1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/mozglue/linker/CustomElf.cpp Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,847 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this file,
1.6 + * You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#include <cstring>
1.9 +#include <sys/mman.h>
1.10 +#include <vector>
1.11 +#include <dlfcn.h>
1.12 +#include "CustomElf.h"
1.13 +#include "Mappable.h"
1.14 +#include "Logging.h"
1.15 +
1.16 +using namespace Elf;
1.17 +using namespace mozilla;
1.18 +
1.19 +/* TODO: Fill ElfLoader::Singleton.lastError on errors. */
1.20 +
1.21 +/* Function used to report library mappings from the custom linker to Gecko
1.22 + * crash reporter */
1.23 +#ifdef ANDROID
1.24 +extern "C" {
1.25 + void report_mapping(char *name, void *base, uint32_t len, uint32_t offset);
1.26 +}
1.27 +#else
1.28 +#define report_mapping(...)
1.29 +#endif
1.30 +
1.31 +const Ehdr *Ehdr::validate(const void *buf)
1.32 +{
1.33 + if (!buf || buf == MAP_FAILED)
1.34 + return nullptr;
1.35 +
1.36 + const Ehdr *ehdr = reinterpret_cast<const Ehdr *>(buf);
1.37 +
1.38 + /* Only support ELF executables or libraries for the host system */
1.39 + if (memcmp(ELFMAG, &ehdr->e_ident, SELFMAG) ||
1.40 + ehdr->e_ident[EI_CLASS] != ELFCLASS ||
1.41 + ehdr->e_ident[EI_DATA] != ELFDATA ||
1.42 + ehdr->e_ident[EI_VERSION] != 1 ||
1.43 + (ehdr->e_ident[EI_OSABI] != ELFOSABI && ehdr->e_ident[EI_OSABI] != ELFOSABI_NONE) ||
1.44 +#ifdef EI_ABIVERSION
1.45 + ehdr->e_ident[EI_ABIVERSION] != ELFABIVERSION ||
1.46 +#endif
1.47 + (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN) ||
1.48 + ehdr->e_machine != ELFMACHINE ||
1.49 + ehdr->e_version != 1 ||
1.50 + ehdr->e_phentsize != sizeof(Phdr))
1.51 + return nullptr;
1.52 +
1.53 + return ehdr;
1.54 +}
1.55 +
1.56 +namespace {
1.57 +
1.58 +void debug_phdr(const char *type, const Phdr *phdr)
1.59 +{
1.60 + DEBUG_LOG("%s @0x%08" PRIxAddr " ("
1.61 + "filesz: 0x%08" PRIxAddr ", "
1.62 + "memsz: 0x%08" PRIxAddr ", "
1.63 + "offset: 0x%08" PRIxAddr ", "
1.64 + "flags: %c%c%c)",
1.65 + type, phdr->p_vaddr, phdr->p_filesz, phdr->p_memsz,
1.66 + phdr->p_offset, phdr->p_flags & PF_R ? 'r' : '-',
1.67 + phdr->p_flags & PF_W ? 'w' : '-', phdr->p_flags & PF_X ? 'x' : '-');
1.68 +}
1.69 +
1.70 +static int p_flags_to_mprot(Word flags)
1.71 +{
1.72 + return ((flags & PF_X) ? PROT_EXEC : 0) |
1.73 + ((flags & PF_W) ? PROT_WRITE : 0) |
1.74 + ((flags & PF_R) ? PROT_READ : 0);
1.75 +}
1.76 +
1.77 +void
1.78 +__void_stub(void)
1.79 +{
1.80 +}
1.81 +
1.82 +} /* anonymous namespace */
1.83 +
1.84 +/**
1.85 + * RAII wrapper for a mapping of the first page off a Mappable object.
1.86 + * This calls Mappable::munmap instead of system munmap.
1.87 + */
1.88 +class Mappable1stPagePtr: public GenericMappedPtr<Mappable1stPagePtr> {
1.89 +public:
1.90 + Mappable1stPagePtr(Mappable *mappable)
1.91 + : GenericMappedPtr<Mappable1stPagePtr>(
1.92 + mappable->mmap(nullptr, PageSize(), PROT_READ, MAP_PRIVATE, 0))
1.93 + , mappable(mappable)
1.94 + {
1.95 + /* Ensure the content of this page */
1.96 + mappable->ensure(*this);
1.97 + }
1.98 +
1.99 +private:
1.100 + friend class GenericMappedPtr<Mappable1stPagePtr>;
1.101 + void munmap(void *buf, size_t length) {
1.102 + mappable->munmap(buf, length);
1.103 + }
1.104 +
1.105 + mozilla::RefPtr<Mappable> mappable;
1.106 +};
1.107 +
1.108 +
1.109 +TemporaryRef<LibHandle>
1.110 +CustomElf::Load(Mappable *mappable, const char *path, int flags)
1.111 +{
1.112 + DEBUG_LOG("CustomElf::Load(\"%s\", 0x%x) = ...", path, flags);
1.113 + if (!mappable)
1.114 + return nullptr;
1.115 + /* Keeping a RefPtr of the CustomElf is going to free the appropriate
1.116 + * resources when returning nullptr */
1.117 + RefPtr<CustomElf> elf = new CustomElf(mappable, path);
1.118 + /* Map the first page of the Elf object to access Elf and program headers */
1.119 + Mappable1stPagePtr ehdr_raw(mappable);
1.120 + if (ehdr_raw == MAP_FAILED)
1.121 + return nullptr;
1.122 +
1.123 + const Ehdr *ehdr = Ehdr::validate(ehdr_raw);
1.124 + if (!ehdr)
1.125 + return nullptr;
1.126 +
1.127 + /* Scan Elf Program Headers and gather some information about them */
1.128 + std::vector<const Phdr *> pt_loads;
1.129 + Addr min_vaddr = (Addr) -1; // We want to find the lowest and biggest
1.130 + Addr max_vaddr = 0; // virtual address used by this Elf.
