[dragonfly.git] / sys / dev / misc / tbridge / safe_mem.c

/*
 * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include <sys/types.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/malloc.h>
#include <sys/libkern.h>

#include <sys/tbridge.h>

MALLOC_DEFINE(M_SAFEMEM, "safemem", "safemem kernel port");

struct safe_mem_hdr {
        struct safe_mem_hdr     *prev;
        struct safe_mem_hdr     *next;
        struct safe_mem_tail    *tail;
        const char      *file;
        int             line;
        size_t          alloc_sz;
        char            sig[8]; /* SAFEMEM */
};

struct safe_mem_tail {
        char sig[8]; /* SAFEMEM */
};

static struct safe_mem_hdr *safe_mem_hdr_first = NULL;

static int safemem_error_count = 0;

void
safemem_reset_error_count(void)
{
        safemem_error_count = 0;
}

int
safemem_get_error_count(void)
{
        return safemem_error_count;
}

void *
_alloc_safe_mem(size_t req_sz, const char *file, int line)
{
        struct safe_mem_hdr *hdr, *hdrp;
        struct safe_mem_tail *tail;
        size_t alloc_sz;
        char *mem, *user_mem;

        /* only shift, to make sure things (TM) keep aligned */
        alloc_sz = req_sz;
        mem = kmalloc(alloc_sz << 2, M_SAFEMEM, M_WAITOK);

        bzero(mem, alloc_sz << 2);

        user_mem = mem + alloc_sz;
        hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr));
        tail = (struct safe_mem_tail *)(user_mem + alloc_sz);

        strcpy(hdr->sig, "SAFEMEM");
        strcpy(tail->sig, "SAFEMEM");
        hdr->tail = tail;
        hdr->alloc_sz = alloc_sz;
        hdr->file = file;
        hdr->line = line;
        hdr->next = NULL;

        if (safe_mem_hdr_first == NULL) {
                safe_mem_hdr_first = hdr;
        } else {
                hdrp = safe_mem_hdr_first;
                while (hdrp->next != NULL)
                        hdrp = hdrp->next;
                hdr->prev = hdrp;
                hdrp->next = hdr;
        }

        return user_mem;
}

void
_free_safe_mem(void *mem_ptr, const char *file, int line)
{
        struct safe_mem_hdr *hdr;
        struct safe_mem_tail *tail;
        size_t alloc_sz;
        char *mem = mem_ptr;
        char *user_mem = mem_ptr;

        hdr = (struct safe_mem_hdr *)(user_mem - sizeof(*hdr));
        tail = (struct safe_mem_tail *)(user_mem + hdr->alloc_sz);
        mem -= hdr->alloc_sz;

#ifdef DEBUG
        kprintf("freeing safe_mem (hdr): %#lx (%s:%d)\n",
                    (unsigned long)(void *)hdr, hdr->file, hdr->line);
#endif

        if (hdr->alloc_sz == 0) {
                tbridge_printf("SAFEMEM BUG: double-free at %s:%d !!!\n", file,
                    line);
                return;
        }

        /* Integrity checks */
        if ((memcmp(hdr->sig, "SAFEMEM\0", 8) != 0) ||
            (memcmp(tail->sig, "SAFEMEM\0", 8) != 0)) {
                tbridge_printf("SAFEMEM BUG: safe_mem buffer under- or overflow "
                    "at %s:%d !!!\n", file, line);
                return;
        }

        if (safe_mem_hdr_first == NULL) {
                tbridge_printf("SAFEMEM BUG: safe_mem list should not be empty "
                    "at %s:%d !!!\n", file, line);
                return;
        }

        if (hdr->prev != NULL)
                hdr->prev->next = hdr->next;
        if (hdr->next != NULL)
                hdr->next->prev = hdr->prev;
        if (safe_mem_hdr_first == hdr)
                safe_mem_hdr_first = hdr->next;

        alloc_sz = hdr->alloc_sz;

        bzero(mem, alloc_sz << 2);
        kfree(mem, M_SAFEMEM);
}

void
check_and_purge_safe_mem(void)
{
        struct safe_mem_hdr *hdr;
        char *mem;
#ifdef DEBUG
        int ok;
#endif

        if (safe_mem_hdr_first == NULL)
                return;

        hdr = safe_mem_hdr_first;
        while ((hdr = safe_mem_hdr_first) != NULL) {
#ifdef DEBUG
                if ((hdr->alloc_sz > 0) &&
                    (memcmp(hdr->sig, "SAFEMEM\0", 8) == 0) &&
                    (memcmp(hdr->tail->sig, "SAFEMEM\0", 8) == 0))
                        ok = 1;
                else
                        ok = 0;

                kprintf("SAFEMEM: un-freed safe_mem: %#lx (%s:%d) [integrity=%s]\n",
                    (unsigned long)(void *)hdr, hdr->file, hdr->line,
                    ok? "ok" : "failed");
#endif
                mem = (void *)hdr;
                mem += sizeof(*hdr);
                _free_safe_mem(mem, "check_and_purge_safe_mem", 0);
        }
}