1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 /* 29 * SPARC V9 machine dependent and ELF file class dependent functions. 30 * Contains routines for performing function binding and symbol relocations. 31 */ 32 #include "_synonyms.h" 33 34 #include <stdio.h> 35 #include <sys/elf.h> 36 #include <sys/elf_SPARC.h> 37 #include <sys/mman.h> 38 #include <dlfcn.h> 39 #include <synch.h> 40 #include <string.h> 41 #include <debug.h> 42 #include <reloc.h> 43 #include <conv.h> 44 #include "_rtld.h" 45 #include "_audit.h" 46 #include "_elf.h" 47 #include "msg.h" 48 49 extern void iflush_range(caddr_t, size_t); 50 extern void plt_upper_32(uintptr_t, uintptr_t); 51 extern void plt_upper_44(uintptr_t, uintptr_t); 52 extern void plt_full_range(uintptr_t, uintptr_t); 53 extern void elf_rtbndr(Rt_map *, ulong_t, caddr_t); 54 extern void elf_rtbndr_far(Rt_map *, ulong_t, caddr_t); 55 56 57 int 58 elf_mach_flags_check(Rej_desc *rej, Ehdr *ehdr) 59 { 60 /* 61 * Check machine type and flags. 62 */ 63 if (ehdr->e_flags & EF_SPARC_EXT_MASK) { 64 /* 65 * Check vendor-specific extensions. 66 */ 67 if (ehdr->e_flags & EF_SPARC_HAL_R1) { 68 rej->rej_type = SGS_REJ_HAL; 69 rej->rej_info = (uint_t)ehdr->e_flags; 70 return (0); 71 } 72 if ((ehdr->e_flags & EF_SPARC_SUN_US3) & ~at_flags) { 73 rej->rej_type = SGS_REJ_US3; 74 rej->rej_info = (uint_t)ehdr->e_flags; 75 return (0); 76 } 77 78 /* 79 * Generic check. 80 * All of our 64-bit SPARC's support the US1 (UltraSPARC 1) 81 * instructions so that bit isn't worth checking for explicitly. 82 */ 83 if ((ehdr->e_flags & EF_SPARC_EXT_MASK) & ~at_flags) { 84 rej->rej_type = SGS_REJ_BADFLAG; 85 rej->rej_info = (uint_t)ehdr->e_flags; 86 return (0); 87 } 88 } else if ((ehdr->e_flags & ~EF_SPARCV9_MM) != 0) { 89 rej->rej_type = SGS_REJ_BADFLAG; 90 rej->rej_info = (uint_t)ehdr->e_flags; 91 return (0); 92 } 93 return (1); 94 } 95 96 97 void 98 ldso_plt_init(Rt_map * lmp) 99 { 100 /* 101 * There is no need to analyze ld.so because we don't map in any of 102 * its dependencies. However we may map these dependencies in later 103 * (as if ld.so had dlopened them), so initialize the plt and the 104 * permission information. 105 */ 106 if (PLTGOT(lmp)) { 107 Xword pltoff; 108 109 /* 110 * Install the lm pointer in .PLT2 as per the ABI. 111 */ 112 pltoff = (2 * M_PLT_ENTSIZE) / M_PLT_INSSIZE; 113 elf_plt2_init(PLTGOT(lmp) + pltoff, lmp); 114 115 /* 116 * The V9 ABI states that the first 32k PLT entries 117 * use .PLT1, with .PLT0 used by the "latter" entries. 118 * We don't currently implement the extendend format, 119 * so install an error handler in .PLT0 to catch anyone 120 * trying to use it. 121 */ 122 elf_plt_init(PLTGOT(lmp), (caddr_t)elf_rtbndr_far); 123 124 /* 125 * Initialize .PLT1 126 */ 127 pltoff = M_PLT_ENTSIZE / M_PLT_INSSIZE; 128 elf_plt_init(PLTGOT(lmp) + pltoff, (caddr_t)elf_rtbndr); 129 } 130 } 131 132 /* 133 * elf_plt_write() will test to see how far away our destination 134 * address lies. If it is close enough that a branch can 135 * be used instead of a jmpl - we will fill the plt in with 136 * single branch. The branches are much quicker then 137 * a jmpl instruction - see bug#4356879 for further 138 * details. 139 * 140 * NOTE: we pass in both a 'pltaddr' and a 'vpltaddr' since 141 * librtld/dldump update PLT's who's physical 142 * address is not the same as the 'virtual' runtime 143 * address. 144 */ 145 Pltbindtype 146 elf_plt_write(uintptr_t addr, uintptr_t vaddr, void *rptr, uintptr_t symval, 147 Xword pltndx) 148 { 149 Rela *rel = (Rela *)rptr; 150 uintptr_t nsym = ~symval; 151 uintptr_t vpltaddr, pltaddr; 152 long disp; 153 154 155 pltaddr = addr + rel->r_offset; 156 vpltaddr = vaddr + rel->r_offset; 157 disp = symval - vpltaddr - 4; 158 159 if (pltndx >= (M64_PLT_NEARPLTS - M_PLT_XNumber)) { 160 *((Sxword *)pltaddr) = (uintptr_t)symval + 161 (uintptr_t)rel->r_addend - vaddr; 162 DBG_CALL(pltcntfar++); 163 return (PLT_T_FAR); 164 } 165 166 /* 167 * Test if the destination address is close enough to use 168 * a ba,a... instruction to reach it. 169 */ 170 if (S_INRANGE(disp, 23) && !(rtld_flags & RT_FL_NOBAPLT)) { 171 uint_t *pltent, bainstr; 172 Pltbindtype rc; 173 174 pltent = (uint_t *)pltaddr; 175 /* 176 * The 177 * 178 * ba,a,pt %icc, <dest> 179 * 180 * is the most efficient of the PLT's. If we 181 * are within +-20 bits - use that branch. 182 */ 183 if (S_INRANGE(disp, 20)) { 184 bainstr = M_BA_A_PT; /* ba,a,pt %icc,<dest> */ 185 /* LINTED */ 186 bainstr |= (uint_t)(S_MASK(19) & (disp >> 2)); 187 rc = PLT_T_21D; 188 DBG_CALL(pltcnt21d++); 189 } else { 190 /* 191 * Otherwise - we fall back to the good old 192 * 193 * ba,a <dest> 194 * 195 * Which still beats a jmpl instruction. 