1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26 /* 27 * Copyright (c) 1988 AT&T 28 * All Rights Reserved 29 */ 30 /* 31 * Copyright (c) 2012, Joyent, Inc. All rights reserved. 32 * Copyright 2022 Oxide Computer Company 33 */ 34 35 /* 36 * Run time linker common setup. 37 * 38 * Called from _setup to get the process going at startup. 39 */ 40 41 #include <stdlib.h> 42 #include <fcntl.h> 43 #include <stdio.h> 44 #include <sys/types.h> 45 #include <sys/stat.h> 46 #include <sys/mman.h> 47 #include <string.h> 48 #include <unistd.h> 49 #include <dlfcn.h> 50 #include <sys/sysconfig.h> 51 #include <sys/auxv.h> 52 #include <debug.h> 53 #include <conv.h> 54 #include "_rtld.h" 55 #include "_audit.h" 56 #include "_elf.h" 57 #include "msg.h" 58 59 60 extern int _end, _edata, _etext; 61 extern void _init(void); 62 extern int _brk_unlocked(void *); 63 64 /* needed for _brk_unlocked() */ 65 void *_nd = &_end; 66 67 /* 68 * Counters that are incremented every time an object is mapped/unmapped. 69 * 70 * Note that exec() will usually map 2 objects before we receive control, 71 * but this can be 1 if ld.so.1 is executed directly. We count one of these 72 * here, and add another as necessary in setup(). 73 */ 74 u_longlong_t cnt_map = 1; 75 u_longlong_t cnt_unmap = 0; 76 77 78 /* 79 * Define for the executable's interpreter. 80 * Usually it is ld.so.1, but for the first release of ICL binaries 81 * it is libc.so.1. We keep this information so that we don't end 82 * up mapping libc twice if it is the interpreter. 83 */ 84 static Interp _interp; 85 86 /* 87 * LD_PRELOAD objects. 88 */ 89 static int 90 preload(const char *str, Rt_map *mlmp, Rt_map **clmp) 91 { 92 Alist *palp = NULL; 93 char *objs, *ptr, *next; 94 Word lmflags = lml_main.lm_flags; 95 int lddstub; 96 97 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD)); 98 99 if ((objs = strdup(str)) == NULL) 100 return (0); 101 102 /* 103 * Determine if we've been called from lddstub. 104 */ 105 lddstub = (lmflags & LML_FLG_TRC_ENABLE) && 106 (FLAGS1(*clmp) & FL1_RT_LDDSTUB); 107 108 109 for (ptr = strtok_r(objs, MSG_ORIG(MSG_STR_DELIMIT), &next); 110 ptr != NULL; 111 ptr = strtok_r(NULL, MSG_ORIG(MSG_STR_DELIMIT), &next)) { 112 Rt_map *nlmp = NULL; 113 uint_t flags; 114 115 DBG_CALL(Dbg_file_preload(&lml_main, ptr)); 116 117 /* 118 * Establish the flags for loading each object. If we're 119 * called via lddstub, then the first preloaded object is the 120 * object being inspected by ldd(1). This object should not be 121 * marked as an interposer, as this object is intended to act 122 * as the target object of the process. 123 */ 124 if (lddstub) 125 flags = FLG_RT_PRELOAD; 126 else 127 flags = (FLG_RT_PRELOAD | FLG_RT_OBJINTPO); 128 129 /* 130 * If this a secure application, then preload errors are 131 * reduced to warnings, as the errors are non-fatal. 132 */ 133 if (rtld_flags & RT_FL_SECURE) 134 rtld_flags2 |= RT_FL2_FTL2WARN; 135 if (expand_paths(*clmp, ptr, &palp, AL_CNT_NEEDED, 136 PD_FLG_EXTLOAD, 0) != 0) 137 nlmp = load_one(&lml_main, ALIST_OFF_DATA, palp, *clmp, 138 MODE(mlmp), flags, 0, NULL); 139 remove_alist(&palp, 0); 140 if (rtld_flags & RT_FL_SECURE) 141 rtld_flags2 &= ~RT_FL2_FTL2WARN; 142 if (nlmp && (bind_one(*clmp, nlmp, BND_NEEDED) == 0)) 143 nlmp = NULL; 144 145 if (lddstub && nlmp) { 146 lddstub = 0; 147 148 /* 149 * Fabricate a binding between the target shared object 150 * and lddstub so that the target object isn't called 151 * out from unused() processing. 152 */ 153 if (lmflags & 154 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)) { 155 if (bind_one(*clmp, nlmp, BND_REFER) == 0) 156 nlmp = NULL; 157 } 158 159 /* 160 * By identifying lddstub as the caller, several 161 * confusing ldd() diagnostics get suppressed. These 162 * diagnostics would reveal how the target shared object 163 * was found from lddstub. Now that the real target is 164 * loaded, identify the target as the caller so that all 165 * ldd() diagnostics are enabled for subsequent objects. 166 */ 167 if (nlmp) 168 *clmp = nlmp; 169 } 170 171 /* 172 * If no error occurred with loading this object, indicate that 173 * this link-map list contains an interposer. 