Blame - src/vppinfra/sanitizer.h - fdio/vpp

blob: cf2da07122543284d40fb09b59ea06c1816ab5b2 [file] [log] [blame]

Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	1	#ifndef _included_clib_sanitizer_h
				2	#define _included_clib_sanitizer_h
				3
				4	#ifdef CLIB_SANITIZE_ADDR
				5
				6	#include <sanitizer/asan_interface.h>
				7	#include <vppinfra/clib.h>
Benoît Ganne	d4721b2	2021-06-09 17:20:16 +0200	[diff] [blame]	8	#include <vppinfra/error_bootstrap.h>
				9
				10	typedef struct
				11	{
				12	size_t shadow_scale;
				13	size_t shadow_offset;
				14	} clib_sanitizer_main_t;
				15
				16	extern clib_sanitizer_main_t sanitizer_main;
Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	17
				18	#define CLIB_NOSANITIZE_ADDR __attribute__((no_sanitize_address))
				19	#define CLIB_MEM_POISON(a, s) ASAN_POISON_MEMORY_REGION((a), (s))
				20	#define CLIB_MEM_UNPOISON(a, s) ASAN_UNPOISON_MEMORY_REGION((a), (s))
				21
Benoît Ganne	d4721b2	2021-06-09 17:20:16 +0200	[diff] [blame]	22	#define CLIB_MEM_OVERFLOW_MAX 64
				23
				24	static_always_inline void
				25	sanitizer_unpoison__ (u64 restrict shadow_ptr, size_t *shadow_len,
				26	const void *ptr, size_t len)
				27	{
				28	size_t scale, off;
				29
				30	if (PREDICT_FALSE (~0 == sanitizer_main.shadow_scale))
				31	__asan_get_shadow_mapping (&sanitizer_main.shadow_scale,
				32	&sanitizer_main.shadow_offset);
				33
				34	scale = sanitizer_main.shadow_scale;
				35	off = sanitizer_main.shadow_offset;
				36
				37	/* compute the shadow address and length */
				38	*shadow_len = len >> scale;
				39	ASSERT (*shadow_len <= CLIB_MEM_OVERFLOW_MAX);
				40	shadow_ptr = (void ) (((clib_address_t) ptr >> scale) + off);
				41	}
				42
				43	static_always_inline CLIB_NOSANITIZE_ADDR void
				44	sanitizer_unpoison_push__ (u64 restrict shadow, const void ptr, size_t len)
				45	{
				46	u64 *restrict shadow_ptr;
				47	size_t shadow_len;
				48	int i;
				49
				50	sanitizer_unpoison__ (&shadow_ptr, &shadow_len, ptr, len);
				51
				52	/* save the shadow area */
				53	for (i = 0; i < shadow_len; i++)
				54	shadow[i] = shadow_ptr[i];
				55
				56	/* unpoison */
				57	for (i = 0; i < shadow_len; i++)
				58	shadow_ptr[i] = 0;
				59	}
				60
				61	static_always_inline CLIB_NOSANITIZE_ADDR void
				62	sanitizer_unpoison_pop__ (const u64 restrict shadow, const void ptr,
				63	size_t len)
				64	{
				65	u64 *restrict shadow_ptr;
				66	size_t shadow_len;
				67	int i;
				68
				69	sanitizer_unpoison__ (&shadow_ptr, &shadow_len, ptr, len);
				70
				71	/* restore the shadow area */
				72	for (i = 0; i < shadow_len; i++)
				73	{
				74	ASSERT (0 == shadow_ptr[i]);
				75	shadow_ptr[i] = shadow[i];
				76	}
				77	}
				78
Benoît Ganne	9685624	2021-09-08 15:36:56 +0200	[diff] [blame^]	79	#define CLIB_MEM_OVERFLOW_PUSH(src, n) \
				80	do \
				81	{ \
				82	const void *clib_mem_overflow_src__ = (src); \
				83	size_t clib_mem_overflow_n__ = (n); \
				84	u64 clib_mem_overflow_shadow__; \
				85	sanitizer_unpoison_push__ (&clib_mem_overflow_shadow__, \
				86	clib_mem_overflow_src__, \
				87	clib_mem_overflow_n__)
Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	88
Benoît Ganne	9685624	2021-09-08 15:36:56 +0200	[diff] [blame^]	89	#define CLIB_MEM_OVERFLOW_POP() \
				90	sanitizer_unpoison_pop__ (&clib_mem_overflow_shadow__, \
				91	clib_mem_overflow_src__, clib_mem_overflow_n__); \
				92	} \
				93	while (0)
				94
				95	#define CLIB_MEM_OVERFLOW_LOAD(src) \
				96	({ \
				97	typeof ((src)) clib_mem_overflow_load_src__ = (src), \
				98	clib_mem_overflow_load_ret__; \
				99	CLIB_MEM_OVERFLOW_PUSH (clib_mem_overflow_load_src__, \
				100	sizeof (*clib_mem_overflow_load_src__)); \
				101	clib_mem_overflow_load_ret__ = *clib_mem_overflow_load_src__; \
				102	CLIB_MEM_OVERFLOW_POP (); \
				103	clib_mem_overflow_load_ret__; \
				104	})
Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	105
				106	static_always_inline void
				107	CLIB_MEM_POISON_LEN (void *src, size_t oldlen, size_t newlen)
				108	{
				109	if (oldlen > newlen)
				110	CLIB_MEM_POISON (src + newlen, oldlen - newlen);
				111	else if (newlen > oldlen)
				112	CLIB_MEM_UNPOISON (src + oldlen, newlen - oldlen);
				113	}
				114
				115	#else /* CLIB_SANITIZE_ADDR */
				116
				117	#define CLIB_NOSANITIZE_ADDR
				118	#define CLIB_MEM_POISON(a, s) (void)(a)
				119	#define CLIB_MEM_UNPOISON(a, s) (void)(a)
Benoît Ganne	9685624	2021-09-08 15:36:56 +0200	[diff] [blame^]	120	#define CLIB_MEM_OVERFLOW_PUSH(a, b) (void) (a)
				121	#define CLIB_MEM_OVERFLOW_POP()
				122	#define CLIB_MEM_OVERFLOW_LOAD(src) (*(src))
Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	123	#define CLIB_MEM_POISON_LEN(a, b, c)
				124
				125	#endif /* CLIB_SANITIZE_ADDR */
				126
Benoît Ganne	01a103b	2020-07-09 14:23:51 +0200	[diff] [blame]	127	/*
				128	* clang tends to force alignment of all sections when compiling for address
				129	* sanitizer. This confuse VPP plugin infra, prevent clang to do that
				130	* On the contrary, GCC does not support this kind of attribute on sections
				131	* sigh.
				132	*/
				133	#ifdef __clang__
				134	#define CLIB_NOSANITIZE_PLUGIN_REG_SECTION CLIB_NOSANITIZE_ADDR
				135	#else
				136	#define CLIB_NOSANITIZE_PLUGIN_REG_SECTION
				137	#endif
				138
Benoît Ganne	9fb6d40	2019-04-15 15:28:21 +0200	[diff] [blame]	139	#endif /* _included_clib_sanitizer_h */
				140
				141	/*
				142	* fd.io coding-style-patch-verification: ON
				143	*
				144	* Local Variables:
				145	* eval: (c-set-style "gnu")
				146	* End:
				147	*/