1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * Copyright (c) 1988 AT&T 29 * All Rights Reserved 30 */ 31 32 /* 33 * Run time linker common setup. 34 * 35 * Called from _setup to get the process going at startup. 36 */ 37 38 #include <stdlib.h> 39 #include <fcntl.h> 40 #include <stdio.h> 41 #include <sys/types.h> 42 #include <sys/stat.h> 43 #include <sys/mman.h> 44 #include <string.h> 45 #include <unistd.h> 46 #include <dlfcn.h> 47 #include <sys/sysconfig.h> 48 #include <sys/auxv.h> 49 #include <debug.h> 50 #include <conv.h> 51 #include "_rtld.h" 52 #include "_audit.h" 53 #include "_elf.h" 54 #include "_a.out.h" 55 #include "msg.h" 56 57 58 extern int _end, _edata, _etext; 59 extern void _init(void); 60 extern int _brk_unlocked(void *); 61 62 #ifndef SGS_PRE_UNIFIED_PROCESS 63 /* needed for _brk_unlocked() */ 64 void *_nd = &_end; 65 #endif 66 67 /* 68 * Counters that are incremented every time an object is mapped/unmapped. 69 * 70 * Note that exec() will usually map 2 objects before we receive control, 71 * but this can be 1 if ld.so.1 is executed directly. We count one of these 72 * here, and add another as necessary in setup(). 73 */ 74 u_longlong_t cnt_map = 1; 75 u_longlong_t cnt_unmap = 0; 76 77 78 /* 79 * Define for the executable's interpreter. 80 * Usually it is ld.so.1, but for the first release of ICL binaries 81 * it is libc.so.1. We keep this information so that we don't end 82 * up mapping libc twice if it is the interpreter. 83 */ 84 static Interp _interp; 85 86 /* 87 * LD_PRELOAD objects. 88 */ 89 static int 90 preload(const char *str, Rt_map *mlmp, Rt_map **clmp) 91 { 92 Alist *palp = NULL; 93 char *objs, *ptr, *next; 94 Word lmflags = lml_main.lm_flags; 95 int lddstub; 96 97 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD)); 98 99 if ((objs = strdup(str)) == NULL) 100 return (0); 101 102 /* 103 * Determine if we've been called from lddstub. 104 */ 105 lddstub = (lmflags & LML_FLG_TRC_ENABLE) && 106 (FLAGS1(*clmp) & FL1_RT_LDDSTUB); 107 108 ptr = strtok_r(objs, MSG_ORIG(MSG_STR_DELIMIT), &next); 109 do { 110 Rt_map *nlmp = NULL; 111 uint_t flags; 112 113 DBG_CALL(Dbg_file_preload(&lml_main, ptr)); 114 115 /* 116 * Establish the flags for loading each object. If we're 117 * called via lddstub, then the first preloaded object is the 118 * object being inspected by ldd(1). This object should not be 119 * marked as an interposer, as this object is intended to act 120 * as the target object of the process. 121 */ 122 if (lddstub) 123 flags = FLG_RT_PRELOAD; 124 else 125 flags = (FLG_RT_PRELOAD | FLG_RT_OBJINTPO); 126 127 /* 128 * If this a secure application, then preload errors are 129 * reduced to warnings, as the errors are non-fatal. 130 */ 131 if (rtld_flags & RT_FL_SECURE) 132 rtld_flags2 |= RT_FL2_FTL2WARN; 133 if (expand_paths(*clmp, ptr, &palp, AL_CNT_NEEDED, 134 PD_FLG_EXTLOAD, 0) != 0) 135 nlmp = load_one(&lml_main, ALIST_OFF_DATA, palp, *clmp, 136 MODE(mlmp), flags, 0, NULL); 137 remove_plist(&palp, 0); 138 if (rtld_flags & RT_FL_SECURE) 139 rtld_flags2 &= ~RT_FL2_FTL2WARN; 140 if (nlmp && (bind_one(*clmp, nlmp, BND_NEEDED) == 0)) 141 nlmp = NULL; 142 143 if (lddstub && nlmp) { 144 lddstub = 0; 145 146 /* 147 * Fabricate a binding between the target shared object 148 * and lddstub so that the target object isn't called 149 * out from unused() processing. 150 */ 151 if (lmflags & 152 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)) { 153 if (bind_one(*clmp, nlmp, BND_REFER) == 0) 154 nlmp = NULL; 155 } 156 157 /* 158 * By identifying lddstub as the caller, several 159 * confusing ldd() diagnostics get suppressed. These 160 * diagnostics would reveal how the target shared object 161 * was found from lddstub. Now that the real target is 162 * loaded, identify the target as the caller so that all 163 * ldd() diagnostics are enabled for subsequent objects. 164 */ 165 if (nlmp) 166 *clmp = nlmp; 167 } 168 169 /* 170 * If no error occurred with loading this object, indicate that 171 * this link-map list contains an interposer. 172 */ 173 if (nlmp == NULL) { 174 if ((lmflags & LML_FLG_TRC_ENABLE) || 175 (rtld_flags & RT_FL_SECURE)) 176 continue; 177 else 178 return (0); 179 } 180 if (flags & FLG_RT_OBJINTPO) 181 lml_main.lm_flags |= LML_FLG_INTRPOSE; 182 183 } while ((ptr = strtok_r(NULL, 184 MSG_ORIG(MSG_STR_DELIMIT), &next)) != NULL); 185 186 free(palp); 187 free(objs); 188 return (1); 189 } 190 191 Rt_map * 192 setup(char **envp, auxv_t *auxv, Word _flags, char *_platform, int _syspagsz, 193 char *_rtldname, ulong_t ld_base, ulong_t interp_base, int fd, Phdr *phdr, 194 char *execname, char **argv, uid_t uid, uid_t euid, gid_t gid, gid_t egid, 195 void *aoutdyn, int auxflags, uint_t hwcap_1) 196 { 197 Rt_map *rlmp, *mlmp, *clmp, **tobj = NULL; 198 Ehdr *ehdr; 199 rtld_stat_t status; 200 int features = 0, ldsoexec = 0; 201 size_t eaddr, esize; 202 char *str, *argvname; 203 Word lmflags; 204 mmapobj_result_t *mpp; 205 Fdesc fdr = { 0 }, fdm = { 0 }; 206 Rej_desc rej = { 0 }; 207 208 /* 209 * Now that ld.so has relocated itself, initialize our own 'environ' so 210 * as to establish an address suitable for any libc requirements. 