174 */ 175 if (nlmp == NULL) { 176 if ((lmflags & LML_FLG_TRC_ENABLE) || 177 (rtld_flags & RT_FL_SECURE)) 178 continue; 179 else 180 return (0); 181 } 182 if (flags & FLG_RT_OBJINTPO) 183 lml_main.lm_flags |= LML_FLG_INTRPOSE; 184 185 } 186 187 free(palp); 188 free(objs); 189 return (1); 190 } 191 192 Rt_map * 193 setup(char **envp, auxv_t *auxv, Word _flags, char *_platform, int _syspagsz, 194 char *_rtldname, ulong_t ld_base, ulong_t interp_base, int fd, Phdr *phdr, 195 char *execname, char **argv, uid_t uid, uid_t euid, gid_t gid, gid_t egid, 196 int auxflags, uint_t *hwcap) 197 { 198 Rt_map *rlmp, *mlmp, *clmp, **tobj = NULL; 199 Ehdr *ehdr; 200 rtld_stat_t status; 201 int features = 0, ldsoexec = 0; 202 size_t eaddr, esize; 203 char *str, *argvname; 204 Word lmflags; 205 mmapobj_result_t *mpp; 206 Fdesc fdr = { 0 }, fdm = { 0 }; 207 Rej_desc rej = { 0 }; 208 APlist *ealp = NULL; 209 210 /* 211 * Now that ld.so has relocated itself, initialize our own 'environ' so 212 * as to establish an address suitable for any libc requirements. 213 */ 214 _environ = (char **)((ulong_t)auxv - sizeof (char *)); 215 _init(); 216 _environ = envp; 217 218 /* 219 * Establish a base time. Total time diagnostics start from entering 220 * ld.so.1 here, however the base time is reset each time the ld.so.1 221 * is re-entered. Note also, there will be a large time associated 222 * with the first diagnostic from ld.so.1, as bootstrapping ld.so.1 223 * and establishing the liblddbg infrastructure takes some time. 224 */ 225 (void) gettimeofday(&DBG_TOTALTIME, NULL); 226 DBG_DELTATIME = DBG_TOTALTIME; 227 228 /* 229 * Determine how ld.so.1 has been executed. 230 */ 231 if ((fd == -1) && (phdr == NULL)) { 232 /* 233 * If we received neither the AT_EXECFD nor the AT_PHDR aux 234 * vector, ld.so.1 must have been invoked directly from the 235 * command line. 236 */ 237 ldsoexec = 1; 238 239 /* 240 * AT_SUN_EXECNAME provides the most precise name, if it is 241 * available, otherwise fall back to argv[0]. At this time, 242 * there is no process name. 243 */ 244 if (execname) 245 rtldname = execname; 246 else if (argv[0]) 247 rtldname = argv[0]; 248 else 249 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 250 } else { 251 /* 252 * Otherwise, we have a standard process. AT_SUN_EXECNAME 253 * provides the most precise name, if it is available, 254 * otherwise fall back to argv[0]. Provided the application 255 * is already mapped, the process is the application, so 256 * simplify the application name for use in any diagnostics. 257 */ 258 if (execname) 259 argvname = execname; 260 else if (argv[0]) 261 argvname = execname = argv[0]; 262 else 263 argvname = execname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 264 265 if (fd == -1) { 266 if ((str = strrchr(argvname, '/')) != NULL) 267 procname = ++str; 268 else 269 procname = argvname; 270 } 271 272 /* 273 * At this point, we don't know the runtime linkers full path 274 * name. The _rtldname passed to us is the SONAME of the 275 * runtime linker, which is typically /lib/ld.so.1 no matter 276 * what the full path is. Use this for now, we'll reset the 277 * runtime linkers name once the application is analyzed. 278 */ 279 if (_rtldname) { 280 if ((str = strrchr(_rtldname, '/')) != NULL) 281 rtldname = ++str; 282 else 283 rtldname = _rtldname; 284 } else 285 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 286 287 /* exec() brought in two objects for us. Count the second one */ 288 cnt_map++; 289 } 290 291 /* 292 * Initialize any global variables. 293 */ 294 at_flags = _flags; 295 296 if ((org_scapset->sc_plat = _platform) != NULL) 297 org_scapset->sc_platsz = strlen(_platform); 298 299 if (org_scapset->sc_plat == NULL) 300 platform_name(org_scapset); 301 if (org_scapset->sc_mach == NULL) 302 machine_name(org_scapset); 303 304 /* 305 * If pagesize is unspecified find its value. 306 */ 307 if ((syspagsz = _syspagsz) == 0) 308 syspagsz = _sysconfig(_CONFIG_PAGESIZE); 309 310 /* 311 * Add the unused portion of the last data page to the free space list. 312 * The page size must be set before doing this. Here, _end refers to 313 * the end of the runtime linkers bss. Note that we do not use the 314 * unused data pages from any included .so's to supplement this free 315 * space as badly behaved .os's may corrupt this data space, and in so 316 * doing ruin our data. 317 */ 318 eaddr = S_DROUND((size_t)&_end); 319 esize = eaddr % syspagsz; 320 if (esize) { 321 esize = syspagsz - esize; 322 addfree((void *)eaddr, esize); 323 } 324 325 /* 326 * Establish initial link-map list flags, and link-map list alists. 327 */ 328 if (alist_append(&lml_main.lm_lists, NULL, sizeof (Lm_cntl), 329 AL_CNT_LMLISTS) == NULL) 330 return (0); 331 lml_main.lm_flags |= LML_FLG_BASELM; 332 lml_main.lm_lmid = LM_ID_BASE; 333 lml_main.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_BASE); 334 335 if (alist_append(&lml_rtld.lm_lists, NULL, sizeof (Lm_cntl), 336 AL_CNT_LMLISTS) == NULL) 337 return (0); 338 lml_rtld.lm_flags |= (LML_FLG_RTLDLM | LML_FLG_HOLDLOCK); 339 lml_rtld.lm_tflags |= LML_TFLG_NOAUDIT; 340 lml_rtld.lm_lmid = LM_ID_LDSO; 341 lml_rtld.