xref: /illumos-gate/usr/src/cmd/sgs/libelf/common/update.c (revision 1d9df23bbf4124f12ca7832d6eaaa600e0aa8eda)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  *	Copyright (c) 1988 AT&T
24  *	  All Rights Reserved
25  *
26  *
27  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
28  * Use is subject to license terms.
29  */
30 
31 #pragma ident	"%Z%%M%	%I%	%E% SMI"
32 
33 #if !defined(_ELF64)
34 #pragma weak elf_update = _elf_update
35 #endif
36 
37 #include "syn.h"
38 #include <memory.h>
39 #include <malloc.h>
40 #include <limits.h>
41 
42 #include <sgs.h>
43 #include "decl.h"
44 #include "msg.h"
45 
46 /*
47  * This module is compiled twice, the second time having
48  * -D_ELF64 defined.  The following set of macros, along
49  * with machelf.h, represent the differences between the
50  * two compilations.  Be careful *not* to add any class-
51  * dependent code (anything that has elf32 or elf64 in the
52  * name) to this code without hiding it behind a switch-
53  * able macro like these.
54  */
55 #if	defined(_ELF64)
56 
57 #define	FSZ_LONG	ELF64_FSZ_XWORD
58 #define	ELFCLASS	ELFCLASS64
59 #define	_elf_snode_init	_elf64_snode_init
60 #define	_elfxx_cookscn	_elf64_cookscn
61 #define	_elf_upd_lib	_elf64_upd_lib
62 #define	elf_fsize	elf64_fsize
63 #define	_elf_entsz	_elf64_entsz
64 #define	_elf_msize	_elf64_msize
65 #define	_elf_upd_usr	_elf64_upd_usr
66 #define	wrt		wrt64
67 #define	elf_xlatetof	elf64_xlatetof
68 #define	_elfxx_update	_elf64_update
69 #define	_elfxx_swap_wrimage	_elf64_swap_wrimage
70 
71 #else	/* ELF32 */
72 
73 #define	FSZ_LONG	ELF32_FSZ_WORD
74 #define	ELFCLASS	ELFCLASS32
75 #define	_elf_snode_init	_elf32_snode_init
76 #define	_elfxx_cookscn	_elf32_cookscn
77 #define	_elf_upd_lib	_elf32_upd_lib
78 #define	elf_fsize	elf32_fsize
79 #define	_elf_entsz	_elf32_entsz
80 #define	_elf_msize	_elf32_msize
81 #define	_elf_upd_usr	_elf32_upd_usr
82 #define	wrt		wrt32
83 #define	elf_xlatetof	elf32_xlatetof
84 #define	_elfxx_update	_elf32_update
85 #define	_elfxx_swap_wrimage	_elf32_swap_wrimage
86 
87 #endif /* ELF64 */
88 
89 
90 #if	!(defined(_LP64) && defined(_ELF64))
91 #define	TEST_SIZE
92 
93 /*
94  * Handle the decision of whether the current linker can handle the
95  * desired object size, and if not, which error to issue.
96  *
97  * Input is the desired size. On failure, an error has been issued
98  * and 0 is returned. On success, 1 is returned.
99  */
100 static int
101 test_size(Lword hi)
102 {
103 #ifndef _LP64			/* 32-bit linker */
104 	/*
105 	 * A 32-bit libelf is limited to a 2GB output file. This limit
106 	 * is due to the fact that off_t is a signed value, and that
107 	 * libelf cannot support large file support:
108 	 *	- ABI reasons
109 	 *	- Memory use generally is 2x output file size anyway,
110 	 *		so lifting the file size limit will just send
111 	 *		you crashing into the 32-bit VM limit.
112 	 * If the output is an ELFCLASS64 object, or an ELFCLASS32 object
113 	 * under 4GB, switching to the 64-bit version of libelf will help.
114 	 * However, an ELFCLASS32 object must not exceed 4GB.
115 	 */
116 	if (hi > INT_MAX) {	/* Bigger than 2GB */
117 #ifndef _ELF64
118 		/* ELFCLASS32 object is fundamentally too big? */
119 		if (hi > UINT_MAX) {
120 			_elf_seterr(EFMT_FBIG_CLASS32, 0);
121 			return (0);
122 		}
123 #endif				/* _ELF64 */
124 
125 		/* Should switch to the 64-bit libelf? */
126 		_elf_seterr(EFMT_FBIG_LARGEFILE, 0);
127 		return (0);
128 	}
129 #endif				/* !_LP64 */
130 
131 
132 #if	defined(_LP64) && !defined(_ELF64)   /* 64-bit linker, ELFCLASS32 */
133 	/*
134 	 * A 64-bit linker can produce any size output
135 	 * file, but if the resulting file is ELFCLASS32,
136 	 * it must not exceed 4GB.
