[nginx] Win32: shared memory base addresses and remapping.
Maxim Dounin
mdounin at mdounin.ru
Mon Apr 27 17:04:54 UTC 2015
details: http://hg.nginx.org/nginx/rev/af7eba90645d
branches:
changeset: 6133:af7eba90645d
user: Maxim Dounin <mdounin at mdounin.ru>
date: Mon Apr 27 18:25:42 2015 +0300
description:
Win32: shared memory base addresses and remapping.
Two mechanisms are implemented to make it possible to store pointers
in shared memory on Windows, in particular on Windows Vista and later
versions with ASLR:
- The ngx_shm_remap() function added to allow remapping of a shared memory
zone to the address originally used for it in the master process. While
important, it doesn't solve the problem by itself as in many cases it's
not possible to use the address because of conflicts with other
allocations.
- We now create mappings at the same address in all processes by starting
mappings at predefined addresses normally unused by newborn processes.
These two mechanisms combined allow to use shared memory on Windows
almost without problems, including reloads.
Based on the patch by Sergey Brester:
http://mailman.nginx.org/pipermail/nginx-devel/2015-April/006836.html
diffstat:
src/core/ngx_cycle.c | 16 ++++++++
src/os/win32/ngx_shmem.c | 82 +++++++++++++++++++++++++++++++++++++++++-
src/os/win32/ngx_shmem.h | 3 +
src/os/win32/ngx_win32_init.c | 1 +
4 files changed, 100 insertions(+), 2 deletions(-)
diffs (160 lines):
diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@@ -863,6 +863,22 @@ ngx_init_zone_pool(ngx_cycle_t *cycle, n
return NGX_OK;
}
+#if (NGX_WIN32)
+
+ /* remap at the required address */
+
+ if (ngx_shm_remap(&zn->shm, sp->addr) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
+ sp = (ngx_slab_pool_t *) zn->shm.addr;
+
+ if (sp == sp->addr) {
+ return NGX_OK;
+ }
+
+#endif
+
ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
"shared zone \"%V\" has no equal addresses: %p vs %p",
&zn->shm.name, sp->addr, sp);
diff --git a/src/os/win32/ngx_shmem.c b/src/os/win32/ngx_shmem.c
--- a/src/os/win32/ngx_shmem.c
+++ b/src/os/win32/ngx_shmem.c
@@ -9,11 +9,44 @@
#include <ngx_core.h>
+/*
+ * Base addresses selected by system for shared memory mappings are likely
+ * to be different on Windows Vista and later versions due to address space
+ * layout randomization. This is however incompatible with storing absolute
+ * addresses within the shared memory.
+ *
+ * To make it possible to store absolute addresses we create mappings
+ * at the same address in all processes by starting mappings at predefined
+ * addresses. The addresses were selected somewhat randomly in order to
+ * minimize the probability that some other library doing something similar
+ * conflicts with us. The addresses are from the following typically free
+ * blocks:
+ *
+ * - 0x10000000 .. 0x70000000 (about 1.5 GB in total) on 32-bit platforms
+ * - 0x000000007fff0000 .. 0x000007f68e8b0000 (about 8 TB) on 64-bit platforms
+ *
+ * Additionally, we allow to change the mapping address once it was detected
+ * to be different from one originally used. This is needed to support
+ * reconfiguration.
+ */
+
+
+#ifdef _WIN64
+#define NGX_SHMEM_BASE 0x0000047047e00000
+#else
+#define NGX_SHMEM_BASE 0x2efe0000
+#endif
+
+
+ngx_uint_t ngx_allocation_granularity;
+
+
ngx_int_t
ngx_shm_alloc(ngx_shm_t *shm)
{
- u_char *name;
- uint64_t size;
+ u_char *name;
+ uint64_t size;
+ static u_char *base = (u_char *) NGX_SHMEM_BASE;
name = ngx_alloc(shm->name.len + 2 + NGX_INT32_LEN, shm->log);
if (name == NULL) {
@@ -46,6 +79,27 @@ ngx_shm_alloc(ngx_shm_t *shm)
shm->exists = 1;
}
+ shm->addr = MapViewOfFileEx(shm->handle, FILE_MAP_WRITE, 0, 0, 0, base);
+
+ if (shm->addr != NULL) {
+ base += ngx_align(size, ngx_allocation_granularity);
+ return NGX_OK;
+ }
+
+ ngx_log_debug3(NGX_LOG_DEBUG_CORE, shm->log, ngx_errno,
+ "MapViewOfFileEx(%uz, %p) of file mapping \"%V\" failed, "
+ "retry without a base address",
+ shm->size, base, &shm->name);
+
+ /*
+ * Order of shared memory zones may be different in the master process
+ * and worker processes after reconfiguration. As a result, the above
+ * may fail due to a conflict with a previously created mapping remapped
+ * to a different address. Additionally, there may be a conflict with
+ * some other uses of the memory. In this case we retry without a base
+ * address to let the system assign the address itself.
+ */
+
shm->addr = MapViewOfFile(shm->handle, FILE_MAP_WRITE, 0, 0, 0);
if (shm->addr != NULL) {
@@ -66,6 +120,30 @@ ngx_shm_alloc(ngx_shm_t *shm)
}
+ngx_int_t
+ngx_shm_remap(ngx_shm_t *shm, u_char *addr)
+{
+ if (UnmapViewOfFile(shm->addr) == 0) {
+ ngx_log_error(NGX_LOG_ALERT, shm->log, ngx_errno,
+ "UnmapViewOfFile(%p) of file mapping \"%V\" failed",
+ shm->addr, &shm->name);
+ return NGX_ERROR;
+ }
+
+ shm->addr = MapViewOfFileEx(shm->handle, FILE_MAP_WRITE, 0, 0, 0, addr);
+
+ if (shm->addr != NULL) {
+ return NGX_OK;
+ }
+
+ ngx_log_error(NGX_LOG_ALERT, shm->log, ngx_errno,
+ "MapViewOfFileEx(%uz, %p) of file mapping \"%V\" failed",
+ shm->size, addr, &shm->name);
+
+ return NGX_ERROR;
+}
+
+
void
ngx_shm_free(ngx_shm_t *shm)
{
diff --git a/src/os/win32/ngx_shmem.h b/src/os/win32/ngx_shmem.h
--- a/src/os/win32/ngx_shmem.h
+++ b/src/os/win32/ngx_shmem.h
@@ -24,7 +24,10 @@ typedef struct {
ngx_int_t ngx_shm_alloc(ngx_shm_t *shm);
+ngx_int_t ngx_shm_remap(ngx_shm_t *shm, u_char *addr);
void ngx_shm_free(ngx_shm_t *shm);
+extern ngx_uint_t ngx_allocation_granularity;
+
#endif /* _NGX_SHMEM_H_INCLUDED_ */
diff --git a/src/os/win32/ngx_win32_init.c b/src/os/win32/ngx_win32_init.c
--- a/src/os/win32/ngx_win32_init.c
+++ b/src/os/win32/ngx_win32_init.c
@@ -118,6 +118,7 @@ ngx_os_init(ngx_log_t *log)
GetSystemInfo(&si);
ngx_pagesize = si.dwPageSize;
+ ngx_allocation_granularity = si.dwAllocationGranularity;
ngx_ncpu = si.dwNumberOfProcessors;
ngx_cacheline_size = NGX_CPU_CACHE_LINE;
More information about the nginx-devel
mailing list