1 /* SPDX-License-Identifier: MIT */
2 /* SPDX-FileCopyrightText: 2024 Mathieu Desnoyers <mathieu.desnoyers@efficios.com> */
4 #ifndef _RSEQ_MEMPOOL_H
5 #define _RSEQ_MEMPOOL_H
7 #include <rseq/compiler.h>
14 * rseq/mempool.h: rseq memory pool allocator.
16 * The rseq memory pool allocator can be configured as either a global
17 * allocator (default) or a per-CPU memory allocator.
19 * The rseq global memory allocator allows the application to request
20 * memory pools of global memory each of containing objects of a
21 * given size (rounded to next power of 2), reserving a given virtual
22 * address size of the requested stride.
24 * The rseq per-CPU memory allocator allows the application the request
25 * memory pools of CPU-Local memory each of containing objects of a
26 * given size (rounded to next power of 2), reserving a given virtual
27 * address size per CPU, for a given maximum number of CPUs.
29 * The per-CPU memory allocator is analogous to TLS (Thread-Local
30 * Storage) memory: TLS is Thread-Local Storage, whereas the per-CPU
31 * memory allocator provides CPU-Local Storage.
33 * Memory pool sets can be created by adding one or more pools into
34 * them. They can be used to perform allocation of variable length
43 * The percpu offset stride can be overridden by the user code.
44 * The stride *must* match for all objects belonging to a given pool
45 * between arguments to:
47 * - rseq_mempool_create(),
48 * - rseq_percpu_ptr().
49 * - rseq_mempool_percpu_free(),
51 #define RSEQ_MEMPOOL_STRIDE (1U << 16) /* stride: 64kB */
54 * Tag pointers returned by:
55 * - rseq_mempool_percpu_malloc(),
56 * - rseq_mempool_percpu_zmalloc(),
57 * - rseq_mempool_set_percpu_malloc(),
58 * - rseq_mempool_set_percpu_zmalloc().
60 * and passed as parameter to:
61 * - rseq_percpu_ptr(),
62 * - rseq_mempool_percpu_free().
64 * with __rseq_percpu for use by static analyzers.
68 struct rseq_mempool_attr
;
72 * rseq_mempool_create: Create a memory pool.
74 * Create a memory pool for items of size @item_len (rounded to
77 * The @attr pointer used to specify the pool attributes. If NULL, use a
78 * default attribute values. The @attr can be destroyed immediately
79 * after rseq_mempool_create() returns. The caller keeps ownership
80 * of @attr. Default attributes select a global mempool type.
82 * The argument @pool_name can be used to given a name to the pool for
83 * debugging purposes. It can be NULL if no name is given.
85 * Returns a pointer to the created percpu pool. Return NULL on error,
86 * with errno set accordingly:
88 * EINVAL: Invalid argument.
89 * ENOMEM: Not enough resources (memory or pool indexes) available to
92 * In addition, if the attr mmap callback fails, NULL is returned and
93 * errno is propagated from the callback. The default callback can
94 * return errno=ENOMEM.
96 * This API is MT-safe.
98 struct rseq_mempool
*rseq_mempool_create(const char *pool_name
,
99 size_t item_len
, const struct rseq_mempool_attr
*attr
);
102 * rseq_mempool_destroy: Destroy a per-cpu memory pool.
104 * Destroy a per-cpu memory pool, unmapping its memory and removing the
105 * pool entry from the global index. No pointers allocated from the
106 * pool should be used when it is destroyed. This includes rseq_percpu_ptr().
108 * Argument @pool is a pointer to the per-cpu pool to destroy.
110 * Return values: 0 on success, -1 on error, with errno set accordingly:
112 * ENOENT: Trying to free a pool which was not allocated.
114 * If the munmap_func callback fails, -1 is returned and errno is
115 * propagated from the callback. The default callback can return
118 * This API is MT-safe.
120 int rseq_mempool_destroy(struct rseq_mempool
*pool
);
123 * rseq_mempool_percpu_malloc: Allocate memory from a per-cpu pool.
125 * Allocate an item from a per-cpu @pool. The allocation will reserve
126 * an item of the size specified by @item_len (rounded to next power of
127 * two) at pool creation. This effectively reserves space for this item
130 * On success, return a "__rseq_percpu" encoded pointer to the pool
131 * item. This encoded pointer is meant to be passed to rseq_percpu_ptr()
132 * to be decoded to a valid address before being accessed.
134 * Return NULL (errno=ENOMEM) if there is not enough space left in the
135 * pool to allocate an item.
137 * This API is MT-safe.
139 void __rseq_percpu
*rseq_mempool_percpu_malloc(struct rseq_mempool
*pool
);
142 * rseq_mempool_percpu_zmalloc: Allocated zero-initialized memory from a per-cpu pool.
