1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-25 00:12:08 +00:00
Commit graph

99 commits

Author SHA1 Message Date
Idan Horowitz
fbeef409c6 DynamicLoader: Stop performing relative relocations on non-pie objects
Co-authored-by: Daniel Bertalan <dani@danielbertalan.dev>
2022-07-10 14:24:34 +02:00
Idan Horowitz
753844ec96 LibELF: Take TLS segment alignment into account in DynamicLoader
Previously we would just tightly pack the different libraries' TLS
segments together, but that is incorrect, as they might require some
kind of minimum alignment for their TLS base address.

We now plumb the required TLS segment alignment down to the TLS block
linear allocator and align the base address down to the appropriate
alignment.
2022-07-05 11:26:10 +02:00
Tim Schumacher
e2036ca2ca LibELF: Store the full file path in DynamicObject
Otherwise, our `dirname` call on the parent object will always be empty
when trying to resolve dependencies.
2022-06-30 11:57:10 +02:00
Tim Schumacher
6732fec8b8 LibELF: Warn on self-dlopening libraries while initializing 2022-06-24 11:28:05 +01:00
Tim Schumacher
082a7baa3b LibELF: Check if initializers ran instead of trusting s_global_objects
The original heuristic of "a library being in `s_global_objects` means
that it was fully initialized already" doesn't hold up anymore since we
changed the loading order. This was causing us to skip parts of the
initialization of dependency libraries when running dlopen (since it was
the only user of that setting).

Instead, set a flag after we run stage 4 (which is the "run the global
initializers" stage) and check that flag when determining unfinished
dependencies. This entirely replaces the `skip_global_objects` logic.
2022-06-24 11:28:05 +01:00
Tim Schumacher
d2b87419ac LibELF: Only collect region sizes before reserving memory
This keeps us from needlessly allocating storage via `malloc` as part
of the `Vector`s that early, which we might conflict on while reserving
memory for the main executable.
2022-06-21 22:38:15 +01:00
Tim Schumacher
c0b31796a8 LibELF: Unmap the source file temporarily while reserving space
This further reduces the chance that we will conflict with data that is
already present at the target location.
2022-06-21 22:38:15 +01:00
Tim Schumacher
c1d8612eb5 LibELF: Store DynamicLoader ELF images using an OwnPtr
This is preparation work for the next commit, where we will replace the
stored ELF image mid-load.
2022-06-21 22:38:15 +01:00
Tim Schumacher
89da0f2da5 LibELF: Name library maps with the full file path 2022-05-07 20:02:00 +02:00
Daniel Bertalan
7aca408993 LibELF: Fail gracefully when IFUNC resolver's object has textrels
.text sections of objects that contain textrels have to be writable
during the relocation procedure. Because of this, we would segfault if
we tried to execute IFUNC resolvers defined in them. Let's print a
meaningful error message instead.

Additionally, a warning is now printed when we load objects with
textrels, as in the future, additional security mitigations might
interfere with them being loaded.
2022-05-01 12:42:01 +02:00
Daniel Bertalan
08c459e495 LibELF: Add support for IFUNCs
IFUNC is a GNU extension to the ELF standard that allows a function to
have multiple implementations. A resolver function has to be called at
load time to choose the right one to use. The PLT will contain the entry
to the resolved function, so branching and more indirect jumps can be
avoided at run-time.

This mechanism is usually used when a routine can be made faster using
CPU features that are available in only some models, and a fallback
implementation has to exist for others.

We will use this feature to have two separate memset implementations for
CPUs with and without ERMS (Enhanced REP MOVSB/STOSB) support.
2022-05-01 12:42:01 +02:00
Daniel Bertalan
ed5f110b40 LibELF: Perform .relr.dyn relocations before .rel.dyn
IFUNC resolvers depend on the resolved function's address having been
relocated by the time they are called. This means that relative
relocations have to be done first.

The linker is kind enough to put R_*_RELATIVE before R_*_IRELATIVE in
.rel.dyn, but .relr.dyn contains relative relocations too.
2022-05-01 12:42:01 +02:00
Idan Horowitz
086969277e Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
Brian Gianforcaro
7d667b9f69 LibELF: Remove unused m_program_interpreter member from DynamicLoader
While profiling I realized that this member is unused, so the
StringBuilder and String allocation are completely un-necessary.
2022-03-31 10:18:07 +02:00
Daniel Bertalan
3974cac148 LibELF: Implement support for DT_RELR relative relocations
The DT_RELR relocation is a relatively new relocation encoding designed
to achieve space-efficient relative relocations in PIE programs.

The description of the format is available here:
https://groups.google.com/g/generic-abi/c/bX460iggiKg/m/Pi9aSwwABgAJ

It works by using a bitmap to store the offsets which need to be
relocated. Even entries are *address* entries: they contain an address
(relative to the base of the executable) which needs to be relocated.
Subsequent even entries are *bitmap* entries: "1" bits encode offsets
(in word size increments) relative to the last address entry which need
to be relocated.

