host-linux.c revision 161651
1313177Sgnn/* Linux host-specific hook definitions. 2313177Sgnn Copyright (C) 2004, 2005 Free Software Foundation, Inc. 3313177Sgnn 4313177Sgnn This file is part of GCC. 5313177Sgnn 6313177Sgnn GCC is free software; you can redistribute it and/or modify it 7313177Sgnn under the terms of the GNU General Public License as published 8313177Sgnn by the Free Software Foundation; either version 2, or (at your 9313177Sgnn option) any later version. 10313177Sgnn 11313177Sgnn GCC is distributed in the hope that it will be useful, but WITHOUT 12313177Sgnn ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13313177Sgnn or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public 14313177Sgnn License for more details. 15313177Sgnn 16313177Sgnn You should have received a copy of the GNU General Public License 17313177Sgnn along with GCC; see the file COPYING. If not, write to the 18313177Sgnn Free Software Foundation, 59 Temple Place - Suite 330, Boston, 19313177Sgnn MA 02111-1307, USA. */ 20313177Sgnn 21313177Sgnn#include "config.h" 22313177Sgnn#include "system.h" 23313177Sgnn#include "coretypes.h" 24313177Sgnn#include <sys/mman.h> 25313177Sgnn#include <limits.h> 26313177Sgnn#include "hosthooks.h" 27313177Sgnn#include "hosthooks-def.h" 28313177Sgnn 29313177Sgnn 30313177Sgnn/* Linux has a feature called exec-shield-randomize that perturbs the 31313177Sgnn address of non-fixed mapped segments by a (relatively) small amount. 32313177Sgnn The feature is intended to make it harder to attack the system with 33313177Sgnn buffer overflow attacks, since every invocation of a program will 34313177Sgnn have its libraries and data segments at slightly different addresses. 35313177Sgnn 36313177Sgnn This feature causes us problems with PCH because it makes it that 37313177Sgnn much harder to acquire a stable location at which to map our PCH 38313177Sgnn data file. 39313177Sgnn 40313177Sgnn [ The feature causes other points of non-determinism within the 41313177Sgnn compiler as well, so we'd *really* like to be able to have the 42313177Sgnn driver disable exec-shield-randomize for the process group, but 43313177Sgnn that isn't possible at present. ] 44313177Sgnn 45313177Sgnn We're going to try several things: 46313177Sgnn 47313177Sgnn * Select an architecture specific address as "likely" and see 48313177Sgnn if that's free. For our 64-bit hosts, we can easily choose 49313177Sgnn an address in Never Never Land. 50313177Sgnn 51313177Sgnn * If exec-shield-randomize is disabled, then just use the 52313177Sgnn address chosen by mmap in step one. 53313177Sgnn 54313177Sgnn * If exec-shield-randomize is enabled, then temporarily allocate 55313177Sgnn 32M of memory as a buffer, then allocate PCH memory, then 56313177Sgnn free the buffer. The theory here is that the perturbation is 57313177Sgnn no more than 16M, and so by allocating our buffer larger than 58313177Sgnn that we make it considerably more likely that the address will 59313177Sgnn be free when we want to load the data back. 60313177Sgnn*/ 61313177Sgnn 62313177Sgnn#undef HOST_HOOKS_GT_PCH_GET_ADDRESS 63313177Sgnn#define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address 64313177Sgnn 65313177Sgnn#undef HOST_HOOKS_GT_PCH_USE_ADDRESS 66313177Sgnn#define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address 67313177Sgnn 68313177Sgnn/* For various ports, try to guess a fixed spot in the vm space 69313177Sgnn that's probably free. */ 70313177Sgnn#if defined(__alpha) 71313177Sgnn# define TRY_EMPTY_VM_SPACE 0x10000000000 72313177Sgnn#elif defined(__ia64) 73313177Sgnn# define TRY_EMPTY_VM_SPACE 0x2000000100000000 74313177Sgnn#elif defined(__x86_64) 75313177Sgnn# define TRY_EMPTY_VM_SPACE 0x1000000000 76313177Sgnn#elif defined(__i386) 77313177Sgnn# define TRY_EMPTY_VM_SPACE 0x60000000 78313177Sgnn#elif defined(__powerpc__) 79313177Sgnn# define TRY_EMPTY_VM_SPACE 0x60000000 80313177Sgnn#elif defined(__s390x__) 81313177Sgnn# define TRY_EMPTY_VM_SPACE 0x8000000000 82313177Sgnn#elif defined(__s390__) 83313177Sgnn# define TRY_EMPTY_VM_SPACE 0x60000000 84313177Sgnn#elif