projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
swapfile: avoid dereferencing bd_disk during swap_entry_free for network storage
[linux-2.6-block.git] / mm / migrate.c
CommitLineData
b20a3503
CL		 1/*
2 * Memory Migration functionality - linux/mm/migration.c
3 *
4 * Copyright (C) 2006 Silicon Graphics, Inc., Christoph Lameter
5 *
6 * Page migration was first developed in the context of the memory hotplug
7 * project. The main authors of the migration code are:
8 *
9 * IWAMOTO Toshihiro <iwamoto@valinux.co.jp>
10 * Hirokazu Takahashi <taka@valinux.co.jp>
11 * Dave Hansen <haveblue@us.ibm.com>
cde53535 12 * Christoph Lameter
b20a3503
CL		 13 */
14
15#include <linux/migrate.h>
b95f1b31 16#include <linux/export.h>
b20a3503 17#include <linux/swap.h>
0697212a 18#include <linux/swapops.h>
b20a3503 19#include <linux/pagemap.h>
e23ca00b 20#include <linux/buffer_head.h>
b20a3503 21#include <linux/mm_inline.h>
b488893a 22#include <linux/nsproxy.h>
b20a3503 23#include <linux/pagevec.h>
e9995ef9 24#include <linux/ksm.h>
b20a3503
CL		 25#include <linux/rmap.h>
26#include <linux/topology.h>
27#include <linux/cpu.h>
28#include <linux/cpuset.h>
04e62a29 29#include <linux/writeback.h>
742755a1
CL		 30#include <linux/mempolicy.h>
31#include <linux/vmalloc.h>
86c3a764 32#include <linux/security.h>
8a9f3ccd 33#include <linux/memcontrol.h>
4f5ca265 34#include <linux/syscalls.h>
290408d4 35#include <linux/hugetlb.h>
8e6ac7fa 36#include <linux/hugetlb_cgroup.h>
5a0e3ad6 37#include <linux/gfp.h>
b20a3503 38
0d1836c3
MN		 39#include <asm/tlbflush.h>
40
b20a3503
CL		 41#include "internal.h"
42
b20a3503 43/*
742755a1 44 * migrate_prep() needs to be called before we start compiling a list of pages
748446bb
MG		 45 * to be migrated using isolate_lru_page(). If scheduling work on other CPUs is
46 * undesirable, use migrate_prep_local()
b20a3503
CL		 47 */
48int migrate_prep(void)
49{
b20a3503
CL		 50 /*
51 * Clear the LRU lists so pages can be isolated.
52 * Note that pages may be moved off the LRU after we have
53 * drained them. Those pages will fail to migrate like other
54 * pages that may be busy.
55 */
56 lru_add_drain_all();
57
58 return 0;
59}
60
748446bb
MG		 61/* Do the necessary work of migrate_prep but not if it involves other CPUs */
62int migrate_prep_local(void)
63{
64 lru_add_drain();
65
66 return 0;
67}
68
b20a3503 69/*
894bc310
LS		 70 * Add isolated pages on the list back to the LRU under page lock
71 * to avoid leaking evictable pages back onto unevictable list.
b20a3503 72 */
e13861d8 73void putback_lru_pages(struct list_head *l)
b20a3503
CL		 74{
75 struct page *page;
76 struct page *page2;
b20a3503
CL		 77
78 list_for_each_entry_safe(page, page2, l, lru) {
e24f0b8f 79 list_del(&page->lru);
a731286d 80 dec_zone_page_state(page, NR_ISOLATED_ANON +
6c0b1351 81 page_is_file_cache(page));
894bc310 82 putback_lru_page(page);
b20a3503 83 }
b20a3503
CL		 84}
85
0697212a
CL		 86/*
87 * Restore a potential migration pte to a working pte entry
88 */
e9995ef9
HD		 89static int remove_migration_pte(struct page *new, struct vm_area_struct *vma,
90 unsigned long addr, void *old)
0697212a
CL		 91{
92 struct mm_struct *mm = vma->vm_mm;
93 swp_entry_t entry;
94 pgd_t *pgd;
95 pud_t *pud;
96 pmd_t *pmd;
97 pte_t *ptep, pte;
98 spinlock_t *ptl;
99
290408d4
NH		 100 if (unlikely(PageHuge(new))) {
101 ptep = huge_pte_offset(mm, addr);
102 if (!ptep)
103 goto out;
104 ptl = &mm->page_table_lock;
105 } else {
106 pgd = pgd_offset(mm, addr);
107 if (!pgd_present(*pgd))
108 goto out;
0697212a 109
290408d4
NH		 110 pud = pud_offset(pgd, addr);
111 if (!pud_present(*pud))
112 goto out;
0697212a 113
290408d4 114 pmd = pmd_offset(pud, addr);
500d65d4
AA		 115 if (pmd_trans_huge(*pmd))
116 goto out;
290408d4
NH		 117 if (!pmd_present(*pmd))
118 goto out;
0697212a 119
290408d4 120 ptep = pte_offset_map(pmd, addr);
0697212a 121
486cf46f
HD		 122 /*
123 * Peek to check is_swap_pte() before taking ptlock? No, we
124 * can race mremap's move_ptes(), which skips anon_vma lock.
125 */
290408d4
NH		 126
127 ptl = pte_lockptr(mm, pmd);
128 }
0697212a 129
0697212a
CL		 130 spin_lock(ptl);
131 pte = *ptep;
132 if (!is_swap_pte(pte))
e9995ef9 133 goto unlock;
0697212a
CL		 134
135 entry = pte_to_swp_entry(pte);
136
e9995ef9
HD		 137 if (!is_migration_entry(entry) ||
138 migration_entry_to_page(entry) != old)
139 goto unlock;
0697212a 140
0697212a
CL		 141 get_page(new);
142 pte = pte_mkold(mk_pte(new, vma->vm_page_prot));
143 if (is_write_migration_entry(entry))
144 pte = pte_mkwrite(pte);
3ef8fd7f 145#ifdef CONFIG_HUGETLB_PAGE
290408d4
NH		 146 if (PageHuge(new))
147 pte = pte_mkhuge(pte);
3ef8fd7f 148#endif
97ee0524 149 flush_cache_page(vma, addr, pte_pfn(pte));
0697212a 150 set_pte_at(mm, addr, ptep, pte);
04e62a29 151
290408d4
NH		 152 if (PageHuge(new)) {
153 if (PageAnon(new))
154 hugepage_add_anon_rmap(new, vma, addr);
155 else
156 page_dup_rmap(new);
157 } else if (PageAnon(new))
04e62a29
CL		 158 page_add_anon_rmap(new, vma, addr);
159 else
160 page_add_file_rmap(new);
161
162 /* No need to invalidate - it was non-present before */
4b3073e1 163 update_mmu_cache(vma, addr, ptep);
e9995ef9 164unlock:
0697212a 165 pte_unmap_unlock(ptep, ptl);
e9995ef9
HD		 166out:
167 return SWAP_AGAIN;
0697212a
CL		 168}
169
04e62a29
CL		 170/*
171 * Get rid of all migration entries and replace them by
172 * references to the indicated page.
