Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 1 | /* |
Willy Tarreau | 62405a2 | 2014-12-23 13:51:28 +0100 | [diff] [blame] | 2 | * include/common/memory.h |
| 3 | * Memory management definitions.. |
| 4 | * |
| 5 | * Copyright (C) 2000-2014 Willy Tarreau - w@1wt.eu |
| 6 | * |
| 7 | * This library is free software; you can redistribute it and/or |
| 8 | * modify it under the terms of the GNU Lesser General Public |
| 9 | * License as published by the Free Software Foundation, version 2.1 |
| 10 | * exclusively. |
| 11 | * |
| 12 | * This library is distributed in the hope that it will be useful, |
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15 | * Lesser General Public License for more details. |
| 16 | * |
| 17 | * You should have received a copy of the GNU Lesser General Public |
| 18 | * License along with this library; if not, write to the Free Software |
| 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 20 | */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 21 | |
Willy Tarreau | 2dd0d47 | 2006-06-29 17:53:05 +0200 | [diff] [blame] | 22 | #ifndef _COMMON_MEMORY_H |
| 23 | #define _COMMON_MEMORY_H |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 24 | |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 25 | #include <sys/mman.h> |
| 26 | |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 27 | #include <stdlib.h> |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 28 | #include <string.h> |
David Carlier | 4ee76d0 | 2018-02-18 19:36:42 +0000 | [diff] [blame] | 29 | #include <stdint.h> |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 30 | |
Willy Tarreau | 2dd0d47 | 2006-06-29 17:53:05 +0200 | [diff] [blame] | 31 | #include <common/config.h> |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 32 | #include <common/mini-clist.h> |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 33 | #include <common/hathreads.h> |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 34 | |
Willy Tarreau | a84dcb8 | 2015-10-28 12:04:02 +0100 | [diff] [blame] | 35 | #ifndef DEBUG_DONT_SHARE_POOLS |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 36 | #define MEM_F_SHARED 0x1 |
Willy Tarreau | a84dcb8 | 2015-10-28 12:04:02 +0100 | [diff] [blame] | 37 | #else |
| 38 | #define MEM_F_SHARED 0 |
| 39 | #endif |
Willy Tarreau | 581bf81 | 2016-01-25 02:19:13 +0100 | [diff] [blame] | 40 | #define MEM_F_EXACT 0x2 |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 41 | |
Willy Tarreau | ac42111 | 2015-10-28 15:09:29 +0100 | [diff] [blame] | 42 | /* reserve an extra void* at the end of a pool for linking */ |
| 43 | #ifdef DEBUG_MEMORY_POOLS |
| 44 | #define POOL_EXTRA (sizeof(void *)) |
| 45 | #define POOL_LINK(pool, item) (void **)(((char *)item) + (pool->size)) |
| 46 | #else |
| 47 | #define POOL_EXTRA (0) |
| 48 | #define POOL_LINK(pool, item) ((void **)(item)) |
| 49 | #endif |
| 50 | |
Willy Tarreau | 0a93b64 | 2018-10-16 07:58:39 +0200 | [diff] [blame^] | 51 | #define MAX_BASE_POOLS 32 |
| 52 | |
Willy Tarreau | f161d0f | 2018-02-22 14:05:55 +0100 | [diff] [blame] | 53 | #ifdef CONFIG_HAP_LOCKLESS_POOLS |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 54 | struct pool_free_list { |
| 55 | void **free_list; |
| 56 | uintptr_t seq; |
| 57 | }; |
| 58 | #endif |
| 59 | |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 60 | struct pool_head { |
Willy Tarreau | 1ca1b70 | 2017-11-26 10:50:36 +0100 | [diff] [blame] | 61 | void **free_list; |
Willy Tarreau | f161d0f | 2018-02-22 14:05:55 +0100 | [diff] [blame] | 62 | #ifdef CONFIG_HAP_LOCKLESS_POOLS |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 63 | uintptr_t seq; |
| 64 | #else |
| 65 | __decl_hathreads(HA_SPINLOCK_T lock); /* the spin lock */ |
| 66 | #endif |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 67 | unsigned int used; /* how many chunks are currently in use */ |
| 68 | unsigned int allocated; /* how many chunks have been allocated */ |
