1#!/usr/perl5/bin/perl -w 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2006 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# ident "%Z%%M% %I% %E% SMI" 28# 29 30# 31# Check ELF information. 32# 33# This script descends a directory hierarchy inspecting ELF dynamic executables 34# and shared objects. The general theme is to verify that common Makefile rules 35# have been used to build these objects. Typical failures occur when Makefile 36# rules are re-invented rather than being inherited from "cmd/lib" Makefiles. 37# 38# As always, a number of components don't follow the rules, and these are 39# excluded to reduce this scripts output. Pathnames used for this exclusion 40# assume this script is being run over a "proto" area. The -a (all) option 41# skips any exclusions. 42# 43# By default any file that has conditions that should be reported is first 44# listed and then each condition follows. The -o (one-line) option produces a 45# more terse output which is better for sorting/diffing with "nightly". 46# 47# NOTE: missing dependencies, symbols or versions are reported by running the 48# file through ldd(1). As objects within a proto area are built to exist in a 49# base system, standard use of ldd(1) will bind any objects to dependencies 50# that exist in the base system. It is frequently the case that newer objects 51# exist in the proto area that are required to satisfy other objects 52# dependencies, and without using these newer objects an ldd(1) will produce 53# misleading error messages. To compensate for this, the -d option (or the 54# existence of the CODEMSG_WS/ROOT environment variables) cause the creation of 55# alternative dependency mappings via crle(1) configuration files that establish 56# any proto shared objects as alternatives to their base system location. Thus 57# ldd(1) can be executed against these configuration files so that objects in a 58# proto area bind to their dependencies in the same proto area. 59 60 61# Define all global variables (required for strict) 62use vars qw($SkipDirs $SkipFiles $SkipTextrelFiles); 63use vars qw($SkipUndefDirs $SkipUndefFiles $SkipUnusedDirs $SkipUnusedFiles); 64use vars qw($SkipStabFiles $SkipNoExStkFiles); 65use vars qw($UnusedNoise $Prog $Mach $Isalist $Env $Ena64 $Tmpdir $Error); 66use vars qw($UnusedFiles $UnusedPaths $LddNoU $Crle32 $Crle64 $Conf32 $Conf64); 67use vars qw($SkipInterps $OldDeps %opt); 68 69use strict; 70 71 72# Define any directories we should skip completely. 73$SkipDirs = qr{ 74 etc/lib | # special - used for partial statics 75 usr/lib/devfsadm | # 4382889 76 usr/lib/libc | # optimized libc 77 usr/lib/rcm | # 4426119 78 usr/perl5 | # alan's taking care of these :-) 79 usr/src # no need to look at shipped source 80}x; 81 82# Define any files we should skip completely. 83$SkipFiles = qr{ ^(?: 84 ld\.so\.1 | # confusing but correct dependencies 85 lddstub | # lddstub has no dependencies 86 libmakestate\.so\.1 | # temporary; delivered by compiler group 87 libm\.so\.1 | # temporary; delivered by compiler group 88 libm\.so\.2 | # temporary; delivered by compiler group 89 geniconvtbl\.so | # 4384329 90 libssagent\.so\.1 | # 4328854 91 libdmi\.so\.1 | # " " 92 libdmici\.so\.1 | # " " 93 libdmimi\.so\.1 | # " " 94 libpsvcplugin_psr\.so\.1 | # 4385799 95 libpsvcpolicy_psr\.so\.1 | # " " 96 libpsvcpolicy\.so\.1 | # " " 97 picl_slm\.so | # " " 98 libcrypto_extra\.so\.0\.9\.7 | # OpenSSL SUNWcry filter lib 99 libssl_extra\.so\.0\.9\.7 | # OpenSSL SUNWcry filter lib 100 fcpackage\.so | # circular dependency on fcthread.so 101 grub 102 )$ 103}x; 104 105# Define any files that are allowed text relocations. 106$SkipTextrelFiles = qr{ ^(?: 107 unix | # kernel models are non-pic 108 mdb # relocations against __RTC (dbx) 109 )$ 110}x; 111 112# Define any files that are allowed undefined references. 