xref: /freebsd/libexec/rtld-elf/powerpc/reloc.c (revision dbfb4063ae95b956a2b0021c37c9a8be4c2e4393)
1 /*      $NetBSD: ppc_reloc.c,v 1.10 2001/09/10 06:09:41 mycroft Exp $   */
2 
3 /*-
4  * SPDX-License-Identifier: BSD-2-Clause-NetBSD
5  *
6  * Copyright (C) 1998   Tsubai Masanari
7  * All rights reserved.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. The name of the author may not be used to endorse or promote products
18  *    derived from this software without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30  *
31  * $FreeBSD$
32  */
33 
34 #include <sys/param.h>
35 #include <sys/mman.h>
36 
37 #include <errno.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42 #include <machine/cpu.h>
43 #include <machine/atomic.h>
44 #include <machine/md_var.h>
45 
46 #include "debug.h"
47 #include "rtld.h"
48 
49 #define _ppc_ha(x) ((((u_int32_t)(x) & 0x8000) ? \
50                         ((u_int32_t)(x) + 0x10000) : (u_int32_t)(x)) >> 16)
51 #define _ppc_la(x) ((u_int32_t)(x) & 0xffff)
52 
53 #define min(a,b) (((a) < (b)) ? (a) : (b))
54 #define max(a,b) (((a) > (b)) ? (a) : (b))
55 
56 #define PLT_EXTENDED_BEGIN	(1 << 13)
57 #define JMPTAB_BASE(N)		(18 + N*2 + ((N > PLT_EXTENDED_BEGIN) ? \
58 				    (N - PLT_EXTENDED_BEGIN)*2 : 0))
59 
60 /*
61  * Process the R_PPC_COPY relocations
62  */
63 int
64 do_copy_relocations(Obj_Entry *dstobj)
65 {
66 	const Elf_Rela *relalim;
67 	const Elf_Rela *rela;
68 
69 	/*
70 	 * COPY relocs are invalid outside of the main program
71 	 */
72 	assert(dstobj->mainprog);
73 
74 	relalim = (const Elf_Rela *)((const char *) dstobj->rela +
75 	    dstobj->relasize);
76 	for (rela = dstobj->rela;  rela < relalim;  rela++) {
77 		void *dstaddr;
78 		const Elf_Sym *dstsym;
79 		const char *name;
80 		size_t size;
81 		const void *srcaddr;
82 		const Elf_Sym *srcsym = NULL;
83 		const Obj_Entry *srcobj, *defobj;
84 		SymLook req;
85 		int res;
86 
87 		if (ELF_R_TYPE(rela->r_info) != R_PPC_COPY) {
88 			continue;
89 		}
90 
91 		dstaddr = (void *)(dstobj->relocbase + rela->r_offset);
92 		dstsym = dstobj->symtab + ELF_R_SYM(rela->r_info);
93 		name = dstobj->strtab + dstsym->st_name;
94 		size = dstsym->st_size;
95 		symlook_init(&req, name);
96 		req.ventry = fetch_ventry(dstobj, ELF_R_SYM(rela->r_info));
97 		req.flags = SYMLOOK_EARLY;
98 
99 		for (srcobj = globallist_next(dstobj); srcobj != NULL;
100 		     srcobj = globallist_next(srcobj)) {
101 			res = symlook_obj(&req, srcobj);
102 			if (res == 0) {
103 				srcsym = req.sym_out;
104 				defobj = req.defobj_out;
105 				break;
106 			}
107 		}
108 
109 		if (srcobj == NULL) {
110 			_rtld_error("Undefined symbol \"%s\" "
111 				    " referenced from COPY"
112 				    " relocation in %s", name, dstobj->path);
113 			return (-1);
114 		}
115 
116 		srcaddr = (const void *)(defobj->relocbase+srcsym->st_value);
117 		memcpy(dstaddr, srcaddr, size);
118 		dbg("copy_reloc: src=%p,dst=%p,size=%d\n",srcaddr,dstaddr,size);
119 	}
120 
121 	return (0);
122 }
123 
124 
125 /*
126  * Perform early relocation of the run-time linker image
127  */
128 void
129 reloc_non_plt_self(Elf_Dyn *dynp, Elf_Addr relocbase)
130 {
131 	const Elf_Rela *rela = NULL, *relalim;
132 	Elf_Addr relasz = 0;
133 	Elf_Addr *where;
134 
135 	/*
136 	 * Extract the rela/relasz values from the dynamic section
137 	 */
138 	for (; dynp->d_tag != DT_NULL; dynp++) {
139 		switch (dynp->d_tag) {
140 		case DT_RELA:
141 			rela = (const Elf_Rela *)(relocbase+dynp->d_un.d_ptr);
142 			break;
143 		case DT_RELASZ:
144 			relasz = dynp->d_un.d_val;
145 			break;
146 		}
147 	}
148 
149 	/*
150 	 * Relocate these values
151 	 */
152 	relalim = (const Elf_Rela *)((const char *)rela + relasz);
153 	for (; rela < relalim; rela++) {
154 		where = (Elf_Addr *)(relocbase + rela->r_offset);
155 		*where = (Elf_Addr)(relocbase + rela->r_addend);
156 	}
157 }
158 
159 
160 /*
161  * Relocate a non-PLT object with addend.
