1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 1988 AT&T 24 * All Rights Reserved 25 * 26 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 27 * Use is subject to license terms. 28 */ 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 /* 32 * Object file dependent support for ELF objects. 33 */ 34 #include "_synonyms.h" 35 36 #include <stdio.h> 37 #include <sys/procfs.h> 38 #include <sys/mman.h> 39 #include <sys/debug.h> 40 #include <string.h> 41 #include <limits.h> 42 #include <dlfcn.h> 43 #include <debug.h> 44 #include <conv.h> 45 #include "_rtld.h" 46 #include "_audit.h" 47 #include "_elf.h" 48 #include "msg.h" 49 50 /* 51 * Default and secure dependency search paths. 52 */ 53 static Pnode elf_dflt_dirs[] = { 54 #if defined(_ELF64) 55 #ifndef SGS_PRE_UNIFIED_PROCESS 56 { MSG_ORIG(MSG_PTH_LIB_64), 0, MSG_PTH_LIB_64_SIZE, 57 LA_SER_DEFAULT, 0, &elf_dflt_dirs[1] }, 58 #endif 59 { MSG_ORIG(MSG_PTH_USRLIB_64), 0, MSG_PTH_USRLIB_64_SIZE, 60 LA_SER_DEFAULT, 0, 0 } 61 #else 62 #ifndef SGS_PRE_UNIFIED_PROCESS 63 { MSG_ORIG(MSG_PTH_LIB), 0, MSG_PTH_LIB_SIZE, 64 LA_SER_DEFAULT, 0, &elf_dflt_dirs[1] }, 65 #endif 66 { MSG_ORIG(MSG_PTH_USRLIB), 0, MSG_PTH_USRLIB_SIZE, 67 LA_SER_DEFAULT, 0, 0 } 68 #endif 69 }; 70 71 static Pnode elf_secure_dirs[] = { 72 #if defined(_ELF64) 73 #ifndef SGS_PRE_UNIFIED_PROCESS 74 { MSG_ORIG(MSG_PTH_LIBSE_64), 0, MSG_PTH_LIBSE_64_SIZE, 75 LA_SER_SECURE, 0, &elf_secure_dirs[1] }, 76 #endif 77 { MSG_ORIG(MSG_PTH_USRLIBSE_64), 0, 78 MSG_PTH_USRLIBSE_64_SIZE, 79 LA_SER_SECURE, 0, 0 } 80 #else 81 #ifndef SGS_PRE_UNIFIED_PROCESS 82 { MSG_ORIG(MSG_PTH_LIBSE), 0, MSG_PTH_LIBSE_SIZE, 83 LA_SER_SECURE, 0, &elf_secure_dirs[1] }, 84 #endif 85 { MSG_ORIG(MSG_PTH_USRLIBSE), 0, MSG_PTH_USRLIBSE_SIZE, 86 LA_SER_SECURE, 0, 0 } 87 #endif 88 }; 89 90 /* 91 * Defines for local functions. 92 */ 93 static Pnode *elf_fix_name(const char *, Rt_map *, uint_t); 94 static int elf_are_u(Rej_desc *); 95 static void elf_dladdr(ulong_t, Rt_map *, Dl_info *, void **, int); 96 static ulong_t elf_entry_pt(void); 97 static char *elf_get_so(const char *, const char *); 98 static Rt_map *elf_map_so(Lm_list *, Aliste, const char *, const char *, int); 99 static int elf_needed(Lm_list *, Aliste, Rt_map *); 100 static void elf_unmap_so(Rt_map *); 101 static int elf_verify_vers(const char *, Rt_map *, Rt_map *); 102 103 /* 104 * Functions and data accessed through indirect pointers. 105 */ 106 Fct elf_fct = { 107 elf_are_u, 108 elf_entry_pt, 109 elf_map_so, 110 elf_unmap_so, 111 elf_needed, 112 lookup_sym, 113 elf_reloc, 114 elf_dflt_dirs, 115 elf_secure_dirs, 116 elf_fix_name, 117 elf_get_so, 118 elf_dladdr, 119 dlsym_handle, 120 elf_verify_vers, 121 elf_set_prot 122 }; 123 124 125 /* 126 * Redefine NEEDED name if necessary. 127 */ 128 static Pnode * 129 elf_fix_name(const char *name, Rt_map *clmp, uint_t orig) 130 { 131 /* 132 * For ABI compliance, if we are asked for ld.so.1, then really give 133 * them libsys.so.1 (the SONAME of libsys.so.1 is ld.so.1). 134 */ 135 if (((*name == '/') && 136 #if defined(_ELF64) 137 (strcmp(name, MSG_ORIG(MSG_PTH_RTLD_64)) == 0)) || 138 #else 139 (strcmp(name, MSG_ORIG(MSG_PTH_RTLD)) == 0)) || 140 #endif 141 (strcmp(name, MSG_ORIG(MSG_FIL_RTLD)) == 0)) { 142 Pnode *pnp; 143 144 DBG_CALL(Dbg_file_fixname(LIST(clmp), name, 145 MSG_ORIG(MSG_PTH_LIBSYS))); 146 if (((pnp = calloc(sizeof (Pnode), 1)) == 0) || 147 ((pnp->p_name = strdup(MSG_ORIG(MSG_PTH_LIBSYS))) == 0)) { 148 if (pnp) 149 free(pnp); 150 return (0); 151 } 152 pnp->p_len = MSG_PTH_LIBSYS_SIZE; 153 pnp->p_orig = (orig & PN_SER_MASK); 154 return (pnp); 155 } 156 157 return (expand_paths(clmp, name, orig, 0)); 158 } 159 160 /* 161 * Determine if we have been given an ELF file and if so determine if the file 162 * is compatible. Returns 1 if true, else 0 and sets the reject descriptor 163 * with associated error information. 164 */ 165 static int 166 elf_are_u(Rej_desc *rej) 167 { 168 Ehdr *ehdr; 169 170 /* 171 * Determine if we're an elf file. If not simply return, we don't set 172 * any rejection information as this test allows use to scroll through 173 * the objects we support (ELF, AOUT). 174 */ 175 if (fmap->fm_fsize < sizeof (Ehdr) || 176 fmap->fm_maddr[EI_MAG0] != ELFMAG0 || 177 fmap->fm_maddr[EI_MAG1] != ELFMAG1 || 178 fmap->fm_maddr[EI_MAG2] != ELFMAG2 || 179 fmap->fm_maddr[EI_MAG3] != ELFMAG3) { 180 return (0); 181 } 182 183 /* 184 * Check class and encoding. 185 */ 186 /* LINTED */ 187 ehdr = (Ehdr *)fmap->fm_maddr; 188 if (ehdr->e_ident[EI_CLASS] != M_CLASS) { 189 rej->rej_type = SGS_REJ_CLASS; 190 rej->rej_info = (uint_t)ehdr->e_ident[EI_CLASS]; 191 return (0); 192 } 193 if (ehdr->e_ident[EI_DATA] != M_DATA) { 194 rej->rej_type = SGS_REJ_DATA; 195 rej->rej_info = (uint_t)ehdr->e_ident[EI_DATA]; 196 return (0); 197 } 198 if ((ehdr->e_type != ET_REL) && (ehdr->e_type != ET_EXEC) && 199 (ehdr->e_type != ET_DYN)) { 200 rej->rej_type = SGS_REJ_TYPE; 201 rej->rej_info = (uint_t)ehdr->e_type; 202 return (0); 203 } 204 205 /* 206 * Verify machine specific flags, and hardware capability requirements. 207 */ 208 if ((elf_mach_flags_check(rej, ehdr) == 0) || 209 ((rtld_flags2 & RT_FL2_HWCAP) && (hwcap_check(rej, ehdr) == 0))) 210 return (0); 211 212 /* 213 * Verify ELF version. ??? is this too restrictive ??? 214 */ 215 if (ehdr->e_version > EV_CURRENT) { 216 rej->rej_type = SGS_REJ_VERSION; 217 rej->rej_info = (uint_t)ehdr->e_version; 218 return (0); 219 } 220 return (1); 221 } 222 223 /* 224 * The runtime linker employs lazy loading to provide the libraries needed for 225 * debugging, preloading .o's and dldump(). As these are seldom used, the 226 * standard startup of ld.so.1 doesn't initialize all the information necessary 227 * to perform plt relocation on ld.so.1's link-map. The first time lazy loading 228 * is called we get here to perform these initializations: 229 * 230 * o elf_needed() is called to set up the DYNINFO() indexes for each lazy 231 * dependency. Typically, for all other objects, this is called during 232 * analyze_so(), but as ld.so.1 is set-contained we skip this processing. 233 * 234 * o For intel, ld.so.1's JMPSLOT relocations need relative updates. These 235 * are by default skipped thus delaying all relative relocation processing 236 * on every invocation of ld.so.1. 237 */ 238 int 239 elf_rtld_load() 240 { 241 Lm_list *lml = &lml_rtld; 242 Rt_map *lmp = lml->lm_head; 243 244 if (lml->lm_flags & LML_FLG_PLTREL) 245 return (1); 246 247 /* 248 * As we need to refer to the DYNINFO() information, insure that it has 249 * been initialized. 250 */ 251 if (elf_needed(lml, ALO_DATA, lmp) == 0) 252 return (0); 253 254 #if defined(__i386) 255 /* 256 * This is a kludge to give ld.so.1 a performance benefit on i386. 257 * It's based around two factors. 258 * 259 * o JMPSLOT relocations (PLT's) actually need a relative relocation 260 * applied to the GOT entry so that they can find PLT0. 261 * 262 * o ld.so.1 does not exercise *any* PLT's before it has made a call 263 * to elf_lazy_load(). This is because all dynamic dependencies 264 * are recorded as lazy dependencies. 265 */ 266 (void) elf_reloc_relacount((ulong_t)JMPREL(lmp), 267 (ulong_t)(PLTRELSZ(lmp) / RELENT(lmp)), (ulong_t)RELENT(lmp), 268 (ulong_t)ADDR(lmp)); 269 #endif 270 271 lml->lm_flags |= LML_FLG_PLTREL; 272 return (1); 273 } 274 275 /* 276 * Lazy load an object. 277 */ 278 Rt_map * 279 elf_lazy_load(Rt_map *clmp, uint_t ndx, const char *sym) 280 { 281 Rt_map *nlmp, *hlmp; 282 Dyninfo *dip = &DYNINFO(clmp)[ndx]; 283 uint_t flags = 0; 284 Pnode *pnp; 285 const char *name; 286 Lm_list *lml = LIST(clmp); 287 Lm_cntl *lmc; 288 Aliste lmco; 289 290 /* 291 * If this dependency has already been processed, we're done. 292 */ 293 if (((nlmp = (Rt_map *)dip->di_info) != 0) || 294 (dip->di_flags & FLG_DI_PROCESSD)) 295 return (nlmp); 296 297 /* 298 * Determine the initial dependency name, and indicate that this 299 * dependencies processing has initiated. 300 */ 301 name = STRTAB(clmp) + DYN(clmp)[ndx].d_un.d_val; 302 DBG_CALL(Dbg_file_lazyload(clmp, name, sym)); 303 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 304 dip->di_flags |= FLG_DI_PROCESSD; 305 306 if (dip->di_flags & FLG_DI_GROUP) 307 flags |= (FLG_RT_SETGROUP | FLG_RT_HANDLE); 308 309 /* 310 * Expand the requested name if necessary. 311 */ 312 if ((pnp = elf_fix_name(name, clmp, PN_SER_NEEDED)) == 0) 313 return (0); 314 315 /* 316 * Provided the object on the head of the link-map has completed its 317 * relocation, create a new link-map control list for this request. 318 */ 319 hlmp = lml->lm_head; 320 if (FLAGS(hlmp) & FLG_RT_RELOCED) { 321 if ((lmc = alist_append(&(lml->lm_lists), 0, sizeof (Lm_cntl), 322 AL_CNT_LMLISTS)) == 0) { 323 remove_pnode(pnp); 324 return (0); 325 } 326 lmco = (Aliste)((char *)lmc - (char *)lml->lm_lists); 327 } else { 328 lmc = 0; 329 lmco = ALO_DATA; 330 } 331 332 /* 333 * Load the associated object. 334 */ 335 dip->di_info = nlmp = 336 load_one(lml, lmco, pnp, clmp, MODE(clmp), flags, 0); 337 338 /* 339 * Remove any expanded pathname infrastructure. Reduce the pending lazy 340 * dependency count of the caller, together with the link-map lists 341 * count of objects that still have lazy dependencies pending. 342 */ 343 remove_pnode(pnp); 344 if (--LAZY(clmp) == 0) 345 LIST(clmp)->lm_lazy--; 346 347 /* 348 * Finish processing the objects associated with this request, and 349 * create an association between the caller and this dependency. 350 */ 351 if (nlmp && (((analyze_lmc(lml, lmco, nlmp) == 0)) || 352 (relocate_lmc(lml, lmco, clmp, nlmp) == 0) || 353 (bind_one(clmp, nlmp, BND_NEEDED) == 0))) 354 dip->di_info = nlmp = 0; 355 356 /* 357 * If this lazyload has failed, and we've created a new link-map 358 * control list to which this request has added objects, then remove 359 * all the objects that have been associated to this request. 360 */ 361 if ((nlmp == 0) && lmc && lmc->lc_head) 362 remove_lmc(lml, clmp, lmc, lmco, name); 363 364 /* 365 * Finally, remove any link-map control list that was created. 366 */ 367 if (lmc) 368 remove_cntl(lml, lmco); 369 370 return (nlmp); 371 } 372 373 /* 374 * Return the entry point of the ELF executable. 375 */ 376 static ulong_t 377 elf_entry_pt(void) 378 { 379 return (ENTRY(lml_main.lm_head)); 380 } 381 382 /* 383 * Unmap a given ELF shared object from the address space. 384 */ 385 static void 386 elf_unmap_so(Rt_map *lmp) 387 { 388 caddr_t addr; 389 size_t size; 390 Mmap *mmaps; 391 392 /* 393 * If this link map represents a relocatable object concatenation, then 394 * the image was simply generated in allocated memory. Free the memory. 395 * 396 * Note: the memory was originally allocated in the libelf:_elf_outmap 397 * routine and would normally have been free'd in elf_outsync(), but 398 * because we 'interpose' on that routine the memory wasn't free'd at 399 * that time. 400 */ 401 if (FLAGS(lmp) & FLG_RT_IMGALLOC) { 402 free((void *)ADDR(lmp)); 403 return; 404 } 405 406 /* 407 * If padding was enabled via rtld_db, then we have at least one page 408 * in front of the image - and possibly a trailing page. 409 * Unmap the front page first: 410 */ 411 if (PADSTART(lmp) != ADDR(lmp)) { 412 addr = (caddr_t)M_PTRUNC(PADSTART(lmp)); 413 size = ADDR(lmp) - (ulong_t)addr; 414 (void) munmap(addr, size); 415 } 416 417 /* 418 * Unmap any trailing padding. 419 */ 420 if (M_PROUND((PADSTART(lmp) + PADIMLEN(lmp))) > 421 M_PROUND(ADDR(lmp) + MSIZE(lmp))) { 422 addr = (caddr_t)M_PROUND(ADDR(lmp) + MSIZE(lmp)); 423 size = M_PROUND(PADSTART(lmp) + PADIMLEN(lmp)) - (ulong_t)addr; 424 (void) munmap(addr, size); 425 } 426 427 /* 428 * Unmmap all mapped segments. 429 */ 430 for (mmaps = MMAPS(lmp); mmaps->m_vaddr; mmaps++) 431 (void) munmap(mmaps->m_vaddr, mmaps->m_msize); 432 } 433 434 /* 435 * Determine if a dependency requires a particular version and if so verify 436 * that the version exists in the dependency. 437 */ 438 static int 439 elf_verify_vers(const char *name, Rt_map *clmp, Rt_map *nlmp) 440 { 441 Verneed *vnd = VERNEED(clmp); 442 int _num, num = VERNEEDNUM(clmp); 443 char *cstrs = (char *)STRTAB(clmp); 444 Lm_list *lml = LIST(clmp); 445 446 /* 447 * Traverse the callers version needed information and determine if any 448 * specific versions are required from the dependency. 449 */ 450 DBG_CALL(Dbg_ver_need_title(LIST(clmp), NAME(clmp))); 451 for (_num = 1; _num <= num; _num++, 452 vnd = (Verneed *)((Xword)vnd + vnd->vn_next)) { 453 Half cnt = vnd->vn_cnt; 454 Vernaux *vnap; 455 char *nstrs, *need; 456 457 /* 458 * Determine if a needed entry matches this dependency. 