[v5,2/3] gold: Add GNU_PROPERTY_MEMORY_SEAL gnu property
Checks
Commit Message
Similar to the ld.bfd, with the -z,memory-seal and -z,no-memory-seal
which adds the .gnu.attribute GNU_PROPERTY_MEMORY_SEAL.
Change-Id: I31e194479912d3f468d5e5132a6eb566ed9aca78
---
elfcpp/elfcpp.h | 1 +
gold/NEWS | 3 ++
gold/layout.cc | 4 +++
gold/options.h | 3 ++
gold/testsuite/Makefile.am | 19 ++++++++++++
gold/testsuite/Makefile.in | 26 +++++++++++++++--
gold/testsuite/memory_seal_main.c | 5 ++++
gold/testsuite/memory_seal_shared.c | 7 +++++
gold/testsuite/memory_seal_test.sh | 45 +++++++++++++++++++++++++++++
9 files changed, 110 insertions(+), 3 deletions(-)
create mode 100644 gold/testsuite/memory_seal_main.c
create mode 100644 gold/testsuite/memory_seal_shared.c
create mode 100755 gold/testsuite/memory_seal_test.sh
Comments
On Fri, Jan 3, 2025 at 3:20 AM Adhemerval Zanella
<adhemerval.zanella@linaro.org> wrote:
>
> Similar to the ld.bfd, with the -z,memory-seal and -z,no-memory-seal
> which adds the .gnu.attribute GNU_PROPERTY_MEMORY_SEAL.
Does this ignore GNU_PROPERTY_MEMORY_SEAL in input .o files?
Please add a test to verify it.
> Change-Id: I31e194479912d3f468d5e5132a6eb566ed9aca78
> ---
> elfcpp/elfcpp.h | 1 +
> gold/NEWS | 3 ++
> gold/layout.cc | 4 +++
> gold/options.h | 3 ++
> gold/testsuite/Makefile.am | 19 ++++++++++++
> gold/testsuite/Makefile.in | 26 +++++++++++++++--
> gold/testsuite/memory_seal_main.c | 5 ++++
> gold/testsuite/memory_seal_shared.c | 7 +++++
> gold/testsuite/memory_seal_test.sh | 45 +++++++++++++++++++++++++++++
> 9 files changed, 110 insertions(+), 3 deletions(-)
> create mode 100644 gold/testsuite/memory_seal_main.c
> create mode 100644 gold/testsuite/memory_seal_shared.c
> create mode 100755 gold/testsuite/memory_seal_test.sh
>
> diff --git a/elfcpp/elfcpp.h b/elfcpp/elfcpp.h
> index 3ceddbda19c..1b7a1f7f8ac 100644
> --- a/elfcpp/elfcpp.h
> +++ b/elfcpp/elfcpp.h
> @@ -1023,6 +1023,7 @@ enum
> {
> GNU_PROPERTY_STACK_SIZE = 1,
> GNU_PROPERTY_NO_COPY_ON_PROTECTED = 2,
> + GNU_PROPERTY_MEMORY_SEAL = 3,
> GNU_PROPERTY_LOPROC = 0xc0000000,
> GNU_PROPERTY_X86_COMPAT_ISA_1_USED = 0xc0000000,
> GNU_PROPERTY_X86_COMPAT_ISA_1_NEEDED = 0xc0000001,
> diff --git a/gold/NEWS b/gold/NEWS
> index c0f4842e617..7fca7603476 100644
> --- a/gold/NEWS
> +++ b/gold/NEWS
> @@ -5,6 +5,9 @@
>
> * Remove support for -z bndplt (MPX prefix instructions).
>
> +* Add -z memory-seal/-z nomemory-seal options to ELF linker to mark the
> + object to memory sealed.
> +
> Changes in 1.16:
>
> * Improve warning messages for relocations that refer to discarded sections.
