This is an archive of the discontinued LLVM Phabricator instance.

Differential D60825

[llvm-objcopy] - Check dynamic relocation sections for broken references.
ClosedPublic

Authored by grimar on Apr 17 2019, 7:05 AM.

Details

Reviewers
jhenderson
jakehehrlich
rupprecht
alexander-shaposhnikov
espindola
Commits
rG67f590e2867a: [llvm-objcopy] - Check dynamic relocation sections for broken references.
rL359552: [llvm-objcopy] - Check dynamic relocation sections for broken references.
Summary

This is a fix for https://bugs.llvm.org/show_bug.cgi?id=41371.

Currently, it is possible to break the sh_link field of the dynamic relocation section
by removing the section it refers to. The patch fixes an issue and adds 2 test cases.

One of them shows that it does not seem possible to break the sh_info field.
That is explained in the comments. I added an assert to verify this.

Diff Detail

Repository
rL LLVM

Event Timeline

grimar created this revision.Apr 17 2019, 7:05 AM
Herald added a reviewer: espindola. · View Herald TranscriptApr 17 2019, 7:05 AM
Herald added subscribers: MaskRay, arichardson, emaste. · View Herald Transcript
grimar marked an inline comment as done.Apr 17 2019, 7:06 AM
grimar added inline comments.
test/tools/llvm-objcopy/ELF/dynrelocsec-remove-shlink-reference.test
24 ↗(On Diff #195563)

This TODO can be removed if we land D60820.

jakehehrlich added a comment.Apr 17 2019, 8:18 AM

So overall this looks good and literally yesterday I'd have just given a +2 but James noticed an edge case we should think about. If there are ever reasons to have a dynamic relocation without a symbol table (I don't know of any) we should hold off and account for the edge case. O think that concern only applies to relocatable files however.

grimar added a comment.Apr 17 2019, 8:43 AM
In D60825#1470322, @jakehehrlich wrote:

So overall this looks good and literally yesterday I'd have just given a +2 but James noticed an edge case we should think about. If there are ever reasons to have a dynamic relocation without a symbol table (I don't know of any) we should hold off and account for the edge case. O think that concern only applies to relocatable files however.

In theory, I think R_X86_64_RELATIVE relocations should not need a symbol table since they just adjust a place by program base.
This will be easy to support after landing the D60324 which introduce the --allow-broken-links option.
We can just wait for it and I'll update this patch then or I could do that in a follow-up.

jhenderson added a comment.Apr 18 2019, 2:14 AM

FYI, I've just landed D60324, and approved D60820. This looks good, except for the edge case mentioned by @jakehehrlich. The code should also implement --allow-broken-links now that that has landed.

test/tools/llvm-objcopy/ELF/dynrelocsec-remove-shinfo-reference.test
11 ↗(On Diff #195563)

I'm not too bothered, but I find it marginally easier to read the line as a continuation if the '|' is on the second line.

grimar updated this revision to Diff 195718.Apr 18 2019, 4:40 AM
grimar marked an inline comment as done.
  • Addressed comments, rebased, updated the test case.
grimar added a comment.Apr 24 2019, 12:44 AM

Ping.

jakehehrlich added a comment.Apr 25 2019, 2:03 PM

Hmm...right now we don't parse the dynamic symbol table but parsing it just enough to check if no symbols are needed and then not throwing an error if no symbol table is needed seems like a better option than using that flag. That flag should of course also be respected here however.

jakehehrlich added a comment.Apr 25 2019, 2:03 PM

Maybe we should land this and wait for someone to have that issue. Can someone file a bug about that issue now?

grimar added a comment.Apr 26 2019, 1:29 AM
In D60825#1479436, @jakehehrlich wrote:

Maybe we should land this and wait for someone to have that issue. Can someone file a bug about that issue now?

Right now we already have a bug saying that "If you strip a section that is referred to by a dynamic relocation section (e.g. the .dynsym),
llvm-objcopy lets it happen assuming that there are no other references".
(https://bugs.llvm.org/show_bug.cgi?id=41371)

As far I understand, after changing the behavior, we might want to post a bug saying something like the following, right?
"Currently when --allow-broken-links is *not* given we always report a error when removing a symbol table used by a dynamic relocation section.
Though it should be possible to do that only in a case when we know that using symbols from dynamic symbol table."

