1 |
38 |
julius |
/* Linux host-specific hook definitions.
|
2 |
|
|
Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc.
|
3 |
|
|
|
4 |
|
|
This file is part of GCC.
|
5 |
|
|
|
6 |
|
|
GCC is free software; you can redistribute it and/or modify it
|
7 |
|
|
under the terms of the GNU General Public License as published
|
8 |
|
|
by the Free Software Foundation; either version 3, or (at your
|
9 |
|
|
option) any later version.
|
10 |
|
|
|
11 |
|
|
GCC is distributed in the hope that it will be useful, but WITHOUT
|
12 |
|
|
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13 |
|
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
|
14 |
|
|
License for more details.
|
15 |
|
|
|
16 |
|
|
You should have received a copy of the GNU General Public License
|
17 |
|
|
along with GCC; see the file COPYING3. If not see
|
18 |
|
|
<http://www.gnu.org/licenses/>. */
|
19 |
|
|
|
20 |
|
|
#include "config.h"
|
21 |
|
|
#include "system.h"
|
22 |
|
|
#include "coretypes.h"
|
23 |
|
|
#include <sys/mman.h>
|
24 |
|
|
#include <limits.h>
|
25 |
|
|
#include "hosthooks.h"
|
26 |
|
|
#include "hosthooks-def.h"
|
27 |
|
|
|
28 |
|
|
|
29 |
|
|
/* Linux has a feature called exec-shield-randomize that perturbs the
|
30 |
|
|
address of non-fixed mapped segments by a (relatively) small amount.
|
31 |
|
|
The feature is intended to make it harder to attack the system with
|
32 |
|
|
buffer overflow attacks, since every invocation of a program will
|
33 |
|
|
have its libraries and data segments at slightly different addresses.
|
34 |
|
|
|
35 |
|
|
This feature causes us problems with PCH because it makes it that
|
36 |
|
|
much harder to acquire a stable location at which to map our PCH
|
37 |
|
|
data file.
|
38 |
|
|
|
39 |
|
|
[ The feature causes other points of non-determinism within the
|
40 |
|
|
compiler as well, so we'd *really* like to be able to have the
|
41 |
|
|
driver disable exec-shield-randomize for the process group, but
|
42 |
|
|
that isn't possible at present. ]
|
43 |
|
|
|
44 |
|
|
We're going to try several things:
|
45 |
|
|
|
46 |
|
|
* Select an architecture specific address as "likely" and see
|
47 |
|
|
if that's free. For our 64-bit hosts, we can easily choose
|
48 |
|
|
an address in Never Never Land.
|
49 |
|
|
|
50 |
|
|
* If exec-shield-randomize is disabled, then just use the
|
51 |
|
|
address chosen by mmap in step one.
|
52 |
|
|
|
53 |
|
|
* If exec-shield-randomize is enabled, then temporarily allocate
|
54 |
|
|
32M of memory as a buffer, then allocate PCH memory, then
|
55 |
|
|
free the buffer. The theory here is that the perturbation is
|
56 |
|
|
no more than 16M, and so by allocating our buffer larger than
|
57 |
|
|
that we make it considerably more likely that the address will
|
58 |
|
|
be free when we want to load the data back.
