This is an archive of the discontinued LLVM Phabricator instance.

Differential D125410

[ELF] Align the end of PT_GNU_RELRO to max-page-size instead of common-page-size
AbandonedPublic

Authored by MaskRay on May 11 2022, 1:16 PM.

Details

Reviewers
peter.smith
Commits
rGebdb9d635a07: [ELF] Align the end of PT_GNU_RELRO to max-page-size instead of common-page-size
Summary

We picked common-page-size to match GNU ld. Recently, the resolution to GNU ld
https://sourceware.org/bugzilla/show_bug.cgi?id=28824 (milestone: 2.39) switched
to max-page-size so that the last page can be protected by RELRO in case the
system page size is larger than common-page-size.

Thanks to our two RW PT_LOAD scheme (D58892), switching to max-page-size does
not change file size (while GNU ld's scheme may increase file size).

Diff Detail

Event Timeline

MaskRay created this revision.May 11 2022, 1:16 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 11 2022, 1:16 PM
Herald added subscribers: StephenFan, pengfei, kbarton and 3 others. · View Herald Transcript
MaskRay requested review of this revision.May 11 2022, 1:16 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 11 2022, 1:16 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
Harbormaster completed remote builds in B163965: Diff 428752.May 11 2022, 2:01 PM
peter.smith accepted this revision.May 12 2022, 12:43 AM

LGTM thanks for making the change. It was useful to see the write up in the binutils PR as common page versus max page size isn't documented very well.

This revision is now accepted and ready to land.May 12 2022, 12:43 AM
MaskRay updated this revision to Diff 428871.May 12 2022, 12:51 AM
MaskRay edited the summary of this revision. (Show Details)

add release note

Harbormaster completed remote builds in B164051: Diff 428871.May 12 2022, 1:29 AM
Closed by commit rGebdb9d635a07: [ELF] Align the end of PT_GNU_RELRO to max-page-size instead of common-page-size (authored by MaskRay). · Explain WhyMay 12 2022, 11:03 AM
This revision was automatically updated to reflect the committed changes.
MaskRay added a commit: rGebdb9d635a07: [ELF] Align the end of PT_GNU_RELRO to max-page-size instead of common-page-size.
chapuni added a subscriber: chapuni.May 12 2022, 5:46 PM
nathanchance added a subscriber: nathanchance.May 12 2022, 6:22 PM

I am seeing a failure during a two stage build of LLVM on an AArch64 host that I bisected to this change:

[3118/3661] ASTNodeAPI.json

FAILED: tools/clang/lib/Tooling/ASTNodeAPI.json …
…/bin/clang-ast-dump: error while loading shared libraries: cannot apply additional memory protection after relocation: Cannot allocate memory

What information would be helpful for investigating what is going on?

MaskRay added a reverting change: rG2ac8ce5d563b: Revert D125410 "[ELF] Align the end of PT_GNU_RELRO to max-page-size instead of….May 12 2022, 8:41 PM
MaskRay added a comment.May 12 2022, 9:08 PM

I somehow forgot that we can not simply round up the end of PT_GNU_RELRO to max-page-size.

I think this is a limitation of our 2 RW PT_LOAD scheme and we may have to expect that if system page size is larger than common-page-size, the last partial page may not be protected by RELRO.
See also https://reviews.freebsd.org/D31498 that system page size smaller than common-page-size may have problems as well.

MaskRay reopened this revision.May 12 2022, 9:08 PM
This revision is now accepted and ready to land.May 12 2022, 9:08 PM
MaskRay abandoned this revision.May 12 2022, 9:08 PM
MaskRay added a comment.Sep 12 2023, 11:43 AM

This is superseded by https://github.com/llvm/llvm-project/pull/66042 . I've mentioned there why runtime_page_size < common-page-size may lead to glibc rtld error while loading shared libraries: cannot apply additional memory protection after relocation: Cannot allocate memory.
If we simply change common-page-size to max-page-size on the p->p_memsz line, this condition would be runtime_page_size < max-page-size .
When max-page-size is 64KiB (ARM/AArch64/PowerPC) and runtime page-size is typically smaller (4KiB), error while loading shared libraries: cannot apply additional memory protection after relocation: Cannot allocate memory will almost assuredly occur.

Revision Contents

PathSize
lld/
ELF/
9 lines
docs/
4 lines
test/
ELF/
2 lines
2 lines

Diff 429022

lld/ELF/Writer.cpp

Show First 20 LinesShow All 2,632 Lines▼ Show 20 Lines if (first) {
p->p_offset -= part.elfHeader->getParent()->offset; p->p_offset -= part.elfHeader->getParent()->offset;
if (!p->hasLMA) if (!p->hasLMA)
p->p_paddr = first->getLMA(); p->p_paddr = first->getLMA();
} }
if (p->p_type == PT_GNU_RELRO) { if (p->p_type == PT_GNU_RELRO) {
p->p_align = 1; p->p_align = 1;
// musl/glibc ld.so rounds the size down, so we need to round up // musl/glibc/FreeBSD ld.so rounds the size down, so we need to round up
// to protect the last page. This is a no-op on FreeBSD which always // to protect the last page.
// rounds up. p->p_memsz =
p->p_memsz = alignTo(p->p_offset + p->p_memsz, config->commonPageSize) - alignTo(p->p_offset + p->p_memsz, config->maxPageSize) - p->p_offset;
p->p_offset;
} }
} }
} }
// A helper struct for checkSectionOverlap. // A helper struct for checkSectionOverlap.
namespace { namespace {
struct SectionOffset { struct SectionOffset {
OutputSection *sec; OutputSection *sec;
▲ Show 20 LinesShow All 330 LinesShow Last 20 Lines