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_LDSO); 342 343 /* 344 * Determine whether we have a secure executable. 345 */ 346 security(uid, euid, gid, egid, auxflags); 347 348 /* 349 * Make an initial pass of environment variables to pick off those 350 * related to locale processing. At the same time, collect and save 351 * any LD_XXXX variables for later processing. Note that this later 352 * processing will be skipped if ld.so.1 is invoked from the command 353 * line with -e LD_NOENVIRON. 354 */ 355 if (envp && (readenv_user((const char **)envp, &ealp) == 1)) 356 return (0); 357 358 /* 359 * If ld.so.1 has been invoked directly, process its arguments. 360 */ 361 if (ldsoexec) { 362 /* 363 * Process any arguments that are specific to ld.so.1, and 364 * reorganize the process stack to effectively remove ld.so.1 365 * from the stack. Reinitialize the environment pointer, as 366 * this pointer may have been shifted after skipping ld.so.1's 367 * arguments. 368 */ 369 if (rtld_getopt(argv, &envp, &auxv, &(lml_main.lm_flags), 370 &(lml_main.lm_tflags)) == 1) { 371 eprintf(&lml_main, ERR_NONE, MSG_INTL(MSG_USG_BADOPT)); 372 return (0); 373 } 374 _environ = envp; 375 376 /* 377 * Open the object that ld.so.1 is to execute. 378 */ 379 argvname = execname = argv[0]; 380 381 if ((fd = open(argvname, O_RDONLY)) == -1) { 382 int err = errno; 383 eprintf(&lml_main, ERR_FATAL, MSG_INTL(MSG_SYS_OPEN), 384 argvname, strerror(err)); 385 return (0); 386 } 387 } 388 389 /* 390 * Having processed any ld.so.1 command line options, return to process 391 * any LD_XXXX environment variables. 392 */ 393 if (ealp) { 394 if (((rtld_flags & RT_FL_NOENVIRON) == 0) && 395 (procenv_user(ealp, &(lml_main.lm_flags), 396 &(lml_main.lm_tflags)) == 1)) 397 return (0); 398 free(ealp); 399 } 400 401 /* 402 * Initialize a hardware capability descriptor for use in comparing 403 * each loaded object. The aux vector must provide AF_SUN_HWCAPVERIFY, 404 * as prior to this setting any hardware capabilities that were found 405 * could not be relied upon. 406 */ 407 if (auxflags & AF_SUN_HWCAPVERIFY) { 408 rtld_flags2 |= RT_FL2_HWCAP; 409 org_scapset->sc_hw_1 = (Xword)hwcap[0]; 410 org_scapset->sc_hw_2 = (Xword)hwcap[1]; 411 org_scapset->sc_hw_3 = (Xword)hwcap[2]; 412 } 413 414 /* 415 * Create a mapping descriptor for ld.so.1. We can determine our 416 * two segments information from known symbols. 417 */ 418 if ((mpp = calloc(2, sizeof (mmapobj_result_t))) == NULL) 419 return (0); 420 mpp[0].mr_addr = (caddr_t)M_PTRUNC(ld_base); 421 mpp[0].mr_msize = (caddr_t)&_etext - mpp[0].mr_addr; 422 mpp[0].mr_fsize = mpp[0].mr_msize; 423 mpp[0].mr_prot = (PROT_READ | PROT_EXEC); 424 425 mpp[1].mr_addr = (caddr_t)M_PTRUNC((uintptr_t)&r_debug); 426 mpp[1].mr_msize = (caddr_t)&_end - mpp[1].mr_addr; 427 mpp[1].mr_fsize = (caddr_t)&_edata - mpp[1].mr_addr; 428 mpp[1].mr_prot = (PROT_READ | PROT_WRITE | PROT_EXEC); 429 430 if ((fdr.fd_nname = stravl_insert(_rtldname, 0, 0, 0)) == NULL) 431 return (0); 432 if ((rlmp = elf_new_lmp(&lml_rtld, ALIST_OFF_DATA, &fdr, 433 (Addr)mpp->mr_addr, (size_t)((uintptr_t)eaddr - (uintptr_t)ld_base), 434 NULL, NULL, NULL)) == NULL) 435 return (0); 436 437 MMAPS(rlmp) = mpp; 438 MMAPCNT(rlmp) = 2; 439 PADSTART(rlmp) = (ulong_t)mpp[0].mr_addr; 440 PADIMLEN(rlmp) = (ulong_t)mpp[0].mr_addr + (ulong_t)mpp[1].mr_addr + 441 (ulong_t)mpp[1].mr_msize; 442 443 MODE(rlmp) |= (RTLD_LAZY | RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD); 444 FLAGS(rlmp) |= (FLG_RT_ANALYZED | FLG_RT_RELOCED | FLG_RT_INITDONE | 445 FLG_RT_INITCLCT | FLG_RT_FINICLCT | FLG_RT_MODESET); 446 447 /* 448 * Initialize the runtime linkers information. 449 */ 450 interp = &_interp; 451 interp->i_name = (char *)rtldname; 452 interp->i_faddr = (caddr_t)ADDR(rlmp); 453 ldso_plt_init(rlmp); 454 455 /* 456 * Map in the file, if exec has not already done so, or if the file 457 * was passed as an argument to an explicit execution of ld.so.1 from 458 * the command line. 459 */ 460 if (fd != -1) { 461 /* 462 * Map the file. Once the object is mapped we no longer need 463 * the file descriptor. 