Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(833)

Unified Diff: base/security_unittest.cc

Issue 12093035: TCMalloc: support userland ASLR on Linux (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Only use "half" of the address space for ASLR. Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: base/security_unittest.cc
diff --git a/base/security_unittest.cc b/base/security_unittest.cc
index 5db18fdfe457ad132092e7cdcb188c12d6ead3b0..04efdc4252db9c5af9260dcfd448958df548b670 100644
--- a/base/security_unittest.cc
+++ b/base/security_unittest.cc
@@ -2,9 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
+#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
#include <algorithm>
#include <limits>
@@ -100,4 +103,55 @@ TEST(SecurityTest, ALLOC_TEST(MemoryAllocationRestrictionsNewArray)) {
}
}
+#if (defined(OS_LINUX) || defined(OS_CHROMEOS)) && defined(__x86_64__)
+// Useful for debugging.
+void PrintProcSelfMaps() {
+ int fd = open("/proc/self/maps", O_RDONLY);
+ ASSERT_GE(fd, 0);
+ char buffer[1<<13];
+ int ret;
+ ret = read(fd, buffer, sizeof(buffer) - 1);
+ ASSERT_GT(ret, 0);
+ buffer[ret - 1] = 0;
+ fprintf(stdout, "%s\n", buffer);
+}
+
+// Check if TCMalloc uses an underlying random memory allocator.
+TEST(SecurityTest, ALLOC_TEST(RandomMemoryAllocations)) {
Chris Evans 2013/01/29 06:10:58 This test seems complicated to me. Can you just d
jln (very slow on Chromium) 2013/01/29 06:23:46 1GB is a bit special. That's where we would magica
+ if (IsTcMallocBypassed())
+ return;
+ // Two successive calls to mmap() have roughly one chance out of 2^6 to be
+ // detected as having the same order. With 32 allocations, we see ~16 that
+ // trigger a call to mmap, so the chances of this test flaking is roughly
+ // 2^-(6*15), i.e. virtually impossible.
+ const int kAllocNumber = 32;
+ bool is_contiguous = true;
+ // Make kAllocNumber successive allocations of growing size and compare the
+ // successive pointers to detect adjacent mappings. We grow the size because
+ // TCMalloc can sometimes over-allocate.
+ scoped_ptr<char, base::FreeDeleter> ptr[kAllocNumber];
+ for (int i = 0; i < kAllocNumber; ++i) {
+ // Grow the Malloc size slightly sub-exponentially.
+ const size_t kMallocSize = 1 << (12 + (i>>1));
+ ptr[i].reset(static_cast<char*>(malloc(kMallocSize)));
+ ASSERT_TRUE(ptr[i] != NULL);
+ if (i > 0) {
+ // Without mmap randomization, the two high order nibbles
+ // of a 47 bits userland address address will be identical.
+ const size_t kHighOrderMask = 0xff0000000000;
+ bool pointer_have_same_high_order =
+ (reinterpret_cast<size_t>(ptr[i].get()) & kHighOrderMask) ==
+ (reinterpret_cast<size_t>(ptr[i - 1].get()) & kHighOrderMask);
+ if (!pointer_have_same_high_order) {
+ // PrintProcSelfMaps();
+ is_contiguous = false;
+ break;
+ }
+ }
+ }
+ ASSERT_FALSE(is_contiguous);
+}
+
+#endif // (defined(OS_LINUX) || defined(OS_CHROMEOS)) && defined(__x86_64__)
+
} // namespace
« no previous file with comments | « no previous file | third_party/tcmalloc/chromium/src/system-alloc.cc » ('j') | third_party/tcmalloc/chromium/src/system-alloc.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698