp@polstra.com>. 32 / 33 34#ifndef __GNUC__ 35#error "GCC is needed to compile this file" 36#endif 37 38#include <sys/param.h> 39#include <sys/mman.h> 40#include <sys/stat.h> 41 42#include <dlfcn.h> 43#include <err.h> 44#include <errno.h> 45#include <fcntl.h> 46#include <stdarg.h> 47#include <stdio.h> 48#include <stdlib.h> 49#include <string.h> 50#include <unistd.h> 51 52#include "debug.h" 53#include "rtld.h" 54 55#define END_SYM "_end" 56#define PATH_RTLD "/usr/libexec/ld-elf.so.1" 57 58/ Types. / 59typedef void (func_ptr_type)(); 60 61/* 62 * This structure provides a reentrant way to keep a list of objects and 63 * check which ones have already been processed in some way. 64 / 65typedef struct Struct_DoneList { 66 const Obj_Entry objs; / Array of object pointers / 67 unsigned int num_alloc; / Allocated size of the array / 68 unsigned int num_used; / Number of array slots used / 69} DoneList; 70 71/ 72 * Function declarations. 73 / 74static const char basename(const char ); 75static void die(void); 76static void digest_dynamic(Obj_Entry ); 77static Obj_Entry digest_phdr(const Elf_Phdr , int, caddr_t, const char ); 78static Obj_Entry dlcheck(void ); 79static bool donelist_check(DoneList , const Obj_Entry ); 80static void errmsg_restore(char ); 81static char errmsg_save(void); 82static char find_library(const char , const Obj_Entry ); 83static const char gethints(void); 84static void init_dag(Obj_Entry ); 85static void init_dag1(Obj_Entry root, Obj_Entry obj, DoneList ); 86static void init_rtld(caddr_t); 87static void initlist_add_neededs(Needed_Entry needed, Objlist list); 88static void initlist_add_objects(Obj_Entry obj, Obj_Entry *tail, 89 Objlist list); 90static bool is_exported(const Elf_Sym ); 91static void linkmap_add(Obj_Entry ); 92static void linkmap_delete(Obj_Entry ); 93static int load_needed_objects(Obj_Entry ); 94static int load_preload_objects(void); 95static Obj_Entry load_object(char ); 96static void lock_check(void); 97static Obj_Entry obj_from_addr(const void ); 98static void objlist_call_fini(Objlist ); 99static void objlist_call_init(Objlist ); 100static void objlist_clear(Objlist ); 101static Objlist_Entry objlist_find(Objlist , const Obj_Entry ); 102static void objlist_init(Objlist ); 103static void objlist_push_head(Objlist , Obj_Entry ); 104static void objlist_push_tail(Objlist , Obj_Entry ); 105static void objlist_remove(Objlist , Obj_Entry ); 106static void objlist_remove_unref(Objlist ); 107static int relocate_objects(Obj_Entry , bool); 108static void rtld_exit(void); 109static char search_library_path(const char , const char ); 110static void set_program_var(const char , const void ); 111static const Elf_Sym symlook_default(const char , unsigned long hash, 112 const Obj_Entry refobj, const Obj_Entry defobj_out, bool in_plt); 113static const Elf_Sym symlook_list(const char , unsigned long, 114* Objlist , const Obj_Entry , bool in_plt, DoneList ); 115static void trace_loaded_objects(Obj_Entry obj); 116static void unload_object(Obj_Entry ); 117static void unref_dag(Obj_Entry ); 118* 119void r_debug_state(struct r_debug, struct link_map); 120void xprintf(const char , ...); 121* 122/* 123 * Data declarations. 124 / 125static char error_message; /* Message for dlerror(), or NULL / 126struct r_debug r_debug; / for GDB; / 127static bool trust; / False for setuid and setgid programs / 128static char ld_bind_now; /* Environment variable for immediate binding / 129static char ld_debug; /* Environment variable for debugging / 130static char ld_library_path; /* Environment variable for search path / 131static char ld_preload; /* Environment variable for libraries to 132 load first / 133static char ld_tracing; /* Called from ldd to print libs / 134static Obj_Entry obj_list; /* Head of linked list of shared objects / 135static Obj_Entry obj_tail; / Link field of last object in list / 136static Obj_Entry obj_main; /* The main program shared object / 137static Obj_Entry obj_rtld; / The dynamic linker shared object / 138static unsigned int obj_count; / Number of objects in obj_list / 139* 140static Objlist list_global = /* Objects dlopened with RTLD_GLOBAL / 141* STAILQ_HEAD_INITIALIZER(list_global); 142static Objlist list_main = /* Objects loaded at program startup / 143* STAILQ_HEAD_INITIALIZER(list_main); 144static Objlist list_fini = /* Objects needing fini() calls / 145* STAILQ_HEAD_INITIALIZER(list_fini); 146 147static LockInfo lockinfo; 148 149static Elf_Sym sym_zero; /* For resolving undefined weak refs. / 150* 151#define GDB_STATE(s,m) r_debug.r_state = s; r_debug_state(&r_debug,m); 152 153extern Elf_Dyn _DYNAMIC; 154#pragma weak _DYNAMIC 155 156/* 157 * These are the functions the dynamic linker exports to application 158 * programs. They are the only symbols the dynamic linker is willing 159 * to export from itself. 160 / 161static func_ptr_type exports[] = { 162* (func_ptr_type) &_rtld_error, 163 (func_ptr_type) &dlclose, 164 (func_ptr_type) &dlerror, 165 (func_ptr_type) &dlopen, 166 (func_ptr_type) &dlsym, 167 (func_ptr_type) &dladdr, 168 (func_ptr_type) &dllockinit, 169 NULL 170}; 171 172/* 173 * Global declarations normally provided by crt1. The dynamic linker is 174 * not built with crt1, so we have to provide them ourselves. 175 / 176char __progname; 177char *environ; 178* 179/* 180 * Fill in a DoneList with an allocation large enough to hold all of 181 * the currently-loaded objects. Keep this as a macro since it calls 182 * alloca and we want that to occur within the scope of the caller. 183 / 184#define donelist_init(dlp) \ 185* ((dlp)->objs = alloca(obj_count * sizeof (dlp)->objs[0]), \ 186 assert((dlp)->objs != NULL), \ 187 (dlp)->num_alloc = obj_count, \ 188 (dlp)->num_used = 0) 189 190static __inline void 191rlock_acquire(void) 192{ 193 lockinfo.rlock_acquire(lockinfo.thelock); 194 atomic_incr_int(&lockinfo.rcount); 195 lock_check(); 196} 197 198static __inline void 199wlock_acquire(void) 200{ 201 lockinfo.wlock_acquire(lockinfo.thelock); 202 atomic_incr_int(&lockinfo.wcount); 203 lock_check(); 204} 205 206static __inline void 207rlock_release(void) 208{ 209 atomic_decr_int(&lockinfo.rcount); 210 lockinfo.rlock_release(lockinfo.thelock); 211} 212 213static __inline void 214wlock_release(void) 215{ 216 atomic_decr_int(&lockinfo.wcount); 217 lockinfo.wlock_release(lockinfo.thelock); 218} 219 220/* 221 * Main entry point for dynamic linking. The first argument is the 222 * stack pointer. The stack is expected to be laid out as described 223 * in the SVR4 ABI specification, Intel 386 Processor Supplement. 224 * Specifically, the stack pointer points to a word containing 225 * ARGC. Following that in the stack is a null-terminated sequence 226 * of pointers to argument strings. Then comes a null-terminated 227 * sequence of pointers to environment strings. Finally, there is a 228 * sequence of "auxiliary vector" entries. 229 * 230 * The second argument points to a place to store the dynamic linker's 231 * exit procedure pointer and the third to a place to store the main 232 * program's object. 233 * 234 * The return value is the main program's entry point. 235 / 236func_ptr_type 237_rtld(Elf_Addr sp, func_ptr_type exit_proc, Obj_Entry objp) 238{ 239* Elf_Auxinfo aux_info[AT_COUNT]; 240* int i; 241 int argc; 242 char *argv; 243* char *env; 244* Elf_Auxinfo aux; 245* Elf_Auxinfo auxp; 246* const char argv0; 247* Obj_Entry obj; 248* Obj_Entry *preload_tail; 249* Objlist initlist; 250 251 /* 252 * On entry, the dynamic linker itself has not been relocated yet. 253 * Be very careful not to reference any global data until after 254 * init_rtld has returned. It is OK to reference file-scope statics 255 * and string constants, and to call static and global functions. 256 / 257* 258 /* Find the auxiliary vector on the stack. / 259* argc = sp++; 260* argv = (char *) sp; 261* sp += argc + 1; /* Skip over arguments and NULL terminator / 262* env = (char *) sp; 263* while (sp++ != 0) / Skip over environment, and NULL terminator / 264* ; 265 aux = (Elf_Auxinfo ) sp; 266* 267 /* Digest the auxiliary vector. / 268* for (i = 0; i < AT_COUNT; i++) 269 aux_info[i] = NULL; 270 for (auxp = aux; auxp->a_type != AT_NULL; auxp++) { 271 if (auxp->a_type < AT_COUNT) 272 aux_info[auxp->a_type] = auxp; 273 } 274 275 /* Initialize and relocate ourselves. / 276* assert(aux_info[AT_BASE] != NULL); 277 init_rtld((caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 278 279 __progname = obj_rtld.path; 280 argv0 = argv[0] != NULL ? argv[0] : "(null)"; 281 environ = env; 282 283 trust = geteuid() == getuid() && getegid() == getgid(); 284 285 ld_bind_now = getenv("LD_BIND_NOW"); 286 if (trust) { 287 ld_debug = getenv("LD_DEBUG"); 288 ld_library_path = getenv("LD_LIBRARY_PATH"); 289 ld_preload = getenv("LD_PRELOAD"); 290 } 291 ld_tracing = getenv("LD_TRACE_LOADED_OBJECTS"); 292 293 if (ld_debug != NULL && ld_debug != '\0') 294* debug = 1; 295 dbg("%s is initialized, base address = %p", __progname, 296 (caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 297 dbg("RTLD dynamic = %p", obj_rtld.dynamic); 298 dbg("RTLD pltgot = %p", obj_rtld.pltgot); 299 300 /* 301 * Load the main program, or process its program header if it is 302 * already loaded. 303 / 304* if (aux_info[AT_EXECFD] != NULL) { /* Load the main program. / 305* int fd = aux_info[AT_EXECFD]->a_un.a_val; 306 dbg("loading main program"); 307 obj_main = map_object(fd, argv0, NULL); 308 close(fd); 309 if (obj_main == NULL) 310 die(); 311 } else { /* Main program already loaded. / 312* const Elf_Phdr phdr; 313* int phnum; 314 caddr_t entry; 315 316 dbg("processing main program's program header"); 317 assert(aux_info[AT_PHDR] != NULL); 318 phdr = (const Elf_Phdr ) aux_info[AT_PHDR]->a_un.a_ptr; 319* assert(aux_info[AT_PHNUM] != NULL); 320 phnum = aux_info[AT_PHNUM]->a_un.a_val; 321 assert(aux_info[AT_PHENT] != NULL); 322 assert(aux_info[AT_PHENT]->a_un.a_val == sizeof(Elf_Phdr)); 323 assert(aux_info[AT_ENTRY] != NULL); 324 entry = (caddr_t) aux_info[AT_ENTRY]->a_un.a_ptr; 325 if ((obj_main = digest_phdr(phdr, phnum, entry, argv0)) == NULL) 326 die(); 327 } 328 329 obj_main->path = xstrdup(argv0); 330 obj_main->mainprog = true; 331 332 /* 333 * Get the actual dynamic linker pathname from the executable if 334 * possible. (It should always be possible.) That ensures that 335 * gdb will find the right dynamic linker even if a non-standard 336 * one is being used. 337 / 338* if (obj_main->interp != NULL && 339 strcmp(obj_main->interp, obj_rtld.path) != 0) { 340 free(obj_rtld.path); 341 obj_rtld.path = xstrdup(obj_main->interp); 342 } 343 344 digest_dynamic(obj_main); 345 346 linkmap_add(obj_main); 347 linkmap_add(&obj_rtld); 348 349 /* Link the main program into the list of objects. / 350* obj_tail = obj_main; 351* obj_tail = &obj_main->next; 352 obj_count++; 353 obj_main->refcount++; 354 /* Make sure we don't call the main program's init and fini functions. / 355* obj_main->init = obj_main->fini = NULL; 356 357 /* Initialize a fake symbol for resolving undefined weak references. / 358* sym_zero.st_info = ELF_ST_INFO(STB_GLOBAL, STT_NOTYPE); 359 sym_zero.st_shndx = SHN_ABS; 360 361 dbg("loading LD_PRELOAD libraries"); 362 if (load_preload_objects() == -1) 363 die(); 364 preload_tail = obj_tail; 365 366 dbg("loading needed objects"); 367 if (load_needed_objects(obj_main) == -1) 368 die(); 369 370 /* Make a list of all objects loaded at startup. / 371* for (obj = obj_list; obj != NULL; obj = obj->next) 372 objlist_push_tail(&list_main, obj); 373 374 if (ld_tracing) { /* We're done / 375* trace_loaded_objects(obj_main); 376 exit(0); 377 } 378 379 if (relocate_objects(obj_main, 380 ld_bind_now != NULL && ld_bind_now != '\0') == -1) 381* die(); 382 383 dbg("doing copy relocations"); 384 if (do_copy_relocations(obj_main) == -1) 385 die(); 386 387 dbg("initializing key program variables"); 388 set_program_var("__progname", argv[0] != NULL ? basename(argv[0]) : ""); 389 set_program_var("environ", env); 390 391 dbg("initializing thread locks"); 392 lockdflt_init(&lockinfo); 393 lockinfo.thelock = lockinfo.lock_create(lockinfo.context); 394 395 /* Make a list of init functions to call. / 396* objlist_init(&initlist); 397 initlist_add_objects(obj_list, preload_tail, &initlist); 398 399 r_debug_state(NULL, &obj_main->linkmap); /* say hello to gdb! / 400* 401 objlist_call_init(&initlist); 402 wlock_acquire(); 403 objlist_clear(&initlist); 404 wlock_release(); 405 406 dbg("transferring control to program entry point = %p", obj_main->entry); 407 408 /* Return the exit procedure and the program entry point. / 409* exit_proc = rtld_exit; 410* objp = obj_main; 411* return (func_ptr_type) obj_main->entry; 412} 413 414Elf_Addr 415_rtld_bind(Obj_Entry obj, Elf_Word reloff) 416{ 417* const Elf_Rel rel; 418* const Elf_Sym def; 419* const Obj_Entry defobj; 420* Elf_Addr where; 421* Elf_Addr target; 422 423 rlock_acquire(); 424 if (obj->pltrel) 425 rel = (const Elf_Rel ) ((caddr_t) obj->pltrel + reloff); 426* else 427 rel = (const Elf_Rel ) ((caddr_t) obj->pltrela + reloff); 428* 429 where = (Elf_Addr *) (obj->relocbase + rel->r_offset);	26 / 27 28/ 29 * Dynamic linker for ELF. 30 * 31 * John Polstra <jdp@polstra.com>. 32 / 33 34#ifndef __GNUC__ 35#error "GCC is needed to compile this file" 36#endif 37 38#include <sys/param.h> 39#include <sys/mman.h> 40#include <sys/stat.h> 41 42#include <dlfcn.h> 43#include <err.h> 44#include <errno.h> 45#include <fcntl.h> 46#include <stdarg.h> 47#include <stdio.h> 48#include <stdlib.h> 49#include <string.h> 50#include <unistd.h> 51 52#include "debug.h" 53#include "rtld.h" 54 55#define END_SYM "_end" 56#define PATH_RTLD "/usr/libexec/ld-elf.so.1" 57 58/ Types. / 59typedef void (func_ptr_type)(); 60 61/* 62 * This structure provides a reentrant way to keep a list of objects and 63 * check which ones have already been processed in some way. 64 / 65typedef struct Struct_DoneList { 66 const Obj_Entry objs; / Array of object pointers / 67 unsigned int num_alloc; / Allocated size of the array / 68 unsigned int num_used; / Number of array slots used / 69} DoneList; 70 71/ 72 * Function declarations. 