1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
25
26 /*
27 * Copyright (c) 1988 AT&T
28 * All Rights Reserved
29 */
30 /*
31 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
32 * Copyright 2022 Oxide Computer Company
33 */
34
35 /*
36 * Run time linker common setup.
37 *
38 * Called from _setup to get the process going at startup.
39 */
40
41 #include <stdlib.h>
42 #include <fcntl.h>
43 #include <stdio.h>
44 #include <sys/types.h>
45 #include <sys/stat.h>
46 #include <sys/mman.h>
47 #include <string.h>
48 #include <unistd.h>
49 #include <dlfcn.h>
50 #include <sys/sysconfig.h>
51 #include <sys/auxv.h>
52 #include <debug.h>
53 #include <conv.h>
54 #include "_rtld.h"
55 #include "_audit.h"
56 #include "_elf.h"
57 #include "msg.h"
58
59
60 extern int _end, _edata, _etext;
61 extern void _init(void);
62 extern int _brk_unlocked(void *);
63
64 /* needed for _brk_unlocked() */
65 void *_nd = &_end;
66
67 /*
68 * Counters that are incremented every time an object is mapped/unmapped.
69 *
70 * Note that exec() will usually map 2 objects before we receive control,
71 * but this can be 1 if ld.so.1 is executed directly. We count one of these
72 * here, and add another as necessary in setup().
73 */
74 u_longlong_t cnt_map = 1;
75 u_longlong_t cnt_unmap = 0;
76
77
78 /*
79 * Define for the executable's interpreter.
80 * Usually it is ld.so.1, but for the first release of ICL binaries
81 * it is libc.so.1. We keep this information so that we don't end
82 * up mapping libc twice if it is the interpreter.
83 */
84 static Interp _interp;
85
86 /*
87 * LD_PRELOAD objects.
88 */
89 static int
preload(const char * str,Rt_map * mlmp,Rt_map ** clmp)90 preload(const char *str, Rt_map *mlmp, Rt_map **clmp)
91 {
92 Alist *palp = NULL;
93 char *objs, *ptr, *next;
94 Word lmflags = lml_main.lm_flags;
95 int lddstub;
96
97 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD));
98
99 if ((objs = strdup(str)) == NULL)
100 return (0);
101
102 /*
103 * Determine if we've been called from lddstub.
104 */
105 lddstub = (lmflags & LML_FLG_TRC_ENABLE) &&
106 (FLAGS1(*clmp) & FL1_RT_LDDSTUB);
107
108
109 for (ptr = strtok_r(objs, MSG_ORIG(MSG_STR_DELIMIT), &next);
110 ptr != NULL;
111 ptr = strtok_r(NULL, MSG_ORIG(MSG_STR_DELIMIT), &next)) {
112 Rt_map *nlmp = NULL;
113 uint_t flags;
114
115 DBG_CALL(Dbg_file_preload(&lml_main, ptr));
116
117 /*
118 * Establish the flags for loading each object. If we're
119 * called via lddstub, then the first preloaded object is the
120 * object being inspected by ldd(1). This object should not be
121 * marked as an interposer, as this object is intended to act
122 * as the target object of the process.
123 */
124 if (lddstub)
125 flags = FLG_RT_PRELOAD;
126 else
127 flags = (FLG_RT_PRELOAD | FLG_RT_OBJINTPO);
128
129 /*
130 * If this a secure application, then preload errors are
131 * reduced to warnings, as the errors are non-fatal.
132 */
133 if (rtld_flags & RT_FL_SECURE)
134 rtld_flags2 |= RT_FL2_FTL2WARN;
135 if (expand_paths(*clmp, ptr, &palp, AL_CNT_NEEDED,
136 PD_FLG_EXTLOAD, 0) != 0)
137 nlmp = load_one(&lml_main, ALIST_OFF_DATA, palp, *clmp,
138 MODE(mlmp), flags, 0, NULL);
139 remove_alist(&palp, 0);
140 if (rtld_flags & RT_FL_SECURE)
141 rtld_flags2 &= ~RT_FL2_FTL2WARN;
142 if (nlmp && (bind_one(*clmp, nlmp, BND_NEEDED) == 0))
143 nlmp = NULL;
144
145 if (lddstub && nlmp) {
146 lddstub = 0;
147
148 /*
149 * Fabricate a binding between the target shared object
150 * and lddstub so that the target object isn't called
151 * out from unused() processing.
152 */
153 if (lmflags &
154 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)) {
155 if (bind_one(*clmp, nlmp, BND_REFER) == 0)
156 nlmp = NULL;
157 }
158
159 /*
160 * By identifying lddstub as the caller, several
161 * confusing ldd() diagnostics get suppressed. These
162 * diagnostics would reveal how the target shared object
163 * was found from lddstub. Now that the real target is
164 * loaded, identify the target as the caller so that all
165 * ldd() diagnostics are enabled for subsequent objects.
166 */
167 if (nlmp)
168 *clmp = nlmp;
169 }
170
171 /*
172 * If no error occurred with loading this object, indicate that
173 * this link-map list contains an interposer.
