2005-04-17 02:20:36 +04:00
/*
* 2002 - 10 - 18 written by Jim Houston jim . houston @ ccur . com
* Copyright ( C ) 2002 by Concurrent Computer Corporation
* Distributed under the GNU GPL license version 2.
*
* Modified by George Anzinger to reuse immediately and to use
* find bit instructions . Also removed _irq on spinlocks .
*
2008-07-25 12:48:00 +04:00
* Modified by Nadia Derbey to make it RCU safe .
*
2005-10-31 02:02:14 +03:00
* Small id to pointer translation service .
2005-04-17 02:20:36 +04:00
*
2005-10-31 02:02:14 +03:00
* It uses a radix tree like structure as a sparse array indexed
2005-04-17 02:20:36 +04:00
* by the id to obtain the pointer . The bitmap makes allocating
2005-10-31 02:02:14 +03:00
* a new id quick .
2005-04-17 02:20:36 +04:00
*
* You call it to allocate an id ( an int ) an associate with that id a
* pointer or what ever , we treat it as a ( void * ) . You can pass this
* id to a user for him to pass back at a later time . You then pass
* that id to this code and it returns your pointer .
*/
# ifndef TEST // to test in user space...
# include <linux/slab.h>
# include <linux/init.h>
2011-11-17 06:29:17 +04:00
# include <linux/export.h>
2005-04-17 02:20:36 +04:00
# endif
2006-06-26 11:27:19 +04:00
# include <linux/err.h>
2005-04-17 02:20:36 +04:00
# include <linux/string.h>
# include <linux/idr.h>
2011-08-04 03:21:06 +04:00
# include <linux/spinlock.h>
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
# include <linux/percpu.h>
2005-04-17 02:20:36 +04:00
idr: remove MAX_IDR_MASK and move left MAX_IDR_* into idr.c
MAX_IDR_MASK is another weirdness in the idr interface. As idr covers
whole positive integer range, it's defined as 0x7fffffff or INT_MAX.
Its usage in idr_find(), idr_replace() and idr_remove() is bizarre.
They basically mask off the sign bit and operate on the rest, so if
the caller, by accident, passes in a negative number, the sign bit
will be masked off and the remaining part will be used as if that was
the input, which is worse than crashing.
The constant is visible in idr.h and there are several users in the
kernel.
* drivers/i2c/i2c-core.c:i2c_add_numbered_adapter()
Basically used to test if adap->nr is a negative number which isn't
-1 and returns -EINVAL if so. idr_alloc() already has negative
@start checking (w/ WARN_ON_ONCE), so this can go away.
* drivers/infiniband/core/cm.c:cm_alloc_id()
drivers/infiniband/hw/mlx4/cm.c:id_map_alloc()
Used to wrap cyclic @start. Can be replaced with max(next, 0).
Note that this type of cyclic allocation using idr is buggy. These
are prone to spurious -ENOSPC failure after the first wraparound.
* fs/super.c:get_anon_bdev()
The ID allocated from ida is masked off before being tested whether
it's inside valid range. ida allocated ID can never be a negative
number and the masking is unnecessary.
Update idr_*() functions to fail with -EINVAL when negative @id is
specified and update other MAX_IDR_MASK users as described above.
This leaves MAX_IDR_MASK without any user, remove it and relocate
other MAX_IDR_* constants to lib/idr.c.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jean Delvare <khali@linux-fr.org>
Cc: Roland Dreier <roland@kernel.org>
Cc: Sean Hefty <sean.hefty@intel.com>
Cc: Hal Rosenstock <hal.rosenstock@gmail.com>
Cc: "Marciniszyn, Mike" <mike.marciniszyn@intel.com>
Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Wolfram Sang <wolfram@the-dreams.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:05:04 +04:00
# define MAX_IDR_SHIFT (sizeof(int) * 8 - 1)
# define MAX_IDR_BIT (1U << MAX_IDR_SHIFT)
/* Leave the possibility of an incomplete final layer */
# define MAX_IDR_LEVEL ((MAX_IDR_SHIFT + IDR_BITS - 1) / IDR_BITS)
/* Number of id_layer structs to leave in free list */
# define MAX_IDR_FREE (MAX_IDR_LEVEL * 2)
2006-12-07 07:33:20 +03:00
static struct kmem_cache * idr_layer_cache ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
static DEFINE_PER_CPU ( struct idr_layer * , idr_preload_head ) ;
static DEFINE_PER_CPU ( int , idr_preload_cnt ) ;
2011-08-04 03:21:06 +04:00
static DEFINE_SPINLOCK ( simple_ida_lock ) ;
2005-04-17 02:20:36 +04:00
2013-02-28 05:05:02 +04:00
/* the maximum ID which can be allocated given idr->layers */
static int idr_max ( int layers )
{
int bits = min_t ( int , layers * IDR_BITS , MAX_IDR_SHIFT ) ;
return ( 1 < < bits ) - 1 ;
}
2013-02-28 05:05:07 +04:00
/*
* Prefix mask for an idr_layer at @ layer . For layer 0 , the prefix mask is
* all bits except for the lower IDR_BITS . For layer 1 , 2 * IDR_BITS , and
* so on .
*/
static int idr_layer_prefix_mask ( int layer )
{
return ~ idr_max ( layer + 1 ) ;
}
2008-07-25 12:47:58 +04:00
static struct idr_layer * get_from_free_list ( struct idr * idp )
2005-04-17 02:20:36 +04:00
{
struct idr_layer * p ;
2006-07-14 11:24:23 +04:00
unsigned long flags ;
2005-04-17 02:20:36 +04:00
2006-07-14 11:24:23 +04:00
spin_lock_irqsave ( & idp - > lock , flags ) ;
2005-04-17 02:20:36 +04:00
if ( ( p = idp - > id_free ) ) {
idp - > id_free = p - > ary [ 0 ] ;
idp - > id_free_cnt - - ;
p - > ary [ 0 ] = NULL ;
}
2006-07-14 11:24:23 +04:00
spin_unlock_irqrestore ( & idp - > lock , flags ) ;
2005-04-17 02:20:36 +04:00
return ( p ) ;
}
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
/**
* idr_layer_alloc - allocate a new idr_layer
* @ gfp_mask : allocation mask
* @ layer_idr : optional idr to allocate from
*
* If @ layer_idr is % NULL , directly allocate one using @ gfp_mask or fetch
* one from the per - cpu preload buffer . If @ layer_idr is not % NULL , fetch
* an idr_layer from @ idr - > id_free .
*
* @ layer_idr is to maintain backward compatibility with the old alloc
* interface - idr_pre_get ( ) and idr_get_new * ( ) - and will be removed
* together with per - pool preload buffer .
*/
static struct idr_layer * idr_layer_alloc ( gfp_t gfp_mask , struct idr * layer_idr )
{
struct idr_layer * new ;
/* this is the old path, bypass to get_from_free_list() */
if ( layer_idr )
return get_from_free_list ( layer_idr ) ;
2013-03-14 01:59:49 +04:00
/*
* Try to allocate directly from kmem_cache . We want to try this
* before preload buffer ; otherwise , non - preloading idr_alloc ( )
* users will end up taking advantage of preloading ones . As the
* following is allowed to fail for preloaded cases , suppress
* warning this time .
*/
new = kmem_cache_zalloc ( idr_layer_cache , gfp_mask | __GFP_NOWARN ) ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
if ( new )
return new ;
/*
* Try to fetch one from the per - cpu preload buffer if in process
* context . See idr_preload ( ) for details .
*/
2013-03-14 01:59:49 +04:00
if ( ! in_interrupt ( ) ) {
preempt_disable ( ) ;
new = __this_cpu_read ( idr_preload_head ) ;
if ( new ) {
__this_cpu_write ( idr_preload_head , new - > ary [ 0 ] ) ;
__this_cpu_dec ( idr_preload_cnt ) ;
new - > ary [ 0 ] = NULL ;
}
preempt_enable ( ) ;
if ( new )
return new ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
}
2013-03-14 01:59:49 +04:00
/*
* Both failed . Try kmem_cache again w / o adding __GFP_NOWARN so
* that memory allocation failure warning is printed as intended .
*/
return kmem_cache_zalloc ( idr_layer_cache , gfp_mask ) ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
}
2008-07-25 12:48:02 +04:00
static void idr_layer_rcu_free ( struct rcu_head * head )
{
struct idr_layer * layer ;
layer = container_of ( head , struct idr_layer , rcu_head ) ;
kmem_cache_free ( idr_layer_cache , layer ) ;
}
2013-02-28 05:05:08 +04:00
static inline void free_layer ( struct idr * idr , struct idr_layer * p )
2008-07-25 12:48:02 +04:00
{
2014-06-07 01:37:14 +04:00
if ( idr - > hint = = p )
2013-02-28 05:05:08 +04:00
RCU_INIT_POINTER ( idr - > hint , NULL ) ;
2008-07-25 12:48:02 +04:00
call_rcu ( & p - > rcu_head , idr_layer_rcu_free ) ;
}
2006-06-25 16:49:34 +04:00
/* only called when idp->lock is held */
2008-07-25 12:47:58 +04:00
static void __move_to_free_list ( struct idr * idp , struct idr_layer * p )
2006-06-25 16:49:34 +04:00
{
p - > ary [ 0 ] = idp - > id_free ;
idp - > id_free = p ;
idp - > id_free_cnt + + ;
}
2008-07-25 12:47:58 +04:00
static void move_to_free_list ( struct idr * idp , struct idr_layer * p )
2005-04-17 02:20:36 +04:00
{
2006-07-14 11:24:23 +04:00
unsigned long flags ;
2005-04-17 02:20:36 +04:00
/*
* Depends on the return element being zeroed .