73 / 74static const char basename(const char ); 75static void die(void); 76static void digest_dynamic(Obj_Entry ); 77static Obj_Entry digest_phdr(const Elf_Phdr , int, caddr_t, const char ); 78static Obj_Entry dlcheck(void ); 79static bool donelist_check(DoneList , const Obj_Entry ); 80static void errmsg_restore(char ); 81static char errmsg_save(void); 82static char find_library(const char , const Obj_Entry ); 83static const char gethints(void); 84static void init_dag(Obj_Entry ); 85static void init_dag1(Obj_Entry root, Obj_Entry obj, DoneList ); 86static void init_rtld(caddr_t); 87static void initlist_add_neededs(Needed_Entry needed, Objlist list); 88static void initlist_add_objects(Obj_Entry obj, Obj_Entry *tail, 89 Objlist list); 90static bool is_exported(const Elf_Sym ); 91static void linkmap_add(Obj_Entry ); 92static void linkmap_delete(Obj_Entry ); 93static int load_needed_objects(Obj_Entry ); 94static int load_preload_objects(void); 95static Obj_Entry load_object(char ); 96static void lock_check(void); 97static Obj_Entry obj_from_addr(const void ); 98static void objlist_call_fini(Objlist ); 99static void objlist_call_init(Objlist ); 100static void objlist_clear(Objlist ); 101static Objlist_Entry objlist_find(Objlist , const Obj_Entry ); 102static void objlist_init(Objlist ); 103static void objlist_push_head(Objlist , Obj_Entry ); 104static void objlist_push_tail(Objlist , Obj_Entry ); 105static void objlist_remove(Objlist , Obj_Entry ); 106static void objlist_remove_unref(Objlist ); 107static int relocate_objects(Obj_Entry , bool); 108static void rtld_exit(void); 109static char search_library_path(const char , const char ); 110static void set_program_var(const char , const void ); 111static const Elf_Sym symlook_default(const char , unsigned long hash, 112 const Obj_Entry refobj, const Obj_Entry defobj_out, bool in_plt); 113static const Elf_Sym symlook_list(const char , unsigned long, 114* Objlist , const Obj_Entry , bool in_plt, DoneList ); 115static void trace_loaded_objects(Obj_Entry obj); 116static void unload_object(Obj_Entry ); 117static void unref_dag(Obj_Entry ); 118* 119void r_debug_state(struct r_debug, struct link_map); 120void xprintf(const char , ...); 121* 122/* 123 * Data declarations. 124 / 125static char error_message; /* Message for dlerror(), or NULL / 126struct r_debug r_debug; / for GDB; / 127static bool trust; / False for setuid and setgid programs / 128static char ld_bind_now; /* Environment variable for immediate binding / 129static char ld_debug; /* Environment variable for debugging / 130static char ld_library_path; /* Environment variable for search path / 131static char ld_preload; /* Environment variable for libraries to 132 load first / 133static char ld_tracing; /* Called from ldd to print libs / 134static Obj_Entry obj_list; /* Head of linked list of shared objects / 135static Obj_Entry obj_tail; / Link field of last object in list / 136static Obj_Entry obj_main; /* The main program shared object / 137static Obj_Entry obj_rtld; / The dynamic linker shared object / 138static unsigned int obj_count; / Number of objects in obj_list / 139* 140static Objlist list_global = /* Objects dlopened with RTLD_GLOBAL / 141* STAILQ_HEAD_INITIALIZER(list_global); 142static Objlist list_main = /* Objects loaded at program startup / 143* STAILQ_HEAD_INITIALIZER(list_main); 144static Objlist list_fini = /* Objects needing fini() calls / 145* STAILQ_HEAD_INITIALIZER(list_fini); 146 147static LockInfo lockinfo; 148 149static Elf_Sym sym_zero; /* For resolving undefined weak refs. / 150* 151#define GDB_STATE(s,m) r_debug.r_state = s; r_debug_state(&r_debug,m); 152 153extern Elf_Dyn _DYNAMIC; 154#pragma weak _DYNAMIC 155 156/* 157 * These are the functions the dynamic linker exports to application 158 * programs. They are the only symbols the dynamic linker is willing 159 * to export from itself. 160 / 161static func_ptr_type exports[] = { 162* (func_ptr_type) &_rtld_error, 163 (func_ptr_type) &dlclose, 164 (func_ptr_type) &dlerror, 165 (func_ptr_type) &dlopen, 166 (func_ptr_type) &dlsym, 167 (func_ptr_type) &dladdr, 168 (func_ptr_type) &dllockinit, 169 NULL 170}; 171 172/* 173 * Global declarations normally provided by crt1. The dynamic linker is 174 * not built with crt1, so we have to provide them ourselves. 175 / 176char __progname; 177char *environ; 178* 179/* 180 * Fill in a DoneList with an allocation large enough to hold all of 181 * the currently-loaded objects. Keep this as a macro since it calls 182 * alloca and we want that to occur within the scope of the caller. 183 / 184#define donelist_init(dlp) \ 185* ((dlp)->objs = alloca(obj_count * sizeof (dlp)->objs[0]), \ 186 assert((dlp)->objs != NULL), \ 187 (dlp)->num_alloc = obj_count, \ 188 (dlp)->num_used = 0) 189 190static __inline void 191rlock_acquire(void) 192{ 193 lockinfo.rlock_acquire(lockinfo.thelock); 194 atomic_incr_int(&lockinfo.rcount); 195 lock_check(); 196} 197 198static __inline void 199wlock_acquire(void) 200{ 201 lockinfo.wlock_acquire(lockinfo.thelock); 202 atomic_incr_int(&lockinfo.wcount); 203 lock_check(); 204} 205 206static __inline void 207rlock_release(void) 208{ 209 atomic_decr_int(&lockinfo.rcount); 210 lockinfo.rlock_release(lockinfo.thelock); 211} 212 213static __inline void 214wlock_release(void) 215{ 216 atomic_decr_int(&lockinfo.wcount); 217 lockinfo.wlock_release(lockinfo.thelock); 218} 219 220/* 221 * Main entry point for dynamic linking. The first argument is the 222 * stack pointer. The stack is expected to be laid out as described 223 * in the SVR4 ABI specification, Intel 386 Processor Supplement. 224 * Specifically, the stack pointer points to a word containing 225 * ARGC. Following that in the stack is a null-terminated sequence 226 * of pointers to argument strings. Then comes a null-terminated 227 * sequence of pointers to environment strings. Finally, there is a 228 * sequence of "auxiliary vector" entries. 229 * 230 * The second argument points to a place to store the dynamic linker's 231 * exit procedure pointer and the third to a place to store the main 232 * program's object. 233 * 234 * The return value is the main program's entry point. 235 / 236func_ptr_type 237_rtld(Elf_Addr sp, func_ptr_type exit_proc, Obj_Entry objp) 238{ 239* Elf_Auxinfo aux_info[AT_COUNT]; 240* int i; 241 int argc; 242 char *argv; 243* char *env; 244* Elf_Auxinfo aux; 245* Elf_Auxinfo auxp; 246* const char argv0; 247* Obj_Entry obj; 248* Obj_Entry *preload_tail; 249* Objlist initlist; 250 251 /* 252 * On entry, the dynamic linker itself has not been relocated yet. 253 * Be very careful not to reference any global data until after 254 * init_rtld has returned. It is OK to reference file-scope statics 255 * and string constants, and to call static and global functions. 256 / 257* 258 /* Find the auxiliary vector on the stack. / 259* argc = sp++; 260* argv = (char *) sp; 261* sp += argc + 1; /* Skip over arguments and NULL terminator / 262* env = (char *) sp; 263* while (sp++ != 0) / Skip over environment, and NULL terminator / 264* ; 265 aux = (Elf_Auxinfo ) sp; 266* 267 /* Digest the auxiliary vector. / 268* for (i = 0; i < AT_COUNT; i++) 269 aux_info[i] = NULL; 270 for (auxp = aux; auxp->a_type != AT_NULL; auxp++) { 271 if (auxp->a_type < AT_COUNT) 272 aux_info[auxp->a_type] = auxp; 273 } 274 275 /* Initialize and relocate ourselves. / 276* assert(aux_info[AT_BASE] != NULL); 277 init_rtld((caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 278 279 __progname = obj_rtld.path; 280 argv0 = argv[0] != NULL ? argv[0] : "(null)"; 281 environ = env; 282 283 trust = geteuid() == getuid() && getegid() == getgid(); 284 285 ld_bind_now = getenv("LD_BIND_NOW"); 286 if (trust) { 287 ld_debug = getenv("LD_DEBUG"); 288 ld_library_path = getenv("LD_LIBRARY_PATH"); 289 ld_preload = getenv("LD_PRELOAD"); 290 } 291 ld_tracing = getenv("LD_TRACE_LOADED_OBJECTS"); 292 293 if (ld_debug != NULL && ld_debug != '\0') 294* debug = 1; 295 dbg("%s is initialized, base address = %p", __progname, 296 (caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 297 dbg("RTLD dynamic = %p", obj_rtld.dynamic); 298 dbg("RTLD pltgot = %p", obj_rtld.pltgot); 299 300 /* 301 * Load the main program, or process its program header if it is 302 * already loaded. 303 / 304* if (aux_info[AT_EXECFD] != NULL) { /* Load the main program. / 305* int fd = aux_info[AT_EXECFD]->a_un.a_val; 306 dbg("loading main program"); 307 obj_main = map_object(fd, argv0, NULL); 308 close(fd); 309 if (obj_main == NULL) 310 die(); 311 } else { /* Main program already loaded. / 312* const Elf_Phdr phdr; 313* int phnum; 314 caddr_t entry; 315 316 dbg("processing main program's program header"); 317 assert(aux_info[AT_PHDR] != NULL); 318 phdr = (const Elf_Phdr ) aux_info[AT_PHDR]->a_un.a_ptr; 319* assert(aux_info[AT_PHNUM] != NULL); 320 phnum = aux_info[AT_PHNUM]->a_un.a_val; 321 assert(aux_info[AT_PHENT] != NULL); 322 assert(aux_info[AT_PHENT]->a_un.a_val == sizeof(Elf_Phdr)); 323 assert(aux_info[AT_ENTRY] != NULL); 324 entry = (caddr_t) aux_info[AT_ENTRY]->a_un.a_ptr; 325 if ((obj_main = digest_phdr(phdr, phnum, entry, argv0)) == NULL) 326 die(); 327 } 328 329 obj_main->path = xstrdup(argv0); 330 obj_main->mainprog = true; 331 332 /* 333 * Get the actual dynamic linker pathname from the executable if 334 * possible. (It should always be possible.) That ensures that 335 * gdb will find the right dynamic linker even if a non-standard 336 * one is being used. 337 / 338* if (obj_main->interp != NULL && 339 strcmp(obj_main->interp, obj_rtld.path) != 0) { 340 free(obj_rtld.path); 341 obj_rtld.path = xstrdup(obj_main->interp); 342 } 343 344 digest_dynamic(obj_main); 345 346 linkmap_add(obj_main); 347 linkmap_add(&obj_rtld); 348 349 /* Link the main program into the list of objects. / 350* obj_tail = obj_main; 351* obj_tail = &obj_main->next; 352 obj_count++; 353 obj_main->refcount++; 354 /* Make sure we don't call the main program's init and fini functions. / 355* obj_main->init = obj_main->fini = NULL; 356 357 /* Initialize a fake symbol for resolving undefined weak references. / 358* sym_zero.st_info = ELF_ST_INFO(STB_GLOBAL, STT_NOTYPE); 359 sym_zero.st_shndx = SHN_ABS; 360 361 dbg("loading LD_PRELOAD libraries"); 362 if (load_preload_objects() == -1) 363 die(); 364 preload_tail = obj_tail; 365 366 dbg("loading needed objects"); 367 if (load_needed_objects(obj_main) == -1) 368 die(); 369 370 /* Make a list of all objects loaded at startup. / 371* for (obj = obj_list; obj != NULL; obj = obj->next) 372 objlist_push_tail(&list_main, obj); 373 374 if (ld_tracing) { /* We're done / 375* trace_loaded_objects(obj_main); 376 exit(0); 377 } 378 379 if (relocate_objects(obj_main, 380 ld_bind_now != NULL && ld_bind_now != '\0') == -1) 381* die(); 382 383 dbg("doing copy relocations"); 384 if (do_copy_relocations(obj_main) == -1) 385 die(); 386 387 dbg("initializing key program variables"); 388 set_program_var("__progname", argv[0] != NULL ? basename(argv[0]) : ""); 389 set_program_var("environ", env); 390 391 dbg("initializing thread locks"); 392 lockdflt_init(&lockinfo); 393 lockinfo.thelock = lockinfo.lock_create(lockinfo.context); 394 395 /* Make a list of init functions to call. / 396* objlist_init(&initlist); 397 initlist_add_objects(obj_list, preload_tail, &initlist); 398 399 r_debug_state(NULL, &obj_main->linkmap); /* say hello to gdb! / 400* 401 objlist_call_init(&initlist); 402 wlock_acquire(); 403 objlist_clear(&initlist); 404 wlock_release(); 405 406 dbg("transferring control to program entry point = %p", obj_main->entry); 407 408 /* Return the exit procedure and the program entry point. / 409* exit_proc = rtld_exit; 410* objp = obj_main; 411* return (func_ptr_type) obj_main->entry; 412} 413 414Elf_Addr 415_rtld_bind(Obj_Entry obj, Elf_Word reloff) 416{ 417* const Elf_Rel rel; 418* const Elf_Sym def; 419* const Obj_Entry defobj; 420* Elf_Addr where; 421* Elf_Addr target; 422 423 rlock_acquire(); 424 if (obj->pltrel) 425 rel = (const Elf_Rel ) ((caddr_t) obj->pltrel + reloff); 426* else 427 rel = (const Elf_Rel ) ((caddr_t) obj->pltrela + reloff); 428* 429 where = (Elf_Addr *) (obj->relocbase + rel->r_offset);
430 def = find_symdef(ELF_R_SYM(rel->r_info), obj, &defobj, true);	430 def = find_symdef(ELF_R_SYM(rel->r_info), obj, &defobj, true, NULL);
