xref: /openbmc/linux/arch/arm/include/asm/kasan_def.h (revision 63705da3) 
1 /* SPDX-License-Identifier: GPL-2.0 */
2 /*
3  *  arch/arm/include/asm/kasan_def.h
4  *
5  *  Copyright (c) 2018 Huawei Technologies Co., Ltd.
6  *
7  *  Author: Abbott Liu <liuwenliang@huawei.com>
8  */
9 
10 #ifndef __ASM_KASAN_DEF_H
11 #define __ASM_KASAN_DEF_H
12 
13 #ifdef CONFIG_KASAN
14 
15 /*
16  * Define KASAN_SHADOW_OFFSET,KASAN_SHADOW_START and KASAN_SHADOW_END for
17  * the Arm kernel address sanitizer. We are "stealing" lowmem (the 4GB
18  * addressable by a 32bit architecture) out of the virtual address
19  * space to use as shadow memory for KASan as follows:
20  *
21  * +----+ 0xffffffff
22  * |    |							\
23  * |    | |-> Static kernel image (vmlinux) BSS and page table
24  * |    |/
25  * +----+ PAGE_OFFSET
26  * |    |							\
27  * |    | |->  Loadable kernel modules virtual address space area
28  * |    |/
29  * +----+ MODULES_VADDR = KASAN_SHADOW_END
30  * |    |						\
31  * |    | |-> The shadow area of kernel virtual address.
32  * |    |/
33  * +----+->  TASK_SIZE (start of kernel space) = KASAN_SHADOW_START the
34  * |    |\   shadow address of MODULES_VADDR
35  * |    | |
36  * |    | |
37  * |    | |-> The user space area in lowmem. The kernel address
38  * |    | |   sanitizer do not use this space, nor does it map it.
39  * |    | |
40  * |    | |
41  * |    | |
42  * |    | |
43  * |    |/
44  * ------ 0
45  *
46  * 1) KASAN_SHADOW_START
47  *   This value begins with the MODULE_VADDR's shadow address. It is the
48  *   start of kernel virtual space. Since we have modules to load, we need
49  *   to cover also that area with shadow memory so we can find memory
50  *   bugs in modules.
51  *
52  * 2) KASAN_SHADOW_END
53  *   This value is the 0x100000000's shadow address: the mapping that would
54  *   be after the end of the kernel memory at 0xffffffff. It is the end of
55  *   kernel address sanitizer shadow area. It is also the start of the
56  *   module area.
57  *
58  * 3) KASAN_SHADOW_OFFSET:
59  *   This value is used to map an address to the corresponding shadow
60  *   address by the following formula:
61  *
62  *	shadow_addr = (address >> 3) + KASAN_SHADOW_OFFSET;
63  *
64  *  As you would expect, >> 3 is equal to dividing by 8, meaning each
65  *  byte in the shadow memory covers 8 bytes of kernel memory, so one
66  *  bit shadow memory per byte of kernel memory is used.
67  *
68  *  The KASAN_SHADOW_OFFSET is provided in a Kconfig option depending
69  *  on the VMSPLIT layout of the system: the kernel and userspace can
70  *  split up lowmem in different ways according to needs, so we calculate
71  *  the shadow offset depending on this.
72  */
73 
74 #define KASAN_SHADOW_SCALE_SHIFT	3
75 #define KASAN_SHADOW_OFFSET	_AC(CONFIG_KASAN_SHADOW_OFFSET, UL)
76 #define KASAN_SHADOW_END	((UL(1) << (32 - KASAN_SHADOW_SCALE_SHIFT)) \
77 				 + KASAN_SHADOW_OFFSET)
78 #define KASAN_SHADOW_START      ((KASAN_SHADOW_END >> 3) + KASAN_SHADOW_OFFSET)
79 
80 #endif
81 #endif
82