From 6a4225962d85bf41282cf549d6acd10ceb2ce9b3 Mon Sep 17 00:00:00 2001 From: Peter Collingbourne Date: Tue, 3 May 2016 01:21:08 +0000 Subject: [PATCH] ELF: Forbid all relative relocations to absolute symbols in PIC, except for weak undefined. Weak undefined symbols resolve to the image base. This is a little strange, but it allows us to link function calls to such symbols. Normally such a call will be guarded with a comparison, which will load a zero from the GOT. There's one example of such a function call in crti.o in Linux's CRT. As part of this change, I also needed to make the synthetic start and end symbols image base relative in the case where their sections were empty, so that PC-relative references to those symbols would continue to work. Differential Revision: http://reviews.llvm.org/D19844 llvm-svn: 268350 --- lld/ELF/OutputSections.cpp | 2 +- lld/ELF/SymbolTable.cpp | 2 +- lld/ELF/SymbolTable.h | 2 +- lld/ELF/Symbols.cpp | 9 ++++-- lld/ELF/Symbols.h | 5 ++-- lld/ELF/Writer.cpp | 42 +++++++++++++++++++--------- lld/test/ELF/relocation-relative-absolute.s | 12 ++++++++ lld/test/ELF/relocation-relative-synthetic.s | 11 ++++++++ lld/test/ELF/relocation-relative-weak.s | 14 ++++++++++ 9 files changed, 78 insertions(+), 21 deletions(-) create mode 100644 lld/test/ELF/relocation-relative-absolute.s create mode 100644 lld/test/ELF/relocation-relative-synthetic.s create mode 100644 lld/test/ELF/relocation-relative-weak.s diff --git a/lld/ELF/OutputSections.cpp b/lld/ELF/OutputSections.cpp index 922de77..94d3f68 100644 --- a/lld/ELF/OutputSections.cpp +++ b/lld/ELF/OutputSections.cpp @@ -1496,7 +1496,7 @@ const OutputSectionBase * SymbolTableSection::getOutputSection(SymbolBody *Sym) { switch (Sym->kind()) { case SymbolBody::DefinedSyntheticKind: - return &cast>(Sym)->Section; + return cast>(Sym)->Section; case SymbolBody::DefinedRegularKind: { auto &D = cast>(*Sym); if (D.Section) diff --git a/lld/ELF/SymbolTable.cpp b/lld/ELF/SymbolTable.cpp index 53a2929..b0bd525 100644 --- a/lld/ELF/SymbolTable.cpp +++ b/lld/ELF/SymbolTable.cpp @@ -388,7 +388,7 @@ Symbol *SymbolTable::addRegular(StringRef Name, uint8_t Binding, template Symbol *SymbolTable::addSynthetic(StringRef N, - OutputSectionBase &Section, + OutputSectionBase *Section, uintX_t Value) { Symbol *S; bool WasInserted; diff --git a/lld/ELF/SymbolTable.h b/lld/ELF/SymbolTable.h index 16de475..0a942fa 100644 --- a/lld/ELF/SymbolTable.h +++ b/lld/ELF/SymbolTable.h @@ -64,7 +64,7 @@ public: Symbol *addRegular(StringRef Name, const Elf_Sym &Sym, InputSectionBase *Section); Symbol *addRegular(StringRef Name, uint8_t Binding, uint8_t StOther); - Symbol *addSynthetic(StringRef N, OutputSectionBase &Section, + Symbol *addSynthetic(StringRef N, OutputSectionBase *Section, uintX_t Value); void addShared(SharedFile *F, StringRef Name, const Elf_Sym &Sym, const typename ELFT::Verdef *Verdef); diff --git a/lld/ELF/Symbols.cpp b/lld/ELF/Symbols.cpp index 4e94229..2768f18 100644 --- a/lld/ELF/Symbols.cpp +++ b/lld/ELF/Symbols.cpp @@ -36,9 +36,12 @@ static typename ELFT::uint getSymVA(const SymbolBody &Body, switch (Body.kind()) { case SymbolBody::DefinedSyntheticKind: { auto &D = cast>(Body); + const OutputSectionBase *Sec = D.Section; + if (!Sec) + return D.Value; if (D.Value == DefinedSynthetic::SectionEnd) - return D.Section.getVA() + D.Section.getSize(); - return D.Section.getVA() + D.Value; + return Sec->getVA() + Sec->getSize(); + return Sec->getVA() + D.Value; } case SymbolBody::DefinedRegularKind: { auto &D = cast>(Body); @@ -208,7 +211,7 @@ Undefined::Undefined(uint32_t NameOffset, uint8_t StOther, uint8_t Type) template DefinedSynthetic::DefinedSynthetic(StringRef N, uintX_t Value, - OutputSectionBase &Section) + OutputSectionBase *Section) : Defined(SymbolBody::DefinedSyntheticKind, N, STV_HIDDEN, 0 /* Type */), Value(Value), Section(Section) {} diff --git a/lld/ELF/Symbols.h b/lld/ELF/Symbols.h index 16ca122..b66abb4 100644 --- a/lld/ELF/Symbols.h +++ b/lld/ELF/Symbols.h @@ -237,11 +237,12 @@ InputSectionBase *DefinedRegular::NullInputSection; // The difference from the regular symbol is that DefinedSynthetic symbols // don't belong to any input files or sections. Thus, its constructor // takes an output section to calculate output VA, etc. +// If Section is null, this symbol is relative to the image base. template class DefinedSynthetic : public Defined { public: typedef typename ELFT::uint uintX_t; DefinedSynthetic(StringRef N, uintX_t Value, - OutputSectionBase &Section); + OutputSectionBase *Section); static bool classof(const SymbolBody *S) { return S->kind() == SymbolBody::DefinedSyntheticKind; @@ -252,7 +253,7 @@ public: static const uintX_t SectionEnd = uintX_t(-1); uintX_t Value; - const OutputSectionBase &Section; + const OutputSectionBase *Section; }; class Undefined : public SymbolBody { diff --git a/lld/ELF/Writer.cpp b/lld/ELF/Writer.cpp index 00004e7..093fac8 100644 --- a/lld/ELF/Writer.cpp +++ b/lld/ELF/Writer.cpp @@ -454,6 +454,20 @@ static bool isRelRelative(RelExpr E, uint32_t Type, const SymbolBody &Body) { if (!AbsVal && RelE) return true; + // Relative relocation to an absolute value. This is normally unrepresentable, + // but if the relocation refers to a weak undefined symbol, we allow it to + // resolve to the image base. This is a little strange, but it allows us to + // link function calls to such symbols. Normally such a call will be guarded + // with a comparison, which will load a zero from the GOT. + if (AbsVal && RelE) { + if (Body.isUndefined() && !Body.isLocal() && Body.symbol()->isWeak()) + return true; + StringRef S = getELFRelocationTypeName(Config->EMachine, Type); + error("relocation " + S + " cannot refer to absolute symbol " + + Body.getName()); + return true; + } + return Target->usesOnlyLowPageBits(Type); } @@ -1067,7 +1081,7 @@ bool Writer::isDiscarded(InputSectionBase *S) const { template static Symbol *addOptionalSynthetic(SymbolTable &Table, StringRef Name, - OutputSectionBase &Sec, + OutputSectionBase *Sec, typename ELFT::uint Val) { if (!Table.find(Name)) return nullptr; @@ -1084,10 +1098,10 @@ template void Writer::addRelIpltSymbols() { if (isOutputDynamic() || !Out::RelaPlt) return; StringRef S = Config->Rela ? "__rela_iplt_start" : "__rel_iplt_start"; - addOptionalSynthetic(Symtab, S, *Out::RelaPlt, 0); + addOptionalSynthetic(Symtab, S, Out::RelaPlt, 0); S = Config->Rela ? "__rela_iplt_end" : "__rel_iplt_end"; - addOptionalSynthetic(Symtab, S, *Out::RelaPlt, + addOptionalSynthetic(Symtab, S, Out::RelaPlt, DefinedSynthetic::SectionEnd); } @@ -1189,18 +1203,18 @@ template void Writer::addReservedSymbols() { // so that it points to an absolute address which is relative to GOT. // See "Global Data Symbols" in Chapter 6 in the following document: // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf - Symtab.addSynthetic("_gp", *Out::Got, MipsGPOffset); + Symtab.addSynthetic("_gp", Out::Got, MipsGPOffset); // On MIPS O32 ABI, _gp_disp is a magic symbol designates offset between // start of function and 'gp' pointer into GOT. ElfSym::MipsGpDisp = - addOptionalSynthetic(Symtab, "_gp_disp", *Out::Got, MipsGPOffset) + addOptionalSynthetic(Symtab, "_gp_disp", Out::Got, MipsGPOffset) ->body(); // The __gnu_local_gp is a magic symbol equal to the current value of 'gp' // pointer. This symbol is used in the code generated by .cpload pseudo-op // in case of using -mno-shared option. // https://sourceware.org/ml/binutils/2004-12/msg00094.html - addOptionalSynthetic(Symtab, "__gnu_local_gp", *Out::Got, + addOptionalSynthetic(Symtab, "__gnu_local_gp", Out::Got, MipsGPOffset); } @@ -1327,7 +1341,7 @@ template void Writer::createSections() { // Even the author of gold doesn't remember why gold behaves that way. // https://sourceware.org/ml/binutils/2002-03/msg00360.html if (isOutputDynamic()) - Symtab.addSynthetic("_DYNAMIC", *Out::Dynamic, 0); + Symtab.addSynthetic("_DYNAMIC", Out::Dynamic, 0); // Define __rel[a]_iplt_{start,end} symbols if needed. addRelIpltSymbols(); @@ -1487,11 +1501,13 @@ template void Writer::addStartEndSymbols() { auto Define = [&](StringRef Start, StringRef End, OutputSectionBase *OS) { if (OS) { - this->Symtab.addSynthetic(Start, *OS, 0); - this->Symtab.addSynthetic(End, *OS, DefinedSynthetic::SectionEnd); + this->Symtab.addSynthetic(Start, OS, 0); + this->Symtab.addSynthetic(End, OS, DefinedSynthetic::SectionEnd); } else { - this->Symtab.addIgnored(Start); - this->Symtab.addIgnored(End); + addOptionalSynthetic(this->Symtab, Start, + (OutputSectionBase *)nullptr, 0); + addOptionalSynthetic(this->Symtab, End, + (OutputSectionBase *)nullptr, 0); } }; @@ -1518,10 +1534,10 @@ void Writer::addStartStopSymbols(OutputSectionBase *Sec) { StringRef Stop = Saver.save("__stop_" + S); if (SymbolBody *B = Symtab.find(Start)) if (B->isUndefined()) - Symtab.addSynthetic(Start, *Sec, 0); + Symtab.addSynthetic(Start, Sec, 0); if (SymbolBody *B = Symtab.find(Stop)) if (B->isUndefined()) - Symtab.addSynthetic(Stop, *Sec, DefinedSynthetic::SectionEnd); + Symtab.addSynthetic(Stop, Sec, DefinedSynthetic::SectionEnd); } template static bool needsPtLoad(OutputSectionBase *Sec) { diff --git a/lld/test/ELF/relocation-relative-absolute.s b/lld/test/ELF/relocation-relative-absolute.s new file mode 100644 index 0000000..5253191 --- /dev/null +++ b/lld/test/ELF/relocation-relative-absolute.s @@ -0,0 +1,12 @@ +# REQUIRES: x86 +# RUN: llvm-mc -filetype=obj -triple=x86_64-pc-linux %s -o %t.o +# RUN: not ld.lld %t.o -o %t -pie 2>&1 | FileCheck %s + +.globl _start +_start: + +# CHECK: relocation R_X86_64_PLT32 cannot refer to absolute symbol answer +call answer@PLT + +.globl answer +answer = 42 diff --git a/lld/test/ELF/relocation-relative-synthetic.s b/lld/test/ELF/relocation-relative-synthetic.s new file mode 100644 index 0000000..f4d449b --- /dev/null +++ b/lld/test/ELF/relocation-relative-synthetic.s @@ -0,0 +1,11 @@ +# REQUIRES: x86 +# RUN: llvm-mc -filetype=obj -triple=x86_64-pc-linux %s -o %t.o +# RUN: ld.lld %t.o -o %t -pie +# RUN: llvm-readobj -dyn-relocations %t | FileCheck %s + +# CHECK: Dynamic Relocations { +# CHECK-NEXT: } + +.globl _start +_start: +call __init_array_start@PLT diff --git a/lld/test/ELF/relocation-relative-weak.s b/lld/test/ELF/relocation-relative-weak.s new file mode 100644 index 0000000..c525012 --- /dev/null +++ b/lld/test/ELF/relocation-relative-weak.s @@ -0,0 +1,14 @@ +# REQUIRES: x86 +# RUN: llvm-mc -filetype=obj -triple=x86_64-pc-linux %s -o %t.o +# RUN: ld.lld %t.o -o %t -pie +# RUN: llvm-readobj -dyn-relocations %t | FileCheck %s + +# CHECK: Dynamic Relocations { +# CHECK-NEXT: } + +.globl _start +_start: + +.globl w +.weak w +call w@PLT -- 2.7.4