431 if (def == NULL) 432 die(); 433 434 target = (Elf_Addr)(defobj->relocbase + def->st_value); 435 436 dbg("\"%s\" in \"%s\" ==> %p in \"%s\"", 437 defobj->strtab + def->st_name, basename(obj->path), 438 (void )target, basename(defobj->path)); 439* 440 reloc_jmpslot(where, target); 441 rlock_release(); 442 return target; 443} 444 445/* 446 * Error reporting function. Use it like printf. If formats the message 447 * into a buffer, and sets things up so that the next call to dlerror() 448 * will return the message. 449 / 450void 451_rtld_error(const char fmt, ...) 452{ 453 static char buf[512]; 454 va_list ap; 455 456 va_start(ap, fmt); 457 vsnprintf(buf, sizeof buf, fmt, ap); 458 error_message = buf; 459 va_end(ap); 460} 461 462/* 463 * Return a dynamically-allocated copy of the current error message, if any. 464 / 465static char 466errmsg_save(void) 467{ 468 return error_message == NULL ? NULL : xstrdup(error_message); 469} 470 471/* 472 * Restore the current error message from a copy which was previously saved 473 * by errmsg_save(). The copy is freed. 474 / 475static void 476errmsg_restore(char saved_msg) 477{ 478 if (saved_msg == NULL) 479 error_message = NULL; 480 else { 481 _rtld_error("%s", saved_msg); 482 free(saved_msg); 483 } 484} 485 486static const char * 487basename(const char name) 488{ 489* const char p = strrchr(name, '/'); 490* return p != NULL ? p + 1 : name; 491} 492 493static void 494die(void) 495{ 496 const char msg = dlerror(); 497* 498 if (msg == NULL) 499 msg = "Fatal error"; 500 errx(1, "%s", msg); 501} 502 503/* 504 * Process a shared object's DYNAMIC section, and save the important 505 * information in its Obj_Entry structure. 506 / 507static void 508digest_dynamic(Obj_Entry obj) 509{ 510 const Elf_Dyn dynp; 511* Needed_Entry *needed_tail = &obj->needed; 512* const Elf_Dyn dyn_rpath = NULL; 513* int plttype = DT_REL; 514 515 for (dynp = obj->dynamic; dynp->d_tag != DT_NULL; dynp++) { 516 switch (dynp->d_tag) { 517 518 case DT_REL: 519 obj->rel = (const Elf_Rel ) (obj->relocbase + dynp->d_un.d_ptr); 520* break; 521 522 case DT_RELSZ: 523 obj->relsize = dynp->d_un.d_val; 524 break; 525 526 case DT_RELENT: 527 assert(dynp->d_un.d_val == sizeof(Elf_Rel)); 528 break; 529 530 case DT_JMPREL: 531 obj->pltrel = (const Elf_Rel ) 532* (obj->relocbase + dynp->d_un.d_ptr); 533 break; 534 535 case DT_PLTRELSZ: 536 obj->pltrelsize = dynp->d_un.d_val; 537 break; 538 539 case DT_RELA: 540 obj->rela = (const Elf_Rela ) (obj->relocbase + dynp->d_un.d_ptr); 541* break; 542 543 case DT_RELASZ: 544 obj->relasize = dynp->d_un.d_val; 545 break; 546 547 case DT_RELAENT: 548 assert(dynp->d_un.d_val == sizeof(Elf_Rela)); 549 break; 550 551 case DT_PLTREL: 552 plttype = dynp->d_un.d_val; 553 assert(dynp->d_un.d_val == DT_REL \|\| plttype == DT_RELA); 554 break; 555 556 case DT_SYMTAB: 557 obj->symtab = (const Elf_Sym ) 558* (obj->relocbase + dynp->d_un.d_ptr); 559 break; 560 561 case DT_SYMENT: 562 assert(dynp->d_un.d_val == sizeof(Elf_Sym)); 563 break; 564 565 case DT_STRTAB: 566 obj->strtab = (const char ) (obj->relocbase + dynp->d_un.d_ptr); 567* break; 568 569 case DT_STRSZ: 570 obj->strsize = dynp->d_un.d_val; 571 break; 572 573 case DT_HASH: 574 { 575 const Elf_Addr hashtab = (const Elf_Addr ) 576 (obj->relocbase + dynp->d_un.d_ptr); 577 obj->nbuckets = hashtab[0]; 578 obj->nchains = hashtab[1]; 579 obj->buckets = hashtab + 2; 580 obj->chains = obj->buckets + obj->nbuckets; 581 } 582 break; 583 584 case DT_NEEDED: 585 if (!obj->rtld) { 586 Needed_Entry nep = NEW(Needed_Entry); 587* nep->name = dynp->d_un.d_val; 588 nep->obj = NULL; 589 nep->next = NULL; 590 591 needed_tail = nep; 592* needed_tail = &nep->next; 593 } 594 break; 595 596 case DT_PLTGOT: 597 obj->pltgot = (Elf_Addr ) (obj->relocbase + dynp->d_un.d_ptr); 598* break; 599 600 case DT_TEXTREL: 601 obj->textrel = true; 602 break; 603 604 case DT_SYMBOLIC: 605 obj->symbolic = true; 606 break; 607 608 case DT_RPATH: 609 /* 610 * We have to wait until later to process this, because we 611 * might not have gotten the address of the string table yet. 612 / 613* dyn_rpath = dynp; 614 break; 615 616 case DT_SONAME: 617 /* Not used by the dynamic linker. / 618* break; 619 620 case DT_INIT: 621 obj->init = (InitFunc) (obj->relocbase + dynp->d_un.d_ptr); 622 break; 623 624 case DT_FINI: 625 obj->fini = (InitFunc) (obj->relocbase + dynp->d_un.d_ptr); 626 break; 627 628 case DT_DEBUG: 629 /* XXX - not implemented yet / 630* dbg("Filling in DT_DEBUG entry"); 631 ((Elf_Dyn)dynp)->d_un.d_ptr = (Elf_Addr) &r_debug; 632* break; 633 634 default: 635 dbg("Ignoring d_tag %d = %#x", dynp->d_tag, dynp->d_tag); 636 break; 637 } 638 } 639 640 obj->traced = false; 641 642 if (plttype == DT_RELA) { 643 obj->pltrela = (const Elf_Rela ) obj->pltrel; 644* obj->pltrel = NULL; 645 obj->pltrelasize = obj->pltrelsize; 646 obj->pltrelsize = 0; 647 } 648 649 if (dyn_rpath != NULL) 650 obj->rpath = obj->strtab + dyn_rpath->d_un.d_val; 651} 652 653/* 654 * Process a shared object's program header. This is used only for the 655 * main program, when the kernel has already loaded the main program 656 * into memory before calling the dynamic linker. It creates and 657 * returns an Obj_Entry structure. 658 / 659static Obj_Entry 660digest_phdr(const Elf_Phdr phdr, int phnum, caddr_t entry, const char path) 661{ 662 Obj_Entry obj; 663* const Elf_Phdr phlimit = phdr + phnum; 664* const Elf_Phdr ph; 665* int nsegs = 0; 666 667 obj = obj_new(); 668 for (ph = phdr; ph < phlimit; ph++) { 669 switch (ph->p_type) { 670 671 case PT_PHDR: 672 if ((const Elf_Phdr )ph->p_vaddr != phdr) { 673* _rtld_error("%s: invalid PT_PHDR", path); 674 return NULL; 675 } 676 obj->phdr = (const Elf_Phdr ) ph->p_vaddr; 677* obj->phsize = ph->p_memsz; 678 break; 679 680 case PT_INTERP: 681 obj->interp = (const char ) ph->p_vaddr; 682* break; 683 684 case PT_LOAD: 685 if (nsegs >= 2) { 686 _rtld_error("%s: too many PT_LOAD segments", path); 687 return NULL; 688 } 689 if (nsegs == 0) { /* First load segment / 690* obj->vaddrbase = trunc_page(ph->p_vaddr); 691 obj->mapbase = (caddr_t) obj->vaddrbase; 692 obj->relocbase = obj->mapbase - obj->vaddrbase; 693 obj->textsize = round_page(ph->p_vaddr + ph->p_memsz) - 694 obj->vaddrbase; 695 } else { /* Last load segment / 696* obj->mapsize = round_page(ph->p_vaddr + ph->p_memsz) - 697 obj->vaddrbase; 698 } 699 nsegs++; 700 break; 701 702 case PT_DYNAMIC: 703 obj->dynamic = (const Elf_Dyn ) ph->p_vaddr; 704* break; 705 } 706 } 707 if (nsegs < 2) { 708 _rtld_error("%s: too few PT_LOAD segments", path); 709 return NULL; 710 } 711 712 obj->entry = entry; 713 return obj; 714} 715 716static Obj_Entry * 717dlcheck(void handle) 718{ 719* Obj_Entry obj; 720* 721 for (obj = obj_list; obj != NULL; obj = obj->next) 722 if (obj == (Obj_Entry ) handle) 723* break; 724 725 if (obj == NULL \|\| obj->refcount == 0 \|\| obj->dl_refcount == 0) { 726 _rtld_error("Invalid shared object handle %p", handle); 727 return NULL; 728 } 729 return obj; 730} 731 732/* 733 * If the given object is already in the donelist, return true. Otherwise 734 * add the object to the list and return false. 735 / 736static bool 737donelist_check(DoneList dlp, const Obj_Entry obj) 738{ 739* unsigned int i; 740 741 for (i = 0; i < dlp->num_used; i++) 742 if (dlp->objs[i] == obj) 743 return true; 744 /* 745 * Our donelist allocation should always be sufficient. But if 746 * our threads locking isn't working properly, more shared objects 747 * could have been loaded since we allocated the list. That should 748 * never happen, but we'll handle it properly just in case it does. 749 / 750* if (dlp->num_used < dlp->num_alloc) 751 dlp->objs[dlp->num_used++] = obj; 752 return false; 753} 754 755/* 756 * Hash function for symbol table lookup. Don't even think about changing 757 * this. It is specified by the System V ABI. 758 / 759unsigned long 760elf_hash(const char name) 761{ 762 const unsigned char p = (const unsigned char ) name; 763 unsigned long h = 0; 764 unsigned long g; 765 766 while (p != '\0') { 767* h = (h << 4) + p++; 768* if ((g = h & 0xf0000000) != 0) 769 h ^= g >> 24; 770 h &= ~g; 771 } 772 return h; 773} 774 775/* 776 * Find the library with the given name, and return its full pathname. 777 * The returned string is dynamically allocated. Generates an error 778 * message and returns NULL if the library cannot be found. 779 * 780 * If the second argument is non-NULL, then it refers to an already- 781 * loaded shared object, whose library search path will be searched. 782 * 783 * The search order is: 784 * rpath in the referencing file 785 * LD_LIBRARY_PATH 786 * ldconfig hints 787 * /usr/lib 788 / 789static char 790find_library(const char name, const Obj_Entry refobj) 791{ 792 char pathname; 793* 794 if (strchr(name, '/') != NULL) { /* Hard coded pathname / 795* if (name[0] != '/' && !trust) { 796 _rtld_error("Absolute pathname required for shared object \"%s\"", 797 name); 798 return NULL; 799 } 800 return xstrdup(name); 801 } 802 803 dbg(" Searching for \"%s\"", name); 804 805 if ((refobj != NULL && 806 (pathname = search_library_path(name, refobj->rpath)) != NULL) \|\| 807 (pathname = search_library_path(name, ld_library_path)) != NULL \|\| 808 (pathname = search_library_path(name, gethints())) != NULL \|\| 809 (pathname = search_library_path(name, STANDARD_LIBRARY_PATH)) != NULL) 810 return pathname; 811 812 _rtld_error("Shared object \"%s\" not found", name); 813 return NULL; 814} 815 816/* 817 * Given a symbol number in a referencing object, find the corresponding 818 * definition of the symbol. Returns a pointer to the symbol, or NULL if 819 * no definition was found. Returns a pointer to the Obj_Entry of the 820 * defining object via the reference parameter DEFOBJ_OUT. 821 / 822const Elf_Sym 823find_symdef(unsigned long symnum, const Obj_Entry *refobj,	431 if (def == NULL) 432 die(); 433 434 target = (Elf_Addr)(defobj->relocbase + def->st_value); 435 436 dbg("\"%s\" in \"%s\" ==> %p in \"%s\"", 437 defobj->strtab + def->st_name, basename(obj->path), 438 (void )target, basename(defobj->path)); 439* 440 reloc_jmpslot(where, target); 441 rlock_release(); 442 return target; 443} 444 445/* 446 * Error reporting function. Use it like printf. If formats the message 447 * into a buffer, and sets things up so that the next call to dlerror() 448 * will return the message. 449 / 450void 451_rtld_error(const char fmt, ...) 452{ 453 static char buf[512]; 454 va_list ap; 455 456 va_start(ap, fmt); 457 vsnprintf(buf, sizeof buf, fmt, ap); 458 error_message = buf; 459 va_end(ap); 460} 461 462/* 463 * Return a dynamically-allocated copy of the current error message, if any. 464 / 465static char 466errmsg_save(void) 467{ 468 return error_message == NULL ? NULL : xstrdup(error_message); 469} 470 471/* 472 * Restore the current error message from a copy which was previously saved 473 * by errmsg_save(). The copy is freed. 474 / 475static void 476errmsg_restore(char saved_msg) 477{ 478 if (saved_msg == NULL) 479 error_message = NULL; 480 else { 481 _rtld_error("%s", saved_msg); 482 free(saved_msg); 483 } 484} 485 486static const char * 487basename(const char name) 488{ 489* const char p = strrchr(name, '/'); 490* return p != NULL ? p + 1 : name; 491} 492 493static void 494die(void) 495{ 496 const char msg = dlerror(); 497* 498 if (msg == NULL) 499 msg = "Fatal error"; 500 errx(1, "%s", msg); 501} 502 503/* 504 * Process a shared object's DYNAMIC section, and save the important 505 * information in its Obj_Entry structure. 506 / 507static void 508digest_dynamic(Obj_Entry obj) 509{ 510 const Elf_Dyn dynp; 511* Needed_Entry *needed_tail = &obj->needed; 512* const Elf_Dyn dyn_rpath = NULL; 513* int plttype = DT_REL; 514 515 for (dynp = obj->dynamic; dynp->d_tag != DT_NULL; dynp++) { 516 switch (dynp->d_tag) { 517 518 case DT_REL: 519 obj->rel = (const Elf_Rel ) (obj->relocbase + dynp->d_un.d_ptr); 520* break; 521 522 case DT_RELSZ: 523 obj->relsize = dynp->d_un.d_val; 524 break; 525 526 case DT_RELENT: 527 assert(dynp->d_un.d_val == sizeof(Elf_Rel)); 528 break; 529 530 case DT_JMPREL: 531 obj->pltrel = (const Elf_Rel ) 532* (obj->relocbase + dynp->d_un.d_ptr); 533 break; 534 535 case DT_PLTRELSZ: 536 obj->pltrelsize = dynp->d_un.d_val; 537 break; 538 539 case DT_RELA: 540 obj->rela = (const Elf_Rela ) (obj->relocbase + dynp->d_un.d_ptr); 541* break; 542 543 case DT_RELASZ: 544 obj->relasize = dynp->d_un.d_val; 545 break; 546 547 case DT_RELAENT: 548 assert(dynp->d_un.d_val == sizeof(Elf_Rela)); 549 break; 550 551 case DT_PLTREL: 552 plttype = dynp->d_un.d_val; 553 assert(dynp->d_un.d_val == DT_REL \|\| plttype == DT_RELA); 554 break; 555 556 case DT_SYMTAB: 557 obj->symtab = (const Elf_Sym ) 558* (obj->relocbase + dynp->d_un.d_ptr); 559 break; 560 561 case DT_SYMENT: 562 assert(dynp->d_un.d_val == sizeof(Elf_Sym)); 563 break; 564 565 case DT_STRTAB: 566 obj->strtab = (const char ) (obj->relocbase + dynp->d_un.d_ptr); 567* break; 568 569 case DT_STRSZ: 570 obj->strsize = dynp->d_un.d_val; 571 break; 572 573 case DT_HASH: 574 { 575 const Elf_Addr hashtab = (const Elf_Addr ) 576 (obj->relocbase + dynp->d_un.d_ptr); 577 obj->nbuckets = hashtab[0]; 578 obj->nchains = hashtab[1]; 579 obj->buckets = hashtab + 2; 580 obj->chains = obj->buckets + obj->nbuckets; 581 } 582 break; 583 584 case DT_NEEDED: 585 if (!obj->rtld) { 586 Needed_Entry nep = NEW(Needed_Entry); 587* nep->name = dynp->d_un.d_val; 588 nep->obj = NULL; 589 nep->next = NULL; 590 591 needed_tail = nep; 592* needed_tail = &nep->next; 593 } 594 break; 595 596 case DT_PLTGOT: 597 obj->pltgot = (Elf_Addr ) (obj->relocbase + dynp->d_un.d_ptr); 598* break; 599 600 case DT_TEXTREL: 601 obj->textrel = true; 602 break; 603 604 case DT_SYMBOLIC: 605 obj->symbolic = true; 606 break; 607 608 case DT_RPATH: 609 /* 610 * We have to wait until later to process this, because we 611 * might not have gotten the address of the string table yet. 612 / 613* dyn_rpath = dynp; 614 break; 615 616 case DT_SONAME: 617 /* Not used by the dynamic linker. / 618* break; 619 620 case DT_INIT: 621 obj->init = (InitFunc) (obj->relocbase + dynp->d_un.d_ptr); 622 break; 623 624 case DT_FINI: 625 obj->fini = (InitFunc) (obj->relocbase + dynp->d_un.d_ptr); 626 break; 627 628 case DT_DEBUG: 629 /* XXX - not implemented yet / 630* dbg("Filling in DT_DEBUG entry"); 631 ((Elf_Dyn)dynp)->d_un.d_ptr = (Elf_Addr) &r_debug; 632* break; 633 634 default: 635 dbg("Ignoring d_tag %d = %#x", dynp->d_tag, dynp->d_tag); 636 break; 637 } 638 } 639 640 obj->traced = false; 641 642 if (plttype == DT_RELA) { 643 obj->pltrela = (const Elf_Rela ) obj->pltrel; 644* obj->pltrel = NULL; 645 obj->pltrelasize = obj->pltrelsize; 646 obj->pltrelsize = 0; 647 } 648 649 if (dyn_rpath != NULL) 650 obj->rpath = obj->strtab + dyn_rpath->d_un.d_val; 651} 652 653/* 654 * Process a shared object's program header. This is used only for the 655 * main program, when the kernel has already loaded the main program 656 * into memory before calling the dynamic linker. It creates and 657 * returns an Obj_Entry structure. 658 / 659static Obj_Entry 660digest_phdr(const Elf_Phdr phdr, int phnum, caddr_t entry, const char path) 661{ 662 Obj_Entry obj; 663* const Elf_Phdr phlimit = phdr + phnum; 664* const Elf_Phdr ph; 665* int nsegs = 0; 666 667 obj = obj_new(); 668 for (ph = phdr; ph < phlimit; ph++) { 669 switch (ph->p_type) { 670 671 case PT_PHDR: 672 if ((const Elf_Phdr )ph->p_vaddr != phdr) { 673* _rtld_error("%s: invalid PT_PHDR", path); 674 return NULL; 675 } 676 obj->phdr = (const Elf_Phdr ) ph->p_vaddr; 677* obj->phsize = ph->p_memsz; 678 break; 679 680 case PT_INTERP: 681 obj->interp = (const char ) ph->p_vaddr; 682* break; 683 684 case PT_LOAD: 685 if (nsegs >= 2) { 686 _rtld_error("%s: too many PT_LOAD segments", path); 687 return NULL; 688 } 689 if (nsegs == 0) { /* First load segment / 690* obj->vaddrbase = trunc_page(ph->p_vaddr); 691 obj->mapbase = (caddr_t) obj->vaddrbase; 692 obj->relocbase = obj->mapbase - obj->vaddrbase; 693 obj->textsize = round_page(ph->p_vaddr + ph->p_memsz) - 694 obj->vaddrbase; 695 } else { /* Last load segment / 696* obj->mapsize = round_page(ph->p_vaddr + ph->p_memsz) - 697 obj->vaddrbase; 698 } 699 nsegs++; 700 break; 701 702 case PT_DYNAMIC: 703 obj->dynamic = (const Elf_Dyn ) ph->p_vaddr; 704* break; 705 } 706 } 707 if (nsegs < 2) { 708 _rtld_error("%s: too few PT_LOAD segments", path); 709 return NULL; 710 } 711 712 obj->entry = entry; 713 return obj; 714} 715 716static Obj_Entry * 717dlcheck(void handle) 718{ 719* Obj_Entry obj; 720* 721 for (obj = obj_list; obj != NULL; obj = obj->next) 722 if (obj == (Obj_Entry ) handle) 723* break; 724 725 if (obj == NULL \|\| obj->refcount == 0 \|\| obj->dl_refcount == 0) { 726 _rtld_error("Invalid shared object handle %p", handle); 727 return NULL; 728 } 729 return obj; 730} 731 732/* 733 * If the given object is already in the donelist, return true. Otherwise 734 * add the object to the list and return false. 