Commit Graph

219 Commits

Author SHA1 Message Date
markj
95576e5070 MFC r265456, r265578:
Add a postinit debugger hook to rtld. This will be used by dtrace(1) to halt
the victim process before its entry point is called, at which point probes
and DOF data are registered with the kernel. The r_debug_state hook cannot
be used for this purpose, as it is called before the program's init routines
are invoked and in particular before DOF data is registered (via drti.o).
2014-08-07 18:36:47 +00:00
kib
c4e5b24a25 MFC r259044:
For variant II static TLS, properly align tls segments.

MFC r259072:
Cast Elf_Addr to void * to match the free_aligned() argument type.
2013-12-13 06:06:08 +00:00
kib
c727c7bc75 Implement support for the interpose dso flag.
Requested by:	bf
Reviewed by:	kan
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Approved by:	re (glebius)
2013-10-07 08:19:30 +00:00
emaste
207f0bc65b Populate .rld_map on MIPS for debuggers
On MIPS the .dynamic section is read-only, so the pointer to rtld
information for debuggers cannot be stored there (in DT_DEBUG).
Instead, a special section .rld_map is used.

Sponsored by:	DARPA, AFRL
Approved by:	re (delphij)
2013-10-02 02:32:58 +00:00
des
b4fc46964b Make the directory mapping functionality, which was previously only
available in 32-bit compatibility mode, unconditional.

Overhaul the man page, which had evolved more by accretion than by design.

Approved by:	re (gjb)
MFC after:	3 weeks
2013-09-21 21:03:52 +00:00
kib
1d1f555665 Properly terminate the result string for intermediate results, to
allow the final strcpy() to start at the intended place.

Reported and tested by:	pgj
Pointy hat to:	kib
MFC after:	3 days
2013-04-29 21:12:25 +00:00
kib
df68f62846 The origin_subst_one() function limits the length of the string to
PATH_MAX after the token substitution.  This is wrong, because
origin_subst_one() performs the substitution on the whole rpath and
similar strings, which contain several pathes separated by colon.  As
result, long (but correct) rpath consisting of many path elements is
rejected by the function.

Correct the problem by rewriting the origin_subst_one() to perform two
passes, first pass to calculate the number of substitutions to be
performed, and second pass to generate the resulting string.  Second
pass allocates the memory for the result based on the count from the
first pass, without enforcing a limit.

Reported and tested by:	pgj
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2013-04-15 20:06:56 +00:00
jilles
d793145a72 rtld: Fix fd leak with parallel dlopen and fork/exec.
Rtld did not set FD_CLOEXEC on its internal file descriptors; therefore,
such a file descriptor may be passed to a process created by another thread
running in parallel to dlopen() or fdlopen().

No other threads are expected to be running during parsing of the hints
and libmap files but the file descriptors need not be passed to child
processes so add O_CLOEXEC there as well.

This change will break fdlopen() (as used by OpenPAM) on kernels without
F_DUPFD_CLOEXEC (added in July). Note that running new userland on old
kernels is not supported.

Reviewed by:	kib
2012-11-04 21:42:24 +00:00
kib
1bcc5f9efe Do not reference z_nodeflib for !objgiven case, thus fixing LD_PRELOAD
for a non-absolute path.

PR:	bin/171604
MFC after:	3 days
2012-09-19 05:11:25 +00:00
kan
60b8513247 Do not call process_nodelete with NULL object pointer.
The place where the function is called can be reached if object loading
and relocation fails too, in which case obj pointer will be NULL. Do not
call process_nodelete then, or crash will follow.

Pointy hat to: kan
2012-08-20 23:43:03 +00:00
kan
225422a69d Pospone the DF_1_NODELETE processing until object DAG is fully loaded.
Trying to up the reference from the load loop risks missing dependencies
that have not been loaded yet.

MFC afer: 1 week
Reported by: nox
Reviewd by: kib
2012-08-14 13:28:30 +00:00
kib
a78a2e3c36 Import the DragonFly BSD commit 4f0bc915b65fcf5a23214f6d221d65c80be68ad4
by John Marino <draco@marino.st>, with the following (edited) commit
message
Date: Sat, 24 Mar 2012 06:40:50 +0100
Subject: [PATCH 1/1] rtld: Implement DT_RUNPATH and -z nodefaultlib

DT_RUNPATH is incorrectly being considered as an alias of DT_RPATH.  The
purpose of DT_RUNPATH is to have two different types of rpath: one that
can be overridden by the environment variable LD_LIBRARY_PATH and one that
can't.  With the currently implementation, LD_LIBRARY_PATH will always
trump any embedded rpath or runpath tags.

