xref: /xnu-10063.141.1/san/memory/kasan-tbi.h (revision d8b80295118ef25ac3a784134bcf95cd8e88109f) 
1 /*
2  * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
3  *
4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5  *
6  * This file contains Original Code and/or Modifications of Original Code
7  * as defined in and that are subject to the Apple Public Source License
8  * Version 2.0 (the 'License'). You may not use this file except in
9  * compliance with the License. The rights granted to you under the License
10  * may not be used to create, or enable the creation or redistribution of,
11  * unlawful or unlicensed copies of an Apple operating system, or to
12  * circumvent, violate, or enable the circumvention or violation of, any
13  * terms of an Apple operating system software license agreement.
14  *
15  * Please obtain a copy of the License at
16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
17  *
18  * The Original Code and all software distributed under the License are
19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23  * Please see the License for the specific language governing rights and
24  * limitations under the License.
25  *
26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27  */
28 
29 #ifndef _KASAN_TBI_H_
30 #define _KASAN_TBI_H_
31 
32 #include <mach/mach_types.h>
33 
34 /* Catch obvious mismatches */
35 #if KASAN && !__has_feature(hwaddress_sanitizer)
36 #error "KASAN selected, but not enabled in compiler"
37 #endif
38 
39 #if !KASAN && __has_feature(hwaddress_sanitizer)
40 #error "hwaddress_sanitizer enabled in compiler, but kernel is not configured for KASAN"
41 #endif
42 
43 /* old-style configs. */
44 #define KASAN_DEBUG 0
45 #define KASAN_DYNAMIC_BLACKLIST 1
46 #define KASAN_FAKESTACK 0
47 
48 /* Granularity is 16 bytes */
49 #define KASAN_SIZE_ALIGNMENT        0xFUL
50 
51 /*
52  * KASAN_TBI inline insturmentation emits a brk instruction as a violation
53  * report. The ESR value encodes both the access type and size.
54  * osfmk/arm64/sleh.c needs to now the right ranges to proxy this information
55  * back to the kasan runtime.
56  */
57 #define KASAN_TBI_ESR_BASE          (0x900)
58 #define KASAN_TBI_ESR_WRITE         (0x10)
59 #define KASAN_TBI_ESR_IGNORE        (0x20)
60 #define KASAN_TBI_ESR_SIZE_MASK     (0xF)
61 #define KASAN_TBI_ESR_TOP           (KASAN_TBI_ESR_BASE | KASAN_TBI_ESR_WRITE |     \
62 	                            KASAN_TBI_ESR_IGNORE | KASAN_TBI_ESR_SIZE_MASK)
63 #define KASAN_TBI_GET_SIZE(x)       (1 << ((x) & KASAN_TBI_ESR_SIZE_MASK))
64 
65 /*
66  * An allocator may reserve more memory than the user requested. If the unused
67  * space amounts to more than 16 bytes, then it's worth to tag it differently,
68  * in order to catch off-by-small cases.
69  */
70 void kasan_tbi_retag_unused_space(vm_offset_t, vm_size_t, vm_size_t);
71 
72 /*
73  * KASAN-TBI tags virtual address ranges. Use this function whenever it's
74  * desired to mark a free'd range back with the default (0xFF) tag.
75  */
76 void kasan_tbi_mark_free_space(vm_offset_t, vm_size_t);
77 
78 /*
79  * Retrieve the location in the shadow table where the metadata associated
80  * with the given address is stored.
81  */
82 uint8_t *kasan_tbi_get_tag_address(vm_offset_t);
83 
84 /*
85  * Copy the metadata associated with one address onto the metadata associated
86  * to another address. This function is useful whenever a given virtual address
87  * view of a mapping gets migrated to a new virtual address.
88  */
89 void kasan_tbi_copy_tags(vm_offset_t, vm_offset_t, vm_size_t);
90 
91 /* Hanlder for the brk emitted instruction, see ESR definitions above */
92 void kasan_handle_brk_failure(void *, uint16_t);
93 
94 #endif /* _KASAN_TBI_H_ */
95