> diff --git a/gold/layout.cc b/gold/layout.cc
> index f690c67618e..8adace07676 100644
> --- a/gold/layout.cc
> +++ b/gold/layout.cc
> @@ -3277,6 +3277,10 @@ Layout::create_gnu_properties_note()
> {
> parameters->target().finalize_gnu_properties(this);
>
> + if (parameters->options().memory_seal())
> + this->add_gnu_property(elfcpp::NT_GNU_PROPERTY_TYPE_0,
> + elfcpp::GNU_PROPERTY_MEMORY_SEAL, 0, 0);
> +
> if (this->gnu_properties_.empty())
> return;
>
> diff --git a/gold/options.h b/gold/options.h
> index 4eb3678e9ec..441ba98acd7 100644
> --- a/gold/options.h
> +++ b/gold/options.h
> @@ -1546,6 +1546,9 @@ class General_options
> N_("Keep .text.hot, .text.startup, .text.exit and .text.unlikely "
> "as separate sections in the final binary."),
> N_("Merge all .text.* prefix sections."));
> + DEFINE_bool(memory_seal, options::DASH_Z, '\0', false,
> + N_("Mark object be memory sealed"),
> + N_("Don't mark oject to be memory sealed"));
>
>
> public:
> diff --git a/gold/testsuite/Makefile.am b/gold/testsuite/Makefile.am
> index 8f158ba20cc..f6eddea65fd 100644
> --- a/gold/testsuite/Makefile.am
> +++ b/gold/testsuite/Makefile.am
> @@ -4476,3 +4476,22 @@ package_metadata_test.o: package_metadata_main.c
> package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
> $(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
> $(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
> +
> +check_SCRIPTS += memory_seal_test.sh
> +check_DATA += memory_seal_test_1.stdout memory_seal_test_2.stdout
> +MOSTLYCLEANFILES += memory_seal_test
> +memory_seal_test_1.stdout: memory_seal_main
> + $(TEST_READELF) -n $< >$@
> +memory_seal_test_2.stdout: memory_seal_shared.so
> + $(TEST_READELF) -n $< >$@
> +memory_seal_main: gcctestdir/ld memory_seal_main.o
> + gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
> +memory_seal_main.o: memory_seal_main.c
> + $(COMPILE) -c -o $@ $<
> +memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
> + gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
> +memory_seal_shared.o: memory_seal_shared.c
> + $(COMPILE) -c -fPIC -o $@ $<
> +
> +
> +
> diff --git a/gold/testsuite/Makefile.in b/gold/testsuite/Makefile.in
> index 357dec0d4f9..e95e8ed5d08 100644
> --- a/gold/testsuite/Makefile.in
> +++ b/gold/testsuite/Makefile.in
> @@ -2888,7 +2888,7 @@ MOSTLYCLEANFILES = *.so *.syms *.stdout *.stderr $(am__append_4) \
> $(am__append_88) $(am__append_91) $(am__append_93) \
> $(am__append_102) $(am__append_105) $(am__append_108) \
> $(am__append_111) $(am__append_114) $(am__append_117) \
> - $(am__append_120) $(am__append_121)
> + $(am__append_120) $(am__append_121) memory_seal_test
>
> # We will add to these later, for each individual test. Note
> # that we add each test under check_SCRIPTS or check_PROGRAMS;
> @@ -2901,7 +2901,7 @@ check_SCRIPTS = $(am__append_2) $(am__append_21) $(am__append_25) \
> $(am__append_89) $(am__append_96) $(am__append_100) \
> $(am__append_103) $(am__append_106) $(am__append_109) \
> $(am__append_112) $(am__append_115) $(am__append_118) \
> - $(am__append_122)
> + $(am__append_122) memory_seal_test.sh
> check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
> $(am__append_32) $(am__append_38) $(am__append_45) \
> $(am__append_50) $(am__append_54) $(am__append_58) \
> @@ -2910,7 +2910,8 @@ check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
> $(am__append_90) $(am__append_97) $(am__append_101) \
> $(am__append_104) $(am__append_107) $(am__append_110) \
> $(am__append_113) $(am__append_116) $(am__append_119) \
> - $(am__append_123)
> + $(am__append_123) memory_seal_test_1.stdout \
> + memory_seal_test_2.stdout
> BUILT_SOURCES = $(am__append_42)
> TESTS = $(check_SCRIPTS) $(check_PROGRAMS)
>
> @@ -6524,6 +6525,13 @@ retain.sh.log: retain.sh
> --log-file $$b.log --trs-file $$b.trs \
> $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
> "$$tst" $(AM_TESTS_FD_REDIRECT)
> +memory_seal_test.sh.log: memory_seal_test.sh
> + @p='memory_seal_test.sh'; \
> + b='memory_seal_test.sh'; \
> + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
> + --log-file $$b.log --trs-file $$b.trs \
> + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
> + "$$tst" $(AM_TESTS_FD_REDIRECT)
> object_unittest.log: object_unittest$(EXEEXT)
> @p='object_unittest$(EXEEXT)'; \
> b='object_unittest'; \
> @@ -10524,6 +10532,18 @@ package_metadata_test.o: package_metadata_main.c
> package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
> $(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
> $(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
> +memory_seal_test_1.stdout: memory_seal_main
> + $(TEST_READELF) -n $< >$@
> +memory_seal_test_2.stdout: memory_seal_shared.so
> + $(TEST_READELF) -n $< >$@
> +memory_seal_main: gcctestdir/ld memory_seal_main.o
> + gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
> +memory_seal_main.o: memory_seal_main.c
> + $(COMPILE) -c -o $@ $<
> +memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
> + gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
> +memory_seal_shared.o: memory_seal_shared.c
> + $(COMPILE) -c -fPIC -o $@ $<
>
> # Tell versions [3.59,3.63) of GNU make to not export all variables.
