1*0f4c859eSApple OSS Distributions /*
2*0f4c859eSApple OSS Distributions * Copyright (c) 2021 Apple Inc. All rights reserved.
3*0f4c859eSApple OSS Distributions *
4*0f4c859eSApple OSS Distributions * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5*0f4c859eSApple OSS Distributions *
6*0f4c859eSApple OSS Distributions * This file contains Original Code and/or Modifications of Original Code
7*0f4c859eSApple OSS Distributions * as defined in and that are subject to the Apple Public Source License
8*0f4c859eSApple OSS Distributions * Version 2.0 (the 'License'). You may not use this file except in
9*0f4c859eSApple OSS Distributions * compliance with the License. The rights granted to you under the License
10*0f4c859eSApple OSS Distributions * may not be used to create, or enable the creation or redistribution of,
11*0f4c859eSApple OSS Distributions * unlawful or unlicensed copies of an Apple operating system, or to
12*0f4c859eSApple OSS Distributions * circumvent, violate, or enable the circumvention or violation of, any
13*0f4c859eSApple OSS Distributions * terms of an Apple operating system software license agreement.
14*0f4c859eSApple OSS Distributions *
15*0f4c859eSApple OSS Distributions * Please obtain a copy of the License at
16*0f4c859eSApple OSS Distributions * http://www.opensource.apple.com/apsl/ and read it before using this file.
17*0f4c859eSApple OSS Distributions *
18*0f4c859eSApple OSS Distributions * The Original Code and all software distributed under the License are
19*0f4c859eSApple OSS Distributions * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20*0f4c859eSApple OSS Distributions * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21*0f4c859eSApple OSS Distributions * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22*0f4c859eSApple OSS Distributions * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23*0f4c859eSApple OSS Distributions * Please see the License for the specific language governing rights and
24*0f4c859eSApple OSS Distributions * limitations under the License.
25*0f4c859eSApple OSS Distributions *
26*0f4c859eSApple OSS Distributions * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27*0f4c859eSApple OSS Distributions */
28*0f4c859eSApple OSS Distributions
29*0f4c859eSApple OSS Distributions /*
30*0f4c859eSApple OSS Distributions * This file contains all the necessary helpers that the compiler
31*0f4c859eSApple OSS Distributions * instrumentation inserts for KASAN. Due to the way the INSTALL phase is
32*0f4c859eSApple OSS Distributions * performed in our build system, it's non-trivial to support independent
33*0f4c859eSApple OSS Distributions * .exports for System.kext, therefore we take the easy way out and have
34*0f4c859eSApple OSS Distributions * a common set of exports between KASAN-CLASSIC (asan based) and KASAN-TBI
35*0f4c859eSApple OSS Distributions * (hwasan based). This also simplifies any backward compatibility without
36*0f4c859eSApple OSS Distributions * requiring to duplicate symbols.
37*0f4c859eSApple OSS Distributions *
38*0f4c859eSApple OSS Distributions * For checking and reporting functions, KASAN-TBI is built with
39*0f4c859eSApple OSS Distributions * -mllvm -hwasan-memory-access-callback-prefix="___asan" which allows to
40*0f4c859eSApple OSS Distributions * commonize the implementation. This also imposes that KASAN-CLASSIC and
41*0f4c859eSApple OSS Distributions * KASAN-TBI agree on the definition of access types (TYPE_LOAD/TYPE_STORE),
42*0f4c859eSApple OSS Distributions * which is a fair requirement.
43*0f4c859eSApple OSS Distributions *
44*0f4c859eSApple OSS Distributions * NOTE: there is a vast predominance of asan symbols due to the original
45*0f4c859eSApple OSS Distributions * implementation being based on the userland address sanitizer. For hwasan,
46*0f4c859eSApple OSS Distributions * the kernel-hwaddress sanitizer already strips out a non-trivial amount
47*0f4c859eSApple OSS Distributions * of non-kernel-applicable instrumentation/APIs.
