1	/* Run time dynamic linker.
2	Copyright (C) 1995-2024 Free Software Foundation, Inc.
3	This file is part of the GNU C Library.
4
5	The GNU C Library is free software; you can redistribute it and/or
6	modify it under the terms of the GNU Lesser General Public
7	License as published by the Free Software Foundation; either
8	version 2.1 of the License, or (at your option) any later version.
9
10	The GNU C Library is distributed in the hope that it will be useful,
11	but WITHOUT ANY WARRANTY; without even the implied warranty of
12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13	Lesser General Public License for more details.
14
15	You should have received a copy of the GNU Lesser General Public
16	License along with the GNU C Library; if not, see
17	<https://www.gnu.org/licenses/>. */
18
19	#include <errno.h>
20	#include <dlfcn.h>
21	#include <fcntl.h>
22	#include <stdbool.h>
23	#include <stdlib.h>
24	#include <string.h>
25	#include <unistd.h>
26	#include <sys/mman.h>
27	#include <sys/param.h>
28	#include <sys/stat.h>
29	#include <ldsodefs.h>
30	#include <_itoa.h>
31	#include <entry.h>
32	#include <fpu_control.h>
33	#include <hp-timing.h>
34	#include <libc-lock.h>
35	#include <unsecvars.h>
36	#include <dl-cache.h>
37	#include <dl-osinfo.h>
38	#include <dl-procinfo.h>
39	#include <dl-prop.h>
40	#include <dl-vdso.h>
41	#include <dl-vdso-setup.h>
42	#include <tls.h>
43	#include <stap-probe.h>
44	#include <stackinfo.h>
45	#include <not-cancel.h>
46	#include <array_length.h>
47	#include <libc-early-init.h>
48	#include <dl-main.h>
49	#include <gnu/lib-names.h>
50	#include <dl-tunables.h>
51	#include <get-dynamic-info.h>
52	#include <dl-execve.h>
53	#include <dl-find_object.h>
54	#include <dl-audit-check.h>
55	#include <dl-call_tls_init_tp.h>
56
57	#include <assert.h>
58
59	/* This #define produces dynamic linking inline functions for
60	bootstrap relocation instead of general-purpose relocation.
61	Since ld.so must not have any undefined symbols the result
62	is trivial: always the map of ld.so itself. */
63	#define RTLD_BOOTSTRAP
64	#define RESOLVE_MAP(map, scope, sym, version, flags) map
65	#include "dynamic-link.h"
66
67	/* Must include after <dl-machine.h> for DT_MIPS definition. */
68	#include <dl-debug.h>
69
70	/* Only enables rtld profiling for architectures which provides non generic
71	hp-timing support. The generic support requires either syscall
72	(clock_gettime), which will incur in extra overhead on loading time.
73	Using vDSO is also an option, but it will require extra support on loader
74	to setup the vDSO pointer before its usage. */
75	#if HP_TIMING_INLINE
76	# define RLTD_TIMING_DECLARE(var, classifier,...) \
77	classifier hp_timing_t var __VA_ARGS__
78	# define RTLD_TIMING_VAR(var) RLTD_TIMING_DECLARE (var, )
79	# define RTLD_TIMING_SET(var, value) (var) = (value)
80	# define RTLD_TIMING_REF(var) &(var)
81
82	static inline void
83	rtld_timer_start (hp_timing_t *var)
84	{
85	HP_TIMING_NOW (*var);
86	}
87
88	static inline void
89	rtld_timer_stop (hp_timing_t *var, hp_timing_t start)
90	{
91	hp_timing_t stop;
92	HP_TIMING_NOW (stop);
93	HP_TIMING_DIFF (*var, start, stop);
94	}
95
96	static inline void
97	rtld_timer_accum (hp_timing_t *sum, hp_timing_t start)
98	{
99	hp_timing_t stop;
100	rtld_timer_stop (var: &stop, start);
101	HP_TIMING_ACCUM_NT(*sum, stop);
102	}
103	#else
104	# define RLTD_TIMING_DECLARE(var, classifier...)
105	# define RTLD_TIMING_SET(var, value)
106	# define RTLD_TIMING_VAR(var)
107	# define RTLD_TIMING_REF(var) 0
108	# define rtld_timer_start(var)
109	# define rtld_timer_stop(var, start)
110	# define rtld_timer_accum(sum, start)
111	#endif
112
113	/* Avoid PLT use for our local calls at startup. */
114	extern __typeof (__mempcpy) __mempcpy attribute_hidden;
115
116	/* GCC has mental blocks about _exit. */
117	extern __typeof (_exit) exit_internal asm ("_exit") attribute_hidden;
118	#define _exit exit_internal
119
120	/* Helper function to handle errors while resolving symbols. */
121	static void print_unresolved (int errcode, const char *objname,
122	const char *errsting);
123
124	/* Helper function to handle errors when a version is missing. */
125	static void print_missing_version (int errcode, const char *objname,
126	const char *errsting);
127
128	/* Print the various times we collected. */
129	static void print_statistics (const hp_timing_t *total_timep);
130
131	/* Creates an empty audit list. */
132	static void audit_list_init (struct audit_list *);
133
134	/* Add a string to the end of the audit list, for later parsing. Must
135	not be called after audit_list_next. */
136	static void audit_list_add_string (struct audit_list *, const char *);
137
138	/* Add the audit strings from the link map, found in the dynamic
139	segment at TG (either DT_AUDIT and DT_DEPAUDIT). Must be called
140	before audit_list_next. */
141	static void audit_list_add_dynamic_tag (struct audit_list *,
142	struct link_map *,
143	unsigned int tag);
144
145	/* Extract the next audit module from the audit list. Only modules
146	for which dso_name_valid_for_suid is true are returned. Must be
147	called after all the audit_list_add_string,
148	audit_list_add_dynamic_tags calls. */
149	static const char *audit_list_next (struct audit_list *);
150
151	/* Initialize *STATE with the defaults. */
152	static void dl_main_state_init (struct dl_main_state *state);
153
154	/* Process all environments variables the dynamic linker must recognize.
155	Since all of them start with `LD_' we are a bit smarter while finding
156	all the entries. */
157	extern char **_environ attribute_hidden;
158	static void process_envvars (struct dl_main_state *state);
159
160	int _dl_argc attribute_relro attribute_hidden;
161	char **_dl_argv attribute_relro = NULL;
162	rtld_hidden_data_def (_dl_argv)
163
164	#ifndef THREAD_SET_STACK_GUARD
165	/* Only exported for architectures that don't store the stack guard canary
166	in thread local area. */
167	uintptr_t __stack_chk_guard attribute_relro;
168	#endif
169
170	/* Only exported for architectures that don't store the pointer guard
171	value in thread local area. */
172	uintptr_t __pointer_chk_guard_local attribute_relro attribute_hidden;
173	#ifndef THREAD_SET_POINTER_GUARD
174	strong_alias (__pointer_chk_guard_local, __pointer_chk_guard)
175	#endif
176
177	/* Check that AT_SECURE=0, or that the passed name does not contain
178	directories and is not overly long. Reject empty names
179	unconditionally. */
180	static bool
181	dso_name_valid_for_suid (const char *p)
182	{
183	if (__glibc_unlikely (__libc_enable_secure))
184	{
185	/* Ignore pathnames with directories for AT_SECURE=1
186	programs, and also skip overlong names. */
187	size_t len = strlen (p);
188	if (len >= SECURE_NAME_LIMIT || memchr (p, '/', len) != NULL)
189	return false;
190	}
191	return *p != '\0';
192	}
193
194	static void
195	audit_list_init (struct audit_list *list)
196	{
197	list->length = 0;
198	list->current_index = 0;
199	list->current_tail = NULL;
200	}
201
202	static void
203	audit_list_add_string (struct audit_list *list, const char *string)
204	{
205	/* Empty strings do not load anything. */
206	if (*string == '\0')
207	return;
208
209	if (list->length == array_length (list->audit_strings))
210	_dl_fatal_printf ("Fatal glibc error: Too many audit modules requested\n");
211
212	list->audit_strings[list->length++] = string;
213
214	/* Initialize processing of the first string for
215	audit_list_next. */
216	if (list->length == 1)
217	list->current_tail = string;
218	}
219
220	static void
221	audit_list_add_dynamic_tag (struct audit_list *list, struct link_map *main_map,
222	unsigned int tag)
223	{
224	ElfW(Dyn) *info = main_map->l_info[ADDRIDX (tag)];
225	const char *strtab = (const char *) D_PTR (main_map, l_info[DT_STRTAB]);
226	if (info != NULL)
227	audit_list_add_string (list, string: strtab + info->d_un.d_val);
228	}
229
230	static const char *
231	audit_list_next (struct audit_list *list)
232	{
233	if (list->current_tail == NULL)
234	return NULL;
235
236	while (true)
237	{
238	/* Advance to the next string in audit_strings if the current
239	string has been exhausted. */
240	while (*list->current_tail == '\0')
241	{
242	++list->current_index;
243	if (list->current_index == list->length)
244	{
245	list->current_tail = NULL;
246	return NULL;
247	}
248	list->current_tail = list->audit_strings[list->current_index];
249	}
250
251	/* Split the in-string audit list at the next colon colon. */
252	size_t len = strcspn (s: list->current_tail, reject: ":");
253	if (len > 0 && len < sizeof (list->fname))
254	{
255	memcpy (list->fname, list->current_tail, len);
256	list->fname[len] = '\0';
257	}
258	else
259	/* Mark the name as unusable for dso_name_valid_for_suid. */
260	list->fname[0] = '\0';
261
262	/* Skip over the substring and the following delimiter. */
263	list->current_tail += len;
264	if (*list->current_tail == ':')
265	++list->current_tail;
266
267	/* If the name is valid, return it. */
268	if (dso_name_valid_for_suid (p: list->fname))
269	return list->fname;
270
271	/* Otherwise wrap around to find the next list element. . */
272	}
273	}
274
275	/* Count audit modules before they are loaded so GLRO(dl_naudit)
276	is not yet usable. */
277	static size_t
278	audit_list_count (struct audit_list *list)
279	{
280	/* Restore the audit_list iterator state at the end. */
281	const char *saved_tail = list->current_tail;
282	size_t naudit = 0;
283
284	assert (list->current_index == 0);
285	while (audit_list_next (list) != NULL)
286	naudit++;
287	list->current_tail = saved_tail;
288	list->current_index = 0;
289	return naudit;
290	}
291
292	static void
293	dl_main_state_init (struct dl_main_state *state)
294	{
295	audit_list_init (list: &state->audit_list);
296	state->library_path = NULL;
297	state->library_path_source = NULL;
298	state->preloadlist = NULL;
299	state->preloadarg = NULL;
300	state->glibc_hwcaps_prepend = NULL;
301	state->glibc_hwcaps_mask = NULL;
302	state->mode = rtld_mode_normal;
303	state->version_info = false;
304	}
305
306	#ifndef HAVE_INLINED_SYSCALLS
307	/* Set nonzero during loading and initialization of executable and
308	libraries, cleared before the executable's entry point runs. This
309	must not be initialized to nonzero, because the unused dynamic
310	linker loaded in for libc.so's "ld.so.1" dep will provide the
311	definition seen by libc.so's initializer; that value must be zero,
312	and will be since that dynamic linker's _dl_start and dl_main will
313	never be called. */
314	int _dl_starting_up = 0;
315	rtld_hidden_def (_dl_starting_up)
316	#endif
317
318	/* This is the structure which defines all variables global to ld.so
319	(except those which cannot be added for some reason). */
320	struct rtld_global _rtld_global =
321	{
322	/* Get architecture specific initializer. */
323	#include <dl-procruntime.c>
324	/* Generally the default presumption without further information is an
325	* executable stack but this is not true for all platforms. */
326	._dl_stack_flags = DEFAULT_STACK_PERMS,
327	#ifdef _LIBC_REENTRANT
328	._dl_load_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER,
329	._dl_load_write_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER,
330	._dl_load_tls_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER,
331	#endif
332	._dl_nns = 1,
333	._dl_ns =
334	{
335	#ifdef _LIBC_REENTRANT
336	[LM_ID_BASE] = { ._ns_unique_sym_table
337	= { .lock = _RTLD_LOCK_RECURSIVE_INITIALIZER } }
338	#endif
339	}
340	};
341	/* If we would use strong_alias here the compiler would see a
342	non-hidden definition. This would undo the effect of the previous
343	declaration. So spell out what strong_alias does plus add the
344	visibility attribute. */
345	extern struct rtld_global _rtld_local
346	__attribute__ ((alias ("_rtld_global"), visibility ("hidden")));
347
348
349	/* This variable is similar to _rtld_local, but all values are
350	read-only after relocation. */
351	struct rtld_global_ro _rtld_global_ro attribute_relro =
352	{
353	/* Get architecture specific initializer. */
354	#include <dl-procinfo.c>
355	#ifdef NEED_DL_SYSINFO
356	._dl_sysinfo = DL_SYSINFO_DEFAULT,
357	#endif
358	._dl_debug_fd = STDERR_FILENO,
359	._dl_lazy = 1,
360	._dl_fpu_control = _FPU_DEFAULT,
361	._dl_pagesize = EXEC_PAGESIZE,
362	._dl_inhibit_cache = 0,
363	._dl_profile_output = "/var/tmp",
364
365	/* Function pointers. */
366	._dl_debug_printf = _dl_debug_printf,
367	._dl_mcount = _dl_mcount,
368	._dl_lookup_symbol_x = _dl_lookup_symbol_x,
369	._dl_open = _dl_open,
370	._dl_close = _dl_close,
371	._dl_catch_error = _dl_catch_error,
372	._dl_error_free = _dl_error_free,
373	._dl_tls_get_addr_soft = _dl_tls_get_addr_soft,
374	._dl_libc_freeres = __rtld_libc_freeres,
375	};
376	/* If we would use strong_alias here the compiler would see a