*/
2006-07-14 11:24:23 +04:00
spin_lock_irqsave ( & idp - > lock , flags ) ;
2008-07-25 12:47:58 +04:00
__move_to_free_list ( idp , p ) ;
2006-07-14 11:24:23 +04:00
spin_unlock_irqrestore ( & idp - > lock , flags ) ;
2005-04-17 02:20:36 +04:00
}
2007-06-13 22:45:12 +04:00
static void idr_mark_full ( struct idr_layer * * pa , int id )
{
struct idr_layer * p = pa [ 0 ] ;
int l = 0 ;
2013-02-28 05:05:05 +04:00
__set_bit ( id & IDR_MASK , p - > bitmap ) ;
2007-06-13 22:45:12 +04:00
/*
* If this layer is full mark the bit in the layer above to
* show that this part of the radix tree is full . This may
* complete the layer above and require walking up the radix
* tree .
*/
2013-02-28 05:05:05 +04:00
while ( bitmap_full ( p - > bitmap , IDR_SIZE ) ) {
2007-06-13 22:45:12 +04:00
if ( ! ( p = pa [ + + l ] ) )
break ;
id = id > > IDR_BITS ;
2013-02-28 05:05:05 +04:00
__set_bit ( ( id & IDR_MASK ) , p - > bitmap ) ;
2007-06-13 22:45:12 +04:00
}
}
2014-04-08 02:38:52 +04:00
static int __idr_pre_get ( struct idr * idp , gfp_t gfp_mask )
2005-04-17 02:20:36 +04:00
{
2012-10-05 04:13:15 +04:00
while ( idp - > id_free_cnt < MAX_IDR_FREE ) {
2005-04-17 02:20:36 +04:00
struct idr_layer * new ;
2009-01-16 00:51:21 +03:00
new = kmem_cache_zalloc ( idr_layer_cache , gfp_mask ) ;
2005-10-31 02:02:14 +03:00
if ( new = = NULL )
2005-04-17 02:20:36 +04:00
return ( 0 ) ;
2008-07-25 12:47:58 +04:00
move_to_free_list ( idp , new ) ;
2005-04-17 02:20:36 +04:00
}
return 1 ;
}
2013-02-28 05:03:53 +04:00
/**
* sub_alloc - try to allocate an id without growing the tree depth
* @ idp : idr handle
* @ starting_id : id to start search at
* @ pa : idr_layer [ MAX_IDR_LEVEL ] used as backtrack buffer
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
* @ gfp_mask : allocation mask for idr_layer_alloc ( )
* @ layer_idr : optional idr passed to idr_layer_alloc ( )
2013-02-28 05:03:53 +04:00
*
* Allocate an id in range [ @ starting_id , INT_MAX ] from @ idp without
* growing its depth . Returns
*
* the allocated id > = 0 if successful ,
* - EAGAIN if the tree needs to grow for allocation to succeed ,
* - ENOSPC if the id space is exhausted ,
* - ENOMEM if more idr_layers need to be allocated .
*/
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
static int sub_alloc ( struct idr * idp , int * starting_id , struct idr_layer * * pa ,
gfp_t gfp_mask , struct idr * layer_idr )
2005-04-17 02:20:36 +04:00
{
int n , m , sh ;
struct idr_layer * p , * new ;
2007-06-13 22:45:12 +04:00
int l , id , oid ;
2005-04-17 02:20:36 +04:00
id = * starting_id ;
2007-06-13 22:45:12 +04:00
restart :
2005-04-17 02:20:36 +04:00
p = idp - > top ;
l = idp - > layers ;
pa [ l - - ] = NULL ;
while ( 1 ) {
/*
* We run around this while until we reach the leaf node . . .
*/
n = ( id > > ( IDR_BITS * l ) ) & IDR_MASK ;
2013-02-28 05:05:05 +04:00
m = find_next_zero_bit ( p - > bitmap , IDR_SIZE , n ) ;
2005-04-17 02:20:36 +04:00
if ( m = = IDR_SIZE ) {
/* no space available go back to previous layer. */
l + + ;
2007-06-13 22:45:12 +04:00
oid = id ;
2005-10-31 02:02:14 +03:00
id = ( id | ( ( 1 < < ( IDR_BITS * l ) ) - 1 ) ) + 1 ;
2007-06-13 22:45:12 +04:00
/* if already at the top layer, we need to grow */
idr: fix overflow bug during maximum ID calculation at maximum height
idr_replace() open-codes the logic to calculate the maximum valid ID
given the height of the idr tree; unfortunately, the open-coded logic
doesn't account for the fact that the top layer may have unused slots
and over-shifts the limit to zero when the tree is at its maximum
height.
The following test code shows it fails to replace the value for
id=((1<<27)+42):
static void test5(void)
{
int id;
DEFINE_IDR(test_idr);
#define TEST5_START ((1<<27)+42) /* use the highest layer */
printk(KERN_INFO "Start test5\n");
id = idr_alloc(&test_idr, (void *)1, TEST5_START, 0, GFP_KERNEL);
BUG_ON(id != TEST5_START);
TEST_BUG_ON(idr_replace(&test_idr, (void *)2, TEST5_START) != (void *)1);
idr_destroy(&test_idr);
printk(KERN_INFO "End of test5\n");
}
Fix the bug by using idr_max() which correctly takes into account the
maximum allowed shift.
sub_alloc() shares the same problem and may incorrectly fail with
-EAGAIN; however, this bug doesn't affect correct operation because
idr_get_empty_slot(), which already uses idr_max(), retries with the
increased @id in such cases.
[tj@kernel.org: Updated patch description.]
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-07 01:37:10 +04:00
if ( id > idr_max ( idp - > layers ) ) {
2005-04-17 02:20:36 +04:00
* starting_id = id ;
2013-02-28 05:03:53 +04:00
return - EAGAIN ;
2005-04-17 02:20:36 +04:00
}
2010-02-22 23:44:19 +03:00
p = pa [ l ] ;
BUG_ON ( ! p ) ;
2007-06-13 22:45:12 +04:00
/* If we need to go up one layer, continue the
* loop ; otherwise , restart from the top .
*/
sh = IDR_BITS * ( l + 1 ) ;
if ( oid > > sh = = id > > sh )
continue ;
else
goto restart ;
2005-04-17 02:20:36 +04:00
}
if ( m ! = n ) {
sh = IDR_BITS * l ;
id = ( ( id > > sh ) ^ n ^ m ) < < sh ;
}
2012-10-05 04:13:15 +04:00
if ( ( id > = MAX_IDR_BIT ) | | ( id < 0 ) )
2013-02-28 05:03:53 +04:00
return - ENOSPC ;
2005-04-17 02:20:36 +04:00
if ( l = = 0 )
break ;
/*
* Create the layer below if it is missing .
*/
if ( ! p - > ary [ m ] ) {
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
new = idr_layer_alloc ( gfp_mask , layer_idr ) ;
2008-07-25 12:47:58 +04:00
if ( ! new )
2013-02-28 05:03:53 +04:00
return - ENOMEM ;
2008-12-02 00:14:02 +03:00
new - > layer = l - 1 ;
2013-02-28 05:05:07 +04:00
new - > prefix = id & idr_layer_prefix_mask ( new - > layer ) ;
2008-07-25 12:48:00 +04:00
rcu_assign_pointer ( p - > ary [ m ] , new ) ;
2005-04-17 02:20:36 +04:00
p - > count + + ;
}
pa [ l - - ] = p ;
p = p - > ary [ m ] ;
}
2007-06-13 22:45:12 +04:00
pa [ l ] = p ;
return id ;
2005-04-17 02:20:36 +04:00
}
2007-06-13 22:45:12 +04:00
static int idr_get_empty_slot ( struct idr * idp , int starting_id ,
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
struct idr_layer * * pa , gfp_t gfp_mask ,
struct idr * layer_idr )
2005-04-17 02:20:36 +04:00
{
struct idr_layer * p , * new ;
int layers , v , id ;
2006-07-14 11:24:23 +04:00
unsigned long flags ;
2005-10-31 02:02:14 +03:00
2005-04-17 02:20:36 +04:00
id = starting_id ;
build_up :
p = idp - > top ;
layers = idp - > layers ;
if ( unlikely ( ! p ) ) {
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
if ( ! ( p = idr_layer_alloc ( gfp_mask , layer_idr ) ) )
2013-02-28 05:03:53 +04:00
return - ENOMEM ;
2008-12-02 00:14:02 +03:00
p - > layer = 0 ;
2005-04-17 02:20:36 +04:00
layers = 1 ;
}
/*
* Add a new layer to the top of the tree if the requested
* id is larger than the currently allocated space .
*/
2013-02-28 05:05:02 +04:00
while ( id > idr_max ( layers ) ) {
2005-04-17 02:20:36 +04:00
layers + + ;
2008-12-10 20:17:06 +03:00
if ( ! p - > count ) {
/* special case: if the tree is currently empty,
* then we grow the tree by moving the top node
* upwards .
*/
p - > layer + + ;
2013-02-28 05:05:07 +04:00
WARN_ON_ONCE ( p - > prefix ) ;
2005-04-17 02:20:36 +04:00
continue ;
2008-12-10 20:17:06 +03:00
}
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
if ( ! ( new = idr_layer_alloc ( gfp_mask , layer_idr ) ) ) {
2005-04-17 02:20:36 +04:00
/*
* The allocation failed . If we built part of
* the structure tear it down .
