* [PATCH v4 0/2] Implement indirect external access @ 2021-09-23 2:02 H.J. Lu 2021-09-23 2:02 ` [PATCH v4 1/2] Add -f[no-]direct-extern-access H.J. Lu ` (2 more replies) 0 siblings, 3 replies; 10+ messages in thread From: H.J. Lu @ 2021-09-23 2:02 UTC (permalink / raw) To: gcc-patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law Changes in the v4 patch. 1. Add nodirect_extern_access attribute. Changes in the v3 patch. 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to GNU binutils 2.38. But the -z indirect-extern-access linker option is only available for Linux/x86. However, the --max-cache-size=SIZE linker option was also addded within a day. --max-cache-size=SIZE is used to check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. Changes in the v2 patch. 1. Rename the option to -fdirect-extern-access. --- On systems with copy relocation: * A copy in executable is created for the definition in a shared library at run-time by ld.so. * The copy is referenced by executable and shared libraries. * Executable can access the copy directly. Issues are: * Overhead of a copy, time and space, may be visible at run-time. * Read-only data in the shared library becomes read-write copy in executable at run-time. * Local access to data with the STV_PROTECTED visibility in the shared library must use GOT. On systems without function descriptor, function pointers vary depending on where and how the functions are defined. * If the function is defined in executable, it can be the address of function body. * If the function, including the function with STV_PROTECTED visibility, is defined in the shared library, it can be the address of the PLT entry in executable or shared library. Issues are: * The address of function body may not be used as its function pointer. * ld.so needs to search loaded shared libraries for the function pointer of the function with STV_PROTECTED visibility. Here is a proposal to remove copy relocation and use canonical function pointer: 1. Accesses, including in PIE and non-PIE, to undefined symbols must use GOT. a. Linker may optimize out GOT access if the data is defined in PIE or non-PIE. 2. Read-only data in the shared library remain read-only at run-time 3. Address of global data with the STV_PROTECTED visibility in the shared library is the address of data body. a. Can use IP-relative access. b. May need GOT without IP-relative access. 4. For systems without function descriptor, a. All global function pointers of undefined functions in PIE and non-PIE must use GOT. Linker may optimize out GOT access if the function is defined in PIE or non-PIE. b. Function pointer of functions with the STV_PROTECTED visibility in executable and shared library is the address of function body. i. Can use IP-relative access. ii. May need GOT without IP-relative access. iii. Branches to undefined functions may use PLT. 5. Single global definition marker: Add GNU_PROPERTY_1_NEEDED: #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO to indicate the needed properties by the object file. Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) to indicate that the object file requires canonical function pointers and cannot be used with copy relocation. This bit should be cleared in executable when there are non-GOT or non-PLT relocations in relocatable input files without this bit set. a. Protected symbol access within the shared library can be treated as local. b. Copy relocation should be disallowed at link-time and run-time. c. GOT function pointer reference is required at link-time and run-time. The indirect external access marker can be used in the following ways: 1. Linker can decide the best way to resolve a relocation against a protected symbol before seeing all relocations against the symbol. 2. Dynamic linker can decide if it is an error to have a copy relocation in executable against the protected symbol in a shared library by checking if the shared library is built with -fno-direct-extern-access. Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is the default. With -fno-direct-extern-access: 1. Always to use GOT to access undefined symbols, including in PIE and non-PIE. This is safe to do and does not break the ABI. 2. In executable and shared library, for symbols with the STV_PROTECTED visibility: a. The address of data symbol is the address of data body. b. For systems without function descriptor, the function pointer is the address of function body. These break the ABI and resulting shared libraries may not be compatible with executables which are not compiled with -fno-direct-extern-access. 3. Generate an indirect external access marker in relocatable objects if supported by linker. H.J. Lu (2): Add -f[no-]direct-extern-access Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE gcc/c-family/c-attribs.c | 34 +++++++++++ gcc/common.opt | 4 ++ gcc/config.in | 7 +++ gcc/config/i386/gnu-property.c | 31 ---------- gcc/config/i386/i386-protos.h | 2 +- gcc/config/i386/i386.c | 64 ++++++++++++++++----- gcc/configure | 27 +++++++++ gcc/configure.ac | 23 ++++++++ gcc/doc/extend.texi | 6 ++ gcc/doc/invoke.texi | 13 +++++ gcc/doc/tm.texi | 5 ++ gcc/doc/tm.texi.in | 2 + gcc/output.h | 2 + gcc/target.def | 8 +++ gcc/testsuite/g++.dg/pr35513-1.C | 25 ++++++++ gcc/testsuite/g++.dg/pr35513-2.C | 53 +++++++++++++++++ gcc/testsuite/gcc.target/i386/pr35513-10a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-10b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-11a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-11b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-12a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-12b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-1a.c | 16 ++++++ gcc/testsuite/gcc.target/i386/pr35513-1b.c | 16 ++++++ gcc/testsuite/gcc.target/i386/pr35513-2a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-2b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-3a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-3b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-4a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-4b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-5a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-5b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-6a.c | 14 +++++ gcc/testsuite/gcc.target/i386/pr35513-6b.c | 14 +++++ gcc/testsuite/gcc.target/i386/pr35513-7a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-7b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-8.c | 41 +++++++++++++ gcc/testsuite/gcc.target/i386/pr35513-9a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-9b.c | 17 ++++++ gcc/toplev.c | 3 + gcc/varasm.c | 47 +++++++++++++++ 41 files changed, 697 insertions(+), 46 deletions(-) create mode 100644 gcc/testsuite/g++.dg/pr35513-1.C create mode 100644 gcc/testsuite/g++.dg/pr35513-2.C create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-10a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-10b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-11a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-11b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-12a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-12b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-1a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-1b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-2a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-2b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-3a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-3b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-4a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-4b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-5a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-5b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-6a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-6b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-7a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-7b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-8.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-9a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-9b.c -- 2.31.1 ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v4 1/2] Add -f[no-]direct-extern-access 2021-09-23 2:02 [PATCH v4 0/2] Implement indirect external access H.J. Lu @ 2021-09-23 2:02 ` H.J. Lu 2021-09-23 2:02 ` [PATCH v4 2/2] Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE H.J. Lu 2021-10-21 19:56 ` PING [PATCH v4 0/2] Implement indirect external access H.J. Lu 2 siblings, 0 replies; 10+ messages in thread From: H.J. Lu @ 2021-09-23 2:02 UTC (permalink / raw) To: gcc-patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law Add -f[no-]direct-extern-access and nodirect_extern_access attribute. -fdirect-extern-access is the default and always use GOT to access undefined data and function symbols with nodirect_extern_access attribute, including in PIE and non-PIE. With -fno-direct-extern-access: 1. Always use GOT to access undefined data and function symbols, including in PIE and non-PIE. These will avoid copy relocations in executables. This is compatible with existing executables and shared libraries. 2. In executable and shared library, bind symbols with the STV_PROTECTED visibility locally: a. The address of data symbol is the address of data body. b. For systems without function descriptor, the function pointer is the address of function body. c. The resulting shared libraries may not be incompatible with executables which have copy relocations on protected symbols or use executable PLT entries as function addresses for protected functions in shared libraries. 3. Update asm_preferred_eh_data_format to select PC relative EH encoding format with -fno-direct-extern-access to avoid copy relocation. 4. Add ix86_reloc_rw_mask for TARGET_ASM_RELOC_RW_MASK to avoid copy relocation with -fno-direct-extern-access. gcc/ PR target/35513 PR target/100593 * common.opt: Add -fdirect-extern-access. * config/i386/i386-protos.h (ix86_force_load_from_GOT_p): Add a bool argument. * config/i386/i386.c (ix86_force_load_from_GOT_p): Add a bool argument to indicate call operand. Force non-call load from GOT for -fno-direct-extern-access or nodirect_extern_access attribute. (legitimate_pic_address_disp_p): Avoid copy relocation in PIE for -fno-direct-extern-access or nodirect_extern_access attribute. (ix86_print_operand): Pass true to ix86_force_load_from_GOT_p for call operand. (asm_preferred_eh_data_format): Use PC-relative format for -fno-direct-extern-access to avoid copy relocation. Check ptr_mode instead of TARGET_64BIT when selecting DW_EH_PE_sdata4. (ix86_binds_local_p): Don't treat protected data as extern and avoid copy relocation on common symbol with -fno-direct-extern-access or nodirect_extern_access attribute. (ix86_reloc_rw_mask): New to avoid copy relocation for -fno-direct-extern-access. (TARGET_ASM_RELOC_RW_MASK): New. * doc/extend.texi: Document nodirect_extern_access attribute. * doc/invoke.texi: Document -f[no-]direct-extern-access. gcc/c-family/ PR target/35513 PR target/100593 * c-attribs.c (handle_nodirect_extern_access_attribute): New. (c_common_attribute_table): Add nodirect_extern_access. gcc/testsuite/ PR target/35513 PR target/100593 * g++.dg/pr35513-1.C: New file. * g++.dg/pr35513-2.C: Likewise. * gcc.target/i386/pr35513-1a.c: Likewise. * gcc.target/i386/pr35513-1b.c: Likewise. * gcc.target/i386/pr35513-2a.c: Likewise. * gcc.target/i386/pr35513-2b.c: Likewise. * gcc.target/i386/pr35513-3a.c: Likewise. * gcc.target/i386/pr35513-3b.c: Likewise. * gcc.target/i386/pr35513-4a.c: Likewise. * gcc.target/i386/pr35513-4b.c: Likewise. * gcc.target/i386/pr35513-5a.c: Likewise. * gcc.target/i386/pr35513-5b.c: Likewise. * gcc.target/i386/pr35513-6a.c: Likewise. * gcc.target/i386/pr35513-6b.c: Likewise. * gcc.target/i386/pr35513-7a.c: Likewise. * gcc.target/i386/pr35513-7b.c: Likewise. * gcc.target/i386/pr35513-8a.c: Likewise. * gcc.target/i386/pr35513-8b.c: Likewise. * gcc.target/i386/pr35513-9a.c: Likewise. * gcc.target/i386/pr35513-9b.c: Likewise. * gcc.target/i386/pr35513-10a.c: Likewise. * gcc.target/i386/pr35513-10b.c: Likewise. * gcc.target/i386/pr35513-11a.c: Likewise. * gcc.target/i386/pr35513-11b.c: Likewise. * gcc.target/i386/pr35513-12a.c: Likewise. * gcc.target/i386/pr35513-12b.c: Likewise. --- gcc/c-family/c-attribs.c | 34 +++++++++++ gcc/common.opt | 4 ++ gcc/config/i386/i386-protos.h | 2 +- gcc/config/i386/i386.c | 62 ++++++++++++++++----- gcc/doc/extend.texi | 6 ++ gcc/doc/invoke.texi | 13 +++++ gcc/testsuite/g++.dg/pr35513-1.C | 25 +++++++++ gcc/testsuite/g++.dg/pr35513-2.C | 53 ++++++++++++++++++ gcc/testsuite/gcc.target/i386/pr35513-10a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-10b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-11a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-11b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-12a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-12b.