Bug #514 ยป random-mmap.patch
| sys/machine/pc32/include/vmparam.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
|
#define VM_PROT_READ_IS_EXEC /* if you can read -- then you can exec */
|
||
|
/* I386 has a line where all code is executable: 0 - I386_MAX_EXE_ADDR */
|
||
|
#define I386_MAX_EXE_ADDR 0x20000000 /* exec line */
|
||
|
/*
|
||
|
* Virtual memory related constants, all in bytes
|
||
|
*/
|
||
| sys/sys/mman.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
|
#define MAP_HASSEMAPHORE 0x0200 /* region may contain semaphores */
|
||
|
#define MAP_STACK 0x0400 /* region grows down, like a stack */
|
||
|
#define MAP_NOSYNC 0x0800 /* page to but do not sync underlying file */
|
||
|
#define MAP_TRYFIXED 0x1000 /* attempt hint address, even within heap */
|
||
|
#ifdef _P1003_1B_VISIBLE
|
||
|
/*
|
||
| sys/vm/vm_map.c 13 Jan 2007 12:59:26 -0000 | ||
|---|---|---|
|
#include <sys/thread2.h>
|
||
|
#include <sys/random.h>
|
||
|
/*
|
||
|
* Virtual memory maps provide for the mapping, protection,
|
||
|
* and sharing of virtual memory objects. In addition,
|
||
| ... | ... | |
|
}
|
||
|
/*
|
||
|
* vm_map_hint: return the beginning of the best area suitable for
|
||
|
* creating a new mapping with "prot" protection.
|
||
|
*/
|
||
|
vm_offset_t
|
||
|
vm_map_hint(struct proc *p, vm_prot_t prot)
|
||
|
{
|
||
|
vm_offset_t addr;
|
||
|
#ifdef __i386__
|
||
|
/*
|
||
|
* If executable skip first two pages, otherwise start
|
||
|
* after data + heap region.
|
||
|
*/
|
||
|
if ((prot & VM_PROT_EXECUTE) &&
|
||
|
((vm_offset_t)p->p_vmspace->vm_daddr >= I386_MAX_EXE_ADDR)) {
|
||
|
addr = (PAGE_SIZE*2) +
|
||
|
(karc4random() & (I386_MAX_EXE_ADDR / 2 - 1));
|
||
|
return (round_page(addr));
|
||
|
}
|
||
|
#endif
|
||
|
addr = (vm_offset_t)p->p_vmspace->vm_daddr + MAXDSIZ;
|
||
|
addr += karc4random() & (MIN((256 * 1024 * 1024), MAXDSIZ) - 1);
|
||
|
return (round_page(addr));
|
||
|
}
|
||
|
/*
|
||
|
* vm_map_lookup_done:
|
||
|
*
|
||
|
* Releases locks acquired by a vm_map_lookup
|
||
| sys/vm/vm_map.h 11 Jan 2007 17:37:58 -0000 | ||
|---|---|---|
|
vm_prot_t, vm_prot_t,
|
||
|
int);
|
||
|
int vm_map_findspace (vm_map_t, vm_offset_t, vm_size_t, vm_offset_t, vm_offset_t *);
|
||
|
vm_offset_t vm_map_hint(struct proc *, vm_prot_t);
|
||
|
int vm_map_inherit (vm_map_t, vm_offset_t, vm_offset_t, vm_inherit_t);
|
||
|
void vm_map_init (struct vm_map *, vm_offset_t, vm_offset_t, pmap_t);
|
||
|
int vm_map_insert (vm_map_t, int *, vm_object_t, vm_ooffset_t,
|
||
| sys/vm/vm_mmap.c 13 Jan 2007 10:17:31 -0000 | ||
|---|---|---|
|
* There should really be a pmap call to determine a reasonable
|
||
|
* location.
|
||
|
*/
|
||
|
else if (addr == 0 ||
|
||
|
(addr >= round_page((vm_offset_t)vms->vm_taddr) &&
|
||
|
addr < round_page((vm_offset_t)vms->vm_daddr + maxdsiz)))
|
||
|
addr = round_page((vm_offset_t)vms->vm_daddr + maxdsiz);
|
||
|
else {
|
||
|
/*
|
||
|
* not fixed: make sure we skip over the largest possible heap.
|
||
|
* we will refine our guess later (e.g. to account for VAC, etc)
|
||
|
*/
|
||
|
if (addr == 0)
|
||
|
addr = vm_map_hint(p, prot);
|
||
|
else if (!(flags & MAP_TRYFIXED) &&
|
||
|
addr < (vm_offset_t)p->p_vmspace->vm_daddr)
|
||
|
addr = vm_map_hint(p, prot);
|
||
|
}
|
||
|
if (flags & MAP_ANON) {
|
||
|
/*
|
||