1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include "linker_main.h" 30 31 #include <link.h> 32 #include <sys/auxv.h> 33 34 #include "linker_debug.h" 35 #include "linker_cfi.h" 36 #include "linker_gdb_support.h" 37 #include "linker_globals.h" 38 #include "linker_phdr.h" 39 #include "linker_tls.h" 40 #include "linker_utils.h" 41 42 #include "private/bionic_globals.h" 43 #include "private/bionic_tls.h" 44 #include "private/KernelArgumentBlock.h" 45 46 #include "android-base/unique_fd.h" 47 #include "android-base/strings.h" 48 #include "android-base/stringprintf.h" 49 #ifdef __ANDROID__ 50 #include "debuggerd/handler.h" 51 #endif 52 53 #include <async_safe/log.h> 54 #include <bionic/libc_init_common.h> 55 #include <bionic/pthread_internal.h> 56 57 #include <vector> 58 59 __LIBC_HIDDEN__ extern "C" void _start(); 60 61 static ElfW(Addr) get_elf_exec_load_bias(const ElfW(Ehdr)* elf); 62 63 static void get_elf_base_from_phdr(const ElfW(Phdr)* phdr_table, size_t phdr_count, 64 ElfW(Addr)* base, ElfW(Addr)* load_bias); 65 66 // These should be preserved static to avoid emitting 67 // RELATIVE relocations for the part of the code running 68 // before linker links itself. 69 70 // TODO (dimtiry): remove somain, rename solist to solist_head 71 static soinfo* solist; 72 static soinfo* sonext; 73 static soinfo* somain; // main process, always the one after libdl_info 74 static soinfo* solinker; 75 static soinfo* vdso; // vdso if present 76 77 void solist_add_soinfo(soinfo* si) { 78 sonext->next = si; 79 sonext = si; 80 } 81 82 bool solist_remove_soinfo(soinfo* si) { 83 soinfo *prev = nullptr, *trav; 84 for (trav = solist; trav != nullptr; trav = trav->next) { 85 if (trav == si) { 86 break; 87 } 88 prev = trav; 89 } 90 91 if (trav == nullptr) { 92 // si was not in solist 93 PRINT("name \"%s\"@%p is not in solist!", si->get_realpath(), si); 94 return false; 95 } 96 97 // prev will never be null, because the first entry in solist is 98 // always the static libdl_info. 99 CHECK(prev != nullptr); 100 prev->next = si->next; 101 if (si == sonext) { 102 sonext = prev; 103 } 104 105 return true; 106 } 107 108 soinfo* solist_get_head() { 109 return solist; 110 } 111 112 soinfo* solist_get_somain() { 113 return somain; 114 } 115 116 soinfo* solist_get_vdso() { 117 return vdso; 118 } 119 120 int g_ld_debug_verbosity; 121 122 static std::vector<std::string> g_ld_preload_names; 123 124 static std::vector<soinfo*> g_ld_preloads; 125 126 static void parse_path(const char* path, const char* delimiters, 127 std::vector<std::string>* resolved_paths) { 128 std::vector<std::string> paths; 129 split_path(path, delimiters, &paths); 130 resolve_paths(paths, resolved_paths); 131 } 132 133 static void parse_LD_LIBRARY_PATH(const char* path) { 134 std::vector<std::string> ld_libary_paths; 135 parse_path(path, ":", &ld_libary_paths); 136 g_default_namespace.set_ld_library_paths(std::move(ld_libary_paths)); 137 } 138 139 static void parse_LD_PRELOAD(const char* path) { 140 g_ld_preload_names.clear(); 141 if (path != nullptr) { 142 // We have historically supported ':' as well as ' ' in LD_PRELOAD. 