svn commit: r357987 - in head: share/man/man9 sys/kern sys/sys
Matt Macy
mmacy at FreeBSD.org
Sun Feb 16 00:12:55 UTC 2020
Author: mmacy
Date: Sun Feb 16 00:12:53 2020
New Revision: 357987
URL: https://svnweb.freebsd.org/changeset/base/357987
Log:
Add zfree to zero allocation before free
Key and cookie management typically wants to
avoid information leaks by explicitly zeroing
before free. This routine simplifies that by
permitting consumers to do so without carrying
the size around.
Reviewed by: jeff@, jhb@
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC (Netgate)
Differential Revision: https://reviews.freebsd.org/D22790
Modified:
head/share/man/man9/malloc.9
head/sys/kern/kern_malloc.c
head/sys/sys/malloc.h
Modified: head/share/man/man9/malloc.9
==============================================================================
--- head/share/man/man9/malloc.9 Sun Feb 16 00:03:09 2020 (r357986)
+++ head/share/man/man9/malloc.9 Sun Feb 16 00:12:53 2020 (r357987)
@@ -49,6 +49,8 @@
.Fn mallocarray "size_t nmemb" "size_t size" "struct malloc_type *type" "int flags"
.Ft void
.Fn free "void *addr" "struct malloc_type *type"
+.Ft void
+.Fn zfree "void *addr" "struct malloc_type *type"
.Ft void *
.Fn realloc "void *addr" "size_t size" "struct malloc_type *type" "int flags"
.Ft void *
@@ -105,6 +107,19 @@ is
then
.Fn free
does nothing.
+.Pp
+Like
+.Fn free ,
+the
+.Fn zfree
+function releases memory at address
+.Fa addr
+that was previously allocated by
+.Fn malloc
+for re-use.
+However,
+.Fn zfree
+will zero the memory before it is released.
.Pp
The
.Fn realloc
Modified: head/sys/kern/kern_malloc.c
==============================================================================
--- head/sys/kern/kern_malloc.c Sun Feb 16 00:03:09 2020 (r357986)
+++ head/sys/kern/kern_malloc.c Sun Feb 16 00:12:53 2020 (r357987)
@@ -820,6 +820,48 @@ free(void *addr, struct malloc_type *mtp)
malloc_type_freed(mtp, size);
}
+/*
+ * zfree:
+ *
+ * Zero then free a block of memory allocated by malloc.
+ *
+ * This routine may not block.
+ */
+void
+zfree(void *addr, struct malloc_type *mtp)
+{
+ uma_zone_t zone;
+ uma_slab_t slab;
+ u_long size;
+
+#ifdef MALLOC_DEBUG
+ if (free_dbg(&addr, mtp) != 0)
+ return;
+#endif
+ /* free(NULL, ...) does nothing */
+ if (addr == NULL)
+ return;
+
+ vtozoneslab((vm_offset_t)addr & (~UMA_SLAB_MASK), &zone, &slab);
+ if (slab == NULL)
+ panic("free: address %p(%p) has not been allocated.\n",
+ addr, (void *)((u_long)addr & (~UMA_SLAB_MASK)));
+
+ if (__predict_true(!malloc_large_slab(slab))) {
+ size = zone->uz_size;
+#ifdef INVARIANTS
+ free_save_type(addr, mtp, size);
+#endif
+ explicit_bzero(addr, size);
+ uma_zfree_arg(zone, addr, slab);
+ } else {
+ size = malloc_large_size(slab);
+ explicit_bzero(addr, size);
+ free_large(addr, size);
+ }
+ malloc_type_freed(mtp, size);
+}
+
void
free_domain(void *addr, struct malloc_type *mtp)
{
Modified: head/sys/sys/malloc.h
==============================================================================
--- head/sys/sys/malloc.h Sun Feb 16 00:03:09 2020 (r357986)
+++ head/sys/sys/malloc.h Sun Feb 16 00:12:53 2020 (r357987)
@@ -179,6 +179,7 @@ void *contigmalloc_domainset(unsigned long size, struc
unsigned long alignment, vm_paddr_t boundary)
__malloc_like __result_use_check __alloc_size(1) __alloc_align(7);
void free(void *addr, struct malloc_type *type);
+void zfree(void *addr, struct malloc_type *type);
void free_domain(void *addr, struct malloc_type *type);
void *malloc(size_t size, struct malloc_type *type, int flags) __malloc_like
__result_use_check __alloc_size(1);
More information about the svn-src-head
mailing list