162  */
163 static int
164 reloc_nonplt_object(Obj_Entry *obj_rtld __unused, Obj_Entry *obj,
165     const Elf_Rela *rela, SymCache *cache, int flags, RtldLockState *lockstate)
166 {
167 	Elf_Addr        *where = (Elf_Addr *)(obj->relocbase + rela->r_offset);
168 	const Elf_Sym   *def;
169 	const Obj_Entry *defobj;
170 	Elf_Addr         tmp;
171 
172 	switch (ELF_R_TYPE(rela->r_info)) {
173 
174 	case R_PPC_NONE:
175 		break;
176 
177         case R_PPC_ADDR32:    /* word32 S + A */
178         case R_PPC_GLOB_DAT:  /* word32 S + A */
179 		def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj,
180 		    flags, cache, lockstate);
181 		if (def == NULL) {
182 			return (-1);
183 		}
184 
185                 tmp = (Elf_Addr)(defobj->relocbase + def->st_value +
186                     rela->r_addend);
187 
188 		/* Don't issue write if unnecessary; avoid COW page fault */
189                 if (*where != tmp) {
190                         *where = tmp;
191 		}
192                 break;
193 
194         case R_PPC_RELATIVE:  /* word32 B + A */
195 		tmp = (Elf_Addr)(obj->relocbase + rela->r_addend);
196 
197 		/* As above, don't issue write unnecessarily */
198 		if (*where != tmp) {
199 			*where = tmp;
200 		}
201 		break;
202 
203 	case R_PPC_COPY:
204 		/*
205 		 * These are deferred until all other relocations
206 		 * have been done.  All we do here is make sure
207 		 * that the COPY relocation is not in a shared
208 		 * library.  They are allowed only in executable
209 		 * files.
210 		 */
211 		if (!obj->mainprog) {
212 			_rtld_error("%s: Unexpected R_COPY "
213 				    " relocation in shared library",
214 				    obj->path);
215 			return (-1);
216 		}
217 		break;
218 
219 	case R_PPC_JMP_SLOT:
220 		/*
221 		 * These will be handled by the plt/jmpslot routines
222 		 */
223 		break;
224 
225 	case R_PPC_DTPMOD32:
226 		def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj,
227 		    flags, cache, lockstate);
228 
229 		if (def == NULL)
230 			return (-1);
231 
232 		*where = (Elf_Addr) defobj->tlsindex;
233 
234 		break;
235 
236 	case R_PPC_TPREL32:
237 		def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj,
238 		    flags, cache, lockstate);
239 
240 		if (def == NULL)
241 			return (-1);
242 
243 		/*
244 		 * We lazily allocate offsets for static TLS as we
245 		 * see the first relocation that references the
246 		 * TLS block. This allows us to support (small
247 		 * amounts of) static TLS in dynamically loaded
248 		 * modules. If we run out of space, we generate an
249 		 * error.
