Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
039363f3 CL |
2 | /* |
3 | * Slab allocator functions that are independent of the allocator strategy | |
4 | * | |
5 | * (C) 2012 Christoph Lameter <cl@linux.com> | |
6 | */ | |
7 | #include <linux/slab.h> | |
8 | ||
9 | #include <linux/mm.h> | |
10 | #include <linux/poison.h> | |
11 | #include <linux/interrupt.h> | |
12 | #include <linux/memory.h> | |
1c99ba29 | 13 | #include <linux/cache.h> |
039363f3 | 14 | #include <linux/compiler.h> |
d3fb45f3 | 15 | #include <linux/kfence.h> |
039363f3 | 16 | #include <linux/module.h> |
20cea968 CL |
17 | #include <linux/cpu.h> |
18 | #include <linux/uaccess.h> | |
b7454ad3 | 19 | #include <linux/seq_file.h> |
963e84b0 | 20 | #include <linux/dma-mapping.h> |
b035f5a6 | 21 | #include <linux/swiotlb.h> |
b7454ad3 | 22 | #include <linux/proc_fs.h> |
fcf8a1e4 | 23 | #include <linux/debugfs.h> |
6011be59 | 24 | #include <linux/kmemleak.h> |
e86f8b09 | 25 | #include <linux/kasan.h> |
039363f3 CL |
26 | #include <asm/cacheflush.h> |
27 | #include <asm/tlbflush.h> | |
28 | #include <asm/page.h> | |
2633d7a0 | 29 | #include <linux/memcontrol.h> |
5cf909c5 | 30 | #include <linux/stackdepot.h> |
928cec9c | 31 | |
44405099 | 32 | #include "internal.h" |
97d06609 CL |
33 | #include "slab.h" |
34 | ||
b347aa7b VA |
35 | #define CREATE_TRACE_POINTS |
36 | #include <trace/events/kmem.h> | |
37 | ||
97d06609 | 38 | enum slab_state slab_state; |
18004c5d CL |
39 | LIST_HEAD(slab_caches); |
40 | DEFINE_MUTEX(slab_mutex); | |
9b030cb8 | 41 | struct kmem_cache *kmem_cache; |
97d06609 | 42 | |
657dc2f9 TH |
43 | static LIST_HEAD(slab_caches_to_rcu_destroy); |
44 | static void slab_caches_to_rcu_destroy_workfn(struct work_struct *work); | |
45 | static DECLARE_WORK(slab_caches_to_rcu_destroy_work, | |
46 | slab_caches_to_rcu_destroy_workfn); | |
47 | ||
423c929c JK |
48 | /* |
49 | * Set of flags that will prevent slab merging | |
50 | */ | |
51 | #define SLAB_NEVER_MERGE (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \ | |
5f0d5a3a | 52 | SLAB_TRACE | SLAB_TYPESAFE_BY_RCU | SLAB_NOLEAKTRACE | \ |
96d8dbb6 | 53 | SLAB_FAILSLAB | SLAB_NO_MERGE) |
423c929c | 54 | |
230e9fc2 | 55 | #define SLAB_MERGE_SAME (SLAB_RECLAIM_ACCOUNT | SLAB_CACHE_DMA | \ |
6d6ea1e9 | 56 | SLAB_CACHE_DMA32 | SLAB_ACCOUNT) |
423c929c JK |
57 | |
58 | /* | |
59 | * Merge control. If this is set then no merging of slab caches will occur. | |
423c929c | 60 | */ |
7660a6fd | 61 | static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); |
423c929c JK |
62 | |
63 | static int __init setup_slab_nomerge(char *str) | |
64 | { | |
7660a6fd | 65 | slab_nomerge = true; |
423c929c JK |
66 | return 1; |
67 | } | |
68 | ||
82edd9d5 RA |
69 | static int __init setup_slab_merge(char *str) |
70 | { | |
71 | slab_nomerge = false; | |
72 | return 1; | |
73 | } | |
74 | ||
423c929c | 75 | __setup_param("slub_nomerge", slub_nomerge, setup_slab_nomerge, 0); |
82edd9d5 | 76 | __setup_param("slub_merge", slub_merge, setup_slab_merge, 0); |
423c929c JK |
77 | |
78 | __setup("slab_nomerge", setup_slab_nomerge); | |
82edd9d5 | 79 | __setup("slab_merge", setup_slab_merge); |
423c929c | 80 | |
07f361b2 JK |
81 | /* |
82 | * Determine the size of a slab object | |
83 | */ | |
84 | unsigned int kmem_cache_size(struct kmem_cache *s) | |
85 | { | |
86 | return s->object_size; | |
87 | } | |
88 | EXPORT_SYMBOL(kmem_cache_size); | |
89 | ||
77be4b13 | 90 | #ifdef CONFIG_DEBUG_VM |
f4957d5b | 91 | static int kmem_cache_sanity_check(const char *name, unsigned int size) |
039363f3 | 92 | { |
74c1d3e0 | 93 | if (!name || in_interrupt() || size > KMALLOC_MAX_SIZE) { |
77be4b13 SK |
94 | pr_err("kmem_cache_create(%s) integrity check failed\n", name); |
95 | return -EINVAL; | |
039363f3 | 96 | } |
b920536a | 97 | |
20cea968 | 98 | WARN_ON(strchr(name, ' ')); /* It confuses parsers */ |
77be4b13 SK |
99 | return 0; |
100 | } | |
101 | #else | |
f4957d5b | 102 | static inline int kmem_cache_sanity_check(const char *name, unsigned int size) |
77be4b13 SK |
103 | { |
104 | return 0; | |
105 | } | |
20cea968 CL |
106 | #endif |
107 | ||
692ae74a BL |
108 | /* |
109 | * Figure out what the alignment of the objects will be given a set of | |
110 | * flags, a user specified alignment and the size of the objects. | |
111 | */ | |
f4957d5b AD |
112 | static unsigned int calculate_alignment(slab_flags_t flags, |
113 | unsigned int align, unsigned int size) | |
692ae74a BL |
114 | { |
115 | /* | |
116 | * If the user wants hardware cache aligned objects then follow that | |
117 | * suggestion if the object is sufficiently large. | |
118 | * | |
119 | * The hardware cache alignment cannot override the specified | |
120 | * alignment though. If that is greater then use it. | |
121 | */ | |
122 | if (flags & SLAB_HWCACHE_ALIGN) { | |
f4957d5b | 123 | unsigned int ralign; |
692ae74a BL |
124 | |
125 | ralign = cache_line_size(); | |
126 | while (size <= ralign / 2) | |
127 | ralign /= 2; | |
128 | align = max(align, ralign); | |
129 | } | |
130 | ||
d949a815 | 131 | align = max(align, arch_slab_minalign()); |
692ae74a BL |
132 | |
133 | return ALIGN(align, sizeof(void *)); | |
134 | } | |
135 | ||
423c929c JK |
136 | /* |
137 | * Find a mergeable slab cache | |
138 | */ | |
139 | int slab_unmergeable(struct kmem_cache *s) | |
140 | { | |
141 | if (slab_nomerge || (s->flags & SLAB_NEVER_MERGE)) | |
142 | return 1; | |
143 | ||
423c929c JK |
144 | if (s->ctor) |
145 | return 1; | |
146 | ||
346907ce | 147 | #ifdef CONFIG_HARDENED_USERCOPY |
8eb8284b DW |
148 | if (s->usersize) |
149 | return 1; | |
346907ce | 150 | #endif |
8eb8284b | 151 | |
423c929c JK |
152 | /* |
153 | * We may have set a slab to be unmergeable during bootstrap. | |
154 | */ | |
155 | if (s->refcount < 0) | |
156 | return 1; | |
157 | ||
158 | return 0; | |
159 | } | |
160 | ||
f4957d5b | 161 | struct kmem_cache *find_mergeable(unsigned int size, unsigned int align, |
d50112ed | 162 | slab_flags_t flags, const char *name, void (*ctor)(void *)) |
423c929c JK |
163 | { |
164 | struct kmem_cache *s; | |
165 | ||
c6e28895 | 166 | if (slab_nomerge) |
423c929c JK |
167 | return NULL; |
168 | ||
169 | if (ctor) | |
170 | return NULL; | |
171 | ||
172 | size = ALIGN(size, sizeof(void *)); | |
173 | align = calculate_alignment(flags, align, size); | |
174 | size = ALIGN(size, align); | |
303cd693 | 175 | flags = kmem_cache_flags(flags, name); |
