xref: /openbmc/linux/include/linux/kasan.h (revision 06c6fad9)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_KASAN_H
3 #define _LINUX_KASAN_H
4 
5 #include <linux/static_key.h>
6 #include <linux/types.h>
7 
8 struct kmem_cache;
9 struct page;
10 struct vm_struct;
11 struct task_struct;
12 
13 #ifdef CONFIG_KASAN
14 
15 #include <linux/linkage.h>
16 #include <asm/kasan.h>
17 
18 /* kasan_data struct is used in KUnit tests for KASAN expected failures */
19 struct kunit_kasan_expectation {
20 	bool report_expected;
21 	bool report_found;
22 };
23 
24 #endif
25 
26 #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
27 
28 #include <linux/pgtable.h>
29 
30 /* Software KASAN implementations use shadow memory. */
31 
32 #ifdef CONFIG_KASAN_SW_TAGS
33 /* This matches KASAN_TAG_INVALID. */
34 #define KASAN_SHADOW_INIT 0xFE
35 #else
36 #define KASAN_SHADOW_INIT 0
37 #endif
38 
39 #ifndef PTE_HWTABLE_PTRS
40 #define PTE_HWTABLE_PTRS 0
41 #endif
42 
43 extern unsigned char kasan_early_shadow_page[PAGE_SIZE];
44 extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE + PTE_HWTABLE_PTRS];
45 extern pmd_t kasan_early_shadow_pmd[PTRS_PER_PMD];
46 extern pud_t kasan_early_shadow_pud[PTRS_PER_PUD];
47 extern p4d_t kasan_early_shadow_p4d[MAX_PTRS_PER_P4D];
48 
49 int kasan_populate_early_shadow(const void *shadow_start,
50 				const void *shadow_end);
51 
52 static inline void *kasan_mem_to_shadow(const void *addr)
53 {
54 	return (void *)((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT)
55 		+ KASAN_SHADOW_OFFSET;
56 }
57 
58 int kasan_add_zero_shadow(void *start, unsigned long size);
59 void kasan_remove_zero_shadow(void *start, unsigned long size);
60 
61 /* Enable reporting bugs after kasan_disable_current() */
62 extern void kasan_enable_current(void);
63 
64 /* Disable reporting bugs for current task */
65 extern void kasan_disable_current(void);
66 
67 #else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */
68 
69 static inline int kasan_add_zero_shadow(void *start, unsigned long size)
70 {
71 	return 0;
72 }
73 static inline void kasan_remove_zero_shadow(void *start,
74 					unsigned long size)
75 {}
76 
77 static inline void kasan_enable_current(void) {}
78 static inline void kasan_disable_current(void) {}
79 
80 #endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */
81 
82 #ifdef CONFIG_KASAN
83 
84 struct kasan_cache {
85 	int alloc_meta_offset;
86 	int free_meta_offset;
87 	bool is_kmalloc;
88 };
89 
90 #ifdef CONFIG_KASAN_HW_TAGS
91 
92 DECLARE_STATIC_KEY_FALSE(kasan_flag_enabled);
93 
94 static __always_inline bool kasan_enabled(void)
95 {
96 	return static_branch_likely(&kasan_flag_enabled);
97 }
98 
99 static inline bool kasan_has_integrated_init(void)
100 {
101 	return kasan_enabled();
102 }
103 
104 #else /* CONFIG_KASAN_HW_TAGS */
105 
106 static inline bool kasan_enabled(void)
107 {
108 	return true;
109 }
110 
111 static inline bool kasan_has_integrated_init(void)
112 {
113 	return false;
114 }
115 
116 #endif /* CONFIG_KASAN_HW_TAGS */
117 
118 slab_flags_t __kasan_never_merge(void);
119 static __always_inline slab_flags_t kasan_never_merge(void)
120 {
121 	if (kasan_enabled())
122 		return __kasan_never_merge();
123 	return 0;
124 }
125 
126 void __kasan_unpoison_range(const void *addr, size_t size);
127 static __always_inline void kasan_unpoison_range(const void *addr, size_t size)
128 {
129 	if (kasan_enabled())
130 		__kasan_unpoison_range(addr, size);
131 }
132 
133 void __kasan_alloc_pages(struct page *page, unsigned int order, bool init);
134 static __always_inline void kasan_alloc_pages(struct page *page,
135 						unsigned int order, bool init)
136 {
137 	if (kasan_enabled())
138 		__kasan_alloc_pages(page, order, init);
139 }
140 
141 void __kasan_free_pages(struct page *page, unsigned int order, bool init);
142 static __always_inline void kasan_free_pages(struct page *page,
143 						unsigned int order, bool init)
144 {
145 	if (kasan_enabled())
146 		__kasan_free_pages(page, order, init);
147 }
148 
149 void __kasan_cache_create(struct kmem_cache *cache, unsigned int *size,
150 				slab_flags_t *flags);
