1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 1988 AT&T 24 * All Rights Reserved 25 * 26 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 27 * Use is subject to license terms. 28 */ 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 /* 32 * Object file dependent support for ELF objects. 33 */ 34 #include "_synonyms.h" 35 36 #include <stdio.h> 37 #include <sys/procfs.h> 38 #include <sys/mman.h> 39 #include <sys/debug.h> 40 #include <string.h> 41 #include <limits.h> 42 #include <dlfcn.h> 43 #include <debug.h> 44 #include <conv.h> 45 #include "_rtld.h" 46 #include "_audit.h" 47 #include "_elf.h" 48 #include "msg.h" 49 50 /* 51 * Default and secure dependency search paths. 52 */ 53 static Pnode elf_dflt_dirs[] = { 54 #if defined(_ELF64) 55 #ifndef SGS_PRE_UNIFIED_PROCESS 56 { MSG_ORIG(MSG_PTH_LIB_64), 0, MSG_PTH_LIB_64_SIZE, 57 LA_SER_DEFAULT, 0, &elf_dflt_dirs[1] }, 58 #endif 59 { MSG_ORIG(MSG_PTH_USRLIB_64), 0, MSG_PTH_USRLIB_64_SIZE, 60 LA_SER_DEFAULT, 0, 0 } 61 #else 62 #ifndef SGS_PRE_UNIFIED_PROCESS 63 { MSG_ORIG(MSG_PTH_LIB), 0, MSG_PTH_LIB_SIZE, 64 LA_SER_DEFAULT, 0, &elf_dflt_dirs[1] }, 65 #endif 66 { MSG_ORIG(MSG_PTH_USRLIB), 0, MSG_PTH_USRLIB_SIZE, 67 LA_SER_DEFAULT, 0, 0 } 68 #endif 69 }; 70 71 static Pnode elf_secure_dirs[] = { 72 #if defined(_ELF64) 73 #ifndef SGS_PRE_UNIFIED_PROCESS 74 { MSG_ORIG(MSG_PTH_LIBSE_64), 0, MSG_PTH_LIBSE_64_SIZE, 75 LA_SER_SECURE, 0, &elf_secure_dirs[1] }, 76 #endif 77 { MSG_ORIG(MSG_PTH_USRLIBSE_64), 0, 78 MSG_PTH_USRLIBSE_64_SIZE, 79 LA_SER_SECURE, 0, 0 } 80 #else 81 #ifndef SGS_PRE_UNIFIED_PROCESS 82 { MSG_ORIG(MSG_PTH_LIBSE), 0, MSG_PTH_LIBSE_SIZE, 83 LA_SER_SECURE, 0, &elf_secure_dirs[1] }, 84 #endif 85 { MSG_ORIG(MSG_PTH_USRLIBSE), 0, MSG_PTH_USRLIBSE_SIZE, 86 LA_SER_SECURE, 0, 0 } 87 #endif 88 }; 89 90 /* 91 * Defines for local functions. 92 */ 93 static Pnode *elf_fix_name(const char *, Rt_map *, uint_t); 94 static int elf_are_u(Rej_desc *); 95 static void elf_dladdr(ulong_t, Rt_map *, Dl_info *, void **, int); 96 static ulong_t elf_entry_pt(void); 97 static char *elf_get_so(const char *, const char *); 98 static Rt_map *elf_map_so(Lm_list *, Aliste, const char *, const char *, int); 99 static int elf_needed(Lm_list *, Aliste, Rt_map *); 100 static void elf_unmap_so(Rt_map *); 101 static int elf_verify_vers(const char *, Rt_map *, Rt_map *); 102 103 /* 104 * Functions and data accessed through indirect pointers. 105 */ 106 Fct elf_fct = { 107 elf_are_u, 108 elf_entry_pt, 109 elf_map_so, 110 elf_unmap_so, 111 elf_needed, 112 lookup_sym, 113 elf_reloc, 114 elf_dflt_dirs, 115 elf_secure_dirs, 116 elf_fix_name, 117 elf_get_so, 118 elf_dladdr, 119 dlsym_handle, 120 elf_verify_vers, 121 elf_set_prot 122 }; 123 124 125 /* 126 * Redefine NEEDED name if necessary. 127 */ 128 static Pnode * 129 elf_fix_name(const char *name, Rt_map *clmp, uint_t orig) 130 { 131 /* 132 * For ABI compliance, if we are asked for ld.so.1, then really give 133 * them libsys.so.1 (the SONAME of libsys.so.1 is ld.so.1). 134 */ 135 if (((*name == '/') && 136 #if defined(_ELF64) 137 (strcmp(name, MSG_ORIG(MSG_PTH_RTLD_64)) == 0)) || 138 #else 139 (strcmp(name, MSG_ORIG(MSG_PTH_RTLD)) == 0)) || 140 #endif 141 (strcmp(name, MSG_ORIG(MSG_FIL_RTLD)) == 0)) { 142 Pnode *pnp; 143 144 DBG_CALL(Dbg_file_fixname(LIST(clmp), name, 145 MSG_ORIG(MSG_PTH_LIBSYS))); 146 if (((pnp = calloc(sizeof (Pnode), 1)) == 0) || 147 ((pnp->p_name = strdup(MSG_ORIG(MSG_PTH_LIBSYS))) == 0)) { 148 if (pnp) 149 free(pnp); 150 return (0); 151 } 152 pnp->p_len = MSG_PTH_LIBSYS_SIZE; 153 pnp->p_orig = (orig & PN_SER_MASK); 154 return (pnp); 155 } 156 157 return (expand_paths(clmp, name, orig, 0)); 158 } 159 160 /* 161 * Determine if we have been given an ELF file and if so determine if the file 162 * is compatible. Returns 1 if true, else 0 and sets the reject descriptor 163 * with associated error information. 164 */ 165 static int 166 elf_are_u(Rej_desc *rej) 167 { 168 Ehdr *ehdr; 169 170 /* 171 * Determine if we're an elf file. If not simply return, we don't set 172 * any rejection information as this test allows use to scroll through 173 * the objects we support (ELF, AOUT). 174 */ 175 if (fmap->fm_fsize < sizeof (Ehdr) || 176 fmap->fm_maddr[EI_MAG0] != ELFMAG0 || 177 fmap->fm_maddr[EI_MAG1] != ELFMAG1 || 178 fmap->fm_maddr[EI_MAG2] != ELFMAG2 || 179 fmap->fm_maddr[EI_MAG3] != ELFMAG3) { 180 return (0); 181 } 182 183 /* 184 * Check class and encoding. 185 */ 186 /* LINTED */ 187 ehdr = (Ehdr *)fmap->fm_maddr; 188 if (ehdr->e_ident[EI_CLASS] != M_CLASS) { 189 rej->rej_type = SGS_REJ_CLASS; 190 rej->rej_info = (uint_t)ehdr->e_ident[EI_CLASS]; 191 return (0); 192 } 193 if (ehdr->e_ident[EI_DATA] != M_DATA) { 194 rej->rej_type = SGS_REJ_DATA; 195 rej->rej_info = (uint_t)ehdr->e_ident[EI_DATA]; 196 return (0); 197 } 198 if ((ehdr->e_type != ET_REL) && (ehdr->e_type != ET_EXEC) && 199 (ehdr->e_type != ET_DYN)) { 200 rej->rej_type = SGS_REJ_TYPE; 201 rej->rej_info = (uint_t)ehdr->e_type; 202 return (0); 203 } 204 205 /* 206 * Verify machine specific flags, and hardware capability requirements. 207 */ 208 if ((elf_mach_flags_check(rej, ehdr) == 0) || 209 ((rtld_flags2 & RT_FL2_HWCAP) && (hwcap_check(rej, ehdr) == 0))) 210 return (0); 211 212 /* 213 * Verify ELF version. ??? is this too restrictive ??? 214 */ 215 if (ehdr->e_version > EV_CURRENT) { 216 rej->rej_type = SGS_REJ_VERSION; 217 rej->rej_info = (uint_t)ehdr->e_version; 218 return (0); 219 } 220 return (1); 221 } 222 223 /* 224 * The runtime linker employs lazy loading to provide the libraries needed for 225 * debugging, preloading .o's and dldump(). As these are seldom used, the 226 * standard startup of ld.so.1 doesn't initialize all the information necessary 227 * to perform plt relocation on ld.so.1's link-map. The first time lazy loading 228 * is called we get here to perform these initializations: 229 * 230 * o elf_needed() is called to set up the DYNINFO() indexes for each lazy 231 * dependency. Typically, for all other objects, this is called during 232 * analyze_so(), but as ld.so.1 is set-contained we skip this processing. 233 * 234 * o For intel, ld.so.1's JMPSLOT relocations need relative updates. These 235 * are by default skipped thus delaying all relative relocation processing 236 * on every invocation of ld.so.1. 237 */ 238 int 239 elf_rtld_load() 240 { 241 Lm_list *lml = &lml_rtld; 242 Rt_map *lmp = lml->lm_head; 243 244 if (lml->lm_flags & LML_FLG_PLTREL) 245 return (1); 246 247 /* 248 * As we need to refer to the DYNINFO() information, insure that it has 249 * been initialized. 250 */ 251 if (elf_needed(lml, ALO_DATA, lmp) == 0) 252 return (0); 253 254 #if defined(__i386) 255 /* 256 * This is a kludge to give ld.so.1 a performance benefit on i386. 257 * It's based around two factors. 258 * 259 * o JMPSLOT relocations (PLT's) actually need a relative relocation 260 * applied to the GOT entry so that they can find PLT0. 261 * 262 * o ld.so.1 does not exercise *any* PLT's before it has made a call 263 * to elf_lazy_load(). This is because all dynamic dependencies 264 * are recorded as lazy dependencies. 265 */ 266 (void) elf_reloc_relacount((ulong_t)JMPREL(lmp), 267 (ulong_t)(PLTRELSZ(lmp) / RELENT(lmp)), (ulong_t)RELENT(lmp), 268 (ulong_t)ADDR(lmp)); 269 #endif 270 271 lml->lm_flags |= LML_FLG_PLTREL; 272 return (1); 273 } 274 275 /* 276 * Lazy load an object. 277 */ 278 Rt_map * 279 elf_lazy_load(Rt_map *clmp, uint_t ndx, const char *sym) 280 { 281 Rt_map *nlmp, *hlmp; 282 Dyninfo *dip = &DYNINFO(clmp)[ndx]; 283 uint_t flags = 0; 284 Pnode *pnp; 285 const char *name; 286 Lm_list *lml = LIST(clmp); 287 Lm_cntl *lmc; 288 Aliste lmco; 289 290 /* 291 * If this dependency has already been processed, we're done. 292 */ 293 if (((nlmp = (Rt_map *)dip->di_info) != 0) || 294 (dip->di_flags & FLG_DI_PROCESSD)) 295 return (nlmp); 296 297 /* 298 * Determine the initial dependency name, and indicate that this 299 * dependencies processing has initiated. 300 */ 301 name = STRTAB(clmp) + DYN(clmp)[ndx].d_un.d_val; 302 DBG_CALL(Dbg_file_lazyload(clmp, name, sym)); 303 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 304 dip->di_flags |= FLG_DI_PROCESSD; 305 306 if (dip->di_flags & FLG_DI_GROUP) 307 flags |= (FLG_RT_SETGROUP | FLG_RT_HANDLE); 308 309 /* 310 * Expand the requested name if necessary. 311 */ 312 if ((pnp = elf_fix_name(name, clmp, PN_SER_NEEDED)) == 0) 313 return (0); 314 315 /* 316 * Provided the object on the head of the link-map has completed its 317 * relocation, create a new link-map control list for this request. 318 */ 319 hlmp = lml->lm_head; 320 if (FLAGS(hlmp) & FLG_RT_RELOCED) { 321 if ((lmc = alist_append(&(lml->lm_lists), 0, sizeof (Lm_cntl), 322 AL_CNT_LMLISTS)) == 0) { 323 remove_pnode(pnp); 324 return (0); 325 } 326 lmco = (Aliste)((char *)lmc - (char *)lml->lm_lists); 327 } else { 328 lmc = 0; 329 lmco = ALO_DATA; 330 } 331 332 /* 333 * Load the associated object. 334 */ 335 dip->di_info = nlmp = 336 load_one(lml, lmco, pnp, clmp, MODE(clmp), flags, 0); 337 338 /* 339 * Remove any expanded pathname infrastructure. Reduce the pending lazy 340 * dependency count of the caller, together with the link-map lists 341 * count of objects that still have lazy dependencies pending. 342 */ 343 remove_pnode(pnp); 344 if (--LAZY(clmp) == 0) 345 LIST(clmp)->lm_lazy--; 346 347 /* 348 * Finish processing the objects associated with this request, and 349 * create an association between the caller and this dependency. 350 */ 351 if (nlmp && (((analyze_lmc(lml, lmco, nlmp) == 0)) || 352 (relocate_lmc(lml, lmco, clmp, nlmp) == 0) || 353 (bind_one(clmp, nlmp, BND_NEEDED) == 0))) 354 dip->di_info = nlmp = 0; 355 356 /* 357 * If this lazyload has failed, and we've created a new link-map 358 * control list to which this request has added objects, then remove 359 * all the objects that have been associated to this request. 360 */ 361 if ((nlmp == 0) && lmc && lmc->lc_head) 362 remove_lmc(lml, clmp, lmc, lmco, name); 363 364 /* 365 * Finally, remove any link-map control list that was created. 366 */ 367 if (lmc) 368 remove_cntl(lml, lmco); 369 370 return (nlmp); 371 } 372 373 /* 374 * Return the entry point of the ELF executable. 375 */ 376 static ulong_t 377 elf_entry_pt(void) 378 { 379 return (ENTRY(lml_main.lm_head)); 380 } 381 382 /* 383 * Unmap a given ELF shared object from the address space. 384 */ 385 static void 386 elf_unmap_so(Rt_map *lmp) 387 { 388 caddr_t addr; 389 size_t size; 390 Mmap *mmaps; 391 392 /* 393 * If this link map represents a relocatable object concatenation, then 394 * the image was simply generated in allocated memory. Free the memory. 395 * 396 * Note: the memory was originally allocated in the libelf:_elf_outmap 397 * routine and would normally have been free'd in elf_outsync(), but 398 * because we 'interpose' on that routine the memory wasn't free'd at 399 * that time. 400 */ 401 if (FLAGS(lmp) & FLG_RT_IMGALLOC) { 402 free((void *)ADDR(lmp)); 403 return; 404 } 405 406 /* 407 * If padding was enabled via rtld_db, then we have at least one page 408 * in front of the image - and possibly a trailing page. 409 * Unmap the front page first: 410 */ 411 if (PADSTART(lmp) != ADDR(lmp)) { 412 addr = (caddr_t)M_PTRUNC(PADSTART(lmp)); 413 size = ADDR(lmp) - (ulong_t)addr; 414 (void) munmap(addr, size); 415 } 416 417 /* 418 * Unmap any trailing padding. 419 */ 420 if (M_PROUND((PADSTART(lmp) + PADIMLEN(lmp))) > 421 M_PROUND(ADDR(lmp) + MSIZE(lmp))) { 422 addr = (caddr_t)M_PROUND(ADDR(lmp) + MSIZE(lmp)); 423 size = M_PROUND(PADSTART(lmp) + PADIMLEN(lmp)) - (ulong_t)addr; 424 (void) munmap(addr, size); 425 } 426 427 /* 428 * Unmmap all mapped segments. 429 */ 430 for (mmaps = MMAPS(lmp); mmaps->m_vaddr; mmaps++) 431 (void) munmap(mmaps->m_vaddr, mmaps->m_msize); 432 } 433 434 /* 435 * Determine if a dependency requires a particular version and if so verify 436 * that the version exists in the dependency. 437 */ 438 static int 439 elf_verify_vers(const char *name, Rt_map *clmp, Rt_map *nlmp) 440 { 441 Verneed *vnd = VERNEED(clmp); 442 int _num, num = VERNEEDNUM(clmp); 443 char *cstrs = (char *)STRTAB(clmp); 444 Lm_list *lml = LIST(clmp); 445 446 /* 447 * Traverse the callers version needed information and determine if any 448 * specific versions are required from the dependency. 449 */ 450 DBG_CALL(Dbg_ver_need_title(LIST(clmp), NAME(clmp))); 451 for (_num = 1; _num <= num; _num++, 452 vnd = (Verneed *)((Xword)vnd + vnd->vn_next)) { 453 Half cnt = vnd->vn_cnt; 454 Vernaux *vnap; 455 char *nstrs, *need; 456 457 /* 458 * Determine if a needed entry matches this dependency. 