1 /* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2008 Red Hat, Inc.
2 This file is part of elfutils.
3 Written by Ulrich Drepper <drepper@redhat.com>, 2001.
4
5 This file is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
9
10 elfutils is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. */
17
18 #ifdef HAVE_CONFIG_H
19 # include <config.h>
20 #endif
21
22 #include <assert.h>
23 #include <error.h>
24 #include <libintl.h>
25 #include <stdlib.h>
26 #include <string.h>
27
28 // XXX For debugging
29 #include <stdio.h>
30
31 #include <system.h>
32 #include "ld.h"
33 #include "list.h"
34 /* x86 is little endian. */
35 #define UNALIGNED_ACCESS_CLASS LITTLE_ENDIAN
36 #include "unaligned.h"
37 #include "xelf.h"
38
39
40 /* The old callbacks. */
41 static int (*old_open_outfile) (struct ld_state *, int, int, int);
42
43
44 static int
elf_i386_open_outfile(struct ld_state * statep,int machine,int klass,int data)45 elf_i386_open_outfile (struct ld_state *statep,
46 int machine __attribute__ ((unused)),
47 int klass __attribute__ ((unused)),
48 int data __attribute__ ((unused)))
49 {
50 /* This backend only handles 32-bit object files. */
51 /* XXX For now just use the generic backend. */
52 return old_open_outfile (statep, EM_386, ELFCLASS32, ELFDATA2LSB);
53 }
54
55
56 /* Process relocations for the output in a relocatable file. This
57 only means adjusting offset and symbol indices. */
58 static void
elf_i386_relocate_section(struct ld_state * statep,Elf_Scn * outscn,struct scninfo * firstp,const Elf32_Word * dblindirect)59 elf_i386_relocate_section (struct ld_state *statep __attribute__ ((unused)),
60 Elf_Scn *outscn, struct scninfo *firstp,
61 const Elf32_Word *dblindirect)
62 {
63 struct scninfo *runp;
64 Elf_Data *data;
65
66 /* Iterate over all the input sections. Appropriate data buffers in the
67 output sections were already created. */
68 runp = firstp;
69 data = NULL;
70 do
71 {
72 Elf_Data *reltgtdata;
73 Elf_Data *insymdata;
74 Elf_Data *inxndxdata = NULL;
75 size_t maxcnt;
76 size_t cnt;
77 const Elf32_Word *symindirect;
78 struct symbol **symref;
79 struct usedfiles *file = runp->fileinfo;
80 XElf_Shdr *shdr = &SCNINFO_SHDR (runp->shdr);
81
82 /* Get the output section data buffer for this input section. */
83 data = elf_getdata (outscn, data);
84 assert (data != NULL);
85
86 /* Get the data for section in the input file this relocation
87 section is relocating. Since these buffers are reused in the
88 output modifying these buffers has the correct result. */
89 reltgtdata = elf_getdata (file->scninfo[shdr->sh_info].scn, NULL);
90
91 /* Get the data for the input section symbol table for this
92 relocation section. */
93 insymdata = elf_getdata (file->scninfo[shdr->sh_link].scn, NULL);
94 assert (insymdata != NULL);
95
96 /* And the extended section index table. */
97 inxndxdata = runp->fileinfo->xndxdata;
98
99 /* Number of relocations. */
100 maxcnt = shdr->sh_size / shdr->sh_entsize;
101
102 /* Array directing local symbol table offsets to output symbol
103 table offsets. */
104 symindirect = file->symindirect;
105
106 /* References to the symbol records. */
107 symref = file->symref;
108
109 /* Iterate over all the relocations in the section. */
110 for (cnt = 0; cnt < maxcnt; ++cnt)
111 {
112 XElf_Rel_vardef (rel);
113 Elf32_Word si;
114 XElf_Sym_vardef (sym);
115 Elf32_Word xndx;
116
117 /* Get the relocation data itself. x86 uses Rel
118 relocations. In case we have to handle Rela as well the
119 whole loop probably should be duplicated. */
120 xelf_getrel (data, cnt, rel);
121 assert (rel != NULL);
122
123 /* Compute the symbol index in the output file. */
124 si = symindirect[XELF_R_SYM (rel->r_info)];
125 if (si == 0)
126 {
127 /* This happens if the symbol is locally undefined or
128 superceded by some other definition. */
129 assert (symref[XELF_R_SYM (rel->r_info)] != NULL);
130 si = symref[XELF_R_SYM (rel->r_info)]->outsymidx;
131 }
132 /* Take reordering performed to sort the symbol table into
133 account. */
134 si = dblindirect[si];
135
136 /* Get the symbol table entry. */
137 xelf_getsymshndx (insymdata, inxndxdata, XELF_R_SYM (rel->r_info),
138 sym, xndx);
139 if (sym->st_shndx != SHN_XINDEX)
140 xndx = sym->st_shndx;
141 assert (xndx < SHN_LORESERVE || xndx > SHN_HIRESERVE);
142
143 /* We fortunately don't have to do much. The relocations
144 mostly get only updates of the offset. Only for a