113$SkipUndefDirs = qr{ 114 usr/lib/inet/ppp/ | # pppd plugins have callbacks 115 usr/lib/libp/ | # libc.so.1 requires _mcount 116 usr/lib/vold/ | # vold dependencies have callbacks 117 usr/lib/rmmount | # rmmount actions have callbacks 118 /lib/mdb/ | # mdb modules have callbacks 119 /lib/fm/fmd/plugins/ | # fmd modules have callbacks 120 /lib/fm/fmd/schemes/ | # fmd schemes have callbacks 121 /i86pc/lib/mtst/ # mtst modules have callbacks 122}x; 123 124$SkipUndefFiles = qr{ ^(?: 125 libthread_db\.so\.0 | # callbacks to proc service interface 126 libthread_db\.so\.1 | # " " " " 127 librtld_db\.so\.1 | # " " " " 128 libc_db\.so\.1 | # " " " " 129 libldstab\.so\.1 | # link-edit support libraries have 130 libld\.so\.[2-4] | # callback to the link-editors 131 liblddbg\.so\.4 | # " " " " 132 librtld\.so\.1 | # " " " " 133 libnisdb\.so\.2 | # C++ 134 libsvm\.so\.1 | # libspmicommon.so.1 lacking 135 libwanboot\.so\.1 | # libcrypto.a and libssl.a 136 libwrap\.so\.1\.0 | # uses symbols provided by application 137 fcthread\.so | # uses symbols provided by application 138 fn\.so\.2 | # callback to automount 139 preen_md\.so\.1 | # callback to driver 140 libike\.so\.1 | # callbacks to in.iked for IKE policy 141 devfsadmd_mod\.so | # sysevent module callback to syseventd 142 sysevent_conf_mod\.so | # sysevent module callback to syseventd 143 sysevent_reg_mod\.so # sysevent module callback to syseventd 144 )$ 145}x; 146 147# Define any files that have unused dependencies. 148$SkipUnusedDirs = qr{ 149 lib/picl/plugins/ | # require devtree dependencies 150 /lib/libp # profile libc makes libm an unused 151}x; # dependency of standard libc 152 153$SkipUnusedFiles = qr{ ^(?: 154 devfsadm | # 4382889 155 disks | # " " 156 tapes | # " " 157 ports | # " " 158 audlinks | # " " 159 devlinks | # " " 160 drvconfig | # " " 161 ntptrace | # on intel doesn't need libmd5 162 rmmount | # 4418770, volmgt dependency is required 163 # to compensate for SunPCi. 164 ocfserv | # libsched unreference by libjvm, 165 poold | # see 4952319. 166 libc\.so\.1\.9 | # 4lib/libc versions have private 167 libc\.so\.2\.9 # copies of stuff from libc. 168 )$ 169}x; 170 171# Define any files that should contain debugging information. 172$SkipStabFiles = qr{ ^(?: 173 abi_.* | 174 interceptors\.so\.1 | 175 unix 176 )$ 177}x; 178 179# Define any files that don't require a non-executable stack definition. 180$SkipNoExStkFiles = qr{ ^(?: 181 forth | 182 unix | 183 multiboot 184 )$ 185}x; 186 187# Define any files that should only have unused (ldd -u) processing. 188$UnusedPaths = qr{ 189 ucb/shutdown # libucb interposes on libc and makes 190 # dependencies on libc seem unnecessary 191}x; 192 193$UnusedFiles = qr{ ^(?: 194 rpc\.nisd # CCNEEDED makes pthread unreferenced 195 )$ 196}x; 197 198# Define unused dependencies we should ignore. 199# libCrun has a unnecessary dependency on libw, and libmapmalloc is often 200# defined to interpose on libc but isn't used by the application itself. 201# Threads dependencies look unused if libc is bound first. 202$UnusedNoise = qr{ 203 libw\.so\.1;\ unused | 204 unused\ object=.*libw\.so\.1 | 205 libthread\.so\.1;\ unused | 206 libpthread\.so\.1;\ unused | 207 unused\ object=.*libpthread\.so\.1 | 208 libnsl\.so\.1;\ unused\ dependency\ of\ .*libxslt\.so\.1 | 209 libdl\.so\.1;\ unused\ dependency\ of\ .*libspmicommon\.so\.1 | 210 libdl\.so\.1;\ unused\ dependency\ of\ .*libCrun\.so\.1 | 211 libfru\.so\.1;\ unused\ object=.*libdl\.so\.1 | 212 libfrupicl\.so\.1;\ unused\ object=.*libdl\.so\.1 | 213 libmapmalloc\.so\.1;\ unused | 214 unused\ dependency\ of\ .*libstdc\+\+\.so\.6 | 215 unreferenced\ object=.*libstdc\+\+\.so\.6 | 216 unused\ dependency\ of\ .*libnetsnmphelpers\.so\.5 | 217 unused\ dependency\ of\ .*libnetsnmpmibs\.so\.5 | 218 unused\ dependency\ of\ .