Initial support for static PIE executables

Author: LemonBoy

lib/std/dynamic_library.zig

@@ -24,7 +24,7 @@ pub const DynLib = switch (builtin.os) {
 // fashion.
 const LinkMap = extern struct {
     l_addr: usize,
-    l_name: [*]const u8,
+    l_name: [*:0]const u8,
     l_ld: ?*elf.Dyn,
     l_next: ?*LinkMap,
     l_prev: ?*LinkMap,
@@ -53,48 +53,48 @@ const RDebug = extern struct {
     r_ldbase: usize,
 };
 
-fn elf_get_va_offset(phdrs: []elf.Phdr) !usize {
-    for (phdrs) |*phdr| {
-        if (phdr.p_type == elf.PT_LOAD) {
-            return @ptrToInt(phdr) - phdr.p_vaddr;
-        }
+// XXX: This should be weak (#1917)
+extern var _DYNAMIC: [128]elf.Dyn;
+
+comptime {
+    if (builtin.os == .linux) {
+        asm (
+            \\ .weak _DYNAMIC
+            \\ .hidden _DYNAMIC
+        );
     }
-    return error.InvalidExe;
 }
 
 pub fn linkmap_iterator(phdrs: []elf.Phdr) !LinkMap.Iterator {
-    const va_offset = try elf_get_va_offset(phdrs);
-
-    const dyn_table = init: {
-        for (phdrs) |*phdr| {
-            if (phdr.p_type == elf.PT_DYNAMIC) {
-                const ptr = @intToPtr([*]elf.Dyn, va_offset + phdr.p_vaddr);
-                break :init ptr[0 .. phdr.p_memsz / @sizeOf(elf.Dyn)];
-            }
-        }
+    if (@ptrToInt(&_DYNAMIC[0]) == 0) {
         // No PT_DYNAMIC means this is either a statically-linked program or a
         // badly corrupted one
         return LinkMap.Iterator{ .current = null };
-    };
+    }
 
     const link_map_ptr = init: {
-        for (dyn_table) |*dyn| {
-            switch (dyn.d_tag) {
+        var i: usize = 0;
+        while (_DYNAMIC[i].d_tag != elf.DT_NULL) : (i += 1) {
+            switch (_DYNAMIC[i].d_tag) {
                 elf.DT_DEBUG => {
-                    const r_debug = @intToPtr(*RDebug, dyn.d_un.d_ptr);
-                    if (r_debug.r_version != 1) return error.InvalidExe;
-                    break :init r_debug.r_map;
+                    const ptr = @intToPtr(?*RDebug, _DYNAMIC[i].d_un.d_ptr);
+                    if (ptr) |r_debug| {
+                        if (r_debug.r_version != 1) return error.InvalidExe;
+                        break :init r_debug.r_map;
+                    }
                 },
                 elf.DT_PLTGOT => {
-                    const got_table = @intToPtr([*]usize, dyn.d_un.d_ptr);
-                    // The address to the link_map structure is stored in the
-                    // second slot
-                    break :init @intToPtr(?*LinkMap, got_table[1]);
+                    const ptr = @intToPtr(?[*]usize, _DYNAMIC[i].d_un.d_ptr);
+                    if (ptr) |got_table| {
+                        // The address to the link_map structure is stored in
+                        // the second slot
+                        break :init @intToPtr(?*LinkMap, got_table[1]);
+                    }
                 },
                 else => {},
             }
         }
-        return error.InvalidExe;
+        return LinkMap.Iterator{ .current = null };
     };
 
     return LinkMap.Iterator{ .current = link_map_ptr };