173 */
174static void remove_migration_ptes(struct page *old, struct page *new)
175{
e9995ef9 176 rmap_walk(new, remove_migration_pte, old);
04e62a29
CL		 177}
178
0697212a
CL		 179/*
180 * Something used the pte of a page under migration. We need to
181 * get to the page and wait until migration is finished.
182 * When we return from this function the fault will be retried.
0697212a
CL		 183 */
184void migration_entry_wait(struct mm_struct *mm, pmd_t *pmd,
185 unsigned long address)
186{
187 pte_t *ptep, pte;
188 spinlock_t *ptl;
189 swp_entry_t entry;
190 struct page *page;
191
192 ptep = pte_offset_map_lock(mm, pmd, address, &ptl);
193 pte = *ptep;
194 if (!is_swap_pte(pte))
195 goto out;
196
197 entry = pte_to_swp_entry(pte);
198 if (!is_migration_entry(entry))
199 goto out;
200
201 page = migration_entry_to_page(entry);
202
e286781d
NP		 203 /*
204 * Once radix-tree replacement of page migration started, page_count
205 * *must* be zero. And, we don't want to call wait_on_page_locked()
206 * against a page without get_page().
207 * So, we use get_page_unless_zero(), here. Even failed, page fault
208 * will occur again.
209 */
210 if (!get_page_unless_zero(page))
211 goto out;
0697212a
CL		 212 pte_unmap_unlock(ptep, ptl);
213 wait_on_page_locked(page);
214 put_page(page);
215 return;
216out:
217 pte_unmap_unlock(ptep, ptl);
218}
219
b969c4ab
MG		 220#ifdef CONFIG_BLOCK
221/* Returns true if all buffers are successfully locked */
a6bc32b8
MG		 222static bool buffer_migrate_lock_buffers(struct buffer_head *head,
223 enum migrate_mode mode)
b969c4ab
MG		 224{
225 struct buffer_head *bh = head;
226
227 /* Simple case, sync compaction */
a6bc32b8 228 if (mode != MIGRATE_ASYNC) {
b969c4ab
MG		 229 do {
230 get_bh(bh);
231 lock_buffer(bh);
232 bh = bh->b_this_page;
233
234 } while (bh != head);
235
236 return true;
237 }
238
239 /* async case, we cannot block on lock_buffer so use trylock_buffer */
240 do {
241 get_bh(bh);
242 if (!trylock_buffer(bh)) {
243 /*
244 * We failed to lock the buffer and cannot stall in
245 * async migration. Release the taken locks
246 */
247 struct buffer_head *failed_bh = bh;
248 put_bh(failed_bh);
249 bh = head;
250 while (bh != failed_bh) {
251 unlock_buffer(bh);
252 put_bh(bh);
253 bh = bh->b_this_page;
254 }
255 return false;
256 }
257
258 bh = bh->b_this_page;
259 } while (bh != head);
260 return true;
261}
262#else
263static inline bool buffer_migrate_lock_buffers(struct buffer_head *head,
a6bc32b8 264 enum migrate_mode mode)
b969c4ab
MG		 265{
266 return true;
267}
268#endif /* CONFIG_BLOCK */
269
b20a3503 270/*
c3fcf8a5 271 * Replace the page in the mapping.
5b5c7120
CL		 272 *
273 * The number of remaining references must be:
274 * 1 for anonymous pages without a mapping
275 * 2 for pages with a mapping
266cf658 276 * 3 for pages with a mapping and PagePrivate/PagePrivate2 set.
b20a3503 277 */
2d1db3b1 278static int migrate_page_move_mapping(struct address_space *mapping,
b969c4ab 279 struct page *newpage, struct page *page,
a6bc32b8 280 struct buffer_head *head, enum migrate_mode mode)
b20a3503 281{
e286781d 282 int expected_count;
7cf9c2c7 283 void **pslot;
b20a3503 284
6c5240ae 285 if (!mapping) {
0e8c7d0f 286 /* Anonymous page without mapping */
6c5240ae
CL		 287 if (page_count(page) != 1)
288 return -EAGAIN;
289 return 0;
290 }
291
19fd6231 292 spin_lock_irq(&mapping->tree_lock);
b20a3503 293
7cf9c2c7
NP		 294 pslot = radix_tree_lookup_slot(&mapping->page_tree,
295 page_index(page));
b20a3503 296
edcf4748 297 expected_count = 2 + page_has_private(page);
e286781d 298 if (page_count(page) != expected_count ||
29c1f677 299 radix_tree_deref_slot_protected(pslot, &mapping->tree_lock) != page) {
19fd6231 300 spin_unlock_irq(&mapping->tree_lock);
e23ca00b 301 return -EAGAIN;
b20a3503
CL		 302 }
303
e286781d 304 if (!page_freeze_refs(page, expected_count)) {
19fd6231 305 spin_unlock_irq(&mapping->tree_lock);
e286781d
NP		 306 return -EAGAIN;
307 }
308
b969c4ab
MG		 309 /*
310 * In the async migration case of moving a page with buffers, lock the
311 * buffers using trylock before the mapping is moved. If the mapping
312 * was moved, we later failed to lock the buffers and could not move
313 * the mapping back due to an elevated page count, we would have to
314 * block waiting on other references to be dropped.
315 */
a6bc32b8
MG		 316 if (mode == MIGRATE_ASYNC && head &&
317 !buffer_migrate_lock_buffers(head, mode)) {
b969c4ab
MG		 318 page_unfreeze_refs(page, expected_count);
319 spin_unlock_irq(&mapping->tree_lock);
320 return -EAGAIN;
321 }
322
b20a3503
CL		 323 /*
324 * Now we know that no one else is looking at the page.
b20a3503 325 */
7cf9c2c7 326 get_page(newpage); /* add cache reference */
b20a3503
CL		 327 if (PageSwapCache(page)) {
328 SetPageSwapCache(newpage);
329 set_page_private(newpage, page_private(page));
330 }
331
7cf9c2c7
NP		 332 radix_tree_replace_slot(pslot, newpage);
333
334 /*
937a94c9
JG		 335 * Drop cache reference from old page by unfreezing
336 * to one less reference.
7cf9c2c7
NP		 337 * We know this isn't the last reference.
338 */
937a94c9 339 page_unfreeze_refs(page, expected_count - 1);
7cf9c2c7 340
0e8c7d0f
CL		 341 /*
342 * If moved to a different zone then also account
343 * the page for that zone. Other VM counters will be
344 * taken care of when we establish references to the
345 * new page and drop references to the old page.
346 *
347 * Note that anonymous pages are accounted for
348 * via NR_FILE_PAGES and NR_ANON_PAGES if they
349 * are mapped to swap space.
