xref: /illumos-gate/usr/src/tools/scripts/check_rtime.pl (revision 9a411307f0d1eedbc81618ec290e0685284d8a2b)
1#!/usr/perl5/bin/perl -w
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26#
27# ident	"%Z%%M%	%I%	%E% SMI"
28#
29
30#
31# Check ELF information.
32#
33# This script descends a directory hierarchy inspecting ELF dynamic executables
34# and shared objects.  The general theme is to verify that common Makefile rules
35# have been used to build these objects.  Typical failures occur when Makefile
36# rules are re-invented rather than being inherited from "cmd/lib" Makefiles.
37#
38# As always, a number of components don't follow the rules, and these are
39# excluded to reduce this scripts output.  Pathnames used for this exclusion
40# assume this script is being run over a "proto" area.  The -a (all) option
41# skips any exclusions.
42#
43# By default any file that has conditions that should be reported is first
44# listed and then each condition follows.  The -o (one-line) option produces a
45# more terse output which is better for sorting/diffing with "nightly".
46#
47# NOTE: missing dependencies, symbols or versions are reported by running the
48# file through ldd(1).  As objects within a proto area are built to exist in a
49# base system, standard use of ldd(1) will bind any objects to dependencies
50# that exist in the base system.  It is frequently the case that newer objects
51# exist in the proto area that are required to satisfy other objects
52# dependencies, and without using these newer objects an ldd(1) will produce
53# misleading error messages.  To compensate for this, the -d option (or the
54# existence of the CODEMSG_WS/ROOT environment variables) cause the creation of
55# alternative dependency mappings via crle(1) configuration files that establish
56# any proto shared objects as alternatives to their base system location.  Thus
57# ldd(1) can be executed against these configuration files so that objects in a
58# proto area bind to their dependencies in the same proto area.
59
60
61# Define all global variables (required for strict)
62use vars  qw($SkipDirs $SkipFiles $SkipTextrelFiles);
63use vars  qw($SkipUndefDirs $SkipUndefFiles $SkipUnusedDirs $SkipUnusedFiles);
64use vars  qw($SkipStabFiles $SkipNoExStkFiles);
65use vars  qw($UnusedNoise $Prog $Mach $Isalist $Env $Ena64 $Tmpdir $Error);
66use vars  qw($UnusedFiles $UnusedPaths $LddNoU $Crle32 $Crle64 $Conf32 $Conf64);
67use vars  qw($SkipInterps $OldDeps %opt);
68
69use strict;
70
71
72# Define any directories we should skip completely.
73$SkipDirs = qr{
74	etc/lib |			# special - used for partial statics
75	usr/lib/devfsadm |		# 4382889
76	usr/lib/libc |			# optimized libc
77	usr/lib/rcm |			# 4426119
78	usr/perl5 |			# alan's taking care of these :-)
79	usr/src				# no need to look at shipped source
80}x;
81
82# Define any files we should skip completely.
83$SkipFiles = qr{ ^(?:
84	ld\.so\.1 |			# confusing but correct dependencies
85	lddstub |			# lddstub has no dependencies
86	libmakestate\.so\.1 |		# temporary; delivered by compiler group
87	libm\.so\.1 |			# temporary; delivered by compiler group
88	libm\.so\.2 |			# temporary; delivered by compiler group
89	geniconvtbl\.so |		# 4384329
90	libssagent\.so\.1 |		# 4328854
91	libpsvcplugin_psr\.so\.1 |	# 4385799
92	libpsvcpolicy_psr\.so\.1 |	#  "  "
93	libpsvcpolicy\.so\.1 |		#  "  "
94	picl_slm\.so |			#  "  "
95	libcrypto_extra\.so\.0\.9\.8 |	# OpenSSL SUNWcry filter lib
96	libssl_extra\.so\.0\.9\.8 |	# OpenSSL SUNWcry filter lib
97	fcpackage\.so |			# circular dependency on fcthread.so
98	mod_ipp\.so |			# Apache loadable module
99	grub
100	)$
101}x;
102
103# Define any files that are allowed text relocations.
104$SkipTextrelFiles = qr{ ^(?:
105	unix |				# kernel models are non-pic
106	mdb				# relocations against __RTC (dbx)
107	)$
108}x;
109
110# Define any files that are allowed undefined references.