| 69 | unsigned int limit; /* hard limit on the number of chunks */ |
| 70 | unsigned int minavail; /* how many chunks are expected to be used */ |
| 71 | unsigned int size; /* chunk size */ |
| 72 | unsigned int flags; /* MEM_F_* */ |
Willy Tarreau | 7dcd46d | 2007-05-14 00:16:13 +0200 | [diff] [blame] | 73 | unsigned int users; /* number of pools sharing this zone */ |
Willy Tarreau | 58102cf | 2015-10-28 16:24:21 +0100 | [diff] [blame] | 74 | unsigned int failed; /* failed allocations */ |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 75 | struct list list; /* list of all known pools */ |
Willy Tarreau | 7dcd46d | 2007-05-14 00:16:13 +0200 | [diff] [blame] | 76 | char name[12]; /* name of the pool */ |
Willy Tarreau | 1ca1b70 | 2017-11-26 10:50:36 +0100 | [diff] [blame] | 77 | } __attribute__((aligned(64))); |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 78 | |
Willy Tarreau | 0a93b64 | 2018-10-16 07:58:39 +0200 | [diff] [blame^] | 79 | |
| 80 | extern struct pool_head pool_base_start[MAX_BASE_POOLS]; |
| 81 | extern unsigned int pool_base_count; |
| 82 | |
Willy Tarreau | 067ac9f | 2015-10-08 14:12:13 +0200 | [diff] [blame] | 83 | /* poison each newly allocated area with this byte if >= 0 */ |
| 84 | extern int mem_poison_byte; |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 85 | |
Willy Tarreau | a885f6d | 2014-12-03 15:25:28 +0100 | [diff] [blame] | 86 | /* Allocates new entries for pool <pool> until there are at least <avail> + 1 |
| 87 | * available, then returns the last one for immediate use, so that at least |
| 88 | * <avail> are left available in the pool upon return. NULL is returned if the |
| 89 | * last entry could not be allocated. It's important to note that at least one |
| 90 | * allocation is always performed even if there are enough entries in the pool. |
| 91 | * A call to the garbage collector is performed at most once in case malloc() |
| 92 | * returns an error, before returning NULL. |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 93 | */ |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 94 | void *__pool_refill_alloc(struct pool_head *pool, unsigned int avail); |
Willy Tarreau | a885f6d | 2014-12-03 15:25:28 +0100 | [diff] [blame] | 95 | void *pool_refill_alloc(struct pool_head *pool, unsigned int avail); |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 96 | |
| 97 | /* Try to find an existing shared pool with the same characteristics and |
| 98 | * returns it, otherwise creates this one. NULL is returned if no memory |
| 99 | * is available for a new creation. |
| 100 | */ |
| 101 | struct pool_head *create_pool(char *name, unsigned int size, unsigned int flags); |
| 102 | |
| 103 | /* Dump statistics on pools usage. |
| 104 | */ |
Willy Tarreau | 12833bb | 2014-01-28 16:49:56 +0100 | [diff] [blame] | 105 | void dump_pools_to_trash(); |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 106 | void dump_pools(void); |
Willy Tarreau | 58102cf | 2015-10-28 16:24:21 +0100 | [diff] [blame] | 107 | int pool_total_failures(); |
| 108 | unsigned long pool_total_allocated(); |
| 109 | unsigned long pool_total_used(); |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 110 | |
| 111 | /* |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 112 | * This function frees whatever can be freed in pool <pool>. |
| 113 | */ |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 114 | void pool_flush(struct pool_head *pool); |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 115 | |
| 116 | /* |
| 117 | * This function frees whatever can be freed in all pools, but respecting |
| 118 | * the minimum thresholds imposed by owners. |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 119 | * |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 120 | * <pool_ctx> is used when pool_gc is called to release resources to allocate |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 121 | * an element in __pool_refill_alloc. It is important because <pool_ctx> is |
