1 /* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2008 Red Hat, Inc.
2 This file is part of Red Hat elfutils.
3 Written by Ulrich Drepper <drepper@redhat.com>, 2001.
4
5 Red Hat elfutils is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by the
7 Free Software Foundation; version 2 of the License.
8
9 Red Hat elfutils is distributed in the hope that it will be useful, but
10 WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 General Public License for more details.
13
14 You should have received a copy of the GNU General Public License along
15 with Red Hat elfutils; if not, write to the Free Software Foundation,
16 Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA.
17
18 Red Hat elfutils is an included package of the Open Invention Network.
19 An included package of the Open Invention Network is a package for which
20 Open Invention Network licensees cross-license their patents. No patent
21 license is granted, either expressly or impliedly, by designation as an
22 included package. Should you wish to participate in the Open Invention
23 Network licensing program, please visit www.openinventionnetwork.com
24 <http://www.openinventionnetwork.com>. */
25
26 #ifdef HAVE_CONFIG_H
27 # include <config.h>
28 #endif
29
30 #include <assert.h>
31 #include <error.h>
32 #include <libintl.h>
33 #include <stdlib.h>
34 #include <string.h>
35
36 // XXX For debugging
37 #include <stdio.h>
38
39 #include <system.h>
40 #include "ld.h"
41 #include "list.h"
42 /* x86 is little endian. */
43 #define UNALIGNED_ACCESS_CLASS LITTLE_ENDIAN
44 #include "unaligned.h"
45 #include "xelf.h"
46
47
48 /* The old callbacks. */
49 static int (*old_open_outfile) (struct ld_state *, int, int, int);
50
51
52 static int
elf_i386_open_outfile(struct ld_state * statep,int machine,int klass,int data)53 elf_i386_open_outfile (struct ld_state *statep,
54 int machine __attribute__ ((unused)),
55 int klass __attribute__ ((unused)),
56 int data __attribute__ ((unused)))
57 {
58 /* This backend only handles 32-bit object files. */
59 /* XXX For now just use the generic backend. */
60 return old_open_outfile (statep, EM_386, ELFCLASS32, ELFDATA2LSB);
61 }
62
63
64 /* Process relocations for the output in a relocatable file. This
65 only means adjusting offset and symbol indices. */
66 static void
elf_i386_relocate_section(struct ld_state * statep,Elf_Scn * outscn,struct scninfo * firstp,const Elf32_Word * dblindirect)67 elf_i386_relocate_section (struct ld_state *statep __attribute__ ((unused)),
68 Elf_Scn *outscn, struct scninfo *firstp,
69 const Elf32_Word *dblindirect)
70 {
71 struct scninfo *runp;
72 Elf_Data *data;
73
74 /* Iterate over all the input sections. Appropriate data buffers in the
75 output sections were already created. */
76 runp = firstp;
77 data = NULL;
78 do
79 {
80 Elf_Data *reltgtdata;
81 Elf_Data *insymdata;
82 Elf_Data *inxndxdata = NULL;
83 size_t maxcnt;
84 size_t cnt;
85 const Elf32_Word *symindirect;
86 struct symbol **symref;
87 struct usedfiles *file = runp->fileinfo;
88 XElf_Shdr *shdr = &SCNINFO_SHDR (runp->shdr);
89
90 /* Get the output section data buffer for this input section. */
91 data = elf_getdata (outscn, data);
92 assert (data != NULL);
93
94 /* Get the data for section in the input file this relocation
95 section is relocating. Since these buffers are reused in the
96 output modifying these buffers has the correct result. */
97 reltgtdata = elf_getdata (file->scninfo[shdr->sh_info].scn, NULL);
98
99 /* Get the data for the input section symbol table for this
100 relocation section. */
101 insymdata = elf_getdata (file->scninfo[shdr->sh_link].scn, NULL);
102 assert (insymdata != NULL);
103
104 /* And the extended section index table. */
105 inxndxdata = runp->fileinfo->xndxdata;
106
107 /* Number of relocations. */
108 maxcnt = shdr->sh_size / shdr->sh_entsize;
109
110 /* Array directing local symbol table offsets to output symbol
111 table offsets. */
112 symindirect = file->symindirect;
113
114 /* References to the symbol records. */
115 symref = file->symref;
116
117 /* Iterate over all the relocations in the section. */
118 for (cnt = 0; cnt < maxcnt; ++cnt)
119 {
120 XElf_Rel_vardef (rel);
121 Elf32_Word si;
122 XElf_Sym_vardef (sym);
123 Elf32_Word xndx;
124
125 /* Get the relocation data itself. x86 uses Rel
126 relocations. In case we have to handle Rela as well the
127 whole loop probably should be duplicated. */
128 xelf_getrel (data, cnt, rel);
129 assert (rel != NULL);
130
131 /* Compute the symbol index in the output file. */
