diff options
author | mdf <mdf@FreeBSD.org> | 2010-08-11 22:10:37 +0000 |
---|---|---|
committer | mdf <mdf@FreeBSD.org> | 2010-08-11 22:10:37 +0000 |
commit | 0737955344e4f99aa4ecd858ef6e507e591db2a7 (patch) | |
tree | de9dacb02fad4c45fd9ea45f38dd4fedbb294977 /sys/vm/memguard.h | |
parent | d548943ae909fff2cc91f964186d557895e14bab (diff) | |
download | FreeBSD-src-0737955344e4f99aa4ecd858ef6e507e591db2a7.zip FreeBSD-src-0737955344e4f99aa4ecd858ef6e507e591db2a7.tar.gz |
Rework memguard(9) to reserve significantly more KVA to detect
use-after-free over a longer time. Also release the backing pages of
a guarded allocation at free(9) time to reduce the overhead of using
memguard(9). Allow setting and varying the malloc type at run-time.
Add knobs to allow:
- randomly guarding memory
- adding un-backed KVA guard pages to detect underflow and overflow
- a lower limit on the size of allocations that are guarded
Reviewed by: alc
Reviewed by: brueffer, Ulrich Spörlein <uqs spoerlein net> (man page)
Silence from: -arch
Approved by: zml (mentor)
MFC after: 1 month
Diffstat (limited to 'sys/vm/memguard.h')
-rw-r--r-- | sys/vm/memguard.h | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/sys/vm/memguard.h b/sys/vm/memguard.h index cabcc0a..55ffec9 100644 --- a/sys/vm/memguard.h +++ b/sys/vm/memguard.h @@ -26,9 +26,20 @@ * $FreeBSD$ */ -extern u_int vm_memguard_divisor; +#include "opt_vm.h" -void memguard_init(vm_map_t parent_map, unsigned long size); -void *memguard_alloc(unsigned long size, int flags); -void memguard_free(void *addr); -int memguard_cmp(struct malloc_type *mtp); +#ifdef DEBUG_MEMGUARD +unsigned long memguard_fudge(unsigned long, unsigned long); +void memguard_init(struct vm_map *); +void *memguard_alloc(unsigned long, int); +void memguard_free(void *); +int memguard_cmp(struct malloc_type *, unsigned long); +int is_memguard_addr(void *); +#else +#define memguard_fudge(size, xxx) (size) +#define memguard_init(map) do { } while (0) +#define memguard_alloc(size, flags) NULL +#define memguard_free(addr) do { } while (0) +#define memguard_cmp(mtp, size) 0 +#define is_memguard_addr(addr) 0 +#endif |