1.131 + const Phdr *dyn = nullptr;
1.132 +
1.133 + const Phdr *first_phdr = reinterpret_cast<const Phdr *>(
1.134 + reinterpret_cast<const char *>(ehdr) + ehdr->e_phoff);
1.135 + const Phdr *end_phdr = &first_phdr[ehdr->e_phnum];
1.136 +#ifdef __ARM_EABI__
1.137 + const Phdr *arm_exidx_phdr = nullptr;
1.138 +#endif
1.139 +
1.140 + for (const Phdr *phdr = first_phdr; phdr < end_phdr; phdr++) {
1.141 + switch (phdr->p_type) {
1.142 + case PT_LOAD:
1.143 + debug_phdr("PT_LOAD", phdr);
1.144 + pt_loads.push_back(phdr);
1.145 + if (phdr->p_vaddr < min_vaddr)
1.146 + min_vaddr = phdr->p_vaddr;
1.147 + if (max_vaddr < phdr->p_vaddr + phdr->p_memsz)
1.148 + max_vaddr = phdr->p_vaddr + phdr->p_memsz;
1.149 + break;
1.150 + case PT_DYNAMIC:
1.151 + debug_phdr("PT_DYNAMIC", phdr);
1.152 + if (!dyn) {
1.153 + dyn = phdr;
1.154 + } else {
1.155 + LOG("%s: Multiple PT_DYNAMIC segments detected", elf->GetPath());
1.156 + return nullptr;
1.157 + }
1.158 + break;
1.159 + case PT_TLS:
1.160 + debug_phdr("PT_TLS", phdr);
1.161 + if (phdr->p_memsz) {
1.162 + LOG("%s: TLS is not supported", elf->GetPath());
1.163 + return nullptr;
1.164 + }
1.165 + break;
1.166 + case PT_GNU_STACK:
1.167 + debug_phdr("PT_GNU_STACK", phdr);
1.168 +// Skip on Android until bug 706116 is fixed
1.169 +#ifndef ANDROID
1.170 + if (phdr->p_flags & PF_X) {
1.171 + LOG("%s: Executable stack is not supported", elf->GetPath());
1.172 + return nullptr;
1.173 + }
1.174 +#endif
1.175 + break;
1.176 +#ifdef __ARM_EABI__
1.177 + case PT_ARM_EXIDX:
1.178 + /* We cannot initialize arm_exidx here
1.179 + because we don't have a base yet */
1.180 + arm_exidx_phdr = phdr;
1.181 + break;
1.182 +#endif
1.183 + default:
1.184 + DEBUG_LOG("%s: Warning: program header type #%d not handled",
1.185 + elf->GetPath(), phdr->p_type);
1.186 + }
1.187 + }
1.188 +
1.189 + if (min_vaddr != 0) {
1.190 + LOG("%s: Unsupported minimal virtual address: 0x%08" PRIxAddr,
1.191 + elf->GetPath(), min_vaddr);
1.192 + return nullptr;
1.193 + }
1.194 + if (!dyn) {
1.195 + LOG("%s: No PT_DYNAMIC segment found", elf->GetPath());
1.196 + return nullptr;
1.197 + }
1.198 +
1.199 + /* Reserve enough memory to map the complete virtual address space for this
1.200 + * library.