464 */ 465 (void) rtld_fstat(fd, &status); 466 fdm.fd_oname = argvname; 467 fdm.fd_ftp = map_obj(&lml_main, &fdm, status.st_size, argvname, 468 fd, &rej); 469 (void) close(fd); 470 471 if (fdm.fd_ftp == NULL) { 472 Conv_reject_desc_buf_t rej_buf; 473 474 eprintf(&lml_main, ERR_FATAL, 475 MSG_INTL(err_reject[rej.rej_type]), argvname, 476 conv_reject_desc(&rej, &rej_buf, M_MACH)); 477 return (0); 478 } 479 480 /* 481 * Finish processing the loading of the file. 482 */ 483 if ((fdm.fd_nname = stravl_insert(argvname, 0, 0, 0)) == NULL) 484 return (0); 485 fdm.fd_dev = status.st_dev; 486 fdm.fd_ino = status.st_ino; 487 488 if ((mlmp = load_file(&lml_main, ALIST_OFF_DATA, NULL, &fdm, 489 NULL)) == NULL) 490 return (0); 491 492 /* 493 * We now have a process name for error diagnostics. 494 */ 495 if ((str = strrchr(argvname, '/')) != NULL) 496 procname = ++str; 497 else 498 procname = argvname; 499 500 if (ldsoexec) { 501 mmapobj_result_t *mpp = MMAPS(mlmp); 502 uint_t mnum, mapnum = MMAPCNT(mlmp); 503 void *brkbase = NULL; 504 505 /* 506 * Since ld.so.1 was the primary executed object - the 507 * brk() base has not yet been initialized, we need to 508 * initialize it. For an executable, initialize it to 509 * the end of the object. For a shared object (ET_DYN) 510 * initialize it to the first page in memory. 511 */ 512 for (mnum = 0; mnum < mapnum; mnum++, mpp++) 513 brkbase = mpp->mr_addr + mpp->mr_msize; 514 515 if (brkbase == NULL) 516 brkbase = (void *)syspagsz; 517 518 if (_brk_unlocked(brkbase) == -1) { 519 int err = errno; 520 521 eprintf(&lml_main, ERR_FATAL, 522 MSG_INTL(MSG_SYS_BRK), argvname, 523 strerror(err)); 524 return (0); 525 } 526 } 527 } else { 528 if (phdr != NULL) { 529 Phdr *pptr; 530 Off i_offset = 0; 531 Addr base = 0; 532 ulong_t phsize; 533 mmapobj_result_t *mpp, *fmpp, *hmpp = NULL; 534 uint_t mapnum = 0; 535 int i; 536 size_t msize; 537 538 /* 539 * Using the executables phdr address determine the base 540 * address of the input file. NOTE, this assumes the 541 * program headers and elf header are part of the same 542 * mapped segment. Although this has held for many 543 * years now, it might be more flexible if the kernel 544 * gave use the ELF headers start address, rather than 545 * the Program headers. 546 * 547 * Determine from the ELF header if we're been called 548 * from a shared object or dynamic executable. If the 549 * latter, then any addresses within the object are used 550 * as is. Addresses within shared objects must be added 551 * to the process's base address. 552 */ 553 ehdr = (Ehdr *)((Addr)phdr - phdr->p_offset); 554 phsize = ehdr->e_phentsize; 555 if (ehdr->e_type == ET_DYN) 556 base = (Addr)ehdr; 557 558 /* 559 * Allocate a mapping array to retain mapped segment 560 * information. 561 */ 562 if ((fmpp = mpp = calloc(ehdr->e_phnum, 563 sizeof (mmapobj_result_t))) == NULL) 564 return (0); 565 566 /* 567 * Extract the needed information from the segment 568 * headers. 569 */ 570 for (i = 0, pptr = phdr; i < ehdr->e_phnum; i++) { 571 if (pptr->p_type == PT_INTERP) { 572 i_offset = pptr->p_offset; 573 interp->i_faddr = 574 (caddr_t)interp_base; 575 } 576 if ((pptr->p_type == PT_LOAD) && 577 (pptr->p_filesz || pptr->p_memsz)) { 578 int perm = (PROT_READ | PROT_EXEC); 579 size_t off; 580 581 if (i_offset && pptr->p_filesz && 582 (i_offset >= pptr->p_offset) && 583 (i_offset <= 584 (pptr->p_memsz + pptr->p_offset))) { 585 interp->i_name = (char *) 586 pptr->p_vaddr + i_offset - 587 pptr->p_offset + base; 588 i_offset = 0; 589 } 590 591 if (pptr->p_flags & PF_W) 592 perm |= PROT_WRITE; 593 594 /* 595 * Retain segments mapping info. Round 596 * each segment to a page boundary, as 597 * this insures addresses are suitable 598 * for mprotect() if required. 599 */ 600 off = pptr->p_vaddr + base; 601 if (hmpp == NULL) { 602 hmpp = mpp; 603 mpp->mr_addr = (caddr_t)ehdr; 604 } else 605 mpp->mr_addr = (caddr_t)off; 606 607 off -= (size_t)(uintptr_t)mpp->mr_addr; 608 mpp->mr_msize = pptr->p_memsz + off; 609 mpp->mr_fsize = pptr->p_filesz + off; 610 mpp->mr_prot = perm; 611 612 mpp++, mapnum++; 613 } 614 615 pptr = (Phdr *)((ulong_t)pptr + phsize); 616 } 617 618 mpp--; 619 msize = (size_t)(mpp->mr_addr + mpp->mr_msize) - 620 S_ALIGN((size_t)fmpp->mr_addr, syspagsz); 621 622 if ((fdm.fd_nname = 623 stravl_insert(execname, 0, 0, 0)) == NULL) 624 return (0); 625 if ((mlmp = elf_new_lmp(&lml_main, ALIST_OFF_DATA, 626 &fdm, (Addr)hmpp->mr_addr, msize, 627 NULL, NULL, NULL)) == NULL) 628 return (0); 629 630 MMAPS(mlmp) = fmpp; 631 MMAPCNT(mlmp) = mapnum; 632 PADSTART(mlmp) = (ulong_t)fmpp->mr_addr; 633 PADIMLEN(mlmp) = (ulong_t)fmpp->mr_addr + 634 (ulong_t)mpp->mr_addr + (ulong_t)mpp->mr_msize; 635 } 636 } 637 638 /* 639 * Establish the interpretors name as that defined within the initial 640 * object (executable). This provides for ORIGIN processing of ld.so.1 641 * dependencies. Note, the NAME() of the object remains that which was 642 * passed to us as the SONAME on execution. 