Skip to content

Commit

Permalink
[ELF] Add -z separate-code and pad the last page of last PF_X PT_LOAD…
Browse files Browse the repository at this point in the history 
… with traps only if -z separate-code is specified

This patch

1) adds -z separate-code and -z noseparate-code (default).
2) changes the condition that the last page of last PF_X PT_LOAD is
 padded with trap instructions.
 Current condition (after D33630): if there is no `SECTIONS` commands.
 After this change: if -z separate-code is specified.

-z separate-code was introduced to ld.bfd in 2018, to place the text
segment in its own pages. There is no overlap in pages between an
executable segment and a non-executable segment:

1) RX cannot load initial contents from R or RW(or non-SHF_ALLOC).
2) R and RW(or non-SHF_ALLOC) cannot load initial contents from RX.

lld's current status:

- Between R and RX: in `Writer<ELFT>::fixSectionAlignments()`, the start of a
  segment is always aligned to maxPageSize, so the initial contents loaded by R
  and RX do not overlap. I plan to allow overlaps in D64906 if -z noseparate-code
  is in effect.
- Between RX and RW(or non-SHF_ALLOC if RW doesn't exist):
  we currently unconditionally pad the last page to commonPageSize
  (defaults to 4096 on all targets we support).
  This patch will make it effective only if -z separate-code is specified.

-z separate-code is a dubious feature that intends to reduce the number
of ROP gadgets (which is actually ineffective because attackers can find
plenty of gadgets in the text segment, no need to find gadgets in
non-code regions).

With the overlapping PT_LOAD technique D64906, -z noseparate-code
removes two more alignments at segment boundaries than -z separate-code.
This saves at most defaultCommonPageSize*2 bytes, which are significant
on targets with large defaultCommonPageSize (AArch64/MIPS/PPC: 65536).

Issues/feedback on alignment at segment boundaries to help understand
the implication:

* binutils PR24490 (the situation on ld.bfd is worse because they have
  two R-- on both sides of R-E so more alignments.)

* In binutils, the 2018-02-27 commit "ld: Add --enable-separate-code" made -z separate-code the default on Linux.
  richfelker/musl-cross-make@d969dea
  In musl-cross-make, binutils is configured with --disable-separate-code
  to address size regressions caused by -z separate-code. (lld actually has the same
  issue, which I plan to fix in a future patch. The ld.bfd x86 status is
  worse because they default to max-page-size=0x200000).

* https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237676 people want
  smaller code size. This patch will remove one alignment boundary.

* Stef O'Rear: I'm opposed to any kind of page alignment at the
  text/rodata line (having a partial page of text aliased as rodata and
  vice versa has no demonstrable harm, and I actually care about small
  systems).

So, make -z noseparate-code the default.

