1 /*
2 * OS and machine specific utility functions
3 * (C) 2015,2016,2017,2018 Jack Lloyd
4 * (C) 2016 Daniel Neus
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8
9 #include <botan/internal/os_utils.h>
10 #include <botan/cpuid.h>
11 #include <botan/exceptn.h>
12 #include <botan/mem_ops.h>
13
14 #include <algorithm>
15 #include <chrono>
16 #include <cstdlib>
17
18 #if defined(BOTAN_TARGET_OS_HAS_THREADS)
19 #include <thread>
20 #endif
21
22 #if defined(BOTAN_TARGET_OS_HAS_EXPLICIT_BZERO)
23 #include <string.h>
24 #endif
25
26 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
27 #include <sys/types.h>
28 #include <sys/resource.h>
29 #include <sys/mman.h>
30 #include <signal.h>
31 #include <stdlib.h>
32 #include <setjmp.h>
33 #include <unistd.h>
34 #include <errno.h>
35 #include <termios.h>
36 #undef B0
37 #endif
38
39 #if defined(BOTAN_TARGET_OS_IS_EMSCRIPTEN)
40 #include <emscripten/emscripten.h>
41 #endif
42
43 #if defined(BOTAN_TARGET_OS_HAS_GETAUXVAL) || defined(BOTAN_TARGET_OS_IS_ANDROID) || \
44 defined(BOTAN_TARGET_OS_HAS_ELF_AUX_INFO)
45 #include <sys/auxv.h>
46 #endif
47
48 #if defined(BOTAN_TARGET_OS_HAS_WIN32)
49 #define NOMINMAX 1
50 #define _WINSOCKAPI_ // stop windows.h including winsock.h
51 #include <windows.h>
52 #endif
53
54 #if defined(BOTAN_TARGET_OS_IS_ANDROID)
55 #include <elf.h>
56 extern "C" char **environ;
57 #endif
58
59 #if defined(BOTAN_TARGET_OS_IS_IOS) || defined(BOTAN_TARGET_OS_IS_MACOS)
60 #include <mach/vm_statistics.h>
61 #endif
62
63 namespace Botan {
64
65 // Not defined in OS namespace for historical reasons
secure_scrub_memory(void * ptr,size_t n)66 void secure_scrub_memory(void* ptr, size_t n)
67 {
68 #if defined(BOTAN_TARGET_OS_HAS_RTLSECUREZEROMEMORY)
69 ::RtlSecureZeroMemory(ptr, n);
70
71 #elif defined(BOTAN_TARGET_OS_HAS_EXPLICIT_BZERO)
72 ::explicit_bzero(ptr, n);
73
74 #elif defined(BOTAN_TARGET_OS_HAS_EXPLICIT_MEMSET)
75 (void)::explicit_memset(ptr, 0, n);
76
77 #elif defined(BOTAN_USE_VOLATILE_MEMSET_FOR_ZERO) && (BOTAN_USE_VOLATILE_MEMSET_FOR_ZERO == 1)
78 /*
79 Call memset through a static volatile pointer, which the compiler
80 should not elide. This construct should be safe in conforming
81 compilers, but who knows. I did confirm that on x86-64 GCC 6.1 and
82 Clang 3.8 both create code that saves the memset address in the
83 data segment and unconditionally loads and jumps to that address.