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-1a.c | 16 ++++++ gcc/testsuite/gcc.target/i386/pr35513-1b.c | 16 ++++++ gcc/testsuite/gcc.target/i386/pr35513-2a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-2b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-3a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-3b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-4a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-4b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-5a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-5b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-6a.c | 14 +++++ gcc/testsuite/gcc.target/i386/pr35513-6b.c | 14 +++++ gcc/testsuite/gcc.target/i386/pr35513-7a.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-7b.c | 15 +++++ gcc/testsuite/gcc.target/i386/pr35513-8.c | 41 ++++++++++++++ gcc/testsuite/gcc.target/i386/pr35513-9a.c | 17 ++++++ gcc/testsuite/gcc.target/i386/pr35513-9b.c | 17 ++++++ 31 files changed, 571 insertions(+), 15 deletions(-) create mode 100644 gcc/testsuite/g++.dg/pr35513-1.C create mode 100644 gcc/testsuite/g++.dg/pr35513-2.C create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-10a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-10b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-11a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-11b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-12a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-12b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-1a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-1b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-2a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-2b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-3a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-3b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-4a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-4b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-5a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-5b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-6a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-6b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-7a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-7b.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-8.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-9a.c create mode 100644 gcc/testsuite/gcc.target/i386/pr35513-9b.c diff --git a/gcc/c-family/c-attribs.c b/gcc/c-family/c-attribs.c index 007b928c54b..4f3bb72796d 100644 --- a/gcc/c-family/c-attribs.c +++ b/gcc/c-family/c-attribs.c @@ -86,6 +86,8 @@ static tree handle_used_attribute (tree *, tree, tree, int, bool *); static tree handle_uninitialized_attribute (tree *, tree, tree, int, bool *); static tree handle_externally_visible_attribute (tree *, tree, tree, int, bool *); +static tree handle_nodirect_extern_access_attribute (tree *, tree, tree, + int, bool *) ; static tree handle_no_reorder_attribute (tree *, tree, tree, int, bool *); static tree handle_const_attribute (tree *, tree, tree, int, bool *); @@ -340,6 +342,8 @@ const struct attribute_spec c_common_attribute_table[] = handle_retain_attribute, NULL }, { "externally_visible", 0, 0, true, false, false, false, handle_externally_visible_attribute, NULL }, + { "nodirect_extern_access", 0, 0, true, false, false, false, + handle_nodirect_extern_access_attribute, NULL }, { "no_reorder", 0, 0, true, false, false, false, handle_no_reorder_attribute, NULL }, /* The same comments as for noreturn attributes apply to const ones. */ @@ -1674,6 +1678,36 @@ handle_externally_visible_attribute (tree *pnode, tree name, return NULL_TREE; } +/* Handle a "nodirect_extern_access" attribute; arguments as in + struct attribute_spec.handler. */ + +static tree +handle_nodirect_extern_access_attribute (tree *pnode, tree name, + tree ARG_UNUSED (args), + int ARG_UNUSED (flags), + bool *no_add_attrs) +{ + tree node = *pnode; + + if (VAR_OR_FUNCTION_DECL_P (node)) + { + if ((!TREE_STATIC (node) && TREE_CODE (node) != FUNCTION_DECL + && !DECL_EXTERNAL (node)) || !TREE_PUBLIC (node)) + { + warning (OPT_Wattributes, + "%qE attribute have effect only on public objects", name); + *no_add_attrs = true; + } + } + else + { + warning (OPT_Wattributes, "%qE attribute ignored", name); + *no_add_attrs = true; + } + + return NULL_TREE; +} + /* Handle the "no_reorder" attribute. Arguments as in struct attribute_spec.handler. */ diff --git a/gcc/common.opt b/gcc/common.opt index b921f5e3b25..0d053f4a4dd 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -1432,6 +1432,10 @@ fdiagnostics-minimum-margin-width= Common Joined UInteger Var(diagnostics_minimum_margin_width) Init(6) Set minimum width of left margin of source code when showing source. +fdirect-extern-access +Common Var(flag_direct_extern_access) Init(1) Optimization +Do not use GOT to access external symbols. + fdisable- Common Joined RejectNegative Var(common_deferred_options) Defer -fdisable-[tree|rtl|ipa]-<pass>=range1+range2 Disable an optimization pass. diff --git a/gcc/config/i386/i386-protos.h b/gcc/config/i386/i386-protos.h index 708834ae832..bcd8dba4e12 100644 --- a/gcc/config/i386/i386-protos.h +++ b/gcc/config/i386/i386-protos.h @@ -79,7 +79,7 @@ extern bool ix86_expand_cmpstrn_or_cmpmem (rtx, rtx, rtx, rtx, rtx, bool); extern bool constant_address_p (rtx); extern bool legitimate_pic_operand_p (rtx); extern bool legitimate_pic_address_disp_p (rtx); -extern bool ix86_force_load_from_GOT_p (rtx); +extern bool ix86_force_load_from_GOT_p (rtx, bool = false); extern void print_reg (rtx, int, FILE*); extern void ix86_print_operand (FILE *, rtx, int); diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c index ba89e111d28..9ca1ef512a4 100644 --- a/gcc/config/i386/i386.c +++ b/gcc/config/i386/i386.c @@ -10434,13 +10434,17 @@ darwin_local_data_pic (rtx disp) } /* True if the function symbol operand X should be loaded from GOT. + If CALL_P is true, X is a call operand. + + NB: -fno-direct-extern-access doesn't force load from GOT for + call. NB: In 32-bit mode, only non-PIC is allowed in inline assembly statements, since a PIC register could not be available at the call site. */ bool -ix86_force_load_from_GOT_p (rtx x) +ix86_force_load_from_GOT_p (rtx x, bool call_p) { return ((TARGET_64BIT || (!flag_pic && HAVE_AS_IX86_GOT32X)) && !TARGET_PECOFF && !TARGET_MACHO @@ -10448,11 +10452,16 @@ ix86_force_load_from_GOT_p (rtx x) && ix86_cmodel != CM_LARGE && ix86_cmodel != CM_LARGE_PIC && GET_CODE (x) == SYMBOL_REF - && SYMBOL_REF_FUNCTION_P (x) - && (!flag_plt - || (SYMBOL_REF_DECL (x) - && lookup_attribute ("noplt", - DECL_ATTRIBUTES (SYMBOL_REF_DECL (x))))) + && ((!call_p + && (!flag_direct_extern_access + || (SYMBOL_REF_DECL (x) + && lookup_attribute ("nodirect_extern_access", + DECL_ATTRIBUTES (SYMBOL_REF_DECL (x)))))) + || (SYMBOL_REF_FUNCTION_P (x) + && (!flag_plt + || (SYMBOL_REF_DECL (x) + && lookup_attribute ("noplt", + DECL_ATTRIBUTES (SYMBOL_REF_DECL (x))))))) && !SYMBOL_REF_LOCAL_P (x)); } @@ -10724,7 +10733,11 @@ legitimate_pic_address_disp_p (rtx disp) } else if (!SYMBOL_REF_FAR_ADDR_P (op0) && (SYMBOL_REF_LOCAL_P (op0) - || (HAVE_LD_PIE_COPYRELOC + || ((flag_direct_extern_access + && !(SYMBOL_REF_DECL (op0) + && lookup_attribute ("nodirect_extern_access", + DECL_ATTRIBUTES (SYMBOL_REF_DECL (op0))))) + && HAVE_LD_PIE_COPYRELOC && flag_pie && !SYMBOL_REF_WEAK (op0) && !SYMBOL_REF_FUNCTION_P (op0))) @@ -13640,7 +13653,7 @@ ix86_print_operand (FILE *file, rtx x, int code) if (code == 'P') { - if (ix86_force_load_from_GOT_p (x)) + if (ix86_force_load_from_GOT_p (x, true)) { /* For inline assembly statement, load function address from GOT with 'P' operand modifier to avoid PLT. */ @@ -22350,10 +22363,10 @@ int asm_preferred_eh_data_format (int code, int global) { /* PE-COFF is effectively always -fPIC because of the .reloc section. */ - if (flag_pic || TARGET_PECOFF) + if (flag_pic || TARGET_PECOFF || !flag_direct_extern_access) { int type = DW_EH_PE_sdata8; - if (!TARGET_64BIT + if (ptr_mode == SImode || ix86_cmodel == CM_SMALL_PIC || (ix86_cmodel == CM_MEDIUM_PIC && (global || code))) type = DW_EH_PE_sdata4; @@ -23468,10 +23481,26 @@ ix86_atomic_assign_expand_fenv (tree *hold, tree *clear, tree *update) static bool ix86_binds_local_p (const_tree exp) { - return default_binds_local_p_3 (exp, flag_shlib != 0, true, true, - (!flag_pic - || (TARGET_64BIT - && HAVE_LD_PIE_COPYRELOC != 0))); + bool direct_extern_access + = (flag_direct_extern_access + && !(VAR_OR_FUNCTION_DECL_P (exp) + && lookup_attribute ("nodirect_extern_access", + DECL_ATTRIBUTES (exp)))); + return default_binds_local_p_3 (exp, flag_shlib != 0, true, + direct_extern_access, + (direct_extern_access + && (!flag_pic + || (TARGET_64BIT + && HAVE_LD_PIE_COPYRELOC != 0)))); +} + +/* If flag_pic or flag_direct_extern_access is false, then neither + local nor global relocs should be placed in readonly memory. */ + +static int +ix86_reloc_rw_mask (void) +{ + return (flag_pic || !flag_direct_extern_access) ? 