1/* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2008 Red Hat, Inc. 2 This file is part of elfutils. 3 Written by Ulrich Drepper <drepper@redhat.com>, 2001. 4 5 This file is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License as published by 7 the Free Software Foundation; either version 3 of the License, or 8 (at your option) any later version. 9 10 elfutils is distributed in the hope that it will be useful, but 11 WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public License 16 along with this program. If not, see <http://www.gnu.org/licenses/>. */ 17 18#ifdef HAVE_CONFIG_H 19# include <config.h> 20#endif 21 22#include <assert.h> 23#include <error.h> 24#include <libintl.h> 25#include <stdlib.h> 26#include <string.h> 27 28// XXX For debugging 29#include <stdio.h> 30 31#include <system.h> 32#include "ld.h" 33#include "list.h" 34/* x86 is little endian. */ 35#define UNALIGNED_ACCESS_CLASS LITTLE_ENDIAN 36#include "unaligned.h" 37#include "xelf.h" 38 39 40/* The old callbacks. */ 41static int (*old_open_outfile) (struct ld_state *, int, int, int); 42 43 44static int 45elf_i386_open_outfile (struct ld_state *statep, 46 int machine __attribute__ ((unused)), 47 int klass __attribute__ ((unused)), 48 int data __attribute__ ((unused))) 49{ 50 /* This backend only handles 32-bit object files. */ 51 /* XXX For now just use the generic backend. */ 52 return old_open_outfile (statep, EM_386, ELFCLASS32, ELFDATA2LSB); 53} 54 55 56/* Process relocations for the output in a relocatable file. This 57 only means adjusting offset and symbol indices. */ 58static void 59elf_i386_relocate_section (struct ld_state *statep __attribute__ ((unused)), 60 Elf_Scn *outscn, struct scninfo *firstp, 61 const Elf32_Word *dblindirect) 62{ 63 struct scninfo *runp; 64 Elf_Data *data; 65 66 /* Iterate over all the input sections. Appropriate data buffers in the 67 output sections were already created. */ 68 runp = firstp; 69 data = NULL; 70 do 71 { 72 Elf_Data *reltgtdata; 73 Elf_Data *insymdata; 74 Elf_Data *inxndxdata = NULL; 75 size_t maxcnt; 76 size_t cnt; 77 const Elf32_Word *symindirect; 78 struct symbol **symref; 79 struct usedfiles *file = runp->fileinfo; 80 XElf_Shdr *shdr = &SCNINFO_SHDR (runp->shdr); 81 82 /* Get the output section data buffer for this input section. */ 83 data = elf_getdata (outscn, data); 84 assert (data != NULL); 85 86 /* Get the data for section in the input file this relocation 87 section is relocating. Since these buffers are reused in the 88 output modifying these buffers has the correct result. */ 89 reltgtdata = elf_getdata (file->scninfo[shdr->sh_info].scn, NULL); 90 91 /* Get the data for the input section symbol table for this 92 relocation section. */ 93 insymdata = elf_getdata (file->scninfo[shdr->sh_link].scn, NULL); 94 assert (insymdata != NULL); 95 96 /* And the extended section index table. */ 97 inxndxdata = runp->fileinfo->xndxdata; 98 99 /* Number of relocations. */ 100 maxcnt = shdr->sh_size / shdr->sh_entsize; 101 102 /* Array directing local symbol table offsets to output symbol 103 table offsets. */ 104 symindirect = file->symindirect; 105 106 /* References to the symbol records. */ 107 symref = file->symref; 108 109 /* Iterate over all the relocations in the section. */ 110 for (cnt = 0; cnt < maxcnt; ++cnt) 111 { 112 XElf_Rel_vardef (rel); 113 Elf32_Word si; 114 XElf_Sym_vardef (sym); 115 Elf32_Word xndx; 116 117 /* Get the relocation data itself. x86 uses Rel 118 relocations. In case we have to handle Rela as well the 119 whole loop probably should be duplicated. */ 120 xelf_getrel (data, cnt, rel); 121 assert (rel != NULL); 122 123 /* Compute the symbol index in the output file. */ 124 si = symindirect[XELF_R_SYM (rel->r_info)]; 125 if (si == 0) 126 { 127 /* This happens if the symbol is locally undefined or 128 superceded by some other definition. */ 129 assert (symref[XELF_R_SYM (rel->r_info)] != NULL); 130 si = symref[XELF_R_SYM (rel->r_info)]->outsymidx; 131 } 132 /* Take reordering performed to sort the symbol table into 133 account. */ 134 si = dblindirect[si]; 135 136 /* Get the symbol table entry. */ 137 xelf_getsymshndx (insymdata, inxndxdata, XELF_R_SYM (rel->r_info), 138 sym, xndx); 139 if (sym->st_shndx != SHN_XINDEX) 140 xndx = sym->st_shndx; 