1    :  // Copyright 2014 Google Inc. All Rights Reserved.
   2    :  //
   3    :  // Licensed under the Apache License, Version 2.0 (the "License");
   4    :  // you may not use this file except in compliance with the License.
   5    :  // You may obtain a copy of the License at
   6    :  //
   7    :  //     http://www.apache.org/licenses/LICENSE-2.0
   8    :  //
   9    :  // Unless required by applicable law or agreed to in writing, software
  10    :  // distributed under the License is distributed on an "AS IS" BASIS,
  11    :  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12    :  // See the License for the specific language governing permissions and
  13    :  // limitations under the License.
  14    :  //
  15    :  // Declares structures encoding the list of functions that SyzyASAN
  16    :  // instrumentation intercepts as part of its implementation.
  17    :  //
  18    :  // How the intercepts are performed depends on whether the image being
  19    :  // instrumented is a COFF image or a PE image. In PE images there are two
  20    :  // mechanisms:
  21    :  //
  22    :  // (1) Functions that are imported are redirected by adding new imports and
  23    :  //     rewriting references. This requires the undecorated name of the function
  24    :  //     as it is exported, as well as the module to which it belongs.
  25    :  // (2) Functions that are statically linked into the binary are discovered by
  26    :  //     their undecorated names, filtered by their contents (to ensure that they
  27    :  //     have the expected calling convention, as optimization sometimes modify
  28    :  //     this), and finally redirected to instrumented implementation via
  29    :  //     reference rewriting.
  30    :  //
  31    :  // In COFF files redirection is performed via symbol rewriting. Any references
  32    :  // to a decorated symbol are replaced with references to the decorated name of
  33    :  // the equivalent instrumented function. Redirection is applied to both the
  34    :  // original decorated name (for direct references, and subsequently statically
  35    :  // linked functions), as well as the '__imp_' prefixed decorated name (which
  36    :  // results in the creation of an import entry in the final linked image).
  37    :  
  38    :  #ifndef SYZYGY_INSTRUMENT_TRANSFORMS_ASAN_INTERCEPTS_H_
  39    :  #define SYZYGY_INSTRUMENT_TRANSFORMS_ASAN_INTERCEPTS_H_
  40    :  
  41  m :  namespace instrument {
  42  m :  namespace transforms {
  43    :  
  44    :  // A null-terminated hex-encoded MD5 hash, as a string. This is used for
  45    :  // filtering statically linked functions to be intercepted, ensuring that only
  46    :  // those with a known implementation (and hence calling convention) are
  47    :  // intercepted.
  48  m :  struct MD5Hash {
  49  m :    char hash[33];
  50  m :  };
  51    :  
  52    :  // Metadata describing a function to be intercepted.
  53  m :  struct AsanIntercept {
  54    :    // The undecorated function name. This is required for the PE version of
  55    :    // the transform.
  56  m :    const char* undecorated_name;
  57    :    // The fully decorated name of the function. This is required for the COFF
  58    :    // version of the transform. If unknown then this may be NULL, in which case
  59    :    // this intercept will not be implemented for COFF instrumentation.
  60  m :    const char* decorated_name;
  61    :  
  62    :    // The module the function. This only needs to be specified if the function
  63    :    // is possibly included in a PE module as an import. Only referenced by the
  64    :    // PE version of the transform. Set to NULL if module information is not
  65    :    // necessary.
  66  m :    const char* module;
  67    :  
  68    :    // A NULL terminated array of MD5 hashes of recognized versions of this
  69    :    // functions content. This is necessary to ensure that we only intercept
  70    :    // unoptimized versions of this function in PE files. This is only used by the
  71    :    // PE version of the transform.
  72  m :    const MD5Hash* valid_content_hashes;
  73    :  
  74    :    // If true then intercepting this function is optional, and potentially
  75    :    // disabled by the '--no-interceptors' command-line flag.
  76  m :    bool optional;
  77  m :  };
  78    :  
  79    :  // List of Asan intercepts. The terminating entry will contain all NULLs.
  80    :  // Functions that have the same value for |module| will be consecutive in this
  81    :  // array.
  82  m :  extern const AsanIntercept kAsanIntercepts[];
  83    :  
  84    :  // The prefix that is applied to the name of Asan instrumented implementations
  85    :  // of intercepted functions.
  86  m :  extern const char kUndecoratedAsanInterceptPrefix[];
  87  m :  extern const char kDecoratedAsanInterceptPrefix[];
  88    :  
  89    :  // The prefix that is applied to decorated symbol names that represent an
  90    :  // indirect (via dynamic import) reference to a function. The .lib file
  91    :  // associated with a DLL takes care of defining these.
  92  m :  extern const char kDecoratedImportPrefix[];
  93    :  
  94    :  // The prefix that is applied to the name of hot patching Asan instrumented
  95    :  // implementations of intercepted functions.
  96  m :  extern const char kUndecoratedHotPatchingAsanInterceptPrefix[];
  97    :  
  98  m :  }  // namespace transforms
  99  m :  }  // namespace instrument
 100    :  
 101    :  #endif  // SYZYGY_INSTRUMENT_TRANSFORMS_ASAN_INTERCEPTS_H_