1 /*- 2 * Copyright 1996, 1997, 1998, 1999, 2000 John D. Polstra. 3 * Copyright 2003 Alexander Kabaev <kan@FreeBSD.ORG>. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 /* 30 * Dynamic linker for ELF. 31 * 32 * John Polstra <jdp@polstra.com>. 33 */ 34 35 #ifndef __GNUC__ 36 #error "GCC is needed to compile this file" 37 #endif 38 39 #include <sys/param.h> 40 #include <sys/mman.h> 41 #include <sys/stat.h> 42 43 #include <dlfcn.h> 44 #include <err.h> 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <stdarg.h> 48 #include <stdio.h> 49 #include <stdlib.h> 50 #include <string.h> 51 #include <unistd.h> 52 53 #include "debug.h" 54 #include "rtld.h" 55 #ifdef WITH_LIBMAP 56 #include "libmap.h" 57 #endif 58 59 #define END_SYM "_end" 60 #define PATH_RTLD "/usr/libexec/ld-elf.so.1" 61 62 /* Types. */ 63 typedef void (*func_ptr_type)(); 64 typedef void * (*path_enum_proc) (const char *path, size_t len, void *arg); 65 66 /* 67 * This structure provides a reentrant way to keep a list of objects and 68 * check which ones have already been processed in some way. 69 */ 70 typedef struct Struct_DoneList { 71 const Obj_Entry **objs; /* Array of object pointers */ 72 unsigned int num_alloc; /* Allocated size of the array */ 73 unsigned int num_used; /* Number of array slots used */ 74 } DoneList; 75 76 /* 77 * Function declarations. 78 */ 79 static const char *basename(const char *); 80 static void die(void); 81 static void digest_dynamic(Obj_Entry *, int); 82 static Obj_Entry *digest_phdr(const Elf_Phdr *, int, caddr_t, const char *); 83 static Obj_Entry *dlcheck(void *); 84 static int do_search_info(const Obj_Entry *obj, int, struct dl_serinfo *); 85 static bool donelist_check(DoneList *, const Obj_Entry *); 86 static void errmsg_restore(char *); 87 static char *errmsg_save(void); 88 static void *fill_search_info(const char *, size_t, void *); 89 static char *find_library(const char *, const Obj_Entry *); 90 static const char *gethints(void); 91 static void init_dag(Obj_Entry *); 92 static void init_dag1(Obj_Entry *root, Obj_Entry *obj, DoneList *); 93 static void init_rtld(caddr_t); 94 static void initlist_add_neededs(Needed_Entry *needed, Objlist *list); 95 static void initlist_add_objects(Obj_Entry *obj, Obj_Entry **tail, 96 Objlist *list); 97 static bool is_exported(const Elf_Sym *); 98 static void linkmap_add(Obj_Entry *); 99 static void linkmap_delete(Obj_Entry *); 100 static int load_needed_objects(Obj_Entry *); 101 static int load_preload_objects(void); 102 static Obj_Entry *load_object(char *); 103 static Obj_Entry *obj_from_addr(const void *); 104 static void objlist_call_fini(Objlist *); 105 static void objlist_call_init(Objlist *); 106 static void objlist_clear(Objlist *); 107 static Objlist_Entry *objlist_find(Objlist *, const Obj_Entry *); 108 static void objlist_init(Objlist *); 109 static void objlist_push_head(Objlist *, Obj_Entry *); 110 static void objlist_push_tail(Objlist *, Obj_Entry *); 111 static void objlist_remove(Objlist *, Obj_Entry *); 112 static void objlist_remove_unref(Objlist *); 113 static void *path_enumerate(const char *, path_enum_proc, void *); 114 static int relocate_objects(Obj_Entry *, bool, Obj_Entry *); 115 static int rtld_dirname(const char *, char *); 116 static void rtld_exit(void); 117 static char *search_library_path(const char *, const char *); 118 static const void **get_program_var_addr(const char *name); 119 static void set_program_var(const char *, const void *); 120 static const Elf_Sym *symlook_default(const char *, unsigned long hash, 121 const Obj_Entry *refobj, const Obj_Entry **defobj_out, bool in_plt); 122 static const Elf_Sym *symlook_list(const char *, unsigned long, 123 Objlist *, const Obj_Entry **, bool in_plt, DoneList *); 124 static void trace_loaded_objects(Obj_Entry *obj); 125 static void unlink_object(Obj_Entry *); 126 static void unload_object(Obj_Entry *); 127 static void unref_dag(Obj_Entry *); 128 static void ref_dag(Obj_Entry *); 129 130 void r_debug_state(struct r_debug*, struct link_map*); 131 132 /* 133 * Data declarations. 134 */ 135 static char *error_message; /* Message for dlerror(), or NULL */ 136 struct r_debug r_debug; /* for GDB; */ 137 static bool libmap_disable; /* Disable libmap */ 138 static bool trust; /* False for setuid and setgid programs */ 139 static char *ld_bind_now; /* Environment variable for immediate binding */ 140 static char *ld_debug; /* Environment variable for debugging */ 141 static char *ld_library_path; /* Environment variable for search path */ 142 static char *ld_preload; /* Environment variable for libraries to 143 load first */ 144 static char *ld_tracing; /* Called from ldd to print libs */ 145 static Obj_Entry *obj_list; /* Head of linked list of shared objects */ 146 static Obj_Entry **obj_tail; /* Link field of last object in list */ 147 static Obj_Entry *obj_main; /* The main program shared object */ 148 static Obj_Entry obj_rtld; /* The dynamic linker shared object */ 149 static unsigned int obj_count; /* Number of objects in obj_list */ 150 151 static Objlist list_global = /* Objects dlopened with RTLD_GLOBAL */ 152 STAILQ_HEAD_INITIALIZER(list_global); 153 static Objlist list_main = /* Objects loaded at program startup */ 154 STAILQ_HEAD_INITIALIZER(list_main); 155 static Objlist list_fini = /* Objects needing fini() calls */ 156 STAILQ_HEAD_INITIALIZER(list_fini); 157 158 static Elf_Sym sym_zero; /* For resolving undefined weak refs. */ 159 160 #define GDB_STATE(s,m) r_debug.r_state = s; r_debug_state(&r_debug,m); 161 162 extern Elf_Dyn _DYNAMIC; 163 #pragma weak _DYNAMIC 164 165 /* 166 * These are the functions the dynamic linker exports to application 167 * programs. They are the only symbols the dynamic linker is willing 168 * to export from itself. 169 */ 170 static func_ptr_type exports[] = { 171 (func_ptr_type) &_rtld_error, 172 (func_ptr_type) &dlclose, 173 (func_ptr_type) &dlerror, 174 (func_ptr_type) &dlopen, 175 (func_ptr_type) &dlsym, 176 (func_ptr_type) &dladdr, 177 (func_ptr_type) &dllockinit, 178 (func_ptr_type) &dlinfo, 179 (func_ptr_type) &_rtld_thread_init, 180 NULL 181 }; 182 183 /* 184 * Global declarations normally provided by crt1. The dynamic linker is 185 * not built with crt1, so we have to provide them ourselves. 186 */ 187 char *__progname; 188 char **environ; 189 190 /* 191 * Fill in a DoneList with an allocation large enough to hold all of 192 * the currently-loaded objects. Keep this as a macro since it calls 193 * alloca and we want that to occur within the scope of the caller. 194 */ 195 #define donelist_init(dlp) \ 196 ((dlp)->objs = alloca(obj_count * sizeof (dlp)->objs[0]), \ 197 assert((dlp)->objs != NULL), \ 198 (dlp)->num_alloc = obj_count, \ 199 (dlp)->num_used = 0) 200 201 /* 202 * Main entry point for dynamic linking. The first argument is the 203 * stack pointer. The stack is expected to be laid out as described 204 * in the SVR4 ABI specification, Intel 386 Processor Supplement. 205 * Specifically, the stack pointer points to a word containing 206 * ARGC. Following that in the stack is a null-terminated sequence 207 * of pointers to argument strings. Then comes a null-terminated 208 * sequence of pointers to environment strings. Finally, there is a 209 * sequence of "auxiliary vector" entries. 210 * 211 * The second argument points to a place to store the dynamic linker's 212 * exit procedure pointer and the third to a place to store the main 213 * program's object. 214 * 215 * The return value is the main program's entry point. 216 */ 217 func_ptr_type 218 _rtld(Elf_Addr *sp, func_ptr_type *exit_proc, Obj_Entry **objp) 219 { 220 Elf_Auxinfo *aux_info[AT_COUNT]; 221 int i; 222 int argc; 223 char **argv; 224 char **env; 225 Elf_Auxinfo *aux; 226 Elf_Auxinfo *auxp; 227 const char *argv0; 228 Obj_Entry *obj; 229 Obj_Entry **preload_tail; 230 Objlist initlist; 231 int lockstate; 232 233 /* 234 * On entry, the dynamic linker itself has not been relocated yet. 235 * Be very careful not to reference any global data until after 236 * init_rtld has returned. It is OK to reference file-scope statics 237 * and string constants, and to call static and global functions. 