1 /* 2 * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in 13 * the documentation and/or other materials provided with the 14 * distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 18 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 19 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 20 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 22 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 24 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/types.h> 31 #include <sys/param.h> 32 #include <sys/systm.h> 33 #include <sys/kernel.h> 34 #include <sys/malloc.h> 35 #include <sys/libkern.h> 36 37 #include <sys/tbridge.h> 38 39 MALLOC_DEFINE(M_SAFEMEM, "safemem", "safemem kernel port"); 40 41 struct safe_mem_hdr { 42 struct safe_mem_hdr *prev; 43 struct safe_mem_hdr *next; 44 struct safe_mem_tail *tail; 45 const char *file; 46 int line; 47 size_t alloc_sz; 48 char sig[8]; /* SAFEMEM */ 49 }; 50 51 struct safe_mem_tail { 52 char sig[8]; /* SAFEMEM */ 53 }; 54 55 static struct safe_mem_hdr *safe_mem_hdr_first = NULL; 56 57 static int safemem_error_count = 0; 58 59 void 60 safemem_reset_error_count(void) 61 { 62 safemem_error_count = 0; 63 } 64 65 int 66 safemem_get_error_count(void) 67 { 68 return safemem_error_count; 69 } 70 71 void * 72 _alloc_safe_mem(size_t req_sz, const char *file, int line) 73 { 74 struct safe_mem_hdr *hdr, *hdrp; 75 struct safe_mem_tail *tail; 76 size_t alloc_sz; 77 char *mem, *user_mem; 78 79 /* only shift, to make sure things (TM) keep aligned */ 80 alloc_sz = req_sz; 81 mem = kmalloc(alloc_sz << 2, M_SAFEMEM, M_WAITOK | M_ZERO); 82 user_mem = mem + alloc_sz; 83 hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr)); 84 tail = (struct safe_mem_tail *)(user_mem + alloc_sz); 85 86 strcpy(hdr->sig, "SAFEMEM"); 87 strcpy(tail->sig, "SAFEMEM"); 88 hdr->tail = tail; 89 hdr->alloc_sz = alloc_sz; 90 hdr->file = file; 91 hdr->line = line; 92 hdr->next = NULL; 93 94 if (safe_mem_hdr_first == NULL) { 95 safe_mem_hdr_first = hdr; 96 } else { 97 hdrp = safe_mem_hdr_first; 98 while (hdrp->next != NULL) 99 hdrp = hdrp->next; 100 hdr->prev = hdrp; 101 hdrp->next = hdr; 102 } 103 104 return user_mem; 105 } 106 107 void 108 _free_safe_mem(void *mem_ptr, const char *file, int line) 109 { 110 struct safe_mem_hdr *hdr; 111 struct safe_mem_tail *tail; 112 size_t alloc_sz; 113 char *mem = mem_ptr; 114 char *user_mem = mem_ptr; 115 116 hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr)); 117 tail = (struct safe_mem_tail *)(user_mem + hdr->alloc_sz); 118 mem -= hdr->alloc_sz; 119 120 #ifdef DEBUG 121 kprintf("freeing safe_mem (hdr): %#lx (%s:%d)\n", 122 (unsigned long)(void *)hdr, hdr->file, hdr->line); 123 #endif 124 125 if (hdr->alloc_sz == 0) { 126 tbridge_printf("SAFEMEM BUG: double-free at %s:%d !!!\n", file, 127 line); 128 return; 129 } 130 131 /* Integrity checks */ 132 if ((memcmp(hdr->sig, "SAFEMEM\0", 8) != 0) || 133 (memcmp(tail->sig, "SAFEMEM\0", 8) != 0)) { 134 tbridge_printf("SAFEMEM BUG: safe_mem buffer under- or overflow " 135 "at %s:%d !!!\n", file, line); 136 return; 137 } 138 139 if (safe_mem_hdr_first == NULL) { 140 tbridge_printf("SAFEMEM BUG: safe_mem list should not be empty " 141 "at %s:%d !!!\n", file, line); 142 return; 143 } 144 145 if (hdr->prev != NULL) 146 hdr->prev->next = hdr->next; 147 if (hdr->next != NULL) 148 hdr->next->prev = hdr->prev; 149 if (safe_mem_hdr_first == hdr) 150 safe_mem_hdr_first = hdr->next; 151 152 alloc_sz = hdr->alloc_sz; 153 154 bzero(mem, alloc_sz << 2); 155 kfree(mem, M_SAFEMEM); 156 } 157 158 void 159 check_and_purge_safe_mem(void) 160 { 161 struct safe_mem_hdr *hdr; 162 char *mem; 163 #ifdef DEBUG 164 int ok; 165 #endif 166 167 if (safe_mem_hdr_first == NULL) 168 return; 169 170 hdr = safe_mem_hdr_first; 171 while ((hdr = safe_mem_hdr_first) != NULL) { 172 #ifdef DEBUG 173 if ((hdr->alloc_sz > 0) && 174 (memcmp(hdr->sig, "SAFEMEM\0", 8) == 0) && 175 (memcmp(hdr->tail->sig, "SAFEMEM\0", 8) == 0)) 176 ok = 1; 177 else 178 ok = 0; 179 180 kprintf("SAFEMEM: un-freed safe_mem: %#lx (%s:%d) [integrity=%s]\n", 181 (unsigned long)(void *)hdr, hdr->file, hdr->line, 182 ok? "ok" : "failed"); 183 #endif 184 mem = (void *)hdr; 185 mem += sizeof(*hdr); 186 _free_safe_mem(mem, "check_and_purge_safe_mem", 0); 187 } 188 } 189