174 */
175 if (nlmp == NULL) {
176 if ((lmflags & LML_FLG_TRC_ENABLE) ||
177 (rtld_flags & RT_FL_SECURE))
178 continue;
179 else
180 return (0);
181 }
182 if (flags & FLG_RT_OBJINTPO)
183 lml_main.lm_flags |= LML_FLG_INTRPOSE;
184
185 }
186
187 free(palp);
188 free(objs);
189 return (1);
190 }
191
192 Rt_map *
setup(char ** envp,auxv_t * auxv,Word _flags,char * _platform,int _syspagsz,char * _rtldname,ulong_t ld_base,ulong_t interp_base,int fd,Phdr * phdr,char * execname,char ** argv,uid_t uid,uid_t euid,gid_t gid,gid_t egid,int auxflags,uint_t * hwcap)193 setup(char **envp, auxv_t *auxv, Word _flags, char *_platform, int _syspagsz,
194 char *_rtldname, ulong_t ld_base, ulong_t interp_base, int fd, Phdr *phdr,
195 char *execname, char **argv, uid_t uid, uid_t euid, gid_t gid, gid_t egid,
196 int auxflags, uint_t *hwcap)
197 {
198 Rt_map *rlmp, *mlmp, *clmp, **tobj = NULL;
199 Ehdr *ehdr;
200 rtld_stat_t status;
201 int features = 0, ldsoexec = 0;
202 size_t eaddr, esize;
203 char *str, *argvname;
204 Word lmflags;
205 mmapobj_result_t *mpp;
206 Fdesc fdr = { 0 }, fdm = { 0 };
207 Rej_desc rej = { 0 };
208 APlist *ealp = NULL;
209
210 /*
211 * Now that ld.so has relocated itself, initialize our own 'environ' so
212 * as to establish an address suitable for any libc requirements.
213 */
214 _environ = (char **)((ulong_t)auxv - sizeof (char *));
215 _init();
216 _environ = envp;
217
218 /*
219 * Establish a base time. Total time diagnostics start from entering
220 * ld.so.1 here, however the base time is reset each time the ld.so.1
221 * is re-entered. Note also, there will be a large time associated
222 * with the first diagnostic from ld.so.1, as bootstrapping ld.so.1
223 * and establishing the liblddbg infrastructure takes some time.
224 */
225 (void) gettimeofday(&DBG_TOTALTIME, NULL);
226 DBG_DELTATIME = DBG_TOTALTIME;
227
228 /*
229 * Determine how ld.so.1 has been executed.
230 */
231 if ((fd == -1) && (phdr == NULL)) {
232 /*
233 * If we received neither the AT_EXECFD nor the AT_PHDR aux
234 * vector, ld.so.1 must have been invoked directly from the
235 * command line.
236 */
237 ldsoexec = 1;
238
239 /*
240 * AT_SUN_EXECNAME provides the most precise name, if it is
241 * available, otherwise fall back to argv[0]. At this time,
242 * there is no process name.
243 */
244 if (execname)
245 rtldname = execname;
246 else if (argv[0])
247 rtldname = argv[0];
248 else
249 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
250 } else {
251 /*
252 * Otherwise, we have a standard process. AT_SUN_EXECNAME
253 * provides the most precise name, if it is available,
254 * otherwise fall back to argv[0]. Provided the application
255 * is already mapped, the process is the application, so
256 * simplify the application name for use in any diagnostics.
257 */
258 if (execname)
259 argvname = execname;
260 else if (argv[0])
261 argvname = execname = argv[0];
262 else
263 argvname = execname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
264
265 if (fd == -1) {
266 if ((str = strrchr(argvname, '/')) != NULL)
267 procname = ++str;
268 else
269 procname = argvname;
270 }
271
272 /*
273 * At this point, we don't know the runtime linkers full path
274 * name. The _rtldname passed to us is the SONAME of the
275 * runtime linker, which is typically /lib/ld.so.1 no matter
276 * what the full path is. Use this for now, we'll reset the
277 * runtime linkers name once the application is analyzed.
278 */
279 if (_rtldname) {
280 if ((str = strrchr(_rtldname, '/')) != NULL)
281 rtldname = ++str;
282 else
283 rtldname = _rtldname;
284 } else
285 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN);
286
287 /* exec() brought in two objects for us. Count the second one */
288 cnt_map++;
289 }
290
291 /*
292 * Initialize any global variables.
293 */
294 at_flags = _flags;
295
296 if ((org_scapset->sc_plat = _platform) != NULL)
297 org_scapset->sc_platsz = strlen(_platform);
298
299 if (org_scapset->sc_plat == NULL)
300 platform_name(org_scapset);
301 if (org_scapset->sc_mach == NULL)
302 machine_name(org_scapset);
303
304 /*
305 * If pagesize is unspecified find its value.
306 */
307 if ((syspagsz = _syspagsz) == 0)
308 syspagsz = _sysconfig(_CONFIG_PAGESIZE);
309
310 /*
311 * Add the unused portion of the last data page to the free space list.
312 * The page size must be set before doing this. Here, _end refers to
313 * the end of the runtime linkers bss. Note that we do not use the
314 * unused data pages from any included .so's to supplement this free
315 * space as badly behaved .os's may corrupt this data space, and in so
316 * doing ruin our data.
317 */
318 eaddr = S_DROUND((size_t)&_end);
319 esize = eaddr % syspagsz;
320 if (esize) {
321 esize = syspagsz - esize;
322 addfree((void *)eaddr, esize);
323 }
324
325 /*
326 * Establish initial link-map list flags, and link-map list alists.
327 */
328 if (alist_append(&lml_main.lm_lists, NULL, sizeof (Lm_cntl),
329 AL_CNT_LMLISTS) == NULL)
330 return (0);
331 lml_main.lm_flags |= LML_FLG_BASELM;
332 lml_main.lm_lmid = LM_ID_BASE;
333 lml_main.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_BASE);
334
335 if (alist_append(&lml_rtld.lm_lists, NULL, sizeof (Lm_cntl),
336 AL_CNT_LMLISTS) == NULL)
337 return (0);
338 lml_rtld.lm_flags |= (LML_FLG_RTLDLM | LML_FLG_HOLDLOCK);
339 lml_rtld.lm_tflags |= LML_TFLG_NOAUDIT;
340 lml_rtld.lm_lmid = LM_ID_LDSO;
341 lml_rtld.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_LDSO);
342
343 /*
344 * Determine whether we have a secure executable.
