Chromium Code Reviews Chromium Code Reviews
Issue 8115014:
Add hinting to improve ASLR for macos (all allocations) and linux (newly added allocation types). (Closed)
Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/| Index: src/platform-macos.cc |
| =================================================================== |
| --- src/platform-macos.cc (revision 9508) |
| +++ src/platform-macos.cc (working copy) |
| @@ -92,14 +92,32 @@ |
| static Mutex* limit_mutex = NULL; |
| +static void* GetRandomMmapAddr() { |
|
Vyacheslav Egorov (Chromium)
2011/10/04 09:18:33
consider moving somewhere (e.g. platfrom-posix.cc)
Cris Neckar
2011/10/04 19:20:47
Done.
|
| + Isolate* isolate = Isolate::UncheckedCurrent(); |
| + // Note that the current isolate isn't set up in a call path via |
| + // CpuFeatures::Probe. We don't care about randomization in this case because |
| + // the code page is immediately freed. |
| + if (isolate != NULL) { |
| +#ifdef V8_TARGET_ARCH_X64 |
| + uint64_t rnd1 = V8::RandomPrivate(isolate); |
| + uint64_t rnd2 = V8::RandomPrivate(isolate); |
| + uint64_t rnd2 = V8::RandomPrivate(isolate); |
| + raw_addr &= V8_UINT64_C(0x3ffffffff000); |
| +#else |
| + uint32_t raw_addr = V8::RandomPrivate(isolate); |
| + // The range 0x20000000 - 0x60000000 is relatively unpopulated on macos |
| + // 10.6 and 10.7. |
| + raw_addr &= 0x3ffff000; |
| + raw_addr += 0x20000000; |
| +#endif |
| + return reinterpret_cast<void*>(raw_addr); |
| + } |
| + return NULL; |
| +} |
| void OS::Setup() { |
| - // Seed the random number generator. |
| - // Convert the current time to a 64-bit integer first, before converting it |
| - // to an unsigned. Going directly will cause an overflow and the seed to be |
| - // set to all ones. The seed will be identical for different instances that |
| - // call this setup code within the same millisecond. |
| - uint64_t seed = static_cast<uint64_t>(TimeCurrentMillis()); |
| + // Seed the random number generator. We preserve microsecond resolution. |
| + uint64_t seed = Ticks() ^ (getpid() << 16); |
| srandom(static_cast<unsigned int>(seed)); |
| limit_mutex = CreateMutex(); |
| } |
| @@ -148,7 +166,7 @@ |
| bool is_executable) { |
| const size_t msize = RoundUp(requested, getpagesize()); |
| int prot = PROT_READ | PROT_WRITE | (is_executable ? PROT_EXEC : 0); |
| - void* mbase = mmap(NULL, msize, prot, |
| + void* mbase = mmap(GetRandomMmapAddr(), msize, prot, |
|
Vyacheslav Egorov (Chromium)
2011/10/04 09:18:33
formatting: one argument per line
Cris Neckar
2011/10/04 19:20:47
Done.
|
| MAP_PRIVATE | MAP_ANON, |
| kMmapFd, kMmapFdOffset); |
| if (mbase == MAP_FAILED) { |
| @@ -207,7 +225,8 @@ |
| int size = ftell(file); |
| void* memory = |
| - mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0); |
| + mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE, |
|
Vyacheslav Egorov (Chromium)
2011/10/04 09:18:33
formatting: one argument per line
Cris Neckar
2011/10/04 19:20:47
Done.
|
| + MAP_SHARED, fileno(file), 0); |
| return new PosixMemoryMappedFile(file, memory, size); |
| } |
| @@ -222,7 +241,8 @@ |
| return NULL; |
| } |
| void* memory = |
| - mmap(0, size, PROT_READ | PROT_WRITE, MAP_SHARED, fileno(file), 0); |
| + mmap(GetRandomMmapAddr(), size, PROT_READ | PROT_WRITE, |
|
Vyacheslav Egorov (Chromium)
2011/10/04 09:18:33
formatting: one argument per line
Cris Neckar
2011/10/04 19:20:47
Done.
|
| + MAP_SHARED, fileno(file), 0); |
| return new PosixMemoryMappedFile(file, memory, size); |
| } |
| @@ -346,7 +366,7 @@ |
| ASSERT(IsAligned(alignment, static_cast<intptr_t>(OS::AllocateAlignment()))); |
| size_t request_size = RoundUp(size + alignment, |
| static_cast<intptr_t>(OS::AllocateAlignment())); |
| - void* reservation = mmap(NULL, |
| + void* reservation = mmap(GetRandomMmapAddr(), |
| request_size, |
| PROT_NONE, |
| MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, |
| @@ -397,7 +417,7 @@ |
| void* VirtualMemory::ReserveRegion(size_t size) { |
| - void* result = mmap(NULL, |
| + void* result = mmap(GetRandomMmapAddr(), |
| size, |
| PROT_NONE, |
| MAP_PRIVATE | MAP_ANON | MAP_NORESERVE, |