> # Otherwise a system limit (for SysV at least) may be exceeded.
> diff --git a/gold/testsuite/memory_seal_main.c b/gold/testsuite/memory_seal_main.c
> new file mode 100644
> index 00000000000..77bc677e8eb
> --- /dev/null
> +++ b/gold/testsuite/memory_seal_main.c
> @@ -0,0 +1,5 @@
> +int
> +main(void)
> +{
> + return 0;
> +}
> diff --git a/gold/testsuite/memory_seal_shared.c b/gold/testsuite/memory_seal_shared.c
> new file mode 100644
> index 00000000000..8cf7b6143da
> --- /dev/null
> +++ b/gold/testsuite/memory_seal_shared.c
> @@ -0,0 +1,7 @@
> +int foo (void);
> +
> +int
> +foo(void)
> +{
> + return 0;
> +}
> diff --git a/gold/testsuite/memory_seal_test.sh b/gold/testsuite/memory_seal_test.sh
> new file mode 100755
> index 00000000000..c2194213445
> --- /dev/null
> +++ b/gold/testsuite/memory_seal_test.sh
> @@ -0,0 +1,45 @@
> +#!/bin/sh
> +
> +# memory_seal_test.sh -- test GNU_PROPERTY_MEMORY_SEAL gnu property
> +
> +# Copyright (C) 2018-2024 Free Software Foundation, Inc.
> +
> +# This file is part of gold.
> +
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 3 of the License, or
> +# (at your option) any later version.
> +
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +
> +# You should have received a copy of the GNU General Public License
> +# along with this program; if not, write to the Free Software
> +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
> +# MA 02110-1301, USA.
> +
> +# This script checks that after linking the three object files
> +# gnu_property_[abc].S, each of which contains a .note.gnu.property
> +# section, the resulting output has only a single such note section,
> +# and that the properties have been correctly combined.
> +
> +check()
> +{
> + if ! grep -q "$2" "$1"
> + then
> + echo "Did not find expected output in $1:"
> + echo " $2"
> + echo ""
> + echo "Actual output below:"
> + cat "$1"
> + exit 1
> + fi
> +}
> +
> +check memory_seal_test_1.stdout "memory seal"
> +check memory_seal_test_2.stdout "memory seal"
> +
> +exit 0
> --
> 2.43.0
>
On 02/01/25 18:51, H.J. Lu wrote:
> On Fri, Jan 3, 2025 at 3:20 AM Adhemerval Zanella
> <adhemerval.zanella@linaro.org> wrote:
>>
>> Similar to the ld.bfd, with the -z,memory-seal and -z,no-memory-seal
>> which adds the .gnu.attribute GNU_PROPERTY_MEMORY_SEAL.
>
> Does this ignore GNU_PROPERTY_MEMORY_SEAL in input .o files?
> Please add a test to verify it.
OK, I will add extra tests.
