projects / librseq.git / blame
| Commit | Line | Data |
|---|---|---|
| ef6695f1 MD |
1 | // SPDX-License-Identifier: MIT |
| 2 | // SPDX-FileCopyrightText: 2024 Mathieu Desnoyers <mathieu.desnoyers@efficios.com> | |
| 3 | ||
| 34337fec | 4 | #include <rseq/mempool.h> |
| ef6695f1 MD |
5 | #include <sys/mman.h> |
| 6 | #include <assert.h> | |
| 7 | #include <string.h> | |
| 8 | #include <pthread.h> | |
| 9 | #include <unistd.h> | |
| 10 | #include <stdlib.h> | |
| 11 | #include <rseq/compiler.h> | |
| 12 | #include <errno.h> | |
| 13 | #include <stdint.h> | |
| 14 | #include <stdbool.h> | |
| 367e559c | 15 | #include <stdio.h> |
| a5694a4d | 16 | #include <fcntl.h> |
| 367e559c MD |
17 | |
| 18 | #ifdef HAVE_LIBNUMA | |
| 19 | # include <numa.h> | |
| 20 | # include <numaif.h> | |
| 21 | #endif | |
| ef6695f1 | 22 | |
| 34337fec | 23 | #include "rseq-utils.h" |
| 47c725dd | 24 | #include <rseq/rseq.h> |
| 19be9217 | 25 | |
| ef6695f1 | 26 | /* |
| b73b0c25 | 27 | * rseq-mempool.c: rseq CPU-Local Storage (CLS) memory allocator. |
| ef6695f1 | 28 | * |
| 8ab16a24 MD |
29 | * The rseq per-CPU memory allocator allows the application the request |
| 30 | * memory pools of CPU-Local memory each of containing objects of a | |
| 8aa1462d MD |
31 | * given size (rounded to next power of 2), reserving a given virtual |
| 32 | * address size per CPU, for a given maximum number of CPUs. | |
| 8ab16a24 MD |
33 | * |
| 34 | * The per-CPU memory allocator is analogous to TLS (Thread-Local | |
| 35 | * Storage) memory: TLS is Thread-Local Storage, whereas the per-CPU | |
| 36 | * memory allocator provides CPU-Local Storage. | |
| ef6695f1 MD |
37 | */ |
| 38 | ||
| 3236da62 | 39 | #define POOL_SET_NR_ENTRIES RSEQ_BITS_PER_LONG |
| ef6695f1 | 40 | |
| 72b100a1 MD |
41 | /* |
| 42 | * Smallest allocation should hold enough space for a free list pointer. | |
| 43 | */ | |
| ef6695f1 MD |
44 | #if RSEQ_BITS_PER_LONG == 64 |
| 45 | # define POOL_SET_MIN_ENTRY 3 /* Smallest item_len=8 */ | |
| 46 | #else | |
| 47 | # define POOL_SET_MIN_ENTRY 2 /* Smallest item_len=4 */ | |
| 48 | #endif | |
| 49 | ||
| 0fdf7a4c OD |
50 | #define BIT_PER_ULONG (8 * sizeof(unsigned long)) |
| 51 | ||
| 57d8b586 OD |
52 | #define MOVE_PAGES_BATCH_SIZE 4096 |
| 53 | ||
| 0ba2a93e | 54 | #define RANGE_HEADER_OFFSET sizeof(struct rseq_mempool_range) |
| 4aa3220c | 55 | |
| 3975084e | 56 | #if RSEQ_BITS_PER_LONG == 64 |
| dbccd436 | 57 | # define DEFAULT_PRIVATE_POISON_VALUE 0x5555555555555555ULL |
| 3975084e | 58 | #else |
| dbccd436 | 59 | # define DEFAULT_PRIVATE_POISON_VALUE 0x55555555UL |
| 3975084e MD |
60 | #endif |
| 61 | ||
| ef6695f1 MD |
62 | struct free_list_node; |
| 63 | ||
| 64 | struct free_list_node { | |
| 65 | struct free_list_node *next; | |
| 66 | }; | |
| 67 | ||
| cb475906 | 68 | enum mempool_type { |
| 89b7e681 MD |
69 | MEMPOOL_TYPE_GLOBAL = 0, /* Default */ |
| 70 | MEMPOOL_TYPE_PERCPU = 1, | |
| cb475906 MD |
71 | }; |
| 72 | ||
| 0ba2a93e | 73 | struct rseq_mempool_attr { |
| 135811f2 | 74 | bool init_set; |
| 6e329183 | 75 | int (*init_func)(void *priv, void *addr, size_t len, int cpu); |
| 135811f2 MD |
76 | void *init_priv; |
| 77 | ||
| d6acc8aa | 78 | bool robust_set; |
| cb475906 MD |
79 | |
| 80 | enum mempool_type type; | |
| 81 | size_t stride; | |
| 82 | int max_nr_cpus; | |
| e11a02d7 MD |
83 | |
| 84 | unsigned long max_nr_ranges; | |
| 455e090e MD |
85 | |
| 86 | bool poison_set; | |
| 87 | uintptr_t poison; | |
| a5694a4d MD |
88 | |
| 89 | enum rseq_mempool_populate_policy populate_policy; | |
| 9bd07c29 MD |
90 | }; |
| 91 | ||
| 0ba2a93e | 92 | struct rseq_mempool_range; |
| b73b0c25 | 93 | |
| 0ba2a93e | 94 | struct rseq_mempool_range { |
| 9d986353 MD |
95 | struct rseq_mempool_range *next; /* Linked list of ranges. */ |
| 96 | struct rseq_mempool *pool; /* Backward reference to container pool. */ | |
| a5694a4d MD |
97 | |
| 98 | /* | |
| 99 | * Memory layout of a mempool range: | |
| 100 | * - Header page (contains struct rseq_mempool_range at the very end), | |
| c0de0012 MD |
101 | * - Base of the per-cpu data, starting with CPU 0. |
| 102 | * Aliases with free-list for non-robust populate all pool. | |
| a5694a4d MD |
103 | * - CPU 1, |
| 104 | * ... | |
| 105 | * - CPU max_nr_cpus - 1 | |
| 4e8ae59d | 106 | * - init values (unpopulated for RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL). |
| c0de0012 MD |
107 | * Aliases with free-list for non-robust populate none pool. |
| 108 | * - free list (for robust pool). | |
| 109 | * | |
| 110 | * The free list aliases the CPU 0 memory area for non-robust | |
| 111 | * populate all pools. It aliases with init values for | |
| 112 | * non-robust populate none pools. It is located immediately | |
| 113 | * after the init values for robust pools. | |
| a5694a4d | 114 | */ |
| 4aa3220c | 115 | void *header; |
| ef6695f1 | 116 | void *base; |
| a5694a4d MD |
117 | /* |
| 118 | * The init values contains malloc_init/zmalloc values. | |
| 4e8ae59d | 119 | * Pointer is NULL for RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL. |
| a5694a4d MD |
120 | */ |
| 121 | void *init; | |
| b73b0c25 | 122 | size_t next_unused; |
| fa6a0fb3 MD |
123 | |
| 124 | /* Pool range mmap/munmap */ | |
| 125 | void *mmap_addr; | |
| 126 | size_t mmap_len; | |
| 127 | ||
| b73b0c25 MD |
128 | /* Track alloc/free. */ |
| 129 | unsigned long *alloc_bitmap; | |
| 130 | }; | |
| 131 | ||
| 0ba2a93e | 132 | struct rseq_mempool { |
| 9d986353 MD |
133 | /* Head of ranges linked-list. */ |
| 134 | struct rseq_mempool_range *range_list; | |
| 135 | unsigned long nr_ranges; | |
| b73b0c25 | 136 | |
| ef6695f1 | 137 | size_t item_len; |
| ef6695f1 | 138 | int item_order; |
| ef6695f1 MD |
139 | |
| 140 | /* | |
| 8ab16a24 | 141 | * The free list chains freed items on the CPU 0 address range. |
| ef6695f1 | 142 | * We should rethink this decision if false sharing between |
| 8ab16a24 | 143 | * malloc/free from other CPUs and data accesses from CPU 0 |
| ef6695f1 MD |
144 | * becomes an issue. This is a NULL-terminated singly-linked |
| 145 | * list. | |
| 146 | */ | |
| 147 | struct free_list_node *free_list_head; | |
| b73b0c25 | 148 | |
| ef6695f1 MD |
149 | /* This lock protects allocation/free within the pool. */ |
| 150 | pthread_mutex_t lock; | |
| 9bd07c29 | 151 | |
| 0ba2a93e | 152 | struct rseq_mempool_attr attr; |
| ca452fee | 153 | char *name; |
| ef6695f1 MD |
154 | }; |
| 155 | ||
| ef6695f1 MD |
156 | /* |
| 157 | * Pool set entries are indexed by item_len rounded to the next power of | |
| 158 | * 2. A pool set can contain NULL pool entries, in which case the next | |
| 159 | * large enough entry will be used for allocation. | |