84 */
85 static void* (*const volatile memset_ptr)(void*, int, size_t) = std::memset;
86 (memset_ptr)(ptr, 0, n);
87 #else
88
89 volatile uint8_t* p = reinterpret_cast<volatile uint8_t*>(ptr);
90
91 for(size_t i = 0; i != n; ++i)
92 p[i] = 0;
93 #endif
94 }
95
get_process_id()96 uint32_t OS::get_process_id()
97 {
98 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
99 return ::getpid();
100 #elif defined(BOTAN_TARGET_OS_HAS_WIN32)
101 return ::GetCurrentProcessId();
102 #elif defined(BOTAN_TARGET_OS_IS_INCLUDEOS) || defined(BOTAN_TARGET_OS_IS_LLVM) || defined(BOTAN_TARGET_OS_IS_NONE)
103 return 0; // truly no meaningful value
104 #else
105 #error "Missing get_process_id"
106 #endif
107 }
108
get_auxval(unsigned long id)109 unsigned long OS::get_auxval(unsigned long id)
110 {
111 #if defined(BOTAN_TARGET_OS_HAS_GETAUXVAL)
112 return ::getauxval(id);
113 #elif defined(BOTAN_TARGET_OS_IS_ANDROID) && defined(BOTAN_TARGET_ARCH_IS_ARM32)
114
115 if(id == 0)
116 return 0;
117
118 char **p = environ;
119
120 while(*p++ != nullptr)
121 ;
122
123 Elf32_auxv_t *e = reinterpret_cast<Elf32_auxv_t*>(p);
124
125 while(e != nullptr)
126 {
127 if(e->a_type == id)
128 return e->a_un.a_val;
129 e++;
130 }
131
132 return 0;
133 #elif defined(BOTAN_TARGET_OS_HAS_ELF_AUX_INFO)
134 unsigned long auxinfo = 0;
135 ::elf_aux_info(id, &auxinfo, sizeof(auxinfo));
136 return auxinfo;
137 #else
138 BOTAN_UNUSED(id);
139 return 0;
140 #endif
141 }
142
running_in_privileged_state()143 bool OS::running_in_privileged_state()
144 {
145 #if defined(AT_SECURE)
146 return OS::get_auxval(AT_SECURE) != 0;
147 #elif defined(BOTAN_TARGET_OS_HAS_POSIX1)
148 return (::getuid() != ::geteuid()) || (::getgid() != ::getegid());
149 #else
150 return false;
151 #endif
152 }
153
get_cpu_cycle_counter()154 uint64_t OS::get_cpu_cycle_counter()
155 {
156 uint64_t rtc = 0;
157
158 #if defined(BOTAN_TARGET_OS_HAS_WIN32)
159 LARGE_INTEGER tv;
160 ::QueryPerformanceCounter(&tv);
161 rtc = tv.QuadPart;
162
163 #elif defined(BOTAN_USE_GCC_INLINE_ASM)
164
165 #if defined(BOTAN_TARGET_CPU_IS_X86_FAMILY)
166
167 if(CPUID::has_rdtsc())
168 {
169 uint32_t rtc_low = 0, rtc_high = 0;
170 asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low));
171 rtc = (static_cast<uint64_t>(rtc_high) << 32) | rtc_low;
172 }
173
174 #elif defined(BOTAN_TARGET_ARCH_IS_PPC64)
175
176 for(;;)
177 {
178 uint32_t rtc_low = 0, rtc_high = 0, rtc_high2 = 0;
179 asm volatile("mftbu %0" : "=r" (rtc_high));
180 asm volatile("mftb %0" : "=r" (rtc_low));
181 asm volatile("mftbu %0" : "=r" (rtc_high2));
182
183 if(rtc_high == rtc_high2)
184 {
185 rtc = (static_cast<uint64_t>(rtc_high) << 32) | rtc_low;
186 break;
187 }
188 }
189
190 #elif defined(BOTAN_TARGET_ARCH_IS_ALPHA)
191 asm volatile("rpcc %0" : "=r" (rtc));
192
193 // OpenBSD does not trap access to the %tick register
194 #elif defined(BOTAN_TARGET_ARCH_IS_SPARC64) && !defined(BOTAN_TARGET_OS_IS_OPENBSD)
195 asm volatile("rd %%tick, %0" : "=r" (rtc));
196
197 #elif defined(BOTAN_TARGET_ARCH_IS_IA64)
198 asm volatile("mov %0=ar.itc" : "=r" (rtc));
199
200 #elif defined(BOTAN_TARGET_ARCH_IS_S390X)
201 asm volatile("stck 0(%0)" : : "a" (&rtc) : "memory", "cc");
202
203 #elif defined(BOTAN_TARGET_ARCH_IS_HPPA)
204 asm volatile("mfctl 16,%0" : "=r" (rtc)); // 64-bit only?
205
206 #else
207 //#warning "OS::get_cpu_cycle_counter not implemented"
208 #endif
209
210 #endif
211
212 return rtc;
213 }
214
get_cpu_total()215 size_t OS::get_cpu_total()
216 {
217 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(_SC_NPROCESSORS_CONF)
218 const long res = ::sysconf(_SC_NPROCESSORS_CONF);
219 if(res > 0)
220 return static_cast<size_t>(res);
221 #endif
222
223 #if defined(BOTAN_TARGET_OS_HAS_THREADS)
224 return static_cast<size_t>(std::thread::hardware_concurrency());
225 #else
226 return 1;
227 #endif
228 }
229
get_cpu_available()230 size_t OS::get_cpu_available()
231 {
232 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(_SC_NPROCESSORS_ONLN)
233 const long res = ::sysconf(_SC_NPROCESSORS_ONLN);
234 if(res > 0)
235 return static_cast<size_t>(res);
236 #endif
237
238 return OS::get_cpu_total();
239 }
240
get_high_resolution_clock()241 uint64_t OS::get_high_resolution_clock()
242 {
243 if(uint64_t cpu_clock = OS::get_cpu_cycle_counter())
244 return cpu_clock;
245
246 #if defined(BOTAN_TARGET_OS_IS_EMSCRIPTEN)
247 return emscripten_get_now();
248 #endif
249
250 /*
251 If we got here either we either don't have an asm instruction
252 above, or (for x86) RDTSC is not available at runtime. Try some
253 clock_gettimes and return the first one that works, or otherwise
254 fall back to std::chrono.