459 */ 460 need = (char *)(cstrs + vnd->vn_file); 461 if (strcmp(name, need) != 0) 462 continue; 463 464 if ((lml->lm_flags & LML_FLG_TRC_VERBOSE) && 465 ((FLAGS1(clmp) & FL1_RT_LDDSTUB) == 0)) 466 (void) printf(MSG_INTL(MSG_LDD_VER_FIND), name); 467 468 /* 469 * Validate that each version required actually exists in the 470 * dependency. 471 */ 472 nstrs = (char *)STRTAB(nlmp); 473 474 for (vnap = (Vernaux *)((Xword)vnd + vnd->vn_aux); cnt; 475 cnt--, vnap = (Vernaux *)((Xword)vnap + vnap->vna_next)) { 476 char *version, *define; 477 Verdef *vdf = VERDEF(nlmp); 478 ulong_t _num, num = VERDEFNUM(nlmp); 479 int found = 0; 480 481 version = (char *)(cstrs + vnap->vna_name); 482 DBG_CALL(Dbg_ver_need_entry(lml, 0, need, version)); 483 484 for (_num = 1; _num <= num; _num++, 485 vdf = (Verdef *)((Xword)vdf + vdf->vd_next)) { 486 Verdaux *vdap; 487 488 if (vnap->vna_hash != vdf->vd_hash) 489 continue; 490 491 vdap = (Verdaux *)((Xword)vdf + vdf->vd_aux); 492 define = (char *)(nstrs + vdap->vda_name); 493 if (strcmp(version, define) != 0) 494 continue; 495 496 found++; 497 break; 498 } 499 500 /* 501 * If we're being traced print out any matched version 502 * when the verbose (-v) option is in effect. Always 503 * print any unmatched versions. 504 */ 505 if (lml->lm_flags & LML_FLG_TRC_ENABLE) { 506 if (found) { 507 if (!(lml->lm_flags & LML_FLG_TRC_VERBOSE)) 508 continue; 509 510 (void) printf(MSG_ORIG(MSG_LDD_VER_FOUND), 511 need, version, NAME(nlmp)); 512 } else { 513 if (rtld_flags & RT_FL_SILENCERR) 514 continue; 515 516 (void) printf(MSG_INTL(MSG_LDD_VER_NFOUND), 517 need, version); 518 } 519 continue; 520 } 521 522 /* 523 * If the version hasn't been found then this is a 524 * candidate for a fatal error condition. Weak 525 * version definition requirements are silently 526 * ignored. Also, if the image inspected for a version 527 * definition has no versioning recorded at all then 528 * silently ignore this (this provides better backward 529 * compatibility to old images created prior to 530 * versioning being available). Both of these skipped 531 * diagnostics are available under tracing (see above). 532 */ 533 if ((found == 0) && (num != 0) && 534 (!(vnap->vna_flags & VER_FLG_WEAK))) { 535 eprintf(lml, ERR_FATAL, 536 MSG_INTL(MSG_VER_NFOUND), need, version, 537 NAME(clmp)); 538 return (0); 539 } 540 } 541 } 542 DBG_CALL(Dbg_util_nl(lml, DBG_NL_STD)); 543 return (1); 544 } 545 546 /* 547 * Search through the dynamic section for DT_NEEDED entries and perform one 548 * of two functions. If only the first argument is specified then load the 549 * defined shared object, otherwise add the link map representing the defined 550 * link map the the dlopen list. 551 */ 552 static int 553 elf_needed(Lm_list *lml, Aliste lmco, Rt_map *clmp) 554 { 555 Dyn *dyn; 556 ulong_t ndx = 0; 557 uint_t lazy = 0, flags = 0; 558 Word lmflags = lml->lm_flags; 559 Word lmtflags = lml->lm_tflags; 560 561 /* 562 * Process each shared object on needed list. 563 */ 564 if (DYN(clmp) == 0) 565 return (1); 566 567 for (dyn = (Dyn *)DYN(clmp); dyn->d_tag != DT_NULL; dyn++, ndx++) { 568 Dyninfo *dip = &DYNINFO(clmp)[ndx]; 569 Rt_map *nlmp = 0; 570 char *name; 571 int silent = 0; 572 Pnode *pnp; 573 574 switch (dyn->d_tag) { 575 case DT_POSFLAG_1: 576 if ((dyn->d_un.d_val & DF_P1_LAZYLOAD) && 577 !(lmtflags & LML_TFLG_NOLAZYLD)) 578 lazy = 1; 579 if (dyn->d_un.d_val & DF_P1_GROUPPERM) 580 flags = (FLG_RT_SETGROUP | FLG_RT_HANDLE); 581 continue; 582 case DT_NEEDED: 583 case DT_USED: 584 dip->di_flags |= FLG_DI_NEEDED; 585 if (flags) 586 dip->di_flags |= FLG_DI_GROUP; 587 588 name = (char *)STRTAB(clmp) + dyn->d_un.d_val; 589 590 /* 591 * NOTE, libc.so.1 can't be lazy loaded. Although a 592 * lazy position flag won't be produced when a RTLDINFO 593 * .dynamic entry is found (introduced with the UPM in 594 * Solaris 10), it was possible to mark libc for lazy 595 * loading on previous releases. To reduce the overhead 596 * of testing for this occurrence, only carry out this 597 * check for the first object on the link-map list 598 * (there aren't many applications built without libc). 599 */ 600 if (lazy && (lml->lm_head == clmp) && 601 (strcmp(name, MSG_ORIG(MSG_FIL_LIBC)) == 0)) 602 lazy = 0; 603 604 /* 605 * Don't bring in lazy loaded objects yet unless we've 606 * been asked to attempt to load all available objects 607 * (crle(1) sets LD_FLAGS=loadavail). Even under 608 * RTLD_NOW we don't process this - RTLD_NOW will cause 609 * relocation processing which in turn might trigger 610 * lazy loading, but its possible that the object has a 611 * lazy loaded file with no bindings (i.e., it should 612 * never have been a dependency in the first place). 613 */ 614 if (lazy) { 615 if ((lmflags & LML_FLG_LOADAVAIL) == 0) { 616 LAZY(clmp)++; 617 lazy = flags = 0; 618 continue; 619 } 620 621 /* 622 * Silence any error messages - see description 623 * under elf_lookup_filtee(). 624 */ 625 if ((rtld_flags & RT_FL_SILENCERR) == 0) { 626 rtld_flags |= RT_FL_SILENCERR; 627 silent = 1; 628 } 629 } 630 break; 631 case DT_AUXILIARY: 632 dip->di_flags |= FLG_DI_AUXFLTR; 633 lazy = flags = 0; 634 continue; 635 case DT_SUNW_AUXILIARY: 636 dip->di_flags |= (FLG_DI_AUXFLTR | FLG_DI_SYMFLTR); 637 lazy = flags = 0; 638 continue; 639 case DT_FILTER: 640 dip->di_flags |= FLG_DI_STDFLTR; 641 lazy = flags = 0; 642 continue; 643 case DT_SUNW_FILTER: 644 dip->di_flags |= (FLG_DI_STDFLTR | FLG_DI_SYMFLTR); 645 lazy = flags = 0; 646 continue; 647 default: 648 lazy = flags = 0; 649 continue; 650 } 651 652 DBG_CALL(Dbg_file_needed(clmp, name)); 653 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 654 dip->di_flags |= FLG_DI_PROCESSD; 655 656 /* 657 * Establish the objects name, load it and establish a binding 658 * with the caller. 659 */ 660 if (((pnp = elf_fix_name(name, clmp, PN_SER_NEEDED)) == 0) || 661 ((nlmp = load_one(lml, lmco, pnp, clmp, MODE(clmp), 662 flags, 0)) == 0) || (bind_one(clmp, nlmp, BND_NEEDED) == 0)) 663 nlmp = 0; 664 665 /* 666 * Clean up any infrastructure, including the removal of the 667 * error suppression state, if it had been previously set in 668 * this routine. 669 */ 670 if (pnp) 671 remove_pnode(pnp); 672 if (silent) 673 rtld_flags &= ~RT_FL_SILENCERR; 674 lazy = flags = 0; 675 if ((dip->di_info = (void *)nlmp) == 0) { 676 /* 677 * If the object could not be mapped, continue if error 678 * suppression is established or we're here with ldd(1). 679 */ 680 if ((MODE(clmp) & RTLD_CONFGEN) || (lmflags & 681 (LML_FLG_LOADAVAIL | LML_FLG_TRC_ENABLE))) 682 continue; 683 else 684 return (0); 685 } 686 } 687 688 if (LAZY(clmp)) 689 lml->lm_lazy++; 690 691 return (1); 692 } 693 694 static int 695 elf_map_check(Lm_list *lml, const char *name, caddr_t vaddr, Off size) 696 { 697 prmap_t *maps, *_maps; 698 int pfd, num, _num; 699 caddr_t eaddr = vaddr + size; 700 int err; 701 702 /* 703 * If memory reservations have been established for alternative objects 704 * determine if this object falls within the reservation, if it does no 705 * further checking is required. 706 */ 707 if (rtld_flags & RT_FL_MEMRESV) { 708 Rtc_head *head = (Rtc_head *)config->c_bgn; 709 710 if ((vaddr >= (caddr_t)(uintptr_t)head->ch_resbgn) && 711 (eaddr <= (caddr_t)(uintptr_t)head->ch_resend)) 712 return (0); 713 } 714 715 /* 716 * Determine the mappings presently in use by this process. 717 */ 718 if ((pfd = pr_open(lml)) == FD_UNAVAIL) 719 return (1); 720 721 if (ioctl(pfd, PIOCNMAP, (void *)&num) == -1) { 722 err = errno; 723 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_PROC), name, 724 strerror(err)); 725 return (1); 726 } 727 728 if ((maps = malloc((num + 1) * sizeof (prmap_t))) == 0) 729 return (1); 730 731 if (ioctl(pfd, PIOCMAP, (void *)maps) == -1) { 732 err = errno; 733 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_PROC), name, 734 strerror(err)); 735 free(maps); 736 return (1); 737 } 738 739 /* 740 * Determine if the supplied address clashes with any of the present 741 * process mappings. 742 */ 743 for (_num = 0, _maps = maps; _num < num; _num++, _maps++) { 744 caddr_t _eaddr = _maps->pr_vaddr + _maps->pr_size; 745 Rt_map *lmp; 746 const char *str; 747 748 if ((eaddr < _maps->pr_vaddr) || (vaddr >= _eaddr)) 749 continue; 750 751 /* 752 * We have a memory clash. See if one of the known dynamic 753 * dependency mappings represents this space so as to provide 754 * the user a more meaningful message. 755 */ 756 if ((lmp = _caller(vaddr, 0)) != 0) 757 str = NAME(lmp); 758 else 759 str = MSG_INTL(MSG_STR_UNKNOWN); 760 761 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_MAPINUSE), name, 762 EC_NATPTR(vaddr), EC_OFF(size), str); 763 return (1); 764 } 765 free(maps); 766 return (0); 767 } 768 769 /* 770 * Obtain a memory reservation. On newer systems, both MAP_ANON and MAP_ALIGN 771 * are used to obtained an aligned reservation from anonymous memory. If 772 * MAP_ANON isn't available, then MAP_ALIGN isn't either, so obtain a standard 773 * reservation using the file as backing. 774 */ 775 static Am_ret 776 elf_map_reserve(Lm_list *lml, const char *name, caddr_t *maddr, Off msize, 777 int mperm, int fd, Xword align) 778 { 779 Am_ret amret; 780 int mflag = MAP_PRIVATE | MAP_NORESERVE; 781 782 #if defined(MAP_ALIGN) 783 if ((rtld_flags2 & RT_FL2_NOMALIGN) == 0) { 784 mflag |= MAP_ALIGN; 785 *maddr = (caddr_t)align; 786 } 787 #endif 788 if ((amret = anon_map(lml, maddr, msize, PROT_NONE, mflag)) == AM_ERROR) 789 return (amret); 790 791 if (amret == AM_OK) 792 return (AM_OK); 793 794 /* 795 * If an anonymous memory request failed (which should only be the 796 * case if it is unsupported on the system we're running on), establish 797 * the initial mapping directly from the file. 798 */ 799 *maddr = 0; 800 if ((*maddr = mmap(*maddr, msize, mperm, MAP_PRIVATE, 801 fd, 0)) == MAP_FAILED) { 802 int err = errno; 803 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_MMAP), name, 804 strerror(err)); 805 return (AM_ERROR); 806 } 807 return (AM_NOSUP); 808 } 809 810 static void * 811 elf_map_textdata(caddr_t addr, Off flen, int mperm, int phdr_mperm, int mflag, 812 int fd, Off foff) 813 { 814 #if defined(MAP_TEXT) && defined(MAP_INITDATA) 815 static int notd = 0; 816 817 /* 818 * If MAP_TEXT and MAP_INITDATA are available, select the appropriate 819 * flag. 820 */ 821 if (notd == 0) { 822 if ((phdr_mperm & (PROT_WRITE | PROT_EXEC)) == PROT_EXEC) 823 mflag |= MAP_TEXT; 824 else 825 mflag |= MAP_INITDATA; 826 } 827 #endif 828 if (mmap((caddr_t)addr, flen, mperm, mflag, fd, foff) != MAP_FAILED) 829 return (0); 830 831 #if defined(MAP_TEXT) && defined(MAP_INITDATA) 832 if ((notd == 0) && (errno == EINVAL)) { 833 /* 834 * MAP_TEXT and MAP_INITDATA may not be supported on this 835 * platform, try again without. 836 */ 837 notd = 1; 838 mflag &= ~(MAP_TEXT | MAP_INITDATA); 839 840 return (mmap((caddr_t)addr, flen, mperm, mflag, fd, foff)); 841 } 842 #endif 843 return (MAP_FAILED); 844 } 845 846 /* 847 * Map in a file. 848 */ 849 static caddr_t 850 elf_map_it( 851 Lm_list *lml, /* link-map list */ 852 const char *name, /* actual name stored for pathname */ 853 Off fsize, /* total mapping claim of the file */ 854 Ehdr *ehdr, /* ELF header of file */ 855 Phdr *fphdr, /* first loadable Phdr */ 856 Phdr *lphdr, /* last loadable Phdr */ 857 Phdr **rrphdr, /* return first Phdr in reservation */ 858 caddr_t *rraddr, /* return start of reservation */ 859 Off *rrsize, /* return total size of reservation */ 860 int fixed, /* image is resolved to a fixed addr */ 861 int fd, /* images file descriptor */ 862 Xword align, /* image segments maximum alignment */ 863 Mmap *mmaps, /* mmap information array and */ 864 uint_t *mmapcnt) /* mapping count */ 865 { 866 caddr_t raddr; /* reservation address */ 867 Off rsize; /* reservation size */ 868 Phdr *phdr; /* working program header poiner */ 869 caddr_t maddr; /* working mmap address */ 870 caddr_t faddr; /* working file address */ 871 size_t padsize; /* object padding requirement */ 872 size_t padpsize = 0; /* padding size rounded to next page */ 873 size_t padmsize = 0; /* padding size rounded for alignment */ 874 int skipfseg; /* skip mapping first segment */ 875 int mperm; /* segment permissions */ 876 Am_ret amret = AM_NOSUP; 877 878 /* 879 * If padding is required extend both the front and rear of the image. 880 * To insure the image itself is mapped at the correct alignment the 881 * initial padding is rounded up to the nearest page. Once the image is 882 * mapped the excess can be pruned to the nearest page required for the 883 * actual padding itself. 