host-linux.c revision 1.11
1/* Linux host-specific hook definitions. 2 Copyright (C) 2004-2020 Free Software Foundation, Inc. 3 4 This file is part of GCC. 5 6 GCC is free software; you can redistribute it and/or modify it 7 under the terms of the GNU General Public License as published 8 by the Free Software Foundation; either version 3, or (at your 9 option) any later version. 10 11 GCC is distributed in the hope that it will be useful, but WITHOUT 12 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13 or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public 14 License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GCC; see the file COPYING3. If not see 18 <http://www.gnu.org/licenses/>. */ 19 20#include "config.h" 21#include "system.h" 22#include "coretypes.h" 23#include "hosthooks.h" 24#include "hosthooks-def.h" 25 26 27/* Linux has a feature called exec-shield-randomize that perturbs the 28 address of non-fixed mapped segments by a (relatively) small amount. 29 The feature is intended to make it harder to attack the system with 30 buffer overflow attacks, since every invocation of a program will 31 have its libraries and data segments at slightly different addresses. 32 33 This feature causes us problems with PCH because it makes it that 34 much harder to acquire a stable location at which to map our PCH 35 data file. 36 37 [ The feature causes other points of non-determinism within the 38 compiler as well, so we'd *really* like to be able to have the 39 driver disable exec-shield-randomize for the process group, but 40 that isn't possible at present. ] 41 42 We're going to try several things: 43 44 * Select an architecture specific address as "likely" and see 45 if that's free. For our 64-bit hosts, we can easily choose 46 an address in Never Never Land. 47 48 * If exec-shield-randomize is disabled, then just use the 49 address chosen by mmap in step one. 50 51 * If exec-shield-randomize is enabled, then temporarily allocate 52 32M of memory as a buffer, then allocate PCH memory, then 53 free the buffer. The theory here is that the perturbation is 54 no more than 16M, and so by allocating our buffer larger than 55 that we make it considerably more likely that the address will 56 be free when we want to load the data back. 57*/ 58 59#undef HOST_HOOKS_GT_PCH_GET_ADDRESS 60#define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address 61 62#undef HOST_HOOKS_GT_PCH_USE_ADDRESS 63#define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address 64 65/* For various ports, try to guess a fixed spot in the vm space 66 that's probably free. */ 67#if defined(__alpha) 68# define TRY_EMPTY_VM_SPACE 0x10000000000 69#elif defined(__ia64) 70# define TRY_EMPTY_VM_SPACE 0x2000000100000000 71#elif defined(__x86_64) && defined(__LP64__) 72# define TRY_EMPTY_VM_SPACE 0x1000000000 73#elif defined(__x86_64) 74# define TRY_EMPTY_VM_SPACE 0x60000000 75#elif defined(__i386) 76# define TRY_EMPTY_VM_SPACE 0x60000000 77#elif defined(__powerpc__) 78# define TRY_EMPTY_VM_SPACE 0x60000000 79#elif defined(__s390x__) 80# define TRY_EMPTY_VM_SPACE 0x8000000000 81#elif defined(__s390__) 82# define TRY_EMPTY_VM_SPACE 0x60000000 83#elif defined(__sparc__) && defined(__LP64__) 84# define TRY_EMPTY_VM_SPACE 0x8000000000 85#elif defined(__sparc__) 86# define TRY_EMPTY_VM_SPACE 0x60000000 87#elif defined(__mc68000__) 88# define TRY_EMPTY_VM_SPACE 0x40000000 89#elif defined(__aarch64__) && defined(__ILP32__) 90# define TRY_EMPTY_VM_SPACE 0x60000000 91#elif defined(__aarch64__) 92# define TRY_EMPTY_VM_SPACE 0x1000000000 93#elif defined(__ARM_EABI__) 94# define TRY_EMPTY_VM_SPACE 0x60000000 95#elif defined(__mips__) && defined(__LP64__) 96# define TRY_EMPTY_VM_SPACE 0x8000000000 97#elif defined(__mips__) 98# define TRY_EMPTY_VM_SPACE 0x60000000 99#elif defined(__riscv) && defined (__LP64__) 100# define TRY_EMPTY_VM_SPACE 0x1000000000 101#else 