1 /*
2 * Copyright (C) 2010 Apple Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23 * THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26 #include "config.h"
27 #include "OSAllocator.h"
28
29 #if OS(UNIX)
30
31 #include <cstdlib>
32
33 #include "PageAllocation.h"
34 #include <dlfcn.h>
35 #include <errno.h>
36 #include <sys/mman.h>
37 #include <wtf/Assertions.h>
38 #include <wtf/UnusedParam.h>
39
40 #if OS(LINUX)
41 #include <sys/syscall.h>
42 #ifndef MFD_CLOEXEC
43 #define MFD_CLOEXEC 0x0001U
44 #endif
45 #endif
46
47 #if defined(__ANDROID__) && defined(SYS_memfd_create)
48 // On Android it's been observed that permissions of memory mappings
49 // backed by a memfd could not be changed via mprotect for no obvious
50 // reason.
51 # undef SYS_memfd_create
52 #endif
53
54 namespace WTF {
55
56 #ifdef SYS_memfd_create
memfdForUsage(size_t bytes,OSAllocator::Usage usage)57 static int memfdForUsage(size_t bytes, OSAllocator::Usage usage)
58 {
59 const char *type = "unknown-usage:";
60 switch (usage) {
61 case OSAllocator::UnknownUsage:
62 break;
63 case OSAllocator::FastMallocPages:
64 type = "fastmalloc:";
65 break;
66 case OSAllocator::JSGCHeapPages:
67 type = "JSGCHeap:";
68 break;
69 case OSAllocator::JSVMStackPages:
70 type = "JSVMStack:";
71 break;
72 case OSAllocator::JSJITCodePages:
73 type = "JITCode:";
74 break;
75 }
76
77 char buf[PATH_MAX];
78 strcpy(buf, type);
79 strcat(buf, "QtQml");
80
81 int fd = syscall(SYS_memfd_create, buf, MFD_CLOEXEC);
82 if (fd != -1) {
83 if (ftruncate(fd, bytes) == 0)
84 return fd;
85 }
86 close(fd);
87 return -1;
88 }
89 #elif OS(LINUX)
90 static int memfdForUsage(size_t bytes, OSAllocator::Usage usage)
91 {
92 UNUSED_PARAM(bytes);
93 UNUSED_PARAM(usage);
94 return -1;
95 }
96 #endif
97
reserveUncommitted(size_t bytes,Usage usage,bool writable,bool executable)98 void* OSAllocator::reserveUncommitted(size_t bytes, Usage usage, bool writable, bool executable)
99 {
100 #if OS(QNX)
101 // Reserve memory with PROT_NONE and MAP_LAZY so it isn't committed now.
102 void* result = mmap(0, bytes, PROT_NONE, MAP_LAZY | MAP_PRIVATE | MAP_ANON, -1, 0);
103 if (result == MAP_FAILED)
104 CRASH();
105 #elif OS(LINUX)
106 UNUSED_PARAM(writable);
107 UNUSED_PARAM(executable);
108 int fd = memfdForUsage(bytes, usage);
109
110 void* result = mmap(0, bytes, PROT_NONE, MAP_NORESERVE | MAP_PRIVATE |
111 (fd == -1 ? MAP_ANON : 0), fd, 0);
112 if (result == MAP_FAILED)
113 CRASH();
114 madvise(result, bytes, MADV_DONTNEED);
115
116 if (fd != -1)
117 close(fd);
118 #else
119 void* result = reserveAndCommit(bytes, usage, writable, executable);
120 #if HAVE(MADV_FREE_REUSE)
121 // To support the "reserve then commit" model, we have to initially decommit.
122 while (madvise(result, bytes, MADV_FREE_REUSABLE) == -1 && errno == EAGAIN) { }
123 #endif
124
125 #endif // OS(QNX)
126
127 return result;
128 }
129
reserveAndCommit(size_t bytes,Usage usage,bool writable,bool executable,bool includesGuardPages)130 void* OSAllocator::reserveAndCommit(size_t bytes, Usage usage, bool writable, bool executable, bool includesGuardPages)
131 {
132 // All POSIX reservations start out logically committed.
133 int protection = PROT_READ;
134 if (writable)
135 protection |= PROT_WRITE;
136 if (executable)
137 protection |= PROT_EXEC;
138
139 int flags = MAP_PRIVATE | MAP_ANON;
140 #if PLATFORM(IOS)
141 if (executable)
142 flags |= MAP_JIT;
143 #endif
144
145 #if OS(DARWIN)
146 int fd = usage;
147 #elif OS(LINUX)
148 int fd = memfdForUsage(bytes, usage);
149 if (fd != -1)
150 flags &= ~MAP_ANON;
151 #else
152 UNUSED_PARAM(usage);
153 int fd = -1;
154 #endif
155
156 void* result = 0;
157 #if (OS(DARWIN) && CPU(X86_64))
158 if (executable) {
159 ASSERT(includesGuardPages);
160 // Cook up an address to allocate at, using the following recipe:
161 // 17 bits of zero, stay in userspace kids.
162 // 26 bits of randomness for ASLR.