423c929c | 176 | |
c6e28895 GM |
177 | if (flags & SLAB_NEVER_MERGE) |
178 | return NULL; | |
179 | ||
c7094406 | 180 | list_for_each_entry_reverse(s, &slab_caches, list) { |
423c929c JK |
181 | if (slab_unmergeable(s)) |
182 | continue; | |
183 | ||
184 | if (size > s->size) | |
185 | continue; | |
186 | ||
187 | if ((flags & SLAB_MERGE_SAME) != (s->flags & SLAB_MERGE_SAME)) | |
188 | continue; | |
189 | /* | |
190 | * Check if alignment is compatible. | |
191 | * Courtesy of Adrian Drzewiecki | |
192 | */ | |
193 | if ((s->size & ~(align - 1)) != s->size) | |
194 | continue; | |
195 | ||
196 | if (s->size - size >= sizeof(void *)) | |
197 | continue; | |
198 | ||
199 | return s; | |
200 | } | |
201 | return NULL; | |
202 | } | |
203 | ||
c9a77a79 | 204 | static struct kmem_cache *create_cache(const char *name, |
613a5eb5 | 205 | unsigned int object_size, unsigned int align, |
7bbdb81e AD |
206 | slab_flags_t flags, unsigned int useroffset, |
207 | unsigned int usersize, void (*ctor)(void *), | |
9855609b | 208 | struct kmem_cache *root_cache) |
794b1248 VD |
209 | { |
210 | struct kmem_cache *s; | |
211 | int err; | |
212 | ||
8eb8284b DW |
213 | if (WARN_ON(useroffset + usersize > object_size)) |
214 | useroffset = usersize = 0; | |
215 | ||
794b1248 VD |
216 | err = -ENOMEM; |
217 | s = kmem_cache_zalloc(kmem_cache, GFP_KERNEL); | |
218 | if (!s) | |
219 | goto out; | |
220 | ||
221 | s->name = name; | |
613a5eb5 | 222 | s->size = s->object_size = object_size; |
794b1248 VD |
223 | s->align = align; |
224 | s->ctor = ctor; | |
346907ce | 225 | #ifdef CONFIG_HARDENED_USERCOPY |
8eb8284b DW |
226 | s->useroffset = useroffset; |
227 | s->usersize = usersize; | |
346907ce | 228 | #endif |
794b1248 | 229 | |
794b1248 VD |
230 | err = __kmem_cache_create(s, flags); |
231 | if (err) | |
232 | goto out_free_cache; | |
233 | ||
234 | s->refcount = 1; | |
235 | list_add(&s->list, &slab_caches); | |
794b1248 VD |
236 | return s; |
237 | ||
238 | out_free_cache: | |
7c4da061 | 239 | kmem_cache_free(kmem_cache, s); |
b9dad156 ZL |
240 | out: |
241 | return ERR_PTR(err); | |
794b1248 | 242 | } |
45906855 | 243 | |
f496990f MR |
244 | /** |
245 | * kmem_cache_create_usercopy - Create a cache with a region suitable | |
246 | * for copying to userspace | |
77be4b13 SK |
247 | * @name: A string which is used in /proc/slabinfo to identify this cache. |
248 | * @size: The size of objects to be created in this cache. | |
249 | * @align: The required alignment for the objects. | |
250 | * @flags: SLAB flags | |
8eb8284b DW |
251 | * @useroffset: Usercopy region offset |
252 | * @usersize: Usercopy region size | |
77be4b13 SK |
253 | * @ctor: A constructor for the objects. |
254 | * | |
77be4b13 SK |
255 | * Cannot be called within a interrupt, but can be interrupted. |
256 | * The @ctor is run when new pages are allocated by the cache. | |
257 | * | |
258 | * The flags are | |
259 | * | |
260 | * %SLAB_POISON - Poison the slab with a known test pattern (a5a5a5a5) | |
261 | * to catch references to uninitialised memory. | |
262 | * | |
f496990f | 263 | * %SLAB_RED_ZONE - Insert `Red` zones around the allocated memory to check |
77be4b13 SK |
264 | * for buffer overruns. |
265 | * | |
266 | * %SLAB_HWCACHE_ALIGN - Align the objects in this cache to a hardware | |
267 | * cacheline. This can be beneficial if you're counting cycles as closely | |
268 | * as davem. | |
f496990f MR |
269 | * |
270 | * Return: a pointer to the cache on success, NULL on failure. | |
77be4b13 | 271 | */ |
2633d7a0 | 272 | struct kmem_cache * |
f4957d5b AD |
273 | kmem_cache_create_usercopy(const char *name, |
274 | unsigned int size, unsigned int align, | |
7bbdb81e AD |
275 | slab_flags_t flags, |
276 | unsigned int useroffset, unsigned int usersize, | |
8eb8284b | 277 | void (*ctor)(void *)) |
77be4b13 | 278 | { |
40911a79 | 279 | struct kmem_cache *s = NULL; |
3dec16ea | 280 | const char *cache_name; |
3965fc36 | 281 | int err; |
039363f3 | 282 | |
afe0c26d VB |
283 | #ifdef CONFIG_SLUB_DEBUG |
284 | /* | |
671776b3 | 285 | * If no slab_debug was enabled globally, the static key is not yet |
afe0c26d VB |
286 | * enabled by setup_slub_debug(). Enable it if the cache is being |
287 | * created with any of the debugging flags passed explicitly. | |
5cf909c5 OG |
288 | * It's also possible that this is the first cache created with |
289 | * SLAB_STORE_USER and we should init stack_depot for it. | |
afe0c26d VB |
290 | */ |
291 | if (flags & SLAB_DEBUG_FLAGS) | |
292 | static_branch_enable(&slub_debug_enabled); | |
5cf909c5 OG |
293 | if (flags & SLAB_STORE_USER) |
294 | stack_depot_init(); | |
afe0c26d VB |
295 | #endif |
296 | ||
77be4b13 | 297 | mutex_lock(&slab_mutex); |
686d550d | 298 | |
794b1248 | 299 | err = kmem_cache_sanity_check(name, size); |
3aa24f51 | 300 | if (err) { |
3965fc36 | 301 | goto out_unlock; |
3aa24f51 | 302 | } |
686d550d | 303 | |
e70954fd TG |
304 | /* Refuse requests with allocator specific flags */ |
305 | if (flags & ~SLAB_FLAGS_PERMITTED) { | |
306 | err = -EINVAL; | |
307 | goto out_unlock; | |
308 | } | |
309 | ||
d8843922 GC |
310 | /* |
311 | * Some allocators will constraint the set of valid flags to a subset | |
312 | * of all flags. We expect them to define CACHE_CREATE_MASK in this | |
313 | * case, and we'll just provide them with a sanitized version of the | |
314 | * passed flags. | |
315 | */ | |
316 | flags &= CACHE_CREATE_MASK; | |
686d550d | 317 | |
8eb8284b | 318 | /* Fail closed on bad usersize of useroffset values. */ |
346907ce VB |
319 | if (!IS_ENABLED(CONFIG_HARDENED_USERCOPY) || |
320 | WARN_ON(!usersize && useroffset) || | |
8eb8284b DW |
321 | WARN_ON(size < usersize || size - usersize < useroffset)) |
322 | usersize = useroffset = 0; | |
323 | ||
324 | if (!usersize) | |
325 | s = __kmem_cache_alias(name, size, align, flags, ctor); | |
794b1248 | 326 | if (s) |
3965fc36 | 327 | goto out_unlock; |
2633d7a0 | 328 | |
3dec16ea | 329 | cache_name = kstrdup_const(name, GFP_KERNEL); |
794b1248 VD |
330 | if (!cache_name) { |
331 | err = -ENOMEM; | |
332 | goto out_unlock; | |
333 | } | |
7c9adf5a | 334 | |
613a5eb5 | 335 | s = create_cache(cache_name, size, |
c9a77a79 | 336 | calculate_alignment(flags, align, size), |
9855609b | 337 | flags, useroffset, usersize, ctor, NULL); |
794b1248 VD |
338 | if (IS_ERR(s)) { |
339 | err = PTR_ERR(s); | |
3dec16ea | 340 | kfree_const(cache_name); |