| 160 | */ | |
| 0ba2a93e | 161 | struct rseq_mempool_set { |
| ef6695f1 MD |
162 | /* This lock protects add vs malloc/zmalloc within the pool set. */ |
| 163 | pthread_mutex_t lock; | |
| 0ba2a93e | 164 | struct rseq_mempool *entries[POOL_SET_NR_ENTRIES]; |
| ef6695f1 MD |
165 | }; |
| 166 | ||
| 86617384 MD |
167 | static |
| 168 | const char *get_pool_name(const struct rseq_mempool *pool) | |
| 169 | { | |
| 170 | return pool->name ? : "<anonymous>"; | |
| 171 | } | |
| 172 | ||
| 367e559c | 173 | static |
| 6fbf1fb6 | 174 | void *__rseq_pool_range_percpu_ptr(const struct rseq_mempool_range *range, int cpu, |
| f2981623 | 175 | uintptr_t item_offset, size_t stride) |
| 367e559c | 176 | { |
| 15b63c9f | 177 | return range->base + (stride * cpu) + item_offset; |
| 367e559c MD |
178 | } |
| 179 | ||
| a5694a4d MD |
180 | static |
| 181 | void *__rseq_pool_range_init_ptr(const struct rseq_mempool_range *range, | |
| 182 | uintptr_t item_offset) | |
| 183 | { | |
| 184 | if (!range->init) | |
| 185 | return NULL; | |
| 186 | return range->init + item_offset; | |
| 187 | } | |
| 188 | ||
| 189 | static | |
| 190 | void __rseq_percpu *__rseq_free_list_to_percpu_ptr(const struct rseq_mempool *pool, | |
| 191 | struct free_list_node *node) | |
| 192 | { | |
| 193 | void __rseq_percpu *p = (void __rseq_percpu *) node; | |
| 194 | ||
| c0de0012 MD |
195 | if (pool->attr.robust_set) { |
| 196 | /* Skip cpus. */ | |
| a5694a4d | 197 | p -= pool->attr.max_nr_cpus * pool->attr.stride; |
| c0de0012 | 198 | /* Skip init values */ |
| 4e8ae59d | 199 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) |
| c0de0012 MD |
200 | p -= pool->attr.stride; |
| 201 | ||
| 202 | } else { | |
| 203 | /* Populate none free list is in init values */ | |
| 4e8ae59d | 204 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) |
| c0de0012 MD |
205 | p -= pool->attr.max_nr_cpus * pool->attr.stride; |
| 206 | } | |
| a5694a4d MD |
207 | return p; |
| 208 | } | |
| 209 | ||
| 210 | static | |
| 211 | struct free_list_node *__rseq_percpu_to_free_list_ptr(const struct rseq_mempool *pool, | |
| 212 | void __rseq_percpu *p) | |
| 213 | { | |
| c0de0012 MD |
214 | if (pool->attr.robust_set) { |
| 215 | /* Skip cpus. */ | |
| a5694a4d | 216 | p += pool->attr.max_nr_cpus * pool->attr.stride; |
| c0de0012 | 217 | /* Skip init values */ |
| 4e8ae59d | 218 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) |
| c0de0012 MD |
219 | p += pool->attr.stride; |
| 220 | ||
| 221 | } else { | |
| 222 | /* Populate none free list is in init values */ | |
| 4e8ae59d | 223 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) |
| c0de0012 MD |
224 | p += pool->attr.max_nr_cpus * pool->attr.stride; |
| 225 | } | |
| a5694a4d MD |
226 | return (struct free_list_node *) p; |
| 227 | } | |
| 228 | ||
| 229 | static | |
| 14af0aa2 | 230 | intptr_t rseq_cmp_item(void *p, size_t item_len, intptr_t cmp_value, intptr_t *unexpected_value) |
| a5694a4d | 231 | { |
| 14af0aa2 MD |
232 | size_t offset; |
| 233 | intptr_t res = 0; | |
| a5694a4d | 234 | |
| 14af0aa2 MD |
235 | for (offset = 0; offset < item_len; offset += sizeof(uintptr_t)) { |
| 236 | intptr_t v = *((intptr_t *) (p + offset)); | |
| 237 | ||
| 238 | if ((res = v - cmp_value) != 0) { | |
| 239 | if (unexpected_value) | |
| 240 | *unexpected_value = v; | |
| a5694a4d | 241 | break; |
| 14af0aa2 MD |
242 | } |
| 243 | } | |
| a5694a4d MD |
244 | return res; |
| 245 | } | |
| 246 | ||
| 367e559c | 247 | static |
| 15b63c9f MD |
248 | void rseq_percpu_zero_item(struct rseq_mempool *pool, |
| 249 | struct rseq_mempool_range *range, uintptr_t item_offset) | |
| 367e559c | 250 | { |
| a5694a4d | 251 | char *init_p = NULL; |
| 367e559c MD |
252 | int i; |
| 253 | ||
| a5694a4d MD |
254 | init_p = __rseq_pool_range_init_ptr(range, item_offset); |
| 255 | if (init_p) | |
| 644298bb | 256 | bzero(init_p, pool->item_len); |
| cb475906 | 257 | for (i = 0; i < pool->attr.max_nr_cpus; i++) { |
| 15b63c9f | 258 | char *p = __rseq_pool_range_percpu_ptr(range, i, |
| cb475906 | 259 | item_offset, pool->attr.stride); |
| a5694a4d | 260 | |
| 1b658191 MD |
261 | /* |
| 262 | * If item is already zeroed, either because the | |
| 263 | * init range update has propagated or because the | |
| 264 | * content is already zeroed (e.g. zero page), don't | |
| 265 | * write to the page. This eliminates useless COW over | |
| 266 | * the zero page just for overwriting it with zeroes. | |
| 267 | * | |
| 268 | * This means zmalloc() in populate all policy pool do | |
| 269 | * not trigger COW for CPUs which are not actively | |
| 270 | * writing to the pool. This is however not the case for | |
| 271 | * malloc_init() in populate-all pools if it populates | |
| 272 | * non-zero content. | |
| 273 | */ | |
| 14af0aa2 | 274 | if (!rseq_cmp_item(p, pool->item_len, 0, NULL)) |
| a5694a4d | 275 | continue; |
| 644298bb | 276 | bzero(p, pool->item_len); |
| 367e559c MD |
277 | } |
| 278 | } | |
| 279 | ||
| 6ff43d9a MD |
280 | static |
| 281 | void rseq_percpu_init_item(struct rseq_mempool *pool, | |
| 282 | struct rseq_mempool_range *range, uintptr_t item_offset, | |
| 283 | void *init_ptr, size_t init_len) | |
| 284 | { | |
| a5694a4d | 285 | char *init_p = NULL; |
| 6ff43d9a MD |
286 | int i; |
| 287 | ||
| a5694a4d MD |
288 | init_p = __rseq_pool_range_init_ptr(range, item_offset); |
| 289 | if (init_p) | |
| 290 | memcpy(init_p, init_ptr, init_len); | |
| 6ff43d9a MD |
291 | for (i = 0; i < pool->attr.max_nr_cpus; i++) { |
| 292 | char *p = __rseq_pool_range_percpu_ptr(range, i, | |
| 293 | item_offset, pool->attr.stride); | |
| a5694a4d | 294 | |
| 1b658191 MD |
295 | /* |
| 296 | * If the update propagated through a shared mapping, | |
| 297 | * or the item already has the correct content, skip | |
| 298 | * writing it into the cpu item to eliminate useless | |
| 299 | * COW of the page. | |
| 300 | */ | |
| 301 | if (!memcmp(init_ptr, p, init_len)) | |
| a5694a4d | 302 | continue; |
| 6ff43d9a MD |
303 | memcpy(p, init_ptr, init_len); |
| 304 | } | |
| 305 | } | |
| 306 | ||
| a5694a4d MD |
307 | static |
| 308 | void rseq_poison_item(void *p, size_t item_len, uintptr_t poison) | |
| 309 | { | |
| 310 | size_t offset; | |
| 311 | ||
| 312 | for (offset = 0; offset < item_len; offset += sizeof(uintptr_t)) | |
| 313 | *((uintptr_t *) (p + offset)) = poison; | |
| 314 | } | |
| 315 | ||
| 455e090e MD |
316 | static |
| 317 | void rseq_percpu_poison_item(struct rseq_mempool *pool, | |
| 318 | struct rseq_mempool_range *range, uintptr_t item_offset) | |
| 319 | { | |
| 320 | uintptr_t poison = pool->attr.poison; | |
| a5694a4d | 321 | char *init_p = NULL; |
