Commit | Line | Data |
---|---|---|
457c8996 | 1 | // SPDX-License-Identifier: GPL-2.0-only |
1da177e4 | 2 | /* |
1da177e4 LT |
3 | * Copyright (C) 1993 Linus Torvalds |
4 | * Support of BIGMEM added by Gerhard Wichert, Siemens AG, July 1999 | |
5 | * SMP-safe vmalloc/vfree/ioremap, Tigran Aivazian <tigran@veritas.com>, May 2000 | |
6 | * Major rework to support vmap/vunmap, Christoph Hellwig, SGI, August 2002 | |
930fc45a | 7 | * Numa awareness, Christoph Lameter, SGI, June 2005 |
d758ffe6 | 8 | * Improving global KVA allocator, Uladzislau Rezki, Sony, May 2019 |
1da177e4 LT |
9 | */ |
10 | ||
db64fe02 | 11 | #include <linux/vmalloc.h> |
1da177e4 LT |
12 | #include <linux/mm.h> |
13 | #include <linux/module.h> | |
14 | #include <linux/highmem.h> | |
c3edc401 | 15 | #include <linux/sched/signal.h> |
1da177e4 LT |
16 | #include <linux/slab.h> |
17 | #include <linux/spinlock.h> | |
18 | #include <linux/interrupt.h> | |
5f6a6a9c | 19 | #include <linux/proc_fs.h> |
a10aa579 | 20 | #include <linux/seq_file.h> |
868b104d | 21 | #include <linux/set_memory.h> |
3ac7fe5a | 22 | #include <linux/debugobjects.h> |
23016969 | 23 | #include <linux/kallsyms.h> |
db64fe02 | 24 | #include <linux/list.h> |
4da56b99 | 25 | #include <linux/notifier.h> |
db64fe02 | 26 | #include <linux/rbtree.h> |
0f14599c | 27 | #include <linux/xarray.h> |
5da96bdd | 28 | #include <linux/io.h> |
db64fe02 | 29 | #include <linux/rcupdate.h> |
f0aa6617 | 30 | #include <linux/pfn.h> |
89219d37 | 31 | #include <linux/kmemleak.h> |
60063497 | 32 | #include <linux/atomic.h> |
3b32123d | 33 | #include <linux/compiler.h> |
4e5aa1f4 | 34 | #include <linux/memcontrol.h> |
32fcfd40 | 35 | #include <linux/llist.h> |
0f616be1 | 36 | #include <linux/bitops.h> |
68ad4a33 | 37 | #include <linux/rbtree_augmented.h> |
bdebd6a2 | 38 | #include <linux/overflow.h> |
c0eb315a | 39 | #include <linux/pgtable.h> |
7c0f6ba6 | 40 | #include <linux/uaccess.h> |
f7ee1f13 | 41 | #include <linux/hugetlb.h> |
451769eb | 42 | #include <linux/sched/mm.h> |
1da177e4 | 43 | #include <asm/tlbflush.h> |
2dca6999 | 44 | #include <asm/shmparam.h> |
1da177e4 | 45 | |
cf243da6 URS |
46 | #define CREATE_TRACE_POINTS |
47 | #include <trace/events/vmalloc.h> | |
48 | ||
dd56b046 | 49 | #include "internal.h" |
2a681cfa | 50 | #include "pgalloc-track.h" |
dd56b046 | 51 | |
82a70ce0 CH |
52 | #ifdef CONFIG_HAVE_ARCH_HUGE_VMAP |
53 | static unsigned int __ro_after_init ioremap_max_page_shift = BITS_PER_LONG - 1; | |
54 | ||
55 | static int __init set_nohugeiomap(char *str) | |
56 | { | |
57 | ioremap_max_page_shift = PAGE_SHIFT; | |
58 | return 0; | |
59 | } | |
60 | early_param("nohugeiomap", set_nohugeiomap); | |
61 | #else /* CONFIG_HAVE_ARCH_HUGE_VMAP */ | |
62 | static const unsigned int ioremap_max_page_shift = PAGE_SHIFT; | |
63 | #endif /* CONFIG_HAVE_ARCH_HUGE_VMAP */ | |
64 | ||
121e6f32 NP |
65 | #ifdef CONFIG_HAVE_ARCH_HUGE_VMALLOC |
66 | static bool __ro_after_init vmap_allow_huge = true; | |
67 | ||
68 | static int __init set_nohugevmalloc(char *str) | |
69 | { | |
70 | vmap_allow_huge = false; | |
71 | return 0; | |
72 | } | |
73 | early_param("nohugevmalloc", set_nohugevmalloc); | |
74 | #else /* CONFIG_HAVE_ARCH_HUGE_VMALLOC */ | |
75 | static const bool vmap_allow_huge = false; | |
76 | #endif /* CONFIG_HAVE_ARCH_HUGE_VMALLOC */ | |
77 | ||
186525bd IM |
78 | bool is_vmalloc_addr(const void *x) |
79 | { | |
4aff1dc4 | 80 | unsigned long addr = (unsigned long)kasan_reset_tag(x); |
186525bd IM |
81 | |
82 | return addr >= VMALLOC_START && addr < VMALLOC_END; | |
83 | } | |
84 | EXPORT_SYMBOL(is_vmalloc_addr); | |
85 | ||
32fcfd40 AV |
86 | struct vfree_deferred { |
87 | struct llist_head list; | |
88 | struct work_struct wq; | |
89 | }; | |
90 | static DEFINE_PER_CPU(struct vfree_deferred, vfree_deferred); | |
91 | ||
92 | static void __vunmap(const void *, int); | |
93 | ||
94 | static void free_work(struct work_struct *w) | |
95 | { | |
96 | struct vfree_deferred *p = container_of(w, struct vfree_deferred, wq); | |
894e58c1 BP |
97 | struct llist_node *t, *llnode; |
98 | ||
99 | llist_for_each_safe(llnode, t, llist_del_all(&p->list)) | |
100 | __vunmap((void *)llnode, 1); | |
32fcfd40 AV |
101 | } |
102 | ||
db64fe02 | 103 | /*** Page table manipulation functions ***/ |
5e9e3d77 NP |
104 | static int vmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
105 | phys_addr_t phys_addr, pgprot_t prot, | |
f7ee1f13 | 106 | unsigned int max_page_shift, pgtbl_mod_mask *mask) |
5e9e3d77 NP |
107 | { |
108 | pte_t *pte; | |
109 | u64 pfn; | |
f7ee1f13 | 110 | unsigned long size = PAGE_SIZE; |
5e9e3d77 NP |
111 | |
112 | pfn = phys_addr >> PAGE_SHIFT; | |
113 | pte = pte_alloc_kernel_track(pmd, addr, mask); | |
114 | if (!pte) | |
115 | return -ENOMEM; | |
116 | do { | |
117 | BUG_ON(!pte_none(*pte)); | |
f7ee1f13 CL |
118 | |
119 | #ifdef CONFIG_HUGETLB_PAGE | |
120 | size = arch_vmap_pte_range_map_size(addr, end, pfn, max_page_shift); | |
121 | if (size != PAGE_SIZE) { | |
122 | pte_t entry = pfn_pte(pfn, prot); | |
123 | ||
f7ee1f13 CL |
124 | entry = arch_make_huge_pte(entry, ilog2(size), 0); |
125 | set_huge_pte_at(&init_mm, addr, pte, entry); | |
126 | pfn += PFN_DOWN(size); | |
127 | continue; | |
128 | } | |
129 | #endif | |
5e9e3d77 NP |
130 | set_pte_at(&init_mm, addr, pte, pfn_pte(pfn, prot)); |
131 | pfn++; | |
f7ee1f13 | 132 | } while (pte += PFN_DOWN(size), addr += size, addr != end); |
5e9e3d77 NP |
133 | *mask |= PGTBL_PTE_MODIFIED; |
134 | return 0; | |
135 | } | |
136 | ||
137 | static int vmap_try_huge_pmd(pmd_t *pmd, unsigned long addr, unsigned long end, | |
138 | phys_addr_t phys_addr, pgprot_t prot, | |
139 | unsigned int max_page_shift) | |
140 | { | |
141 | if (max_page_shift < PMD_SHIFT) | |
142 | return 0; | |
143 | ||
144 | if (!arch_vmap_pmd_supported(prot)) | |
145 | return 0; | |
146 | ||
147 | if ((end - addr) != PMD_SIZE) | |
148 | return 0; | |
149 | ||
150 | if (!IS_ALIGNED(addr, PMD_SIZE)) | |
151 | return 0; | |
152 | ||
153 | if (!IS_ALIGNED(phys_addr, PMD_SIZE)) | |
154 | return 0; | |
155 | ||
156 | if (pmd_present(*pmd) && !pmd_free_pte_page(pmd, addr)) | |
157 | return 0; | |
158 | ||
159 | return pmd_set_huge(pmd, phys_addr, prot); | |
160 | } | |
161 | ||
162 | static int vmap_pmd_range(pud_t *pud, unsigned long addr, unsigned long end, | |
163 | phys_addr_t phys_addr, pgprot_t prot, | |
164 | unsigned int max_page_shift, pgtbl_mod_mask *mask) | |
165 | { | |
166 | pmd_t *pmd; | |
167 | unsigned long next; | |
168 | ||
169 | pmd = pmd_alloc_track(&init_mm, pud, addr, mask); | |
170 | if (!pmd) | |
171 | return -ENOMEM; | |
172 | do { | |
173 | next = pmd_addr_end(addr, end); | |
174 | ||
175 | if (vmap_try_huge_pmd(pmd, addr, next, phys_addr, prot, | |
176 | max_page_shift)) { | |
177 | *mask |= PGTBL_PMD_MODIFIED; | |
178 | continue; | |
179 | } | |
180 | ||
f7ee1f13 | 181 | if (vmap_pte_range(pmd, addr, next, phys_addr, prot, max_page_shift, mask)) |
5e9e3d77 NP |
182 | return -ENOMEM; |
183 | } while (pmd++, phys_addr += (next - addr), addr = next, addr != end); | |
184 | return 0; | |
185 | } | |
186 | ||
187 | static int vmap_try_huge_pud(pud_t *pud, unsigned long addr, unsigned long end, | |
188 | phys_addr_t phys_addr, pgprot_t prot, | |
189 | unsigned int max_page_shift) | |
190 | { | |
191 | if (max_page_shift < PUD_SHIFT) | |
192 | return 0; | |
193 | ||
194 | if (!arch_vmap_pud_supported(prot)) | |
195 | return 0; | |
196 | ||
197 | if ((end - addr) != PUD_SIZE) | |
198 | return 0; | |
199 | ||
200 | if (!IS_ALIGNED(addr, PUD_SIZE)) | |
201 | return 0; | |
202 | ||
203 | if (!IS_ALIGNED(phys_addr, PUD_SIZE)) | |
204 | return 0; | |
205 | ||
206 | if (pud_present(*pud) && !pud_free_pmd_page(pud, addr)) | |
207 | return 0; | |
208 | ||
209 | return pud_set_huge(pud, phys_addr, prot); | |
210 | } | |
211 | ||
212 | static int vmap_pud_range(p4d_t *p4d, unsigned long addr, unsigned long end, | |
213 | phys_addr_t phys_addr, pgprot_t prot, | |
214 | unsigned int max_page_shift, pgtbl_mod_mask *mask) | |
215 | { | |
216 | pud_t *pud; | |
217 | unsigned long next; | |
218 | ||
219 | pud = pud_alloc_track(&init_mm, p4d, addr, mask); | |
220 | if (!pud) | |
221 | return -ENOMEM; | |
222 | do { | |
223 | next = pud_addr_end(addr, end); | |
224 | ||
225 | if (vmap_try_huge_pud(pud, addr, next, phys_addr, prot, | |
226 | max_page_shift)) { | |
227 | *mask |= PGTBL_PUD_MODIFIED; | |
228 | continue; | |
229 | } | |
230 | ||
231 | if (vmap_pmd_range(pud, addr, next, phys_addr, prot, | |