145 relocation referring to a section do we have to do
146 something. In this case the reference to the sections
147 has no direct equivalent since the part the input section
148 contributes need not start at the same offset as in the
149 input file. Therefore we have to adjust the addend which
150 in the case of Rel relocations is in the target section
151 itself. */
152 if (XELF_ST_TYPE (sym->st_info) == STT_SECTION)
153 {
154 /* We expect here only R_386_32 relocations. */
155 assert (XELF_R_TYPE (rel->r_info) == R_386_32);
156
157 /* Avoid writing to the section memory if this is
158 effectively a no-op since it might save a
159 copy-on-write operation. */
160 Elf32_Word toadd = file->scninfo[xndx].offset;
161 if (toadd != 0)
162 add_4ubyte_unaligned (reltgtdata->d_buf + rel->r_offset,
163 toadd);
164 }
165
166 /* Adjust the offset for the position of the input section
167 content in the output section. */
168 rel->r_offset += file->scninfo[shdr->sh_info].offset;
169
170 /* And finally adjust the index of the symbol in the output
171 symbol table. */
172 rel->r_info = XELF_R_INFO (si, XELF_R_TYPE (rel->r_info));
173
174 /* Store the result. */
175 (void) xelf_update_rel (data, cnt, rel);
176 }
177
178 runp = runp->next;
179 }
180 while (runp != firstp);
181 }
182
183
184 /* Each PLT entry has 16 bytes. We need one entry as overhead for
185 the code to set up the call into the runtime relocation. */
186 #define PLT_ENTRY_SIZE 16
187
188 static void
elf_i386_initialize_plt(struct ld_state * statep,Elf_Scn * scn)189 elf_i386_initialize_plt (struct ld_state *statep, Elf_Scn *scn)
190 {
191 Elf_Data *data;
192 XElf_Shdr_vardef (shdr);
193
194 /* Change the entry size in the section header. */
195 xelf_getshdr (scn, shdr);
196 assert (shdr != NULL);
197 shdr->sh_entsize = PLT_ENTRY_SIZE;
198 (void) xelf_update_shdr (scn, shdr);
199
200 data = elf_newdata (scn);
201 if (data == NULL)
202 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLT section: %s"),
203 elf_errmsg (-1));
204
205 /* We need one special PLT entry (performing the jump to the runtime
206 relocation routines) and one for each function we call in a DSO. */
207 data->d_size = (1 + statep->nplt) * PLT_ENTRY_SIZE;
208 data->d_buf = xcalloc (1, data->d_size);
209 assert (data->d_type == ELF_T_BYTE);
210 data->d_off = 0;
211 data->d_align = 8;
212
213 statep->nplt_used = 1;
214 }
215
216
217 static void
elf_i386_initialize_pltrel(struct ld_state * statep,Elf_Scn * scn)218 elf_i386_initialize_pltrel (struct ld_state *statep, Elf_Scn *scn)
219 {
220 Elf_Data *data;
221
222 data = elf_newdata (scn);
223 if (data == NULL)
224 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLTREL section: %s"),
225 elf_errmsg (-1));
226
227 /* One relocation per PLT entry. */
228 size_t size = statep->nplt * sizeof (Elf32_Rel);
229 data->d_buf = xcalloc (1, size);
230 data->d_type = ELF_T_REL;
231 data->d_size = size;
232 data->d_align = 4;
233 data->d_off = 0;
234 }
235
236
237 static void
elf_i386_initialize_got(struct ld_state * statep,Elf_Scn * scn)238 elf_i386_initialize_got (struct ld_state *statep, Elf_Scn *scn)
239 {
240 /* If we come here we better need a GOT. */
241 assert (statep->ngot != 0);
242
243 Elf_Data *data = elf_newdata (scn);
244 if (data == NULL)
245 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOT section: %s"),
246 elf_errmsg (-1));
247
248 /* Just a single word per GOT entry is needed. */
249 size_t size = statep->ngot * sizeof (Elf32_Addr);
250 data->d_buf = xcalloc (1, size);
251 data->d_size = size;
252 data->d_type = ELF_T_WORD;
253 data->d_off = 0;
254 data->d_align = sizeof (Elf32_Addr);
255 }
256
257
258 static void
elf_i386_initialize_gotplt(struct ld_state * statep,Elf_Scn * scn)259 elf_i386_initialize_gotplt (struct ld_state *statep, Elf_Scn *scn)
260 {
261 /* If we come here we better need a PLT. */
262 assert (statep->nplt != 0);
263
264 Elf_Data *data = elf_newdata (scn);
265 if (data == NULL)
266 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOTPLT section: %s"),
267 elf_errmsg (-1));
268
269 /* We construct the .got.plt section in pieces. Here we only add the data
270 structures which are used by the PLT. This includes three reserved
271 entries at the beginning (the first will contain a pointer to the
272 .dynamic section), and one word for each PLT entry. */
273 size_t size = (3 + statep->nplt) * sizeof (Elf32_Addr);
274 data->d_buf = xcalloc (1, size);
275 data->d_type = ELF_T_WORD;
