[apple/xnu.git] / tests / kas_info.c

/* Copyright (c) 2020 Apple Computer, Inc.  All rights reserved. */

#include <CoreSymbolication/CoreSymbolication.h>
#include <CoreSymbolication/CoreSymbolicationPrivate.h>
#include <darwintest.h>
#include <dispatch/dispatch.h>

#include <mach-o/loader.h>

#include <sys/kas_info.h>

#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/sysctl.h>
#include <sys/types.h>

#include <fcntl.h>

#include <stdint.h>

T_GLOBAL_META(
	T_META_NAMESPACE("xnu.kas_info"),
	T_META_CHECK_LEAKS(false),
	T_META_ASROOT(true));

static bool
slide_enabled(void)
{
	int slide_enabled, err;
	size_t size = sizeof(slide_enabled);
	err = sysctlbyname("kern.slide", &slide_enabled, &size, NULL, 0);
	T_ASSERT_POSIX_SUCCESS(err, "sysctl(\"kern.slide\");");
	return slide_enabled != 0;
}

static uint64_t
kernel_slide(void)
{
	uint64_t slide;
	size_t size = sizeof(slide);
	int err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, &size);
	if (err && errno == ENOTSUP) {
		T_SKIP("Running on kernel without kas_info");
	}

	T_ASSERT_POSIX_SUCCESS(errno, "kas_info KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR");
	T_ASSERT_EQ(size, sizeof(slide), "returned size is valid");

	return slide;
}

T_DECL(kernel_text_slide,
    "ensures that kas_info can return the kernel text slide")
{
	if (!slide_enabled()) {
		T_SKIP("KASLR is not enabled");
		__builtin_unreachable();
	}

	uint64_t slide = kernel_slide();

	T_ASSERT_GT_ULLONG(slide, 0ULL, "kernel slide is non-zero");
}

T_DECL(kernel_text_slide_invalid,
    "ensures that kas_info handles invalid input to KERNEL_TEXT_SLIDE_SELECTOR")
{
	uint64_t slide;
	size_t size = 0;
	int err;

	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, NULL);
	if (errno == ENOTSUP) {
		T_SKIP("Running on kernel without kas_info");
	}
	T_ASSERT_POSIX_FAILURE(err, EFAULT, "kas_info with NULL size");

	size = sizeof(uint64_t);
	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, NULL, &size);
	T_ASSERT_POSIX_FAILURE(err, EFAULT, "kas_info with NULL slide");

	size = sizeof(uint32_t);
	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, &size);
	T_ASSERT_POSIX_FAILURE(err, EINVAL, "kas_info with invalid size");
}

static char const*
kernel_path(void)
{
	static CSSymbolicatorRef symbolicator;
	static char const* path;
	static dispatch_once_t once;
	dispatch_once(&once, ^{
		uint32_t flags = kCSSymbolicatorDefaultCreateFlags;
		symbolicator = CSSymbolicatorCreateWithMachKernelFlagsAndNotification(flags, NULL);
		T_QUIET; T_ASSERT_TRUE(!CSIsNull(symbolicator), "CSSymbolicatorCreateWithMachKernelFlagsAndNotification");
		path = CSSymbolOwnerGetPath(CSSymbolicatorGetAOutSymbolOwner(symbolicator));
		if (!path) {
		        path = CSSymbolOwnerGetPath(CSSymbolicatorGetSymbolOwner(symbolicator));
		}
		T_QUIET; T_ASSERT_NOTNULL(path, "CSSymbolOwnerGetPath/CSSymbolicatorGetSymbolOwner");
	});
	return path;
}

static void
disk_kernel_segments(uint64_t **segs_out, size_t *nsegs_out)
{
	char const* path = kernel_path();
	int fd = open(path, O_RDONLY);
	int err;
	struct stat sb;
	size_t nsegs = 0;
	uint64_t *segs = NULL;
	void *data;

	T_LOG("Kernel file is %s", path);
	T_QUIET; T_ASSERT_POSIX_SUCCESS(fd, "open kernel file");

	err = fstat(fd, &sb);
	T_ASSERT_POSIX_SUCCESS(err, "fstat kernel file");

	data = mmap(NULL, (size_t)sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
	T_ASSERT_NE(data, MAP_FAILED, "mmap kernel file");

	/*
	 * TODO: If we bring back FAT kernel binaries
	 * this will need to be fixed to handle them properly
	 */
	uint32_t magic = *(uint32_t*)data;
	struct load_command *cmd = NULL;

	switch (magic) {
	case MH_MAGIC: OS_FALLTHROUGH;
	case MH_CIGAM: {
		struct mach_header *mh = (struct mach_header *)data;
		cmd = (struct load_command *)(&(mh[1]));
		nsegs = mh->ncmds;
	}
	break;
	case MH_MAGIC_64: OS_FALLTHROUGH;
	case MH_CIGAM_64: {
		struct mach_header_64 *mh = (struct mach_header_64 *)data;
		cmd = (struct load_command *)(&(mh[1]));
		nsegs = mh->ncmds;
	}
	break;
	default:
		T_FAIL("kernel file is not a Mach-O file, magic is %x", magic);
	}