232 | max_page_shift, mask)) | |
233 | return -ENOMEM; | |
234 | } while (pud++, phys_addr += (next - addr), addr = next, addr != end); | |
235 | return 0; | |
236 | } | |
237 | ||
238 | static int vmap_try_huge_p4d(p4d_t *p4d, unsigned long addr, unsigned long end, | |
239 | phys_addr_t phys_addr, pgprot_t prot, | |
240 | unsigned int max_page_shift) | |
241 | { | |
242 | if (max_page_shift < P4D_SHIFT) | |
243 | return 0; | |
244 | ||
245 | if (!arch_vmap_p4d_supported(prot)) | |
246 | return 0; | |
247 | ||
248 | if ((end - addr) != P4D_SIZE) | |
249 | return 0; | |
250 | ||
251 | if (!IS_ALIGNED(addr, P4D_SIZE)) | |
252 | return 0; | |
253 | ||
254 | if (!IS_ALIGNED(phys_addr, P4D_SIZE)) | |
255 | return 0; | |
256 | ||
257 | if (p4d_present(*p4d) && !p4d_free_pud_page(p4d, addr)) | |
258 | return 0; | |
259 | ||
260 | return p4d_set_huge(p4d, phys_addr, prot); | |
261 | } | |
262 | ||
263 | static int vmap_p4d_range(pgd_t *pgd, unsigned long addr, unsigned long end, | |
264 | phys_addr_t phys_addr, pgprot_t prot, | |
265 | unsigned int max_page_shift, pgtbl_mod_mask *mask) | |
266 | { | |
267 | p4d_t *p4d; | |
268 | unsigned long next; | |
269 | ||
270 | p4d = p4d_alloc_track(&init_mm, pgd, addr, mask); | |
271 | if (!p4d) | |
272 | return -ENOMEM; | |
273 | do { | |
274 | next = p4d_addr_end(addr, end); | |
275 | ||
276 | if (vmap_try_huge_p4d(p4d, addr, next, phys_addr, prot, | |
277 | max_page_shift)) { | |
278 | *mask |= PGTBL_P4D_MODIFIED; | |
279 | continue; | |
280 | } | |
281 | ||
282 | if (vmap_pud_range(p4d, addr, next, phys_addr, prot, | |
283 | max_page_shift, mask)) | |
284 | return -ENOMEM; | |
285 | } while (p4d++, phys_addr += (next - addr), addr = next, addr != end); | |
286 | return 0; | |
287 | } | |
288 | ||
5d87510d | 289 | static int vmap_range_noflush(unsigned long addr, unsigned long end, |
5e9e3d77 NP |
290 | phys_addr_t phys_addr, pgprot_t prot, |
291 | unsigned int max_page_shift) | |
292 | { | |
293 | pgd_t *pgd; | |
294 | unsigned long start; | |
295 | unsigned long next; | |
296 | int err; | |
297 | pgtbl_mod_mask mask = 0; | |
298 | ||
299 | might_sleep(); | |
300 | BUG_ON(addr >= end); | |
301 | ||
302 | start = addr; | |
303 | pgd = pgd_offset_k(addr); | |
304 | do { | |
305 | next = pgd_addr_end(addr, end); | |
306 | err = vmap_p4d_range(pgd, addr, next, phys_addr, prot, | |
307 | max_page_shift, &mask); | |
308 | if (err) | |
309 | break; | |
310 | } while (pgd++, phys_addr += (next - addr), addr = next, addr != end); | |
311 | ||
5e9e3d77 NP |
312 | if (mask & ARCH_PAGE_TABLE_SYNC_MASK) |
313 | arch_sync_kernel_mappings(start, end); | |
314 | ||
315 | return err; | |
316 | } | |
b221385b | 317 | |
82a70ce0 CH |
318 | int ioremap_page_range(unsigned long addr, unsigned long end, |
319 | phys_addr_t phys_addr, pgprot_t prot) | |
5d87510d NP |
320 | { |
321 | int err; | |
322 | ||
8491502f | 323 | err = vmap_range_noflush(addr, end, phys_addr, pgprot_nx(prot), |
82a70ce0 | 324 | ioremap_max_page_shift); |
5d87510d | 325 | flush_cache_vmap(addr, end); |
b073d7f8 AP |
326 | if (!err) |
327 | kmsan_ioremap_page_range(addr, end, phys_addr, prot, | |
328 | ioremap_max_page_shift); | |
5d87510d NP |
329 | return err; |
330 | } | |
331 | ||
2ba3e694 JR |
332 | static void vunmap_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
333 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
334 | { |
335 | pte_t *pte; | |
336 | ||
337 | pte = pte_offset_kernel(pmd, addr); | |
338 | do { | |
339 | pte_t ptent = ptep_get_and_clear(&init_mm, addr, pte); | |
340 | WARN_ON(!pte_none(ptent) && !pte_present(ptent)); | |
341 | } while (pte++, addr += PAGE_SIZE, addr != end); | |
2ba3e694 | 342 | *mask |= PGTBL_PTE_MODIFIED; |
1da177e4 LT |
343 | } |
344 | ||
2ba3e694 JR |
345 | static void vunmap_pmd_range(pud_t *pud, unsigned long addr, unsigned long end, |
346 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
347 | { |
348 | pmd_t *pmd; | |
349 | unsigned long next; | |
2ba3e694 | 350 | int cleared; |
1da177e4 LT |
351 | |
352 | pmd = pmd_offset(pud, addr); | |
353 | do { | |
354 | next = pmd_addr_end(addr, end); | |
2ba3e694 JR |
355 | |
356 | cleared = pmd_clear_huge(pmd); | |
357 | if (cleared || pmd_bad(*pmd)) | |
358 | *mask |= PGTBL_PMD_MODIFIED; | |
359 | ||
360 | if (cleared) | |
b9820d8f | 361 | continue; |
1da177e4 LT |
362 | if (pmd_none_or_clear_bad(pmd)) |
363 | continue; | |
2ba3e694 | 364 | vunmap_pte_range(pmd, addr, next, mask); |
e47110e9 AK |
365 | |
366 | cond_resched(); | |
1da177e4 LT |
367 | } while (pmd++, addr = next, addr != end); |
368 | } | |
369 | ||
2ba3e694 JR |
370 | static void vunmap_pud_range(p4d_t *p4d, unsigned long addr, unsigned long end, |
371 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
372 | { |
373 | pud_t *pud; | |
374 | unsigned long next; | |
2ba3e694 | 375 | int cleared; |
1da177e4 | 376 | |
c2febafc | 377 | pud = pud_offset(p4d, addr); |
1da177e4 LT |
378 | do { |
379 | next = pud_addr_end(addr, end); | |
2ba3e694 JR |
380 | |
381 | cleared = pud_clear_huge(pud); | |
382 | if (cleared || pud_bad(*pud)) | |
383 | *mask |= PGTBL_PUD_MODIFIED; | |
384 | ||
385 | if (cleared) | |
b9820d8f | 386 | continue; |
1da177e4 LT |
387 | if (pud_none_or_clear_bad(pud)) |
388 | continue; | |
2ba3e694 | 389 | vunmap_pmd_range(pud, addr, next, mask); |
1da177e4 LT |
390 | } while (pud++, addr = next, addr != end); |
391 | } | |
392 | ||
2ba3e694 JR |
393 | static void vunmap_p4d_range(pgd_t *pgd, unsigned long addr, unsigned long end, |
394 | pgtbl_mod_mask *mask) | |
c2febafc KS |
395 | { |
396 | p4d_t *p4d; | |
397 | unsigned long next; | |
398 | ||
399 | p4d = p4d_offset(pgd, addr); | |
400 | do { | |
401 | next = p4d_addr_end(addr, end); | |
2ba3e694 | 402 | |
c8db8c26 L |
403 | p4d_clear_huge(p4d); |
404 | if (p4d_bad(*p4d)) | |
2ba3e694 JR |
405 | *mask |= PGTBL_P4D_MODIFIED; |
406 | ||
c2febafc KS |
407 | if (p4d_none_or_clear_bad(p4d)) |
408 | continue; | |
2ba3e694 | 409 | vunmap_pud_range(p4d, addr, next, mask); |
c2febafc KS |
410 | } while (p4d++, addr = next, addr != end); |
411 | } | |
412 | ||
4ad0ae8c NP |
413 | /* |
414 | * vunmap_range_noflush is similar to vunmap_range, but does not | |
415 | * flush caches or TLBs. | |
b521c43f | 416 | * |
4ad0ae8c NP |
417 | * The caller is responsible for calling flush_cache_vmap() before calling |
418 | * this function, and flush_tlb_kernel_range after it has returned | |
419 | * successfully (and before the addresses are expected to cause a page fault | |
420 | * or be re-mapped for something else, if TLB flushes are being delayed or | |
421 | * coalesced). | |
b521c43f | 422 | * |
4ad0ae8c | 423 | * This is an internal function only. Do not use outside mm/. |
b521c43f | 424 | */ |
b073d7f8 | 425 | void __vunmap_range_noflush(unsigned long start, unsigned long end) |
1da177e4 | 426 | { |
1da177e4 | 427 | unsigned long next; |
b521c43f | 428 | pgd_t *pgd; |
2ba3e694 JR |
429 | unsigned long addr = start; |
430 | pgtbl_mod_mask mask = 0; | |
1da177e4 LT |
431 | |
432 | BUG_ON(addr >= end); | |
433 | pgd = pgd_offset_k(addr); | |
1da177e4 LT |
434 | do { |
435 | next = pgd_addr_end(addr, end); | |
2ba3e694 JR |
436 | if (pgd_bad(*pgd)) |
437 | mask |= PGTBL_PGD_MODIFIED; | |
1da177e4 LT |
438 | if (pgd_none_or_clear_bad(pgd)) |
439 | continue; | |
2ba3e694 | 440 | vunmap_p4d_range(pgd, addr, next, &mask); |
1da177e4 | 441 | } while (pgd++, addr = next, addr != end); |
2ba3e694 JR |
442 | |
443 | if (mask & ARCH_PAGE_TABLE_SYNC_MASK) | |
444 | arch_sync_kernel_mappings(start, end); | |
1da177e4 LT |
445 | } |
446 | ||
b073d7f8 AP |
447 | void vunmap_range_noflush(unsigned long start, unsigned long end) |
448 | { | |
449 | kmsan_vunmap_range_noflush(start, end); | |
450 | __vunmap_range_noflush(start, end); | |
451 | } | |
452 | ||
4ad0ae8c NP |
453 | /** |
454 | * vunmap_range - unmap kernel virtual addresses | |
455 | * @addr: start of the VM area to unmap | |
456 | * @end: end of the VM area to unmap (non-inclusive) | |
457 | * | |
458 | * Clears any present PTEs in the virtual address range, flushes TLBs and | |
459 | * caches. Any subsequent access to the address before it has been re-mapped | |
460 | * is a kernel bug. | |
461 | */ | |
462 | void vunmap_range(unsigned long addr, unsigned long end) | |
463 | { | |
464 | flush_cache_vunmap(addr, end); | |
465 | vunmap_range_noflush(addr, end); | |
466 | flush_tlb_kernel_range(addr, end); | |
467 | } | |
468 | ||