1.201 + * As we are using the base address from here to mmap something else with
1.202 + * MAP_FIXED | MAP_SHARED, we need to make sure these mmaps will work. For
1.203 + * instance, on armv6, MAP_SHARED mappings require a 16k alignment, but mmap
1.204 + * MAP_PRIVATE only returns a 4k aligned address. So we first get a base
1.205 + * address with MAP_SHARED, which guarantees the kernel returns an address
1.206 + * that we'll be able to use with MAP_FIXED, and then remap MAP_PRIVATE at
1.207 + * the same address, because of some bad side effects of keeping it as
1.208 + * MAP_SHARED. */
1.209 + elf->base.Assign(MemoryRange::mmap(nullptr, max_vaddr, PROT_NONE,
1.210 + MAP_SHARED | MAP_ANONYMOUS, -1, 0));
1.211 + if ((elf->base == MAP_FAILED) ||
1.212 + (mmap(elf->base, max_vaddr, PROT_NONE,
1.213 + MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0) != elf->base)) {
1.214 + LOG("%s: Failed to mmap", elf->GetPath());
1.215 + return nullptr;
1.216 + }
1.217 +
1.218 + /* Load and initialize library */
1.219 + for (std::vector<const Phdr *>::iterator it = pt_loads.begin();
1.220 + it < pt_loads.end(); ++it)
1.221 + if (!elf->LoadSegment(*it))
1.222 + return nullptr;
1.223 +
1.224 + /* We're not going to mmap anymore */
1.225 + mappable->finalize();
1.226 +
1.227 + report_mapping(const_cast<char *>(elf->GetName()), elf->base,
1.228 + (max_vaddr + PAGE_SIZE - 1) & PAGE_MASK, 0);
1.229 +
1.230 + elf->l_addr = elf->base;
1.231 + elf->l_name = elf->GetPath();
1.232 + elf->l_ld = elf->GetPtr<Dyn>(dyn->p_vaddr);
1.233 + ElfLoader::Singleton.Register(elf);
1.234 +
1.235 + if (!elf->InitDyn(dyn))
1.236 + return nullptr;
1.237 +
1.238 + if (elf->has_text_relocs) {
1.239 + for (std::vector<const Phdr *>::iterator it = pt_loads.begin();
1.240 + it < pt_loads.end(); ++it)
1.241 + mprotect(PageAlignedPtr(elf->GetPtr((*it)->p_vaddr)),
1.242 + PageAlignedEndPtr((*it)->p_memsz),
1.243 + p_flags_to_mprot((*it)->p_flags) | PROT_WRITE);
1.244 + }
1.245 +
1.246 + if (!elf->Relocate() || !elf->RelocateJumps())
1.247 + return nullptr;
1.248 +
1.249 + if (elf->has_text_relocs) {
1.250 + for (std::vector<const Phdr *>::iterator it = pt_loads.begin();
1.251 + it < pt_loads.end(); ++it)
1.252 + mprotect(PageAlignedPtr(elf->GetPtr((*it)->p_vaddr)),
1.253 + PageAlignedEndPtr((*it)->p_memsz),
1.254 + p_flags_to_mprot((*it)->p_flags));
1.255 + }
1.256 +
1.257 + if (!elf->CallInit())
1.258 + return nullptr;
1.259 +
1.260 +#ifdef __ARM_EABI__
1.261 + if (arm_exidx_phdr)
1.262 + elf->arm_exidx.InitSize(elf->GetPtr(arm_exidx_phdr->p_vaddr),
1.263 + arm_exidx_phdr->p_memsz);
1.264 +#endif
1.265 +
1.266 + elf->stats("oneLibLoaded");
1.267 + DEBUG_LOG("CustomElf::Load(\"%s\", 0x%x) = %p", path, flags,
1.268 + static_cast<void *>(elf));
1.269 + return elf;
1.270 +}
1.271 +
1.272 +CustomElf::~CustomElf()
1.273 +{
1.274 + DEBUG_LOG("CustomElf::~CustomElf(%p [\"%s\"])",
1.275 + reinterpret_cast<void *>(this), GetPath());
1.276 + CallFini();
1.277 + /* Normally, __cxa_finalize is called by the .fini function. However,
1.278 + * Android NDK before r6b doesn't do that. Our wrapped cxa_finalize only
1.279 + * calls destructors once, so call it in all cases. */
1.280 + ElfLoader::__wrap_cxa_finalize(this);
1.281 + ElfLoader::Singleton.Forget(this);
1.282 +}
1.283 +
1.284 +namespace {
1.285 +
1.286 +/**
1.287 + * Hash function for symbol lookup, as defined in ELF standard for System V
1.288 + */
1.289 +unsigned long
1.290 +ElfHash(const char *symbol)
1.291 +{
1.292 + const unsigned char *sym = reinterpret_cast<const unsigned char *>(symbol);
1.293 + unsigned long h = 0, g;
1.294 + while (*sym) {
1.295 + h = (h << 4) + *sym++;
1.296 + if ((g = h & 0xf0000000))
1.297 + h ^= g >> 24;
1.298 + h &= ~g;
1.299 + }
1.300 + return h;
1.301 +}
1.302 +
1.303 +} /* anonymous namespace */
1.304 +
1.305 +void *
1.306 +CustomElf::GetSymbolPtr(const char *symbol) const
1.307 +{
1.308 + return GetSymbolPtr(symbol, ElfHash(symbol));
1.309 +}
1.310 +
1.311 +void *
1.312 +CustomElf::GetSymbolPtr(const char *symbol, unsigned long hash) const
1.313 +{
1.314 + const Sym *sym = GetSymbol(symbol, hash);
1.315 + void *ptr = nullptr;
1.316 + if (sym && sym->st_shndx != SHN_UNDEF)
