random-mmap.patch
| sys/machine/pc32/include/vmparam.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
| 50 | 50 | |
| 51 | 51 |
#define VM_PROT_READ_IS_EXEC /* if you can read -- then you can exec */ |
| 52 | 52 | |
| 53 |
/* I386 has a line where all code is executable: 0 - I386_MAX_EXE_ADDR */ |
|
| 54 |
#define I386_MAX_EXE_ADDR 0x20000000 /* exec line */ |
|
| 55 | ||
| 53 | 56 |
/* |
| 54 | 57 |
* Virtual memory related constants, all in bytes |
| 55 | 58 |
*/ |
| sys/sys/mman.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
| 76 | 76 |
#define MAP_HASSEMAPHORE 0x0200 /* region may contain semaphores */ |
| 77 | 77 |
#define MAP_STACK 0x0400 /* region grows down, like a stack */ |
| 78 | 78 |
#define MAP_NOSYNC 0x0800 /* page to but do not sync underlying file */ |
| 79 |
#define MAP_TRYFIXED 0x1000 /* attempt hint address, even within heap */ |
|
| 79 | 80 | |
| 80 | 81 |
#ifdef _P1003_1B_VISIBLE |
| 81 | 82 |
/* |
| sys/vm/vm_map.c 13 Jan 2007 12:59:26 -0000 | ||
|---|---|---|
| 94 | 94 | |
| 95 | 95 |
#include <sys/thread2.h> |
| 96 | 96 | |
| 97 |
#include <sys/random.h> |
|
| 98 | ||
| 97 | 99 |
/* |
| 98 | 100 |
* Virtual memory maps provide for the mapping, protection, |
| 99 | 101 |
* and sharing of virtual memory objects. In addition, |
| ... | ... | |
| 3419 | 3421 |
} |
| 3420 | 3422 | |
| 3421 | 3423 |
/* |
| 3424 |
* vm_map_hint: return the beginning of the best area suitable for |
|
| 3425 |
* creating a new mapping with "prot" protection. |
|
| 3426 |
*/ |
|
| 3427 |
vm_offset_t |
|
| 3428 |
vm_map_hint(struct proc *p, vm_prot_t prot) |
|
| 3429 |
{
|
|
| 3430 |
vm_offset_t addr; |
|
| 3431 | ||
| 3432 |
#ifdef __i386__ |
|
| 3433 |
/* |
|
| 3434 |
* If executable skip first two pages, otherwise start |
|
| 3435 |
* after data + heap region. |
|
| 3436 |
*/ |
|
| 3437 |
if ((prot & VM_PROT_EXECUTE) && |
|
| 3438 |
((vm_offset_t)p->p_vmspace->vm_daddr >= I386_MAX_EXE_ADDR)) {
|
|
| 3439 |
addr = (PAGE_SIZE*2) + |
|
| 3440 |
(karc4random() & (I386_MAX_EXE_ADDR / 2 - 1)); |
|
| 3441 |
return (round_page(addr)); |
|
| 3442 |
} |
|
| 3443 |
#endif |
|
| 3444 |
addr = (vm_offset_t)p->p_vmspace->vm_daddr + MAXDSIZ; |
|
| 3445 |
addr += karc4random() & (MIN((256 * 1024 * 1024), MAXDSIZ) - 1); |
|
| 3446 | ||
| 3447 |
return (round_page(addr)); |
|
| 3448 |
} |
|
| 3449 |
/* |
|
| 3422 | 3450 |
* vm_map_lookup_done: |
| 3423 | 3451 |
* |
| 3424 | 3452 |
* Releases locks acquired by a vm_map_lookup |
| sys/vm/vm_map.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
| 438 | 438 |
vm_prot_t, vm_prot_t, |
| 439 | 439 |
int); |
| 440 | 440 |
int vm_map_findspace (vm_map_t, vm_offset_t, vm_size_t, vm_offset_t, vm_offset_t *); |
| 441 |
vm_offset_t vm_map_hint(struct proc *, vm_prot_t); |
|
| 441 | 442 |
int vm_map_inherit (vm_map_t, vm_offset_t, vm_offset_t, vm_inherit_t); |
| 442 | 443 |
void vm_map_init (struct vm_map *, vm_offset_t, vm_offset_t, pmap_t); |
| 443 | 444 |
int vm_map_insert (vm_map_t, int *, vm_object_t, vm_ooffset_t, |
| sys/vm/vm_mmap.c 13 Jan 2007 10:17:31 -0000 | ||
|---|---|---|
| 238 | 238 |
* There should really be a pmap call to determine a reasonable |
| 239 | 239 |
* location. |
| 240 | 240 |
*/ |
| 241 |
else if (addr == 0 || |
|
| 242 |
(addr >= round_page((vm_offset_t)vms->vm_taddr) && |
|
| 243 |
addr < round_page((vm_offset_t)vms->vm_daddr + maxdsiz))) |
|
| 244 |
addr = round_page((vm_offset_t)vms->vm_daddr + maxdsiz); |
|
| 241 |
else {
|
|
| 242 |
/* |
|
| 243 |
* not fixed: make sure we skip over the largest possible heap. |
|
| 244 |
* we will refine our guess later (e.g. to account for VAC, etc) |
|
| 245 |
*/ |
|
| 246 |
if (addr == 0) |
|
| 247 |
addr = vm_map_hint(p, prot); |
|
| 248 |
else if (!(flags & MAP_TRYFIXED) && |
|
| 249 |
addr < (vm_offset_t)p->p_vmspace->vm_daddr) |
|
| 250 |
addr = vm_map_hint(p, prot); |
|
| 251 |
} |
|
| 245 | 252 | |
| 246 | 253 |
if (flags & MAP_ANON) {
|
| 247 | 254 |
/* |