Use MemoryManager to allocate plugin memory (#1322)

sporksmith · web-flow · commit fd1138d8db1e · 2021-05-05T10:51:19.000-05:00
In particular, we want it to know about allocated regions so that it
doesn't warn when we try to access them.
diff --git a/src/main/bindings/c/bindings-opaque.h b/src/main/bindings/c/bindings-opaque.h
@@ -25,6 +25,9 @@ typedef enum QDiscMode {
   Q_DISC_MODE_ROUND_ROBIN,
 } QDiscMode;
 
+// Memory allocated by Shadow, in a remote address space.
+typedef struct AllocdMem_u8 AllocdMem_u8;
+
 // A queue of byte chunks.
 typedef struct ByteQueue ByteQueue;
 
diff --git a/src/main/bindings/c/bindings.h b/src/main/bindings/c/bindings.h
@@ -23,6 +23,9 @@
 #include "main/host/thread.h"
 #include "main/host/tracker.h"
 
+// Memory allocated by Shadow, in a remote address space.
+typedef struct AllocdMem_u8 AllocdMem_u8;
+
 // A queue of byte chunks.
 typedef struct ByteQueue ByteQueue;
 
@@ -250,6 +253,12 @@ struct MemoryManager *memorymanager_new(pid_t pid);
 // * `mm` must point to a valid object.
 void memorymanager_free(struct MemoryManager *mm);
 
+struct AllocdMem_u8 *allocdmem_new(uintptr_t len);
+
+void allocdmem_free(struct AllocdMem_u8 *allocd_mem);
+
+PluginPtr allocdmem_pluginPtr(const struct AllocdMem_u8 *allocd_mem);
+
 // Initialize the MemoryMapper if it isn't already initialized. `thread` must
 // be running and ready to make native syscalls.
 void memorymanager_initMapperIfNeeded(struct MemoryManager *memory_manager, Thread *thread);
diff --git a/src/main/bindings/rust/wrapper.rs b/src/main/bindings/rust/wrapper.rs
@@ -373,12 +373,6 @@ extern "C" {
         ...
     ) -> ::std::os::raw::c_long;
 }
-extern "C" {
-    pub fn thread_mallocPluginPtr(thread: *mut Thread, size: size_t) -> PluginPtr;
-}
-extern "C" {
-    pub fn thread_freePluginPtr(thread: *mut Thread, ptr: PluginPtr, size: size_t);
-}
 extern "C" {
     pub fn thread_isRunning(thread: *mut Thread) -> bool;
 }
diff --git a/src/main/host/memory_manager.rs b/src/main/host/memory_manager.rs
@@ -1536,6 +1536,11 @@ impl MemoryManager {
         }
     }
 
+    /// Which process's address space this MemoryManager manages.
+    pub fn pid(&self) -> nix::unistd::Pid {
+        self.pid
+    }
+
     /// Initialize the MemoryMapper, allowing for more efficient access. Needs a
     /// running thread.
     pub fn init_mapper(&mut self, thread: &mut impl Thread) {
@@ -1802,6 +1807,90 @@ impl MemoryManager {
     }
 }
 