143 g_ld_preload_names = android::base::Split(path, " :"); 144 g_ld_preload_names.erase(std::remove_if(g_ld_preload_names.begin(), g_ld_preload_names.end(), 145 [](const std::string& s) { return s.empty(); }), 146 g_ld_preload_names.end()); 147 } 148 } 149 150 // An empty list of soinfos 151 static soinfo_list_t g_empty_list; 152 153 static void add_vdso() { 154 ElfW(Ehdr)* ehdr_vdso = reinterpret_cast<ElfW(Ehdr)*>(getauxval(AT_SYSINFO_EHDR)); 155 if (ehdr_vdso == nullptr) { 156 return; 157 } 158 159 soinfo* si = soinfo_alloc(&g_default_namespace, "[vdso]", nullptr, 0, 0); 160 161 si->phdr = reinterpret_cast<ElfW(Phdr)*>(reinterpret_cast<char*>(ehdr_vdso) + ehdr_vdso->e_phoff); 162 si->phnum = ehdr_vdso->e_phnum; 163 si->base = reinterpret_cast<ElfW(Addr)>(ehdr_vdso); 164 si->size = phdr_table_get_load_size(si->phdr, si->phnum); 165 si->load_bias = get_elf_exec_load_bias(ehdr_vdso); 166 167 si->prelink_image(); 168 si->link_image(g_empty_list, soinfo_list_t::make_list(si), nullptr, nullptr); 169 // prevents accidental unloads... 170 si->set_dt_flags_1(si->get_dt_flags_1() | DF_1_NODELETE); 171 si->set_linked(); 172 si->call_constructors(); 173 174 vdso = si; 175 } 176 177 // Initializes an soinfo's link_map_head field using other fields from the 178 // soinfo (phdr, phnum, load_bias). 179 static void init_link_map_head(soinfo& info, const char* linker_path) { 180 auto& map = info.link_map_head; 181 map.l_addr = info.load_bias; 182 map.l_name = const_cast<char*>(linker_path); 183 phdr_table_get_dynamic_section(info.phdr, info.phnum, info.load_bias, &map.l_ld, nullptr); 184 } 185 186 extern "C" int __system_properties_init(void); 187 188 struct ExecutableInfo { 189 std::string path; 190 struct stat file_stat; 191 const ElfW(Phdr)* phdr; 192 size_t phdr_count; 193 ElfW(Addr) entry_point; 194 }; 195 196 static ExecutableInfo get_executable_info() { 197 ExecutableInfo result = {}; 198 199 if (is_first_stage_init()) { 200 // /proc fs is not mounted when first stage init starts. Therefore we can't 201 // use /proc/self/exe for init. 202 stat("/init", &result.file_stat); 203 204 // /init may be a symlink, so try to read it as such. 205 char path[PATH_MAX]; 206 ssize_t path_len = readlink("/init", path, sizeof(path)); 207 if (path_len == -1 || path_len >= static_cast<ssize_t>(sizeof(path))) { 208 result.path = "/init"; 209 } else { 210 result.path = std::string(path, path_len); 211 } 212 } else { 213 // Stat "/proc/self/exe" instead of executable_path because 214 // the executable could be unlinked by this point and it should 215 // not cause a crash (see http://b/31084669) 216 if (TEMP_FAILURE_RETRY(stat("/proc/self/exe", &result.file_stat)) != 0) { 217 async_safe_fatal("unable to stat \"/proc/self/exe\": %s", strerror(errno)); 218 } 219 char path[PATH_MAX]; 220 ssize_t path_len = readlink("/proc/self/exe", path, sizeof(path)); 221 if (path_len == -1 || path_len >= static_cast<ssize_t>(sizeof(path))) { 222 async_safe_fatal("readlink('/proc/self/exe') failed: %s", strerror(errno)); 223 } 224 result.path = std::string(path, path_len); 225 } 226 227 result.phdr = reinterpret_cast<const ElfW(Phdr)*>(getauxval(AT_PHDR)); 228 result.phdr_count = getauxval(AT_PHNUM); 229 result.entry_point = getauxval(AT_ENTRY); 230 return result; 231 } 232 233 #if defined(__LP64__) 234 static char kLinkerPath[] = "/system/bin/linker64"; 235 #else 236 static char kLinkerPath[] = "/system/bin/linker"; 237 #endif 238 239 __printflike(1, 2) 240 static void __linker_error(const char* fmt, ...) { 241 va_list ap; 242 243 va_start(ap, fmt); 244 async_safe_format_fd_va_list(STDERR_FILENO, fmt, ap); 245 va_end(ap); 246 247 va_start(ap, fmt); 