*libnetsnmpagent\.so\.5 219}x; 220 221# Define interpreters we should ignore. 222$SkipInterps = qr{ 223 misc/krtld | 224 misc/amd64/krtld | 225 misc/sparcv9/krtld 226}x; 227 228# Catch libintl and libw, although ld(1) will bind to these and thus determine 229# they're needed, their content was moved into libc as of on297 build 7. 230# libthread and libpthread were completely moved into libc as of on10 build 53. 231# Also, catch libdl, whose content was moved into libc as of on10 build 49. 232$OldDeps = qr{ ^(?: 233 libintl\.so\.1 | 234 libw\.so\.1 | 235 libthread\.so\.1 | 236 libpthread\.so\.1 | 237 libdl\.so\.1 238 )$ 239}x; 240 241use Getopt::Std; 242 243# ----------------------------------------------------------------------------- 244 245# Reliably compare two OS revisions. Arguments are <ver1> <op> <ver2>. 246# <op> is the string form of a normal numeric comparison operator. 247sub cmp_os_ver { 248 my @ver1 = split(/\./, $_[0]); 249 my $op = $_[1]; 250 my @ver2 = split(/\./, $_[2]); 251 252 push @ver2, ("0") x $#ver1 - $#ver2; 253 push @ver1, ("0") x $#ver2 - $#ver1; 254 255 my $diff = 0; 256 while (@ver1 || @ver2) { 257 if (($diff = shift(@ver1) - shift(@ver2)) != 0) { 258 last; 259 } 260 } 261 return (eval "$diff $op 0" ? 1 : 0); 262} 263 264# Establish a program name for any error diagnostics. 265chomp($Prog = `basename $0`); 266 267# Determine what machinery is available. 268$Mach = `uname -p`; 269$Isalist = `isalist`; 270$Env = ""; 271if ($Mach =~ /sparc/) { 272 if ($Isalist =~ /sparcv9/) { 273 $Ena64 = "ok"; 274 } 275} elsif ($Mach =~ /i386/) { 276 if ($Isalist =~ /amd64/) { 277 $Ena64 = "ok"; 278 } 279} 280 281# Check that we have arguments. 282if ((getopts('ad:imos', \%opt) == 0) || ($#ARGV == -1)) { 283 print "usage: $Prog [-a] [-d depdir] [-m] [-o] [-s] file | dir, ...\n"; 284 print "\t[-a]\t\tprocess all files (ignore any exception lists)\n"; 285 print "\t[-d dir]\testablish dependencies from under directory\n"; 286 print "\t[-i]\t\tproduce dynamic table entry information\n"; 287 print "\t[-m]\t\tprocess mcs(1) comments\n"; 288 print "\t[-o]\t\tproduce one-liner output (prefixed with pathname)\n"; 289 print "\t[-s]\t\tprocess .stab and .symtab entries\n"; 290 exit 1; 291} else { 292 my($Proto); 293 294 if ($opt{d}) { 295 # User specified dependency directory - make sure it exists. 296 if (! -d $opt{d}) { 297 print "$Prog: $opt{d} is not a directory\n"; 298 exit 1; 299 } 300 $Proto = $opt{d}; 301 302 } elsif ($ENV{CODEMGR_WS}) { 303 my($Root); 304 305 # Without a user specified dependency directory see if we're 306 # part of a codemanager workspace and if a proto area exists. 307 if (($Root = $ENV{ROOT}) && (-d $Root)) { 308 $Proto = $Root; 309 } 310 } 311 312 if (!($Tmpdir = $ENV{TMPDIR}) || (! -d $Tmpdir)) { 313 $Tmpdir = "/tmp"; 314 } 315 316 # Look for dependencies under $Proto. 317 if ($Proto) { 318 # To support alternative dependency mapping we'll need ldd(1)'s 319 # -e option. This is relatively new (s81_30), so make sure 320 # ldd(1)is capable before gathering any dependency information. 321 if (system('ldd -e /usr/lib/lddstub 2> /dev/null')) { 322 print "ldd: does not support -e, unable to "; 323 print "create alternative dependency mappingings.\n"; 324 print "ldd: option added under 4390308 (s81_30).\n\n"; 325 } else { 326 # Gather dependencies and construct a alternative 327 # dependency mapping via a crle(1) configuration file. 328 GetDeps($Proto, "/"); 329 GenConf(); 330 } 331 } 332 333 # To support unreferenced dependency detection we'll need ldd(1)'s -U 334 # option. This is relatively new (4638070), and if not available we 335 # can still fall back to -u. Even with this option, don't use -U with 336 # releases prior to 5.10 as the cleanup for -U use only got integrated 337 # into 5.10 under 4642023. Note, that nightly doesn't typically set a 338 # RELEASE from the standard <env> files. Users who wish to disable use 339 # of ldd(1)'s -U should set (or uncomment) RELEASE in their <env> file 340 # if using nightly, or otherwise establish it in their environment. 