Use mmap for stack allocation, adding the MAP_STACK flag on OpenBSD.

On a userland to kernel transition OpenBSD checks if the stack
pointer points to a piece of mem marked MAP_STACK to prevent a large
class of exploits. Since we setup out own stack we must use mmap
on OpenBSD, and we might do that on other sytems as well.

diff --git a/pdns/lazy_allocator.hh b/pdns/lazy_allocator.hh
index 1b9308851a449b275e1f696fa884af8c3b7df0f8..629981c2cd8637e026132065d68b51c43bb990e7 100644 (file)
--- a/pdns/lazy_allocator.hh
+++ b/pdns/lazy_allocator.hh
@@ -25,6 +25,13 @@
 #include <cstddef>
 #include <utility>
 #include <type_traits>
+#include <new>
+#include <sys/mman.h>
+
+// On OpenBSD mem used as stack should be marked MAP_STACK
+#if !defined(MAP_STACK)
+#define MAP_STACK 0
+#endif
 
 template <typename T>
 struct lazy_allocator {
@@ -36,17 +43,16 @@ struct lazy_allocator {
 
     pointer
     allocate (size_type const n) {
-        return static_cast<pointer>(::operator new (n * sizeof(value_type)));
+        void *p = mmap(NULL, n * sizeof(value_type),
+          PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON | MAP_STACK, -1, 0);
+        if (p == MAP_FAILED)
+          throw std::bad_alloc();
+        return static_cast<pointer>(p);
     }
 
     void
     deallocate (pointer const ptr, size_type const n) noexcept {
-#if defined(__cpp_sized_deallocation) &&  (__cpp_sized_deallocation >= 201309)
-        ::operator delete (ptr, n * sizeof(value_type));
-#else
-        (void) n;
-        ::operator delete (ptr);
-#endif
+        munmap(ptr, n * sizeof(value_type));
     }
 
     void construct (T*) const noexcept {}