238 */ 239 240 /* Find the auxiliary vector on the stack. */ 241 argc = *sp++; 242 argv = (char **) sp; 243 sp += argc + 1; /* Skip over arguments and NULL terminator */ 244 env = (char **) sp; 245 while (*sp++ != 0) /* Skip over environment, and NULL terminator */ 246 ; 247 aux = (Elf_Auxinfo *) sp; 248 249 /* Digest the auxiliary vector. */ 250 for (i = 0; i < AT_COUNT; i++) 251 aux_info[i] = NULL; 252 for (auxp = aux; auxp->a_type != AT_NULL; auxp++) { 253 if (auxp->a_type < AT_COUNT) 254 aux_info[auxp->a_type] = auxp; 255 } 256 257 /* Initialize and relocate ourselves. */ 258 assert(aux_info[AT_BASE] != NULL); 259 init_rtld((caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 260 261 __progname = obj_rtld.path; 262 argv0 = argv[0] != NULL ? argv[0] : "(null)"; 263 environ = env; 264 265 trust = !issetugid(); 266 267 ld_bind_now = getenv("LD_BIND_NOW"); 268 if (trust) { 269 ld_debug = getenv("LD_DEBUG"); 270 libmap_disable = getenv("LD_LIBMAP_DISABLE") != NULL; 271 ld_library_path = getenv("LD_LIBRARY_PATH"); 272 ld_preload = getenv("LD_PRELOAD"); 273 } 274 ld_tracing = getenv("LD_TRACE_LOADED_OBJECTS"); 275 276 if (ld_debug != NULL && *ld_debug != '\0') 277 debug = 1; 278 dbg("%s is initialized, base address = %p", __progname, 279 (caddr_t) aux_info[AT_BASE]->a_un.a_ptr); 280 dbg("RTLD dynamic = %p", obj_rtld.dynamic); 281 dbg("RTLD pltgot = %p", obj_rtld.pltgot); 282 283 /* 284 * Load the main program, or process its program header if it is 285 * already loaded. 286 */ 287 if (aux_info[AT_EXECFD] != NULL) { /* Load the main program. */ 288 int fd = aux_info[AT_EXECFD]->a_un.a_val; 289 dbg("loading main program"); 290 obj_main = map_object(fd, argv0, NULL); 291 close(fd); 292 if (obj_main == NULL) 293 die(); 294 } else { /* Main program already loaded. */ 295 const Elf_Phdr *phdr; 296 int phnum; 297 caddr_t entry; 298 299 dbg("processing main program's program header"); 300 assert(aux_info[AT_PHDR] != NULL); 301 phdr = (const Elf_Phdr *) aux_info[AT_PHDR]->a_un.a_ptr; 302 assert(aux_info[AT_PHNUM] != NULL); 303 phnum = aux_info[AT_PHNUM]->a_un.a_val; 304 assert(aux_info[AT_PHENT] != NULL); 305 assert(aux_info[AT_PHENT]->a_un.a_val == sizeof(Elf_Phdr)); 306 assert(aux_info[AT_ENTRY] != NULL); 307 entry = (caddr_t) aux_info[AT_ENTRY]->a_un.a_ptr; 308 if ((obj_main = digest_phdr(phdr, phnum, entry, argv0)) == NULL) 309 die(); 310 } 311 312 obj_main->path = xstrdup(argv0); 313 obj_main->mainprog = true; 314 315 /* 316 * Get the actual dynamic linker pathname from the executable if 317 * possible. (It should always be possible.) That ensures that 318 * gdb will find the right dynamic linker even if a non-standard 319 * one is being used. 320 */ 321 if (obj_main->interp != NULL && 322 strcmp(obj_main->interp, obj_rtld.path) != 0) { 323 free(obj_rtld.path); 324 obj_rtld.path = xstrdup(obj_main->interp); 325 } 326 327 digest_dynamic(obj_main, 0); 328 329 linkmap_add(obj_main); 330 linkmap_add(&obj_rtld); 331 332 /* Link the main program into the list of objects. */ 333 *obj_tail = obj_main; 334 obj_tail = &obj_main->next; 335 obj_count++; 336 /* Make sure we don't call the main program's init and fini functions. */ 337 obj_main->init = obj_main->fini = NULL; 338 339 /* Initialize a fake symbol for resolving undefined weak references. */ 340 sym_zero.st_info = ELF_ST_INFO(STB_GLOBAL, STT_NOTYPE); 341 sym_zero.st_shndx = SHN_UNDEF; 342 343 #ifdef WITH_LIBMAP 344 if (!libmap_disable) 345 lm_init(); 346 #endif 347 348 dbg("loading LD_PRELOAD libraries"); 349 if (load_preload_objects() == -1) 350 die(); 351 preload_tail = obj_tail; 352 353 dbg("loading needed objects"); 354 if (load_needed_objects(obj_main) == -1) 355 die(); 356 357 /* Make a list of all objects loaded at startup. */ 358 for (obj = obj_list; obj != NULL; obj = obj->next) { 359 objlist_push_tail(&list_main, obj); 360 obj->refcount++; 361 } 362 363 if (ld_tracing) { /* We're done */ 364 trace_loaded_objects(obj_main); 365 exit(0); 366 } 367 368 if (relocate_objects(obj_main, 369 ld_bind_now != NULL && *ld_bind_now != '\0', &obj_rtld) == -1) 370 die(); 371 372 dbg("doing copy relocations"); 373 if (do_copy_relocations(obj_main) == -1) 374 die(); 375 376 dbg("initializing key program variables"); 377 set_program_var("__progname", argv[0] != NULL ? basename(argv[0]) : ""); 378 set_program_var("environ", env); 379 380 dbg("initializing thread locks"); 381 lockdflt_init(); 382 383 /* Make a list of init functions to call. */ 384 objlist_init(&initlist); 385 initlist_add_objects(obj_list, preload_tail, &initlist); 386 387 r_debug_state(NULL, &obj_main->linkmap); /* say hello to gdb! */ 388 389 objlist_call_init(&initlist); 390 lockstate = wlock_acquire(rtld_bind_lock); 391 objlist_clear(&initlist); 392 wlock_release(rtld_bind_lock, lockstate); 393 394 dbg("transferring control to program entry point = %p", obj_main->entry); 395 396 /* Return the exit procedure and the program entry point. */ 397 *exit_proc = rtld_exit; 398 *objp = obj_main; 399 return (func_ptr_type) obj_main->entry; 400 } 401 402 Elf_Addr 403 _rtld_bind(Obj_Entry *obj, Elf_Word reloff) 404 { 405 const Elf_Rel *rel; 406 const Elf_Sym *def; 407 const Obj_Entry *defobj; 408 Elf_Addr *where; 409 Elf_Addr target; 410 int lockstate; 411 412 lockstate = rlock_acquire(rtld_bind_lock); 413 if (obj->pltrel) 414 rel = (const Elf_Rel *) ((caddr_t) obj->pltrel + reloff); 415 else 416 rel = (const Elf_Rel *) ((caddr_t) obj->pltrela + reloff); 417 418 where = (Elf_Addr *) (obj->relocbase + rel->r_offset); 419 def = find_symdef(ELF_R_SYM(rel->r_info), obj, &defobj, true, NULL); 420 if (def == NULL) 421 die(); 422 423 target = (Elf_Addr)(defobj->relocbase + def->st_value); 424 425 dbg("\"%s\" in \"%s\" ==> %p in \"%s\"", 426 defobj->strtab + def->st_name, basename(obj->path), 427 (void *)target, basename(defobj->path)); 428 429 /* 430 * Write the new contents for the jmpslot. Note that depending on 431 * architecture, the value which we need to return back to the 432 * lazy binding trampoline may or may not be the target 433 * address. The value returned from reloc_jmpslot() is the value 434 * that the trampoline needs. 435 */ 436 target = reloc_jmpslot(where, target, defobj, obj, rel); 437 rlock_release(rtld_bind_lock, lockstate); 438 return target; 439 } 440 441 /* 442 * Error reporting function. Use it like printf. If formats the message 443 * into a buffer, and sets things up so that the next call to dlerror() 444 * will return the message. 445 */ 446 void 447 _rtld_error(const char *fmt, ...) 448 { 449 static char buf[512]; 450 va_list ap; 451 452 va_start(ap, fmt); 453 vsnprintf(buf, sizeof buf, fmt, ap); 454 error_message = buf; 455 va_end(ap); 456 } 457 458 /* 459 * Return a dynamically-allocated copy of the current error message, if any. 460 */ 461 static char * 462 errmsg_save(void) 463 { 464 return error_message == NULL ? NULL : xstrdup(error_message); 465 } 466 467 /* 468 * Restore the current error message from a copy which was previously saved 469 * by errmsg_save(). The copy is freed. 470 */ 471 static void 472 errmsg_restore(char *saved_msg) 473 { 474 if (saved_msg == NULL) 475 error_message = NULL; 476 else { 477 _rtld_error("%s", saved_msg); 478 free(saved_msg); 479 } 480 } 481 482 static const char * 483 basename(const char *name) 484 { 485 const char *p = strrchr(name, '/'); 486 return p != NULL ? p + 1 : name; 487 } 488 489 static void 490 die(void) 491 { 492 const char *msg = dlerror(); 493 494 if (msg == NULL) 495 msg = "Fatal error"; 496 errx(1, "%s", msg); 497 } 498 499 /* 500 * Process a shared object's DYNAMIC section, and save the important 501 * information in its Obj_Entry structure. 