141 assert (xndx < SHN_LORESERVE || xndx > SHN_HIRESERVE); 142 143 /* We fortunately don't have to do much. The relocations 144 mostly get only updates of the offset. Only for a 145 relocation referring to a section do we have to do 146 something. In this case the reference to the sections 147 has no direct equivalent since the part the input section 148 contributes need not start at the same offset as in the 149 input file. Therefore we have to adjust the addend which 150 in the case of Rel relocations is in the target section 151 itself. */ 152 if (XELF_ST_TYPE (sym->st_info) == STT_SECTION) 153 { 154 /* We expect here only R_386_32 relocations. */ 155 assert (XELF_R_TYPE (rel->r_info) == R_386_32); 156 157 /* Avoid writing to the section memory if this is 158 effectively a no-op since it might save a 159 copy-on-write operation. */ 160 Elf32_Word toadd = file->scninfo[xndx].offset; 161 if (toadd != 0) 162 add_4ubyte_unaligned (reltgtdata->d_buf + rel->r_offset, 163 toadd); 164 } 165 166 /* Adjust the offset for the position of the input section 167 content in the output section. */ 168 rel->r_offset += file->scninfo[shdr->sh_info].offset; 169 170 /* And finally adjust the index of the symbol in the output 171 symbol table. */ 172 rel->r_info = XELF_R_INFO (si, XELF_R_TYPE (rel->r_info)); 173 174 /* Store the result. */ 175 (void) xelf_update_rel (data, cnt, rel); 176 } 177 178 runp = runp->next; 179 } 180 while (runp != firstp); 181} 182 183 184/* Each PLT entry has 16 bytes. We need one entry as overhead for 185 the code to set up the call into the runtime relocation. */ 186#define PLT_ENTRY_SIZE 16 187 188static void 189elf_i386_initialize_plt (struct ld_state *statep, Elf_Scn *scn) 190{ 191 Elf_Data *data; 192 XElf_Shdr_vardef (shdr); 193 194 /* Change the entry size in the section header. */ 195 xelf_getshdr (scn, shdr); 196 assert (shdr != NULL); 197 shdr->sh_entsize = PLT_ENTRY_SIZE; 198 (void) xelf_update_shdr (scn, shdr); 199 200 data = elf_newdata (scn); 201 if (data == NULL) 202 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLT section: %s"), 203 elf_errmsg (-1)); 204 205 /* We need one special PLT entry (performing the jump to the runtime 206 relocation routines) and one for each function we call in a DSO. */ 207 data->d_size = (1 + statep->nplt) * PLT_ENTRY_SIZE; 208 data->d_buf = xcalloc (1, data->d_size); 209 assert (data->d_type == ELF_T_BYTE); 210 data->d_off = 0; 211 data->d_align = 8; 212 213 statep->nplt_used = 1; 214} 215 216 217static void 218elf_i386_initialize_pltrel (struct ld_state *statep, Elf_Scn *scn) 219{ 220 Elf_Data *data; 221 222 data = elf_newdata (scn); 223 if (data == NULL) 224 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLTREL section: %s"), 225 elf_errmsg (-1)); 226 227 /* One relocation per PLT entry. */ 228 size_t size = statep->nplt * sizeof (Elf32_Rel); 229 data->d_buf = xcalloc (1, size); 230 data->d_type = ELF_T_REL; 231 data->d_size = size; 232 data->d_align = 4; 233 data->d_off = 0; 234} 235 236 237static void 238elf_i386_initialize_got (struct ld_state *statep, Elf_Scn *scn) 239{ 240 /* If we come here we better need a GOT. */ 241 assert (statep->ngot != 0); 242 243 Elf_Data *data = elf_newdata (scn); 244 if (data == NULL) 245 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOT section: %s"), 246 elf_errmsg (-1)); 247 248 /* Just a single word per GOT entry is needed. */ 249 size_t size = statep->ngot * sizeof (Elf32_Addr); 250 data->d_buf = xcalloc (1, size); 251 data->d_size = size; 252 data->d_type = ELF_T_WORD; 253 data->d_off = 0; 254 data->d_align = sizeof (Elf32_Addr); 255} 256 257 258static void 259elf_i386_initialize_gotplt (struct ld_state *statep, Elf_Scn *scn) 260{ 261 /* If we come here we better need a PLT. */ 262 assert (statep->nplt != 0); 263 264 Elf_Data *data = elf_newdata (scn); 265 if (data == NULL) 266 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOTPLT section: %s"), 267 elf_errmsg (-1)); 268 269 /* We construct the .got.plt section in pieces. Here we only add the data 270 structures which are used by the PLT. This includes three reserved 271 entries at the beginning (the first will contain a pointer to the 272 .dynamic section), and one word for each PLT entry. */ 273 size_t size = (3 + statep->nplt) * sizeof (Elf32_Addr); 274 data->d_buf = xcalloc (1, size); 275 data->d_type = ELF_T_WORD; 276 data->d_size = size; 277 data->d_off = 0; 278 data->d_align = sizeof (Elf32_Addr); 279} 280 281 282/* The first entry in an absolute procedure linkage table looks like 283 this. See the SVR4 ABI i386 supplement to see how this works. */ 284static const unsigned char elf_i386_plt0_entry[PLT_ENTRY_SIZE] = 285{ 286 0xff, 0x35, /* pushl contents of address */ 287 0, 0, 0, 0, /* replaced with address of .got + 4. */ 288 0xff, 0x25, /* jmp indirect */ 289 0, 0, 0, 0, /* replaced with address of .got + 8. */ 290 0x0f, 0x0b, /* ud2a, to prevent further decoding. */ 291 0, 0 /* pad out to 16 bytes. */ 292}; 293 294/* Type describing the first PLT entry in non-PIC. */ 295struct plt0_entry 296{ 297 /* First a 'push' of the second GOT entry. */ 298 unsigned char push_instr[2]; 299 uint32_t gotp4_addr; 300 /* Second, a 'jmp indirect' to the third GOT entry. */ 301 unsigned char jmp_instr[2]; 302 uint32_t gotp8_addr; 303 /* Padding. */ 304 unsigned char padding[4]; 305} __attribute__ ((packed)); 306 307/* The first entry in a PIC procedure linkage table look like this. */ 308static const unsigned char elf_i386_pic_plt0_entry[PLT_ENTRY_SIZE] = 309{ 310 0xff, 0xb3, 4, 0, 0, 0, /* pushl 4(%ebx) */ 311 0xff, 0xa3, 8, 0, 0, 0, /* jmp *8(%ebx) */ 312 0x0f, 0x0b, /* ud2a, to prevent further decoding. */ 313 0, 0 /* pad out to 16 bytes. */ 314}; 315 316/* Contents of all but the first PLT entry in executable. */ 317static const unsigned char elf_i386_plt_entry[PLT_ENTRY_SIZE] = 318{ 319 0xff, 0x25, /* jmp indirect */ 320 0, 0, 0, 0, /* replaced with address of this symbol in .got. */ 321 0x68, /* pushl immediate */ 322 0, 0, 0, 0, /* replaced with offset into relocation table. */ 323 0xe9, /* jmp relative */ 324 0, 0, 0, 0 /* replaced with offset to start of .plt. */ 325}; 326 327/* Contents of all but the first PLT entry in DSOs. */ 328static const unsigned char elf_i386_pic_plt_entry[PLT_ENTRY_SIZE] = 329{ 330 0xff, 0xa3, /* jmp *offset(%ebx) */ 331 0, 0, 0, 0, /* replaced with offset of this symbol in .got. */ 332 0x68, /* pushl immediate */ 333 0, 0, 0, 0, /* replaced with offset into relocation table. */ 334 0xe9, /* jmp relative */ 335 0, 0, 0, 0 /* replaced with offset to start of .plt. */ 336}; 337 338/* Type describing a PLT entry. */ 339struct plt_entry 340{ 341 /* The first instruction is 'jmp indirect' or 'jmp *offset(%ebs)'. */ 342 unsigned char jmp_instr[2]; 343 uint32_t offset_got; 344 /* The second instruction is 'push immediate'. */ 345 unsigned char push_instr; 346 uint32_t push_imm; 347 /* Finally a 'jmp relative'. */ 348 unsigned char jmp_instr2; 349 uint32_t plt0_offset; 350} __attribute__ ((packed)); 351 352 353static void 354elf_i386_finalize_plt (struct ld_state *statep, size_t nsym, 355 size_t nsym_local, struct symbol **ndxtosym) 356{ 357 if (unlikely (statep->nplt + statep->ngot == 0)) 358 /* Nothing to be done. */ 359 return; 360 361 Elf_Scn *scn; 362 XElf_Shdr_vardef (shdr); 363 Elf_Data *data; 364 const bool build_dso = statep->file_type == dso_file_type; 365 366 /* Get the address of the .got.plt section. */ 367 scn = elf_getscn (statep->outelf, statep->gotpltscnidx); 368 xelf_getshdr (scn, shdr); 369 data = elf_getdata (scn, NULL); 370 assert (shdr != NULL && data != NULL); 371 /* The address points to the .got.plt section, not the .got section. */ 372 Elf32_Addr gotaddr = shdr->sh_addr; 373 374 /* Now create the initial values for the .got.plt section. The 375 first word contains the address of the .dynamic section. The 376 second and third entry are left empty for use by the dynamic 377 linker. The following entries are pointers to the instructions 378 following the initial jmp instruction in the corresponding PLT 379 entry. */ 380 xelf_getshdr (elf_getscn (statep->outelf, statep->dynamicscnidx), shdr); 381 assert (shdr != NULL); 382 ((Elf32_Word *) data->d_buf)[0] = shdr->sh_addr; 383 384 /* The PLT contains code which a user of a function jumps to. The first 385 PLT entry is special, so the first used one has the index 1. */ 386 scn = elf_getscn (statep->outelf, statep->pltscnidx); 387 XElf_Shdr_vardef (pltshdr); 388 xelf_getshdr (scn, pltshdr); 389 assert (pltshdr != NULL); 390 391 Elf_Data *dynsymdata = elf_getdata (elf_getscn (statep->outelf, 392 statep->dynsymscnidx), NULL); 393 assert (dynsymdata != NULL); 394 395 Elf_Data *symdata = NULL; 396 if (statep->symscnidx != 0) 397 { 398 symdata = elf_getdata (elf_getscn (statep->outelf, statep->symscnidx), 399 NULL); 400 assert (symdata != NULL); 401 } 402 403 /* Create the .plt section. */ 404 scn = elf_getscn (statep->outelf, statep->pltscnidx); 405 Elf_Data *pltdata = elf_getdata (scn, NULL); 406 assert (pltdata != NULL); 407 408 /* Also create the .rel.plt section data. It simply means relocations 409 addressing the corresponding entry in the .got.plt section. The 410 section name is misleading. */ 411 scn = elf_getscn (statep->outelf, statep->pltrelscnidx); 412 xelf_getshdr (scn, shdr); 413 Elf_Data *reldata = elf_getdata (scn, NULL); 414 assert (shdr != NULL && reldata != NULL); 415 416 /* Update the sh_link to point to the section being modified. We 417 point it here (correctly) to the .got.plt section. Some linkers 418 (e.g., the GNU binutils linker) point to the .plt section. This 419 is wrong since the .plt section isn't modified even though the 420 name .rel.plt suggests that this is correct. */ 421 shdr->sh_link = statep->dynsymscnidx; 422 shdr->sh_info = statep->gotpltscnidx; 423 (void) xelf_update_shdr (scn, shdr); 424 425 /* Create the first entry of the .plt section. */ 426 assert (pltdata->d_size >= PLT_ENTRY_SIZE); 427 if (build_dso) 428 /* Copy the entry. It's complete, no relocation needed. */ 429 memcpy (pltdata->d_buf, elf_i386_pic_plt0_entry, PLT_ENTRY_SIZE); 430 else 431 { 432 /* Copy the skeleton. */ 433 memcpy (pltdata->d_buf, elf_i386_plt0_entry, PLT_ENTRY_SIZE); 434 435 /* And fill in the addresses. */ 436 struct plt0_entry *addr = (struct plt0_entry *) pltdata->d_buf; 437 addr->gotp4_addr = target_bswap_32 (gotaddr + 4); 438 addr->gotp8_addr = target_bswap_32 (gotaddr + 8); 439 } 440 441 /* For DSOs we need GOT offsets, otherwise the GOT address. */ 442 Elf32_Addr gotaddr_off = build_dso ? 0 : gotaddr; 443 444 /* Create the remaining entries. */ 445 const unsigned char *plt_template 446 = build_dso ? elf_i386_pic_plt_entry : elf_i386_plt_entry; 447 448 for (size_t idx = nsym_local; idx < nsym; ++idx) 449 { 450 struct symbol *symbol = ndxtosym[idx]; 451 if (symbol == NULL || symbol->type != STT_FUNC 452 || ndxtosym[idx]->outdynsymidx == 0 453 // XXX is the following test correct? 454 || ! ndxtosym[idx]->in_dso) 455 continue; 456 457 size_t pltidx = symbol->merge.value; 458 459 assert (pltidx > 0); 460 assert ((3 + pltidx) * sizeof (Elf32_Word) <= data->d_size); 461 462 /* Address in the PLT. */ 463 Elf32_Addr pltentryaddr = (pltshdr->sh_addr + pltidx * PLT_ENTRY_SIZE); 464 465 /* Point the GOT entry at the PLT entry, after the initial jmp. */ 466 ((Elf32_Word *) data->d_buf)[2 + pltidx] = pltentryaddr + 6; 467 468 /* If the symbol is defined, adjust the address. */ 469 if (((Elf32_Sym *) dynsymdata->d_buf)[ndxtosym[idx]->outdynsymidx].st_shndx != SHN_UNDEF) 470 { 471 /* The value of the symbol is the address of the corresponding PLT 472 entry. Store the address, also for the normal symbol table if 473 this is necessary. */ 474 ((Elf32_Sym *) dynsymdata->d_buf)[pltidx].st_value = pltentryaddr; 475 476 if (symdata != NULL) 477 { 478 assert(nsym - statep->nplt + (pltidx - 1) == idx); 479 ((Elf32_Sym *) symdata->d_buf)[nsym - statep->nplt 480 + (pltidx - 1)].st_value 481 = pltentryaddr; 482 } 483 } 484 485 /* Copy the PLT entry template. */ 486 assert (pltdata->d_size >= (1 + pltidx) * PLT_ENTRY_SIZE); 487 struct plt_entry *addr = (struct plt_entry *) ((char *) pltdata->d_buf 488 + (pltidx 489 * PLT_ENTRY_SIZE)); 490 memcpy (addr, plt_template, PLT_ENTRY_SIZE); 491 492 /* And once more, fill in the addresses. First the address of 493 this symbol in .got. */ 494 addr->offset_got = target_bswap_32 (gotaddr_off 495 + (2 + pltidx) * sizeof (Elf32_Addr)); 496 /* Offset into relocation table. */ 497 addr->push_imm = target_bswap_32 ((pltidx - 1) * sizeof (Elf32_Rel)); 498 /* Offset to start of .plt. */ 499 addr->plt0_offset = target_bswap_32 (-(1 + pltidx) * PLT_ENTRY_SIZE); 500 501 502 XElf_Rel_vardef (rel); 503 assert (pltidx * sizeof (Elf32_Rel) <= reldata->d_size); 504 xelf_getrel_ptr (reldata, pltidx - 1, rel); 505 