151 static __always_inline void kasan_cache_create(struct kmem_cache *cache,
152 				unsigned int *size, slab_flags_t *flags)
153 {
154 	if (kasan_enabled())
155 		__kasan_cache_create(cache, size, flags);
156 }
157 
158 void __kasan_cache_create_kmalloc(struct kmem_cache *cache);
159 static __always_inline void kasan_cache_create_kmalloc(struct kmem_cache *cache)
160 {
161 	if (kasan_enabled())
162 		__kasan_cache_create_kmalloc(cache);
163 }
164 
165 size_t __kasan_metadata_size(struct kmem_cache *cache);
166 static __always_inline size_t kasan_metadata_size(struct kmem_cache *cache)
167 {
168 	if (kasan_enabled())
169 		return __kasan_metadata_size(cache);
170 	return 0;
171 }
172 
173 void __kasan_poison_slab(struct page *page);
174 static __always_inline void kasan_poison_slab(struct page *page)
175 {
176 	if (kasan_enabled())
177 		__kasan_poison_slab(page);
178 }
179 
180 void __kasan_unpoison_object_data(struct kmem_cache *cache, void *object);
181 static __always_inline void kasan_unpoison_object_data(struct kmem_cache *cache,
182 							void *object)
183 {
184 	if (kasan_enabled())
185 		__kasan_unpoison_object_data(cache, object);
186 }
187 
188 void __kasan_poison_object_data(struct kmem_cache *cache, void *object);
189 static __always_inline void kasan_poison_object_data(struct kmem_cache *cache,
190 							void *object)
191 {
192 	if (kasan_enabled())
193 		__kasan_poison_object_data(cache, object);
194 }
195 
196 void * __must_check __kasan_init_slab_obj(struct kmem_cache *cache,
197 					  const void *object);
198 static __always_inline void * __must_check kasan_init_slab_obj(
199 				struct kmem_cache *cache, const void *object)
200 {
201 	if (kasan_enabled())
202 		return __kasan_init_slab_obj(cache, object);
203 	return (void *)object;
204 }
205 
206 bool __kasan_slab_free(struct kmem_cache *s, void *object,
207 			unsigned long ip, bool init);
208 static __always_inline bool kasan_slab_free(struct kmem_cache *s,
209 						void *object, bool init)
210 {
211 	if (kasan_enabled())
212 		return __kasan_slab_free(s, object, _RET_IP_, init);
213 	return false;
214 }
215 
216 void __kasan_kfree_large(void *ptr, unsigned long ip);
217 static __always_inline void kasan_kfree_large(void *ptr)
218 {
219 	if (kasan_enabled())
220 		__kasan_kfree_large(ptr, _RET_IP_);
221 }
222 
223 void __kasan_slab_free_mempool(void *ptr, unsigned long ip);
224 static __always_inline void kasan_slab_free_mempool(void *ptr)
225 {
226 	if (kasan_enabled())
227 		__kasan_slab_free_mempool(ptr, _RET_IP_);
228 }
229 
230 void * __must_check __kasan_slab_alloc(struct kmem_cache *s,
231 				       void *object, gfp_t flags, bool init);
232 static __always_inline void * __must_check kasan_slab_alloc(
233 		struct kmem_cache *s, void *object, gfp_t flags, bool init)
234 {
235 	if (kasan_enabled())
236 		return __kasan_slab_alloc(s, object, flags, init);
237 	return object;
238 }
239 
240 void * __must_check __kasan_kmalloc(struct kmem_cache *s, const void *object,
241 				    size_t size, gfp_t flags);
242 static __always_inline void * __must_check kasan_kmalloc(struct kmem_cache *s,
243 				const void *object, size_t size, gfp_t flags)
244 {
245 	if (kasan_enabled())
246 		return __kasan_kmalloc(s, object, size, flags);
247 	return (void *)object;
248 }
249 
250 void * __must_check __kasan_kmalloc_large(const void *ptr,
251 					  size_t size, gfp_t flags);
252 static __always_inline void * __must_check kasan_kmalloc_large(const void *ptr,
253 						      size_t size, gfp_t flags)
254 {
255 	if (kasan_enabled())
256 		return __kasan_kmalloc_large(ptr, size, flags);
257 	return (void *)ptr;
258 }
259 
260 void * __must_check __kasan_krealloc(const void *object,
261 				     size_t new_size, gfp_t flags);
262 static __always_inline void * __must_check kasan_krealloc(const void *object,
263 						 size_t new_size, gfp_t flags)
264 {
265 	if (kasan_enabled())
266 		return __kasan_krealloc(object, new_size, flags);
267 	return (void *)object;
268 }
269 
270 /*
271  * Unlike kasan_check_read/write(), kasan_check_byte() is performed even for
272  * the hardware tag-based mode that doesn't rely on compiler instrumentation.