196 */ 197 bainstr = M_BA_A; /* ba,a <dest> */ 198 /* LINTED */ 199 bainstr |= (uint_t)(S_MASK(22) & (disp >> 2)); 200 rc = PLT_T_24D; 201 DBG_CALL(pltcnt24d++); 202 } 203 204 pltent[2] = M_NOP; /* nop instr */ 205 pltent[1] = bainstr; 206 207 iflush_range((char *)(&pltent[1]), 4); 208 pltent[0] = M_NOP; /* nop instr */ 209 iflush_range((char *)(&pltent[0]), 4); 210 return (rc); 211 } 212 213 if ((nsym >> 32) == 0) { 214 plt_upper_32(pltaddr, symval); 215 DBG_CALL(pltcntu32++); 216 return (PLT_T_U32); 217 } 218 219 if ((nsym >> 44) == 0) { 220 plt_upper_44(pltaddr, symval); 221 DBG_CALL(pltcntu44++); 222 return (PLT_T_U44); 223 } 224 225 /* 226 * The PLT destination is not in reach of 227 * a branch instruction - so we fall back 228 * to a 'jmpl' sequence. 229 */ 230 plt_full_range(pltaddr, symval); 231 DBG_CALL(pltcntfull++); 232 return (PLT_T_FULL); 233 } 234 235 236 237 /* 238 * Once relocated, the following 6 instruction sequence moves 239 * a 64-bit immediate value into register %g1 240 */ 241 #define VAL64_TO_G1 \ 242 /* 0x00 */ 0x0b, 0x00, 0x00, 0x00, /* sethi %hh(value), %g5 */ \ 243 /* 0x04 */ 0x8a, 0x11, 0x60, 0x00, /* or %g5, %hm(value), %g5 */ \ 244 /* 0x08 */ 0x8b, 0x29, 0x70, 0x20, /* sllx %g5, 32, %g5 */ \ 245 /* 0x0c */ 0x03, 0x00, 0x00, 0x00, /* sethi %lm(value), %g1 */ \ 246 /* 0x10 */ 0x82, 0x10, 0x60, 0x00, /* or %g1, %lo(value), %g1 */ \ 247 /* 0x14 */ 0x82, 0x10, 0x40, 0x05 /* or %g1, %g5, %g1 */ 248 249 /* 250 * Local storage space created on the stack created for this glue 251 * code includes space for: 252 * 0x8 pointer to dyn_data 253 * 0x8 size prev stack frame 254 */ 255 static const Byte dyn_plt_template[] = { 256 /* 0x0 */ 0x2a, 0xcf, 0x80, 0x03, /* brnz,a,pt %fp, 0xc */ 257 /* 0x4 */ 0x82, 0x27, 0x80, 0x0e, /* sub %fp, %sp, %g1 */ 258 /* 0x8 */ 0x82, 0x10, 0x20, 0xb0, /* mov 176, %g1 */ 259 /* 0xc */ 0x9d, 0xe3, 0xbf, 0x40, /* save %sp, -192, %sp */ 260 /* 0x10 */ 0xc2, 0x77, 0xa7, 0xef, /* stx %g1, [%fp + 2031] */ 261 262 /* store prev stack size */ 263 /* 0x14 */ VAL64_TO_G1, /* dyn_data to g1 */ 264 /* 0x2c */ 0xc2, 0x77, 0xa7, 0xf7, /* stx %g1, [%fp + 2039] */ 265 266 /* 0x30 */ VAL64_TO_G1, /* elf_plt_trace() addr to g1 */ 267 268 /* Call to elf_plt_trace() via g1 */ 269 /* 0x48 */ 0x9f, 0xc0, 0x60, 0x00, /* jmpl ! link r[15] to addr in g1 */ 270 /* 0x4c */ 0x01, 0x00, 0x00, 0x00 /* nop ! for jmpl delay slot *AND* */ 271 /* to get 8-byte alignment */ 272 }; 273 274 275 int dyn_plt_ent_size = sizeof (dyn_plt_template) + 276 sizeof (Addr) + /* reflmp */ 277 sizeof (Addr) + /* deflmp */ 278 sizeof (Word) + /* symndx */ 279 sizeof (Word) + /* sb_flags */ 280 sizeof (Sym); /* symdef */ 281 282 283 /* 284 * the dynamic plt entry is: 285 * 286 * brnz,a,pt %fp, 1f 287 * sub %sp, %fp, %g1 288 * mov SA(MINFRAME), %g1 289 * 1: 290 * save %sp, -(SA(MINFRAME) + (2 * CLONGSIZE)), %sp 291 * 292 * ! store prev stack size 293 * stx %g1, [%fp + STACK_BIAS - (2 * CLONGSIZE)] 294 * 295 * 2: 296 * ! move dyn_data to %g1 297 * sethi %hh(dyn_data), %g5 298 * or %g5, %hm(dyn_data), %g5 299 * sllx %g5, 32, %g5 300 * sethi %lm(dyn_data), %g1 301 * or %g1, %lo(dyn_data), %g1 302 * or %g1, %g5, %g1 303 * 304 * ! store dyn_data ptr on frame (from %g1) 305 * stx %g1, [%fp + STACK_BIAS - CLONGSIZE] 306 * 307 * ! Move address of elf_plt_trace() into %g1 308 * [Uses same 6 instructions as shown at label 2: above. Not shown.] 309 * 310 * ! Use JMPL to make call. CALL instruction is limited to 30-bits. 311 * ! of displacement. 312 * jmp1 %g1, %o7 313 * 314 * ! JMPL has a delay slot that must be filled. And, the sequence 315 * ! of instructions needs to have 8-byte alignment. This NOP does both. 316 * ! The alignment is needed for the data we put following the 317 * ! instruction. 318 * nop 319 * 320 * dyn data: 321 * Addr reflmp 322 * Addr deflmp 323 * Word symndx 324 * Word sb_flags 325 * Sym symdef (Elf64_Sym = 24-bytes) 326 */ 327 328 329 /* 330 * Relocate the instructions given by the VAL64_TO_G1 macro above. 331 * The arguments parallel those of do_reloc(). 332 * 333 * entry: 334 * off - Address of 1st instruction in sequence. 335 * value - Value being relocated (addend) 336 * sym - Name of value being relocated. 337 * lml - link map list 338 * 339 * exit: 340 * Returns TRUE for success, FALSE for failure. 341 */ 342 static int 343 reloc_val64_to_g1(Byte *off, Addr *value, const char *sym, Lm_list *lml) 344 { 345 Xword tmp_value; 346 347 /* 348 * relocating: 349 * sethi %hh(value), %g5 350 */ 351 tmp_value = (Xword)value; 352 if (do_reloc(R_SPARC_HH22, off, &tmp_value, sym, 353 MSG_ORIG(MSG_SPECFIL_DYNPLT), lml) == 0) { 354 return (0); 355 } 356 357 /* 358 * relocating: 359 * or %g5, %hm(value), %g5 360 */ 361 tmp_value = (Xword)value; 362 if (do_reloc(R_SPARC_HM10, off + 4, &tmp_value, sym, 363 MSG_ORIG(MSG_SPECFIL_DYNPLT), lml) == 0) { 364 return (0); 365 } 366 367 /* 368 * relocating: 369 * sethi %lm(value), %g1 370 */ 371 tmp_value = (Xword)value; 372 if (do_reloc(R_SPARC_LM22, off + 12, &tmp_value, sym, 373 MSG_ORIG(MSG_SPECFIL_DYNPLT), lml) == 0) { 374 return (0); 375 } 376 377 /* 378 * relocating: 