rel->r_offset = gotaddr + (2 + pltidx) * sizeof (Elf32_Addr); 506 /* The symbol table entries for the functions from DSOs are at 507 the beginning of the symbol table. */ 508 rel->r_info = XELF_R_INFO (ndxtosym[idx]->outdynsymidx, R_386_JMP_SLOT); 509 (void) xelf_update_rel (reldata, pltidx - 1, rel); 510 } 511} 512 513 514static int 515elf_i386_rel_type (struct ld_state *statep __attribute__ ((__unused__))) 516{ 517 /* ELF/i386 uses REL. */ 518 return DT_REL; 519} 520 521 522static void 523elf_i386_count_relocations (struct ld_state *statep, struct scninfo *scninfo) 524{ 525 /* We go through the list of input sections and count those relocations 526 which are not handled by the linker. At the same time we have to 527 see how many GOT entries we need and how much .bss space is needed 528 for copy relocations. */ 529 Elf_Data *data = elf_getdata (scninfo->scn, NULL); 530 XElf_Shdr *shdr = &SCNINFO_SHDR (scninfo->shdr); 531 size_t maxcnt = shdr->sh_size / shdr->sh_entsize; 532 size_t relsize = 0; 533 size_t cnt; 534 struct symbol *sym; 535 536 assert (shdr->sh_type == SHT_REL); 537 538 for (cnt = 0; cnt < maxcnt; ++cnt) 539 { 540 XElf_Rel_vardef (rel); 541 542 xelf_getrel (data, cnt, rel); 543 /* XXX Should we complain about failing accesses? */ 544 if (rel != NULL) 545 { 546 Elf32_Word r_sym = XELF_R_SYM (rel->r_info); 547 548 /* Symbols in COMDAT group sections which are discarded do 549 not have to be relocated. */ 550 if (r_sym >= scninfo->fileinfo->nlocalsymbols 551 && unlikely (scninfo->fileinfo->symref[r_sym] == NULL)) 552 continue; 553 554 switch (XELF_R_TYPE (rel->r_info)) 555 { 556 case R_386_GOT32: 557 if (! scninfo->fileinfo->symref[r_sym]->defined 558 || scninfo->fileinfo->symref[r_sym]->in_dso 559 || statep->file_type == dso_file_type) 560 { 561 relsize += sizeof (Elf32_Rel); 562 ++statep->nrel_got; 563 } 564 565 /* Even if this relocation is not emitted in the output 566 file it requires a GOT entry. */ 567 ++statep->ngot; 568 569 /* FALLTHROUGH */ 570 571 case R_386_GOTOFF: 572 case R_386_GOTPC: 573 statep->need_got = true; 574 break; 575 576 case R_386_32: 577 case R_386_PC32: 578 /* These relocations cause text relocations in DSOs. */ 579 if (linked_from_dso_p (scninfo, r_sym)) 580 { 581 if (statep->file_type == dso_file_type) 582 { 583 relsize += sizeof (Elf32_Rel); 584 // XXX Do we have to check whether the target 585 // XXX section is read-only first? 586 statep->dt_flags |= DF_TEXTREL; 587 } 588 else 589 { 590 /* Non-function objects from a DSO need to get a 591 copy relocation. */ 592 sym = scninfo->fileinfo->symref[r_sym]; 593 594 /* Only do this if we have not requested a copy 595 relocation already. */ 596 if (unlikely (sym->type != STT_FUNC) && ! sym->need_copy) 597 { 598 sym->need_copy = 1; 599 ++statep->ncopy; 600 relsize += sizeof (Elf32_Rel); 601 } 602 } 603 } 604 else if (statep->file_type == dso_file_type 605 && XELF_R_TYPE (rel->r_info) == R_386_32) 606 relsize += sizeof (Elf32_Rel); 607 608 break; 609 610 case R_386_PLT32: 611 /* We might need a PLT entry. But we cannot say for sure 612 here since one of the symbols might turn up being 613 defined in the executable (if we create such a thing). 614 If a DSO is created we still might use a local 615 definition. 616 617 If the symbol is not defined and we are not creating 618 a statically linked binary, then we need in any case 619 a PLT entry. */ 620 if (! scninfo->fileinfo->symref[r_sym]->defined 621 && !statep->statically) 622 { 623 sym = scninfo->fileinfo->symref[r_sym]; 624 sym->type = STT_FUNC; 625 sym->in_dso = 1; 626 sym->defined = 1; 627 628 /* Remove from the list of unresolved symbols. */ 629 --statep->nunresolved; 630 if (! sym->weak) 631 --statep->nunresolved_nonweak; 632 CDBL_LIST_DEL (statep->unresolved, sym); 633 634 /* Add to the list of symbols we expect from a DSO. */ 635 ++statep->nplt; 636 ++statep->nfrom_dso; 637 CDBL_LIST_ADD_REAR (statep->from_dso, sym); 638 } 639 break; 640 641 case R_386_TLS_LDO_32: 642 if (statep->file_type != executable_file_type) 643 abort (); 644 /* We do not need a relocation in the output file. */ 645 break; 646 647 case R_386_TLS_LE: 648 /* We never need a relocation in the output file. */ 649 break; 650 651 case R_386_TLS_IE: 652 if (statep->file_type == dso_file_type) 653 error (EXIT_FAILURE, 0, gettext ("initial-executable TLS relocation cannot be used ")); 654 if (!scninfo->fileinfo->symref[r_sym]->defined 655 || scninfo->fileinfo->symref[r_sym]->in_dso) 656 { 657 abort (); 658 } 659 break; 660 661 case R_386_TLS_GD: 662 if (statep->file_type != executable_file_type 663 || !scninfo->fileinfo->symref[r_sym]->defined 664 || scninfo->fileinfo->symref[r_sym]->in_dso) 665 { 666 abort (); 667 } 668 break; 669 670 case R_386_TLS_GOTIE: 671 case R_386_TLS_LDM: 672 case R_386_TLS_GD_32: 673 case R_386_TLS_GD_PUSH: 674 case R_386_TLS_GD_CALL: 675 case R_386_TLS_GD_POP: 676 case R_386_TLS_LDM_32: 677 case R_386_TLS_LDM_PUSH: 678 case R_386_TLS_LDM_CALL: 679 case R_386_TLS_LDM_POP: 680 case R_386_TLS_IE_32: 681 case R_386_TLS_LE_32: 682 /* XXX */ 683 abort (); 684 break; 685 686 case R_386_NONE: 687 /* Nothing to be done. */ 688 break; 689 690 /* These relocation should never be generated by an 691 assembler. */ 692 case R_386_COPY: 693 case R_386_GLOB_DAT: 694 case R_386_JMP_SLOT: 695 case R_386_RELATIVE: 696 case R_386_TLS_DTPMOD32: 697 case R_386_TLS_DTPOFF32: 698 case R_386_TLS_TPOFF32: 699 /* Unknown relocation. */ 700 default: 701 abort (); 702 } 703 } 704 } 705 706 scninfo->relsize = relsize; 707} 708 709 710static void 711elf_i386_create_relocations (struct ld_state *statep, 712 const Elf32_Word *dblindirect __attribute__ ((unused))) 713{ 714 /* Get the address of the got section. */ 715 Elf_Scn *pltscn = elf_getscn (statep->outelf, statep->pltscnidx); 716 Elf32_Shdr *shdr = elf32_getshdr (pltscn); 717 assert (shdr != NULL); 718 Elf32_Addr pltaddr = shdr->sh_addr; 719 720 Elf_Scn *gotscn = elf_getscn (statep->outelf, statep->gotscnidx); 721 // XXX Adjust the address, if necessary, for relro 722 Elf_Data *gotdata = NULL; 723 if (statep->need_got) 724 { 725 gotdata = elf_getdata (gotscn, NULL); 726 assert (gotdata != NULL); 727 } 728 729 Elf_Scn *gotpltscn = elf_getscn (statep->outelf, statep->gotpltscnidx); 730 shdr = elf32_getshdr (gotpltscn); 731 assert (shdr != NULL); 732 Elf32_Addr gotaddr = shdr->sh_addr; 733 734 Elf_Scn *reldynscn = elf_getscn (statep->outelf, statep->reldynscnidx); 735 Elf_Data *reldyndata = elf_getdata (reldynscn, NULL); 736 assert (reldyndata != NULL); 737 738 size_t nreldyn = 0; 739 size_t ngotconst = statep->nrel_got; 740 741 struct scninfo *first = statep->rellist->next; 742 struct scninfo *runp = first; 743 do 744 { 745 XElf_Shdr *rshdr = &SCNINFO_SHDR (runp->shdr); 746 Elf_Data *reldata = elf_getdata (runp->scn, NULL); 747 int nrels = rshdr->sh_size / rshdr->sh_entsize; 748 749 /* We will need the following values a couple of times. Help 750 the compiler and improve readability. */ 751 struct symbol **symref = runp->fileinfo->symref; 752 struct scninfo *scninfo = runp->fileinfo->scninfo; 753 754 /* This is the offset of the input section we are looking at in 755 the output file. */ 756 XElf_Addr inscnoffset = scninfo[rshdr->sh_info].offset; 757 758 /* The target section. We use the data from the input file. */ 759 Elf_Data *data = elf_getdata (scninfo[rshdr->sh_info].scn, NULL); 760 761 /* We cannot handle relocations against merge-able sections. */ 762 assert ((SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_flags 763 & SHF_MERGE) == 0); 764 765 /* Cache the access to the symbol table data. */ 766 Elf_Data *symdata = elf_getdata (scninfo[rshdr->sh_link].scn, NULL); 767 768 for (int cnt = 0; cnt < nrels; ++cnt) 769 { 770 XElf_Rel_vardef (rel); 771 XElf_Rel *rel2; 772 xelf_getrel (reldata, cnt, rel); 773 assert (rel != NULL); 774 XElf_Addr reladdr = inscnoffset + rel->r_offset; 775 XElf_Addr value; 776 777 size_t idx = XELF_R_SYM (rel->r_info); 778 if (idx < runp->fileinfo->nlocalsymbols) 779 { 780 XElf_Sym_vardef (sym); 781 xelf_getsym (symdata, idx, sym); 782 783 /* The value only depends on the position of the referenced 784 section in the output file and the addend. */ 785 value = scninfo[sym->st_shndx].offset + sym->st_value; 786 } 787 else 788 { 789 if (symref[idx] == NULL) 790 /* Symbol in ignored COMDAT group section. */ 791 continue; 792 793 value = symref[idx]->merge.value; 794 if (symref[idx]->in_dso) 795 { 796 /* MERGE.VALUE contains the PLT index. If this is not for 797 a function the actual value will be computed later. */ 