1 //===- Writer.cpp ---------------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8
9 #include "Writer.h"
10 #include "AArch64ErrataFix.h"
11 #include "ARMErrataFix.h"
12 #include "BPSectionOrderer.h"
13 #include "CallGraphSort.h"
14 #include "Config.h"
15 #include "InputFiles.h"
16 #include "LinkerScript.h"
17 #include "MapFile.h"
18 #include "OutputSections.h"
19 #include "Relocations.h"
20 #include "SymbolTable.h"
21 #include "Symbols.h"
22 #include "SyntheticSections.h"
23 #include "Target.h"
24 #include "lld/Common/Arrays.h"
25 #include "lld/Common/CommonLinkerContext.h"
26 #include "lld/Common/Filesystem.h"
27 #include "lld/Common/Strings.h"
28 #include "llvm/ADT/STLExtras.h"
29 #include "llvm/ADT/StringMap.h"
30 #include "llvm/Support/BLAKE3.h"
31 #include "llvm/Support/Parallel.h"
32 #include "llvm/Support/RandomNumberGenerator.h"
33 #include "llvm/Support/TimeProfiler.h"
34 #include "llvm/Support/xxhash.h"
35 #include <climits>
36
37 #define DEBUG_TYPE "lld"
38
39 using namespace llvm;
40 using namespace llvm::ELF;
41 using namespace llvm::object;
42 using namespace llvm::support;
43 using namespace llvm::support::endian;
44 using namespace lld;
45 using namespace lld::elf;
46
47 namespace {
48 // The writer writes a SymbolTable result to a file.
49 template <class ELFT> class Writer {
50 public:
51 LLVM_ELF_IMPORT_TYPES_ELFT(ELFT)
52
Writer(Ctx & ctx)53 Writer(Ctx &ctx) : ctx(ctx), buffer(ctx.e.outputBuffer), tc(ctx) {}
54
55 void run();
56
57 private:
58 void addSectionSymbols();
59 void sortSections();
60 void resolveShfLinkOrder();
61 void finalizeAddressDependentContent();
62 void optimizeBasicBlockJumps();
63 void sortInputSections();
64 void sortOrphanSections();
65 void finalizeSections();
66 void checkExecuteOnly();
67 void checkExecuteOnlyReport();
68 void setReservedSymbolSections();
69
70 SmallVector<std::unique_ptr<PhdrEntry>, 0> createPhdrs(Partition &part);
71 void addPhdrForSection(Partition &part, unsigned shType, unsigned pType,
72 unsigned pFlags);
73 void assignFileOffsets();
74 void assignFileOffsetsBinary();
75 void setPhdrs(Partition &part);
76 void checkSections();
77 void fixSectionAlignments();
78 void openFile();
79 void writeTrapInstr();
80 void writeHeader();
81 void writeSections();
82 void writeSectionsBinary();
83 void writeBuildId();
84
85 Ctx &ctx;
86 std::unique_ptr<FileOutputBuffer> &buffer;
87 // ThunkCreator holds Thunks that are used at writeTo time.
88 ThunkCreator tc;
89
90 void addRelIpltSymbols();
91 void addStartEndSymbols();
92 void addStartStopSymbols(OutputSection &osec);
93
94 uint64_t fileSize;
95 uint64_t sectionHeaderOff;
96 };
97 } // anonymous namespace
98
writeResult(Ctx & ctx)99 template <class ELFT> void elf::writeResult(Ctx &ctx) {
100 Writer<ELFT>(ctx).run();
101 }
102
103 static void
removeEmptyPTLoad(Ctx & ctx,SmallVector<std::unique_ptr<PhdrEntry>,0> & phdrs)104 removeEmptyPTLoad(Ctx &ctx, SmallVector<std::unique_ptr<PhdrEntry>, 0> &phdrs) {
105 auto it = std::stable_partition(phdrs.begin(), phdrs.end(), [&](auto &p) {
106 if (p->p_type != PT_LOAD)
107 return true;
108 if (!p->firstSec)
109 return false;
110 uint64_t size = p->lastSec->addr + p->lastSec->size - p->firstSec->addr;
111 return size != 0;
112 });
113
114 // Clear OutputSection::ptLoad for sections contained in removed
115 // segments.
116 DenseSet<PhdrEntry *> removed;
117 for (auto it2 = it; it2 != phdrs.end(); ++it2)
118 removed.insert(it2->get());
119 for (OutputSection *sec : ctx.outputSections)
120 if (removed.count(sec->ptLoad))
121 sec->ptLoad = nullptr;
122 phdrs.erase(it, phdrs.end());
123 }
124
copySectionsIntoPartitions(Ctx & ctx)125 void elf::copySectionsIntoPartitions(Ctx &ctx) {
126 SmallVector<InputSectionBase *, 0> newSections;
127 const size_t ehSize = ctx.ehInputSections.size();
128 for (unsigned part = 2; part != ctx.partitions.size() + 1; ++part) {
129 for (InputSectionBase *s : ctx.inputSections) {
130 if (!(s->flags & SHF_ALLOC) || !s->isLive() || s->type != SHT_NOTE)
131 continue;
132 auto *copy = make<InputSection>(cast<InputSection>(*s));
133 copy->partition = part;
134 newSections.push_back(copy);
135 }
136 for (size_t i = 0; i != ehSize; ++i) {
137 assert(ctx.ehInputSections[i]->isLive());
138 auto *copy = make<EhInputSection>(*ctx.ehInputSections[i]);
139 copy->partition = part;
140 ctx.ehInputSections.push_back(copy);
141 }
142 }
143
144 ctx.inputSections.insert(ctx.inputSections.end(), newSections.begin(),
145 newSections.end());
146 }
147
addOptionalRegular(Ctx & ctx,StringRef name,SectionBase * sec,uint64_t val,uint8_t stOther=STV_HIDDEN)148 static Defined *addOptionalRegular(Ctx &ctx, StringRef name, SectionBase *sec,
149 uint64_t val, uint8_t stOther = STV_HIDDEN) {
150 Symbol *s = ctx.symtab->find(name);
151 if (!s || s->isDefined() || s->isCommon())
152 return nullptr;
153
154 ctx.synthesizedSymbols.push_back(s);
155 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL,
156 stOther, STT_NOTYPE, val,
157 /*size=*/0, sec});
158 s->isUsedInRegularObj = true;
159 return cast<Defined>(s);
160 }
161
162 // The linker is expected to define some symbols depending on
163 // the linking result. This function defines such symbols.
addReservedSymbols(Ctx & ctx)164 void elf::addReservedSymbols(Ctx &ctx) {
165 if (ctx.arg.emachine == EM_MIPS) {
166 auto addAbsolute = [&](StringRef name) {
167 Symbol *sym =
168 ctx.symtab->addSymbol(Defined{ctx, ctx.internalFile, name, STB_GLOBAL,
169 STV_HIDDEN, STT_NOTYPE, 0, 0, nullptr});
170 sym->isUsedInRegularObj = true;
171 return cast<Defined>(sym);
172 };
173 // Define _gp for MIPS. st_value of _gp symbol will be updated by Writer
174 // so that it points to an absolute address which by default is relative
175 // to GOT. Default offset is 0x7ff0.
176 // See "Global Data Symbols" in Chapter 6 in the following document:
177 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf
178 ctx.sym.mipsGp = addAbsolute("_gp");
179
180 // On MIPS O32 ABI, _gp_disp is a magic symbol designates offset between
181 // start of function and 'gp' pointer into GOT.
182 if (ctx.symtab->find("_gp_disp"))
183 ctx.sym.mipsGpDisp = addAbsolute("_gp_disp");
184
185 // The __gnu_local_gp is a magic symbol equal to the current value of 'gp'
186 // pointer. This symbol is used in the code generated by .cpload pseudo-op
187 // in case of using -mno-shared option.
188 // https://sourceware.org/ml/binutils/2004-12/msg00094.html
189 if (ctx.symtab->find("__gnu_local_gp"))
190 ctx.sym.mipsLocalGp = addAbsolute("__gnu_local_gp");
191 } else if (ctx.arg.emachine == EM_PPC) {
192 // glibc *crt1.o has a undefined reference to _SDA_BASE_. Since we don't
193 // support Small Data Area, define it arbitrarily as 0.
194 addOptionalRegular(ctx, "_SDA_BASE_", nullptr, 0, STV_HIDDEN);
195 } else if (ctx.arg.emachine == EM_PPC64) {
196 addPPC64SaveRestore(ctx);
197 }
198
199 // The Power Architecture 64-bit v2 ABI defines a TableOfContents (TOC) which
200 // combines the typical ELF GOT with the small data sections. It commonly
201 // includes .got .toc .sdata .sbss. The .TOC. symbol replaces both
202 // _GLOBAL_OFFSET_TABLE_ and _SDA_BASE_ from the 32-bit ABI. It is used to
203 // represent the TOC base which is offset by 0x8000 bytes from the start of
204 // the .got section.
205 // We do not allow _GLOBAL_OFFSET_TABLE_ to be defined by input objects as the
206 // correctness of some relocations depends on its value.
207 StringRef gotSymName =
208 (ctx.arg.emachine == EM_PPC64) ? ".TOC." : "_GLOBAL_OFFSET_TABLE_";
209
210 if (Symbol *s = ctx.symtab->find(gotSymName)) {
211 if (s->isDefined()) {
212 ErrAlways(ctx) << s->file << " cannot redefine linker defined symbol '"
213 << gotSymName << "'";
214 return;
215 }
216
217 uint64_t gotOff = 0;
218 if (ctx.arg.emachine == EM_PPC64)
219 gotOff = 0x8000;
220
221 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL,
222 STV_HIDDEN, STT_NOTYPE, gotOff, /*size=*/0,
223 ctx.out.elfHeader.get()});
224 ctx.sym.globalOffsetTable = cast<Defined>(s);
225 }
226
227 // __ehdr_start is the location of ELF file headers. Note that we define
228 // this symbol unconditionally even when using a linker script, which
229 // differs from the behavior implemented by GNU linker which only define
230 // this symbol if ELF headers are in the memory mapped segment.
231 addOptionalRegular(ctx, "__ehdr_start", ctx.out.elfHeader.get(), 0,
232 STV_HIDDEN);
233
234 // __executable_start is not documented, but the expectation of at
235 // least the Android libc is that it points to the ELF header.
236 addOptionalRegular(ctx, "__executable_start", ctx.out.elfHeader.get(), 0,
237 STV_HIDDEN);
238
239 // __dso_handle symbol is passed to cxa_finalize as a marker to identify
240 // each DSO. The address of the symbol doesn't matter as long as they are
241 // different in different DSOs, so we chose the start address of the DSO.
242 addOptionalRegular(ctx, "__dso_handle", ctx.out.elfHeader.get(), 0,
243 STV_HIDDEN);
244
245 // If linker script do layout we do not need to create any standard symbols.
246 if (ctx.script->hasSectionsCommand)
247 return;
248
249 auto add = [&](StringRef s, int64_t pos) {
250 return addOptionalRegular(ctx, s, ctx.out.elfHeader.get(), pos,
251 STV_DEFAULT);
252 };
253
254 ctx.sym.bss = add("__bss_start", 0);
255 ctx.sym.end1 = add("end", -1);
256 ctx.sym.end2 = add("_end", -1);
257 ctx.sym.etext1 = add("etext", -1);
258 ctx.sym.etext2 = add("_etext", -1);
259 ctx.sym.edata1 = add("edata", -1);
260 ctx.sym.edata2 = add("_edata", -1);
261 }
262
demoteDefined(Defined & sym,DenseMap<SectionBase *,size_t> & map)263 static void demoteDefined(Defined &sym, DenseMap<SectionBase *, size_t> &map) {
264 if (map.empty())
265 for (auto [i, sec] : llvm::enumerate(sym.file->getSections()))
266 map.try_emplace(sec, i);
267 // Change WEAK to GLOBAL so that if a scanned relocation references sym,
268 // maybeReportUndefined will report an error.
269 uint8_t binding = sym.isWeak() ? uint8_t(STB_GLOBAL) : sym.binding;
270 Undefined(sym.file, sym.getName(), binding, sym.stOther, sym.type,
271 /*discardedSecIdx=*/map.lookup(sym.section))
272 .overwrite(sym);
273 // Eliminate from the symbol table, otherwise we would leave an undefined
274 // symbol if the symbol is unreferenced in the absence of GC.
275 sym.isUsedInRegularObj = false;
276 }
277
278 // If all references to a DSO happen to be weak, the DSO is not added to
279 // DT_NEEDED. If that happens, replace ShardSymbol with Undefined to avoid
280 // dangling references to an unneeded DSO. Use a weak binding to avoid
281 // --no-allow-shlib-undefined diagnostics. Similarly, demote lazy symbols.
282 //
283 // In addition, demote symbols defined in discarded sections, so that
284 // references to /DISCARD/ discarded symbols will lead to errors.
demoteSymbolsAndComputeIsPreemptible(Ctx & ctx)285 static void demoteSymbolsAndComputeIsPreemptible(Ctx &ctx) {
286 llvm::TimeTraceScope timeScope("Demote symbols");
287 DenseMap<InputFile *, DenseMap<SectionBase *, size_t>> sectionIndexMap;
288 for (Symbol *sym : ctx.symtab->getSymbols()) {
289 if (auto *d = dyn_cast<Defined>(sym)) {
290 if (d->section && !d->section->isLive())
291 demoteDefined(*d, sectionIndexMap[d->file]);
292 } else {
293 auto *s = dyn_cast<SharedSymbol>(sym);
294 if (sym->isLazy() || (s && !cast<SharedFile>(s->file)->isNeeded)) {
295 uint8_t binding = sym->isLazy() ? sym->binding : uint8_t(STB_WEAK);
296 Undefined(ctx.internalFile, sym->getName(), binding, sym->stOther,
297 sym->type)
298 .overwrite(*sym);
299 sym->versionId = VER_NDX_GLOBAL;
300 }
301 }
302
303 sym->isPreemptible = (sym->isUndefined() || sym->isExported) &&
304 computeIsPreemptible(ctx, *sym);
305 }
306 }
307
findSection(Ctx & ctx,StringRef name,unsigned partition=1)308 static OutputSection *findSection(Ctx &ctx, StringRef name,
309 unsigned partition = 1) {
310 for (SectionCommand *cmd : ctx.script->sectionCommands)
311 if (auto *osd = dyn_cast<OutputDesc>(cmd))
312 if (osd->osec.name == name && osd->osec.partition == partition)
313 return &osd->osec;
314 return nullptr;
315 }
316
317 // The main function of the writer.
run()318 template <class ELFT> void Writer<ELFT>::run() {
319 // Now that we have a complete set of output sections. This function
320 // completes section contents. For example, we need to add strings
321 // to the string table, and add entries to .got and .plt.
322 // finalizeSections does that.
323 finalizeSections();
324 checkExecuteOnly();
325 checkExecuteOnlyReport();
326
327 // If --compressed-debug-sections is specified, compress .debug_* sections.
328 // Do it right now because it changes the size of output sections.
329 for (OutputSection *sec : ctx.outputSections)
330 sec->maybeCompress<ELFT>(ctx);
331
332 if (ctx.script->hasSectionsCommand)
333 ctx.script->allocateHeaders(ctx.mainPart->phdrs);
334
335 // Remove empty PT_LOAD to avoid causing the dynamic linker to try to mmap a
336 // 0 sized region. This has to be done late since only after assignAddresses
337 // we know the size of the sections.
338 for (Partition &part : ctx.partitions)
339 removeEmptyPTLoad(ctx, part.phdrs);
340
341 if (!ctx.arg.oFormatBinary)
342 assignFileOffsets();
343 else
344 assignFileOffsetsBinary();
345
346 for (Partition &part : ctx.partitions)
347 setPhdrs(part);
348
349 // Handle --print-map(-M)/--Map and --cref. Dump them before checkSections()
350 // because the files may be useful in case checkSections() or openFile()
351 // fails, for example, due to an erroneous file size.
352 writeMapAndCref(ctx);
353
354 // Handle --print-memory-usage option.
355 if (ctx.arg.printMemoryUsage)
356 ctx.script->printMemoryUsage(ctx.e.outs());
357
358 if (ctx.arg.checkSections)
359 checkSections();
360
361 // It does not make sense try to open the file if we have error already.
362 if (errCount(ctx))
363 return;
364
365 {
366 llvm::TimeTraceScope timeScope("Write output file");
367 // Write the result down to a file.
368 openFile();
369 if (errCount(ctx))
370 return;
371
372 if (!ctx.arg.oFormatBinary) {
373 if (ctx.arg.zSeparate != SeparateSegmentKind::None)
374 writeTrapInstr();
375 writeHeader();
376 writeSections();
377 } else {
378 writeSectionsBinary();
379 }
380
381 // Backfill .note.gnu.build-id section content. This is done at last
382 // because the content is usually a hash value of the entire output file.
383 writeBuildId();
384 if (errCount(ctx))
385 return;
386
387 if (!ctx.e.disableOutput) {
388 if (auto e = buffer->commit())
389 Err(ctx) << "failed to write output '" << buffer->getPath()
390 << "': " << std::move(e);
391 }
392
393 if (!ctx.arg.cmseOutputLib.empty())
394 writeARMCmseImportLib<ELFT>(ctx);
395 }
396 }
397
398 template <class ELFT, class RelTy>
markUsedLocalSymbolsImpl(ObjFile<ELFT> * file,llvm::ArrayRef<RelTy> rels)399 static void markUsedLocalSymbolsImpl(ObjFile<ELFT> *file,
400 llvm::ArrayRef<RelTy> rels) {
401 for (const RelTy &rel : rels) {
402 Symbol &sym = file->getRelocTargetSym(rel);
403 if (sym.isLocal())
404 sym.used = true;
405 }
406 }
407
408 // The function ensures that the "used" field of local symbols reflects the fact
409 // that the symbol is used in a relocation from a live section.
markUsedLocalSymbols(Ctx & ctx)410 template <class ELFT> static void markUsedLocalSymbols(Ctx &ctx) {
411 // With --gc-sections, the field is already filled.
412 // See MarkLive<ELFT>::resolveReloc().
