2014-06-05 03:08:10 +04:00
# include <linux/kernel.h>
# include <linux/errno.h>
# include <linux/err.h>
# include <linux/spinlock.h>
# include <linux/mm.h>
2016-01-16 03:56:55 +03:00
# include <linux/memremap.h>
2014-06-05 03:08:10 +04:00
# include <linux/pagemap.h>
# include <linux/rmap.h>
# include <linux/swap.h>
# include <linux/swapops.h>
2017-02-02 21:15:33 +03:00
# include <linux/sched/signal.h>
2014-10-10 02:29:14 +04:00
# include <linux/rwsem.h>
2014-11-05 19:27:40 +03:00
# include <linux/hugetlb.h>
2015-09-05 01:47:55 +03:00
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
# include <asm/mmu_context.h>
2014-10-10 02:29:14 +04:00
# include <asm/pgtable.h>
2015-09-05 01:47:55 +03:00
# include <asm/tlbflush.h>
2014-10-10 02:29:14 +04:00
2014-06-05 03:08:10 +04:00
# include "internal.h"
2018-10-27 01:10:28 +03:00
struct follow_page_context {
struct dev_pagemap * pgmap ;
unsigned int page_mask ;
} ;
2014-06-05 03:08:11 +04:00
static struct page * no_page_table ( struct vm_area_struct * vma ,
unsigned int flags )
2014-06-05 03:08:10 +04:00
{
2014-06-05 03:08:11 +04:00
/*
* When core dumping an enormous anonymous area that nobody
* has touched so far , we don ' t want to allocate unnecessary pages or
* page tables . Return error instead of NULL to skip handle_mm_fault ,
* then get_dump_page ( ) will return NULL to leave a hole in the dump .
* But we can only make this optimization where a hole would surely
* be zero - filled if handle_mm_fault ( ) actually did handle it .
*/
if ( ( flags & FOLL_DUMP ) & & ( ! vma - > vm_ops | | ! vma - > vm_ops - > fault ) )
return ERR_PTR ( - EFAULT ) ;
return NULL ;
}
2014-06-05 03:08:10 +04:00
2015-09-05 01:47:55 +03:00
static int follow_pfn_pte ( struct vm_area_struct * vma , unsigned long address ,
pte_t * pte , unsigned int flags )
{
/* No page to get reference */
if ( flags & FOLL_GET )
return - EFAULT ;
if ( flags & FOLL_TOUCH ) {
pte_t entry = * pte ;
if ( flags & FOLL_WRITE )
entry = pte_mkdirty ( entry ) ;
entry = pte_mkyoung ( entry ) ;
if ( ! pte_same ( * pte , entry ) ) {
set_pte_at ( vma - > vm_mm , address , pte , entry ) ;
update_mmu_cache ( vma , address , pte ) ;
}
}
/* Proper page table entry exists, but no corresponding struct page */
return - EEXIST ;
}
2016-10-13 23:07:36 +03:00
/*
* FOLL_FORCE can write to even unwritable pte ' s , but only
* after we ' ve gone through a COW cycle and they are dirty .
*/
static inline bool can_follow_write_pte ( pte_t pte , unsigned int flags )
{
Revert "mm: replace p??_write with pte_access_permitted in fault + gup paths"
This reverts commits 5c9d2d5c269c, c7da82b894e9, and e7fe7b5cae90.
We'll probably need to revisit this, but basically we should not
complicate the get_user_pages_fast() case, and checking the actual page
table protection key bits will require more care anyway, since the
protection keys depend on the exact state of the VM in question.
Particularly when doing a "remote" page lookup (ie in somebody elses VM,
not your own), you need to be much more careful than this was. Dave
Hansen says:
"So, the underlying bug here is that we now a get_user_pages_remote()
and then go ahead and do the p*_access_permitted() checks against the
current PKRU. This was introduced recently with the addition of the
new p??_access_permitted() calls.
We have checks in the VMA path for the "remote" gups and we avoid
consulting PKRU for them. This got missed in the pkeys selftests
because I did a ptrace read, but not a *write*. I also didn't
explicitly test it against something where a COW needed to be done"
It's also not entirely clear that it makes sense to check the protection
key bits at this level at all. But one possible eventual solution is to
make the get_user_pages_fast() case just abort if it sees protection key
bits set, which makes us fall back to the regular get_user_pages() case,
which then has a vma and can do the check there if we want to.
We'll see.
Somewhat related to this all: what we _do_ want to do some day is to
check the PAGE_USER bit - it should obviously always be set for user
pages, but it would be a good check to have back. Because we have no
generic way to test for it, we lost it as part of moving over from the
architecture-specific x86 GUP implementation to the generic one in
commit e585513b76f7 ("x86/mm/gup: Switch GUP to the generic
get_user_page_fast() implementation").
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "Jérôme Glisse" <jglisse@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-12-16 05:53:22 +03:00
return pte_write ( pte ) | |
2016-10-13 23:07:36 +03:00
( ( flags & FOLL_FORCE ) & & ( flags & FOLL_COW ) & & pte_dirty ( pte ) ) ;
}
2014-06-05 03:08:11 +04:00
static struct page * follow_page_pte ( struct vm_area_struct * vma ,
2018-10-27 01:10:28 +03:00
unsigned long address , pmd_t * pmd , unsigned int flags ,
struct dev_pagemap * * pgmap )
2014-06-05 03:08:11 +04:00
{
struct mm_struct * mm = vma - > vm_mm ;
struct page * page ;
spinlock_t * ptl ;
pte_t * ptep , pte ;
2014-06-05 03:08:10 +04:00
2014-06-05 03:08:11 +04:00
retry :
2014-06-05 03:08:10 +04:00
if ( unlikely ( pmd_bad ( * pmd ) ) )
2014-06-05 03:08:11 +04:00
return no_page_table ( vma , flags ) ;
2014-06-05 03:08:10 +04:00
ptep = pte_offset_map_lock ( mm , pmd , address , & ptl ) ;
pte = * ptep ;
if ( ! pte_present ( pte ) ) {
swp_entry_t entry ;
/*
* KSM ' s break_ksm ( ) relies upon recognizing a ksm page
* even while it is being migrated , so for that case we
* need migration_entry_wait ( ) .
*/
if ( likely ( ! ( flags & FOLL_MIGRATION ) ) )
goto no_page ;
2015-02-11 01:10:04 +03:00
if ( pte_none ( pte ) )
2014-06-05 03:08:10 +04:00
goto no_page ;
entry = pte_to_swp_entry ( pte ) ;
if ( ! is_migration_entry ( entry ) )
goto no_page ;
pte_unmap_unlock ( ptep , ptl ) ;
migration_entry_wait ( mm , pmd , address ) ;
2014-06-05 03:08:11 +04:00
goto retry ;
2014-06-05 03:08:10 +04:00
}
2015-02-13 01:58:22 +03:00
if ( ( flags & FOLL_NUMA ) & & pte_protnone ( pte ) )
2014-06-05 03:08:10 +04:00
goto no_page ;
2016-10-13 23:07:36 +03:00
if ( ( flags & FOLL_WRITE ) & & ! can_follow_write_pte ( pte , flags ) ) {
2014-06-05 03:08:11 +04:00
pte_unmap_unlock ( ptep , ptl ) ;
return NULL ;
}
2014-06-05 03:08:10 +04:00
page = vm_normal_page ( vma , address , pte ) ;
2016-01-16 03:56:55 +03:00
if ( ! page & & pte_devmap ( pte ) & & ( flags & FOLL_GET ) ) {
/*
* Only return device mapping pages in the FOLL_GET case since
* they are only valid while holding the pgmap reference .
*/
2018-10-27 01:10:28 +03:00
* pgmap = get_dev_pagemap ( pte_pfn ( pte ) , * pgmap ) ;
if ( * pgmap )
2016-01-16 03:56:55 +03:00
page = pte_page ( pte ) ;
else
goto no_page ;
} else if ( unlikely ( ! page ) ) {
2015-09-05 01:47:55 +03:00
if ( flags & FOLL_DUMP ) {
/* Avoid special (like zero) pages in core dumps */
page = ERR_PTR ( - EFAULT ) ;
goto out ;
}
if ( is_zero_pfn ( pte_pfn ( pte ) ) ) {
page = pte_page ( pte ) ;
} else {
int ret ;
ret = follow_pfn_pte ( vma , address , ptep , flags ) ;
page = ERR_PTR ( ret ) ;
goto out ;
}
2014-06-05 03:08:10 +04:00
}
2016-01-16 03:52:28 +03:00
if ( flags & FOLL_SPLIT & & PageTransCompound ( page ) ) {
int ret ;
get_page ( page ) ;
pte_unmap_unlock ( ptep , ptl ) ;
lock_page ( page ) ;
ret = split_huge_page ( page ) ;
unlock_page ( page ) ;
put_page ( page ) ;
if ( ret )
return ERR_PTR ( ret ) ;
goto retry ;
}
2018-10-27 01:10:28 +03:00
if ( flags & FOLL_GET )
2016-01-16 03:52:56 +03:00
get_page ( page ) ;
2014-06-05 03:08:10 +04:00
if ( flags & FOLL_TOUCH ) {
if ( ( flags & FOLL_WRITE ) & &
! pte_dirty ( pte ) & & ! PageDirty ( page ) )
set_page_dirty ( page ) ;
/*
* pte_mkyoung ( ) would be more correct here , but atomic care
* is needed to avoid losing the dirty bit : it is easier to use
* mark_page_accessed ( ) .
*/
mark_page_accessed ( page ) ;
}
2015-11-06 05:51:36 +03:00
if ( ( flags & FOLL_MLOCK ) & & ( vma - > vm_flags & VM_LOCKED ) ) {
2016-01-16 03:54:33 +03:00
/* Do not mlock pte-mapped THP */
if ( PageTransCompound ( page ) )
goto out ;
2014-06-05 03:08:10 +04:00
/*
* The preliminary mapping check is mainly to avoid the
* pointless overhead of lock_page on the ZERO_PAGE
* which might bounce very badly if there is contention .
*
* If the page is already locked , we don ' t need to
* handle it now - vmscan will handle it later if and
* when it attempts to reclaim the page .
*/
if ( page - > mapping & & trylock_page ( page ) ) {
lru_add_drain ( ) ; /* push cached pages to LRU */
/*
* Because we lock page here , and migration is
* blocked by the pte ' s page reference , and we
* know the page is still mapped , we don ' t even
* need to check for file - cache page truncation .
*/
mlock_vma_page ( page ) ;
unlock_page ( page ) ;
}
}
2015-09-05 01:47:55 +03:00
out :
2014-06-05 03:08:10 +04:00
pte_unmap_unlock ( ptep , ptl ) ;
return page ;
no_page :
pte_unmap_unlock ( ptep , ptl ) ;
if ( ! pte_none ( pte ) )
2014-06-05 03:08:11 +04:00
return NULL ;
return no_page_table ( vma , flags ) ;
}
2017-07-07 01:38:44 +03:00
static struct page * follow_pmd_mask ( struct vm_area_struct * vma ,
unsigned long address , pud_t * pudp ,
2018-10-27 01:10:28 +03:00
unsigned int flags ,
struct follow_page_context * ctx )
2014-06-05 03:08:11 +04:00
{
2018-06-08 03:06:34 +03:00
pmd_t * pmd , pmdval ;
2014-06-05 03:08:11 +04:00
spinlock_t * ptl ;
struct page * page ;
struct mm_struct * mm = vma - > vm_mm ;
2017-07-07 01:38:44 +03:00
pmd = pmd_offset ( pudp , address ) ;
2018-06-08 03:06:34 +03:00
/*
* The READ_ONCE ( ) will stabilize the pmdval in a register or
* on the stack so that it will stop changing under the code .
*/
pmdval = READ_ONCE ( * pmd ) ;
if ( pmd_none ( pmdval ) )
2014-06-05 03:08:11 +04:00
return no_page_table ( vma , flags ) ;
2018-06-08 03:06:34 +03:00
if ( pmd_huge ( pmdval ) & & vma - > vm_flags & VM_HUGETLB ) {
mm/hugetlb: take page table lock in follow_huge_pmd()
We have a race condition between move_pages() and freeing hugepages, where
move_pages() calls follow_page(FOLL_GET) for hugepages internally and
tries to get its refcount without preventing concurrent freeing. This
race crashes the kernel, so this patch fixes it by moving FOLL_GET code
for hugepages into follow_huge_pmd() with taking the page table lock.
This patch intentionally removes page==NULL check after pte_page.
This is justified because pte_page() never returns NULL for any
architectures or configurations.
This patch changes the behavior of follow_huge_pmd() for tail pages and
then tail pages can be pinned/returned. So the caller must be changed to
properly handle the returned tail pages.
We could have a choice to add the similar locking to
follow_huge_(addr|pud) for consistency, but it's not necessary because
currently these functions don't support FOLL_GET flag, so let's leave it
for future development.
