[rustc.git] / src / llvm / projects / compiler-rt / lib / asan / asan_poisoning.cc

//===-- asan_poisoning.cc -------------------------------------------------===//
//
//                     The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file is a part of AddressSanitizer, an address sanity checker.
//
// Shadow memory poisoning by ASan RTL and by user application.
//===----------------------------------------------------------------------===//

#include "asan_interceptors.h"
#include "asan_internal.h"
#include "asan_mapping.h"
#include "sanitizer/asan_interface.h"

namespace __asan {

void PoisonShadow(uptr addr, uptr size, u8 value) {
  CHECK(AddrIsAlignedByGranularity(addr));
  CHECK(AddrIsAlignedByGranularity(addr + size));
  uptr shadow_beg = MemToShadow(addr);
  uptr shadow_end = MemToShadow(addr + size);
  CHECK(REAL(memset) != 0);
  REAL(memset)((void*)shadow_beg, value, shadow_end - shadow_beg);
}

void PoisonShadowPartialRightRedzone(uptr addr,
                                     uptr size,
                                     uptr redzone_size,
                                     u8 value) {
  CHECK(AddrIsAlignedByGranularity(addr));
  u8 *shadow = (u8*)MemToShadow(addr);
  for (uptr i = 0; i < redzone_size;
       i += SHADOW_GRANULARITY, shadow++) {
    if (i + SHADOW_GRANULARITY <= size) {
      *shadow = 0;  // fully addressable
    } else if (i >= size) {
      *shadow = (SHADOW_GRANULARITY == 128) ? 0xff : value;  // unaddressable
    } else {
      *shadow = size - i;  // first size-i bytes are addressable
    }
  }
}


struct ShadowSegmentEndpoint {
  u8 *chunk;
  s8 offset;  // in [0, SHADOW_GRANULARITY)
  s8 value;  // = *chunk;

  explicit ShadowSegmentEndpoint(uptr address) {
    chunk = (u8*)MemToShadow(address);
    offset = address & (SHADOW_GRANULARITY - 1);
    value = *chunk;
  }
};

}  // namespace __asan

// ---------------------- Interface ---------------- {{{1
using namespace __asan;  // NOLINT

// Current implementation of __asan_(un)poison_memory_region doesn't check
// that user program (un)poisons the memory it owns. It poisons memory
// conservatively, and unpoisons progressively to make sure asan shadow
// mapping invariant is preserved (see detailed mapping description here:
// http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerAlgorithm).
//
// * if user asks to poison region [left, right), the program poisons
// at least [left, AlignDown(right)).
// * if user asks to unpoison region [left, right), the program unpoisons
// at most [AlignDown(left), right).
void __asan_poison_memory_region(void const volatile *addr, uptr size) {
  if (!flags()->allow_user_poisoning || size == 0) return;
  uptr beg_addr = (uptr)addr;
  uptr end_addr = beg_addr + size;
  if (flags()->verbosity >= 1) {
    Printf("Trying to poison memory region [%p, %p)\n",
           (void*)beg_addr, (void*)end_addr);
  }
  ShadowSegmentEndpoint beg(beg_addr);
  ShadowSegmentEndpoint end(end_addr);
  if (beg.chunk == end.chunk) {
    CHECK(beg.offset < end.offset);
    s8 value = beg.value;
    CHECK(value == end.value);
    // We can only poison memory if the byte in end.offset is unaddressable.
    // No need to re-poison memory if it is poisoned already.
    if (value > 0 && value <= end.offset) {
      if (beg.offset > 0) {
        *beg.chunk = Min(value, beg.offset);
      } else {
        *beg.chunk = kAsanUserPoisonedMemoryMagic;
      }
    }
    return;
  }
  CHECK(beg.chunk < end.chunk);
  if (beg.offset > 0) {
    // Mark bytes from beg.offset as unaddressable.
    if (beg.value == 0) {
      *beg.chunk = beg.offset;
    } else {
      *beg.chunk = Min(beg.value, beg.offset);
    }
    beg.chunk++;
  }
  REAL(memset)(beg.chunk, kAsanUserPoisonedMemoryMagic, end.chunk - beg.chunk);
  // Poison if byte in end.offset is unaddressable.
  if (end.value > 0 && end.value <= end.offset) {
    *end.chunk = kAsanUserPoisonedMemoryMagic;
  }
}

