GitLab

upstream is growing an option to install elf.h. We want to use that.

Change-Id: Ica5bf0cdf281eb17ef29e0e1029662a5a9d875b1
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>

On some platforms, notably windows, you cannot unlink open files.

Change-Id: Ifd73520005b3c233c112baf0b72fd8cf2f57c671
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

On windows you cannot rename into an existing file.

Change-Id: I07ad0b42260e98579b00d828c96bd47db006840c
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

The whole idea of extending the file and the mmap in place is rather
fragile and only works on rather specific setups. If we can't even extend
the file, we will likely not be able to extend the mapping that refers to
it, either. In that case we might still be able to write the formally
undefined memory behind the end of the file because the OS actually maps
whole pages, but that is an unspeakable horror.

The file based strategy is slower, but robust.

Change-Id: I995a173d60cfd70dde08ff78b7a97182e83b4727
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

mremap() is allowed to fail if it cannot find the required memory. Ours
always fails.

Change-Id: I5a0e9afe94158fbc5f66cc7f65fd716ccc002b3d
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

Obviously, we cannot read the compressed ELF file if no bzip2 support is
present.

Change-Id: Ia85efce5e546b184adb015de42d1a6ec63154e96
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>

elfutils 0.175 release

Change-Id: I409f41767af349d0521351dd733879ad31c65aab

Signed-off-by: Mark Wielaard <mark@klomp.org>

GCC9 -Wmissing-attributes pointed out that although we alias the fsize
and msize functions only fsize was marked as const. Fix by also marking
the msize definition as const.

https://sourceware.org/bugzilla/show_bug.cgi?id=23884Signed-off-by: Mark Wielaard <mark@klomp.org>

Harmless, but useless.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Set version to 0.175
Update NEWS and elfutils.spec.in.
Regenerate po/*.po files.
Signed-off-by: Mark Wielaard <mark@klomp.org>

The gold linker might generate an .eh_frame_hdr with a SHT_X86_64_UNWIND
type instead of a SHT_PROGBITS type.
Signed-off-by: Mark Wielaard <mark@klomp.org>

We didn't set the alignment of SHF_COMPRESSED sections correctly.
Those sections start with an Elf(32|64)_Chdr. Make sure sh_addralign
is setup to be able to read such a struct directly. Likewise don't
trust the alignment set on any SHF_COMPRESSED section, but always
make the (raw) compressed data aligned correctly for the reading the
Elf(32|64)_Chdr directly.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Check whether a section was gnu compressed and decompress it first
before trying to resolve relocations. Recompress it afterwards.

This found a bug in elf_compress_gnu which would use the "raw" file
contents even if the user had just created the section (copying over
the section from the original input file).

Add compressed ET_REL tests to run-strip-reloc.sh testcase.
Signed-off-by: Mark Wielaard <mark@klomp.org>

GNU Build Attribute ELF Notes are generated by the GCC annobin plugin
and described at https://fedoraproject.org/wiki/Toolchain/Watermark

Unfortunately the constants aren't yet described in the standard glibc
elf.h so they have been added to the elfutils specific elf-knowledge.h.

The notes abuse the name owner field to encode some data not in the
description. This makes it a bit hard to parse. We have to match the
note owner name prefix (to "GA") to be sure the type is valid. We also
cannot rely on the owner name being a valid C string since the attribute
name and value can contain zero (terminators). So pass around namesz
to the ebl note parsing functions.

eu-elflint will recognize and eu-readelf -n will now show the notes:

Note section [27] '.gnu.build.attributes' of 56080 bytes at offset 0x114564:
  Owner          Data size  Type
  GA                    16  GNU Build Attribute OPEN
    Address Range: 0x2f30f - 0x2f30f
    VERSION: "3p8"
  GA                     0  GNU Build Attribute OPEN
    TOOL: "gcc 8.2.1 20180801"
  GA                     0  GNU Build Attribute OPEN
    "GOW": 45
  GA                     0  GNU Build Attribute OPEN
    STACK_PROT: 0
  GA                     0  GNU Build Attribute OPEN
    "stack_clash": TRUE
  GA                     0  GNU Build Attribute OPEN
    "cf_protection": 0
  GA                     0  GNU Build Attribute OPEN
    "GLIBCXX_ASSERTIONS": TRUE
  GA                     0  GNU Build Attribute OPEN
    "FORTIFY": 0
  GA                     0  GNU Build Attribute OPEN
    PIC: 3
  GA                     0  GNU Build Attribute OPEN
    SHORT_ENUM: FALSE
  GA                     0  GNU Build Attribute OPEN
    ABI: c001100000012
  GA                     0  GNU Build Attribute OPEN
    "stack_realign": FALSE

