[v8-dev] Add hinting to improve ASLR for macos (all allocations) and linux (newly added allocation types). (issue 8115014)

cdn Mon, 03 Oct 2011 16:16:41 -0700

Reviewers: Vyacheslav Egorov,

Description:

Add hinting to improve ASLR for macos (all allocations) and linux (newlyadded

allocation types).


TEST=N/A
BUG=1749

Please review this at http://codereview.chromium.org/8115014/

SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/

Affected files:
  M     src/platform-linux.cc
  M     src/platform-macos.cc


Index: src/platform-linux.cc
===================================================================
--- src/platform-linux.cc       (revision 9508)
+++ src/platform-linux.cc       (working copy)
@@ -456,7 +456,8 @@
   int size = ftell(file);

   void* memory =
-      mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0);
+      mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE,
+           MAP_SHARED, fileno(file), 0);
   return new PosixMemoryMappedFile(file, memory, size);
 }

@@ -471,7 +472,8 @@
     return NULL;
   }
   void* memory =
-      mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0);
+      mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE,
+           MAP_SHARED, fileno(file), 0);
   return new PosixMemoryMappedFile(file, memory, size);
 }

@@ -556,8 +558,8 @@
   // kernel log.
   int size = sysconf(_SC_PAGESIZE);
   FILE* f = fopen(kGCFakeMmap, "w+");
-  void* addr = mmap(NULL, size, PROT_READ | PROT_EXEC, MAP_PRIVATE,
-                    fileno(f), 0);
+  void* addr = mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_EXEC,
+                    MAP_PRIVATE, fileno(f), 0);
   ASSERT(addr != MAP_FAILED);
   OS::Free(addr, size);
   fclose(f);
Index: src/platform-macos.cc
===================================================================
--- src/platform-macos.cc       (revision 9508)
+++ src/platform-macos.cc       (working copy)
@@ -92,14 +92,32 @@

 static Mutex* limit_mutex = NULL;

+static void* GetRandomMmapAddr() {
+  Isolate* isolate = Isolate::UncheckedCurrent();
+  // Note that the current isolate isn't set up in a call path via

+ // CpuFeatures::Probe. We don't care about randomization in this casebecause

+  // the code page is immediately freed.
+  if (isolate != NULL) {
+#ifdef V8_TARGET_ARCH_X64
+    uint64_t rnd1 = V8::RandomPrivate(isolate);
+    uint64_t rnd2 = V8::RandomPrivate(isolate);
+    uint64_t rnd2 = V8::RandomPrivate(isolate);
+    raw_addr &= V8_UINT64_C(0x3ffffffff000);
+#else
+    uint32_t raw_addr = V8::RandomPrivate(isolate);
+    // The range 0x20000000 - 0x60000000 is relatively unpopulated on macos
+    // 10.6 and 10.7.
+    raw_addr &= 0x3ffff000;
+    raw_addr += 0x20000000;
+#endif
+    return reinterpret_cast<void*>(raw_addr);
+  }
+  return NULL;
+}

 void OS::Setup() {
-  // Seed the random number generator.

- // Convert the current time to a 64-bit integer first, before convertingit- // to an unsigned. Going directly will cause an overflow and the seed tobe- // set to all ones. The seed will be identical for different instancesthat

-  // call this setup code within the same millisecond.
-  uint64_t seed = static_cast<uint64_t>(TimeCurrentMillis());
+  // Seed the random number generator. We preserve microsecond resolution.
+  uint64_t seed = Ticks() ^ (getpid() << 16);
   srandom(static_cast<unsigned int>(seed));
   limit_mutex = CreateMutex();
 }
@@ -148,7 +166,7 @@
                    bool is_executable) {
   const size_t msize = RoundUp(requested, getpagesize());
   int prot = PROT_READ | PROT_WRITE | (is_executable ? PROT_EXEC : 0);
-  void* mbase = mmap(NULL, msize, prot,
+  void* mbase = mmap(GetRandomMmapAddr(), msize, prot,
                      MAP_PRIVATE | MAP_ANON,
                      kMmapFd, kMmapFdOffset);
   if (mbase == MAP_FAILED) {
@@ -207,7 +225,8 @@
   int size = ftell(file);

   void* memory =
-      mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0);
+      mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE,
+           MAP_SHARED, fileno(file), 0);
   return new PosixMemoryMappedFile(file, memory, size);
 }

@@ -222,7 +241,8 @@
     return NULL;
   }
   void* memory =
-      mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0);
+      mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE,
+           MAP_SHARED, fileno(file), 0);
   return new PosixMemoryMappedFile(file, memory, size);
 }

@@ -346,7 +366,7 @@

ASSERT(IsAligned(alignment,static_cast<intptr_t>(OS::AllocateAlignment())));

   size_t request_size = RoundUp(size + alignment,

static_cast<intptr_t>(OS::AllocateAlignment()));

-  void* reservation = mmap(NULL,
+  void* reservation = mmap(GetRandomMmapAddr(),
                            request_size,
                            PROT_NONE,
                            MAP_PRIVATE | MAP_ANON | MAP_NORESERVE,
@@ -397,7 +417,7 @@


 void* VirtualMemory::ReserveRegion(size_t size) {
-  void* result = mmap(NULL,
+  void* result = mmap(GetRandomMmapAddr(),
                       size,
                       PROT_NONE,
                       MAP_PRIVATE | MAP_ANON | MAP_NORESERVE,


--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

[v8-dev] Add hinting to improve ASLR for macos (all allocations) and linux (newly added allocation types). (issue 8115014)

Reply via email to