	/* Adjust for the LC_UUID && LC_BUILD_VERSION commands in front of
	 * load commands for dSYMs
	 */
	while (cmd->cmd != LC_SEGMENT && cmd->cmd != LC_SEGMENT_64) {
		cmd = (struct load_command *) ((uintptr_t) cmd + cmd->cmdsize);
		nsegs--;
	}

	segs = calloc(nsegs, sizeof(*segs));
	T_ASSERT_NOTNULL(segs, "calloc disk segment array");

	for (uint8_t i = 0; i < nsegs; i++) {
		if (cmd->cmd == LC_SEGMENT) {
			struct segment_command *sg = (struct segment_command *) cmd;
			if (sg->vmsize > 0) {
				segs[i] = sg->vmaddr;
			}
		} else if (cmd->cmd == LC_SEGMENT_64) {
			struct segment_command_64 *sg = (struct segment_command_64 *) cmd;
			if (sg->vmsize > 0) {
				segs[i] = sg->vmaddr;
			}
		}
		cmd = (struct load_command *) ((uintptr_t) cmd + cmd->cmdsize);
	}

	*segs_out = segs;
	*nsegs_out = nsegs;

	err = munmap(data, (size_t)sb.st_size);

	err = close(fd);
	T_ASSERT_POSIX_SUCCESS(err, "close kernel fd");
}

static bool
is_fileset_kc(void)
{
	char uuid[1024];
	int err;
	size_t size = sizeof(uuid);
	err = sysctlbyname("kern.filesetuuid", uuid, &size, NULL, 0);
	return err == 0;
}

#define KAS_INFO_KERNEL_SEGMENT_LOCATION_SELECTOR 1

T_DECL(kernel_segment_location,
    "ensures that KAS_INFO_KERNEL_SEGMENT_LOCATION returns correct segment locations")
{
	int err;

	if (!slide_enabled()) {
		T_SKIP("KASLR is not enabled");
		__builtin_unreachable();
	}

	uint64_t *disk_segs;
	size_t disk_nsegs;
	disk_kernel_segments(&disk_segs, &disk_nsegs);

	size_t size = 0;

	err = kas_info(KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR, NULL, &size);
	if (errno == ENOTSUP) {
		T_SKIP("KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR not supported");
	}
	T_ASSERT_POSIX_SUCCESS(err, "kas_info KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR for size");

	uint64_t mem_nsegs = size / sizeof(uint64_t);
	uint64_t *mem_segs = calloc(mem_nsegs, sizeof(*disk_segs));

	err = kas_info(KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR, mem_segs, &size);
	if (errno == ENOTSUP) {
		T_SKIP("KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR not supported");
	}

	T_ASSERT_POSIX_SUCCESS(err, "kas_info KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR for data");

	T_LOG("Kernel has %zu segments on disk, %zu in memory:", disk_nsegs, mem_nsegs);
	for (size_t i = 0; i < disk_nsegs; i++) {
		T_LOG("%zu %llx %llx", i, disk_segs[i], mem_segs[i]);
	}

	/*
	 * If the kernel is not a fileset, verify that all
	 * the segments in memory are the segment on disk
	 * + the kaslr slide
	 */
	if (!is_fileset_kc()) {
		T_LOG("Kernelcache is not a fileset kernelcache");

		uint64_t slide = kernel_slide();
		for (size_t i = 0; i < disk_nsegs; i++) {
			if (disk_segs[i] == 0 || mem_segs[i] == 0) {
				continue;
			}
			T_ASSERT_EQ(disk_segs[i] + slide, mem_segs[i], "segment %zu is slid", i);
		}
	}