And then we need to land this patch first (as PR41371 already covers the current behavior I think?).

jhenderson accepted this revision.Apr 29 2019, 8:32 AM

LGTM. I agree that inspecting the dynamic relocations to see if there are any references to symbols is a separate issue. Indeed, it technically also applies to regular relocations, not just dynamic ones. There is a potential performance issue here though, which I think might be a problem if we tried to pass the relocations to do this.

test/tools/llvm-objcopy/ELF/dynrelocsec-remove-shlink-reference.test
12 ↗(On Diff #195718)

Either "with --allow-broken-links" or "with the --allow-broken-links switch"

This revision is now accepted and ready to land.Apr 29 2019, 8:32 AM
Closed by commit rL359552: [llvm-objcopy] - Check dynamic relocation sections for broken references. (authored by grimar). · Explain WhyApr 30 2019, 4:00 AM
This revision was automatically updated to reflect the committed changes.
Herald added a project: Restricted Project. · View Herald TranscriptApr 30 2019, 4:00 AM
grimar added a comment.Apr 30 2019, 4:09 AM

I submitted a bug discussed here: https://bugs.llvm.org/show_bug.cgi?id=41669

Revision Contents

PathSize
llvm/
trunk/
test/
tools/
llvm-objcopy/
ELF/
30 lines
34 lines
tools/
llvm-objcopy/
ELF/
15 lines
33 lines

Diff 197290

llvm/trunk/test/tools/llvm-objcopy/ELF/dynrelocsec-remove-shinfo-reference.test

# RUN: yaml2obj %s > %t
# RUN: llvm-objcopy -R .got.plt %t %t2
## .rela.plt is a dynamic relocation section that has a connection
## via sh_info field with its target section .got.plt.
## Here we check that if the target section is removed then dynamic
## relocation section is also removed and we do not end up with a broken
## sh_info value, for example.
# RUN: llvm-readelf --sections %t2 \
# RUN: | FileCheck %s --implicit-check-not=".got.plt" --implicit-check-not=".rela.plt"
--- !ELF
FileHeader:
Class: ELFCLASS64
Data: ELFDATA2LSB
Type: ET_DYN
Machine: EM_X86_64
Sections:
- Name: .rela.plt
Type: SHT_RELA
Flags: [ SHF_ALLOC ]
Link: .dynsym
Info: .got.plt
- Name: .got.plt
Type: SHT_PROGBITS
Flags: [ SHF_WRITE, SHF_ALLOC ]
DynamicSymbols:
- Name: bar
Binding: STB_GLOBAL

llvm/trunk/test/tools/llvm-objcopy/ELF/dynrelocsec-remove-shlink-reference.test

# RUN: yaml2obj %s > %t
## Check we cannot remove the .dynsym symbol table because dynamic
## relocation section .rela.dyn still references it via sh_link field.
# RUN: not llvm-objcopy -R .dynsym %t %t2 2>&1 >/dev/null | FileCheck %s --check-prefix=ERR
# ERR: error: Symbol table .dynsym cannot be removed because it is referenced by the relocation section .rela.dyn.
## Check we can remove .dynsym after removing the reference.
# RUN: llvm-objcopy -R .dynsym -R .rela.dyn %t %t2
# RUN: llvm-readelf --sections %t2 | FileCheck %s --implicit-check-not=".dynsym"
## Check we zero out sh_link field and allow producing output with the --allow-broken-links switch.
# RUN: llvm-objcopy -R .dynsym --allow-broken-links %t %t2
# RUN: llvm-readelf --sections %t2 | FileCheck %s --check-prefix=DROP-LINK
# DROP-LINK: [Nr] Name Type Address Off Size ES Flg L
# DROP-LINK: [ 1] .rela.dyn RELA 0000000000000270 000040 000000 18 A 0
# DROP-LINK-NOT: .dynsym
!ELF
FileHeader:
Class: ELFCLASS64
Data: ELFDATA2LSB
Type: ET_DYN
Machine: EM_X86_64
Sections:
- Name: .rela.dyn
Type: SHT_RELA
Flags: [ SHF_ALLOC ]
Address: 0x0000000000000270
Link: .dynsym
EntSize: 0x0000000000000018
DynamicSymbols:
- Name: bar
Binding: STB_GLOBAL