413 if (ctx.arg.gcSections)
414 return;
415 for (ELFFileBase *file : ctx.objectFiles) {
416 ObjFile<ELFT> *f = cast<ObjFile<ELFT>>(file);
417 for (InputSectionBase *s : f->getSections()) {
418 InputSection *isec = dyn_cast_or_null<InputSection>(s);
419 if (!isec)
420 continue;
421 if (isec->type == SHT_REL) {
422 markUsedLocalSymbolsImpl(f, isec->getDataAs<typename ELFT::Rel>());
423 } else if (isec->type == SHT_RELA) {
424 markUsedLocalSymbolsImpl(f, isec->getDataAs<typename ELFT::Rela>());
425 } else if (isec->type == SHT_CREL) {
426 // The is64=true variant also works with ELF32 since only the r_symidx
427 // member is used.
428 for (Elf_Crel_Impl<true> r : RelocsCrel<true>(isec->content_)) {
429 Symbol &sym = file->getSymbol(r.r_symidx);
430 if (sym.isLocal())
431 sym.used = true;
432 }
433 }
434 }
435 }
436 }
437
shouldKeepInSymtab(Ctx & ctx,const Defined & sym)438 static bool shouldKeepInSymtab(Ctx &ctx, const Defined &sym) {
439 if (sym.isSection())
440 return false;
441
442 // If --emit-reloc or -r is given, preserve symbols referenced by relocations
443 // from live sections.
444 if (sym.used && ctx.arg.copyRelocs)
445 return true;
446
447 // Exclude local symbols pointing to .ARM.exidx sections.
448 // They are probably mapping symbols "$d", which are optional for these
449 // sections. After merging the .ARM.exidx sections, some of these symbols
450 // may become dangling. The easiest way to avoid the issue is not to add
451 // them to the symbol table from the beginning.
452 if (ctx.arg.emachine == EM_ARM && sym.section &&
453 sym.section->type == SHT_ARM_EXIDX)
454 return false;
455
456 if (ctx.arg.discard == DiscardPolicy::None)
457 return true;
458 if (ctx.arg.discard == DiscardPolicy::All)
459 return false;
460
461 // In ELF assembly .L symbols are normally discarded by the assembler.
462 // If the assembler fails to do so, the linker discards them if
463 // * --discard-locals is used.
464 // * The symbol is in a SHF_MERGE section, which is normally the reason for
465 // the assembler keeping the .L symbol.
466 if (sym.getName().starts_with(".L") &&
467 (ctx.arg.discard == DiscardPolicy::Locals ||
468 (sym.section && (sym.section->flags & SHF_MERGE))))
469 return false;
470 return true;
471 }
472
includeInSymtab(Ctx & ctx,const Symbol & b)473 bool elf::includeInSymtab(Ctx &ctx, const Symbol &b) {
474 if (auto *d = dyn_cast<Defined>(&b)) {
475 // Always include absolute symbols.
476 SectionBase *sec = d->section;
477 if (!sec)
478 return true;
479 assert(sec->isLive());
480
481 if (auto *s = dyn_cast<MergeInputSection>(sec))
482 return s->getSectionPiece(d->value).live;
483 return true;
484 }
485 return b.used || !ctx.arg.gcSections;
486 }
487
488 // Scan local symbols to:
489 //
490 // - demote symbols defined relative to /DISCARD/ discarded input sections so
491 // that relocations referencing them will lead to errors.
492 // - copy eligible symbols to .symTab
demoteAndCopyLocalSymbols(Ctx & ctx)493 static void demoteAndCopyLocalSymbols(Ctx &ctx) {
494 llvm::TimeTraceScope timeScope("Add local symbols");
495 for (ELFFileBase *file : ctx.objectFiles) {
496 DenseMap<SectionBase *, size_t> sectionIndexMap;
497 for (Symbol *b : file->getLocalSymbols()) {
498 assert(b->isLocal() && "should have been caught in initializeSymbols()");
499 auto *dr = dyn_cast<Defined>(b);
500 if (!dr)
501 continue;
502
503 if (dr->section && !dr->section->isLive())
504 demoteDefined(*dr, sectionIndexMap);
505 else if (ctx.in.symTab && includeInSymtab(ctx, *b) &&
506 shouldKeepInSymtab(ctx, *dr))
507 ctx.in.symTab->addSymbol(b);
508 }
509 }
510 }
511
512 // Create a section symbol for each output section so that we can represent
513 // relocations that point to the section. If we know that no relocation is
514 // referring to a section (that happens if the section is a synthetic one), we
515 // don't create a section symbol for that section.
addSectionSymbols()516 template <class ELFT> void Writer<ELFT>::addSectionSymbols() {
517 for (SectionCommand *cmd : ctx.script->sectionCommands) {
518 auto *osd = dyn_cast<OutputDesc>(cmd);
519 if (!osd)
520 continue;
521 OutputSection &osec = osd->osec;
522 InputSectionBase *isec = nullptr;
523 // Iterate over all input sections and add a STT_SECTION symbol if any input
524 // section may be a relocation target.
525 for (SectionCommand *cmd : osec.commands) {
526 auto *isd = dyn_cast<InputSectionDescription>(cmd);
527 if (!isd)
528 continue;
529 for (InputSectionBase *s : isd->sections) {
530 // Relocations are not using REL[A] section symbols.
531 if (isStaticRelSecType(s->type))
532 continue;
533
534 // Unlike other synthetic sections, mergeable output sections contain
535 // data copied from input sections, and there may be a relocation
536 // pointing to its contents if -r or --emit-reloc is given.
537 if (isa<SyntheticSection>(s) && !(s->flags & SHF_MERGE))
538 continue;
539
540 isec = s;
541 break;
542 }
543 }
544 if (!isec)
545 continue;
546
547 // Set the symbol to be relative to the output section so that its st_value
548 // equals the output section address. Note, there may be a gap between the
549 // start of the output section and isec.
550 ctx.in.symTab->addSymbol(makeDefined(ctx, isec->file, "", STB_LOCAL,
551 /*stOther=*/0, STT_SECTION,
552 /*value=*/0, /*size=*/0, &osec));
553 }
554 }
555
556 // Today's loaders have a feature to make segments read-only after
557 // processing dynamic relocations to enhance security. PT_GNU_RELRO
558 // is defined for that.
559 //
560 // This function returns true if a section needs to be put into a
561 // PT_GNU_RELRO segment.
isRelroSection(Ctx & ctx,const OutputSection * sec)562 static bool isRelroSection(Ctx &ctx, const OutputSection *sec) {
563 if (!ctx.arg.zRelro)
564 return false;
565 if (sec->relro)
566 return true;
567
568 uint64_t flags = sec->flags;
569
570 // Non-allocatable or non-writable sections don't need RELRO because
571 // they are not writable or not even mapped to memory in the first place.
572 // RELRO is for sections that are essentially read-only but need to
573 // be writable only at process startup to allow dynamic linker to
574 // apply relocations.
575 if (!(flags & SHF_ALLOC) || !(flags & SHF_WRITE))
576 return false;
577
578 // Once initialized, TLS data segments are used as data templates
579 // for a thread-local storage. For each new thread, runtime
580 // allocates memory for a TLS and copy templates there. No thread
581 // are supposed to use templates directly. Thus, it can be in RELRO.
582 if (flags & SHF_TLS)
583 return true;
584
585 // .init_array, .preinit_array and .fini_array contain pointers to
586 // functions that are executed on process startup or exit. These
587 // pointers are set by the static linker, and they are not expected
588 // to change at runtime. But if you are an attacker, you could do
589 // interesting things by manipulating pointers in .fini_array, for
590 // example. So they are put into RELRO.
591 uint32_t type = sec->type;
592 if (type == SHT_INIT_ARRAY || type == SHT_FINI_ARRAY ||
593 type == SHT_PREINIT_ARRAY)
594 return true;
595
596 // .got contains pointers to external symbols. They are resolved by
597 // the dynamic linker when a module is loaded into memory, and after
598 // that they are not expected to change. So, it can be in RELRO.
599 if (ctx.in.got && sec == ctx.in.got->getParent())
600 return true;
601
602 // .toc is a GOT-ish section for PowerPC64. Their contents are accessed
603 // through r2 register, which is reserved for that purpose. Since r2 is used
604 // for accessing .got as well, .got and .toc need to be close enough in the
605 // virtual address space. Usually, .toc comes just after .got. Since we place
606 // .got into RELRO, .toc needs to be placed into RELRO too.
607 if (sec->name == ".toc")
608 return true;
609
610 // .got.plt contains pointers to external function symbols. They are
611 // by default resolved lazily, so we usually cannot put it into RELRO.
612 // However, if "-z now" is given, the lazy symbol resolution is
613 // disabled, which enables us to put it into RELRO.
614 if (sec == ctx.in.gotPlt->getParent())
615 return ctx.arg.zNow;
616
617 if (ctx.in.relroPadding && sec == ctx.in.relroPadding->getParent())
618 return true;
619
620 // .dynamic section contains data for the dynamic linker, and
621 // there's no need to write to it at runtime, so it's better to put
622 // it into RELRO.
623 if (sec->name == ".dynamic")
624 return true;
625
626 // Sections with some special names are put into RELRO. This is a
627 // bit unfortunate because section names shouldn't be significant in
628 // ELF in spirit. But in reality many linker features depend on
629 // magic section names.
630 StringRef s = sec->name;
631
632 bool abiAgnostic = s == ".data.rel.ro" || s == ".bss.rel.ro" ||
633 s == ".ctors" || s == ".dtors" || s == ".jcr" ||
634 s == ".eh_frame" || s == ".fini_array" ||
635 s == ".init_array" || s == ".preinit_array";
636
637 bool abiSpecific =
638 ctx.arg.osabi == ELFOSABI_OPENBSD && s == ".openbsd.randomdata";
639
640 return abiAgnostic || abiSpecific;
641 }
642
643 // We compute a rank for each section. The rank indicates where the
644 // section should be placed in the file. Instead of using simple
645 // numbers (0,1,2...), we use a series of flags. One for each decision
646 // point when placing the section.
647 // Using flags has two key properties:
648 // * It is easy to check if a give branch was taken.
649 // * It is easy two see how similar two ranks are (see getRankProximity).
650 enum RankFlags {
651 RF_NOT_ADDR_SET = 1 << 27,
652 RF_NOT_ALLOC = 1 << 26,
653 RF_PARTITION = 1 << 18, // Partition number (8 bits)
654 RF_LARGE_EXEC_WRITE = 1 << 16,
655 RF_LARGE_ALT = 1 << 15,
656 RF_WRITE = 1 << 14,
657 RF_EXEC_WRITE = 1 << 13,
658 RF_EXEC = 1 << 12,
659 RF_RODATA = 1 << 11,
660 RF_LARGE_EXEC = 1 << 10,
661 RF_LARGE = 1 << 9,
662 RF_NOT_RELRO = 1 << 8,
663 RF_NOT_TLS = 1 << 7,
664 RF_BSS = 1 << 6,
665 };
666
getSectionRank(Ctx & ctx,OutputSection & osec)667 unsigned elf::getSectionRank(Ctx &ctx, OutputSection &osec) {
668 unsigned rank = osec.partition * RF_PARTITION;
669
670 // We want to put section specified by -T option first, so we
671 // can start assigning VA starting from them later.
672 if (ctx.arg.sectionStartMap.count(osec.name))
673 return rank;
674 rank |= RF_NOT_ADDR_SET;
675
676 // Allocatable sections go first to reduce the total PT_LOAD size and
677 // so debug info doesn't change addresses in actual code.
678 if (!(osec.flags & SHF_ALLOC))
679 return rank | RF_NOT_ALLOC;
680
681 // Sort sections based on their access permission in the following
682 // order: R, RX, RXW, RW(RELRO), RW(non-RELRO).
683 //
684 // Read-only sections come first such that they go in the PT_LOAD covering the
685 // program headers at the start of the file.
686 //
687 // The layout for writable sections is PT_LOAD(PT_GNU_RELRO(.data.rel.ro
688 // .bss.rel.ro) | .data .bss), where | marks where page alignment happens.
689 // An alternative ordering is PT_LOAD(.data | PT_GNU_RELRO( .data.rel.ro
690 // .bss.rel.ro) | .bss), but it may waste more bytes due to 2 alignment
691 // places.
692 bool isExec = osec.flags & SHF_EXECINSTR;
693 bool isWrite = osec.flags & SHF_WRITE;
694 bool isLarge = osec.flags & SHF_X86_64_LARGE && ctx.arg.emachine == EM_X86_64;
695
696 if (!isWrite && !isExec) {
697 // Among PROGBITS sections, place .lrodata further from .text.
698 // For -z lrodata-after-bss, place .lrodata after .lbss like GNU ld. This
699 // layout has one extra PT_LOAD, but alleviates relocation overflow
700 // pressure for absolute relocations referencing small data from -fno-pic
701 // relocatable files.
702 if (isLarge)
703 rank |= ctx.arg.zLrodataAfterBss ? RF_LARGE_ALT : 0;
704 else
705 rank |= ctx.arg.zLrodataAfterBss ? 0 : RF_LARGE;
706
707 if (osec.type == SHT_LLVM_PART_EHDR)
708 ;
709 else if (osec.type == SHT_LLVM_PART_PHDR)
710 rank |= 1;
711 else if (osec.name == ".interp")
712 rank |= 2;
713 // Put .note sections at the beginning so that they are likely to be
714 // included in a truncate core file. In particular, .note.gnu.build-id, if
715 // available, can identify the object file.
716 else if (osec.type == SHT_NOTE)
717 rank |= 3;
718 // Make PROGBITS sections (e.g .rodata .eh_frame) closer to .text to
719 // alleviate relocation overflow pressure. Large special sections such as
720 // .dynstr and .dynsym can be away from .text.
721 else if (osec.type != SHT_PROGBITS)
722 rank |= 4;
723 else
724 rank |= RF_RODATA;
725 } else if (isExec) {
726 // Place readonly .ltext before .lrodata and writable .ltext after .lbss to
727 // keep writable and readonly segments separate.
728 if (isLarge) {
729 rank |= isWrite ? RF_LARGE_EXEC_WRITE : RF_LARGE_EXEC;
730 } else {
731 rank |= isWrite ? RF_EXEC_WRITE : RF_EXEC;
732 }
733 } else {
734 rank |= RF_WRITE;
735 // The TLS initialization block needs to be a single contiguous block. Place
736 // TLS sections directly before the other RELRO sections.
737 if (!(osec.flags & SHF_TLS))
738 rank |= RF_NOT_TLS;
739 if (isRelroSection(ctx, &osec))
740 osec.relro = true;
741 else
742 rank |= RF_NOT_RELRO;
743 // Place .ldata and .lbss after .bss. Making .bss closer to .text
744 // alleviates relocation overflow pressure.
745 // For -z lrodata-after-bss, place .lbss/.lrodata/.ldata after .bss.
746 // .bss/.lbss being adjacent reuses the NOBITS size optimization.
747 if (isLarge) {
748 rank |= ctx.arg.zLrodataAfterBss
749 ? (osec.type == SHT_NOBITS ? 1 : RF_LARGE_ALT)
750 : RF_LARGE;
751 }
752 }
753
754 // Within TLS sections, or within other RelRo sections, or within non-RelRo
755 // sections, place non-NOBITS sections first.
756 if (osec.type == SHT_NOBITS)
757 rank |= RF_BSS;
758
759 // Some architectures have additional ordering restrictions for sections
760 // within the same PT_LOAD.
761 if (ctx.arg.emachine == EM_PPC64) {
762 // PPC64 has a number of special SHT_PROGBITS+SHF_ALLOC+SHF_WRITE sections
763 // that we would like to make sure appear is a specific order to maximize
764 // their coverage by a single signed 16-bit offset from the TOC base
765 // pointer.
766 StringRef name = osec.name;
767 if (name == ".got")
768 rank |= 1;
769 else if (name == ".toc")
770 rank |= 2;
771 }
772
773 if (ctx.arg.emachine == EM_MIPS) {
774 if (osec.name != ".got")
775 rank |= 1;
776 // All sections with SHF_MIPS_GPREL flag should be grouped together
777 // because data in these sections is addressable with a gp relative address.
778 if (osec.flags & SHF_MIPS_GPREL)
779 rank |= 2;
780 }
781
782 if (ctx.arg.emachine == EM_RISCV) {
783 // .sdata and .sbss are placed closer to make GP relaxation more profitable
784 // and match GNU ld.
785 StringRef name = osec.name;
786 if (name == ".sdata" || (osec.type == SHT_NOBITS && name != ".sbss"))
787 rank |= 1;
788 }
789
790 return rank;
791 }
792
compareSections(Ctx & ctx,const SectionCommand * aCmd,const SectionCommand * bCmd)793 static bool compareSections(Ctx &ctx, const SectionCommand *aCmd,
794 const SectionCommand *bCmd) {
795 const OutputSection *a = &cast<OutputDesc>(aCmd)->osec;
796 const OutputSection *b = &cast<OutputDesc>(bCmd)->osec;
797
798 if (a->sortRank != b->sortRank)
799 return a->sortRank < b->sortRank;
800
801 if (!(a->sortRank & RF_NOT_ADDR_SET))
802 return ctx.arg.sectionStartMap.lookup(a->name) <
803 ctx.arg.sectionStartMap.lookup(b->name);
804 return false;
805 }
806
add(OutputSection * sec)807 void PhdrEntry::add(OutputSection *sec) {
808 lastSec = sec;
809 if (!firstSec)
810 firstSec = sec;
811 p_align = std::max(p_align, sec->addralign);
812 if (p_type == PT_LOAD)
813 sec->ptLoad = this;
814 }
815
816 // A statically linked position-dependent executable should only contain
817 // IRELATIVE relocations and no other dynamic relocations. Encapsulation symbols
818 // __rel[a]_iplt_{start,end} will be defined for .rel[a].dyn, to be
819 // processed by the libc runtime. Other executables or DSOs use dynamic tags
820 // instead.
addRelIpltSymbols()821 template <class ELFT> void Writer<ELFT>::addRelIpltSymbols() {
822 if (ctx.arg.isPic)
823 return;
824
825 // __rela_iplt_{start,end} are initially defined relative to dummy section 0.
826 // We'll override ctx.out.elfHeader with relaDyn later when we are sure that
827 // .rela.dyn will be present in the output.
