1 //===- Writer.cpp ---------------------------------------------------------===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 9 #include "Writer.h" 10 #include "AArch64ErrataFix.h" 11 #include "ARMErrataFix.h" 12 #include "BPSectionOrderer.h" 13 #include "CallGraphSort.h" 14 #include "Config.h" 15 #include "InputFiles.h" 16 #include "LinkerScript.h" 17 #include "MapFile.h" 18 #include "OutputSections.h" 19 #include "Relocations.h" 20 #include "SymbolTable.h" 21 #include "Symbols.h" 22 #include "SyntheticSections.h" 23 #include "Target.h" 24 #include "lld/Common/Arrays.h" 25 #include "lld/Common/CommonLinkerContext.h" 26 #include "lld/Common/Filesystem.h" 27 #include "lld/Common/Strings.h" 28 #include "llvm/ADT/STLExtras.h" 29 #include "llvm/ADT/StringMap.h" 30 #include "llvm/Support/BLAKE3.h" 31 #include "llvm/Support/Parallel.h" 32 #include "llvm/Support/RandomNumberGenerator.h" 33 #include "llvm/Support/TimeProfiler.h" 34 #include "llvm/Support/xxhash.h" 35 #include <climits> 36 37 #define DEBUG_TYPE "lld" 38 39 using namespace llvm; 40 using namespace llvm::ELF; 41 using namespace llvm::object; 42 using namespace llvm::support; 43 using namespace llvm::support::endian; 44 using namespace lld; 45 using namespace lld::elf; 46 47 namespace { 48 // The writer writes a SymbolTable result to a file. 49 template <class ELFT> class Writer { 50 public: 51 LLVM_ELF_IMPORT_TYPES_ELFT(ELFT) 52 53 Writer(Ctx &ctx) : ctx(ctx), buffer(ctx.e.outputBuffer), tc(ctx) {} 54 55 void run(); 56 57 private: 58 void addSectionSymbols(); 59 void sortSections(); 60 void resolveShfLinkOrder(); 61 void finalizeAddressDependentContent(); 62 void optimizeBasicBlockJumps(); 63 void sortInputSections(); 64 void sortOrphanSections(); 65 void finalizeSections(); 66 void checkExecuteOnly(); 67 void checkExecuteOnlyReport(); 68 void setReservedSymbolSections(); 69 70 SmallVector<std::unique_ptr<PhdrEntry>, 0> createPhdrs(Partition &part); 71 void addPhdrForSection(Partition &part, unsigned shType, unsigned pType, 72 unsigned pFlags); 73 void assignFileOffsets(); 74 void assignFileOffsetsBinary(); 75 void setPhdrs(Partition &part); 76 void checkSections(); 77 void fixSectionAlignments(); 78 void openFile(); 79 void writeTrapInstr(); 80 void writeHeader(); 81 void writeSections(); 82 void writeSectionsBinary(); 83 void writeBuildId(); 84 85 Ctx &ctx; 86 std::unique_ptr<FileOutputBuffer> &buffer; 87 // ThunkCreator holds Thunks that are used at writeTo time. 88 ThunkCreator tc; 89 90 void addRelIpltSymbols(); 91 void addStartEndSymbols(); 92 void addStartStopSymbols(OutputSection &osec); 93 94 uint64_t fileSize; 95 uint64_t sectionHeaderOff; 96 }; 97 } // anonymous namespace 98 99 template <class ELFT> void elf::writeResult(Ctx &ctx) { 100 Writer<ELFT>(ctx).run(); 101 } 102 103 static void 104 removeEmptyPTLoad(Ctx &ctx, SmallVector<std::unique_ptr<PhdrEntry>, 0> &phdrs) { 105 auto it = std::stable_partition(phdrs.begin(), phdrs.end(), [&](auto &p) { 106 if (p->p_type != PT_LOAD) 107 return true; 108 if (!p->firstSec) 109 return false; 110 uint64_t size = p->lastSec->addr + p->lastSec->size - p->firstSec->addr; 111 return size != 0; 112 }); 113 114 // Clear OutputSection::ptLoad for sections contained in removed 115 // segments. 116 DenseSet<PhdrEntry *> removed; 117 for (auto it2 = it; it2 != phdrs.end(); ++it2) 118 removed.insert(it2->get()); 119 for (OutputSection *sec : ctx.outputSections) 120 if (removed.count(sec->ptLoad)) 121 sec->ptLoad = nullptr; 122 phdrs.erase(it, phdrs.end()); 123 } 124 125 void elf::copySectionsIntoPartitions(Ctx &ctx) { 126 SmallVector<InputSectionBase *, 0> newSections; 127 const size_t ehSize = ctx.ehInputSections.size(); 128 for (unsigned part = 2; part != ctx.partitions.size() + 1; ++part) { 129 for (InputSectionBase *s : ctx.inputSections) { 130 if (!(s->flags & SHF_ALLOC) || !s->isLive() || s->type != SHT_NOTE) 131 continue; 132 auto *copy = make<InputSection>(cast<InputSection>(*s)); 133 copy->partition = part; 134 newSections.push_back(copy); 135 } 136 for (size_t i = 0; i != ehSize; ++i) { 137 assert(ctx.ehInputSections[i]->isLive()); 138 auto *copy = make<EhInputSection>(*ctx.ehInputSections[i]); 139 copy->partition = part; 140 ctx.ehInputSections.push_back(copy); 141 } 142 } 143 144 ctx.inputSections.insert(ctx.inputSections.end(), newSections.begin(), 145 newSections.end()); 146 } 147 148 static Defined *addOptionalRegular(Ctx &ctx, StringRef name, SectionBase *sec, 149 uint64_t val, uint8_t stOther = STV_HIDDEN) { 150 Symbol *s = ctx.symtab->find(name); 151 if (!s || s->isDefined() || s->isCommon()) 152 return nullptr; 153 154 ctx.synthesizedSymbols.push_back(s); 155 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL, 156 stOther, STT_NOTYPE, val, 157 /*size=*/0, sec}); 158 s->isUsedInRegularObj = true; 159 return cast<Defined>(s); 160 } 161 162 // The linker is expected to define some symbols depending on 163 // the linking result. This function defines such symbols. 164 void elf::addReservedSymbols(Ctx &ctx) { 165 if (ctx.arg.emachine == EM_MIPS) { 166 auto addAbsolute = [&](StringRef name) { 167 Symbol *sym = 168 ctx.symtab->addSymbol(Defined{ctx, ctx.internalFile, name, STB_GLOBAL, 169 STV_HIDDEN, STT_NOTYPE, 0, 0, nullptr}); 170 sym->isUsedInRegularObj = true; 171 return cast<Defined>(sym); 172 }; 173 // Define _gp for MIPS. st_value of _gp symbol will be updated by Writer 174 // so that it points to an absolute address which by default is relative 175 // to GOT. Default offset is 0x7ff0. 176 // See "Global Data Symbols" in Chapter 6 in the following document: 177 // ftp://www.linux-mips.org/pub/linux/mips/doc/ABI/mipsabi.pdf 178 ctx.sym.mipsGp = addAbsolute("_gp"); 179 180 // On MIPS O32 ABI, _gp_disp is a magic symbol designates offset between 181 // start of function and 'gp' pointer into GOT. 182 if (ctx.symtab->find("_gp_disp")) 183 ctx.sym.mipsGpDisp = addAbsolute("_gp_disp"); 184 185 // The __gnu_local_gp is a magic symbol equal to the current value of 'gp' 186 // pointer. This symbol is used in the code generated by .cpload pseudo-op 187 // in case of using -mno-shared option. 188 // https://sourceware.org/ml/binutils/2004-12/msg00094.html 189 if (ctx.symtab->find("__gnu_local_gp")) 190 ctx.sym.mipsLocalGp = addAbsolute("__gnu_local_gp"); 191 } else if (ctx.arg.emachine == EM_PPC) { 192 // glibc *crt1.o has a undefined reference to _SDA_BASE_. Since we don't 193 // support Small Data Area, define it arbitrarily as 0. 194 addOptionalRegular(ctx, "_SDA_BASE_", nullptr, 0, STV_HIDDEN); 195 } else if (ctx.arg.emachine == EM_PPC64) { 196 addPPC64SaveRestore(ctx); 197 } 198 199 // The Power Architecture 64-bit v2 ABI defines a TableOfContents (TOC) which 200 // combines the typical ELF GOT with the small data sections. It commonly 201 // includes .got .toc .sdata .sbss. The .TOC. symbol replaces both 202 // _GLOBAL_OFFSET_TABLE_ and _SDA_BASE_ from the 32-bit ABI. It is used to 203 // represent the TOC base which is offset by 0x8000 bytes from the start of 204 // the .got section. 205 // We do not allow _GLOBAL_OFFSET_TABLE_ to be defined by input objects as the 206 // correctness of some relocations depends on its value. 207 StringRef gotSymName = 208 (ctx.arg.emachine == EM_PPC64) ? ".TOC." : "_GLOBAL_OFFSET_TABLE_"; 209 210 if (Symbol *s = ctx.symtab->find(gotSymName)) { 211 if (s->isDefined()) { 212 ErrAlways(ctx) << s->file << " cannot redefine linker defined symbol '" 213 << gotSymName << "'"; 214 return; 215 } 216 217 uint64_t gotOff = 0; 218 if (ctx.arg.emachine == EM_PPC64) 219 gotOff = 0x8000; 220 221 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL, 222 STV_HIDDEN, STT_NOTYPE, gotOff, /*size=*/0, 223 ctx.out.elfHeader.get()}); 224 ctx.sym.globalOffsetTable = cast<Defined>(s); 225 } 226 227 // __ehdr_start is the location of ELF file headers. Note that we define 228 // this symbol unconditionally even when using a linker script, which 229 // differs from the behavior implemented by GNU linker which only define 230 // this symbol if ELF headers are in the memory mapped segment. 231 addOptionalRegular(ctx, "__ehdr_start", ctx.out.elfHeader.get(), 0, 232 STV_HIDDEN); 233 234 // __executable_start is not documented, but the expectation of at 235 // least the Android libc is that it points to the ELF header. 236 addOptionalRegular(ctx, "__executable_start", ctx.out.elfHeader.get(), 0, 237 STV_HIDDEN); 238 239 // __dso_handle symbol is passed to cxa_finalize as a marker to identify 240 // each DSO. The address of the symbol doesn't matter as long as they are 241 // different in different DSOs, so we chose the start address of the DSO. 242 addOptionalRegular(ctx, "__dso_handle", ctx.out.elfHeader.get(), 0, 243 STV_HIDDEN); 244 245 // If linker script do layout we do not need to create any standard symbols. 246 if (ctx.script->hasSectionsCommand) 247 return; 248 249 auto add = [&](StringRef s, int64_t pos) { 250 return addOptionalRegular(ctx, s, ctx.out.elfHeader.get(), pos, 251 STV_DEFAULT); 252 }; 253 254 ctx.sym.bss = add("__bss_start", 0); 255 ctx.sym.end1 = add("end", -1); 256 ctx.sym.end2 = add("_end", -1); 257 ctx.sym.etext1 = add("etext", -1); 258 ctx.sym.etext2 = add("_etext", -1); 259 ctx.sym.edata1 = add("edata", -1); 260 ctx.sym.edata2 = add("_edata", -1); 261 } 262 263 static void demoteDefined(Defined &sym, DenseMap<SectionBase *, size_t> &map) { 264 if (map.empty()) 265 for (auto [i, sec] : llvm::enumerate(sym.file->getSections())) 266 map.try_emplace(sec, i); 267 // Change WEAK to GLOBAL so that if a scanned relocation references sym, 268 // maybeReportUndefined will report an error. 269 uint8_t binding = sym.isWeak() ? uint8_t(STB_GLOBAL) : sym.binding; 270 Undefined(sym.file, sym.getName(), binding, sym.stOther, sym.type, 271 /*discardedSecIdx=*/map.lookup(sym.section)) 272 .overwrite(sym); 273 // Eliminate from the symbol table, otherwise we would leave an undefined 274 // symbol if the symbol is unreferenced in the absence of GC. 275 sym.isUsedInRegularObj = false; 276 } 277 278 // If all references to a DSO happen to be weak, the DSO is not added to 279 // DT_NEEDED. If that happens, replace ShardSymbol with Undefined to avoid 280 // dangling references to an unneeded DSO. Use a weak binding to avoid 281 // --no-allow-shlib-undefined diagnostics. Similarly, demote lazy symbols. 282 // 283 // In addition, demote symbols defined in discarded sections, so that 284 // references to /DISCARD/ discarded symbols will lead to errors. 285 static void demoteSymbolsAndComputeIsPreemptible(Ctx &ctx) { 286 llvm::TimeTraceScope timeScope("Demote symbols"); 287 DenseMap<InputFile *, DenseMap<SectionBase *, size_t>> sectionIndexMap; 288 for (Symbol *sym : ctx.symtab->getSymbols()) { 289 if (auto *d = dyn_cast<Defined>(sym)) { 290 if (d->section && !d->section->isLive()) 291 demoteDefined(*d, sectionIndexMap[d->file]); 292 } else { 293 auto *s = dyn_cast<SharedSymbol>(sym); 294 if (sym->isLazy() || (s && !cast<SharedFile>(s->file)->isNeeded)) { 295 uint8_t binding = sym->isLazy() ? sym->binding : uint8_t(STB_WEAK); 296 Undefined(ctx.internalFile, sym->getName(), binding, sym->stOther, 297 sym->type) 298 .overwrite(*sym); 299 sym->versionId = VER_NDX_GLOBAL; 300 } 301 } 302 303 sym->isPreemptible = (sym->isUndefined() || sym->isExported) && 304 computeIsPreemptible(ctx, *sym); 305 } 306 } 307 308 static OutputSection *findSection(Ctx &ctx, StringRef name, 309 unsigned partition = 1) { 310 for (SectionCommand *cmd : ctx.script->sectionCommands) 311 if (auto *osd = dyn_cast<OutputDesc>(cmd)) 312 if (osd->osec.name == name && osd->osec.partition == partition) 313 return &osd->osec; 314 return nullptr; 315 } 316 317 // The main function of the writer. 318 template <class ELFT> void Writer<ELFT>::run() { 319 // Now that we have a complete set of output sections. This function 320 // completes section contents. For example, we need to add strings 321 // to the string table, and add entries to .got and .plt. 322 // finalizeSections does that. 323 finalizeSections(); 324 checkExecuteOnly(); 325 checkExecuteOnlyReport(); 326 327 // If --compressed-debug-sections is specified, compress .debug_* sections. 328 // Do it right now because it changes the size of output sections. 329 for (OutputSection *sec : ctx.outputSections) 330 sec->maybeCompress<ELFT>(ctx); 331 332 if (ctx.script->hasSectionsCommand) 333 ctx.script->allocateHeaders(ctx.mainPart->phdrs); 334 335 // Remove empty PT_LOAD to avoid causing the dynamic linker to try to mmap a 336 // 0 sized region. This has to be done late since only after assignAddresses 337 // we know the size of the sections. 338 for (Partition &part : ctx.partitions) 339 removeEmptyPTLoad(ctx, part.phdrs); 340 341 if (!ctx.arg.oFormatBinary) 342 assignFileOffsets(); 343 else 344 assignFileOffsetsBinary(); 345 346 for (Partition &part : ctx.partitions) 347 setPhdrs(part); 348 349 // Handle --print-map(-M)/--Map and --cref. Dump them before checkSections() 350 // because the files may be useful in case checkSections() or openFile() 351 // fails, for example, due to an erroneous file size. 352 writeMapAndCref(ctx); 353 354 // Handle --print-memory-usage option. 355 if (ctx.arg.printMemoryUsage) 356 ctx.script->printMemoryUsage(ctx.e.outs()); 357 358 if (ctx.arg.checkSections) 359 checkSections(); 360 361 // It does not make sense try to open the file if we have error already. 362 if (errCount(ctx)) 363 return; 364 365 { 366 llvm::TimeTraceScope timeScope("Write output file"); 367 // Write the result down to a file. 368 openFile(); 369 if (errCount(ctx)) 370 return; 371 372 if (!ctx.arg.oFormatBinary) { 373 if (ctx.arg.zSeparate != SeparateSegmentKind::None) 374 writeTrapInstr(); 375 writeHeader(); 376 writeSections(); 377 } else { 378 writeSectionsBinary(); 379 } 380 381 // Backfill .note.gnu.build-id section content. This is done at last 382 // because the content is usually a hash value of the entire output file. 383 writeBuildId(); 384 if (errCount(ctx)) 385 return; 386 387 if (!ctx.e.disableOutput) { 388 if (auto e = buffer->commit()) 389 Err(ctx) << "failed to write output '" << buffer->getPath() 390 << "': " << std::move(e); 391 } 392 393 if (!ctx.arg.cmseOutputLib.empty()) 394 writeARMCmseImportLib<ELFT>(ctx); 395 } 396 } 397 398 template <class ELFT, class RelTy> 399 static void markUsedLocalSymbolsImpl(ObjFile<ELFT> *file, 400 llvm::ArrayRef<RelTy> rels) { 401 for (const RelTy &rel : rels) { 402 Symbol &sym = file->getRelocTargetSym(rel); 403 if (sym.isLocal()) 404 sym.used = true; 405 } 406 } 407 408 // The function ensures that the "used" field of local symbols reflects the fact 409 // that the symbol is used in a relocation from a live section. 410 template <class ELFT> static void markUsedLocalSymbols(Ctx &ctx) { 411 // With --gc-sections, the field is already filled. 412 // See MarkLive<ELFT>::resolveReloc(). 413 if (ctx.arg.gcSections) 414 return; 415 for (ELFFileBase *file : ctx.objectFiles) { 416 ObjFile<ELFT> *f = cast<ObjFile<ELFT>>(file); 417 for (InputSectionBase *s : f->getSections()) { 418 InputSection *isec = dyn_cast_or_null<InputSection>(s); 419 if (!isec) 420 continue; 421 if (isec->type == SHT_REL) { 422 markUsedLocalSymbolsImpl(f, isec->getDataAs<typename ELFT::Rel>()); 423 } else if (isec->type == SHT_RELA) { 424 markUsedLocalSymbolsImpl(f, isec->getDataAs<typename ELFT::Rela>()); 425 } else if (isec->type == SHT_CREL) { 426 // The is64=true variant also works with ELF32 since only the r_symidx 427 // member is used. 428 for (Elf_Crel_Impl<true> r : RelocsCrel<true>(isec->content_)) { 429 Symbol &sym = file->getSymbol(r.r_symidx); 430 if (sym.isLocal()) 431 sym.used = true; 432 } 433 } 434 } 435 } 436 } 437 438 static bool shouldKeepInSymtab(Ctx &ctx, const Defined &sym) { 439 if (sym.isSection()) 440 return false; 441 442 // If --emit-reloc or -r is given, preserve symbols referenced by relocations 443 // from live sections. 