Print this page
Code review comments from jeffpc
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.


   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26 
  27 #pragma ident   "%Z%%M% %I%     %E% SMI"
  28 
  29 #pragma weak _sbrk = sbrk
  30 #pragma weak _brk = brk
  31 
  32 #include "lint.h"
  33 #include <synch.h>
  34 #include <errno.h>
  35 #include <sys/isa_defs.h>
  36 #include <sys/types.h>
  37 #include <sys/sysmacros.h>
  38 #include <inttypes.h>
  39 #include <unistd.h>
  40 #include "mtlib.h"
  41 #include "libc.h"
  42 
  43 extern int _end;
  44 void *_nd = &_end;
  45 mutex_t __sbrk_lock = DEFAULTMUTEX;
  46 
  47 extern int _brk_unlocked(void *);
  48 extern void *_sbrk_unlocked(intptr_t);
  49 
  50 /*
  51  * The break must always be at least 8-byte aligned
  52  */
  53 #if (_MAX_ALIGNMENT < 8)
  54 #define ALIGNSZ         8
  55 #else
  56 #define ALIGNSZ         _MAX_ALIGNMENT
  57 #endif
  58 
  59 #define BRKALIGN(x)     (caddr_t)P2ROUNDUP((uintptr_t)(x), ALIGNSZ)
  60 
  61 void *
  62 sbrk(intptr_t addend)
  63 {
  64         void *result;
  65 
  66         if (!primary_link_map) {
  67                 errno = ENOTSUP;
  68                 return ((void *)-1);


  70         lmutex_lock(&__sbrk_lock);
  71         result = _sbrk_unlocked(addend);
  72         lmutex_unlock(&__sbrk_lock);
  73 
  74         return (result);
  75 }
  76 
  77 /*
  78  * _sbrk_unlocked() aligns the old break, adds the addend, aligns
  79  * the new break, and calls _brk_unlocked() to set the new break.
  80  * We must align the old break because _nd may begin life misaligned.
  81  * The addend can be either positive or negative, so there are two
  82  * overflow/underflow edge conditions to reject:
  83  *
  84  *   - the addend is negative and brk + addend < 0.
  85  *   - the addend is positive and brk + addend > ULONG_MAX
  86  */
  87 void *
  88 _sbrk_unlocked(intptr_t addend)
  89 {
  90         char *old_brk = BRKALIGN(_nd);
  91         char *new_brk = BRKALIGN(old_brk + addend);







  92 
  93         if ((addend > 0 && new_brk < old_brk) ||
  94             (addend < 0 && new_brk > old_brk)) {
  95                 errno = ENOMEM;
  96                 return ((void *)-1);
  97         }
  98         if (_brk_unlocked(new_brk) != 0)
  99                 return ((void *)-1);
 100         _nd = new_brk;
 101         return (old_brk);
 102 }
 103 
 104 /*
 105  * _sbrk_grow_aligned() aligns the old break to a low_align boundry,
 106  * adds min_size, aligns to a high_align boundry, and calls _brk_unlocked()
 107  * to set the new break.  The low_aligned-aligned value is returned, and
 108  * the actual space allocated is returned through actual_size.
 109  *
 110  * Unlike sbrk(2), _sbrk_grow_aligned takes an unsigned size, and does
 111  * not allow shrinking the heap.
 112  */
 113 void *
 114 _sbrk_grow_aligned(size_t min_size, size_t low_align, size_t high_align,
 115     size_t *actual_size)
 116 {
 117         uintptr_t old_brk;
 118         uintptr_t ret_brk;
 119         uintptr_t high_brk;
 120         uintptr_t new_brk;
 121         int brk_result;
 122 
 123         if (!primary_link_map) {
 124                 errno = ENOTSUP;
 125                 return ((void *)-1);
 126         }
 127         if ((low_align & (low_align - 1)) != 0 ||
 128             (high_align & (high_align - 1)) != 0) {
 129                 errno = EINVAL;
 130                 return ((void *)-1);
 131         }
 132         low_align = MAX(low_align, ALIGNSZ);
 133         high_align = MAX(high_align, ALIGNSZ);
 134 
 135         lmutex_lock(&__sbrk_lock);
 136 



