1 //===- ARM64.cpp ----------------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 
9 #include "InputFiles.h"
10 #include "Symbols.h"
11 #include "SyntheticSections.h"
12 #include "Target.h"
13 
14 #include "lld/Common/ErrorHandler.h"
15 #include "llvm/ADT/SmallVector.h"
16 #include "llvm/ADT/StringRef.h"
17 #include "llvm/BinaryFormat/MachO.h"
18 #include "llvm/Support/Endian.h"
19 #include "llvm/Support/MathExtras.h"
20 
21 using namespace llvm::MachO;
22 using namespace llvm::support::endian;
23 using namespace lld;
24 using namespace lld::macho;
25 
26 namespace {
27 
28 struct ARM64 : TargetInfo {
29   ARM64();
30 
31   uint64_t getEmbeddedAddend(MemoryBufferRef, const section_64 &,
32                              const relocation_info) const override;
33   void relocateOne(uint8_t *loc, const Reloc &, uint64_t va,
34                    uint64_t pc) const override;
35 
36   void writeStub(uint8_t *buf, const macho::Symbol &) const override;
37   void writeStubHelperHeader(uint8_t *buf) const override;
38   void writeStubHelperEntry(uint8_t *buf, const DylibSymbol &,
39                             uint64_t entryAddr) const override;
40 
41   void relaxGotLoad(uint8_t *loc, uint8_t type) const override;
42   const TargetInfo::RelocAttrs &getRelocAttrs(uint8_t type) const override;
43   uint64_t getPageSize() const override { return 16 * 1024; }
44 };
45 
46 } // namespace
47 
48 // Random notes on reloc types:
49 // ADDEND always pairs with BRANCH26, PAGE21, or PAGEOFF12
50 // POINTER_TO_GOT: ld64 supports a 4-byte pc-relative form as well as an 8-byte
51 // absolute version of this relocation. The semantics of the absolute relocation
52 // are weird -- it results in the value of the GOT slot being written, instead
53 // of the address. Let's not support it unless we find a real-world use case.
54 
55 const TargetInfo::RelocAttrs &ARM64::getRelocAttrs(uint8_t type) const {
56   static const std::array<TargetInfo::RelocAttrs, 11> relocAttrsArray{{
57 #define B(x) RelocAttrBits::x
58       {"UNSIGNED", B(UNSIGNED) | B(ABSOLUTE) | B(EXTERN) | B(LOCAL) |
59                        B(DYSYM8) | B(BYTE4) | B(BYTE8)},
60       {"SUBTRACTOR", B(SUBTRAHEND) | B(BYTE4) | B(BYTE8)},
61       {"BRANCH26", B(PCREL) | B(EXTERN) | B(BRANCH) | B(BYTE4)},
62       {"PAGE21", B(PCREL) | B(EXTERN) | B(BYTE4)},
63       {"PAGEOFF12", B(ABSOLUTE) | B(EXTERN) | B(BYTE4)},
64       {"GOT_LOAD_PAGE21", B(PCREL) | B(EXTERN) | B(GOT) | B(BYTE4)},
65       {"GOT_LOAD_PAGEOFF12",
66        B(ABSOLUTE) | B(EXTERN) | B(GOT) | B(LOAD) | B(BYTE4)},
67       {"POINTER_TO_GOT", B(PCREL) | B(EXTERN) | B(GOT) | B(POINTER) | B(BYTE4)},
68       {"TLVP_LOAD_PAGE21", B(PCREL) | B(EXTERN) | B(TLV) | B(BYTE4)},
69       {"TLVP_LOAD_PAGEOFF12",
70        B(ABSOLUTE) | B(EXTERN) | B(TLV) | B(LOAD) | B(BYTE4)},
71       {"ADDEND", B(ADDEND)},
72 #undef B
73   }};
74   assert(type < relocAttrsArray.size() && "invalid relocation type");
75   if (type >= relocAttrsArray.size())
76     return TargetInfo::invalidRelocAttrs;
77   return relocAttrsArray[type];
78 }
79 
80 uint64_t ARM64::getEmbeddedAddend(MemoryBufferRef mb, const section_64 &sec,
81                                   const relocation_info rel) const {
82   if (rel.r_type != ARM64_RELOC_UNSIGNED) {
83     // All other reloc types should use the ADDEND relocation to store their
84     // addends.