*/
2006-07-14 11:24:23 +04:00
spin_lock_irqsave ( & idp - > lock , flags ) ;
2005-04-17 02:20:36 +04:00
for ( new = p ; p & & p ! = idp - > top ; new = p ) {
p = p - > ary [ 0 ] ;
new - > ary [ 0 ] = NULL ;
2013-02-28 05:05:05 +04:00
new - > count = 0 ;
bitmap_clear ( new - > bitmap , 0 , IDR_SIZE ) ;
2008-07-25 12:47:58 +04:00
__move_to_free_list ( idp , new ) ;
2005-04-17 02:20:36 +04:00
}
2006-07-14 11:24:23 +04:00
spin_unlock_irqrestore ( & idp - > lock , flags ) ;
2013-02-28 05:03:53 +04:00
return - ENOMEM ;
2005-04-17 02:20:36 +04:00
}
new - > ary [ 0 ] = p ;
new - > count = 1 ;
2008-12-02 00:14:02 +03:00
new - > layer = layers - 1 ;
2013-02-28 05:05:07 +04:00
new - > prefix = id & idr_layer_prefix_mask ( new - > layer ) ;
2013-02-28 05:05:05 +04:00
if ( bitmap_full ( p - > bitmap , IDR_SIZE ) )
__set_bit ( 0 , new - > bitmap ) ;
2005-04-17 02:20:36 +04:00
p = new ;
}
2008-07-25 12:48:00 +04:00
rcu_assign_pointer ( idp - > top , p ) ;
2005-04-17 02:20:36 +04:00
idp - > layers = layers ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
v = sub_alloc ( idp , & id , pa , gfp_mask , layer_idr ) ;
2013-02-28 05:03:53 +04:00
if ( v = = - EAGAIN )
2005-04-17 02:20:36 +04:00
goto build_up ;
return ( v ) ;
}
2013-02-28 05:03:54 +04:00
/*
* @ id and @ pa are from a successful allocation from idr_get_empty_slot ( ) .
* Install the user pointer @ ptr and mark the slot full .
*/
2013-02-28 05:05:08 +04:00
static void idr_fill_slot ( struct idr * idr , void * ptr , int id ,
struct idr_layer * * pa )
2007-06-13 22:45:12 +04:00
{
2013-02-28 05:05:08 +04:00
/* update hint used for lookup, cleared from free_layer() */
rcu_assign_pointer ( idr - > hint , pa [ 0 ] ) ;
2013-02-28 05:03:54 +04:00
rcu_assign_pointer ( pa [ 0 ] - > ary [ id & IDR_MASK ] , ( struct idr_layer * ) ptr ) ;
pa [ 0 ] - > count + + ;
idr_mark_full ( pa , id ) ;
2007-06-13 22:45:12 +04:00
}
2005-04-17 02:20:36 +04:00
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
/**
* idr_preload - preload for idr_alloc ( )
* @ gfp_mask : allocation mask to use for preloading
*
* Preload per - cpu layer buffer for idr_alloc ( ) . Can only be used from
* process context and each idr_preload ( ) invocation should be matched with
* idr_preload_end ( ) . Note that preemption is disabled while preloaded .
*
* The first idr_alloc ( ) in the preloaded section can be treated as if it
* were invoked with @ gfp_mask used for preloading . This allows using more
* permissive allocation masks for idrs protected by spinlocks .
*
* For example , if idr_alloc ( ) below fails , the failure can be treated as
* if idr_alloc ( ) were called with GFP_KERNEL rather than GFP_NOWAIT .
*
* idr_preload ( GFP_KERNEL ) ;
* spin_lock ( lock ) ;
*
* id = idr_alloc ( idr , ptr , start , end , GFP_NOWAIT ) ;
*
* spin_unlock ( lock ) ;
* idr_preload_end ( ) ;
* if ( id < 0 )
* error ;
*/
void idr_preload ( gfp_t gfp_mask )
{
/*
* Consuming preload buffer from non - process context breaks preload
* allocation guarantee . Disallow usage from those contexts .
*/
WARN_ON_ONCE ( in_interrupt ( ) ) ;
might_sleep_if ( gfp_mask & __GFP_WAIT ) ;
preempt_disable ( ) ;
/*
* idr_alloc ( ) is likely to succeed w / o full idr_layer buffer and
* return value from idr_alloc ( ) needs to be checked for failure
* anyway . Silently give up if allocation fails . The caller can
* treat failures from idr_alloc ( ) as if idr_alloc ( ) were called
* with @ gfp_mask which should be enough .
*/
while ( __this_cpu_read ( idr_preload_cnt ) < MAX_IDR_FREE ) {
struct idr_layer * new ;
preempt_enable ( ) ;
new = kmem_cache_zalloc ( idr_layer_cache , gfp_mask ) ;
preempt_disable ( ) ;
if ( ! new )
break ;
/* link the new one to per-cpu preload list */
new - > ary [ 0 ] = __this_cpu_read ( idr_preload_head ) ;
__this_cpu_write ( idr_preload_head , new ) ;
__this_cpu_inc ( idr_preload_cnt ) ;
}
}
EXPORT_SYMBOL ( idr_preload ) ;
/**
* idr_alloc - allocate new idr entry
* @ idr : the ( initialized ) idr
* @ ptr : pointer to be associated with the new id
* @ start : the minimum id ( inclusive )
* @ end : the maximum id ( exclusive , < = 0 for max )
* @ gfp_mask : memory allocation flags
*
* Allocate an id in [ start , end ) and associate it with @ ptr . If no ID is
* available in the specified range , returns - ENOSPC . On memory allocation
* failure , returns - ENOMEM .
*
* Note that @ end is treated as max when < = 0. This is to always allow
* using @ start + N as @ end as long as N is inside integer range .
*
* The user is responsible for exclusively synchronizing all operations
* which may modify @ idr . However , read - only accesses such as idr_find ( )
* or iteration can be performed under RCU read lock provided the user
* destroys @ ptr in RCU - safe way after removal from idr .
*/
int idr_alloc ( struct idr * idr , void * ptr , int start , int end , gfp_t gfp_mask )
{
int max = end > 0 ? end - 1 : INT_MAX ; /* inclusive upper limit */
2013-02-28 05:05:02 +04:00
struct idr_layer * pa [ MAX_IDR_LEVEL + 1 ] ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
int id ;
might_sleep_if ( gfp_mask & __GFP_WAIT ) ;
/* sanity checks */
if ( WARN_ON_ONCE ( start < 0 ) )
return - EINVAL ;
if ( unlikely ( max < start ) )
return - ENOSPC ;
/* allocate id */
id = idr_get_empty_slot ( idr , start , pa , gfp_mask , NULL ) ;
if ( unlikely ( id < 0 ) )
return id ;
if ( unlikely ( id > max ) )
return - ENOSPC ;
2013-02-28 05:05:08 +04:00
idr_fill_slot ( idr , ptr , id , pa ) ;
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
return id ;
}
EXPORT_SYMBOL_GPL ( idr_alloc ) ;
2013-04-30 03:21:16 +04:00
/**
* idr_alloc_cyclic - allocate new idr entry in a cyclical fashion
* @ idr : the ( initialized ) idr
* @ ptr : pointer to be associated with the new id
* @ start : the minimum id ( inclusive )
* @ end : the maximum id ( exclusive , < = 0 for max )
* @ gfp_mask : memory allocation flags
*
* Essentially the same as idr_alloc , but prefers to allocate progressively
* higher ids if it can . If the " cur " counter wraps , then it will start again
* at the " start " end of the range and allocate one that has already been used .
*/
int idr_alloc_cyclic ( struct idr * idr , void * ptr , int start , int end ,
gfp_t gfp_mask )
{
int id ;
id = idr_alloc ( idr , ptr , max ( start , idr - > cur ) , end , gfp_mask ) ;
if ( id = = - ENOSPC )
id = idr_alloc ( idr , ptr , start , end , gfp_mask ) ;
if ( likely ( id > = 0 ) )
idr - > cur = id + 1 ;
return id ;
}
EXPORT_SYMBOL ( idr_alloc_cyclic ) ;
2005-04-17 02:20:36 +04:00
static void idr_remove_warning ( int id )
{
2013-07-04 02:08:47 +04:00
WARN ( 1 , " idr_remove called for id=%d which is not allocated. \n " , id ) ;
2005-04-17 02:20:36 +04:00
}
static void sub_remove ( struct idr * idp , int shift , int id )
{
struct idr_layer * p = idp - > top ;
2013-02-28 05:05:02 +04:00
struct idr_layer * * pa [ MAX_IDR_LEVEL + 1 ] ;
2005-04-17 02:20:36 +04:00
struct idr_layer * * * paa = & pa [ 0 ] ;
2008-07-25 12:48:02 +04:00
struct idr_layer * to_free ;
2005-04-17 02:20:36 +04:00
int n ;
* paa = NULL ;
* + + paa = & idp - > top ;
while ( ( shift > 0 ) & & p ) {
n = ( id > > shift ) & IDR_MASK ;
2013-02-28 05:05:05 +04:00
__clear_bit ( n , p - > bitmap ) ;
2005-04-17 02:20:36 +04:00
* + + paa = & p - > ary [ n ] ;
p = p - > ary [ n ] ;
shift - = IDR_BITS ;
}
n = id & IDR_MASK ;
2013-02-28 05:05:05 +04:00
if ( likely ( p ! = NULL & & test_bit ( n , p - > bitmap ) ) ) {
__clear_bit ( n , p - > bitmap ) ;
2014-04-08 02:38:54 +04:00
RCU_INIT_POINTER ( p - > ary [ n ] , NULL ) ;
2008-07-25 12:48:02 +04:00
to_free = NULL ;
2005-04-17 02:20:36 +04:00
while ( * paa & & ! - - ( ( * * paa ) - > count ) ) {
2008-07-25 12:48:02 +04:00
if ( to_free )
2013-02-28 05:05:08 +04:00
free_layer ( idp , to_free ) ;
2008-07-25 12:48:02 +04:00
to_free = * * paa ;
2005-04-17 02:20:36 +04:00
* * paa - - = NULL ;
}
2005-10-31 02:02:14 +03:00
if ( ! * paa )
2005-04-17 02:20:36 +04:00
idp - > layers = 0 ;
2008-07-25 12:48:02 +04:00
if ( to_free )
2013-02-28 05:05:08 +04:00
free_layer ( idp , to_free ) ;
2005-10-31 02:02:14 +03:00
} else
2005-04-17 02:20:36 +04:00
idr_remove_warning ( id ) ;
}
/**
2010-10-27 01:19:08 +04:00
* idr_remove - remove the given id and free its slot
2007-02-10 12:45:59 +03:00
* @ idp : idr handle
* @ id : unique key
2005-04-17 02:20:36 +04:00
*/
void idr_remove ( struct idr * idp , int id )
{
struct idr_layer * p ;
2008-07-25 12:48:02 +04:00
struct idr_layer * to_free ;
2005-04-17 02:20:36 +04:00
2013-03-09 00:43:30 +04:00
if ( id < 0 )
idr: remove MAX_IDR_MASK and move left MAX_IDR_* into idr.c
MAX_IDR_MASK is another weirdness in the idr interface. As idr covers
whole positive integer range, it's defined as 0x7fffffff or INT_MAX.
