Print this page
sync further changes from uts/aslr
*** 60,91 ****
#include <vm/seg_vn.h>
int use_brk_lpg = 1;
int use_stk_lpg = 1;
static int brk_lpg(caddr_t nva);
static int grow_lpg(caddr_t sp);
intptr_t
brk(caddr_t nva)
{
int error;
proc_t *p = curproc;
/*
- * As a special case to aid the implementation of sbrk(3C), if given a
- * new brk of 0, return the current brk. We'll hide this in brk(3C).
- */
- if (nva == 0)
- return ((intptr_t)(p->p_brkbase + p->p_brksize));
-
- /*
* Serialize brk operations on an address space.
* This also serves as the lock protecting p_brksize
* and p_brkpageszc.
*/
as_rangelock(p->p_as);
if (use_brk_lpg && (p->p_flag & SAUTOLPG) != 0) {
error = brk_lpg(nva);
} else {
error = brk_internal(nva, p->p_brkpageszc);
}
--- 60,100 ----
#include <vm/seg_vn.h>
int use_brk_lpg = 1;
int use_stk_lpg = 1;
+ /*
+ * If set, we will not randomize mappings where the 'addr' argument is
+ * non-NULL and not an alignment.
+ */
+ int aslr_respect_mmap_hint = 0;
+
static int brk_lpg(caddr_t nva);
static int grow_lpg(caddr_t sp);
intptr_t
brk(caddr_t nva)
{
int error;
proc_t *p = curproc;
/*
* Serialize brk operations on an address space.
* This also serves as the lock protecting p_brksize
* and p_brkpageszc.
*/
as_rangelock(p->p_as);
+
+ /*
+ * As a special case to aid the implementation of sbrk(3C), if given a
+ * new brk of 0, return the current brk. We'll hide this in brk(3C).
+ */
+ if (nva == 0) {
+ as_rangeunlock(p->p_as);
+ return ((intptr_t)(p->p_brkbase + p->p_brksize));
+ }
+
if (use_brk_lpg && (p->p_flag & SAUTOLPG) != 0) {
error = brk_lpg(nva);
} else {
error = brk_internal(nva, p->p_brkpageszc);
}
*** 593,602 ****
--- 602,614 ----
vn_a.lgrp_mem_policy_flags = 0;
return (as_map(as, *addrp, len, segvn_create, &vn_a));
}
+ #define RANDOMIZABLE_MAPPING(addr, flags) (((flags & MAP_FIXED) == 0) && \
+ !(((flags & MAP_ALIGN) == 0) && (addr != 0) && aslr_respect_mmap_hint))
+
static int
smmap_common(caddr_t *addrp, size_t len,
int prot, int flags, struct file *fp, offset_t pos)
{
struct vnode *vp;
*** 627,637 ****
/*
* If it's not a fixed allocation and mmap ASLR is enabled, randomize
* it.
*/
! if (((flags & MAP_FIXED) == 0) &&
secflag_enabled(curproc, PROC_SEC_ASLR))
flags |= _MAP_RANDOMIZE;
#if defined(__sparc)
/*
--- 639,649 ----
/*
* If it's not a fixed allocation and mmap ASLR is enabled, randomize
* it.
*/
! if (RANDOMIZABLE_MAPPING(*addrp, flags) &&
secflag_enabled(curproc, PROC_SEC_ASLR))
flags |= _MAP_RANDOMIZE;
#if defined(__sparc)
/*