459 */ 460 need = (char *)(cstrs + vnd->vn_file); 461 if (strcmp(name, need) != 0) 462 continue; 463 464 if ((lml->lm_flags & LML_FLG_TRC_VERBOSE) && 465 ((FLAGS1(clmp) & FL1_RT_LDDSTUB) == 0)) 466 (void) printf(MSG_INTL(MSG_LDD_VER_FIND), name); 467 468 /* 469 * Validate that each version required actually exists in the 470 * dependency. 471 */ 472 nstrs = (char *)STRTAB(nlmp); 473 474 for (vnap = (Vernaux *)((Xword)vnd + vnd->vn_aux); cnt; 475 cnt--, vnap = (Vernaux *)((Xword)vnap + vnap->vna_next)) { 476 char *version, *define; 477 Verdef *vdf = VERDEF(nlmp); 478 ulong_t _num, num = VERDEFNUM(nlmp); 479 int found = 0; 480 481 version = (char *)(cstrs + vnap->vna_name); 482 DBG_CALL(Dbg_ver_need_entry(lml, 0, need, version)); 483 484 for (_num = 1; _num <= num; _num++, 485 vdf = (Verdef *)((Xword)vdf + vdf->vd_next)) { 486 Verdaux *vdap; 487 488 if (vnap->vna_hash != vdf->vd_hash) 489 continue; 490 491 vdap = (Verdaux *)((Xword)vdf + vdf->vd_aux); 492 define = (char *)(nstrs + vdap->vda_name); 493 if (strcmp(version, define) != 0) 494 continue; 495 496 found++; 497 break; 498 } 499 500 /* 501 * If we're being traced print out any matched version 502 * when the verbose (-v) option is in effect. Always 503 * print any unmatched versions. 504 */ 505 if (lml->lm_flags & LML_FLG_TRC_ENABLE) { 506 if (found) { 507 if (!(lml->lm_flags & LML_FLG_TRC_VERBOSE)) 508 continue; 509 510 (void) printf(MSG_ORIG(MSG_LDD_VER_FOUND), 511 need, version, NAME(nlmp)); 512 } else { 513 if (rtld_flags & RT_FL_SILENCERR) 514 continue; 515 516 (void) printf(MSG_INTL(MSG_LDD_VER_NFOUND), 517 need, version); 518 } 519 continue; 520 } 521 522 /* 523 * If the version hasn't been found then this is a 524 * candidate for a fatal error condition. Weak 525 * version definition requirements are silently 526 * ignored. Also, if the image inspected for a version 527 * definition has no versioning recorded at all then 528 * silently ignore this (this provides better backward 529 * compatibility to old images created prior to 530 * versioning being available). Both of these skipped 531 * diagnostics are available under tracing (see above). 532 */ 533 if ((found == 0) && (num != 0) && 534 (!(vnap->vna_flags & VER_FLG_WEAK))) { 535 eprintf(lml, ERR_FATAL, 536 MSG_INTL(MSG_VER_NFOUND), need, version, 537 NAME(clmp)); 538 return (0); 539 } 540 } 541 } 542 DBG_CALL(Dbg_util_nl(lml, DBG_NL_STD)); 543 return (1); 544 } 545 546 /* 547 * Search through the dynamic section for DT_NEEDED entries and perform one 548 * of two functions. If only the first argument is specified then load the 549 * defined shared object, otherwise add the link map representing the defined 550 * link map the the dlopen list. 551 */ 552 static int 553 elf_needed(Lm_list *lml, Aliste lmco, Rt_map *clmp) 554 { 555 Dyn *dyn; 556 ulong_t ndx = 0; 557 uint_t lazy = 0, flags = 0; 558 Word lmflags = lml->lm_flags; 559 Word lmtflags = lml->lm_tflags; 560 561 /* 562 * Process each shared object on needed list. 563 */ 564 if (DYN(clmp) == 0) 565 return (1); 566 567 for (dyn = (Dyn *)DYN(clmp); dyn->d_tag != DT_NULL; dyn++, ndx++) { 568 Dyninfo *dip = &DYNINFO(clmp)[ndx]; 569 Rt_map *nlmp = 0; 570 char *name; 571 int silent = 0; 572 Pnode *pnp; 573 574 switch (dyn->d_tag) { 575 case DT_POSFLAG_1: 576 if ((dyn->d_un.d_val & DF_P1_LAZYLOAD) && 577 !(lmtflags & LML_TFLG_NOLAZYLD)) 578 lazy = 1; 579 if (dyn->d_un.d_val & DF_P1_GROUPPERM) 580 flags = (FLG_RT_SETGROUP | FLG_RT_HANDLE); 581 continue; 582 case DT_NEEDED: 583 case DT_USED: 584 dip->di_flags |= FLG_DI_NEEDED; 585 if (flags) 586 dip->di_flags |= FLG_DI_GROUP; 587 588 name = (char *)STRTAB(clmp) + dyn->d_un.d_val; 589 590 /* 591 * NOTE, libc.so.1 can't be lazy loaded. Although a 592 * lazy position flag won't be produced when a RTLDINFO 593 * .dynamic entry is found (introduced with the UPM in 594 * Solaris 10), it was possible to mark libc for lazy 595 * loading on previous releases. To reduce the overhead 596 * of testing for this occurrence, only carry out this 597 * check for the first object on the link-map list 598 * (there aren't many applications built without libc). 599 */ 600 if (lazy && (lml->lm_head == clmp) && 601 (strcmp(name, MSG_ORIG(MSG_FIL_LIBC)) == 0)) 602 lazy = 0; 603 604 /* 605 * Don't bring in lazy loaded objects yet unless we've 606 * been asked to attempt to load all available objects 607 * (crle(1) sets LD_FLAGS=loadavail). Even under 608 * RTLD_NOW we don't process this - RTLD_NOW will cause 609 * relocation processing which in turn might trigger 610 * lazy loading, but its possible that the object has a 611 * lazy loaded file with no bindings (i.e., it should 612 * never have been a dependency in the first place). 613 */ 614 if (lazy) { 615 if ((lmflags & LML_FLG_LOADAVAIL) == 0) { 616 LAZY(clmp)++; 617 lazy = flags = 0; 618 continue; 619 } 620 621 /* 622 * Silence any error messages - see description 623 * under elf_lookup_filtee(). 624 */ 625 if ((rtld_flags & RT_FL_SILENCERR) == 0) { 626 rtld_flags |= RT_FL_SILENCERR; 627 silent = 1; 628 } 629 } 630 break; 631 case DT_AUXILIARY: 632 dip->di_flags |= FLG_DI_AUXFLTR; 633 lazy = flags = 0; 634 continue; 635 case DT_SUNW_AUXILIARY: 636 dip->di_flags |= (FLG_DI_AUXFLTR | FLG_DI_SYMFLTR); 637 lazy = flags = 0; 638 continue; 639 case DT_FILTER: 640 dip->di_flags |= FLG_DI_STDFLTR; 641 lazy = flags = 0; 642 continue; 643 case DT_SUNW_FILTER: 644 dip->di_flags |= (FLG_DI_STDFLTR | FLG_DI_SYMFLTR); 645 lazy = flags = 0; 646 continue; 647 default: 648 lazy = flags = 0; 649 continue; 650 } 651 652 DBG_CALL(Dbg_file_needed(clmp, name)); 653 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 654 dip->di_flags |= FLG_DI_PROCESSD; 655 656 /* 657 * Establish the objects name, load it and establish a binding 658 * with the caller. 659 */ 660 if (((pnp = elf_fix_name(name, clmp, PN_SER_NEEDED)) == 0) || 661 ((nlmp = load_one(lml, lmco, pnp, clmp, MODE(clmp), 662 flags, 0)) == 0) || (bind_one(clmp, nlmp, BND_NEEDED) == 0)) 663 nlmp = 0; 664 665 /* 666 * Clean up any infrastructure, including the removal of the 667 * error suppression state, if it had been previously set in 668 * this routine. 669 */ 670 if (pnp) 671 remove_pnode(pnp); 672 if (silent) 673 rtld_flags &= ~RT_FL_SILENCERR; 674 lazy = flags = 0; 675 if ((dip->di_info = (void *)nlmp) == 0) { 676 /* 677 * If the object could not be mapped, continue if error 678 * suppression is established or we're here with ldd(1). 679 */ 680 if ((MODE(clmp) & RTLD_CONFGEN) || (lmflags & 681 (LML_FLG_LOADAVAIL | LML_FLG_TRC_ENABLE))) 682 continue; 683 else 684 return (0); 685 } 686 } 687 688 if (LAZY(clmp)) 689 lml->lm_lazy++; 690 691 return (1); 692 } 693 694 static int 695 elf_map_check(Lm_list *lml, const char *name, caddr_t vaddr, Off size) 696 { 697 prmap_t *maps, *_maps; 698 int pfd, num, _num; 699 caddr_t eaddr = vaddr + size; 700 int err; 701 702 /* 703 * If memory reservations have been established for alternative objects 704 * determine if this object falls within the reservation, if it does no 705 * further checking is required. 706 */ 707 if (rtld_flags & RT_FL_MEMRESV) { 708 Rtc_head *head = (Rtc_head *)config->c_bgn; 709 710 if ((vaddr >= (caddr_t)(uintptr_t)head->ch_resbgn) && 711 (eaddr <= (caddr_t)(uintptr_t)head->ch_resend)) 712 return (0); 713 } 714 715 /* 716 * Determine the mappings presently in use by this process. 717 */ 718 if ((pfd = pr_open(lml)) == FD_UNAVAIL) 719 return (1); 720 721 if (ioctl(pfd, PIOCNMAP, (void *)&num) == -1) { 722 err = errno; 723 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_PROC), name, 724 strerror(err)); 725 return (1); 726 } 727 728 if ((maps = malloc((num + 1) * sizeof (prmap_t))) == 0) 729 return (1); 730 731 if (ioctl(pfd, PIOCMAP, (void *)maps) == -1) { 732 err = errno; 733 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_PROC), name, 734 strerror(err)); 735 free(maps); 736 return (1); 737 } 738 739 /* 740 * Determine if the supplied address clashes with any of the present 741 * process mappings. 742 */ 743 for (_num = 0, _maps = maps; _num < num; _num++, _maps++) { 744 caddr_t _eaddr = _maps->pr_vaddr + _maps->pr_size; 745 Rt_map *lmp; 746 const char *str; 747 748 if ((eaddr < _maps->pr_vaddr) || (vaddr >= _eaddr)) 749 continue; 750 751 /* 752 * We have a memory clash. See if one of the known dynamic 753 * dependency mappings represents this space so as to provide 754 * the user a more meaningful message. 755 */ 756 if ((lmp = _caller(vaddr, 0)) != 0) 757 str = NAME(lmp); 758 else 759 str = MSG_INTL(MSG_STR_UNKNOWN); 760 761 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_MAPINUSE), name, 762 EC_NATPTR(vaddr), EC_OFF(size), str); 763 return (1); 764 } 765 free(maps); 766 return (0); 767 } 768 769 /* 770 * Obtain a memory reservation. On newer systems, both MAP_ANON and MAP_ALIGN 771 * are used to obtained an aligned reservation from anonymous memory. If 772 * MAP_ANON isn't available, then MAP_ALIGN isn't either, so obtain a standard 773 * reservation using the file as backing. 774 */ 775 static Am_ret 776 elf_map_reserve(Lm_list *lml, const char *name, caddr_t *maddr, Off msize, 777 int mperm, int fd, Xword align) 778 { 779 Am_ret amret; 780 int mflag = MAP_PRIVATE | MAP_NORESERVE; 781 782 #if defined(MAP_ALIGN) 783 if ((rtld_flags2 & RT_FL2_NOMALIGN) == 0) { 784 mflag |= MAP_ALIGN; 785 *maddr = (caddr_t)align; 786 } 787 #endif 788 if ((amret = anon_map(lml, maddr, msize, PROT_NONE, mflag)) == AM_ERROR) 789 return (amret); 790 791 if (amret == AM_OK) 792 return (AM_OK); 793 794 /* 795 * If an anonymous memory request failed (which should only be the 796 * case if it is unsupported on the system we're running on), establish 797 * the initial mapping directly from the file. 798 */ 799 *maddr = 0; 800 if ((*maddr = mmap(*maddr, msize, mperm, MAP_PRIVATE, 801 fd, 0)) == MAP_FAILED) { 802 int err = errno; 803 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_MMAP), name, 804 strerror(err)); 805 return (AM_ERROR); 806 } 807 return (AM_NOSUP); 808 } 809 810 static void * 811 elf_map_textdata(caddr_t addr, Off flen, int mperm, int phdr_mperm, int mflag, 812 int fd, Off foff) 813 { 814 #if defined(MAP_TEXT) && defined(MAP_INITDATA) 815 static int notd = 0; 816 817 /* 818 * If MAP_TEXT and MAP_INITDATA are available, select the appropriate 819 * flag. 820 */ 821 if (notd == 0) { 822 if ((phdr_mperm & (PROT_WRITE | PROT_EXEC)) == PROT_EXEC) 823 mflag |= MAP_TEXT; 824 else 825 mflag |= MAP_INITDATA; 826 } 827 #endif 828 if (mmap((caddr_t)addr, flen, mperm, mflag, fd, foff) != MAP_FAILED) 829 return (0); 830 831 #if defined(MAP_TEXT) && defined(MAP_INITDATA) 832 if ((notd == 0) && (errno == EINVAL)) { 833 /* 834 * MAP_TEXT and MAP_INITDATA may not be supported on this 835 * platform, try again without. 836 */ 837 notd = 1; 838 mflag &= ~(MAP_TEXT | MAP_INITDATA); 839 840 return (mmap((caddr_t)addr, flen, mperm, mflag, fd, foff)); 841 } 842 #endif 843 return (MAP_FAILED); 844 } 845 846 /* 847 * Map in a file. 848 */ 849 static caddr_t 850 elf_map_it( 851 Lm_list *lml, /* link-map list */ 852 const char *name, /* actual name stored for pathname */ 853 Off fsize, /* total mapping claim of the file */ 854 Ehdr *ehdr, /* ELF header of file */ 855 Phdr *fphdr, /* first loadable Phdr */ 856 Phdr *lphdr, /* last loadable Phdr */ 857 Phdr **rrphdr, /* return first Phdr in reservation */ 858 caddr_t *rraddr, /* return start of reservation */ 859 Off *rrsize, /* return total size of reservation */ 860 int fixed, /* image is resolved to a fixed addr */ 861 int fd, /* images file descriptor */ 862 Xword align, /* image segments maximum alignment */ 863 Mmap *mmaps, /* mmap information array and */ 864 uint_t *mmapcnt) /* mapping count */ 865 { 866 caddr_t raddr; /* reservation address */ 867 Off rsize; /* reservation size */ 868 Phdr *phdr; /* working program header poiner */ 869 caddr_t maddr; /* working mmap address */ 870 caddr_t faddr; /* working file address */ 871 size_t padsize; /* object padding requirement */ 872 size_t padpsize = 0; /* padding size rounded to next page */ 873 size_t padmsize = 0; /* padding size rounded for alignment */ 874 int skipfseg; /* skip mapping first segment */ 875 int mperm; /* segment permissions */ 876 Am_ret amret = AM_NOSUP; 877 878 /* 879 * If padding is required extend both the front and rear of the image. 880 * To insure the image itself is mapped at the correct alignment the 881 * initial padding is rounded up to the nearest page. Once the image is 882 * mapped the excess can be pruned to the nearest page required for the 883 * actual padding itself. 