Reviewed By: ruiu

Differential Revision: https://reviews.llvm.org/D64903

llvm-svn: 367537
  • Loading branch information
@MaskRay
MaskRay committed Aug 1, 2019
1 parent 07ceadd commit 5391f15
Show file tree
Hide file tree
Showing 17 changed files with 79 additions and 67 deletions.
1 change: 1 addition & 0 deletions lld/ELF/Config.h
View file
Expand Up @@ -210,6 +210,7 @@ struct Configuration {
bool zOrigin;
bool zRelro;
bool zRodynamic;
bool zSeparateCode;
bool zText;
bool zRetpolineplt;
bool zWxneeded;
Expand Down
8 changes: 5 additions & 3 deletions lld/ELF/Driver.cpp
View file
Expand Up @@ -378,9 +378,10 @@ static bool isKnownZFlag(StringRef s) {
s == "execstack" || s == "global" || s == "hazardplt" ||
s == "ifunc-noplt" || s == "initfirst" || s == "interpose" ||
s == "keep-text-section-prefix" || s == "lazy" || s == "muldefs" ||
s == "nocombreloc" || s == "nocopyreloc" || s == "nodefaultlib" ||
s == "nodelete" || s == "nodlopen" || s == "noexecstack" ||
s == "nokeep-text-section-prefix" || s == "norelro" || s == "notext" ||
s == "separate-code" || s == "nocombreloc" || s == "nocopyreloc" ||
s == "nodefaultlib" || s == "nodelete" || s == "nodlopen" ||
s == "noexecstack" || s == "nokeep-text-section-prefix" ||
s == "norelro" || s == "noseparate-code" || s == "notext" ||
s == "now" || s == "origin" || s == "relro" || s == "retpolineplt" ||
s == "rodynamic" || s == "text" || s == "wxneeded" ||
s.startswith("common-page-size") || s.startswith("max-page-size=") ||
Expand Down Expand Up @@ -935,6 +936,7 @@ static void readConfigs(opt::InputArgList &args) {
config->zRelro = getZFlag(args, "relro", "norelro", true);
config->zRetpolineplt = hasZOption(args, "retpolineplt");
config->zRodynamic = hasZOption(args, "rodynamic");
config->zSeparateCode = getZFlag(args, "separate-code", "noseparate-code", false);
config->zStackSize = args::getZOptionValue(args, OPT_z, "stack-size", 0);
config->zText = getZFlag(args, "text", "notext", true);
config->zWxneeded = hasZOption(args, "wxneeded");
Expand Down
6 changes: 2 additions & 4 deletions lld/ELF/Writer.cpp
View file
Expand Up @@ -2289,13 +2289,11 @@ template <class ELFT> void Writer<ELFT>::assignFileOffsets() {

for (OutputSection *sec : outputSections) {
off = setFileOffset(sec, off);
if (script->hasSectionsCommand)
continue;

// If this is a last section of the last executable segment and that
// segment is the last loadable segment, align the offset of the
// following section to avoid loading non-segments parts of the file.
if (lastRX && lastRX->lastSec == sec)
if (config->zSeparateCode && lastRX && lastRX->lastSec == sec)
off = alignTo(off, config->commonPageSize);
}

Expand Down Expand Up @@ -2568,7 +2566,7 @@ static void fillTrap(uint8_t *i, uint8_t *end) {
// We'll leave other pages in segments as-is because the rest will be
// overwritten by output sections.
template <class ELFT> void Writer<ELFT>::writeTrapInstr() {
if (script->hasSectionsCommand)
if (!config->zSeparateCode)
return;