0a264884 | 469 | static int vmap_pages_pte_range(pmd_t *pmd, unsigned long addr, |
2ba3e694 JR |
470 | unsigned long end, pgprot_t prot, struct page **pages, int *nr, |
471 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
472 | { |
473 | pte_t *pte; | |
474 | ||
db64fe02 NP |
475 | /* |
476 | * nr is a running index into the array which helps higher level | |
477 | * callers keep track of where we're up to. | |
478 | */ | |
479 | ||
2ba3e694 | 480 | pte = pte_alloc_kernel_track(pmd, addr, mask); |
1da177e4 LT |
481 | if (!pte) |
482 | return -ENOMEM; | |
483 | do { | |
db64fe02 NP |
484 | struct page *page = pages[*nr]; |
485 | ||
486 | if (WARN_ON(!pte_none(*pte))) | |
487 | return -EBUSY; | |
488 | if (WARN_ON(!page)) | |
1da177e4 | 489 | return -ENOMEM; |
4fcdcc12 YN |
490 | if (WARN_ON(!pfn_valid(page_to_pfn(page)))) |
491 | return -EINVAL; | |
492 | ||
1da177e4 | 493 | set_pte_at(&init_mm, addr, pte, mk_pte(page, prot)); |
db64fe02 | 494 | (*nr)++; |
1da177e4 | 495 | } while (pte++, addr += PAGE_SIZE, addr != end); |
2ba3e694 | 496 | *mask |= PGTBL_PTE_MODIFIED; |
1da177e4 LT |
497 | return 0; |
498 | } | |
499 | ||
0a264884 | 500 | static int vmap_pages_pmd_range(pud_t *pud, unsigned long addr, |
2ba3e694 JR |
501 | unsigned long end, pgprot_t prot, struct page **pages, int *nr, |
502 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
503 | { |
504 | pmd_t *pmd; | |
505 | unsigned long next; | |
506 | ||
2ba3e694 | 507 | pmd = pmd_alloc_track(&init_mm, pud, addr, mask); |
1da177e4 LT |
508 | if (!pmd) |
509 | return -ENOMEM; | |
510 | do { | |
511 | next = pmd_addr_end(addr, end); | |
0a264884 | 512 | if (vmap_pages_pte_range(pmd, addr, next, prot, pages, nr, mask)) |
1da177e4 LT |
513 | return -ENOMEM; |
514 | } while (pmd++, addr = next, addr != end); | |
515 | return 0; | |
516 | } | |
517 | ||
0a264884 | 518 | static int vmap_pages_pud_range(p4d_t *p4d, unsigned long addr, |
2ba3e694 JR |
519 | unsigned long end, pgprot_t prot, struct page **pages, int *nr, |
520 | pgtbl_mod_mask *mask) | |
1da177e4 LT |
521 | { |
522 | pud_t *pud; | |
523 | unsigned long next; | |
524 | ||
2ba3e694 | 525 | pud = pud_alloc_track(&init_mm, p4d, addr, mask); |
1da177e4 LT |
526 | if (!pud) |
527 | return -ENOMEM; | |
528 | do { | |
529 | next = pud_addr_end(addr, end); | |
0a264884 | 530 | if (vmap_pages_pmd_range(pud, addr, next, prot, pages, nr, mask)) |
1da177e4 LT |
531 | return -ENOMEM; |
532 | } while (pud++, addr = next, addr != end); | |
533 | return 0; | |
534 | } | |
535 | ||
0a264884 | 536 | static int vmap_pages_p4d_range(pgd_t *pgd, unsigned long addr, |
2ba3e694 JR |
537 | unsigned long end, pgprot_t prot, struct page **pages, int *nr, |
538 | pgtbl_mod_mask *mask) | |
c2febafc KS |
539 | { |
540 | p4d_t *p4d; | |
541 | unsigned long next; | |
542 | ||
2ba3e694 | 543 | p4d = p4d_alloc_track(&init_mm, pgd, addr, mask); |
c2febafc KS |
544 | if (!p4d) |
545 | return -ENOMEM; | |
546 | do { | |
547 | next = p4d_addr_end(addr, end); | |
0a264884 | 548 | if (vmap_pages_pud_range(p4d, addr, next, prot, pages, nr, mask)) |
c2febafc KS |
549 | return -ENOMEM; |
550 | } while (p4d++, addr = next, addr != end); | |
551 | return 0; | |
552 | } | |
553 | ||
121e6f32 NP |
554 | static int vmap_small_pages_range_noflush(unsigned long addr, unsigned long end, |
555 | pgprot_t prot, struct page **pages) | |
1da177e4 | 556 | { |
2ba3e694 | 557 | unsigned long start = addr; |
b521c43f | 558 | pgd_t *pgd; |
121e6f32 | 559 | unsigned long next; |
db64fe02 NP |
560 | int err = 0; |
561 | int nr = 0; | |
2ba3e694 | 562 | pgtbl_mod_mask mask = 0; |
1da177e4 LT |
563 | |
564 | BUG_ON(addr >= end); | |
565 | pgd = pgd_offset_k(addr); | |
1da177e4 LT |
566 | do { |
567 | next = pgd_addr_end(addr, end); | |
2ba3e694 JR |
568 | if (pgd_bad(*pgd)) |
569 | mask |= PGTBL_PGD_MODIFIED; | |
0a264884 | 570 | err = vmap_pages_p4d_range(pgd, addr, next, prot, pages, &nr, &mask); |
1da177e4 | 571 | if (err) |
bf88c8c8 | 572 | return err; |
1da177e4 | 573 | } while (pgd++, addr = next, addr != end); |
db64fe02 | 574 | |
2ba3e694 JR |
575 | if (mask & ARCH_PAGE_TABLE_SYNC_MASK) |
576 | arch_sync_kernel_mappings(start, end); | |
577 | ||
60bb4465 | 578 | return 0; |
1da177e4 LT |
579 | } |
580 | ||
b67177ec NP |
581 | /* |
582 | * vmap_pages_range_noflush is similar to vmap_pages_range, but does not | |
583 | * flush caches. | |
584 | * | |
585 | * The caller is responsible for calling flush_cache_vmap() after this | |
586 | * function returns successfully and before the addresses are accessed. | |
587 | * | |
588 | * This is an internal function only. Do not use outside mm/. | |
589 | */ | |
b073d7f8 | 590 | int __vmap_pages_range_noflush(unsigned long addr, unsigned long end, |
121e6f32 NP |
591 | pgprot_t prot, struct page **pages, unsigned int page_shift) |
592 | { | |
593 | unsigned int i, nr = (end - addr) >> PAGE_SHIFT; | |
594 | ||
595 | WARN_ON(page_shift < PAGE_SHIFT); | |
596 | ||
597 | if (!IS_ENABLED(CONFIG_HAVE_ARCH_HUGE_VMALLOC) || | |
598 | page_shift == PAGE_SHIFT) | |
599 | return vmap_small_pages_range_noflush(addr, end, prot, pages); | |
600 | ||
601 | for (i = 0; i < nr; i += 1U << (page_shift - PAGE_SHIFT)) { | |
602 | int err; | |
603 | ||
604 | err = vmap_range_noflush(addr, addr + (1UL << page_shift), | |
08262ac5 | 605 | page_to_phys(pages[i]), prot, |
121e6f32 NP |
606 | page_shift); |
607 | if (err) | |
608 | return err; | |
609 | ||
610 | addr += 1UL << page_shift; | |
611 | } | |
612 | ||
613 | return 0; | |
614 | } | |
b073d7f8 AP |
615 | |
616 | int vmap_pages_range_noflush(unsigned long addr, unsigned long end, | |
617 | pgprot_t prot, struct page **pages, unsigned int page_shift) | |
618 | { | |
619 | kmsan_vmap_pages_range_noflush(addr, end, prot, pages, page_shift); | |
620 | return __vmap_pages_range_noflush(addr, end, prot, pages, page_shift); | |
621 | } | |
121e6f32 | 622 | |
121e6f32 | 623 | /** |
b67177ec | 624 | * vmap_pages_range - map pages to a kernel virtual address |
121e6f32 | 625 | * @addr: start of the VM area to map |
b67177ec | 626 | * @end: end of the VM area to map (non-inclusive) |
121e6f32 | 627 | * @prot: page protection flags to use |
b67177ec NP |
628 | * @pages: pages to map (always PAGE_SIZE pages) |
629 | * @page_shift: maximum shift that the pages may be mapped with, @pages must | |
630 | * be aligned and contiguous up to at least this shift. | |
121e6f32 NP |
631 | * |
632 | * RETURNS: | |
633 | * 0 on success, -errno on failure. | |
634 | */ | |
b67177ec NP |
635 | static int vmap_pages_range(unsigned long addr, unsigned long end, |
636 | pgprot_t prot, struct page **pages, unsigned int page_shift) | |
8fc48985 | 637 | { |
b67177ec | 638 | int err; |
8fc48985 | 639 | |
b67177ec NP |
640 | err = vmap_pages_range_noflush(addr, end, prot, pages, page_shift); |
641 | flush_cache_vmap(addr, end); | |
642 | return err; | |
8fc48985 TH |
643 | } |
644 | ||
81ac3ad9 | 645 | int is_vmalloc_or_module_addr(const void *x) |
73bdf0a6 LT |
646 | { |
647 | /* | |
ab4f2ee1 | 648 | * ARM, x86-64 and sparc64 put modules in a special place, |
73bdf0a6 LT |
649 | * and fall back on vmalloc() if that fails. Others |
650 | * just put it in the vmalloc space. | |
651 | */ | |
652 | #if defined(CONFIG_MODULES) && defined(MODULES_VADDR) | |
4aff1dc4 | 653 | unsigned long addr = (unsigned long)kasan_reset_tag(x); |
73bdf0a6 LT |
654 | if (addr >= MODULES_VADDR && addr < MODULES_END) |
655 | return 1; | |
656 | #endif | |
657 | return is_vmalloc_addr(x); | |
658 | } | |
659 | ||
48667e7a | 660 | /* |
c0eb315a NP |
661 | * Walk a vmap address to the struct page it maps. Huge vmap mappings will |
662 | * return the tail page that corresponds to the base page address, which | |
663 | * matches small vmap mappings. | |
48667e7a | 664 | */ |
add688fb | 665 | struct page *vmalloc_to_page(const void *vmalloc_addr) |
48667e7a CL |
666 | { |
667 | unsigned long addr = (unsigned long) vmalloc_addr; | |
add688fb | 668 | struct page *page = NULL; |
48667e7a | 669 | pgd_t *pgd = pgd_offset_k(addr); |
c2febafc KS |
670 | p4d_t *p4d; |
671 | pud_t *pud; | |
672 | pmd_t *pmd; | |
673 | pte_t *ptep, pte; | |
48667e7a | 674 | |
7aa413de IM |
675 | /* |
676 | * XXX we might need to change this if we add VIRTUAL_BUG_ON for | |
677 | * architectures that do not vmalloc module space | |
678 | */ | |
73bdf0a6 | 679 | VIRTUAL_BUG_ON(!is_vmalloc_or_module_addr(vmalloc_addr)); |
59ea7463 | 680 | |
c2febafc KS |
681 | if (pgd_none(*pgd)) |
682 | return NULL; | |
c0eb315a NP |