255 */
256
257 #if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
258
259 // The ordering here is somewhat arbitrary...
260 const clockid_t clock_types[] = {
261 #if defined(CLOCK_MONOTONIC_HR)
262 CLOCK_MONOTONIC_HR,
263 #endif
264 #if defined(CLOCK_MONOTONIC_RAW)
265 CLOCK_MONOTONIC_RAW,
266 #endif
267 #if defined(CLOCK_MONOTONIC)
268 CLOCK_MONOTONIC,
269 #endif
270 #if defined(CLOCK_PROCESS_CPUTIME_ID)
271 CLOCK_PROCESS_CPUTIME_ID,
272 #endif
273 #if defined(CLOCK_THREAD_CPUTIME_ID)
274 CLOCK_THREAD_CPUTIME_ID,
275 #endif
276 };
277
278 for(clockid_t clock : clock_types)
279 {
280 struct timespec ts;
281 if(::clock_gettime(clock, &ts) == 0)
282 {
283 return (static_cast<uint64_t>(ts.tv_sec) * 1000000000) + static_cast<uint64_t>(ts.tv_nsec);
284 }
285 }
286 #endif
287
288 // Plain C++11 fallback
289 auto now = std::chrono::high_resolution_clock::now().time_since_epoch();
290 return std::chrono::duration_cast<std::chrono::nanoseconds>(now).count();
291 }
292
get_system_timestamp_ns()293 uint64_t OS::get_system_timestamp_ns()
294 {
295 #if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
296 struct timespec ts;
297 if(::clock_gettime(CLOCK_REALTIME, &ts) == 0)
298 {
299 return (static_cast<uint64_t>(ts.tv_sec) * 1000000000) + static_cast<uint64_t>(ts.tv_nsec);
300 }
301 #endif
302
303 auto now = std::chrono::system_clock::now().time_since_epoch();
304 return std::chrono::duration_cast<std::chrono::nanoseconds>(now).count();
305 }
306
system_page_size()307 size_t OS::system_page_size()
308 {
309 const size_t default_page_size = 4096;
310
311 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
312 long p = ::sysconf(_SC_PAGESIZE);
313 if(p > 1)
314 return static_cast<size_t>(p);
315 else
316 return default_page_size;
317 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
318 BOTAN_UNUSED(default_page_size);
319 SYSTEM_INFO sys_info;
320 ::GetSystemInfo(&sys_info);
321 return sys_info.dwPageSize;
322 #else
323 return default_page_size;
324 #endif
325 }
326
get_memory_locking_limit()327 size_t OS::get_memory_locking_limit()
328 {
329 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK) && defined(RLIMIT_MEMLOCK)
330 /*
331 * If RLIMIT_MEMLOCK is not defined, likely the OS does not support
332 * unprivileged mlock calls.
333 *
334 * Linux defaults to only 64 KiB of mlockable memory per process
335 * (too small) but BSDs offer a small fraction of total RAM (more
336 * than we need). Bound the total mlock size to 512 KiB which is
337 * enough to run the entire test suite without spilling to non-mlock
338 * memory (and thus presumably also enough for many useful
339 * programs), but small enough that we should not cause problems
340 * even if many processes are mlocking on the same machine.