444 if (sym.used && ctx.arg.copyRelocs) 445 return true; 446 447 // Exclude local symbols pointing to .ARM.exidx sections. 448 // They are probably mapping symbols "$d", which are optional for these 449 // sections. After merging the .ARM.exidx sections, some of these symbols 450 // may become dangling. The easiest way to avoid the issue is not to add 451 // them to the symbol table from the beginning. 452 if (ctx.arg.emachine == EM_ARM && sym.section && 453 sym.section->type == SHT_ARM_EXIDX) 454 return false; 455 456 if (ctx.arg.discard == DiscardPolicy::None) 457 return true; 458 if (ctx.arg.discard == DiscardPolicy::All) 459 return false; 460 461 // In ELF assembly .L symbols are normally discarded by the assembler. 462 // If the assembler fails to do so, the linker discards them if 463 // * --discard-locals is used. 464 // * The symbol is in a SHF_MERGE section, which is normally the reason for 465 // the assembler keeping the .L symbol. 466 if (sym.getName().starts_with(".L") && 467 (ctx.arg.discard == DiscardPolicy::Locals || 468 (sym.section && (sym.section->flags & SHF_MERGE)))) 469 return false; 470 return true; 471 } 472 473 bool elf::includeInSymtab(Ctx &ctx, const Symbol &b) { 474 if (auto *d = dyn_cast<Defined>(&b)) { 475 // Always include absolute symbols. 476 SectionBase *sec = d->section; 477 if (!sec) 478 return true; 479 assert(sec->isLive()); 480 481 if (auto *s = dyn_cast<MergeInputSection>(sec)) 482 return s->getSectionPiece(d->value).live; 483 return true; 484 } 485 return b.used || !ctx.arg.gcSections; 486 } 487 488 // Scan local symbols to: 489 // 490 // - demote symbols defined relative to /DISCARD/ discarded input sections so 491 // that relocations referencing them will lead to errors. 492 // - copy eligible symbols to .symTab 493 static void demoteAndCopyLocalSymbols(Ctx &ctx) { 494 llvm::TimeTraceScope timeScope("Add local symbols"); 495 for (ELFFileBase *file : ctx.objectFiles) { 496 DenseMap<SectionBase *, size_t> sectionIndexMap; 497 for (Symbol *b : file->getLocalSymbols()) { 498 assert(b->isLocal() && "should have been caught in initializeSymbols()"); 499 auto *dr = dyn_cast<Defined>(b); 500 if (!dr) 501 continue; 502 503 if (dr->section && !dr->section->isLive()) 504 demoteDefined(*dr, sectionIndexMap); 505 else if (ctx.in.symTab && includeInSymtab(ctx, *b) && 506 shouldKeepInSymtab(ctx, *dr)) 507 ctx.in.symTab->addSymbol(b); 508 } 509 } 510 } 511 512 // Create a section symbol for each output section so that we can represent 513 // relocations that point to the section. If we know that no relocation is 514 // referring to a section (that happens if the section is a synthetic one), we 515 // don't create a section symbol for that section. 516 template <class ELFT> void Writer<ELFT>::addSectionSymbols() { 517 for (SectionCommand *cmd : ctx.script->sectionCommands) { 518 auto *osd = dyn_cast<OutputDesc>(cmd); 519 if (!osd) 520 continue; 521 OutputSection &osec = osd->osec; 522 InputSectionBase *isec = nullptr; 523 // Iterate over all input sections and add a STT_SECTION symbol if any input 524 // section may be a relocation target. 525 for (SectionCommand *cmd : osec.commands) { 526 auto *isd = dyn_cast<InputSectionDescription>(cmd); 527 if (!isd) 528 continue; 529 for (InputSectionBase *s : isd->sections) { 530 // Relocations are not using REL[A] section symbols. 531 if (isStaticRelSecType(s->type)) 532 continue; 533 534 // Unlike other synthetic sections, mergeable output sections contain 535 // data copied from input sections, and there may be a relocation 536 // pointing to its contents if -r or --emit-reloc is given. 537 if (isa<SyntheticSection>(s) && !(s->flags & SHF_MERGE)) 538 continue; 539 540 isec = s; 541 break; 542 } 543 } 544 if (!isec) 545 continue; 546 547 // Set the symbol to be relative to the output section so that its st_value 548 // equals the output section address. Note, there may be a gap between the 549 // start of the output section and isec. 550 ctx.in.symTab->addSymbol(makeDefined(ctx, isec->file, "", STB_LOCAL, 551 /*stOther=*/0, STT_SECTION, 552 /*value=*/0, /*size=*/0, &osec)); 553 } 554 } 555 556 // Today's loaders have a feature to make segments read-only after 557 // processing dynamic relocations to enhance security. PT_GNU_RELRO 558 // is defined for that. 559 // 560 // This function returns true if a section needs to be put into a 561 // PT_GNU_RELRO segment. 562 static bool isRelroSection(Ctx &ctx, const OutputSection *sec) { 563 if (!ctx.arg.zRelro) 564 return false; 565 if (sec->relro) 566 return true; 567 568 uint64_t flags = sec->flags; 569 570 // Non-allocatable or non-writable sections don't need RELRO because 571 // they are not writable or not even mapped to memory in the first place. 572 // RELRO is for sections that are essentially read-only but need to 573 // be writable only at process startup to allow dynamic linker to 574 // apply relocations. 575 if (!(flags & SHF_ALLOC) || !(flags & SHF_WRITE)) 576 return false; 577 578 // Once initialized, TLS data segments are used as data templates 579 // for a thread-local storage. For each new thread, runtime 580 // allocates memory for a TLS and copy templates there. No thread 581 // are supposed to use templates directly. Thus, it can be in RELRO. 582 if (flags & SHF_TLS) 583 return true; 584 585 // .init_array, .preinit_array and .fini_array contain pointers to 586 // functions that are executed on process startup or exit. These 587 // pointers are set by the static linker, and they are not expected 588 // to change at runtime. But if you are an attacker, you could do 589 // interesting things by manipulating pointers in .fini_array, for 590 // example. So they are put into RELRO. 591 uint32_t type = sec->type; 592 if (type == SHT_INIT_ARRAY || type == SHT_FINI_ARRAY || 593 type == SHT_PREINIT_ARRAY) 594 return true; 595 596 // .got contains pointers to external symbols. They are resolved by 597 // the dynamic linker when a module is loaded into memory, and after 598 // that they are not expected to change. So, it can be in RELRO. 599 if (ctx.in.got && sec == ctx.in.got->getParent()) 600 return true; 601 602 // .toc is a GOT-ish section for PowerPC64. Their contents are accessed 603 // through r2 register, which is reserved for that purpose. Since r2 is used 604 // for accessing .got as well, .got and .toc need to be close enough in the 605 // virtual address space. Usually, .toc comes just after .got. Since we place 606 // .got into RELRO, .toc needs to be placed into RELRO too. 607 if (sec->name == ".toc") 608 return true; 609 610 // .got.plt contains pointers to external function symbols. They are 611 // by default resolved lazily, so we usually cannot put it into RELRO. 612 // However, if "-z now" is given, the lazy symbol resolution is 613 // disabled, which enables us to put it into RELRO. 614 if (sec == ctx.in.gotPlt->getParent()) 615 return ctx.arg.zNow; 616 617 if (ctx.in.relroPadding && sec == ctx.in.relroPadding->getParent()) 618 return true; 619 620 // .dynamic section contains data for the dynamic linker, and 621 // there's no need to write to it at runtime, so it's better to put 622 // it into RELRO. 623 if (sec->name == ".dynamic") 624 return true; 625 626 // Sections with some special names are put into RELRO. This is a 627 // bit unfortunate because section names shouldn't be significant in 628 // ELF in spirit. But in reality many linker features depend on 629 // magic section names. 630 StringRef s = sec->name; 631 632 bool abiAgnostic = s == ".data.rel.ro" || s == ".bss.rel.ro" || 633 s == ".ctors" || s == ".dtors" || s == ".jcr" || 634 s == ".eh_frame" || s == ".fini_array" || 635 s == ".init_array" || s == ".preinit_array"; 636 637 bool abiSpecific = 638 ctx.arg.osabi == ELFOSABI_OPENBSD && s == ".openbsd.randomdata"; 639 640 return abiAgnostic || abiSpecific; 641 } 642 643 // We compute a rank for each section. The rank indicates where the 644 // section should be placed in the file. Instead of using simple 645 // numbers (0,1,2...), we use a series of flags. One for each decision 646 // point when placing the section. 647 // Using flags has two key properties: 648 // * It is easy to check if a give branch was taken. 649 // * It is easy two see how similar two ranks are (see getRankProximity). 650 enum RankFlags { 651 RF_NOT_ADDR_SET = 1 << 27, 652 RF_NOT_ALLOC = 1 << 26, 653 RF_PARTITION = 1 << 18, // Partition number (8 bits) 654 RF_LARGE_EXEC_WRITE = 1 << 16, 655 RF_LARGE_ALT = 1 << 15, 656 RF_WRITE = 1 << 14, 657 RF_EXEC_WRITE = 1 << 13, 658 RF_EXEC = 1 << 12, 659 RF_RODATA = 1 << 11, 660 RF_LARGE_EXEC = 1 << 10, 661 RF_LARGE = 1 << 9, 662 RF_NOT_RELRO = 1 << 8, 663 RF_NOT_TLS = 1 << 7, 664 RF_BSS = 1 << 6, 665 }; 666 667 unsigned elf::getSectionRank(Ctx &ctx, OutputSection &osec) { 668 unsigned rank = osec.partition * RF_PARTITION; 669 670 // We want to put section specified by -T option first, so we 671 // can start assigning VA starting from them later. 672 if (ctx.arg.sectionStartMap.count(osec.name)) 673 return rank; 674 rank |= RF_NOT_ADDR_SET; 675 676 // Allocatable sections go first to reduce the total PT_LOAD size and 677 // so debug info doesn't change addresses in actual code. 678 if (!(osec.flags & SHF_ALLOC)) 679 return rank | RF_NOT_ALLOC; 680 681 // Sort sections based on their access permission in the following 682 // order: R, RX, RXW, RW(RELRO), RW(non-RELRO). 683 // 684 // Read-only sections come first such that they go in the PT_LOAD covering the 685 // program headers at the start of the file. 686 // 687 // The layout for writable sections is PT_LOAD(PT_GNU_RELRO(.data.rel.ro 688 // .bss.rel.ro) | .data .bss), where | marks where page alignment happens. 689 // An alternative ordering is PT_LOAD(.data | PT_GNU_RELRO( .data.rel.ro 690 // .bss.rel.ro) | .bss), but it may waste more bytes due to 2 alignment 691 // places. 692 bool isExec = osec.flags & SHF_EXECINSTR; 693 bool isWrite = osec.flags & SHF_WRITE; 694 bool isLarge = osec.flags & SHF_X86_64_LARGE && ctx.arg.emachine == EM_X86_64; 695 696 if (!isWrite && !isExec) { 697 // Among PROGBITS sections, place .lrodata further from .text. 698 // For -z lrodata-after-bss, place .lrodata after .lbss like GNU ld. This 699 // layout has one extra PT_LOAD, but alleviates relocation overflow 700 // pressure for absolute relocations referencing small data from -fno-pic 701 // relocatable files. 702 if (isLarge) 703 rank |= ctx.arg.zLrodataAfterBss ? RF_LARGE_ALT : 0; 704 else 705 rank |= ctx.arg.zLrodataAfterBss ? 0 : RF_LARGE; 706 707 if (osec.type == SHT_LLVM_PART_EHDR) 708 ; 709 else if (osec.type == SHT_LLVM_PART_PHDR) 710 rank |= 1; 711 else if (osec.name == ".interp") 712 rank |= 2; 713 // Put .note sections at the beginning so that they are likely to be 714 // included in a truncate core file. In particular, .note.gnu.build-id, if 715 // available, can identify the object file. 716 else if (osec.type == SHT_NOTE) 717 rank |= 3; 718 // Make PROGBITS sections (e.g .rodata .eh_frame) closer to .text to 719 // alleviate relocation overflow pressure. Large special sections such as 720 // .dynstr and .dynsym can be away from .text. 721 else if (osec.type != SHT_PROGBITS) 722 rank |= 4; 723 else 724 rank |= RF_RODATA; 725 } else if (isExec) { 726 // Place readonly .ltext before .lrodata and writable .ltext after .lbss to 727 // keep writable and readonly segments separate. 728 if (isLarge) { 729 rank |= isWrite ? RF_LARGE_EXEC_WRITE : RF_LARGE_EXEC; 730 } else { 731 rank |= isWrite ? RF_EXEC_WRITE : RF_EXEC; 732 } 733 } else { 734 rank |= RF_WRITE; 735 // The TLS initialization block needs to be a single contiguous block. Place 736 // TLS sections directly before the other RELRO sections. 737 if (!(osec.flags & SHF_TLS)) 738 rank |= RF_NOT_TLS; 739 if (isRelroSection(ctx, &osec)) 740 osec.relro = true; 741 else 742 rank |= RF_NOT_RELRO; 743 // Place .ldata and .lbss after .bss. Making .bss closer to .text 744 // alleviates relocation overflow pressure. 745 // For -z lrodata-after-bss, place .lbss/.lrodata/.ldata after .bss. 746 // .bss/.lbss being adjacent reuses the NOBITS size optimization. 747 if (isLarge) { 748 rank |= ctx.arg.zLrodataAfterBss 749 ? (osec.type == SHT_NOBITS ? 1 : RF_LARGE_ALT) 750 : RF_LARGE; 751 } 752 } 753 754 // Within TLS sections, or within other RelRo sections, or within non-RelRo 755 // sections, place non-NOBITS sections first. 756 if (osec.type == SHT_NOBITS) 757 rank |= RF_BSS; 758 759 // Some architectures have additional ordering restrictions for sections 760 // within the same PT_LOAD. 761 if (ctx.arg.emachine == EM_PPC64) { 762 // PPC64 has a number of special SHT_PROGBITS+SHF_ALLOC+SHF_WRITE sections 763 // that we would like to make sure appear is a specific order to maximize 764 // their coverage by a single signed 16-bit offset from the TOC base 765 // pointer. 766 StringRef name = osec.name; 767 if (name == ".got") 768 rank |= 1; 769 else if (name == ".toc") 770 rank |= 2; 771 } 772 773 if (ctx.arg.emachine == EM_MIPS) { 774 if (osec.name != ".got") 775 rank |= 1; 776 // All sections with SHF_MIPS_GPREL flag should be grouped together 777 // because data in these sections is addressable with a gp relative address. 778 if (osec.flags & SHF_MIPS_GPREL) 779 rank |= 2; 780 } 781 782 if (ctx.arg.emachine == EM_RISCV) { 783 // .sdata and .sbss are placed closer to make GP relaxation more profitable 784 // and match GNU ld. 785 StringRef name = osec.name; 786 if (name == ".sdata" || (osec.type == SHT_NOBITS && name != ".sbss")) 787 rank |= 1; 788 } 789 790 return rank; 791 } 792 793 static bool compareSections(Ctx &ctx, const SectionCommand *aCmd, 794 const SectionCommand *bCmd) { 795 const OutputSection *a = &cast<OutputDesc>(aCmd)->osec; 796 const OutputSection *b = &cast<OutputDesc>(bCmd)->osec; 797 798 if (a->sortRank != b->sortRank) 799 return a->sortRank < b->sortRank; 800 801 if (!(a->sortRank & RF_NOT_ADDR_SET)) 802 return ctx.arg.sectionStartMap.lookup(a->name) < 803 ctx.arg.sectionStartMap.lookup(b->name); 804 return false; 805 } 806 807 void PhdrEntry::add(OutputSection *sec) { 808 lastSec = sec; 809 if (!firstSec) 810 firstSec = sec; 811 p_align = std::max(p_align, sec->addralign); 812 if (p_type == PT_LOAD) 813 sec->ptLoad = this; 814 } 815 816 // A statically linked position-dependent executable should only contain 817 // IRELATIVE relocations and no other dynamic relocations. Encapsulation symbols 818 // __rel[a]_iplt_{start,end} will be defined for .rel[a].dyn, to be 819 // processed by the libc runtime. Other executables or DSOs use dynamic tags 820 // instead. 821 template <class ELFT> void Writer<ELFT>::addRelIpltSymbols() { 822 if (ctx.arg.isPic) 823 return; 824 825 // __rela_iplt_{start,end} are initially defined relative to dummy section 0. 826 // We'll override ctx.out.elfHeader with relaDyn later when we are sure that 827 // .rela.dyn will be present in the output. 