added 2 changesets to branch 'refs/remotes/pdziepak-github/aslr' old head: 7547e2596e8c89c28c4c2bde263ca132bbe61f31 new head: 46d58c97d448a0f531d8ef738f1db36d8350b16f overview: https://github.com/pdziepak/Haiku/compare/7547e25...46d58c9 ---------------------------------------------------------------------------- 7188503: thread: randomize user stack position Use B_RANDOMIZE_BASE_ADDRESS for creating both main and other threads user stack. 46d58c9: malloc: randomize heap position Use B_RANDOMIZE_BASE_ADDRESS for initial heap creation as well as for resizing it when keeping it contignuous is no longer possible. [ Pawel Dziepak <pdziepak@xxxxxxxxxxx> ] ---------------------------------------------------------------------------- 2 files changed, 7 insertions(+), 16 deletions(-) src/system/kernel/thread.cpp | 15 +++------------ src/system/libroot/posix/malloc/arch-specific.cpp | 8 ++++---- ############################################################################ Commit: 71885031093328f6f8c79733fdde1ca6d1f0a8c1 Author: Pawel Dziepak <pdziepak@xxxxxxxxxxx> Date: Wed Feb 27 00:53:33 2013 UTC thread: randomize user stack position Use B_RANDOMIZE_BASE_ADDRESS for creating both main and other threads user stack. ---------------------------------------------------------------------------- diff --git a/src/system/kernel/thread.cpp b/src/system/kernel/thread.cpp index 02a574e..93fcfe5 100644 --- a/src/system/kernel/thread.cpp +++ b/src/system/kernel/thread.cpp @@ -821,19 +821,10 @@ create_thread_user_stack(Team* team, Thread* thread, void* _stackBase, snprintf(nameBuffer, B_OS_NAME_LENGTH, "%s_%" B_PRId32 "_stack", thread->name, thread->id); - virtual_address_restrictions virtualRestrictions = {}; - if (thread->id == team->id) { - // The main thread gets a fixed position at the top of the stack - // address range. - stackBase = (uint8*)(USER_STACK_REGION + USER_STACK_REGION_SIZE - - areaSize); - virtualRestrictions.address_specification = B_EXACT_ADDRESS; + stackBase = (uint8*)USER_STACK_REGION; - } else { - // not a main thread - stackBase = (uint8*)(addr_t)USER_STACK_REGION; - virtualRestrictions.address_specification = B_BASE_ADDRESS; - } + virtual_address_restrictions virtualRestrictions = {}; + virtualRestrictions.address_specification = B_RANDOMIZED_BASE_ADDRESS; virtualRestrictions.address = (void*)stackBase; physical_address_restrictions physicalRestrictions = {}; ############################################################################ Commit: 46d58c97d448a0f531d8ef738f1db36d8350b16f Author: Pawel Dziepak <pdziepak@xxxxxxxxxxx> Date: Wed Feb 27 00:54:44 2013 UTC malloc: randomize heap position Use B_RANDOMIZE_BASE_ADDRESS for initial heap creation as well as for resizing it when keeping it contignuous is no longer possible. ---------------------------------------------------------------------------- diff --git a/src/system/libroot/posix/malloc/arch-specific.cpp b/src/system/libroot/posix/malloc/arch-specific.cpp index 0bcaac8..54d2fe0 100644 --- a/src/system/libroot/posix/malloc/arch-specific.cpp +++ b/src/system/libroot/posix/malloc/arch-specific.cpp @@ -99,12 +99,12 @@ __init_heap(void) // size of the heap is guaranteed until the space is really needed. sHeapBase = (void *)kHeapReservationBase; status_t status = _kern_reserve_address_range((addr_t *)&sHeapBase, - B_EXACT_ADDRESS, kHeapReservationSize); + B_RANDOMIZED_BASE_ADDRESS, kHeapReservationSize); if (status != B_OK) sHeapBase = NULL; sHeapArea = create_area("heap", (void **)&sHeapBase, - status == B_OK ? B_EXACT_ADDRESS : B_BASE_ADDRESS, + status == B_OK ? B_EXACT_ADDRESS : B_RANDOMIZED_BASE_ADDRESS, kInitialHeapSize, B_NO_LOCK, B_READ_AREA | B_WRITE_AREA); if (sHeapArea < B_OK) return sHeapArea; @@ -271,8 +271,8 @@ hoardSbrk(long size) // allocation. if (area < 0) { base = (void*)(sFreeHeapBase + sHeapAreaSize); - area = create_area("heap", &base, B_BASE_ADDRESS, newHeapSize, - B_NO_LOCK, B_READ_AREA | B_WRITE_AREA); + area = create_area("heap", &base, B_RANDOMIZED_BASE_ADDRESS, + newHeapSize, B_NO_LOCK, B_READ_AREA | B_WRITE_AREA); } if (area < 0) {