diff options
author | markj <markj@FreeBSD.org> | 2016-06-01 22:31:35 +0000 |
---|---|---|
committer | markj <markj@FreeBSD.org> | 2016-06-01 22:31:35 +0000 |
commit | cbe30ba7a3ab0644b59a730b8023d63c93b5fa02 (patch) | |
tree | 377be4f753eced4ab7e03be1e032ee3e1c8843a1 /sys/vm/uma_core.c | |
parent | 10478a3feb7f1a3aedf6ef9f8967caf7f0ff1c38 (diff) | |
download | FreeBSD-src-cbe30ba7a3ab0644b59a730b8023d63c93b5fa02.zip FreeBSD-src-cbe30ba7a3ab0644b59a730b8023d63c93b5fa02.tar.gz |
Fix memguard(9) in kernels with INVARIANTS enabled.
With r284861, UMA zones use the trash ctor and dtor by default. This is
incompatible with memguard, which frees the backing page when the item
is freed. Modify the UMA debug functions to be no-ops if the item was
allocated from memguard. This also fixes constructors such as
mb_ctor_pack(), which invokes the trash ctor in addition to performing
some initialization.
Reviewed by: glebius
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D6562
Diffstat (limited to 'sys/vm/uma_core.c')
-rw-r--r-- | sys/vm/uma_core.c | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c index bcc895e..0a56c55 100644 --- a/sys/vm/uma_core.c +++ b/sys/vm/uma_core.c @@ -2112,16 +2112,10 @@ uma_zalloc_arg(uma_zone_t zone, void *udata, int flags) if (memguard_cmp_zone(zone)) { item = memguard_alloc(zone->uz_size, flags); if (item != NULL) { - /* - * Avoid conflict with the use-after-free - * protecting infrastructure from INVARIANTS. - */ if (zone->uz_init != NULL && - zone->uz_init != mtrash_init && zone->uz_init(item, zone->uz_size, flags) != 0) return (NULL); if (zone->uz_ctor != NULL && - zone->uz_ctor != mtrash_ctor && zone->uz_ctor(item, zone->uz_size, udata, flags) != 0) { zone->uz_fini(item, zone->uz_size); @@ -2655,9 +2649,9 @@ uma_zfree_arg(uma_zone_t zone, void *item, void *udata) return; #ifdef DEBUG_MEMGUARD if (is_memguard_addr(item)) { - if (zone->uz_dtor != NULL && zone->uz_dtor != mtrash_dtor) + if (zone->uz_dtor != NULL) zone->uz_dtor(item, zone->uz_size, udata); - if (zone->uz_fini != NULL && zone->uz_fini != mtrash_fini) + if (zone->uz_fini != NULL) zone->uz_fini(item, zone->uz_size); memguard_free(item); return; |