Current path search order by rtld:
==================================
LD_LIBRARY_PATH
DT_RPATH / DT_RUNPATH (always the same)
ldconfig hints file (default: /var/run/ld-elf.so.hints)
/usr/lib

New path search order by rtld:
==============================
DT_RPATH of the calling object if no DT_RUNPATH
DT_RPATH of the main binary if no DT_RUNPATH and binary isn't calling obj
LD_LIBRARY_PATH
DT_RUNPATH
ldconfig hints file
/usr/lib

The new path search matches how the linux runtime loader works.  The other
major added feature is support for linker flag "-z nodefaultlib".  When
this flag is passed to the linker, rtld will skip all references to the
standard library search path ("/usr/lib" in this case but it could handle
more color delimited paths) except in DT_RPATH and DT_RUNPATH.

New path search order by rtld with -z nodefaultlib flag set:
============================================================
DT_RPATH of the calling object if no DT_RUNPATH
DT_RPATH of the main binary if no DT_RUNPATH and binary isn't calling obj
LD_LIBRARY_PATH
DT_RUNPATH
ldconfig hints file (skips all references to /usr/lib)

FreeBSD notes:
- we fixed some bugs which were submitted to DragonFly and merged there
  as commit 1ff8a2bd3eb6e5587174c6a983303ea3a79e0002;
- we added LD_LIBRARY_PATH_RPATH environment variable to switch to
  the previous behaviour of considering DT_RPATH a synonym for DT_RUNPATH;
- the FreeBSD default search path is /lib:/usr/lib and not /usr/lib.

Reviewed by:   kan
MFC after:     1 month
MFC note:      flip the ld_library_path_rpath default value for stable/9
2012-07-15 10:53:48 +00:00
kib
5c55d5df9a Ensure that for the object which is a dependency for some filtee,
relocations are performed before the object's initializer is called.
When dlopen()ing an object, relocate the whole DAG rooted in the
object instead of only relocating the object itself and list of newly
loaded dependencies.

Reversed sequence currently can occur if the same object is a
dependency for both filtee and filter, since filtees are loaded
typically during the relocation processing, when some filter
dependencies might be already loaded but not relocated yet.

Reported and tested by:	swills
Reviewed by:	kan
MFC after:	1 week
2012-06-27 20:24:25 +00:00
kib
ef35586c59 Work around a situation where symlook_obj() could be called for the
object for which digest_dynamic1() was not done yet. Just return
EINVAL and do not try to dereference NULL buckets hash array.

This seems to happen on ia64 for rtld object itself, where the
R_IA_64_FPTR64LSB relocations require symbol lookup. The dynamic
linker itself does not rely on identity of the C-level function
pointers (i.e. function descriptors).

Reported and reviewed by:	marcel
MFC after:   8 days
2012-05-05 11:26:08 +00:00
kib
14c0cbcf62 Add GNU hash support for rtld.
Based on dragonflybsd support for GNU hash by John Marino <draco marino st>
Reviewed by:	kan
Tested by:	bapt
MFC after:	2 weeks
2012-04-30 13:31:10 +00:00
kib
8de997e052 Split the symlook_obj1 into a loop iterating over the ELF object symbol
hash elements, and a helper matched_symbol() which match the given hash
entry and request, performing needed type and version checks.

Based on dragonflybsd support for GNU hash by John Marino <draco marino st>
Reviewed by:	kan
Tested by:	bapt
MFC after:	2 weeks
2012-04-30 13:29:21 +00:00
kib
238a397e46 Propagate the current state of rtld_bind_lock to dlopen_object() calls
through the filter loading call chain. This fixes attempts to
write-lock the already locked rtld_bind_lock when filter loading is
initiated by relocation of dlopening dso.

Reported and tested by:	Taku YAMAMOTO <taku tackymt homeip net>
MFC after:	1 week
2012-04-12 10:32:22 +00:00
kib
f391af5039 Properly handle absent AT_CANARY aux entry.
Submitted by:	Andrey Zonov <andrey zonov org>
MFC after:	3 days
2012-04-05 18:47:54 +00:00
kan
f9eb81a651 Remove extra blank line from revious commit.
Submitted by:	trema
2012-04-02 11:59:13 +00:00
kan
abab6bc303 Do not try to adjust stacks if dlopen_object is called too early.
This is a follow-up to r233231, which fixed similar issue with
object initialization code.

