Blame view
mm/mmu_notifier.c
11.7 KB
cddb8a5c1 mmu-notifiers: core |
1 2 3 4 5 |
/* * linux/mm/mmu_notifier.c * * Copyright (C) 2008 Qumranet, Inc. * Copyright (C) 2008 SGI |
93e205a72 fix Christoph's e... |
6 |
* Christoph Lameter <cl@linux.com> |
cddb8a5c1 mmu-notifiers: core |
7 8 9 10 11 12 13 |
* * This work is licensed under the terms of the GNU GPL, version 2. See * the COPYING file in the top-level directory. */ #include <linux/rculist.h> #include <linux/mmu_notifier.h> |
b95f1b31b mm: Map most file... |
14 |
#include <linux/export.h> |
cddb8a5c1 mmu-notifiers: core |
15 16 |
#include <linux/mm.h> #include <linux/err.h> |
21a92735f mm: mmu_notifier:... |
17 |
#include <linux/srcu.h> |
cddb8a5c1 mmu-notifiers: core |
18 19 |
#include <linux/rcupdate.h> #include <linux/sched.h> |
5a0e3ad6a include cleanup: ... |
20 |
#include <linux/slab.h> |
cddb8a5c1 mmu-notifiers: core |
21 |
|
21a92735f mm: mmu_notifier:... |
22 |
/* global SRCU for all MMs */ |
70400303c mm: mmu_notifier:... |
23 |
static struct srcu_struct srcu; |
21a92735f mm: mmu_notifier:... |
24 |
|
cddb8a5c1 mmu-notifiers: core |
25 |
/* |
b972216e2 mmu_notifier: add... |
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
* This function allows mmu_notifier::release callback to delay a call to * a function that will free appropriate resources. The function must be * quick and must not block. */ void mmu_notifier_call_srcu(struct rcu_head *rcu, void (*func)(struct rcu_head *rcu)) { call_srcu(&srcu, rcu, func); } EXPORT_SYMBOL_GPL(mmu_notifier_call_srcu); void mmu_notifier_synchronize(void) { /* Wait for any running method to finish. */ srcu_barrier(&srcu); } EXPORT_SYMBOL_GPL(mmu_notifier_synchronize); /* |
cddb8a5c1 mmu-notifiers: core |
45 46 47 48 49 50 |
* This function can't run concurrently against mmu_notifier_register * because mm->mm_users > 0 during mmu_notifier_register and exit_mmap * runs with mm_users == 0. Other tasks may still invoke mmu notifiers * in parallel despite there being no task using this mm any more, * through the vmas outside of the exit_mmap context, such as with * vmtruncate. This serializes against mmu_notifier_unregister with |
21a92735f mm: mmu_notifier:... |
51 52 |
* the mmu_notifier_mm->lock in addition to SRCU and it serializes * against the other mmu notifiers with SRCU. struct mmu_notifier_mm |
cddb8a5c1 mmu-notifiers: core |
53 54 55 56 57 58 |
* can't go away from under us as exit_mmap holds an mm_count pin * itself. */ void __mmu_notifier_release(struct mm_struct *mm) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
59 |
int id; |
3ad3d901b mm: mmu_notifier:... |
60 61 |
/* |
d34883d4e mm: mmu_notifier:... |
62 63 |
* SRCU here will block mmu_notifier_unregister until * ->release returns. |
3ad3d901b mm: mmu_notifier:... |
64 |
*/ |
21a92735f mm: mmu_notifier:... |
65 |
id = srcu_read_lock(&srcu); |
d34883d4e mm: mmu_notifier:... |
66 67 68 69 70 71 72 73 74 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) /* * If ->release runs before mmu_notifier_unregister it must be * handled, as it's the only way for the driver to flush all * existing sptes and stop the driver from establishing any more * sptes before all the pages in the mm are freed. */ if (mn->ops->release) mn->ops->release(mn, mm); |
d34883d4e mm: mmu_notifier:... |
75 |
|
cddb8a5c1 mmu-notifiers: core |
76 77 78 79 80 81 |
spin_lock(&mm->mmu_notifier_mm->lock); while (unlikely(!hlist_empty(&mm->mmu_notifier_mm->list))) { mn = hlist_entry(mm->mmu_notifier_mm->list.first, struct mmu_notifier, hlist); /* |