1.317 + ptr = GetPtr(sym->st_value);
1.318 + DEBUG_LOG("CustomElf::GetSymbolPtr(%p [\"%s\"], \"%s\") = %p",
1.319 + reinterpret_cast<const void *>(this), GetPath(), symbol, ptr);
1.320 + return ptr;
1.321 +}
1.322 +
1.323 +void *
1.324 +CustomElf::GetSymbolPtrInDeps(const char *symbol) const
1.325 +{
1.326 + /* Resolve dlopen and related functions to point to ours */
1.327 + if (symbol[0] == 'd' && symbol[1] == 'l') {
1.328 + if (strcmp(symbol + 2, "open") == 0)
1.329 + return FunctionPtr(__wrap_dlopen);
1.330 + if (strcmp(symbol + 2, "error") == 0)
1.331 + return FunctionPtr(__wrap_dlerror);
1.332 + if (strcmp(symbol + 2, "close") == 0)
1.333 + return FunctionPtr(__wrap_dlclose);
1.334 + if (strcmp(symbol + 2, "sym") == 0)
1.335 + return FunctionPtr(__wrap_dlsym);
1.336 + if (strcmp(symbol + 2, "addr") == 0)
1.337 + return FunctionPtr(__wrap_dladdr);
1.338 + if (strcmp(symbol + 2, "_iterate_phdr") == 0)
1.339 + return FunctionPtr(__wrap_dl_iterate_phdr);
1.340 + } else if (symbol[0] == '_' && symbol[1] == '_') {
1.341 + /* Resolve a few C++ ABI specific functions to point to ours */
1.342 +#ifdef __ARM_EABI__
1.343 + if (strcmp(symbol + 2, "aeabi_atexit") == 0)
1.344 + return FunctionPtr(&ElfLoader::__wrap_aeabi_atexit);
1.345 +#else
1.346 + if (strcmp(symbol + 2, "cxa_atexit") == 0)
1.347 + return FunctionPtr(&ElfLoader::__wrap_cxa_atexit);
1.348 +#endif
1.349 + if (strcmp(symbol + 2, "cxa_finalize") == 0)
1.350 + return FunctionPtr(&ElfLoader::__wrap_cxa_finalize);
1.351 + if (strcmp(symbol + 2, "dso_handle") == 0)
1.352 + return const_cast<CustomElf *>(this);
1.353 + if (strcmp(symbol + 2, "moz_linker_stats") == 0)
1.354 + return FunctionPtr(&ElfLoader::stats);
1.355 +#ifdef __ARM_EABI__
1.356 + if (strcmp(symbol + 2, "gnu_Unwind_Find_exidx") == 0)
1.357 + return FunctionPtr(__wrap___gnu_Unwind_Find_exidx);
1.358 +#endif
1.359 + }
1.360 +
1.361 +#define MISSING_FLASH_SYMNAME_START "_ZN7android10VectorImpl19reservedVectorImpl"
1.362 +
1.363 + // Android changed some symbols that Flash depended on in 4.4,
1.364 + // so stub those out here
1.365 + if (strncmp(symbol,
1.366 + MISSING_FLASH_SYMNAME_START,
1.367 + sizeof(MISSING_FLASH_SYMNAME_START) - 1) == 0) {
1.368 + return FunctionPtr(__void_stub);
1.369 + }
1.370 +
1.371 + void *sym;
1.372 + /* Search the symbol in the main program. Note this also tries all libraries
1.373 + * the system linker will have loaded RTLD_GLOBAL. Unfortunately, that doesn't
1.374 + * work with bionic, but its linker doesn't normally search the main binary
1.375 + * anyways. Moreover, on android, the main binary is dalvik. */
1.376 +#ifdef __GLIBC__
1.377 + sym = dlsym(RTLD_DEFAULT, symbol);
1.378 + DEBUG_LOG("dlsym(RTLD_DEFAULT, \"%s\") = %p", symbol, sym);
1.379 + if (sym)
1.380 + return sym;
1.381 +#endif
1.382 +
1.383 + /* Then search the symbol in our dependencies. Since we already searched in
1.384 + * libraries the system linker loaded, skip those (on glibc systems). We
1.385 + * also assume the symbol is to be found in one of the dependent libraries
1.386 + * directly, not in their own dependent libraries. Building libraries with
1.387 + * --no-allow-shlib-undefined ensures such indirect symbol dependency don't
1.388 + * happen. */
1.389 + unsigned long hash = ElfHash(symbol);
1.390 + for (std::vector<RefPtr<LibHandle> >::const_iterator it = dependencies.begin();
1.391 + it < dependencies.end(); ++it) {
1.392 + if (!(*it)->IsSystemElf()) {
1.393 + sym = reinterpret_cast<CustomElf *>((*it).get())->GetSymbolPtr(symbol, hash);
1.394 +#ifndef __GLIBC__
1.395 + } else {
1.396 + sym = (*it)->GetSymbolPtr(symbol);
1.397 +#endif
1.398 + }
1.399 + if (sym)
1.400 + return sym;
1.401 + }
1.402 + return nullptr;
1.403 +}
1.404 +
1.405 +const Sym *
1.406 +CustomElf::GetSymbol(const char *symbol, unsigned long hash) const
1.407 +{
1.408 + /* Search symbol with the buckets and chains tables.
1.409 + * The hash computed from the symbol name gives an index in the buckets
1.410 + * table. The corresponding value in the bucket table is an index in the
1.411 + * symbols table and in the chains table.
1.412 + * If the corresponding symbol in the symbols table matches, we're done.