248 async_safe_format_log_va_list(ANDROID_LOG_FATAL, "linker", fmt, ap); 249 va_end(ap); 250 251 _exit(EXIT_FAILURE); 252 } 253 254 static void __linker_cannot_link(const char* argv0) { 255 __linker_error("CANNOT LINK EXECUTABLE \"%s\": %s\n", 256 argv0, 257 linker_get_error_buffer()); 258 } 259 260 // Load an executable. Normally the kernel has already loaded the executable when the linker 261 // starts. The linker can be invoked directly on an executable, though, and then the linker must 262 // load it. This function doesn't load dependencies or resolve relocations. 263 static ExecutableInfo load_executable(const char* orig_path) { 264 ExecutableInfo result = {}; 265 266 if (orig_path[0] != '/') { 267 __linker_error("error: expected absolute path: \"%s\"\n", orig_path); 268 } 269 270 off64_t file_offset; 271 android::base::unique_fd fd(open_executable(orig_path, &file_offset, &result.path)); 272 if (fd.get() == -1) { 273 __linker_error("error: unable to open file \"%s\"\n", orig_path); 274 } 275 276 if (TEMP_FAILURE_RETRY(fstat(fd.get(), &result.file_stat)) == -1) { 277 __linker_error("error: unable to stat \"%s\": %s\n", result.path.c_str(), strerror(errno)); 278 } 279 280 ElfReader elf_reader; 281 if (!elf_reader.Read(result.path.c_str(), fd.get(), file_offset, result.file_stat.st_size)) { 282 __linker_error("error: %s\n", linker_get_error_buffer()); 283 } 284 address_space_params address_space; 285 if (!elf_reader.Load(&address_space)) { 286 __linker_error("error: %s\n", linker_get_error_buffer()); 287 } 288 289 result.phdr = elf_reader.loaded_phdr(); 290 result.phdr_count = elf_reader.phdr_count(); 291 result.entry_point = elf_reader.entry_point(); 292 return result; 293 } 294 295 static ElfW(Addr) linker_main(KernelArgumentBlock& args, const char* exe_to_load) { 296 ProtectedDataGuard guard; 297 298 #if TIMING 299 struct timeval t0, t1; 300 gettimeofday(&t0, 0); 301 #endif 302 303 // Sanitize the environment. 304 __libc_init_AT_SECURE(args.envp); 305 306 // Initialize system properties 307 __system_properties_init(); // may use 'environ' 308 309 // Register the debuggerd signal handler. 310 #ifdef __ANDROID__ 311 debuggerd_callbacks_t callbacks = { 312 .get_abort_message = []() { 313 return __libc_shared_globals()->abort_msg; 314 }, 315 .post_dump = ¬ify_gdb_of_libraries, 316 }; 317 debuggerd_init(&callbacks); 318 #endif 319 320 g_linker_logger.ResetState(); 321 322 // Get a few environment variables. 323 const char* LD_DEBUG = getenv("LD_DEBUG"); 324 if (LD_DEBUG != nullptr) { 325 g_ld_debug_verbosity = atoi(LD_DEBUG); 326 } 327 328 #if defined(__LP64__) 329 INFO("[ Android dynamic linker (64-bit) ]"); 330 #else 331 INFO("[ Android dynamic linker (32-bit) ]"); 332 #endif 333 334 // These should have been sanitized by __libc_init_AT_SECURE, but the test 335 // doesn't cost us anything. 336 const char* ldpath_env = nullptr; 337 const char* ldpreload_env = nullptr; 338 if (!getauxval(AT_SECURE)) { 339 ldpath_env = getenv("LD_LIBRARY_PATH"); 340 if (ldpath_env != nullptr) { 341 INFO("[ LD_LIBRARY_PATH set to \"%s\" ]", ldpath_env); 342 } 343 ldpreload_env = getenv("LD_PRELOAD"); 344 if (ldpreload_env != nullptr) { 345 INFO("[ LD_PRELOAD set to \"%s\" ]", ldpreload_env); 346 } 347 } 348 349 const ExecutableInfo exe_info = exe_to_load ? load_executable(exe_to_load) : 350 get_executable_info(); 351 352 // Assign to a static variable for the sake of the debug map, which needs 353 // a C-style string to last until the program exits. 