502 */ 503 static void 504 digest_dynamic(Obj_Entry *obj, int early) 505 { 506 const Elf_Dyn *dynp; 507 Needed_Entry **needed_tail = &obj->needed; 508 const Elf_Dyn *dyn_rpath = NULL; 509 int plttype = DT_REL; 510 511 for (dynp = obj->dynamic; dynp->d_tag != DT_NULL; dynp++) { 512 switch (dynp->d_tag) { 513 514 case DT_REL: 515 obj->rel = (const Elf_Rel *) (obj->relocbase + dynp->d_un.d_ptr); 516 break; 517 518 case DT_RELSZ: 519 obj->relsize = dynp->d_un.d_val; 520 break; 521 522 case DT_RELENT: 523 assert(dynp->d_un.d_val == sizeof(Elf_Rel)); 524 break; 525 526 case DT_JMPREL: 527 obj->pltrel = (const Elf_Rel *) 528 (obj->relocbase + dynp->d_un.d_ptr); 529 break; 530 531 case DT_PLTRELSZ: 532 obj->pltrelsize = dynp->d_un.d_val; 533 break; 534 535 case DT_RELA: 536 obj->rela = (const Elf_Rela *) (obj->relocbase + dynp->d_un.d_ptr); 537 break; 538 539 case DT_RELASZ: 540 obj->relasize = dynp->d_un.d_val; 541 break; 542 543 case DT_RELAENT: 544 assert(dynp->d_un.d_val == sizeof(Elf_Rela)); 545 break; 546 547 case DT_PLTREL: 548 plttype = dynp->d_un.d_val; 549 assert(dynp->d_un.d_val == DT_REL || plttype == DT_RELA); 550 break; 551 552 case DT_SYMTAB: 553 obj->symtab = (const Elf_Sym *) 554 (obj->relocbase + dynp->d_un.d_ptr); 555 break; 556 557 case DT_SYMENT: 558 assert(dynp->d_un.d_val == sizeof(Elf_Sym)); 559 break; 560 561 case DT_STRTAB: 562 obj->strtab = (const char *) (obj->relocbase + dynp->d_un.d_ptr); 563 break; 564 565 case DT_STRSZ: 566 obj->strsize = dynp->d_un.d_val; 567 break; 568 569 case DT_HASH: 570 { 571 const Elf_Hashelt *hashtab = (const Elf_Hashelt *) 572 (obj->relocbase + dynp->d_un.d_ptr); 573 obj->nbuckets = hashtab[0]; 574 obj->nchains = hashtab[1]; 575 obj->buckets = hashtab + 2; 576 obj->chains = obj->buckets + obj->nbuckets; 577 } 578 break; 579 580 case DT_NEEDED: 581 if (!obj->rtld) { 582 Needed_Entry *nep = NEW(Needed_Entry); 583 nep->name = dynp->d_un.d_val; 584 nep->obj = NULL; 585 nep->next = NULL; 586 587 *needed_tail = nep; 588 needed_tail = &nep->next; 589 } 590 break; 591 592 case DT_PLTGOT: 593 obj->pltgot = (Elf_Addr *) (obj->relocbase + dynp->d_un.d_ptr); 594 break; 595 596 case DT_TEXTREL: 597 obj->textrel = true; 598 break; 599 600 case DT_SYMBOLIC: 601 obj->symbolic = true; 602 break; 603 604 case DT_RPATH: 605 /* 606 * We have to wait until later to process this, because we 607 * might not have gotten the address of the string table yet. 608 */ 609 dyn_rpath = dynp; 610 break; 611 612 case DT_SONAME: 613 /* Not used by the dynamic linker. */ 614 break; 615 616 case DT_INIT: 617 obj->init = (Elf_Addr) (obj->relocbase + dynp->d_un.d_ptr); 618 break; 619 620 case DT_FINI: 621 obj->fini = (Elf_Addr) (obj->relocbase + dynp->d_un.d_ptr); 622 break; 623 624 case DT_DEBUG: 625 /* XXX - not implemented yet */ 626 if (!early) 627 dbg("Filling in DT_DEBUG entry"); 628 ((Elf_Dyn*)dynp)->d_un.d_ptr = (Elf_Addr) &r_debug; 629 break; 630 631 default: 632 if (!early) { 633 dbg("Ignoring d_tag %ld = %#lx", (long)dynp->d_tag, 634 (long)dynp->d_tag); 635 } 636 break; 637 } 638 } 639 640 obj->traced = false; 641 642 if (plttype == DT_RELA) { 643 obj->pltrela = (const Elf_Rela *) obj->pltrel; 644 obj->pltrel = NULL; 645 obj->pltrelasize = obj->pltrelsize; 646 obj->pltrelsize = 0; 647 } 648 649 if (dyn_rpath != NULL) 650 obj->rpath = obj->strtab + dyn_rpath->d_un.d_val; 651 } 652 653 /* 654 * Process a shared object's program header. This is used only for the 655 * main program, when the kernel has already loaded the main program 656 * into memory before calling the dynamic linker. It creates and 657 * returns an Obj_Entry structure. 658 */ 659 static Obj_Entry * 660 digest_phdr(const Elf_Phdr *phdr, int phnum, caddr_t entry, const char *path) 661 { 662 Obj_Entry *obj; 663 const Elf_Phdr *phlimit = phdr + phnum; 664 const Elf_Phdr *ph; 665 int nsegs = 0; 666 667 obj = obj_new(); 668 for (ph = phdr; ph < phlimit; ph++) { 669 switch (ph->p_type) { 670 671 case PT_PHDR: 672 if ((const Elf_Phdr *)ph->p_vaddr != phdr) { 673 _rtld_error("%s: invalid PT_PHDR", path); 674 return NULL; 675 } 676 obj->phdr = (const Elf_Phdr *) ph->p_vaddr; 677 obj->phsize = ph->p_memsz; 678 break; 679 680 case PT_INTERP: 681 obj->interp = (const char *) ph->p_vaddr; 682 break; 683 684 case PT_LOAD: 685 if (nsegs == 0) { /* First load segment */ 686 obj->vaddrbase = trunc_page(ph->p_vaddr); 687 obj->mapbase = (caddr_t) obj->vaddrbase; 688 obj->relocbase = obj->mapbase - obj->vaddrbase; 689 obj->textsize = round_page(ph->p_vaddr + ph->p_memsz) - 690 obj->vaddrbase; 691 } else { /* Last load segment */ 692 obj->mapsize = round_page(ph->p_vaddr + ph->p_memsz) - 693 obj->vaddrbase; 694 } 695 nsegs++; 696 break; 697 698 case PT_DYNAMIC: 699 obj->dynamic = (const Elf_Dyn *) ph->p_vaddr; 700 break; 701 } 702 } 703 if (nsegs < 1) { 704 _rtld_error("%s: too few PT_LOAD segments", path); 705 return NULL; 706 } 707 708 obj->entry = entry; 709 return obj; 710 } 711 712 static Obj_Entry * 713 dlcheck(void *handle) 714 { 715 Obj_Entry *obj; 716 717 for (obj = obj_list; obj != NULL; obj = obj->next) 718 if (obj == (Obj_Entry *) handle) 719 break; 720 721 if (obj == NULL || obj->refcount == 0 || obj->dl_refcount == 0) { 722 _rtld_error("Invalid shared object handle %p", handle); 723 return NULL; 724 } 725 return obj; 726 } 727 728 /* 729 * If the given object is already in the donelist, return true. Otherwise 730 * add the object to the list and return false. 731 */ 732 static bool 733 donelist_check(DoneList *dlp, const Obj_Entry *obj) 734 { 735 unsigned int i; 736 737 for (i = 0; i < dlp->num_used; i++) 738 if (dlp->objs[i] == obj) 739 return true; 740 /* 741 * Our donelist allocation should always be sufficient. But if 742 * our threads locking isn't working properly, more shared objects 743 * could have been loaded since we allocated the list. That should 744 * never happen, but we'll handle it properly just in case it does. 745 */ 746 if (dlp->num_used < dlp->num_alloc) 747 dlp->objs[dlp->num_used++] = obj; 748 return false; 749 } 750 751 /* 752 * Hash function for symbol table lookup. Don't even think about changing 753 * this. It is specified by the System V ABI. 754 */ 755 unsigned long 756 elf_hash(const char *name) 757 { 758 const unsigned char *p = (const unsigned char *) name; 759 unsigned long h = 0; 760 unsigned long g; 761 762 while (*p != '\0') { 763 h = (h << 4) + *p++; 764 if ((g = h & 0xf0000000) != 0) 765 h ^= g >> 24; 766 h &= ~g; 767 } 768 return h; 769 } 770 771 /* 772 * Find the library with the given name, and return its full pathname. 773 * The returned string is dynamically allocated. Generates an error 774 * message and returns NULL if the library cannot be found. 775 * 776 * If the second argument is non-NULL, then it refers to an already- 777 * loaded shared object, whose library search path will be searched. 778 * 779 * The search order is: 780 * rpath in the referencing file 781 * LD_LIBRARY_PATH 782 * ldconfig hints 783 * /usr/lib 784 */ 785 static char * 786 find_library(const char *xname, const Obj_Entry *refobj) 787 { 788 char *pathname; 789 char *name; 790 791 if (strchr(xname, '/') != NULL) { /* Hard coded pathname */ 792 if (xname[0] != '/' && !trust) { 793 _rtld_error("Absolute pathname required for shared object \"%s\"", 794 xname); 795 return NULL; 796 } 797 return xstrdup(xname); 798 } 799 800 #ifdef WITH_LIBMAP 801 if (libmap_disable || (name = lm_find(refobj->path, xname)) == NULL) 802 #endif 803 name = (char *)xname; 804 805 dbg(" Searching for \"%s\"", name); 806 807 if ((pathname = search_library_path(name, ld_library_path)) != NULL || 808 (refobj != NULL && 809 (pathname = search_library_path(name, refobj->rpath)) != NULL) || 810 (pathname = search_library_path(name, gethints())) != NULL || 811 (pathname = search_library_path(name, STANDARD_LIBRARY_PATH)) != NULL) 812 return pathname; 813 814 _rtld_error("Shared object \"%s\" not found", name); 815 return NULL; 816 } 817 818 /* 819 * Given a symbol number in a referencing object, find the corresponding 820 * definition of the symbol. Returns a pointer to the symbol, or NULL if 821 * no definition was found. Returns a pointer to the Obj_Entry of the 822 * defining object via the reference parameter DEFOBJ_OUT. 823 */ 824 const Elf_Sym * 825 find_symdef(unsigned long symnum, const Obj_Entry *refobj, 826 const Obj_Entry **defobj_out, bool in_plt, SymCache *cache) 827 { 828 const Elf_Sym *ref; 829 const Elf_Sym *def; 830 const Obj_Entry *defobj; 831 const char *name; 832 unsigned long hash; 833 834 /* 835 * If we have already found this symbol, get the information from 836 * the cache. 837 */ 838 if (symnum >= refobj->nchains) 839 return NULL; /* Bad object */ 840 if (cache != NULL && cache[symnum].sym != NULL) { 841 *defobj_out = cache[symnum].obj; 842 return cache[symnum].sym; 843 } 844 845 ref = refobj->symtab + symnum; 846 name = refobj->strtab + ref->st_name; 847 defobj = NULL; 848 849 /* 850 * We don't have to do a full scale lookup if the symbol is local. 