From e9170cbc3d3a12cf6c02068916cc7c3bb3f10aaa Mon Sep 17 00:00:00 2001 From: Timothy J Fontaine Date: Thu, 5 Jun 2014 15:55:48 -0700 Subject: [PATCH] v8: shift heap space for aslr on 64bit Previously we were only shifting the address space for ASLR on 32bit processes, apply the same shift for 64bit so processes don't get artificially limited native heap. --- deps/v8/src/platform-posix.cc | 46 +++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/deps/v8/src/platform-posix.cc b/deps/v8/src/platform-posix.cc index 3c868688ae7..5c3529d4458 100644 --- a/deps/v8/src/platform-posix.cc +++ b/deps/v8/src/platform-posix.cc @@ -92,6 +92,33 @@ void OS::Guard(void* address, const size_t size) { } #endif // __CYGWIN__ +// For our illumos/Solaris mmap hint, we pick a random address in the bottom +// half of the top half of the address space (that is, the third quarter). +// Because we do not MAP_FIXED, this will be treated only as a hint -- the +// system will not fail to mmap() because something else happens to already be +// mapped at our random address. We deliberately set the hint high enough to +// get well above the system's break (that is, the heap); illumos and Solaris +// will try the hint and if that fails allocate as if there were no hint at +// all. The high hint prevents the break from getting hemmed in at low values, +// ceding half of the address space to the system heap. + +// On all other 32bit platforms the range 0x20000000 - 0x60000000 is relatively +// unpopulated across a variety of ASLR modes (PAE kernel, NX compat mode, etc) +// and on macos 10.6 and 10.7. + +#ifdef V8_TARGET_ARCH_X64 +# ifdef __sun +# define V8_ASLR_MEMORY_SHIFT 0x400000000000ULL +# else +# define V8_ASLR_MEMORY_SHIFT 0 +# endif // __sun +#else +# ifdef __sun +# define V8_ASLR_MEMORY_SHIFT 0x80000000 +# else +# define V8_ASLR_MEMORY_SHIFT 0x20000000 +# endif // __sun +#endif // V8_TARGET_ARCH_X64 void* OS::GetRandomMmapAddr() { Isolate* isolate = Isolate::UncheckedCurrent(); @@ -111,25 +138,8 @@ void* OS::GetRandomMmapAddr() { uint32_t raw_addr = V8::RandomPrivate(isolate); raw_addr &= 0x3ffff000; - -# ifdef __sun - // For our Solaris/illumos mmap hint, we pick a random address in the bottom - // half of the top half of the address space (that is, the third quarter). - // Because we do not MAP_FIXED, this will be treated only as a hint -- the - // system will not fail to mmap() because something else happens to already - // be mapped at our random address. We deliberately set the hint high enough - // to get well above the system's break (that is, the heap); Solaris and - // illumos will try the hint and if that fails allocate as if there were - // no hint at all. The high hint prevents the break from getting hemmed in - // at low values, ceding half of the address space to the system heap. - raw_addr += 0x80000000; -# else - // The range 0x20000000 - 0x60000000 is relatively unpopulated across a - // variety of ASLR modes (PAE kernel, NX compat mode, etc) and on macos - // 10.6 and 10.7. - raw_addr += 0x20000000; -# endif #endif + raw_addr += V8_ASLR_MEMORY_SHIFT; return reinterpret_cast(raw_addr); } return NULL;