377	non-hidden definition. This would undo the effect of the previous
378	declaration. So spell out was strong_alias does plus add the
379	visibility attribute. */
380	extern struct rtld_global_ro _rtld_local_ro
381	__attribute__ ((alias ("_rtld_global_ro"), visibility ("hidden")));
382
383
384	static void dl_main (const ElfW(Phdr) *phdr, ElfW(Word) phnum,
385	ElfW(Addr) *user_entry, ElfW(auxv_t) *auxv);
386
387	/* These two variables cannot be moved into .data.rel.ro. */
388	static struct libname_list _dl_rtld_libname;
389	static struct libname_list _dl_rtld_libname2;
390
391	/* Variable for statistics. */
392	RLTD_TIMING_DECLARE (relocate_time, static);
393	RLTD_TIMING_DECLARE (load_time, static, attribute_relro);
394	RLTD_TIMING_DECLARE (start_time, static, attribute_relro);
395
396	/* Additional definitions needed by TLS initialization. */
397	#ifdef TLS_INIT_HELPER
398	TLS_INIT_HELPER
399	#endif
400
401	/* Helper function for syscall implementation. */
402	#ifdef DL_SYSINFO_IMPLEMENTATION
403	DL_SYSINFO_IMPLEMENTATION
404	#endif
405
406	/* Before ld.so is relocated we must not access variables which need
407	relocations. This means variables which are exported. Variables
408	declared as static are fine. If we can mark a variable hidden this
409	is fine, too. The latter is important here. We can avoid setting
410	up a temporary link map for ld.so if we can mark _rtld_global as
411	hidden. */
412	#ifndef HIDDEN_VAR_NEEDS_DYNAMIC_RELOC
413	# define DONT_USE_BOOTSTRAP_MAP 1
414	#endif
415
416	#ifdef DONT_USE_BOOTSTRAP_MAP
417	static ElfW(Addr) _dl_start_final (void *arg);
418	#else
419	struct dl_start_final_info
420	{
421	struct link_map l;
422	RTLD_TIMING_VAR (start_time);
423	};
424	static ElfW(Addr) _dl_start_final (void *arg,
425	struct dl_start_final_info *info);
426	#endif
427
428	/* These are defined magically by the linker. */
429	extern const ElfW(Ehdr) __ehdr_start attribute_hidden;
430	extern char _etext[] attribute_hidden;
431	extern char _end[] attribute_hidden;
432
433
434	#ifdef RTLD_START
435	RTLD_START
436	#else
437	# error "sysdeps/MACHINE/dl-machine.h fails to define RTLD_START"
438	#endif
439
440	/* This is the second half of _dl_start (below). It can be inlined safely
441	under DONT_USE_BOOTSTRAP_MAP, where it is careful not to make any GOT
442	references. When the tools don't permit us to avoid using a GOT entry
443	for _dl_rtld_global (no attribute_hidden support), we must make sure
444	this function is not inlined (see below). */
445
446	#ifdef DONT_USE_BOOTSTRAP_MAP
447	static inline ElfW(Addr) __attribute__ ((always_inline))
448	_dl_start_final (void *arg)
449	#else
450	static ElfW(Addr) __attribute__ ((noinline))
451	_dl_start_final (void *arg, struct dl_start_final_info *info)
452	#endif
453	{
454	ElfW(Addr) start_addr;
455
456	/* Do not use an initializer for these members because it would
457	interfere with __rtld_static_init. */
458	GLRO (dl_find_object) = &_dl_find_object;
459
460	/* If it hasn't happen yet record the startup time. */
461	rtld_timer_start (var: &start_time);
462	#if !defined DONT_USE_BOOTSTRAP_MAP
463	RTLD_TIMING_SET (start_time, info->start_time);
464	#endif
465
466	/* Transfer data about ourselves to the permanent link_map structure. */
467	#ifndef DONT_USE_BOOTSTRAP_MAP
468	GL(dl_rtld_map).l_addr = info->l.l_addr;
469	GL(dl_rtld_map).l_ld = info->l.l_ld;
470	GL(dl_rtld_map).l_ld_readonly = info->l.l_ld_readonly;
471	memcpy (GL(dl_rtld_map).l_info, info->l.l_info,
472	sizeof GL(dl_rtld_map).l_info);
473	GL(dl_rtld_map).l_mach = info->l.l_mach;
474	GL(dl_rtld_map).l_relocated = 1;
475	#endif
476	_dl_setup_hash (map: &GL(dl_rtld_map));
477	GL(dl_rtld_map).l_real = &GL(dl_rtld_map);
478	GL(dl_rtld_map).l_map_start = (ElfW(Addr)) &__ehdr_start;
479	GL(dl_rtld_map).l_map_end = (ElfW(Addr)) _end;
480	/* Copy the TLS related data if necessary. */
481	#ifndef DONT_USE_BOOTSTRAP_MAP
482	# if NO_TLS_OFFSET != 0
483	GL(dl_rtld_map).l_tls_offset = NO_TLS_OFFSET;
484	# endif
485	#endif
486
487	/* Initialize the stack end variable. */
488	__libc_stack_end = __builtin_frame_address (0);
489
490	/* Call the OS-dependent function to set up life so we can do things like
491	file access. It will call `dl_main' (below) to do all the real work
492	of the dynamic linker, and then unwind our frame and run the user
493	entry point on the same stack we entered on. */
494	start_addr = _dl_sysdep_start (start_argptr: arg, dl_main: &dl_main);
495
496	if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_STATISTICS))
497	{
498	RTLD_TIMING_VAR (rtld_total_time);
499	rtld_timer_stop (var: &rtld_total_time, start: start_time);
500	print_statistics (RTLD_TIMING_REF(rtld_total_time));
501	}
502
503	#ifndef ELF_MACHINE_START_ADDRESS
504	# define ELF_MACHINE_START_ADDRESS(map, start) (start)
505	#endif
506	return ELF_MACHINE_START_ADDRESS (GL(dl_ns)[LM_ID_BASE]._ns_loaded, start_addr);
507	}
508
509	#ifdef DONT_USE_BOOTSTRAP_MAP
510	# define bootstrap_map GL(dl_rtld_map)
511	#else
512	# define bootstrap_map info.l
513	#endif
514
515	static ElfW(Addr) __attribute_used__
516	_dl_start (void *arg)
517	{
518	#ifdef DONT_USE_BOOTSTRAP_MAP
519	rtld_timer_start (var: &start_time);
520	#else
521	struct dl_start_final_info info;
522	rtld_timer_start (&info.start_time);
523	#endif
524
525	/* Partly clean the `bootstrap_map' structure up. Don't use
526	`memset' since it might not be built in or inlined and we cannot
527	make function calls at this point. Use '__builtin_memset' if we
528	know it is available. We do not have to clear the memory if we
529	do not have to use the temporary bootstrap_map. Global variables
530	are initialized to zero by default. */
531	#ifndef DONT_USE_BOOTSTRAP_MAP
532	# ifdef HAVE_BUILTIN_MEMSET
533	__builtin_memset (bootstrap_map.l_info, '\0', sizeof (bootstrap_map.l_info));
534	# else
535	for (size_t cnt = 0;
536	cnt < sizeof (bootstrap_map.l_info) / sizeof (bootstrap_map.l_info[0]);
537	++cnt)
538	bootstrap_map.l_info[cnt] = 0;
539	# endif
540	#endif
541
542	/* Figure out the run-time load address of the dynamic linker itself. */
543	bootstrap_map.l_addr = elf_machine_load_address ();
544
545	/* Read our own dynamic section and fill in the info array. */
546	bootstrap_map.l_ld = (void *) bootstrap_map.l_addr + elf_machine_dynamic ();
547	bootstrap_map.l_ld_readonly = DL_RO_DYN_SECTION;
548	elf_get_dynamic_info (l: &bootstrap_map, true, false);
549
550	#if NO_TLS_OFFSET != 0
551	bootstrap_map.l_tls_offset = NO_TLS_OFFSET;
552	#endif
553
554	#ifdef ELF_MACHINE_BEFORE_RTLD_RELOC
555	ELF_MACHINE_BEFORE_RTLD_RELOC (&bootstrap_map, bootstrap_map.l_info);
556	#endif
557
558	if (bootstrap_map.l_addr)
559	{
560	/* Relocate ourselves so we can do normal function calls and
561	data access using the global offset table. */
562
563	ELF_DYNAMIC_RELOCATE (&bootstrap_map, NULL, 0, 0, 0);
564	}
565	bootstrap_map.l_relocated = 1;
566
567	/* Please note that we don't allow profiling of this object and
568	therefore need not test whether we have to allocate the array
569	for the relocation results (as done in dl-reloc.c). */
570
571	/* Now life is sane; we can call functions and access global data.
572	Set up to use the operating system facilities, and find out from
573	the operating system's program loader where to find the program
574	header table in core. Put the rest of _dl_start into a separate
575	function, that way the compiler cannot put accesses to the GOT
576	before ELF_DYNAMIC_RELOCATE. */
577
578	__rtld_malloc_init_stubs ();
579
580	#ifdef DONT_USE_BOOTSTRAP_MAP
581	return _dl_start_final (arg);
582	#else
583	return _dl_start_final (arg, &info);
584	#endif
585	}
586
587
588
589	/* Now life is peachy; we can do all normal operations.
590	On to the real work. */
591
592	/* Some helper functions. */
593
594	/* Arguments to relocate_doit. */
595	struct relocate_args
596	{
597	struct link_map *l;
598	int reloc_mode;
599	};
600
601	struct map_args
602	{
603	/* Argument to map_doit. */
604	const char *str;
605	struct link_map *loader;
606	int mode;
607	/* Return value of map_doit. */
608	struct link_map *map;
609	};
610
611	struct dlmopen_args
612	{
613	const char *fname;
614	struct link_map *map;
615	};
616
617	struct lookup_args
618	{
619	const char *name;
620	struct link_map *map;
621	void *result;
622	};
623
624	/* Arguments to version_check_doit. */
625	struct version_check_args
626	{
627	int doexit;
628	int dotrace;
629	};
630
631	static void
632	relocate_doit (void *a)
633	{
634	struct relocate_args *args = (struct relocate_args *) a;
635
636	_dl_relocate_object (map: args->l, scope: args->l->l_scope, reloc_mode: args->reloc_mode, consider_profiling: 0);
637	}
638
639	static void
640	map_doit (void *a)
641	{
642	struct map_args *args = (struct map_args *) a;
643	int type = (args->mode == __RTLD_OPENEXEC) ? lt_executable : lt_library;
644	args->map = _dl_map_object (loader: args->loader, name: args->str, type, trace_mode: 0,
645	mode: args->mode, LM_ID_BASE);
646	}
647
648	static void
649	dlmopen_doit (void *a)
650	{
651	struct dlmopen_args *args = (struct dlmopen_args *) a;
652	args->map = _dl_open (name: args->fname,
653	mode: (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT
654	| __RTLD_SECURE),
655	caller: dl_main, LM_ID_NEWLM, argc: _dl_argc, argv: _dl_argv,
656	env: __environ);
657	}
658
659	static void
660	lookup_doit (void *a)
661	{
662	struct lookup_args *args = (struct lookup_args *) a;
663	const ElfW(Sym) *ref = NULL;
664	args->result = NULL;
665	lookup_t l = _dl_lookup_symbol_x (undef: args->name, undef_map: args->map, sym: &ref,
666	symbol_scope: args->map->l_local_scope, NULL, type_class: 0,
667	flags: DL_LOOKUP_RETURN_NEWEST, NULL);
668	if (ref != NULL)
669	args->result = DL_SYMBOL_ADDRESS (l, ref);
670	}
671
672	static void
673	version_check_doit (void *a)
674	{
675	struct version_check_args *args = (struct version_check_args *) a;
676	if (_dl_check_all_versions (GL(dl_ns)[LM_ID_BASE]._ns_loaded, verbose: 1,
677	trace_mode: args->dotrace) && args->doexit)
678	/* We cannot start the application. Abort now. */
679	_exit (1);
680	}
681
682
683	static inline struct link_map *
684	find_needed (const char *name)
685	{
686	struct r_scope_elem *scope = &GL(dl_ns)[LM_ID_BASE]._ns_loaded->l_searchlist;
687	unsigned int n = scope->r_nlist;
688
689	while (n-- > 0)
690	if (_dl_name_match_p (name: name, map: scope->r_list[n]))
691	return scope->r_list[n];
692
693	/* Should never happen. */
694	return NULL;
695	}
696
697	static int
698	match_version (const char *string, struct link_map *map)
699	{
700	const char *strtab = (const void *) D_PTR (map, l_info[DT_STRTAB]);
701	ElfW(Verdef) *def;
702
703	#define VERDEFTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERDEF))
704	if (map->l_info[VERDEFTAG] == NULL)
705	/* The file has no symbol versioning. */
706	return 0;
707
708	def = (ElfW(Verdef) *) ((char *) map->l_addr
709	+ map->l_info[VERDEFTAG]->d_un.d_ptr);
710	while (1)
711	{
712	ElfW(Verdaux) *aux = (ElfW(Verdaux) *) ((char *) def + def->vd_aux);
713
714	/* Compare the version strings. */
715	if (strcmp (string, strtab + aux->vda_name) == 0)
716	/* Bingo! */
717	return 1;
718
719	/* If no more definitions we failed to find what we want. */
720	if (def->vd_next == 0)
721	break;
722
723	/* Next definition. */
724	def = (ElfW(Verdef) *) ((char *) def + def->vd_next);
725	}
726
727	return 0;
728	}
729
730	bool __rtld_tls_init_tp_called;
731
732	static void *
733	init_tls (size_t naudit)
734	{
735	/* Number of elements in the static TLS block. */
736	GL(dl_tls_static_nelem) = GL(dl_tls_max_dtv_idx);
737
738	/* Do not do this twice. The audit interface might have required
739	the DTV interfaces to be set up early. */
740	if (GL(dl_initial_dtv) != NULL)
741	return NULL;
742
743	/* Allocate the array which contains the information about the
744	dtv slots. We allocate a few entries more than needed to
745	avoid the need for reallocation. */
746	size_t nelem = GL(dl_tls_max_dtv_idx) + 1 + TLS_SLOTINFO_SURPLUS;
747
748	/* Allocate. */
749	GL(dl_tls_dtv_slotinfo_list) = (struct dtv_slotinfo_list *)
750	calloc (a: sizeof (struct dtv_slotinfo_list)
751	+ nelem * sizeof (struct dtv_slotinfo), b: 1);
752	/* No need to check the return value. If memory allocation failed
753	the program would have been terminated. */
754
755	struct dtv_slotinfo *slotinfo = GL(dl_tls_dtv_slotinfo_list)->slotinfo;
756	GL(dl_tls_dtv_slotinfo_list)->len = nelem;
757	GL(dl_tls_dtv_slotinfo_list)->next = NULL;
758
759	/* Fill in the information from the loaded modules. No namespace
760	but the base one can be filled at this time. */
761	assert (GL(dl_ns)[LM_ID_BASE + 1]._ns_loaded == NULL);
762	int i = 0;
763	for (struct link_map *l = GL(dl_ns)[LM_ID_BASE]._ns_loaded; l != NULL;
764	l = l->l_next)
765	if (l->l_tls_blocksize != 0)
766	{
767	/* This is a module with TLS data. Store the map reference.