828 std::string name = ctx.arg.isRela ? "__rela_iplt_start" : "__rel_iplt_start";
829 ctx.sym.relaIpltStart =
830 addOptionalRegular(ctx, name, ctx.out.elfHeader.get(), 0, STV_HIDDEN);
831 name.replace(name.size() - 5, 5, "end");
832 ctx.sym.relaIpltEnd =
833 addOptionalRegular(ctx, name, ctx.out.elfHeader.get(), 0, STV_HIDDEN);
834 }
835
836 // This function generates assignments for predefined symbols (e.g. _end or
837 // _etext) and inserts them into the commands sequence to be processed at the
838 // appropriate time. This ensures that the value is going to be correct by the
839 // time any references to these symbols are processed and is equivalent to
840 // defining these symbols explicitly in the linker script.
setReservedSymbolSections()841 template <class ELFT> void Writer<ELFT>::setReservedSymbolSections() {
842 if (ctx.sym.globalOffsetTable) {
843 // The _GLOBAL_OFFSET_TABLE_ symbol is defined by target convention usually
844 // to the start of the .got or .got.plt section.
845 InputSection *sec = ctx.in.gotPlt.get();
846 if (!ctx.target->gotBaseSymInGotPlt)
847 sec = ctx.in.mipsGot ? cast<InputSection>(ctx.in.mipsGot.get())
848 : cast<InputSection>(ctx.in.got.get());
849 ctx.sym.globalOffsetTable->section = sec;
850 }
851
852 // .rela_iplt_{start,end} mark the start and the end of the section containing
853 // IRELATIVE relocations.
854 if (ctx.sym.relaIpltStart) {
855 auto &dyn = getIRelativeSection(ctx);
856 if (dyn.isNeeded()) {
857 ctx.sym.relaIpltStart->section = &dyn;
858 ctx.sym.relaIpltEnd->section = &dyn;
859 ctx.sym.relaIpltEnd->value = dyn.getSize();
860 }
861 }
862
863 PhdrEntry *last = nullptr;
864 OutputSection *lastRO = nullptr;
865 auto isLarge = [&ctx = ctx](OutputSection *osec) {
866 return ctx.arg.emachine == EM_X86_64 && osec->flags & SHF_X86_64_LARGE;
867 };
868 for (Partition &part : ctx.partitions) {
869 for (auto &p : part.phdrs) {
870 if (p->p_type != PT_LOAD)
871 continue;
872 last = p.get();
873 if (!(p->p_flags & PF_W) && p->lastSec && !isLarge(p->lastSec))
874 lastRO = p->lastSec;
875 }
876 }
877
878 if (lastRO) {
879 // _etext is the first location after the last read-only loadable segment
880 // that does not contain large sections.
881 if (ctx.sym.etext1)
882 ctx.sym.etext1->section = lastRO;
883 if (ctx.sym.etext2)
884 ctx.sym.etext2->section = lastRO;
885 }
886
887 if (last) {
888 // _edata points to the end of the last non-large mapped initialized
889 // section.
890 OutputSection *edata = nullptr;
891 for (OutputSection *os : ctx.outputSections) {
892 if (os->type != SHT_NOBITS && !isLarge(os))
893 edata = os;
894 if (os == last->lastSec)
895 break;
896 }
897
898 if (ctx.sym.edata1)
899 ctx.sym.edata1->section = edata;
900 if (ctx.sym.edata2)
901 ctx.sym.edata2->section = edata;
902
903 // _end is the first location after the uninitialized data region.
904 if (ctx.sym.end1)
905 ctx.sym.end1->section = last->lastSec;
906 if (ctx.sym.end2)
907 ctx.sym.end2->section = last->lastSec;
908 }
909
910 if (ctx.sym.bss) {
911 // On RISC-V, set __bss_start to the start of .sbss if present.
912 OutputSection *sbss =
913 ctx.arg.emachine == EM_RISCV ? findSection(ctx, ".sbss") : nullptr;
914 ctx.sym.bss->section = sbss ? sbss : findSection(ctx, ".bss");
915 }
916
917 // Setup MIPS _gp_disp/__gnu_local_gp symbols which should
918 // be equal to the _gp symbol's value.
919 if (ctx.sym.mipsGp) {
920 // Find GP-relative section with the lowest address
921 // and use this address to calculate default _gp value.
922 for (OutputSection *os : ctx.outputSections) {
923 if (os->flags & SHF_MIPS_GPREL) {
924 ctx.sym.mipsGp->section = os;
925 ctx.sym.mipsGp->value = 0x7ff0;
926 break;
927 }
928 }
929 }
930 }
931
932 // We want to find how similar two ranks are.
933 // The more branches in getSectionRank that match, the more similar they are.
934 // Since each branch corresponds to a bit flag, we can just use
935 // countLeadingZeros.
getRankProximity(OutputSection * a,SectionCommand * b)936 static int getRankProximity(OutputSection *a, SectionCommand *b) {
937 auto *osd = dyn_cast<OutputDesc>(b);
938 return (osd && osd->osec.hasInputSections)
939 ? llvm::countl_zero(a->sortRank ^ osd->osec.sortRank)
940 : -1;
941 }
942
943 // When placing orphan sections, we want to place them after symbol assignments
944 // so that an orphan after
945 // begin_foo = .;
946 // foo : { *(foo) }
947 // end_foo = .;
948 // doesn't break the intended meaning of the begin/end symbols.
949 // We don't want to go over sections since findOrphanPos is the
950 // one in charge of deciding the order of the sections.
951 // We don't want to go over changes to '.', since doing so in
952 // rx_sec : { *(rx_sec) }
953 // . = ALIGN(0x1000);
954 // /* The RW PT_LOAD starts here*/
955 // rw_sec : { *(rw_sec) }
956 // would mean that the RW PT_LOAD would become unaligned.
shouldSkip(SectionCommand * cmd)957 static bool shouldSkip(SectionCommand *cmd) {
958 if (auto *assign = dyn_cast<SymbolAssignment>(cmd))
959 return assign->name != ".";
960 return false;
961 }
962
963 // We want to place orphan sections so that they share as much
964 // characteristics with their neighbors as possible. For example, if
965 // both are rw, or both are tls.
966 static SmallVectorImpl<SectionCommand *>::iterator
findOrphanPos(Ctx & ctx,SmallVectorImpl<SectionCommand * >::iterator b,SmallVectorImpl<SectionCommand * >::iterator e)967 findOrphanPos(Ctx &ctx, SmallVectorImpl<SectionCommand *>::iterator b,
968 SmallVectorImpl<SectionCommand *>::iterator e) {
969 // Place non-alloc orphan sections at the end. This matches how we assign file
970 // offsets to non-alloc sections.
971 OutputSection *sec = &cast<OutputDesc>(*e)->osec;
972 if (!(sec->flags & SHF_ALLOC))
973 return e;
974
975 // As a special case, place .relro_padding before the SymbolAssignment using
976 // DATA_SEGMENT_RELRO_END, if present.
977 if (ctx.in.relroPadding && sec == ctx.in.relroPadding->getParent()) {
978 auto i = std::find_if(b, e, [=](SectionCommand *a) {
979 if (auto *assign = dyn_cast<SymbolAssignment>(a))
980 return assign->dataSegmentRelroEnd;
981 return false;
982 });
983 if (i != e)
984 return i;
985 }
986
987 // Find the most similar output section as the anchor. Rank Proximity is a
988 // value in the range [-1, 32] where [0, 32] indicates potential anchors (0:
989 // least similar; 32: identical). -1 means not an anchor.
990 //
991 // In the event of proximity ties, we select the first or last section
992 // depending on whether the orphan's rank is smaller.
993 int maxP = 0;
994 auto i = e;
995 for (auto j = b; j != e; ++j) {
996 int p = getRankProximity(sec, *j);
997 if (p > maxP ||
998 (p == maxP && cast<OutputDesc>(*j)->osec.sortRank <= sec->sortRank)) {
999 maxP = p;
1000 i = j;
1001 }
1002 }
1003 if (i == e)
1004 return e;
1005
1006 auto isOutputSecWithInputSections = [](SectionCommand *cmd) {
1007 auto *osd = dyn_cast<OutputDesc>(cmd);
1008 return osd && osd->osec.hasInputSections;
1009 };
1010
1011 // Then, scan backward or forward through the script for a suitable insertion
1012 // point. If i's rank is larger, the orphan section can be placed before i.
1013 //
1014 // However, don't do this if custom program headers are defined. Otherwise,
1015 // adding the orphan to a previous segment can change its flags, for example,
1016 // making a read-only segment writable. If memory regions are defined, an
1017 // orphan section should continue the same region as the found section to
1018 // better resemble the behavior of GNU ld.
1019 bool mustAfter =
1020 ctx.script->hasPhdrsCommands() || !ctx.script->memoryRegions.empty();
1021 if (cast<OutputDesc>(*i)->osec.sortRank <= sec->sortRank || mustAfter) {
1022 for (auto j = ++i; j != e; ++j) {
1023 if (!isOutputSecWithInputSections(*j))
1024 continue;
1025 if (getRankProximity(sec, *j) != maxP)
1026 break;
1027 i = j + 1;
1028 }
1029 } else {
1030 for (; i != b; --i)
1031 if (isOutputSecWithInputSections(i[-1]))
1032 break;
1033 }
1034
1035 // As a special case, if the orphan section is the last section, put
1036 // it at the very end, past any other commands.
1037 // This matches bfd's behavior and is convenient when the linker script fully
1038 // specifies the start of the file, but doesn't care about the end (the non
1039 // alloc sections for example).
1040 if (std::none_of(i, e, isOutputSecWithInputSections))
1041 return e;
1042
1043 while (i != e && shouldSkip(*i))
1044 ++i;
1045 return i;
1046 }
1047
1048 // Adds random priorities to sections not already in the map.
maybeShuffle(Ctx & ctx,DenseMap<const InputSectionBase *,int> & order)1049 static void maybeShuffle(Ctx &ctx,
1050 DenseMap<const InputSectionBase *, int> &order) {
1051 if (ctx.arg.shuffleSections.empty())
1052 return;
1053
1054 SmallVector<InputSectionBase *, 0> matched, sections = ctx.inputSections;
1055 matched.reserve(sections.size());
1056 for (const auto &patAndSeed : ctx.arg.shuffleSections) {
1057 matched.clear();
1058 for (InputSectionBase *sec : sections)
1059 if (patAndSeed.first.match(sec->name))
1060 matched.push_back(sec);
1061 const uint32_t seed = patAndSeed.second;
1062 if (seed == UINT32_MAX) {
1063 // If --shuffle-sections <section-glob>=-1, reverse the section order. The
1064 // section order is stable even if the number of sections changes. This is
1065 // useful to catch issues like static initialization order fiasco
1066 // reliably.
1067 std::reverse(matched.begin(), matched.end());
1068 } else {
1069 std::mt19937 g(seed ? seed : std::random_device()());
1070 llvm::shuffle(matched.begin(), matched.end(), g);
1071 }
1072 size_t i = 0;
1073 for (InputSectionBase *&sec : sections)
1074 if (patAndSeed.first.match(sec->name))
1075 sec = matched[i++];
1076 }
1077
1078 // Existing priorities are < 0, so use priorities >= 0 for the missing
1079 // sections.
1080 int prio = 0;
1081 for (InputSectionBase *sec : sections) {
1082 if (order.try_emplace(sec, prio).second)
1083 ++prio;
1084 }
1085 }
1086
1087 // Return section order within an InputSectionDescription.
1088 // If both --symbol-ordering-file and call graph profile are present, the order
1089 // file takes precedence, but the call graph profile is still used for symbols
1090 // that don't appear in the order file.
buildSectionOrder(Ctx & ctx)1091 static DenseMap<const InputSectionBase *, int> buildSectionOrder(Ctx &ctx) {
1092 DenseMap<const InputSectionBase *, int> sectionOrder;
1093 if (ctx.arg.bpStartupFunctionSort || ctx.arg.bpFunctionOrderForCompression ||
1094 ctx.arg.bpDataOrderForCompression) {
1095 TimeTraceScope timeScope("Balanced Partitioning Section Orderer");
1096 sectionOrder = runBalancedPartitioning(
1097 ctx, ctx.arg.bpStartupFunctionSort ? ctx.arg.irpgoProfilePath : "",
1098 ctx.arg.bpFunctionOrderForCompression,
1099 ctx.arg.bpDataOrderForCompression,
1100 ctx.arg.bpCompressionSortStartupFunctions,
1101 ctx.arg.bpVerboseSectionOrderer);
1102 } else if (!ctx.arg.callGraphProfile.empty()) {
1103 sectionOrder = computeCallGraphProfileOrder(ctx);
1104 }
1105
1106 if (ctx.arg.symbolOrderingFile.empty())
1107 return sectionOrder;
1108
1109 struct SymbolOrderEntry {
1110 int priority;
1111 bool present;
1112 };
1113
1114 // Build a map from symbols to their priorities. Symbols that didn't
1115 // appear in the symbol ordering file have the lowest priority 0.
1116 // All explicitly mentioned symbols have negative (higher) priorities.
1117 DenseMap<CachedHashStringRef, SymbolOrderEntry> symbolOrder;
1118 int priority = -sectionOrder.size() - ctx.arg.symbolOrderingFile.size();
1119 for (StringRef s : ctx.arg.symbolOrderingFile)
1120 symbolOrder.insert({CachedHashStringRef(s), {priority++, false}});
1121
1122 // Build a map from sections to their priorities.
1123 auto addSym = [&](Symbol &sym) {
1124 auto it = symbolOrder.find(CachedHashStringRef(sym.getName()));
1125 if (it == symbolOrder.end())
1126 return;
1127 SymbolOrderEntry &ent = it->second;
1128 ent.present = true;
1129
1130 maybeWarnUnorderableSymbol(ctx, &sym);
1131
1132 if (auto *d = dyn_cast<Defined>(&sym)) {
1133 if (auto *sec = dyn_cast_or_null<InputSectionBase>(d->section)) {
1134 int &priority = sectionOrder[cast<InputSectionBase>(sec)];
1135 priority = std::min(priority, ent.priority);
1136 }
1137 }
1138 };
1139
1140 // We want both global and local symbols. We get the global ones from the
1141 // symbol table and iterate the object files for the local ones.
1142 for (Symbol *sym : ctx.symtab->getSymbols())
1143 addSym(*sym);
1144
1145 for (ELFFileBase *file : ctx.objectFiles)
1146 for (Symbol *sym : file->getLocalSymbols())
1147 addSym(*sym);
1148
1149 if (ctx.arg.warnSymbolOrdering)
1150 for (auto orderEntry : symbolOrder)
1151 if (!orderEntry.second.present)
1152 Warn(ctx) << "symbol ordering file: no such symbol: "
1153 << orderEntry.first.val();
1154
1155 return sectionOrder;
1156 }
1157
1158 // Sorts the sections in ISD according to the provided section order.
1159 static void
sortISDBySectionOrder(Ctx & ctx,InputSectionDescription * isd,const DenseMap<const InputSectionBase *,int> & order,bool executableOutputSection)1160 sortISDBySectionOrder(Ctx &ctx, InputSectionDescription *isd,
1161 const DenseMap<const InputSectionBase *, int> &order,
1162 bool executableOutputSection) {
1163 SmallVector<InputSection *, 0> unorderedSections;
1164 SmallVector<std::pair<InputSection *, int>, 0> orderedSections;
1165 uint64_t unorderedSize = 0;
1166 uint64_t totalSize = 0;
1167
1168 for (InputSection *isec : isd->sections) {
1169 if (executableOutputSection)
1170 totalSize += isec->getSize();
1171 auto i = order.find(isec);
1172 if (i == order.end()) {
1173 unorderedSections.push_back(isec);
1174 unorderedSize += isec->getSize();
1175 continue;
1176 }
1177 orderedSections.push_back({isec, i->second});
1178 }
1179 llvm::sort(orderedSections, llvm::less_second());
1180
1181 // Find an insertion point for the ordered section list in the unordered
1182 // section list. On targets with limited-range branches, this is the mid-point
1183 // of the unordered section list. This decreases the likelihood that a range
1184 // extension thunk will be needed to enter or exit the ordered region. If the
1185 // ordered section list is a list of hot functions, we can generally expect
1186 // the ordered functions to be called more often than the unordered functions,
1187 // making it more likely that any particular call will be within range, and
1188 // therefore reducing the number of thunks required.
1189 //
1190 // For example, imagine that you have 8MB of hot code and 32MB of cold code.
1191 // If the layout is:
1192 //
1193 // 8MB hot
1194 // 32MB cold
1195 //
1196 // only the first 8-16MB of the cold code (depending on which hot function it
1197 // is actually calling) can call the hot code without a range extension thunk.
1198 // However, if we use this layout:
1199 //
1200 // 16MB cold
1201 // 8MB hot
1202 // 16MB cold
1203 //
1204 // both the last 8-16MB of the first block of cold code and the first 8-16MB
1205 // of the second block of cold code can call the hot code without a thunk. So
1206 // we effectively double the amount of code that could potentially call into
1207 // the hot code without a thunk.
1208 //
1209 // The above is not necessary if total size of input sections in this "isd"
1210 // is small. Note that we assume all input sections are executable if the
1211 // output section is executable (which is not always true but supposed to
1212 // cover most cases).
1213 size_t insPt = 0;
1214 if (executableOutputSection && !orderedSections.empty() &&
1215 ctx.target->getThunkSectionSpacing() &&
1216 totalSize >= ctx.target->getThunkSectionSpacing()) {
1217 uint64_t unorderedPos = 0;
1218 for (; insPt != unorderedSections.size(); ++insPt) {
1219 unorderedPos += unorderedSections[insPt]->getSize();
1220 if (unorderedPos > unorderedSize / 2)
1221 break;
1222 }
1223 }
1224
1225 isd->sections.clear();
1226 for (InputSection *isec : ArrayRef(unorderedSections).slice(0, insPt))
1227 isd->sections.push_back(isec);
1228 for (std::pair<InputSection *, int> p : orderedSections)
1229 isd->sections.push_back(p.first);
1230 for (InputSection *isec : ArrayRef(unorderedSections).slice(insPt))
1231 isd->sections.push_back(isec);
1232 }
1233
sortSection(Ctx & ctx,OutputSection & osec,const DenseMap<const InputSectionBase *,int> & order)1234 static void sortSection(Ctx &ctx, OutputSection &osec,
1235 const DenseMap<const InputSectionBase *, int> &order) {
1236 StringRef name = osec.name;
1237
1238 // Never sort these.