132 si = symindirect[XELF_R_SYM (rel->r_info)];
133 if (si == 0)
134 {
135 /* This happens if the symbol is locally undefined or
136 superceded by some other definition. */
137 assert (symref[XELF_R_SYM (rel->r_info)] != NULL);
138 si = symref[XELF_R_SYM (rel->r_info)]->outsymidx;
139 }
140 /* Take reordering performed to sort the symbol table into
141 account. */
142 si = dblindirect[si];
143
144 /* Get the symbol table entry. */
145 xelf_getsymshndx (insymdata, inxndxdata, XELF_R_SYM (rel->r_info),
146 sym, xndx);
147 if (sym->st_shndx != SHN_XINDEX)
148 xndx = sym->st_shndx;
149 assert (xndx < SHN_LORESERVE || xndx > SHN_HIRESERVE);
150
151 /* We fortunately don't have to do much. The relocations
152 mostly get only updates of the offset. Only for a
153 relocation referring to a section do we have to do
154 something. In this case the reference to the sections
155 has no direct equivalent since the part the input section
156 contributes need not start at the same offset as in the
157 input file. Therefore we have to adjust the addend which
158 in the case of Rel relocations is in the target section
159 itself. */
160 if (XELF_ST_TYPE (sym->st_info) == STT_SECTION)
161 {
162 /* We expect here only R_386_32 relocations. */
163 assert (XELF_R_TYPE (rel->r_info) == R_386_32);
164
165 /* Avoid writing to the section memory if this is
166 effectively a no-op since it might save a
167 copy-on-write operation. */
168 Elf32_Word toadd = file->scninfo[xndx].offset;
169 if (toadd != 0)
170 add_4ubyte_unaligned (reltgtdata->d_buf + rel->r_offset,
171 toadd);
172 }
173
174 /* Adjust the offset for the position of the input section
175 content in the output section. */
176 rel->r_offset += file->scninfo[shdr->sh_info].offset;
177
178 /* And finally adjust the index of the symbol in the output
179 symbol table. */
180 rel->r_info = XELF_R_INFO (si, XELF_R_TYPE (rel->r_info));
181
182 /* Store the result. */
183 (void) xelf_update_rel (data, cnt, rel);
184 }
185
186 runp = runp->next;
187 }
188 while (runp != firstp);
189 }
190
191
192 /* Each PLT entry has 16 bytes. We need one entry as overhead for
193 the code to set up the call into the runtime relocation. */
194 #define PLT_ENTRY_SIZE 16
195
196 static void
elf_i386_initialize_plt(struct ld_state * statep,Elf_Scn * scn)197 elf_i386_initialize_plt (struct ld_state *statep, Elf_Scn *scn)
198 {
199 Elf_Data *data;
200 XElf_Shdr_vardef (shdr);
201
202 /* Change the entry size in the section header. */
203 xelf_getshdr (scn, shdr);
204 assert (shdr != NULL);
205 shdr->sh_entsize = PLT_ENTRY_SIZE;
206 (void) xelf_update_shdr (scn, shdr);
207
208 data = elf_newdata (scn);
209 if (data == NULL)
210 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLT section: %s"),
211 elf_errmsg (-1));
212
213 /* We need one special PLT entry (performing the jump to the runtime
214 relocation routines) and one for each function we call in a DSO. */
215 data->d_size = (1 + statep->nplt) * PLT_ENTRY_SIZE;
216 data->d_buf = xcalloc (1, data->d_size);
217 assert (data->d_type == ELF_T_BYTE);
218 data->d_off = 0;
219 data->d_align = 8;
220
221 statep->nplt_used = 1;
222 }
223
224
225 static void
elf_i386_initialize_pltrel(struct ld_state * statep,Elf_Scn * scn)226 elf_i386_initialize_pltrel (struct ld_state *statep, Elf_Scn *scn)
227 {
228 Elf_Data *data;
229
230 data = elf_newdata (scn);
231 if (data == NULL)
232 error (EXIT_FAILURE, 0, gettext ("cannot allocate PLTREL section: %s"),
233 elf_errmsg (-1));
234
235 /* One relocation per PLT entry. */
236 size_t size = statep->nplt * sizeof (Elf32_Rel);
237 data->d_buf = xcalloc (1, size);
238 data->d_type = ELF_T_REL;
239 data->d_size = size;
240 data->d_align = 4;
241 data->d_off = 0;
242 }
243
244
245 static void
elf_i386_initialize_got(struct ld_state * statep,Elf_Scn * scn)246 elf_i386_initialize_got (struct ld_state *statep, Elf_Scn *scn)
247 {
248 /* If we come here we better need a GOT. */
249 assert (statep->ngot != 0);
250
251 Elf_Data *data = elf_newdata (scn);
252 if (data == NULL)
253 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOT section: %s"),
254 elf_errmsg (-1));
255
256 /* Just a single word per GOT entry is needed. */
257 size_t size = statep->ngot * sizeof (Elf32_Addr);
258 data->d_buf = xcalloc (1, size);
259 data->d_size = size;
260 data->d_type = ELF_T_WORD;
261 data->d_off = 0;
262 data->d_align = sizeof (Elf32_Addr);
263 }
264
265
266 static void
elf_i386_initialize_gotplt(struct ld_state * statep,Elf_Scn * scn)267 elf_i386_initialize_gotplt (struct ld_state *statep, Elf_Scn *scn)
268 {