683 | if (WARN_ON_ONCE(pgd_leaf(*pgd))) |
684 | return NULL; /* XXX: no allowance for huge pgd */ | |
685 | if (WARN_ON_ONCE(pgd_bad(*pgd))) | |
686 | return NULL; | |
687 | ||
c2febafc KS |
688 | p4d = p4d_offset(pgd, addr); |
689 | if (p4d_none(*p4d)) | |
690 | return NULL; | |
c0eb315a NP |
691 | if (p4d_leaf(*p4d)) |
692 | return p4d_page(*p4d) + ((addr & ~P4D_MASK) >> PAGE_SHIFT); | |
693 | if (WARN_ON_ONCE(p4d_bad(*p4d))) | |
694 | return NULL; | |
029c54b0 | 695 | |
c0eb315a NP |
696 | pud = pud_offset(p4d, addr); |
697 | if (pud_none(*pud)) | |
698 | return NULL; | |
699 | if (pud_leaf(*pud)) | |
700 | return pud_page(*pud) + ((addr & ~PUD_MASK) >> PAGE_SHIFT); | |
701 | if (WARN_ON_ONCE(pud_bad(*pud))) | |
c2febafc | 702 | return NULL; |
c0eb315a | 703 | |
c2febafc | 704 | pmd = pmd_offset(pud, addr); |
c0eb315a NP |
705 | if (pmd_none(*pmd)) |
706 | return NULL; | |
707 | if (pmd_leaf(*pmd)) | |
708 | return pmd_page(*pmd) + ((addr & ~PMD_MASK) >> PAGE_SHIFT); | |
709 | if (WARN_ON_ONCE(pmd_bad(*pmd))) | |
c2febafc KS |
710 | return NULL; |
711 | ||
712 | ptep = pte_offset_map(pmd, addr); | |
713 | pte = *ptep; | |
714 | if (pte_present(pte)) | |
715 | page = pte_page(pte); | |
716 | pte_unmap(ptep); | |
c0eb315a | 717 | |
add688fb | 718 | return page; |
48667e7a | 719 | } |
add688fb | 720 | EXPORT_SYMBOL(vmalloc_to_page); |
48667e7a CL |
721 | |
722 | /* | |
add688fb | 723 | * Map a vmalloc()-space virtual address to the physical page frame number. |
48667e7a | 724 | */ |
add688fb | 725 | unsigned long vmalloc_to_pfn(const void *vmalloc_addr) |
48667e7a | 726 | { |
add688fb | 727 | return page_to_pfn(vmalloc_to_page(vmalloc_addr)); |
48667e7a | 728 | } |
add688fb | 729 | EXPORT_SYMBOL(vmalloc_to_pfn); |
48667e7a | 730 | |
db64fe02 NP |
731 | |
732 | /*** Global kva allocator ***/ | |
733 | ||
bb850f4d | 734 | #define DEBUG_AUGMENT_PROPAGATE_CHECK 0 |
a6cf4e0f | 735 | #define DEBUG_AUGMENT_LOWEST_MATCH_CHECK 0 |
bb850f4d | 736 | |
db64fe02 | 737 | |
db64fe02 | 738 | static DEFINE_SPINLOCK(vmap_area_lock); |
e36176be | 739 | static DEFINE_SPINLOCK(free_vmap_area_lock); |
f1c4069e JK |
740 | /* Export for kexec only */ |
741 | LIST_HEAD(vmap_area_list); | |
89699605 | 742 | static struct rb_root vmap_area_root = RB_ROOT; |
68ad4a33 | 743 | static bool vmap_initialized __read_mostly; |
89699605 | 744 | |
96e2db45 URS |
745 | static struct rb_root purge_vmap_area_root = RB_ROOT; |
746 | static LIST_HEAD(purge_vmap_area_list); | |
747 | static DEFINE_SPINLOCK(purge_vmap_area_lock); | |
748 | ||
68ad4a33 URS |
749 | /* |
750 | * This kmem_cache is used for vmap_area objects. Instead of | |
751 | * allocating from slab we reuse an object from this cache to | |
752 | * make things faster. Especially in "no edge" splitting of | |
753 | * free block. | |
754 | */ | |
755 | static struct kmem_cache *vmap_area_cachep; | |
756 | ||
757 | /* | |
758 | * This linked list is used in pair with free_vmap_area_root. | |
759 | * It gives O(1) access to prev/next to perform fast coalescing. | |
760 | */ | |
761 | static LIST_HEAD(free_vmap_area_list); | |
762 | ||
763 | /* | |
764 | * This augment red-black tree represents the free vmap space. | |
765 | * All vmap_area objects in this tree are sorted by va->va_start | |
766 | * address. It is used for allocation and merging when a vmap | |
767 | * object is released. | |
768 | * | |
769 | * Each vmap_area node contains a maximum available free block | |
770 | * of its sub-tree, right or left. Therefore it is possible to | |
771 | * find a lowest match of free area. | |
772 | */ | |
773 | static struct rb_root free_vmap_area_root = RB_ROOT; | |
774 | ||
82dd23e8 URS |
775 | /* |
776 | * Preload a CPU with one object for "no edge" split case. The | |
777 | * aim is to get rid of allocations from the atomic context, thus | |
778 | * to use more permissive allocation masks. | |
779 | */ | |
780 | static DEFINE_PER_CPU(struct vmap_area *, ne_fit_preload_node); | |
781 | ||
68ad4a33 URS |
782 | static __always_inline unsigned long |
783 | va_size(struct vmap_area *va) | |
784 | { | |
785 | return (va->va_end - va->va_start); | |
786 | } | |
787 | ||
788 | static __always_inline unsigned long | |
789 | get_subtree_max_size(struct rb_node *node) | |
790 | { | |
791 | struct vmap_area *va; | |
792 | ||
793 | va = rb_entry_safe(node, struct vmap_area, rb_node); | |
794 | return va ? va->subtree_max_size : 0; | |
795 | } | |
89699605 | 796 | |
315cc066 ML |
797 | RB_DECLARE_CALLBACKS_MAX(static, free_vmap_area_rb_augment_cb, |
798 | struct vmap_area, rb_node, unsigned long, subtree_max_size, va_size) | |
68ad4a33 URS |
799 | |
800 | static void purge_vmap_area_lazy(void); | |
801 | static BLOCKING_NOTIFIER_HEAD(vmap_notify_list); | |
690467c8 URS |
802 | static void drain_vmap_area_work(struct work_struct *work); |
803 | static DECLARE_WORK(drain_vmap_work, drain_vmap_area_work); | |
db64fe02 | 804 | |
97105f0a RG |
805 | static atomic_long_t nr_vmalloc_pages; |
806 | ||
807 | unsigned long vmalloc_nr_pages(void) | |
808 | { | |
809 | return atomic_long_read(&nr_vmalloc_pages); | |
810 | } | |
811 | ||
153090f2 | 812 | /* Look up the first VA which satisfies addr < va_end, NULL if none. */ |
f181234a CW |
813 | static struct vmap_area *find_vmap_area_exceed_addr(unsigned long addr) |
814 | { | |
815 | struct vmap_area *va = NULL; | |
816 | struct rb_node *n = vmap_area_root.rb_node; | |
817 | ||
4aff1dc4 AK |
818 | addr = (unsigned long)kasan_reset_tag((void *)addr); |
819 | ||
f181234a CW |
820 | while (n) { |
821 | struct vmap_area *tmp; | |
822 | ||
823 | tmp = rb_entry(n, struct vmap_area, rb_node); | |
824 | if (tmp->va_end > addr) { | |
825 | va = tmp; | |
826 | if (tmp->va_start <= addr) | |
827 | break; | |
828 | ||
829 | n = n->rb_left; | |
830 | } else | |
831 | n = n->rb_right; | |
832 | } | |
833 | ||
834 | return va; | |
835 | } | |
836 | ||
899c6efe | 837 | static struct vmap_area *__find_vmap_area(unsigned long addr, struct rb_root *root) |
1da177e4 | 838 | { |
899c6efe | 839 | struct rb_node *n = root->rb_node; |
db64fe02 | 840 | |
4aff1dc4 AK |
841 | addr = (unsigned long)kasan_reset_tag((void *)addr); |
842 | ||
db64fe02 NP |
843 | while (n) { |
844 | struct vmap_area *va; | |
845 | ||
846 | va = rb_entry(n, struct vmap_area, rb_node); | |
847 | if (addr < va->va_start) | |
848 | n = n->rb_left; | |
cef2ac3f | 849 | else if (addr >= va->va_end) |
db64fe02 NP |
850 | n = n->rb_right; |
851 | else | |
852 | return va; | |
853 | } | |
854 | ||
855 | return NULL; | |
856 | } | |
857 | ||
68ad4a33 URS |
858 | /* |
859 | * This function returns back addresses of parent node | |
860 | * and its left or right link for further processing. | |
9c801f61 URS |
861 | * |
862 | * Otherwise NULL is returned. In that case all further | |
863 | * steps regarding inserting of conflicting overlap range | |
864 | * have to be declined and actually considered as a bug. | |
68ad4a33 URS |
865 | */ |
866 | static __always_inline struct rb_node ** | |
867 | find_va_links(struct vmap_area *va, | |
868 | struct rb_root *root, struct rb_node *from, | |
869 | struct rb_node **parent) | |
870 | { | |
871 | struct vmap_area *tmp_va; | |
872 | struct rb_node **link; | |
873 | ||
874 | if (root) { | |
875 | link = &root->rb_node; | |
876 | if (unlikely(!*link)) { | |
877 | *parent = NULL; | |
878 | return link; | |
879 | } | |
880 | } else { | |
881 | link = &from; | |
882 | } | |
db64fe02 | 883 | |
68ad4a33 URS |
884 | /* |
885 | * Go to the bottom of the tree. When we hit the last point | |
886 | * we end up with parent rb_node and correct direction, i name | |
887 | * it link, where the new va->rb_node will be attached to. | |
888 | */ | |
889 | do { | |
890 | tmp_va = rb_entry(*link, struct vmap_area, rb_node); | |
db64fe02 | 891 | |
68ad4a33 URS |
892 | /* |
893 | * During the traversal we also do some sanity check. | |
894 | * Trigger the BUG() if there are sides(left/right) | |
895 | * or full overlaps. | |
896 | */ | |
753df96b | 897 | if (va->va_end <= tmp_va->va_start) |
68ad4a33 | 898 | link = &(*link)->rb_left; |
753df96b | 899 | else if (va->va_start >= tmp_va->va_end) |
68ad4a33 | 900 | link = &(*link)->rb_right; |
9c801f61 URS |
901 | else { |
902 | WARN(1, "vmalloc bug: 0x%lx-0x%lx overlaps with 0x%lx-0x%lx\n", | |
903 | va->va_start, va->va_end, tmp_va->va_start, tmp_va->va_end); | |
904 | ||
905 | return NULL; | |
906 | } | |
68ad4a33 URS |
907 | } while (*link); |
908 | ||
909 | *parent = &tmp_va->rb_node; | |