+/// Memory allocated by Shadow, in a remote address space.
+pub struct AllocdMem<T>
+where
+    T: Pod,
+{
+    ptr: TypedPluginPtr<T>,
+}
+
+impl<T> AllocdMem<T>
+where
+    T: Pod,
+{
+    /// Allocate memory in the current active process.
+    pub fn new(len: usize) -> Self {
+        let bytes_len = len * std::mem::size_of::<T>();
+        let prot = libc::PROT_READ | libc::PROT_WRITE;
+
+        // Allocate the memory in the plugin of the active thread.  We don't
+        // bother with trying to mmap it into Shadow as well; since the memory
+        // will typically only be accessed once by Shadow (to write to it),
+        // doing so isn't worth the overhead or complexity.
+        let ptr = Worker::with_active_thread_mut(|thread| {
+            thread
+                .native_mmap(
+                    PluginPtr::from(0usize),
+                    bytes_len,
+                    prot,
+                    libc::MAP_ANONYMOUS | libc::MAP_PRIVATE,
+                    -1,
+                    0,
+                )
+                .unwrap()
+        });
+        // Add region to known mappings.
+        Worker::with_active_process_memory_mut(|mem| {
+            if let Some(mapper) = &mut mem.memory_mapper {
+                let base = usize::from(ptr);
+                let mutations = mapper.regions.insert(
+                    base..(base + bytes_len),
+                    Region {
+                        shadow_base: std::ptr::null_mut(),
+                        prot,
+                        sharing: Sharing::Private,
+                        original_path: None,
+                    },
+                );
+                // Shouldn't have overwritten any previous known mappings.
+                debug_assert_eq!(mutations.len(), 0);
+            }
+        });
+        Self {
+            ptr: TypedPluginPtr::<T>::new(ptr, len).unwrap(),
+        }
+    }
+
+    /// Pointer to the allocated memory.
+    pub fn ptr(&self) -> TypedPluginPtr<T> {
+        self.ptr
+    }
+}
+
+impl<T> Drop for AllocdMem<T>
+where
+    T: Pod,
+{
+    fn drop(&mut self) {
+        Worker::with_active_thread_mut(|thread| {
+            thread
+                .native_munmap(self.ptr.ptr(), self.ptr.len())
+                .unwrap()
+        });
+        // Add region to known mappings.
+        Worker::with_active_process_memory_mut(|mem| {
+            if let Some(mapper) = &mut mem.memory_mapper {
+                let base = usize::from(self.ptr.ptr());
+                let bytes_len = self.ptr.len() * std::mem::size_of::<T>();
+                let mutations = mapper.regions.clear(base..(base + bytes_len));
+                // Should've dropped exactly one entry.
+                debug_assert_eq!(mutations.len(), 1);
+            }
+        });
+    }
+}
+
 mod export {
     use super::*;
 
@@ -1821,6 +1910,23 @@ mod export {
         mm.as_mut().map(|mm| Box::from_raw(mm));
     }
 
+    #[no_mangle]
+    pub unsafe extern "C" fn allocdmem_new(len: usize) -> *mut AllocdMem<u8> {
+        Box::into_raw(Box::new(AllocdMem::new(len)))
+    }
+
+    #[no_mangle]
+    pub unsafe extern "C" fn allocdmem_free(allocd_mem: *mut AllocdMem<u8>) {
+        allocd_mem
+            .as_mut()
+            .map(|allocd_mem| Box::from_raw(allocd_mem));
+    }
+
+    #[no_mangle]
+    pub unsafe extern "C" fn allocdmem_pluginPtr(allocd_mem: *const AllocdMem<u8>) -> c::PluginPtr {
+        allocd_mem.as_ref().unwrap().ptr().ptr().into()
+    }
+
     /// Initialize the MemoryMapper if it isn't already initialized. `thread` must
     /// be running and ready to make native syscalls.
     #[no_mangle]
diff --git a/src/main/host/syscall/mman.c b/src/main/host/syscall/mman.c
@@ -137,7 +137,8 @@ static int _syscallhandler_openPluginFile(SysCallHandler* sys, File* file) {
     debug("Opening path '%s' in plugin.", mmap_path);
 
     /* Get some memory in the plugin to write the path of the file to open. */
-    PluginPtr pluginBufPtr = thread_mallocPluginPtr(sys->thread, maplen);
+    AllocdMem_u8 *allocdMem = allocdmem_new(maplen);
+    PluginPtr pluginBufPtr = allocdmem_pluginPtr(allocdMem);
 
     /* Get a writeable pointer that can be flushed to the plugin. */
     char* pluginBuf = process_getWriteablePtr(sys->process, pluginBufPtr, maplen);
@@ -163,7 +164,7 @@ static int _syscallhandler_openPluginFile(SysCallHandler* sys, File* file) {
     }
 
