michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this file, michael@0: * You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include michael@0: #include michael@0: #include michael@0: #include michael@0: #include "CustomElf.h" michael@0: #include "Mappable.h" michael@0: #include "Logging.h" michael@0: michael@0: using namespace Elf; michael@0: using namespace mozilla; michael@0: michael@0: /* TODO: Fill ElfLoader::Singleton.lastError on errors. */ michael@0: michael@0: /* Function used to report library mappings from the custom linker to Gecko michael@0: * crash reporter */ michael@0: #ifdef ANDROID michael@0: extern "C" { michael@0: void report_mapping(char *name, void *base, uint32_t len, uint32_t offset); michael@0: } michael@0: #else michael@0: #define report_mapping(...) michael@0: #endif michael@0: michael@0: const Ehdr *Ehdr::validate(const void *buf) michael@0: { michael@0: if (!buf || buf == MAP_FAILED) michael@0: return nullptr; michael@0: michael@0: const Ehdr *ehdr = reinterpret_cast(buf); michael@0: michael@0: /* Only support ELF executables or libraries for the host system */ michael@0: if (memcmp(ELFMAG, &ehdr->e_ident, SELFMAG) || michael@0: ehdr->e_ident[EI_CLASS] != ELFCLASS || michael@0: ehdr->e_ident[EI_DATA] != ELFDATA || michael@0: ehdr->e_ident[EI_VERSION] != 1 || michael@0: (ehdr->e_ident[EI_OSABI] != ELFOSABI && ehdr->e_ident[EI_OSABI] != ELFOSABI_NONE) || michael@0: #ifdef EI_ABIVERSION michael@0: ehdr->e_ident[EI_ABIVERSION] != ELFABIVERSION || michael@0: #endif michael@0: (ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN) || michael@0: ehdr->e_machine != ELFMACHINE || michael@0: ehdr->e_version != 1 || michael@0: ehdr->e_phentsize != sizeof(Phdr)) michael@0: return nullptr; michael@0: michael@0: return ehdr; michael@0: } michael@0: michael@0: namespace { michael@0: michael@0: void debug_phdr(const char *type, const Phdr *phdr) michael@0: { michael@0: DEBUG_LOG("%s @0x%08" PRIxAddr " (" michael@0: "filesz: 0x%08" PRIxAddr ", " michael@0: "memsz: 0x%08" PRIxAddr ", " michael@0: "offset: 0x%08" PRIxAddr ", " michael@0: "flags: %c%c%c)", michael@0: type, phdr->p_vaddr, phdr->p_filesz, phdr->p_memsz, michael@0: phdr->p_offset, phdr->p_flags & PF_R ? 'r' : '-', michael@0: phdr->p_flags & PF_W ? 'w' : '-', phdr->p_flags & PF_X ? 'x' : '-'); michael@0: } michael@0: michael@0: static int p_flags_to_mprot(Word flags) michael@0: { michael@0: return ((flags & PF_X) ? PROT_EXEC : 0) | michael@0: ((flags & PF_W) ? PROT_WRITE : 0) | michael@0: ((flags & PF_R) ? PROT_READ : 0); michael@0: } michael@0: michael@0: void michael@0: __void_stub(void) michael@0: { michael@0: } michael@0: michael@0: } /* anonymous namespace */ michael@0: michael@0: /** michael@0: * RAII wrapper for a mapping of the first page off a Mappable object. michael@0: * This calls Mappable::munmap instead of system munmap. michael@0: */ michael@0: class Mappable1stPagePtr: public GenericMappedPtr { michael@0: public: michael@0: Mappable1stPagePtr(Mappable *mappable) michael@0: : GenericMappedPtr( michael@0: mappable->mmap(nullptr, PageSize(), PROT_READ, MAP_PRIVATE, 0)) michael@0: , mappable(mappable) michael@0: { michael@0: /* Ensure the content of this page */ michael@0: mappable->ensure(*this); michael@0: } michael@0: michael@0: private: michael@0: friend class GenericMappedPtr; michael@0: void munmap(void *buf, size_t length) { michael@0: mappable->munmap(buf, length); michael@0: } michael@0: michael@0: mozilla::RefPtr mappable; michael@0: }; michael@0: michael@0: michael@0: TemporaryRef michael@0: CustomElf::Load(Mappable *mappable, const char *path, int flags) michael@0: { michael@0: DEBUG_LOG("CustomElf::Load(\"%s\", 0x%x) = ...", path, flags); michael@0: if (!mappable) michael@0: return nullptr; michael@0: /* Keeping a RefPtr of the CustomElf is going to free the appropriate michael@0: * resources when returning nullptr */ michael@0: RefPtr elf = new CustomElf(mappable, path); michael@0: /* Map the first page of the Elf object to access