111$SkipUndefDirs = qr{
112	usr/lib/inet/ppp/ |		# pppd plugins have callbacks
113	usr/lib/libp/ |			# libc.so.1 requires _mcount
114	/lib/mdb/ |			# mdb modules have callbacks
115	/lib/fm/fmd/plugins/ |		# fmd modules have callbacks
116	/lib/fm/fmd/schemes/ |		# fmd schemes have callbacks
117	/i86pc/lib/mtst/		# mtst modules have callbacks
118}x;
119
120$SkipUndefFiles = qr{ ^(?:
121	libthread_db\.so\.0 |		# callbacks to proc service interface
122	libthread_db\.so\.1 |		#  "	"	"	"
123	librtld_db\.so\.1 |		#  "	"	"	"
124	libc_db\.so\.1 |		#  "	"	"	"
125	libldstab\.so\.1 |		# link-edit support libraries have
126	libld\.so\.[2-4] |			# callback to the link-editors
127	liblddbg\.so\.4 |		#  "	"	"	"
128	librtld\.so\.1 |		#  "	"	"	"
129	libnisdb\.so\.2 |		# C++
130	libsvm\.so\.1 |			# libspmicommon.so.1 lacking
131	libwanboot\.so\.1 |		# libcrypto.a and libssl.a
132	libwrap\.so\.1\.0 |		# uses symbols provided by application
133	fcthread\.so |			# uses symbols provided by application
134	fn\.so\.2 |			# callback to automount
135	preen_md\.so\.1 |		# callback to driver
136	libike\.so\.1 |			# callbacks to in.iked for IKE policy
137	devfsadmd_mod\.so |		# sysevent module callback to syseventd
138	sysevent_conf_mod\.so |		# sysevent module callback to syseventd
139	sysevent_reg_mod\.so		# sysevent module callback to syseventd
140	)$
141}x;
142
143# Define any files that have unused dependencies.
144$SkipUnusedDirs = qr{
145	lib/picl/plugins/ |		# require devtree dependencies
146	/lib/libp			# profile libc makes libm an unused
147}x;					#	dependency of standard libc
148
149$SkipUnusedFiles = qr{ ^(?:
150	devfsadm |			# 4382889
151	disks |				#  "  "
152	tapes |				#  "  "
153	ports |				#  "  "
154	audlinks |			#  "  "
155	devlinks |			#  "  "
156	drvconfig |			#  "  "
157	ntptrace |			# on intel doesn't need libmd5
158	ocfserv |			# libsched unreference by libjvm,
159	poold |				#	see 4952319.
160	libc\.so\.1\.9 |		# 4lib/libc versions have private
161	libc\.so\.2\.9			#	copies of stuff from libc.
162	)$
163}x;
164
165# Define any files that should contain debugging information.
166$SkipStabFiles = qr{ ^(?:
167	abi_.* |
168	interceptors\.so\.1 |
169	unix
170	)$
171}x;
172
173# Define any files that don't require a non-executable stack definition.
174$SkipNoExStkFiles = qr{ ^(?:
175	forth |
176	unix |
177	multiboot
178	)$
179}x;
180
181# Define any files that should only have unused (ldd -u) processing.
182$UnusedPaths = qr{
183	ucb/shutdown			# libucb interposes on libc and makes
184					# dependencies on libc seem unnecessary
185}x;
186
187$UnusedFiles = qr{ ^(?:
188	rpc\.nisd			# CCNEEDED makes pthread unreferenced
189	)$
190}x;
191
192# Define unused dependencies we should ignore.
193# libCrun has a unnecessary dependency on libw, and libmapmalloc is often
194# defined to interpose on libc but isn't used by the application itself.
195# Threads dependencies look unused if libc is bound first.
196$UnusedNoise = qr{
197	libw\.so\.1;\ unused |
198	unused\ object=.*libw\.so\.1 |
199	libthread\.so\.1;\ unused |
200	libpthread\.so\.1;\ unused |
201	unused\ object=.*libpthread\.so\.1 |
202	libnsl\.so\.1;\ unused\ dependency\ of\ .*libxslt\.so\.1 |
203	libdl\.so\.1;\ unused\ dependency\ of\ .*libspmicommon\.so\.1 |
204	libdl\.so\.1;\ unused\ dependency\ of\ .*libCrun\.so\.1 |
205	libfru\.so\.1;\ unused\ object=.*libdl\.so\.1 |
206	libfrupicl\.so\.1;\ unused\ object=.*libdl\.so\.1 |
207	libmapmalloc\.so\.1;\ unused |
208	unused\ dependency\ of\ .*libstdc\+\+\.so\.6 |
209	unreferenced\ object=.*libstdc\+\+\.so\.6 |
210	unused\ dependency\ of\ .*libnetsnmphelpers\.so\.5 |
211	unused\ dependency\ of\ .*libnetsnmpmibs\.so\.5 |
212	unused\ dependency\ of\ .*libnetsnmpagent\.so\.5
213}x;
214
215# Define interpreters we should ignore.
216$SkipInterps = qr{
217	misc/krtld |
218	misc/amd64/krtld |
219	misc/sparcv9/krtld
220}x;
221
222# Catch libintl and libw, although ld(1) will bind to these and thus determine
223# they're needed, their content was moved into libc as of on297 build 7.
224# libthread and libpthread were completely moved into libc as of on10 build 53.
225# Also, catch libdl, whose content was moved into libc as of on10 build 49.
