Summary:
A couple of changes in the Scudo documentation:
- tag the shell code blocks as `console`;
- document error messages that are displayed in some termination conditions,
the reason they triggered, and potential causes.
Reviewers: eugenis, enh
Reviewed By: eugenis
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D56857
llvm-svn: 351838
Summary:
Minor changes to reflect changes to the code that were not documented:
- `SCUDO_DEFAULT_OPTIONS` compile time way of defining options;
- MIPS added as a supported architecture;
- clarification on how to fully disable the Quarantine;
- rewording in a few places.
Reviewers: alekseyshl, flowerhack
Reviewed By: alekseyshl
Subscribers: sdardis, arichardson, atanasyan, llvm-commits
Differential Revision: https://reviews.llvm.org/D47071
llvm-svn: 332736
Summary:
The documentation has fallen a bit behind, update it with the latest evolution
of the allocator:
- clarify a couple of expectations regarding what is meant to be achieved;
- update the header format;
- document `-fsanitize=scudo`.
Reviewers: alekseyshl, flowerhack
Reviewed By: alekseyshl
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D41670
llvm-svn: 321811
Summary:
QuarantineSizeMb is deprecated, and QuarantineChunksUpToSize has been added as a new tunable option.
Reviewers: cryptoad
Reviewed By: cryptoad
Differential Revision: https://reviews.llvm.org/D37238
llvm-svn: 312025
Summary:
Documentation update to reflect the changes that occured in the allocator:
- additional architectures support;
- modification of the header;
- options default values for 32 & 64-bit.
Reviewers: kcc, alekseyshl
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D29592
llvm-svn: 294595
Summary:
Currently, the Scudo Hardened Allocator only gets its flags via the SCUDO_OPTIONS environment variable.
With this patch, we offer the opportunity for programs to define their own options via __scudo_default_options() which behaves like __asan_default_options() (weak symbol).
A relevant test has been added as well, and the documentation updated accordingly.
I also used this patch as an opportunity to rename a few variables to comply with the LLVM naming scheme, and replaced a use of Report with dieWithMessage for consistency (and to avoid a callback).
Reviewers: llvm-commits, kcc
Differential Revision: https://reviews.llvm.org/D23018
llvm-svn: 277536
Summary:
This is an initial implementation of a Hardened Allocator based on Sanitizer Common's CombinedAllocator.
It aims at mitigating heap based vulnerabilities by adding several features to the base allocator, while staying relatively fast.
The following were implemented:
- additional consistency checks on the allocation function parameters and on the heap chunks;
- use of checksum protected chunk header, to detect corruption;
- randomness to the allocator base;
- delayed freelist (quarantine), to mitigate use after free and overall determinism.
Additional mitigations are in the works.
Reviewers: eugenis, aizatsky, pcc, krasin, vitalybuka, glider, dvyukov, kcc
Subscribers: kubabrecka, filcab, llvm-commits
Differential Revision: http://reviews.llvm.org/D20084
llvm-svn: 271968