 137         old_brk = (uintptr_t)BRKALIGN(_nd);
 138         ret_brk = P2ROUNDUP(old_brk, low_align);
 139         high_brk = ret_brk + min_size;
 140         new_brk = P2ROUNDUP(high_brk, high_align);
 141 
 142         /*
 143          * Check for overflow
 144          */
 145         if (ret_brk < old_brk || high_brk < ret_brk || new_brk < high_brk) {
 146                 lmutex_unlock(&__sbrk_lock);
 147                 errno = ENOMEM;
 148                 return ((void *)-1);
 149         }
 150 
 151         if ((brk_result = _brk_unlocked((void *)new_brk)) == 0)
 152                 _nd = (void *)new_brk;
 153         lmutex_unlock(&__sbrk_lock);
 154 
 155         if (brk_result != 0)
 156                 return ((void *)-1);
 157 
 158         if (actual_size != NULL)
 159                 *actual_size = (new_brk - ret_brk);
 160         return ((void *)ret_brk);
 161 }
 162 
 163 int
 164 brk(void *new_brk)
 165 {
 166         int result;









 167 
 168         if (!primary_link_map) {
 169                 errno = ENOTSUP;
 170                 return (-1);
 171         }
 172         /*
 173          * Need to align this here;  _brk_unlocked won't do it for us.
 174          */
 175         new_brk = BRKALIGN(new_brk);
 176 
 177         lmutex_lock(&__sbrk_lock);
 178         if ((result = _brk_unlocked(new_brk)) == 0)
 179                 _nd = new_brk;
 180         lmutex_unlock(&__sbrk_lock);
 181 
 182         return (result);
 183 }


   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26 


  27 #pragma weak _sbrk = sbrk
  28 #pragma weak _brk = brk
  29 
  30 #include "lint.h"
  31 #include <synch.h>
  32 #include <errno.h>
  33 #include <sys/isa_defs.h>
  34 #include <sys/types.h>
  35 #include <sys/sysmacros.h>
  36 #include <inttypes.h>
  37 #include <unistd.h>
  38 #include "mtlib.h"
  39 #include "libc.h"
  40 
  41 void *_nd = NULL;

  42 mutex_t __sbrk_lock = DEFAULTMUTEX;
  43 
  44 extern intptr_t _brk_unlocked(void *);
  45 void *_sbrk_unlocked(intptr_t);
  46 
  47 /*
  48  * The break must always be at least 8-byte aligned
  49  */
  50 #if (_MAX_ALIGNMENT < 8)
  51 #define ALIGNSZ         8
  52 #else
  53 #define ALIGNSZ         _MAX_ALIGNMENT
  54 #endif
  55 
  56 #define BRKALIGN(x)     (caddr_t)P2ROUNDUP((uintptr_t)(x), ALIGNSZ)
  57 
  58 void *
  59 sbrk(intptr_t addend)
  60 {
  61         void *result;
  62 
  63         if (!primary_link_map) {
  64                 errno = ENOTSUP;
  65                 return ((void *)-1);