851 * We know it will bind to the instance in this load module; to 852 * which we already have a pointer (ie ref). By not doing a lookup, 853 * we not only improve performance, but it also avoids unresolvable 854 * symbols when local symbols are not in the hash table. This has 855 * been seen with the ia64 toolchain. 856 */ 857 if (ELF_ST_BIND(ref->st_info) != STB_LOCAL) { 858 if (ELF_ST_TYPE(ref->st_info) == STT_SECTION) { 859 _rtld_error("%s: Bogus symbol table entry %lu", refobj->path, 860 symnum); 861 } 862 hash = elf_hash(name); 863 def = symlook_default(name, hash, refobj, &defobj, in_plt); 864 } else { 865 def = ref; 866 defobj = refobj; 867 } 868 869 /* 870 * If we found no definition and the reference is weak, treat the 871 * symbol as having the value zero. 872 */ 873 if (def == NULL && ELF_ST_BIND(ref->st_info) == STB_WEAK) { 874 def = &sym_zero; 875 defobj = obj_main; 876 } 877 878 if (def != NULL) { 879 *defobj_out = defobj; 880 /* Record the information in the cache to avoid subsequent lookups. */ 881 if (cache != NULL) { 882 cache[symnum].sym = def; 883 cache[symnum].obj = defobj; 884 } 885 } else { 886 if (refobj != &obj_rtld) 887 _rtld_error("%s: Undefined symbol \"%s\"", refobj->path, name); 888 } 889 return def; 890 } 891 892 /* 893 * Return the search path from the ldconfig hints file, reading it if 894 * necessary. Returns NULL if there are problems with the hints file, 895 * or if the search path there is empty. 896 */ 897 static const char * 898 gethints(void) 899 { 900 static char *hints; 901 902 if (hints == NULL) { 903 int fd; 904 struct elfhints_hdr hdr; 905 char *p; 906 907 /* Keep from trying again in case the hints file is bad. */ 908 hints = ""; 909 910 if ((fd = open(_PATH_ELF_HINTS, O_RDONLY)) == -1) 911 return NULL; 912 if (read(fd, &hdr, sizeof hdr) != sizeof hdr || 913 hdr.magic != ELFHINTS_MAGIC || 914 hdr.version != 1) { 915 close(fd); 916 return NULL; 917 } 918 p = xmalloc(hdr.dirlistlen + 1); 919 if (lseek(fd, hdr.strtab + hdr.dirlist, SEEK_SET) == -1 || 920 read(fd, p, hdr.dirlistlen + 1) != (ssize_t)hdr.dirlistlen + 1) { 921 free(p); 922 close(fd); 923 return NULL; 924 } 925 hints = p; 926 close(fd); 927 } 928 return hints[0] != '\0' ? hints : NULL; 929 } 930 931 static void 932 init_dag(Obj_Entry *root) 933 { 934 DoneList donelist; 935 936 donelist_init(&donelist); 937 init_dag1(root, root, &donelist); 938 } 939 940 static void 941 init_dag1(Obj_Entry *root, Obj_Entry *obj, DoneList *dlp) 942 { 943 const Needed_Entry *needed; 944 945 if (donelist_check(dlp, obj)) 946 return; 947 948 obj->refcount++; 949 objlist_push_tail(&obj->dldags, root); 950 objlist_push_tail(&root->dagmembers, obj); 951 for (needed = obj->needed; needed != NULL; needed = needed->next) 952 if (needed->obj != NULL) 953 init_dag1(root, needed->obj, dlp); 954 } 955 956 /* 957 * Initialize the dynamic linker. The argument is the address at which 958 * the dynamic linker has been mapped into memory. The primary task of 959 * this function is to relocate the dynamic linker. 960 */ 961 static void 962 init_rtld(caddr_t mapbase) 963 { 964 Obj_Entry objtmp; /* Temporary rtld object */ 965 966 /* 967 * Conjure up an Obj_Entry structure for the dynamic linker. 968 * 969 * The "path" member can't be initialized yet because string constatns 970 * cannot yet be acessed. Below we will set it correctly. 971 */ 972 objtmp.path = NULL; 973 objtmp.rtld = true; 974 objtmp.mapbase = mapbase; 975 #ifdef PIC 976 objtmp.relocbase = mapbase; 977 #endif 978 if (&_DYNAMIC != 0) { 979 objtmp.dynamic = rtld_dynamic(&objtmp); 980 digest_dynamic(&objtmp, 1); 981 assert(objtmp.needed == NULL); 982 assert(!objtmp.textrel); 983 984 /* 985 * Temporarily put the dynamic linker entry into the object list, so 986 * that symbols can be found. 987 */ 988 989 relocate_objects(&objtmp, true, &objtmp); 990 } 991 992 /* Initialize the object list. */ 993 obj_tail = &obj_list; 994 995 /* Now that non-local variables can be accesses, copy out obj_rtld. */ 996 memcpy(&obj_rtld, &objtmp, sizeof(obj_rtld)); 997 998 /* Replace the path with a dynamically allocated copy. */ 999 obj_rtld.path = xstrdup(PATH_RTLD); 1000 1001 r_debug.r_brk = r_debug_state; 1002 r_debug.r_state = RT_CONSISTENT; 1003 } 1004 1005 /* 1006 * Add the init functions from a needed object list (and its recursive 1007 * needed objects) to "list". This is not used directly; it is a helper 1008 * function for initlist_add_objects(). The write lock must be held 1009 * when this function is called. 1010 */ 1011 static void 1012 initlist_add_neededs(Needed_Entry *needed, Objlist *list) 1013 { 1014 /* Recursively process the successor needed objects. */ 1015 if (needed->next != NULL) 1016 initlist_add_neededs(needed->next, list); 1017 1018 /* Process the current needed object. */ 1019 if (needed->obj != NULL) 1020 initlist_add_objects(needed->obj, &needed->obj->next, list); 1021 } 1022 1023 /* 1024 * Scan all of the DAGs rooted in the range of objects from "obj" to 1025 * "tail" and add their init functions to "list". This recurses over 1026 * the DAGs and ensure the proper init ordering such that each object's 1027 * needed libraries are initialized before the object itself. At the 1028 * same time, this function adds the objects to the global finalization 1029 * list "list_fini" in the opposite order. The write lock must be 1030 * held when this function is called. 1031 */ 1032 static void 1033 initlist_add_objects(Obj_Entry *obj, Obj_Entry **tail, Objlist *list) 1034 { 1035 if (obj->init_done) 1036 return; 1037 obj->init_done = true; 1038 1039 /* Recursively process the successor objects. */ 1040 if (&obj->next != tail) 1041 initlist_add_objects(obj->next, tail, list); 1042 1043 /* Recursively process the needed objects. */ 1044 if (obj->needed != NULL) 1045 initlist_add_neededs(obj->needed, list); 1046 1047 /* Add the object to the init list. */ 1048 if (obj->init != NULL) 1049 objlist_push_tail(list, obj); 1050 1051 /* Add the object to the global fini list in the reverse order. */ 1052 if (obj->fini != NULL) 1053 objlist_push_head(&list_fini, obj); 1054 } 1055 1056 #ifndef FPTR_TARGET 1057 #define FPTR_TARGET(f) ((Elf_Addr) (f)) 1058 #endif 1059 1060 static bool 1061 is_exported(const Elf_Sym *def) 1062 { 1063 Elf_Addr value; 1064 const func_ptr_type *p; 1065 1066 value = (Elf_Addr)(obj_rtld.relocbase + def->st_value); 1067 for (p = exports; *p != NULL; p++) 1068 if (FPTR_TARGET(*p) == value) 1069 return true; 1070 return false; 1071 } 1072 1073 /* 1074 * Given a shared object, traverse its list of needed objects, and load 1075 * each of them. Returns 0 on success. Generates an error message and 1076 * returns -1 on failure. 1077 */ 1078 static int 1079 load_needed_objects(Obj_Entry *first) 1080 { 1081 Obj_Entry *obj; 1082 1083 for (obj = first; obj != NULL; obj = obj->next) { 1084 Needed_Entry *needed; 1085 1086 for (needed = obj->needed; needed != NULL; needed = needed->next) { 1087 const char *name = obj->strtab + needed->name; 1088 char *path = find_library(name, obj); 1089 1090 needed->obj = NULL; 1091 if (path == NULL && !ld_tracing) 1092 return -1; 1093 1094 if (path) { 1095 needed->obj = load_object(path); 1096 if (needed->obj == NULL && !ld_tracing) 1097 return -1; /* XXX - cleanup */ 1098 } 1099 } 1100 } 1101 1102 return 0; 1103 } 1104 1105 static int 1106 load_preload_objects(void) 1107 { 1108 char *p = ld_preload; 1109 static const char delim[] = " \t:;"; 1110 1111 if (p == NULL) 1112 return NULL; 1113 1114 p += strspn(p, delim); 1115 while (*p != '\0') { 1116 size_t len = strcspn(p, delim); 1117 char *path; 1118 char savech; 1119 1120 savech = p[len]; 1121 p[len] = '\0'; 1122 if ((path = find_library(p, NULL)) == NULL) 1123 return -1; 1124 if (load_object(path) == NULL) 1125 return -1; /* XXX - cleanup */ 1126 p[len] = savech; 1127 p += len; 1128 p += strspn(p, delim); 1129 } 1130 return 0; 1131 } 1132 1133 /* 1134 * Load a shared object into memory, if it is not already loaded. The 1135 * argument must be a string allocated on the heap. This function assumes 1136 * responsibility for freeing it when necessary. 1137 * 1138 * Returns a pointer to the Obj_Entry for the object. Returns NULL 1139 * on failure. 1140 */ 1141 static Obj_Entry * 1142 load_object(char *path) 1143 { 1144 Obj_Entry *obj; 1145 int fd = -1; 1146 struct stat sb; 1147 1148 for (obj = obj_list->next; obj != NULL; obj = obj->next) 1149 if (strcmp(obj->path, path) == 0) 1150 break; 1151 1152 /* 1153 * If we didn't find a match by pathname, open the file and check 1154 * again by device and inode. This avoids false mismatches caused 1155 * by multiple links or ".." in pathnames. 