345 */
346 security(uid, euid, gid, egid, auxflags);
347
348 /*
349 * Make an initial pass of environment variables to pick off those
350 * related to locale processing. At the same time, collect and save
351 * any LD_XXXX variables for later processing. Note that this later
352 * processing will be skipped if ld.so.1 is invoked from the command
353 * line with -e LD_NOENVIRON.
354 */
355 if (envp && (readenv_user((const char **)envp, &ealp) == 1))
356 return (0);
357
358 /*
359 * If ld.so.1 has been invoked directly, process its arguments.
360 */
361 if (ldsoexec) {
362 /*
363 * Process any arguments that are specific to ld.so.1, and
364 * reorganize the process stack to effectively remove ld.so.1
365 * from the stack. Reinitialize the environment pointer, as
366 * this pointer may have been shifted after skipping ld.so.1's
367 * arguments.
368 */
369 if (rtld_getopt(argv, &envp, &auxv, &(lml_main.lm_flags),
370 &(lml_main.lm_tflags)) == 1) {
371 eprintf(&lml_main, ERR_NONE, MSG_INTL(MSG_USG_BADOPT));
372 return (0);
373 }
374 _environ = envp;
375
376 /*
377 * Open the object that ld.so.1 is to execute.
378 */
379 argvname = execname = argv[0];
380
381 if ((fd = open(argvname, O_RDONLY)) == -1) {
382 int err = errno;
383 eprintf(&lml_main, ERR_FATAL, MSG_INTL(MSG_SYS_OPEN),
384 argvname, strerror(err));
385 return (0);
386 }
387 }
388
389 /*
390 * Having processed any ld.so.1 command line options, return to process
391 * any LD_XXXX environment variables.
392 */
393 if (ealp) {
394 if (((rtld_flags & RT_FL_NOENVIRON) == 0) &&
395 (procenv_user(ealp, &(lml_main.lm_flags),
396 &(lml_main.lm_tflags)) == 1))
397 return (0);
398 free(ealp);
399 }
400
401 /*
402 * Initialize a hardware capability descriptor for use in comparing
403 * each loaded object. The aux vector must provide AF_SUN_HWCAPVERIFY,
404 * as prior to this setting any hardware capabilities that were found
405 * could not be relied upon.
406 */
407 if (auxflags & AF_SUN_HWCAPVERIFY) {
408 rtld_flags2 |= RT_FL2_HWCAP;
409 org_scapset->sc_hw_1 = (Xword)hwcap[0];
410 org_scapset->sc_hw_2 = (Xword)hwcap[1];
411 org_scapset->sc_hw_3 = (Xword)hwcap[2];
412 }
413
414 /*
415 * Create a mapping descriptor for ld.so.1. We can determine our
416 * two segments information from known symbols.
417 */
418 if ((mpp = calloc(2, sizeof (mmapobj_result_t))) == NULL)
419 return (0);
420 mpp[0].mr_addr = (caddr_t)M_PTRUNC(ld_base);
421 mpp[0].mr_msize = (caddr_t)&_etext - mpp[0].mr_addr;
422 mpp[0].mr_fsize = mpp[0].mr_msize;
423 mpp[0].mr_prot = (PROT_READ | PROT_EXEC);
424
425 mpp[1].mr_addr = (caddr_t)M_PTRUNC((uintptr_t)&r_debug);
426 mpp[1].mr_msize = (caddr_t)&_end - mpp[1].mr_addr;
427 mpp[1].mr_fsize = (caddr_t)&_edata - mpp[1].mr_addr;
428 mpp[1].mr_prot = (PROT_READ | PROT_WRITE | PROT_EXEC);
429
430 if ((fdr.fd_nname = stravl_insert(_rtldname, 0, 0, 0)) == NULL)
431 return (0);
432 if ((rlmp = elf_new_lmp(&lml_rtld, ALIST_OFF_DATA, &fdr,
433 (Addr)mpp->mr_addr, (size_t)((uintptr_t)eaddr - (uintptr_t)ld_base),
434 NULL, NULL, NULL)) == NULL)
435 return (0);
436
437 MMAPS(rlmp) = mpp;
438 MMAPCNT(rlmp) = 2;
439 PADSTART(rlmp) = (ulong_t)mpp[0].mr_addr;
440 PADIMLEN(rlmp) = (ulong_t)mpp[0].mr_addr + (ulong_t)mpp[1].mr_addr +
441 (ulong_t)mpp[1].mr_msize;
442
443 MODE(rlmp) |= (RTLD_LAZY | RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD);
444 FLAGS(rlmp) |= (FLG_RT_ANALYZED | FLG_RT_RELOCED | FLG_RT_INITDONE |
445 FLG_RT_INITCLCT | FLG_RT_FINICLCT | FLG_RT_MODESET);
446
447 /*
448 * Initialize the runtime linkers information.
449 */
450 interp = &_interp;
451 interp->i_name = (char *)rtldname;
452 interp->i_faddr = (caddr_t)ADDR(rlmp);
453 ldso_plt_init(rlmp);
454
455 /*
456 * Map in the file, if exec has not already done so, or if the file
457 * was passed as an argument to an explicit execution of ld.so.1 from
458 * the command line.