137 	 */
138 	if (hi > UINT_MAX) {
139 		_elf_seterr(EFMT_FBIG_CLASS32, 0);
140 		return (0);
141 	}
142 #endif
143 
144 	return (1);
145 }
146 #endif				/* TEST_SIZE */
147 
148 /*
149  * Output file update
150  *	These functions walk an Elf structure, update its information,
151  *	and optionally write the output file.  Because the application
152  *	may control of the output file layout, two upd_... routines
153  *	exist.  They're similar but too different to merge cleanly.
154  *
155  *	The library defines a "dirty" bit to force parts of the file
156  *	to be written on update.  These routines ignore the dirty bit
157  *	and do everything.  A minimal update routine might be useful
158  *	someday.
159  */
160 
161 static size_t
162 _elf_upd_lib(Elf * elf)
163 {
164 	NOTE(ASSUMING_PROTECTED(*elf))
165 	Lword		hi;
166 	Lword		hibit;
167 	Elf_Scn *	s;
168 	register Lword	sz;
169 	Ehdr *		eh = elf->ed_ehdr;
170 	unsigned	ver = eh->e_version;
171 	register char	*p = (char *)eh->e_ident;
172 	size_t		scncnt;
173 
174 	/*
175 	 * Ehdr and Phdr table go first
176 	 */
177 	p[EI_MAG0] = ELFMAG0;
178 	p[EI_MAG1] = ELFMAG1;
179 	p[EI_MAG2] = ELFMAG2;
180 	p[EI_MAG3] = ELFMAG3;
181 	p[EI_CLASS] = ELFCLASS;
182 	/* LINTED */
183 	p[EI_VERSION] = (Byte)ver;
184 	hi = elf_fsize(ELF_T_EHDR, 1, ver);
185 	/* LINTED */
186 	eh->e_ehsize = (Half)hi;
187 	if (eh->e_phnum != 0) {
188 		/* LINTED */
189 		eh->e_phentsize = (Half)elf_fsize(ELF_T_PHDR, 1, ver);
190 		/* LINTED */
191 		eh->e_phoff = (Off)hi;
192 		hi += eh->e_phentsize * eh->e_phnum;
193 	} else {
194 		eh->e_phoff = 0;
195 		eh->e_phentsize = 0;
196 	}
197 
198 	/*
199 	 * Obtain the first section header.  Typically, this section has NULL
200 	 * contents, however in the case of Extended ELF Sections this section
201 	 * is used to hold an alternative e_shnum, e_shstrndx and e_phnum.
202 	 * On initial allocation (see _elf_snode) the elements of this section
203 	 * would have been zeroed.  The e_shnum is initialized later, after the
204 	 * section header count has been determined.  The e_shstrndx and
205 	 * e_phnum may have already been initialized by the caller (for example,
206 	 * gelf_update_shdr() in mcs(1)).
207 	 */
208 	if ((s = elf->ed_hdscn) == 0) {
209 		eh->e_shnum = 0;
210 		scncnt = 0;
211 	} else {
212 		s = s->s_next;
213 		scncnt = 1;
214 	}
215 
216 	/*
217 	 * Loop through sections.  Compute section size before changing hi.
218 	 * Allow null buffers for NOBITS.
219 	 */
220 	hibit = 0;
221 	for (; s != 0; s = s->s_next) {
222 		register Dnode	*d;
223 		register Lword	fsz, j;
224 		Shdr *sh = s->s_shdr;
225 
226 		scncnt++;
227 		if (sh->sh_type == SHT_NULL) {
228 			*sh = _elf_snode_init.sb_shdr;
229 			continue;
230 		}
231 
232 		if ((s->s_myflags & SF_READY) == 0)
233 			(void) _elfxx_cookscn(s);
234 
235 		sh->sh_addralign = 1;
236 		if ((sz = (Lword)_elf_entsz(elf, sh->sh_type, ver)) != 0)
237 			/* LINTED */
238 			sh->sh_entsize = (Half)sz;
239 		sz = 0;
240 		for (d = s->s_hdnode; d != 0; d = d->db_next) {
241 			if ((fsz = elf_fsize(d->db_data.d_type,
242 			    1, ver)) == 0)
243 				return (0);
244 
245 			j = _elf_msize(d->db_data.d_type, ver);
246 			fsz *= (d->db_data.d_size / j);
247 			d->db_osz = (size_t)fsz;
248 			if ((j = d->db_data.d_align) > 1) {
249 				if (j > sh->sh_addralign)
250 					sh->sh_addralign = (Xword)j;
251 
252 				if (sz % j != 0)
253 					sz += j - sz % j;
254 			}
255 			d->db_data.d_off = (off_t)sz;
256 			d->db_xoff = sz;
257 			sz += fsz;
258 		}
259 
260 		sh->sh_size = (Xword) sz;
261 		/*
262 		 * We want to take into account the offsets for NOBITS
263 		 * sections and let the "sh_offsets" point to where
264 		 * the section would 'conceptually' fit within
265 		 * the file (as required by the ABI).
