Dump stack if memwipe() check fails
[strongswan.git] / src / libstrongswan / library.c
1 /*
2 * Copyright (C) 2009 Tobias Brunner
3 * Copyright (C) 2008 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "library.h"
18
19 #include <stdlib.h>
20
21 #include <utils/debug.h>
22 #include <threading/thread.h>
23 #include <utils/identification.h>
24 #include <networking/host.h>
25 #include <collections/hashtable.h>
26 #include <utils/backtrace.h>
27 #include <selectors/traffic_selector.h>
28
29 #define CHECKSUM_LIBRARY IPSEC_LIB_DIR"/libchecksum.so"
30
31 typedef struct private_library_t private_library_t;
32
33 /**
34 * private data of library
35 */
36 struct private_library_t {
37
38 /**
39 * public functions
40 */
41 library_t public;
42
43 /**
44 * Hashtable with registered objects (name => object)
45 */
46 hashtable_t *objects;
47
48 /**
49 * Integrity check failed?
50 */
51 bool integrity_failed;
52
53 /**
54 * Number of times we have been initialized
55 */
56 refcount_t ref;
57 };
58
59 /**
60 * library instance
61 */
62 library_t *lib = NULL;
63
64 /**
65 * Deinitialize library
66 */
67 void library_deinit()
68 {
69 private_library_t *this = (private_library_t*)lib;
70 bool detailed;
71
72 if (!this || !ref_put(&this->ref))
73 { /* have more users */
74 return;
75 }
76
77 detailed = lib->settings->get_bool(lib->settings,
78 "libstrongswan.leak_detective.detailed", TRUE);
79
80 /* make sure the cache is clear before unloading plugins */
81 lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
82
83 this->public.scheduler->destroy(this->public.scheduler);
84 this->public.processor->destroy(this->public.processor);
85 this->public.plugins->destroy(this->public.plugins);
86 this->public.hosts->destroy(this->public.hosts);
87 this->public.settings->destroy(this->public.settings);
88 this->public.credmgr->destroy(this->public.credmgr);
89 this->public.creds->destroy(this->public.creds);
90 this->public.encoding->destroy(this->public.encoding);
91 this->public.crypto->destroy(this->public.crypto);
92 this->public.proposal->destroy(this->public.proposal);
93 this->public.fetcher->destroy(this->public.fetcher);
94 this->public.resolver->destroy(this->public.resolver);
95 this->public.db->destroy(this->public.db);
96 this->public.printf_hook->destroy(this->public.printf_hook);
97 this->objects->destroy(this->objects);
98 if (this->public.integrity)
99 {
100 this->public.integrity->destroy(this->public.integrity);
101 }
102
103 if (lib->leak_detective)
104 {
105 lib->leak_detective->report(lib->leak_detective, detailed);
106 lib->leak_detective->destroy(lib->leak_detective);
107 }
108
109 threads_deinit();
110 backtrace_deinit();
111
112 free(this);
113 lib = NULL;
114 }
115
116 METHOD(library_t, get, void*,
117 private_library_t *this, char *name)
118 {
119 return this->objects->get(this->objects, name);
120 }
121
122 METHOD(library_t, set, bool,
123 private_library_t *this, char *name, void *object)
124 {
125 if (object)
126 {
127 if (this->objects->get(this->objects, name))
128 {
129 return FALSE;
130 }
131 this->objects->put(this->objects, name, object);
132 return TRUE;
133 }
134 return this->objects->remove(this->objects, name) != NULL;
135 }
136
137 /**
138 * Hashtable hash function
139 */
140 static u_int hash(char *key)
141 {
142 return chunk_hash(chunk_create(key, strlen(key)));
143 }
144
145 /**
146 * Hashtable equals function
147 */
148 static bool equals(char *a, char *b)
149 {
150 return streq(a, b);
151 }
152
153 /**
154 * Number of words we write and memwipe() in memwipe check
155 */
156 #define MEMWIPE_WIPE_WORDS 16
157
158 /**
159 * Number of words we check stack for memwiped magic
160 */
161 #define MEMWIPE_CHECK_WORDS (MEMWIPE_WIPE_WORDS * 2)
162
163 /**
164 * Write magic to memory, and try to clear it with memwipe()
165 */
166 __attribute__((noinline))
167 static void do_magic(int magic, int **stack)
168 {
169 int buf[MEMWIPE_WIPE_WORDS], i;
170
171 /* tell caller where callee stack is (but don't point to buf) */
172 *stack = &i;
173 for (i = 0; i < countof(buf); i++)
174 {
175 buf[i] = magic;
176 }
177 /* passing buf to dbg should make sure the compiler can't optimize out buf.