250 		 */
251 		if (!defobj->tls_done) {
252 			if (!allocate_tls_offset(
253 				    __DECONST(Obj_Entry *, defobj))) {
254 				_rtld_error("%s: No space available for static "
255 				    "Thread Local Storage", obj->path);
256 				return (-1);
257 			}
258 		}
259 
260 		*(Elf_Addr **)where = *where * sizeof(Elf_Addr)
261 		    + (Elf_Addr *)(def->st_value + rela->r_addend
262 		    + defobj->tlsoffset - TLS_TP_OFFSET - TLS_TCB_SIZE);
263 
264 		break;
265 
266 	case R_PPC_DTPREL32:
267 		def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj,
268 		    flags, cache, lockstate);
269 
270 		if (def == NULL)
271 			return (-1);
272 
273 		*where += (Elf_Addr)(def->st_value + rela->r_addend
274 		    - TLS_DTV_OFFSET);
275 
276 		break;
277 
278 	default:
279 		_rtld_error("%s: Unsupported relocation type %d"
280 			    " in non-PLT relocations\n", obj->path,
281 			    ELF_R_TYPE(rela->r_info));
282 		return (-1);
283         }
284 	return (0);
285 }
286 
287 
288 /*
289  * Process non-PLT relocations
290  */
291 int
292 reloc_non_plt(Obj_Entry *obj, Obj_Entry *obj_rtld, int flags,
293     RtldLockState *lockstate)
294 {
295 	const Elf_Rela *relalim;
296 	const Elf_Rela *rela;
297 	const Elf_Phdr *phdr;
298 	SymCache *cache;
299 	int r = -1;
300 
301 	if ((flags & SYMLOOK_IFUNC) != 0)
302 		/* XXX not implemented */
303 		return (0);
304 
305 	/*
306 	 * The dynamic loader may be called from a thread, we have
307 	 * limited amounts of stack available so we cannot use alloca().
308 	 */
309 	if (obj != obj_rtld) {
310 		cache = calloc(obj->dynsymcount, sizeof(SymCache));
311 		/* No need to check for NULL here */
312 	} else
313 		cache = NULL;
314 
315 	/*
316 	 * From the SVR4 PPC ABI:
317 	 * "The PowerPC family uses only the Elf32_Rela relocation
318 	 *  entries with explicit addends."
319 	 */
320 	relalim = (const Elf_Rela *)((const char *)obj->rela + obj->relasize);
321 	for (rela = obj->rela; rela < relalim; rela++) {
322 		if (reloc_nonplt_object(obj_rtld, obj, rela, cache, flags,
323 		    lockstate) < 0)
324 			goto done;
325 	}
326 	r = 0;
327 done:
328 	if (cache != NULL)
329 		free(cache);
330 
331 	/*
332 	 * Synchronize icache for executable segments in case we made
333 	 * any changes.
334 	 */
335 	for (phdr = obj->phdr;
336 	    (const char *)phdr < (const char *)obj->phdr + obj->phsize;
337 	    phdr++) {
338 		if (phdr->p_type == PT_LOAD && (phdr->p_flags & PF_X) != 0) {
339 			__syncicache(obj->relocbase + phdr->p_vaddr,
340 			    phdr->p_memsz);
341 		}
342 	}
343 
344 	return (r);
345 }
346 
347 /*
348  * Initialise a PLT slot to the resolving trampoline
349  */
350 static int
351 reloc_plt_object(Obj_Entry *obj, const Elf_Rela *rela)
352 {
353 	Elf_Word *where = (Elf_Word *)(obj->relocbase + rela->r_offset);
354 	Elf_Addr *pltresolve, *pltlongresolve, *jmptab;
355 	Elf_Addr distance;
356 	int N = obj->pltrelasize / sizeof(Elf_Rela);
357 	int reloff;
358 
359 	reloff = rela - obj->pltrela;
360 
361 	if (reloff < 0)
362 		return (-1);
363 
364 	pltlongresolve = obj->pltgot + 5;
365 	pltresolve = pltlongresolve + 5;
366 
367 	distance = (Elf_Addr)pltresolve - (Elf_Addr)(where + 1);
368 
