1*a325d9c4SApple OSS Distributions /*
2*a325d9c4SApple OSS Distributions * Copyright (c) 2020 Apple Inc. All rights reserved.
3*a325d9c4SApple OSS Distributions *
4*a325d9c4SApple OSS Distributions * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5*a325d9c4SApple OSS Distributions *
6*a325d9c4SApple OSS Distributions * This file contains Original Code and/or Modifications of Original Code
7*a325d9c4SApple OSS Distributions * as defined in and that are subject to the Apple Public Source License
8*a325d9c4SApple OSS Distributions * Version 2.0 (the 'License'). You may not use this file except in
9*a325d9c4SApple OSS Distributions * compliance with the License. The rights granted to you under the License
10*a325d9c4SApple OSS Distributions * may not be used to create, or enable the creation or redistribution of,
11*a325d9c4SApple OSS Distributions * unlawful or unlicensed copies of an Apple operating system, or to
12*a325d9c4SApple OSS Distributions * circumvent, violate, or enable the circumvention or violation of, any
13*a325d9c4SApple OSS Distributions * terms of an Apple operating system software license agreement.
14*a325d9c4SApple OSS Distributions *
15*a325d9c4SApple OSS Distributions * Please obtain a copy of the License at
16*a325d9c4SApple OSS Distributions * http://www.opensource.apple.com/apsl/ and read it before using this file.
17*a325d9c4SApple OSS Distributions *
18*a325d9c4SApple OSS Distributions * The Original Code and all software distributed under the License are
19*a325d9c4SApple OSS Distributions * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20*a325d9c4SApple OSS Distributions * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21*a325d9c4SApple OSS Distributions * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22*a325d9c4SApple OSS Distributions * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23*a325d9c4SApple OSS Distributions * Please see the License for the specific language governing rights and
24*a325d9c4SApple OSS Distributions * limitations under the License.
25*a325d9c4SApple OSS Distributions *
26*a325d9c4SApple OSS Distributions * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27*a325d9c4SApple OSS Distributions */
28*a325d9c4SApple OSS Distributions
29*a325d9c4SApple OSS Distributions
30*a325d9c4SApple OSS Distributions #include <System/machine/cpu_capabilities.h>
31*a325d9c4SApple OSS Distributions
32*a325d9c4SApple OSS Distributions #include <darwintest.h>
33*a325d9c4SApple OSS Distributions
34*a325d9c4SApple OSS Distributions #include <stdio.h>
35*a325d9c4SApple OSS Distributions #include <stdint.h>
36*a325d9c4SApple OSS Distributions #include <unistd.h>
37*a325d9c4SApple OSS Distributions #include <sys/sysctl.h>
38*a325d9c4SApple OSS Distributions #include <sys/wait.h>
39*a325d9c4SApple OSS Distributions #include <ptrauth.h>
40*a325d9c4SApple OSS Distributions #include <dispatch/dispatch.h>
41*a325d9c4SApple OSS Distributions #include <libkern/OSAtomic.h>
42*a325d9c4SApple OSS Distributions
43*a325d9c4SApple OSS Distributions T_GLOBAL_META(T_META_RUN_CONCURRENTLY(true));