768	The generation counter is zero. */
769	slotinfo[i].map = l;
770	/* slotinfo[i].gen = 0; */
771	++i;
772	}
773	assert (i == GL(dl_tls_max_dtv_idx));
774
775	/* Calculate the size of the static TLS surplus. */
776	_dl_tls_static_surplus_init (naudit);
777
778	/* Compute the TLS offsets for the various blocks. */
779	_dl_determine_tlsoffset ();
780
781	/* Construct the static TLS block and the dtv for the initial
782	thread. For some platforms this will include allocating memory
783	for the thread descriptor. The memory for the TLS block will
784	never be freed. It should be allocated accordingly. The dtv
785	array can be changed if dynamic loading requires it. */
786	void *tcbp = _dl_allocate_tls_storage ();
787	if (tcbp == NULL)
788	_dl_fatal_printf ("\
789	cannot allocate TLS data structures for initial thread\n");
790
791	/* Store for detection of the special case by __tls_get_addr
792	so it knows not to pass this dtv to the normal realloc. */
793	GL(dl_initial_dtv) = GET_DTV (tcbp);
794
795	/* And finally install it for the main thread. */
796	call_tls_init_tp (addr: tcbp);
797	__rtld_tls_init_tp_called = true;
798
799	return tcbp;
800	}
801
802	static unsigned int
803	do_preload (const char *fname, struct link_map *main_map, const char *where)
804	{
805	const char *objname;
806	const char *err_str = NULL;
807	struct map_args args;
808	bool malloced;
809
810	args.str = fname;
811	args.loader = main_map;
812	args.mode = __RTLD_SECURE;
813
814	unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
815
816	(void) _dl_catch_error (objname: &objname, errstring: &err_str, mallocedp: &malloced, operate: map_doit, args: &args);
817	if (__glibc_unlikely (err_str != NULL))
818	{
819	_dl_error_printf (fmt: "\
820	ERROR: ld.so: object '%s' from %s cannot be preloaded (%s): ignored.\n",
821	fname, where, err_str);
822	/* No need to call free, this is still before
823	the libc's malloc is used. */
824	}
825	else if (GL(dl_ns)[LM_ID_BASE]._ns_nloaded != old_nloaded)
826	/* It is no duplicate. */
827	return 1;
828
829	/* Nothing loaded. */
830	return 0;
831	}
832
833	static void
834	security_init (void)
835	{
836	/* Set up the stack checker's canary. */
837	uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (dl_random: _dl_random);
838	#ifdef THREAD_SET_STACK_GUARD
839	THREAD_SET_STACK_GUARD (stack_chk_guard);
840	#else
841	__stack_chk_guard = stack_chk_guard;
842	#endif
843
844	/* Set up the pointer guard as well, if necessary. */
845	uintptr_t pointer_chk_guard
846	= _dl_setup_pointer_guard (dl_random: _dl_random, stack_chk_guard);
847	#ifdef THREAD_SET_POINTER_GUARD
848	THREAD_SET_POINTER_GUARD (pointer_chk_guard);
849	#endif
850	__pointer_chk_guard_local = pointer_chk_guard;
851
852	/* We do not need the _dl_random value anymore. The less
853	information we leave behind, the better, so clear the
854	variable. */
855	_dl_random = NULL;
856	}
857
858	#include <setup-vdso.h>
859
860	/* The LD_PRELOAD environment variable gives list of libraries
861	separated by white space or colons that are loaded before the
862	executable's dependencies and prepended to the global scope list.
863	(If the binary is running setuid all elements containing a '/' are
864	ignored since it is insecure.) Return the number of preloads
865	performed. Ditto for --preload command argument. */
866	unsigned int
867	handle_preload_list (const char *preloadlist, struct link_map *main_map,
868	const char *where)
869	{
870	unsigned int npreloads = 0;
871	const char *p = preloadlist;
872	char fname[SECURE_PATH_LIMIT];
873
874	while (*p != '\0')
875	{
876	/* Split preload list at space/colon. */
877	size_t len = strcspn (s: p, reject: " :");
878	if (len > 0 && len < sizeof (fname))
879	{
880	memcpy (fname, p, len);
881	fname[len] = '\0';
882	}
883	else
884	fname[0] = '\0';
885
886	/* Skip over the substring and the following delimiter. */
887	p += len;
888	if (*p != '\0')
889	++p;
890
891	if (dso_name_valid_for_suid (p: fname))
892	npreloads += do_preload (fname, main_map, where);
893	}
894	return npreloads;
895	}
896
897	/* Called if the audit DSO cannot be used: if it does not have the
898	appropriate interfaces, or it expects a more recent version library
899	version than what the dynamic linker provides. */
900	static void
901	unload_audit_module (struct link_map *map, int original_tls_idx)
902	{
903	#ifndef NDEBUG
904	Lmid_t ns = map->l_ns;
905	#endif
906	_dl_close (map);
907
908	/* Make sure the namespace has been cleared entirely. */
909	assert (GL(dl_ns)[ns]._ns_loaded == NULL);
910	assert (GL(dl_ns)[ns]._ns_nloaded == 0);
911
912	GL(dl_tls_max_dtv_idx) = original_tls_idx;
913	}
914
915	/* Called to print an error message if loading of an audit module
916	failed. */
917	static void
918	report_audit_module_load_error (const char *name, const char *err_str,
919	bool malloced)
920	{
921	_dl_error_printf (fmt: "\
922	ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
923	name, err_str);
924	if (malloced)
925	free (ptr: (char *) err_str);
926	}
927
928	/* Load one audit module. */
929	static void
930	load_audit_module (const char *name, struct audit_ifaces **last_audit)
931	{
932	int original_tls_idx = GL(dl_tls_max_dtv_idx);
933
934	struct dlmopen_args dlmargs;
935	dlmargs.fname = name;
936	dlmargs.map = NULL;
937
938	const char *objname;
939	const char *err_str = NULL;
940	bool malloced;
941	_dl_catch_error (objname: &objname, errstring: &err_str, mallocedp: &malloced, operate: dlmopen_doit, args: &dlmargs);
942	if (__glibc_unlikely (err_str != NULL))
943	{
944	report_audit_module_load_error (name, err_str, malloced);
945	return;
946	}
947
948	struct lookup_args largs;
949	largs.name = "la_version";
950	largs.map = dlmargs.map;
951	_dl_catch_error (objname: &objname, errstring: &err_str, mallocedp: &malloced, operate: lookup_doit, args: &largs);
952	if (__glibc_likely (err_str != NULL))
953	{
954	unload_audit_module (map: dlmargs.map, original_tls_idx);
955	report_audit_module_load_error (name, err_str, malloced);
956	return;
957	}
958
959	unsigned int (*laversion) (unsigned int) = largs.result;
960
961	/* A null symbol indicates that something is very wrong with the
962	loaded object because defined symbols are supposed to have a
963	valid, non-null address. */
964	assert (laversion != NULL);
965
966	unsigned int lav = laversion (LAV_CURRENT);
967	if (lav == 0)
968	{
969	/* Only print an error message if debugging because this can
970	happen deliberately. */
971	if (GLRO(dl_debug_mask) & DL_DEBUG_FILES)
972	_dl_debug_printf (fmt: "\
973	file=%s [%lu]; audit interface function la_version returned zero; ignored.\n",
974	dlmargs.map->l_name, dlmargs.map->l_ns);
975	unload_audit_module (map: dlmargs.map, original_tls_idx);
976	return;
977	}
978
979	if (!_dl_audit_check_version (lav))
980	{
981	_dl_debug_printf (fmt: "\
982	ERROR: audit interface '%s' requires version %d (maximum supported version %d); ignored.\n",
983	name, lav, LAV_CURRENT);
984	unload_audit_module (map: dlmargs.map, original_tls_idx);
985	return;
986	}
987
988	enum { naudit_ifaces = 8 };
989	union
990	{
991	struct audit_ifaces ifaces;
992	void (*fptr[naudit_ifaces]) (void);
993	} *newp = malloc (size: sizeof (*newp));
994	if (newp == NULL)
995	_dl_fatal_printf ("Out of memory while loading audit modules\n");
996
997	/* Names of the auditing interfaces. All in one
998	long string. */
999	static const char audit_iface_names[] =
1000	"la_activity\0"
1001	"la_objsearch\0"
1002	"la_objopen\0"
1003	"la_preinit\0"
1004	LA_SYMBIND "\0"
1005	#define STRING(s) __STRING (s)
1006	"la_" STRING (ARCH_LA_PLTENTER) "\0"
1007	"la_" STRING (ARCH_LA_PLTEXIT) "\0"
1008	"la_objclose\0";
1009	unsigned int cnt = 0;
1010	const char *cp = audit_iface_names;
1011	do
1012	{
1013	largs.name = cp;
1014	_dl_catch_error (objname: &objname, errstring: &err_str, mallocedp: &malloced, operate: lookup_doit, args: &largs);
1015
1016	/* Store the pointer. */
1017	if (err_str == NULL && largs.result != NULL)
1018	newp->fptr[cnt] = largs.result;
1019	else
1020	newp->fptr[cnt] = NULL;
1021	++cnt;
1022
1023	cp = strchr (cp, '\0') + 1;
1024	}
1025	while (*cp != '\0');
1026	assert (cnt == naudit_ifaces);
1027
1028	/* Now append the new auditing interface to the list. */
1029	newp->ifaces.next = NULL;
1030	if (*last_audit == NULL)
1031	*last_audit = GLRO(dl_audit) = &newp->ifaces;
1032	else
1033	*last_audit = (*last_audit)->next = &newp->ifaces;
1034
1035	/* The dynamic linker link map is statically allocated, so the
1036	cookie in _dl_new_object has not happened. */
1037	link_map_audit_state (l: &GL (dl_rtld_map), GLRO (dl_naudit))->cookie
1038	= (intptr_t) &GL (dl_rtld_map);
1039
1040	++GLRO(dl_naudit);
1041
1042	/* Mark the DSO as being used for auditing. */
1043	dlmargs.map->l_auditing = 1;
1044	}
1045
1046	/* Load all audit modules. */
1047	static void
1048	load_audit_modules (struct link_map *main_map, struct audit_list *audit_list)
1049	{
1050	struct audit_ifaces *last_audit = NULL;
1051
1052	while (true)
1053	{
1054	const char *name = audit_list_next (list: audit_list);
1055	if (name == NULL)
1056	break;
1057	load_audit_module (name, last_audit: &last_audit);
1058	}
1059
1060	/* Notify audit modules of the initially loaded modules (the main
1061	program and the dynamic linker itself). */
1062	if (GLRO(dl_naudit) > 0)
1063	{
1064	_dl_audit_objopen (l: main_map, LM_ID_BASE);
1065	_dl_audit_objopen (l: &GL(dl_rtld_map), LM_ID_BASE);
1066	}
1067	}
1068
1069	/* Check if the executable is not actually dynamically linked, and
1070	invoke it directly in that case. */
1071	static void
1072	rtld_chain_load (struct link_map *main_map, char *argv0)
1073	{
1074	/* The dynamic loader run against itself. */
1075	const char *rtld_soname
1076	= ((const char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1077	+ GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_val);
1078	if (main_map->l_info[DT_SONAME] != NULL
1079	&& strcmp (rtld_soname,
1080	((const char *) D_PTR (main_map, l_info[DT_STRTAB])
1081	+ main_map->l_info[DT_SONAME]->d_un.d_val)) == 0)
1082	_dl_fatal_printf ("%s: loader cannot load itself\n", rtld_soname);
1083
1084	/* With DT_NEEDED dependencies, the executable is dynamically
1085	linked. */
1086	if (__glibc_unlikely (main_map->l_info[DT_NEEDED] != NULL))
1087	return;
1088
1089	/* If the executable has program interpreter, it is dynamically
1090	linked. */
1091	for (size_t i = 0; i < main_map->l_phnum; ++i)
1092	if (main_map->l_phdr[i].p_type == PT_INTERP)
1093	return;
1094
1095	const char *pathname = _dl_argv[0];
1096	if (argv0 != NULL)
1097	_dl_argv[0] = argv0;
1098	int errcode = __rtld_execve (path: pathname, argv: _dl_argv, envp: _environ);
1099	const char *errname = strerrorname_np (err: errcode);
1100	if (errname != NULL)
1101	_dl_fatal_printf("%s: cannot execute %s: %s\n",
1102	rtld_soname, pathname, errname);
1103	else
1104	_dl_fatal_printf("%s: cannot execute %s: %d\n",
1105	rtld_soname, pathname, errcode);
1106	}
1107
1108	/* Called to complete the initialization of the link map for the main
1109	executable. Returns true if there is a PT_INTERP segment. */
1110	static bool
1111	rtld_setup_main_map (struct link_map *main_map)
1112	{
1113	/* This have already been filled in right after _dl_new_object, or
1114	as part of _dl_map_object. */
1115	const ElfW(Phdr) *phdr = main_map->l_phdr;
1116	ElfW(Word) phnum = main_map->l_phnum;
1117
1118	bool has_interp = false;
1119
1120	main_map->l_map_end = 0;
1121	/* Perhaps the executable has no PT_LOAD header entries at all. */
1122	main_map->l_map_start = ~0;
1123	/* And it was opened directly. */
1124	++main_map->l_direct_opencount;
1125	main_map->l_contiguous = 1;
1126
1127	/* A PT_LOAD segment at an unexpected address will clear the
1128	l_contiguous flag. The ELF specification says that PT_LOAD
1129	segments need to be sorted in in increasing order, but perhaps
1130	not all executables follow this requirement. Having l_contiguous
1131	equal to 1 is just an optimization, so the code below does not
1132	try to sort the segments in case they are unordered.