| 455e090e MD |
322 | int i; |
| 323 | ||
| a5694a4d MD |
324 | init_p = __rseq_pool_range_init_ptr(range, item_offset); |
| 325 | if (init_p) | |
| 326 | rseq_poison_item(init_p, pool->item_len, poison); | |
| 455e090e MD |
327 | for (i = 0; i < pool->attr.max_nr_cpus; i++) { |
| 328 | char *p = __rseq_pool_range_percpu_ptr(range, i, | |
| 329 | item_offset, pool->attr.stride); | |
| 455e090e | 330 | |
| 1b658191 MD |
331 | /* |
| 332 | * If the update propagated through a shared mapping, | |
| 333 | * or the item already has the correct content, skip | |
| 334 | * writing it into the cpu item to eliminate useless | |
| 335 | * COW of the page. | |
| 336 | * | |
| 337 | * It is recommended to use zero as poison value for | |
| 338 | * populate-all pools to eliminate COW due to writing | |
| 339 | * poison to unused CPU memory. | |
| 340 | */ | |
| 14af0aa2 | 341 | if (rseq_cmp_item(p, pool->item_len, poison, NULL) == 0) |
| a5694a4d MD |
342 | continue; |
| 343 | rseq_poison_item(p, pool->item_len, poison); | |
| 344 | } | |
| 345 | } | |
| 346 | ||
| 347 | /* Always inline for __builtin_return_address(0). */ | |
| 348 | static inline __attribute__((always_inline)) | |
| 349 | void rseq_check_poison_item(const struct rseq_mempool *pool, uintptr_t item_offset, | |
| c0de0012 | 350 | void *p, size_t item_len, uintptr_t poison) |
| a5694a4d | 351 | { |
| 1b658191 | 352 | intptr_t unexpected_value; |
| a5694a4d | 353 | |
| 14af0aa2 | 354 | if (rseq_cmp_item(p, item_len, poison, &unexpected_value) == 0) |
| 1b658191 | 355 | return; |
| a5694a4d | 356 | |
| 1b658191 MD |
357 | fprintf(stderr, "%s: Poison corruption detected (0x%lx) for pool: \"%s\" (%p), item offset: %zu, caller: %p.\n", |
| 358 | __func__, (unsigned long) unexpected_value, get_pool_name(pool), pool, item_offset, (void *) __builtin_return_address(0)); | |
| 359 | abort(); | |
| 86617384 MD |
360 | } |
| 361 | ||
| 362 | /* Always inline for __builtin_return_address(0). */ | |
| 363 | static inline __attribute__((always_inline)) | |
| 6fbf1fb6 MD |
364 | void rseq_percpu_check_poison_item(const struct rseq_mempool *pool, |
| 365 | const struct rseq_mempool_range *range, uintptr_t item_offset) | |
| 86617384 MD |
366 | { |
| 367 | uintptr_t poison = pool->attr.poison; | |
| a5694a4d | 368 | char *init_p; |
| 86617384 MD |
369 | int i; |
| 370 | ||
| 3975084e | 371 | if (!pool->attr.robust_set) |
| 86617384 | 372 | return; |
| a5694a4d MD |
373 | init_p = __rseq_pool_range_init_ptr(range, item_offset); |
| 374 | if (init_p) | |
| c0de0012 | 375 | rseq_check_poison_item(pool, item_offset, init_p, pool->item_len, poison); |
| 86617384 MD |
376 | for (i = 0; i < pool->attr.max_nr_cpus; i++) { |
| 377 | char *p = __rseq_pool_range_percpu_ptr(range, i, | |
| 378 | item_offset, pool->attr.stride); | |
| c0de0012 | 379 | rseq_check_poison_item(pool, item_offset, p, pool->item_len, poison); |
| 455e090e MD |
380 | } |
| 381 | } | |
| 382 | ||
| 15b63c9f | 383 | #ifdef HAVE_LIBNUMA |
| c6fd3981 | 384 | int rseq_mempool_range_init_numa(void *addr, size_t len, int cpu, int numa_flags) |
| 367e559c | 385 | { |
| f2981623 | 386 | unsigned long nr_pages, page_len; |
| c6fd3981 MD |
387 | int status[MOVE_PAGES_BATCH_SIZE]; |
| 388 | int nodes[MOVE_PAGES_BATCH_SIZE]; | |
| 389 | void *pages[MOVE_PAGES_BATCH_SIZE]; | |
| f2981623 | 390 | long ret; |
| 367e559c | 391 | |
| c6fd3981 MD |
392 | if (!numa_flags) { |
| 393 | errno = EINVAL; | |
| 394 | return -1; | |
| 395 | } | |
| 367e559c | 396 | page_len = rseq_get_page_len(); |
| c6fd3981 | 397 | nr_pages = len >> rseq_get_count_order_ulong(page_len); |
| 57d8b586 | 398 | |
| c6fd3981 MD |
399 | nodes[0] = numa_node_of_cpu(cpu); |
| 400 | if (nodes[0] < 0) | |
| 401 | return -1; | |
| 57d8b586 | 402 | |
| c6fd3981 MD |
403 | for (size_t k = 1; k < RSEQ_ARRAY_SIZE(nodes); ++k) { |
| 404 | nodes[k] = nodes[0]; | |
| 405 | } | |
| 57d8b586 | 406 | |
| c6fd3981 | 407 | for (unsigned long page = 0; page < nr_pages;) { |
| 57d8b586 | 408 | |
| c6fd3981 MD |
409 | size_t max_k = RSEQ_ARRAY_SIZE(pages); |
| 410 | size_t left = nr_pages - page; | |
| 57d8b586 | 411 | |
| c6fd3981 MD |
412 | if (left < max_k) { |
| 413 | max_k = left; | |
| 414 | } | |
| 57d8b586 | 415 | |
| c6fd3981 MD |
416 | for (size_t k = 0; k < max_k; ++k, ++page) { |
| 417 | pages[k] = addr + (page * page_len); | |
| 418 | status[k] = -EPERM; | |
| 367e559c | 419 | } |
| b73b0c25 | 420 | |
| c6fd3981 MD |
421 | ret = move_pages(0, max_k, pages, nodes, status, numa_flags); |
| 422 | ||
| 423 | if (ret < 0) | |
| b73b0c25 | 424 | return ret; |
| c6fd3981 MD |
425 | |
| 426 | if (ret > 0) { | |
| 427 | fprintf(stderr, "%lu pages were not migrated\n", ret); | |
| 428 | for (size_t k = 0; k < max_k; ++k) { | |
| 429 | if (status[k] < 0) | |
| 430 | fprintf(stderr, | |
| 431 | "Error while moving page %p to numa node %d: %u\n", | |
| 432 | pages[k], nodes[k], -status[k]); | |
| 433 | } | |
| 434 | } | |
| b73b0c25 MD |
435 | } |
| 436 | return 0; | |
| 437 | } | |
| 367e559c | 438 | #else |
| c6fd3981 MD |
439 | int rseq_mempool_range_init_numa(void *addr __attribute__((unused)), |
| 440 | size_t len __attribute__((unused)), | |
| 441 | int cpu __attribute__((unused)), | |
| 367e559c MD |
442 | int numa_flags __attribute__((unused))) |
| 443 | { | |
| c6fd3981 MD |
444 | errno = ENOSYS; |
| 445 | return -1; | |
| 367e559c MD |
446 | } |
| 447 | #endif | |
| 448 | ||
| 0fdf7a4c | 449 | static |
| 0ba2a93e | 450 | int create_alloc_bitmap(struct rseq_mempool *pool, struct rseq_mempool_range *range) |
| 0fdf7a4c OD |
451 | { |
| 452 | size_t count; | |
| 453 | ||
| cb475906 | 454 | count = ((pool->attr.stride >> pool->item_order) + BIT_PER_ULONG - 1) / BIT_PER_ULONG; |
| 0fdf7a4c OD |
455 | |
| 456 | /* | |
| 9649c7ee MD |
457 | * Not being able to create the validation bitmap is an error |
| 458 | * that needs to be reported. | |
| 0fdf7a4c | 459 | */ |
| b73b0c25 MD |
460 | range->alloc_bitmap = calloc(count, sizeof(unsigned long)); |
| 461 | if (!range->alloc_bitmap) | |
| 9649c7ee MD |
462 | return -1; |
| 463 | return 0; | |
| 0fdf7a4c OD |
464 | } |
| 465 | ||
| b73b0c25 | 466 | static |
| a5694a4d | 467 | bool percpu_addr_in_pool(const struct rseq_mempool *pool, void __rseq_percpu *_addr) |
| b73b0c25 | 468 | { |
| 0ba2a93e | 469 | struct rseq_mempool_range *range; |
| a5694a4d | 470 | void *addr = (void *) _addr; |
| b73b0c25 | 471 | |
| 9d986353 | 472 | for (range = pool->range_list; range; range = range->next) { |
| b73b0c25 MD |
473 | if (addr >= range->base && addr < range->base + range->next_unused) |
| 474 | return true; | |
| 475 | } | |
| 476 | return false; | |
| 477 | } | |