Here is the reproducer:
$ cat movepages.c
#include <stdio.h>
#include <stdlib.h>
#include <numaif.h>
#define ADDR_INPUT 0x700000000000UL
#define HPS 0x200000
#define PS 0x1000
int main(int argc, char *argv[]) {
int i;
int nr_hp = strtol(argv[1], NULL, 0);
int nr_p = nr_hp * HPS / PS;
int ret;
void **addrs;
int *status;
int *nodes;
pid_t pid;
pid = strtol(argv[2], NULL, 0);
addrs = malloc(sizeof(char *) * nr_p + 1);
status = malloc(sizeof(char *) * nr_p + 1);
nodes = malloc(sizeof(char *) * nr_p + 1);
while (1) {
for (i = 0; i < nr_p; i++) {
addrs[i] = (void *)ADDR_INPUT + i * PS;
nodes[i] = 1;
status[i] = 0;
}
ret = numa_move_pages(pid, nr_p, addrs, nodes, status,
MPOL_MF_MOVE_ALL);
if (ret == -1)
err("move_pages");
for (i = 0; i < nr_p; i++) {
addrs[i] = (void *)ADDR_INPUT + i * PS;
nodes[i] = 0;
status[i] = 0;
}
ret = numa_move_pages(pid, nr_p, addrs, nodes, status,
MPOL_MF_MOVE_ALL);
if (ret == -1)
err("move_pages");
}
return 0;
}
$ cat hugepage.c
#include <stdio.h>
#include <sys/mman.h>
#include <string.h>
#define ADDR_INPUT 0x700000000000UL
#define HPS 0x200000
int main(int argc, char *argv[]) {
int nr_hp = strtol(argv[1], NULL, 0);
char *p;
while (1) {
p = mmap((void *)ADDR_INPUT, nr_hp * HPS, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB, -1, 0);
if (p != (void *)ADDR_INPUT) {
perror("mmap");
break;
}
memset(p, 0, nr_hp * HPS);
munmap(p, nr_hp * HPS);
}
}
$ sysctl vm.nr_hugepages=40
$ ./hugepage 10 &
$ ./movepages 10 $(pgrep -f hugepage)
Fixes: e632a938d914 ("mm: migrate: add hugepage migration code to move_pages()")
Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Reported-by: Hugh Dickins <hughd@google.com>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Mel Gorman <mel@csn.ul.ie>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.cz>
Cc: Rik van Riel <riel@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Luiz Capitulino <lcapitulino@redhat.com>
Cc: Nishanth Aravamudan <nacc@linux.vnet.ibm.com>
Cc: Lee Schermerhorn <lee.schermerhorn@hp.com>
Cc: Steve Capper <steve.capper@linaro.org>
Cc: <stable@vger.kernel.org> [3.12+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:25:22 +03:00
page = follow_huge_pmd ( mm , address , pmd , flags ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
2014-06-05 03:08:11 +04:00
}
2018-06-08 03:06:34 +03:00
if ( is_hugepd ( __hugepd ( pmd_val ( pmdval ) ) ) ) {
2017-07-07 01:38:56 +03:00
page = follow_huge_pd ( vma , address ,
2018-06-08 03:06:34 +03:00
__hugepd ( pmd_val ( pmdval ) ) , flags ,
2017-07-07 01:38:56 +03:00
PMD_SHIFT ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
retry :
2018-06-08 03:06:34 +03:00
if ( ! pmd_present ( pmdval ) ) {
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
if ( likely ( ! ( flags & FOLL_MIGRATION ) ) )
return no_page_table ( vma , flags ) ;
VM_BUG_ON ( thp_migration_supported ( ) & &
2018-06-08 03:06:34 +03:00
! is_pmd_migration_entry ( pmdval ) ) ;
if ( is_pmd_migration_entry ( pmdval ) )
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
pmd_migration_entry_wait ( mm , pmd ) ;
2018-06-08 03:06:34 +03:00
pmdval = READ_ONCE ( * pmd ) ;
/*
* MADV_DONTNEED may convert the pmd to null because
* mmap_sem is held in read mode
*/
if ( pmd_none ( pmdval ) )
return no_page_table ( vma , flags ) ;
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
goto retry ;
}
2018-06-08 03:06:34 +03:00
if ( pmd_devmap ( pmdval ) ) {
2016-01-16 03:56:55 +03:00
ptl = pmd_lock ( mm , pmd ) ;
2018-10-27 01:10:28 +03:00
page = follow_devmap_pmd ( vma , address , pmd , flags , & ctx - > pgmap ) ;
2016-01-16 03:56:55 +03:00
spin_unlock ( ptl ) ;
if ( page )
return page ;
}
2018-06-08 03:06:34 +03:00
if ( likely ( ! pmd_trans_huge ( pmdval ) ) )
2018-10-27 01:10:28 +03:00
return follow_page_pte ( vma , address , pmd , flags , & ctx - > pgmap ) ;
2016-01-16 03:52:28 +03:00
2018-06-08 03:06:34 +03:00
if ( ( flags & FOLL_NUMA ) & & pmd_protnone ( pmdval ) )
2017-02-25 01:59:53 +03:00
return no_page_table ( vma , flags ) ;
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
retry_locked :
2016-01-16 03:52:28 +03:00
ptl = pmd_lock ( mm , pmd ) ;
2018-06-08 03:06:34 +03:00
if ( unlikely ( pmd_none ( * pmd ) ) ) {
spin_unlock ( ptl ) ;
return no_page_table ( vma , flags ) ;
}
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
if ( unlikely ( ! pmd_present ( * pmd ) ) ) {
spin_unlock ( ptl ) ;
if ( likely ( ! ( flags & FOLL_MIGRATION ) ) )
return no_page_table ( vma , flags ) ;
pmd_migration_entry_wait ( mm , pmd ) ;
goto retry_locked ;
}
2016-01-16 03:52:28 +03:00
if ( unlikely ( ! pmd_trans_huge ( * pmd ) ) ) {
spin_unlock ( ptl ) ;
2018-10-27 01:10:28 +03:00
return follow_page_pte ( vma , address , pmd , flags , & ctx - > pgmap ) ;
2016-01-16 03:52:28 +03:00
}
if ( flags & FOLL_SPLIT ) {
int ret ;
page = pmd_page ( * pmd ) ;
if ( is_huge_zero_page ( page ) ) {
spin_unlock ( ptl ) ;
ret = 0 ;
2016-01-16 03:52:42 +03:00
split_huge_pmd ( vma , pmd , address ) ;
2016-07-27 01:24:03 +03:00
if ( pmd_trans_unstable ( pmd ) )
ret = - EBUSY ;
2016-01-16 03:52:28 +03:00
} else {
get_page ( page ) ;
2014-06-05 03:08:11 +04:00
spin_unlock ( ptl ) ;
2016-01-16 03:52:28 +03:00
lock_page ( page ) ;
ret = split_huge_page ( page ) ;
unlock_page ( page ) ;
put_page ( page ) ;
2016-07-27 01:25:51 +03:00
if ( pmd_none ( * pmd ) )
return no_page_table ( vma , flags ) ;
2016-01-16 03:52:28 +03:00
}
return ret ? ERR_PTR ( ret ) :
2018-10-27 01:10:28 +03:00
follow_page_pte ( vma , address , pmd , flags , & ctx - > pgmap ) ;
2014-06-05 03:08:11 +04:00
}
2016-01-16 03:52:28 +03:00
page = follow_trans_huge_pmd ( vma , address , pmd , flags ) ;
spin_unlock ( ptl ) ;
2018-10-27 01:10:28 +03:00
ctx - > page_mask = HPAGE_PMD_NR - 1 ;
2016-01-16 03:52:28 +03:00
return page ;
2014-06-05 03:08:10 +04:00
}
2017-07-07 01:38:44 +03:00
static struct page * follow_pud_mask ( struct vm_area_struct * vma ,
unsigned long address , p4d_t * p4dp ,
2018-10-27 01:10:28 +03:00
unsigned int flags ,
struct follow_page_context * ctx )
2017-07-07 01:38:44 +03:00
{
pud_t * pud ;
spinlock_t * ptl ;
struct page * page ;
struct mm_struct * mm = vma - > vm_mm ;
pud = pud_offset ( p4dp , address ) ;
if ( pud_none ( * pud ) )
return no_page_table ( vma , flags ) ;
if ( pud_huge ( * pud ) & & vma - > vm_flags & VM_HUGETLB ) {
page = follow_huge_pud ( mm , address , pud , flags ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
2017-07-07 01:38:56 +03:00
if ( is_hugepd ( __hugepd ( pud_val ( * pud ) ) ) ) {
page = follow_huge_pd ( vma , address ,
__hugepd ( pud_val ( * pud ) ) , flags ,
PUD_SHIFT ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
2017-07-07 01:38:44 +03:00
if ( pud_devmap ( * pud ) ) {
ptl = pud_lock ( mm , pud ) ;
2018-10-27 01:10:28 +03:00
page = follow_devmap_pud ( vma , address , pud , flags , & ctx - > pgmap ) ;
2017-07-07 01:38:44 +03:00
spin_unlock ( ptl ) ;
if ( page )
return page ;
}
if ( unlikely ( pud_bad ( * pud ) ) )
return no_page_table ( vma , flags ) ;
2018-10-27 01:10:28 +03:00
return follow_pmd_mask ( vma , address , pud , flags , ctx ) ;
2017-07-07 01:38:44 +03:00
}
static struct page * follow_p4d_mask ( struct vm_area_struct * vma ,
unsigned long address , pgd_t * pgdp ,
2018-10-27 01:10:28 +03:00
unsigned int flags ,
struct follow_page_context * ctx )
2017-07-07 01:38:44 +03:00
{
p4d_t * p4d ;
2017-07-07 01:38:56 +03:00
struct page * page ;
2017-07-07 01:38:44 +03:00
p4d = p4d_offset ( pgdp , address ) ;
if ( p4d_none ( * p4d ) )
return no_page_table ( vma , flags ) ;
BUILD_BUG_ON ( p4d_huge ( * p4d ) ) ;
if ( unlikely ( p4d_bad ( * p4d ) ) )
return no_page_table ( vma , flags ) ;
2017-07-07 01:38:56 +03:00
if ( is_hugepd ( __hugepd ( p4d_val ( * p4d ) ) ) ) {
page = follow_huge_pd ( vma , address ,
__hugepd ( p4d_val ( * p4d ) ) , flags ,
P4D_SHIFT ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
2018-10-27 01:10:28 +03:00
return follow_pud_mask ( vma , address , p4d , flags , ctx ) ;
2017-07-07 01:38:44 +03:00
}
/**
* follow_page_mask - look up a page descriptor from a user - virtual address
* @ vma : vm_area_struct mapping @ address
* @ address : virtual address to look up
* @ flags : flags modifying lookup behaviour
2018-11-17 02:08:29 +03:00
* @ ctx : contains dev_pagemap for % ZONE_DEVICE memory pinning and a
* pointer to output page_mask
2017-07-07 01:38:44 +03:00
*
* @ flags can have FOLL_ flags set , defined in < linux / mm . h >
*
2018-11-17 02:08:29 +03:00
* When getting pages from ZONE_DEVICE memory , the @ ctx - > pgmap caches
* the device ' s dev_pagemap metadata to avoid repeating expensive lookups .
*
* On output , the @ ctx - > page_mask is set according to the size of the page .
*
* Return : the mapped ( struct page * ) , % NULL if no mapping exists , or
2017-07-07 01:38:44 +03:00
* an error pointer if there is a mapping to something not represented
* by a page descriptor ( see also vm_normal_page ( ) ) .
*/
struct page * follow_page_mask ( struct vm_area_struct * vma ,
unsigned long address , unsigned int flags ,
2018-10-27 01:10:28 +03:00
struct follow_page_context * ctx )
2017-07-07 01:38:44 +03:00
{
pgd_t * pgd ;
struct page * page ;
struct mm_struct * mm = vma - > vm_mm ;
2018-10-27 01:10:28 +03:00
ctx - > page_mask = 0 ;
2017-07-07 01:38:44 +03:00
/* make this handle hugepd */
page = follow_huge_addr ( mm , address , flags & FOLL_WRITE ) ;
if ( ! IS_ERR ( page ) ) {
BUG_ON ( flags & FOLL_GET ) ;
return page ;
}
pgd = pgd_offset ( mm , address ) ;
if ( pgd_none ( * pgd ) | | unlikely ( pgd_bad ( * pgd ) ) )
return no_page_table ( vma , flags ) ;
2017-07-07 01:38:50 +03:00
if ( pgd_huge ( * pgd ) ) {
page = follow_huge_pgd ( mm , address , pgd , flags ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
2017-07-07 01:38:56 +03:00
if ( is_hugepd ( __hugepd ( pgd_val ( * pgd ) ) ) ) {
page = follow_huge_pd ( vma , address ,
__hugepd ( pgd_val ( * pgd ) ) , flags ,
PGDIR_SHIFT ) ;
if ( page )
return page ;
return no_page_table ( vma , flags ) ;
}
2017-07-07 01:38:50 +03:00
2018-10-27 01:10:28 +03:00
return follow_p4d_mask ( vma , address , pgd , flags , ctx ) ;
}
struct page * follow_page ( struct vm_area_struct * vma , unsigned long address ,
unsigned int foll_flags )
{
struct follow_page_context ctx = { NULL } ;
struct page * page ;
page = follow_page_mask ( vma , address , foll_flags , & ctx ) ;
if ( ctx . pgmap )
put_dev_pagemap ( ctx . pgmap ) ;
return page ;
2017-07-07 01:38:44 +03:00
}
2014-06-05 03:08:11 +04:00
static int get_gate_page ( struct mm_struct * mm , unsigned long address ,
unsigned int gup_flags , struct vm_area_struct * * vma ,
struct page * * page )
{
pgd_t * pgd ;
2017-03-09 17:24:07 +03:00
p4d_t * p4d ;
2014-06-05 03:08:11 +04:00
pud_t * pud ;
pmd_t * pmd ;
pte_t * pte ;
int ret = - EFAULT ;
/* user gate pages are read-only */
if ( gup_flags & FOLL_WRITE )
return - EFAULT ;
if ( address > TASK_SIZE )
pgd = pgd_offset_k ( address ) ;
else
pgd = pgd_offset_gate ( mm , address ) ;
BUG_ON ( pgd_none ( * pgd ) ) ;
2017-03-09 17:24:07 +03:00
p4d = p4d_offset ( pgd , address ) ;
BUG_ON ( p4d_none ( * p4d ) ) ;
pud = pud_offset ( p4d , address ) ;
2014-06-05 03:08:11 +04:00
BUG_ON ( pud_none ( * pud ) ) ;
pmd = pmd_offset ( pud , address ) ;
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
if ( ! pmd_present ( * pmd ) )
2014-06-05 03:08:11 +04:00
return - EFAULT ;
VM_BUG_ON ( pmd_trans_huge ( * pmd ) ) ;
pte = pte_offset_map ( pmd , address ) ;
if ( pte_none ( * pte ) )
goto unmap ;
* vma = get_gate_vma ( mm ) ;
if ( ! page )
goto out ;
* page = vm_normal_page ( * vma , address , * pte ) ;
if ( ! * page ) {
if ( ( gup_flags & FOLL_DUMP ) | | ! is_zero_pfn ( pte_pfn ( * pte ) ) )
goto unmap ;
* page = pte_page ( * pte ) ;
2017-09-09 02:12:24 +03:00
/*
* This should never happen ( a device public page in the gate
* area ) .