341 */
342 const size_t user_req = read_env_variable_sz("BOTAN_MLOCK_POOL_SIZE", BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB);
343
344 const size_t mlock_requested = std::min<size_t>(user_req, BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB);
345
346 if(mlock_requested > 0)
347 {
348 struct ::rlimit limits;
349
350 ::getrlimit(RLIMIT_MEMLOCK, &limits);
351
352 if(limits.rlim_cur < limits.rlim_max)
353 {
354 limits.rlim_cur = limits.rlim_max;
355 ::setrlimit(RLIMIT_MEMLOCK, &limits);
356 ::getrlimit(RLIMIT_MEMLOCK, &limits);
357 }
358
359 return std::min<size_t>(limits.rlim_cur, mlock_requested * 1024);
360 }
361
362 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
363 SIZE_T working_min = 0, working_max = 0;
364 if(!::GetProcessWorkingSetSize(::GetCurrentProcess(), &working_min, &working_max))
365 {
366 return 0;
367 }
368
369 // According to Microsoft MSDN:
370 // The maximum number of pages that a process can lock is equal to the number of pages in its minimum working set minus a small overhead
371 // In the book "Windows Internals Part 2": the maximum lockable pages are minimum working set size - 8 pages
372 // But the information in the book seems to be inaccurate/outdated
373 // I've tested this on Windows 8.1 x64, Windows 10 x64 and Windows 7 x86
374 // On all three OS the value is 11 instead of 8
375 const size_t overhead = OS::system_page_size() * 11;
376 if(working_min > overhead)
377 {
378 const size_t lockable_bytes = working_min - overhead;
379 return std::min<size_t>(lockable_bytes, BOTAN_MLOCK_ALLOCATOR_MAX_LOCKED_KB * 1024);
380 }
381 #endif
382
383 // Not supported on this platform
384 return 0;
385 }
386
read_env_variable(std::string & value_out,const std::string & name)387 bool OS::read_env_variable(std::string& value_out, const std::string& name)
388 {
389 value_out = "";
390
391 if(running_in_privileged_state())
392 return false;
393
394 #if defined(BOTAN_TARGET_OS_HAS_WIN32) && defined(BOTAN_BUILD_COMPILER_IS_MSVC)
395 char val[128] = { 0 };
396 size_t req_size = 0;
397 if(getenv_s(&req_size, val, sizeof(val), name.c_str()) == 0)
398 {
399 value_out = std::string(val, req_size);
400 return true;
401 }
402 #else
403 if(const char* val = std::getenv(name.c_str()))
404 {
405 value_out = val;
406 return true;
407 }
408 #endif
409
410 return false;
411 }
412
read_env_variable_sz(const std::string & name,size_t def)413 size_t OS::read_env_variable_sz(const std::string& name, size_t def)
414 {
415 std::string value;
416 if(read_env_variable(value, name))
417 {
418 try
419 {
420 const size_t val = std::stoul(value, nullptr);
421 return val;
422 }
423 catch(std::exception&) { /* ignore it */ }
424 }
425
426 return def;
427 }
428
429 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
430
431 namespace {
432
get_locked_fd()433 int get_locked_fd()
434 {
435 #if defined(BOTAN_TARGET_OS_IS_IOS) || defined(BOTAN_TARGET_OS_IS_MACOS)
436 // On Darwin, tagging anonymous pages allows vmmap to track these.
437 // Allowed from 240 to 255 for userland applications
438 static constexpr int default_locked_fd = 255;
439 int locked_fd = default_locked_fd;
440
441 if(size_t locked_fdl = OS::read_env_variable_sz("BOTAN_LOCKED_FD", default_locked_fd))
442 {
443 if(locked_fdl < 240 || locked_fdl > 255)
444 {
445 locked_fdl = default_locked_fd;
446 }
447 locked_fd = static_cast<int>(locked_fdl);
448 }
449 return VM_MAKE_TAG(locked_fd);
450 #else
451 return -1;
452 #endif
453 }
454
455 }
456
457 #endif
458
allocate_locked_pages(size_t count)459 std::vector<void*> OS::allocate_locked_pages(size_t count)
460 {
461 std::vector<void*> result;
462
463 #if (defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)) || defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
464
465 result.reserve(count);
466
467 const size_t page_size = OS::system_page_size();
468
469 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
