2 * Copyright (c) 2012 The Native Client Authors. All rights reserved.
3 * Use of this source code is governed by a BSD-style license that can be
4 * found in the LICENSE file.
7 #ifndef NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_SEG_SFI_NCVALIDATE_INTERNALTYPES_H__
8 #define NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_SEG_SFI_NCVALIDATE_INTERNALTYPES_H__
11 * ncvalidate_internaltypes.h
12 * Declarations intimate to ncvalidate.h, exposed for testing and other files
13 * that define the validator.
16 #include "native_client/src/trusted/cpu_features/arch/x86/cpu_x86.h"
17 #include "native_client/src/trusted/validator/x86/ncval_seg_sfi/ncdecode.h"
20 typedef struct SummaryStats {
21 /* these are just information */
22 uint32_t instructions;
24 uint32_t targetindirect;
26 /* the following indicate safety defects */
28 uint32_t unsafeindirect;
31 uint32_t badalignment;
34 uint32_t badinstlength;
35 uint32_t internalerrors;
36 int didstubout; /* boolean */
37 int sawfailure; /* boolean */
40 /* We track instructions in a three-entry circular buffer,
41 * allowing us to see the two previous instructions and to
42 * check the safe call sequence. I rounded up to
43 * four so we can use a mask, even though we only need to
44 * remember three instructions.
45 * This is #defined rather than const int because it is used
46 * as an array dimension
48 #define kNCValidatorInstBufferSize 4
50 /* Defines a jump summarization function. When in sel_ldr, this will
51 * be the minimal code needed to detect issues. When in ncval, this
52 * will expend more effort and generate more readable error messages.
54 typedef void (*NCValidateJumpSummarizeFn)(struct NCValidatorState* vstate);
56 /* put all formerly global data into a struct */
57 typedef struct NCValidatorState {
58 /* NOTE: Decoder state (dstate) must appear first so that we can use it like
59 * C++ inheritance, where a pointer to a validator state will be the
60 * same as a pointer to a decoder state.
62 NCDecoderState dstate;
63 NCDecoderInst inst_buffer[kNCValidatorInstBufferSize];
64 NaClCPUFeaturesX86 cpufeatures; /* from CPUID bit masks; see cpu_x86.c */
65 NaClPcAddress iadrbase;
66 NaClMemorySize codesize;
70 uint32_t opcodehisto[256];
73 /* If non-null, then in detailed mode. Keeps track of addresses
74 * to instructions in the middle of a NaCl (atomic) pattern.
75 * This allows detailed mode to give better error messages (i.e.
76 * whether the jump isn't to an instruction boundary,
77 * or if the jump is into the middle of a nacl pattern).
79 uint8_t *pattern_nonfirst_insts_table;
80 int do_stub_out; /* boolean */
81 int readonly_text; /* boolean */
82 int num_diagnostics; /* How many error messages to print. */
83 /* Defines the summarization function to apply. Defaults to
84 * NCSelLDrJumpSummarizeFn, which is the summarize function
85 * for sel_ldr (i.e. non-detailed).
87 NCValidateJumpSummarizeFn summarize_fn;
90 /* The following macro is used to clarify the derived class relationship
91 * of NCValidateState and NCDecoderState. That is, &this->dstate is also
92 * an instance of a validator state. Hence one can downcast this pointer.
94 #define NCVALIDATOR_STATE_DOWNCAST(this_dstate) \
95 ((NCValidatorState*) (this_dstate))
97 /* Masks used to access bits within a byte. */
98 extern const uint8_t nc_iadrmasks[8];
100 /* Converts address to corresponding byte in jump table. */
101 #define NCIATOffset(__IA) ((__IA) >> 3)
103 /* Gets mask for bit associated with corresponding byte in jump table. */
104 #define NCIATMask(__IA) (nc_iadrmasks[(__IA) & 0x7])
106 /* Sets bit __IOFF in jump table __TABLE. */
107 #define NCSetAdrTable(__IOFF, __TABLE) \
108 (__TABLE)[NCIATOffset(__IOFF)] |= NCIATMask(__IOFF)
110 /* Clears bit __IOFF in jump table __TABLE. */
111 #define NCClearAdrTable(__IOFF, __TABLE) \
112 (__TABLE)[NCIATOffset(__IOFF)] &= ~(NCIATMask(__IOFF))
114 /* Gets bit __IOFF in jump table __TABLE. */
115 #define NCGetAdrTable(__IOFF, __TABLE) \
116 ((__TABLE)[NCIATOffset(__IOFF)] & NCIATMask(__IOFF))
118 /* Report that the given instruction is illegal in native client, using
119 * the given error message.
121 void NCBadInstructionError(const struct NCDecoderInst *dinst, const char *msg);
123 /* Update statistics to show that another bad jump target was found. */
124 void NCStatsBadTarget(struct NCValidatorState *vstate);
126 /* Update statistics to show that another bad address alignment issues has been
129 void NCStatsBadAlignment(struct NCValidatorState *vstate);
131 /* Update statistics to show that some (unexpected) internal error occurred
132 * while running the validator.
134 void NCStatsInternalError(struct NCValidatorState *vstate);
136 /* Provide a partial-validation operation, checking a single instruction
137 * but ignoring inter-instruction considerations, useful for validator
140 Bool UnsafePartialValidateInst(const NCDecoderInst *dinst);
142 #endif /* NATIVE_CLIENT_SRC_TRUSTED_VALIDATOR_X86_NCVAL_SEG_SFI_NCVALIDATE_INTERNALTYPES_H__ */