350 */
351 __dec_zone_page_state(page, NR_FILE_PAGES);
352 __inc_zone_page_state(newpage, NR_FILE_PAGES);
99a15e21 353 if (!PageSwapCache(page) && PageSwapBacked(page)) {
4b02108a
KM		 354 __dec_zone_page_state(page, NR_SHMEM);
355 __inc_zone_page_state(newpage, NR_SHMEM);
356 }
19fd6231 357 spin_unlock_irq(&mapping->tree_lock);
b20a3503
CL		 358
359 return 0;
360}
b20a3503 361
290408d4
NH		 362/*
363 * The expected number of remaining references is the same as that
364 * of migrate_page_move_mapping().
365 */
366int migrate_huge_page_move_mapping(struct address_space *mapping,
367 struct page *newpage, struct page *page)
368{
369 int expected_count;
370 void **pslot;
371
372 if (!mapping) {
373 if (page_count(page) != 1)
374 return -EAGAIN;
375 return 0;
376 }
377
378 spin_lock_irq(&mapping->tree_lock);
379
380 pslot = radix_tree_lookup_slot(&mapping->page_tree,
381 page_index(page));
382
383 expected_count = 2 + page_has_private(page);
384 if (page_count(page) != expected_count ||
29c1f677 385 radix_tree_deref_slot_protected(pslot, &mapping->tree_lock) != page) {
290408d4
NH		 386 spin_unlock_irq(&mapping->tree_lock);
387 return -EAGAIN;
388 }
389
390 if (!page_freeze_refs(page, expected_count)) {
391 spin_unlock_irq(&mapping->tree_lock);
392 return -EAGAIN;
393 }
394
395 get_page(newpage);
396
397 radix_tree_replace_slot(pslot, newpage);
398
937a94c9 399 page_unfreeze_refs(page, expected_count - 1);
290408d4
NH		 400
401 spin_unlock_irq(&mapping->tree_lock);
402 return 0;
403}
404
b20a3503
CL		 405/*
406 * Copy the page to its new location
407 */
290408d4 408void migrate_page_copy(struct page *newpage, struct page *page)
b20a3503 409{
290408d4
NH		 410 if (PageHuge(page))
411 copy_huge_page(newpage, page);
412 else
413 copy_highpage(newpage, page);
b20a3503
CL		 414
415 if (PageError(page))
416 SetPageError(newpage);
417 if (PageReferenced(page))
418 SetPageReferenced(newpage);
419 if (PageUptodate(page))
420 SetPageUptodate(newpage);
894bc310
LS		 421 if (TestClearPageActive(page)) {
422 VM_BUG_ON(PageUnevictable(page));
b20a3503 423 SetPageActive(newpage);
418b27ef
LS		 424 } else if (TestClearPageUnevictable(page))
425 SetPageUnevictable(newpage);
b20a3503
CL		 426 if (PageChecked(page))
427 SetPageChecked(newpage);
428 if (PageMappedToDisk(page))
429 SetPageMappedToDisk(newpage);
430
431 if (PageDirty(page)) {
432 clear_page_dirty_for_io(page);
3a902c5f
NP		 433 /*
434 * Want to mark the page and the radix tree as dirty, and
435 * redo the accounting that clear_page_dirty_for_io undid,
436 * but we can't use set_page_dirty because that function
437 * is actually a signal that all of the page has become dirty.
25985edc 438 * Whereas only part of our page may be dirty.
3a902c5f 439 */
752dc185
HD		 440 if (PageSwapBacked(page))
441 SetPageDirty(newpage);
442 else
443 __set_page_dirty_nobuffers(newpage);
b20a3503
CL		 444 }
445
b291f000 446 mlock_migrate_page(newpage, page);
e9995ef9 447 ksm_migrate_page(newpage, page);
b291f000 448
b20a3503 449 ClearPageSwapCache(page);
b20a3503
CL		 450 ClearPagePrivate(page);
451 set_page_private(page, 0);
b20a3503
CL		 452
453 /*
454 * If any waiters have accumulated on the new page then
455 * wake them up.
456 */
457 if (PageWriteback(newpage))
458 end_page_writeback(newpage);
459}
b20a3503 460
1d8b85cc
CL		 461/************************************************************
462 * Migration functions
463 ***********************************************************/
464
465/* Always fail migration. Used for mappings that are not movable */
2d1db3b1
CL		 466int fail_migrate_page(struct address_space *mapping,
467 struct page *newpage, struct page *page)
1d8b85cc
CL		 468{
469 return -EIO;
470}
471EXPORT_SYMBOL(fail_migrate_page);
472
b20a3503
CL		 473/*
474 * Common logic to directly migrate a single page suitable for
266cf658 475 * pages that do not use PagePrivate/PagePrivate2.
b20a3503
CL		 476 *
477 * Pages are locked upon entry and exit.
478 */
2d1db3b1 479int migrate_page(struct address_space *mapping,
a6bc32b8
MG		 480 struct page *newpage, struct page *page,
481 enum migrate_mode mode)
b20a3503
CL		 482{
483 int rc;
484
485 BUG_ON(PageWriteback(page)); /* Writeback must be complete */
486
a6bc32b8 487 rc = migrate_page_move_mapping(mapping, newpage, page, NULL, mode);
b20a3503
CL		 488
489 if (rc)
490 return rc;
491
492 migrate_page_copy(newpage, page);
b20a3503
CL		 493 return 0;
494}
495EXPORT_SYMBOL(migrate_page);
496
9361401e 497#ifdef CONFIG_BLOCK
1d8b85cc
CL		 498/*
499 * Migration function for pages with buffers. This function can only be used
500 * if the underlying filesystem guarantees that no other references to "page"
501 * exist.