211 */ 212 _environ = (char **)((ulong_t)auxv - sizeof (char *)); 213 _init(); 214 _environ = envp; 215 216 /* 217 * Establish a base time. Total time diagnostics start from entering 218 * ld.so.1 here, however the base time is reset each time the ld.so.1 219 * is re-entered. Note also, there will be a large time associated 220 * with the first diagnostic from ld.so.1, as bootstrapping ld.so.1 221 * and establishing the liblddbg infrastructure takes some time. 222 */ 223 (void) gettimeofday(&DBG_TOTALTIME, NULL); 224 DBG_DELTATIME = DBG_TOTALTIME; 225 226 /* 227 * Determine how ld.so.1 has been executed. 228 */ 229 if ((fd == -1) && (phdr == NULL)) { 230 /* 231 * If we received neither the AT_EXECFD nor the AT_PHDR aux 232 * vector, ld.so.1 must have been invoked directly from the 233 * command line. 234 */ 235 ldsoexec = 1; 236 237 /* 238 * AT_SUN_EXECNAME provides the most precise name, if it is 239 * available, otherwise fall back to argv[0]. At this time, 240 * there is no process name. 241 */ 242 if (execname) 243 rtldname = execname; 244 else if (argv[0]) 245 rtldname = argv[0]; 246 else 247 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 248 } else { 249 /* 250 * Otherwise, we have a standard process. AT_SUN_EXECNAME 251 * provides the most precise name, if it is available, 252 * otherwise fall back to argv[0]. Provided the application 253 * is already mapped, the process is the application, so 254 * simplify the application name for use in any diagnostics. 255 */ 256 if (execname) 257 argvname = execname; 258 else if (argv[0]) 259 argvname = execname = argv[0]; 260 else 261 argvname = execname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 262 263 if (fd == -1) { 264 if ((str = strrchr(argvname, '/')) != NULL) 265 procname = ++str; 266 else 267 procname = argvname; 268 } 269 270 /* 271 * At this point, we don't know the runtime linkers full path 272 * name. The _rtldname passed to us is the SONAME of the 273 * runtime linker, which is typically /lib/ld.so.1 no matter 274 * what the full path is. Use this for now, we'll reset the 275 * runtime linkers name once the application is analyzed. 276 */ 277 if (_rtldname) { 278 if ((str = strrchr(_rtldname, '/')) != NULL) 279 rtldname = ++str; 280 else 281 rtldname = _rtldname; 282 } else 283 rtldname = (char *)MSG_INTL(MSG_STR_UNKNOWN); 284 285 /* exec() brought in two objects for us. Count the second one */ 286 cnt_map++; 287 } 288 289 /* 290 * Initialize any global variables. 291 */ 292 at_flags = _flags; 293 294 if ((org_scapset->sc_plat = _platform) != NULL) 295 org_scapset->sc_platsz = strlen(_platform); 296 297 if (org_scapset->sc_plat == NULL) 298 platform_name(org_scapset); 299 if (org_scapset->sc_mach == NULL) 300 machine_name(org_scapset); 301 302 /* 303 * If pagesize is unspecified find its value. 304 */ 305 if ((syspagsz = _syspagsz) == 0) 306 syspagsz = _sysconfig(_CONFIG_PAGESIZE); 307 308 /* 309 * Add the unused portion of the last data page to the free space list. 310 * The page size must be set before doing this. Here, _end refers to 311 * the end of the runtime linkers bss. Note that we do not use the 312 * unused data pages from any included .so's to supplement this free 313 * space as badly behaved .os's may corrupt this data space, and in so 314 * doing ruin our data. 315 */ 316 eaddr = S_DROUND((size_t)&_end); 317 esize = eaddr % syspagsz; 318 if (esize) { 319 esize = syspagsz - esize; 320 addfree((void *)eaddr, esize); 321 } 322 323 /* 324 * Establish initial link-map list flags, and link-map list alists. 325 */ 326 if (alist_append(&lml_main.lm_lists, NULL, sizeof (Lm_cntl), 327 AL_CNT_LMLISTS) == NULL) 328 return (0); 329 lml_main.lm_flags |= LML_FLG_BASELM; 330 lml_main.lm_lmid = LM_ID_BASE; 331 lml_main.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_BASE); 332 333 if (alist_append(&lml_rtld.lm_lists, NULL, sizeof (Lm_cntl), 334 AL_CNT_LMLISTS) == NULL) 335 return (0); 336 lml_rtld.lm_flags |= (LML_FLG_RTLDLM | LML_FLG_NOAUDIT | 337 LML_FLG_HOLDLOCK); 338 lml_rtld.lm_lmid = LM_ID_LDSO; 339 lml_rtld.lm_lmidstr = (char *)MSG_ORIG(MSG_LMID_LDSO); 340 341 /* 342 * Determine whether we have a secure executable. 343 */ 344 security(uid, euid, gid, egid, auxflags); 345 346 /* 347 * Look for environment strings (allows things like LD_NOAUDIT to be 348 * established, although debugging isn't enabled until later). 