884 */ 885 if ((padsize = r_debug.rtd_objpad) != 0) { 886 padpsize = M_PROUND(padsize); 887 if (fixed) 888 padmsize = padpsize; 889 else 890 padmsize = S_ROUND(padsize, align); 891 } 892 893 /* 894 * Determine the initial permissions used to map in the first segment. 895 * If this segments memsz is greater that its filesz then the difference 896 * must be zeroed. Make sure this segment is writable. 897 */ 898 mperm = 0; 899 if (fphdr->p_flags & PF_R) 900 mperm |= PROT_READ; 901 if (fphdr->p_flags & PF_X) 902 mperm |= PROT_EXEC; 903 if ((fphdr->p_flags & PF_W) || (fphdr->p_memsz > fphdr->p_filesz)) 904 mperm |= PROT_WRITE; 905 906 /* 907 * Determine whether or not to let system reserve address space based on 908 * whether this is a dynamic executable (addresses in object are fixed) 909 * or a shared object (addresses in object are relative to the objects' 910 * base). 911 */ 912 if (fixed) { 913 /* 914 * Determine the reservation address and size, and insure that 915 * this reservation isn't already in use. 916 */ 917 faddr = maddr = (caddr_t)M_PTRUNC((ulong_t)fphdr->p_vaddr); 918 raddr = maddr - padpsize; 919 rsize = fsize + padpsize + padsize; 920 921 if (lml_main.lm_head) { 922 if (elf_map_check(lml, name, raddr, rsize) != 0) 923 return (0); 924 } 925 926 /* 927 * As this is a fixed image, all segments must be individually 928 * mapped. 929 */ 930 skipfseg = 0; 931 932 } else { 933 size_t esize; 934 935 /* 936 * If this isn't a fixed image, reserve enough address space for 937 * the entire image to be mapped. The amount of reservation is 938 * the range between the beginning of the first, and end of the 939 * last loadable segment, together with any padding, plus the 940 * alignment of the first segment. 941 * 942 * The optimal reservation is made as a no-reserve mapping from 943 * anonymous memory. Each segment is then mapped into this 944 * reservation. If the anonymous mapping capability isn't 945 * available, the reservation is obtained from the file itself. 946 * In this case the first segment of the image is mapped as part 947 * of the reservation, thus only the following segments need to 948 * be remapped. 949 */ 950 rsize = fsize + padmsize + padsize; 951 if ((amret = elf_map_reserve(lml, name, &raddr, rsize, mperm, 952 fd, align)) == AM_ERROR) 953 return (0); 954 maddr = raddr + padmsize; 955 faddr = (caddr_t)S_ROUND((Off)maddr, align); 956 957 /* 958 * If this reservation has been obtained from anonymous memory, 959 * then all segments must be individually mapped. Otherwise, 960 * the first segment heads the reservation. 961 */ 962 if (amret == AM_OK) 963 skipfseg = 0; 964 else 965 skipfseg = 1; 966 967 /* 968 * For backward compatibility (where MAP_ALIGN isn't available), 969 * insure the alignment of the reservation is adequate for this 970 * object, and if not remap the object to obtain the correct 971 * alignment. 972 */ 973 if (faddr != maddr) { 974 (void) munmap(raddr, rsize); 975 976 rsize += align; 977 if ((amret = elf_map_reserve(lml, name, &raddr, rsize, 978 mperm, fd, align)) == AM_ERROR) 979 return (0); 980 981 maddr = faddr = (caddr_t)S_ROUND((Off)(raddr + 982 padpsize), align); 983 984 esize = maddr - raddr + padpsize; 985 986 /* 987 * As ths image has been realigned, the first segment 988 * of the file needs to be remapped to its correct 989 * location. 990 */ 991 skipfseg = 0; 992 } else 993 esize = padmsize - padpsize; 994 995 /* 996 * If this reservation included padding, remove any excess for 997 * the start of the image (the padding was adjusted to insure 998 * the image was aligned appropriately). 999 */ 1000 if (esize) { 1001 (void) munmap(raddr, esize); 1002 raddr += esize; 1003 rsize -= esize; 1004 } 1005 } 1006 1007 /* 1008 * At this point we know the initial location of the image, and its 1009 * size. Pass these back to the caller for inclusion in the link-map 1010 * that will eventually be created. 1011 */ 1012 *rraddr = raddr; 1013 *rrsize = rsize; 1014 1015 /* 1016 * The first loadable segment is now pointed to by maddr. This segment 1017 * will eventually contain the elf header and program headers, so reset 1018 * the program header. Pass this back to the caller for inclusion in 1019 * the link-map so it can be used for later unmapping operations. 1020 */ 1021 /* LINTED */ 1022 *rrphdr = (Phdr *)((char *)maddr + ehdr->e_phoff); 1023 1024 /* 1025 * If padding is required at the front of the image, obtain that now. 1026 * Note, if we've already obtained a reservation from anonymous memory 1027 * then this reservation will already include suitable padding. 1028 * Otherwise this reservation is backed by the file, or in the case of 1029 * a fixed image, doesn't yet exist. Map the padding so that it is 1030 * suitably protected (PROT_NONE), and insure the first segment of the 1031 * file is mapped to its correct location. 1032 */ 1033 if (padsize) { 1034 if (amret == AM_NOSUP) { 1035 if (dz_map(lml, raddr, padpsize, PROT_NONE, 1036 (MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE)) == 1037 MAP_FAILED) 1038 return (0); 1039 1040 skipfseg = 0; 1041 } 1042 rsize -= padpsize; 1043 } 1044 1045 /* 1046 * Map individual segments. For a fixed image, these will each be 1047 * unique mappings. For a reservation these will fill in the 1048 * reservation. 1049 */ 1050 for (phdr = fphdr; phdr <= lphdr; 1051 phdr = (Phdr *)((Off)phdr + ehdr->e_phentsize)) { 1052 caddr_t addr; 1053 Off mlen, flen; 1054 size_t size; 1055 1056 /* 1057 * Skip non-loadable segments or segments that don't occupy 1058 * any memory. 1059 */ 1060 if (((phdr->p_type != PT_LOAD) && 1061 (phdr->p_type != PT_SUNWBSS)) || (phdr->p_memsz == 0)) 1062 continue; 1063 1064 /* 1065 * Establish this segments address relative to our base. 1066 */ 1067 addr = (caddr_t)M_PTRUNC((ulong_t)(phdr->p_vaddr + 1068 (fixed ? 0 : faddr))); 1069 1070 /* 1071 * Determine the mapping protection from the segment attributes. 1072 * Also determine the etext address from the last loadable 1073 * segment which has permissions but no write access. 1074 */ 1075 mperm = 0; 1076 if (phdr->p_flags) { 1077 if (phdr->p_flags & PF_R) 1078 mperm |= PROT_READ; 1079 if (phdr->p_flags & PF_X) 1080 mperm |= PROT_EXEC; 1081 if (phdr->p_flags & PF_W) 1082 mperm |= PROT_WRITE; 1083 else 1084 fmap->fm_etext = phdr->p_vaddr + phdr->p_memsz + 1085 (ulong_t)(fixed ? 0 : faddr); 1086 } 1087 1088 /* 1089 * Determine the type of mapping required. 1090 */ 1091 if (phdr->p_type == PT_SUNWBSS) { 1092 /* 1093 * Potentially, we can defer the loading of any SUNWBSS 1094 * segment, depending on whether the symbols it provides 1095 * have been bound to. In this manner, large segments 1096 * that are interposed upon between shared libraries 1097 * may not require mapping. Note, that the mapping 1098 * information is recorded in our mapping descriptor at 1099 * this time. 1100 */ 1101 mlen = phdr->p_memsz; 1102 flen = 0; 1103 1104 } else if ((phdr->p_filesz == 0) && (phdr->p_flags == 0)) { 1105 /* 1106 * If this segment has no backing file and no flags 1107 * specified, then it defines a reservation. At this 1108 * point all standard loadable segments will have been 1109 * processed. The segment reservation is mapped 1110 * directly from /dev/null. 1111 */ 1112 if (nu_map(lml, (caddr_t)addr, phdr->p_memsz, PROT_NONE, 1113 MAP_FIXED | MAP_PRIVATE) == MAP_FAILED) 1114 return (0); 1115 1116 mlen = phdr->p_memsz; 1117 flen = 0; 1118 1119 } else if (phdr->p_filesz == 0) { 1120 /* 1121 * If this segment has no backing file then it defines a 1122 * nobits segment and is mapped directly from /dev/zero. 1123 */ 1124 if (dz_map(lml, (caddr_t)addr, phdr->p_memsz, mperm, 1125 MAP_FIXED | MAP_PRIVATE) == MAP_FAILED) 1126 return (0); 1127 1128 mlen = phdr->p_memsz; 1129 flen = 0; 1130 1131 } else { 1132 Off foff; 1133 1134 /* 1135 * This mapping originates from the file. Determine the 1136 * file offset to which the mapping will be directed 1137 * (must be aligned) and how much to map (might be more 1138 * than the file in the case of .bss). 1139 */ 1140 foff = M_PTRUNC((ulong_t)phdr->p_offset); 1141 mlen = phdr->p_memsz + (phdr->p_offset - foff); 1142 flen = phdr->p_filesz + (phdr->p_offset - foff); 1143 1144 /* 1145 * If this is a non-fixed, non-anonymous mapping, and no 1146 * padding is involved, then the first loadable segment 1147 * is already part of the initial reservation. In this 1148 * case there is no need to remap this segment. 1149 */ 1150 if ((skipfseg == 0) || (phdr != fphdr)) { 1151 int phdr_mperm = mperm; 1152 /* 1153 * If this segments memsz is greater that its 1154 * filesz then the difference must be zeroed. 1155 * Make sure this segment is writable. 1156 */ 1157 if (phdr->p_memsz > phdr->p_filesz) 1158 mperm |= PROT_WRITE; 1159 1160 if (elf_map_textdata((caddr_t)addr, flen, 1161 mperm, phdr_mperm, 1162 (MAP_FIXED | MAP_PRIVATE), fd, foff) == 1163 MAP_FAILED) { 1164 int err = errno; 1165 eprintf(lml, ERR_FATAL, 1166 MSG_INTL(MSG_SYS_MMAP), name, 1167 strerror(err)); 1168 return (0); 1169 } 1170 } 1171 1172 /* 1173 * If the memory occupancy of the segment overflows the 1174 * definition in the file, we need to "zero out" the end 1175 * of the mapping we've established, and if necessary, 1176 * map some more space from /dev/zero. Note, zero'ed 1177 * memory must end on a double word boundary to satisfy 1178 * zero(). 1179 */ 1180 if (phdr->p_memsz > phdr->p_filesz) { 1181 caddr_t zaddr; 1182 size_t zlen, zplen; 1183 Off fend; 1184 1185 foff = (Off)(phdr->p_vaddr + phdr->p_filesz + 1186 (fixed ? 0 : faddr)); 1187 zaddr = (caddr_t)M_PROUND(foff); 1188 zplen = (size_t)(zaddr - foff); 1189 1190 fend = (Off)S_DROUND((size_t)(phdr->p_vaddr + 1191 phdr->p_memsz + (fixed ? 0 : faddr))); 1192 zlen = (size_t)(fend - foff); 1193 1194 /* 1195 * Determine whether the number of bytes that 1196 * must be zero'ed overflow to the next page. 1197 * If not, simply clear the exact bytes 1198 * (filesz to memsz) from this page. Otherwise, 1199 * clear the remaining bytes of this page, and 1200 * map an following pages from /dev/zero. 1201 */ 1202 if (zlen < zplen) 1203 zero((caddr_t)foff, (long)zlen); 1204 else { 1205 zero((caddr_t)foff, (long)zplen); 1206 1207 if ((zlen = (fend - (Off)zaddr)) > 0) { 1208 if (dz_map(lml, zaddr, zlen, 1209 mperm, 1210 MAP_FIXED | MAP_PRIVATE) == 1211 MAP_FAILED) 1212 return (0); 1213 } 1214 } 1215 } 1216 } 1217 1218 /* 1219 * Unmap anything from the last mapping address to this one and 1220 * update the mapping claim pointer. 1221 */ 1222 if ((fixed == 0) && ((size = addr - maddr) != 0)) { 1223 (void) munmap(maddr, size); 1224 rsize -= size; 1225 } 1226 1227 /* 1228 * Retain this segments mapping information. 1229 */ 1230 mmaps[*mmapcnt].m_vaddr = addr; 1231 mmaps[*mmapcnt].m_msize = mlen; 1232 mmaps[*mmapcnt].m_fsize = flen; 1233 mmaps[*mmapcnt].m_perm = mperm; 1234 (*mmapcnt)++; 1235 1236 maddr = addr + M_PROUND(mlen); 1237 rsize -= M_PROUND(mlen); 1238 } 1239 1240 /* 1241 * If padding is required at the end of the image, obtain that now. 1242 * Note, if we've already obtained a reservation from anonymous memory 1243 * then this reservation will already include suitable padding. 1244 */ 1245 if (padsize) { 1246 if (amret == AM_NOSUP) { 1247 /* 1248 * maddr is currently page aligned from the last segment 1249 * mapping. 1250 */ 1251 if (dz_map(lml, maddr, padsize, PROT_NONE, 1252 (MAP_PRIVATE | MAP_FIXED | MAP_NORESERVE)) == 1253 MAP_FAILED) 1254 return (0); 1255 } 1256 maddr += padsize; 1257 rsize -= padsize; 1258 } 1259 1260 /* 1261 * Unmap any final reservation. 1262 */ 1263 if ((fixed == 0) && (rsize != 0)) 1264 (void) munmap(maddr, rsize); 1265 1266 return (faddr); 1267 } 1268 1269 /* 1270 * A null symbol interpretor. Used if a filter has no associated filtees. 1271 */ 1272 /* ARGSUSED0 */ 1273 static Sym * 1274 elf_null_find_sym(Slookup *slp, Rt_map **dlmp, uint_t *binfo) 1275 { 1276 return ((Sym *)0); 1277 } 1278 1279 /* 1280 * Disable filtee use. 1281 */ 1282 static void 1283 elf_disable_filtee(Rt_map *lmp, Dyninfo *dip) 1284 { 1285 dip->di_info = 0; 1286 1287 if ((dip->di_flags & FLG_DI_SYMFLTR) == 0) { 1288 /* 1289 * If this is an object filter, free the filtee's duplication. 1290 */ 1291 if (OBJFLTRNDX(lmp) != FLTR_DISABLED) { 1292 free(REFNAME(lmp)); 1293 REFNAME(lmp) = (char *)0; 1294 OBJFLTRNDX(lmp) = FLTR_DISABLED; 1295 1296 /* 1297 * Indicate that this filtee is no longer available. 1298 */ 1299 if (dip->di_flags & FLG_DI_STDFLTR) 1300 SYMINTP(lmp) = elf_null_find_sym; 1301 1302 } 1303 } else if (dip->di_flags & FLG_DI_STDFLTR) { 1304 /* 1305 * Indicate that this standard filtee is no longer available. 