| 122 | * already locked, so we need to skip the lock here. |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 123 | */ |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 124 | void pool_gc(struct pool_head *pool_ctx); |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 125 | |
| 126 | /* |
| 127 | * This function destroys a pull by freeing it completely. |
| 128 | * This should be called only under extreme circumstances. |
| 129 | */ |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 130 | void *pool_destroy(struct pool_head *pool); |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 131 | |
Willy Tarreau | 0a93b64 | 2018-10-16 07:58:39 +0200 | [diff] [blame^] | 132 | /* returns the pool index for pool <pool>, or -1 if this pool has no index */ |
| 133 | static inline ssize_t pool_get_index(const struct pool_head *pool) |
| 134 | { |
| 135 | size_t idx; |
| 136 | |
| 137 | idx = pool - pool_base_start; |
| 138 | if (idx >= MAX_BASE_POOLS) |
| 139 | return -1; |
| 140 | return idx; |
| 141 | } |
| 142 | |
Willy Tarreau | f161d0f | 2018-02-22 14:05:55 +0100 | [diff] [blame] | 143 | #ifdef CONFIG_HAP_LOCKLESS_POOLS |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 144 | /* |
| 145 | * Returns a pointer to type <type> taken from the pool <pool_type> if |
| 146 | * available, otherwise returns NULL. No malloc() is attempted, and poisonning |
| 147 | * is never performed. The purpose is to get the fastest possible allocation. |
| 148 | */ |
| 149 | static inline void *__pool_get_first(struct pool_head *pool) |
| 150 | { |
| 151 | struct pool_free_list cmp, new; |
| 152 | |
| 153 | cmp.seq = pool->seq; |
| 154 | __ha_barrier_load(); |
| 155 | |
| 156 | cmp.free_list = pool->free_list; |
| 157 | do { |
| 158 | if (cmp.free_list == NULL) |
| 159 | return NULL; |
| 160 | new.seq = cmp.seq + 1; |
| 161 | __ha_barrier_load(); |
| 162 | new.free_list = *POOL_LINK(pool, cmp.free_list); |
| 163 | } while (__ha_cas_dw((void *)&pool->free_list, (void *)&cmp, (void *)&new) == 0); |
Tim Duesterhus | 05f6a43 | 2018-02-20 00:49:46 +0100 | [diff] [blame] | 164 | |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 165 | HA_ATOMIC_ADD(&pool->used, 1); |
| 166 | #ifdef DEBUG_MEMORY_POOLS |
| 167 | /* keep track of where the element was allocated from */ |
| 168 | *POOL_LINK(pool, cmp.free_list) = (void *)pool; |
| 169 | #endif |
| 170 | return cmp.free_list; |
| 171 | } |
| 172 | |
| 173 | static inline void *pool_get_first(struct pool_head *pool) |
| 174 | { |
| 175 | void *ret; |
| 176 | |
| 177 | ret = __pool_get_first(pool); |
| 178 | return ret; |
| 179 | } |
| 180 | /* |
| 181 | * Returns a pointer to type <type> taken from the pool <pool_type> or |
| 182 | * dynamically allocated. In the first case, <pool_type> is updated to point to |
| 183 | * the next element in the list. No memory poisonning is ever performed on the |
| 184 | * returned area. |
| 185 | */ |
| 186 | static inline void *pool_alloc_dirty(struct pool_head *pool) |
| 187 | { |
| 188 | void *p; |
| 189 | |
| 190 | if ((p = __pool_get_first(pool)) == NULL) |
| 191 | p = __pool_refill_alloc(pool, 0); |
| 192 | return p; |
| 193 | } |
| 194 | |
Willy Tarreau | e6ce59d | 2007-05-13 19:38:49 +0200 | [diff] [blame] | 195 | /* |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 196 | * Returns a pointer to type <type> taken from the pool <pool_type> or |
| 197 | * dynamically allocated. In the first case, <pool_type> is updated to point to |
| 198 | * the next element in the list. Memory poisonning is performed if enabled. |
| 199 | */ |
| 200 | static inline void *pool_alloc(struct pool_head *pool) |
| 201 | { |
| 202 | void *p; |
| 203 | |
| 204 | p = pool_alloc_dirty(pool); |
| 205 | #ifdef DEBUG_MEMORY_POOLS |
| 206 | if (p) { |
| 207 | /* keep track of where the element was allocated from */ |
| 208 | *POOL_LINK(pool, p) = (void *)pool; |
| 209 | } |
| 210 | #endif |
| 211 | if (p && mem_poison_byte >= 0) { |
