| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Copyright (c) 2012 The Native Client Authors. All rights reserved. | |
| 3 * Use of this source code is governed by a BSD-style license that can be | |
| 4 * found in the LICENSE file. | |
| 5 */ | |
| 6 | |
| 7 #ifndef NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_REG_SFI_NCVALIDATE_ITER_H_
_ | |
| 8 #define NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_REG_SFI_NCVALIDATE_ITER_H_
_ | |
| 9 | |
| 10 /* | |
| 11 * ncvalidate_iter.h: Validator for the register-based SFI sandbox. | |
| 12 * | |
| 13 * This is the primary library interface to the x86-64 validator for the | |
| 14 * register-based sandbox. This version should be used when performance | |
| 15 * is important. See ncvalidate_iter_detailed.h for a secondary API which | |
| 16 * provides more details when reporting errors. | |
| 17 * | |
| 18 * Basic usage: | |
| 19 * -- base is initial address of ELF file. | |
| 20 * -- limit is the size of the ELF file. | |
| 21 * -- maddr is the address to the memory of a section. | |
| 22 * -- vaddr is the starting virtual address associated with a section. | |
| 23 * -- size is the number of bytes in a section. | |
| 24 * | |
| 25 * if (!NaClArchSupported()) fail; | |
| 26 * NaClValidatorState* state = | |
| 27 * NaClValidatorStateCreate(base, limit - base, 32, readonly, RegR15); | |
| 28 * if (state == NULL) fail; | |
| 29 * for each section: | |
| 30 * NaClValidateSegment(maddr, vaddr, size, state); | |
| 31 * if (!NaClValidatesOk(state)) fail; | |
| 32 * NaClValidatorStateDestroy(state); | |
| 33 */ | |
| 34 | |
| 35 #include "native_client/src/include/portability.h" | |
| 36 #include "native_client/src/shared/utils/types.h" | |
| 37 #include "native_client/src/trusted/validator/ncvalidate.h" | |
| 38 #include "native_client/src/trusted/validator/types_memory_model.h" | |
| 39 #include "native_client/src/trusted/validator/x86/decoder/gen/ncopcode_operand_k
ind.h" | |
| 40 #include "native_client/src/trusted/validator/x86/error_reporter.h" | |
| 41 #include "native_client/src/trusted/cpu_features/arch/x86/cpu_x86.h" | |
| 42 | |
| 43 EXTERN_C_BEGIN | |
| 44 | |
| 45 struct NaClDecodeTables; | |
| 46 struct NaClInstIter; | |
| 47 struct NaClInstState; | |
| 48 struct NaClValidatorState; | |
| 49 | |
| 50 /* Control flag that when set to FALSE, turns of the printing of validator | |
| 51 * messages. | |
| 52 */ | |
| 53 extern Bool NACL_FLAGS_print_validator_messages; | |
| 54 | |
| 55 /* When >= 0, only print this many errors before quiting. When | |
| 56 * < 0, print all errors. | |
| 57 */ | |
| 58 extern int NACL_FLAGS_max_reported_errors; | |
| 59 | |
| 60 /* Command line flag controlling whether each instruction is traced | |
| 61 * while validating instructions. | |
| 62 */ | |
| 63 extern Bool NACL_FLAGS_validator_trace_instructions; | |
| 64 | |
| 65 /* Command line flag controlling whether the internal representation | |
| 66 * of each instruction is trace while validating. | |
| 67 * Command line flag controlling whether each instruction, and its | |
| 68 * corresponding internal details, is traced while validating | |
| 69 * instructions. | |
| 70 */ | |
| 71 extern Bool NACL_FLAGS_validator_trace_inst_interals; | |
| 72 | |
| 73 /* Command line flag controlling whether address error messages | |
| 74 * should be printed out using the format needed by ncval_annotate.py | |
| 75 */ | |
| 76 extern Bool NACL_FLAGS_ncval_annotate; | |
| 77 | |
| 78 /* UNSAFE interal flags used by enuminst test to support | |
| 79 * partial validation. | |
| 80 */ | |
| 81 extern Bool NACL_FLAGS_unsafe_single_inst_mode; | |
| 82 | |
| 83 #ifdef NCVAL_TESTING | |
| 84 /* Command line flag for printing out prefix/postfix conditions. */ | |
| 85 extern Bool NACL_FLAGS_print_validator_conditions; | |
| 86 | |
