1.\" $NetBSD: kmem.9,v 1.24 2019/08/15 12:24:08 maxv Exp $ 2.\" 3.\" Copyright (c)2006 YAMAMOTO Takashi, 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" ------------------------------------------------------------ 28.Dd August 15, 2019 29.Dt KMEM 9 30.Os 31.\" ------------------------------------------------------------ 32.Sh NAME 33.Nm kmem 34.Nd kernel wired memory allocator 35.\" ------------------------------------------------------------ 36.Sh SYNOPSIS 37.In sys/kmem.h 38.\" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 39.Ft void * 40.Fn kmem_alloc \ 41"size_t size" "km_flag_t kmflags" 42.Ft void * 43.Fn kmem_zalloc \ 44"size_t size" "km_flag_t kmflags" 45.Ft void 46.Fn kmem_free \ 47"void *p" "size_t size" 48.\" --- 49.Ft void * 50.Fn kmem_intr_alloc \ 51"size_t size" "km_flag_t kmflags" 52.Ft void * 53.Fn kmem_intr_zalloc \ 54"size_t size" "km_flag_t kmflags" 55.Ft void 56.Fn kmem_intr_free \ 57"void *p" "size_t size" 58.\" --- 59.Ft char * 60.Fn kmem_asprintf \ 61"const char *fmt" "..." 62.\" --- 63.Ft char * 64.Fn kmem_strdupsize \ 65"const char *str" "size_t *size" "km_flag_t kmflags" 66.Ft void 67.Fn kmem_strfree \ 68"char *str" 69.\" ------------------------------------------------------------ 70.Pp 71.Cd "options KMEM_SIZE" 72.Sh DESCRIPTION 73.Fn kmem_alloc 74allocates kernel wired memory. 75It takes the following arguments. 76.Bl -tag -width kmflags 77.It Fa size 78Specify the size of allocation in bytes. 79.It Fa kmflags 80Either of the following: 81.Bl -tag -width KM_NOSLEEP 82.It Dv KM_SLEEP 83If the allocation cannot be satisfied immediately, sleep until enough 84memory is available. 85If 86.Dv KM_SLEEP 87is specified, then the allocation cannot fail. 88.It Dv KM_NOSLEEP 89Don't sleep. 90Immediately return 91.Dv NULL 92if there is not enough memory available. 93It should only be used when failure to allocate will not have harmful, 94user-visible effects. 95.Pp 96.Bf -symbolic 97Use of 98.Dv KM_NOSLEEP 99is strongly discouraged as it can create transient, hard to debug failures 100that occur when the system is under memory pressure. 101.Ef 102.Pp 103In situations where it is not possible to sleep, for example because locks 104are held by the caller, the code path should be restructured to allow the 105allocation to be made in another place. 106.El 107.El 108.Pp 109The contents of allocated memory are uninitialized. 110.Pp 111Unlike Solaris, kmem_alloc(0, flags) is illegal. 112.Pp 113.\" ------------------------------------------------------------ 114.Fn kmem_zalloc 115is the equivalent of 116.Fn kmem_alloc , 117except that it initializes the memory to zero. 118.Pp 119.\" ------------------------------------------------------------ 120.Fn kmem_asprintf 121functions as the well known 122.Fn asprintf 123function, but allocates memory using 124.Fn kmem_alloc . 125This routine can sleep during allocation. 126The size of the allocated area is the length of the returned character string, plus one (for the NUL terminator). 127This must be taken into consideration when freeing the returned area with 128.Fn kmem_free . 129.Pp 130.\" ------------------------------------------------------------ 131.Fn kmem_free 132frees kernel wired memory allocated by 133.Fn kmem_alloc 134or 135.Fn kmem_zalloc 136so that it can be used for other purposes. 137It takes the following arguments. 138.Bl -tag -width kmflags 139.It Fa p 140The pointer to the memory being freed. 141It must be the one returned by 142.Fn kmem_alloc 143or 144.Fn kmem_zalloc . 145.It Fa size 146The size of the memory being freed, in bytes. 147It must be the same as the 148.Fa size 149argument used for 150.Fn kmem_alloc 151or 152.Fn kmem_zalloc 153when the memory was allocated. 154.El 155.Pp 156Freeing 157.Dv NULL 158is illegal. 159.Pp 160.\" ------------------------------------------------------------ 161.Fn kmem_intr_alloc , 162.Fn kmem_intr_zalloc 163and 164.Fn kmem_intr_free 165are the equivalents of the above kmem routines which can be called 166from the interrupt context. 167These routines are for the special cases. 