1 /* Linux host-specific hook definitions.
2 Copyright (C) 2004-2022 Free Software Foundation, Inc.
3
4 This file is part of GCC.
5
6 GCC is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published
8 by the Free Software Foundation; either version 3, or (at your
9 option) any later version.
10
11 GCC is distributed in the hope that it will be useful, but WITHOUT
12 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
14 License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GCC; see the file COPYING3. If not see
18 <http://www.gnu.org/licenses/>. */
19
20 #include "config.h"
21 #include "system.h"
22 #include "coretypes.h"
23 #include "hosthooks.h"
24 #include "hosthooks-def.h"
25
26
27 /* Linux has a feature called exec-shield-randomize that perturbs the
28 address of non-fixed mapped segments by a (relatively) small amount.
29 The feature is intended to make it harder to attack the system with
30 buffer overflow attacks, since every invocation of a program will
31 have its libraries and data segments at slightly different addresses.
32
33 This feature causes us problems with PCH because it makes it that
34 much harder to acquire a stable location at which to map our PCH
35 data file.
36
37 [ The feature causes other points of non-determinism within the
38 compiler as well, so we'd *really* like to be able to have the
39 driver disable exec-shield-randomize for the process group, but
40 that isn't possible at present. ]
41
42 We're going to try several things:
43
44 * Select an architecture specific address as "likely" and see
45 if that's free. For our 64-bit hosts, we can easily choose
46 an address in Never Never Land.
47
48 * If exec-shield-randomize is disabled, then just use the
49 address chosen by mmap in step one.
50
51 * If exec-shield-randomize is enabled, then temporarily allocate
52 32M of memory as a buffer, then allocate PCH memory, then
53 free the buffer. The theory here is that the perturbation is
54 no more than 16M, and so by allocating our buffer larger than
55 that we make it considerably more likely that the address will
56 be free when we want to load the data back.
57 */
58
59 #undef HOST_HOOKS_GT_PCH_GET_ADDRESS
60 #define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address
61
62 #undef HOST_HOOKS_GT_PCH_USE_ADDRESS
63 #define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address
64
65 /* For various ports, try to guess a fixed spot in the vm space
66 that's probably free. */
67 #if defined(__alpha)
68 # define TRY_EMPTY_VM_SPACE 0x10000000000
69 #elif defined(__ia64)
70 # define TRY_EMPTY_VM_SPACE 0x2000000100000000
71 #elif defined(__x86_64) && defined(__LP64__)
72 # define TRY_EMPTY_VM_SPACE 0x1000000000
73 #elif defined(__x86_64)
74 # define TRY_EMPTY_VM_SPACE 0x60000000
75 #elif defined(__i386)
76 # define TRY_EMPTY_VM_SPACE 0x60000000
77 #elif defined(__powerpc__)
78 # define TRY_EMPTY_VM_SPACE 0x60000000
79 #elif defined(__s390x__)
80 # define TRY_EMPTY_VM_SPACE 0x8000000000
81 #elif defined(__s390__)
82 # define TRY_EMPTY_VM_SPACE 0x60000000
83 #elif defined(__sparc__) && defined(__LP64__)
84 # define TRY_EMPTY_VM_SPACE 0x8000000000
85 #elif defined(__sparc__)
86 # define TRY_EMPTY_VM_SPACE 0x60000000
87 #elif defined(__mc68000__)
88 # define TRY_EMPTY_VM_SPACE 0x40000000
89 #elif defined(__aarch64__) && defined(__ILP32__)
90 # define TRY_EMPTY_VM_SPACE 0x60000000
91 #elif defined(__aarch64__)
92 # define TRY_EMPTY_VM_SPACE 0x1000000000
93 #elif defined(__ARM_EABI__)
94 # define TRY_EMPTY_VM_SPACE 0x60000000
95 #elif defined(__mips__) && defined(__LP64__)
96 # define TRY_EMPTY_VM_SPACE 0x8000000000
97 #elif defined(__mips__)
98 # define TRY_EMPTY_VM_SPACE 0x60000000
99 #elif defined(__riscv) && defined (__LP64__)
100 # define TRY_EMPTY_VM_SPACE 0x1000000000
101 #elif defined(__loongarch__) && defined(__LP64__)
102 # define TRY_EMPTY_VM_SPACE 0x8000000000
103 #else
104 # define TRY_EMPTY_VM_SPACE 0
105 #endif
106