| 478 | ||
| a9ec6111 OD |
479 | /* Always inline for __builtin_return_address(0). */ |
| 480 | static inline __attribute__((always_inline)) | |
| 0ba2a93e | 481 | void check_free_list(const struct rseq_mempool *pool) |
| a9ec6111 | 482 | { |
| b73b0c25 MD |
483 | size_t total_item = 0, total_never_allocated = 0, total_freed = 0, |
| 484 | max_list_traversal = 0, traversal_iteration = 0; | |
| 0ba2a93e | 485 | struct rseq_mempool_range *range; |
| b73b0c25 MD |
486 | |
| 487 | if (!pool->attr.robust_set) | |
| 488 | return; | |
| 489 | ||
| 9d986353 | 490 | for (range = pool->range_list; range; range = range->next) { |
| cb475906 MD |
491 | total_item += pool->attr.stride >> pool->item_order; |
| 492 | total_never_allocated += (pool->attr.stride - range->next_unused) >> pool->item_order; | |
| b73b0c25 MD |
493 | } |
| 494 | max_list_traversal = total_item - total_never_allocated; | |
| a9ec6111 OD |
495 | |
| 496 | for (struct free_list_node *node = pool->free_list_head, *prev = NULL; | |
| 497 | node; | |
| 498 | prev = node, | |
| 499 | node = node->next) { | |
| 500 | ||
| a9ec6111 | 501 | if (traversal_iteration >= max_list_traversal) { |
| ca452fee MD |
502 | fprintf(stderr, "%s: Corrupted free-list; Possibly infinite loop in pool \"%s\" (%p), caller %p.\n", |
| 503 | __func__, get_pool_name(pool), pool, __builtin_return_address(0)); | |
| a9ec6111 OD |
504 | abort(); |
| 505 | } | |
| 506 | ||
| 507 | /* Node is out of range. */ | |
| a5694a4d | 508 | if (!percpu_addr_in_pool(pool, __rseq_free_list_to_percpu_ptr(pool, node))) { |
| a9ec6111 | 509 | if (prev) |
| ca452fee MD |
510 | fprintf(stderr, "%s: Corrupted free-list node %p -> [out-of-range %p] in pool \"%s\" (%p), caller %p.\n", |
| 511 | __func__, prev, node, get_pool_name(pool), pool, __builtin_return_address(0)); | |
| a9ec6111 | 512 | else |
| ca452fee MD |
513 | fprintf(stderr, "%s: Corrupted free-list node [out-of-range %p] in pool \"%s\" (%p), caller %p.\n", |
| 514 | __func__, node, get_pool_name(pool), pool, __builtin_return_address(0)); | |
| a9ec6111 OD |
515 | abort(); |
| 516 | } | |
| 517 | ||
| b73b0c25 MD |
518 | traversal_iteration++; |
| 519 | total_freed++; | |
| a9ec6111 OD |
520 | } |
| 521 | ||
| 522 | if (total_never_allocated + total_freed != total_item) { | |
| ca452fee MD |
523 | fprintf(stderr, "%s: Corrupted free-list in pool \"%s\" (%p); total-item: %zu total-never-used: %zu total-freed: %zu, caller %p.\n", |
| 524 | __func__, get_pool_name(pool), pool, total_item, total_never_allocated, total_freed, __builtin_return_address(0)); | |
| a9ec6111 OD |
525 | abort(); |
| 526 | } | |
| a9ec6111 OD |
527 | } |
| 528 | ||
| 6fbf1fb6 MD |
529 | /* Always inline for __builtin_return_address(0). */ |
| 530 | static inline __attribute__((always_inline)) | |
| 531 | void check_range_poison(const struct rseq_mempool *pool, | |
| 532 | const struct rseq_mempool_range *range) | |
| 533 | { | |
| 534 | size_t item_offset; | |
| 535 | ||
| 536 | for (item_offset = 0; item_offset < range->next_unused; | |
| 537 | item_offset += pool->item_len) | |
| 538 | rseq_percpu_check_poison_item(pool, range, item_offset); | |
| 539 | } | |
| 540 | ||
| 541 | /* Always inline for __builtin_return_address(0). */ | |
| 542 | static inline __attribute__((always_inline)) | |
| 543 | void check_pool_poison(const struct rseq_mempool *pool) | |
| 544 | { | |
| 545 | struct rseq_mempool_range *range; | |
| 546 | ||
| 3975084e | 547 | if (!pool->attr.robust_set) |
| 6fbf1fb6 MD |
548 | return; |
| 549 | for (range = pool->range_list; range; range = range->next) | |
| 550 | check_range_poison(pool, range); | |
| 551 | } | |
| 552 | ||
| e7cbbc10 MD |
553 | /* Always inline for __builtin_return_address(0). */ |
| 554 | static inline __attribute__((always_inline)) | |
| 0ba2a93e | 555 | void destroy_alloc_bitmap(struct rseq_mempool *pool, struct rseq_mempool_range *range) |
| 0fdf7a4c | 556 | { |
| b73b0c25 | 557 | unsigned long *bitmap = range->alloc_bitmap; |
| 9649c7ee | 558 | size_t count, total_leaks = 0; |
| 0fdf7a4c | 559 | |
| 9649c7ee | 560 | if (!bitmap) |
| 0fdf7a4c | 561 | return; |
| 0fdf7a4c | 562 | |
| cb475906 | 563 | count = ((pool->attr.stride >> pool->item_order) + BIT_PER_ULONG - 1) / BIT_PER_ULONG; |
| 0fdf7a4c OD |
564 | |
| 565 | /* Assert that all items in the pool were freed. */ | |
| 9649c7ee MD |
566 | for (size_t k = 0; k < count; ++k) |
| 567 | total_leaks += rseq_hweight_ulong(bitmap[k]); | |
| 568 | if (total_leaks) { | |
| ca452fee MD |
569 | fprintf(stderr, "%s: Pool \"%s\" (%p) has %zu leaked items on destroy, caller: %p.\n", |
| 570 | __func__, get_pool_name(pool), pool, total_leaks, (void *) __builtin_return_address(0)); | |
| 9649c7ee | 571 | abort(); |
| 0fdf7a4c OD |
572 | } |
| 573 | ||
| 574 | free(bitmap); | |
| a5694a4d | 575 | range->alloc_bitmap = NULL; |
| 0fdf7a4c OD |
576 | } |
| 577 | ||
| b73b0c25 MD |
578 | /* Always inline for __builtin_return_address(0). */ |
| 579 | static inline __attribute__((always_inline)) | |
| 0ba2a93e MD |
580 | int rseq_mempool_range_destroy(struct rseq_mempool *pool, |
| 581 | struct rseq_mempool_range *range) | |
| b73b0c25 MD |
582 | { |
| 583 | destroy_alloc_bitmap(pool, range); | |
| a5694a4d | 584 | |
| 5c99f3d6 | 585 | /* range is a header located one page before the aligned mapping. */ |
| 5cd72fc7 | 586 | return munmap(range->mmap_addr, range->mmap_len); |
| 5c99f3d6 MD |
587 | } |
| 588 | ||
| 589 | /* | |
| 590 | * Allocate a memory mapping aligned on @alignment, with an optional | |
| 591 | * @pre_header before the mapping. | |
| 592 | */ | |
| 593 | static | |
| 5cd72fc7 | 594 | void *aligned_mmap_anonymous(size_t page_size, size_t len, size_t alignment, |
| 5c99f3d6 MD |
595 | void **pre_header, size_t pre_header_len) |
| 596 | { | |
| 597 | size_t minimum_page_count, page_count, extra, total_allocate = 0; | |
| 598 | int page_order; | |
| 599 | void *ptr; | |
| 600 | ||
| 601 | if (len < page_size || alignment < page_size || | |
| b72b2d9e | 602 | !is_pow2(alignment) || (len & (alignment - 1))) { |
| 5c99f3d6 MD |
603 | errno = EINVAL; |
| 604 | return NULL; | |
| 605 | } | |
| 606 | page_order = rseq_get_count_order_ulong(page_size); | |
| 607 | if (page_order < 0) { | |
| 608 | errno = EINVAL; | |
| 609 | return NULL; | |
| 610 | } | |
| 611 | if (pre_header_len && (pre_header_len & (page_size - 1))) { | |
| 612 | errno = EINVAL; | |
| 613 | return NULL; | |
| 614 | } | |
| 615 | ||
| 616 | minimum_page_count = (pre_header_len + len) >> page_order; | |
| 617 | page_count = (pre_header_len + len + alignment - page_size) >> page_order; | |
| 618 | ||
| 619 | assert(page_count >= minimum_page_count); | |