266 		 *
267 		 * But - we must also make sure that the NOBITS does
268 		 * not take up any actual space in the file.  We preserve
269 		 * the actual offset into the file in the 'hibit' variable.
270 		 * When we come to the first non-NOBITS section after a
271 		 * encountering a NOBITS section the hi counter is restored
272 		 * to its proper place in the file.
273 		 */
274 		if (sh->sh_type == SHT_NOBITS) {
275 			if (hibit == 0)
276 				hibit = hi;
277 		} else {
278 			if (hibit) {
279 				hi = hibit;
280 				hibit = 0;
281 			}
282 		}
283 		j = sh->sh_addralign;
284 		if ((fsz = hi % j) != 0)
285 			hi += j - fsz;
286 
287 		/* LINTED */
288 		sh->sh_offset = (Off)hi;
289 		hi += sz;
290 	}
291 
292 	/*
293 	 * if last section was a 'NOBITS' section then we need to
294 	 * restore the 'hi' counter to point to the end of the last
295 	 * non 'NOBITS' section.
296 	 */
297 	if (hibit) {
298 		hi = hibit;
299 		hibit = 0;
300 	}
301 
302 	/*
303 	 * Shdr table last
304 	 */
305 	if (scncnt != 0) {
306 		if (hi % FSZ_LONG != 0)
307 			hi += FSZ_LONG - hi % FSZ_LONG;
308 		/* LINTED */
309 		eh->e_shoff = (Off)hi;
310 		/*
311 		 * If we are using 'extended sections' then the
312 		 * e_shnum is stored in the sh_size field of the
313 		 * first section header.
314 		 *
315 		 * NOTE: we set e_shnum to '0' because it's specified
316 		 * this way in the gABI, and in the hopes that
317 		 * this will cause less problems to unaware
318 		 * tools then if we'd set it to SHN_XINDEX (0xffff).
319 		 */
320 		if (scncnt < SHN_LORESERVE)
321 			eh->e_shnum = scncnt;
322 		else {
323 			Shdr	*sh;
324 			sh = (Shdr *)elf->ed_hdscn->s_shdr;
325 			sh->sh_size = scncnt;
326 			eh->e_shnum = 0;
327 		}
328 		/* LINTED */
329 		eh->e_shentsize = (Half)elf_fsize(ELF_T_SHDR, 1, ver);
330 		hi += eh->e_shentsize * scncnt;
331 	} else {
332 		eh->e_shoff = 0;
333 		eh->e_shentsize = 0;
334 	}
335 
336 #ifdef TEST_SIZE
337 	if (test_size(hi) == 0)
338 		return (0);
339 #endif
340 
341 	return ((size_t)hi);
342 }
343 
344 
345 
346 static size_t
347 _elf_upd_usr(Elf * elf)
348 {
349 	NOTE(ASSUMING_PROTECTED(*elf))
350 	Lword		hi;
351 	Elf_Scn *	s;
352 	register Lword	sz;
353 	Ehdr *		eh = elf->ed_ehdr;
354 	unsigned	ver = eh->e_version;
355 	register char	*p = (char *)eh->e_ident;
356 
357 
358 	/*
359 	 * Ehdr and Phdr table go first
360 	 */
361 	p[EI_MAG0] = ELFMAG0;
362 	p[EI_MAG1] = ELFMAG1;
363 	p[EI_MAG2] = ELFMAG2;
364 	p[EI_MAG3] = ELFMAG3;
365 	p[EI_CLASS] = ELFCLASS;
366 	/* LINTED */
367 	p[EI_VERSION] = (Byte)ver;
368 	hi = elf_fsize(ELF_T_EHDR, 1, ver);
369 	/* LINTED */
370 	eh->e_ehsize = (Half)hi;
371 
372 	/*
373 	 * If phnum is zero, phoff "should" be zero too,
374 	 * but the application is responsible for it.
