[llvm-dev] [RFC] Moving RELRO segment

Rui Ueyama via llvm-dev llvm-dev at lists.llvm.org
Thu Aug 29 01:22:05 PDT 2019 

Hi Vic,

I'm in favor of this proposal. Saving that amount of kernel memory by
changing the memory layout seems like a win. I believe that there are
programs in the wild that assume some specific segment order, and moving
the RELRO segment might break some of them, but looks like it's worth the
risk.

On Thu, Aug 29, 2019 at 2:51 PM Vic (Chun-Ju) Yang via llvm-dev <
llvm-dev at lists.llvm.org> wrote:

> Hey all,
>
> TL;DR: Moving RELRO segment to be immediately after read-only segment so
> that the dynamic linker has the option to merge the two virtual memory
> areas at run time.
>
> This is an RFC for moving RELRO segment. Currently, lld orders ELF
> sections in the following order: R, RX, RWX, RW, and RW contains RELRO. At
> run time, after RELRO is write-protected, we'd have VMAs in the order of:
> R, RX, RWX, R (RELRO), RW. I'd like to propose that we move RELRO to be
> immediately after the read-only sections, so that the order of VMAs become:
> R, R (RELRO), RX, RWX, RW, and the dynamic linker would have the option to
> merge the two read-only VMAs to reduce bookkeeping costs.
>
> While I only tested this proposal on an ARM64 Android platform, the same
> optimization should be applicable to other platforms as well. My test
> showed an overall ~1MB decrease in kernel slab memory usage on
> vm_area_struct, with about 150 processes running. For this to work, I had
> to modify the dynamic linker:
>   1. The dynamic linker needs to make the read-only VMA briefly writable
> in order for it to have the same VM flags with the RELRO VMA so that they
> can be merged. Specifically VM_ACCOUNT is set when a VMA is made writable.
>   2. The cross-DSO CFI implementation in Android dynamic linker currently
> assumes __cfi_check is at a lower address than all CFI targets, so CFI
> check fails when RELRO is moved to below text section. After I added
> support for CFI targets below __cfi_check, I don't see CFI failures anymore.
> One drawback that comes with this change is that the number of LOAD
> segments increases by one for DSOs with anything other than those in RELRO
> in its RW LOAD segment.
>
> This would be a somewhat tedious change (especially the part about having
> to update all the unit tests), but the benefit is pretty good, especially
> considering the kernel slab memory is not swappable/evictable. Please let
> me know your thoughts!
>
> Thanks,
> Vic
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20190829/82746d1f/attachment.html>

More information about the llvm-dev mailing list