| 212 | memset(p, mem_poison_byte, pool->size); |
| 213 | } |
| 214 | |
| 215 | return p; |
| 216 | } |
| 217 | |
| 218 | /* |
| 219 | * Puts a memory area back to the corresponding pool. |
| 220 | * Items are chained directly through a pointer that |
| 221 | * is written in the beginning of the memory area, so |
| 222 | * there's no need for any carrier cell. This implies |
| 223 | * that each memory area is at least as big as one |
| 224 | * pointer. Just like with the libc's free(), nothing |
| 225 | * is done if <ptr> is NULL. |
| 226 | */ |
| 227 | static inline void pool_free(struct pool_head *pool, void *ptr) |
| 228 | { |
| 229 | if (likely(ptr != NULL)) { |
| 230 | void *free_list; |
| 231 | #ifdef DEBUG_MEMORY_POOLS |
| 232 | /* we'll get late corruption if we refill to the wrong pool or double-free */ |
| 233 | if (*POOL_LINK(pool, ptr) != (void *)pool) |
| 234 | *(volatile int *)0 = 0; |
| 235 | #endif |
| 236 | free_list = pool->free_list; |
| 237 | do { |
| 238 | *POOL_LINK(pool, ptr) = (void *)free_list; |
| 239 | __ha_barrier_store(); |
| 240 | } while (!HA_ATOMIC_CAS(&pool->free_list, (void *)&free_list, ptr)); |
Tim Duesterhus | 05f6a43 | 2018-02-20 00:49:46 +0100 | [diff] [blame] | 241 | |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 242 | HA_ATOMIC_SUB(&pool->used, 1); |
| 243 | } |
| 244 | } |
| 245 | |
Willy Tarreau | f161d0f | 2018-02-22 14:05:55 +0100 | [diff] [blame] | 246 | #else /* CONFIG_HAP_LOCKLESS_POOLS */ |
Olivier Houchard | cf975d4 | 2018-01-24 18:38:31 +0100 | [diff] [blame] | 247 | /* |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 248 | * Returns a pointer to type <type> taken from the pool <pool_type> if |
| 249 | * available, otherwise returns NULL. No malloc() is attempted, and poisonning |
| 250 | * is never performed. The purpose is to get the fastest possible allocation. |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 251 | */ |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 252 | static inline void *__pool_get_first(struct pool_head *pool) |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 253 | { |
| 254 | void *p; |
| 255 | |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 256 | if ((p = pool->free_list) != NULL) { |
Willy Tarreau | ac42111 | 2015-10-28 15:09:29 +0100 | [diff] [blame] | 257 | pool->free_list = *POOL_LINK(pool, p); |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 258 | pool->used++; |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 259 | #ifdef DEBUG_MEMORY_POOLS |
| 260 | /* keep track of where the element was allocated from */ |
| 261 | *POOL_LINK(pool, p) = (void *)pool; |
| 262 | #endif |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 263 | } |
| 264 | return p; |
| 265 | } |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 266 | |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 267 | static inline void *pool_get_first(struct pool_head *pool) |
| 268 | { |
| 269 | void *ret; |
| 270 | |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 271 | HA_SPIN_LOCK(POOL_LOCK, &pool->lock); |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 272 | ret = __pool_get_first(pool); |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 273 | HA_SPIN_UNLOCK(POOL_LOCK, &pool->lock); |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 274 | return ret; |
| 275 | } |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 276 | /* |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 277 | * Returns a pointer to type <type> taken from the pool <pool_type> or |
| 278 | * dynamically allocated. In the first case, <pool_type> is updated to point to |
| 279 | * the next element in the list. No memory poisonning is ever performed on the |
| 280 | * returned area. |
| 281 | */ |
| 282 | static inline void *pool_alloc_dirty(struct pool_head *pool) |
| 283 | { |
| 284 | void *p; |
| 285 | |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 286 | HA_SPIN_LOCK(POOL_LOCK, &pool->lock); |