d34883d4e mm: mmu_notifier:... |
82 83 84 85 |
* We arrived before mmu_notifier_unregister so * mmu_notifier_unregister will do nothing other than to wait * for ->release to finish and for mmu_notifier_unregister to * return. |
cddb8a5c1 mmu-notifiers: core |
86 87 |
*/ hlist_del_init_rcu(&mn->hlist); |
cddb8a5c1 mmu-notifiers: core |
88 89 |
} spin_unlock(&mm->mmu_notifier_mm->lock); |
b972216e2 mmu_notifier: add... |
90 |
srcu_read_unlock(&srcu, id); |
cddb8a5c1 mmu-notifiers: core |
91 92 |
/* |
d34883d4e mm: mmu_notifier:... |
93 94 95 96 97 98 99 |
* synchronize_srcu here prevents mmu_notifier_release from returning to * exit_mmap (which would proceed with freeing all pages in the mm) * until the ->release method returns, if it was invoked by * mmu_notifier_unregister. * * The mmu_notifier_mm can't go away from under us because one mm_count * is held by exit_mmap. |
cddb8a5c1 mmu-notifiers: core |
100 |
*/ |
21a92735f mm: mmu_notifier:... |
101 |
synchronize_srcu(&srcu); |
cddb8a5c1 mmu-notifiers: core |
102 103 104 105 106 107 108 109 |
} /* * If no young bitflag is supported by the hardware, ->clear_flush_young can * unmap the address and return 1 or 0 depending if the mapping previously * existed or not. */ int __mmu_notifier_clear_flush_young(struct mm_struct *mm, |
571284680 kvm: Fix page age... |
110 111 |
unsigned long start, unsigned long end) |
cddb8a5c1 mmu-notifiers: core |
112 113 |
{ struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
114 |
int young = 0, id; |
cddb8a5c1 mmu-notifiers: core |
115 |
|
21a92735f mm: mmu_notifier:... |
116 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
117 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
cddb8a5c1 mmu-notifiers: core |
118 |
if (mn->ops->clear_flush_young) |
571284680 kvm: Fix page age... |
119 |
young |= mn->ops->clear_flush_young(mn, mm, start, end); |
cddb8a5c1 mmu-notifiers: core |
120 |
} |
21a92735f mm: mmu_notifier:... |
121 |
srcu_read_unlock(&srcu, id); |
cddb8a5c1 mmu-notifiers: core |
122 123 124 |
return young; } |
1d7715c67 mmu-notifier: add... |
125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
int __mmu_notifier_clear_young(struct mm_struct *mm, unsigned long start, unsigned long end) { struct mmu_notifier *mn; int young = 0, id; id = srcu_read_lock(&srcu); hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { if (mn->ops->clear_young) young |= mn->ops->clear_young(mn, mm, start, end); } srcu_read_unlock(&srcu, id); return young; } |
8ee53820e thp: mmu_notifier... |
141 142 143 144 |
int __mmu_notifier_test_young(struct mm_struct *mm, unsigned long address) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
145 |
int young = 0, id; |
8ee53820e thp: mmu_notifier... |
146 |
|
21a92735f mm: mmu_notifier:... |
147 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
148 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
8ee53820e thp: mmu_notifier... |
149 150 151 152 153 154 |
if (mn->ops->test_young) { young = mn->ops->test_young(mn, mm, address); if (young) break; } } |
21a92735f mm: mmu_notifier:... |
155 |
srcu_read_unlock(&srcu, id); |
8ee53820e thp: mmu_notifier... |
156 157 158 |
return young; } |
828502d30 ksm: add mmu_noti... |
159 160 161 162 |
void __mmu_notifier_change_pte(struct mm_struct *mm, unsigned long address, pte_t pte) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
163 |
int id; |
828502d30 ksm: add mmu_noti... |
164 |
|
21a92735f mm: mmu_notifier:... |
165 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