for (Partition &part : partitions) {
Expand Down
6 changes: 3 additions & 3 deletions lld/test/ELF/avoid-empty-program-headers.s
View file
Expand Up @@ -42,8 +42,8 @@ _start:
// CHECK-NEXT: Offset: 0x1000
// CHECK-NEXT: VirtualAddress: 0x201000
// CHECK-NEXT: PhysicalAddress: 0x201000
// CHECK-NEXT: FileSize: 4096
// CHECK-NEXT: MemSize: 4096
// CHECK-NEXT: FileSize: 1
// CHECK-NEXT: MemSize: 1
// CHECK-NEXT: Flags [ (0x5)
// CHECK-NEXT: PF_R (0x4)
// CHECK-NEXT: PF_X (0x1)
Expand All @@ -52,7 +52,7 @@ _start:
// CHECK-NEXT: }
// CHECK-NEXT: ProgramHeader {
// CHECK-NEXT: Type: PT_TLS (0x7)
// CHECK-NEXT: Offset: 0x2000
// CHECK-NEXT: Offset: 0x1001
// CHECK-NEXT: VirtualAddress: 0x201001
// CHECK-NEXT: PhysicalAddress: 0x201001
// CHECK-NEXT: FileSize: 0
Expand Down
14 changes: 7 additions & 7 deletions lld/test/ELF/basic-aarch64.s
View file
Expand Up @@ -26,7 +26,7 @@ _start:
# CHECK-NEXT: Version: 1
# CHECK-NEXT: Entry: [[ENTRY:0x[0-9A-F]+]]
# CHECK-NEXT: ProgramHeaderOffset: 0x40
# CHECK-NEXT: SectionHeaderOffset: 0x11088
# CHECK-NEXT: SectionHeaderOffset: 0x10098
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: HeaderSize: 64
Expand Down Expand Up @@ -76,7 +76,7 @@ _start:
# CHECK-NEXT: SHF_STRINGS (0x20)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x11000
# CHECK-NEXT: Offset: 0x1000C
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -90,7 +90,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x11008
# CHECK-NEXT: Offset: 0x10018
# CHECK-NEXT: Size: 72
# CHECK-NEXT: Link: 5
# CHECK-NEXT: Info: 2
Expand All @@ -104,7 +104,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x11050
# CHECK-NEXT: Offset: 0x10060
# CHECK-NEXT: Size: 42
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -118,7 +118,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x1107A
# CHECK-NEXT: Offset: 0x1008A
# CHECK-NEXT: Size: 13
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand Down Expand Up @@ -185,8 +185,8 @@ _start:
# CHECK-NEXT: Offset: 0x1000
# CHECK-NEXT: VirtualAddress: 0x210000
# CHECK-NEXT: PhysicalAddress: 0x210000
# CHECK-NEXT: FileSize: 4096
# CHECK-NEXT: MemSize: 4096
# CHECK-NEXT: FileSize: 12
# CHECK-NEXT: MemSize: 12
# CHECK-NEXT: Flags [ (0x5)
# CHECK-NEXT: PF_R (0x4)
# CHECK-NEXT: PF_X (0x1)
Expand Down
14 changes: 7 additions & 7 deletions lld/test/ELF/basic-i386.s
View file
Expand Up @@ -25,7 +25,7 @@ _start:
# CHECK-NEXT: Version: 1
# CHECK-NEXT: Entry: 0x401000
# CHECK-NEXT: ProgramHeaderOffset: 0x34
# CHECK-NEXT: SectionHeaderOffset: 0x205C
# CHECK-NEXT: SectionHeaderOffset: 0x1068
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: HeaderSize: 52
Expand Down Expand Up @@ -75,7 +75,7 @@ _start:
# CHECK-NEXT: SHF_STRINGS (0x20)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2000
# CHECK-NEXT: Offset: 0x100C
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -89,7 +89,7 @@ _start:
# CHECK-NEXT: Flags [
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2008
# CHECK-NEXT: Offset: 0x1014
# CHECK-NEXT: Size: 32
# CHECK-NEXT: Link: 5
# CHECK-NEXT: Info: 1
Expand All @@ -103,7 +103,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2028