102# define TRY_EMPTY_VM_SPACE 0 103#endif 104 105/* Determine a location where we might be able to reliably allocate SIZE 106 bytes. FD is the PCH file, though we should return with the file 107 unmapped. */ 108 109static void * 110linux_gt_pch_get_address (size_t size, int fd) 111{ 112 size_t buffer_size = 32 * 1024 * 1024; 113 void *addr, *buffer; 114 FILE *f; 115 bool randomize_on; 116 117 addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE, 118 MAP_PRIVATE, fd, 0); 119 120 /* If we failed the map, that means there's *no* free space. */ 121 if (addr == (void *) MAP_FAILED) 122 return NULL; 123 /* Unmap the area before returning. */ 124 munmap (addr, size); 125 126 /* If we got the exact area we requested, then that's great. */ 127 if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE) 128 return addr; 129 130 /* If we didn't, then we need to look to see if virtual address 131 randomization is on. That is recorded in 132 kernel.randomize_va_space. An older implementation used 133 kernel.exec-shield-randomize. */ 134 f = fopen ("/proc/sys/kernel/randomize_va_space", "r"); 135 if (f == NULL) 136 f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r"); 137 randomize_on = false; 138 if (f != NULL) 139 { 140 char buf[100]; 141 size_t c; 142 143 c = fread (buf, 1, sizeof buf - 1, f); 144 if (c > 0) 145 { 146 buf[c] = '\0'; 147 randomize_on = (atoi (buf) > 0); 148 } 149 fclose (f); 150 } 151 152 /* If it isn't, then accept the address that mmap selected as fine. */ 153 if (!randomize_on) 154 return addr; 155 156 /* Otherwise, we need to try again with buffer space. */ 157 buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0); 158 addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); 159 if (buffer != (void *) MAP_FAILED) 160 munmap (buffer, buffer_size); 161 if (addr == (void *) MAP_FAILED) 162 return NULL; 163 munmap (addr, size); 164 165 return addr; 166} 167 168/* Map SIZE bytes of FD+OFFSET at BASE. Return 1 if we succeeded at 169 mapping the data at BASE, -1 if we couldn't. 170 171 It's not possibly to reliably mmap a file using MAP_PRIVATE to 172 a specific START address on either hpux or linux. First we see 173 if mmap with MAP_PRIVATE works. If it does, we are off to the 174 races. If it doesn't, we try an anonymous private mmap since the 175 kernel is more likely to honor the BASE address in anonymous maps. 176 We then copy the data to the anonymous private map. This assumes 177 of course that we don't need to change the data in the PCH file 178 after it is created. 179 180 This approach obviously causes a performance penalty but there is 181 little else we can do given the current PCH implementation. */ 182 183static int 184linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset) 185{ 186 void *addr; 187 188 /* We're called with size == 0 if we're not planning to load a PCH 189 file at all. This allows the hook to free any static space that 190 we might have allocated at link time. */ 191 if (size == 0) 192 return -1; 193 194 /* Try to map the file with MAP_PRIVATE. */ 195 addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset); 196 197 if (addr == base) 198 return 1; 199 200 if (addr != (void *) MAP_FAILED) 201 munmap (addr, size); 202 203 /* Try to make an anonymous private mmap at the desired location. */ 204 addr = mmap (base, size, PROT_READ | PROT_WRITE, 205 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 206 207 if (addr != base) 208 { 209 if (addr != (void *) MAP_FAILED) 210 munmap (addr, size); 211 return -1; 212 } 213 214 if (lseek (fd, offset, SEEK_SET) == (off_t)-1) 215 return -1; 216 217 while (size) 218 { 219 ssize_t nbytes; 220 221 nbytes = read (fd, base, MIN (size, (size_t)-1 >> 1)); 222 if (nbytes <= 0) 223 return -1; 224 base = (char *) base + nbytes; 225 size -= nbytes; 226 } 227 228 return 1; 229} 230 231 232const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER; 233