Botan 3.0.0
Crypto and TLS for C&
os_utils.h
Go to the documentation of this file.
1/*
2* OS specific utility functions
3* (C) 2015,2016,2017,2018 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#ifndef BOTAN_OS_UTILS_H_
9#define BOTAN_OS_UTILS_H_
10
11#include <botan/types.h>
12#include <functional>
13#include <string>
14#include <vector>
15
16namespace Botan {
17
18namespace OS {
19
20/*
21* This header is internal (not installed) and these functions are not
22* intended to be called by applications. However they are given public
23* visibility (using BOTAN_TEST_API macro) for the tests. This also probably
24* allows them to be overridden by the application on ELF systems, but
25* this hasn't been tested.
26*/
27
28/**
29* @return process ID assigned by the operating system.
30*
31* On Unix and Windows systems, this always returns a result
32*
33* On systems where there is no processes to speak of (for example on baremetal
34* systems or within a unikernel), this function returns zero.
35*/
37
38/**
39* Test if we are currently running with elevated permissions
40* eg setuid, setgid, or with POSIX caps set.
41*/
43
44/**
45* @return CPU processor clock, if available
46*
47* On Windows, calls QueryPerformanceCounter.
48*
49* Under GCC or Clang on supported platforms the hardware cycle counter is queried.
50* Currently supported processors are x86, PPC, Alpha, SPARC, IA-64, S/390x, and HP-PA.
51* If no CPU cycle counter is available on this system, returns zero.
52*/
54
56
57/**
58* Return the ELF auxiliary vector cooresponding to the given ID.
59* This only makes sense on Unix-like systems and is currently
60* only supported on Linux, Android, and FreeBSD.
61*
62* Returns zero if not supported on the current system or if
63* the id provided is not known.
64*/
65unsigned long get_auxval(unsigned long id);
66
67/*
68* @return best resolution timestamp available
69*
70* The epoch and update rate of this clock is arbitrary and depending
71* on the hardware it may not tick at a constant rate.
72*
73* Uses hardware cycle counter, if available.
74* On POSIX platforms clock_gettime is used with a monotonic timer
75* As a final fallback std::chrono::high_resolution_clock is used.
76*/
78
79/**
80* @return system clock (reflecting wall clock) with best resolution
81* available, normalized to nanoseconds resolution.
82*/
84
85/**
86* @return maximum amount of memory (in bytes) Botan could/should
87* hyptothetically allocate for the memory poool. Reads environment
88* variable "BOTAN_MLOCK_POOL_SIZE", set to "0" to disable pool.
89*/
91
92/**
93* Return the size of a memory page, if that can be derived on the
94* current system. Otherwise returns some default value (eg 4096)
95*/
96size_t system_page_size();
97
98/**
99* Read the value of an environment variable, setting it to value_out if it
100* exists. Returns false and sets value_out to empty string if no such variable
101* is set. If the process seems to be running in a privileged state (such as
102* setuid) then always returns false and does not examine the environment.
103*/
104bool read_env_variable(std::string& value_out, std::string_view var_name);
105
106/**
107* Read the value of an environment variable and convert it to an
108* integer. If not set or conversion fails, returns the default value.
109*
110* If the process seems to be running in a privileged state (such as setuid)
111* then always returns nullptr, similiar to glibc's secure_getenv.
112*/
113size_t read_env_variable_sz(std::string_view var_name, size_t def_value = 0);
114
115/**
116* Request count pages of RAM which are locked into memory using mlock,
117* VirtualLock, or some similar OS specific API. Free it with free_locked_pages.
118*
119* Returns an empty list on failure. This function is allowed to return fewer
120* than count pages.
121*
122* The contents of the allocated pages are undefined.
123*
124* Each page is preceded by and followed by a page which is marked
125* as noaccess, such that accessing it will cause a crash. This turns
126* out of bound reads/writes into crash events.