defined(__sparc__) && defined(__LP64__) 85313177Sgnn# define TRY_EMPTY_VM_SPACE 0x8000000000 86313177Sgnn#elif defined(__sparc__) 87313177Sgnn# define TRY_EMPTY_VM_SPACE 0x60000000 88313177Sgnn#else 89313177Sgnn# define TRY_EMPTY_VM_SPACE 0 90#endif 91 92/* Determine a location where we might be able to reliably allocate SIZE 93 bytes. FD is the PCH file, though we should return with the file 94 unmapped. */ 95 96static void * 97linux_gt_pch_get_address (size_t size, int fd) 98{ 99 size_t buffer_size = 32 * 1024 * 1024; 100 void *addr, *buffer; 101 FILE *f; 102 bool randomize_on; 103 104 addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE, 105 MAP_PRIVATE, fd, 0); 106 107 /* If we failed the map, that means there's *no* free space. */ 108 if (addr == (void *) MAP_FAILED) 109 return NULL; 110 /* Unmap the area before returning. */ 111 munmap (addr, size); 112 113 /* If we got the exact area we requested, then that's great. */ 114 if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE) 115 return addr; 116 117 /* If we didn't, then we need to look to see if virtual address 118 randomization is on. That is recorded in 119 kernel.randomize_va_space. An older implementation used 120 kernel.exec-shield-randomize. */ 121 f = fopen ("/proc/sys/kernel/randomize_va_space", "r"); 122 if (f == NULL) 123 f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r"); 124 randomize_on = false; 125 if (f != NULL) 126 { 127 char buf[100]; 128 size_t c; 129 130 c = fread (buf, 1, sizeof buf - 1, f); 131 if (c > 0) 132 { 133 buf[c] = '\0'; 134 randomize_on = (atoi (buf) > 0); 135 } 136 fclose (f); 137 } 138 139 /* If it isn't, then accept the address that mmap selected as fine. */ 140 if (!randomize_on) 141 return addr; 142 143 /* Otherwise, we need to try again with buffer space. */ 144 buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0); 145 addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); 146 if (buffer != (void *) MAP_FAILED) 147 munmap (buffer, buffer_size); 148 if (addr == (void *) MAP_FAILED) 149 return NULL; 150 munmap (addr, size); 151 152 return addr; 153} 154 155/* Map SIZE bytes of FD+OFFSET at BASE. Return 1 if we succeeded at 156 mapping the data at BASE, -1 if we couldn't. 157 158 It's not possibly to reliably mmap a file using MAP_PRIVATE to 159 a specific START address on either hpux or linux. First we see 160 if mmap with MAP_PRIVATE works. If it does, we are off to the 161 races. If it doesn't, we try an anonymous private mmap since the 162 kernel is more likely to honor the BASE address in anonymous maps. 163 We then copy the data to the anonymous private map. This assumes 164 of course that we don't need to change the data in the PCH file 165 after it is created. 166 167 This approach obviously causes a performance penalty but there is 168 little else we can do given the current PCH implementation. */ 169 170static int 171linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset) 172{ 173 void *addr; 174 175 /* We're called with size == 0 if we're not planning to load a PCH 176 file at all. This allows the hook to free any static space that 177 we might have allocated at link time. */ 178 if (size == 0) 179 return -1; 180 181 /* Try to map the file with MAP_PRIVATE. */ 182 addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset); 183 184 if (addr == base) 185 return 1; 186 187 if (addr != (void *) MAP_FAILED) 188 munmap (addr, size); 189 190 /* Try to make an anonymous private mmap at the desired location. */ 191 addr = mmap (base, size, PROT_READ | PROT_WRITE, 192 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 193 194 if (addr != base) 195 { 196 if (addr != (void *) MAP_FAILED) 197 munmap (addr, size); 198 return -1; 199 } 200 201 if (lseek (fd, offset, SEEK_SET) == (off_t)-1) 202 return -1; 203 204 while (size) 205 { 206 ssize_t nbytes; 207 208 nbytes = read (fd, base, MIN (size, SSIZE_MAX)); 209 if (nbytes <= 0) 210 return -1; 211 base = (char *) base + nbytes; 212 size -= nbytes; 213 } 214 215 return 1; 216} 217 218 219const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER; 220