diff options
author | Evgenii Stepanov <eugenis@google.com> | 2020-06-08 20:09:57 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-06-08 20:09:57 +0000 |
commit | 716bb29549fa1d17b206bcc6016fecdda2f090a6 (patch) | |
tree | 962d41c6dcb2f05b49c24d8fb9cc53e3f7339401 | |
parent | 0206977d9cd9c26df46e164b4aad1f9037bc978f (diff) | |
parent | bca71db10d016a3ef2e559836fecdd2039b1f245 (diff) | |
download | bionic-716bb29549fa1d17b206bcc6016fecdda2f090a6.tar.gz |
Use PROT_NONE on the unused parts of CFI shadow. am: c3b3e869ce am: bca71db10d
Original change: https://googleplex-android-review.googlesource.com/c/platform/bionic/+/11760912
Change-Id: I4cb258a190f0e70d57ac36646800f74665e27855
-rw-r--r-- | linker/linker_cfi.cpp | 3 | ||||
-rw-r--r-- | tests/libs/cfi_test_lib.cpp | 9 |
2 files changed, 5 insertions, 7 deletions
diff --git a/linker/linker_cfi.cpp b/linker/linker_cfi.cpp index 5995013b4..87b5d3485 100644 --- a/linker/linker_cfi.cpp +++ b/linker/linker_cfi.cpp @@ -56,6 +56,7 @@ class ShadowWrite { reinterpret_cast<char*>(mmap(nullptr, aligned_end - aligned_start, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0)); CHECK(tmp_start != MAP_FAILED); + mprotect(aligned_start, aligned_end - aligned_start, PROT_READ); memcpy(tmp_start, aligned_start, shadow_start - aligned_start); memcpy(tmp_start + (shadow_end - aligned_start), shadow_end, aligned_end - shadow_end); } @@ -154,7 +155,7 @@ uintptr_t soinfo_find_cfi_check(soinfo* si) { uintptr_t CFIShadowWriter::MapShadow() { void* p = - mmap(nullptr, kShadowSize, PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0); + mmap(nullptr, kShadowSize, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE, -1, 0); CHECK(p != MAP_FAILED); return reinterpret_cast<uintptr_t>(p); } diff --git a/tests/libs/cfi_test_lib.cpp b/tests/libs/cfi_test_lib.cpp index 9f456d39b..6f551c5f8 100644 --- a/tests/libs/cfi_test_lib.cpp +++ b/tests/libs/cfi_test_lib.cpp @@ -67,12 +67,9 @@ struct A { void check_cfi_self() { g_last_type_id = 0; assert(&__cfi_slowpath); - // CFI check for an invalid address. Normally, this would kill the process by routing the call - // back to the calling module's __cfi_check, which does the right thing based on - // -fsanitize-recover / -fsanitize-trap. But this module has custom __cfi_check that does not do - // any of that, so the result looks like a passing check. - int zz; - __cfi_slowpath(13, static_cast<void*>(&zz)); + // CFI check for an address inside this DSO. This goes to the current module's __cfi_check, + // which updates g_last_type_id. + __cfi_slowpath(13, static_cast<void*>(&g_last_type_id)); assert(g_last_type_id == 13); // CFI check for a libc function. This never goes into this module's __cfi_check, and must pass. __cfi_slowpath(14, reinterpret_cast<void*>(&exit)); |