Its usage in idr_find(), idr_replace() and idr_remove() is bizarre.
They basically mask off the sign bit and operate on the rest, so if
the caller, by accident, passes in a negative number, the sign bit
will be masked off and the remaining part will be used as if that was
the input, which is worse than crashing.
The constant is visible in idr.h and there are several users in the
kernel.
* drivers/i2c/i2c-core.c:i2c_add_numbered_adapter()
Basically used to test if adap->nr is a negative number which isn't
-1 and returns -EINVAL if so. idr_alloc() already has negative
@start checking (w/ WARN_ON_ONCE), so this can go away.
* drivers/infiniband/core/cm.c:cm_alloc_id()
drivers/infiniband/hw/mlx4/cm.c:id_map_alloc()
Used to wrap cyclic @start. Can be replaced with max(next, 0).
Note that this type of cyclic allocation using idr is buggy. These
are prone to spurious -ENOSPC failure after the first wraparound.
* fs/super.c:get_anon_bdev()
The ID allocated from ida is masked off before being tested whether
it's inside valid range. ida allocated ID can never be a negative
number and the masking is unnecessary.
Update idr_*() functions to fail with -EINVAL when negative @id is
specified and update other MAX_IDR_MASK users as described above.
This leaves MAX_IDR_MASK without any user, remove it and relocate
other MAX_IDR_* constants to lib/idr.c.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jean Delvare <khali@linux-fr.org>
Cc: Roland Dreier <roland@kernel.org>
Cc: Sean Hefty <sean.hefty@intel.com>
Cc: Hal Rosenstock <hal.rosenstock@gmail.com>
Cc: "Marciniszyn, Mike" <mike.marciniszyn@intel.com>
Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Wolfram Sang <wolfram@the-dreams.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:05:04 +04:00
return ;
2005-04-17 02:20:36 +04:00
2014-06-07 01:37:11 +04:00
if ( id > idr_max ( idp - > layers ) ) {
idr_remove_warning ( id ) ;
return ;
}
2005-04-17 02:20:36 +04:00
sub_remove ( idp , ( idp - > layers - 1 ) * IDR_BITS , id ) ;
2005-10-31 02:02:14 +03:00
if ( idp - > top & & idp - > top - > count = = 1 & & ( idp - > layers > 1 ) & &
2008-07-25 12:48:02 +04:00
idp - > top - > ary [ 0 ] ) {
/*
* Single child at leftmost slot : we can shrink the tree .
* This level is not needed anymore since when layers are
* inserted , they are inserted at the top of the existing
* tree .
*/
to_free = idp - > top ;
2005-04-17 02:20:36 +04:00
p = idp - > top - > ary [ 0 ] ;
2008-07-25 12:48:02 +04:00
rcu_assign_pointer ( idp - > top , p ) ;
2005-04-17 02:20:36 +04:00
- - idp - > layers ;
2013-02-28 05:05:05 +04:00
to_free - > count = 0 ;
bitmap_clear ( to_free - > bitmap , 0 , IDR_SIZE ) ;
2013-02-28 05:05:08 +04:00
free_layer ( idp , to_free ) ;
2005-04-17 02:20:36 +04:00
}
}
EXPORT_SYMBOL ( idr_remove ) ;
2014-04-08 02:38:52 +04:00
static void __idr_remove_all ( struct idr * idp )
2007-07-16 10:37:24 +04:00
{
2007-07-31 11:39:19 +04:00
int n , id , max ;
idr: fix backtrack logic in idr_remove_all
Currently idr_remove_all will fail with a use after free error if
idr::layers is bigger than 2, which on 32 bit systems corresponds to items
more than 1024. This is due to stepping back too many levels during
backtracking. For simplicity let's assume that IDR_BITS=1 -> we have 2
nodes at each level below the root node and each leaf node stores two IDs.
(In reality for 32 bit systems IDR_BITS=5, with 32 nodes at each sub-root
level and 32 IDs in each leaf node). The sequence of freeing the nodes at
the moment is as follows:
layer
1 -> a(7)
2 -> b(3) c(5)
3 -> d(1) e(2) f(4) g(6)
Until step 4 things go fine, but then node c is freed, whereas node g
should be freed first. Since node c contains the pointer to node g we'll
have a use after free error at step 6.
How many levels we step back after visiting the leaf nodes is currently
determined by the msb of the id we are currently visiting:
Step
1. node d with IDs 0,1 is freed, current ID is advanced to 2.
msb of the current ID bit 1. This means we need to step back
1 level to node b and take the next sibling, node e.
2-3. node e with IDs 2,3 is freed, current ID is 4, msb is bit 2.
This means we need to step back 2 levels to node a, freeing
node b on the way.
4-5. node f with IDs 4,5 is freed, current ID is 6, msb is still
bit 2. This means we again need to step back 2 levels to node
a and free c on the way.
6. We should visit node g, but its pointer is not available as
node c was freed.
The fix changes how we determine the number of levels to step back.
Instead of deducting this merely from the msb of the current ID, we should
really check if advancing the ID causes an overflow to a bit position
corresponding to a given layer. In the above example overflow from bit 0
to bit 1 should mean stepping back 1 level. Overflow from bit 1 to bit 2
should mean stepping back 2 levels and so on.
The fix was tested with IDs up to 1 << 20, which corresponds to 4 layers
on 32 bit systems.
Signed-off-by: Imre Deak <imre.deak@nokia.com>
Reviewed-by: Tejun Heo <tj@kernel.org>
Cc: Eric Paris <eparis@redhat.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: <stable@kernel.org> [2.6.34.1]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-05-27 01:43:38 +04:00
int bt_mask ;
2007-07-16 10:37:24 +04:00
struct idr_layer * p ;
2013-02-28 05:05:02 +04:00
struct idr_layer * pa [ MAX_IDR_LEVEL + 1 ] ;
2007-07-16 10:37:24 +04:00
struct idr_layer * * paa = & pa [ 0 ] ;
n = idp - > layers * IDR_BITS ;
2014-08-09 01:22:07 +04:00
* paa = idp - > top ;
2014-04-08 02:38:54 +04:00
RCU_INIT_POINTER ( idp - > top , NULL ) ;
2013-02-28 05:05:02 +04:00
max = idr_max ( idp - > layers ) ;
2007-07-16 10:37:24 +04:00
id = 0 ;
2013-02-28 05:05:02 +04:00
while ( id > = 0 & & id < = max ) {
2014-08-09 01:22:07 +04:00
p = * paa ;
2007-07-16 10:37:24 +04:00
while ( n > IDR_BITS & & p ) {
n - = IDR_BITS ;
p = p - > ary [ ( id > > n ) & IDR_MASK ] ;
2014-08-09 01:22:07 +04:00
* + + paa = p ;
2007-07-16 10:37:24 +04:00
}
idr: fix backtrack logic in idr_remove_all
Currently idr_remove_all will fail with a use after free error if
idr::layers is bigger than 2, which on 32 bit systems corresponds to items
more than 1024. This is due to stepping back too many levels during
backtracking. For simplicity let's assume that IDR_BITS=1 -> we have 2
nodes at each level below the root node and each leaf node stores two IDs.
(In reality for 32 bit systems IDR_BITS=5, with 32 nodes at each sub-root
level and 32 IDs in each leaf node). The sequence of freeing the nodes at
the moment is as follows:
layer
1 -> a(7)
2 -> b(3) c(5)
3 -> d(1) e(2) f(4) g(6)
Until step 4 things go fine, but then node c is freed, whereas node g
should be freed first. Since node c contains the pointer to node g we'll
have a use after free error at step 6.
How many levels we step back after visiting the leaf nodes is currently
determined by the msb of the id we are currently visiting:
Step
1. node d with IDs 0,1 is freed, current ID is advanced to 2.
msb of the current ID bit 1. This means we need to step back
1 level to node b and take the next sibling, node e.
2-3. node e with IDs 2,3 is freed, current ID is 4, msb is bit 2.
This means we need to step back 2 levels to node a, freeing
node b on the way.
4-5. node f with IDs 4,5 is freed, current ID is 6, msb is still
bit 2. This means we again need to step back 2 levels to node
a and free c on the way.
