libutils: add free_wipe()

Adds function free_wipe(void *ptr) to clear a buffer before returning it to the heap. The pattern used to overwrite the data is 0x55. Users have to #include <stdlib_ext.h> to import the declaration. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
author: Jerome Forissier <jerome.forissier@linaro.org> 2019-02-13 13:19:38 +0100
committer: Jérôme Forissier <jerome.forissier@linaro.org> 2019-05-13 15:58:03 +0200
commit: 4e5706550a9624fbb6eadfc275036563a8737893 (patch)
tree: 2863de9ab363cd1fe4b076eb536763b80b355268
parent: e1509d6e6178011df581c535ee8bf8c147053df2 (diff)
4 files changed, 57 insertions, 21 deletions
diff --git a/lib/libutils/ext/include/stdlib_ext.h b/lib/libutils/ext/include/stdlib_ext.h
new file mode 100644
index 00000000..100d9f66
--- /dev/null
+++ b/lib/libutils/ext/include/stdlib_ext.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/*
+ * Copyright (c) 2019, Linaro Limited
+ */
+
+/*
+ * This file provides extensions to functions defined in <stdlib.h>
+ */
+
+#ifndef STDLIB_EXT_H
+#define STDLIB_EXT_H
+
+#include <stddef.h>
+
+/* Overwrite buffer with a fixed pattern and free it. @ptr may be NULL. */
+void free_wipe(void *ptr);
+
+#endif /* STDLIB_EXT_H */
diff --git a/lib/libutils/isoc/bget.c b/lib/libutils/isoc/bget.c
index f70a1145..2619874d 100644
--- a/lib/libutils/isoc/bget.c
+++ b/lib/libutils/isoc/bget.c
@@ -460,6 +460,7 @@
 #endif
 
 #include <stdio.h>
+#include <stdbool.h>
 
 #ifdef lint
 #define NDEBUG			      /* Exits in asserts confuse lint */
@@ -838,15 +839,16 @@ void *bgetr(buf, size, poolset)
     if (size > osize)
          V memset((char *) nbuf + osize, 0, size - osize);
 #endif
-    brel(buf, poolset);
+    brel(buf, poolset, false /* !wipe */);
     return nbuf;
 }
 
 /*  BREL  --  Release a buffer.  */
 
-void brel(buf, poolset)
+void brel(buf, poolset, wipe)
   void *buf;
   struct bpoolset *poolset;
+  int wipe;
 {
     struct bfhead *b, *bn;
     bufsize bs;
@@ -857,6 +859,9 @@ void brel(buf, poolset)
 #endif
     assert(buf != NULL);
 
+#ifdef FreeWipe
+    wipe = true;
+#endif
 #ifdef BECtl
     if (b->bh.bsize == 0) {	      /* Directly-acquired buffer? */
 	struct bdhead *bdh;
@@ -868,10 +873,11 @@ void brel(buf, poolset)
 	assert(poolset->totalloc >= 0);
 	poolset->numdrel++;	       /* Number of direct releases */
 #endif /* BufStats */
-#ifdef FreeWipe
-	V memset_unchecked((char *) buf, 0x55,
-			   (MemSize) (bdh->tsize - sizeof(struct bdhead)));
-#endif /* FreeWipe */
+	if (wipe) {
+		V memset_unchecked((char *) buf, 0x55,
+				   (MemSize) (bdh->tsize -
+					      sizeof(struct bdhead)));
+	}
 	bs = bdh->tsize - sizeof(struct bdhead);
 	assert(poolset->relfcn != NULL);
 	poolset->relfcn((void *) bdh);      /* Release it directly. */
@@ -956,10 +962,10 @@ void brel(buf, poolset)
 
 	bn = BFH(((char *) b) + b->bh.bsize);
     }
-#ifdef FreeWipe
-    V memset_unchecked(((char *) b) + sizeof(struct bfhead), 0x55,
-		       (MemSize) (b->bh.bsize - sizeof(struct bfhead)));
-#endif
+    if (wipe) {
+	V memset_unchecked(((char *) b) + sizeof(struct bfhead), 0x55,
+			   (MemSize) (b->bh.bsize - sizeof(struct bfhead)));
+    }
     assert(bn->bh.bsize < 0);
 
     /* The next buffer is allocated.  Set the backpointer in it  to  point
diff --git a/lib/libutils/isoc/bget.h b/lib/libutils/isoc/bget.h
index 941647db..8071639c 100644
--- a/lib/libutils/isoc/bget.h
+++ b/lib/libutils/isoc/bget.h
@@ -17,6 +17,7 @@
 