794b1248 | 341 | } |
3965fc36 VD |
342 | |
343 | out_unlock: | |
20cea968 | 344 | mutex_unlock(&slab_mutex); |
03afc0e2 | 345 | |
ba3253c7 | 346 | if (err) { |
686d550d | 347 | if (flags & SLAB_PANIC) |
4acaa7d5 | 348 | panic("%s: Failed to create slab '%s'. Error %d\n", |
349 | __func__, name, err); | |
686d550d | 350 | else { |
4acaa7d5 | 351 | pr_warn("%s(%s) failed with error %d\n", |
352 | __func__, name, err); | |
686d550d CL |
353 | dump_stack(); |
354 | } | |
686d550d CL |
355 | return NULL; |
356 | } | |
039363f3 CL |
357 | return s; |
358 | } | |
8eb8284b DW |
359 | EXPORT_SYMBOL(kmem_cache_create_usercopy); |
360 | ||
f496990f MR |
361 | /** |
362 | * kmem_cache_create - Create a cache. | |
363 | * @name: A string which is used in /proc/slabinfo to identify this cache. | |
364 | * @size: The size of objects to be created in this cache. | |
365 | * @align: The required alignment for the objects. | |
366 | * @flags: SLAB flags | |
367 | * @ctor: A constructor for the objects. | |
368 | * | |
369 | * Cannot be called within a interrupt, but can be interrupted. | |
370 | * The @ctor is run when new pages are allocated by the cache. | |
371 | * | |
372 | * The flags are | |
373 | * | |
374 | * %SLAB_POISON - Poison the slab with a known test pattern (a5a5a5a5) | |
375 | * to catch references to uninitialised memory. | |
376 | * | |
377 | * %SLAB_RED_ZONE - Insert `Red` zones around the allocated memory to check | |
378 | * for buffer overruns. | |
379 | * | |
380 | * %SLAB_HWCACHE_ALIGN - Align the objects in this cache to a hardware | |
381 | * cacheline. This can be beneficial if you're counting cycles as closely | |
382 | * as davem. | |
383 | * | |
384 | * Return: a pointer to the cache on success, NULL on failure. | |
385 | */ | |
8eb8284b | 386 | struct kmem_cache * |
f4957d5b | 387 | kmem_cache_create(const char *name, unsigned int size, unsigned int align, |
8eb8284b DW |
388 | slab_flags_t flags, void (*ctor)(void *)) |
389 | { | |
6d07d1cd | 390 | return kmem_cache_create_usercopy(name, size, align, flags, 0, 0, |
8eb8284b DW |
391 | ctor); |
392 | } | |
794b1248 | 393 | EXPORT_SYMBOL(kmem_cache_create); |
2633d7a0 | 394 | |
0495e337 WL |
395 | #ifdef SLAB_SUPPORTS_SYSFS |
396 | /* | |
397 | * For a given kmem_cache, kmem_cache_destroy() should only be called | |
398 | * once or there will be a use-after-free problem. The actual deletion | |
399 | * and release of the kobject does not need slab_mutex or cpu_hotplug_lock | |
400 | * protection. So they are now done without holding those locks. | |
401 | * | |
402 | * Note that there will be a slight delay in the deletion of sysfs files | |
403 | * if kmem_cache_release() is called indrectly from a work function. | |
404 | */ | |
405 | static void kmem_cache_release(struct kmem_cache *s) | |
406 | { | |
011568eb XW |
407 | if (slab_state >= FULL) { |
408 | sysfs_slab_unlink(s); | |
409 | sysfs_slab_release(s); | |
410 | } else { | |
411 | slab_kmem_cache_release(s); | |
412 | } | |
0495e337 WL |
413 | } |
414 | #else | |
415 | static void kmem_cache_release(struct kmem_cache *s) | |
416 | { | |
417 | slab_kmem_cache_release(s); | |
418 | } | |
419 | #endif | |
420 | ||
657dc2f9 | 421 | static void slab_caches_to_rcu_destroy_workfn(struct work_struct *work) |
d5b3cf71 | 422 | { |
657dc2f9 TH |
423 | LIST_HEAD(to_destroy); |
424 | struct kmem_cache *s, *s2; | |
d5b3cf71 | 425 | |
657dc2f9 | 426 | /* |
5f0d5a3a | 427 | * On destruction, SLAB_TYPESAFE_BY_RCU kmem_caches are put on the |
657dc2f9 | 428 | * @slab_caches_to_rcu_destroy list. The slab pages are freed |
081a06fa | 429 | * through RCU and the associated kmem_cache are dereferenced |
657dc2f9 TH |
430 | * while freeing the pages, so the kmem_caches should be freed only |
431 | * after the pending RCU operations are finished. As rcu_barrier() | |
432 | * is a pretty slow operation, we batch all pending destructions | |
433 | * asynchronously. | |
434 | */ | |
435 | mutex_lock(&slab_mutex); | |
436 | list_splice_init(&slab_caches_to_rcu_destroy, &to_destroy); | |
437 | mutex_unlock(&slab_mutex); | |
d5b3cf71 | 438 | |
657dc2f9 TH |
439 | if (list_empty(&to_destroy)) |
440 | return; | |
441 | ||
442 | rcu_barrier(); | |
443 | ||
444 | list_for_each_entry_safe(s, s2, &to_destroy, list) { | |
64dd6849 | 445 | debugfs_slab_release(s); |
d3fb45f3 | 446 | kfence_shutdown_cache(s); |
0495e337 | 447 | kmem_cache_release(s); |
657dc2f9 | 448 | } |
d5b3cf71 VD |
449 | } |
450 | ||
657dc2f9 | 451 | static int shutdown_cache(struct kmem_cache *s) |
d5b3cf71 | 452 | { |
f9fa1d91 GT |
453 | /* free asan quarantined objects */ |
454 | kasan_cache_shutdown(s); | |
455 | ||
657dc2f9 TH |
456 | if (__kmem_cache_shutdown(s) != 0) |
457 | return -EBUSY; | |
d5b3cf71 | 458 | |
657dc2f9 | 459 | list_del(&s->list); |
d5b3cf71 | 460 | |
5f0d5a3a | 461 | if (s->flags & SLAB_TYPESAFE_BY_RCU) { |
657dc2f9 TH |
462 | list_add_tail(&s->list, &slab_caches_to_rcu_destroy); |
463 | schedule_work(&slab_caches_to_rcu_destroy_work); | |
464 | } else { | |
d3fb45f3 | 465 | kfence_shutdown_cache(s); |
64dd6849 | 466 | debugfs_slab_release(s); |
d5b3cf71 | 467 | } |
657dc2f9 TH |
468 | |
469 | return 0; | |
d5b3cf71 VD |
470 | } |
471 | ||
41a21285 CL |
472 | void slab_kmem_cache_release(struct kmem_cache *s) |
473 | { | |
52b4b950 | 474 | __kmem_cache_release(s); |
3dec16ea | 475 | kfree_const(s->name); |
41a21285 CL |
476 | kmem_cache_free(kmem_cache, s); |
477 | } | |
478 | ||
945cf2b6 CL |
479 | void kmem_cache_destroy(struct kmem_cache *s) |
480 | { | |
46a9ea66 | 481 | int err = -EBUSY; |
d71608a8 | 482 | bool rcu_set; |
0495e337 | 483 | |
bed0a9b5 | 484 | if (unlikely(!s) || !kasan_check_byte(s)) |
3942d299 SS |
485 | return; |
486 | ||
5a836bf6 | 487 | cpus_read_lock(); |
945cf2b6 | 488 | mutex_lock(&slab_mutex); |
b8529907 | 489 | |
d71608a8 FT |
490 | rcu_set = s->flags & SLAB_TYPESAFE_BY_RCU; |
491 | ||
46a9ea66 RA |
492 | s->refcount--; |
493 | if (s->refcount) | |
b8529907 VD |
494 | goto out_unlock; |
495 | ||
46a9ea66 RA |
496 | err = shutdown_cache(s); |
497 | WARN(err, "%s %s: Slab cache still has objects when called from %pS", | |
7302e91f | 498 | __func__, s->name, (void *)_RET_IP_); |
b8529907 VD |
499 | out_unlock: |
500 | mutex_unlock(&slab_mutex); | |
5a836bf6 | 501 | cpus_read_unlock(); |
46a9ea66 | 502 | if (!err && !rcu_set) |
0495e337 | 503 | kmem_cache_release(s); |
945cf2b6 CL |