884 */ 885 if ((padsize = r_debug.rtd_objpad) != 0) { 886 padpsize = M_PROUND(padsize); 887 if (fixed) 888 padmsize = padpsize; 889 else 890 padmsize = S_ROUND(padsize, align); 891 } 892 893 /* 894 * Determine the initial permissions used to map in the first segment. 895 * If this segments memsz is greater that its filesz then the difference 896 * must be zeroed. Make sure this segment is writable. 897 */ 898 mperm = 0; 899 if (fphdr->p_flags & PF_R) 900 mperm |= PROT_READ; 901 if (fphdr->p_flags & PF_X) 902 mperm |= PROT_EXEC; 903 if ((fphdr->p_flags & PF_W) || (fphdr->p_memsz > fphdr->p_filesz)) 904 mperm |= PROT_WRITE; 905 906 /* 907 * Determine whether or not to let system reserve address space based on 908 * whether this is a dynamic executable (addresses in object are fixed) 909 * or a shared object (addresses in object are relative to the objects' 910 * base). 911 */ 912 if (fixed) { 913 /* 914 * Determine the reservation address and size, and insure that 915 * this reservation isn't already in use. 916 */ 917 faddr = maddr = (caddr_t)M_PTRUNC((ulong_t)fphdr->p_vaddr); 918 raddr = maddr - padpsize; 919 rsize = fsize + padpsize + padsize; 920 921 if (lml_main.lm_head) { 922 if (elf_map_check(lml, name, raddr, rsize) != 0) 923 return (0); 924 } 925 926 /* 927 * As this is a fixed image, all segments must be individually 928 * mapped. 929 */ 930 skipfseg = 0; 931 932 } else { 933 size_t esize; 934 935 /* 936 * If this isn't a fixed image, reserve enough address space for 937 * the entire image to be mapped. The amount of reservation is 938 * the range between the beginning of the first, and end of the 939 * last loadable segment, together with any padding, plus the 940 * alignment of the first segment. 941 * 942 * The optimal reservation is made as a no-reserve mapping from 943 * anonymous memory. Each segment is then mapped into this 944 * reservation. If the anonymous mapping capability isn't 945 * available, the reservation is obtained from the file itself. 946 * In this case the first segment of the image is mapped as part 947 * of the reservation, thus only the following segments need to 948 * be remapped. 949 */ 950 rsize = fsize + padmsize + padsize; 951 if ((amret = elf_map_reserve(lml, name, &raddr, rsize, mperm, 952 fd, align)) == AM_ERROR) 953 return (0); 954 maddr = raddr + padmsize; 955 faddr = (caddr_t)S_ROUND((Off)maddr, align); 956 957 /* 958 * If this reservation has been obtained from anonymous memory, 959 * then all segments must be individually mapped. Otherwise, 960 * the first segment heads the reservation. 961 */ 962 if (amret == AM_OK) 963 skipfseg = 0; 964 else 965 skipfseg = 1; 966 967 /* 968 * For backward compatibility (where MAP_ALIGN isn't available), 969 * insure the alignment of the reservation is adequate for this 970 * object, and if not remap the object to obtain the correct 971 * alignment. 972 */ 973 if (faddr != maddr) { 974 (void) munmap(raddr, rsize); 975 976 rsize += align; 977 if ((amret = elf_map_reserve(lml, name, &raddr, rsize, 978 mperm, fd, align)) == AM_ERROR) 979 return (0); 980 981 maddr = faddr = (caddr_t)S_ROUND((Off)(raddr + 982 padpsize), align); 983 984 esize = maddr - raddr + padpsize; 985 986 /* 987 * As ths image has been realigned, the first segment 988 * of the file needs to be remapped to its correct 989 * location. 990 */ 991 skipfseg = 0; 992 } else 993 esize = padmsize - padpsize; 994 995 /* 996 * If this reservation included padding, remove any excess for 997 * the start of the image (the padding was adjusted to insure 998 * the image was aligned appropriately). 999 */ 1000 if (esize) { 1001 (void) munmap(raddr, esize); 1002 raddr += esize; 1003 rsize -= esize; 1004 } 1005 } 1006 1007 /* 1008 * At this point we know the initial location of the image, and its 1009 * size. Pass these back to the caller for inclusion in the link-map 1010 * that will eventually be created. 1011 */ 1012 *rraddr = raddr; 1013 *rrsize = rsize; 1014 1015 /* 1016 * The first loadable segment is now pointed to by maddr. This segment 1017 * will eventually contain the elf header and program headers, so reset 1018 * the program header. Pass this back to the caller for inclusion in 1019 * the link-map so it can be used for later unmapping operations. 1020 */ 1021 /* LINTED */ 1022 *rrphdr = (Phdr *)((char *)maddr + ehdr->e_phoff); 1023 1024 /* 1025 * If padding is required at the front of the image, obtain that now. 1026 * Note, if we've already obtained a reservation from anonymous memory 1027 * then this reservation will already include suitable padding. 1028 * Otherwise this reservation is backed by the file, or in the case of 1029 * a fixed image, doesn't yet exist. Map the padding so that it is 1030 * suitably protected (PROT_NONE), and insure the first segment of the 1031 * file is mapped to its correct location. 1032 */ 1033 if (padsize) { 1034 if (amret == AM_NOSUP) { 1035 if (dz_map(lml, raddr, padpsize, PROT_NONE, 1036 (MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE)) == 1037 MAP_FAILED) 1038 return (0); 1039 1040 skipfseg = 0; 1041 } 1042 rsize -= padpsize; 1043 } 1044 1045 /* 1046 * Map individual segments. For a fixed image, these will each be 1047 * unique mappings. For a reservation these will fill in the 1048 * reservation. 1049 */ 1050 for (phdr = fphdr; phdr <= lphdr; 1051 phdr = (Phdr *)((Off)phdr + ehdr->e_phentsize)) { 1052 caddr_t addr; 1053 Off mlen, flen; 1054 size_t size; 1055 1056 /* 1057 * Skip non-loadable segments or segments that don't occupy 1058 * any memory. 1059 */ 1060 if (((phdr->p_type != PT_LOAD) && 1061 (phdr->p_type != PT_SUNWBSS)) || (phdr->p_memsz == 0)) 1062 continue; 1063 1064 /* 1065 * Establish this segments address relative to our base. 1066 */ 1067 addr = (caddr_t)M_PTRUNC((ulong_t)(phdr->p_vaddr + 1068 (fixed ? 0 : faddr))); 1069 1070 /* 1071 * Determine the mapping protection from the segment attributes. 1072 * Also determine the etext address from the last loadable 1073 * segment which has permissions but no write access. 1074 */ 1075 mperm = 0; 1076 if (phdr->p_flags) { 1077 if (phdr->p_flags & PF_R) 1078 mperm |= PROT_READ; 1079 if (phdr->p_flags & PF_X) 1080 mperm |= PROT_EXEC; 1081 if (phdr->p_flags & PF_W) 1082 mperm |= PROT_WRITE; 1083 else 1084 fmap->fm_etext = phdr->p_vaddr + phdr->p_memsz + 1085 (ulong_t)(fixed ? 0 : faddr); 1086 } 1087 1088 /* 1089 * Determine the type of mapping required. 1090 */ 1091 if (phdr->p_type == PT_SUNWBSS) { 1092 /* 1093 * Potentially, we can defer the loading of any SUNWBSS 1094 * segment, depending on whether the symbols it provides 1095 * have been bound to. In this manner, large segments 1096 * that are interposed upon between shared libraries 1097 * may not require mapping. Note, that the mapping 1098 * information is recorded in our mapping descriptor at 1099 * this time. 1100 */ 1101 mlen = phdr->p_memsz; 1102 flen = 0; 1103 1104 } else if ((phdr->p_filesz == 0) && (phdr->p_flags == 0)) { 1105 /* 1106 * If this segment has no backing file and no flags 1107 * specified, then it defines a reservation. At this 1108 * point all standard loadable segments will have been 1109 * processed. The segment reservation is mapped 1110 * directly from /dev/null. 1111 */ 1112 if (nu_map(lml, (caddr_t)addr, phdr->p_memsz, PROT_NONE, 1113 MAP_FIXED | MAP_PRIVATE) == MAP_FAILED) 1114 return (0); 1115 1116 mlen = phdr->p_memsz; 1117 flen = 0; 1118 1119 } else if (phdr->p_filesz == 0) { 1120 /* 1121 * If this segment has no backing file then it defines a 1122 * nobits segment and is mapped directly from /dev/zero. 1123 */ 1124 if (dz_map(lml, (caddr_t)addr, phdr->p_memsz, mperm, 1125 MAP_FIXED | MAP_PRIVATE) == MAP_FAILED) 1126 return (0); 1127 1128 mlen = phdr->p_memsz; 1129 flen = 0; 1130 1131 } else { 1132 Off foff; 1133 1134 /* 1135 * This mapping originates from the file. Determine the 1136 * file offset to which the mapping will be directed 1137 * (must be aligned) and how much to map (might be more 1138 * than the file in the case of .bss). 1139 */ 1140 foff = M_PTRUNC((ulong_t)phdr->p_offset); 1141 mlen = phdr->p_memsz + (phdr->p_offset - foff); 1142 flen = phdr->p_filesz + (phdr->p_offset - foff); 1143 1144 /* 1145 * If this is a non-fixed, non-anonymous mapping, and no 1146 * padding is involved, then the first loadable segment 1147 * is already part of the initial reservation. In this 1148 * case there is no need to remap this segment. 1149 */ 1150 if ((skipfseg == 0) || (phdr != fphdr)) { 1151 int phdr_mperm = mperm; 1152 /* 1153 * If this segments memsz is greater that its 1154 * filesz then the difference must be zeroed. 1155 * Make sure this segment is writable. 1156 */ 1157 if (phdr->p_memsz > phdr->p_filesz) 1158 mperm |= PROT_WRITE; 1159 1160 if (elf_map_textdata((caddr_t)addr, flen, 1161 mperm, phdr_mperm, 1162 (MAP_FIXED | MAP_PRIVATE), fd, foff) == 1163 MAP_FAILED) { 1164 int err = errno; 1165 eprintf(lml, ERR_FATAL, 1166 MSG_INTL(MSG_SYS_MMAP), name, 1167 strerror(err)); 1168 return (0); 1169 } 1170 } 1171 1172 /* 1173 * If the memory occupancy of the segment overflows the 1174 * definition in the file, we need to "zero out" the end 1175 * of the mapping we've established, and if necessary, 1176 * map some more space from /dev/zero. Note, zero'ed 1177 * memory must end on a double word boundary to satisfy 1178 * zero(). 1179 */ 1180 if (phdr->p_memsz > phdr->p_filesz) { 1181 caddr_t zaddr; 1182 size_t zlen, zplen; 1183 Off fend; 1184 1185 foff = (Off)(phdr->p_vaddr + phdr->p_filesz + 1186 (fixed ? 0 : faddr)); 1187 zaddr = (caddr_t)M_PROUND(foff); 1188 zplen = (size_t)(zaddr - foff); 1189 1190 fend = (Off)S_DROUND((size_t)(phdr->p_vaddr + 1191 phdr->p_memsz + (fixed ? 0 : faddr))); 1192 zlen = (size_t)(fend - foff); 1193 1194 /* 1195 * Determine whether the number of bytes that 1196 * must be zero'ed overflow to the next page. 1197 * If not, simply clear the exact bytes 1198 * (filesz to memsz) from this page. Otherwise, 1199 * clear the remaining bytes of this page, and 1200 * map an following pages from /dev/zero. 1201 */ 1202 if (zlen < zplen) 1203 zero((caddr_t)foff, (long)zlen); 1204 else { 1205 zero((caddr_t)foff, (long)zplen); 1206 1207 if ((zlen = (fend - (Off)zaddr)) > 0) { 1208 if (dz_map(lml, zaddr, zlen, 1209 mperm, 1210 MAP_FIXED | MAP_PRIVATE) == 1211 MAP_FAILED) 1212 return (0); 1213 } 1214 } 1215 } 1216 } 1217 1218 /* 1219 * Unmap anything from the last mapping address to this one and 1220 * update the mapping claim pointer. 1221 */ 1222 if ((fixed == 0) && ((size = addr - maddr) != 0)) { 1223 (void) munmap(maddr, size); 1224 rsize -= size; 1225 } 1226 1227 /* 1228 * Retain this segments mapping information. 1229 */ 1230 mmaps[*mmapcnt].m_vaddr = addr; 1231 mmaps[*mmapcnt].m_msize = mlen; 1232 mmaps[*mmapcnt].m_fsize = flen; 1233 mmaps[*mmapcnt].m_perm = mperm; 1234 (*mmapcnt)++; 1235 1236 maddr = addr + M_PROUND(mlen); 1237 rsize -= M_PROUND(mlen); 1238 } 1239 1240 /* 1241 * If padding is required at the end of the image, obtain that now. 1242 * Note, if we've already obtained a reservation from anonymous memory 1243 * then this reservation will already include suitable padding. 1244 */ 1245 if (padsize) { 1246 if (amret == AM_NOSUP) { 1247 /* 1248 * maddr is currently page aligned from the last segment 1249 * mapping. 1250 */ 1251 if (dz_map(lml, maddr, padsize, PROT_NONE, 1252 (MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE)) == 1253 MAP_FAILED) 1254 return (0); 1255 } 1256 maddr += padsize; 1257 rsize -= padsize; 1258 } 1259 1260 /* 1261 * Unmap any final reservation. 1262 */ 1263 if ((fixed == 0) && (rsize != 0)) 1264 (void) munmap(maddr, rsize); 1265 1266 return (faddr); 1267 } 1268 1269 /* 1270 * A null symbol interpretor. Used if a filter has no associated filtees. 1271 */ 1272 /* ARGSUSED0 */ 1273 static Sym * 1274 elf_null_find_sym(Slookup *slp, Rt_map **dlmp, uint_t *binfo) 1275 { 1276 return ((Sym *)0); 1277 } 1278 1279 /* 1280 * Disable filtee use. 1281 */ 1282 static void 1283 elf_disable_filtee(Rt_map *lmp, Dyninfo *dip) 1284 { 1285 dip->di_info = 0; 1286 1287 if ((dip->di_flags & FLG_DI_SYMFLTR) == 0) { 1288 /* 1289 * If this is an object filter, free the filtee's duplication. 1290 */ 1291 if (OBJFLTRNDX(lmp) != FLTR_DISABLED) { 1292 free(REFNAME(lmp)); 1293 REFNAME(lmp) = (char *)0; 1294 OBJFLTRNDX(lmp) = FLTR_DISABLED; 1295 1296 /* 1297 * Indicate that this filtee is no longer available. 1298 */ 1299 if (dip->di_flags & FLG_DI_STDFLTR) 1300 SYMINTP(lmp) = elf_null_find_sym; 1301 1302 } 1303 } else if (dip->di_flags & FLG_DI_STDFLTR) { 1304 /* 1305 * Indicate that this standard filtee is no longer available. 