1 /*
2  * Copyright (C) 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef ART_LIBELFFILE_ELF_ELF_BUILDER_H_
18 #define ART_LIBELFFILE_ELF_ELF_BUILDER_H_
19 
20 #include <vector>
21 #include <deque>
22 
23 #include "arch/instruction_set.h"
24 #include "base/array_ref.h"
25 #include "base/bit_utils.h"
26 #include "base/casts.h"
27 #include "base/leb128.h"
28 #include "base/unix_file/fd_file.h"
29 #include "elf/elf_utils.h"
30 #include "stream/error_delaying_output_stream.h"
31 
32 namespace art {
33 
34 // Writes ELF file.
35 //
36 // The basic layout of the elf file:
37 //   Elf_Ehdr                    - The ELF header.
38 //   Elf_Phdr[]                  - Program headers for the linker.
39 //   .note.gnu.build-id          - Optional build ID section (SHA-1 digest).
40 //   .rodata                     - Oat metadata.
41 //   .text                       - Compiled code.
42 //   .bss                        - Zero-initialized writeable section.
43 //   .dex                        - Reserved NOBITS space for dex-related data.
44 //   .dynstr                     - Names for .dynsym.
45 //   .dynsym                     - A few oat-specific dynamic symbols.
46 //   .hash                       - Hash-table for .dynsym.
47 //   .dynamic                    - Tags which let the linker locate .dynsym.
48 //   .strtab                     - Names for .symtab.
49 //   .symtab                     - Debug symbols.
50 //   .debug_frame                - Unwind information (CFI).
51 //   .debug_info                 - Debug information.
52 //   .debug_abbrev               - Decoding information for .debug_info.
53 //   .debug_str                  - Strings for .debug_info.
54 //   .debug_line                 - Line number tables.
55 //   .shstrtab                   - Names of ELF sections.
56 //   Elf_Shdr[]                  - Section headers.
57 //
58 // Some section are optional (the debug sections in particular).
59 //
60 // We try write the section data directly into the file without much
61 // in-memory buffering.  This means we generally write sections based on the
62 // dependency order (e.g. .dynamic points to .dynsym which points to .text).
63 //
64 // In the cases where we need to buffer, we write the larger section first
65 // and buffer the smaller one (e.g. .strtab is bigger than .symtab).
66 //
67 // The debug sections are written last for easier stripping.
68 //
69 template <typename ElfTypes>
70 class ElfBuilder final {
71  public:
72   static constexpr size_t kMaxProgramHeaders = 16;
73   // SHA-1 digest.  Not using SHA_DIGEST_LENGTH from openssl/sha.h to avoid
74   // spreading this header dependency for just this single constant.
75   static constexpr size_t kBuildIdLen = 20;
76 
77   using Elf_Addr = typename ElfTypes::Addr;
78   using Elf_Off = typename ElfTypes::Off;
79   using Elf_Word = typename ElfTypes::Word;
80   using Elf_Sword = typename ElfTypes::Sword;
81   using Elf_Ehdr = typename ElfTypes::Ehdr;
82   using Elf_Shdr = typename ElfTypes::Shdr;
83   using Elf_Sym = typename ElfTypes::Sym;
84   using Elf_Phdr = typename ElfTypes::Phdr;
85   using Elf_Dyn = typename ElfTypes::Dyn;
86 
87   // Base class of all sections.
88   class Section : public OutputStream {
89    public:
Section(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word type,Elf_Word flags,const Section * link,Elf_Word info,Elf_Word align,Elf_Word entsize)90     Section(ElfBuilder<ElfTypes>* owner,
91             const std::string& name,
92             Elf_Word type,
93             Elf_Word flags,
94             const Section* link,
95             Elf_Word info,
96             Elf_Word align,
97             Elf_Word entsize)
98         : OutputStream(name),
99           owner_(owner),
100           header_(),
101           section_index_(0),
102           name_(name),
103           link_(link),
104           phdr_flags_(PF_R),
105           phdr_type_(0) {
106       DCHECK_GE(align, 1u);
107       header_.sh_type = type;
108       header_.sh_flags = flags;
109       header_.sh_info = info;
110       header_.sh_addralign = align;
111       header_.sh_entsize = entsize;
112     }
113 
114     // Allocate chunk of virtual memory for this section from the owning ElfBuilder.
115     // This must be done at the start for all SHF_ALLOC sections (i.e. mmaped by linker).
116     // It is fine to allocate section but never call Start/End() (e.g. the .bss section).
AllocateVirtualMemory(Elf_Word size)117     void AllocateVirtualMemory(Elf_Word size) {
118       AllocateVirtualMemory(owner_->virtual_address_, size);
119     }
120 
AllocateVirtualMemory(Elf_Addr addr,Elf_Word size)121     void AllocateVirtualMemory(Elf_Addr addr, Elf_Word size) {
122       CHECK_NE(header_.sh_flags & SHF_ALLOC, 0u);
123       Elf_Word align = AddSection();
124       CHECK_EQ(header_.sh_addr, 0u);
125       header_.sh_addr = RoundUp(addr, align);
126       CHECK(header_.sh_size == 0u || header_.sh_size == size);
127       header_.sh_size = size;
128       CHECK_LE(owner_->virtual_address_, header_.sh_addr);
129       owner_->virtual_address_ = header_.sh_addr + header_.sh_size;
130     }
131 
132     // Start writing file data of this section.
Start()133     virtual void Start() {
134       CHECK(owner_->current_section_ == nullptr);
135       Elf_Word align = AddSection();
136       CHECK_EQ(header_.sh_offset, 0u);
137       header_.sh_offset = owner_->AlignFileOffset(align);
138       owner_->current_section_ = this;
139     }
140 
141     // Finish writing file data of this section.
End()142     virtual void End() {
143       CHECK(owner_->current_section_ == this);
144       Elf_Word position = GetPosition();
145       CHECK(header_.sh_size == 0u || header_.sh_size == position);
146       header_.sh_size = position;
147       owner_->current_section_ = nullptr;
148     }
149 
150     // Get the number of bytes written so far.