459 */
460 if (fd != -1) {
461 /*
462 * Map the file. Once the object is mapped we no longer need
463 * the file descriptor.
464 */
465 (void) rtld_fstat(fd, &status);
466 fdm.fd_oname = argvname;
467 fdm.fd_ftp = map_obj(&lml_main, &fdm, status.st_size, argvname,
468 fd, &rej);
469 (void) close(fd);
470
471 if (fdm.fd_ftp == NULL) {
472 Conv_reject_desc_buf_t rej_buf;
473
474 eprintf(&lml_main, ERR_FATAL,
475 MSG_INTL(err_reject[rej.rej_type]), argvname,
476 conv_reject_desc(&rej, &rej_buf, M_MACH));
477 return (0);
478 }
479
480 /*
481 * Finish processing the loading of the file.
482 */
483 if ((fdm.fd_nname = stravl_insert(argvname, 0, 0, 0)) == NULL)
484 return (0);
485 fdm.fd_dev = status.st_dev;
486 fdm.fd_ino = status.st_ino;
487
488 if ((mlmp = load_file(&lml_main, ALIST_OFF_DATA, NULL, &fdm,
489 NULL)) == NULL)
490 return (0);
491
492 /*
493 * We now have a process name for error diagnostics.
494 */
495 if ((str = strrchr(argvname, '/')) != NULL)
496 procname = ++str;
497 else
498 procname = argvname;
499
500 if (ldsoexec) {
501 mmapobj_result_t *mpp = MMAPS(mlmp);
502 uint_t mnum, mapnum = MMAPCNT(mlmp);
503 void *brkbase = NULL;
504
505 /*
506 * Since ld.so.1 was the primary executed object - the
507 * brk() base has not yet been initialized, we need to
508 * initialize it. For an executable, initialize it to
509 * the end of the object. For a shared object (ET_DYN)
510 * initialize it to the first page in memory.
511 */
512 for (mnum = 0; mnum < mapnum; mnum++, mpp++)
513 brkbase = mpp->mr_addr + mpp->mr_msize;
514
515 if (brkbase == NULL)
516 brkbase = (void *)syspagsz;
517
518 if (_brk_unlocked(brkbase) == -1) {
519 int err = errno;
520
521 eprintf(&lml_main, ERR_FATAL,
522 MSG_INTL(MSG_SYS_BRK), argvname,
523 strerror(err));
524 return (0);
525 }
526 }
527 } else {
528 if (phdr != NULL) {
529 Phdr *pptr;
530 Off i_offset = 0;
531 Addr base = 0;
532 ulong_t phsize;
533 mmapobj_result_t *mpp, *fmpp, *hmpp = NULL;
534 uint_t mapnum = 0;
535 int i;
536 size_t msize;
537
538 /*
539 * Using the executables phdr address determine the base
540 * address of the input file. NOTE, this assumes the
541 * program headers and elf header are part of the same
542 * mapped segment. Although this has held for many
543 * years now, it might be more flexible if the kernel
544 * gave use the ELF headers start address, rather than
545 * the Program headers.
546 *
547 * Determine from the ELF header if we're been called
548 * from a shared object or dynamic executable. If the
549 * latter, then any addresses within the object are used
550 * as is. Addresses within shared objects must be added
551 * to the process's base address.
552 */
553 ehdr = (Ehdr *)((Addr)phdr - phdr->p_offset);
554 phsize = ehdr->e_phentsize;
555 if (ehdr->e_type == ET_DYN)
556 base = (Addr)ehdr;
557
558 /*
559 * Allocate a mapping array to retain mapped segment
560 * information.
561 */
562 if ((fmpp = mpp = calloc(ehdr->e_phnum,
563 sizeof (mmapobj_result_t))) == NULL)
564 return (0);
565
566 /*
567 * Extract the needed information from the segment
568 * headers.
569 */
570 for (i = 0, pptr = phdr; i < ehdr->e_phnum; i++) {
571 if (pptr->p_type == PT_INTERP) {
572 i_offset = pptr->p_offset;
573 interp->i_faddr =
574 (caddr_t)interp_base;
575 }
576 if ((pptr->p_type == PT_LOAD) &&
577 (pptr->p_filesz || pptr->p_memsz)) {
578 int perm = (PROT_READ | PROT_EXEC);
579 size_t off;
580
581 if (i_offset && pptr->p_filesz &&
582 (i_offset >= pptr->p_offset) &&
583 (i_offset <=
584 (pptr->p_memsz + pptr->p_offset))) {
585 interp->i_name = (char *)
586 pptr->p_vaddr + i_offset -
587 pptr->p_offset + base;
588 i_offset = 0;
589 }
590
591 if (pptr->p_flags & PF_W)
592 perm |= PROT_WRITE;
593
594 /*
595 * Retain segments mapping info. Round
596 * each segment to a page boundary, as
597 * this insures addresses are suitable
598 * for mprotect() if required.