226$OldDeps = qr{ ^(?:
227	libintl\.so\.1 |
228	libw\.so\.1 |
229	libthread\.so\.1 |
230	libpthread\.so\.1 |
231	libdl\.so\.1
232	)$
233}x;
234
235use Getopt::Std;
236
237# -----------------------------------------------------------------------------
238
239# Reliably compare two OS revisions.  Arguments are <ver1> <op> <ver2>.
240# <op> is the string form of a normal numeric comparison operator.
241sub cmp_os_ver {
242	my @ver1 = split(/\./, $_[0]);
243	my $op = $_[1];
244	my @ver2 = split(/\./, $_[2]);
245
246	push @ver2, ("0") x $#ver1 - $#ver2;
247	push @ver1, ("0") x $#ver2 - $#ver1;
248
249	my $diff = 0;
250	while (@ver1 || @ver2) {
251		if (($diff = shift(@ver1) - shift(@ver2)) != 0) {
252			last;
253		}
254	}
255	return (eval "$diff $op 0" ? 1 : 0);
256}
257
258# This script relies on ldd returning output reflecting only the binary
259# contents.  But if LD_PRELOAD* environment variables are present, libraries
260# named by them will also appear in the output, disrupting our analysis.
261# So, before we get too far, scrub the environment.
262
263delete($ENV{LD_PRELOAD});
264delete($ENV{LD_PRELOAD_32});
265delete($ENV{LD_PRELOAD_64});
266
267# Establish a program name for any error diagnostics.
268chomp($Prog = `basename $0`);
269
270# Determine what machinery is available.
271$Mach = `uname -p`;
272$Isalist = `isalist`;
273$Env = "";
274if ($Mach =~ /sparc/) {
275	if ($Isalist =~ /sparcv9/) {
276		$Ena64 = "ok";
277	}
278} elsif ($Mach =~ /i386/) {
279	if ($Isalist =~ /amd64/) {
280		$Ena64 = "ok";
281	}
282}
283
284# Check that we have arguments.
285if ((getopts('ad:imos', \%opt) == 0) || ($#ARGV == -1)) {
286	print "usage: $Prog [-a] [-d depdir] [-m] [-o] [-s] file | dir, ...\n";
287	print "\t[-a]\t\tprocess all files (ignore any exception lists)\n";
288	print "\t[-d dir]\testablish dependencies from under directory\n";
289	print "\t[-i]\t\tproduce dynamic table entry information\n";
290	print "\t[-m]\t\tprocess mcs(1) comments\n";
291	print "\t[-o]\t\tproduce one-liner output (prefixed with pathname)\n";
292	print "\t[-s]\t\tprocess .stab and .symtab entries\n";
293	exit 1;
294} else {
295	my($Proto);
296
297	if ($opt{d}) {
298		# User specified dependency directory - make sure it exists.
299		if (! -d $opt{d}) {
300			print "$Prog: $opt{d} is not a directory\n";
301			exit 1;
302		}
303		$Proto = $opt{d};
304
305	} elsif ($ENV{CODEMGR_WS}) {
306		my($Root);
307
308		# Without a user specified dependency directory see if we're
309		# part of a codemanager workspace and if a proto area exists.
310		if (($Root = $ENV{ROOT}) && (-d $Root)) {
311			$Proto = $Root;
312		}
313	}
314
315	if (!($Tmpdir = $ENV{TMPDIR}) || (! -d $Tmpdir)) {
316		$Tmpdir = "/tmp";
317	}
318
319	# Look for dependencies under $Proto.
320	if ($Proto) {
321		# To support alternative dependency mapping we'll need ldd(1)'s
322		# -e option.  This is relatively new (s81_30), so make sure
323		# ldd(1)is capable before gathering any dependency information.
324		if (system('ldd -e /usr/lib/lddstub 2> /dev/null')) {
325			print "ldd: does not support -e, unable to ";
326			print "create alternative dependency mappingings.\n";
327			print "ldd: option added under 4390308 (s81_30).\n\n";
328		} else {
329			# Gather dependencies and construct a alternative
330			# dependency mapping via a crle(1) configuration file.
331			GetDeps($Proto, "/");
332			GenConf();
333		}
334	}
335
336	# To support unreferenced dependency detection we'll need ldd(1)'s -U
337	# option.  This is relatively new (4638070), and if not available we
338	# can still fall back to -u.  Even with this option, don't use -U with
339	# releases prior to 5.10 as the cleanup for -U use only got integrated
340	# into 5.10 under 4642023.  Note, that nightly doesn't typically set a
341	# RELEASE from the standard <env> files.  Users who wish to disable use
342	# of ldd(1)'s -U should set (or uncomment) RELEASE in their <env> file
343	# if using nightly, or otherwise establish it in their environment.