1133
1134	There is one corner case in which l_contiguous is not set to 1,
1135	but where it could be set: If a PIE (ET_DYN) binary is loaded by
1136	glibc itself (not the kernel), it is always contiguous due to the
1137	way the glibc loader works. However, the kernel loader may still
1138	create holes in this case, and the code here still uses 0
1139	conservatively for the glibc-loaded case, too. */
1140	ElfW(Addr) expected_load_address = 0;
1141
1142	/* Scan the program header table for the dynamic section. */
1143	for (const ElfW(Phdr) *ph = phdr; ph < &phdr[phnum]; ++ph)
1144	switch (ph->p_type)
1145	{
1146	case PT_PHDR:
1147	/* Find out the load address. */
1148	main_map->l_addr = (ElfW(Addr)) phdr - ph->p_vaddr;
1149	break;
1150	case PT_DYNAMIC:
1151	/* This tells us where to find the dynamic section,
1152	which tells us everything we need to do. */
1153	main_map->l_ld = (void *) main_map->l_addr + ph->p_vaddr;
1154	main_map->l_ld_readonly = (ph->p_flags & PF_W) == 0;
1155	break;
1156	case PT_INTERP:
1157	/* This "interpreter segment" was used by the program loader to
1158	find the program interpreter, which is this program itself, the
1159	dynamic linker. We note what name finds us, so that a future
1160	dlopen call or DT_NEEDED entry, for something that wants to link
1161	against the dynamic linker as a shared library, will know that
1162	the shared object is already loaded. */
1163	_dl_rtld_libname.name = ((const char *) main_map->l_addr
1164	+ ph->p_vaddr);
1165	/* _dl_rtld_libname.next = NULL; Already zero. */
1166	GL(dl_rtld_map).l_libname = &_dl_rtld_libname;
1167
1168	/* Ordinarily, we would get additional names for the loader from
1169	our DT_SONAME. This can't happen if we were actually linked as
1170	a static executable (detect this case when we have no DYNAMIC).
1171	If so, assume the filename component of the interpreter path to
1172	be our SONAME, and add it to our name list. */
1173	if (GL(dl_rtld_map).l_ld == NULL)
1174	{
1175	const char *p = NULL;
1176	const char *cp = _dl_rtld_libname.name;
1177
1178	/* Find the filename part of the path. */
1179	while (*cp != '\0')
1180	if (*cp++ == '/')
1181	p = cp;
1182
1183	if (p != NULL)
1184	{
1185	_dl_rtld_libname2.name = p;
1186	/* _dl_rtld_libname2.next = NULL; Already zero. */
1187	_dl_rtld_libname.next = &_dl_rtld_libname2;
1188	}
1189	}
1190
1191	has_interp = true;
1192	break;
1193	case PT_LOAD:
1194	{
1195	ElfW(Addr) mapstart;
1196	ElfW(Addr) allocend;
1197
1198	/* Remember where the main program starts in memory. */
1199	mapstart = (main_map->l_addr
1200	+ (ph->p_vaddr & ~(GLRO(dl_pagesize) - 1)));
1201	if (main_map->l_map_start > mapstart)
1202	main_map->l_map_start = mapstart;
1203
1204	if (main_map->l_contiguous && expected_load_address != 0
1205	&& expected_load_address != mapstart)
1206	main_map->l_contiguous = 0;
1207
1208	/* Also where it ends. */
1209	allocend = main_map->l_addr + ph->p_vaddr + ph->p_memsz;
1210	if (main_map->l_map_end < allocend)
1211	main_map->l_map_end = allocend;
1212
1213	/* The next expected address is the page following this load
1214	segment. */
1215	expected_load_address = ((allocend + GLRO(dl_pagesize) - 1)
1216	& ~(GLRO(dl_pagesize) - 1));
1217	}
1218	break;
1219
1220	case PT_TLS:
1221	if (ph->p_memsz > 0)
1222	{
1223	/* Note that in the case the dynamic linker we duplicate work
1224	here since we read the PT_TLS entry already in
1225	_dl_start_final. But the result is repeatable so do not
1226	check for this special but unimportant case. */
1227	main_map->l_tls_blocksize = ph->p_memsz;
1228	main_map->l_tls_align = ph->p_align;
1229	if (ph->p_align == 0)
1230	main_map->l_tls_firstbyte_offset = 0;
1231	else
1232	main_map->l_tls_firstbyte_offset = (ph->p_vaddr
1233	& (ph->p_align - 1));
1234	main_map->l_tls_initimage_size = ph->p_filesz;
1235	main_map->l_tls_initimage = (void *) ph->p_vaddr;
1236
1237	/* This image gets the ID one. */
1238	GL(dl_tls_max_dtv_idx) = main_map->l_tls_modid = 1;
1239	}
1240	break;
1241
1242	case PT_GNU_STACK:
1243	GL(dl_stack_flags) = ph->p_flags;
1244	break;
1245
1246	case PT_GNU_RELRO:
1247	main_map->l_relro_addr = ph->p_vaddr;
1248	main_map->l_relro_size = ph->p_memsz;
1249	break;
1250	}
1251	/* Process program headers again, but scan them backwards so
1252	that PT_NOTE can be skipped if PT_GNU_PROPERTY exits. */
1253	for (const ElfW(Phdr) *ph = &phdr[phnum]; ph != phdr; --ph)
1254	switch (ph[-1].p_type)
1255	{
1256	case PT_NOTE:
1257	_dl_process_pt_note (l: main_map, fd: -1, ph: &ph[-1]);
1258	break;
1259	case PT_GNU_PROPERTY:
1260	_dl_process_pt_gnu_property (l: main_map, fd: -1, ph: &ph[-1]);
1261	break;
1262	}
1263
1264	/* Adjust the address of the TLS initialization image in case
1265	the executable is actually an ET_DYN object. */
1266	if (main_map->l_tls_initimage != NULL)
1267	main_map->l_tls_initimage
1268	= (char *) main_map->l_tls_initimage + main_map->l_addr;
1269	if (! main_map->l_map_end)
1270	main_map->l_map_end = ~0;
1271	if (! GL(dl_rtld_map).l_libname && GL(dl_rtld_map).l_name)
1272	{
1273	/* We were invoked directly, so the program might not have a
1274	PT_INTERP. */
1275	_dl_rtld_libname.name = GL(dl_rtld_map).l_name;
1276	/* _dl_rtld_libname.next = NULL; Already zero. */
1277	GL(dl_rtld_map).l_libname = &_dl_rtld_libname;
1278	}
1279	else
1280	assert (GL(dl_rtld_map).l_libname); /* How else did we get here? */
1281
1282	return has_interp;
1283	}
1284
1285	/* Adjusts the contents of the stack and related globals for the user
1286	entry point. The ld.so processed skip_args arguments and bumped
1287	_dl_argv and _dl_argc accordingly. Those arguments are removed from
1288	argv here. */
1289	static void
1290	_dl_start_args_adjust (int skip_args)
1291	{
1292	void **sp = (void **) (_dl_argv - skip_args - 1);
1293	void **p = sp + skip_args;
1294
1295	if (skip_args == 0)
1296	return;
1297
1298	/* Sanity check. */
1299	intptr_t argc __attribute__ ((unused)) = (intptr_t) sp[0] - skip_args;
1300	assert (argc == _dl_argc);
1301
1302	/* Adjust argc on stack. */
1303	sp[0] = (void *) (intptr_t) _dl_argc;
1304
1305	/* Update globals in rtld. */
1306	_dl_argv -= skip_args;
1307	_environ -= skip_args;
1308
1309	/* Shuffle argv down. */
1310	do
1311	*++sp = *++p;
1312	while (*p != NULL);
1313
1314	assert (_environ == (char **) (sp + 1));
1315
1316	/* Shuffle envp down. */
1317	do
1318	*++sp = *++p;
1319	while (*p != NULL);
1320
1321	#ifdef HAVE_AUX_VECTOR
1322	void **auxv = (void **) GLRO(dl_auxv) - skip_args;
1323	GLRO(dl_auxv) = (ElfW(auxv_t) *) auxv; /* Aliasing violation. */
1324	assert (auxv == sp + 1);
1325
1326	/* Shuffle auxv down. */
1327	ElfW(auxv_t) ax;
1328	char *oldp = (char *) (p + 1);
1329	char *newp = (char *) (sp + 1);
1330	do
1331	{
1332	memcpy (&ax, oldp, sizeof (ax));
1333	memcpy (newp, &ax, sizeof (ax));
1334	oldp += sizeof (ax);
1335	newp += sizeof (ax);
1336	}
1337	while (ax.a_type != AT_NULL);
1338	#endif
1339	}
1340
1341	static void
1342	dl_main (const ElfW(Phdr) *phdr,
1343	ElfW(Word) phnum,
1344	ElfW(Addr) *user_entry,
1345	ElfW(auxv_t) *auxv)
1346	{
1347	struct link_map *main_map;
1348	size_t file_size;
1349	char *file;
1350	unsigned int i;
1351	bool rtld_is_main = false;
1352	void *tcbp = NULL;
1353
1354	struct dl_main_state state;
1355	dl_main_state_init (state: &state);
1356
1357	__tls_pre_init_tp ();
1358
1359	#if !PTHREAD_IN_LIBC
1360	/* The explicit initialization here is cheaper than processing the reloc
1361	in the _rtld_local definition's initializer. */
1362	GL(dl_make_stack_executable_hook) = &_dl_make_stack_executable;
1363	#endif
1364
1365	/* Process the environment variable which control the behaviour. */
1366	process_envvars (state: &state);
1367
1368	#ifndef HAVE_INLINED_SYSCALLS
1369	/* Set up a flag which tells we are just starting. */
1370	_dl_starting_up = 1;
1371	#endif
1372
1373	const char *ld_so_name = _dl_argv[0];
1374	if (*user_entry == (ElfW(Addr)) ENTRY_POINT)
1375	{
1376	/* Ho ho. We are not the program interpreter! We are the program
1377	itself! This means someone ran ld.so as a command. Well, that
1378	might be convenient to do sometimes. We support it by
1379	interpreting the args like this:
1380
1381	ld.so PROGRAM ARGS...
1382
1383	The first argument is the name of a file containing an ELF
1384	executable we will load and run with the following arguments.
1385	To simplify life here, PROGRAM is searched for using the
1386	normal rules for shared objects, rather than $PATH or anything
1387	like that. We just load it and use its entry point; we don't
1388	pay attention to its PT_INTERP command (we are the interpreter
1389	ourselves). This is an easy way to test a new ld.so before
1390	installing it. */
1391	rtld_is_main = true;
1392
1393	char *argv0 = NULL;
1394	char **orig_argv = _dl_argv;
1395
1396	/* Note the place where the dynamic linker actually came from. */
1397	GL(dl_rtld_map).l_name = rtld_progname;
1398
1399	while (_dl_argc > 1)
1400	if (! strcmp (_dl_argv[1], "--list"))
1401	{
1402	if (state.mode != rtld_mode_help)
1403	{
1404	state.mode = rtld_mode_list;
1405	/* This means do no dependency analysis. */
1406	GLRO(dl_lazy) = -1;
1407	}
1408
1409	--_dl_argc;
1410	++_dl_argv;
1411	}
1412	else if (! strcmp (_dl_argv[1], "--verify"))
1413	{
1414	if (state.mode != rtld_mode_help)
1415	state.mode = rtld_mode_verify;
1416
1417	--_dl_argc;
1418	++_dl_argv;
1419	}
1420	else if (! strcmp (_dl_argv[1], "--inhibit-cache"))
1421	{
1422	GLRO(dl_inhibit_cache) = 1;
1423	--_dl_argc;
1424	++_dl_argv;
1425	}
1426	else if (! strcmp (_dl_argv[1], "--library-path")
1427	&& _dl_argc > 2)
1428	{
1429	state.library_path = _dl_argv[2];
1430	state.library_path_source = "--library-path";
1431
1432	_dl_argc -= 2;
1433	_dl_argv += 2;
1434	}
1435	else if (! strcmp (_dl_argv[1], "--inhibit-rpath")
1436	&& _dl_argc > 2)
1437	{
1438	GLRO(dl_inhibit_rpath) = _dl_argv[2];
1439
1440	_dl_argc -= 2;
1441	_dl_argv += 2;
1442	}
1443	else if (! strcmp (_dl_argv[1], "--audit") && _dl_argc > 2)
1444	{
1445	audit_list_add_string (list: &state.audit_list, string: _dl_argv[2]);
1446
1447	_dl_argc -= 2;
1448	_dl_argv += 2;
1449	}
1450	else if (! strcmp (_dl_argv[1], "--preload") && _dl_argc > 2)
1451	{
1452	state.preloadarg = _dl_argv[2];
1453	_dl_argc -= 2;
1454	_dl_argv += 2;
1455	}
1456	else if (! strcmp (_dl_argv[1], "--argv0") && _dl_argc > 2)
1457	{
1458	argv0 = _dl_argv[2];
1459
1460	_dl_argc -= 2;
1461	_dl_argv += 2;
1462	}
1463	else if (strcmp (_dl_argv[1], "--glibc-hwcaps-prepend") == 0
1464	&& _dl_argc > 2)
1465	{
1466	state.glibc_hwcaps_prepend = _dl_argv[2];
1467	_dl_argc -= 2;
1468	_dl_argv += 2;
1469	}
1470	else if (strcmp (_dl_argv[1], "--glibc-hwcaps-mask") == 0
1471	&& _dl_argc > 2)
1472	{
1473	state.glibc_hwcaps_mask = _dl_argv[2];
1474	_dl_argc -= 2;
1475	_dl_argv += 2;
1476	}
1477	else if (! strcmp (_dl_argv[1], "--list-tunables"))
1478	{
1479	state.mode = rtld_mode_list_tunables;
1480
1481	--_dl_argc;
1482	++_dl_argv;
1483	}
1484	else if (! strcmp (_dl_argv[1], "--list-diagnostics"))
1485	{
1486	state.mode = rtld_mode_list_diagnostics;
1487
1488	--_dl_argc;
1489	++_dl_argv;
1490	}
1491	else if (strcmp (_dl_argv[1], "--help") == 0)
1492	{
1493	state.mode = rtld_mode_help;
1494	--_dl_argc;
1495	++_dl_argv;
1496	}
1497	else if (strcmp (_dl_argv[1], "--version") == 0)
1498	_dl_version ();
1499	else if (_dl_argv[1][0] == '-' && _dl_argv[1][1] == '-')
1500	{
1501	if (_dl_argv[1][1] == '\0')
1502	/* End of option list. */
1503	break;
1504	else
1505	/* Unrecognized option. */
1506	_dl_usage (argv0: ld_so_name, wrong_option: _dl_argv[1]);
1507	}
1508	else
1509	break;
1510
1511	if (__glibc_unlikely (state.mode == rtld_mode_list_tunables))
1512	{
1513	__tunables_print ();
1514	_exit (0);
1515	}
1516
1517	if (state.mode == rtld_mode_list_diagnostics)
1518	_dl_print_diagnostics (environ: _environ);
1519
1520	/* If we have no further argument the program was called incorrectly.
