1 /*
2 * Copyright (c) 2019 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 #ifndef _KSANCOV_H_
30 #define _KSANCOV_H_
31
32 #include <stdint.h>
33 #include <stdatomic.h>
34 #include <sys/ioccom.h>
35 #include <strings.h>
36 #include <assert.h>
37 #include <unistd.h>
38
39
40 #define KSANCOV_DEVNODE "ksancov"
41 #define KSANCOV_PATH "/dev/" KSANCOV_DEVNODE
42
43 /* Set mode */
44 #define KSANCOV_IOC_TRACE _IOW('K', 1, size_t) /* number of pcs */
45 #define KSANCOV_IOC_COUNTERS _IO('K', 2)
46 #define KSANCOV_IOC_STKSIZE _IOW('K', 3, size_t) /* number of pcs */
47
48 /* Establish a shared mapping of the coverage buffer. */
49 #define KSANCOV_IOC_MAP _IOWR('K', 8, struct ksancov_buf_desc)
50
51 /* Establish a shared mapping of the edge address buffer. */
52 #define KSANCOV_IOC_MAP_EDGEMAP _IOWR('K', 9, struct ksancov_buf_desc)
53
54 /* Log the current thread */
55 #define KSANCOV_IOC_START _IOW('K', 10, uintptr_t)
56 #define KSANCOV_IOC_NEDGES _IOR('K', 50, size_t)
57
58 /*
59 * shared kernel-user mapping
60 */
61
62 #define KSANCOV_MAX_EDGES 512UL*1024
63 #define KSANCOV_MAX_HITS UINT8_MAX
64 #define KSANCOV_TRACE_MAGIC (uint32_t)0x5AD17F5BU
65 #define KSANCOV_COUNTERS_MAGIC (uint32_t)0x5AD27F6BU
66 #define KSANCOV_EDGEMAP_MAGIC (uint32_t)0x5AD37F7BU
67 #define KSANCOV_STKSIZE_MAGIC (uint32_t)0x5AD47F8BU
68
69 /*
70 * ioctl
71 */
72
73 struct ksancov_buf_desc {
74 uintptr_t ptr; /* ptr to shared buffer [out] */
75 size_t sz; /* size of shared buffer [out] */
76 };
77
78 /*
79 * Supported coverage modes.
80 */
81 typedef enum {
82 KS_MODE_NONE,
83 KS_MODE_TRACE,
84 KS_MODE_COUNTERS,
85 KS_MODE_STKSIZE,
86 KS_MODE_MAX
87 } ksancov_mode_t;
88
89 /*
90 * A header that is always present in every ksancov mode shared memory structure.
91 */
92 typedef struct ksancov_header {
93 uint32_t kh_magic;
94 _Atomic uint32_t kh_enabled;
95 } ksancov_header_t;
96
97 /*
98 * TRACE mode data structure.
99 */
100
101 /*
102 * All trace based tools share this structure.
103 */
104 typedef struct ksancov_trace {
105 ksancov_header_t kt_hdr; /* header (must be always first) */
106 uintptr_t kt_offset; /* All recorded PCs are relateive to this offset. */
107 uint32_t kt_maxent; /* Maximum entries in this shared buffer. */
108 _Atomic uint32_t kt_head; /* Pointer to the first unused element. */
109 uint64_t kt_entries[]; /* Trace entries in this buffer. */
110 } ksancov_trace_t;
111
112
113 /* PC tracing only records PC deltas from the offset. */
114 typedef uint32_t ksancov_trace_pc_ent_t;
115
116 /* STKSIZE tracing records PC deltas and stack size. */
117 typedef struct ksancov_trace_stksize_entry {
118 uint32_t pc; /* PC-delta (offset relative) */
119 uint32_t stksize; /* associated stack size */
120 } ksancov_trace_stksize_ent_t;
121
122 /*
123 * COUNTERS mode data structure.
124 */
125 typedef struct ksancov_counters {
126 ksancov_header_t kc_hdr;
127 uint32_t kc_nedges; /* total number of edges */
128 uint8_t kc_hits[]; /* hits on each edge (8bit saturating) */
129 } ksancov_counters_t;
130
131 /*
132 * Edge to PC mapping.