643 */ 644 if (ldsoexec == 0) { 645 size_t len = strlen(interp->i_name); 646 647 if (expand(&interp->i_name, &len, 0, 0, 648 (PD_TKN_ISALIST | PD_TKN_CAP), rlmp) & PD_TKN_RESOLVED) 649 fdr.fd_flags |= FLG_FD_RESOLVED; 650 } 651 fdr.fd_pname = interp->i_name; 652 (void) fullpath(rlmp, &fdr); 653 654 /* 655 * The runtime linker acts as a filtee for various dl*() functions that 656 * are defined in libc (and libdl). Make sure this standard name for 657 * the runtime linker is also registered in the FullPathNode AVL tree. 658 */ 659 (void) fpavl_insert(&lml_rtld, rlmp, _rtldname, 0); 660 661 /* 662 * Having established the true runtime linkers name, simplify the name 663 * for error diagnostics. 664 */ 665 if ((str = strrchr(PATHNAME(rlmp), '/')) != NULL) 666 rtldname = ++str; 667 else 668 rtldname = PATHNAME(rlmp); 669 670 /* 671 * Expand the fullpath name of the application. This typically occurs 672 * as a part of loading an object, but as the kernel probably mapped 673 * it in, complete this processing now. 674 */ 675 (void) fullpath(mlmp, 0); 676 677 /* 678 * Some troublesome programs will change the value of argv[0]. Dupping 679 * the process string protects us, and insures the string is left in 680 * any core files. 681 */ 682 if ((str = (char *)strdup(procname)) == NULL) 683 return (0); 684 procname = str; 685 686 FLAGS(mlmp) |= (FLG_RT_ISMAIN | FLG_RT_MODESET); 687 FLAGS1(mlmp) |= FL1_RT_USED; 688 689 /* 690 * It's the responsibility of MAIN(crt0) to call it's _init and _fini 691 * section, therefore null out any INIT/FINI so that this object isn't 692 * collected during tsort processing. And, if the application has no 693 * initarray or finiarray we can economize on establishing bindings. 694 */ 695 INIT(mlmp) = FINI(mlmp) = NULL; 696 if ((INITARRAY(mlmp) == NULL) && (FINIARRAY(mlmp) == NULL)) 697 FLAGS1(mlmp) |= FL1_RT_NOINIFIN; 698 699 /* 700 * Identify lddstub if necessary. 701 */ 702 if (lml_main.lm_flags & LML_FLG_TRC_LDDSTUB) 703 FLAGS1(mlmp) |= FL1_RT_LDDSTUB; 704 705 /* 706 * Retain our argument information for use in dlinfo. 707 */ 708 argsinfo.dla_argv = argv--; 709 argsinfo.dla_argc = (long)*argv; 710 argsinfo.dla_envp = envp; 711 argsinfo.dla_auxv = auxv; 712 713 (void) enter(0); 714 715 /* 716 * Add our two main link-maps to the dynlm_list 717 */ 718 if (aplist_append(&dynlm_list, &lml_main, AL_CNT_DYNLIST) == NULL) 719 return (0); 720 721 if (aplist_append(&dynlm_list, &lml_rtld, AL_CNT_DYNLIST) == NULL) 722 return (0); 723 724 /* 725 * Reset the link-map counts for both lists. The init count is used to 726 * track how many objects have pending init sections, this gets incre- 727 * mented each time an object is relocated. Since ld.so.1 relocates 728 * itself, it's init count will remain zero. 729 * The object count is used to track how many objects have pending fini 730 * sections, as ld.so.1 handles its own fini we can zero its count. 731 */ 732 lml_main.lm_obj = 1; 733 lml_rtld.lm_obj = 0; 734 735 /* 736 * Initialize debugger information structure. Some parts of this 737 * structure were initialized statically. 738 */ 739 r_debug.rtd_rdebug.r_map = (Link_map *)lml_main.lm_head; 740 r_debug.rtd_rdebug.r_ldsomap = (Link_map *)lml_rtld.lm_head; 741 r_debug.rtd_rdebug.r_ldbase = r_debug.rtd_rdebug.r_ldsomap->l_addr; 742 r_debug.rtd_dynlmlst = &dynlm_list; 743 744 /* 745 * Determine the dev/inode information for the executable to complete 746 * load_so() checking for those who might call dlopen(3c) on the 747 * executable . 748 */ 749 if (rtld_stat(PATHNAME(mlmp), &status) == 0) { 750 STDEV(mlmp) = status.st_dev; 751 STINO(mlmp) = status.st_ino; 752 } 753 754 /* 755 * Initialize any configuration information. 756 */ 757 if (!(rtld_flags & RT_FL_NOCFG)) { 758 if ((features = elf_config(mlmp)) == -1) 759 return (0); 760 } 761 762 #if defined(_ELF64) 763 /* 764 * If this is a 64-bit process, determine whether this process has 765 * restricted the process address space to 32-bits. Any dependencies 766 * that are restricted to a 32-bit address space can only be loaded if 767 * the executable has established this requirement. 768 */ 769 if (CAPSET(mlmp).sc_sf_1 & SF1_SUNW_ADDR32) 770 rtld_flags2 |= RT_FL2_ADDR32; 771 #endif 772 /* 773 * Establish any alternative capabilities, and validate this object 774 * if it defines it's own capabilities information. 