Reviewed by:	kib
MFC after:	1 week (with 233231)
2012-04-02 11:50:14 +00:00
kib
ff300c96d0 Fix ia64 build after r233655.
MFC after:	1 week
2012-03-29 17:50:01 +00:00
kib
81a11f5655 Import DragonFly BSD commit
From: Sascha Wildner <saw@online.de>
  Date: Fri, 2 Mar 2012 09:15:56 +0000 (+0100)
  Subject: rtld: Add a special case in do_dlsym() for TLS stored symbols.
  X-Git-Url: http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/1388aaafe730c85693936aaf9bc6d83fc2d981be?hp=bca4412595a8979ab9f1bf36068c806ce88a667a

  rtld: Add a special case in do_dlsym() for TLS stored symbols.

  Submitted-by: Markus Pfeiffer <markus.pfeiffer@morphism.de>

Discussed with:	kan
MFC after:	1 week
2012-03-29 10:32:34 +00:00
kib
4d91f78223 Prevent rtld_verify_object_versions() from being called several times
for the same object. This can happen when object is a dependency of the
dlopen()ed dso. When called several times, we waste time due to unneeded
processing, and memory, because obj->vertab is allocated anew on each
iteration.

Reviewed by:	kan
MFC after:	2 weeks
2012-03-27 14:10:15 +00:00
kib
e546223a7d Remove libssp_nonshared from the rtld linking set. The only use for the
library was definition for the weak alias of __stack_chk_fail.

No objections from:	kan
MFC after:	2 weeks
2012-03-24 19:14:44 +00:00
kib
196786e250 Provide short-circuit exit(3) implementation for rtld.
There is no atexit finalizers in rtld to call on rtld exiting (due to errors).

Submitted by:	bde
No objections from:	kan
MFC after:	2 weeks
2012-03-24 19:13:10 +00:00
kib
625402758b Use xmalloc() instead of malloc() in the places where malloc() calls
are assumed to not fail.

Make the xcalloc() calling conventions follow the calloc(3) calling
conventions and replace unchecked calls to calloc() with calls to
xcalloc().

Remove redundand declarations from xmalloc.c, which are already
present in rtld.h.

Reviewed by:	kan
Discussed with:	bde
MFC after:	2 weeks
2012-03-22 14:20:51 +00:00
kib
c49b39491d Fix several problems with our ELF filters implementation.
Do not relocate twice an object which happens to be needed by loaded
binary (or dso) and some filtee opened due to symbol resolution when
relocating need objects.  Record the state of the relocation
processing in Obj_Entry and short-circuit relocate_objects() if
current object already processed.

Do not call constructors for filtees loaded during the early
relocation processing before image is initialized enough to run
user-provided code.  Filtees are loaded using dlopen_object(), which
normally performs relocation and initialization.  If filtee is
lazy-loaded during the relocation of dso needed by the main object,
dlopen_object() runs too earlier, when most runtime services are not
yet ready.

Postpone the constructors call to the time when main binary and
depended libraries constructors are run, passing the new flag
RTLD_LO_EARLY to dlopen_object().  Symbol lookups callers inform
symlook_* functions about early stage of initialization with
SYMLOOK_EARLY.  Pass flags through all functions participating in
object relocation.

Use the opportunity and fix flags argument to find_symdef() in
arch-specific reloc.c to use proper name SYMLOOK_IN_PLT instead of
true, which happen to have the same numeric value.

Reported and tested by:	theraven
Reviewed by:	kan
MFC after:	2 weeks
2012-03-20 13:20:49 +00:00
kib
6232e80d5b Rtld on diet 3.
Stop using strerror(3) in rtld, which brings in msgcat and stdio.
Directly access sys_errlist array of errno messages with private
rtld_strerror() function.

Now,
$ size /libexec/ld-elf.so.1
   text    data     bss     dec     hex filename
  96983    2480    8744  108207   1a6af /libexec/ld-elf.so.1

Reviewed by:	dim, kan
MFC after:	2 weeks
2012-03-14 15:39:59 +00:00
kib
4f080c8f73 Rtld on diet part 1:
Provide rtld-private implementations of __stack_chk_guard,
__stack_chk_fail() and __chk_fail() symbols, to be used by functions
linked from libc_pic.a.  This avoids use of libc stack_protector.c,
which pulls in syslog(3) and stdio as dependency.

