Simplify iOS trampoline table allocation
By using VM_FLAGS_OVERWRITE there is no need for speculatively allocating on a page we just deallocated. This approach eliminates the race-condition and gets rid of the retry logic.
This commit is contained in:
Ole André Vadla Ravnås
committed by
ksjogo
ksjogo
parent
7f558a9ba4
commit
57d8ff044c
168
src/closures.c
168
src/closures.c
@@ -107,93 +107,83 @@ static pthread_mutex_t ffi_trampoline_lock = PTHREAD_MUTEX_INITIALIZER;
|
|||||||
static ffi_trampoline_table *ffi_trampoline_tables = NULL;
|
static ffi_trampoline_table *ffi_trampoline_tables = NULL;
|
||||||
|
|
||||||
static ffi_trampoline_table *
|
static ffi_trampoline_table *
|
||||||
ffi_trampoline_table_alloc ()
|
ffi_trampoline_table_alloc (void)
|
||||||
{
|
{
|
||||||
ffi_trampoline_table *table = NULL;
|
ffi_trampoline_table *table;
|
||||||
|
vm_address_t config_page;
|
||||||
|
vm_address_t trampoline_page;
|
||||||
|
vm_address_t trampoline_page_template;
|
||||||
|
vm_prot_t cur_prot;
|
||||||
|
vm_prot_t max_prot;
|
||||||
|
kern_return_t kt;
|
||||||
|
uint16_t i;
|
||||||
|
|
||||||
/* Loop until we can allocate two contiguous pages */
|
/* Allocate two pages -- a config page and a placeholder page */
|
||||||
while (table == NULL)
|
config_page = 0x0;
|
||||||
{
|
kt = vm_allocate (mach_task_self (), &config_page, PAGE_MAX_SIZE * 2,
|
||||||
vm_address_t config_page = 0x0;
|
VM_FLAGS_ANYWHERE);
|
||||||
kern_return_t kt;
|
if (kt != KERN_SUCCESS)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
/* Try to allocate two pages */
|
/* Remap the trampoline table on top of the placeholder page */
|
||||||
kt =
|
trampoline_page = config_page + PAGE_MAX_SIZE;
|
||||||
vm_allocate (mach_task_self (), &config_page, PAGE_MAX_SIZE * 2,
|
trampoline_page_template = (vm_address_t)&ffi_closure_trampoline_table_page;
|
||||||
VM_FLAGS_ANYWHERE);
|
|
||||||
if (kt != KERN_SUCCESS)
|
|
||||||
{
|
|
||||||
fprintf (stderr, "vm_allocate() failure: %d at %s:%d\n", kt,
|
|
||||||
__FILE__, __LINE__);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Now drop the second half of the allocation to make room for the trampoline table */
|
|
||||||
vm_address_t trampoline_page = config_page + PAGE_MAX_SIZE;
|
|
||||||
kt = vm_deallocate (mach_task_self (), trampoline_page, PAGE_MAX_SIZE);
|
|
||||||
if (kt != KERN_SUCCESS)
|
|
||||||
{
|
|
||||||
fprintf (stderr, "vm_deallocate() failure: %d at %s:%d\n", kt,
|
|
||||||
__FILE__, __LINE__);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Remap the trampoline table to directly follow the config page */
|
|
||||||
vm_prot_t cur_prot;
|
|
||||||
vm_prot_t max_prot;
|
|
||||||
|
|
||||||
vm_address_t trampoline_page_template = (vm_address_t)&ffi_closure_trampoline_table_page;
|
|
||||||
#ifdef __arm__
|
#ifdef __arm__
|
||||||
/* ffi_closure_trampoline_table_page can be thumb-biased on some ARM archs */
|
/* ffi_closure_trampoline_table_page can be thumb-biased on some ARM archs */
|
||||||
trampoline_page_template &= ~1UL;
|
trampoline_page_template &= ~1UL;
|
||||||
#endif
|
#endif
|
||||||
|
kt = vm_remap (mach_task_self (), &trampoline_page, PAGE_MAX_SIZE, 0x0,
|
||||||
kt =
|
VM_FLAGS_OVERWRITE, mach_task_self (), trampoline_page_template,
|
||||||
vm_remap (mach_task_self (), &trampoline_page, PAGE_MAX_SIZE, 0x0, FALSE,
|
FALSE, &cur_prot, &max_prot, VM_INHERIT_SHARE);
|
||||||
mach_task_self (), trampoline_page_template, FALSE,
|
if (kt != KERN_SUCCESS)
|
||||||
&cur_prot, &max_prot, VM_INHERIT_SHARE);
|
{
|
||||||
|
vm_deallocate (mach_task_self (), config_page, PAGE_MAX_SIZE * 2);
|
||||||
/* If we lost access to the destination trampoline page, drop our config allocation mapping and retry */
|
return NULL;
|
||||||
if (kt != KERN_SUCCESS)
|
|
||||||
{
|
|
||||||
/* Log unexpected failures */
|
|
||||||
if (kt != KERN_NO_SPACE)
|
|
||||||
{
|
|
||||||
fprintf (stderr, "vm_remap() failure: %d at %s:%d\n", kt,
|
|
||||||
__FILE__, __LINE__);
|
|
||||||
}
|
|
||||||
|
|
||||||
