Re: Understanding Linux addr space, malloc, and heap

On Oct 21, 2005, at 11:37:07, Vincent W. Freeh wrote:

The point of the code is to show that one can protect malloc code.

You may be able to protect malloced memory, but it's not reliable, itdoesn't follow the standard, and if it breaks you get to keep bothpieces. You tried to protect malloced memory, it wasn't reliable, itdidn't follow the standard, therefore you get to keep both pieces.

But I can't mprotect the 66th page I malloc. And mprotect failsSILENTLY!

You must understand that malloc does not necessarily return a_page_. It returns a random hunk of memory aligned to a 16 byteboundary, which is *not* the same as aligned to a page boundary(usually 4096 bytes). Your code is buggy:

  mprotect((void*)((unsigned)p & ~(pgsize-1)), 1024, PROT_NONE);

You malloced 1024 bytes (1024 != page size (usually 4096)). You thenround down to a multiple of a page size, and mprotect that page(since you used a size < 1 page, it rounds up to a page). If mallocreturns an offset 4080 bytes into a page (aligned on a 16-byteboundary), and you round down and protect that page, then only thefirst 16 bytes of the memory you got will be protected.

You *cannot* reliably expect to mprotect() the results of malloc().If you want to mprotect() things, you _must_ do it on mmap()ed memory.


Cheers,
Kyle Moffett

--

Somone asked me why I work on this free (http://www.fsf.org/philosophy/) software stuff and not get a real job. Charles Shultzhad the best answer:

"Why do musicians compose symphonies and poets write poems? They doit because life wouldn't have any meaning for them if they didn't.That's why I draw cartoons. It's my life."

  -- Charles Shultz


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: Understanding Linux addr space, malloc, and heap
  - From: "Vincent W. Freeh" <[email protected]>

References:
- Re: Understanding Linux addr space, malloc, and heap
  - From: "Vincent W. Freeh" <[email protected]>
- Re: Understanding Linux addr space, malloc, and heap
  - From: Arjan van de Ven <[email protected]>
- Re: Understanding Linux addr space, malloc, and heap
  - From: "Vincent W. Freeh" <[email protected]>
- Re: Understanding Linux addr space, malloc, and heap
  - From: Arjan van de Ven <[email protected]>
- Re: Understanding Linux addr space, malloc, and heap
  - From: "Vincent W. Freeh" <[email protected]>

Prev by Date: Re: [PATCH 1/4] Swap migration V3: LRU operations
Next by Date: Re: [PATCH 0/4] Swap migration V3: Overview
Previous by thread: Re: Understanding Linux addr space, malloc, and heap
Next by thread: Re: Understanding Linux addr space, malloc, and heap
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]