A new test was added to run-readelf -n for the existing annobin file.
Signed-off-by: Mark Wielaard <mark@klomp.org>

NT_VERSION notes are emitted by the gas .version directive.
They have an empty description and (ab)use the owner name to store the
version data string.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Linux kernel 4.13 introduced 4 more jump class variants.

  commit 92b31a9af73b3a3fc801899335d6c47966351830
  Author: Daniel Borkmann <daniel@iogearbox.net>
  Date:   Thu Aug 10 01:39:55 2017 +0200

    bpf: add BPF_J{LT,LE,SLT,SLE} instructions

For conditional jumping on unsigned and signed < and <= between a register
and another register or immediate.

Add these new constants to bpf.h, recognize them in bpf_disasm and update
the testfile-bpf-dis1.expect file.
Signed-off-by: Mark Wielaard <mark@klomp.org>

This introduces a new function dwelf_elf_begin which creates a (read-only)
ELF handle from a possibly compressed file handle or a file that start
with a linux kernel header. This can be used in eu-readelf to (re)open a
(pure) ELF.

eu-readelf uses libdwfl to relocate addresses in the original file in
case it is ET_REL. But to show the "raw" data it might need to (re)open
the file. Which could fail if the file was compressed. And produced an
obscure error message: "cannot create EBL handle".

This rewrites __libdw_open_file a little so that the given file handle
will never be closed (whether on success or failure) and introduces a
new internal function __libdw_open_elf that dwelf_elf_begin wraps.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Makes sure that eu-readelf and eu-elflint recognize and show the
x86_64 specific section type correctly.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Tested-by: Milian Wolff <milian.wolff@kdab.com>

On my system with g++ (GCC) 8.2.1 20180831 with GNU gold (GNU Binutils
2.31.1) 1.16, the .eh_frame section does not have type PROGBITS
but rather is using X86_64_UNWIND nowadays:

```
$ echo "int main(){ return 0; }" > test.c
$ gcc test.c
$ readelf --sections a.out | grep .eh_frame
  [14] .eh_frame         X86_64_UNWIND    0000000000000670  00000670
  [15] .eh_frame_hdr     X86_64_UNWIND    0000000000000724  00000724
```

Without this patch, libdw refuses to use the available unwind
information, leading to broken backtraces while unwinding. With the
patch applied, unwinding works once more in such situations.
Signed-off-by: Milian Wolff <milian.wolff@kdab.com>
Signed-off-by: Mark Wielaard <mark@klomp.org>
Tested-by: Milian Wolff <milian.wolff@kdab.com>

We need to explictly trigger a section data reload after updating the
ELF section rawdata to make sure it gets written out to disk on an
elf_update. Doing this showed one bug/inefficiently when the underlying
file has a different endianness. In that case for debug sections we
would convert by allocating a new buffer and just copying over the
raw data into a new buffer. This is not really necessary and would
hide any relocations done on the rawdata by libdwfl.

Added a couple of new ppc64 big endian testfiles that show the issue.
Signed-off-by: Mark Wielaard <mark@klomp.org>

This option does the same thing as --reloc-debug-sections without doing
any other strip operation. This is useful when you want to remove the
debug section relocations in a separate ET_REL debug file that was created
without --reloc-debug-sections, or for a file (like the linux debug vmlinux)
that you don't want to strip, but for which the debug section relocations
can be resolved already.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Signed-off-by: Mark Wielaard <mark@klomp.org>

Extract a couple of helper functions out of handle_elf (secndx_name,
get_xndxdata and remove_debug_relocations) so they can be reused more
easily in the future.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Ignore the type of ELF file, just copy over any phdrs if the original
file contained any. Also refuse to move around any allocated sections
based on whether there are any phdrs instead of on ELF file type.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Signed-off-by: Mark Wielaard <mark@klomp.org>

GNU Property notes are different from normal notes because they use
variable alignment/padding of their fields. They are 8 byte aligned,
but use 4 byte fields. The name is aligned at 4 bytes and padded so
that, the desc is aligned at 8 bytes. The whole note is padded to
8 bytes again. For normal notes all fields are both 4 bytes wide and
4 bytes aligned.