44*a325d9c4SApple OSS Distributions
45*a325d9c4SApple OSS Distributions #if TARGET_OS_OSX && defined(_COMM_PAGE_TEXT_ATOMIC_ENQUEUE)
46*a325d9c4SApple OSS Distributions
47*a325d9c4SApple OSS Distributions /* Keys and discriminators */
48*a325d9c4SApple OSS Distributions #define COMMPAGE_PFZ_BASE_AUTH_KEY ptrauth_key_process_independent_code
49*a325d9c4SApple OSS Distributions #define COMMPAGE_PFZ_FN_AUTH_KEY ptrauth_key_function_pointer
50*a325d9c4SApple OSS Distributions #define COMMPAGE_PFZ_BASE_DISCRIMINATOR ptrauth_string_discriminator("pfz")
51*a325d9c4SApple OSS Distributions
52*a325d9c4SApple OSS Distributions /* Auth and sign macros */
53*a325d9c4SApple OSS Distributions #define SIGN_COMMPAGE_PFZ_BASE_PTR(ptr) \
54*a325d9c4SApple OSS Distributions ptrauth_sign_unauthenticated(ptr, COMMPAGE_PFZ_BASE_AUTH_KEY, COMMPAGE_PFZ_BASE_DISCRIMINATOR)
55*a325d9c4SApple OSS Distributions #define AUTH_COMMPAGE_PFZ_BASE_PTR(ptr) \
56*a325d9c4SApple OSS Distributions ptrauth_auth_data(ptr, COMMPAGE_PFZ_BASE_AUTH_KEY, COMMPAGE_PFZ_BASE_DISCRIMINATOR)
57*a325d9c4SApple OSS Distributions #define SIGN_COMMPAGE_PFZ_FUNCTION_PTR(ptr) \
58*a325d9c4SApple OSS Distributions ptrauth_sign_unauthenticated(ptr, COMMPAGE_PFZ_FN_AUTH_KEY, 0)
59*a325d9c4SApple OSS Distributions
60*a325d9c4SApple OSS Distributions static void *commpage_pfz_base = NULL;
61*a325d9c4SApple OSS Distributions
62*a325d9c4SApple OSS Distributions static void *
get_pfz_base(void)63*a325d9c4SApple OSS Distributions get_pfz_base(void)
64*a325d9c4SApple OSS Distributions {
65*a325d9c4SApple OSS Distributions void *pfz_base = NULL;
66*a325d9c4SApple OSS Distributions size_t s = sizeof(void *);
67*a325d9c4SApple OSS Distributions
68*a325d9c4SApple OSS Distributions int ret = sysctlbyname("kern.pfz", &pfz_base, &s, NULL, 0);
69*a325d9c4SApple OSS Distributions T_ASSERT_POSIX_SUCCESS(ret, "sysctlbyname(kern.pfz)");
70*a325d9c4SApple OSS Distributions
71*a325d9c4SApple OSS Distributions commpage_pfz_base = SIGN_COMMPAGE_PFZ_BASE_PTR(pfz_base);
72*a325d9c4SApple OSS Distributions T_LOG("pfz base = 0x%llx\n", commpage_pfz_base);
73*a325d9c4SApple OSS Distributions }
74*a325d9c4SApple OSS Distributions
75*a325d9c4SApple OSS Distributions static void
undefined_function(void)76*a325d9c4SApple OSS Distributions undefined_function(void)
77*a325d9c4SApple OSS Distributions {
78*a325d9c4SApple OSS Distributions // We can use the same commpage_pfz_base as parent since the PFZ is slide
79*a325d9c4SApple OSS Distributions // once per boot and is same across all processes
80*a325d9c4SApple OSS Distributions void (*undefined)(void);
81*a325d9c4SApple OSS Distributions uintptr_t addr = (uintptr_t) (void *) AUTH_COMMPAGE_PFZ_BASE_PTR(commpage_pfz_base);
82*a325d9c4SApple OSS Distributions addr += _COMM_PAGE_TEXT_ATOMIC_DEQUEUE;
83*a325d9c4SApple OSS Distributions addr += 4; // Jump ahead
84*a325d9c4SApple OSS Distributions undefined = SIGN_COMMPAGE_PFZ_FUNCTION_PTR((void *)addr);
85*a325d9c4SApple OSS Distributions
86*a325d9c4SApple OSS Distributions return undefined();