735 / 736static bool 737donelist_check(DoneList dlp, const Obj_Entry obj) 738{ 739* unsigned int i; 740 741 for (i = 0; i < dlp->num_used; i++) 742 if (dlp->objs[i] == obj) 743 return true; 744 /* 745 * Our donelist allocation should always be sufficient. But if 746 * our threads locking isn't working properly, more shared objects 747 * could have been loaded since we allocated the list. That should 748 * never happen, but we'll handle it properly just in case it does. 749 / 750* if (dlp->num_used < dlp->num_alloc) 751 dlp->objs[dlp->num_used++] = obj; 752 return false; 753} 754 755/* 756 * Hash function for symbol table lookup. Don't even think about changing 757 * this. It is specified by the System V ABI. 758 / 759unsigned long 760elf_hash(const char name) 761{ 762 const unsigned char p = (const unsigned char ) name; 763 unsigned long h = 0; 764 unsigned long g; 765 766 while (p != '\0') { 767* h = (h << 4) + p++; 768* if ((g = h & 0xf0000000) != 0) 769 h ^= g >> 24; 770 h &= ~g; 771 } 772 return h; 773} 774 775/* 776 * Find the library with the given name, and return its full pathname. 777 * The returned string is dynamically allocated. Generates an error 778 * message and returns NULL if the library cannot be found. 779 * 780 * If the second argument is non-NULL, then it refers to an already- 781 * loaded shared object, whose library search path will be searched. 782 * 783 * The search order is: 784 * rpath in the referencing file 785 * LD_LIBRARY_PATH 786 * ldconfig hints 787 * /usr/lib 788 / 789static char 790find_library(const char name, const Obj_Entry refobj) 791{ 792 char pathname; 793* 794 if (strchr(name, '/') != NULL) { /* Hard coded pathname / 795* if (name[0] != '/' && !trust) { 796 _rtld_error("Absolute pathname required for shared object \"%s\"", 797 name); 798 return NULL; 799 } 800 return xstrdup(name); 801 } 802 803 dbg(" Searching for \"%s\"", name); 804 805 if ((refobj != NULL && 806 (pathname = search_library_path(name, refobj->rpath)) != NULL) \|\| 807 (pathname = search_library_path(name, ld_library_path)) != NULL \|\| 808 (pathname = search_library_path(name, gethints())) != NULL \|\| 809 (pathname = search_library_path(name, STANDARD_LIBRARY_PATH)) != NULL) 810 return pathname; 811 812 _rtld_error("Shared object \"%s\" not found", name); 813 return NULL; 814} 815 816/* 817 * Given a symbol number in a referencing object, find the corresponding 818 * definition of the symbol. Returns a pointer to the symbol, or NULL if 819 * no definition was found. Returns a pointer to the Obj_Entry of the 820 * defining object via the reference parameter DEFOBJ_OUT. 821 / 822const Elf_Sym 823find_symdef(unsigned long symnum, const Obj_Entry *refobj,
824 const Obj_Entry **defobj_out, bool in_plt)	824 const Obj_Entry *defobj_out, bool in_plt, SymCache cache)
825{ 826 const Elf_Sym ref; 827* const Elf_Sym def; 828* const Obj_Entry defobj; 829* const char name; 830* unsigned long hash; 831	825{ 826 const Elf_Sym ref; 827* const Elf_Sym def; 828* const Obj_Entry defobj; 829* const char name; 830* unsigned long hash; 831
	832 /* 833 * If we have already found this symbol, get the information from 834 * the cache. 835 / 836* if (symnum >= refobj->nchains) 837 return NULL; /* Bad object / 838* if (cache != NULL && cache[symnum].sym != NULL) { 839 defobj_out = cache[symnum].obj; 840* return cache[symnum].sym; 841 } 842
832 ref = refobj->symtab + symnum; 833 name = refobj->strtab + ref->st_name; 834 hash = elf_hash(name); 835 defobj = NULL; 836 837 def = symlook_default(name, hash, refobj, &defobj, in_plt); 838 839 /* 840 * If we found no definition and the reference is weak, treat the 841 * symbol as having the value zero. 842 / 843* if (def == NULL && ELF_ST_BIND(ref->st_info) == STB_WEAK) { 844 def = &sym_zero; 845 defobj = obj_main; 846 } 847	843 ref = refobj->symtab + symnum; 844 name = refobj->strtab + ref->st_name; 845 hash = elf_hash(name); 846 defobj = NULL; 847 848 def = symlook_default(name, hash, refobj, &defobj, in_plt); 849 850 /* 851 * If we found no definition and the reference is weak, treat the 852 * symbol as having the value zero. 853 / 854* if (def == NULL && ELF_ST_BIND(ref->st_info) == STB_WEAK) { 855 def = &sym_zero; 856 defobj = obj_main; 857 } 858
848 if (def != NULL)	859 if (def != NULL) {
849 *defobj_out = defobj;	860 *defobj_out = defobj;
850 else	861 /* Record the information in the cache to avoid subsequent lookups. / 862* if (cache != NULL) { 863 cache[symnum].sym = def; 864 cache[symnum].obj = defobj; 865 } 866 } else
851 _rtld_error("%s: Undefined symbol \"%s\"", refobj->path, name); 852 return def; 853} 854 855/* 856 * Return the search path from the ldconfig hints file, reading it if 857 * necessary. Returns NULL if there are problems with the hints file, 858 * or if the search path there is empty. 859 / 860static const char 861gethints(void) 862{ 863 static char hints; 864* 865 if (hints == NULL) { 866 int fd; 867 struct elfhints_hdr hdr; 868 char p; 869* 870 /* Keep from trying again in case the hints file is bad. / 871* hints = ""; 872 873 if ((fd = open(_PATH_ELF_HINTS, O_RDONLY)) == -1) 874 return NULL; 875 if (read(fd, &hdr, sizeof hdr) != sizeof hdr \|\| 876 hdr.magic != ELFHINTS_MAGIC \|\| 877 hdr.version != 1) { 878 close(fd); 879 return NULL; 880 } 881 p = xmalloc(hdr.dirlistlen + 1); 882 if (lseek(fd, hdr.strtab + hdr.dirlist, SEEK_SET) == -1 \|\| 883 read(fd, p, hdr.dirlistlen + 1) != hdr.dirlistlen + 1) { 884 free(p); 885 close(fd); 886 return NULL; 887 } 888 hints = p; 889 close(fd); 890 } 891 return hints[0] != '\0' ? hints : NULL; 892} 893 894static void 895init_dag(Obj_Entry root) 896{ 897* DoneList donelist; 898 899 donelist_init(&donelist); 900 init_dag1(root, root, &donelist); 901} 902 903static void 904init_dag1(Obj_Entry root, Obj_Entry obj, DoneList dlp) 905{ 906* const Needed_Entry needed; 907* 908 if (donelist_check(dlp, obj)) 909 return; 910 objlist_push_tail(&obj->dldags, root); 911 objlist_push_tail(&root->dagmembers, obj); 912 for (needed = obj->needed; needed != NULL; needed = needed->next) 913 if (needed->obj != NULL) 914 init_dag1(root, needed->obj, dlp); 915} 916 917/* 918 * Initialize the dynamic linker. The argument is the address at which 919 * the dynamic linker has been mapped into memory. The primary task of 920 * this function is to relocate the dynamic linker. 921 / 922static void 923init_rtld(caddr_t mapbase) 924{ 925* /* 926 * Conjure up an Obj_Entry structure for the dynamic linker. 927 * 928 * The "path" member is supposed to be dynamically-allocated, but we 929 * aren't yet initialized sufficiently to do that. Below we will 930 * replace the static version with a dynamically-allocated copy. 931 / 932* obj_rtld.path = PATH_RTLD; 933 obj_rtld.rtld = true; 934 obj_rtld.mapbase = mapbase; 935#ifdef PIC 936 obj_rtld.relocbase = mapbase; 937#endif 938 if (&_DYNAMIC != 0) { 939 obj_rtld.dynamic = rtld_dynamic(&obj_rtld); 940 digest_dynamic(&obj_rtld); 941 assert(obj_rtld.needed == NULL); 942 assert(!obj_rtld.textrel); 943 944 /* 945 * Temporarily put the dynamic linker entry into the object list, so 946 * that symbols can be found. 947 / 948* obj_list = &obj_rtld; 949 obj_tail = &obj_rtld.next; 950 obj_count = 1; 951 952 relocate_objects(&obj_rtld, true); 953 } 954 955 /* Make the object list empty again. / 956* obj_list = NULL; 957 obj_tail = &obj_list; 958 obj_count = 0; 959 960 /* Replace the path with a dynamically allocated copy. / 961* obj_rtld.path = xstrdup(obj_rtld.path); 962 963 r_debug.r_brk = r_debug_state; 964 r_debug.r_state = RT_CONSISTENT; 965} 966 967/* 968 * Add the init functions from a needed object list (and its recursive 969 * needed objects) to "list". This is not used directly; it is a helper 970 * function for initlist_add_objects(). The write lock must be held 971 * when this function is called. 972 / 973static void 974initlist_add_neededs(Needed_Entry needed, Objlist list) 975{ 976* /* Recursively process the successor needed objects. / 977* if (needed->next != NULL) 978 initlist_add_neededs(needed->next, list); 979 980 /* Process the current needed object. / 981* if (needed->obj != NULL) 982 initlist_add_objects(needed->obj, &needed->obj->next, list); 983} 984 985/* 986 * Scan all of the DAGs rooted in the range of objects from "obj" to 987 * "tail" and add their init functions to "list". This recurses over 988 * the DAGs and ensure the proper init ordering such that each object's 989 * needed libraries are initialized before the object itself. At the 990 * same time, this function adds the objects to the global finalization 991 * list "list_fini" in the opposite order. The write lock must be 992 * held when this function is called. 993 / 994static void 995initlist_add_objects(Obj_Entry obj, Obj_Entry *tail, Objlist list) 996{ 997 if (obj->init_done) 998 return; 999 obj->init_done = true; 1000 1001 /* Recursively process the successor objects. / 1002* if (&obj->next != tail) 1003 initlist_add_objects(obj->next, tail, list); 1004 1005 /* Recursively process the needed objects. / 1006* if (obj->needed != NULL) 1007 initlist_add_neededs(obj->needed, list); 1008 1009 /* Add the object to the init list. / 1010* if (obj->init != NULL) 1011 objlist_push_tail(list, obj); 1012 1013 /* Add the object to the global fini list in the reverse order. / 1014* if (obj->fini != NULL) 1015 objlist_push_head(&list_fini, obj); 1016} 1017 1018static bool 1019is_exported(const Elf_Sym def) 1020{ 1021* func_ptr_type value; 1022 const func_ptr_type p; 1023* 1024 value = (func_ptr_type)(obj_rtld.relocbase + def->st_value); 1025 for (p = exports; p != NULL; p++) 1026* if (p == value) 1027* return true; 1028 return false; 1029} 1030 1031/* 1032 * Given a shared object, traverse its list of needed objects, and load 1033 * each of them. Returns 0 on success. Generates an error message and 1034 * returns -1 on failure. 1035 / 1036static int 1037load_needed_objects(Obj_Entry first) 1038{ 1039 Obj_Entry obj; 1040* 1041 for (obj = first; obj != NULL; obj = obj->next) { 1042 Needed_Entry needed; 1043* 1044 for (needed = obj->needed; needed != NULL; needed = needed->next) { 1045 const char name = obj->strtab + needed->name; 1046* char path = find_library(name, obj); 1047* 1048 needed->obj = NULL; 1049 if (path == NULL && !ld_tracing) 1050 return -1; 1051 1052 if (path) { 1053 needed->obj = load_object(path); 1054 if (needed->obj == NULL && !ld_tracing) 1055 return -1; /* XXX - cleanup / 1056* } 1057 } 1058 } 1059 1060 return 0; 1061} 1062 1063static int 1064load_preload_objects(void) 1065{ 1066 char p = ld_preload; 1067* static const char delim[] = " \t:;"; 1068 1069 if (p == NULL) 1070 return NULL; 1071 1072 p += strspn(p, delim); 1073 while (p != '\0') { 1074* size_t len = strcspn(p, delim); 1075 char path; 1076* char savech; 1077 1078 savech = p[len]; 1079 p[len] = '\0'; 1080 if ((path = find_library(p, NULL)) == NULL) 1081 return -1; 1082 if (load_object(path) == NULL) 1083 return -1; /* XXX - cleanup / 1084* p[len] = savech; 1085 p += len; 1086 p += strspn(p, delim); 1087 } 1088 return 0; 1089} 1090 1091/* 1092 * Load a shared object into memory, if it is not already loaded. The 1093 * argument must be a string allocated on the heap. This function assumes 1094 * responsibility for freeing it when necessary. 1095 * 1096 * Returns a pointer to the Obj_Entry for the object. Returns NULL 1097 * on failure. 1098 / 1099static Obj_Entry 1100load_object(char path) 1101{ 1102* Obj_Entry obj; 1103* int fd = -1; 1104 struct stat sb; 1105 1106 for (obj = obj_list->next; obj != NULL; obj = obj->next) 1107 if (strcmp(obj->path, path) == 0) 1108 break; 1109 1110 /* 1111 * If we didn't find a match by pathname, open the file and check 1112 * again by device and inode. This avoids false mismatches caused 1113 * by multiple links or ".." in pathnames. 1114 * 1115 * To avoid a race, we open the file and use fstat() rather than 1116 * using stat(). 1117 / 1118* if (obj == NULL) { 1119 if ((fd = open(path, O_RDONLY)) == -1) { 1120 _rtld_error("Cannot open \"%s\"", path); 1121 return NULL; 1122 } 1123 if (fstat(fd, &sb) == -1) { 1124 _rtld_error("Cannot fstat \"%s\"", path); 1125 close(fd); 1126 return NULL; 1127 } 1128 for (obj = obj_list->next; obj != NULL; obj = obj->next) { 1129 if (obj->ino == sb.st_ino && obj->dev == sb.st_dev) { 1130 close(fd); 1131 break; 1132 } 1133 } 1134 } 1135 1136 if (obj == NULL) { /* First use of this object, so we must map it in / 1137* dbg("loading \"%s\"", path); 1138 obj = map_object(fd, path, &sb); 1139 close(fd); 1140 if (obj == NULL) { 1141 free(path); 1142 return NULL; 1143 } 1144 1145 obj->path = path; 1146 digest_dynamic(obj); 1147 1148 obj_tail = obj; 1149* obj_tail = &obj->next; 1150 obj_count++; 1151 linkmap_add(obj); /* for GDB / 1152* 1153 dbg(" %p .. %p: %s", obj->mapbase, 1154 obj->mapbase + obj->mapsize - 1, obj->path); 1155 if (obj->textrel) 1156 dbg(" WARNING: %s has impure text", obj->path); 1157 } else 1158 free(path); 1159 1160 obj->refcount++; 1161 return obj; 1162} 1163 1164/* 1165 * Check for locking violations and die if one is found. 