1*0fca6ea1SDimitry Andric //===------------------------ nsan_platform.h -------------------*- C++ -*-===// 2*0fca6ea1SDimitry Andric // 3*0fca6ea1SDimitry Andric // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4*0fca6ea1SDimitry Andric // See https://llvm.org/LICENSE.txt for license information. 5*0fca6ea1SDimitry Andric // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6*0fca6ea1SDimitry Andric // 7*0fca6ea1SDimitry Andric //===----------------------------------------------------------------------===// 8*0fca6ea1SDimitry Andric // 9*0fca6ea1SDimitry Andric // Platform specific information for NSan. 10*0fca6ea1SDimitry Andric // 11*0fca6ea1SDimitry Andric //===----------------------------------------------------------------------===// 12*0fca6ea1SDimitry Andric 13*0fca6ea1SDimitry Andric #ifndef NSAN_PLATFORM_H 14*0fca6ea1SDimitry Andric #define NSAN_PLATFORM_H 15*0fca6ea1SDimitry Andric 16*0fca6ea1SDimitry Andric namespace __nsan { 17*0fca6ea1SDimitry Andric 18*0fca6ea1SDimitry Andric // NSan uses two regions of memory to store information: 19*0fca6ea1SDimitry Andric // - 'shadow memory' stores the shadow copies of numerical values stored in 20*0fca6ea1SDimitry Andric // application memory. 21*0fca6ea1SDimitry Andric // - 'shadow types' is used to determine which value type each byte of memory 22*0fca6ea1SDimitry Andric // belongs to. This makes sure that we always know whether a shadow value is 23*0fca6ea1SDimitry Andric // valid. Shadow values may be tampered with using access through other 24*0fca6ea1SDimitry Andric // pointer types (type punning). Each byte stores: 25*0fca6ea1SDimitry Andric // - bit 1-0: whether the corresponding value is of unknown (00), 26*0fca6ea1SDimitry Andric // float (01), double (10), or long double (11) type. 27*0fca6ea1SDimitry Andric // - bit 5-2: the index of this byte in the value, or 0000 if type is 28*0fca6ea1SDimitry Andric // unknown. 29*0fca6ea1SDimitry Andric // This allows handling unaligned loat load/stores by checking that a load 30*0fca6ea1SDimitry Andric // with a given alignment corresponds to the alignment of the store. 31*0fca6ea1SDimitry Andric // Any store of a non-floating point type invalidates the corresponding 32*0fca6ea1SDimitry Andric // bytes, so that subsequent overlapping loads (aligned or not) know that 33*0fca6ea1SDimitry Andric // the corresponding shadow value is no longer valid. 34*0fca6ea1SDimitry Andric 35*0fca6ea1SDimitry Andric // On Linux/x86_64, memory is laid out as follows: 36*0fca6ea1SDimitry Andric // 37*0fca6ea1SDimitry Andric // +--------------------+ 0x800000000000 (top of memory) 38*0fca6ea1SDimitry Andric // | application memory | 39*0fca6ea1SDimitry Andric // +--------------------+ 0x700000008000 (kAppAddr) 40*0fca6ea1SDimitry Andric // | | 41*0fca6ea1SDimitry Andric // | unused | 42*0fca6ea1SDimitry Andric // | | 43*0fca6ea1SDimitry Andric // +--------------------+ 0x400000000000 (kUnusedAddr) 44*0fca6ea1SDimitry Andric // | shadow memory | 45*0fca6ea1SDimitry Andric // +--------------------+ 0x200000000000 (kShadowAddr) 46*0fca6ea1SDimitry Andric // | shadow types | 47*0fca6ea1SDimitry Andric // +--------------------+ 0x100000000000 (kTypesAddr) 48*0fca6ea1SDimitry Andric // | reserved by kernel | 49*0fca6ea1SDimitry Andric // +--------------------+ 0x000000000000 50*0fca6ea1SDimitry Andric // 51*0fca6ea1SDimitry Andric // 52*0fca6ea1SDimitry Andric // To derive a shadow memory address from an application memory address, 53*0fca6ea1SDimitry Andric // bits 44-46 are cleared to bring the address into the range 54*0fca6ea1SDimitry Andric // [0x000000000000,0x100000000000). We scale to account for the fact that a 55*0fca6ea1SDimitry Andric // shadow value takes twice as much space as the original value. 56*0fca6ea1SDimitry Andric // Then we add kShadowAddr to put the shadow relative offset into the shadow 57*0fca6ea1SDimitry Andric // memory. See getShadowAddrFor(). 58*0fca6ea1SDimitry Andric // The process is similar for the shadow types. 