*/
if ( is_device_public_page ( * page ) )
goto unmap ;
2014-06-05 03:08:11 +04:00
}
get_page ( * page ) ;
out :
ret = 0 ;
unmap :
pte_unmap ( pte ) ;
return ret ;
}
2014-08-07 03:07:24 +04:00
/*
* mmap_sem must be held on entry . If @ nonblocking ! = NULL and
* * @ flags does not include FOLL_NOWAIT , the mmap_sem may be released .
* If it is , * @ nonblocking will be set to 0 and - EBUSY returned .
*/
2014-06-05 03:08:12 +04:00
static int faultin_page ( struct task_struct * tsk , struct vm_area_struct * vma ,
unsigned long address , unsigned int * flags , int * nonblocking )
{
unsigned int fault_flags = 0 ;
2018-08-24 03:01:36 +03:00
vm_fault_t ret ;
2014-06-05 03:08:12 +04:00
2015-11-06 05:51:36 +03:00
/* mlock all present pages, but do not fault in new pages */
if ( ( * flags & ( FOLL_POPULATE | FOLL_MLOCK ) ) = = FOLL_MLOCK )
return - ENOENT ;
2014-06-05 03:08:12 +04:00
if ( * flags & FOLL_WRITE )
fault_flags | = FAULT_FLAG_WRITE ;
2016-02-13 00:02:21 +03:00
if ( * flags & FOLL_REMOTE )
fault_flags | = FAULT_FLAG_REMOTE ;
2014-06-05 03:08:12 +04:00
if ( nonblocking )
fault_flags | = FAULT_FLAG_ALLOW_RETRY ;
if ( * flags & FOLL_NOWAIT )
fault_flags | = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_RETRY_NOWAIT ;
2014-09-17 21:51:48 +04:00
if ( * flags & FOLL_TRIED ) {
VM_WARN_ON_ONCE ( fault_flags & FAULT_FLAG_ALLOW_RETRY ) ;
fault_flags | = FAULT_FLAG_TRIED ;
}
2014-06-05 03:08:12 +04:00
2016-07-27 01:25:18 +03:00
ret = handle_mm_fault ( vma , address , fault_flags ) ;
2014-06-05 03:08:12 +04:00
if ( ret & VM_FAULT_ERROR ) {
2017-06-03 00:46:46 +03:00
int err = vm_fault_to_errno ( ret , * flags ) ;
if ( err )
return err ;
2014-06-05 03:08:12 +04:00
BUG ( ) ;
}
if ( tsk ) {
if ( ret & VM_FAULT_MAJOR )
tsk - > maj_flt + + ;
else
tsk - > min_flt + + ;
}
if ( ret & VM_FAULT_RETRY ) {
2018-03-10 02:51:06 +03:00
if ( nonblocking & & ! ( fault_flags & FAULT_FLAG_RETRY_NOWAIT ) )
2014-06-05 03:08:12 +04:00
* nonblocking = 0 ;
return - EBUSY ;
}
/*
* The VM_FAULT_WRITE bit tells us that do_wp_page has broken COW when
* necessary , even if maybe_mkwrite decided not to set pte_write . We
* can thus safely do subsequent page lookups as if they were reads .
* But only do so when looping for pte_write is futile : in some cases
* userspace may also be wanting to write to the gotten user page ,
* which a read fault here might prevent ( a readonly page might get
* reCOWed by userspace write ) .
*/
if ( ( ret & VM_FAULT_WRITE ) & & ! ( vma - > vm_flags & VM_WRITE ) )
2018-04-06 02:24:18 +03:00
* flags | = FOLL_COW ;
2014-06-05 03:08:12 +04:00
return 0 ;
}
2014-06-05 03:08:13 +04:00
static int check_vma_flags ( struct vm_area_struct * vma , unsigned long gup_flags )
{
vm_flags_t vm_flags = vma - > vm_flags ;
2016-02-13 00:02:21 +03:00
int write = ( gup_flags & FOLL_WRITE ) ;
int foreign = ( gup_flags & FOLL_REMOTE ) ;
2014-06-05 03:08:13 +04:00
if ( vm_flags & ( VM_IO | VM_PFNMAP ) )
return - EFAULT ;
2018-05-11 09:11:44 +03:00
if ( gup_flags & FOLL_ANON & & ! vma_is_anonymous ( vma ) )
return - EFAULT ;
2016-02-13 00:02:21 +03:00
if ( write ) {
2014-06-05 03:08:13 +04:00
if ( ! ( vm_flags & VM_WRITE ) ) {
if ( ! ( gup_flags & FOLL_FORCE ) )
return - EFAULT ;
/*
* We used to let the write , force case do COW in a
* VM_MAYWRITE VM_SHARED ! VM_WRITE vma , so ptrace could
* set a breakpoint in a read - only mapping of an
* executable , without corrupting the file ( yet only
* when that file had been opened for writing ! ) .
* Anon pages in shared mappings are surprising : now
* just reject it .
*/
2016-01-31 05:03:16 +03:00
if ( ! is_cow_mapping ( vm_flags ) )
2014-06-05 03:08:13 +04:00
return - EFAULT ;
}
} else if ( ! ( vm_flags & VM_READ ) ) {
if ( ! ( gup_flags & FOLL_FORCE ) )
return - EFAULT ;
/*
* Is there actually any vma we can reach here which does not
* have VM_MAYREAD set ?
*/
if ( ! ( vm_flags & VM_MAYREAD ) )
return - EFAULT ;
}
2016-02-13 00:02:24 +03:00
/*
* gups are always data accesses , not instruction
* fetches , so execute = false here
*/
if ( ! arch_vma_access_permitted ( vma , write , false , foreign ) )
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
return - EFAULT ;
2014-06-05 03:08:13 +04:00
return 0 ;
}
2014-06-05 03:08:10 +04:00
/**
* __get_user_pages ( ) - pin user pages in memory
* @ tsk : task_struct of target task
* @ mm : mm_struct of target mm
* @ start : starting user address
* @ nr_pages : number of pages from start to pin
* @ gup_flags : flags modifying pin behaviour
* @ pages : array that receives pointers to the pages pinned .
* Should be at least nr_pages long . Or NULL , if caller
* only intends to ensure the pages are faulted in .
* @ vmas : array of pointers to vmas corresponding to each page .
* Or NULL if the caller does not require them .
* @ nonblocking : whether waiting for disk IO or mmap_sem contention
*
* Returns number of pages pinned . This may be fewer than the number
* requested . If nr_pages is 0 or negative , returns 0. If no pages
* were pinned , returns - errno . Each page returned must be released
* with a put_page ( ) call when it is finished with . vmas will only
* remain valid while mmap_sem is held .
*
2014-08-07 03:07:24 +04:00
* Must be called with mmap_sem held . It may be released . See below .
2014-06-05 03:08:10 +04:00
*
* __get_user_pages walks a process ' s page tables and takes a reference to
* each struct page that each user address corresponds to at a given
* instant . That is , it takes the page that would be accessed if a user
* thread accesses the given user virtual address at that instant .
*
* This does not guarantee that the page exists in the user mappings when
* __get_user_pages returns , and there may even be a completely different
* page there in some cases ( eg . if mmapped pagecache has been invalidated
* and subsequently re faulted ) . However it does guarantee that the page
* won ' t be freed completely . And mostly callers simply care that the page
* contains data that was valid * at some point in time * . Typically , an IO
* or similar operation cannot guarantee anything stronger anyway because
* locks can ' t be held over the syscall boundary .
*
* If @ gup_flags & FOLL_WRITE = = 0 , the page must not be written to . If
* the page is written to , set_page_dirty ( or set_page_dirty_lock , as
* appropriate ) must be called after the page is finished with , and
* before put_page is called .
*
* If @ nonblocking ! = NULL , __get_user_pages will not wait for disk IO
* or mmap_sem contention , and if waiting is needed to pin all pages ,
2014-08-07 03:07:24 +04:00
* * @ nonblocking will be set to 0. Further , if @ gup_flags does not
* include FOLL_NOWAIT , the mmap_sem will be released via up_read ( ) in
* this case .
*
* A caller using such a combination of @ nonblocking and @ gup_flags
* must therefore hold the mmap_sem for reading only , and recognize
* when it ' s been released . Otherwise , it must be held for either
* reading or writing and will not be released .
2014-06-05 03:08:10 +04:00
*
* In most cases , get_user_pages or get_user_pages_fast should be used
* instead of __get_user_pages . __get_user_pages should be used only if
* you need some special @ gup_flags .
*/
mm: unexport __get_user_pages()
This patch unexports the low-level __get_user_pages() function.
Recent refactoring of the get_user_pages* functions allow flags to be
passed through get_user_pages() which eliminates the need for access to
this function from its one user, kvm.
We can see that the two calls to get_user_pages() which replace
__get_user_pages() in kvm_main.c are equivalent by examining their call
stacks:
get_user_page_nowait():
get_user_pages(start, 1, flags, page, NULL)
__get_user_pages_locked(current, current->mm, start, 1, page, NULL, NULL,
false, flags | FOLL_TOUCH)
__get_user_pages(current, current->mm, start, 1,
flags | FOLL_TOUCH | FOLL_GET, page, NULL, NULL)
check_user_page_hwpoison():
get_user_pages(addr, 1, flags, NULL, NULL)
__get_user_pages_locked(current, current->mm, addr, 1, NULL, NULL, NULL,
false, flags | FOLL_TOUCH)
__get_user_pages(current, current->mm, addr, 1, flags | FOLL_TOUCH, NULL,
NULL, NULL)
Signed-off-by: Lorenzo Stoakes <lstoakes@gmail.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-10-24 12:57:25 +03:00
static long __get_user_pages ( struct task_struct * tsk , struct mm_struct * mm ,
2014-06-05 03:08:10 +04:00
unsigned long start , unsigned long nr_pages ,
unsigned int gup_flags , struct page * * pages ,
struct vm_area_struct * * vmas , int * nonblocking )
{
2018-10-27 01:10:28 +03:00
long ret = 0 , i = 0 ;
2014-06-05 03:08:13 +04:00
struct vm_area_struct * vma = NULL ;
2018-10-27 01:10:28 +03:00
struct follow_page_context ctx = { NULL } ;
2014-06-05 03:08:10 +04:00
if ( ! nr_pages )
return 0 ;
VM_BUG_ON ( ! ! pages ! = ! ! ( gup_flags & FOLL_GET ) ) ;
/*
* If FOLL_FORCE is set then do not force a full fault as the hinting
* fault information is unrelated to the reference behaviour of a task
* using the address space
*/
if ( ! ( gup_flags & FOLL_FORCE ) )
gup_flags | = FOLL_NUMA ;
do {
2014-06-05 03:08:13 +04:00
struct page * page ;
unsigned int foll_flags = gup_flags ;
unsigned int page_increm ;
/* first iteration or cross vma bound */
if ( ! vma | | start > = vma - > vm_end ) {
vma = find_extend_vma ( mm , start ) ;
if ( ! vma & & in_gate_area ( mm , start ) ) {
ret = get_gate_page ( mm , start & PAGE_MASK ,
gup_flags , & vma ,
pages ? & pages [ i ] : NULL ) ;
if ( ret )
mm/gup: finish consolidating error handling
Commit df06b37ffe5a ("mm/gup: cache dev_pagemap while pinning pages")
attempted to operate on each page that get_user_pages had retrieved. In
order to do that, it created a common exit point from the routine.
However, one case was missed, which this patch fixes up.