Also, do initialize rtld-private copy __stack_chk_guard, previously
libc-provided one was not initialized, since we do not call rtld
object _init() methods.

Reviewed by:	kan
MFC after:	3 weeks
2012-03-12 12:15:47 +00:00
dim
17e08ea326 Amend r232857, now dropping the casts entirely, as they were not
necessary at all.

Submitted by:	stefanf
2012-03-12 11:22:23 +00:00
dim
c2c20240ed Fix the following warning/error with clang:
libexec/rtld-elf/rtld.c:1898:22: error: comparison between pointer and integer ('Elf_Addr *' (aka 'unsigned int *') and 'Elf_Addr' (aka 'unsigned int')) [-Werror]
    if (preinit_addr == (Elf_Addr)NULL)
        ~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~~
libexec/rtld-elf/rtld.c:2039:16: error: comparison between pointer and integer ('Elf_Addr *' (aka 'unsigned int *') and 'Elf_Addr' (aka 'unsigned int')) [-Werror]
        if (init_addr != (Elf_Addr)NULL) {
            ~~~~~~~~~ ^  ~~~~~~~~~~~~~~

Reviewed by:	kib
2012-03-12 11:04:48 +00:00
kib
95d1e3d11b Add support for preinit, init and fini arrays. Some ABIs, in
particular on ARM, do require working init arrays.

Traditional FreeBSD crt1 calls _init and _fini of the binary, instead
of allowing runtime linker to arrange the calls.  This was probably
done to have the same crt code serve both statically and dynamically
linked binaries.  Since ABI mandates that first is called preinit
array functions, then init, and then init array functions, the init
have to be called from rtld now.

To provide binary compatibility to old FreeBSD crt1, which calls _init
itself, rtld only calls intializers and finalizers for main binary if
binary has a note indicating that new crt was used for linking.  Add
parsing of ELF notes to rtld, and cache p_osrel value since we parsed
it anyway.

The patch is inspired by init_array support for DragonflyBSD, written
by John Marino.

Reviewed by:	kan
Tested by:	andrew (arm, previous version), flo (sparc64, previous version)
MFC after:	3 weeks
2012-03-11 20:03:09 +00:00
kib
fb48ba5d90 Optimize tls_get_addr_common(). The change provides around 30% speedup
for TLS microbenchmark using global-dynamic TLS model on amd64 (which is
default for PIC dso objects).

Split the slow path into tls_get_addr_slow(), for which inlining is
disabled. This prevents the registers spill on tls_get_addr_common()
entry.

Provide static branch hint to the compiler, indicating that slow path
is not likely to be taken.

While there, do some minimal style adjustments.

Reported and tested by:	davidxu
MFC after:	1 week
2012-03-10 08:49:44 +00:00
gonzo
ffed3e927f Add thread-local storage support for ARM to rtld-elf
Reviewed by:    cognet
Obtained from:  NetBSD
2012-02-14 00:16:34 +00:00
kib
a06d0248d2 Add missed EOL when die() was converted to use rtld_fdputstr() instead
of errx().

Reported by:	amdmi3
PR:	bin/165075
MFC after:	3 days
2012-02-13 11:15:29 +00:00
gonzo
62e9090653 Switch MIPS TLS implementation to Variant I 2012-02-10 06:42:50 +00:00
kib
e6736c915b Add support for GNU RELRO.
Submitted by:	John Marino <draco marino st>
MFC after:	2 weeks
2012-01-30 19:52:17 +00:00
kib
2685c039fc Implement fdlopen(3), an rtld interface to load shared object by file
descriptor.

Requested and tested by:	des (previous version)
Reviewed by:  des, kan (previous version)
MFC after:    2 weeks
2012-01-07 10:33:01 +00:00
kib
28642efd92 Postpone the resolution of IRELATIVE relocations and IFUNC-targeted
relocations until tls is initialized and stacks permissions correctly
set. This allows the ifunc to call malloc(3) and some other heavy
services.

Add debug banner.

MFC after:	3 days
2012-01-04 17:17:11 +00:00
kib
3513d1ffea _rtld_bind() read-locks the bind lock, and possible plt resolution
from the dispatcher would also acquire bind lock in read mode, which
is the supported operation. plt is explicitely designed to allow safe
multithreaded updates, so the shared lock do not cause problems.