| 87 /* Command line flag controlling whether pre/post conditions are printed | |
| 88 * on all instructions. By default, only those instructions that validate | |
| 89 * have pre/post conditions printed. | |
| 90 */ | |
| 91 extern Bool NACL_FLAGS_report_conditions_on_all; | |
| 92 #endif | |
| 93 | |
| 94 /* Changes all validator trace flags to true. */ | |
| 95 void NaClValidatorFlagsSetTraceVerbose(void); | |
| 96 | |
| 97 /* The model of a validator state. */ | |
| 98 typedef struct NaClValidatorState NaClValidatorState; | |
| 99 | |
| 100 /* Create a validator state to validate the code segment. | |
| 101 * Note: Messages (if any) produced by the validator are sent to the stream | |
| 102 * defined by native_client/src/shared/platform/nacl_log.h. | |
| 103 * Parameters. | |
| 104 * vbase - The virtual address for the contents of the code segment. | |
| 105 * sz - The number of bytes in the code segment. | |
| 106 * base_register - OperandKind defining value for base register (or | |
| 107 * RegUnknown if not defined). | |
| 108 * readonly - Whether the text should be treated as read-only. | |
| 109 * features - The CPU features to use. Uses local features of machine if NULL. | |
| 110 * Returns: | |
| 111 * A pointer to an initialized validator state if everything is ok, NULL | |
| 112 * otherwise. | |
| 113 */ | |
| 114 NaClValidatorState* NaClValidatorStateCreate( | |
| 115 const NaClPcAddress vbase, | |
| 116 const NaClMemorySize codesize, | |
| 117 const NaClOpKind base_register, | |
| 118 const int readonly, /* Bool */ | |
| 119 const NaClCPUFeaturesX86 *features); | |
| 120 | |
| 121 /* Returns true if the instruction iterator of the validator has any more | |
| 122 * instructions. Also does any necessary internal caching if there are | |
| 123 * more instructions, based on the instruction iterator. | |
| 124 */ | |
| 125 Bool NaClValidatorStateIterHasNext(NaClValidatorState *vstate); | |
| 126 | |
| 127 /* Advances the instruction iterator of the validator to the next instruction. | |
| 128 * Also does necessary internal caching expected by the validator for the | |
| 129 * next instruction. | |
| 130 */ | |
| 131 void NaClValidatorStateIterAdvance(NaClValidatorState *vstate); | |
| 132 | |
| 133 /* Assumes that we have finished iterating through the instruction iterator | |
| 134 * of the validator and cleans up appropriate cached information that is | |
| 135 * only defined while iterating over instructions. | |
| 136 */ | |
| 137 void NaClValidatorStateIterFinish(NaClValidatorState *vstate); | |
| 138 | |
| 139 /* Resets the instruction iterator back to the beginning of the segment. | |
| 140 * Returns true on success. | |
| 141 */ | |
| 142 Bool NaClValidatorStateIterReset(NaClValidatorState *vstate); | |
| 143 | |
| 144 /* Returns the current maximum number of errors that can be reported. | |
| 145 * Note: When > 0, the validator will only print that many errors before | |
| 146 * quiting. When 0, the validator will not print any messages. When < 0, | |
| 147 * the validator will print all found errors. | |
| 148 * Note: Defaults to NACL_FLAGS_max_reported_errors. | |
| 149 */ | |
| 150 int NaClValidatorStateGetMaxReportedErrors(NaClValidatorState* state); | |
| 151 | |
| 152 /* Changes the current maximum number of errors that will be reported before | |
| 153 * quiting. For legal parameter values, see | |
| 154 * NaClValidatorStateGetMaxReportedErrors. | |
| 155 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 156 * and NaClValidateSegment. | |
| 157 * Note: This function will have no effect unless | |
| 158 * NaClValidatorStateSetErrorReporter is called to define error reporting. | |
| 159 */ | |
| 160 void NaClValidatorStateSetMaxReportedErrors(NaClValidatorState* state, | |
| 161 int max_reported_errors); | |
| 162 | |
