ehmry/genode
ehmry
/
genode
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
genode/repos/base/src/test/rm_fault/main.cc

449 lines
12 KiB
C++
Raw Blame History

/*
* \brief Test program for raising and handling region-manager faults
* \author Norman Feske
* \date 2008-09-24
*
* This program starts itself as child. When started, it first determines
* wheather it is parent or child by requesting a RM session. Because the
* program blocks all session-creation calls for the RM service, each program
* instance can determine its parent or child role by the checking the result
* of the session creation.
*/
/*
* Copyright (C) 2008-2017 Genode Labs GmbH
*
* This file is part of the Genode OS framework, which is distributed
* under the terms of the GNU Affero General Public License version 3.
*/
#include <base/component.h>
#include <base/log.h>
#include <base/child.h>
#include <rm_session/connection.h>
#include <base/attached_ram_dataspace.h>
#include <base/attached_rom_dataspace.h>
using namespace Genode;
/***********
** Child **
***********/
enum {
MANAGED_ADDR = 0x10000000,
STOP_TEST = 0xdead,
READ_TEST = 0x12345,
WRITE_TEST = READ_TEST - 1,
EXEC_TEST = WRITE_TEST - 1,
SHUTDOWN = EXEC_TEST - 1
};
static char const *state_name(Region_map::State &state)
{
return state.type == Region_map::State::READ_FAULT ? "READ_FAULT" :
state.type == Region_map::State::WRITE_FAULT ? "WRITE_FAULT" :
state.type == Region_map::State::EXEC_FAULT ? "EXEC_FAULT" : "READY";
}
void read_at(addr_t addr)
{
log("perform read operation at ", Hex(addr));
int value = *(int *)addr;
log("read value ", Hex(value));
}
bool modify_at(addr_t addr)
{
addr_t const value = *(addr_t volatile *)addr;
if (value == STOP_TEST)
return false;
if (value != READ_TEST + 1) {
addr_t value_mod = ++(*(addr_t volatile *)(addr));
/* if we are get told to stop, do so */
if (*(addr_t volatile *)(addr + sizeof(addr)) == STOP_TEST)
return false;
log("modify memory at ", Hex(addr), " from ",
Hex(value), " to ", Hex(value_mod));
}
if (value != READ_TEST && value != READ_TEST + 1)
{
Genode::error("could modify ROM !!! ", Hex(value));
return false;
}
return true;
}
struct Exec_faulter : Thread
{
enum { FAULT_ON_ADDR, FAULT_ON_STACK };
unsigned _fault_test;
Exec_faulter(Env &env, unsigned test)
: Thread(env, "exec_fault", 1024 * sizeof(addr_t)), _fault_test(test)
{ }
void entry() override
{
if (_fault_test == FAULT_ON_ADDR) {
addr_t volatile * value = (addr_t volatile *)MANAGED_ADDR;
*value = 0x0b0f9090; /* nop, nop, ud2 */
void (*exec_fault)(void) = (void (*)(void))MANAGED_ADDR;
exec_fault();
return;
}
if (_fault_test == FAULT_ON_STACK) {
unsigned long dummy = 0x0b0f9090; /* nop, nop, ud2 */
void (*exec_fault)(void) = (void (*)(void))&dummy;
exec_fault();
}
}
};
void execute_at(Genode::Env &env, Attached_rom_dataspace &config, addr_t cmd_addr)
{
addr_t volatile * cmd = (addr_t volatile *)cmd_addr;
if (config.xml().attribute_value("executable_fault_test", true)) {
/* perform illegal execute access on cmd addr */
Exec_faulter fault_on_managed_addr(env, Exec_faulter::FAULT_ON_ADDR);
fault_on_managed_addr.start();
/* wait until parent acknowledged fault */
while (*cmd != STOP_TEST) { }
/* tell parent that we start with next EXEC_TEST */
*cmd = EXEC_TEST;
Exec_faulter fault_on_stack(env, Exec_faulter::FAULT_ON_STACK);
fault_on_stack.start();
/* wait until parent acknowledged fault */
while (*cmd == EXEC_TEST) { }
}
log("\n--- child role of region-manager fault test finished ---");
/* sync shutdown with parent */
*cmd = SHUTDOWN;
}
void main_child(Env &env)
{
Attached_rom_dataspace config { env, "config" };
log("child role started");
/* perform illegal read access */