798 assert (value != 0 || symref[idx]->type != STT_FUNC); 799 value = pltaddr + value * PLT_ENTRY_SIZE; 800 } 801 } 802 803 /* Address of the relocated memory in the data buffer. */ 804 unsigned char *relloc = (unsigned char *) data->d_buf + rel->r_offset; 805 806 uint32_t thisgotidx; 807 switch (XELF_R_TYPE (rel->r_info)) 808 { 809 /* These three cases can be handled together since the 810 symbol associated with the R_386_GOTPC relocation is 811 _GLOBAL_OFFSET_TABLE_ which has a value corresponding 812 to the address of the GOT and the address of the PLT 813 entry required for R_386_PLT32 is computed above. */ 814 case R_386_PC32: 815 case R_386_GOTPC: 816 case R_386_PLT32: 817 value -= reladdr; 818 /* FALLTHROUGH */ 819 820 case R_386_32: 821 if (linked_from_dso_p (scninfo, idx) 822 && statep->file_type != dso_file_type 823 && symref[idx]->type != STT_FUNC) 824 { 825 value = (ld_state.copy_section->offset 826 + symref[idx]->merge.value); 827 828 if (unlikely (symref[idx]->need_copy)) 829 { 830 /* Add a relocation to initialize the GOT entry. */ 831 assert (symref[idx]->outdynsymidx != 0); 832#if NATIVE_ELF != 0 833 xelf_getrel_ptr (reldyndata, nreldyn, rel2); 834#else 835 rel2 = &rel_mem; 836#endif 837 rel2->r_offset = value; 838 rel2->r_info 839 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_COPY); 840 (void) xelf_update_rel (reldyndata, nreldyn, rel2); 841 ++nreldyn; 842 assert (nreldyn <= statep->nrel_got); 843 844 /* Update the symbol table record for the new 845 address. */ 846 Elf32_Word symidx = symref[idx]->outdynsymidx; 847 Elf_Scn *symscn = elf_getscn (statep->outelf, 848 statep->dynsymscnidx); 849 Elf_Data *outsymdata = elf_getdata (symscn, NULL); 850 assert (outsymdata != NULL); 851 XElf_Sym_vardef (sym); 852 xelf_getsym (outsymdata, symidx, sym); 853 sym->st_value = value; 854 sym->st_shndx = statep->copy_section->outscnndx; 855 (void) xelf_update_sym (outsymdata, symidx, sym); 856 857 symidx = symref[idx]->outsymidx; 858 if (symidx != 0) 859 { 860 symidx = statep->dblindirect[symidx]; 861 symscn = elf_getscn (statep->outelf, 862 statep->symscnidx); 863 outsymdata = elf_getdata (symscn, NULL); 864 assert (outsymdata != NULL); 865 xelf_getsym (outsymdata, symidx, sym); 866 sym->st_value = value; 867 sym->st_shndx = statep->copy_section->outscnndx; 868 (void) xelf_update_sym (outsymdata, symidx, sym); 869 } 870 871 /* Remember that we set up the copy relocation. */ 872 symref[idx]->need_copy = 0; 873 } 874 } 875 else if (statep->file_type == dso_file_type 876 && XELF_R_TYPE (rel->r_info) == R_386_32) 877 { 878#if NATIVE_ELF != 0 879 xelf_getrel_ptr (reldyndata, nreldyn, rel2); 880#else 881 rel2 = &rel_mem; 882#endif 883 rel2->r_offset = value; 884 885 /* For symbols we do not export we generate a relative 886 relocation. */ 887 if (idx < SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_info 888 || symref[idx]->outdynsymidx == 0) 889 rel2->r_info = XELF_R_INFO (0, R_386_RELATIVE); 890 else 891 rel2->r_info 892 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_32); 893 (void) xelf_update_rel (reldyndata, nreldyn, rel2); 894 ++nreldyn; 895 assert (nreldyn <= statep->nrel_got); 896 897 value = 0; 898 } 899 add_4ubyte_unaligned (relloc, value); 900 break; 901 902 case R_386_GOT32: 903 if (! symref[idx]->defined || symref[idx]->in_dso) 904 { 905 thisgotidx = nreldyn++; 906 assert (thisgotidx < statep->nrel_got); 907 908 /* Add a relocation to initialize the GOT entry. */ 909#if NATIVE_ELF != 0 910 xelf_getrel_ptr (reldyndata, thisgotidx, rel2); 911#else 912 rel2 = &rel_mem; 913#endif 914 rel2->r_offset = gotaddr + ((thisgotidx - statep->ngot) 915 * sizeof (Elf32_Addr)); 916 rel2->r_info 917 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_GLOB_DAT); 918 (void) xelf_update_rel (reldyndata, thisgotidx, rel2); 919 } 920 else if (statep->file_type != dso_file_type) 921 { 922 thisgotidx = ngotconst++; 923 assert (thisgotidx < statep->ngot); 924 925 /* We have to use a GOT since the generated code 926 requires it but we know the address and therefore 927 do not need a relocation. */ 928 ((uint32_t *) gotdata->d_buf)[thisgotidx] = value; 929 } 930 else 931 { 932 thisgotidx = nreldyn++; 933 assert (thisgotidx < statep->nrel_got); 934 935 // XXX generate a relative relocation. 