# CHECK-NEXT: Offset: 0x1034
# CHECK-NEXT: Size: 42
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -117,7 +117,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2052
# CHECK-NEXT: Offset: 0x105E
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand Down Expand Up @@ -155,8 +155,8 @@ _start:
# CHECK-NEXT: Offset: 0x1000
# CHECK-NEXT: VirtualAddress: 0x401000
# CHECK-NEXT: PhysicalAddress: 0x401000
# CHECK-NEXT: FileSize: 4096
# CHECK-NEXT: MemSize: 4096
# CHECK-NEXT: FileSize: 12
# CHECK-NEXT: MemSize: 12
# CHECK-NEXT: Flags [ (0x5)
# CHECK-NEXT: PF_R (0x4)
# CHECK-NEXT: PF_X (0x1)
Expand Down
14 changes: 7 additions & 7 deletions lld/test/ELF/basic-ppc.s
View file
Expand Up @@ -28,7 +28,7 @@
// CHECK-NEXT: Version: 1
// CHECK-NEXT: Entry: 0x10010000
// CHECK-NEXT: ProgramHeaderOffset: 0x34
// CHECK-NEXT: SectionHeaderOffset: 0x11044
// CHECK-NEXT: SectionHeaderOffset: 0x10050
// CHECK-NEXT: Flags [ (0x0)
// CHECK-NEXT: ]
// CHECK-NEXT: HeaderSize: 52
Expand Down Expand Up @@ -83,7 +83,7 @@
// CHECK-NEXT: SHF_STRINGS (0x20)
// CHECK-NEXT: ]
// CHECK-NEXT: Address: 0x0
// CHECK-NEXT: Offset: 0x11000
// CHECK-NEXT: Offset: 0x1000C
// CHECK-NEXT: Size: 8
// CHECK-NEXT: Link: 0
// CHECK-NEXT: Info: 0
Expand All @@ -97,7 +97,7 @@
// CHECK-NEXT: Flags [ (0x0)
// CHECK-NEXT: ]
// CHECK-NEXT: Address: 0x0
// CHECK-NEXT: Offset: 0x11008
// CHECK-NEXT: Offset: 0x10014
// CHECK-NEXT: Size: 16
// CHECK-NEXT: Link: 5
// CHECK-NEXT: Info: 1
Expand All @@ -114,7 +114,7 @@
// CHECK-NEXT: Flags [ (0x0)
// CHECK-NEXT: ]
// CHECK-NEXT: Address: 0x0
// CHECK-NEXT: Offset: 0x11018
// CHECK-NEXT: Offset: 0x10024
// CHECK-NEXT: Size: 42
// CHECK-NEXT: Link: 0
// CHECK-NEXT: Info: 0
Expand All @@ -128,7 +128,7 @@
// CHECK-NEXT: Flags [ (0x0)
// CHECK-NEXT: ]
// CHECK-NEXT: Address: 0x0
// CHECK-NEXT: Offset: 0x11042
// CHECK-NEXT: Offset: 0x1004E
// CHECK-NEXT: Size: 1
// CHECK-NEXT: Link: 0
// CHECK-NEXT: Info: 0
Expand Down Expand Up @@ -169,8 +169,8 @@
// CHECK-NEXT: Offset: 0x1000
// CHECK-NEXT: VirtualAddress: 0x10010000
// CHECK-NEXT: PhysicalAddress: 0x10010000
// CHECK-NEXT: FileSize: 4096
// CHECK-NEXT: MemSize: 4096
// CHECK-NEXT: FileSize: 12
// CHECK-NEXT: MemSize: 12
// CHECK-NEXT: Flags [ (0x5)
// CHECK-NEXT: PF_R (0x4)
// CHECK-NEXT: PF_X (0x1)
Expand Down
14 changes: 7 additions & 7 deletions lld/test/ELF/basic-sparcv9.s
View file
Expand Up @@ -26,7 +26,7 @@ _start:
# CHECK-NEXT: Version: 1
# CHECK-NEXT: Entry: [[ENTRY:0x[0-9A-F]+]]
# CHECK-NEXT: ProgramHeaderOffset: 0x40
# CHECK-NEXT: SectionHeaderOffset: 0x102070
# CHECK-NEXT: SectionHeaderOffset: 0x100080
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: HeaderSize: 64
Expand Down Expand Up @@ -76,7 +76,7 @@ _start:
# CHECK-NEXT: SHF_STRINGS (0x20)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x102000
# CHECK-NEXT: Offset: 0x10000C
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -90,7 +90,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x102008
# CHECK-NEXT: Offset: 0x100018
# CHECK-NEXT: Size: 48
# CHECK-NEXT: Link: 5
# CHECK-NEXT: Info: 1
Expand All @@ -104,7 +104,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x102038