lld/docs/ReleaseNotes.rst

Show All 23 Lines
================================================= =================================================
ELF Improvements ELF Improvements
---------------- ----------------
* ``-z pack-relative-relocs`` is now available to support ``DT_RELR`` for glibc 2.36+. * ``-z pack-relative-relocs`` is now available to support ``DT_RELR`` for glibc 2.36+.
(`D120701 <https://reviews.llvm.org/D120701>`_) (`D120701 <https://reviews.llvm.org/D120701>`_)
* ``--no-fortran-common`` (pre 12.0.0 behavior) is now the default. * ``--no-fortran-common`` (pre 12.0.0 behavior) is now the default.
* The end of ``PT_GNU_RELRO`` is now aligned by ``max-page-size`` instead of ``common-page-size``.
This matches GNU ld from 2.39 onwards. If the system page size is larger than ``common-page-size``,
the previous choice may make a partial page not protected by RELRO.
(`D125410 <https://reviews.llvm.org/D125410>`_)
Breaking changes Breaking changes
---------------- ----------------
* The GNU ld incompatible ``--no-define-common`` has been removed. * The GNU ld incompatible ``--no-define-common`` has been removed.
* The obscure ``-dc``/``-dp`` options have been removed. * The obscure ``-dc``/``-dp`` options have been removed.
* ``-d`` is now ignored. * ``-d`` is now ignored.
* If a prevailing COMDAT group defines STB_WEAK symbol, having a STB_GLOBAL symbol in a non-prevailing group is now rejected with a diagnostic. * If a prevailing COMDAT group defines STB_WEAK symbol, having a STB_GLOBAL symbol in a non-prevailing group is now rejected with a diagnostic.
Show All 25 Lines

lld/test/ELF/aarch64-relro.s

# REQUIRES: aarch64 # REQUIRES: aarch64
# RUN: llvm-mc -filetype=obj -triple=aarch64-unknown-freebsd %s -o %t # RUN: llvm-mc -filetype=obj -triple=aarch64-unknown-freebsd %s -o %t
# RUN: ld.lld %t -o %t2 # RUN: ld.lld %t -o %t2
# RUN: llvm-readobj -l %t2 | FileCheck %s # RUN: llvm-readobj -l %t2 | FileCheck %s
# CHECK: Type: PT_GNU_RELRO # CHECK: Type: PT_GNU_RELRO
# CHECK-NEXT: Offset: # CHECK-NEXT: Offset:
# CHECK-NEXT: VirtualAddress: 0x220190 # CHECK-NEXT: VirtualAddress: 0x220190
# CHECK-NEXT: PhysicalAddress: # CHECK-NEXT: PhysicalAddress:
# CHECK-NEXT: FileSize: # CHECK-NEXT: FileSize:
# CHECK-NEXT: MemSize: 3696 # CHECK-NEXT: MemSize: 65136
.section .data.rel.ro,"aw",%progbits .section .data.rel.ro,"aw",%progbits
.byte 1 .byte 1

lld/test/ELF/basic-ppc64.s

Show First 20 LinesShow All 330 Lines▼ Show 20 Lines
// CHECK-NEXT: Alignment: 8 // CHECK-NEXT: Alignment: 8
// CHECK-NEXT: } // CHECK-NEXT: }
// CHECK-NEXT: ProgramHeader { // CHECK-NEXT: ProgramHeader {
// CHECK-NEXT: Type: PT_GNU_RELRO (0x6474E552) // CHECK-NEXT: Type: PT_GNU_RELRO (0x6474E552)
// CHECK-NEXT: Offset: 0x238 // CHECK-NEXT: Offset: 0x238
// CHECK-NEXT: VirtualAddress: 0x20238 // CHECK-NEXT: VirtualAddress: 0x20238
// CHECK-NEXT: PhysicalAddress: 0x20238 // CHECK-NEXT: PhysicalAddress: 0x20238
// CHECK-NEXT: FileSize: 96 // CHECK-NEXT: FileSize: 96
// CHECK-NEXT: MemSize: 3528 // CHECK-NEXT: MemSize: 64968
// CHECK-NEXT: Flags [ (0x4) // CHECK-NEXT: Flags [ (0x4)
// CHECK-NEXT: PF_R (0x4) // CHECK-NEXT: PF_R (0x4)
// CHECK-NEXT: ] // CHECK-NEXT: ]
// CHECK-NEXT: Alignment: 1 // CHECK-NEXT: Alignment: 1
// CHECK-NEXT: } // CHECK-NEXT: }
// CHECK-NEXT: ProgramHeader { // CHECK-NEXT: ProgramHeader {
// CHECK-NEXT: Type: PT_GNU_STACK (0x6474E551) // CHECK-NEXT: Type: PT_GNU_STACK (0x6474E551)
// CHECK-NEXT: Offset: 0x0 // CHECK-NEXT: Offset: 0x0
Show All 11 Lines