354 static std::string exe_path = exe_info.path; 355 356 INFO("[ Linking executable \"%s\" ]", exe_path.c_str()); 357 358 // Initialize the main exe's soinfo. 359 soinfo* si = soinfo_alloc(&g_default_namespace, 360 exe_path.c_str(), &exe_info.file_stat, 361 0, RTLD_GLOBAL); 362 somain = si; 363 si->phdr = exe_info.phdr; 364 si->phnum = exe_info.phdr_count; 365 get_elf_base_from_phdr(si->phdr, si->phnum, &si->base, &si->load_bias); 366 si->size = phdr_table_get_load_size(si->phdr, si->phnum); 367 si->dynamic = nullptr; 368 si->set_main_executable(); 369 init_link_map_head(*si, exe_path.c_str()); 370 371 // Register the main executable and the linker upfront to have 372 // gdb aware of them before loading the rest of the dependency 373 // tree. 374 // 375 // gdb expects the linker to be in the debug shared object list. 376 // Without this, gdb has trouble locating the linker's ".text" 377 // and ".plt" sections. Gdb could also potentially use this to 378 // relocate the offset of our exported 'rtld_db_dlactivity' symbol. 379 // 380 insert_link_map_into_debug_map(&si->link_map_head); 381 insert_link_map_into_debug_map(&solinker->link_map_head); 382 383 add_vdso(); 384 385 ElfW(Ehdr)* elf_hdr = reinterpret_cast<ElfW(Ehdr)*>(si->base); 386 387 // We haven't supported non-PIE since Lollipop for security reasons. 388 if (elf_hdr->e_type != ET_DYN) { 389 // We don't use async_safe_fatal here because we don't want a tombstone: 390 // even after several years we still find ourselves on app compatibility 391 // investigations because some app's trying to launch an executable that 392 // hasn't worked in at least three years, and we've "helpfully" dropped a 393 // tombstone for them. The tombstone never provided any detail relevant to 394 // fixing the problem anyway, and the utility of drawing extra attention 395 // to the problem is non-existent at this late date. 396 async_safe_format_fd(STDERR_FILENO, 397 "\"%s\": error: Android 5.0 and later only support " 398 "position-independent executables (-fPIE).\n", 399 g_argv[0]); 400 exit(EXIT_FAILURE); 401 } 402 403 // Use LD_LIBRARY_PATH and LD_PRELOAD (but only if we aren't setuid/setgid). 404 parse_LD_LIBRARY_PATH(ldpath_env); 405 parse_LD_PRELOAD(ldpreload_env); 406 407 std::vector<android_namespace_t*> namespaces = init_default_namespaces(exe_path.c_str()); 408 409 if (!si->prelink_image()) __linker_cannot_link(g_argv[0]); 410 411 // add somain to global group 412 si->set_dt_flags_1(si->get_dt_flags_1() | DF_1_GLOBAL); 413 // ... and add it to all other linked namespaces 414 for (auto linked_ns : namespaces) { 415 if (linked_ns != &g_default_namespace) { 416 linked_ns->add_soinfo(somain); 417 somain->add_secondary_namespace(linked_ns); 418 } 419 } 420 421 linker_setup_exe_static_tls(g_argv[0]); 422 423 // Load ld_preloads and dependencies. 