3 : 0; } #endif @@ -24537,6 +24566,11 @@ ix86_libgcc_floating_mode_supported_p #define TARGET_GET_MULTILIB_ABI_NAME \ ix86_get_multilib_abi_name +#if !TARGET_MACHO && !TARGET_DLLIMPORT_DECL_ATTRIBUTES +# undef TARGET_ASM_RELOC_RW_MASK +# define TARGET_ASM_RELOC_RW_MASK ix86_reloc_rw_mask +#endif + static bool ix86_libc_has_fast_function (int fcode ATTRIBUTE_UNUSED) { #ifdef OPTION_GLIBC diff --git a/gcc/doc/extend.texi b/gcc/doc/extend.texi index 9501a60f20e..fa1d00820e7 100644 --- a/gcc/doc/extend.texi +++ b/gcc/doc/extend.texi @@ -2934,6 +2934,12 @@ produced by @command{gold}. For other linkers that cannot generate resolution file, explicit @code{externally_visible} attributes are still necessary. +@item nodirect_extern_access +@cindex @code{nodirect_extern_access} function attribute +@opindex fno-direct-extern-access +This attribute, attached to a global variable or function, is the +counterpart to option @option{-fno-direct-extern-access}. + @item flatten @cindex @code{flatten} function attribute Generally, inlining into a function is limited. For a function marked with diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 4acb94181d2..d747fad1589 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -659,6 +659,7 @@ Objective-C and Objective-C++ Dialects}. -fnon-call-exceptions -fdelete-dead-exceptions -funwind-tables @gol -fasynchronous-unwind-tables @gol -fno-gnu-unique @gol +-fno-direct-extern-access @gol -finhibit-size-directive -fcommon -fno-ident @gol -fpcc-struct-return -fpic -fPIC -fpie -fPIE -fno-plt @gol -fno-jump-tables -fno-bit-tests @gol @@ -16841,6 +16842,18 @@ through the PLT for specific external functions. In position-dependent code, a few targets also convert calls to functions that are marked to not use the PLT to use the GOT instead. +@item -fno-direct-extern-access +@opindex fno-direct-extern-access +@opindex fdirect-extern-access +Without @option{-fpic} nor @option{-fPIC}, always use the GOT pointer +to access external symbols. With @option{-fpic} or @option{-fPIC}, +treat access to protected symbols as local symbols. + +@strong{Warning:} shared libraries compiled with +@option{-fno-direct-extern-access} and executable compiled with +@option{-fdirect-extern-access} may not be binary compatible if +protected symbols are used in shared libraries and executable. + @item -fno-jump-tables @opindex fno-jump-tables @opindex fjump-tables diff --git a/gcc/testsuite/g++.dg/pr35513-1.C b/gcc/testsuite/g++.dg/pr35513-1.C new file mode 100644 index 00000000000..8423e826da8 --- /dev/null +++ b/gcc/testsuite/g++.dg/pr35513-1.C @@ -0,0 +1,25 @@ +// { dg-do run } +// { dg-options "-O2 -fno-direct-extern-access" } + +#include <iostream> + +class Bug +{ +}; + +int throw_bug() +{ + throw Bug(); + + return 0; +} + +int main() +{ + try { + std::cout << throw_bug(); + } catch (Bug bug) { + }; + + return 0; +} diff --git a/gcc/testsuite/g++.dg/pr35513-2.C b/gcc/testsuite/g++.dg/pr35513-2.C new file mode 100644 index 00000000000..56ed19ae1eb --- /dev/null +++ b/gcc/testsuite/g++.dg/pr35513-2.C @@ -0,0 +1,53 @@ +// { dg-do run } +// { dg-options "-O2 -fno-direct-extern-access" } + +class Foo +{ +public: + Foo(int n) : n_(n) { } + int f() { return n_; } + + int badTest(); + int goodTest(); + +private: + + int n_; +}; + +int Foo::badTest() +{ + try { + throw int(99); + } + + catch (int &i) { + n_ = 16; + } + + return n_; +} + + +int Foo::goodTest() +{ + int n; + + try { + throw int(99); + } + + catch (int &i) { + n = 16; + } + + return n_; +} + +int main() +{ + Foo foo(5); + foo.goodTest(); + foo.badTest(); + return 0; +} diff --git a/gcc/testsuite/gcc.target/i386/pr35513-10a.c b/gcc/testsuite/gcc.target/i386/pr35513-10a.c new file mode 100644 index 00000000000..b61ea5c4e77 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-10a.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fno-direct-extern-access" } */ + +/* Weak common symbol with -fpic. */ +__attribute__((weak, visibility("protected"))) +int xxx; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-10b.c b/gcc/testsuite/gcc.target/i386/pr35513-10b.c new file mode 100644 index 00000000000..3bb5fc8831f --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-10b.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fdirect-extern-access" } */ + +/* Weak common symbol with -fpic. */ +__attribute__((weak, visibility("protected"),nodirect_extern_access)) +int xxx; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-11a.c b/gcc/testsuite/gcc.target/i386/pr35513-11a.c new file mode 100644 index 00000000000..8cb3d7f8482 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-11a.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fno-direct-extern-access" } */ + +/* Initialized symbol with -fpic. */ +__attribute__((visibility("protected"))) +int xxx = -1; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-11b.c b/gcc/testsuite/gcc.target/i386/pr35513-11b.c new file mode 100644 index 00000000000..68e2e270769 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-11b.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fdirect-extern-access" } */ + +/* Initialized symbol with -fpic. */ +__attribute__((visibility("protected"), nodirect_extern_access)) +int xxx = -1; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-12a.c b/gcc/testsuite/gcc.target/i386/pr35513-12a.c new file mode 100644 index 00000000000..b2e64f97d54 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-12a.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fno-direct-extern-access" } */ + +/* Weak initialized symbol with -fpic. */ +__attribute__((weak, visibility("protected"))) +int xxx = -1; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-12b.c b/gcc/testsuite/gcc.target/i386/pr35513-12b.c new file mode 100644 index 00000000000..32031660154 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-12b.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fdirect-extern-access" } */ + +/* Weak initialized symbol with -fpic. */ +__attribute__((weak, visibility("protected"), nodirect_extern_access)) +int xxx = -1; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-1a.c b/gcc/testsuite/gcc.target/i386/pr35513-1a.c new file mode 100644 index 00000000000..c5dbabc3704 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-1a.c @@ -0,0 +1,16 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fno-pic -fno-direct-extern-access" } */ + +extern void bar (void); +extern void *p; + +void +foo (void) +{ + p = &bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT," { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-1b.c b/gcc/testsuite/gcc.target/i386/pr35513-1b.c new file mode 100644 index 00000000000..17bd7d127b4 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-1b.c @@ -0,0 +1,16 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fno-pic -fdirect-extern-access" } */ + +extern void bar (void) __attribute__ ((nodirect_extern_access)); +extern void *p; + +void +foo (void) +{ + p = &bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT," { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-2a.c b/gcc/testsuite/gcc.target/i386/pr35513-2a.c new file mode 100644 index 00000000000..8bb7cb4c13d --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-2a.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fno-pic -fno-direct-extern-access" } */ + +extern int bar; + +int +foo (void) +{ + return bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT," { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-2b.c b/gcc/testsuite/gcc.target/i386/pr35513-2b.c new file mode 100644 index 00000000000..81d1913de89 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-2b.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fno-pic -fdirect-extern-access" } */ + +extern int bar __attribute__ ((nodirect_extern_access)); + +int +foo (void) +{ + return bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT," { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-3a.c b/gcc/testsuite/gcc.target/i386/pr35513-3a.c new file mode 100644 index 00000000000..98dc54e3bf4 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-3a.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpie -fno-direct-extern-access" } */ + +extern int bar; + +int +foo (void) +{ + return bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT" { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-3b.c b/gcc/testsuite/gcc.target/i386/pr35513-3b.c new file mode 100644 index 00000000000..e37c59efa9c --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-3b.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpie -fdirect-extern-access" } */ + +extern int bar __attribute__ ((nodirect_extern_access)); + +int +foo (void) +{ + return bar; +} + +/* { dg-final { scan-assembler "mov\(l|q\)\[ \t\]*bar@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "movl\[ \t\]*bar@GOT" { target { ia32 && got32x_reloc } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "mov\(l|q\)\[ \t\]*\\\$bar," { target { ia32 && got32x_reloc } } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-4a.c b/gcc/testsuite/gcc.target/i386/pr35513-4a.c new file mode 100644 index 00000000000..467081dad65 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-4a.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fno-pic -fno-direct-extern-access" } */ + +extern void foo (void); + +int +bar (void) +{ + foo (); + return 0; +} + +/* { dg-final { scan-assembler "call\[ \t\]*foo" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-4b.c b/gcc/testsuite/gcc.target/i386/pr35513-4b.c new file mode 100644 index 00000000000..273ee544803 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-4b.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fno-pic -fdirect-extern-access" } */ + +extern void foo (void) __attribute__ ((nodirect_extern_access)); + +int +bar (void) +{ + foo (); + return 0; +} + +/* { dg-final { scan-assembler "call\[ \t\]*foo" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-5a.c b/gcc/testsuite/gcc.target/i386/pr35513-5a.c new file mode 100644 index 00000000000..b0e61b08ba9 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-5a.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fpic -fno-direct-extern-access" } */ + +extern void foo (void); + +int +bar (void) +{ + foo (); + return 0; +} + +/* { dg-final { scan-assembler "call\[ \t\]*foo@PLT" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-5b.c b/gcc/testsuite/gcc.target/i386/pr35513-5b.c new file mode 100644 index 00000000000..6d2876823af --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-5b.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fpic -fdirect-extern-access" } */ + +extern void foo (void) __attribute__ ((nodirect_extern_access)); + +int +bar (void) +{ + foo (); + return 0; +} + +/* { dg-final { scan-assembler "call\[ \t\]*foo@PLT" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-6a.c b/gcc/testsuite/gcc.target/i386/pr35513-6a.c new file mode 100644 index 00000000000..270504b8d0e --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-6a.c @@ -0,0 +1,14 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fno-pic -fno-direct-extern-access" } */ + +extern void foo (void); + +void +bar (void) +{ + foo (); +} + +/* { dg-final { scan-assembler "jmp\[ \t\]*foo" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-6b.c b/gcc/testsuite/gcc.target/i386/pr35513-6b.c new file mode 100644 index 00000000000..4cc9e2be186 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-6b.c @@ -0,0 +1,14 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fno-pic -fdirect-extern-access" } */ + +extern void foo (void) __attribute__ ((nodirect_extern_access)); + +void +bar (void) +{ + foo (); +} + +/* { dg-final { scan-assembler "jmp\[ \t\]*foo" } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-7a.c b/gcc/testsuite/gcc.target/i386/pr35513-7a.c new file mode 100644 index 00000000000..2c5a83ddef8 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-7a.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fpic -fno-direct-extern-access" } */ + +extern void foo (void); + +void +bar (void) +{ + foo (); +} + +/* { dg-final { scan-assembler "jmp\[ \t\]*foo@PLT" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "call\[ \t\]*foo@PLT" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-7b.c b/gcc/testsuite/gcc.target/i386/pr35513-7b.c new file mode 100644 index 00000000000..9211d339809 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-7b.c @@ -0,0 +1,15 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fplt -fpic -fdirect-extern-access" } */ + +extern void foo (void) __attribute__ ((nodirect_extern_access)); + +void +bar (void) +{ + foo (); +} + +/* { dg-final { scan-assembler "jmp\[ \t\]*foo@PLT" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "call\[ \t\]*foo@PLT" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "foo@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "foo@GOT" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-8.c b/gcc/testsuite/gcc.target/i386/pr35513-8.c new file mode 100644 index 00000000000..545979e99c2 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-8.c @@ -0,0 +1,41 @@ +/* { dg-do assemble { target { *-*-linux* && { ! ia32 } } } } */ +/* { dg-require-effective-target maybe_x32 } */ +/* { dg-options "-mx32 -O2 -fno-pic -fexceptions -fasynchronous-unwind-tables -fno-direct-extern-access" } */ + +extern int foo (int); +extern void exit (int __status) __attribute__ ((__nothrow__ )) __attribute__ ((__noreturn__)); +struct __pthread_cleanup_frame +{ + void (*__cancel_routine) (void *); + void *__cancel_arg; + int __do_it; + int __cancel_type; +}; +extern __inline void +__pthread_cleanup_routine (struct __pthread_cleanup_frame *__frame) +{ + if (__frame->__do_it) + __frame->__cancel_routine (__frame->__cancel_arg); +} +static int cl_called; + +static void +cl (void *arg) +{ + ++cl_called; +} + + +void * +tf_usleep (void *arg) +{ + + do { struct __pthread_cleanup_frame __clframe __attribute__ ((__cleanup__ (__pthread_cleanup_routine))) = { .