1 /* Linux host-specific hook definitions. 2 Copyright (C) 2004-2013 Free Software Foundation, Inc. 3 4 This file is part of GCC. 5 6 GCC is free software; you can redistribute it and/or modify it 7 under the terms of the GNU General Public License as published 8 by the Free Software Foundation; either version 3, or (at your 9 option) any later version. 10 11 GCC is distributed in the hope that it will be useful, but WITHOUT 12 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 13 or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public 14 License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GCC; see the file COPYING3. If not see 18 <http://www.gnu.org/licenses/>. */ 19 20 #include "config.h" 21 #include "system.h" 22 #include "coretypes.h" 23 #include "hosthooks.h" 24 #include "hosthooks-def.h" 25 26 27 /* Linux has a feature called exec-shield-randomize that perturbs the 28 address of non-fixed mapped segments by a (relatively) small amount. 29 The feature is intended to make it harder to attack the system with 30 buffer overflow attacks, since every invocation of a program will 31 have its libraries and data segments at slightly different addresses. 32 33 This feature causes us problems with PCH because it makes it that 34 much harder to acquire a stable location at which to map our PCH 35 data file. 36 37 [ The feature causes other points of non-determinism within the 38 compiler as well, so we'd *really* like to be able to have the 39 driver disable exec-shield-randomize for the process group, but 40 that isn't possible at present. ] 41 42 We're going to try several things: 43 44 * Select an architecture specific address as "likely" and see 45 if that's free. For our 64-bit hosts, we can easily choose 46 an address in Never Never Land. 47 48 * If exec-shield-randomize is disabled, then just use the 49 address chosen by mmap in step one. 50 51 * If exec-shield-randomize is enabled, then temporarily allocate 52 32M of memory as a buffer, then allocate PCH memory, then 53 free the buffer. The theory here is that the perturbation is 54 no more than 16M, and so by allocating our buffer larger than 55 that we make it considerably more likely that the address will 56 be free when we want to load the data back. 57 */ 58 59 #undef HOST_HOOKS_GT_PCH_GET_ADDRESS 60 #define HOST_HOOKS_GT_PCH_GET_ADDRESS linux_gt_pch_get_address 61 62 #undef HOST_HOOKS_GT_PCH_USE_ADDRESS 63 #define HOST_HOOKS_GT_PCH_USE_ADDRESS linux_gt_pch_use_address 64 65 /* For various ports, try to guess a fixed spot in the vm space 66 that's probably free. */ 67 #if defined(__alpha) 68 # define TRY_EMPTY_VM_SPACE 0x10000000000 69 #elif defined(__ia64) 70 # define TRY_EMPTY_VM_SPACE 0x2000000100000000 71 #elif defined(__x86_64) && defined(__LP64__) 72 # define TRY_EMPTY_VM_SPACE 0x1000000000 73 #elif defined(__x86_64) 74 # define TRY_EMPTY_VM_SPACE 0x60000000 75 #elif defined(__i386) 76 # define TRY_EMPTY_VM_SPACE 0x60000000 77 #elif defined(__powerpc__) 78 # define TRY_EMPTY_VM_SPACE 0x60000000 79 #elif defined(__s390x__) 80 # define TRY_EMPTY_VM_SPACE 0x8000000000 81 #elif defined(__s390__) 82 # define TRY_EMPTY_VM_SPACE 0x60000000 83 #elif defined(__sparc__) && defined(__LP64__) 84 # define TRY_EMPTY_VM_SPACE 0x8000000000 85 #elif defined(__sparc__) 86 # define TRY_EMPTY_VM_SPACE 0x60000000 87 #elif defined(__mc68000__) 88 # define TRY_EMPTY_VM_SPACE 0x40000000 89 #elif defined(__ARM_EABI__) 90 # define TRY_EMPTY_VM_SPACE 0x60000000 91 #elif defined(__mips__) && defined(__LP64__) 92 # define TRY_EMPTY_VM_SPACE 0x8000000000 93 #elif defined(__mips__) 94 # define TRY_EMPTY_VM_SPACE 0x60000000 95 #else 96 # define TRY_EMPTY_VM_SPACE 0 97 #endif 98 99 /* Determine a location where we might be able to reliably allocate SIZE 100 bytes. FD is the PCH file, though we should