| 620 | ||
| 5cd72fc7 MD |
621 | ptr = mmap(NULL, page_count << page_order, PROT_READ | PROT_WRITE, |
| 622 | MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); | |
| 623 | if (ptr == MAP_FAILED) { | |
| 624 | ptr = NULL; | |
| 5c99f3d6 | 625 | goto alloc_error; |
| 5cd72fc7 | 626 | } |
| 5c99f3d6 MD |
627 | |
| 628 | total_allocate = page_count << page_order; | |
| 629 | ||
| 630 | if (!(((uintptr_t) ptr + pre_header_len) & (alignment - 1))) { | |
| 631 | /* Pointer is already aligned. ptr points to pre_header. */ | |
| 632 | goto out; | |
| 633 | } | |
| 634 | ||
| 635 | /* Unmap extra before. */ | |
| 636 | extra = offset_align((uintptr_t) ptr + pre_header_len, alignment); | |
| 637 | assert(!(extra & (page_size - 1))); | |
| 5cd72fc7 | 638 | if (munmap(ptr, extra)) { |
| 5c99f3d6 MD |
639 | perror("munmap"); |
| 640 | abort(); | |
| 641 | } | |
| 642 | total_allocate -= extra; | |
| 643 | ptr += extra; /* ptr points to pre_header */ | |
| 644 | page_count -= extra >> page_order; | |
| 645 | out: | |
| 646 | assert(page_count >= minimum_page_count); | |
| 647 | ||
| 648 | if (page_count > minimum_page_count) { | |
| 649 | void *extra_ptr; | |
| 650 | ||
| 651 | /* Unmap extra after. */ | |
| 652 | extra_ptr = ptr + (minimum_page_count << page_order); | |
| 653 | extra = (page_count - minimum_page_count) << page_order; | |
| 5cd72fc7 | 654 | if (munmap(extra_ptr, extra)) { |
| 5c99f3d6 MD |
655 | perror("munmap"); |
| 656 | abort(); | |
| 657 | } | |
| 658 | total_allocate -= extra; | |
| 659 | } | |
| 660 | ||
| 661 | assert(!(((uintptr_t)ptr + pre_header_len) & (alignment - 1))); | |
| 662 | assert(total_allocate == len + pre_header_len); | |
| 663 | ||
| 664 | alloc_error: | |
| 665 | if (ptr) { | |
| 666 | if (pre_header) | |
| 667 | *pre_header = ptr; | |
| 668 | ptr += pre_header_len; | |
| 669 | } | |
| 670 | return ptr; | |
| b73b0c25 MD |
671 | } |
| 672 | ||
| a5694a4d | 673 | static |
| cc0413ab | 674 | int rseq_memfd_create_init(const char *poolname, size_t init_len) |
| a5694a4d | 675 | { |
| a10c1c93 | 676 | int fd; |
| cc0413ab OD |
677 | char buf[249]; /* Limit is 249 bytes. */ |
| 678 | const char *name; | |
| a10c1c93 | 679 | |
| cc0413ab OD |
680 | if (poolname) { |
| 681 | snprintf(buf, sizeof(buf), "%s:rseq-mempool", poolname); | |
| 682 | name = buf; | |
| 683 | } else { | |
| 684 | name = "<anonymous>:rseq-mempool"; | |
| 685 | } | |
| 686 | ||
| 687 | fd = memfd_create(name, MFD_CLOEXEC); | |
| a10c1c93 MD |
688 | if (fd < 0) { |
| 689 | perror("memfd_create"); | |
| 690 | goto end; | |
| a5694a4d | 691 | } |
| a10c1c93 | 692 | if (ftruncate(fd, (off_t) init_len)) { |
| 025165ad MD |
693 | if (close(fd)) |
| 694 | perror("close"); | |
| a10c1c93 MD |
695 | fd = -1; |
| 696 | goto end; | |
| 697 | } | |
| 698 | end: | |
| 699 | return fd; | |
| 700 | } | |
| 701 | ||
| 702 | static | |
| 703 | void rseq_memfd_close(int fd) | |
| 704 | { | |
| 025165ad MD |
705 | if (fd < 0) |
| 706 | return; | |
| a10c1c93 MD |
707 | if (close(fd)) |
| 708 | perror("close"); | |
| a5694a4d MD |
709 | } |
| 710 | ||
| b73b0c25 | 711 | static |
| 0ba2a93e | 712 | struct rseq_mempool_range *rseq_mempool_range_create(struct rseq_mempool *pool) |
| b73b0c25 | 713 | { |
| 0ba2a93e | 714 | struct rseq_mempool_range *range; |
| 5c99f3d6 | 715 | unsigned long page_size; |
| 4aa3220c | 716 | void *header; |
| b73b0c25 | 717 | void *base; |
| a5694a4d | 718 | size_t range_len; /* Range len excludes header. */ |
| 025165ad | 719 | int memfd = -1; |
| b73b0c25 | 720 | |
| e11a02d7 MD |
721 | if (pool->attr.max_nr_ranges && |
| 722 | pool->nr_ranges >= pool->attr.max_nr_ranges) { | |
| 9d986353 MD |
723 | errno = ENOMEM; |
| 724 | return NULL; | |
| 725 | } | |
| 5c99f3d6 | 726 | page_size = rseq_get_page_len(); |
| b73b0c25 | 727 | |
| a5694a4d | 728 | range_len = pool->attr.stride * pool->attr.max_nr_cpus; |
| 4e8ae59d | 729 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) |
| a5694a4d | 730 | range_len += pool->attr.stride; /* init values */ |
| c0de0012 MD |
731 | if (pool->attr.robust_set) |
| 732 | range_len += pool->attr.stride; /* free list */ | |
| 5cd72fc7 MD |
733 | base = aligned_mmap_anonymous(page_size, range_len, |
| 734 | pool->attr.stride, &header, page_size); | |
| b73b0c25 | 735 | if (!base) |
| 5c99f3d6 | 736 | return NULL; |
| 0ba2a93e | 737 | range = (struct rseq_mempool_range *) (base - RANGE_HEADER_OFFSET); |
| 5c99f3d6 | 738 | range->pool = pool; |
| 4aa3220c | 739 | range->header = header; |
| a5694a4d | 740 | range->base = base; |
| fa6a0fb3 | 741 | range->mmap_addr = header; |
| a5694a4d MD |
742 | range->mmap_len = page_size + range_len; |
| 743 | ||
| 4e8ae59d | 744 | if (pool->attr.populate_policy != RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL) { |
| a5694a4d MD |
745 | range->init = base + (pool->attr.stride * pool->attr.max_nr_cpus); |
| 746 | /* Populate init values pages from memfd */ | |
| cc0413ab | 747 | memfd = rseq_memfd_create_init(pool->name, pool->attr.stride); |
| a10c1c93 | 748 | if (memfd < 0) |
| a5694a4d MD |
749 | goto error_alloc; |
| 750 | if (mmap(range->init, pool->attr.stride, PROT_READ | PROT_WRITE, | |
| a10c1c93 | 751 | MAP_SHARED | MAP_FIXED, memfd, 0) != (void *) range->init) { |
| a5694a4d MD |
752 | goto error_alloc; |
| 753 | } | |
| 754 | assert(pool->attr.type == MEMPOOL_TYPE_PERCPU); | |
| 755 | /* | |
| 756 | * Map per-cpu memory as private COW mappings of init values. | |
| 757 | */ | |
| 758 | { | |
| 759 | int cpu; | |
| 760 | ||
| 761 | for (cpu = 0; cpu < pool->attr.max_nr_cpus; cpu++) { | |
| 762 | void *p = base + (pool->attr.stride * cpu); | |
| 763 | size_t len = pool->attr.stride; | |
| 764 | ||
| 765 | if (mmap(p, len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED, | |
| a10c1c93 | 766 | memfd, 0) != (void *) p) { |
| a5694a4d MD |
767 | goto error_alloc; |
| 768 | } | |
| 769 | } | |
| 770 | } | |
| bf7b01a3 MD |
771 | /* |
| 772 | * The init values shared mapping should not be shared | |
| 773 | * with the children processes across fork. Prevent the | |
| 774 | * whole mapping from being used across fork. | |
| 775 | */ | |
| 7b82798a | 776 | if (madvise(range->mmap_addr, range->mmap_len, MADV_DONTFORK)) |
| bf7b01a3 | 777 | goto error_alloc; |
| a10c1c93 | 778 | rseq_memfd_close(memfd); |
| 025165ad | 779 | memfd = -1; |
| a5694a4d MD |
780 | } |
| 781 | ||
| b73b0c25 MD |
782 | if (pool->attr.robust_set) { |
| 783 | if (create_alloc_bitmap(pool, range)) | |
| 784 | goto error_alloc; | |
| 785 | } | |
| 135811f2 | 786 | if (pool->attr.init_set) { |
| 374c2773 MD |
787 | switch (pool->attr.type) { |
| 788 | case MEMPOOL_TYPE_GLOBAL: | |
