Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/mm/kmsan/kmsan.h
26285 views
1
/* SPDX-License-Identifier: GPL-2.0 */

2
/*

3
 * Functions used by the KMSAN runtime.

4
 *

5
 * Copyright (C) 2017-2022 Google LLC

6
 * Author: Alexander Potapenko <[email protected]>

7
 *

8
 */

9


10
#ifndef __MM_KMSAN_KMSAN_H

11
#define __MM_KMSAN_KMSAN_H

12


13
#include <linux/irqflags.h>

14
#include <linux/kmsan.h>

15
#include <linux/mm.h>

16
#include <linux/nmi.h>

17
#include <linux/pgtable.h>

18
#include <linux/printk.h>

19
#include <linux/sched.h>

20
#include <linux/stackdepot.h>

21
#include <linux/stacktrace.h>

22


23
#define KMSAN_ALLOCA_MAGIC_ORIGIN 0xabcd0100

24
#define KMSAN_CHAIN_MAGIC_ORIGIN 0xabcd0200

25


26
#define KMSAN_POISON_NOCHECK 0x0

27
#define KMSAN_POISON_CHECK 0x1

28
#define KMSAN_POISON_FREE 0x2

29


30
#define KMSAN_ORIGIN_SIZE 4

31
#define KMSAN_MAX_ORIGIN_DEPTH 7

32


33
#define KMSAN_STACK_DEPTH 64

34


35
#define KMSAN_META_SHADOW (false)

36
#define KMSAN_META_ORIGIN (true)

37


38
/*

39
 * A pair of metadata pointers to be returned by the instrumentation functions.

40
 */

41
struct shadow_origin_ptr {

42
	void *shadow, *origin;

43
};

44


45
struct shadow_origin_ptr kmsan_get_shadow_origin_ptr(void *addr, u64 size,

46
						     bool store);

47
void __init kmsan_init_alloc_meta_for_range(void *start, void *end);

48


49
enum kmsan_bug_reason {

50
	REASON_ANY,

51
	REASON_COPY_TO_USER,

52
	REASON_SUBMIT_URB,

53
};

54


55
void kmsan_print_origin(depot_stack_handle_t origin);

56


57
/**

58
 * kmsan_report() - Report a use of uninitialized value.

59
 * @origin:    Stack ID of the uninitialized value.

60
 * @address:   Address at which the memory access happens.

61
 * @size:      Memory access size.

62
 * @off_first: Offset (from @address) of the first byte to be reported.

63
 * @off_last:  Offset (from @address) of the last byte to be reported.

64
 * @user_addr: When non-NULL, denotes the userspace address to which the kernel

65
 *             is leaking data.

66
 * @reason:    Error type from enum kmsan_bug_reason.

67
 *

68
 * kmsan_report() prints an error message for a consequent group of bytes

69
 * sharing the same origin. If an uninitialized value is used in a comparison,

70
 * this function is called once without specifying the addresses. When checking

71
 * a memory range, KMSAN may call kmsan_report() multiple times with the same

72
 * @address, @size, @user_addr and @reason, but different @off_first and

73
 * @off_last corresponding to different @origin values.

74
 */

75
void kmsan_report(depot_stack_handle_t origin, void *address, int size,

76
		  int off_first, int off_last, const void __user *user_addr,

77
		  enum kmsan_bug_reason reason);

78


79
DECLARE_PER_CPU(struct kmsan_ctx, kmsan_percpu_ctx);

80


81
static __always_inline struct kmsan_ctx *kmsan_get_context(void)

82
{

83
	return in_task() ? &current->kmsan_ctx : raw_cpu_ptr(&kmsan_percpu_ctx);

84
}

85


86
/*

87
 * When a compiler hook or KMSAN runtime function is invoked, it may make a

88
 * call to instrumented code and eventually call itself recursively. To avoid

89
 * that, we guard the runtime entry regions with

90
 * kmsan_enter_runtime()/kmsan_leave_runtime() and exit the hook if

91
 * kmsan_in_runtime() is true.

