Remove mprotecting of struct dir_info introduced in previous commit

(MALLOC_OPTIONS=L). It was too slow to turn on by default, and we don't do optional security. requested by deraadt@ grumbling ok otto@
author: djm <> 2008-12-30 07:44:51 +0000
committer: djm <> 2008-12-30 07:44:51 +0000
commit: 611f21aa60c60f91295ec5451b469b73684b666a (patch)
tree: 2e9b38b54fe87b89b1a0258d12507c5b5e197c7e
parent: c2f9a0271169166b38060ef5e36ef203765e45dd (diff)
download: openbsd-611f21aa60c60f91295ec5451b469b73684b666a.tar.gz
openbsd-611f21aa60c60f91295ec5451b469b73684b666a.tar.bz2
openbsd-611f21aa60c60f91295ec5451b469b73684b666a.zip
2 files changed, 4 insertions, 46 deletions
diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3
index 2458834302..c3566e37e8 100644
--- a/src/lib/libc/stdlib/malloc.3
+++ b/src/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"     $OpenBSD: malloc.3,v 1.59 2008/12/29 22:25:50 djm Exp $
+.\"     $OpenBSD: malloc.3,v 1.60 2008/12/30 07:44:51 djm Exp $
 .\"
-.Dd $Mdocdate: December 29 2008 $
+.Dd $Mdocdate: December 30 2008 $
 .Dt MALLOC 3
 .Os
 .Sh NAME
@@ -249,13 +249,6 @@ Currently junk is bytes of 0xd0 when allocating; this is pronounced
 .Dq Duh .
 \&:-)
 Freed chunks are filled with 0xdf.
-.It Cm L
-.Dq Lock .
-Lock critical data structures using
-.Xr mprotect 2
-to protect against modification except by
-.Nm
-and related routines.
 .It Cm P
 .Dq Move allocations within a page.
 Allocations larger than half a page but smaller than a page
diff --git a/src/lib/libc/stdlib/malloc.c b/src/lib/libc/stdlib/malloc.c
index e15a64ac72..3d2e3dd29a 100644
--- a/src/lib/libc/stdlib/malloc.c
+++ b/src/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: malloc.c,v 1.112 2008/12/29 22:25:50 djm Exp $        */
+/*      $OpenBSD: malloc.c,v 1.113 2008/12/30 07:44:51 djm Exp $        */
 /*
 * Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
 *
@@ -88,23 +88,6 @@
 #define MMAPA(a,sz)     mmap((a), (size_t)(sz), PROT_READ | PROT_WRITE, \
    MAP_ANON | MAP_PRIVATE, -1, (off_t) 0)
-/* Protect and unprotect g_pool structure as we enter/exit the allocator */
-#define DIR_INFO_RSZ    ((sizeof(struct dir_info) + PAGE_MASK) & ~PAGE_MASK)
-#define PROTECT_G_POOL() \
-        do { \
-                if (g_pool != NULL && mopts.malloc_poolprot) { \
-                        mprotect((void *)((uintptr_t)g_pool & ~PAGE_MASK), \
-                            DIR_INFO_RSZ, PROT_NONE); \
-                } \
-        } while (0)
-#define UNPROTECT_G_POOL() \
-        do { \
-                if (g_pool != NULL && mopts.malloc_poolprot) { \
-                        mprotect((void *)((uintptr_t)g_pool & ~PAGE_MASK), \
-                            DIR_INFO_RSZ, PROT_READ | PROT_WRITE); \
-                } \
-        } while (0)
 struct region_info {
        void *p;                /* page; low bits used to mark chunks */
        uintptr_t size;         /* size for pages, or chunk_info pointer */
@@ -142,7 +125,7 @@ struct dir_info {
 #endif /* MALLOC_STATS */
        u_int32_t canary2;
 };
+#define DIR_INFO_RSZ    ((sizeof(struct dir_info) + PAGE_MASK) & ~PAGE_MASK)
 /*
 * This structure describes a page worth of chunks.