341 if (system('ldd -U /usr/lib/lddstub 2> /dev/null')) { 342 $LddNoU = 1; 343 } else { 344 my($Release); 345 346 if (($Release = $ENV{RELEASE}) && 347 (cmp_os_ver($Release, "<", "5.10"))) { 348 $LddNoU = 1; 349 } else { 350 $LddNoU = 0; 351 } 352 } 353 354 # For each argument determine if we're dealing with a file or directory. 355 foreach my $Arg (@ARGV) { 356 # Ignore symbolic links. 357 if (-l $Arg) { 358 next; 359 } 360 361 if (!stat($Arg)) { 362 next; 363 } 364 365 # Process simple files. 366 if (-f _) { 367 my($RelPath) = $Arg; 368 my($File) = $Arg; 369 my($Secure) = 0; 370 371 $RelPath =~ s!^.*/!./!; 372 $File =~ s!^.*/!!; 373 374 if (-u _ || -g _) { 375 $Secure = 1; 376 } 377 378 ProcFile($Arg, $RelPath, $File, $Secure); 379 next; 380 } 381 # Process directories. 382 if (-d _) { 383 ProcDir($Arg, "."); 384 next; 385 } 386 387 print "$Arg is not a file or directory\n"; 388 $Error = 1; 389 } 390 391 # Cleanup 392 CleanUp(); 393} 394 395$Error = 0; 396 397# Clean up and temporary files. 398sub CleanUp { 399 if ($Crle64) { 400 unlink $Crle64; 401 } 402 if ($Conf64) { 403 unlink $Conf64; 404 } 405 if ($Crle32) { 406 unlink $Crle32; 407 } 408 if ($Conf32) { 409 unlink $Conf32; 410 } 411} 412 413# Create an output message, either a one-liner (under -o) or preceded by the 414# files relative pathname as a title. 415sub OutMsg { 416 my($Ttl, $Path, $Msg) = @_; 417 418 if ($opt{o}) { 419 $Msg =~ s/^[ \t]*//; 420 print "$Path: $Msg\n"; 421 } else { 422 if ($Ttl eq 0) { 423 print "==== $Path ====\n"; 424 } 425 print "$Msg\n"; 426 } 427} 428 429# Determine whether this a ELF dynamic object and if so investigate its runtime 430# attributes. 431sub ProcFile { 432 my($FullPath, $RelPath, $File, $Secure) = @_; 433 my(@Elf, @Ldd, $Dyn, $Intp, $Dll, $Ttl, $Sym, $Interp, $Stack); 434 my($Sun, $Relsz, $Pltsz, $Uns, $Tex, $Stab, $Strip, $Lddopt); 435 my($Val, $Header, $SkipLdd, $IsX86, $RWX); 436 437 # Ignore symbolic links. 438 if (-l $FullPath) { 439 return; 440 } 441 442 $Ttl = 0; 443 @Ldd = 0; 444 445 # Determine whether we have access to inspect the file. 446 if (!(-r $FullPath)) { 447 OutMsg($Ttl++, $RelPath, 448 "\tunable to inspect file: permission denied"); 449 return; 450 } 451 452 # Determine if this is a file we don't care about. 453 if (!$opt{a}) { 454 if ($File =~ $SkipFiles) { 455 return; 456 } 457 } 458 459 # Determine whether we have a executable (static or dynamic) or a 460 # shared object. 461 @Elf = split(/\n/, `elfdump -epdic $FullPath 2>&1`); 462 463 $Dyn = $Intp = $Dll = $Stack = $IsX86 = $RWX = 0; 464 $Interp = 1; 465 $Header = 'None'; 466 foreach my $Line (@Elf) { 467 # If we have an invalid file type (which we can tell from the 468 # first line), or we're processing an archive, bail. 469 if ($Header eq 'None') { 470 if (($Line =~ /invalid file/) || 471 ($Line =~ /$FullPath(.*):/)) { 472 return; 473 } 474 } 475 476 if ($Line =~ /^ELF Header/) { 477 $Header = 'Ehdr'; 478 479 } elsif ($Line =~ /^Program Header/) { 480 $Header = 'Phdr'; 481 $RWX = 0; 482 483 } elsif ($Line =~ /^Interpreter/) { 484 $Header = 'Intp'; 485 486 } elsif ($Line =~ /^Dynamic Section/) { 487 # A dynamic section indicates we're a dynamic object 488 # (this makes sure we don't check static executables). 489 $Dyn = 1; 490 491 } elsif (($Header eq 'Ehdr') && ($Line =~ /e_type:/)) { 492 # The e_type field indicates whether this file is a 493 # shared object (ET_DYN) or an executable (ET_EXEC). 494 if ($Line =~ /ET_DYN/) { 495 $Dll = 1; 496 } elsif ($Line !