|
59 |
|
|
*/
|
60 |
|
|
|
61 |
|
|
#undef HOST_HOOKS_GT_PCH_GET_ADDRESS
|
62 |
|
|
#define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address
|
63 |
|
|
|
64 |
|
|
#undef HOST_HOOKS_GT_PCH_USE_ADDRESS
|
65 |
|
|
#define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address
|
66 |
|
|
|
67 |
|
|
/* For various ports, try to guess a fixed spot in the vm space
|
68 |
|
|
that's probably free. */
|
69 |
|
|
#if defined(__alpha)
|
70 |
|
|
# define TRY_EMPTY_VM_SPACE 0x10000000000
|
71 |
|
|
#elif defined(__ia64)
|
72 |
|
|
# define TRY_EMPTY_VM_SPACE 0x2000000100000000
|
73 |
|
|
#elif defined(__x86_64)
|
74 |
|
|
# define TRY_EMPTY_VM_SPACE 0x1000000000
|
75 |
|
|
#elif defined(__i386)
|
76 |
|
|
# define TRY_EMPTY_VM_SPACE 0x60000000
|
77 |
|
|
#elif defined(__powerpc__)
|
78 |
|
|
# define TRY_EMPTY_VM_SPACE 0x60000000
|
79 |
|
|
#elif defined(__s390x__)
|
80 |
|
|
# define TRY_EMPTY_VM_SPACE 0x8000000000
|
81 |
|
|
#elif defined(__s390__)
|
82 |
|
|
# define TRY_EMPTY_VM_SPACE 0x60000000
|
83 |
|
|
#elif defined(__sparc__) && defined(__LP64__)
|
84 |
|
|
# define TRY_EMPTY_VM_SPACE 0x8000000000
|
85 |
|
|
#elif defined(__sparc__)
|
86 |
|
|
# define TRY_EMPTY_VM_SPACE 0x60000000
|
87 |
|
|
#else
|
88 |
|
|
# define TRY_EMPTY_VM_SPACE 0
|
89 |
|
|
#endif
|
90 |
|
|
|
91 |
|
|
/* Determine a location where we might be able to reliably allocate SIZE
|
92 |
|
|
bytes. FD is the PCH file, though we should return with the file
|
93 |
|
|
unmapped. */
|
94 |
|
|
|
95 |
|
|
static void *
|
96 |
|
|
linux_gt_pch_get_address (size_t size, int fd)
|
97 |
|
|
{
|
98 |
|
|
size_t buffer_size = 32 * 1024 * 1024;
|
99 |
|
|
void *addr, *buffer;
|
100 |
|
|
FILE *f;
|
101 |
|
|
bool randomize_on;
|
102 |
|
|
|
103 |
|
|
addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE,
|
104 |
|
|
MAP_PRIVATE, fd, 0);
|
105 |
|
|
|
106 |
|
|
/* If we failed the map, that means there's *no* free space. */
|
107 |
|
|
if (addr == (void *) MAP_FAILED)
|
108 |
|
|
return NULL;
|
109 |
|
|
/* Unmap the area before returning. */
|
110 |
|
|
munmap (addr, size);
|
111 |
|
|
|
112 |
|
|
/* If we got the exact area we requested, then that's great. */
|
113 |
|
|
if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE)
|
114 |
|
|
return addr;
|
115 |
|
|
|
116 |
|
|
/* If we didn't, then we need to look to see if virtual address
|
117 |
|
|
randomization is on. That is recorded in
|
118 |
|
|
kernel.randomize_va_space. An older implementation used
|
119 |
|
|
kernel.exec-shield-randomize. */
|
120 |
|
|
f = fopen ("/proc/sys/kernel/randomize_va_space", "r");
|
121 |
|
|
if (f == NULL)
|
122 |
|
|
f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r");
|
123 |
|
|
randomize_on = false;
|
124 |
|
|
if (f != NULL)
|
125 |
|
|
{
|
126 |
|
|
char buf[100];
|
127 |
|
|
size_t c;
|
128 |
|
|
|
129 |
|
|
c = fread (buf, 1, sizeof buf - 1, f);
|
130 |
|
|
if (c > 0)
|
131 |
|
|
{
|
132 |
|
|
buf[c] = '\0';
|
133 |
|
|
randomize_on = (atoi (buf) > 0);
|
134 |
|
|
}
|
135 |
|
|
fclose (f);
|
136 |
|
|
}
|
137 |
|
|
|
138 |
|
|
/* If it isn't, then accept the address that mmap selected as fine. */
|
139 |
|
|
if (!randomize_on)
|
140 |
|
|
return addr;
|
141 |
|
|
|
142 |
|
|
/* Otherwise, we need to try again with buffer space. */
|
143 |
|
|
buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0);
|
144 |
|
|
addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
|
145 |
|
|
if (buffer != (void *) MAP_FAILED)
|
146 |
|
|
munmap (buffer, buffer_size);
|
147 |
|
|
if (addr == (void *) MAP_FAILED)
|
148 |
|
|
return NULL;
|
149 |
|
|
munmap (addr, size);
|
150 |
|
|
|
151 |
|
|
return addr;
|
152 |
|
|
}
|
153 |
|
|
|
154 |
|
|
/* Map SIZE bytes of FD+OFFSET at BASE. Return 1 if we succeeded at
|
155 |
|
|
mapping the data at BASE, -1 if we couldn't.