379 * or %g1, %lo(value), %g1 380 */ 381 tmp_value = (Xword)value; 382 if (do_reloc(R_SPARC_LO10, off + 16, &tmp_value, sym, 383 MSG_ORIG(MSG_SPECFIL_DYNPLT), lml) == 0) { 384 return (0); 385 } 386 387 return (1); 388 } 389 390 static caddr_t 391 elf_plt_trace_write(caddr_t addr, Rela * rptr, Rt_map * rlmp, Rt_map * dlmp, 392 Sym * sym, uint_t symndx, ulong_t pltndx, caddr_t to, uint_t sb_flags, 393 int *fail) 394 { 395 extern ulong_t elf_plt_trace(); 396 Addr dyn_plt, *dyndata; 397 398 /* 399 * If both pltenter & pltexit have been disabled there 400 * there is no reason to even create the glue code. 401 */ 402 if ((sb_flags & (LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT)) == 403 (LA_SYMB_NOPLTENTER | LA_SYMB_NOPLTEXIT)) { 404 (void) elf_plt_write((uintptr_t)addr, (uintptr_t)addr, 405 rptr, (uintptr_t)to, pltndx); 406 return (to); 407 } 408 409 /* 410 * We only need to add the glue code if there is an auditing 411 * library that is interested in this binding. 412 */ 413 dyn_plt = (Xword)AUDINFO(rlmp)->ai_dynplts + 414 (pltndx * dyn_plt_ent_size); 415 416 /* 417 * Have we initialized this dynamic plt entry yet? If we haven't do it 418 * now. Otherwise this function has been called before, but from a 419 * different plt (ie. from another shared object). In that case 420 * we just set the plt to point to the new dyn_plt. 421 */ 422 if (*(Word *)dyn_plt == 0) { 423 Sym *symp; 424 Lm_list *lml = LIST(rlmp); 425 426 (void) memcpy((void *)dyn_plt, dyn_plt_template, 427 sizeof (dyn_plt_template)); 428 dyndata = (Addr *)(dyn_plt + sizeof (dyn_plt_template)); 429 430 /* 431 * relocating: 432 * VAL64_TO_G1(dyndata) 433 * VAL64_TO_G1(&elf_plt_trace) 434 */ 435 if (!(reloc_val64_to_g1((Byte *) (dyn_plt + 0x14), dyndata, 436 MSG_ORIG(MSG_SYM_LADYNDATA), lml) && 437 reloc_val64_to_g1((Byte *) (dyn_plt + 0x30), 438 (Addr *)&elf_plt_trace, MSG_ORIG(MSG_SYM_ELFPLTTRACE), 439 lml))) { 440 *fail = 1; 441 return (0); 442 } 443 444 *dyndata++ = (Addr)rlmp; 445 *dyndata++ = (Addr)dlmp; 446 447 /* 448 * symndx in the high word, sb_flags in the low. 449 */ 450 *dyndata = (Addr)sb_flags; 451 *(Word *)dyndata = symndx; 452 dyndata++; 453 454 symp = (Sym *)dyndata; 455 *symp = *sym; 456 symp->st_value = (Addr)to; 457 iflush_range((void *)dyn_plt, sizeof (dyn_plt_template)); 458 } 459 460 (void) elf_plt_write((uintptr_t)addr, (uintptr_t)addr, rptr, 461 (uintptr_t)dyn_plt, pltndx); 462 return ((caddr_t)dyn_plt); 463 } 464 465 /* 466 * Function binding routine - invoked on the first call to a function through 467 * the procedure linkage table; 468 * passes first through an assembly language interface. 469 * 470 * Takes the address of the PLT entry where the call originated, 471 * the offset into the relocation table of the associated 472 * relocation entry and the address of the link map (rt_private_map struct) 473 * for the entry. 474 * 475 * Returns the address of the function referenced after re-writing the PLT 476 * entry to invoke the function directly. 477 * 478 * On error, causes process to terminate with a signal. 479 */ 480 481 ulong_t 482 elf_bndr(Rt_map *lmp, ulong_t pltoff, caddr_t from) 483 { 484 Rt_map *nlmp, *llmp; 485 Addr addr, vaddr, reloff, symval; 486 char *name; 487 Rela *rptr; 488 Sym *sym, *nsym; 489 Xword pltndx; 490 uint_t binfo, sb_flags = 0; 491 ulong_t rsymndx; 492 Slookup sl; 493 Pltbindtype pbtype; 494 int entry, lmflags, farplt = 0; 495 uint_t dbg_class; 496 Lm_list *lml = LIST(lmp); 497 498 /* 499 * For compatibility with libthread (TI_VERSION 1) we track the entry 500 * value. A zero value indicates we have recursed into ld.so.1 to 501 * further process a locking request. Under this recursion we disable 502 * tsort and cleanup activities. 503 */ 504 entry = enter(); 505 506 if ((lmflags = lml->lm_flags) & LML_FLG_RTLDLM) { 507 dbg_class = dbg_desc->d_class; 508 dbg_desc->d_class = 0; 509 } 510 511 /* 512 * Must calculate true plt relocation address from reloc. 513 * Take offset, subtract number of reserved PLT entries, and divide 514 * by PLT entry size, which should give the index of the plt 515 * entry (and relocation entry since they have been defined to be 516 * in the same order). Then we must multiply by the size of 517 * a relocation entry, which will give us the offset of the 518 * plt relocation entry from the start of them given by JMPREL(lm). 