diff options
| author | Kostya Kortchinsky <kostyak@google.com> | 2017-08-28 15:20:02 +0000 |
|---|---|---|
| committer | Kostya Kortchinsky <kostyak@google.com> | 2017-08-28 15:20:02 +0000 |
| commit | 476f21d87ec1d512a0143dd37a62d08ab71dc5b5 (patch) | |
| tree | aa21620ac704125fc21f8cabe2d2195e68ba5c17 /compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc | |
| parent | 867e36de383e843b3908b18a964b71cf768e5b22 (diff) | |
| download | bcm5719-llvm-476f21d87ec1d512a0143dd37a62d08ab71dc5b5.tar.gz bcm5719-llvm-476f21d87ec1d512a0143dd37a62d08ab71dc5b5.zip | |
[sanitizer] Re-introduce kUseSeparateSizeClassForBatch for the 32-bit Primary
Summary:
Currently `TransferBatch` are located within the same memory regions as
"regular" chunks. This is not ideal for security: they make for an interesting
target to overwrite, and are not protected by the frontend (namely, Scudo).
To solve this, we re-introduce `kUseSeparateSizeClassForBatch` for the 32-bit
Primary allowing for `TransferBatch` to end up in their own memory region.
Currently only Scudo would use this new feature, the default behavior remains
unchanged. The separate `kBatchClassID` was used for a brief period of time
previously but removed when the 64-bit ended up using the "free array".
Reviewers: alekseyshl, kcc, eugenis
Reviewed By: alekseyshl
Subscribers: llvm-commits, kubamracek
Differential Revision: https://reviews.llvm.org/D37082
llvm-svn: 311891
Diffstat (limited to 'compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc')
| -rw-r--r-- | compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc b/compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc index 0def8ee0fd7..9ec967bee7a 100644 --- a/compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc +++ b/compiler-rt/lib/sanitizer_common/tests/sanitizer_allocator_test.cc @@ -240,6 +240,23 @@ TEST(SanitizerCommon, SizeClassAllocator32Compact) { TestSizeClassAllocator<Allocator32Compact>(); } +struct AP32SeparateBatches { + static const uptr kSpaceBeg = 0; + static const u64 kSpaceSize = kAddressSpaceSize; + static const uptr kMetadataSize = 16; + typedef DefaultSizeClassMap SizeClassMap; + static const uptr kRegionSizeLog = ::kRegionSizeLog; + typedef FlatByteMap<kFlatByteMapSize> ByteMap; + typedef NoOpMapUnmapCallback MapUnmapCallback; + static const uptr kFlags = + SizeClassAllocator32FlagMasks::kUseSeparateSizeClassForBatch; +}; +typedef SizeClassAllocator32<AP32SeparateBatches> Allocator32SeparateBatches; + +TEST(SanitizerCommon, SizeClassAllocator32SeparateBatches) { + TestSizeClassAllocator<Allocator32SeparateBatches>(); +} + template <class Allocator> void SizeClassAllocatorMetadataStress() { Allocator *a = new Allocator; |