424 std::vector<const char*> needed_library_name_list; 425 size_t ld_preloads_count = 0; 426 427 for (const auto& ld_preload_name : g_ld_preload_names) { 428 needed_library_name_list.push_back(ld_preload_name.c_str()); 429 ++ld_preloads_count; 430 } 431 432 for_each_dt_needed(si, [&](const char* name) { 433 needed_library_name_list.push_back(name); 434 }); 435 436 const char** needed_library_names = &needed_library_name_list[0]; 437 size_t needed_libraries_count = needed_library_name_list.size(); 438 439 if (needed_libraries_count > 0 && 440 !find_libraries(&g_default_namespace, 441 si, 442 needed_library_names, 443 needed_libraries_count, 444 nullptr, 445 &g_ld_preloads, 446 ld_preloads_count, 447 RTLD_GLOBAL, 448 nullptr, 449 true /* add_as_children */, 450 true /* search_linked_namespaces */, 451 &namespaces)) { 452 __linker_cannot_link(g_argv[0]); 453 } else if (needed_libraries_count == 0) { 454 if (!si->link_image(g_empty_list, soinfo_list_t::make_list(si), nullptr, nullptr)) { 455 __linker_cannot_link(g_argv[0]); 456 } 457 si->increment_ref_count(); 458 } 459 460 linker_finalize_static_tls(); 461 __libc_init_main_thread_final(); 462 463 if (!get_cfi_shadow()->InitialLinkDone(solist)) __linker_cannot_link(g_argv[0]); 464 465 si->call_pre_init_constructors(); 466 si->call_constructors(); 467 468 #if TIMING 469 gettimeofday(&t1, nullptr); 470 PRINT("LINKER TIME: %s: %d microseconds", g_argv[0], (int) ( 471 (((long long)t1.tv_sec * 1000000LL) + (long long)t1.tv_usec) - 472 (((long long)t0.tv_sec * 1000000LL) + (long long)t0.tv_usec))); 473 #endif 474 #if STATS 475 PRINT("RELO STATS: %s: %d abs, %d rel, %d copy, %d symbol", g_argv[0], 476 linker_stats.count[kRelocAbsolute], 477 linker_stats.count[kRelocRelative], 478 linker_stats.count[kRelocCopy], 479 linker_stats.count[kRelocSymbol]); 480 #endif 481 #if COUNT_PAGES 482 { 483 unsigned n; 484 unsigned i; 485 unsigned count = 0; 486 for (n = 0; n < 4096; n++) { 487 if (bitmask[n]) { 488 unsigned x = bitmask[n]; 489 #if defined(__LP64__) 490 for (i = 0; i < 32; i++) { 491 #else 492 for (i = 0; i < 8; i++) { 493 #endif 494 if (x & 1) { 495 count++; 496 } 497 x >>= 1; 498 } 499 } 500 } 501 PRINT("PAGES MODIFIED: %s: %d (%dKB)", g_argv[0], count, count * 4); 502 } 503 #endif 504 505 #if TIMING || STATS || COUNT_PAGES 506 fflush(stdout); 507 #endif 508 509 // We are about to hand control over to the executable loaded. We don't want 510 // to leave dirty pages behind unnecessarily. 511 purge_unused_memory(); 512 513 ElfW(Addr) entry = exe_info.entry_point; 514 TRACE("[ Ready to execute \"%s\" @ %p ]", si->get_realpath(), reinterpret_cast<void*>(entry)); 515 return entry; 516 } 517 518 /* Compute the load-bias of an existing executable. This shall only 519 * be used to compute the load bias of an executable or shared library 520 * that was loaded by the kernel itself. 521 * 522 * Input: 523 * elf -> address of ELF header, assumed to be at the start of the file. 524 * Return: 525 * load bias, i.e. add the value of any p_vaddr in the file to get 526 * the corresponding address in memory. 527 */ 528 static ElfW(Addr) get_elf_exec_load_bias(const ElfW(Ehdr)* elf) { 529 ElfW(Addr) offset = elf->e_phoff; 530 const ElfW(Phdr)* phdr_table = 531 reinterpret_cast<const ElfW(Phdr)*>(reinterpret_cast<uintptr_t>(elf) + offset); 532 const ElfW(Phdr)* phdr_end = phdr_table + elf->e_phnum; 533 534 for (const ElfW(Phdr)* phdr = phdr_table; phdr < phdr_end; phdr++) { 535 if (phdr->p_type == PT_LOAD) { 536 return reinterpret_cast<ElfW(Addr)>(elf) + phdr->p_offset - phdr->p_vaddr; 537 } 538 } 539 return 0; 540 } 541 542 /* Find the load bias and base address of an executable or shared object loaded 543 * by the kernel. The ELF file's PHDR table must have a PT_PHDR entry. 544 * 545 * A VDSO doesn't have a PT_PHDR entry in its PHDR table. 