1239 if (name == ".init" || name == ".fini")
1240 return;
1241
1242 // Sort input sections by priority using the list provided by
1243 // --symbol-ordering-file or --shuffle-sections=. This is a least significant
1244 // digit radix sort. The sections may be sorted stably again by a more
1245 // significant key.
1246 if (!order.empty())
1247 for (SectionCommand *b : osec.commands)
1248 if (auto *isd = dyn_cast<InputSectionDescription>(b))
1249 sortISDBySectionOrder(ctx, isd, order, osec.flags & SHF_EXECINSTR);
1250
1251 if (ctx.script->hasSectionsCommand)
1252 return;
1253
1254 if (name == ".init_array" || name == ".fini_array") {
1255 osec.sortInitFini();
1256 } else if (name == ".ctors" || name == ".dtors") {
1257 osec.sortCtorsDtors();
1258 } else if (ctx.arg.emachine == EM_PPC64 && name == ".toc") {
1259 // .toc is allocated just after .got and is accessed using GOT-relative
1260 // relocations. Object files compiled with small code model have an
1261 // addressable range of [.got, .got + 0xFFFC] for GOT-relative relocations.
1262 // To reduce the risk of relocation overflow, .toc contents are sorted so
1263 // that sections having smaller relocation offsets are at beginning of .toc
1264 assert(osec.commands.size() == 1);
1265 auto *isd = cast<InputSectionDescription>(osec.commands[0]);
1266 llvm::stable_sort(isd->sections,
1267 [](const InputSection *a, const InputSection *b) -> bool {
1268 return a->file->ppc64SmallCodeModelTocRelocs &&
1269 !b->file->ppc64SmallCodeModelTocRelocs;
1270 });
1271 }
1272 }
1273
1274 // Sort sections within each InputSectionDescription.
sortInputSections()1275 template <class ELFT> void Writer<ELFT>::sortInputSections() {
1276 // Assign negative priorities.
1277 DenseMap<const InputSectionBase *, int> order = buildSectionOrder(ctx);
1278 // Assign non-negative priorities due to --shuffle-sections.
1279 maybeShuffle(ctx, order);
1280 for (SectionCommand *cmd : ctx.script->sectionCommands)
1281 if (auto *osd = dyn_cast<OutputDesc>(cmd))
1282 sortSection(ctx, osd->osec, order);
1283 }
1284
sortSections()1285 template <class ELFT> void Writer<ELFT>::sortSections() {
1286 llvm::TimeTraceScope timeScope("Sort sections");
1287
1288 // Don't sort if using -r. It is not necessary and we want to preserve the
1289 // relative order for SHF_LINK_ORDER sections.
1290 if (ctx.arg.relocatable) {
1291 ctx.script->adjustOutputSections();
1292 return;
1293 }
1294
1295 sortInputSections();
1296
1297 for (SectionCommand *cmd : ctx.script->sectionCommands)
1298 if (auto *osd = dyn_cast<OutputDesc>(cmd))
1299 osd->osec.sortRank = getSectionRank(ctx, osd->osec);
1300 if (!ctx.script->hasSectionsCommand) {
1301 // OutputDescs are mostly contiguous, but may be interleaved with
1302 // SymbolAssignments in the presence of INSERT commands.
1303 auto mid = std::stable_partition(
1304 ctx.script->sectionCommands.begin(), ctx.script->sectionCommands.end(),
1305 [](SectionCommand *cmd) { return isa<OutputDesc>(cmd); });
1306 std::stable_sort(
1307 ctx.script->sectionCommands.begin(), mid,
1308 [&ctx = ctx](auto *l, auto *r) { return compareSections(ctx, l, r); });
1309 }
1310
1311 // Process INSERT commands and update output section attributes. From this
1312 // point onwards the order of script->sectionCommands is fixed.
1313 ctx.script->processInsertCommands();
1314 ctx.script->adjustOutputSections();
1315
1316 if (ctx.script->hasSectionsCommand)
1317 sortOrphanSections();
1318
1319 ctx.script->adjustSectionsAfterSorting();
1320 }
1321
sortOrphanSections()1322 template <class ELFT> void Writer<ELFT>::sortOrphanSections() {
1323 // Orphan sections are sections present in the input files which are
1324 // not explicitly placed into the output file by the linker script.
1325 //
1326 // The sections in the linker script are already in the correct
1327 // order. We have to figuere out where to insert the orphan
1328 // sections.
1329 //
1330 // The order of the sections in the script is arbitrary and may not agree with
1331 // compareSections. This means that we cannot easily define a strict weak
1332 // ordering. To see why, consider a comparison of a section in the script and
1333 // one not in the script. We have a two simple options:
1334 // * Make them equivalent (a is not less than b, and b is not less than a).
1335 // The problem is then that equivalence has to be transitive and we can
1336 // have sections a, b and c with only b in a script and a less than c
1337 // which breaks this property.
1338 // * Use compareSectionsNonScript. Given that the script order doesn't have
1339 // to match, we can end up with sections a, b, c, d where b and c are in the
1340 // script and c is compareSectionsNonScript less than b. In which case d
1341 // can be equivalent to c, a to b and d < a. As a concrete example:
1342 // .a (rx) # not in script
1343 // .b (rx) # in script
1344 // .c (ro) # in script
1345 // .d (ro) # not in script
1346 //
1347 // The way we define an order then is:
1348 // * Sort only the orphan sections. They are in the end right now.
1349 // * Move each orphan section to its preferred position. We try
1350 // to put each section in the last position where it can share
1351 // a PT_LOAD.
1352 //
1353 // There is some ambiguity as to where exactly a new entry should be
1354 // inserted, because Commands contains not only output section
1355 // commands but also other types of commands such as symbol assignment
1356 // expressions. There's no correct answer here due to the lack of the
1357 // formal specification of the linker script. We use heuristics to
1358 // determine whether a new output command should be added before or
1359 // after another commands. For the details, look at shouldSkip
1360 // function.
1361
1362 auto i = ctx.script->sectionCommands.begin();
1363 auto e = ctx.script->sectionCommands.end();
1364 auto nonScriptI = std::find_if(i, e, [](SectionCommand *cmd) {
1365 if (auto *osd = dyn_cast<OutputDesc>(cmd))
1366 return osd->osec.sectionIndex == UINT32_MAX;
1367 return false;
1368 });
1369
1370 // Sort the orphan sections.
1371 std::stable_sort(nonScriptI, e, [&ctx = ctx](auto *l, auto *r) {
1372 return compareSections(ctx, l, r);
1373 });
1374
1375 // As a horrible special case, skip the first . assignment if it is before any
1376 // section. We do this because it is common to set a load address by starting
1377 // the script with ". = 0xabcd" and the expectation is that every section is
1378 // after that.
1379 auto firstSectionOrDotAssignment =
1380 std::find_if(i, e, [](SectionCommand *cmd) { return !shouldSkip(cmd); });
1381 if (firstSectionOrDotAssignment != e &&
1382 isa<SymbolAssignment>(**firstSectionOrDotAssignment))
1383 ++firstSectionOrDotAssignment;
1384 i = firstSectionOrDotAssignment;
1385
1386 while (nonScriptI != e) {
1387 auto pos = findOrphanPos(ctx, i, nonScriptI);
1388 OutputSection *orphan = &cast<OutputDesc>(*nonScriptI)->osec;
1389
1390 // As an optimization, find all sections with the same sort rank
1391 // and insert them with one rotate.
1392 unsigned rank = orphan->sortRank;
1393 auto end = std::find_if(nonScriptI + 1, e, [=](SectionCommand *cmd) {
1394 return cast<OutputDesc>(cmd)->osec.sortRank != rank;
1395 });
1396 std::rotate(pos, nonScriptI, end);
1397 nonScriptI = end;
1398 }
1399 }
1400
compareByFilePosition(InputSection * a,InputSection * b)1401 static bool compareByFilePosition(InputSection *a, InputSection *b) {
1402 InputSection *la = a->flags & SHF_LINK_ORDER ? a->getLinkOrderDep() : nullptr;
1403 InputSection *lb = b->flags & SHF_LINK_ORDER ? b->getLinkOrderDep() : nullptr;
1404 // SHF_LINK_ORDER sections with non-zero sh_link are ordered before
1405 // non-SHF_LINK_ORDER sections and SHF_LINK_ORDER sections with zero sh_link.
1406 if (!la || !lb)
1407 return la && !lb;
1408 OutputSection *aOut = la->getParent();
1409 OutputSection *bOut = lb->getParent();
1410
1411 if (aOut == bOut)
1412 return la->outSecOff < lb->outSecOff;
1413 if (aOut->addr == bOut->addr)
1414 return aOut->sectionIndex < bOut->sectionIndex;
1415 return aOut->addr < bOut->addr;
1416 }
1417
resolveShfLinkOrder()1418 template <class ELFT> void Writer<ELFT>::resolveShfLinkOrder() {
1419 llvm::TimeTraceScope timeScope("Resolve SHF_LINK_ORDER");
1420 for (OutputSection *sec : ctx.outputSections) {
1421 if (!(sec->flags & SHF_LINK_ORDER))
1422 continue;
1423
1424 // The ARM.exidx section use SHF_LINK_ORDER, but we have consolidated
1425 // this processing inside the ARMExidxsyntheticsection::finalizeContents().
1426 if (!ctx.arg.relocatable && ctx.arg.emachine == EM_ARM &&
1427 sec->type == SHT_ARM_EXIDX)
1428 continue;
1429
1430 // Link order may be distributed across several InputSectionDescriptions.
1431 // Sorting is performed separately.
1432 SmallVector<InputSection **, 0> scriptSections;
1433 SmallVector<InputSection *, 0> sections;
1434 for (SectionCommand *cmd : sec->commands) {
1435 auto *isd = dyn_cast<InputSectionDescription>(cmd);
1436 if (!isd)
1437 continue;
1438 bool hasLinkOrder = false;
1439 scriptSections.clear();
1440 sections.clear();
1441 for (InputSection *&isec : isd->sections) {
1442 if (isec->flags & SHF_LINK_ORDER) {
1443 InputSection *link = isec->getLinkOrderDep();
1444 if (link && !link->getParent())
1445 ErrAlways(ctx) << isec << ": sh_link points to discarded section "
1446 << link;
1447 hasLinkOrder = true;
1448 }
1449 scriptSections.push_back(&isec);
1450 sections.push_back(isec);
1451 }
1452 if (hasLinkOrder && errCount(ctx) == 0) {
1453 llvm::stable_sort(sections, compareByFilePosition);
1454 for (int i = 0, n = sections.size(); i != n; ++i)
1455 *scriptSections[i] = sections[i];
1456 }
1457 }
1458 }
1459 }
1460
finalizeSynthetic(Ctx & ctx,SyntheticSection * sec)1461 static void finalizeSynthetic(Ctx &ctx, SyntheticSection *sec) {
1462 if (sec && sec->isNeeded() && sec->getParent()) {
1463 llvm::TimeTraceScope timeScope("Finalize synthetic sections", sec->name);
1464 sec->finalizeContents();
1465 }
1466 }
1467
canInsertPadding(OutputSection * sec)1468 static bool canInsertPadding(OutputSection *sec) {
1469 StringRef s = sec->name;
1470 return s == ".bss" || s == ".data" || s == ".data.rel.ro" || s == ".lbss" ||
1471 s == ".ldata" || s == ".lrodata" || s == ".ltext" || s == ".rodata" ||
1472 s.starts_with(".text");
1473 }
1474
randomizeSectionPadding(Ctx & ctx)1475 static void randomizeSectionPadding(Ctx &ctx) {
1476 std::mt19937 g(*ctx.arg.randomizeSectionPadding);
1477 PhdrEntry *curPtLoad = nullptr;
1478 for (OutputSection *os : ctx.outputSections) {
1479 if (!canInsertPadding(os))
1480 continue;
1481 for (SectionCommand *bc : os->commands) {
1482 if (auto *isd = dyn_cast<InputSectionDescription>(bc)) {
1483 SmallVector<InputSection *, 0> tmp;
1484 if (os->ptLoad != curPtLoad) {
1485 tmp.push_back(make<RandomizePaddingSection>(
1486 ctx, g() % ctx.arg.maxPageSize, os));
1487 curPtLoad = os->ptLoad;
1488 }
1489 for (InputSection *isec : isd->sections) {
1490 // Probability of inserting padding is 1 in 16.
1491 if (g() % 16 == 0)
1492 tmp.push_back(
1493 make<RandomizePaddingSection>(ctx, isec->addralign, os));
1494 tmp.push_back(isec);
1495 }
1496 isd->sections = std::move(tmp);
1497 }
1498 }
1499 }
1500 }
1501
1502 // We need to generate and finalize the content that depends on the address of
1503 // InputSections. As the generation of the content may also alter InputSection
1504 // addresses we must converge to a fixed point. We do that here. See the comment
1505 // in Writer<ELFT>::finalizeSections().
finalizeAddressDependentContent()1506 template <class ELFT> void Writer<ELFT>::finalizeAddressDependentContent() {
1507 llvm::TimeTraceScope timeScope("Finalize address dependent content");
1508 AArch64Err843419Patcher a64p(ctx);
1509 ARMErr657417Patcher a32p(ctx);
1510 ctx.script->assignAddresses();
1511
1512 // .ARM.exidx and SHF_LINK_ORDER do not require precise addresses, but they
1513 // do require the relative addresses of OutputSections because linker scripts
1514 // can assign Virtual Addresses to OutputSections that are not monotonically
1515 // increasing. Anything here must be repeatable, since spilling may change
1516 // section order.
1517 const auto finalizeOrderDependentContent = [this] {
1518 for (Partition &part : ctx.partitions)
1519 finalizeSynthetic(ctx, part.armExidx.get());
1520 resolveShfLinkOrder();
1521 };
1522 finalizeOrderDependentContent();
1523
1524 // Converts call x@GDPLT to call __tls_get_addr
1525 if (ctx.arg.emachine == EM_HEXAGON)
1526 hexagonTLSSymbolUpdate(ctx);
1527
1528 if (ctx.arg.randomizeSectionPadding)
1529 randomizeSectionPadding(ctx);
1530
1531 uint32_t pass = 0, assignPasses = 0;
1532 for (;;) {
1533 bool changed = ctx.target->needsThunks
1534 ? tc.createThunks(pass, ctx.outputSections)
1535 : ctx.target->relaxOnce(pass);
1536 bool spilled = ctx.script->spillSections();
1537 changed |= spilled;
1538 ++pass;
1539
1540 // With Thunk Size much smaller than branch range we expect to
1541 // converge quickly; if we get to 30 something has gone wrong.
1542 if (changed && pass >= 30) {
1543 Err(ctx) << "address assignment did not converge";
1544 break;
1545 }
1546
1547 if (ctx.arg.fixCortexA53Errata843419) {
1548 if (changed)
1549 ctx.script->assignAddresses();
1550 changed |= a64p.createFixes();
1551 }
1552 if (ctx.arg.fixCortexA8) {
1553 if (changed)
1554 ctx.script->assignAddresses();
1555 changed |= a32p.createFixes();
1556 }
1557
1558 finalizeSynthetic(ctx, ctx.in.got.get());
1559 if (ctx.in.mipsGot)
1560 ctx.in.mipsGot->updateAllocSize(ctx);
1561
1562 for (Partition &part : ctx.partitions) {
1563 // The R_AARCH64_AUTH_RELATIVE has a smaller addend field as bits [63:32]
1564 // encode the signing schema. We've put relocations in .relr.auth.dyn
1565 // during RelocationScanner::processAux, but the target VA for some of
1566 // them might be wider than 32 bits. We can only know the final VA at this
1567 // point, so move relocations with large values from .relr.auth.dyn to
1568 // .rela.dyn. See also AArch64::relocate.
1569 if (part.relrAuthDyn) {
1570 auto it = llvm::remove_if(
1571 part.relrAuthDyn->relocs, [this, &part](const RelativeReloc &elem) {
1572 const Relocation &reloc = elem.inputSec->relocs()[elem.relocIdx];
1573 if (isInt<32>(reloc.sym->getVA(ctx, reloc.addend)))
1574 return false;
1575 part.relaDyn->addReloc({R_AARCH64_AUTH_RELATIVE, elem.inputSec,
1576 reloc.offset,
1577 DynamicReloc::AddendOnlyWithTargetVA,
1578 *reloc.sym, reloc.addend, R_ABS});
1579 return true;
1580 });
1581 changed |= (it != part.relrAuthDyn->relocs.end());
1582 part.relrAuthDyn->relocs.erase(it, part.relrAuthDyn->relocs.end());
1583 }
1584 if (part.relaDyn)
1585 changed |= part.relaDyn->updateAllocSize(ctx);
1586 if (part.relrDyn)
1587 changed |= part.relrDyn->updateAllocSize(ctx);
1588 if (part.relrAuthDyn)
1589 changed |= part.relrAuthDyn->updateAllocSize(ctx);
1590 if (part.memtagGlobalDescriptors)
1591 changed |= part.memtagGlobalDescriptors->updateAllocSize(ctx);
1592 }
1593
1594 std::pair<const OutputSection *, const Defined *> changes =
1595 ctx.script->assignAddresses();
1596 if (!changed) {
1597 // Some symbols may be dependent on section addresses. When we break the
1598 // loop, the symbol values are finalized because a previous
1599 // assignAddresses() finalized section addresses.
1600 if (!changes.first && !changes.second)
1601 break;
1602 if (++assignPasses == 5) {
1603 if (changes.first)
1604 Err(ctx) << "address (0x" << Twine::utohexstr(changes.first->addr)
1605 << ") of section '" << changes.first->name
1606 << "' does not converge";
1607 if (changes.second)
1608 Err(ctx) << "assignment to symbol " << changes.second
1609 << " does not converge";
1610 break;
1611 }
1612 } else if (spilled) {
1613 // Spilling can change relative section order.