828 std::string name = ctx.arg.isRela ? "__rela_iplt_start" : "__rel_iplt_start"; 829 ctx.sym.relaIpltStart = 830 addOptionalRegular(ctx, name, ctx.out.elfHeader.get(), 0, STV_HIDDEN); 831 name.replace(name.size() - 5, 5, "end"); 832 ctx.sym.relaIpltEnd = 833 addOptionalRegular(ctx, name, ctx.out.elfHeader.get(), 0, STV_HIDDEN); 834 } 835 836 // This function generates assignments for predefined symbols (e.g. _end or 837 // _etext) and inserts them into the commands sequence to be processed at the 838 // appropriate time. This ensures that the value is going to be correct by the 839 // time any references to these symbols are processed and is equivalent to 840 // defining these symbols explicitly in the linker script. 841 template <class ELFT> void Writer<ELFT>::setReservedSymbolSections() { 842 if (ctx.sym.globalOffsetTable) { 843 // The _GLOBAL_OFFSET_TABLE_ symbol is defined by target convention usually 844 // to the start of the .got or .got.plt section. 845 InputSection *sec = ctx.in.gotPlt.get(); 846 if (!ctx.target->gotBaseSymInGotPlt) 847 sec = ctx.in.mipsGot ? cast<InputSection>(ctx.in.mipsGot.get()) 848 : cast<InputSection>(ctx.in.got.get()); 849 ctx.sym.globalOffsetTable->section = sec; 850 } 851 852 // .rela_iplt_{start,end} mark the start and the end of the section containing 853 // IRELATIVE relocations. 854 if (ctx.sym.relaIpltStart) { 855 auto &dyn = getIRelativeSection(ctx); 856 if (dyn.isNeeded()) { 857 ctx.sym.relaIpltStart->section = &dyn; 858 ctx.sym.relaIpltEnd->section = &dyn; 859 ctx.sym.relaIpltEnd->value = dyn.getSize(); 860 } 861 } 862 863 PhdrEntry *last = nullptr; 864 OutputSection *lastRO = nullptr; 865 auto isLarge = [&ctx = ctx](OutputSection *osec) { 866 return ctx.arg.emachine == EM_X86_64 && osec->flags & SHF_X86_64_LARGE; 867 }; 868 for (Partition &part : ctx.partitions) { 869 for (auto &p : part.phdrs) { 870 if (p->p_type != PT_LOAD) 871 continue; 872 last = p.get(); 873 if (!(p->p_flags & PF_W) && p->lastSec && !isLarge(p->lastSec)) 874 lastRO = p->lastSec; 875 } 876 } 877 878 if (lastRO) { 879 // _etext is the first location after the last read-only loadable segment 880 // that does not contain large sections. 881 if (ctx.sym.etext1) 882 ctx.sym.etext1->section = lastRO; 883 if (ctx.sym.etext2) 884 ctx.sym.etext2->section = lastRO; 885 } 886 887 if (last) { 888 // _edata points to the end of the last non-large mapped initialized 889 // section. 890 OutputSection *edata = nullptr; 891 for (OutputSection *os : ctx.outputSections) { 892 if (os->type != SHT_NOBITS && !isLarge(os)) 893 edata = os; 894 if (os == last->lastSec) 895 break; 896 } 897 898 if (ctx.sym.edata1) 899 ctx.sym.edata1->section = edata; 900 if (ctx.sym.edata2) 901 ctx.sym.edata2->section = edata; 902 903 // _end is the first location after the uninitialized data region. 904 if (ctx.sym.end1) 905 ctx.sym.end1->section = last->lastSec; 906 if (ctx.sym.end2) 907 ctx.sym.end2->section = last->lastSec; 908 } 909 910 if (ctx.sym.bss) { 911 // On RISC-V, set __bss_start to the start of .sbss if present. 912 OutputSection *sbss = 913 ctx.arg.emachine == EM_RISCV ? findSection(ctx, ".sbss") : nullptr; 914 ctx.sym.bss->section = sbss ? sbss : findSection(ctx, ".bss"); 915 } 916 917 // Setup MIPS _gp_disp/__gnu_local_gp symbols which should 918 // be equal to the _gp symbol's value. 919 if (ctx.sym.mipsGp) { 920 // Find GP-relative section with the lowest address 921 // and use this address to calculate default _gp value. 922 for (OutputSection *os : ctx.outputSections) { 923 if (os->flags & SHF_MIPS_GPREL) { 924 ctx.sym.mipsGp->section = os; 925 ctx.sym.mipsGp->value = 0x7ff0; 926 break; 927 } 928 } 929 } 930 } 931 932 // We want to find how similar two ranks are. 933 // The more branches in getSectionRank that match, the more similar they are. 934 // Since each branch corresponds to a bit flag, we can just use 935 // countLeadingZeros. 936 static int getRankProximity(OutputSection *a, SectionCommand *b) { 937 auto *osd = dyn_cast<OutputDesc>(b); 938 return (osd && osd->osec.hasInputSections) 939 ? llvm::countl_zero(a->sortRank ^ osd->osec.sortRank) 940 : -1; 941 } 942 943 // When placing orphan sections, we want to place them after symbol assignments 944 // so that an orphan after 945 // begin_foo = .; 946 // foo : { *(foo) } 947 // end_foo = .; 948 // doesn't break the intended meaning of the begin/end symbols. 949 // We don't want to go over sections since findOrphanPos is the 950 // one in charge of deciding the order of the sections. 951 // We don't want to go over changes to '.', since doing so in 952 // rx_sec : { *(rx_sec) } 953 // . = ALIGN(0x1000); 954 // /* The RW PT_LOAD starts here*/ 955 // rw_sec : { *(rw_sec) } 956 // would mean that the RW PT_LOAD would become unaligned. 957 static bool shouldSkip(SectionCommand *cmd) { 958 if (auto *assign = dyn_cast<SymbolAssignment>(cmd)) 959 return assign->name != "."; 960 return false; 961 } 962 963 // We want to place orphan sections so that they share as much 964 // characteristics with their neighbors as possible. For example, if 965 // both are rw, or both are tls. 966 static SmallVectorImpl<SectionCommand *>::iterator 967 findOrphanPos(Ctx &ctx, SmallVectorImpl<SectionCommand *>::iterator b, 968 SmallVectorImpl<SectionCommand *>::iterator e) { 969 // Place non-alloc orphan sections at the end. This matches how we assign file 970 // offsets to non-alloc sections. 971 OutputSection *sec = &cast<OutputDesc>(*e)->osec; 972 if (!(sec->flags & SHF_ALLOC)) 973 return e; 974 975 // As a special case, place .relro_padding before the SymbolAssignment using 976 // DATA_SEGMENT_RELRO_END, if present. 977 if (ctx.in.relroPadding && sec == ctx.in.relroPadding->getParent()) { 978 auto i = std::find_if(b, e, [=](SectionCommand *a) { 979 if (auto *assign = dyn_cast<SymbolAssignment>(a)) 980 return assign->dataSegmentRelroEnd; 981 return false; 982 }); 983 if (i != e) 984 return i; 985 } 986 987 // Find the most similar output section as the anchor. Rank Proximity is a 988 // value in the range [-1, 32] where [0, 32] indicates potential anchors (0: 989 // least similar; 32: identical). -1 means not an anchor. 990 // 991 // In the event of proximity ties, we select the first or last section 992 // depending on whether the orphan's rank is smaller. 993 int maxP = 0; 994 auto i = e; 995 for (auto j = b; j != e; ++j) { 996 int p = getRankProximity(sec, *j); 997 if (p > maxP || 998 (p == maxP && cast<OutputDesc>(*j)->osec.sortRank <= sec->sortRank)) { 999 maxP = p; 1000 i = j; 1001 } 1002 } 1003 if (i == e) 1004 return e; 1005 1006 auto isOutputSecWithInputSections = [](SectionCommand *cmd) { 1007 auto *osd = dyn_cast<OutputDesc>(cmd); 1008 return osd && osd->osec.hasInputSections; 1009 }; 1010 1011 // Then, scan backward or forward through the script for a suitable insertion 1012 // point. If i's rank is larger, the orphan section can be placed before i. 1013 // 1014 // However, don't do this if custom program headers are defined. Otherwise, 1015 // adding the orphan to a previous segment can change its flags, for example, 1016 // making a read-only segment writable. If memory regions are defined, an 1017 // orphan section should continue the same region as the found section to 1018 // better resemble the behavior of GNU ld. 1019 bool mustAfter = 1020 ctx.script->hasPhdrsCommands() || !ctx.script->memoryRegions.empty(); 1021 if (cast<OutputDesc>(*i)->osec.sortRank <= sec->sortRank || mustAfter) { 1022 for (auto j = ++i; j != e; ++j) { 1023 if (!isOutputSecWithInputSections(*j)) 1024 continue; 1025 if (getRankProximity(sec, *j) != maxP) 1026 break; 1027 i = j + 1; 1028 } 1029 } else { 1030 for (; i != b; --i) 1031 if (isOutputSecWithInputSections(i[-1])) 1032 break; 1033 } 1034 1035 // As a special case, if the orphan section is the last section, put 1036 // it at the very end, past any other commands. 1037 // This matches bfd's behavior and is convenient when the linker script fully 1038 // specifies the start of the file, but doesn't care about the end (the non 1039 // alloc sections for example). 1040 if (std::none_of(i, e, isOutputSecWithInputSections)) 1041 return e; 1042 1043 while (i != e && shouldSkip(*i)) 1044 ++i; 1045 return i; 1046 } 1047 1048 // Adds random priorities to sections not already in the map. 1049 static void maybeShuffle(Ctx &ctx, 1050 DenseMap<const InputSectionBase *, int> &order) { 1051 if (ctx.arg.shuffleSections.empty()) 1052 return; 1053 1054 SmallVector<InputSectionBase *, 0> matched, sections = ctx.inputSections; 1055 matched.reserve(sections.size()); 1056 for (const auto &patAndSeed : ctx.arg.shuffleSections) { 1057 matched.clear(); 1058 for (InputSectionBase *sec : sections) 1059 if (patAndSeed.first.match(sec->name)) 1060 matched.push_back(sec); 1061 const uint32_t seed = patAndSeed.second; 1062 if (seed == UINT32_MAX) { 1063 // If --shuffle-sections <section-glob>=-1, reverse the section order. The 1064 // section order is stable even if the number of sections changes. This is 1065 // useful to catch issues like static initialization order fiasco 1066 // reliably. 1067 std::reverse(matched.begin(), matched.end()); 1068 } else { 1069 std::mt19937 g(seed ? seed : std::random_device()()); 1070 llvm::shuffle(matched.begin(), matched.end(), g); 1071 } 1072 size_t i = 0; 1073 for (InputSectionBase *&sec : sections) 1074 if (patAndSeed.first.match(sec->name)) 1075 sec = matched[i++]; 1076 } 1077 1078 // Existing priorities are < 0, so use priorities >= 0 for the missing 1079 // sections. 1080 int prio = 0; 1081 for (InputSectionBase *sec : sections) { 1082 if (order.try_emplace(sec, prio).second) 1083 ++prio; 1084 } 1085 } 1086 1087 // Return section order within an InputSectionDescription. 1088 // If both --symbol-ordering-file and call graph profile are present, the order 1089 // file takes precedence, but the call graph profile is still used for symbols 1090 // that don't appear in the order file. 1091 static DenseMap<const InputSectionBase *, int> buildSectionOrder(Ctx &ctx) { 1092 DenseMap<const InputSectionBase *, int> sectionOrder; 1093 if (ctx.arg.bpStartupFunctionSort || ctx.arg.bpFunctionOrderForCompression || 1094 ctx.arg.bpDataOrderForCompression) { 1095 TimeTraceScope timeScope("Balanced Partitioning Section Orderer"); 1096 sectionOrder = runBalancedPartitioning( 1097 ctx, ctx.arg.bpStartupFunctionSort ? ctx.arg.irpgoProfilePath : "", 1098 ctx.arg.bpFunctionOrderForCompression, 1099 ctx.arg.bpDataOrderForCompression, 1100 ctx.arg.bpCompressionSortStartupFunctions, 1101 ctx.arg.bpVerboseSectionOrderer); 1102 } else if (!ctx.arg.callGraphProfile.empty()) { 1103 sectionOrder = computeCallGraphProfileOrder(ctx); 1104 } 1105 1106 if (ctx.arg.symbolOrderingFile.empty()) 1107 return sectionOrder; 1108 1109 struct SymbolOrderEntry { 1110 int priority; 1111 bool present; 1112 }; 1113 1114 // Build a map from symbols to their priorities. Symbols that didn't 1115 // appear in the symbol ordering file have the lowest priority 0. 1116 // All explicitly mentioned symbols have negative (higher) priorities. 1117 DenseMap<CachedHashStringRef, SymbolOrderEntry> symbolOrder; 1118 int priority = -sectionOrder.size() - ctx.arg.symbolOrderingFile.size(); 1119 for (StringRef s : ctx.arg.symbolOrderingFile) 1120 symbolOrder.insert({CachedHashStringRef(s), {priority++, false}}); 1121 1122 // Build a map from sections to their priorities. 1123 auto addSym = [&](Symbol &sym) { 1124 auto it = symbolOrder.find(CachedHashStringRef(sym.getName())); 1125 if (it == symbolOrder.end()) 1126 return; 1127 SymbolOrderEntry &ent = it->second; 1128 ent.present = true; 1129 1130 maybeWarnUnorderableSymbol(ctx, &sym); 1131 1132 if (auto *d = dyn_cast<Defined>(&sym)) { 1133 if (auto *sec = dyn_cast_or_null<InputSectionBase>(d->section)) { 1134 int &priority = sectionOrder[cast<InputSectionBase>(sec)]; 1135 priority = std::min(priority, ent.priority); 1136 } 1137 } 1138 }; 1139 1140 // We want both global and local symbols. We get the global ones from the 1141 // symbol table and iterate the object files for the local ones. 1142 for (Symbol *sym : ctx.symtab->getSymbols()) 1143 addSym(*sym); 1144 1145 for (ELFFileBase *file : ctx.objectFiles) 1146 for (Symbol *sym : file->getLocalSymbols()) 1147 addSym(*sym); 1148 1149 if (ctx.arg.warnSymbolOrdering) 1150 for (auto orderEntry : symbolOrder) 1151 if (!orderEntry.second.present) 1152 Warn(ctx) << "symbol ordering file: no such symbol: " 1153 << orderEntry.first.val(); 1154 1155 return sectionOrder; 1156 } 1157 1158 // Sorts the sections in ISD according to the provided section order. 1159 static void 1160 sortISDBySectionOrder(Ctx &ctx, InputSectionDescription *isd, 1161 const DenseMap<const InputSectionBase *, int> &order, 1162 bool executableOutputSection) { 1163 SmallVector<InputSection *, 0> unorderedSections; 1164 SmallVector<std::pair<InputSection *, int>, 0> orderedSections; 1165 uint64_t unorderedSize = 0; 1166 uint64_t totalSize = 0; 1167 1168 for (InputSection *isec : isd->sections) { 1169 if (executableOutputSection) 1170 totalSize += isec->getSize(); 1171 auto i = order.find(isec); 1172 if (i == order.end()) { 1173 unorderedSections.push_back(isec); 1174 unorderedSize += isec->getSize(); 1175 continue; 1176 } 1177 orderedSections.push_back({isec, i->second}); 1178 } 1179 llvm::sort(orderedSections, llvm::less_second()); 1180 1181 // Find an insertion point for the ordered section list in the unordered 1182 // section list. On targets with limited-range branches, this is the mid-point 1183 // of the unordered section list. This decreases the likelihood that a range 1184 // extension thunk will be needed to enter or exit the ordered region. If the 1185 // ordered section list is a list of hot functions, we can generally expect 1186 // the ordered functions to be called more often than the unordered functions, 1187 // making it more likely that any particular call will be within range, and 1188 // therefore reducing the number of thunks required. 1189 // 1190 // For example, imagine that you have 8MB of hot code and 32MB of cold code. 1191 // If the layout is: 1192 // 1193 // 8MB hot 1194 // 32MB cold 1195 // 1196 // only the first 8-16MB of the cold code (depending on which hot function it 1197 // is actually calling) can call the hot code without a range extension thunk. 1198 // However, if we use this layout: 1199 // 1200 // 16MB cold 1201 // 8MB hot 1202 // 16MB cold 1203 // 1204 // both the last 8-16MB of the first block of cold code and the first 8-16MB 1205 // of the second block of cold code can call the hot code without a thunk. So 1206 // we effectively double the amount of code that could potentially call into 1207 // the hot code without a thunk. 1208 // 1209 // The above is not necessary if total size of input sections in this "isd" 1210 // is small. Note that we assume all input sections are executable if the 1211 // output section is executable (which is not always true but supposed to 1212 // cover most cases). 1213 size_t insPt = 0; 1214 if (executableOutputSection && !orderedSections.empty() && 1215 ctx.target->getThunkSectionSpacing() && 1216 totalSize >= ctx.target->getThunkSectionSpacing()) { 1217 uint64_t unorderedPos = 0; 1218 for (; insPt != unorderedSections.size(); ++insPt) { 1219 unorderedPos += unorderedSections[insPt]->getSize(); 1220 if (unorderedPos > unorderedSize / 2) 1221 break; 1222 } 1223 } 1224 1225 isd->sections.clear(); 1226 for (InputSection *isec : ArrayRef(unorderedSections).slice(0, insPt)) 1227 isd->sections.push_back(isec); 1228 for (std::pair<InputSection *, int> p : orderedSections) 1229 isd->sections.push_back(p.first); 1230 for (InputSection *isec : ArrayRef(unorderedSections).slice(insPt)) 1231 isd->sections.push_back(isec); 1232 } 1233 1234 static void sortSection(Ctx &ctx, OutputSection &osec, 1235 const DenseMap<const InputSectionBase *, int> &order) { 1236 StringRef name = osec.name; 1237 1238 // Never sort these. 