6. We should visit node g, but its pointer is not available as
node c was freed.
The fix changes how we determine the number of levels to step back.
Instead of deducting this merely from the msb of the current ID, we should
really check if advancing the ID causes an overflow to a bit position
corresponding to a given layer. In the above example overflow from bit 0
to bit 1 should mean stepping back 1 level. Overflow from bit 1 to bit 2
should mean stepping back 2 levels and so on.
The fix was tested with IDs up to 1 << 20, which corresponds to 4 layers
on 32 bit systems.
Signed-off-by: Imre Deak <imre.deak@nokia.com>
Reviewed-by: Tejun Heo <tj@kernel.org>
Cc: Eric Paris <eparis@redhat.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: <stable@kernel.org> [2.6.34.1]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-05-27 01:43:38 +04:00
bt_mask = id ;
2007-07-16 10:37:24 +04:00
id + = 1 < < n ;
idr: fix backtrack logic in idr_remove_all
Currently idr_remove_all will fail with a use after free error if
idr::layers is bigger than 2, which on 32 bit systems corresponds to items
more than 1024. This is due to stepping back too many levels during
backtracking. For simplicity let's assume that IDR_BITS=1 -> we have 2
nodes at each level below the root node and each leaf node stores two IDs.
(In reality for 32 bit systems IDR_BITS=5, with 32 nodes at each sub-root
level and 32 IDs in each leaf node). The sequence of freeing the nodes at
the moment is as follows:
layer
1 -> a(7)
2 -> b(3) c(5)
3 -> d(1) e(2) f(4) g(6)
Until step 4 things go fine, but then node c is freed, whereas node g
should be freed first. Since node c contains the pointer to node g we'll
have a use after free error at step 6.
How many levels we step back after visiting the leaf nodes is currently
determined by the msb of the id we are currently visiting:
Step
1. node d with IDs 0,1 is freed, current ID is advanced to 2.
msb of the current ID bit 1. This means we need to step back
1 level to node b and take the next sibling, node e.
2-3. node e with IDs 2,3 is freed, current ID is 4, msb is bit 2.
This means we need to step back 2 levels to node a, freeing
node b on the way.
4-5. node f with IDs 4,5 is freed, current ID is 6, msb is still
bit 2. This means we again need to step back 2 levels to node
a and free c on the way.
6. We should visit node g, but its pointer is not available as
node c was freed.
The fix changes how we determine the number of levels to step back.
Instead of deducting this merely from the msb of the current ID, we should
really check if advancing the ID causes an overflow to a bit position
corresponding to a given layer. In the above example overflow from bit 0
to bit 1 should mean stepping back 1 level. Overflow from bit 1 to bit 2
should mean stepping back 2 levels and so on.
The fix was tested with IDs up to 1 << 20, which corresponds to 4 layers
on 32 bit systems.
Signed-off-by: Imre Deak <imre.deak@nokia.com>
Reviewed-by: Tejun Heo <tj@kernel.org>
Cc: Eric Paris <eparis@redhat.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: <stable@kernel.org> [2.6.34.1]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-05-27 01:43:38 +04:00
/* Get the highest bit that the above add changed from 0->1. */
while ( n < fls ( id ^ bt_mask ) ) {
2014-08-09 01:22:07 +04:00
if ( * paa )
free_layer ( idp , * paa ) ;
2007-07-16 10:37:24 +04:00
n + = IDR_BITS ;
2014-08-09 01:22:07 +04:00
- - paa ;
2007-07-16 10:37:24 +04:00
}
}
idp - > layers = 0 ;
}
2005-10-23 23:57:18 +04:00
/**
* idr_destroy - release all cached layers within an idr tree
2010-08-30 19:37:03 +04:00
* @ idp : idr handle
2013-02-28 05:03:35 +04:00
*
* Free all id mappings and all idp_layers . After this function , @ idp is
* completely unused and can be freed / recycled . The caller is
* responsible for ensuring that no one else accesses @ idp during or after
* idr_destroy ( ) .
*
* A typical clean - up sequence for objects stored in an idr tree will use
2014-09-08 20:27:23 +04:00
* idr_for_each ( ) to free all objects , if necessary , then idr_destroy ( ) to
2013-02-28 05:03:35 +04:00
* free up the id mappings and cached idr_layers .
2005-10-23 23:57:18 +04:00
*/
void idr_destroy ( struct idr * idp )
{
2013-02-28 05:03:50 +04:00
__idr_remove_all ( idp ) ;
2013-02-28 05:03:35 +04:00
2005-10-23 23:57:18 +04:00
while ( idp - > id_free_cnt ) {
2008-07-25 12:47:58 +04:00
struct idr_layer * p = get_from_free_list ( idp ) ;
2005-10-23 23:57:18 +04:00
kmem_cache_free ( idr_layer_cache , p ) ;
}
}
EXPORT_SYMBOL ( idr_destroy ) ;
2013-02-28 05:05:08 +04:00
void * idr_find_slowpath ( struct idr * idp , int id )
2005-04-17 02:20:36 +04:00
{
int n ;
struct idr_layer * p ;
2013-03-09 00:43:30 +04:00
if ( id < 0 )
idr: remove MAX_IDR_MASK and move left MAX_IDR_* into idr.c
MAX_IDR_MASK is another weirdness in the idr interface. As idr covers
whole positive integer range, it's defined as 0x7fffffff or INT_MAX.
Its usage in idr_find(), idr_replace() and idr_remove() is bizarre.
They basically mask off the sign bit and operate on the rest, so if
the caller, by accident, passes in a negative number, the sign bit
will be masked off and the remaining part will be used as if that was
the input, which is worse than crashing.
The constant is visible in idr.h and there are several users in the
kernel.
* drivers/i2c/i2c-core.c:i2c_add_numbered_adapter()
Basically used to test if adap->nr is a negative number which isn't
-1 and returns -EINVAL if so. idr_alloc() already has negative
@start checking (w/ WARN_ON_ONCE), so this can go away.
* drivers/infiniband/core/cm.c:cm_alloc_id()
drivers/infiniband/hw/mlx4/cm.c:id_map_alloc()
Used to wrap cyclic @start. Can be replaced with max(next, 0).
Note that this type of cyclic allocation using idr is buggy. These
are prone to spurious -ENOSPC failure after the first wraparound.
* fs/super.c:get_anon_bdev()
The ID allocated from ida is masked off before being tested whether
it's inside valid range. ida allocated ID can never be a negative
number and the masking is unnecessary.
Update idr_*() functions to fail with -EINVAL when negative @id is
specified and update other MAX_IDR_MASK users as described above.
This leaves MAX_IDR_MASK without any user, remove it and relocate
other MAX_IDR_* constants to lib/idr.c.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jean Delvare <khali@linux-fr.org>
Cc: Roland Dreier <roland@kernel.org>
Cc: Sean Hefty <sean.hefty@intel.com>
Cc: Hal Rosenstock <hal.rosenstock@gmail.com>
Cc: "Marciniszyn, Mike" <mike.marciniszyn@intel.com>
Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Wolfram Sang <wolfram@the-dreams.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:05:04 +04:00
return NULL ;
2010-02-23 04:04:55 +03:00
p = rcu_dereference_raw ( idp - > top ) ;
2008-12-02 00:14:02 +03:00
if ( ! p )
return NULL ;
n = ( p - > layer + 1 ) * IDR_BITS ;
2005-04-17 02:20:36 +04:00
2013-02-28 05:05:02 +04:00
if ( id > idr_max ( p - > layer + 1 ) )
2005-04-17 02:20:36 +04:00
return NULL ;
2008-12-02 00:14:02 +03:00
BUG_ON ( n = = 0 ) ;
2005-04-17 02:20:36 +04:00
while ( n > 0 & & p ) {
n - = IDR_BITS ;
2008-12-02 00:14:02 +03:00
BUG_ON ( n ! = p - > layer * IDR_BITS ) ;
2010-02-23 04:04:55 +03:00
p = rcu_dereference_raw ( p - > ary [ ( id > > n ) & IDR_MASK ] ) ;
2005-04-17 02:20:36 +04:00
}
return ( ( void * ) p ) ;
}
2013-02-28 05:05:08 +04:00
EXPORT_SYMBOL ( idr_find_slowpath ) ;
2005-04-17 02:20:36 +04:00
2007-07-16 10:37:24 +04:00
/**
* idr_for_each - iterate through all stored pointers
* @ idp : idr handle
* @ fn : function to be called for each pointer
* @ data : data passed back to callback function
*
* Iterate over the pointers registered with the given idr . The
* callback function will be called for each pointer currently
* registered , passing the id , the pointer and the data pointer passed
* to this function . It is not safe to modify the idr tree while in
* the callback , so functions such as idr_get_new and idr_remove are
* not allowed .
*
* We check the return of @ fn each time . If it returns anything other
2010-10-27 01:19:08 +04:00
* than % 0 , we break out and return that value .
2007-07-16 10:37:24 +04:00
*
* The caller must serialize idr_for_each ( ) vs idr_get_new ( ) and idr_remove ( ) .