1166 / 1167static void 1168lock_check(void) 1169{ 1170* int rcount, wcount; 1171 1172 rcount = lockinfo.rcount; 1173 wcount = lockinfo.wcount; 1174 assert(rcount >= 0); 1175 assert(wcount >= 0); 1176 if (wcount > 1 \|\| (wcount != 0 && rcount != 0)) { 1177 _rtld_error("Application locking error: %d readers and %d writers" 1178 " in dynamic linker. See DLLOCKINIT(3) in manual pages.", 1179 rcount, wcount); 1180 die(); 1181 } 1182} 1183 1184static Obj_Entry * 1185obj_from_addr(const void addr) 1186{ 1187* unsigned long endhash; 1188 Obj_Entry obj; 1189* 1190 endhash = elf_hash(END_SYM); 1191 for (obj = obj_list; obj != NULL; obj = obj->next) { 1192 const Elf_Sym endsym; 1193* 1194 if (addr < (void ) obj->mapbase) 1195* continue; 1196 if ((endsym = symlook_obj(END_SYM, endhash, obj, true)) == NULL) 1197 continue; /* No "end" symbol?! / 1198* if (addr < (void ) (obj->relocbase + endsym->st_value)) 1199* return obj; 1200 } 1201 return NULL; 1202} 1203 1204/* 1205 * Call the finalization functions for each of the objects in "list" 1206 * which are unreferenced. All of the objects are expected to have 1207 * non-NULL fini functions. 1208 / 1209static void 1210objlist_call_fini(Objlist list) 1211{ 1212 Objlist_Entry elm; 1213* char saved_msg; 1214* 1215 /* 1216 * Preserve the current error message since a fini function might 1217 * call into the dynamic linker and overwrite it. 1218 / 1219* saved_msg = errmsg_save(); 1220 STAILQ_FOREACH(elm, list, link) { 1221 if (elm->obj->refcount == 0) { 1222 dbg("calling fini function for %s", elm->obj->path); 1223 (elm->obj->fini)(); 1224* } 1225 } 1226 errmsg_restore(saved_msg); 1227} 1228 1229/* 1230 * Call the initialization functions for each of the objects in 1231 * "list". All of the objects are expected to have non-NULL init 1232 * functions. 1233 / 1234static void 1235objlist_call_init(Objlist list) 1236{ 1237 Objlist_Entry elm; 1238* char saved_msg; 1239* 1240 /* 1241 * Preserve the current error message since an init function might 1242 * call into the dynamic linker and overwrite it. 1243 / 1244* saved_msg = errmsg_save(); 1245 STAILQ_FOREACH(elm, list, link) { 1246 dbg("calling init function for %s", elm->obj->path); 1247 (elm->obj->init)(); 1248* } 1249 errmsg_restore(saved_msg); 1250} 1251 1252static void 1253objlist_clear(Objlist list) 1254{ 1255* Objlist_Entry elm; 1256* 1257 while (!STAILQ_EMPTY(list)) { 1258 elm = STAILQ_FIRST(list); 1259 STAILQ_REMOVE_HEAD(list, link); 1260 free(elm); 1261 } 1262} 1263 1264static Objlist_Entry * 1265objlist_find(Objlist list, const Obj_Entry obj) 1266{ 1267 Objlist_Entry elm; 1268* 1269 STAILQ_FOREACH(elm, list, link) 1270 if (elm->obj == obj) 1271 return elm; 1272 return NULL; 1273} 1274 1275static void 1276objlist_init(Objlist list) 1277{ 1278* STAILQ_INIT(list); 1279} 1280 1281static void 1282objlist_push_head(Objlist list, Obj_Entry obj) 1283{ 1284 Objlist_Entry elm; 1285* 1286 elm = NEW(Objlist_Entry); 1287 elm->obj = obj; 1288 STAILQ_INSERT_HEAD(list, elm, link); 1289} 1290 1291static void 1292objlist_push_tail(Objlist list, Obj_Entry obj) 1293{ 1294 Objlist_Entry elm; 1295* 1296 elm = NEW(Objlist_Entry); 1297 elm->obj = obj; 1298 STAILQ_INSERT_TAIL(list, elm, link); 1299} 1300 1301static void 1302objlist_remove(Objlist list, Obj_Entry obj) 1303{ 1304 Objlist_Entry elm; 1305* 1306 if ((elm = objlist_find(list, obj)) != NULL) { 1307 STAILQ_REMOVE(list, elm, Struct_Objlist_Entry, link); 1308 free(elm); 1309 } 1310} 1311 1312/* 1313 * Remove all of the unreferenced objects from "list". 1314 / 1315static void 1316objlist_remove_unref(Objlist list) 1317{ 1318 Objlist newlist; 1319 Objlist_Entry elm; 1320* 1321 STAILQ_INIT(&newlist); 1322 while (!STAILQ_EMPTY(list)) { 1323 elm = STAILQ_FIRST(list); 1324 STAILQ_REMOVE_HEAD(list, link); 1325 if (elm->obj->refcount == 0) 1326 free(elm); 1327 else 1328 STAILQ_INSERT_TAIL(&newlist, elm, link); 1329 } 1330 list = newlist; 1331} 1332* 1333/* 1334 * Relocate newly-loaded shared objects. The argument is a pointer to 1335 * the Obj_Entry for the first such object. All objects from the first 1336 * to the end of the list of objects are relocated. Returns 0 on success, 1337 * or -1 on failure. 1338 / 1339static int 1340relocate_objects(Obj_Entry first, bool bind_now) 1341{ 1342 Obj_Entry obj; 1343* 1344 for (obj = first; obj != NULL; obj = obj->next) { 1345 if (obj != &obj_rtld) 1346 dbg("relocating \"%s\"", obj->path); 1347 if (obj->nbuckets == 0 \|\| obj->nchains == 0 \|\| obj->buckets == NULL \|\| 1348 obj->symtab == NULL \|\| obj->strtab == NULL) { 1349 _rtld_error("%s: Shared object has no run-time symbol table", 1350 obj->path); 1351 return -1; 1352 } 1353 1354 if (obj->textrel) { 1355 /* There are relocations to the write-protected text segment. / 1356* if (mprotect(obj->mapbase, obj->textsize, 1357 PROT_READ\|PROT_WRITE\|PROT_EXEC) == -1) { 1358 _rtld_error("%s: Cannot write-enable text segment: %s", 1359 obj->path, strerror(errno)); 1360 return -1; 1361 } 1362 } 1363 1364 /* Process the non-PLT relocations. / 1365* if (reloc_non_plt(obj, &obj_rtld)) 1366 return -1; 1367 1368 if (obj->textrel) { /* Re-protected the text segment. / 1369* if (mprotect(obj->mapbase, obj->textsize, 1370 PROT_READ\|PROT_EXEC) == -1) { 1371 _rtld_error("%s: Cannot write-protect text segment: %s", 1372 obj->path, strerror(errno)); 1373 return -1; 1374 } 1375 } 1376 1377 /* Process the PLT relocations. / 1378* if (reloc_plt(obj) == -1) 1379 return -1; 1380 /* Relocate the jump slots if we are doing immediate binding. / 1381* if (bind_now) 1382 if (reloc_jmpslots(obj) == -1) 1383 return -1; 1384 1385 1386 /* 1387 * Set up the magic number and version in the Obj_Entry. These 1388 * were checked in the crt1.o from the original ElfKit, so we 1389 * set them for backward compatibility. 1390 / 1391* obj->magic = RTLD_MAGIC; 1392 obj->version = RTLD_VERSION; 1393 1394 /* Set the special PLT or GOT entries. / 1395* init_pltgot(obj); 1396 } 1397 1398 return 0; 1399} 1400 1401/* 1402 * Cleanup procedure. It will be called (by the atexit mechanism) just 1403 * before the process exits. 1404 / 1405static void 1406rtld_exit(void) 1407{ 1408* Obj_Entry obj; 1409* 1410 dbg("rtld_exit()"); 1411 wlock_acquire(); 1412 /* Clear all the reference counts so the fini functions will be called. / 1413* for (obj = obj_list; obj != NULL; obj = obj->next) 1414 obj->refcount = 0; 1415 wlock_release(); 1416 objlist_call_fini(&list_fini); 1417 /* No need to remove the items from the list, since we are exiting. / 1418} 1419* 1420static char * 1421search_library_path(const char name, const char path) 1422{ 1423 size_t namelen = strlen(name); 1424 const char p = path; 1425* 1426 if (p == NULL) 1427 return NULL; 1428 1429 p += strspn(p, ":;"); 1430 while (p != '\0') { 1431* size_t len = strcspn(p, ":;"); 1432 1433 if (p == '/' \|\| trust) { 1434* char pathname; 1435* const char dir = p; 1436* size_t dirlen = len; 1437 1438 pathname = xmalloc(dirlen + 1 + namelen + 1); 1439 strncpy(pathname, dir, dirlen); 1440 pathname[dirlen] = '/'; 1441 strcpy(pathname + dirlen + 1, name); 1442 1443 dbg(" Trying \"%s\"", pathname); 1444 if (access(pathname, F_OK) == 0) /* We found it / 1445* return pathname; 1446 1447 free(pathname); 1448 } 1449 p += len; 1450 p += strspn(p, ":;"); 1451 } 1452 1453 return NULL; 1454} 1455 1456int 1457dlclose(void handle) 1458{ 1459* Obj_Entry root; 1460* 1461 wlock_acquire(); 1462 root = dlcheck(handle); 1463 if (root == NULL) { 1464 wlock_release(); 1465 return -1; 1466 } 1467 1468 /* Unreference the object and its dependencies. / 1469* root->dl_refcount--; 1470 unref_dag(root); 1471 1472 if (root->refcount == 0) { 1473 /* 1474 * The object is no longer referenced, so we must unload it. 1475 * First, call the fini functions with no locks held. 1476 / 1477* wlock_release(); 1478 objlist_call_fini(&list_fini); 1479 wlock_acquire(); 1480 objlist_remove_unref(&list_fini); 1481 1482 /* Finish cleaning up the newly-unreferenced objects. / 1483* GDB_STATE(RT_DELETE,&root->linkmap); 1484 unload_object(root); 1485 GDB_STATE(RT_CONSISTENT,NULL); 1486 } 1487 wlock_release(); 1488 return 0; 1489} 1490 1491const char * 1492dlerror(void) 1493{ 1494 char msg = error_message; 1495* error_message = NULL; 1496 return msg; 1497} 1498 1499/* 1500 * This function is deprecated and has no effect. 1501 / 1502void 1503dllockinit(void context, 1504 void (lock_create)(void context), 1505* void (rlock_acquire)(void lock), 1506 void (wlock_acquire)(void lock), 1507 void (lock_release)(void lock), 1508 void (lock_destroy)(void lock), 1509 void (context_destroy)(void context)) 1510{ 1511 static void cur_context; 1512* static void (cur_context_destroy)(void ); 1513 1514 /* Just destroy the context from the previous call, if necessary. / 1515* if (cur_context_destroy != NULL) 1516 cur_context_destroy(cur_context); 1517 cur_context = context; 1518 cur_context_destroy = context_destroy; 1519} 1520 1521void * 1522dlopen(const char name, int mode) 1523{ 1524* Obj_Entry *old_obj_tail; 1525* Obj_Entry obj; 1526* Objlist initlist; 1527 1528 objlist_init(&initlist); 1529 1530 wlock_acquire(); 1531 GDB_STATE(RT_ADD,NULL); 1532 1533 old_obj_tail = obj_tail; 1534 obj = NULL; 1535 if (name == NULL) { 1536 obj = obj_main; 1537 obj->refcount++; 1538 } else { 1539 char path = find_library(name, obj_main); 1540* if (path != NULL) 1541 obj = load_object(path); 1542 } 1543 1544 if (obj) { 1545 obj->dl_refcount++; 1546 if (mode & RTLD_GLOBAL && objlist_find(&list_global, obj) == NULL) 1547 objlist_push_tail(&list_global, obj); 1548 mode &= RTLD_MODEMASK; 1549 if (old_obj_tail != NULL) { / We loaded something new. / 1550* assert(old_obj_tail == obj); 1551* 1552 if (load_needed_objects(obj) == -1 \|\| 1553 (init_dag(obj), relocate_objects(obj, mode == RTLD_NOW)) == -1) { 1554 obj->dl_refcount--; 1555 unref_dag(obj); 1556 if (obj->refcount == 0) 1557 unload_object(obj); 1558 obj = NULL; 1559 } else { 1560 /* Make list of init functions to call. / 1561* initlist_add_objects(obj, &obj->next, &initlist); 1562 } 1563 } 1564 } 1565 1566 GDB_STATE(RT_CONSISTENT,obj ? &obj->linkmap : NULL); 1567 1568 /* Call the init functions with no locks held. / 1569* wlock_release(); 1570 objlist_call_init(&initlist); 1571 wlock_acquire(); 1572 objlist_clear(&initlist); 1573 wlock_release(); 1574 return obj; 1575} 1576 1577void * 1578dlsym(void handle, const char name) 1579{ 1580 const Obj_Entry obj; 1581* unsigned long hash; 1582 const Elf_Sym def; 1583* const Obj_Entry defobj; 1584* 1585 hash = elf_hash(name); 1586 def = NULL; 1587 defobj = NULL; 1588 1589 rlock_acquire(); 1590 if (handle == NULL \|\| handle == RTLD_NEXT \|\| handle == RTLD_DEFAULT) { 1591 void retaddr; 1592* 1593 retaddr = __builtin_return_address(0); /* __GNUC__ only / 1594* if ((obj = obj_from_addr(retaddr)) == NULL) { 1595 _rtld_error("Cannot determine caller's shared object"); 1596 rlock_release(); 1597 return NULL; 1598 } 1599 if (handle == NULL) { /* Just the caller's shared object. / 1600* def = symlook_obj(name, hash, obj, true); 1601 defobj = obj; 1602 } else if (handle == RTLD_NEXT) { /* Objects after caller's / 1603* while ((obj = obj->next) != NULL) { 1604 if ((def = symlook_obj(name, hash, obj, true)) != NULL) { 1605 defobj = obj; 1606 break; 1607 } 1608 } 1609 } else { 1610 assert(handle == RTLD_DEFAULT); 1611 def = symlook_default(name, hash, obj, &defobj, true); 1612 } 1613 } else { 1614 if ((obj = dlcheck(handle)) == NULL) { 1615 rlock_release(); 1616 return NULL; 1617 } 1618 1619 if (obj->mainprog) { 1620 DoneList donelist; 1621 1622 /* Search main program and all libraries loaded by it. / 1623* donelist_init(&donelist); 1624 def = symlook_list(name, hash, &list_main, &defobj, true, 1625 &donelist); 1626 } else { 1627 /* 1628 * XXX - This isn't correct. The search should include the whole 1629 * DAG rooted at the given object. 1630 / 1631* def = symlook_obj(name, hash, obj, true); 1632 defobj = obj; 1633 } 1634 } 1635 1636 if (def != NULL) { 1637 rlock_release(); 1638 return defobj->relocbase + def->st_value; 1639 } 1640 1641 _rtld_error("Undefined symbol \"%s\"", name); 1642 rlock_release(); 1643 return NULL; 1644} 1645 1646int 1647dladdr(const void addr, Dl_info info) 1648{ 1649 const Obj_Entry obj; 1650* const Elf_Sym def; 1651* void symbol_addr; 1652* unsigned long symoffset; 1653 1654 rlock_acquire(); 1655 obj = obj_from_addr(addr); 1656 if (obj == NULL) { 1657 _rtld_error("No shared object contains address"); 1658 rlock_release(); 1659 return 0; 1660 } 1661 info->dli_fname = obj->path; 1662 info->dli_fbase = obj->mapbase; 1663 info->dli_saddr = (void )0; 1664* info->dli_sname = NULL; 1665 1666 /* 1667 * Walk the symbol list looking for the symbol whose address is 1668 * closest to the address sent in. 1669 / 1670* for (symoffset = 0; symoffset < obj->nchains; symoffset++) { 1671 def = obj->symtab + symoffset; 1672 1673 /* 1674 * For skip the symbol if st_shndx is either SHN_UNDEF or 1675 * SHN_COMMON. 1676 / 1677* if (def->st_shndx == SHN_UNDEF \|\| def->st_shndx == SHN_COMMON) 1678 continue; 1679 1680 /* 1681 * If the symbol is greater than the specified address, or if it 1682 * is further away from addr than the current nearest symbol, 1683 * then reject it. 1684 / 1685* symbol_addr = obj->relocbase + def->st_value; 1686 if (symbol_addr > addr \|\| symbol_addr < info->dli_saddr) 1687 continue; 1688 1689 /* Update our idea of the nearest symbol. / 1690* info->dli_sname = obj->strtab + def->st_name; 1691 info->dli_saddr = symbol_addr; 1692 1693 /* Exact match? / 1694* if (info->dli_saddr == addr) 1695 break; 1696 } 1697 rlock_release(); 1698 return 1; 1699} 1700 1701static void 1702linkmap_add(Obj_Entry obj) 1703{ 1704* struct link_map l = &obj->linkmap; 1705* struct link_map prev; 1706* 1707 obj->linkmap.l_name = obj->path; 1708 obj->linkmap.l_addr = obj->mapbase; 1709 obj->linkmap.l_ld = obj->dynamic; 1710#ifdef __mips__ 1711 /* GDB needs load offset on MIPS to use the symbols / 1712* obj->linkmap.l_offs = obj->relocbase; 1713#endif 1714 1715 if (r_debug.r_map == NULL) { 1716 r_debug.r_map = l; 1717 return; 1718 } 1719 1720 /* 1721 * Scan to the end of the list, but not past the entry for the 1722 * dynamic linker, which we want to keep at the very end. 1723 / 1724* for (prev = r_debug.r_map; 1725 prev->l_next != NULL && prev->l_next != &obj_rtld.linkmap; 1726 prev = prev->l_next) 1727 ; 1728 1729 /* Link in the new entry. / 1730* l->l_prev = prev; 1731 l->l_next = prev->l_next; 1732 if (l->l_next != NULL) 1733 l->l_next->l_prev = l; 1734 prev->l_next = l; 1735} 1736 1737static void 1738linkmap_delete(Obj_Entry obj) 1739{ 1740* struct link_map l = &obj->linkmap; 1741* 1742 if (l->l_prev == NULL) { 1743 if ((r_debug.r_map = l->l_next) != NULL) 1744 l->l_next->l_prev = NULL; 1745 return; 1746 } 1747 1748 if ((l->l_prev->l_next = l->l_next) != NULL) 1749 l->l_next->l_prev = l->l_prev; 1750} 1751 1752/* 1753 * Function for the debugger to set a breakpoint on to gain control. 