From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2155) id 4123F3858D35; Tue, 17 Jan 2023 19:15:34 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4123F3858D35 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1673982934; bh=8WPEhoWkC3cf0avWYKUSPPF980df3x58qPNf/L1WRDA=; h=From:To:Subject:Date:From; b=rIMWjznsG6OtPhVpFV/NgCGQSDDiQRbN7hzNRooYR5WiTGL0lpLBAnYayqXgJoK6v FXlHSN2hlj3rxpqewl1Bmotdp4zn0cxeIRULuL0Y0KlvdT4Ijo9GQzrk6SElSzsHIK 1uIRsLN4I1y5MSAXs/q7BaPG5cC4LkZsLdD7wK9Q= Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Corinna Vinschen To: cygwin-cvs@sourceware.org Subject: [newlib-cygwin/cygwin-3_4-branch] Cygwin: open_shared: try harder allocating a shared region X-Act-Checkin: newlib-cygwin X-Git-Author: Corinna Vinschen X-Git-Refname: refs/heads/cygwin-3_4-branch X-Git-Oldrev: 1e854c18e5b2261e159671f6c09de593f3618ca2 X-Git-Newrev: fb16f490bf6e56ace20a7d7ee29a8a46aef3adba Message-Id: <20230117191534.4123F3858D35@sourceware.org> Date: Tue, 17 Jan 2023 19:15:34 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=3Dnewlib-cygwin.git;h=3Dfb16f490bf6= e56ace20a7d7ee29a8a46aef3adba commit fb16f490bf6e56ace20a7d7ee29a8a46aef3adba Author: Corinna Vinschen AuthorDate: Tue Jan 17 10:18:51 2023 +0100 Commit: Corinna Vinschen CommitDate: Tue Jan 17 19:49:39 2023 +0100 Cygwin: open_shared: try harder allocating a shared region =20 For fixed regions (cygwin/user/myself/shared console), try fixed address first. Fallback to non-fixed region. Don't even try fixed address if the Cygwin DLL gets dynamically loaded. =20 For non-fixed regions, try to allocate in a loop within the area from SHARED_REGIONS_ADDRESS_LOW to SHARED_REGIONS_ADDRESS_HIGH. =20 Fixes: 60675f1a7eb2 ("Cygwin: decouple shared mem regions from Cygwin D= LL") Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/mm/shared.cc | 58 ++++++++++++++++++++++++++++++++++++-----= ---- winsup/cygwin/release/3.4.4 | 6 +++++ 2 files changed, 53 insertions(+), 11 deletions(-) diff --git a/winsup/cygwin/mm/shared.cc b/winsup/cygwin/mm/shared.cc index aa9997c7569c..d23cc8e0e510 100644 --- a/winsup/cygwin/mm/shared.cc +++ b/winsup/cygwin/mm/shared.cc @@ -122,6 +122,7 @@ static uintptr_t region_address[] =3D SHARED_CONSOLE_REGION_ADDRESS, /* SH_SHARED_CONSOLE */ 0 }; +static NO_COPY uintptr_t next_address =3D SHARED_REGIONS_ADDRESS_LOW; =20 void * open_shared (const WCHAR *name, int n, HANDLE& shared_h, DWORD size, @@ -138,14 +139,9 @@ open_shared (const WCHAR *name, int n, HANDLE& shared_= h, DWORD size, { WCHAR map_buf[MAX_PATH]; WCHAR *mapname =3D NULL; - void *shared; + void *shared =3D NULL; void *addr; =20 - if (m =3D=3D SH_JUSTCREATE || m =3D=3D SH_JUSTOPEN) - addr =3D NULL; - else - addr =3D (void *) region_address[m]; - created =3D false; if (!shared_h) { @@ -170,14 +166,54 @@ open_shared (const WCHAR *name, int n, HANDLE& shared= _h, DWORD size, return NULL; } =20 - shared =3D MapViewOfFileEx (shared_h, FILE_MAP_READ | FILE_MAP_WRITE, - 0, 0, 0, addr); + if (m < SH_TOTAL_SIZE && !dynamically_loaded) + { + /* Fixed regions. Don't do that if Cygwin gets dynamically loaded. + The process loading the DLL might be configured with High-Entropy + ASLR. Chances for collisions are pretty high. + + Note that we don't actually *need* fixed addresses. The only + advantage is reproducibility to help /proc//maps along. */ + addr =3D (void *) region_address[m]; + shared =3D MapViewOfFileEx (shared_h, FILE_MAP_READ | FILE_MAP_WRITE, + 0, 0, 0, addr); + } + /* Also catch the unlikely case that a fixed region can't be mapped at t= he + fixed address. */ + if (!shared) + { + /* Locate shared regions in the area between SHARED_REGIONS_ADDRESS_= LOW + and SHARED_REGIONS_ADDRESS_HIGH, retrying until we have a slot. + Don't use MapViewOfFile3 (loader deadlock during fork. */ + bool loop =3D false; + + addr =3D (void *) next_address; + do + { + shared =3D MapViewOfFileEx (shared_h, FILE_MAP_READ | FILE_MAP_WRITE, + 0, 0, 0, addr); + if (!shared) + { + next_address +=3D wincap.allocation_granularity (); + if (next_address >=3D SHARED_REGIONS_ADDRESS_HIGH) + { + if (loop) + break; + next_address =3D SHARED_REGIONS_ADDRESS_LOW; + loop =3D true; + } + addr =3D (void *) next_address; + } + } + while (!shared); + } =20 if (!shared) - api_fatal ("MapViewOfFileEx '%W'(%p), %E. Terminating.", mapname, sha= red_h); + api_fatal ("MapViewOfFileEx '%W'(%p, size %u, m %d, created %d), %E. " + "Terminating.", mapname, shared_h, size, m, created); =20 - debug_printf ("name %W, n %d, shared %p (wanted %p), h %p, m %d", - mapname, n, shared, addr, shared_h, m); + debug_printf ("name %W, shared %p (wanted %p), h %p, m %d, created %d", + mapname, shared, addr, shared_h, m, created); =20 return shared; } diff --git a/winsup/cygwin/release/3.4.4 b/winsup/cygwin/release/3.4.4 index 2c93cd0663c2..409c589292f2 100644 --- a/winsup/cygwin/release/3.4.4 +++ b/winsup/cygwin/release/3.4.4 @@ -16,3 +16,9 @@ Bug Fixes =20 - Fix vmstat(1) printing an error message on single core CPUs. Addresses: https://cygwin.com/pipermail/cygwin/2023-January/252857.html + +- Fix potential process termination during process initialization. + Most easily reproducible is the case of non-Cygwin processes running + with high-entropy VA enabled and loading the Cygwin DLL dynamically. + Addresses: https://cygwin.com/pipermail/cygwin/2023-January/252765.html + https://cygwin.com/pipermail/cygwin/2023-January/252865.html