1156 * 1157 * To avoid a race, we open the file and use fstat() rather than 1158 * using stat(). 1159 */ 1160 if (obj == NULL) { 1161 if ((fd = open(path, O_RDONLY)) == -1) { 1162 _rtld_error("Cannot open \"%s\"", path); 1163 return NULL; 1164 } 1165 if (fstat(fd, &sb) == -1) { 1166 _rtld_error("Cannot fstat \"%s\"", path); 1167 close(fd); 1168 return NULL; 1169 } 1170 for (obj = obj_list->next; obj != NULL; obj = obj->next) { 1171 if (obj->ino == sb.st_ino && obj->dev == sb.st_dev) { 1172 close(fd); 1173 break; 1174 } 1175 } 1176 } 1177 1178 if (obj == NULL) { /* First use of this object, so we must map it in */ 1179 dbg("loading \"%s\"", path); 1180 obj = map_object(fd, path, &sb); 1181 close(fd); 1182 if (obj == NULL) { 1183 free(path); 1184 return NULL; 1185 } 1186 1187 obj->path = path; 1188 digest_dynamic(obj, 0); 1189 1190 *obj_tail = obj; 1191 obj_tail = &obj->next; 1192 obj_count++; 1193 linkmap_add(obj); /* for GDB & dlinfo() */ 1194 1195 dbg(" %p .. %p: %s", obj->mapbase, 1196 obj->mapbase + obj->mapsize - 1, obj->path); 1197 if (obj->textrel) 1198 dbg(" WARNING: %s has impure text", obj->path); 1199 } else 1200 free(path); 1201 1202 return obj; 1203 } 1204 1205 static Obj_Entry * 1206 obj_from_addr(const void *addr) 1207 { 1208 unsigned long endhash; 1209 Obj_Entry *obj; 1210 1211 endhash = elf_hash(END_SYM); 1212 for (obj = obj_list; obj != NULL; obj = obj->next) { 1213 const Elf_Sym *endsym; 1214 1215 if (addr < (void *) obj->mapbase) 1216 continue; 1217 if ((endsym = symlook_obj(END_SYM, endhash, obj, true)) == NULL) 1218 continue; /* No "end" symbol?! */ 1219 if (addr < (void *) (obj->relocbase + endsym->st_value)) 1220 return obj; 1221 } 1222 return NULL; 1223 } 1224 1225 /* 1226 * Call the finalization functions for each of the objects in "list" 1227 * which are unreferenced. All of the objects are expected to have 1228 * non-NULL fini functions. 1229 */ 1230 static void 1231 objlist_call_fini(Objlist *list) 1232 { 1233 Objlist_Entry *elm; 1234 char *saved_msg; 1235 1236 /* 1237 * Preserve the current error message since a fini function might 1238 * call into the dynamic linker and overwrite it. 1239 */ 1240 saved_msg = errmsg_save(); 1241 STAILQ_FOREACH(elm, list, link) { 1242 if (elm->obj->refcount == 0) { 1243 dbg("calling fini function for %s at %p", elm->obj->path, 1244 (void *)elm->obj->fini); 1245 call_initfini_pointer(elm->obj, elm->obj->fini); 1246 } 1247 } 1248 errmsg_restore(saved_msg); 1249 } 1250 1251 /* 1252 * Call the initialization functions for each of the objects in 1253 * "list". All of the objects are expected to have non-NULL init 1254 * functions. 1255 */ 1256 static void 1257 objlist_call_init(Objlist *list) 1258 { 1259 Objlist_Entry *elm; 1260 char *saved_msg; 1261 1262 /* 1263 * Preserve the current error message since an init function might 1264 * call into the dynamic linker and overwrite it. 1265 */ 1266 saved_msg = errmsg_save(); 1267 STAILQ_FOREACH(elm, list, link) { 1268 dbg("calling init function for %s at %p", elm->obj->path, 1269 (void *)elm->obj->init); 1270 call_initfini_pointer(elm->obj, elm->obj->init); 1271 } 1272 errmsg_restore(saved_msg); 1273 } 1274 1275 static void 1276 objlist_clear(Objlist *list) 1277 { 1278 Objlist_Entry *elm; 1279 1280 while (!STAILQ_EMPTY(list)) { 1281 elm = STAILQ_FIRST(list); 1282 STAILQ_REMOVE_HEAD(list, link); 1283 free(elm); 1284 } 1285 } 1286 1287 static Objlist_Entry * 1288 objlist_find(Objlist *list, const Obj_Entry *obj) 1289 { 1290 Objlist_Entry *elm; 1291 1292 STAILQ_FOREACH(elm, list, link) 1293 if (elm->obj == obj) 1294 return elm; 1295 return NULL; 1296 } 1297 1298 static void 1299 objlist_init(Objlist *list) 1300 { 1301 STAILQ_INIT(list); 1302 } 1303 1304 static void 1305 objlist_push_head(Objlist *list, Obj_Entry *obj) 1306 { 1307 Objlist_Entry *elm; 1308 1309 elm = NEW(Objlist_Entry); 1310 elm->obj = obj; 1311 STAILQ_INSERT_HEAD(list, elm, link); 1312 } 1313 1314 static void 1315 objlist_push_tail(Objlist *list, Obj_Entry *obj) 1316 { 1317 Objlist_Entry *elm; 1318 1319 elm = NEW(Objlist_Entry); 1320 elm->obj = obj; 1321 STAILQ_INSERT_TAIL(list, elm, link); 1322 } 1323 1324 static void 1325 objlist_remove(Objlist *list, Obj_Entry *obj) 1326 { 1327 Objlist_Entry *elm; 1328 1329 if ((elm = objlist_find(list, obj)) != NULL) { 1330 STAILQ_REMOVE(list, elm, Struct_Objlist_Entry, link); 1331 free(elm); 1332 } 1333 } 1334 1335 /* 1336 * Remove all of the unreferenced objects from "list". 1337 */ 1338 static void 1339 objlist_remove_unref(Objlist *list) 1340 { 1341 Objlist newlist; 1342 Objlist_Entry *elm; 1343 1344 STAILQ_INIT(&newlist); 1345 while (!STAILQ_EMPTY(list)) { 1346 elm = STAILQ_FIRST(list); 1347 STAILQ_REMOVE_HEAD(list, link); 1348 if (elm->obj->refcount == 0) 1349 free(elm); 1350 else 1351 STAILQ_INSERT_TAIL(&newlist, elm, link); 1352 } 1353 *list = newlist; 1354 } 1355 1356 /* 1357 * Relocate newly-loaded shared objects. The argument is a pointer to 1358 * the Obj_Entry for the first such object. All objects from the first 1359 * to the end of the list of objects are relocated. Returns 0 on success, 1360 * or -1 on failure. 1361 */ 1362 static int 1363 relocate_objects(Obj_Entry *first, bool bind_now, Obj_Entry *rtldobj) 1364 { 1365 Obj_Entry *obj; 1366 1367 for (obj = first; obj != NULL; obj = obj->next) { 1368 if (obj != rtldobj) 1369 dbg("relocating \"%s\"", obj->path); 1370 if (obj->nbuckets == 0 || obj->nchains == 0 || obj->buckets == NULL || 1371 obj->symtab == NULL || obj->strtab == NULL) { 1372 _rtld_error("%s: Shared object has no run-time symbol table", 1373 obj->path); 1374 return -1; 1375 } 1376 1377 if (obj->textrel) { 1378 /* There are relocations to the write-protected text segment. */ 1379 if (mprotect(obj->mapbase, obj->textsize, 1380 PROT_READ|PROT_WRITE|PROT_EXEC) == -1) { 1381 _rtld_error("%s: Cannot write-enable text segment: %s", 1382 obj->path, strerror(errno)); 1383 return -1; 1384 } 1385 } 1386 1387 /* Process the non-PLT relocations. */ 1388 if (reloc_non_plt(obj, rtldobj)) 1389 return -1; 1390 1391 if (obj->textrel) { /* Re-protected the text segment. */ 1392 if (mprotect(obj->mapbase, obj->textsize, 1393 PROT_READ|PROT_EXEC) == -1) { 1394 _rtld_error("%s: Cannot write-protect text segment: %s", 1395 obj->path, strerror(errno)); 1396 return -1; 1397 } 1398 } 1399 1400 /* Process the PLT relocations. */ 1401 if (reloc_plt(obj) == -1) 1402 return -1; 1403 /* Relocate the jump slots if we are doing immediate binding. */ 1404 if (bind_now) 1405 if (reloc_jmpslots(obj) == -1) 1406 return -1; 1407 1408 1409 /* 1410 * Set up the magic number and version in the Obj_Entry. These 1411 * were checked in the crt1.o from the original ElfKit, so we 1412 * set them for backward compatibility. 1413 */ 1414 obj->magic = RTLD_MAGIC; 1415 obj->version = RTLD_VERSION; 1416 1417 /* Set the special PLT or GOT entries. */ 1418 init_pltgot(obj); 1419 } 1420 1421 return 0; 1422 } 1423 1424 /* 1425 * Cleanup procedure. It will be called (by the atexit mechanism) just 1426 * before the process exits. 