1239 if (name == ".init" || name == ".fini") 1240 return; 1241 1242 // Sort input sections by priority using the list provided by 1243 // --symbol-ordering-file or --shuffle-sections=. This is a least significant 1244 // digit radix sort. The sections may be sorted stably again by a more 1245 // significant key. 1246 if (!order.empty()) 1247 for (SectionCommand *b : osec.commands) 1248 if (auto *isd = dyn_cast<InputSectionDescription>(b)) 1249 sortISDBySectionOrder(ctx, isd, order, osec.flags & SHF_EXECINSTR); 1250 1251 if (ctx.script->hasSectionsCommand) 1252 return; 1253 1254 if (name == ".init_array" || name == ".fini_array") { 1255 osec.sortInitFini(); 1256 } else if (name == ".ctors" || name == ".dtors") { 1257 osec.sortCtorsDtors(); 1258 } else if (ctx.arg.emachine == EM_PPC64 && name == ".toc") { 1259 // .toc is allocated just after .got and is accessed using GOT-relative 1260 // relocations. Object files compiled with small code model have an 1261 // addressable range of [.got, .got + 0xFFFC] for GOT-relative relocations. 1262 // To reduce the risk of relocation overflow, .toc contents are sorted so 1263 // that sections having smaller relocation offsets are at beginning of .toc 1264 assert(osec.commands.size() == 1); 1265 auto *isd = cast<InputSectionDescription>(osec.commands[0]); 1266 llvm::stable_sort(isd->sections, 1267 [](const InputSection *a, const InputSection *b) -> bool { 1268 return a->file->ppc64SmallCodeModelTocRelocs && 1269 !b->file->ppc64SmallCodeModelTocRelocs; 1270 }); 1271 } 1272 } 1273 1274 // Sort sections within each InputSectionDescription. 1275 template <class ELFT> void Writer<ELFT>::sortInputSections() { 1276 // Assign negative priorities. 1277 DenseMap<const InputSectionBase *, int> order = buildSectionOrder(ctx); 1278 // Assign non-negative priorities due to --shuffle-sections. 1279 maybeShuffle(ctx, order); 1280 for (SectionCommand *cmd : ctx.script->sectionCommands) 1281 if (auto *osd = dyn_cast<OutputDesc>(cmd)) 1282 sortSection(ctx, osd->osec, order); 1283 } 1284 1285 template <class ELFT> void Writer<ELFT>::sortSections() { 1286 llvm::TimeTraceScope timeScope("Sort sections"); 1287 1288 // Don't sort if using -r. It is not necessary and we want to preserve the 1289 // relative order for SHF_LINK_ORDER sections. 1290 if (ctx.arg.relocatable) { 1291 ctx.script->adjustOutputSections(); 1292 return; 1293 } 1294 1295 sortInputSections(); 1296 1297 for (SectionCommand *cmd : ctx.script->sectionCommands) 1298 if (auto *osd = dyn_cast<OutputDesc>(cmd)) 1299 osd->osec.sortRank = getSectionRank(ctx, osd->osec); 1300 if (!ctx.script->hasSectionsCommand) { 1301 // OutputDescs are mostly contiguous, but may be interleaved with 1302 // SymbolAssignments in the presence of INSERT commands. 1303 auto mid = std::stable_partition( 1304 ctx.script->sectionCommands.begin(), ctx.script->sectionCommands.end(), 1305 [](SectionCommand *cmd) { return isa<OutputDesc>(cmd); }); 1306 std::stable_sort( 1307 ctx.script->sectionCommands.begin(), mid, 1308 [&ctx = ctx](auto *l, auto *r) { return compareSections(ctx, l, r); }); 1309 } 1310 1311 // Process INSERT commands and update output section attributes. From this 1312 // point onwards the order of script->sectionCommands is fixed. 1313 ctx.script->processInsertCommands(); 1314 ctx.script->adjustOutputSections(); 1315 1316 if (ctx.script->hasSectionsCommand) 1317 sortOrphanSections(); 1318 1319 ctx.script->adjustSectionsAfterSorting(); 1320 } 1321 1322 template <class ELFT> void Writer<ELFT>::sortOrphanSections() { 1323 // Orphan sections are sections present in the input files which are 1324 // not explicitly placed into the output file by the linker script. 1325 // 1326 // The sections in the linker script are already in the correct 1327 // order. We have to figuere out where to insert the orphan 1328 // sections. 1329 // 1330 // The order of the sections in the script is arbitrary and may not agree with 1331 // compareSections. This means that we cannot easily define a strict weak 1332 // ordering. To see why, consider a comparison of a section in the script and 1333 // one not in the script. We have a two simple options: 1334 // * Make them equivalent (a is not less than b, and b is not less than a). 1335 // The problem is then that equivalence has to be transitive and we can 1336 // have sections a, b and c with only b in a script and a less than c 1337 // which breaks this property. 1338 // * Use compareSectionsNonScript. Given that the script order doesn't have 1339 // to match, we can end up with sections a, b, c, d where b and c are in the 1340 // script and c is compareSectionsNonScript less than b. In which case d 1341 // can be equivalent to c, a to b and d < a. As a concrete example: 1342 // .a (rx) # not in script 1343 // .b (rx) # in script 1344 // .c (ro) # in script 1345 // .d (ro) # not in script 1346 // 1347 // The way we define an order then is: 1348 // * Sort only the orphan sections. They are in the end right now. 1349 // * Move each orphan section to its preferred position. We try 1350 // to put each section in the last position where it can share 1351 // a PT_LOAD. 1352 // 1353 // There is some ambiguity as to where exactly a new entry should be 1354 // inserted, because Commands contains not only output section 1355 // commands but also other types of commands such as symbol assignment 1356 // expressions. There's no correct answer here due to the lack of the 1357 // formal specification of the linker script. We use heuristics to 1358 // determine whether a new output command should be added before or 1359 // after another commands. For the details, look at shouldSkip 1360 // function. 1361 1362 auto i = ctx.script->sectionCommands.begin(); 1363 auto e = ctx.script->sectionCommands.end(); 1364 auto nonScriptI = std::find_if(i, e, [](SectionCommand *cmd) { 1365 if (auto *osd = dyn_cast<OutputDesc>(cmd)) 1366 return osd->osec.sectionIndex == UINT32_MAX; 1367 return false; 1368 }); 1369 1370 // Sort the orphan sections. 1371 std::stable_sort(nonScriptI, e, [&ctx = ctx](auto *l, auto *r) { 1372 return compareSections(ctx, l, r); 1373 }); 1374 1375 // As a horrible special case, skip the first . assignment if it is before any 1376 // section. We do this because it is common to set a load address by starting 1377 // the script with ". = 0xabcd" and the expectation is that every section is 1378 // after that. 1379 auto firstSectionOrDotAssignment = 1380 std::find_if(i, e, [](SectionCommand *cmd) { return !shouldSkip(cmd); }); 1381 if (firstSectionOrDotAssignment != e && 1382 isa<SymbolAssignment>(**firstSectionOrDotAssignment)) 1383 ++firstSectionOrDotAssignment; 1384 i = firstSectionOrDotAssignment; 1385 1386 while (nonScriptI != e) { 1387 auto pos = findOrphanPos(ctx, i, nonScriptI); 1388 OutputSection *orphan = &cast<OutputDesc>(*nonScriptI)->osec; 1389 1390 // As an optimization, find all sections with the same sort rank 1391 // and insert them with one rotate. 1392 unsigned rank = orphan->sortRank; 1393 auto end = std::find_if(nonScriptI + 1, e, [=](SectionCommand *cmd) { 1394 return cast<OutputDesc>(cmd)->osec.sortRank != rank; 1395 }); 1396 std::rotate(pos, nonScriptI, end); 1397 nonScriptI = end; 1398 } 1399 } 1400 1401 static bool compareByFilePosition(InputSection *a, InputSection *b) { 1402 InputSection *la = a->flags & SHF_LINK_ORDER ? a->getLinkOrderDep() : nullptr; 1403 InputSection *lb = b->flags & SHF_LINK_ORDER ? b->getLinkOrderDep() : nullptr; 1404 // SHF_LINK_ORDER sections with non-zero sh_link are ordered before 1405 // non-SHF_LINK_ORDER sections and SHF_LINK_ORDER sections with zero sh_link. 1406 if (!la || !lb) 1407 return la && !lb; 1408 OutputSection *aOut = la->getParent(); 1409 OutputSection *bOut = lb->getParent(); 1410 1411 if (aOut == bOut) 1412 return la->outSecOff < lb->outSecOff; 1413 if (aOut->addr == bOut->addr) 1414 return aOut->sectionIndex < bOut->sectionIndex; 1415 return aOut->addr < bOut->addr; 1416 } 1417 1418 template <class ELFT> void Writer<ELFT>::resolveShfLinkOrder() { 1419 llvm::TimeTraceScope timeScope("Resolve SHF_LINK_ORDER"); 1420 for (OutputSection *sec : ctx.outputSections) { 1421 if (!(sec->flags & SHF_LINK_ORDER)) 1422 continue; 1423 1424 // The ARM.exidx section use SHF_LINK_ORDER, but we have consolidated 1425 // this processing inside the ARMExidxsyntheticsection::finalizeContents(). 1426 if (!ctx.arg.relocatable && ctx.arg.emachine == EM_ARM && 1427 sec->type == SHT_ARM_EXIDX) 1428 continue; 1429 1430 // Link order may be distributed across several InputSectionDescriptions. 1431 // Sorting is performed separately. 1432 SmallVector<InputSection **, 0> scriptSections; 1433 SmallVector<InputSection *, 0> sections; 1434 for (SectionCommand *cmd : sec->commands) { 1435 auto *isd = dyn_cast<InputSectionDescription>(cmd); 1436 if (!isd) 1437 continue; 1438 bool hasLinkOrder = false; 1439 scriptSections.clear(); 1440 sections.clear(); 1441 for (InputSection *&isec : isd->sections) { 1442 if (isec->flags & SHF_LINK_ORDER) { 1443 InputSection *link = isec->getLinkOrderDep(); 1444 if (link && !link->getParent()) 1445 ErrAlways(ctx) << isec << ": sh_link points to discarded section " 1446 << link; 1447 hasLinkOrder = true; 1448 } 1449 scriptSections.push_back(&isec); 1450 sections.push_back(isec); 1451 } 1452 if (hasLinkOrder && errCount(ctx) == 0) { 1453 llvm::stable_sort(sections, compareByFilePosition); 1454 for (int i = 0, n = sections.size(); i != n; ++i) 1455 *scriptSections[i] = sections[i]; 1456 } 1457 } 1458 } 1459 } 1460 1461 static void finalizeSynthetic(Ctx &ctx, SyntheticSection *sec) { 1462 if (sec && sec->isNeeded() && sec->getParent()) { 1463 llvm::TimeTraceScope timeScope("Finalize synthetic sections", sec->name); 1464 sec->finalizeContents(); 1465 } 1466 } 1467 1468 static bool canInsertPadding(OutputSection *sec) { 1469 StringRef s = sec->name; 1470 return s == ".bss" || s == ".data" || s == ".data.rel.ro" || s == ".lbss" || 1471 s == ".ldata" || s == ".lrodata" || s == ".ltext" || s == ".rodata" || 1472 s.starts_with(".text"); 1473 } 1474 1475 static void randomizeSectionPadding(Ctx &ctx) { 1476 std::mt19937 g(*ctx.arg.randomizeSectionPadding); 1477 PhdrEntry *curPtLoad = nullptr; 1478 for (OutputSection *os : ctx.outputSections) { 1479 if (!canInsertPadding(os)) 1480 continue; 1481 for (SectionCommand *bc : os->commands) { 1482 if (auto *isd = dyn_cast<InputSectionDescription>(bc)) { 1483 SmallVector<InputSection *, 0> tmp; 1484 if (os->ptLoad != curPtLoad) { 1485 tmp.push_back(make<RandomizePaddingSection>( 1486 ctx, g() % ctx.arg.maxPageSize, os)); 1487 curPtLoad = os->ptLoad; 1488 } 1489 for (InputSection *isec : isd->sections) { 1490 // Probability of inserting padding is 1 in 16. 1491 if (g() % 16 == 0) 1492 tmp.push_back( 1493 make<RandomizePaddingSection>(ctx, isec->addralign, os)); 1494 tmp.push_back(isec); 1495 } 1496 isd->sections = std::move(tmp); 1497 } 1498 } 1499 } 1500 } 1501 1502 // We need to generate and finalize the content that depends on the address of 1503 // InputSections. As the generation of the content may also alter InputSection 1504 // addresses we must converge to a fixed point. We do that here. See the comment 1505 // in Writer<ELFT>::finalizeSections(). 1506 template <class ELFT> void Writer<ELFT>::finalizeAddressDependentContent() { 1507 llvm::TimeTraceScope timeScope("Finalize address dependent content"); 1508 AArch64Err843419Patcher a64p(ctx); 1509 ARMErr657417Patcher a32p(ctx); 1510 ctx.script->assignAddresses(); 1511 1512 // .ARM.exidx and SHF_LINK_ORDER do not require precise addresses, but they 1513 // do require the relative addresses of OutputSections because linker scripts 1514 // can assign Virtual Addresses to OutputSections that are not monotonically 1515 // increasing. Anything here must be repeatable, since spilling may change 1516 // section order. 1517 const auto finalizeOrderDependentContent = [this] { 1518 for (Partition &part : ctx.partitions) 1519 finalizeSynthetic(ctx, part.armExidx.get()); 1520 resolveShfLinkOrder(); 1521 }; 1522 finalizeOrderDependentContent(); 1523 1524 // Converts call x@GDPLT to call __tls_get_addr 1525 if (ctx.arg.emachine == EM_HEXAGON) 1526 hexagonTLSSymbolUpdate(ctx); 1527 1528 if (ctx.arg.randomizeSectionPadding) 1529 randomizeSectionPadding(ctx); 1530 1531 uint32_t pass = 0, assignPasses = 0; 1532 for (;;) { 1533 bool changed = ctx.target->needsThunks 1534 ? tc.createThunks(pass, ctx.outputSections) 1535 : ctx.target->relaxOnce(pass); 1536 bool spilled = ctx.script->spillSections(); 1537 changed |= spilled; 1538 ++pass; 1539 1540 // With Thunk Size much smaller than branch range we expect to 1541 // converge quickly; if we get to 30 something has gone wrong. 1542 if (changed && pass >= 30) { 1543 Err(ctx) << "address assignment did not converge"; 1544 break; 1545 } 1546 1547 if (ctx.arg.fixCortexA53Errata843419) { 1548 if (changed) 1549 ctx.script->assignAddresses(); 1550 changed |= a64p.createFixes(); 1551 } 1552 if (ctx.arg.fixCortexA8) { 1553 if (changed) 1554 ctx.script->assignAddresses(); 1555 changed |= a32p.createFixes(); 1556 } 1557 1558 finalizeSynthetic(ctx, ctx.in.got.get()); 1559 if (ctx.in.mipsGot) 1560 ctx.in.mipsGot->updateAllocSize(ctx); 1561 1562 for (Partition &part : ctx.partitions) { 1563 // The R_AARCH64_AUTH_RELATIVE has a smaller addend field as bits [63:32] 1564 // encode the signing schema. We've put relocations in .relr.auth.dyn 1565 // during RelocationScanner::processAux, but the target VA for some of 1566 // them might be wider than 32 bits. We can only know the final VA at this 1567 // point, so move relocations with large values from .relr.auth.dyn to 1568 // .rela.dyn. See also AArch64::relocate. 1569 if (part.relrAuthDyn) { 1570 auto it = llvm::remove_if( 1571 part.relrAuthDyn->relocs, [this, &part](const RelativeReloc &elem) { 1572 const Relocation &reloc = elem.inputSec->relocs()[elem.relocIdx]; 1573 if (isInt<32>(reloc.sym->getVA(ctx, reloc.addend))) 1574 return false; 1575 part.relaDyn->addReloc({R_AARCH64_AUTH_RELATIVE, elem.inputSec, 1576 reloc.offset, 1577 DynamicReloc::AddendOnlyWithTargetVA, 1578 *reloc.sym, reloc.addend, R_ABS}); 1579 return true; 1580 }); 1581 changed |= (it != part.relrAuthDyn->relocs.end()); 1582 part.relrAuthDyn->relocs.erase(it, part.relrAuthDyn->relocs.end()); 1583 } 1584 if (part.relaDyn) 1585 changed |= part.relaDyn->updateAllocSize(ctx); 1586 if (part.relrDyn) 1587 changed |= part.relrDyn->updateAllocSize(ctx); 1588 if (part.relrAuthDyn) 1589 changed |= part.relrAuthDyn->updateAllocSize(ctx); 1590 if (part.memtagGlobalDescriptors) 1591 changed |= part.memtagGlobalDescriptors->updateAllocSize(ctx); 1592 } 1593 1594 std::pair<const OutputSection *, const Defined *> changes = 1595 ctx.script->assignAddresses(); 1596 if (!changed) { 1597 // Some symbols may be dependent on section addresses. When we break the 1598 // loop, the symbol values are finalized because a previous 1599 // assignAddresses() finalized section addresses. 