@@ -165,7 +148,6 @@ struct chunk_info {
 struct malloc_readonly {
        struct dir_info *g_pool;        /* Main bookkeeping information */
        int     malloc_abort;           /* abort() on error */
-        int     malloc_poolprot;        /* mprotect heap PROT_NONE? */
        int     malloc_freeprot;        /* mprotect free pages PROT_NONE? */
        int     malloc_hint;            /* call madvice on free pages?  */
        int     malloc_junk;            /* junk fill? */
@@ -653,12 +635,6 @@ omalloc_init(struct dir_info **dp)
                        case 'J':
                                mopts.malloc_junk = 1;
                                break;
-                        case 'l':
-                                mopts.malloc_poolprot = 0;
-                                break;
-                        case 'L':
-                                mopts.malloc_poolprot = 1;
-                                break;
                        case 'n':
                        case 'N':
                                break;
@@ -1214,7 +1190,6 @@ malloc_recurse(void)
                wrterror("recursive call");
        }
        malloc_active--;
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        errno = EDEADLK;
 }
@@ -1223,7 +1198,6 @@ static void
 malloc_global_corrupt(void)
 {
        wrterror("global malloc data corrupt");
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        errno = EINVAL;
 }
@@ -1248,7 +1222,6 @@ malloc(size_t size)
        int saved_errno = errno;
        _MALLOC_LOCK();
-        UNPROTECT_G_POOL();
        malloc_func = " in malloc():";
        if (g_pool == NULL) {
                if (malloc_init() != 0)
@@ -1260,7 +1233,6 @@ malloc(size_t size)
        }
        r = omalloc(size, mopts.malloc_zero);
        malloc_active--;
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        if (r == NULL && mopts.malloc_xmalloc) {
                wrterror("out of memory");
@@ -1349,7 +1321,6 @@ free(void *ptr)
                return;
        _MALLOC_LOCK();
-        UNPROTECT_G_POOL();
        malloc_func = " in free():";  
        if (g_pool == NULL) {
                _MALLOC_UNLOCK();
@@ -1362,7 +1333,6 @@ free(void *ptr)
        }
        ofree(ptr);
        malloc_active--;
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        errno = saved_errno;
 }
@@ -1466,7 +1436,6 @@ realloc(void *ptr, size_t size)
        int saved_errno = errno;
  
        _MALLOC_LOCK();
-        UNPROTECT_G_POOL();
        malloc_func = " in realloc():";  
        if (g_pool == NULL) {
                if (malloc_init() != 0)
@@ -1479,7 +1448,6 @@ realloc(void *ptr, size_t size)
        r = orealloc(ptr, size);
  
        malloc_active--;
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        if (r == NULL && mopts.malloc_xmalloc) {
                wrterror("out of memory");
@@ -1500,7 +1468,6 @@ calloc(size_t nmemb, size_t size)
        int saved_errno = errno;
        _MALLOC_LOCK();
-        UNPROTECT_G_POOL();
        malloc_func = " in calloc():";  
        if (g_pool == NULL) {
                if (malloc_init() != 0)
@@ -1508,7 +1475,6 @@ calloc(size_t nmemb, size_t size)
        }
        if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) &&
            nmemb > 0 && SIZE_MAX / nmemb < size) {
-                PROTECT_G_POOL();
                _MALLOC_UNLOCK();
                if (mopts.malloc_xmalloc)
                        wrterror("out of memory");
@@ -1525,7 +1491,6 @@ calloc(size_t nmemb, size_t size)
        r = omalloc(size, 1);
  
        malloc_active--;
-        PROTECT_G_POOL();
        _MALLOC_UNLOCK();
        if (r == NULL && mopts.malloc_xmalloc) {
                wrterror("out of memory");
author	djm <>	2008-12-30 07:44:51 +0000
committer	djm <>	2008-12-30 07:44:51 +0000
commit	611f21aa60c60f91295ec5451b469b73684b666a (patch)
tree	2e9b38b54fe87b89b1a0258d12507c5b5e197c7e
parent	c2f9a0271169166b38060ef5e36ef203765e45dd (diff)
download	openbsd-611f21aa60c60f91295ec5451b469b73684b666a.tar.gz openbsd-611f21aa60c60f91295ec5451b469b73684b666a.tar.bz2 openbsd-611f21aa60c60f91295ec5451b469b73684b666a.zip

diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3 index 2458834302..c3566e37e8 100644 --- a/src/lib/libc/stdlib/malloc.3 +++ b/src/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
30	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF	30	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	.\" SUCH DAMAGE.	31	.\" SUCH DAMAGE.