vm_deallocate (mach_task_self (), config_page, PAGE_SIZE);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* We have valid trampoline and config pages */
|
|
||||||
table = calloc (1, sizeof (ffi_trampoline_table));
|
|
||||||
table->free_count = FFI_TRAMPOLINE_COUNT;
|
|
||||||
table->config_page = config_page;
|
|
||||||
table->trampoline_page = trampoline_page;
|
|
||||||
|
|
||||||
/* Create and initialize the free list */
|
|
||||||
table->free_list_pool =
|
|
||||||
calloc (FFI_TRAMPOLINE_COUNT, sizeof (ffi_trampoline_table_entry));
|
|
||||||
|
|
||||||
uint16_t i;
|
|
||||||
for (i = 0; i < table->free_count; i++)
|
|
||||||
{
|
|
||||||
ffi_trampoline_table_entry *entry = &table->free_list_pool[i];
|
|
||||||
entry->trampoline =
|
|
||||||
(void *) (table->trampoline_page + (i * FFI_TRAMPOLINE_SIZE));
|
|
||||||
|
|
||||||
if (i < table->free_count - 1)
|
|
||||||
entry->next = &table->free_list_pool[i + 1];
|
|
||||||
}
|
|
||||||
|
|
||||||
table->free_list = table->free_list_pool;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* We have valid trampoline and config pages */
|
||||||
|
table = calloc (1, sizeof (ffi_trampoline_table));
|
||||||
|
table->free_count = FFI_TRAMPOLINE_COUNT;
|
||||||
|
table->config_page = config_page;
|
||||||
|
table->trampoline_page = trampoline_page;
|
||||||
|
|
||||||
|
/* Create and initialize the free list */
|
||||||
|
table->free_list_pool =
|
||||||
|
calloc (FFI_TRAMPOLINE_COUNT, sizeof (ffi_trampoline_table_entry));
|
||||||
|
|
||||||
|
for (i = 0; i < table->free_count; i++)
|
||||||
|
{
|
||||||
|
ffi_trampoline_table_entry *entry = &table->free_list_pool[i];
|
||||||
|
entry->trampoline =
|
||||||
|
(void *) (table->trampoline_page + (i * FFI_TRAMPOLINE_SIZE));
|
||||||
|
|
||||||
|
if (i < table->free_count - 1)
|
||||||
|
entry->next = &table->free_list_pool[i + 1];
|
||||||
|
}
|
||||||
|
|
||||||
|
table->free_list = table->free_list_pool;
|
||||||
|
|
||||||
return table;
|
return table;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
ffi_trampoline_table_free (ffi_trampoline_table *table)
|
||||||
|
{
|
||||||
|
/* Remove from the list */
|
||||||
|
if (table->prev != NULL)
|
||||||
|
table->prev->next = table->next;
|
||||||
|
|
||||||
|
if (table->next != NULL)
|
||||||
|
table->next->prev = table->prev;
|
||||||
|
|
||||||
|
/* Deallocate pages */
|
||||||
|
vm_deallocate (mach_task_self (), table->config_page, PAGE_MAX_SIZE * 2);
|
||||||
|
|
||||||
|
/* Deallocate free list */
|
||||||
|
free (table->free_list_pool);
|
||||||
|
free (table);
|
||||||
|
}
|
||||||
|
|
||||||
void *
|
void *
|
||||||
ffi_closure_alloc (size_t size, void **code)
|
ffi_closure_alloc (size_t size, void **code)
|
||||||
{
|
{
|
||||||
@@ -261,29 +251,7 @@ ffi_closure_free (void *ptr)
|
|||||||
if (table->free_count == FFI_TRAMPOLINE_COUNT
|
if (table->free_count == FFI_TRAMPOLINE_COUNT
|
||||||
&& ffi_trampoline_tables != table)
|
&& ffi_trampoline_tables != table)
|
||||||
{
|
{
|
||||||
/* Remove from the list */
|
ffi_trampoline_table_free (table);
|
||||||
if (table->prev != NULL)
|
|
||||||
table->prev->next = table->next;
|
|
||||||
|
|
||||||
if (table->next != NULL)
|
|
||||||
table->next->prev = table->prev;
|
|
||||||
|
|
||||||
/* Deallocate pages */
|
|
||||||
kern_return_t kt;
|
|
||||||
kt = vm_deallocate (mach_task_self (), table->config_page, PAGE_SIZE);
|
|
||||||
if (kt != KERN_SUCCESS)
|
|
||||||
fprintf (stderr, "vm_deallocate() failure: %d at %s:%d\n", kt,
|
|
||||||
__FILE__, __LINE__);
|
|
||||||
|
|
||||||
kt =
|
|
||||||
vm_deallocate (mach_task_self (), table->trampoline_page, PAGE_SIZE);
|
|
||||||
if (kt != KERN_SUCCESS)
|
|
||||||
fprintf (stderr, "vm_deallocate() failure: %d at %s:%d\n", kt,
|
|
||||||
__FILE__, __LINE__);
|
|
||||||
|
|
||||||
/* Deallocate free list */
|
|
||||||
free (table->free_list_pool);
|
|
||||||
free (table);
|
|
||||||
}
|
}
|
||||||
else if (ffi_trampoline_tables != table)
|
else if (ffi_trampoline_tables != table)
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user