1600 if (!changes.first && !changes.second) 1601 break; 1602 if (++assignPasses == 5) { 1603 if (changes.first) 1604 Err(ctx) << "address (0x" << Twine::utohexstr(changes.first->addr) 1605 << ") of section '" << changes.first->name 1606 << "' does not converge"; 1607 if (changes.second) 1608 Err(ctx) << "assignment to symbol " << changes.second 1609 << " does not converge"; 1610 break; 1611 } 1612 } else if (spilled) { 1613 // Spilling can change relative section order. 1614 finalizeOrderDependentContent(); 1615 } 1616 } 1617 if (!ctx.arg.relocatable) 1618 ctx.target->finalizeRelax(pass); 1619 1620 if (ctx.arg.relocatable) 1621 for (OutputSection *sec : ctx.outputSections) 1622 sec->addr = 0; 1623 1624 uint64_t imageBase = ctx.script->hasSectionsCommand || ctx.arg.relocatable 1625 ? 0 1626 : ctx.target->getImageBase(); 1627 for (SectionCommand *cmd : ctx.script->sectionCommands) { 1628 auto *osd = dyn_cast<OutputDesc>(cmd); 1629 if (!osd) 1630 continue; 1631 OutputSection *osec = &osd->osec; 1632 // Error if the address is below the image base when SECTIONS is absent 1633 // (e.g. when -Ttext is specified and smaller than the default target image 1634 // base for no-pie). 1635 if (osec->addr < imageBase && (osec->flags & SHF_ALLOC)) { 1636 Err(ctx) << "section '" << osec->name << "' address (0x" 1637 << Twine::utohexstr(osec->addr) 1638 << ") is smaller than image base (0x" 1639 << Twine::utohexstr(imageBase) << "); specify --image-base"; 1640 } 1641 1642 // If addrExpr is set, the address may not be a multiple of the alignment. 1643 // Warn because this is error-prone. 1644 if (osec->addr % osec->addralign != 0) 1645 Warn(ctx) << "address (0x" << Twine::utohexstr(osec->addr) 1646 << ") of section " << osec->name 1647 << " is not a multiple of alignment (" << osec->addralign 1648 << ")"; 1649 } 1650 1651 // Sizes are no longer allowed to grow, so all allowable spills have been 1652 // taken. Remove any leftover potential spills. 1653 ctx.script->erasePotentialSpillSections(); 1654 } 1655 1656 // If Input Sections have been shrunk (basic block sections) then 1657 // update symbol values and sizes associated with these sections. With basic 1658 // block sections, input sections can shrink when the jump instructions at 1659 // the end of the section are relaxed. 1660 static void fixSymbolsAfterShrinking(Ctx &ctx) { 1661 for (InputFile *File : ctx.objectFiles) { 1662 parallelForEach(File->getSymbols(), [&](Symbol *Sym) { 1663 auto *def = dyn_cast<Defined>(Sym); 1664 if (!def) 1665 return; 1666 1667 const SectionBase *sec = def->section; 1668 if (!sec) 1669 return; 1670 1671 const InputSectionBase *inputSec = dyn_cast<InputSectionBase>(sec); 1672 if (!inputSec || !inputSec->bytesDropped) 1673 return; 1674 1675 const size_t OldSize = inputSec->content().size(); 1676 const size_t NewSize = OldSize - inputSec->bytesDropped; 1677 1678 if (def->value > NewSize && def->value <= OldSize) { 1679 LLVM_DEBUG(llvm::dbgs() 1680 << "Moving symbol " << Sym->getName() << " from " 1681 << def->value << " to " 1682 << def->value - inputSec->bytesDropped << " bytes\n"); 1683 def->value -= inputSec->bytesDropped; 1684 return; 1685 } 1686 1687 if (def->value + def->size > NewSize && def->value <= OldSize && 1688 def->value + def->size <= OldSize) { 1689 LLVM_DEBUG(llvm::dbgs() 1690 << "Shrinking symbol " << Sym->getName() << " from " 1691 << def->size << " to " << def->size - inputSec->bytesDropped 1692 << " bytes\n"); 1693 def->size -= inputSec->bytesDropped; 1694 } 1695 }); 1696 } 1697 } 1698 1699 // If basic block sections exist, there are opportunities to delete fall thru 1700 // jumps and shrink jump instructions after basic block reordering. This 1701 // relaxation pass does that. It is only enabled when --optimize-bb-jumps 1702 // option is used. 1703 template <class ELFT> void Writer<ELFT>::optimizeBasicBlockJumps() { 1704 assert(ctx.arg.optimizeBBJumps); 1705 SmallVector<InputSection *, 0> storage; 1706 1707 ctx.script->assignAddresses(); 1708 // For every output section that has executable input sections, this 1709 // does the following: 1710 // 1. Deletes all direct jump instructions in input sections that 1711 // jump to the following section as it is not required. 1712 // 2. If there are two consecutive jump instructions, it checks 1713 // if they can be flipped and one can be deleted. 1714 for (OutputSection *osec : ctx.outputSections) { 1715 if (!(osec->flags & SHF_EXECINSTR)) 1716 continue; 1717 ArrayRef<InputSection *> sections = getInputSections(*osec, storage); 1718 size_t numDeleted = 0; 1719 // Delete all fall through jump instructions. Also, check if two 1720 // consecutive jump instructions can be flipped so that a fall 1721 // through jmp instruction can be deleted. 1722 for (size_t i = 0, e = sections.size(); i != e; ++i) { 1723 InputSection *next = i + 1 < sections.size() ? sections[i + 1] : nullptr; 1724 InputSection &sec = *sections[i]; 1725 numDeleted += ctx.target->deleteFallThruJmpInsn(sec, sec.file, next); 1726 } 1727 if (numDeleted > 0) { 1728 ctx.script->assignAddresses(); 1729 LLVM_DEBUG(llvm::dbgs() 1730 << "Removing " << numDeleted << " fall through jumps\n"); 1731 } 1732 } 1733 1734 fixSymbolsAfterShrinking(ctx); 1735 1736 for (OutputSection *osec : ctx.outputSections) 1737 for (InputSection *is : getInputSections(*osec, storage)) 1738 is->trim(); 1739 } 1740 1741 // In order to allow users to manipulate linker-synthesized sections, 1742 // we had to add synthetic sections to the input section list early, 1743 // even before we make decisions whether they are needed. This allows 1744 // users to write scripts like this: ".mygot : { .got }". 1745 // 1746 // Doing it has an unintended side effects. If it turns out that we 1747 // don't need a .got (for example) at all because there's no 1748 // relocation that needs a .got, we don't want to emit .got. 1749 // 1750 // To deal with the above problem, this function is called after 1751 // scanRelocations is called to remove synthetic sections that turn 1752 // out to be empty. 1753 static void removeUnusedSyntheticSections(Ctx &ctx) { 1754 // All input synthetic sections that can be empty are placed after 1755 // all regular ones. Reverse iterate to find the first synthetic section 1756 // after a non-synthetic one which will be our starting point. 1757 auto start = 1758 llvm::find_if(llvm::reverse(ctx.inputSections), [](InputSectionBase *s) { 1759 return !isa<SyntheticSection>(s); 1760 }).base(); 1761 1762 // Remove unused synthetic sections from ctx.inputSections; 1763 DenseSet<InputSectionBase *> unused; 1764 auto end = 1765 std::remove_if(start, ctx.inputSections.end(), [&](InputSectionBase *s) { 1766 auto *sec = cast<SyntheticSection>(s); 1767 if (sec->getParent() && sec->isNeeded()) 1768 return false; 1769 // .relr.auth.dyn relocations may be moved to .rela.dyn in 1770 // finalizeAddressDependentContent, making .rela.dyn no longer empty. 1771 // Conservatively keep .rela.dyn. .relr.auth.dyn can be made empty, but 1772 // we would fail to remove it here. 1773 if (ctx.arg.emachine == EM_AARCH64 && ctx.arg.relrPackDynRelocs && 1774 sec == ctx.mainPart->relaDyn.get()) 1775 return false; 1776 unused.insert(sec); 1777 return true; 1778 }); 1779 ctx.inputSections.erase(end, ctx.inputSections.end()); 1780 1781 // Remove unused synthetic sections from the corresponding input section 1782 // description and orphanSections. 1783 for (auto *sec : unused) 1784 if (OutputSection *osec = cast<SyntheticSection>(sec)->getParent()) 1785 for (SectionCommand *cmd : osec->commands) 1786 if (auto *isd = dyn_cast<InputSectionDescription>(cmd)) 1787 llvm::erase_if(isd->sections, [&](InputSection *isec) { 1788 return unused.count(isec); 1789 }); 1790 llvm::erase_if(ctx.script->orphanSections, [&](const InputSectionBase *sec) { 1791 return unused.count(sec); 1792 }); 1793 } 1794 1795 // Create output section objects and add them to OutputSections. 1796 template <class ELFT> void Writer<ELFT>::finalizeSections() { 1797 if (!ctx.arg.relocatable) { 1798 ctx.out.preinitArray = findSection(ctx, ".preinit_array"); 1799 ctx.out.initArray = findSection(ctx, ".init_array"); 1800 ctx.out.finiArray = findSection(ctx, ".fini_array"); 1801 1802 // The linker needs to define SECNAME_start, SECNAME_end and SECNAME_stop 1803 // symbols for sections, so that the runtime can get the start and end 1804 // addresses of each section by section name. Add such symbols. 1805 addStartEndSymbols(); 1806 for (SectionCommand *cmd : ctx.script->sectionCommands) 1807 if (auto *osd = dyn_cast<OutputDesc>(cmd)) 1808 addStartStopSymbols(osd->osec); 1809 1810 // Add _DYNAMIC symbol. Unlike GNU gold, our _DYNAMIC symbol has no type. 1811 // It should be okay as no one seems to care about the type. 1812 // Even the author of gold doesn't remember why gold behaves that way. 1813 // https://sourceware.org/ml/binutils/2002-03/msg00360.html 1814 if (ctx.mainPart->dynamic->parent) { 1815 Symbol *s = ctx.symtab->addSymbol(Defined{ 1816 ctx, ctx.internalFile, "_DYNAMIC", STB_WEAK, STV_HIDDEN, STT_NOTYPE, 1817 /*value=*/0, /*size=*/0, ctx.mainPart->dynamic.get()}); 1818 s->isUsedInRegularObj = true; 1819 } 1820 1821 // Define __rel[a]_iplt_{start,end} symbols if needed. 1822 addRelIpltSymbols(); 1823 1824 // RISC-V's gp can address +/- 2 KiB, set it to .sdata + 0x800. This symbol 1825 // should only be defined in an executable. If .sdata does not exist, its 1826 // value/section does not matter but it has to be relative, so set its 1827 // st_shndx arbitrarily to 1 (ctx.out.elfHeader). 1828 if (ctx.arg.emachine == EM_RISCV) { 1829 if (!ctx.arg.shared) { 1830 OutputSection *sec = findSection(ctx, ".sdata"); 1831 addOptionalRegular(ctx, "__global_pointer$", 1832 sec ? sec : ctx.out.elfHeader.get(), 0x800, 1833 STV_DEFAULT); 1834 // Set riscvGlobalPointer to be used by the optional global pointer 1835 // relaxation. 1836 if (ctx.arg.relaxGP) { 1837 Symbol *s = ctx.symtab->find("__global_pointer$"); 1838 if (s && s->isDefined()) 1839 ctx.sym.riscvGlobalPointer = cast<Defined>(s); 1840 } 1841 } 1842 } 1843 1844 if (ctx.arg.emachine == EM_386 || ctx.arg.emachine == EM_X86_64) { 1845 // On targets that support TLSDESC, _TLS_MODULE_BASE_ is defined in such a 1846 // way that: 1847 // 1848 // 1) Without relaxation: it produces a dynamic TLSDESC relocation that 1849 // computes 0. 1850 // 2) With LD->LE relaxation: _TLS_MODULE_BASE_@tpoff = 0 (lowest address 1851 // in the TLS block). 1852 // 1853 // 2) is special cased in @tpoff computation. To satisfy 1), we define it 1854 // as an absolute symbol of zero. This is different from GNU linkers which 1855 // define _TLS_MODULE_BASE_ relative to the first TLS section. 1856 Symbol *s = ctx.symtab->find("_TLS_MODULE_BASE_"); 1857 if (s && s->isUndefined()) { 1858 s->resolve(ctx, Defined{ctx, ctx.internalFile, StringRef(), STB_GLOBAL, 1859 STV_HIDDEN, STT_TLS, /*value=*/0, 0, 1860 /*section=*/nullptr}); 1861 ctx.sym.tlsModuleBase = cast<Defined>(s); 1862 } 1863 } 1864 1865 // This responsible for splitting up .eh_frame section into 1866 // pieces. The relocation scan uses those pieces, so this has to be 1867 // earlier. 1868 { 1869 llvm::TimeTraceScope timeScope("Finalize .eh_frame"); 1870 for (Partition &part : ctx.partitions) 1871 finalizeSynthetic(ctx, part.ehFrame.get()); 1872 } 1873 } 1874 1875 // If the previous code block defines any non-hidden symbols (e.g. 1876 // __global_pointer$), they may be exported. 1877 if (ctx.arg.exportDynamic) 1878 for (Symbol *sym : ctx.synthesizedSymbols) 1879 if (sym->computeBinding(ctx) != STB_LOCAL) 1880 sym->isExported = true; 1881 1882 demoteSymbolsAndComputeIsPreemptible(ctx); 1883 1884 if (ctx.arg.copyRelocs && ctx.arg.discard != DiscardPolicy::None) 1885 markUsedLocalSymbols<ELFT>(ctx); 1886 demoteAndCopyLocalSymbols(ctx); 1887 1888 if (ctx.arg.copyRelocs) 1889 addSectionSymbols(); 1890 1891 // Change values of linker-script-defined symbols from placeholders (assigned 1892 // by declareSymbols) to actual definitions. 1893 ctx.script->processSymbolAssignments(); 1894 1895 if (!ctx.arg.relocatable) { 1896 llvm::TimeTraceScope timeScope("Scan relocations"); 1897 // Scan relocations. This must be done after every symbol is declared so 1898 // that we can correctly decide if a dynamic relocation is needed. This is 1899 // called after processSymbolAssignments() because it needs to know whether 1900 // a linker-script-defined symbol is absolute. 1901 scanRelocations<ELFT>(ctx); 1902 reportUndefinedSymbols(ctx); 1903 postScanRelocations(ctx); 1904 1905 if (ctx.in.plt && ctx.in.plt->isNeeded()) 1906 ctx.in.plt->addSymbols(); 1907 if (ctx.in.iplt && ctx.in.iplt->isNeeded()) 1908 ctx.in.iplt->addSymbols(); 1909 1910 if (ctx.arg.unresolvedSymbolsInShlib != UnresolvedPolicy::Ignore) { 1911 auto diag = 1912 ctx.arg.unresolvedSymbolsInShlib == UnresolvedPolicy::ReportError && 1913 !ctx.arg.noinhibitExec 1914 ? DiagLevel::Err 1915 : DiagLevel::Warn; 1916 // Error on undefined symbols in a shared object, if all of its DT_NEEDED 1917 // entries are seen. These cases would otherwise lead to runtime errors 1918 // reported by the dynamic linker. 1919 // 1920 // ld.bfd traces all DT_NEEDED to emulate the logic of the dynamic linker 1921 // to catch more cases. That is too much for us. Our approach resembles 1922 // the one used in ld.gold, achieves a good balance to be useful but not 1923 // too smart. 1924 // 1925 // If a DSO reference is resolved by a SharedSymbol, but the SharedSymbol 1926 // is overridden by a hidden visibility Defined (which is later discarded 1927 // due to GC), don't report the diagnostic. However, this may indicate an 1928 // unintended SharedSymbol. 1929 for (SharedFile *file : ctx.sharedFiles) { 1930 bool allNeededIsKnown = 1931 llvm::all_of(file->dtNeeded, [&](StringRef needed) { 1932 return ctx.symtab->soNames.count(CachedHashStringRef(needed)); 1933 }); 1934 if (!allNeededIsKnown) 1935 continue; 1936 for (Symbol *sym : file->requiredSymbols) { 1937 if (sym->dsoDefined) 1938 continue; 1939 if (sym->isUndefined() && !sym->isWeak()) { 1940 ELFSyncStream(ctx, diag) 1941 << "undefined reference: " << sym << "\n>>> referenced by " 1942 << file << " (disallowed by --no-allow-shlib-undefined)"; 1943 } else if (sym->isDefined() && 1944 sym->computeBinding(ctx) == STB_LOCAL) { 1945 ELFSyncStream(ctx, diag) 1946 << "non-exported symbol '" << sym << "' in '" << sym->file 1947 << "' is referenced by DSO '" << file << "'"; 1948 } 1949 } 1950 } 1951 } 1952 } 1953 1954 { 1955 llvm::TimeTraceScope timeScope("Add symbols to symtabs"); 1956 // Now that we have defined all possible global symbols including linker- 1957 // synthesized ones. Visit all symbols to give the finishing touches. 1958 for (Symbol *sym : ctx.symtab->getSymbols()) { 1959 if (!sym->isUsedInRegularObj || !includeInSymtab(ctx, *sym)) 1960 continue; 1961 if (!ctx.arg.relocatable) 1962 sym->binding = sym->computeBinding(ctx); 1963 if (ctx.in.symTab) 1964 ctx.in.symTab->addSymbol(sym); 1965 1966 // computeBinding might localize a symbol that was considered exported 1967 // but then synthesized as hidden (e.g. _DYNAMIC). 1968 if ((sym->isExported || sym->isPreemptible) && !sym->isLocal()) { 1969 ctx.partitions[sym->partition - 1].dynSymTab->addSymbol(sym); 1970 if (auto *file = dyn_cast<SharedFile>(sym->file)) 1971 if (file->isNeeded && !sym->isUndefined()) 1972 addVerneed(ctx, *sym); 1973 } 1974 } 1975 1976 // We also need to scan the dynamic relocation tables of the other 1977 // partitions and add any referenced symbols to the partition's dynsym. 