	free(disk_segs);
	free(mem_segs);
}
Commit	Line	Data
f427ee49 A	1	/* Copyright (c) 2020 Apple Computer, Inc. All rights reserved. */
	2
	3	#include <CoreSymbolication/CoreSymbolication.h>
	4	#include <CoreSymbolication/CoreSymbolicationPrivate.h>
	5	#include <darwintest.h>
	6	#include <dispatch/dispatch.h>
	7
	8	#include <mach-o/loader.h>
	9
	10	#include <sys/kas_info.h>
	11
	12	#include <sys/mman.h>
	13	#include <sys/stat.h>
	14	#include <sys/sysctl.h>
	15	#include <sys/types.h>
	16
	17	#include <fcntl.h>
	18
	19	#include <stdint.h>
	20
	21	T_GLOBAL_META(
	22	T_META_NAMESPACE("xnu.kas_info"),
	23	T_META_CHECK_LEAKS(false),
	24	T_META_ASROOT(true));
	25
	26	static bool
	27	slide_enabled(void)
	28	{
	29	int slide_enabled, err;
	30	size_t size = sizeof(slide_enabled);
	31	err = sysctlbyname("kern.slide", &slide_enabled, &size, NULL, 0);
	32	T_ASSERT_POSIX_SUCCESS(err, "sysctl(\"kern.slide\");");
	33	return slide_enabled != 0;
	34	}
	35
	36	static uint64_t
	37	kernel_slide(void)
	38	{
	39	uint64_t slide;
	40	size_t size = sizeof(slide);
	41	int err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, &size);
	42	if (err && errno == ENOTSUP) {
	43	T_SKIP("Running on kernel without kas_info");
	44	}
	45
	46	T_ASSERT_POSIX_SUCCESS(errno, "kas_info KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR");
	47	T_ASSERT_EQ(size, sizeof(slide), "returned size is valid");
	48
	49	return slide;
	50	}
	51
	52	T_DECL(kernel_text_slide,
	53	"ensures that kas_info can return the kernel text slide")
	54	{
	55	if (!slide_enabled()) {
	56	T_SKIP("KASLR is not enabled");
	57	__builtin_unreachable();
	58	}
	59
	60	uint64_t slide = kernel_slide();
	61
	62	T_ASSERT_GT_ULLONG(slide, 0ULL, "kernel slide is non-zero");
	63	}
	64
65	T_DECL(kernel_text_slide_invalid,
66	"ensures that kas_info handles invalid input to KERNEL_TEXT_SLIDE_SELECTOR")
67	{
68	uint64_t slide;
69	size_t size = 0;
70	int err;
71
72	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, NULL);
73	if (errno == ENOTSUP) {
74	T_SKIP("Running on kernel without kas_info");
75	}
76	T_ASSERT_POSIX_FAILURE(err, EFAULT, "kas_info with NULL size");
77
78	size = sizeof(uint64_t);
79	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, NULL, &size);
80	T_ASSERT_POSIX_FAILURE(err, EFAULT, "kas_info with NULL slide");
81
82	size = sizeof(uint32_t);
83	err = kas_info(KAS_INFO_KERNEL_TEXT_SLIDE_SELECTOR, &slide, &size);
84	T_ASSERT_POSIX_FAILURE(err, EINVAL, "kas_info with invalid size");
85	}
86
87	static char const*
88	kernel_path(void)
89	{
90	static CSSymbolicatorRef symbolicator;
91	static char const* path;
92	static dispatch_once_t once;
93	dispatch_once(&once, ^{
94	uint32_t flags = kCSSymbolicatorDefaultCreateFlags;
95	symbolicator = CSSymbolicatorCreateWithMachKernelFlagsAndNotification(flags, NULL);
96	T_QUIET; T_ASSERT_TRUE(!CSIsNull(symbolicator), "CSSymbolicatorCreateWithMachKernelFlagsAndNotification");
97	path = CSSymbolOwnerGetPath(CSSymbolicatorGetAOutSymbolOwner(symbolicator));
98	if (!path) {
99	path = CSSymbolOwnerGetPath(CSSymbolicatorGetSymbolOwner(symbolicator));
100	}
101	T_QUIET; T_ASSERT_NOTNULL(path, "CSSymbolOwnerGetPath/CSSymbolicatorGetSymbolOwner");
102	});
103	return path;
104	}
105
106	static void
107	disk_kernel_segments(uint64_t *segs_out, size_t nsegs_out)
108	{
109	char const* path = kernel_path();
110	int fd = open(path, O_RDONLY);
111	int err;
112	struct stat sb;
113	size_t nsegs = 0;
114	uint64_t *segs = NULL;
115	void *data;
116
117	T_LOG("Kernel file is %s", path);
118	T_QUIET; T_ASSERT_POSIX_SUCCESS(fd, "open kernel file");
119
120	err = fstat(fd, &sb);
121	T_ASSERT_POSIX_SUCCESS(err, "fstat kernel file");
122
123	data = mmap(NULL, (size_t)sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
124	T_ASSERT_NE(data, MAP_FAILED, "mmap kernel file");
125
126	/*