1306 */ 1307 if (SYMSFLTRCNT(lmp)) 1308 SYMSFLTRCNT(lmp)--; 1309 } else { 1310 /* 1311 * Indicate that this auxiliary filtee is no longer available. 1312 */ 1313 if (SYMAFLTRCNT(lmp)) 1314 SYMAFLTRCNT(lmp)--; 1315 } 1316 dip->di_flags &= ~MSK_DI_FILTER; 1317 } 1318 1319 /* 1320 * Find symbol interpreter - filters. 1321 * This function is called when the symbols from a shared object should 1322 * be resolved from the shared objects filtees instead of from within itself. 1323 * 1324 * A symbol name of 0 is used to trigger filtee loading. 1325 */ 1326 static Sym * 1327 _elf_lookup_filtee(Slookup *slp, Rt_map **dlmp, uint_t *binfo, uint_t ndx) 1328 { 1329 const char *name = slp->sl_name, *filtees; 1330 Rt_map *clmp = slp->sl_cmap; 1331 Rt_map *ilmp = slp->sl_imap; 1332 Pnode *pnp, **pnpp; 1333 int any; 1334 Dyninfo *dip = &DYNINFO(ilmp)[ndx]; 1335 Lm_list *lml = LIST(ilmp); 1336 1337 /* 1338 * Indicate that the filter has been used. If a binding already exists 1339 * to the caller, indicate that this object is referenced. This insures 1340 * we don't generate false unreferenced diagnostics from ldd -u/U or 1341 * debugging. Don't create a binding regardless, as this filter may 1342 * have been dlopen()'ed. 1343 */ 1344 if (name && (ilmp != clmp)) { 1345 Word tracing = (LIST(clmp)->lm_flags & 1346 (LML_FLG_TRC_UNREF | LML_FLG_TRC_UNUSED)); 1347 1348 if (tracing || DBG_ENABLED) { 1349 Bnd_desc ** bdpp; 1350 Aliste off; 1351 1352 FLAGS1(ilmp) |= FL1_RT_USED; 1353 1354 if ((tracing & LML_FLG_TRC_UNREF) || DBG_ENABLED) { 1355 for (ALIST_TRAVERSE(CALLERS(ilmp), off, bdpp)) { 1356 Bnd_desc * bdp = *bdpp; 1357 1358 if (bdp->b_caller == clmp) { 1359 bdp->b_flags |= BND_REFER; 1360 break; 1361 } 1362 } 1363 } 1364 } 1365 } 1366 1367 /* 1368 * If this is the first call to process this filter, establish the 1369 * filtee list. If a configuration file exists, determine if any 1370 * filtee associations for this filter, and its filtee reference, are 1371 * defined. Otherwise, process the filtee reference. Any token 1372 * expansion is also completed at this point (i.e., $PLATFORM). 1373 */ 1374 filtees = (char *)STRTAB(ilmp) + DYN(ilmp)[ndx].d_un.d_val; 1375 if (dip->di_info == 0) { 1376 if (rtld_flags2 & RT_FL2_FLTCFG) 1377 dip->di_info = elf_config_flt(lml, PATHNAME(ilmp), 1378 filtees); 1379 1380 if (dip->di_info == 0) { 1381 DBG_CALL(Dbg_file_filter(lml, NAME(ilmp), filtees, 0)); 1382 if ((lml->lm_flags & 1383 (LML_FLG_TRC_VERBOSE | LML_FLG_TRC_SEARCH)) && 1384 ((FLAGS1(ilmp) & FL1_RT_LDDSTUB) == 0)) 1385 (void) printf(MSG_INTL(MSG_LDD_FIL_FILTER), 1386 NAME(ilmp), filtees); 1387 1388 if ((dip->di_info = (void *)expand_paths(ilmp, 1389 filtees, PN_SER_FILTEE, 0)) == 0) { 1390 elf_disable_filtee(ilmp, dip); 1391 return ((Sym *)0); 1392 } 1393 } 1394 } 1395 1396 /* 1397 * Traverse the filtee list, dlopen()'ing any objects specified and 1398 * using their group handle to lookup the symbol. 1399 */ 1400 for (any = 0, pnpp = (Pnode **)&(dip->di_info), pnp = *pnpp; pnp; 1401 pnpp = &pnp->p_next, pnp = *pnpp) { 1402 int mode; 1403 Grp_hdl *ghp; 1404 Rt_map *nlmp = 0; 1405 1406 if (pnp->p_len == 0) 1407 continue; 1408 1409 /* 1410 * Establish the mode of the filtee from the filter. As filtees 1411 * are loaded via a dlopen(), make sure that RTLD_GROUP is set 1412 * and the filtees aren't global. It would be nice to have 1413 * RTLD_FIRST used here also, but as filters got out long before 1414 * RTLD_FIRST was introduced it's a little too late now. 1415 */ 1416 mode = MODE(ilmp) | RTLD_GROUP; 1417 mode &= ~RTLD_GLOBAL; 1418 1419 /* 1420 * Insure that any auxiliary filter can locate symbols from its 1421 * caller. 1422 */ 1423 if (dip->di_flags & FLG_DI_AUXFLTR) 1424 mode |= RTLD_PARENT; 1425 1426 /* 1427 * Process any hardware capability directory. Establish a new 1428 * link-map control list from which to analyze any newly added 1429 * objects. 1430 */ 1431 if ((pnp->p_info == 0) && (pnp->p_orig & PN_TKN_HWCAP)) { 1432 Lm_cntl *lmc; 1433 Aliste lmco; 1434 1435 if (FLAGS(lml->lm_head) & FLG_RT_RELOCED) { 1436 if ((lmc = alist_append(&(lml->lm_lists), 0, 1437 sizeof (Lm_cntl), AL_CNT_LMLISTS)) == 0) 1438 return ((Sym *)0); 1439 lmco = (Aliste)((char *)lmc - 1440 (char *)lml->lm_lists); 1441 } else { 1442 lmc = 0; 1443 lmco = ALO_DATA; 1444 } 1445 1446 pnp = hwcap_filtees(pnpp, lmco, lmc, dip, ilmp, filtees, 1447 mode, (FLG_RT_HANDLE | FLG_RT_HWCAP)); 1448 1449 /* 1450 * Now that any hardware capability objects have been 1451 * processed, remove any link-map control list. 1452 */ 1453 if (lmc) 1454 remove_cntl(lml, lmco); 1455 } 1456 1457 if (pnp->p_len == 0) 1458 continue; 1459 1460 /* 1461 * Process an individual filtee. 1462 */ 1463 if (pnp->p_info == 0) { 1464 const char *filtee = pnp->p_name; 1465 int audit = 0; 1466 1467 DBG_CALL(Dbg_file_filtee(lml, NAME(ilmp), filtee, 0)); 1468 1469 ghp = 0; 1470 1471 /* 1472 * Determine if the reference link map is already 1473 * loaded. As an optimization compare the filtee with 1474 * our interpretor. The most common filter is 1475 * libdl.so.1, which is a filter on ld.so.1. 1476 */ 1477 #if defined(_ELF64) 1478 if (strcmp(filtee, MSG_ORIG(MSG_PTH_RTLD_64)) == 0) { 1479 #else 1480 if (strcmp(filtee, MSG_ORIG(MSG_PTH_RTLD)) == 0) { 1481 #endif 1482 /* 1483 * Create an association between ld.so.1 and 1484 * the filter. 1485 */ 1486 nlmp = lml_rtld.lm_head; 1487 if ((ghp = hdl_create(&lml_rtld, nlmp, ilmp, 1488 (GPH_LDSO | GPH_FIRST | GPH_FILTEE))) == 0) 1489 nlmp = 0; 1490 1491 /* 1492 * Establish the filter handle to prevent any 1493 * recursion. 1494 */ 1495 if (nlmp && ghp) 1496 pnp->p_info = (void *)ghp; 1497 1498 /* 1499 * Audit the filter/filtee established. Ignore 1500 * any return from the auditor, as we can't 1501 * allow ignore filtering to ld.so.1, otherwise 1502 * nothing is going to work. 1503 */ 1504 if (nlmp && ((lml->lm_tflags | FLAGS1(ilmp)) & 1505 LML_TFLG_AUD_OBJFILTER)) 1506 (void) audit_objfilter(ilmp, filtees, 1507 nlmp, 0); 1508 1509 } else { 1510 Rej_desc rej = { 0 }; 1511 Lm_cntl *lmc; 1512 Aliste lmco; 1513 1514 /* 1515 * Establish a new link-map control list from 1516 * which to analyze any newly added objects. 1517 */ 1518 if (FLAGS(lml->lm_head) & FLG_RT_RELOCED) { 1519 if ((lmc = 1520 alist_append(&(lml->lm_lists), 0, 1521 sizeof (Lm_cntl), 1522 AL_CNT_LMLISTS)) == 0) 1523 return ((Sym *)0); 1524 lmco = (Aliste)((char *)lmc - 1525 (char *)lml->lm_lists); 1526 } else { 1527 lmc = 0; 1528 lmco = ALO_DATA; 1529 } 1530 1531 /* 1532 * Load the filtee. 1533 */ 1534 if ((nlmp = load_path(lml, lmco, filtee, ilmp, 1535 mode, FLG_RT_HANDLE, &ghp, 0, &rej)) == 0) { 1536 file_notfound(LIST(ilmp), filtee, ilmp, 1537 FLG_RT_HANDLE, &rej); 1538 remove_rej(&rej); 1539 } 1540 1541 /* 1542 * Establish the filter handle to prevent any 1543 * recursion. 1544 */ 1545 if (nlmp && ghp) { 1546 ghp->gh_flags |= GPH_FILTEE; 1547 pnp->p_info = (void *)ghp; 1548 } 1549 1550 /* 1551 * Audit the filter/filtee established. A 1552 * return of 0 indicates the auditor wishes to 1553 * ignore this filtee. 1554 */ 1555 if (nlmp && ((lml->lm_tflags | FLAGS1(ilmp)) & 1556 LML_TFLG_AUD_OBJFILTER)) { 1557 if (audit_objfilter(ilmp, filtees, 1558 nlmp, 0) == 0) { 1559 audit = 1; 1560 nlmp = 0; 1561 } 1562 } 1563 1564 /* 1565 * Finish processing the objects associated with 1566 * this request. Create an association between 1567 * this object and the originating filter to 1568 * provide sufficient information to tear down 1569 * this filtee if necessary. 1570 */ 1571 if (nlmp && ghp && 1572 ((analyze_lmc(lml, lmco, nlmp) == 0) || 1573 (relocate_lmc(lml, lmco, ilmp, nlmp) == 0))) 1574 nlmp = 0; 1575 1576 /* 1577 * If the filtee has been successfully 1578 * processed, then create an association 1579 * between the filter and filtee. This 1580 * association provides sufficient information 1581 * to tear down the filter and filtee if 1582 * necessary. 1583 */ 1584 DBG_CALL(Dbg_file_hdl_title(DBG_DEP_ADD)); 1585 if (nlmp && ghp && 1586 (hdl_add(ghp, ilmp, GPD_FILTER) == 0)) 1587 nlmp = 0; 1588 1589 /* 1590 * If this filtee loading has failed, and we've 1591 * created a new link-map control list to which 1592 * this request has added objects, then remove 1593 * all the objects that have been associated to 1594 * this request. 1595 */ 1596 if ((nlmp == 0) && lmc && lmc->lc_head) 1597 remove_lmc(lml, clmp, lmc, lmco, name); 1598 1599 /* 1600 * Remove any link-map control list that was 1601 * created. 1602 */ 1603 if (lmc) 1604 remove_cntl(lml, lmco); 1605 } 1606 1607 /* 1608 * Generate a diagnostic if the filtee couldn't be 1609 * loaded, null out the pnode entry, and continue 1610 * the search. Otherwise, retain this group handle 1611 * for future symbol searches. 1612 */ 1613 if (nlmp == 0) { 1614 DBG_CALL(Dbg_file_filtee(lml, 0, filtee, 1615 audit)); 1616 1617 pnp->p_info = 0; 1618 pnp->p_len = 0; 1619 continue; 1620 } 1621 } 1622 1623 ghp = (Grp_hdl *)pnp->p_info; 1624 1625 /* 1626 * If we're just here to trigger filtee loading skip the symbol 1627 * lookup so we'll continue looking for additional filtees. 1628 */ 1629 if (name) { 1630 Grp_desc *gdp; 1631 Sym *sym = 0; 1632 Aliste off; 1633 Slookup sl = *slp; 1634 1635 sl.sl_flags |= LKUP_FIRST; 1636 any++; 1637 1638 /* 1639 * Look for the symbol in the handles dependencies. 1640 */ 1641 for (ALIST_TRAVERSE(ghp->gh_depends, off, gdp)) { 1642 if ((gdp->gd_flags & GPD_AVAIL) == 0) 1643 continue; 1644 1645 /* 1646 * If our parent is a dependency don't look at 1647 * it (otherwise we are in a recursive loop). 1648 * This situation can occur with auxiliary 1649 * filters if the filtee has a dependency on the 1650 * filter. This dependency isn't necessary as 1651 * auxiliary filters are opened RTLD_PARENT, but 1652 * users may still unknowingly add an explicit 1653 * dependency to the parent. 1654 */ 1655 if ((sl.sl_imap = gdp->gd_depend) == ilmp) 1656 continue; 1657 1658 if (((sym = SYMINTP(sl.sl_imap)(&sl, dlmp, 1659 binfo)) != 0) || 1660 (ghp->gh_flags & GPH_FIRST)) 1661 break; 1662 } 1663 1664 /* 1665 * If a symbol has been found, indicate the binding 1666 * and return the symbol. 1667 */ 1668 if (sym) { 1669 *binfo |= DBG_BINFO_FILTEE; 1670 return (sym); 1671 } 1672 } 1673 1674 /* 1675 * If this object is tagged to terminate filtee processing we're 1676 * done. 1677 */ 1678 if (FLAGS1(ghp->gh_ownlmp) & FL1_RT_ENDFILTE) 1679 break; 1680 } 1681 1682 /* 1683 * If we're just here to trigger filtee loading then we're done. 1684 */ 1685 if (name == 0) 1686 return ((Sym *)0); 1687 1688 /* 1689 * If no filtees have been found for a filter, clean up any Pnode 1690 * structures and disable their search completely. For auxiliary 1691 * filters we can reselect the symbol search function so that we never 1692 * enter this routine again for this object. For standard filters we 1693 * use the null symbol routine. 1694 */ 1695 if (any == 0) { 1696 remove_pnode((Pnode *)dip->di_info); 1697 elf_disable_filtee(ilmp, dip); 1698 return ((Sym *)0); 1699 } 1700 1701 return ((Sym *)0); 1702 } 1703 1704 /* 1705 * Focal point for disabling error messages for auxiliary filters. As an 1706 * auxiliary filter allows for filtee use, but provides a fallback should a 1707 * filtee not exist (or fail to load), any errors generated as a consequence of 1708 * trying to load the filtees are typically suppressed. Setting RT_FL_SILENCERR 1709 * suppresses errors generated by eprint(), but insures a debug diagnostic is 1710 * produced. ldd(1) employs printf(), and here, the selection of whether to 1711 * print a diagnostic in regards to auxiliary filters is a little more complex. 1712 * 1713 * . The determination of whether to produce an ldd message, or a fatal 1714 * error message is driven by LML_FLG_TRC_ENABLE. 1715 * . More detailed ldd messages may also be driven off of LML_FLG_TRC_WARN, 1716 * (ldd -d/-r), LML_FLG_TRC_VERBOSE (ldd -v), LML_FLG_TRC_SEARCH (ldd -s), 1717 * and LML_FLG_TRC_UNREF/LML_FLG_TRC_UNUSED (ldd -U/-u). 1718 * 1719 * . If the calling object is lddstub, then several classes of message are 1720 * suppressed. The user isn't trying to diagnose lddstub, this is simply 1721 * a stub executable employed to preload a user specified library against. 1722 * 1723 * . If RT_FL_SILENCERR is in effect then any generic ldd() messages should 1724 * be suppressed. All detailed ldd messages should still be produced. 