1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

// This file is part of Gear.

// Copyright (C) 2022-2024 Gear Technologies Inc.
// SPDX-License-Identifier: GPL-3.0-or-later WITH Classpath-exception-2.0

// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.

//! Wrappers around system memory protections.

use crate::pages::{Page, PagesAmount, PagesAmountTrait, SizeManager, SizeNumber};
use core::ops::RangeInclusive;
use numerated::interval::Interval;
use std::fmt::Debug;

#[derive(Debug, derive_more::Display)]
pub enum MprotectError {
    #[display(
        fmt = "Syscall mprotect error for interval {interval:#x?}, mask = {mask}, reason: {reason}"
    )]
    SyscallError {
        interval: RangeInclusive<usize>,
        mask: region::Protection,
        reason: region::Error,
    },
    #[display(fmt = "Interval size or page address overflow")]
    Overflow,
    #[display(fmt = "Zero size is restricted for mprotect")]
    ZeroSizeError,
}

/// Mprotect native memory interval [`addr`, `addr` + `size`].
/// Protection mask is set according to protection arguments.
unsafe fn sys_mprotect_interval(
    addr: usize,
    size: usize,
    allow_read: bool,
    allow_write: bool,
    allow_exec: bool,
) -> Result<(), MprotectError> {
    if size == 0 {
        return Err(MprotectError::ZeroSizeError);
    }

    let mut mask = region::Protection::NONE;
    if allow_read {
        mask |= region::Protection::READ;
    }
    if allow_write {
        mask |= region::Protection::WRITE;
    }
    if allow_exec {
        mask |= region::Protection::EXECUTE;
    }
    let res = region::protect(addr as *mut (), size, mask);
    if let Err(reason) = res {
        return Err(MprotectError::SyscallError {
            interval: addr..=addr + size,
            mask,
            reason,
        });
    }
    log::trace!("mprotect interval: {addr:#x}, size: {size:#x}, mask: {mask}");
    Ok(())
}

/// Mprotect native memory interval [`addr`, `addr` + `size`].
/// Protection mask is set according to protection arguments, `prot_exec` is set as false always.
pub(crate) fn mprotect_interval(
    addr: usize,
    size: usize,
    allow_read: bool,
    allow_write: bool,
) -> Result<(), MprotectError> {
    unsafe { sys_mprotect_interval(addr, size, allow_read, allow_write, false) }
}

/// Mprotect all pages from `pages`.
pub(crate) fn mprotect_pages<M: SizeManager, S: SizeNumber, I: Into<Interval<Page<S>>>>(
    mem_addr: usize,
    pages: impl Iterator<Item = I>,
    size_ctx: &M,
    allow_read: bool,
    allow_write: bool,
) -> Result<(), MprotectError> {
    for interval in pages {
        let interval: Interval<Page<S>> = interval.into();

        let start = interval.start();

        let addr = mem_addr
            .checked_add(start.offset(size_ctx) as usize)
            .ok_or(MprotectError::Overflow)?;

        let size = interval
            .raw_len()
            .and_then(|raw| PagesAmount::<S>::new(size_ctx, raw))
            .ok_or(MprotectError::Overflow)?
            .offset(size_ctx);

        unsafe {
            sys_mprotect_interval(addr, size, allow_read, allow_write, false)?;
        }
    }
    Ok(())
}