349 */ 350 if ((readenv_user((const char **)envp, &(lml_main.lm_flags), 351 &(lml_main.lm_tflags), (aoutdyn != 0))) == 1) 352 return (0); 353 354 /* 355 * Initialize a hardware capability descriptor for use in comparing 356 * each loaded object. The aux vector must provide AF_SUN_HWCAPVERIFY, 357 * as prior to this setting any hardware capabilities that were found 358 * could not be relied upon. Set any alternative system capabilities. 359 */ 360 if (auxflags & AF_SUN_HWCAPVERIFY) { 361 rtld_flags2 |= RT_FL2_HWCAP; 362 org_scapset->sc_hw_1 = (Xword)hwcap_1; 363 } 364 if (cap_alternative() == 0) 365 return (0); 366 367 /* 368 * Create a mapping descriptor for ld.so.1. We can determine our 369 * two segments information from known symbols. 370 */ 371 if ((mpp = calloc(2, sizeof (mmapobj_result_t))) == NULL) 372 return (0); 373 mpp[0].mr_addr = (caddr_t)M_PTRUNC(ld_base); 374 mpp[0].mr_msize = (caddr_t)&_etext - mpp[0].mr_addr; 375 mpp[0].mr_fsize = mpp[0].mr_msize; 376 mpp[0].mr_prot = (PROT_READ | PROT_EXEC); 377 378 mpp[1].mr_addr = (caddr_t)M_PTRUNC((uintptr_t)&r_debug); 379 mpp[1].mr_msize = (caddr_t)&_end - mpp[1].mr_addr; 380 mpp[1].mr_fsize = (caddr_t)&_edata - mpp[1].mr_addr; 381 mpp[1].mr_prot = (PROT_READ | PROT_WRITE | PROT_EXEC); 382 383 if ((fdr.fd_nname = stravl_insert(_rtldname, 0, 0, 0)) == NULL) 384 return (0); 385 if ((rlmp = elf_new_lmp(&lml_rtld, ALIST_OFF_DATA, &fdr, 386 (Addr)mpp->mr_addr, (size_t)((uintptr_t)eaddr - (uintptr_t)ld_base), 387 NULL, NULL)) == NULL) 388 return (0); 389 390 MMAPS(rlmp) = mpp; 391 MMAPCNT(rlmp) = 2; 392 PADSTART(rlmp) = (ulong_t)mpp[0].mr_addr; 393 PADIMLEN(rlmp) = (ulong_t)mpp[0].mr_addr + (ulong_t)mpp[1].mr_addr + 394 (ulong_t)mpp[1].mr_msize; 395 396 MODE(rlmp) |= (RTLD_LAZY | RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD); 397 FLAGS(rlmp) |= (FLG_RT_ANALYZED | FLG_RT_RELOCED | FLG_RT_INITDONE | 398 FLG_RT_INITCLCT | FLG_RT_FINICLCT | FLG_RT_MODESET); 399 400 /* 401 * Initialize the runtime linkers information. 402 */ 403 interp = &_interp; 404 interp->i_name = (char *)rtldname; 405 interp->i_faddr = (caddr_t)ADDR(rlmp); 406 ldso_plt_init(rlmp); 407 408 /* 409 * If ld.so.1 has been invoked directly, process its arguments. 410 */ 411 if (ldsoexec) { 412 /* 413 * Process any arguments that are specific to ld.so.1, and 414 * reorganize the process stack to effectively remove ld.so.1 415 * from it. Reinitialize the environment pointer, as this may 416 * have been shifted after skipping ld.so.1's arguments. 417 */ 418 if (rtld_getopt(argv, &envp, &auxv, &(lml_main.lm_flags), 419 &(lml_main.lm_tflags), (aoutdyn != 0)) == 1) { 420 eprintf(&lml_main, ERR_NONE, MSG_INTL(MSG_USG_BADOPT)); 421 return (0); 422 } 423 _environ = envp; 424 425 /* 426 * Open the object that ld.so.1 is to execute. 427 */ 428 argvname = execname = argv[0]; 429 430 if ((fd = open(argvname, O_RDONLY)) == -1) { 431 int err = errno; 432 eprintf(&lml_main, ERR_FATAL, MSG_INTL(MSG_SYS_OPEN), 433 argvname, strerror(err)); 434 return (0); 435 } 436 } 437 438 /* 439 * Map in the file, if exec has not already done so, or if the file 440 * was passed as an argument to an explicit execution of ld.so.1 from 441 * the command line. 442 */ 443 if (fd != -1) { 444 /* 445 * Map the file. Once the object is mapped we no longer need 446 * the file descriptor. 447 */ 448 (void) rtld_fstat(fd, &status); 449 fdm.fd_ftp = map_obj(&lml_main, &fdm, status.st_size, argvname, 450 fd, &rej); 451 (void) close(fd); 452 453 if (fdm.fd_ftp == NULL) { 454 Conv_reject_desc_buf_t rej_buf; 455 456 eprintf(&lml_main, ERR_FATAL, 457 MSG_INTL(err_reject[rej.rej_type]), argvname, 458 conv_reject_desc(&rej, &rej_buf, M_MACH)); 459 return (0); 460 } 461 462 /* 463 * Finish processing the loading of the file. 464 */ 465 if ((fdm.fd_nname = stravl_insert(argvname, 0, 0, 0)) == NULL) 466 return (0); 467 fdm.fd_dev = status.st_dev; 468 fdm.fd_ino = status.st_ino; 469 470 if ((mlmp = load_file(&lml_main, ALIST_OFF_DATA, &fdm, 471 NULL)) == NULL) 472 return (0); 473 474 /* 475 * We now have a process name for error diagnostics. 476 */ 477 if ((str = strrchr(argvname, '/')) != NULL) 478 procname = ++str; 479 else 480 procname = argvname; 481 482 if (ldsoexec) { 483 mmapobj_result_t *mpp = MMAPS(mlmp); 484 uint_t mnum, mapnum = MMAPCNT(mlmp); 485 void *brkbase = NULL; 486 487 /* 488 * Since ld.so.1 was the primary executed object - the 489 * brk() base has not yet been initialized, we need to 490 * initialize it. For an executable, initialize it to 491 * the end of the object. For a shared object (ET_DYN) 492 * initialize it to the first page in memory. 