>
>> Change-Id: I31e194479912d3f468d5e5132a6eb566ed9aca78
>> ---
>> elfcpp/elfcpp.h | 1 +
>> gold/NEWS | 3 ++
>> gold/layout.cc | 4 +++
>> gold/options.h | 3 ++
>> gold/testsuite/Makefile.am | 19 ++++++++++++
>> gold/testsuite/Makefile.in | 26 +++++++++++++++--
>> gold/testsuite/memory_seal_main.c | 5 ++++
>> gold/testsuite/memory_seal_shared.c | 7 +++++
>> gold/testsuite/memory_seal_test.sh | 45 +++++++++++++++++++++++++++++
>> 9 files changed, 110 insertions(+), 3 deletions(-)
>> create mode 100644 gold/testsuite/memory_seal_main.c
>> create mode 100644 gold/testsuite/memory_seal_shared.c
>> create mode 100755 gold/testsuite/memory_seal_test.sh
>>
>> diff --git a/elfcpp/elfcpp.h b/elfcpp/elfcpp.h
>> index 3ceddbda19c..1b7a1f7f8ac 100644
>> --- a/elfcpp/elfcpp.h
>> +++ b/elfcpp/elfcpp.h
>> @@ -1023,6 +1023,7 @@ enum
>> {
>> GNU_PROPERTY_STACK_SIZE = 1,
>> GNU_PROPERTY_NO_COPY_ON_PROTECTED = 2,
>> + GNU_PROPERTY_MEMORY_SEAL = 3,
>> GNU_PROPERTY_LOPROC = 0xc0000000,
>> GNU_PROPERTY_X86_COMPAT_ISA_1_USED = 0xc0000000,
>> GNU_PROPERTY_X86_COMPAT_ISA_1_NEEDED = 0xc0000001,
>> diff --git a/gold/NEWS b/gold/NEWS
>> index c0f4842e617..7fca7603476 100644
>> --- a/gold/NEWS
>> +++ b/gold/NEWS
>> @@ -5,6 +5,9 @@
>>
>> * Remove support for -z bndplt (MPX prefix instructions).
>>
>> +* Add -z memory-seal/-z nomemory-seal options to ELF linker to mark the
>> + object to memory sealed.
>> +
>> Changes in 1.16:
>>
>> * Improve warning messages for relocations that refer to discarded sections.
>> diff --git a/gold/layout.cc b/gold/layout.cc
>> index f690c67618e..8adace07676 100644
>> --- a/gold/layout.cc
>> +++ b/gold/layout.cc
>> @@ -3277,6 +3277,10 @@ Layout::create_gnu_properties_note()
>> {
>> parameters->target().finalize_gnu_properties(this);
>>
>> + if (parameters->options().memory_seal())
>> + this->add_gnu_property(elfcpp::NT_GNU_PROPERTY_TYPE_0,
>> + elfcpp::GNU_PROPERTY_MEMORY_SEAL, 0, 0);
>> +
>> if (this->gnu_properties_.empty())
>> return;
>>
>> diff --git a/gold/options.h b/gold/options.h
>> index 4eb3678e9ec..441ba98acd7 100644
>> --- a/gold/options.h
>> +++ b/gold/options.h
>> @@ -1546,6 +1546,9 @@ class General_options
>> N_("Keep .text.hot, .text.startup, .text.exit and .text.unlikely "
>> "as separate sections in the final binary."),
>> N_("Merge all .text.* prefix sections."));
>> + DEFINE_bool(memory_seal, options::DASH_Z, '\0', false,
>> + N_("Mark object be memory sealed"),
>> + N_("Don't mark oject to be memory sealed"));
>>
>>
>> public:
>> diff --git a/gold/testsuite/Makefile.am b/gold/testsuite/Makefile.am
>> index 8f158ba20cc..f6eddea65fd 100644
>> --- a/gold/testsuite/Makefile.am
>> +++ b/gold/testsuite/Makefile.am
>> @@ -4476,3 +4476,22 @@ package_metadata_test.o: package_metadata_main.c
>> package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
>> $(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
>> $(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
>> +
>> +check_SCRIPTS += memory_seal_test.sh
>> +check_DATA += memory_seal_test_1.stdout memory_seal_test_2.stdout
>> +MOSTLYCLEANFILES += memory_seal_test
>> +memory_seal_test_1.stdout: memory_seal_main
>> + $(TEST_READELF) -n $< >$@
>> +memory_seal_test_2.stdout: memory_seal_shared.so
>> + $(TEST_READELF) -n $< >$@
>> +memory_seal_main: gcctestdir/ld memory_seal_main.o
>> + gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
>> +memory_seal_main.o: memory_seal_main.c
>> + $(COMPILE) -c -o $@ $<
>> +memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
>> + gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
>> +memory_seal_shared.o: memory_seal_shared.c
>> + $(COMPILE) -c -fPIC -o $@ $<
>> +
>> +
>> +
>> diff --git a/gold/testsuite/Makefile.in b/gold/testsuite/Makefile.in
>> index 357dec0d4f9..e95e8ed5d08 100644
>> --- a/gold/testsuite/Makefile.in
>> +++ b/gold/testsuite/Makefile.in
>> @@ -2888,7 +2888,7 @@ MOSTLYCLEANFILES = *.so *.syms *.stdout *.stderr $(am__append_4) \