276 data->d_size = size;
277 data->d_off = 0;
278 data->d_align = sizeof (Elf32_Addr);
279 }
280
281
282 /* The first entry in an absolute procedure linkage table looks like
283 this. See the SVR4 ABI i386 supplement to see how this works. */
284 static const unsigned char elf_i386_plt0_entry[PLT_ENTRY_SIZE] =
285 {
286 0xff, 0x35, /* pushl contents of address */
287 0, 0, 0, 0, /* replaced with address of .got + 4. */
288 0xff, 0x25, /* jmp indirect */
289 0, 0, 0, 0, /* replaced with address of .got + 8. */
290 0x0f, 0x0b, /* ud2a, to prevent further decoding. */
291 0, 0 /* pad out to 16 bytes. */
292 };
293
294 /* Type describing the first PLT entry in non-PIC. */
295 struct plt0_entry
296 {
297 /* First a 'push' of the second GOT entry. */
298 unsigned char push_instr[2];
299 uint32_t gotp4_addr;
300 /* Second, a 'jmp indirect' to the third GOT entry. */
301 unsigned char jmp_instr[2];
302 uint32_t gotp8_addr;
303 /* Padding. */
304 unsigned char padding[4];
305 } __attribute__ ((packed));
306
307 /* The first entry in a PIC procedure linkage table look like this. */
308 static const unsigned char elf_i386_pic_plt0_entry[PLT_ENTRY_SIZE] =
309 {
310 0xff, 0xb3, 4, 0, 0, 0, /* pushl 4(%ebx) */
311 0xff, 0xa3, 8, 0, 0, 0, /* jmp *8(%ebx) */
312 0x0f, 0x0b, /* ud2a, to prevent further decoding. */
313 0, 0 /* pad out to 16 bytes. */
314 };
315
316 /* Contents of all but the first PLT entry in executable. */
317 static const unsigned char elf_i386_plt_entry[PLT_ENTRY_SIZE] =
318 {
319 0xff, 0x25, /* jmp indirect */
320 0, 0, 0, 0, /* replaced with address of this symbol in .got. */
321 0x68, /* pushl immediate */
322 0, 0, 0, 0, /* replaced with offset into relocation table. */
323 0xe9, /* jmp relative */
324 0, 0, 0, 0 /* replaced with offset to start of .plt. */
325 };
326
327 /* Contents of all but the first PLT entry in DSOs. */
328 static const unsigned char elf_i386_pic_plt_entry[PLT_ENTRY_SIZE] =
329 {
330 0xff, 0xa3, /* jmp *offset(%ebx) */
331 0, 0, 0, 0, /* replaced with offset of this symbol in .got. */
332 0x68, /* pushl immediate */
333 0, 0, 0, 0, /* replaced with offset into relocation table. */
334 0xe9, /* jmp relative */
335 0, 0, 0, 0 /* replaced with offset to start of .plt. */
336 };
337
338 /* Type describing a PLT entry. */
339 struct plt_entry
340 {
341 /* The first instruction is 'jmp indirect' or 'jmp *offset(%ebs)'. */
342 unsigned char jmp_instr[2];
343 uint32_t offset_got;
344 /* The second instruction is 'push immediate'. */
345 unsigned char push_instr;
346 uint32_t push_imm;
347 /* Finally a 'jmp relative'. */
348 unsigned char jmp_instr2;
349 uint32_t plt0_offset;
350 } __attribute__ ((packed));
351
352
353 static void
elf_i386_finalize_plt(struct ld_state * statep,size_t nsym,size_t nsym_local,struct symbol ** ndxtosym)354 elf_i386_finalize_plt (struct ld_state *statep, size_t nsym,
355 size_t nsym_local, struct symbol **ndxtosym)
356 {
357 if (unlikely (statep->nplt + statep->ngot == 0))
358 /* Nothing to be done. */
359 return;
360
361 Elf_Scn *scn;
362 XElf_Shdr_vardef (shdr);
363 Elf_Data *data;
364 const bool build_dso = statep->file_type == dso_file_type;
365
366 /* Get the address of the .got.plt section. */
367 scn = elf_getscn (statep->outelf, statep->gotpltscnidx);
368 xelf_getshdr (scn, shdr);
369 data = elf_getdata (scn, NULL);
370 assert (shdr != NULL && data != NULL);
371 /* The address points to the .got.plt section, not the .got section. */
372 Elf32_Addr gotaddr = shdr->sh_addr;
373
374 /* Now create the initial values for the .got.plt section. The
375 first word contains the address of the .dynamic section. The
376 second and third entry are left empty for use by the dynamic
377 linker. The following entries are pointers to the instructions
378 following the initial jmp instruction in the corresponding PLT
379 entry. */
380 xelf_getshdr (elf_getscn (statep->outelf, statep->dynamicscnidx), shdr);
381 assert (shdr != NULL);
382 ((Elf32_Word *) data->d_buf)[0] = shdr->sh_addr;
383
384 /* The PLT contains code which a user of a function jumps to. The first
385 PLT entry is special, so the first used one has the index 1. */
386 scn = elf_getscn (statep->outelf, statep->pltscnidx);
387 XElf_Shdr_vardef (pltshdr);
388 xelf_getshdr (scn, pltshdr);
389 assert (pltshdr != NULL);
390
391 Elf_Data *dynsymdata = elf_getdata (elf_getscn (statep->outelf,
392 statep->dynsymscnidx), NULL);