| 6e329183 | 789 | if (pool->attr.init_func(pool->attr.init_priv, |
| 374c2773 | 790 | base, pool->attr.stride, -1)) { |
| 6e329183 MD |
791 | goto error_alloc; |
| 792 | } | |
| 374c2773 MD |
793 | break; |
| 794 | case MEMPOOL_TYPE_PERCPU: | |
| 795 | { | |
| 796 | int cpu; | |
| 797 | for (cpu = 0; cpu < pool->attr.max_nr_cpus; cpu++) { | |
| 798 | if (pool->attr.init_func(pool->attr.init_priv, | |
| 799 | base + (pool->attr.stride * cpu), | |
| 800 | pool->attr.stride, cpu)) { | |
| 801 | goto error_alloc; | |
| 802 | } | |
| 803 | } | |
| 804 | break; | |
| 805 | } | |
| 806 | default: | |
| 807 | abort(); | |
| 135811f2 MD |
808 | } |
| 809 | } | |
| 9d986353 | 810 | pool->nr_ranges++; |
| b73b0c25 MD |
811 | return range; |
| 812 | ||
| 813 | error_alloc: | |
| 025165ad | 814 | rseq_memfd_close(memfd); |
| 0ba2a93e | 815 | (void) rseq_mempool_range_destroy(pool, range); |
| b73b0c25 MD |
816 | return NULL; |
| 817 | } | |
| 818 | ||
| 0ba2a93e | 819 | int rseq_mempool_destroy(struct rseq_mempool *pool) |
| 9649c7ee | 820 | { |
| 0ba2a93e | 821 | struct rseq_mempool_range *range, *next_range; |
| b73b0c25 | 822 | int ret = 0; |
| 9649c7ee | 823 | |
| f510ddc5 MD |
824 | if (!pool) |
| 825 | return 0; | |
| b73b0c25 | 826 | check_free_list(pool); |
| 6fbf1fb6 | 827 | check_pool_poison(pool); |
| b73b0c25 | 828 | /* Iteration safe against removal. */ |
| 9d986353 | 829 | for (range = pool->range_list; range && (next_range = range->next, 1); range = next_range) { |
| 0ba2a93e | 830 | if (rseq_mempool_range_destroy(pool, range)) |
| b73b0c25 MD |
831 | goto end; |
| 832 | /* Update list head to keep list coherent in case of partial failure. */ | |
| 9d986353 | 833 | pool->range_list = next_range; |
| b73b0c25 | 834 | } |
| 9649c7ee | 835 | pthread_mutex_destroy(&pool->lock); |
| ca452fee | 836 | free(pool->name); |
| eb8db04d | 837 | free(pool); |
| 9649c7ee | 838 | end: |
| b73b0c25 | 839 | return ret; |
| 9649c7ee MD |
840 | } |
| 841 | ||
| 0ba2a93e | 842 | struct rseq_mempool *rseq_mempool_create(const char *pool_name, |
| cb475906 | 843 | size_t item_len, const struct rseq_mempool_attr *_attr) |
| ef6695f1 | 844 | { |
| 0ba2a93e MD |
845 | struct rseq_mempool *pool; |
| 846 | struct rseq_mempool_attr attr = {}; | |
| ef6695f1 | 847 | int order; |
| ef6695f1 MD |
848 | |
| 849 | /* Make sure each item is large enough to contain free list pointers. */ | |
| 850 | if (item_len < sizeof(void *)) | |
| 851 | item_len = sizeof(void *); | |
| 852 | ||
| 853 | /* Align item_len on next power of two. */ | |
| 19be9217 | 854 | order = rseq_get_count_order_ulong(item_len); |
| ef6695f1 MD |
855 | if (order < 0) { |
| 856 | errno = EINVAL; | |
| 857 | return NULL; | |
| 858 | } | |
| 859 | item_len = 1UL << order; | |
| 860 | ||
| a82006d0 MD |
861 | if (_attr) |
| 862 | memcpy(&attr, _attr, sizeof(attr)); | |
| a82006d0 | 863 | |
| cb475906 MD |
864 | switch (attr.type) { |
| 865 | case MEMPOOL_TYPE_PERCPU: | |
| 866 | if (attr.max_nr_cpus < 0) { | |
| 867 | errno = EINVAL; | |
| 868 | return NULL; | |
| 869 | } | |
| 870 | if (attr.max_nr_cpus == 0) { | |
| 871 | /* Auto-detect */ | |
| 47c725dd | 872 | attr.max_nr_cpus = rseq_get_max_nr_cpus(); |
| cb475906 MD |
873 | if (attr.max_nr_cpus == 0) { |
| 874 | errno = EINVAL; | |
| 875 | return NULL; | |
| 876 | } | |
| 877 | } | |
| 878 | break; | |
| 879 | case MEMPOOL_TYPE_GLOBAL: | |
| a5694a4d | 880 | /* Override populate policy for global type. */ |
| 4e8ae59d MD |
881 | if (attr.populate_policy == RSEQ_MEMPOOL_POPULATE_PRIVATE_NONE) |
| 882 | attr.populate_policy = RSEQ_MEMPOOL_POPULATE_PRIVATE_ALL; | |
| 89b7e681 MD |
883 | /* Use a 1-cpu pool for global mempool type. */ |
| 884 | attr.max_nr_cpus = 1; | |
| cb475906 MD |
885 | break; |
| 886 | } | |
| 887 | if (!attr.stride) | |
| 888 | attr.stride = RSEQ_MEMPOOL_STRIDE; /* Use default */ | |
| 3975084e MD |
889 | if (attr.robust_set && !attr.poison_set) { |
| 890 | attr.poison_set = true; | |
| dbccd436 | 891 | attr.poison = DEFAULT_PRIVATE_POISON_VALUE; |
| 3975084e | 892 | } |
| cb475906 MD |
893 | if (item_len > attr.stride || attr.stride < (size_t) rseq_get_page_len() || |
| 894 | !is_pow2(attr.stride)) { | |
| 895 | errno = EINVAL; | |
| 896 | return NULL; | |
| 897 | } | |
| 898 | ||
| 0ba2a93e | 899 | pool = calloc(1, sizeof(struct rseq_mempool)); |
| bc510b60 MD |
900 | if (!pool) |
| 901 | return NULL; | |
| ef6695f1 | 902 | |
| b73b0c25 | 903 | memcpy(&pool->attr, &attr, sizeof(attr)); |
| ef6695f1 | 904 | pthread_mutex_init(&pool->lock, NULL); |
| ef6695f1 MD |
905 | pool->item_len = item_len; |
| 906 | pool->item_order = order; | |
| b73b0c25 | 907 | |
| 9d986353 MD |
908 | pool->range_list = rseq_mempool_range_create(pool); |
| 909 | if (!pool->range_list) | |
| b73b0c25 | 910 | goto error_alloc; |
| 0fdf7a4c | 911 | |
| ca452fee MD |
912 | if (pool_name) { |
| 913 | pool->name = strdup(pool_name); | |
| 914 | if (!pool->name) | |
| 915 | goto error_alloc; | |
| 916 | } | |
| ef6695f1 | 917 | return pool; |
| ef6695f1 | 918 | |
| 9649c7ee | 919 | error_alloc: |
| 0ba2a93e | 920 | rseq_mempool_destroy(pool); |
| 9649c7ee MD |
921 | errno = ENOMEM; |
| 922 | return NULL; | |
| ef6695f1 MD |
923 | } |
| 924 | ||
| e7cbbc10 MD |
925 | /* Always inline for __builtin_return_address(0). */ |
| 926 | static inline __attribute__((always_inline)) | |
| 9d986353 | 927 | void set_alloc_slot(struct rseq_mempool *pool, struct rseq_mempool_range *range, size_t item_offset) |
| 0fdf7a4c | 928 | { |
| 9d986353 | 929 | unsigned long *bitmap = range->alloc_bitmap; |
| 9649c7ee | 930 | size_t item_index = item_offset >> pool->item_order; |
| 0fdf7a4c OD |
931 | unsigned long mask; |
| 932 | size_t k; | |
| 933 | ||
| 9649c7ee | 934 | if (!bitmap) |
| 0fdf7a4c | 935 | return; |
| 0fdf7a4c | 936 | |
| 9649c7ee | 937 | k = item_index / BIT_PER_ULONG; |
| 0fdf7a4c OD |
938 | mask = 1ULL << (item_index % BIT_PER_ULONG); |
| 939 | ||
| 9649c7ee MD |
940 | /* Print error if bit is already set. */ |
| 941 | if (bitmap[k] & mask) { | |
| ca452fee MD |
942 | fprintf(stderr, "%s: Allocator corruption detected for pool: \"%s\" (%p), item offset: %zu, caller: %p.\n", |
| 943 | __func__, get_pool_name(pool), pool, item_offset, (void *) __builtin_return_address(0)); | |
| 9649c7ee MD |
944 | abort(); |
| 945 | } | |
| 0fdf7a4c OD |
946 | bitmap[k] |= mask; |
| 947 | } | |
| 948 | ||
| ef6695f1 | 949 | static |
| 6ff43d9a MD |
950 | void __rseq_percpu *__rseq_percpu_malloc(struct rseq_mempool *pool, |
| 951 | bool zeroed, void *init_ptr, size_t init_len) | |
| ef6695f1 | 952 | { |
| 9d986353 | 953 | struct rseq_mempool_range *range; |
| ef6695f1 MD |
954 | struct free_list_node *node; |
