aboutsummaryrefslogtreecommitdiffstats
path: root/doc/prelink.8
blob: c8478b044075c43148432e9221e07d2af5bb8293 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
.TH prelink 8 "5 August 2003"
.SH NAME
prelink \- prelink ELF shared libraries and binaries to speed up startup time
.SH SYNOPSIS
prelink
.RB [OPTION...]\ [FILES]
.SH DESCRIPTION
.B prelink
is a program which modifies ELF shared libraries and ELF dynamically linked
binaries, so that the time which dynamic linker needs for their relocation
at startup significantly decreases and also due to fewer relocations the
run-time memory consumption decreases too (especially number of unshareable
pages). Such prelinking information is only used if all its dependant
libraries have not changed since prelinking, otherwise programs are
relocated normally.
.PP
.B prelink
first collects ELF binaries which should be prelinked and all the ELF shared
libraries they depend on. Then it assigns a unique virtual address space
slot for each library and relinks the shared library to that base address.
When the dynamic linker attempts to load such a library, unless that virtual
address space slot is already occupied, it will map it into the given slot.
After this is done,
.B prelink
with the help of dynamic linker resolves all relocations in the binary or
library against its dependant libraries and stores the relocations into the
ELF object.
It also stores a list of all dependant libraries together with their
checksums into the binary or library.
For binaries, it also computes a list of
.IR conflicts
(relocations which resolve differently in the binary's symbol search scope
than in the smaller search scope in which the dependant library was
resolved) and stores it into a special ELF section.
.PP
At runtime, the dynamic linker first checks whether all dependant libraries
were successfully mapped into their designated address space slots and
whether they have not changed since the prelinking was done.
If all checks are successful, the dynamic linker just replays the list of
conflicts (which is usually significantly shorter than total number of
relocations) instead of relocating each library.
.SH OPTIONS
.TP
.B \-v\ \-\-verbose
Verbose mode.
Print the virtual address slot assignment to libraries and print what binary
or library is currently being prelinked.
.TP
.B \-n\ \-\-dry\-run
Don't actually prelink anything, just collect the binaries/libraries, assign
them addresses and with
.B \-v 
print what would be prelinked.
.TP
.B \-a \-\-all
Prelink all binaries and dependant libraries found in directory hierarchies
specified in
.IR /etc/prelink.conf .
Normally only binaries specified from command line and their dependant
libraries are prelinked.
.TP
.B \-m \-\-conserve\-memory
When assigning addresses to libraries, allow overlap of address space slots
provided that the two libraries are not present together in any of the
binaries or libraries. This results in smaller virtual address space range
used for libraries, on the other side if during incremental prelinking
.B prelink
sees a binary which puts together two libraries which were not present
together in any other binary and were given the same virtual address space
slots, then the binary cannot be prelinked.
Normally each library is assigned a unique virtual address space slot.
.TP
.B \-R \-\-random
When assigning addresses to libraries, start with random address within
architecture dependant virtual address space range.
This can make some buffer overflow attacks slightly harder to exploit,
because libraries are not present on the same addresses accross different
machines.
Normally, assigning virtual addresses starts at the bottom of architecture
dependant range.
.TP
.B \-r \-\-reloc\-only=ADDRESS
Instead of prelinking, just relink given shared libraries to the specified
base address.
.TP
.B \-N \-\-no\-update\-cache
Don't save cache file after prelinking. Normally, list of libraries (and
with
.B \-m
binaries also) is stored into
.I /etc/prelink.cache
file together with their given address space slots and dependencies, so
it can be used during incremental prelinking (prelinking without
.B \-a
option).
.TP
.B \-c \-\-config\-file=CONFIG
Specify alternate config file instead of default
.IR /etc/prelink.conf .
.TP
.B \-C \-\-cache\-file=CACHE
Specify alternate cache file instead of default
.IR /etc/prelink.cache .
.TP
.B \-f \-\-force
Force re-prelinking even for already prelinked objects for which no
dependencies changed. This option causes new virtual address space slots to
be assigned to all libraries.
Normally, only binaries or libraries which are either not prelinked yet, or
some of their dependencies changed, are prelinked.
.TP
.B \-q \-\-quick
Run prelink in quick mode.  This mode checks just mtime and ctime timestamps
of libraries and binaries stored in the cache file.  If they are unchanged
from the last prelink run, it is assumed that the library in question did
not change and no parsing of its ELF headers and verifying it is done.
.TP
.B \-p \-\-print\-cache
Print the content of the cache file (normally
.IR /etc/prelink.cache )
and exit.