*/
int idr_for_each ( struct idr * idp ,
int ( * fn ) ( int id , void * p , void * data ) , void * data )
{
int n , id , max , error = 0 ;
struct idr_layer * p ;
2013-02-28 05:05:02 +04:00
struct idr_layer * pa [ MAX_IDR_LEVEL + 1 ] ;
2007-07-16 10:37:24 +04:00
struct idr_layer * * paa = & pa [ 0 ] ;
n = idp - > layers * IDR_BITS ;
2014-08-09 01:22:07 +04:00
* paa = rcu_dereference_raw ( idp - > top ) ;
2013-02-28 05:05:02 +04:00
max = idr_max ( idp - > layers ) ;
2007-07-16 10:37:24 +04:00
id = 0 ;
2013-02-28 05:05:02 +04:00
while ( id > = 0 & & id < = max ) {
2014-08-09 01:22:07 +04:00
p = * paa ;
2007-07-16 10:37:24 +04:00
while ( n > 0 & & p ) {
n - = IDR_BITS ;
2010-02-23 04:04:55 +03:00
p = rcu_dereference_raw ( p - > ary [ ( id > > n ) & IDR_MASK ] ) ;
2014-08-09 01:22:07 +04:00
* + + paa = p ;
2007-07-16 10:37:24 +04:00
}
if ( p ) {
error = fn ( id , ( void * ) p , data ) ;
if ( error )
break ;
}
id + = 1 < < n ;
while ( n < fls ( id ) ) {
n + = IDR_BITS ;
2014-08-09 01:22:07 +04:00
- - paa ;
2007-07-16 10:37:24 +04:00
}
}
return error ;
}
EXPORT_SYMBOL ( idr_for_each ) ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
/**
* idr_get_next - lookup next object of id to given id .
* @ idp : idr handle
2010-08-30 19:37:03 +04:00
* @ nextidp : pointer to lookup key
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
*
* Returns pointer to registered object with id , which is next number to
2010-08-27 12:43:46 +04:00
* given id . After being looked up , * @ nextidp will be updated for the next
* iteration .
2012-03-22 03:34:20 +04:00
*
* This function can be called under rcu_read_lock ( ) , given that the leaf
* pointers lifetimes are correctly managed .
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
*/
void * idr_get_next ( struct idr * idp , int * nextidp )
{
2013-02-28 05:05:02 +04:00
struct idr_layer * p , * pa [ MAX_IDR_LEVEL + 1 ] ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
struct idr_layer * * paa = & pa [ 0 ] ;
int id = * nextidp ;
int n , max ;
/* find first ent */
2014-08-09 01:22:07 +04:00
p = * paa = rcu_dereference_raw ( idp - > top ) ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
if ( ! p )
return NULL ;
2012-03-22 03:34:20 +04:00
n = ( p - > layer + 1 ) * IDR_BITS ;
2013-02-28 05:05:02 +04:00
max = idr_max ( p - > layer + 1 ) ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
2013-02-28 05:05:02 +04:00
while ( id > = 0 & & id < = max ) {
2014-08-09 01:22:07 +04:00
p = * paa ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
while ( n > 0 & & p ) {
n - = IDR_BITS ;
2010-06-08 04:09:45 +04:00
p = rcu_dereference_raw ( p - > ary [ ( id > > n ) & IDR_MASK ] ) ;
2014-08-09 01:22:07 +04:00
* + + paa = p ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
}
if ( p ) {
* nextidp = id ;
return p ;
}
idr: fix a subtle bug in idr_get_next()
The iteration logic of idr_get_next() is borrowed mostly verbatim from
idr_for_each(). It walks down the tree looking for the slot matching
the current ID. If the matching slot is not found, the ID is
incremented by the distance of single slot at the given level and
repeats.
The implementation assumes that during the whole iteration id is aligned
to the layer boundaries of the level closest to the leaf, which is true
for all iterations starting from zero or an existing element and thus is
fine for idr_for_each().
However, idr_get_next() may be given any point and if the starting id
hits in the middle of a non-existent layer, increment to the next layer
will end up skipping the same offset into it. For example, an IDR with
IDs filled between [64, 127] would look like the following.
[ 0 64 ... ]
/----/ |
| |
NULL [ 64 ... 127 ]
If idr_get_next() is called with 63 as the starting point, it will try
to follow down the pointer from 0. As it is NULL, it will then try to
proceed to the next slot in the same level by adding the slot distance
at that level which is 64 - making the next try 127. It goes around the
loop and finds and returns 127 skipping [64, 126].
Note that this bug also triggers in idr_for_each_entry() loop which
deletes during iteration as deletions can make layers go away leaving
the iteration with unaligned ID into missing layers.
Fix it by ensuring proceeding to the next slot doesn't carry over the
unaligned offset - ie. use round_up(id + 1, slot_distance) instead of
id += slot_distance.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: David Teigland <teigland@redhat.com>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:34 +04:00
/*
* Proceed to the next layer at the current level . Unlike
* idr_for_each ( ) , @ id isn ' t guaranteed to be aligned to
* layer boundary at this point and adding 1 < < n may
* incorrectly skip IDs . Make sure we jump to the
* beginning of the next layer using round_up ( ) .
*/
id = round_up ( id + 1 , 1 < < n ) ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
while ( n < fls ( id ) ) {
n + = IDR_BITS ;
2014-08-09 01:22:07 +04:00
- - paa ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
}
}
return NULL ;
}
2010-01-29 23:59:17 +03:00
EXPORT_SYMBOL ( idr_get_next ) ;
cgroup: CSS ID support
Patch for Per-CSS(Cgroup Subsys State) ID and private hierarchy code.
This patch attaches unique ID to each css and provides following.
- css_lookup(subsys, id)
returns pointer to struct cgroup_subysys_state of id.
- css_get_next(subsys, id, rootid, depth, foundid)
returns the next css under "root" by scanning
When cgroup_subsys->use_id is set, an id for css is maintained.
The cgroup framework only parepares
- css_id of root css for subsys
- id is automatically attached at creation of css.
- id is *not* freed automatically. Because the cgroup framework
don't know lifetime of cgroup_subsys_state.
free_css_id() function is provided. This must be called by subsys.
There are several reasons to develop this.
- Saving space .... For example, memcg's swap_cgroup is array of
pointers to cgroup. But it is not necessary to be very fast.
By replacing pointers(8bytes per ent) to ID (2byes per ent), we can
reduce much amount of memory usage.
- Scanning without lock.
CSS_ID provides "scan id under this ROOT" function. By this, scanning
css under root can be written without locks.
ex)
do {
rcu_read_lock();
next = cgroup_get_next(subsys, id, root, &found);
/* check sanity of next here */
css_tryget();
rcu_read_unlock();
id = found + 1
} while(...)
Characteristics:
- Each css has unique ID under subsys.
- Lifetime of ID is controlled by subsys.
- css ID contains "ID" and "Depth in hierarchy" and stack of hierarchy
- Allowed ID is 1-65535, ID 0 is UNUSED ID.
Design Choices:
- scan-by-ID v.s. scan-by-tree-walk.
As /proc's pid scan does, scan-by-ID is robust when scanning is done
by following kind of routine.
scan -> rest a while(release a lock) -> conitunue from interrupted
memcg's hierarchical reclaim does this.
- When subsys->use_id is set, # of css in the system is limited to
65535.
[bharata@linux.vnet.ibm.com: remove rcu_read_lock() from css_get_next()]
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Li Zefan <lizf@cn.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-03 03:57:25 +04:00
2006-06-26 11:27:19 +04:00
/**
* idr_replace - replace pointer for given id
* @ idp : idr handle
* @ ptr : pointer you want associated with the id
* @ id : lookup key
*
* Replace the pointer registered with an id and return the old value .
2010-10-27 01:19:08 +04:00
* A % - ENOENT return indicates that @ id was not found .
* A % - EINVAL return indicates that @ id was not within valid constraints .
2006-06-26 11:27:19 +04:00
*
2008-07-25 12:48:02 +04:00
* The caller must serialize with writers .
2006-06-26 11:27:19 +04:00
*/
void * idr_replace ( struct idr * idp , void * ptr , int id )
{
int n ;
struct idr_layer * p , * old_p ;
2013-03-09 00:43:30 +04:00
if ( id < 0 )
idr: remove MAX_IDR_MASK and move left MAX_IDR_* into idr.c
MAX_IDR_MASK is another weirdness in the idr interface. As idr covers
whole positive integer range, it's defined as 0x7fffffff or INT_MAX.
Its usage in idr_find(), idr_replace() and idr_remove() is bizarre.
They basically mask off the sign bit and operate on the rest, so if
the caller, by accident, passes in a negative number, the sign bit
will be masked off and the remaining part will be used as if that was
the input, which is worse than crashing.
The constant is visible in idr.h and there are several users in the
kernel.
* drivers/i2c/i2c-core.c:i2c_add_numbered_adapter()
Basically used to test if adap->nr is a negative number which isn't
-1 and returns -EINVAL if so. idr_alloc() already has negative
@start checking (w/ WARN_ON_ONCE), so this can go away.
* drivers/infiniband/core/cm.c:cm_alloc_id()
drivers/infiniband/hw/mlx4/cm.c:id_map_alloc()
Used to wrap cyclic @start. Can be replaced with max(next, 0).
Note that this type of cyclic allocation using idr is buggy. These
are prone to spurious -ENOSPC failure after the first wraparound.
* fs/super.c:get_anon_bdev()
The ID allocated from ida is masked off before being tested whether
it's inside valid range. ida allocated ID can never be a negative
number and the masking is unnecessary.
Update idr_*() functions to fail with -EINVAL when negative @id is
specified and update other MAX_IDR_MASK users as described above.