504 | } |
505 | EXPORT_SYMBOL(kmem_cache_destroy); | |
506 | ||
03afc0e2 VD |
507 | /** |
508 | * kmem_cache_shrink - Shrink a cache. | |
509 | * @cachep: The cache to shrink. | |
510 | * | |
511 | * Releases as many slabs as possible for a cache. | |
512 | * To help debugging, a zero exit status indicates all slabs were released. | |
a862f68a MR |
513 | * |
514 | * Return: %0 if all slabs were released, non-zero otherwise | |
03afc0e2 VD |
515 | */ |
516 | int kmem_cache_shrink(struct kmem_cache *cachep) | |
517 | { | |
55834c59 | 518 | kasan_cache_shrink(cachep); |
7e1fa93d | 519 | |
610f9c00 | 520 | return __kmem_cache_shrink(cachep); |
03afc0e2 VD |
521 | } |
522 | EXPORT_SYMBOL(kmem_cache_shrink); | |
523 | ||
fda90124 | 524 | bool slab_is_available(void) |
97d06609 CL |
525 | { |
526 | return slab_state >= UP; | |
527 | } | |
b7454ad3 | 528 | |
5bb1bb35 | 529 | #ifdef CONFIG_PRINTK |
2dfe63e6 ME |
530 | static void kmem_obj_info(struct kmem_obj_info *kpp, void *object, struct slab *slab) |
531 | { | |
532 | if (__kfence_obj_info(kpp, object, slab)) | |
533 | return; | |
534 | __kmem_obj_info(kpp, object, slab); | |
535 | } | |
536 | ||
8e7f37f2 PM |
537 | /** |
538 | * kmem_dump_obj - Print available slab provenance information | |
539 | * @object: slab object for which to find provenance information. | |
540 | * | |
541 | * This function uses pr_cont(), so that the caller is expected to have | |
542 | * printed out whatever preamble is appropriate. The provenance information | |
543 | * depends on the type of object and on how much debugging is enabled. | |
544 | * For a slab-cache object, the fact that it is a slab object is printed, | |
545 | * and, if available, the slab name, return address, and stack trace from | |
e548eaa1 | 546 | * the allocation and last free path of that object. |
8e7f37f2 | 547 | * |
6e284c55 ZL |
548 | * Return: %true if the pointer is to a not-yet-freed object from |
549 | * kmalloc() or kmem_cache_alloc(), either %true or %false if the pointer | |
550 | * is to an already-freed object, and %false otherwise. | |
8e7f37f2 | 551 | */ |
6e284c55 | 552 | bool kmem_dump_obj(void *object) |
8e7f37f2 PM |
553 | { |
554 | char *cp = IS_ENABLED(CONFIG_MMU) ? "" : "/vmalloc"; | |
555 | int i; | |
7213230a | 556 | struct slab *slab; |
8e7f37f2 PM |
557 | unsigned long ptroffset; |
558 | struct kmem_obj_info kp = { }; | |
559 | ||
6e284c55 ZL |
560 | /* Some arches consider ZERO_SIZE_PTR to be a valid address. */ |
561 | if (object < (void *)PAGE_SIZE || !virt_addr_valid(object)) | |
562 | return false; | |
7213230a | 563 | slab = virt_to_slab(object); |
6e284c55 ZL |
564 | if (!slab) |
565 | return false; | |
566 | ||
7213230a | 567 | kmem_obj_info(&kp, object, slab); |
8e7f37f2 PM |
568 | if (kp.kp_slab_cache) |
569 | pr_cont(" slab%s %s", cp, kp.kp_slab_cache->name); | |
570 | else | |
571 | pr_cont(" slab%s", cp); | |
2dfe63e6 ME |
572 | if (is_kfence_address(object)) |
573 | pr_cont(" (kfence)"); | |
8e7f37f2 PM |
574 | if (kp.kp_objp) |
575 | pr_cont(" start %px", kp.kp_objp); | |
576 | if (kp.kp_data_offset) | |
577 | pr_cont(" data offset %lu", kp.kp_data_offset); | |
578 | if (kp.kp_objp) { | |
579 | ptroffset = ((char *)object - (char *)kp.kp_objp) - kp.kp_data_offset; | |
580 | pr_cont(" pointer offset %lu", ptroffset); | |
581 | } | |
346907ce VB |
582 | if (kp.kp_slab_cache && kp.kp_slab_cache->object_size) |
583 | pr_cont(" size %u", kp.kp_slab_cache->object_size); | |
8e7f37f2 PM |
584 | if (kp.kp_ret) |
585 | pr_cont(" allocated at %pS\n", kp.kp_ret); | |
586 | else | |
587 | pr_cont("\n"); | |
588 | for (i = 0; i < ARRAY_SIZE(kp.kp_stack); i++) { | |
589 | if (!kp.kp_stack[i]) | |
590 | break; | |
591 | pr_info(" %pS\n", kp.kp_stack[i]); | |
592 | } | |
e548eaa1 MS |
593 | |
594 | if (kp.kp_free_stack[0]) | |
595 | pr_cont(" Free path:\n"); | |
596 | ||
597 | for (i = 0; i < ARRAY_SIZE(kp.kp_free_stack); i++) { | |
598 | if (!kp.kp_free_stack[i]) | |
599 | break; | |
600 | pr_info(" %pS\n", kp.kp_free_stack[i]); | |
601 | } | |
602 | ||
6e284c55 | 603 | return true; |
8e7f37f2 | 604 | } |
0d3dd2c8 | 605 | EXPORT_SYMBOL_GPL(kmem_dump_obj); |
5bb1bb35 | 606 | #endif |
8e7f37f2 | 607 | |
45530c44 | 608 | /* Create a cache during boot when no slab services are available yet */ |
361d575e AD |
609 | void __init create_boot_cache(struct kmem_cache *s, const char *name, |
610 | unsigned int size, slab_flags_t flags, | |
611 | unsigned int useroffset, unsigned int usersize) | |
45530c44 CL |
612 | { |
613 | int err; | |
59bb4798 | 614 | unsigned int align = ARCH_KMALLOC_MINALIGN; |
45530c44 CL |
615 | |
616 | s->name = name; | |
617 | s->size = s->object_size = size; | |
59bb4798 VB |
618 | |
619 | /* | |
620 | * For power of two sizes, guarantee natural alignment for kmalloc | |
621 | * caches, regardless of SL*B debugging options. | |
622 | */ | |
623 | if (is_power_of_2(size)) | |
624 | align = max(align, size); | |
625 | s->align = calculate_alignment(flags, align, size); | |
626 | ||
346907ce | 627 | #ifdef CONFIG_HARDENED_USERCOPY |
8eb8284b DW |
628 | s->useroffset = useroffset; |
629 | s->usersize = usersize; | |
346907ce | 630 | #endif |
f7ce3190 | 631 | |
45530c44 CL |
632 | err = __kmem_cache_create(s, flags); |
633 | ||
634 | if (err) | |
361d575e | 635 | panic("Creation of kmalloc slab %s size=%u failed. Reason %d\n", |
45530c44 CL |
636 | name, size, err); |
637 | ||
638 | s->refcount = -1; /* Exempt from merging for now */ | |
639 | } | |
640 | ||
0c474d31 CM |
641 | static struct kmem_cache *__init create_kmalloc_cache(const char *name, |
642 | unsigned int size, | |
643 | slab_flags_t flags) | |
45530c44 CL |
644 | { |
645 | struct kmem_cache *s = kmem_cache_zalloc(kmem_cache, GFP_NOWAIT); | |
646 | ||
647 | if (!s) | |
648 | panic("Out of memory when creating slab %s\n", name); | |
649 | ||
0c474d31 | 650 | create_boot_cache(s, name, size, flags | SLAB_KMALLOC, 0, size); |
45530c44 CL |
651 | list_add(&s->list, &slab_caches); |
652 | s->refcount = 1; | |
653 | return s; | |
654 | } | |
655 | ||
cc252eae | 656 | struct kmem_cache * |
a07057dc | 657 | kmalloc_caches[NR_KMALLOC_TYPES][KMALLOC_SHIFT_HIGH + 1] __ro_after_init = |
2947a456 | 658 | { /* initialization for https://llvm.org/pr42570 */ }; |
9425c58e CL |
659 | EXPORT_SYMBOL(kmalloc_caches); |
660 | ||
3c615294 GR |
661 | #ifdef CONFIG_RANDOM_KMALLOC_CACHES |