133 */
134 typedef struct ksancov_edgemap {
135 uint32_t ke_magic;
136 uint32_t ke_nedges;
137 uintptr_t ke_offset; /* edge addrs relative to this */
138 uint32_t ke_addrs[]; /* address of each edge relative to 'offset' */
139 } ksancov_edgemap_t;
140
141 /*
142 * ksancov userspace API
143 *
144 * Usage:
145 * 1) open the ksancov device
146 * 2) set the coverage mode
147 * 3) map the coverage buffer
148 * 4) start the trace on a thread
149 * 5) flip the enable bit
150 */
151
152 static inline int
ksancov_open(void)153 ksancov_open(void)
154 {
155 return open(KSANCOV_PATH, 0);
156 }
157
158 static inline int
ksancov_map(int fd,uintptr_t * buf,size_t * sz)159 ksancov_map(int fd, uintptr_t *buf, size_t *sz)
160 {
161 int ret;
162 struct ksancov_buf_desc mc = {0};
163
164 ret = ioctl(fd, KSANCOV_IOC_MAP, &mc);
165 if (ret == -1) {
166 return errno;
167 }
168
169 *buf = mc.ptr;
170 if (sz) {
171 *sz = mc.sz;
172 }
173
174 ksancov_header_t *hdr = (void *)mc.ptr;
175 assert(hdr->kh_magic == KSANCOV_TRACE_MAGIC ||
176 hdr->kh_magic == KSANCOV_COUNTERS_MAGIC ||
177 hdr->kh_magic == KSANCOV_STKSIZE_MAGIC);
178
179 return 0;
180 }
181
182 static inline int
ksancov_map_edgemap(int fd,uintptr_t * buf,size_t * sz)183 ksancov_map_edgemap(int fd, uintptr_t *buf, size_t *sz)
184 {
185 int ret;
186 struct ksancov_buf_desc mc = {0};
187
188 ret = ioctl(fd, KSANCOV_IOC_MAP_EDGEMAP, &mc);
189 if (ret == -1) {
190 return errno;
191 }
192
193 *buf = mc.ptr;
194 if (sz) {
195 *sz = mc.sz;
196 }
197
198 ksancov_edgemap_t *emap = (void *)mc.ptr;
199 assert(emap->ke_magic == KSANCOV_EDGEMAP_MAGIC);
200
201 return 0;
202 }
203
204 static inline size_t
ksancov_nedges(int fd)205 ksancov_nedges(int fd)
206 {
207 size_t nedges;
208 int ret = ioctl(fd, KSANCOV_IOC_NEDGES, &nedges);
209 if (ret == -1) {
210 return SIZE_MAX;
211 }
212 return nedges;
213 }
214
215 static inline int
ksancov_mode_trace(int fd,size_t entries)216 ksancov_mode_trace(int fd, size_t entries)
217 {
218 int ret;
219 ret = ioctl(fd, KSANCOV_IOC_TRACE, &entries);
220 if (ret == -1) {
221 return errno;
222 }
223 return 0;
224 }
225
226 static inline int
ksancov_mode_stksize(int fd,size_t entries)227 ksancov_mode_stksize(int fd, size_t entries)
228 {
229 int ret;
230 ret = ioctl(fd, KSANCOV_IOC_STKSIZE, &entries);
231 if (ret == -1) {
232 return errno;
233 }
234 return 0;
235 }
236
237 static inline int
ksancov_mode_counters(int fd)238 ksancov_mode_counters(int fd)
239 {
240 int ret;
241 ret = ioctl(fd, KSANCOV_IOC_COUNTERS);
242 if (ret == -1) {
243 return errno;
244 }
245 return 0;
246 }
247
248 static inline int
ksancov_thread_self(int fd)249 ksancov_thread_self(int fd)
250 {
251 int ret;
252 uintptr_t th = 0;
253 ret = ioctl(fd, KSANCOV_IOC_START, &th);
254 if (ret == -1) {
255 return errno;
256 }
257 return 0;
258 }
259
260 static inline int
ksancov_start(void * buf)261 ksancov_start(void *buf)
262 {
263 ksancov_header_t *hdr = (ksancov_header_t *)buf;
264 atomic_store_explicit(&hdr->kh_enabled, 1, memory_order_relaxed);
265 return 0;
266 }
267
