qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-21 23:04:39 -07:00
Code Releases Activity

runtime: fix grsec support

Browse Source 
Changeset 36c9c7810f14 broke support for grsec-patched kernels.
Those do not give back the address requested without MAP_FIXED,
so when verifying an mmap without this flag for success, the
resulting address must not be compared against the requested
address since it may have succeeded at a different location.

R=golang-dev, rsc, gustavo, iant
CC=golang-dev
https://golang.org/cl/5650072
This commit is contained in:
Gustavo Niemeyer 2012-02-14 22:09:02 -02:00
parent 977e8d145b
commit 8eee153bc8
1 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/pkg/runtime/mem_linux.c
View File

@ -34,6 +34,21 @@ addrspace_free(void *v, uintptr n)
return 1; return 1;
} }
static void *
mmap_fixed(byte *v, uintptr n, int32 prot, int32 flags, int32 fd, uint32 offset)
{
void *p;
p = runtime·mmap(v, n, prot, flags, fd, offset);
if(p != v && addrspace_free(v, n)) {
// On some systems, mmap ignores v without
// MAP_FIXED, so retry if the address space is free.
if(p > (void*)4096)
runtime·munmap(p, n);
p = runtime·mmap(v, n, prot, flags|MAP_FIXED, fd, offset);
}
return p;
}
void* void*
runtime·SysAlloc(uintptr n) runtime·SysAlloc(uintptr n)
@ -76,20 +91,16 @@ runtime·SysReserve(void *v, uintptr n)
// if we can reserve at least 64K and check the assumption in SysMap. // if we can reserve at least 64K and check the assumption in SysMap.
// Only user-mode Linux (UML) rejects these requests. // Only user-mode Linux (UML) rejects these requests.
if(sizeof(void*) == 8 && (uintptr)v >= 0xffffffffU) { if(sizeof(void*) == 8 && (uintptr)v >= 0xffffffffU) {
p = runtime·mmap(v, 64<<10, PROT_NONE, MAP_ANON|MAP_PRIVATE, -1, 0); p = mmap_fixed(v, 64<<10, PROT_NONE, MAP_ANON|MAP_PRIVATE, -1, 0);
if (p != v) { if (p != v)
return nil; return nil;
}
runtime·munmap(p, 64<<10); runtime·munmap(p, 64<<10);
return v; return v;
} }
p = runtime·mmap(v, n, PROT_NONE, MAP_ANON|MAP_PRIVATE, -1, 0); p = runtime·mmap(v, n, PROT_NONE, MAP_ANON|MAP_PRIVATE, -1, 0);
if((uintptr)p < 4096 || -(uintptr)p < 4096) { if((uintptr)p < 4096 || -(uintptr)p < 4096)
return nil; return nil;
}
return p; return p;
} }
@ -102,15 +113,7 @@ runtime·SysMap(void *v, uintptr n)
// On 64-bit, we don't actually have v reserved, so tread carefully. // On 64-bit, we don't actually have v reserved, so tread carefully.
if(sizeof(void*) == 8 && (uintptr)v >= 0xffffffffU) { if(sizeof(void*) == 8 && (uintptr)v >= 0xffffffffU) {
p = runtime·mmap(v, n, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_ANON|MAP_PRIVATE, -1, 0); p = mmap_fixed(v, n, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_ANON|MAP_PRIVATE, -1, 0);
if(p != v && addrspace_free(v, n)) {
// On some systems, mmap ignores v without
// MAP_FIXED, so retry if the address space is free.
if(p > (void*)4096) {
runtime·munmap(p, n);
}
p = runtime·mmap(v, n, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_ANON|MAP_FIXED|MAP_PRIVATE, -1, 0);
}
if(p == (void*)ENOMEM) if(p == (void*)ENOMEM)
runtime·throw("runtime: out of memory"); runtime·throw("runtime: out of memory");
if(p != v) { if(p != v) {