662 | unsigned long random_kmalloc_seed __ro_after_init; | |
663 | EXPORT_SYMBOL(random_kmalloc_seed); | |
664 | #endif | |
665 | ||
2c59dd65 CL |
666 | /* |
667 | * Conversion table for small slabs sizes / 8 to the index in the | |
668 | * kmalloc array. This is necessary for slabs < 192 since we have non power | |
669 | * of two cache sizes there. The size of larger slabs can be determined using | |
670 | * fls. | |
671 | */ | |
5a9d31d9 | 672 | u8 kmalloc_size_index[24] __ro_after_init = { |
2c59dd65 CL |
673 | 3, /* 8 */ |
674 | 4, /* 16 */ | |
675 | 5, /* 24 */ | |
676 | 5, /* 32 */ | |
677 | 6, /* 40 */ | |
678 | 6, /* 48 */ | |
679 | 6, /* 56 */ | |
680 | 6, /* 64 */ | |
681 | 1, /* 72 */ | |
682 | 1, /* 80 */ | |
683 | 1, /* 88 */ | |
684 | 1, /* 96 */ | |
685 | 7, /* 104 */ | |
686 | 7, /* 112 */ | |
687 | 7, /* 120 */ | |
688 | 7, /* 128 */ | |
689 | 2, /* 136 */ | |
690 | 2, /* 144 */ | |
691 | 2, /* 152 */ | |
692 | 2, /* 160 */ | |
693 | 2, /* 168 */ | |
694 | 2, /* 176 */ | |
695 | 2, /* 184 */ | |
696 | 2 /* 192 */ | |
697 | }; | |
698 | ||
05a94065 KC |
699 | size_t kmalloc_size_roundup(size_t size) |
700 | { | |
8446a4de DL |
701 | if (size && size <= KMALLOC_MAX_CACHE_SIZE) { |
702 | /* | |
703 | * The flags don't matter since size_index is common to all. | |
704 | * Neither does the caller for just getting ->object_size. | |
705 | */ | |
706 | return kmalloc_slab(size, GFP_KERNEL, 0)->object_size; | |
707 | } | |
708 | ||
05a94065 | 709 | /* Above the smaller buckets, size is a multiple of page size. */ |
8446a4de | 710 | if (size && size <= KMALLOC_MAX_SIZE) |
05a94065 KC |
711 | return PAGE_SIZE << get_order(size); |
712 | ||
3c615294 | 713 | /* |
8446a4de DL |
714 | * Return 'size' for 0 - kmalloc() returns ZERO_SIZE_PTR |
715 | * and very large size - kmalloc() may fail. | |
3c615294 | 716 | */ |
8446a4de DL |
717 | return size; |
718 | ||
05a94065 KC |
719 | } |
720 | EXPORT_SYMBOL(kmalloc_size_roundup); | |
721 | ||
cb5d9fb3 | 722 | #ifdef CONFIG_ZONE_DMA |
494c1dfe WL |
723 | #define KMALLOC_DMA_NAME(sz) .name[KMALLOC_DMA] = "dma-kmalloc-" #sz, |
724 | #else | |
725 | #define KMALLOC_DMA_NAME(sz) | |
726 | #endif | |
727 | ||
728 | #ifdef CONFIG_MEMCG_KMEM | |
729 | #define KMALLOC_CGROUP_NAME(sz) .name[KMALLOC_CGROUP] = "kmalloc-cg-" #sz, | |
cb5d9fb3 | 730 | #else |
494c1dfe WL |
731 | #define KMALLOC_CGROUP_NAME(sz) |
732 | #endif | |
733 | ||
2f7c1c13 VB |
734 | #ifndef CONFIG_SLUB_TINY |
735 | #define KMALLOC_RCL_NAME(sz) .name[KMALLOC_RECLAIM] = "kmalloc-rcl-" #sz, | |
736 | #else | |
737 | #define KMALLOC_RCL_NAME(sz) | |
738 | #endif | |
739 | ||
3c615294 GR |
740 | #ifdef CONFIG_RANDOM_KMALLOC_CACHES |
741 | #define __KMALLOC_RANDOM_CONCAT(a, b) a ## b | |
742 | #define KMALLOC_RANDOM_NAME(N, sz) __KMALLOC_RANDOM_CONCAT(KMA_RAND_, N)(sz) | |
743 | #define KMA_RAND_1(sz) .name[KMALLOC_RANDOM_START + 1] = "kmalloc-rnd-01-" #sz, | |
744 | #define KMA_RAND_2(sz) KMA_RAND_1(sz) .name[KMALLOC_RANDOM_START + 2] = "kmalloc-rnd-02-" #sz, | |
745 | #define KMA_RAND_3(sz) KMA_RAND_2(sz) .name[KMALLOC_RANDOM_START + 3] = "kmalloc-rnd-03-" #sz, | |
746 | #define KMA_RAND_4(sz) KMA_RAND_3(sz) .name[KMALLOC_RANDOM_START + 4] = "kmalloc-rnd-04-" #sz, | |
747 | #define KMA_RAND_5(sz) KMA_RAND_4(sz) .name[KMALLOC_RANDOM_START + 5] = "kmalloc-rnd-05-" #sz, | |
748 | #define KMA_RAND_6(sz) KMA_RAND_5(sz) .name[KMALLOC_RANDOM_START + 6] = "kmalloc-rnd-06-" #sz, | |
749 | #define KMA_RAND_7(sz) KMA_RAND_6(sz) .name[KMALLOC_RANDOM_START + 7] = "kmalloc-rnd-07-" #sz, | |
750 | #define KMA_RAND_8(sz) KMA_RAND_7(sz) .name[KMALLOC_RANDOM_START + 8] = "kmalloc-rnd-08-" #sz, | |
751 | #define KMA_RAND_9(sz) KMA_RAND_8(sz) .name[KMALLOC_RANDOM_START + 9] = "kmalloc-rnd-09-" #sz, | |
752 | #define KMA_RAND_10(sz) KMA_RAND_9(sz) .name[KMALLOC_RANDOM_START + 10] = "kmalloc-rnd-10-" #sz, | |
753 | #define KMA_RAND_11(sz) KMA_RAND_10(sz) .name[KMALLOC_RANDOM_START + 11] = "kmalloc-rnd-11-" #sz, | |
754 | #define KMA_RAND_12(sz) KMA_RAND_11(sz) .name[KMALLOC_RANDOM_START + 12] = "kmalloc-rnd-12-" #sz, | |
755 | #define KMA_RAND_13(sz) KMA_RAND_12(sz) .name[KMALLOC_RANDOM_START + 13] = "kmalloc-rnd-13-" #sz, | |
756 | #define KMA_RAND_14(sz) KMA_RAND_13(sz) .name[KMALLOC_RANDOM_START + 14] = "kmalloc-rnd-14-" #sz, | |
757 | #define KMA_RAND_15(sz) KMA_RAND_14(sz) .name[KMALLOC_RANDOM_START + 15] = "kmalloc-rnd-15-" #sz, | |
758 | #else // CONFIG_RANDOM_KMALLOC_CACHES | |
759 | #define KMALLOC_RANDOM_NAME(N, sz) | |
760 | #endif | |
761 | ||
cb5d9fb3 PL |
762 | #define INIT_KMALLOC_INFO(__size, __short_size) \ |
763 | { \ | |
764 | .name[KMALLOC_NORMAL] = "kmalloc-" #__short_size, \ | |
2f7c1c13 | 765 | KMALLOC_RCL_NAME(__short_size) \ |
494c1dfe WL |
766 | KMALLOC_CGROUP_NAME(__short_size) \ |
767 | KMALLOC_DMA_NAME(__short_size) \ | |
3c615294 | 768 | KMALLOC_RANDOM_NAME(RANDOM_KMALLOC_CACHES_NR, __short_size) \ |
cb5d9fb3 PL |
769 | .size = __size, \ |
770 | } | |
cb5d9fb3 | 771 | |
4066c33d | 772 | /* |
671776b3 | 773 | * kmalloc_info[] is to make slab_debug=,kmalloc-xx option work at boot time. |
d6a71648 HY |
774 | * kmalloc_index() supports up to 2^21=2MB, so the final entry of the table is |
775 | * kmalloc-2M. | |
4066c33d | 776 | */ |
af3b5f87 | 777 | const struct kmalloc_info_struct kmalloc_info[] __initconst = { |
cb5d9fb3 PL |
778 | INIT_KMALLOC_INFO(0, 0), |
779 | INIT_KMALLOC_INFO(96, 96), | |
780 | INIT_KMALLOC_INFO(192, 192), | |
781 | INIT_KMALLOC_INFO(8, 8), | |
782 | INIT_KMALLOC_INFO(16, 16), | |
783 | INIT_KMALLOC_INFO(32, 32), | |
784 | INIT_KMALLOC_INFO(64, 64), | |
785 | INIT_KMALLOC_INFO(128, 128), | |
786 | INIT_KMALLOC_INFO(256, 256), | |
787 | INIT_KMALLOC_INFO(512, 512), | |
788 | INIT_KMALLOC_INFO(1024, 1k), | |
789 | INIT_KMALLOC_INFO(2048, 2k), | |
790 | INIT_KMALLOC_INFO(4096, 4k), | |
791 | INIT_KMALLOC_INFO(8192, 8k), | |
792 | INIT_KMALLOC_INFO(16384, 16k), | |
793 | INIT_KMALLOC_INFO(32768, 32k), | |
794 | INIT_KMALLOC_INFO(65536, 64k), | |
795 | INIT_KMALLOC_INFO(131072, 128k), | |
796 | INIT_KMALLOC_INFO(262144, 256k), | |
797 | INIT_KMALLOC_INFO(524288, 512k), | |
798 | INIT_KMALLOC_INFO(1048576, 1M), | |
d6a71648 | 799 | INIT_KMALLOC_INFO(2097152, 2M) |
4066c33d GG |
800 | }; |
801 | ||
f97d5f63 | 802 | /* |
34cc6990 DS |
803 | * Patch up the size_index table if we have strange large alignment |
804 | * requirements for the kmalloc array. This is only the case for | |