166 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
828502d30 ksm: add mmu_noti... |
167 168 |
if (mn->ops->change_pte) mn->ops->change_pte(mn, mm, address, pte); |
828502d30 ksm: add mmu_noti... |
169 |
} |
21a92735f mm: mmu_notifier:... |
170 |
srcu_read_unlock(&srcu, id); |
828502d30 ksm: add mmu_noti... |
171 |
} |
cddb8a5c1 mmu-notifiers: core |
172 173 174 175 |
void __mmu_notifier_invalidate_page(struct mm_struct *mm, unsigned long address) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
176 |
int id; |
cddb8a5c1 mmu-notifiers: core |
177 |
|
21a92735f mm: mmu_notifier:... |
178 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
179 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
cddb8a5c1 mmu-notifiers: core |
180 181 182 |
if (mn->ops->invalidate_page) mn->ops->invalidate_page(mn, mm, address); } |
21a92735f mm: mmu_notifier:... |
183 |
srcu_read_unlock(&srcu, id); |
cddb8a5c1 mmu-notifiers: core |
184 185 186 187 188 189 |
} void __mmu_notifier_invalidate_range_start(struct mm_struct *mm, unsigned long start, unsigned long end) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
190 |
int id; |
cddb8a5c1 mmu-notifiers: core |
191 |
|
21a92735f mm: mmu_notifier:... |
192 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
193 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
cddb8a5c1 mmu-notifiers: core |
194 195 196 |
if (mn->ops->invalidate_range_start) mn->ops->invalidate_range_start(mn, mm, start, end); } |
21a92735f mm: mmu_notifier:... |
197 |
srcu_read_unlock(&srcu, id); |
cddb8a5c1 mmu-notifiers: core |
198 |
} |
fa794199e mm: export mmu no... |
199 |
EXPORT_SYMBOL_GPL(__mmu_notifier_invalidate_range_start); |
cddb8a5c1 mmu-notifiers: core |
200 201 202 203 204 |
void __mmu_notifier_invalidate_range_end(struct mm_struct *mm, unsigned long start, unsigned long end) { struct mmu_notifier *mn; |
21a92735f mm: mmu_notifier:... |
205 |
int id; |
cddb8a5c1 mmu-notifiers: core |
206 |
|
21a92735f mm: mmu_notifier:... |
207 |
id = srcu_read_lock(&srcu); |
b67bfe0d4 hlist: drop the n... |
208 |
hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { |
0f0a327fa mmu_notifier: add... |
209 210 211 212 213 214 215 216 217 218 |
/* * Call invalidate_range here too to avoid the need for the * subsystem of having to register an invalidate_range_end * call-back when there is invalidate_range already. Usually a * subsystem registers either invalidate_range_start()/end() or * invalidate_range(), so this will be no additional overhead * (besides the pointer check). */ if (mn->ops->invalidate_range) mn->ops->invalidate_range(mn, mm, start, end); |
cddb8a5c1 mmu-notifiers: core |
219 220 221 |
if (mn->ops->invalidate_range_end) mn->ops->invalidate_range_end(mn, mm, start, end); } |
21a92735f mm: mmu_notifier:... |
222 |
srcu_read_unlock(&srcu, id); |
cddb8a5c1 mmu-notifiers: core |
223 |
} |
fa794199e mm: export mmu no... |
224 |
EXPORT_SYMBOL_GPL(__mmu_notifier_invalidate_range_end); |
cddb8a5c1 mmu-notifiers: core |
225 |
|
0f0a327fa mmu_notifier: add... |
226 227 228 229 230 231 232 233 234 235 236 237 238 239 |
void __mmu_notifier_invalidate_range(struct mm_struct *mm, unsigned long start, unsigned long end) { struct mmu_notifier *mn; int id; id = srcu_read_lock(&srcu); hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) { if (mn->ops->invalidate_range) mn->ops->invalidate_range(mn, mm, start, end); } srcu_read_unlock(&srcu, id); } EXPORT_SYMBOL_GPL(__mmu_notifier_invalidate_range); |