read_at(MANAGED_ADDR);
/* perform illegal write access */
while (modify_at(MANAGED_ADDR));
/* perform illegal execute access */
execute_at(env, config, MANAGED_ADDR);
}
/************
** Parent **
************/
class Test_child_policy : public Child_policy
{
public:
typedef Registered<Genode::Parent_service> Parent_service;
typedef Registry<Parent_service> Parent_services;
private:
Env &_env;
Parent_services &_parent_services;
Signal_context_capability const _fault_handler_sigh;
Signal_context_capability const _fault_handler_stack_sigh;
Service &_matching_service(Service::Name const &name)
{
Service *service = nullptr;
_parent_services.for_each([&] (Service &s) {
if (!service && name == s.name())
service = &s; });
if (!service)
throw Service_denied();
return *service;
}
public:
/**
* Constructor
*/
Test_child_policy(Env &env, Parent_services &parent_services,
Signal_context_capability fault_handler_sigh,
Signal_context_capability fault_handler_stack_sigh)
:
_env(env),
_parent_services(parent_services),
_fault_handler_sigh(fault_handler_sigh),
_fault_handler_stack_sigh(fault_handler_stack_sigh)
{ }
/****************************
** Child-policy interface **
****************************/
Name name() const override { return "rmchild"; }
Binary_name binary_name() const override { return "test-rm_fault"; }
Pd_session &ref_pd() override { return _env.pd(); }
Pd_session_capability ref_pd_cap() const override { return _env.pd_session_cap(); }
void init(Pd_session &session, Pd_session_capability cap) override
{
session.ref_account(_env.pd_session_cap());
_env.pd().transfer_quota(cap, Ram_quota{1*1024*1024});
_env.pd().transfer_quota(cap, Cap_quota{20});
Region_map_client address_space(session.address_space());
address_space.fault_handler(_fault_handler_sigh);
Region_map_client stack_area(session.stack_area());
stack_area.fault_handler(_fault_handler_stack_sigh);
}
Route resolve_session_request(Service::Name const &name,
Session_label const &label) override
{
return Route { .service = _matching_service(name),
.label = label,
.diag = Session::Diag() };
}
};
struct Main_parent
{
Env &_env;
Signal_handler<Main_parent> _fault_handler {
_env.ep(), *this, &Main_parent::_handle_fault };
Signal_handler<Main_parent> _fault_handler_stack {
_env.ep(), *this, &Main_parent::_handle_fault_stack };
Heap _heap { _env.ram(), _env.rm() };
Attached_rom_dataspace _config { _env, "config" };
Rom_connection _binary { _env, "ld.lib.so" };
/* parent services */
struct Parent_services : Test_child_policy::Parent_services
{
Allocator &alloc;
Parent_services(Env &env, Allocator &alloc) : alloc(alloc)
{
static const char *names[] = {
"PD", "CPU", "ROM", "LOG", 0 };
for (unsigned i = 0; names[i]; i++)
new (alloc) Test_child_policy::Parent_service(*this, env, names[i]);
}
~Parent_services()
{
for_each([&] (Test_child_policy::Parent_service &s) { destroy(alloc, &s); });
}
} _parent_services { _env, _heap };
/* create child */
Test_child_policy _child_policy { _env, _parent_services, _fault_handler,
_fault_handler_stack };
Child _child { _env.rm(), _env.ep().rpc_ep(), _child_policy };
Region_map_client _address_space { _child.pd().address_space() };
/* dataspace used for creating shared memory between parent and child */
Attached_ram_dataspace _ds { _env.ram(), _env.rm(), 4096 };
unsigned _fault_cnt = 0;
long volatile &_child_value() { return *_ds.local_addr<long volatile>(); }
long volatile &_child_stop() { return *(_ds.local_addr<long volatile>() + 1); }
void _test_read_fault(addr_t const child_virt_addr)
{
/* allocate dataspace to resolve the fault */
log("attach dataspace to the child at ", Hex(child_virt_addr));