This leaves MAX_IDR_MASK without any user, remove it and relocate
other MAX_IDR_* constants to lib/idr.c.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jean Delvare <khali@linux-fr.org>
Cc: Roland Dreier <roland@kernel.org>
Cc: Sean Hefty <sean.hefty@intel.com>
Cc: Hal Rosenstock <hal.rosenstock@gmail.com>
Cc: "Marciniszyn, Mike" <mike.marciniszyn@intel.com>
Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Wolfram Sang <wolfram@the-dreams.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:05:04 +04:00
return ERR_PTR ( - EINVAL ) ;
2006-06-26 11:27:19 +04:00
p = idp - > top ;
2008-12-02 00:14:02 +03:00
if ( ! p )
2014-06-07 01:37:13 +04:00
return ERR_PTR ( - ENOENT ) ;
2008-12-02 00:14:02 +03:00
idr: fix overflow bug during maximum ID calculation at maximum height
idr_replace() open-codes the logic to calculate the maximum valid ID
given the height of the idr tree; unfortunately, the open-coded logic
doesn't account for the fact that the top layer may have unused slots
and over-shifts the limit to zero when the tree is at its maximum
height.
The following test code shows it fails to replace the value for
id=((1<<27)+42):
static void test5(void)
{
int id;
DEFINE_IDR(test_idr);
#define TEST5_START ((1<<27)+42) /* use the highest layer */
printk(KERN_INFO "Start test5\n");
id = idr_alloc(&test_idr, (void *)1, TEST5_START, 0, GFP_KERNEL);
BUG_ON(id != TEST5_START);
TEST_BUG_ON(idr_replace(&test_idr, (void *)2, TEST5_START) != (void *)1);
idr_destroy(&test_idr);
printk(KERN_INFO "End of test5\n");
}
Fix the bug by using idr_max() which correctly takes into account the
maximum allowed shift.
sub_alloc() shares the same problem and may incorrectly fail with
-EAGAIN; however, this bug doesn't affect correct operation because
idr_get_empty_slot(), which already uses idr_max(), retries with the
increased @id in such cases.
[tj@kernel.org: Updated patch description.]
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-07 01:37:10 +04:00
if ( id > idr_max ( p - > layer + 1 ) )
2014-06-07 01:37:13 +04:00
return ERR_PTR ( - ENOENT ) ;
2006-06-26 11:27:19 +04:00
idr: fix overflow bug during maximum ID calculation at maximum height
idr_replace() open-codes the logic to calculate the maximum valid ID
given the height of the idr tree; unfortunately, the open-coded logic
doesn't account for the fact that the top layer may have unused slots
and over-shifts the limit to zero when the tree is at its maximum
height.
The following test code shows it fails to replace the value for
id=((1<<27)+42):
static void test5(void)
{
int id;
DEFINE_IDR(test_idr);
#define TEST5_START ((1<<27)+42) /* use the highest layer */
printk(KERN_INFO "Start test5\n");
id = idr_alloc(&test_idr, (void *)1, TEST5_START, 0, GFP_KERNEL);
BUG_ON(id != TEST5_START);
TEST_BUG_ON(idr_replace(&test_idr, (void *)2, TEST5_START) != (void *)1);
idr_destroy(&test_idr);
printk(KERN_INFO "End of test5\n");
}
Fix the bug by using idr_max() which correctly takes into account the
maximum allowed shift.
sub_alloc() shares the same problem and may incorrectly fail with
-EAGAIN; however, this bug doesn't affect correct operation because
idr_get_empty_slot(), which already uses idr_max(), retries with the
increased @id in such cases.
[tj@kernel.org: Updated patch description.]
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-07 01:37:10 +04:00
n = p - > layer * IDR_BITS ;
2006-06-26 11:27:19 +04:00
while ( ( n > 0 ) & & p ) {
p = p - > ary [ ( id > > n ) & IDR_MASK ] ;
n - = IDR_BITS ;
}
n = id & IDR_MASK ;
2013-02-28 05:05:05 +04:00
if ( unlikely ( p = = NULL | | ! test_bit ( n , p - > bitmap ) ) )
2006-06-26 11:27:19 +04:00
return ERR_PTR ( - ENOENT ) ;
old_p = p - > ary [ n ] ;
2008-07-25 12:48:02 +04:00
rcu_assign_pointer ( p - > ary [ n ] , ptr ) ;
2006-06-26 11:27:19 +04:00
return old_p ;
}
EXPORT_SYMBOL ( idr_replace ) ;
2008-04-29 12:03:13 +04:00
void __init idr_init_cache ( void )
2005-04-17 02:20:36 +04:00
{
2008-04-29 12:03:13 +04:00
idr_layer_cache = kmem_cache_create ( " idr_layer_cache " ,
2009-01-16 00:51:21 +03:00
sizeof ( struct idr_layer ) , 0 , SLAB_PANIC , NULL ) ;
2005-04-17 02:20:36 +04:00
}
/**
* idr_init - initialize idr handle
* @ idp : idr handle
*
* This function is use to set up the handle ( @ idp ) that you will pass
* to the rest of the functions .
*/
void idr_init ( struct idr * idp )
{
memset ( idp , 0 , sizeof ( struct idr ) ) ;
spin_lock_init ( & idp - > lock ) ;
}
EXPORT_SYMBOL ( idr_init ) ;
2007-06-13 22:45:13 +04:00
2011-08-09 01:36:56 +04:00
static int idr_has_entry ( int id , void * p , void * data )
{
return 1 ;
}
bool idr_is_empty ( struct idr * idp )
{
return ! idr_for_each ( idp , idr_has_entry , NULL ) ;
}
EXPORT_SYMBOL ( idr_is_empty ) ;
2007-06-13 22:45:13 +04:00
2010-10-27 01:19:08 +04:00
/**
* DOC : IDA description
2007-06-13 22:45:13 +04:00
* IDA - IDR based ID allocator
*
2010-10-27 01:19:08 +04:00
* This is id allocator without id - > pointer translation . Memory
2007-06-13 22:45:13 +04:00
* usage is much lower than full blown idr because each id only
* occupies a bit . ida uses a custom leaf node which contains
* IDA_BITMAP_BITS slots .
*
* 2007 - 04 - 25 written by Tejun Heo < htejun @ gmail . com >
*/
static void free_bitmap ( struct ida * ida , struct ida_bitmap * bitmap )
{
unsigned long flags ;
if ( ! ida - > free_bitmap ) {
spin_lock_irqsave ( & ida - > idr . lock , flags ) ;
if ( ! ida - > free_bitmap ) {
ida - > free_bitmap = bitmap ;
bitmap = NULL ;
}
spin_unlock_irqrestore ( & ida - > idr . lock , flags ) ;
}
kfree ( bitmap ) ;
}
/**
* ida_pre_get - reserve resources for ida allocation
* @ ida : ida handle
* @ gfp_mask : memory allocation flag
*
* This function should be called prior to locking and calling the
* following function . It preallocates enough memory to satisfy the
* worst possible allocation .
*
2010-10-27 01:19:08 +04:00
* If the system is REALLY out of memory this function returns % 0 ,
* otherwise % 1.
2007-06-13 22:45:13 +04:00
*/
int ida_pre_get ( struct ida * ida , gfp_t gfp_mask )
{
/* allocate idr_layers */
2013-03-14 01:59:42 +04:00
if ( ! __idr_pre_get ( & ida - > idr , gfp_mask ) )
2007-06-13 22:45:13 +04:00
return 0 ;
/* allocate free_bitmap */
if ( ! ida - > free_bitmap ) {
struct ida_bitmap * bitmap ;
bitmap = kmalloc ( sizeof ( struct ida_bitmap ) , gfp_mask ) ;
if ( ! bitmap )
return 0 ;
free_bitmap ( ida , bitmap ) ;
}
return 1 ;
}
EXPORT_SYMBOL ( ida_pre_get ) ;
/**
* ida_get_new_above - allocate new ID above or equal to a start id
* @ ida : ida handle
2010-08-30 19:37:03 +04:00
* @ starting_id : id to start search at
2007-06-13 22:45:13 +04:00
* @ p_id : pointer to the allocated handle
*
2011-11-01 04:12:36 +04:00
* Allocate new ID above or equal to @ starting_id . It should be called
* with any required locks .
2007-06-13 22:45:13 +04:00
*
2010-10-27 01:19:08 +04:00
* If memory is required , it will return % - EAGAIN , you should unlock
2007-06-13 22:45:13 +04:00
* and go back to the ida_pre_get ( ) call . If the ida is full , it will
2010-10-27 01:19:08 +04:00
* return % - ENOSPC .
2007-06-13 22:45:13 +04:00
*
2010-10-27 01:19:08 +04:00
* @ p_id returns a value in the range @ starting_id . . . % 0x7fffffff .
2007-06-13 22:45:13 +04:00
*/
int ida_get_new_above ( struct ida * ida , int starting_id , int * p_id )
{
2013-02-28 05:05:02 +04:00
struct idr_layer * pa [ MAX_IDR_LEVEL + 1 ] ;
2007-06-13 22:45:13 +04:00
struct ida_bitmap * bitmap ;
unsigned long flags ;
int idr_id = starting_id / IDA_BITMAP_BITS ;
int offset = starting_id % IDA_BITMAP_BITS ;
int t , id ;
restart :
/* get vacant slot */
idr: implement idr_preload[_end]() and idr_alloc()
The current idr interface is very cumbersome.
* For all allocations, two function calls - idr_pre_get() and
idr_get_new*() - should be made.
* idr_pre_get() doesn't guarantee that the following idr_get_new*()
will not fail from memory shortage. If idr_get_new*() returns
-EAGAIN, the caller is expected to retry pre_get and allocation.
* idr_get_new*() can't enforce upper limit. Upper limit can only be
enforced by allocating and then freeing if above limit.
* idr_layer buffer is unnecessarily per-idr. Each idr ends up keeping
around MAX_IDR_FREE idr_layers. The memory consumed per idr is
under two pages but it makes it difficult to make idr_layer larger.
This patch implements the following new set of allocation functions.
* idr_preload[_end]() - Similar to radix preload but doesn't fail.