cddb8a5c1 mmu-notifiers: core |
240 241 242 243 244 245 246 247 |
static int do_mmu_notifier_register(struct mmu_notifier *mn, struct mm_struct *mm, int take_mmap_sem) { struct mmu_notifier_mm *mmu_notifier_mm; int ret; BUG_ON(atomic_read(&mm->mm_users) <= 0); |
21a92735f mm: mmu_notifier:... |
248 |
/* |
35cfa2b0b mm/mmu_notifier: ... |
249 250 251 |
* Verify that mmu_notifier_init() already run and the global srcu is * initialized. */ |
21a92735f mm: mmu_notifier:... |
252 |
BUG_ON(!srcu.per_cpu_ref); |
35cfa2b0b mm/mmu_notifier: ... |
253 254 255 256 |
ret = -ENOMEM; mmu_notifier_mm = kmalloc(sizeof(struct mmu_notifier_mm), GFP_KERNEL); if (unlikely(!mmu_notifier_mm)) goto out; |
cddb8a5c1 mmu-notifiers: core |
257 258 259 260 |
if (take_mmap_sem) down_write(&mm->mmap_sem); ret = mm_take_all_locks(mm); if (unlikely(ret)) |
35cfa2b0b mm/mmu_notifier: ... |
261 |
goto out_clean; |
cddb8a5c1 mmu-notifiers: core |
262 263 264 265 |
if (!mm_has_notifiers(mm)) { INIT_HLIST_HEAD(&mmu_notifier_mm->list); spin_lock_init(&mmu_notifier_mm->lock); |
e0f3c3f78 mm/mmu_notifier: ... |
266 |
|
cddb8a5c1 mmu-notifiers: core |
267 |
mm->mmu_notifier_mm = mmu_notifier_mm; |
35cfa2b0b mm/mmu_notifier: ... |
268 |
mmu_notifier_mm = NULL; |
cddb8a5c1 mmu-notifiers: core |
269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 |
} atomic_inc(&mm->mm_count); /* * Serialize the update against mmu_notifier_unregister. A * side note: mmu_notifier_release can't run concurrently with * us because we hold the mm_users pin (either implicitly as * current->mm or explicitly with get_task_mm() or similar). * We can't race against any other mmu notifier method either * thanks to mm_take_all_locks(). */ spin_lock(&mm->mmu_notifier_mm->lock); hlist_add_head(&mn->hlist, &mm->mmu_notifier_mm->list); spin_unlock(&mm->mmu_notifier_mm->lock); mm_drop_all_locks(mm); |
35cfa2b0b mm/mmu_notifier: ... |
285 |
out_clean: |
cddb8a5c1 mmu-notifiers: core |
286 287 |
if (take_mmap_sem) up_write(&mm->mmap_sem); |
35cfa2b0b mm/mmu_notifier: ... |
288 289 |
kfree(mmu_notifier_mm); out: |
cddb8a5c1 mmu-notifiers: core |
290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 |
BUG_ON(atomic_read(&mm->mm_users) <= 0); return ret; } /* * Must not hold mmap_sem nor any other VM related lock when calling * this registration function. Must also ensure mm_users can't go down * to zero while this runs to avoid races with mmu_notifier_release, * so mm has to be current->mm or the mm should be pinned safely such * as with get_task_mm(). If the mm is not current->mm, the mm_users * pin should be released by calling mmput after mmu_notifier_register * returns. mmu_notifier_unregister must be always called to * unregister the notifier. mm_count is automatically pinned to allow * mmu_notifier_unregister to safely run at any time later, before or * after exit_mmap. ->release will always be called before exit_mmap * frees the pages. */ int mmu_notifier_register(struct mmu_notifier *mn, struct mm_struct *mm) { return do_mmu_notifier_register(mn, mm, 1); } EXPORT_SYMBOL_GPL(mmu_notifier_register); /* * Same as mmu_notifier_register but here the caller must hold the * mmap_sem in write mode. */ int __mmu_notifier_register(struct mmu_notifier *mn, struct mm_struct *mm) { return do_mmu_notifier_register(mn, mm, 0); } EXPORT_SYMBOL_GPL(__mmu_notifier_register); /* this is called after the last mmu_notifier_unregister() returned */ void __mmu_notifier_mm_destroy(struct mm_struct *mm) { BUG_ON(!hlist_empty(&mm->mmu_notifier_mm->list)); kfree(mm->mmu_notifier_mm); mm->mmu_notifier_mm = LIST_POISON1; /* debug */ } /* * This releases the mm_count pin automatically and frees the mm * structure if it was the last user of it. It serializes against |