599 */
600 off = pptr->p_vaddr + base;
601 if (hmpp == NULL) {
602 hmpp = mpp;
603 mpp->mr_addr = (caddr_t)ehdr;
604 } else
605 mpp->mr_addr = (caddr_t)off;
606
607 off -= (size_t)(uintptr_t)mpp->mr_addr;
608 mpp->mr_msize = pptr->p_memsz + off;
609 mpp->mr_fsize = pptr->p_filesz + off;
610 mpp->mr_prot = perm;
611
612 mpp++, mapnum++;
613 }
614
615 pptr = (Phdr *)((ulong_t)pptr + phsize);
616 }
617
618 mpp--;
619 msize = (size_t)(mpp->mr_addr + mpp->mr_msize) -
620 S_ALIGN((size_t)fmpp->mr_addr, syspagsz);
621
622 if ((fdm.fd_nname =
623 stravl_insert(execname, 0, 0, 0)) == NULL)
624 return (0);
625 if ((mlmp = elf_new_lmp(&lml_main, ALIST_OFF_DATA,
626 &fdm, (Addr)hmpp->mr_addr, msize,
627 NULL, NULL, NULL)) == NULL)
628 return (0);
629
630 MMAPS(mlmp) = fmpp;
631 MMAPCNT(mlmp) = mapnum;
632 PADSTART(mlmp) = (ulong_t)fmpp->mr_addr;
633 PADIMLEN(mlmp) = (ulong_t)fmpp->mr_addr +
634 (ulong_t)mpp->mr_addr + (ulong_t)mpp->mr_msize;
635 }
636 }
637
638 /*
639 * Establish the interpretors name as that defined within the initial
640 * object (executable). This provides for ORIGIN processing of ld.so.1
641 * dependencies. Note, the NAME() of the object remains that which was
642 * passed to us as the SONAME on execution.
643 */
644 if (ldsoexec == 0) {
645 size_t len = strlen(interp->i_name);
646
647 if (expand(&interp->i_name, &len, 0, 0,
648 (PD_TKN_ISALIST | PD_TKN_CAP), rlmp) & PD_TKN_RESOLVED)
649 fdr.fd_flags |= FLG_FD_RESOLVED;
650 }
651 fdr.fd_pname = interp->i_name;
652 (void) fullpath(rlmp, &fdr);
653
654 /*
655 * The runtime linker acts as a filtee for various dl*() functions that
656 * are defined in libc (and libdl). Make sure this standard name for
657 * the runtime linker is also registered in the FullPathNode AVL tree.
658 */
659 (void) fpavl_insert(&lml_rtld, rlmp, _rtldname, 0);
660
661 /*
662 * Having established the true runtime linkers name, simplify the name
663 * for error diagnostics.
664 */
665 if ((str = strrchr(PATHNAME(rlmp), '/')) != NULL)
666 rtldname = ++str;
667 else
668 rtldname = PATHNAME(rlmp);
669
670 /*
671 * Expand the fullpath name of the application. This typically occurs
672 * as a part of loading an object, but as the kernel probably mapped
673 * it in, complete this processing now.
674 */
675 (void) fullpath(mlmp, 0);
676
677 /*
678 * Some troublesome programs will change the value of argv[0]. Dupping
679 * the process string protects us, and insures the string is left in
680 * any core files.
681 */
682 if ((str = (char *)strdup(procname)) == NULL)
683 return (0);
684 procname = str;
685
686 FLAGS(mlmp) |= (FLG_RT_ISMAIN | FLG_RT_MODESET);
687 FLAGS1(mlmp) |= FL1_RT_USED;
688
689 /*
690 * It's the responsibility of MAIN(crt0) to call it's _init and _fini
691 * section, therefore null out any INIT/FINI so that this object isn't
692 * collected during tsort processing. And, if the application has no
693 * initarray or finiarray we can economize on establishing bindings.
694 */
695 INIT(mlmp) = FINI(mlmp) = NULL;
696 if ((INITARRAY(mlmp) == NULL) && (FINIARRAY(mlmp) == NULL))
697 FLAGS1(mlmp) |= FL1_RT_NOINIFIN;
698
699 /*
700 * Identify lddstub if necessary.
701 */
702 if (lml_main.lm_flags & LML_FLG_TRC_LDDSTUB)
703 FLAGS1(mlmp) |= FL1_RT_LDDSTUB;
704
705 /*
706 * Retain our argument information for use in dlinfo.
707 */
708 argsinfo.dla_argv = argv--;
709 argsinfo.dla_argc = (long)*argv;
710 argsinfo.dla_envp = envp;
711 argsinfo.dla_auxv = auxv;
712
713 (void) enter(0);
714
715 /*
716 * Add our two main link-maps to the dynlm_list
717 */
718 if (aplist_append(&dynlm_list, &lml_main, AL_CNT_DYNLIST) == NULL)
719 return (0);
720
721 if (aplist_append(&dynlm_list, &lml_rtld, AL_CNT_DYNLIST) == NULL)
722 return (0);
723
724 /*
725 * Reset the link-map counts for both lists. The init count is used to
726 * track how many objects have pending init sections, this gets incre-
727 * mented each time an object is relocated. Since ld.so.1 relocates
728 * itself, it's init count will remain zero.
729 * The object count is used to track how many objects have pending fini
730 * sections, as ld.so.1 handles its own fini we can zero its count.
731 */
732 lml_main.lm_obj = 1;
733 lml_rtld.lm_obj = 0;
734
735 /*
736 * Initialize debugger information structure. Some parts of this
737 * structure were initialized statically.
738 */
739 r_debug.rtd_rdebug.r_map = (Link_map *)lml_main.lm_head;
740 r_debug.rtd_rdebug.r_ldsomap = (Link_map *)lml_rtld.lm_head;
741 r_debug.rtd_rdebug.r_ldbase = r_debug.rtd_rdebug.r_ldsomap->l_addr;
742 r_debug.rtd_dynlmlst = &dynlm_list;
743
744 /*
745 * Determine the dev/inode information for the executable to complete
746 * load_so() checking for those who might call dlopen(3c) on the
747 * executable .
748 */
749 if (rtld_stat(PATHNAME(mlmp), &status) == 0) {
750 STDEV(mlmp) = status.st_dev;
751 STINO(mlmp) = status.st_ino;
752 }
753
754 /*
755 * Initialize any configuration information.