This is in contrast to the REL/RELA format, where each entry takes up
2/3 machine words. Certain kinds of relocations store useful data in
that space (like the name of the referenced symbol), so not everything
can be encoded in this format. But as position-independent executables
and shared libraries tend to have a lot of relative relocations, a
specialized encoding for them absolutely makes sense.

The authors of the format suggest an overall 5-20% reduction in the file
size of various programs. Due to our extensive use of dynamic linking
and us not stripping debug info, relative relocations don't make up such
a large portion of the binary's size, so the measurements will tend to
skew to the lower side of the spectrum.

The following measurements were made with the x86-64 Clang toolchain:

- The kernel contains 290989 relocations. Enabling RELR decreased its
  size from 30 MiB to 23 MiB.
- LibUnicodeData contains 190262 relocations, almost all of them
  relative. Its file size changed from 17 MiB to 13 MiB.
- /bin/WebContent contains 1300 relocations, 66% of which are relative
  relocations. With RELR, its size changed from 832 KiB to 812 KiB.

This change was inspired by the following blog post:
https://maskray.me/blog/2021-10-31-relative-relocations-and-relr
2022-02-11 18:07:53 +01:00
Andreas Kling
c482508aa1 LibELF: Use shared memory mapping when loading ELF objects
There's no reason to make a private read-only mapping just for reading
(and validating) the ELF headers, and copying out the data segments.
2022-01-15 19:51:15 +01:00
Idan Horowitz
cfb9f889ac LibELF: Accept Span instead of Pointer+Size in validate_program_headers 2022-01-13 22:40:25 +01:00
Idan Horowitz
3e959618c3 LibELF: Use StringBuilders instead of Strings for the interpreter path
This is required for the Kernel's usage of LibELF, since Strings do not
expose allocation failure.
2022-01-13 22:40:25 +01:00
Daniel Bertalan
d1ef8e63f7 LibELF: Use MAP_FIXED_NOREPLACE for address space reservation
This ensures that we don't corrupt our address space if a non-PIE
program's requested address space happens to coincide with memory we
already use.
2021-12-23 23:08:10 +01:00
Andreas Kling
b7ee0191ea LibELF: Name non-executable map regions ".rodata" instead of ".text" 2021-09-04 20:30:56 +02:00
Andreas Kling
9206efaabe LibELF: Don't copy read-only data sections
The dynamic loader was mistakenly assuming that there are only two types
of program load headers: text (RX) and data (RW).

Now that we're linking with `-z separate-code`, we will also get some
read-onlydata (R) segments. These can be memory-mapped directly without
making a private per-process copy.

To solve this, the code now instead separates the headers into map/copy
instead of text/data. Writable segments get copied, while non-writable
segments get memory-mapped. :^)
2021-09-01 01:36:18 +02:00
Andreas Kling
0819f0a3fd LibELF: Allow (but ignore) PT_LOAD headers with zero size
GNU ld sometimes generates zero-sized PT_LOAD headers when running with
the "-z separate-code" option. Let's not choke on such headers, we can
just ignore them and move along.
2021-08-31 16:46:16 +02:00
Gunnar Beutner
e4f0795ae4 LibELF+LibTest: Fix incorrect #ifdef 2021-08-12 08:16:07 +02:00
Daniel Bertalan
18b2484985 LibELF: Remove (FlatPtr)something.as_ptr() idiom
This is equivalent to `something.get()`, but more verbose.
2021-08-09 23:15:48 +02:00
Daniel Bertalan
e0e3198d51 LibELF: Fix 'applying offset produced null pointer' UBSAN failure
These integer => pointer => integer conversions were technically prone
to UB, since they were used as offsets (which are perfectly fine to be
zero), but we calculated them with pointer arithmetic. This made Clang
insert pointer overflow UBSAN checks, which trigger in case of a zero
result.
2021-08-09 23:15:48 +02:00
Gunnar Beutner
4cf24c6ba2 Userland: Prefer using ARCH() over __LP64__ 2021-07-13 23:19:33 +02:00
Gunnar Beutner
13a14b3112 LibELF: Fix loading libs with a .text segment that's not page-aligned
It's perfectly acceptable for the segment's vaddr to not be page aligned
as long as the segment itself is page-aligned. We'll just map a few more
bytes at the start of the segment that will be unused by the library.

We didn't notice this problem because because GCC either always uses
0 for the .text segment's vaddr or at least aligns the vaddr to the
page size.

LibELF would also fail to load really small libraries (i.e. smaller than
4096 bytes).
2021-07-07 11:53:17 +02:00
Gunnar Beutner
ea8ff03475 LibELF: Fix loading objects with a non-zero load base
My previous patch (1f93ffcd) broke loading objects whose first PT_LOAD
entry had a non-zero vaddr.