87*a325d9c4SApple OSS Distributions }
88*a325d9c4SApple OSS Distributions
89*a325d9c4SApple OSS Distributions typedef struct {
90*a325d9c4SApple OSS Distributions void *next;
91*a325d9c4SApple OSS Distributions char *str;
92*a325d9c4SApple OSS Distributions } QueueNode;
93*a325d9c4SApple OSS Distributions
94*a325d9c4SApple OSS Distributions T_DECL(test_arm_pfz, "Validate that ARM PFZ is mapped in",
95*a325d9c4SApple OSS Distributions T_META_CHECK_LEAKS(false), T_META_IGNORECRASHES(".*undefined_function*"),
96*a325d9c4SApple OSS Distributions T_META_ENABLED(false) /* rdar://62615792 */)
97*a325d9c4SApple OSS Distributions {
98*a325d9c4SApple OSS Distributions static dispatch_once_t pred;
99*a325d9c4SApple OSS Distributions dispatch_once(&pred, ^{
100*a325d9c4SApple OSS Distributions commpage_pfz_base = get_pfz_base();
101*a325d9c4SApple OSS Distributions });
102*a325d9c4SApple OSS Distributions
103*a325d9c4SApple OSS Distributions OSFifoQueueHead head = OS_ATOMIC_FIFO_QUEUE_INIT;
104*a325d9c4SApple OSS Distributions char *str1 = "String 1", *str2 = "String 2";
105*a325d9c4SApple OSS Distributions QueueNode node1 = { 0, str1 };
106*a325d9c4SApple OSS Distributions QueueNode node2 = { 0, str2 };
107*a325d9c4SApple OSS Distributions
108*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(&head, &node1, 0);
109*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(&head, &node2, 0);
110*a325d9c4SApple OSS Distributions QueueNode *node_ptr = OSAtomicFifoDequeue(&head, 0);
111*a325d9c4SApple OSS Distributions T_ASSERT_EQ(strcmp(node_ptr->str, str1), 0, "Dequeued first node correctly");
112*a325d9c4SApple OSS Distributions
113*a325d9c4SApple OSS Distributions node_ptr = OSAtomicFifoDequeue(&head, 0);
114*a325d9c4SApple OSS Distributions T_ASSERT_EQ(strcmp(node_ptr->str, str2), 0, "Dequeued second node correctly");
115*a325d9c4SApple OSS Distributions
116*a325d9c4SApple OSS Distributions node_ptr = OSAtomicFifoDequeue(&head, 0);
117*a325d9c4SApple OSS Distributions T_ASSERT_EQ(node_ptr, NULL, "Dequeuing from empty list correctly");
118*a325d9c4SApple OSS Distributions
119*a325d9c4SApple OSS Distributions int child_pid = 0;
120*a325d9c4SApple OSS Distributions if ((child_pid = fork()) == 0) { // Child should call undefined function
121*a325d9c4SApple OSS Distributions return undefined_function();
122*a325d9c4SApple OSS Distributions } else {
123*a325d9c4SApple OSS Distributions int status = 0;
124*a325d9c4SApple OSS Distributions wait(&status);
125*a325d9c4SApple OSS Distributions
126*a325d9c4SApple OSS Distributions T_ASSERT_EQ(!WIFEXITED(status), true, "Did not exit cleanly");
127*a325d9c4SApple OSS Distributions T_ASSERT_EQ(WIFSIGNALED(status), true, "Exited due to signal");
128*a325d9c4SApple OSS Distributions T_LOG("Signal number = %d\n", WTERMSIG(status));
129*a325d9c4SApple OSS Distributions }
130*a325d9c4SApple OSS Distributions }
131*a325d9c4SApple OSS Distributions
132*a325d9c4SApple OSS Distributions T_DECL(test_rdar_65270017, "Testing for rdar 65270017",
133*a325d9c4SApple OSS Distributions T_META_CHECK_LEAKS(false), T_META_ENABLED(false) /* rdar://65270017 */)
