1/* Linux host-specific hook definitions.
2   Copyright (C) 2004, 2005 Free Software Foundation, Inc.
3
4   This file is part of GCC.
5
6   GCC is free software; you can redistribute it and/or modify it
7   under the terms of the GNU General Public License as published
8   by the Free Software Foundation; either version 2, or (at your
9   option) any later version.
10
11   GCC is distributed in the hope that it will be useful, but WITHOUT
12   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13   or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
14   License for more details.
15
16   You should have received a copy of the GNU General Public License
17   along with GCC; see the file COPYING.  If not, write to the
18   Free Software Foundation, 51 Franklin Street, Fifth Floor, Boston,
19   MA 02110-1301, USA.  */
20
21#include "config.h"
22#include "system.h"
23#include "coretypes.h"
24#include <sys/mman.h>
25#include <limits.h>
26#include "hosthooks.h"
27#include "hosthooks-def.h"
28
29
30/* Linux has a feature called exec-shield-randomize that perturbs the
31   address of non-fixed mapped segments by a (relatively) small amount.
32   The feature is intended to make it harder to attack the system with
33   buffer overflow attacks, since every invocation of a program will
34   have its libraries and data segments at slightly different addresses.
35
36   This feature causes us problems with PCH because it makes it that
37   much harder to acquire a stable location at which to map our PCH
38   data file.
39
40   [ The feature causes other points of non-determinism within the
41     compiler as well, so we'd *really* like to be able to have the
42     driver disable exec-shield-randomize for the process group, but
43     that isn't possible at present.  ]
44
45   We're going to try several things:
46
47      * Select an architecture specific address as "likely" and see
48	if that's free.  For our 64-bit hosts, we can easily choose
49	an address in Never Never Land.
50
51      * If exec-shield-randomize is disabled, then just use the
52	address chosen by mmap in step one.
53
54      * If exec-shield-randomize is enabled, then temporarily allocate
55	32M of memory as a buffer, then allocate PCH memory, then
56	free the buffer.  The theory here is that the perturbation is
57	no more than 16M, and so by allocating our buffer larger than
58	that we make it considerably more likely that the address will
59	be free when we want to load the data back.
60*/
61
62#undef HOST_HOOKS_GT_PCH_GET_ADDRESS
63#define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address
64
65#undef HOST_HOOKS_GT_PCH_USE_ADDRESS
66#define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address
67
68/* For various ports, try to guess a fixed spot in the vm space
69   that's probably free.  */
70#if defined(__alpha)
71# define TRY_EMPTY_VM_SPACE	0x10000000000
72#elif defined(__ia64)
73# define TRY_EMPTY_VM_SPACE	0x2000000100000000
74#elif defined(__x86_64)
75# define TRY_EMPTY_VM_SPACE	0x1000000000
76#elif defined(__i386)
77# define TRY_EMPTY_VM_SPACE	0x60000000
78#elif defined(__powerpc__)
79# define TRY_EMPTY_VM_SPACE	0x60000000
80#elif defined(__s390x__)
81# define TRY_EMPTY_VM_SPACE	0x8000000000
82#elif defined(__s390__)
83# define TRY_EMPTY_VM_SPACE	0x60000000
84#elif defined(__sparc__) && defined(__LP64__)
85# define TRY_EMPTY_VM_SPACE	0x8000000000
86#elif defined(__sparc__)
87# define TRY_EMPTY_VM_SPACE	0x60000000
88#else
89# define TRY_EMPTY_VM_SPACE	0
90#endif
91
92/* Determine a location where we might be able to reliably allocate SIZE
93   bytes.  FD is the PCH file, though we should return with the file
94   unmapped.  */
95
96static void *
97linux_gt_pch_get_address (size_t size, int fd)
98{
99  size_t buffer_size = 32 * 1024 * 1024;
100  void *addr, *buffer;
101  FILE *f;
102  bool randomize_on;
103
104  addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE,
105	       MAP_PRIVATE, fd, 0);
106
107  /* If we failed the map, that means there's *no* free space.  */
108  if (addr == (void *) MAP_FAILED)
109    return NULL;
110  /* Unmap the area before returning.  */
111  munmap (addr, size);
112
113  /* If we got the exact area we requested, then that's great.  */
114  if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE)
115    return addr;
116
117  /* If we didn't, then we need to look to see if virtual address
118     randomization is on.  That is recorded in
119     kernel.randomize_va_space.  An older implementation used
120     kernel.exec-shield-randomize.  */
121  f = fopen ("/proc/sys/kernel/randomize_va_space", "r");
122  if (f == NULL)
123    f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r");
124  randomize_on = false;
125  if (f != NULL)
126    {
127      char buf[100];
128      size_t c;
129
130      c = fread (buf, 1, sizeof buf - 1, f);
131      if (c > 0)
132	{
133	  buf[c] = '\0';
134	  randomize_on = (atoi (buf) > 0);
135	}
136      fclose (f);
137    }
138
139  /* If it isn't, then accept the address that mmap selected as fine.  */
140  if (!randomize_on)
141    return addr;
142
143  /* Otherwise, we need to try again with buffer space.  */
144  buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0);
145  addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
146  if (buffer != (void *) MAP_FAILED)
147    munmap (buffer, buffer_size);
148  if (addr == (void *) MAP_FAILED)
149    return NULL;
150  munmap (addr, size);
151
152  return addr;
153}
154
155/* Map SIZE bytes of FD+OFFSET at BASE.  Return 1 if we succeeded at
156   mapping the data at BASE, -1 if we couldn't.
157
158   It's not possibly to reliably mmap a file using MAP_PRIVATE to
159   a specific START address on either hpux or linux.  First we see
160   if mmap with MAP_PRIVATE works.  If it does, we are off to the
161   races.  If it doesn't, we try an anonymous private mmap since the
162   kernel is more likely to honor the BASE address in anonymous maps.
163   We then copy the data to the anonymous private map.  This assumes
164   of course that we don't need to change the data in the PCH file
165   after it is created.
166
167   This approach obviously causes a performance penalty but there is
168   little else we can do given the current PCH implementation.  */
169
170static int
171linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset)
172{
173  void *addr;
174
175  /* We're called with size == 0 if we're not planning to load a PCH
176     file at all.  This allows the hook to free any static space that
177     we might have allocated at link time.  */
178  if (size == 0)
179    return -1;
180
181  /* Try to map the file with MAP_PRIVATE.  */
182  addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset);
183
184  if (addr == base)
185    return 1;
186
187  if (addr != (void *) MAP_FAILED)
188    munmap (addr, size);
189
190  /* Try to make an anonymous private mmap at the desired location.  */
191  addr = mmap (base, size, PROT_READ | PROT_WRITE,
192	       MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
193
194  if (addr != base)
195    {
196      if (addr != (void *) MAP_FAILED)
197        munmap (addr, size);
198      return -1;
199    }
200
201  if (lseek (fd, offset, SEEK_SET) == (off_t)-1)
202    return -1;
203
204  while (size)
205    {
206      ssize_t nbytes;
207
208      nbytes = read (fd, base, MIN (size, SSIZE_MAX));
209      if (nbytes <= 0)
210        return -1;
211      base = (char *) base + nbytes;
212      size -= nbytes;
213    }
214
215  return 1;
216}
217
218
219const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER;
220