search

gramineproject / graphene

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support
https://grapheneproject.io
GNU Lesser General Public License v3.0
771 stars 260 forks source link

[Pal/Linux] Cap max available address for LibOS's memory management #2595

Closed dimakuv closed 3 years ago

dimakuv commented 3 years ago

Description of the changes

During fork, the parent process checkpoints LibOS-managed memory regions and the child process restores them at the exact same addresses. However, the child process's main executable (libpal.so) may be mapped randomly because we don't use fork for this emulation (which would preserve the libpal.so memory mapping) but execve (which allows Linux host to perform ASLR on libpal.so). This leads to transient failures of the child because its libpal.so's memory region may overlap with restored-from-checkpoint memory regions.

This commit restricts the memory range accessible to LibOS for memory management. Since Linux allocates from the top of the x86-64 address range (in approx. 0x7f... range), we hard-code a max available address for LibOS memory management to definitely not overlap with 0x7f... range.

For more context, see https://github.com/oscarlab/graphene/issues/2589.

Fixes #2589.

How to test this PR?

Try stress-ng manually (#2589).

This change is Reviewable

boryspoplawski commented 3 years ago

Superseded by https://github.com/gramineproject/gramine/pull/89