144 * Allocate memory for an item within the pool, and zero-initialize its
145 * memory on all CPUs. See rseq_mempool_percpu_malloc for details.
147 * This API is MT-safe.
149 void __rseq_percpu
*rseq_mempool_percpu_zmalloc(struct rseq_mempool
*pool
);
152 * rseq_mempool_malloc: Allocate memory from a global pool.
154 * Wrapper to allocate memory from a global pool, which can be
155 * used directly without per-cpu indexing. Would normally be used
156 * with pools created with max_nr_cpus=1.
159 void *rseq_mempool_malloc(struct rseq_mempool
*pool
)
161 return (void *) rseq_mempool_percpu_malloc(pool
);
165 * rseq_mempool_zmalloc: Allocate zero-initialized memory from a global pool.
167 * Wrapper to allocate memory from a global pool, which can be
168 * used directly without per-cpu indexing. Would normally be used
169 * with pools created with max_nr_cpus=1.
172 void *rseq_mempool_zmalloc(struct rseq_mempool
*pool
)
174 return (void *) rseq_mempool_percpu_zmalloc(pool
);
178 * rseq_mempool_percpu_free: Free memory from a per-cpu pool.
180 * Free an item pointed to by @ptr from its per-cpu pool.
182 * The @ptr argument is a __rseq_percpu encoded pointer returned by
185 * - rseq_mempool_percpu_malloc(),
186 * - rseq_mempool_percpu_zmalloc(),
187 * - rseq_mempool_set_percpu_malloc(),
188 * - rseq_mempool_set_percpu_zmalloc().
190 * The @stride optional argument to rseq_percpu_free() is a configurable
191 * stride, which must match the stride received by pool creation.
192 * If the argument is not present, use the default RSEQ_MEMPOOL_STRIDE.
194 * This API is MT-safe.
196 void librseq_mempool_percpu_free(void __rseq_percpu
*ptr
, size_t stride
);
198 #define rseq_mempool_percpu_free(_ptr, _stride...) \
199 librseq_mempool_percpu_free(_ptr, RSEQ_PARAM_SELECT_ARG1(_, ##_stride, RSEQ_MEMPOOL_STRIDE))
202 * rseq_free: Free memory from a global pool.
204 * Free an item pointed to by @ptr from its global pool. Would normally
205 * be used with pools created with max_nr_cpus=1.
207 * The @ptr argument is a pointer returned by either:
209 * - rseq_mempool_malloc(),
210 * - rseq_mempool_zmalloc(),
211 * - rseq_mempool_set_malloc(),
212 * - rseq_mempool_set_zmalloc().
214 * The @stride optional argument to rseq_free() is a configurable
215 * stride, which must match the stride received by pool creation. If
216 * the argument is not present, use the default RSEQ_MEMPOOL_STRIDE.
217 * The stride is needed even for a global pool to know the mapping
220 * This API is MT-safe.
222 #define rseq_mempool_free(_ptr, _stride...) \
223 librseq_percpu_free((void __rseq_percpu *) _ptr, RSEQ_PARAM_SELECT_ARG1(_, ##_stride, RSEQ_MEMPOOL_STRIDE))
226 * rseq_percpu_ptr: Offset a per-cpu pointer for a given CPU.
228 * Offset a per-cpu pointer @ptr to get the associated pointer for the
229 * given @cpu. The @ptr argument is a __rseq_percpu pointer returned by
232 * - rseq_mempool_percpu_malloc(),
233 * - rseq_mempool_percpu_zmalloc(),
234 * - rseq_mempool_set_percpu_malloc(),
235 * - rseq_mempool_set_percpu_zmalloc().
237 * The macro rseq_percpu_ptr() preserves the type of the @ptr parameter
238 * for the returned pointer, but removes the __rseq_percpu annotation.
240 * The macro rseq_percpu_ptr() takes an optional @stride argument. If
241 * the argument is not present, use the default RSEQ_MEMPOOL_STRIDE.
242 * This must match the stride used for pool creation.
244 * This API is MT-safe.
246 #define rseq_percpu_ptr(_ptr, _cpu, _stride...) \
247 ((__typeof__(*(_ptr)) *) ((uintptr_t) (_ptr) + \
248 ((unsigned int) (_cpu) * \
249 (uintptr_t) RSEQ_PARAM_SELECT_ARG1(_, ##_stride, RSEQ_MEMPOOL_STRIDE))))
252 * rseq_mempool_set_create: Create a pool set.
254 * Create a set of pools. Its purpose is to offer a memory allocator API
255 * for variable-length items (e.g. variable length strings). When
256 * created, the pool set has no pool. Pools can be created and added to
257 * the set. One common approach would be to create pools for each
258 * relevant power of two allocation size useful for the application.