756 */
757 if (!(rtld_flags & RT_FL_NOCFG)) {
758 if ((features = elf_config(mlmp)) == -1)
759 return (0);
760 }
761
762 #if defined(_ELF64)
763 /*
764 * If this is a 64-bit process, determine whether this process has
765 * restricted the process address space to 32-bits. Any dependencies
766 * that are restricted to a 32-bit address space can only be loaded if
767 * the executable has established this requirement.
768 */
769 if (CAPSET(mlmp).sc_sf_1 & SF1_SUNW_ADDR32)
770 rtld_flags2 |= RT_FL2_ADDR32;
771 #endif
772 /*
773 * Establish any alternative capabilities, and validate this object
774 * if it defines it's own capabilities information.
775 */
776 if (cap_alternative() == 0)
777 return (0);
778
779 if (cap_check_lmp(mlmp, &rej) == 0) {
780 if (lml_main.lm_flags & LML_FLG_TRC_ENABLE) {
781 /* LINTED */
782 (void) printf(MSG_INTL(ldd_warn[rej.rej_type]),
783 NAME(mlmp), rej.rej_str);
784 } else {
785 /* LINTED */
786 eprintf(&lml_main, ERR_FATAL,
787 MSG_INTL(err_reject[rej.rej_type]),
788 NAME(mlmp), rej.rej_str);
789 return (0);
790 }
791 }
792
793 /*
794 * Establish the modes of the initial object. These modes are
795 * propagated to any preloaded objects and explicit shared library
796 * dependencies.
797 *
798 * If we're generating a configuration file using crle(1), remove
799 * any RTLD_NOW use, as we don't want to trigger any relocation proc-
800 * essing during crle(1)'s first past (this would just be unnecessary
801 * overhead). Any filters are explicitly loaded, and thus RTLD_NOW is
802 * not required to trigger filter loading.
803 *
804 * Note, RTLD_NOW may have been established during analysis of the
805 * application had the application been built -z now.
806 */
807 MODE(mlmp) |= (RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD);
808
809 if (rtld_flags & RT_FL_CONFGEN) {
810 MODE(mlmp) |= RTLD_CONFGEN;
811 MODE(mlmp) &= ~RTLD_NOW;
812 rtld_flags2 &= ~RT_FL2_BINDNOW;
813 }
814
815 if ((MODE(mlmp) & RTLD_NOW) == 0) {
816 if (rtld_flags2 & RT_FL2_BINDNOW)
817 MODE(mlmp) |= RTLD_NOW;
818 else
819 MODE(mlmp) |= RTLD_LAZY;
820 }
821
822 /*
823 * If debugging was requested initialize things now that any cache has
824 * been established. A user can specify LD_DEBUG=help to discover the
825 * list of debugging tokens available without running the application.
826 * However, don't allow this setting from a configuration file.
827 *
828 * Note, to prevent recursion issues caused by loading and binding the
829 * debugging libraries themselves, a local debugging descriptor is
830 * initialized. Once the debugging setup has completed, this local
831 * descriptor is copied to the global descriptor which effectively
832 * enables diagnostic output.
833 *
834 * Ignore any debugging request if we're being monitored by a process
835 * that expects the old getpid() initialization handshake.
836 */
837 if ((rpl_debug || prm_debug) && ((rtld_flags & RT_FL_DEBUGGER) == 0)) {
838 Dbg_desc _dbg_desc = {0};
839 struct timeval total = DBG_TOTALTIME;
840 struct timeval delta = DBG_DELTATIME;
841
842 if (rpl_debug) {
843 if (dbg_setup(rpl_debug, &_dbg_desc) == 0)
844 return (0);
845 if (_dbg_desc.d_extra & DBG_E_HELP_EXIT)
846 rtldexit(&lml_main, 0);
847 }
848 if (prm_debug)
849 (void) dbg_setup(prm_debug, &_dbg_desc);
850
851 *dbg_desc = _dbg_desc;
852 DBG_TOTALTIME = total;
853 DBG_DELTATIME = delta;
854 }
855
856 /*
857 * Now that debugging is enabled generate any diagnostics from any
858 * previous events.
859 */
860 if (DBG_ENABLED) {
861 DBG_CALL(Dbg_cap_val(&lml_main, org_scapset, alt_scapset,
862 M_MACH));
863 DBG_CALL(Dbg_file_config_dis(&lml_main, config->c_name,
864 features));
865
866 DBG_CALL(Dbg_file_ldso(rlmp, envp, auxv,
867 LIST(rlmp)->lm_lmidstr, ALIST_OFF_DATA));
868
869 if (THIS_IS_ELF(mlmp)) {
870 DBG_CALL(Dbg_file_elf(&lml_main, PATHNAME(mlmp),
871 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr,
872 ALIST_OFF_DATA));
873 }
874 }
875
876 /*
877 * Enable auditing.
878 */
879 if (rpl_audit || prm_audit || profile_lib) {
880 int ndx;
881 const char *aud[3];
882
883 aud[0] = rpl_audit;
884 aud[1] = prm_audit;
885 aud[2] = profile_lib;
886
887 /*
888 * Any global auditing (set using LD_AUDIT or LD_PROFILE) that
889 * can't be established is non-fatal.