470 static const int locked_fd = get_locked_fd();
471 #endif
472
473 for(size_t i = 0; i != count; ++i)
474 {
475 void* ptr = nullptr;
476
477 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
478
479 #if !defined(MAP_ANONYMOUS)
480 #define MAP_ANONYMOUS MAP_ANON
481 #endif
482
483 #if !defined(MAP_NOCORE)
484 #if defined(MAP_CONCEAL)
485 #define MAP_NOCORE MAP_CONCEAL
486 #else
487 #define MAP_NOCORE 0
488 #endif
489 #endif
490
491 #if !defined(PROT_MAX)
492 #define PROT_MAX(p) 0
493 #endif
494 const int pflags = PROT_READ | PROT_WRITE;
495
496 ptr = ::mmap(nullptr, 3*page_size,
497 pflags | PROT_MAX(pflags),
498 MAP_ANONYMOUS | MAP_PRIVATE | MAP_NOCORE,
499 /*fd=*/locked_fd, /*offset=*/0);
500
501 if(ptr == MAP_FAILED)
502 {
503 continue;
504 }
505
506 // lock the data page
507 if(::mlock(static_cast<uint8_t*>(ptr) + page_size, page_size) != 0)
508 {
509 ::munmap(ptr, 3*page_size);
510 continue;
511 }
512
513 #if defined(MADV_DONTDUMP)
514 // we ignore errors here, as DONTDUMP is just a bonus
515 ::madvise(static_cast<uint8_t*>(ptr) + page_size, page_size, MADV_DONTDUMP);
516 #endif
517
518 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
519 ptr = ::VirtualAlloc(nullptr, 3*page_size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
520
521 if(ptr == nullptr)
522 continue;
523
524 if(::VirtualLock(static_cast<uint8_t*>(ptr) + page_size, page_size) == 0)
525 {
526 ::VirtualFree(ptr, 0, MEM_RELEASE);
527 continue;
528 }
529 #endif
530
531 std::memset(ptr, 0, 3*page_size); // zero data page and both guard pages
532
533 // Make guard page preceeding the data page
534 page_prohibit_access(static_cast<uint8_t*>(ptr));
535 // Make guard page following the data page
536 page_prohibit_access(static_cast<uint8_t*>(ptr) + 2*page_size);
537
538 result.push_back(static_cast<uint8_t*>(ptr) + page_size);
539 }
540 #else
541 BOTAN_UNUSED(count);
542 #endif
543
544 return result;
545 }
546
page_allow_access(void * page)547 void OS::page_allow_access(void* page)
548 {
549 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
550 const size_t page_size = OS::system_page_size();
551 ::mprotect(page, page_size, PROT_READ | PROT_WRITE);
552 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
553 const size_t page_size = OS::system_page_size();
554 DWORD old_perms = 0;
555 ::VirtualProtect(page, page_size, PAGE_READWRITE, &old_perms);
556 BOTAN_UNUSED(old_perms);
557 #else
558 BOTAN_UNUSED(page);
559 #endif
560 }
561
page_prohibit_access(void * page)562 void OS::page_prohibit_access(void* page)
563 {
564 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
565 const size_t page_size = OS::system_page_size();
566 ::mprotect(page, page_size, PROT_NONE);
567 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
568 const size_t page_size = OS::system_page_size();
569 DWORD old_perms = 0;
570 ::VirtualProtect(page, page_size, PAGE_NOACCESS, &old_perms);
571 BOTAN_UNUSED(old_perms);
572 #else
573 BOTAN_UNUSED(page);
574 #endif
575 }
576
free_locked_pages(const std::vector<void * > & pages)577 void OS::free_locked_pages(const std::vector<void*>& pages)
578 {
579 const size_t page_size = OS::system_page_size();
580
581 for(size_t i = 0; i != pages.size(); ++i)
582 {
583 void* ptr = pages[i];
584
585 secure_scrub_memory(ptr, page_size);
586
587 // ptr points to the data page, guard pages are before and after
588 page_allow_access(static_cast<uint8_t*>(ptr) - page_size);
589 page_allow_access(static_cast<uint8_t*>(ptr) + page_size);
590
591 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
592 ::munlock(ptr, page_size);
593 ::munmap(static_cast<uint8_t*>(ptr) - page_size, 3*page_size);
594 #elif defined(BOTAN_TARGET_OS_HAS_VIRTUAL_LOCK)
595 ::VirtualUnlock(ptr, page_size);
596 ::VirtualFree(static_cast<uint8_t*>(ptr) - page_size, 0, MEM_RELEASE);
597 #endif
598 }
599 }
600
601 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && !defined(BOTAN_TARGET_OS_IS_EMSCRIPTEN)