259 * Only one pool can be added to the pool set for each power of two
262 * Returns a pool set pointer on success, else returns NULL with
263 * errno=ENOMEM (out of memory).
265 * This API is MT-safe.
267 struct rseq_mempool_set
*rseq_mempool_set_create(void);
270 * rseq_mempool_set_destroy: Destroy a pool set.
272 * Destroy a pool set and its associated resources. The pools that were
273 * added to the pool set are destroyed as well.
275 * Returns 0 on success, -1 on failure (or partial failure), with errno
276 * set by rseq_percpu_pool_destroy(). Using a pool set after destroy
277 * failure is undefined.
279 * This API is MT-safe.
281 int rseq_mempool_set_destroy(struct rseq_mempool_set
*pool_set
);
284 * rseq_mempool_set_add_pool: Add a pool to a pool set.
286 * Add a @pool to the @pool_set. On success, its ownership is handed
287 * over to the pool set, so the caller should not destroy it explicitly.
288 * Only one pool can be added to the pool set for each power of two
291 * Returns 0 on success, -1 on error with the following errno:
292 * - EBUSY: A pool already exists in the pool set for this power of two
295 * This API is MT-safe.
297 int rseq_mempool_set_add_pool(struct rseq_mempool_set
*pool_set
,
298 struct rseq_mempool
*pool
);
301 * rseq_mempool_set_percpu_malloc: Allocate memory from a per-cpu pool set.
303 * Allocate an item from a per-cpu @pool. The allocation will reserve
304 * an item of the size specified by @len (rounded to next power of
305 * two). This effectively reserves space for this item on all CPUs.
307 * The space reservation will search for the smallest pool within
308 * @pool_set which respects the following conditions:
310 * - it has an item size large enough to fit @len,
311 * - it has space available.
313 * On success, return a "__rseq_percpu" encoded pointer to the pool
314 * item. This encoded pointer is meant to be passed to rseq_percpu_ptr()
315 * to be decoded to a valid address before being accessed.
317 * Return NULL (errno=ENOMEM) if there is not enough space left in the
318 * pool to allocate an item.
320 * This API is MT-safe.
322 void __rseq_percpu
*rseq_mempool_set_percpu_malloc(struct rseq_mempool_set
*pool_set
, size_t len
);
325 * rseq_mempool_set_percpu_zmalloc: Allocated zero-initialized memory from a per-cpu pool set.
327 * Allocate memory for an item within the pool, and zero-initialize its
328 * memory on all CPUs. See rseq_mempool_set_percpu_malloc for details.
330 * This API is MT-safe.
332 void __rseq_percpu
*rseq_mempool_set_percpu_zmalloc(struct rseq_mempool_set
*pool_set
, size_t len
);
335 * rseq_mempool_set_malloc: Allocate memory from a global pool set.
337 * Wrapper to allocate memory from a global pool, which can be
338 * used directly without per-cpu indexing. Would normally be used
339 * with pools created with max_nr_cpus=1.
342 void *rseq_mempool_set_malloc(struct rseq_mempool_set
*pool_set
, size_t len
)
344 return (void *) rseq_mempool_set_percpu_malloc(pool_set
, len
);
348 * rseq_mempool_set_zmalloc: Allocate zero-initialized memory from a global pool set.
350 * Wrapper to allocate memory from a global pool, which can be
351 * used directly without per-cpu indexing. Would normally be used
352 * with pools created with max_nr_cpus=1.
355 void *rseq_mempool_set_zmalloc(struct rseq_mempool_set
*pool_set
, size_t len
)
357 return (void *) rseq_mempool_set_percpu_zmalloc(pool_set
, len
);
361 * rseq_mempool_init_numa: Move pages to the NUMA node associated to their CPU topology.
363 * For pages allocated within @pool, invoke move_pages(2) with the given
364 * @numa_flags to move the pages to the NUMA node associated to their
367 * Argument @numa_flags are passed to move_pages(2). The expected flags are:
368 * MPOL_MF_MOVE: move process-private pages to cpu-specific numa nodes.
369 * MPOL_MF_MOVE_ALL: move shared pages to cpu-specific numa nodes
370 * (requires CAP_SYS_NICE).
372 * Returns 0 on success, else return -1 with errno set by move_pages(2).
374 int rseq_mempool_init_numa(struct rseq_mempool
*pool
, int numa_flags
);
377 * rseq_mempool_attr_create: Create a pool attribute structure.
379 struct rseq_mempool_attr
*rseq_mempool_attr_create(void);
382 * rseq_mempool_attr_destroy: Destroy a pool attribute structure.