85     // TODO(gkm): extract embedded addend just so we can assert that it is 0
86     return 0;
87   }
88 
89   auto *buf = reinterpret_cast<const uint8_t *>(mb.getBufferStart());
90   const uint8_t *loc = buf + sec.offset + rel.r_address;
91   switch (rel.r_length) {
92   case 2:
93     return read32le(loc);
94   case 3:
95     return read64le(loc);
96   default:
97     llvm_unreachable("invalid r_length");
98   }
99 }
100 
101 inline uint64_t bitField(uint64_t value, int right, int width, int left) {
102   return ((value >> right) & ((1 << width) - 1)) << left;
103 }
104 
105 //              25                                                0
106 // +-----------+---------------------------------------------------+
107 // |           |                       imm26                       |
108 // +-----------+---------------------------------------------------+
109 
110 inline uint64_t encodeBranch26(uint64_t base, uint64_t va) {
111   // Since branch destinations are 4-byte aligned, the 2 least-
112   // significant bits are 0. They are right shifted off the end.
113   return (base | bitField(va, 2, 26, 0));
114 }
115 
116 //   30 29          23                                  5
117 // +-+---+---------+-------------------------------------+---------+
118 // | |ilo|         |                immhi                |         |
119 // +-+---+---------+-------------------------------------+---------+
120 
121 inline uint64_t encodePage21(uint64_t base, uint64_t va) {
122   return (base | bitField(va, 12, 2, 29) | bitField(va, 14, 19, 5));
123 }
124 
125 //                      21                   10
126 // +-------------------+-----------------------+-------------------+
127 // |                   |         imm12         |                   |
128 // +-------------------+-----------------------+-------------------+
129 
130 inline uint64_t encodePageOff12(uint32_t base, uint64_t va) {
131   int scale = 0;
132   if ((base & 0x3b00'0000) == 0x3900'0000) { // load/store
133     scale = base >> 30;
134     if (scale == 0 && (base & 0x0480'0000) == 0x0480'0000) // 128-bit variant
135       scale = 4;
136   }
137 
138   // TODO(gkm): extract embedded addend and warn if != 0
139   // uint64_t addend = ((base & 0x003FFC00) >> 10);
140   return (base | bitField(va, scale, 12 - scale, 10));
141 }
142 
143 inline uint64_t pageBits(uint64_t address) {
144   const uint64_t pageMask = ~0xfffull;
145   return address & pageMask;
146 }
147 
148 // For instruction relocations (load, store, add), the base
149 // instruction is pre-populated in the text section. A pre-populated
150 // instruction has opcode & register-operand bits set, with immediate
151 // operands zeroed. We read it from text, OR-in the immediate
152 // operands, then write-back the completed instruction.
153 
154 void ARM64::relocateOne(uint8_t *loc, const Reloc &r, uint64_t value,
155                         uint64_t pc) const {
156   uint32_t base = ((r.length == 2) ? read32le(loc) : 0);
157   value += r.addend;
158   switch (r.type) {
159   case ARM64_RELOC_BRANCH26:
160     value = encodeBranch26(base, value - pc);
161     break;
162   case ARM64_RELOC_UNSIGNED:
163     break;
164   case ARM64_RELOC_POINTER_TO_GOT:
165     if (r.pcrel)
166       value -= pc;
167     break;
168   case ARM64_RELOC_PAGE21:
169   case ARM64_RELOC_GOT_LOAD_PAGE21:
170   case ARM64_RELOC_TLVP_LOAD_PAGE21:
171     assert(r.pcrel);
172     value = encodePage21(base, pageBits(value) - pageBits(pc));
173     break;
174   case ARM64_RELOC_PAGEOFF12:
175   case ARM64_RELOC_GOT_LOAD_PAGEOFF12:
176   case ARM64_RELOC_TLVP_LOAD_PAGEOFF12:
177     assert(!r.pcrel);
178     value = encodePageOff12(base, value);
179     break;
180   default:
181     llvm_unreachable("unexpected relocation type");
182   }
183 
184   switch (r.length) {
185   case 2:
186     write32le(loc, value);
187     break;
188   case 3:
189     write64le(loc, value);
190     break;
191   default:
192     llvm_unreachable("invalid r_length");
193   }
194 }
195 
196 static constexpr uint32_t stubCode[] = {
197     0x90000010, // 00: adrp  x16, __la_symbol_ptr@page
198     0xf9400210, // 04: ldr   x16, [x16, __la_symbol_ptr@pageoff]
199     0xd61f0200, // 08: br    x16
200 };
201 
202 void ARM64::writeStub(uint8_t *buf8, const macho::Symbol &sym) const {
203   auto *buf32 = reinterpret_cast<uint32_t *>(buf8);
204   uint64_t pcPageBits =
205       pageBits(in.stubs->addr + sym.stubsIndex * sizeof(stubCode));
206   uint64_t lazyPointerVA = in.lazyPointers->addr + sym.stubsIndex * WordSize;
207   buf32[0] = encodePage21(stubCode[0], pageBits(lazyPointerVA) - pcPageBits);
208   buf32[1] = encodePageOff12(stubCode[1], lazyPointerVA);
209   buf32[2] = stubCode[2];
210 }
211 
212 static constexpr uint32_t stubHelperHeaderCode[] = {
213     0x90000011, // 00: adrp  x17, _dyld_private@page
214     0x91000231, // 04: add   x17, x17, _dyld_private@pageoff
215     0xa9bf47f0, // 08: stp   x16/x17, [sp, #-16]!