269 /* If we come here we better need a PLT. */
270 assert (statep->nplt != 0);
271
272 Elf_Data *data = elf_newdata (scn);
273 if (data == NULL)
274 error (EXIT_FAILURE, 0, gettext ("cannot allocate GOTPLT section: %s"),
275 elf_errmsg (-1));
276
277 /* We construct the .got.plt section in pieces. Here we only add the data
278 structures which are used by the PLT. This includes three reserved
279 entries at the beginning (the first will contain a pointer to the
280 .dynamic section), and one word for each PLT entry. */
281 size_t size = (3 + statep->nplt) * sizeof (Elf32_Addr);
282 data->d_buf = xcalloc (1, size);
283 data->d_type = ELF_T_WORD;
284 data->d_size = size;
285 data->d_off = 0;
286 data->d_align = sizeof (Elf32_Addr);
287 }
288
289
290 /* The first entry in an absolute procedure linkage table looks like
291 this. See the SVR4 ABI i386 supplement to see how this works. */
292 static const unsigned char elf_i386_plt0_entry[PLT_ENTRY_SIZE] =
293 {
294 0xff, 0x35, /* pushl contents of address */
295 0, 0, 0, 0, /* replaced with address of .got + 4. */
296 0xff, 0x25, /* jmp indirect */
297 0, 0, 0, 0, /* replaced with address of .got + 8. */
298 0x0f, 0x0b, /* ud2a, to prevent further decoding. */
299 0, 0 /* pad out to 16 bytes. */
300 };
301
302 /* Type describing the first PLT entry in non-PIC. */
303 struct plt0_entry
304 {
305 /* First a 'push' of the second GOT entry. */
306 unsigned char push_instr[2];
307 uint32_t gotp4_addr;
308 /* Second, a 'jmp indirect' to the third GOT entry. */
309 unsigned char jmp_instr[2];
310 uint32_t gotp8_addr;
311 /* Padding. */
312 unsigned char padding[4];
313 } __attribute__ ((packed));
314
315 /* The first entry in a PIC procedure linkage table look like this. */
316 static const unsigned char elf_i386_pic_plt0_entry[PLT_ENTRY_SIZE] =
317 {
318 0xff, 0xb3, 4, 0, 0, 0, /* pushl 4(%ebx) */
319 0xff, 0xa3, 8, 0, 0, 0, /* jmp *8(%ebx) */
320 0x0f, 0x0b, /* ud2a, to prevent further decoding. */
321 0, 0 /* pad out to 16 bytes. */
322 };
323
324 /* Contents of all but the first PLT entry in executable. */
325 static const unsigned char elf_i386_plt_entry[PLT_ENTRY_SIZE] =
326 {
327 0xff, 0x25, /* jmp indirect */
328 0, 0, 0, 0, /* replaced with address of this symbol in .got. */
329 0x68, /* pushl immediate */
330 0, 0, 0, 0, /* replaced with offset into relocation table. */
331 0xe9, /* jmp relative */
332 0, 0, 0, 0 /* replaced with offset to start of .plt. */
333 };
334
335 /* Contents of all but the first PLT entry in DSOs. */
336 static const unsigned char elf_i386_pic_plt_entry[PLT_ENTRY_SIZE] =
337 {
338 0xff, 0xa3, /* jmp *offset(%ebx) */
339 0, 0, 0, 0, /* replaced with offset of this symbol in .got. */
340 0x68, /* pushl immediate */
341 0, 0, 0, 0, /* replaced with offset into relocation table. */
342 0xe9, /* jmp relative */
343 0, 0, 0, 0 /* replaced with offset to start of .plt. */
344 };
345
346 /* Type describing a PLT entry. */
347 struct plt_entry
348 {
349 /* The first instruction is 'jmp indirect' or 'jmp *offset(%ebs)'. */
350 unsigned char jmp_instr[2];
351 uint32_t offset_got;
352 /* The second instruction is 'push immediate'. */
353 unsigned char push_instr;
354 uint32_t push_imm;
355 /* Finally a 'jmp relative'. */
356 unsigned char jmp_instr2;
357 uint32_t plt0_offset;
358 } __attribute__ ((packed));
359
360
361 static void
elf_i386_finalize_plt(struct ld_state * statep,size_t nsym,size_t nsym_local,struct symbol ** ndxtosym)362 elf_i386_finalize_plt (struct ld_state *statep, size_t nsym,
363 size_t nsym_local, struct symbol **ndxtosym)
364 {
365 if (unlikely (statep->nplt + statep->ngot == 0))
366 /* Nothing to be done. */
367 return;
368
369 Elf_Scn *scn;
370 XElf_Shdr_vardef (shdr);
371 Elf_Data *data;
372 const bool build_dso = statep->file_type == dso_file_type;
373
374 /* Get the address of the .got.plt section. */
375 scn = elf_getscn (statep->outelf, statep->gotpltscnidx);
376 xelf_getshdr (scn, shdr);
377 data = elf_getdata (scn, NULL);
378 assert (shdr != NULL && data != NULL);
379 /* The address points to the .got.plt section, not the .got section. */
380 Elf32_Addr gotaddr = shdr->sh_addr;
381
382 /* Now create the initial values for the .got.plt section. The
383 first word contains the address of the .dynamic section. The
384 second and third entry are left empty for use by the dynamic
385 linker. The following entries are pointers to the instructions
386 following the initial jmp instruction in the corresponding PLT
387 entry. */
388 xelf_getshdr (elf_getscn (statep->outelf, statep->dynamicscnidx), shdr);