Elf and program headers */ michael@0: Mappable1stPagePtr ehdr_raw(mappable); michael@0: if (ehdr_raw == MAP_FAILED) michael@0: return nullptr; michael@0: michael@0: const Ehdr *ehdr = Ehdr::validate(ehdr_raw); michael@0: if (!ehdr) michael@0: return nullptr; michael@0: michael@0: /* Scan Elf Program Headers and gather some information about them */ michael@0: std::vector pt_loads; michael@0: Addr min_vaddr = (Addr) -1; // We want to find the lowest and biggest michael@0: Addr max_vaddr = 0; // virtual address used by this Elf. michael@0: const Phdr *dyn = nullptr; michael@0: michael@0: const Phdr *first_phdr = reinterpret_cast( michael@0: reinterpret_cast(ehdr) + ehdr->e_phoff); michael@0: const Phdr *end_phdr = &first_phdr[ehdr->e_phnum]; michael@0: #ifdef __ARM_EABI__ michael@0: const Phdr *arm_exidx_phdr = nullptr; michael@0: #endif michael@0: michael@0: for (const Phdr *phdr = first_phdr; phdr < end_phdr; phdr++) { michael@0: switch (phdr->p_type) { michael@0: case PT_LOAD: michael@0: debug_phdr("PT_LOAD", phdr); michael@0: pt_loads.push_back(phdr); michael@0: if (phdr->p_vaddr < min_vaddr) michael@0: min_vaddr = phdr->p_vaddr; michael@0: if (max_vaddr < phdr->p_vaddr + phdr->p_memsz) michael@0: max_vaddr = phdr->p_vaddr + phdr->p_memsz; michael@0: break; michael@0: case PT_DYNAMIC: michael@0: debug_phdr("PT_DYNAMIC", phdr); michael@0: if (!dyn) { michael@0: dyn = phdr; michael@0: } else { michael@0: LOG("%s: Multiple PT_DYNAMIC segments detected", elf->GetPath()); michael@0: return nullptr; michael@0: } michael@0: break; michael@0: case PT_TLS: michael@0: debug_phdr("PT_TLS", phdr); michael@0: if (phdr->p_memsz) { michael@0: LOG("%s: TLS is not supported", elf->GetPath()); michael@0: return nullptr; michael@0: } michael@0: break; michael@0: case PT_GNU_STACK: michael@0: debug_phdr("PT_GNU_STACK", phdr); michael@0: // Skip on Android until bug 706116 is fixed michael@0: #ifndef ANDROID michael@0: if (phdr->p_flags & PF_X) { michael@0: LOG("%s: Executable stack is not supported", elf->GetPath()); michael@0: return nullptr; michael@0: } michael@0: #endif michael@0: break; michael@0: #ifdef __ARM_EABI__ michael@0: case PT_ARM_EXIDX: michael@0: /* We cannot initialize arm_exidx here michael@0: because we don't have a base yet */ michael@0: arm_exidx_phdr = phdr; michael@0: break; michael@0: #endif michael@0: default: michael@0: DEBUG_LOG("%s: Warning: program header type #%d not handled", michael@0: elf->GetPath(), phdr->p_type); michael@0: } michael@0: } michael@0: michael@0: if (min_vaddr != 0) { michael@0: LOG("%s: Unsupported minimal virtual address: 0x%08" PRIxAddr, michael@0: elf->GetPath(), min_vaddr); michael@0: return nullptr; michael@0: } michael@0: if (!dyn) { michael@0: LOG("%s: No PT_DYNAMIC segment found", elf->GetPath()); michael@0: return nullptr; michael@0: } michael@0: michael@0: /* Reserve enough memory to map the complete virtual address space for this michael@0: * library. michael@0: * As we are using the base address from here to mmap something else with michael@0: * MAP_FIXED | MAP_SHARED, we need to make sure these mmaps will work. For michael@0: * instance, on armv6, MAP_SHARED mappings require a 16k alignment, but mmap michael@0: * MAP_PRIVATE only returns a 4k aligned address. So we first get a base michael@0: * address with MAP_SHARED, which guarantees the kernel returns an address michael@0: * that we'll be able to use with MAP_FIXED, and then remap MAP_PRIVATE at michael@0: * the same address, because of some bad side effects of keeping it as michael@0: * MAP_SHARED. */ michael@0: elf->base.Assign(MemoryRange::mmap(nullptr, max_vaddr, PROT_NONE, michael@0: MAP_SHARED | MAP_ANONYMOUS, -1, 0)); michael@0: if ((elf->base == MAP_FAILED) || michael@0: (mmap(elf->base, max_vaddr, PROT_NONE, michael@0: MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0) != elf->base)) { michael@0: LOG("%s: Failed to mmap", elf->GetPath()); michael@0: return nullptr; michael@0: } michael@0: michael@0: /* Load and initialize