1978 for (Partition &part : 1979 MutableArrayRef<Partition>(ctx.partitions).slice(1)) { 1980 DenseSet<Symbol *> syms; 1981 for (const SymbolTableEntry &e : part.dynSymTab->getSymbols()) 1982 syms.insert(e.sym); 1983 for (DynamicReloc &reloc : part.relaDyn->relocs) 1984 if (reloc.sym && reloc.needsDynSymIndex() && 1985 syms.insert(reloc.sym).second) 1986 part.dynSymTab->addSymbol(reloc.sym); 1987 } 1988 } 1989 1990 if (ctx.in.mipsGot) 1991 ctx.in.mipsGot->build(); 1992 1993 removeUnusedSyntheticSections(ctx); 1994 ctx.script->diagnoseOrphanHandling(); 1995 ctx.script->diagnoseMissingSGSectionAddress(); 1996 1997 sortSections(); 1998 1999 // Create a list of OutputSections, assign sectionIndex, and populate 2000 // ctx.in.shStrTab. If -z nosectionheader is specified, drop non-ALLOC 2001 // sections. 2002 for (SectionCommand *cmd : ctx.script->sectionCommands) 2003 if (auto *osd = dyn_cast<OutputDesc>(cmd)) { 2004 OutputSection *osec = &osd->osec; 2005 if (!ctx.in.shStrTab && !(osec->flags & SHF_ALLOC)) 2006 continue; 2007 ctx.outputSections.push_back(osec); 2008 osec->sectionIndex = ctx.outputSections.size(); 2009 if (ctx.in.shStrTab) 2010 osec->shName = ctx.in.shStrTab->addString(osec->name); 2011 } 2012 2013 // Prefer command line supplied address over other constraints. 2014 for (OutputSection *sec : ctx.outputSections) { 2015 auto i = ctx.arg.sectionStartMap.find(sec->name); 2016 if (i != ctx.arg.sectionStartMap.end()) 2017 sec->addrExpr = [=] { return i->second; }; 2018 } 2019 2020 // With the ctx.outputSections available check for GDPLT relocations 2021 // and add __tls_get_addr symbol if needed. 2022 if (ctx.arg.emachine == EM_HEXAGON && 2023 hexagonNeedsTLSSymbol(ctx.outputSections)) { 2024 Symbol *sym = 2025 ctx.symtab->addSymbol(Undefined{ctx.internalFile, "__tls_get_addr", 2026 STB_GLOBAL, STV_DEFAULT, STT_NOTYPE}); 2027 sym->isPreemptible = true; 2028 ctx.partitions[0].dynSymTab->addSymbol(sym); 2029 } 2030 2031 // This is a bit of a hack. A value of 0 means undef, so we set it 2032 // to 1 to make __ehdr_start defined. The section number is not 2033 // particularly relevant. 2034 ctx.out.elfHeader->sectionIndex = 1; 2035 ctx.out.elfHeader->size = sizeof(typename ELFT::Ehdr); 2036 2037 // Binary and relocatable output does not have PHDRS. 2038 // The headers have to be created before finalize as that can influence the 2039 // image base and the dynamic section on mips includes the image base. 2040 if (!ctx.arg.relocatable && !ctx.arg.oFormatBinary) { 2041 for (Partition &part : ctx.partitions) { 2042 part.phdrs = ctx.script->hasPhdrsCommands() ? ctx.script->createPhdrs() 2043 : createPhdrs(part); 2044 if (ctx.arg.emachine == EM_ARM) { 2045 // PT_ARM_EXIDX is the ARM EHABI equivalent of PT_GNU_EH_FRAME 2046 addPhdrForSection(part, SHT_ARM_EXIDX, PT_ARM_EXIDX, PF_R); 2047 } 2048 if (ctx.arg.emachine == EM_MIPS) { 2049 // Add separate segments for MIPS-specific sections. 2050 addPhdrForSection(part, SHT_MIPS_REGINFO, PT_MIPS_REGINFO, PF_R); 2051 addPhdrForSection(part, SHT_MIPS_OPTIONS, PT_MIPS_OPTIONS, PF_R); 2052 addPhdrForSection(part, SHT_MIPS_ABIFLAGS, PT_MIPS_ABIFLAGS, PF_R); 2053 } 2054 if (ctx.arg.emachine == EM_RISCV) 2055 addPhdrForSection(part, SHT_RISCV_ATTRIBUTES, PT_RISCV_ATTRIBUTES, 2056 PF_R); 2057 } 2058 ctx.out.programHeaders->size = 2059 sizeof(Elf_Phdr) * ctx.mainPart->phdrs.size(); 2060 2061 // Find the TLS segment. This happens before the section layout loop so that 2062 // Android relocation packing can look up TLS symbol addresses. We only need 2063 // to care about the main partition here because all TLS symbols were moved 2064 // to the main partition (see MarkLive.cpp). 2065 for (auto &p : ctx.mainPart->phdrs) 2066 if (p->p_type == PT_TLS) 2067 ctx.tlsPhdr = p.get(); 2068 } 2069 2070 // Some symbols are defined in term of program headers. Now that we 2071 // have the headers, we can find out which sections they point to. 2072 setReservedSymbolSections(); 2073 2074 if (ctx.script->noCrossRefs.size()) { 2075 llvm::TimeTraceScope timeScope("Check NOCROSSREFS"); 2076 checkNoCrossRefs<ELFT>(ctx); 2077 } 2078 2079 { 2080 llvm::TimeTraceScope timeScope("Finalize synthetic sections"); 2081 2082 finalizeSynthetic(ctx, ctx.in.bss.get()); 2083 finalizeSynthetic(ctx, ctx.in.bssRelRo.get()); 2084 finalizeSynthetic(ctx, ctx.in.symTabShndx.get()); 2085 finalizeSynthetic(ctx, ctx.in.shStrTab.get()); 2086 finalizeSynthetic(ctx, ctx.in.strTab.get()); 2087 finalizeSynthetic(ctx, ctx.in.got.get()); 2088 finalizeSynthetic(ctx, ctx.in.mipsGot.get()); 2089 finalizeSynthetic(ctx, ctx.in.igotPlt.get()); 2090 finalizeSynthetic(ctx, ctx.in.gotPlt.get()); 2091 finalizeSynthetic(ctx, ctx.in.relaPlt.get()); 2092 finalizeSynthetic(ctx, ctx.in.plt.get()); 2093 finalizeSynthetic(ctx, ctx.in.iplt.get()); 2094 finalizeSynthetic(ctx, ctx.in.ppc32Got2.get()); 2095 finalizeSynthetic(ctx, ctx.in.partIndex.get()); 2096 2097 // Dynamic section must be the last one in this list and dynamic 2098 // symbol table section (dynSymTab) must be the first one. 2099 for (Partition &part : ctx.partitions) { 2100 if (part.relaDyn) { 2101 part.relaDyn->mergeRels(); 2102 // Compute DT_RELACOUNT to be used by part.dynamic. 2103 part.relaDyn->partitionRels(); 2104 finalizeSynthetic(ctx, part.relaDyn.get()); 2105 } 2106 if (part.relrDyn) { 2107 part.relrDyn->mergeRels(); 2108 finalizeSynthetic(ctx, part.relrDyn.get()); 2109 } 2110 if (part.relrAuthDyn) { 2111 part.relrAuthDyn->mergeRels(); 2112 finalizeSynthetic(ctx, part.relrAuthDyn.get()); 2113 } 2114 2115 finalizeSynthetic(ctx, part.dynSymTab.get()); 2116 finalizeSynthetic(ctx, part.gnuHashTab.get()); 2117 finalizeSynthetic(ctx, part.hashTab.get()); 2118 finalizeSynthetic(ctx, part.verDef.get()); 2119 finalizeSynthetic(ctx, part.ehFrameHdr.get()); 2120 finalizeSynthetic(ctx, part.verSym.get()); 2121 finalizeSynthetic(ctx, part.verNeed.get()); 2122 finalizeSynthetic(ctx, part.dynamic.get()); 2123 } 2124 } 2125 2126 if (!ctx.script->hasSectionsCommand && !ctx.arg.relocatable) 2127 fixSectionAlignments(); 2128 2129 // This is used to: 2130 // 1) Create "thunks": 2131 // Jump instructions in many ISAs have small displacements, and therefore 2132 // they cannot jump to arbitrary addresses in memory. For example, RISC-V 2133 // JAL instruction can target only +-1 MiB from PC. It is a linker's 2134 // responsibility to create and insert small pieces of code between 2135 // sections to extend the ranges if jump targets are out of range. Such 2136 // code pieces are called "thunks". 2137 // 2138 // We add thunks at this stage. We couldn't do this before this point 2139 // because this is the earliest point where we know sizes of sections and 2140 // their layouts (that are needed to determine if jump targets are in 2141 // range). 2142 // 2143 // 2) Update the sections. We need to generate content that depends on the 2144 // address of InputSections. For example, MIPS GOT section content or 2145 // android packed relocations sections content. 2146 // 2147 // 3) Assign the final values for the linker script symbols. Linker scripts 2148 // sometimes using forward symbol declarations. We want to set the correct 2149 // values. They also might change after adding the thunks. 2150 finalizeAddressDependentContent(); 2151 2152 // All information needed for OutputSection part of Map file is available. 2153 if (errCount(ctx)) 2154 return; 2155 2156 { 2157 llvm::TimeTraceScope timeScope("Finalize synthetic sections"); 2158 // finalizeAddressDependentContent may have added local symbols to the 2159 // static symbol table. 2160 finalizeSynthetic(ctx, ctx.in.symTab.get()); 2161 finalizeSynthetic(ctx, ctx.in.debugNames.get()); 2162 finalizeSynthetic(ctx, ctx.in.ppc64LongBranchTarget.get()); 2163 finalizeSynthetic(ctx, ctx.in.armCmseSGSection.get()); 2164 } 2165 2166 // Relaxation to delete inter-basic block jumps created by basic block 2167 // sections. Run after ctx.in.symTab is finalized as optimizeBasicBlockJumps 2168 // can relax jump instructions based on symbol offset. 2169 if (ctx.arg.optimizeBBJumps) 2170 optimizeBasicBlockJumps(); 2171 2172 // Fill other section headers. The dynamic table is finalized 2173 // at the end because some tags like RELSZ depend on result 2174 // of finalizing other sections. 2175 for (OutputSection *sec : ctx.outputSections) 2176 sec->finalize(ctx); 2177 2178 ctx.script->checkFinalScriptConditions(); 2179 2180 if (ctx.arg.emachine == EM_ARM && !ctx.arg.isLE && ctx.arg.armBe8) { 2181 addArmInputSectionMappingSymbols(ctx); 2182 sortArmMappingSymbols(ctx); 2183 } 2184 } 2185 2186 // Ensure data sections are not mixed with executable sections when 2187 // --execute-only is used. --execute-only make pages executable but not 2188 // readable. 2189 template <class ELFT> void Writer<ELFT>::checkExecuteOnly() { 2190 if (!ctx.arg.executeOnly) 2191 return; 2192 2193 SmallVector<InputSection *, 0> storage; 2194 for (OutputSection *osec : ctx.outputSections) 2195 if (osec->flags & SHF_EXECINSTR) 2196 for (InputSection *isec : getInputSections(*osec, storage)) 2197 if (!(isec->flags & SHF_EXECINSTR)) 2198 ErrAlways(ctx) << "cannot place " << isec << " into " << osec->name 2199 << ": --execute-only does not support intermingling " 2200 "data and code"; 2201 } 2202 2203 // Check which input sections of RX output sections don't have the 2204 // SHF_AARCH64_PURECODE or SHF_ARM_PURECODE flag set. 2205 template <class ELFT> void Writer<ELFT>::checkExecuteOnlyReport() { 2206 if (ctx.arg.zExecuteOnlyReport == ReportPolicy::None) 2207 return; 2208 2209 auto reportUnless = [&](bool cond) -> ELFSyncStream { 2210 if (cond) 2211 return {ctx, DiagLevel::None}; 2212 return {ctx, toDiagLevel(ctx.arg.zExecuteOnlyReport)}; 2213 }; 2214 2215 uint64_t purecodeFlag = 2216 ctx.arg.emachine == EM_AARCH64 ? SHF_AARCH64_PURECODE : SHF_ARM_PURECODE; 2217 StringRef purecodeFlagName = ctx.arg.emachine == EM_AARCH64 2218 ? "SHF_AARCH64_PURECODE" 2219 : "SHF_ARM_PURECODE"; 2220 SmallVector<InputSection *, 0> storage; 2221 for (OutputSection *osec : ctx.outputSections) { 2222 if (osec->getPhdrFlags() != (PF_R | PF_X)) 2223 continue; 2224 for (InputSection *sec : getInputSections(*osec, storage)) { 2225 if (isa<SyntheticSection>(sec)) 2226 continue; 2227 reportUnless(sec->flags & purecodeFlag) 2228 << "-z execute-only-report: " << sec << " does not have " 2229 << purecodeFlagName << " flag set"; 2230 } 2231 } 2232 } 2233 2234 // The linker is expected to define SECNAME_start and SECNAME_end 2235 // symbols for a few sections. This function defines them. 2236 template <class ELFT> void Writer<ELFT>::addStartEndSymbols() { 2237 // If the associated output section does not exist, there is ambiguity as to 2238 // how we define _start and _end symbols for an init/fini section. Users 2239 // expect no "undefined symbol" linker errors and loaders expect equal 2240 // st_value but do not particularly care whether the symbols are defined or 2241 // not. We retain the output section so that the section indexes will be 2242 // correct. 2243 auto define = [=](StringRef start, StringRef end, OutputSection *os) { 2244 if (os) { 2245 Defined *startSym = addOptionalRegular(ctx, start, os, 0); 2246 Defined *stopSym = addOptionalRegular(ctx, end, os, -1); 2247 if (startSym || stopSym) 2248 os->usedInExpression = true; 2249 } else { 2250 addOptionalRegular(ctx, start, ctx.out.elfHeader.get(), 0); 2251 addOptionalRegular(ctx, end, ctx.out.elfHeader.get(), 0); 2252 } 2253 }; 2254 2255 define("__preinit_array_start", "__preinit_array_end", ctx.out.preinitArray); 2256 define("__init_array_start", "__init_array_end", ctx.out.initArray); 2257 define("__fini_array_start", "__fini_array_end", ctx.out.finiArray); 2258 2259 // As a special case, don't unnecessarily retain .ARM.exidx, which would 2260 // create an empty PT_ARM_EXIDX. 2261 if (OutputSection *sec = findSection(ctx, ".ARM.exidx")) 2262 define("__exidx_start", "__exidx_end", sec); 2263 } 2264 2265 // If a section name is valid as a C identifier (which is rare because of 2266 // the leading '.'), linkers are expected to define __start_<secname> and 2267 // __stop_<secname> symbols. They are at beginning and end of the section, 2268 // respectively. This is not requested by the ELF standard, but GNU ld and 2269 // gold provide the feature, and used by many programs. 2270 template <class ELFT> 2271 void Writer<ELFT>::addStartStopSymbols(OutputSection &osec) { 2272 StringRef s = osec.name; 2273 if (!isValidCIdentifier(s)) 2274 return; 2275 StringSaver &ss = ctx.saver; 2276 Defined *startSym = addOptionalRegular(ctx, ss.save("__start_" + s), &osec, 0, 2277 ctx.arg.zStartStopVisibility); 2278 Defined *stopSym = addOptionalRegular(ctx, ss.save("__stop_" + s), &osec, -1, 2279 ctx.arg.zStartStopVisibility); 2280 if (startSym || stopSym) 2281 osec.usedInExpression = true; 2282 } 2283 2284 static bool needsPtLoad(OutputSection *sec) { 2285 if (!(sec->flags & SHF_ALLOC)) 2286 return false; 2287 2288 // Don't allocate VA space for TLS NOBITS sections. The PT_TLS PHDR is 2289 // responsible for allocating space for them, not the PT_LOAD that 2290 // contains the TLS initialization image. 2291 if ((sec->flags & SHF_TLS) && sec->type == SHT_NOBITS) 2292 return false; 2293 return true; 2294 } 2295 2296 // Adjust phdr flags according to certain options. 2297 static uint64_t computeFlags(Ctx &ctx, uint64_t flags) { 2298 if (ctx.arg.omagic) 2299 return PF_R | PF_W | PF_X; 2300 if (ctx.arg.executeOnly && (flags & PF_X)) 2301 return flags & ~PF_R; 2302 return flags; 2303 } 2304 2305 // Decide which program headers to create and which sections to include in each 2306 // one. 2307 template <class ELFT> 2308 SmallVector<std::unique_ptr<PhdrEntry>, 0> 2309 Writer<ELFT>::createPhdrs(Partition &part) { 2310 SmallVector<std::unique_ptr<PhdrEntry>, 0> ret; 2311 auto addHdr = [&, &ctx = ctx](unsigned type, unsigned flags) -> PhdrEntry * { 2312 ret.push_back(std::make_unique<PhdrEntry>(ctx, type, flags)); 2313 return ret.back().get(); 2314 }; 2315 2316 unsigned partNo = part.getNumber(ctx); 2317 bool isMain = partNo == 1; 2318 2319 // Add the first PT_LOAD segment for regular output sections. 2320 uint64_t flags = computeFlags(ctx, PF_R); 2321 PhdrEntry *load = nullptr; 2322 2323 // nmagic or omagic output does not have PT_PHDR, PT_INTERP, or the readonly 2324 // PT_LOAD. 2325 if (!ctx.arg.nmagic && !ctx.arg.omagic) { 2326 // The first phdr entry is PT_PHDR which describes the program header 2327 // itself. 2328 if (isMain) 2329 addHdr(PT_PHDR, PF_R)->add(ctx.out.programHeaders.get()); 2330 else 2331 addHdr(PT_PHDR, PF_R)->add(part.programHeaders->getParent()); 2332 2333 // PT_INTERP must be the second entry if exists. 2334 if (OutputSection *cmd = findSection(ctx, ".interp", partNo)) 2335 addHdr(PT_INTERP, cmd->getPhdrFlags())->add(cmd); 2336 2337 // Add the headers. We will remove them if they don't fit. 2338 // In the other partitions the headers are ordinary sections, so they don't 2339 // need to be added here. 2340 if (isMain) { 2341 load = addHdr(PT_LOAD, flags); 2342 load->add(ctx.out.elfHeader.get()); 2343 load->add(ctx.out.programHeaders.get()); 2344 } 2345 } 2346 2347 // PT_GNU_RELRO includes all sections that should be marked as 2348 // read-only by dynamic linker after processing relocations. 