375 	 * Allow a non-zero value here and update the
376 	 * hi water mark accordingly.
377 	 */
378 
379 	if (eh->e_phnum != 0)
380 		/* LINTED */
381 		eh->e_phentsize = (Half)elf_fsize(ELF_T_PHDR, 1, ver);
382 	else
383 		eh->e_phentsize = 0;
384 	if ((sz = eh->e_phoff + eh->e_phentsize * eh->e_phnum) > hi)
385 		hi = sz;
386 
387 	/*
388 	 * Loop through sections, skipping index zero.
389 	 * Compute section size before changing hi.
390 	 * Allow null buffers for NOBITS.
391 	 */
392 
393 	if ((s = elf->ed_hdscn) == 0)
394 		eh->e_shnum = 0;
395 	else {
396 		eh->e_shnum = 1;
397 		*(Shdr*)s->s_shdr = _elf_snode_init.sb_shdr;
398 		s = s->s_next;
399 	}
400 	for (; s != 0; s = s->s_next) {
401 		register Dnode	*d;
402 		register Lword	fsz, j;
403 		Shdr *sh = s->s_shdr;
404 
405 		if ((s->s_myflags & SF_READY) == 0)
406 			(void) _elfxx_cookscn(s);
407 
408 		++eh->e_shnum;
409 		sz = 0;
410 		for (d = s->s_hdnode; d != 0; d = d->db_next) {
411 			if ((fsz = elf_fsize(d->db_data.d_type, 1,
412 			    ver)) == 0)
413 				return (0);
414 			j = _elf_msize(d->db_data.d_type, ver);
415 			fsz *= (d->db_data.d_size / j);
416 			d->db_osz = (size_t)fsz;
417 
418 			if ((sh->sh_type != SHT_NOBITS) &&
419 			    ((j = (d->db_data.d_off + d->db_osz)) > sz))
420 				sz = j;
421 		}
422 		if (sh->sh_size < sz) {
423 			_elf_seterr(EFMT_SCNSZ, 0);
424 			return (0);
425 		}
426 		if ((sh->sh_type != SHT_NOBITS) &&
427 		    (hi < sh->sh_offset + sh->sh_size))
428 			hi = sh->sh_offset + sh->sh_size;
429 	}
430 
431 	/*
432 	 * Shdr table last.  Comment above for phnum/phoff applies here.
433 	 */
434 	if (eh->e_shnum != 0)
435 		/* LINTED */
436 		eh->e_shentsize = (Half)elf_fsize(ELF_T_SHDR, 1, ver);
437 	else
438 		eh->e_shentsize = 0;
439 
440 	if ((sz = eh->e_shoff + eh->e_shentsize * eh->e_shnum) > hi)
441 		hi = sz;
442 
443 #ifdef TEST_SIZE
444 	if (test_size(hi) == 0)
445 		return (0);
446 #endif
447 
448 	return ((size_t)hi);
449 }
450 
451 
452 static size_t
453 wrt(Elf * elf, Xword outsz, unsigned fill, int update_cmd)
454 {
455 	NOTE(ASSUMING_PROTECTED(*elf))
456 	Elf_Data	dst, src;
457 	unsigned	flag;
458 	Xword		hi, sz;
459 	char		*image;
460 	Elf_Scn		*s;
461 	Ehdr		*eh = elf->ed_ehdr;
462 	unsigned	ver = eh->e_version;
463 	unsigned	encode;
464 	int		byte;
465 
466 	/*
467 	 * If this is an ELF_C_WRIMAGE write, then we encode into the
468 	 * byte order of the system we are running on rather than that of
469 	 * of the object. For ld.so.1, this is the same order, but
470 	 * for 'ld', it might not be in the case where we are cross
471 	 * linking an object for a different target. In this later case,
472 	 * the linker-host byte order is necessary so that the linker can
473 	 * manipulate the resulting  image. It is expected that the linker
474 	 * will call elf_swap_wrimage() if necessary to convert the image
475 	 * to the target byte order.
476 	 */
477 	encode = (update_cmd == ELF_C_WRIMAGE) ? _elf_sys_encoding() :
478 	    eh->e_ident[EI_DATA];
479 
480 	/*
481 	 * Two issues can cause trouble for the output file.
482 	 * First, begin() with ELF_C_RDWR opens a file for both
483 	 * read and write.  On the write update(), the library
484 	 * has to read everything it needs before truncating
485 	 * the file.  Second, using mmap for both read and write
486 	 * is too tricky.  Consequently, the library disables mmap
487 	 * on the read side.  Using mmap for the output saves swap
488 	 * space, because that mapping is SHARED, not PRIVATE.