1427 */ 1428 static void 1429 rtld_exit(void) 1430 { 1431 Obj_Entry *obj; 1432 1433 dbg("rtld_exit()"); 1434 /* Clear all the reference counts so the fini functions will be called. */ 1435 for (obj = obj_list; obj != NULL; obj = obj->next) 1436 obj->refcount = 0; 1437 objlist_call_fini(&list_fini); 1438 /* No need to remove the items from the list, since we are exiting. */ 1439 #ifdef WITH_LIBMAP 1440 if (!libmap_disable) 1441 lm_fini(); 1442 #endif 1443 } 1444 1445 static void * 1446 path_enumerate(const char *path, path_enum_proc callback, void *arg) 1447 { 1448 if (path == NULL) 1449 return (NULL); 1450 1451 path += strspn(path, ":;"); 1452 while (*path != '\0') { 1453 size_t len; 1454 char *res; 1455 1456 len = strcspn(path, ":;"); 1457 res = callback(path, len, arg); 1458 1459 if (res != NULL) 1460 return (res); 1461 1462 path += len; 1463 path += strspn(path, ":;"); 1464 } 1465 1466 return (NULL); 1467 } 1468 1469 struct try_library_args { 1470 const char *name; 1471 size_t namelen; 1472 char *buffer; 1473 size_t buflen; 1474 }; 1475 1476 static void * 1477 try_library_path(const char *dir, size_t dirlen, void *param) 1478 { 1479 struct try_library_args *arg; 1480 1481 arg = param; 1482 if (*dir == '/' || trust) { 1483 char *pathname; 1484 1485 if (dirlen + 1 + arg->namelen + 1 > arg->buflen) 1486 return (NULL); 1487 1488 pathname = arg->buffer; 1489 strncpy(pathname, dir, dirlen); 1490 pathname[dirlen] = '/'; 1491 strcpy(pathname + dirlen + 1, arg->name); 1492 1493 dbg(" Trying \"%s\"", pathname); 1494 if (access(pathname, F_OK) == 0) { /* We found it */ 1495 pathname = xmalloc(dirlen + 1 + arg->namelen + 1); 1496 strcpy(pathname, arg->buffer); 1497 return (pathname); 1498 } 1499 } 1500 return (NULL); 1501 } 1502 1503 static char * 1504 search_library_path(const char *name, const char *path) 1505 { 1506 char *p; 1507 struct try_library_args arg; 1508 1509 if (path == NULL) 1510 return NULL; 1511 1512 arg.name = name; 1513 arg.namelen = strlen(name); 1514 arg.buffer = xmalloc(PATH_MAX); 1515 arg.buflen = PATH_MAX; 1516 1517 p = path_enumerate(path, try_library_path, &arg); 1518 1519 free(arg.buffer); 1520 1521 return (p); 1522 } 1523 1524 int 1525 dlclose(void *handle) 1526 { 1527 Obj_Entry *root; 1528 int lockstate; 1529 1530 lockstate = wlock_acquire(rtld_bind_lock); 1531 root = dlcheck(handle); 1532 if (root == NULL) { 1533 wlock_release(rtld_bind_lock, lockstate); 1534 return -1; 1535 } 1536 1537 /* Unreference the object and its dependencies. */ 1538 root->dl_refcount--; 1539 1540 unref_dag(root); 1541 1542 if (root->refcount == 0) { 1543 /* 1544 * The object is no longer referenced, so we must unload it. 1545 * First, call the fini functions with no locks held. 1546 */ 1547 wlock_release(rtld_bind_lock, lockstate); 1548 objlist_call_fini(&list_fini); 1549 lockstate = wlock_acquire(rtld_bind_lock); 1550 objlist_remove_unref(&list_fini); 1551 1552 /* Finish cleaning up the newly-unreferenced objects. */ 1553 GDB_STATE(RT_DELETE,&root->linkmap); 1554 unload_object(root); 1555 GDB_STATE(RT_CONSISTENT,NULL); 1556 } 1557 wlock_release(rtld_bind_lock, lockstate); 1558 return 0; 1559 } 1560 1561 const char * 1562 dlerror(void) 1563 { 1564 char *msg = error_message; 1565 error_message = NULL; 1566 return msg; 1567 } 1568 1569 /* 1570 * This function is deprecated and has no effect. 1571 */ 1572 void 1573 dllockinit(void *context, 1574 void *(*lock_create)(void *context), 1575 void (*rlock_acquire)(void *lock), 1576 void (*wlock_acquire)(void *lock), 1577 void (*lock_release)(void *lock), 1578 void (*lock_destroy)(void *lock), 1579 void (*context_destroy)(void *context)) 1580 { 1581 static void *cur_context; 1582 static void (*cur_context_destroy)(void *); 1583 1584 /* Just destroy the context from the previous call, if necessary. */ 1585 if (cur_context_destroy != NULL) 1586 cur_context_destroy(cur_context); 1587 cur_context = context; 1588 cur_context_destroy = context_destroy; 1589 } 1590 1591 void * 1592 dlopen(const char *name, int mode) 1593 { 1594 Obj_Entry **old_obj_tail; 1595 Obj_Entry *obj; 1596 Objlist initlist; 1597 int result, lockstate; 1598 1599 ld_tracing = (mode & RTLD_TRACE) == 0 ? NULL : "1"; 1600 if (ld_tracing != NULL) 1601 environ = (char **)*get_program_var_addr("environ"); 1602 1603 objlist_init(&initlist); 1604 1605 lockstate = wlock_acquire(rtld_bind_lock); 1606 GDB_STATE(RT_ADD,NULL); 1607 1608 old_obj_tail = obj_tail; 1609 obj = NULL; 1610 if (name == NULL) { 1611 obj = obj_main; 1612 obj->refcount++; 1613 } else { 1614 char *path = find_library(name, obj_main); 1615 if (path != NULL) 1616 obj = load_object(path); 1617 } 1618 1619 if (obj) { 1620 obj->dl_refcount++; 1621 if (mode & RTLD_GLOBAL && objlist_find(&list_global, obj) == NULL) 1622 objlist_push_tail(&list_global, obj); 1623 mode &= RTLD_MODEMASK; 1624 if (*old_obj_tail != NULL) { /* We loaded something new. */ 1625 assert(*old_obj_tail == obj); 1626 1627 result = load_needed_objects(obj); 1628 if (result != -1 && ld_tracing) 1629 goto trace; 1630 1631 if (result == -1 || 1632 (init_dag(obj), relocate_objects(obj, mode == RTLD_NOW, 1633 &obj_rtld)) == -1) { 1634 obj->dl_refcount--; 1635 unref_dag(obj); 1636 if (obj->refcount == 0) 1637 unload_object(obj); 1638 obj = NULL; 1639 } else { 1640 /* Make list of init functions to call. */ 1641 initlist_add_objects(obj, &obj->next, &initlist); 1642 } 1643 } else { 1644 1645 /* Bump the reference counts for objects on this DAG. */ 1646 ref_dag(obj); 1647 1648 if (ld_tracing) 1649 goto trace; 1650 } 1651 } 1652 1653 GDB_STATE(RT_CONSISTENT,obj ? &obj->linkmap : NULL); 1654 1655 /* Call the init functions with no locks held. */ 1656 wlock_release(rtld_bind_lock, lockstate); 1657 objlist_call_init(&initlist); 1658 lockstate = wlock_acquire(rtld_bind_lock); 1659 objlist_clear(&initlist); 1660 wlock_release(rtld_bind_lock, lockstate); 1661 return obj; 1662 trace: 1663 trace_loaded_objects(obj); 1664 wlock_release(rtld_bind_lock, lockstate); 1665 exit(0); 1666 } 1667 1668 void * 1669 dlsym(void *handle, const char *name) 1670 { 1671 const Obj_Entry *obj; 1672 unsigned long hash; 1673 const Elf_Sym *def; 1674 const Obj_Entry *defobj; 1675 int lockstate; 1676 1677 hash = elf_hash(name); 1678 def = NULL; 1679 defobj = NULL; 1680 1681 lockstate = rlock_acquire(rtld_bind_lock); 1682 if (handle == NULL || handle == RTLD_NEXT || 1683 handle == RTLD_DEFAULT || handle == RTLD_SELF) { 1684 void *retaddr; 1685 1686 retaddr = __builtin_return_address(0); /* __GNUC__ only */ 1687 if ((obj = obj_from_addr(retaddr)) == NULL) { 1688 _rtld_error("Cannot determine caller's shared object"); 1689 rlock_release(rtld_bind_lock, lockstate); 1690 return NULL; 1691 } 1692 if (handle == NULL) { /* Just the caller's shared object. */ 1693 def = symlook_obj(name, hash, obj, true); 1694 defobj = obj; 1695 } else if (handle == RTLD_NEXT || /* Objects after caller's */ 1696 handle == RTLD_SELF) { /* ... caller included */ 1697 if (handle == RTLD_NEXT) 1698 obj = obj->next; 1699 for (; obj != NULL; obj = obj->next) { 1700 if ((def = symlook_obj(name, hash, obj, true)) != NULL) { 1701 defobj = obj; 1702 break; 1703 } 1704 } 1705 } else { 1706 assert(handle == RTLD_DEFAULT); 1707 def = symlook_default(name, hash, obj, &defobj, true); 1708 } 1709 } else { 1710 if ((obj = dlcheck(handle)) == NULL) { 1711 rlock_release(rtld_bind_lock, lockstate); 1712 return NULL; 1713 } 1714 1715 if (obj->mainprog) { 1716 DoneList donelist; 1717 1718 /* Search main program and all libraries loaded by it. */ 1719 donelist_init(&donelist); 1720 def = symlook_list(name, hash, &list_main, &defobj, true, 1721 &donelist); 1722 } else { 1723 /* 1724 * XXX - This isn't correct. The search should include the whole 1725 * DAG rooted at the given object. 1726 */ 1727 def = symlook_obj(name, hash, obj, true); 1728 defobj = obj; 1729 } 1730 } 1731 1732 if (def != NULL) { 1733 rlock_release(rtld_bind_lock, lockstate); 1734 1735 /* 1736 * The value required by the caller is derived from the value 1737 * of the symbol. For the ia64 architecture, we need to 1738 * construct a function descriptor which the caller can use to 1739 * call the function with the right 'gp' value. For other 1740 * architectures and for non-functions, the value is simply 1741 * the relocated value of the symbol. 1742 */ 1743 if (ELF_ST_TYPE(def->st_info) == STT_FUNC) 1744 return make_function_pointer(def, defobj); 1745 else 1746 return defobj->relocbase + def->st_value; 1747 } 1748 1749 _rtld_error("Undefined symbol \"%s\"", name); 1750 rlock_release(rtld_bind_lock, lockstate); 1751 return NULL; 1752 } 1753 1754 int 1755 dladdr(const void *addr, Dl_info *info) 1756 { 1757 const Obj_Entry *obj; 1758 const Elf_Sym *def; 1759 void *symbol_addr; 1760 unsigned long symoffset; 1761 int lockstate; 1762 1763 lockstate = rlock_acquire(rtld_bind_lock); 1764 obj = obj_from_addr(addr); 1765 if (obj == NULL) { 1766 _rtld_error("No shared object contains address"); 1767 rlock_release(rtld_bind_lock, lockstate); 1768 return 0; 1769 } 1770 info->dli_fname = obj->path; 1771 info->dli_fbase = obj->mapbase; 1772 info->dli_saddr = (void *)0; 1773 info->dli_sname = NULL; 1774 1775 /* 1776 * Walk the symbol list looking for the symbol whose address is 1777 * closest to the address sent in. 1778 */ 1779 for (symoffset = 0; symoffset < obj->nchains; symoffset++) { 1780 def = obj->symtab + symoffset; 1781 1782 /* 1783 * For skip the symbol if st_shndx is either SHN_UNDEF or 1784 * SHN_COMMON. 