This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: -fpatchable-function-entry should set SHF_WRITE and create one __patchable_function_entries per function
- From: Szabolcs Nagy <Szabolcs dot Nagy at arm dot com>
- To: Fangrui Song <i at maskray dot me>, "gcc at gcc dot gnu dot org" <gcc at gcc dot gnu dot org>
- Cc: nd <nd at arm dot com>, Martin Liška <mliska at suse dot cz>, Alexander Monakov <amonakov at ispras dot ru>, Torsten Duwe <duwe at suse dot de>, Maxim Kuvyrkov <maxim dot kuvyrkov at linaro dot org>, "nickc at redhat dot com" <nickc at redhat dot com>
- Date: Tue, 7 Jan 2020 10:31:54 +0000
- Subject: Re: -fpatchable-function-entry should set SHF_WRITE and create one __patchable_function_entries per function
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JWFtlyNnkNUPm+bMpRpd+675OpHOj2u12PYnpi1YXKs=; b=QzQ4L1EKT+9+VqJEJxwLiBxwyMsLXNiWPI1NcFg7qSNqzgmjvH829syTe+HTQ8W9NDo09D6nDo/DRW++TJcltqdrZ4irnP0WQvPA5dJcTeaDqLLuvq/zawo5W8jJSgS1IRaxZF7rRMPll/zctUkrZp/ht4jIWJbXPpbC3BVbKVxgN1+oVqTumjv6QRs04TJ9+wM650aSH8uxbclOrp1d923V7lbYmMU+ZIbQ6SUt0UXzYHK+0Npl2oUUJMy+JA+BNASsOklPRr+aJwPmDQRSkXSBTnNukbI6ySZDqsMgu6t3zgjqtQ9XLdwblRoyqNbURB/5a2lFhooCRTx4WIquWw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SUvIi0alC2Bbqiyg37ZIOPQA26oI5kBDBJl9yXaBAY0kseziTpzfNoBKIN9PEX6kP35XvDrccDI38lVBIZyhkoI7U4Z16ODhHPwYU8j5jNmBXM8BTFB1fJUH6OKMooMDyXLJot2LilUFO7HdDhAJgBCgLmar+pwssDS1uhl7UiXb5ee9pfSFhECZjQDFZ5i8jxcKWB4zwr5DlJOPjCTvKp1OkMVKKUcaqhtQ8rTIP8eorxlpMsQAKd94D9OEvV6BvflptuoZl5dtTDwdevmSBj9RbPqq1rE1Z/ZdSvpVQOeWePJzM8DtXXTIAD9bQ0TWP/AGRsxpFlVN+2uDwaCE6w==
- Original-authentication-results: spf=none (sender IP is ) smtp.mailfrom=Szabolcs dot Nagy at arm dot com;
- References: <20200107060629.z7lvo74ravoppg77@gmail.com> <20200107072555.rsvfb5jpbbho4hxb@gmail.com>
On 07/01/2020 07:25, Fangrui Song wrote:
> On 2020-01-06, Fangrui Song wrote:
>> The addresses of NOPs are collected in a section named __patchable_function_entries.
>> A __patchable_function_entries entry is relocated by a symbolic relocation (e.g. R_X86_64_64, R_AARCH64_ABS64, R_PPC64_ADDR64).
>> In -shared or -pie mode, the linker will create a dynamic relocation (non-preemptible: relative relocation (e.g. R_X86_64_RELATIVE);
>> preemptible: symbolic relocation (e.g. R_X86_64_64)).
>>
>> In either case, the section contents will be modified at runtime.
>> Thus, the section should have the SHF_WRITE flag to avoid text relocations (DF_TEXTREL).
pie/pic should either imply writable __patchable_function_entries,
or __patchable_function_entries should be documented to be offsets
from some base address in the module: the users of it have to modify
.text and do lowlevel hacks so they should be able to handle such
arithmetics.
i think it's worth opening a gcc bug report.
>> When -ffunction-sections is used, ideally GCC should emit one __patchable_function_entries (SHF_LINK_ORDER) per .text.foo .
>> If the corresponding .text.foo is discarded (--gc-sections, COMDAT, /DISCARD/), the linker can discard the associated
>> __patchable_function_entries. This can be seen as a lightweight COMDAT section group. (A section group adds an extra section and costs 3 words)
>> Currently lld (LLVM linker) has implemented such SHF_LINK_ORDER collecting features. GNU ld and gold don't have the features.
>>
>> I have summarized the feature requests in this post https://sourceware.org/ml/binutils/2019-11/msg00266.html
>>
>> gcc -fpatchable-function-entry=2 -ffunction-sections -c a.c
>>
>> [ 4] .text.f0 PROGBITS 0000000000000000 000040 000009 00 AX 0 0 1
>> ### No W flag
>> ### One __patchable_function_entries instead of 3.
>> [ 5] __patchable_function_entries PROGBITS 0000000000000000 000049 000018 00 A 0 0 1
>> [ 6] .rela__patchable_function_entries RELA 0000000000000000 000280 000048 18 I 13 5 8
>> [ 7] .text.f1 PROGBITS 0000000000000000 000061 000009 00 AX 0 0 1
>> [ 8] .text.f2 PROGBITS 0000000000000000 00006a 000009 00 AX 0 0 1
>
> Emitting a __patchable_function_entries for each function may waste
> object file sizes (64 bytes per function on ELF64). If zeros are
> allowed, emitting a single __patchable_function_entries should be fine.
>
> If we do want to emit unique sections, the condition should be either
> -ffunction-sections or COMDAT is used.
again it's worth raising a gcc bug i think.
there is another known issue: aarch64 -mbranch-protect=bti
(and presumably x86_64 -fcf-protection=branch) has to add
landing pad at the begining of each indirectly called function
so the patchable nops can only come after that.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92424
no matter how this gets resolved i think this will require
documentation changes too.