~ /ET_EXEC/) { 497 return; 498 } 499 } elsif (($Header eq 'Ehdr') && ($Line =~ /ei_class:/)) { 500 # If we encounter a 64-bit object, but we're not running 501 # on a 64-bit system, suppress calling ldd(1). 502 if (($Line =~ /ELFCLASS64/) && !$Ena64) { 503 $SkipLdd = 1; 504 } 505 } elsif (($Header eq 'Ehdr') && ($Line =~ /e_machine:/)) { 506 # If it's a X86 object, we need to enforce RW- data. 507 if (($Line =~ /(EM_AMD64|EM_386)/)) { 508 $IsX86 = 1; 509 } 510 } elsif (($Header eq 'Phdr') && 511 ($Line =~ /\[ PF_X PF_W PF_R \]/)) { 512 # RWX segment seen. 513 $RWX = 1; 514 515 } elsif (($Header eq 'Phdr') && 516 ($Line =~ /\[ PT_LOAD \]/ && $RWX && $IsX86)) { 517 # Seen an RWX PT_LOAD segment. 518 if ($File !~ $SkipNoExStkFiles) { 519 OutMsg($Ttl++, $RelPath, 520 "\tapplication requires non-executable " . 521 "data\t<no -Mmapfile_noexdata?>"); 522 } 523 524 } elsif (($Header eq 'Phdr') && 525 ($Line =~ /\[ PT_SUNWSTACK \]/)) { 526 # This object defines a non-executable stack. 527 $Stack = 1; 528 529 } elsif (($Header eq 'Intp') && !$opt{a} && 530 ($Line =~ $SkipInterps)) { 531 # This object defines an interpretor we should skip. 532 $Interp = 0; 533 } 534 } 535 536 # Determine whether this ELF executable or shared object has a 537 # conforming mcs(1) comment section. If the correct $(POST_PROCESS) 538 # macros are used, only a 3 or 4 line .comment section should exist 539 # containing one or two "@(#)SunOS" identifying comments (one comment 540 # for a non-debug build, and two for a debug build). The results of 541 # the following split should be three or four lines, the last empty 542 # line being discarded by the split. 543 if ($opt{m}) { 544 my(@Mcs, $Con, $Dev); 545 546 @Mcs = split(/\n/, `mcs -p $FullPath 2>&1`); 547 548 $Con = $Dev = $Val = 0; 549 foreach my $Line (@Mcs) { 550 $Val++; 551 552 if (($Val == 3) && ($Line !~ /^@\(#\)SunOS/)) { 553 $Con = 1; 554 last; 555 } 556 if (($Val == 4) && ($Line =~ /^@\(#\)SunOS/)) { 557 $Dev = 1; 558 next; 559 } 560 if (($Dev == 0) && ($Val == 4)) { 561 $Con = 1; 562 last; 563 } 564 if (($Dev == 1) && ($Val == 5)) { 565 $Con = 1; 566 last; 567 } 568 } 569 if ($opt{m} && ($Con == 1)) { 570 OutMsg($Ttl++, $RelPath, 571 "\tnon-conforming mcs(1) comment\t<no \$(POST_PROCESS)?>"); 572 } 573 } 574 575 # Applications should contain a non-executable stack definition. 576 if (($Dll == 0) && ($Stack == 0)) { 577 if (!$opt{a}) { 578 if ($File =~ $SkipNoExStkFiles) { 579 goto DYN; 580 } 581 } 582 OutMsg($Ttl++, $RelPath, 583 "\tapplication requires non-executable stack\t<no -Mmapfile_noexstk?>"); 584 } 585 586DYN: 587 # Having caught any static executables in the mcs(1) check and non- 588 # executable stack definition check, continue with dynamic objects 589 # from now on. 590 if ($Dyn eq 0) { 591 return; 592 } 593 594 # Only use ldd unless we've encountered an interpreter that should 595 # ne skipped. 596 if (!$SkipLdd && $Interp) { 597 if ($Secure) { 598 # The execution of a secure application over an nfs file 599 # system mounted nosuid will result in warning messages 600 # being sent to /var/adm/messages. As this type of 601 # environment can occur with root builds, move the file 602 # being investigated to a safe place first. In addition 603 # remove its secure permission so that it can be 604 # influenced by any alternative dependency mappings. 605 606 my($TmpPath) = "$Tmpdir/$File"; 607 608 system('cp', $FullPath, $TmpPath); 609 chmod 0777, $TmpPath; 610 $FullPath = $TmpPath; 611 } 612 613 # Use ldd(1) to determine the objects relocatability and use. 614 # By default look for all unreferenced dependencies. However, 615 # some objects have legitimate dependencies that they do not 616 # reference. 