1306 */ 1307 if (SYMSFLTRCNT(lmp)) 1308 SYMSFLTRCNT(lmp)--; 1309 } else { 1310 /* 1311 * Indicate that this auxiliary filtee is no longer available. 1312 */ 1313 if (SYMAFLTRCNT(lmp)) 1314 SYMAFLTRCNT(lmp)--; 1315 } 1316 dip->di_flags &= ~MSK_DI_FILTER; 1317 } 1318 1319 /* 1320 * Find symbol interpreter - filters. 1321 * This function is called when the symbols from a shared object should 1322 * be resolved from the shared objects filtees instead of from within itself. 1323 * 1324 * A symbol name of 0 is used to trigger filtee loading. 1325 */ 1326 static Sym * 1327 _elf_lookup_filtee(Slookup *slp, Rt_map **dlmp, uint_t *binfo, uint_t ndx) 1328 { 1329 const char *name = slp->sl_name, *filtees; 1330 Rt_map *clmp = slp->sl_cmap; 1331 Rt_map *ilmp = slp->sl_imap; 1332 Pnode *pnp, **pnpp; 1333 int any; 1334 Dyninfo *dip = &DYNINFO(ilmp)[ndx]; 1335 Lm_list *lml = LIST(ilmp); 1336 1337 /* 1338 * Indicate that the filter has been used. If a binding already exists 1339 * to the caller, indicate that this object is referenced. This insures 1340 * we don't generate false unreferenced diagnostics from ldd -u/U or 1341 * debugging. Don't create a binding regardless, as this filter may 1342 * have been dlopen()'ed. 1343 */ 1344 if (name && (ilmp != clmp)) { 1345 Word tracing = (LIST(clmp)->lm_flags & 1346 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)); 1347 1348 if (tracing || DBG_ENABLED) { 1349 Bnd_desc ** bdpp; 1350 Aliste off; 1351 1352 FLAGS1(ilmp) |= FL1_RT_USED; 1353 1354 if ((tracing & LML_FLG_TRC_UNREF) || DBG_ENABLED) { 1355 for (ALIST_TRAVERSE(CALLERS(ilmp), off, bdpp)) { 1356 Bnd_desc * bdp = *bdpp; 1357 1358 if (bdp->b_caller == clmp) { 1359 bdp->b_flags |= BND_REFER; 1360 break; 1361 } 1362 } 1363 } 1364 } 1365 } 1366 1367 /* 1368 * If this is the first call to process this filter, establish the 1369 * filtee list. If a configuration file exists, determine if any 1370 * filtee associations for this filter, and its filtee reference, are 1371 * defined. Otherwise, process the filtee reference. Any token 1372 * expansion is also completed at this point (i.e., $PLATFORM). 1373 */ 1374 filtees = (char *)STRTAB(ilmp) + DYN(ilmp)[ndx].d_un.d_val; 1375 if (dip->di_info == 0) { 1376 if (rtld_flags2 & RT_FL2_FLTCFG) 1377 dip->di_info = elf_config_flt(lml, PATHNAME(ilmp), 1378 filtees); 1379 1380 if (dip->di_info == 0) { 1381 DBG_CALL(Dbg_file_filter(lml, NAME(ilmp), filtees, 0)); 1382 if ((lml->lm_flags & 1383 (LML_FLG_TRC_VERBOSE | LML_FLG_TRC_SEARCH)) && 1384 ((FLAGS1(ilmp) & FL1_RT_LDDSTUB) == 0)) 1385 (void) printf(MSG_INTL(MSG_LDD_FIL_FILTER), 1386 NAME(ilmp), filtees); 1387 1388 if ((dip->di_info = (void *)expand_paths(ilmp, 1389 filtees, PN_SER_FILTEE, 0)) == 0) { 1390 elf_disable_filtee(ilmp, dip); 1391 return ((Sym *)0); 1392 } 1393 } 1394 } 1395 1396 /* 1397 * Traverse the filtee list, dlopen()'ing any objects specified and 1398 * using their group handle to lookup the symbol. 1399 */ 1400 for (any = 0, pnpp = (Pnode **)&(dip->di_info), pnp = *pnpp; pnp; 1401 pnpp = &pnp->p_next, pnp = *pnpp) { 1402 int mode; 1403 Grp_hdl *ghp; 1404 Rt_map *nlmp = 0; 1405 1406 if (pnp->p_len == 0) 1407 continue; 1408 1409 /* 1410 * Establish the mode of the filtee from the filter. As filtees 1411 * are loaded via a dlopen(), make sure that RTLD_GROUP is set 1412 * and the filtees aren't global. It would be nice to have 1413 * RTLD_FIRST used here also, but as filters got out long before 1414 * RTLD_FIRST was introduced it's a little too late now. 1415 */ 1416 mode = MODE(ilmp) | RTLD_GROUP; 1417 mode &= ~RTLD_GLOBAL; 1418 1419 /* 1420 * Insure that any auxiliary filter can locate symbols from its 1421 * caller. 1422 */ 1423 if (dip->di_flags & FLG_DI_AUXFLTR) 1424 mode |= RTLD_PARENT; 1425 1426 /* 1427 * Process any hardware capability directory. Establish a new 1428 * link-map control list from which to analyze any newly added 1429 * objects. 1430 */ 1431 if ((pnp->p_info == 0) && (pnp->p_orig & PN_TKN_HWCAP)) { 1432 Lm_cntl *lmc; 1433 Aliste lmco; 1434 1435 if (FLAGS(lml->lm_head) & FLG_RT_RELOCED) { 1436 if ((lmc = alist_append(&(lml->lm_lists), 0, 1437 sizeof (Lm_cntl), AL_CNT_LMLISTS)) == 0) 1438 return ((Sym *)0); 1439 lmco = (Aliste)((char *)lmc - 1440 (char *)lml->lm_lists); 1441 } else { 1442 lmc = 0; 1443 lmco = ALO_DATA; 1444 } 1445 1446 pnp = hwcap_filtees(pnpp, lmco, lmc, dip, ilmp, filtees, 1447 mode, (FLG_RT_HANDLE | FLG_RT_HWCAP)); 1448 1449 /* 1450 * Now that any hardware capability objects have been 1451 * processed, remove any link-map control list. 1452 */ 1453 if (lmc) 1454 remove_cntl(lml, lmco); 1455 } 1456 1457 if (pnp->p_len == 0) 1458 continue; 1459 1460 /* 1461 * Process an individual filtee. 1462 */ 1463 if (pnp->p_info == 0) { 1464 const char *filtee = pnp->p_name; 1465 int audit = 0; 1466 1467 DBG_CALL(Dbg_file_filtee(lml, NAME(ilmp), filtee, 0)); 1468 1469 ghp = 0; 1470 1471 /* 1472 * Determine if the reference link map is already 1473 * loaded. As an optimization compare the filtee with 1474 * our interpretor. The most common filter is 1475 * libdl.so.1, which is a filter on ld.so.1. 1476 */ 1477 #if defined(_ELF64) 1478 if (strcmp(filtee, MSG_ORIG(MSG_PTH_RTLD_64)) == 0) { 1479 #else 1480 if (strcmp(filtee, MSG_ORIG(MSG_PTH_RTLD)) == 0) { 1481 #endif 1482 /* 1483 * Create an association between ld.so.1 and 1484 * the filter. 1485 */ 1486 nlmp = lml_rtld.lm_head; 1487 if ((ghp = hdl_create(&lml_rtld, nlmp, ilmp, 1488 (GPH_LDSO | GPH_FIRST | GPH_FILTEE))) == 0) 1489 nlmp = 0; 1490 1491 /* 1492 * Establish the filter handle to prevent any 1493 * recursion. 1494 */ 1495 if (nlmp && ghp) 1496 pnp->p_info = (void *)ghp; 1497 1498 /* 1499 * Audit the filter/filtee established. Ignore 1500 * any return from the auditor, as we can't 1501 * allow ignore filtering to ld.so.1, otherwise 1502 * nothing is going to work. 1503 */ 1504 if (nlmp && ((lml->lm_tflags | FLAGS1(ilmp)) & 1505 LML_TFLG_AUD_OBJFILTER)) 1506 (void) audit_objfilter(ilmp, filtees, 1507 nlmp, 0); 1508 1509 } else { 1510 Rej_desc rej = { 0 }; 1511 Lm_cntl *lmc; 1512 Aliste lmco; 1513 1514 /* 1515 * Establish a new link-map control list from 1516 * which to analyze any newly added objects. 1517 */ 1518 if (FLAGS(lml->lm_head) & FLG_RT_RELOCED) { 1519 if ((lmc = 1520 alist_append(&(lml->lm_lists), 0, 1521 sizeof (Lm_cntl), 1522 AL_CNT_LMLISTS)) == 0) 1523 return ((Sym *)0); 1524 lmco = (Aliste)((char *)lmc - 1525 (char *)lml->lm_lists); 1526 } else { 1527 lmc = 0; 1528 lmco = ALO_DATA; 1529 } 1530 1531 /* 1532 * Load the filtee. 1533 */ 1534 if ((nlmp = load_path(lml, lmco, filtee, ilmp, 1535 mode, FLG_RT_HANDLE, &ghp, 0, &rej)) == 0) { 1536 file_notfound(LIST(ilmp), filtee, ilmp, 1537 FLG_RT_HANDLE, &rej); 1538 remove_rej(&rej); 1539 } 1540 1541 /* 1542 * Establish the filter handle to prevent any 1543 * recursion. 1544 */ 1545 if (nlmp && ghp) { 1546 ghp->gh_flags |= GPH_FILTEE; 1547 pnp->p_info = (void *)ghp; 1548 } 1549 1550 /* 1551 * Audit the filter/filtee established. A 1552 * return of 0 indicates the auditor wishes to 1553 * ignore this filtee. 1554 */ 1555 if (nlmp && ((lml->lm_tflags | FLAGS1(ilmp)) & 1556 LML_TFLG_AUD_OBJFILTER)) { 1557 if (audit_objfilter(ilmp, filtees, 1558 nlmp, 0) == 0) { 1559 audit = 1; 1560 nlmp = 0; 1561 } 1562 } 1563 1564 /* 1565 * Finish processing the objects associated with 1566 * this request. Create an association between 1567 * this object and the originating filter to 1568 * provide sufficient information to tear down 1569 * this filtee if necessary. 1570 */ 1571 if (nlmp && ghp && 1572 ((analyze_lmc(lml, lmco, nlmp) == 0) || 1573 (relocate_lmc(lml, lmco, ilmp, nlmp) == 0))) 1574 nlmp = 0; 1575 1576 /* 1577 * If the filtee has been successfully 1578 * processed, then create an association 1579 * between the filter and filtee. This 1580 * association provides sufficient information 1581 * to tear down the filter and filtee if 1582 * necessary. 1583 */ 1584 DBG_CALL(Dbg_file_hdl_title(DBG_DEP_ADD)); 1585 if (nlmp && ghp && 1586 (hdl_add(ghp, ilmp, GPD_FILTER) == 0)) 1587 nlmp = 0; 1588 1589 /* 1590 * If this filtee loading has failed, and we've 1591 * created a new link-map control list to which 1592 * this request has added objects, then remove 1593 * all the objects that have been associated to 1594 * this request. 1595 */ 1596 if ((nlmp == 0) && lmc && lmc->lc_head) 1597 remove_lmc(lml, clmp, lmc, lmco, name); 1598 1599 /* 1600 * Remove any link-map control list that was 1601 * created. 1602 */ 1603 if (lmc) 1604 remove_cntl(lml, lmco); 1605 } 1606 1607 /* 1608 * Generate a diagnostic if the filtee couldn't be 1609 * loaded, null out the pnode entry, and continue 1610 * the search. Otherwise, retain this group handle 1611 * for future symbol searches. 1612 */ 1613 if (nlmp == 0) { 1614 DBG_CALL(Dbg_file_filtee(lml, 0, filtee, 1615 audit)); 1616 1617 pnp->p_info = 0; 1618 pnp->p_len = 0; 1619 continue; 1620 } 1621 } 1622 1623 ghp = (Grp_hdl *)pnp->p_info; 1624 1625 /* 1626 * If we're just here to trigger filtee loading skip the symbol 1627 * lookup so we'll continue looking for additional filtees. 1628 */ 1629 if (name) { 1630 Grp_desc *gdp; 1631 Sym *sym = 0; 1632 Aliste off; 1633 Slookup sl = *slp; 1634 1635 sl.sl_flags |= LKUP_FIRST; 1636 any++; 1637 1638 /* 1639 * Look for the symbol in the handles dependencies. 1640 */ 1641 for (ALIST_TRAVERSE(ghp->gh_depends, off, gdp)) { 1642 if ((gdp->gd_flags & GPD_AVAIL) == 0) 1643 continue; 1644 1645 /* 1646 * If our parent is a dependency don't look at 1647 * it (otherwise we are in a recursive loop). 1648 * This situation can occur with auxiliary 1649 * filters if the filtee has a dependency on the 1650 * filter. This dependency isn't necessary as 1651 * auxiliary filters are opened RTLD_PARENT, but 1652 * users may still unknowingly add an explicit 1653 * dependency to the parent. 1654 */ 1655 if ((sl.sl_imap = gdp->gd_depend) == ilmp) 1656 continue; 1657 1658 if (((sym = SYMINTP(sl.sl_imap)(&sl, dlmp, 1659 binfo)) != 0) || 1660 (ghp->gh_flags & GPH_FIRST)) 1661 break; 1662 } 1663 1664 /* 1665 * If a symbol has been found, indicate the binding 1666 * and return the symbol. 1667 */ 1668 if (sym) { 1669 *binfo |= DBG_BINFO_FILTEE; 1670 return (sym); 1671 } 1672 } 1673 1674 /* 1675 * If this object is tagged to terminate filtee processing we're 1676 * done. 1677 */ 1678 if (FLAGS1(ghp->gh_ownlmp) & FL1_RT_ENDFILTE) 1679 break; 1680 } 1681 1682 /* 1683 * If we're just here to trigger filtee loading then we're done. 1684 */ 1685 if (name == 0) 1686 return ((Sym *)0); 1687 1688 /* 1689 * If no filtees have been found for a filter, clean up any Pnode 1690 * structures and disable their search completely. For auxiliary 1691 * filters we can reselect the symbol search function so that we never 1692 * enter this routine again for this object. For standard filters we 1693 * use the null symbol routine. 1694 */ 1695 if (any == 0) { 1696 remove_pnode((Pnode *)dip->di_info); 1697 elf_disable_filtee(ilmp, dip); 1698 return ((Sym *)0); 1699 } 1700 1701 return ((Sym *)0); 1702 } 1703 1704 /* 1705 * Focal point for disabling error messages for auxiliary filters. As an 1706 * auxiliary filter allows for filtee use, but provides a fallback should a 1707 * filtee not exist (or fail to load), any errors generated as a consequence of 1708 * trying to load the filtees are typically suppressed. Setting RT_FL_SILENCERR 1709 * suppresses errors generated by eprint(), but insures a debug diagnostic is 1710 * produced. ldd(1) employs printf(), and here, the selection of whether to 1711 * print a diagnostic in regards to auxiliary filters is a little more complex. 1712 * 1713 * . The determination of whether to produce an ldd message, or a fatal 1714 * error message is driven by LML_FLG_TRC_ENABLE. 1715 * . More detailed ldd messages may also be driven off of LML_FLG_TRC_WARN, 1716 * (ldd -d/-r), LML_FLG_TRC_VERBOSE (ldd -v), LML_FLG_TRC_SEARCH (ldd -s), 1717 * and LML_FLG_TRC_UNREF/LML_FLG_TRC_UNUSED (ldd -U/-u). 1718 * 1719 * . If the calling object is lddstub, then several classes of message are 1720 * suppressed. The user isn't trying to diagnose lddstub, this is simply 1721 * a stub executable employed to preload a user specified library against. 1722 * 1723 * . If RT_FL_SILENCERR is in effect then any generic ldd() messages should 1724 * be suppressed. All detailed ldd messages should still be produced. 