910 | return link; | |
911 | } | |
912 | ||
913 | static __always_inline struct list_head * | |
914 | get_va_next_sibling(struct rb_node *parent, struct rb_node **link) | |
915 | { | |
916 | struct list_head *list; | |
917 | ||
918 | if (unlikely(!parent)) | |
919 | /* | |
920 | * The red-black tree where we try to find VA neighbors | |
921 | * before merging or inserting is empty, i.e. it means | |
922 | * there is no free vmap space. Normally it does not | |
923 | * happen but we handle this case anyway. | |
924 | */ | |
925 | return NULL; | |
926 | ||
927 | list = &rb_entry(parent, struct vmap_area, rb_node)->list; | |
928 | return (&parent->rb_right == link ? list->next : list); | |
929 | } | |
930 | ||
931 | static __always_inline void | |
8eb510db URS |
932 | __link_va(struct vmap_area *va, struct rb_root *root, |
933 | struct rb_node *parent, struct rb_node **link, | |
934 | struct list_head *head, bool augment) | |
68ad4a33 URS |
935 | { |
936 | /* | |
937 | * VA is still not in the list, but we can | |
938 | * identify its future previous list_head node. | |
939 | */ | |
940 | if (likely(parent)) { | |
941 | head = &rb_entry(parent, struct vmap_area, rb_node)->list; | |
942 | if (&parent->rb_right != link) | |
943 | head = head->prev; | |
db64fe02 NP |
944 | } |
945 | ||
68ad4a33 URS |
946 | /* Insert to the rb-tree */ |
947 | rb_link_node(&va->rb_node, parent, link); | |
8eb510db | 948 | if (augment) { |
68ad4a33 URS |
949 | /* |
950 | * Some explanation here. Just perform simple insertion | |
951 | * to the tree. We do not set va->subtree_max_size to | |
952 | * its current size before calling rb_insert_augmented(). | |
153090f2 | 953 | * It is because we populate the tree from the bottom |
68ad4a33 URS |
954 | * to parent levels when the node _is_ in the tree. |
955 | * | |
956 | * Therefore we set subtree_max_size to zero after insertion, | |
957 | * to let __augment_tree_propagate_from() puts everything to | |
958 | * the correct order later on. | |
959 | */ | |
960 | rb_insert_augmented(&va->rb_node, | |
961 | root, &free_vmap_area_rb_augment_cb); | |
962 | va->subtree_max_size = 0; | |
963 | } else { | |
964 | rb_insert_color(&va->rb_node, root); | |
965 | } | |
db64fe02 | 966 | |
68ad4a33 URS |
967 | /* Address-sort this list */ |
968 | list_add(&va->list, head); | |
db64fe02 NP |
969 | } |
970 | ||
68ad4a33 | 971 | static __always_inline void |
8eb510db URS |
972 | link_va(struct vmap_area *va, struct rb_root *root, |
973 | struct rb_node *parent, struct rb_node **link, | |
974 | struct list_head *head) | |
975 | { | |
976 | __link_va(va, root, parent, link, head, false); | |
977 | } | |
978 | ||
979 | static __always_inline void | |
980 | link_va_augment(struct vmap_area *va, struct rb_root *root, | |
981 | struct rb_node *parent, struct rb_node **link, | |
982 | struct list_head *head) | |
983 | { | |
984 | __link_va(va, root, parent, link, head, true); | |
985 | } | |
986 | ||
987 | static __always_inline void | |
988 | __unlink_va(struct vmap_area *va, struct rb_root *root, bool augment) | |
68ad4a33 | 989 | { |
460e42d1 URS |
990 | if (WARN_ON(RB_EMPTY_NODE(&va->rb_node))) |
991 | return; | |
db64fe02 | 992 | |
8eb510db | 993 | if (augment) |
460e42d1 URS |
994 | rb_erase_augmented(&va->rb_node, |
995 | root, &free_vmap_area_rb_augment_cb); | |
996 | else | |
997 | rb_erase(&va->rb_node, root); | |
998 | ||
5d7a7c54 | 999 | list_del_init(&va->list); |
460e42d1 | 1000 | RB_CLEAR_NODE(&va->rb_node); |
68ad4a33 URS |
1001 | } |
1002 | ||
8eb510db URS |
1003 | static __always_inline void |
1004 | unlink_va(struct vmap_area *va, struct rb_root *root) | |
1005 | { | |
1006 | __unlink_va(va, root, false); | |
1007 | } | |
1008 | ||
1009 | static __always_inline void | |
1010 | unlink_va_augment(struct vmap_area *va, struct rb_root *root) | |
1011 | { | |
1012 | __unlink_va(va, root, true); | |
1013 | } | |
1014 | ||
bb850f4d | 1015 | #if DEBUG_AUGMENT_PROPAGATE_CHECK |
c3385e84 JC |
1016 | /* |
1017 | * Gets called when remove the node and rotate. | |
1018 | */ | |
1019 | static __always_inline unsigned long | |
1020 | compute_subtree_max_size(struct vmap_area *va) | |
1021 | { | |
1022 | return max3(va_size(va), | |
1023 | get_subtree_max_size(va->rb_node.rb_left), | |
1024 | get_subtree_max_size(va->rb_node.rb_right)); | |
1025 | } | |
1026 | ||
bb850f4d | 1027 | static void |
da27c9ed | 1028 | augment_tree_propagate_check(void) |
bb850f4d URS |
1029 | { |
1030 | struct vmap_area *va; | |
da27c9ed | 1031 | unsigned long computed_size; |
bb850f4d | 1032 | |
da27c9ed URS |
1033 | list_for_each_entry(va, &free_vmap_area_list, list) { |
1034 | computed_size = compute_subtree_max_size(va); | |
1035 | if (computed_size != va->subtree_max_size) | |
1036 | pr_emerg("tree is corrupted: %lu, %lu\n", | |
1037 | va_size(va), va->subtree_max_size); | |
bb850f4d | 1038 | } |
bb850f4d URS |
1039 | } |
1040 | #endif | |
1041 | ||
68ad4a33 URS |
1042 | /* |
1043 | * This function populates subtree_max_size from bottom to upper | |
1044 | * levels starting from VA point. The propagation must be done | |
1045 | * when VA size is modified by changing its va_start/va_end. Or | |
1046 | * in case of newly inserting of VA to the tree. | |
1047 | * | |
1048 | * It means that __augment_tree_propagate_from() must be called: | |
1049 | * - After VA has been inserted to the tree(free path); | |
1050 | * - After VA has been shrunk(allocation path); | |
1051 | * - After VA has been increased(merging path). | |
1052 | * | |
1053 | * Please note that, it does not mean that upper parent nodes | |
1054 | * and their subtree_max_size are recalculated all the time up | |
1055 | * to the root node. | |
1056 | * | |
1057 | * 4--8 | |
1058 | * /\ | |
1059 | * / \ | |
1060 | * / \ | |
1061 | * 2--2 8--8 | |
1062 | * | |
1063 | * For example if we modify the node 4, shrinking it to 2, then | |
1064 | * no any modification is required. If we shrink the node 2 to 1 | |
1065 | * its subtree_max_size is updated only, and set to 1. If we shrink | |
1066 | * the node 8 to 6, then its subtree_max_size is set to 6 and parent | |
1067 | * node becomes 4--6. | |
1068 | */ | |
1069 | static __always_inline void | |
1070 | augment_tree_propagate_from(struct vmap_area *va) | |
1071 | { | |
15ae144f URS |
1072 | /* |
1073 | * Populate the tree from bottom towards the root until | |
1074 | * the calculated maximum available size of checked node | |
1075 | * is equal to its current one. | |
1076 | */ | |
1077 | free_vmap_area_rb_augment_cb_propagate(&va->rb_node, NULL); | |
bb850f4d URS |
1078 | |
1079 | #if DEBUG_AUGMENT_PROPAGATE_CHECK | |
da27c9ed | 1080 | augment_tree_propagate_check(); |
bb850f4d | 1081 | #endif |
68ad4a33 URS |
1082 | } |
1083 | ||
1084 | static void | |
1085 | insert_vmap_area(struct vmap_area *va, | |
1086 | struct rb_root *root, struct list_head *head) | |
1087 | { | |
1088 | struct rb_node **link; | |
1089 | struct rb_node *parent; | |
1090 | ||
1091 | link = find_va_links(va, root, NULL, &parent); | |
9c801f61 URS |
1092 | if (link) |
1093 | link_va(va, root, parent, link, head); | |
68ad4a33 URS |
1094 | } |
1095 | ||
1096 | static void | |
1097 | insert_vmap_area_augment(struct vmap_area *va, | |
1098 | struct rb_node *from, struct rb_root *root, | |
1099 | struct list_head *head) | |
1100 | { | |
1101 | struct rb_node **link; | |
1102 | struct rb_node *parent; | |
1103 | ||
1104 | if (from) | |
1105 | link = find_va_links(va, NULL, from, &parent); | |
1106 | else | |
1107 | link = find_va_links(va, root, NULL, &parent); | |
1108 | ||
9c801f61 | 1109 | if (link) { |
8eb510db | 1110 | link_va_augment(va, root, parent, link, head); |
9c801f61 URS |
1111 | augment_tree_propagate_from(va); |
1112 | } | |
68ad4a33 URS |
1113 | } |
1114 | ||
1115 | /* | |
1116 | * Merge de-allocated chunk of VA memory with previous | |
1117 | * and next free blocks. If coalesce is not done a new | |
1118 | * free area is inserted. If VA has been merged, it is | |
1119 | * freed. | |
9c801f61 URS |
1120 | * |
1121 | * Please note, it can return NULL in case of overlap | |
1122 | * ranges, followed by WARN() report. Despite it is a | |
1123 | * buggy behaviour, a system can be alive and keep | |
1124 | * ongoing. | |
68ad4a33 | 1125 | */ |
3c5c3cfb | 1126 | static __always_inline struct vmap_area * |
8eb510db URS |
1127 | __merge_or_add_vmap_area(struct vmap_area *va, |
1128 | struct rb_root *root, struct list_head *head, bool augment) | |
68ad4a33 URS |
1129 | { |
