1 //===-- hwasan.h ------------------------------------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file is a part of HWAddressSanitizer. 10 // 11 // Private Hwasan header. 12 //===----------------------------------------------------------------------===// 13 14 #ifndef HWASAN_H 15 #define HWASAN_H 16 17 #include "hwasan_flags.h" 18 #include "hwasan_interface_internal.h" 19 #include "sanitizer_common/sanitizer_common.h" 20 #include "sanitizer_common/sanitizer_flags.h" 21 #include "sanitizer_common/sanitizer_internal_defs.h" 22 #include "sanitizer_common/sanitizer_stacktrace.h" 23 #include "ubsan/ubsan_platform.h" 24 25 #ifndef HWASAN_CONTAINS_UBSAN 26 # define HWASAN_CONTAINS_UBSAN CAN_SANITIZE_UB 27 #endif 28 29 #ifndef HWASAN_WITH_INTERCEPTORS 30 #define HWASAN_WITH_INTERCEPTORS 0 31 #endif 32 33 #ifndef HWASAN_REPLACE_OPERATORS_NEW_AND_DELETE 34 #define HWASAN_REPLACE_OPERATORS_NEW_AND_DELETE HWASAN_WITH_INTERCEPTORS 35 #endif 36 37 typedef u8 tag_t; 38 39 #if defined(HWASAN_ALIASING_MODE) 40 # if !defined(__x86_64__) 41 # error Aliasing mode is only supported on x86_64 42 # endif 43 // Tags are done in middle bits using userspace aliasing. 44 constexpr unsigned kAddressTagShift = 39; 45 constexpr unsigned kTagBits = 3; 46 47 // The alias region is placed next to the shadow so the upper bits of all 48 // taggable addresses matches the upper bits of the shadow base. This shift 49 // value determines which upper bits must match. It has a floor of 44 since the 50 // shadow is always 8TB. 51 // TODO(morehouse): In alias mode we can shrink the shadow and use a 52 // simpler/faster shadow calculation. 53 constexpr unsigned kTaggableRegionCheckShift = 54 __sanitizer::Max(kAddressTagShift + kTagBits + 1U, 44U); 55 #elif defined(__x86_64__) 56 // Tags are done in upper bits using Intel LAM. 57 constexpr unsigned kAddressTagShift = 57; 58 constexpr unsigned kTagBits = 6; 59 #else 60 // TBI (Top Byte Ignore) feature of AArch64: bits [63:56] are ignored in address 61 // translation and can be used to store a tag. 62 constexpr unsigned kAddressTagShift = 56; 63 constexpr unsigned kTagBits = 8; 64 #endif // defined(HWASAN_ALIASING_MODE) 65 66 // Mask for extracting tag bits from the lower 8 bits. 67 constexpr uptr kTagMask = (1UL << kTagBits) - 1; 68 69 // Mask for extracting tag bits from full pointers. 70 constexpr uptr kAddressTagMask = kTagMask << kAddressTagShift; 71 72 // Minimal alignment of the shadow base address. Determines the space available 73 // for threads and stack histories. This is an ABI constant. 74 const unsigned kShadowBaseAlignment = 32; 75 76 const unsigned kRecordAddrBaseTagShift = 3; 77 const unsigned kRecordFPShift = 48; 78 const unsigned kRecordFPLShift = 4; 79 const unsigned kRecordFPModulus = 1 << (64 - kRecordFPShift + kRecordFPLShift); 80 81 static inline tag_t GetTagFromPointer(uptr p) { 82 return (p >> kAddressTagShift) & kTagMask; 83 } 84 85 static inline uptr UntagAddr(uptr tagged_addr) { 86 return tagged_addr & ~kAddressTagMask; 87 } 88 89 static inline void *UntagPtr(const void *tagged_ptr) { 90 return reinterpret_cast<void *>( 91 UntagAddr(reinterpret_cast<uptr>(tagged_ptr))); 92 } 93 94 static inline uptr AddTagToPointer(uptr p, tag_t tag) { 95 return (p & ~kAddressTagMask) | ((uptr)tag << kAddressTagShift); 96 } 97 98 namespace __hwasan { 99 100 extern int hwasan_inited; 101 extern bool hwasan_init_is_running; 102 extern int hwasan_report_count; 103 104 bool InitShadow(); 105 void InitializeOsSupport(); 106 void InitThreads(); 107 void InitializeInterceptors(); 108 109 void HwasanAllocatorInit(); 110 void HwasanAllocatorLock(); 111 void HwasanAllocatorUnlock(); 112 113 void *hwasan_malloc(uptr size, StackTrace *stack); 114 void *hwasan_calloc(uptr nmemb, uptr size, StackTrace *stack); 115 void *hwasan_realloc(void *ptr, uptr size, StackTrace *stack); 116 void *hwasan_reallocarray(void *ptr, uptr nmemb, uptr size, StackTrace *stack); 117 void *hwasan_valloc(uptr size, StackTrace *stack); 118 void *hwasan_pvalloc(uptr size, StackTrace *stack); 119 void *hwasan_aligned_alloc(uptr alignment, uptr size, StackTrace *stack); 120 void *hwasan_memalign(uptr alignment, uptr size, StackTrace *stack); 121 int hwasan_posix_memalign(void **memptr, uptr alignment, uptr size, 122 StackTrace *stack); 123 void hwasan_free(void *ptr, StackTrace *stack); 124 125 void InstallAtExitHandler(); 126 127 #define GET_MALLOC_STACK_TRACE \ 128 BufferedStackTrace stack; \ 129 if (hwasan_inited) \ 130 stack.Unwind(StackTrace::GetCurrentPc(), GET_CURRENT_FRAME(), \ 131 nullptr, common_flags()->fast_unwind_on_malloc, \ 132 common_flags()->malloc_context_size) 133 134 #define GET_FATAL_STACK_TRACE_PC_BP(pc, bp) \ 135 BufferedStackTrace stack; \ 136 if (hwasan_inited) \ 137 stack.Unwind(pc, bp, nullptr, common_flags()->fast_unwind_on_fatal) 138 139 void HwasanTSDInit(); 140 void HwasanTSDThreadInit(); 141 void HwasanAtExit(); 142 143 void HwasanOnDeadlySignal(int signo, void *info, void *context); 144 145 void HwasanInstallAtForkHandler(); 146 147 void UpdateMemoryUsage(); 148 149 void AppendToErrorMessageBuffer(const char *buffer); 150 151 void AndroidTestTlsSlot(); 152 153 // This is a compiler-generated struct that can be shared between hwasan 154 // implementations. 155 struct AccessInfo { 156 uptr addr; 157 uptr size; 158 bool is_store; 159 bool is_load; 160 bool recover; 161 }; 162 163 // Given access info and frame information, unwind the stack and report the tag 164 // mismatch. 165 void HandleTagMismatch(AccessInfo ai, uptr pc, uptr frame, void *uc, 166 uptr *registers_frame = nullptr); 167 168 // This dispatches to HandleTagMismatch but sets up the AccessInfo, program 169 // counter, and frame pointer. 170 void HwasanTagMismatch(uptr addr, uptr access_info, uptr *registers_frame, 171 size_t outsize); 172 173 } // namespace __hwasan 174 175 #if HWASAN_WITH_INTERCEPTORS 176 // For both bionic and glibc __sigset_t is an unsigned long. 177 typedef unsigned long __hw_sigset_t; 178 // Setjmp and longjmp implementations are platform specific, and hence the 179 // interception code is platform specific too. 180 # if defined(__aarch64__) 181 constexpr size_t kHwRegisterBufSize = 22; 182 # elif defined(__x86_64__) 183 constexpr size_t kHwRegisterBufSize = 8; 184 # endif 185 typedef unsigned long long __hw_register_buf[kHwRegisterBufSize]; 186 struct __hw_jmp_buf_struct { 187 // NOTE: The machine-dependent definition of `__sigsetjmp' 188 // assume that a `__hw_jmp_buf' begins with a `__hw_register_buf' and that 189 // `__mask_was_saved' follows it. Do not move these members or add others 190 // before it. 191 // 192 // We add a __magic field to our struct to catch cases where libc's setjmp 193 // populated the jmp_buf instead of our interceptor. 194 __hw_register_buf __jmpbuf; // Calling environment. 195 unsigned __mask_was_saved : 1; // Saved the signal mask? 196 unsigned __magic : 31; // Used to distinguish __hw_jmp_buf from jmp_buf. 197 __hw_sigset_t __saved_mask; // Saved signal mask. 198 }; 199 typedef struct __hw_jmp_buf_struct __hw_jmp_buf[1]; 200 typedef struct __hw_jmp_buf_struct __hw_sigjmp_buf[1]; 201 constexpr unsigned kHwJmpBufMagic = 0x248ACE77; 202 #endif // HWASAN_WITH_INTERCEPTORS 203 204 #define ENSURE_HWASAN_INITED() \ 205 do { \ 206 CHECK(!hwasan_init_is_running); \ 207 if (!hwasan_inited) { \ 208 __hwasan_init(); \ 209 } \ 210 } while (0) 211 212 #endif // HWASAN_H 213