519 */ 520 addr = pltoff - M_PLT_RESERVSZ; 521 522 if (pltoff < (M64_PLT_NEARPLTS * M_PLT_ENTSIZE)) { 523 pltndx = addr / M_PLT_ENTSIZE; 524 } else { 525 ulong_t pltblockoff; 526 527 pltblockoff = pltoff - (M64_PLT_NEARPLTS * M_PLT_ENTSIZE); 528 pltndx = M64_PLT_NEARPLTS + 529 ((pltblockoff / M64_PLT_FBLOCKSZ) * M64_PLT_FBLKCNTS) + 530 ((pltblockoff % M64_PLT_FBLOCKSZ) / M64_PLT_FENTSIZE) - 531 M_PLT_XNumber; 532 farplt = 1; 533 } 534 535 /* 536 * Perform some basic sanity checks. If we didn't get a load map 537 * or the plt offset is invalid then its possible someone has walked 538 * over the plt entries or jumped to plt[01] out of the blue. 539 */ 540 if (!lmp || (!farplt && (addr % M_PLT_ENTSIZE) != 0) || 541 (farplt && (addr % M_PLT_INSSIZE))) { 542 Conv_inv_buf_t inv_buf; 543 544 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_PLTREF), 545 conv_reloc_SPARC_type(R_SPARC_JMP_SLOT, 0, &inv_buf), 546 EC_NATPTR(lmp), EC_XWORD(pltoff), EC_NATPTR(from)); 547 rtldexit(lml, 1); 548 } 549 reloff = pltndx * sizeof (Rela); 550 551 /* 552 * Use relocation entry to get symbol table entry and symbol name. 553 */ 554 addr = (ulong_t)JMPREL(lmp); 555 rptr = (Rela *)(addr + reloff); 556 rsymndx = ELF_R_SYM(rptr->r_info); 557 sym = (Sym *)((ulong_t)SYMTAB(lmp) + (rsymndx * SYMENT(lmp))); 558 name = (char *)(STRTAB(lmp) + sym->st_name); 559 560 /* 561 * Determine the last link-map of this list, this'll be the starting 562 * point for any tsort() processing. 563 */ 564 llmp = lml->lm_tail; 565 566 /* 567 * Find definition for symbol. 568 */ 569 sl.sl_name = name; 570 sl.sl_cmap = lmp; 571 sl.sl_imap = lml->lm_head; 572 sl.sl_hash = 0; 573 sl.sl_rsymndx = rsymndx; 574 sl.sl_flags = LKUP_DEFT; 575 if ((nsym = lookup_sym(&sl, &nlmp, &binfo)) == 0) { 576 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_NOSYM), NAME(lmp), 577 demangle(name)); 578 rtldexit(lml, 1); 579 } 580 581 symval = nsym->st_value; 582 if (!(FLAGS(nlmp) & FLG_RT_FIXED) && 583 (nsym->st_shndx != SHN_ABS)) 584 symval += ADDR(nlmp); 585 if ((lmp != nlmp) && ((FLAGS1(nlmp) & FL1_RT_NOINIFIN) == 0)) { 586 /* 587 * Record that this new link map is now bound to the caller. 588 */ 589 if (bind_one(lmp, nlmp, BND_REFER) == 0) 590 rtldexit(lml, 1); 591 } 592 593 if ((lml->lm_tflags | FLAGS1(lmp)) & LML_TFLG_AUD_SYMBIND) { 594 /* LINTED */ 595 uint_t symndx = (uint_t)(((uintptr_t)nsym - 596 (uintptr_t)SYMTAB(nlmp)) / SYMENT(nlmp)); 597 598 symval = audit_symbind(lmp, nlmp, nsym, symndx, symval, 599 &sb_flags); 600 } 601 602 if (FLAGS(lmp) & FLG_RT_FIXED) 603 vaddr = 0; 604 else 605 vaddr = ADDR(lmp); 606 607 pbtype = PLT_T_NONE; 608 if (!(rtld_flags & RT_FL_NOBIND)) { 609 if (((lml->lm_tflags | FLAGS1(lmp)) & 610 (LML_TFLG_AUD_PLTENTER | LML_TFLG_AUD_PLTEXIT)) && 611 AUDINFO(lmp)->ai_dynplts) { 612 int fail = 0; 613 /* LINTED */ 614 uint_t symndx = (uint_t)(((uintptr_t)nsym - 615 (uintptr_t)SYMTAB(nlmp)) / SYMENT(nlmp)); 616 617 symval = (ulong_t)elf_plt_trace_write((caddr_t)vaddr, 618 rptr, lmp, nlmp, nsym, symndx, pltndx, 619 (caddr_t)symval, sb_flags, &fail); 620 if (fail) 621 rtldexit(lml, 1); 622 } else { 623 /* 624 * Write standard PLT entry to jump directly 625 * to newly bound function. 626 */ 627 pbtype = elf_plt_write((uintptr_t)vaddr, 628 (uintptr_t)vaddr, rptr, symval, pltndx); 629 } 630 } 631 632 /* 633 * Print binding information and rebuild PLT entry. 634 */ 635 DBG_CALL(Dbg_bind_global(lmp, (Addr)from, (Off)(from - ADDR(lmp)), 636 (Xword)pltndx, pbtype, nlmp, (Addr)symval, nsym->st_value, 637 name, binfo)); 638 639 /* 640 * Complete any processing for newly loaded objects. Note we don't 641 * know exactly where any new objects are loaded (we know the object 642 * that supplied the symbol, but others may have been loaded lazily as 643 * we searched for the symbol), so sorting starts from the last 644 * link-map know on entry to this routine. 645 */ 646 if (entry) 647 load_completion(llmp); 648 649 /* 650 * Some operations like dldump() or dlopen()'ing a relocatable object 651 * result in objects being loaded on rtld's link-map, make sure these 652 * objects are initialized also. 653 */ 654 if ((LIST(nlmp)->lm_flags & LML_FLG_RTLDLM) && LIST(nlmp)->lm_init) 655 load_completion(nlmp); 656 657 /* 658 * If the object we've bound to is in the process of being initialized 659 * by another thread, determine whether we should block. 660 */ 661 is_dep_ready(nlmp, lmp, DBG_WAIT_SYMBOL); 662 663 /* 664 * Make sure the object to which we've bound has had it's .init fired. 665 * Cleanup before return to user code. 666 */ 667 if (entry) { 668 is_dep_init(nlmp, lmp); 669 leave(LIST(lmp)); 670 } 671 672 if (lmflags & LML_FLG_RTLDLM) 673 dbg_desc->d_class = dbg_class; 674 675 return (symval); 676 } 677 678 679 static int 680 bindpltpad(Rt_map *lmp, List *padlist, Addr value, void **pltaddr, 681 const char *fname, const char *sname) 682 { 683 Listnode *lnp, *prevlnp; 684 Pltpadinfo *pip; 685 void *plt; 686 uintptr_t pltoff; 687 Rela rel; 688 int i; 689 690 prevlnp = 0; 691 for (LIST_TRAVERSE(padlist, lnp, pip)) { 692 if (pip->pp_addr == value) { 693 *pltaddr = pip->pp_plt; 694 DBG_CALL(Dbg_bind_pltpad_from(lmp, (Addr)*pltaddr, 695 sname)); 696 return (1); 697 } 698 if (pip->pp_addr > value) 699 break; 700 prevlnp = lnp; 701 } 702 703 plt = PLTPAD(lmp); 704 pltoff = (uintptr_t)plt - (uintptr_t)ADDR(lmp); 705 706 PLTPAD(lmp) = (void *)((uintptr_t)PLTPAD(lmp) + M_PLT_ENTSIZE); 707 708 if (PLTPAD(lmp) > PLTPADEND(lmp)) { 