Commit dd7e64d45b may optimize out
i386/x86-64 JUMP_SLOT relocation. If there is no JUMP_SLOT relocation
left, we don't need to the first .plt entry. This patch allocates
space for the first .plt entry only if we also reserve space for a PLT
slot for JUMP_SLOT relocation.
bfd/
* elf32-i386.c (elf_i386_allocate_dynrelocs): Allocate space
for the first .plt entry only if needed.
* elf64-x86-64.c (elf_x86_64_allocate_dynrelocs): Likewise.
ld/testsuite/
* ld-i386/i386.exp: Run pltgot-1 for Linux targets.
* ld-x86-64/x86-64.exp: Likewise.
* ld-i386/pltgot-1.d: New file.
* ld-i386/pltgot-1.s: Likewise.
* ld-x86-64/pltgot-1.d: Likewise.
* ld-x86-64/pltgot-1.s: Likewise.
The linker tries to put the end of the last section in the relro
segment exactly on a page boundary, because the relro segment itself
must end on a page boundary. If for any reason this can't be done,
padding is inserted. Since the end of the relro segment is typically
between .got and .got.plt, padding effectively increases the size of
the GOT. This isn't nice for targets and code models with limited GOT
addressing.
The problem with the current code is that it doesn't cope very well
with aligned sections in the relro segment. When making .got aligned
to a 256 byte boundary for PowerPC64, I found that often the initial
alignment attempt failed and the fallback attempt to be less than
adequate. This is a particular problem for PowerPC64 since the
distance between .got and .plt affects the size of plt call stubs,
leading to "stubs don't match calculated size" errors.
So this rewrite takes a direct approach to calculating a new relro
base. Starting from the last section in the segment, we calculate
where it must start to position its end on the boundary, or as near as
possible considering alignment requirements. The new start then
becomes the goal for the previous section to end, and so on for all
sections. This of course ignores the possibility that user scripts
will place . = ALIGN(xxx); in the relro segment, or provide section
address expressions. In those cases we might fail, but the old code
probably did too, and a fallback is provided.
ld/
* ldexp.h (struct ldexp_control): Delete dataseg.min_base. Add
data_seg.relro_offset.
* ldexp.c (fold_binary <DATA_SEGMENT_ALIGN>): Don't set min_base.
(fold_binary <DATA_SEGMENT_RELRO_END>): Do set relro_offset.
* ldlang.c (lang_size_sections): Rewrite code adjusting relro
segment base to line up last section on page boundary.
ld/testsuite/
* ld-x86-64/pr18176.d: Update.
Address of protected data defined in the shared library may be external,
i.e., due to copy relocation. By default, linker backend checks if
relocations against protected data symbols are valid for building shared
library and issues an error if relocation isn't allowed. The new option
override linker backend default. When -z noextern-protected-data is used,
updates on protected data symbols by another module won't be visibile
to the resulting shared library. This option is specific to ELF/i386
and ELF/x86-64.
bfd/
PR ld/pr17709
* elflink.c (_bfd_elf_adjust_dynamic_copy): Check
info->extern_protected_data when warning copy relocs against
protected symbols.
(_bfd_elf_symbol_refs_local_p): Check info->extern_protected_data
when checking protected non-function symbols.
include/
PR ld/pr17709
* bfdlink.h (bfd_link_info): Add extern_protected_data.
ld/
PR ld/pr17709
* ld.texinfo: Document "-z noextern-protected-data".
* ldmain.c (main): Initialize link_info.extern_protected_data
to -1.
* lexsup.c (elf_shlib_list_options): Add
"-z [no]extern-protected-data".
* emulparams/elf32_x86_64.sh: Source extern_protected_data.sh.
* emulparams/elf_i386.sh: Likewise.
* emulparams/elf_i386_be.sh: Likewise.
* emulparams/elf_i386_chaos.sh: Likewise.
* emulparams/elf_i386_ldso.sh: Likewise.
* emulparams/elf_i386_vxworks.sh: Likewise.
* emulparams/elf_k1om.sh: Likewise.
* emulparams/elf_l1om.sh: Likewise.
* emulparams/elf_x86_64.sh: Source extern_protected_data.sh.