1614 finalizeOrderDependentContent();
1615 }
1616 }
1617 if (!ctx.arg.relocatable)
1618 ctx.target->finalizeRelax(pass);
1619
1620 if (ctx.arg.relocatable)
1621 for (OutputSection *sec : ctx.outputSections)
1622 sec->addr = 0;
1623
1624 uint64_t imageBase = ctx.script->hasSectionsCommand || ctx.arg.relocatable
1625 ? 0
1626 : ctx.target->getImageBase();
1627 for (SectionCommand *cmd : ctx.script->sectionCommands) {
1628 auto *osd = dyn_cast<OutputDesc>(cmd);
1629 if (!osd)
1630 continue;
1631 OutputSection *osec = &osd->osec;
1632 // Error if the address is below the image base when SECTIONS is absent
1633 // (e.g. when -Ttext is specified and smaller than the default target image
1634 // base for no-pie).
1635 if (osec->addr < imageBase && (osec->flags & SHF_ALLOC)) {
1636 Err(ctx) << "section '" << osec->name << "' address (0x"
1637 << Twine::utohexstr(osec->addr)
1638 << ") is smaller than image base (0x"
1639 << Twine::utohexstr(imageBase) << "); specify --image-base";
1640 }
1641
1642 // If addrExpr is set, the address may not be a multiple of the alignment.
1643 // Warn because this is error-prone.
1644 if (osec->addr % osec->addralign != 0)
1645 Warn(ctx) << "address (0x" << Twine::utohexstr(osec->addr)
1646 << ") of section " << osec->name
1647 << " is not a multiple of alignment (" << osec->addralign
1648 << ")";
1649 }
1650
1651 // Sizes are no longer allowed to grow, so all allowable spills have been
1652 // taken. Remove any leftover potential spills.
1653 ctx.script->erasePotentialSpillSections();
1654 }
1655
1656 // If Input Sections have been shrunk (basic block sections) then
1657 // update symbol values and sizes associated with these sections. With basic
1658 // block sections, input sections can shrink when the jump instructions at
1659 // the end of the section are relaxed.
fixSymbolsAfterShrinking(Ctx & ctx)1660 static void fixSymbolsAfterShrinking(Ctx &ctx) {
1661 for (InputFile *File : ctx.objectFiles) {
1662 parallelForEach(File->getSymbols(), [&](Symbol *Sym) {
1663 auto *def = dyn_cast<Defined>(Sym);
1664 if (!def)
1665 return;
1666
1667 const SectionBase *sec = def->section;
1668 if (!sec)
1669 return;
1670
1671 const InputSectionBase *inputSec = dyn_cast<InputSectionBase>(sec);
1672 if (!inputSec || !inputSec->bytesDropped)
1673 return;
1674
1675 const size_t OldSize = inputSec->content().size();
1676 const size_t NewSize = OldSize - inputSec->bytesDropped;
1677
1678 if (def->value > NewSize && def->value <= OldSize) {
1679 LLVM_DEBUG(llvm::dbgs()
1680 << "Moving symbol " << Sym->getName() << " from "
1681 << def->value << " to "
1682 << def->value - inputSec->bytesDropped << " bytes\n");
1683 def->value -= inputSec->bytesDropped;
1684 return;
1685 }
1686
1687 if (def->value + def->size > NewSize && def->value <= OldSize &&
1688 def->value + def->size <= OldSize) {
1689 LLVM_DEBUG(llvm::dbgs()
1690 << "Shrinking symbol " << Sym->getName() << " from "
1691 << def->size << " to " << def->size - inputSec->bytesDropped
1692 << " bytes\n");
1693 def->size -= inputSec->bytesDropped;
1694 }
1695 });
1696 }
1697 }
1698
1699 // If basic block sections exist, there are opportunities to delete fall thru
1700 // jumps and shrink jump instructions after basic block reordering. This
1701 // relaxation pass does that. It is only enabled when --optimize-bb-jumps
1702 // option is used.
optimizeBasicBlockJumps()1703 template <class ELFT> void Writer<ELFT>::optimizeBasicBlockJumps() {
1704 assert(ctx.arg.optimizeBBJumps);
1705 SmallVector<InputSection *, 0> storage;
1706
1707 ctx.script->assignAddresses();
1708 // For every output section that has executable input sections, this
1709 // does the following:
1710 // 1. Deletes all direct jump instructions in input sections that
1711 // jump to the following section as it is not required.
1712 // 2. If there are two consecutive jump instructions, it checks
1713 // if they can be flipped and one can be deleted.
1714 for (OutputSection *osec : ctx.outputSections) {
1715 if (!(osec->flags & SHF_EXECINSTR))
1716 continue;
1717 ArrayRef<InputSection *> sections = getInputSections(*osec, storage);
1718 size_t numDeleted = 0;
1719 // Delete all fall through jump instructions. Also, check if two
1720 // consecutive jump instructions can be flipped so that a fall
1721 // through jmp instruction can be deleted.
1722 for (size_t i = 0, e = sections.size(); i != e; ++i) {
1723 InputSection *next = i + 1 < sections.size() ? sections[i + 1] : nullptr;
1724 InputSection &sec = *sections[i];
1725 numDeleted += ctx.target->deleteFallThruJmpInsn(sec, sec.file, next);
1726 }
1727 if (numDeleted > 0) {
1728 ctx.script->assignAddresses();
1729 LLVM_DEBUG(llvm::dbgs()
1730 << "Removing " << numDeleted << " fall through jumps\n");
1731 }
1732 }
1733
1734 fixSymbolsAfterShrinking(ctx);
1735
1736 for (OutputSection *osec : ctx.outputSections)
1737 for (InputSection *is : getInputSections(*osec, storage))
1738 is->trim();
1739 }
1740
1741 // In order to allow users to manipulate linker-synthesized sections,
1742 // we had to add synthetic sections to the input section list early,
1743 // even before we make decisions whether they are needed. This allows
1744 // users to write scripts like this: ".mygot : { .got }".
1745 //
1746 // Doing it has an unintended side effects. If it turns out that we
1747 // don't need a .got (for example) at all because there's no
1748 // relocation that needs a .got, we don't want to emit .got.
1749 //
1750 // To deal with the above problem, this function is called after
1751 // scanRelocations is called to remove synthetic sections that turn
1752 // out to be empty.
removeUnusedSyntheticSections(Ctx & ctx)1753 static void removeUnusedSyntheticSections(Ctx &ctx) {
1754 // All input synthetic sections that can be empty are placed after
1755 // all regular ones. Reverse iterate to find the first synthetic section
1756 // after a non-synthetic one which will be our starting point.
1757 auto start =
1758 llvm::find_if(llvm::reverse(ctx.inputSections), [](InputSectionBase *s) {
1759 return !isa<SyntheticSection>(s);
1760 }).base();
1761
1762 // Remove unused synthetic sections from ctx.inputSections;
1763 DenseSet<InputSectionBase *> unused;
1764 auto end =
1765 std::remove_if(start, ctx.inputSections.end(), [&](InputSectionBase *s) {
1766 auto *sec = cast<SyntheticSection>(s);
1767 if (sec->getParent() && sec->isNeeded())
1768 return false;
1769 // .relr.auth.dyn relocations may be moved to .rela.dyn in
1770 // finalizeAddressDependentContent, making .rela.dyn no longer empty.
1771 // Conservatively keep .rela.dyn. .relr.auth.dyn can be made empty, but
1772 // we would fail to remove it here.
1773 if (ctx.arg.emachine == EM_AARCH64 && ctx.arg.relrPackDynRelocs &&
1774 sec == ctx.mainPart->relaDyn.get())
1775 return false;
1776 unused.insert(sec);
1777 return true;
1778 });
1779 ctx.inputSections.erase(end, ctx.inputSections.end());
1780
1781 // Remove unused synthetic sections from the corresponding input section
1782 // description and orphanSections.
1783 for (auto *sec : unused)
1784 if (OutputSection *osec = cast<SyntheticSection>(sec)->getParent())
1785 for (SectionCommand *cmd : osec->commands)
1786 if (auto *isd = dyn_cast<InputSectionDescription>(cmd))
1787 llvm::erase_if(isd->sections, [&](InputSection *isec) {
1788 return unused.count(isec);
1789 });
1790 llvm::erase_if(ctx.script->orphanSections, [&](const InputSectionBase *sec) {
1791 return unused.count(sec);
1792 });
1793 }
1794
1795 // Create output section objects and add them to OutputSections.
finalizeSections()1796 template <class ELFT> void Writer<ELFT>::finalizeSections() {
1797 if (!ctx.arg.relocatable) {
1798 ctx.out.preinitArray = findSection(ctx, ".preinit_array");
1799 ctx.out.initArray = findSection(ctx, ".init_array");
1800 ctx.out.finiArray = findSection(ctx, ".fini_array");
1801
1802 // The linker needs to define SECNAME_start, SECNAME_end and SECNAME_stop
1803 // symbols for sections, so that the runtime can get the start and end
1804 // addresses of each section by section name. Add such symbols.
1805 addStartEndSymbols();
1806 for (SectionCommand *cmd : ctx.script->sectionCommands)
1807 if (auto *osd = dyn_cast<OutputDesc>(cmd))
1808 addStartStopSymbols(osd->osec);
1809
1810 // Add _DYNAMIC symbol. Unlike GNU gold, our _DYNAMIC symbol has no type.
1811 // It should be okay as no one seems to care about the type.
1812 // Even the author of gold doesn't remember why gold behaves that way.
1813 // https://sourceware.org/ml/binutils/2002-03/msg00360.html
1814 if (ctx.mainPart->dynamic->parent) {
1815 Symbol *s = ctx.symtab->addSymbol(Defined{
1816 ctx, ctx.internalFile, "_DYNAMIC", STB_WEAK, STV_HIDDEN, STT_NOTYPE,
1817 /*value=*/0, /*size=*/0, ctx.mainPart->dynamic.get()});
1818 s->isUsedInRegularObj = true;
1819 }
1820
1821 // Define __rel[a]_iplt_{start,end} symbols if needed.
1822 addRelIpltSymbols();
1823
1824 // RISC-V's gp can address +/- 2 KiB, set it to .sdata + 0x800. This symbol
1825 // should only be defined in an executable. If .sdata does not exist, its
1826 // value/section does not matter but it has to be relative, so set its
1827 // st_shndx arbitrarily to 1 (ctx.out.elfHeader).
1828 if (ctx.arg.emachine == EM_RISCV) {
1829 if (!ctx.arg.shared) {
1830 OutputSection *sec = findSection(ctx, ".sdata");
1831 addOptionalRegular(ctx, "__global_pointer$",
1832 sec ? sec : ctx.out.elfHeader.get(), 0x800,
1833 STV_DEFAULT);
1834 // Set riscvGlobalPointer to be used by the optional global pointer
1835 // relaxation.
1836 if (ctx.arg.relaxGP) {
1837 Symbol *s = ctx.symtab->find("__global_pointer$");
1838 if (s && s->isDefined())
1839 ctx.sym.riscvGlobalPointer = cast<Defined>(s);
1840 }
1841 }
1842 }
1843
1844 if (ctx.arg.emachine == EM_386 || ctx.arg.emachine == EM_X86_64) {
1845 // On targets that support TLSDESC, _TLS_MODULE_BASE_ is defined in such a
1846 // way that:
1847 //
1848 // 1) Without relaxation: it produces a dynamic TLSDESC relocation that
1849 // computes 0.
1850 // 2) With LD->LE relaxation: _TLS_MODULE_BASE_@tpoff = 0 (lowest address
1851 // in the TLS block).
1852 //
1853 // 2) is special cased in @tpoff computation. To satisfy 1), we define it
1854 // as an absolute symbol of zero. This is different from GNU linkers which
1855 // define _TLS_MODULE_BASE_ relative to the first TLS section.
1856 Symbol *s = ctx.symtab->find("_TLS_MODULE_BASE_");
1857 if (s && s->isUndefined()) {
1858 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL,
1859 STV_HIDDEN, STT_TLS, /*value=*/0, 0,
1860 /*section=*/nullptr});
1861 ctx.sym.tlsModuleBase = cast<Defined>(s);
1862 }
1863 }
1864
1865 // This responsible for splitting up .eh_frame section into
1866 // pieces. The relocation scan uses those pieces, so this has to be
1867 // earlier.
1868 {
1869 llvm::TimeTraceScope timeScope("Finalize .eh_frame");
1870 for (Partition &part : ctx.partitions)
1871 finalizeSynthetic(ctx, part.ehFrame.get());
1872 }
1873 }
1874
1875 // If the previous code block defines any non-hidden symbols (e.g.
1876 // __global_pointer$), they may be exported.
1877 if (ctx.arg.exportDynamic)
1878 for (Symbol *sym : ctx.synthesizedSymbols)
1879 if (sym->computeBinding(ctx) != STB_LOCAL)
1880 sym->isExported = true;
1881
1882 demoteSymbolsAndComputeIsPreemptible(ctx);
1883
1884 if (ctx.arg.copyRelocs && ctx.arg.discard != DiscardPolicy::None)
1885 markUsedLocalSymbols<ELFT>(ctx);
1886 demoteAndCopyLocalSymbols(ctx);
1887
1888 if (ctx.arg.copyRelocs)
1889 addSectionSymbols();
1890
1891 // Change values of linker-script-defined symbols from placeholders (assigned
1892 // by declareSymbols) to actual definitions.
1893 ctx.script->processSymbolAssignments();
1894
1895 if (!ctx.arg.relocatable) {
1896 llvm::TimeTraceScope timeScope("Scan relocations");
1897 // Scan relocations. This must be done after every symbol is declared so
1898 // that we can correctly decide if a dynamic relocation is needed. This is
1899 // called after processSymbolAssignments() because it needs to know whether
1900 // a linker-script-defined symbol is absolute.
1901 scanRelocations<ELFT>(ctx);
1902 reportUndefinedSymbols(ctx);
1903 postScanRelocations(ctx);
1904
1905 if (ctx.in.plt && ctx.in.plt->isNeeded())
1906 ctx.in.plt->addSymbols();
1907 if (ctx.in.iplt && ctx.in.iplt->isNeeded())
1908 ctx.in.iplt->addSymbols();
1909
1910 if (ctx.arg.unresolvedSymbolsInShlib != UnresolvedPolicy::Ignore) {
1911 auto diag =
1912 ctx.arg.unresolvedSymbolsInShlib == UnresolvedPolicy::ReportError &&
1913 !ctx.arg.noinhibitExec
1914 ? DiagLevel::Err
1915 : DiagLevel::Warn;
1916 // Error on undefined symbols in a shared object, if all of its DT_NEEDED
1917 // entries are seen. These cases would otherwise lead to runtime errors
1918 // reported by the dynamic linker.
1919 //
1920 // ld.bfd traces all DT_NEEDED to emulate the logic of the dynamic linker
1921 // to catch more cases. That is too much for us. Our approach resembles
1922 // the one used in ld.gold, achieves a good balance to be useful but not
1923 // too smart.
1924 //
1925 // If a DSO reference is resolved by a SharedSymbol, but the SharedSymbol
1926 // is overridden by a hidden visibility Defined (which is later discarded
1927 // due to GC), don't report the diagnostic. However, this may indicate an
1928 // unintended SharedSymbol.
1929 for (SharedFile *file : ctx.sharedFiles) {
1930 bool allNeededIsKnown =
1931 llvm::all_of(file->dtNeeded, [&](StringRef needed) {
1932 return ctx.symtab->soNames.count(CachedHashStringRef(needed));
1933 });
1934 if (!allNeededIsKnown)
1935 continue;
1936 for (Symbol *sym : file->requiredSymbols) {
1937 if (sym->dsoDefined)
1938 continue;
1939 if (sym->isUndefined() && !sym->isWeak()) {
1940 ELFSyncStream(ctx, diag)
1941 << "undefined reference: " << sym << "\n>>> referenced by "
1942 << file << " (disallowed by --no-allow-shlib-undefined)";
1943 } else if (sym->isDefined() &&
1944 sym->computeBinding(ctx) == STB_LOCAL) {
1945 ELFSyncStream(ctx, diag)
1946 << "non-exported symbol '" << sym << "' in '" << sym->file
1947 << "' is referenced by DSO '" << file << "'";
1948 }
1949 }
1950 }
1951 }
1952 }
1953
1954 {
1955 llvm::TimeTraceScope timeScope("Add symbols to symtabs");
1956 // Now that we have defined all possible global symbols including linker-
1957 // synthesized ones. Visit all symbols to give the finishing touches.
1958 for (Symbol *sym : ctx.symtab->getSymbols()) {
1959 if (!sym->isUsedInRegularObj || !includeInSymtab(ctx, *sym))
1960 continue;
1961 if (!ctx.arg.relocatable)
1962 sym->binding = sym->computeBinding(ctx);
1963 if (ctx.in.symTab)
1964 ctx.in.symTab->addSymbol(sym);
1965
1966 // computeBinding might localize a symbol that was considered exported
1967 // but then synthesized as hidden (e.g. _DYNAMIC).
1968 if ((sym->isExported || sym->isPreemptible) && !sym->isLocal()) {
1969 ctx.partitions[sym->partition - 1].dynSymTab->addSymbol(sym);
1970 if (auto *file = dyn_cast<SharedFile>(sym->file))
1971 if (file->isNeeded && !sym->isUndefined())
1972 addVerneed(ctx, *sym);
1973 }
1974 }
1975
1976 // We also need to scan the dynamic relocation tables of the other
1977 // partitions and add any referenced symbols to the partition's dynsym.
1978 for (Partition &part :
1979 MutableArrayRef<Partition>(ctx.partitions).slice(1)) {
1980 DenseSet<Symbol *> syms;
1981 for (const SymbolTableEntry &e : part.dynSymTab->getSymbols())
1982 syms.insert(e.sym);
1983 for (DynamicReloc &reloc : part.relaDyn->relocs)
1984 if (reloc.sym && reloc.needsDynSymIndex() &&
1985 syms.insert(reloc.sym).second)
1986 part.dynSymTab->addSymbol(reloc.sym);
1987 }
1988 }
1989
1990 if (ctx.in.mipsGot)
1991 ctx.in.mipsGot->build();
1992
1993 removeUnusedSyntheticSections(ctx);
1994 ctx.script->diagnoseOrphanHandling();
1995 ctx.script->diagnoseMissingSGSectionAddress();
1996
1997 sortSections();
1998
1999 // Create a list of OutputSections, assign sectionIndex, and populate
2000 // ctx.in.shStrTab. If -z nosectionheader is specified, drop non-ALLOC
2001 // sections.