1725 */ 1726 Sym * 1727 elf_lookup_filtee(Slookup *slp, Rt_map **dlmp, uint_t *binfo, uint_t ndx) 1728 { 1729 Sym *sym; 1730 Dyninfo *dip = &DYNINFO(slp->sl_imap)[ndx]; 1731 int silent = 0; 1732 1733 /* 1734 * Make sure this entry is still acting as a filter. We may have tried 1735 * to process this previously, and disabled it if the filtee couldn't 1736 * be processed. However, other entries may provide different filtees 1737 * that are yet to be completed. 1738 */ 1739 if (dip->di_flags == 0) 1740 return ((Sym *)0); 1741 1742 /* 1743 * Indicate whether an error message is required should this filtee not 1744 * be found, based on the type of filter. 1745 */ 1746 if ((dip->di_flags & FLG_DI_AUXFLTR) && 1747 ((rtld_flags & (RT_FL_WARNFLTR | RT_FL_SILENCERR)) == 0)) { 1748 rtld_flags |= RT_FL_SILENCERR; 1749 silent = 1; 1750 } 1751 1752 sym = _elf_lookup_filtee(slp, dlmp, binfo, ndx); 1753 1754 if (silent) 1755 rtld_flags &= ~RT_FL_SILENCERR; 1756 1757 return (sym); 1758 } 1759 1760 /* 1761 * Compute the elf hash value (as defined in the ELF access library). 1762 * The form of the hash table is: 1763 * 1764 * |--------------| 1765 * | # of buckets | 1766 * |--------------| 1767 * | # of chains | 1768 * |--------------| 1769 * | bucket[] | 1770 * |--------------| 1771 * | chain[] | 1772 * |--------------| 1773 */ 1774 ulong_t 1775 elf_hash(const char *name) 1776 { 1777 uint_t hval = 0; 1778 1779 while (*name) { 1780 uint_t g; 1781 hval = (hval << 4) + *name++; 1782 if ((g = (hval & 0xf0000000)) != 0) 1783 hval ^= g >> 24; 1784 hval &= ~g; 1785 } 1786 return ((ulong_t)hval); 1787 } 1788 1789 /* 1790 * If flag argument has LKUP_SPEC set, we treat undefined symbols of type 1791 * function specially in the executable - if they have a value, even though 1792 * undefined, we use that value. This allows us to associate all references 1793 * to a function's address to a single place in the process: the plt entry 1794 * for that function in the executable. Calls to lookup from plt binding 1795 * routines do NOT set LKUP_SPEC in the flag. 1796 */ 1797 Sym * 1798 elf_find_sym(Slookup *slp, Rt_map **dlmp, uint_t *binfo) 1799 { 1800 const char *name = slp->sl_name; 1801 Rt_map *ilmp = slp->sl_imap; 1802 ulong_t hash = slp->sl_hash; 1803 uint_t ndx, htmp, buckets, *chainptr; 1804 Sym *sym, *symtabptr; 1805 char *strtabptr, *strtabname; 1806 uint_t flags1; 1807 Syminfo *sip; 1808 1809 /* 1810 * If we're only here to establish a symbols index, skip the diagnostic 1811 * used to trace a symbol search. 1812 */ 1813 if ((slp->sl_flags & LKUP_SYMNDX) == 0) 1814 DBG_CALL(Dbg_syms_lookup(ilmp, name, MSG_ORIG(MSG_STR_ELF))); 1815 1816 if (HASH(ilmp) == 0) 1817 return ((Sym *)0); 1818 1819 buckets = HASH(ilmp)[0]; 1820 /* LINTED */ 1821 htmp = (uint_t)hash % buckets; 1822 1823 /* 1824 * Get the first symbol on hash chain and initialize the string 1825 * and symbol table pointers. 1826 */ 1827 if ((ndx = HASH(ilmp)[htmp + 2]) == 0) 1828 return ((Sym *)0); 1829 1830 chainptr = HASH(ilmp) + 2 + buckets; 1831 strtabptr = STRTAB(ilmp); 1832 symtabptr = SYMTAB(ilmp); 1833 1834 while (ndx) { 1835 sym = symtabptr + ndx; 1836 strtabname = strtabptr + sym->st_name; 1837 1838 /* 1839 * Compare the symbol found with the name required. If the 1840 * names don't match continue with the next hash entry. 1841 */ 1842 if ((*strtabname++ != *name) || strcmp(strtabname, &name[1])) { 1843 if ((ndx = chainptr[ndx]) != 0) 1844 continue; 1845 return ((Sym *)0); 1846 } 1847 1848 /* 1849 * If we're only here to establish a symbols index, we're done. 1850 */ 1851 if (slp->sl_flags & LKUP_SYMNDX) 1852 return (sym); 1853 1854 /* 1855 * If we find a match and the symbol is defined, return the 1856 * symbol pointer and the link map in which it was found. 1857 */ 1858 if (sym->st_shndx != SHN_UNDEF) { 1859 *dlmp = ilmp; 1860 *binfo |= DBG_BINFO_FOUND; 1861 if ((FLAGS(ilmp) & FLG_RT_OBJINTPO) || 1862 ((FLAGS(ilmp) & FLG_RT_SYMINTPO) && 1863 is_sym_interposer(ilmp, sym))) 1864 *binfo |= DBG_BINFO_INTERPOSE; 1865 break; 1866 1867 /* 1868 * If we find a match and the symbol is undefined, the 1869 * symbol type is a function, and the value of the symbol 1870 * is non zero, then this is a special case. This allows 1871 * the resolution of a function address to the plt[] entry. 1872 * See SPARC ABI, Dynamic Linking, Function Addresses for 1873 * more details. 1874 */ 1875 } else if ((slp->sl_flags & LKUP_SPEC) && 1876 (FLAGS(ilmp) & FLG_RT_ISMAIN) && (sym->st_value != 0) && 1877 (ELF_ST_TYPE(sym->st_info) == STT_FUNC)) { 1878 *dlmp = ilmp; 1879 *binfo |= (DBG_BINFO_FOUND | DBG_BINFO_PLTADDR); 1880 if ((FLAGS(ilmp) & FLG_RT_OBJINTPO) || 1881 ((FLAGS(ilmp) & FLG_RT_SYMINTPO) && 1882 is_sym_interposer(ilmp, sym))) 1883 *binfo |= DBG_BINFO_INTERPOSE; 1884 return (sym); 1885 } 1886 1887 /* 1888 * Undefined symbol. 1889 */ 1890 return ((Sym *)0); 1891 } 1892 1893 /* 1894 * We've found a match. Determine if the defining object contains 1895 * symbol binding information. 1896 */ 1897 if ((sip = SYMINFO(ilmp)) != 0) 1898 sip += ndx; 1899 1900 /* 1901 * If this is a direct binding request, but the symbol definition has 1902 * disabled directly binding to it (presumably because the symbol 1903 * definition has been changed since the referring object was built), 1904 * indicate this failure so that the caller can fall back to a standard 1905 * symbol search. Clear any debug binding information for cleanliness. 1906 */ 1907 if (sip && (slp->sl_flags & LKUP_DIRECT) && 1908 (sip->si_flags & SYMINFO_FLG_NOEXTDIRECT)) { 1909 *binfo |= BINFO_DIRECTDIS; 1910 *binfo &= ~DBG_BINFO_MSK; 1911 return ((Sym *)0); 1912 } 1913 1914 /* 1915 * Determine whether this object is acting as a filter. 1916 */ 1917 if (((flags1 = FLAGS1(ilmp)) & MSK_RT_FILTER) == 0) 1918 return (sym); 1919 1920 /* 1921 * Determine if this object offers per-symbol filtering, and if so, 1922 * whether this symbol references a filtee. 1923 */ 1924 if (sip && (flags1 & (FL1_RT_SYMSFLTR | FL1_RT_SYMAFLTR))) { 1925 /* 1926 * If this is a standard filter reference, and no standard 1927 * filtees remain to be inspected, we're done. If this is an 1928 * auxiliary filter reference, and no auxiliary filtees remain, 1929 * we'll fall through in case any object filtering is available. 1930 */ 1931 if ((sip->si_flags & SYMINFO_FLG_FILTER) && 1932 (SYMSFLTRCNT(ilmp) == 0)) 1933 return ((Sym *)0); 1934 1935 if ((sip->si_flags & SYMINFO_FLG_FILTER) || 1936 ((sip->si_flags & SYMINFO_FLG_AUXILIARY) && 1937 SYMAFLTRCNT(ilmp))) { 1938 Sym * fsym; 1939 1940 /* 1941 * This symbol has an associated filtee. Lookup the 1942 * symbol in the filtee, and if it is found return it. 1943 * If the symbol doesn't exist, and this is a standard 1944 * filter, return an error, otherwise fall through to 1945 * catch any object filtering that may be available. 1946 */ 1947 if ((fsym = elf_lookup_filtee(slp, dlmp, binfo, 1948 sip->si_boundto)) != 0) 1949 return (fsym); 1950 if (sip->si_flags & SYMINFO_FLG_FILTER) 1951 return ((Sym *)0); 1952 } 1953 } 1954 1955 /* 1956 * Determine if this object provides global filtering. 1957 */ 1958 if (flags1 & (FL1_RT_OBJSFLTR | FL1_RT_OBJAFLTR)) { 1959 Sym * fsym; 1960 1961 if (OBJFLTRNDX(ilmp) != FLTR_DISABLED) { 1962 /* 1963 * This object has an associated filtee. Lookup the 1964 * symbol in the filtee, and if it is found return it. 1965 * If the symbol doesn't exist, and this is a standard 1966 * filter, return and error, otherwise return the symbol 1967 * within the filter itself. 1968 */ 1969 if ((fsym = elf_lookup_filtee(slp, dlmp, binfo, 1970 OBJFLTRNDX(ilmp))) != 0) 1971 return (fsym); 1972 } 1973 1974 if (flags1 & FL1_RT_OBJSFLTR) 1975 return ((Sym *)0); 1976 } 1977 return (sym); 1978 } 1979 1980 /* 1981 * Create a new Rt_map structure for an ELF object and initialize 1982 * all values. 1983 */ 1984 Rt_map * 1985 elf_new_lm(Lm_list *lml, const char *pname, const char *oname, Dyn *ld, 1986 ulong_t addr, ulong_t etext, Aliste lmco, ulong_t msize, ulong_t entry, 1987 ulong_t paddr, ulong_t padimsize, Mmap *mmaps, uint_t mmapcnt) 1988 { 1989 Rt_map *lmp; 1990 ulong_t base, fltr = 0, audit = 0, cfile = 0, crle = 0; 1991 Xword rpath = 0; 1992 Ehdr *ehdr = (Ehdr *)addr; 1993 1994 DBG_CALL(Dbg_file_elf(lml, pname, (ulong_t)ld, addr, msize, entry, 1995 lml->lm_lmidstr, lmco)); 1996 1997 /* 1998 * Allocate space for the link-map and private elf information. Once 1999 * these are allocated and initialized, we can use remove_so(0, lmp) to 2000 * tear down the link-map should any failures occur. 2001 */ 2002 if ((lmp = calloc(sizeof (Rt_map), 1)) == 0) 2003 return (0); 2004 if ((ELFPRV(lmp) = calloc(sizeof (Rt_elfp), 1)) == 0) { 2005 free(lmp); 2006 return (0); 2007 } 2008 2009 /* 2010 * All fields not filled in were set to 0 by calloc. 2011 */ 2012 ORIGNAME(lmp) = PATHNAME(lmp) = NAME(lmp) = (char *)pname; 2013 DYN(lmp) = ld; 2014 ADDR(lmp) = addr; 2015 MSIZE(lmp) = msize; 2016 ENTRY(lmp) = (Addr)entry; 2017 SYMINTP(lmp) = elf_find_sym; 2018 ETEXT(lmp) = etext; 2019 FCT(lmp) = &elf_fct; 2020 LIST(lmp) = lml; 2021 PADSTART(lmp) = paddr; 2022 PADIMLEN(lmp) = padimsize; 2023 THREADID(lmp) = rt_thr_self(); 2024 OBJFLTRNDX(lmp) = FLTR_DISABLED; 2025 SORTVAL(lmp) = -1; 2026 2027 MMAPS(lmp) = mmaps; 2028 MMAPCNT(lmp) = mmapcnt; 2029 ASSERT(mmapcnt != 0); 2030 2031 /* 2032 * If this is a shared object, add the base address to each address. 2033 * if this is an executable, use address as is. 2034 */ 2035 if (ehdr->e_type == ET_EXEC) { 2036 base = 0; 2037 FLAGS(lmp) |= FLG_RT_FIXED; 2038 } else 2039 base = addr; 2040 2041 /* 2042 * Fill in rest of the link map entries with information from the file's 2043 * dynamic structure. 2044 */ 2045 if (ld) { 2046 uint_t dyncnt = 0; 2047 Xword pltpadsz = 0; 2048 Rti_desc *rti; 2049 2050 /* CSTYLED */ 2051 for ( ; ld->d_tag != DT_NULL; ++ld, dyncnt++) { 2052 switch ((Xword)ld->d_tag) { 2053 case DT_SYMTAB: 2054 SYMTAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2055 break; 2056 case DT_SUNW_SYMTAB: 2057 SUNWSYMTAB(lmp) = 2058 (void *)(ld->d_un.d_ptr + base); 2059 break; 2060 case DT_SUNW_SYMSZ: 2061 SUNWSYMSZ(lmp) = ld->d_un.d_val; 2062 break; 2063 case DT_STRTAB: 2064 STRTAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2065 break; 2066 case DT_SYMENT: 2067 SYMENT(lmp) = ld->d_un.d_val; 2068 break; 2069 case DT_FEATURE_1: 2070 ld->d_un.d_val |= DTF_1_PARINIT; 2071 if (ld->d_un.d_val & DTF_1_CONFEXP) 2072 crle = 1; 2073 break; 2074 case DT_MOVESZ: 2075 MOVESZ(lmp) = ld->d_un.d_val; 2076 FLAGS(lmp) |= FLG_RT_MOVE; 2077 break; 2078 case DT_MOVEENT: 2079 MOVEENT(lmp) = ld->d_un.d_val; 2080 break; 2081 case DT_MOVETAB: 2082 MOVETAB(lmp) = (void *)(ld->d_un.d_ptr + base); 2083 break; 2084 case DT_REL: 2085 case DT_RELA: 2086 /* 2087 * At this time we can only handle 1 type of 2088 * relocation per object. 2089 */ 2090 REL(lmp) = (void *)(ld->d_un.d_ptr + base); 2091 break; 2092 case DT_RELSZ: 2093 case DT_RELASZ: 2094 RELSZ(lmp) = ld->d_un.d_val; 2095 break; 2096 case DT_RELENT: 2097 case DT_RELAENT: 2098 RELENT(lmp) = ld->d_un.d_val; 2099 break; 2100 case DT_RELCOUNT: 2101 case DT_RELACOUNT: 2102 RELACOUNT(lmp) = (uint_t)ld->d_un.d_val; 2103 break; 2104 case DT_TEXTREL: 2105 FLAGS1(lmp) |= FL1_RT_TEXTREL; 2106 break; 2107 case DT_HASH: 2108 HASH(lmp) = (uint_t *)(ld->d_un.d_ptr + base); 2109 break; 2110 case DT_PLTGOT: 2111 PLTGOT(lmp) = (uint_t *)(ld->d_un.d_ptr + base); 2112 break; 2113 case DT_PLTRELSZ: 2114 PLTRELSZ(lmp) = ld->d_un.d_val; 2115 break; 2116 case DT_JMPREL: 2117 JMPREL(lmp) = (void *)(ld->d_un.d_ptr + base); 2118 break; 2119 case DT_INIT: 2120 if (ld->d_un.d_ptr != NULL) 2121 INIT(lmp) = 2122 (void (*)())(ld->d_un.d_ptr + base); 2123 break; 2124 case DT_FINI: 2125 if (ld->d_un.d_ptr != NULL) 2126 FINI(lmp) = 2127 (void (*)())(ld->d_un.d_ptr + base); 2128 break; 2129 case DT_INIT_ARRAY: 2130 INITARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2131 base); 2132 break; 2133 case DT_INIT_ARRAYSZ: 2134 INITARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2135 break; 2136 case DT_FINI_ARRAY: 2137 FINIARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2138 base); 2139 break; 2140 case DT_FINI_ARRAYSZ: 2141 FINIARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2142 break; 2143 case DT_PREINIT_ARRAY: 2144 PREINITARRAY(lmp) = (Addr *)(ld->d_un.d_ptr + 2145 base); 2146 break; 2147 case DT_PREINIT_ARRAYSZ: 2148 PREINITARRAYSZ(lmp) = (uint_t)ld->d_un.d_val; 2149 break; 2150 case DT_RPATH: 2151 case DT_RUNPATH: 2152 rpath = ld->d_un.d_val; 2153 break; 2154 case DT_FILTER: 2155 fltr = ld->d_un.d_val; 2156 OBJFLTRNDX(lmp) = dyncnt; 2157 FLAGS1(lmp) |= FL1_RT_OBJSFLTR; 2158 break; 2159 case DT_AUXILIARY: 2160 if (!