1725 */ 1726 Sym * 1727 elf_lookup_filtee(Slookup *slp, Rt_map **dlmp, uint_t *binfo, uint_t ndx) 1728 { 1729 Sym *sym; 1730 Dyninfo *dip = &DYNINFO(slp->sl_imap)[ndx]; 1731 int silent = 0; 1732 1733 /* 1734 * Make sure this entry is still acting as a filter. We may have tried 1735 * to process this previously, and disabled it if the filtee couldn't 1736 * be processed. However, other entries may provide different filtees 1737 * that are yet to be completed. 1738 */ 1739 if (dip->di_flags == 0) 1740 return ((Sym *)0); 1741 1742 /* 1743 * Indicate whether an error message is required should this filtee not 1744 * be found, based on the type of filter. 1745 */ 1746 if ((dip->di_flags & FLG_DI_AUXFLTR) && 1747 ((rtld_flags & (RT_FL_WARNFLTR | RT_FL_SILENCERR)) == 0)) { 1748 rtld_flags |= RT_FL_SILENCERR; 1749 silent = 1; 1750 } 1751 1752 sym = _elf_lookup_filtee(slp, dlmp, binfo, ndx); 1753 1754 if (silent) 1755 rtld_flags &= ~RT_FL_SILENCERR; 1756 1757 return (sym); 1758 } 1759 1760 /* 1761 * Compute the elf hash value (as defined in the ELF access library). 1762 * The form of the hash table is: 1763 * 1764 * |--------------| 1765 * | # of buckets | 1766 * |--------------| 1767 * | # of chains | 1768 * |--------------| 1769 * | bucket[] | 1770 * |--------------| 1771 * | chain[] | 1772 * |--------------| 1773 */ 1774 ulong_t 1775 elf_hash(const char *name) 1776 { 1777 uint_t hval = 0; 1778 1779 while (*name) { 1780 uint_t g; 1781 hval = (hval << 4) + *name++; 1782 if ((g = (hval & 0xf0000000)) != 0) 1783 hval ^= g >> 24; 1784 hval &= ~g; 1785 } 1786 return ((ulong_t)hval); 1787 } 1788 1789 /* 1790 * If flag argument has LKUP_SPEC set, we treat undefined symbols of type 1791 * function specially in the executable - if they have a value, even though 1792 * undefined, we use that value. This allows us to associate all references 1793 * to a function's address to a single place in the process: the plt entry 1794 * for that function in the executable. Calls to lookup from plt binding 1795 * routines do NOT set LKUP_SPEC in the flag. 1796 */ 1797 Sym * 1798 elf_find_sym(Slookup *slp, Rt_map **dlmp, uint_t *binfo) 1799 { 1800 const char *name = slp->sl_name; 1801 Rt_map *ilmp = slp->sl_imap; 1802 ulong_t hash = slp->sl_hash; 1803 uint_t ndx, htmp, buckets, *chainptr; 1804 Sym *sym, *symtabptr; 1805 char *strtabptr, *strtabname; 1806 uint_t flags1; 1807 Syminfo *sip; 1808 1809 /* 1810 * If we're only here to establish a symbols index, skip the diagnostic 1811 * used to trace a symbol search. 1812 */ 1813 if ((slp->sl_flags & LKUP_SYMNDX) == 0) 1814 DBG_CALL(Dbg_syms_lookup(ilmp, name, MSG_ORIG(MSG_STR_ELF))); 1815 1816 if (HASH(ilmp) == 0) 1817 return ((Sym *)0); 1818 1819 buckets = HASH(ilmp)[0]; 1820 /* LINTED */ 1821 htmp = (uint_t)hash % buckets; 1822 1823 /* 1824 * Get the first symbol on hash chain and initialize the string 1825 * and symbol table pointers. 1826 */ 1827 if ((ndx = HASH(ilmp)[htmp + 2]) == 0) 1828 return ((Sym *)0); 1829 1830 chainptr = HASH(ilmp) + 2 + buckets; 1831 strtabptr = STRTAB(ilmp); 1832 symtabptr = SYMTAB(ilmp); 1833 1834 while (ndx) { 1835 sym = symtabptr + ndx; 1836 strtabname = strtabptr + sym->st_name; 1837 1838 /* 1839 * Compare the symbol found with the name required. If the 1840 * names don't match continue with the next hash entry. 1841 */ 1842 if ((*strtabname++ != *name) || strcmp(strtabname, &name[1])) { 1843 if ((ndx = chainptr[ndx]) != 0) 1844 continue; 1845 return ((Sym *)0); 1846 } 1847 1848 /* 1849 * If we're only here to establish a symbols index, we're done. 1850 */ 1851 if (slp->sl_flags & LKUP_SYMNDX) 1852 return (sym); 1853 1854 /* 1855 * If we find a match and the symbol is defined, return the 1856 * symbol pointer and the link map in which it was found. 1857 */ 1858 if (sym->st_shndx != SHN_UNDEF) { 1859 *dlmp = ilmp; 1860 *binfo |= DBG_BINFO_FOUND; 1861 if ((FLAGS(ilmp) & FLG_RT_OBJINTPO) || 1862 ((FLAGS(ilmp) & FLG_RT_SYMINTPO) && 1863 is_sym_interposer(ilmp, sym))) 1864 *binfo |= DBG_BINFO_INTERPOSE; 1865 break; 1866 1867 /* 1868 * If we find a match and the symbol is undefined, the 1869 * symbol type is a function, and the value of the symbol 1870 * is non zero, then this is a special case. This allows 1871 * the resolution of a function address to the plt[] entry. 1872 * See SPARC ABI, Dynamic Linking, Function Addresses for 1873 * more details. 1874 */ 1875 } else if ((slp->sl_flags & LKUP_SPEC) && 1876 (FLAGS(ilmp) & FLG_RT_ISMAIN) && (sym->st_value != 0) && 1877 (ELF_ST_TYPE(sym->st_info) == STT_FUNC)) { 1878 *dlmp = ilmp; 1879 *binfo |= (DBG_BINFO_FOUND | DBG_BINFO_PLTADDR); 1880 if ((FLAGS(ilmp) & FLG_RT_OBJINTPO) || 1881 ((FLAGS(ilmp) & FLG_RT_SYMINTPO) && 1882 is_sym_interposer(ilmp, sym))) 1883 *binfo |= DBG_BINFO_INTERPOSE; 1884 return (sym); 1885 } 1886 1887 /* 1888 * Undefined symbol. 1889 */ 1890 return ((Sym *)0); 1891 } 1892 1893 /* 1894 * We've found a match. Determine if the defining object contains 1895 * symbol binding information. 1896 */ 1897 if ((sip = SYMINFO(ilmp)) != 0) 1898 sip += ndx; 1899 1900 /* 1901 * If this is a direct binding request, but the symbol definition has 1902 * disabled directly binding to it (presumably because the symbol 1903 * definition has been changed since the referring object was built), 1904 * indicate this failure so that the caller can fall back to a standard 1905 * symbol search. Clear any debug binding information for cleanliness. 1906 */ 1907 if (sip && (slp->sl_flags & LKUP_DIRECT) && 1908 (sip->si_flags & SYMINFO_FLG_NOEXTDIRECT)) { 1909 *binfo |= BINFO_DIRECTDIS; 1910 *binfo &= ~DBG_BINFO_MSK; 1911 return ((Sym *)0); 1912 } 1913 1914 /* 1915 * Determine whether this object is acting as a filter. 1916 */ 1917 if (((flags1 = FLAGS1(ilmp)) & MSK_RT_FILTER) == 0) 1918 return (sym); 1919 1920 /* 1921 * Determine if this object offers per-symbol filtering, and if so, 1922 * whether this symbol references a filtee. 1923 */ 1924 if (sip && (flags1 & (FL1_RT_SYMSFLTR | FL1_RT_SYMAFLTR))) { 1925 /* 1926 * If this is a standard filter reference, and no standard 1927 * filtees remain to be inspected, we're done. If this is an 1928 * auxiliary filter reference, and no auxiliary filtees remain, 1929 * we'll fall through in case any object filtering is available. 1930 */ 1931 if ((sip->si_flags & SYMINFO_FLG_FILTER) && 1932 (SYMSFLTRCNT(ilmp) == 0)) 1933 return ((Sym *)0); 1934 1935 if ((sip->si_flags & SYMINFO_FLG_FILTER) || 1936 ((sip->si_flags & SYMINFO_FLG_AUXILIARY) && 1937 SYMAFLTRCNT(ilmp))) { 1938 Sym * fsym; 1939 1940 /* 1941 * This symbol has an associated filtee. Lookup the 1942 * symbol in the filtee, and if it is found return it. 1943 * If the symbol doesn't exist, and this is a standard 1944 * filter, return an error, otherwise fall through to 1945 * catch any object filtering that may be available. 1946 */ 1947 if ((fsym = elf_lookup_filtee(slp, dlmp, binfo, 1948 sip->si_boundto)) != 0) 1949 return (fsym); 1950 if (sip->si_flags & SYMINFO_FLG_FILTER) 1951 return ((Sym *)0); 1952 } 1953 } 1954 1955 /* 1956 * Determine if this object provides global filtering. 1957 */ 1958 if (flags1 & (FL1_RT_OBJSFLTR | FL1_RT_OBJAFLTR)) { 1959 Sym * fsym; 1960 1961 if (OBJFLTRNDX(ilmp) != FLTR_DISABLED) { 1962 /* 1963 * This object has an associated filtee. Lookup the 1964 * symbol in the filtee, and if it is found return it. 1965 * If the symbol doesn't exist, and this is a standard 1966 * filter, return and error, otherwise return the symbol 1967 * within the filter itself. 1968 */ 1969 if ((fsym = elf_lookup_filtee(slp, dlmp, binfo, 1970 OBJFLTRNDX(ilmp))) != 0) 1971 return (fsym); 1972 } 1973 1974 if (flags1 & FL1_RT_OBJSFLTR) 1975 return ((Sym *)0); 1976 } 1977 return (sym); 1978 } 1979 1980 /* 1981 * Create a new Rt_map structure for an ELF object and initialize 1982 * all values. 1983 */ 1984 Rt_map * 1985 elf_new_lm(Lm_list *lml, const char *pname, const char *oname, Dyn *ld, 1986 ulong_t addr, ulong_t etext, Aliste lmco, ulong_t msize, ulong_t entry, 1987 ulong_t paddr, ulong_t padimsize, Mmap *mmaps, uint_t mmapcnt) 1988 { 1989 Rt_map *lmp; 1990 ulong_t base, fltr = 0, audit = 0, cfile = 0, crle = 0; 1991 Xword rpath = 0; 1992 Ehdr *ehdr = (Ehdr *)addr; 1993 1994 DBG_CALL(Dbg_file_elf(lml, pname, (ulong_t)ld, addr, msize, entry, 1995 lml->lm_lmidstr, lmco)); 1996 1997 /* 1998 * Allocate space for the link-map and private elf information. Once 1999 * these are allocated and initialized, we can use remove_so(0, lmp) to 2000 * tear down the link-map should any failures occur. 2001 */ 2002 if ((lmp = calloc(sizeof (Rt_map), 1)) == 0) 2003 return (0); 2004 if ((ELFPRV(lmp) = calloc(sizeof (Rt_elfp), 1)) == 0) { 2005 free(lmp); 2006 return (0); 2007 } 2008 2009 /* 2010 * All fields not filled in were set to 0 by calloc. 2011 */ 2012 ORIGNAME(lmp) = PATHNAME(lmp) = NAME(lmp) = (char *)pname; 2013 DYN(lmp) = ld; 2014 ADDR(lmp) = addr; 2015 MSIZE(lmp) = msize; 2016 ENTRY(lmp) = (Addr)entry; 2017 SYMINTP(lmp) = elf_find_sym; 2018 ETEXT(lmp) = etext; 2019 FCT(lmp) = &elf_fct; 2020 LIST(lmp) = lml; 2021 PADSTART(lmp) = paddr; 2022 PADIMLEN(lmp) = padimsize; 2023 THREADID(lmp) = rt_thr_self(); 2024 OBJFLTRNDX(lmp) = FLTR_DISABLED; 2025 SORTVAL(lmp) = -1; 2026 2027 MMAPS(lmp) = mmaps; 2028 MMAPCNT(lmp) = mmapcnt; 2029 ASSERT(mmapcnt != 0); 2030 2031 /* 2032 * If this is a shared object, add the base address to each address. 2033 * if this is an executable, use address as is. 2034 */ 2035 if (ehdr->e_type == ET_EXEC) { 2036 base = 0; 2037 FLAGS(lmp) |= FLG_RT_FIXED; 2038 } else 2039 base = addr; 2040 2041 /* 2042 * Fill in rest of the link map entries with information from the file's 2043 * dynamic structure. 2044 */ 2045 if (ld) { 2046 uint_t dyncnt = 0; 2047 Xword pltpadsz = 0; 2048 Rti_desc *rti; 2049 2050 /* CSTYLED */ 2051 for ( ; ld->d_tag != DT_NULL; ++ld, dyncnt++) { 2052 switch ((Xword)ld->d_tag) { 2053 case DT_SYMTAB: 2054 SYMTAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2055 break; 2056 case DT_SUNW_SYMTAB: 2057 SUNWSYMTAB(lmp) = 2058 (void *)(ld->d_un.d_ptr + base); 2059 break; 2060 case DT_SUNW_SYMSZ: 2061 SUNWSYMSZ(lmp) = ld->d_un.d_val; 2062 break; 2063 case DT_STRTAB: 2064 STRTAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2065 break; 2066 case DT_SYMENT: 2067 SYMENT(lmp) = ld->d_un.d_val; 2068 break; 2069 case DT_FEATURE_1: 2070 ld->d_un.d_val |= DTF_1_PARINIT; 2071 if (ld->d_un.d_val & DTF_1_CONFEXP) 2072 crle = 1; 2073 break; 2074 case DT_MOVESZ: 2075 MOVESZ(lmp) = ld->d_un.d_val; 2076 FLAGS(lmp) |= FLG_RT_MOVE; 2077 break; 2078 case DT_MOVEENT: 2079 MOVEENT(lmp) = ld->d_un.d_val; 2080 break; 2081 case DT_MOVETAB: 2082 MOVETAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2083 break; 2084 case DT_REL: 2085 case DT_RELA: 2086 /* 2087 * At this time we can only handle 1 type of 2088 * relocation per object. 2089 */ 2090 REL(lmp) = (void *)(ld->d_un.d_ptr + base); 2091 break; 2092 case DT_RELSZ: 2093 case DT_RELASZ: 2094 RELSZ(lmp) = ld->d_un.d_val; 2095 break; 2096 case DT_RELENT: 2097 case DT_RELAENT: 2098 RELENT(lmp) = ld->d_un.d_val; 2099 break; 2100 case DT_RELCOUNT: 2101 case DT_RELACOUNT: 2102 RELACOUNT(lmp) = (uint_t)ld->d_un.d_val; 2103 break; 2104 case DT_TEXTREL: 2105 FLAGS1(lmp) |= FL1_RT_TEXTREL; 2106 break; 2107 case DT_HASH: 2108 HASH(lmp) = (uint_t *)(ld->d_un.d_ptr + base); 2109 break; 2110 case DT_PLTGOT: 2111 PLTGOT(lmp) = (uint_t *)(ld->d_un.d_ptr + base); 2112 break; 2113 case DT_PLTRELSZ: 2114 PLTRELSZ(lmp) = ld->d_un.d_val; 2115 break; 2116 case DT_JMPREL: 2117 JMPREL(lmp) = (void *)(ld->d_un.d_ptr + base); 2118 break; 2119 case DT_INIT: 2120 INIT(lmp) = (void (*)())(ld->d_un.d_ptr + base); 2121 break; 2122 case DT_FINI: 2123 FINI(lmp) = (void (*)())(ld->d_un.d_ptr + base); 2124 break; 2125 case DT_INIT_ARRAY: 2126 INITARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2127 base); 2128 break; 2129 case DT_INIT_ARRAYSZ: 2130 INITARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2131 break; 2132 case DT_FINI_ARRAY: 2133 FINIARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2134 base); 2135 break; 2136 case DT_FINI_ARRAYSZ: 2137 FINIARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2138 break; 2139 case DT_PREINIT_ARRAY: 2140 PREINITARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2141 base); 2142 break; 2143 case DT_PREINIT_ARRAYSZ: 2144 PREINITARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2145 break; 2146 case DT_RPATH: 2147 case DT_RUNPATH: 2148 rpath = ld->d_un.d_val; 2149 break; 2150 case DT_FILTER: 2151 fltr = ld->d_un.d_val; 2152 OBJFLTRNDX(lmp) = dyncnt; 2153 FLAGS1(lmp) |= FL1_RT_OBJSFLTR; 2154 break; 2155 case DT_AUXILIARY: 2156 if (!