617 if ($LddNoU || ($File =~ $UnusedFiles) || 618 ($RelPath =~ $UnusedPaths)) { 619 $Lddopt = "-ru"; 620 } else { 621 $Lddopt = "-rU"; 622 } 623 @Ldd = split(/\n/, `ldd $Lddopt $Env $FullPath 2>&1`); 624 if ($Secure) { 625 unlink $FullPath; 626 } 627 } 628 629 $Val = 0; 630 $Sym = 5; 631 $Uns = 1; 632 633LDD: foreach my $Line (@Ldd) { 634 635 if ($Val == 0) { 636 $Val = 1; 637 # Make sure ldd(1) worked. One possible failure is that 638 # this is an old ldd(1) prior to -e addition (4390308). 639 if ($Line =~ /usage:/) { 640 $Line =~ s/$/\t<old ldd(1)?>/; 641 OutMsg($Ttl++, $RelPath, $Line); 642 last; 643 } elsif ($Line =~ /execution failed/) { 644 OutMsg($Ttl++, $RelPath, $Line); 645 last; 646 } 647 648 # It's possible this binary can't be executed, ie. we've 649 # found a sparc binary while running on an intel system, 650 # or a sparcv9 binary on a sparcv7/8 system. 651 if ($Line =~ /wrong class/) { 652 OutMsg($Ttl++, $RelPath, 653 "\thas wrong class or data encoding"); 654 next; 655 } 656 657 # Historically, ldd(1) likes executable objects to have 658 # their execute bit set. Note that this test isn't 659 # applied unless the -a option is in effect, as any 660 # non-executable files are skipped by default to reduce 661 # the cost of running this script. 662 if ($Line =~ /not executable/) { 663 OutMsg($Ttl++, $RelPath, 664 "\tis not executable"); 665 next; 666 } 667 } 668 669 # Look for "file" or "versions" that aren't found. Note that 670 # these lines will occur before we find any symbol referencing 671 # errors. 672 if (($Sym == 5) && ($Line =~ /not found\)/)) { 673 if ($Line =~ /file not found\)/) { 674 $Line =~ s/$/\t<no -zdefs?>/; 675 } 676 OutMsg($Ttl++, $RelPath, $Line); 677 next; 678 } 679 # Look for relocations whose symbols can't be found. Note, we 680 # only print out the first 5 relocations for any file as this 681 # output can be excessive. 682 if ($Sym && ($Line =~ /symbol not found/)) { 683 # Determine if this file is allowed undefined 684 # references. 685 if ($Sym == 5) { 686 if (!$opt{a}) { 687 if ($RelPath =~ $SkipUndefDirs) { 688 $Sym = 0; 689 next LDD; 690 } 691 if ($File =~ $SkipUndefFiles) { 692 $Sym = 0; 693 next LDD; 694 } 695 } 696 } 697 if ($Sym-- == 1) { 698 if (!$opt{o}) { 699 OutMsg($Ttl++, $RelPath, 700 "\tcontinued ..."); 701 } 702 next; 703 } 704 # Just print the symbol name. 705 $Line =~ s/$/\t<no -zdefs?>/; 706 OutMsg($Ttl++, $RelPath, $Line); 707 next; 708 } 709 # Look for any unused dependencies. 710 if ($Uns && ($Line =~ /unused/)) { 711 if (!$opt{a}) { 712 if ($RelPath =~ $SkipUnusedDirs) { 713 $Uns = 0; 714 next LDD; 715 } 716 if ($File =~ $SkipUnusedFiles) { 717 $Uns = 0; 718 next LDD; 719 } 720 721 # Remove any noise. 722 if ($Line =~ $UnusedNoise) { 723 $Uns = 0; 724 next LDD; 725 } 726 } 727 if ($Secure) { 728 $Line =~ s!$Tmpdir/!!; 729 } 730 $Line =~ s/^[ \t]*(.*)/\t$1\t<remove lib or -zignore?>/; 731 OutMsg($Ttl++, $RelPath, $Line); 732 next; 733 } 734 } 735 736 # Reuse the elfdump(1) data to investigate additional dynamic linking 737 # information. 738 739 $Sun = $Relsz = $Pltsz = $Dyn = $Stab = 0; 740 $Tex = $Strip = 1; 741 742 $Header = 'None'; 743ELF: foreach my $Line (@Elf) { 744 # We're only interested in the section headers and the dynamic 745 # section. 746 if ($Line =~ /^Section Header/) { 747 $Header = 'Shdr'; 748 749 if (($Sun == 0) && ($Line =~ /\.SUNW_reloc/)) { 750 # This object has a combined relocation section. 751 $Sun = 1; 752 753 } elsif (($Stab == 0) && ($Line =~ /\.stab/)) { 754 # This object contain .stabs sections 755 $Stab = 1; 756 } 757 758 if (($Strip == 1) && ($Line =~ /\.symtab/)) { 759 # This object contains a complete symbol table. 760 $Strip = 0; 761 } 762 next; 763 764 } elsif ($Line =~ /^Dynamic Section/) { 765 $Header = 'Dyn'; 766 next; 767 } elsif ($Header ne 'Dyn') { 768 next; 769 } 770 771 # Does this object contain text relocations. 772 if ($Tex && ($Line =~ /TEXTREL/)) { 773 # Determine if this file is allowed text relocations. 