aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-01-22 11:26:32 -0500
committerJack Lloyd <[email protected]>2019-01-22 11:26:32 -0500
commit1ceb364265be6c90ee38a1e7f5f95f14cdcf8b49 (patch)
tree9ff76ff888e52d11fe91948f66d2623f31f988cb
parent293a2b902037d4afdeddce080df9d965fa7f1116 (diff)
Make the Memory_Pool MMU operations a compile time option
Previously the calls were commented out as this has a substantial performance impact. Allow enabling them via a build.h toggle, and enable it by default when debug asserts are turned on.
-rw-r--r--src/build-data/buildh.in14
-rw-r--r--src/lib/utils/mem_pool/mem_pool.cpp20
2 files changed, 30 insertions, 4 deletions
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index 6cf73200e..91be93b1c 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -127,6 +127,20 @@
#define BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB 512
/*
+* If BOTAN_MEM_POOL_USE_MMU_PROTECTIONS is defined, the Memory_Pool
+* class used for mlock'ed memory will use OS calls to set page
+* permissions so as to prohibit access to pages on the free list, then
+* enable read/write access when the page is set to be used. This will
+* turn (some) use after free bugs into a crash.
+*
+* The additional syscalls have a substantial performance impact, which
+* is why this option is not enabled by default.
+*/
+#if defined(BOTAN_HAS_VALGRIND) || defined(BOTAN_ENABLE_DEBUG_ASSERTS)
+ #define BOTAN_MEM_POOL_USE_MMU_PROTECTIONS
+#endif
+
+/*
* If enabled uses memset via volatile function pointer to zero memory,
* otherwise does a byte at a time write via a volatile pointer.
*/
diff --git a/src/lib/utils/mem_pool/mem_pool.cpp b/src/lib/utils/mem_pool/mem_pool.cpp
index cd49c1e33..1cae5f299 100644
--- a/src/lib/utils/mem_pool/mem_pool.cpp
+++ b/src/lib/utils/mem_pool/mem_pool.cpp
@@ -5,10 +5,13 @@
*/
#include <botan/internal/mem_pool.h>
-#include <botan/internal/os_utils.h>
#include <botan/mem_ops.h>
#include <algorithm>
+#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
+ #include <botan/internal/os_utils.h>
+#endif
+
namespace Botan {
/*
@@ -281,7 +284,9 @@ Memory_Pool::Memory_Pool(const std::vector<void*>& pages, size_t page_size) :
m_max_page_ptr = std::max(p, m_max_page_ptr);
clear_bytes(pages[i], m_page_size);
- //OS::page_prohibit_access(pages[i]);
+#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
+ OS::page_prohibit_access(pages[i]);
+#endif
m_free_pages.push_back(static_cast<uint8_t*>(pages[i]));
}
@@ -294,10 +299,12 @@ Memory_Pool::Memory_Pool(const std::vector<void*>& pages, size_t page_size) :
Memory_Pool::~Memory_Pool()
{
+#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
for(size_t i = 0; i != m_free_pages.size(); ++i)
{
- //OS::page_allow_access(m_free_pages[i]);
+ OS::page_allow_access(m_free_pages[i]);
}
+#endif
}
void* Memory_Pool::allocate(size_t n)
@@ -332,7 +339,9 @@ void* Memory_Pool::allocate(size_t n)
{
uint8_t* ptr = m_free_pages[0];
m_free_pages.pop_front();
- //OS::page_allow_access(ptr);
+#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
+ OS::page_allow_access(ptr);
+#endif
buckets.push_front(Bucket(ptr, m_page_size, n_bucket));
void* p = buckets[0].alloc();
BOTAN_ASSERT_NOMSG(p != nullptr);
@@ -366,6 +375,9 @@ bool Memory_Pool::deallocate(void* p, size_t len) noexcept
{
if(bucket.empty())
{
+#if defined(BOTAN_MEM_POOL_USE_MMU_PROTECTIONS)
+ OS::page_prohibit_access(bucket.ptr());
+#endif
m_free_pages.push_back(bucket.ptr());
if(i != buckets.size() - 1)