709 /* 710 * Just fail in usual relocation way 711 */ 712 *pltaddr = (void *)value; 713 return (1); 714 } 715 rel.r_offset = pltoff; 716 rel.r_info = 0; 717 rel.r_addend = 0; 718 719 720 /* 721 * elf_plt_write assumes the plt was previously filled 722 * with NOP's, so fill it in now. 723 */ 724 for (i = 0; i < (M_PLT_ENTSIZE / sizeof (uint_t)); i++) { 725 ((uint_t *)plt)[i] = M_NOP; 726 } 727 iflush_range((caddr_t)plt, M_PLT_ENTSIZE); 728 729 (void) elf_plt_write(ADDR(lmp), ADDR(lmp), &rel, value, 0); 730 731 if ((pip = calloc(sizeof (Pltpadinfo), 1)) == 0) 732 return (0); 733 pip->pp_addr = value; 734 pip->pp_plt = plt; 735 736 if (prevlnp) 737 lnp = list_insert(padlist, pip, prevlnp); 738 else 739 lnp = list_prepend(padlist, pip); 740 741 if (!lnp) { 742 free(pip); 743 return (0); 744 } 745 746 *pltaddr = plt; 747 DBG_CALL(Dbg_bind_pltpad_to(lmp, (Addr)*pltaddr, fname, sname)); 748 return (1); 749 } 750 751 /* 752 * Read and process the relocations for one link object, we assume all 753 * relocation sections for loadable segments are stored contiguously in 754 * the file. 755 */ 756 int 757 elf_reloc(Rt_map *lmp, uint_t plt) 758 { 759 ulong_t relbgn, relend, relsiz, basebgn, pltbgn, pltend; 760 ulong_t roffset, rsymndx, psymndx = 0, etext = ETEXT(lmp); 761 ulong_t emap, pltndx; 762 uint_t dsymndx, binfo, pbinfo; 763 Byte rtype; 764 long reladd; 765 Addr value, pvalue; 766 Sym *symref, *psymref, *symdef, *psymdef; 767 char *name, *pname; 768 Rt_map *_lmp, *plmp; 769 int textrel = 0, ret = 1, noplt = 0; 770 long relacount = RELACOUNT(lmp); 771 Rela *rel; 772 Pltbindtype pbtype; 773 List pltpadlist = {0, 0}; 774 Alist *bound = 0; 775 776 /* 777 * If an object has any DT_REGISTER entries associated with 778 * it, they are processed now. 779 */ 780 if ((plt == 0) && (FLAGS(lmp) & FLG_RT_REGSYMS)) { 781 if (elf_regsyms(lmp) == 0) 782 return (0); 783 } 784 785 /* 786 * Although only necessary for lazy binding, initialize the first 787 * procedure linkage table entry to go to elf_rtbndr(). dbx(1) seems 788 * to find this useful. 789 */ 790 if ((plt == 0) && PLTGOT(lmp)) { 791 Xword pltoff; 792 793 if ((ulong_t)PLTGOT(lmp) < etext) { 794 if (elf_set_prot(lmp, PROT_WRITE) == 0) 795 return (0); 796 textrel = 1; 797 } 798 799 /* 800 * Install the lm pointer in .PLT2 as per the ABI. 801 */ 802 pltoff = (2 * M_PLT_ENTSIZE) / M_PLT_INSSIZE; 803 elf_plt2_init(PLTGOT(lmp) + pltoff, lmp); 804 805 /* 806 * The V9 ABI states that the first 32k PLT entries 807 * use .PLT1, with .PLT0 used by the "latter" entries. 808 * We don't currently implement the extendend format, 809 * so install an error handler in .PLT0 to catch anyone 810 * trying to use it. 811 */ 812 elf_plt_init(PLTGOT(lmp), (caddr_t)elf_rtbndr_far); 813 814 /* 815 * Initialize .PLT1 816 */ 817 pltoff = M_PLT_ENTSIZE / M_PLT_INSSIZE; 818 elf_plt_init(PLTGOT(lmp) + pltoff, (caddr_t)elf_rtbndr); 819 } 820 821 /* 822 * Initialize the plt start and end addresses. 823 */ 824 if ((pltbgn = (ulong_t)JMPREL(lmp)) != 0) 825 pltend = pltbgn + (ulong_t)(PLTRELSZ(lmp)); 826 827 /* 828 * If we've been called upon to promote an RTLD_LAZY object to an 829 * RTLD_NOW then we're only interested in scaning the .plt table. 830 */ 831 if (plt) { 832 relbgn = pltbgn; 833 relend = pltend; 834 } else { 835 /* 836 * The relocation sections appear to the run-time linker as a 837 * single table. Determine the address of the beginning and end 838 * of this table. There are two different interpretations of 839 * the ABI at this point: 840 * 841 * o The REL table and its associated RELSZ indicate the 842 * concatenation of *all* relocation sections (this is the 843 * model our link-editor constructs). 844 * 845 * o The REL table and its associated RELSZ indicate the 846 * concatenation of all *but* the .plt relocations. These 847 * relocations are specified individually by the JMPREL and 848 * PLTRELSZ entries. 849 * 850 * Determine from our knowledege of the relocation range and 851 * .plt range, the range of the total relocation table. Note 852 * that one other ABI assumption seems to be that the .plt 853 * relocations always follow any other relocations, the 854 * following range checking drops that assumption. 855 */ 856 relbgn = (ulong_t)(REL(lmp)); 857 relend = relbgn + (ulong_t)(RELSZ(lmp)); 858 if (pltbgn) { 859 if (!relbgn || (relbgn > pltbgn)) 860 relbgn = pltbgn; 861 if (!relbgn || (relend < pltend)) 862 relend = pltend; 863 } 864 } 865 if (!relbgn || (relbgn == relend)) { 866 DBG_CALL(Dbg_reloc_run(lmp, 0, plt, DBG_REL_NONE)); 867 return (1); 868 } 869 870 relsiz = (ulong_t)(RELENT(lmp)); 871 basebgn = ADDR(lmp); 872 emap = ADDR(lmp) + MSIZE(lmp); 873 874 DBG_CALL(Dbg_reloc_run(lmp, M_REL_SHT_TYPE, plt, DBG_REL_START)); 875 876 /* 877 * If we're processing in lazy mode there is no need to scan the 878 * .rela.plt table. 