48*0f4c859eSApple OSS Distributions */
49*0f4c859eSApple OSS Distributions
50*0f4c859eSApple OSS Distributions #include <libkern/libkern.h>
51*0f4c859eSApple OSS Distributions #include "kasan.h"
52*0f4c859eSApple OSS Distributions #include "kasan_internal.h"
53*0f4c859eSApple OSS Distributions
54*0f4c859eSApple OSS Distributions
55*0f4c859eSApple OSS Distributions
56*0f4c859eSApple OSS Distributions /* Report and checking for any size-based access. */
57*0f4c859eSApple OSS Distributions #define REPORT_DECLARE(n) \
58*0f4c859eSApple OSS Distributions void OS_NORETURN __asan_report_load##n(uptr p) { kasan_crash_report(p, n, TYPE_LOAD, 0); } \
59*0f4c859eSApple OSS Distributions void OS_NORETURN __asan_report_store##n(uptr p) { kasan_crash_report(p, n, TYPE_STORE, 0); } \
60*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_report_exp_load##n, uptr a, int32_t b); \
61*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_report_exp_store##n, uptr a, int32_t b);
62*0f4c859eSApple OSS Distributions
63*0f4c859eSApple OSS Distributions REPORT_DECLARE(1)
64*0f4c859eSApple OSS Distributions REPORT_DECLARE(2)
65*0f4c859eSApple OSS Distributions REPORT_DECLARE(4)
66*0f4c859eSApple OSS Distributions REPORT_DECLARE(8)
67*0f4c859eSApple OSS Distributions REPORT_DECLARE(16)
68*0f4c859eSApple OSS Distributions
69*0f4c859eSApple OSS Distributions void OS_NORETURN
__asan_report_load_n(uptr p,unsigned long sz)70*0f4c859eSApple OSS Distributions __asan_report_load_n(uptr p, unsigned long sz)
71*0f4c859eSApple OSS Distributions {
72*0f4c859eSApple OSS Distributions kasan_crash_report(p, sz, TYPE_LOAD, 0);
73*0f4c859eSApple OSS Distributions }
74*0f4c859eSApple OSS Distributions void OS_NORETURN
__asan_report_store_n(uptr p,unsigned long sz)75*0f4c859eSApple OSS Distributions __asan_report_store_n(uptr p, unsigned long sz)
76*0f4c859eSApple OSS Distributions {
77*0f4c859eSApple OSS Distributions kasan_crash_report(p, sz, TYPE_STORE, 0);
78*0f4c859eSApple OSS Distributions }
79*0f4c859eSApple OSS Distributions
80*0f4c859eSApple OSS Distributions #define ACCESS_CHECK_DECLARE(type, sz, access) \
81*0f4c859eSApple OSS Distributions void __asan_##type##sz(uptr addr) { \
82*0f4c859eSApple OSS Distributions kasan_check_range((const void *)addr, sz, access); \
83*0f4c859eSApple OSS Distributions } \
84*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_exp_##type##sz, uptr a, int32_t b);
85*0f4c859eSApple OSS Distributions
86*0f4c859eSApple OSS Distributions #define ACCESS_CHECK_DECLARE(type, sz, access) \
87*0f4c859eSApple OSS Distributions void __asan_##type##sz(uptr addr) { \
88*0f4c859eSApple OSS Distributions kasan_check_range((const void *)addr, sz, access); \
89*0f4c859eSApple OSS Distributions } \
90*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_exp_##type##sz, uptr a, int32_t b);
91*0f4c859eSApple OSS Distributions
92*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(load, 1, TYPE_LOAD);
93*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(load, 2, TYPE_LOAD);
94*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(load, 4, TYPE_LOAD);
95*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(load, 8, TYPE_LOAD);
96*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(load, 16, TYPE_LOAD);
97*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(store, 1, TYPE_STORE);
98*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(store, 2, TYPE_STORE);
99*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(store, 4, TYPE_STORE);
100*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(store, 8, TYPE_STORE);
101*0f4c859eSApple OSS Distributions ACCESS_CHECK_DECLARE(store, 16, TYPE_STORE);
102*0f4c859eSApple OSS Distributions
103*0f4c859eSApple OSS Distributions void
__asan_loadN(uptr addr,size_t sz)104*0f4c859eSApple OSS Distributions __asan_loadN(uptr addr, size_t sz)
105*0f4c859eSApple OSS Distributions {
106*0f4c859eSApple OSS Distributions kasan_check_range((const void *)addr, sz, TYPE_LOAD);
107*0f4c859eSApple OSS Distributions }
108*0f4c859eSApple OSS Distributions
109*0f4c859eSApple OSS Distributions void
