[PATCH] D20084: [sanitizer] Initial implementation of a Hardened Allocator
Dmitry Vyukov via llvm-commits
llvm-commits at lists.llvm.org
Tue May 17 01:19:33 PDT 2016
dvyukov added inline comments.
================
Comment at: projects/compiler-rt/lib/hardened_allocator/scudo_allocator.cc:189
@@ +188,3 @@
+
+ // Chunk recycling function, returns a quarantined chunk to the backend.
+ void Recycle(ScudoChunk *chunk) {
----------------
If a free comes after we drained local cache, asan uses a global cache. Grep for "fallback" in asan_allocator.cc. Tsan now uses the same. It sucks. But I don't see how to do better. We need to detect when a thread is actually finished, but it's tricky to do with pthread_join API.
================
Comment at: projects/compiler-rt/lib/hardened_allocator/scudo_utils.cc:111
@@ +110,3 @@
+ std::hash<std::thread::id> hasher;
+ return getRdTSC() ^ hasher(std::this_thread::get_id()) ^
+ std::chrono::high_resolution_clock::now().time_since_epoch().count();
----------------
cryptoad wrote:
> filcab wrote:
> > Using `/dev/urandom` should be what you need, yes.
> > Did you still have problems with urandom, btw?
> /dev/udrandom appeared to work fine.
/dev/urandom is not what you need. It trades security for performance. I.e. instead of blocking it will just give you predictable randomness. Which kind of defeats the whole purpose of a security allocator.
/dev/random blocks when it does not have enough entropy. But there is not much you can do if you do need the entropy.
If it returns less bytes, read again. That's how it works with all read calls.
http://reviews.llvm.org/D20084
More information about the llvm-commits
mailing list