1 /* 2 * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in 13 * the documentation and/or other materials provided with the 14 * distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 18 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 19 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 20 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 22 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 23 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 24 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 26 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/types.h> 31 #include <sys/param.h> 32 #include <sys/systm.h> 33 #include <sys/kernel.h> 34 #include <sys/malloc.h> 35 #include <sys/libkern.h> 36 37 #include <sys/tbridge.h> 38 39 MALLOC_DEFINE(M_SAFEMEM, "safemem", "safemem kernel port"); 40 41 struct safe_mem_hdr { 42 struct safe_mem_hdr *prev; 43 struct safe_mem_hdr *next; 44 struct safe_mem_tail *tail; 45 const char *file; 46 int line; 47 size_t alloc_sz; 48 char sig[8]; /* SAFEMEM */ 49 }; 50 51 struct safe_mem_tail { 52 char sig[8]; /* SAFEMEM */ 53 }; 54 55 static struct safe_mem_hdr *safe_mem_hdr_first = NULL; 56 57 static int safemem_error_count = 0; 58 59 void 60 safemem_reset_error_count(void) 61 { 62 safemem_error_count = 0; 63 } 64 65 int 66 safemem_get_error_count(void) 67 { 68 return safemem_error_count; 69 } 70 71 void * 72 _alloc_safe_mem(size_t req_sz, const char *file, int line) 73 { 74 struct safe_mem_hdr *hdr, *hdrp; 75 struct safe_mem_tail *tail; 76 size_t alloc_sz; 77 char *mem, *user_mem; 78 79 /* only shift, to make sure things (TM) keep aligned */ 80 alloc_sz = req_sz; 81 mem = kmalloc(alloc_sz << 2, M_SAFEMEM, M_WAITOK); 82 83 bzero(mem, alloc_sz << 2); 84 85 user_mem = mem + alloc_sz; 86 hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr)); 87 tail = (struct safe_mem_tail *)(user_mem + alloc_sz); 88 89 strcpy(hdr->sig, "SAFEMEM"); 90 strcpy(tail->sig, "SAFEMEM"); 91 hdr->tail = tail; 92 hdr->alloc_sz = alloc_sz; 93 hdr->file = file; 94 hdr->line = line; 95 hdr->next = NULL; 96 97 if (safe_mem_hdr_first == NULL) { 98 safe_mem_hdr_first = hdr; 99 } else { 100 hdrp = safe_mem_hdr_first; 101 while (hdrp->next != NULL) 102 hdrp = hdrp->next; 103 hdr->prev = hdrp; 104 hdrp->next = hdr; 105 } 106 107 return user_mem; 108 } 109 110 void 111 _free_safe_mem(void *mem_ptr, const char *file, int line) 112 { 113 struct safe_mem_hdr *hdr; 114 struct safe_mem_tail *tail; 115 size_t alloc_sz; 116 char *mem = mem_ptr; 117 char *user_mem = mem_ptr; 118 119 hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr)); 120 tail = (struct safe_mem_tail *)(user_mem + hdr->alloc_sz); 121 mem -= hdr->alloc_sz; 122 123 #ifdef DEBUG 124 kprintf("freeing safe_mem (hdr): %#lx (%s:%d)\n", 125 (unsigned long)(void *)hdr, hdr->file, hdr->line); 126 #endif 127 128 if (hdr->alloc_sz == 0) { 129 tbridge_printf("SAFEMEM BUG: double-free at %s:%d !!!\n", file, 130 line); 131 return; 132 } 133 134 /* Integrity checks */ 135 if ((memcmp(hdr->sig, "SAFEMEM\0", 8) != 0) || 136 (memcmp(tail->sig, "SAFEMEM\0", 8) != 0)) { 137 tbridge_printf("SAFEMEM BUG: safe_mem buffer under- or overflow " 138 "at %s:%d !!!\n", file, line); 139 return; 140 } 141 142 if (safe_mem_hdr_first == NULL) { 143 tbridge_printf("SAFEMEM BUG: safe_mem list should not be empty " 144 "at %s:%d !!!\n", file, line); 145 return; 146 } 147 148 if (hdr->prev != NULL) 149 hdr->prev->next = hdr->next; 150 if (hdr->next != NULL) 151 hdr->next->prev = hdr->prev; 152 if (safe_mem_hdr_first == hdr) 153 safe_mem_hdr_first = hdr->next; 154 155 alloc_sz = hdr->alloc_sz; 156 157 bzero(mem, alloc_sz << 2); 158 kfree(mem, M_SAFEMEM); 159 } 160 161 void 162 check_and_purge_safe_mem(void) 163 { 164 struct safe_mem_hdr *hdr; 165 char *mem; 166 #ifdef DEBUG 167 int ok; 168 #endif 169 170 if (safe_mem_hdr_first == NULL) 171 return; 172 173 hdr = safe_mem_hdr_first; 174 while ((hdr = safe_mem_hdr_first) != NULL) { 175 #ifdef DEBUG 176 if ((hdr->alloc_sz > 0) && 177 (memcmp(hdr->sig, "SAFEMEM\0", 8) == 0) && 178 (memcmp(hdr->tail->sig, "SAFEMEM\0", 8) == 0)) 179 ok = 1; 180 else 181 ok = 0; 182 183 kprintf("SAFEMEM: un-freed safe_mem: %#lx (%s:%d) [integrity=%s]\n", 184 (unsigned long)(void *)hdr, hdr->file, hdr->line, 185 ok? "ok" : "failed"); 186 #endif 187 mem = (void *)hdr; 188 mem += sizeof(*hdr); 189 _free_safe_mem(mem, "check_and_purge_safe_mem", 0); 190 } 191 } 192