389 assert (shdr != NULL);
390 ((Elf32_Word *) data->d_buf)[0] = shdr->sh_addr;
391
392 /* The PLT contains code which a user of a function jumps to. The first
393 PLT entry is special, so the first used one has the index 1. */
394 scn = elf_getscn (statep->outelf, statep->pltscnidx);
395 XElf_Shdr_vardef (pltshdr);
396 xelf_getshdr (scn, pltshdr);
397 assert (pltshdr != NULL);
398
399 Elf_Data *dynsymdata = elf_getdata (elf_getscn (statep->outelf,
400 statep->dynsymscnidx), NULL);
401 assert (dynsymdata != NULL);
402
403 Elf_Data *symdata = NULL;
404 if (statep->symscnidx != 0)
405 {
406 symdata = elf_getdata (elf_getscn (statep->outelf, statep->symscnidx),
407 NULL);
408 assert (symdata != NULL);
409 }
410
411 /* Create the .plt section. */
412 scn = elf_getscn (statep->outelf, statep->pltscnidx);
413 Elf_Data *pltdata = elf_getdata (scn, NULL);
414 assert (pltdata != NULL);
415
416 /* Also create the .rel.plt section data. It simply means relocations
417 addressing the corresponding entry in the .got.plt section. The
418 section name is misleading. */
419 scn = elf_getscn (statep->outelf, statep->pltrelscnidx);
420 xelf_getshdr (scn, shdr);
421 Elf_Data *reldata = elf_getdata (scn, NULL);
422 assert (shdr != NULL && reldata != NULL);
423
424 /* Update the sh_link to point to the section being modified. We
425 point it here (correctly) to the .got.plt section. Some linkers
426 (e.g., the GNU binutils linker) point to the .plt section. This
427 is wrong since the .plt section isn't modified even though the
428 name .rel.plt suggests that this is correct. */
429 shdr->sh_link = statep->dynsymscnidx;
430 shdr->sh_info = statep->gotpltscnidx;
431 (void) xelf_update_shdr (scn, shdr);
432
433 /* Create the first entry of the .plt section. */
434 assert (pltdata->d_size >= PLT_ENTRY_SIZE);
435 if (build_dso)
436 /* Copy the entry. It's complete, no relocation needed. */
437 memcpy (pltdata->d_buf, elf_i386_pic_plt0_entry, PLT_ENTRY_SIZE);
438 else
439 {
440 /* Copy the skeleton. */
441 memcpy (pltdata->d_buf, elf_i386_plt0_entry, PLT_ENTRY_SIZE);
442
443 /* And fill in the addresses. */
444 struct plt0_entry *addr = (struct plt0_entry *) pltdata->d_buf;
445 addr->gotp4_addr = target_bswap_32 (gotaddr + 4);
446 addr->gotp8_addr = target_bswap_32 (gotaddr + 8);
447 }
448
449 /* For DSOs we need GOT offsets, otherwise the GOT address. */
450 Elf32_Addr gotaddr_off = build_dso ? 0 : gotaddr;
451
452 /* Create the remaining entries. */
453 const unsigned char *plt_template
454 = build_dso ? elf_i386_pic_plt_entry : elf_i386_plt_entry;
455
456 for (size_t idx = nsym_local; idx < nsym; ++idx)
457 {
458 struct symbol *symbol = ndxtosym[idx];
459 if (symbol == NULL || symbol->type != STT_FUNC
460 || ndxtosym[idx]->outdynsymidx == 0
461 // XXX is the following test correct?
462 || ! ndxtosym[idx]->in_dso)
463 continue;
464
465 size_t pltidx = symbol->merge.value;
466
467 assert (pltidx > 0);
468 assert ((3 + pltidx) * sizeof (Elf32_Word) <= data->d_size);
469
470 /* Address in the PLT. */
471 Elf32_Addr pltentryaddr = (pltshdr->sh_addr + pltidx * PLT_ENTRY_SIZE);
472
473 /* Point the GOT entry at the PLT entry, after the initial jmp. */
474 ((Elf32_Word *) data->d_buf)[2 + pltidx] = pltentryaddr + 6;
475
476 /* If the symbol is defined, adjust the address. */
477 if (((Elf32_Sym *) dynsymdata->d_buf)[ndxtosym[idx]->outdynsymidx].st_shndx != SHN_UNDEF)
478 {
479 /* The value of the symbol is the address of the corresponding PLT
480 entry. Store the address, also for the normal symbol table if
481 this is necessary. */
482 ((Elf32_Sym *) dynsymdata->d_buf)[pltidx].st_value = pltentryaddr;
483
484 if (symdata != NULL)
485 {
486 assert(nsym - statep->nplt + (pltidx - 1) == idx);
487 ((Elf32_Sym *) symdata->d_buf)[nsym - statep->nplt
488 + (pltidx - 1)].st_value
489 = pltentryaddr;
490 }
491 }
492
493 /* Copy the PLT entry template. */
494 assert (pltdata->d_size >= (1 + pltidx) * PLT_ENTRY_SIZE);
495 struct plt_entry *addr = (struct plt_entry *) ((char *) pltdata->d_buf
496 + (pltidx
497 * PLT_ENTRY_SIZE));
498 memcpy (addr, plt_template, PLT_ENTRY_SIZE);
499
500 /* And once more, fill in the addresses. First the address of
501 this symbol in .got. */
502 addr->offset_got = target_bswap_32 (gotaddr_off
503 + (2 + pltidx) * sizeof (Elf32_Addr));
504 /* Offset into relocation table. */
505 addr->push_imm = target_bswap_32 ((pltidx - 1) * sizeof (Elf32_Rel));
506 /* Offset to start of .plt. */
507 addr->plt0_offset = target_bswap_32 (-(1 + pltidx) * PLT_ENTRY_SIZE);
508
509