2002 for (SectionCommand *cmd : ctx.script->sectionCommands)
2003 if (auto *osd = dyn_cast<OutputDesc>(cmd)) {
2004 OutputSection *osec = &osd->osec;
2005 if (!ctx.in.shStrTab && !(osec->flags & SHF_ALLOC))
2006 continue;
2007 ctx.outputSections.push_back(osec);
2008 osec->sectionIndex = ctx.outputSections.size();
2009 if (ctx.in.shStrTab)
2010 osec->shName = ctx.in.shStrTab->addString(osec->name);
2011 }
2012
2013 // Prefer command line supplied address over other constraints.
2014 for (OutputSection *sec : ctx.outputSections) {
2015 auto i = ctx.arg.sectionStartMap.find(sec->name);
2016 if (i != ctx.arg.sectionStartMap.end())
2017 sec->addrExpr = [=] { return i->second; };
2018 }
2019
2020 // With the ctx.outputSections available check for GDPLT relocations
2021 // and add __tls_get_addr symbol if needed.
2022 if (ctx.arg.emachine == EM_HEXAGON &&
2023 hexagonNeedsTLSSymbol(ctx.outputSections)) {
2024 Symbol *sym =
2025 ctx.symtab->addSymbol(Undefined{ctx.internalFile, "__tls_get_addr",
2026 STB_GLOBAL, STV_DEFAULT, STT_NOTYPE});
2027 sym->isPreemptible = true;
2028 ctx.partitions[0].dynSymTab->addSymbol(sym);
2029 }
2030
2031 // This is a bit of a hack. A value of 0 means undef, so we set it
2032 // to 1 to make __ehdr_start defined. The section number is not
2033 // particularly relevant.
2034 ctx.out.elfHeader->sectionIndex = 1;
2035 ctx.out.elfHeader->size = sizeof(typename ELFT::Ehdr);
2036
2037 // Binary and relocatable output does not have PHDRS.
2038 // The headers have to be created before finalize as that can influence the
2039 // image base and the dynamic section on mips includes the image base.
2040 if (!ctx.arg.relocatable && !ctx.arg.oFormatBinary) {
2041 for (Partition &part : ctx.partitions) {
2042 part.phdrs = ctx.script->hasPhdrsCommands() ? ctx.script->createPhdrs()
2043 : createPhdrs(part);
2044 if (ctx.arg.emachine == EM_ARM) {
2045 // PT_ARM_EXIDX is the ARM EHABI equivalent of PT_GNU_EH_FRAME
2046 addPhdrForSection(part, SHT_ARM_EXIDX, PT_ARM_EXIDX, PF_R);
2047 }
2048 if (ctx.arg.emachine == EM_MIPS) {
2049 // Add separate segments for MIPS-specific sections.
2050 addPhdrForSection(part, SHT_MIPS_REGINFO, PT_MIPS_REGINFO, PF_R);
2051 addPhdrForSection(part, SHT_MIPS_OPTIONS, PT_MIPS_OPTIONS, PF_R);
2052 addPhdrForSection(part, SHT_MIPS_ABIFLAGS, PT_MIPS_ABIFLAGS, PF_R);
2053 }
2054 if (ctx.arg.emachine == EM_RISCV)
2055 addPhdrForSection(part, SHT_RISCV_ATTRIBUTES, PT_RISCV_ATTRIBUTES,
2056 PF_R);
2057 }
2058 ctx.out.programHeaders->size =
2059 sizeof(Elf_Phdr) * ctx.mainPart->phdrs.size();
2060
2061 // Find the TLS segment. This happens before the section layout loop so that
2062 // Android relocation packing can look up TLS symbol addresses. We only need
2063 // to care about the main partition here because all TLS symbols were moved
2064 // to the main partition (see MarkLive.cpp).
2065 for (auto &p : ctx.mainPart->phdrs)
2066 if (p->p_type == PT_TLS)
2067 ctx.tlsPhdr = p.get();
2068 }
2069
2070 // Some symbols are defined in term of program headers. Now that we
2071 // have the headers, we can find out which sections they point to.
2072 setReservedSymbolSections();
2073
2074 if (ctx.script->noCrossRefs.size()) {
2075 llvm::TimeTraceScope timeScope("Check NOCROSSREFS");
2076 checkNoCrossRefs<ELFT>(ctx);
2077 }
2078
2079 {
2080 llvm::TimeTraceScope timeScope("Finalize synthetic sections");
2081
2082 finalizeSynthetic(ctx, ctx.in.bss.get());
2083 finalizeSynthetic(ctx, ctx.in.bssRelRo.get());
2084 finalizeSynthetic(ctx, ctx.in.symTabShndx.get());
2085 finalizeSynthetic(ctx, ctx.in.shStrTab.get());
2086 finalizeSynthetic(ctx, ctx.in.strTab.get());
2087 finalizeSynthetic(ctx, ctx.in.got.get());
2088 finalizeSynthetic(ctx, ctx.in.mipsGot.get());
2089 finalizeSynthetic(ctx, ctx.in.igotPlt.get());
2090 finalizeSynthetic(ctx, ctx.in.gotPlt.get());
2091 finalizeSynthetic(ctx, ctx.in.relaPlt.get());
2092 finalizeSynthetic(ctx, ctx.in.plt.get());
2093 finalizeSynthetic(ctx, ctx.in.iplt.get());
2094 finalizeSynthetic(ctx, ctx.in.ppc32Got2.get());
2095 finalizeSynthetic(ctx, ctx.in.partIndex.get());
2096
2097 // Dynamic section must be the last one in this list and dynamic
2098 // symbol table section (dynSymTab) must be the first one.
2099 for (Partition &part : ctx.partitions) {
2100 if (part.relaDyn) {
2101 part.relaDyn->mergeRels();
2102 // Compute DT_RELACOUNT to be used by part.dynamic.
2103 part.relaDyn->partitionRels();
2104 finalizeSynthetic(ctx, part.relaDyn.get());
2105 }
2106 if (part.relrDyn) {
2107 part.relrDyn->mergeRels();
2108 finalizeSynthetic(ctx, part.relrDyn.get());
2109 }
2110 if (part.relrAuthDyn) {
2111 part.relrAuthDyn->mergeRels();
2112 finalizeSynthetic(ctx, part.relrAuthDyn.get());
2113 }
2114
2115 finalizeSynthetic(ctx, part.dynSymTab.get());
2116 finalizeSynthetic(ctx, part.gnuHashTab.get());
2117 finalizeSynthetic(ctx, part.hashTab.get());
2118 finalizeSynthetic(ctx, part.verDef.get());
2119 finalizeSynthetic(ctx, part.ehFrameHdr.get());
2120 finalizeSynthetic(ctx, part.verSym.get());
2121 finalizeSynthetic(ctx, part.verNeed.get());
2122 finalizeSynthetic(ctx, part.dynamic.get());
2123 }
2124 }
2125
2126 if (!ctx.script->hasSectionsCommand && !ctx.arg.relocatable)
2127 fixSectionAlignments();
2128
2129 // This is used to:
2130 // 1) Create "thunks":
2131 // Jump instructions in many ISAs have small displacements, and therefore
2132 // they cannot jump to arbitrary addresses in memory. For example, RISC-V
2133 // JAL instruction can target only +-1 MiB from PC. It is a linker's
2134 // responsibility to create and insert small pieces of code between
2135 // sections to extend the ranges if jump targets are out of range. Such
2136 // code pieces are called "thunks".
2137 //
2138 // We add thunks at this stage. We couldn't do this before this point
2139 // because this is the earliest point where we know sizes of sections and
2140 // their layouts (that are needed to determine if jump targets are in
2141 // range).
2142 //
2143 // 2) Update the sections. We need to generate content that depends on the
2144 // address of InputSections. For example, MIPS GOT section content or
2145 // android packed relocations sections content.
2146 //
2147 // 3) Assign the final values for the linker script symbols. Linker scripts
2148 // sometimes using forward symbol declarations. We want to set the correct
2149 // values. They also might change after adding the thunks.
2150 finalizeAddressDependentContent();
2151
2152 // All information needed for OutputSection part of Map file is available.
2153 if (errCount(ctx))
2154 return;
2155
2156 {
2157 llvm::TimeTraceScope timeScope("Finalize synthetic sections");
2158 // finalizeAddressDependentContent may have added local symbols to the
2159 // static symbol table.
2160 finalizeSynthetic(ctx, ctx.in.symTab.get());
2161 finalizeSynthetic(ctx, ctx.in.debugNames.get());
2162 finalizeSynthetic(ctx, ctx.in.ppc64LongBranchTarget.get());
2163 finalizeSynthetic(ctx, ctx.in.armCmseSGSection.get());
2164 }
2165
2166 // Relaxation to delete inter-basic block jumps created by basic block
2167 // sections. Run after ctx.in.symTab is finalized as optimizeBasicBlockJumps
2168 // can relax jump instructions based on symbol offset.
2169 if (ctx.arg.optimizeBBJumps)
2170 optimizeBasicBlockJumps();
2171
2172 // Fill other section headers. The dynamic table is finalized
2173 // at the end because some tags like RELSZ depend on result
2174 // of finalizing other sections.
2175 for (OutputSection *sec : ctx.outputSections)
2176 sec->finalize(ctx);
2177
2178 ctx.script->checkFinalScriptConditions();
2179
2180 if (ctx.arg.emachine == EM_ARM && !ctx.arg.isLE && ctx.arg.armBe8) {
2181 addArmInputSectionMappingSymbols(ctx);
2182 sortArmMappingSymbols(ctx);
2183 }
2184 }
2185
2186 // Ensure data sections are not mixed with executable sections when
2187 // --execute-only is used. --execute-only make pages executable but not
2188 // readable.
checkExecuteOnly()2189 template <class ELFT> void Writer<ELFT>::checkExecuteOnly() {
2190 if (!ctx.arg.executeOnly)
2191 return;
2192
2193 SmallVector<InputSection *, 0> storage;
2194 for (OutputSection *osec : ctx.outputSections)
2195 if (osec->flags & SHF_EXECINSTR)
2196 for (InputSection *isec : getInputSections(*osec, storage))
2197 if (!(isec->flags & SHF_EXECINSTR))
2198 ErrAlways(ctx) << "cannot place " << isec << " into " << osec->name
2199 << ": --execute-only does not support intermingling "
2200 "data and code";
2201 }
2202
2203 // Check which input sections of RX output sections don't have the
2204 // SHF_AARCH64_PURECODE or SHF_ARM_PURECODE flag set.
checkExecuteOnlyReport()2205 template <class ELFT> void Writer<ELFT>::checkExecuteOnlyReport() {
2206 if (ctx.arg.zExecuteOnlyReport == ReportPolicy::None)
2207 return;
2208
2209 auto reportUnless = [&](bool cond) -> ELFSyncStream {
2210 if (cond)
2211 return {ctx, DiagLevel::None};
2212 return {ctx, toDiagLevel(ctx.arg.zExecuteOnlyReport)};
2213 };
2214
2215 uint64_t purecodeFlag =
2216 ctx.arg.emachine == EM_AARCH64 ? SHF_AARCH64_PURECODE : SHF_ARM_PURECODE;
2217 StringRef purecodeFlagName = ctx.arg.emachine == EM_AARCH64
2218 ? "SHF_AARCH64_PURECODE"
2219 : "SHF_ARM_PURECODE";
2220 SmallVector<InputSection *, 0> storage;
2221 for (OutputSection *osec : ctx.outputSections) {
2222 if (osec->getPhdrFlags() != (PF_R | PF_X))
2223 continue;
2224 for (InputSection *sec : getInputSections(*osec, storage)) {
2225 if (isa<SyntheticSection>(sec))
2226 continue;
2227 reportUnless(sec->flags & purecodeFlag)
2228 << "-z execute-only-report: " << sec << " does not have "
2229 << purecodeFlagName << " flag set";
2230 }
2231 }
2232 }
2233
2234 // The linker is expected to define SECNAME_start and SECNAME_end
2235 // symbols for a few sections. This function defines them.
addStartEndSymbols()2236 template <class ELFT> void Writer<ELFT>::addStartEndSymbols() {
2237 // If the associated output section does not exist, there is ambiguity as to
2238 // how we define _start and _end symbols for an init/fini section. Users
2239 // expect no "undefined symbol" linker errors and loaders expect equal
2240 // st_value but do not particularly care whether the symbols are defined or
2241 // not. We retain the output section so that the section indexes will be
2242 // correct.
2243 auto define = [=](StringRef start, StringRef end, OutputSection *os) {
2244 if (os) {
2245 Defined *startSym = addOptionalRegular(ctx, start, os, 0);
2246 Defined *stopSym = addOptionalRegular(ctx, end, os, -1);
2247 if (startSym || stopSym)
2248 os->usedInExpression = true;
2249 } else {
2250 addOptionalRegular(ctx, start, ctx.out.elfHeader.get(), 0);
2251 addOptionalRegular(ctx, end, ctx.out.elfHeader.get(), 0);
2252 }
2253 };
2254
2255 define("__preinit_array_start", "__preinit_array_end", ctx.out.preinitArray);
2256 define("__init_array_start", "__init_array_end", ctx.out.initArray);
2257 define("__fini_array_start", "__fini_array_end", ctx.out.finiArray);
2258
2259 // As a special case, don't unnecessarily retain .ARM.exidx, which would
2260 // create an empty PT_ARM_EXIDX.
2261 if (OutputSection *sec = findSection(ctx, ".ARM.exidx"))
2262 define("__exidx_start", "__exidx_end", sec);
2263 }
2264
2265 // If a section name is valid as a C identifier (which is rare because of
2266 // the leading '.'), linkers are expected to define __start_<secname> and
2267 // __stop_<secname> symbols. They are at beginning and end of the section,
2268 // respectively. This is not requested by the ELF standard, but GNU ld and
2269 // gold provide the feature, and used by many programs.
2270 template <class ELFT>
addStartStopSymbols(OutputSection & osec)2271 void Writer<ELFT>::addStartStopSymbols(OutputSection &osec) {
2272 StringRef s = osec.name;
2273 if (!isValidCIdentifier(s))
2274 return;
2275 StringSaver &ss = ctx.saver;
2276 Defined *startSym = addOptionalRegular(ctx, ss.save("__start_" + s), &osec, 0,
2277 ctx.arg.zStartStopVisibility);
2278 Defined *stopSym = addOptionalRegular(ctx, ss.save("__stop_" + s), &osec, -1,
2279 ctx.arg.zStartStopVisibility);
2280 if (startSym || stopSym)
2281 osec.usedInExpression = true;
2282 }
2283
needsPtLoad(OutputSection * sec)2284 static bool needsPtLoad(OutputSection *sec) {
2285 if (!(sec->flags & SHF_ALLOC))
2286 return false;
2287
2288 // Don't allocate VA space for TLS NOBITS sections. The PT_TLS PHDR is
2289 // responsible for allocating space for them, not the PT_LOAD that
2290 // contains the TLS initialization image.
2291 if ((sec->flags & SHF_TLS) && sec->type == SHT_NOBITS)
2292 return false;
2293 return true;
2294 }
2295
2296 // Adjust phdr flags according to certain options.
computeFlags(Ctx & ctx,uint64_t flags)2297 static uint64_t computeFlags(Ctx &ctx, uint64_t flags) {
2298 if (ctx.arg.omagic)
2299 return PF_R | PF_W | PF_X;
2300 if (ctx.arg.executeOnly && (flags & PF_X))
2301 return flags & ~PF_R;
2302 return flags;
2303 }
2304
2305 // Decide which program headers to create and which sections to include in each
2306 // one.
2307 template <class ELFT>
2308 SmallVector<std::unique_ptr<PhdrEntry>, 0>
createPhdrs(Partition & part)2309 Writer<ELFT>::createPhdrs(Partition &part) {
2310 SmallVector<std::unique_ptr<PhdrEntry>, 0> ret;
2311 auto addHdr = [&, &ctx = ctx](unsigned type, unsigned flags) -> PhdrEntry * {
2312 ret.push_back(std::make_unique<PhdrEntry>(ctx, type, flags));
2313 return ret.back().get();
2314 };
2315
2316 unsigned partNo = part.getNumber(ctx);
2317 bool isMain = partNo == 1;
2318
2319 // Add the first PT_LOAD segment for regular output sections.
2320 uint64_t flags = computeFlags(ctx, PF_R);
2321 PhdrEntry *load = nullptr;
2322
2323 // nmagic or omagic output does not have PT_PHDR, PT_INTERP, or the readonly
2324 // PT_LOAD.
2325 if (!ctx.arg.nmagic && !ctx.arg.omagic) {
2326 // The first phdr entry is PT_PHDR which describes the program header
2327 // itself.
2328 if (isMain)
2329 addHdr(PT_PHDR, PF_R)->add(ctx.out.programHeaders.get());
2330 else
2331 addHdr(PT_PHDR, PF_R)->add(part.programHeaders->getParent());
2332
2333 // PT_INTERP must be the second entry if exists.
2334 if (OutputSection *cmd = findSection(ctx, ".interp", partNo))
2335 addHdr(PT_INTERP, cmd->getPhdrFlags())->add(cmd);
2336
2337 // Add the headers. We will remove them if they don't fit.
2338 // In the other partitions the headers are ordinary sections, so they don't
2339 // need to be added here.
2340 if (isMain) {
2341 load = addHdr(PT_LOAD, flags);
2342 load->add(ctx.out.elfHeader.get());
2343 load->add(ctx.out.programHeaders.get());
2344 }
2345 }
2346
2347 // PT_GNU_RELRO includes all sections that should be marked as
2348 // read-only by dynamic linker after processing relocations.
2349 // Current dynamic loaders only support one PT_GNU_RELRO PHDR, give
2350 // an error message if more than one PT_GNU_RELRO PHDR is required.