502 */
2d1db3b1 503int buffer_migrate_page(struct address_space *mapping,
a6bc32b8 504 struct page *newpage, struct page *page, enum migrate_mode mode)
1d8b85cc 505{
1d8b85cc
CL		 506 struct buffer_head *bh, *head;
507 int rc;
508
1d8b85cc 509 if (!page_has_buffers(page))
a6bc32b8 510 return migrate_page(mapping, newpage, page, mode);
1d8b85cc
CL		 511
512 head = page_buffers(page);
513
a6bc32b8 514 rc = migrate_page_move_mapping(mapping, newpage, page, head, mode);
1d8b85cc
CL		 515
516 if (rc)
517 return rc;
518
b969c4ab
MG		 519 /*
520 * In the async case, migrate_page_move_mapping locked the buffers
521 * with an IRQ-safe spinlock held. In the sync case, the buffers
522 * need to be locked now
523 */
a6bc32b8
MG		 524 if (mode != MIGRATE_ASYNC)
525 BUG_ON(!buffer_migrate_lock_buffers(head, mode));
1d8b85cc
CL		 526
527 ClearPagePrivate(page);
528 set_page_private(newpage, page_private(page));
529 set_page_private(page, 0);
530 put_page(page);
531 get_page(newpage);
532
533 bh = head;
534 do {
535 set_bh_page(bh, newpage, bh_offset(bh));
536 bh = bh->b_this_page;
537
538 } while (bh != head);
539
540 SetPagePrivate(newpage);
541
542 migrate_page_copy(newpage, page);
543
544 bh = head;
545 do {
546 unlock_buffer(bh);
547 put_bh(bh);
548 bh = bh->b_this_page;
549
550 } while (bh != head);
551
552 return 0;
553}
554EXPORT_SYMBOL(buffer_migrate_page);
9361401e 555#endif
1d8b85cc 556
04e62a29
CL		 557/*
558 * Writeback a page to clean the dirty state
559 */
560static int writeout(struct address_space *mapping, struct page *page)
8351a6e4 561{
04e62a29
CL		 562 struct writeback_control wbc = {
563 .sync_mode = WB_SYNC_NONE,
564 .nr_to_write = 1,
565 .range_start = 0,
566 .range_end = LLONG_MAX,
04e62a29
CL		 567 .for_reclaim = 1
568 };
569 int rc;
570
571 if (!mapping->a_ops->writepage)
572 /* No write method for the address space */
573 return -EINVAL;
574
575 if (!clear_page_dirty_for_io(page))
576 /* Someone else already triggered a write */
577 return -EAGAIN;
578
8351a6e4 579 /*
04e62a29
CL		 580 * A dirty page may imply that the underlying filesystem has
581 * the page on some queue. So the page must be clean for
582 * migration. Writeout may mean we loose the lock and the
583 * page state is no longer what we checked for earlier.
584 * At this point we know that the migration attempt cannot
585 * be successful.
8351a6e4 586 */
04e62a29 587 remove_migration_ptes(page, page);
8351a6e4 588
04e62a29 589 rc = mapping->a_ops->writepage(page, &wbc);
8351a6e4 590
04e62a29
CL		 591 if (rc != AOP_WRITEPAGE_ACTIVATE)
592 /* unlocked. Relock */
593 lock_page(page);
594
bda8550d 595 return (rc < 0) ? -EIO : -EAGAIN;
04e62a29
CL		 596}
597
598/*
599 * Default handling if a filesystem does not provide a migration function.
600 */
601static int fallback_migrate_page(struct address_space *mapping,
a6bc32b8 602 struct page *newpage, struct page *page, enum migrate_mode mode)
04e62a29 603{
b969c4ab 604 if (PageDirty(page)) {
a6bc32b8
MG		 605 /* Only writeback pages in full synchronous migration */
606 if (mode != MIGRATE_SYNC)
b969c4ab 607 return -EBUSY;
04e62a29 608 return writeout(mapping, page);
b969c4ab 609 }
8351a6e4
CL		 610
611 /*
612 * Buffers may be managed in a filesystem specific way.
613 * We must have no buffers or drop them.
614 */
266cf658 615 if (page_has_private(page) &&
8351a6e4
CL		 616 !try_to_release_page(page, GFP_KERNEL))
617 return -EAGAIN;
618
a6bc32b8 619 return migrate_page(mapping, newpage, page, mode);
8351a6e4
CL		 620}
621
e24f0b8f
CL		 622/*
623 * Move a page to a newly allocated page
624 * The page is locked and all ptes have been successfully removed.
625 *
626 * The new page will have replaced the old page if this function
627 * is successful.
894bc310
LS		 628 *
629 * Return value:
630 * < 0 - error code
631 * == 0 - success
e24f0b8f 632 */
3fe2011f 633static int move_to_new_page(struct page *newpage, struct page *page,
a6bc32b8 634 int remap_swapcache, enum migrate_mode mode)
e24f0b8f
CL		 635{
636 struct address_space *mapping;
637 int rc;
638
639 /*
640 * Block others from accessing the page when we get around to
641 * establishing additional references. We are the only one
642 * holding a reference to the new page at this point.
643 */
529ae9aa 644 if (!trylock_page(newpage))
e24f0b8f
CL		 645 BUG();
646
647 /* Prepare mapping for the new page.*/
648 newpage->index = page->index;
649 newpage->mapping = page->mapping;
b2e18538
RR		 650 if (PageSwapBacked(page))
651 SetPageSwapBacked(newpage);
e24f0b8f
CL		 652
653 mapping = page_mapping(page);
654 if (!mapping)
a6bc32b8 655 rc = migrate_page(mapping, newpage, page, mode);
b969c4ab 656 else if (mapping->a_ops->migratepage)
e24f0b8f 657 /*
b969c4ab
MG		 658 * Most pages have a mapping and most filesystems provide a
659 * migratepage callback. Anonymous pages are part of swap
660 * space which also has its own migratepage callback. This
661 * is the most common path for page migration.
e24f0b8f 662 */
b969c4ab 663 rc = mapping->a_ops->migratepage(mapping,
a6bc32b8 664 newpage, page, mode);
b969c4ab 665 else
a6bc32b8 666 rc = fallback_migrate_page(mapping, newpage, page, mode);
e24f0b8f 667
3fe2011f 668 if (rc) {
e24f0b8f 669 newpage->mapping = NULL;
3fe2011f
MG		 670 } else {
671 if (remap_swapcache)
672 remove_migration_ptes(page, newpage);
35512eca 673 page->mapping = NULL;
3fe2011f 674 }
e24f0b8f
CL		 675
676 unlock_page(newpage);
677
678 return rc;
679}
680
0dabec93 681static int __unmap_and_move(struct page *page, struct page *newpage,
a6bc32b8 682 int force, bool offlining, enum migrate_mode mode)
e24f0b8f 683{
0dabec93 684 int rc = -EAGAIN;
3fe2011f 685 int remap_swapcache = 1;
ae41be37 686 int charge = 0;
56039efa 687 struct mem_cgroup *mem;
3f6c8272 688 struct anon_vma *anon_vma = NULL;
95a402c3 689
529ae9aa 690 if (!trylock_page(page)) {
a6bc32b8 691 if (!force || mode == MIGRATE_ASYNC)
0dabec93 692 goto out;
3e7d3449
MG		 693
694 /*
695 * It's not safe for direct compaction to call lock_page.
696 * For example, during page readahead pages are added locked
697 * to the LRU. Later, when the IO completes the pages are
698 * marked uptodate and unlocked. However, the queueing
699 * could be merging multiple pages for one bio (e.g.
700 * mpage_readpages). If an allocation happens for the
701 * second or third page, the process can end up locking
702 * the same page twice and deadlocking. Rather than
703 * trying to be clever about what pages can be locked,
704 * avoid the use of lock_page for direct compaction
705 * altogether.