1785 */ 1786 if (def->st_shndx == SHN_UNDEF || def->st_shndx == SHN_COMMON) 1787 continue; 1788 1789 /* 1790 * If the symbol is greater than the specified address, or if it 1791 * is further away from addr than the current nearest symbol, 1792 * then reject it. 1793 */ 1794 symbol_addr = obj->relocbase + def->st_value; 1795 if (symbol_addr > addr || symbol_addr < info->dli_saddr) 1796 continue; 1797 1798 /* Update our idea of the nearest symbol. */ 1799 info->dli_sname = obj->strtab + def->st_name; 1800 info->dli_saddr = symbol_addr; 1801 1802 /* Exact match? */ 1803 if (info->dli_saddr == addr) 1804 break; 1805 } 1806 rlock_release(rtld_bind_lock, lockstate); 1807 return 1; 1808 } 1809 1810 int 1811 dlinfo(void *handle, int request, void *p) 1812 { 1813 const Obj_Entry *obj; 1814 int error, lockstate; 1815 1816 lockstate = rlock_acquire(rtld_bind_lock); 1817 1818 if (handle == NULL || handle == RTLD_SELF) { 1819 void *retaddr; 1820 1821 retaddr = __builtin_return_address(0); /* __GNUC__ only */ 1822 if ((obj = obj_from_addr(retaddr)) == NULL) 1823 _rtld_error("Cannot determine caller's shared object"); 1824 } else 1825 obj = dlcheck(handle); 1826 1827 if (obj == NULL) { 1828 rlock_release(rtld_bind_lock, lockstate); 1829 return (-1); 1830 } 1831 1832 error = 0; 1833 switch (request) { 1834 case RTLD_DI_LINKMAP: 1835 *((struct link_map const **)p) = &obj->linkmap; 1836 break; 1837 case RTLD_DI_ORIGIN: 1838 error = rtld_dirname(obj->path, p); 1839 break; 1840 1841 case RTLD_DI_SERINFOSIZE: 1842 case RTLD_DI_SERINFO: 1843 error = do_search_info(obj, request, (struct dl_serinfo *)p); 1844 break; 1845 1846 default: 1847 _rtld_error("Invalid request %d passed to dlinfo()", request); 1848 error = -1; 1849 } 1850 1851 rlock_release(rtld_bind_lock, lockstate); 1852 1853 return (error); 1854 } 1855 1856 struct fill_search_info_args { 1857 int request; 1858 unsigned int flags; 1859 Dl_serinfo *serinfo; 1860 Dl_serpath *serpath; 1861 char *strspace; 1862 }; 1863 1864 static void * 1865 fill_search_info(const char *dir, size_t dirlen, void *param) 1866 { 1867 struct fill_search_info_args *arg; 1868 1869 arg = param; 1870 1871 if (arg->request == RTLD_DI_SERINFOSIZE) { 1872 arg->serinfo->dls_cnt ++; 1873 arg->serinfo->dls_size += dirlen + 1; 1874 } else { 1875 struct dl_serpath *s_entry; 1876 1877 s_entry = arg->serpath; 1878 s_entry->dls_name = arg->strspace; 1879 s_entry->dls_flags = arg->flags; 1880 1881 strncpy(arg->strspace, dir, dirlen); 1882 arg->strspace[dirlen] = '\0'; 1883 1884 arg->strspace += dirlen + 1; 1885 arg->serpath++; 1886 } 1887 1888 return (NULL); 1889 } 1890 1891 static int 1892 do_search_info(const Obj_Entry *obj, int request, struct dl_serinfo *info) 1893 { 1894 struct dl_serinfo _info; 1895 struct fill_search_info_args args; 1896 1897 args.request = RTLD_DI_SERINFOSIZE; 1898 args.serinfo = &_info; 1899 1900 _info.dls_size = __offsetof(struct dl_serinfo, dls_serpath); 1901 _info.dls_cnt = 0; 1902 1903 path_enumerate(ld_library_path, fill_search_info, &args); 1904 path_enumerate(obj->rpath, fill_search_info, &args); 1905 path_enumerate(gethints(), fill_search_info, &args); 1906 path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &args); 1907 1908 1909 if (request == RTLD_DI_SERINFOSIZE) { 1910 info->dls_size = _info.dls_size; 1911 info->dls_cnt = _info.dls_cnt; 1912 return (0); 1913 } 1914 1915 if (info->dls_cnt != _info.dls_cnt || info->dls_size != _info.dls_size) { 1916 _rtld_error("Uninitialized Dl_serinfo struct passed to dlinfo()"); 1917 return (-1); 1918 } 1919 1920 args.request = RTLD_DI_SERINFO; 1921 args.serinfo = info; 1922 args.serpath = &info->dls_serpath[0]; 1923 args.strspace = (char *)&info->dls_serpath[_info.dls_cnt]; 1924 1925 args.flags = LA_SER_LIBPATH; 1926 if (path_enumerate(ld_library_path, fill_search_info, &args) != NULL) 1927 return (-1); 1928 1929 args.flags = LA_SER_RUNPATH; 1930 if (path_enumerate(obj->rpath, fill_search_info, &args) != NULL) 1931 return (-1); 1932 1933 args.flags = LA_SER_CONFIG; 1934 if (path_enumerate(gethints(), fill_search_info, &args) != NULL) 1935 return (-1); 1936 1937 args.flags = LA_SER_DEFAULT; 1938 if (path_enumerate(STANDARD_LIBRARY_PATH, fill_search_info, &args) != NULL) 1939 return (-1); 1940 return (0); 1941 } 1942 1943 static int 1944 rtld_dirname(const char *path, char *bname) 1945 { 1946 const char *endp; 1947 1948 /* Empty or NULL string gets treated as "." */ 1949 if (path == NULL || *path == '\0') { 1950 bname[0] = '.'; 1951 bname[1] = '\0'; 1952 return (0); 1953 } 1954 1955 /* Strip trailing slashes */ 1956 endp = path + strlen(path) - 1; 1957 while (endp > path && *endp == '/') 1958 endp--; 1959 1960 /* Find the start of the dir */ 1961 while (endp > path && *endp != '/') 1962 endp--; 1963 1964 /* Either the dir is "/" or there are no slashes */ 1965 if (endp == path) { 1966 bname[0] = *endp == '/' ? '/' : '.'; 1967 bname[1] = '\0'; 1968 return (0); 1969 } else { 1970 do { 1971 endp--; 1972 } while (endp > path && *endp == '/'); 1973 } 1974 1975 if (endp - path + 2 > PATH_MAX) 1976 { 1977 _rtld_error("Filename is too long: %s", path); 1978 return(-1); 1979 } 1980 1981 strncpy(bname, path, endp - path + 1); 1982 bname[endp - path + 1] = '\0'; 1983 return (0); 1984 } 1985 1986 static void 1987 linkmap_add(Obj_Entry *obj) 1988 { 1989 struct link_map *l = &obj->linkmap; 1990 struct link_map *prev; 1991 1992 obj->linkmap.l_name = obj->path; 1993 obj->linkmap.l_addr = obj->mapbase; 1994 obj->linkmap.l_ld = obj->dynamic; 1995 #ifdef __mips__ 1996 /* GDB needs load offset on MIPS to use the symbols */ 1997 obj->linkmap.l_offs = obj->relocbase; 1998 #endif 1999 2000 if (r_debug.r_map == NULL) { 2001 r_debug.r_map = l; 2002 return; 2003 } 2004 2005 /* 2006 * Scan to the end of the list, but not past the entry for the 2007 * dynamic linker, which we want to keep at the very end. 2008 */ 2009 for (prev = r_debug.r_map; 2010 prev->l_next != NULL && prev->l_next != &obj_rtld.linkmap; 2011 prev = prev->l_next) 2012 ; 2013 2014 /* Link in the new entry. */ 2015 l->l_prev = prev; 2016 l->l_next = prev->l_next; 2017 if (l->l_next != NULL) 2018 l->l_next->l_prev = l; 2019 prev->l_next = l; 2020 } 2021 2022 static void 2023 linkmap_delete(Obj_Entry *obj) 2024 { 2025 struct link_map *l = &obj->linkmap; 2026 2027 if (l->l_prev == NULL) { 2028 if ((r_debug.r_map = l->l_next) != NULL) 2029 l->l_next->l_prev = NULL; 2030 return; 2031 } 2032 2033 if ((l->l_prev->l_next = l->l_next) != NULL) 2034 l->l_next->l_prev = l->l_prev; 2035 } 2036 2037 /* 2038 * Function for the debugger to set a breakpoint on to gain control. 2039 * 2040 * The two parameters allow the debugger to easily find and determine 2041 * what the runtime loader is doing and to whom it is doing it. 2042 * 2043 * When the loadhook trap is hit (r_debug_state, set at program 2044 * initialization), the arguments can be found on the stack: 2045 * 2046 * +8 struct link_map *m 2047 * +4 struct r_debug *rd 2048 * +0 RetAddr 2049 */ 2050 void 2051 r_debug_state(struct r_debug* rd, struct link_map *m) 2052 { 2053 } 2054 2055 /* 2056 * Get address of the pointer variable in the main program. 2057 */ 2058 static const void ** 2059 get_program_var_addr(const char *name) 2060 { 2061 const Obj_Entry *obj; 2062 unsigned long hash; 2063 2064 hash = elf_hash(name); 2065 for (obj = obj_main; obj != NULL; obj = obj->next) { 2066 const Elf_Sym *def; 2067 2068 if ((def = symlook_obj(name, hash, obj, false)) != NULL) { 2069 const void **addr; 2070 2071 addr = (const void **)(obj->relocbase + def->st_value); 2072 return addr; 2073 } 2074 } 2075 return NULL; 2076 } 2077 2078 /* 2079 * Set a pointer variable in the main program to the given value. This 2080 * is used to set key variables such as "environ" before any of the 2081 * init functions are called. 