1.413 + * Otherwise, the corresponding value in the chains table is a new index
1.414 + * in both tables, which corresponding symbol is tested and so on and so
1.415 + * forth */
1.416 + size_t bucket = hash % buckets.numElements();
1.417 + for (size_t y = buckets[bucket]; y != STN_UNDEF; y = chains[y]) {
1.418 + if (strcmp(symbol, strtab.GetStringAt(symtab[y].st_name)))
1.419 + continue;
1.420 + return &symtab[y];
1.421 + }
1.422 + return nullptr;
1.423 +}
1.424 +
1.425 +bool
1.426 +CustomElf::Contains(void *addr) const
1.427 +{
1.428 + return base.Contains(addr);
1.429 +}
1.430 +
1.431 +#ifdef __ARM_EABI__
1.432 +const void *
1.433 +CustomElf::FindExidx(int *pcount) const
1.434 +{
1.435 + if (arm_exidx) {
1.436 + *pcount = arm_exidx.numElements();
1.437 + return arm_exidx;
1.438 + }
1.439 + *pcount = 0;
1.440 + return nullptr;
1.441 +}
1.442 +#endif
1.443 +
1.444 +void
1.445 +CustomElf::stats(const char *when) const
1.446 +{
1.447 + mappable->stats(when, GetPath());
1.448 +}
1.449 +
1.450 +bool
1.451 +CustomElf::LoadSegment(const Phdr *pt_load) const
1.452 +{
1.453 + if (pt_load->p_type != PT_LOAD) {
1.454 + DEBUG_LOG("%s: Elf::LoadSegment only takes PT_LOAD program headers", GetPath());
1.455 + return false;;
1.456 + }
1.457 +
1.458 + int prot = p_flags_to_mprot(pt_load->p_flags);
1.459 +
1.460 + /* Mmap at page boundary */
1.461 + Addr align = PageSize();
1.462 + Addr align_offset;
1.463 + void *mapped, *where;
1.464 + do {
1.465 + align_offset = pt_load->p_vaddr - AlignedPtr(pt_load->p_vaddr, align);
1.466 + where = GetPtr(pt_load->p_vaddr - align_offset);
1.467 + DEBUG_LOG("%s: Loading segment @%p %c%c%c", GetPath(), where,
1.468 + prot & PROT_READ ? 'r' : '-',
1.469 + prot & PROT_WRITE ? 'w' : '-',
1.470 + prot & PROT_EXEC ? 'x' : '-');
1.471 + mapped = mappable->mmap(where, pt_load->p_filesz + align_offset,
1.472 + prot, MAP_PRIVATE | MAP_FIXED,
1.473 + pt_load->p_offset - align_offset);
1.474 + if ((mapped != MAP_FAILED) || (pt_load->p_vaddr == 0) ||
1.475 + (pt_load->p_align == align))
1.476 + break;
1.477 + /* The virtual address space for the library is properly aligned at
1.478 + * 16k on ARMv6 (see CustomElf::Load), and so is the first segment
1.479 + * (p_vaddr == 0). But subsequent segments may not be 16k aligned
1.480 + * and fail to mmap. In such case, try to mmap again at the p_align
1.481 + * boundary instead of page boundary. */
1.482 + DEBUG_LOG("%s: Failed to mmap, retrying", GetPath());
1.483 + align = pt_load->p_align;
1.484 + } while (1);
1.485 +
1.486 + if (mapped != where) {
1.487 + if (mapped == MAP_FAILED) {
1.488 + LOG("%s: Failed to mmap", GetPath());
1.489 + } else {
1.490 + LOG("%s: Didn't map at the expected location (wanted: %p, got: %p)",
1.491 + GetPath(), where, mapped);
1.492 + }
1.493 + return false;
1.494 + }
1.495 +
1.496 + /* Ensure the availability of all pages within the mapping if on-demand
1.497 + * decompression is disabled (MOZ_LINKER_ONDEMAND=0 or signal handler not
1.498 + * registered). */
1.499 + const char *ondemand = getenv("MOZ_LINKER_ONDEMAND");
1.500 + if (!ElfLoader::Singleton.hasRegisteredHandler() ||
1.501 + (ondemand && !strncmp(ondemand, "0", 2 /* Including '\0' */))) {
1.502 + for (Addr off = 0; off < pt_load->p_filesz + align_offset;
1.503 + off += PageSize()) {
1.504 + mappable->ensure(reinterpret_cast<char *>(mapped) + off);
1.505 + }
1.506 + }
1.507 + /* When p_memsz is greater than p_filesz, we need to have nulled out memory
1.508 + * after p_filesz and before p_memsz.