void __asan_unpoison_memory_region(void const volatile *addr, uptr size) {
  if (!flags()->allow_user_poisoning || size == 0) return;
  uptr beg_addr = (uptr)addr;
  uptr end_addr = beg_addr + size;
  if (flags()->verbosity >= 1) {
    Printf("Trying to unpoison memory region [%p, %p)\n",
           (void*)beg_addr, (void*)end_addr);
  }
  ShadowSegmentEndpoint beg(beg_addr);
  ShadowSegmentEndpoint end(end_addr);
  if (beg.chunk == end.chunk) {
    CHECK(beg.offset < end.offset);
    s8 value = beg.value;
    CHECK(value == end.value);
    // We unpoison memory bytes up to enbytes up to end.offset if it is not
    // unpoisoned already.
    if (value != 0) {
      *beg.chunk = Max(value, end.offset);
    }
    return;
  }
  CHECK(beg.chunk < end.chunk);
  if (beg.offset > 0) {
    *beg.chunk = 0;
    beg.chunk++;
  }
  REAL(memset)(beg.chunk, 0, end.chunk - beg.chunk);
  if (end.offset > 0 && end.value != 0) {
    *end.chunk = Max(end.value, end.offset);
  }
}

bool __asan_address_is_poisoned(void const volatile *addr) {
  return __asan::AddressIsPoisoned((uptr)addr);
}
Commit	Line	Data
223e47cc LB	1	//===-- asan_poisoning.cc -------------------------------------------------===//
	2	//
	3	// The LLVM Compiler Infrastructure
	4	//
	5	// This file is distributed under the University of Illinois Open Source
	6	// License. See LICENSE.TXT for details.
	7	//
	8	//===----------------------------------------------------------------------===//
	9	//
	10	// This file is a part of AddressSanitizer, an address sanity checker.
	11	//
	12	// Shadow memory poisoning by ASan RTL and by user application.
	13	//===----------------------------------------------------------------------===//
	14
	15	#include "asan_interceptors.h"
	16	#include "asan_internal.h"
	17	#include "asan_mapping.h"
	18	#include "sanitizer/asan_interface.h"
	19
	20	namespace __asan {
	21
	22	void PoisonShadow(uptr addr, uptr size, u8 value) {
	23	CHECK(AddrIsAlignedByGranularity(addr));
	24	CHECK(AddrIsAlignedByGranularity(addr + size));
	25	uptr shadow_beg = MemToShadow(addr);
	26	uptr shadow_end = MemToShadow(addr + size);
	27	CHECK(REAL(memset) != 0);
	28	REAL(memset)((void*)shadow_beg, value, shadow_end - shadow_beg);
	29	}
	30
	31	void PoisonShadowPartialRightRedzone(uptr addr,
	32	uptr size,
	33	uptr redzone_size,
	34	u8 value) {
	35	CHECK(AddrIsAlignedByGranularity(addr));
	36	u8 shadow = (u8)MemToShadow(addr);
	37	for (uptr i = 0; i < redzone_size;
	38	i += SHADOW_GRANULARITY, shadow++) {
	39	if (i + SHADOW_GRANULARITY <= size) {
	40	*shadow = 0; // fully addressable
	41	} else if (i >= size) {
	42	*shadow = (SHADOW_GRANULARITY == 128) ? 0xff : value; // unaddressable
	43	} else {
	44	*shadow = size - i; // first size-i bytes are addressable
	45	}
	46	}
	47	}
	48
	49
	50	struct ShadowSegmentEndpoint {
	51	u8 *chunk;
	52	s8 offset; // in [0, SHADOW_GRANULARITY)
	53	s8 value; // = *chunk;
	54
	55	explicit ShadowSegmentEndpoint(uptr address) {
	56	chunk = (u8*)MemToShadow(address);
	57	offset = address & (SHADOW_GRANULARITY - 1);
	58	value = *chunk;
	59	}
	60	};
	61
	62	} // namespace __asan
	63
	64	// ---------------------- Interface ---------------- {{{1