32	.\"	32	.\"
33	.\" $OpenBSD: malloc.3,v 1.59 2008/12/29 22:25:50 djm Exp $	33	.\" $OpenBSD: malloc.3,v 1.60 2008/12/30 07:44:51 djm Exp $
34	.\"	34	.\"
35	.Dd $Mdocdate: December 29 2008 $	35	.Dd $Mdocdate: December 30 2008 $
36	.Dt MALLOC 3	36	.Dt MALLOC 3
37	.Os	37	.Os
38	.Sh NAME	38	.Sh NAME
@@ -249,13 +249,6 @@ Currently junk is bytes of 0xd0 when allocating; this is pronounced
249	.Dq Duh .	249	.Dq Duh .
250	\&:-)	250	\&:-)
251	Freed chunks are filled with 0xdf.	251	Freed chunks are filled with 0xdf.
252	.It Cm L
253	.Dq Lock .
254	Lock critical data structures using
255	.Xr mprotect 2
256	to protect against modification except by
257	.Nm
258	and related routines.
259	.It Cm P	252	.It Cm P
260	.Dq Move allocations within a page.	253	.Dq Move allocations within a page.
261	Allocations larger than half a page but smaller than a page	254	Allocations larger than half a page but smaller than a page


diff --git a/src/lib/libc/stdlib/malloc.c b/src/lib/libc/stdlib/malloc.c index e15a64ac72..3d2e3dd29a 100644 --- a/src/lib/libc/stdlib/malloc.c +++ b/src/lib/libc/stdlib/malloc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: malloc.c,v 1.112 2008/12/29 22:25:50 djm Exp $ */	1	/* $OpenBSD: malloc.c,v 1.113 2008/12/30 07:44:51 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>	3	* Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
4	*	4	*
@@ -88,23 +88,6 @@
88	#define MMAPA(a,sz) mmap((a), (size_t)(sz), PROT_READ \| PROT_WRITE, \	88	#define MMAPA(a,sz) mmap((a), (size_t)(sz), PROT_READ \| PROT_WRITE, \
89	MAP_ANON \| MAP_PRIVATE, -1, (off_t) 0)	89	MAP_ANON \| MAP_PRIVATE, -1, (off_t) 0)
90		90
91	/* Protect and unprotect g_pool structure as we enter/exit the allocator */
92	#define DIR_INFO_RSZ ((sizeof(struct dir_info) + PAGE_MASK) & ~PAGE_MASK)
93	#define PROTECT_G_POOL() \
94	do { \
95	if (g_pool != NULL && mopts.malloc_poolprot) { \
96	mprotect((void *)((uintptr_t)g_pool & ~PAGE_MASK), \
97	DIR_INFO_RSZ, PROT_NONE); \
98	} \
99	} while (0)
100	#define UNPROTECT_G_POOL() \
101	do { \
102	if (g_pool != NULL && mopts.malloc_poolprot) { \
103	mprotect((void *)((uintptr_t)g_pool & ~PAGE_MASK), \
104	DIR_INFO_RSZ, PROT_READ \| PROT_WRITE); \
105	} \
106	} while (0)
107
108	struct region_info {	91	struct region_info {
109	void p; / page; low bits used to mark chunks */	92	void p; / page; low bits used to mark chunks */
110	uintptr_t size; /* size for pages, or chunk_info pointer */	93	uintptr_t size; /* size for pages, or chunk_info pointer */
@@ -142,7 +125,7 @@ struct dir_info {
142	#endif /* MALLOC_STATS */	125	#endif /* MALLOC_STATS */
143	u_int32_t canary2;	126	u_int32_t canary2;
144	};	127	};
145		128	#define DIR_INFO_RSZ ((sizeof(struct dir_info) + PAGE_MASK) & ~PAGE_MASK)
146		129
147	/*	130	/*
148	* This structure describes a page worth of chunks.	131	* This structure describes a page worth of chunks.
