Kamfanin Checkpoint Tsarin kariya mai aminci-Haɗin kai, wanda ke da wahala ƙirƙirar fa'idodi waɗanda ke sarrafa ma'anar ko gyaggyarawa masu nuni zuwa maɓalli da aka ware lokacin aiwatar da kiran malloc. Safe-Linking baya toshe yuwuwar yin amfani da raunin gaba ɗaya, amma tare da ƙarancin sama sama yana dagula ƙirƙira wasu nau'ikan fa'ida, tunda ban da madaidaicin buffer mai fa'ida, ya zama dole a sami wani rauni wanda ke haifar da zubar da bayanai game da shi. sanya tulin a ƙwaƙwalwar ajiya.
An shirya faci da ke aiwatar da Safe-Linking don Glibc (ptmalloc), uClibc-NG (dlmalloc), gperftools (tcmalloc) da Google TCMalloc, kuma ana ba da shawarar haɓaka kariya a cikin Chromium (a cikin).
Tun daga 2012, Chromium ya riga ya gina a cikin fasahar kariya ta MaskPtr da nufin magance wannan matsala, amma mafita daga Checkpoint yana nuna babban aiki).
An riga an amince da faci da aka ba da shawara don bayarwa a cikin sakin Agusta kuma Safe-Linking za a kunna ta tsohuwa. uClibc-NG yana goyan bayan Safe-Linking an haɗa cikin sakin 1.0.33 kuma an kunna shi ta tsohuwa. Canje-canje a gperftools (tsohon tcmalloc) , amma za a ba da shi azaman zaɓi a cikin sakin gaba.
Masu haɓaka (sabon tcmalloc) ya ƙi karɓa , Yana ambaton lalatawar aiki mai tsanani da kuma buƙatar ƙara gwaje-gwaje masu yawa don duba akai-akai cewa duk abin da ke aiki kamar yadda aka sa ran. Gwajin da injiniyoyin Checkpoint suka yi ya nuna cewa hanyar Safe-Linking baya haifar da ƙarin amfani da ƙwaƙwalwar ajiya, kuma ana rage yawan aiki yayin gudanar da ayyukan tarawa a matsakaici da 0.02% kawai, kuma a cikin mafi munin yanayin da kashi 1.5% (don kwatantawa, sama da ƙasa a ciki). Hanyar da aka yi amfani da ita a cikin Chromium an kiyasta a matsayin "kasa da 2%"). Hada
Sakamakon Safe-Haɗin kai a cikin ƙarin umarnin taro 2-3 ana aiwatar da kowane lokacin da aka kira () kyauta, da umarnin 3-4 duk lokacin da ake kiran malloc(). Ba a buƙatar gudanar da farawa da matakan ƙiman ƙima ba.
Za a iya amfani da Safe-Linking ba kawai don inganta tsaro na ayyuka daban-daban ba, har ma don ƙara ikon sarrafawa ga kowane tsarin bayanan da ke amfani da jerin abubuwan da aka haɗa guda ɗaya da aka sanya kusa da masu buffer da kansu. Hanyar tana da sauƙin aiwatarwa kuma tana buƙatar ƙara macro ɗaya kawai da amfani da shi zuwa masu nuni zuwa toshe na gaba a cikin lambar (misali, na Glibc. kawai 'yan layin code). Hanyar ta gangara zuwa canje-canje masu zuwa:
+#bayyana PROTECT_PTR(pos, ptr) \
+ ((__nau'in (ptr)) ((((size_t) pos) >> 12) ^ ((size_t) ptr)))
+# ayyana REVEAL_PTR(ptr) PROTECT_PTR (&ptr, ptr)
- nextp = p->fd;
+ nextp = REVEAL_PTR (p-> fd);
...
Ma'anar hanyar ita ce a yi amfani da bazuwar bayanai daga tsarin bazuwar adireshin ASLR (map_base) don kare jerin abubuwan da aka haɗa guda ɗaya kamar Fast-Bins da TCache. Kafin a yi amfani da ƙimar zuwa mai nuni zuwa kashi na gaba a cikin jeri, yana yin jujjuyawar abin rufe fuska da bincika daidaitawar shafi. Ana maye gurbin mai nuna alama da sakamakon aikin "(L >> PAGE_SHIFT) XOR (P)", inda P shine ƙimar ma'anar kuma L shine wurin ƙwaƙwalwar ajiya inda aka adana ma'anar.
Lokacin amfani a cikin tsarin (Adireshin sarari Layout Randomization) wani ɓangare na L raƙuman ruwa tare da adreshin tushe yana ƙunshe da dabi'un bazuwar waɗanda ake amfani da su azaman maɓalli don ɓoye P (wanda aka ciro ta hanyar aikin motsi 12-bit don shafukan 4096-byte). Wannan magudi yana rage haɗarin satar mai nuni a cikin amfani, tun da ba a adana mai nuni a cikin asalinsa kuma maye gurbinsa yana buƙatar sanin rabon tsibi. Bugu da ƙari, lambar faci kuma ta ƙunshi ƙarin bincike don daidaita toshe, wanda baya barin maharin ya maye gurbin mai nuni tare da ƙimar da ba ta dace ba kuma yana buƙatar sanin adadin raƙuman raƙuman da aka daidaita, wanda akan tsarin 64-bit kuma yana ba da damar toshewa. Kashi 15 cikin 16 na yunƙurin kai hari waɗanda ba su yi la'akari da daidaitawa ba.
Hanyar tana da tasiri don karewa daga hare-haren da ke amfani da sake rubutaccen ma'ana (canza ƙananan bytes), cikakken sake rubutawa mai nuni (juyawa zuwa lambar maharin) da canza matsayi na jeri a adireshin da ba a haɗa shi ba. Misali, an nuna cewa yin amfani da Safe-Linking a cikin malloc zai ba da damar toshe amfani kwanan nan. ta masu bincike iri ɗaya a cikin gadar Philips Hue mai kaifin haske, wanda ya haifar da ambaliya kuma yana ba ku damar sarrafa na'urar.
source: budenet.ru