1754 * 1755 * The two parameters allow the debugger to easily find and determine 1756 * what the runtime loader is doing and to whom it is doing it. 1757 * 1758 * When the loadhook trap is hit (r_debug_state, set at program 1759 * initialization), the arguments can be found on the stack: 1760 * 1761 * +8 struct link_map m 1762* * +4 struct r_debug rd 1763* * +0 RetAddr 1764 / 1765void 1766r_debug_state(struct r_debug rd, struct link_map m) 1767{ 1768} 1769* 1770/* 1771 * Set a pointer variable in the main program to the given value. This 1772 * is used to set key variables such as "environ" before any of the 1773 * init functions are called. 1774 / 1775static void 1776set_program_var(const char name, const void value) 1777{ 1778* const Obj_Entry obj; 1779* unsigned long hash; 1780 1781 hash = elf_hash(name); 1782 for (obj = obj_main; obj != NULL; obj = obj->next) { 1783 const Elf_Sym def; 1784* 1785 if ((def = symlook_obj(name, hash, obj, false)) != NULL) { 1786 const void *addr; 1787* 1788 addr = (const void *)(obj->relocbase + def->st_value); 1789* dbg("\"%s\": %p <-- %p", name, addr, value); 1790* addr = value; 1791* break; 1792 } 1793 } 1794} 1795 1796/* 1797 * Given a symbol name in a referencing object, find the corresponding 1798 * definition of the symbol. Returns a pointer to the symbol, or NULL if 1799 * no definition was found. Returns a pointer to the Obj_Entry of the 1800 * defining object via the reference parameter DEFOBJ_OUT. 1801 / 1802static const Elf_Sym 1803symlook_default(const char name, unsigned long hash, 1804* const Obj_Entry refobj, const Obj_Entry defobj_out, bool in_plt) 1805{ 1806* DoneList donelist; 1807 const Elf_Sym def; 1808* const Elf_Sym symp; 1809* const Obj_Entry obj; 1810* const Obj_Entry defobj; 1811* const Objlist_Entry elm; 1812* def = NULL; 1813 defobj = NULL; 1814 donelist_init(&donelist); 1815 1816 /* Look first in the referencing object if linked symbolically. / 1817* if (refobj->symbolic && !donelist_check(&donelist, refobj)) { 1818 symp = symlook_obj(name, hash, refobj, in_plt); 1819 if (symp != NULL) { 1820 def = symp; 1821 defobj = refobj; 1822 } 1823 } 1824 1825 /* Search all objects loaded at program start up. / 1826* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1827 symp = symlook_list(name, hash, &list_main, &obj, in_plt, &donelist); 1828 if (symp != NULL && 1829 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1830 def = symp; 1831 defobj = obj; 1832 } 1833 } 1834 1835 /* Search all dlopened DAGs containing the referencing object. / 1836* STAILQ_FOREACH(elm, &refobj->dldags, link) { 1837 if (def != NULL && ELF_ST_BIND(def->st_info) != STB_WEAK) 1838 break; 1839 symp = symlook_list(name, hash, &elm->obj->dagmembers, &obj, in_plt, 1840 &donelist); 1841 if (symp != NULL && 1842 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1843 def = symp; 1844 defobj = obj; 1845 } 1846 } 1847 1848 /* Search all RTLD_GLOBAL objects. / 1849* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1850 symp = symlook_list(name, hash, &list_global, &obj, in_plt, &donelist); 1851 if (symp != NULL && 1852 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1853 def = symp; 1854 defobj = obj; 1855 } 1856 } 1857 1858 /* 1859 * Search the dynamic linker itself, and possibly resolve the 1860 * symbol from there. This is how the application links to 1861 * dynamic linker services such as dlopen. Only the values listed 1862 * in the "exports" array can be resolved from the dynamic linker. 1863 / 1864* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1865 symp = symlook_obj(name, hash, &obj_rtld, in_plt); 1866 if (symp != NULL && is_exported(symp)) { 1867 def = symp; 1868 defobj = &obj_rtld; 1869 } 1870 } 1871 1872 if (def != NULL) 1873 defobj_out = defobj; 1874* return def; 1875} 1876 1877static const Elf_Sym * 1878symlook_list(const char name, unsigned long hash, Objlist objlist, 1879 const Obj_Entry *defobj_out, bool in_plt, DoneList dlp) 1880{ 1881 const Elf_Sym symp; 1882* const Elf_Sym def; 1883* const Obj_Entry defobj; 1884* const Objlist_Entry elm; 1885* 1886 def = NULL; 1887 defobj = NULL; 1888 STAILQ_FOREACH(elm, objlist, link) { 1889 if (donelist_check(dlp, elm->obj)) 1890 continue; 1891 if ((symp = symlook_obj(name, hash, elm->obj, in_plt)) != NULL) { 1892 if (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK) { 1893 def = symp; 1894 defobj = elm->obj; 1895 if (ELF_ST_BIND(def->st_info) != STB_WEAK) 1896 break; 1897 } 1898 } 1899 } 1900 if (def != NULL) 1901 defobj_out = defobj; 1902* return def; 1903} 1904 1905/* 1906 * Search the symbol table of a single shared object for a symbol of 1907 * the given name. Returns a pointer to the symbol, or NULL if no 1908 * definition was found. 1909 * 1910 * The symbol's hash value is passed in for efficiency reasons; that 1911 * eliminates many recomputations of the hash value. 1912 / 1913const Elf_Sym 1914symlook_obj(const char name, unsigned long hash, const Obj_Entry obj, 1915 bool in_plt) 1916{ 1917 if (obj->buckets != NULL) { 1918 unsigned long symnum = obj->buckets[hash % obj->nbuckets]; 1919 1920 while (symnum != STN_UNDEF) { 1921 const Elf_Sym symp; 1922* const char strp; 1923* 1924 if (symnum >= obj->nchains) 1925 return NULL; /* Bad object / 1926* symp = obj->symtab + symnum; 1927 strp = obj->strtab + symp->st_name; 1928	867 _rtld_error("%s: Undefined symbol \"%s\"", refobj->path, name); 868 return def; 869} 870 871/* 872 * Return the search path from the ldconfig hints file, reading it if 873 * necessary. Returns NULL if there are problems with the hints file, 874 * or if the search path there is empty. 875 / 876static const char 877gethints(void) 878{ 879 static char hints; 880* 881 if (hints == NULL) { 882 int fd; 883 struct elfhints_hdr hdr; 884 char p; 885* 886 /* Keep from trying again in case the hints file is bad. / 887* hints = ""; 888 889 if ((fd = open(_PATH_ELF_HINTS, O_RDONLY)) == -1) 890 return NULL; 891 if (read(fd, &hdr, sizeof hdr) != sizeof hdr \|\| 892 hdr.magic != ELFHINTS_MAGIC \|\| 893 hdr.version != 1) { 894 close(fd); 895 return NULL; 896 } 897 p = xmalloc(hdr.dirlistlen + 1); 898 if (lseek(fd, hdr.strtab + hdr.dirlist, SEEK_SET) == -1 \|\| 899 read(fd, p, hdr.dirlistlen + 1) != hdr.dirlistlen + 1) { 900 free(p); 901 close(fd); 902 return NULL; 903 } 904 hints = p; 905 close(fd); 906 } 907 return hints[0] != '\0' ? hints : NULL; 908} 909 910static void 911init_dag(Obj_Entry root) 912{ 913* DoneList donelist; 914 915 donelist_init(&donelist); 916 init_dag1(root, root, &donelist); 917} 918 919static void 920init_dag1(Obj_Entry root, Obj_Entry obj, DoneList dlp) 921{ 922* const Needed_Entry needed; 923* 924 if (donelist_check(dlp, obj)) 925 return; 926 objlist_push_tail(&obj->dldags, root); 927 objlist_push_tail(&root->dagmembers, obj); 928 for (needed = obj->needed; needed != NULL; needed = needed->next) 929 if (needed->obj != NULL) 930 init_dag1(root, needed->obj, dlp); 931} 932 933/* 934 * Initialize the dynamic linker. The argument is the address at which 935 * the dynamic linker has been mapped into memory. The primary task of 936 * this function is to relocate the dynamic linker. 937 / 938static void 939init_rtld(caddr_t mapbase) 940{ 941* /* 942 * Conjure up an Obj_Entry structure for the dynamic linker. 943 * 944 * The "path" member is supposed to be dynamically-allocated, but we 945 * aren't yet initialized sufficiently to do that. Below we will 946 * replace the static version with a dynamically-allocated copy. 947 / 948* obj_rtld.path = PATH_RTLD; 949 obj_rtld.rtld = true; 950 obj_rtld.mapbase = mapbase; 951#ifdef PIC 952 obj_rtld.relocbase = mapbase; 953#endif 954 if (&_DYNAMIC != 0) { 955 obj_rtld.dynamic = rtld_dynamic(&obj_rtld); 956 digest_dynamic(&obj_rtld); 957 assert(obj_rtld.needed == NULL); 958 assert(!obj_rtld.textrel); 959 960 /* 961 * Temporarily put the dynamic linker entry into the object list, so 962 * that symbols can be found. 963 / 964* obj_list = &obj_rtld; 965 obj_tail = &obj_rtld.next; 966 obj_count = 1; 967 968 relocate_objects(&obj_rtld, true); 969 } 970 971 /* Make the object list empty again. / 972* obj_list = NULL; 973 obj_tail = &obj_list; 974 obj_count = 0; 975 976 /* Replace the path with a dynamically allocated copy. / 977* obj_rtld.path = xstrdup(obj_rtld.path); 978 979 r_debug.r_brk = r_debug_state; 980 r_debug.r_state = RT_CONSISTENT; 981} 982 983/* 984 * Add the init functions from a needed object list (and its recursive 985 * needed objects) to "list". This is not used directly; it is a helper 986 * function for initlist_add_objects(). The write lock must be held 987 * when this function is called. 988 / 989static void 990initlist_add_neededs(Needed_Entry needed, Objlist list) 991{ 992* /* Recursively process the successor needed objects. / 993* if (needed->next != NULL) 994 initlist_add_neededs(needed->next, list); 995 996 /* Process the current needed object. / 997* if (needed->obj != NULL) 998 initlist_add_objects(needed->obj, &needed->obj->next, list); 999} 1000 1001/* 1002 * Scan all of the DAGs rooted in the range of objects from "obj" to 1003 * "tail" and add their init functions to "list". This recurses over 1004 * the DAGs and ensure the proper init ordering such that each object's 1005 * needed libraries are initialized before the object itself. At the 1006 * same time, this function adds the objects to the global finalization 1007 * list "list_fini" in the opposite order. The write lock must be 1008 * held when this function is called. 1009 / 1010static void 1011initlist_add_objects(Obj_Entry obj, Obj_Entry *tail, Objlist list) 1012{ 1013 if (obj->init_done) 1014 return; 1015 obj->init_done = true; 1016 1017 /* Recursively process the successor objects. / 1018* if (&obj->next != tail) 1019 initlist_add_objects(obj->next, tail, list); 1020 1021 /* Recursively process the needed objects. / 1022* if (obj->needed != NULL) 1023 initlist_add_neededs(obj->needed, list); 1024 1025 /* Add the object to the init list. / 1026* if (obj->init != NULL) 1027 objlist_push_tail(list, obj); 1028 1029 /* Add the object to the global fini list in the reverse order. / 1030* if (obj->fini != NULL) 1031 objlist_push_head(&list_fini, obj); 1032} 1033 1034static bool 1035is_exported(const Elf_Sym def) 1036{ 1037* func_ptr_type value; 1038 const func_ptr_type p; 1039* 1040 value = (func_ptr_type)(obj_rtld.relocbase + def->st_value); 1041 for (p = exports; p != NULL; p++) 1042* if (p == value) 1043* return true; 1044 return false; 1045} 1046 1047/* 1048 * Given a shared object, traverse its list of needed objects, and load 1049 * each of them. Returns 0 on success. Generates an error message and 1050 * returns -1 on failure. 1051 / 1052static int 1053load_needed_objects(Obj_Entry first) 1054{ 1055 Obj_Entry obj; 1056* 1057 for (obj = first; obj != NULL; obj = obj->next) { 1058 Needed_Entry needed; 1059* 1060 for (needed = obj->needed; needed != NULL; needed = needed->next) { 1061 const char name = obj->strtab + needed->name; 1062* char path = find_library(name, obj); 1063* 1064 needed->obj = NULL; 1065 if (path == NULL && !ld_tracing) 1066 return -1; 1067 1068 if (path) { 1069 needed->obj = load_object(path); 1070 if (needed->obj == NULL && !ld_tracing) 1071 return -1; /* XXX - cleanup / 1072* } 1073 } 1074 } 1075 1076 return 0; 1077} 1078 1079static int 1080load_preload_objects(void) 1081{ 1082 char p = ld_preload; 1083* static const char delim[] = " \t:;"; 1084 1085 if (p == NULL) 1086 return NULL; 1087 1088 p += strspn(p, delim); 1089 while (p != '\0') { 1090* size_t len = strcspn(p, delim); 1091 char path; 1092* char savech; 1093 1094 savech = p[len]; 1095 p[len] = '\0'; 1096 if ((path = find_library(p, NULL)) == NULL) 1097 return -1; 1098 if (load_object(path) == NULL) 1099 return -1; /* XXX - cleanup / 1100* p[len] = savech; 1101 p += len; 1102 p += strspn(p, delim); 1103 } 1104 return 0; 1105} 1106 1107/* 1108 * Load a shared object into memory, if it is not already loaded. The 1109 * argument must be a string allocated on the heap. This function assumes 1110 * responsibility for freeing it when necessary. 1111 * 1112 * Returns a pointer to the Obj_Entry for the object. Returns NULL 1113 * on failure. 1114 / 1115static Obj_Entry 1116load_object(char path) 1117{ 1118* Obj_Entry obj; 1119* int fd = -1; 1120 struct stat sb; 1121 1122 for (obj = obj_list->next; obj != NULL; obj = obj->next) 1123 if (strcmp(obj->path, path) == 0) 1124 break; 1125 1126 /* 1127 * If we didn't find a match by pathname, open the file and check 1128 * again by device and inode. This avoids false mismatches caused 1129 * by multiple links or ".." in pathnames. 1130 * 1131 * To avoid a race, we open the file and use fstat() rather than 1132 * using stat(). 1133 / 1134* if (obj == NULL) { 1135 if ((fd = open(path, O_RDONLY)) == -1) { 1136 _rtld_error("Cannot open \"%s\"", path); 1137 return NULL; 1138 } 1139 if (fstat(fd, &sb) == -1) { 1140 _rtld_error("Cannot fstat \"%s\"", path); 1141 close(fd); 1142 return NULL; 1143 } 1144 for (obj = obj_list->next; obj != NULL; obj = obj->next) { 1145 if (obj->ino == sb.st_ino && obj->dev == sb.st_dev) { 1146 close(fd); 1147 break; 1148 } 1149 } 1150 } 1151 1152 if (obj == NULL) { /* First use of this object, so we must map it in / 1153* dbg("loading \"%s\"", path); 1154 obj = map_object(fd, path, &sb); 1155 close(fd); 1156 if (obj == NULL) { 1157 free(path); 1158 return NULL; 1159 } 1160 1161 obj->path = path; 1162 digest_dynamic(obj); 1163 1164 obj_tail = obj; 1165* obj_tail = &obj->next; 1166 obj_count++; 1167 linkmap_add(obj); /* for GDB / 1168* 1169 dbg(" %p .. %p: %s", obj->mapbase, 1170 obj->mapbase + obj->mapsize - 1, obj->path); 1171 if (obj->textrel) 1172 dbg(" WARNING: %s has impure text", obj->path); 1173 } else 1174 free(path); 1175 1176 obj->refcount++; 1177 return obj; 1178} 1179 1180/* 1181 * Check for locking violations and die if one is found. 