890 */
891 if ((auditors = calloc(1, sizeof (Audit_desc))) == NULL)
892 return (0);
893
894 for (ndx = 0; ndx < 3; ndx++) {
895 if (aud[ndx]) {
896 if ((auditors->ad_name =
897 strdup(aud[ndx])) == NULL)
898 return (0);
899 rtld_flags2 |= RT_FL2_FTL2WARN;
900 (void) audit_setup(mlmp, auditors,
901 PD_FLG_EXTLOAD, NULL);
902 rtld_flags2 &= ~RT_FL2_FTL2WARN;
903 }
904 }
905 lml_main.lm_tflags |= auditors->ad_flags;
906 }
907 if (AUDITORS(mlmp)) {
908 /*
909 * Any object required auditing (set with a DT_DEPAUDIT dynamic
910 * entry) that can't be established is fatal.
911 */
912 if (FLAGS1(mlmp) & FL1_RT_GLOBAUD) {
913 /*
914 * If this object requires global auditing, use the
915 * local auditing information to set the global
916 * auditing descriptor. The effect is that a
917 * DT_DEPAUDIT act as an LD_AUDIT.
918 */
919 if ((auditors == NULL) && ((auditors = calloc(1,
920 sizeof (Audit_desc))) == NULL))
921 return (0);
922
923 auditors->ad_name = AUDITORS(mlmp)->ad_name;
924 if (audit_setup(mlmp, auditors, 0, NULL) == 0)
925 return (0);
926 lml_main.lm_tflags |= auditors->ad_flags;
927
928 /*
929 * Clear the local auditor information.
930 */
931 free((void *) AUDITORS(mlmp));
932 AUDITORS(mlmp) = NULL;
933
934 } else {
935 /*
936 * Establish any local auditing.
937 */
938 if (audit_setup(mlmp, AUDITORS(mlmp), 0, NULL) == 0)
939 return (0);
940
941 AFLAGS(mlmp) |= AUDITORS(mlmp)->ad_flags;
942 lml_main.lm_flags |= LML_FLG_LOCAUDIT;
943 }
944 }
945
946 /*
947 * Explicitly add the initial object and ld.so.1 to those objects being
948 * audited. Note, although the ld.so.1 link-map isn't auditable,
949 * establish a cookie for ld.so.1 as this may be bound to via the
950 * dl*() family.
951 */
952 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_MASK) {
953 if (((audit_objopen(mlmp, mlmp) == 0) ||
954 (audit_objopen(mlmp, rlmp) == 0)) &&
955 (AFLAGS(mlmp) & LML_TFLG_AUD_MASK))
956 return (0);
957 }
958
959 /*
960 * Map in any preloadable shared objects. Establish the caller as the
961 * head of the main link-map list. In the case of being exercised from
962 * lddstub, the caller gets reassigned to the first target shared object
963 * so as to provide intuitive diagnostics from ldd().
964 *
965 * Note, it is valid to preload a 4.x shared object with a 5.0
966 * executable (or visa-versa), as this functionality is required by
967 * ldd(1).
968 */
969 clmp = mlmp;
970 if (rpl_preload && (preload(rpl_preload, mlmp, &clmp) == 0))
971 return (0);
972 if (prm_preload && (preload(prm_preload, mlmp, &clmp) == 0))
973 return (0);
974
975 /*
976 * Load all dependent (needed) objects.
977 */
978 if (analyze_lmc(&lml_main, ALIST_OFF_DATA, mlmp, mlmp, NULL) == NULL)
979 return (0);
980
981 /*
982 * Relocate all the dependencies we've just added.
983 *
984 * If this process has been established via crle(1), the environment
985 * variable LD_CONFGEN will have been set. crle(1) may create this
986 * process twice. The first time crle only needs to gather dependency
987 * information. The second time, is to dldump() the images.
988 *
989 * If we're only gathering dependencies, relocation is unnecessary.
990 * As crle(1) may be building an arbitrary family of objects, they may
991 * not fully relocate either. Hence the relocation phase is not carried
992 * out now, but will be called by crle(1) once all objects have been
993 * loaded.
994 */
995 if ((rtld_flags & RT_FL_CONFGEN) == 0) {
996
997 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD));
998
999 if (relocate_lmc(&lml_main, ALIST_OFF_DATA, mlmp,
1000 mlmp, NULL) == 0)
1001 return (0);
1002
1003 /*
1004 * Inform the debuggers that basic process initialization is
1005 * complete, and that the state of ld.so.1 (link-map lists,
1006 * etc.) is stable. This handshake enables the debugger to
1007 * initialize themselves, and consequently allows the user to
1008 * set break points in .init code.
1009 *
1010 * Most new debuggers use librtld_db to monitor activity events.
1011 * Older debuggers indicated their presence by setting the
1012 * DT_DEBUG entry in the dynamic executable (see elf_new_lm()).
1013 * In this case, getpid() is called so that the debugger can
1014 * catch the system call. This old mechanism has some
1015 * restrictions, as getpid() should not be called prior to
1016 * basic process initialization being completed. This
1017 * restriction has become increasingly difficult to maintain,
1018 * as the use of auditors, LD_DEBUG, and the initialization
1019 * handshake with libc can result in "premature" getpid()
1020 * calls. The use of this getpid() handshake is expected to
1021 * disappear at some point in the future, and there is intent
1022 * to work towards that goal.
1023 */
1024 rd_event(&lml_main, RD_DLACTIVITY, RT_CONSISTENT);
1025 rd_event(&lml_rtld, RD_DLACTIVITY, RT_CONSISTENT);
1026
1027 if (rtld_flags & RT_FL_DEBUGGER) {
1028 r_debug.rtd_rdebug.r_flags |= RD_FL_ODBG;
1029 (void) getpid();
1030 }
1031 }
1032
1033 /*
1034 * Indicate preinit activity, and call any auditing routines. These
1035 * routines are called before initializing any threads via libc, or
1036 * before collecting the complete set of .inits on the primary link-map.
