[compiler-rt] [tsan] Lazily call 'personality' to minimize sandbox violations (PR #79334)
Thurston Dang via llvm-commits
llvm-commits at lists.llvm.org
Thu Jan 25 10:53:26 PST 2024
================
@@ -267,6 +267,14 @@ static void ReExecIfNeeded() {
if (reexec) {
// Don't check the address space since we're going to re-exec anyway.
} else if (!CheckAndProtect(false, false, false)) {
+ // ASLR personality check.
+ // N.B. 'personality' is sometimes forbidden by sandboxes, so we only call
+ // this as a last resort (when the memory mapping is incompatible and TSan
+ // would fail anyway).
+ int old_personality = personality(0xffffffff);
----------------
thurstond wrote:
I've removed the test in the latest commit (https://github.com/llvm/llvm-project/pull/79334/commits/0b4c8464b5045e80eccd9acc11e7312d6caa3c88).
With the re-exec patch + this patch:
- low entropy ASLR, no sandbox: TSan works
- low entropy ASLR, with sandbox: TSan works
- high entropy ASLR, no sandbox: TSan works
- high entropy ASLR, with sandbox: TSan will trigger a sandbox violation, but TSan didn't work anyway with high entropy ASLR. Moreover, this is currently only a hypothetical case.
https://github.com/llvm/llvm-project/pull/79334
More information about the llvm-commits
mailing list