michael@0: /* michael@0: * Copyright (C) 2008 Apple Inc. All rights reserved. michael@0: * michael@0: * Redistribution and use in source and binary forms, with or without michael@0: * modification, are permitted provided that the following conditions michael@0: * are met: michael@0: * 1. Redistributions of source code must retain the above copyright michael@0: * notice, this list of conditions and the following disclaimer. michael@0: * 2. Redistributions in binary form must reproduce the above copyright michael@0: * notice, this list of conditions and the following disclaimer in the michael@0: * documentation and/or other materials provided with the distribution. michael@0: * michael@0: * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY michael@0: * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE michael@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR michael@0: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR michael@0: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, michael@0: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, michael@0: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR michael@0: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY michael@0: * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT michael@0: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE michael@0: * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. michael@0: */ michael@0: michael@0: #include "assembler/jit/ExecutableAllocator.h" michael@0: michael@0: #if ENABLE_ASSEMBLER && WTF_OS_WINDOWS michael@0: michael@0: #include "jswin.h" michael@0: #include "mozilla/WindowsVersion.h" michael@0: michael@0: extern uint64_t random_next(uint64_t *, int); michael@0: michael@0: namespace JSC { michael@0: michael@0: uint64_t ExecutableAllocator::rngSeed; michael@0: michael@0: size_t ExecutableAllocator::determinePageSize() michael@0: { michael@0: SYSTEM_INFO system_info; michael@0: GetSystemInfo(&system_info); michael@0: return system_info.dwPageSize; michael@0: } michael@0: michael@0: void *ExecutableAllocator::computeRandomAllocationAddress() michael@0: { michael@0: /* michael@0: * Inspiration is V8's OS::Allocate in platform-win32.cc. michael@0: * michael@0: * VirtualAlloc takes 64K chunks out of the virtual address space, so we michael@0: * keep 16b alignment. michael@0: * michael@0: * x86: V8 comments say that keeping addresses in the [64MiB, 1GiB) range michael@0: * tries to avoid system default DLL mapping space. In the end, we get 13 michael@0: * bits of randomness in our selection. michael@0: * x64: [2GiB, 4TiB), with 25 bits of randomness. michael@0: */ michael@0: static const unsigned chunkBits = 16; michael@0: #if WTF_CPU_X86_64 michael@0: static const uintptr_t base = 0x0000000080000000; michael@0: static const uintptr_t mask = 0x000003ffffff0000; michael@0: #elif WTF_CPU_X86 michael@0: static const uintptr_t base = 0x04000000; michael@0: static const uintptr_t mask = 0x3fff0000; michael@0: #else michael@0: # error "Unsupported architecture" michael@0: #endif michael@0: uint64_t rand = random_next(&rngSeed, 32) << chunkBits; michael@0: return (void *) (base | rand & mask); michael@0: } michael@0: michael@0: static bool michael@0: RandomizeIsBrokenImpl() michael@0: { michael@0: // We disable everything before Vista, for now. michael@0: return !mozilla::IsVistaOrLater(); michael@0: } michael@0: michael@0: static bool michael@0: RandomizeIsBroken() michael@0: { michael@0: // Use the compiler's intrinsic guards for |static type value = expr| to avoid some potential michael@0: // races if runtimes are created from multiple threads. michael@0: static int result = RandomizeIsBrokenImpl(); michael@0: return !!result; michael@0: } michael@0: michael@0: ExecutablePool::Allocation ExecutableAllocator::systemAlloc(size_t n) michael@0: { michael@0: void *allocation = NULL; michael@0: // Randomization disabled to avoid a performance fault on x64 builds. michael@0: // See bug 728623. michael@0: #ifndef JS_CPU_X64 michael@0: if (!RandomizeIsBroken()) { michael@0: void *randomAddress = computeRandomAllocationAddress(); michael@0: allocation = VirtualAlloc(randomAddress, n, MEM_COMMIT | MEM_RESERVE, michael@0: PAGE_EXECUTE_READWRITE); michael@0: } michael@0: #endif michael@0: if (!allocation) michael@0: allocation = VirtualAlloc(0, n, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE); michael@0: ExecutablePool::Allocation alloc = { reinterpret_cast(allocation), n }; michael@0: return alloc; michael@0: } michael@0: michael@0: void ExecutableAllocator::systemRelease(const ExecutablePool::Allocation& alloc) michael@0: { michael@0: VirtualFree(alloc.pages, 0, MEM_RELEASE); michael@0: } michael@0: michael@0: void michael@0: ExecutablePool::toggleAllCodeAsAccessible(bool accessible) michael@0: { michael@0: char* begin = m_allocation.pages; michael@0: size_t size = m_freePtr - begin; michael@0: michael@0: if (size) { michael@0: // N.B. DEP is not on automatically in Windows XP, so be sure to use michael@0: // PAGE_NOACCESS instead of PAGE_READWRITE when making inaccessible. michael@0: DWORD oldProtect; michael@0: int flags = accessible ? PAGE_EXECUTE_READWRITE : PAGE_NOACCESS; michael@0: if (!VirtualProtect(begin, size, flags, &oldProtect)) michael@0: MOZ_CRASH(); michael@0: } michael@0: } michael@0: michael@0: #if ENABLE_ASSEMBLER_WX_EXCLUSIVE michael@0: #error "ASSEMBLER_WX_EXCLUSIVE not yet suported on this platform." michael@0: #endif michael@0: michael@0: } michael@0: michael@0: #endif // HAVE(ASSEMBLER)