|
156 |
|
|
|
157 |
|
|
It's not possibly to reliably mmap a file using MAP_PRIVATE to
|
158 |
|
|
a specific START address on either hpux or linux. First we see
|
159 |
|
|
if mmap with MAP_PRIVATE works. If it does, we are off to the
|
160 |
|
|
races. If it doesn't, we try an anonymous private mmap since the
|
161 |
|
|
kernel is more likely to honor the BASE address in anonymous maps.
|
162 |
|
|
We then copy the data to the anonymous private map. This assumes
|
163 |
|
|
of course that we don't need to change the data in the PCH file
|
164 |
|
|
after it is created.
|
165 |
|
|
|
166 |
|
|
This approach obviously causes a performance penalty but there is
|
167 |
|
|
little else we can do given the current PCH implementation. */
|
168 |
|
|
|
169 |
|
|
static int
|
170 |
|
|
linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset)
|
171 |
|
|
{
|
172 |
|
|
void *addr;
|
173 |
|
|
|
174 |
|
|
/* We're called with size == 0 if we're not planning to load a PCH
|
175 |
|
|
file at all. This allows the hook to free any static space that
|
176 |
|
|
we might have allocated at link time. */
|
177 |
|
|
if (size == 0)
|
178 |
|
|
return -1;
|
179 |
|
|
|
180 |
|
|
/* Try to map the file with MAP_PRIVATE. */
|
181 |
|
|
addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset);
|
182 |
|
|
|
183 |
|
|
if (addr == base)
|
184 |
|
|
return 1;
|
185 |
|
|
|
186 |
|
|
if (addr != (void *) MAP_FAILED)
|
187 |
|
|
munmap (addr, size);
|
188 |
|
|
|
189 |
|
|
/* Try to make an anonymous private mmap at the desired location. */
|
190 |
|
|
addr = mmap (base, size, PROT_READ | PROT_WRITE,
|
191 |
|
|
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
|
192 |
|
|
|
193 |
|
|
if (addr != base)
|
194 |
|
|
{
|
195 |
|
|
if (addr != (void *) MAP_FAILED)
|
196 |
|
|
munmap (addr, size);
|
197 |
|
|
return -1;
|
198 |
|
|
}
|
199 |
|
|
|
200 |
|
|
if (lseek (fd, offset, SEEK_SET) == (off_t)-1)
|
201 |
|
|
return -1;
|
202 |
|
|
|
203 |
|
|
while (size)
|
204 |
|
|
{
|
205 |
|
|
ssize_t nbytes;
|
206 |
|
|
|
207 |
|
|
nbytes = read (fd, base, MIN (size, SSIZE_MAX));
|
208 |
|
|
if (nbytes <= 0)
|
209 |
|
|
return -1;
|
210 |
|
|
base = (char *) base + nbytes;
|
211 |
|
|
size -= nbytes;
|
212 |
|
|
}
|
213 |
|
|
|
214 |
|
|
return 1;
|
215 |
|
|
}
|
216 |
|
|
|
217 |
|
|
|
218 |
|
|
const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER;
|