(PARSE_AND_LIST_OPTIONS): Renamed to ...
(PARSE_AND_LIST_OPTIONS_BNDPLT): This.
(PARSE_AND_LIST_ARGS_CASE_Z): Renamed to ...
(PARSE_AND_LIST_ARGS_CASE_Z_BNDPLT): This.
(PARSE_AND_LIST_OPTIONS): Append $PARSE_AND_LIST_OPTIONS_BNDPLT.
(PARSE_AND_LIST_ARGS_CASE_Z): Append
$PARSE_AND_LIST_ARGS_CASE_Z_BNDPLT.
* emulparams/extern_protected_data.sh: New file.
ld/testsuite/
PR ld/pr17709
* ld-i386/i386.exp: Run protected6b.
* ld-i386/protected6b.d: New file.
* ld-x86-64/protected6b.d: Likewise.
* ld-x86-64/x86-64.exp: Run protected6b.
When checking R_386_GOTOFF/R_X86_64_GOTOFF64 for building shared library,
we should check SYMBOL_REFERENCES_LOCAL instead of SYMBOLIC_BIND to cover
more cases.
bfd/
* elf32-i386.c (elf_i386_relocate_section): Replace SYMBOLIC_BIND
with SYMBOL_REFERENCES_LOCAL when checking R_386_GOTOFF against
protected data symbol when building shared library.
* elf64-x86-64.c (elf_x86_64_relocate_section): Check
R_X86_64_GOTOFF64 against undefined symbol and replace
SYMBOLIC_BIND with SYMBOL_REFERENCES_LOCAL when checking
R_X86_64_GOTOFF64 against protected data symbol when building
shared library.
ld/testsuite/
* ld-i386/i386.exp: Run protected6a.
* ld-i386/protected6.d: Renamed to ...
* ld-i386/protected6a.d: This.
* ld-x86-64/hidden4.d: New file.
* ld-x86-64/hidden4.s: Likewise.
* ld-x86-64/hidden5.d: Likewise.
* ld-x86-64/hidden5.s: Likewise.
* ld-x86-64/protected6.d: Renamed to ...
* ld-x86-64/protected6a.d: This.
* ld-x86-64/x86-64.exp: Run hidden4, hidden5, protected6a,
protected7a and protected7b.
R_386_GOTOFF/R_X86_64_GOTOFF64 relocation shouldn't be used against
protected data symbol on x86 since with copy relocation, address of
protected data defined in the shared library may be external.
This patch will break building shared libraries with protected data
symbols using GCCs older than GCC 5 without the bug fix for
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65248
GCC backport request should be made in the GCC bug report above.
bfd/
PR ld/pr17709
* elf32-i386.c (elf_i386_relocate_section): Also check R_386_GOTOFF
against protected data symbol when building shared library.
* elf64-x86-64.c (elf_x86_64_relocate_section): Also check
R_X86_64_GOTOFF64 against protected data symbol when building
shared library.
ld/testsuite/
PR ld/pr17709
* ld-i386/protected6.d: New file.
* ld-i386/protected6.s: Likewise.
* ld-x86-64/protected6.d: Likewise.
* ld-x86-64/protected6.s: Likewise.
* ld-x86-64/protected7.d: Likewise.
* ld-x86-64/protected7.s: Likewise.
* ld-x86-64/protected7a.d: Likewise.
* ld-x86-64/protected7b.d: Likewise.
Re-apply: commit ca3fe95e46
With copy relocation, address of protected data defined in the shared
library may be external. This patch adds extern_protected_data and
changes _bfd_elf_symbol_refs_local_p to return false for protected data
if extern_protected_data is true.
This patch will break building shared libraries with protected data
symbols using GCCs older than GCC 5 without the bug fix for
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65248
GCC backport request should be made in the GCC bug report above.
To get correct run-time behavior on Linux, glibc 2.22 or above are
required, which have the bug fix for
https://sourceware.org/bugzilla/show_bug.cgi?id=17711
Backports for glibc 2.21, 2.20, 2.19 and 2.18 are on hjl/pr17711/2.21,
hjl/pr17711/2.20, hjl/pr17711/2.19 and hjl/pr17711/2.18 branches,
respectively, at
https://sourceware.org/git/?p=glibc.git;a=summary
bfd/
PR ld/pr15228
PR ld/pr17709
* elf-bfd.h (elf_backend_data): Add extern_protected_data.