151     // Only valid while writing the section.
GetPosition()152     Elf_Word GetPosition() const {
153       CHECK(owner_->current_section_ == this);
154       off_t file_offset = owner_->stream_.Seek(0, kSeekCurrent);
155       DCHECK_GE(file_offset, (off_t)header_.sh_offset);
156       return file_offset - header_.sh_offset;
157     }
158 
159     // Get the location of this section in virtual memory.
GetAddress()160     Elf_Addr GetAddress() const {
161       DCHECK_NE(header_.sh_flags & SHF_ALLOC, 0u);
162       DCHECK_NE(header_.sh_addr, 0u);
163       return header_.sh_addr;
164     }
165 
166     // This function always succeeds to simplify code.
167     // Use builder's Good() to check the actual status.
WriteFully(const void * buffer,size_t byte_count)168     bool WriteFully(const void* buffer, size_t byte_count) override {
169       CHECK(owner_->current_section_ == this);
170       return owner_->stream_.WriteFully(buffer, byte_count);
171     }
172 
173     // This function always succeeds to simplify code.
174     // Use builder's Good() to check the actual status.
Seek(off_t offset,Whence whence)175     off_t Seek(off_t offset, Whence whence) override {
176       // Forward the seek as-is and trust the caller to use it reasonably.
177       return owner_->stream_.Seek(offset, whence);
178     }
179 
180     // This function flushes the output and returns whether it succeeded.
181     // If there was a previous failure, this does nothing and returns false, i.e. failed.
Flush()182     bool Flush() override {
183       return owner_->stream_.Flush();
184     }
185 
GetSectionIndex()186     Elf_Word GetSectionIndex() const {
187       DCHECK_NE(section_index_, 0u);
188       return section_index_;
189     }
190 
191     // Returns true if this section has been added.
Exists()192     bool Exists() const {
193       return section_index_ != 0;
194     }
195 
196    protected:
197     // Add this section to the list of generated ELF sections (if not there already).
198     // It also ensures the alignment is sufficient to generate valid program headers,
199     // since that depends on the previous section. It returns the required alignment.
AddSection()200     Elf_Word AddSection() {
201       if (section_index_ == 0) {
202         std::vector<Section*>& sections = owner_->sections_;
203         Elf_Word last = sections.empty() ? PF_R : sections.back()->phdr_flags_;
204         if (phdr_flags_ != last) {
205           header_.sh_addralign = kElfSegmentAlignment;  // Page-align if R/W/X flags changed.
206         }
207         sections.push_back(this);
208         section_index_ = sections.size();  // First ELF section has index 1.
209       }
210       return owner_->write_program_headers_ ? header_.sh_addralign : 1;
211     }
212 
213     ElfBuilder<ElfTypes>* owner_;
214     Elf_Shdr header_;
215     Elf_Word section_index_;
216     const std::string name_;
217     const Section* const link_;
218     Elf_Word phdr_flags_;
219     Elf_Word phdr_type_;
220 
221     friend class ElfBuilder;
222 
223     DISALLOW_COPY_AND_ASSIGN(Section);
224   };
225 
226   class CachedSection : public Section {
227    public:
CachedSection(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word type,Elf_Word flags,const Section * link,Elf_Word info,Elf_Word align,Elf_Word entsize)228     CachedSection(ElfBuilder<ElfTypes>* owner,
229                   const std::string& name,
230                   Elf_Word type,
231                   Elf_Word flags,
232                   const Section* link,
233                   Elf_Word info,
234                   Elf_Word align,
235                   Elf_Word entsize)
236         : Section(owner, name, type, flags, link, info, align, entsize), cache_() { }
237 
Add(const void * data,size_t length)238     Elf_Word Add(const void* data, size_t length) {
239       Elf_Word offset = cache_.size();
240       const uint8_t* d = reinterpret_cast<const uint8_t*>(data);
241       cache_.insert(cache_.end(), d, d + length);
242       return offset;
243     }
244 
GetCacheSize()245     Elf_Word GetCacheSize() {
246       return cache_.size();
247     }
248 
Write()249     void Write() {
250       this->WriteFully(cache_.data(), cache_.size());
251       cache_.clear();
252       cache_.shrink_to_fit();
253     }
254 
WriteCachedSection()255     void WriteCachedSection() {
256       this->Start();
257       Write();
258       this->End();
259     }
260 
261    private:
262     std::vector<uint8_t> cache_;
263   };
264 
265   // Writer of .dynstr section.
266   class CachedStringSection final : public CachedSection {
267    public:
CachedStringSection(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word flags,Elf_Word align)268     CachedStringSection(ElfBuilder<ElfTypes>* owner,
269                         const std::string& name,
270                         Elf_Word flags,
271                         Elf_Word align)
272         : CachedSection(owner,
273                         name,
274                         SHT_STRTAB,
275                         flags,
276                         /* link= */ nullptr,
277                         /* info= */ 0,
278                         align,
279                         /* entsize= */ 0) { }
280 
Add(const std::string & name)281     Elf_Word Add(const std::string& name) {
282       if (CachedSection::GetCacheSize() == 0u) {
283         DCHECK(name.empty());
284       }
285       return CachedSection::Add(name.c_str(), name.length() + 1);
286     }
287   };
288 
289   // Writer of .strtab and .shstrtab sections.
290   class StringSection final : public Section {
291    public:
StringSection(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word flags,Elf_Word align)292     StringSection(ElfBuilder<ElfTypes>* owner,
293                   const std::string& name,
294                   Elf_Word flags,
295                   Elf_Word align)
296         : Section(owner,
297                   name,
298                   SHT_STRTAB,
299                   flags,
300                   /* link= */ nullptr,
301                   /* info= */ 0,
302                   align,
303                   /* entsize= */ 0) {
304       Reset();
305     }
306 
Reset()307     void Reset() {
308       current_offset_ = 0;
309       last_name_ = "";
310       last_offset_ = 0;
311     }
312 
Start()313     void Start() {
314       Section::Start();
315       Write("");  // ELF specification requires that the section starts with empty string.
316     }
317 
Write(std::string_view name)318     Elf_Word Write(std::string_view name) {
319       if (current_offset_ == 0) {
320         DCHECK(name.empty());
321       } else if (name == last_name_) {
322         return last_offset_;  // Very simple string de-duplication.