1.509 + * Above the end of the last page, and up to p_memsz, we already have nulled
1.510 + * out memory because we mapped anonymous memory on the whole library virtual
1.511 + * address space. We just need to adjust this anonymous memory protection
1.512 + * flags. */
1.513 + if (pt_load->p_memsz > pt_load->p_filesz) {
1.514 + Addr file_end = pt_load->p_vaddr + pt_load->p_filesz;
1.515 + Addr mem_end = pt_load->p_vaddr + pt_load->p_memsz;
1.516 + Addr next_page = PageAlignedEndPtr(file_end);
1.517 + if (next_page > file_end) {
1.518 + /* The library is not registered at this point, so we can't rely on
1.519 + * on-demand decompression to handle missing pages here. */
1.520 + void *ptr = GetPtr(file_end);
1.521 + mappable->ensure(ptr);
1.522 + memset(ptr, 0, next_page - file_end);
1.523 + }
1.524 + if (mem_end > next_page) {
1.525 + if (mprotect(GetPtr(next_page), mem_end - next_page, prot) < 0) {
1.526 + LOG("%s: Failed to mprotect", GetPath());
1.527 + return false;
1.528 + }
1.529 + }
1.530 + }
1.531 + return true;
1.532 +}
1.533 +
1.534 +namespace {
1.535 +
1.536 +void debug_dyn(const char *type, const Dyn *dyn)
1.537 +{
1.538 + DEBUG_LOG("%s 0x%08" PRIxAddr, type, dyn->d_un.d_val);
1.539 +}
1.540 +
1.541 +} /* anonymous namespace */
1.542 +
1.543 +bool
1.544 +CustomElf::InitDyn(const Phdr *pt_dyn)
1.545 +{
1.546 + /* Scan PT_DYNAMIC segment and gather some information */
1.547 + const Dyn *first_dyn = GetPtr<Dyn>(pt_dyn->p_vaddr);
1.548 + const Dyn *end_dyn = GetPtr<Dyn>(pt_dyn->p_vaddr + pt_dyn->p_filesz);
1.549 + std::vector<Word> dt_needed;
1.550 + size_t symnum = 0;
1.551 + for (const Dyn *dyn = first_dyn; dyn < end_dyn && dyn->d_tag; dyn++) {
1.552 + switch (dyn->d_tag) {
1.553 + case DT_NEEDED:
1.554 + debug_dyn("DT_NEEDED", dyn);
1.555 + dt_needed.push_back(dyn->d_un.d_val);
1.556 + break;
1.557 + case DT_HASH:
1.558 + {
1.559 + debug_dyn("DT_HASH", dyn);
1.560 + const Word *hash_table_header = GetPtr<Word>(dyn->d_un.d_ptr);
1.561 + symnum = hash_table_header[1];
1.562 + buckets.Init(&hash_table_header[2], hash_table_header[0]);
1.563 + chains.Init(&*buckets.end());
1.564 + }
1.565 + break;
1.566 + case DT_STRTAB:
1.567 + debug_dyn("DT_STRTAB", dyn);
1.568 + strtab.Init(GetPtr(dyn->d_un.d_ptr));
1.569 + break;
1.570 + case DT_SYMTAB:
1.571 + debug_dyn("DT_SYMTAB", dyn);
1.572 + symtab.Init(GetPtr(dyn->d_un.d_ptr));
1.573 + break;
1.574 + case DT_SYMENT:
1.575 + debug_dyn("DT_SYMENT", dyn);
1.576 + if (dyn->d_un.d_val != sizeof(Sym)) {
1.577 + LOG("%s: Unsupported DT_SYMENT", GetPath());
1.578 + return false;
1.579 + }
1.580 + break;
1.581 + case DT_TEXTREL:
1.582 + if (strcmp("libflashplayer.so", GetName()) == 0) {
1.583 + has_text_relocs = true;
1.584 + } else {
1.585 + LOG("%s: Text relocations are not supported", GetPath());
1.586 + return false;
1.587 + }
1.588 + break;
1.589 + case DT_STRSZ: /* Ignored */
1.590 + debug_dyn("DT_STRSZ", dyn);
1.591 + break;
1.592 + case UNSUPPORTED_RELOC():
1.593 + case UNSUPPORTED_RELOC(SZ):
1.594 + case UNSUPPORTED_RELOC(ENT):
1.595 + LOG("%s: Unsupported relocations", GetPath());
1.596 + return false;
1.597 + case RELOC():
1.598 + debug_dyn(STR_RELOC(), dyn);
1.599 + relocations.Init(GetPtr(dyn->d_un.d_ptr));
1.600 + break;
1.601 + case RELOC(SZ):
1.602 + debug_dyn(STR_RELOC(SZ), dyn);
1.603 + relocations.InitSize(dyn->d_un.d_val);
1.604 + break;
1.605 + case RELOC(ENT):
1.606 + debug_dyn(STR_RELOC(ENT), dyn);
1.607 + if (dyn->d_un.d_val != sizeof(Reloc)) {
1.608 + LOG("%s: Unsupported DT_RELENT", GetPath());
1.609 + return false;
1.610 + }
1.611 + break;
1.612 + case DT_JMPREL:
1.613 + debug_dyn("DT_JMPREL", dyn);
1.614 + jumprels.Init(GetPtr(dyn->d_un.d_ptr));
1.615 + break;
1.616 + case DT_PLTRELSZ:
1.617 + debug_dyn("DT_PLTRELSZ", dyn);
1.618 + jumprels.InitSize(dyn->d_un.d_val);
1.619 + break;
1.620 + case DT_PLTGOT:
1.621 + debug_dyn("DT_PLTGOT", dyn);
