This is an archive of the discontinued LLVM Phabricator instance.

ELF: Round p_memsz of the PT_GNU_RELRO program header up to the page size.
ClosedPublic

Authored by pcc on Jan 3 2017, 5:16 PM.

Diff Detail

Repository
rL LLVM

Event Timeline

pcc updated this revision to Diff 82978.Jan 3 2017, 5:16 PM
pcc retitled this revision from to ELF: Round p_memsz of the PT_GNU_RELRO program header up to the page size..
pcc updated this object.
pcc added reviewers: ruiu, rafael, davide.
pcc added a subscriber: llvm-commits.
emaste added a subscriber: emaste.Jan 3 2017, 7:00 PM
emaste added inline comments.
lld/ELF/Writer.cpp
1452–1453 ↗(On Diff #82978)

For reference the FreeBSD rtld algorithm is:

obj->relro_page = obj->relocbase + trunc_page(ph->p_vaddr);
obj->relro_size = round_page(ph->p_memsz);

https://svnweb.freebsd.org/base/head/libexec/rtld-elf/rtld.c?annotate=310422#l1334

pcc updated this revision to Diff 82992.Jan 3 2017, 7:09 PM
  • Add a note about FreeBSD
lld/ELF/Writer.cpp
1452–1453 ↗(On Diff #82978)

Thanks. round_page appears to be system-specific but always seems to round up [0]. I've added a note to the comment.

[0] https://github.com/freebsd/freebsd/search?utf8=%E2%9C%93&q=%22define+round_page%22&type=Code

davide accepted this revision.Jan 4 2017, 5:01 AM
davide edited edge metadata.

LGTM. Out of curiosity, how did you discover this?

This revision is now accepted and ready to land.Jan 4 2017, 5:01 AM
pcc added a comment.Jan 4 2017, 11:06 AM

LGTM. Out of curiosity, how did you discover this?

To test my change D28272, I compiled and ran a small test program (essentially the one in figure 2 in the referenced paper). I was surprised to find that even after the copy relocation was moved to relro the program terminated without segfaulting. An strace revealed that the loader wasn't calling mprotect on the relro region at all, which turned out to be because it was smaller than the page size.

This revision was automatically updated to reflect the committed changes.