393 assert (dynsymdata != NULL);
394
395 Elf_Data *symdata = NULL;
396 if (statep->symscnidx != 0)
397 {
398 symdata = elf_getdata (elf_getscn (statep->outelf, statep->symscnidx),
399 NULL);
400 assert (symdata != NULL);
401 }
402
403 /* Create the .plt section. */
404 scn = elf_getscn (statep->outelf, statep->pltscnidx);
405 Elf_Data *pltdata = elf_getdata (scn, NULL);
406 assert (pltdata != NULL);
407
408 /* Also create the .rel.plt section data. It simply means relocations
409 addressing the corresponding entry in the .got.plt section. The
410 section name is misleading. */
411 scn = elf_getscn (statep->outelf, statep->pltrelscnidx);
412 xelf_getshdr (scn, shdr);
413 Elf_Data *reldata = elf_getdata (scn, NULL);
414 assert (shdr != NULL && reldata != NULL);
415
416 /* Update the sh_link to point to the section being modified. We
417 point it here (correctly) to the .got.plt section. Some linkers
418 (e.g., the GNU binutils linker) point to the .plt section. This
419 is wrong since the .plt section isn't modified even though the
420 name .rel.plt suggests that this is correct. */
421 shdr->sh_link = statep->dynsymscnidx;
422 shdr->sh_info = statep->gotpltscnidx;
423 (void) xelf_update_shdr (scn, shdr);
424
425 /* Create the first entry of the .plt section. */
426 assert (pltdata->d_size >= PLT_ENTRY_SIZE);
427 if (build_dso)
428 /* Copy the entry. It's complete, no relocation needed. */
429 memcpy (pltdata->d_buf, elf_i386_pic_plt0_entry, PLT_ENTRY_SIZE);
430 else
431 {
432 /* Copy the skeleton. */
433 memcpy (pltdata->d_buf, elf_i386_plt0_entry, PLT_ENTRY_SIZE);
434
435 /* And fill in the addresses. */
436 struct plt0_entry *addr = (struct plt0_entry *) pltdata->d_buf;
437 addr->gotp4_addr = target_bswap_32 (gotaddr + 4);
438 addr->gotp8_addr = target_bswap_32 (gotaddr + 8);
439 }
440
441 /* For DSOs we need GOT offsets, otherwise the GOT address. */
442 Elf32_Addr gotaddr_off = build_dso ? 0 : gotaddr;
443
444 /* Create the remaining entries. */
445 const unsigned char *plt_template
446 = build_dso ? elf_i386_pic_plt_entry : elf_i386_plt_entry;
447
448 for (size_t idx = nsym_local; idx < nsym; ++idx)
449 {
450 struct symbol *symbol = ndxtosym[idx];
451 if (symbol == NULL || symbol->type != STT_FUNC
452 || ndxtosym[idx]->outdynsymidx == 0
453 // XXX is the following test correct?
454 || ! ndxtosym[idx]->in_dso)
455 continue;
456
457 size_t pltidx = symbol->merge.value;
458
459 assert (pltidx > 0);
460 assert ((3 + pltidx) * sizeof (Elf32_Word) <= data->d_size);
461
462 /* Address in the PLT. */
463 Elf32_Addr pltentryaddr = (pltshdr->sh_addr + pltidx * PLT_ENTRY_SIZE);
464
465 /* Point the GOT entry at the PLT entry, after the initial jmp. */
466 ((Elf32_Word *) data->d_buf)[2 + pltidx] = pltentryaddr + 6;
467
468 /* If the symbol is defined, adjust the address. */
469 if (((Elf32_Sym *) dynsymdata->d_buf)[ndxtosym[idx]->outdynsymidx].st_shndx != SHN_UNDEF)
470 {
471 /* The value of the symbol is the address of the corresponding PLT
472 entry. Store the address, also for the normal symbol table if
473 this is necessary. */
474 ((Elf32_Sym *) dynsymdata->d_buf)[pltidx].st_value = pltentryaddr;
475
476 if (symdata != NULL)
477 {
478 assert(nsym - statep->nplt + (pltidx - 1) == idx);
479 ((Elf32_Sym *) symdata->d_buf)[nsym - statep->nplt
480 + (pltidx - 1)].st_value
481 = pltentryaddr;
482 }
483 }
484
485 /* Copy the PLT entry template. */
486 assert (pltdata->d_size >= (1 + pltidx) * PLT_ENTRY_SIZE);
487 struct plt_entry *addr = (struct plt_entry *) ((char *) pltdata->d_buf
488 + (pltidx
489 * PLT_ENTRY_SIZE));
490 memcpy (addr, plt_template, PLT_ENTRY_SIZE);
491
492 /* And once more, fill in the addresses. First the address of
493 this symbol in .got. */
494 addr->offset_got = target_bswap_32 (gotaddr_off
495 + (2 + pltidx) * sizeof (Elf32_Addr));
496 /* Offset into relocation table. */
497 addr->push_imm = target_bswap_32 ((pltidx - 1) * sizeof (Elf32_Rel));
498 /* Offset to start of .plt. */
499 addr->plt0_offset = target_bswap_32 (-(1 + pltidx) * PLT_ENTRY_SIZE);
500
501
502 XElf_Rel_vardef (rel);
503 assert (pltidx * sizeof (Elf32_Rel) <= reldata->d_size);
504 xelf_getrel_ptr (reldata, pltidx - 1, rel);
505 rel->r_offset = gotaddr + (2 + pltidx) * sizeof (Elf32_Addr);
506 /* The symbol table entries for the functions from DSOs are at
507 the beginning of the symbol table. */
508 rel->r_info = XELF_R_INFO (ndxtosym[idx]->outdynsymidx, R_386_JMP_SLOT);