Also, there was still an unnecessary shadow declaration (with a
different type) of the "ret" variable, which this patch removes.
Keith's description of the situation is:
This also fixes a potentially leaked dev_pagemap reference count if a
failure occurs when an iteration crosses a vma boundary. I don't think
it's normal to have different vma's on a users mapped zone device
memory, but good to fix anyway.
I actually thought that this code:
/* first iteration or cross vma bound */
if (!vma || start >= vma->vm_end) {
vma = find_extend_vma(mm, start);
if (!vma && in_gate_area(mm, start)) {
ret = get_gate_page(mm, start & PAGE_MASK,
gup_flags, &vma,
pages ? &pages[i] : NULL);
if (ret)
goto out;
dealt with the "you're trying to pin the gate page, as part of this
call", rather than the generic case of crossing a vma boundary. (I
think there's a fine point that I must be overlooking.) But it's still a
valid case, either way.
Link: http://lkml.kernel.org/r/20181121081402.29641-2-jhubbard@nvidia.com
Fixes: df06b37ffe5a4 ("mm/gup: cache dev_pagemap while pinning pages")
Signed-off-by: John Hubbard <jhubbard@nvidia.com>
Reviewed-by: Keith Busch <keith.busch@intel.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-12-01 01:08:53 +03:00
goto out ;
2018-10-27 01:10:28 +03:00
ctx . page_mask = 0 ;
2014-06-05 03:08:13 +04:00
goto next_page ;
}
2014-06-05 03:08:10 +04:00
2018-10-27 01:10:28 +03:00
if ( ! vma | | check_vma_flags ( vma , gup_flags ) ) {
ret = - EFAULT ;
goto out ;
}
2014-06-05 03:08:13 +04:00
if ( is_vm_hugetlb_page ( vma ) ) {
i = follow_hugetlb_page ( mm , vma , pages , vmas ,
& start , & nr_pages , i ,
2017-02-23 02:43:13 +03:00
gup_flags , nonblocking ) ;
2014-06-05 03:08:13 +04:00
continue ;
2014-06-05 03:08:10 +04:00
}
2014-06-05 03:08:13 +04:00
}
retry :
/*
* If we have a pending SIGKILL , don ' t keep faulting pages and
* potentially allocating memory .
*/
2019-01-04 02:28:55 +03:00
if ( fatal_signal_pending ( current ) ) {
2018-10-27 01:10:28 +03:00
ret = - ERESTARTSYS ;
goto out ;
}
2014-06-05 03:08:13 +04:00
cond_resched ( ) ;
2018-10-27 01:10:28 +03:00
page = follow_page_mask ( vma , start , foll_flags , & ctx ) ;
2014-06-05 03:08:13 +04:00
if ( ! page ) {
ret = faultin_page ( tsk , vma , start , & foll_flags ,
nonblocking ) ;
switch ( ret ) {
case 0 :
goto retry ;
2018-10-27 01:10:28 +03:00
case - EBUSY :
ret = 0 ;
/* FALLTHRU */
2014-06-05 03:08:13 +04:00
case - EFAULT :
case - ENOMEM :
case - EHWPOISON :
2018-10-27 01:10:28 +03:00
goto out ;
2014-06-05 03:08:13 +04:00
case - ENOENT :
goto next_page ;
2014-06-05 03:08:10 +04:00
}
2014-06-05 03:08:13 +04:00
BUG ( ) ;
2015-09-05 01:47:55 +03:00
} else if ( PTR_ERR ( page ) = = - EEXIST ) {
/*
* Proper page table entry exists , but no corresponding
* struct page .
*/
goto next_page ;
} else if ( IS_ERR ( page ) ) {
2018-10-27 01:10:28 +03:00
ret = PTR_ERR ( page ) ;
goto out ;
2015-09-05 01:47:55 +03:00
}
2014-06-05 03:08:13 +04:00
if ( pages ) {
pages [ i ] = page ;
flush_anon_page ( vma , page , start ) ;
flush_dcache_page ( page ) ;
2018-10-27 01:10:28 +03:00
ctx . page_mask = 0 ;
2014-06-05 03:08:10 +04:00
}
next_page :
2014-06-05 03:08:13 +04:00
if ( vmas ) {
vmas [ i ] = vma ;
2018-10-27 01:10:28 +03:00
ctx . page_mask = 0 ;
2014-06-05 03:08:13 +04:00
}
2018-10-27 01:10:28 +03:00
page_increm = 1 + ( ~ ( start > > PAGE_SHIFT ) & ctx . page_mask ) ;
2014-06-05 03:08:13 +04:00
if ( page_increm > nr_pages )
page_increm = nr_pages ;
i + = page_increm ;
start + = page_increm * PAGE_SIZE ;
nr_pages - = page_increm ;
2014-06-05 03:08:10 +04:00
} while ( nr_pages ) ;
2018-10-27 01:10:28 +03:00
out :
if ( ctx . pgmap )
put_dev_pagemap ( ctx . pgmap ) ;
return i ? i : ret ;
2014-06-05 03:08:10 +04:00
}
2016-12-13 03:41:53 +03:00
static bool vma_permits_fault ( struct vm_area_struct * vma ,
unsigned int fault_flags )
2016-02-13 00:02:16 +03:00
{
2016-02-13 00:02:21 +03:00
bool write = ! ! ( fault_flags & FAULT_FLAG_WRITE ) ;
bool foreign = ! ! ( fault_flags & FAULT_FLAG_REMOTE ) ;
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
vm_flags_t vm_flags = write ? VM_WRITE : VM_READ ;
2016-02-13 00:02:16 +03:00
if ( ! ( vm_flags & vma - > vm_flags ) )
return false ;
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
/*
* The architecture might have a hardware protection
2016-02-13 00:02:21 +03:00
* mechanism other than read / write that can deny access .
2016-02-13 00:02:24 +03:00
*
* gup always represents data access , not instruction
* fetches , so execute = false here :
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
*/
2016-02-13 00:02:24 +03:00
if ( ! arch_vma_access_permitted ( vma , write , false , foreign ) )
mm/gup, x86/mm/pkeys: Check VMAs and PTEs for protection keys
Today, for normal faults and page table walks, we check the VMA
and/or PTE to ensure that it is compatible with the action. For
instance, if we get a write fault on a non-writeable VMA, we
SIGSEGV.
We try to do the same thing for protection keys. Basically, we
try to make sure that if a user does this:
mprotect(ptr, size, PROT_NONE);
*ptr = foo;
they see the same effects with protection keys when they do this:
mprotect(ptr, size, PROT_READ|PROT_WRITE);
set_pkey(ptr, size, 4);
wrpkru(0xffffff3f); // access disable pkey 4
*ptr = foo;
The state to do that checking is in the VMA, but we also
sometimes have to do it on the page tables only, like when doing
a get_user_pages_fast() where we have no VMA.
We add two functions and expose them to generic code:
arch_pte_access_permitted(pte_flags, write)
arch_vma_access_permitted(vma, write)
These are, of course, backed up in x86 arch code with checks
against the PTE or VMA's protection key.
But, there are also cases where we do not want to respect
protection keys. When we ptrace(), for instance, we do not want
to apply the tracer's PKRU permissions to the PTEs from the
process being traced.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boaz Harrosh <boaz@plexistor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: David Hildenbrand <dahi@linux.vnet.ibm.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dominik Dingel <dingel@linux.vnet.ibm.com>
Cc: Dominik Vogt <vogt@linux.vnet.ibm.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Low <jason.low2@hp.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Shachar Raindel <raindel@mellanox.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-s390@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Link: http://lkml.kernel.org/r/20160212210219.14D5D715@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-02-13 00:02:19 +03:00
return false ;
2016-02-13 00:02:16 +03:00
return true ;
}
2014-06-05 03:08:10 +04:00
/*
* fixup_user_fault ( ) - manually resolve a user page fault
* @ tsk : the task_struct to use for page fault accounting , or
* NULL if faults are not to be recorded .
* @ mm : mm_struct of target mm
* @ address : user address
* @ fault_flags : flags to pass down to handle_mm_fault ( )
2016-01-16 03:57:04 +03:00
* @ unlocked : did we unlock the mmap_sem while retrying , maybe NULL if caller
* does not allow retry
2014-06-05 03:08:10 +04:00
*
* This is meant to be called in the specific scenario where for locking reasons
* we try to access user memory in atomic context ( within a pagefault_disable ( )
* section ) , this returns - EFAULT , and we want to resolve the user fault before
* trying again .
*
* Typically this is meant to be used by the futex code .
*
* The main difference with get_user_pages ( ) is that this function will
* unconditionally call handle_mm_fault ( ) which will in turn perform all the
* necessary SW fixup of the dirty and young bits in the PTE , while
2016-01-16 03:57:04 +03:00
* get_user_pages ( ) only guarantees to update these in the struct page .
2014-06-05 03:08:10 +04:00
*
* This is important for some architectures where those bits also gate the
* access permission to the page because they are maintained in software . On
* such architectures , gup ( ) will not be enough to make a subsequent access
* succeed .
*
2016-01-16 03:57:04 +03:00
* This function will not return with an unlocked mmap_sem . So it has not the
* same semantics wrt the @ mm - > mmap_sem as does filemap_fault ( ) .
2014-06-05 03:08:10 +04:00
*/
int fixup_user_fault ( struct task_struct * tsk , struct mm_struct * mm ,
2016-01-16 03:57:04 +03:00
unsigned long address , unsigned int fault_flags ,
bool * unlocked )
2014-06-05 03:08:10 +04:00
{
struct vm_area_struct * vma ;
2018-08-24 03:01:36 +03:00
vm_fault_t ret , major = 0 ;
2016-01-16 03:57:04 +03:00
if ( unlocked )
fault_flags | = FAULT_FLAG_ALLOW_RETRY ;
2014-06-05 03:08:10 +04:00
2016-01-16 03:57:04 +03:00
retry :
2014-06-05 03:08:10 +04:00
vma = find_extend_vma ( mm , address ) ;
if ( ! vma | | address < vma - > vm_start )
return - EFAULT ;
2016-02-13 00:02:16 +03:00
if ( ! vma_permits_fault ( vma , fault_flags ) )
2014-06-05 03:08:10 +04:00
return - EFAULT ;
2016-07-27 01:25:18 +03:00
ret = handle_mm_fault ( vma , address , fault_flags ) ;
2016-01-16 03:57:04 +03:00
major | = ret & VM_FAULT_MAJOR ;
2014-06-05 03:08:10 +04:00
if ( ret & VM_FAULT_ERROR ) {
2017-06-03 00:46:46 +03:00
int err = vm_fault_to_errno ( ret , 0 ) ;
if ( err )
return err ;
2014-06-05 03:08:10 +04:00
BUG ( ) ;
}
2016-01-16 03:57:04 +03:00
if ( ret & VM_FAULT_RETRY ) {
down_read ( & mm - > mmap_sem ) ;
if ( ! ( fault_flags & FAULT_FLAG_TRIED ) ) {
* unlocked = true ;
fault_flags & = ~ FAULT_FLAG_ALLOW_RETRY ;
fault_flags | = FAULT_FLAG_TRIED ;
goto retry ;
}
}
2014-06-05 03:08:10 +04:00
if ( tsk ) {
2016-01-16 03:57:04 +03:00
if ( major )
2014-06-05 03:08:10 +04:00
tsk - > maj_flt + + ;
else
tsk - > min_flt + + ;
}
return 0 ;
}
2016-06-07 18:51:18 +03:00
EXPORT_SYMBOL_GPL ( fixup_user_fault ) ;
2014-06-05 03:08:10 +04:00
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
static __always_inline long __get_user_pages_locked ( struct task_struct * tsk ,
struct mm_struct * mm ,
unsigned long start ,
unsigned long nr_pages ,
struct page * * pages ,
struct vm_area_struct * * vmas ,
2017-11-19 19:32:05 +03:00
int * locked ,
2015-02-12 02:27:20 +03:00
unsigned int flags )
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
{
long ret , pages_done ;
bool lock_dropped ;
if ( locked ) {
/* if VM_FAULT_RETRY can be returned, vmas become invalid */
BUG_ON ( vmas ) ;
/* check caller initialized locked */
BUG_ON ( * locked ! = 1 ) ;
}
if ( pages )
flags | = FOLL_GET ;
pages_done = 0 ;
lock_dropped = false ;
for ( ; ; ) {
ret = __get_user_pages ( tsk , mm , start , nr_pages , flags , pages ,
vmas , locked ) ;
if ( ! locked )
/* VM_FAULT_RETRY couldn't trigger, bypass */
return ret ;
/* VM_FAULT_RETRY cannot return errors */
if ( ! * locked ) {
BUG_ON ( ret < 0 ) ;
BUG_ON ( ret > = nr_pages ) ;
}
if ( ! pages )
/* If it's a prefault don't insist harder */
return ret ;
if ( ret > 0 ) {
nr_pages - = ret ;
pages_done + = ret ;
if ( ! nr_pages )
break ;
}
if ( * locked ) {
2018-03-10 02:51:06 +03:00
/*
* VM_FAULT_RETRY didn ' t trigger or it was a
* FOLL_NOWAIT .