| 163 /* Changes the report error reported for the validator. By default, no | |
| 164 * error messages are printed. To print error messages, use an appropriate | |
| 165 * error printer, such as kNaClVerboseErrorReporter in ncval_driver.h. | |
| 166 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 167 * and NaClValidateSegment. If not set, the validator will not print | |
| 168 * error messages. | |
| 169 * Note: Even if the error reporter is set to kNaClVerboseErrorReporter, | |
| 170 * errors will not be reported unless you also change the maximum number | |
| 171 * of errors reported via a call to NaClValidatorStateSetMaxReportedErrors. | |
| 172 * The reason for this is that the default number of reported errors is zero | |
| 173 * (based on the default use of the validator in sel_ldr). | |
| 174 */ | |
| 175 void NaClValidatorStateSetErrorReporter(NaClValidatorState* state, | |
| 176 struct NaClErrorReporter* reporter); | |
| 177 | |
| 178 /* A default, null error reporter for a NCInstState* */ | |
| 179 extern NaClErrorReporter kNaClNullErrorReporter; | |
| 180 | |
| 181 /* Verbose error reporter for a NaClInstState* that reports to | |
| 182 * NaClLogGetGio(). | |
| 183 */ | |
| 184 extern NaClErrorReporter kNaClVerboseErrorReporter; | |
| 185 | |
| 186 /* Returns true if each instruction should be printed as the validator | |
| 187 * processes the instruction. | |
| 188 * Note: Defaults to NACL_FLAGS_validator_trace. | |
| 189 */ | |
| 190 Bool NaClValidatorStateGetTraceInstructions(NaClValidatorState* state); | |
| 191 | |
| 192 /* Changes the value on whether each instruction should be printed as | |
| 193 * the validator processes the instruction. | |
| 194 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 195 * and NaClValidateSegment. | |
| 196 */ | |
| 197 void NaClValidatorStateSetTraceInstructions(NaClValidatorState* state, | |
| 198 Bool new_value); | |
| 199 | |
| 200 /* Returns true if the internal representation of each instruction | |
| 201 * should be printed as the validator processes the instruction. | |
| 202 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 203 * and NaClValidateSegment. | |
| 204 */ | |
| 205 Bool NaClValidatorStateGetTraceInstInternals(NaClValidatorState* state); | |
| 206 | |
| 207 /* Changes the value on whether the internal details of each validated | |
| 208 * instruction should be printed, as the validator visits the instruction. | |
| 209 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 210 * and NaClValidateSegment. | |
| 211 */ | |
| 212 void NaClValidatorStateSetTraceInstInternals(NaClValidatorState* state, | |
| 213 Bool new_value); | |
| 214 | |
| 215 /* Returns true if any of thevalidator trace flags are set. | |
| 216 * Note: If this function returns true, so does | |
| 217 * NaClValidatorStateGetTraceInstructions | |
| 218 * NaClValidatorStateGetTraceInstInternals | |
| 219 */ | |
| 220 Bool NaClValidatorStateTrace(NaClValidatorState* state); | |
| 221 | |
| 222 /* Convenience function that changes all validator trace flags to true. | |
| 223 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 224 * and NaClValidateSegment. | |
| 225 */ | |
| 226 void NaClValidatorStateSetTraceVerbose(NaClValidatorState* state); | |
| 227 | |
| 228 /* Returns the log verbosity for printed validator messages. Legal | |
| 229 * values are defined by src/shared/platform/nacl_log.h. | |
| 230 * Note: Defaults to LOG_INFO. | |
| 231 */ | |
| 232 int NaClValidatorStateGetLogVerbosity(NaClValidatorState* state); | |
| 233 | |
| 234 /* Changes the log verbosity for printed validator messages to the | |
| 235 * new value. Legal values are defined by src/shared/platform/nacl_log.h. | |
| 236 * Note: Should only be called between calls to NaClValidatorStateCreate | |
| 237 * and NaClValidateSegment. | |
