12d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines//===-- sanitizer_tls_get_addr.cc -----------------------------------------===// 22d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// 32d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// The LLVM Compiler Infrastructure 42d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// 52d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// This file is distributed under the University of Illinois Open Source 62d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// License. See LICENSE.TXT for details. 72d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// 82d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines//===----------------------------------------------------------------------===// 92d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// 102d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// Handle the __tls_get_addr call. 112d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// 122d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines//===----------------------------------------------------------------------===// 132d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 142d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#include "sanitizer_tls_get_addr.h" 152d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 162d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#include "sanitizer_flags.h" 172d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#include "sanitizer_platform_interceptors.h" 182d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 192d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesnamespace __sanitizer { 202d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#if SANITIZER_INTERCEPT_TLS_GET_ADDR 212d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 222d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// The actual parameter that comes to __tls_get_addr 232d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// is a pointer to a struct with two words in it: 242d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstruct TlsGetAddrParam { 252d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr dso_id; 262d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr offset; 272d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines}; 282d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 292d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// Glibc starting from 2.19 allocates tls using __signal_safe_memalign, 302d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// which has such header. 312d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstruct Glibc_2_19_tls_header { 322d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr size; 332d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr start; 342d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines}; 352d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 362d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// This must be static TLS 372d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines__attribute__((tls_model("initial-exec"))) 382d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstatic __thread DTLS dtls; 392d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 402d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// Make sure we properly destroy the DTLS objects: 412d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines// this counter should never get too large. 422d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstatic atomic_uintptr_t number_of_live_dtls; 432d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 442d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstatic const uptr kDestroyedThread = -1; 452d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 462d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstatic inline void DTLS_Deallocate(DTLS::DTV *dtv, uptr size) { 472d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (!size) return; 482d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: DTLS_Deallocate %p %zd\n", dtv, size); 492d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines UnmapOrDie(dtv, size * sizeof(DTLS::DTV)); 502d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines atomic_fetch_sub(&number_of_live_dtls, 1, memory_order_relaxed); 512d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 522d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 532d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesstatic inline void DTLS_Resize(uptr new_size) { 542d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (dtls.dtv_size >= new_size) return; 552d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines new_size = RoundUpToPowerOfTwo(new_size); 562d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines new_size = Max(new_size, 4096UL / sizeof(DTLS::DTV)); 572d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines DTLS::DTV *new_dtv = 582d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines (DTLS::DTV *)MmapOrDie(new_size * sizeof(DTLS::DTV), "DTLS_Resize"); 592d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr num_live_dtls = 602d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines atomic_fetch_add(&number_of_live_dtls, 1, memory_order_relaxed); 612d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: DTLS_Resize %p %zd\n", &dtls, num_live_dtls); 622d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines CHECK_LT(num_live_dtls, 1 << 20); 632d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr old_dtv_size = dtls.dtv_size; 642d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines DTLS::DTV *old_dtv = dtls.dtv; 652d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (old_dtv_size) 662d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines internal_memcpy(new_dtv, dtls.dtv, dtls.dtv_size * sizeof(DTLS::DTV)); 672d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.dtv = new_dtv; 682d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.dtv_size = new_size; 692d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (old_dtv_size) 702d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines DTLS_Deallocate(old_dtv, old_dtv_size); 712d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 722d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 732d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesvoid DTLS_Destroy() { 742d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (!common_flags()->intercept_tls_get_addr) return; 752d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: DTLS_Destroy %p %zd\n", &dtls, dtls.dtv_size); 762d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr s = dtls.dtv_size; 772d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.dtv_size = kDestroyedThread; // Do this before unmap for AS-safety. 782d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines DTLS_Deallocate(dtls.dtv, s); 792d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 802d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 815d71de26cedae3dafc17449fe0182045c0bd20e8Stephen HinesDTLS::DTV *DTLS_on_tls_get_addr(void *arg_void, void *res) { 825d71de26cedae3dafc17449fe0182045c0bd20e8Stephen Hines if (!common_flags()->intercept_tls_get_addr) return 0; 832d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines TlsGetAddrParam *arg = reinterpret_cast<TlsGetAddrParam *>(arg_void); 842d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr dso_id = arg->dso_id; 855d71de26cedae3dafc17449fe0182045c0bd20e8Stephen Hines if (dtls.dtv_size == kDestroyedThread) return 0; 862d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines DTLS_Resize(dso_id + 1); 875d71de26cedae3dafc17449fe0182045c0bd20e8Stephen Hines if (dtls.dtv[dso_id].beg) return 0; 882d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr tls_size = 0; 892d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines uptr tls_beg = reinterpret_cast<uptr>(res) - arg->offset; 902d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: %p {%p,%p} => %p; tls_beg: %p; sp: %p " 912d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines "num_live_dtls %zd\n", 922d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines arg, arg->dso_id, arg->offset, res, tls_beg, &tls_beg, 932d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines atomic_load(&number_of_live_dtls, memory_order_relaxed)); 942d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (dtls.last_memalign_ptr == tls_beg) { 952d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_size = dtls.last_memalign_size; 962d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: glibc <=2.18 suspected; tls={%p,%p}\n", 972d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_beg, tls_size); 982d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines } else if ((tls_beg % 4096) == sizeof(Glibc_2_19_tls_header)) { 992d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines // We may want to check gnu_get_libc_version(). 1002d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines Glibc_2_19_tls_header *header = (Glibc_2_19_tls_header *)tls_beg - 1; 1012d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_size = header->size; 1022d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_beg = header->start; 1032d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: glibc >=2.19 suspected; tls={%p %p}\n", 1042d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_beg, tls_size); 1052d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines } else { 1062d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "__tls_get_addr: Can't guess glibc version\n"); 1072d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines // This may happen inside the DTOR of main thread, so just ignore it. 1082d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines tls_size = 0; 1092d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines } 1102d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.dtv[dso_id].beg = tls_beg; 1112d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.dtv[dso_id].size = tls_size; 1125d71de26cedae3dafc17449fe0182045c0bd20e8Stephen Hines return dtls.dtv + dso_id; 1132d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 1142d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 1152d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesvoid DTLS_on_libc_memalign(void *ptr, uptr size) { 1162d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines if (!common_flags()->intercept_tls_get_addr) return; 1172d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines VPrintf(2, "DTLS_on_libc_memalign: %p %p\n", ptr, size); 1182d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.last_memalign_ptr = reinterpret_cast<uptr>(ptr); 1192d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines dtls.last_memalign_size = size; 1202d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} 1212d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 1222d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen HinesDTLS *DTLS_Get() { return &dtls; } 1232d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 1242d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#else 1252d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesvoid DTLS_on_libc_memalign(void *ptr, uptr size) {} 1265d71de26cedae3dafc17449fe0182045c0bd20e8Stephen HinesDTLS::DTV *DTLS_on_tls_get_addr(void *arg, void *res) { return 0; } 1272d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen HinesDTLS *DTLS_Get() { return 0; } 1282d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hinesvoid DTLS_Destroy() {} 1292d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines#endif // SANITIZER_INTERCEPT_TLS_GET_ADDR 1302d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines 1312d1fdb26e458c4ddc04155c1d421bced3ba90cd0Stephen Hines} // namespace __sanitizer 132