The first idr_alloc() inside preload section can be treated as if it
were called with @gfp_mask used for idr_preload().
* idr_alloc() - Allocate an ID w/ lower and upper limits. Takes
@gfp_flags and can be used w/o preloading. When used inside
preloaded section, the allocation mask of preloading can be assumed.
If idr_alloc() can be called from a context which allows sufficiently
relaxed @gfp_mask, it can be used by itself. If, for example,
idr_alloc() is called inside spinlock protected region, preloading can
be used like the following.
idr_preload(GFP_KERNEL);
spin_lock(lock);
id = idr_alloc(idr, ptr, start, end, GFP_NOWAIT);
spin_unlock(lock);
idr_preload_end();
if (id < 0)
error;
which is much simpler and less error-prone than idr_pre_get and
idr_get_new*() loop.
The new interface uses per-pcu idr_layer buffer and thus the number of
idr's in the system doesn't affect the amount of memory used for
preloading.
idr_layer_alloc() is introduced to handle idr_layer allocations for
both old and new ID allocation paths. This is a bit hairy now but the
new interface is expected to replace the old and the internal
implementation eventually will become simpler.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-28 05:03:55 +04:00
t = idr_get_empty_slot ( & ida - > idr , idr_id , pa , 0 , & ida - > idr ) ;
2008-07-25 12:47:59 +04:00
if ( t < 0 )
2013-02-28 05:03:53 +04:00
return t = = - ENOMEM ? - EAGAIN : t ;
2007-06-13 22:45:13 +04:00
2012-10-05 04:13:15 +04:00
if ( t * IDA_BITMAP_BITS > = MAX_IDR_BIT )
2007-06-13 22:45:13 +04:00
return - ENOSPC ;
if ( t ! = idr_id )
offset = 0 ;
idr_id = t ;
/* if bitmap isn't there, create a new one */
bitmap = ( void * ) pa [ 0 ] - > ary [ idr_id & IDR_MASK ] ;
if ( ! bitmap ) {
spin_lock_irqsave ( & ida - > idr . lock , flags ) ;
bitmap = ida - > free_bitmap ;
ida - > free_bitmap = NULL ;
spin_unlock_irqrestore ( & ida - > idr . lock , flags ) ;
if ( ! bitmap )
return - EAGAIN ;
memset ( bitmap , 0 , sizeof ( struct ida_bitmap ) ) ;
2008-07-25 12:48:00 +04:00
rcu_assign_pointer ( pa [ 0 ] - > ary [ idr_id & IDR_MASK ] ,
( void * ) bitmap ) ;
2007-06-13 22:45:13 +04:00
pa [ 0 ] - > count + + ;
}
/* lookup for empty slot */
t = find_next_zero_bit ( bitmap - > bitmap , IDA_BITMAP_BITS , offset ) ;
if ( t = = IDA_BITMAP_BITS ) {
/* no empty slot after offset, continue to the next chunk */
idr_id + + ;
offset = 0 ;
goto restart ;
}
id = idr_id * IDA_BITMAP_BITS + t ;
2012-10-05 04:13:15 +04:00
if ( id > = MAX_IDR_BIT )
2007-06-13 22:45:13 +04:00
return - ENOSPC ;
__set_bit ( t , bitmap - > bitmap ) ;
if ( + + bitmap - > nr_busy = = IDA_BITMAP_BITS )
idr_mark_full ( pa , idr_id ) ;
* p_id = id ;
/* Each leaf node can handle nearly a thousand slots and the
* whole idea of ida is to have small memory foot print .
* Throw away extra resources one by one after each successful
* allocation .
*/
if ( ida - > idr . id_free_cnt | | ida - > free_bitmap ) {
2008-07-25 12:47:58 +04:00
struct idr_layer * p = get_from_free_list ( & ida - > idr ) ;
2007-06-13 22:45:13 +04:00
if ( p )
kmem_cache_free ( idr_layer_cache , p ) ;
}
return 0 ;
}
EXPORT_SYMBOL ( ida_get_new_above ) ;
/**
* ida_remove - remove the given ID
* @ ida : ida handle
* @ id : ID to free
*/
void ida_remove ( struct ida * ida , int id )
{
struct idr_layer * p = ida - > idr . top ;
int shift = ( ida - > idr . layers - 1 ) * IDR_BITS ;
int idr_id = id / IDA_BITMAP_BITS ;
int offset = id % IDA_BITMAP_BITS ;
int n ;
struct ida_bitmap * bitmap ;
2014-06-07 01:37:11 +04:00
if ( idr_id > idr_max ( ida - > idr . layers ) )
goto err ;
2007-06-13 22:45:13 +04:00
/* clear full bits while looking up the leaf idr_layer */
while ( ( shift > 0 ) & & p ) {
n = ( idr_id > > shift ) & IDR_MASK ;
2013-02-28 05:05:05 +04:00
__clear_bit ( n , p - > bitmap ) ;
2007-06-13 22:45:13 +04:00
p = p - > ary [ n ] ;
shift - = IDR_BITS ;
}
if ( p = = NULL )
goto err ;
n = idr_id & IDR_MASK ;
2013-02-28 05:05:05 +04:00
__clear_bit ( n , p - > bitmap ) ;
2007-06-13 22:45:13 +04:00
bitmap = ( void * ) p - > ary [ n ] ;
2014-06-07 01:37:12 +04:00
if ( ! bitmap | | ! test_bit ( offset , bitmap - > bitmap ) )
2007-06-13 22:45:13 +04:00
goto err ;
/* update bitmap and remove it if empty */
__clear_bit ( offset , bitmap - > bitmap ) ;
if ( - - bitmap - > nr_busy = = 0 ) {
2013-02-28 05:05:05 +04:00
__set_bit ( n , p - > bitmap ) ; /* to please idr_remove() */
2007-06-13 22:45:13 +04:00
idr_remove ( & ida - > idr , idr_id ) ;
free_bitmap ( ida , bitmap ) ;
}
return ;
err :
2013-07-04 02:08:47 +04:00
WARN ( 1 , " ida_remove called for id=%d which is not allocated. \n " , id ) ;
2007-06-13 22:45:13 +04:00
}
EXPORT_SYMBOL ( ida_remove ) ;
/**
* ida_destroy - release all cached layers within an ida tree
2010-08-30 19:37:03 +04:00
* @ ida : ida handle
2007-06-13 22:45:13 +04:00
*/
void ida_destroy ( struct ida * ida )
{
idr_destroy ( & ida - > idr ) ;
kfree ( ida - > free_bitmap ) ;
}
EXPORT_SYMBOL ( ida_destroy ) ;
2011-08-04 03:21:06 +04:00
/**
* ida_simple_get - get a new id .
* @ ida : the ( initialized ) ida .
* @ start : the minimum id ( inclusive , < 0x8000000 )
* @ end : the maximum id ( exclusive , < 0x8000000 or 0 )
* @ gfp_mask : memory allocation flags
*
* Allocates an id in the range start < = id < end , or returns - ENOSPC .
* On memory allocation failure , returns - ENOMEM .
*
* Use ida_simple_remove ( ) to get rid of an id .
*/
int ida_simple_get ( struct ida * ida , unsigned int start , unsigned int end ,
gfp_t gfp_mask )
{
int ret , id ;
unsigned int max ;
2011-11-03 00:38:46 +04:00
unsigned long flags ;
2011-08-04 03:21:06 +04:00
BUG_ON ( ( int ) start < 0 ) ;
BUG_ON ( ( int ) end < 0 ) ;
if ( end = = 0 )
max = 0x80000000 ;
else {
BUG_ON ( end < start ) ;
max = end - 1 ;
}
again :
if ( ! ida_pre_get ( ida , gfp_mask ) )
return - ENOMEM ;
2011-11-03 00:38:46 +04:00
spin_lock_irqsave ( & simple_ida_lock , flags ) ;
2011-08-04 03:21:06 +04:00
ret = ida_get_new_above ( ida , start , & id ) ;
if ( ! ret ) {
if ( id > max ) {
ida_remove ( ida , id ) ;
ret = - ENOSPC ;
} else {
ret = id ;
}
}
2011-11-03 00:38:46 +04:00
spin_unlock_irqrestore ( & simple_ida_lock , flags ) ;
2011-08-04 03:21:06 +04:00
if ( unlikely ( ret = = - EAGAIN ) )
goto again ;
return ret ;
}
EXPORT_SYMBOL ( ida_simple_get ) ;
/**
* ida_simple_remove - remove an allocated id .
* @ ida : the ( initialized ) ida .
* @ id : the id returned by ida_simple_get .
*/
void ida_simple_remove ( struct ida * ida , unsigned int id )
{
2011-11-03 00:38:46 +04:00
unsigned long flags ;
2011-08-04 03:21:06 +04:00
BUG_ON ( ( int ) id < 0 ) ;
2011-11-03 00:38:46 +04:00
spin_lock_irqsave ( & simple_ida_lock , flags ) ;
2011-08-04 03:21:06 +04:00
ida_remove ( ida , id ) ;
2011-11-03 00:38:46 +04:00
spin_unlock_irqrestore ( & simple_ida_lock , flags ) ;
2011-08-04 03:21:06 +04:00
}
EXPORT_SYMBOL ( ida_simple_remove ) ;
2007-06-13 22:45:13 +04:00
/**
* ida_init - initialize ida handle
* @ ida : ida handle
*
* This function is use to set up the handle ( @ ida ) that you will pass
* to the rest of the functions .
*/
void ida_init ( struct ida * ida )
{
memset ( ida , 0 , sizeof ( struct ida ) ) ;
idr_init ( & ida - > idr ) ;
}
EXPORT_SYMBOL ( ida_init ) ;