509 (void) xelf_update_rel (reldata, pltidx - 1, rel);
510 }
511 }
512
513
514 static int
elf_i386_rel_type(struct ld_state * statep)515 elf_i386_rel_type (struct ld_state *statep __attribute__ ((__unused__)))
516 {
517 /* ELF/i386 uses REL. */
518 return DT_REL;
519 }
520
521
522 static void
elf_i386_count_relocations(struct ld_state * statep,struct scninfo * scninfo)523 elf_i386_count_relocations (struct ld_state *statep, struct scninfo *scninfo)
524 {
525 /* We go through the list of input sections and count those relocations
526 which are not handled by the linker. At the same time we have to
527 see how many GOT entries we need and how much .bss space is needed
528 for copy relocations. */
529 Elf_Data *data = elf_getdata (scninfo->scn, NULL);
530 XElf_Shdr *shdr = &SCNINFO_SHDR (scninfo->shdr);
531 size_t maxcnt = shdr->sh_size / shdr->sh_entsize;
532 size_t relsize = 0;
533 size_t cnt;
534 struct symbol *sym;
535
536 assert (shdr->sh_type == SHT_REL);
537
538 for (cnt = 0; cnt < maxcnt; ++cnt)
539 {
540 XElf_Rel_vardef (rel);
541
542 xelf_getrel (data, cnt, rel);
543 /* XXX Should we complain about failing accesses? */
544 if (rel != NULL)
545 {
546 Elf32_Word r_sym = XELF_R_SYM (rel->r_info);
547
548 /* Symbols in COMDAT group sections which are discarded do
549 not have to be relocated. */
550 if (r_sym >= scninfo->fileinfo->nlocalsymbols
551 && unlikely (scninfo->fileinfo->symref[r_sym] == NULL))
552 continue;
553
554 switch (XELF_R_TYPE (rel->r_info))
555 {
556 case R_386_GOT32:
557 if (! scninfo->fileinfo->symref[r_sym]->defined
558 || scninfo->fileinfo->symref[r_sym]->in_dso
559 || statep->file_type == dso_file_type)
560 {
561 relsize += sizeof (Elf32_Rel);
562 ++statep->nrel_got;
563 }
564
565 /* Even if this relocation is not emitted in the output
566 file it requires a GOT entry. */
567 ++statep->ngot;
568
569 /* FALLTHROUGH */
570
571 case R_386_GOTOFF:
572 case R_386_GOTPC:
573 statep->need_got = true;
574 break;
575
576 case R_386_32:
577 case R_386_PC32:
578 /* These relocations cause text relocations in DSOs. */
579 if (linked_from_dso_p (scninfo, r_sym))
580 {
581 if (statep->file_type == dso_file_type)
582 {
583 relsize += sizeof (Elf32_Rel);
584 // XXX Do we have to check whether the target
585 // XXX section is read-only first?
586 statep->dt_flags |= DF_TEXTREL;
587 }
588 else
589 {
590 /* Non-function objects from a DSO need to get a
591 copy relocation. */
592 sym = scninfo->fileinfo->symref[r_sym];
593
594 /* Only do this if we have not requested a copy
595 relocation already. */
596 if (unlikely (sym->type != STT_FUNC) && ! sym->need_copy)
597 {
598 sym->need_copy = 1;
599 ++statep->ncopy;
600 relsize += sizeof (Elf32_Rel);
601 }
602 }
603 }
604 else if (statep->file_type == dso_file_type
605 && XELF_R_TYPE (rel->r_info) == R_386_32)
606 relsize += sizeof (Elf32_Rel);
607
608 break;
609
610 case R_386_PLT32:
611 /* We might need a PLT entry. But we cannot say for sure
612 here since one of the symbols might turn up being
613 defined in the executable (if we create such a thing).
614 If a DSO is created we still might use a local
615 definition.
616
617 If the symbol is not defined and we are not creating
618 a statically linked binary, then we need in any case
619 a PLT entry. */
620 if (! scninfo->fileinfo->symref[r_sym]->defined
621 && !statep->statically)
622 {
623 sym = scninfo->fileinfo->symref[r_sym];
624 sym->type = STT_FUNC;
625 sym->in_dso = 1;
626 sym->defined = 1;
627
628 /* Remove from the list of unresolved symbols. */
629 --statep->nunresolved;
630 if (! sym->weak)
631 --statep->nunresolved_nonweak;
632 CDBL_LIST_DEL (statep->unresolved, sym);
633
634 /* Add to the list of symbols we expect from a DSO. */
635 ++statep->nplt;
636 ++statep->nfrom_dso;
637 CDBL_LIST_ADD_REAR (statep->from_dso, sym);
638 }
639 break;
640
641 case R_386_TLS_LDO_32:
642 if (statep->file_type != executable_file_type)
643 abort ();
644 /* We do not need a relocation in the output file. */
645 break;
646
647 case R_386_TLS_LE:
648 /* We never need a relocation in the output file. */
649 break;
650
651 case R_386_TLS_IE:
652 if (statep->file_type == dso_file_type)
653 error (EXIT_FAILURE, 0, gettext ("initial-executable TLS relocation cannot be used "));
654 if (!scninfo->fileinfo->symref[r_sym]->defined
655 || scninfo->fileinfo->symref[r_sym]->in_dso)
656 {
657 abort ();
658 }
659 break;
660
661 case R_386_TLS_GD:
662 if (statep->file_type != executable_file_type
