aboutsummaryrefslogtreecommitdiff
path: root/src/lib/malloc
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2019-03-06 10:35:02 -0500
committerNick Mathewson <nickm@torproject.org>2019-04-04 12:56:52 -0400
commit12205c3cbee4e71ded2b5710a57342b510e9d6df (patch)
treea0f1800c2e4c95ce37409fdecf28830188fb161a /src/lib/malloc
parentab6ad3c040de68b1f06b8f910407bff570b24b43 (diff)
downloadtor-12205c3cbee4e71ded2b5710a57342b510e9d6df.tar.gz
tor-12205c3cbee4e71ded2b5710a57342b510e9d6df.zip
Make map_anon expose the result of a noinherit attempt
Previously we did this for tests only, but it's valuable for getting proper fork behavior in rand_fast.
Diffstat (limited to 'src/lib/malloc')
-rw-r--r--src/lib/malloc/map_anon.c48
-rw-r--r--src/lib/malloc/map_anon.h17
2 files changed, 31 insertions, 34 deletions
diff --git a/src/lib/malloc/map_anon.c b/src/lib/malloc/map_anon.c
index 5dac5256a6..bb0a3d5741 100644
--- a/src/lib/malloc/map_anon.c
+++ b/src/lib/malloc/map_anon.c
@@ -107,54 +107,34 @@ nodump_mem(void *mem, size_t sz)
#endif
}
-#ifdef TOR_UNIT_TESTS
-static unsigned last_anon_map_noinherit = ~0;
-/* Testing helper: return the outcome of the last call to noinherit_mem():
- * 0 if it did no good; 1 if it caused the memory not to be inherited, and
- * 2 if it caused the memory to be cleared on fork */
-unsigned
-get_last_anon_map_noinherit(void)
-{
- return last_anon_map_noinherit;
-}
-static void
-set_last_anon_map_noinherit(unsigned f)
-{
- last_anon_map_noinherit = f;
-}
-#else
-static void
-set_last_anon_map_noinherit(unsigned f)
-{
- (void)f;
-}
-#endif
-
/**
* Helper: try to prevent the <b>sz</b> bytes at <b>mem</b> from being
* accessible in child processes -- ideally by having them set to 0 after a
* fork, and if that doesn't work, by having them unmapped after a fork.
* Return 0 on success or if the facility is not available on this OS; return
* -1 on failure.
+ *
+ * If we successfully make the memory uninheritable, adjust the value of
+ * *<b>inherit_result_out</b>.
*/
static int
-noinherit_mem(void *mem, size_t sz)
+noinherit_mem(void *mem, size_t sz, unsigned *inherit_result_out)
{
- set_last_anon_map_noinherit(0);
#ifdef FLAG_ZERO
int r = MINHERIT(mem, sz, FLAG_ZERO);
if (r == 0) {
- set_last_anon_map_noinherit(2);
+ *inherit_result_out = INHERIT_ZERO;
return 0;
}
#endif
#ifdef FLAG_NOINHERIT
int r2 = MINHERIT(mem, sz, FLAG_NOINHERIT);
if (r2 == 0) {
- set_last_anon_map_noinherit(1);
+ *inherit_result_out = INHERIT_DROP;
}
return r2;
#else
+ (void)inherit_result_out;
(void)mem;
(void)sz;
return 0;
@@ -174,14 +154,24 @@ noinherit_mem(void *mem, size_t sz)
* Memory returned from this function must be released with
* tor_munmap_anonymous().
*
+ * If <b>inherit_result_out</b> is non-NULL, set it to one of INHERIT_KEEP,
+ * INHERIT_DROP, and INHERIT_ZERO, depending on the properties of the returned
+ * memory.
+ *
* [Note: OS people use the word "anonymous" here to mean that the memory
* isn't associated with any file. This has *nothing* to do with the kind of
* anonymity that Tor is trying to provide.]
*/
void *
-tor_mmap_anonymous(size_t sz, unsigned flags)
+tor_mmap_anonymous(size_t sz, unsigned flags, unsigned *inherit_result_out)
{
void *ptr;
+ unsigned itmp=0;
+ if (inherit_result_out == NULL) {
+ inherit_result_out = &itmp;
+ }
+ *inherit_result_out = INHERIT_KEEP;
+
#if defined(_WIN32)
HANDLE mapping = CreateFileMapping(INVALID_HANDLE_VALUE,
NULL, /*attributes*/
@@ -214,7 +204,7 @@ tor_mmap_anonymous(size_t sz, unsigned flags)
}
if (flags & ANONMAP_NOINHERIT) {
- int noinherit_result = noinherit_mem(ptr, sz);
+ int noinherit_result = noinherit_mem(ptr, sz, inherit_result_out);
raw_assert(noinherit_result == 0);
}
diff --git a/src/lib/malloc/map_anon.h b/src/lib/malloc/map_anon.h
index 395145bd71..edd7500821 100644
--- a/src/lib/malloc/map_anon.h
+++ b/src/lib/malloc/map_anon.h
@@ -31,11 +31,18 @@
*/
#define ANONMAP_NOINHERIT (1u<<1)
-void *tor_mmap_anonymous(size_t sz, unsigned flags);
-void tor_munmap_anonymous(void *mapping, size_t sz);
+/** Possible value for inherit_result_out: the memory will be kept
+ * by any child process. */
+#define INHERIT_KEEP 0
+/** Possible value for inherit_result_out: the memory will be dropped in
+ * the child process. Attempting to access it will likely cause a segfault. */
+#define INHERIT_DROP 1
+/** Possible value for inherit_result_out: the memory will be cleared in
+ * the child process. */
+#define INHERIT_ZERO 2
-#ifdef TOR_UNIT_TESTS
-unsigned get_last_anon_map_noinherit(void);
-#endif
+void *tor_mmap_anonymous(size_t sz, unsigned flags,
+ unsigned *inherit_result_out);
+void tor_munmap_anonymous(void *mapping, size_t sz);
#endif /* !defined(TOR_MAP_ANON_H) */