178 * we use directly dbg(3), as DBG3() might be stripped with DEBUG_LEVEL. */
179 dbg(DBG_LIB, 3, "memwipe() pre: %b", buf, sizeof(buf));
180 memwipe(buf, sizeof(buf));
181 }
182
183 /**
184 * Check if memwipe works as expected
185 */
186 static bool check_memwipe()
187 {
188 int magic = 0xCAFEBABE, *ptr, *deeper, i, stackdir = 1;
189
190 do_magic(magic, &deeper);
191
192 ptr = &magic;
193 if (deeper < ptr)
194 { /* stack grows down */
195 stackdir = -1;
196 }
197 for (i = 0; i < MEMWIPE_CHECK_WORDS; i++)
198 {
199 ptr = ptr + stackdir;
200 if (*ptr == magic)
201 {
202 ptr = &magic + stackdir;
203 if (stackdir == -1)
204 {
205 ptr -= MEMWIPE_CHECK_WORDS;
206 }
207 DBG1(DBG_LIB, "memwipe() check failed: stackdir: %d %b",
208 stackdir, ptr, (u_int)(MEMWIPE_CHECK_WORDS * sizeof(int)));
209 return FALSE;
210 }
211 }
212 return TRUE;
213 }
214
215 /*
216 * see header file
217 */
218 bool library_init(char *settings)
219 {
220 private_library_t *this;
221 printf_hook_t *pfh;
222
223 if (lib)
224 { /* already initialized, increase refcount */
225 this = (private_library_t*)lib;
226 ref_get(&this->ref);
227 return !this->integrity_failed;
228 }
229
230 INIT(this,
231 .public = {
232 .get = _get,
233 .set = _set,
234 },
235 .ref = 1,
236 );
237 lib = &this->public;
238
239 backtrace_init();
240 threads_init();
241
242 #ifdef LEAK_DETECTIVE
243 lib->leak_detective = leak_detective_create();
244 #endif /* LEAK_DETECTIVE */
245
246 pfh = printf_hook_create();
247 this->public.printf_hook = pfh;
248
249 pfh->add_handler(pfh, 'b', mem_printf_hook,
250 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
251 PRINTF_HOOK_ARGTYPE_END);
252 pfh->add_handler(pfh, 'B', chunk_printf_hook,
253 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
254 pfh->add_handler(pfh, 'H', host_printf_hook,
255 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
256 pfh->add_handler(pfh, 'N', enum_printf_hook,
257 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
258 PRINTF_HOOK_ARGTYPE_END);
259 pfh->add_handler(pfh, 'T', time_printf_hook,
260 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_INT,
261 PRINTF_HOOK_ARGTYPE_END);
262 pfh->add_handler(pfh, 'V', time_delta_printf_hook,
263 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_POINTER,
264 PRINTF_HOOK_ARGTYPE_END);
265 pfh->add_handler(pfh, 'Y', identification_printf_hook,
266 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
267 pfh->add_handler(pfh, 'R', traffic_selector_printf_hook,
268 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
269
270 this->objects = hashtable_create((hashtable_hash_t)hash,
271 (hashtable_equals_t)equals, 4);
272 this->public.settings = settings_create(settings);
273 this->public.hosts = host_resolver_create();
274 this->public.proposal = proposal_keywords_create();
275 this->public.crypto = crypto_factory_create();
276 this->public.creds = credential_factory_create();
277 this->public.credmgr = credential_manager_create();
278 this->public.encoding = cred_encoding_create();
279 this->public.fetcher = fetcher_manager_create();
280 this->public.resolver = resolver_manager_create();
281 this->public.db = database_factory_create();
282 this->public.processor = processor_create();
283 this->public.scheduler = scheduler_create();
284 this->public.plugins = plugin_loader_create();
285
286 if (!check_memwipe())
287 {
288 return FALSE;
289 }
290
291 if (lib->settings->get_bool(lib->settings,
292 "libstrongswan.integrity_test", FALSE))
293 {
294 #ifdef INTEGRITY_TEST
295 this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
296 if (!lib->integrity->check(lib->integrity, "libstrongswan", library_init))
297 {
298 DBG1(DBG_LIB, "integrity check of libstrongswan failed");
299 this->integrity_failed = TRUE;
300 }
301 #else /* !INTEGRITY_TEST */
302 DBG1(DBG_LIB, "integrity test enabled, but not supported");
303 this->integrity_failed = TRUE;
304 #endif /* INTEGRITY_TEST */
305 }
306
307 return !this->integrity_failed;
308 }