1037 * Although most libc interfaces are encapsulated in local routines
1038 * within libc, they have been known to escape (ie. call a .plt). As
1039 * the appcert auditor uses preinit as a trigger to establish some
1040 * external interfaces to the main link-maps libc, we need to activate
1041 * this trigger before exercising any code within libc. Additionally,
1042 * I wouldn't put it past an auditor to add additional objects to the
1043 * primary link-map. Hence, we collect .inits after the audit call.
1044 */
1045 rd_event(&lml_main, RD_PREINIT, 0);
1046
1047 if (aud_activity ||
1048 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_ACTIVITY))
1049 audit_activity(mlmp, LA_ACT_CONSISTENT);
1050 if (aud_preinit ||
1051 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_PREINIT))
1052 audit_preinit(mlmp);
1053
1054 /*
1055 * If we're creating initial configuration information, we're done
1056 * now that the auditing step has been called.
1057 */
1058 if (rtld_flags & RT_FL_CONFGEN) {
1059 leave(LIST(mlmp), 0);
1060 return (mlmp);
1061 }
1062
1063 /*
1064 * Sort the .init sections of all objects we've added. If we're
1065 * tracing we only need to execute this under ldd(1) with the -i or -u
1066 * options.
1067 */
1068 lmflags = lml_main.lm_flags;
1069 if (((lmflags & LML_FLG_TRC_ENABLE) == 0) ||
1070 (lmflags & (LML_FLG_TRC_INIT | LML_FLG_TRC_UNREF))) {
1071 if ((tobj = tsort(mlmp, LIST(mlmp)->lm_init,
1072 RT_SORT_REV)) == (Rt_map **)S_ERROR)
1073 return (0);
1074 }
1075
1076 /*
1077 * If we are tracing we're done. This is the one legitimate use of a
1078 * direct call to rtldexit() rather than return, as we don't want to
1079 * return and jump to the application.
1080 */
1081 if (lmflags & LML_FLG_TRC_ENABLE) {
1082 unused(&lml_main);
1083 rtldexit(&lml_main, 0);
1084 }
1085
1086 /*
1087 * Check if this instance of the linker should have a primary link
1088 * map. This flag allows multiple copies of the -same- -version-
1089 * of the linker (and libc) to run in the same address space.
1090 *
1091 * Without this flag we only support one copy of the linker in a
1092 * process because by default the linker will always try to
1093 * initialize at one primary link map The copy of libc which is
1094 * initialized on a primary link map will initialize global TLS
1095 * data which can be shared with other copies of libc in the
1096 * process. The problem is that if there is more than one copy
1097 * of the linker, only one copy should link libc onto a primary
1098 * link map, otherwise libc will attempt to re-initialize global
1099 * TLS data. So when a copy of the linker is loaded with this
1100 * flag set, it will not initialize any primary link maps since
1101 * presumably another copy of the linker will do this.
1102 *
1103 * Note that this flag only allows multiple copies of the -same-
1104 * -version- of the linker (and libc) to coexist. This approach
1105 * will not work if we are trying to load different versions of
1106 * the linker and libc into the same process. The reason for
1107 * this is that the format of the global TLS data may not be
1108 * the same for different versions of libc. In this case each
1109 * different version of libc must have it's own primary link map
1110 * and be able to maintain it's own TLS data. The only way this
1111 * can be done is by carefully managing TLS pointers on transitions
1112 * between code associated with each of the different linkers.
1113 * Note that this is actually what is done for processes in lx
1114 * branded zones. Although in the lx branded zone case, the
1115 * other linker and libc are actually gld and glibc. But the
1116 * same general TLS management mechanism used by the lx brand
1117 * would apply to any attempts to run multiple versions of the
1118 * solaris linker and libc in a single process.
1119 */
1120 if (auxflags & AF_SUN_NOPLM)
1121 rtld_flags2 |= RT_FL2_NOPLM;
1122
1123 /*
1124 * Establish any static TLS for this primary link-map. Note, regardless
1125 * of whether TLS is available, an initial handshake occurs with libc to
1126 * indicate we're processing the primary link-map. Having identified
1127 * the primary link-map, initialize threads.
1128 */
1129 if (rt_get_extern(&lml_main, mlmp) == 0)
1130 return (0);
1131
1132 if ((rtld_flags2 & RT_FL2_NOPLM) == 0) {
1133 if (tls_statmod(&lml_main, mlmp) == 0)
1134 return (0);
1135 rt_thr_init(&lml_main);
1136 rtld_flags2 |= RT_FL2_PLMSETUP;
1137 } else {
1138 rt_thr_init(&lml_main);
1139 }
1140
1141 /*
1142 * Fire all dependencies .init sections. Identify any unused
1143 * dependencies, and leave the runtime linker - effectively calling
1144 * the dynamic executables entry point.
1145 */
1146 call_array(PREINITARRAY(mlmp), (uint_t)PREINITARRAYSZ(mlmp), mlmp,
1147 SHT_PREINIT_ARRAY);
1148
1149 if (tobj)
1150 call_init(tobj, DBG_INIT_SORT);
1151
1152 rd_event(&lml_main, RD_POSTINIT, 0);
1153
1154 unused(&lml_main);
1155
1156 DBG_CALL(Dbg_util_call_main(mlmp));
1157
1158 rtld_flags |= (RT_FL_OPERATION | RT_FL_APPLIC);
1159
1160 leave(LIST(mlmp), 0);
1161
1162 return (mlmp);
1163 }
1164