* elf32-i386.c (elf_backend_extern_protected_data): New.
Defined to 1.
* elf64-x86-64.c (elf_backend_extern_protected_data): Likewise.
* elflink.c (_bfd_elf_adjust_dynamic_copy): Don't error on
copy relocs against protected symbols if extern_protected_data
is true.
(_bfd_elf_symbol_refs_local_p): Don't return true on protected
non-function symbols if extern_protected_data is true.
* elfxx-target.h (elf_backend_extern_protected_data): New.
Default to 0.
(elfNN_bed): Initialize extern_protected_data with
elf_backend_extern_protected_data.
ld/testsuite/
PR ld/pr15228
PR ld/pr17709
* ld-i386/i386.exp (i386tests): Add a test for PR ld/17709.
* ld-i386/pr17709-nacl.rd: New file.
* ld-i386/pr17709.rd: Likewise.
* ld-i386/pr17709a.s: Likewise.
* ld-i386/pr17709b.s: Likewise.
* ld-i386/protected3.d: Updated.
* ld-i386/protected3.s: Likewise.
* ld-x86-64/pr17709-nacl.rd: New file.
* ld-x86-64/pr17709.rd: Likewise.
* ld-x86-64/pr17709a.s: Likewise.
* ld-x86-64/pr17709b.s: Likewise.
* ld-x86-64/protected3.d: Updated.
* ld-x86-64/protected3.s: Likewise.
* ld-x86-64/x86-64.exp (x86_64tests): Add a test for PR ld/17709.
With copy relocation, address of protected data defined in the shared
library may be external. This patch adds extern_protected_data and
changes _bfd_elf_symbol_refs_local_p to return false for protected data
if extern_protected_data is true.
bfd/
PR ld/pr15228
PR ld/pr17709
* elf-bfd.h (elf_backend_data): Add extern_protected_data.
* elf32-i386.c (elf_backend_extern_protected_data): New.
Defined to 1.
* elf64-x86-64.c (elf_backend_extern_protected_data): Likewise.
* elflink.c (_bfd_elf_adjust_dynamic_copy): Don't error on
copy relocs against protected symbols if extern_protected_data
is true.
(_bfd_elf_symbol_refs_local_p): Don't return true on protected
non-function symbols if extern_protected_data is true.
* elfxx-target.h (elf_backend_extern_protected_data): New.
Default to 0.
(elfNN_bed): Initialize extern_protected_data with
elf_backend_extern_protected_data.
ld/testsuite/
PR ld/pr15228
PR ld/pr17709
* ld-i386/i386.exp (i386tests): Add a test for PR ld/17709.
* ld-i386/pr17709-nacl.rd: New file.
* ld-i386/pr17709.rd: Likewise.
* ld-i386/pr17709a.s: Likewise.
* ld-i386/pr17709b.s: Likewise.
* ld-i386/protected3.d: Updated.
* ld-i386/protected3.s: Likewise.
* ld-x86-64/pr17709-nacl.rd: New file.
* ld-x86-64/pr17709.rd: Likewise.
* ld-x86-64/pr17709a.s: Likewise.
* ld-x86-64/pr17709b.s: Likewise.
* ld-x86-64/protected3.d: Updated.
* ld-x86-64/protected3.s: Likewise.
* ld-x86-64/x86-64.exp (x86_64tests): Add a test for PR ld/17709.
I was having a little closer look at what is going on here and noticed
that HJ unconditionally emits a NULL STT_FILE symbol before emitting
forced local symbols. That means we really don't need a second pass
over forced local symbols. The only reason for two passes is when
some forced local symbol can be emitted before the NULL STT_FILE. So
I set about removing the second pass, updating the testsuite all over
again. It's also unnecessary to emit the NULL STT_FILE when no
previous file symbol has been emitted.
bfd/
PR ld/17975
* elflink.c (struct elf_outext_info): Remove need_second_pass
and second_pass.