489 	 *
490 	 * If the file is write-only, there can be nothing of
491 	 * interest to bother with.
492 	 *
493 	 * The following reads the entire file, which might be
494 	 * more than necessary.  Better safe than sorry.
495 	 */
496 
497 	if ((elf->ed_myflags & EDF_READ) &&
498 	    (_elf_vm(elf, (size_t)0, elf->ed_fsz) != OK_YES))
499 		return (0);
500 
501 	flag = elf->ed_myflags & EDF_WRALLOC;
502 	if ((image = _elf_outmap(elf->ed_fd, outsz, &flag)) == 0)
503 		return (0);
504 
505 	if (flag == 0)
506 		elf->ed_myflags |= EDF_IMALLOC;
507 
508 	/*
509 	 * If an error occurs below, a "dirty" bit may be cleared
510 	 * improperly.  To save a second pass through the file,
511 	 * this code sets the dirty bit on the elf descriptor
512 	 * when an error happens, assuming that will "cover" any
513 	 * accidents.
514 	 */
515 
516 	/*
517 	 * Hi is needed only when 'fill' is non-zero.
518 	 * Fill is non-zero only when the library
519 	 * calculates file/section/data buffer offsets.
520 	 * The lib guarantees they increase monotonically.
521 	 * That guarantees proper filling below.
522 	 */
523 
524 
525 	/*
526 	 * Ehdr first
527 	 */
528 
529 	src.d_buf = (Elf_Void *)eh;
530 	src.d_type = ELF_T_EHDR;
531 	src.d_size = sizeof (Ehdr);
532 	src.d_version = EV_CURRENT;
533 	dst.d_buf = (Elf_Void *)image;
534 	dst.d_size = eh->e_ehsize;
535 	dst.d_version = ver;
536 	if (elf_xlatetof(&dst, &src, encode) == 0)
537 		return (0);
538 	elf->ed_ehflags &= ~ELF_F_DIRTY;
539 	hi = eh->e_ehsize;
540 
541 	/*
542 	 * Phdr table if one exists
543 	 */
544 
545 	if (eh->e_phnum != 0) {
546 		unsigned	work;
547 		/*
548 		 * Unlike other library data, phdr table is
549 		 * in the user version.  Change src buffer
550 		 * version here, fix it after translation.
551 		 */
552 
553 		src.d_buf = (Elf_Void *)elf->ed_phdr;
554 		src.d_type = ELF_T_PHDR;
555 		src.d_size = elf->ed_phdrsz;
556 		ELFACCESSDATA(work, _elf_work)
557 		src.d_version = work;
558 		dst.d_buf = (Elf_Void *)(image + eh->e_phoff);
559 		dst.d_size = eh->e_phnum * eh->e_phentsize;
560 		hi = (Xword)(eh->e_phoff + dst.d_size);
561 		if (elf_xlatetof(&dst, &src, encode) == 0) {
562 			elf->ed_uflags |= ELF_F_DIRTY;
563 			return (0);
564 		}
565 		elf->ed_phflags &= ~ELF_F_DIRTY;
566 		src.d_version = EV_CURRENT;
567 	}
568 
569 	/*
570 	 * Loop through sections
571 	 */
572 
573 	ELFACCESSDATA(byte, _elf_byte);
574 	for (s = elf->ed_hdscn; s != 0; s = s->s_next) {
575 		register Dnode	*d, *prevd;
576 		Xword		off = 0;
577 		Shdr		*sh = s->s_shdr;
578 		char		*start = image + sh->sh_offset;
579 		char		*here;
580 
581 		/*
582 		 * Just "clean" DIRTY flag for "empty" sections.  Even if
583 		 * NOBITS needs padding, the next thing in the
584 		 * file will provide it.  (And if this NOBITS is
585 		 * the last thing in the file, no padding needed.)
586 		 */
587 		if ((sh->sh_type == SHT_NOBITS) ||
588 		    (sh->sh_type == SHT_NULL)) {
589 			d = s->s_hdnode, prevd = 0;
590 			for (; d != 0; prevd = d, d = d->db_next)
591 				d->db_uflags &= ~ELF_F_DIRTY;
592 			continue;
593 		}
594 		/*
595 		 * Clear out the memory between the end of the last
596 		 * section and the begining of this section.
597 		 */
598 		if (fill && (sh->sh_offset > hi)) {
599 			sz = sh->sh_offset - hi;
600 			(void) memset(start - sz, byte, sz);
601 		}
602 
603 
604 		for (d = s->s_hdnode, prevd = 0;
605 		    d != 0; prevd = d, d = d->db_next) {
606 			d->db_uflags &= ~ELF_F_DIRTY;
607 			here = start + d->db_data.d_off;
608 
609 			/*
610 			 * Clear out the memory between the end of the
611 			 * last update and the start of this data buffer.