323       }
324       last_name_ = name;
325       last_offset_ = current_offset_;
326       this->WriteFully(name.data(), name.length());
327       char null_terminator = '\0';
328       this->WriteFully(&null_terminator, sizeof(null_terminator));
329       current_offset_ += name.length() + 1;
330       return last_offset_;
331     }
332 
333    private:
334     Elf_Word current_offset_;
335     std::string last_name_;
336     Elf_Word last_offset_;
337   };
338 
339   // Writer of .dynsym and .symtab sections.
340   class SymbolSection final : public Section {
341    public:
SymbolSection(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word type,Elf_Word flags,Section * strtab)342     SymbolSection(ElfBuilder<ElfTypes>* owner,
343                   const std::string& name,
344                   Elf_Word type,
345                   Elf_Word flags,
346                   Section* strtab)
347         : Section(owner,
348                   name,
349                   type,
350                   flags,
351                   strtab,
352                   /* info= */ 1,
353                   sizeof(Elf_Off),
354                   sizeof(Elf_Sym)) {
355       syms_.push_back(Elf_Sym());  // The symbol table always has to start with NULL symbol.
356     }
357 
358     // Buffer symbol for this section.  It will be written later.
Add(Elf_Word name,const Section * section,Elf_Addr addr,Elf_Word size,uint8_t binding,uint8_t type)359     void Add(Elf_Word name,
360              const Section* section,
361              Elf_Addr addr,
362              Elf_Word size,
363              uint8_t binding,
364              uint8_t type) {
365       Elf_Sym sym = Elf_Sym();
366       sym.st_name = name;
367       sym.st_value = addr;
368       sym.st_size = size;
369       sym.st_other = 0;
370       sym.st_info = (binding << 4) + (type & 0xf);
371       Add(sym, section);
372     }
373 
374     // Buffer symbol for this section.  It will be written later.
Add(Elf_Sym sym,const Section * section)375     void Add(Elf_Sym sym, const Section* section) {
376       if (section != nullptr) {
377         DCHECK_LE(section->GetAddress(), sym.st_value);
378         DCHECK_LE(sym.st_value, section->GetAddress() + section->header_.sh_size);
379         sym.st_shndx = section->GetSectionIndex();
380       } else {
381         sym.st_shndx = SHN_UNDEF;
382       }
383       syms_.push_back(sym);
384     }
385 
GetCacheSize()386     Elf_Word GetCacheSize() { return syms_.size() * sizeof(Elf_Sym); }
387 
WriteCachedSection()388     void WriteCachedSection() {
389       auto is_local = [](const Elf_Sym& sym) { return ELF_ST_BIND(sym.st_info) == STB_LOCAL; };
390       auto less_then = [is_local](const Elf_Sym& a, const Elf_Sym b) {
391         auto tuple_a = std::make_tuple(!is_local(a), a.st_value, a.st_name);
392         auto tuple_b = std::make_tuple(!is_local(b), b.st_value, b.st_name);
393         return tuple_a < tuple_b;  // Locals first, then sort by address and name offset.
394       };
395       if (!std::is_sorted(syms_.begin(), syms_.end(), less_then)) {
396         std::sort(syms_.begin(), syms_.end(), less_then);
397       }
398       auto locals_end = std::partition_point(syms_.begin(), syms_.end(), is_local);
399       this->header_.sh_info = locals_end - syms_.begin();  // Required by the spec.
400 
401       this->Start();
402       for (; !syms_.empty(); syms_.pop_front()) {
403         this->WriteFully(&syms_.front(), sizeof(Elf_Sym));
404       }
405       this->End();
406     }
407 
408    private:
409     std::deque<Elf_Sym> syms_;  // Buffered/cached content of the whole section.
410   };
411 
412   class BuildIdSection final : public Section {
413    public:
BuildIdSection(ElfBuilder<ElfTypes> * owner,const std::string & name,Elf_Word type,Elf_Word flags,const Section * link,Elf_Word info,Elf_Word align,Elf_Word entsize)414     BuildIdSection(ElfBuilder<ElfTypes>* owner,
415                    const std::string& name,
416                    Elf_Word type,
417                    Elf_Word flags,
418                    const Section* link,
419                    Elf_Word info,
420                    Elf_Word align,
421                    Elf_Word entsize)
422         : Section(owner, name, type, flags, link, info, align, entsize),
423           digest_start_(-1) {
424     }
425 
GetSize()426     Elf_Word GetSize() {
427       return 16 + kBuildIdLen;
428     }
429 
Write()430     void Write() {
431       // The size fields are 32-bit on both 32-bit and 64-bit systems, confirmed
432       // with the 64-bit linker and libbfd code. The size of name and desc must
433       // be a multiple of 4 and it currently is.
434       this->WriteUint32(4);  // namesz.
435       this->WriteUint32(kBuildIdLen);  // descsz.
436       this->WriteUint32(3);  // type = NT_GNU_BUILD_ID.
437       this->WriteFully("GNU", 4);  // name.
438       digest_start_ = this->Seek(0, kSeekCurrent);
439       static_assert(kBuildIdLen % 4 == 0, "expecting a mutliple of 4 for build ID length");
440       this->WriteFully(std::string(kBuildIdLen, '\0').c_str(), kBuildIdLen);  // desc.
441       DCHECK_EQ(this->GetPosition(), GetSize());
442     }
443 
GetDigestStart()444     off_t GetDigestStart() {
445       CHECK_GT(digest_start_, 0);
446       return digest_start_;
447     }
448 
449    private:
WriteUint32(uint32_t v)450     bool WriteUint32(uint32_t v) {
451       return this->WriteFully(&v, sizeof(v));
452     }
453 
454     // File offset where the build ID digest starts.
