Date: Sun, 16 Feb 2020 00:12:54 +0000 (UTC) From: Matt Macy <mmacy@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r357987 - in head: share/man/man9 sys/kern sys/sys Message-ID: <202002160012.01G0CseV066653@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mmacy Date: Sun Feb 16 00:12:53 2020 New Revision: 357987 URL: https://svnweb.freebsd.org/changeset/base/357987 Log: Add zfree to zero allocation before free Key and cookie management typically wants to avoid information leaks by explicitly zeroing before free. This routine simplifies that by permitting consumers to do so without carrying the size around. Reviewed by: jeff@, jhb@ MFC after: 1 week Sponsored by: Rubicon Communications, LLC (Netgate) Differential Revision: https://reviews.freebsd.org/D22790 Modified: head/share/man/man9/malloc.9 head/sys/kern/kern_malloc.c head/sys/sys/malloc.h Modified: head/share/man/man9/malloc.9 ============================================================================== --- head/share/man/man9/malloc.9 Sun Feb 16 00:03:09 2020 (r357986) +++ head/share/man/man9/malloc.9 Sun Feb 16 00:12:53 2020 (r357987) @@ -49,6 +49,8 @@ .Fn mallocarray "size_t nmemb" "size_t size" "struct malloc_type *type" "int flags" .Ft void .Fn free "void *addr" "struct malloc_type *type" +.Ft void +.Fn zfree "void *addr" "struct malloc_type *type" .Ft void * .Fn realloc "void *addr" "size_t size" "struct malloc_type *type" "int flags" .Ft void * @@ -105,6 +107,19 @@ is then .Fn free does nothing. +.Pp +Like +.Fn free , +the +.Fn zfree +function releases memory at address +.Fa addr +that was previously allocated by +.Fn malloc +for re-use. +However, +.Fn zfree +will zero the memory before it is released. .Pp The .Fn realloc Modified: head/sys/kern/kern_malloc.c ============================================================================== --- head/sys/kern/kern_malloc.c Sun Feb 16 00:03:09 2020 (r357986) +++ head/sys/kern/kern_malloc.c Sun Feb 16 00:12:53 2020 (r357987) @@ -820,6 +820,48 @@ free(void *addr, struct malloc_type *mtp) malloc_type_freed(mtp, size); } +/* + * zfree: + * + * Zero then free a block of memory allocated by malloc. + * + * This routine may not block. + */ +void +zfree(void *addr, struct malloc_type *mtp) +{ + uma_zone_t zone; + uma_slab_t slab; + u_long size; + +#ifdef MALLOC_DEBUG + if (free_dbg(&addr, mtp) != 0) + return; +#endif + /* free(NULL, ...) does nothing */ + if (addr == NULL) + return; + + vtozoneslab((vm_offset_t)addr & (~UMA_SLAB_MASK), &zone, &slab); + if (slab == NULL) + panic("free: address %p(%p) has not been allocated.\n", + addr, (void *)((u_long)addr & (~UMA_SLAB_MASK))); + + if (__predict_true(!malloc_large_slab(slab))) { + size = zone->uz_size; +#ifdef INVARIANTS + free_save_type(addr, mtp, size); +#endif + explicit_bzero(addr, size); + uma_zfree_arg(zone, addr, slab); + } else { + size = malloc_large_size(slab); + explicit_bzero(addr, size); + free_large(addr, size); + } + malloc_type_freed(mtp, size); +} + void free_domain(void *addr, struct malloc_type *mtp) { Modified: head/sys/sys/malloc.h ============================================================================== --- head/sys/sys/malloc.h Sun Feb 16 00:03:09 2020 (r357986) +++ head/sys/sys/malloc.h Sun Feb 16 00:12:53 2020 (r357987) @@ -179,6 +179,7 @@ void *contigmalloc_domainset(unsigned long size, struc unsigned long alignment, vm_paddr_t boundary) __malloc_like __result_use_check __alloc_size(1) __alloc_align(7); void free(void *addr, struct malloc_type *type); +void zfree(void *addr, struct malloc_type *type); void free_domain(void *addr, struct malloc_type *type); void *malloc(size_t size, struct malloc_type *type, int flags) __malloc_like __result_use_check __alloc_size(1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002160012.01G0CseV066653>