493 */ 494 for (mnum = 0; mnum < mapnum; mnum++, mpp++) 495 brkbase = mpp->mr_addr + mpp->mr_msize; 496 497 if (brkbase == NULL) 498 brkbase = (void *)syspagsz; 499 500 if (_brk_unlocked(brkbase) == -1) { 501 int err = errno; 502 503 eprintf(&lml_main, ERR_FATAL, 504 MSG_INTL(MSG_SYS_BRK), argvname, 505 strerror(err)); 506 return (0); 507 } 508 } 509 } else { 510 /* 511 * Set up function ptr and arguments according to the type 512 * of file class the executable is. (Currently only supported 513 * types are ELF and a.out format.) Then create a link map 514 * for the executable. 515 */ 516 if (aoutdyn) { 517 #ifdef A_OUT 518 mmapobj_result_t *mpp; 519 520 /* 521 * Create a mapping structure sufficient to describe 522 * a single two segments. The ADDR() of the a.out is 523 * established as 0, which is required but the AOUT 524 * relocation code. 525 */ 526 if ((mpp = 527 calloc(sizeof (mmapobj_result_t), 2)) == NULL) 528 return (0); 529 530 if ((fdm.fd_nname = 531 stravl_insert(execname, 0, 0, 0)) == NULL) 532 return (0); 533 if ((mlmp = aout_new_lmp(&lml_main, ALIST_OFF_DATA, 534 &fdm, 0, 0, aoutdyn, NULL)) == NULL) 535 return (0); 536 537 /* 538 * Establish the true mapping information for the a.out. 539 */ 540 if (aout_get_mmap(&lml_main, mpp)) { 541 free(mpp); 542 return (0); 543 } 544 545 MSIZE(mlmp) = 546 (size_t)(mpp[1].mr_addr + mpp[1].mr_msize) - 547 S_ALIGN((size_t)mpp[0].mr_addr, syspagsz); 548 MMAPS(mlmp) = mpp; 549 MMAPCNT(mlmp) = 2; 550 PADSTART(mlmp) = (ulong_t)mpp->mr_addr; 551 PADIMLEN(mlmp) = mpp->mr_msize; 552 553 /* 554 * Disable any object configuration cache (BCP apps 555 * bring in sbcp which can benefit from any object 556 * cache, but both the app and sbcp can't use the same 557 * objects). 558 */ 559 rtld_flags |= RT_FL_NOOBJALT; 560 561 /* 562 * Make sure no-direct bindings are in effect. 563 */ 564 lml_main.lm_tflags |= LML_TFLG_NODIRECT; 565 #else 566 eprintf(&lml_main, ERR_FATAL, 567 MSG_INTL(MSG_ERR_REJ_UNKFILE), argvname); 568 return (0); 569 #endif 570 } else if (phdr) { 571 Phdr *pptr; 572 Off i_offset = 0; 573 Addr base = 0; 574 ulong_t phsize; 575 mmapobj_result_t *mpp, *fmpp, *hmpp = NULL; 576 uint_t mapnum = 0; 577 int i; 578 size_t msize; 579 580 /* 581 * Using the executables phdr address determine the base 582 * address of the input file. NOTE, this assumes the 583 * program headers and elf header are part of the same 584 * mapped segment. Although this has held for many 585 * years now, it might be more flexible if the kernel 586 * gave use the ELF headers start address, rather than 587 * the Program headers. 588 * 589 * Determine from the ELF header if we're been called 590 * from a shared object or dynamic executable. If the 591 * latter, then any addresses within the object are used 592 * as is. Addresses within shared objects must be added 593 * to the process's base address. 594 */ 595 ehdr = (Ehdr *)((Addr)phdr - phdr->p_offset); 596 phsize = ehdr->e_phentsize; 597 if (ehdr->e_type == ET_DYN) 598 base = (Addr)ehdr; 599 600 /* 601 * Allocate a mapping array to retain mapped segment 602 * information. 603 */ 604 if ((fmpp = mpp = calloc(ehdr->e_phnum, 605 sizeof (mmapobj_result_t))) == NULL) 606 return (0); 607 608 /* 609 * Extract the needed information from the segment 610 * headers. 611 */ 612 for (i = 0, pptr = phdr; i < ehdr->e_phnum; i++) { 613 if (pptr->p_type == PT_INTERP) { 614 i_offset = pptr->p_offset; 615 interp->i_faddr = 616 (caddr_t)interp_base; 617 } 618 if ((pptr->p_type == PT_LOAD) && 619 (pptr->p_filesz || pptr->p_memsz)) { 620 int perm = (PROT_READ | PROT_EXEC); 621 size_t off; 622 623 if (i_offset && pptr->p_filesz && 624 (i_offset >= pptr->p_offset) && 625 (i_offset <= 626 (pptr->p_memsz + pptr->p_offset))) { 627 interp->i_name = (char *) 628 pptr->p_vaddr + i_offset - 629 pptr->p_offset + base; 630 i_offset = 0; 631 } 632 633 if (pptr->p_flags & PF_W) 634 perm |= PROT_WRITE; 635 636 /* 637 * Retain segments mapping info. Round 638 * each segment to a page boundary, as 639 * this insures addresses are suitable 640 * for mprotect() if required. 641 */ 642 off = pptr->p_vaddr + base; 643 if (hmpp == NULL) { 644 hmpp = mpp; 645 mpp->mr_addr = (caddr_t)ehdr; 646 } else 647 mpp->mr_addr = (caddr_t)off; 648 649 off -= (size_t)(uintptr_t)mpp->mr_addr; 650 mpp->mr_msize = pptr->p_memsz + off; 651 mpp->mr_fsize = pptr->p_filesz + off; 652 mpp->mr_prot = perm; 653 654 mpp++, mapnum++; 655 } 656 657 pptr = (Phdr *)((ulong_t)pptr + phsize); 658 } 659 660 mpp--; 661 msize = (size_t)(mpp->mr_addr + mpp->mr_msize) - 662 S_ALIGN((size_t)fmpp->mr_addr, syspagsz); 663 664 if ((fdm.fd_nname = 665 stravl_insert(execname, 0, 0, 0)) == NULL) 666 return (0); 667 if ((mlmp = elf_new_lmp(&lml_main, ALIST_OFF_DATA, &fdm, 668 (Addr)hmpp->mr_addr, msize, NULL, NULL)) == NULL) 669 return (0); 670 671 MMAPS(mlmp) = fmpp; 672 MMAPCNT(mlmp) = mapnum; 673 PADSTART(mlmp) = (ulong_t)fmpp->mr_addr; 674 PADIMLEN(mlmp) = (ulong_t)fmpp->mr_addr + 675 (ulong_t)mpp->mr_addr + (ulong_t)mpp->mr_msize; 676 } 677 } 678 679 /* 680 * Establish the interpretors name as that defined within the initial 681 * object (executable). This provides for ORIGIN processing of ld.so.1 682 * dependencies. Note, the NAME() of the object remains that which was 683 * passed to us as the SONAME on execution. 