__cancel_routine = (cl), .__cancel_arg = ( + ((void *)0)), .__do_it = 1 };; + + foo (arg == ((void *)0) ? (0x7fffffffL * 2UL + 1UL) : 0); + + __clframe.__do_it = (0); } while (0); + + exit (1); +} diff --git a/gcc/testsuite/gcc.target/i386/pr35513-9a.c b/gcc/testsuite/gcc.target/i386/pr35513-9a.c new file mode 100644 index 00000000000..10b2c24ac87 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-9a.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fno-direct-extern-access" } */ + +/* Common symbol with -fpic. */ +__attribute__((visibility("protected"))) +int xxx; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ diff --git a/gcc/testsuite/gcc.target/i386/pr35513-9b.c b/gcc/testsuite/gcc.target/i386/pr35513-9b.c new file mode 100644 index 00000000000..860c2e36034 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/pr35513-9b.c @@ -0,0 +1,17 @@ +/* { dg-do compile { target *-*-linux* } } */ +/* { dg-options "-O2 -fpic -fdirect-extern-access" } */ + +/* Common symbol with -fpic. */ +__attribute__((visibility("protected"), nodirect_extern_access)) +int xxx; + +int +foo () +{ + return xxx; +} + +/* { dg-final { scan-assembler "xxx\\(%rip\\)" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler-not "xxx@GOTPCREL" { target { ! ia32 } } } } */ +/* { dg-final { scan-assembler "xxx@GOTOFF" { target ia32 } } } */ +/* { dg-final { scan-assembler-not "xxx@GOT\\(" { target ia32 } } } */ -- 2.31.1 ^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH v4 2/2] Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE 2021-09-23 2:02 [PATCH v4 0/2] Implement indirect external access H.J. Lu 2021-09-23 2:02 ` [PATCH v4 1/2] Add -f[no-]direct-extern-access H.J. Lu @ 2021-09-23 2:02 ` H.J. Lu 2021-10-21 19:56 ` PING [PATCH v4 0/2] Implement indirect external access H.J. Lu 2 siblings, 0 replies; 10+ messages in thread From: H.J. Lu @ 2021-09-23 2:02 UTC (permalink / raw) To: gcc-patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law Generate the marker for -fno-direct-extern-access to indicate that the object file uses GOT to access all external symbols. Access to protected symbols in the resulting shared library is treated as local, which requires canonical function pointers and cannot be used with copy relocation. This marker can be used in the following ways: 1. Linker can decide the best way to resolve a relocation against a protected symbol before seeing all relocations against the symbol. 2. Dynamic linker can decide if it is an error to have a copy relocation in executable against the protected symbol in a shared library by checking if the shared library is built with -fno-direct-extern-access. * configure.ac (HAVE_LD_INDIRECT_EXTERN_ACCESS_SUPPORT): New. Define to 1 if linker supports GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS. * output.h (emit_gnu_property): New. (emit_gnu_property_note): Likewise. * target.def (emit_gnu_property_note): Add a argetm.asm_out hook. * toplev.c (compile_file): Call emit_gnu_property_note before file_end. * varasm.c (emit_gnu_property): New. (emit_gnu_property_note): Likewise. * config.in: Regenerated. * configure: Likewise. * doc/tm.texi: Likewise. * config/i386/gnu-property.c (emit_gnu_property): Removed. (TARGET_ASM_EMIT_GNU_PROPERTY_NOTE): New. * doc/tm.texi.in: Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE. --- gcc/config.in | 7 +++++ gcc/config/i386/gnu-property.c | 31 ---------------------- gcc/config/i386/i386.c | 2 ++ gcc/configure | 27 +++++++++++++++++++ gcc/configure.ac | 23 +++++++++++++++++ gcc/doc/tm.texi | 5 ++++ gcc/doc/tm.texi.in | 2 ++ gcc/output.h | 2 ++ gcc/target.def | 8 ++++++ gcc/toplev.c | 3 +++ gcc/varasm.c | 47 ++++++++++++++++++++++++++++++++++ 11 files changed, 126 insertions(+), 31 deletions(-) diff --git a/gcc/config.in b/gcc/config.in index 61cafe4f6c0..8a756aa3541 100644 --- a/gcc/config.in +++ b/gcc/config.in @@ -1690,6 +1690,13 @@ #endif +/* Define to 1 if your linker supports + GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS. */ +#ifndef USED_FOR_TARGET +#undef HAVE_LD_INDIRECT_EXTERN_ACCESS_SUPPORT +#endif + + /* Define if your PowerPC64 linker supports a large TOC. */ #ifndef USED_FOR_TARGET #undef HAVE_LD_LARGE_TOC diff --git a/gcc/config/i386/gnu-property.c b/gcc/config/i386/gnu-property.c index 4ba04403002..9fe8d00132e 100644 --- a/gcc/config/i386/gnu-property.c +++ b/gcc/config/i386/gnu-property.c @@ -24,37 +24,6 @@ along with GCC; see the file COPYING3. If not see #include "output.h" #include "linux-common.h" -static void -emit_gnu_property (unsigned int type, unsigned int data) -{ - int p2align = ptr_mode == SImode ? 2 : 3; - - switch_to_section (get_section (".note.gnu.property", - SECTION_NOTYPE, NULL)); - - ASM_OUTPUT_ALIGN (asm_out_file, p2align); - /* name length. */ - fprintf (asm_out_file, ASM_LONG "1f - 0f\n"); - /* data length. */ - fprintf (asm_out_file, ASM_LONG "4f - 1f\n"); - /* note type: NT_GNU_PROPERTY_TYPE_0. */ - fprintf (asm_out_file, ASM_LONG "5\n"); - fprintf (asm_out_file, "0:\n"); - /* vendor name: "GNU". */ - fprintf (asm_out_file, STRING_ASM_OP "\"GNU\"\n"); - fprintf (asm_out_file, "1:\n"); - ASM_OUTPUT_ALIGN (asm_out_file, p2align); - /* pr_type. */ - fprintf (asm_out_file, ASM_LONG "0x%x\n", type); - /* pr_datasz. */ - fprintf (asm_out_file, ASM_LONG "3f - 2f\n"); - fprintf (asm_out_file, "2:\n"); - fprintf (asm_out_file, ASM_LONG "0x%x\n", data); - fprintf (asm_out_file, "3:\n"); - ASM_OUTPUT_ALIGN (asm_out_file, p2align); - fprintf (asm_out_file, "4:\n"); -} - void file_end_indicate_exec_stack_and_gnu_property (void) { diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c index 9ca1ef512a4..3b678c4d5b6 100644 --- a/gcc/config/i386/i386.c +++ b/gcc/config/i386/i386.c @@ -24569,6 +24569,8 @@ ix86_libgcc_floating_mode_supported_p #if !TARGET_MACHO && !TARGET_DLLIMPORT_DECL_ATTRIBUTES # undef TARGET_ASM_RELOC_RW_MASK # define TARGET_ASM_RELOC_RW_MASK ix86_reloc_rw_mask +# undef TARGET_ASM_EMIT_GNU_PROPERTY_NOTE +# define TARGET_ASM_EMIT_GNU_PROPERTY_NOTE emit_gnu_property_note #endif static bool ix86_libc_has_fast_function (int fcode ATTRIBUTE_UNUSED) diff --git a/gcc/configure b/gcc/configure index b3de17009b8..13fe041b0b6 100755 --- a/gcc/configure +++ b/gcc/configure @@ -32172,6 +32172,33 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_bndplt_support" >&5 $as_echo "$ld_bndplt_support" >&6; } +# Check if linker supports GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS. +ld_indirect_extern_access=0 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking linker with GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS" >&5 +$as_echo_n "checking linker with GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS... " >&6; } +if test x"$ld_is_gold" = xno; then + # GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS supported was added to + # GNU linker for binutils 2.38 on 2021-07-09. + if test $in_tree_ld = yes ; then + if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 38 -o "$gcc_cv_gld_major_version" -gt 2; then + ld_indirect_extern_access=1 + fi + elif echo "$ld_ver" | grep GNU > /dev/null; then + if test "$ld_vers_major" -eq 2 -a "$ld_vers_minor" -ge 37 -a "$ld_vers_patch" -ge 50 -a 0"$ld_date" -gt 20210709; then + ld_indirect_extern_access=1 + elif test "$ld_vers_major" -eq 2 -a "$ld_vers_minor" -ge 38 -o "$ld_vers_major" -gt 2; then + ld_indirect_extern_access=1 + fi + fi +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_LD_INDIRECT_EXTERN_ACCESS_SUPPORT $ld_indirect_extern_access +_ACEOF + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_indirect_extern_access" >&5 +$as_echo "$ld_indirect_extern_access" >&6; } + # Check linker supports '--push-state'/'--pop-state' ld_pushpopstate_support=no { $as_echo "$as_me:${as_lineno-$LINENO}: checking linker --push-state/--pop-state options" >&5 diff --git a/gcc/configure.ac b/gcc/configure.ac index 7d3aab47030..d707ea85d5c 100644 --- a/gcc/configure.ac +++ b/gcc/configure.ac @@ -7526,6 +7526,29 @@ if test x"$ld_bndplt_support" = xyes; then fi AC_MSG_RESULT($ld_bndplt_support) +# Check if linker supports GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS. +ld_indirect_extern_access=0 +AC_MSG_CHECKING(linker with GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS) +if test x"$ld_is_gold" = xno; then + # GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS supported was added to + # GNU linker for binutils 2.38 on 2021-07-09. + if test $in_tree_ld = yes ; then + if test "$gcc_cv_gld_major_version" -eq 2 -a "$gcc_cv_gld_minor_version" -ge 38 -o "$gcc_cv_gld_major_version" -gt 2; then + ld_indirect_extern_access=1 + fi + elif echo "$ld_ver" | grep GNU > /dev/null; then + if test "$ld_vers_major" -eq 2 -a "$ld_vers_minor" -ge 37 -a "$ld_vers_patch" -ge 50 -a 0"$ld_date" -gt 20210709; then + ld_indirect_extern_access=1 + elif test "$ld_vers_major" -eq 2 -a "$ld_vers_minor" -ge 38 -o "$ld_vers_major" -gt 2; then + ld_indirect_extern_access=1 + fi + fi +fi +AC_DEFINE_UNQUOTED(HAVE_LD_INDIRECT_EXTERN_ACCESS_SUPPORT, + $ld_indirect_extern_access, + [Define to 1 if your linker supports GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS.]) +AC_MSG_RESULT($ld_indirect_extern_access) + # Check linker supports '--push-state'/'--pop-state' ld_pushpopstate_support=no AC_MSG_CHECKING(linker --push-state/--pop-state options) diff --git a/gcc/doc/tm.texi b/gcc/doc/tm.texi index 902402d7503..3f65dc8387c 100644 --- a/gcc/doc/tm.texi +++ b/gcc/doc/tm.texi @@ -8095,6 +8095,11 @@ Output to @code{asm_out_file} any text which the assembler expects to find at the end of a file. The default is to output nothing. @end deftypefn +@deftypefn {Target Hook} void TARGET_ASM_EMIT_GNU_PROPERTY_NOTE (void) +Output a GNU property note to @code{asm_out_file}. The default is to +output nothing. +@end deftypefn + @deftypefun void file_end_indicate_exec_stack () Some systems use a common convention, the @samp{.note.GNU-stack} special section, to indicate whether or not an object file relies on diff --git a/gcc/doc/tm.texi.in b/gcc/doc/tm.texi.in index 86352dc9bd2..5e48a29e55e 100644 --- a/gcc/doc/tm.texi.in +++ b/gcc/doc/tm.texi.in @@ -5057,6 +5057,8 @@ This describes the overall framework of an assembly file. @hook TARGET_ASM_FILE_END +@hook TARGET_ASM_EMIT_GNU_PROPERTY_NOTE + @deftypefun void file_end_indicate_exec_stack () Some systems use a common convention, the @samp{.note.GNU-stack} special section, to indicate whether or not an object file relies on diff --git a/gcc/output.h b/gcc/output.h index 73ca4545f4f..f9cbf7cab37 100644 --- a/gcc/output.h +++ b/gcc/output.h @@ -607,6 +607,8 @@ extern void default_asm_declare_constant_name (FILE *, const char *, extern void default_file_start (void); extern void file_end_indicate_exec_stack (void); extern void file_end_indicate_split_stack (void); +extern void emit_gnu_property (unsigned int, unsigned int); +extern void emit_gnu_property_note (void); extern void default_elf_asm_output_external (FILE *file, tree, const char *); diff --git a/gcc/target.def b/gcc/target.def index c5d90cace80..e27c0f7c0f8 100644 --- a/gcc/target.def +++ b/gcc/target.def @@ -715,6 +715,14 @@ to find at the end of a file. The default is to output nothing.", void, (void), hook_void_void) +/* Output a GNU property note. */ +DEFHOOK +(emit_gnu_property_note, + "Output a GNU property note to @code{asm_out_file}. The default is to\n\ +output nothing.", + void, (void), + hook_void_void) + /* Output any boilerplate text needed at the beginning of an LTO output stream. */ DEFHOOK diff --git a/gcc/toplev.c b/gcc/toplev.c index 14d1335e79e..38decb1e8eb 100644 --- a/gcc/toplev.c +++ b/gcc/toplev.c @@ -586,6 +586,9 @@ compile_file (void) /* Invoke registered plugin callbacks. */ invoke_plugin_callbacks (PLUGIN_FINISH_UNIT, NULL); + /* Output a GNU property note. */ + targetm.asm_out.emit_gnu_property_note (); + /* This must be at the end. Some target ports emit end of file directives into the assembly file here, and hence we cannot output anything to the assembly file after this point. */ diff --git a/gcc/varasm.c b/gcc/varasm.c index 2d261b353bf..aa97ae91d4e 100644 --- a/gcc/varasm.c +++ b/gcc/varasm.c @@ -7735,6 +7735,53 @@ default_file_start (void) } } +/* Emit one GNU property of TYPE and DATA. */ + +void +emit_gnu_property (unsigned int type, unsigned int data) +{ + int p2align = ptr_mode == SImode ? 