134*a325d9c4SApple OSS Distributions {
135*a325d9c4SApple OSS Distributions static dispatch_once_t pred;
136*a325d9c4SApple OSS Distributions dispatch_once(&pred, ^{
137*a325d9c4SApple OSS Distributions commpage_pfz_base = get_pfz_base();
138*a325d9c4SApple OSS Distributions });
139*a325d9c4SApple OSS Distributions
140*a325d9c4SApple OSS Distributions struct OSAtomicFifoHeadWrapper {
141*a325d9c4SApple OSS Distributions // Embedded OSFifoQueueHead structure inside the structure
142*a325d9c4SApple OSS Distributions void *first;
143*a325d9c4SApple OSS Distributions void *last;
144*a325d9c4SApple OSS Distributions int opaque;
145*a325d9c4SApple OSS Distributions
146*a325d9c4SApple OSS Distributions int data;
147*a325d9c4SApple OSS Distributions } wrapped_head = {
148*a325d9c4SApple OSS Distributions .first = NULL,
149*a325d9c4SApple OSS Distributions .last = NULL,
150*a325d9c4SApple OSS Distributions .opaque = 0,
151*a325d9c4SApple OSS Distributions .data = 0xfeed
152*a325d9c4SApple OSS Distributions };
153*a325d9c4SApple OSS Distributions
154*a325d9c4SApple OSS Distributions char *str1 = "String 1", *str2 = "String 2";
155*a325d9c4SApple OSS Distributions QueueNode node1 = { 0, str1 };
156*a325d9c4SApple OSS Distributions QueueNode node2 = { 0, str2 };
157*a325d9c4SApple OSS Distributions
158*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(&wrapped_head, &node1, 0);
159*a325d9c4SApple OSS Distributions T_ASSERT_EQ(wrapped_head.data, 0xfeed, "data is valid");
160*a325d9c4SApple OSS Distributions
161*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(&wrapped_head, &node2, 0);
162*a325d9c4SApple OSS Distributions T_ASSERT_EQ(wrapped_head.data, 0xfeed, "data is valid");
163*a325d9c4SApple OSS Distributions
164*a325d9c4SApple OSS Distributions QueueNode *node_ptr = OSAtomicFifoDequeue(&wrapped_head, 0);
165*a325d9c4SApple OSS Distributions T_ASSERT_EQ(strcmp(node_ptr->str, str1), 0, "Dequeued first node correctly");
166*a325d9c4SApple OSS Distributions T_ASSERT_EQ(wrapped_head.data, 0xfeed, "data is valid");
167*a325d9c4SApple OSS Distributions
168*a325d9c4SApple OSS Distributions node_ptr = OSAtomicFifoDequeue(&wrapped_head, 0);
169*a325d9c4SApple OSS Distributions T_ASSERT_EQ(strcmp(node_ptr->str, str2), 0, "Dequeued second node correctly");
170*a325d9c4SApple OSS Distributions T_ASSERT_EQ(wrapped_head.data, 0xfeed, "data is valid");
171*a325d9c4SApple OSS Distributions
172*a325d9c4SApple OSS Distributions node_ptr = OSAtomicFifoDequeue(&wrapped_head, 0);
173*a325d9c4SApple OSS Distributions T_ASSERT_EQ(node_ptr, NULL, "Dequeuing from empty list correctly");
174*a325d9c4SApple OSS Distributions T_ASSERT_EQ(wrapped_head.data, 0xfeed, "data is valid");
175*a325d9c4SApple OSS Distributions }
176*a325d9c4SApple OSS Distributions
177*a325d9c4SApple OSS Distributions #define WIDE 50ll
178*a325d9c4SApple OSS Distributions #define SMALL 2000ll
179*a325d9c4SApple OSS Distributions
180*a325d9c4SApple OSS Distributions void
preheat(dispatch_queue_t dq)181*a325d9c4SApple OSS Distributions preheat(dispatch_queue_t dq)