216     0x90000010, // 0c: adrp  x16, dyld_stub_binder@page
217     0xf9400210, // 10: ldr   x16, [x16, dyld_stub_binder@pageoff]
218     0xd61f0200, // 14: br    x16
219 };
220 
221 void ARM64::writeStubHelperHeader(uint8_t *buf8) const {
222   auto *buf32 = reinterpret_cast<uint32_t *>(buf8);
223   auto pcPageBits = [](int i) {
224     return pageBits(in.stubHelper->addr + i * sizeof(uint32_t));
225   };
226   uint64_t loaderVA = in.imageLoaderCache->getVA();
227   buf32[0] =
228       encodePage21(stubHelperHeaderCode[0], pageBits(loaderVA) - pcPageBits(0));
229   buf32[1] = encodePageOff12(stubHelperHeaderCode[1], loaderVA);
230   buf32[2] = stubHelperHeaderCode[2];
231   uint64_t binderVA =
232       in.got->addr + in.stubHelper->stubBinder->gotIndex * WordSize;
233   buf32[3] =
234       encodePage21(stubHelperHeaderCode[3], pageBits(binderVA) - pcPageBits(3));
235   buf32[4] = encodePageOff12(stubHelperHeaderCode[4], binderVA);
236   buf32[5] = stubHelperHeaderCode[5];
237 }
238 
239 static constexpr uint32_t stubHelperEntryCode[] = {
240     0x18000050, // 00: ldr  w16, l0
241     0x14000000, // 04: b    stubHelperHeader
242     0x00000000, // 08: l0: .long 0
243 };
244 
245 void ARM64::writeStubHelperEntry(uint8_t *buf8, const DylibSymbol &sym,
246                                  uint64_t entryVA) const {
247   auto *buf32 = reinterpret_cast<uint32_t *>(buf8);
248   auto pcVA = [entryVA](int i) { return entryVA + i * sizeof(uint32_t); };
249   uint64_t stubHelperHeaderVA = in.stubHelper->addr;
250   buf32[0] = stubHelperEntryCode[0];
251   buf32[1] =
252       encodeBranch26(stubHelperEntryCode[1], stubHelperHeaderVA - pcVA(1));
253   buf32[2] = sym.lazyBindOffset;
254 }
255 
256 void ARM64::relaxGotLoad(uint8_t *loc, uint8_t type) const {
257   // The instruction format comments below are quoted from
258   // Arm® Architecture Reference Manual
259   // Armv8, for Armv8-A architecture profile
260   // ARM DDI 0487G.a (ID011921)
261   uint32_t instruction = read32le(loc);
262   // C6.2.132 LDR (immediate)
263   // LDR <Xt>, [<Xn|SP>{, #<pimm>}]
264   if ((instruction & 0xffc00000) != 0xf9400000)
265     error(getRelocAttrs(type).name + " reloc requires LDR instruction");
266   assert(((instruction >> 10) & 0xfff) == 0 &&
267          "non-zero embedded LDR immediate");
268   // C6.2.4 ADD (immediate)
269   // ADD <Xd|SP>, <Xn|SP>, #<imm>{, <shift>}
270   instruction = ((instruction & 0x001fffff) | 0x91000000);
271   write32le(loc, instruction);
272 }
273 
274 ARM64::ARM64() {
275   cpuType = CPU_TYPE_ARM64;
276   cpuSubtype = CPU_SUBTYPE_ARM64_ALL;
277 
278   stubSize = sizeof(stubCode);
279   stubHelperHeaderSize = sizeof(stubHelperHeaderCode);
280   stubHelperEntrySize = sizeof(stubHelperEntryCode);
281 }
282 
283 TargetInfo *macho::createARM64TargetInfo() {
284   static ARM64 t;
285   return &t;
286 }
287