*/
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
if ( ! pages_done )
pages_done = ret ;
break ;
}
/* VM_FAULT_RETRY triggered, so seek to the faulting offset */
pages + = ret ;
start + = ret < < PAGE_SHIFT ;
/*
* Repeat on the address that fired VM_FAULT_RETRY
* without FAULT_FLAG_ALLOW_RETRY but with
* FAULT_FLAG_TRIED .
*/
* locked = 1 ;
lock_dropped = true ;
down_read ( & mm - > mmap_sem ) ;
ret = __get_user_pages ( tsk , mm , start , 1 , flags | FOLL_TRIED ,
pages , NULL , NULL ) ;
if ( ret ! = 1 ) {
BUG_ON ( ret > 1 ) ;
if ( ! pages_done )
pages_done = ret ;
break ;
}
nr_pages - - ;
pages_done + + ;
if ( ! nr_pages )
break ;
pages + + ;
start + = PAGE_SIZE ;
}
2017-11-19 19:32:05 +03:00
if ( lock_dropped & & * locked ) {
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
/*
* We must let the caller know we temporarily dropped the lock
* and so the critical section protected by it was lost .
*/
up_read ( & mm - > mmap_sem ) ;
* locked = 0 ;
}
return pages_done ;
}
/*
* We can leverage the VM_FAULT_RETRY functionality in the page fault
* paths better by using either get_user_pages_locked ( ) or
* get_user_pages_unlocked ( ) .
*
* get_user_pages_locked ( ) is suitable to replace the form :
*
* down_read ( & mm - > mmap_sem ) ;
* do_something ( )
* get_user_pages ( tsk , mm , . . . , pages , NULL ) ;
* up_read ( & mm - > mmap_sem ) ;
*
* to :
*
* int locked = 1 ;
* down_read ( & mm - > mmap_sem ) ;
* do_something ( )
* get_user_pages_locked ( tsk , mm , . . . , pages , & locked ) ;
* if ( locked )
* up_read ( & mm - > mmap_sem ) ;
*/
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
long get_user_pages_locked ( unsigned long start , unsigned long nr_pages ,
2016-10-13 03:20:14 +03:00
unsigned int gup_flags , struct page * * pages ,
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
int * locked )
{
2016-02-13 00:01:55 +03:00
return __get_user_pages_locked ( current , current - > mm , start , nr_pages ,
2017-11-19 19:32:05 +03:00
pages , NULL , locked ,
2016-10-13 03:20:14 +03:00
gup_flags | FOLL_TOUCH ) ;
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
}
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
EXPORT_SYMBOL ( get_user_pages_locked ) ;
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
/*
* get_user_pages_unlocked ( ) is suitable to replace the form :
*
* down_read ( & mm - > mmap_sem ) ;
* get_user_pages ( tsk , mm , . . . , pages , NULL ) ;
* up_read ( & mm - > mmap_sem ) ;
*
* with :
*
* get_user_pages_unlocked ( tsk , mm , . . . , pages ) ;
*
* It is functionally equivalent to get_user_pages_fast so
2016-12-13 03:42:46 +03:00
* get_user_pages_fast should be used instead if specific gup_flags
* ( e . g . FOLL_FORCE ) are not required .
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
*/
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
long get_user_pages_unlocked ( unsigned long start , unsigned long nr_pages ,
2016-10-13 03:20:13 +03:00
struct page * * pages , unsigned int gup_flags )
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
{
2017-11-18 22:17:46 +03:00
struct mm_struct * mm = current - > mm ;
int locked = 1 ;
long ret ;
down_read ( & mm - > mmap_sem ) ;
ret = __get_user_pages_locked ( current , mm , start , nr_pages , pages , NULL ,
2017-11-19 19:32:05 +03:00
& locked , gup_flags | FOLL_TOUCH ) ;
2017-11-18 22:17:46 +03:00
if ( locked )
up_read ( & mm - > mmap_sem ) ;
return ret ;
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
}
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
EXPORT_SYMBOL ( get_user_pages_unlocked ) ;
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
2014-06-05 03:08:10 +04:00
/*
2016-02-13 00:01:54 +03:00
* get_user_pages_remote ( ) - pin user pages in memory
2014-06-05 03:08:10 +04:00
* @ tsk : the task_struct to use for page fault accounting , or
* NULL if faults are not to be recorded .
* @ mm : mm_struct of target mm
* @ start : starting user address
* @ nr_pages : number of pages from start to pin
2016-10-13 03:20:17 +03:00
* @ gup_flags : flags modifying lookup behaviour
2014-06-05 03:08:10 +04:00
* @ pages : array that receives pointers to the pages pinned .
* Should be at least nr_pages long . Or NULL , if caller
* only intends to ensure the pages are faulted in .
* @ vmas : array of pointers to vmas corresponding to each page .
* Or NULL if the caller does not require them .
2016-12-15 02:06:52 +03:00
* @ locked : pointer to lock flag indicating whether lock is held and
* subsequently whether VM_FAULT_RETRY functionality can be
* utilised . Lock must initially be held .
2014-06-05 03:08:10 +04:00
*
* Returns number of pages pinned . This may be fewer than the number
* requested . If nr_pages is 0 or negative , returns 0. If no pages
* were pinned , returns - errno . Each page returned must be released
* with a put_page ( ) call when it is finished with . vmas will only
* remain valid while mmap_sem is held .
*
* Must be called with mmap_sem held for read or write .
*
* get_user_pages walks a process ' s page tables and takes a reference to
* each struct page that each user address corresponds to at a given
* instant . That is , it takes the page that would be accessed if a user
* thread accesses the given user virtual address at that instant .
*
* This does not guarantee that the page exists in the user mappings when
* get_user_pages returns , and there may even be a completely different
* page there in some cases ( eg . if mmapped pagecache has been invalidated
* and subsequently re faulted ) . However it does guarantee that the page
* won ' t be freed completely . And mostly callers simply care that the page
* contains data that was valid * at some point in time * . Typically , an IO
* or similar operation cannot guarantee anything stronger anyway because
* locks can ' t be held over the syscall boundary .
*
2016-10-13 03:20:17 +03:00
* If gup_flags & FOLL_WRITE = = 0 , the page must not be written to . If the page
* is written to , set_page_dirty ( or set_page_dirty_lock , as appropriate ) must
* be called after the page is finished with , and before put_page is called .
2014-06-05 03:08:10 +04:00
*
* get_user_pages is typically used for fewer - copy IO operations , to get a
* handle on the memory by some means other than accesses via the user virtual
* addresses . The pages may be submitted for DMA to devices or accessed via
* their kernel linear mapping ( via the kmap APIs ) . Care should be taken to
* use the correct cache flushing APIs .
*
* See also get_user_pages_fast , for performance critical applications .
mm: gup: add get_user_pages_locked and get_user_pages_unlocked
FAULT_FOLL_ALLOW_RETRY allows the page fault to drop the mmap_sem for
reading to reduce the mmap_sem contention (for writing), like while
waiting for I/O completion. The problem is that right now practically no
get_user_pages call uses FAULT_FOLL_ALLOW_RETRY, so we're not leveraging
that nifty feature.
Andres fixed it for the KVM page fault. However get_user_pages_fast
remains uncovered, and 99% of other get_user_pages aren't using it either
(the only exception being FOLL_NOWAIT in KVM which is really nonblocking
and in fact it doesn't even release the mmap_sem).
So this patchsets extends the optimization Andres did in the KVM page
fault to the whole kernel. It makes most important places (including
gup_fast) to use FAULT_FOLL_ALLOW_RETRY to reduce the mmap_sem hold times
during I/O.
The only few places that remains uncovered are drivers like v4l and other
exceptions that tends to work on their own memory and they're not working
on random user memory (for example like O_DIRECT that uses gup_fast and is
fully covered by this patch).
A follow up patch should probably also add a printk_once warning to
get_user_pages that should go obsolete and be phased out eventually. The
"vmas" parameter of get_user_pages makes it fundamentally incompatible
with FAULT_FOLL_ALLOW_RETRY (vmas array becomes meaningless the moment the
mmap_sem is released).
While this is just an optimization, this becomes an absolute requirement
for the userfaultfd feature http://lwn.net/Articles/615086/ .
The userfaultfd allows to block the page fault, and in order to do so I
need to drop the mmap_sem first. So this patch also ensures that all
memory where userfaultfd could be registered by KVM, the very first fault
(no matter if it is a regular page fault, or a get_user_pages) always has
FAULT_FOLL_ALLOW_RETRY set. Then the userfaultfd blocks and it is waken
only when the pagetable is already mapped. The second fault attempt after
the wakeup doesn't need FAULT_FOLL_ALLOW_RETRY, so it's ok to retry
without it.
This patch (of 5):
We can leverage the VM_FAULT_RETRY functionality in the page fault paths
better by using either get_user_pages_locked or get_user_pages_unlocked.
The former allows conversion of get_user_pages invocations that will have
to pass a "&locked" parameter to know if the mmap_sem was dropped during
the call. Example from:
down_read(&mm->mmap_sem);
do_something()
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
to:
int locked = 1;
down_read(&mm->mmap_sem);
do_something()
get_user_pages_locked(tsk, mm, ..., pages, &locked);
if (locked)
up_read(&mm->mmap_sem);
The latter is suitable only as a drop in replacement of the form:
down_read(&mm->mmap_sem);
get_user_pages(tsk, mm, ..., pages, NULL);
up_read(&mm->mmap_sem);
into:
get_user_pages_unlocked(tsk, mm, ..., pages);
Where tsk, mm, the intermediate "..." paramters and "pages" can be any
value as before. Just the last parameter of get_user_pages (vmas) must be
NULL for get_user_pages_locked|unlocked to be usable (the latter original
form wouldn't have been safe anyway if vmas wasn't null, for the former we
just make it explicit by dropping the parameter).
If vmas is not NULL these two methods cannot be used.
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reviewed-by: Andres Lagar-Cavilla <andreslc@google.com>
Reviewed-by: Peter Feiner <pfeiner@google.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 02:27:17 +03:00
*
* get_user_pages should be phased out in favor of
* get_user_pages_locked | unlocked or get_user_pages_fast . Nothing
* should use get_user_pages because it cannot pass
* FAULT_FLAG_ALLOW_RETRY to handle_mm_fault .
2014-06-05 03:08:10 +04:00
*/
2016-02-13 00:01:54 +03:00
long get_user_pages_remote ( struct task_struct * tsk , struct mm_struct * mm ,
unsigned long start , unsigned long nr_pages ,
2016-10-13 03:20:17 +03:00
unsigned int gup_flags , struct page * * pages ,
2016-12-15 02:06:52 +03:00
struct vm_area_struct * * vmas , int * locked )
2014-06-05 03:08:10 +04:00
{
2016-10-13 03:20:11 +03:00
return __get_user_pages_locked ( tsk , mm , start , nr_pages , pages , vmas ,
2017-11-19 19:32:05 +03:00
locked ,
2016-10-13 03:20:17 +03:00
gup_flags | FOLL_TOUCH | FOLL_REMOTE ) ;
2016-02-13 00:01:54 +03:00
}
EXPORT_SYMBOL ( get_user_pages_remote ) ;
/*
2016-02-13 00:01:56 +03:00
* This is the same as get_user_pages_remote ( ) , just with a
* less - flexible calling convention where we assume that the task
2016-12-15 02:06:52 +03:00
* and mm being operated on are the current task ' s and don ' t allow
* passing of a locked parameter . We also obviously don ' t pass
* FOLL_REMOTE in here .
2016-02-13 00:01:54 +03:00
*/
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
long get_user_pages ( unsigned long start , unsigned long nr_pages ,
2016-10-13 03:20:16 +03:00
unsigned int gup_flags , struct page * * pages ,
2016-02-13 00:01:54 +03:00
struct vm_area_struct * * vmas )
{
2016-02-13 00:01:55 +03:00
return __get_user_pages_locked ( current , current - > mm , start , nr_pages ,
2017-11-19 19:32:05 +03:00
pages , vmas , NULL ,
2016-10-13 03:20:16 +03:00
gup_flags | FOLL_TOUCH ) ;
2014-06-05 03:08:10 +04:00
}
mm/gup: Remove the macro overload API migration helpers from the get_user*() APIs
The pkeys changes brought about a truly hideous set of macros in:
cde70140fed8 ("mm/gup: Overload get_user_pages() functions")
... which macros are (ab-)using the fact that __VA_ARGS__ can be used
to shift parameter positions in macro arguments without breaking the
build and so can be used to call separate C functions depending on
the number of arguments of the macro.
This allowed easy migration of these 3 GUP APIs, as both these variants
worked at the C level:
old:
ret = get_user_pages(current, current->mm, address, 1, 1, 0, &page, NULL);
new:
ret = get_user_pages(address, 1, 1, 0, &page, NULL);
... while we also generated a (functionally harmless but noticeable) build
time warning if the old API was used. As there are over 300 uses of these
APIs, this trick eased the migration of the API and avoided excessive
migration pain in linux-next.
Now, with its work done, get rid of all of that complication and ugliness:
3 files changed, 16 insertions(+), 140 deletions(-)
... where the linecount of the migration hack was further inflated by the
fact that there are NOMMU variants of these GUP APIs as well.
Much of the conversion was done in linux-next over the past couple of months,
and Linus recently removed all remaining old API uses from the upstream tree
in the following upstrea commit:
cb107161df3c ("Convert straggling drivers to new six-argument get_user_pages()")
There was one more old-API usage in mm/gup.c, in the CONFIG_HAVE_GENERIC_RCU_GUP
code path that ARM, ARM64 and PowerPC uses.