510 XElf_Rel_vardef (rel);
511 assert (pltidx * sizeof (Elf32_Rel) <= reldata->d_size);
512 xelf_getrel_ptr (reldata, pltidx - 1, rel);
513 rel->r_offset = gotaddr + (2 + pltidx) * sizeof (Elf32_Addr);
514 /* The symbol table entries for the functions from DSOs are at
515 the beginning of the symbol table. */
516 rel->r_info = XELF_R_INFO (ndxtosym[idx]->outdynsymidx, R_386_JMP_SLOT);
517 (void) xelf_update_rel (reldata, pltidx - 1, rel);
518 }
519 }
520
521
522 static int
elf_i386_rel_type(struct ld_state * statep)523 elf_i386_rel_type (struct ld_state *statep __attribute__ ((__unused__)))
524 {
525 /* ELF/i386 uses REL. */
526 return DT_REL;
527 }
528
529
530 static void
elf_i386_count_relocations(struct ld_state * statep,struct scninfo * scninfo)531 elf_i386_count_relocations (struct ld_state *statep, struct scninfo *scninfo)
532 {
533 /* We go through the list of input sections and count those relocations
534 which are not handled by the linker. At the same time we have to
535 see how many GOT entries we need and how much .bss space is needed
536 for copy relocations. */
537 Elf_Data *data = elf_getdata (scninfo->scn, NULL);
538 XElf_Shdr *shdr = &SCNINFO_SHDR (scninfo->shdr);
539 size_t maxcnt = shdr->sh_size / shdr->sh_entsize;
540 size_t relsize = 0;
541 size_t cnt;
542 struct symbol *sym;
543
544 assert (shdr->sh_type == SHT_REL);
545
546 for (cnt = 0; cnt < maxcnt; ++cnt)
547 {
548 XElf_Rel_vardef (rel);
549
550 xelf_getrel (data, cnt, rel);
551 /* XXX Should we complain about failing accesses? */
552 if (rel != NULL)
553 {
554 Elf32_Word r_sym = XELF_R_SYM (rel->r_info);
555
556 /* Symbols in COMDAT group sections which are discarded do
557 not have to be relocated. */
558 if (r_sym >= scninfo->fileinfo->nlocalsymbols
559 && unlikely (scninfo->fileinfo->symref[r_sym] == NULL))
560 continue;
561
562 switch (XELF_R_TYPE (rel->r_info))
563 {
564 case R_386_GOT32:
565 if (! scninfo->fileinfo->symref[r_sym]->defined
566 || scninfo->fileinfo->symref[r_sym]->in_dso
567 || statep->file_type == dso_file_type)
568 {
569 relsize += sizeof (Elf32_Rel);
570 ++statep->nrel_got;
571 }
572
573 /* Even if this relocation is not emitted in the output
574 file it requires a GOT entry. */
575 ++statep->ngot;
576
577 /* FALLTHROUGH */
578
579 case R_386_GOTOFF:
580 case R_386_GOTPC:
581 statep->need_got = true;
582 break;
583
584 case R_386_32:
585 case R_386_PC32:
586 /* These relocations cause text relocations in DSOs. */
587 if (linked_from_dso_p (scninfo, r_sym))
588 {
589 if (statep->file_type == dso_file_type)
590 {
591 relsize += sizeof (Elf32_Rel);
592 // XXX Do we have to check whether the target
593 // XXX section is read-only first?
594 statep->dt_flags |= DF_TEXTREL;
595 }
596 else
597 {
598 /* Non-function objects from a DSO need to get a
599 copy relocation. */
600 sym = scninfo->fileinfo->symref[r_sym];
601
602 /* Only do this if we have not requested a copy
603 relocation already. */
604 if (unlikely (sym->type != STT_FUNC) && ! sym->need_copy)
605 {
606 sym->need_copy = 1;
607 ++statep->ncopy;
608 relsize += sizeof (Elf32_Rel);
609 }
610 }
611 }
612 else if (statep->file_type == dso_file_type
613 && XELF_R_TYPE (rel->r_info) == R_386_32)
614 relsize += sizeof (Elf32_Rel);
615
616 break;
617
618 case R_386_PLT32:
619 /* We might need a PLT entry. But we cannot say for sure
620 here since one of the symbols might turn up being
621 defined in the executable (if we create such a thing).
622 If a DSO is created we still might use a local
623 definition.
624
625 If the symbol is not defined and we are not creating
626 a statically linked binary, then we need in any case
627 a PLT entry. */
628 if (! scninfo->fileinfo->symref[r_sym]->defined
629 && !statep->statically)
630 {
631 sym = scninfo->fileinfo->symref[r_sym];
632 sym->type = STT_FUNC;
633 sym->in_dso = 1;
634 sym->defined = 1;
635
636 /* Remove from the list of unresolved symbols. */
637 --statep->nunresolved;
638 if (! sym->weak)
639 --statep->nunresolved_nonweak;
640 CDBL_LIST_DEL (statep->unresolved, sym);
641
642 /* Add to the list of symbols we expect from a DSO. */
643 ++statep->nplt;
644 ++statep->nfrom_dso;
645 CDBL_LIST_ADD_REAR (statep->from_dso, sym);
646 }
647 break;
648
649 case R_386_TLS_LDO_32:
650 if (statep->file_type != executable_file_type)
651 abort ();
652 /* We do not need a relocation in the output file. */
653 break;
654
655 case R_386_TLS_LE:
656 /* We never need a relocation in the output file. */
657 break;
658
659 case R_386_TLS_IE:
660 if (statep->file_type == dso_file_type)