344	if (system('ldd -U /usr/lib/lddstub 2> /dev/null')) {
345		$LddNoU = 1;
346	} else {
347		my($Release);
348
349		if (($Release = $ENV{RELEASE}) &&
350		    (cmp_os_ver($Release, "<", "5.10"))) {
351			$LddNoU = 1;
352		} else {
353			$LddNoU = 0;
354		}
355	}
356
357	# For each argument determine if we're dealing with a file or directory.
358	foreach my $Arg (@ARGV) {
359		# Ignore symbolic links.
360		if (-l $Arg) {
361			next;
362		}
363
364		if (!stat($Arg)) {
365			next;
366		}
367
368		# Process simple files.
369		if (-f _) {
370			my($RelPath) = $Arg;
371			my($File) = $Arg;
372			my($Secure) = 0;
373
374			$RelPath =~ s!^.*/!./!;
375			$File =~ s!^.*/!!;
376
377			if (-u _ || -g _) {
378				$Secure = 1;
379			}
380
381			ProcFile($Arg, $RelPath, $File, $Secure);
382			next;
383		}
384		# Process directories.
385		if (-d _) {
386			ProcDir($Arg, ".");
387			next;
388		}
389
390		print "$Arg is not a file or directory\n";
391		$Error = 1;
392	}
393
394	# Cleanup
395	CleanUp();
396}
397
398$Error = 0;
399
400# Clean up and temporary files.
401sub CleanUp {
402	if ($Crle64) {
403		unlink $Crle64;
404	}
405	if ($Conf64) {
406		unlink $Conf64;
407	}
408	if ($Crle32) {
409		unlink $Crle32;
410	}
411	if ($Conf32) {
412		unlink $Conf32;
413	}
414}
415
416# Create an output message, either a one-liner (under -o) or preceded by the
417# files relative pathname as a title.
418sub OutMsg {
419	my($Ttl, $Path, $Msg) = @_;
420
421	if ($opt{o}) {
422		$Msg =~ s/^[ \t]*//;
423		print "$Path: $Msg\n";
424	} else {
425		if ($Ttl eq 0) {
426			print "==== $Path ====\n";
427		}
428		print "$Msg\n";
429	}
430}
431
432# Determine whether this a ELF dynamic object and if so investigate its runtime
433# attributes.
434sub ProcFile {
435	my($FullPath, $RelPath, $File, $Secure) = @_;
436	my(@Elf, @Ldd, $Dyn, $Intp, $Dll, $Ttl, $Sym, $Interp, $Stack);
437	my($Sun, $Relsz, $Pltsz, $Uns, $Tex, $Stab, $Strip, $Lddopt);
438	my($Val, $Header, $SkipLdd, $IsX86, $RWX);
439
440	# Ignore symbolic links.
441	if (-l $FullPath) {
442		return;
443	}
444
445	$Ttl = 0;
446	@Ldd = 0;
447
448	# Determine whether we have access to inspect the file.
449	if (!(-r $FullPath)) {
450		OutMsg($Ttl++, $RelPath,
451		    "\tunable to inspect file: permission denied");
452		return;
453	}
454
455	# Determine if this is a file we don't care about.
456	if (!$opt{a}) {
457		if ($File =~ $SkipFiles) {
458			return;
459		}
460	}
461
462	# Determine whether we have a executable (static or dynamic) or a
463	# shared object.
464	@Elf = split(/\n/, `elfdump -epdic $FullPath 2>&1`);
465
466	$Dyn = $Intp = $Dll = $Stack = $IsX86 = $RWX = 0;
467	$Interp = 1;
468	$Header = 'None';
469	foreach my $Line (@Elf) {
470		# If we have an invalid file type (which we can tell from the
471		# first line), or we're processing an archive, bail.
472		if ($Header eq 'None') {
473			if (($Line =~ /invalid file/) ||
474			    ($Line =~ /$FullPath(.*):/)) {
475				return;
476			}
477		}
478
479		if ($Line =~ /^ELF Header/) {
480			$Header = 'Ehdr';
481
482		} elsif ($Line =~ /^Program Header/) {
483			$Header = 'Phdr';
484			$RWX = 0;
485
486		} elsif ($Line =~ /^Interpreter/) {
487			$Header = 'Intp';
488
489		} elsif ($Line =~ /^Dynamic Section/) {
490			# A dynamic section indicates we're a dynamic object
491			# (this makes sure we don't check static executables).
492			$Dyn = 1;
493
494		} elsif (($Header eq 'Ehdr') && ($Line =~ /e_type:/)) {
495			# The e_type field indicates whether this file is a
496			# shared object (ET_DYN) or an executable (ET_EXEC).
497			if ($Line =~ /ET_DYN/) {
498				$Dll = 1;
499			} elsif ($Line !~ /ET_EXEC/) {
500				return;
501			}
502		} elsif (($Header eq 'Ehdr') && ($Line =~ /ei_class:/)) {
503			# If we encounter a 64-bit object, but we're not running
504			# on a 64-bit system, suppress calling ldd(1).