1130 | struct vmap_area *sibling; | |
1131 | struct list_head *next; | |
1132 | struct rb_node **link; | |
1133 | struct rb_node *parent; | |
1134 | bool merged = false; | |
1135 | ||
1136 | /* | |
1137 | * Find a place in the tree where VA potentially will be | |
1138 | * inserted, unless it is merged with its sibling/siblings. | |
1139 | */ | |
1140 | link = find_va_links(va, root, NULL, &parent); | |
9c801f61 URS |
1141 | if (!link) |
1142 | return NULL; | |
68ad4a33 URS |
1143 | |
1144 | /* | |
1145 | * Get next node of VA to check if merging can be done. | |
1146 | */ | |
1147 | next = get_va_next_sibling(parent, link); | |
1148 | if (unlikely(next == NULL)) | |
1149 | goto insert; | |
1150 | ||
1151 | /* | |
1152 | * start end | |
1153 | * | | | |
1154 | * |<------VA------>|<-----Next----->| | |
1155 | * | | | |
1156 | * start end | |
1157 | */ | |
1158 | if (next != head) { | |
1159 | sibling = list_entry(next, struct vmap_area, list); | |
1160 | if (sibling->va_start == va->va_end) { | |
1161 | sibling->va_start = va->va_start; | |
1162 | ||
68ad4a33 URS |
1163 | /* Free vmap_area object. */ |
1164 | kmem_cache_free(vmap_area_cachep, va); | |
1165 | ||
1166 | /* Point to the new merged area. */ | |
1167 | va = sibling; | |
1168 | merged = true; | |
1169 | } | |
1170 | } | |
1171 | ||
1172 | /* | |
1173 | * start end | |
1174 | * | | | |
1175 | * |<-----Prev----->|<------VA------>| | |
1176 | * | | | |
1177 | * start end | |
1178 | */ | |
1179 | if (next->prev != head) { | |
1180 | sibling = list_entry(next->prev, struct vmap_area, list); | |
1181 | if (sibling->va_end == va->va_start) { | |
5dd78640 URS |
1182 | /* |
1183 | * If both neighbors are coalesced, it is important | |
1184 | * to unlink the "next" node first, followed by merging | |
1185 | * with "previous" one. Otherwise the tree might not be | |
1186 | * fully populated if a sibling's augmented value is | |
1187 | * "normalized" because of rotation operations. | |
1188 | */ | |
54f63d9d | 1189 | if (merged) |
8eb510db | 1190 | __unlink_va(va, root, augment); |
68ad4a33 | 1191 | |
5dd78640 URS |
1192 | sibling->va_end = va->va_end; |
1193 | ||
68ad4a33 URS |
1194 | /* Free vmap_area object. */ |
1195 | kmem_cache_free(vmap_area_cachep, va); | |
3c5c3cfb DA |
1196 | |
1197 | /* Point to the new merged area. */ | |
1198 | va = sibling; | |
1199 | merged = true; | |
68ad4a33 URS |
1200 | } |
1201 | } | |
1202 | ||
1203 | insert: | |
5dd78640 | 1204 | if (!merged) |
8eb510db | 1205 | __link_va(va, root, parent, link, head, augment); |
3c5c3cfb | 1206 | |
96e2db45 URS |
1207 | return va; |
1208 | } | |
1209 | ||
8eb510db URS |
1210 | static __always_inline struct vmap_area * |
1211 | merge_or_add_vmap_area(struct vmap_area *va, | |
1212 | struct rb_root *root, struct list_head *head) | |
1213 | { | |
1214 | return __merge_or_add_vmap_area(va, root, head, false); | |
1215 | } | |
1216 | ||
96e2db45 URS |
1217 | static __always_inline struct vmap_area * |
1218 | merge_or_add_vmap_area_augment(struct vmap_area *va, | |
1219 | struct rb_root *root, struct list_head *head) | |
1220 | { | |
8eb510db | 1221 | va = __merge_or_add_vmap_area(va, root, head, true); |
96e2db45 URS |
1222 | if (va) |
1223 | augment_tree_propagate_from(va); | |
1224 | ||
3c5c3cfb | 1225 | return va; |
68ad4a33 URS |
1226 | } |
1227 | ||
1228 | static __always_inline bool | |
1229 | is_within_this_va(struct vmap_area *va, unsigned long size, | |
1230 | unsigned long align, unsigned long vstart) | |
1231 | { | |
1232 | unsigned long nva_start_addr; | |
1233 | ||
1234 | if (va->va_start > vstart) | |
1235 | nva_start_addr = ALIGN(va->va_start, align); | |
1236 | else | |
1237 | nva_start_addr = ALIGN(vstart, align); | |
1238 | ||
1239 | /* Can be overflowed due to big size or alignment. */ | |
1240 | if (nva_start_addr + size < nva_start_addr || | |
1241 | nva_start_addr < vstart) | |
1242 | return false; | |
1243 | ||
1244 | return (nva_start_addr + size <= va->va_end); | |
1245 | } | |
1246 | ||
1247 | /* | |
1248 | * Find the first free block(lowest start address) in the tree, | |
1249 | * that will accomplish the request corresponding to passing | |
9333fe98 UR |
1250 | * parameters. Please note, with an alignment bigger than PAGE_SIZE, |
1251 | * a search length is adjusted to account for worst case alignment | |
1252 | * overhead. | |
68ad4a33 URS |
1253 | */ |
1254 | static __always_inline struct vmap_area * | |
f9863be4 URS |
1255 | find_vmap_lowest_match(struct rb_root *root, unsigned long size, |
1256 | unsigned long align, unsigned long vstart, bool adjust_search_size) | |
68ad4a33 URS |
1257 | { |
1258 | struct vmap_area *va; | |
1259 | struct rb_node *node; | |
9333fe98 | 1260 | unsigned long length; |
68ad4a33 URS |
1261 | |
1262 | /* Start from the root. */ | |
f9863be4 | 1263 | node = root->rb_node; |
68ad4a33 | 1264 | |
9333fe98 UR |
1265 | /* Adjust the search size for alignment overhead. */ |
1266 | length = adjust_search_size ? size + align - 1 : size; | |
1267 | ||
68ad4a33 URS |
1268 | while (node) { |
1269 | va = rb_entry(node, struct vmap_area, rb_node); | |
1270 | ||
9333fe98 | 1271 | if (get_subtree_max_size(node->rb_left) >= length && |
68ad4a33 URS |
1272 | vstart < va->va_start) { |
1273 | node = node->rb_left; | |
1274 | } else { | |
1275 | if (is_within_this_va(va, size, align, vstart)) | |
1276 | return va; | |
1277 | ||
1278 | /* | |
1279 | * Does not make sense to go deeper towards the right | |
1280 | * sub-tree if it does not have a free block that is | |
9333fe98 | 1281 | * equal or bigger to the requested search length. |
68ad4a33 | 1282 | */ |
9333fe98 | 1283 | if (get_subtree_max_size(node->rb_right) >= length) { |
68ad4a33 URS |
1284 | node = node->rb_right; |
1285 | continue; | |
1286 | } | |
1287 | ||
1288 | /* | |
3806b041 | 1289 | * OK. We roll back and find the first right sub-tree, |
68ad4a33 | 1290 | * that will satisfy the search criteria. It can happen |
9f531973 URS |
1291 | * due to "vstart" restriction or an alignment overhead |
1292 | * that is bigger then PAGE_SIZE. | |
68ad4a33 URS |
1293 | */ |
1294 | while ((node = rb_parent(node))) { | |
1295 | va = rb_entry(node, struct vmap_area, rb_node); | |
1296 | if (is_within_this_va(va, size, align, vstart)) | |
1297 | return va; | |
1298 | ||
9333fe98 | 1299 | if (get_subtree_max_size(node->rb_right) >= length && |
68ad4a33 | 1300 | vstart <= va->va_start) { |
9f531973 URS |
1301 | /* |
1302 | * Shift the vstart forward. Please note, we update it with | |
1303 | * parent's start address adding "1" because we do not want | |
1304 | * to enter same sub-tree after it has already been checked | |
1305 | * and no suitable free block found there. | |
1306 | */ | |
1307 | vstart = va->va_start + 1; | |
68ad4a33 URS |
1308 | node = node->rb_right; |
1309 | break; | |
1310 | } | |
1311 | } | |
1312 | } | |
1313 | } | |
1314 | ||
1315 | return NULL; | |
1316 | } | |
1317 | ||
a6cf4e0f URS |
1318 | #if DEBUG_AUGMENT_LOWEST_MATCH_CHECK |
1319 | #include <linux/random.h> | |
1320 | ||
1321 | static struct vmap_area * | |
bd1264c3 | 1322 | find_vmap_lowest_linear_match(struct list_head *head, unsigned long size, |
a6cf4e0f URS |
1323 | unsigned long align, unsigned long vstart) |
1324 | { | |
1325 | struct vmap_area *va; | |
1326 | ||
bd1264c3 | 1327 | list_for_each_entry(va, head, list) { |
a6cf4e0f URS |
1328 | if (!is_within_this_va(va, size, align, vstart)) |
1329 | continue; | |
1330 | ||
1331 | return va; | |
1332 | } | |
1333 | ||
1334 | return NULL; | |
1335 | } | |
1336 | ||
1337 | static void | |
bd1264c3 SL |
1338 | find_vmap_lowest_match_check(struct rb_root *root, struct list_head *head, |
1339 | unsigned long size, unsigned long align) | |
a6cf4e0f URS |
1340 | { |
1341 | struct vmap_area *va_1, *va_2; | |
1342 | unsigned long vstart; | |
1343 | unsigned int rnd; | |
1344 | ||
1345 | get_random_bytes(&rnd, sizeof(rnd)); | |
1346 | vstart = VMALLOC_START + rnd; | |
1347 | ||
bd1264c3 SL |
1348 | va_1 = find_vmap_lowest_match(root, size, align, vstart, false); |
1349 | va_2 = find_vmap_lowest_linear_match(head, size, align, vstart); | |
a6cf4e0f URS |
1350 | |
1351 | if (va_1 != va_2) | |
1352 | pr_emerg("not lowest: t: 0x%p, l: 0x%p, v: 0x%lx\n", | |
1353 | va_1, va_2, vstart); | |
1354 | } | |
1355 | #endif | |
1356 | ||
68ad4a33 URS |
1357 | enum fit_type { |
1358 | NOTHING_FIT = 0, | |
1359 | FL_FIT_TYPE = 1, /* full fit */ | |
1360 | LE_FIT_TYPE = 2, /* left edge fit */ | |
1361 | RE_FIT_TYPE = 3, /* right edge fit */ | |