On top of that the calculations for the relro and dynamic section were
also incorrect.
2021-07-04 14:23:52 +02:00
Gunnar Beutner
371c852fc0 LibELF: Swap the arguments for negative_offset_from_tls_block_end
Now that m_tls_offset points to the start of the TLS block the argument
order makes more sense this way.
2021-07-04 01:07:28 +02:00
Gunnar Beutner
251eaad8f0 LibELF: Fix relocation support for 'static __thread' variables 2021-07-04 01:07:28 +02:00
Gunnar Beutner
5f6ee4c539 LibELF: Save the negative TLS offset in m_tls_offset
This makes it unnecessary to track the symbol size which just isn't
available for unexported symbols (e.g. for 'static __thread').
2021-07-04 01:07:28 +02:00
Gunnar Beutner
a0a38e1e84 LibELF: Implement TLS relocation support for x86_64 2021-07-04 01:07:28 +02:00
Gunnar Beutner
f9a8c6f053 LibELF: Implement support for RELA relocations 2021-07-01 10:50:00 +02:00
Gunnar Beutner
1f93ffcd72 LibELF: Simplify ELF load address calculations
These were unnecessarily complicated.
2021-07-01 10:50:00 +02:00
Gunnar Beutner
2dbd3f83c1 LibELF: Fix incorrect error message 2021-07-01 10:50:00 +02:00
Gunnar Beutner
d3127efc01 LibELF: Implement PLT relocations for x86_64 2021-06-29 20:03:36 +02:00
Gunnar Beutner
5afec84cc2 LibELF: Add stub for R_X86_64_TPOFF64 2021-06-29 20:03:36 +02:00
Gunnar Beutner
811f9d562d LibELF: Make sure the mmap() regions are large enough
Sometimes we'd end up requesting a smaller range for .text and .data
than was actually necessary.
2021-06-29 20:03:36 +02:00
Gunnar Beutner
0cb937416b Meta: Install 64-bit libgcc_s.so for x86_64 targets 2021-06-28 22:29:28 +02:00
Gunnar Beutner
158355e0d7 Kernel+LibELF: Add support for validating and loading ELF64 executables 2021-06-28 22:29:28 +02:00
Andrew Kaster
7b4dc590e7 AK+Userland: Use akaster@serenityos.org for my copyright headers 2021-05-30 14:35:34 +01:00
Nicholas Baron
aa4d41fe2c
AK+Kernel+LibELF: Remove the need for IteratorDecision::Continue
By constraining two implementations, the compiler will select the best
fitting one. All this will require is duplicating the implementation and
simplifying for the `void` case.

This constraining also informs both the caller and compiler by passing
the callback parameter types as part of the constraint
(e.g.: `IterationFunction<int>`).

Some `for_each` functions in LibELF only take functions which return
`void`. This is a minimal correctness check, as it removes one way for a
function to incompletely do something.

There seems to be a possible idiom where inside a lambda, a `return;` is
the same as `continue;` in a for-loop.
2021-05-16 10:36:52 +01:00
Gunnar Beutner
0ab37dbd03 LibELF: Propagate ELF image validation errors to the caller
With this fixed dlopen() no longer crashes when given an invalid
ELF image and instead returns an error code that can be retrieved
with dlerror().

Fixes #6995.
2021-05-10 21:27:11 +02:00
Gunnar Beutner
a050b43290 LibELF: Implement x86_64 relocation support
There are definitely some relocations missing and this is untested
for now.
2021-05-03 08:42:39 +02:00
Itamar
101ac45c1a LibELF: Change TLS offset calculation
This changes the TLS offset calculation logic to be based on the
symbol's size instead of the total size of the TLS.

Because of this change, we no longer need to pipe "m_tls_size" to so
many functions.

Also, After this patch, the TLS data of the main program exists at the
"end" of the TLS block (Highest addresses).

This fixes a part of #6609.
2021-04-30 18:47:39 +02:00
Itamar
6bbd2ebf83 Kernel+LibELF: Support initializing values of TLS data
Previously, TLS data was always zero-initialized.

To support initializing the values of TLS data, sys$allocate_tls now
receives a buffer with the desired initial data, and copies it to the
master TLS region of the process.

The DynamicLinker gathers the initial TLS image and passes it to
sys$allocate_tls.

We also now require the size passed to sys$allocate_tls to be
page-aligned, to make things easier. Note that this doesn't waste memory
as the TLS data has to be allocated in separate pages anyway.
2021-04-30 18:47:39 +02:00
Itamar
db76702d71 LibELF: Rename tls_size to tls_size_of_current_object 2021-04-30 18:47:39 +02:00
Itamar
1c24388d74 LibELF: Extract TLS offset calculation logic to separate function 2021-04-30 18:47:39 +02:00
Gunnar Beutner
f40ee1b03f LibC+LibELF: Implement more fully-features dlfcn functionality
This implements more of the dlfcn functionality. Most notably:

* It's now possible to dlopen() libraries which were already
  loaded at program startup time. This does not cause those
  libraries to be loaded twice.
* Errors are reported via dlerror() rather than by crashing
  the program.
* Calls to the dl*() functions are thread-safe.
2021-04-25 10:14:50 +02:00
Gunnar Beutner
f74b8a2d1f LibELF: Avoid calculating symbol hashes when we don't need them 2021-04-23 23:35:36 +02:00