After this commit any old API usage will break the build.
[ Also fixed a PowerPC/HAVE_GENERIC_RCU_GUP warning reported by Stephen Rothwell. ]
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-04-04 11:24:58 +03:00
EXPORT_SYMBOL ( get_user_pages ) ;
2014-06-05 03:08:10 +04:00
2017-11-30 03:10:35 +03:00
# ifdef CONFIG_FS_DAX
/*
* This is the same as get_user_pages ( ) in that it assumes we are
* operating on the current task ' s mm , but it goes further to validate
* that the vmas associated with the address range are suitable for
* longterm elevated page reference counts . For example , filesystem - dax
* mappings are subject to the lifetime enforced by the filesystem and
* we need guarantees that longterm users like RDMA and V4L2 only
* establish mappings that have a kernel enforced revocation mechanism .
*
* " longterm " = = userspace controlled elevated page count lifetime .
* Contrast this to iov_iter_get_pages ( ) usages which are transient .
*/
long get_user_pages_longterm ( unsigned long start , unsigned long nr_pages ,
unsigned int gup_flags , struct page * * pages ,
struct vm_area_struct * * vmas_arg )
{
struct vm_area_struct * * vmas = vmas_arg ;
struct vm_area_struct * vma_prev = NULL ;
long rc , i ;
if ( ! pages )
return - EINVAL ;
if ( ! vmas ) {
vmas = kcalloc ( nr_pages , sizeof ( struct vm_area_struct * ) ,
GFP_KERNEL ) ;
if ( ! vmas )
return - ENOMEM ;
}
rc = get_user_pages ( start , nr_pages , gup_flags , pages , vmas ) ;
for ( i = 0 ; i < rc ; i + + ) {
struct vm_area_struct * vma = vmas [ i ] ;
if ( vma = = vma_prev )
continue ;
vma_prev = vma ;
if ( vma_is_fsdax ( vma ) )
break ;
}
/*
* Either get_user_pages ( ) failed , or the vma validation
* succeeded , in either case we don ' t need to put_page ( ) before
* returning .
*/
if ( i > = rc )
goto out ;
for ( i = 0 ; i < rc ; i + + )
put_page ( pages [ i ] ) ;
rc = - EOPNOTSUPP ;
out :
if ( vmas ! = vmas_arg )
kfree ( vmas ) ;
return rc ;
}
EXPORT_SYMBOL ( get_user_pages_longterm ) ;
# endif /* CONFIG_FS_DAX */
2015-04-15 01:44:45 +03:00
/**
* populate_vma_page_range ( ) - populate a range of pages in the vma .
* @ vma : target vma
* @ start : start address
* @ end : end address
* @ nonblocking :
*
* This takes care of mlocking the pages too if VM_LOCKED is set .
*
* return 0 on success , negative error code on error .
*
* vma - > vm_mm - > mmap_sem must be held .
*
* If @ nonblocking is NULL , it may be held for read or write and will
* be unperturbed .
*
* If @ nonblocking is non - NULL , it must held for read only and may be
* released . If it ' s released , * @ nonblocking will be set to 0.
*/
long populate_vma_page_range ( struct vm_area_struct * vma ,
unsigned long start , unsigned long end , int * nonblocking )
{
struct mm_struct * mm = vma - > vm_mm ;
unsigned long nr_pages = ( end - start ) / PAGE_SIZE ;
int gup_flags ;
VM_BUG_ON ( start & ~ PAGE_MASK ) ;
VM_BUG_ON ( end & ~ PAGE_MASK ) ;
VM_BUG_ON_VMA ( start < vma - > vm_start , vma ) ;
VM_BUG_ON_VMA ( end > vma - > vm_end , vma ) ;
VM_BUG_ON_MM ( ! rwsem_is_locked ( & mm - > mmap_sem ) , mm ) ;
2015-11-06 05:51:36 +03:00
gup_flags = FOLL_TOUCH | FOLL_POPULATE | FOLL_MLOCK ;
if ( vma - > vm_flags & VM_LOCKONFAULT )
gup_flags & = ~ FOLL_POPULATE ;
2015-04-15 01:44:45 +03:00
/*
* We want to touch writable mappings with a write fault in order
* to break COW , except for shared mappings because these don ' t COW
* and we would not want to dirty them for nothing .
*/
if ( ( vma - > vm_flags & ( VM_WRITE | VM_SHARED ) ) = = VM_WRITE )
gup_flags | = FOLL_WRITE ;
/*
* We want mlock to succeed for regions that have any permissions
* other than PROT_NONE .
*/
if ( vma - > vm_flags & ( VM_READ | VM_WRITE | VM_EXEC ) )
gup_flags | = FOLL_FORCE ;
/*
* We made sure addr is within a VMA , so the following will
* not result in a stack expansion that recurses back here .
*/
return __get_user_pages ( current , mm , start , nr_pages , gup_flags ,
NULL , NULL , nonblocking ) ;
}
/*
* __mm_populate - populate and / or mlock pages within a range of address space .
*
* This is used to implement mlock ( ) and the MAP_POPULATE / MAP_LOCKED mmap
* flags . VMAs must be already marked with the desired vm_flags , and
* mmap_sem must not be held .
*/
int __mm_populate ( unsigned long start , unsigned long len , int ignore_errors )
{
struct mm_struct * mm = current - > mm ;
unsigned long end , nstart , nend ;
struct vm_area_struct * vma = NULL ;
int locked = 0 ;
long ret = 0 ;
end = start + len ;
for ( nstart = start ; nstart < end ; nstart = nend ) {
/*
* We want to fault in pages for [ nstart ; end ) address range .
* Find first corresponding VMA .
*/
if ( ! locked ) {
locked = 1 ;
down_read ( & mm - > mmap_sem ) ;
vma = find_vma ( mm , nstart ) ;
} else if ( nstart > = vma - > vm_end )
vma = vma - > vm_next ;
if ( ! vma | | vma - > vm_start > = end )
break ;
/*
* Set [ nstart ; nend ) to intersection of desired address
* range with the first VMA . Also , skip undesirable VMA types .
*/
nend = min ( end , vma - > vm_end ) ;
if ( vma - > vm_flags & ( VM_IO | VM_PFNMAP ) )
continue ;
if ( nstart < vma - > vm_start )
nstart = vma - > vm_start ;
/*
* Now fault in a range of pages . populate_vma_page_range ( )
* double checks the vma flags , so that it won ' t mlock pages
* if the vma was already munlocked .
*/
ret = populate_vma_page_range ( vma , nstart , nend , & locked ) ;
if ( ret < 0 ) {
if ( ignore_errors ) {
ret = 0 ;
continue ; /* continue at next VMA */
}
break ;
}
nend = nstart + ret * PAGE_SIZE ;
ret = 0 ;
}
if ( locked )
up_read ( & mm - > mmap_sem ) ;
return ret ; /* 0 or negative error code */
}
2014-06-05 03:08:10 +04:00
/**
* get_dump_page ( ) - pin user page in memory while writing it to core dump
* @ addr : user address
*
* Returns struct page pointer of user page pinned for dump ,
2016-04-01 15:29:48 +03:00
* to be freed afterwards by put_page ( ) .
2014-06-05 03:08:10 +04:00
*
* Returns NULL on any kind of failure - a hole must then be inserted into
* the corefile , to preserve alignment with its headers ; and also returns
* NULL wherever the ZERO_PAGE , or an anonymous pte_none , has been found -
* allowing a hole to be left in the corefile to save diskspace .
*
* Called without mmap_sem , but after all other threads have been killed .
*/
# ifdef CONFIG_ELF_CORE
struct page * get_dump_page ( unsigned long addr )
{
struct vm_area_struct * vma ;
struct page * page ;
if ( __get_user_pages ( current , current - > mm , addr , 1 ,
FOLL_FORCE | FOLL_DUMP | FOLL_GET , & page , & vma ,
NULL ) < 1 )
return NULL ;
flush_cache_page ( vma , addr , page_to_pfn ( page ) ) ;
return page ;
}
# endif /* CONFIG_ELF_CORE */
2014-10-10 02:29:14 +04:00
/*
2017-06-06 14:31:20 +03:00
* Generic Fast GUP
2014-10-10 02:29:14 +04:00
*
* get_user_pages_fast attempts to pin user pages by walking the page
* tables directly and avoids taking locks . Thus the walker needs to be
* protected from page table pages being freed from under it , and should
* block any THP splits .
*
* One way to achieve this is to have the walker disable interrupts , and
* rely on IPIs from the TLB flushing code blocking before the page table
* pages are freed . This is unsuitable for architectures that do not need
* to broadcast an IPI when invalidating TLBs .
*
* Another way to achieve this is to batch up page table containing pages
* belonging to more than one mm_user , then rcu_sched a callback to free those
* pages . Disabling interrupts will allow the fast_gup walker to both block
* the rcu_sched callback , and an IPI that we broadcast for splitting THPs
* ( which is a relatively rare event ) . The code below adopts this strategy .
*
* Before activating this code , please be aware that the following assumptions
* are currently made :
*
2017-06-06 14:31:20 +03:00
* * ) Either HAVE_RCU_TABLE_FREE is enabled , and tlb_remove_table ( ) is used to
* free pages containing page tables or TLB flushing requires IPI broadcast .
2014-10-10 02:29:14 +04:00
*
* * ) ptes can be read atomically by the architecture .
*
* * ) access_ok is sufficient to validate userspace address ranges .
*
* The last two assumptions can be relaxed by the addition of helper functions .
*
* This code is based heavily on the PowerPC implementation by Nick Piggin .
*/
2017-06-06 14:31:20 +03:00
# ifdef CONFIG_HAVE_GENERIC_GUP
2014-10-10 02:29:14 +04:00
2017-03-16 18:26:51 +03:00
# ifndef gup_get_pte
/*
* We assume that the PTE can be read atomically . If this is not the case for
* your architecture , please provide the helper .
*/
static inline pte_t gup_get_pte ( pte_t * ptep )
{
return READ_ONCE ( * ptep ) ;
}
# endif
2017-03-16 18:26:53 +03:00
static void undo_dev_pagemap ( int * nr , int nr_start , struct page * * pages )
{
while ( ( * nr ) - nr_start ) {
struct page * page = pages [ - - ( * nr ) ] ;
ClearPageReferenced ( page ) ;
put_page ( page ) ;
}
}
2018-06-08 03:06:08 +03:00
# ifdef CONFIG_ARCH_HAS_PTE_SPECIAL
2014-10-10 02:29:14 +04:00
static int gup_pte_range ( pmd_t pmd , unsigned long addr , unsigned long end ,
int write , struct page * * pages , int * nr )
{
2017-03-16 18:26:53 +03:00
struct dev_pagemap * pgmap = NULL ;
int nr_start = * nr , ret = 0 ;
2014-10-10 02:29:14 +04:00
pte_t * ptep , * ptem ;
ptem = ptep = pte_offset_map ( & pmd , addr ) ;
do {
2017-03-16 18:26:51 +03:00
pte_t pte = gup_get_pte ( ptep ) ;
2016-01-16 03:52:32 +03:00
struct page * head , * page ;
2014-10-10 02:29:14 +04:00
/*
* Similar to the PMD case below , NUMA hinting must take slow
2015-02-13 01:58:22 +03:00
* path using the pte_protnone check .
2014-10-10 02:29:14 +04:00
*/
2017-03-16 18:26:50 +03:00
if ( pte_protnone ( pte ) )
goto pte_unmap ;
if ( ! pte_access_permitted ( pte , write ) )
goto pte_unmap ;
2017-03-16 18:26:53 +03:00
if ( pte_devmap ( pte ) ) {
pgmap = get_dev_pagemap ( pte_pfn ( pte ) , pgmap ) ;
if ( unlikely ( ! pgmap ) ) {
undo_dev_pagemap ( nr , nr_start , pages ) ;
goto pte_unmap ;
}
} else if ( pte_special ( pte ) )
2014-10-10 02:29:14 +04:00
goto pte_unmap ;
VM_BUG_ON ( ! pfn_valid ( pte_pfn ( pte ) ) ) ;
page = pte_page ( pte ) ;
2016-01-16 03:52:32 +03:00
head = compound_head ( page ) ;
2014-10-10 02:29:14 +04:00
2016-01-16 03:52:32 +03:00
if ( ! page_cache_get_speculative ( head ) )
2014-10-10 02:29:14 +04:00
goto pte_unmap ;
if ( unlikely ( pte_val ( pte ) ! = pte_val ( * ptep ) ) ) {
2016-01-16 03:52:32 +03:00
put_page ( head ) ;
2014-10-10 02:29:14 +04:00
goto pte_unmap ;
}
2016-01-16 03:52:32 +03:00
VM_BUG_ON_PAGE ( compound_head ( page ) ! = head , page ) ;
2017-03-16 18:26:52 +03:00
SetPageReferenced ( page ) ;
2014-10-10 02:29:14 +04:00
pages [ * nr ] = page ;
( * nr ) + + ;
} while ( ptep + + , addr + = PAGE_SIZE , addr ! = end ) ;
ret = 1 ;
pte_unmap :
2017-12-29 10:54:01 +03:00
if ( pgmap )
put_dev_pagemap ( pgmap ) ;
2014-10-10 02:29:14 +04:00
pte_unmap ( ptem ) ;
return ret ;
}
# else
/*
* If we can ' t determine whether or not a pte is special , then fail immediately
* for ptes . Note , we can still pin HugeTLB and THP as these are guaranteed not
* to be special .