(rtld_flags & RT_FL_NOAUXFLTR)) { 2157 fltr = ld->d_un.d_val; 2158 OBJFLTRNDX(lmp) = dyncnt; 2159 } 2160 FLAGS1(lmp) |= FL1_RT_OBJAFLTR; 2161 break; 2162 case DT_SUNW_FILTER: 2163 SYMSFLTRCNT(lmp)++; 2164 FLAGS1(lmp) |= FL1_RT_SYMSFLTR; 2165 break; 2166 case DT_SUNW_AUXILIARY: 2167 if (!(rtld_flags & RT_FL_NOAUXFLTR)) { 2168 SYMAFLTRCNT(lmp)++; 2169 } 2170 FLAGS1(lmp) |= FL1_RT_SYMAFLTR; 2171 break; 2172 case DT_DEPAUDIT: 2173 if (!(rtld_flags & RT_FL_NOAUDIT)) 2174 audit = ld->d_un.d_val; 2175 break; 2176 case DT_CONFIG: 2177 cfile = ld->d_un.d_val; 2178 break; 2179 case DT_DEBUG: 2180 /* 2181 * DT_DEBUG entries are only created in 2182 * dynamic objects that require an interpretor 2183 * (ie. all dynamic executables and some shared 2184 * objects), and provide for a hand-shake with 2185 * debuggers. This entry is initialized to 2186 * zero by the link-editor. If a debugger has 2187 * us and updated this entry set the debugger 2188 * flag, and finish initializing the debugging 2189 * structure (see setup() also). Switch off any 2190 * configuration object use as most debuggers 2191 * can't handle fixed dynamic executables as 2192 * dependencies, and we can't handle requests 2193 * like object padding for alternative objects. 2194 */ 2195 if (ld->d_un.d_ptr) 2196 rtld_flags |= 2197 (RT_FL_DEBUGGER | RT_FL_NOOBJALT); 2198 ld->d_un.d_ptr = (Addr)&r_debug; 2199 break; 2200 case DT_VERNEED: 2201 VERNEED(lmp) = (Verneed *)(ld->d_un.d_ptr + 2202 base); 2203 break; 2204 case DT_VERNEEDNUM: 2205 /* LINTED */ 2206 VERNEEDNUM(lmp) = (int)ld->d_un.d_val; 2207 break; 2208 case DT_VERDEF: 2209 VERDEF(lmp) = (Verdef *)(ld->d_un.d_ptr + base); 2210 break; 2211 case DT_VERDEFNUM: 2212 /* LINTED */ 2213 VERDEFNUM(lmp) = (int)ld->d_un.d_val; 2214 break; 2215 case DT_BIND_NOW: 2216 if ((ld->d_un.d_val & DF_BIND_NOW) && 2217 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2218 MODE(lmp) |= RTLD_NOW; 2219 MODE(lmp) &= ~RTLD_LAZY; 2220 } 2221 break; 2222 case DT_FLAGS: 2223 if (ld->d_un.d_val & DF_SYMBOLIC) 2224 FLAGS1(lmp) |= FL1_RT_SYMBOLIC; 2225 if (ld->d_un.d_val & DF_TEXTREL) 2226 FLAGS1(lmp) |= FL1_RT_TEXTREL; 2227 if ((ld->d_un.d_val & DF_BIND_NOW) && 2228 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2229 MODE(lmp) |= RTLD_NOW; 2230 MODE(lmp) &= ~RTLD_LAZY; 2231 } 2232 /* 2233 * Capture any static TLS use, and enforce that 2234 * this object be non-deletable. 2235 */ 2236 if (ld->d_un.d_val & DF_STATIC_TLS) { 2237 FLAGS1(lmp) |= FL1_RT_TLSSTAT; 2238 MODE(lmp) |= RTLD_NODELETE; 2239 } 2240 break; 2241 case DT_FLAGS_1: 2242 if (ld->d_un.d_val & DF_1_DISPRELPND) 2243 FLAGS1(lmp) |= FL1_RT_DISPREL; 2244 if (ld->d_un.d_val & DF_1_GROUP) 2245 FLAGS(lmp) |= 2246 (FLG_RT_SETGROUP | FLG_RT_HANDLE); 2247 if ((ld->d_un.d_val & DF_1_NOW) && 2248 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2249 MODE(lmp) |= RTLD_NOW; 2250 MODE(lmp) &= ~RTLD_LAZY; 2251 } 2252 if (ld->d_un.d_val & DF_1_NODELETE) 2253 MODE(lmp) |= RTLD_NODELETE; 2254 if (ld->d_un.d_val & DF_1_INITFIRST) 2255 FLAGS(lmp) |= FLG_RT_INITFRST; 2256 if (ld->d_un.d_val & DF_1_NOOPEN) 2257 FLAGS(lmp) |= FLG_RT_NOOPEN; 2258 if (ld->d_un.d_val & DF_1_LOADFLTR) 2259 FLAGS(lmp) |= FLG_RT_LOADFLTR; 2260 if (ld->d_un.d_val & DF_1_NODUMP) 2261 FLAGS(lmp) |= FLG_RT_NODUMP; 2262 if (ld->d_un.d_val & DF_1_CONFALT) 2263 crle = 1; 2264 if (ld->d_un.d_val & DF_1_DIRECT) 2265 FLAGS1(lmp) |= FL1_RT_DIRECT; 2266 if (ld->d_un.d_val & DF_1_NODEFLIB) 2267 FLAGS1(lmp) |= FL1_RT_NODEFLIB; 2268 if (ld->d_un.d_val & DF_1_ENDFILTEE) 2269 FLAGS1(lmp) |= FL1_RT_ENDFILTE; 2270 if (ld->d_un.d_val & DF_1_TRANS) 2271 FLAGS(lmp) |= FLG_RT_TRANS; 2272 #ifndef EXPAND_RELATIVE 2273 if (ld->d_un.d_val & DF_1_ORIGIN) 2274 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2275 #endif 2276 /* 2277 * If this object identifies itself as an 2278 * interposer, but relocation processing has 2279 * already started, then demote it. It's too 2280 * late to guarantee complete interposition. 2281 */ 2282 if (ld->d_un.d_val & 2283 (DF_1_INTERPOSE | DF_1_SYMINTPOSE)) { 2284 if (lml->lm_flags & LML_FLG_STARTREL) { 2285 DBG_CALL(Dbg_util_intoolate(lmp)); 2286 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 2287 (void) printf( 2288 MSG_INTL(MSG_LDD_REL_ERR2), 2289 NAME(lmp)); 2290 } else if (ld->d_un.d_val & DF_1_INTERPOSE) 2291 FLAGS(lmp) |= FLG_RT_OBJINTPO; 2292 else 2293 FLAGS(lmp) |= FLG_RT_SYMINTPO; 2294 } 2295 break; 2296 case DT_SYMINFO: 2297 SYMINFO(lmp) = (Syminfo *)(ld->d_un.d_ptr + 2298 base); 2299 break; 2300 case DT_SYMINENT: 2301 SYMINENT(lmp) = ld->d_un.d_val; 2302 break; 2303 case DT_PLTPAD: 2304 PLTPAD(lmp) = (void *)(ld->d_un.d_ptr + base); 2305 break; 2306 case DT_PLTPADSZ: 2307 pltpadsz = ld->d_un.d_val; 2308 break; 2309 case DT_SUNW_RTLDINF: 2310 /* 2311 * Maintain a list of RTLDINFO structures. 2312 * Typically, libc is the only supplier, and 2313 * only one structure is provided. However, 2314 * multiple suppliers and multiple structures 2315 * are supported. For example, one structure 2316 * may provide thread_init, and another 2317 * structure may provide atexit reservations. 2318 */ 2319 if ((rti = alist_append(&lml->lm_rti, 0, 2320 sizeof (Rti_desc), AL_CNT_RTLDINFO)) == 0) { 2321 remove_so(0, lmp); 2322 return (0); 2323 } 2324 rti->rti_lmp = lmp; 2325 rti->rti_info = (void *)(ld->d_un.d_ptr + base); 2326 break; 2327 case DT_SUNW_SORTENT: 2328 SUNWSORTENT(lmp) = ld->d_un.d_val; 2329 break; 2330 case DT_SUNW_SYMSORT: 2331 SUNWSYMSORT(lmp) = 2332 (void *)(ld->d_un.d_ptr + base); 2333 break; 2334 case DT_SUNW_SYMSORTSZ: 2335 SUNWSYMSORTSZ(lmp) = ld->d_un.d_val; 2336 break; 2337 case DT_DEPRECATED_SPARC_REGISTER: 2338 case M_DT_REGISTER: 2339 FLAGS(lmp) |= FLG_RT_REGSYMS; 2340 break; 2341 case M_DT_PLTRESERVE: 2342 PLTRESERVE(lmp) = (void *)(ld->d_un.d_ptr + 2343 base); 2344 break; 2345 } 2346 } 2347 2348 2349 if (PLTPAD(lmp)) { 2350 if (pltpadsz == (Xword)0) 2351 PLTPAD(lmp) = 0; 2352 else 2353 PLTPADEND(lmp) = (void *)((Addr)PLTPAD(lmp) + 2354 pltpadsz); 2355 } 2356 2357 /* 2358 * Allocate Dynamic Info structure 2359 */ 2360 if ((DYNINFO(lmp) = calloc((size_t)dyncnt, 2361 sizeof (Dyninfo))) == 0) { 2362 remove_so(0, lmp); 2363 return (0); 2364 } 2365 DYNINFOCNT(lmp) = dyncnt; 2366 } 2367 2368 /* 2369 * A dynsym contains only global functions. We want to have 2370 * a version of it that also includes local functions, so that 2371 * dladdr() will be able to report names for local functions 2372 * when used to generate a stack trace for a stripped file. 2373 * This version of the dynsym is provided via DT_SUNW_SYMTAB. 2374 * 2375 * In producing DT_SUNW_SYMTAB, ld uses a non-obvious trick 2376 * in order to avoid having to have two copies of the global 2377 * symbols held in DT_SYMTAB: The local symbols are placed in 2378 * a separate section than the globals in the dynsym, but the 2379 * linker conspires to put the data for these two sections adjacent 2380 * to each other. DT_SUNW_SYMTAB points at the top of the local 2381 * symbols, and DT_SUNW_SYMSZ is the combined length of both tables. 2382 * 2383 * If the two sections are not adjacent, then something went wrong 2384 * at link time. We use ASSERT to kill the process if this is 2385 * a debug build. In a production build, we will silently ignore 2386 * the presence of the .ldynsym and proceed. We can detect this 2387 * situation by checking to see that DT_SYMTAB lies in 2388 * the range given by DT_SUNW_SYMTAB/DT_SUNW_SYMSZ. 2389 */ 2390 if ((SUNWSYMTAB(lmp) != NULL) && 2391 (((char *)SYMTAB(lmp) <= (char *)SUNWSYMTAB(lmp)) || 2392 (((char *)SYMTAB(lmp) >= 2393 (SUNWSYMSZ(lmp) + (char *)SUNWSYMTAB(lmp)))))) { 2394 ASSERT(0); 2395 SUNWSYMTAB(lmp) = NULL; 2396 SUNWSYMSZ(lmp) = 0; 2397 } 2398 2399 /* 2400 * If configuration file use hasn't been disabled, and a configuration 2401 * file hasn't already been set via an environment variable, see if any 2402 * application specific configuration file is specified. An LD_CONFIG 2403 * setting is used first, but if this image was generated via crle(1) 2404 * then a default configuration file is a fall-back. 2405 */ 2406 if ((!(rtld_flags & RT_FL_NOCFG)) && (config->c_name == 0)) { 2407 if (cfile) 2408 config->c_name = (const char *)(cfile + 2409 (char *)STRTAB(lmp)); 2410 else if (crle) { 2411 rtld_flags |= RT_FL_CONFAPP; 2412 #ifndef EXPAND_RELATIVE 2413 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2414 #endif 2415 } 2416 } 2417 2418 if (rpath) 2419 RPATH(lmp) = (char *)(rpath + (char *)STRTAB(lmp)); 2420 if (fltr) { 2421 /* 2422 * If this object is a global filter, duplicate the filtee 2423 * string name(s) so that REFNAME() is available in core files. 2424 * This cludge was useful for debuggers at one point, but only 2425 * when the filtee name was an individual full path. 2426 */ 2427 if ((REFNAME(lmp) = strdup(fltr + (char *)STRTAB(lmp))) == 0) { 2428 remove_so(0, lmp); 2429 return (0); 2430 } 2431 } 2432 2433 if (rtld_flags & RT_FL_RELATIVE) 2434 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2435 2436 /* 2437 * For Intel ABI compatibility. It's possible that a JMPREL can be 2438 * specified without any other relocations (e.g. a dynamic executable 2439 * normally only contains .plt relocations). If this is the case then 2440 * no REL, RELSZ or RELENT will have been created. For us to be able 2441 * to traverse the .plt relocations under LD_BIND_NOW we need to know 2442 * the RELENT for these relocations. Refer to elf_reloc() for more 2443 * details. 2444 */ 2445 if (!RELENT(lmp) && JMPREL(lmp)) 2446 RELENT(lmp) = sizeof (Rel); 2447 2448 /* 2449 * Establish any per-object auditing. If we're establishing `main's 2450 * link-map its too early to go searching for audit objects so just 2451 * hold the object name for later (see setup()). 2452 */ 2453 if (audit) { 2454 char *cp = audit + (char *)STRTAB(lmp); 2455 2456 if (*cp) { 2457 if (((AUDITORS(lmp) = 2458 calloc(1, sizeof (Audit_desc))) == 0) || 2459 ((AUDITORS(lmp)->ad_name = strdup(cp)) == 0)) { 2460 remove_so(0, lmp); 2461 return (0); 2462 } 2463 if (lml_main.lm_head) { 2464 if (audit_setup(lmp, AUDITORS(lmp), 0) == 0) { 2465 remove_so(0, lmp); 2466 return (0); 2467 } 2468 FLAGS1(lmp) |= AUDITORS(lmp)->ad_flags; 2469 lml->lm_flags |= LML_FLG_LOCAUDIT; 2470 } 2471 } 2472 } 2473 2474 if ((CONDVAR(lmp) = rt_cond_create()) == 0) { 2475 remove_so(0, lmp); 2476 return (0); 2477 } 2478 if (oname && ((append_alias(lmp, oname, 0)) == 0)) { 2479 remove_so(0, lmp); 2480 return (0); 2481 } 2482 2483 /* 2484 * Add the mapped object to the end of the link map list. 2485 */ 2486 lm_append(lml, lmco, lmp); 2487 return (lmp); 2488 } 2489 2490 /* 2491 * Assign hardware/software capabilities. 2492 */ 2493 void 2494 cap_assign(Cap *cap, Rt_map *lmp) 2495 { 2496 while (cap->c_tag != CA_SUNW_NULL) { 2497 switch (cap->c_tag) { 2498 case CA_SUNW_HW_1: 2499 HWCAP(lmp) = cap->c_un.c_val; 2500 break; 2501 case CA_SUNW_SF_1: 2502 SFCAP(lmp) = cap->c_un.c_val; 2503 } 2504 cap++; 2505 } 2506 } 2507 2508 /* 2509 * Map in an ELF object. 2510 * Takes an open file descriptor for the object to map and its pathname; returns 2511 * a pointer to a Rt_map structure for this object, or 0 on error. 2512 */ 2513 static Rt_map * 2514 elf_map_so(Lm_list *lml, Aliste lmco, const char *pname, const char *oname, 2515 int fd) 2516 { 2517 int i; /* general temporary */ 2518 Off memsize = 0; /* total memory size of pathname */ 2519 Off mentry; /* entry point */ 2520 Ehdr *ehdr; /* ELF header of ld.so */ 2521 Phdr *phdr; /* first Phdr in file */ 2522 Phdr *phdr0; /* Saved first Phdr in file */ 2523 Phdr *pptr; /* working Phdr */ 2524 Phdr *fph = 0; /* first loadable Phdr */ 2525 Phdr *lph; /* last loadable Phdr */ 2526 Phdr *lfph = 0; /* last loadable (filesz != 0) Phdr */ 2527 Phdr *lmph = 0; /* last loadable (memsz != 0) Phdr */ 2528 Phdr *swph = 0; /* program header for SUNWBSS */ 2529 Phdr *tlph = 0; /* program header for PT_TLS */ 2530 Phdr *unwindph = 0; /* program header for PT_SUNW_UNWIND */ 2531 Cap *cap = 0; /* program header for SUNWCAP */ 2532 Dyn *mld = 0; /* DYNAMIC structure for pathname */ 2533 size_t size; /* size of elf and program headers */ 2534 caddr_t faddr = 0; /* mapping address of pathname */ 2535 Rt_map *lmp; /* link map created */ 2536 caddr_t paddr; /* start of padded image */ 2537 Off plen; /* size of image including padding */ 2538 Half etype; 2539 int fixed; 2540 Mmap *mmaps; 2541 uint_t mmapcnt = 0; 2542 Xword align = 0; 2543 2544 /* LINTED */ 2545 ehdr = (Ehdr *)fmap->fm_maddr; 2546 2547 /* 2548 * If this a relocatable object then special processing is required. 