1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * KMSAN checks to be used for one-off annotations in subsystems. |
4 | * |
5 | * Copyright (C) 2017-2022 Google LLC |
6 | * Author: Alexander Potapenko <glider@google.com> |
7 | * |
8 | */ |
9 | |
10 | #ifndef _LINUX_KMSAN_CHECKS_H |
11 | #define _LINUX_KMSAN_CHECKS_H |
12 | |
13 | #include <linux/types.h> |
14 | |
15 | #ifdef CONFIG_KMSAN |
16 | |
17 | /** |
18 | * kmsan_poison_memory() - Mark the memory range as uninitialized. |
19 | * @address: address to start with. |
20 | * @size: size of buffer to poison. |
21 | * @flags: GFP flags for allocations done by this function. |
22 | * |
23 | * Until other data is written to this range, KMSAN will treat it as |
24 | * uninitialized. Error reports for this memory will reference the call site of |
25 | * kmsan_poison_memory() as origin. |
26 | */ |
27 | void kmsan_poison_memory(const void *address, size_t size, gfp_t flags); |
28 | |
29 | /** |
30 | * kmsan_unpoison_memory() - Mark the memory range as initialized. |
31 | * @address: address to start with. |
32 | * @size: size of buffer to unpoison. |
33 | * |
34 | * Until other data is written to this range, KMSAN will treat it as |
35 | * initialized. |
36 | */ |
37 | void kmsan_unpoison_memory(const void *address, size_t size); |
38 | |
39 | /** |
40 | * kmsan_check_memory() - Check the memory range for being initialized. |
41 | * @address: address to start with. |
42 | * @size: size of buffer to check. |
43 | * |
44 | * If any piece of the given range is marked as uninitialized, KMSAN will report |
45 | * an error. |
46 | */ |
47 | void kmsan_check_memory(const void *address, size_t size); |
48 | |
49 | /** |
50 | * kmsan_copy_to_user() - Notify KMSAN about a data transfer to userspace. |
51 | * @to: destination address in the userspace. |
52 | * @from: source address in the kernel. |
53 | * @to_copy: number of bytes to copy. |
54 | * @left: number of bytes not copied. |
55 | * |
56 | * If this is a real userspace data transfer, KMSAN checks the bytes that were |
57 | * actually copied to ensure there was no information leak. If @to belongs to |
58 | * the kernel space (which is possible for compat syscalls), KMSAN just copies |
59 | * the metadata. |
60 | */ |
61 | void kmsan_copy_to_user(void __user *to, const void *from, size_t to_copy, |
62 | size_t left); |
63 | |
64 | #else |
65 | |
66 | static inline void kmsan_poison_memory(const void *address, size_t size, |
67 | gfp_t flags) |
68 | { |
69 | } |
70 | static inline void kmsan_unpoison_memory(const void *address, size_t size) |
71 | { |
72 | } |
73 | static inline void kmsan_check_memory(const void *address, size_t size) |
74 | { |
75 | } |
76 | static inline void kmsan_copy_to_user(void __user *to, const void *from, |
77 | size_t to_copy, size_t left) |
78 | { |
79 | } |
80 | |
81 | #endif |
82 | |
83 | #endif /* _LINUX_KMSAN_CHECKS_H */ |
84 | |