lib/std/elf.zig

@@ -640,20 +640,48 @@ pub const Elf64_Syminfo = extern struct {
 pub const Elf32_Rel = extern struct {
     r_offset: Elf32_Addr,
     r_info: Elf32_Word,
+
+    pub inline fn r_sym(self: @This()) u24 {
+        return @truncate(u24, self.r_info >> 8);
+    }
+    pub inline fn r_type(self: @This()) u8 {
+        return @truncate(u8, self.r_info & 0xff);
+    }
 };
 pub const Elf64_Rel = extern struct {
     r_offset: Elf64_Addr,
     r_info: Elf64_Xword,
+
+    pub inline fn r_sym(self: @This()) u32 {
+        return @truncate(u32, self.r_info >> 32);
+    }
+    pub inline fn r_type(self: @This()) u32 {
+        return @truncate(u32, self.r_info & 0xffffffff);
+    }
 };
 pub const Elf32_Rela = extern struct {
     r_offset: Elf32_Addr,
     r_info: Elf32_Word,
     r_addend: Elf32_Sword,
+
+    pub inline fn r_sym(self: @This()) u24 {
+        return @truncate(u24, self.r_info >> 8);
+    }
+    pub inline fn r_type(self: @This()) u8 {
+        return @truncate(u8, self.r_info & 0xff);
+    }
 };
 pub const Elf64_Rela = extern struct {
     r_offset: Elf64_Addr,
     r_info: Elf64_Xword,
     r_addend: Elf64_Sxword,
+
+    pub inline fn r_sym(self: @This()) u32 {
+        return @truncate(u32, self.r_info >> 32);
+    }
+    pub inline fn r_type(self: @This()) u32 {
+        return @truncate(u32, self.r_info & 0xffffffff);
+    }
 };
 pub const Elf32_Phdr = extern struct {
     p_type: Elf32_Word,
@@ -853,6 +881,16 @@ pub const Dyn = switch (@sizeOf(usize)) {
     8 => Elf64_Dyn,
     else => @compileError("expected pointer size of 32 or 64"),
 };
+pub const Rel = switch (@sizeOf(usize)) {
+    4 => Elf32_Rel,
+    8 => Elf64_Rel,
+    else => @compileError("expected pointer size of 32 or 64"),
+};
+pub const Rela = switch (@sizeOf(usize)) {
+    4 => Elf32_Rela,
+    8 => Elf64_Rela,
+    else => @compileError("expected pointer size of 32 or 64"),
+};
 pub const Shdr = switch (@sizeOf(usize)) {
     4 => Elf32_Shdr,
     8 => Elf64_Shdr,

lib/std/os/bits/linux.zig

@@ -996,7 +996,7 @@ pub const dirent64 = extern struct {
 
 pub const dl_phdr_info = extern struct {
     dlpi_addr: usize,
-    dlpi_name: ?[*]const u8,
+    dlpi_name: ?[*:0]const u8,
     dlpi_phdr: [*]std.elf.Phdr,
     dlpi_phnum: u16,
 };

lib/std/os/linux/start_pie.zig

@@ -0,0 +1,138 @@
+const std = @import("std");
+const elf = std.elf;
+const builtin = @import("builtin");
+const assert = std.debug.assert;
+
+const R_AMD64_RELATIVE = 8;
+const R_386_RELATIVE = 8;
+const R_ARM_RELATIVE = 23;
+const R_AARCH64_RELATIVE = 1027;
+const R_RISCV_RELATIVE = 3;
+
+const ARCH_RELATIVE_RELOC = switch (builtin.arch) {
+    .i386 => R_386_RELATIVE,
+    .x86_64 => R_AMD64_RELATIVE,
+    .arm => R_ARM_RELATIVE,
+    .aarch64 => R_AARCH64_RELATIVE,
+    .riscv64 => R_RISCV_RELATIVE,
+    else => @compileError("unsupported architecture"),
+};
+
+// Just a convoluted (but necessary) way to obtain the address of the _DYNAMIC[]
+// vector as PC-relative so that we can use it before any relocation is applied
+fn getDynamicSymbol() [*]elf.Dyn {
+    const addr = switch (builtin.arch) {
+        .i386 => asm volatile (
+            \\ .weak _DYNAMIC
+            \\ .hidden _DYNAMIC
+            \\ call 1f
+            \\ 1: pop %[ret]
+            \\ lea _DYNAMIC-1b(%[ret]), %[ret]
+            : [ret] "=r" (-> usize)
+        ),
+        .x86_64 => asm volatile (
+            \\ .weak _DYNAMIC
+            \\ .hidden _DYNAMIC
+            \\ lea _DYNAMIC(%%rip), %[ret]
+            : [ret] "=r" (-> usize)
+        ),
+        // Work around the limited offset range of `ldr`
+        .arm => asm volatile (
+            \\ .weak _DYNAMIC
+            \\ .hidden _DYNAMIC
+            \\ ldr %[ret], 1f
+            \\ add %[ret], pc
+            \\ b 2f
+            \\ 1: .word _DYNAMIC-1b
+            \\ 2:
+            : [ret] "=r" (-> usize)
+        ),
+        // A simple `adr` is not enough as it has a limited offset range
+        .aarch64 => asm volatile (
+            \\ .weak _DYNAMIC
+            \\ .hidden _DYNAMIC
+            \\ adrp %[ret], _DYNAMIC
+            \\ add %[ret], %[ret], #:lo12:_DYNAMIC
+            : [ret] "=r" (-> usize)
+        ),
+        .riscv64 => asm volatile (
+            \\ lla %[ret], _DYNAMIC
+            : [ret] "=r" (-> usize)
+        ),
+        else => @compileError("???"),
+    };
+    if (addr == 0) unreachable;
+    return @intToPtr([*]elf.Dyn, addr);
+}
+
+pub fn apply_relocations() void {
+    @setRuntimeSafety(false);
+
+    const dynv = getDynamicSymbol();
+    const auxv = std.os.linux.elf_aux_maybe.?;
+    var at_phent: usize = undefined;
+    var at_phnum: usize = undefined;
+    var at_phdr: usize = undefined;
+    var at_hwcap: usize = undefined;
+
+    {
+        var i: usize = 0;
+        while (auxv[i].a_type != std.elf.AT_NULL) : (i += 1) {
+            switch (auxv[i].a_type) {
+                elf.AT_PHENT => at_phent = auxv[i].a_un.a_val,
+                elf.AT_PHNUM => at_phnum = auxv[i].a_un.a_val,
+                elf.AT_PHDR => at_phdr = auxv[i].a_un.a_val,
+                else => continue,
+            }
+        }
+    }
+
+    // Sanity check
+    assert(at_phent == @sizeOf(elf.Phdr));
+
+    // Search the TLS section
+    const phdrs = (@intToPtr([*]elf.Phdr, at_phdr))[0..at_phnum];
+
+    const base_addr = blk: {
+        for (phdrs) |*phdr| {
+            if (phdr.p_type == elf.PT_DYNAMIC) {
+                break :blk @ptrToInt(&dynv[0]) - phdr.p_vaddr;
+            }
+        }
+        unreachable;
+    };
+
+    var rel_addr: usize = 0;
+    var rela_addr: usize = 0;
+    var rel_size: usize = 0;
+    var rela_size: usize = 0;
+
+    {
+        var i: usize = 0;
+        while (dynv[i].d_tag != elf.DT_NULL) : (i += 1) {
+            switch (dynv[i].d_tag) {
+                elf.DT_REL => rel_addr = base_addr + dynv[i].d_un.d_ptr,
+                elf.DT_RELA => rela_addr = base_addr + dynv[i].d_un.d_ptr,
+                elf.DT_RELSZ => rel_size = dynv[i].d_un.d_val,
+                elf.DT_RELASZ => rela_size = dynv[i].d_un.d_val,
+                else => {},
+            }
+        }
+    }
+
+    // Perform the relocations
+    if (rel_addr != 0) {
+        const rel = @bytesToSlice(elf.Rel, @intToPtr([*]u8, rel_addr)[0..rel_size]);
+        for (rel) |r| {
+            if (r.r_type() != ARCH_RELATIVE_RELOC) continue;
+            @intToPtr(*usize, base_addr + r.r_offset).* += base_addr;
+        }
+    }
+    if (rela_addr != 0) {
+        const rela = @bytesToSlice(elf.Rela, @intToPtr([*]u8, rela_addr)[0..rela_size]);
+        for (rela) |r| {
+            if (r.r_type() != ARCH_RELATIVE_RELOC) continue;
+            @intToPtr(*usize, base_addr + r.r_offset).* += base_addr + @bitCast(usize, r.r_addend);
+        }
+    }
+}