775 */ 776 if (cap_alternative() == 0) 777 return (0); 778 779 if (cap_check_lmp(mlmp, &rej) == 0) { 780 if (lml_main.lm_flags & LML_FLG_TRC_ENABLE) { 781 /* LINTED */ 782 (void) printf(MSG_INTL(ldd_warn[rej.rej_type]), 783 NAME(mlmp), rej.rej_str); 784 } else { 785 /* LINTED */ 786 eprintf(&lml_main, ERR_FATAL, 787 MSG_INTL(err_reject[rej.rej_type]), 788 NAME(mlmp), rej.rej_str); 789 return (0); 790 } 791 } 792 793 /* 794 * Establish the modes of the initial object. These modes are 795 * propagated to any preloaded objects and explicit shared library 796 * dependencies. 797 * 798 * If we're generating a configuration file using crle(1), remove 799 * any RTLD_NOW use, as we don't want to trigger any relocation proc- 800 * essing during crle(1)'s first past (this would just be unnecessary 801 * overhead). Any filters are explicitly loaded, and thus RTLD_NOW is 802 * not required to trigger filter loading. 803 * 804 * Note, RTLD_NOW may have been established during analysis of the 805 * application had the application been built -z now. 806 */ 807 MODE(mlmp) |= (RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD); 808 809 if (rtld_flags & RT_FL_CONFGEN) { 810 MODE(mlmp) |= RTLD_CONFGEN; 811 MODE(mlmp) &= ~RTLD_NOW; 812 rtld_flags2 &= ~RT_FL2_BINDNOW; 813 } 814 815 if ((MODE(mlmp) & RTLD_NOW) == 0) { 816 if (rtld_flags2 & RT_FL2_BINDNOW) 817 MODE(mlmp) |= RTLD_NOW; 818 else 819 MODE(mlmp) |= RTLD_LAZY; 820 } 821 822 /* 823 * If debugging was requested initialize things now that any cache has 824 * been established. A user can specify LD_DEBUG=help to discover the 825 * list of debugging tokens available without running the application. 826 * However, don't allow this setting from a configuration file. 827 * 828 * Note, to prevent recursion issues caused by loading and binding the 829 * debugging libraries themselves, a local debugging descriptor is 830 * initialized. Once the debugging setup has completed, this local 831 * descriptor is copied to the global descriptor which effectively 832 * enables diagnostic output. 833 * 834 * Ignore any debugging request if we're being monitored by a process 835 * that expects the old getpid() initialization handshake. 836 */ 837 if ((rpl_debug || prm_debug) && ((rtld_flags & RT_FL_DEBUGGER) == 0)) { 838 Dbg_desc _dbg_desc = {0}; 839 struct timeval total = DBG_TOTALTIME; 840 struct timeval delta = DBG_DELTATIME; 841 842 if (rpl_debug) { 843 if (dbg_setup(rpl_debug, &_dbg_desc) == 0) 844 return (0); 845 if (_dbg_desc.d_extra & DBG_E_HELP_EXIT) 846 rtldexit(&lml_main, 0); 847 } 848 if (prm_debug) 849 (void) dbg_setup(prm_debug, &_dbg_desc); 850 851 *dbg_desc = _dbg_desc; 852 DBG_TOTALTIME = total; 853 DBG_DELTATIME = delta; 854 } 855 856 /* 857 * Now that debugging is enabled generate any diagnostics from any 858 * previous events. 859 */ 860 if (DBG_ENABLED) { 861 DBG_CALL(Dbg_cap_val(&lml_main, org_scapset, alt_scapset, 862 M_MACH)); 863 DBG_CALL(Dbg_file_config_dis(&lml_main, config->c_name, 864 features)); 865 866 DBG_CALL(Dbg_file_ldso(rlmp, envp, auxv, 867 LIST(rlmp)->lm_lmidstr, ALIST_OFF_DATA)); 868 869 if (THIS_IS_ELF(mlmp)) { 870 DBG_CALL(Dbg_file_elf(&lml_main, PATHNAME(mlmp), 871 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr, 872 ALIST_OFF_DATA)); 873 } 874 } 875 876 /* 877 * Enable auditing. 878 */ 879 if (rpl_audit || prm_audit || profile_lib) { 880 int ndx; 881 const char *aud[3]; 882 883 aud[0] = rpl_audit; 884 aud[1] = prm_audit; 885 aud[2] = profile_lib; 886 887 /* 888 * Any global auditing (set using LD_AUDIT or LD_PROFILE) that 889 * can't be established is non-fatal. 890 */ 891 if ((auditors = calloc(1, sizeof (Audit_desc))) == NULL) 892 return (0); 893 894 for (ndx = 0; ndx < 3; ndx++) { 895 if (aud[ndx]) { 896 if ((auditors->ad_name = 897 strdup(aud[ndx])) == NULL) 898 return (0); 899 rtld_flags2 |= RT_FL2_FTL2WARN; 900 (void) audit_setup(mlmp, auditors, 901 PD_FLG_EXTLOAD, NULL); 902 rtld_flags2 &= ~RT_FL2_FTL2WARN; 903 } 904 } 905 lml_main.lm_tflags |= auditors->ad_flags; 906 } 907 if (AUDITORS(mlmp)) { 908 /* 909 * Any object required auditing (set with a DT_DEPAUDIT dynamic 910 * entry) that can't be established is fatal. 911 */ 912 if (FLAGS1(mlmp) & FL1_RT_GLOBAUD) { 913 /* 914 * If this object requires global auditing, use the 915 * local auditing information to set the global 916 * auditing descriptor. The effect is that a 917 * DT_DEPAUDIT act as an LD_AUDIT. 918 */ 919 if ((auditors == NULL) && ((auditors = calloc(1, 920 sizeof (Audit_desc))) == NULL)) 921 return (0); 922 923 auditors->ad_name = AUDITORS(mlmp)->ad_name; 924 if (audit_setup(mlmp, auditors, 0, NULL) == 0) 925 return (0); 926 lml_main.lm_tflags |= auditors->ad_flags; 927 928 /* 929 * Clear the local auditor information. 