1521	Grant the user some education. */
1522	if (_dl_argc < 2)
1523	{
1524	if (state.mode == rtld_mode_help)
1525	/* --help without an executable is not an error. */
1526	_dl_help (argv0: ld_so_name, state: &state);
1527	else
1528	_dl_usage (argv0: ld_so_name, NULL);
1529	}
1530
1531	--_dl_argc;
1532	++_dl_argv;
1533
1534	/* The initialization of _dl_stack_flags done below assumes the
1535	executable's PT_GNU_STACK may have been honored by the kernel, and
1536	so a PT_GNU_STACK with PF_X set means the stack started out with
1537	execute permission. However, this is not really true if the
1538	dynamic linker is the executable the kernel loaded. For this
1539	case, we must reinitialize _dl_stack_flags to match the dynamic
1540	linker itself. If the dynamic linker was built with a
1541	PT_GNU_STACK, then the kernel may have loaded us with a
1542	nonexecutable stack that we will have to make executable when we
1543	load the program below unless it has a PT_GNU_STACK indicating
1544	nonexecutable stack is ok. */
1545
1546	for (const ElfW(Phdr) *ph = phdr; ph < &phdr[phnum]; ++ph)
1547	if (ph->p_type == PT_GNU_STACK)
1548	{
1549	GL(dl_stack_flags) = ph->p_flags;
1550	break;
1551	}
1552
1553	if (__glibc_unlikely (state.mode == rtld_mode_verify
1554	|| state.mode == rtld_mode_help))
1555	{
1556	const char *objname;
1557	const char *err_str = NULL;
1558	struct map_args args;
1559	bool malloced;
1560
1561	args.str = rtld_progname;
1562	args.loader = NULL;
1563	args.mode = __RTLD_OPENEXEC;
1564	(void) _dl_catch_error (objname: &objname, errstring: &err_str, mallocedp: &malloced, operate: map_doit,
1565	args: &args);
1566	if (__glibc_unlikely (err_str != NULL))
1567	{
1568	/* We don't free the returned string, the programs stops
1569	anyway. */
1570	if (state.mode == rtld_mode_help)
1571	/* Mask the failure to load the main object. The help
1572	message contains less information in this case. */
1573	_dl_help (argv0: ld_so_name, state: &state);
1574	else
1575	_exit (EXIT_FAILURE);
1576	}
1577	}
1578	else
1579	{
1580	RTLD_TIMING_VAR (start);
1581	rtld_timer_start (var: &start);
1582	_dl_map_object (NULL, rtld_progname, type: lt_executable, trace_mode: 0,
1583	__RTLD_OPENEXEC, LM_ID_BASE);
1584	rtld_timer_stop (var: &load_time, start);
1585	}
1586
1587	/* Now the map for the main executable is available. */
1588	main_map = GL(dl_ns)[LM_ID_BASE]._ns_loaded;
1589
1590	if (__glibc_likely (state.mode == rtld_mode_normal))
1591	rtld_chain_load (main_map, argv0);
1592
1593	phdr = main_map->l_phdr;
1594	phnum = main_map->l_phnum;
1595	/* We overwrite here a pointer to a malloc()ed string. But since
1596	the malloc() implementation used at this point is the dummy
1597	implementations which has no real free() function it does not
1598	makes sense to free the old string first. */
1599	main_map->l_name = (char *) "";
1600	*user_entry = main_map->l_entry;
1601
1602	/* Set bit indicating this is the main program map. */
1603	main_map->l_main_map = 1;
1604
1605	#ifdef HAVE_AUX_VECTOR
1606	/* Adjust the on-stack auxiliary vector so that it looks like the
1607	binary was executed directly. */
1608	for (ElfW(auxv_t) *av = auxv; av->a_type != AT_NULL; av++)
1609	switch (av->a_type)
1610	{
1611	case AT_PHDR:
1612	av->a_un.a_val = (uintptr_t) phdr;
1613	break;
1614	case AT_PHNUM:
1615	av->a_un.a_val = phnum;
1616	break;
1617	case AT_ENTRY:
1618	av->a_un.a_val = *user_entry;
1619	break;
1620	case AT_EXECFN:
1621	av->a_un.a_val = (uintptr_t) _dl_argv[0];
1622	break;
1623	}
1624	#endif
1625
1626	/* Set the argv[0] string now that we've processed the executable. */
1627	if (argv0 != NULL)
1628	_dl_argv[0] = argv0;
1629
1630	/* Adjust arguments for the application entry point. */
1631	_dl_start_args_adjust (skip_args: _dl_argv - orig_argv);
1632	}
1633	else
1634	{
1635	/* Create a link_map for the executable itself.
1636	This will be what dlopen on "" returns. */
1637	main_map = _dl_new_object (realname: (char *) "", libname: "", type: lt_executable, NULL,
1638	__RTLD_OPENEXEC, LM_ID_BASE);
1639	assert (main_map != NULL);
1640	main_map->l_phdr = phdr;
1641	main_map->l_phnum = phnum;
1642	main_map->l_entry = *user_entry;
1643
1644	/* Even though the link map is not yet fully initialized we can add
1645	it to the map list since there are no possible users running yet. */
1646	_dl_add_to_namespace_list (new: main_map, LM_ID_BASE);
1647	assert (main_map == GL(dl_ns)[LM_ID_BASE]._ns_loaded);
1648
1649	/* At this point we are in a bit of trouble. We would have to
1650	fill in the values for l_dev and l_ino. But in general we
1651	do not know where the file is. We also do not handle AT_EXECFD
1652	even if it would be passed up.
1653
1654	We leave the values here defined to 0. This is normally no
1655	problem as the program code itself is normally no shared
1656	object and therefore cannot be loaded dynamically. Nothing
1657	prevent the use of dynamic binaries and in these situations
1658	we might get problems. We might not be able to find out
1659	whether the object is already loaded. But since there is no
1660	easy way out and because the dynamic binary must also not
1661	have an SONAME we ignore this program for now. If it becomes
1662	a problem we can force people using SONAMEs. */
1663
1664	/* We delay initializing the path structure until we got the dynamic
1665	information for the program. */
1666	}
1667
1668	bool has_interp = rtld_setup_main_map (main_map);
1669
1670	/* If the current libname is different from the SONAME, add the
1671	latter as well. */
1672	if (GL(dl_rtld_map).l_info[DT_SONAME] != NULL
1673	&& strcmp (GL(dl_rtld_map).l_libname->name,
1674	(const char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1675	+ GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_val) != 0)
1676	{
1677	static struct libname_list newname;
1678	newname.name = ((char *) D_PTR (&GL(dl_rtld_map), l_info[DT_STRTAB])
1679	+ GL(dl_rtld_map).l_info[DT_SONAME]->d_un.d_ptr);
1680	newname.next = NULL;
1681	newname.dont_free = 1;
1682
1683	assert (GL(dl_rtld_map).l_libname->next == NULL);
1684	GL(dl_rtld_map).l_libname->next = &newname;
1685	}
1686	/* The ld.so must be relocated since otherwise loading audit modules
1687	will fail since they reuse the very same ld.so. */
1688	assert (GL(dl_rtld_map).l_relocated);
1689
1690	if (! rtld_is_main)
1691	{
1692	/* Extract the contents of the dynamic section for easy access. */
1693	elf_get_dynamic_info (l: main_map, false, false);
1694
1695	/* If the main map is libc.so, update the base namespace to
1696	refer to this map. If libc.so is loaded later, this happens
1697	in _dl_map_object_from_fd. */
1698	if (main_map->l_info[DT_SONAME] != NULL
1699	&& (strcmp (((const char *) D_PTR (main_map, l_info[DT_STRTAB])
1700	+ main_map->l_info[DT_SONAME]->d_un.d_val), LIBC_SO)
1701	== 0))
1702	GL(dl_ns)[LM_ID_BASE].libc_map = main_map;
1703
1704	/* Set up our cache of pointers into the hash table. */
1705	_dl_setup_hash (map: main_map);
1706	}
1707
1708	if (__glibc_unlikely (state.mode == rtld_mode_verify))
1709	{
1710	/* We were called just to verify that this is a dynamic
1711	executable using us as the program interpreter. Exit with an
1712	error if we were not able to load the binary or no interpreter
1713	is specified (i.e., this is no dynamically linked binary. */
1714	if (main_map->l_ld == NULL)
1715	_exit (1);
1716
1717	_exit (has_interp ? 0 : 2);
1718	}
1719
1720	struct link_map **first_preload = &GL(dl_rtld_map).l_next;
1721	/* Set up the data structures for the system-supplied DSO early,
1722	so they can influence _dl_init_paths. */
1723	setup_vdso (main_map, first_preload: &first_preload);
1724
1725	/* With vDSO setup we can initialize the function pointers. */
1726	setup_vdso_pointers ();
1727
1728	/* Initialize the data structures for the search paths for shared
1729	objects. */
1730	call_init_paths (state: &state);
1731
1732	/* Initialize _r_debug_extended. */
1733	struct r_debug *r = _dl_debug_initialize (GL(dl_rtld_map).l_addr,
1734	LM_ID_BASE);
1735	r->r_state = RT_CONSISTENT;
1736
1737	/* Put the link_map for ourselves on the chain so it can be found by
1738	name. Note that at this point the global chain of link maps contains
1739	exactly one element, which is pointed to by dl_loaded. */
1740	if (! GL(dl_rtld_map).l_name)
1741	/* If not invoked directly, the dynamic linker shared object file was
1742	found by the PT_INTERP name. */
1743	GL(dl_rtld_map).l_name = (char *) GL(dl_rtld_map).l_libname->name;
1744	GL(dl_rtld_map).l_type = lt_library;
1745	main_map->l_next = &GL(dl_rtld_map);
1746	GL(dl_rtld_map).l_prev = main_map;
1747	++GL(dl_ns)[LM_ID_BASE]._ns_nloaded;
1748	++GL(dl_load_adds);
1749
1750	/* Starting from binutils-2.23, the linker will define the magic symbol
1751	__ehdr_start to point to our own ELF header if it is visible in a
1752	segment that also includes the phdrs. If that's not available, we use
1753	the old method that assumes the beginning of the file is part of the
1754	lowest-addressed PT_LOAD segment. */
1755
1756	/* Set up the program header information for the dynamic linker
1757	itself. It is needed in the dl_iterate_phdr callbacks. */
1758	const ElfW(Ehdr) *rtld_ehdr = &__ehdr_start;
1759	assert (rtld_ehdr->e_ehsize == sizeof *rtld_ehdr);
1760	assert (rtld_ehdr->e_phentsize == sizeof (ElfW(Phdr)));
1761
1762	const ElfW(Phdr) *rtld_phdr = (const void *) rtld_ehdr + rtld_ehdr->e_phoff;
1763
1764	GL(dl_rtld_map).l_phdr = rtld_phdr;
1765	GL(dl_rtld_map).l_phnum = rtld_ehdr->e_phnum;
1766
1767
1768	/* PT_GNU_RELRO is usually the last phdr. */
1769	size_t cnt = rtld_ehdr->e_phnum;
1770	while (cnt-- > 0)
1771	if (rtld_phdr[cnt].p_type == PT_GNU_RELRO)
1772	{
1773	GL(dl_rtld_map).l_relro_addr = rtld_phdr[cnt].p_vaddr;
1774	GL(dl_rtld_map).l_relro_size = rtld_phdr[cnt].p_memsz;
1775	break;
1776	}
1777
1778	/* Add the dynamic linker to the TLS list if it also uses TLS. */
1779	if (GL(dl_rtld_map).l_tls_blocksize != 0)
1780	/* Assign a module ID. Do this before loading any audit modules. */
1781	_dl_assign_tls_modid (l: &GL(dl_rtld_map));
1782
1783	audit_list_add_dynamic_tag (list: &state.audit_list, main_map, DT_AUDIT);
1784	audit_list_add_dynamic_tag (list: &state.audit_list, main_map, DT_DEPAUDIT);
1785
1786	/* At this point, all data has been obtained that is included in the
1787	--help output. */