455     // Populated with zeros first, then updated with the actual value as the
456     // very last thing in the output file creation.
457     off_t digest_start_;
458   };
459 
ElfBuilder(InstructionSet isa,OutputStream * output)460   ElfBuilder(InstructionSet isa, OutputStream* output)
461       : isa_(isa),
462         stream_(output),
463         rodata_(this, ".rodata", SHT_PROGBITS, SHF_ALLOC, nullptr, 0, kElfSegmentAlignment, 0),
464         text_(this, ".text", SHT_PROGBITS, SHF_ALLOC | SHF_EXECINSTR, nullptr, 0,
465             kElfSegmentAlignment, 0),
466         data_img_rel_ro_(this, ".data.img.rel.ro", SHT_PROGBITS, SHF_ALLOC, nullptr, 0,
467             kElfSegmentAlignment, 0),
468         bss_(this, ".bss", SHT_NOBITS, SHF_ALLOC, nullptr, 0, kElfSegmentAlignment, 0),
469         dex_(this, ".dex", SHT_NOBITS, SHF_ALLOC, nullptr, 0, kElfSegmentAlignment, 0),
470         dynstr_(this, ".dynstr", SHF_ALLOC, kElfSegmentAlignment),
471         dynsym_(this, ".dynsym", SHT_DYNSYM, SHF_ALLOC, &dynstr_),
472         hash_(this, ".hash", SHT_HASH, SHF_ALLOC, &dynsym_, 0, sizeof(Elf_Word), sizeof(Elf_Word)),
473         dynamic_(this, ".dynamic", SHT_DYNAMIC, SHF_ALLOC, &dynstr_, 0, kElfSegmentAlignment,
474             sizeof(Elf_Dyn)),
475         strtab_(this, ".strtab", 0, 1),
476         symtab_(this, ".symtab", SHT_SYMTAB, 0, &strtab_),
477         debug_frame_(this, ".debug_frame", SHT_PROGBITS, 0, nullptr, 0, sizeof(Elf_Addr), 0),
478         debug_frame_hdr_(
479             this, ".debug_frame_hdr.android", SHT_PROGBITS, 0, nullptr, 0, sizeof(Elf_Addr), 0),
480         debug_info_(this, ".debug_info", SHT_PROGBITS, 0, nullptr, 0, 1, 0),
481         debug_line_(this, ".debug_line", SHT_PROGBITS, 0, nullptr, 0, 1, 0),
482         shstrtab_(this, ".shstrtab", 0, 1),
483         build_id_(this, ".note.gnu.build-id", SHT_NOTE, SHF_ALLOC, nullptr, 0, 4, 0),
484         current_section_(nullptr),
485         started_(false),
486         finished_(false),
487         write_program_headers_(false),
488         loaded_size_(0u),
489         virtual_address_(0) {
490     text_.phdr_flags_ = PF_R | PF_X;
491     data_img_rel_ro_.phdr_flags_ = PF_R | PF_W;  // Shall be made read-only at run time.
492     bss_.phdr_flags_ = PF_R | PF_W;
493     dex_.phdr_flags_ = PF_R;
494     dynamic_.phdr_flags_ = PF_R | PF_W;
495     dynamic_.phdr_type_ = PT_DYNAMIC;
496     build_id_.phdr_type_ = PT_NOTE;
497   }
~ElfBuilder()498   ~ElfBuilder() {}
499 
GetIsa()500   InstructionSet GetIsa() { return isa_; }
GetBuildId()501   BuildIdSection* GetBuildId() { return &build_id_; }
GetRoData()502   Section* GetRoData() { return &rodata_; }
GetText()503   Section* GetText() { return &text_; }
GetDataImgRelRo()504   Section* GetDataImgRelRo() { return &data_img_rel_ro_; }
GetBss()505   Section* GetBss() { return &bss_; }
GetDex()506   Section* GetDex() { return &dex_; }
GetStrTab()507   StringSection* GetStrTab() { return &strtab_; }
GetSymTab()508   SymbolSection* GetSymTab() { return &symtab_; }
GetDebugFrame()509   Section* GetDebugFrame() { return &debug_frame_; }
GetDebugFrameHdr()510   Section* GetDebugFrameHdr() { return &debug_frame_hdr_; }
GetDebugInfo()511   Section* GetDebugInfo() { return &debug_info_; }
GetDebugLine()512   Section* GetDebugLine() { return &debug_line_; }
513 
WriteSection(const char * name,const std::vector<uint8_t> * buffer)514   void WriteSection(const char* name, const std::vector<uint8_t>* buffer) {
515     std::unique_ptr<Section> s(new Section(this, name, SHT_PROGBITS, 0, nullptr, 0, 1, 0));
516     s->Start();
517     s->WriteFully(buffer->data(), buffer->size());
518     s->End();
519     other_sections_.push_back(std::move(s));
520   }
521 
522   // Reserve space for ELF header and program headers.
523   // We do not know the number of headers until later, so
524   // it is easiest to just reserve a fixed amount of space.
525   // Program headers are required for loading by the linker.
526   // It is possible to omit them for ELF files used for debugging.
527   void Start(bool write_program_headers = true) {
528     int size = sizeof(Elf_Ehdr);
529     if (write_program_headers) {
530       size += sizeof(Elf_Phdr) * kMaxProgramHeaders;
531     }
532     stream_.Seek(size, kSeekSet);
533     started_ = true;
534     virtual_address_ += size;
535     write_program_headers_ = write_program_headers;
536   }
537 
End()538   off_t End() {
539     DCHECK(started_);
540     DCHECK(!finished_);
541     finished_ = true;
542 
543     // Note: loaded_size_ == 0 for tests that don't write .rodata, .text, .bss,
544     // .dynstr, dynsym, .hash and .dynamic. These tests should not read loaded_size_.
545     CHECK(loaded_size_ == 0 || loaded_size_ == RoundUp(virtual_address_, kElfSegmentAlignment))
546         << loaded_size_ << " " << virtual_address_;
547 
548     // Write section names and finish the section headers.