21a92735f mm: mmu_notifier:... |
334 335 |
* running mmu notifiers with SRCU and against mmu_notifier_unregister * with the unregister lock + SRCU. All sptes must be dropped before |
cddb8a5c1 mmu-notifiers: core |
336 337 338 339 340 341 342 343 |
* calling mmu_notifier_unregister. ->release or any other notifier * method may be invoked concurrently with mmu_notifier_unregister, * and only after mmu_notifier_unregister returned we're guaranteed * that ->release or any other method can't run anymore. */ void mmu_notifier_unregister(struct mmu_notifier *mn, struct mm_struct *mm) { BUG_ON(atomic_read(&mm->mm_count) <= 0); |
cddb8a5c1 mmu-notifiers: core |
344 |
if (!hlist_unhashed(&mn->hlist)) { |
d34883d4e mm: mmu_notifier:... |
345 346 347 348 |
/* * SRCU here will force exit_mmap to wait for ->release to * finish before freeing the pages. */ |
21a92735f mm: mmu_notifier:... |
349 |
int id; |
3ad3d901b mm: mmu_notifier:... |
350 |
|
d34883d4e mm: mmu_notifier:... |
351 |
id = srcu_read_lock(&srcu); |
cddb8a5c1 mmu-notifiers: core |
352 |
/* |
d34883d4e mm: mmu_notifier:... |
353 354 |
* exit_mmap will block in mmu_notifier_release to guarantee * that ->release is called before freeing the pages. |
cddb8a5c1 mmu-notifiers: core |
355 356 357 |
*/ if (mn->ops->release) mn->ops->release(mn, mm); |
d34883d4e mm: mmu_notifier:... |
358 |
srcu_read_unlock(&srcu, id); |
3ad3d901b mm: mmu_notifier:... |
359 |
|
d34883d4e mm: mmu_notifier:... |
360 |
spin_lock(&mm->mmu_notifier_mm->lock); |
751efd861 mmu_notifier_unre... |
361 |
/* |
d34883d4e mm: mmu_notifier:... |
362 363 |
* Can not use list_del_rcu() since __mmu_notifier_release * can delete it before we hold the lock. |
751efd861 mmu_notifier_unre... |
364 |
*/ |
d34883d4e mm: mmu_notifier:... |
365 |
hlist_del_init_rcu(&mn->hlist); |
cddb8a5c1 mmu-notifiers: core |
366 |
spin_unlock(&mm->mmu_notifier_mm->lock); |
d34883d4e mm: mmu_notifier:... |
367 |
} |
cddb8a5c1 mmu-notifiers: core |
368 369 |
/* |
d34883d4e mm: mmu_notifier:... |
370 |
* Wait for any running method to finish, of course including |
83a35e360 treewide: relase ... |
371 |
* ->release if it was run by mmu_notifier_release instead of us. |
cddb8a5c1 mmu-notifiers: core |
372 |
*/ |
21a92735f mm: mmu_notifier:... |
373 |
synchronize_srcu(&srcu); |
cddb8a5c1 mmu-notifiers: core |
374 375 376 377 378 379 |
BUG_ON(atomic_read(&mm->mm_count) <= 0); mmdrop(mm); } EXPORT_SYMBOL_GPL(mmu_notifier_unregister); |
21a92735f mm: mmu_notifier:... |
380 |
|
b972216e2 mmu_notifier: add... |
381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 |
/* * Same as mmu_notifier_unregister but no callback and no srcu synchronization. */ void mmu_notifier_unregister_no_release(struct mmu_notifier *mn, struct mm_struct *mm) { spin_lock(&mm->mmu_notifier_mm->lock); /* * Can not use list_del_rcu() since __mmu_notifier_release * can delete it before we hold the lock. */ hlist_del_init_rcu(&mn->hlist); spin_unlock(&mm->mmu_notifier_mm->lock); BUG_ON(atomic_read(&mm->mm_count) <= 0); mmdrop(mm); } EXPORT_SYMBOL_GPL(mmu_notifier_unregister_no_release); |
21a92735f mm: mmu_notifier:... |
399 400 401 402 |
static int __init mmu_notifier_init(void) { return init_srcu_struct(&srcu); } |
a64fb3cd6 mm: audit/fix non... |
403 |
subsys_initcall(mmu_notifier_init); |