git: 74361d693aec - main - malloc: Fix DEBUG_REDZONE for contigmalloc()

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Mark Johnston <markj_at_FreeBSD.org>
Date: Sun, 23 Mar 2025 21:06:04 UTC
The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=74361d693aec892b01c1553bda7176f8d341b2ff

commit 74361d693aec892b01c1553bda7176f8d341b2ff
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-03-23 13:42:40 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-03-23 13:50:41 +0000

    malloc: Fix DEBUG_REDZONE for contigmalloc()
    
    When free() was adapted to support allocations originating from
    contigmalloc(), redzone(9) support was not included.  redzone(9)
    involves adjusting the pointer to freed memory before looking up the
    slab cookie, so it's not straightforward to make contigmalloc() opt out
    of redzone support.
    
    Thus, augment contigmalloc() to support redzone.
    
    Reported by:    glebius
    Tested by:      dhw
    MFC after:      2 weeks
    Fixes:          9e6544dd6e02 ("malloc(9): extend contigmalloc(9) by a "slab cookie"")
---
 sys/kern/kern_malloc.c | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_malloc.c b/sys/kern/kern_malloc.c
index b1347b15e651..0b76e633b04a 100644
--- a/sys/kern/kern_malloc.c
+++ b/sys/kern/kern_malloc.c
@@ -477,11 +477,18 @@ contigmalloc_size(uma_slab_t slab)
 }
 
 void *
-contigmalloc(unsigned long size, struct malloc_type *type, int flags,
+contigmalloc(unsigned long osize, struct malloc_type *type, int flags,
     vm_paddr_t low, vm_paddr_t high, unsigned long alignment,
     vm_paddr_t boundary)
 {
 	void *ret;
+	unsigned long size;
+
+#ifdef DEBUG_REDZONE
+	size = redzone_size_ntor(osize);
+#else
+	size = osize;
+#endif
 
 	ret = (void *)kmem_alloc_contig(size, flags, low, high, alignment,
 	    boundary, VM_MEMATTR_DEFAULT);
@@ -489,16 +496,26 @@ contigmalloc(unsigned long size, struct malloc_type *type, int flags,
 		/* Use low bits unused for slab pointers. */
 		vsetzoneslab((uintptr_t)ret, NULL, CONTIG_MALLOC_SLAB(size));
 		malloc_type_allocated(type, round_page(size));
+#ifdef DEBUG_REDZONE
+		ret = redzone_setup(ret, osize);
+#endif
 	}
 	return (ret);
 }
 
 void *
-contigmalloc_domainset(unsigned long size, struct malloc_type *type,
+contigmalloc_domainset(unsigned long osize, struct malloc_type *type,
     struct domainset *ds, int flags, vm_paddr_t low, vm_paddr_t high,
     unsigned long alignment, vm_paddr_t boundary)
 {
 	void *ret;
+	unsigned long size;
+
+#ifdef DEBUG_REDZONE
+	size = redzone_size_ntor(osize);
+#else
+	size = osize;
+#endif
 
 	ret = (void *)kmem_alloc_contig_domainset(ds, size, flags, low, high,
 	    alignment, boundary, VM_MEMATTR_DEFAULT);
@@ -506,6 +523,9 @@ contigmalloc_domainset(unsigned long size, struct malloc_type *type,
 		/* Use low bits unused for slab pointers. */
 		vsetzoneslab((uintptr_t)ret, NULL, CONTIG_MALLOC_SLAB(size));
 		malloc_type_allocated(type, round_page(size));
+#ifdef DEBUG_REDZONE
+		ret = redzone_setup(ret, osize);
+#endif
 	}
 	return (ret);
 }