879 */ 880 if (pltbgn && ((MODE(lmp) & RTLD_NOW) == 0)) 881 noplt = 1; 882 883 /* 884 * Loop through relocations. 885 */ 886 while (relbgn < relend) { 887 Addr vaddr; 888 uint_t sb_flags = 0; 889 890 rtype = (Byte)ELF_R_TYPE(((Rela *)relbgn)->r_info); 891 892 /* 893 * If this is a RELATIVE relocation in a shared object 894 * (the common case), and if we are not debugging, then 895 * jump into a tighter relocaiton loop (elf_reloc_relacount) 896 * Only make the jump if we've been given a hint on the 897 * number of relocations. 898 */ 899 if ((rtype == R_SPARC_RELATIVE) && 900 ((FLAGS(lmp) & FLG_RT_FIXED) == 0) && (DBG_ENABLED == 0)) { 901 /* 902 * It's possible that the relative relocation block 903 * has relocations against the text segment as well 904 * as the data segment. Since our optimized relocation 905 * engine does not check which segment the relocation 906 * is against - just mprotect it now if it's been 907 * marked as containing TEXTREL's. 908 */ 909 if ((textrel == 0) && (FLAGS1(lmp) & FL1_RT_TEXTREL)) { 910 if (elf_set_prot(lmp, PROT_WRITE) == 0) { 911 ret = 0; 912 break; 913 } 914 textrel = 1; 915 } 916 if (relacount) { 917 relbgn = elf_reloc_relacount(relbgn, relacount, 918 relsiz, basebgn); 919 relacount = 0; 920 } else { 921 relbgn = elf_reloc_relative(relbgn, relend, 922 relsiz, basebgn, etext, emap); 923 } 924 if (relbgn >= relend) 925 break; 926 rtype = (Byte)ELF_R_TYPE(((Rela *)relbgn)->r_info); 927 } 928 929 roffset = ((Rela *)relbgn)->r_offset; 930 931 reladd = (long)(((Rela *)relbgn)->r_addend); 932 rsymndx = ELF_R_SYM(((Rela *)relbgn)->r_info); 933 934 rel = (Rela *)relbgn; 935 relbgn += relsiz; 936 937 /* 938 * Optimizations. 939 */ 940 if (rtype == R_SPARC_NONE) 941 continue; 942 if (noplt && ((ulong_t)rel >= pltbgn) && 943 ((ulong_t)rel < pltend)) { 944 relbgn = pltend; 945 continue; 946 } 947 948 if (rtype != R_SPARC_REGISTER) { 949 /* 950 * If this is a shared object, add the base address 951 * to offset. 952 */ 953 if (!(FLAGS(lmp) & FLG_RT_FIXED)) 954 roffset += basebgn; 955 956 /* 957 * If this relocation is not against part of the image 958 * mapped into memory we skip it. 959 */ 960 if ((roffset < ADDR(lmp)) || (roffset > (ADDR(lmp) + 961 MSIZE(lmp)))) { 962 elf_reloc_bad(lmp, (void *)rel, rtype, roffset, 963 rsymndx); 964 continue; 965 } 966 } 967 968 /* 969 * If we're promoting plts determine if this one has already 970 * been written. An uninitialized plts' second instruction is a 971 * branch. 972 */ 973 if (plt) { 974 uchar_t *_roffset = (uchar_t *)roffset; 975 976 _roffset += M_PLT_INSSIZE; 977 /* LINTED */ 978 if ((*(uint_t *)_roffset & 979 (~(S_MASK(19)))) != M_BA_A_XCC) 980 continue; 981 } 982 983 binfo = 0; 984 pltndx = (ulong_t)-1; 985 pbtype = PLT_T_NONE; 986 /* 987 * If a symbol index is specified then get the symbol table 988 * entry, locate the symbol definition, and determine its 989 * address. 990 */ 991 if (rsymndx) { 992 /* 993 * Get the local symbol table entry. 994 */ 995 symref = (Sym *)((ulong_t)SYMTAB(lmp) + 996 (rsymndx * SYMENT(lmp))); 997 998 /* 999 * If this is a local symbol, just use the base address. 1000 * (we should have no local relocations in the 1001 * executable). 1002 */ 1003 if (ELF_ST_BIND(symref->st_info) == STB_LOCAL) { 1004 value = basebgn; 1005 name = (char *)0; 1006 1007 /* 1008 * Special case TLS relocations. 1009 */ 1010 if ((rtype == R_SPARC_TLS_DTPMOD32) || 1011 (rtype == R_SPARC_TLS_DTPMOD64)) { 1012 /* 1013 * Use the TLS modid. 1014 */ 1015 value = TLSMODID(lmp); 1016 1017 } else if ((rtype == R_SPARC_TLS_TPOFF32) || 1018 (rtype == R_SPARC_TLS_TPOFF64)) { 1019 if ((value = elf_static_tls(lmp, symref, 1020 rel, rtype, 0, roffset, 0)) == 0) { 1021 ret = 0; 1022 break; 1023 } 1024 } 1025 } else { 1026 /* 1027 * If the symbol index is equal to the previous 1028 * symbol index relocation we processed then 1029 * reuse the previous values. (Note that there 1030 * have been cases where a relocation exists 1031 * against a copy relocation symbol, our ld(1) 1032 * should optimize this away, but make sure we 1033 * don't use the same symbol information should 1034 * this case exist). 1035 */ 1036 if ((rsymndx == psymndx) && 1037 (rtype != R_SPARC_COPY)) { 1038 /* LINTED */ 1039 if (psymdef == 0) { 1040 DBG_CALL(Dbg_bind_weak(lmp, 1041 (Addr)roffset, (Addr) 1042 (roffset - basebgn), name)); 1043 continue; 1044 } 1045 /* LINTED */ 1046 value = pvalue; 1047 /* LINTED */ 1048 name = pname; 1049 symdef = psymdef; 1050 /* LINTED */ 1051 symref = psymref; 1052 /* LINTED */ 1053 _lmp = plmp; 1054 /* LINTED */ 1055 binfo = pbinfo; 1056 1057 if ((LIST(_lmp)->lm_tflags | 1058 FLAGS1(_lmp)) & 1059 LML_TFLG_AUD_SYMBIND) { 1060 value = audit_symbind(lmp, _lmp, 1061 /* LINTED */ 1062 symdef, dsymndx, value, 1063 &sb_flags); 1064 } 1065 } else { 1066 Slookup sl; 1067 uchar_t bind; 1068 1069 /* 1070 * Lookup the symbol definition. 