59*0fca6ea1SDimitry Andric 60*0fca6ea1SDimitry Andric // The ratio of app to shadow memory. 61*0fca6ea1SDimitry Andric enum { kShadowScale = 2 }; 62*0fca6ea1SDimitry Andric 63*0fca6ea1SDimitry Andric // The original value type of a byte in app memory. Uses LLVM terminology: 64*0fca6ea1SDimitry Andric // https://llvm.org/docs/LangRef.html#floating-point-types 65*0fca6ea1SDimitry Andric // FIXME: support half and bfloat. 66*0fca6ea1SDimitry Andric enum ValueType { 67*0fca6ea1SDimitry Andric kUnknownValueType = 0, 68*0fca6ea1SDimitry Andric kFloatValueType = 1, // LLVM float, shadow type double. 69*0fca6ea1SDimitry Andric kDoubleValueType = 2, // LLVM double, shadow type fp128. 70*0fca6ea1SDimitry Andric kFp80ValueType = 3, // LLVM x86_fp80, shadow type fp128. 71*0fca6ea1SDimitry Andric }; 72*0fca6ea1SDimitry Andric 73*0fca6ea1SDimitry Andric // The size of ValueType encoding, in bits. 74*0fca6ea1SDimitry Andric enum { 75*0fca6ea1SDimitry Andric kValueSizeSizeBits = 2, 76*0fca6ea1SDimitry Andric }; 77*0fca6ea1SDimitry Andric 78*0fca6ea1SDimitry Andric #if defined(__x86_64__) 79*0fca6ea1SDimitry Andric struct Mapping { 80*0fca6ea1SDimitry Andric // FIXME: kAppAddr == 0x700000000000 ? 81*0fca6ea1SDimitry Andric static const uptr kAppAddr = 0x700000008000; 82*0fca6ea1SDimitry Andric static const uptr kUnusedAddr = 0x400000000000; 83*0fca6ea1SDimitry Andric static const uptr kShadowAddr = 0x200000000000; 84*0fca6ea1SDimitry Andric static const uptr kTypesAddr = 0x100000000000; 85*0fca6ea1SDimitry Andric static const uptr kShadowMask = ~0x700000000000; 86*0fca6ea1SDimitry Andric }; 87*0fca6ea1SDimitry Andric #else 88*0fca6ea1SDimitry Andric #error "NSan not supported for this platform!" 89*0fca6ea1SDimitry Andric #endif 90*0fca6ea1SDimitry Andric 91*0fca6ea1SDimitry Andric enum MappingType { 92*0fca6ea1SDimitry Andric MAPPING_APP_ADDR, 93*0fca6ea1SDimitry Andric MAPPING_UNUSED_ADDR, 94*0fca6ea1SDimitry Andric MAPPING_SHADOW_ADDR, 95*0fca6ea1SDimitry Andric MAPPING_TYPES_ADDR, 96*0fca6ea1SDimitry Andric MAPPING_SHADOW_MASK 97*0fca6ea1SDimitry Andric }; 98*0fca6ea1SDimitry Andric 99*0fca6ea1SDimitry Andric template <typename Mapping, int Type> uptr MappingImpl() { 100*0fca6ea1SDimitry Andric switch (Type) { 101*0fca6ea1SDimitry Andric case MAPPING_APP_ADDR: 102*0fca6ea1SDimitry Andric return Mapping::kAppAddr; 103*0fca6ea1SDimitry Andric case MAPPING_UNUSED_ADDR: 104*0fca6ea1SDimitry Andric return Mapping::kUnusedAddr; 105*0fca6ea1SDimitry Andric case MAPPING_SHADOW_ADDR: 106*0fca6ea1SDimitry Andric return Mapping::kShadowAddr; 107*0fca6ea1SDimitry Andric case MAPPING_TYPES_ADDR: 108*0fca6ea1SDimitry Andric return Mapping::kTypesAddr; 109*0fca6ea1SDimitry Andric case MAPPING_SHADOW_MASK: 110*0fca6ea1SDimitry Andric return Mapping::kShadowMask; 111*0fca6ea1SDimitry Andric } 112*0fca6ea1SDimitry Andric } 113*0fca6ea1SDimitry Andric 114*0fca6ea1SDimitry Andric template <int Type> uptr MappingArchImpl() { 115*0fca6ea1SDimitry Andric return MappingImpl<Mapping, Type>(); 116*0fca6ea1SDimitry Andric } 117*0fca6ea1SDimitry Andric 118*0fca6ea1SDimitry Andric ALWAYS_INLINE 119*0fca6ea1SDimitry Andric uptr AppAddr() { return MappingArchImpl<MAPPING_APP_ADDR>(); } 120*0fca6ea1SDimitry Andric 121*0fca6ea1SDimitry Andric ALWAYS_INLINE 122*0fca6ea1SDimitry Andric uptr UnusedAddr() { return MappingArchImpl<MAPPING_UNUSED_ADDR>(); } 123*0fca6ea1SDimitry Andric 124*0fca6ea1SDimitry Andric ALWAYS_INLINE 125*0fca6ea1SDimitry Andric uptr ShadowAddr() { return MappingArchImpl<MAPPING_SHADOW_ADDR>(); } 126*0fca6ea1SDimitry Andric 127*0fca6ea1SDimitry Andric ALWAYS_INLINE 128*0fca6ea1SDimitry Andric uptr TypesAddr() { return MappingArchImpl<MAPPING_TYPES_ADDR>(); } 129*0fca6ea1SDimitry Andric 130*0fca6ea1SDimitry Andric ALWAYS_INLINE 131*0fca6ea1SDimitry Andric uptr ShadowMask() { return MappingArchImpl<MAPPING_SHADOW_MASK>(); } 132*0fca6ea1SDimitry Andric 133*0fca6ea1SDimitry Andric } // end namespace __nsan 134*0fca6ea1SDimitry Andric 135*0fca6ea1SDimitry Andric #endif 136