library */ michael@0: for (std::vector::iterator it = pt_loads.begin(); michael@0: it < pt_loads.end(); ++it) michael@0: if (!elf->LoadSegment(*it)) michael@0: return nullptr; michael@0: michael@0: /* We're not going to mmap anymore */ michael@0: mappable->finalize(); michael@0: michael@0: report_mapping(const_cast(elf->GetName()), elf->base, michael@0: (max_vaddr + PAGE_SIZE - 1) & PAGE_MASK, 0); michael@0: michael@0: elf->l_addr = elf->base; michael@0: elf->l_name = elf->GetPath(); michael@0: elf->l_ld = elf->GetPtr(dyn->p_vaddr); michael@0: ElfLoader::Singleton.Register(elf); michael@0: michael@0: if (!elf->InitDyn(dyn)) michael@0: return nullptr; michael@0: michael@0: if (elf->has_text_relocs) { michael@0: for (std::vector::iterator it = pt_loads.begin(); michael@0: it < pt_loads.end(); ++it) michael@0: mprotect(PageAlignedPtr(elf->GetPtr((*it)->p_vaddr)), michael@0: PageAlignedEndPtr((*it)->p_memsz), michael@0: p_flags_to_mprot((*it)->p_flags) | PROT_WRITE); michael@0: } michael@0: michael@0: if (!elf->Relocate() || !elf->RelocateJumps()) michael@0: return nullptr; michael@0: michael@0: if (elf->has_text_relocs) { michael@0: for (std::vector::iterator it = pt_loads.begin(); michael@0: it < pt_loads.end(); ++it) michael@0: mprotect(PageAlignedPtr(elf->GetPtr((*it)->p_vaddr)), michael@0: PageAlignedEndPtr((*it)->p_memsz), michael@0: p_flags_to_mprot((*it)->p_flags)); michael@0: } michael@0: michael@0: if (!elf->CallInit()) michael@0: return nullptr; michael@0: michael@0: #ifdef __ARM_EABI__ michael@0: if (arm_exidx_phdr) michael@0: elf->arm_exidx.InitSize(elf->GetPtr(arm_exidx_phdr->p_vaddr), michael@0: arm_exidx_phdr->p_memsz); michael@0: #endif michael@0: michael@0: elf->stats("oneLibLoaded"); michael@0: DEBUG_LOG("CustomElf::Load(\"%s\", 0x%x) = %p", path, flags, michael@0: static_cast(elf)); michael@0: return elf; michael@0: } michael@0: michael@0: CustomElf::~CustomElf() michael@0: { michael@0: DEBUG_LOG("CustomElf::~CustomElf(%p [\"%s\"])", michael@0: reinterpret_cast(this), GetPath()); michael@0: CallFini(); michael@0: /* Normally, __cxa_finalize is called by the .fini function. However, michael@0: * Android NDK before r6b doesn't do that. Our wrapped cxa_finalize only michael@0: * calls destructors once, so call it in all cases. */ michael@0: ElfLoader::__wrap_cxa_finalize(this); michael@0: ElfLoader::Singleton.Forget(this); michael@0: } michael@0: michael@0: namespace { michael@0: michael@0: /** michael@0: * Hash function for symbol lookup, as defined in ELF standard for System V michael@0: */ michael@0: unsigned long michael@0: ElfHash(const char *symbol) michael@0: { michael@0: const unsigned char *sym = reinterpret_cast(symbol); michael@0: unsigned long h = 0, g; michael@0: while (*sym) { michael@0: h = (h << 4) + *sym++; michael@0: if ((g = h & 0xf0000000)) michael@0: h ^= g >> 24; michael@0: h &= ~g; michael@0: } michael@0: return h; michael@0: } michael@0: michael@0: } /* anonymous namespace */ michael@0: michael@0: void * michael@0: CustomElf::GetSymbolPtr(const char *symbol) const michael@0: { michael@0: return GetSymbolPtr(symbol, ElfHash(symbol)); michael@0: } michael@0: michael@0: void * michael@0: CustomElf::GetSymbolPtr(const char *symbol, unsigned long hash) const michael@0: { michael@0: const Sym *sym = GetSymbol(symbol, hash); michael@0: void *ptr = nullptr; michael@0: if (sym && sym->st_shndx != SHN_UNDEF) michael@0: ptr = GetPtr(sym->st_value); michael@0: DEBUG_LOG("CustomElf::GetSymbolPtr(%p [\"%s\"], \"%s\") = %p", michael@0: reinterpret_cast(this), GetPath(), symbol, ptr); michael@0: return ptr; michael@0: } michael@0: michael@0: void * michael@0: CustomElf::GetSymbolPtrInDeps(const char *symbol) const michael@0: { michael@0: /* Resolve dlopen and related functions to point to ours */ michael@0: if (symbol[0] == 'd' && symbol[1] == 'l') { michael@0: if (strcmp(symbol + 2, "open") == 0) michael@0: return FunctionPtr(__wrap_dlopen); michael@0: if (strcmp(symbol + 2, "error") == 0) michael@0: return