.TP
.B \-\-dynamic\-linker=LDSO
Specify alternate dynamic linker instead of the default.
.TP
.B \-\-ld\-library\-path=PATH
Specify special
.IR LD_LIBRARY_PATH
to be used when
.B prelink
queries dynamic linker about symbol resolution details.
.TP
.B \-\-libs\-only
Only prelink ELF shared libraries, don't prelink any binaries.
.TP
.B \-h \-\-dereference
When processing command line directory arguments, follow symbolic links when
walking directory hierarchies.
.TP
.B \-l \-\-one\-file\-system
When processing command line directory arguments, limit directory tree walk
to a single filesystem.
.TP
.B \-u \-\-undo
Revert binaries and libraries to their original content before they were
prelinked.
Without
.I \-a
option this causes only the binaries and libraries specified on the command
line to be reverted to their original state (and e.g. not their
dependencies). If used together with
.I \-a
option all binaries and libraries from command line, all their dependencies,
all binaries found in directories specified on command line and in config
file and all their dependencies will be undone.
.TP
.B \-y \-\-verify
Verifies a prelinked binary or library.
This option can be used only on a single binary or library. It first applies
an
.I \-\-undo
operation on the file, then prelinks just that file again and compares this
with the original file. If both are identical, it prints the file after
.I \-\-undo
operation on standard output and exit with zero status. Otherwise it exits
with error status.
Thus if
.I \-\-verify
operation returns zero exit status and its standard output is
equal to the content of the binary or library before prelinking, you can be
sure that nobody modified the binaries or libraries after prelinking.
Similarly with message digests and checksums (unless you trigger the
unprobable case of modified file and original file having the same digest
or checksum).
.TP
.B \-\-md5
This is similar to
.I \-\-verify
option, except instead of outputing the content of the binary or library
before prelinking to standard output MD5 digest is printed.
See
.BR md5sum (1).
.TP
.B \-\-sha
This is similar to
.I \-\-verify
option, except instead of outputing the content of the binary or library
before prelinking to standard output SHA1 digest is printed.
See
.BR sha1sum (1).
.TP
.B \-V \-\-version
Print version and exit.
.TP
.B \-? \-\-help
Print short help and exit.
.SH ARGUMENTS
Command line arguments should be either directory hierarchies (in which case
.I \-l
and
.I \-h
options apply), or particular ELF binaries or shared libraries.
Unlike when walking directory hierarchies, specifying a shared library
explicitely on the command line causes it to be prelinked even if no binary
is linked against it. Normally, only binaries are collected together with
all libraries they depend on.
.SH EXAMPLES
.RS
# /usr/sbin/prelink -avmR
.RE
will prelink all binaries found in directories specified in
.I /etc/prelink.conf
and all their dependant libraries, assigning libraries unique virtual
address space slots only if they ever appear together and will start
assigning at random address.
.RS
# /usr/sbin/prelink -vm ~/bin/progx
.RE
will prelink ~/bin/progx program and all its dependant libraries (unless
they were prelinked already e.g. during
.I prelink \-a
invocation).
.RS
# /usr/sbin/prelink -au
.RE
will revert all binaries and libraries to their original content.
.RS
# /usr/sbin/prelink -y /bin/prelinked_prog > /tmp/original_prog; echo $?
will verify whether /bin/prelinked_prog hasn't been changed.
.SH FILES
.PD 0
.TP 20
.B /etc/prelink.cache
Binary file containing list of prelinked libraries and/or binaries together
with their assigned virtual address space slots and dependencies.
You can run
.I /usr/sbin/prelink -p
to see what is stored in there.
.TP 20
.B /etc/prelink.conf
Configuration file containing a list of directory hierarchies which can
contain ELF shared libraries or binaries which should be prelinked.
This configuration file is used in
.B \-a
mode to find binaries which should be prelinked and also no matter whether
.B \-a
is given or not to limit which dependant shared libraries should be
prelinked. If
.B prelink
finds a dependant library of some binary or other library which is not
present in any of the directories specified in
.B /etc/prelink.conf
and neither in any of the directories specified on the command line, then it
cannot be prelinked.
Each line of the config file should be either comment starting with
.BR # ,
or directory name. It can be prefixed by
.B \-l
switch, meaning tree walk of the given directory will be only limited to one
filesystem, or
.B \-h
switch, meaning tree walk of the given directory will follow symbolic links.
.SH SEE ALSO
.BR ldd (1),
.BR ld.so (8).
.SH BUGS
.LP
.B prelink
Some architectures, including IA-64, HPPA and MIPS are not yet supported.
.SH AUTHORS
Jakub Jelinek <jakub@redhat.com>.