| 238 * Note: NaClLogGetVerbosity() can override this value if more severe | |
| 239 * than the value defined here. This allows a global limit (defined | |
| 240 * by nacl_log.h) as well as a validator specific limit. | |
| 241 */ | |
| 242 void NaClValidatorStateSetLogVerbosity(NaClValidatorState* state, | |
| 243 Bool new_value); | |
| 244 | |
| 245 /* Return the value of the "do stub out" flag, i.e. whether instructions will | |
| 246 * be stubbed out with HLT if they are found to be illegal. | |
| 247 */ | |
| 248 Bool NaClValidatorStateGetDoStubOut(NaClValidatorState* state); | |
| 249 | |
| 250 /* Changes the "do stub out" flag to the given value. Note: Should only | |
| 251 * be called between calls to NaClValidatorStateCreate and NaClValidateSegment. | |
| 252 */ | |
| 253 void NaClValidatorStateSetDoStubOut(NaClValidatorState* state, | |
| 254 Bool new_value); | |
| 255 | |
| 256 /* Stub out "num" bytes starting at "ptr". */ | |
| 257 void NCStubOutMem(NaClValidatorState *state, void *ptr, size_t num); | |
| 258 | |
| 259 /* Validate a code segment. | |
| 260 * Parameters: | |
| 261 * mbase - The address of the beginning of the code segment. | |
| 262 * vbase - The virtual address associated with the beginning of the code | |
| 263 * segment. | |
| 264 * sz - The number of bytes in the code segment. | |
| 265 * state - The validator state to use while validating. | |
| 266 */ | |
| 267 void NaClValidateSegment(uint8_t* mbase, | |
| 268 NaClPcAddress vbase, | |
| 269 NaClMemorySize sz, | |
| 270 NaClValidatorState* state); | |
| 271 | |
| 272 /* Same as NaClValidateSegment, except that the given decoder table is used | |
| 273 * instead. | |
| 274 */ | |
| 275 void NaClValidateSegmentUsingTables(uint8_t* mbase, | |
| 276 NaClPcAddress vbase, | |
| 277 NaClMemorySize sz, | |
| 278 NaClValidatorState* state, | |
| 279 const struct NaClDecodeTables* tables); | |
| 280 | |
| 281 /* | |
| 282 * Validate a segment for dynamic code replacement | |
| 283 * Checks if code at mbase_old can be replaced with code at mbase_new | |
| 284 * Note that mbase_old was validated when it was inserted originally. | |
| 285 * If validation fails, state->validates_ok will be set to false. | |
| 286 * Parameters: | |
| 287 * mbase_old - The address of the beginning of the code segment to be | |
| 288 * replaced | |
| 289 * mbase_new - The address of the code segment that replaces the old | |
| 290 * segment | |
| 291 * vbase - Virtual address that is associated with both segments | |
| 292 * size - Length of the code segments (the segments must be of the same | |
| 293 * size) | |
| 294 * state - The validator state to use while validating *new* segment | |
| 295 */ | |
| 296 void NaClValidateSegmentPair(uint8_t *mbase_old, | |
| 297 uint8_t *mbase_new, | |
| 298 NaClPcAddress vbase, | |
| 299 size_t size, | |
| 300 struct NaClValidatorState *state); | |
| 301 | |
| 302 /* Returns true if the validator hasn't found any problems with the validated | |
| 303 * code segments. | |
| 304 * Parameters: | |
| 305 * state - The validator state used to validate code segments. | |
| 306 * Returns: | |
| 307 * true only if no problems have been found. | |
| 308 */ | |
| 309 Bool NaClValidatesOk(NaClValidatorState* state); | |
| 310 | |
| 311 /* Cleans up and returns the memory created by the corresponding | |
| 312 * call to NaClValidatorStateCreate. | |
| 313 */ | |
| 314 void NaClValidatorStateDestroy(NaClValidatorState* state); | |
| 315 | |
| 316 /* Prints out a validator message for the given level. | |
| 317 * Parameters: | |
| 318 * level - The level of the message, as defined in nacl_log.h | |
| 319 * state - The validator state that detected the error. | |
| 320 * format - The format string of the message to print. | |
| 321 * ... - arguments to the format string. | |
| 322 */ | |
| 323 void NaClValidatorMessage(int level, | |