__asan_storeN(uptr addr,size_t sz)110*0f4c859eSApple OSS Distributions __asan_storeN(uptr addr, size_t sz)
111*0f4c859eSApple OSS Distributions {
112*0f4c859eSApple OSS Distributions kasan_check_range((const void *)addr, sz, TYPE_STORE);
113*0f4c859eSApple OSS Distributions }
114*0f4c859eSApple OSS Distributions
115*0f4c859eSApple OSS Distributions static void
kasan_set_shadow(uptr addr,size_t sz,uint8_t val)116*0f4c859eSApple OSS Distributions kasan_set_shadow(uptr addr, size_t sz, uint8_t val)
117*0f4c859eSApple OSS Distributions {
118*0f4c859eSApple OSS Distributions __nosan_memset((void *)addr, val, sz);
119*0f4c859eSApple OSS Distributions }
120*0f4c859eSApple OSS Distributions
121*0f4c859eSApple OSS Distributions #define SET_SHADOW_DECLARE(val) \
122*0f4c859eSApple OSS Distributions void __asan_set_shadow_##val(uptr addr, size_t sz) { \
123*0f4c859eSApple OSS Distributions kasan_set_shadow(addr, sz, 0x##val); \
124*0f4c859eSApple OSS Distributions }
125*0f4c859eSApple OSS Distributions
126*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(00)
SET_SHADOW_DECLARE(f1)127*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(f1)
128*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(f2)
129*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(f3)
130*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(f5)
131*0f4c859eSApple OSS Distributions SET_SHADOW_DECLARE(f8)
132*0f4c859eSApple OSS Distributions
133*0f4c859eSApple OSS Distributions #if KASAN_CLASSIC
134*0f4c859eSApple OSS Distributions #include "kasan-classic.h"
135*0f4c859eSApple OSS Distributions
136*0f4c859eSApple OSS Distributions uptr
137*0f4c859eSApple OSS Distributions __asan_load_cxx_array_cookie(uptr *p)
138*0f4c859eSApple OSS Distributions {
139*0f4c859eSApple OSS Distributions uint8_t *shadow = SHADOW_FOR_ADDRESS((uptr)p);
140*0f4c859eSApple OSS Distributions if (*shadow == ASAN_ARRAY_COOKIE) {
141*0f4c859eSApple OSS Distributions return *p;
142*0f4c859eSApple OSS Distributions } else if (*shadow == ASAN_HEAP_FREED) {
143*0f4c859eSApple OSS Distributions return 0;
144*0f4c859eSApple OSS Distributions } else {
145*0f4c859eSApple OSS Distributions return *p;
146*0f4c859eSApple OSS Distributions }
147*0f4c859eSApple OSS Distributions }
148*0f4c859eSApple OSS Distributions
149*0f4c859eSApple OSS Distributions void
__asan_poison_cxx_array_cookie(uptr p)150*0f4c859eSApple OSS Distributions __asan_poison_cxx_array_cookie(uptr p)
151*0f4c859eSApple OSS Distributions {
152*0f4c859eSApple OSS Distributions uint8_t *shadow = SHADOW_FOR_ADDRESS(p);
153*0f4c859eSApple OSS Distributions *shadow = ASAN_ARRAY_COOKIE;
154*0f4c859eSApple OSS Distributions }
155*0f4c859eSApple OSS Distributions
156*0f4c859eSApple OSS Distributions unsigned char
__hwasan_generate_tag()157*0f4c859eSApple OSS Distributions __hwasan_generate_tag()
158*0f4c859eSApple OSS Distributions {
159*0f4c859eSApple OSS Distributions return 0;
160*0f4c859eSApple OSS Distributions }
161*0f4c859eSApple OSS Distributions
162*0f4c859eSApple OSS Distributions void
__hwasan_tag_memory(uintptr_t __unused p,unsigned char __unused tag,uintptr_t __unused sz)163*0f4c859eSApple OSS Distributions __hwasan_tag_memory(uintptr_t __unused p, unsigned char __unused tag, uintptr_t __unused sz)
164*0f4c859eSApple OSS Distributions {
165*0f4c859eSApple OSS Distributions }
166*0f4c859eSApple OSS Distributions #else /* KASAN_CLASSIC */
167*0f4c859eSApple OSS Distributions uptr
168*0f4c859eSApple OSS Distributions __asan_load_cxx_array_cookie(uptr __unused *p)
169*0f4c859eSApple OSS Distributions {
170*0f4c859eSApple OSS Distributions return 0;
171*0f4c859eSApple OSS Distributions }
172*0f4c859eSApple OSS Distributions
173*0f4c859eSApple OSS Distributions void
174*0f4c859eSApple OSS Distributions __asan_poison_cxx_array_cookie(uptr __unused p)
175*0f4c859eSApple OSS Distributions {
176*0f4c859eSApple OSS Distributions }
177*0f4c859eSApple OSS Distributions #endif /* KASAN_CLASSIC */
178*0f4c859eSApple OSS Distributions
179*0f4c859eSApple OSS Distributions /*
180*0f4c859eSApple OSS Distributions * Unused ABI.