2082 */ 2083 static void 2084 set_program_var(const char *name, const void *value) 2085 { 2086 const void **addr; 2087 2088 if ((addr = get_program_var_addr(name)) != NULL) { 2089 dbg("\"%s\": *%p <-- %p", name, addr, value); 2090 *addr = value; 2091 } 2092 } 2093 2094 /* 2095 * Given a symbol name in a referencing object, find the corresponding 2096 * definition of the symbol. Returns a pointer to the symbol, or NULL if 2097 * no definition was found. Returns a pointer to the Obj_Entry of the 2098 * defining object via the reference parameter DEFOBJ_OUT. 2099 */ 2100 static const Elf_Sym * 2101 symlook_default(const char *name, unsigned long hash, 2102 const Obj_Entry *refobj, const Obj_Entry **defobj_out, bool in_plt) 2103 { 2104 DoneList donelist; 2105 const Elf_Sym *def; 2106 const Elf_Sym *symp; 2107 const Obj_Entry *obj; 2108 const Obj_Entry *defobj; 2109 const Objlist_Entry *elm; 2110 def = NULL; 2111 defobj = NULL; 2112 donelist_init(&donelist); 2113 2114 /* Look first in the referencing object if linked symbolically. */ 2115 if (refobj->symbolic && !donelist_check(&donelist, refobj)) { 2116 symp = symlook_obj(name, hash, refobj, in_plt); 2117 if (symp != NULL) { 2118 def = symp; 2119 defobj = refobj; 2120 } 2121 } 2122 2123 /* Search all objects loaded at program start up. */ 2124 if (def == NULL || ELF_ST_BIND(def->st_info) == STB_WEAK) { 2125 symp = symlook_list(name, hash, &list_main, &obj, in_plt, &donelist); 2126 if (symp != NULL && 2127 (def == NULL || ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 2128 def = symp; 2129 defobj = obj; 2130 } 2131 } 2132 2133 /* Search all DAGs whose roots are RTLD_GLOBAL objects. */ 2134 STAILQ_FOREACH(elm, &list_global, link) { 2135 if (def != NULL && ELF_ST_BIND(def->st_info) != STB_WEAK) 2136 break; 2137 symp = symlook_list(name, hash, &elm->obj->dagmembers, &obj, in_plt, 2138 &donelist); 2139 if (symp != NULL && 2140 (def == NULL || ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 2141 def = symp; 2142 defobj = obj; 2143 } 2144 } 2145 2146 /* Search all dlopened DAGs containing the referencing object. */ 2147 STAILQ_FOREACH(elm, &refobj->dldags, link) { 2148 if (def != NULL && ELF_ST_BIND(def->st_info) != STB_WEAK) 2149 break; 2150 symp = symlook_list(name, hash, &elm->obj->dagmembers, &obj, in_plt, 2151 &donelist); 2152 if (symp != NULL && 2153 (def == NULL || ELF_ST_BIND(symp->st_info) != STB_WEAK)) { 2154 def = symp; 2155 defobj = obj; 2156 } 2157 } 2158 2159 /* 2160 * Search the dynamic linker itself, and possibly resolve the 2161 * symbol from there. This is how the application links to 2162 * dynamic linker services such as dlopen. Only the values listed 2163 * in the "exports" array can be resolved from the dynamic linker. 2164 */ 2165 if (def == NULL || ELF_ST_BIND(def->st_info) == STB_WEAK) { 2166 symp = symlook_obj(name, hash, &obj_rtld, in_plt); 2167 if (symp != NULL && is_exported(symp)) { 2168 def = symp; 2169 defobj = &obj_rtld; 2170 } 2171 } 2172 2173 if (def != NULL) 2174 *defobj_out = defobj; 2175 return def; 2176 } 2177 2178 static const Elf_Sym * 2179 symlook_list(const char *name, unsigned long hash, Objlist *objlist, 2180 const Obj_Entry **defobj_out, bool in_plt, DoneList *dlp) 2181 { 2182 const Elf_Sym *symp; 2183 const Elf_Sym *def; 2184 const Obj_Entry *defobj; 2185 const Objlist_Entry *elm; 2186 2187 def = NULL; 2188 defobj = NULL; 2189 STAILQ_FOREACH(elm, objlist, link) { 2190 if (donelist_check(dlp, elm->obj)) 2191 continue; 2192 if ((symp = symlook_obj(name, hash, elm->obj, in_plt)) != NULL) { 2193 if (def == NULL || ELF_ST_BIND(symp->st_info) != STB_WEAK) { 2194 def = symp; 2195 defobj = elm->obj; 2196 if (ELF_ST_BIND(def->st_info) != STB_WEAK) 2197 break; 2198 } 2199 } 2200 } 2201 if (def != NULL) 2202 *defobj_out = defobj; 2203 return def; 2204 } 2205 2206 /* 2207 * Search the symbol table of a single shared object for a symbol of 2208 * the given name. Returns a pointer to the symbol, or NULL if no 2209 * definition was found. 2210 * 2211 * The symbol's hash value is passed in for efficiency reasons; that 2212 * eliminates many recomputations of the hash value. 2213 */ 2214 const Elf_Sym * 2215 symlook_obj(const char *name, unsigned long hash, const Obj_Entry *obj, 2216 bool in_plt) 2217 { 2218 if (obj->buckets != NULL) { 2219 unsigned long symnum = obj->buckets[hash % obj->nbuckets]; 2220 2221 while (symnum != STN_UNDEF) { 2222 const Elf_Sym *symp; 2223 const char *strp; 2224 2225 if (symnum >= obj->nchains) 2226 return NULL; /* Bad object */ 2227 symp = obj->symtab + symnum; 2228 strp = obj->strtab + symp->st_name; 2229 2230 if (name[0] == strp[0] && strcmp(name, strp) == 0) 2231 return symp->st_shndx != SHN_UNDEF || 2232 (!in_plt && symp->st_value != 0 && 2233 ELF_ST_TYPE(symp->st_info) == STT_FUNC) ? symp : NULL; 2234 2235 symnum = obj->chains[symnum]; 2236 } 2237 } 2238 return NULL; 2239 } 2240 2241 static void 2242 trace_loaded_objects(Obj_Entry *obj) 2243 { 2244 char *fmt1, *fmt2, *fmt, *main_local, *list_containers; 2245 int c; 2246 2247 if ((main_local = getenv("LD_TRACE_LOADED_OBJECTS_PROGNAME")) == NULL) 2248 main_local = ""; 2249 2250 if ((fmt1 = getenv("LD_TRACE_LOADED_OBJECTS_FMT1")) == NULL) 2251 fmt1 = "\t%o => %p (%x)\n"; 2252 2253 if ((fmt2 = getenv("LD_TRACE_LOADED_OBJECTS_FMT2")) == NULL) 2254 fmt2 = "\t%o (%x)\n"; 2255 2256 list_containers = getenv("LD_TRACE_LOADED_OBJECTS_ALL"); 2257 2258 for (; obj; obj = obj->next) { 2259 Needed_Entry *needed; 2260 char *name, *path; 2261 bool is_lib; 2262 2263 if (list_containers && obj->needed != NULL) 2264 printf("%s:\n", obj->path); 2265 for (needed = obj->needed; needed; needed = needed->next) { 2266 if (needed->obj != NULL) { 2267 if (needed->obj->traced && !list_containers) 2268 continue; 2269 needed->obj->traced = true; 2270 path = needed->obj->path; 2271 } else 2272 path = "not found"; 2273 2274 name = (char *)obj->strtab + needed->name; 2275 is_lib = strncmp(name, "lib", 3) == 0; /* XXX - bogus */ 2276 2277 fmt = is_lib ? fmt1 : fmt2; 2278 while ((c = *fmt++) != '\0') { 2279 switch (c) { 2280 default: 2281 putchar(c); 2282 continue; 2283 case '\\': 2284 switch (c = *fmt) { 2285 case '\0': 2286 continue; 2287 case 'n': 2288 putchar('\n'); 2289 break; 2290 case 't': 2291 putchar('\t'); 2292 break; 2293 } 2294 break; 2295 case '%': 2296 switch (c = *fmt) { 2297 case '\0': 2298 continue; 2299 case '%': 2300 default: 2301 putchar(c); 2302 break; 2303 case 'A': 2304 printf("%s", main_local); 2305 break; 2306 case 'a': 2307 printf("%s", obj_main->path); 2308 break; 2309 case 'o': 2310 printf("%s", name); 2311 break; 2312 #if 0 2313 case 'm': 2314 printf("%d", sodp->sod_major); 2315 break; 2316 case 'n': 2317 printf("%d", sodp->sod_minor); 2318 break; 2319 #endif 2320 case 'p': 2321 printf("%s", path); 2322 break; 2323 case 'x': 2324 printf("%p", needed->obj ? needed->obj->mapbase : 0); 2325 break; 2326 } 2327 break; 2328 } 2329 ++fmt; 2330 } 2331 } 2332 } 2333 } 2334 2335 /* 2336 * Unload a dlopened object and its dependencies from memory and from 2337 * our data structures. It is assumed that the DAG rooted in the 2338 * object has already been unreferenced, and that the object has a 2339 * reference count of 0. 2340 */ 2341 static void 2342 unload_object(Obj_Entry *root) 2343 { 2344 Obj_Entry *obj; 2345 Obj_Entry **linkp; 2346 2347 assert(root->refcount == 0); 2348 2349 /* 2350 * Pass over the DAG removing unreferenced objects from 2351 * appropriate lists. 2352 */ 2353 unlink_object(root); 2354 2355 /* Unmap all objects that are no longer referenced. */ 2356 linkp = &obj_list->next; 2357 while ((obj = *linkp) != NULL) { 2358 if (obj->refcount == 0) { 2359 dbg("unloading \"%s\"", obj->path); 2360 munmap(obj->mapbase, obj->mapsize); 2361 linkmap_delete(obj); 2362 *linkp = obj->next; 2363 obj_count--; 2364 obj_free(obj); 2365 } else 2366 linkp = &obj->next; 2367 } 2368 obj_tail = linkp; 2369 } 2370 2371 static void 2372 unlink_object(Obj_Entry *root) 2373 { 2374 Objlist_Entry *elm; 2375 2376 if (root->refcount == 0) { 2377 /* Remove the object from the RTLD_GLOBAL list. */ 2378 objlist_remove(&list_global, root); 2379 2380 /* Remove the object from all objects' DAG lists. */ 2381 STAILQ_FOREACH(elm, &root->dagmembers , link) { 2382 objlist_remove(&elm->obj->dldags, root); 2383 if (elm->obj != root) 2384 unlink_object(elm->obj); 2385 } 2386 } 2387 } 2388 2389 static void 2390 ref_dag(Obj_Entry *root) 2391 { 2392 Objlist_Entry *elm; 2393 2394 STAILQ_FOREACH(elm, &root->dagmembers , link) 2395 elm->obj->refcount++; 2396 } 2397 2398 static void 2399 unref_dag(Obj_Entry *root) 2400 { 2401 Objlist_Entry *elm; 2402 2403 STAILQ_FOREACH(elm, &root->dagmembers , link) 2404 elm->obj->refcount--; 2405 } 2406 2407 2408