684 */ 685 if (ldsoexec == 0) { 686 size_t len = strlen(interp->i_name); 687 688 if (expand(&interp->i_name, &len, 0, 0, 689 (PD_TKN_ISALIST | PD_TKN_CAP), rlmp) & PD_TKN_RESOLVED) 690 fdr.fd_flags |= FLG_FD_RESOLVED; 691 } 692 fdr.fd_pname = interp->i_name; 693 (void) fullpath(rlmp, &fdr); 694 695 /* 696 * The runtime linker acts as a filtee for various dl*() functions that 697 * are defined in libc (and libdl). Make sure this standard name for 698 * the runtime linker is also registered in the FullPathNode AVL tree. 699 */ 700 (void) fpavl_insert(&lml_rtld, rlmp, _rtldname, 0); 701 702 /* 703 * Having established the true runtime linkers name, simplify the name 704 * for error diagnostics. 705 */ 706 if ((str = strrchr(PATHNAME(rlmp), '/')) != NULL) 707 rtldname = ++str; 708 else 709 rtldname = PATHNAME(rlmp); 710 711 /* 712 * Expand the fullpath name of the application. This typically occurs 713 * as a part of loading an object, but as the kernel probably mapped 714 * it in, complete this processing now. 715 */ 716 (void) fullpath(mlmp, 0); 717 718 /* 719 * Some troublesome programs will change the value of argv[0]. Dupping 720 * the process string protects us, and insures the string is left in 721 * any core files. 722 */ 723 if ((str = (char *)strdup(procname)) == NULL) 724 return (0); 725 procname = str; 726 727 #if defined(_ELF64) 728 /* 729 * If this is a 64-bit process, determine whether this process has 730 * restricted the process address space to 32-bits. Any dependencies 731 * that are restricted to a 32-bit address space can only be loaded if 732 * the executable has established this requirement. 733 */ 734 if (CAPSET(mlmp).sc_sf_1 & SF1_SUNW_ADDR32) 735 rtld_flags2 |= RT_FL2_ADDR32; 736 #endif 737 /* 738 * Establish any alternative capabilities, and validate this object 739 * if it defines it's own capabilities information. 740 */ 741 if (cap_check_lmp(mlmp, &rej) == 0) { 742 if (lml_main.lm_flags & LML_FLG_TRC_ENABLE) { 743 /* LINTED */ 744 (void) printf(MSG_INTL(ldd_warn[rej.rej_type]), 745 NAME(mlmp), rej.rej_str); 746 } else { 747 /* LINTED */ 748 eprintf(&lml_main, ERR_FATAL, 749 MSG_INTL(err_reject[rej.rej_type]), 750 NAME(mlmp), rej.rej_str); 751 return (0); 752 } 753 } 754 755 FLAGS(mlmp) |= (FLG_RT_ISMAIN | FLG_RT_MODESET); 756 FLAGS1(mlmp) |= FL1_RT_USED; 757 758 /* 759 * It's the responsibility of MAIN(crt0) to call it's _init and _fini 760 * section, therefore null out any INIT/FINI so that this object isn't 761 * collected during tsort processing. And, if the application has no 762 * initarray or finiarray we can economize on establishing bindings. 763 */ 764 INIT(mlmp) = FINI(mlmp) = NULL; 765 if ((INITARRAY(mlmp) == NULL) && (FINIARRAY(mlmp) == NULL)) 766 FLAGS1(mlmp) |= FL1_RT_NOINIFIN; 767 768 /* 769 * Identify lddstub if necessary. 770 */ 771 if (lml_main.lm_flags & LML_FLG_TRC_LDDSTUB) 772 FLAGS1(mlmp) |= FL1_RT_LDDSTUB; 773 774 /* 775 * Retain our argument information for use in dlinfo. 776 */ 777 argsinfo.dla_argv = argv--; 778 argsinfo.dla_argc = (long)*argv; 779 argsinfo.dla_envp = envp; 780 argsinfo.dla_auxv = auxv; 781 782 (void) enter(0); 783 784 /* 785 * Add our two main link-maps to the dynlm_list 786 */ 787 if (aplist_append(&dynlm_list, &lml_main, AL_CNT_DYNLIST) == NULL) 788 return (0); 789 790 if (aplist_append(&dynlm_list, &lml_rtld, AL_CNT_DYNLIST) == NULL) 791 return (0); 792 793 /* 794 * Reset the link-map counts for both lists. The init count is used to 795 * track how many objects have pending init sections, this gets incre- 796 * mented each time an object is relocated. Since ld.so.1 relocates 797 * itself, it's init count will remain zero. 798 * The object count is used to track how many objects have pending fini 799 * sections, as ld.so.1 handles its own fini we can zero its count. 800 */ 801 lml_main.lm_obj = 1; 802 lml_rtld.lm_obj = 0; 803 804 /* 805 * Initialize debugger information structure. Some parts of this 806 * structure were initialized statically. 