caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd3907ccb583df99e9c19d2fe84e4e7c52d75de9
clang-p2996/lld/test/ELF/relocation-copy-relro.s
Fangrui Song 5a58e98c20 [ELF] Align the end of PT_GNU_RELRO associated PT_LOAD to a common-page-size boundary (#66042) 
Close #57618: currently we align the end of PT_GNU_RELRO to a
common-page-size
boundary, but do not align the end of the associated PT_LOAD. This is
benign
when runtime_page_size >= common-page-size.

However, when runtime_page_size < common-page-size, it is possible that
`alignUp(end(PT_LOAD), page_size) < alignDown(end(PT_GNU_RELRO),
page_size)`.
In this case, rtld's mprotect call for PT_GNU_RELRO will apply to
unmapped
regions and lead to an error, e.g.

```
error while loading shared libraries: cannot apply additional memory protection after relocation: Cannot allocate memory
```

To fix the issue, add a padding section .relro_padding like mold, which
is contained in the PT_GNU_RELRO segment and the associated PT_LOAD
segment. The section also prevents strip from corrupting PT_LOAD program
headers.

.relro_padding has the largest `sortRank` among RELRO sections.
Therefore, it is naturally placed at the end of `PT_GNU_RELRO` segment
in the absence of `PHDRS`/`SECTIONS` commands.

In the presence of `SECTIONS` commands, we place .relro_padding
immediately before a symbol assignment using DATA_SEGMENT_RELRO_END (see
also https://reviews.llvm.org/D124656), if present.
DATA_SEGMENT_RELRO_END is changed to align to max-page-size instead of
common-page-size.

Some edge cases worth mentioning:

* ppc64-toc-addis-nop.s: when PHDRS is present, do not append
.relro_padding
* avoid-empty-program-headers.s: when the only RELRO section is .tbss,
it is not part of PT_LOAD segment, therefore we do not append
.relro_padding.

---

Close #65002: GNU ld from 2.39 onwards aligns the end of PT_GNU_RELRO to
a
max-page-size boundary (https://sourceware.org/PR28824) so that the last
page is
protected even if runtime_page_size > common-page-size.

In my opinion, losing protection for the last page when the runtime page
size is
larger than common-page-size is not really an issue. Double mapping a
page of up
to max-common-page for the protection could cause undesired VM waste.
Internally
we had users complaining about 2MiB max-page-size applying to shared
objects.

Therefore, the end of .relro_padding is padded to a common-page-size
boundary. Users who are really anxious can set common-page-size to match
their runtime page size.

---

17 tests need updating as there are lots of change detectors.
2023-09-14 10:33:11 -07:00

55 lines
1.9 KiB
ArmAsm
Raw Blame History

// REQUIRES: x86
// Reserve space for copy relocations of read-only symbols in .bss.rel.ro
// RUN: llvm-mc -filetype=obj -triple=x86_64-pc-linux %s -o %t.o
// RUN: llvm-mc -filetype=obj -triple=x86_64-pc-linux %p/Inputs/relocation-copy-relro.s -o %t2.o
// RUN: ld.lld -shared %t2.o -soname=so -o %t.so
// RUN: ld.lld %t.o %t.so -o %t3
// RUN: llvm-readobj -S -l -r %t3 | FileCheck %s
/// Due to -z rodynamic, The only RELRO section is .bss.rel.ro. Test that we
/// still append the .relro_padding section.
// RUN: ld.lld -z rodynamic %t.o %t.so -o %t4
// RUN: llvm-readelf -S -l %t4 | FileCheck %s --check-prefix=CHECK2
// CHECK: Name: .bss.rel.ro
// CHECK-NEXT: Type: SHT_NOBITS (0x8)
// CHECK-NEXT: Flags [ (0x3)
// CHECK-NEXT: SHF_ALLOC (0x2)
// CHECK-NEXT: SHF_WRITE (0x1)
// CHECK-NEXT: ]
// CHECK-NEXT: Address: 0x202368
// CHECK-NEXT: Offset: 0x368
// CHECK-NEXT: Size: 8
// CHECK: Type: PT_GNU_RELRO (0x6474E552)
// CHECK-NEXT: Offset: 0x2A8
// CHECK-NEXT: VirtualAddress: 0x2022A8
// CHECK-NEXT: PhysicalAddress: 0x2022A8
// CHECK-NEXT: FileSize: 192
// CHECK-NEXT: MemSize: 3416
// CHECK: 0x202368 R_X86_64_COPY a 0x0
// CHECK: 0x20236C R_X86_64_COPY b 0x0
// CHECK2: LOAD 0x000356 0x0000000000202356 0x0000000000202356 0x000000 0x000caa RW 0x1000
// CHECK2: DYNAMIC 0x000258 0x0000000000200258 0x0000000000200258 0x0000b0 0x0000b0 R 0x8
// CHECK2: GNU_RELRO 0x000356 0x0000000000202356 0x0000000000202356 0x000000 0x000caa R 0x1
// CHECK2: Section to Segment mapping:
// CHECK2-NEXT: Segment Sections...
// CHECK2-NEXT: 00
// CHECK2-NEXT: 01 .dynsym .gnu.hash .hash .dynamic .dynstr .rela.dyn
// CHECK2-NEXT: 02 .text
// CHECK2-NEXT: 03 .bss.rel.ro .relro_padding
// CHECK2-NEXT: 04 .dynamic
// CHECK2-NEXT: 05 .bss.rel.ro .relro_padding
// CHECK2-NEXT: 06
.text
.global _start
_start:
movl $1, a
movl $2, b
Reference in New Issue View Git Blame Copy Permalink