369 	dbg(" reloc_plt_object: where=%p,pltres=%p,reloff=%x,distance=%x",
370 	    (void *)where, (void *)pltresolve, reloff, distance);
371 
372 	if (reloff < PLT_EXTENDED_BEGIN) {
373 		/* li   r11,reloff  */
374 		/* b    pltresolve  */
375 		where[0] = 0x39600000 | reloff;
376 		where[1] = 0x48000000 | (distance & 0x03fffffc);
377 	} else {
378 		jmptab = obj->pltgot + JMPTAB_BASE(N);
379 		jmptab[reloff] = (u_int)pltlongresolve;
380 
381 		/* lis	r11,jmptab[reloff]@ha */
382 		/* lwzu	r12,jmptab[reloff]@l(r11) */
383 		/* mtctr r12 */
384 		/* bctr */
385 		where[0] = 0x3d600000 | _ppc_ha(&jmptab[reloff]);
386 		where[1] = 0x858b0000 | _ppc_la(&jmptab[reloff]);
387 		where[2] = 0x7d8903a6;
388 		where[3] = 0x4e800420;
389 	}
390 
391 
392 	/*
393 	 * The icache will be sync'd in reloc_plt, which is called
394 	 * after all the slots have been updated
395 	 */
396 
397 	return (0);
398 }
399 
400 
401 /*
402  * Process the PLT relocations.
403  */
404 int
405 reloc_plt(Obj_Entry *obj, int flags __unused, RtldLockState *lockstate __unused)
406 {
407 	const Elf_Rela *relalim;
408 	const Elf_Rela *rela;
409 	int N = obj->pltrelasize / sizeof(Elf_Rela);
410 
411 	if (obj->pltrelasize != 0) {
412 
413 		relalim = (const Elf_Rela *)((const char *)obj->pltrela +
414 		    obj->pltrelasize);
415 		for (rela = obj->pltrela;  rela < relalim;  rela++) {
416 			assert(ELF_R_TYPE(rela->r_info) == R_PPC_JMP_SLOT);
417 
418 			if (reloc_plt_object(obj, rela) < 0) {
419 				return (-1);
420 			}
421 		}
422 	}
423 
424 	/*
425 	 * Sync the icache for the byte range represented by the
426 	 * trampoline routines and call slots.
427 	 */
428 	if (obj->pltgot != NULL)
429 		__syncicache(obj->pltgot, JMPTAB_BASE(N)*4);
430 
431 	return (0);
432 }
433 
434 
435 /*
436  * LD_BIND_NOW was set - force relocation for all jump slots
437  */
438 int
439 reloc_jmpslots(Obj_Entry *obj, int flags, RtldLockState *lockstate)
440 {
441 	const Obj_Entry *defobj;
442 	const Elf_Rela *relalim;
443 	const Elf_Rela *rela;
444 	const Elf_Sym *def;
445 	Elf_Addr *where;
446 	Elf_Addr target;
447 
448 	relalim = (const Elf_Rela *)((const char *)obj->pltrela +
449 	    obj->pltrelasize);
450 	for (rela = obj->pltrela; rela < relalim; rela++) {
451 		assert(ELF_R_TYPE(rela->r_info) == R_PPC_JMP_SLOT);
452 		where = (Elf_Addr *)(obj->relocbase + rela->r_offset);
453 		def = find_symdef(ELF_R_SYM(rela->r_info), obj, &defobj,
454 		    SYMLOOK_IN_PLT | flags, NULL, lockstate);
455 		if (def == NULL) {
456 			dbg("reloc_jmpslots: sym not found");
457 			return (-1);
458 		}
459 
460 		target = (Elf_Addr)(defobj->relocbase + def->st_value);
461 
462 #if 0
463 		/* PG XXX */
464 		dbg("\"%s\" in \"%s\" --> %p in \"%s\"",
465 		    defobj->strtab + def->st_name, basename(obj->path),
466 		    (void *)target, basename(defobj->path));
467 #endif
468 
469 		reloc_jmpslot(where, target, defobj, obj,
470 		    (const Elf_Rel *) rela);
471 	}
472 
473 	obj->jmpslots_done = true;
474 
475 	return (0);
476 }
477 
478 
479 /*
480  * Update the value of a PLT jump slot. Branch directly to the target if
481  * it is within +/- 32Mb, otherwise go indirectly via the pltcall
482  * trampoline call and jump table.