65	using namespace __asan; // NOLINT
66
67	// Current implementation of __asan_(un)poison_memory_region doesn't check
68	// that user program (un)poisons the memory it owns. It poisons memory
69	// conservatively, and unpoisons progressively to make sure asan shadow
70	// mapping invariant is preserved (see detailed mapping description here:
71	// http://code.google.com/p/address-sanitizer/wiki/AddressSanitizerAlgorithm).
72	//
73	// * if user asks to poison region [left, right), the program poisons
74	// at least [left, AlignDown(right)).
75	// * if user asks to unpoison region [left, right), the program unpoisons
76	// at most [AlignDown(left), right).
77	void __asan_poison_memory_region(void const volatile *addr, uptr size) {
78	if (!flags()->allow_user_poisoning \|\| size == 0) return;
79	uptr beg_addr = (uptr)addr;
80	uptr end_addr = beg_addr + size;
81	if (flags()->verbosity >= 1) {
82	Printf("Trying to poison memory region [%p, %p)\n",
83	(void)beg_addr, (void)end_addr);
84	}
85	ShadowSegmentEndpoint beg(beg_addr);
86	ShadowSegmentEndpoint end(end_addr);
87	if (beg.chunk == end.chunk) {
88	CHECK(beg.offset < end.offset);
89	s8 value = beg.value;
90	CHECK(value == end.value);
91	// We can only poison memory if the byte in end.offset is unaddressable.
92	// No need to re-poison memory if it is poisoned already.
93	if (value > 0 && value <= end.offset) {
94	if (beg.offset > 0) {
95	*beg.chunk = Min(value, beg.offset);
96	} else {
97	*beg.chunk = kAsanUserPoisonedMemoryMagic;
98	}
99	}
100	return;
101	}
102	CHECK(beg.chunk < end.chunk);
103	if (beg.offset > 0) {
104	// Mark bytes from beg.offset as unaddressable.
105	if (beg.value == 0) {
106	*beg.chunk = beg.offset;
107	} else {
108	*beg.chunk = Min(beg.value, beg.offset);
109	}
110	beg.chunk++;
111	}
112	REAL(memset)(beg.chunk, kAsanUserPoisonedMemoryMagic, end.chunk - beg.chunk);
113	// Poison if byte in end.offset is unaddressable.
114	if (end.value > 0 && end.value <= end.offset) {
115	*end.chunk = kAsanUserPoisonedMemoryMagic;
116	}
117	}
118
119	void __asan_unpoison_memory_region(void const volatile *addr, uptr size) {
120	if (!flags()->allow_user_poisoning \|\| size == 0) return;
121	uptr beg_addr = (uptr)addr;
122	uptr end_addr = beg_addr + size;
123	if (flags()->verbosity >= 1) {
124	Printf("Trying to unpoison memory region [%p, %p)\n",
125	(void)beg_addr, (void)end_addr);
126	}
127	ShadowSegmentEndpoint beg(beg_addr);
128	ShadowSegmentEndpoint end(end_addr);
129	if (beg.chunk == end.chunk) {
130	CHECK(beg.offset < end.offset);
131	s8 value = beg.value;
132	CHECK(value == end.value);
133	// We unpoison memory bytes up to enbytes up to end.offset if it is not
134	// unpoisoned already.
135	if (value != 0) {
136	*beg.chunk = Max(value, end.offset);
137	}
138	return;
139	}
140	CHECK(beg.chunk < end.chunk);
141	if (beg.offset > 0) {
142	*beg.chunk = 0;
143	beg.chunk++;
144	}
145	REAL(memset)(beg.chunk, 0, end.chunk - beg.chunk);
146	if (end.offset > 0 && end.value != 0) {
147	*end.chunk = Max(end.value, end.offset);
148	}
149	}
150
151	bool __asan_address_is_poisoned(void const volatile *addr) {
152	return __asan::AddressIsPoisoned((uptr)addr);
153	}