1.622 + break;
1.623 + case DT_INIT:
1.624 + debug_dyn("DT_INIT", dyn);
1.625 + init = dyn->d_un.d_ptr;
1.626 + break;
1.627 + case DT_INIT_ARRAY:
1.628 + debug_dyn("DT_INIT_ARRAY", dyn);
1.629 + init_array.Init(GetPtr(dyn->d_un.d_ptr));
1.630 + break;
1.631 + case DT_INIT_ARRAYSZ:
1.632 + debug_dyn("DT_INIT_ARRAYSZ", dyn);
1.633 + init_array.InitSize(dyn->d_un.d_val);
1.634 + break;
1.635 + case DT_FINI:
1.636 + debug_dyn("DT_FINI", dyn);
1.637 + fini = dyn->d_un.d_ptr;
1.638 + break;
1.639 + case DT_FINI_ARRAY:
1.640 + debug_dyn("DT_FINI_ARRAY", dyn);
1.641 + fini_array.Init(GetPtr(dyn->d_un.d_ptr));
1.642 + break;
1.643 + case DT_FINI_ARRAYSZ:
1.644 + debug_dyn("DT_FINI_ARRAYSZ", dyn);
1.645 + fini_array.InitSize(dyn->d_un.d_val);
1.646 + break;
1.647 + case DT_PLTREL:
1.648 + if (dyn->d_un.d_val != RELOC()) {
1.649 + LOG("%s: Error: DT_PLTREL is not " STR_RELOC(), GetPath());
1.650 + return false;
1.651 + }
1.652 + break;
1.653 + case DT_FLAGS:
1.654 + {
1.655 + Addr flags = dyn->d_un.d_val;
1.656 + /* Treat as a DT_TEXTREL tag */
1.657 + if (flags & DF_TEXTREL) {
1.658 + if (strcmp("libflashplayer.so", GetName()) == 0) {
1.659 + has_text_relocs = true;
1.660 + } else {
1.661 + LOG("%s: Text relocations are not supported", GetPath());
1.662 + return false;
1.663 + }
1.664 + }
1.665 + /* we can treat this like having a DT_SYMBOLIC tag */
1.666 + flags &= ~DF_SYMBOLIC;
1.667 + if (flags)
1.668 + LOG("%s: Warning: unhandled flags #%" PRIxAddr" not handled",
1.669 + GetPath(), flags);
1.670 + }
1.671 + break;
1.672 + case DT_SONAME: /* Should match GetName(), but doesn't matter */
1.673 + case DT_SYMBOLIC: /* Indicates internal symbols should be looked up in
1.674 + * the library itself first instead of the executable,
1.675 + * which is actually what this linker does by default */
1.676 + case RELOC(COUNT): /* Indicates how many relocations are relative, which
1.677 + * is usually used to skip relocations on prelinked
1.678 + * libraries. They are not supported anyways. */
1.679 + case UNSUPPORTED_RELOC(COUNT): /* This should error out, but it doesn't
1.680 + * really matter. */
1.681 + case DT_FLAGS_1: /* Additional linker-internal flags that we don't care about. See
1.682 + * DF_1_* values in src/include/elf/common.h in binutils. */
1.683 + case DT_VERSYM: /* DT_VER* entries are used for symbol versioning, which */
1.684 + case DT_VERDEF: /* this linker doesn't support yet. */
1.685 + case DT_VERDEFNUM:
1.686 + case DT_VERNEED:
1.687 + case DT_VERNEEDNUM:
1.688 + /* Ignored */
1.689 + break;
1.690 + default:
1.691 + LOG("%s: Warning: dynamic header type #%" PRIxAddr" not handled",
1.692 + GetPath(), dyn->d_tag);
1.693 + }
1.694 + }
1.695 +
1.696 + if (!buckets || !symnum) {
1.697 + LOG("%s: Missing or broken DT_HASH", GetPath());
1.698 + return false;
1.699 + }
1.700 + if (!strtab) {
1.701 + LOG("%s: Missing DT_STRTAB", GetPath());
1.702 + return false;
1.703 + }
1.704 + if (!symtab) {
1.705 + LOG("%s: Missing DT_SYMTAB", GetPath());
1.706 + return false;
1.707 + }
1.708 +
1.709 + /* Load dependent libraries */
1.710 + for (size_t i = 0; i < dt_needed.size(); i++) {
1.711 + const char *name = strtab.GetStringAt(dt_needed[i]);
1.712 + RefPtr<LibHandle> handle =
1.713 + ElfLoader::Singleton.Load(name, RTLD_GLOBAL | RTLD_LAZY, this);
1.714 + if (!handle)
1.715 + return false;
1.716 + dependencies.push_back(handle);
1.717 + }
1.718 +
1.719 + return true;
1.720 +}
1.721 +
1.722 +bool
1.723 +CustomElf::Relocate()
1.724 +{
1.725 + DEBUG_LOG("Relocate %s @%p", GetPath(), static_cast<void *>(base));
1.726 + uint32_t symtab_index = (uint32_t) -1;
1.727 + void *symptr = nullptr;
1.728 + for (Array<Reloc>::iterator rel = relocations.begin();
1.729 + rel < relocations.end(); ++rel) {
1.730 + /* Location of the relocation */
1.731 + void *ptr = GetPtr(rel->r_offset);
1.732 +
1.733 + /* R_*_RELATIVE relocations apply directly at the given location */