(elf_link_output_extsym): Delete code handling second forced
local pass. Move code emitting NULL STT_FILE symbol later, so
that it can be omitted if forced local is stripped. Don't
emit the NULL STT_FILE if no file symbols have been output.
(bfd_elf_final_link): Remove second forced local pass.
* elf32-ppc.c (add_stub_sym): Set linker_def on linker syms.
(ppc_elf_size_dynamic_sections): Likewise.
* elf64-ppc.c (ppc_build_one_stub): Likewise.
(build_global_entry_stubs): Likewise.
(ppc64_elf_build_stubs): Likewise.
ld/testsuite/
PR ld/17975
* ld-aarch64/gc-tls-relocs.d, * ld-alpha/tlspic.rd,
* ld-cris/libdso-2.d, * ld-i386/tlsdesc-nacl.rd, * ld-i386/tlsdesc.rd,
* ld-i386/tlsnopic-nacl.rd, * ld-i386/tlsnopic.rd,
* ld-i386/tlspic-nacl.rd, * ld-i386/tlspic.rd, * ld-ia64/tlspic.rd,
* ld-powerpc/tlsexe.r, * ld-powerpc/tlsexetoc.r,
* ld-powerpc/tlsso.r, * ld-powerpc/tlstocso.r,
* ld-s390/tlspic.rd, * ld-s390/tlspic_64.rd,
* ld-sparc/tlssunnopic32.rd, * ld-sparc/tlssunnopic64.rd,
* ld-sparc/tlssunpic32.rd, * ld-sparc/tlssunpic64.rd,
* ld-tic6x/shlib-1.rd, * ld-tic6x/shlib-1b.rd, * ld-tic6x/shlib-1r.rd,
* ld-tic6x/shlib-1rb.rd, * ld-tic6x/shlib-noindex.rd,
* ld-x86-64/tlsdesc-nacl.rd, * ld-x86-64/tlsdesc.rd,
* ld-x86-64/tlspic-nacl.rd, * ld-x86-64/tlspic.rd: Update.
We output a NULL STT_FILE symbol for forced local symbols so that they
are not associated with the STT_FILE symbol for real local symbols. This
patch makes sure that the NULL STT_FILE symbol is placed before forced
local symbols.
bfd/
PR ld/17975
* elflink.c (elf_link_output_extsym): Only check filesym_count
when outputting a NULL FILE symbol. Set second_pass_sym to
h->forced_local && !h->root.linker_def.
ld/testsuite/
PR ld/17975
* ld-i386/tlsbin-nacl.rd: Likewise.
* ld-i386/tlsbin.rd: Likewise.
* ld-i386/tlsbindesc-nacl.rd: Likewise.
* ld-i386/tlsbindesc.rd: Likewise.
* ld-i386/tlsdesc-nacl.rd: Likewise.
* ld-i386/tlsdesc.rd: Likewise.
* ld-i386/tlsnopic-nacl.rd: Likewise.
* ld-i386/tlsnopic.rd: Likewise.
* ld-i386/tlspic-nacl.rd: Likewise.
* ld-i386/tlspic.rd: Likewise.
* ld-x86-64/tlsbin-nacl.rd: Likewise.
* ld-x86-64/tlsbin.rd: Likewise.
* ld-x86-64/tlsbindesc-nacl.rd: Likewise.
* ld-x86-64/tlsbindesc.rd: Likewise.
* ld-x86-64/tlsdesc-nacl.rd: Likewise.
* ld-x86-64/tlsdesc.rd: Likewise.
* ld-x86-64/tlspic-nacl.rd: Likewise.
* ld-x86-64/tlspic.rd: Likewise.
When building executable, undefined symbol is a fatal error. We don't
complain about -fPIC if the symbol is undefined.
bfd/
PR ld/17847
* elf64-x86-64.c (elf_x86_64_relocate_section): Don't complain
about -fPIC if the symbol is undefined when building executable.
ld/testsuite/
PR ld/17847
* ld-x86-64/pie1.d: New file.
* ld-x86-64/pie1.s: Likwise.
* ld-x86-64/x86-64.exp: Run pie1.
