[webkit-changes] [WebKit/WebKit] 341e30: Remove OSAllocator's legacy manual impl of ASLR on...

Wed, 11 Sep 2024 08:57:16 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 341e30e628ef34306363a6af1ee18ea4a4955088
      
https://github.com/WebKit/WebKit/commit/341e30e628ef34306363a6af1ee18ea4a4955088
  Author: Marcus Plutowski <[email protected]>
  Date:   2024-09-11 (Wed, 11 Sep 2024)

  Changed paths:
    M Source/WTF/wtf/posix/OSAllocatorPOSIX.cpp

  Log Message:
  -----------
  Remove OSAllocator's legacy manual impl of ASLR on x86
https://bugs.webkit.org/show_bug.cgi?id=279273
rdar://135430256

Reviewed by Yusuke Suzuki and Sam Weinig.

This has not been necessary for a long time: if you pass mmap a nullptr
for the address, the kernel will select a suitably random location on
its own.
Doing it ourselves is bad for multiple reasons:
 1) it’s slower,
 2) it's confusing,
 3) selecting a specific location in memory is generally suspicious, and
    could stress kernel-internal code paths which are not used much
    elsewhere -- increasing the likelihood of running into a bug.

However, this situation does raise the specter of Chesterton’s Fence: if
the OS does this automatically, then why did we ever implement code to
do it ourselves? The answer is that this code is just really old: the
first patch adding this to the codebase (34933@main) was committed in
April 2009, and the code has not been touched since December 2010
(63979@main). ASLR was only implemented on Mac OS X in version 10.5
(Leopard, released October 2007) and only expanded to cover all
applications in 10.7 (Lion, July 2011). So this code was written during
a time when we _did_ need to implement it ourselves; as that is no
longer the case, we should stop doing so.

* Source/WTF/wtf/posix/OSAllocatorPOSIX.cpp:
(WTF::OSAllocator::tryReserveAndCommit): stop rolling our own ASLR

Canonical link: https://commits.webkit.org/283483@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to