384 void rseq_mempool_attr_destroy(struct rseq_mempool_attr
*attr
);
387 * rseq_mempool_attr_set_mmap: Set pool attribute structure mmap functions.
389 * The @mmap_func callback used to map the memory for the pool.
391 * The @munmap_func callback used to unmap the memory when the pool
394 * The @mmap_priv argument is a private data pointer passed to both
395 * @mmap_func and @munmap_func callbacks.
397 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
399 int rseq_mempool_attr_set_mmap(struct rseq_mempool_attr
*attr
,
400 void *(*mmap_func
)(void *priv
, size_t len
),
401 int (*munmap_func
)(void *priv
, void *ptr
, size_t len
),
405 * rseq_mempool_attr_set_init: Set pool attribute structure memory init functions.
407 * The @init_func callback used to initialized memory after allocation
408 * for the pool. The @cpu argument of @init_func, if >= 0, is the cpu to
409 * which belongs the range starting at @addr of length @len. If cpu is
410 * -1, it means the range belongs to a global pool. The @init_func
411 * callback must return 0 on success, -1 on error with errno set. If
412 * @init_func returns failure, the allocation of the pool memory fails,
413 * which either causes the pool creation to fail or memory allocation to
414 * fail (for extensible memory pools).
416 * The @init_priv argument is a private data pointer passed to the
417 * @init_func callback.
419 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
421 int rseq_mempool_attr_set_init(struct rseq_mempool_attr
*attr
,
422 int (*init_func
)(void *priv
, void *addr
, size_t len
, int cpu
),
426 * rseq_mempool_attr_set_robust: Set pool robust attribute.
428 * The robust pool attribute enables runtime validation of the pool:
430 * - Check for double-free of pointers.
432 * - Detect memory leaks on pool destruction.
434 * - Detect free-list corruption on pool destruction.
436 * - Detect poison value corruption on allocation and pool destruction.
438 * There is a marginal runtime overhead on malloc/free operations.
440 * The memory overhead is (pool->percpu_len / pool->item_len) / CHAR_BIT
441 * bytes, over the lifetime of the pool.
443 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
445 int rseq_mempool_attr_set_robust(struct rseq_mempool_attr
*attr
);
448 * rseq_mempool_attr_set_percpu: Set pool type as percpu.
450 * A pool created with this type is a per-cpu memory pool. The reserved
451 * allocation size is @stride, and the maximum CPU value expected
452 * is (@max_nr_cpus - 1). A @stride of 0 uses the default
453 * RSEQ_MEMPOOL_STRIDE.
455 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
457 int rseq_mempool_attr_set_percpu(struct rseq_mempool_attr
*attr
,
458 size_t stride
, int max_nr_cpus
);
461 * rseq_mempool_attr_set_global: Set pool type as global.
463 * A pool created with this type is a global memory pool. The reserved
464 * allocation size is @stride. A @stride of 0 uses the default
465 * RSEQ_MEMPOOL_STRIDE.
467 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
469 int rseq_mempool_attr_set_global(struct rseq_mempool_attr
*attr
, size_t stride
);
472 * rseq_mempool_attr_set_max_nr_ranges: Set upper-limit to range allocation.
474 * Set an upper-limit to range allocation. A @max_nr_ranges value of
475 * 0 means no limit (default).
477 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
479 int rseq_mempool_attr_set_max_nr_ranges(struct rseq_mempool_attr
*attr
,
480 unsigned long max_nr_ranges
);
483 * rseq_mempool_attr_set_poison: Set pool poison value.
485 * Set a poison value to be set over freed pool entries. This can be
486 * used to anonymize freed memory, and for memory corruption checks
487 * with the robust attribute.
489 * Returns 0 on success, -1 with errno=EINVAL if arguments are invalid.
491 int rseq_mempool_attr_set_poison(struct rseq_mempool_attr
*attr
,
495 * rseq_mempool_range_init_numa: NUMA initialization helper for memory range.
497 * Helper which can be used from mempool_attr @init_func to move a CPU
498 * memory range to the NUMA node associated to its topology.
500 * Returns 0 on success, -1 with errno set by move_pages(2) on error.
501 * Returns -1, errno=ENOSYS if NUMA support is not present.
503 int rseq_mempool_range_init_numa(void *addr
, size_t len
, int cpu
, int numa_flags
);
506 * rseq_mempool_get_max_nr_cpus: Get the max_nr_cpus value configured for a pool.
508 * Returns a value >= 0 for a per-cpu pool.
509 * Returns -1, errno=EINVAL if the mempool is NULL or if the pool has a
512 int rseq_mempool_get_max_nr_cpus(struct rseq_mempool
*mempool
);
518 #endif /* _RSEQ_MEMPOOL_H */
This page took 0.039026 seconds and 4 git commands to generate.