[PATCH] D64903: [ELF] Pad the last page of last PF_X PT_LOAD with traps when -z separate-code is specified
Fangrui Song via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Jul 17 23:12:13 PDT 2019
MaskRay created this revision.
MaskRay added reviewers: grimar, mcgrathr, peter.smith, phosek, ruiu.
Herald added subscribers: llvm-commits, atanasyan, jrtc27, fedor.sergeev, kbarton, kristof.beyls, krytarowski, arichardson, javed.absar, nemanjai, sdardis, emaste, jyknight.
Herald added a reviewer: espindola.
Herald added a project: LLVM.
After D33630 <https://reviews.llvm.org/D33630>, lld pads the last PF_X PT_LOAD segment to a multiple of
common-page-size. The motivation is that the last PF_X PT_LOAD should
not load the **initial** contents of non-code parts (non-SHF_ALLOC
sections such as .comment and .symtab, or sections in the RW PT_LOAD).
The advantage is that it reduces the number of gadgets which can be
found in non-code parts. I believe this advantage is small because the
less-than-one-page bytes (mostly ASCII strings or zero bytes) cannot
form many exploitable ROP gadgets.
However, the trap padding behavior wastes on average common-page-size/2
bytes if we do the ld.bfd noseparate-code layout: adjacent sections have
adjacent p_offset ranges. I plan to implement this feature.
The padding imposes non-negligible costs on targets with a large
defaultCommonPageSize (AArch64/MIPS/PPC: 65536).
ld.bfd has a similar option -z separate-code, which has similar
semantics as lld has today.
binutils PR24490 (the situation on ld.bfd is worse because they have
two R-- on both sides of R-E so more alignments.)
In binutils, the 2018-02-27 commit "ld: Add --enable-separate-code" made -z separate-code the default.
https://github.com/richfelker/musl-cross-make/commit/d969dea983a2cc54a1e0308a0cdeb6c3307e4bfa
In musl-cross-make, binutils is configured with --disable-separate-code
to address size regressions caused by -z separate-code size. (lld actually has the same
issue, which I plan to fix in a future patch. The ld.bfd x86 status is
worse because they default to max-page-size=0x200000).
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237676 people want
smaller code size. This patch will help a bit.
Stef O'Rear: I'm opposed to any kind of page alignment at the
text/rodata line (having a partial page of text aliased as rodata and
vice versa has no demonstrable harm, and I actually care about small
systems).
So, disable the padding by default. Do this by adding two -z flags:
separate-code and noseparate-code (default). Pad R-E only when -z
separate-code is enabled. Users who are paranoid about the security
matter can specify -z separate-code.
I believe this improves consistency as well, because the kinda ad-hoc
`!script->hasSectionsCommand` is changed to the more relevant
`config->zSeparateCode`.
Repository:
rLLD LLVM Linker
https://reviews.llvm.org/D64903
Files:
ELF/Config.h
ELF/Driver.cpp
ELF/Writer.cpp
test/ELF/avoid-empty-program-headers.s
test/ELF/basic-aarch64.s
test/ELF/basic-i386.s
test/ELF/basic-ppc.s
test/ELF/basic-sparcv9.s
test/ELF/basic.s
test/ELF/build-id.s
test/ELF/common-page.s
test/ELF/fill-trap-ppc.s
test/ELF/fill-trap.s
test/ELF/image-base.s
test/ELF/msp430.s
test/ELF/partition-synthetic-sections.s
test/ELF/relocatable.s
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D64903.210485.patch
Type: text/x-patch
Size: 20529 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190718/f5da4f32/attachment.bin>
More information about the llvm-commits
mailing list