@@ -165,7 +148,6 @@ struct chunk_info {
165	struct malloc_readonly {	148	struct malloc_readonly {
166	struct dir_info g_pool; / Main bookkeeping information */	149	struct dir_info g_pool; / Main bookkeeping information */
167	int malloc_abort; /* abort() on error */	150	int malloc_abort; /* abort() on error */
168	int malloc_poolprot; /* mprotect heap PROT_NONE? */
169	int malloc_freeprot; /* mprotect free pages PROT_NONE? */	151	int malloc_freeprot; /* mprotect free pages PROT_NONE? */
170	int malloc_hint; /* call madvice on free pages? */	152	int malloc_hint; /* call madvice on free pages? */
171	int malloc_junk; /* junk fill? */	153	int malloc_junk; /* junk fill? */
@@ -653,12 +635,6 @@ omalloc_init(struct dir_info **dp)
653	case 'J':	635	case 'J':
654	mopts.malloc_junk = 1;	636	mopts.malloc_junk = 1;
655	break;	637	break;
656	case 'l':
657	mopts.malloc_poolprot = 0;
658	break;
659	case 'L':
660	mopts.malloc_poolprot = 1;
661	break;
662	case 'n':	638	case 'n':
663	case 'N':	639	case 'N':
664	break;	640	break;
@@ -1214,7 +1190,6 @@ malloc_recurse(void)
1214	wrterror("recursive call");	1190	wrterror("recursive call");
1215	}	1191	}
1216	malloc_active--;	1192	malloc_active--;
1217	PROTECT_G_POOL();
1218	_MALLOC_UNLOCK();	1193	_MALLOC_UNLOCK();
1219	errno = EDEADLK;	1194	errno = EDEADLK;
1220	}	1195	}
@@ -1223,7 +1198,6 @@ static void
1223	malloc_global_corrupt(void)	1198	malloc_global_corrupt(void)
1224	{	1199	{
1225	wrterror("global malloc data corrupt");	1200	wrterror("global malloc data corrupt");
1226	PROTECT_G_POOL();
1227	_MALLOC_UNLOCK();	1201	_MALLOC_UNLOCK();
1228	errno = EINVAL;	1202	errno = EINVAL;
1229	}	1203	}
@@ -1248,7 +1222,6 @@ malloc(size_t size)
1248	int saved_errno = errno;	1222	int saved_errno = errno;
1249		1223
1250	_MALLOC_LOCK();	1224	_MALLOC_LOCK();
1251	UNPROTECT_G_POOL();
1252	malloc_func = " in malloc():";	1225	malloc_func = " in malloc():";
1253	if (g_pool == NULL) {	1226	if (g_pool == NULL) {
1254	if (malloc_init() != 0)	1227	if (malloc_init() != 0)
@@ -1260,7 +1233,6 @@ malloc(size_t size)
1260	}	1233	}
1261	r = omalloc(size, mopts.malloc_zero);	1234	r = omalloc(size, mopts.malloc_zero);
1262	malloc_active--;	1235	malloc_active--;
1263	PROTECT_G_POOL();
1264	_MALLOC_UNLOCK();	1236	_MALLOC_UNLOCK();
1265	if (r == NULL && mopts.malloc_xmalloc) {	1237	if (r == NULL && mopts.malloc_xmalloc) {
1266	wrterror("out of memory");	1238	wrterror("out of memory");
@@ -1349,7 +1321,6 @@ free(void *ptr)
1349	return;	1321	return;
1350		1322
