• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2023 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef BERBERIS_GUEST_OS_PRIMITIVES_GUEST_MAP_SHADOW_H_
18 #define BERBERIS_GUEST_OS_PRIMITIVES_GUEST_MAP_SHADOW_H_
19 
20 #include <cstddef>
21 #include <mutex>
22 #include <utility>
23 
24 #include "berberis/base/arena_alloc.h"
25 #include "berberis/base/arena_vector.h"
26 #include "berberis/guest_state/guest_addr.h"
27 
28 namespace berberis {
29 
30 enum BitValue {
31   kBitUnset,
32   kBitSet,
33   kBitMixed,
34 };
35 
36 class GuestMapShadow {
37  public:
38   GuestMapShadow();
39   ~GuestMapShadow();
40 
41   [[nodiscard]] std::tuple<bool, size_t> GetExecutableRegionSize(GuestAddr start,
42                                                                  size_t max_size) const;
43   [[nodiscard]] BitValue GetExecutable(GuestAddr start, size_t size) const;
44 
45   // Check if region start..start+size is fully executable.
46   [[nodiscard]] bool IsExecutable(GuestAddr start, size_t size) const;
47 
48   // Mark region start..start+size as executable.
49   void SetExecutable(GuestAddr start, size_t size);
50 
51   // Mark region start..start+size as not executable.
52   void ClearExecutable(GuestAddr start, size_t size);
53 
54   void RemapExecutable(GuestAddr old_start, size_t old_size, GuestAddr new_start, size_t new_size);
55 
56   void AddProtectedMapping(const void* start, const void* end);
57 
58   [[nodiscard]] bool IntersectsWithProtectedMapping(const void* start, const void* end);
59 
60   static GuestMapShadow* GetInstance();
61 
62  private:
63   [[nodiscard]] bool IsExecAddr(GuestAddr addr) const;
64   bool SetExecAddr(GuestAddr addr, int set);
65   void CopyExecutable(GuestAddr from, size_t from_size, GuestAddr to, size_t to_size);
66 
67   uint8_t* shadow_;
68   Arena arena_;
69   std::mutex mutex_;
70   // Mappings protected from guest tampering.
71   // Warning: it's not optimized for quick look up since
72   // we don't expect to store more than a few mappings.
73   ArenaVector<std::pair<const void*, const void*>> protected_maps_;
74 };
75 
76 }  // namespace berberis
77 
78 #endif  // BERBERIS_GUEST_OS_PRIMITIVES_GUEST_MAP_SHADOW_H_
79