# CHECK-NEXT: Offset: 0x100048
# CHECK-NEXT: Size: 42
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -118,7 +118,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x102062
# CHECK-NEXT: Offset: 0x100072
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand Down Expand Up @@ -176,8 +176,8 @@ _start:
# CHECK-NEXT: Offset: 0x100000
# CHECK-NEXT: VirtualAddress: 0x200000
# CHECK-NEXT: PhysicalAddress: 0x200000
# CHECK-NEXT: FileSize: 8192
# CHECK-NEXT: MemSize: 8192
# CHECK-NEXT: FileSize: 12
# CHECK-NEXT: MemSize: 12
# CHECK-NEXT: Flags [ (0x5)
# CHECK-NEXT: PF_R (0x4)
# CHECK-NEXT: PF_X (0x1)
Expand Down
14 changes: 7 additions & 7 deletions lld/test/ELF/basic.s
View file
Expand Up @@ -28,7 +28,7 @@ _start:
# CHECK-NEXT: Version: 1
# CHECK-NEXT: Entry: [[ENTRY:0x[0-9A-F]+]]
# CHECK-NEXT: ProgramHeaderOffset: 0x40
# CHECK-NEXT: SectionHeaderOffset: 0x2070
# CHECK-NEXT: SectionHeaderOffset: 0x1080
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: HeaderSize: 64
Expand Down Expand Up @@ -78,7 +78,7 @@ _start:
# CHECK-NEXT: SHF_STRINGS (0x20)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2000
# CHECK-NEXT: Offset: 0x1010
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -92,7 +92,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2008
# CHECK-NEXT: Offset: 0x1018
# CHECK-NEXT: Size: 48
# CHECK-NEXT: Link: 5
# CHECK-NEXT: Info: 1
Expand All @@ -106,7 +106,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2038
# CHECK-NEXT: Offset: 0x1048
# CHECK-NEXT: Size: 42
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand All @@ -120,7 +120,7 @@ _start:
# CHECK-NEXT: Flags [ (0x0)
# CHECK-NEXT: ]
# CHECK-NEXT: Address: 0x0
# CHECK-NEXT: Offset: 0x2062
# CHECK-NEXT: Offset: 0x1072
# CHECK-NEXT: Size: 8
# CHECK-NEXT: Link: 0
# CHECK-NEXT: Info: 0
Expand Down Expand Up @@ -178,8 +178,8 @@ _start:
# CHECK-NEXT: Offset: 0x1000
# CHECK-NEXT: VirtualAddress: 0x201000
# CHECK-NEXT: PhysicalAddress: 0x201000
# CHECK-NEXT: FileSize: 4096
# CHECK-NEXT: MemSize: 4096
# CHECK-NEXT: FileSize: 16
# CHECK-NEXT: MemSize: 16
# CHECK-NEXT: Flags [ (0x5)
# CHECK-NEXT: PF_R (0x4)
# CHECK-NEXT: PF_X (0x1)
Expand Down
6 changes: 3 additions & 3 deletions lld/test/ELF/build-id.s
View file
Expand Up @@ -65,15 +65,15 @@ _start:
# DEFAULT: Contents of section .note.test:
# DEFAULT: Contents of section .note.gnu.build-id:
# DEFAULT-NEXT: 04000000 08000000 03000000 474e5500 ............GNU.
# DEFAULT-NEXT: 95849665 2621c734
# DEFAULT-NEXT: 605e19a6 30469e00

# MD5: Contents of section .note.gnu.build-id:
# MD5-NEXT: 04000000 10000000 03000000 474e5500 ............GNU.
# MD5-NEXT: 1882c01f 71698eed 229b3994 eb554c80
# MD5-NEXT: adbf65c5 42b4a428 184fd7c9 099cdc29

# SHA1: Contents of section .note.gnu.build-id:
# SHA1-NEXT: 04000000 14000000 03000000 474e5500 ............GNU.
# SHA1-NEXT: 96820adf d90d5470 0a0c32ff a88c4017
# SHA1-NEXT: fe148fd4 1add2878 6b298b61 5880148b

# UUID: Contents of section .note.gnu.build-id:
# UUID-NEXT: 04000000 10000000 03000000 474e5500 ............GNU.
Expand Down

0 comments on commit 5391f15

Please sign in to comment.