return with the file 101 unmapped. */ 102 103 static void * 104 linux_gt_pch_get_address (size_t size, int fd) 105 { 106 size_t buffer_size = 32 * 1024 * 1024; 107 void *addr, *buffer; 108 FILE *f; 109 bool randomize_on; 110 111 addr = mmap ((void *)TRY_EMPTY_VM_SPACE, size, PROT_READ | PROT_WRITE, 112 MAP_PRIVATE, fd, 0); 113 114 /* If we failed the map, that means there's *no* free space. */ 115 if (addr == (void *) MAP_FAILED) 116 return NULL; 117 /* Unmap the area before returning. */ 118 munmap (addr, size); 119 120 /* If we got the exact area we requested, then that's great. */ 121 if (TRY_EMPTY_VM_SPACE && addr == (void *) TRY_EMPTY_VM_SPACE) 122 return addr; 123 124 /* If we didn't, then we need to look to see if virtual address 125 randomization is on. That is recorded in 126 kernel.randomize_va_space. An older implementation used 127 kernel.exec-shield-randomize. */ 128 f = fopen ("/proc/sys/kernel/randomize_va_space", "r"); 129 if (f == NULL) 130 f = fopen ("/proc/sys/kernel/exec-shield-randomize", "r"); 131 randomize_on = false; 132 if (f != NULL) 133 { 134 char buf[100]; 135 size_t c; 136 137 c = fread (buf, 1, sizeof buf - 1, f); 138 if (c > 0) 139 { 140 buf[c] = '\0'; 141 randomize_on = (atoi (buf) > 0); 142 } 143 fclose (f); 144 } 145 146 /* If it isn't, then accept the address that mmap selected as fine. */ 147 if (!randomize_on) 148 return addr; 149 150 /* Otherwise, we need to try again with buffer space. */ 151 buffer = mmap (0, buffer_size, PROT_NONE, MAP_PRIVATE | MAP_ANON, -1, 0); 152 addr = mmap (0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); 153 if (buffer != (void *) MAP_FAILED) 154 munmap (buffer, buffer_size); 155 if (addr == (void *) MAP_FAILED) 156 return NULL; 157 munmap (addr, size); 158 159 return addr; 160 } 161 162 /* Map SIZE bytes of FD+OFFSET at BASE. Return 1 if we succeeded at 163 mapping the data at BASE, -1 if we couldn't. 164 165 It's not possibly to reliably mmap a file using MAP_PRIVATE to 166 a specific START address on either hpux or linux. First we see 167 if mmap with MAP_PRIVATE works. If it does, we are off to the 168 races. If it doesn't, we try an anonymous private mmap since the 169 kernel is more likely to honor the BASE address in anonymous maps. 170 We then copy the data to the anonymous private map. This assumes 171 of course that we don't need to change the data in the PCH file 172 after it is created. 173 174 This approach obviously causes a performance penalty but there is 175 little else we can do given the current PCH implementation. */ 176 177 static int 178 linux_gt_pch_use_address (void *base, size_t size, int fd, size_t offset) 179 { 180 void *addr; 181 182 /* We're called with size == 0 if we're not planning to load a PCH 183 file at all. This allows the hook to free any static space that 184 we might have allocated at link time. */ 185 if (size == 0) 186 return -1; 187 188 /* Try to map the file with MAP_PRIVATE. */ 189 addr = mmap (base, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, offset); 190 191 if (addr == base) 192 return 1; 193 194 if (addr != (void *) MAP_FAILED) 195 munmap (addr, size); 196 197 /* Try to make an anonymous private mmap at the desired location. */ 198 addr = mmap (base, size, PROT_READ | PROT_WRITE, 199 MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); 200 201 if (addr != base) 202 { 203 if (addr != (void *) MAP_FAILED) 204 munmap (addr, size); 205 return -1; 206 } 207 208 if (lseek (fd, offset, SEEK_SET) == (off_t)-1) 209 return -1; 210 211 while (size) 212 { 213 ssize_t nbytes; 214 215 nbytes = read (fd, base, MIN (size, SSIZE_MAX)); 216 if (nbytes <= 0) 217 return -1; 218 base = (char *) base + nbytes; 219 size -= nbytes; 220 } 221 222 return 1; 223 } 224 225 226 const struct host_hooks host_hooks = HOST_HOOKS_INITIALIZER; 227