505			if (($Line =~ /ELFCLASS64/) && !$Ena64) {
506				$SkipLdd = 1;
507			}
508		} elsif (($Header eq 'Ehdr') && ($Line =~ /e_machine:/)) {
509			# If it's a X86 object, we need to enforce RW- data.
510			if (($Line =~ /(EM_AMD64|EM_386)/)) {
511				$IsX86 = 1;
512			}
513		} elsif (($Header eq 'Phdr') &&
514		    ($Line =~ /\[ PF_X  PF_W  PF_R \]/)) {
515			# RWX segment seen.
516			$RWX = 1;
517
518		} elsif (($Header eq 'Phdr') &&
519		    ($Line =~ /\[ PT_LOAD \]/ && $RWX && $IsX86)) {
520			# Seen an RWX PT_LOAD segment.
521			if ($File !~ $SkipNoExStkFiles) {
522				OutMsg($Ttl++, $RelPath,
523				    "\tapplication requires non-executable " .
524				    "data\t<no -Mmapfile_noexdata?>");
525			}
526
527		} elsif (($Header eq 'Phdr') &&
528		    ($Line =~ /\[ PT_SUNWSTACK \]/)) {
529			# This object defines a non-executable stack.
530			$Stack = 1;
531
532		} elsif (($Header eq 'Intp') && !$opt{a} &&
533		    ($Line =~ $SkipInterps)) {
534			# This object defines an interpretor we should skip.
535			$Interp = 0;
536		}
537	}
538
539	# Determine whether this ELF executable or shared object has a
540	# conforming mcs(1) comment section.  If the correct $(POST_PROCESS)
541	# macros are used, only a 3 or 4 line .comment section should exist
542	# containing one or two "@(#)SunOS" identifying comments (one comment
543	# for a non-debug build, and two for a debug build). The results of
544	# the following split should be three or four lines, the last empty
545	# line being discarded by the split.
546	if ($opt{m}) {
547		my(@Mcs, $Con, $Dev);
548
549		@Mcs = split(/\n/, `mcs -p $FullPath 2>&1`);
550
551		$Con = $Dev = $Val = 0;
552		foreach my $Line (@Mcs) {
553			$Val++;
554
555			if (($Val == 3) && ($Line !~ /^@\(#\)SunOS/)) {
556				$Con = 1;
557				last;
558			}
559			if (($Val == 4) && ($Line =~ /^@\(#\)SunOS/)) {
560				$Dev = 1;
561				next;
562			}
563			if (($Dev == 0) && ($Val == 4)) {
564				$Con = 1;
565				last;
566			}
567			if (($Dev == 1) && ($Val == 5)) {
568				$Con = 1;
569				last;
570			}
571		}
572		if ($opt{m} && ($Con == 1)) {
573			OutMsg($Ttl++, $RelPath,
574			    "\tnon-conforming mcs(1) comment\t<no \$(POST_PROCESS)?>");
575		}
576	}
577
578	# Applications should contain a non-executable stack definition.
579	if (($Dll == 0) && ($Stack == 0)) {
580		if (!$opt{a}) {
581			if ($File =~ $SkipNoExStkFiles) {
582				goto DYN;
583			}
584		}
585		OutMsg($Ttl++, $RelPath,
586		    "\tapplication requires non-executable stack\t<no -Mmapfile_noexstk?>");
587	}
588
589DYN:
590	# Having caught any static executables in the mcs(1) check and non-
591	# executable stack definition check, continue with dynamic objects
592	# from now on.
593	if ($Dyn eq 0) {
594		return;
595	}
596
597	# Only use ldd unless we've encountered an interpreter that should
598	# ne skipped.
599	if (!$SkipLdd && $Interp) {
600		if ($Secure) {
601			# The execution of a secure application over an nfs file
602			# system mounted nosuid will result in warning messages
603			# being sent to /var/adm/messages.  As this type of
604			# environment can occur with root builds, move the file
605			# being investigated to a safe place first.  In addition
606			# remove its secure permission so that it can be
607			# influenced by any alternative dependency mappings.
608
609			my($TmpPath) = "$Tmpdir/$File";
610
611			system('cp', $FullPath, $TmpPath);
612			chmod 0777, $TmpPath;
613			$FullPath = $TmpPath;
614		}
615
616		# Use ldd(1) to determine the objects relocatability and use.
617		# By default look for all unreferenced dependencies.  However,
618		# some objects have legitimate dependencies that they do not
619		# reference.
620		if ($LddNoU || ($File =~ $UnusedFiles) ||
621		    ($RelPath =~ $UnusedPaths)) {
622			$Lddopt = "-ru";
623		} else {
624			$Lddopt = "-rU";
625		}
626		@Ldd = split(/\n/, `ldd $Lddopt $Env $FullPath 2>&1`);
627		if ($Secure) {
628			unlink $FullPath;
629		}
630	}
631
632	$Val = 0;
633	$Sym = 5;
634	$Uns = 1;
635
636LDD:	foreach my $Line (@Ldd) {
637
638		if ($Val == 0) {
639			$Val = 1;
640			# Make sure ldd(1) worked.  One possible failure is that
641			# this is an old ldd(1) prior to -e addition (4390308).