2 : 3; + + switch_to_section (get_section (".note.gnu.property", + SECTION_NOTYPE, NULL)); + + ASM_OUTPUT_ALIGN (asm_out_file, p2align); + /* name length. */ + fprintf (asm_out_file, ASM_LONG "1f - 0f\n"); + /* data length. */ + fprintf (asm_out_file, ASM_LONG "4f - 1f\n"); + /* note type: NT_GNU_PROPERTY_TYPE_0. */ + fprintf (asm_out_file, ASM_LONG "5\n"); + fprintf (asm_out_file, "0:\n"); + /* vendor name: "GNU". */ + fprintf (asm_out_file, STRING_ASM_OP "\"GNU\"\n"); + fprintf (asm_out_file, "1:\n"); + ASM_OUTPUT_ALIGN (asm_out_file, p2align); + /* pr_type. */ + fprintf (asm_out_file, ASM_LONG "0x%x\n", type); + /* pr_datasz. */ + fprintf (asm_out_file, ASM_LONG "3f - 2f\n"); + fprintf (asm_out_file, "2:\n"); + fprintf (asm_out_file, ASM_LONG "0x%x\n", data); + fprintf (asm_out_file, "3:\n"); + ASM_OUTPUT_ALIGN (asm_out_file, p2align); + fprintf (asm_out_file, "4:\n"); +} + +/* This is a generic routine for TARGET_ASM_EMIT_GNU_PROPERTY_NOTE to + emit a NT_GNU_PROPERTY_TYPE_0 note. This is primarily a GNU extension + to ELF but could be used on other targets. */ + +void +emit_gnu_property_note (void) +{ + if (HAVE_LD_INDIRECT_EXTERN_ACCESS_SUPPORT + && !flag_direct_extern_access) + /* Emite a GNU_PROPERTY_1_NEEDED note with + GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS. */ + emit_gnu_property (0xb0008000, (1U << 0)); +} + /* This is a generic routine suitable for use as TARGET_ASM_FILE_END which emits a special section directive used to indicate whether or not this object file needs an executable stack. This is primarily -- 2.31.1 ^ permalink raw reply [flat|nested] 10+ messages in thread
* PING [PATCH v4 0/2] Implement indirect external access 2021-09-23 2:02 [PATCH v4 0/2] Implement indirect external access H.J. Lu 2021-09-23 2:02 ` [PATCH v4 1/2] Add -f[no-]direct-extern-access H.J. Lu 2021-09-23 2:02 ` [PATCH v4 2/2] Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE H.J. Lu @ 2021-10-21 19:56 ` H.J. Lu 2021-11-01 14:02 ` PING^2 " H.J. Lu 2 siblings, 1 reply; 10+ messages in thread From: H.J. Lu @ 2021-10-21 19:56 UTC (permalink / raw) To: GCC Patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law, Adhemerval Zanella On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > Changes in the v4 patch. > > 1. Add nodirect_extern_access attribute. > > Changes in the v3 patch. > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > GNU binutils 2.38. But the -z indirect-extern-access linker option is > only available for Linux/x86. However, the --max-cache-size=SIZE linker > option was also addded within a day. --max-cache-size=SIZE is used to > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > Changes in the v2 patch. > > 1. Rename the option to -fdirect-extern-access. > > --- > On systems with copy relocation: > * A copy in executable is created for the definition in a shared library > at run-time by ld.so. > * The copy is referenced by executable and shared libraries. > * Executable can access the copy directly. > > Issues are: > * Overhead of a copy, time and space, may be visible at run-time. > * Read-only data in the shared library becomes read-write copy in > executable at run-time. > * Local access to data with the STV_PROTECTED visibility in the shared > library must use GOT. > > On systems without function descriptor, function pointers vary depending > on where and how the functions are defined. > * If the function is defined in executable, it can be the address of > function body. > * If the function, including the function with STV_PROTECTED visibility, > is defined in the shared library, it can be the address of the PLT entry > in executable or shared library. > > Issues are: > * The address of function body may not be used as its function pointer. > * ld.so needs to search loaded shared libraries for the function pointer > of the function with STV_PROTECTED visibility. > > Here is a proposal to remove copy relocation and use canonical function > pointer: > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > use GOT. > a. Linker may optimize out GOT access if the data is defined in PIE or > non-PIE. > 2. Read-only data in the shared library remain read-only at run-time > 3. Address of global data with the STV_PROTECTED visibility in the shared > library is the address of data body. > a. Can use IP-relative access. > b. May need GOT without IP-relative access. > 4. For systems without function descriptor, > a. All global function pointers of undefined functions in PIE and > non-PIE must use GOT. Linker may optimize out GOT access if the > function is defined in PIE or non-PIE. > b. Function pointer of functions with the STV_PROTECTED visibility in > executable and shared library is the address of function body. > i. Can use IP-relative access. > ii. May need GOT without IP-relative access. > iii. Branches to undefined functions may use PLT. > 5. Single global definition marker: > > Add GNU_PROPERTY_1_NEEDED: > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > to indicate the needed properties by the object file. > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > to indicate that the object file requires canonical function pointers and > cannot be used with copy relocation. This bit should be cleared in > executable when there are non-GOT or non-PLT relocations in relocatable > input files without this bit set. > > a. Protected symbol access within the shared library can be treated as > local. > b. Copy relocation should be disallowed at link-time and run-time. > c. GOT function pointer reference is required at link-time and run-time. > > The indirect external access marker can be used in the following ways: > > 1. Linker can decide the best way to resolve a relocation against a > protected symbol before seeing all relocations against the symbol. > 2. Dynamic linker can decide if it is an error to have a copy relocation > in executable against the protected symbol in a shared library by checking > if the shared library is built with -fno-direct-extern-access. > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > the default. With -fno-direct-extern-access: > > 1. Always to use GOT to access undefined symbols, including in PIE and > non-PIE. This is safe to do and does not break the ABI. > 2. In executable and shared library, for symbols with the STV_PROTECTED > visibility: > a. The address of data symbol is the address of data body. > b. For systems without function descriptor, the function pointer is > the address of function body. > These break the ABI and resulting shared libraries may not be compatible > with executables which are not compiled with -fno-direct-extern-access. > 3. Generate an indirect external access marker in relocatable objects if > supported by linker. > > H.J. Lu (2): > Add -f[no-]direct-extern-access > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > Hi, This has been implemented in binutils 2.38 and glibc 2.35. What do I need to do to get it into GCC 12? Thanks. -- H.J. ^ permalink raw reply [flat|nested] 10+ messages in thread
* PING^2 [PATCH v4 0/2] Implement indirect external access 2021-10-21 19:56 ` PING [PATCH v4 0/2] Implement indirect external access H.J. Lu @ 2021-11-01 14:02 ` H.J. Lu 2021-11-25 17:54 ` PING^3 " H.J. Lu 0 siblings, 1 reply; 10+ messages in thread From: H.J. Lu @ 2021-11-01 14:02 UTC (permalink / raw) To: GCC Patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law, Adhemerval Zanella On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > Changes in the v4 patch. > > > > 1. Add nodirect_extern_access attribute. > > > > Changes in the v3 patch. > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > option was also addded within a day. --max-cache-size=SIZE is used to > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > Changes in the v2 patch. > > > > 1. Rename the option to -fdirect-extern-access. > > > > --- > > On systems with copy relocation: > > * A copy in executable is created for the definition in a shared library > > at run-time by ld.so. > > * The copy is referenced by executable and shared libraries. > > * Executable can access the copy directly. > > > > Issues are: > > * Overhead of a copy, time and space, may be visible at run-time. > > * Read-only data in the shared library becomes read-write copy in > > executable at run-time. > > * Local access to data with the STV_PROTECTED visibility in the shared > > library must use GOT. > > > > On systems without function descriptor, function pointers vary depending > > on where and how the functions are defined. > > * If the function is defined in executable, it can be the address of > > function body. > > * If the function, including the function with STV_PROTECTED visibility, > > is defined in the shared library, it can be the address of the PLT entry > > in executable or shared library. > > > > Issues are: > > * The address of function body may not be used as its function pointer. > > * ld.so needs to search loaded shared libraries for the function pointer > > of the function with STV_PROTECTED visibility. > > > > Here is a proposal to remove copy relocation and use canonical function > > pointer: > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > use GOT. > > a. Linker may optimize out GOT access if the data is defined in PIE or > > non-PIE. > > 2. Read-only data in the shared library remain read-only at run-time > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > library is the address of data body. > > a. Can use IP-relative access. > > b. May need GOT without IP-relative access. > > 4. For systems without function descriptor, > > a. All global function pointers of undefined functions in PIE and > > non-PIE must use GOT. Linker may optimize out GOT access if the > > function is defined in PIE or non-PIE. > > b. Function pointer of functions with the STV_PROTECTED visibility in > > executable and shared library is the address of function body. > > i. Can use IP-relative access. > > ii. May need GOT without IP-relative access. > > iii. Branches to undefined functions may use PLT. > > 5. Single