2549 */ 2550 if ((etype = ehdr->e_type) == ET_REL) 2551 return (elf_obj_file(lml, lmco, pname, fd)); 2552 2553 /* 2554 * If this isn't a dynamic executable or shared object we can't process 2555 * it. If this is a dynamic executable then all addresses are fixed. 2556 */ 2557 if (etype == ET_EXEC) 2558 fixed = 1; 2559 else if (etype == ET_DYN) 2560 fixed = 0; 2561 else { 2562 eprintf(lml, ERR_ELF, MSG_INTL(MSG_GEN_BADTYPE), pname, 2563 conv_ehdr_type(etype, 0)); 2564 return (0); 2565 } 2566 2567 /* 2568 * If our original mapped page was not large enough to hold all the 2569 * program headers remap them. 2570 */ 2571 size = (size_t)((char *)ehdr->e_phoff + 2572 (ehdr->e_phnum * ehdr->e_phentsize)); 2573 if (size > fmap->fm_fsize) { 2574 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_CORTRUNC), pname); 2575 return (0); 2576 } 2577 if (size > fmap->fm_msize) { 2578 fmap_setup(); 2579 if ((fmap->fm_maddr = mmap(fmap->fm_maddr, size, PROT_READ, 2580 fmap->fm_mflags, fd, 0)) == MAP_FAILED) { 2581 int err = errno; 2582 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_MMAP), pname, 2583 strerror(err)); 2584 return (0); 2585 } 2586 fmap->fm_msize = size; 2587 /* LINTED */ 2588 ehdr = (Ehdr *)fmap->fm_maddr; 2589 } 2590 /* LINTED */ 2591 phdr0 = phdr = (Phdr *)((char *)ehdr + ehdr->e_ehsize); 2592 2593 /* 2594 * Get entry point. 2595 */ 2596 mentry = ehdr->e_entry; 2597 2598 /* 2599 * Point at program headers and perform some basic validation. 2600 */ 2601 for (i = 0, pptr = phdr; i < (int)ehdr->e_phnum; i++, 2602 pptr = (Phdr *)((Off)pptr + ehdr->e_phentsize)) { 2603 if ((pptr->p_type == PT_LOAD) || 2604 (pptr->p_type == PT_SUNWBSS)) { 2605 2606 if (fph == 0) { 2607 fph = pptr; 2608 /* LINTED argument lph is initialized in first pass */ 2609 } else if (pptr->p_vaddr <= lph->p_vaddr) { 2610 eprintf(lml, ERR_ELF, 2611 MSG_INTL(MSG_GEN_INVPRGHDR), pname); 2612 return (0); 2613 } 2614 2615 lph = pptr; 2616 2617 if (pptr->p_memsz) 2618 lmph = pptr; 2619 if (pptr->p_filesz) 2620 lfph = pptr; 2621 if (pptr->p_type == PT_SUNWBSS) 2622 swph = pptr; 2623 if (pptr->p_align > align) 2624 align = pptr->p_align; 2625 2626 } else if (pptr->p_type == PT_DYNAMIC) { 2627 mld = (Dyn *)(pptr->p_vaddr); 2628 } else if ((pptr->p_type == PT_TLS) && pptr->p_memsz) { 2629 tlph = pptr; 2630 } else if (pptr->p_type == PT_SUNWCAP) { 2631 cap = (Cap *)(pptr->p_vaddr); 2632 } else if (pptr->p_type == PT_SUNW_UNWIND) { 2633 unwindph = pptr; 2634 } 2635 } 2636 2637 #if defined(MAP_ALIGN) 2638 /* 2639 * Make sure the maximum page alignment is a power of 2 >= the system 2640 * page size, for use with MAP_ALIGN. 2641 */ 2642 align = M_PROUND(align); 2643 #endif 2644 2645 /* 2646 * We'd better have at least one loadable segment, together with some 2647 * specified file and memory size. 2648 */ 2649 if ((fph == 0) || (lmph == 0) || (lfph == 0)) { 2650 eprintf(lml, ERR_ELF, MSG_INTL(MSG_GEN_NOLOADSEG), pname); 2651 return (0); 2652 } 2653 2654 /* 2655 * Check that the files size accounts for the loadable sections 2656 * we're going to map in (failure to do this may cause spurious 2657 * bus errors if we're given a truncated file). 2658 */ 2659 if (fmap->fm_fsize < ((size_t)lfph->p_offset + lfph->p_filesz)) { 2660 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_CORTRUNC), pname); 2661 return (0); 2662 } 2663 2664 /* 2665 * Memsize must be page rounded so that if we add object padding 2666 * at the end it will start at the beginning of a page. 2667 */ 2668 plen = memsize = M_PROUND((lmph->p_vaddr + lmph->p_memsz) - 2669 M_PTRUNC((ulong_t)fph->p_vaddr)); 2670 2671 /* 2672 * Determine if an existing mapping is acceptable. 2673 */ 2674 if (interp && (lml->lm_flags & LML_FLG_BASELM) && 2675 (strcmp(pname, interp->i_name) == 0)) { 2676 /* 2677 * If this is the interpreter then it has already been mapped 2678 * and we have the address so don't map it again. Note that 2679 * the common occurrence of a reference to the interpretor 2680 * (libdl -> ld.so.1) will have been caught during filter 2681 * initialization (see elf_lookup_filtee()). However, some 2682 * ELF implementations are known to record libc.so.1 as the 2683 * interpretor, and thus this test catches this behavior. 2684 */ 2685 paddr = faddr = interp->i_faddr; 2686 2687 } else if ((fixed == 0) && (r_debug.rtd_objpad == 0) && 2688 (memsize <= fmap->fm_msize) && ((fph->p_flags & PF_W) == 0) && 2689 (fph->p_filesz == fph->p_memsz) && 2690 (((Xword)fmap->fm_maddr % align) == 0)) { 2691 /* 2692 * If the mapping required has already been established from 2693 * the initial page we don't need to do anything more. Reset 2694 * the fmap address so then any later files start a new fmap. 2695 * This is really an optimization for filters, such as libdl.so, 2696 * which should only require one page. 2697 */ 2698 paddr = faddr = fmap->fm_maddr; 2699 fmap->fm_maddr = 0; 2700 fmap_setup(); 2701 } 2702 2703 /* 2704 * Allocate a mapping array to retain mapped segment information. 2705 */ 2706 if ((mmaps = calloc(ehdr->e_phnum, sizeof (Mmap))) == 0) 2707 return (0); 2708 2709 /* 2710 * If we're reusing an existing mapping determine the objects etext 2711 * address. Otherwise map the file (which will calculate the etext 2712 * address as part of the mapping process). 2713 */ 2714 if (faddr) { 2715 caddr_t base; 2716 2717 if (fixed) 2718 base = 0; 2719 else 2720 base = faddr; 2721 2722 /* LINTED */ 2723 phdr0 = phdr = (Phdr *)((char *)faddr + ehdr->e_ehsize); 2724 2725 for (i = 0, pptr = phdr; i < (int)ehdr->e_phnum; i++, 2726 pptr = (Phdr *)((Off)pptr + ehdr->e_phentsize)) { 2727 if (pptr->p_type != PT_LOAD) 2728 continue; 2729 2730 mmaps[mmapcnt].m_vaddr = (pptr->p_vaddr + base); 2731 mmaps[mmapcnt].m_msize = pptr->p_memsz; 2732 mmaps[mmapcnt].m_fsize = pptr->p_filesz; 2733 mmaps[mmapcnt].m_perm = (PROT_READ | PROT_EXEC); 2734 mmapcnt++; 2735 2736 if (!(pptr->p_flags & PF_W)) { 2737 fmap->fm_etext = (ulong_t)pptr->p_vaddr + 2738 (ulong_t)pptr->p_memsz + 2739 (ulong_t)(fixed ? 0 : faddr); 2740 } 2741 } 2742 } else { 2743 /* 2744 * Map the file. 2745 */ 2746 if (!(faddr = elf_map_it(lml, pname, memsize, ehdr, fph, lph, 2747 &phdr, &paddr, &plen, fixed, fd, align, mmaps, &mmapcnt))) 2748 return (0); 2749 } 2750 2751 /* 2752 * Calculate absolute base addresses and entry points. 2753 */ 2754 if (!fixed) { 2755 if (mld) 2756 /* LINTED */ 2757 mld = (Dyn *)((Off)mld + faddr); 2758 if (cap) 2759 /* LINTED */ 2760 cap = (Cap *)((Off)cap + faddr); 2761 mentry += (Off)faddr; 2762 } 2763 2764 /* 2765 * Create new link map structure for newly mapped shared object. 2766 */ 2767 if (!(lmp = elf_new_lm(lml, pname, oname, mld, (ulong_t)faddr, 2768 fmap->fm_etext, lmco, memsize, mentry, (ulong_t)paddr, plen, mmaps, 2769 mmapcnt))) { 2770 (void) munmap((caddr_t)faddr, memsize); 2771 return (0); 2772 } 2773 2774 /* 2775 * Start the system loading in the ELF information we'll be processing. 2776 */ 2777 if (REL(lmp)) { 2778 (void) madvise((void *)ADDR(lmp), (uintptr_t)REL(lmp) + 2779 (uintptr_t)RELSZ(lmp) - (uintptr_t)ADDR(lmp), 2780 MADV_WILLNEED); 2781 } 2782 2783 /* 2784 * If this shared object contains any special segments, record them. 2785 */ 2786 if (swph) { 2787 FLAGS(lmp) |= FLG_RT_SUNWBSS; 2788 SUNWBSS(lmp) = phdr + (swph - phdr0); 2789 } 2790 if (tlph && (tls_assign(lml, lmp, (phdr + (tlph - phdr0))) == 0)) { 2791 remove_so(lml, lmp); 2792 return (0); 2793 } 2794 2795 if (unwindph) 2796 PTUNWIND(lmp) = phdr + (unwindph - phdr0); 2797 2798 if (cap) 2799 cap_assign(cap, lmp); 2800 2801 return (lmp); 2802 } 2803 2804 /* 2805 * Function to correct protection settings. Segments are all mapped initially 2806 * with permissions as given in the segment header. We need to turn on write 2807 * permissions on a text segment if there are any relocations against that 2808 * segment, and them turn write permission back off again before returning 2809 * control to the user. This function turns the permission on or off depending 2810 * on the value of the argument. 2811 */ 2812 int 2813 elf_set_prot(Rt_map *lmp, int permission) 2814 { 2815 Mmap *mmaps; 2816 2817 /* 2818 * If this is an allocated image (ie. a relocatable object) we can't 2819 * mprotect() anything. 2820 */ 2821 if (FLAGS(lmp) & FLG_RT_IMGALLOC) 2822 return (1); 2823 2824 DBG_CALL(Dbg_file_prot(lmp, permission)); 2825 2826 for (mmaps = MMAPS(lmp); mmaps->m_vaddr; mmaps++) { 2827 if (mmaps->m_perm & PROT_WRITE) 2828 continue; 2829 2830 if (mprotect(mmaps->m_vaddr, mmaps->m_msize, 2831 (mmaps->m_perm | permission)) == -1) { 2832 int err = errno; 2833 eprintf(LIST(lmp), ERR_FATAL, MSG_INTL(MSG_SYS_MPROT), 2834 NAME(lmp), strerror(err)); 2835 return (0); 2836 } 2837 } 2838 return (1); 2839 } 2840 2841 /* 2842 * Build full pathname of shared object from given directory name and filename. 2843 */ 2844 static char * 2845 elf_get_so(const char *dir, const char *file) 2846 { 2847 static char pname[PATH_MAX]; 2848 2849 (void) snprintf(pname, PATH_MAX, MSG_ORIG(MSG_FMT_PATH), dir, file); 2850 return (pname); 2851 } 2852 2853 /* 2854 * The copy relocation is recorded in a copy structure which will be applied 2855 * after all other relocations are carried out. This provides for copying data 2856 * that must be relocated itself (ie. pointers in shared objects). This 2857 * structure also provides a means of binding RTLD_GROUP dependencies to any 2858 * copy relocations that have been taken from any group members. 2859 * 2860 * If the size of the .bss area available for the copy information is not the 2861 * same as the source of the data inform the user if we're under ldd(1) control 2862 * (this checking was only established in 5.3, so by only issuing an error via 2863 * ldd(1) we maintain the standard set by previous releases). 2864 */ 2865 int 2866 elf_copy_reloc(char *name, Sym *rsym, Rt_map *rlmp, void *radd, Sym *dsym, 2867 Rt_map *dlmp, const void *dadd) 2868 { 2869 Rel_copy rc; 2870 Lm_list *lml = LIST(rlmp); 2871 2872 rc.r_name = name; 2873 rc.r_rsym = rsym; /* the new reference symbol and its */ 2874 rc.r_rlmp = rlmp; /* associated link-map */ 2875 rc.r_dlmp = dlmp; /* the defining link-map */ 2876 rc.r_dsym = dsym; /* the original definition */ 2877 rc.r_radd = radd; 2878 rc.r_dadd = dadd; 2879 2880 if (rsym->st_size > dsym->st_size) 2881 rc.r_size = (size_t)dsym->st_size; 2882 else 2883 rc.r_size = (size_t)rsym->st_size; 2884 2885 if (alist_append(©(dlmp), &rc, sizeof (Rel_copy), 2886 AL_CNT_COPYREL) == 0) { 2887 if (!(lml->lm_flags & LML_FLG_TRC_WARN)) 2888 return (0); 2889 else 2890 return (1); 2891 } 2892 if (!(FLAGS1(dlmp) & FL1_RT_COPYTOOK)) { 2893 if (alist_append(©(rlmp), &dlmp, 2894 sizeof (Rt_map *), AL_CNT_COPYREL) == 0) { 2895 if (!(lml->lm_flags & LML_FLG_TRC_WARN)) 2896 return (0); 2897 else 2898 return (1); 2899 } 2900 FLAGS1(dlmp) |= FL1_RT_COPYTOOK; 2901 } 2902 2903 /* 2904 * If we are tracing (ldd), warn the user if 2905 * 1) the size from the reference symbol differs from the 2906 * copy definition. We can only copy as much data as the 2907 * reference (dynamic executables) entry allows. 2908 * 2) the copy definition has STV_PROTECTED visibility. 2909 */ 2910 if (lml->lm_flags & LML_FLG_TRC_WARN) { 2911 if (rsym->st_size != dsym->st_size) { 2912 (void) printf(MSG_INTL(MSG_LDD_CPY_SIZDIF), 2913 _conv_reloc_type(M_R_COPY), demangle(name), 2914 NAME(rlmp), EC_XWORD(rsym->st_size), 2915 NAME(dlmp), EC_XWORD(dsym->st_size)); 2916 if (rsym->st_size > dsym->st_size) 2917 (void) printf(MSG_INTL(MSG_LDD_CPY_INSDATA), 2918 NAME(dlmp)); 2919 else 2920 (void) printf(MSG_INTL(MSG_LDD_CPY_DATRUNC), 2921 NAME(rlmp)); 2922 } 2923 2924 if (ELF_ST_VISIBILITY(dsym->st_other) == STV_PROTECTED) { 2925 (void) printf(MSG_INTL(MSG_LDD_CPY_PROT), 2926 _conv_reloc_type(M_R_COPY), demangle(name), 2927 NAME(dlmp)); 2928 } 2929 } 2930 2931 DBG_CALL(Dbg_reloc_apply_val(lml, ELF_DBG_RTLD, (Xword)radd, 2932 (Xword)rc.r_size)); 2933 return (1); 2934 } 2935 2936 /* 2937 * Determine the symbol location of an address within a link-map. Look for 2938 * the nearest symbol (whose value is less than or equal to the required 2939 * address). This is the object specific part of dladdr(). 2940 */ 2941 static void 2942 elf_dladdr(ulong_t addr, Rt_map *lmp, Dl_info *dlip, void **info, int flags) 2943 { 2944 ulong_t ndx, cnt, base, _value; 2945 Sym *sym, *_sym; 2946 const char *str; 2947 int _flags; 2948 uint_t *dynaddr_ndx; 2949 uint_t dynaddr_n = 0; 2950 ulong_t value; 2951 2952 /* 2953 * If SUNWSYMTAB() is non-NULL, then it sees a special version of 2954 * the dynsym that starts with any local function symbols that exist in 2955 * the library and then moves to the data held in SYMTAB(). In this 2956 * case, SUNWSYMSZ tells us how long the symbol table is. The 2957 * availability of local function symbols will enhance the results 2958 * we can provide. 