_child_value() = READ_TEST;
_address_space.attach_at(_ds.cap(), child_virt_addr);
/* poll until our child modifies the dataspace content */
while (_child_value() == READ_TEST);
log("child modified dataspace content, new value is ",
Hex(_child_value()));
log("revoke dataspace from child");
_address_space.detach((void *)child_virt_addr);
}
void _test_write_fault(addr_t const child_virt_addr, unsigned round)
{
if (_child_value() != WRITE_TEST) {
Genode::log("test WRITE faults on read-only binary and "
"read-only attached RAM");
_child_value() = WRITE_TEST;
_address_space.attach_at(_binary.dataspace(), child_virt_addr);
return;
}
enum { ROUND_FAULT_ON_ROM_BINARY = 1, ROUND_FAULT_ON_RO_RAM = 2 };
if (round == ROUND_FAULT_ON_RO_RAM)
_child_stop() = STOP_TEST;
Genode::log("got write fault on ", Hex(child_virt_addr),
(round == ROUND_FAULT_ON_ROM_BINARY) ? " ROM (binary)" :
(round == ROUND_FAULT_ON_RO_RAM) ? " read-only attached RAM"
: " unknown");
/* detach region where fault happened */
_address_space.detach((void *)child_virt_addr);
if (round == ROUND_FAULT_ON_ROM_BINARY) {
/* attach a RAM dataspace read-only */
enum {
SIZE = 4096, OFFSET = 0, ATTACH_AT = true, NON_EXEC = false,
READONLY = false
};
_address_space.attach(_ds.cap(), SIZE, OFFSET, ATTACH_AT,
child_virt_addr, NON_EXEC, READONLY);
} else
if (round == ROUND_FAULT_ON_RO_RAM) {
/* let client continue by attaching RAM dataspace writeable */
_address_space.attach_at(_ds.cap(), child_virt_addr);
}
}
void _test_exec_fault(Region_map::State &state)
{
if (_child_value() == WRITE_TEST) {
_child_value() = EXEC_TEST;
return;
}
if (state.type != Region_map::State::EXEC_FAULT ||
state.addr != MANAGED_ADDR)
{
error("exec test failed ", (int)state.type,
" addr=", Hex(state.addr));
return;
}
log("got exec fault on dataspace");
/* signal client to continue with next test, current test is done */
_child_value() = STOP_TEST;
}
void _handle_fault()
{
enum { FAULT_CNT_READ = 4, FAULT_CNT_WRITE = 6 };
log("received region-map fault signal, request fault state");
Region_map::State state = _address_space.state();
log("rm session state is ", state_name(state), ", pf_addr=", Hex(state.addr));
/* ignore spurious fault signal */
if (state.type == Region_map::State::READY) {
log("ignoring spurious fault signal");
return;
}
addr_t child_virt_addr = state.addr & ~(4096 - 1);
if (_fault_cnt < FAULT_CNT_READ)
_test_read_fault(child_virt_addr);
if (_fault_cnt <= FAULT_CNT_WRITE && _fault_cnt >= FAULT_CNT_READ)
_test_write_fault(child_virt_addr, _fault_cnt - FAULT_CNT_READ);
if (!_config.xml().attribute_value("executable_fault_test", true) &&
_fault_cnt >=FAULT_CNT_WRITE)
_handle_fault_stack();
if (_fault_cnt > FAULT_CNT_WRITE)
_test_exec_fault(state);
_fault_cnt++;
}
void _handle_fault_stack()
{
/* sanity check that we got exec fault */
if (_config.xml().attribute_value("executable_fault_test", true)) {
Region_map::State state = _address_space.state();
if (state.type != Region_map::State::EXEC_FAULT) {
error("unexpected state ", state_name(state));
return;
}
_child_value() = STOP_TEST;
}
/* sync shutdown with client */
while (_child_value() != SHUTDOWN) { }
log("--- parent role of region-manager fault test finished --- ");
/* done, finally */
_env.parent().exit(0);
}
Main_parent(Env &env) : _env(env) { }
};
void Component::construct(Env &env)
{
log("--- region-manager fault test ---");
try {
/*
* Distinguish parent from child by requesting an service that is only
* available to the parent.
*/
Rm_connection rm(env);
static Main_parent parent(env);
log("-- parent role started --");
}
catch (Service_denied) {
main_child(env);
}
}
Reference in New Issue View Git Blame Copy Permalink