706 */
707 if (current->flags & PF_MEMALLOC)
0dabec93 708 goto out;
3e7d3449 709
e24f0b8f
CL		 710 lock_page(page);
711 }
712
62b61f61
HD		 713 /*
714 * Only memory hotplug's offline_pages() caller has locked out KSM,
715 * and can safely migrate a KSM page. The other cases have skipped
716 * PageKsm along with PageReserved - but it is only now when we have
717 * the page lock that we can be certain it will not go KSM beneath us
718 * (KSM will not upgrade a page from PageAnon to PageKsm when it sees
719 * its pagecount raised, but only here do we take the page lock which
720 * serializes that).
721 */
722 if (PageKsm(page) && !offlining) {
723 rc = -EBUSY;
724 goto unlock;
725 }
726
01b1ae63 727 /* charge against new page */
ef6a3c63 728 charge = mem_cgroup_prepare_migration(page, newpage, &mem, GFP_KERNEL);
01b1ae63
KH		 729 if (charge == -ENOMEM) {
730 rc = -ENOMEM;
731 goto unlock;
732 }
733 BUG_ON(charge);
734
e24f0b8f 735 if (PageWriteback(page)) {
11bc82d6 736 /*
a6bc32b8
MG		 737 * Only in the case of a full syncronous migration is it
738 * necessary to wait for PageWriteback. In the async case,
739 * the retry loop is too short and in the sync-light case,
740 * the overhead of stalling is too much
11bc82d6 741 */
a6bc32b8 742 if (mode != MIGRATE_SYNC) {
11bc82d6
AA		 743 rc = -EBUSY;
744 goto uncharge;
745 }
746 if (!force)
01b1ae63 747 goto uncharge;
e24f0b8f
CL		 748 wait_on_page_writeback(page);
749 }
e24f0b8f 750 /*
dc386d4d
KH		 751 * By try_to_unmap(), page->mapcount goes down to 0 here. In this case,
752 * we cannot notice that anon_vma is freed while we migrates a page.
1ce82b69 753 * This get_anon_vma() delays freeing anon_vma pointer until the end
dc386d4d 754 * of migration. File cache pages are no problem because of page_lock()
989f89c5
KH		 755 * File Caches may use write_page() or lock_page() in migration, then,
756 * just care Anon page here.
dc386d4d 757 */
989f89c5 758 if (PageAnon(page)) {
1ce82b69
HD		 759 /*
760 * Only page_lock_anon_vma() understands the subtleties of
761 * getting a hold on an anon_vma from outside one of its mms.
762 */
746b18d4 763 anon_vma = page_get_anon_vma(page);
1ce82b69
HD		 764 if (anon_vma) {
765 /*
746b18d4 766 * Anon page
1ce82b69 767 */
1ce82b69 768 } else if (PageSwapCache(page)) {
3fe2011f
MG		 769 /*
770 * We cannot be sure that the anon_vma of an unmapped
771 * swapcache page is safe to use because we don't
772 * know in advance if the VMA that this page belonged
773 * to still exists. If the VMA and others sharing the
774 * data have been freed, then the anon_vma could
775 * already be invalid.
776 *
777 * To avoid this possibility, swapcache pages get
778 * migrated but are not remapped when migration
779 * completes
780 */
781 remap_swapcache = 0;
782 } else {
1ce82b69 783 goto uncharge;
3fe2011f 784 }
989f89c5 785 }
62e1c553 786
dc386d4d 787 /*
62e1c553
SL		 788 * Corner case handling:
789 * 1. When a new swap-cache page is read into, it is added to the LRU
790 * and treated as swapcache but it has no rmap yet.
791 * Calling try_to_unmap() against a page->mapping==NULL page will
792 * trigger a BUG. So handle it here.
793 * 2. An orphaned page (see truncate_complete_page) might have
794 * fs-private metadata. The page can be picked up due to memory
795 * offlining. Everywhere else except page reclaim, the page is
796 * invisible to the vm, so the page can not be migrated. So try to
797 * free the metadata, so the page can be freed.
e24f0b8f 798 */
62e1c553 799 if (!page->mapping) {
1ce82b69
HD		 800 VM_BUG_ON(PageAnon(page));
801 if (page_has_private(page)) {
62e1c553 802 try_to_free_buffers(page);
1ce82b69 803 goto uncharge;
62e1c553 804 }
abfc3488 805 goto skip_unmap;
62e1c553
SL		 806 }
807
dc386d4d 808 /* Establish migration ptes or remove ptes */
14fa31b8 809 try_to_unmap(page, TTU_MIGRATION|TTU_IGNORE_MLOCK|TTU_IGNORE_ACCESS);
dc386d4d 810
abfc3488 811skip_unmap:
e6a1530d 812 if (!page_mapped(page))
a6bc32b8 813 rc = move_to_new_page(newpage, page, remap_swapcache, mode);
e24f0b8f 814
3fe2011f 815 if (rc && remap_swapcache)
e24f0b8f 816 remove_migration_ptes(page, page);
3f6c8272
MG		 817
818 /* Drop an anon_vma reference if we took one */
76545066 819 if (anon_vma)
9e60109f 820 put_anon_vma(anon_vma);
3f6c8272 821
01b1ae63
KH		 822uncharge:
823 if (!charge)
50de1dd9 824 mem_cgroup_end_migration(mem, page, newpage, rc == 0);
e24f0b8f
CL		 825unlock:
826 unlock_page(page);
0dabec93
MK		 827out:
828 return rc;
829}
95a402c3 830
0dabec93
MK		 831/*
832 * Obtain the lock on page, remove all ptes and migrate the page
833 * to the newly allocated page in newpage.
834 */
835static int unmap_and_move(new_page_t get_new_page, unsigned long private,
a6bc32b8
MG		 836 struct page *page, int force, bool offlining,
837 enum migrate_mode mode)
0dabec93
MK		 838{
839 int rc = 0;
840 int *result = NULL;
841 struct page *newpage = get_new_page(page, private, &result);
842
843 if (!newpage)
844 return -ENOMEM;
845
846 if (page_count(page) == 1) {
847 /* page was freed from under us. So we are done. */
848 goto out;
849 }
850
851 if (unlikely(PageTransHuge(page)))
852 if (unlikely(split_huge_page(page)))
853 goto out;
854
a6bc32b8 855 rc = __unmap_and_move(page, newpage, force, offlining, mode);
0dabec93 856out:
e24f0b8f 857 if (rc != -EAGAIN) {
0dabec93
MK		 858 /*
859 * A page that has been migrated has all references
860 * removed and will be freed. A page that has not been
861 * migrated will have kepts its references and be
862 * restored.
863 */
864 list_del(&page->lru);
a731286d 865 dec_zone_page_state(page, NR_ISOLATED_ANON +
6c0b1351 866 page_is_file_cache(page));
894bc310 867 putback_lru_page(page);
e24f0b8f 868 }
95a402c3
CL		 869 /*
870 * Move the new page to the LRU. If migration was not successful
871 * then this will free the page.