lib/std/os/test.zig

@@ -205,6 +205,8 @@ export fn iter_fn(info: *dl_phdr_info, size: usize, data: ?*usize) i32 {
 test "dl_iterate_phdr" {
     if (builtin.os == .windows or builtin.os == .wasi or builtin.os == .macosx)
         return error.SkipZigTest;
+    if (builtin.position_independent_executable)
+        return error.SkipZigTest;
 
     var counter: usize = 0;
     expect(os.dl_iterate_phdr(usize, iter_fn, &counter) != 0);

lib/std/start.zig

@@ -155,6 +155,12 @@ fn posixCallMainAndExit() noreturn {
         // Find the beginning of the auxiliary vector
         const auxv = @ptrCast([*]std.elf.Auxv, envp.ptr + envp_count + 1);
         std.os.linux.elf_aux_maybe = auxv;
+
+        // Do this as early as possible, the aux vector is needed
+        if (builtin.position_independent_executable) {
+            @import("os/linux/start_pie.zig").apply_relocations();
+        }
+
         // Initialize the TLS area
         const gnu_stack_phdr = std.os.linux.tls.initTLS() orelse @panic("ELF missing stack size");
 

src/all_types.hpp

@@ -1922,6 +1922,12 @@ enum WantPIC {
     WantPICEnabled,
 };
 
+enum WantPIE {
+    WantPIEAuto,
+    WantPIEDisabled,
+    WantPIEEnabled,
+};
+
 enum WantStackCheck {
     WantStackCheckAuto,
     WantStackCheckDisabled,
@@ -2101,6 +2107,7 @@ struct CodeGen {
     Stage2ProgressNode *sub_progress_node;
 
     WantPIC want_pic;
+    WantPIE want_pie;
     WantStackCheck want_stack_check;
     WantCSanitize want_sanitize_c;
     CacheHash cache_hash;
@@ -2175,6 +2182,7 @@ struct CodeGen {
     bool disable_gen_h;
     bool bundle_compiler_rt;
     bool have_pic;
+    bool have_pie;
     bool have_dynamic_link; // this is whether the final thing will be dynamically linked. see also is_dynamic
     bool have_stack_probing;
     bool have_sanitize_c;