1.734 + if (ELF_R_TYPE(rel->r_info) == R_RELATIVE) {
1.735 + *(void **) ptr = GetPtr(rel->GetAddend(base));
1.736 + continue;
1.737 + }
1.738 + /* Other relocation types need a symbol resolution */
1.739 + /* Avoid symbol resolution when it's the same symbol as last iteration */
1.740 + if (symtab_index != ELF_R_SYM(rel->r_info)) {
1.741 + symtab_index = ELF_R_SYM(rel->r_info);
1.742 + const Sym sym = symtab[symtab_index];
1.743 + if (sym.st_shndx != SHN_UNDEF) {
1.744 + symptr = GetPtr(sym.st_value);
1.745 + } else {
1.746 + /* TODO: handle symbol resolving to nullptr vs. being undefined. */
1.747 + symptr = GetSymbolPtrInDeps(strtab.GetStringAt(sym.st_name));
1.748 + }
1.749 + }
1.750 +
1.751 + if (symptr == nullptr)
1.752 + LOG("%s: Warning: relocation to NULL @0x%08" PRIxAddr,
1.753 + GetPath(), rel->r_offset);
1.754 +
1.755 + /* Apply relocation */
1.756 + switch (ELF_R_TYPE(rel->r_info)) {
1.757 + case R_GLOB_DAT:
1.758 + /* R_*_GLOB_DAT relocations simply use the symbol value */
1.759 + *(void **) ptr = symptr;
1.760 + break;
1.761 + case R_ABS:
1.762 + /* R_*_ABS* relocations add the relocation added to the symbol value */
1.763 + *(const char **) ptr = (const char *)symptr + rel->GetAddend(base);
1.764 + break;
1.765 + default:
1.766 + LOG("%s: Unsupported relocation type: 0x%" PRIxAddr,
1.767 + GetPath(), ELF_R_TYPE(rel->r_info));
1.768 + return false;
1.769 + }
1.770 + }
1.771 + return true;
1.772 +}
1.773 +
1.774 +bool
1.775 +CustomElf::RelocateJumps()
1.776 +{
1.777 + /* TODO: Dynamic symbol resolution */
1.778 + for (Array<Reloc>::iterator rel = jumprels.begin();
1.779 + rel < jumprels.end(); ++rel) {
1.780 + /* Location of the relocation */
1.781 + void *ptr = GetPtr(rel->r_offset);
1.782 +
1.783 + /* Only R_*_JMP_SLOT relocations are expected */
1.784 + if (ELF_R_TYPE(rel->r_info) != R_JMP_SLOT) {
1.785 + LOG("%s: Jump relocation type mismatch", GetPath());
1.786 + return false;
1.787 + }
1.788 +
1.789 + /* TODO: Avoid code duplication with the relocations above */
1.790 + const Sym sym = symtab[ELF_R_SYM(rel->r_info)];
1.791 + void *symptr;
1.792 + if (sym.st_shndx != SHN_UNDEF)
1.793 + symptr = GetPtr(sym.st_value);
1.794 + else
1.795 + symptr = GetSymbolPtrInDeps(strtab.GetStringAt(sym.st_name));
1.796 +
1.797 + if (symptr == nullptr) {
1.798 + LOG("%s: %s: relocation to NULL @0x%08" PRIxAddr " for symbol \"%s\"",
1.799 + GetPath(),
1.800 + (ELF_ST_BIND(sym.st_info) == STB_WEAK) ? "Warning" : "Error",
1.801 + rel->r_offset, strtab.GetStringAt(sym.st_name));
1.802 + if (ELF_ST_BIND(sym.st_info) != STB_WEAK)
1.803 + return false;
1.804 + }
1.805 + /* Apply relocation */
1.806 + *(void **) ptr = symptr;
1.807 + }
1.808 + return true;
1.809 +}
1.810 +
1.811 +bool
1.812 +CustomElf::CallInit()
1.813 +{
1.814 + if (init)
1.815 + CallFunction(init);
1.816 +
1.817 + for (Array<void *>::iterator it = init_array.begin();
1.818 + it < init_array.end(); ++it) {
1.819 + /* Android x86 NDK wrongly puts 0xffffffff in INIT_ARRAY */
1.820 + if (*it && *it != reinterpret_cast<void *>(-1))
1.821 + CallFunction(*it);
1.822 + }
1.823 + initialized = true;
1.824 + return true;
1.825 +}
1.826 +
1.827 +void
1.828 +CustomElf::CallFini()
1.829 +{
1.830 + if (!initialized)
1.831 + return;
1.832 + for (Array<void *>::reverse_iterator it = fini_array.rbegin();
1.833 + it < fini_array.rend(); ++it) {
1.834 + /* Android x86 NDK wrongly puts 0xffffffff in FINI_ARRAY */
1.835 + if (*it && *it != reinterpret_cast<void *>(-1))
1.836 + CallFunction(*it);
1.837 + }
1.838 + if (fini)
1.839 + CallFunction(fini);
1.840 +}
1.841 +
1.842 +Mappable *
1.843 +CustomElf::GetMappable() const
1.844 +{
1.845 + if (!mappable)
1.846 + return nullptr;
1.847 + if (mappable->GetKind() == Mappable::MAPPABLE_EXTRACT_FILE)
1.848 + return mappable;
1.849 + return ElfLoader::GetMappableFromPath(GetPath());
1.850 +}