872 */
894bc310 873 putback_lru_page(newpage);
742755a1
CL		 874 if (result) {
875 if (rc)
876 *result = rc;
877 else
878 *result = page_to_nid(newpage);
879 }
e24f0b8f
CL		 880 return rc;
881}
882
290408d4
NH		 883/*
884 * Counterpart of unmap_and_move_page() for hugepage migration.
885 *
886 * This function doesn't wait the completion of hugepage I/O
887 * because there is no race between I/O and migration for hugepage.
888 * Note that currently hugepage I/O occurs only in direct I/O
889 * where no lock is held and PG_writeback is irrelevant,
890 * and writeback status of all subpages are counted in the reference
891 * count of the head page (i.e. if all subpages of a 2MB hugepage are
892 * under direct I/O, the reference of the head page is 512 and a bit more.)
893 * This means that when we try to migrate hugepage whose subpages are
894 * doing direct I/O, some references remain after try_to_unmap() and
895 * hugepage migration fails without data corruption.
896 *
897 * There is also no race when direct I/O is issued on the page under migration,
898 * because then pte is replaced with migration swap entry and direct I/O code
899 * will wait in the page fault for migration to complete.
900 */
901static int unmap_and_move_huge_page(new_page_t get_new_page,
902 unsigned long private, struct page *hpage,
a6bc32b8
MG		 903 int force, bool offlining,
904 enum migrate_mode mode)
290408d4
NH		 905{
906 int rc = 0;
907 int *result = NULL;
908 struct page *new_hpage = get_new_page(hpage, private, &result);
290408d4
NH		 909 struct anon_vma *anon_vma = NULL;
910
911 if (!new_hpage)
912 return -ENOMEM;
913
914 rc = -EAGAIN;
915
916 if (!trylock_page(hpage)) {
a6bc32b8 917 if (!force || mode != MIGRATE_SYNC)
290408d4
NH		 918 goto out;
919 lock_page(hpage);
920 }
921
746b18d4
PZ		 922 if (PageAnon(hpage))
923 anon_vma = page_get_anon_vma(hpage);
290408d4
NH		 924
925 try_to_unmap(hpage, TTU_MIGRATION|TTU_IGNORE_MLOCK|TTU_IGNORE_ACCESS);
926
927 if (!page_mapped(hpage))
a6bc32b8 928 rc = move_to_new_page(new_hpage, hpage, 1, mode);
290408d4
NH		 929
930 if (rc)
931 remove_migration_ptes(hpage, hpage);
932
fd4a4663 933 if (anon_vma)
9e60109f 934 put_anon_vma(anon_vma);
8e6ac7fa
AK		 935
936 if (!rc)
937 hugetlb_cgroup_migrate(hpage, new_hpage);
938
290408d4 939 unlock_page(hpage);
09761333 940out:
290408d4 941 put_page(new_hpage);
290408d4
NH		 942 if (result) {
943 if (rc)
944 *result = rc;
945 else
946 *result = page_to_nid(new_hpage);
947 }
948 return rc;
949}
950
b20a3503
CL		 951/*
952 * migrate_pages
953 *
95a402c3
CL		 954 * The function takes one list of pages to migrate and a function
955 * that determines from the page to be migrated and the private data
956 * the target of the move and allocates the page.
b20a3503
CL		 957 *
958 * The function returns after 10 attempts or if no pages
959 * are movable anymore because to has become empty
cf608ac1
MK		 960 * or no retryable pages exist anymore.
961 * Caller should call putback_lru_pages to return pages to the LRU
28bd6578 962 * or free list only if ret != 0.
b20a3503 963 *
95a402c3 964 * Return: Number of pages not migrated or error code.
b20a3503 965 */
95a402c3 966int migrate_pages(struct list_head *from,
7f0f2496 967 new_page_t get_new_page, unsigned long private, bool offlining,
a6bc32b8 968 enum migrate_mode mode)
b20a3503 969{
e24f0b8f 970 int retry = 1;
b20a3503
CL		 971 int nr_failed = 0;
972 int pass = 0;
973 struct page *page;
974 struct page *page2;
975 int swapwrite = current->flags & PF_SWAPWRITE;
976 int rc;
977
978 if (!swapwrite)
979 current->flags |= PF_SWAPWRITE;
980
e24f0b8f
CL		 981 for(pass = 0; pass < 10 && retry; pass++) {
982 retry = 0;
b20a3503 983
e24f0b8f 984 list_for_each_entry_safe(page, page2, from, lru) {
e24f0b8f 985 cond_resched();
2d1db3b1 986
95a402c3 987 rc = unmap_and_move(get_new_page, private,
77f1fe6b 988 page, pass > 2, offlining,
a6bc32b8 989 mode);
2d1db3b1 990
e24f0b8f 991 switch(rc) {
95a402c3
CL		 992 case -ENOMEM:
993 goto out;
e24f0b8f 994 case -EAGAIN:
2d1db3b1 995 retry++;
e24f0b8f
CL		 996 break;
997 case 0:
e24f0b8f
CL		 998 break;
999 default:
2d1db3b1 1000 /* Permanent failure */
2d1db3b1 1001 nr_failed++;
e24f0b8f 1002 break;
2d1db3b1 1003 }
b20a3503
CL		 1004 }
1005 }
95a402c3
CL		 1006 rc = 0;
1007out:
b20a3503
CL		 1008 if (!swapwrite)
1009 current->flags &= ~PF_SWAPWRITE;
1010
95a402c3
CL		 1011 if (rc)
1012 return rc;
b20a3503 1013
95a402c3 1014 return nr_failed + retry;
b20a3503 1015}
95a402c3 1016
189ebff2
AK		 1017int migrate_huge_page(struct page *hpage, new_page_t get_new_page,
1018 unsigned long private, bool offlining,
1019 enum migrate_mode mode)
290408d4 1020{
189ebff2
AK		 1021 int pass, rc;
1022
1023 for (pass = 0; pass < 10; pass++) {
1024 rc = unmap_and_move_huge_page(get_new_page,
1025 private, hpage, pass > 2, offlining,
1026 mode);
1027 switch (rc) {
1028 case -ENOMEM:
1029 goto out;
1030 case -EAGAIN:
1031 /* try again */
290408d4 1032 cond_resched();
189ebff2
AK		 1033 break;
1034 case 0:
1035 goto out;
1036 default:
1037 rc = -EIO;
1038 goto out;
290408d4
NH		 1039 }
1040 }
290408d4 1041out:
189ebff2 1042 return rc;
290408d4
NH		 1043}
1044
742755a1
CL		 1045#ifdef CONFIG_NUMA
1046/*
1047 * Move a list of individual pages
1048 */
1049struct page_to_node {
1050 unsigned long addr;
1051 struct page *page;
1052 int node;
1053 int status;
1054};
1055
1056static struct page *new_page_node(struct page *p, unsigned long private,
1057 int **result)
1058{
1059 struct page_to_node *pm = (struct page_to_node *)private;
1060
1061 while (pm->node != MAX_NUMNODES && pm->page != p)
1062 pm++;
1063
1064 if (pm->node == MAX_NUMNODES)
1065 return NULL;
1066
1067 *result = &pm->status;
1068
6484eb3e 1069 return alloc_pages_exact_node(pm->node,
769848c0 1070 GFP_HIGHUSER_MOVABLE | GFP_THISNODE, 0);
742755a1
CL		 1071}
1072
1073/*
1074 * Move a set of pages as indicated in the pm array. The addr
1075 * field must be set to the virtual address of the page to be moved
1076 * and the node number must contain a valid target node.