1071 */ 1072 name = (char *)(STRTAB(lmp) + 1073 symref->st_name); 1074 1075 sl.sl_name = name; 1076 sl.sl_cmap = lmp; 1077 sl.sl_imap = 0; 1078 sl.sl_hash = 0; 1079 sl.sl_rsymndx = rsymndx; 1080 1081 if (rtype == R_SPARC_COPY) 1082 sl.sl_flags = LKUP_COPY; 1083 else 1084 sl.sl_flags = LKUP_DEFT; 1085 1086 sl.sl_flags |= LKUP_ALLCNTLIST; 1087 1088 if (rtype != R_SPARC_JMP_SLOT) 1089 sl.sl_flags |= LKUP_SPEC; 1090 1091 /* 1092 * Under ldd -w, any unresolved weak 1093 * references are diagnosed. Set the 1094 * symbol binding as global to trigger 1095 * a relocation error if the symbol can 1096 * not be found. 1097 */ 1098 if (LIST(lmp)->lm_flags & 1099 LML_FLG_TRC_NOUNRESWEAK) { 1100 bind = STB_GLOBAL; 1101 } else if ((bind = 1102 ELF_ST_BIND(symref->st_info)) == 1103 STB_WEAK) { 1104 sl.sl_flags |= LKUP_WEAK; 1105 } 1106 1107 symdef = lookup_sym(&sl, &_lmp, &binfo); 1108 1109 /* 1110 * If the symbol is not found and the 1111 * reference was not to a weak symbol, 1112 * report an error. Weak references 1113 * may be unresolved. 1114 * chkmsg: MSG_INTL(MSG_LDD_SYM_NFOUND) 1115 */ 1116 /* BEGIN CSTYLED */ 1117 if (symdef == 0) { 1118 Lm_list *lml = LIST(lmp); 1119 1120 if (bind != STB_WEAK) { 1121 if (lml->lm_flags & 1122 LML_FLG_IGNRELERR) { 1123 continue; 1124 } else if (lml->lm_flags & 1125 LML_FLG_TRC_WARN) { 1126 (void) printf(MSG_INTL( 1127 MSG_LDD_SYM_NFOUND), 1128 demangle(name), 1129 NAME(lmp)); 1130 continue; 1131 } else { 1132 DBG_CALL(Dbg_reloc_in(lml, 1133 ELF_DBG_RTLD, M_MACH, 1134 M_REL_SHT_TYPE, rel, 1135 NULL, name)); 1136 eprintf(lml, ERR_FATAL, 1137 MSG_INTL(MSG_REL_NOSYM), 1138 NAME(lmp), 1139 demangle(name)); 1140 ret = 0; 1141 break; 1142 } 1143 } else { 1144 psymndx = rsymndx; 1145 psymdef = 0; 1146 1147 DBG_CALL(Dbg_bind_weak(lmp, 1148 (Addr)roffset, (Addr) 1149 (roffset - basebgn), name)); 1150 continue; 1151 } 1152 } 1153 /* END CSTYLED */ 1154 1155 /* 1156 * If symbol was found in an object 1157 * other than the referencing object 1158 * then record the binding. 1159 */ 1160 if ((lmp != _lmp) && ((FLAGS1(_lmp) & 1161 FL1_RT_NOINIFIN) == 0)) { 1162 if (alist_test(&bound, _lmp, 1163 sizeof (Rt_map *), 1164 AL_CNT_RELBIND) == 0) { 1165 ret = 0; 1166 break; 1167 } 1168 } 1169 1170 /* 1171 * Calculate the location of definition; 1172 * symbol value plus base address of 1173 * containing shared object. 1174 */ 1175 if (IS_SIZE(rtype)) 1176 value = symdef->st_size; 1177 else 1178 value = symdef->st_value; 1179 1180 if (!(FLAGS(_lmp) & FLG_RT_FIXED) && 1181 !(IS_SIZE(rtype)) && 1182 (symdef->st_shndx != SHN_ABS) && 1183 (ELF_ST_TYPE(symdef->st_info) != 1184 STT_TLS)) 1185 value += ADDR(_lmp); 1186 1187 /* 1188 * Retain this symbol index and the 1189 * value in case it can be used for the 1190 * subsequent relocations. 1191 */ 1192 if (rtype != R_SPARC_COPY) { 1193 psymndx = rsymndx; 1194 pvalue = value; 1195 pname = name; 1196 psymdef = symdef; 1197 psymref = symref; 1198 plmp = _lmp; 1199 pbinfo = binfo; 1200 } 1201 if ((LIST(_lmp)->lm_tflags | 1202 FLAGS1(_lmp)) & 1203 LML_TFLG_AUD_SYMBIND) { 1204 /* LINTED */ 1205 dsymndx = (((uintptr_t)symdef - 1206 (uintptr_t)SYMTAB(_lmp)) / 1207 SYMENT(_lmp)); 1208 value = audit_symbind(lmp, _lmp, 1209 symdef, dsymndx, value, 1210 &sb_flags); 1211 } 1212 } 1213 1214 /* 1215 * If relocation is PC-relative, subtract 1216 * offset address. 1217 */ 1218 if (IS_PC_RELATIVE(rtype)) 1219 value -= roffset; 1220 1221 /* 1222 * Special case TLS relocations. 1223 */ 1224 if ((rtype == R_SPARC_TLS_DTPMOD32) || 1225 (rtype == R_SPARC_TLS_DTPMOD64)) { 1226 /* 1227 * Relocation value is the TLS modid. 1228 */ 1229 value = TLSMODID(_lmp); 1230 1231 } else if ((rtype == R_SPARC_TLS_TPOFF64) || 1232 (rtype == R_SPARC_TLS_TPOFF32)) { 1233 if ((value = elf_static_tls(_lmp, 1234 symdef, rel, rtype, name, roffset, 1235 value)) == 0) { 1236 ret = 0; 1237 break; 1238 } 1239 } 1240 } 1241 } else { 1242 /* 1243 * Special cases. 1244 */ 1245 if (rtype == R_SPARC_REGISTER) { 1246 /* 1247 * A register symbol associated with symbol 1248 * index 0 is initialized (i.e. relocated) to 1249 * a constant in the r_addend field rather than 1250 * to a symbol value. 1251 */ 1252 value = 0; 1253 1254 } else if ((rtype == R_SPARC_TLS_DTPMOD32) || 1255 (rtype == R_SPARC_TLS_DTPMOD64)) { 1256 /* 1257 * TLS relocation value is the TLS modid. 1258 */ 1259 value = TLSMODID(lmp); 1260 } else 1261 value = basebgn; 1262 name = (char *)0; 1263 } 1264 1265 DBG_CALL(Dbg_reloc_in(LIST(lmp), ELF_DBG_RTLD, M_MACH, 1266 M_REL_SHT_TYPE, rel, NULL, name)); 1267 1268 /* 1269 * If this object has relocations in the text segment, turn 1270 * off the write protect. 1271 */ 1272 if ((rtype != R_SPARC_REGISTER) && (roffset < etext) && 1273 (textrel == 0)) { 1274 if (elf_set_prot(lmp, PROT_WRITE) == 0) { 1275 ret = 0; 1276 break; 1277 } 1278 textrel = 1; 1279 } 1280 1281 /* 1282 * Call relocation routine to perform required relocation. 