general/occlum
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Zeroize memory in munmap

Browse Source 
1. Move the memory zeroization of mmap to munmap to increase mmap
performance
2. Do memory zeroizaiton during the drop of VMManager to guarentee all
allocated memory is zeroized before the next allocation
This commit is contained in:
He Sun 2020-06-22 10:49:26 +08:00
parent 6ccd30ee3b
commit 1e456f025d
2 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/libos/src/lib.rs
View File

@ -11,6 +11,7 @@
#![feature(alloc_layout_extra)] #![feature(alloc_layout_extra)]
#![feature(concat_idents)] #![feature(concat_idents)]
#![feature(trace_macros)] #![feature(trace_macros)]
#![feature(slice_fill)]
#[macro_use] #[macro_use]
extern crate alloc; extern crate alloc;

27
src/libos/src/vm/vm_manager.rs
View File

@ -24,26 +24,18 @@ impl VMInitializer {
// Do nothing // Do nothing
} }
VMInitializer::FillZeros() => { VMInitializer::FillZeros() => {
for b in buf { // Filling zero is done in munmap
*b = 0;
}
} }
VMInitializer::CopyFrom { range } => { VMInitializer::CopyFrom { range } => {
let src_slice = unsafe { range.as_slice() }; let src_slice = unsafe { range.as_slice() };
let copy_len = min(buf.len(), src_slice.len()); let copy_len = min(buf.len(), src_slice.len());
buf[..copy_len].copy_from_slice(&src_slice[..copy_len]); buf[..copy_len].copy_from_slice(&src_slice[..copy_len]);
for b in &mut buf[copy_len..] {
*b = 0;
}
} }
VMInitializer::LoadFromFile { file, offset } => { VMInitializer::LoadFromFile { file, offset } => {
// TODO: make sure that read_at does not move file cursor // TODO: make sure that read_at does not move file cursor
let len = file let len = file
.read_at(*offset, buf) .read_at(*offset, buf)
.cause_err(|_| errno!(EIO, "failed to init memory from file"))?; .cause_err(|_| errno!(EIO, "failed to init memory from file"))?;
for b in &mut buf[len..] {
*b = 0;
}
} }
} }
Ok(()) Ok(())
@ -341,6 +333,9 @@ impl VMManager {
// Reset memory permissions // Reset memory permissions
Self::apply_perms(&intersection_range, VMPerms::default()); Self::apply_perms(&intersection_range, VMPerms::default());
unsafe {
intersection_range.as_slice_mut().fill(0);
}
vma.subtract(&intersection_range) vma.subtract(&intersection_range)
}) })
@ -733,12 +728,18 @@ impl VMManager {
impl Drop for VMManager { impl Drop for VMManager {
fn drop(&mut self) { fn drop(&mut self) {
// Ensure that memory permissions are recovered // Ensure that all allocated memories are restored to the default permissions and zeroed
for vma in &self.vmas { for vma in &self.vmas {
if vma.size() == 0 || vma.perms() == VMPerms::default() { if vma.size() != 0 {
continue; warn!("There are unmapped memories");
if vma.perms() != VMPerms::default() {
Self::apply_perms(vma, VMPerms::default());
}
unsafe {
vma.as_slice_mut().fill(0);
}
} }
Self::apply_perms(vma, VMPerms::default());
} }
} }
} }