2349 // Current dynamic loaders only support one PT_GNU_RELRO PHDR, give 2350 // an error message if more than one PT_GNU_RELRO PHDR is required. 2351 auto relRo = std::make_unique<PhdrEntry>(ctx, PT_GNU_RELRO, PF_R); 2352 bool inRelroPhdr = false; 2353 OutputSection *relroEnd = nullptr; 2354 for (OutputSection *sec : ctx.outputSections) { 2355 if (sec->partition != partNo || !needsPtLoad(sec)) 2356 continue; 2357 if (isRelroSection(ctx, sec)) { 2358 inRelroPhdr = true; 2359 if (!relroEnd) 2360 relRo->add(sec); 2361 else 2362 ErrAlways(ctx) << "section: " << sec->name 2363 << " is not contiguous with other relro" << " sections"; 2364 } else if (inRelroPhdr) { 2365 inRelroPhdr = false; 2366 relroEnd = sec; 2367 } 2368 } 2369 relRo->p_align = 1; 2370 2371 for (OutputSection *sec : ctx.outputSections) { 2372 if (!needsPtLoad(sec)) 2373 continue; 2374 2375 // Normally, sections in partitions other than the current partition are 2376 // ignored. But partition number 255 is a special case: it contains the 2377 // partition end marker (.part.end). It needs to be added to the main 2378 // partition so that a segment is created for it in the main partition, 2379 // which will cause the dynamic loader to reserve space for the other 2380 // partitions. 2381 if (sec->partition != partNo) { 2382 if (isMain && sec->partition == 255) 2383 addHdr(PT_LOAD, computeFlags(ctx, sec->getPhdrFlags()))->add(sec); 2384 continue; 2385 } 2386 2387 // Segments are contiguous memory regions that has the same attributes 2388 // (e.g. executable or writable). There is one phdr for each segment. 2389 // Therefore, we need to create a new phdr when the next section has 2390 // incompatible flags or is loaded at a discontiguous address or memory 2391 // region using AT or AT> linker script command, respectively. 2392 // 2393 // As an exception, we don't create a separate load segment for the ELF 2394 // headers, even if the first "real" output has an AT or AT> attribute. 2395 // 2396 // In addition, NOBITS sections should only be placed at the end of a LOAD 2397 // segment (since it's represented as p_filesz < p_memsz). If we have a 2398 // not-NOBITS section after a NOBITS, we create a new LOAD for the latter 2399 // even if flags match, so as not to require actually writing the 2400 // supposed-to-be-NOBITS section to the output file. (However, we cannot do 2401 // so when hasSectionsCommand, since we cannot introduce the extra alignment 2402 // needed to create a new LOAD) 2403 uint64_t newFlags = computeFlags(ctx, sec->getPhdrFlags()); 2404 uint64_t incompatible = flags ^ newFlags; 2405 if (!(newFlags & PF_W)) { 2406 // When --no-rosegment is specified, RO and RX sections are compatible. 2407 if (ctx.arg.singleRoRx) 2408 incompatible &= ~PF_X; 2409 // When --no-xosegment is specified (the default), XO and RX sections are 2410 // compatible. 2411 if (ctx.arg.singleXoRx) 2412 incompatible &= ~PF_R; 2413 } 2414 if (incompatible) 2415 load = nullptr; 2416 2417 bool sameLMARegion = 2418 load && !sec->lmaExpr && sec->lmaRegion == load->firstSec->lmaRegion; 2419 if (load && sec != relroEnd && 2420 sec->memRegion == load->firstSec->memRegion && 2421 (sameLMARegion || load->lastSec == ctx.out.programHeaders.get()) && 2422 (ctx.script->hasSectionsCommand || sec->type == SHT_NOBITS || 2423 load->lastSec->type != SHT_NOBITS)) { 2424 load->p_flags |= newFlags; 2425 } else { 2426 load = addHdr(PT_LOAD, newFlags); 2427 flags = newFlags; 2428 } 2429 2430 load->add(sec); 2431 } 2432 2433 // Add a TLS segment if any. 2434 auto tlsHdr = std::make_unique<PhdrEntry>(ctx, PT_TLS, PF_R); 2435 for (OutputSection *sec : ctx.outputSections) 2436 if (sec->partition == partNo && sec->flags & SHF_TLS) 2437 tlsHdr->add(sec); 2438 if (tlsHdr->firstSec) 2439 ret.push_back(std::move(tlsHdr)); 2440 2441 // Add an entry for .dynamic. 2442 if (OutputSection *sec = part.dynamic->getParent()) 2443 addHdr(PT_DYNAMIC, sec->getPhdrFlags())->add(sec); 2444 2445 if (relRo->firstSec) 2446 ret.push_back(std::move(relRo)); 2447 2448 // PT_GNU_EH_FRAME is a special section pointing on .eh_frame_hdr. 2449 if (part.ehFrame->isNeeded() && part.ehFrameHdr && 2450 part.ehFrame->getParent() && part.ehFrameHdr->getParent()) 2451 addHdr(PT_GNU_EH_FRAME, part.ehFrameHdr->getParent()->getPhdrFlags()) 2452 ->add(part.ehFrameHdr->getParent()); 2453 2454 if (ctx.arg.osabi == ELFOSABI_OPENBSD) { 2455 // PT_OPENBSD_MUTABLE makes the dynamic linker fill the segment with 2456 // zero data, like bss, but it can be treated differently. 2457 if (OutputSection *cmd = findSection(ctx, ".openbsd.mutable", partNo)) 2458 addHdr(PT_OPENBSD_MUTABLE, cmd->getPhdrFlags())->add(cmd); 2459 2460 // PT_OPENBSD_RANDOMIZE makes the dynamic linker fill the segment 2461 // with random data. 2462 if (OutputSection *cmd = findSection(ctx, ".openbsd.randomdata", partNo)) 2463 addHdr(PT_OPENBSD_RANDOMIZE, cmd->getPhdrFlags())->add(cmd); 2464 2465 // PT_OPENBSD_SYSCALLS makes the kernel and dynamic linker register 2466 // system call sites. 2467 if (OutputSection *cmd = findSection(ctx, ".openbsd.syscalls", partNo)) 2468 addHdr(PT_OPENBSD_SYSCALLS, cmd->getPhdrFlags())->add(cmd); 2469 } 2470 2471 if (ctx.arg.zGnustack != GnuStackKind::None) { 2472 // PT_GNU_STACK is a special section to tell the loader to make the 2473 // pages for the stack non-executable. If you really want an executable 2474 // stack, you can pass -z execstack, but that's not recommended for 2475 // security reasons. 2476 unsigned perm = PF_R | PF_W; 2477 if (ctx.arg.zGnustack == GnuStackKind::Exec) 2478 perm |= PF_X; 2479 addHdr(PT_GNU_STACK, perm)->p_memsz = ctx.arg.zStackSize; 2480 } 2481 2482 // PT_OPENBSD_NOBTCFI is an OpenBSD-specific header to mark that the 2483 // executable is expected to violate branch-target CFI checks. 2484 if (ctx.arg.zNoBtCfi) 2485 addHdr(PT_OPENBSD_NOBTCFI, PF_X); 2486 2487 // PT_OPENBSD_WXNEEDED is a OpenBSD-specific header to mark the executable 2488 // is expected to perform W^X violations, such as calling mprotect(2) or 2489 // mmap(2) with PROT_WRITE | PROT_EXEC, which is prohibited by default on 2490 // OpenBSD. 2491 if (ctx.arg.zWxneeded) 2492 addHdr(PT_OPENBSD_WXNEEDED, PF_X); 2493 2494 if (OutputSection *cmd = findSection(ctx, ".note.gnu.property", partNo)) 2495 addHdr(PT_GNU_PROPERTY, PF_R)->add(cmd); 2496 2497 // Create one PT_NOTE per a group of contiguous SHT_NOTE sections with the 2498 // same alignment. 2499 PhdrEntry *note = nullptr; 2500 for (OutputSection *sec : ctx.outputSections) { 2501 if (sec->partition != partNo) 2502 continue; 2503 if (sec->type == SHT_NOTE && (sec->flags & SHF_ALLOC)) { 2504 if (!note || sec->lmaExpr || note->lastSec->addralign != sec->addralign) 2505 note = addHdr(PT_NOTE, PF_R); 2506 note->add(sec); 2507 } else { 2508 note = nullptr; 2509 } 2510 } 2511 return ret; 2512 } 2513 2514 template <class ELFT> 2515 void Writer<ELFT>::addPhdrForSection(Partition &part, unsigned shType, 2516 unsigned pType, unsigned pFlags) { 2517 unsigned partNo = part.getNumber(ctx); 2518 auto i = llvm::find_if(ctx.outputSections, [=](OutputSection *cmd) { 2519 return cmd->partition == partNo && cmd->type == shType; 2520 }); 2521 if (i == ctx.outputSections.end()) 2522 return; 2523 2524 auto entry = std::make_unique<PhdrEntry>(ctx, pType, pFlags); 2525 entry->add(*i); 2526 part.phdrs.push_back(std::move(entry)); 2527 } 2528 2529 // Place the first section of each PT_LOAD to a different page (of maxPageSize). 2530 // This is achieved by assigning an alignment expression to addrExpr of each 2531 // such section. 2532 template <class ELFT> void Writer<ELFT>::fixSectionAlignments() { 2533 const PhdrEntry *prev; 2534 auto pageAlign = [&, &ctx = this->ctx](const PhdrEntry *p) { 2535 OutputSection *cmd = p->firstSec; 2536 if (!cmd) 2537 return; 2538 cmd->alignExpr = [align = cmd->addralign]() { return align; }; 2539 if (!cmd->addrExpr) { 2540 // Prefer advancing to align(dot, maxPageSize) + dot%maxPageSize to avoid 2541 // padding in the file contents. 2542 // 2543 // When -z separate-code is used we must not have any overlap in pages 2544 // between an executable segment and a non-executable segment. We align to 2545 // the next maximum page size boundary on transitions between executable 2546 // and non-executable segments. 2547 // 2548 // SHT_LLVM_PART_EHDR marks the start of a partition. The partition 2549 // sections will be extracted to a separate file. Align to the next 2550 // maximum page size boundary so that we can find the ELF header at the 2551 // start. We cannot benefit from overlapping p_offset ranges with the 2552 // previous segment anyway. 2553 if (ctx.arg.zSeparate == SeparateSegmentKind::Loadable || 2554 (ctx.arg.zSeparate == SeparateSegmentKind::Code && prev && 2555 (prev->p_flags & PF_X) != (p->p_flags & PF_X)) || 2556 cmd->type == SHT_LLVM_PART_EHDR) 2557 cmd->addrExpr = [&ctx = this->ctx] { 2558 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize); 2559 }; 2560 // PT_TLS is at the start of the first RW PT_LOAD. If `p` includes PT_TLS, 2561 // it must be the RW. Align to p_align(PT_TLS) to make sure 2562 // p_vaddr(PT_LOAD)%p_align(PT_LOAD) = 0. Otherwise, if 2563 // sh_addralign(.tdata) < sh_addralign(.tbss), we will set p_align(PT_TLS) 2564 // to sh_addralign(.tbss), while p_vaddr(PT_TLS)=p_vaddr(PT_LOAD) may not 2565 // be congruent to 0 modulo p_align(PT_TLS). 2566 // 2567 // Technically this is not required, but as of 2019, some dynamic loaders 2568 // don't handle p_vaddr%p_align != 0 correctly, e.g. glibc (i386 and 2569 // x86-64) doesn't make runtime address congruent to p_vaddr modulo 2570 // p_align for dynamic TLS blocks (PR/24606), FreeBSD rtld has the same 2571 // bug, musl (TLS Variant 1 architectures) before 1.1.23 handled TLS 2572 // blocks correctly. We need to keep the workaround for a while. 2573 else if (ctx.tlsPhdr && ctx.tlsPhdr->firstSec == p->firstSec) 2574 cmd->addrExpr = [&ctx] { 2575 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize) + 2576 alignToPowerOf2(ctx.script->getDot() % ctx.arg.maxPageSize, 2577 ctx.tlsPhdr->p_align); 2578 }; 2579 else 2580 cmd->addrExpr = [&ctx] { 2581 return alignToPowerOf2(ctx.script->getDot(), ctx.arg.maxPageSize) + 2582 ctx.script->getDot() % ctx.arg.maxPageSize; 2583 }; 2584 } 2585 }; 2586 2587 for (Partition &part : ctx.partitions) { 2588 prev = nullptr; 2589 for (auto &p : part.phdrs) 2590 if (p->p_type == PT_LOAD && p->firstSec) { 2591 pageAlign(p.get()); 2592 prev = p.get(); 2593 } 2594 } 2595 } 2596 2597 // Compute an in-file position for a given section. The file offset must be the 2598 // same with its virtual address modulo the page size, so that the loader can 2599 // load executables without any address adjustment. 2600 static uint64_t computeFileOffset(Ctx &ctx, OutputSection *os, uint64_t off) { 2601 // The first section in a PT_LOAD has to have congruent offset and address 2602 // modulo the maximum page size. 2603 if (os->ptLoad && os->ptLoad->firstSec == os) 2604 return alignTo(off, os->ptLoad->p_align, os->addr); 2605 2606 // File offsets are not significant for .bss sections other than the first one 2607 // in a PT_LOAD/PT_TLS. By convention, we keep section offsets monotonically 2608 // increasing rather than setting to zero. 2609 if (os->type == SHT_NOBITS && (!ctx.tlsPhdr || ctx.tlsPhdr->firstSec != os)) 2610 return off; 2611 2612 // If the section is not in a PT_LOAD, we just have to align it. 2613 if (!os->ptLoad) 2614 return alignToPowerOf2(off, os->addralign); 2615 2616 // If two sections share the same PT_LOAD the file offset is calculated 2617 // using this formula: Off2 = Off1 + (VA2 - VA1). 2618 OutputSection *first = os->ptLoad->firstSec; 2619 return first->offset + os->addr - first->addr; 2620 } 2621 2622 template <class ELFT> void Writer<ELFT>::assignFileOffsetsBinary() { 2623 // Compute the minimum LMA of all non-empty non-NOBITS sections as minAddr. 2624 auto needsOffset = [](OutputSection &sec) { 2625 return sec.type != SHT_NOBITS && (sec.flags & SHF_ALLOC) && sec.size > 0; 2626 }; 2627 uint64_t minAddr = UINT64_MAX; 2628 for (OutputSection *sec : ctx.outputSections) 2629 if (needsOffset(*sec)) { 2630 sec->offset = sec->getLMA(); 2631 minAddr = std::min(minAddr, sec->offset); 2632 } 2633 2634 // Sections are laid out at LMA minus minAddr. 2635 fileSize = 0; 2636 for (OutputSection *sec : ctx.outputSections) 2637 if (needsOffset(*sec)) { 2638 sec->offset -= minAddr; 2639 fileSize = std::max(fileSize, sec->offset + sec->size); 2640 } 2641 } 2642 2643 static std::string rangeToString(uint64_t addr, uint64_t len) { 2644 return "[0x" + utohexstr(addr) + ", 0x" + utohexstr(addr + len - 1) + "]"; 2645 } 2646 2647 // Assign file offsets to output sections. 2648 template <class ELFT> void Writer<ELFT>::assignFileOffsets() { 2649 ctx.out.programHeaders->offset = ctx.out.elfHeader->size; 2650 uint64_t off = ctx.out.elfHeader->size + ctx.out.programHeaders->size; 2651 2652 PhdrEntry *lastRX = nullptr; 2653 for (Partition &part : ctx.partitions) 2654 for (auto &p : part.phdrs) 2655 if (p->p_type == PT_LOAD && (p->p_flags & PF_X)) 2656 lastRX = p.get(); 2657 2658 // Layout SHF_ALLOC sections before non-SHF_ALLOC sections. A non-SHF_ALLOC 2659 // will not occupy file offsets contained by a PT_LOAD. 2660 for (OutputSection *sec : ctx.outputSections) { 2661 if (!(sec->flags & SHF_ALLOC)) 2662 continue; 2663 off = computeFileOffset(ctx, sec, off); 2664 sec->offset = off; 2665 if (sec->type != SHT_NOBITS) 2666 off += sec->size; 2667 2668 // If this is a last section of the last executable segment and that 2669 // segment is the last loadable segment, align the offset of the 2670 // following section to avoid loading non-segments parts of the file. 2671 if (ctx.arg.zSeparate != SeparateSegmentKind::None && lastRX && 2672 lastRX->lastSec == sec) 2673 off = alignToPowerOf2(off, ctx.arg.maxPageSize); 2674 } 2675 for (OutputSection *osec : ctx.outputSections) { 2676 if (osec->flags & SHF_ALLOC) 2677 continue; 2678 osec->offset = alignToPowerOf2(off, osec->addralign); 2679 off = osec->offset + osec->size; 2680 } 2681 2682 sectionHeaderOff = alignToPowerOf2(off, ctx.arg.wordsize); 2683 fileSize = 2684 sectionHeaderOff + (ctx.outputSections.size() + 1) * sizeof(Elf_Shdr); 2685 2686 // Our logic assumes that sections have rising VA within the same segment. 2687 // With use of linker scripts it is possible to violate this rule and get file 2688 // offset overlaps or overflows. That should never happen with a valid script 2689 // which does not move the location counter backwards and usually scripts do 2690 // not do that. Unfortunately, there are apps in the wild, for example, Linux 2691 // kernel, which control segment distribution explicitly and move the counter 2692 // backwards, so we have to allow doing that to support linking them. We 2693 // perform non-critical checks for overlaps in checkSectionOverlap(), but here 2694 // we want to prevent file size overflows because it would crash the linker. 2695 for (OutputSection *sec : ctx.outputSections) { 2696 if (sec->type == SHT_NOBITS) 2697 continue; 2698 if ((sec->offset > fileSize) || (sec->offset + sec->size > fileSize)) 2699 ErrAlways(ctx) << "unable to place section " << sec->name 2700 << " at file offset " 2701 << rangeToString(sec->offset, sec->size) 2702 << "; check your linker script for overflows"; 2703 } 2704 } 2705 2706 // Finalize the program headers. We call this function after we assign 2707 // file offsets and VAs to all sections. 