1788	if (__glibc_unlikely (state.mode == rtld_mode_help))
1789	_dl_help (argv0: ld_so_name, state: &state);
1790
1791	/* If we have auditing DSOs to load, do it now. */
1792	bool need_security_init = true;
1793	if (state.audit_list.length > 0)
1794	{
1795	size_t naudit = audit_list_count (list: &state.audit_list);
1796
1797	/* Since we start using the auditing DSOs right away we need to
1798	initialize the data structures now. */
1799	tcbp = init_tls (naudit);
1800
1801	/* Initialize security features. We need to do it this early
1802	since otherwise the constructors of the audit libraries will
1803	use different values (especially the pointer guard) and will
1804	fail later on. */
1805	security_init ();
1806	need_security_init = false;
1807
1808	load_audit_modules (main_map, audit_list: &state.audit_list);
1809
1810	/* The count based on audit strings may overestimate the number
1811	of audit modules that got loaded, but not underestimate. */
1812	assert (GLRO(dl_naudit) <= naudit);
1813	}
1814
1815	/* Keep track of the currently loaded modules to count how many
1816	non-audit modules which use TLS are loaded. */
1817	size_t count_modids = _dl_count_modids ();
1818
1819	/* Set up debugging before the debugger is notified for the first time. */
1820	elf_setup_debug_entry (l: main_map, r);
1821
1822	/* We start adding objects. */
1823	r->r_state = RT_ADD;
1824	_dl_debug_state ();
1825	LIBC_PROBE (init_start, 2, LM_ID_BASE, r);
1826
1827	/* Auditing checkpoint: we are ready to signal that the initial map
1828	is being constructed. */
1829	_dl_audit_activity_map (l: main_map, action: LA_ACT_ADD);
1830
1831	/* We have two ways to specify objects to preload: via environment
1832	variable and via the file /etc/ld.so.preload. The latter can also
1833	be used when security is enabled. */
1834	assert (*first_preload == NULL);
1835	struct link_map **preloads = NULL;
1836	unsigned int npreloads = 0;
1837
1838	if (__glibc_unlikely (state.preloadlist != NULL))
1839	{
1840	RTLD_TIMING_VAR (start);
1841	rtld_timer_start (var: &start);
1842	npreloads += handle_preload_list (preloadlist: state.preloadlist, main_map,
1843	where: "LD_PRELOAD");
1844	rtld_timer_accum (sum: &load_time, start);
1845	}
1846
1847	if (__glibc_unlikely (state.preloadarg != NULL))
1848	{
1849	RTLD_TIMING_VAR (start);
1850	rtld_timer_start (var: &start);
1851	npreloads += handle_preload_list (preloadlist: state.preloadarg, main_map,
1852	where: "--preload");
1853	rtld_timer_accum (sum: &load_time, start);
1854	}
1855
1856	/* There usually is no ld.so.preload file, it should only be used
1857	for emergencies and testing. So the open call etc should usually
1858	fail. Using access() on a non-existing file is faster than using
1859	open(). So we do this first. If it succeeds we do almost twice
1860	the work but this does not matter, since it is not for production
1861	use. */
1862	static const char preload_file[] = "/etc/ld.so.preload";
1863	if (__glibc_unlikely (__access (preload_file, R_OK) == 0))
1864	{
1865	/* Read the contents of the file. */
1866	file = _dl_sysdep_read_whole_file (file: preload_file, sizep: &file_size,
1867	PROT_READ | PROT_WRITE);
1868	if (__glibc_unlikely (file != MAP_FAILED))
1869	{
1870	/* Parse the file. It contains names of libraries to be loaded,
1871	separated by white spaces or `:'. It may also contain
1872	comments introduced by `#'. */
1873	char *problem;
1874	char *runp;
1875	size_t rest;
1876
1877	/* Eliminate comments. */
1878	runp = file;
1879	rest = file_size;
1880	while (rest > 0)
1881	{
1882	char *comment = memchr (runp, '#', rest);
1883	if (comment == NULL)
1884	break;
1885
1886	rest -= comment - runp;
1887	do
1888	*comment = ' ';
1889	while (--rest > 0 && *++comment != '\n');
1890	}
1891
1892	/* We have one problematic case: if we have a name at the end of
1893	the file without a trailing terminating characters, we cannot
1894	place the \0. Handle the case separately. */
1895	if (file[file_size - 1] != ' ' && file[file_size - 1] != '\t'
1896	&& file[file_size - 1] != '\n' && file[file_size - 1] != ':')
1897	{
1898	problem = &file[file_size];
1899	while (problem > file && problem[-1] != ' '
1900	&& problem[-1] != '\t'
1901	&& problem[-1] != '\n' && problem[-1] != ':')
1902	--problem;
1903
1904	if (problem > file)
1905	problem[-1] = '\0';
1906	}
1907	else
1908	{
1909	problem = NULL;
1910	file[file_size - 1] = '\0';
1911	}
1912
1913	RTLD_TIMING_VAR (start);
1914	rtld_timer_start (var: &start);
1915
1916	if (file != problem)
1917	{
1918	char *p;
1919	runp = file;
1920	while ((p = strsep (&runp, ": \t\n")) != NULL)
1921	if (p[0] != '\0')
1922	npreloads += do_preload (fname: p, main_map, where: preload_file);
1923	}
1924
1925	if (problem != NULL)
1926	{
1927	char *p = strndupa (problem, file_size - (problem - file));
1928
1929	npreloads += do_preload (fname: p, main_map, where: preload_file);
1930	}
1931
1932	rtld_timer_accum (sum: &load_time, start);
1933
1934	/* We don't need the file anymore. */
1935	__munmap (file, file_size);
1936	}
1937	}
1938
1939	if (__glibc_unlikely (*first_preload != NULL))
1940	{
1941	/* Set up PRELOADS with a vector of the preloaded libraries. */
1942	struct link_map *l = *first_preload;
1943	preloads = __alloca (npreloads * sizeof preloads[0]);
1944	i = 0;
1945	do
1946	{
1947	preloads[i++] = l;
1948	l = l->l_next;
1949	} while (l);
1950	assert (i == npreloads);
1951	}
1952
1953	#ifdef NEED_DL_SYSINFO_DSO
1954	/* Now that the audit modules are opened, call la_objopen for the vDSO. */
1955	if (GLRO(dl_sysinfo_map) != NULL)
1956	_dl_audit_objopen (GLRO(dl_sysinfo_map), LM_ID_BASE);
1957	#endif
1958
1959	/* Load all the libraries specified by DT_NEEDED entries. If LD_PRELOAD
1960	specified some libraries to load, these are inserted before the actual
1961	dependencies in the executable's searchlist for symbol resolution. */
1962	{
1963	RTLD_TIMING_VAR (start);
1964	rtld_timer_start (var: &start);
1965	_dl_map_object_deps (map: main_map, preloads, npreloads,
1966	trace_mode: state.mode == rtld_mode_trace, open_mode: 0);
1967	rtld_timer_accum (sum: &load_time, start);
1968	}
1969
1970	/* Mark all objects as being in the global scope. */
1971	for (i = main_map->l_searchlist.r_nlist; i > 0; )
1972	main_map->l_searchlist.r_list[--i]->l_global = 1;
1973
1974	/* Remove _dl_rtld_map from the chain. */
1975	GL(dl_rtld_map).l_prev->l_next = GL(dl_rtld_map).l_next;
1976	if (GL(dl_rtld_map).l_next != NULL)
1977	GL(dl_rtld_map).l_next->l_prev = GL(dl_rtld_map).l_prev;
1978
1979	for (i = 1; i < main_map->l_searchlist.r_nlist; ++i)
1980	if (main_map->l_searchlist.r_list[i] == &GL(dl_rtld_map))
1981	break;
1982
1983	bool rtld_multiple_ref = false;
1984	if (__glibc_likely (i < main_map->l_searchlist.r_nlist))
1985	{
1986	/* Some DT_NEEDED entry referred to the interpreter object itself, so
1987	put it back in the list of visible objects. We insert it into the
1988	chain in symbol search order because gdb uses the chain's order as
1989	its symbol search order. */
1990	rtld_multiple_ref = true;
1991
1992	GL(dl_rtld_map).l_prev = main_map->l_searchlist.r_list[i - 1];
1993	if (__glibc_likely (state.mode == rtld_mode_normal))
1994	{
1995	GL(dl_rtld_map).l_next = (i + 1 < main_map->l_searchlist.r_nlist
1996	? main_map->l_searchlist.r_list[i + 1]
1997	: NULL);
1998	#ifdef NEED_DL_SYSINFO_DSO
1999	if (GLRO(dl_sysinfo_map) != NULL
2000	&& GL(dl_rtld_map).l_prev->l_next == GLRO(dl_sysinfo_map)
2001	&& GL(dl_rtld_map).l_next != GLRO(dl_sysinfo_map))
2002	GL(dl_rtld_map).l_prev = GLRO(dl_sysinfo_map);
2003	#endif
2004	}
2005	else
2006	/* In trace mode there might be an invisible object (which we
2007	could not find) after the previous one in the search list.
2008	In this case it doesn't matter much where we put the
2009	interpreter object, so we just initialize the list pointer so
2010	that the assertion below holds. */
2011	GL(dl_rtld_map).l_next = GL(dl_rtld_map).l_prev->l_next;
2012
2013	assert (GL(dl_rtld_map).l_prev->l_next == GL(dl_rtld_map).l_next);
2014	GL(dl_rtld_map).l_prev->l_next = &GL(dl_rtld_map);
2015	if (GL(dl_rtld_map).l_next != NULL)
2016	{
2017	assert (GL(dl_rtld_map).l_next->l_prev == GL(dl_rtld_map).l_prev);
2018	GL(dl_rtld_map).l_next->l_prev = &GL(dl_rtld_map);
2019	}
2020	}
2021
2022	/* Now let us see whether all libraries are available in the
2023	versions we need. */
2024	{
2025	struct version_check_args args;
2026	args.doexit = state.mode == rtld_mode_normal;
2027	args.dotrace = state.mode == rtld_mode_trace;
2028	_dl_receive_error (fct: print_missing_version, operate: version_check_doit, args: &args);
2029	}
2030
2031	/* We do not initialize any of the TLS functionality unless any of the
2032	initial modules uses TLS. This makes dynamic loading of modules with
2033	TLS impossible, but to support it requires either eagerly doing setup
2034	now or lazily doing it later. Doing it now makes us incompatible with
2035	an old kernel that can't perform TLS_INIT_TP, even if no TLS is ever
2036	used. Trying to do it lazily is too hairy to try when there could be
2037	multiple threads (from a non-TLS-using libpthread). */
2038	bool was_tls_init_tp_called = __rtld_tls_init_tp_called;
2039	if (tcbp == NULL)
2040	tcbp = init_tls (naudit: 0);
2041
2042	if (__glibc_likely (need_security_init))
2043	/* Initialize security features. But only if we have not done it
2044	earlier. */
2045	security_init ();
2046
2047	if (__glibc_unlikely (state.mode != rtld_mode_normal))
2048	{
2049	/* We were run just to list the shared libraries. It is
2050	important that we do this before real relocation, because the
2051	functions we call below for output may no longer work properly
2052	after relocation. */
2053	struct link_map *l;
2054
2055	if (GLRO(dl_debug_mask) & DL_DEBUG_UNUSED)
2056	{
2057	/* Look through the dependencies of the main executable
2058	and determine which of them is not actually
2059	required. */
2060	struct link_map *l = main_map;
2061
2062	/* Relocate the main executable. */
2063	struct relocate_args args = { .l = l,
2064	.reloc_mode = ((GLRO(dl_lazy)
2065	? RTLD_LAZY : 0)
2066	| __RTLD_NOIFUNC) };
2067	_dl_receive_error (fct: print_unresolved, operate: relocate_doit, args: &args);
2068
2069	/* This loop depends on the dependencies of the executable to
2070	correspond in number and order to the DT_NEEDED entries. */