936 abort (); 937 } 938 939 store_4ubyte_unaligned (relloc, 940 (thisgotidx - statep->ngot) 941 * sizeof (Elf32_Addr)); 942 break; 943 944 case R_386_GOTOFF: 945 add_4ubyte_unaligned (relloc, value - gotaddr); 946 break; 947 948 case R_386_TLS_LE: 949 value = symref[idx]->merge.value - ld_state.tls_tcb; 950 store_4ubyte_unaligned (relloc, value); 951 break; 952 953 case R_386_TLS_IE: 954 if (symref[idx]->defined && !symref[idx]->in_dso) 955 { 956 /* The symbol is defined in the executable. 957 Perform the IE->LE optimization. 958 There are multiple versions, though. 959 960 First version: mov ADDR,REG. */ 961 if (relloc[-2] == 0x8b 962 && ((relloc[-1] & 0xc7) == 0x05)) 963 { 964 relloc[-2] = 0xc7; 965 relloc[-1] = 0xc0 | ((relloc[-1] >> 3) & 7); 966 store_4ubyte_unaligned (relloc, (symref[idx]->merge.value 967 - ld_state.tls_tcb)); 968 } 969 else 970 { 971 abort (); 972 } 973 } 974 else 975 { 976 abort (); 977 } 978 break; 979 980 case R_386_TLS_LDO_32: 981 value = symref[idx]->merge.value - ld_state.tls_start; 982 store_4ubyte_unaligned (relloc, value); 983 break; 984 985 case R_386_TLS_GD: 986 if (ld_state.file_type == executable_file_type) 987 { 988 if (symref[idx]->defined && !symref[idx]->in_dso) 989 { 990 /* The symbol is defined in the executable. 991 Perform the GD->LE optimization. */ 992 static const char gd_to_le[] = 993 { 994 /* mov %gs:0x0,%eax */ 995 0x65, 0xa1, 0x00, 0x00, 0x00, 0x00, 996 /* sub $OFFSET,%eax */ 997 0x81, 0xe8 998 }; 999#ifndef NDEBUG 1000 static const char gd_text[] = 1001 { 1002 /* lea 0x0(,%ebx,1),%eax */ 1003 0x8d, 0x04, 0x1d, 0x00, 0x00, 0x00, 0x00, 1004 /* call ___tls_get_addr */ 1005 0xe8 1006 }; 1007 assert (memcmp (relloc - 3, gd_text, sizeof (gd_text)) 1008 == 0); 1009#endif 1010 relloc = mempcpy (relloc - 3, gd_to_le, 1011 sizeof (gd_to_le)); 1012 value = ld_state.tls_tcb- symref[idx]->merge.value; 1013 store_4ubyte_unaligned (relloc, value); 1014 1015 /* We have to skip over the next relocation which is 1016 the matching R_i386_PLT32 for __tls_get_addr. */ 1017 ++cnt; 1018#ifndef NDEBUG 1019 assert (cnt < nrels); 1020 XElf_Off old_offset = rel->r_offset; 1021 xelf_getrel (reldata, cnt, rel); 1022 assert (rel != NULL); 1023 assert (XELF_R_TYPE (rel->r_info) == R_386_PLT32); 1024 idx = XELF_R_SYM (rel->r_info); 1025 assert (strcmp (symref[idx]->name, "___tls_get_addr") 1026 == 0); 1027 assert (old_offset + 5 == rel->r_offset); 1028#endif 1029 1030 break; 1031 } 1032 } 1033 abort (); 1034 break; 1035 1036 case R_386_32PLT: 1037 case R_386_TLS_TPOFF: 1038 case R_386_TLS_GOTIE: 1039 case R_386_TLS_LDM: 1040 case R_386_16: 1041 case R_386_PC16: 1042 case R_386_8: 1043 case R_386_PC8: 1044 case R_386_TLS_GD_32: 1045 case R_386_TLS_GD_PUSH: 1046 case R_386_TLS_GD_CALL: 1047 case R_386_TLS_GD_POP: 1048 case R_386_TLS_LDM_32: 1049 case R_386_TLS_LDM_PUSH: 1050 case R_386_TLS_LDM_CALL: 1051 case R_386_TLS_LDM_POP: 1052 case R_386_TLS_IE_32: 1053 case R_386_TLS_LE_32: 1054 // XXX For now fall through 1055 break; 1056 1057 case R_386_NONE: 1058 /* Nothing to do. */ 1059 break; 1060 1061 case R_386_COPY: 1062 case R_386_JMP_SLOT: 1063 case R_386_RELATIVE: 1064 case R_386_GLOB_DAT: 1065 case R_386_TLS_DTPMOD32: 1066 case R_386_TLS_DTPOFF32: 1067 case R_386_TLS_TPOFF32: 1068 default: 1069 /* Should not happen. */ 1070 abort (); 1071 } 1072 } 1073 } 1074 while ((runp = runp->next) != first); 1075} 1076 1077 1078int 1079elf_i386_ld_init (struct ld_state *statep) 1080{ 1081 /* We have a few callbacks available. */ 1082 old_open_outfile = statep->callbacks.open_outfile; 1083 statep->callbacks.open_outfile = elf_i386_open_outfile; 1084 1085 statep->callbacks.relocate_section = elf_i386_relocate_section; 1086 1087 statep->callbacks.initialize_plt = elf_i386_initialize_plt; 1088 statep->callbacks.initialize_pltrel = elf_i386_initialize_pltrel; 1089 1090 statep->callbacks.initialize_got = elf_i386_initialize_got; 1091 statep->callbacks.initialize_gotplt = elf_i386_initialize_gotplt; 1092 1093 statep->callbacks.finalize_plt = elf_i386_finalize_plt; 1094 1095 statep->callbacks.rel_type = elf_i386_rel_type; 1096 1097 statep->callbacks.count_relocations = elf_i386_count_relocations; 1098 1099 statep->callbacks.create_relocations = elf_i386_create_relocations; 1100 1101 return 0; 1102} 1103