(rtld_flags & RT_FL_NOAUXFLTR)) { 2161 fltr = ld->d_un.d_val; 2162 OBJFLTRNDX(lmp) = dyncnt; 2163 } 2164 FLAGS1(lmp) |= FL1_RT_OBJAFLTR; 2165 break; 2166 case DT_SUNW_FILTER: 2167 SYMSFLTRCNT(lmp)++; 2168 FLAGS1(lmp) |= FL1_RT_SYMSFLTR; 2169 break; 2170 case DT_SUNW_AUXILIARY: 2171 if (!(rtld_flags & RT_FL_NOAUXFLTR)) { 2172 SYMAFLTRCNT(lmp)++; 2173 } 2174 FLAGS1(lmp) |= FL1_RT_SYMAFLTR; 2175 break; 2176 case DT_DEPAUDIT: 2177 if (!(rtld_flags & RT_FL_NOAUDIT)) 2178 audit = ld->d_un.d_val; 2179 break; 2180 case DT_CONFIG: 2181 cfile = ld->d_un.d_val; 2182 break; 2183 case DT_DEBUG: 2184 /* 2185 * DT_DEBUG entries are only created in 2186 * dynamic objects that require an interpretor 2187 * (ie. all dynamic executables and some shared 2188 * objects), and provide for a hand-shake with 2189 * debuggers. This entry is initialized to 2190 * zero by the link-editor. If a debugger has 2191 * us and updated this entry set the debugger 2192 * flag, and finish initializing the debugging 2193 * structure (see setup() also). Switch off any 2194 * configuration object use as most debuggers 2195 * can't handle fixed dynamic executables as 2196 * dependencies, and we can't handle requests 2197 * like object padding for alternative objects. 2198 */ 2199 if (ld->d_un.d_ptr) 2200 rtld_flags |= 2201 (RT_FL_DEBUGGER | RT_FL_NOOBJALT); 2202 ld->d_un.d_ptr = (Addr)&r_debug; 2203 break; 2204 case DT_VERNEED: 2205 VERNEED(lmp) = (Verneed *)(ld->d_un.d_ptr + 2206 base); 2207 break; 2208 case DT_VERNEEDNUM: 2209 /* LINTED */ 2210 VERNEEDNUM(lmp) = (int)ld->d_un.d_val; 2211 break; 2212 case DT_VERDEF: 2213 VERDEF(lmp) = (Verdef *)(ld->d_un.d_ptr + base); 2214 break; 2215 case DT_VERDEFNUM: 2216 /* LINTED */ 2217 VERDEFNUM(lmp) = (int)ld->d_un.d_val; 2218 break; 2219 case DT_BIND_NOW: 2220 if ((ld->d_un.d_val & DF_BIND_NOW) && 2221 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2222 MODE(lmp) |= RTLD_NOW; 2223 MODE(lmp) &= ~RTLD_LAZY; 2224 } 2225 break; 2226 case DT_FLAGS: 2227 if (ld->d_un.d_val & DF_SYMBOLIC) 2228 FLAGS1(lmp) |= FL1_RT_SYMBOLIC; 2229 if (ld->d_un.d_val & DF_TEXTREL) 2230 FLAGS1(lmp) |= FL1_RT_TEXTREL; 2231 if ((ld->d_un.d_val & DF_BIND_NOW) && 2232 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2233 MODE(lmp) |= RTLD_NOW; 2234 MODE(lmp) &= ~RTLD_LAZY; 2235 } 2236 /* 2237 * Capture any static TLS use, and enforce that 2238 * this object be non-deletable. 2239 */ 2240 if (ld->d_un.d_val & DF_STATIC_TLS) { 2241 FLAGS1(lmp) |= FL1_RT_TLSSTAT; 2242 MODE(lmp) |= RTLD_NODELETE; 2243 } 2244 break; 2245 case DT_FLAGS_1: 2246 if (ld->d_un.d_val & DF_1_DISPRELPND) 2247 FLAGS1(lmp) |= FL1_RT_DISPREL; 2248 if (ld->d_un.d_val & DF_1_GROUP) 2249 FLAGS(lmp) |= 2250 (FLG_RT_SETGROUP | FLG_RT_HANDLE); 2251 if ((ld->d_un.d_val & DF_1_NOW) && 2252 ((rtld_flags2 & RT_FL2_BINDLAZY) == 0)) { 2253 MODE(lmp) |= RTLD_NOW; 2254 MODE(lmp) &= ~RTLD_LAZY; 2255 } 2256 if (ld->d_un.d_val & DF_1_NODELETE) 2257 MODE(lmp) |= RTLD_NODELETE; 2258 if (ld->d_un.d_val & DF_1_INITFIRST) 2259 FLAGS(lmp) |= FLG_RT_INITFRST; 2260 if (ld->d_un.d_val & DF_1_NOOPEN) 2261 FLAGS(lmp) |= FLG_RT_NOOPEN; 2262 if (ld->d_un.d_val & DF_1_LOADFLTR) 2263 FLAGS(lmp) |= FLG_RT_LOADFLTR; 2264 if (ld->d_un.d_val & DF_1_NODUMP) 2265 FLAGS(lmp) |= FLG_RT_NODUMP; 2266 if (ld->d_un.d_val & DF_1_CONFALT) 2267 crle = 1; 2268 if (ld->d_un.d_val & DF_1_DIRECT) 2269 FLAGS1(lmp) |= FL1_RT_DIRECT; 2270 if (ld->d_un.d_val & DF_1_NODEFLIB) 2271 FLAGS1(lmp) |= FL1_RT_NODEFLIB; 2272 if (ld->d_un.d_val & DF_1_ENDFILTEE) 2273 FLAGS1(lmp) |= FL1_RT_ENDFILTE; 2274 if (ld->d_un.d_val & DF_1_TRANS) 2275 FLAGS(lmp) |= FLG_RT_TRANS; 2276 #ifndef EXPAND_RELATIVE 2277 if (ld->d_un.d_val & DF_1_ORIGIN) 2278 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2279 #endif 2280 /* 2281 * If this object identifies itself as an 2282 * interposer, but relocation processing has 2283 * already started, then demote it. It's too 2284 * late to guarantee complete interposition. 2285 */ 2286 if (ld->d_un.d_val & 2287 (DF_1_INTERPOSE | DF_1_SYMINTPOSE)) { 2288 if (lml->lm_flags & LML_FLG_STARTREL) { 2289 DBG_CALL(Dbg_util_intoolate(lmp)); 2290 if (lml->lm_flags & LML_FLG_TRC_ENABLE) 2291 (void) printf( 2292 MSG_INTL(MSG_LDD_REL_ERR2), 2293 NAME(lmp)); 2294 } else if (ld->d_un.d_val & DF_1_INTERPOSE) 2295 FLAGS(lmp) |= FLG_RT_OBJINTPO; 2296 else 2297 FLAGS(lmp) |= FLG_RT_SYMINTPO; 2298 } 2299 break; 2300 case DT_SYMINFO: 2301 SYMINFO(lmp) = (Syminfo *)(ld->d_un.d_ptr + 2302 base); 2303 break; 2304 case DT_SYMINENT: 2305 SYMINENT(lmp) = ld->d_un.d_val; 2306 break; 2307 case DT_PLTPAD: 2308 PLTPAD(lmp) = (void *)(ld->d_un.d_ptr + base); 2309 break; 2310 case DT_PLTPADSZ: 2311 pltpadsz = ld->d_un.d_val; 2312 break; 2313 case DT_SUNW_RTLDINF: 2314 /* 2315 * Maintain a list of RTLDINFO structures. 2316 * Typically, libc is the only supplier, and 2317 * only one structure is provided. However, 2318 * multiple suppliers and multiple structures 2319 * are supported. For example, one structure 2320 * may provide thread_init, and another 2321 * structure may provide atexit reservations. 2322 */ 2323 if ((rti = alist_append(&lml->lm_rti, 0, 2324 sizeof (Rti_desc), AL_CNT_RTLDINFO)) == 0) { 2325 remove_so(0, lmp); 2326 return (0); 2327 } 2328 rti->rti_lmp = lmp; 2329 rti->rti_info = (void *)(ld->d_un.d_ptr + base); 2330 break; 2331 case DT_SUNW_SORTENT: 2332 SUNWSORTENT(lmp) = ld->d_un.d_val; 2333 break; 2334 case DT_SUNW_SYMSORT: 2335 SUNWSYMSORT(lmp) = 2336 (void *)(ld->d_un.d_ptr + base); 2337 break; 2338 case DT_SUNW_SYMSORTSZ: 2339 SUNWSYMSORTSZ(lmp) = ld->d_un.d_val; 2340 break; 2341 case DT_DEPRECATED_SPARC_REGISTER: 2342 case M_DT_REGISTER: 2343 FLAGS(lmp) |= FLG_RT_REGSYMS; 2344 break; 2345 case M_DT_PLTRESERVE: 2346 PLTRESERVE(lmp) = (void *)(ld->d_un.d_ptr + 2347 base); 2348 break; 2349 } 2350 } 2351 2352 2353 if (PLTPAD(lmp)) { 2354 if (pltpadsz == (Xword)0) 2355 PLTPAD(lmp) = 0; 2356 else 2357 PLTPADEND(lmp) = (void *)((Addr)PLTPAD(lmp) + 2358 pltpadsz); 2359 } 2360 2361 /* 2362 * Allocate Dynamic Info structure 2363 */ 2364 if ((DYNINFO(lmp) = calloc((size_t)dyncnt, 2365 sizeof (Dyninfo))) == 0) { 2366 remove_so(0, lmp); 2367 return (0); 2368 } 2369 DYNINFOCNT(lmp) = dyncnt; 2370 } 2371 2372 /* 2373 * A dynsym contains only global functions. We want to have 2374 * a version of it that also includes local functions, so that 2375 * dladdr() will be able to report names for local functions 2376 * when used to generate a stack trace for a stripped file. 2377 * This version of the dynsym is provided via DT_SUNW_SYMTAB. 2378 * 2379 * In producing DT_SUNW_SYMTAB, ld uses a non-obvious trick 2380 * in order to avoid having to have two copies of the global 2381 * symbols held in DT_SYMTAB: The local symbols are placed in 2382 * a separate section than the globals in the dynsym, but the 2383 * linker conspires to put the data for these two sections adjacent 2384 * to each other. DT_SUNW_SYMTAB points at the top of the local 2385 * symbols, and DT_SUNW_SYMSZ is the combined length of both tables. 2386 * 2387 * If the two sections are not adjacent, then something went wrong 2388 * at link time. We use ASSERT to kill the process if this is 2389 * a debug build. In a production build, we will silently ignore 2390 * the presence of the .ldynsym and proceed. We can detect this 2391 * situation by checking to see that DT_SYMTAB lies in 2392 * the range given by DT_SUNW_SYMTAB/DT_SUNW_SYMSZ. 2393 */ 2394 if ((SUNWSYMTAB(lmp) != NULL) && 2395 (((char *)SYMTAB(lmp) <= (char *)SUNWSYMTAB(lmp)) || 2396 (((char *)SYMTAB(lmp) >= 2397 (SUNWSYMSZ(lmp) + (char *)SUNWSYMTAB(lmp)))))) { 2398 ASSERT(0); 2399 SUNWSYMTAB(lmp) = NULL; 2400 SUNWSYMSZ(lmp) = 0; 2401 } 2402 2403 /* 2404 * If configuration file use hasn't been disabled, and a configuration 2405 * file hasn't already been set via an environment variable, see if any 2406 * application specific configuration file is specified. An LD_CONFIG 2407 * setting is used first, but if this image was generated via crle(1) 2408 * then a default configuration file is a fall-back. 2409 */ 2410 if ((!(rtld_flags & RT_FL_NOCFG)) && (config->c_name == 0)) { 2411 if (cfile) 2412 config->c_name = (const char *)(cfile + 2413 (char *)STRTAB(lmp)); 2414 else if (crle) { 2415 rtld_flags |= RT_FL_CONFAPP; 2416 #ifndef EXPAND_RELATIVE 2417 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2418 #endif 2419 } 2420 } 2421 2422 if (rpath) 2423 RPATH(lmp) = (char *)(rpath + (char *)STRTAB(lmp)); 2424 if (fltr) { 2425 /* 2426 * If this object is a global filter, duplicate the filtee 2427 * string name(s) so that REFNAME() is available in core files. 2428 * This cludge was useful for debuggers at one point, but only 2429 * when the filtee name was an individual full path. 2430 */ 2431 if ((REFNAME(lmp) = strdup(fltr + (char *)STRTAB(lmp))) == 0) { 2432 remove_so(0, lmp); 2433 return (0); 2434 } 2435 } 2436 2437 if (rtld_flags & RT_FL_RELATIVE) 2438 FLAGS1(lmp) |= FL1_RT_RELATIVE; 2439 2440 /* 2441 * For Intel ABI compatibility. It's possible that a JMPREL can be 2442 * specified without any other relocations (e.g. a dynamic executable 2443 * normally only contains .plt relocations). If this is the case then 2444 * no REL, RELSZ or RELENT will have been created. For us to be able 2445 * to traverse the .plt relocations under LD_BIND_NOW we need to know 2446 * the RELENT for these relocations. Refer to elf_reloc() for more 2447 * details. 2448 */ 2449 if (!RELENT(lmp) && JMPREL(lmp)) 2450 RELENT(lmp) = sizeof (Rel); 2451 2452 /* 2453 * Establish any per-object auditing. If we're establishing `main's 2454 * link-map its too early to go searching for audit objects so just 2455 * hold the object name for later (see setup()). 2456 */ 2457 if (audit) { 2458 char *cp = audit + (char *)STRTAB(lmp); 2459 2460 if (*cp) { 2461 if (((AUDITORS(lmp) = 2462 calloc(1, sizeof (Audit_desc))) == 0) || 2463 ((AUDITORS(lmp)->ad_name = strdup(cp)) == 0)) { 2464 remove_so(0, lmp); 2465 return (0); 2466 } 2467 if (lml_main.lm_head) { 2468 if (audit_setup(lmp, AUDITORS(lmp), 0) == 0) { 2469 remove_so(0, lmp); 2470 return (0); 2471 } 2472 FLAGS1(lmp) |= AUDITORS(lmp)->ad_flags; 2473 lml->lm_flags |= LML_FLG_LOCAUDIT; 2474 } 2475 } 2476 } 2477 2478 if ((CONDVAR(lmp) = rt_cond_create()) == 0) { 2479 remove_so(0, lmp); 2480 return (0); 2481 } 2482 if (oname && ((append_alias(lmp, oname, 0)) == 0)) { 2483 remove_so(0, lmp); 2484 return (0); 2485 } 2486 2487 /* 2488 * Add the mapped object to the end of the link map list. 2489 */ 2490 lm_append(lml, lmco, lmp); 2491 return (lmp); 2492 } 2493 2494 /* 2495 * Assign hardware/software capabilities. 2496 */ 2497 void 2498 cap_assign(Cap *cap, Rt_map *lmp) 2499 { 2500 while (cap->c_tag != CA_SUNW_NULL) { 2501 switch (cap->c_tag) { 2502 case CA_SUNW_HW_1: 2503 HWCAP(lmp) = cap->c_un.c_val; 2504 break; 2505 case CA_SUNW_SF_1: 2506 SFCAP(lmp) = cap->c_un.c_val; 2507 } 2508 cap++; 2509 } 2510 } 2511 2512 /* 2513 * Map in an ELF object. 2514 * Takes an open file descriptor for the object to map and its pathname; returns 2515 * a pointer to a Rt_map structure for this object, or 0 on error. 2516 */ 2517 static Rt_map * 2518 elf_map_so(Lm_list *lml, Aliste lmco, const char *pname, const char *oname, 2519 int fd) 2520 { 2521 int i; /* general temporary */ 2522 Off memsize = 0; /* total memory size of pathname */ 2523 Off mentry; /* entry point */ 2524 Ehdr *ehdr; /* ELF header of ld.so */ 2525 Phdr *phdr; /* first Phdr in file */ 2526 Phdr *phdr0; /* Saved first Phdr in file */ 2527 Phdr *pptr; /* working Phdr */ 2528 Phdr *fph = 0; /* first loadable Phdr */ 2529 Phdr *lph; /* last loadable Phdr */ 2530 Phdr *lfph = 0; /* last loadable (filesz != 0) Phdr */ 2531 Phdr *lmph = 0; /* last loadable (memsz != 0) Phdr */ 2532 Phdr *swph = 0; /* program header for SUNWBSS */ 2533 Phdr *tlph = 0; /* program header for PT_TLS */ 2534 Phdr *unwindph = 0; /* program header for PT_SUNW_UNWIND */ 2535 Cap *cap = 0; /* program header for SUNWCAP */ 2536 Dyn *mld = 0; /* DYNAMIC structure for pathname */ 2537 size_t size; /* size of elf and program headers */ 2538 caddr_t faddr = 0; /* mapping address of pathname */ 2539 Rt_map *lmp; /* link map created */ 2540 caddr_t paddr; /* start of padded image */ 2541 Off plen; /* size of image including padding */ 2542 Half etype; 2543 int fixed; 2544 Mmap *mmaps; 2545 uint_t mmapcnt = 0; 2546 Xword align = 0; 2547 2548 /* LINTED */ 2549 ehdr = (Ehdr *)fmap->fm_maddr; 2550 2551 /* 2552 * If this a relocatable object then special processing is required. 