2959 * 2960 * If SUNWSYMTAB() is non-NULL, then there might also be a 2961 * SUNWSYMSORT() vector associated with it. SUNWSYMSORT() contains 2962 * an array of indices into SUNWSYMTAB, sorted by increasing 2963 * address. We can use this to do an O(log N) search instead of a 2964 * brute force search. 2965 * 2966 * If SUNWSYMTAB() is NULL, then SYMTAB() references a dynsym that 2967 * contains only global symbols. In that case, the length of 2968 * the symbol table comes from the nchain field of the related 2969 * symbol lookup hash table. 2970 */ 2971 str = STRTAB(lmp); 2972 if (SUNWSYMSZ(lmp) == NULL) { 2973 sym = SYMTAB(lmp); 2974 /* 2975 * If we don't have a .hash table there are no symbols 2976 * to look at. 2977 */ 2978 if (HASH(lmp) == 0) 2979 return; 2980 cnt = HASH(lmp)[1]; 2981 } else { 2982 sym = SUNWSYMTAB(lmp); 2983 cnt = SUNWSYMSZ(lmp) / SYMENT(lmp); 2984 dynaddr_ndx = SUNWSYMSORT(lmp); 2985 if (dynaddr_ndx != NULL) 2986 dynaddr_n = SUNWSYMSORTSZ(lmp) / SUNWSORTENT(lmp); 2987 } 2988 2989 if (FLAGS(lmp) & FLG_RT_FIXED) 2990 base = 0; 2991 else 2992 base = ADDR(lmp); 2993 2994 if (dynaddr_n > 0) { /* Binary search */ 2995 long low = 0, low_bnd; 2996 long high = dynaddr_n - 1, high_bnd; 2997 long mid; 2998 Sym *mid_sym; 2999 3000 /* 3001 * Note that SUNWSYMSORT only contains symbols types that 3002 * supply memory addresses, so there's no need to check and 3003 * filter out any other types. 3004 */ 3005 low_bnd = low; 3006 high_bnd = high; 3007 _sym = NULL; 3008 while (low <= high) { 3009 mid = (low + high) / 2; 3010 mid_sym = &sym[dynaddr_ndx[mid]]; 3011 value = mid_sym->st_value + base; 3012 if (addr < value) { 3013 if ((sym[dynaddr_ndx[high]].st_value + base) >= 3014 addr) 3015 high_bnd = high; 3016 high = mid - 1; 3017 } else if (addr > value) { 3018 if ((sym[dynaddr_ndx[low]].st_value + base) <= 3019 addr) 3020 low_bnd = low; 3021 low = mid + 1; 3022 } else { 3023 _sym = mid_sym; 3024 _value = value; 3025 break; 3026 } 3027 } 3028 /* 3029 * If the above didn't find it exactly, then we must 3030 * return the closest symbol with a value that doesn't 3031 * exceed the one we are looking for. If that symbol exists, 3032 * it will lie in the range bounded by low_bnd and 3033 * high_bnd. This is a linear search, but a short one. 3034 */ 3035 if (_sym == NULL) { 3036 for (mid = low_bnd; mid <= high_bnd; mid++) { 3037 mid_sym = &sym[dynaddr_ndx[mid]]; 3038 value = mid_sym->st_value + base; 3039 if (addr >= value) { 3040 _sym = mid_sym; 3041 _value = value; 3042 } else { 3043 break; 3044 } 3045 } 3046 } 3047 } else { /* Linear search */ 3048 for (_value = 0, sym++, ndx = 1; ndx < cnt; ndx++, sym++) { 3049 /* 3050 * Skip expected symbol types that are not functions 3051 * or data: 3052 * - A symbol table starts with an undefined symbol 3053 * in slot 0. If we are using SUNWSYMTAB(), 3054 * there will be a second undefined symbol 3055 * right before the globals. 3056 * - The local part of SUNWSYMTAB() contains a 3057 * series of function symbols. Each section 3058 * starts with an initial STT_FILE symbol. 3059 */ 3060 if ((sym->st_shndx == SHN_UNDEF) || 3061 (ELF_ST_TYPE(sym->st_info) == STT_FILE)) 3062 continue; 3063 3064 value = sym->st_value + base; 3065 if (value > addr) 3066 continue; 3067 if (value < _value) 3068 continue; 3069 3070 _sym = sym; 3071 _value = value; 3072 3073 /* 3074 * Note, because we accept local and global symbols 3075 * we could find a section symbol that matches the 3076 * associated address, which means that the symbol 3077 * name will be null. In this case continue the 3078 * search in case we can find a global symbol of 3079 * the same value. 3080 */ 3081 if ((value == addr) && 3082 (ELF_ST_TYPE(sym->st_info) != STT_SECTION)) 3083 break; 3084 } 3085 } 3086 3087 _flags = flags & RTLD_DL_MASK; 3088 if (_sym) { 3089 if (_flags == RTLD_DL_SYMENT) 3090 *info = (void *)_sym; 3091 else if (_flags == RTLD_DL_LINKMAP) 3092 *info = (void *)lmp; 3093 3094 dlip->dli_sname = str + _sym->st_name; 3095 dlip->dli_saddr = (void *)_value; 3096 } else { 3097 /* 3098 * addr lies between the beginning of the mapped segment and 3099 * the first global symbol. We have no symbol to return 3100 * and the caller requires one. We use _START_, the base 3101 * address of the mapping. 3102 */ 3103 3104 if (_flags == RTLD_DL_SYMENT) { 3105 /* 3106 * An actual symbol struct is needed, so we 3107 * construct one for _START_. To do this in a 3108 * fully accurate way requires a different symbol 3109 * for each mapped segment. This requires the 3110 * use of dynamic memory and a mutex. That's too much 3111 * plumbing for a fringe case of limited importance. 3112 * 3113 * Fortunately, we can simplify: 3114 * - Only the st_size and st_info fields are useful 3115 * outside of the linker internals. The others 3116 * reference things that outside code cannot see, 3117 * and can be set to 0. 3118 * - It's just a label and there is no size 3119 * to report. So, the size should be 0. 3120 * This means that only st_info needs a non-zero 3121 * (constant) value. A static struct will suffice. 3122 * It must be const (readonly) so the caller can't 3123 * change its meaning for subsequent callers. 3124 */ 3125 static const Sym fsym = { 0, 0, 0, 3126 ELF_ST_INFO(STB_LOCAL, STT_OBJECT) }; 3127 *info = (void *) &fsym; 3128 } 3129 3130 dlip->dli_sname = MSG_ORIG(MSG_SYM_START); 3131 dlip->dli_saddr = (void *) ADDR(lmp); 3132 } 3133 } 3134 3135 static void 3136 elf_lazy_cleanup(Alist *alp) 3137 { 3138 Rt_map **lmpp; 3139 Aliste off; 3140 3141 /* 3142 * Cleanup any link-maps added to this dynamic list and free it. 3143 */ 3144 for (ALIST_TRAVERSE(alp, off, lmpp)) 3145 FLAGS(*lmpp) &= ~FLG_RT_DLSYM; 3146 free(alp); 3147 } 3148 3149 /* 3150 * This routine is called upon to search for a symbol from the dependencies of 3151 * the initial link-map. To maintain lazy loadings goal of reducing the number 3152 * of objects mapped, any symbol search is first carried out using the objects 3153 * that already exist in the process (either on a link-map list or handle). 3154 * If a symbol can't be found, and lazy dependencies are still pending, this 3155 * routine loads the dependencies in an attempt to locate the symbol. 3156 * 3157 * Only new objects are inspected as we will have already inspected presently 3158 * loaded objects before calling this routine. However, a new object may not 3159 * be new - although the di_lmp might be zero, the object may have been mapped 3160 * as someone elses dependency. Thus there's a possibility of some symbol 3161 * search duplication. 3162 */ 3163 3164 Sym * 3165 elf_lazy_find_sym(Slookup *slp, Rt_map **_lmp, uint_t *binfo) 3166 { 3167 Sym *sym = 0; 3168 Alist * alist = 0; 3169 Aliste off; 3170 Rt_map ** lmpp, * lmp = slp->sl_imap; 3171 const char *name = slp->sl_name; 3172 3173 if (alist_append(&alist, &lmp, sizeof (Rt_map *), AL_CNT_LAZYFIND) == 0) 3174 return (0); 3175 FLAGS(lmp) |= FLG_RT_DLSYM; 3176 3177 for (ALIST_TRAVERSE(alist, off, lmpp)) { 3178 uint_t cnt = 0; 3179 Slookup sl = *slp; 3180 Dyninfo *dip; 3181 3182 /* 3183 * Loop through the DT_NEEDED entries examining each object for 3184 * the symbol. If the symbol is not found the object is in turn 3185 * added to the alist, so that its DT_NEEDED entires may be 3186 * examined. 3187 */ 3188 lmp = *lmpp; 3189 for (dip = DYNINFO(lmp); cnt < DYNINFOCNT(lmp); cnt++, dip++) { 3190 Rt_map *nlmp; 3191 3192 if (((dip->di_flags & FLG_DI_NEEDED) == 0) || 3193 dip->di_info) 3194 continue; 3195 3196 /* 3197 * If this entry defines a lazy dependency try loading 3198 * it. If the file can't be loaded, consider this 3199 * non-fatal and continue the search (lazy loaded 3200 * dependencies need not exist and their loading should 3201 * only be fatal if called from a relocation). 3202 * 3203 * If the file is already loaded and relocated we must 3204 * still inspect it for symbols, even though it might 3205 * have already been searched. This lazy load operation 3206 * might have promoted the permissions of the object, 3207 * and thus made the object applicable for this symbol 3208 * search, whereas before the object might have been 3209 * skipped. 3210 */ 3211 if ((nlmp = elf_lazy_load(lmp, cnt, name)) == 0) 3212 continue; 3213 3214 /* 3215 * If this object isn't yet a part of the dynamic list 3216 * then inspect it for the symbol. If the symbol isn't 3217 * found add the object to the dynamic list so that we 3218 * can inspect its dependencies. 3219 */ 3220 if (FLAGS(nlmp) & FLG_RT_DLSYM) 3221 continue; 3222 3223 sl.sl_imap = nlmp; 3224 if (sym = LM_LOOKUP_SYM(sl.sl_cmap)(&sl, _lmp, binfo)) 3225 break; 3226 3227 /* 3228 * Some dlsym() operations are already traversing a 3229 * link-map (dlopen(0)), and thus there's no need to 3230 * build our own dynamic dependency list. 3231 */ 3232 if ((sl.sl_flags & LKUP_NODESCENT) == 0) { 3233 if (alist_append(&alist, &nlmp, 3234 sizeof (Rt_map *), AL_CNT_LAZYFIND) == 0) { 3235 elf_lazy_cleanup(alist); 3236 return (0); 3237 } 3238 FLAGS(nlmp) |= FLG_RT_DLSYM; 3239 } 3240 } 3241 if (sym) 3242 break; 3243 } 3244 3245 elf_lazy_cleanup(alist); 3246 return (sym); 3247 } 3248 3249 /* 3250 * Warning message for bad r_offset. 3251 */ 3252 void 3253 elf_reloc_bad(Rt_map *lmp, void *rel, uchar_t rtype, ulong_t roffset, 3254 ulong_t rsymndx) 3255 { 3256 const char *name = (char *)0; 3257 Lm_list *lml = LIST(lmp); 3258 int trace; 3259 3260 if ((lml->lm_flags & LML_FLG_TRC_ENABLE) && 3261 (((rtld_flags & RT_FL_SILENCERR) == 0) || 3262 (lml->lm_flags & LML_FLG_TRC_VERBOSE))) 3263 trace = 1; 3264 else 3265 trace = 0; 3266 3267 if ((trace == 0) && (DBG_ENABLED == 0)) 3268 return; 3269 3270 if (rsymndx) { 3271 Sym *symref = (Sym *)((ulong_t)SYMTAB(lmp) + 3272 (rsymndx * SYMENT(lmp))); 3273 3274 if (ELF_ST_BIND(symref->st_info) != STB_LOCAL) 3275 name = (char *)(STRTAB(lmp) + symref->st_name); 3276 } 3277 3278 if (name == 0) 3279 name = MSG_ORIG(MSG_STR_EMPTY); 3280 3281 if (trace) { 3282 const char *rstr; 3283 3284 rstr = _conv_reloc_type((uint_t)rtype); 3285 (void) printf(MSG_INTL(MSG_LDD_REL_ERR1), rstr, name, 3286 EC_ADDR(roffset)); 3287 return; 3288 } 3289 3290 Dbg_reloc_error(lml, ELF_DBG_RTLD, M_MACH, M_REL_SHT_TYPE, rel, name); 3291 } 3292 3293 /* 3294 * Resolve a static TLS relocation. 3295 */ 3296 long 3297 elf_static_tls(Rt_map *lmp, Sym *sym, void *rel, uchar_t rtype, char *name, 3298 ulong_t roffset, long value) 3299 { 3300 Lm_list *lml = LIST(lmp); 3301 3302 /* 3303 * Relocations against a static TLS block have limited support once 3304 * process initialization has completed. Any error condition should be 3305 * discovered by testing for DF_STATIC_TLS as part of loading an object, 3306 * however individual relocations are tested in case the dynamic flag 3307 * had not been set when this object was built. 3308 */ 3309 if (PTTLS(lmp) == 0) { 3310 DBG_CALL(Dbg_reloc_in(lml, ELF_DBG_RTLD, M_MACH, 3311 M_REL_SHT_TYPE, rel, NULL, name)); 3312 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_BADTLS), 3313 _conv_reloc_type((uint_t)rtype), NAME(lmp), 3314 name ? demangle(name) : MSG_INTL(MSG_STR_UNKNOWN)); 3315 return (0); 3316 } 3317 3318 /* 3319 * If no static TLS has been set aside for this object, determine if 3320 * any can be obtained. Enforce that any object using static TLS is 3321 * non-deletable. 3322 */ 3323 if (TLSSTATOFF(lmp) == 0) { 3324 FLAGS1(lmp) |= FL1_RT_TLSSTAT; 3325 MODE(lmp) |= RTLD_NODELETE; 3326 3327 if (tls_assign(lml, lmp, PTTLS(lmp)) == 0) { 3328 DBG_CALL(Dbg_reloc_in(lml, ELF_DBG_RTLD, M_MACH, 3329 M_REL_SHT_TYPE, rel, NULL, name)); 3330 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_BADTLS), 3331 _conv_reloc_type((uint_t)rtype), NAME(lmp), 3332 name ? demangle(name) : MSG_INTL(MSG_STR_UNKNOWN)); 3333 return (0); 3334 } 3335 } 3336 3337 /* 3338 * Typically, a static TLS offset is maintained as a symbols value. 3339 * For local symbols that are not apart of the dynamic symbol table, 3340 * the TLS relocation points to a section symbol, and the static TLS 3341 * offset was deposited in the associated GOT table. Make sure the GOT 3342 * is cleared, so that the value isn't reused in do_reloc(). 3343 */ 3344 if (ELF_ST_BIND(sym->st_info) == STB_LOCAL) { 3345 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION)) { 3346 value = *(long *)roffset; 3347 *(long *)roffset = 0; 3348 } else { 3349 value = sym->st_value; 3350 } 3351 } 3352 return (-(TLSSTATOFF(lmp) - value)); 3353 } 3354