global definition marker: > > > > Add GNU_PROPERTY_1_NEEDED: > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > to indicate the needed properties by the object file. > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > to indicate that the object file requires canonical function pointers and > > cannot be used with copy relocation. This bit should be cleared in > > executable when there are non-GOT or non-PLT relocations in relocatable > > input files without this bit set. > > > > a. Protected symbol access within the shared library can be treated as > > local. > > b. Copy relocation should be disallowed at link-time and run-time. > > c. GOT function pointer reference is required at link-time and run-time. > > > > The indirect external access marker can be used in the following ways: > > > > 1. Linker can decide the best way to resolve a relocation against a > > protected symbol before seeing all relocations against the symbol. > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > in executable against the protected symbol in a shared library by checking > > if the shared library is built with -fno-direct-extern-access. > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > the default. With -fno-direct-extern-access: > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > non-PIE. This is safe to do and does not break the ABI. > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > visibility: > > a. The address of data symbol is the address of data body. > > b. For systems without function descriptor, the function pointer is > > the address of function body. > > These break the ABI and resulting shared libraries may not be compatible > > with executables which are not compiled with -fno-direct-extern-access. > > 3. Generate an indirect external access marker in relocatable objects if > > supported by linker. > > > > H.J. Lu (2): > > Add -f[no-]direct-extern-access > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > Hi, > > This has been implemented in binutils 2.38 and glibc 2.35. > What do I need to do to get it into GCC 12? > Hi Richard, Jeff, Can you help review this patch for GCC 12: https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html Thanks. -- H.J. ^ permalink raw reply [flat|nested] 10+ messages in thread
* PING^3 [PATCH v4 0/2] Implement indirect external access 2021-11-01 14:02 ` PING^2 " H.J. Lu @ 2021-11-25 17:54 ` H.J. Lu 2021-12-11 18:44 ` PING^4 " H.J. Lu 0 siblings, 1 reply; 10+ messages in thread From: H.J. Lu @ 2021-11-25 17:54 UTC (permalink / raw) To: GCC Patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law, Adhemerval Zanella On Mon, Nov 1, 2021 at 7:02 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > Changes in the v4 patch. > > > > > > 1. Add nodirect_extern_access attribute. > > > > > > Changes in the v3 patch. > > > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > > option was also addded within a day. --max-cache-size=SIZE is used to > > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > > > Changes in the v2 patch. > > > > > > 1. Rename the option to -fdirect-extern-access. > > > > > > --- > > > On systems with copy relocation: > > > * A copy in executable is created for the definition in a shared library > > > at run-time by ld.so. > > > * The copy is referenced by executable and shared libraries. > > > * Executable can access the copy directly. > > > > > > Issues are: > > > * Overhead of a copy, time and space, may be visible at run-time. > > > * Read-only data in the shared library becomes read-write copy in > > > executable at run-time. > > > * Local access to data with the STV_PROTECTED visibility in the shared > > > library must use GOT. > > > > > > On systems without function descriptor, function pointers vary depending > > > on where and how the functions are defined. > > > * If the function is defined in executable, it can be the address of > > > function body. > > > * If the function, including the function with STV_PROTECTED visibility, > > > is defined in the shared library, it can be the address of the PLT entry > > > in executable or shared library. > > > > > > Issues are: > > > * The address of function body may not be used as its function pointer. > > > * ld.so needs to search loaded shared libraries for the function pointer > > > of the function with STV_PROTECTED visibility. > > > > > > Here is a proposal to remove copy relocation and use canonical function > > > pointer: > > > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > > use GOT. > > > a. Linker may optimize out GOT access if the data is defined in PIE or > > > non-PIE. > > > 2. Read-only data in the shared library remain read-only at run-time > > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > > library is the address of data body. > > > a. Can use IP-relative access. > > > b. May need GOT without IP-relative access. > > > 4. For systems without function descriptor, > > > a. All global function pointers of undefined functions in PIE and > > > non-PIE must use GOT. Linker may optimize out GOT access if the > > > function is defined in PIE or non-PIE. > > > b. Function pointer of functions with the STV_PROTECTED visibility in > > > executable and shared library is the address of function body. > > > i. Can use IP-relative access. > > > ii. May need GOT without IP-relative access. > > > iii. Branches to undefined functions may use PLT. > > > 5. Single global definition marker: > > > > > > Add GNU_PROPERTY_1_NEEDED: > > > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > > > to indicate the needed properties by the object file. > > > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > > > to indicate that the object file requires canonical function pointers and > > > cannot be used with copy relocation. This bit should be cleared in > > > executable when there are non-GOT or non-PLT relocations in relocatable > > > input files without this bit set. > > > > > > a. Protected symbol access within the shared library can be treated as > > > local. > > > b. Copy relocation should be disallowed at link-time and run-time. > > > c. GOT function pointer reference is required at link-time and run-time. > > > > > > The indirect external access marker can be used in the following ways: > > > > > > 1. Linker can decide the best way to resolve a relocation against a > > > protected symbol before seeing all relocations against the symbol. > > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > > in executable against the protected symbol in a shared library by checking > > > if the shared library is built with -fno-direct-extern-access. > > > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > > the default. With -fno-direct-extern-access: > > > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > > non-PIE. This is safe to do and does not break the ABI. > > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > > visibility: > > > a. The address of data symbol is the address of data body. > > > b. For systems without function descriptor, the function pointer is > > > the address of function body. > > > These break the ABI and resulting shared libraries may not be compatible > > > with executables which are not compiled with -fno-direct-extern-access. > > > 3. Generate an indirect external access marker in relocatable objects if > > > supported by linker. > > > > > > H.J. Lu (2): > > > Add -f[no-]direct-extern-access > > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > > > > Hi, > > > > This has been implemented in binutils 2.38 and glibc 2.35. > > What do I need to do to get it into GCC 12? > > > > Hi Richard, Jeff, > > Can you help review this patch for GCC 12: > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html > PING. -- H.J. ^ permalink raw reply [flat|nested] 10+ messages in thread
* PING^4 [PATCH v4 0/2] Implement indirect external access 2021-11-25 17:54 ` PING^3 " H.J. Lu @ 2021-12-11 18:44 ` H.J. Lu 2022-01-04 3:32 ` PING^5 " H.J. Lu 0 siblings, 1 reply; 10+ messages in thread From: H.J. Lu @ 2021-12-11 18:44 UTC (permalink / raw) To: GCC Patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law, Adhemerval Zanella On Thu, Nov 25, 2021 at 9:54 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Mon, Nov 1, 2021 at 7:02 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > Changes in the v4 patch. > > > > > > > > 1. Add nodirect_extern_access attribute. > > > > > > > > Changes in the v3 patch. > > > > > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > > > option was also addded within a day. --max-cache-size=SIZE is used to > > > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > > > > > Changes in the v2 patch. > > > > > > > > 1. Rename the option to -fdirect-extern-access. > > > > > > > > --- > > > > On systems with copy relocation: > > > > * A copy in executable is created for the definition in a shared library > > > > at run-time by ld.so. > > > > * The copy is referenced by executable and shared libraries. > > > > * Executable can access the copy directly. > > > > > > > > Issues are: > > > > * Overhead of a copy, time and space, may be visible at run-time. > > > > * Read-only data in the shared library becomes read-write copy in > > > > executable at run-time. > > > > * Local access to data with the STV_PROTECTED visibility in the shared > > > > library must use GOT. > > > > > > > > On systems without function descriptor, function pointers vary depending > > > > on where and how the functions are defined. > > > > * If the function is defined in executable, it can be the address of > > > > function body. > > > > * If the function, including the function with STV_PROTECTED visibility, > > > > is defined in the shared library, it can be the address of the PLT entry > > > > in executable or shared library. > > > > > > > > Issues are: > > > > * The address of function body may not be used as its function pointer. > > > > * ld.so needs to search loaded shared libraries for the function pointer > > > > of the function with STV_PROTECTED visibility. > > > > > > > > Here is a proposal to remove copy relocation and use canonical function > > > > pointer: > > > > > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > > > use GOT. > > > > a. Linker may optimize out GOT access if the data is defined in PIE or > > > > non-PIE. > > > > 2. Read-only data in the shared library remain read-only at run-time > > > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > > > library is the address of data body. > > > > a. Can use IP-relative access. > > > > b. May need GOT without IP-relative access. > > > > 4. For systems without function descriptor, > > > > a. All global function pointers of undefined functions in PIE and > > > > non-PIE must use GOT. Linker may optimize out GOT access if the > > > > function is defined in PIE or non-PIE. > > > > b. Function pointer of functions with the STV_PROTECTED visibility in > > > > executable and shared library is the address of function body. > > > > i. Can use IP-relative access. > > > > ii. May need GOT without IP-relative access. > > > > iii. Branches to undefined functions may use PLT. > > > > 5. Single global definition marker: > > > > > > > > Add GNU_PROPERTY_1_NEEDED: > > > > > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > > > > > to indicate the needed properties by the object file. > > > > > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > > > > > to indicate that the object file requires canonical function pointers and > > > > cannot be used with copy relocation. This bit should be cleared in > > > > executable when there are non-GOT or non-PLT relocations in relocatable > > > > input files without this bit