2708 template <class ELFT> void Writer<ELFT>::setPhdrs(Partition &part) { 2709 for (std::unique_ptr<PhdrEntry> &p : part.phdrs) { 2710 OutputSection *first = p->firstSec; 2711 OutputSection *last = p->lastSec; 2712 2713 // .ARM.exidx sections may not be within a single .ARM.exidx 2714 // output section. We always want to describe just the 2715 // SyntheticSection. 2716 if (part.armExidx && p->p_type == PT_ARM_EXIDX) { 2717 p->p_filesz = part.armExidx->getSize(); 2718 p->p_memsz = p->p_filesz; 2719 p->p_offset = first->offset + part.armExidx->outSecOff; 2720 p->p_vaddr = first->addr + part.armExidx->outSecOff; 2721 p->p_align = part.armExidx->addralign; 2722 if (part.elfHeader) 2723 p->p_offset -= part.elfHeader->getParent()->offset; 2724 2725 if (!p->hasLMA) 2726 p->p_paddr = first->getLMA() + part.armExidx->outSecOff; 2727 return; 2728 } 2729 2730 if (first) { 2731 p->p_filesz = last->offset - first->offset; 2732 if (last->type != SHT_NOBITS) 2733 p->p_filesz += last->size; 2734 2735 p->p_memsz = last->addr + last->size - first->addr; 2736 p->p_offset = first->offset; 2737 p->p_vaddr = first->addr; 2738 2739 // File offsets in partitions other than the main partition are relative 2740 // to the offset of the ELF headers. Perform that adjustment now. 2741 if (part.elfHeader) 2742 p->p_offset -= part.elfHeader->getParent()->offset; 2743 2744 if (!p->hasLMA) 2745 p->p_paddr = first->getLMA(); 2746 } 2747 } 2748 } 2749 2750 // A helper struct for checkSectionOverlap. 2751 namespace { 2752 struct SectionOffset { 2753 OutputSection *sec; 2754 uint64_t offset; 2755 }; 2756 } // namespace 2757 2758 // Check whether sections overlap for a specific address range (file offsets, 2759 // load and virtual addresses). 2760 static void checkOverlap(Ctx &ctx, StringRef name, 2761 std::vector<SectionOffset> §ions, 2762 bool isVirtualAddr) { 2763 llvm::sort(sections, [=](const SectionOffset &a, const SectionOffset &b) { 2764 return a.offset < b.offset; 2765 }); 2766 2767 // Finding overlap is easy given a vector is sorted by start position. 2768 // If an element starts before the end of the previous element, they overlap. 2769 for (size_t i = 1, end = sections.size(); i < end; ++i) { 2770 SectionOffset a = sections[i - 1]; 2771 SectionOffset b = sections[i]; 2772 if (b.offset >= a.offset + a.sec->size) 2773 continue; 2774 2775 // If both sections are in OVERLAY we allow the overlapping of virtual 2776 // addresses, because it is what OVERLAY was designed for. 2777 if (isVirtualAddr && a.sec->inOverlay && b.sec->inOverlay) 2778 continue; 2779 2780 Err(ctx) << "section " << a.sec->name << " " << name 2781 << " range overlaps with " << b.sec->name << "\n>>> " 2782 << a.sec->name << " range is " 2783 << rangeToString(a.offset, a.sec->size) << "\n>>> " << b.sec->name 2784 << " range is " << rangeToString(b.offset, b.sec->size); 2785 } 2786 } 2787 2788 // Check for overlapping sections and address overflows. 2789 // 2790 // In this function we check that none of the output sections have overlapping 2791 // file offsets. For SHF_ALLOC sections we also check that the load address 2792 // ranges and the virtual address ranges don't overlap 2793 template <class ELFT> void Writer<ELFT>::checkSections() { 2794 // First, check that section's VAs fit in available address space for target. 2795 for (OutputSection *os : ctx.outputSections) 2796 if ((os->addr + os->size < os->addr) || 2797 (!ELFT::Is64Bits && os->addr + os->size > uint64_t(UINT32_MAX) + 1)) 2798 Err(ctx) << "section " << os->name << " at 0x" 2799 << utohexstr(os->addr, true) << " of size 0x" 2800 << utohexstr(os->size, true) 2801 << " exceeds available address space"; 2802 2803 // Check for overlapping file offsets. In this case we need to skip any 2804 // section marked as SHT_NOBITS. These sections don't actually occupy space in 2805 // the file so Sec->Offset + Sec->Size can overlap with others. If --oformat 2806 // binary is specified only add SHF_ALLOC sections are added to the output 2807 // file so we skip any non-allocated sections in that case. 2808 std::vector<SectionOffset> fileOffs; 2809 for (OutputSection *sec : ctx.outputSections) 2810 if (sec->size > 0 && sec->type != SHT_NOBITS && 2811 (!ctx.arg.oFormatBinary || (sec->flags & SHF_ALLOC))) 2812 fileOffs.push_back({sec, sec->offset}); 2813 checkOverlap(ctx, "file", fileOffs, false); 2814 2815 // When linking with -r there is no need to check for overlapping virtual/load 2816 // addresses since those addresses will only be assigned when the final 2817 // executable/shared object is created. 2818 if (ctx.arg.relocatable) 2819 return; 2820 2821 // Checking for overlapping virtual and load addresses only needs to take 2822 // into account SHF_ALLOC sections since others will not be loaded. 2823 // Furthermore, we also need to skip SHF_TLS sections since these will be 2824 // mapped to other addresses at runtime and can therefore have overlapping 2825 // ranges in the file. 2826 std::vector<SectionOffset> vmas; 2827 for (OutputSection *sec : ctx.outputSections) 2828 if (sec->size > 0 && (sec->flags & SHF_ALLOC) && !(sec->flags & SHF_TLS)) 2829 vmas.push_back({sec, sec->addr}); 2830 checkOverlap(ctx, "virtual address", vmas, true); 2831 2832 // Finally, check that the load addresses don't overlap. This will usually be 2833 // the same as the virtual addresses but can be different when using a linker 2834 // script with AT(). 2835 std::vector<SectionOffset> lmas; 2836 for (OutputSection *sec : ctx.outputSections) 2837 if (sec->size > 0 && (sec->flags & SHF_ALLOC) && !(sec->flags & SHF_TLS)) 2838 lmas.push_back({sec, sec->getLMA()}); 2839 checkOverlap(ctx, "load address", lmas, false); 2840 } 2841 2842 // The entry point address is chosen in the following ways. 2843 // 2844 // 1. the '-e' entry command-line option; 2845 // 2. the ENTRY(symbol) command in a linker control script; 2846 // 3. the value of the symbol _start, if present; 2847 // 4. the number represented by the entry symbol, if it is a number; 2848 // 5. the address 0. 2849 static uint64_t getEntryAddr(Ctx &ctx) { 2850 // Case 1, 2 or 3 2851 if (Symbol *b = ctx.symtab->find(ctx.arg.entry)) 2852 return b->getVA(ctx); 2853 2854 // Case 4 2855 uint64_t addr; 2856 if (to_integer(ctx.arg.entry, addr)) 2857 return addr; 2858 2859 // Case 5 2860 if (ctx.arg.warnMissingEntry) 2861 Warn(ctx) << "cannot find entry symbol " << ctx.arg.entry 2862 << "; not setting start address"; 2863 return 0; 2864 } 2865 2866 static uint16_t getELFType(Ctx &ctx) { 2867 if (ctx.arg.isPic) 2868 return ET_DYN; 2869 if (ctx.arg.relocatable) 2870 return ET_REL; 2871 return ET_EXEC; 2872 } 2873 2874 template <class ELFT> void Writer<ELFT>::writeHeader() { 2875 writeEhdr<ELFT>(ctx, ctx.bufferStart, *ctx.mainPart); 2876 writePhdrs<ELFT>(ctx.bufferStart + sizeof(Elf_Ehdr), *ctx.mainPart); 2877 2878 auto *eHdr = reinterpret_cast<Elf_Ehdr *>(ctx.bufferStart); 2879 eHdr->e_type = getELFType(ctx); 2880 eHdr->e_entry = getEntryAddr(ctx); 2881 2882 // If -z nosectionheader is specified, omit the section header table. 2883 if (!ctx.in.shStrTab) 2884 return; 2885 eHdr->e_shoff = sectionHeaderOff; 2886 2887 // Write the section header table. 2888 // 2889 // The ELF header can only store numbers up to SHN_LORESERVE in the e_shnum 2890 // and e_shstrndx fields. When the value of one of these fields exceeds 2891 // SHN_LORESERVE ELF requires us to put sentinel values in the ELF header and 2892 // use fields in the section header at index 0 to store 2893 // the value. The sentinel values and fields are: 2894 // e_shnum = 0, SHdrs[0].sh_size = number of sections. 2895 // e_shstrndx = SHN_XINDEX, SHdrs[0].sh_link = .shstrtab section index. 2896 auto *sHdrs = reinterpret_cast<Elf_Shdr *>(ctx.bufferStart + eHdr->e_shoff); 2897 size_t num = ctx.outputSections.size() + 1; 2898 if (num >= SHN_LORESERVE) 2899 sHdrs->sh_size = num; 2900 else 2901 eHdr->e_shnum = num; 2902 2903 uint32_t strTabIndex = ctx.in.shStrTab->getParent()->sectionIndex; 2904 if (strTabIndex >= SHN_LORESERVE) { 2905 sHdrs->sh_link = strTabIndex; 2906 eHdr->e_shstrndx = SHN_XINDEX; 2907 } else { 2908 eHdr->e_shstrndx = strTabIndex; 2909 } 2910 2911 for (OutputSection *sec : ctx.outputSections) 2912 sec->writeHeaderTo<ELFT>(++sHdrs); 2913 } 2914 2915 // Open a result file. 2916 template <class ELFT> void Writer<ELFT>::openFile() { 2917 uint64_t maxSize = ctx.arg.is64 ? INT64_MAX : UINT32_MAX; 2918 if (fileSize != size_t(fileSize) || maxSize < fileSize) { 2919 std::string msg; 2920 raw_string_ostream s(msg); 2921 s << "output file too large: " << fileSize << " bytes\n" 2922 << "section sizes:\n"; 2923 for (OutputSection *os : ctx.outputSections) 2924 s << os->name << ' ' << os->size << "\n"; 2925 ErrAlways(ctx) << msg; 2926 return; 2927 } 2928 2929 unlinkAsync(ctx.arg.outputFile); 2930 unsigned flags = 0; 2931 if (!ctx.arg.relocatable) 2932 flags |= FileOutputBuffer::F_executable; 2933 if (ctx.arg.mmapOutputFile) 2934 flags |= FileOutputBuffer::F_mmap; 2935 Expected<std::unique_ptr<FileOutputBuffer>> bufferOrErr = 2936 FileOutputBuffer::create(ctx.arg.outputFile, fileSize, flags); 2937 2938 if (!bufferOrErr) { 2939 ErrAlways(ctx) << "failed to open " << ctx.arg.outputFile << ": " 2940 << bufferOrErr.takeError(); 2941 return; 2942 } 2943 buffer = std::move(*bufferOrErr); 2944 ctx.bufferStart = buffer->getBufferStart(); 2945 } 2946 2947 template <class ELFT> void Writer<ELFT>::writeSectionsBinary() { 2948 parallel::TaskGroup tg; 2949 for (OutputSection *sec : ctx.outputSections) 2950 if (sec->flags & SHF_ALLOC) 2951 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg); 2952 } 2953 2954 static void fillTrap(std::array<uint8_t, 4> trapInstr, uint8_t *i, 2955 uint8_t *end) { 2956 for (; i + 4 <= end; i += 4) 2957 memcpy(i, trapInstr.data(), 4); 2958 } 2959 2960 // Fill the last page of executable segments with trap instructions 2961 // instead of leaving them as zero. Even though it is not required by any 2962 // standard, it is in general a good thing to do for security reasons. 2963 // 2964 // We'll leave other pages in segments as-is because the rest will be 2965 // overwritten by output sections. 2966 template <class ELFT> void Writer<ELFT>::writeTrapInstr() { 2967 for (Partition &part : ctx.partitions) { 2968 // Fill the last page. 2969 for (std::unique_ptr<PhdrEntry> &p : part.phdrs) 2970 if (p->p_type == PT_LOAD && (p->p_flags & PF_X)) 2971 fillTrap( 2972 ctx.target->trapInstr, 2973 ctx.bufferStart + alignDown(p->firstSec->offset + p->p_filesz, 4), 2974 ctx.bufferStart + alignToPowerOf2(p->firstSec->offset + p->p_filesz, 2975 ctx.arg.maxPageSize)); 2976 2977 // Round up the file size of the last segment to the page boundary iff it is 2978 // an executable segment to ensure that other tools don't accidentally 2979 // trim the instruction padding (e.g. when stripping the file). 2980 PhdrEntry *last = nullptr; 2981 for (std::unique_ptr<PhdrEntry> &p : part.phdrs) 2982 if (p->p_type == PT_LOAD) 2983 last = p.get(); 2984 2985 if (last && (last->p_flags & PF_X)) { 2986 last->p_filesz = alignToPowerOf2(last->p_filesz, ctx.arg.maxPageSize); 2987 // p_memsz might be larger than the aligned p_filesz due to trailing BSS 2988 // sections. Don't decrease it. 2989 last->p_memsz = std::max(last->p_memsz, last->p_filesz); 2990 } 2991 } 2992 } 2993 2994 // Write section contents to a mmap'ed file. 2995 template <class ELFT> void Writer<ELFT>::writeSections() { 2996 llvm::TimeTraceScope timeScope("Write sections"); 2997 2998 { 2999 // In -r or --emit-relocs mode, write the relocation sections first as in 3000 // ELf_Rel targets we might find out that we need to modify the relocated 3001 // section while doing it. 3002 parallel::TaskGroup tg; 3003 for (OutputSection *sec : ctx.outputSections) 3004 if (isStaticRelSecType(sec->type)) 3005 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg); 3006 } 3007 { 3008 parallel::TaskGroup tg; 3009 for (OutputSection *sec : ctx.outputSections) 3010 if (!isStaticRelSecType(sec->type)) 3011 sec->writeTo<ELFT>(ctx, ctx.bufferStart + sec->offset, tg); 3012 } 3013 3014 // Finally, check that all dynamic relocation addends were written correctly. 3015 if (ctx.arg.checkDynamicRelocs && ctx.arg.writeAddends) { 3016 for (OutputSection *sec : ctx.outputSections) 3017 if (isStaticRelSecType(sec->type)) 3018 sec->checkDynRelAddends(ctx); 3019 } 3020 } 3021 3022 // Computes a hash value of Data using a given hash function. 3023 // In order to utilize multiple cores, we first split data into 1MB 3024 // chunks, compute a hash for each chunk, and then compute a hash value 3025 // of the hash values. 3026 static void 3027 computeHash(llvm::MutableArrayRef<uint8_t> hashBuf, 3028 llvm::ArrayRef<uint8_t> data, 3029 std::function<void(uint8_t *dest, ArrayRef<uint8_t> arr)> hashFn) { 3030 std::vector<ArrayRef<uint8_t>> chunks = split(data, 1024 * 1024); 3031 const size_t hashesSize = chunks.size() * hashBuf.size(); 3032 std::unique_ptr<uint8_t[]> hashes(new uint8_t[hashesSize]); 3033 3034 // Compute hash values. 3035 parallelFor(0, chunks.size(), [&](size_t i) { 3036 hashFn(hashes.get() + i * hashBuf.size(), chunks[i]); 3037 }); 3038 3039 // Write to the final output buffer. 3040 hashFn(hashBuf.data(), ArrayRef(hashes.get(), hashesSize)); 3041 } 3042 3043 template <class ELFT> void Writer<ELFT>::writeBuildId() { 3044 if (!ctx.mainPart->buildId || !ctx.mainPart->buildId->getParent()) 3045 return; 3046 3047 if (ctx.arg.buildId == BuildIdKind::Hexstring) { 3048 for (Partition &part : ctx.partitions) 3049 part.buildId->writeBuildId(ctx.arg.buildIdVector); 3050 return; 3051 } 3052 3053 // Compute a hash of all sections of the output file. 3054 size_t hashSize = ctx.mainPart->buildId->hashSize; 3055 std::unique_ptr<uint8_t[]> buildId(new uint8_t[hashSize]); 3056 MutableArrayRef<uint8_t> output(buildId.get(), hashSize); 3057 llvm::ArrayRef<uint8_t> input{ctx.bufferStart, size_t(fileSize)}; 3058 3059 // Fedora introduced build ID as "approximation of true uniqueness across all 3060 // binaries that might be used by overlapping sets of people". It does not 3061 // need some security goals that some hash algorithms strive to provide, e.g. 3062 // (second-)preimage and collision resistance. In practice people use 'md5' 3063 // and 'sha1' just for different lengths. Implement them with the more 3064 // efficient BLAKE3. 3065 switch (ctx.arg.buildId) { 3066 case BuildIdKind::Fast: 3067 computeHash(output, input, [](uint8_t *dest, ArrayRef<uint8_t> arr) { 3068 write64le(dest, xxh3_64bits(arr)); 3069 }); 3070 break; 3071 case BuildIdKind::Md5: 3072 computeHash(output, input, [&](uint8_t *dest, ArrayRef<uint8_t> arr) { 3073 memcpy(dest, BLAKE3::hash<16>(arr).data(), hashSize); 3074 }); 3075 break; 3076 case BuildIdKind::Sha1: 3077 computeHash(output, input, [&](uint8_t *dest, ArrayRef<uint8_t> arr) { 3078 memcpy(dest, BLAKE3::hash<20>(arr).data(), hashSize); 3079 }); 3080 break; 3081 case BuildIdKind::Uuid: 3082 if (auto ec = llvm::getRandomBytes(buildId.get(), hashSize)) 3083 ErrAlways(ctx) << "entropy source failure: " << ec.message(); 3084 break; 3085 default: 3086 llvm_unreachable("unknown BuildIdKind"); 3087 } 3088 for (Partition &part : ctx.partitions) 3089 part.buildId->writeBuildId(output); 3090 } 3091 3092 template void elf::writeResult<ELF32LE>(Ctx &); 3093 template void elf::writeResult<ELF32BE>(Ctx &); 3094 template void elf::writeResult<ELF64LE>(Ctx &); 3095 template void elf::writeResult<ELF64BE>(Ctx &); 3096