[2/4] malloc: use mmap() to improve ASLR
Commit Message
sbrk() returns rather predictable allocations because they are located
close to the data segment. Let's use mmap() instead, except if
instructed by a tunable.
--
v2: use tunable
---
malloc/arena.c | 11 +++++++++--
malloc/morecore.c | 10 ++++++++++
2 files changed, 19 insertions(+), 2 deletions(-)
@@ -295,14 +295,21 @@ ptmalloc_init (void)
#ifdef SHARED
/* In case this libc copy is in a non-default namespace, never use brk.
- Likewise if dlopened from statically linked program. */
+ Likewise if dlopened from statically linked program.
+ Otherwise the use of brk is controlled by a tunable
+ glibc.malloc.use_sbrk. */
Dl_info di;
struct link_map *l;
if (_dl_open_hook != NULL
|| (_dl_addr (ptmalloc_init, &di, &l, NULL) != 0
- && l->l_ns != LM_ID_BASE))
+ && l->l_ns != LM_ID_BASE)
+#if HAVE_TUNABLES
+ || !TUNABLE_GET (use_sbrk, int32_t, NULL)
+#endif
+ )
__morecore = __failing_morecore;
+
#endif
thread_arena = &main_arena;
@@ -38,12 +38,22 @@ libc_hidden_proto (__sbrk)
# define NULL 0
#endif
+#if HAVE_TUNABLES
+# define TUNABLE_NAMESPACE malloc
+#endif
+#include <elf/dl-tunables.h>
+
/* Allocate INCREMENT more bytes of data space,
and return the start of data space, or NULL on errors.
If INCREMENT is negative, shrink data space. */
void *
__default_morecore (ptrdiff_t increment)
{
+ /* Tunable glibc.malloc.use_sbrk controls use of 'sbrk()'. */
+#if HAVE_TUNABLES
+ if (!TUNABLE_GET (use_sbrk, int32_t, NULL))
+ return NULL;
+#endif
void *result = (void *) __sbrk (increment);
if (result == (void *) -1)
return NULL;