| 955 | uintptr_t item_offset; | |
| d24ee051 | 956 | void __rseq_percpu *addr; |
| ef6695f1 | 957 | |
| 6ff43d9a MD |
958 | if (init_len > pool->item_len) { |
| 959 | errno = EINVAL; | |
| 960 | return NULL; | |
| 961 | } | |
| ef6695f1 MD |
962 | pthread_mutex_lock(&pool->lock); |
| 963 | /* Get first entry from free list. */ | |
| 964 | node = pool->free_list_head; | |
| 965 | if (node != NULL) { | |
| a5694a4d | 966 | void *range_base, *ptr; |
| 9d986353 | 967 | |
| a5694a4d MD |
968 | ptr = __rseq_free_list_to_percpu_ptr(pool, node); |
| 969 | range_base = (void *) ((uintptr_t) ptr & (~(pool->attr.stride - 1))); | |
| 9d986353 | 970 | range = (struct rseq_mempool_range *) (range_base - RANGE_HEADER_OFFSET); |
| ef6695f1 MD |
971 | /* Remove node from free list (update head). */ |
| 972 | pool->free_list_head = node->next; | |
| a5694a4d | 973 | item_offset = (uintptr_t) (ptr - range_base); |
| 86617384 | 974 | rseq_percpu_check_poison_item(pool, range, item_offset); |
| a5694a4d | 975 | addr = __rseq_free_list_to_percpu_ptr(pool, node); |
| ef6695f1 MD |
976 | goto end; |
| 977 | } | |
| 9d986353 MD |
978 | /* |
| 979 | * If the most recent range (first in list) does not have any | |
| 980 | * room left, create a new range and prepend it to the list | |
| 981 | * head. | |
| 982 | */ | |
| 983 | range = pool->range_list; | |
| 984 | if (range->next_unused + pool->item_len > pool->attr.stride) { | |
| 985 | range = rseq_mempool_range_create(pool); | |
| 986 | if (!range) { | |
| 987 | errno = ENOMEM; | |
| 988 | addr = NULL; | |
| 989 | goto end; | |
| 990 | } | |
| 991 | /* Add range to head of list. */ | |
| 992 | range->next = pool->range_list; | |
| 993 | pool->range_list = range; | |
| ef6695f1 | 994 | } |
| 9d986353 MD |
995 | /* First range in list has room left. */ |
| 996 | item_offset = range->next_unused; | |
| 997 | addr = (void __rseq_percpu *) (range->base + item_offset); | |
| 998 | range->next_unused += pool->item_len; | |
| ef6695f1 | 999 | end: |
| 8f28507f | 1000 | if (addr) |
| 9d986353 | 1001 | set_alloc_slot(pool, range, item_offset); |
| ef6695f1 | 1002 | pthread_mutex_unlock(&pool->lock); |
| 6ff43d9a MD |
1003 | if (addr) { |
| 1004 | if (zeroed) | |
| 1005 | rseq_percpu_zero_item(pool, range, item_offset); | |
| 1006 | else if (init_ptr) { | |
| 1007 | rseq_percpu_init_item(pool, range, item_offset, | |
| 1008 | init_ptr, init_len); | |
| 1009 | } | |
| 1010 | } | |
| ef6695f1 MD |
1011 | return addr; |
| 1012 | } | |
| 1013 | ||
| 15da5c27 | 1014 | void __rseq_percpu *rseq_mempool_percpu_malloc(struct rseq_mempool *pool) |
| ef6695f1 | 1015 | { |
| 6ff43d9a | 1016 | return __rseq_percpu_malloc(pool, false, NULL, 0); |
| ef6695f1 MD |
1017 | } |
| 1018 | ||
| 15da5c27 | 1019 | void __rseq_percpu *rseq_mempool_percpu_zmalloc(struct rseq_mempool *pool) |
| ef6695f1 | 1020 | { |
| 6ff43d9a MD |
1021 | return __rseq_percpu_malloc(pool, true, NULL, 0); |
| 1022 | } | |
| 1023 | ||
| 1024 | void __rseq_percpu *rseq_mempool_percpu_malloc_init(struct rseq_mempool *pool, | |
| 1025 | void *init_ptr, size_t len) | |
| 1026 | { | |
| 1027 | return __rseq_percpu_malloc(pool, false, init_ptr, len); | |
| ef6695f1 MD |
1028 | } |
| 1029 | ||
| e7cbbc10 MD |
1030 | /* Always inline for __builtin_return_address(0). */ |
| 1031 | static inline __attribute__((always_inline)) | |
| 9d986353 | 1032 | void clear_alloc_slot(struct rseq_mempool *pool, struct rseq_mempool_range *range, size_t item_offset) |
| 0fdf7a4c | 1033 | { |
| 9d986353 | 1034 | unsigned long *bitmap = range->alloc_bitmap; |
| 9649c7ee | 1035 | size_t item_index = item_offset >> pool->item_order; |
| 0fdf7a4c OD |
1036 | unsigned long mask; |
| 1037 | size_t k; | |
| 1038 | ||
| 9649c7ee | 1039 | if (!bitmap) |
| 0fdf7a4c | 1040 | return; |
| 0fdf7a4c | 1041 | |
| 9649c7ee MD |
1042 | k = item_index / BIT_PER_ULONG; |
| 1043 | mask = 1ULL << (item_index % BIT_PER_ULONG); | |
| 0fdf7a4c | 1044 | |
| 9649c7ee MD |
1045 | /* Print error if bit is not set. */ |
| 1046 | if (!(bitmap[k] & mask)) { | |
| ca452fee MD |
1047 | fprintf(stderr, "%s: Double-free detected for pool: \"%s\" (%p), item offset: %zu, caller: %p.\n", |
| 1048 | __func__, get_pool_name(pool), pool, item_offset, | |
| 1049 | (void *) __builtin_return_address(0)); | |
| 9649c7ee MD |
1050 | abort(); |
| 1051 | } | |
| 0fdf7a4c OD |
1052 | bitmap[k] &= ~mask; |
| 1053 | } | |
| 1054 | ||
| cb475906 | 1055 | void librseq_mempool_percpu_free(void __rseq_percpu *_ptr, size_t stride) |
| ef6695f1 MD |
1056 | { |
| 1057 | uintptr_t ptr = (uintptr_t) _ptr; | |
| cb475906 | 1058 | void *range_base = (void *) (ptr & (~(stride - 1))); |
| 0ba2a93e MD |
1059 | struct rseq_mempool_range *range = (struct rseq_mempool_range *) (range_base - RANGE_HEADER_OFFSET); |
| 1060 | struct rseq_mempool *pool = range->pool; | |
| cb475906 | 1061 | uintptr_t item_offset = ptr & (stride - 1); |
| ef6695f1 MD |
1062 | struct free_list_node *head, *item; |
| 1063 | ||
| 1064 | pthread_mutex_lock(&pool->lock); | |
| 9d986353 | 1065 | clear_alloc_slot(pool, range, item_offset); |
| ef6695f1 MD |
1066 | /* Add ptr to head of free list */ |
| 1067 | head = pool->free_list_head; | |
| 455e090e MD |
1068 | if (pool->attr.poison_set) |
| 1069 | rseq_percpu_poison_item(pool, range, item_offset); | |
| a5694a4d | 1070 | item = __rseq_percpu_to_free_list_ptr(pool, _ptr); |
| 455e090e MD |
1071 | /* |
| 1072 | * Setting the next pointer will overwrite the first uintptr_t | |
| a5694a4d MD |
1073 | * poison for either CPU 0 (populate all) or init data (populate |
| 1074 | * none). | |
| 455e090e | 1075 | */ |
| ef6695f1 MD |
1076 | item->next = head; |
| 1077 | pool->free_list_head = item; | |
| 1078 | pthread_mutex_unlock(&pool->lock); | |
| 1079 | } | |
| 1080 | ||
| 0ba2a93e | 1081 | struct rseq_mempool_set *rseq_mempool_set_create(void) |
| ef6695f1 | 1082 | { |
| 0ba2a93e | 1083 | struct rseq_mempool_set *pool_set; |
| ef6695f1 | 1084 | |
| 0ba2a93e | 1085 | pool_set = calloc(1, sizeof(struct rseq_mempool_set)); |
| ef6695f1 MD |
1086 | if (!pool_set) |
| 1087 | return NULL; | |
| 1088 | pthread_mutex_init(&pool_set->lock, NULL); | |
| 1089 | return pool_set; | |
| 1090 | } | |
| 1091 | ||
| 0ba2a93e | 1092 | int rseq_mempool_set_destroy(struct rseq_mempool_set *pool_set) |
| ef6695f1 MD |
1093 | { |
| 1094 | int order, ret; | |
| 1095 | ||
| 1096 | for (order = POOL_SET_MIN_ENTRY; order < POOL_SET_NR_ENTRIES; order++) { | |
| 0ba2a93e | 1097 | struct rseq_mempool *pool = pool_set->entries[order]; |
| ef6695f1 MD |
1098 | |
| 1099 | if (!pool) | |
| 1100 | continue; | |
| 0ba2a93e | 1101 | ret = rseq_mempool_destroy(pool); |