127*
128* @param count requested number of locked pages
129*/
130std::vector<void*> allocate_locked_pages(size_t count);
131
132/**
133* Free memory allocated by allocate_locked_pages
134* @param pages a list of pages returned by allocate_locked_pages
135*/
136void free_locked_pages(const std::vector<void*>& pages);
137
138/**
139* Set the MMU to prohibit access to this page
140*/
141void page_prohibit_access(void* page);
142
143/**
144* Set the MMU to allow R/W access to this page
145*/
146void page_allow_access(void* page);
147
148/**
149* Set a ID to a page's range expressed by size bytes
150*/
151void page_named(void* page, size_t size);
152
153
154/**
155* Run a probe instruction to test for support for a CPU instruction.
156* Runs in system-specific env that catches illegal instructions; this
157* function always fails if the OS doesn't provide this.
158* Returns value of probe_fn, if it could run.
159* If error occurs, returns negative number.
160* This allows probe_fn to indicate errors of its own, if it wants.
161* For example the instruction might not only be only available on some
162* CPUs, but also buggy on some subset of these - the probe function
163* can test to make sure the instruction works properly before
164* indicating that the instruction is available.
165*
166* @warning on Unix systems uses signal handling in a way that is not
167* thread safe. It should only be called in a single-threaded context
168* (ie, at static init time).
169*
170* If probe_fn throws an exception the result is undefined.
171*
172* Return codes:
173* -1 illegal instruction detected
174*/
175int BOTAN_TEST_API run_cpu_instruction_probe(const std::function<int ()>& probe_fn);
176
177/**
178* Represents a terminal state
179*/
181 {
182 public:
183 /**
184 * Reenable echo on this terminal. Can be safely called
185 * multiple times. May throw if an error occurs.
186 */
187 virtual void reenable_echo() = 0;
188
189 /**
190 * Implicitly calls reenable_echo, but swallows/ignored all
191 * errors which would leave the terminal in an invalid state.
192 */
193 virtual ~Echo_Suppression() = default;
194 };
195
196/**
197* Suppress echo on the terminal
198* Returns null if this operation is not supported on the current system.
199*/
200std::unique_ptr<Echo_Suppression> BOTAN_UNSTABLE_API suppress_echo_on_terminal();
201
202}
203
204}
205
206#endif
virtual void reenable_echo()=0
virtual ~Echo_Suppression()=default
#define BOTAN_UNSTABLE_API
Definition: compiler.h:44
#define BOTAN_TEST_API
Definition: compiler.h:51
bool running_in_privileged_state()
Definition: os_utils.cpp:166
size_t get_memory_locking_limit()
Definition: os_utils.cpp:354
uint64_t BOTAN_TEST_API get_high_resolution_clock()
Definition: os_utils.cpp:268
size_t BOTAN_TEST_API get_cpu_available()
Definition: os_utils.cpp:238
std::unique_ptr< Echo_Suppression > BOTAN_UNSTABLE_API suppress_echo_on_terminal()
Definition: os_utils.cpp:710
size_t read_env_variable_sz(std::string_view var_name, size_t def_value=0)
Definition: os_utils.cpp:450
void page_allow_access(void *page)
Definition: os_utils.cpp:588
bool read_env_variable(std::string &value_out, std::string_view var_name)
Definition: os_utils.cpp:422
void page_prohibit_access(void *page)
Definition: os_utils.cpp:603
int BOTAN_TEST_API run_cpu_instruction_probe(const std::function< int()> &probe_fn)
Definition: os_utils.cpp:668
std::vector< void * > allocate_locked_pages(size_t count)
Definition: os_utils.cpp:496
size_t system_page_size()
Definition: os_utils.cpp:334
uint64_t BOTAN_TEST_API get_system_timestamp_ns()
Definition: os_utils.cpp:320
unsigned long get_auxval(unsigned long id)
Definition: os_utils.cpp:124
void free_locked_pages(const std::vector< void * > &pages)
Definition: os_utils.cpp:618
void page_named(void *page, size_t size)
Definition: os_utils.cpp:642
uint32_t BOTAN_TEST_API get_process_id()
Definition: os_utils.cpp:111
uint64_t BOTAN_TEST_API get_cpu_cycle_counter()
Definition: os_utils.cpp:177
Definition: alg_id.cpp:12