Linux/mm/kmsan/kmsan.h

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * Functions used by the KMSAN runtime. 4 * 5 * Copyright (C) 2017-2022 Google LLC 6 * Author: Alexander Potapenko <glider@google.com> 7 * 8 */ 9 10 #ifndef __MM_KMSAN_KMSAN_H 11 #define __MM_KMSAN_KMSAN_H 12 13 #include <linux/irqflags.h> 14 #include <linux/kmsan.h> 15 #include <linux/mm.h> 16 #include <linux/nmi.h> 17 #include <linux/pgtable.h> 18 #include <linux/printk.h> 19 #include <linux/sched.h> 20 #include <linux/stackdepot.h> 21 #include <linux/stacktrace.h> 22 23 #define KMSAN_ALLOCA_MAGIC_ORIGIN 0xabcd0100 24 #define KMSAN_CHAIN_MAGIC_ORIGIN 0xabcd0200 25 26 #define KMSAN_POISON_NOCHECK 0x0 27 #define KMSAN_POISON_CHECK 0x1 28 #define KMSAN_POISON_FREE 0x2 29 30 #define KMSAN_ORIGIN_SIZE 4 31 #define KMSAN_MAX_ORIGIN_DEPTH 7 32 33 #define KMSAN_STACK_DEPTH 64 34 35 #define KMSAN_META_SHADOW (false) 36 #define KMSAN_META_ORIGIN (true) 37 38 /* 39 * A pair of metadata pointers to be returned by the instrumentation functions. 40 */ 41 struct shadow_origin_ptr { 42 void *shadow, *origin; 43 }; 44 45 struct shadow_origin_ptr kmsan_get_shadow_origin_ptr(void *addr, u64 size, 46 bool store); 47 void __init kmsan_init_alloc_meta_for_range(void *start, void *end); 48 49 enum kmsan_bug_reason { 50 REASON_ANY, 51 REASON_COPY_TO_USER, 52 REASON_SUBMIT_URB, 53 }; 54 55 void kmsan_print_origin(depot_stack_handle_t origin); 56 57 /** 58 * kmsan_report() - Report a use of uninitialized value. 59 * @origin: Stack ID of the uninitialized value. 60 * @address: Address at which the memory access happens. 61 * @size: Memory access size. 62 * @off_first: Offset (from @address) of the first byte to be reported. 63 * @off_last: Offset (from @address) of the last byte to be reported. 64 * @user_addr: When non-NULL, denotes the userspace address to which the kernel 65 * is leaking data. 66 * @reason: Error type from enum kmsan_bug_reason. 67 * 68 * kmsan_report() prints an error message for a consequent group of bytes 69 * sharing the same origin. If an uninitialized value is used in a comparison, 70 * this function is called once without specifying the addresses. When checking 71 * a memory range, KMSAN may call kmsan_report() multiple times with the same 72 * @address, @size, @user_addr and @reason, but different @off_first and 73 * @off_last corresponding to different @origin values. 74 */ 75 void kmsan_report(depot_stack_handle_t origin, void *address, int size, 76 int off_first, int off_last, const void __user *user_addr, 77 enum kmsan_bug_reason reason); 78 79 DECLARE_PER_CPU(struct kmsan_ctx, kmsan_percpu_ctx); 80 81 static __always_inline struct kmsan_ctx *kmsan_get_context(void) 82 { 83 return in_task() ? &current->kmsan_ctx : raw_cpu_ptr(&kmsan_percpu_ctx); 84 } 85 86 /* 87 * When a compiler hook or KMSAN runtime function is invoked, it may make a 88 * call to instrumented code and eventually call itself recursively. To avoid 89 * that, we guard the runtime entry regions with 90 * kmsan_enter_runtime()/kmsan_leave_runtime() and exit the hook if 91 * kmsan_in_runtime() is true. 92 * 93 * Non-runtime code may occasionally get executed in nested IRQs from the 94 * runtime code (e.g. when called via smp_call_function_single()). Because some 95 * KMSAN routines may take locks (e.g. for memory allocation), we conservatively 96 * bail out instead of calling them. To minimize the effect of this (potentially 97 * missing initialization events) kmsan_in_runtime() is not checked in 98 * non-blocking runtime functions. 