549     shstrtab_.Start();
550     shstrtab_.Write("");
551     for (auto* section : sections_) {
552       section->header_.sh_name = shstrtab_.Write(section->name_);
553       if (section->link_ != nullptr) {
554         section->header_.sh_link = section->link_->GetSectionIndex();
555       }
556       if (section->header_.sh_offset == 0) {
557         section->header_.sh_type = SHT_NOBITS;
558       }
559     }
560     shstrtab_.End();
561 
562     // Write section headers at the end of the ELF file.
563     std::vector<Elf_Shdr> shdrs;
564     shdrs.reserve(1u + sections_.size());
565     shdrs.push_back(Elf_Shdr());  // NULL at index 0.
566     for (auto* section : sections_) {
567       shdrs.push_back(section->header_);
568     }
569     Elf_Off section_headers_offset;
570     section_headers_offset = AlignFileOffset(sizeof(Elf_Off));
571     stream_.WriteFully(shdrs.data(), shdrs.size() * sizeof(shdrs[0]));
572     off_t file_size = stream_.Seek(0, kSeekCurrent);
573 
574     // Flush everything else before writing the program headers. This should prevent
575     // the OS from reordering writes, so that we don't end up with valid headers
576     // and partially written data if we suddenly lose power, for example.
577     stream_.Flush();
578 
579     // The main ELF header.
580     Elf_Ehdr elf_header = MakeElfHeader(isa_);
581     elf_header.e_shoff = section_headers_offset;
582     elf_header.e_shnum = shdrs.size();
583     elf_header.e_shstrndx = shstrtab_.GetSectionIndex();
584 
585     // Program headers (i.e. mmap instructions).
586     std::vector<Elf_Phdr> phdrs;
587     if (write_program_headers_) {
588       phdrs = MakeProgramHeaders();
589       CHECK_LE(phdrs.size(), kMaxProgramHeaders);
590       elf_header.e_phoff = sizeof(Elf_Ehdr);
591       elf_header.e_phnum = phdrs.size();
592     }
593 
594     stream_.Seek(0, kSeekSet);
595     stream_.WriteFully(&elf_header, sizeof(elf_header));
596     stream_.WriteFully(phdrs.data(), phdrs.size() * sizeof(phdrs[0]));
597     stream_.Flush();
598 
599     return file_size;
600   }
601 
602   // This has the same effect as running the "strip" command line tool.
603   // It removes all debugging sections (but it keeps mini-debug-info).
604   // It returns the ELF file size (as the caller needs to truncate it).
Strip()605   off_t Strip() {
606     DCHECK(finished_);
607     finished_ = false;
608     Elf_Off end = 0;
609     std::vector<Section*> non_debug_sections;
610     for (Section* section : sections_) {
611       if (section == &shstrtab_ ||  // Section names will be recreated.
612           section == &symtab_ ||
613           section == &strtab_ ||
614           section->name_.find(".debug_") == 0) {
615         section->header_.sh_offset = 0;
616         section->header_.sh_size = 0;
617         section->section_index_ = 0;
618       } else {
619         if (section->header_.sh_type != SHT_NOBITS) {
620           DCHECK_LE(section->header_.sh_offset, end + kElfSegmentAlignment)
621               << "Large gap between sections";
622           end = std::max<off_t>(end, section->header_.sh_offset + section->header_.sh_size);
623         }
624         non_debug_sections.push_back(section);
625       }
626     }
627     shstrtab_.Reset();
628     // Write the non-debug section headers, program headers, and ELF header again.
629     sections_ = std::move(non_debug_sections);
630     stream_.Seek(end, kSeekSet);
631     return End();
632   }
633 
634   // The running program does not have access to section headers
635   // and the loader is not supposed to use them either.
636   // The dynamic sections therefore replicates some of the layout
637   // information like the address and size of .rodata and .text.
638   // It also contains other metadata like the SONAME.
639   // The .dynamic section is found using the PT_DYNAMIC program header.
PrepareDynamicSection(const std::string & elf_file_path,Elf_Word rodata_size,Elf_Word text_size,Elf_Word data_img_rel_ro_size,Elf_Word data_img_rel_ro_app_image_offset,Elf_Word bss_size,Elf_Word bss_methods_offset,Elf_Word bss_roots_offset,Elf_Word dex_size)640   void PrepareDynamicSection(const std::string& elf_file_path,
641                              Elf_Word rodata_size,
642                              Elf_Word text_size,
643                              Elf_Word data_img_rel_ro_size,
644                              Elf_Word data_img_rel_ro_app_image_offset,
645                              Elf_Word bss_size,
646                              Elf_Word bss_methods_offset,
647                              Elf_Word bss_roots_offset,
648                              Elf_Word dex_size) {
649     std::string soname(elf_file_path);
650     size_t directory_separator_pos = soname.rfind('/');
651     if (directory_separator_pos != std::string::npos) {
652       soname = soname.substr(directory_separator_pos + 1);
653     }
654 
655     // Allocate all pre-dynamic sections.
656     rodata_.AllocateVirtualMemory(rodata_size);
657     text_.AllocateVirtualMemory(text_size);
658     if (data_img_rel_ro_size != 0) {
659       data_img_rel_ro_.AllocateVirtualMemory(data_img_rel_ro_size);
660     }
661     if (bss_size != 0) {
662       bss_.AllocateVirtualMemory(bss_size);
663     }
664     if (dex_size != 0) {
665       dex_.AllocateVirtualMemory(dex_size);
666     }
667 
668     // Cache .dynstr, .dynsym and .hash data.
669     dynstr_.Add("");  // dynstr should start with empty string.
670     Elf_Word oatdata = dynstr_.Add("oatdata");
671     dynsym_.Add(oatdata, &rodata_, rodata_.GetAddress(), rodata_size, STB_GLOBAL, STT_OBJECT);
672     if (text_size != 0u) {
673       // The runtime does not care about the size of this symbol (it uses the "lastword" symbol).