107 /* Determine a location where we might be able to reliably allocate SIZE
108 bytes. FD is the PCH file, though we should return with the file
109 unmapped. */
110
111 static void *
linux_gt_pch_get_address(size_t size,int fd)112 linux_gt_pch_get_address (size_t size, int fd)
113 {
114 size_t buffer_size = 32 * 1024 * 1024;
115 void *addr, *buffer;
116 FILE *f;
117 bool randomize_on;
118
119 addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE,
120 MAP_PRIVATE, fd, 0);
121
122 /* If we failed the map, that means there's *no* free space. */
123 if (addr == (void *) MAP_FAILED)
124 return NULL;
125 /* Unmap the area before returning. */
126 munmap (addr, size);
127
128 /* If we got the exact area we requested, then that's great. */
129 if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE)
130 return addr;
131
132 /* If we didn't, then we need to look to see if virtual address
133 randomization is on. That is recorded in
134 kernel.randomize_va_space. An older implementation used
135 kernel.exec-shield-randomize. */
136 f = fopen ("/proc/sys/kernel/randomize_va_space", "r");
137 if (f == NULL)
138 f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r");
139 randomize_on = false;
140 if (f != NULL)
141 {
142 char buf[100];
143 size_t c;
144
145 c = fread (buf, 1, sizeof buf - 1, f);
146 if (c > 0)
147 {
148 buf[c] = '\0';
149 randomize_on = (atoi (buf) > 0);
150 }
151 fclose (f);
152 }
153
154 /* If it isn't, then accept the address that mmap selected as fine. */
155 if (!randomize_on)
156 return addr;
157
158 /* Otherwise, we need to try again with buffer space. */
159 buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0);
160 addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
161 if (buffer != (void *) MAP_FAILED)
162 munmap (buffer, buffer_size);
163 if (addr == (void *) MAP_FAILED)
164 return NULL;
165 munmap (addr, size);
166
167 return addr;
168 }
169
170 /* Map SIZE bytes of FD+OFFSET at BASE. Return 1 if we succeeded at
171 mapping the data at BASE, -1 if we couldn't.
172
173 It's not possibly to reliably mmap a file using MAP_PRIVATE to
174 a specific START address on either hpux or linux. First we see
175 if mmap with MAP_PRIVATE works. If it does, we are off to the
176 races. If it doesn't, we try an anonymous private mmap since the
177 kernel is more likely to honor the BASE address in anonymous maps.
178 We then copy the data to the anonymous private map. This assumes
179 of course that we don't need to change the data in the PCH file
180 after it is created.
181
182 This approach obviously causes a performance penalty but there is
183 little else we can do given the current PCH implementation. */
184
185 static int
linux_gt_pch_use_address(void * & base,size_t size,int fd,size_t offset)186 linux_gt_pch_use_address (void *&base, size_t size, int fd, size_t offset)
187 {
188 void *addr;
189
190 /* We're called with size == 0 if we're not planning to load a PCH
191 file at all. This allows the hook to free any static space that
192 we might have allocated at link time. */
193 if (size == 0)
194 return -1;
195
196 /* Try to map the file with MAP_PRIVATE. */
197 addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset);
198
199 if (addr == base)
200 return 1;
201
202 if (addr != (void *) MAP_FAILED)
203 munmap (addr, size);
204
205 /* Try to make an anonymous private mmap at the desired location. */
206 addr = mmap (base, size, PROT_READ | PROT_WRITE,
207 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
208
209 if (addr == (void *) MAP_FAILED)
210 return -1;
211
212 if (lseek (fd, offset, SEEK_SET) == (off_t)-1)
213 return -1;
214
215 base = addr;
216
217 while (size)
218 {
219 ssize_t nbytes;
220
221 nbytes = read (fd, addr, MIN (size, (size_t)-1 >> 1));
222 if (nbytes <= 0)
223 return -1;
224 addr = (char *) addr + nbytes;
225 size -= nbytes;
226 }
227
228 return 1;
229 }
230
231
232 const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER;
233