805 | * MIPS it seems. The standard arches will not generate any code here. | |
806 | * | |
807 | * Largest permitted alignment is 256 bytes due to the way we | |
808 | * handle the index determination for the smaller caches. | |
809 | * | |
810 | * Make sure that nothing crazy happens if someone starts tinkering | |
811 | * around with ARCH_KMALLOC_MINALIGN | |
f97d5f63 | 812 | */ |
34cc6990 | 813 | void __init setup_kmalloc_cache_index_table(void) |
f97d5f63 | 814 | { |
ac914d08 | 815 | unsigned int i; |
f97d5f63 | 816 | |
2c59dd65 | 817 | BUILD_BUG_ON(KMALLOC_MIN_SIZE > 256 || |
7d6b6cc3 | 818 | !is_power_of_2(KMALLOC_MIN_SIZE)); |
2c59dd65 CL |
819 | |
820 | for (i = 8; i < KMALLOC_MIN_SIZE; i += 8) { | |
ac914d08 | 821 | unsigned int elem = size_index_elem(i); |
2c59dd65 | 822 | |
5a9d31d9 | 823 | if (elem >= ARRAY_SIZE(kmalloc_size_index)) |
2c59dd65 | 824 | break; |
5a9d31d9 | 825 | kmalloc_size_index[elem] = KMALLOC_SHIFT_LOW; |
2c59dd65 CL |
826 | } |
827 | ||
828 | if (KMALLOC_MIN_SIZE >= 64) { | |
829 | /* | |
0b8f0d87 | 830 | * The 96 byte sized cache is not used if the alignment |
2c59dd65 CL |
831 | * is 64 byte. |
832 | */ | |
833 | for (i = 64 + 8; i <= 96; i += 8) | |
5a9d31d9 | 834 | kmalloc_size_index[size_index_elem(i)] = 7; |
2c59dd65 CL |
835 | |
836 | } | |
837 | ||
838 | if (KMALLOC_MIN_SIZE >= 128) { | |
839 | /* | |
840 | * The 192 byte sized cache is not used if the alignment | |
841 | * is 128 byte. Redirect kmalloc to use the 256 byte cache | |
842 | * instead. | |
843 | */ | |
844 | for (i = 128 + 8; i <= 192; i += 8) | |
5a9d31d9 | 845 | kmalloc_size_index[size_index_elem(i)] = 8; |
2c59dd65 | 846 | } |
34cc6990 DS |
847 | } |
848 | ||
963e84b0 CM |
849 | static unsigned int __kmalloc_minalign(void) |
850 | { | |
c15cdea5 CM |
851 | unsigned int minalign = dma_get_cache_alignment(); |
852 | ||
05ee7741 PT |
853 | if (IS_ENABLED(CONFIG_DMA_BOUNCE_UNALIGNED_KMALLOC) && |
854 | is_swiotlb_allocated()) | |
c15cdea5 CM |
855 | minalign = ARCH_KMALLOC_MINALIGN; |
856 | ||
857 | return max(minalign, arch_slab_minalign()); | |
963e84b0 CM |
858 | } |
859 | ||
66b3dc1f ZY |
860 | static void __init |
861 | new_kmalloc_cache(int idx, enum kmalloc_cache_type type) | |
a9730fca | 862 | { |
66b3dc1f | 863 | slab_flags_t flags = 0; |
963e84b0 CM |
864 | unsigned int minalign = __kmalloc_minalign(); |
865 | unsigned int aligned_size = kmalloc_info[idx].size; | |
866 | int aligned_idx = idx; | |
867 | ||
2f7c1c13 | 868 | if ((KMALLOC_RECLAIM != KMALLOC_NORMAL) && (type == KMALLOC_RECLAIM)) { |
1291523f | 869 | flags |= SLAB_RECLAIM_ACCOUNT; |
494c1dfe | 870 | } else if (IS_ENABLED(CONFIG_MEMCG_KMEM) && (type == KMALLOC_CGROUP)) { |
17c17367 | 871 | if (mem_cgroup_kmem_disabled()) { |
494c1dfe WL |
872 | kmalloc_caches[type][idx] = kmalloc_caches[KMALLOC_NORMAL][idx]; |
873 | return; | |
874 | } | |
875 | flags |= SLAB_ACCOUNT; | |
33647783 OK |
876 | } else if (IS_ENABLED(CONFIG_ZONE_DMA) && (type == KMALLOC_DMA)) { |
877 | flags |= SLAB_CACHE_DMA; | |
494c1dfe | 878 | } |
1291523f | 879 | |
3c615294 GR |
880 | #ifdef CONFIG_RANDOM_KMALLOC_CACHES |
881 | if (type >= KMALLOC_RANDOM_START && type <= KMALLOC_RANDOM_END) | |
882 | flags |= SLAB_NO_MERGE; | |
883 | #endif | |
884 | ||
13e680fb WL |
885 | /* |
886 | * If CONFIG_MEMCG_KMEM is enabled, disable cache merging for | |
887 | * KMALLOC_NORMAL caches. | |
888 | */ | |
889 | if (IS_ENABLED(CONFIG_MEMCG_KMEM) && (type == KMALLOC_NORMAL)) | |
d5bf4857 VB |
890 | flags |= SLAB_NO_MERGE; |
891 | ||
963e84b0 CM |
892 | if (minalign > ARCH_KMALLOC_MINALIGN) { |
893 | aligned_size = ALIGN(aligned_size, minalign); | |
894 | aligned_idx = __kmalloc_index(aligned_size, false); | |
895 | } | |
896 | ||
897 | if (!kmalloc_caches[type][aligned_idx]) | |
898 | kmalloc_caches[type][aligned_idx] = create_kmalloc_cache( | |
899 | kmalloc_info[aligned_idx].name[type], | |
900 | aligned_size, flags); | |
901 | if (idx != aligned_idx) | |
902 | kmalloc_caches[type][idx] = kmalloc_caches[type][aligned_idx]; | |
a9730fca CL |
903 | } |
904 | ||
34cc6990 DS |
905 | /* |
906 | * Create the kmalloc array. Some of the regular kmalloc arrays | |
907 | * may already have been created because they were needed to | |
908 | * enable allocations for slab creation. | |
909 | */ | |
66b3dc1f | 910 | void __init create_kmalloc_caches(void) |
34cc6990 | 911 | { |
13657d0a PL |
912 | int i; |
913 | enum kmalloc_cache_type type; | |
34cc6990 | 914 | |
494c1dfe WL |
915 | /* |
916 | * Including KMALLOC_CGROUP if CONFIG_MEMCG_KMEM defined | |
917 | */ | |
33647783 | 918 | for (type = KMALLOC_NORMAL; type < NR_KMALLOC_TYPES; type++) { |
1291523f VB |
919 | for (i = KMALLOC_SHIFT_LOW; i <= KMALLOC_SHIFT_HIGH; i++) { |
920 | if (!kmalloc_caches[type][i]) | |
66b3dc1f | 921 | new_kmalloc_cache(i, type); |
f97d5f63 | 922 | |
1291523f VB |
923 | /* |
924 | * Caches that are not of the two-to-the-power-of size. | |
925 | * These have to be created immediately after the | |
926 | * earlier power of two caches | |
927 | */ | |
928 | if (KMALLOC_MIN_SIZE <= 32 && i == 6 && | |
929 | !kmalloc_caches[type][1]) | |
66b3dc1f | 930 | new_kmalloc_cache(1, type); |
1291523f VB |
931 | if (KMALLOC_MIN_SIZE <= 64 && i == 7 && |
932 | !kmalloc_caches[type][2]) | |
66b3dc1f | 933 | new_kmalloc_cache(2, type); |
1291523f | 934 | } |
8a965b3b | 935 | } |
3c615294 GR |
936 | #ifdef CONFIG_RANDOM_KMALLOC_CACHES |
937 | random_kmalloc_seed = get_random_u64(); | |
938 | #endif | |
8a965b3b | 939 | |
f97d5f63 CL |
940 | /* Kmalloc array is now usable */ |
941 | slab_state = UP; | |
f97d5f63 | 942 | } |
d6a71648 | 943 | |
445d41d7 VB |
944 | /** |
945 | * __ksize -- Report full size of underlying allocation | |
a2076201 | 946 | * @object: pointer to the object |
445d41d7 VB |
947 | * |
948 | * This should only be used internally to query the true size of allocations. | |
949 | * It is not meant to be a way to discover the usable size of an allocation | |
950 | * after the fact. Instead, use kmalloc_size_roundup(). Using memory beyond | |
951 | * the originally requested allocation size may trigger KASAN, UBSAN_BOUNDS, | |
952 | * and/or FORTIFY_SOURCE. | |
953 | * | |
a2076201 | 954 | * Return: size of the actual memory used by @object in bytes |
445d41d7 | 955 | */ |
b1405135 HY |
956 | size_t __ksize(const void *object) |
957 | { | |
958 | struct folio *folio; | |
959 | ||
960 | if (unlikely(object == ZERO_SIZE_PTR)) | |