     /* Release the PluginPtr memory. */
-    thread_freePluginPtr(sys->thread, pluginBufPtr, maplen);
+    allocdmem_free(allocdMem);
     free(mmap_path);
 
     return result;
diff --git a/src/main/host/thread.c b/src/main/host/thread.c
@@ -139,37 +139,6 @@ long thread_nativeSyscall(Thread* thread, long n, ...) {
     return rv;
 }
 
-PluginPtr thread_mallocPluginPtr(Thread* thread, size_t size) {
-    // For now we just implement in terms of thread_nativeSyscall.
-    // TODO: We might be able to do something more efficient by delegating to
-    // the specific thread implementation, and/or keeping a persistent
-    // mmap'd area that we allocate from.
-    MAGIC_ASSERT(thread);
-    long ptr = thread_nativeSyscall(thread, SYS_mmap, NULL, size,
-                                    PROT_READ | PROT_WRITE,
-                                    MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
-    int err = syscall_rawReturnValueToErrno(ptr);
-    if (err) {
-        error("thread_nativeSyscall(mmap): %s", strerror(err));
-        abort();
-    }
-
-    // Should be page-aligned.
-    utility_assert((ptr % sysconf(_SC_PAGE_SIZE)) == 0);
-
-    return (PluginPtr){.val = ptr};
-}
-
-void thread_freePluginPtr(Thread* thread, PluginPtr ptr, size_t size) {
-    MAGIC_ASSERT(thread);
-    int err =
-        syscall_rawReturnValueToErrno(thread_nativeSyscall(thread, SYS_munmap, ptr.val, size));
-    if (err) {
-        error("thread_nativeSyscall(munmap): %s", strerror(err));
-        abort();
-    }
-}
-
 int thread_getID(Thread* thread) {
     MAGIC_ASSERT(thread);
     return thread->tid;
diff --git a/src/main/host/thread.h b/src/main/host/thread.h
@@ -34,20 +34,6 @@ int thread_getReturnCode(Thread* thread);
 // You can map to a corresponding errno value with syscall_rawReturnValueToErrno.
 long thread_nativeSyscall(Thread* thread, long n, ...);
 
-// Allocate some memory in the plugin's address space. The returned pointer
-// should be freed with `thread_free`.
-PluginPtr thread_mallocPluginPtr(Thread* thread, size_t size);
-
-// Free memory allocated with `thread_mallocPluginPtr`. `size` should be the
-// original size passed to `thread_mallocPluginPtr`.
-//
-// TODO: It's a bit unfortunate to have to require the size here, but at this
-// time the underlying implementation (based on mmap) needs it. The alternatives
-// to this API awkwardness is either for thread_mallocPluginPtr to return an
-// opaque struct where this can be squirreled away (a different kind of API
-// awkwardness and more boilerplate), or keeping an internal map of ptr->size.
-void thread_freePluginPtr(Thread* thread, PluginPtr ptr, size_t size);
-
 bool thread_isRunning(Thread* thread);
 
 uint32_t thread_getProcessId(Thread* thread);

Original file line number	Diff line number	Diff line change
`@@ -373,12 +373,6 @@ extern "C" {`
`373`	`373`	`...`
`374`	`374`	`) -> ::std::os::raw::c_long;`
`375`	`375`	`}`
`376`		`-extern "C" {`
`377`		`- pub fn thread_mallocPluginPtr(thread: *mut Thread, size: size_t) -> PluginPtr;`
`378`		`-}`
`379`		`-extern "C" {`
`380`		`- pub fn thread_freePluginPtr(thread: *mut Thread, ptr: PluginPtr, size: size_t);`
`381`		`-}`
`382`	`376`	`extern "C" {`
`383`	`377`	`pub fn thread_isRunning(thread: *mut Thread) -> bool;`
`384`	`378`	`}`