92
 *

93
 * Non-runtime code may occasionally get executed in nested IRQs from the

94
 * runtime code (e.g. when called via smp_call_function_single()). Because some

95
 * KMSAN routines may take locks (e.g. for memory allocation), we conservatively

96
 * bail out instead of calling them. To minimize the effect of this (potentially

97
 * missing initialization events) kmsan_in_runtime() is not checked in

98
 * non-blocking runtime functions.

99
 */

100
static __always_inline bool kmsan_in_runtime(void)

101
{

102
	if ((hardirq_count() >> HARDIRQ_SHIFT) > 1)

103
		return true;

104
	if (in_nmi())

105
		return true;

106
	return kmsan_get_context()->kmsan_in_runtime;

107
}

108


109
static __always_inline void kmsan_enter_runtime(void)

110
{

111
	struct kmsan_ctx *ctx;

112


113
	ctx = kmsan_get_context();

114
	KMSAN_WARN_ON(ctx->kmsan_in_runtime++);

115
}

116


117
static __always_inline void kmsan_leave_runtime(void)

118
{

119
	struct kmsan_ctx *ctx = kmsan_get_context();

120


121
	KMSAN_WARN_ON(--ctx->kmsan_in_runtime);

122
}

123


124
depot_stack_handle_t kmsan_save_stack_with_flags(gfp_t flags,

125
						 unsigned int extra_bits);

126


127
/*

128
 * Pack and unpack the origin chain depth and UAF flag to/from the extra bits

129
 * provided by the stack depot.

130
 * The UAF flag is stored in the lowest bit, followed by the depth in the upper

131
 * bits.

132
 * set_dsh_extra_bits() is responsible for clamping the value.

133
 */

134
static __always_inline unsigned int kmsan_extra_bits(unsigned int depth,

135
						     bool uaf)

136
{

137
	return (depth << 1) | uaf;

138
}

139


140
static __always_inline bool kmsan_uaf_from_eb(unsigned int extra_bits)

141
{

142
	return extra_bits & 1;

143
}

144


145
static __always_inline unsigned int kmsan_depth_from_eb(unsigned int extra_bits)

146
{

147
	return extra_bits >> 1;

148
}

149


150
/*

151
 * kmsan_internal_ functions are supposed to be very simple and not require the

152
 * kmsan_in_runtime() checks.

153
 */

154
void kmsan_internal_memmove_metadata(void *dst, void *src, size_t n);

155
void kmsan_internal_poison_memory(void *address, size_t size, gfp_t flags,

156
				  unsigned int poison_flags);

157
void kmsan_internal_unpoison_memory(void *address, size_t size, bool checked);

158
void kmsan_internal_set_shadow_origin(void *address, size_t size, int b,

159
				      u32 origin, bool checked);

160
depot_stack_handle_t kmsan_internal_chain_origin(depot_stack_handle_t id);

161


162
void kmsan_internal_task_create(struct task_struct *task);

163


164
bool kmsan_metadata_is_contiguous(void *addr, size_t size);

165
void kmsan_internal_check_memory(void *addr, size_t size,

166
				 const void __user *user_addr, int reason);

167


168
struct page *kmsan_vmalloc_to_page_or_null(void *vaddr);

169
void kmsan_setup_meta(struct page *page, struct page *shadow,

170
		      struct page *origin, int order);

171


172
/*

173
 * kmsan_internal_is_module_addr() and kmsan_internal_is_vmalloc_addr() are

174
 * non-instrumented versions of is_module_address() and is_vmalloc_addr() that

175
 * are safe to call from KMSAN runtime without recursion.

176
 */

177
static inline bool kmsan_internal_is_module_addr(void *vaddr)

178
{

179
	return ((u64)vaddr >= MODULES_VADDR) && ((u64)vaddr < MODULES_END);

180
}

181


182
static inline bool kmsan_internal_is_vmalloc_addr(void *addr)

183
{

184
	return ((u64)addr >= VMALLOC_START) && ((u64)addr < VMALLOC_END);

185
}

186


187
#endif /* __MM_KMSAN_KMSAN_H */

188


189