807 */ 808 r_debug.rtd_rdebug.r_map = (Link_map *)lml_main.lm_head; 809 r_debug.rtd_rdebug.r_ldsomap = (Link_map *)lml_rtld.lm_head; 810 r_debug.rtd_rdebug.r_ldbase = r_debug.rtd_rdebug.r_ldsomap->l_addr; 811 r_debug.rtd_dynlmlst = &dynlm_list; 812 813 /* 814 * Determine the dev/inode information for the executable to complete 815 * load_so() checking for those who might dlopen(a.out). 816 */ 817 if (rtld_stat(PATHNAME(mlmp), &status) == 0) { 818 STDEV(mlmp) = status.st_dev; 819 STINO(mlmp) = status.st_ino; 820 } 821 822 /* 823 * Initialize any configuration information. 824 */ 825 if (!(rtld_flags & RT_FL_NOCFG)) { 826 if ((features = elf_config(mlmp, (aoutdyn != 0))) == -1) 827 return (0); 828 829 if (cap_alternative() == 0) 830 return (0); 831 } 832 833 /* 834 * Establish the modes of the initial object. These modes are 835 * propagated to any preloaded objects and explicit shared library 836 * dependencies. 837 * 838 * If we're generating a configuration file using crle(1), remove 839 * any RTLD_NOW use, as we don't want to trigger any relocation proc- 840 * essing during crle(1)'s first past (this would just be unnecessary 841 * overhead). Any filters are explicitly loaded, and thus RTLD_NOW is 842 * not required to trigger filter loading. 843 * 844 * Note, RTLD_NOW may have been established during analysis of the 845 * application had the application been built -z now. 846 */ 847 MODE(mlmp) |= (RTLD_NODELETE | RTLD_GLOBAL | RTLD_WORLD); 848 849 if (rtld_flags & RT_FL_CONFGEN) { 850 MODE(mlmp) |= RTLD_CONFGEN; 851 MODE(mlmp) &= ~RTLD_NOW; 852 rtld_flags2 &= ~RT_FL2_BINDNOW; 853 } 854 855 if ((MODE(mlmp) & RTLD_NOW) == 0) { 856 if (rtld_flags2 & RT_FL2_BINDNOW) 857 MODE(mlmp) |= RTLD_NOW; 858 else 859 MODE(mlmp) |= RTLD_LAZY; 860 } 861 862 /* 863 * If debugging was requested initialize things now that any cache has 864 * been established. A user can specify LD_DEBUG=help to discover the 865 * list of debugging tokens available without running the application. 866 * However, don't allow this setting from a configuration file. 867 * 868 * Note, to prevent recursion issues caused by loading and binding the 869 * debugging libraries themselves, a local debugging descriptor is 870 * initialized. Once the debugging setup has completed, this local 871 * descriptor is copied to the global descriptor which effectively 872 * enables diagnostic output. 873 * 874 * Ignore any debugging request if we're being monitored by a process 875 * that expects the old getpid() initialization handshake. 876 */ 877 if ((rpl_debug || prm_debug) && ((rtld_flags & RT_FL_DEBUGGER) == 0)) { 878 Dbg_desc _dbg_desc = {0}; 879 struct timeval total = DBG_TOTALTIME; 880 struct timeval delta = DBG_DELTATIME; 881 882 if (rpl_debug) { 883 if (dbg_setup(rpl_debug, &_dbg_desc) == 0) 884 return (0); 885 if (_dbg_desc.d_extra & DBG_E_HELP_EXIT) 886 rtldexit(&lml_main, 0); 887 } 888 if (prm_debug) 889 (void) dbg_setup(prm_debug, &_dbg_desc); 890 891 *dbg_desc = _dbg_desc; 892 DBG_TOTALTIME = total; 893 DBG_DELTATIME = delta; 894 } 895 896 /* 897 * Now that debugging is enabled generate any diagnostics from any 898 * previous events. 899 */ 900 if (DBG_ENABLED) { 901 DBG_CALL(Dbg_cap_val(&lml_main, org_scapset, alt_scapset, 902 M_MACH)); 903 DBG_CALL(Dbg_file_config_dis(&lml_main, config->c_name, 904 features)); 905 906 DBG_CALL(Dbg_file_ldso(rlmp, envp, auxv, 907 LIST(rlmp)->lm_lmidstr, ALIST_OFF_DATA)); 908 909 if (THIS_IS_ELF(mlmp)) { 910 DBG_CALL(Dbg_file_elf(&lml_main, PATHNAME(mlmp), 911 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr, 912 ALIST_OFF_DATA)); 913 } else { 914 DBG_CALL(Dbg_file_aout(&lml_main, PATHNAME(mlmp), 915 ADDR(mlmp), MSIZE(mlmp), LIST(mlmp)->lm_lmidstr, 916 ALIST_OFF_DATA)); 917 } 918 } 919 920 /* 921 * Enable auditing. 922 */ 923 if (rpl_audit || prm_audit || profile_lib) { 924 int ndx; 925 const char *aud[3]; 926 927 aud[0] = rpl_audit; 928 aud[1] = prm_audit; 929 aud[2] = profile_lib; 930 931 /* 932 * Any global auditing (set using LD_AUDIT or LD_PROFILE) that 933 * can't be established is non-fatal. 934 */ 935 if ((auditors = calloc(1, sizeof (Audit_desc))) == NULL) 936 return (0); 937 938 for (ndx = 0; ndx < 3; ndx++) { 939 if (aud[ndx]) { 940 if ((auditors->ad_name = 941 strdup(aud[ndx])) == NULL) 942 return (0); 943 rtld_flags2 |= RT_FL2_FTL2WARN; 944 (void) audit_setup(mlmp, auditors, 945 PD_FLG_EXTLOAD, NULL); 946 rtld_flags2 &= ~RT_FL2_FTL2WARN; 947 } 948 } 949 lml_main.lm_tflags |= auditors->ad_flags; 950 } 951 if (AUDITORS(mlmp)) { 952 /* 953 * Any object required auditing (set with a DT_DEPAUDIT dynamic 954 * entry) that can't be established is fatal. 955 */ 956 if (FLAGS1(mlmp) & FL1_RT_GLOBAUD) { 957 /* 958 * If this object requires global auditing, use the 959 * local auditing information to set the global 960 * auditing descriptor. The effect is that a 961 * DT_DEPAUDIT act as an LD_AUDIT. 