612 			 */
613 			if (fill && (d->db_data.d_off > off)) {
614 				sz = (Xword)(d->db_data.d_off - off);
615 				(void) memset(here - sz, byte, sz);
616 			}
617 
618 			if ((d->db_myflags & DBF_READY) == 0) {
619 				SCNLOCK(s);
620 				if (_elf_locked_getdata(s, &prevd->db_data) !=
621 				    &d->db_data) {
622 					elf->ed_uflags |= ELF_F_DIRTY;
623 					SCNUNLOCK(s);
624 					return (0);
625 				}
626 				SCNUNLOCK(s);
627 			}
628 			dst.d_buf = (Elf_Void *)here;
629 			dst.d_size = d->db_osz;
630 
631 			/*
632 			 * Copy the translated bits out to the destination
633 			 * image.
634 			 */
635 			if (elf_xlatetof(&dst, &d->db_data, encode) == 0) {
636 				elf->ed_uflags |= ELF_F_DIRTY;
637 				return (0);
638 			}
639 
640 			off = (Xword)(d->db_data.d_off + dst.d_size);
641 		}
642 		hi = sh->sh_offset + sh->sh_size;
643 	}
644 
645 	/*
646 	 * Shdr table last
647 	 */
648 
649 	if (fill && (eh->e_shoff > hi)) {
650 		sz = eh->e_shoff - hi;
651 		(void) memset(image + hi, byte, sz);
652 	}
653 
654 	src.d_type = ELF_T_SHDR;
655 	src.d_size = sizeof (Shdr);
656 	dst.d_buf = (Elf_Void *)(image + eh->e_shoff);
657 	dst.d_size = eh->e_shentsize;
658 	for (s = elf->ed_hdscn; s != 0; s = s->s_next) {
659 		assert((uintptr_t)dst.d_buf < ((uintptr_t)image + outsz));
660 		s->s_shflags &= ~ELF_F_DIRTY;
661 		s->s_uflags &= ~ELF_F_DIRTY;
662 		src.d_buf = s->s_shdr;
663 
664 		if (elf_xlatetof(&dst, &src, encode) == 0) {
665 			elf->ed_uflags |= ELF_F_DIRTY;
666 			return (0);
667 		}
668 
669 		dst.d_buf = (char *)dst.d_buf + eh->e_shentsize;
670 	}
671 	/*
672 	 * ELF_C_WRIMAGE signifyes that we build the memory image, but
673 	 * that we do not actually write it to disk.  This is used
674 	 * by ld(1) to build up a full image of an elf file and then
675 	 * to process the file before it's actually written out to
676 	 * disk.  This saves ld(1) the overhead of having to write
677 	 * the image out to disk twice.
678 	 */
679 	if (update_cmd == ELF_C_WRIMAGE) {
680 		elf->ed_uflags &= ~ELF_F_DIRTY;
681 		elf->ed_wrimage = image;
682 		elf->ed_wrimagesz = outsz;
683 		return (outsz);
684 	}
685 
686 	if (_elf_outsync(elf->ed_fd, image, outsz,
687 	    ((elf->ed_myflags & EDF_IMALLOC) ? 0 : 1)) != 0) {
688 		elf->ed_uflags &= ~ELF_F_DIRTY;
689 		elf->ed_myflags &= ~EDF_IMALLOC;
690 		return (outsz);
691 	}
692 
693 	elf->ed_uflags |= ELF_F_DIRTY;
694 	return (0);
695 }
696 
697 
698 
699 
700 /*
701  * The following is a private interface between the linkers (ld & ld.so.1)
702  * and libelf:
703  *
704  * elf_update(elf, ELF_C_WRIMAGE)
705  *	This will cause full image representing the elf file
706  *	described by the elf pointer to be built in memory.  If the
707  *	elf pointer has a valid file descriptor associated with it
708  *	we will attempt to build the memory image from mmap()'ed
709  *	storage.  If the elf descriptor does not have a valid
710  *	file descriptor (opened with elf_begin(0, ELF_C_IMAGE, 0))
711  *	then the image will be allocated from dynamic memory (malloc()).
712  *
713  *	elf_update() will return the size of the memory image built
714  *	when sucessful.
715  *
716  *	When a subsequent call to elf_update() with ELF_C_WRITE as
717  *	the command is performed it will sync the image created
718  *	by ELF_C_WRIMAGE to disk (if fd available) and
719  *	free the memory allocated.