961 | return 0; | |
962 | ||
963 | folio = virt_to_folio(object); | |
964 | ||
d5eff736 HY |
965 | if (unlikely(!folio_test_slab(folio))) { |
966 | if (WARN_ON(folio_size(folio) <= KMALLOC_MAX_CACHE_SIZE)) | |
967 | return 0; | |
968 | if (WARN_ON(object != folio_address(folio))) | |
969 | return 0; | |
b1405135 | 970 | return folio_size(folio); |
d5eff736 | 971 | } |
b1405135 | 972 | |
946fa0db FT |
973 | #ifdef CONFIG_SLUB_DEBUG |
974 | skip_orig_size_check(folio_slab(folio)->slab_cache, object); | |
975 | #endif | |
976 | ||
b1405135 HY |
977 | return slab_ksize(folio_slab(folio)->slab_cache); |
978 | } | |
26a40990 | 979 | |
44405099 LL |
980 | gfp_t kmalloc_fix_flags(gfp_t flags) |
981 | { | |
982 | gfp_t invalid_mask = flags & GFP_SLAB_BUG_MASK; | |
983 | ||
984 | flags &= ~GFP_SLAB_BUG_MASK; | |
985 | pr_warn("Unexpected gfp: %#x (%pGg). Fixing up to gfp: %#x (%pGg). Fix your code!\n", | |
986 | invalid_mask, &invalid_mask, flags, &flags); | |
987 | dump_stack(); | |
988 | ||
989 | return flags; | |
990 | } | |
991 | ||
7c00fce9 TG |
992 | #ifdef CONFIG_SLAB_FREELIST_RANDOM |
993 | /* Randomize a generic freelist */ | |
ffe4dfe0 | 994 | static void freelist_randomize(unsigned int *list, |
302d55d5 | 995 | unsigned int count) |
7c00fce9 | 996 | { |
7c00fce9 | 997 | unsigned int rand; |
302d55d5 | 998 | unsigned int i; |
7c00fce9 TG |
999 | |
1000 | for (i = 0; i < count; i++) | |
1001 | list[i] = i; | |
1002 | ||
1003 | /* Fisher-Yates shuffle */ | |
1004 | for (i = count - 1; i > 0; i--) { | |
ffe4dfe0 | 1005 | rand = get_random_u32_below(i + 1); |
7c00fce9 TG |
1006 | swap(list[i], list[rand]); |
1007 | } | |
1008 | } | |
1009 | ||
1010 | /* Create a random sequence per cache */ | |
1011 | int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, | |
1012 | gfp_t gfp) | |
1013 | { | |
7c00fce9 TG |
1014 | |
1015 | if (count < 2 || cachep->random_seq) | |
1016 | return 0; | |
1017 | ||
1018 | cachep->random_seq = kcalloc(count, sizeof(unsigned int), gfp); | |
1019 | if (!cachep->random_seq) | |
1020 | return -ENOMEM; | |
1021 | ||
ffe4dfe0 | 1022 | freelist_randomize(cachep->random_seq, count); |
7c00fce9 TG |
1023 | return 0; |
1024 | } | |
1025 | ||
1026 | /* Destroy the per-cache random freelist sequence */ | |
1027 | void cache_random_seq_destroy(struct kmem_cache *cachep) | |
1028 | { | |
1029 | kfree(cachep->random_seq); | |
1030 | cachep->random_seq = NULL; | |
1031 | } | |
1032 | #endif /* CONFIG_SLAB_FREELIST_RANDOM */ | |
1033 | ||
a9e0b9f2 | 1034 | #ifdef CONFIG_SLUB_DEBUG |
0825a6f9 | 1035 | #define SLABINFO_RIGHTS (0400) |
e9b4db2b | 1036 | |
b047501c | 1037 | static void print_slabinfo_header(struct seq_file *m) |
bcee6e2a GC |
1038 | { |
1039 | /* | |
1040 | * Output format version, so at least we can change it | |
1041 | * without _too_ many complaints. | |
1042 | */ | |
bcee6e2a | 1043 | seq_puts(m, "slabinfo - version: 2.1\n"); |
756a025f | 1044 | seq_puts(m, "# name <active_objs> <num_objs> <objsize> <objperslab> <pagesperslab>"); |
bcee6e2a GC |
1045 | seq_puts(m, " : tunables <limit> <batchcount> <sharedfactor>"); |
1046 | seq_puts(m, " : slabdata <active_slabs> <num_slabs> <sharedavail>"); | |
bcee6e2a GC |
1047 | seq_putc(m, '\n'); |
1048 | } | |
1049 | ||
c29b5b3d | 1050 | static void *slab_start(struct seq_file *m, loff_t *pos) |
b7454ad3 | 1051 | { |
b7454ad3 | 1052 | mutex_lock(&slab_mutex); |
c7094406 | 1053 | return seq_list_start(&slab_caches, *pos); |
b7454ad3 GC |
1054 | } |
1055 | ||
c29b5b3d | 1056 | static void *slab_next(struct seq_file *m, void *p, loff_t *pos) |
b7454ad3 | 1057 | { |
c7094406 | 1058 | return seq_list_next(p, &slab_caches, pos); |
b7454ad3 GC |
1059 | } |
1060 | ||
c29b5b3d | 1061 | static void slab_stop(struct seq_file *m, void *p) |
b7454ad3 GC |
1062 | { |
1063 | mutex_unlock(&slab_mutex); | |
1064 | } | |
1065 | ||
b047501c | 1066 | static void cache_show(struct kmem_cache *s, struct seq_file *m) |
b7454ad3 | 1067 | { |
0d7561c6 GC |
1068 | struct slabinfo sinfo; |
1069 | ||
1070 | memset(&sinfo, 0, sizeof(sinfo)); | |
1071 | get_slabinfo(s, &sinfo); | |
1072 | ||
1073 | seq_printf(m, "%-17s %6lu %6lu %6u %4u %4d", | |
10befea9 | 1074 | s->name, sinfo.active_objs, sinfo.num_objs, s->size, |
0d7561c6 GC |
1075 | sinfo.objects_per_slab, (1 << sinfo.cache_order)); |
1076 | ||
1077 | seq_printf(m, " : tunables %4u %4u %4u", | |
1078 | sinfo.limit, sinfo.batchcount, sinfo.shared); | |
1079 | seq_printf(m, " : slabdata %6lu %6lu %6lu", | |
1080 | sinfo.active_slabs, sinfo.num_slabs, sinfo.shared_avail); | |
1081 | slabinfo_show_stats(m, s); | |
1082 | seq_putc(m, '\n'); | |
b7454ad3 GC |
1083 | } |
1084 | ||
1df3b26f | 1085 | static int slab_show(struct seq_file *m, void *p) |
749c5415 | 1086 | { |
c7094406 | 1087 | struct kmem_cache *s = list_entry(p, struct kmem_cache, list); |
749c5415 | 1088 | |
c7094406 | 1089 | if (p == slab_caches.next) |
1df3b26f | 1090 | print_slabinfo_header(m); |
10befea9 | 1091 | cache_show(s, m); |
b047501c VD |
1092 | return 0; |
1093 | } | |
1094 | ||
852d8be0 YS |
1095 | void dump_unreclaimable_slab(void) |
1096 | { | |
7714304f | 1097 | struct kmem_cache *s; |
852d8be0 YS |
1098 | struct slabinfo sinfo; |
1099 | ||
1100 | /* | |
1101 | * Here acquiring slab_mutex is risky since we don't prefer to get | |
1102 | * sleep in oom path. But, without mutex hold, it may introduce a | |
1103 | * risk of crash. | |
1104 | * Use mutex_trylock to protect the list traverse, dump nothing | |
1105 | * without acquiring the mutex. | |
1106 | */ | |
1107 | if (!mutex_trylock(&slab_mutex)) { | |
1108 | pr_warn("excessive unreclaimable slab but cannot dump stats\n"); | |
1109 | return; | |
1110 | } | |
1111 | ||
1112 | pr_info("Unreclaimable slab info:\n"); | |
1113 | pr_info("Name Used Total\n"); | |
1114 | ||
7714304f | 1115 | list_for_each_entry(s, &slab_caches, list) { |
10befea9 | 1116 | if (s->flags & SLAB_RECLAIM_ACCOUNT) |
852d8be0 YS |
1117 | continue; |
1118 | ||
1119 | get_slabinfo(s, &sinfo); | |
1120 | ||
1121 | if (sinfo.num_objs > 0) | |
10befea9 | 1122 | pr_info("%-17s %10luKB %10luKB\n", s->name, |
852d8be0 YS |
1123 | (sinfo.active_objs * s->size) / 1024, |
1124 | (sinfo.num_objs * s->size) / 1024); | |
1125 | } | |
1126 | mutex_unlock(&slab_mutex); | |
1127 | } | |
1128 | ||
b7454ad3 GC |
1129 | /* |
1130 | * slabinfo_op - iterator that generates /proc/slabinfo | |
1131 | * | |