The error in r228435 is that it allows read lock acquisition after the
write lock for the bind block.  If we dlopened the shared object that
contains IRELATIVE or jump slot which target is STT_GNU_IFUNC, then
possible recursive plt resolve from the dispatcher would cause it.

Postpone the resolution for irelative/ifunc right before initializers
are called, and drop bind lock around calls to dispatcher.  Use
initlist to iterate over the objects instead of the ->next, due to
drop of the bind lock in iteration.

For i386/reloc.c:reloc_iresolve(), fix calculation of the dispatch
function address for dso, by taking into account possible non-zero
relocbase.

MFC after:	3 weeks
2011-12-14 16:47:53 +00:00
kib
a95b8e72c8 Add support for STT_GNU_IFUNC and R_MACHINE_IRELATIVE GNU extensions to
rtld on 386 and amd64. This adds runtime bits neccessary for the use
of the dispatch functions from the dynamically-linked executables and
shared libraries.

To allow use of external references from the dispatch function, resolution
of the R_MACHINE_IRESOLVE relocations in PLT is postponed until GOT entries
for PLT are prepared, and normal resolution of the GOT entries is finished.
Similar to how it is done by GNU, IRELATIVE relocations are resolved in
advance, instead of normal lazy handling for PLT.

Move the init_pltgot() call before the relocations for the object are
processed.

MFC after:	3 weeks
2011-12-12 11:03:14 +00:00
kib
e9eec31614 Fix fd leak.
Reported by:	slonoman2011 yandex ru
MFC after:	1 week
2011-11-18 09:55:47 +00:00
kib
85d4378ca8 Setting up TLS block for the main thread must be done after the
relocations are processed, since tls initialization section might be
itself subject for relocations. Only set up of the block is postponed,
the tls block offsets are allocated before relocation processing, since
TLS-related relocations may need offsets ready.

Reported by:	ale
PR:	threads/161344
Reviewed by:	kan
MFC after:	1 week
2011-10-08 12:39:47 +00:00
kib
75884f107c Use the proper dynamic tls block to calculate the tls variable address
in case tls data generation was updated.

PR:	misc/160721
Submitted by:	"Thinker K.F. Li" <thinker codemud net>
Tested by:	flo
Approved by:	re (bz)
MFC after:	1 week
2011-09-15 11:50:09 +00:00
dim
8e7c067b29 When libexec/rtld-elf/rtld.c is compiled with clang, the r_debug_state()
function (a hook necessary for gdb support), is inlined, but since the
function contains no code, no calls to it are generated.  When gdb is
debugging a dynamically linked program, this causes backtraces to be
corrupted.

Fix it by marking the function __noinline, and inserting an empty asm
statement, that pretends to clobber memory.  This forces the compiler to
emit calls to r_debug_state() throughout rtld.c.

Approved by:	re (kib)
2011-09-03 11:41:00 +00:00
kib
6a79063187 Rtld links with the specially built pic static libc library to get some
C runtime services, like printf(). Unfortunately, the multithread-safeness
measures in the libc do not work in rtld environment.

Rip the kernel printf() implementation and use it in the rtld instead of
libc version. This printf does not require any shared global data and thus
is mt-safe. Systematically use rtld_printf() and related functions, remove
the calls to err(3).

Note that stdio is still pulled from libc due to libmap implementaion using
fopen(). This is safe but unoptimal, and can be changed later.

Reported and tested by:	pgj
Diagnosed and reviewed by:	kan (previous version)
Approved by:	re (bz)
2011-08-24 20:05:13 +00:00
benl
2071e3510a Fix clang warnings.
Approved by:	philip (mentor)
2011-06-18 13:56:33 +00:00
avg
15ff949f29 rtld: eliminate double call to close(2) that may occur in load_object
The second close(2) call resulted in heisenbugs in some multi-threaded
applications where e.g. dlopen(3) call in one thread could close a file
descriptor for a file having been opened in other thread concurrently.

My litmus test for this issue was an openoffice.org build.

Reviewed by:	jhb
MFC after:	2 weeks
2011-03-25 18:23:10 +00:00
kib
2d3fe26ede Use sigsetjmp/siglongjmp with disabled signal mask access for
lock upgrade in rtld. There is no need to care about the mask,
which causes a lot of unneeded sigprocmask(2) calls during each
symbol lookup.
2011-02-09 09:20:27 +00:00
kib
1b9efc11ba Fix grammar in comment.
Pointy hat to:	kib
MFC after:	1 week
2011-01-30 16:21:25 +00:00