2071	ElfW(Dyn) *dyn = main_map->l_ld;
2072	bool first = true;
2073	while (dyn->d_tag != DT_NULL)
2074	{
2075	if (dyn->d_tag == DT_NEEDED)
2076	{
2077	l = l->l_next;
2078	#ifdef NEED_DL_SYSINFO_DSO
2079	/* Skip the VDSO since it's not part of the list
2080	of objects we brought in via DT_NEEDED entries. */
2081	if (l == GLRO(dl_sysinfo_map))
2082	l = l->l_next;
2083	#endif
2084	if (!l->l_used)
2085	{
2086	if (first)
2087	{
2088	_dl_printf (fmt: "Unused direct dependencies:\n");
2089	first = false;
2090	}
2091
2092	_dl_printf (fmt: "\t%s\n", l->l_name);
2093	}
2094	}
2095
2096	++dyn;
2097	}
2098
2099	_exit (first != true);
2100	}
2101	else if (! main_map->l_info[DT_NEEDED])
2102	_dl_printf (fmt: "\tstatically linked\n");
2103	else
2104	{
2105	for (l = state.mode_trace_program ? main_map : main_map->l_next;
2106	l; l = l->l_next) {
2107	if (l->l_faked)
2108	/* The library was not found. */
2109	_dl_printf (fmt: "\t%s => not found\n", l->l_libname->name);
2110	else if (strcmp (l->l_libname->name, l->l_name) == 0)
2111	/* Print vDSO like libraries without duplicate name. Some
2112	consumers depend of this format. */
2113	_dl_printf (fmt: "\t%s (0x%0*zx)\n", l->l_libname->name,
2114	(int) sizeof l->l_map_start * 2,
2115	(size_t) l->l_map_start);
2116	else
2117	_dl_printf (fmt: "\t%s => %s (0x%0*zx)\n",
2118	DSO_FILENAME (l->l_libname->name),
2119	DSO_FILENAME (l->l_name),
2120	(int) sizeof l->l_map_start * 2,
2121	(size_t) l->l_map_start);
2122	}
2123	}
2124
2125	if (__glibc_unlikely (state.mode != rtld_mode_trace))
2126	for (i = 1; i < (unsigned int) _dl_argc; ++i)
2127	{
2128	const ElfW(Sym) *ref = NULL;
2129	ElfW(Addr) loadbase;
2130	lookup_t result;
2131
2132	result = _dl_lookup_symbol_x (undef: _dl_argv[i], undef_map: main_map,
2133	sym: &ref, symbol_scope: main_map->l_scope,
2134	NULL, ELF_RTYPE_CLASS_PLT,
2135	flags: DL_LOOKUP_ADD_DEPENDENCY, NULL);
2136
2137	loadbase = LOOKUP_VALUE_ADDRESS (result, false);
2138
2139	_dl_printf (fmt: "%s found at 0x%0*zd in object at 0x%0*zd\n",
2140	_dl_argv[i],
2141	(int) sizeof ref->st_value * 2,
2142	(size_t) ref->st_value,
2143	(int) sizeof loadbase * 2, (size_t) loadbase);
2144	}
2145	else
2146	{
2147	/* If LD_WARN is set, warn about undefined symbols. */
2148	if (GLRO(dl_lazy) >= 0 && GLRO(dl_verbose))
2149	{
2150	/* We have to do symbol dependency testing. */
2151	struct relocate_args args;
2152	unsigned int i;
2153
2154	args.reloc_mode = ((GLRO(dl_lazy) ? RTLD_LAZY : 0)
2155	| __RTLD_NOIFUNC);
2156
2157	i = main_map->l_searchlist.r_nlist;
2158	while (i-- > 0)
2159	{
2160	struct link_map *l = main_map->l_initfini[i];
2161	if (l != &GL(dl_rtld_map) && ! l->l_faked)
2162	{
2163	args.l = l;
2164	_dl_receive_error (fct: print_unresolved, operate: relocate_doit,
2165	args: &args);
2166	}
2167	}
2168
2169	}
2170	#define VERNEEDTAG (DT_NUM + DT_THISPROCNUM + DT_VERSIONTAGIDX (DT_VERNEED))
2171	if (state.version_info)
2172	{
2173	/* Print more information. This means here, print information
2174	about the versions needed. */
2175	int first = 1;
2176	struct link_map *map;
2177
2178	for (map = main_map; map != NULL; map = map->l_next)
2179	{
2180	const char *strtab;
2181	ElfW(Dyn) *dyn = map->l_info[VERNEEDTAG];
2182	ElfW(Verneed) *ent;
2183
2184	if (dyn == NULL)
2185	continue;
2186
2187	strtab = (const void *) D_PTR (map, l_info[DT_STRTAB]);
2188	ent = (ElfW(Verneed) *) (map->l_addr + dyn->d_un.d_ptr);
2189
2190	if (first)
2191	{
2192	_dl_printf (fmt: "\n\tVersion information:\n");
2193	first = 0;
2194	}
2195
2196	_dl_printf (fmt: "\t%s:\n", DSO_FILENAME (map->l_name));
2197
2198	while (1)
2199	{
2200	ElfW(Vernaux) *aux;
2201	struct link_map *needed;
2202
2203	needed = find_needed (name: strtab + ent->vn_file);
2204	aux = (ElfW(Vernaux) *) ((char *) ent + ent->vn_aux);
2205
2206	while (1)
2207	{
2208	const char *fname = NULL;
2209
2210	if (needed != NULL
2211	&& match_version (string: strtab + aux->vna_name,
2212	map: needed))
2213	fname = needed->l_name;
2214
2215	_dl_printf (fmt: "\t\t%s (%s) %s=> %s\n",
2216	strtab + ent->vn_file,
2217	strtab + aux->vna_name,
2218	aux->vna_flags & VER_FLG_WEAK
2219	? "[WEAK] " : "",
2220	fname ?: "not found");
2221
2222	if (aux->vna_next == 0)
2223	/* No more symbols. */
2224	break;
2225
2226	/* Next symbol. */
2227	aux = (ElfW(Vernaux) *) ((char *) aux
2228	+ aux->vna_next);
2229	}
2230
2231	if (ent->vn_next == 0)
2232	/* No more dependencies. */
2233	break;
2234
2235	/* Next dependency. */
2236	ent = (ElfW(Verneed) *) ((char *) ent + ent->vn_next);
2237	}
2238	}
2239	}
2240	}
2241
2242	_exit (0);
2243	}
2244
2245	/* Now set up the variable which helps the assembler startup code. */
2246	GL(dl_ns)[LM_ID_BASE]._ns_main_searchlist = &main_map->l_searchlist;
2247
2248	/* Save the information about the original global scope list since
2249	we need it in the memory handling later. */
2250	GLRO(dl_initial_searchlist) = *GL(dl_ns)[LM_ID_BASE]._ns_main_searchlist;
2251
2252	/* Remember the last search directory added at startup, now that
2253	malloc will no longer be the one from dl-minimal.c. As a side
2254	effect, this marks ld.so as initialized, so that the rtld_active
2255	function returns true from now on. */
2256	GLRO(dl_init_all_dirs) = GL(dl_all_dirs);
2257
2258	/* Print scope information. */
2259	if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_SCOPES))
2260	{
2261	_dl_debug_printf (fmt: "\nInitial object scopes\n");
2262
2263	for (struct link_map *l = main_map; l != NULL; l = l->l_next)
2264	_dl_show_scope (new: l, from: 0);
2265	}
2266
2267	_rtld_main_check (m: main_map, program: _dl_argv[0]);
2268
2269	/* Now we have all the objects loaded. Relocate them all except for
2270	the dynamic linker itself. We do this in reverse order so that copy
2271	relocs of earlier objects overwrite the data written by later
2272	objects. We do not re-relocate the dynamic linker itself in this
2273	loop because that could result in the GOT entries for functions we
2274	call being changed, and that would break us. It is safe to relocate
2275	the dynamic linker out of order because it has no copy relocations.
2276	Likewise for libc, which is relocated early to ensure that IFUNC
2277	resolvers in libc work. */
2278
2279	int consider_profiling = GLRO(dl_profile) != NULL;
2280
2281	/* If we are profiling we also must do lazy reloaction. */
2282	GLRO(dl_lazy) |= consider_profiling;
2283
2284	if (GL(dl_ns)[LM_ID_BASE].libc_map != NULL)
2285	_dl_relocate_object (GL(dl_ns)[LM_ID_BASE].libc_map,
2286	GL(dl_ns)[LM_ID_BASE].libc_map->l_scope,
2287	GLRO(dl_lazy) ? RTLD_LAZY : 0, consider_profiling);
2288
2289	RTLD_TIMING_VAR (start);
2290	rtld_timer_start (var: &start);
2291	{
2292	unsigned i = main_map->l_searchlist.r_nlist;
2293	while (i-- > 0)
2294	{
2295	struct link_map *l = main_map->l_initfini[i];
2296
2297	/* While we are at it, help the memory handling a bit. We have to
2298	mark some data structures as allocated with the fake malloc()
2299	implementation in ld.so. */
2300	struct libname_list *lnp = l->l_libname->next;
2301
2302	while (__builtin_expect (lnp != NULL, 0))
2303	{
2304	lnp->dont_free = 1;
2305	lnp = lnp->next;
2306	}
2307	/* Also allocated with the fake malloc(). */
2308	l->l_free_initfini = 0;
2309
2310	if (l != &GL(dl_rtld_map))
2311	_dl_relocate_object (map: l, scope: l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0,
2312	consider_profiling);
2313
2314	/* Add object to slot information data if necessasy. */
2315	if (l->l_tls_blocksize != 0 && __rtld_tls_init_tp_called)
2316	_dl_add_to_slotinfo (l, true);
2317	}
2318	}
2319	rtld_timer_stop (var: &relocate_time, start);
2320
2321	/* Now enable profiling if needed. Like the previous call,
2322	this has to go here because the calls it makes should use the
2323	rtld versions of the functions (particularly calloc()), but it
2324	needs to have _dl_profile_map set up by the relocator. */
2325	if (__glibc_unlikely (GL(dl_profile_map) != NULL))
2326	/* We must prepare the profiling. */
2327	_dl_start_profile ();
2328
2329	if ((!was_tls_init_tp_called && GL(dl_tls_max_dtv_idx) > 0)
2330	|| count_modids != _dl_count_modids ())
2331	++GL(dl_tls_generation);
2332
2333	/* Now that we have completed relocation, the initializer data
2334	for the TLS blocks has its final values and we can copy them
2335	into the main thread's TLS area, which we allocated above.
2336	Note: thread-local variables must only be accessed after completing
2337	the next step. */
2338	_dl_allocate_tls_init (tcbp, false);
2339
2340	/* And finally install it for the main thread. */
2341	if (! __rtld_tls_init_tp_called)
2342	call_tls_init_tp (addr: tcbp);
2343
2344	/* Make sure no new search directories have been added. */
2345	assert (GLRO(dl_init_all_dirs) == GL(dl_all_dirs));
2346
2347	if (rtld_multiple_ref)
2348	{
2349	/* There was an explicit ref to the dynamic linker as a shared lib.
2350	Re-relocate ourselves with user-controlled symbol definitions.
2351
2352	We must do this after TLS initialization in case after this
2353	re-relocation, we might call a user-supplied function
2354	(e.g. calloc from _dl_relocate_object) that uses TLS data. */
2355
2356	/* Set up the object lookup structures. */
2357	_dl_find_object_init ();
2358
2359	/* The malloc implementation has been relocated, so resolving
2360	its symbols (and potentially calling IFUNC resolvers) is safe
2361	at this point. */
2362	__rtld_malloc_init_real (main_map);
2363
2364	/* Likewise for the locking implementation. */
2365	__rtld_mutex_init ();
2366
2367	RTLD_TIMING_VAR (start);
2368	rtld_timer_start (var: &start);
2369
2370	/* Mark the link map as not yet relocated again. */
2371	GL(dl_rtld_map).l_relocated = 0;
2372	_dl_relocate_object (map: &GL(dl_rtld_map), scope: main_map->l_scope, reloc_mode: 0, consider_profiling: 0);
2373
2374	rtld_timer_accum (sum: &relocate_time, start);
2375	}
2376
2377	/* Relocation is complete. Perform early libc initialization. This
2378	is the initial libc, even if audit modules have been loaded with
2379	other libcs. */
2380	_dl_call_libc_early_init (GL(dl_ns)[LM_ID_BASE].libc_map, true);
2381
2382	/* Do any necessary cleanups for the startup OS interface code.
2383	We do these now so that no calls are made after rtld re-relocation
2384	which might be resolved to different functions than we expect.