llvm/trunk/tools/llvm-objcopy/ELF/Object.h

Show First 20 LinesShow All 676 Lines▼ Show 20 Linesclass DynamicRelocationSection
: public RelocSectionWithSymtabBase<DynamicSymbolTableSection> { : public RelocSectionWithSymtabBase<DynamicSymbolTableSection> {
MAKE_SEC_WRITER_FRIEND MAKE_SEC_WRITER_FRIEND
private: private:
ArrayRef<uint8_t> Contents; ArrayRef<uint8_t> Contents;
public: public:
explicit DynamicRelocationSection(ArrayRef<uint8_t> Data) : Contents(Data) {} explicit DynamicRelocationSection(ArrayRef<uint8_t> Data) : Contents(Data) {}
void accept(SectionVisitor &) const override; void accept(SectionVisitor &) const override;
void accept(MutableSectionVisitor &Visitor) override; void accept(MutableSectionVisitor &Visitor) override;
Error removeSectionReferences(
static bool classof(const SectionBase *S) { bool AllowBrokenLinks,
if (!(S->Flags & ELF::SHF_ALLOC)) function_ref<bool(const SectionBase *)> ToRemove) override;
static bool classof(const SectionBase *S) {
if (!(S->Flags & ELF::SHF_ALLOC))
return false; return false;
return S->Type == ELF::SHT_REL || S->Type == ELF::SHT_RELA; return S->Type == ELF::SHT_REL || S->Type == ELF::SHT_RELA;
} }
}; };
class GnuDebugLinkSection : public SectionBase { class GnuDebugLinkSection : public SectionBase {
MAKE_SEC_WRITER_FRIEND MAKE_SEC_WRITER_FRIEND
▲ Show 20 LinesShow All 161 LinesShow Last 20 Lines

llvm/trunk/tools/llvm-objcopy/ELF/Object.cpp

Show First 20 LinesShow All 674 Lines▼ Show 20 Lines llvm::copy(Sec.Contents,
Out.getBufferStart() + Sec.Offset); Out.getBufferStart() + Sec.Offset);
} }
void DynamicRelocationSection::accept(SectionVisitor &Visitor) const { void DynamicRelocationSection::accept(SectionVisitor &Visitor) const {
Visitor.visit(*this); Visitor.visit(*this);
} }
void DynamicRelocationSection::accept(MutableSectionVisitor &Visitor) { void DynamicRelocationSection::accept(MutableSectionVisitor &Visitor) {
Visitor.visit(*this); Visitor.visit(*this);
} }
Error Section::removeSectionReferences(bool AllowBrokenDependency, Error DynamicRelocationSection::removeSectionReferences(
function_ref<bool(const SectionBase *)> ToRemove) { bool AllowBrokenLinks, function_ref<bool(const SectionBase *)> ToRemove) {
if (ToRemove(LinkSection)) { if (ToRemove(Symbols)) {
if (!AllowBrokenLinks)
return createStringError(
llvm::errc::invalid_argument,
"Symbol table %s cannot be removed because it is "
"referenced by the relocation section %s.",
Symbols->Name.data(), this->Name.data());
Symbols = nullptr;
}
// SecToApplyRel contains a section referenced by sh_info field. It keeps
// a section to which the relocation section applies. When we remove any
// sections we also remove their relocation sections. Since we do that much
// earlier, this assert should never be triggered.
assert(!SecToApplyRel || !ToRemove(SecToApplyRel));
return Error::success();
}
Error Section::removeSectionReferences(bool AllowBrokenDependency,
function_ref<bool(const SectionBase *)> ToRemove) {
if (ToRemove(LinkSection)) {
if (!AllowBrokenDependency) if (!AllowBrokenDependency)
return createStringError(llvm::errc::invalid_argument, return createStringError(llvm::errc::invalid_argument,
"Section %s cannot be removed because it is " "Section %s cannot be removed because it is "
"referenced by the section %s", "referenced by the section %s",
LinkSection->Name.data(), this->Name.data()); LinkSection->Name.data(), this->Name.data());
LinkSection = nullptr; LinkSection = nullptr;
} }
return Error::success(); return Error::success();
▲ Show 20 LinesShow All 1,121 LinesShow Last 20 Lines