674       // We use size 0 (meaning "unknown size" in ELF) to prevent overlap with the debug symbols.
675       Elf_Word oatexec = dynstr_.Add("oatexec");
676       dynsym_.Add(oatexec, &text_, text_.GetAddress(), /* size= */ 0, STB_GLOBAL, STT_OBJECT);
677       Elf_Word oatlastword = dynstr_.Add("oatlastword");
678       Elf_Word oatlastword_address = text_.GetAddress() + text_size - 4;
679       dynsym_.Add(oatlastword, &text_, oatlastword_address, 4, STB_GLOBAL, STT_OBJECT);
680     } else if (rodata_size != 0) {
681       // rodata_ can be size 0 for dwarf_test.
682       Elf_Word oatlastword = dynstr_.Add("oatlastword");
683       Elf_Word oatlastword_address = rodata_.GetAddress() + rodata_size - 4;
684       dynsym_.Add(oatlastword, &rodata_, oatlastword_address, 4, STB_GLOBAL, STT_OBJECT);
685     }
686     DCHECK_LE(data_img_rel_ro_app_image_offset, data_img_rel_ro_size);
687     if (data_img_rel_ro_size != 0u) {
688       Elf_Word oatdataimgrelro = dynstr_.Add("oatdataimgrelro");
689       dynsym_.Add(oatdataimgrelro,
690                   &data_img_rel_ro_,
691                   data_img_rel_ro_.GetAddress(),
692                   data_img_rel_ro_size,
693                   STB_GLOBAL,
694                   STT_OBJECT);
695       Elf_Word oatdataimgrelrolastword = dynstr_.Add("oatdataimgrelrolastword");
696       dynsym_.Add(oatdataimgrelrolastword,
697                   &data_img_rel_ro_,
698                   data_img_rel_ro_.GetAddress() + data_img_rel_ro_size - 4,
699                   4,
700                   STB_GLOBAL,
701                   STT_OBJECT);
702       if (data_img_rel_ro_app_image_offset != data_img_rel_ro_size) {
703         Elf_Word oatdataimgrelroappimage = dynstr_.Add("oatdataimgrelroappimage");
704         dynsym_.Add(oatdataimgrelroappimage,
705                     &data_img_rel_ro_,
706                     data_img_rel_ro_.GetAddress() + data_img_rel_ro_app_image_offset,
707                     data_img_rel_ro_app_image_offset,
708                     STB_GLOBAL,
709                     STT_OBJECT);
710       }
711     }
712     DCHECK_LE(bss_roots_offset, bss_size);
713     if (bss_size != 0u) {
714       Elf_Word oatbss = dynstr_.Add("oatbss");
715       dynsym_.Add(oatbss, &bss_, bss_.GetAddress(), bss_roots_offset, STB_GLOBAL, STT_OBJECT);
716       DCHECK_LE(bss_methods_offset, bss_roots_offset);
717       DCHECK_LE(bss_roots_offset, bss_size);
718       // Add a symbol marking the start of the methods part of the .bss, if not empty.
719       if (bss_methods_offset != bss_roots_offset) {
720         Elf_Word bss_methods_address = bss_.GetAddress() + bss_methods_offset;
721         Elf_Word bss_methods_size = bss_roots_offset - bss_methods_offset;
722         Elf_Word oatbssroots = dynstr_.Add("oatbssmethods");
723         dynsym_.Add(
724             oatbssroots, &bss_, bss_methods_address, bss_methods_size, STB_GLOBAL, STT_OBJECT);
725       }
726       // Add a symbol marking the start of the GC roots part of the .bss, if not empty.
727       if (bss_roots_offset != bss_size) {
728         Elf_Word bss_roots_address = bss_.GetAddress() + bss_roots_offset;
729         Elf_Word bss_roots_size = bss_size - bss_roots_offset;
730         Elf_Word oatbssroots = dynstr_.Add("oatbssroots");
731         dynsym_.Add(
732             oatbssroots, &bss_, bss_roots_address, bss_roots_size, STB_GLOBAL, STT_OBJECT);
733       }
734       Elf_Word oatbsslastword = dynstr_.Add("oatbsslastword");
735       Elf_Word bsslastword_address = bss_.GetAddress() + bss_size - 4;
736       dynsym_.Add(oatbsslastword, &bss_, bsslastword_address, 4, STB_GLOBAL, STT_OBJECT);
737     }
738     if (dex_size != 0u) {
739       Elf_Word oatdex = dynstr_.Add("oatdex");
740       dynsym_.Add(oatdex, &dex_, dex_.GetAddress(), /* size= */ 0, STB_GLOBAL, STT_OBJECT);
741       Elf_Word oatdexlastword = dynstr_.Add("oatdexlastword");
742       Elf_Word oatdexlastword_address = dex_.GetAddress() + dex_size - 4;
743       dynsym_.Add(oatdexlastword, &dex_, oatdexlastword_address, 4, STB_GLOBAL, STT_OBJECT);
744     }
745 
746     Elf_Word soname_offset = dynstr_.Add(soname);
747 
748     // We do not really need a hash-table since there is so few entries.
749     // However, the hash-table is the only way the linker can actually
750     // determine the number of symbols in .dynsym so it is required.
751     int count = dynsym_.GetCacheSize() / sizeof(Elf_Sym);  // Includes NULL.
752     std::vector<Elf_Word> hash;
753     hash.push_back(1);  // Number of buckets.
754     hash.push_back(count);  // Number of chains.
755     // Buckets.  Having just one makes it linear search.
756     hash.push_back(1);  // Point to first non-NULL symbol.
757     // Chains.  This creates linked list of symbols.
758     hash.push_back(0);  // Placeholder entry for the NULL symbol.
759     for (int i = 1; i < count - 1; i++) {
760       hash.push_back(i + 1);  // Each symbol points to the next one.
761     }
762     hash.push_back(0);  // Last symbol terminates the chain.
763     hash_.Add(hash.data(), hash.size() * sizeof(hash[0]));
764 
765     // Allocate all remaining sections.