720  */
721 
722 off_t
723 _elfxx_update(Elf * elf, Elf_Cmd cmd)
724 {
725 	size_t		sz;
726 	unsigned	u;
727 	Ehdr		*eh = elf->ed_ehdr;
728 
729 	if (elf == 0)
730 		return (-1);
731 
732 	ELFWLOCK(elf)
733 	switch (cmd) {
734 	default:
735 		_elf_seterr(EREQ_UPDATE, 0);
736 		ELFUNLOCK(elf)
737 		return (-1);
738 
739 	case ELF_C_WRIMAGE:
740 		if ((elf->ed_myflags & EDF_WRITE) == 0) {
741 			_elf_seterr(EREQ_UPDWRT, 0);
742 			ELFUNLOCK(elf)
743 			return (-1);
744 		}
745 		break;
746 	case ELF_C_WRITE:
747 		if ((elf->ed_myflags & EDF_WRITE) == 0) {
748 			_elf_seterr(EREQ_UPDWRT, 0);
749 			ELFUNLOCK(elf)
750 			return (-1);
751 		}
752 		if (elf->ed_wrimage) {
753 			if (elf->ed_myflags & EDF_WRALLOC) {
754 				free(elf->ed_wrimage);
755 				/*
756 				 * The size is still returned even
757 				 * though nothing is actually written
758 				 * out.  This is just to be consistant
759 				 * with the rest of the interface.
760 				 */
761 				sz = elf->ed_wrimagesz;
762 				elf->ed_wrimage = 0;
763 				elf->ed_wrimagesz = 0;
764 				ELFUNLOCK(elf);
765 				return ((off_t)sz);
766 			}
767 			sz = _elf_outsync(elf->ed_fd, elf->ed_wrimage,
768 			    elf->ed_wrimagesz,
769 			    (elf->ed_myflags & EDF_IMALLOC ? 0 : 1));
770 			elf->ed_myflags &= ~EDF_IMALLOC;
771 			elf->ed_wrimage = 0;
772 			elf->ed_wrimagesz = 0;
773 			ELFUNLOCK(elf);
774 			return ((off_t)sz);
775 		}
776 		/* FALLTHROUGH */
777 	case ELF_C_NULL:
778 		break;
779 	}
780 
781 	if (eh == 0) {
782 		_elf_seterr(ESEQ_EHDR, 0);
783 		ELFUNLOCK(elf)
784 		return (-1);
785 	}
786 
787 	if ((u = eh->e_version) > EV_CURRENT) {
788 		_elf_seterr(EREQ_VER, 0);
789 		ELFUNLOCK(elf)
790 		return (-1);
791 	}
792 
793 	if (u == EV_NONE)
794 		eh->e_version = EV_CURRENT;
795 
796 	if ((u = eh->e_ident[EI_DATA]) == ELFDATANONE) {
797 		unsigned	encode;
798 
799 		ELFACCESSDATA(encode, _elf_encode)
800 		if (encode == ELFDATANONE) {
801 			_elf_seterr(EREQ_ENCODE, 0);
802 			ELFUNLOCK(elf)
803 			return (-1);
804 		}
805 		/* LINTED */
806 		eh->e_ident[EI_DATA] = (Byte)encode;
807 	}
808 
809 	u = 1;
810 	if (elf->ed_uflags & ELF_F_LAYOUT) {
811 		sz = _elf_upd_usr(elf);
812 		u = 0;
813 	} else
814 		sz = _elf_upd_lib(elf);
815 
816 	if ((sz != 0) && ((cmd == ELF_C_WRITE) || (cmd == ELF_C_WRIMAGE)))
817 		sz = wrt(elf, (Xword)sz, u, cmd);
818 
819 	if (sz == 0) {
820 		ELFUNLOCK(elf)
821 		return (-1);
822 	}
823 
824 	ELFUNLOCK(elf)
825 	return ((off_t)sz);
826 }
827 
828 
829 /*
830  * When wrt() processes an ELF_C_WRIMAGE request, the resulting image
831  * gets the byte order (encoding) of the platform running the linker
832  * rather than that of the target host. This allows the linker to modify
833  * the image, prior to flushing it to the output file. This routine
834  * is used to re-translate such an image into the byte order of the
835  * target host.