962 */ 963 if ((auditors == NULL) && ((auditors = calloc(1, 964 sizeof (Audit_desc))) == NULL)) 965 return (0); 966 967 auditors->ad_name = AUDITORS(mlmp)->ad_name; 968 if (audit_setup(mlmp, auditors, 0, NULL) == 0) 969 return (0); 970 lml_main.lm_tflags |= auditors->ad_flags; 971 972 /* 973 * Clear the local auditor information. 974 */ 975 free((void *) AUDITORS(mlmp)); 976 AUDITORS(mlmp) = NULL; 977 978 } else { 979 /* 980 * Establish any local auditing. 981 */ 982 if (audit_setup(mlmp, AUDITORS(mlmp), 0, NULL) == 0) 983 return (0); 984 985 AFLAGS(mlmp) |= AUDITORS(mlmp)->ad_flags; 986 lml_main.lm_flags |= LML_FLG_LOCAUDIT; 987 } 988 } 989 990 /* 991 * Explicitly add the initial object and ld.so.1 to those objects being 992 * audited. Note, although the ld.so.1 link-map isn't auditable, 993 * establish a cookie for ld.so.1 as this may be bound to via the 994 * dl*() family. 995 */ 996 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_MASK) { 997 if (((audit_objopen(mlmp, mlmp) == 0) || 998 (audit_objopen(mlmp, rlmp) == 0)) && 999 (AFLAGS(mlmp) & LML_TFLG_AUD_MASK)) 1000 return (0); 1001 } 1002 1003 /* 1004 * Map in any preloadable shared objects. Establish the caller as the 1005 * head of the main link-map list. In the case of being exercised from 1006 * lddstub, the caller gets reassigned to the first target shared object 1007 * so as to provide intuitive diagnostics from ldd(). 1008 * 1009 * Note, it is valid to preload a 4.x shared object with a 5.0 1010 * executable (or visa-versa), as this functionality is required by 1011 * ldd(1). 1012 */ 1013 clmp = mlmp; 1014 if (rpl_preload && (preload(rpl_preload, mlmp, &clmp) == 0)) 1015 return (0); 1016 if (prm_preload && (preload(prm_preload, mlmp, &clmp) == 0)) 1017 return (0); 1018 1019 /* 1020 * Load all dependent (needed) objects. 1021 */ 1022 if (analyze_lmc(&lml_main, ALIST_OFF_DATA, mlmp, NULL) == NULL) 1023 return (0); 1024 1025 /* 1026 * Relocate all the dependencies we've just added. 1027 * 1028 * If this process has been established via crle(1), the environment 1029 * variable LD_CONFGEN will have been set. crle(1) may create this 1030 * process twice. The first time crle only needs to gather dependency 1031 * information. The second time, is to dldump() the images. 1032 * 1033 * If we're only gathering dependencies, relocation is unnecessary. 1034 * As crle(1) may be building an arbitrary family of objects, they may 1035 * not fully relocate either. Hence the relocation phase is not carried 1036 * out now, but will be called by crle(1) once all objects have been 1037 * loaded. 1038 */ 1039 if ((rtld_flags & RT_FL_CONFGEN) == 0) { 1040 1041 DBG_CALL(Dbg_util_nl(&lml_main, DBG_NL_STD)); 1042 1043 if (relocate_lmc(&lml_main, ALIST_OFF_DATA, mlmp, 1044 mlmp, NULL) == 0) 1045 return (0); 1046 1047 /* 1048 * Inform the debuggers that basic process initialization is 1049 * complete, and that the state of ld.so.1 (link-map lists, 1050 * etc.) is stable. This handshake enables the debugger to 1051 * initialize themselves, and consequently allows the user to 1052 * set break points in .init code. 1053 * 1054 * Most new debuggers use librtld_db to monitor activity events. 1055 * Older debuggers indicated their presence by setting the 1056 * DT_DEBUG entry in the dynamic executable (see elf_new_lm()). 1057 * In this case, getpid() is called so that the debugger can 1058 * catch the system call. This old mechanism has some 1059 * restrictions, as getpid() should not be called prior to 1060 * basic process initialization being completed. This 1061 * restriction has become increasingly difficult to maintain, 1062 * as the use of auditors, LD_DEBUG, and the initialization 1063 * handshake with libc can result in "premature" getpid() 1064 * calls. The use of this getpid() handshake is expected to 1065 * disappear at some point in the future, and there is intent 1066 * to work towards that goal. 1067 */ 1068 rd_event(&lml_main, RD_DLACTIVITY, RT_CONSISTENT); 1069 rd_event(&lml_rtld, RD_DLACTIVITY, RT_CONSISTENT); 1070 1071 if (rtld_flags & RT_FL_DEBUGGER) { 1072 r_debug.rtd_rdebug.r_flags |= RD_FL_ODBG; 1073 (void) getpid(); 1074 } 1075 } 1076 1077 /* 1078 * Indicate preinit activity, and call any auditing routines. These 1079 * routines are called before initializing any threads via libc, or 1080 * before collecting the complete set of .inits on the primary link-map. 1081 * Although most libc interfaces are encapsulated in local routines 1082 * within libc, they have been known to escape (ie. call a .plt). As 1083 * the appcert auditor uses preinit as a trigger to establish some 1084 * external interfaces to the main link-maps libc, we need to activate 1085 * this trigger before exercising any code within libc. Additionally, 1086 * I wouldn't put it past an auditor to add additional objects to the 1087 * primary link-map. Hence, we collect .inits after the audit call. 1088 */ 1089 rd_event(&lml_main, RD_PREINIT, 0); 1090 1091 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_ACTIVITY) 1092 audit_activity(mlmp, LA_ACT_CONSISTENT); 1093 if ((lml_main.lm_tflags | AFLAGS(mlmp)) & LML_TFLG_AUD_PREINIT) 1094 audit_preinit(mlmp); 1095 1096 /* 1097 * If we're creating initial configuration information, we're done 1098 * now that the auditing step has been called. 