930 */ 931 free((void *) AUDITORS(mlmp)); 932 AUDITORS(mlmp) = NULL; 933 934 } else { 935 /* 936 * Establish any local auditing. 937 */ 938 if (audit_setup(mlmp, AUDITORS(mlmp), 0, NULL) == 0) 939 return (0); 940 941 AFLAGS(mlmp) |= AUDITORS(mlmp)->ad_flags; 942 lml_main.lm_flags |= LML_FLG_LOCAUDIT; 943 } 944 } 945 946 /* 947 * Explicitly add the initial object and ld.so.1 to those objects being 948 * audited. Note, although the ld.so.1 link-map isn't auditable, 949 * establish a cookie for ld.so.1 as this may be bound to via the 950 * dl*() family. 951 */ 952 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_MASK) { 953 if (((audit_objopen(mlmp, mlmp) == 0) || 954 (audit_objopen(mlmp, rlmp) == 0)) && 955 (AFLAGS(mlmp) & LML_TFLG_AUD_MASK)) 956 return (0); 957 } 958 959 /* 960 * Map in any preloadable shared objects. Establish the caller as the 961 * head of the main link-map list. In the case of being exercised from 962 * lddstub, the caller gets reassigned to the first target shared object 963 * so as to provide intuitive diagnostics from ldd(). 964 * 965 * Note, it is valid to preload a 4.x shared object with a 5.0 966 * executable (or visa-versa), as this functionality is required by 967 * ldd(1). 968 */ 969 clmp = mlmp; 970 if (rpl_preload && (preload(rpl_preload, mlmp, &clmp) == 0)) 971 return (0); 972 if (prm_preload && (preload(prm_preload, mlmp, &clmp) == 0)) 973 return (0); 974 975 /* 976 * Load all dependent (needed) objects. 977 */ 978 if (analyze_lmc(&lml_main, ALIST_OFF_DATA, mlmp, mlmp, NULL) == NULL) 979 return (0); 980 981 /* 982 * Relocate all the dependencies we've just added. 983 * 984 * If this process has been established via crle(1), the environment 985 * variable LD_CONFGEN will have been set. crle(1) may create this 986 * process twice. The first time crle only needs to gather dependency 987 * information. The second time, is to dldump() the images. 988 * 989 * If we're only gathering dependencies, relocation is unnecessary. 990 * As crle(1) may be building an arbitrary family of objects, they may 991 * not fully relocate either. Hence the relocation phase is not carried 992 * out now, but will be called by crle(1) once all objects have been 993 * loaded. 994 */ 995 if ((rtld_flags & RT_FL_CONFGEN) == 0) { 996 997 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD)); 998 999 if (relocate_lmc(&lml_main, ALIST_OFF_DATA, mlmp, 1000 mlmp, NULL) == 0) 1001 return (0); 1002 1003 /* 1004 * Inform the debuggers that basic process initialization is 1005 * complete, and that the state of ld.so.1 (link-map lists, 1006 * etc.) is stable. This handshake enables the debugger to 1007 * initialize themselves, and consequently allows the user to 1008 * set break points in .init code. 1009 * 1010 * Most new debuggers use librtld_db to monitor activity events. 1011 * Older debuggers indicated their presence by setting the 1012 * DT_DEBUG entry in the dynamic executable (see elf_new_lm()). 1013 * In this case, getpid() is called so that the debugger can 1014 * catch the system call. This old mechanism has some 1015 * restrictions, as getpid() should not be called prior to 1016 * basic process initialization being completed. This 1017 * restriction has become increasingly difficult to maintain, 1018 * as the use of auditors, LD_DEBUG, and the initialization 1019 * handshake with libc can result in "premature" getpid() 1020 * calls. The use of this getpid() handshake is expected to 1021 * disappear at some point in the future, and there is intent 1022 * to work towards that goal. 1023 */ 1024 rd_event(&lml_main, RD_DLACTIVITY, RT_CONSISTENT); 1025 rd_event(&lml_rtld, RD_DLACTIVITY, RT_CONSISTENT); 1026 1027 if (rtld_flags & RT_FL_DEBUGGER) { 1028 r_debug.rtd_rdebug.r_flags |= RD_FL_ODBG; 1029 (void) getpid(); 1030 } 1031 } 1032 1033 /* 1034 * Indicate preinit activity, and call any auditing routines. These 1035 * routines are called before initializing any threads via libc, or 1036 * before collecting the complete set of .inits on the primary link-map. 1037 * Although most libc interfaces are encapsulated in local routines 1038 * within libc, they have been known to escape (ie. call a .plt). As 1039 * the appcert auditor uses preinit as a trigger to establish some 1040 * external interfaces to the main link-maps libc, we need to activate 1041 * this trigger before exercising any code within libc. Additionally, 1042 * I wouldn't put it past an auditor to add additional objects to the 1043 * primary link-map. Hence, we collect .inits after the audit call. 1044 */ 1045 rd_event(&lml_main, RD_PREINIT, 0); 1046 1047 if (aud_activity || 1048 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_ACTIVITY)) 1049 audit_activity(mlmp, LA_ACT_CONSISTENT); 1050 if (aud_preinit || 1051 ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_PREINIT)) 1052 audit_preinit(mlmp); 1053 1054 /* 1055 * If we're creating initial configuration information, we're done 1056 * now that the auditing step has been called. 