[llvm-dev] [ELF] [RFC] Padding between executable sections
Hal Finkel via llvm-dev
llvm-dev at lists.llvm.org
Fri Mar 10 09:22:02 PST 2017
On 03/10/2017 10:19 AM, James Henderson via llvm-dev wrote:
> Hi,
>
> I was doing some experiments with LLD and noticed that it pads out
> OutputSections with null bytes in all cases (as far as I could tell).
> However, for executable sections on some targets, 0x00 forms part of
> an executable instruction that is not nop. In particular, for x86_64
> targets at least, the sequence 0x00 0x00 is an add instruction. This
> can result in confusing disassembly.
>
> For example, on x86_64, given a simple InputSection that is a single
> "0xc3 retq" instruction, and given an alignment of 16 bytes, 15 null
> bytes are inserted between the end of that InputSection and the next.
> In the disassembly I then see the retq instruction followed by a
> series of adds, the last of which actually consumes 1 or more bytes of
> the next section to form a valid instruction, which can in turn throw
> off the disassembly of the following instructions at the start of the
> next section.
>
> What do people think about using a target-specific nop instruction
> sequence to pad executable sections? Another possible option, on
> x86_64 at least (I haven't investigated other targets), is to use the
> 0xcc interrupt instruction.
As I understand it, filling with nops has undesirable security
consequences. As you suggest, using some trap sequence is probably better.
-Hal
>
> Regards,
>
> James
>
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
--
Hal Finkel
Lead, Compiler Technology and Programming Languages
Leadership Computing Facility
Argonne National Laboratory
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170310/09701125/attachment.html>
More information about the llvm-dev
mailing list