To recognize these new kind of ELF Notes a new Elf_Type is introduced,
ELF_T_NHDR8. This type is used in the xlate functions to determine
how to align and pad the various fields. Since the fields themselves
can now have different alignments we will have to keep track of the
current alignement and use either NOTE_ALIGN4 or NOTE_ALIGN8 to
determine the padding.

To set the correct Elf_Type on the Elf_Data we use either the section
sh_addralign or the segment p_align values. Assuming 8 means the
section or segment contains the new style notes, otherwise normal
notes.

When we cannot determine the "alignment" directly, like when parsing
special kernel sys files, we check the name "GNU" and type
"GNU_PROPERTY_TYPE_0" fields.

ebl_object_note now parses the new NT_GNU_PROPERTY_TYPE_0 and can
extract the GNU_PROPERTY_STACK_SIZE, GNU_PROPERTY_NO_COPY_ON_PROTECTED
and GNU_PROPERTY_X86_FEATURE_1_AND types GNU_PROPERTY_X86_FEATURE_1_IBT
and GNU_PROPERTY_X86_FEATURE_1_SHSTK.

Tests are added for extracting the note from sections or segments
as set by gcc -fcf-protection.
Signed-off-by: Mark Wielaard <mark@klomp.org>

Using the Ehdr field directly doesn't work when there are a large number
of sections.
Signed-off-by: Mark Wielaard <mark@klomp.org>

The function section_name would use the Ehdr e_shstrndx field to find the
index of the section index string table directly. But it should use
elf_getshdrstrndx. Adjust all callers.
Signed-off-by: Mark Wielaard <mark@klomp.org>

The size of the dwarf_regs is a constant, but when building without
optimizations the compiler doesn't see that and will warn that it
cannot proof the stack size is bounded. Use a define instead of a
const, so the compiler will use a constant expression everywhere.
Signed-off-by: Mark Wielaard <mark@klomp.org>

We could end up with a negative length in a call to memchr.

https://sourceware.org/bugzilla/show_bug.cgi?id=23782Signed-off-by: Mark Wielaard <mark@klomp.org>

We could end up with a negative length in a call to memchr.

https://sourceware.org/bugzilla/show_bug.cgi?id=23782Signed-off-by: Mark Wielaard <mark@klomp.org>

There were some recent bug reports where we trusted the ELF section header
to be sane and divided the sh_size by the sh_entsize to get the number of
objects in the section. This would cause a divide by zero if the file was
corrupt and the sh_entsize was zero. Add checks for any such code.
Signed-off-by: Mark Wielaard <mark@klomp.org>

eu-size didn't handle an ELF ar file that contained an ar file itself
correctly. handle_ar would recursively call itself but close the ELF
file before returning. Only close the ELF file at the top-level.

https://sourceware.org/bugzilla/show_bug.cgi?id=23787Signed-off-by: Mark Wielaard <mark@klomp.org>

A bogus ELF file could have sh_entsize as zero. Don't divide by zero,
but just assume there are no symbols in the section.

https://sourceware.org/bugzilla/show_bug.cgi?id=23786Signed-off-by: Mark Wielaard <mark@klomp.org>

If the ar header contains a bogus ar_date then in verbose mode we would
get a NULL pointer from localtime. Just assume the entry was created
during the epoch.

https://sourceware.org/bugzilla/show_bug.cgi?id=23754Signed-off-by: Mark Wielaard <mark@klomp.org>

A bogus ELF file could have sh_entsize as zero. Don't divide by zero,
but just assume there are no entries in the section.

https://sourceware.org/bugzilla/show_bug.cgi?id=23755Signed-off-by: Mark Wielaard <mark@klomp.org>

There were two issues when reading note data from a core file.
We didn't check if the data we already had in a buffer was big
enough. And if we did get the data, we should check if we got
everything, or just a part of the data.

https://sourceware.org/bugzilla/show_bug.cgi?id=23752Signed-off-by: Mark Wielaard <mark@klomp.org>

In object files there could be multiple .debug_macro sections.
These are COMDAT sections used as imports. Note that the output for
DW_MACRO_import isn't ideal since the offset is printed against the
start of the .debug_macro section, but it doesn't show which one.
We currently don't have that information and no interface yet for
libdw users.

Also decode the macro header flag byte for convenience.
Signed-off-by: Mark Wielaard <mark@klomp.org>

When unstripping we might need to renumber the group section indexes.
Just like we do when stripping.
Signed-off-by: Mark Wielaard <mark@klomp.org>