FunctionPtr(__wrap_dlerror); michael@0: if (strcmp(symbol + 2, "close") == 0) michael@0: return FunctionPtr(__wrap_dlclose); michael@0: if (strcmp(symbol + 2, "sym") == 0) michael@0: return FunctionPtr(__wrap_dlsym); michael@0: if (strcmp(symbol + 2, "addr") == 0) michael@0: return FunctionPtr(__wrap_dladdr); michael@0: if (strcmp(symbol + 2, "_iterate_phdr") == 0) michael@0: return FunctionPtr(__wrap_dl_iterate_phdr); michael@0: } else if (symbol[0] == '_' && symbol[1] == '_') { michael@0: /* Resolve a few C++ ABI specific functions to point to ours */ michael@0: #ifdef __ARM_EABI__ michael@0: if (strcmp(symbol + 2, "aeabi_atexit") == 0) michael@0: return FunctionPtr(&ElfLoader::__wrap_aeabi_atexit); michael@0: #else michael@0: if (strcmp(symbol + 2, "cxa_atexit") == 0) michael@0: return FunctionPtr(&ElfLoader::__wrap_cxa_atexit); michael@0: #endif michael@0: if (strcmp(symbol + 2, "cxa_finalize") == 0) michael@0: return FunctionPtr(&ElfLoader::__wrap_cxa_finalize); michael@0: if (strcmp(symbol + 2, "dso_handle") == 0) michael@0: return const_cast(this); michael@0: if (strcmp(symbol + 2, "moz_linker_stats") == 0) michael@0: return FunctionPtr(&ElfLoader::stats); michael@0: #ifdef __ARM_EABI__ michael@0: if (strcmp(symbol + 2, "gnu_Unwind_Find_exidx") == 0) michael@0: return FunctionPtr(__wrap___gnu_Unwind_Find_exidx); michael@0: #endif michael@0: } michael@0: michael@0: #define MISSING_FLASH_SYMNAME_START "_ZN7android10VectorImpl19reservedVectorImpl" michael@0: michael@0: // Android changed some symbols that Flash depended on in 4.4, michael@0: // so stub those out here michael@0: if (strncmp(symbol, michael@0: MISSING_FLASH_SYMNAME_START, michael@0: sizeof(MISSING_FLASH_SYMNAME_START) - 1) == 0) { michael@0: return FunctionPtr(__void_stub); michael@0: } michael@0: michael@0: void *sym; michael@0: /* Search the symbol in the main program. Note this also tries all libraries michael@0: * the system linker will have loaded RTLD_GLOBAL. Unfortunately, that doesn't michael@0: * work with bionic, but its linker doesn't normally search the main binary michael@0: * anyways. Moreover, on android, the main binary is dalvik. */ michael@0: #ifdef __GLIBC__ michael@0: sym = dlsym(RTLD_DEFAULT, symbol); michael@0: DEBUG_LOG("dlsym(RTLD_DEFAULT, \"%s\") = %p", symbol, sym); michael@0: if (sym) michael@0: return sym; michael@0: #endif michael@0: michael@0: /* Then search the symbol in our dependencies. Since we already searched in michael@0: * libraries the system linker loaded, skip those (on glibc systems). We michael@0: * also assume the symbol is to be found in one of the dependent libraries michael@0: * directly, not in their own dependent libraries. Building libraries with michael@0: * --no-allow-shlib-undefined ensures such indirect symbol dependency don't michael@0: * happen. */ michael@0: unsigned long hash = ElfHash(symbol); michael@0: for (std::vector >::const_iterator it = dependencies.begin(); michael@0: it < dependencies.end(); ++it) { michael@0: if (!(*it)->IsSystemElf()) { michael@0: sym = reinterpret_cast((*it).get())->GetSymbolPtr(symbol, hash); michael@0: #ifndef __GLIBC__ michael@0: } else { michael@0: sym = (*it)->GetSymbolPtr(symbol); michael@0: #endif michael@0: } michael@0: if (sym) michael@0: return sym; michael@0: } michael@0: return nullptr; michael@0: } michael@0: michael@0: const Sym * michael@0: CustomElf::GetSymbol(const char *symbol, unsigned long hash) const michael@0: { michael@0: /* Search symbol with the buckets and chains tables. michael@0: * The hash computed from the symbol name gives an index in the buckets michael@0: * table. The corresponding value in the bucket table is an index in the michael@0: * symbols table and in the chains table. michael@0: * If the corresponding symbol in the symbols table matches, we're done. michael@0: * Otherwise, the corresponding value in the chains table is a new index michael@0: * in both tables, which corresponding symbol is tested and so on and so michael@0: * forth */ michael@0: size_t bucket = hash % buckets.numElements(); michael@0: for (size_t y = buckets[bucket]; y != STN_UNDEF; y = chains[y]) { michael@0: if (strcmp(symbol, strtab.GetStringAt(symtab[y].st_name))) michael@0: continue; michael@0: return &symtab[y]; michael@0: } michael@0: return nullptr; michael@0: } michael@0: michael@0: bool michael@0: CustomElf::Contains(void *addr) const michael@0: { michael@0: return base.Contains(addr); michael@0: } michael@0: michael@0: #ifdef __ARM_EABI__ michael@0: const void * michael@0: CustomElf::FindExidx(int *pcount) const michael@0: { michael@0: if (arm_exidx) { michael@0: *pcount = arm_exidx.numElements(); michael@0: return arm_exidx; michael@0: } michael@0: *pcount = 0; michael@0: return nullptr; michael@0: } michael@0: #endif michael@0: michael@0: void michael@0: CustomElf::stats(const char *when) const michael@0: { michael@0: mappable->stats(when, GetPath()); michael@0: } michael@0: michael@0: bool michael@0: CustomElf::LoadSegment(const Phdr *pt_load) const michael@0: { michael@0: if (pt_load->p_type != PT_LOAD) { michael@0: DEBUG_LOG("%s: Elf::LoadSegment only takes PT_LOAD program headers", GetPath()); michael@0: return false;; michael@0: } michael@0: michael@0: int prot = p_flags_to_mprot(pt_load->p_flags); michael@0: michael@0: /* Mmap at page boundary */ michael@0: Addr align = PageSize(); michael@0: Addr align_offset; michael@0: void *mapped, *where; michael@0: do { michael@0: align_offset = pt_load->p_vaddr - AlignedPtr(pt_load->p_vaddr, align); michael@0: where = GetPtr(pt_load->p_vaddr - align_offset); michael@0: DEBUG_LOG("%s: Loading segment @%p %c%c%c", GetPath(), where, michael@0: prot & PROT_READ ? 'r' : '-', michael@0: prot & PROT_WRITE ? 'w' : '-', michael@0: prot & PROT_EXEC ? 'x' : '-'); michael@0: mapped = mappable->mmap(where, pt_load->p_filesz + align_offset, michael@0: prot, MAP_PRIVATE | MAP_FIXED, michael@0: pt_load->p_offset - align_offset); michael@0: if ((mapped != MAP_FAILED) || (pt_load->p_vaddr == 0) || michael@0: (pt_load->p_align == align)) michael@0: break; michael@0: /* The virtual address space for the library is properly aligned at michael@0: * 16k on ARMv6 (see CustomElf::Load), and so is the first segment michael@0: * (p_vaddr == 0). But subsequent segments may not be 16k aligned michael@0: * and fail to mmap. In such case, try to mmap again at the p_align michael@0: * boundary instead of page boundary. */ michael@0: DEBUG_LOG("%s: Failed to mmap, retrying", GetPath()); michael@0: align = pt_load->p_align; michael@0: } while (1); michael@0: michael@0: if (mapped != where) { michael@0: if (mapped == MAP_FAILED) { michael@0: LOG("%s: Failed to mmap", GetPath()); michael@0: } else { michael@0: LOG("%s: Didn't map at the expected location (wanted: %p, got: %p)", michael@0: GetPath(), where, mapped); michael@0: } michael@0: return false; michael@0: } michael@0: michael@0: /* Ensure the availability of all pages within the mapping if on-demand michael@0: * decompression is disabled (MOZ_LINKER_ONDEMAND=0 or signal handler not michael@0: * registered). */ michael@0: const char *ondemand = getenv("MOZ_LINKER_ONDEMAND"); michael@0: if (!ElfLoader::Singleton.hasRegisteredHandler() || michael@0: (ondemand && !strncmp(ondemand, "0", 2 /* Including '\0' */))) { michael@0: for (Addr off = 0; off < pt_load->p_filesz + align_offset; michael@0: off += PageSize()) { michael@0: mappable->ensure(reinterpret_cast(mapped) + off); michael@0: } michael@0: } michael@0: /* When p_memsz is greater than p_filesz, we need to have nulled out memory michael@0: * after p_filesz and before p_memsz. michael@0: * Above the end of the last page, and up to p_memsz, we already have nulled michael@0: * out memory because we mapped anonymous memory on the whole library virtual michael@0: * address space. We just need to adjust this anonymous memory protection michael@0: * flags. */ michael@0: if (pt_load->p_memsz > pt_load->p_filesz) { michael@0: Addr file_end = pt_load->p_vaddr + pt_load->p_filesz; michael@0: Addr mem_end = pt_load->p_vaddr + pt_load->p_memsz; michael@0: Addr next_page = PageAlignedEndPtr(file_end); michael@0: if (next_page > file_end) { michael@0: /* The library is not registered at this point, so we can't rely on michael@0: * on-demand decompression to handle missing pages here. */ michael@0: void *ptr = GetPtr(file_end); michael@0: mappable->ensure(ptr); michael@0: memset(ptr, 0, next_page - file_end); michael@0: } michael@0: if (mem_end > next_page) { michael@0: if (mprotect(GetPtr(next_page), mem_end - next_page, prot) < 0) { michael@0: LOG("%s: Failed to mprotect", GetPath()); michael@0: return false; michael@0: } michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: namespace { michael@0: michael@0: void debug_dyn(const char *type, const Dyn *dyn) michael@0: { michael@0: DEBUG_LOG("%s 0x%08" PRIxAddr, type, dyn->d_un.d_val); michael@0: } michael@0: michael@0: } /* anonymous namespace */ michael@0: michael@0: bool michael@0: CustomElf::InitDyn(const Phdr *pt_dyn) michael@0: { michael@0: /* Scan PT_DYNAMIC segment and gather some information */ michael@0: const Dyn *first_dyn = GetPtr(pt_dyn->p_vaddr); michael@0: const Dyn *end_dyn = GetPtr(pt_dyn->p_vaddr + pt_dyn->p_filesz); michael@0: std::vector dt_needed; michael@0: size_t symnum = 0; michael@0: for (const Dyn *dyn = first_dyn; dyn < end_dyn && dyn->d_tag; dyn++) { michael@0: switch (dyn->d_tag) { michael@0: case DT_NEEDED: michael@0: debug_dyn("DT_NEEDED", dyn); michael@0: dt_needed.push_back(dyn->d_un.d_val); michael@0: break; michael@0: case DT_HASH: michael@0: { michael@0: debug_dyn("DT_HASH", dyn); michael@0: const Word *hash_table_header = GetPtr(dyn->d_un.d_ptr); michael@0: symnum = hash_table_header[1]; michael@0: buckets.Init(&hash_table_header[2], hash_table_header[0]); michael@0: chains.Init(&*buckets.end()); michael@0: } michael@0: break; michael@0: case DT_STRTAB: michael@0: debug_dyn("DT_STRTAB", dyn); michael@0: strtab.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case DT_SYMTAB: michael@0: debug_dyn("DT_SYMTAB", dyn); michael@0: symtab.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case DT_SYMENT: michael@0: debug_dyn("DT_SYMENT", dyn); michael@0: if (dyn->d_un.d_val != sizeof(Sym)) { michael@0: LOG("%s: Unsupported DT_SYMENT", GetPath()); michael@0: return false; michael@0: } michael@0: break; michael@0: case DT_TEXTREL: michael@0: if (strcmp("libflashplayer.so", GetName()) == 0) { michael@0: has_text_relocs = true; michael@0: } else { michael@0: LOG("%s: Text relocations are not supported", GetPath()); michael@0: return false; michael@0: } michael@0: break; michael@0: case DT_STRSZ: /* Ignored */ michael@0: debug_dyn("DT_STRSZ", dyn); michael@0: break; michael@0: case UNSUPPORTED_RELOC(): michael@0: case UNSUPPORTED_RELOC(SZ): michael@0: case UNSUPPORTED_RELOC(ENT): michael@0: LOG("%s: Unsupported relocations", GetPath()); michael@0: return false; michael@0: case RELOC(): michael@0: debug_dyn(STR_RELOC(), dyn); michael@0: relocations.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case RELOC(SZ): michael@0: debug_dyn(STR_RELOC(SZ), dyn); michael@0: relocations.InitSize(dyn->d_un.d_val); michael@0: break; michael@0: case RELOC(ENT): michael@0: debug_dyn(STR_RELOC(ENT), dyn); michael@0: if (dyn->d_un.d_val != sizeof(Reloc)) { michael@0: LOG("%s: Unsupported DT_RELENT", GetPath()); michael@0: return false; michael@0: } michael@0: break; michael@0: case DT_JMPREL: michael@0: debug_dyn("DT_JMPREL", dyn); michael@0: jumprels.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case DT_PLTRELSZ: michael@0: debug_dyn("DT_PLTRELSZ", dyn); michael@0: jumprels.InitSize(dyn->d_un.d_val); michael@0: break; michael@0: case DT_PLTGOT: michael@0: debug_dyn("DT_PLTGOT", dyn); michael@0: break; michael@0: case DT_INIT: michael@0: debug_dyn("DT_INIT", dyn); michael@0: init = dyn->d_un.d_ptr; michael@0: break; michael@0: case DT_INIT_ARRAY: michael@0: debug_dyn("DT_INIT_ARRAY", dyn); michael@0: init_array.