host-linux.c revision 1.1 
1/* Linux host-specific hook definitions.
2   Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
3
4   This file is part of GCC.
5
6   GCC is free software; you can redistribute it and/or modify it
7   under the terms of the GNU General Public License as published
8   by the Free Software Foundation; either version 3, or (at your
9   option) any later version.
10
11   GCC is distributed in the hope that it will be useful, but WITHOUT
12   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13   or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
14   License for more details.
15
16   You should have received a copy of the GNU General Public License
17   along with GCC; see the file COPYING3.  If not see
18   <http://www.gnu.org/licenses/>.  */
19
20#include "config.h"
21#include "system.h"
22#include "coretypes.h"
23#include <sys/mman.h>
24#include <limits.h>
25#include "hosthooks.h"
26#include "hosthooks-def.h"
27
28
29/* Linux has a feature called exec-shield-randomize that perturbs the
30   address of non-fixed mapped segments by a (relatively) small amount.
31   The feature is intended to make it harder to attack the system with
32   buffer overflow attacks, since every invocation of a program will
33   have its libraries and data segments at slightly different addresses.
34
35   This feature causes us problems with PCH because it makes it that
36   much harder to acquire a stable location at which to map our PCH
37   data file.
38
39   [ The feature causes other points of non-determinism within the
40     compiler as well, so we'd *really* like to be able to have the
41     driver disable exec-shield-randomize for the process group, but
42     that isn't possible at present.  ]
43
44   We're going to try several things:
45
46      * Select an architecture specific address as "likely" and see
47	if that's free.  For our 64-bit hosts, we can easily choose
48	an address in Never Never Land.
49
50      * If exec-shield-randomize is disabled, then just use the
51	address chosen by mmap in step one.
52
53      * If exec-shield-randomize is enabled, then temporarily allocate
54	32M of memory as a buffer, then allocate PCH memory, then
55	free the buffer.  The theory here is that the perturbation is
56	no more than 16M, and so by allocating our buffer larger than
57	that we make it considerably more likely that the address will
58	be free when we want to load the data back.
59*/
60
61#undef HOST_HOOKS_GT_PCH_GET_ADDRESS
62#define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address
63
64#undef HOST_HOOKS_GT_PCH_USE_ADDRESS
65#define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address
66
67/* For various ports, try to guess a fixed spot in the vm space
68   that's probably free.  */
69#if defined(__alpha)
70# define TRY_EMPTY_VM_SPACE	0x10000000000
71#elif defined(__ia64)
72# define TRY_EMPTY_VM_SPACE	0x2000000100000000
73#elif defined(__x86_64)
74# define TRY_EMPTY_VM_SPACE	0x1000000000
75#elif defined(__i386)
76# define TRY_EMPTY_VM_SPACE	0x60000000
77#elif defined(__powerpc__)
78# define TRY_EMPTY_VM_SPACE	0x60000000
79#elif defined(__s390x__)
80# define TRY_EMPTY_VM_SPACE	0x8000000000
81#elif defined(__s390__)
82# define TRY_EMPTY_VM_SPACE	0x60000000
83#elif defined(__sparc__) && defined(__LP64__)
84# define TRY_EMPTY_VM_SPACE	0x8000000000
85#elif defined(__sparc__)
86# define TRY_EMPTY_VM_SPACE	0x60000000
87#elif defined(__mc68000__)
88# define TRY_EMPTY_VM_SPACE	0x40000000
89#else
90# define TRY_EMPTY_VM_SPACE	0
91#endif
92
93/* Determine a location where we might be able to reliably allocate SIZE
94   bytes.  FD is the PCH file, though we should return with the file
95   unmapped.  */
96
97static void *
98linux_gt_pch_get_address (size_t size, int fd)
99{
100  size_t buffer_size = 32 * 1024 * 1024;
101  void *addr, *buffer;
102  FILE *f;
103  bool randomize_on;
104
105  addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE,
106	       MAP_PRIVATE, fd, 0);
107
108  /* If we failed the map, that means there's *no* free space.  */
109  if (addr == (void *) MAP_FAILED)
110    return NULL;
111  /* Unmap the area before returning.  */
112  munmap (addr, size);
113
114  /* If we got the exact area we requested, then that's great.  */
115  if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE)
116    return addr;
117
118  /* If we didn't, then we need to look to see if virtual address
119     randomization is on.  That is recorded in
120     kernel.randomize_va_space.  An older implementation used
121     kernel.exec-shield-randomize.  */
122  f = fopen ("/proc/sys/kernel/randomize_va_space", "r");
123  if (f == NULL)
124    f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r");
125  randomize_on = false;
126  if (f != NULL)
127    {
128      char buf[100];
129      size_t c;
130
131      c = fread (buf, 1, sizeof buf - 1, f);
132      if (c > 0)
133	{
134	  buf[c] = '\0';
135	  randomize_on = (atoi (buf) > 0);
136	}
137      fclose (f);
138    }
139
140  /* If it isn't, then accept the address that mmap selected as fine.  */
141  if (!randomize_on)
142    return addr;
143
144  /* Otherwise, we need to try again with buffer space.  */
145  buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0);
146  addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
147  if (buffer != (void *) MAP_FAILED)
148    munmap (buffer, buffer_size);
149  if (addr == (void *) MAP_FAILED)
150    return NULL;
151  munmap (addr, size);
152
153  return addr;
154}
155
156/* Map SIZE bytes of FD+OFFSET at BASE.  Return 1 if we succeeded at
157   mapping the data at BASE, -1 if we couldn't.
158
159   It's not possibly to reliably mmap a file using MAP_PRIVATE to
160   a specific START address on either hpux or linux.  First we see
161   if mmap with MAP_PRIVATE works.  If it does, we are off to the
162   races.  If it doesn't, we try an anonymous private mmap since the
163   kernel is more likely to honor the BASE address in anonymous maps.
164   We then copy the data to the anonymous private map.  This assumes
165   of course that we don't need to change the data in the PCH file
166   after it is created.
167
168   This approach obviously causes a performance penalty but there is
169   little else we can do given the current PCH implementation.  */
170
171static int
172linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset)
173{
174  void *addr;
175
176  /* We're called with size == 0 if we're not planning to load a PCH
177     file at all.  This allows the hook to free any static space that
178     we might have allocated at link time.  */
179  if (size == 0)
180    return -1;
181
182  /* Try to map the file with MAP_PRIVATE.  */
183  addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset);
184
185  if (addr == base)
186    return 1;
187
188  if (addr != (void *) MAP_FAILED)
189    munmap (addr, size);
190
191  /* Try to make an anonymous private mmap at the desired location.  */
192  addr = mmap (base, size, PROT_READ | PROT_WRITE,
193	       MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
194
195  if (addr != base)
196    {
197      if (addr != (void *) MAP_FAILED)
198        munmap (addr, size);
199      return -1;
200    }
201
202  if (lseek (fd, offset, SEEK_SET) == (off_t)-1)
203    return -1;
204
205  while (size)
206    {
207      ssize_t nbytes;
208
209      nbytes = read (fd, base, MIN (size, SSIZE_MAX));
210      if (nbytes <= 0)
211        return -1;
212      base = (char *) base + nbytes;
213      size -= nbytes;
214    }
215
216  return 1;
217}
218
219
220const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER;
221