602
603 namespace {
604
605 static ::sigjmp_buf g_sigill_jmp_buf;
606
botan_sigill_handler(int)607 void botan_sigill_handler(int)
608 {
609 siglongjmp(g_sigill_jmp_buf, /*non-zero return value*/1);
610 }
611
612 }
613
614 #endif
615
run_cpu_instruction_probe(std::function<int ()> probe_fn)616 int OS::run_cpu_instruction_probe(std::function<int ()> probe_fn)
617 {
618 volatile int probe_result = -3;
619
620 #if defined(BOTAN_TARGET_OS_HAS_POSIX1) && !defined(BOTAN_TARGET_OS_IS_EMSCRIPTEN)
621 struct sigaction old_sigaction;
622 struct sigaction sigaction;
623
624 sigaction.sa_handler = botan_sigill_handler;
625 sigemptyset(&sigaction.sa_mask);
626 sigaction.sa_flags = 0;
627
628 int rc = ::sigaction(SIGILL, &sigaction, &old_sigaction);
629
630 if(rc != 0)
631 throw System_Error("run_cpu_instruction_probe sigaction failed", errno);
632
633 rc = sigsetjmp(g_sigill_jmp_buf, /*save sigs*/1);
634
635 if(rc == 0)
636 {
637 // first call to sigsetjmp
638 probe_result = probe_fn();
639 }
640 else if(rc == 1)
641 {
642 // non-local return from siglongjmp in signal handler: return error
643 probe_result = -1;
644 }
645
646 // Restore old SIGILL handler, if any
647 rc = ::sigaction(SIGILL, &old_sigaction, nullptr);
648 if(rc != 0)
649 throw System_Error("run_cpu_instruction_probe sigaction restore failed", errno);
650
651 #else
652 BOTAN_UNUSED(probe_fn);
653 #endif
654
655 return probe_result;
656 }
657
suppress_echo_on_terminal()658 std::unique_ptr<OS::Echo_Suppression> OS::suppress_echo_on_terminal()
659 {
660 #if defined(BOTAN_TARGET_OS_HAS_POSIX1)
661 class POSIX_Echo_Suppression : public Echo_Suppression
662 {
663 public:
664 POSIX_Echo_Suppression()
665 {
666 m_stdin_fd = fileno(stdin);
667 if(::tcgetattr(m_stdin_fd, &m_old_termios) != 0)
668 throw System_Error("Getting terminal status failed", errno);
669
670 struct termios noecho_flags = m_old_termios;
671 noecho_flags.c_lflag &= ~ECHO;
672 noecho_flags.c_lflag |= ECHONL;
673
674 if(::tcsetattr(m_stdin_fd, TCSANOW, &noecho_flags) != 0)
675 throw System_Error("Clearing terminal echo bit failed", errno);
676 }
677
678 void reenable_echo() override
679 {
680 if(m_stdin_fd > 0)
681 {
682 if(::tcsetattr(m_stdin_fd, TCSANOW, &m_old_termios) != 0)
683 throw System_Error("Restoring terminal echo bit failed", errno);
684 m_stdin_fd = -1;
685 }
686 }
687
688 ~POSIX_Echo_Suppression()
689 {
690 try
691 {
692 reenable_echo();
693 }
694 catch(...)
695 {
696 }
697 }
698
699 private:
700 int m_stdin_fd;
701 struct termios m_old_termios;
702 };
703
704 return std::unique_ptr<Echo_Suppression>(new POSIX_Echo_Suppression);
705
706 #elif defined(BOTAN_TARGET_OS_HAS_WIN32)
707
708 class Win32_Echo_Suppression : public Echo_Suppression
709 {
710 public:
711 Win32_Echo_Suppression()
712 {
713 m_input_handle = ::GetStdHandle(STD_INPUT_HANDLE);
714 if(::GetConsoleMode(m_input_handle, &m_console_state) == 0)
715 throw System_Error("Getting console mode failed", ::GetLastError());
716
717 DWORD new_mode = ENABLE_LINE_INPUT | ENABLE_PROCESSED_INPUT;
718 if(::SetConsoleMode(m_input_handle, new_mode) == 0)
719 throw System_Error("Setting console mode failed", ::GetLastError());
720 }
721
722 void reenable_echo() override
723 {
724 if(m_input_handle != INVALID_HANDLE_VALUE)
725 {
726 if(::SetConsoleMode(m_input_handle, m_console_state) == 0)
727 throw System_Error("Setting console mode failed", ::GetLastError());
728 m_input_handle = INVALID_HANDLE_VALUE;
729 }
730 }
731
732 ~Win32_Echo_Suppression()
733 {
734 try
735 {
736 reenable_echo();
737 }
738 catch(...)
739 {
740 }
741 }
742
743 private:
744 HANDLE m_input_handle;
745 DWORD m_console_state;
746 };
747
748 return std::unique_ptr<Echo_Suppression>(new Win32_Echo_Suppression);
749
750 #else
751
752 // Not supported on this platform, return null
753 return std::unique_ptr<Echo_Suppression>();
754 #endif
755 }
756
757 }
758