  67         lmutex_lock(&__sbrk_lock);
  68         result = _sbrk_unlocked(addend);
  69         lmutex_unlock(&__sbrk_lock);
  70 
  71         return (result);
  72 }
  73 
  74 /*
  75  * _sbrk_unlocked() aligns the old break, adds the addend, aligns
  76  * the new break, and calls _brk_unlocked() to set the new break.
  77  * We must align the old break because _nd may begin life misaligned.
  78  * The addend can be either positive or negative, so there are two
  79  * overflow/underflow edge conditions to reject:
  80  *
  81  *   - the addend is negative and brk + addend < 0.
  82  *   - the addend is positive and brk + addend > ULONG_MAX
  83  */
  84 void *
  85 _sbrk_unlocked(intptr_t addend)
  86 {
  87         char *old_brk;
  88         char *new_brk;
  89 
  90         if (_nd == NULL) {
  91                 _nd = (void *)_brk_unlocked(0);
  92         }
  93 
  94         old_brk = BRKALIGN(_nd);
  95         new_brk = BRKALIGN(old_brk + addend);
  96 
  97         if ((addend > 0 && new_brk < old_brk) ||
  98             (addend < 0 && new_brk > old_brk)) {
  99                 errno = ENOMEM;
 100                 return ((void *)-1);
 101         }
 102         if (_brk_unlocked(new_brk) != 0)
 103                 return ((void *)-1);
 104         _nd = new_brk;
 105         return (old_brk);
 106 }
 107 
 108 /*
 109  * _sbrk_grow_aligned() aligns the old break to a low_align boundry,
 110  * adds min_size, aligns to a high_align boundry, and calls _brk_unlocked()
 111  * to set the new break.  The low_aligned-aligned value is returned, and
 112  * the actual space allocated is returned through actual_size.
 113  *
 114  * Unlike sbrk(2), _sbrk_grow_aligned takes an unsigned size, and does
 115  * not allow shrinking the heap.
 116  */
 117 void *
 118 _sbrk_grow_aligned(size_t min_size, size_t low_align, size_t high_align,
 119     size_t *actual_size)
 120 {
 121         uintptr_t old_brk;
 122         uintptr_t ret_brk;
 123         uintptr_t high_brk;
 124         uintptr_t new_brk;
 125         intptr_t brk_result;
 126 
 127         if (!primary_link_map) {
 128                 errno = ENOTSUP;
 129                 return ((void *)-1);
 130         }
 131         if ((low_align & (low_align - 1)) != 0 ||
 132             (high_align & (high_align - 1)) != 0) {
 133                 errno = EINVAL;
 134                 return ((void *)-1);
 135         }
 136         low_align = MAX(low_align, ALIGNSZ);
 137         high_align = MAX(high_align, ALIGNSZ);
 138 
 139         lmutex_lock(&__sbrk_lock);
 140 
 141         if (_nd == NULL)
 142                 _nd = (void *)_brk_unlocked(0);
 143 
 144         old_brk = (uintptr_t)BRKALIGN(_nd);
 145         ret_brk = P2ROUNDUP(old_brk, low_align);
 146         high_brk = ret_brk + min_size;
 147         new_brk = P2ROUNDUP(high_brk, high_align);
 148 
 149         /*
 150          * Check for overflow
 151          */
 152         if (ret_brk < old_brk || high_brk < ret_brk || new_brk < high_brk) {
 153                 lmutex_unlock(&__sbrk_lock);
 154                 errno = ENOMEM;
 155                 return ((void *)-1);
 156         }
 157 
 158         if ((brk_result = _brk_unlocked((void *)new_brk)) == 0)
 159                 _nd = (void *)new_brk;
 160         lmutex_unlock(&__sbrk_lock);
 161 
 162         if (brk_result != 0)
 163                 return ((void *)-1);
 164 
 165         if (actual_size != NULL)
 166                 *actual_size = (new_brk - ret_brk);
 167         return ((void *)ret_brk);
 168 }
 169 
 170 int
 171 brk(void *new_brk)
 172 {
 173         intptr_t result;
 174 
 175         /*
 176          * brk(2) will return the current brk if given an argument of 0, so we
 177          * need to fail it here
 178          */
 179         if (new_brk == 0) {
 180                 errno = ENOMEM;
 181                 return (-1);
 182         }
 183 
 184         if (!primary_link_map) {
 185                 errno = ENOTSUP;
 186                 return (-1);
 187         }
 188         /*
 189          * Need to align this here;  _brk_unlocked won't do it for us.
 190          */
 191         new_brk = BRKALIGN(new_brk);
 192 
 193         lmutex_lock(&__sbrk_lock);
 194         if ((result = _brk_unlocked(new_brk)) == 0)
 195                 _nd = new_brk;
 196         lmutex_unlock(&__sbrk_lock);
 197 
 198         return (result);
 199 }