>> $(am__append_88) $(am__append_91) $(am__append_93) \
>> $(am__append_102) $(am__append_105) $(am__append_108) \
>> $(am__append_111) $(am__append_114) $(am__append_117) \
>> - $(am__append_120) $(am__append_121)
>> + $(am__append_120) $(am__append_121) memory_seal_test
>>
>> # We will add to these later, for each individual test. Note
>> # that we add each test under check_SCRIPTS or check_PROGRAMS;
>> @@ -2901,7 +2901,7 @@ check_SCRIPTS = $(am__append_2) $(am__append_21) $(am__append_25) \
>> $(am__append_89) $(am__append_96) $(am__append_100) \
>> $(am__append_103) $(am__append_106) $(am__append_109) \
>> $(am__append_112) $(am__append_115) $(am__append_118) \
>> - $(am__append_122)
>> + $(am__append_122) memory_seal_test.sh
>> check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
>> $(am__append_32) $(am__append_38) $(am__append_45) \
>> $(am__append_50) $(am__append_54) $(am__append_58) \
>> @@ -2910,7 +2910,8 @@ check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
>> $(am__append_90) $(am__append_97) $(am__append_101) \
>> $(am__append_104) $(am__append_107) $(am__append_110) \
>> $(am__append_113) $(am__append_116) $(am__append_119) \
>> - $(am__append_123)
>> + $(am__append_123) memory_seal_test_1.stdout \
>> + memory_seal_test_2.stdout
>> BUILT_SOURCES = $(am__append_42)
>> TESTS = $(check_SCRIPTS) $(check_PROGRAMS)
>>
>> @@ -6524,6 +6525,13 @@ retain.sh.log: retain.sh
>> --log-file $$b.log --trs-file $$b.trs \
>> $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
>> "$$tst" $(AM_TESTS_FD_REDIRECT)
>> +memory_seal_test.sh.log: memory_seal_test.sh
>> + @p='memory_seal_test.sh'; \
>> + b='memory_seal_test.sh'; \
>> + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
>> + --log-file $$b.log --trs-file $$b.trs \
>> + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
>> + "$$tst" $(AM_TESTS_FD_REDIRECT)
>> object_unittest.log: object_unittest$(EXEEXT)
>> @p='object_unittest$(EXEEXT)'; \
>> b='object_unittest'; \
>> @@ -10524,6 +10532,18 @@ package_metadata_test.o: package_metadata_main.c
>> package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
>> $(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
>> $(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
>> +memory_seal_test_1.stdout: memory_seal_main
>> + $(TEST_READELF) -n $< >$@
>> +memory_seal_test_2.stdout: memory_seal_shared.so
>> + $(TEST_READELF) -n $< >$@
>> +memory_seal_main: gcctestdir/ld memory_seal_main.o
>> + gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
>> +memory_seal_main.o: memory_seal_main.c
>> + $(COMPILE) -c -o $@ $<
>> +memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
>> + gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
>> +memory_seal_shared.o: memory_seal_shared.c
>> + $(COMPILE) -c -fPIC -o $@ $<
>>
>> # Tell versions [3.59,3.63) of GNU make to not export all variables.
>> # Otherwise a system limit (for SysV at least) may be exceeded.
>> diff --git a/gold/testsuite/memory_seal_main.c b/gold/testsuite/memory_seal_main.c
>> new file mode 100644
>> index 00000000000..77bc677e8eb
>> --- /dev/null
>> +++ b/gold/testsuite/memory_seal_main.c
>> @@ -0,0 +1,5 @@
>> +int
>> +main(void)
>> +{
>> + return 0;
>> +}
>> diff --git a/gold/testsuite/memory_seal_shared.c b/gold/testsuite/memory_seal_shared.c
>> new file mode 100644
>> index 00000000000..8cf7b6143da
>> --- /dev/null
>> +++ b/gold/testsuite/memory_seal_shared.c
>> @@ -0,0 +1,7 @@
>> +int foo (void);
>> +
>> +int
>> +foo(void)
>> +{
>> + return 0;
>> +}
>> diff --git a/gold/testsuite/memory_seal_test.sh b/gold/testsuite/memory_seal_test.sh
>> new file mode 100755
>> index 00000000000..c2194213445
>> --- /dev/null
>> +++ b/gold/testsuite/memory_seal_test.sh
>> @@ -0,0 +1,45 @@
>> +#!/bin/sh
>> +
>> +# memory_seal_test.sh -- test GNU_PROPERTY_MEMORY_SEAL gnu property
>> +
>> +# Copyright (C) 2018-2024 Free Software Foundation, Inc.