When building PIE, we should only discard space for pc-relative relocs
symbols which turn out to need copy relocs.
bfd/
PR ld/17827
* elf64-x86-64.c (elf_x86_64_allocate_dynrelocs): For PIE,
only discard space for pc-relative relocs symbols which turn
out to need copy relocs.
ld/testsuite/
PR ld/17827
* ld-x86-64/pr17689.out: Updated.
* ld-x86-64/pr17689b.S: Likewise.
* ld-x86-64/pr17827.rd: New file.
* ld-x86-64/x86-64.exp: Run PR ld/17827 test.
The original test output expectations cause it to fail when configure
determines enable_initfini_array=no (which was observed on a cross
build on an old 32-bit host, pointing out that taking into account host
properties in such a case is bogus anyway).
ld/testsuite/
2015-01-08 Jan Beulich <jbeulich@suse.com>
* ld-x86-64/pr14207.d: Adjust expecations to cover the
enable_initfini_array=no case.
When there is a weak symbol with a real definition, the processor
independent code will have arranged for us to see the real definition
first. We need to copy the needs_copy bit from the real definition and
check it when allowing copy reloc in PIE.
bfd/
PR ld/17689
* elf64-x86-64.c (elf_x86_64_link_hash_entry): Add needs_copy.
Change has_bnd_reloc to bit field.
(elf_x86_64_link_hash_newfunc): Initialize needs_copy and
has_bnd_reloc to 0.
(elf_x86_64_check_relocs): Set has_bnd_reloc to 1 instead
of TRUE.
(elf_x86_64_adjust_dynamic_symbol): Copy needs_copy from the
real definition to a weak symbol.
(elf_x86_64_allocate_dynrelocs): Also check needs_copy of a
weak symbol for PIE when discarding space for relocs against
symbols which turn out to need copy relocs.
(elf_x86_64_relocate_section): Also check needs_copy of a
weak symbol for PIE with copy reloc.
ld/testsuite/
PR ld/17689
* ld-x86-64/pr17689.out: New file.
* ld-x86-64/pr17689.rd: Likewise.
* ld-x86-64/pr17689a.c: Likewise.
* ld-x86-64/pr17689b.S: Likewise.
* ld-x86-64/x86-64.exp: Run PR ld/17689 tests.
This patch allows copy relocs for non-GOT pc-relative relocation in PIE.
bfd/
* elf64-x86-64.c (elf_x86_64_create_dynamic_sections): Always
allow copy relocs for building executables.
(elf_x86_64_check_relocs): Allow copy relocs for non-GOT
pc-relative relocation in shared object.
(elf_x86_64_adjust_dynamic_symbol): Allocate copy relocs for
PIE.
(elf_x86_64_relocate_section): Don't copy a pc-relative
relocation into the output file if the symbol needs copy reloc.
ld/testsuite/
* ld-x86-64/copyreloc-lib.c: New file.
* ld-x86-64/copyreloc-main.c: Likewise.
* ld-x86-64/copyreloc-main.out: Likewise.
* ld-x86-64/copyreloc-main1.rd: Likewise.
* ld-x86-64/copyreloc-main2.rd: Likewise.
* ld-x86-64/x86-64.exp: Run copyreloc tests.
When there are both PLT and GOT references to the same function symbol,
linker will create a GOTPLT slot for PLT entry and a GOT slot for GOT
reference. A run-time JUMP_SLOT relocation is created to update the
GOTPLT slot and a run-time GLOB_DAT relocation is created to update the
GOT slot. Both JUMP_SLOT and GLOB_DAT relocations will apply the same
symbol value to GOTPLT and GOT slots, respectively, at run-time.
This optimization combines GOTPLT and GOT slots into a single GOT slot
and removes the run-time JUMP_SLOT relocation. It replaces the regular
PLT entry:
indirect jump [GOTPLT slot]
push relocation index
jump PLT0
with an GOT PLT entry with an indirect jump via the GOT slot:
indirect jump [GOT slot]
nop
and resolves PLT reference to the GOT PLT entry.