1182 / 1183static void 1184lock_check(void) 1185{ 1186* int rcount, wcount; 1187 1188 rcount = lockinfo.rcount; 1189 wcount = lockinfo.wcount; 1190 assert(rcount >= 0); 1191 assert(wcount >= 0); 1192 if (wcount > 1 \|\| (wcount != 0 && rcount != 0)) { 1193 _rtld_error("Application locking error: %d readers and %d writers" 1194 " in dynamic linker. See DLLOCKINIT(3) in manual pages.", 1195 rcount, wcount); 1196 die(); 1197 } 1198} 1199 1200static Obj_Entry * 1201obj_from_addr(const void addr) 1202{ 1203* unsigned long endhash; 1204 Obj_Entry obj; 1205* 1206 endhash = elf_hash(END_SYM); 1207 for (obj = obj_list; obj != NULL; obj = obj->next) { 1208 const Elf_Sym endsym; 1209* 1210 if (addr < (void ) obj->mapbase) 1211* continue; 1212 if ((endsym = symlook_obj(END_SYM, endhash, obj, true)) == NULL) 1213 continue; /* No "end" symbol?! / 1214* if (addr < (void ) (obj->relocbase + endsym->st_value)) 1215* return obj; 1216 } 1217 return NULL; 1218} 1219 1220/* 1221 * Call the finalization functions for each of the objects in "list" 1222 * which are unreferenced. All of the objects are expected to have 1223 * non-NULL fini functions. 1224 / 1225static void 1226objlist_call_fini(Objlist list) 1227{ 1228 Objlist_Entry elm; 1229* char saved_msg; 1230* 1231 /* 1232 * Preserve the current error message since a fini function might 1233 * call into the dynamic linker and overwrite it. 1234 / 1235* saved_msg = errmsg_save(); 1236 STAILQ_FOREACH(elm, list, link) { 1237 if (elm->obj->refcount == 0) { 1238 dbg("calling fini function for %s", elm->obj->path); 1239 (elm->obj->fini)(); 1240* } 1241 } 1242 errmsg_restore(saved_msg); 1243} 1244 1245/* 1246 * Call the initialization functions for each of the objects in 1247 * "list". All of the objects are expected to have non-NULL init 1248 * functions. 1249 / 1250static void 1251objlist_call_init(Objlist list) 1252{ 1253 Objlist_Entry elm; 1254* char saved_msg; 1255* 1256 /* 1257 * Preserve the current error message since an init function might 1258 * call into the dynamic linker and overwrite it. 1259 / 1260* saved_msg = errmsg_save(); 1261 STAILQ_FOREACH(elm, list, link) { 1262 dbg("calling init function for %s", elm->obj->path); 1263 (elm->obj->init)(); 1264* } 1265 errmsg_restore(saved_msg); 1266} 1267 1268static void 1269objlist_clear(Objlist list) 1270{ 1271* Objlist_Entry elm; 1272* 1273 while (!STAILQ_EMPTY(list)) { 1274 elm = STAILQ_FIRST(list); 1275 STAILQ_REMOVE_HEAD(list, link); 1276 free(elm); 1277 } 1278} 1279 1280static Objlist_Entry * 1281objlist_find(Objlist list, const Obj_Entry obj) 1282{ 1283 Objlist_Entry elm; 1284* 1285 STAILQ_FOREACH(elm, list, link) 1286 if (elm->obj == obj) 1287 return elm; 1288 return NULL; 1289} 1290 1291static void 1292objlist_init(Objlist list) 1293{ 1294* STAILQ_INIT(list); 1295} 1296 1297static void 1298objlist_push_head(Objlist list, Obj_Entry obj) 1299{ 1300 Objlist_Entry elm; 1301* 1302 elm = NEW(Objlist_Entry); 1303 elm->obj = obj; 1304 STAILQ_INSERT_HEAD(list, elm, link); 1305} 1306 1307static void 1308objlist_push_tail(Objlist list, Obj_Entry obj) 1309{ 1310 Objlist_Entry elm; 1311* 1312 elm = NEW(Objlist_Entry); 1313 elm->obj = obj; 1314 STAILQ_INSERT_TAIL(list, elm, link); 1315} 1316 1317static void 1318objlist_remove(Objlist list, Obj_Entry obj) 1319{ 1320 Objlist_Entry elm; 1321* 1322 if ((elm = objlist_find(list, obj)) != NULL) { 1323 STAILQ_REMOVE(list, elm, Struct_Objlist_Entry, link); 1324 free(elm); 1325 } 1326} 1327 1328/* 1329 * Remove all of the unreferenced objects from "list". 1330 / 1331static void 1332objlist_remove_unref(Objlist list) 1333{ 1334 Objlist newlist; 1335 Objlist_Entry elm; 1336* 1337 STAILQ_INIT(&newlist); 1338 while (!STAILQ_EMPTY(list)) { 1339 elm = STAILQ_FIRST(list); 1340 STAILQ_REMOVE_HEAD(list, link); 1341 if (elm->obj->refcount == 0) 1342 free(elm); 1343 else 1344 STAILQ_INSERT_TAIL(&newlist, elm, link); 1345 } 1346 list = newlist; 1347} 1348* 1349/* 1350 * Relocate newly-loaded shared objects. The argument is a pointer to 1351 * the Obj_Entry for the first such object. All objects from the first 1352 * to the end of the list of objects are relocated. Returns 0 on success, 1353 * or -1 on failure. 1354 / 1355static int 1356relocate_objects(Obj_Entry first, bool bind_now) 1357{ 1358 Obj_Entry obj; 1359* 1360 for (obj = first; obj != NULL; obj = obj->next) { 1361 if (obj != &obj_rtld) 1362 dbg("relocating \"%s\"", obj->path); 1363 if (obj->nbuckets == 0 \|\| obj->nchains == 0 \|\| obj->buckets == NULL \|\| 1364 obj->symtab == NULL \|\| obj->strtab == NULL) { 1365 _rtld_error("%s: Shared object has no run-time symbol table", 1366 obj->path); 1367 return -1; 1368 } 1369 1370 if (obj->textrel) { 1371 /* There are relocations to the write-protected text segment. / 1372* if (mprotect(obj->mapbase, obj->textsize, 1373 PROT_READ\|PROT_WRITE\|PROT_EXEC) == -1) { 1374 _rtld_error("%s: Cannot write-enable text segment: %s", 1375 obj->path, strerror(errno)); 1376 return -1; 1377 } 1378 } 1379 1380 /* Process the non-PLT relocations. / 1381* if (reloc_non_plt(obj, &obj_rtld)) 1382 return -1; 1383 1384 if (obj->textrel) { /* Re-protected the text segment. / 1385* if (mprotect(obj->mapbase, obj->textsize, 1386 PROT_READ\|PROT_EXEC) == -1) { 1387 _rtld_error("%s: Cannot write-protect text segment: %s", 1388 obj->path, strerror(errno)); 1389 return -1; 1390 } 1391 } 1392 1393 /* Process the PLT relocations. / 1394* if (reloc_plt(obj) == -1) 1395 return -1; 1396 /* Relocate the jump slots if we are doing immediate binding. / 1397* if (bind_now) 1398 if (reloc_jmpslots(obj) == -1) 1399 return -1; 1400 1401 1402 /* 1403 * Set up the magic number and version in the Obj_Entry. These 1404 * were checked in the crt1.o from the original ElfKit, so we 1405 * set them for backward compatibility. 1406 / 1407* obj->magic = RTLD_MAGIC; 1408 obj->version = RTLD_VERSION; 1409 1410 /* Set the special PLT or GOT entries. / 1411* init_pltgot(obj); 1412 } 1413 1414 return 0; 1415} 1416 1417/* 1418 * Cleanup procedure. It will be called (by the atexit mechanism) just 1419 * before the process exits. 1420 / 1421static void 1422rtld_exit(void) 1423{ 1424* Obj_Entry obj; 1425* 1426 dbg("rtld_exit()"); 1427 wlock_acquire(); 1428 /* Clear all the reference counts so the fini functions will be called. / 1429* for (obj = obj_list; obj != NULL; obj = obj->next) 1430 obj->refcount = 0; 1431 wlock_release(); 1432 objlist_call_fini(&list_fini); 1433 /* No need to remove the items from the list, since we are exiting. / 1434} 1435* 1436static char * 1437search_library_path(const char name, const char path) 1438{ 1439 size_t namelen = strlen(name); 1440 const char p = path; 1441* 1442 if (p == NULL) 1443 return NULL; 1444 1445 p += strspn(p, ":;"); 1446 while (p != '\0') { 1447* size_t len = strcspn(p, ":;"); 1448 1449 if (p == '/' \|\| trust) { 1450* char pathname; 1451* const char dir = p; 1452* size_t dirlen = len; 1453 1454 pathname = xmalloc(dirlen + 1 + namelen + 1); 1455 strncpy(pathname, dir, dirlen); 1456 pathname[dirlen] = '/'; 1457 strcpy(pathname + dirlen + 1, name); 1458 1459 dbg(" Trying \"%s\"", pathname); 1460 if (access(pathname, F_OK) == 0) /* We found it / 1461* return pathname; 1462 1463 free(pathname); 1464 } 1465 p += len; 1466 p += strspn(p, ":;"); 1467 } 1468 1469 return NULL; 1470} 1471 1472int 1473dlclose(void handle) 1474{ 1475* Obj_Entry root; 1476* 1477 wlock_acquire(); 1478 root = dlcheck(handle); 1479 if (root == NULL) { 1480 wlock_release(); 1481 return -1; 1482 } 1483 1484 /* Unreference the object and its dependencies. / 1485* root->dl_refcount--; 1486 unref_dag(root); 1487 1488 if (root->refcount == 0) { 1489 /* 1490 * The object is no longer referenced, so we must unload it. 1491 * First, call the fini functions with no locks held. 1492 / 1493* wlock_release(); 1494 objlist_call_fini(&list_fini); 1495 wlock_acquire(); 1496 objlist_remove_unref(&list_fini); 1497 1498 /* Finish cleaning up the newly-unreferenced objects. / 1499* GDB_STATE(RT_DELETE,&root->linkmap); 1500 unload_object(root); 1501 GDB_STATE(RT_CONSISTENT,NULL); 1502 } 1503 wlock_release(); 1504 return 0; 1505} 1506 1507const char * 1508dlerror(void) 1509{ 1510 char msg = error_message; 1511* error_message = NULL; 1512 return msg; 1513} 1514 1515/* 1516 * This function is deprecated and has no effect. 1517 / 1518void 1519dllockinit(void context, 1520 void (lock_create)(void context), 1521* void (rlock_acquire)(void lock), 1522 void (wlock_acquire)(void lock), 1523 void (lock_release)(void lock), 1524 void (lock_destroy)(void lock), 1525 void (context_destroy)(void context)) 1526{ 1527 static void cur_context; 1528* static void (cur_context_destroy)(void ); 1529 1530 /* Just destroy the context from the previous call, if necessary. / 1531* if (cur_context_destroy != NULL) 1532 cur_context_destroy(cur_context); 1533 cur_context = context; 1534 cur_context_destroy = context_destroy; 1535} 1536 1537void * 1538dlopen(const char name, int mode) 1539{ 1540* Obj_Entry *old_obj_tail; 1541* Obj_Entry obj; 1542* Objlist initlist; 1543 1544 objlist_init(&initlist); 1545 1546 wlock_acquire(); 1547 GDB_STATE(RT_ADD,NULL); 1548 1549 old_obj_tail = obj_tail; 1550 obj = NULL; 1551 if (name == NULL) { 1552 obj = obj_main; 1553 obj->refcount++; 1554 } else { 1555 char path = find_library(name, obj_main); 1556* if (path != NULL) 1557 obj = load_object(path); 1558 } 1559 1560 if (obj) { 1561 obj->dl_refcount++; 1562 if (mode & RTLD_GLOBAL && objlist_find(&list_global, obj) == NULL) 1563 objlist_push_tail(&list_global, obj); 1564 mode &= RTLD_MODEMASK; 1565 if (old_obj_tail != NULL) { / We loaded something new. / 1566* assert(old_obj_tail == obj); 1567* 1568 if (load_needed_objects(obj) == -1 \|\| 1569 (init_dag(obj), relocate_objects(obj, mode == RTLD_NOW)) == -1) { 1570 obj->dl_refcount--; 1571 unref_dag(obj); 1572 if (obj->refcount == 0) 1573 unload_object(obj); 1574 obj = NULL; 1575 } else { 1576 /* Make list of init functions to call. / 1577* initlist_add_objects(obj, &obj->next, &initlist); 1578 } 1579 } 1580 } 1581 1582 GDB_STATE(RT_CONSISTENT,obj ? &obj->linkmap : NULL); 1583 1584 /* Call the init functions with no locks held. / 1585* wlock_release(); 1586 objlist_call_init(&initlist); 1587 wlock_acquire(); 1588 objlist_clear(&initlist); 1589 wlock_release(); 1590 return obj; 1591} 1592 1593void * 1594dlsym(void handle, const char name) 1595{ 1596 const Obj_Entry obj; 1597* unsigned long hash; 1598 const Elf_Sym def; 1599* const Obj_Entry defobj; 1600* 1601 hash = elf_hash(name); 1602 def = NULL; 1603 defobj = NULL; 1604 1605 rlock_acquire(); 1606 if (handle == NULL \|\| handle == RTLD_NEXT \|\| handle == RTLD_DEFAULT) { 1607 void retaddr; 1608* 1609 retaddr = __builtin_return_address(0); /* __GNUC__ only / 1610* if ((obj = obj_from_addr(retaddr)) == NULL) { 1611 _rtld_error("Cannot determine caller's shared object"); 1612 rlock_release(); 1613 return NULL; 1614 } 1615 if (handle == NULL) { /* Just the caller's shared object. / 1616* def = symlook_obj(name, hash, obj, true); 1617 defobj = obj; 1618 } else if (handle == RTLD_NEXT) { /* Objects after caller's / 1619* while ((obj = obj->next) != NULL) { 1620 if ((def = symlook_obj(name, hash, obj, true)) != NULL) { 1621 defobj = obj; 1622 break; 1623 } 1624 } 1625 } else { 1626 assert(handle == RTLD_DEFAULT); 1627 def = symlook_default(name, hash, obj, &defobj, true); 1628 } 1629 } else { 1630 if ((obj = dlcheck(handle)) == NULL) { 1631 rlock_release(); 1632 return NULL; 1633 } 1634 1635 if (obj->mainprog) { 1636 DoneList donelist; 1637 1638 /* Search main program and all libraries loaded by it. / 1639* donelist_init(&donelist); 1640 def = symlook_list(name, hash, &list_main, &defobj, true, 1641 &donelist); 1642 } else { 1643 /* 1644 * XXX - This isn't correct. The search should include the whole 1645 * DAG rooted at the given object. 1646 / 1647* def = symlook_obj(name, hash, obj, true); 1648 defobj = obj; 1649 } 1650 } 1651 1652 if (def != NULL) { 1653 rlock_release(); 1654 return defobj->relocbase + def->st_value; 1655 } 1656 1657 _rtld_error("Undefined symbol \"%s\"", name); 1658 rlock_release(); 1659 return NULL; 1660} 1661 1662int 1663dladdr(const void addr, Dl_info info) 1664{ 1665 const Obj_Entry obj; 1666* const Elf_Sym def; 1667* void symbol_addr; 1668* unsigned long symoffset; 1669 1670 rlock_acquire(); 1671 obj = obj_from_addr(addr); 1672 if (obj == NULL) { 1673 _rtld_error("No shared object contains address"); 1674 rlock_release(); 1675 return 0; 1676 } 1677 info->dli_fname = obj->path; 1678 info->dli_fbase = obj->mapbase; 1679 info->dli_saddr = (void )0; 1680* info->dli_sname = NULL; 1681 1682 /* 1683 * Walk the symbol list looking for the symbol whose address is 1684 * closest to the address sent in. 1685 / 1686* for (symoffset = 0; symoffset < obj->nchains; symoffset++) { 1687 def = obj->symtab + symoffset; 1688 1689 /* 1690 * For skip the symbol if st_shndx is either SHN_UNDEF or 1691 * SHN_COMMON. 