| ef6695f1 MD |
1102 | if (ret) |
| 1103 | return ret; | |
| 1104 | pool_set->entries[order] = NULL; | |
| 1105 | } | |
| 1106 | pthread_mutex_destroy(&pool_set->lock); | |
| 1107 | free(pool_set); | |
| 1108 | return 0; | |
| 1109 | } | |
| 1110 | ||
| 1111 | /* Ownership of pool is handed over to pool set on success. */ | |
| 0ba2a93e | 1112 | int rseq_mempool_set_add_pool(struct rseq_mempool_set *pool_set, struct rseq_mempool *pool) |
| ef6695f1 MD |
1113 | { |
| 1114 | size_t item_order = pool->item_order; | |
| 1115 | int ret = 0; | |
| 1116 | ||
| 1117 | pthread_mutex_lock(&pool_set->lock); | |
| 1118 | if (pool_set->entries[item_order]) { | |
| 1119 | errno = EBUSY; | |
| 1120 | ret = -1; | |
| 1121 | goto end; | |
| 1122 | } | |
| 1123 | pool_set->entries[pool->item_order] = pool; | |
| 1124 | end: | |
| 1125 | pthread_mutex_unlock(&pool_set->lock); | |
| 1126 | return ret; | |
| 1127 | } | |
| 1128 | ||
| 1129 | static | |
| 6ff43d9a MD |
1130 | void __rseq_percpu *__rseq_mempool_set_malloc(struct rseq_mempool_set *pool_set, |
| 1131 | void *init_ptr, size_t len, bool zeroed) | |
| ef6695f1 MD |
1132 | { |
| 1133 | int order, min_order = POOL_SET_MIN_ENTRY; | |
| 0ba2a93e | 1134 | struct rseq_mempool *pool; |
| d24ee051 | 1135 | void __rseq_percpu *addr; |
| ef6695f1 | 1136 | |
| d06f5cf5 MD |
1137 | order = rseq_get_count_order_ulong(len); |
| 1138 | if (order > POOL_SET_MIN_ENTRY) | |
| 1139 | min_order = order; | |
| ef6695f1 MD |
1140 | again: |
| 1141 | pthread_mutex_lock(&pool_set->lock); | |
| 1142 | /* First smallest present pool where @len fits. */ | |
| 1143 | for (order = min_order; order < POOL_SET_NR_ENTRIES; order++) { | |
| 1144 | pool = pool_set->entries[order]; | |
| 1145 | ||
| 1146 | if (!pool) | |
| 1147 | continue; | |
| 1148 | if (pool->item_len >= len) | |
| 1149 | goto found; | |
| 1150 | } | |
| 1151 | pool = NULL; | |
| 1152 | found: | |
| 1153 | pthread_mutex_unlock(&pool_set->lock); | |
| 1154 | if (pool) { | |
| 6ff43d9a | 1155 | addr = __rseq_percpu_malloc(pool, zeroed, init_ptr, len); |
| ef6695f1 MD |
1156 | if (addr == NULL && errno == ENOMEM) { |
| 1157 | /* | |
| 1158 | * If the allocation failed, try again with a | |
| 1159 | * larger pool. | |
| 1160 | */ | |
| 1161 | min_order = order + 1; | |
| 1162 | goto again; | |
| 1163 | } | |
| 1164 | } else { | |
| 1165 | /* Not found. */ | |
| 1166 | errno = ENOMEM; | |
| 1167 | addr = NULL; | |
| 1168 | } | |
| 1169 | return addr; | |
| 1170 | } | |
| 1171 | ||
| 15da5c27 | 1172 | void __rseq_percpu *rseq_mempool_set_percpu_malloc(struct rseq_mempool_set *pool_set, size_t len) |
| ef6695f1 | 1173 | { |
| 6ff43d9a | 1174 | return __rseq_mempool_set_malloc(pool_set, NULL, len, false); |
| ef6695f1 MD |
1175 | } |
| 1176 | ||
| 15da5c27 | 1177 | void __rseq_percpu *rseq_mempool_set_percpu_zmalloc(struct rseq_mempool_set *pool_set, size_t len) |
| ef6695f1 | 1178 | { |
| 6ff43d9a MD |
1179 | return __rseq_mempool_set_malloc(pool_set, NULL, len, true); |
| 1180 | } | |
| 1181 | ||
| 1182 | void __rseq_percpu *rseq_mempool_set_percpu_malloc_init(struct rseq_mempool_set *pool_set, | |
| 1183 | void *init_ptr, size_t len) | |
| 1184 | { | |
| 1185 | return __rseq_mempool_set_malloc(pool_set, init_ptr, len, true); | |
| ef6695f1 | 1186 | } |
| 9bd07c29 | 1187 | |
| 0ba2a93e | 1188 | struct rseq_mempool_attr *rseq_mempool_attr_create(void) |
| a82006d0 | 1189 | { |
| 0ba2a93e | 1190 | return calloc(1, sizeof(struct rseq_mempool_attr)); |
| a82006d0 MD |
1191 | } |
| 1192 | ||
| 0ba2a93e | 1193 | void rseq_mempool_attr_destroy(struct rseq_mempool_attr *attr) |
| a82006d0 MD |
1194 | { |
| 1195 | free(attr); | |
| 1196 | } | |
| 1197 | ||
| 135811f2 | 1198 | int rseq_mempool_attr_set_init(struct rseq_mempool_attr *attr, |
| 6e329183 | 1199 | int (*init_func)(void *priv, void *addr, size_t len, int cpu), |
| 135811f2 MD |
1200 | void *init_priv) |
| 1201 | { | |
| 1202 | if (!attr) { | |
| 1203 | errno = EINVAL; | |
| 1204 | return -1; | |
| 1205 | } | |
| 1206 | attr->init_set = true; | |
| 1207 | attr->init_func = init_func; | |
| 1208 | attr->init_priv = init_priv; | |
| 1209 | return 0; | |
| 1210 | } | |
| 1211 | ||
| 0ba2a93e | 1212 | int rseq_mempool_attr_set_robust(struct rseq_mempool_attr *attr) |
| d6acc8aa MD |
1213 | { |
| 1214 | if (!attr) { | |
| 1215 | errno = EINVAL; | |
| 1216 | return -1; | |
| 1217 | } | |
| 1218 | attr->robust_set = true; | |
| 1219 | return 0; | |
| 1220 | } | |
| cb475906 MD |
1221 | |
| 1222 | int rseq_mempool_attr_set_percpu(struct rseq_mempool_attr *attr, | |
| 1223 | size_t stride, int max_nr_cpus) | |
| 1224 | { | |
| 1225 | if (!attr) { | |
| 1226 | errno = EINVAL; | |
| 1227 | return -1; | |
| 1228 | } | |
| 1229 | attr->type = MEMPOOL_TYPE_PERCPU; | |
| 1230 | attr->stride = stride; | |
| 1231 | attr->max_nr_cpus = max_nr_cpus; | |
| 1232 | return 0; | |
| 1233 | } | |
| 1234 | ||
| 1235 | int rseq_mempool_attr_set_global(struct rseq_mempool_attr *attr, | |
| 1236 | size_t stride) | |
| 1237 | { | |
| 1238 | if (!attr) { | |
| 1239 | errno = EINVAL; | |
| 1240 | return -1; | |
| 1241 | } | |
| 1242 | attr->type = MEMPOOL_TYPE_GLOBAL; | |
| 1243 | attr->stride = stride; | |
| 89b7e681 | 1244 | attr->max_nr_cpus = 0; |
| cb475906 MD |
1245 | return 0; |
| 1246 | } | |
| 6037d364 | 1247 | |
| e11a02d7 MD |
1248 | int rseq_mempool_attr_set_max_nr_ranges(struct rseq_mempool_attr *attr, |
| 1249 | unsigned long max_nr_ranges) | |
| 1250 | { | |
| 1251 | if (!attr) { | |
| 1252 | errno = EINVAL; | |
| 1253 | return -1; | |
| 1254 | } | |
| 1255 | attr->max_nr_ranges = max_nr_ranges; | |
| 1256 | return 0; | |
| 1257 | } | |
| 1258 | ||
| 455e090e MD |
1259 | int rseq_mempool_attr_set_poison(struct rseq_mempool_attr *attr, |
| 1260 | uintptr_t poison) | |
| 1261 | { | |
| 1262 | if (!attr) { | |
| 1263 | errno = EINVAL; | |
| 1264 | return -1; | |
| 1265 | } | |
| 1266 | attr->poison_set = true; | |
| 1267 | attr->poison = poison; | |
| 1268 | return 0; | |
| 1269 | } | |
| 1270 | ||
| a5694a4d MD |
1271 | int rseq_mempool_attr_set_populate_policy(struct rseq_mempool_attr *attr, |
| 1272 | enum rseq_mempool_populate_policy policy) | |
| 1273 | { | |
| 1274 | if (!attr) { | |
| 1275 | errno = EINVAL; | |
| 1276 | return -1; | |
| 1277 | } | |
| 1278 | attr->populate_policy = policy; | |
| 1279 | return 0; | |
| 1280 | } | |
| 1281 | ||
| 6037d364 MD |
1282 | int rseq_mempool_get_max_nr_cpus(struct rseq_mempool *mempool) |
| 1283 | { | |
| 1284 | if (!mempool || mempool->attr.type != MEMPOOL_TYPE_PERCPU) { | |
| 1285 | errno = EINVAL; | |
| 1286 | return -1; | |
| 1287 | } | |
| 1288 | return mempool->attr.max_nr_cpus; | |
| 1289 | } |