1099 */ 1100 if (rtld_flags & RT_FL_CONFGEN) { 1101 leave(LIST(mlmp), 0); 1102 return (mlmp); 1103 } 1104 1105 /* 1106 * Sort the .init sections of all objects we've added. If we're 1107 * tracing we only need to execute this under ldd(1) with the -i or -u 1108 * options. 1109 */ 1110 lmflags = lml_main.lm_flags; 1111 if (((lmflags & LML_FLG_TRC_ENABLE) == 0) || 1112 (lmflags & (LML_FLG_TRC_INIT | LML_FLG_TRC_UNREF))) { 1113 if ((tobj = tsort(mlmp, LIST(mlmp)->lm_init, 1114 RT_SORT_REV)) == (Rt_map **)S_ERROR) 1115 return (0); 1116 } 1117 1118 /* 1119 * If we are tracing we're done. This is the one legitimate use of a 1120 * direct call to rtldexit() rather than return, as we don't want to 1121 * return and jump to the application. 1122 */ 1123 if (lmflags & LML_FLG_TRC_ENABLE) { 1124 unused(&lml_main); 1125 rtldexit(&lml_main, 0); 1126 } 1127 1128 /* 1129 * Check if this instance of the linker should have a primary link 1130 * map. This flag allows multiple copies of the -same- -version- 1131 * of the linker (and libc) to run in the same address space. 1132 * 1133 * Without this flag we only support one copy of the linker in a 1134 * process because by default the linker will always try to 1135 * initialize at one primary link map The copy of libc which is 1136 * initialized on a primary link map will initialize global TLS 1137 * data which can be shared with other copies of libc in the 1138 * process. The problem is that if there is more than one copy 1139 * of the linker, only one copy should link libc onto a primary 1140 * link map, otherwise libc will attempt to re-initialize global 1141 * TLS data. So when a copy of the linker is loaded with this 1142 * flag set, it will not initialize any primary link maps since 1143 * presumably another copy of the linker will do this. 1144 * 1145 * Note that this flag only allows multiple copies of the -same- 1146 * -version- of the linker (and libc) to coexist. This approach 1147 * will not work if we are trying to load different versions of 1148 * the linker and libc into the same process. The reason for 1149 * this is that the format of the global TLS data may not be 1150 * the same for different versions of libc. In this case each 1151 * different version of libc must have it's own primary link map 1152 * and be able to maintain it's own TLS data. The only way this 1153 * can be done is by carefully managing TLS pointers on transitions 1154 * between code associated with each of the different linkers. 1155 * Note that this is actually what is done for processes in lx 1156 * branded zones. Although in the lx branded zone case, the 1157 * other linker and libc are actually gld and glibc. But the 1158 * same general TLS management mechanism used by the lx brand 1159 * would apply to any attempts to run multiple versions of the 1160 * solaris linker and libc in a single process. 1161 */ 1162 if (auxflags & AF_SUN_NOPLM) 1163 rtld_flags2 |= RT_FL2_NOPLM; 1164 1165 /* 1166 * Establish any static TLS for this primary link-map. Note, regardless 1167 * of whether TLS is available, an initial handshake occurs with libc to 1168 * indicate we're processing the primary link-map. Having identified 1169 * the primary link-map, initialize threads. 1170 */ 1171 if (rt_get_extern(&lml_main, mlmp) == 0) 1172 return (0); 1173 1174 if ((rtld_flags2 & RT_FL2_NOPLM) == 0) { 1175 if (tls_statmod(&lml_main, mlmp) == 0) 1176 return (0); 1177 rt_thr_init(&lml_main); 1178 rtld_flags2 |= RT_FL2_PLMSETUP; 1179 } else { 1180 rt_thr_init(&lml_main); 1181 } 1182 1183 rtld_flags |= RT_FL_APPLIC; 1184 1185 /* 1186 * Fire all dependencies .init sections. Identify any unused 1187 * dependencies, and leave the runtime linker - effectively calling 1188 * the dynamic executables entry point. 1189 */ 1190 call_array(PREINITARRAY(mlmp), (uint_t)PREINITARRAYSZ(mlmp), mlmp, 1191 SHT_PREINIT_ARRAY); 1192 1193 if (tobj) 1194 call_init(tobj, DBG_INIT_SORT); 1195 1196 rd_event(&lml_main, RD_POSTINIT, 0); 1197 1198 unused(&lml_main); 1199 1200 DBG_CALL(Dbg_util_call_main(mlmp)); 1201 1202 rtld_flags |= RT_FL_OPERATION; 1203 leave(LIST(mlmp), 0); 1204 1205 return (mlmp); 1206 } 1207