1362 | NE_FIT_TYPE = 4 /* no edge fit */ | |
1363 | }; | |
1364 | ||
1365 | static __always_inline enum fit_type | |
1366 | classify_va_fit_type(struct vmap_area *va, | |
1367 | unsigned long nva_start_addr, unsigned long size) | |
1368 | { | |
1369 | enum fit_type type; | |
1370 | ||
1371 | /* Check if it is within VA. */ | |
1372 | if (nva_start_addr < va->va_start || | |
1373 | nva_start_addr + size > va->va_end) | |
1374 | return NOTHING_FIT; | |
1375 | ||
1376 | /* Now classify. */ | |
1377 | if (va->va_start == nva_start_addr) { | |
1378 | if (va->va_end == nva_start_addr + size) | |
1379 | type = FL_FIT_TYPE; | |
1380 | else | |
1381 | type = LE_FIT_TYPE; | |
1382 | } else if (va->va_end == nva_start_addr + size) { | |
1383 | type = RE_FIT_TYPE; | |
1384 | } else { | |
1385 | type = NE_FIT_TYPE; | |
1386 | } | |
1387 | ||
1388 | return type; | |
1389 | } | |
1390 | ||
1391 | static __always_inline int | |
f9863be4 URS |
1392 | adjust_va_to_fit_type(struct rb_root *root, struct list_head *head, |
1393 | struct vmap_area *va, unsigned long nva_start_addr, | |
1394 | unsigned long size) | |
68ad4a33 | 1395 | { |
2c929233 | 1396 | struct vmap_area *lva = NULL; |
1b23ff80 | 1397 | enum fit_type type = classify_va_fit_type(va, nva_start_addr, size); |
68ad4a33 URS |
1398 | |
1399 | if (type == FL_FIT_TYPE) { | |
1400 | /* | |
1401 | * No need to split VA, it fully fits. | |
1402 | * | |
1403 | * | | | |
1404 | * V NVA V | |
1405 | * |---------------| | |
1406 | */ | |
f9863be4 | 1407 | unlink_va_augment(va, root); |
68ad4a33 URS |
1408 | kmem_cache_free(vmap_area_cachep, va); |
1409 | } else if (type == LE_FIT_TYPE) { | |
1410 | /* | |
1411 | * Split left edge of fit VA. | |
1412 | * | |
1413 | * | | | |
1414 | * V NVA V R | |
1415 | * |-------|-------| | |
1416 | */ | |
1417 | va->va_start += size; | |
1418 | } else if (type == RE_FIT_TYPE) { | |
1419 | /* | |
1420 | * Split right edge of fit VA. | |
1421 | * | |
1422 | * | | | |
1423 | * L V NVA V | |
1424 | * |-------|-------| | |
1425 | */ | |
1426 | va->va_end = nva_start_addr; | |
1427 | } else if (type == NE_FIT_TYPE) { | |
1428 | /* | |
1429 | * Split no edge of fit VA. | |
1430 | * | |
1431 | * | | | |
1432 | * L V NVA V R | |
1433 | * |---|-------|---| | |
1434 | */ | |
82dd23e8 URS |
1435 | lva = __this_cpu_xchg(ne_fit_preload_node, NULL); |
1436 | if (unlikely(!lva)) { | |
1437 | /* | |
1438 | * For percpu allocator we do not do any pre-allocation | |
1439 | * and leave it as it is. The reason is it most likely | |
1440 | * never ends up with NE_FIT_TYPE splitting. In case of | |
1441 | * percpu allocations offsets and sizes are aligned to | |
1442 | * fixed align request, i.e. RE_FIT_TYPE and FL_FIT_TYPE | |
1443 | * are its main fitting cases. | |
1444 | * | |
1445 | * There are a few exceptions though, as an example it is | |
1446 | * a first allocation (early boot up) when we have "one" | |
1447 | * big free space that has to be split. | |
060650a2 URS |
1448 | * |
1449 | * Also we can hit this path in case of regular "vmap" | |
1450 | * allocations, if "this" current CPU was not preloaded. | |
1451 | * See the comment in alloc_vmap_area() why. If so, then | |
1452 | * GFP_NOWAIT is used instead to get an extra object for | |
1453 | * split purpose. That is rare and most time does not | |
1454 | * occur. | |
1455 | * | |
1456 | * What happens if an allocation gets failed. Basically, | |
1457 | * an "overflow" path is triggered to purge lazily freed | |
1458 | * areas to free some memory, then, the "retry" path is | |
1459 | * triggered to repeat one more time. See more details | |
1460 | * in alloc_vmap_area() function. | |
82dd23e8 URS |
1461 | */ |
1462 | lva = kmem_cache_alloc(vmap_area_cachep, GFP_NOWAIT); | |
1463 | if (!lva) | |
1464 | return -1; | |
1465 | } | |
68ad4a33 URS |
1466 | |
1467 | /* | |
1468 | * Build the remainder. | |
1469 | */ | |
1470 | lva->va_start = va->va_start; | |
1471 | lva->va_end = nva_start_addr; | |
1472 | ||
1473 | /* | |
1474 | * Shrink this VA to remaining size. | |
1475 | */ | |
1476 | va->va_start = nva_start_addr + size; | |
1477 | } else { | |
1478 | return -1; | |
1479 | } | |
1480 | ||
1481 | if (type != FL_FIT_TYPE) { | |
1482 | augment_tree_propagate_from(va); | |
1483 | ||
2c929233 | 1484 | if (lva) /* type == NE_FIT_TYPE */ |
f9863be4 | 1485 | insert_vmap_area_augment(lva, &va->rb_node, root, head); |
68ad4a33 URS |
1486 | } |
1487 | ||
1488 | return 0; | |
1489 | } | |
1490 | ||
1491 | /* | |
1492 | * Returns a start address of the newly allocated area, if success. | |
1493 | * Otherwise a vend is returned that indicates failure. | |
1494 | */ | |
1495 | static __always_inline unsigned long | |
f9863be4 URS |
1496 | __alloc_vmap_area(struct rb_root *root, struct list_head *head, |
1497 | unsigned long size, unsigned long align, | |
cacca6ba | 1498 | unsigned long vstart, unsigned long vend) |
68ad4a33 | 1499 | { |
9333fe98 | 1500 | bool adjust_search_size = true; |
68ad4a33 URS |
1501 | unsigned long nva_start_addr; |
1502 | struct vmap_area *va; | |
68ad4a33 URS |
1503 | int ret; |
1504 | ||
9333fe98 UR |
1505 | /* |
1506 | * Do not adjust when: | |
1507 | * a) align <= PAGE_SIZE, because it does not make any sense. | |
1508 | * All blocks(their start addresses) are at least PAGE_SIZE | |
1509 | * aligned anyway; | |
1510 | * b) a short range where a requested size corresponds to exactly | |
1511 | * specified [vstart:vend] interval and an alignment > PAGE_SIZE. | |
1512 | * With adjusted search length an allocation would not succeed. | |
1513 | */ | |
1514 | if (align <= PAGE_SIZE || (align > PAGE_SIZE && (vend - vstart) == size)) | |
1515 | adjust_search_size = false; | |
1516 | ||
f9863be4 | 1517 | va = find_vmap_lowest_match(root, size, align, vstart, adjust_search_size); |
68ad4a33 URS |
1518 | if (unlikely(!va)) |
1519 | return vend; | |
1520 | ||
1521 | if (va->va_start > vstart) | |
1522 | nva_start_addr = ALIGN(va->va_start, align); | |
1523 | else | |
1524 | nva_start_addr = ALIGN(vstart, align); | |
1525 | ||
1526 | /* Check the "vend" restriction. */ | |
1527 | if (nva_start_addr + size > vend) | |
1528 | return vend; | |
1529 | ||
68ad4a33 | 1530 | /* Update the free vmap_area. */ |
f9863be4 | 1531 | ret = adjust_va_to_fit_type(root, head, va, nva_start_addr, size); |
1b23ff80 | 1532 | if (WARN_ON_ONCE(ret)) |
68ad4a33 URS |
1533 | return vend; |
1534 | ||
a6cf4e0f | 1535 | #if DEBUG_AUGMENT_LOWEST_MATCH_CHECK |
bd1264c3 | 1536 | find_vmap_lowest_match_check(root, head, size, align); |
a6cf4e0f URS |
1537 | #endif |
1538 | ||
68ad4a33 URS |
1539 | return nva_start_addr; |
1540 | } | |
4da56b99 | 1541 | |
d98c9e83 AR |
1542 | /* |
1543 | * Free a region of KVA allocated by alloc_vmap_area | |
1544 | */ | |
1545 | static void free_vmap_area(struct vmap_area *va) | |
1546 | { | |
1547 | /* | |
1548 | * Remove from the busy tree/list. | |
1549 | */ | |
1550 | spin_lock(&vmap_area_lock); | |
1551 | unlink_va(va, &vmap_area_root); | |
1552 | spin_unlock(&vmap_area_lock); | |
1553 | ||
1554 | /* | |
1555 | * Insert/Merge it back to the free tree/list. | |
1556 | */ | |
1557 | spin_lock(&free_vmap_area_lock); | |
96e2db45 | 1558 | merge_or_add_vmap_area_augment(va, &free_vmap_area_root, &free_vmap_area_list); |
d98c9e83 AR |
1559 | spin_unlock(&free_vmap_area_lock); |
1560 | } | |
1561 | ||
187f8cc4 URS |
1562 | static inline void |
1563 | preload_this_cpu_lock(spinlock_t *lock, gfp_t gfp_mask, int node) | |
1564 | { | |
1565 | struct vmap_area *va = NULL; | |
1566 | ||
1567 | /* | |
1568 | * Preload this CPU with one extra vmap_area object. It is used | |
1569 | * when fit type of free area is NE_FIT_TYPE. It guarantees that | |
1570 | * a CPU that does an allocation is preloaded. | |
1571 | * | |
1572 | * We do it in non-atomic context, thus it allows us to use more | |
1573 | * permissive allocation masks to be more stable under low memory | |
1574 | * condition and high memory pressure. | |
1575 | */ | |
1576 | if (!this_cpu_read(ne_fit_preload_node)) | |
1577 | va = kmem_cache_alloc_node(vmap_area_cachep, gfp_mask, node); | |
1578 | ||
1579 | spin_lock(lock); | |
1580 | ||
1581 | if (va && __this_cpu_cmpxchg(ne_fit_preload_node, NULL, va)) | |
1582 | kmem_cache_free(vmap_area_cachep, va); | |
1583 | } | |
1584 | ||
db64fe02 NP |
1585 | /* |
1586 | * Allocate a region of KVA of the specified size and alignment, within the | |
1587 | * vstart and vend. | |
1588 | */ | |