2553 */ 2554 if ((etype = ehdr->e_type) == ET_REL) 2555 return (elf_obj_file(lml, lmco, pname, fd)); 2556 2557 /* 2558 * If this isn't a dynamic executable or shared object we can't process 2559 * it. If this is a dynamic executable then all addresses are fixed. 2560 */ 2561 if (etype == ET_EXEC) 2562 fixed = 1; 2563 else if (etype == ET_DYN) 2564 fixed = 0; 2565 else { 2566 eprintf(lml, ERR_ELF, MSG_INTL(MSG_GEN_BADTYPE), pname, 2567 conv_ehdr_type(etype, 0)); 2568 return (0); 2569 } 2570 2571 /* 2572 * If our original mapped page was not large enough to hold all the 2573 * program headers remap them. 2574 */ 2575 size = (size_t)((char *)ehdr->e_phoff + 2576 (ehdr->e_phnum * ehdr->e_phentsize)); 2577 if (size > fmap->fm_fsize) { 2578 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_CORTRUNC), pname); 2579 return (0); 2580 } 2581 if (size > fmap->fm_msize) { 2582 fmap_setup(); 2583 if ((fmap->fm_maddr = mmap(fmap->fm_maddr, size, PROT_READ, 2584 fmap->fm_mflags, fd, 0)) == MAP_FAILED) { 2585 int err = errno; 2586 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_SYS_MMAP), pname, 2587 strerror(err)); 2588 return (0); 2589 } 2590 fmap->fm_msize = size; 2591 /* LINTED */ 2592 ehdr = (Ehdr *)fmap->fm_maddr; 2593 } 2594 /* LINTED */ 2595 phdr0 = phdr = (Phdr *)((char *)ehdr + ehdr->e_ehsize); 2596 2597 /* 2598 * Get entry point. 2599 */ 2600 mentry = ehdr->e_entry; 2601 2602 /* 2603 * Point at program headers and perform some basic validation. 2604 */ 2605 for (i = 0, pptr = phdr; i < (int)ehdr->e_phnum; i++, 2606 pptr = (Phdr *)((Off)pptr + ehdr->e_phentsize)) { 2607 if ((pptr->p_type == PT_LOAD) || 2608 (pptr->p_type == PT_SUNWBSS)) { 2609 2610 if (fph == 0) { 2611 fph = pptr; 2612 /* LINTED argument lph is initialized in first pass */ 2613 } else if (pptr->p_vaddr <= lph->p_vaddr) { 2614 eprintf(lml, ERR_ELF, 2615 MSG_INTL(MSG_GEN_INVPRGHDR), pname); 2616 return (0); 2617 } 2618 2619 lph = pptr; 2620 2621 if (pptr->p_memsz) 2622 lmph = pptr; 2623 if (pptr->p_filesz) 2624 lfph = pptr; 2625 if (pptr->p_type == PT_SUNWBSS) 2626 swph = pptr; 2627 if (pptr->p_align > align) 2628 align = pptr->p_align; 2629 2630 } else if (pptr->p_type == PT_DYNAMIC) { 2631 mld = (Dyn *)(pptr->p_vaddr); 2632 } else if ((pptr->p_type == PT_TLS) && pptr->p_memsz) { 2633 tlph = pptr; 2634 } else if (pptr->p_type == PT_SUNWCAP) { 2635 cap = (Cap *)(pptr->p_vaddr); 2636 } else if (pptr->p_type == PT_SUNW_UNWIND) { 2637 unwindph = pptr; 2638 } 2639 } 2640 2641 #if defined(MAP_ALIGN) 2642 /* 2643 * Make sure the maximum page alignment is a power of 2 >= the system 2644 * page size, for use with MAP_ALIGN. 2645 */ 2646 align = M_PROUND(align); 2647 #endif 2648 2649 /* 2650 * We'd better have at least one loadable segment, together with some 2651 * specified file and memory size. 2652 */ 2653 if ((fph == 0) || (lmph == 0) || (lfph == 0)) { 2654 eprintf(lml, ERR_ELF, MSG_INTL(MSG_GEN_NOLOADSEG), pname); 2655 return (0); 2656 } 2657 2658 /* 2659 * Check that the files size accounts for the loadable sections 2660 * we're going to map in (failure to do this may cause spurious 2661 * bus errors if we're given a truncated file). 2662 */ 2663 if (fmap->fm_fsize < ((size_t)lfph->p_offset + lfph->p_filesz)) { 2664 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_GEN_CORTRUNC), pname); 2665 return (0); 2666 } 2667 2668 /* 2669 * Memsize must be page rounded so that if we add object padding 2670 * at the end it will start at the beginning of a page. 2671 */ 2672 plen = memsize = M_PROUND((lmph->p_vaddr + lmph->p_memsz) - 2673 M_PTRUNC((ulong_t)fph->p_vaddr)); 2674 2675 /* 2676 * Determine if an existing mapping is acceptable. 2677 */ 2678 if (interp && (lml->lm_flags & LML_FLG_BASELM) && 2679 (strcmp(pname, interp->i_name) == 0)) { 2680 /* 2681 * If this is the interpreter then it has already been mapped 2682 * and we have the address so don't map it again. Note that 2683 * the common occurrence of a reference to the interpretor 2684 * (libdl -> ld.so.1) will have been caught during filter 2685 * initialization (see elf_lookup_filtee()). However, some 2686 * ELF implementations are known to record libc.so.1 as the 2687 * interpretor, and thus this test catches this behavior. 2688 */ 2689 paddr = faddr = interp->i_faddr; 2690 2691 } else if ((fixed == 0) && (r_debug.rtd_objpad == 0) && 2692 (memsize <= fmap->fm_msize) && ((fph->p_flags & PF_W) == 0) && 2693 (fph->p_filesz == fph->p_memsz) && 2694 (((Xword)fmap->fm_maddr % align) == 0)) { 2695 /* 2696 * If the mapping required has already been established from 2697 * the initial page we don't need to do anything more. Reset 2698 * the fmap address so then any later files start a new fmap. 2699 * This is really an optimization for filters, such as libdl.so, 2700 * which should only require one page. 2701 */ 2702 paddr = faddr = fmap->fm_maddr; 2703 fmap->fm_maddr = 0; 2704 fmap_setup(); 2705 } 2706 2707 /* 2708 * Allocate a mapping array to retain mapped segment information. 2709 */ 2710 if ((mmaps = calloc(ehdr->e_phnum, sizeof (Mmap))) == 0) 2711 return (0); 2712 2713 /* 2714 * If we're reusing an existing mapping determine the objects etext 2715 * address. Otherwise map the file (which will calculate the etext 2716 * address as part of the mapping process). 2717 */ 2718 if (faddr) { 2719 caddr_t base; 2720 2721 if (fixed) 2722 base = 0; 2723 else 2724 base = faddr; 2725 2726 /* LINTED */ 2727 phdr0 = phdr = (Phdr *)((char *)faddr + ehdr->e_ehsize); 2728 2729 for (i = 0, pptr = phdr; i < (int)ehdr->e_phnum; i++, 2730 pptr = (Phdr *)((Off)pptr + ehdr->e_phentsize)) { 2731 if (pptr->p_type != PT_LOAD) 2732 continue; 2733 2734 mmaps[mmapcnt].m_vaddr = (pptr->p_vaddr + base); 2735 mmaps[mmapcnt].m_msize = pptr->p_memsz; 2736 mmaps[mmapcnt].m_fsize = pptr->p_filesz; 2737 mmaps[mmapcnt].m_perm = (PROT_READ | PROT_EXEC); 2738 mmapcnt++; 2739 2740 if (!(pptr->p_flags & PF_W)) { 2741 fmap->fm_etext = (ulong_t)pptr->p_vaddr + 2742 (ulong_t)pptr->p_memsz + 2743 (ulong_t)(fixed ? 0 : faddr); 2744 } 2745 } 2746 } else { 2747 /* 2748 * Map the file. 2749 */ 2750 if (!(faddr = elf_map_it(lml, pname, memsize, ehdr, fph, lph, 2751 &phdr, &paddr, &plen, fixed, fd, align, mmaps, &mmapcnt))) 2752 return (0); 2753 } 2754 2755 /* 2756 * Calculate absolute base addresses and entry points. 2757 */ 2758 if (!fixed) { 2759 if (mld) 2760 /* LINTED */ 2761 mld = (Dyn *)((Off)mld + faddr); 2762 if (cap) 2763 /* LINTED */ 2764 cap = (Cap *)((Off)cap + faddr); 2765 mentry += (Off)faddr; 2766 } 2767 2768 /* 2769 * Create new link map structure for newly mapped shared object. 2770 */ 2771 if (!(lmp = elf_new_lm(lml, pname, oname, mld, (ulong_t)faddr, 2772 fmap->fm_etext, lmco, memsize, mentry, (ulong_t)paddr, plen, mmaps, 2773 mmapcnt))) { 2774 (void) munmap((caddr_t)faddr, memsize); 2775 return (0); 2776 } 2777 2778 /* 2779 * Start the system loading in the ELF information we'll be processing. 2780 */ 2781 if (REL(lmp)) { 2782 (void) madvise((void *)ADDR(lmp), (uintptr_t)REL(lmp) + 2783 (uintptr_t)RELSZ(lmp) - (uintptr_t)ADDR(lmp), 2784 MADV_WILLNEED); 2785 } 2786 2787 /* 2788 * If this shared object contains any special segments, record them. 2789 */ 2790 if (swph) { 2791 FLAGS(lmp) |= FLG_RT_SUNWBSS; 2792 SUNWBSS(lmp) = phdr + (swph - phdr0); 2793 } 2794 if (tlph && (tls_assign(lml, lmp, (phdr + (tlph - phdr0))) == 0)) { 2795 remove_so(lml, lmp); 2796 return (0); 2797 } 2798 2799 if (unwindph) 2800 PTUNWIND(lmp) = phdr + (unwindph - phdr0); 2801 2802 if (cap) 2803 cap_assign(cap, lmp); 2804 2805 return (lmp); 2806 } 2807 2808 /* 2809 * Function to correct protection settings. Segments are all mapped initially 2810 * with permissions as given in the segment header. We need to turn on write 2811 * permissions on a text segment if there are any relocations against that 2812 * segment, and them turn write permission back off again before returning 2813 * control to the user. This function turns the permission on or off depending 2814 * on the value of the argument. 2815 */ 2816 int 2817 elf_set_prot(Rt_map *lmp, int permission) 2818 { 2819 Mmap *mmaps; 2820 2821 /* 2822 * If this is an allocated image (ie. a relocatable object) we can't 2823 * mprotect() anything. 2824 */ 2825 if (FLAGS(lmp) & FLG_RT_IMGALLOC) 2826 return (1); 2827 2828 DBG_CALL(Dbg_file_prot(lmp, permission)); 2829 2830 for (mmaps = MMAPS(lmp); mmaps->m_vaddr; mmaps++) { 2831 if (mmaps->m_perm & PROT_WRITE) 2832 continue; 2833 2834 if (mprotect(mmaps->m_vaddr, mmaps->m_msize, 2835 (mmaps->m_perm | permission)) == -1) { 2836 int err = errno; 2837 eprintf(LIST(lmp), ERR_FATAL, MSG_INTL(MSG_SYS_MPROT), 2838 NAME(lmp), strerror(err)); 2839 return (0); 2840 } 2841 } 2842 return (1); 2843 } 2844 2845 /* 2846 * Build full pathname of shared object from given directory name and filename. 2847 */ 2848 static char * 2849 elf_get_so(const char *dir, const char *file) 2850 { 2851 static char pname[PATH_MAX]; 2852 2853 (void) snprintf(pname, PATH_MAX, MSG_ORIG(MSG_FMT_PATH), dir, file); 2854 return (pname); 2855 } 2856 2857 /* 2858 * The copy relocation is recorded in a copy structure which will be applied 2859 * after all other relocations are carried out. This provides for copying data 2860 * that must be relocated itself (ie. pointers in shared objects). This 2861 * structure also provides a means of binding RTLD_GROUP dependencies to any 2862 * copy relocations that have been taken from any group members. 2863 * 2864 * If the size of the .bss area available for the copy information is not the 2865 * same as the source of the data inform the user if we're under ldd(1) control 2866 * (this checking was only established in 5.3, so by only issuing an error via 2867 * ldd(1) we maintain the standard set by previous releases). 2868 */ 2869 int 2870 elf_copy_reloc(char *name, Sym *rsym, Rt_map *rlmp, void *radd, Sym *dsym, 2871 Rt_map *dlmp, const void *dadd) 2872 { 2873 Rel_copy rc; 2874 Lm_list *lml = LIST(rlmp); 2875 2876 rc.r_name = name; 2877 rc.r_rsym = rsym; /* the new reference symbol and its */ 2878 rc.r_rlmp = rlmp; /* associated link-map */ 2879 rc.r_dlmp = dlmp; /* the defining link-map */ 2880 rc.r_dsym = dsym; /* the original definition */ 2881 rc.r_radd = radd; 2882 rc.r_dadd = dadd; 2883 2884 if (rsym->st_size > dsym->st_size) 2885 rc.r_size = (size_t)dsym->st_size; 2886 else 2887 rc.r_size = (size_t)rsym->st_size; 2888 2889 if (alist_append(©(dlmp), &rc, sizeof (Rel_copy), 2890 AL_CNT_COPYREL) == 0) { 2891 if (!(lml->lm_flags & LML_FLG_TRC_WARN)) 2892 return (0); 2893 else 2894 return (1); 2895 } 2896 if (!(FLAGS1(dlmp) & FL1_RT_COPYTOOK)) { 2897 if (alist_append(©(rlmp), &dlmp, 2898 sizeof (Rt_map *), AL_CNT_COPYREL) == 0) { 2899 if (!(lml->lm_flags & LML_FLG_TRC_WARN)) 2900 return (0); 2901 else 2902 return (1); 2903 } 2904 FLAGS1(dlmp) |= FL1_RT_COPYTOOK; 2905 } 2906 2907 /* 2908 * If we are tracing (ldd), warn the user if 2909 * 1) the size from the reference symbol differs from the 2910 * copy definition. We can only copy as much data as the 2911 * reference (dynamic executables) entry allows. 2912 * 2) the copy definition has STV_PROTECTED visibility. 2913 */ 2914 if (lml->lm_flags & LML_FLG_TRC_WARN) { 2915 if (rsym->st_size != dsym->st_size) { 2916 (void) printf(MSG_INTL(MSG_LDD_CPY_SIZDIF), 2917 _conv_reloc_type(M_R_COPY), demangle(name), 2918 NAME(rlmp), EC_XWORD(rsym->st_size), 2919 NAME(dlmp), EC_XWORD(dsym->st_size)); 2920 if (rsym->st_size > dsym->st_size) 2921 (void) printf(MSG_INTL(MSG_LDD_CPY_INSDATA), 2922 NAME(dlmp)); 2923 else 2924 (void) printf(MSG_INTL(MSG_LDD_CPY_DATRUNC), 2925 NAME(rlmp)); 2926 } 2927 2928 if (ELF_ST_VISIBILITY(dsym->st_other) == STV_PROTECTED) { 2929 (void) printf(MSG_INTL(MSG_LDD_CPY_PROT), 2930 _conv_reloc_type(M_R_COPY), demangle(name), 2931 NAME(dlmp)); 2932 } 2933 } 2934 2935 DBG_CALL(Dbg_reloc_apply_val(lml, ELF_DBG_RTLD, (Xword)radd, 2936 (Xword)rc.r_size)); 2937 return (1); 2938 } 2939 2940 /* 2941 * Determine the symbol location of an address within a link-map. Look for 2942 * the nearest symbol (whose value is less than or equal to the required 2943 * address). This is the object specific part of dladdr(). 2944 */ 2945 static void 2946 elf_dladdr(ulong_t addr, Rt_map *lmp, Dl_info *dlip, void **info, int flags) 2947 { 2948 ulong_t ndx, cnt, base, _value; 2949 Sym *sym, *_sym = NULL; 2950 const char *str; 2951 int _flags; 2952 uint_t *dynaddr_ndx; 2953 uint_t dynaddr_n = 0; 2954 ulong_t value; 2955 2956 /* 2957 * If SUNWSYMTAB() is non-NULL, then it sees a special version of 2958 * the dynsym that starts with any local function symbols that exist in 2959 * the library and then moves to the data held in SYMTAB(). In this 2960 * case, SUNWSYMSZ tells us how long the symbol table is. The 2961 * availability of local function symbols will enhance the results 2962 * we can provide. 