182*a325d9c4SApple OSS Distributions {
183*a325d9c4SApple OSS Distributions dispatch_apply(WIDE, dq, ^(size_t i) {
184*a325d9c4SApple OSS Distributions sleep(1);
185*a325d9c4SApple OSS Distributions });
186*a325d9c4SApple OSS Distributions }
187*a325d9c4SApple OSS Distributions
188*a325d9c4SApple OSS Distributions typedef struct elem {
189*a325d9c4SApple OSS Distributions long data1;
190*a325d9c4SApple OSS Distributions struct elem *link;
191*a325d9c4SApple OSS Distributions int data2;
192*a325d9c4SApple OSS Distributions } elem_t;
193*a325d9c4SApple OSS Distributions
194*a325d9c4SApple OSS Distributions static size_t offset = offsetof(elem_t, link);
195*a325d9c4SApple OSS Distributions static elem_t elements[WIDE][SMALL];
196*a325d9c4SApple OSS Distributions
197*a325d9c4SApple OSS Distributions T_DECL(test_65270017_contended, "multithreaded testing for radar 65270017")
198*a325d9c4SApple OSS Distributions {
199*a325d9c4SApple OSS Distributions dispatch_queue_t global_q = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0);
200*a325d9c4SApple OSS Distributions dispatch_queue_t queue = dispatch_queue_create("com.apple.libctests.threaded", 0);
201*a325d9c4SApple OSS Distributions uint64_t __block t = 0;
202*a325d9c4SApple OSS Distributions
203*a325d9c4SApple OSS Distributions struct OSAtomicFifoHeadWrapper {
204*a325d9c4SApple OSS Distributions // Embedded OSFifoQueueHead structure inside the structure
205*a325d9c4SApple OSS Distributions void *first;
206*a325d9c4SApple OSS Distributions void *last;
207*a325d9c4SApple OSS Distributions int opaque;
208*a325d9c4SApple OSS Distributions
209*a325d9c4SApple OSS Distributions int data;
210*a325d9c4SApple OSS Distributions };
211*a325d9c4SApple OSS Distributions
212*a325d9c4SApple OSS Distributions struct OSAtomicFifoHeadWrapper wrapped_q_head1 = {
213*a325d9c4SApple OSS Distributions .first = NULL,
214*a325d9c4SApple OSS Distributions .last = NULL,
215*a325d9c4SApple OSS Distributions .opaque = 0,
216*a325d9c4SApple OSS Distributions .data = 0xfeed
217*a325d9c4SApple OSS Distributions };
218*a325d9c4SApple OSS Distributions OSFifoQueueHead *q1 = (OSFifoQueueHead *) &wrapped_q_head1;
219*a325d9c4SApple OSS Distributions
220*a325d9c4SApple OSS Distributions struct OSAtomicFifoHeadWrapper wrapped_q_head2 = {
221*a325d9c4SApple OSS Distributions .first = NULL,
222*a325d9c4SApple OSS Distributions .last = NULL,
223*a325d9c4SApple OSS Distributions .opaque = 0,
224*a325d9c4SApple OSS Distributions .data = 0xdead
225*a325d9c4SApple OSS Distributions };
226*a325d9c4SApple OSS Distributions OSFifoQueueHead *q2 = (OSFifoQueueHead *) &wrapped_q_head2;
227*a325d9c4SApple OSS Distributions
228*a325d9c4SApple OSS Distributions t = 0;
229*a325d9c4SApple OSS Distributions T_LOG("Preheating thread pool");
230*a325d9c4SApple OSS Distributions
231*a325d9c4SApple OSS Distributions preheat(global_q);
232*a325d9c4SApple OSS Distributions
233*a325d9c4SApple OSS Distributions T_LOG("Starting contended pfz test");
234*a325d9c4SApple OSS Distributions