1132 | * Output layout: | |
1133 | * cache-name | |
1134 | * num-active-objs | |
1135 | * total-objs | |
1136 | * object size | |
1137 | * num-active-slabs | |
1138 | * total-slabs | |
1139 | * num-pages-per-slab | |
1140 | * + further values on SMP and with statistics enabled | |
1141 | */ | |
1142 | static const struct seq_operations slabinfo_op = { | |
1df3b26f | 1143 | .start = slab_start, |
276a2439 WL |
1144 | .next = slab_next, |
1145 | .stop = slab_stop, | |
1df3b26f | 1146 | .show = slab_show, |
b7454ad3 GC |
1147 | }; |
1148 | ||
1149 | static int slabinfo_open(struct inode *inode, struct file *file) | |
1150 | { | |
1151 | return seq_open(file, &slabinfo_op); | |
1152 | } | |
1153 | ||
97a32539 | 1154 | static const struct proc_ops slabinfo_proc_ops = { |
d919b33d | 1155 | .proc_flags = PROC_ENTRY_PERMANENT, |
97a32539 AD |
1156 | .proc_open = slabinfo_open, |
1157 | .proc_read = seq_read, | |
1158 | .proc_write = slabinfo_write, | |
1159 | .proc_lseek = seq_lseek, | |
1160 | .proc_release = seq_release, | |
b7454ad3 GC |
1161 | }; |
1162 | ||
1163 | static int __init slab_proc_init(void) | |
1164 | { | |
97a32539 | 1165 | proc_create("slabinfo", SLABINFO_RIGHTS, NULL, &slabinfo_proc_ops); |
b7454ad3 GC |
1166 | return 0; |
1167 | } | |
1168 | module_init(slab_proc_init); | |
fcf8a1e4 | 1169 | |
a9e0b9f2 | 1170 | #endif /* CONFIG_SLUB_DEBUG */ |
928cec9c | 1171 | |
9ed9cac1 KC |
1172 | static __always_inline __realloc_size(2) void * |
1173 | __do_krealloc(const void *p, size_t new_size, gfp_t flags) | |
928cec9c AR |
1174 | { |
1175 | void *ret; | |
fa9ba3aa | 1176 | size_t ks; |
928cec9c | 1177 | |
38931d89 | 1178 | /* Check for double-free before calling ksize. */ |
d12d9ad8 AK |
1179 | if (likely(!ZERO_OR_NULL_PTR(p))) { |
1180 | if (!kasan_check_byte(p)) | |
1181 | return NULL; | |
38931d89 | 1182 | ks = ksize(p); |
d12d9ad8 AK |
1183 | } else |
1184 | ks = 0; | |
928cec9c | 1185 | |
d12d9ad8 | 1186 | /* If the object still fits, repoison it precisely. */ |
0316bec2 | 1187 | if (ks >= new_size) { |
0116523c | 1188 | p = kasan_krealloc((void *)p, new_size, flags); |
928cec9c | 1189 | return (void *)p; |
0316bec2 | 1190 | } |
928cec9c | 1191 | |
7bd230a2 | 1192 | ret = kmalloc_node_track_caller_noprof(new_size, flags, NUMA_NO_NODE, _RET_IP_); |
d12d9ad8 AK |
1193 | if (ret && p) { |
1194 | /* Disable KASAN checks as the object's redzone is accessed. */ | |
1195 | kasan_disable_current(); | |
1196 | memcpy(ret, kasan_reset_tag(p), ks); | |
1197 | kasan_enable_current(); | |
1198 | } | |
928cec9c AR |
1199 | |
1200 | return ret; | |
1201 | } | |
1202 | ||
928cec9c AR |
1203 | /** |
1204 | * krealloc - reallocate memory. The contents will remain unchanged. | |
1205 | * @p: object to reallocate memory for. | |
1206 | * @new_size: how many bytes of memory are required. | |
1207 | * @flags: the type of memory to allocate. | |
1208 | * | |
1209 | * The contents of the object pointed to are preserved up to the | |
15d5de49 BG |
1210 | * lesser of the new and old sizes (__GFP_ZERO flag is effectively ignored). |
1211 | * If @p is %NULL, krealloc() behaves exactly like kmalloc(). If @new_size | |
1212 | * is 0 and @p is not a %NULL pointer, the object pointed to is freed. | |
a862f68a MR |
1213 | * |
1214 | * Return: pointer to the allocated memory or %NULL in case of error | |
928cec9c | 1215 | */ |
7bd230a2 | 1216 | void *krealloc_noprof(const void *p, size_t new_size, gfp_t flags) |
928cec9c AR |
1217 | { |
1218 | void *ret; | |
1219 | ||
1220 | if (unlikely(!new_size)) { | |
1221 | kfree(p); | |
1222 | return ZERO_SIZE_PTR; | |
1223 | } | |
1224 | ||
1225 | ret = __do_krealloc(p, new_size, flags); | |
772a2fa5 | 1226 | if (ret && kasan_reset_tag(p) != kasan_reset_tag(ret)) |
928cec9c AR |
1227 | kfree(p); |
1228 | ||
1229 | return ret; | |
1230 | } | |
7bd230a2 | 1231 | EXPORT_SYMBOL(krealloc_noprof); |
928cec9c AR |
1232 | |
1233 | /** | |
453431a5 | 1234 | * kfree_sensitive - Clear sensitive information in memory before freeing |
928cec9c AR |
1235 | * @p: object to free memory of |
1236 | * | |
1237 | * The memory of the object @p points to is zeroed before freed. | |
453431a5 | 1238 | * If @p is %NULL, kfree_sensitive() does nothing. |
928cec9c AR |
1239 | * |
1240 | * Note: this function zeroes the whole allocated buffer which can be a good | |
1241 | * deal bigger than the requested buffer size passed to kmalloc(). So be | |
1242 | * careful when using this function in performance sensitive code. | |
1243 | */ | |
453431a5 | 1244 | void kfree_sensitive(const void *p) |
928cec9c AR |
1245 | { |
1246 | size_t ks; | |
1247 | void *mem = (void *)p; | |
1248 | ||
928cec9c | 1249 | ks = ksize(mem); |
38931d89 KC |
1250 | if (ks) { |
1251 | kasan_unpoison_range(mem, ks); | |
fa9ba3aa | 1252 | memzero_explicit(mem, ks); |
38931d89 | 1253 | } |
928cec9c AR |
1254 | kfree(mem); |
1255 | } | |
453431a5 | 1256 | EXPORT_SYMBOL(kfree_sensitive); |
928cec9c | 1257 | |
10d1f8cb ME |
1258 | size_t ksize(const void *objp) |
1259 | { | |
0d4ca4c9 | 1260 | /* |
38931d89 KC |
1261 | * We need to first check that the pointer to the object is valid. |
1262 | * The KASAN report printed from ksize() is more useful, then when | |
1263 | * it's printed later when the behaviour could be undefined due to | |
1264 | * a potential use-after-free or double-free. | |
0d4ca4c9 | 1265 | * |
611806b4 AK |
1266 | * We use kasan_check_byte(), which is supported for the hardware |
1267 | * tag-based KASAN mode, unlike kasan_check_read/write(). | |
1268 | * | |
1269 | * If the pointed to memory is invalid, we return 0 to avoid users of | |
0d4ca4c9 ME |
1270 | * ksize() writing to and potentially corrupting the memory region. |
1271 | * | |
1272 | * We want to perform the check before __ksize(), to avoid potentially | |
1273 | * crashing in __ksize() due to accessing invalid metadata. | |
1274 | */ | |
611806b4 | 1275 | if (unlikely(ZERO_OR_NULL_PTR(objp)) || !kasan_check_byte(objp)) |
0d4ca4c9 ME |
1276 | return 0; |
1277 | ||
38931d89 | 1278 | return kfence_ksize(objp) ?: __ksize(objp); |
10d1f8cb ME |
1279 | } |
1280 | EXPORT_SYMBOL(ksize); | |
1281 | ||
928cec9c AR |
1282 | /* Tracepoints definitions. */ |
1283 | EXPORT_TRACEPOINT_SYMBOL(kmalloc); | |
1284 | EXPORT_TRACEPOINT_SYMBOL(kmem_cache_alloc); | |
928cec9c AR |
1285 | EXPORT_TRACEPOINT_SYMBOL(kfree); |
1286 | EXPORT_TRACEPOINT_SYMBOL(kmem_cache_free); | |
4f6923fb | 1287 |