Christopher Faulet | b349e48 | 2017-08-29 09:52:38 +0200 | [diff] [blame] | 287 | if ((p = __pool_get_first(pool)) == NULL) |
| 288 | p = __pool_refill_alloc(pool, 0); |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 289 | HA_SPIN_UNLOCK(POOL_LOCK, &pool->lock); |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 290 | return p; |
| 291 | } |
| 292 | |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 293 | #ifndef DEBUG_UAF /* normal allocator */ |
| 294 | |
Willy Tarreau | f13322e | 2017-11-22 10:50:54 +0100 | [diff] [blame] | 295 | /* allocates an area of size <size> and returns it. The semantics are similar |
| 296 | * to those of malloc(). |
| 297 | */ |
| 298 | static inline void *pool_alloc_area(size_t size) |
| 299 | { |
| 300 | return malloc(size); |
| 301 | } |
| 302 | |
| 303 | /* frees an area <area> of size <size> allocated by pool_alloc_area(). The |
| 304 | * semantics are identical to free() except that the size is specified and |
| 305 | * may be ignored. |
| 306 | */ |
| 307 | static inline void pool_free_area(void *area, size_t __maybe_unused size) |
| 308 | { |
| 309 | free(area); |
| 310 | } |
| 311 | |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 312 | #else /* use-after-free detector */ |
| 313 | |
| 314 | /* allocates an area of size <size> and returns it. The semantics are similar |
| 315 | * to those of malloc(). However the allocation is rounded up to 4kB so that a |
| 316 | * full page is allocated. This ensures the object can be freed alone so that |
| 317 | * future dereferences are easily detected. The returned object is always |
Willy Tarreau | 364d745 | 2018-02-22 14:14:23 +0100 | [diff] [blame] | 318 | * 16-bytes aligned to avoid issues with unaligned structure objects. In case |
| 319 | * some padding is added, the area's start address is copied at the end of the |
| 320 | * padding to help detect underflows. |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 321 | */ |
| 322 | static inline void *pool_alloc_area(size_t size) |
| 323 | { |
| 324 | size_t pad = (4096 - size) & 0xFF0; |
Willy Tarreau | 5a9cce4 | 2018-02-22 11:39:23 +0100 | [diff] [blame] | 325 | void *ret; |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 326 | |
Willy Tarreau | 5a9cce4 | 2018-02-22 11:39:23 +0100 | [diff] [blame] | 327 | ret = mmap(NULL, (size + 4095) & -4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0); |
Willy Tarreau | 364d745 | 2018-02-22 14:14:23 +0100 | [diff] [blame] | 328 | if (ret == MAP_FAILED) |
| 329 | return NULL; |
| 330 | if (pad >= sizeof(void *)) |
| 331 | *(void **)(ret + pad - sizeof(void *)) = ret + pad; |
| 332 | return ret + pad; |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 333 | } |
| 334 | |
| 335 | /* frees an area <area> of size <size> allocated by pool_alloc_area(). The |
| 336 | * semantics are identical to free() except that the size must absolutely match |
Willy Tarreau | 364d745 | 2018-02-22 14:14:23 +0100 | [diff] [blame] | 337 | * the one passed to pool_alloc_area(). In case some padding is added, the |
| 338 | * area's start address is compared to the one at the end of the padding, and |
| 339 | * a segfault is triggered if they don't match, indicating an underflow. |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 340 | */ |
| 341 | static inline void pool_free_area(void *area, size_t size) |
| 342 | { |
| 343 | size_t pad = (4096 - size) & 0xFF0; |
| 344 | |
Willy Tarreau | 364d745 | 2018-02-22 14:14:23 +0100 | [diff] [blame] | 345 | if (pad >= sizeof(void *) && *(void **)(area - sizeof(void *)) != area) |
| 346 | *(volatile int *)0 = 0; |
| 347 | |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 348 | munmap(area - pad, (size + 4095) & -4096); |
| 349 | } |
| 350 | |
| 351 | #endif /* DEBUG_UAF */ |
| 352 | |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 353 | /* |
| 354 | * Returns a pointer to type <type> taken from the pool <pool_type> or |