663 || !scninfo->fileinfo->symref[r_sym]->defined
664 || scninfo->fileinfo->symref[r_sym]->in_dso)
665 {
666 abort ();
667 }
668 break;
669
670 case R_386_TLS_GOTIE:
671 case R_386_TLS_LDM:
672 case R_386_TLS_GD_32:
673 case R_386_TLS_GD_PUSH:
674 case R_386_TLS_GD_CALL:
675 case R_386_TLS_GD_POP:
676 case R_386_TLS_LDM_32:
677 case R_386_TLS_LDM_PUSH:
678 case R_386_TLS_LDM_CALL:
679 case R_386_TLS_LDM_POP:
680 case R_386_TLS_IE_32:
681 case R_386_TLS_LE_32:
682 /* XXX */
683 abort ();
684 break;
685
686 case R_386_NONE:
687 /* Nothing to be done. */
688 break;
689
690 /* These relocation should never be generated by an
691 assembler. */
692 case R_386_COPY:
693 case R_386_GLOB_DAT:
694 case R_386_JMP_SLOT:
695 case R_386_RELATIVE:
696 case R_386_TLS_DTPMOD32:
697 case R_386_TLS_DTPOFF32:
698 case R_386_TLS_TPOFF32:
699 /* Unknown relocation. */
700 default:
701 abort ();
702 }
703 }
704 }
705
706 scninfo->relsize = relsize;
707 }
708
709
710 static void
elf_i386_create_relocations(struct ld_state * statep,const Elf32_Word * dblindirect)711 elf_i386_create_relocations (struct ld_state *statep,
712 const Elf32_Word *dblindirect __attribute__ ((unused)))
713 {
714 /* Get the address of the got section. */
715 Elf_Scn *pltscn = elf_getscn (statep->outelf, statep->pltscnidx);
716 Elf32_Shdr *shdr = elf32_getshdr (pltscn);
717 assert (shdr != NULL);
718 Elf32_Addr pltaddr = shdr->sh_addr;
719
720 Elf_Scn *gotscn = elf_getscn (statep->outelf, statep->gotscnidx);
721 // XXX Adjust the address, if necessary, for relro
722 Elf_Data *gotdata = NULL;
723 if (statep->need_got)
724 {
725 gotdata = elf_getdata (gotscn, NULL);
726 assert (gotdata != NULL);
727 }
728
729 Elf_Scn *gotpltscn = elf_getscn (statep->outelf, statep->gotpltscnidx);
730 shdr = elf32_getshdr (gotpltscn);
731 assert (shdr != NULL);
732 Elf32_Addr gotaddr = shdr->sh_addr;
733
734 Elf_Scn *reldynscn = elf_getscn (statep->outelf, statep->reldynscnidx);
735 Elf_Data *reldyndata = elf_getdata (reldynscn, NULL);
736 assert (reldyndata != NULL);
737
738 size_t nreldyn = 0;
739 size_t ngotconst = statep->nrel_got;
740
741 struct scninfo *first = statep->rellist->next;
742 struct scninfo *runp = first;
743 do
744 {
745 XElf_Shdr *rshdr = &SCNINFO_SHDR (runp->shdr);
746 Elf_Data *reldata = elf_getdata (runp->scn, NULL);
747 int nrels = rshdr->sh_size / rshdr->sh_entsize;
748
749 /* We will need the following values a couple of times. Help
750 the compiler and improve readability. */
751 struct symbol **symref = runp->fileinfo->symref;
752 struct scninfo *scninfo = runp->fileinfo->scninfo;
753
754 /* This is the offset of the input section we are looking at in
755 the output file. */
756 XElf_Addr inscnoffset = scninfo[rshdr->sh_info].offset;
757
758 /* The target section. We use the data from the input file. */
759 Elf_Data *data = elf_getdata (scninfo[rshdr->sh_info].scn, NULL);
760
761 /* We cannot handle relocations against merge-able sections. */
762 assert ((SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_flags
763 & SHF_MERGE) == 0);
764
765 /* Cache the access to the symbol table data. */
766 Elf_Data *symdata = elf_getdata (scninfo[rshdr->sh_link].scn, NULL);
767
768 for (int cnt = 0; cnt < nrels; ++cnt)
769 {
770 XElf_Rel_vardef (rel);
771 XElf_Rel *rel2;
772 xelf_getrel (reldata, cnt, rel);
773 assert (rel != NULL);
774 XElf_Addr reladdr = inscnoffset + rel->r_offset;
775 XElf_Addr value;
776
777 size_t idx = XELF_R_SYM (rel->r_info);
778 if (idx < runp->fileinfo->nlocalsymbols)
779 {
780 XElf_Sym_vardef (sym);
781 xelf_getsym (symdata, idx, sym);
782
783 /* The value only depends on the position of the referenced
784 section in the output file and the addend. */
785 value = scninfo[sym->st_shndx].offset + sym->st_value;
786 }
787 else
788 {
789 if (symref[idx] == NULL)
790 /* Symbol in ignored COMDAT group section. */
791 continue;
792
793 value = symref[idx]->merge.value;
794 if (symref[idx]->in_dso)
795 {
796 /* MERGE.VALUE contains the PLT index. If this is not for
797 a function the actual value will be computed later. */
798 assert (value != 0 || symref[idx]->type != STT_FUNC);
799 value = pltaddr + value * PLT_ENTRY_SIZE;
800 }
801 }
802
803 /* Address of the relocated memory in the data buffer. */
804 unsigned char *relloc = (unsigned char *) data->d_buf + rel->r_offset;
805
806 uint32_t thisgotidx;
807 switch (XELF_R_TYPE (rel->r_info))
808 {