483  */
484 Elf_Addr
485 reloc_jmpslot(Elf_Addr *wherep, Elf_Addr target,
486     const Obj_Entry *defobj __unused, const Obj_Entry *obj, const Elf_Rel *rel)
487 {
488 	Elf_Addr offset;
489 	const Elf_Rela *rela = (const Elf_Rela *) rel;
490 
491 	dbg(" reloc_jmpslot: where=%p, target=%p",
492 	    (void *)wherep, (void *)target);
493 
494 	if (ld_bind_not)
495 		goto out;
496 
497 	/*
498 	 * At the PLT entry pointed at by `wherep', construct
499 	 * a direct transfer to the now fully resolved function
500 	 * address.
501 	 */
502 	offset = target - (Elf_Addr)wherep;
503 
504 	if (abs((int)offset) < 32*1024*1024) {     /* inside 32MB? */
505 		/* b    value   # branch directly */
506 		*wherep = 0x48000000 | (offset & 0x03fffffc);
507 		__syncicache(wherep, 4);
508 	} else {
509 		Elf_Addr *pltcall, *jmptab;
510 		int distance;
511 		int N = obj->pltrelasize / sizeof(Elf_Rela);
512 		int reloff = rela - obj->pltrela;
513 
514 		if (reloff < 0)
515 			return (-1);
516 
517 		pltcall = obj->pltgot;
518 
519 		dbg(" reloc_jmpslot: indir, reloff=%x, N=%x\n",
520 		    reloff, N);
521 
522 		jmptab = obj->pltgot + JMPTAB_BASE(N);
523 		jmptab[reloff] = target;
524 		mb(); /* Order jmptab update before next changes */
525 
526 		if (reloff < PLT_EXTENDED_BEGIN) {
527 			/* for extended PLT entries, we keep the old code */
528 
529 			distance = (Elf_Addr)pltcall - (Elf_Addr)(wherep + 1);
530 
531 			/* li   r11,reloff */
532 			/* b    pltcall  # use indirect pltcall routine */
533 
534 			/* first instruction same as before */
535 			wherep[1] = 0x48000000 | (distance & 0x03fffffc);
536 			__syncicache(wherep, 8);
537 		}
538 	}
539 
540 out:
541 	return (target);
542 }
543 
544 int
545 reloc_iresolve(Obj_Entry *obj __unused,
546     struct Struct_RtldLockState *lockstate __unused)
547 {
548 
549 	/* XXX not implemented */
550 	return (0);
551 }
552 
553 int
554 reloc_gnu_ifunc(Obj_Entry *obj __unused, int flags __unused,
555     struct Struct_RtldLockState *lockstate __unused)
556 {
557 
558 	/* XXX not implemented */
559 	return (0);
560 }
561 
562 /*
563  * Setup the plt glue routines.
564  */
565 #define PLTCALL_SIZE	   	20
566 #define PLTLONGRESOLVE_SIZE	20
567 #define PLTRESOLVE_SIZE		24
568 
569 void
570 init_pltgot(Obj_Entry *obj)
571 {
572 	Elf_Word *pltcall, *pltresolve, *pltlongresolve;
573 	Elf_Word *jmptab;
574 	int N = obj->pltrelasize / sizeof(Elf_Rela);
575 
576 	pltcall = obj->pltgot;
577 
578 	if (pltcall == NULL) {
579 		return;
580 	}
581 
582 	/*
583 	 * From the SVR4 PPC ABI:
584 	 *
585 	 * 'The first 18 words (72 bytes) of the PLT are reserved for
586 	 * use by the dynamic linker.
587 	 *   ...
588 	 * 'If the executable or shared object requires N procedure
589 	 *  linkage table entries, the link editor shall reserve 3*N
590 	 *  words (12*N bytes) following the 18 reserved words. The
591 	 *  first 2*N of these words are the procedure linkage table
592 	 *  entries themselves. The static linker directs calls to bytes
593 	 *  (72 + (i-1)*8), for i between 1 and N inclusive. The remaining
594 	 *  N words (4*N bytes) are reserved for use by the dynamic linker.'
