aboutsummaryrefslogtreecommitdiff
path: root/mm/kasan/hw_tags.c
blob: 3cdd87d189f66b677da93507b8764d64925fd49e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
// SPDX-License-Identifier: GPL-2.0
/*
 * This file contains core hardware tag-based KASAN code.
 *
 * Copyright (c) 2020 Google, Inc.
 * Author: Andrey Konovalov <andreyknvl@google.com>
 */

#define pr_fmt(fmt) "kasan: " fmt

#include <linux/kasan.h>
#include <linux/kernel.h>
#include <linux/kfence.h>
#include <linux/memory.h>
#include <linux/mm.h>
#include <linux/string.h>
#include <linux/types.h>

#include "kasan.h"

/* kasan_init_hw_tags_cpu() is called for each CPU. */
void kasan_init_hw_tags_cpu(void)
{
	hw_init_tags(KASAN_TAG_MAX);
	hw_enable_tagging();
}

/* kasan_init_hw_tags() is called once on boot CPU. */
void __init kasan_init_hw_tags(void)
{
	pr_info("KernelAddressSanitizer initialized\n");
}

void poison_range(const void *address, size_t size, u8 value)
{
	/* Skip KFENCE memory if called explicitly outside of sl*b. */
	if (is_kfence_address(address))
		return;

	hw_set_mem_tag_range(kasan_reset_tag(address),
			round_up(size, KASAN_GRANULE_SIZE), value);
}

void unpoison_range(const void *address, size_t size)
{
	/* Skip KFENCE memory if called explicitly outside of sl*b. */
	if (is_kfence_address(address))
		return;

	hw_set_mem_tag_range(kasan_reset_tag(address),
			round_up(size, KASAN_GRANULE_SIZE), get_tag(address));
}

bool check_invalid_free(void *addr)
{
	u8 ptr_tag = get_tag(addr);
	u8 mem_tag = hw_get_mem_tag(addr);

	return (mem_tag == KASAN_TAG_INVALID) ||
		(ptr_tag != KASAN_TAG_KERNEL && ptr_tag != mem_tag);
}

void kasan_set_free_info(struct kmem_cache *cache,
				void *object, u8 tag)
{
	struct kasan_alloc_meta *alloc_meta;

	alloc_meta = kasan_get_alloc_meta(cache, object);
	kasan_set_track(&alloc_meta->free_track[0], GFP_NOWAIT);
}

struct kasan_track *kasan_get_free_track(struct kmem_cache *cache,
				void *object, u8 tag)
{
	struct kasan_alloc_meta *alloc_meta;

	alloc_meta = kasan_get_alloc_meta(cache, object);
	return &alloc_meta->free_track[0];
}