766     dynstr_.AllocateVirtualMemory(dynstr_.GetCacheSize());
767     dynsym_.AllocateVirtualMemory(dynsym_.GetCacheSize());
768     hash_.AllocateVirtualMemory(hash_.GetCacheSize());
769 
770     Elf_Dyn dyns[] = {
771       { .d_tag = DT_HASH,   .d_un = { .d_ptr = hash_.GetAddress() }, },
772       { .d_tag = DT_STRTAB, .d_un = { .d_ptr = dynstr_.GetAddress() }, },
773       { .d_tag = DT_SYMTAB, .d_un = { .d_ptr = dynsym_.GetAddress() }, },
774       { .d_tag = DT_SYMENT, .d_un = { .d_ptr = sizeof(Elf_Sym) }, },
775       { .d_tag = DT_STRSZ,  .d_un = { .d_ptr = dynstr_.GetCacheSize() }, },
776       { .d_tag = DT_SONAME, .d_un = { .d_ptr = soname_offset }, },
777       { .d_tag = DT_NULL,   .d_un = { .d_ptr = 0 }, },
778     };
779     dynamic_.Add(&dyns, sizeof(dyns));
780     dynamic_.AllocateVirtualMemory(dynamic_.GetCacheSize());
781 
782     loaded_size_ = RoundUp(virtual_address_, kElfSegmentAlignment);
783   }
784 
WriteDynamicSection()785   void WriteDynamicSection() {
786     dynstr_.WriteCachedSection();
787     dynsym_.WriteCachedSection();
788     hash_.WriteCachedSection();
789     dynamic_.WriteCachedSection();
790   }
791 
GetLoadedSize()792   Elf_Word GetLoadedSize() {
793     CHECK_NE(loaded_size_, 0u);
794     return loaded_size_;
795   }
796 
WriteBuildIdSection()797   void WriteBuildIdSection() {
798     build_id_.Start();
799     build_id_.Write();
800     build_id_.End();
801   }
802 
WriteBuildId(uint8_t build_id[kBuildIdLen])803   void WriteBuildId(uint8_t build_id[kBuildIdLen]) {
804     stream_.Seek(build_id_.GetDigestStart(), kSeekSet);
805     stream_.WriteFully(build_id, kBuildIdLen);
806     stream_.Flush();
807   }
808 
809   // Returns true if all writes and seeks on the output stream succeeded.
Good()810   bool Good() {
811     return stream_.Good();
812   }
813 
814   // Returns the builder's internal stream.
GetStream()815   OutputStream* GetStream() {
816     return &stream_;
817   }
818 
AlignFileOffset(size_t alignment)819   off_t AlignFileOffset(size_t alignment) {
820      return stream_.Seek(RoundUp(stream_.Seek(0, kSeekCurrent), alignment), kSeekSet);
821   }
822 
GetIsaFromHeader(const Elf_Ehdr & header)823   static InstructionSet GetIsaFromHeader(const Elf_Ehdr& header) {
824     switch (header.e_machine) {
825       case EM_ARM:
826         return InstructionSet::kThumb2;
827       case EM_AARCH64:
828         return InstructionSet::kArm64;
829       case EM_RISCV:
830         return InstructionSet::kRiscv64;
831       case EM_386:
832         return InstructionSet::kX86;
833       case EM_X86_64:
834         return InstructionSet::kX86_64;
835     }
836     LOG(FATAL) << "Unknown architecture: " << header.e_machine;
837     UNREACHABLE();
838   }
839 
840  private:
MakeElfHeader(InstructionSet isa)841   static Elf_Ehdr MakeElfHeader(InstructionSet isa) {
842     Elf_Ehdr elf_header = Elf_Ehdr();
843     switch (isa) {
844       case InstructionSet::kArm:
845         // Fall through.
846       case InstructionSet::kThumb2: {
847         elf_header.e_machine = EM_ARM;
848         elf_header.e_flags = EF_ARM_EABI_VER5;
849         break;
850       }
851       case InstructionSet::kArm64: {
852         elf_header.e_machine = EM_AARCH64;
853         elf_header.e_flags = 0;
854         break;
855       }
856       case InstructionSet::kRiscv64: {
857         elf_header.e_machine = EM_RISCV;
858         elf_header.e_flags = EF_RISCV_RVC | EF_RISCV_FLOAT_ABI_DOUBLE;
859         break;
860       }
861       case InstructionSet::kX86: {
862         elf_header.e_machine = EM_386;
863         elf_header.e_flags = 0;
864         break;
865       }
866       case InstructionSet::kX86_64: {
867         elf_header.e_machine = EM_X86_64;
868         elf_header.e_flags = 0;
869         break;
870       }
871       case InstructionSet::kNone: {
872         LOG(FATAL) << "No instruction set";
873         break;
874       }
875       default: {
876         LOG(FATAL) << "Unknown instruction set " << isa;
877       }
878     }
879     DCHECK_EQ(GetIsaFromHeader(elf_header),
880               (isa == InstructionSet::kArm) ? InstructionSet::kThumb2 : isa);
881 
882     elf_header.e_ident[EI_MAG0]       = ELFMAG0;
883     elf_header.e_ident[EI_MAG1]       = ELFMAG1;
884     elf_header.e_ident[EI_MAG2]       = ELFMAG2;
885     elf_header.e_ident[EI_MAG3]       = ELFMAG3;
886     elf_header.e_ident[EI_CLASS]      = (sizeof(Elf_Addr) == sizeof(Elf32_Addr))
887                                          ? ELFCLASS32 : ELFCLASS64;
888     elf_header.e_ident[EI_DATA]       = ELFDATA2LSB;
889     elf_header.e_ident[EI_VERSION]    = EV_CURRENT;
890     elf_header.e_ident[EI_OSABI]      = ELFOSABI_LINUX;
891     elf_header.e_ident[EI_ABIVERSION] = 0;
892     elf_header.e_type = ET_DYN;
893     elf_header.e_version = 1;
894     elf_header.e_entry = 0;
895     elf_header.e_ehsize = sizeof(Elf_Ehdr);
896     elf_header.e_phentsize = sizeof(Elf_Phdr);
897     elf_header.e_shentsize = sizeof(Elf_Shdr);
898     return elf_header;
899   }
900 
901   // Create program headers based on written sections.