595 	 */
596 
597 	/*
598 	 * Copy the absolute-call assembler stub into the first part of
599 	 * the reserved PLT area.
600 	 */
601 	memcpy(pltcall, _rtld_powerpc_pltcall, PLTCALL_SIZE);
602 
603 	/*
604 	 * Determine the address of the jumptable, which is the dyn-linker
605 	 * reserved area after the call cells. Write the absolute address
606 	 * of the jumptable into the absolute-call assembler code so it
607 	 * can determine this address.
608 	 */
609 	jmptab = obj->pltgot + JMPTAB_BASE(N);
610 	pltcall[1] |= _ppc_ha(jmptab);	   /* addis 11,11,jmptab@ha */
611 	pltcall[2] |= _ppc_la(jmptab);     /* lwz   11,jmptab@l(11) */
612 
613 	/*
614 	 * Skip down 20 bytes into the initial reserved area and copy
615 	 * in the standard resolving assembler call. Into this assembler,
616 	 * insert the absolute address of the _rtld_bind_start routine
617 	 * and the address of the relocation object.
618 	 *
619 	 * We place pltlongresolve first, so it can fix up its arguments
620 	 * and then fall through to the regular PLT resolver.
621 	 */
622 	pltlongresolve = obj->pltgot + 5;
623 
624 	memcpy(pltlongresolve, _rtld_powerpc_pltlongresolve,
625 	    PLTLONGRESOLVE_SIZE);
626 	pltlongresolve[0] |= _ppc_ha(jmptab);	/* lis	12,jmptab@ha	*/
627 	pltlongresolve[1] |= _ppc_la(jmptab);	/* addi	12,12,jmptab@l	*/
628 
629 	pltresolve = pltlongresolve + PLTLONGRESOLVE_SIZE/sizeof(uint32_t);
630 	memcpy(pltresolve, _rtld_powerpc_pltresolve, PLTRESOLVE_SIZE);
631 	pltresolve[0] |= _ppc_ha(_rtld_bind_start);
632 	pltresolve[1] |= _ppc_la(_rtld_bind_start);
633 	pltresolve[3] |= _ppc_ha(obj);
634 	pltresolve[4] |= _ppc_la(obj);
635 
636 	/*
637 	 * The icache will be sync'd in reloc_plt, which is called
638 	 * after all the slots have been updated
639 	 */
640 }
641 
642 void
643 ifunc_init(Elf_Auxinfo aux_info[__min_size(AT_COUNT)] __unused)
644 {
645 
646 }
647 
648 void
649 pre_init(void)
650 {
651 
652 }
653 
654 void
655 allocate_initial_tls(Obj_Entry *list)
656 {
657 	Elf_Addr **tp;
658 
659 	/*
660 	* Fix the size of the static TLS block by using the maximum
661 	* offset allocated so far and adding a bit for dynamic modules to
662 	* use.
663 	*/
664 
665 	tls_static_space = tls_last_offset + tls_last_size + RTLD_STATIC_TLS_EXTRA;
666 
667 	tp = (Elf_Addr **)((char *) allocate_tls(list, NULL, TLS_TCB_SIZE, 8)
668 	    + TLS_TP_OFFSET + TLS_TCB_SIZE);
669 
670 	/*
671 	 * XXX gcc seems to ignore 'tp = _tp;'
672 	 */
673 
674 	__asm __volatile("mr 2,%0" :: "r"(tp));
675 }
676 
677 void*
678 __tls_get_addr(tls_index* ti)
679 {
680 	register Elf_Addr **tp;
681 	char *p;
682 
683 	__asm __volatile("mr %0,2" : "=r"(tp));
684 	p = tls_get_addr_common((Elf_Addr**)((Elf_Addr)tp - TLS_TP_OFFSET
685 	    - TLS_TCB_SIZE), ti->ti_module, ti->ti_offset);
686 
687 	return (p + TLS_DTV_OFFSET);
688 }
689