From patchwork Sun Oct  4 13:09:37 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Topi Miettinen <toiwoton@gmail.com>
X-Patchwork-Id: 40659
Return-Path: <libc-alpha-bounces@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 3ED08394CC3F;
	Sun,  4 Oct 2020 13:10:02 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3ED08394CC3F
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1601817002;
	bh=lzEtFLwV+16jLHVuUKNE6UfYIEXHR2X5pOW72ok//bY=;
	h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=Jjx1LLecsyOgvqMfpHmfAywh7Yjiv/wWkDkK7l2HRNo4a3wdaZutORzxLosAvY9iu
	 Ot6ONTkkfEHmY4Bb+8XOpa8c6kx+QDK/froa/l3DweH/jv3jjoOHec1M6YiEHjcKEr
	 rhQYgSDHAH5QjptlvzGs0QZab7OUgn75YpVdlWxg=
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-lf1-x144.google.com (mail-lf1-x144.google.com
 [IPv6:2a00:1450:4864:20::144])
 by sourceware.org (Postfix) with ESMTPS id 0E64D3840C2F
 for <libc-alpha@sourceware.org>; Sun,  4 Oct 2020 13:09:58 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 0E64D3840C2F
Received: by mail-lf1-x144.google.com with SMTP id d24so3743672lfa.8
 for <libc-alpha@sourceware.org>; Sun, 04 Oct 2020 06:09:57 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=lzEtFLwV+16jLHVuUKNE6UfYIEXHR2X5pOW72ok//bY=;
 b=KEKzgfBZKxYCeFw1SgGGNBk7n/j9RThqnrBy7nwNENrf2QY2WJMJqp0QvDb8DJr7dO
 AHyU5my7V8Duax/avKbPoBC2DRZDumTGkY1BdXINjXJjOcDF1D+DcAcjzhtpLwrLrzAy
 1Qjd+94KwoEVqPJPfGuXTj+5a4B2MkD/lHIkVTemYuweyimSLqyOm78X89u010doBA6q
 OQLlqqiVpAO+adXsiSmY0JOEe/5B+1EGFRxYVHhB3HEcOvm7ELZXbAdNRS0Jvv6U8atS
 Zcxvv3wE5ZIskwm26rcnL3LLeJ6OdV10FluZorDb9E+YPf8Q6+YFtt/gvkmJxhMUElak
 DWcg==
X-Gm-Message-State: AOAM530j307RKKhD1w5Wk2XdmvkREh83qagSy9SaLQCiJSsp3N3JtmyT
 +AyowtvqfMG/Ktvcn79US1CKDfxumDE=
X-Google-Smtp-Source: 
 ABdhPJyhx17UWpSmc0+Nh6ps4lyCfPHXAjMrxJfP5+92aCN99dswn/gXEYa+F8R6mnG3KXsS63l3zQ==
X-Received: by 2002:ac2:50cd:: with SMTP id h13mr3767020lfm.437.1601816996565;
 Sun, 04 Oct 2020 06:09:56 -0700 (PDT)
Received: from localhost.localdomain (88-114-211-119.elisa-laajakaista.fi.
 [88.114.211.119])
 by smtp.gmail.com with ESMTPSA id i7sm2264454ljb.44.2020.10.04.06.09.55
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 04 Oct 2020 06:09:56 -0700 (PDT)
To: libc-alpha@sourceware.org
Subject: [RFC PATCH 2/3] malloc: always use mmap() to improve ASLR
Date: Sun,  4 Oct 2020 16:09:37 +0300
Message-Id: <20201004130938.64575-3-toiwoton@gmail.com>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20201004130938.64575-1-toiwoton@gmail.com>
References: <20201004130938.64575-1-toiwoton@gmail.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-9.7 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-Patchwork-Original-From: Topi Miettinen via Libc-alpha
 <libc-alpha@sourceware.org>
From: Topi Miettinen <toiwoton@gmail.com>
Reply-To: Topi Miettinen <toiwoton@gmail.com>
Cc: Topi Miettinen <toiwoton@gmail.com>
Errors-To: libc-alpha-bounces@sourceware.org
Sender: "Libc-alpha" <libc-alpha-bounces@sourceware.org>

sbrk() returns rather predictable allocations because they are located
close to the data segment. Let's always use mmap() instead.

RFC: How to do this properly?

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
---
 malloc/arena.c    |  5 ++++-
 malloc/malloc.c   | 16 +++++++++++++---
 malloc/morecore.c |  2 ++
 3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/malloc/arena.c b/malloc/arena.c
index cecdb7f4c4..f88db5f248 100644
--- a/malloc/arena.c
+++ b/malloc/arena.c
@@ -273,7 +273,7 @@ next_env_entry (char ***position)
 }
 #endif
 
-
+#if 0
 #ifdef SHARED
 static void *
 __failing_morecore (ptrdiff_t d)
@@ -284,6 +284,7 @@ __failing_morecore (ptrdiff_t d)
 extern struct dl_open_hook *_dl_open_hook;
 libc_hidden_proto (_dl_open_hook);
 #endif
+#endif
 
 static void
 ptmalloc_init (void)
@@ -293,6 +294,7 @@ ptmalloc_init (void)
 
   __malloc_initialized = 0;
 
+#if 0
 #ifdef SHARED
   /* In case this libc copy is in a non-default namespace, never use brk.
      Likewise if dlopened from statically linked program.  */
@@ -303,6 +305,7 @@ ptmalloc_init (void)
       || (_dl_addr (ptmalloc_init, &di, &l, NULL) != 0
           && l->l_ns != LM_ID_BASE))
     __morecore = __failing_morecore;
+#endif
 #endif
 
   thread_arena = &main_arena;
diff --git a/malloc/malloc.c b/malloc/malloc.c
index cd9933b4e5..2f894b9c60 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -371,13 +371,23 @@ __malloc_assert (const char *assertion, const char *file, unsigned int line,
 #define TRIM_FASTBINS  0
 #endif
 
-
+#if 0
 /* Definition for getting more memory from the OS.  */
 #define MORECORE         (*__morecore)
 #define MORECORE_FAILURE 0
 void * __default_morecore (ptrdiff_t);
 void *(*__morecore)(ptrdiff_t) = __default_morecore;
-
+#else
+#define MORECORE_FAILURE (-1)
+#define MORECORE(x)         (MORECORE_FAILURE)
+static void *
+__failing_morecore2 (ptrdiff_t d)
+{
+  return (void *) MORECORE_FAILURE;
+}
+void *(*__morecore)(ptrdiff_t) = __failing_morecore2;
+#define MORECORE_CONTIGUOUS 0
+#endif
 
 #include <string.h>
 
@@ -2796,7 +2806,7 @@ systrim (size_t pad, mstate av)
          some downstream failure.)
        */
 
-      MORECORE (-extra);
+      (void) MORECORE (-extra);
       /* Call the `morecore' hook if necessary.  */
       void (*hook) (void) = atomic_forced_read (__after_morecore_hook);
       if (__builtin_expect (hook != NULL, 0))
diff --git a/malloc/morecore.c b/malloc/morecore.c
index 72e655f84f..931b37e41f 100644
--- a/malloc/morecore.c
+++ b/malloc/morecore.c
@@ -15,6 +15,7 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#if 0
 #ifndef _MALLOC_INTERNAL
 # define _MALLOC_INTERNAL
 # include <malloc.h>
@@ -51,3 +52,4 @@ __default_morecore (ptrdiff_t increment)
   return result;
 }
 libc_hidden_def (__default_morecore)
+#endif