1057 */ 1058 if (rtld_flags & RT_FL_CONFGEN) { 1059 leave(LIST(mlmp), 0); 1060 return (mlmp); 1061 } 1062 1063 /* 1064 * Sort the .init sections of all objects we've added. If we're 1065 * tracing we only need to execute this under ldd(1) with the -i or -u 1066 * options. 1067 */ 1068 lmflags = lml_main.lm_flags; 1069 if (((lmflags & LML_FLG_TRC_ENABLE) == 0) || 1070 (lmflags & (LML_FLG_TRC_INIT | LML_FLG_TRC_UNREF))) { 1071 if ((tobj = tsort(mlmp, LIST(mlmp)->lm_init, 1072 RT_SORT_REV)) == (Rt_map **)S_ERROR) 1073 return (0); 1074 } 1075 1076 /* 1077 * If we are tracing we're done. This is the one legitimate use of a 1078 * direct call to rtldexit() rather than return, as we don't want to 1079 * return and jump to the application. 1080 */ 1081 if (lmflags & LML_FLG_TRC_ENABLE) { 1082 unused(&lml_main); 1083 rtldexit(&lml_main, 0); 1084 } 1085 1086 /* 1087 * Check if this instance of the linker should have a primary link 1088 * map. This flag allows multiple copies of the -same- -version- 1089 * of the linker (and libc) to run in the same address space. 1090 * 1091 * Without this flag we only support one copy of the linker in a 1092 * process because by default the linker will always try to 1093 * initialize at one primary link map The copy of libc which is 1094 * initialized on a primary link map will initialize global TLS 1095 * data which can be shared with other copies of libc in the 1096 * process. The problem is that if there is more than one copy 1097 * of the linker, only one copy should link libc onto a primary 1098 * link map, otherwise libc will attempt to re-initialize global 1099 * TLS data. So when a copy of the linker is loaded with this 1100 * flag set, it will not initialize any primary link maps since 1101 * presumably another copy of the linker will do this. 1102 * 1103 * Note that this flag only allows multiple copies of the -same- 1104 * -version- of the linker (and libc) to coexist. This approach 1105 * will not work if we are trying to load different versions of 1106 * the linker and libc into the same process. The reason for 1107 * this is that the format of the global TLS data may not be 1108 * the same for different versions of libc. In this case each 1109 * different version of libc must have it's own primary link map 1110 * and be able to maintain it's own TLS data. The only way this 1111 * can be done is by carefully managing TLS pointers on transitions 1112 * between code associated with each of the different linkers. 1113 * Note that this is actually what is done for processes in lx 1114 * branded zones. Although in the lx branded zone case, the 1115 * other linker and libc are actually gld and glibc. But the 1116 * same general TLS management mechanism used by the lx brand 1117 * would apply to any attempts to run multiple versions of the 1118 * solaris linker and libc in a single process. 1119 */ 1120 if (auxflags & AF_SUN_NOPLM) 1121 rtld_flags2 |= RT_FL2_NOPLM; 1122 1123 /* 1124 * Establish any static TLS for this primary link-map. Note, regardless 1125 * of whether TLS is available, an initial handshake occurs with libc to 1126 * indicate we're processing the primary link-map. Having identified 1127 * the primary link-map, initialize threads. 1128 */ 1129 if (rt_get_extern(&lml_main, mlmp) == 0) 1130 return (0); 1131 1132 if ((rtld_flags2 & RT_FL2_NOPLM) == 0) { 1133 if (tls_statmod(&lml_main, mlmp) == 0) 1134 return (0); 1135 rt_thr_init(&lml_main); 1136 rtld_flags2 |= RT_FL2_PLMSETUP; 1137 } else { 1138 rt_thr_init(&lml_main); 1139 } 1140 1141 /* 1142 * Fire all dependencies .init sections. Identify any unused 1143 * dependencies, and leave the runtime linker - effectively calling 1144 * the dynamic executables entry point. 1145 */ 1146 call_array(PREINITARRAY(mlmp), (uint_t)PREINITARRAYSZ(mlmp), mlmp, 1147 SHT_PREINIT_ARRAY); 1148 1149 if (tobj) 1150 call_init(tobj, DBG_INIT_SORT); 1151 1152 rd_event(&lml_main, RD_POSTINIT, 0); 1153 1154 unused(&lml_main); 1155 1156 DBG_CALL(Dbg_util_call_main(mlmp)); 1157 1158 rtld_flags |= (RT_FL_OPERATION | RT_FL_APPLIC); 1159 1160 leave(LIST(mlmp), 0); 1161 1162 return (mlmp); 1163 } 1164