We must avoid this optimization if pointer equality is needed since
we don't clear symbol value in this case and the dynamic linker won't
update the GOT slot. Otherwise, the resulting binary will get into an
infinite loop at run-time.
bfd/
* elf32-i386.c (elf_i386_got_plt_entry): New.
(elf_i386_pic_got_plt_entry): Likewise.
(elf_i386_link_hash_entry): Add plt_got.
(elf_i386_link_hash_table): Likewise.
(elf_i386_link_hash_newfunc): Initialize plt_got.offset to -1.
(elf_i386_get_local_sym_hash): Likewise.
(elf_i386_check_relocs): Create the GOT PLT if there are both
PLT and GOT references when the regular PLT is used.
(elf_i386_allocate_dynrelocs): Use the GOT PLT if there are
both PLT and GOT references unless pointer equality is needed.
(elf_i386_relocate_section): Also check the GOT PLT when
resolving R_386_PLT32.
(elf_i386_finish_dynamic_symbol): Use the GOT PLT if it is
available.
* elf64-x86-64.c (elf_x86_64_link_hash_entry): Add plt_got.
(elf_x86_64_link_hash_table): Likewise.
(elf_x86_64_link_hash_newfunc): Initialize plt_got.offset to -1.
(elf_x86_64_get_local_sym_hash): Likewise.
(elf_x86_64_check_relocs): Create the GOT PLT if there are both
PLT and GOT references when the regular PLT is used.
(elf_x86_64_allocate_dynrelocs): Use the GOT PLT if there are
both PLT and GOT references unless pointer equality is needed.
(elf_x86_64_relocate_section): Also check the GOT PLT when
resolving R_X86_64_PLT32.
(elf_x86_64_finish_dynamic_symbol): Use the GOT PLT if it is
available.
ld/
* emulparams/elf_i386.sh (TINY_READONLY_SECTION): New.
* emulparams/elf_x86_64.sh (TINY_READONLY_SECTION): Add .plt.got.
ld/testsuite/
* ld-i386/i386.exp: Add run-time relocation tests for plt-main.
* ld-i386/plt-main.rd: New file.
* ld-x86-64/plt-main-bnd.dd: Likewise.
* ld-x86-64/plt-main.rd: Likewise.
* ld-x86-64/x86-64.exp: Add run-time relocation tests for
plt-main.
Structions with R_X86_64_GOTTPOFF relocation must be encoded with REX
prefix even if it isn't required by destination register. Otherwise
linker can't safely perform IE -> LE optimization.
bfd/
PR ld/17482
* elf64-x86-64.c (elf_x86_64_relocate_section): Update comments
for IE->LE transition.
gas/
PR ld/17482
* config/tc-i386.c (output_insn): Add a dummy REX_OPCODE prefix
for structions with R_X86_64_GOTTPOFF relocation for x32 if needed.
gas/testsuite/
PR ld/17482
* gas/i386/ilp32/x32-tls.d: New file.
* gas/i386/ilp32/x32-tls.s: Likewise.
ld/testsuite/
PR ld/17482
* ld-x86-64/tlsie4.dd: Updated.
Relocations against .got.plt section may not be in the same order as
entries in PLT section. It is incorrect to assume that the Ith reloction
index against .got.plt section always maps to the (I + 1)th entry in PLT
section. This patch matches the .got.plt relocation offset/index in PLT
entry against the index in .got.plt relocation table. It only checks
R_*_JUMP_SLOT and R_*_IRELATIVE relocations. It ignores R_*_TLS_DESC
and R_*_TLSDESC relocations since they have different PLT entries.
bfd/
PR binutils/17154
* elf32-i386.c (elf_i386_plt_sym_val): Only match R_*_JUMP_SLOT
and R_*_IRELATIVE relocation offset with PLT entry.
* elf64-x86-64.c (elf_x86_64_plt_sym_val): Likewise.
(elf_x86_64_plt_sym_val_offset_plt_bnd): New.
(elf_x86_64_get_synthetic_symtab): Use it.
ld/testsuite/
PR binutils/17154
* ld-ifunc/pr17154-i386.d: New file.
* ld-ifunc/pr17154-x86-64.d: Likewise.
* ld-ifunc/pr17154-x86.s: Likewise.