163 // 21 bits of zero, at least stay aligned within one level of the pagetables.
164 //
165 // But! - as a temporary workaround for some plugin problems (rdar://problem/6812854),
166 // for now instead of 2^26 bits of ASLR lets stick with 25 bits of randomization plus
167 // 2^24, which should put up somewhere in the middle of userspace (in the address range
168 // 0x200000000000 .. 0x5fffffffffff).
169 intptr_t randomLocation = 0;
170 randomLocation = arc4random() & ((1 << 25) - 1);
171 randomLocation += (1 << 24);
172 randomLocation <<= 21;
173 result = reinterpret_cast<void*>(randomLocation);
174 }
175 #endif
176
177 result = mmap(result, bytes, protection, flags, fd, 0);
178 if (result == MAP_FAILED) {
179 #if ENABLE(LLINT)
180 if (executable)
181 result = 0;
182 else
183 #endif
184 CRASH();
185 }
186 if (result && includesGuardPages) {
187 // We use mmap to remap the guardpages rather than using mprotect as
188 // mprotect results in multiple references to the code region. This
189 // breaks the madvise based mechanism we use to return physical memory
190 // to the OS.
191 mmap(result, pageSize(), PROT_NONE, MAP_FIXED | MAP_PRIVATE | MAP_ANON, fd, 0);
192 mmap(static_cast<char*>(result) + bytes - pageSize(), pageSize(), PROT_NONE, MAP_FIXED | MAP_PRIVATE | MAP_ANON, fd, 0);
193 }
194
195 #if OS(LINUX)
196 if (fd != -1)
197 close(fd);
198 #endif
199
200 return result;
201 }
202
commit(void * address,size_t bytes,bool writable,bool executable)203 void OSAllocator::commit(void* address, size_t bytes, bool writable, bool executable)
204 {
205 #if OS(QNX)
206 int protection = PROT_READ;
207 if (writable)
208 protection |= PROT_WRITE;
209 if (executable)
210 protection |= PROT_EXEC;
211 if (MAP_FAILED == mmap(address, bytes, protection, MAP_FIXED | MAP_PRIVATE | MAP_ANON, -1, 0))
212 CRASH();
213 #elif OS(LINUX)
214 int protection = PROT_READ;
215 if (writable)
216 protection |= PROT_WRITE;
217 if (executable)
218 protection |= PROT_EXEC;
219 if (mprotect(address, bytes, protection))
220 CRASH();
221 madvise(address, bytes, MADV_WILLNEED);
222 #elif HAVE(MADV_FREE_REUSE)
223 UNUSED_PARAM(writable);
224 UNUSED_PARAM(executable);
225 while (madvise(address, bytes, MADV_FREE_REUSE) == -1 && errno == EAGAIN) { }
226 #else
227 // Non-MADV_FREE_REUSE reservations automatically commit on demand.
228 UNUSED_PARAM(address);
229 UNUSED_PARAM(bytes);
230 UNUSED_PARAM(writable);
231 UNUSED_PARAM(executable);
232 #endif
233 }
234
decommit(void * address,size_t bytes)235 void OSAllocator::decommit(void* address, size_t bytes)
236 {
237 #if OS(QNX)
238 // Use PROT_NONE and MAP_LAZY to decommit the pages.
239 mmap(address, bytes, PROT_NONE, MAP_FIXED | MAP_LAZY | MAP_PRIVATE | MAP_ANON, -1, 0);
240 #elif OS(LINUX)
241 madvise(address, bytes, MADV_DONTNEED);
242 if (mprotect(address, bytes, PROT_NONE))
243 CRASH();
244 #elif HAVE(MADV_FREE_REUSE)
245 while (madvise(address, bytes, MADV_FREE_REUSABLE) == -1 && errno == EAGAIN) { }
246 #elif HAVE(MADV_FREE)
247 while (madvise(address, bytes, MADV_FREE) == -1 && errno == EAGAIN) { }
248 #elif HAVE(MADV_DONTNEED)
249 while (madvise(address, bytes, MADV_DONTNEED) == -1 && errno == EAGAIN) { }
250 #else
251 UNUSED_PARAM(address);
252 UNUSED_PARAM(bytes);
253 #endif
254 }
255
releaseDecommitted(void * address,size_t bytes)256 void OSAllocator::releaseDecommitted(void* address, size_t bytes)
257 {
258 int result = munmap(address, bytes);
259 if (result == -1)
260 CRASH();
261 }
262
canAllocateExecutableMemory()263 bool OSAllocator::canAllocateExecutableMemory()
264 {
265 int flags = MAP_PRIVATE | MAP_ANON;
266 #if PLATFORM(IOS)
267 if (executable)
268 flags |= MAP_JIT;
269 #endif
270 const auto size = pageSize();
271 void *testPage = mmap(nullptr, size, PROT_READ | PROT_WRITE | PROT_EXEC, flags, /*fd*/-1, /*offset*/0);
272 if (testPage == MAP_FAILED)
273 return false;
274 munmap(testPage, size);
275 return true;
276 }
277
278 } // namespace WTF
279
280 #endif // OS(UNIX)
281