set. > > > > > > > > a. Protected symbol access within the shared library can be treated as > > > > local. > > > > b. Copy relocation should be disallowed at link-time and run-time. > > > > c. GOT function pointer reference is required at link-time and run-time. > > > > > > > > The indirect external access marker can be used in the following ways: > > > > > > > > 1. Linker can decide the best way to resolve a relocation against a > > > > protected symbol before seeing all relocations against the symbol. > > > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > > > in executable against the protected symbol in a shared library by checking > > > > if the shared library is built with -fno-direct-extern-access. > > > > > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > > > the default. With -fno-direct-extern-access: > > > > > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > > > non-PIE. This is safe to do and does not break the ABI. > > > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > > > visibility: > > > > a. The address of data symbol is the address of data body. > > > > b. For systems without function descriptor, the function pointer is > > > > the address of function body. > > > > These break the ABI and resulting shared libraries may not be compatible > > > > with executables which are not compiled with -fno-direct-extern-access. > > > > 3. Generate an indirect external access marker in relocatable objects if > > > > supported by linker. > > > > > > > > H.J. Lu (2): > > > > Add -f[no-]direct-extern-access > > > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > > > > > > > Hi, > > > > > > This has been implemented in binutils 2.38 and glibc 2.35. > > > What do I need to do to get it into GCC 12? > > > > > > > Hi Richard, Jeff, > > > > Can you help review this patch for GCC 12: > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html > > > > PING. PING. -- H.J. ^ permalink raw reply [flat|nested] 10+ messages in thread
* PING^5 [PATCH v4 0/2] Implement indirect external access 2021-12-11 18:44 ` PING^4 " H.J. Lu @ 2022-01-04 3:32 ` H.J. Lu 2022-01-17 19:23 ` Marek Polacek 2022-02-09 6:44 ` Fāng-ruì Sòng 0 siblings, 2 replies; 10+ messages in thread From: H.J. Lu @ 2022-01-04 3:32 UTC (permalink / raw) To: GCC Patches Cc: Florian Weimer, Uros Bizjak, Jakub Jelinek, Richard Biener, Jeff Law, Adhemerval Zanella On Sat, Dec 11, 2021 at 10:44 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > On Thu, Nov 25, 2021 at 9:54 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Mon, Nov 1, 2021 at 7:02 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > > > Changes in the v4 patch. > > > > > > > > > > 1. Add nodirect_extern_access attribute. > > > > > > > > > > Changes in the v3 patch. > > > > > > > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > > > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > > > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > > > > option was also addded within a day. --max-cache-size=SIZE is used to > > > > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > > > > > > > Changes in the v2 patch. > > > > > > > > > > 1. Rename the option to -fdirect-extern-access. > > > > > > > > > > --- > > > > > On systems with copy relocation: > > > > > * A copy in executable is created for the definition in a shared library > > > > > at run-time by ld.so. > > > > > * The copy is referenced by executable and shared libraries. > > > > > * Executable can access the copy directly. > > > > > > > > > > Issues are: > > > > > * Overhead of a copy, time and space, may be visible at run-time. > > > > > * Read-only data in the shared library becomes read-write copy in > > > > > executable at run-time. > > > > > * Local access to data with the STV_PROTECTED visibility in the shared > > > > > library must use GOT. > > > > > > > > > > On systems without function descriptor, function pointers vary depending > > > > > on where and how the functions are defined. > > > > > * If the function is defined in executable, it can be the address of > > > > > function body. > > > > > * If the function, including the function with STV_PROTECTED visibility, > > > > > is defined in the shared library, it can be the address of the PLT entry > > > > > in executable or shared library. > > > > > > > > > > Issues are: > > > > > * The address of function body may not be used as its function pointer. > > > > > * ld.so needs to search loaded shared libraries for the function pointer > > > > > of the function with STV_PROTECTED visibility. > > > > > > > > > > Here is a proposal to remove copy relocation and use canonical function > > > > > pointer: > > > > > > > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > > > > use GOT. > > > > > a. Linker may optimize out GOT access if the data is defined in PIE or > > > > > non-PIE. > > > > > 2. Read-only data in the shared library remain read-only at run-time > > > > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > > > > library is the address of data body. > > > > > a. Can use IP-relative access. > > > > > b. May need GOT without IP-relative access. > > > > > 4. For systems without function descriptor, > > > > > a. All global function pointers of undefined functions in PIE and > > > > > non-PIE must use GOT. Linker may optimize out GOT access if the > > > > > function is defined in PIE or non-PIE. > > > > > b. Function pointer of functions with the STV_PROTECTED visibility in > > > > > executable and shared library is the address of function body. > > > > > i. Can use IP-relative access. > > > > > ii. May need GOT without IP-relative access. > > > > > iii. Branches to undefined functions may use PLT. > > > > > 5. Single global definition marker: > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED: > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > > > > > > > to indicate the needed properties by the object file. > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > > > > > > > to indicate that the object file requires canonical function pointers and > > > > > cannot be used with copy relocation. This bit should be cleared in > > > > > executable when there are non-GOT or non-PLT relocations in relocatable > > > > > input files without this bit set. > > > > > > > > > > a. Protected symbol access within the shared library can be treated as > > > > > local. > > > > > b. Copy relocation should be disallowed at link-time and run-time. > > > > > c. GOT function pointer reference is required at link-time and run-time. > > > > > > > > > > The indirect external access marker can be used in the following ways: > > > > > > > > > > 1. Linker can decide the best way to resolve a relocation against a > > > > > protected symbol before seeing all relocations against the symbol. > > > > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > > > > in executable against the protected symbol in a shared library by checking > > > > > if the shared library is built with -fno-direct-extern-access. > > > > > > > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > > > > the default. With -fno-direct-extern-access: > > > > > > > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > > > > non-PIE. This is safe to do and does not break the ABI. > > > > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > > > > visibility: > > > > > a. The address of data symbol is the address of data body. > > > > > b. For systems without function descriptor, the function pointer is > > > > > the address of function body. > > > > > These break the ABI and resulting shared libraries may not be compatible > > > > > with executables which are not compiled with -fno-direct-extern-access. > > > > > 3. Generate an indirect external access marker in relocatable objects if > > > > > supported by linker. > > > > > > > > > > H.J. Lu (2): > > > > > Add -f[no-]direct-extern-access > > > > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > > > > > > > > > > Hi, > > > > > > > > This has been implemented in binutils 2.38 and glibc 2.35. > > > > What do I need to do to get it into GCC 12? > > > > > > > > > > Hi Richard, Jeff, > > > > > > Can you help review this patch for GCC 12: > > > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html > > > > > > > PING. > > PING. > PING. -- H.J. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: PING^5 [PATCH v4 0/2] Implement indirect external access 2022-01-04 3:32 ` PING^5 " H.J. Lu @ 2022-01-17 19:23 ` Marek Polacek 2022-02-09 6:44 ` Fāng-ruì Sòng 1 sibling, 0 replies; 10+ messages in thread From: Marek Polacek @ 2022-01-17 19:23 UTC (permalink / raw) To: H.J. Lu; +Cc: GCC Patches, Florian Weimer, Jakub Jelinek Ping, could a global maintainer take a look at this? On Mon, Jan 03, 2022 at 07:32:25PM -0800, H.J. Lu via Gcc-patches wrote: > On Sat, Dec 11, 2021 at 10:44 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Thu, Nov 25, 2021 at 9:54 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Mon, Nov 1, 2021 at 7:02 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > > > > > Changes in the v4 patch. > > > > > > > > > > > > 1. Add nodirect_extern_access attribute. > > > > > > > > > > > > Changes in the v3 patch. > > > > > > > > > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > > > > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > > > > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > > > > > option was also addded within a day. --max-cache-size=SIZE is used to > > > > > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > > > > > > > > > Changes in the v2 patch. > > > > > > > > > > > > 1. Rename the option to -fdirect-extern-access. > > > > > > > > > > > > --- > > > > > > On systems with copy relocation: > > > > > > * A copy in executable is created for the definition in a shared library > > > > > > at run-time by ld.so. > > > > > > * The copy is referenced by executable and shared libraries. > > > > > > * Executable can access the copy directly. > > > > > > > > > > > > Issues are: > > > > > > * Overhead of a copy, time and space, may be visible at run-time. > > > > > > * Read-only data in the shared library becomes read-write copy in > > > > > > executable at run-time. > > > > > > * Local access to data with the STV_PROTECTED visibility in the shared > > > > > > library must use GOT. > > > > > > > > > > > > On systems without function descriptor, function pointers vary depending > > > > > > on where and how the functions are defined. > > > > > > * If the function is defined in executable, it can be the address of > > > > > > function body. > > > > > > * If the function, including the function with STV_PROTECTED visibility, > > > > > > is defined in the shared library, it can be the address of the PLT entry > > > > > > in executable or shared library. > > > > > > > > > > > > Issues are: > > > > > > * The address of function body may not be used as its function pointer. > > > > > > * ld.so needs to search loaded shared libraries for the function pointer > > > > > > of the function with STV_PROTECTED visibility. > > > > > > > > > > > > Here is a proposal to remove copy relocation and use canonical function > > > > > > pointer: > > > > > > > > > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > > > > > use GOT. > > > > > > a. Linker may optimize out GOT access if the data is defined in PIE or > > > > > > non-PIE. > > > > > > 2. Read-only data in the shared library remain read-only at run-time > > > > > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > > > > > library is the address of data body. > > > > > > a. Can use IP-relative access. > > > > > > b. May need GOT without IP-relative access. > > > > > > 4. For systems without function descriptor, > > > > > > a. All