809 /* These three cases can be handled together since the
810 symbol associated with the R_386_GOTPC relocation is
811 _GLOBAL_OFFSET_TABLE_ which has a value corresponding
812 to the address of the GOT and the address of the PLT
813 entry required for R_386_PLT32 is computed above. */
814 case R_386_PC32:
815 case R_386_GOTPC:
816 case R_386_PLT32:
817 value -= reladdr;
818 /* FALLTHROUGH */
819
820 case R_386_32:
821 if (linked_from_dso_p (scninfo, idx)
822 && statep->file_type != dso_file_type
823 && symref[idx]->type != STT_FUNC)
824 {
825 value = (ld_state.copy_section->offset
826 + symref[idx]->merge.value);
827
828 if (unlikely (symref[idx]->need_copy))
829 {
830 /* Add a relocation to initialize the GOT entry. */
831 assert (symref[idx]->outdynsymidx != 0);
832 #if NATIVE_ELF != 0
833 xelf_getrel_ptr (reldyndata, nreldyn, rel2);
834 #else
835 rel2 = &rel_mem;
836 #endif
837 rel2->r_offset = value;
838 rel2->r_info
839 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_COPY);
840 (void) xelf_update_rel (reldyndata, nreldyn, rel2);
841 ++nreldyn;
842 assert (nreldyn <= statep->nrel_got);
843
844 /* Update the symbol table record for the new
845 address. */
846 Elf32_Word symidx = symref[idx]->outdynsymidx;
847 Elf_Scn *symscn = elf_getscn (statep->outelf,
848 statep->dynsymscnidx);
849 Elf_Data *outsymdata = elf_getdata (symscn, NULL);
850 assert (outsymdata != NULL);
851 XElf_Sym_vardef (sym);
852 xelf_getsym (outsymdata, symidx, sym);
853 sym->st_value = value;
854 sym->st_shndx = statep->copy_section->outscnndx;
855 (void) xelf_update_sym (outsymdata, symidx, sym);
856
857 symidx = symref[idx]->outsymidx;
858 if (symidx != 0)
859 {
860 symidx = statep->dblindirect[symidx];
861 symscn = elf_getscn (statep->outelf,
862 statep->symscnidx);
863 outsymdata = elf_getdata (symscn, NULL);
864 assert (outsymdata != NULL);
865 xelf_getsym (outsymdata, symidx, sym);
866 sym->st_value = value;
867 sym->st_shndx = statep->copy_section->outscnndx;
868 (void) xelf_update_sym (outsymdata, symidx, sym);
869 }
870
871 /* Remember that we set up the copy relocation. */
872 symref[idx]->need_copy = 0;
873 }
874 }
875 else if (statep->file_type == dso_file_type
876 && XELF_R_TYPE (rel->r_info) == R_386_32)
877 {
878 #if NATIVE_ELF != 0
879 xelf_getrel_ptr (reldyndata, nreldyn, rel2);
880 #else
881 rel2 = &rel_mem;
882 #endif
883 rel2->r_offset = value;
884
885 /* For symbols we do not export we generate a relative
886 relocation. */
887 if (idx < SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_info
888 || symref[idx]->outdynsymidx == 0)
889 rel2->r_info = XELF_R_INFO (0, R_386_RELATIVE);
890 else
891 rel2->r_info
892 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_32);
893 (void) xelf_update_rel (reldyndata, nreldyn, rel2);
894 ++nreldyn;
895 assert (nreldyn <= statep->nrel_got);
896
897 value = 0;
898 }
899 add_4ubyte_unaligned (relloc, value);
900 break;
901
902 case R_386_GOT32:
903 if (! symref[idx]->defined || symref[idx]->in_dso)
904 {
905 thisgotidx = nreldyn++;
906 assert (thisgotidx < statep->nrel_got);
907
908 /* Add a relocation to initialize the GOT entry. */
909 #if NATIVE_ELF != 0
910 xelf_getrel_ptr (reldyndata, thisgotidx, rel2);
911 #else
912 rel2 = &rel_mem;
913 #endif
914 rel2->r_offset = gotaddr + ((thisgotidx - statep->ngot)
915 * sizeof (Elf32_Addr));
916 rel2->r_info
917 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_GLOB_DAT);
918 (void) xelf_update_rel (reldyndata, thisgotidx, rel2);
919 }
920 else if (statep->file_type != dso_file_type)
921 {
922 thisgotidx = ngotconst++;
923 assert (thisgotidx < statep->ngot);
924
925 /* We have to use a GOT since the generated code
926 requires it but we know the address and therefore
927 do not need a relocation. */
928 ((uint32_t *) gotdata->d_buf)[thisgotidx] = value;
929 }
930 else
931 {
932 thisgotidx = nreldyn++;
933 assert (thisgotidx < statep->nrel_got);
934
935 // XXX generate a relative relocation.
936 abort ();
937 }
938
939 store_4ubyte_unaligned (relloc,
940 (thisgotidx - statep->ngot)
941 * sizeof (Elf32_Addr));
942 break;
943
944 case R_386_GOTOFF:
945 add_4ubyte_unaligned (relloc, value - gotaddr);
946 break;
947
948 case R_386_TLS_LE:
949 value = symref[idx]->merge.value - ld_state.tls_tcb;
950 store_4ubyte_unaligned (relloc, value);
951 break;
952
953 case R_386_TLS_IE:
954 if (symref[idx]->defined && !symref[idx]->in_dso)
955 {
956 /* The symbol is defined in the executable.