661 error (EXIT_FAILURE, 0, gettext ("initial-executable TLS relocation cannot be used "));
662 if (!scninfo->fileinfo->symref[r_sym]->defined
663 || scninfo->fileinfo->symref[r_sym]->in_dso)
664 {
665 abort ();
666 }
667 break;
668
669 case R_386_TLS_GD:
670 if (statep->file_type != executable_file_type
671 || !scninfo->fileinfo->symref[r_sym]->defined
672 || scninfo->fileinfo->symref[r_sym]->in_dso)
673 {
674 abort ();
675 }
676 break;
677
678 case R_386_TLS_GOTIE:
679 case R_386_TLS_LDM:
680 case R_386_TLS_GD_32:
681 case R_386_TLS_GD_PUSH:
682 case R_386_TLS_GD_CALL:
683 case R_386_TLS_GD_POP:
684 case R_386_TLS_LDM_32:
685 case R_386_TLS_LDM_PUSH:
686 case R_386_TLS_LDM_CALL:
687 case R_386_TLS_LDM_POP:
688 case R_386_TLS_IE_32:
689 case R_386_TLS_LE_32:
690 /* XXX */
691 abort ();
692 break;
693
694 case R_386_NONE:
695 /* Nothing to be done. */
696 break;
697
698 /* These relocation should never be generated by an
699 assembler. */
700 case R_386_COPY:
701 case R_386_GLOB_DAT:
702 case R_386_JMP_SLOT:
703 case R_386_RELATIVE:
704 case R_386_TLS_DTPMOD32:
705 case R_386_TLS_DTPOFF32:
706 case R_386_TLS_TPOFF32:
707 /* Unknown relocation. */
708 default:
709 abort ();
710 }
711 }
712 }
713
714 scninfo->relsize = relsize;
715 }
716
717
718 static void
elf_i386_create_relocations(struct ld_state * statep,const Elf32_Word * dblindirect)719 elf_i386_create_relocations (struct ld_state *statep,
720 const Elf32_Word *dblindirect __attribute__ ((unused)))
721 {
722 /* Get the address of the got section. */
723 Elf_Scn *pltscn = elf_getscn (statep->outelf, statep->pltscnidx);
724 Elf32_Shdr *shdr = elf32_getshdr (pltscn);
725 assert (shdr != NULL);
726 Elf32_Addr pltaddr = shdr->sh_addr;
727
728 Elf_Scn *gotscn = elf_getscn (statep->outelf, statep->gotscnidx);
729 // XXX Adjust the address, if necessary, for relro
730 Elf_Data *gotdata = NULL;
731 if (statep->need_got)
732 {
733 gotdata = elf_getdata (gotscn, NULL);
734 assert (gotdata != NULL);
735 }
736
737 Elf_Scn *gotpltscn = elf_getscn (statep->outelf, statep->gotpltscnidx);
738 shdr = elf32_getshdr (gotpltscn);
739 assert (shdr != NULL);
740 Elf32_Addr gotaddr = shdr->sh_addr;
741
742 Elf_Scn *reldynscn = elf_getscn (statep->outelf, statep->reldynscnidx);
743 Elf_Data *reldyndata = elf_getdata (reldynscn, NULL);
744 assert (reldyndata != NULL);
745
746 size_t nreldyn = 0;
747 size_t ngotconst = statep->nrel_got;
748
749 struct scninfo *first = statep->rellist->next;
750 struct scninfo *runp = first;
751 do
752 {
753 XElf_Shdr *rshdr = &SCNINFO_SHDR (runp->shdr);
754 Elf_Data *reldata = elf_getdata (runp->scn, NULL);
755 int nrels = rshdr->sh_size / rshdr->sh_entsize;
756
757 /* We will need the following values a couple of times. Help
758 the compiler and improve readability. */
759 struct symbol **symref = runp->fileinfo->symref;
760 struct scninfo *scninfo = runp->fileinfo->scninfo;
761
762 /* This is the offset of the input section we are looking at in
763 the output file. */
764 XElf_Addr inscnoffset = scninfo[rshdr->sh_info].offset;
765
766 /* The target section. We use the data from the input file. */
767 Elf_Data *data = elf_getdata (scninfo[rshdr->sh_info].scn, NULL);
768
769 /* We cannot handle relocations against merge-able sections. */
770 assert ((SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_flags
771 & SHF_MERGE) == 0);
772
773 /* Cache the access to the symbol table data. */
774 Elf_Data *symdata = elf_getdata (scninfo[rshdr->sh_link].scn, NULL);
775
776 for (int cnt = 0; cnt < nrels; ++cnt)
777 {
778 XElf_Rel_vardef (rel);
779 XElf_Rel *rel2;
780 xelf_getrel (reldata, cnt, rel);
781 assert (rel != NULL);
782 XElf_Addr reladdr = inscnoffset + rel->r_offset;
783 XElf_Addr value;
784
785 size_t idx = XELF_R_SYM (rel->r_info);
786 if (idx < runp->fileinfo->nlocalsymbols)
787 {
788 XElf_Sym_vardef (sym);
789 xelf_getsym (symdata, idx, sym);
790
791 /* The value only depends on the position of the referenced
792 section in the output file and the addend. */
793 value = scninfo[sym->st_shndx].offset + sym->st_value;
794 }
795 else
796 {
797 if (symref[idx] == NULL)
798 /* Symbol in ignored COMDAT group section. */
799 continue;
800
801 value = symref[idx]->merge.value;
802 if (symref[idx]->in_dso)
803 {
804 /* MERGE.VALUE contains the PLT index. If this is not for
805 a function the actual value will be computed later. */
806 assert (value != 0 || symref[idx]->type != STT_FUNC);
807 value = pltaddr + value * PLT_ENTRY_SIZE;
808 }
809 }
810
811 /* Address of the relocated memory in the data buffer. */