global function pointers of undefined functions in PIE and > > > > > > non-PIE must use GOT. Linker may optimize out GOT access if the > > > > > > function is defined in PIE or non-PIE. > > > > > > b. Function pointer of functions with the STV_PROTECTED visibility in > > > > > > executable and shared library is the address of function body. > > > > > > i. Can use IP-relative access. > > > > > > ii. May need GOT without IP-relative access. > > > > > > iii. Branches to undefined functions may use PLT. > > > > > > 5. Single global definition marker: > > > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED: > > > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > > > > > > > > > to indicate the needed properties by the object file. > > > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > > > > > > > > > to indicate that the object file requires canonical function pointers and > > > > > > cannot be used with copy relocation. This bit should be cleared in > > > > > > executable when there are non-GOT or non-PLT relocations in relocatable > > > > > > input files without this bit set. > > > > > > > > > > > > a. Protected symbol access within the shared library can be treated as > > > > > > local. > > > > > > b. Copy relocation should be disallowed at link-time and run-time. > > > > > > c. GOT function pointer reference is required at link-time and run-time. > > > > > > > > > > > > The indirect external access marker can be used in the following ways: > > > > > > > > > > > > 1. Linker can decide the best way to resolve a relocation against a > > > > > > protected symbol before seeing all relocations against the symbol. > > > > > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > > > > > in executable against the protected symbol in a shared library by checking > > > > > > if the shared library is built with -fno-direct-extern-access. > > > > > > > > > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > > > > > the default. With -fno-direct-extern-access: > > > > > > > > > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > > > > > non-PIE. This is safe to do and does not break the ABI. > > > > > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > > > > > visibility: > > > > > > a. The address of data symbol is the address of data body. > > > > > > b. For systems without function descriptor, the function pointer is > > > > > > the address of function body. > > > > > > These break the ABI and resulting shared libraries may not be compatible > > > > > > with executables which are not compiled with -fno-direct-extern-access. > > > > > > 3. Generate an indirect external access marker in relocatable objects if > > > > > > supported by linker. > > > > > > > > > > > > H.J. Lu (2): > > > > > > Add -f[no-]direct-extern-access > > > > > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > > > > > > > > > > > > > Hi, > > > > > > > > > > This has been implemented in binutils 2.38 and glibc 2.35. > > > > > What do I need to do to get it into GCC 12? > > > > > > > > > > > > > Hi Richard, Jeff, > > > > > > > > Can you help review this patch for GCC 12: > > > > > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html > > > > > > > > > > PING. > > > > PING. > > > > PING. > > > -- > H.J. > Marek ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: PING^5 [PATCH v4 0/2] Implement indirect external access 2022-01-04 3:32 ` PING^5 " H.J. Lu 2022-01-17 19:23 ` Marek Polacek @ 2022-02-09 6:44 ` Fāng-ruì Sòng 1 sibling, 0 replies; 10+ messages in thread From: Fāng-ruì Sòng @ 2022-02-09 6:44 UTC (permalink / raw) To: H.J. Lu; +Cc: GCC Patches, Florian Weimer, Jakub Jelinek On Mon, Jan 3, 2022 at 7:33 PM H.J. Lu via Gcc-patches <gcc-patches@gcc.gnu.org> wrote: > > On Sat, Dec 11, 2021 at 10:44 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > On Thu, Nov 25, 2021 at 9:54 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > On Mon, Nov 1, 2021 at 7:02 AM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > On Thu, Oct 21, 2021 at 12:56 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > > > On Wed, Sep 22, 2021 at 7:02 PM H.J. Lu <hjl.tools@gmail.com> wrote: > > > > > > > > > > > > Changes in the v4 patch. > > > > > > > > > > > > 1. Add nodirect_extern_access attribute. > > > > > > > > > > > > Changes in the v3 patch. > > > > > > > > > > > > 1. GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support has been added to > > > > > > GNU binutils 2.38. But the -z indirect-extern-access linker option is > > > > > > only available for Linux/x86. However, the --max-cache-size=SIZE linker > > > > > > option was also addded within a day. --max-cache-size=SIZE is used to > > > > > > check for GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS support. > > > > > > > > > > > > Changes in the v2 patch. > > > > > > > > > > > > 1. Rename the option to -fdirect-extern-access. > > > > > > > > > > > > --- > > > > > > On systems with copy relocation: > > > > > > * A copy in executable is created for the definition in a shared library > > > > > > at run-time by ld.so. > > > > > > * The copy is referenced by executable and shared libraries. > > > > > > * Executable can access the copy directly. > > > > > > > > > > > > Issues are: > > > > > > * Overhead of a copy, time and space, may be visible at run-time. > > > > > > * Read-only data in the shared library becomes read-write copy in > > > > > > executable at run-time. > > > > > > * Local access to data with the STV_PROTECTED visibility in the shared > > > > > > library must use GOT. > > > > > > > > > > > > On systems without function descriptor, function pointers vary depending > > > > > > on where and how the functions are defined. > > > > > > * If the function is defined in executable, it can be the address of > > > > > > function body. > > > > > > * If the function, including the function with STV_PROTECTED visibility, > > > > > > is defined in the shared library, it can be the address of the PLT entry > > > > > > in executable or shared library. > > > > > > > > > > > > Issues are: > > > > > > * The address of function body may not be used as its function pointer. > > > > > > * ld.so needs to search loaded shared libraries for the function pointer > > > > > > of the function with STV_PROTECTED visibility. > > > > > > > > > > > > Here is a proposal to remove copy relocation and use canonical function > > > > > > pointer: > > > > > > > > > > > > 1. Accesses, including in PIE and non-PIE, to undefined symbols must > > > > > > use GOT. > > > > > > a. Linker may optimize out GOT access if the data is defined in PIE or > > > > > > non-PIE. > > > > > > 2. Read-only data in the shared library remain read-only at run-time > > > > > > 3. Address of global data with the STV_PROTECTED visibility in the shared > > > > > > library is the address of data body. > > > > > > a. Can use IP-relative access. > > > > > > b. May need GOT without IP-relative access. > > > > > > 4. For systems without function descriptor, > > > > > > a. All global function pointers of undefined functions in PIE and > > > > > > non-PIE must use GOT. Linker may optimize out GOT access if the > > > > > > function is defined in PIE or non-PIE. > > > > > > b. Function pointer of functions with the STV_PROTECTED visibility in > > > > > > executable and shared library is the address of function body. > > > > > > i. Can use IP-relative access. > > > > > > ii. May need GOT without IP-relative access. > > > > > > iii. Branches to undefined functions may use PLT. > > > > > > 5. Single global definition marker: > > > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED: > > > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED GNU_PROPERTY_UINT32_OR_LO > > > > > > > > > > > > to indicate the needed properties by the object file. > > > > > > > > > > > > Add GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS: > > > > > > > > > > > > #define GNU_PROPERTY_1_NEEDED_INDIRECT_EXTERN_ACCESS (1U << 0) > > > > > > > > > > > > to indicate that the object file requires canonical function pointers and > > > > > > cannot be used with copy relocation. This bit should be cleared in > > > > > > executable when there are non-GOT or non-PLT relocations in relocatable > > > > > > input files without this bit set. > > > > > > > > > > > > a. Protected symbol access within the shared library can be treated as > > > > > > local. > > > > > > b. Copy relocation should be disallowed at link-time and run-time. > > > > > > c. GOT function pointer reference is required at link-time and run-time. > > > > > > > > > > > > The indirect external access marker can be used in the following ways: > > > > > > > > > > > > 1. Linker can decide the best way to resolve a relocation against a > > > > > > protected symbol before seeing all relocations against the symbol. > > > > > > 2. Dynamic linker can decide if it is an error to have a copy relocation > > > > > > in executable against the protected symbol in a shared library by checking > > > > > > if the shared library is built with -fno-direct-extern-access. > > > > > > > > > > > > Add a compiler option, -fdirect-extern-access. -fdirect-extern-access is > > > > > > the default. With -fno-direct-extern-access: > > > > > > > > > > > > 1. Always to use GOT to access undefined symbols, including in PIE and > > > > > > non-PIE. This is safe to do and does not break the ABI. > > > > > > 2. In executable and shared library, for symbols with the STV_PROTECTED > > > > > > visibility: > > > > > > a. The address of data symbol is the address of data body. > > > > > > b. For systems without function descriptor, the function pointer is > > > > > > the address of function body. > > > > > > These break the ABI and resulting shared libraries may not be compatible > > > > > > with executables which are not compiled with -fno-direct-extern-access. > > > > > > 3. Generate an indirect external access marker in relocatable objects if > > > > > > supported by linker. > > > > > > > > > > > > H.J. Lu (2): > > > > > > Add -f[no-]direct-extern-access > > > > > > Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE > > > > > > > > > > > > > > > > Hi, > > > > > > > > > > This has been implemented in binutils 2.38 and glibc 2.35. > > > > > What do I need to do to get it into GCC 12? > > > > > > > > > > > > > Hi Richard, Jeff, > > > > > > > > Can you help review this patch for GCC 12: > > > > > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580108.html > > > > https://gcc.gnu.org/pipermail/gcc-patches/2021-September/580107.html > > > > > > > > > > PING. > > > > PING. > > > > PING. > > > -- > H.J. I'll ping https://gcc.gnu.org/pipermail/gcc-patches/2021-May/570139.html ("[PATCH] x86-64: Remove HAVE_LD_PIE_COPYRELOC"), too. It's somewhat related, but simple and useful on its own.... The -fPIE default for x86-64 should be to avoid PC-relative relocations for extern int x; int foo() { return x; } like -fPIC. There should not be any need to specify a compiler driver option to achieve this goal. ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2022-02-09 6:44 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-09-23 2:02 [PATCH v4 0/2] Implement indirect external access H.J. Lu 2021-09-23 2:02 ` [PATCH v4 1/2] Add -f[no-]direct-extern-access H.J. Lu 2021-09-23 2:02 ` [PATCH v4 2/2] Add TARGET_ASM_EMIT_GNU_PROPERTY_NOTE H.J. Lu 2021-10-21 19:56 ` PING [PATCH v4 0/2] Implement indirect external access H.J. Lu 2021-11-01 14:02 ` PING^2 " H.J. Lu 2021-11-25 17:54 ` PING^3 " H.J. Lu 2021-12-11 18:44 ` PING^4 " H.J. Lu 2022-01-04 3:32 ` PING^5 " H.J. Lu 2022-01-17 19:23 ` Marek Polacek 2022-02-09 6:44 ` Fāng-ruì Sòng
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).