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case DT_INIT_ARRAYSZ: michael@0: debug_dyn("DT_INIT_ARRAYSZ", dyn); michael@0: init_array.InitSize(dyn->d_un.d_val); michael@0: break; michael@0: case DT_FINI: michael@0: debug_dyn("DT_FINI", dyn); michael@0: fini = dyn->d_un.d_ptr; michael@0: break; michael@0: case DT_FINI_ARRAY: michael@0: debug_dyn("DT_FINI_ARRAY", dyn); michael@0: fini_array.Init(GetPtr(dyn->d_un.d_ptr)); michael@0: break; michael@0: case DT_FINI_ARRAYSZ: michael@0: debug_dyn("DT_FINI_ARRAYSZ", dyn); michael@0: fini_array.InitSize(dyn->d_un.d_val); michael@0: break; michael@0: case DT_PLTREL: michael@0: if (dyn->d_un.d_val != RELOC()) { michael@0: LOG("%s: Error: DT_PLTREL is not " STR_RELOC(), GetPath()); michael@0: return false; michael@0: } michael@0: break; michael@0: case DT_FLAGS: michael@0: { michael@0: Addr flags = dyn->d_un.d_val; michael@0: /* Treat as a DT_TEXTREL tag */ michael@0: if (flags & DF_TEXTREL) { michael@0: if (strcmp("libflashplayer.so", GetName()) == 0) { michael@0: has_text_relocs = true; michael@0: } else { michael@0: LOG("%s: Text relocations are not supported", GetPath()); michael@0: return false; michael@0: } michael@0: } michael@0: /* we can treat this like having a DT_SYMBOLIC tag */ michael@0: flags &= ~DF_SYMBOLIC; michael@0: if (flags) michael@0: LOG("%s: Warning: unhandled flags #%" PRIxAddr" not handled", michael@0: GetPath(), flags); michael@0: } michael@0: break; michael@0: case DT_SONAME: /* Should match GetName(), but doesn't matter */ michael@0: case DT_SYMBOLIC: /* Indicates internal symbols should be looked up in michael@0: * the library itself first instead of the executable, michael@0: * which is actually what this linker does by default */ michael@0: case RELOC(COUNT): /* Indicates how many relocations are relative, which michael@0: * is usually used to skip relocations on prelinked michael@0: * libraries. They are not supported anyways. */ michael@0: case UNSUPPORTED_RELOC(COUNT): /* This should error out, but it doesn't michael@0: * really matter. */ michael@0: case DT_FLAGS_1: /* Additional linker-internal flags that we don't care about. See michael@0: * DF_1_* values in src/include/elf/common.h in binutils. */ michael@0: case DT_VERSYM: /* DT_VER* entries are used for symbol versioning, which */ michael@0: case DT_VERDEF: /* this linker doesn't support yet. */ michael@0: case DT_VERDEFNUM: michael@0: case DT_VERNEED: michael@0: case DT_VERNEEDNUM: michael@0: /* Ignored */ michael@0: break; michael@0: default: michael@0: LOG("%s: Warning: dynamic header type #%" PRIxAddr" not handled", michael@0: GetPath(), dyn->d_tag); michael@0: } michael@0: } michael@0: michael@0: if (!buckets || !symnum) { michael@0: LOG("%s: Missing or broken DT_HASH", GetPath()); michael@0: return false; michael@0: } michael@0: if (!strtab) { michael@0: LOG("%s: Missing DT_STRTAB", GetPath()); michael@0: return false; michael@0: } michael@0: if (!symtab) { michael@0: LOG("%s: Missing DT_SYMTAB", GetPath()); michael@0: return false; michael@0: } michael@0: michael@0: /* Load dependent libraries */ michael@0: for (size_t i = 0; i < dt_needed.size(); i++) { michael@0: const char *name = strtab.GetStringAt(dt_needed[i]); michael@0: RefPtr handle = michael@0: ElfLoader::Singleton.Load(name, RTLD_GLOBAL | RTLD_LAZY, this); michael@0: if (!handle) michael@0: return false; michael@0: dependencies.push_back(handle); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool michael@0: CustomElf::Relocate() michael@0: { michael@0: DEBUG_LOG("Relocate %s @%p", GetPath(), static_cast(base)); michael@0: uint32_t symtab_index = (uint32_t) -1; michael@0: void *symptr = nullptr; michael@0: for (Array::iterator rel = relocations.begin(); michael@0: rel < relocations.end(); ++rel) { michael@0: /* Location of the relocation */ michael@0: void *ptr = GetPtr(rel->r_offset); michael@0: michael@0: /* R_*_RELATIVE relocations apply directly at the given location */ michael@0: if (ELF_R_TYPE(rel->r_info) == R_RELATIVE) { michael@0: *(void **) ptr = GetPtr(rel->GetAddend(base)); michael@0: continue; michael@0: } michael@0: /* Other relocation types need a symbol resolution */ michael@0: /* Avoid symbol resolution when it's the same symbol as last iteration */ michael@0: if (symtab_index != ELF_R_SYM(rel->r_info)) { michael@0: symtab_index = ELF_R_SYM(rel->r_info); michael@0: const Sym sym = symtab[symtab_index]; michael@0: if (sym.st_shndx != SHN_UNDEF) { michael@0: symptr = GetPtr(sym.st_value); michael@0: } else { michael@0: /* TODO: handle symbol resolving to nullptr vs. being undefined. */ michael@0: symptr = GetSymbolPtrInDeps(strtab.GetStringAt(sym.st_name)); michael@0: } michael@0: } michael@0: michael@0: if (symptr == nullptr) michael@0: LOG("%s: Warning: relocation to NULL @0x%08" PRIxAddr, michael@0: GetPath(), rel->r_offset); michael@0: michael@0: /* Apply relocation */ michael@0: switch (ELF_R_TYPE(rel->r_info)) { michael@0: case R_GLOB_DAT: michael@0: /* R_*_GLOB_DAT relocations simply use the symbol value */ michael@0: *(void **) ptr = symptr; michael@0: break; michael@0: case R_ABS: michael@0: /* R_*_ABS* relocations add the relocation added to the symbol value */ michael@0: *(const char **) ptr = (const char *)symptr + rel->GetAddend(base); michael@0: break; michael@0: default: michael@0: LOG("%s: Unsupported relocation type: 0x%" PRIxAddr, michael@0: GetPath(), ELF_R_TYPE(rel->r_info)); michael@0: return false; michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool michael@0: CustomElf::RelocateJumps() michael@0: { michael@0: /* TODO: Dynamic symbol resolution */ michael@0: for (Array::iterator rel = jumprels.begin(); michael@0: rel < jumprels.end(); ++rel) { michael@0: /* Location of the relocation */ michael@0: void *ptr = GetPtr(rel->r_offset); michael@0: michael@0: /* Only R_*_JMP_SLOT relocations are expected */ michael@0: if (ELF_R_TYPE(rel->r_info) != R_JMP_SLOT) { michael@0: LOG("%s: Jump relocation type mismatch", GetPath()); michael@0: return false; michael@0: } michael@0: michael@0: /* TODO: Avoid code duplication with the relocations above */ michael@0: const Sym sym = symtab[ELF_R_SYM(rel->r_info)]; michael@0: void *symptr; michael@0: if (sym.st_shndx != SHN_UNDEF) michael@0: symptr = GetPtr(sym.st_value); michael@0: else michael@0: symptr = GetSymbolPtrInDeps(strtab.GetStringAt(sym.st_name)); michael@0: michael@0: if (symptr == nullptr) { michael@0: LOG("%s: %s: relocation to NULL @0x%08" PRIxAddr " for symbol \"%s\"", michael@0: GetPath(), michael@0: (ELF_ST_BIND(sym.st_info) == STB_WEAK) ? "Warning" : "Error", michael@0: rel->r_offset, strtab.GetStringAt(sym.st_name)); michael@0: if (ELF_ST_BIND(sym.st_info) != STB_WEAK) michael@0: return false; michael@0: } michael@0: /* Apply relocation */ michael@0: *(void **) ptr = symptr; michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool michael@0: CustomElf::CallInit() michael@0: { michael@0: if (init) michael@0: CallFunction(init); michael@0: michael@0: for (Array::iterator it = init_array.begin(); michael@0: it < init_array.end(); ++it) { michael@0: /* Android x86 NDK wrongly puts 0xffffffff in INIT_ARRAY */ michael@0: if (*it && *it != reinterpret_cast(-1)) michael@0: CallFunction(*it); michael@0: } michael@0: initialized = true; michael@0: return true; michael@0: } michael@0: michael@0: void michael@0: CustomElf::CallFini() michael@0: { michael@0: if (!initialized) michael@0: return; michael@0: for (Array::reverse_iterator it = fini_array.rbegin(); michael@0: it < fini_array.rend(); ++it) { michael@0: /* Android x86 NDK wrongly puts 0xffffffff in FINI_ARRAY */ michael@0: if (*it && *it != reinterpret_cast(-1)) michael@0: CallFunction(*it); michael@0: } michael@0: if (fini) michael@0: CallFunction(fini); michael@0: } michael@0: michael@0: Mappable * michael@0: CustomElf::GetMappable() const michael@0: { michael@0: if (!mappable) michael@0: return nullptr; michael@0: if (mappable->GetKind() == Mappable::MAPPABLE_EXTRACT_FILE) michael@0: return mappable; michael@0: return ElfLoader::GetMappableFromPath(GetPath()); michael@0: }