774 if (!$opt{a}) { 775 if ($File =~ $SkipTextrelFiles) { 776 $Tex = 0; 777 next ELF; 778 } 779 } 780 OutMsg($Ttl++, $RelPath, 781 "\tTEXTREL .dynamic tag\t\t\t<no -Kpic?>"); 782 $Tex = 0; 783 next; 784 } 785 786 # Does this file have any relocation sections (there are a few 787 # psr libraries with no relocations at all, thus a .SUNW_reloc 788 # section won't exist either). 789 if (($Relsz == 0) && ($Line =~ / RELA?SZ/)) { 790 $Relsz = hex((split(' ', $Line))[2]); 791 next; 792 } 793 794 # Does this file have any plt relocations. If the plt size is 795 # equivalent to the total relocation size then we don't have 796 # any relocations suitable for combining into a .SUNW_reloc 797 # section. 798 if (($Pltsz == 0) && ($Line =~ / PLTRELSZ/)) { 799 $Pltsz = hex((split(' ', $Line))[2]); 800 next; 801 } 802 803 # Under the -i (information) option print out any useful dynamic 804 # entries. 805 # Does this object have any dependencies. 806 if ($opt{i} && ($Line =~ /NEEDED/)) { 807 my($Need) = (split(' ', $Line))[3]; 808 809 # Catch any old (unnecessary) dependencies. 810 if ($Need =~ $OldDeps) { 811 OutMsg($Ttl++, $RelPath, 812 "\tNEEDED=$Need\t<dependency no longer necessary>"); 813 } else { 814 OutMsg($Ttl++, $RelPath, "\tNEEDED=$Need"); 815 } 816 next; 817 } 818 819 # Does this object specify a runpath. 820 if ($opt{i} && ($Line =~ /RPATH/)) { 821 my($Rpath) = (split(' ', $Line))[3]; 822 OutMsg($Ttl++, $RelPath, "\tRPATH=$Rpath"); 823 next; 824 } 825 } 826 827 # A shared object, that contains non-plt relocations, should have a 828 # combined relocation section indicating it was built with -z combreloc. 829 if ($Dll && $Relsz && ($Relsz != $Pltsz) && ($Sun == 0)) { 830 OutMsg($Ttl++, $RelPath, 831 "\tSUNW_reloc section missing\t\t<no -zcombreloc?>"); 832 } 833 834 # No objects released to a customer should have any .stabs sections 835 # remaining, they should be stripped. 836 if ($opt{s} && $Stab) { 837 if (!$opt{a}) { 838 if ($File =~ $SkipStabFiles) { 839 goto DONESTAB; 840 } 841 } 842 OutMsg($Ttl++, $RelPath, 843 "\tdebugging sections should be deleted\t<no strip -x?>"); 844 } 845 846DONESTAB: 847 848 # All objects should have a full symbol table to provide complete 849 # debugging stack traces. 850 if ($Strip) { 851 OutMsg($Ttl++, $RelPath, 852 "\tsymbol table should not be stripped\t<remove -s?>"); 853 } 854} 855 856 857sub ProcDir { 858 my($FullDir, $RelDir) = @_; 859 my($NewFull, $NewRel); 860 861 # Determine if this is a directory we don't care about. 862 if (!$opt{a}) { 863 if ($RelDir =~ $SkipDirs) { 864 return; 865 } 866 } 867 868 # Open the directory and read each entry, omit files starting with "." 869 if (opendir(DIR, $FullDir)) { 870 foreach my $Entry (readdir(DIR)) { 871 if ($Entry =~ /^\./) { 872 next; 873 } 874 $NewFull = "$FullDir/$Entry"; 875 876 # Ignore symlinks. 877 if (-l $NewFull) { 878 next; 879 } 880 if (!stat($NewFull)) { 881 next; 882 } 883 $NewRel = "$RelDir/$Entry"; 884 885 # Descend into and process any directories. 886 if (-d _) { 887 ProcDir($NewFull, $NewRel); 888 next; 889 } 890 891 # Typically dynamic objects are executable, so we can 892 # reduce the overall cost of this script (a lot!) by 893 # screening out non-executables here, rather than pass 894 # them to file(1) later. However, it has been known 895 # for shared objects to be mistakenly left non- 896 # executable, so with -a let all files through so that 897 # this requirement can be verified (see ProcFile()). 898 if (!$opt{a}) { 899 if (! -x _) { 900 next; 901 } 902 } 903 904 # Process any standard files. 905 if (-f _) { 906 my($Secure) = 0; 907 908 if (-u _ || -g _) { 909 $Secure = 1; 910 } 911 912 ProcFile($NewFull, $NewRel, $Entry, $Secure); 913 next; 914 } 915 916 } 917 closedir(DIR); 918 } 919} 920 921# Create a crle(1) script for any 64-bit dependencies we locate. A runtime 922# configuration file will be generated to establish alternative dependency 923# mappings for all these dependencies. 