1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __MM_KASAN_KASAN_H 3 #define __MM_KASAN_KASAN_H 4 5 #include <linux/kasan.h> 6 #include <linux/stackdepot.h> 7 8 #define KASAN_SHADOW_SCALE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) 9 #define KASAN_SHADOW_MASK (KASAN_SHADOW_SCALE_SIZE - 1) 10 11 #define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ 12 #define KASAN_TAG_INVALID 0xFE /* inaccessible memory tag */ 13 #define KASAN_TAG_MAX 0xFD /* maximum value for random tags */ 14 15 #ifdef CONFIG_KASAN_GENERIC 16 #define KASAN_FREE_PAGE 0xFF /* page was freed */ 17 #define KASAN_PAGE_REDZONE 0xFE /* redzone for kmalloc_large allocations */ 18 #define KASAN_KMALLOC_REDZONE 0xFC /* redzone inside slub object */ 19 #define KASAN_KMALLOC_FREE 0xFB /* object was freed (kmem_cache_free/kfree) */ 20 #else 21 #define KASAN_FREE_PAGE KASAN_TAG_INVALID 22 #define KASAN_PAGE_REDZONE KASAN_TAG_INVALID 23 #define KASAN_KMALLOC_REDZONE KASAN_TAG_INVALID 24 #define KASAN_KMALLOC_FREE KASAN_TAG_INVALID 25 #endif 26 27 #define KASAN_GLOBAL_REDZONE 0xFA /* redzone for global variable */ 28 29 /* 30 * Stack redzone shadow values 31 * (Those are compiler's ABI, don't change them) 32 */ 33 #define KASAN_STACK_LEFT 0xF1 34 #define KASAN_STACK_MID 0xF2 35 #define KASAN_STACK_RIGHT 0xF3 36 #define KASAN_STACK_PARTIAL 0xF4 37 38 /* 39 * alloca redzone shadow values 40 */ 41 #define KASAN_ALLOCA_LEFT 0xCA 42 #define KASAN_ALLOCA_RIGHT 0xCB 43 44 #define KASAN_ALLOCA_REDZONE_SIZE 32 45 46 /* 47 * Stack frame marker (compiler ABI). 48 */ 49 #define KASAN_CURRENT_STACK_FRAME_MAGIC 0x41B58AB3 50 51 /* Don't break randconfig/all*config builds */ 52 #ifndef KASAN_ABI_VERSION 53 #define KASAN_ABI_VERSION 1 54 #endif 55 56 struct kasan_access_info { 57 const void *access_addr; 58 const void *first_bad_addr; 59 size_t access_size; 60 bool is_write; 61 unsigned long ip; 62 }; 63 64 /* The layout of struct dictated by compiler */ 65 struct kasan_source_location { 66 const char *filename; 67 int line_no; 68 int column_no; 69 }; 70 71 /* The layout of struct dictated by compiler */ 72 struct kasan_global { 73 const void *beg; /* Address of the beginning of the global variable. */ 74 size_t size; /* Size of the global variable. */ 75 size_t size_with_redzone; /* Size of the variable + size of the red zone. 32 bytes aligned */ 76 const void *name; 77 const void *module_name; /* Name of the module where the global variable is declared. */ 78 unsigned long has_dynamic_init; /* This needed for C++ */ 79 #if KASAN_ABI_VERSION >= 4 80 struct kasan_source_location *location; 81 #endif 82 #if KASAN_ABI_VERSION >= 5 83 char *odr_indicator; 84 #endif 85 }; 86 87 /** 88 * Structures to keep alloc and free tracks * 89 */ 90 91 #define KASAN_STACK_DEPTH 64 92 93 struct kasan_track { 94 u32 pid; 95 depot_stack_handle_t stack; 96 }; 97 98 struct kasan_alloc_meta { 99 struct kasan_track alloc_track; 100 struct kasan_track free_track; 101 }; 102 103 struct qlist_node { 104 struct qlist_node *next; 105 }; 106 struct kasan_free_meta { 107 /* This field is used while the object is in the quarantine. 108 * Otherwise it might be used for the allocator freelist. 109 */ 110 struct qlist_node quarantine_link; 111 }; 112 113 struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache, 114 const void *object); 115 struct kasan_free_meta *get_free_info(struct kmem_cache *cache, 116 const void *object); 117 118 static inline const void *kasan_shadow_to_mem(const void *shadow_addr) 119 { 120 return (void *)(((unsigned long)shadow_addr - KASAN_SHADOW_OFFSET) 121 << KASAN_SHADOW_SCALE_SHIFT); 122 } 123 124 static inline bool addr_has_shadow(const void *addr) 125 { 126 return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); 127 } 128 129 void kasan_poison_shadow(const void *address, size_t size, u8 value); 130 131 /** 132 * check_memory_region - Check memory region, and report if invalid access. 