2351 auto relRo = std::make_unique<PhdrEntry>(ctx, PT_GNU_RELRO, PF_R);
2352 bool inRelroPhdr = false;
2353 OutputSection *relroEnd = nullptr;
2354 for (OutputSection *sec : ctx.outputSections) {
2355 if (sec->partition != partNo || !needsPtLoad(sec))
2356 continue;
2357 if (isRelroSection(ctx, sec)) {
2358 inRelroPhdr = true;
2359 if (!relroEnd)
2360 relRo->add(sec);
2361 else
2362 ErrAlways(ctx) << "section: " << sec->name
2363 << " is not contiguous with other relro" << " sections";
2364 } else if (inRelroPhdr) {
2365 inRelroPhdr = false;
2366 relroEnd = sec;
2367 }
2368 }
2369 relRo->p_align = 1;
2370
2371 for (OutputSection *sec : ctx.outputSections) {
2372 if (!needsPtLoad(sec))
2373 continue;
2374
2375 // Normally, sections in partitions other than the current partition are
2376 // ignored. But partition number 255 is a special case: it contains the
2377 // partition end marker (.part.end). It needs to be added to the main
2378 // partition so that a segment is created for it in the main partition,
2379 // which will cause the dynamic loader to reserve space for the other
2380 // partitions.
2381 if (sec->partition != partNo) {
2382 if (isMain && sec->partition == 255)
2383 addHdr(PT_LOAD, computeFlags(ctx, sec->getPhdrFlags()))->add(sec);
2384 continue;
2385 }
2386
2387 // Segments are contiguous memory regions that has the same attributes
2388 // (e.g. executable or writable). There is one phdr for each segment.
2389 // Therefore, we need to create a new phdr when the next section has
2390 // incompatible flags or is loaded at a discontiguous address or memory
2391 // region using AT or AT> linker script command, respectively.
2392 //
2393 // As an exception, we don't create a separate load segment for the ELF
2394 // headers, even if the first "real" output has an AT or AT> attribute.
2395 //
2396 // In addition, NOBITS sections should only be placed at the end of a LOAD
2397 // segment (since it's represented as p_filesz < p_memsz). If we have a
2398 // not-NOBITS section after a NOBITS, we create a new LOAD for the latter
2399 // even if flags match, so as not to require actually writing the
2400 // supposed-to-be-NOBITS section to the output file. (However, we cannot do
2401 // so when hasSectionsCommand, since we cannot introduce the extra alignment
2402 // needed to create a new LOAD)
2403 uint64_t newFlags = computeFlags(ctx, sec->getPhdrFlags());
2404 uint64_t incompatible = flags ^ newFlags;
2405 if (!(newFlags & PF_W)) {
2406 // When --no-rosegment is specified, RO and RX sections are compatible.
2407 if (ctx.arg.singleRoRx)
2408 incompatible &= ~PF_X;
2409 // When --no-xosegment is specified (the default), XO and RX sections are
2410 // compatible.
2411 if (ctx.arg.singleXoRx)
2412 incompatible &= ~PF_R;
2413 }
2414 if (incompatible)
2415 load = nullptr;
2416
2417 bool sameLMARegion =
2418 load && !sec->lmaExpr && sec->lmaRegion == load->firstSec->lmaRegion;
2419 if (load && sec != relroEnd &&
2420 sec->memRegion == load->firstSec->memRegion &&
2421 (sameLMARegion || load->lastSec == ctx.out.programHeaders.get()) &&
2422 (ctx.script->hasSectionsCommand || sec->type == SHT_NOBITS ||
2423 load->lastSec->type != SHT_NOBITS)) {
2424 load->p_flags |= newFlags;
2425 } else {
2426 load = addHdr(PT_LOAD, newFlags);
2427 flags = newFlags;
2428 }
2429
2430 load->add(sec);
2431 }
2432
2433 // Add a TLS segment if any.
2434 auto tlsHdr = std::make_unique<PhdrEntry>(ctx, PT_TLS, PF_R);
2435 for (OutputSection *sec : ctx.outputSections)
2436 if (sec->partition == partNo && sec->flags & SHF_TLS)
2437 tlsHdr->add(sec);
2438 if (tlsHdr->firstSec)
2439 ret.push_back(std::move(tlsHdr));
2440
2441 // Add an entry for .dynamic.
2442 if (OutputSection *sec = part.dynamic->getParent())
2443 addHdr(PT_DYNAMIC, sec->getPhdrFlags())->add(sec);
2444
2445 if (relRo->firstSec)
2446 ret.push_back(std::move(relRo));
2447
2448 // PT_GNU_EH_FRAME is a special section pointing on .eh_frame_hdr.
2449 if (part.ehFrame->isNeeded() && part.ehFrameHdr &&
2450 part.ehFrame->getParent() && part.ehFrameHdr->getParent())
2451 addHdr(PT_GNU_EH_FRAME, part.ehFrameHdr->getParent()->getPhdrFlags())
2452 ->add(part.ehFrameHdr->getParent());
2453
2454 if (ctx.arg.osabi == ELFOSABI_OPENBSD) {
2455 // PT_OPENBSD_MUTABLE makes the dynamic linker fill the segment with
2456 // zero data, like bss, but it can be treated differently.
2457 if (OutputSection *cmd = findSection(ctx, ".openbsd.mutable", partNo))
2458 addHdr(PT_OPENBSD_MUTABLE, cmd->getPhdrFlags())->add(cmd);
2459
2460 // PT_OPENBSD_RANDOMIZE makes the dynamic linker fill the segment
2461 // with random data.
2462 if (OutputSection *cmd = findSection(ctx, ".openbsd.randomdata", partNo))
2463 addHdr(PT_OPENBSD_RANDOMIZE, cmd->getPhdrFlags())->add(cmd);
2464
2465 // PT_OPENBSD_SYSCALLS makes the kernel and dynamic linker register
2466 // system call sites.
2467 if (OutputSection *cmd = findSection(ctx, ".openbsd.syscalls", partNo))
2468 addHdr(PT_OPENBSD_SYSCALLS, cmd->getPhdrFlags())->add(cmd);
2469 }
2470
2471 if (ctx.arg.zGnustack != GnuStackKind::None) {
2472 // PT_GNU_STACK is a special section to tell the loader to make the
2473 // pages for the stack non-executable. If you really want an executable
2474 // stack, you can pass -z execstack, but that's not recommended for
2475 // security reasons.
2476 unsigned perm = PF_R | PF_W;
2477 if (ctx.arg.zGnustack == GnuStackKind::Exec)
2478 perm |= PF_X;
2479 addHdr(PT_GNU_STACK, perm)->p_memsz = ctx.arg.zStackSize;
2480 }
2481
2482 // PT_OPENBSD_NOBTCFI is an OpenBSD-specific header to mark that the
2483 // executable is expected to violate branch-target CFI checks.
2484 if (ctx.arg.zNoBtCfi)
2485 addHdr(PT_OPENBSD_NOBTCFI, PF_X);
2486
2487 // PT_OPENBSD_WXNEEDED is a OpenBSD-specific header to mark the executable
2488 // is expected to perform W^X violations, such as calling mprotect(2) or
2489 // mmap(2) with PROT_WRITE | PROT_EXEC, which is prohibited by default on
2490 // OpenBSD.
2491 if (ctx.arg.zWxneeded)
2492 addHdr(PT_OPENBSD_WXNEEDED, PF_X);
2493
2494 if (OutputSection *cmd = findSection(ctx, ".note.gnu.property", partNo))
2495 addHdr(PT_GNU_PROPERTY, PF_R)->add(cmd);
2496
2497 // Create one PT_NOTE per a group of contiguous SHT_NOTE sections with the
2498 // same alignment.
2499 PhdrEntry *note = nullptr;
2500 for (OutputSection *sec : ctx.outputSections) {
2501 if (sec->partition != partNo)
2502 continue;
2503 if (sec->type == SHT_NOTE && (sec->flags & SHF_ALLOC)) {
2504 if (!note || sec->lmaExpr || note->lastSec->addralign != sec->addralign)
2505 note = addHdr(PT_NOTE, PF_R);
2506 note->add(sec);
2507 } else {
2508 note = nullptr;
2509 }
2510 }
2511 return ret;
2512 }
2513
2514 template <class ELFT>
addPhdrForSection(Partition & part,unsigned shType,unsigned pType,unsigned pFlags)2515 void Writer<ELFT>::addPhdrForSection(Partition &part, unsigned shType,
2516 unsigned pType, unsigned pFlags) {
2517 unsigned partNo = part.getNumber(ctx);
2518 auto i = llvm::find_if(ctx.outputSections, [=](OutputSection *cmd) {
2519 return cmd->partition == partNo && cmd->type == shType;
2520 });
2521 if (i == ctx.outputSections.end())
2522 return;
2523
2524 auto entry = std::make_unique<PhdrEntry>(ctx, pType, pFlags);
2525 entry->add(*i);
2526 part.phdrs.push_back(std::move(entry));
2527 }
2528
2529 // Place the first section of each PT_LOAD to a different page (of maxPageSize).
2530 // This is achieved by assigning an alignment expression to addrExpr of each
2531 // such section.
fixSectionAlignments()2532 template <class ELFT> void Writer<ELFT>::fixSectionAlignments() {
2533 const PhdrEntry *prev;
2534 auto pageAlign = [&, &ctx = this->ctx](const PhdrEntry *p) {
2535 OutputSection *cmd = p->firstSec;
2536 if (!cmd)
2537 return;
2538 cmd->alignExpr = [align = cmd->addralign]() { return align; };
2539 if (!cmd->addrExpr) {
2540 // Prefer advancing to align(dot, maxPageSize) + dot%maxPageSize to avoid
2541 // padding in the file contents.
2542 //
2543 // When -z separate-code is used we must not have any overlap in pages
2544 // between an executable segment and a non-executable segment. We align to
2545 // the next maximum page size boundary on transitions between executable
2546 // and non-executable segments.
2547 //
2548 // SHT_LLVM_PART_EHDR marks the start of a partition. The partition
2549 // sections will be extracted to a separate file. Align to the next
2550 // maximum page size boundary so that we can find the ELF header at the
2551 // start. We cannot benefit from overlapping p_offset ranges with the
2552 // previous segment anyway.
2553 if (ctx.arg.zSeparate == SeparateSegmentKind::Loadable ||
2554 (ctx.arg.zSeparate == SeparateSegmentKind::Code && prev &&
2555 (prev->p_flags & PF_X) != (p->p_flags & PF_X)) ||
2556 cmd->type == SHT_LLVM_PART_EHDR)
2557 cmd->addrExpr = [&ctx = this->ctx] {
2558 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize);
2559 };
2560 // PT_TLS is at the start of the first RW PT_LOAD. If `p` includes PT_TLS,
2561 // it must be the RW. Align to p_align(PT_TLS) to make sure
2562 // p_vaddr(PT_LOAD)%p_align(PT_LOAD) = 0. Otherwise, if
2563 // sh_addralign(.tdata) < sh_addralign(.tbss), we will set p_align(PT_TLS)
2564 // to sh_addralign(.tbss), while p_vaddr(PT_TLS)=p_vaddr(PT_LOAD) may not
2565 // be congruent to 0 modulo p_align(PT_TLS).
2566 //
2567 // Technically this is not required, but as of 2019, some dynamic loaders
2568 // don't handle p_vaddr%p_align != 0 correctly, e.g. glibc (i386 and
2569 // x86-64) doesn't make runtime address congruent to p_vaddr modulo
2570 // p_align for dynamic TLS blocks (PR/24606), FreeBSD rtld has the same
2571 // bug, musl (TLS Variant 1 architectures) before 1.1.23 handled TLS
2572 // blocks correctly. We need to keep the workaround for a while.
2573 else if (ctx.tlsPhdr && ctx.tlsPhdr->firstSec == p->firstSec)
2574 cmd->addrExpr = [&ctx] {
2575 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize) +
2576 alignToPowerOf2(ctx.script->getDot() % ctx.arg.maxPageSize,
2577 ctx.tlsPhdr->p_align);
2578 };
2579 else
2580 cmd->addrExpr = [&ctx] {
2581 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize) +
2582 ctx.script->getDot() % ctx.arg.maxPageSize;
2583 };
2584 }
2585 };
2586
2587 for (Partition &part : ctx.partitions) {
2588 prev = nullptr;
2589 for (auto &p : part.phdrs)
2590 if (p->p_type == PT_LOAD && p->firstSec) {
2591 pageAlign(p.get());
2592 prev = p.get();
2593 }
2594 }
2595 }
2596
2597 // Compute an in-file position for a given section. The file offset must be the
2598 // same with its virtual address modulo the page size, so that the loader can
2599 // load executables without any address adjustment.
computeFileOffset(Ctx & ctx,OutputSection * os,uint64_t off)2600 static uint64_t computeFileOffset(Ctx &ctx, OutputSection *os, uint64_t off) {
2601 // The first section in a PT_LOAD has to have congruent offset and address
2602 // modulo the maximum page size.
2603 if (os->ptLoad && os->ptLoad->firstSec == os)
2604 return alignTo(off, os->ptLoad->p_align, os->addr);
2605
2606 // File offsets are not significant for .bss sections other than the first one
2607 // in a PT_LOAD/PT_TLS. By convention, we keep section offsets monotonically
2608 // increasing rather than setting to zero.
2609 if (os->type == SHT_NOBITS && (!ctx.tlsPhdr || ctx.tlsPhdr->firstSec != os))
2610 return off;
2611
2612 // If the section is not in a PT_LOAD, we just have to align it.
2613 if (!os->ptLoad)
2614 return alignToPowerOf2(off, os->addralign);
2615
2616 // If two sections share the same PT_LOAD the file offset is calculated
2617 // using this formula: Off2 = Off1 + (VA2 - VA1).
2618 OutputSection *first = os->ptLoad->firstSec;
2619 return first->offset + os->addr - first->addr;
2620 }
2621
assignFileOffsetsBinary()2622 template <class ELFT> void Writer<ELFT>::assignFileOffsetsBinary() {
2623 // Compute the minimum LMA of all non-empty non-NOBITS sections as minAddr.
2624 auto needsOffset = [](OutputSection &sec) {
2625 return sec.type != SHT_NOBITS && (sec.flags & SHF_ALLOC) && sec.size > 0;
2626 };
2627 uint64_t minAddr = UINT64_MAX;
2628 for (OutputSection *sec : ctx.outputSections)
2629 if (needsOffset(*sec)) {
2630 sec->offset = sec->getLMA();
2631 minAddr = std::min(minAddr, sec->offset);
2632 }
2633
2634 // Sections are laid out at LMA minus minAddr.
2635 fileSize = 0;
2636 for (OutputSection *sec : ctx.outputSections)
2637 if (needsOffset(*sec)) {
2638 sec->offset -= minAddr;
2639 fileSize = std::max(fileSize, sec->offset + sec->size);
2640 }
2641 }
2642
rangeToString(uint64_t addr,uint64_t len)2643 static std::string rangeToString(uint64_t addr, uint64_t len) {
2644 return "[0x" + utohexstr(addr) + ", 0x" + utohexstr(addr + len - 1) + "]";
2645 }
2646
2647 // Assign file offsets to output sections.
assignFileOffsets()2648 template <class ELFT> void Writer<ELFT>::assignFileOffsets() {
2649 ctx.out.programHeaders->offset = ctx.out.elfHeader->size;
2650 uint64_t off = ctx.out.elfHeader->size + ctx.out.programHeaders->size;
2651
2652 PhdrEntry *lastRX = nullptr;
2653 for (Partition &part : ctx.partitions)
2654 for (auto &p : part.phdrs)
2655 if (p->p_type == PT_LOAD && (p->p_flags & PF_X))
2656 lastRX = p.get();
2657
2658 // Layout SHF_ALLOC sections before non-SHF_ALLOC sections. A non-SHF_ALLOC
2659 // will not occupy file offsets contained by a PT_LOAD.
2660 for (OutputSection *sec : ctx.outputSections) {
2661 if (!(sec->flags & SHF_ALLOC))
2662 continue;
2663 off = computeFileOffset(ctx, sec, off);
2664 sec->offset = off;
2665 if (sec->type != SHT_NOBITS)
2666 off += sec->size;
2667
2668 // If this is a last section of the last executable segment and that
2669 // segment is the last loadable segment, align the offset of the
2670 // following section to avoid loading non-segments parts of the file.
2671 if (ctx.arg.zSeparate != SeparateSegmentKind::None && lastRX &&
2672 lastRX->lastSec == sec)
2673 off = alignToPowerOf2(off, ctx.arg.maxPageSize);
2674 }
2675 for (OutputSection *osec : ctx.outputSections) {
2676 if (osec->flags & SHF_ALLOC)
2677 continue;
2678 osec->offset = alignToPowerOf2(off, osec->addralign);
2679 off = osec->offset + osec->size;
2680 }
2681
2682 sectionHeaderOff = alignToPowerOf2(off, ctx.arg.wordsize);
2683 fileSize =
2684 sectionHeaderOff + (ctx.outputSections.size() + 1) * sizeof(Elf_Shdr);
2685
2686 // Our logic assumes that sections have rising VA within the same segment.
2687 // With use of linker scripts it is possible to violate this rule and get file
2688 // offset overlaps or overflows. That should never happen with a valid script
2689 // which does not move the location counter backwards and usually scripts do
2690 // not do that. Unfortunately, there are apps in the wild, for example, Linux
2691 // kernel, which control segment distribution explicitly and move the counter
2692 // backwards, so we have to allow doing that to support linking them. We
2693 // perform non-critical checks for overlaps in checkSectionOverlap(), but here
2694 // we want to prevent file size overflows because it would crash the linker.
2695 for (OutputSection *sec : ctx.outputSections) {
2696 if (sec->type == SHT_NOBITS)
2697 continue;
2698 if ((sec->offset > fileSize) || (sec->offset + sec->size > fileSize))
2699 ErrAlways(ctx) << "unable to place section " << sec->name
2700 << " at file offset "
2701 << rangeToString(sec->offset, sec->size)
2702 << "; check your linker script for overflows";
2703 }
2704 }
2705
2706 // Finalize the program headers. We call this function after we assign
2707 // file offsets and VAs to all sections.
setPhdrs(Partition & part)2708 template <class ELFT> void Writer<ELFT>::setPhdrs(Partition &part) {
2709 for (std::unique_ptr<PhdrEntry> &p : part.phdrs) {
2710 OutputSection *first = p->firstSec;
2711 OutputSection *last = p->lastSec;
2712
2713 // .ARM.exidx sections may not be within a single .ARM.exidx
2714 // output section. We always want to describe just the
2715 // SyntheticSection.