273  */
274 bool __kasan_check_byte(const void *addr, unsigned long ip);
275 static __always_inline bool kasan_check_byte(const void *addr)
276 {
277 	if (kasan_enabled())
278 		return __kasan_check_byte(addr, _RET_IP_);
279 	return true;
280 }
281 
282 
283 bool kasan_save_enable_multi_shot(void);
284 void kasan_restore_multi_shot(bool enabled);
285 
286 #else /* CONFIG_KASAN */
287 
288 static inline bool kasan_enabled(void)
289 {
290 	return false;
291 }
292 static inline bool kasan_has_integrated_init(void)
293 {
294 	return false;
295 }
296 static inline slab_flags_t kasan_never_merge(void)
297 {
298 	return 0;
299 }
300 static inline void kasan_unpoison_range(const void *address, size_t size) {}
301 static inline void kasan_alloc_pages(struct page *page, unsigned int order, bool init) {}
302 static inline void kasan_free_pages(struct page *page, unsigned int order, bool init) {}
303 static inline void kasan_cache_create(struct kmem_cache *cache,
304 				      unsigned int *size,
305 				      slab_flags_t *flags) {}
306 static inline void kasan_cache_create_kmalloc(struct kmem_cache *cache) {}
307 static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; }
308 static inline void kasan_poison_slab(struct page *page) {}
309 static inline void kasan_unpoison_object_data(struct kmem_cache *cache,
310 					void *object) {}
311 static inline void kasan_poison_object_data(struct kmem_cache *cache,
312 					void *object) {}
313 static inline void *kasan_init_slab_obj(struct kmem_cache *cache,
314 				const void *object)
315 {
316 	return (void *)object;
317 }
318 static inline bool kasan_slab_free(struct kmem_cache *s, void *object, bool init)
319 {
320 	return false;
321 }
322 static inline void kasan_kfree_large(void *ptr) {}
323 static inline void kasan_slab_free_mempool(void *ptr) {}
324 static inline void *kasan_slab_alloc(struct kmem_cache *s, void *object,
325 				   gfp_t flags, bool init)
326 {
327 	return object;
328 }
329 static inline void *kasan_kmalloc(struct kmem_cache *s, const void *object,
330 				size_t size, gfp_t flags)
331 {
332 	return (void *)object;
333 }
334 static inline void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags)
335 {
336 	return (void *)ptr;
337 }
338 static inline void *kasan_krealloc(const void *object, size_t new_size,
339 				 gfp_t flags)
340 {
341 	return (void *)object;
342 }
343 static inline bool kasan_check_byte(const void *address)
344 {
345 	return true;
346 }
347 
348 #endif /* CONFIG_KASAN */
349 
350 #if defined(CONFIG_KASAN) && defined(CONFIG_KASAN_STACK)
351 void kasan_unpoison_task_stack(struct task_struct *task);
352 #else
353 static inline void kasan_unpoison_task_stack(struct task_struct *task) {}
354 #endif
355 
356 #ifdef CONFIG_KASAN_GENERIC
357 
358 void kasan_cache_shrink(struct kmem_cache *cache);
359 void kasan_cache_shutdown(struct kmem_cache *cache);
360 void kasan_record_aux_stack(void *ptr);
361 
362 #else /* CONFIG_KASAN_GENERIC */
363 
364 static inline void kasan_cache_shrink(struct kmem_cache *cache) {}
365 static inline void kasan_cache_shutdown(struct kmem_cache *cache) {}
366 static inline void kasan_record_aux_stack(void *ptr) {}
367 
368 #endif /* CONFIG_KASAN_GENERIC */
369 
370 #if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS)
371 
372 static inline void *kasan_reset_tag(const void *addr)