546 */ 547 static void get_elf_base_from_phdr(const ElfW(Phdr)* phdr_table, size_t phdr_count, 548 ElfW(Addr)* base, ElfW(Addr)* load_bias) { 549 for (size_t i = 0; i < phdr_count; ++i) { 550 if (phdr_table[i].p_type == PT_PHDR) { 551 *load_bias = reinterpret_cast<ElfW(Addr)>(phdr_table) - phdr_table[i].p_vaddr; 552 *base = reinterpret_cast<ElfW(Addr)>(phdr_table) - phdr_table[i].p_offset; 553 return; 554 } 555 } 556 async_safe_fatal("Could not find a PHDR: broken executable?"); 557 } 558 559 // Detect an attempt to run the linker on itself. e.g.: 560 // /system/bin/linker64 /system/bin/linker64 561 // Use priority-1 to run this constructor before other constructors. 562 __attribute__((constructor(1))) static void detect_self_exec() { 563 // Normally, the linker initializes the auxv global before calling its 564 // constructors. If the linker loads itself, though, the first loader calls 565 // the second loader's constructors before calling __linker_init. 566 if (__libc_shared_globals()->auxv != nullptr) { 567 return; 568 } 569 #if defined(__i386__) 570 // We don't have access to the auxv struct from here, so use the int 0x80 571 // fallback. 572 __libc_sysinfo = reinterpret_cast<void*>(__libc_int0x80); 573 #endif 574 __linker_error("error: linker cannot load itself\n"); 575 } 576 577 static ElfW(Addr) __attribute__((noinline)) 578 __linker_init_post_relocation(KernelArgumentBlock& args, soinfo& linker_so); 579 580 /* 581 * This is the entry point for the linker, called from begin.S. This 582 * method is responsible for fixing the linker's own relocations, and 583 * then calling __linker_init_post_relocation(). 584 * 585 * Because this method is called before the linker has fixed it's own 586 * relocations, any attempt to reference an extern variable, extern 587 * function, or other GOT reference will generate a segfault. 588 */ 589 extern "C" ElfW(Addr) __linker_init(void* raw_args) { 590 // Initialize TLS early so system calls and errno work. 591 KernelArgumentBlock args(raw_args); 592 bionic_tcb temp_tcb = {}; 593 __libc_init_main_thread_early(args, &temp_tcb); 594 595 // When the linker is run by itself (rather than as an interpreter for 596 // another program), AT_BASE is 0. 597 ElfW(Addr) linker_addr = getauxval(AT_BASE); 598 if (linker_addr == 0) { 599 // The AT_PHDR and AT_PHNUM aux values describe this linker instance, so use 600 // the phdr to find the linker's base address. 601 ElfW(Addr) load_bias; 602 get_elf_base_from_phdr( 603 reinterpret_cast<ElfW(Phdr)*>(getauxval(AT_PHDR)), getauxval(AT_PHNUM), 604 &linker_addr, &load_bias); 605 } 606 607 ElfW(Ehdr)* elf_hdr = reinterpret_cast<ElfW(Ehdr)*>(linker_addr); 608 ElfW(Phdr)* phdr = reinterpret_cast<ElfW(Phdr)*>(linker_addr + elf_hdr->e_phoff); 609 610 soinfo tmp_linker_so(nullptr, nullptr, nullptr, 0, 0); 611 612 tmp_linker_so.base = linker_addr; 613 tmp_linker_so.size = phdr_table_get_load_size(phdr, elf_hdr->e_phnum); 614 tmp_linker_so.load_bias = get_elf_exec_load_bias(elf_hdr); 615 tmp_linker_so.dynamic = nullptr; 616 tmp_linker_so.phdr = phdr; 617 tmp_linker_so.phnum = elf_hdr->e_phnum; 618 tmp_linker_so.set_linker_flag(); 619 620 // Prelink the linker so we can access linker globals. 