5e9a0f02 1077 * The pm array ends with node = MAX_NUMNODES.
742755a1 1078 */
5e9a0f02
BG		 1079static int do_move_page_to_node_array(struct mm_struct *mm,
1080 struct page_to_node *pm,
1081 int migrate_all)
742755a1
CL		 1082{
1083 int err;
1084 struct page_to_node *pp;
1085 LIST_HEAD(pagelist);
1086
1087 down_read(&mm->mmap_sem);
1088
1089 /*
1090 * Build a list of pages to migrate
1091 */
742755a1
CL		 1092 for (pp = pm; pp->node != MAX_NUMNODES; pp++) {
1093 struct vm_area_struct *vma;
1094 struct page *page;
1095
742755a1
CL		 1096 err = -EFAULT;
1097 vma = find_vma(mm, pp->addr);
70384dc6 1098 if (!vma || pp->addr < vma->vm_start || !vma_migratable(vma))
742755a1
CL		 1099 goto set_status;
1100
500d65d4 1101 page = follow_page(vma, pp->addr, FOLL_GET|FOLL_SPLIT);
89f5b7da
LT		 1102
1103 err = PTR_ERR(page);
1104 if (IS_ERR(page))
1105 goto set_status;
1106
742755a1
CL		 1107 err = -ENOENT;
1108 if (!page)
1109 goto set_status;
1110
62b61f61
HD		 1111 /* Use PageReserved to check for zero page */
1112 if (PageReserved(page) || PageKsm(page))
742755a1
CL		 1113 goto put_and_set;
1114
1115 pp->page = page;
1116 err = page_to_nid(page);
1117
1118 if (err == pp->node)
1119 /*
1120 * Node already in the right place
1121 */
1122 goto put_and_set;
1123
1124 err = -EACCES;
1125 if (page_mapcount(page) > 1 &&
1126 !migrate_all)
1127 goto put_and_set;
1128
62695a84 1129 err = isolate_lru_page(page);
6d9c285a 1130 if (!err) {
62695a84 1131 list_add_tail(&page->lru, &pagelist);
6d9c285a
KM		 1132 inc_zone_page_state(page, NR_ISOLATED_ANON +
1133 page_is_file_cache(page));
1134 }
742755a1
CL		 1135put_and_set:
1136 /*
1137 * Either remove the duplicate refcount from
1138 * isolate_lru_page() or drop the page ref if it was
1139 * not isolated.
1140 */
1141 put_page(page);
1142set_status:
1143 pp->status = err;
1144 }
1145
e78bbfa8 1146 err = 0;
cf608ac1 1147 if (!list_empty(&pagelist)) {
742755a1 1148 err = migrate_pages(&pagelist, new_page_node,
a6bc32b8 1149 (unsigned long)pm, 0, MIGRATE_SYNC);
cf608ac1
MK		 1150 if (err)
1151 putback_lru_pages(&pagelist);
1152 }
742755a1
CL		 1153
1154 up_read(&mm->mmap_sem);
1155 return err;
1156}
1157
5e9a0f02
BG		 1158/*
1159 * Migrate an array of page address onto an array of nodes and fill
1160 * the corresponding array of status.
1161 */
3268c63e 1162static int do_pages_move(struct mm_struct *mm, nodemask_t task_nodes,
5e9a0f02
BG		 1163 unsigned long nr_pages,
1164 const void __user * __user *pages,
1165 const int __user *nodes,
1166 int __user *status, int flags)
1167{
3140a227 1168 struct page_to_node *pm;
3140a227
BG		 1169 unsigned long chunk_nr_pages;
1170 unsigned long chunk_start;
1171 int err;
5e9a0f02 1172
3140a227
BG		 1173 err = -ENOMEM;
1174 pm = (struct page_to_node *)__get_free_page(GFP_KERNEL);
1175 if (!pm)
5e9a0f02 1176 goto out;
35282a2d
BG		 1177
1178 migrate_prep();
1179
5e9a0f02 1180 /*
3140a227
BG		 1181 * Store a chunk of page_to_node array in a page,
1182 * but keep the last one as a marker
5e9a0f02 1183 */
3140a227 1184 chunk_nr_pages = (PAGE_SIZE / sizeof(struct page_to_node)) - 1;
5e9a0f02 1185
3140a227
BG		 1186 for (chunk_start = 0;
1187 chunk_start < nr_pages;
1188 chunk_start += chunk_nr_pages) {
1189 int j;
5e9a0f02 1190
3140a227
BG		 1191 if (chunk_start + chunk_nr_pages > nr_pages)
1192 chunk_nr_pages = nr_pages - chunk_start;
1193
1194 /* fill the chunk pm with addrs and nodes from user-space */
1195 for (j = 0; j < chunk_nr_pages; j++) {
1196 const void __user *p;
5e9a0f02
BG		 1197 int node;
1198
3140a227
BG		 1199 err = -EFAULT;
1200 if (get_user(p, pages + j + chunk_start))
1201 goto out_pm;
1202 pm[j].addr = (unsigned long) p;
1203
1204 if (get_user(node, nodes + j + chunk_start))
5e9a0f02
BG		 1205 goto out_pm;
1206
1207 err = -ENODEV;
6f5a55f1
LT		 1208 if (node < 0 || node >= MAX_NUMNODES)
1209 goto out_pm;
1210
5e9a0f02
BG		 1211 if (!node_state(node, N_HIGH_MEMORY))
1212 goto out_pm;
1213
1214 err = -EACCES;
1215 if (!node_isset(node, task_nodes))
1216 goto out_pm;
1217
3140a227
BG		 1218 pm[j].node = node;
1219 }
1220
1221 /* End marker for this chunk */
1222 pm[chunk_nr_pages].node = MAX_NUMNODES;
1223
1224 /* Migrate this chunk */
1225 err = do_move_page_to_node_array(mm, pm,
1226 flags & MPOL_MF_MOVE_ALL);
1227 if (err < 0)
1228 goto out_pm;
5e9a0f02 1229
5e9a0f02 1230 /* Return status information */
3140a227
BG		 1231 for (j = 0; j < chunk_nr_pages; j++)
1232 if (put_user(pm[j].status, status + j + chunk_start)) {
5e9a0f02 1233 err = -EFAULT;
3140a227
BG		 1234 goto out_pm;
1235 }
1236 }
1237 err = 0;
5e9a0f02
BG		 1238
1239out_pm:
3140a227 1240 free_page((unsigned long)pm);
5e9a0f02
BG		 1241out:
1242 return err;
1243}
1244
742755a1 1245/*
2f007e74 1246 * Determine the nodes of an array of pages and store it in an array of status.