1692 / 1693* if (def->st_shndx == SHN_UNDEF \|\| def->st_shndx == SHN_COMMON) 1694 continue; 1695 1696 /* 1697 * If the symbol is greater than the specified address, or if it 1698 * is further away from addr than the current nearest symbol, 1699 * then reject it. 1700 / 1701* symbol_addr = obj->relocbase + def->st_value; 1702 if (symbol_addr > addr \|\| symbol_addr < info->dli_saddr) 1703 continue; 1704 1705 /* Update our idea of the nearest symbol. / 1706* info->dli_sname = obj->strtab + def->st_name; 1707 info->dli_saddr = symbol_addr; 1708 1709 /* Exact match? / 1710* if (info->dli_saddr == addr) 1711 break; 1712 } 1713 rlock_release(); 1714 return 1; 1715} 1716 1717static void 1718linkmap_add(Obj_Entry obj) 1719{ 1720* struct link_map l = &obj->linkmap; 1721* struct link_map prev; 1722* 1723 obj->linkmap.l_name = obj->path; 1724 obj->linkmap.l_addr = obj->mapbase; 1725 obj->linkmap.l_ld = obj->dynamic; 1726#ifdef __mips__ 1727 /* GDB needs load offset on MIPS to use the symbols / 1728* obj->linkmap.l_offs = obj->relocbase; 1729#endif 1730 1731 if (r_debug.r_map == NULL) { 1732 r_debug.r_map = l; 1733 return; 1734 } 1735 1736 /* 1737 * Scan to the end of the list, but not past the entry for the 1738 * dynamic linker, which we want to keep at the very end. 1739 / 1740* for (prev = r_debug.r_map; 1741 prev->l_next != NULL && prev->l_next != &obj_rtld.linkmap; 1742 prev = prev->l_next) 1743 ; 1744 1745 /* Link in the new entry. / 1746* l->l_prev = prev; 1747 l->l_next = prev->l_next; 1748 if (l->l_next != NULL) 1749 l->l_next->l_prev = l; 1750 prev->l_next = l; 1751} 1752 1753static void 1754linkmap_delete(Obj_Entry obj) 1755{ 1756* struct link_map l = &obj->linkmap; 1757* 1758 if (l->l_prev == NULL) { 1759 if ((r_debug.r_map = l->l_next) != NULL) 1760 l->l_next->l_prev = NULL; 1761 return; 1762 } 1763 1764 if ((l->l_prev->l_next = l->l_next) != NULL) 1765 l->l_next->l_prev = l->l_prev; 1766} 1767 1768/* 1769 * Function for the debugger to set a breakpoint on to gain control. 1770 * 1771 * The two parameters allow the debugger to easily find and determine 1772 * what the runtime loader is doing and to whom it is doing it. 1773 * 1774 * When the loadhook trap is hit (r_debug_state, set at program 1775 * initialization), the arguments can be found on the stack: 1776 * 1777 * +8 struct link_map m 1778* * +4 struct r_debug rd 1779* * +0 RetAddr 1780 / 1781void 1782r_debug_state(struct r_debug rd, struct link_map m) 1783{ 1784} 1785* 1786/* 1787 * Set a pointer variable in the main program to the given value. This 1788 * is used to set key variables such as "environ" before any of the 1789 * init functions are called. 1790 / 1791static void 1792set_program_var(const char name, const void value) 1793{ 1794* const Obj_Entry obj; 1795* unsigned long hash; 1796 1797 hash = elf_hash(name); 1798 for (obj = obj_main; obj != NULL; obj = obj->next) { 1799 const Elf_Sym def; 1800* 1801 if ((def = symlook_obj(name, hash, obj, false)) != NULL) { 1802 const void *addr; 1803* 1804 addr = (const void *)(obj->relocbase + def->st_value); 1805* dbg("\"%s\": %p <-- %p", name, addr, value); 1806* addr = value; 1807* break; 1808 } 1809 } 1810} 1811 1812/* 1813 * Given a symbol name in a referencing object, find the corresponding 1814 * definition of the symbol. Returns a pointer to the symbol, or NULL if 1815 * no definition was found. Returns a pointer to the Obj_Entry of the 1816 * defining object via the reference parameter DEFOBJ_OUT. 1817 / 1818static const Elf_Sym 1819symlook_default(const char name, unsigned long hash, 1820* const Obj_Entry refobj, const Obj_Entry defobj_out, bool in_plt) 1821{ 1822* DoneList donelist; 1823 const Elf_Sym def; 1824* const Elf_Sym symp; 1825* const Obj_Entry obj; 1826* const Obj_Entry defobj; 1827* const Objlist_Entry elm; 1828* def = NULL; 1829 defobj = NULL; 1830 donelist_init(&donelist); 1831 1832 /* Look first in the referencing object if linked symbolically. / 1833* if (refobj->symbolic && !donelist_check(&donelist, refobj)) { 1834 symp = symlook_obj(name, hash, refobj, in_plt); 1835 if (symp != NULL) { 1836 def = symp; 1837 defobj = refobj; 1838 } 1839 } 1840 1841 /* Search all objects loaded at program start up. / 1842* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1843 symp = symlook_list(name, hash, &list_main, &obj, in_plt, &donelist); 1844 if (symp != NULL && 1845 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1846 def = symp; 1847 defobj = obj; 1848 } 1849 } 1850 1851 /* Search all dlopened DAGs containing the referencing object. / 1852* STAILQ_FOREACH(elm, &refobj->dldags, link) { 1853 if (def != NULL && ELF_ST_BIND(def->st_info) != STB_WEAK) 1854 break; 1855 symp = symlook_list(name, hash, &elm->obj->dagmembers, &obj, in_plt, 1856 &donelist); 1857 if (symp != NULL && 1858 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1859 def = symp; 1860 defobj = obj; 1861 } 1862 } 1863 1864 /* Search all RTLD_GLOBAL objects. / 1865* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1866 symp = symlook_list(name, hash, &list_global, &obj, in_plt, &donelist); 1867 if (symp != NULL && 1868 (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 1869 def = symp; 1870 defobj = obj; 1871 } 1872 } 1873 1874 /* 1875 * Search the dynamic linker itself, and possibly resolve the 1876 * symbol from there. This is how the application links to 1877 * dynamic linker services such as dlopen. Only the values listed 1878 * in the "exports" array can be resolved from the dynamic linker. 1879 / 1880* if (def == NULL \|\| ELF_ST_BIND(def->st_info) == STB_WEAK) { 1881 symp = symlook_obj(name, hash, &obj_rtld, in_plt); 1882 if (symp != NULL && is_exported(symp)) { 1883 def = symp; 1884 defobj = &obj_rtld; 1885 } 1886 } 1887 1888 if (def != NULL) 1889 defobj_out = defobj; 1890* return def; 1891} 1892 1893static const Elf_Sym * 1894symlook_list(const char name, unsigned long hash, Objlist objlist, 1895 const Obj_Entry *defobj_out, bool in_plt, DoneList dlp) 1896{ 1897 const Elf_Sym symp; 1898* const Elf_Sym def; 1899* const Obj_Entry defobj; 1900* const Objlist_Entry elm; 1901* 1902 def = NULL; 1903 defobj = NULL; 1904 STAILQ_FOREACH(elm, objlist, link) { 1905 if (donelist_check(dlp, elm->obj)) 1906 continue; 1907 if ((symp = symlook_obj(name, hash, elm->obj, in_plt)) != NULL) { 1908 if (def == NULL \|\| ELF_ST_BIND(symp->st_info) != STB_WEAK) { 1909 def = symp; 1910 defobj = elm->obj; 1911 if (ELF_ST_BIND(def->st_info) != STB_WEAK) 1912 break; 1913 } 1914 } 1915 } 1916 if (def != NULL) 1917 defobj_out = defobj; 1918* return def; 1919} 1920 1921/* 1922 * Search the symbol table of a single shared object for a symbol of 1923 * the given name. Returns a pointer to the symbol, or NULL if no 1924 * definition was found. 1925 * 1926 * The symbol's hash value is passed in for efficiency reasons; that 1927 * eliminates many recomputations of the hash value. 1928 / 1929const Elf_Sym 1930symlook_obj(const char name, unsigned long hash, const Obj_Entry obj, 1931 bool in_plt) 1932{ 1933 if (obj->buckets != NULL) { 1934 unsigned long symnum = obj->buckets[hash % obj->nbuckets]; 1935 1936 while (symnum != STN_UNDEF) { 1937 const Elf_Sym symp; 1938* const char strp; 1939* 1940 if (symnum >= obj->nchains) 1941 return NULL; /* Bad object / 1942* symp = obj->symtab + symnum; 1943 strp = obj->strtab + symp->st_name; 1944
1929 if (strcmp(name, strp) == 0)	1945 if (name[0] == strp[0] && strcmp(name, strp) == 0)
1930 return symp->st_shndx != SHN_UNDEF \|\| 1931 (!in_plt && symp->st_value != 0 && 1932 ELF_ST_TYPE(symp->st_info) == STT_FUNC) ? symp : NULL; 1933 1934 symnum = obj->chains[symnum]; 1935 } 1936 } 1937 return NULL; 1938} 1939 1940static void 1941trace_loaded_objects(Obj_Entry obj) 1942{ 1943* char fmt1, fmt2, fmt, main_local; 1944 int c; 1945 1946 if ((main_local = getenv("LD_TRACE_LOADED_OBJECTS_PROGNAME")) == NULL) 1947 main_local = ""; 1948 1949 if ((fmt1 = getenv("LD_TRACE_LOADED_OBJECTS_FMT1")) == NULL) 1950 fmt1 = "\t%o => %p (%x)\n"; 1951 1952 if ((fmt2 = getenv("LD_TRACE_LOADED_OBJECTS_FMT2")) == NULL) 1953 fmt2 = "\t%o (%x)\n"; 1954 1955 for (; obj; obj = obj->next) { 1956 Needed_Entry needed; 1957* char name, path; 1958 bool is_lib; 1959 1960 for (needed = obj->needed; needed; needed = needed->next) { 1961 if (needed->obj != NULL) { 1962 if (needed->obj->traced) 1963 continue; 1964 needed->obj->traced = true; 1965 path = needed->obj->path; 1966 } else 1967 path = "not found"; 1968 1969 name = (char )obj->strtab + needed->name; 1970* is_lib = strncmp(name, "lib", 3) == 0; /* XXX - bogus / 1971* 1972 fmt = is_lib ? fmt1 : fmt2; 1973 while ((c = fmt++) != '\0') { 1974* switch (c) { 1975 default: 1976 putchar(c); 1977 continue; 1978 case '\\': 1979 switch (c = fmt) { 1980* case '\0': 1981 continue; 1982 case 'n': 1983 putchar('\n'); 1984 break; 1985 case 't': 1986 putchar('\t'); 1987 break; 1988 } 1989 break; 1990 case '%': 1991 switch (c = fmt) { 1992* case '\0': 1993 continue; 1994 case '%': 1995 default: 1996 putchar(c); 1997 break; 1998 case 'A': 1999 printf("%s", main_local); 2000 break; 2001 case 'a': 2002 printf("%s", obj_main->path); 2003 break; 2004 case 'o': 2005 printf("%s", name); 2006 break; 2007#if 0 2008 case 'm': 2009 printf("%d", sodp->sod_major); 2010 break; 2011 case 'n': 2012 printf("%d", sodp->sod_minor); 2013 break; 2014#endif 2015 case 'p': 2016 printf("%s", path); 2017 break; 2018 case 'x': 2019 printf("%p", needed->obj ? needed->obj->mapbase : 0); 2020 break; 2021 } 2022 break; 2023 } 2024 ++fmt; 2025 } 2026 } 2027 } 2028} 2029 2030/* 2031 * Unload a dlopened object and its dependencies from memory and from 2032 * our data structures. It is assumed that the DAG rooted in the 2033 * object has already been unreferenced, and that the object has a 2034 * reference count of 0. 2035 / 2036static void 2037unload_object(Obj_Entry root) 2038{ 2039 Obj_Entry obj; 2040* Obj_Entry *linkp; 2041* Objlist_Entry elm; 2042* 2043 assert(root->refcount == 0); 2044 2045 /* Remove the DAG from all objects' DAG lists. / 2046* STAILQ_FOREACH(elm, &root->dagmembers , link) 2047 objlist_remove(&elm->obj->dldags, root); 2048 2049 /* Remove the DAG from the RTLD_GLOBAL list. / 2050* objlist_remove(&list_global, root); 2051 2052 /* Unmap all objects that are no longer referenced. / 2053* linkp = &obj_list->next; 2054 while ((obj = linkp) != NULL) { 2055* if (obj->refcount == 0) { 2056 dbg("unloading \"%s\"", obj->path); 2057 munmap(obj->mapbase, obj->mapsize); 2058 linkmap_delete(obj); 2059 linkp = obj->next; 2060* obj_count--; 2061 obj_free(obj); 2062 } else 2063 linkp = &obj->next; 2064 } 2065 obj_tail = linkp; 2066} 2067 2068static void 2069unref_dag(Obj_Entry root) 2070{ 2071* const Needed_Entry needed; 2072* 2073 if (root->refcount == 0) 2074 return; 2075 root->refcount--; 2076 if (root->refcount == 0) 2077 for (needed = root->needed; needed != NULL; needed = needed->next) 2078 if (needed->obj != NULL) 2079 unref_dag(needed->obj); 2080} 2081 2082/* 2083 * Non-mallocing printf, for use by malloc itself. 2084 * XXX - This doesn't belong in this module. 2085 / 2086void 2087xprintf(const char fmt, ...) 2088{ 2089 char buf[256]; 2090 va_list ap; 2091 2092 va_start(ap, fmt); 2093 vsprintf(buf, fmt, ap); 2094 (void)write(1, buf, strlen(buf)); 2095 va_end(ap); 2096}	1946 return symp->st_shndx != SHN_UNDEF \|\| 1947 (!in_plt && symp->st_value != 0 && 1948 ELF_ST_TYPE(symp->st_info) == STT_FUNC) ? symp : NULL; 1949 1950 symnum = obj->chains[symnum]; 1951 } 1952 } 1953 return NULL; 1954} 1955 1956static void 1957trace_loaded_objects(Obj_Entry obj) 1958{ 1959* char fmt1, fmt2, fmt, main_local; 1960 int c; 1961 1962 if ((main_local = getenv("LD_TRACE_LOADED_OBJECTS_PROGNAME")) == NULL) 1963 main_local = ""; 1964 1965 if ((fmt1 = getenv("LD_TRACE_LOADED_OBJECTS_FMT1")) == NULL) 1966 fmt1 = "\t%o => %p (%x)\n"; 1967 1968 if ((fmt2 = getenv("LD_TRACE_LOADED_OBJECTS_FMT2")) == NULL) 1969 fmt2 = "\t%o (%x)\n"; 1970 1971 for (; obj; obj = obj->next) { 1972 Needed_Entry needed; 1973* char name, path; 1974 bool is_lib; 1975 1976 for (needed = obj->needed; needed; needed = needed->next) { 1977 if (needed->obj != NULL) { 1978 if (needed->obj->traced) 1979 continue; 1980 needed->obj->traced = true; 1981 path = needed->obj->path; 1982 } else 1983 path = "not found"; 1984 1985 name = (char )obj->strtab + needed->name; 1986* is_lib = strncmp(name, "lib", 3) == 0; /* XXX - bogus / 1987* 1988 fmt = is_lib ? fmt1 : fmt2; 1989 while ((c = fmt++) != '\0') { 1990* switch (c) { 1991 default: 1992 putchar(c); 1993 continue; 1994 case '\\': 1995 switch (c = fmt) { 1996* case '\0': 1997 continue; 1998 case 'n': 1999 putchar('\n'); 2000 break; 2001 case 't': 2002 putchar('\t'); 2003 break; 2004 } 2005 break; 2006 case '%': 2007 switch (c = fmt) { 2008* case '\0': 2009 continue; 2010 case '%': 2011 default: 2012 putchar(c); 2013 break; 2014 case 'A': 2015 printf("%s", main_local); 2016 break; 2017 case 'a': 2018 printf("%s", obj_main->path); 2019 break; 2020 case 'o': 2021 printf("%s", name); 2022 break; 2023#if 0 2024 case 'm': 2025 printf("%d", sodp->sod_major); 2026 break; 2027 case 'n': 2028 printf("%d", sodp->sod_minor); 2029 break; 2030#endif 2031 case 'p': 2032 printf("%s", path); 2033 break; 2034 case 'x': 2035 printf("%p", needed->obj ? needed->obj->mapbase : 0); 2036 break; 2037 } 2038 break; 2039 } 2040 ++fmt; 2041 } 2042 } 2043 } 2044} 2045 2046/* 2047 * Unload a dlopened object and its dependencies from memory and from 2048 * our data structures. It is assumed that the DAG rooted in the 2049 * object has already been unreferenced, and that the object has a 2050 * reference count of 0. 2051 / 2052static void 2053unload_object(Obj_Entry root) 2054{ 2055 Obj_Entry obj; 2056* Obj_Entry *linkp; 2057* Objlist_Entry elm; 2058* 2059 assert(root->refcount == 0); 2060 2061 /* Remove the DAG from all objects' DAG lists. / 2062* STAILQ_FOREACH(elm, &root->dagmembers , link) 2063 objlist_remove(&elm->obj->dldags, root); 2064 2065 /* Remove the DAG from the RTLD_GLOBAL list. / 2066* objlist_remove(&list_global, root); 2067 2068 /* Unmap all objects that are no longer referenced. / 2069* linkp = &obj_list->next; 2070 while ((obj = linkp) != NULL) { 2071* if (obj->refcount == 0) { 2072 dbg("unloading \"%s\"", obj->path); 2073 munmap(obj->mapbase, obj->mapsize); 2074 linkmap_delete(obj); 2075 linkp = obj->next; 2076* obj_count--; 2077 obj_free(obj); 2078 } else 2079 linkp = &obj->next; 2080 } 2081 obj_tail = linkp; 2082} 2083 2084static void 2085unref_dag(Obj_Entry root) 2086{ 2087* const Needed_Entry needed; 2088* 2089 if (root->refcount == 0) 2090 return; 2091 root->refcount--; 2092 if (root->refcount == 0) 2093 for (needed = root->needed; needed != NULL; needed = needed->next) 2094 if (needed->obj != NULL) 2095 unref_dag(needed->obj); 2096} 2097 2098/* 2099 * Non-mallocing printf, for use by malloc itself. 2100 * XXX - This doesn't belong in this module. 2101 / 2102void 2103xprintf(const char fmt, ...) 2104{ 2105 char buf[256]; 2106 va_list ap; 2107 2108 va_start(ap, fmt); 2109 vsprintf(buf, fmt, ap); 2110 (void)write(1, buf, strlen(buf)); 2111 va_end(ap); 2112}