*
* For a futex to be placed on a THP tail page , get_futex_key requires a
* __get_user_pages_fast implementation that can pin pages . Thus it ' s still
* useful to have gup_huge_pmd even if we can ' t operate on ptes .
*/
static int gup_pte_range ( pmd_t pmd , unsigned long addr , unsigned long end ,
int write , struct page * * pages , int * nr )
{
return 0 ;
}
2018-06-08 03:06:08 +03:00
# endif /* CONFIG_ARCH_HAS_PTE_SPECIAL */
2014-10-10 02:29:14 +04:00
2017-09-07 02:20:58 +03:00
# if defined(__HAVE_ARCH_PTE_DEVMAP) && defined(CONFIG_TRANSPARENT_HUGEPAGE)
2017-03-16 18:26:53 +03:00
static int __gup_device_huge ( unsigned long pfn , unsigned long addr ,
unsigned long end , struct page * * pages , int * nr )
{
int nr_start = * nr ;
struct dev_pagemap * pgmap = NULL ;
do {
struct page * page = pfn_to_page ( pfn ) ;
pgmap = get_dev_pagemap ( pfn , pgmap ) ;
if ( unlikely ( ! pgmap ) ) {
undo_dev_pagemap ( nr , nr_start , pages ) ;
return 0 ;
}
SetPageReferenced ( page ) ;
pages [ * nr ] = page ;
get_page ( page ) ;
( * nr ) + + ;
pfn + + ;
} while ( addr + = PAGE_SIZE , addr ! = end ) ;
2017-12-29 10:54:01 +03:00
if ( pgmap )
put_dev_pagemap ( pgmap ) ;
2017-03-16 18:26:53 +03:00
return 1 ;
}
2018-04-20 07:32:19 +03:00
static int __gup_device_huge_pmd ( pmd_t orig , pmd_t * pmdp , unsigned long addr ,
2017-03-16 18:26:53 +03:00
unsigned long end , struct page * * pages , int * nr )
{
unsigned long fault_pfn ;
2018-04-20 07:32:19 +03:00
int nr_start = * nr ;
fault_pfn = pmd_pfn ( orig ) + ( ( addr & ~ PMD_MASK ) > > PAGE_SHIFT ) ;
if ( ! __gup_device_huge ( fault_pfn , addr , end , pages , nr ) )
return 0 ;
2017-03-16 18:26:53 +03:00
2018-04-20 07:32:19 +03:00
if ( unlikely ( pmd_val ( orig ) ! = pmd_val ( * pmdp ) ) ) {
undo_dev_pagemap ( nr , nr_start , pages ) ;
return 0 ;
}
return 1 ;
2017-03-16 18:26:53 +03:00
}
2018-04-20 07:32:19 +03:00
static int __gup_device_huge_pud ( pud_t orig , pud_t * pudp , unsigned long addr ,
2017-03-16 18:26:53 +03:00
unsigned long end , struct page * * pages , int * nr )
{
unsigned long fault_pfn ;
2018-04-20 07:32:19 +03:00
int nr_start = * nr ;
fault_pfn = pud_pfn ( orig ) + ( ( addr & ~ PUD_MASK ) > > PAGE_SHIFT ) ;
if ( ! __gup_device_huge ( fault_pfn , addr , end , pages , nr ) )
return 0 ;
2017-03-16 18:26:53 +03:00
2018-04-20 07:32:19 +03:00
if ( unlikely ( pud_val ( orig ) ! = pud_val ( * pudp ) ) ) {
undo_dev_pagemap ( nr , nr_start , pages ) ;
return 0 ;
}
return 1 ;
2017-03-16 18:26:53 +03:00
}
# else
2018-04-20 07:32:19 +03:00
static int __gup_device_huge_pmd ( pmd_t orig , pmd_t * pmdp , unsigned long addr ,
2017-03-16 18:26:53 +03:00
unsigned long end , struct page * * pages , int * nr )
{
BUILD_BUG ( ) ;
return 0 ;
}
2018-04-20 07:32:19 +03:00
static int __gup_device_huge_pud ( pud_t pud , pud_t * pudp , unsigned long addr ,
2017-03-16 18:26:53 +03:00
unsigned long end , struct page * * pages , int * nr )
{
BUILD_BUG ( ) ;
return 0 ;
}
# endif
2014-10-10 02:29:14 +04:00
static int gup_huge_pmd ( pmd_t orig , pmd_t * pmdp , unsigned long addr ,
unsigned long end , int write , struct page * * pages , int * nr )
{
2016-01-16 03:52:56 +03:00
struct page * head , * page ;
2014-10-10 02:29:14 +04:00
int refs ;
2017-03-16 18:26:50 +03:00
if ( ! pmd_access_permitted ( orig , write ) )
2014-10-10 02:29:14 +04:00
return 0 ;
2017-03-16 18:26:53 +03:00
if ( pmd_devmap ( orig ) )
2018-04-20 07:32:19 +03:00
return __gup_device_huge_pmd ( orig , pmdp , addr , end , pages , nr ) ;
2017-03-16 18:26:53 +03:00
2014-10-10 02:29:14 +04:00
refs = 0 ;
2017-07-07 01:39:39 +03:00
page = pmd_page ( orig ) + ( ( addr & ~ PMD_MASK ) > > PAGE_SHIFT ) ;
2014-10-10 02:29:14 +04:00
do {
pages [ * nr ] = page ;
( * nr ) + + ;
page + + ;
refs + + ;
} while ( addr + = PAGE_SIZE , addr ! = end ) ;
2017-07-07 01:39:39 +03:00
head = compound_head ( pmd_page ( orig ) ) ;
2014-10-10 02:29:14 +04:00
if ( ! page_cache_add_speculative ( head , refs ) ) {
* nr - = refs ;
return 0 ;
}
if ( unlikely ( pmd_val ( orig ) ! = pmd_val ( * pmdp ) ) ) {
* nr - = refs ;
while ( refs - - )
put_page ( head ) ;
return 0 ;
}
2017-03-16 18:26:52 +03:00
SetPageReferenced ( head ) ;
2014-10-10 02:29:14 +04:00
return 1 ;
}
static int gup_huge_pud ( pud_t orig , pud_t * pudp , unsigned long addr ,
unsigned long end , int write , struct page * * pages , int * nr )
{
2016-01-16 03:52:56 +03:00
struct page * head , * page ;
2014-10-10 02:29:14 +04:00
int refs ;
2017-03-16 18:26:50 +03:00
if ( ! pud_access_permitted ( orig , write ) )
2014-10-10 02:29:14 +04:00
return 0 ;
2017-03-16 18:26:53 +03:00
if ( pud_devmap ( orig ) )
2018-04-20 07:32:19 +03:00
return __gup_device_huge_pud ( orig , pudp , addr , end , pages , nr ) ;
2017-03-16 18:26:53 +03:00
2014-10-10 02:29:14 +04:00
refs = 0 ;
2017-07-07 01:39:39 +03:00
page = pud_page ( orig ) + ( ( addr & ~ PUD_MASK ) > > PAGE_SHIFT ) ;
2014-10-10 02:29:14 +04:00
do {
pages [ * nr ] = page ;
( * nr ) + + ;
page + + ;
refs + + ;
} while ( addr + = PAGE_SIZE , addr ! = end ) ;
2017-07-07 01:39:39 +03:00
head = compound_head ( pud_page ( orig ) ) ;
2014-10-10 02:29:14 +04:00
if ( ! page_cache_add_speculative ( head , refs ) ) {
* nr - = refs ;
return 0 ;
}
if ( unlikely ( pud_val ( orig ) ! = pud_val ( * pudp ) ) ) {
* nr - = refs ;
while ( refs - - )
put_page ( head ) ;
return 0 ;
}
2017-03-16 18:26:52 +03:00
SetPageReferenced ( head ) ;
2014-10-10 02:29:14 +04:00
return 1 ;
}
2014-11-05 19:27:40 +03:00
static int gup_huge_pgd ( pgd_t orig , pgd_t * pgdp , unsigned long addr ,
unsigned long end , int write ,
struct page * * pages , int * nr )
{
int refs ;
2016-01-16 03:52:56 +03:00
struct page * head , * page ;
2014-11-05 19:27:40 +03:00
2017-03-16 18:26:50 +03:00
if ( ! pgd_access_permitted ( orig , write ) )
2014-11-05 19:27:40 +03:00
return 0 ;
2017-03-16 18:26:53 +03:00
BUILD_BUG_ON ( pgd_devmap ( orig ) ) ;
2014-11-05 19:27:40 +03:00
refs = 0 ;
2017-07-07 01:39:39 +03:00
page = pgd_page ( orig ) + ( ( addr & ~ PGDIR_MASK ) > > PAGE_SHIFT ) ;
2014-11-05 19:27:40 +03:00
do {
pages [ * nr ] = page ;
( * nr ) + + ;
page + + ;
refs + + ;
} while ( addr + = PAGE_SIZE , addr ! = end ) ;
2017-07-07 01:39:39 +03:00
head = compound_head ( pgd_page ( orig ) ) ;
2014-11-05 19:27:40 +03:00
if ( ! page_cache_add_speculative ( head , refs ) ) {
* nr - = refs ;
return 0 ;
}
if ( unlikely ( pgd_val ( orig ) ! = pgd_val ( * pgdp ) ) ) {
* nr - = refs ;
while ( refs - - )
put_page ( head ) ;
return 0 ;
}
2017-03-16 18:26:52 +03:00
SetPageReferenced ( head ) ;
2014-11-05 19:27:40 +03:00
return 1 ;
}
2014-10-10 02:29:14 +04:00
static int gup_pmd_range ( pud_t pud , unsigned long addr , unsigned long end ,
int write , struct page * * pages , int * nr )
{
unsigned long next ;
pmd_t * pmdp ;
pmdp = pmd_offset ( & pud , addr ) ;
do {
2015-01-07 00:54:46 +03:00
pmd_t pmd = READ_ONCE ( * pmdp ) ;
2014-10-10 02:29:14 +04:00
next = pmd_addr_end ( addr , end ) ;
mm: thp: check pmd migration entry in common path
When THP migration is being used, memory management code needs to handle
pmd migration entries properly. This patch uses !pmd_present() or
is_swap_pmd() (depending on whether pmd_none() needs separate code or
not) to check pmd migration entries at the places where a pmd entry is
present.
Since pmd-related code uses split_huge_page(), split_huge_pmd(),
pmd_trans_huge(), pmd_trans_unstable(), or
pmd_none_or_trans_huge_or_clear_bad(), this patch:
1. adds pmd migration entry split code in split_huge_pmd(),
2. takes care of pmd migration entries whenever pmd_trans_huge() is present,
3. makes pmd_none_or_trans_huge_or_clear_bad() pmd migration entry aware.
Since split_huge_page() uses split_huge_pmd() and pmd_trans_unstable()
is equivalent to pmd_none_or_trans_huge_or_clear_bad(), we do not change
them.
Until this commit, a pmd entry should be:
1. pointing to a pte page,
2. is_swap_pmd(),
3. pmd_trans_huge(),
4. pmd_devmap(), or
5. pmd_none().
Signed-off-by: Zi Yan <zi.yan@cs.rutgers.edu>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Anshuman Khandual <khandual@linux.vnet.ibm.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Nellans <dnellans@nvidia.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-09-09 02:11:01 +03:00
if ( ! pmd_present ( pmd ) )
2014-10-10 02:29:14 +04:00
return 0 ;
if ( unlikely ( pmd_trans_huge ( pmd ) | | pmd_huge ( pmd ) ) ) {
/*
* NUMA hinting faults need to be handled in the GUP
* slowpath for accounting purposes and so that they
* can be serialised against THP migration .