812 unsigned char *relloc = (unsigned char *) data->d_buf + rel->r_offset;
813
814 uint32_t thisgotidx;
815 switch (XELF_R_TYPE (rel->r_info))
816 {
817 /* These three cases can be handled together since the
818 symbol associated with the R_386_GOTPC relocation is
819 _GLOBAL_OFFSET_TABLE_ which has a value corresponding
820 to the address of the GOT and the address of the PLT
821 entry required for R_386_PLT32 is computed above. */
822 case R_386_PC32:
823 case R_386_GOTPC:
824 case R_386_PLT32:
825 value -= reladdr;
826 /* FALLTHROUGH */
827
828 case R_386_32:
829 if (linked_from_dso_p (scninfo, idx)
830 && statep->file_type != dso_file_type
831 && symref[idx]->type != STT_FUNC)
832 {
833 value = (ld_state.copy_section->offset
834 + symref[idx]->merge.value);
835
836 if (unlikely (symref[idx]->need_copy))
837 {
838 /* Add a relocation to initialize the GOT entry. */
839 assert (symref[idx]->outdynsymidx != 0);
840 #if NATIVE_ELF != 0
841 xelf_getrel_ptr (reldyndata, nreldyn, rel2);
842 #else
843 rel2 = &rel_mem;
844 #endif
845 rel2->r_offset = value;
846 rel2->r_info
847 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_COPY);
848 (void) xelf_update_rel (reldyndata, nreldyn, rel2);
849 ++nreldyn;
850 assert (nreldyn <= statep->nrel_got);
851
852 /* Update the symbol table record for the new
853 address. */
854 Elf32_Word symidx = symref[idx]->outdynsymidx;
855 Elf_Scn *symscn = elf_getscn (statep->outelf,
856 statep->dynsymscnidx);
857 Elf_Data *outsymdata = elf_getdata (symscn, NULL);
858 assert (outsymdata != NULL);
859 XElf_Sym_vardef (sym);
860 xelf_getsym (outsymdata, symidx, sym);
861 sym->st_value = value;
862 sym->st_shndx = statep->copy_section->outscnndx;
863 (void) xelf_update_sym (outsymdata, symidx, sym);
864
865 symidx = symref[idx]->outsymidx;
866 if (symidx != 0)
867 {
868 symidx = statep->dblindirect[symidx];
869 symscn = elf_getscn (statep->outelf,
870 statep->symscnidx);
871 outsymdata = elf_getdata (symscn, NULL);
872 assert (outsymdata != NULL);
873 xelf_getsym (outsymdata, symidx, sym);
874 sym->st_value = value;
875 sym->st_shndx = statep->copy_section->outscnndx;
876 (void) xelf_update_sym (outsymdata, symidx, sym);
877 }
878
879 /* Remember that we set up the copy relocation. */
880 symref[idx]->need_copy = 0;
881 }
882 }
883 else if (statep->file_type == dso_file_type
884 && XELF_R_TYPE (rel->r_info) == R_386_32)
885 {
886 #if NATIVE_ELF != 0
887 xelf_getrel_ptr (reldyndata, nreldyn, rel2);
888 #else
889 rel2 = &rel_mem;
890 #endif
891 rel2->r_offset = value;
892
893 /* For symbols we do not export we generate a relative
894 relocation. */
895 if (idx < SCNINFO_SHDR (scninfo[rshdr->sh_link].shdr).sh_info
896 || symref[idx]->outdynsymidx == 0)
897 rel2->r_info = XELF_R_INFO (0, R_386_RELATIVE);
898 else
899 rel2->r_info
900 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_32);
901 (void) xelf_update_rel (reldyndata, nreldyn, rel2);
902 ++nreldyn;
903 assert (nreldyn <= statep->nrel_got);
904
905 value = 0;
906 }
907 add_4ubyte_unaligned (relloc, value);
908 break;
909
910 case R_386_GOT32:
911 if (! symref[idx]->defined || symref[idx]->in_dso)
912 {
913 thisgotidx = nreldyn++;
914 assert (thisgotidx < statep->nrel_got);
915
916 /* Add a relocation to initialize the GOT entry. */
917 #if NATIVE_ELF != 0
918 xelf_getrel_ptr (reldyndata, thisgotidx, rel2);
919 #else
920 rel2 = &rel_mem;
921 #endif
922 rel2->r_offset = gotaddr + ((thisgotidx - statep->ngot)
923 * sizeof (Elf32_Addr));
924 rel2->r_info
925 = XELF_R_INFO (symref[idx]->outdynsymidx, R_386_GLOB_DAT);
926 (void) xelf_update_rel (reldyndata, thisgotidx, rel2);
927 }
928 else if (statep->file_type != dso_file_type)
929 {
930 thisgotidx = ngotconst++;
931 assert (thisgotidx < statep->ngot);
932
933 /* We have to use a GOT since the generated code
934 requires it but we know the address and therefore
935 do not need a relocation. */
936 ((uint32_t *) gotdata->d_buf)[thisgotidx] = value;
937 }
938 else
939 {
940 thisgotidx = nreldyn++;
941 assert (thisgotidx < statep->nrel_got);
942
943 // XXX generate a relative relocation.
944 abort ();
945 }
946
947 store_4ubyte_unaligned (relloc,
948 (thisgotidx - statep->ngot)
949 * sizeof (Elf32_Addr));
950 break;
951
952 case R_386_GOTOFF:
953 add_4ubyte_unaligned (relloc, value - gotaddr);
954 break;
955
956 case R_386_TLS_LE:
957 value = symref[idx]->merge.value - ld_state.tls_tcb;
958 store_4ubyte_unaligned (relloc, value);
959 break;
960
961 case R_386_TLS_IE:
962 if (symref[idx]->defined && !symref[idx]->in_dso)
963 {
964 /* The symbol is defined in the executable.