742755a1 1247 */
80bba129
BG		 1248static void do_pages_stat_array(struct mm_struct *mm, unsigned long nr_pages,
1249 const void __user **pages, int *status)
742755a1 1250{
2f007e74 1251 unsigned long i;
2f007e74 1252
742755a1
CL		 1253 down_read(&mm->mmap_sem);
1254
2f007e74 1255 for (i = 0; i < nr_pages; i++) {
80bba129 1256 unsigned long addr = (unsigned long)(*pages);
742755a1
CL		 1257 struct vm_area_struct *vma;
1258 struct page *page;
c095adbc 1259 int err = -EFAULT;
2f007e74
BG		 1260
1261 vma = find_vma(mm, addr);
70384dc6 1262 if (!vma || addr < vma->vm_start)
742755a1
CL		 1263 goto set_status;
1264
2f007e74 1265 page = follow_page(vma, addr, 0);
89f5b7da
LT		 1266
1267 err = PTR_ERR(page);
1268 if (IS_ERR(page))
1269 goto set_status;
1270
742755a1
CL		 1271 err = -ENOENT;
1272 /* Use PageReserved to check for zero page */
62b61f61 1273 if (!page || PageReserved(page) || PageKsm(page))
742755a1
CL		 1274 goto set_status;
1275
1276 err = page_to_nid(page);
1277set_status:
80bba129
BG		 1278 *status = err;
1279
1280 pages++;
1281 status++;
1282 }
1283
1284 up_read(&mm->mmap_sem);
1285}
1286
1287/*
1288 * Determine the nodes of a user array of pages and store it in
1289 * a user array of status.
1290 */
1291static int do_pages_stat(struct mm_struct *mm, unsigned long nr_pages,
1292 const void __user * __user *pages,
1293 int __user *status)
1294{
1295#define DO_PAGES_STAT_CHUNK_NR 16
1296 const void __user *chunk_pages[DO_PAGES_STAT_CHUNK_NR];
1297 int chunk_status[DO_PAGES_STAT_CHUNK_NR];
80bba129 1298
87b8d1ad
PA		 1299 while (nr_pages) {
1300 unsigned long chunk_nr;
80bba129 1301
87b8d1ad
PA		 1302 chunk_nr = nr_pages;
1303 if (chunk_nr > DO_PAGES_STAT_CHUNK_NR)
1304 chunk_nr = DO_PAGES_STAT_CHUNK_NR;
1305
1306 if (copy_from_user(chunk_pages, pages, chunk_nr * sizeof(*chunk_pages)))
1307 break;
80bba129
BG		 1308
1309 do_pages_stat_array(mm, chunk_nr, chunk_pages, chunk_status);
1310
87b8d1ad
PA		 1311 if (copy_to_user(status, chunk_status, chunk_nr * sizeof(*status)))
1312 break;
742755a1 1313
87b8d1ad
PA		 1314 pages += chunk_nr;
1315 status += chunk_nr;
1316 nr_pages -= chunk_nr;
1317 }
1318 return nr_pages ? -EFAULT : 0;
742755a1
CL		 1319}
1320
1321/*
1322 * Move a list of pages in the address space of the currently executing
1323 * process.
1324 */
938bb9f5
HC		 1325SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages,
1326 const void __user * __user *, pages,
1327 const int __user *, nodes,
1328 int __user *, status, int, flags)
742755a1 1329{
c69e8d9c 1330 const struct cred *cred = current_cred(), *tcred;
742755a1 1331 struct task_struct *task;
742755a1 1332 struct mm_struct *mm;
5e9a0f02 1333 int err;
3268c63e 1334 nodemask_t task_nodes;
742755a1
CL		 1335
1336 /* Check flags */
1337 if (flags & ~(MPOL_MF_MOVE|MPOL_MF_MOVE_ALL))
1338 return -EINVAL;
1339
1340 if ((flags & MPOL_MF_MOVE_ALL) && !capable(CAP_SYS_NICE))
1341 return -EPERM;
1342
1343 /* Find the mm_struct */
a879bf58 1344 rcu_read_lock();
228ebcbe 1345 task = pid ? find_task_by_vpid(pid) : current;
742755a1 1346 if (!task) {
a879bf58 1347 rcu_read_unlock();
742755a1
CL		 1348 return -ESRCH;
1349 }
3268c63e 1350 get_task_struct(task);
742755a1
CL		 1351
1352 /*
1353 * Check if this process has the right to modify the specified
1354 * process. The right exists if the process has administrative
1355 * capabilities, superuser privileges or the same
1356 * userid as the target process.
1357 */
c69e8d9c 1358 tcred = __task_cred(task);
b38a86eb
EB		 1359 if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) &&
1360 !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) &&
742755a1 1361 !capable(CAP_SYS_NICE)) {
c69e8d9c 1362 rcu_read_unlock();
742755a1 1363 err = -EPERM;
5e9a0f02 1364 goto out;
742755a1 1365 }
c69e8d9c 1366 rcu_read_unlock();
742755a1 1367
86c3a764
DQ		 1368 err = security_task_movememory(task);
1369 if (err)
5e9a0f02 1370 goto out;
86c3a764 1371
3268c63e
CL		 1372 task_nodes = cpuset_mems_allowed(task);
1373 mm = get_task_mm(task);
1374 put_task_struct(task);
1375
6e8b09ea
SL		 1376 if (!mm)
1377 return -EINVAL;
1378
1379 if (nodes)
1380 err = do_pages_move(mm, task_nodes, nr_pages, pages,
1381 nodes, status, flags);
1382 else
1383 err = do_pages_stat(mm, nr_pages, pages, status);
742755a1 1384
742755a1
CL		 1385 mmput(mm);
1386 return err;
3268c63e
CL		 1387
1388out:
1389 put_task_struct(task);
1390 return err;
742755a1 1391}
742755a1 1392
7b2259b3
CL		 1393/*
1394 * Call migration functions in the vma_ops that may prepare
1395 * memory in a vm for migration. migration functions may perform
1396 * the migration for vmas that do not have an underlying page struct.
1397 */
1398int migrate_vmas(struct mm_struct *mm, const nodemask_t *to,
1399 const nodemask_t *from, unsigned long flags)
1400{
1401 struct vm_area_struct *vma;
1402 int err = 0;
1403
1001c9fb 1404 for (vma = mm->mmap; vma && !err; vma = vma->vm_next) {
7b2259b3
CL		 1405 if (vma->vm_ops && vma->vm_ops->migrate) {
1406 err = vma->vm_ops->migrate(vma, to, from, flags);
1407 if (err)
1408 break;
1409 }
1410 }
1411 return err;
1412}
83d1674a 1413#endif
Linux 6.x block layer and io_uring tree(s)