>> +
>> +# This file is part of gold.
>> +
>> +# This program is free software; you can redistribute it and/or modify
>> +# it under the terms of the GNU General Public License as published by
>> +# the Free Software Foundation; either version 3 of the License, or
>> +# (at your option) any later version.
>> +
>> +# This program is distributed in the hope that it will be useful,
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> +# GNU General Public License for more details.
>> +
>> +# You should have received a copy of the GNU General Public License
>> +# along with this program; if not, write to the Free Software
>> +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
>> +# MA 02110-1301, USA.
>> +
>> +# This script checks that after linking the three object files
>> +# gnu_property_[abc].S, each of which contains a .note.gnu.property
>> +# section, the resulting output has only a single such note section,
>> +# and that the properties have been correctly combined.
>> +
>> +check()
>> +{
>> + if ! grep -q "$2" "$1"
>> + then
>> + echo "Did not find expected output in $1:"
>> + echo " $2"
>> + echo ""
>> + echo "Actual output below:"
>> + cat "$1"
>> + exit 1
>> + fi
>> +}
>> +
>> +check memory_seal_test_1.stdout "memory seal"
>> +check memory_seal_test_2.stdout "memory seal"
>> +
>> +exit 0
>> --
>> 2.43.0
>>
>
>
@@ -1023,6 +1023,7 @@ enum
{
GNU_PROPERTY_STACK_SIZE = 1,
GNU_PROPERTY_NO_COPY_ON_PROTECTED = 2,
+ GNU_PROPERTY_MEMORY_SEAL = 3,
GNU_PROPERTY_LOPROC = 0xc0000000,
GNU_PROPERTY_X86_COMPAT_ISA_1_USED = 0xc0000000,
GNU_PROPERTY_X86_COMPAT_ISA_1_NEEDED = 0xc0000001,
@@ -5,6 +5,9 @@
* Remove support for -z bndplt (MPX prefix instructions).
+* Add -z memory-seal/-z nomemory-seal options to ELF linker to mark the
+ object to memory sealed.
+
Changes in 1.16:
* Improve warning messages for relocations that refer to discarded sections.
@@ -3277,6 +3277,10 @@ Layout::create_gnu_properties_note()
{
parameters->target().finalize_gnu_properties(this);
+ if (parameters->options().memory_seal())
+ this->add_gnu_property(elfcpp::NT_GNU_PROPERTY_TYPE_0,
+ elfcpp::GNU_PROPERTY_MEMORY_SEAL, 0, 0);
+
if (this->gnu_properties_.empty())
return;
@@ -1546,6 +1546,9 @@ class General_options
N_("Keep .text.hot, .text.startup, .text.exit and .text.unlikely "
"as separate sections in the final binary."),
N_("Merge all .text.* prefix sections."));
+ DEFINE_bool(memory_seal, options::DASH_Z, '\0', false,
+ N_("Mark object be memory sealed"),
+ N_("Don't mark oject to be memory sealed"));
public:
@@ -4476,3 +4476,22 @@ package_metadata_test.o: package_metadata_main.c
package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
$(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
$(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
+
+check_SCRIPTS += memory_seal_test.sh
+check_DATA += memory_seal_test_1.stdout memory_seal_test_2.stdout
+MOSTLYCLEANFILES += memory_seal_test
+memory_seal_test_1.stdout: memory_seal_main
+ $(TEST_READELF) -n $< >$@
+memory_seal_test_2.stdout: memory_seal_shared.so
+ $(TEST_READELF) -n $< >$@
+memory_seal_main: gcctestdir/ld memory_seal_main.o
+ gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
+memory_seal_main.o: memory_seal_main.c
+ $(COMPILE) -c -o $@ $<
+memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
+ gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
+memory_seal_shared.o: memory_seal_shared.c
+ $(COMPILE) -c -fPIC -o $@ $<
+
+
+
@@ -2888,7 +2888,7 @@ MOSTLYCLEANFILES = *.so *.syms *.stdout *.stderr $(am__append_4) \