2716 if (part.armExidx && p->p_type == PT_ARM_EXIDX) {
2717 p->p_filesz = part.armExidx->getSize();
2718 p->p_memsz = p->p_filesz;
2719 p->p_offset = first->offset + part.armExidx->outSecOff;
2720 p->p_vaddr = first->addr + part.armExidx->outSecOff;
2721 p->p_align = part.armExidx->addralign;
2722 if (part.elfHeader)
2723 p->p_offset -= part.elfHeader->getParent()->offset;
2724
2725 if (!p->hasLMA)
2726 p->p_paddr = first->getLMA() + part.armExidx->outSecOff;
2727 return;
2728 }
2729
2730 if (first) {
2731 p->p_filesz = last->offset - first->offset;
2732 if (last->type != SHT_NOBITS)
2733 p->p_filesz += last->size;
2734
2735 p->p_memsz = last->addr + last->size - first->addr;
2736 p->p_offset = first->offset;
2737 p->p_vaddr = first->addr;
2738
2739 // File offsets in partitions other than the main partition are relative
2740 // to the offset of the ELF headers. Perform that adjustment now.
2741 if (part.elfHeader)
2742 p->p_offset -= part.elfHeader->getParent()->offset;
2743
2744 if (!p->hasLMA)
2745 p->p_paddr = first->getLMA();
2746 }
2747 }
2748 }
2749
2750 // A helper struct for checkSectionOverlap.
2751 namespace {
2752 struct SectionOffset {
2753 OutputSection *sec;
2754 uint64_t offset;
2755 };
2756 } // namespace
2757
2758 // Check whether sections overlap for a specific address range (file offsets,
2759 // load and virtual addresses).
checkOverlap(Ctx & ctx,StringRef name,std::vector<SectionOffset> & sections,bool isVirtualAddr)2760 static void checkOverlap(Ctx &ctx, StringRef name,
2761 std::vector<SectionOffset> §ions,
2762 bool isVirtualAddr) {
2763 llvm::sort(sections, [=](const SectionOffset &a, const SectionOffset &b) {
2764 return a.offset < b.offset;
2765 });
2766
2767 // Finding overlap is easy given a vector is sorted by start position.
2768 // If an element starts before the end of the previous element, they overlap.
2769 for (size_t i = 1, end = sections.size(); i < end; ++i) {
2770 SectionOffset a = sections[i - 1];
2771 SectionOffset b = sections[i];
2772 if (b.offset >= a.offset + a.sec->size)
2773 continue;
2774
2775 // If both sections are in OVERLAY we allow the overlapping of virtual
2776 // addresses, because it is what OVERLAY was designed for.
2777 if (isVirtualAddr && a.sec->inOverlay && b.sec->inOverlay)
2778 continue;
2779
2780 Err(ctx) << "section " << a.sec->name << " " << name
2781 << " range overlaps with " << b.sec->name << "\n>>> "
2782 << a.sec->name << " range is "
2783 << rangeToString(a.offset, a.sec->size) << "\n>>> " << b.sec->name
2784 << " range is " << rangeToString(b.offset, b.sec->size);
2785 }
2786 }
2787
2788 // Check for overlapping sections and address overflows.
2789 //
2790 // In this function we check that none of the output sections have overlapping
2791 // file offsets. For SHF_ALLOC sections we also check that the load address
2792 // ranges and the virtual address ranges don't overlap
checkSections()2793 template <class ELFT> void Writer<ELFT>::checkSections() {
2794 // First, check that section's VAs fit in available address space for target.
2795 for (OutputSection *os : ctx.outputSections)
2796 if ((os->addr + os->size < os->addr) ||
2797 (!ELFT::Is64Bits && os->addr + os->size > uint64_t(UINT32_MAX) + 1))
2798 Err(ctx) << "section " << os->name << " at 0x"
2799 << utohexstr(os->addr, true) << " of size 0x"
2800 << utohexstr(os->size, true)
2801 << " exceeds available address space";
2802
2803 // Check for overlapping file offsets. In this case we need to skip any
2804 // section marked as SHT_NOBITS. These sections don't actually occupy space in
2805 // the file so Sec->Offset + Sec->Size can overlap with others. If --oformat
2806 // binary is specified only add SHF_ALLOC sections are added to the output
2807 // file so we skip any non-allocated sections in that case.
2808 std::vector<SectionOffset> fileOffs;
2809 for (OutputSection *sec : ctx.outputSections)
2810 if (sec->size > 0 && sec->type != SHT_NOBITS &&
2811 (!ctx.arg.oFormatBinary || (sec->flags & SHF_ALLOC)))
2812 fileOffs.push_back({sec, sec->offset});
2813 checkOverlap(ctx, "file", fileOffs, false);
2814
2815 // When linking with -r there is no need to check for overlapping virtual/load
2816 // addresses since those addresses will only be assigned when the final
2817 // executable/shared object is created.
2818 if (ctx.arg.relocatable)
2819 return;
2820
2821 // Checking for overlapping virtual and load addresses only needs to take
2822 // into account SHF_ALLOC sections since others will not be loaded.
2823 // Furthermore, we also need to skip SHF_TLS sections since these will be
2824 // mapped to other addresses at runtime and can therefore have overlapping
2825 // ranges in the file.
2826 std::vector<SectionOffset> vmas;
2827 for (OutputSection *sec : ctx.outputSections)
2828 if (sec->size > 0 && (sec->flags & SHF_ALLOC) && !(sec->flags & SHF_TLS))
2829 vmas.push_back({sec, sec->addr});
2830 checkOverlap(ctx, "virtual address", vmas, true);
2831
2832 // Finally, check that the load addresses don't overlap. This will usually be
2833 // the same as the virtual addresses but can be different when using a linker
2834 // script with AT().
2835 std::vector<SectionOffset> lmas;
2836 for (OutputSection *sec : ctx.outputSections)
2837 if (sec->size > 0 && (sec->flags & SHF_ALLOC) && !(sec->flags & SHF_TLS))
2838 lmas.push_back({sec, sec->getLMA()});
2839 checkOverlap(ctx, "load address", lmas, false);
2840 }
2841
2842 // The entry point address is chosen in the following ways.
2843 //
2844 // 1. the '-e' entry command-line option;
2845 // 2. the ENTRY(symbol) command in a linker control script;
2846 // 3. the value of the symbol _start, if present;
2847 // 4. the number represented by the entry symbol, if it is a number;
2848 // 5. the address 0.
getEntryAddr(Ctx & ctx)2849 static uint64_t getEntryAddr(Ctx &ctx) {
2850 // Case 1, 2 or 3
2851 if (Symbol *b = ctx.symtab->find(ctx.arg.entry))
2852 return b->getVA(ctx);
2853
2854 // Case 4
2855 uint64_t addr;
2856 if (to_integer(ctx.arg.entry, addr))
2857 return addr;
2858
2859 // Case 5
2860 if (ctx.arg.warnMissingEntry)
2861 Warn(ctx) << "cannot find entry symbol " << ctx.arg.entry
2862 << "; not setting start address";
2863 return 0;
2864 }
2865
getELFType(Ctx & ctx)2866 static uint16_t getELFType(Ctx &ctx) {
2867 if (ctx.arg.isPic)
2868 return ET_DYN;
2869 if (ctx.arg.relocatable)
2870 return ET_REL;
2871 return ET_EXEC;
2872 }
2873
writeHeader()2874 template <class ELFT> void Writer<ELFT>::writeHeader() {
2875 writeEhdr<ELFT>(ctx, ctx.bufferStart, *ctx.mainPart);
2876 writePhdrs<ELFT>(ctx.bufferStart + sizeof(Elf_Ehdr), *ctx.mainPart);
2877
2878 auto *eHdr = reinterpret_cast<Elf_Ehdr *>(ctx.bufferStart);
2879 eHdr->e_type = getELFType(ctx);
2880 eHdr->e_entry = getEntryAddr(ctx);
2881
2882 // If -z nosectionheader is specified, omit the section header table.
2883 if (!ctx.in.shStrTab)
2884 return;
2885 eHdr->e_shoff = sectionHeaderOff;
2886
2887 // Write the section header table.
2888 //
2889 // The ELF header can only store numbers up to SHN_LORESERVE in the e_shnum
2890 // and e_shstrndx fields. When the value of one of these fields exceeds
2891 // SHN_LORESERVE ELF requires us to put sentinel values in the ELF header and
2892 // use fields in the section header at index 0 to store
2893 // the value. The sentinel values and fields are:
2894 // e_shnum = 0, SHdrs[0].sh_size = number of sections.
2895 // e_shstrndx = SHN_XINDEX, SHdrs[0].sh_link = .shstrtab section index.
2896 auto *sHdrs = reinterpret_cast<Elf_Shdr *>(ctx.bufferStart + eHdr->e_shoff);
2897 size_t num = ctx.outputSections.size() + 1;
2898 if (num >= SHN_LORESERVE)
2899 sHdrs->sh_size = num;
2900 else
2901 eHdr->e_shnum = num;
2902
2903 uint32_t strTabIndex = ctx.in.shStrTab->getParent()->sectionIndex;
2904 if (strTabIndex >= SHN_LORESERVE) {
2905 sHdrs->sh_link = strTabIndex;
2906 eHdr->e_shstrndx = SHN_XINDEX;
2907 } else {
2908 eHdr->e_shstrndx = strTabIndex;
2909 }
2910
2911 for (OutputSection *sec : ctx.outputSections)
2912 sec->writeHeaderTo<ELFT>(++sHdrs);
2913 }
2914
2915 // Open a result file.
openFile()2916 template <class ELFT> void Writer<ELFT>::openFile() {
2917 uint64_t maxSize = ctx.arg.is64 ? INT64_MAX : UINT32_MAX;
2918 if (fileSize != size_t(fileSize) || maxSize < fileSize) {
2919 std::string msg;
2920 raw_string_ostream s(msg);
2921 s << "output file too large: " << fileSize << " bytes\n"
2922 << "section sizes:\n";
2923 for (OutputSection *os : ctx.outputSections)
2924 s << os->name << ' ' << os->size << "\n";
2925 ErrAlways(ctx) << msg;
2926 return;
2927 }
2928
2929 unlinkAsync(ctx.arg.outputFile);
2930 unsigned flags = 0;
2931 if (!ctx.arg.relocatable)
2932 flags |= FileOutputBuffer::F_executable;
2933 if (ctx.arg.mmapOutputFile)
2934 flags |= FileOutputBuffer::F_mmap;
2935 Expected<std::unique_ptr<FileOutputBuffer>> bufferOrErr =
2936 FileOutputBuffer::create(ctx.arg.outputFile, fileSize, flags);
2937
2938 if (!bufferOrErr) {
2939 ErrAlways(ctx) << "failed to open " << ctx.arg.outputFile << ": "
2940 << bufferOrErr.takeError();
2941 return;
2942 }
2943 buffer = std::move(*bufferOrErr);
2944 ctx.bufferStart = buffer->getBufferStart();
2945 }
2946
writeSectionsBinary()2947 template <class ELFT> void Writer<ELFT>::writeSectionsBinary() {
2948 parallel::TaskGroup tg;
2949 for (OutputSection *sec : ctx.outputSections)
2950 if (sec->flags & SHF_ALLOC)
2951 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg);
2952 }
2953
fillTrap(std::array<uint8_t,4> trapInstr,uint8_t * i,uint8_t * end)2954 static void fillTrap(std::array<uint8_t, 4> trapInstr, uint8_t *i,
2955 uint8_t *end) {
2956 for (; i + 4 <= end; i += 4)
2957 memcpy(i, trapInstr.data(), 4);
2958 }
2959
2960 // Fill the last page of executable segments with trap instructions
2961 // instead of leaving them as zero. Even though it is not required by any
2962 // standard, it is in general a good thing to do for security reasons.
2963 //
2964 // We'll leave other pages in segments as-is because the rest will be
2965 // overwritten by output sections.
writeTrapInstr()2966 template <class ELFT> void Writer<ELFT>::writeTrapInstr() {
2967 for (Partition &part : ctx.partitions) {
2968 // Fill the last page.
2969 for (std::unique_ptr<PhdrEntry> &p : part.phdrs)
2970 if (p->p_type == PT_LOAD && (p->p_flags & PF_X))
2971 fillTrap(
2972 ctx.target->trapInstr,
2973 ctx.bufferStart + alignDown(p->firstSec->offset + p->p_filesz, 4),
2974 ctx.bufferStart + alignToPowerOf2(p->firstSec->offset + p->p_filesz,
2975 ctx.arg.maxPageSize));
2976
2977 // Round up the file size of the last segment to the page boundary iff it is
2978 // an executable segment to ensure that other tools don't accidentally
2979 // trim the instruction padding (e.g. when stripping the file).
2980 PhdrEntry *last = nullptr;
2981 for (std::unique_ptr<PhdrEntry> &p : part.phdrs)
2982 if (p->p_type == PT_LOAD)
2983 last = p.get();
2984
2985 if (last && (last->p_flags & PF_X)) {
2986 last->p_filesz = alignToPowerOf2(last->p_filesz, ctx.arg.maxPageSize);
2987 // p_memsz might be larger than the aligned p_filesz due to trailing BSS
2988 // sections. Don't decrease it.
2989 last->p_memsz = std::max(last->p_memsz, last->p_filesz);
2990 }
2991 }
2992 }
2993
2994 // Write section contents to a mmap'ed file.
writeSections()2995 template <class ELFT> void Writer<ELFT>::writeSections() {
2996 llvm::TimeTraceScope timeScope("Write sections");
2997
2998 {
2999 // In -r or --emit-relocs mode, write the relocation sections first as in
3000 // ELf_Rel targets we might find out that we need to modify the relocated
3001 // section while doing it.
3002 parallel::TaskGroup tg;
3003 for (OutputSection *sec : ctx.outputSections)
3004 if (isStaticRelSecType(sec->type))
3005 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg);
3006 }
3007 {
3008 parallel::TaskGroup tg;
3009 for (OutputSection *sec : ctx.outputSections)
3010 if (!isStaticRelSecType(sec->type))
3011 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg);
3012 }
3013
3014 // Finally, check that all dynamic relocation addends were written correctly.
3015 if (ctx.arg.checkDynamicRelocs && ctx.arg.writeAddends) {
3016 for (OutputSection *sec : ctx.outputSections)
3017 if (isStaticRelSecType(sec->type))
3018 sec->checkDynRelAddends(ctx);
3019 }
3020 }
3021
3022 // Computes a hash value of Data using a given hash function.
3023 // In order to utilize multiple cores, we first split data into 1MB
3024 // chunks, compute a hash for each chunk, and then compute a hash value
3025 // of the hash values.
3026 static void
computeHash(llvm::MutableArrayRef<uint8_t> hashBuf,llvm::ArrayRef<uint8_t> data,std::function<void (uint8_t * dest,ArrayRef<uint8_t> arr)> hashFn)3027 computeHash(llvm::MutableArrayRef<uint8_t> hashBuf,
3028 llvm::ArrayRef<uint8_t> data,
3029 std::function<void(uint8_t *dest, ArrayRef<uint8_t> arr)> hashFn) {
3030 std::vector<ArrayRef<uint8_t>> chunks = split(data, 1024 * 1024);
3031 const size_t hashesSize = chunks.size() * hashBuf.size();
3032 std::unique_ptr<uint8_t[]> hashes(new uint8_t[hashesSize]);
3033
3034 // Compute hash values.
3035 parallelFor(0, chunks.size(), [&](size_t i) {
3036 hashFn(hashes.get() + i * hashBuf.size(), chunks[i]);
3037 });
3038
3039 // Write to the final output buffer.
3040 hashFn(hashBuf.data(), ArrayRef(hashes.get(), hashesSize));
3041 }
3042
writeBuildId()3043 template <class ELFT> void Writer<ELFT>::writeBuildId() {
3044 if (!ctx.mainPart->buildId || !ctx.mainPart->buildId->getParent())
3045 return;
3046
3047 if (ctx.arg.buildId == BuildIdKind::Hexstring) {
3048 for (Partition &part : ctx.partitions)
3049 part.buildId->writeBuildId(ctx.arg.buildIdVector);
3050 return;
3051 }
3052
3053 // Compute a hash of all sections of the output file.
3054 size_t hashSize = ctx.mainPart->buildId->hashSize;
3055 std::unique_ptr<uint8_t[]> buildId(new uint8_t[hashSize]);
3056 MutableArrayRef<uint8_t> output(buildId.get(), hashSize);
3057 llvm::ArrayRef<uint8_t> input{ctx.bufferStart, size_t(fileSize)};
3058
3059 // Fedora introduced build ID as "approximation of true uniqueness across all
3060 // binaries that might be used by overlapping sets of people". It does not
3061 // need some security goals that some hash algorithms strive to provide, e.g.
3062 // (second-)preimage and collision resistance. In practice people use 'md5'
3063 // and 'sha1' just for different lengths. Implement them with the more
3064 // efficient BLAKE3.
3065 switch (ctx.arg.buildId) {
3066 case BuildIdKind::Fast:
3067 computeHash(output, input, [](uint8_t *dest, ArrayRef<uint8_t> arr) {
3068 write64le(dest, xxh3_64bits(arr));
3069 });
3070 break;
3071 case BuildIdKind::Md5:
3072 computeHash(output, input, [&](uint8_t *dest, ArrayRef<uint8_t> arr) {
3073 memcpy(dest, BLAKE3::hash<16>(arr).data(), hashSize);
3074 });
3075 break;
3076 case BuildIdKind::Sha1:
3077 computeHash(output, input, [&](uint8_t *dest, ArrayRef<uint8_t> arr) {
3078 memcpy(dest, BLAKE3::hash<20>(arr).data(), hashSize);
3079 });
3080 break;
3081 case BuildIdKind::Uuid:
3082 if (auto ec = llvm::getRandomBytes(buildId.get(), hashSize))
3083 ErrAlways(ctx) << "entropy source failure: " << ec.message();
3084 break;
3085 default:
3086 llvm_unreachable("unknown BuildIdKind");
3087 }
3088 for (Partition &part : ctx.partitions)
3089 part.buildId->writeBuildId(output);
3090 }
3091
3092 template void elf::writeResult<ELF32LE>(Ctx &);
3093 template void elf::writeResult<ELF32BE>(Ctx &);
3094 template void elf::writeResult<ELF64LE>(Ctx &);
3095 template void elf::writeResult<ELF64BE>(Ctx &);
3096