 */
 
+
 #ifndef _
 #ifdef PROTOTYPES
 #define  _(x)  x		      /* If compiler knows prototypes */
@@ -33,7 +34,7 @@ void   *bget	    _((bufsize size, struct bpoolset *poolset));
 void   *bgetz	    _((bufsize size, struct bpoolset *poolset));
 void   *bgetr	    _((void *buffer, bufsize newsize,
 		       struct bpoolset *poolset));
-void	brel	    _((void *buf, struct bpoolset *poolset));
+void	brel	    _((void *buf, struct bpoolset *poolset, int wipe));
 void	bectl	    _((int (*compact)(bufsize sizereq, int sequence),
 		       void *(*acquire)(bufsize size),
 		       void (*release)(void *buf), bufsize pool_incr,
diff --git a/lib/libutils/isoc/bget_malloc.c b/lib/libutils/isoc/bget_malloc.c
index e60e9de8..0200ffca 100644
--- a/lib/libutils/isoc/bget_malloc.c
+++ b/lib/libutils/isoc/bget_malloc.c
@@ -82,6 +82,7 @@
 #include <stdbool.h>
 #include <stdint.h>
 #include <stdlib.h>
+#include <stdlib_ext.h>
 #include <string.h>
 #include <trace.h>
 #include <util.h>
@@ -364,12 +365,12 @@ out:
 	return ptr;
 }
 
-static void raw_free(void *ptr, struct malloc_ctx *ctx)
+static void raw_free(void *ptr, struct malloc_ctx *ctx, bool wipe)
 {
 	raw_malloc_validate_pools(ctx);
 
 	if (ptr)
-		brel(ptr, &ctx->poolset);
+		brel(ptr, &ctx->poolset, wipe);
 }
 
 static void *raw_calloc(size_t hdr_size, size_t ftr_size, size_t pl_nmemb,
@@ -524,7 +525,7 @@ static void assert_header(struct mdbg_hdr *hdr __maybe_unused)
 	assert(*mdbg_get_footer(hdr) == MDBG_FOOTER_MAGIC);
 }
 
-static void gen_mdbg_free(struct malloc_ctx *ctx, void *ptr)
+static void gen_mdbg_free(struct malloc_ctx *ctx, void *ptr, bool wipe)
 {
 	struct mdbg_hdr *hdr = ptr;
 
@@ -533,15 +534,15 @@ static void gen_mdbg_free(struct malloc_ctx *ctx, void *ptr)
 		assert_header(hdr);
 		hdr->magic = 0;
 		*mdbg_get_footer(hdr) = 0;
-		raw_free(hdr, ctx);
+		raw_free(hdr, ctx, wipe);
 	}
 }
 
-void free(void *ptr)
+static void free_helper(void *ptr, bool wipe)
 {
 	uint32_t exceptions = malloc_lock(&malloc_ctx);
 
-	gen_mdbg_free(&malloc_ctx, ptr);
+	gen_mdbg_free(&malloc_ctx, ptr, wipe);
 	malloc_unlock(&malloc_ctx, exceptions);
 }
 
@@ -661,11 +662,11 @@ void *malloc(size_t size)
 	return p;
 }
 
-void free(void *ptr)
+static void free_helper(void *ptr, bool wipe)
 {
 	uint32_t exceptions = malloc_lock(&malloc_ctx);
 
-	raw_free(ptr, &malloc_ctx);
+	raw_free(ptr, &malloc_ctx, wipe);
 	malloc_unlock(&malloc_ctx, exceptions);
 }
 
@@ -703,6 +704,16 @@ static void *get_payload_start_size(void *ptr, size_t *size)
 
 #endif
 
+void free(void *ptr)
+{
+	free_helper(ptr, false);
+}
+
+void free_wipe(void *ptr)
+{
+	free_helper(ptr, true);
+}
+
 static void gen_malloc_add_pool(struct malloc_ctx *ctx, void *buf, size_t len)
 {
 	void *p;
@@ -861,7 +872,7 @@ void nex_free(void *ptr)
 {
 	uint32_t exceptions = malloc_lock(&nex_malloc_ctx);
 
-	raw_free(ptr, &nex_malloc_ctx);
+	raw_free(ptr, &nex_malloc_ctx, false /* !wipe */);
 	malloc_unlock(&nex_malloc_ctx, exceptions);
 }
 
@@ -891,7 +902,7 @@ void nex_free(void *ptr)
 {
 	uint32_t exceptions = malloc_lock(&nex_malloc_ctx);
 
-	gen_mdbg_free(&nex_malloc_ctx, ptr);
+	gen_mdbg_free(&nex_malloc_ctx, ptr, false /* !wipe */);
 	malloc_unlock(&nex_malloc_ctx, exceptions);
 }
author	Jerome Forissier <jerome.forissier@linaro.org>	2019-02-13 13:19:38 +0100
committer	Jérôme Forissier <jerome.forissier@linaro.org>	2019-05-13 15:58:03 +0200
commit	4e5706550a9624fbb6eadfc275036563a8737893 (patch)
tree	2863de9ab363cd1fe4b076eb536763b80b355268
parent	e1509d6e6178011df581c535ee8bf8c147053df2 (diff)