836  */
837 int
838 _elfxx_swap_wrimage(Elf * elf)
839 {
840 	NOTE(ASSUMING_PROTECTED(*elf))
841 	Elf_Data	dst, src;
842 	Elf_Scn		*s;
843 	Ehdr		*eh = elf->ed_ehdr;
844 	Half		e_phnum = eh->e_phnum;
845 	unsigned	ver = eh->e_version;
846 	unsigned	encode = eh->e_ident[EI_DATA];
847 
848 	/*
849 	 * Ehdr first
850 	 */
851 
852 	src.d_buf = dst.d_buf = (Elf_Void *)eh;
853 	src.d_type = dst.d_type = ELF_T_EHDR;
854 	src.d_size = dst.d_size = sizeof (Ehdr);
855 	src.d_version = dst.d_version = ver;
856 	if (elf_xlatetof(&dst, &src, encode) == 0)
857 		return (1);
858 
859 	/*
860 	 * Phdr table if one exists
861 	 */
862 
863 	if (e_phnum != 0) {
864 		unsigned	work;
865 		/*
866 		 * Unlike other library data, phdr table is
867 		 * in the user version.
868 		 */
869 
870 		src.d_buf = dst.d_buf = (Elf_Void *)elf->ed_phdr;
871 		src.d_type = dst.d_type = ELF_T_PHDR;
872 		src.d_size = dst.d_size = elf->ed_phdrsz;
873 		ELFACCESSDATA(work, _elf_work)
874 		src.d_version = dst.d_version = work;
875 		if (elf_xlatetof(&dst, &src, encode) == 0) {
876 			return (1);
877 		}
878 	}
879 
880 	/*
881 	 * Loop through sections
882 	 */
883 
884 	for (s = elf->ed_hdscn; s != 0; s = s->s_next) {
885 		register Dnode	*d, *prevd;
886 		Shdr		*sh = s->s_shdr;
887 
888 		if ((sh->sh_type == SHT_NOBITS) || (sh->sh_type == SHT_NULL))
889 			continue;
890 
891 		for (d = s->s_hdnode, prevd = 0;
892 		    d != 0; prevd = d, d = d->db_next) {
893 
894 			if ((d->db_myflags & DBF_READY) == 0) {
895 				SCNLOCK(s);
896 				if (_elf_locked_getdata(s, &prevd->db_data) !=
897 				    &d->db_data) {
898 					SCNUNLOCK(s);
899 					return (1);
900 				}
901 				SCNUNLOCK(s);
902 			}
903 
904 			dst = d->db_data;
905 			if (elf_xlatetof(&dst, &d->db_data, encode) == 0)
906 				return (1);
907 		}
908 	}
909 
910 	/*
911 	 * Shdr table
912 	 */
913 
914 	src.d_type = dst.d_type = ELF_T_SHDR;
915 	src.d_version = dst.d_version = ver;
916 	for (s = elf->ed_hdscn; s != 0; s = s->s_next) {
917 		src.d_buf = dst.d_buf = s->s_shdr;
918 		src.d_size = dst.d_size = sizeof (Shdr);
919 		if (elf_xlatetof(&dst, &src, encode) == 0)
920 			return (1);
921 	}
922 
923 	return (0);
924 }
925 
926 
927 
928 #ifndef _ELF64
929 /* class-independent, only needs to be compiled once */
930 
931 off_t
932 elf_update(Elf *elf, Elf_Cmd cmd)
933 {
934 	if (elf == 0)
935 		return (-1);
936 
937 	if (elf->ed_class == ELFCLASS32)
938 		return (_elf32_update(elf, cmd));
939 	else if (elf->ed_class == ELFCLASS64) {
940 		return (_elf64_update(elf, cmd));
941 	}
942 
943 	_elf_seterr(EREQ_CLASS, 0);
944 	return (-1);
945 }
946 
947 int
948 _elf_swap_wrimage(Elf *elf)
949 {
950 	if (elf == 0)
951 		return (0);
952 
953 	if (elf->ed_class == ELFCLASS32)
954 		return (_elf32_swap_wrimage(elf));
955 
956 	if (elf->ed_class == ELFCLASS64)
957 		return (_elf64_swap_wrimage(elf));
958 
959 	_elf_seterr(EREQ_CLASS, 0);
960 	return (0);
961 }
962 
963 /*
964  * 4106312, 4106398, This is an ad-hoc means for the 32-bit
965  * Elf64 version of libld.so.3 to get around the limitation
966  * of a 32-bit d_off field.  This is only intended to be
967  * used by libld to relocate symbols in large NOBITS sections.
968  */
969 Elf64_Off
970 _elf_getxoff(Elf_Data * d)
971 {
972 	return (((Dnode *)d)->db_xoff);
973 }
974 #endif /* !_ELF64 */
975