642			if ($Line =~ /usage:/) {
643				$Line =~ s/$/\t<old ldd(1)?>/;
644				OutMsg($Ttl++, $RelPath, $Line);
645				last;
646			} elsif ($Line =~ /execution failed/) {
647				OutMsg($Ttl++, $RelPath, $Line);
648				last;
649			}
650
651			# It's possible this binary can't be executed, ie. we've
652			# found a sparc binary while running on an intel system,
653			# or a sparcv9 binary on a sparcv7/8 system.
654			if ($Line =~ /wrong class/) {
655				OutMsg($Ttl++, $RelPath,
656				    "\thas wrong class or data encoding");
657				next;
658			}
659
660			# Historically, ldd(1) likes executable objects to have
661			# their execute bit set.  Note that this test isn't
662			# applied unless the -a option is in effect, as any
663			# non-executable files are skipped by default to reduce
664			# the cost of running this script.
665			if ($Line =~ /not executable/) {
666				OutMsg($Ttl++, $RelPath,
667				    "\tis not executable");
668				next;
669			}
670		}
671
672		# Look for "file" or "versions" that aren't found.  Note that
673		# these lines will occur before we find any symbol referencing
674		# errors.
675		if (($Sym == 5) && ($Line =~ /not found\)/)) {
676			if ($Line =~ /file not found\)/) {
677				$Line =~ s/$/\t<no -zdefs?>/;
678			}
679			OutMsg($Ttl++, $RelPath, $Line);
680			next;
681		}
682		# Look for relocations whose symbols can't be found.  Note, we
683		# only print out the first 5 relocations for any file as this
684		# output can be excessive.
685		if ($Sym && ($Line =~ /symbol not found/)) {
686			# Determine if this file is allowed undefined
687			# references.
688			if ($Sym == 5) {
689				if (!$opt{a}) {
690					if ($RelPath =~ $SkipUndefDirs) {
691						$Sym = 0;
692						next LDD;
693					}
694					if ($File =~ $SkipUndefFiles) {
695						$Sym = 0;
696						next LDD;
697					}
698				}
699			}
700			if ($Sym-- == 1) {
701				if (!$opt{o}) {
702					OutMsg($Ttl++, $RelPath,
703					    "\tcontinued ...");
704				}
705				next;
706			}
707			# Just print the symbol name.
708			$Line =~ s/$/\t<no -zdefs?>/;
709			OutMsg($Ttl++, $RelPath, $Line);
710			next;
711		}
712		# Look for any unused dependencies.
713		if ($Uns && ($Line =~ /unused/)) {
714			if (!$opt{a}) {
715				if ($RelPath =~ $SkipUnusedDirs) {
716					$Uns = 0;
717					next LDD;
718				}
719				if ($File =~ $SkipUnusedFiles) {
720					$Uns = 0;
721					next LDD;
722				}
723
724				# Remove any noise.
725				if ($Line =~ $UnusedNoise) {
726					$Uns = 0;
727					next LDD;
728				}
729			}
730			if ($Secure) {
731				$Line =~ s!$Tmpdir/!!;
732			}
733			$Line =~ s/^[ \t]*(.*)/\t$1\t<remove lib or -zignore?>/;
734			OutMsg($Ttl++, $RelPath, $Line);
735			next;
736		}
737	}
738
739	# Reuse the elfdump(1) data to investigate additional dynamic linking
740	# information.
741
742	$Sun = $Relsz = $Pltsz = $Dyn = $Stab = 0;
743	$Tex = $Strip = 1;
744
745	$Header = 'None';
746ELF:	foreach my $Line (@Elf) {
747		# We're only interested in the section headers and the dynamic
748		# section.
749		if ($Line =~ /^Section Header/) {
750			$Header = 'Shdr';
751
752			if (($Sun == 0) && ($Line =~ /\.SUNW_reloc/)) {
753				# This object has a combined relocation section.
754				$Sun = 1;
755
756			} elsif (($Stab == 0) && ($Line =~ /\.stab/)) {
757				# This object contain .stabs sections
758				$Stab = 1;
759			}
760
761			if (($Strip == 1) && ($Line =~ /\.symtab/)) {
762				# This object contains a complete symbol table.
763				$Strip = 0;
764			}
765			next;
766
767		} elsif ($Line =~ /^Dynamic Section/) {
768			$Header = 'Dyn';
769			next;
770		} elsif ($Header ne 'Dyn') {
771			next;
772		}
773
774		# Does this object contain text relocations.
775		if ($Tex && ($Line =~ /TEXTREL/)) {
776			# Determine if this file is allowed text relocations.