127	* TODO: If we bring back FAT kernel binaries
128	* this will need to be fixed to handle them properly
129	*/
130	uint32_t magic = (uint32_t)data;
131	struct load_command *cmd = NULL;
132
133	switch (magic) {
134	case MH_MAGIC: OS_FALLTHROUGH;
135	case MH_CIGAM: {
136	struct mach_header mh = (struct mach_header )data;
137	cmd = (struct load_command *)(&(mh[1]));
138	nsegs = mh->ncmds;
139	}
140	break;
141	case MH_MAGIC_64: OS_FALLTHROUGH;
142	case MH_CIGAM_64: {
143	struct mach_header_64 mh = (struct mach_header_64 )data;
144	cmd = (struct load_command *)(&(mh[1]));
145	nsegs = mh->ncmds;
146	}
147	break;
148	default:
149	T_FAIL("kernel file is not a Mach-O file, magic is %x", magic);
150	}
151
152	/* Adjust for the LC_UUID && LC_BUILD_VERSION commands in front of
153	* load commands for dSYMs
154	*/
155	while (cmd->cmd != LC_SEGMENT && cmd->cmd != LC_SEGMENT_64) {
156	cmd = (struct load_command *) ((uintptr_t) cmd + cmd->cmdsize);
157	nsegs--;
158	}
159
160	segs = calloc(nsegs, sizeof(*segs));
161	T_ASSERT_NOTNULL(segs, "calloc disk segment array");
162
163	for (uint8_t i = 0; i < nsegs; i++) {
164	if (cmd->cmd == LC_SEGMENT) {
165	struct segment_command sg = (struct segment_command ) cmd;
166	if (sg->vmsize > 0) {
167	segs[i] = sg->vmaddr;
168	}
169	} else if (cmd->cmd == LC_SEGMENT_64) {
170	struct segment_command_64 sg = (struct segment_command_64 ) cmd;
171	if (sg->vmsize > 0) {
172	segs[i] = sg->vmaddr;
173	}
174	}
175	cmd = (struct load_command *) ((uintptr_t) cmd + cmd->cmdsize);
176	}
177
178	*segs_out = segs;
179	*nsegs_out = nsegs;
180
181	err = munmap(data, (size_t)sb.st_size);
182
183	err = close(fd);
184	T_ASSERT_POSIX_SUCCESS(err, "close kernel fd");
185	}
186
187	static bool
188	is_fileset_kc(void)
189	{
190	char uuid[1024];
191	int err;
192	size_t size = sizeof(uuid);
193	err = sysctlbyname("kern.filesetuuid", uuid, &size, NULL, 0);
194	return err == 0;
195	}
196
197	#define KAS_INFO_KERNEL_SEGMENT_LOCATION_SELECTOR 1
198
199	T_DECL(kernel_segment_location,
200	"ensures that KAS_INFO_KERNEL_SEGMENT_LOCATION returns correct segment locations")
201	{
202	int err;
203
204	if (!slide_enabled()) {
205	T_SKIP("KASLR is not enabled");
206	__builtin_unreachable();
207	}
208
209	uint64_t *disk_segs;
210	size_t disk_nsegs;
211	disk_kernel_segments(&disk_segs, &disk_nsegs);
212
213	size_t size = 0;
214
215	err = kas_info(KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR, NULL, &size);
216	if (errno == ENOTSUP) {
217	T_SKIP("KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR not supported");
218	}
219	T_ASSERT_POSIX_SUCCESS(err, "kas_info KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR for size");
220
221	uint64_t mem_nsegs = size / sizeof(uint64_t);
222	uint64_t mem_segs = calloc(mem_nsegs, sizeof(disk_segs));
223
224	err = kas_info(KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR, mem_segs, &size);
225	if (errno == ENOTSUP) {
226	T_SKIP("KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR not supported");
227	}
228
229	T_ASSERT_POSIX_SUCCESS(err, "kas_info KAS_INFO_KERNEL_SEGMENT_VMADDR_SELECTOR for data");
230
231	T_LOG("Kernel has %zu segments on disk, %zu in memory:", disk_nsegs, mem_nsegs);
232	for (size_t i = 0; i < disk_nsegs; i++) {
233	T_LOG("%zu %llx %llx", i, disk_segs[i], mem_segs[i]);
234	}
235
236	/*
237	* If the kernel is not a fileset, verify that all
238	* the segments in memory are the segment on disk
239	* + the kaslr slide
240	*/
241	if (!is_fileset_kc()) {
242	T_LOG("Kernelcache is not a fileset kernelcache");
243
244	uint64_t slide = kernel_slide();
245	for (size_t i = 0; i < disk_nsegs; i++) {
246	if (disk_segs[i] == 0 \|\| mem_segs[i] == 0) {
247	continue;
248	}
249	T_ASSERT_EQ(disk_segs[i] + slide, mem_segs[i], "segment %zu is slid", i);
250	}
251	}
252
253	free(disk_segs);
254	free(mem_segs);
255	}