| 355 | * dynamically allocated. In the first case, <pool_type> is updated to point to |
| 356 | * the next element in the list. Memory poisonning is performed if enabled. |
| 357 | */ |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 358 | static inline void *pool_alloc(struct pool_head *pool) |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 359 | { |
| 360 | void *p; |
| 361 | |
| 362 | p = pool_alloc_dirty(pool); |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 363 | #ifdef DEBUG_MEMORY_POOLS |
| 364 | if (p) { |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 365 | HA_SPIN_LOCK(POOL_LOCK, &pool->lock); |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 366 | /* keep track of where the element was allocated from */ |
| 367 | *POOL_LINK(pool, p) = (void *)pool; |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 368 | HA_SPIN_UNLOCK(POOL_LOCK, &pool->lock); |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 369 | } |
| 370 | #endif |
| 371 | if (p && mem_poison_byte >= 0) { |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 372 | memset(p, mem_poison_byte, pool->size); |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 373 | } |
| 374 | |
Willy Tarreau | 0262241 | 2014-12-08 16:35:23 +0100 | [diff] [blame] | 375 | return p; |
| 376 | } |
| 377 | |
| 378 | /* |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 379 | * Puts a memory area back to the corresponding pool. |
| 380 | * Items are chained directly through a pointer that |
| 381 | * is written in the beginning of the memory area, so |
| 382 | * there's no need for any carrier cell. This implies |
| 383 | * that each memory area is at least as big as one |
Willy Tarreau | 48d63db | 2008-08-03 17:41:33 +0200 | [diff] [blame] | 384 | * pointer. Just like with the libc's free(), nothing |
| 385 | * is done if <ptr> is NULL. |
Willy Tarreau | 50e608d | 2007-05-13 18:26:08 +0200 | [diff] [blame] | 386 | */ |
Willy Tarreau | bafbe01 | 2017-11-24 17:34:44 +0100 | [diff] [blame] | 387 | static inline void pool_free(struct pool_head *pool, void *ptr) |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 388 | { |
| 389 | if (likely(ptr != NULL)) { |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 390 | HA_SPIN_LOCK(POOL_LOCK, &pool->lock); |
Willy Tarreau | de30a68 | 2015-10-28 15:23:51 +0100 | [diff] [blame] | 391 | #ifdef DEBUG_MEMORY_POOLS |
| 392 | /* we'll get late corruption if we refill to the wrong pool or double-free */ |
| 393 | if (*POOL_LINK(pool, ptr) != (void *)pool) |
| 394 | *(int *)0 = 0; |
| 395 | #endif |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 396 | |
| 397 | #ifndef DEBUG_UAF /* normal pool behaviour */ |
Willy Tarreau | ac42111 | 2015-10-28 15:09:29 +0100 | [diff] [blame] | 398 | *POOL_LINK(pool, ptr) = (void *)pool->free_list; |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 399 | pool->free_list = (void *)ptr; |
Willy Tarreau | 158fa75 | 2017-11-22 15:47:29 +0100 | [diff] [blame] | 400 | #else /* release the entry for real to detect use after free */ |
| 401 | /* ensure we crash on double free or free of a const area*/ |
| 402 | *(uint32_t *)ptr = 0xDEADADD4; |
| 403 | pool_free_area(ptr, pool->size + POOL_EXTRA); |
| 404 | pool->allocated--; |
| 405 | #endif /* DEBUG_UAF */ |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 406 | pool->used--; |
Christopher Faulet | 2a944ee | 2017-11-07 10:42:54 +0100 | [diff] [blame] | 407 | HA_SPIN_UNLOCK(POOL_LOCK, &pool->lock); |
Willy Tarreau | e430e77 | 2014-12-23 14:13:16 +0100 | [diff] [blame] | 408 | } |
| 409 | } |
Willy Tarreau | f161d0f | 2018-02-22 14:05:55 +0100 | [diff] [blame] | 410 | #endif /* CONFIG_HAP_LOCKLESS_POOLS */ |
Willy Tarreau | 2dd0d47 | 2006-06-29 17:53:05 +0200 | [diff] [blame] | 411 | #endif /* _COMMON_MEMORY_H */ |
Willy Tarreau | baaee00 | 2006-06-26 02:48:02 +0200 | [diff] [blame] | 412 | |
| 413 | /* |
| 414 | * Local variables: |
| 415 | * c-indent-level: 8 |
| 416 | * c-basic-offset: 8 |
| 417 | * End: |
| 418 | */ |