Page MenuHomeFreeBSD
Differential D33070

Fix coredump_phnum test with ASLR enabled by default
ClosedPublic
Actions

Authored by emaste on Nov 21 2021, 4:40 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Apr 5, 5:03 PM
Unknown Object (File)
Fri, Apr 5, 4:22 PM
Unknown Object (File)
Fri, Apr 5, 4:22 PM
Unknown Object (File)
Fri, Apr 5, 4:19 PM
Unknown Object (File)
Fri, Apr 5, 3:38 PM
Unknown Object (File)
Mar 12 2024, 9:16 AM
Unknown Object (File)
Feb 11 2024, 4:37 PM
Unknown Object (File)
Feb 11 2024, 4:33 PM
View All 47 Files
Subscribers
imp

Details

Reviewers
kib
lwhsu
mw
Commits
rGd3a7b75bbcb5: Fix coredump_phnum test with ASLR enabled
rGee2e925603e4: Fix coredump_phnum test with ASLR enabled
rG8ec4c5dae327: Fix coredump_phnum test with ASLR enabled by default
Summary

coredump_phnum test tries to generate a core file with many PT_LOAD segments. Previously it called mmap() in a loop with alternating protections, relying on each mapping following the previous. This resulted in a core file with many page-sized PT_LOAD segments. With ASLR on we no longer have this property of each mmap() following the previous.

Instead, perform a single allocation, and then use mprotect() to set alternating pages to PROT_READ.

PR: 259970

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.Nov 21 2021, 4:40 PM
emaste created this revision.
kib added a comment.Nov 21 2021, 5:09 PM

I am not sure that this change makes code in any way better than previous version. Now it depends on internals of malloc(3) that are probably the implementation details.
I would preallocate large region with MAP_ANON, and then change the protection of each second page as you do. Or preallocate large region with MAP_GUARD, and then allocate pages with MAP_FIXED/incompatible protections.

BTW, what is the condition that fails to hold with the aslr enabled? Old code, as is, still creates many page-sized mappings, which are not coalsesced.

emaste updated this revision to Diff 98800.Nov 21 2021, 5:13 PM

allocate MAP_ANON region, per kib

emaste added a comment.Nov 21 2021, 5:17 PM

BTW, what is the condition that fails to hold with the aslr enabled?

The test tries to create (a bit over) 65536 LOAD segments, added here:

commit e8e39fc29e6fc7df03edc6bb80444f22796a49e7
Author: Conrad Meyer <cem@FreeBSD.org>
Date:   Tue Nov 1 19:18:16 2016 +0000

    Add test case for >65535 segment coredumps
    
    A long-belated follow-up to r303099.
    
    With feedback from:     jmmv, ngie
    Sponsored by:   Dell EMC Isilon
    Differential Revision:  https://reviews.freebsd.org/D7264

Notes:
    svn path=/head/; revision=308177

Here is a testrun log: https://ci.freebsd.org/job/FreeBSD-main-amd64-test/19867/testReport/junit/sys.kern/coredump_phnum_test/coredump_phnum/

Number of program headers: 17

So it seems there is coalescing happening?

kib added a comment.Nov 21 2021, 5:39 PM

I am somewhat surprised that coalescing worked that good,

tests/sys/kern/coredump_phnum_helper.c
57–59

Since you are mprotect'ing at the page (i+1), shouldn't loop use i < pages - 1 as the stop condition? For me, it looks like you are changing protection of one page after the mmaped region.

Or change mmap to allocate pages + 1 pages.

emaste updated this revision to Diff 98803.Nov 21 2021, 5:44 PM

avoid + 1 issue per kib

+/- one page at the boundary doesn't matter

kib accepted this revision.Nov 21 2021, 5:51 PM
This revision is now accepted and ready to land.Nov 21 2021, 5:51 PM
Closed by commit rG8ec4c5dae327: Fix coredump_phnum test with ASLR enabled by default (authored by emaste). · Explain WhyNov 21 2021, 6:00 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG8ec4c5dae327: Fix coredump_phnum test with ASLR enabled by default.
Herald added a subscriber: imp. · View Herald TranscriptNov 21 2021, 6:00 PM
emaste added a commit: rGee2e925603e4: Fix coredump_phnum test with ASLR enabled.Nov 28 2021, 2:06 AM
emaste added a commit: rGd3a7b75bbcb5: Fix coredump_phnum test with ASLR enabled.Nov 28 2021, 2:56 AM

Revision Contents
Changeset List

PathSize
tests/
sys/
kern/
21 lines

Diff 98804

View Options

tests/sys/kern/coredump_phnum_helper.c

Loading...