Date: Tue, 15 Feb 2005 20:35:53 -0500 From: Bosko Milekic <bosko.milekic@gmail.com> To: Julian Elischer <julian@elischer.org> Cc: cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/vm memguard.c Message-ID: <bbebbd3d050215173551a44520@mail.gmail.com> In-Reply-To: <421287CD.1080106@elischer.org> References: <200502152217.j1FMH7Qf054657@repoman.freebsd.org> <20050215224018.GJ32955@elvis.mu.org> <421287CD.1080106@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 15 Feb 2005 15:37:49 -0800, Julian Elischer <julian@elischer.org> wrote:
>
>
> Alfred Perlstein wrote:
>
> >Where can I read more about this feature? :)
> >
>
> You have to nail Boscoe to a sheet of 1m x 2m plywood and subject him to
> crude borg mind reading techniques.
>
> The upside is that if you succeed we get to do the same to you to find
> out what you learned. :-)
I believe that this will be unnecessary. Christian Brueffer is going
to write the first version of a memguard(9) man page and we will
update it thereafter.
Right now, MemGuard allows you to override particular malloc type
allocations. If you look at kern_malloc.c and search for "XXX
CHANGEME" you will find ifdef'd code that checks for M_SUBPROC and
thereby overrides M_SUBPROC allocations with MemGuard. So, suppose
you suspect a tamper-after-free race involving M_INODEDEP buffers;
what you can do for now is un-staticize the M_INODEDEP MALLOC_DEFINE,
drop a MALLOC_DECLARE in malloc.h (so that M_INODEDEP is visible from
kern_malloc.c), and replace those == M_SUBPROC comparisons in
kern_malloc.c to == M_INODEDEP comparisons. Then put "options
DEBUG_MEMGUARD" in your kernel config and build and install a new
kernel. During early bootup, you should see something like this:
MEMGUARD DEBUGGING ALLOCATOR INITIALIZED:
MEMGUARD map base: 0xc53e6000
MEMGUARD map limit: 0xc73e7000
MEMGUARD map size: 33558528 (Bytes)
This will confirm that MemGuard is indeed running.
I'd like to get MemGuard to accept a boot-time tunable way of
configuring which malloc type(s) to override, but this is yet to be
implemented. Similarly, it would be worth getting MemGuard to also
override certain UMA zone allocations.
For further details, either glance at src/sys/vm/memguard.c or wait
for the man page.
--
Bosko Milekic - If I were a number, I'd be irrational.
Contact Info: http://bmilekic.unixdaemons.com/contact.txt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bbebbd3d050215173551a44520>