235*a325d9c4SApple OSS Distributions dispatch_apply(WIDE, global_q, ^(size_t i) {
236*a325d9c4SApple OSS Distributions dispatch_apply(SMALL, global_q, ^(size_t idx) {
237*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(q1, &(elements[i][idx]), offset); // contended enqueue on q1
238*a325d9c4SApple OSS Distributions });
239*a325d9c4SApple OSS Distributions
240*a325d9c4SApple OSS Distributions uint32_t count = 0;
241*a325d9c4SApple OSS Distributions elem_t *p = NULL;
242*a325d9c4SApple OSS Distributions do {
243*a325d9c4SApple OSS Distributions p = OSAtomicFifoDequeue(q1, offset);
244*a325d9c4SApple OSS Distributions T_QUIET; T_ASSERT_EQ(wrapped_q_head1.data, 0xfeed, "q1 data is valid");
245*a325d9c4SApple OSS Distributions if (p) {
246*a325d9c4SApple OSS Distributions OSAtomicFifoEnqueue(q2, p, offset);
247*a325d9c4SApple OSS Distributions T_QUIET; T_ASSERT_EQ(wrapped_q_head2.data, 0xdead, "q2 data is valid");
248*a325d9c4SApple OSS Distributions count++;
249*a325d9c4SApple OSS Distributions }
250*a325d9c4SApple OSS Distributions } while (p != NULL);
251*a325d9c4SApple OSS Distributions
252*a325d9c4SApple OSS Distributions dispatch_sync(queue, ^{
253*a325d9c4SApple OSS Distributions t += count;
254*a325d9c4SApple OSS Distributions });
255*a325d9c4SApple OSS Distributions });
256*a325d9c4SApple OSS Distributions T_ASSERT_EQ(t, ((uint64_t)WIDE * (uint64_t)SMALL), "OSAtomicFifoEnqueue");
257*a325d9c4SApple OSS Distributions
258*a325d9c4SApple OSS Distributions t = 0;
259*a325d9c4SApple OSS Distributions dispatch_apply(WIDE, global_q, ^(size_t i) {
260*a325d9c4SApple OSS Distributions uint32_t count = 0;
261*a325d9c4SApple OSS Distributions elem_t *p = NULL;
262*a325d9c4SApple OSS Distributions do {
263*a325d9c4SApple OSS Distributions p = OSAtomicFifoDequeue(q2, offset);
264*a325d9c4SApple OSS Distributions T_QUIET; T_ASSERT_EQ(wrapped_q_head2.data, 0xdead, "q2 data is valid");
265*a325d9c4SApple OSS Distributions if (p) {
266*a325d9c4SApple OSS Distributions count++;
267*a325d9c4SApple OSS Distributions }
268*a325d9c4SApple OSS Distributions } while (p != NULL);
269*a325d9c4SApple OSS Distributions dispatch_sync(queue, ^{
270*a325d9c4SApple OSS Distributions t += count;
271*a325d9c4SApple OSS Distributions });
272*a325d9c4SApple OSS Distributions });
273*a325d9c4SApple OSS Distributions
274*a325d9c4SApple OSS Distributions T_ASSERT_EQ(t, ((uint64_t)WIDE * (uint64_t)SMALL), "OSAtomicFifoDequeue");
275*a325d9c4SApple OSS Distributions
276*a325d9c4SApple OSS Distributions dispatch_release(queue);
277*a325d9c4SApple OSS Distributions }
278*a325d9c4SApple OSS Distributions
279*a325d9c4SApple OSS Distributions #else
280*a325d9c4SApple OSS Distributions
281*a325d9c4SApple OSS Distributions T_DECL(test_arm_pfz, "Validate that ARM PFZ is mapped in",
282*a325d9c4SApple OSS Distributions T_META_CHECK_LEAKS(false))
283*a325d9c4SApple OSS Distributions {
284*a325d9c4SApple OSS Distributions T_SKIP("No PFZ, _COMM_PAGE_TEXT_ATOMIC_ENQUEUE doesn't exist");
285*a325d9c4SApple OSS Distributions }
286*a325d9c4SApple OSS Distributions
287*a325d9c4SApple OSS Distributions #endif
288