2963 * 2964 * If SUNWSYMTAB() is non-NULL, then there might also be a 2965 * SUNWSYMSORT() vector associated with it. SUNWSYMSORT() contains 2966 * an array of indices into SUNWSYMTAB, sorted by increasing 2967 * address. We can use this to do an O(log N) search instead of a 2968 * brute force search. 2969 * 2970 * If SUNWSYMTAB() is NULL, then SYMTAB() references a dynsym that 2971 * contains only global symbols. In that case, the length of 2972 * the symbol table comes from the nchain field of the related 2973 * symbol lookup hash table. 2974 */ 2975 str = STRTAB(lmp); 2976 if (SUNWSYMSZ(lmp) == NULL) { 2977 sym = SYMTAB(lmp); 2978 /* 2979 * If we don't have a .hash table there are no symbols 2980 * to look at. 2981 */ 2982 if (HASH(lmp) == 0) 2983 return; 2984 cnt = HASH(lmp)[1]; 2985 } else { 2986 sym = SUNWSYMTAB(lmp); 2987 cnt = SUNWSYMSZ(lmp) / SYMENT(lmp); 2988 dynaddr_ndx = SUNWSYMSORT(lmp); 2989 if (dynaddr_ndx != NULL) 2990 dynaddr_n = SUNWSYMSORTSZ(lmp) / SUNWSORTENT(lmp); 2991 } 2992 2993 if (FLAGS(lmp) & FLG_RT_FIXED) 2994 base = 0; 2995 else 2996 base = ADDR(lmp); 2997 2998 if (dynaddr_n > 0) { /* Binary search */ 2999 long low = 0, low_bnd; 3000 long high = dynaddr_n - 1, high_bnd; 3001 long mid; 3002 Sym *mid_sym; 3003 3004 /* 3005 * Note that SUNWSYMSORT only contains symbols types that 3006 * supply memory addresses, so there's no need to check and 3007 * filter out any other types. 3008 */ 3009 low_bnd = low; 3010 high_bnd = high; 3011 while (low <= high) { 3012 mid = (low + high) / 2; 3013 mid_sym = &sym[dynaddr_ndx[mid]]; 3014 value = mid_sym->st_value + base; 3015 if (addr < value) { 3016 if ((sym[dynaddr_ndx[high]].st_value + base) >= 3017 addr) 3018 high_bnd = high; 3019 high = mid - 1; 3020 } else if (addr > value) { 3021 if ((sym[dynaddr_ndx[low]].st_value + base) <= 3022 addr) 3023 low_bnd = low; 3024 low = mid + 1; 3025 } else { 3026 _sym = mid_sym; 3027 _value = value; 3028 break; 3029 } 3030 } 3031 /* 3032 * If the above didn't find it exactly, then we must 3033 * return the closest symbol with a value that doesn't 3034 * exceed the one we are looking for. If that symbol exists, 3035 * it will lie in the range bounded by low_bnd and 3036 * high_bnd. This is a linear search, but a short one. 3037 */ 3038 if (_sym == NULL) { 3039 for (mid = low_bnd; mid <= high_bnd; mid++) { 3040 mid_sym = &sym[dynaddr_ndx[mid]]; 3041 value = mid_sym->st_value + base; 3042 if (addr >= value) { 3043 _sym = mid_sym; 3044 _value = value; 3045 } else { 3046 break; 3047 } 3048 } 3049 } 3050 } else { /* Linear search */ 3051 for (_value = 0, sym++, ndx = 1; ndx < cnt; ndx++, sym++) { 3052 /* 3053 * Skip expected symbol types that are not functions 3054 * or data: 3055 * - A symbol table starts with an undefined symbol 3056 * in slot 0. If we are using SUNWSYMTAB(), 3057 * there will be a second undefined symbol 3058 * right before the globals. 3059 * - The local part of SUNWSYMTAB() contains a 3060 * series of function symbols. Each section 3061 * starts with an initial STT_FILE symbol. 3062 */ 3063 if ((sym->st_shndx == SHN_UNDEF) || 3064 (ELF_ST_TYPE(sym->st_info) == STT_FILE)) 3065 continue; 3066 3067 value = sym->st_value + base; 3068 if (value > addr) 3069 continue; 3070 if (value < _value) 3071 continue; 3072 3073 _sym = sym; 3074 _value = value; 3075 3076 /* 3077 * Note, because we accept local and global symbols 3078 * we could find a section symbol that matches the 3079 * associated address, which means that the symbol 3080 * name will be null. In this case continue the 3081 * search in case we can find a global symbol of 3082 * the same value. 3083 */ 3084 if ((value == addr) && 3085 (ELF_ST_TYPE(sym->st_info) != STT_SECTION)) 3086 break; 3087 } 3088 } 3089 3090 _flags = flags & RTLD_DL_MASK; 3091 if (_sym) { 3092 if (_flags == RTLD_DL_SYMENT) 3093 *info = (void *)_sym; 3094 else if (_flags == RTLD_DL_LINKMAP) 3095 *info = (void *)lmp; 3096 3097 dlip->dli_sname = str + _sym->st_name; 3098 dlip->dli_saddr = (void *)_value; 3099 } else { 3100 /* 3101 * addr lies between the beginning of the mapped segment and 3102 * the first global symbol. We have no symbol to return 3103 * and the caller requires one. We use _START_, the base 3104 * address of the mapping. 3105 */ 3106 3107 if (_flags == RTLD_DL_SYMENT) { 3108 /* 3109 * An actual symbol struct is needed, so we 3110 * construct one for _START_. To do this in a 3111 * fully accurate way requires a different symbol 3112 * for each mapped segment. This requires the 3113 * use of dynamic memory and a mutex. That's too much 3114 * plumbing for a fringe case of limited importance. 3115 * 3116 * Fortunately, we can simplify: 3117 * - Only the st_size and st_info fields are useful 3118 * outside of the linker internals. The others 3119 * reference things that outside code cannot see, 3120 * and can be set to 0. 3121 * - It's just a label and there is no size 3122 * to report. So, the size should be 0. 3123 * This means that only st_info needs a non-zero 3124 * (constant) value. A static struct will suffice. 3125 * It must be const (readonly) so the caller can't 3126 * change its meaning for subsequent callers. 3127 */ 3128 static const Sym fsym = { 0, 0, 0, 3129 ELF_ST_INFO(STB_LOCAL, STT_OBJECT) }; 3130 *info = (void *) &fsym; 3131 } 3132 3133 dlip->dli_sname = MSG_ORIG(MSG_SYM_START); 3134 dlip->dli_saddr = (void *) ADDR(lmp); 3135 } 3136 } 3137 3138 static void 3139 elf_lazy_cleanup(Alist *alp) 3140 { 3141 Rt_map **lmpp; 3142 Aliste off; 3143 3144 /* 3145 * Cleanup any link-maps added to this dynamic list and free it. 3146 */ 3147 for (ALIST_TRAVERSE(alp, off, lmpp)) 3148 FLAGS(*lmpp) &= ~FLG_RT_DLSYM; 3149 free(alp); 3150 } 3151 3152 /* 3153 * This routine is called upon to search for a symbol from the dependencies of 3154 * the initial link-map. To maintain lazy loadings goal of reducing the number 3155 * of objects mapped, any symbol search is first carried out using the objects 3156 * that already exist in the process (either on a link-map list or handle). 3157 * If a symbol can't be found, and lazy dependencies are still pending, this 3158 * routine loads the dependencies in an attempt to locate the symbol. 3159 * 3160 * Only new objects are inspected as we will have already inspected presently 3161 * loaded objects before calling this routine. However, a new object may not 3162 * be new - although the di_lmp might be zero, the object may have been mapped 3163 * as someone elses dependency. Thus there's a possibility of some symbol 3164 * search duplication. 3165 */ 3166 3167 Sym * 3168 elf_lazy_find_sym(Slookup *slp, Rt_map **_lmp, uint_t *binfo) 3169 { 3170 Sym *sym = 0; 3171 Alist * alist = 0; 3172 Aliste off; 3173 Rt_map ** lmpp, * lmp = slp->sl_imap; 3174 const char *name = slp->sl_name; 3175 3176 if (alist_append(&alist, &lmp, sizeof (Rt_map *), AL_CNT_LAZYFIND) == 0) 3177 return (0); 3178 FLAGS(lmp) |= FLG_RT_DLSYM; 3179 3180 for (ALIST_TRAVERSE(alist, off, lmpp)) { 3181 uint_t cnt = 0; 3182 Slookup sl = *slp; 3183 Dyninfo *dip; 3184 3185 /* 3186 * Loop through the DT_NEEDED entries examining each object for 3187 * the symbol. If the symbol is not found the object is in turn 3188 * added to the alist, so that its DT_NEEDED entires may be 3189 * examined. 3190 */ 3191 lmp = *lmpp; 3192 for (dip = DYNINFO(lmp); cnt < DYNINFOCNT(lmp); cnt++, dip++) { 3193 Rt_map *nlmp; 3194 3195 if (((dip->di_flags & FLG_DI_NEEDED) == 0) || 3196 dip->di_info) 3197 continue; 3198 3199 /* 3200 * If this entry defines a lazy dependency try loading 3201 * it. If the file can't be loaded, consider this 3202 * non-fatal and continue the search (lazy loaded 3203 * dependencies need not exist and their loading should 3204 * only be fatal if called from a relocation). 3205 * 3206 * If the file is already loaded and relocated we must 3207 * still inspect it for symbols, even though it might 3208 * have already been searched. This lazy load operation 3209 * might have promoted the permissions of the object, 3210 * and thus made the object applicable for this symbol 3211 * search, whereas before the object might have been 3212 * skipped. 3213 */ 3214 if ((nlmp = elf_lazy_load(lmp, cnt, name)) == 0) 3215 continue; 3216 3217 /* 3218 * If this object isn't yet a part of the dynamic list 3219 * then inspect it for the symbol. If the symbol isn't 3220 * found add the object to the dynamic list so that we 3221 * can inspect its dependencies. 3222 */ 3223 if (FLAGS(nlmp) & FLG_RT_DLSYM) 3224 continue; 3225 3226 sl.sl_imap = nlmp; 3227 if (sym = LM_LOOKUP_SYM(sl.sl_cmap)(&sl, _lmp, binfo)) 3228 break; 3229 3230 /* 3231 * Some dlsym() operations are already traversing a 3232 * link-map (dlopen(0)), and thus there's no need to 3233 * build our own dynamic dependency list. 3234 */ 3235 if ((sl.sl_flags & LKUP_NODESCENT) == 0) { 3236 if (alist_append(&alist, &nlmp, 3237 sizeof (Rt_map *), AL_CNT_LAZYFIND) == 0) { 3238 elf_lazy_cleanup(alist); 3239 return (0); 3240 } 3241 FLAGS(nlmp) |= FLG_RT_DLSYM; 3242 } 3243 } 3244 if (sym) 3245 break; 3246 } 3247 3248 elf_lazy_cleanup(alist); 3249 return (sym); 3250 } 3251 3252 /* 3253 * Warning message for bad r_offset. 3254 */ 3255 void 3256 elf_reloc_bad(Rt_map *lmp, void *rel, uchar_t rtype, ulong_t roffset, 3257 ulong_t rsymndx) 3258 { 3259 const char *name = (char *)0; 3260 Lm_list *lml = LIST(lmp); 3261 int trace; 3262 3263 if ((lml->lm_flags & LML_FLG_TRC_ENABLE) && 3264 (((rtld_flags & RT_FL_SILENCERR) == 0) || 3265 (lml->lm_flags & LML_FLG_TRC_VERBOSE))) 3266 trace = 1; 3267 else 3268 trace = 0; 3269 3270 if ((trace == 0) && (DBG_ENABLED == 0)) 3271 return; 3272 3273 if (rsymndx) { 3274 Sym *symref = (Sym *)((ulong_t)SYMTAB(lmp) + 3275 (rsymndx * SYMENT(lmp))); 3276 3277 if (ELF_ST_BIND(symref->st_info) != STB_LOCAL) 3278 name = (char *)(STRTAB(lmp) + symref->st_name); 3279 } 3280 3281 if (name == 0) 3282 name = MSG_ORIG(MSG_STR_EMPTY); 3283 3284 if (trace) { 3285 const char *rstr; 3286 3287 rstr = _conv_reloc_type((uint_t)rtype); 3288 (void) printf(MSG_INTL(MSG_LDD_REL_ERR1), rstr, name, 3289 EC_ADDR(roffset)); 3290 return; 3291 } 3292 3293 Dbg_reloc_error(lml, ELF_DBG_RTLD, M_MACH, M_REL_SHT_TYPE, rel, name); 3294 } 3295 3296 /* 3297 * Resolve a static TLS relocation. 3298 */ 3299 long 3300 elf_static_tls(Rt_map *lmp, Sym *sym, void *rel, uchar_t rtype, char *name, 3301 ulong_t roffset, long value) 3302 { 3303 Lm_list *lml = LIST(lmp); 3304 3305 /* 3306 * Relocations against a static TLS block have limited support once 3307 * process initialization has completed. Any error condition should be 3308 * discovered by testing for DF_STATIC_TLS as part of loading an object, 3309 * however individual relocations are tested in case the dynamic flag 3310 * had not been set when this object was built. 3311 */ 3312 if (PTTLS(lmp) == 0) { 3313 DBG_CALL(Dbg_reloc_in(lml, ELF_DBG_RTLD, M_MACH, 3314 M_REL_SHT_TYPE, rel, NULL, name)); 3315 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_BADTLS), 3316 _conv_reloc_type((uint_t)rtype), NAME(lmp), 3317 name ? demangle(name) : MSG_INTL(MSG_STR_UNKNOWN)); 3318 return (0); 3319 } 3320 3321 /* 3322 * If no static TLS has been set aside for this object, determine if 3323 * any can be obtained. Enforce that any object using static TLS is 3324 * non-deletable. 3325 */ 3326 if (TLSSTATOFF(lmp) == 0) { 3327 FLAGS1(lmp) |= FL1_RT_TLSSTAT; 3328 MODE(lmp) |= RTLD_NODELETE; 3329 3330 if (tls_assign(lml, lmp, PTTLS(lmp)) == 0) { 3331 DBG_CALL(Dbg_reloc_in(lml, ELF_DBG_RTLD, M_MACH, 3332 M_REL_SHT_TYPE, rel, NULL, name)); 3333 eprintf(lml, ERR_FATAL, MSG_INTL(MSG_REL_BADTLS), 3334 _conv_reloc_type((uint_t)rtype), NAME(lmp), 3335 name ? demangle(name) : MSG_INTL(MSG_STR_UNKNOWN)); 3336 return (0); 3337 } 3338 } 3339 3340 /* 3341 * Typically, a static TLS offset is maintained as a symbols value. 3342 * For local symbols that are not apart of the dynamic symbol table, 3343 * the TLS relocation points to a section symbol, and the static TLS 3344 * offset was deposited in the associated GOT table. Make sure the GOT 3345 * is cleared, so that the value isn't reused in do_reloc(). 3346 */ 3347 if (ELF_ST_BIND(sym->st_info) == STB_LOCAL) { 3348 if ((ELF_ST_TYPE(sym->st_info) == STT_SECTION)) { 3349 value = *(long *)roffset; 3350 *(long *)roffset = 0; 3351 } else { 3352 value = sym->st_value; 3353 } 3354 } 3355 return (-(TLSSTATOFF(lmp) - value)); 3356 } 3357