965 Perform the IE->LE optimization.
966 There are multiple versions, though.
967
968 First version: mov ADDR,REG. */
969 if (relloc[-2] == 0x8b
970 && ((relloc[-1] & 0xc7) == 0x05))
971 {
972 relloc[-2] = 0xc7;
973 relloc[-1] = 0xc0 | ((relloc[-1] >> 3) & 7);
974 store_4ubyte_unaligned (relloc, (symref[idx]->merge.value
975 - ld_state.tls_tcb));
976 }
977 else
978 {
979 abort ();
980 }
981 }
982 else
983 {
984 abort ();
985 }
986 break;
987
988 case R_386_TLS_LDO_32:
989 value = symref[idx]->merge.value - ld_state.tls_start;
990 store_4ubyte_unaligned (relloc, value);
991 break;
992
993 case R_386_TLS_GD:
994 if (ld_state.file_type == executable_file_type)
995 {
996 if (symref[idx]->defined && !symref[idx]->in_dso)
997 {
998 /* The symbol is defined in the executable.
999 Perform the GD->LE optimization. */
1000 static const char gd_to_le[] =
1001 {
1002 /* mov %gs:0x0,%eax */
1003 0x65, 0xa1, 0x00, 0x00, 0x00, 0x00,
1004 /* sub $OFFSET,%eax */
1005 0x81, 0xe8
1006 };
1007 #ifndef NDEBUG
1008 static const char gd_text[] =
1009 {
1010 /* lea 0x0(,%ebx,1),%eax */
1011 0x8d, 0x04, 0x1d, 0x00, 0x00, 0x00, 0x00,
1012 /* call ___tls_get_addr */
1013 0xe8
1014 };
1015 assert (memcmp (relloc - 3, gd_text, sizeof (gd_text))
1016 == 0);
1017 #endif
1018 relloc = mempcpy (relloc - 3, gd_to_le,
1019 sizeof (gd_to_le));
1020 value = ld_state.tls_tcb- symref[idx]->merge.value;
1021 store_4ubyte_unaligned (relloc, value);
1022
1023 /* We have to skip over the next relocation which is
1024 the matching R_i386_PLT32 for __tls_get_addr. */
1025 ++cnt;
1026 #ifndef NDEBUG
1027 assert (cnt < nrels);
1028 XElf_Off old_offset = rel->r_offset;
1029 xelf_getrel (reldata, cnt, rel);
1030 assert (rel != NULL);
1031 assert (XELF_R_TYPE (rel->r_info) == R_386_PLT32);
1032 idx = XELF_R_SYM (rel->r_info);
1033 assert (strcmp (symref[idx]->name, "___tls_get_addr")
1034 == 0);
1035 assert (old_offset + 5 == rel->r_offset);
1036 #endif
1037
1038 break;
1039 }
1040 }
1041 abort ();
1042 break;
1043
1044 case R_386_32PLT:
1045 case R_386_TLS_TPOFF:
1046 case R_386_TLS_GOTIE:
1047 case R_386_TLS_LDM:
1048 case R_386_16:
1049 case R_386_PC16:
1050 case R_386_8:
1051 case R_386_PC8:
1052 case R_386_TLS_GD_32:
1053 case R_386_TLS_GD_PUSH:
1054 case R_386_TLS_GD_CALL:
1055 case R_386_TLS_GD_POP:
1056 case R_386_TLS_LDM_32:
1057 case R_386_TLS_LDM_PUSH:
1058 case R_386_TLS_LDM_CALL:
1059 case R_386_TLS_LDM_POP:
1060 case R_386_TLS_IE_32:
1061 case R_386_TLS_LE_32:
1062 // XXX For now fall through
1063 break;
1064
1065 case R_386_NONE:
1066 /* Nothing to do. */
1067 break;
1068
1069 case R_386_COPY:
1070 case R_386_JMP_SLOT:
1071 case R_386_RELATIVE:
1072 case R_386_GLOB_DAT:
1073 case R_386_TLS_DTPMOD32:
1074 case R_386_TLS_DTPOFF32:
1075 case R_386_TLS_TPOFF32:
1076 default:
1077 /* Should not happen. */
1078 abort ();
1079 }
1080 }
1081 }
1082 while ((runp = runp->next) != first);
1083 }
1084
1085
1086 int
elf_i386_ld_init(struct ld_state * statep)1087 elf_i386_ld_init (struct ld_state *statep)
1088 {
1089 /* We have a few callbacks available. */
1090 old_open_outfile = statep->callbacks.open_outfile;
1091 statep->callbacks.open_outfile = elf_i386_open_outfile;
1092
1093 statep->callbacks.relocate_section = elf_i386_relocate_section;
1094
1095 statep->callbacks.initialize_plt = elf_i386_initialize_plt;
1096 statep->callbacks.initialize_pltrel = elf_i386_initialize_pltrel;
1097
1098 statep->callbacks.initialize_got = elf_i386_initialize_got;
1099 statep->callbacks.initialize_gotplt = elf_i386_initialize_gotplt;
1100
1101 statep->callbacks.finalize_plt = elf_i386_finalize_plt;
1102
1103 statep->callbacks.rel_type = elf_i386_rel_type;
1104
1105 statep->callbacks.count_relocations = elf_i386_count_relocations;
1106
1107 statep->callbacks.create_relocations = elf_i386_create_relocations;
1108
1109 return 0;
1110 }
1111