Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update build docs and document pad-tls #476

Merged
merged 8 commits into from
Dec 13, 2024
Merged

Update build docs and document pad-tls #476

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ea89cfd
Add compiler flags for partition-alloc and missing linker args
randomPoison Dec 4, 2024
da28bb9
Add docs for running pad-tls
randomPoison Dec 9, 2024
7e0de07
Add missing include path
randomPoison Dec 9, 2024
c95877f
Containerized -> compartmentalized
randomPoison Dec 9, 2024
43c87c7
Add note about using ldd to find dependencies
randomPoison Dec 9, 2024
fbc3b90
Add even more --wrap linker args
randomPoison Dec 9, 2024
49a135b
Update list of partition-alloc linker args
randomPoison Dec 9, 2024
f11a905
Fix `-Wl,--wrap` instructions
randomPoison Dec 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions docs/usage.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,8 +155,25 @@ are also required:
-DPKEY=$PKEY
-DIA2_ENABLE=1
-include /path/to/generated_output_header.h
-I $IA2_PATH/runtime/libia2/include
-I $IA2_PATH/runtime/partition-alloc/include
-Werror=incompatible-pointer-types
-Wl,--wrap=pthread_create
-Wl,--wrap=calloc
-Wl,--wrap=free
-Wl,--wrap=malloc
-Wl,--wrap=memalign
-Wl,--wrap=posix_memalign
-Wl,--wrap=pvalloc
-Wl,--wrap=realloc
-Wl,--wrap=valloc
-Wl,--wrap=malloc_usable_size
-Wl,--wrap=realpath
-Wl,--wrap=strdup
-Wl,--wrap=strndup
-Wl,--wrap=getcwd
-Wl,--wrap=asprintf
-Wl,--wrap=vasprintf
-pthread
-Wl,-z,now
-Wl,-z,relro
Expand All @@ -166,8 +183,22 @@ are also required:
-Wl,--wrap=main
-Wl,--dynamic-list=$IA2_PATH/runtime/libia2/dynsym.syms
-Wl,--export-dynamic
-L$IA2_PATH/build/runtime/libia2
-L$IA2_PATH/build/runtime/partition-alloc
-llibia2
-lpartition-alloc
-lcallgates
```

Also if the rewriter produces a linker args file for a given compartment (i.e. a
`.ld` file), you must include `-Wl,@/path/to/generated_linker_args_$PKEY.ld` when
linking that DSO.

## Using Thread Local Storage

When using TLS in a compartmentalized app, you'll need to run the `pad-tls` tool
on all shared objects in the app. This includes `libc.so` as libc both
initializes and makes use of TLS. If you're seeing compartment violations when
accessing TLS then you likely need to run `pad-tls` on the relevant. The tool
can be found at `$IA2_PATH/build/tools/pad-tls/pad-tls`. Note that the `ldd` and
`lddtree` tools can be used to list the DSO dependencies of your app.
17 changes: 14 additions & 3 deletions runtime/partition-alloc/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,21 @@ allocator, first build `libpartition_alloc.so` with the CMake `partition-alloc`
your program against `libpartition_alloc.so` with the following linker flags.

```
-Wl,--wrap=calloc \
-Wl,--wrap=malloc \
-Wl,--wrap=realloc \
-Wl,--wrap=calloc
-Wl,--wrap=free
-Wl,--wrap=malloc
-Wl,--wrap=memalign
-Wl,--wrap=posix_memalign
-Wl,--wrap=pvalloc
-Wl,--wrap=realloc
-Wl,--wrap=valloc
-Wl,--wrap=malloc_usable_size
-Wl,--wrap=realpath
-Wl,--wrap=strdup
-Wl,--wrap=strndup
-Wl,--wrap=getcwd
-Wl,--wrap=asprintf
-Wl,--wrap=vasprintf
```

[wrap]: https://chromium.googlesource.com/chromium/src/base/+/refs/heads/main/allocator/allocator_shim_override_libc_symbols.h
Expand Down
Loading