924 925sub Entercrle64 { 926 my($FullDir, $RelDir, $Entry) = @_; 927 928 if (!$Crle64) { 929 # Create and initialize the script if is doesn't already exit. 930 931 $Crle64 = "$Tmpdir/$Prog.crle64.$$"; 932 open(CRLE64, "> $Crle64") || 933 die "$Prog: open failed: $Crle64: $!"; 934 935 print CRLE64 "#!/bin/sh\ncrle -64\\\n"; 936 } 937 print CRLE64 "\t-o $FullDir -a $RelDir/$Entry \\\n"; 938} 939 940# Create a crle(1) script for any 32-bit dependencies we locate. A runtime 941# configuration file will be generated to establish alternative dependency 942# mappings for all these dependencies. 943 944sub Entercrle32 { 945 my($FullDir, $RelDir, $Entry) = @_; 946 947 if (!$Crle32) { 948 # Create and initialize the script if is doesn't already exit. 949 950 $Crle32 = "$Tmpdir/$Prog.crle32.$$"; 951 open(CRLE32, "> $Crle32") || 952 die "$Prog: open failed: $Crle32: $!"; 953 954 print CRLE32 "#!/bin/sh\ncrle \\\n"; 955 } 956 print CRLE32 "\t-o $FullDir -a $RelDir/$Entry \\\n"; 957} 958 959# Having finished gathering dependencies, complete any crle(1) scripts and 960# execute them to generate the associated runtime configuration files. In 961# addition establish the environment variable required to pass the configuration 962# files to ldd(1). 963 964sub GenConf { 965 if ($Crle64) { 966 $Conf64 = "$Tmpdir/$Prog.conf64.$$"; 967 print CRLE64 "\t-c $Conf64\n"; 968 969 chmod 0755, $Crle64; 970 close CRLE64; 971 972 if (system($Crle64)) { 973 undef $Conf64; 974 } 975 } 976 if ($Crle32) { 977 $Conf32 = "$Tmpdir/$Prog.conf32.$$"; 978 print CRLE32 "\t-c $Conf32\n"; 979 980 chmod 0755, $Crle32; 981 close CRLE32; 982 983 if (system($Crle32)) { 984 undef $Conf32; 985 } 986 } 987 988 if ($Crle64 && $Conf64 && $Crle32 && $Conf32) { 989 $Env = "-e LD_FLAGS=config_64=$Conf64,config_32=$Conf32"; 990 } elsif ($Crle64 && $Conf64) { 991 $Env = "-e LD_FLAGS=config_64=$Conf64"; 992 } elsif ($Crle32 && $Conf32) { 993 $Env = "-e LD_FLAGS=config_32=$Conf32"; 994 } 995} 996 997# Recurse through a directory hierarchy looking for appropriate dependencies. 998 999sub GetDeps { 1000 my($FullDir, $RelDir) = @_; 1001 my($NewFull); 1002 1003 # Open the directory and read each entry, omit files starting with "." 1004 if (opendir(DIR, $FullDir)) { 1005 foreach my $Entry (readdir(DIR)) { 1006 if ($Entry =~ /^\./) { 1007 next; 1008 } 1009 $NewFull = "$FullDir/$Entry"; 1010 1011 # We need to follow links so that any dependencies 1012 # are expressed in all their available forms. 1013 # Bail on symlinks like 32 -> . 1014 if (-l $NewFull) { 1015 if (readlink($NewFull) =~ /^\.$/) { 1016 next; 1017 } 1018 } 1019 if (!stat($NewFull)) { 1020 next; 1021 } 1022 1023 # If this is a directory descend into it. 1024 if (-d _) { 1025 my($NewRel); 1026 1027 if ($RelDir =~ /^\/$/) { 1028 $NewRel = "$RelDir$Entry"; 1029 } else { 1030 $NewRel = "$RelDir/$Entry"; 1031 } 1032 1033 GetDeps($NewFull, $NewRel); 1034 next; 1035 } 1036 1037 # If this is a regular file determine if its a 1038 # valid ELF dependency. 1039 if (-f _) { 1040 my($File); 1041 1042 # Typically shared object dependencies end with 1043 # ".so" or ".so.?", hence we can reduce the cost 1044 # of this script (a lot!) by screening out files 1045 # that don't follow this pattern. 1046 if (!$opt{a}) { 1047 if ($Entry !~ /\.so(?:\.\d+)*$/) { 1048 next; 1049 } 1050 } 1051 1052 $File = `file $NewFull`; 1053 if ($File !~ /dynamic lib/) { 1054 next; 1055 } 1056 1057 if ($File =~ /32-bit/) { 1058 Entercrle32($FullDir, $RelDir, $Entry); 1059 } elsif ($Ena64) { 1060 Entercrle64($FullDir, $RelDir, $Entry); 1061 } 1062 next; 1063 } 1064 } 1065 closedir(DIR); 1066 } 1067} 1068exit $Error 1069