957 Perform the IE->LE optimization.
958 There are multiple versions, though.
959
960 First version: mov ADDR,REG. */
961 if (relloc[-2] == 0x8b
962 && ((relloc[-1] & 0xc7) == 0x05))
963 {
964 relloc[-2] = 0xc7;
965 relloc[-1] = 0xc0 | ((relloc[-1] >> 3) & 7);
966 store_4ubyte_unaligned (relloc, (symref[idx]->merge.value
967 - ld_state.tls_tcb));
968 }
969 else
970 {
971 abort ();
972 }
973 }
974 else
975 {
976 abort ();
977 }
978 break;
979
980 case R_386_TLS_LDO_32:
981 value = symref[idx]->merge.value - ld_state.tls_start;
982 store_4ubyte_unaligned (relloc, value);
983 break;
984
985 case R_386_TLS_GD:
986 if (ld_state.file_type == executable_file_type)
987 {
988 if (symref[idx]->defined && !symref[idx]->in_dso)
989 {
990 /* The symbol is defined in the executable.
991 Perform the GD->LE optimization. */
992 static const char gd_to_le[] =
993 {
994 /* mov %gs:0x0,%eax */
995 0x65, 0xa1, 0x00, 0x00, 0x00, 0x00,
996 /* sub $OFFSET,%eax */
997 0x81, 0xe8
998 };
999 #ifndef NDEBUG
1000 static const char gd_text[] =
1001 {
1002 /* lea 0x0(,%ebx,1),%eax */
1003 0x8d, 0x04, 0x1d, 0x00, 0x00, 0x00, 0x00,
1004 /* call ___tls_get_addr */
1005 0xe8
1006 };
1007 assert (memcmp (relloc - 3, gd_text, sizeof (gd_text))
1008 == 0);
1009 #endif
1010 relloc = mempcpy (relloc - 3, gd_to_le,
1011 sizeof (gd_to_le));
1012 value = ld_state.tls_tcb- symref[idx]->merge.value;
1013 store_4ubyte_unaligned (relloc, value);
1014
1015 /* We have to skip over the next relocation which is
1016 the matching R_i386_PLT32 for __tls_get_addr. */
1017 ++cnt;
1018 #ifndef NDEBUG
1019 assert (cnt < nrels);
1020 XElf_Off old_offset = rel->r_offset;
1021 xelf_getrel (reldata, cnt, rel);
1022 assert (rel != NULL);
1023 assert (XELF_R_TYPE (rel->r_info) == R_386_PLT32);
1024 idx = XELF_R_SYM (rel->r_info);
1025 assert (strcmp (symref[idx]->name, "___tls_get_addr")
1026 == 0);
1027 assert (old_offset + 5 == rel->r_offset);
1028 #endif
1029
1030 break;
1031 }
1032 }
1033 abort ();
1034 break;
1035
1036 case R_386_32PLT:
1037 case R_386_TLS_TPOFF:
1038 case R_386_TLS_GOTIE:
1039 case R_386_TLS_LDM:
1040 case R_386_16:
1041 case R_386_PC16:
1042 case R_386_8:
1043 case R_386_PC8:
1044 case R_386_TLS_GD_32:
1045 case R_386_TLS_GD_PUSH:
1046 case R_386_TLS_GD_CALL:
1047 case R_386_TLS_GD_POP:
1048 case R_386_TLS_LDM_32:
1049 case R_386_TLS_LDM_PUSH:
1050 case R_386_TLS_LDM_CALL:
1051 case R_386_TLS_LDM_POP:
1052 case R_386_TLS_IE_32:
1053 case R_386_TLS_LE_32:
1054 // XXX For now fall through
1055 break;
1056
1057 case R_386_NONE:
1058 /* Nothing to do. */
1059 break;
1060
1061 case R_386_COPY:
1062 case R_386_JMP_SLOT:
1063 case R_386_RELATIVE:
1064 case R_386_GLOB_DAT:
1065 case R_386_TLS_DTPMOD32:
1066 case R_386_TLS_DTPOFF32:
1067 case R_386_TLS_TPOFF32:
1068 default:
1069 /* Should not happen. */
1070 abort ();
1071 }
1072 }
1073 }
1074 while ((runp = runp->next) != first);
1075 }
1076
1077
1078 int
elf_i386_ld_init(struct ld_state * statep)1079 elf_i386_ld_init (struct ld_state *statep)
1080 {
1081 /* We have a few callbacks available. */
1082 old_open_outfile = statep->callbacks.open_outfile;
1083 statep->callbacks.open_outfile = elf_i386_open_outfile;
1084
1085 statep->callbacks.relocate_section = elf_i386_relocate_section;
1086
1087 statep->callbacks.initialize_plt = elf_i386_initialize_plt;
1088 statep->callbacks.initialize_pltrel = elf_i386_initialize_pltrel;
1089
1090 statep->callbacks.initialize_got = elf_i386_initialize_got;
1091 statep->callbacks.initialize_gotplt = elf_i386_initialize_gotplt;
1092
1093 statep->callbacks.finalize_plt = elf_i386_finalize_plt;
1094
1095 statep->callbacks.rel_type = elf_i386_rel_type;
1096
1097 statep->callbacks.count_relocations = elf_i386_count_relocations;
1098
1099 statep->callbacks.create_relocations = elf_i386_create_relocations;
1100
1101 return 0;
1102 }
1103