1283 */ 1284 switch (rtype) { 1285 case R_SPARC_REGISTER: 1286 /* 1287 * The v9 ABI 4.2.4 says that system objects may, 1288 * but are not required to, use register symbols 1289 * to inidcate how they use global registers. Thus 1290 * at least %g6, %g7 must be allowed in addition 1291 * to %g2 and %g3. 1292 */ 1293 value += reladd; 1294 if (roffset == STO_SPARC_REGISTER_G1) { 1295 set_sparc_g1(value); 1296 } else if (roffset == STO_SPARC_REGISTER_G2) { 1297 set_sparc_g2(value); 1298 } else if (roffset == STO_SPARC_REGISTER_G3) { 1299 set_sparc_g3(value); 1300 } else if (roffset == STO_SPARC_REGISTER_G4) { 1301 set_sparc_g4(value); 1302 } else if (roffset == STO_SPARC_REGISTER_G5) { 1303 set_sparc_g5(value); 1304 } else if (roffset == STO_SPARC_REGISTER_G6) { 1305 set_sparc_g6(value); 1306 } else if (roffset == STO_SPARC_REGISTER_G7) { 1307 set_sparc_g7(value); 1308 } else { 1309 eprintf(LIST(lmp), ERR_FATAL, 1310 MSG_INTL(MSG_REL_BADREG), NAME(lmp), 1311 EC_ADDR(roffset)); 1312 ret = 0; 1313 break; 1314 } 1315 1316 DBG_CALL(Dbg_reloc_apply_reg(LIST(lmp), ELF_DBG_RTLD, 1317 M_MACH, (Xword)roffset, (Xword)value)); 1318 break; 1319 case R_SPARC_COPY: 1320 if (elf_copy_reloc(name, symref, lmp, (void *)roffset, 1321 symdef, _lmp, (const void *)value) == 0) 1322 ret = 0; 1323 break; 1324 case R_SPARC_JMP_SLOT: 1325 pltndx = ((uintptr_t)rel - 1326 (uintptr_t)JMPREL(lmp)) / relsiz; 1327 1328 if (FLAGS(lmp) & FLG_RT_FIXED) 1329 vaddr = 0; 1330 else 1331 vaddr = ADDR(lmp); 1332 1333 if (((LIST(lmp)->lm_tflags | FLAGS1(lmp)) & 1334 (LML_TFLG_AUD_PLTENTER | LML_TFLG_AUD_PLTEXIT)) && 1335 AUDINFO(lmp)->ai_dynplts) { 1336 int fail = 0; 1337 /* LINTED */ 1338 uint_t symndx = (uint_t)(((uintptr_t)symdef - 1339 (uintptr_t)SYMTAB(_lmp)) / SYMENT(_lmp)); 1340 1341 (void) elf_plt_trace_write((caddr_t)vaddr, 1342 (Rela *)rel, lmp, _lmp, symdef, symndx, 1343 pltndx, (caddr_t)value, sb_flags, &fail); 1344 if (fail) 1345 ret = 0; 1346 } else { 1347 /* 1348 * Write standard PLT entry to jump directly 1349 * to newly bound function. 1350 */ 1351 DBG_CALL(Dbg_reloc_apply_val(LIST(lmp), 1352 ELF_DBG_RTLD, (Xword)roffset, 1353 (Xword)value)); 1354 pbtype = elf_plt_write((uintptr_t)vaddr, 1355 (uintptr_t)vaddr, (void *)rel, value, 1356 pltndx); 1357 } 1358 break; 1359 case R_SPARC_WDISP30: 1360 if (PLTPAD(lmp) && 1361 (S_INRANGE((Sxword)value, 29) == 0)) { 1362 void * plt = 0; 1363 1364 if (bindpltpad(lmp, &pltpadlist, 1365 value + roffset, &plt, 1366 NAME(_lmp), name) == 0) { 1367 ret = 0; 1368 break; 1369 } 1370 value = (Addr)((Addr)plt - roffset); 1371 } 1372 /* FALLTHROUGH */ 1373 default: 1374 value += reladd; 1375 if (IS_EXTOFFSET(rtype)) 1376 value += (Word)ELF_R_TYPE_DATA(rel->r_info); 1377 1378 /* 1379 * Write the relocation out. If this relocation is a 1380 * common basic write, skip the doreloc() engine. 1381 */ 1382 if ((rtype == R_SPARC_GLOB_DAT) || 1383 (rtype == R_SPARC_64)) { 1384 if (roffset & 0x7) { 1385 Conv_inv_buf_t inv_buf; 1386 1387 eprintf(LIST(lmp), ERR_FATAL, 1388 MSG_INTL(MSG_REL_NONALIGN), 1389 conv_reloc_SPARC_type(rtype, 1390 0, &inv_buf), 1391 NAME(lmp), demangle(name), 1392 EC_OFF(roffset)); 1393 ret = 0; 1394 } else 1395 *(ulong_t *)roffset += value; 1396 } else { 1397 if (do_reloc(rtype, (uchar_t *)roffset, 1398 (Xword *)&value, name, 1399 NAME(lmp), LIST(lmp)) == 0) 1400 ret = 0; 1401 } 1402 1403 /* 1404 * The value now contains the 'bit-shifted' value that 1405 * was or'ed into memory (this was set by do_reloc()). 1406 */ 1407 DBG_CALL(Dbg_reloc_apply_val(LIST(lmp), ELF_DBG_RTLD, 1408 (Xword)roffset, (Xword)value)); 1409 1410 /* 1411 * If this relocation is against a text segment, make 1412 * sure that the instruction cache is flushed. 1413 */ 1414 if (textrel) 1415 iflush_range((caddr_t)roffset, 0x4); 1416 } 1417 1418 if ((ret == 0) && 1419 ((LIST(lmp)->lm_flags & LML_FLG_TRC_WARN) == 0)) 1420 break; 1421 1422 if (binfo) { 1423 DBG_CALL(Dbg_bind_global(lmp, (Addr)roffset, 1424 (Off)(roffset - basebgn), pltndx, pbtype, 1425 _lmp, (Addr)value, symdef->st_value, name, binfo)); 1426 } 1427 } 1428 1429 /* 1430 * Free up any items on the pltpadlist if it was allocated 1431 */ 1432 if (pltpadlist.head) { 1433 Listnode * lnp; 1434 Listnode * plnp; 1435 Pltpadinfo * pip; 1436 1437 plnp = 0; 1438 for (LIST_TRAVERSE(&pltpadlist, lnp, pip)) { 1439 if (plnp != 0) 1440 free(plnp); 1441 free(pip); 1442 plnp = lnp; 1443 } 1444 if (plnp != 0) 1445 free(plnp); 1446 } 1447 1448 return (relocate_finish(lmp, bound, textrel, ret)); 1449 } 1450 1451 /* 1452 * Provide a machine specific interface to the conversion routine. By calling 1453 * the machine specific version, rather than the generic version, we insure that 1454 * the data tables/strings for all known machine versions aren't dragged into 1455 * ld.so.1. 1456 */ 1457 const char * 1458 _conv_reloc_type(uint_t rel) 1459 { 1460 static Conv_inv_buf_t inv_buf; 1461 1462 return (conv_reloc_SPARC_type(rel, 0, &inv_buf)); 1463 } 1464