268 static inline int
ksancov_stop(void * buf)269 ksancov_stop(void *buf)
270 {
271 ksancov_header_t *hdr = (ksancov_header_t *)buf;
272 atomic_store_explicit(&hdr->kh_enabled, 0, memory_order_relaxed);
273 return 0;
274 }
275
276 static inline int
ksancov_reset(void * buf)277 ksancov_reset(void *buf)
278 {
279 ksancov_header_t *hdr = (ksancov_header_t *)buf;
280 if (hdr->kh_magic == KSANCOV_TRACE_MAGIC || hdr->kh_magic == KSANCOV_STKSIZE_MAGIC) {
281 ksancov_trace_t *trace = (ksancov_trace_t *)buf;
282 atomic_store_explicit(&trace->kt_head, 0, memory_order_relaxed);
283 } else if (hdr->kh_magic == KSANCOV_COUNTERS_MAGIC) {
284 ksancov_counters_t *counters = (ksancov_counters_t *)buf;
285 bzero(counters->kc_hits, counters->kc_nedges);
286 } else {
287 return EINVAL;
288 }
289 return 0;
290 }
291
292 static inline uintptr_t
ksancov_edge_addr(ksancov_edgemap_t * kemap,size_t idx)293 ksancov_edge_addr(ksancov_edgemap_t *kemap, size_t idx)
294 {
295 assert(kemap);
296 if (idx >= kemap->ke_nedges) {
297 return 0;
298 }
299 return kemap->ke_addrs[idx] + kemap->ke_offset;
300 }
301
302 static inline size_t
ksancov_trace_max_ent(ksancov_trace_t * trace)303 ksancov_trace_max_ent(ksancov_trace_t *trace)
304 {
305 assert(trace);
306 return trace->kt_maxent;
307 }
308
309 static inline uintptr_t
ksancov_trace_offset(ksancov_trace_t * trace)310 ksancov_trace_offset(ksancov_trace_t *trace)
311 {
312 assert(trace);
313 return trace->kt_offset;
314 }
315
316 static inline size_t
ksancov_trace_head(ksancov_trace_t * trace)317 ksancov_trace_head(ksancov_trace_t *trace)
318 {
319 assert(trace);
320 size_t maxent = trace->kt_maxent;
321 size_t head = atomic_load_explicit(&trace->kt_head, memory_order_acquire);
322 return head < maxent ? head : maxent;
323 }
324
325 static inline uintptr_t
ksancov_trace_entry(ksancov_trace_t * trace,size_t i)326 ksancov_trace_entry(ksancov_trace_t *trace, size_t i)
327 {
328 assert(trace);
329 assert(trace->kt_hdr.kh_magic == KSANCOV_TRACE_MAGIC);
330 if (i >= trace->kt_head) {
331 return 0;
332 }
333
334 ksancov_trace_pc_ent_t *entries = (ksancov_trace_pc_ent_t *)trace->kt_entries;
335 return entries[i] + trace->kt_offset;
336 }
337
338 static inline uintptr_t
ksancov_stksize_pc(ksancov_trace_t * trace,size_t i)339 ksancov_stksize_pc(ksancov_trace_t *trace, size_t i)
340 {
341 assert(trace);
342 assert(trace->kt_hdr.kh_magic == KSANCOV_STKSIZE_MAGIC);
343 if (i >= trace->kt_head) {
344 return 0;
345 }
346
347 ksancov_trace_stksize_ent_t *entries = (ksancov_trace_stksize_ent_t *)trace->kt_entries;
348 return entries[i].pc + trace->kt_offset;
349 }
350
351 static inline uint32_t
ksancov_stksize_size(ksancov_trace_t * trace,size_t i)352 ksancov_stksize_size(ksancov_trace_t *trace, size_t i)
353 {
354 assert(trace);
355 assert(trace->kt_hdr.kh_magic == KSANCOV_STKSIZE_MAGIC);
356 if (i >= trace->kt_head) {
357 return 0;
358 }
359
360 ksancov_trace_stksize_ent_t *entries = (ksancov_trace_stksize_ent_t *)trace->kt_entries;
361 return entries[i].stksize;
362 }
363
364 #endif /* _KSANCOV_H_ */
365