2385	We cannot do this before relocating the other objects because
2386	_dl_relocate_object might need to call `mprotect' for DT_TEXTREL. */
2387	_dl_sysdep_start_cleanup ();
2388
2389	/* Auditing checkpoint: we have added all objects. */
2390	_dl_audit_activity_nsid (LM_ID_BASE, action: LA_ACT_CONSISTENT);
2391
2392	/* Notify the debugger all new objects are now ready to go. We must re-get
2393	the address since by now the variable might be in another object. */
2394	r = _dl_debug_update (LM_ID_BASE);
2395	r->r_state = RT_CONSISTENT;
2396	_dl_debug_state ();
2397	LIBC_PROBE (init_complete, 2, LM_ID_BASE, r);
2398
2399	#if defined USE_LDCONFIG && !defined MAP_COPY
2400	/* We must munmap() the cache file. */
2401	_dl_unload_cache ();
2402	#endif
2403
2404	/* Once we return, _dl_sysdep_start will invoke
2405	the DT_INIT functions and then *USER_ENTRY. */
2406	}
2407
2408	/* This is a little helper function for resolving symbols while
2409	tracing the binary. */
2410	static void
2411	print_unresolved (int errcode __attribute__ ((unused)), const char *objname,
2412	const char *errstring)
2413	{
2414	if (objname[0] == '\0')
2415	objname = RTLD_PROGNAME;
2416	_dl_error_printf (fmt: "%s (%s)\n", errstring, objname);
2417	}
2418
2419	/* This is a little helper function for resolving symbols while
2420	tracing the binary. */
2421	static void
2422	print_missing_version (int errcode __attribute__ ((unused)),
2423	const char *objname, const char *errstring)
2424	{
2425	_dl_error_printf (fmt: "%s: %s: %s\n", RTLD_PROGNAME,
2426	objname, errstring);
2427	}
2428
2429	/* Process the string given as the parameter which explains which debugging
2430	options are enabled. */
2431	static void
2432	process_dl_debug (struct dl_main_state *state, const char *dl_debug)
2433	{
2434	/* When adding new entries make sure that the maximal length of a name
2435	is correctly handled in the LD_DEBUG_HELP code below. */
2436	static const struct
2437	{
2438	unsigned char len;
2439	const char name[10];
2440	const char helptext[41];
2441	unsigned short int mask;
2442	} debopts[] =
2443	{
2444	#define LEN_AND_STR(str) sizeof (str) - 1, str
2445	{ LEN_AND_STR ("libs"), "display library search paths",
2446	DL_DEBUG_LIBS | DL_DEBUG_IMPCALLS },
2447	{ LEN_AND_STR ("reloc"), "display relocation processing",
2448	DL_DEBUG_RELOC | DL_DEBUG_IMPCALLS },
2449	{ LEN_AND_STR ("files"), "display progress for input file",
2450	DL_DEBUG_FILES | DL_DEBUG_IMPCALLS },
2451	{ LEN_AND_STR ("symbols"), "display symbol table processing",
2452	DL_DEBUG_SYMBOLS | DL_DEBUG_IMPCALLS },
2453	{ LEN_AND_STR ("bindings"), "display information about symbol binding",
2454	DL_DEBUG_BINDINGS | DL_DEBUG_IMPCALLS },
2455	{ LEN_AND_STR ("versions"), "display version dependencies",
2456	DL_DEBUG_VERSIONS | DL_DEBUG_IMPCALLS },
2457	{ LEN_AND_STR ("scopes"), "display scope information",
2458	DL_DEBUG_SCOPES },
2459	{ LEN_AND_STR ("all"), "all previous options combined",
2460	DL_DEBUG_LIBS | DL_DEBUG_RELOC | DL_DEBUG_FILES | DL_DEBUG_SYMBOLS
2461	| DL_DEBUG_BINDINGS | DL_DEBUG_VERSIONS | DL_DEBUG_IMPCALLS
2462	| DL_DEBUG_SCOPES },
2463	{ LEN_AND_STR ("statistics"), "display relocation statistics",
2464	DL_DEBUG_STATISTICS },
2465	{ LEN_AND_STR ("unused"), "determined unused DSOs",
2466	DL_DEBUG_UNUSED },
2467	{ LEN_AND_STR ("help"), "display this help message and exit",
2468	DL_DEBUG_HELP },
2469	};
2470	#define ndebopts (sizeof (debopts) / sizeof (debopts[0]))
2471
2472	/* Skip separating white spaces and commas. */
2473	while (*dl_debug != '\0')
2474	{
2475	if (*dl_debug != ' ' && *dl_debug != ',' && *dl_debug != ':')
2476	{
2477	size_t cnt;
2478	size_t len = 1;
2479
2480	while (dl_debug[len] != '\0' && dl_debug[len] != ' '
2481	&& dl_debug[len] != ',' && dl_debug[len] != ':')
2482	++len;
2483
2484	for (cnt = 0; cnt < ndebopts; ++cnt)
2485	if (debopts[cnt].len == len
2486	&& memcmp (dl_debug, debopts[cnt].name, len) == 0)
2487	{
2488	GLRO(dl_debug_mask) |= debopts[cnt].mask;
2489	break;
2490	}
2491
2492	if (cnt == ndebopts)
2493	{
2494	/* Display a warning and skip everything until next
2495	separator. */
2496	char *copy = strndupa (dl_debug, len);
2497	_dl_error_printf (fmt: "\
2498	warning: debug option `%s' unknown; try LD_DEBUG=help\n", copy);
2499	}
2500
2501	dl_debug += len;
2502	continue;
2503	}
2504
2505	++dl_debug;
2506	}
2507
2508	if (GLRO(dl_debug_mask) & DL_DEBUG_UNUSED)
2509	{
2510	/* In order to get an accurate picture of whether a particular
2511	DT_NEEDED entry is actually used we have to process both
2512	the PLT and non-PLT relocation entries. */
2513	GLRO(dl_lazy) = 0;
2514	}
2515
2516	if (GLRO(dl_debug_mask) & DL_DEBUG_HELP)
2517	{
2518	size_t cnt;
2519
2520	_dl_printf (fmt: "\
2521	Valid options for the LD_DEBUG environment variable are:\n\n");
2522
2523	for (cnt = 0; cnt < ndebopts; ++cnt)
2524	_dl_printf (fmt: " %.*s%s%s\n", debopts[cnt].len, debopts[cnt].name,
2525	" " + debopts[cnt].len - 3,
2526	debopts[cnt].helptext);
2527
2528	_dl_printf (fmt: "\n\
2529	To direct the debugging output into a file instead of standard output\n\
2530	a filename can be specified using the LD_DEBUG_OUTPUT environment variable.\n");
2531	_exit (0);
2532	}
2533	}
2534
2535	static void
2536	process_envvars_secure (struct dl_main_state *state)
2537	{
2538	char **runp = _environ;
2539	char *envline;
2540
2541	while ((envline = _dl_next_ld_env_entry (position: &runp)) != NULL)
2542	{
2543	size_t len = 0;
2544
2545	while (envline[len] != '\0' && envline[len] != '=')
2546	++len;
2547
2548	if (envline[len] != '=')
2549	/* This is a "LD_" variable at the end of the string without
2550	a '=' character. Ignore it since otherwise we will access
2551	invalid memory below. */
2552	continue;
2553
2554	switch (len)
2555	{
2556	case 5:
2557	/* For __libc_enable_secure mode, audit pathnames containing slashes
2558	are ignored. Also, shared audit objects are only loaded only from
2559	the standard search directories and only if they have set-user-ID
2560	mode bit enabled. */
2561	if (memcmp (envline, "AUDIT", 5) == 0)
2562	audit_list_add_string (list: &state->audit_list, string: &envline[6]);
2563	break;
2564
2565	case 7:
2566	/* For __libc_enable_secure mode, preload pathnames containing slashes
2567	are ignored. Also, shared objects are only preloaded from the
2568	standard search directories and only if they have set-user-ID mode
2569	bit enabled. */
2570	if (memcmp (envline, "PRELOAD", 7) == 0)
2571	state->preloadlist = &envline[8];
2572	break;
2573	}
2574	}
2575
2576	/* Extra security for SUID binaries. Remove all dangerous environment
2577	variables. */
2578	const char *nextp = UNSECURE_ENVVARS;
2579	do
2580	{
2581	unsetenv (nextp);
2582	nextp = strchr (nextp, '\0') + 1;
2583	}
2584	while (*nextp != '\0');
2585
2586	if (GLRO(dl_debug_mask) != 0
2587	|| GLRO(dl_verbose) != 0
2588	|| GLRO(dl_lazy) != 1
2589	|| GLRO(dl_bind_not) != 0
2590	|| state->mode != rtld_mode_normal
2591	|| state->version_info)
2592	_exit (5);
2593	}
2594
2595	static void
2596	process_envvars_default (struct dl_main_state *state)
2597	{
2598	char **runp = _environ;
2599	char *envline;
2600	char *debug_output = NULL;
2601
2602	while ((envline = _dl_next_ld_env_entry (position: &runp)) != NULL)
2603	{
2604	size_t len = 0;
2605
2606	while (envline[len] != '\0' && envline[len] != '=')
2607	++len;
2608
2609	if (envline[len] != '=')
2610	/* This is a "LD_" variable at the end of the string without
2611	a '=' character. Ignore it since otherwise we will access
2612	invalid memory below. */
2613	continue;
2614
2615	switch (len)
2616	{
2617	case 4:
2618	/* Warning level, verbose or not. */
2619	if (memcmp (envline, "WARN", 4) == 0)
2620	GLRO(dl_verbose) = envline[5] != '\0';
2621	break;
2622
2623	case 5:
2624	/* Debugging of the dynamic linker? */
2625	if (memcmp (envline, "DEBUG", 5) == 0)
2626	{
2627	process_dl_debug (state, dl_debug: &envline[6]);
2628	break;
2629	}
2630	/* For __libc_enable_secure mode, audit pathnames containing slashes
2631	are ignored. Also, shared audit objects are only loaded only from
2632	the standard search directories and only if they have set-user-ID
2633	mode bit enabled. */
2634	if (memcmp (envline, "AUDIT", 5) == 0)
2635	audit_list_add_string (list: &state->audit_list, string: &envline[6]);
2636	break;
2637
2638	case 7:
2639	/* Print information about versions. */
2640	if (memcmp (envline, "VERBOSE", 7) == 0)
2641	{
2642	state->version_info = envline[8] != '\0';
2643	break;
2644	}
2645
2646	/* For __libc_enable_secure mode, preload pathnames containing slashes
2647	are ignored. Also, shared objects are only preloaded from the
2648	standard search directories and only if they have set-user-ID mode
2649	bit enabled. */
2650	if (memcmp (envline, "PRELOAD", 7) == 0)
2651	{
2652	state->preloadlist = &envline[8];
2653	break;
2654	}
2655
2656	/* Which shared object shall be profiled. */
2657	if (memcmp (envline, "PROFILE", 7) == 0 && envline[8] != '\0')
2658	GLRO(dl_profile) = &envline[8];
2659	break;
2660
2661	case 8:
2662	/* Do we bind early? */
2663	if (memcmp (envline, "BIND_NOW", 8) == 0)
2664	{
2665	GLRO(dl_lazy) = envline[9] == '\0';
2666	break;
2667	}
2668	if (memcmp (envline, "BIND_NOT", 8) == 0)
2669	GLRO(dl_bind_not) = envline[9] != '\0';
2670	break;
2671
2672	case 9:
2673	/* Test whether we want to see the content of the auxiliary
2674	array passed up from the kernel. */
2675	if (memcmp (envline, "SHOW_AUXV", 9) == 0)
2676	_dl_show_auxv ();
2677	break;
2678
2679	case 11:
2680	/* Path where the binary is found. */
2681	if (memcmp (envline, "ORIGIN_PATH", 11) == 0)
2682	GLRO(dl_origin_path) = &envline[12];
2683	break;
2684
2685	case 12:
2686	/* The library search path. */
2687	if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
2688	{
2689	state->library_path = &envline[13];
2690	state->library_path_source = "LD_LIBRARY_PATH";
2691	break;
2692	}
2693
2694	/* Where to place the profiling data file. */
2695	if (memcmp (envline, "DEBUG_OUTPUT", 12) == 0)
2696	{
2697	debug_output = &envline[13];
2698	break;
2699	}
2700
2701	if (memcmp (envline, "DYNAMIC_WEAK", 12) == 0)
2702	GLRO(dl_dynamic_weak) = 1;
2703	break;
2704
2705	case 14:
2706	/* Where to place the profiling data file. */
2707	if (memcmp (envline, "PROFILE_OUTPUT", 14) == 0
2708	&& envline[15] != '\0')
2709	GLRO(dl_profile_output) = &envline[15];
2710	break;
2711
2712	case 20:
2713	/* The mode of the dynamic linker can be set. */
2714	if (memcmp (envline, "TRACE_LOADED_OBJECTS", 20) == 0)
2715	{
2716	state->mode = rtld_mode_trace;
2717	state->mode_trace_program
2718	= _dl_strtoul (&envline[21], NULL) > 1;
2719	}
2720	break;
2721	}
2722	}
2723
2724	/* If we have to run the dynamic linker in debugging mode and the
2725	LD_DEBUG_OUTPUT environment variable is given, we write the debug
2726	messages to this file. */
2727	if (GLRO(dl_debug_mask) != 0 && debug_output != NULL)
2728	{
2729	const int flags = O_WRONLY | O_APPEND | O_CREAT | O_NOFOLLOW;
2730	size_t name_len = strlen (debug_output);
2731	char buf[name_len + 12];
2732	char *startp;
2733
2734	buf[name_len + 11] = '\0';
2735	startp = _itoa (__getpid (), &buf[name_len + 11], 10, 0);
2736	*--startp = '.';
2737	startp = memcpy (startp - name_len, debug_output, name_len);
2738
2739	GLRO(dl_debug_fd) = __open64_nocancel (startp, flags, DEFFILEMODE);
2740	if (GLRO(dl_debug_fd) == -1)
2741	/* We use standard output if opening the file failed. */
2742	GLRO(dl_debug_fd) = STDOUT_FILENO;
2743	}
2744	}
2745
2746	static void
2747	process_envvars (struct dl_main_state *state)
2748	{
2749	if (__glibc_unlikely (__libc_enable_secure))
2750	process_envvars_secure (state);
2751	else
2752	process_envvars_default (state);
2753	}
2754
2755	#if HP_TIMING_INLINE
2756	static void
2757	print_statistics_item (const char *title, hp_timing_t time,
2758	hp_timing_t total)
2759	{
2760	char cycles[HP_TIMING_PRINT_SIZE];
2761	HP_TIMING_PRINT (cycles, sizeof (cycles), time);
2762
2763	char relative[3 * sizeof (hp_timing_t) + 2];
2764	char *cp = _itoa ((1000ULL * time) / total, relative + sizeof (relative),
2765	10, 0);
2766	/* Sets the decimal point. */
2767	char *wp = relative;
2768	switch (relative + sizeof (relative) - cp)
2769	{
2770	case 3:
2771	*wp++ = *cp++;
2772	/* Fall through. */
2773	case 2:
2774	*wp++ = *cp++;
2775	/* Fall through. */
2776	case 1:
2777	*wp++ = '.';
2778	*wp++ = *cp++;
2779	}
2780	*wp = '\0';
2781	_dl_debug_printf (fmt: "%s: %s cycles (%s%%)\n", title, cycles, relative);
2782	}
2783	#endif
2784
2785	/* Print the various times we collected. */
2786	static void
2787	__attribute ((noinline))
2788	print_statistics (const hp_timing_t *rtld_total_timep)
2789	{
2790	#if HP_TIMING_INLINE
2791	{
2792	char cycles[HP_TIMING_PRINT_SIZE];
2793	HP_TIMING_PRINT (cycles, sizeof (cycles), *rtld_total_timep);
2794	_dl_debug_printf (fmt: "\nruntime linker statistics:\n"
2795	" total startup time in dynamic loader: %s cycles\n",
2796	cycles);
2797	print_statistics_item (title: " time needed for relocation",
2798	time: relocate_time, total: *rtld_total_timep);
2799	}
2800	#endif
2801
2802	unsigned long int num_relative_relocations = 0;
2803	for (Lmid_t ns = 0; ns < GL(dl_nns); ++ns)
2804	{
2805	if (GL(dl_ns)[ns]._ns_loaded == NULL)
2806	continue;
2807
2808	struct r_scope_elem *scope = &GL(dl_ns)[ns]._ns_loaded->l_searchlist;
2809
2810	for (unsigned int i = 0; i < scope->r_nlist; i++)
2811	{
2812	struct link_map *l = scope->r_list [i];
2813
2814	if (l->l_addr != 0 && l->l_info[VERSYMIDX (DT_RELCOUNT)])
2815	num_relative_relocations
2816	+= l->l_info[VERSYMIDX (DT_RELCOUNT)]->d_un.d_val;
2817	#ifndef ELF_MACHINE_REL_RELATIVE
2818	/* Relative relocations are always processed on these
2819	architectures. */
2820	if (l->l_info[VERSYMIDX (DT_RELACOUNT)])
2821	#else
2822	/* On e.g. IA-64 or Alpha, relative relocations are processed
2823	only if library is loaded to different address than p_vaddr. */
2824	if (l->l_addr != 0 && l->l_info[VERSYMIDX (DT_RELACOUNT)])
2825	#endif
2826	num_relative_relocations
2827	+= l->l_info[VERSYMIDX (DT_RELACOUNT)]->d_un.d_val;
2828	}
2829	}
2830
2831	_dl_debug_printf (fmt: " number of relocations: %lu\n"
2832	" number of relocations from cache: %lu\n"
2833	" number of relative relocations: %lu\n",
2834	GL(dl_num_relocations),
2835	GL(dl_num_cache_relocations),
2836	num_relative_relocations);
2837
2838	#if HP_TIMING_INLINE
2839	print_statistics_item (title: " time needed to load objects",
2840	time: load_time, total: *rtld_total_timep);
2841	#endif
2842	}
2843