133 * @addr: the accessed address 134 * @size: the accessed size 135 * @write: true if access is a write access 136 * @ret_ip: return address 137 * @return: true if access was valid, false if invalid 138 */ 139 bool check_memory_region(unsigned long addr, size_t size, bool write, 140 unsigned long ret_ip); 141 142 void *find_first_bad_addr(void *addr, size_t size); 143 const char *get_bug_type(struct kasan_access_info *info); 144 145 void kasan_report(unsigned long addr, size_t size, 146 bool is_write, unsigned long ip); 147 void kasan_report_invalid_free(void *object, unsigned long ip); 148 149 #if defined(CONFIG_KASAN_GENERIC) && \ 150 (defined(CONFIG_SLAB) || defined(CONFIG_SLUB)) 151 void quarantine_put(struct kasan_free_meta *info, struct kmem_cache *cache); 152 void quarantine_reduce(void); 153 void quarantine_remove_cache(struct kmem_cache *cache); 154 #else 155 static inline void quarantine_put(struct kasan_free_meta *info, 156 struct kmem_cache *cache) { } 157 static inline void quarantine_reduce(void) { } 158 static inline void quarantine_remove_cache(struct kmem_cache *cache) { } 159 #endif 160 161 #ifdef CONFIG_KASAN_SW_TAGS 162 163 void print_tags(u8 addr_tag, const void *addr); 164 165 u8 random_tag(void); 166 167 #else 168 169 static inline void print_tags(u8 addr_tag, const void *addr) { } 170 171 static inline u8 random_tag(void) 172 { 173 return 0; 174 } 175 176 #endif 177 178 #ifndef arch_kasan_set_tag 179 static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) 180 { 181 return addr; 182 } 183 #endif 184 #ifndef arch_kasan_reset_tag 185 #define arch_kasan_reset_tag(addr) ((void *)(addr)) 186 #endif 187 #ifndef arch_kasan_get_tag 188 #define arch_kasan_get_tag(addr) 0 189 #endif 190 191 #define set_tag(addr, tag) ((void *)arch_kasan_set_tag((addr), (tag))) 192 #define reset_tag(addr) ((void *)arch_kasan_reset_tag(addr)) 193 #define get_tag(addr) arch_kasan_get_tag(addr) 194 195 /* 196 * Exported functions for interfaces called from assembly or from generated 197 * code. Declarations here to avoid warning about missing declarations. 198 */ 199 asmlinkage void kasan_unpoison_task_stack_below(const void *watermark); 200 void __asan_register_globals(struct kasan_global *globals, size_t size); 201 void __asan_unregister_globals(struct kasan_global *globals, size_t size); 202 void __asan_loadN(unsigned long addr, size_t size); 203 void __asan_storeN(unsigned long addr, size_t size); 204 void __asan_handle_no_return(void); 205 void __asan_alloca_poison(unsigned long addr, size_t size); 206 void __asan_allocas_unpoison(const void *stack_top, const void *stack_bottom); 207 208 void __asan_load1(unsigned long addr); 209 void __asan_store1(unsigned long addr); 210 void __asan_load2(unsigned long addr); 211 void __asan_store2(unsigned long addr); 212 void __asan_load4(unsigned long addr); 213 void __asan_store4(unsigned long addr); 214 void __asan_load8(unsigned long addr); 215 void __asan_store8(unsigned long addr); 216 void __asan_load16(unsigned long addr); 217 void __asan_store16(unsigned long addr); 218 219 void __asan_load1_noabort(unsigned long addr); 220 void __asan_store1_noabort(unsigned long addr); 221 void __asan_load2_noabort(unsigned long addr); 222 void __asan_store2_noabort(unsigned long addr); 223 void __asan_load4_noabort(unsigned long addr); 224 void __asan_store4_noabort(unsigned long addr); 225 void __asan_load8_noabort(unsigned long addr); 226 void __asan_store8_noabort(unsigned long addr); 227 void __asan_load16_noabort(unsigned long addr); 228 void __asan_store16_noabort(unsigned long addr); 229 230 void __asan_set_shadow_00(const void *addr, size_t size); 231 void __asan_set_shadow_f1(const void *addr, size_t size); 232 void __asan_set_shadow_f2(const void *addr, size_t size); 233 void __asan_set_shadow_f3(const void *addr, size_t size); 234 void __asan_set_shadow_f5(const void *addr, size_t size); 235 void __asan_set_shadow_f8(const void *addr, size_t size); 236 237 #endif 238