373 {
374 	return (void *)arch_kasan_reset_tag(addr);
375 }
376 
377 /**
378  * kasan_report - print a report about a bad memory access detected by KASAN
379  * @addr: address of the bad access
380  * @size: size of the bad access
381  * @is_write: whether the bad access is a write or a read
382  * @ip: instruction pointer for the accessibility check or the bad access itself
383  */
384 bool kasan_report(unsigned long addr, size_t size,
385 		bool is_write, unsigned long ip);
386 
387 #else /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS */
388 
389 static inline void *kasan_reset_tag(const void *addr)
390 {
391 	return (void *)addr;
392 }
393 
394 #endif /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS*/
395 
396 #ifdef CONFIG_KASAN_HW_TAGS
397 
398 void kasan_report_async(void);
399 
400 #endif /* CONFIG_KASAN_HW_TAGS */
401 
402 #ifdef CONFIG_KASAN_SW_TAGS
403 void __init kasan_init_sw_tags(void);
404 #else
405 static inline void kasan_init_sw_tags(void) { }
406 #endif
407 
408 #ifdef CONFIG_KASAN_HW_TAGS
409 void kasan_init_hw_tags_cpu(void);
410 void __init kasan_init_hw_tags(void);
411 #else
412 static inline void kasan_init_hw_tags_cpu(void) { }
413 static inline void kasan_init_hw_tags(void) { }
414 #endif
415 
416 #ifdef CONFIG_KASAN_VMALLOC
417 
418 int kasan_populate_vmalloc(unsigned long addr, unsigned long size);
419 void kasan_poison_vmalloc(const void *start, unsigned long size);
420 void kasan_unpoison_vmalloc(const void *start, unsigned long size);
421 void kasan_release_vmalloc(unsigned long start, unsigned long end,
422 			   unsigned long free_region_start,
423 			   unsigned long free_region_end);
424 
425 #else /* CONFIG_KASAN_VMALLOC */
426 
427 static inline int kasan_populate_vmalloc(unsigned long start,
428 					unsigned long size)
429 {
430 	return 0;
431 }
432 
433 static inline void kasan_poison_vmalloc(const void *start, unsigned long size)
434 { }
435 static inline void kasan_unpoison_vmalloc(const void *start, unsigned long size)
436 { }
437 static inline void kasan_release_vmalloc(unsigned long start,
438 					 unsigned long end,
439 					 unsigned long free_region_start,
440 					 unsigned long free_region_end) {}
441 
442 #endif /* CONFIG_KASAN_VMALLOC */
443 
444 #if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \
445 		!defined(CONFIG_KASAN_VMALLOC)
446 
447 /*
448  * These functions provide a special case to support backing module
449  * allocations with real shadow memory. With KASAN vmalloc, the special
450  * case is unnecessary, as the work is handled in the generic case.
451  */
452 int kasan_module_alloc(void *addr, size_t size);
453 void kasan_free_shadow(const struct vm_struct *vm);
454 
455 #else /* (CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) && !CONFIG_KASAN_VMALLOC */
456 
457 static inline int kasan_module_alloc(void *addr, size_t size) { return 0; }
458 static inline void kasan_free_shadow(const struct vm_struct *vm) {}
459 
460 #endif /* (CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) && !CONFIG_KASAN_VMALLOC */
461 
462 #ifdef CONFIG_KASAN_INLINE
463 void kasan_non_canonical_hook(unsigned long addr);
464 #else /* CONFIG_KASAN_INLINE */
465 static inline void kasan_non_canonical_hook(unsigned long addr) { }
466 #endif /* CONFIG_KASAN_INLINE */
467 
468 #endif /* LINUX_KASAN_H */
469