| 324 NaClValidatorState* state, | |
| 325 const char* format, | |
| 326 ...) ATTRIBUTE_FORMAT_PRINTF(3, 4); | |
| 327 | |
| 328 /* Prints out a validator message for the given level using | |
| 329 * a variable argument list. | |
| 330 * Parameters: | |
| 331 * level - The level of the message, as defined in nacl_log.h | |
| 332 * state - The validator state that detected the error. | |
| 333 * format - The format string of the message to print. | |
| 334 * ap - variable argument list for the format. | |
| 335 */ | |
| 336 void NaClValidatorVarargMessage(int level, | |
| 337 NaClValidatorState* state, | |
| 338 const char* format, | |
| 339 va_list ap); | |
| 340 | |
| 341 /* Prints out a validator message for the given address. | |
| 342 * Parameters: | |
| 343 * level - The level of the message, as defined in nacl_log.h | |
| 344 * state - The validator state that detected the error. | |
| 345 * addr - The address where the error occurred. | |
| 346 * format - The format string of the message to print. | |
| 347 * ... - arguments to the format string. | |
| 348 */ | |
| 349 void NaClValidatorPcAddressMessage(int level, | |
| 350 NaClValidatorState* state, | |
| 351 NaClPcAddress addr, | |
| 352 const char* format, | |
| 353 ...) ATTRIBUTE_FORMAT_PRINTF(4, 5); | |
| 354 | |
| 355 /* Prints out a validator message for the given instruction. | |
| 356 * Parameters: | |
| 357 * level - The level of the message, as defined in nacl_log.h | |
| 358 * state - The validator state that detected the error. | |
| 359 * inst - The instruction that caused the vaidator error. | |
| 360 * format - The format string of the message to print. | |
| 361 * ... - arguments to the format string. | |
| 362 */ | |
| 363 void NaClValidatorInstMessage(int level, | |
| 364 NaClValidatorState* state, | |
| 365 struct NaClInstState* inst, | |
| 366 const char* format, | |
| 367 ...) ATTRIBUTE_FORMAT_PRINTF(4, 5); | |
| 368 | |
| 369 /* Prints out a validator message and two given instructions. | |
| 370 * Parameters: | |
| 371 * level - The level of the message, as defined in nacl_log.h | |
| 372 * state - The validator state that detected the error. | |
| 373 * inst1 - The first instruction to be printed. | |
| 374 * inst2 - The second instruction to be printed. | |
| 375 * format - The format string of the message to print. | |
| 376 * ... - arguments to the format string. | |
| 377 */ | |
| 378 void NaClValidatorTwoInstMessage(int level, | |
| 379 NaClValidatorState* state, | |
| 380 struct NaClInstState* inst1, | |
| 381 struct NaClInstState* inst2, | |
| 382 const char* format, | |
| 383 ...) ATTRIBUTE_FORMAT_PRINTF(5, 6); | |
| 384 | |
| 385 /* Returns true if the validator should quit due to previous errors. */ | |
| 386 Bool NaClValidatorQuit(NaClValidatorState* state); | |
| 387 | |
| 388 /* Returns true if any code has been overwritten with halts. */ | |
| 389 Bool NaClValidatorDidStubOut(NaClValidatorState *vstate); | |
| 390 | |
| 391 #ifdef NCVAL_TESTING | |
| 392 /* Defines the buffer and the corresponding buffer size to use for SNPRINTF, | |
| 393 * given the current contents of the pre/post condition. | |
| 394 */ | |
| 395 void NaClConditionAppend(char* condition, | |
| 396 char** buffer, | |
| 397 size_t* buffer_size); | |
| 398 | |
| 399 /* Prints out the address of the current instruction, and the pre/post | |
| 400 * conditions associated with the current instruction. | |
| 401 */ | |
| 402 void NaClPrintConditions(NaClValidatorState *state); | |
| 403 #endif | |
| 404 | |
| 405 EXTERN_C_END | |
| 406 | |
| 407 #endif /* NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_REG_SFI_NCVALIDATE_ITER
_H__ */ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 625923004:
Delete old x86 validator. (Closed)
Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client