MakeProgramHeaders()902   std::vector<Elf_Phdr> MakeProgramHeaders() {
903     CHECK(!sections_.empty());
904     std::vector<Elf_Phdr> phdrs;
905     {
906       // The program headers must start with PT_PHDR which is used in
907       // loaded process to determine the number of program headers.
908       Elf_Phdr phdr = Elf_Phdr();
909       phdr.p_type    = PT_PHDR;
910       phdr.p_flags   = PF_R;
911       phdr.p_offset  = phdr.p_vaddr = phdr.p_paddr = sizeof(Elf_Ehdr);
912       phdr.p_filesz  = phdr.p_memsz = 0;  // We need to fill this later.
913       phdr.p_align   = sizeof(Elf_Off);
914       phdrs.push_back(phdr);
915       // Tell the linker to mmap the start of file to memory.
916       Elf_Phdr load = Elf_Phdr();
917       load.p_type    = PT_LOAD;
918       load.p_flags   = PF_R;
919       load.p_offset  = load.p_vaddr = load.p_paddr = 0;
920       load.p_filesz  = load.p_memsz = sizeof(Elf_Ehdr) + sizeof(Elf_Phdr) * kMaxProgramHeaders;
921       load.p_align   = kElfSegmentAlignment;
922       phdrs.push_back(load);
923     }
924     // Create program headers for sections.
925     for (auto* section : sections_) {
926       const Elf_Shdr& shdr = section->header_;
927       if ((shdr.sh_flags & SHF_ALLOC) != 0 && shdr.sh_size != 0) {
928         DCHECK(shdr.sh_addr != 0u) << "Allocate virtual memory for the section";
929         // PT_LOAD tells the linker to mmap part of the file.
930         // The linker can only mmap page-aligned sections.
931         // Single PT_LOAD may contain several ELF sections.
932         Elf_Phdr& prev = phdrs.back();
933         Elf_Phdr load = Elf_Phdr();
934         load.p_type   = PT_LOAD;
935         load.p_flags  = section->phdr_flags_;
936         load.p_offset = shdr.sh_offset;
937         load.p_vaddr  = load.p_paddr = shdr.sh_addr;
938         load.p_filesz = (shdr.sh_type != SHT_NOBITS ? shdr.sh_size : 0u);
939         load.p_memsz  = shdr.sh_size;
940         load.p_align  = shdr.sh_addralign;
941         if (prev.p_type == load.p_type &&
942             prev.p_flags == load.p_flags &&
943             prev.p_filesz == prev.p_memsz &&  // Do not merge .bss
944             load.p_filesz == load.p_memsz) {  // Do not merge .bss
945           // Merge this PT_LOAD with the previous one.
946           Elf_Word size = shdr.sh_offset + shdr.sh_size - prev.p_offset;
947           prev.p_filesz = size;
948           prev.p_memsz  = size;
949         } else {
950           // If we are adding new load, it must be aligned.
951           CHECK_EQ(shdr.sh_addralign, (Elf_Word)kElfSegmentAlignment);
952           phdrs.push_back(load);
953         }
954       }
955     }
956     for (auto* section : sections_) {
957       const Elf_Shdr& shdr = section->header_;
958       if ((shdr.sh_flags & SHF_ALLOC) != 0 && shdr.sh_size != 0) {
959         // Other PT_* types allow the program to locate interesting
960         // parts of memory at runtime. They must overlap with PT_LOAD.
961         if (section->phdr_type_ != 0) {
962           Elf_Phdr phdr = Elf_Phdr();
963           phdr.p_type   = section->phdr_type_;
964           phdr.p_flags  = section->phdr_flags_;
965           phdr.p_offset = shdr.sh_offset;
966           phdr.p_vaddr  = phdr.p_paddr = shdr.sh_addr;
967           phdr.p_filesz = phdr.p_memsz = shdr.sh_size;
968           phdr.p_align  = shdr.sh_addralign;
969           phdrs.push_back(phdr);
970         }
971       }
972     }
973     // Set the size of the initial PT_PHDR.
974     CHECK_EQ(phdrs[0].p_type, (Elf_Word)PT_PHDR);
975     phdrs[0].p_filesz = phdrs[0].p_memsz = phdrs.size() * sizeof(Elf_Phdr);
976 
977     return phdrs;
978   }
979 
980   InstructionSet isa_;
981 
982   ErrorDelayingOutputStream stream_;
983 
984   Section rodata_;
985   Section text_;
986   Section data_img_rel_ro_;
987   Section bss_;
988   Section dex_;
989   CachedStringSection dynstr_;
990   SymbolSection dynsym_;
991   CachedSection hash_;
992   CachedSection dynamic_;
993   StringSection strtab_;
994   SymbolSection symtab_;
995   Section debug_frame_;
996   Section debug_frame_hdr_;
997   Section debug_info_;
998   Section debug_line_;
999   StringSection shstrtab_;
1000   BuildIdSection build_id_;
1001   std::vector<std::unique_ptr<Section>> other_sections_;
1002 
1003   // List of used section in the order in which they were written.
1004   std::vector<Section*> sections_;
1005   Section* current_section_;  // The section which is currently being written.
1006 
1007   bool started_;
1008   bool finished_;
1009   bool write_program_headers_;
1010 
1011   // The size of the memory taken by the ELF file when loaded.
1012   size_t loaded_size_;
1013 
1014   // Used for allocation of virtual address space.
1015   Elf_Addr virtual_address_;
1016 
1017   DISALLOW_COPY_AND_ASSIGN(ElfBuilder);
1018 };
1019 
1020 }  // namespace art
1021 
1022 #endif  // ART_LIBELFFILE_ELF_ELF_BUILDER_H_
1023