181*0f4c859eSApple OSS Distributions *
182*0f4c859eSApple OSS Distributions * These symbols must be present for KASAN to work correctly and for some
183*0f4c859eSApple OSS Distributions * external dependency tool to operate properly. E.g. Vortex relies on
184*0f4c859eSApple OSS Distributions * asan_init() being defined to identify a KASAN artifact.
185*0f4c859eSApple OSS Distributions */
186*0f4c859eSApple OSS Distributions #define UNUSED_ABI(func, ...) \
187*0f4c859eSApple OSS Distributions _Pragma("clang diagnostic push") \
188*0f4c859eSApple OSS Distributions _Pragma("clang diagnostic ignored \"-Wunused-parameter\"") \
189*0f4c859eSApple OSS Distributions void func(__VA_ARGS__); \
190*0f4c859eSApple OSS Distributions void func(__VA_ARGS__) {}; \
191*0f4c859eSApple OSS Distributions _Pragma("clang diagnostic pop")
192*0f4c859eSApple OSS Distributions
193*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_alloca_poison, uptr addr, uptr size);
194*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_allocas_unpoison, uptr top, uptr bottom);
195*0f4c859eSApple OSS Distributions UNUSED_ABI(__sanitizer_ptr_sub, uptr a, uptr b);
196*0f4c859eSApple OSS Distributions UNUSED_ABI(__sanitizer_ptr_cmp, uptr a, uptr b);
197*0f4c859eSApple OSS Distributions UNUSED_ABI(__sanitizer_annotate_contiguous_container, const void *a, const void *b, const void *c, const void *d);
198*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_poison_stack_memory, uptr addr, size_t size);
199*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_unpoison_stack_memory, uptr a, uptr b);
200*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_init, void);
201*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_register_image_globals, uptr a);
202*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_unregister_image_globals, uptr a);
203*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_before_dynamic_init, uptr a);
204*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_after_dynamic_init, void);
205*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_v8, void);
206*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_802, void);
207*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_900, void);
208*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_902, void);
209*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_1000, void);
210*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_1001, void);
211*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_clang_1100, void);
212*0f4c859eSApple OSS Distributions UNUSED_ABI(__asan_version_mismatch_check_apple_clang_1200, void);
213*0f4c859eSApple OSS Distributions
214*0f4c859eSApple OSS Distributions /* Panic if any of those is inserted by the instrumentation. */
215*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_init_v5, void);
216*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_register_globals, uptr a, uptr b);
217*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_unregister_globals, uptr a, uptr b);
218*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_register_elf_globals, uptr a, uptr b, uptr c);
219*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_unregister_elf_globals, uptr a, uptr b, uptr c);
220*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_exp_loadN, uptr addr, size_t sz, int32_t e);
221*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_exp_storeN, uptr addr, size_t sz, int32_t e);
222*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_report_exp_load_n, uptr addr, unsigned long b, int32_t c);
223*0f4c859eSApple OSS Distributions void OS_NORETURN UNSUPPORTED_API(__asan_report_exp_store_n, uptr addr, unsigned long b, int32_t c);
224