168Normally, 169.Xr pool_cache 9 170should be used for memory allocation from interrupt context. 171.Pp 172The 173.Fn kmem_strdupsize 174function is a utility function that can be used to copy the string in the 175.Fa str 176argument to a new buffer allocated using 177.Fn kmem_alloc 178and optionally return the size of the allocation (the length of the string 179plus the trailing 180.Dv NUL ) 181in the 182.Fa size 183argument if that is not 184.Dv NULL . 185.Pp 186The 187.Fn kmem_strfree 188function can be used to free a 189.Dv NUL 190terminated string computing the length of the string using 191.Xr strlen 3 192and adding one for the 193.Dv NUL 194and then using 195.Fn kmem_free . 196.\" ------------------------------------------------------------ 197.Sh NOTES 198Making 199.Dv KM_SLEEP 200allocations while holding mutexes or reader/writer locks is discouraged, as the 201caller can sleep for an unbounded amount of time in order to satisfy the 202allocation. 203This can in turn block other threads that wish to acquire locks held by the 204caller. 205It should be noted that 206.Fn kmem_free 207may also block. 208.Pp 209For some locks this is permissible or even unavoidable. 210For others, particularly locks that may be taken from soft interrupt context, 211it is a serious problem. 212As a general rule it is better not to allow this type of situation to develop. 213One way to circumvent the problem is to make allocations speculative and part 214of a retryable sequence. 215For example: 216.Bd -literal 217 retry: 218 /* speculative unlocked check */ 219 if (need to allocate) { 220 new_item = kmem_alloc(sizeof(*new_item), KM_SLEEP); 221 } else { 222 new_item = NULL; 223 } 224 mutex_enter(lock); 225 /* check while holding lock for true status */ 226 if (need to allocate) { 227 if (new_item == NULL) { 228 mutex_exit(lock); 229 goto retry; 230 } 231 consume(new_item); 232 new_item = NULL; 233 } 234 mutex_exit(lock); 235 if (new_item != NULL) { 236 /* did not use it after all */ 237 kmem_free(new_item, sizeof(*new_item)); 238 } 239.Ed 240.\" ------------------------------------------------------------ 241.Sh OPTIONS 242.Ss KMEM_SIZE 243Kernels compiled with the 244.Dv KMEM_SIZE 245option ensure the size given in 246.Fn kmem_free 247matches the actual allocated size. 248On 249.Fn kmem_alloc , 250the kernel will allocate an additional contiguous kmem page of eight 251bytes in the buffer, will register the allocated size in the first kmem 252page of that buffer, and will return a pointer to the second kmem page 253in that same buffer. 254When freeing, the kernel reads the first page, and compares the 255size registered with the one given in 256.Fn kmem_free . 257Any mismatch triggers a panic. 258.Pp 259.Dv KMEM_SIZE 260is enabled by default on 261.Dv DIAGNOSTIC . 262.Sh RETURN VALUES 263On success, 264.Fn kmem_alloc , 265.Fn kmem_asprintf , 266.Fn kmem_intr_alloc , 267.Fn kmem_intr_zalloc , 268.Fn kmem_strdupsize , 269and 270.Fn kmem_zalloc 271return a pointer to allocated memory. 272Otherwise, 273.Dv NULL 274is returned. 275.\" ------------------------------------------------------------ 276.Sh CODE REFERENCES 277The 278.Nm 279subsystem is implemented within the file 280.Pa sys/kern/subr_kmem.c . 281.\" ------------------------------------------------------------ 282.Sh SEE ALSO 283.Xr intro 9 , 284.Xr memoryallocators 9 , 285.Xr percpu 9 , 286.Xr pool_cache 9 , 287.Xr uvm_km 9 288.\" ------------------------------------------------------------ 289.Sh CAVEATS 290The 291.Fn kmem_alloc , 292.Fn kmem_asprintf , 293.Fn kmem_free , 294.Fn kmem_strdupsize , 295.Fn kmem_strfree , 296and 297.Fn kmem_zalloc 298functions cannot be used from interrupt context, from a soft interrupt, 299or from a callout. 300Use 301.Xr pool_cache 9 302in these situations. 303.\" ------------------------------------------------------------ 304.Sh SECURITY CONSIDERATIONS 305As the memory allocated by 306.Fn kmem_alloc 307is uninitialized, it can contain security-sensitive data left by its 308previous user. 309It is the caller's responsibility not to expose it to the world. 310