621 if (!tmp_linker_so.prelink_image()) __linker_cannot_link(args.argv[0]); 622 623 // This might not be obvious... The reasons why we pass g_empty_list 624 // in place of local_group here are (1) we do not really need it, because 625 // linker is built with DT_SYMBOLIC and therefore relocates its symbols against 626 // itself without having to look into local_group and (2) allocators 627 // are not yet initialized, and therefore we cannot use linked_list.push_* 628 // functions at this point. 629 if (!tmp_linker_so.link_image(g_empty_list, g_empty_list, nullptr, nullptr)) __linker_cannot_link(args.argv[0]); 630 631 return __linker_init_post_relocation(args, tmp_linker_so); 632 } 633 634 /* 635 * This code is called after the linker has linked itself and fixed its own 636 * GOT. It is safe to make references to externs and other non-local data at 637 * this point. The compiler sometimes moves GOT references earlier in a 638 * function, so avoid inlining this function (http://b/80503879). 639 */ 640 static ElfW(Addr) __attribute__((noinline)) 641 __linker_init_post_relocation(KernelArgumentBlock& args, soinfo& tmp_linker_so) { 642 // Finish initializing the main thread. 643 __libc_init_main_thread_late(); 644 645 // We didn't protect the linker's RELRO pages in link_image because we 646 // couldn't make system calls on x86 at that point, but we can now... 647 if (!tmp_linker_so.protect_relro()) __linker_cannot_link(args.argv[0]); 648 649 // Initialize the linker's static libc's globals 650 __libc_init_globals(); 651 652 // Initialize the linker's own global variables 653 tmp_linker_so.call_constructors(); 654 655 // When the linker is run directly rather than acting as PT_INTERP, parse 656 // arguments and determine the executable to load. When it's instead acting 657 // as PT_INTERP, AT_ENTRY will refer to the loaded executable rather than the 658 // linker's _start. 659 const char* exe_to_load = nullptr; 660 if (getauxval(AT_ENTRY) == reinterpret_cast<uintptr_t>(&_start)) { 661 if (args.argc <= 1 || !strcmp(args.argv[1], "--help")) { 662 async_safe_format_fd(STDOUT_FILENO, 663 "Usage: %s program [arguments...]\n" 664 " %s path.zip!/program [arguments...]\n" 665 "\n" 666 "A helper program for linking dynamic executables. Typically, the kernel loads\n" 667 "this program because it's the PT_INTERP of a dynamic executable.\n" 668 "\n" 669 "This program can also be run directly to load and run a dynamic executable. The\n" 670 "executable can be inside a zip file if it's stored uncompressed and at a\n" 671 "page-aligned offset.\n", 672 args.argv[0], args.argv[0]); 673 exit(0); 674 } 675 exe_to_load = args.argv[1]; 676 __libc_shared_globals()->initial_linker_arg_count = 1; 677 } 678 679 // store argc/argv/envp to use them for calling constructors 680 g_argc = args.argc - __libc_shared_globals()->initial_linker_arg_count; 681 g_argv = args.argv + __libc_shared_globals()->initial_linker_arg_count; 682 g_envp = args.envp; 683 __libc_shared_globals()->init_progname = g_argv[0]; 684 685 // Initialize static variables. Note that in order to 686 // get correct libdl_info we need to call constructors 687 // before get_libdl_info(). 688 sonext = solist = solinker = get_libdl_info(kLinkerPath, tmp_linker_so); 689 g_default_namespace.add_soinfo(solinker); 690 init_link_map_head(*solinker, kLinkerPath); 691 692 ElfW(Addr) start_address = linker_main(args, exe_to_load); 693 694 INFO("[ Jumping to _start (%p)... ]", reinterpret_cast<void*>(start_address)); 695 696 // Return the address that the calling assembly stub should jump to. 697 return start_address; 698 } 699