*/
2015-02-13 01:58:22 +03:00
if ( pmd_protnone ( pmd ) )
2014-10-10 02:29:14 +04:00
return 0 ;
if ( ! gup_huge_pmd ( pmd , pmdp , addr , next , write ,
pages , nr ) )
return 0 ;
2014-11-05 19:27:40 +03:00
} else if ( unlikely ( is_hugepd ( __hugepd ( pmd_val ( pmd ) ) ) ) ) {
/*
* architecture have different format for hugetlbfs
* pmd format and THP pmd format
*/
if ( ! gup_huge_pd ( __hugepd ( pmd_val ( pmd ) ) , addr ,
PMD_SHIFT , next , write , pages , nr ) )
return 0 ;
2014-10-10 02:29:14 +04:00
} else if ( ! gup_pte_range ( pmd , addr , next , write , pages , nr ) )
2018-04-06 02:24:18 +03:00
return 0 ;
2014-10-10 02:29:14 +04:00
} while ( pmdp + + , addr = next , addr ! = end ) ;
return 1 ;
}
2017-03-09 17:24:07 +03:00
static int gup_pud_range ( p4d_t p4d , unsigned long addr , unsigned long end ,
2014-11-05 19:27:40 +03:00
int write , struct page * * pages , int * nr )
2014-10-10 02:29:14 +04:00
{
unsigned long next ;
pud_t * pudp ;
2017-03-09 17:24:07 +03:00
pudp = pud_offset ( & p4d , addr ) ;
2014-10-10 02:29:14 +04:00
do {
2014-12-07 23:41:33 +03:00
pud_t pud = READ_ONCE ( * pudp ) ;
2014-10-10 02:29:14 +04:00
next = pud_addr_end ( addr , end ) ;
if ( pud_none ( pud ) )
return 0 ;
2014-11-05 19:27:40 +03:00
if ( unlikely ( pud_huge ( pud ) ) ) {
2014-10-10 02:29:14 +04:00
if ( ! gup_huge_pud ( pud , pudp , addr , next , write ,
2014-11-05 19:27:40 +03:00
pages , nr ) )
return 0 ;
} else if ( unlikely ( is_hugepd ( __hugepd ( pud_val ( pud ) ) ) ) ) {
if ( ! gup_huge_pd ( __hugepd ( pud_val ( pud ) ) , addr ,
PUD_SHIFT , next , write , pages , nr ) )
2014-10-10 02:29:14 +04:00
return 0 ;
} else if ( ! gup_pmd_range ( pud , addr , next , write , pages , nr ) )
return 0 ;
} while ( pudp + + , addr = next , addr ! = end ) ;
return 1 ;
}
2017-03-09 17:24:07 +03:00
static int gup_p4d_range ( pgd_t pgd , unsigned long addr , unsigned long end ,
int write , struct page * * pages , int * nr )
{
unsigned long next ;
p4d_t * p4dp ;
p4dp = p4d_offset ( & pgd , addr ) ;
do {
p4d_t p4d = READ_ONCE ( * p4dp ) ;
next = p4d_addr_end ( addr , end ) ;
if ( p4d_none ( p4d ) )
return 0 ;
BUILD_BUG_ON ( p4d_huge ( p4d ) ) ;
if ( unlikely ( is_hugepd ( __hugepd ( p4d_val ( p4d ) ) ) ) ) {
if ( ! gup_huge_pd ( __hugepd ( p4d_val ( p4d ) ) , addr ,
P4D_SHIFT , next , write , pages , nr ) )
return 0 ;
2017-03-13 08:22:13 +03:00
} else if ( ! gup_pud_range ( p4d , addr , next , write , pages , nr ) )
2017-03-09 17:24:07 +03:00
return 0 ;
} while ( p4dp + + , addr = next , addr ! = end ) ;
return 1 ;
}
2017-09-09 00:56:03 +03:00
static void gup_pgd_range ( unsigned long addr , unsigned long end ,
int write , struct page * * pages , int * nr )
{
unsigned long next ;
pgd_t * pgdp ;
pgdp = pgd_offset ( current - > mm , addr ) ;
do {
pgd_t pgd = READ_ONCE ( * pgdp ) ;
next = pgd_addr_end ( addr , end ) ;
if ( pgd_none ( pgd ) )
return ;
if ( unlikely ( pgd_huge ( pgd ) ) ) {
if ( ! gup_huge_pgd ( pgd , pgdp , addr , next , write ,
pages , nr ) )
return ;
} else if ( unlikely ( is_hugepd ( __hugepd ( pgd_val ( pgd ) ) ) ) ) {
if ( ! gup_huge_pd ( __hugepd ( pgd_val ( pgd ) ) , addr ,
PGDIR_SHIFT , next , write , pages , nr ) )
return ;
} else if ( ! gup_p4d_range ( pgd , addr , next , write , pages , nr ) )
return ;
} while ( pgdp + + , addr = next , addr ! = end ) ;
}
# ifndef gup_fast_permitted
/*
* Check if it ' s allowed to use __get_user_pages_fast ( ) for the range , or
* we need to fall back to the slow version :
*/
bool gup_fast_permitted ( unsigned long start , int nr_pages , int write )
{
unsigned long len , end ;
len = ( unsigned long ) nr_pages < < PAGE_SHIFT ;
end = start + len ;
return end > = start ;
}
# endif
2014-10-10 02:29:14 +04:00
/*
* Like get_user_pages_fast ( ) except it ' s IRQ - safe in that it won ' t fall back to
2018-04-14 01:35:23 +03:00
* the regular GUP .
* Note a difference with get_user_pages_fast : this always returns the
* number of pages pinned , 0 if no pages were pinned .
2014-10-10 02:29:14 +04:00
*/
int __get_user_pages_fast ( unsigned long start , int nr_pages , int write ,
struct page * * pages )
{
2018-10-27 01:07:55 +03:00
unsigned long len , end ;
2017-09-09 00:56:03 +03:00
unsigned long flags ;
2014-10-10 02:29:14 +04:00
int nr = 0 ;
start & = PAGE_MASK ;
len = ( unsigned long ) nr_pages < < PAGE_SHIFT ;
end = start + len ;
Remove 'type' argument from access_ok() function
Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument
of the user address range verification function since we got rid of the
old racy i386-only code to walk page tables by hand.
It existed because the original 80386 would not honor the write protect
bit when in kernel mode, so you had to do COW by hand before doing any
user access. But we haven't supported that in a long time, and these
days the 'type' argument is a purely historical artifact.
A discussion about extending 'user_access_begin()' to do the range
checking resulted this patch, because there is no way we're going to
move the old VERIFY_xyz interface to that model. And it's best done at
the end of the merge window when I've done most of my merges, so let's
just get this done once and for all.
This patch was mostly done with a sed-script, with manual fix-ups for
the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form.
There were a couple of notable cases:
- csky still had the old "verify_area()" name as an alias.
- the iter_iov code had magical hardcoded knowledge of the actual
values of VERIFY_{READ,WRITE} (not that they mattered, since nothing
really used it)
- microblaze used the type argument for a debug printout
but other than those oddities this should be a total no-op patch.
I tried to fix up all architectures, did fairly extensive grepping for
access_ok() uses, and the changes are trivial, but I may have missed
something. Any missed conversion should be trivially fixable, though.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-04 05:57:57 +03:00
if ( unlikely ( ! access_ok ( ( void __user * ) start , len ) ) )
2014-10-10 02:29:14 +04:00
return 0 ;
/*
* Disable interrupts . We use the nested form as we can already have
* interrupts disabled by get_futex_key .
*
* With interrupts disabled , we block page table pages from being
2018-10-31 01:10:51 +03:00
* freed from under us . See struct mmu_table_batch comments in
* include / asm - generic / tlb . h for more details .
2014-10-10 02:29:14 +04:00
*
* We do not adopt an rcu_read_lock ( . ) here as we also want to
* block IPIs that come from THPs splitting .
*/
2017-09-09 00:56:03 +03:00
if ( gup_fast_permitted ( start , nr_pages , write ) ) {
local_irq_save ( flags ) ;
2018-10-27 01:07:55 +03:00
gup_pgd_range ( start , end , write , pages , & nr ) ;
2017-09-09 00:56:03 +03:00
local_irq_restore ( flags ) ;
}
2014-10-10 02:29:14 +04:00
return nr ;
}
/**
* get_user_pages_fast ( ) - pin user pages in memory
* @ start : starting user address
* @ nr_pages : number of pages from start to pin
* @ write : whether pages will be written to
* @ pages : array that receives pointers to the pages pinned .
* Should be at least nr_pages long .
*
* Attempt to pin user pages in memory without taking mm - > mmap_sem .
* If not successful , it will fall back to taking the lock and
* calling get_user_pages ( ) .
*
* Returns number of pages pinned . This may be fewer than the number
* requested . If nr_pages is 0 or negative , returns 0. If no pages
* were pinned , returns - errno .
*/
int get_user_pages_fast ( unsigned long start , int nr_pages , int write ,
struct page * * pages )
{
2017-09-09 00:56:03 +03:00
unsigned long addr , len , end ;
2017-03-16 18:26:54 +03:00
int nr = 0 , ret = 0 ;
2014-10-10 02:29:14 +04:00
start & = PAGE_MASK ;
2017-09-09 00:56:03 +03:00
addr = start ;
len = ( unsigned long ) nr_pages < < PAGE_SHIFT ;
end = start + len ;
get_user_pages_fast(): return -EFAULT on access_ok failure
get_user_pages_fast is supposed to be a faster drop-in equivalent of
get_user_pages. As such, callers expect it to return a negative return
code when passed an invalid address, and never expect it to return 0
when passed a positive number of pages, since its documentation says:
* Returns number of pages pinned. This may be fewer than the number
* requested. If nr_pages is 0 or negative, returns 0. If no pages
* were pinned, returns -errno.
When get_user_pages_fast fall back on get_user_pages this is exactly
what happens. Unfortunately the implementation is inconsistent: it
returns 0 if passed a kernel address, confusing callers: for example,
the following is pretty common but does not appear to do the right thing
with a kernel address:
ret = get_user_pages_fast(addr, 1, writeable, &page);
if (ret < 0)
return ret;
Change get_user_pages_fast to return -EFAULT when supplied a kernel
address to make it match expectations.
All callers have been audited for consistency with the documented
semantics.
Link: http://lkml.kernel.org/r/1522962072-182137-4-git-send-email-mst@redhat.com
Fixes: 5b65c4677a57 ("mm, x86/mm: Fix performance regression in get_user_pages_fast()")
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: syzbot+6304bf97ef436580fede@syzkaller.appspotmail.com
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Huang Ying <ying.huang@intel.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Thorsten Leemhuis <regressions@leemhuis.info>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-14 01:35:20 +03:00
if ( nr_pages < = 0 )
return 0 ;
Remove 'type' argument from access_ok() function
Nobody has actually used the type (VERIFY_READ vs VERIFY_WRITE) argument
of the user address range verification function since we got rid of the
old racy i386-only code to walk page tables by hand.
It existed because the original 80386 would not honor the write protect
bit when in kernel mode, so you had to do COW by hand before doing any
user access. But we haven't supported that in a long time, and these
days the 'type' argument is a purely historical artifact.
A discussion about extending 'user_access_begin()' to do the range
checking resulted this patch, because there is no way we're going to
move the old VERIFY_xyz interface to that model. And it's best done at
the end of the merge window when I've done most of my merges, so let's
just get this done once and for all.
This patch was mostly done with a sed-script, with manual fix-ups for
the cases that weren't of the trivial 'access_ok(VERIFY_xyz' form.
There were a couple of notable cases:
- csky still had the old "verify_area()" name as an alias.
- the iter_iov code had magical hardcoded knowledge of the actual
values of VERIFY_{READ,WRITE} (not that they mattered, since nothing
really used it)
- microblaze used the type argument for a debug printout
but other than those oddities this should be a total no-op patch.
I tried to fix up all architectures, did fairly extensive grepping for
access_ok() uses, and the changes are trivial, but I may have missed
something. Any missed conversion should be trivially fixable, though.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2019-01-04 05:57:57 +03:00
if ( unlikely ( ! access_ok ( ( void __user * ) start , len ) ) )
get_user_pages_fast(): return -EFAULT on access_ok failure
get_user_pages_fast is supposed to be a faster drop-in equivalent of
get_user_pages. As such, callers expect it to return a negative return
code when passed an invalid address, and never expect it to return 0
when passed a positive number of pages, since its documentation says:
* Returns number of pages pinned. This may be fewer than the number
* requested. If nr_pages is 0 or negative, returns 0. If no pages
* were pinned, returns -errno.
When get_user_pages_fast fall back on get_user_pages this is exactly
what happens. Unfortunately the implementation is inconsistent: it
returns 0 if passed a kernel address, confusing callers: for example,
the following is pretty common but does not appear to do the right thing
with a kernel address:
ret = get_user_pages_fast(addr, 1, writeable, &page);
if (ret < 0)
return ret;
Change get_user_pages_fast to return -EFAULT when supplied a kernel
address to make it match expectations.
All callers have been audited for consistency with the documented
semantics.
Link: http://lkml.kernel.org/r/1522962072-182137-4-git-send-email-mst@redhat.com
Fixes: 5b65c4677a57 ("mm, x86/mm: Fix performance regression in get_user_pages_fast()")
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: syzbot+6304bf97ef436580fede@syzkaller.appspotmail.com
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Huang Ying <ying.huang@intel.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Thorsten Leemhuis <regressions@leemhuis.info>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-14 01:35:20 +03:00
return - EFAULT ;
2017-03-16 18:26:54 +03:00
if ( gup_fast_permitted ( start , nr_pages , write ) ) {
2017-09-09 00:56:03 +03:00
local_irq_disable ( ) ;
gup_pgd_range ( addr , end , write , pages , & nr ) ;
local_irq_enable ( ) ;
2017-03-16 18:26:54 +03:00
ret = nr ;
}
2014-10-10 02:29:14 +04:00
if ( nr < nr_pages ) {
/* Try to get the remaining pages with get_user_pages */
start + = nr < < PAGE_SHIFT ;
pages + = nr ;
2016-10-13 03:20:13 +03:00
ret = get_user_pages_unlocked ( start , nr_pages - nr , pages ,
write ? FOLL_WRITE : 0 ) ;
2014-10-10 02:29:14 +04:00
/* Have to be a bit careful with return values */
if ( nr > 0 ) {
if ( ret < 0 )
ret = nr ;
else
ret + = nr ;
}
}
return ret ;
}
2017-06-06 14:31:20 +03:00
# endif /* CONFIG_HAVE_GENERIC_GUP */