diff options
author | Evgenii Stepanov <eugenis@google.com> | 2020-06-08 19:58:21 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-06-08 19:58:21 +0000 |
commit | 53ce7b3aa6f48c664be546e34ef179dcaf96ac08 (patch) | |
tree | 962d41c6dcb2f05b49c24d8fb9cc53e3f7339401 | |
parent | 71e4f5b9cc22ace6293104dcdf5ecb77ddd32f86 (diff) | |
parent | c3b3e869cecaafffac301b26d6fd6be821f574f9 (diff) | |
download | bionic-53ce7b3aa6f48c664be546e34ef179dcaf96ac08.tar.gz |
Use PROT_NONE on the unused parts of CFI shadow. am: c3b3e869ce
Original change: https://googleplex-android-review.googlesource.com/c/platform/bionic/+/11760912
Change-Id: I7948d6a49cb98af776a2ba270a5a5cb43be767e5
-rw-r--r-- | linker/linker_cfi.cpp | 3 | ||||
-rw-r--r-- | tests/libs/cfi_test_lib.cpp | 9 |
2 files changed, 5 insertions, 7 deletions
diff --git a/linker/linker_cfi.cpp b/linker/linker_cfi.cpp index 5995013b4..87b5d3485 100644 --- a/linker/linker_cfi.cpp +++ b/linker/linker_cfi.cpp @@ -56,6 +56,7 @@ class ShadowWrite { reinterpret_cast<char*>(mmap(nullptr, aligned_end - aligned_start, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0)); CHECK(tmp_start != MAP_FAILED); + mprotect(aligned_start, aligned_end - aligned_start, PROT_READ); memcpy(tmp_start, aligned_start, shadow_start - aligned_start); memcpy(tmp_start + (shadow_end - aligned_start), shadow_end, aligned_end - shadow_end); } @@ -154,7 +155,7 @@ uintptr_t soinfo_find_cfi_check(soinfo* si) { uintptr_t CFIShadowWriter::MapShadow() { void* p = - mmap(nullptr, kShadowSize, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0); + mmap(nullptr, kShadowSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0); CHECK(p != MAP_FAILED); return reinterpret_cast<uintptr_t>(p); } diff --git a/tests/libs/cfi_test_lib.cpp b/tests/libs/cfi_test_lib.cpp index 9f456d39b..6f551c5f8 100644 --- a/tests/libs/cfi_test_lib.cpp +++ b/tests/libs/cfi_test_lib.cpp @@ -67,12 +67,9 @@ struct A { void check_cfi_self() { g_last_type_id = 0; assert(&__cfi_slowpath); - // CFI check for an invalid address. Normally, this would kill the process by routing the call - // back to the calling module's __cfi_check, which does the right thing based on - // -fsanitize-recover / -fsanitize-trap. But this module has custom __cfi_check that does not do - // any of that, so the result looks like a passing check. - int zz; - __cfi_slowpath(13, static_cast<void*>(&zz)); + // CFI check for an address inside this DSO. This goes to the current module's __cfi_check, + // which updates g_last_type_id. + __cfi_slowpath(13, static_cast<void*>(&g_last_type_id)); assert(g_last_type_id == 13); // CFI check for a libc function. This never goes into this module's __cfi_check, and must pass. __cfi_slowpath(14, reinterpret_cast<void*>(&exit)); |