$(am__append_88) $(am__append_91) $(am__append_93) \
$(am__append_102) $(am__append_105) $(am__append_108) \
$(am__append_111) $(am__append_114) $(am__append_117) \
- $(am__append_120) $(am__append_121)
+ $(am__append_120) $(am__append_121) memory_seal_test
# We will add to these later, for each individual test. Note
# that we add each test under check_SCRIPTS or check_PROGRAMS;
@@ -2901,7 +2901,7 @@ check_SCRIPTS = $(am__append_2) $(am__append_21) $(am__append_25) \
$(am__append_89) $(am__append_96) $(am__append_100) \
$(am__append_103) $(am__append_106) $(am__append_109) \
$(am__append_112) $(am__append_115) $(am__append_118) \
- $(am__append_122)
+ $(am__append_122) memory_seal_test.sh
check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
$(am__append_32) $(am__append_38) $(am__append_45) \
$(am__append_50) $(am__append_54) $(am__append_58) \
@@ -2910,7 +2910,8 @@ check_DATA = $(am__append_3) $(am__append_22) $(am__append_26) \
$(am__append_90) $(am__append_97) $(am__append_101) \
$(am__append_104) $(am__append_107) $(am__append_110) \
$(am__append_113) $(am__append_116) $(am__append_119) \
- $(am__append_123)
+ $(am__append_123) memory_seal_test_1.stdout \
+ memory_seal_test_2.stdout
BUILT_SOURCES = $(am__append_42)
TESTS = $(check_SCRIPTS) $(check_PROGRAMS)
@@ -6524,6 +6525,13 @@ retain.sh.log: retain.sh
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
+memory_seal_test.sh.log: memory_seal_test.sh
+ @p='memory_seal_test.sh'; \
+ b='memory_seal_test.sh'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
object_unittest.log: object_unittest$(EXEEXT)
@p='object_unittest$(EXEEXT)'; \
b='object_unittest'; \
@@ -10524,6 +10532,18 @@ package_metadata_test.o: package_metadata_main.c
package_metadata_test$(EXEEXT): package_metadata_test.o gcctestdir/ld
$(CXXLINK) package_metadata_test.o -Wl,--package-metadata='{"foo":"bar"}'
$(TEST_READELF) --notes $@ | grep -q '{"foo":"bar"}'
+memory_seal_test_1.stdout: memory_seal_main
+ $(TEST_READELF) -n $< >$@
+memory_seal_test_2.stdout: memory_seal_shared.so
+ $(TEST_READELF) -n $< >$@
+memory_seal_main: gcctestdir/ld memory_seal_main.o
+ gcctestdir/ld -z memory-seal -o $@ memory_seal_main.o
+memory_seal_main.o: memory_seal_main.c
+ $(COMPILE) -c -o $@ $<
+memory_seal_shared.so: gcctestdir/ld memory_seal_shared.o
+ gcctestdir/ld -z memory-seal -shared -o $@ memory_seal_shared.o
+memory_seal_shared.o: memory_seal_shared.c
+ $(COMPILE) -c -fPIC -o $@ $<
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
new file mode 100644
@@ -0,0 +1,5 @@
+int
+main(void)
+{
+ return 0;
+}
new file mode 100644
@@ -0,0 +1,7 @@
+int foo (void);
+
+int
+foo(void)
+{
+ return 0;
+}
new file mode 100755
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+# memory_seal_test.sh -- test GNU_PROPERTY_MEMORY_SEAL gnu property
+
+# Copyright (C) 2018-2024 Free Software Foundation, Inc.
+
+# This file is part of gold.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
+# MA 02110-1301, USA.
+
+# This script checks that after linking the three object files
+# gnu_property_[abc].S, each of which contains a .note.gnu.property
+# section, the resulting output has only a single such note section,
+# and that the properties have been correctly combined.
+
+check()
+{
+ if ! grep -q "$2" "$1"
+ then
+ echo "Did not find expected output in $1:"
+ echo " $2"
+ echo ""
+ echo "Actual output below:"
+ cat "$1"
+ exit 1
+ fi
+}
+
+check memory_seal_test_1.stdout "memory seal"
+check memory_seal_test_2.stdout "memory seal"
+
+exit 0