1351	_MALLOC_LOCK();	1323	_MALLOC_LOCK();
1352	UNPROTECT_G_POOL();
1353	malloc_func = " in free():";	1324	malloc_func = " in free():";
1354	if (g_pool == NULL) {	1325	if (g_pool == NULL) {
1355	_MALLOC_UNLOCK();	1326	_MALLOC_UNLOCK();
@@ -1362,7 +1333,6 @@ free(void *ptr)
1362	}	1333	}
1363	ofree(ptr);	1334	ofree(ptr);
1364	malloc_active--;	1335	malloc_active--;
1365	PROTECT_G_POOL();
1366	_MALLOC_UNLOCK();	1336	_MALLOC_UNLOCK();
1367	errno = saved_errno;	1337	errno = saved_errno;
1368	}	1338	}
@@ -1466,7 +1436,6 @@ realloc(void *ptr, size_t size)
1466	int saved_errno = errno;	1436	int saved_errno = errno;
1467		1437
1468	_MALLOC_LOCK();	1438	_MALLOC_LOCK();
1469	UNPROTECT_G_POOL();
1470	malloc_func = " in realloc():";	1439	malloc_func = " in realloc():";
1471	if (g_pool == NULL) {	1440	if (g_pool == NULL) {
1472	if (malloc_init() != 0)	1441	if (malloc_init() != 0)
@@ -1479,7 +1448,6 @@ realloc(void *ptr, size_t size)
1479	r = orealloc(ptr, size);	1448	r = orealloc(ptr, size);
1480		1449
1481	malloc_active--;	1450	malloc_active--;
1482	PROTECT_G_POOL();
1483	_MALLOC_UNLOCK();	1451	_MALLOC_UNLOCK();
1484	if (r == NULL && mopts.malloc_xmalloc) {	1452	if (r == NULL && mopts.malloc_xmalloc) {
1485	wrterror("out of memory");	1453	wrterror("out of memory");
@@ -1500,7 +1468,6 @@ calloc(size_t nmemb, size_t size)
1500	int saved_errno = errno;	1468	int saved_errno = errno;
1501		1469
1502	_MALLOC_LOCK();	1470	_MALLOC_LOCK();
1503	UNPROTECT_G_POOL();
1504	malloc_func = " in calloc():";	1471	malloc_func = " in calloc():";
1505	if (g_pool == NULL) {	1472	if (g_pool == NULL) {
1506	if (malloc_init() != 0)	1473	if (malloc_init() != 0)
@@ -1508,7 +1475,6 @@ calloc(size_t nmemb, size_t size)
1508	}	1475	}
1509	if ((nmemb >= MUL_NO_OVERFLOW \|\| size >= MUL_NO_OVERFLOW) &&	1476	if ((nmemb >= MUL_NO_OVERFLOW \|\| size >= MUL_NO_OVERFLOW) &&
1510	nmemb > 0 && SIZE_MAX / nmemb < size) {	1477	nmemb > 0 && SIZE_MAX / nmemb < size) {
1511	PROTECT_G_POOL();
1512	_MALLOC_UNLOCK();	1478	_MALLOC_UNLOCK();
1513	if (mopts.malloc_xmalloc)	1479	if (mopts.malloc_xmalloc)
1514	wrterror("out of memory");	1480	wrterror("out of memory");
@@ -1525,7 +1491,6 @@ calloc(size_t nmemb, size_t size)
1525	r = omalloc(size, 1);	1491	r = omalloc(size, 1);
1526		1492
1527	malloc_active--;	1493	malloc_active--;
1528	PROTECT_G_POOL();
1529	_MALLOC_UNLOCK();	1494	_MALLOC_UNLOCK();
1530	if (r == NULL && mopts.malloc_xmalloc) {	1495	if (r == NULL && mopts.malloc_xmalloc) {
1531	wrterror("out of memory");	1496	wrterror("out of memory");