777			if (!$opt{a}) {
778				if ($File =~ $SkipTextrelFiles) {
779					$Tex = 0;
780					next ELF;
781				}
782			}
783			OutMsg($Ttl++, $RelPath,
784			    "\tTEXTREL .dynamic tag\t\t\t<no -Kpic?>");
785			$Tex = 0;
786			next;
787		}
788
789		# Does this file have any relocation sections (there are a few
790		# psr libraries with no relocations at all, thus a .SUNW_reloc
791		# section won't exist either).
792		if (($Relsz == 0) && ($Line =~ / RELA?SZ/)) {
793			$Relsz = hex((split(' ', $Line))[2]);
794			next;
795		}
796
797		# Does this file have any plt relocations.  If the plt size is
798		# equivalent to the total relocation size then we don't have
799		# any relocations suitable for combining into a .SUNW_reloc
800		# section.
801		if (($Pltsz == 0) && ($Line =~ / PLTRELSZ/)) {
802			$Pltsz = hex((split(' ', $Line))[2]);
803			next;
804		}
805
806		# Under the -i (information) option print out any useful dynamic
807		# entries.
808		# Does this object have any dependencies.
809		if ($opt{i} && ($Line =~ /NEEDED/)) {
810			my($Need) = (split(' ', $Line))[3];
811
812			# Catch any old (unnecessary) dependencies.
813			if ($Need =~ $OldDeps) {
814				OutMsg($Ttl++, $RelPath,
815				    "\tNEEDED=$Need\t<dependency no longer necessary>");
816			} else {
817				OutMsg($Ttl++, $RelPath, "\tNEEDED=$Need");
818			}
819			next;
820		}
821
822		# Does this object specify a runpath.
823		if ($opt{i} && ($Line =~ /RPATH/)) {
824			my($Rpath) = (split(' ', $Line))[3];
825			OutMsg($Ttl++, $RelPath, "\tRPATH=$Rpath");
826			next;
827		}
828	}
829
830	# A shared object, that contains non-plt relocations, should have a
831	# combined relocation section indicating it was built with -z combreloc.
832	if ($Dll && $Relsz && ($Relsz != $Pltsz) && ($Sun == 0)) {
833		OutMsg($Ttl++, $RelPath,
834		    "\tSUNW_reloc section missing\t\t<no -zcombreloc?>");
835	}
836
837	# No objects released to a customer should have any .stabs sections
838	# remaining, they should be stripped.
839	if ($opt{s} && $Stab) {
840		if (!$opt{a}) {
841			if ($File =~ $SkipStabFiles) {
842				goto DONESTAB;
843			}
844		}
845		OutMsg($Ttl++, $RelPath,
846		    "\tdebugging sections should be deleted\t<no strip -x?>");
847	}
848
849DONESTAB:
850
851	# All objects should have a full symbol table to provide complete
852	# debugging stack traces.
853	if ($Strip) {
854		OutMsg($Ttl++, $RelPath,
855		    "\tsymbol table should not be stripped\t<remove -s?>");
856	}
857}
858
859
860sub ProcDir {
861	my($FullDir, $RelDir) = @_;
862	my($NewFull, $NewRel);
863
864	# Determine if this is a directory we don't care about.
865	if (!$opt{a}) {
866		if ($RelDir =~ $SkipDirs) {
867			return;
868		}
869	}
870
871	# Open the directory and read each entry, omit files starting with "."
872	if (opendir(DIR, $FullDir)) {
873		foreach my $Entry (readdir(DIR)) {
874			if ($Entry =~ /^\./) {
875				next;
876			}
877			$NewFull = "$FullDir/$Entry";
878
879			# Ignore symlinks.
880			if (-l $NewFull) {
881				next;
882			}
883			if (!stat($NewFull)) {
884				next;
885			}
886			$NewRel = "$RelDir/$Entry";
887
888			# Descend into and process any directories.
889			if (-d _) {
890				ProcDir($NewFull, $NewRel);
891				next;
892			}
893
894			# Typically dynamic objects are executable, so we can
895			# reduce the overall cost of this script (a lot!) by
896			# screening out non-executables here, rather than pass
897			# them to file(1) later.  However, it has been known
898			# for shared objects to be mistakenly left non-
899			# executable, so with -a let all files through so that
900			# this requirement can be verified (see ProcFile()).
901			if (!$opt{a}) {
902				if (! -x _) {
903					next;
904				}
905			}
906
907			# Process any standard files.
908			if (-f _) {
909				my($Secure) = 0;
910
911				if (-u _ || -g _) {
912					$Secure = 1;
913				}
914
915				ProcFile($NewFull, $NewRel, $Entry, $Secure);
916				next;
917			}
918
919		}
920		closedir(DIR);
921	}
922}
923
924# Create a crle(1) script for any 64-bit dependencies we locate.  A runtime
925# configuration file will be generated to establish alternative dependency
926# mappings for all these dependencies.