* ld-x86-64/bnd-ifunc-2.d: Likewise.
* ld-x86-64/bnd-ifunc-2.s: Likewise.
* ld-x86-64/mpx.exp: Run bnd-ifunc-2.
* ld-x86-64/tlsdesc-nacl.pd: Updated.
* ld-x86-64/tlsdesc.pd: Likewise.
Intel MPX introduces 4 bound registers, which will be used for parameter
passing in x86-64. Bound registers are cleared by branch instructions.
Branch instructions with BND prefix will keep bound register contents.
This leads to 2 requirements to 64-bit MPX run-time:
1. Dynamic linker (ld.so) should save and restore bound registers during
symbol lookup.
2. Change the current 16-byte PLT0:
ff 35 08 00 00 00 pushq GOT+8(%rip)
ff 25 00 10 00 jmpq *GOT+16(%rip)
0f 1f 40 00 nopl 0x0(%rax)
and 16-byte PLT1:
ff 25 00 00 00 00 jmpq *name@GOTPCREL(%rip)
68 00 00 00 00 pushq $index
e9 00 00 00 00 jmpq PLT0
which clear bound registers, to preserve bound registers.
We use 2 new relocations:
to mark branch instructions with BND prefix.
When linker sees any R_X86_64_PC32_BND or R_X86_64_PLT32_BND relocations,
it switches to a different PLT0:
ff 35 08 00 00 00 pushq GOT+8(%rip)
f2 ff 25 00 10 00 bnd jmpq *GOT+16(%rip)
0f 1f 00 nopl (%rax)
to preserve bound registers for symbol lookup and it also creates an
external PLT section, .pl.bnd. Linker will create a BND PLT1 entry
in .plt:
68 00 00 00 00 pushq $index
f2 e9 00 00 00 00 bnd jmpq PLT0
0f 1f 44 00 00 nopl 0(%rax,%rax,1)
and a 8-byte BND PLT entry in .plt.bnd:
f2 ff 25 00 00 00 00 bnd jmpq *name@GOTPCREL(%rip)
90 nop
Otherwise, linker will create a legacy PLT1 entry in .plt:
68 00 00 00 00 pushq $index
e9 00 00 00 00 jmpq PLT0
66 0f 1f 44 00 00 nopw 0(%rax,%rax,1)
and a 8-byte legacy PLT in .plt.bnd:
ff 25 00 00 00 00 jmpq *name@GOTPCREL(%rip)
66 90 xchg %ax,%ax
The initial value of the GOT entry for "name" will be set to the the
"pushq" instruction in the corresponding entry in .plt. Linker will
resolve reference of symbol "name" to the entry in the second PLT,
.plt.bnd.
Prelink stores the offset of pushq of PLT1 (plt_base + 0x10) in GOT[1]
and GOT[1] is stored in GOT[3]. We can undo prelink in GOT by computing
the corresponding the pushq offset with
GOT[1] + (GOT offset - &GOT[3]) * 2
Since for each entry in .plt except for PLT0 we create a 8-byte entry in
.plt.bnd, there is extra 8-byte per PLT symbol.
We also investigated the 16-byte entry for .plt.bnd. We compared the
8-byte entry vs the the 16-byte entry for .plt.bnd on Sandy Bridge.
There are no performance differences in SPEC CPU 2000/2006 as well as
micro benchmarks.
Pros:
No change to undo prelink in dynamic linker.
Only 8-byte memory overhead for each PLT symbol.
Cons:
Extra .plt.bnd section is needed.
Extra 8 byte for legacy branches to PLT.
GDB is unware of the new layout of .plt and .plt.bnd.
bfd/
* elf64-x86-64.c (elf_x86_64_bnd_plt0_entry): New.
(elf_x86_64_legacy_plt_entry): Likewise.
(elf_x86_64_bnd_plt_entry): Likewise.
(elf_x86_64_legacy_plt2_entry): Likewise.
(elf_x86_64_bnd_plt2_entry): Likewise.
(elf_x86_64_bnd_arch_bed): Likewise.
(elf_x86_64_link_hash_entry): Add has_bnd_reloc and plt_bnd.