99 */ 100 static __always_inline bool kmsan_in_runtime(void) 101 { 102 if ((hardirq_count() >> HARDIRQ_SHIFT) > 1) 103 return true; 104 if (in_nmi()) 105 return true; 106 return kmsan_get_context()->kmsan_in_runtime; 107 } 108 109 static __always_inline void kmsan_enter_runtime(void) 110 { 111 struct kmsan_ctx *ctx; 112 113 ctx = kmsan_get_context(); 114 KMSAN_WARN_ON(ctx->kmsan_in_runtime++); 115 } 116 117 static __always_inline void kmsan_leave_runtime(void) 118 { 119 struct kmsan_ctx *ctx = kmsan_get_context(); 120 121 KMSAN_WARN_ON(--ctx->kmsan_in_runtime); 122 } 123 124 depot_stack_handle_t kmsan_save_stack(void); 125 depot_stack_handle_t kmsan_save_stack_with_flags(gfp_t flags, 126 unsigned int extra_bits); 127 128 /* 129 * Pack and unpack the origin chain depth and UAF flag to/from the extra bits 130 * provided by the stack depot. 131 * The UAF flag is stored in the lowest bit, followed by the depth in the upper 132 * bits. 133 * set_dsh_extra_bits() is responsible for clamping the value. 134 */ 135 static __always_inline unsigned int kmsan_extra_bits(unsigned int depth, 136 bool uaf) 137 { 138 return (depth << 1) | uaf; 139 } 140 141 static __always_inline bool kmsan_uaf_from_eb(unsigned int extra_bits) 142 { 143 return extra_bits & 1; 144 } 145 146 static __always_inline unsigned int kmsan_depth_from_eb(unsigned int extra_bits) 147 { 148 return extra_bits >> 1; 149 } 150 151 /* 152 * kmsan_internal_ functions are supposed to be very simple and not require the 153 * kmsan_in_runtime() checks. 154 */ 155 void kmsan_internal_memmove_metadata(void *dst, void *src, size_t n); 156 void kmsan_internal_poison_memory(void *address, size_t size, gfp_t flags, 157 unsigned int poison_flags); 158 void kmsan_internal_unpoison_memory(void *address, size_t size, bool checked); 159 void kmsan_internal_set_shadow_origin(void *address, size_t size, int b, 160 u32 origin, bool checked); 161 depot_stack_handle_t kmsan_internal_chain_origin(depot_stack_handle_t id); 162 163 void kmsan_internal_task_create(struct task_struct *task); 164 165 bool kmsan_metadata_is_contiguous(void *addr, size_t size); 166 void kmsan_internal_check_memory(void *addr, size_t size, 167 const void __user *user_addr, int reason); 168 169 struct page *kmsan_vmalloc_to_page_or_null(void *vaddr); 170 void kmsan_setup_meta(struct page *page, struct page *shadow, 171 struct page *origin, int order); 172 173 /* 174 * kmsan_internal_is_module_addr() and kmsan_internal_is_vmalloc_addr() are 175 * non-instrumented versions of is_module_address() and is_vmalloc_addr() that 176 * are safe to call from KMSAN runtime without recursion. 177 */ 178 static inline bool kmsan_internal_is_module_addr(void *vaddr) 179 { 180 return ((u64)vaddr >= MODULES_VADDR) && ((u64)vaddr < MODULES_END); 181 } 182 183 static inline bool kmsan_internal_is_vmalloc_addr(void *addr) 184 { 185 return ((u64)addr >= VMALLOC_START) && ((u64)addr < VMALLOC_END); 186 } 187 188 #endif /* __MM_KMSAN_KMSAN_H */ 189

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference Linux/mm/kmsan/kmsan.h

TOMOYO Linux Cross Reference
Linux/mm/kmsan/kmsan.h