diff mbox series

[RFC,2/3] malloc: always use mmap() to improve ASLR

Message ID	20201004130938.64575-3-toiwoton@gmail.com
State	Superseded
Headers	DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 0E64D3840C2F To: libc-alpha@sourceware.org Subject: [RFC PATCH 2/3] malloc: always use mmap() to improve ASLR Date: Sun, 4 Oct 2020 16:09:37 +0300 Message-Id: <20201004130938.64575-3-toiwoton@gmail.com> In-Reply-To: <20201004130938.64575-1-toiwoton@gmail.com> References: <20201004130938.64575-1-toiwoton@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list From: Topi Miettinen via Libc-alpha <libc-alpha@sourceware.org> Reply-To: Topi Miettinen <toiwoton@gmail.com> Cc: Topi Miettinen <toiwoton@gmail.com> Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces@sourceware.org>
Series	Improved ALSR \| [RFC,0/3] Improved ALSR [RFC,1/3] csu: randomize location of TCB [RFC,2/3] malloc: always use mmap() to improve ASLR [RFC,3/3] dl-sysdep: disable remaining calls to sbrk()

Commit Message

Topi Miettinen Oct. 4, 2020, 1:09 p.m. UTC

  sbrk() returns rather predictable allocations because they are located
close to the data segment. Let's always use mmap() instead.

RFC: How to do this properly?

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
---
 malloc/arena.c    |  5 ++++-
 malloc/malloc.c   | 16 +++++++++++++---
 malloc/morecore.c |  2 ++
 3 files changed, 19 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/malloc/arena.c b/malloc/arena.c
index cecdb7f4c4..f88db5f248 100644
--- a/malloc/arena.c
+++ b/malloc/arena.c
@@ -273,7 +273,7 @@  next_env_entry (char ***position)
 }
 #endif
 
-
+#if 0
 #ifdef SHARED
 static void *
 __failing_morecore (ptrdiff_t d)
@@ -284,6 +284,7 @@  __failing_morecore (ptrdiff_t d)
 extern struct dl_open_hook *_dl_open_hook;
 libc_hidden_proto (_dl_open_hook);
 #endif
+#endif
 
 static void
 ptmalloc_init (void)
@@ -293,6 +294,7 @@  ptmalloc_init (void)
 
   __malloc_initialized = 0;
 
+#if 0
 #ifdef SHARED
   /* In case this libc copy is in a non-default namespace, never use brk.
      Likewise if dlopened from statically linked program.  */
@@ -303,6 +305,7 @@  ptmalloc_init (void)
       || (_dl_addr (ptmalloc_init, &di, &l, NULL) != 0
           && l->l_ns != LM_ID_BASE))
     __morecore = __failing_morecore;
+#endif
 #endif
 
   thread_arena = &main_arena;
diff --git a/malloc/malloc.c b/malloc/malloc.c
index cd9933b4e5..2f894b9c60 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -371,13 +371,23 @@  __malloc_assert (const char *assertion, const char *file, unsigned int line,
 #define TRIM_FASTBINS  0
 #endif
 
-
+#if 0
 /* Definition for getting more memory from the OS.  */
 #define MORECORE         (*__morecore)
 #define MORECORE_FAILURE 0
 void * __default_morecore (ptrdiff_t);
 void *(*__morecore)(ptrdiff_t) = __default_morecore;
-
+#else
+#define MORECORE_FAILURE (-1)
+#define MORECORE(x)         (MORECORE_FAILURE)
+static void *
+__failing_morecore2 (ptrdiff_t d)
+{
+  return (void *) MORECORE_FAILURE;
+}
+void *(*__morecore)(ptrdiff_t) = __failing_morecore2;
+#define MORECORE_CONTIGUOUS 0
+#endif
 
 #include <string.h>
 
@@ -2796,7 +2806,7 @@  systrim (size_t pad, mstate av)
          some downstream failure.)
        */
 
-      MORECORE (-extra);
+      (void) MORECORE (-extra);
       /* Call the `morecore' hook if necessary.  */
       void (*hook) (void) = atomic_forced_read (__after_morecore_hook);
       if (__builtin_expect (hook != NULL, 0))
diff --git a/malloc/morecore.c b/malloc/morecore.c
index 72e655f84f..931b37e41f 100644
--- a/malloc/morecore.c
+++ b/malloc/morecore.c
@@ -15,6 +15,7 @@ 
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#if 0
 #ifndef _MALLOC_INTERNAL
 # define _MALLOC_INTERNAL
 # include <malloc.h>
@@ -51,3 +52,4 @@  __default_morecore (ptrdiff_t increment)
   return result;
 }
 libc_hidden_def (__default_morecore)
+#endif