(elf_x86_64_link_hash_table): Add plt_bnd.
(elf_x86_64_link_hash_newfunc): Initialize has_bnd_reloc and
plt_bnd.
(elf_x86_64_copy_indirect_symbol): Also copy has_bnd_reloc.
(elf_x86_64_check_relocs): Create the second PLT for Intel MPX
in 64-bit mode.
(elf_x86_64_allocate_dynrelocs): Handle the second PLT for IFUNC
symbols. Resolve call to the second PLT if it is created.
(elf_x86_64_size_dynamic_sections): Keep the second PLT section.
(elf_x86_64_relocate_section): Resolve PLT references to the
second PLT if it is created.
(elf_x86_64_finish_dynamic_symbol): Use BND PLT0 and fill the
second PLT entry for BND relocation.
(elf_x86_64_finish_dynamic_sections): Use MPX backend data if
the second PLT is created.
(elf_x86_64_get_synthetic_symtab): New.
(bfd_elf64_get_synthetic_symtab): Likewise. Undefine for NaCl.
ld/
* emulparams/elf_x86_64.sh (TINY_READONLY_SECTION): New.
ld/testsuite/
* ld-x86-64/mpx.exp: Run bnd-ifunc-1 and bnd-plt-1.
* ld-x86-64/bnd-ifunc-1.d: New file.
* ld-x86-64/bnd-ifunc-1.s: Likewise.
* ld-x86-64/bnd-plt-1.d: Likewise.
This patch fixes 2 GNU_RELRO segment bugs:
1. lang_size_sections didn't properly align base to the maximum
alignment power of sections between DATA_SEGMENT_ALIGN and
DATA_SEGMENT_RELRO_END.
2. ld failed to adjust LOAD segment to generate GNU_RELRO segment
when LOAD segment doesn't fit GNU_RELRO segment. This is
https://sourceware.org/bugzilla/show_bug.cgi?id=14207
We "fixed" ld by not generating GNU_RELRO segment. This patch
adjusts LOAD segment to generate GNU_RELRO segment. It fixes
PR ld/16322 and at the same time it also fixes PR binutils/16323
since now we can adjust LOAD segment if it is too small.
bfd/
PR ld/14207
PR ld/16322
PR binutils/16323
* elf.c (_bfd_elf_map_sections_to_segments): Don't check section
size for PT_GNU_RELRO segment.
(assign_file_positions_for_load_sections): If PT_LOAD segment
doesn't fit PT_GNU_RELRO segment, adjust its p_filesz and p_memsz.
ld/
PR ld/14207
PR ld/16322
PR binutils/16323
* ldlang.c (lang_size_sections): Properly align RELRO base.
ld/testsuite/
PR ld/14207
PR ld/16322
PR binutils/16323
* ld-elf/pr16322.d: New file.
* ld-elf/pr16322.s: Likewise.
* ld-x86-64/pr14207.d: Expect PT_GNU_RELRO segment.
bfd/
* archures.c (bfd_mach_i386_nacl): Fix definition so it doesn't
collide with bfd_mach_l1om.
* bfd-in2.h: Regenerate.
* elf32-i386.c (elf32_i386_nacl_elf_object_p): New function.
(elf_backend_object_p): Use that in elf32-i386-nacl definition.
* elf64-x86-64.c (elf64_x86_64_nacl_elf_object_p): New function.
(elf_backend_object_p): Use that in elf64-x86-64-nacl definition.
(elf32_x86_64_nacl_elf_object_p): New function.
(elf_backend_object_p): Use that in elf32-x86-64-nacl definition.
binutils/
* objdump.c (dump_dwarf): Grok bfd_mach_x86_64_nacl and
bfd_mach_x64_32_nacl as equivalent to bfd_mach_x86_64.
ld/testsuite/
* ld-x86-64/x86-64.exp (mixed1, mixed2): Loosen error string match
so it accepts "i386:nacl" in place of "i386".
* ld-x86-64/ilp32-2.d: Likewise.
* ld-x86-64/ilp32-3.d: Likewise.
* ld-x86-64/lp64-2.d: Likewise.
* ld-x86-64/lp64-3.d: Likewise.