Skip to content

mold 2.3.0
Compare
Choose a tag to compare
@rui314 rui314 released this 18 Oct 11:12
· 710 commits to main since this release
v2.3.0
6ad942c

mold 2.3.0 is a new release of the high-speed linker.

New features

  • [x86-64] mold 2.3.0 has introduced an experimental flag, -z rewrite-endbr, which rewrites superfluous endbr64 instructions as nop.

    endbr64 is a relatively recent x86 instruction used to mark locations where an indirect jump instruction can transfer control. With control-flow integrity enabled (meaning endbr64 is effective), an indirect jump can only target an endbr64 or it will trigger a runtime exception. This mechanism significantly hinders certain control hijacking attacks, such as ROP or JOP, since attackers cannot jump to just any location.

    When given the -fcf-protection flag, GCC conservatively places an endbr64 at the beginning of every global function. This is because the function's address might be taken as a pointer by other translation units. However, in most cases, function addresses are not actually taken. This conservative approach results in an overabundance of unnecessary endbr64 instructions, leading to not only code bloating but also a potential decrease in security as there are more locations for an attacker to exploit.

    The new linker option, -z rewrite-endbr, aims to alleviate this issue. The linker can carry out a whole-program analysis on the input files to identify functions whose addresses are never taken. If -z rewrite-endbr is specified, mold will conduct this analysis and replace the initial endbr64 with a nop for functions whose addresses aren't taken.

    mold also emits an endbr64 in a PLT entry only when the address of the PLT entry is taken. (17f0d85)

Bug fixes and compatibility improvements

  • mold now produces a more compact .gdb_index section when using the --gdb-index flag. Additionally, mold now generates a correct .gdb_index section for object files created by Clang. (a396fa4)
  • mold is now capable of handling input sections larger than 4 GiB. (0ce32d3)
  • [PPC] mold can now generate executables for POWER10 processors. Previously, executables produced by mold would crash immediately on startup on POWER10. (0f71471)
  • [ARM64] When a function with a non-standard calling convention is exported, it's mandatory for the linker to turn on the STO_AARCH64_VARIANT_PCS flag to notify the dynamic linker. mold now appropriately sets this flag. (2e3b56e)
  • [RISC-V] mold now supports new GP-relative relocations. (ac3ee91)

Acknowledgements

mold is an open-source project, and we accept donations via GitHub Sponsors and OpenCollective. We thank everyone who sponsors our project. In particular, we'd like to acknowledge the following organizations and people who have sponsored $32/mo or more during this release cycle:

Signal Slot Inc.
Mercury
G-Research-OSS
Jinkyu Yi
Emerge Tools
Cybozu, Inc.
jfmontanaro
Steven Noonan
Brett Slatkin
Dougall Johnson
Santiago Pastorino
CubeSoft, Inc.
Rahul Butani
Kyle Lacy
daquexian
Josh Triplett
Kiril Mihaylov

Assets 7
Loading