927
928sub Entercrle64 {
929	my($FullDir, $RelDir, $Entry) = @_;
930
931	if (!$Crle64) {
932		# Create and initialize the script if is doesn't already exit.
933
934		$Crle64 = "$Tmpdir/$Prog.crle64.$$";
935		open(CRLE64, "> $Crle64") ||
936			die "$Prog: open failed: $Crle64: $!";
937
938		print CRLE64 "#!/bin/sh\ncrle -64\\\n";
939	}
940	print CRLE64 "\t-o $FullDir -a $RelDir/$Entry \\\n";
941}
942
943# Create a crle(1) script for any 32-bit dependencies we locate.  A runtime
944# configuration file will be generated to establish alternative dependency
945# mappings for all these dependencies.
946
947sub Entercrle32 {
948	my($FullDir, $RelDir, $Entry) = @_;
949
950	if (!$Crle32) {
951		# Create and initialize the script if is doesn't already exit.
952
953		$Crle32 = "$Tmpdir/$Prog.crle32.$$";
954		open(CRLE32, "> $Crle32") ||
955			die "$Prog: open failed: $Crle32: $!";
956
957		print CRLE32 "#!/bin/sh\ncrle \\\n";
958	}
959	print CRLE32 "\t-o $FullDir -a $RelDir/$Entry \\\n";
960}
961
962# Having finished gathering dependencies, complete any crle(1) scripts and
963# execute them to generate the associated runtime configuration files.  In
964# addition establish the environment variable required to pass the configuration
965# files to ldd(1).
966
967sub GenConf {
968	if ($Crle64) {
969		$Conf64 = "$Tmpdir/$Prog.conf64.$$";
970		print CRLE64 "\t-c $Conf64\n";
971
972		chmod 0755, $Crle64;
973		close CRLE64;
974
975		if (system($Crle64)) {
976			undef $Conf64;
977		}
978	}
979	if ($Crle32) {
980		$Conf32 = "$Tmpdir/$Prog.conf32.$$";
981		print CRLE32 "\t-c $Conf32\n";
982
983		chmod 0755, $Crle32;
984		close CRLE32;
985
986		if (system($Crle32)) {
987			undef $Conf32;
988		}
989	}
990
991	if ($Crle64 && $Conf64 && $Crle32 && $Conf32) {
992		$Env = "-e LD_FLAGS=config_64=$Conf64,config_32=$Conf32";
993	} elsif ($Crle64 && $Conf64) {
994		$Env = "-e LD_FLAGS=config_64=$Conf64";
995	} elsif ($Crle32 && $Conf32) {
996		$Env = "-e LD_FLAGS=config_32=$Conf32";
997	}
998}
999
1000# Recurse through a directory hierarchy looking for appropriate dependencies.
1001
1002sub GetDeps {
1003	my($FullDir, $RelDir) = @_;
1004	my($NewFull);
1005
1006	# Open the directory and read each entry, omit files starting with "."
1007	if (opendir(DIR, $FullDir)) {
1008		 foreach my $Entry (readdir(DIR)) {
1009			if ($Entry =~ /^\./) {
1010				next;
1011			}
1012			$NewFull = "$FullDir/$Entry";
1013
1014			# We need to follow links so that any dependencies
1015			# are expressed in all their available forms.
1016			# Bail on symlinks like 32 -> .
1017			if (-l $NewFull) {
1018				if (readlink($NewFull) =~ /^\.$/) {
1019					next;
1020				}
1021			}
1022			if (!stat($NewFull)) {
1023				next;
1024			}
1025
1026			# If this is a directory descend into it.
1027			if (-d _) {
1028				my($NewRel);
1029
1030				if ($RelDir =~ /^\/$/) {
1031					$NewRel = "$RelDir$Entry";
1032				} else {
1033					$NewRel = "$RelDir/$Entry";
1034				}
1035
1036				GetDeps($NewFull, $NewRel);
1037				next;
1038			}
1039
1040			# If this is a regular file determine if its a
1041			# valid ELF dependency.
1042			if (-f _) {
1043				my($File);
1044
1045				# Typically shared object dependencies end with
1046				# ".so" or ".so.?", hence we can reduce the cost
1047				# of this script (a lot!) by screening out files
1048				# that don't follow this pattern.
1049				if (!$opt{a}) {
1050					if ($Entry !~ /\.so(?:\.\d+)*$/) {
1051						next;
1052					}
1053				}
1054
1055				$File = `file $NewFull`;
1056				if ($File !~ /dynamic lib/) {
1057					next;
1058				}
1059
1060				if ($File =~ /32-bit/) {
1061					Entercrle32($FullDir, $RelDir, $Entry);
1062				} elsif ($Ena64) {
1063					Entercrle64($FullDir, $RelDir, $Entry);
1064				}
1065				next;
1066			}
1067		}
1068		closedir(DIR);
1069	}
1070}
1071exit $Error
1072