1589 | static struct vmap_area *alloc_vmap_area(unsigned long size, | |
1590 | unsigned long align, | |
1591 | unsigned long vstart, unsigned long vend, | |
1592 | int node, gfp_t gfp_mask) | |
1593 | { | |
187f8cc4 | 1594 | struct vmap_area *va; |
12e376a6 | 1595 | unsigned long freed; |
1da177e4 | 1596 | unsigned long addr; |
db64fe02 | 1597 | int purged = 0; |
d98c9e83 | 1598 | int ret; |
db64fe02 | 1599 | |
7766970c | 1600 | BUG_ON(!size); |
891c49ab | 1601 | BUG_ON(offset_in_page(size)); |
89699605 | 1602 | BUG_ON(!is_power_of_2(align)); |
db64fe02 | 1603 | |
68ad4a33 URS |
1604 | if (unlikely(!vmap_initialized)) |
1605 | return ERR_PTR(-EBUSY); | |
1606 | ||
5803ed29 | 1607 | might_sleep(); |
f07116d7 | 1608 | gfp_mask = gfp_mask & GFP_RECLAIM_MASK; |
4da56b99 | 1609 | |
f07116d7 | 1610 | va = kmem_cache_alloc_node(vmap_area_cachep, gfp_mask, node); |
db64fe02 NP |
1611 | if (unlikely(!va)) |
1612 | return ERR_PTR(-ENOMEM); | |
1613 | ||
7f88f88f CM |
1614 | /* |
1615 | * Only scan the relevant parts containing pointers to other objects | |
1616 | * to avoid false negatives. | |
1617 | */ | |
f07116d7 | 1618 | kmemleak_scan_area(&va->rb_node, SIZE_MAX, gfp_mask); |
7f88f88f | 1619 | |
db64fe02 | 1620 | retry: |
187f8cc4 | 1621 | preload_this_cpu_lock(&free_vmap_area_lock, gfp_mask, node); |
f9863be4 URS |
1622 | addr = __alloc_vmap_area(&free_vmap_area_root, &free_vmap_area_list, |
1623 | size, align, vstart, vend); | |
187f8cc4 | 1624 | spin_unlock(&free_vmap_area_lock); |
89699605 | 1625 | |
cf243da6 URS |
1626 | trace_alloc_vmap_area(addr, size, align, vstart, vend, addr == vend); |
1627 | ||
afd07389 | 1628 | /* |
68ad4a33 URS |
1629 | * If an allocation fails, the "vend" address is |
1630 | * returned. Therefore trigger the overflow path. | |
afd07389 | 1631 | */ |
68ad4a33 | 1632 | if (unlikely(addr == vend)) |
89699605 | 1633 | goto overflow; |
db64fe02 NP |
1634 | |
1635 | va->va_start = addr; | |
1636 | va->va_end = addr + size; | |
688fcbfc | 1637 | va->vm = NULL; |
68ad4a33 | 1638 | |
e36176be URS |
1639 | spin_lock(&vmap_area_lock); |
1640 | insert_vmap_area(va, &vmap_area_root, &vmap_area_list); | |
db64fe02 NP |
1641 | spin_unlock(&vmap_area_lock); |
1642 | ||
61e16557 | 1643 | BUG_ON(!IS_ALIGNED(va->va_start, align)); |
89699605 NP |
1644 | BUG_ON(va->va_start < vstart); |
1645 | BUG_ON(va->va_end > vend); | |
1646 | ||
d98c9e83 AR |
1647 | ret = kasan_populate_vmalloc(addr, size); |
1648 | if (ret) { | |
1649 | free_vmap_area(va); | |
1650 | return ERR_PTR(ret); | |
1651 | } | |
1652 | ||
db64fe02 | 1653 | return va; |
89699605 NP |
1654 | |
1655 | overflow: | |
89699605 NP |
1656 | if (!purged) { |
1657 | purge_vmap_area_lazy(); | |
1658 | purged = 1; | |
1659 | goto retry; | |
1660 | } | |
4da56b99 | 1661 | |
12e376a6 URS |
1662 | freed = 0; |
1663 | blocking_notifier_call_chain(&vmap_notify_list, 0, &freed); | |
1664 | ||
1665 | if (freed > 0) { | |
1666 | purged = 0; | |
1667 | goto retry; | |
4da56b99 CW |
1668 | } |
1669 | ||
03497d76 | 1670 | if (!(gfp_mask & __GFP_NOWARN) && printk_ratelimit()) |
756a025f JP |
1671 | pr_warn("vmap allocation for size %lu failed: use vmalloc=<size> to increase size\n", |
1672 | size); | |
68ad4a33 URS |
1673 | |
1674 | kmem_cache_free(vmap_area_cachep, va); | |
89699605 | 1675 | return ERR_PTR(-EBUSY); |
db64fe02 NP |
1676 | } |
1677 | ||
4da56b99 CW |
1678 | int register_vmap_purge_notifier(struct notifier_block *nb) |
1679 | { | |
1680 | return blocking_notifier_chain_register(&vmap_notify_list, nb); | |
1681 | } | |
1682 | EXPORT_SYMBOL_GPL(register_vmap_purge_notifier); | |
1683 | ||
1684 | int unregister_vmap_purge_notifier(struct notifier_block *nb) | |
1685 | { | |
1686 | return blocking_notifier_chain_unregister(&vmap_notify_list, nb); | |
1687 | } | |
1688 | EXPORT_SYMBOL_GPL(unregister_vmap_purge_notifier); | |
1689 | ||
db64fe02 NP |
1690 | /* |
1691 | * lazy_max_pages is the maximum amount of virtual address space we gather up | |
1692 | * before attempting to purge with a TLB flush. | |
1693 | * | |
1694 | * There is a tradeoff here: a larger number will cover more kernel page tables | |
1695 | * and take slightly longer to purge, but it will linearly reduce the number of | |
1696 | * global TLB flushes that must be performed. It would seem natural to scale | |
1697 | * this number up linearly with the number of CPUs (because vmapping activity | |
1698 | * could also scale linearly with the number of CPUs), however it is likely | |
1699 | * that in practice, workloads might be constrained in other ways that mean | |
1700 | * vmap activity will not scale linearly with CPUs. Also, I want to be | |
1701 | * conservative and not introduce a big latency on huge systems, so go with | |
1702 | * a less aggressive log scale. It will still be an improvement over the old | |
1703 | * code, and it will be simple to change the scale factor if we find that it | |
1704 | * becomes a problem on bigger systems. | |
1705 | */ | |
1706 | static unsigned long lazy_max_pages(void) | |
1707 | { | |
1708 | unsigned int log; | |
1709 | ||
1710 | log = fls(num_online_cpus()); | |
1711 | ||
1712 | return log * (32UL * 1024 * 1024 / PAGE_SIZE); | |
1713 | } | |
1714 | ||
4d36e6f8 | 1715 | static atomic_long_t vmap_lazy_nr = ATOMIC_LONG_INIT(0); |
db64fe02 | 1716 | |
0574ecd1 | 1717 | /* |
f0953a1b | 1718 | * Serialize vmap purging. There is no actual critical section protected |
153090f2 | 1719 | * by this lock, but we want to avoid concurrent calls for performance |
0574ecd1 CH |
1720 | * reasons and to make the pcpu_get_vm_areas more deterministic. |
1721 | */ | |
f9e09977 | 1722 | static DEFINE_MUTEX(vmap_purge_lock); |
0574ecd1 | 1723 | |
02b709df NP |
1724 | /* for per-CPU blocks */ |
1725 | static void purge_fragmented_blocks_allcpus(void); | |
1726 | ||
db64fe02 NP |
1727 | /* |
1728 | * Purges all lazily-freed vmap areas. | |
db64fe02 | 1729 | */ |
0574ecd1 | 1730 | static bool __purge_vmap_area_lazy(unsigned long start, unsigned long end) |
db64fe02 | 1731 | { |
4d36e6f8 | 1732 | unsigned long resched_threshold; |
6030fd5f | 1733 | unsigned int num_purged_areas = 0; |
baa468a6 | 1734 | struct list_head local_purge_list; |
96e2db45 | 1735 | struct vmap_area *va, *n_va; |
db64fe02 | 1736 | |
0574ecd1 | 1737 | lockdep_assert_held(&vmap_purge_lock); |
02b709df | 1738 | |
96e2db45 URS |
1739 | spin_lock(&purge_vmap_area_lock); |
1740 | purge_vmap_area_root = RB_ROOT; | |
baa468a6 | 1741 | list_replace_init(&purge_vmap_area_list, &local_purge_list); |
96e2db45 URS |
1742 | spin_unlock(&purge_vmap_area_lock); |
1743 | ||
baa468a6 | 1744 | if (unlikely(list_empty(&local_purge_list))) |
6030fd5f | 1745 | goto out; |
68571be9 | 1746 | |
96e2db45 | 1747 | start = min(start, |
baa468a6 | 1748 | list_first_entry(&local_purge_list, |
96e2db45 URS |
1749 | struct vmap_area, list)->va_start); |
1750 | ||
1751 | end = max(end, | |
baa468a6 | 1752 | list_last_entry(&local_purge_list, |
96e2db45 | 1753 | struct vmap_area, list)->va_end); |
db64fe02 | 1754 | |
0574ecd1 | 1755 | flush_tlb_kernel_range(start, end); |
4d36e6f8 | 1756 | resched_threshold = lazy_max_pages() << 1; |
db64fe02 | 1757 | |
e36176be | 1758 | spin_lock(&free_vmap_area_lock); |
baa468a6 | 1759 | list_for_each_entry_safe(va, n_va, &local_purge_list, list) { |
4d36e6f8 | 1760 | unsigned long nr = (va->va_end - va->va_start) >> PAGE_SHIFT; |
3c5c3cfb DA |
1761 | unsigned long orig_start = va->va_start; |
1762 | unsigned long orig_end = va->va_end; | |
763b218d | 1763 | |
dd3b8353 URS |
1764 | /* |
1765 | * Finally insert or merge lazily-freed area. It is | |
1766 | * detached and there is no need to "unlink" it from | |
1767 | * anything. | |
1768 | */ | |
96e2db45 URS |
1769 | va = merge_or_add_vmap_area_augment(va, &free_vmap_area_root, |
1770 | &free_vmap_area_list); | |
3c5c3cfb | 1771 | |
9c801f61 URS |
1772 | if (!va) |
1773 | continue; | |
1774 | ||
3c5c3cfb DA |
1775 | if (is_vmalloc_or_module_addr((void *)orig_start)) |
1776 | kasan_release_vmalloc(orig_start, orig_end, | |
1777 | va->va_start, va->va_end); | |
dd3b8353 | 1778 | |
4d36e6f8 | 1779 | atomic_long_sub(nr, &vmap_lazy_nr); |
6030fd5f | 1780 | num_purged_areas++; |
68571be9 | 1781 | |
4d36e6f8 | 1782 | if (atomic_long_read(&vmap_lazy_nr) < resched_threshold) |
e36176be | 1783 | cond_resched_lock(&free_vmap_area_lock); |
763b218d | 1784 | } |
e36176be | 1785 | spin_unlock(&free_vmap_area_lock); |
6030fd5f URS |
1786 | |
1787 | out: | |
1788 | trace_purge_vmap_area_lazy(start, end, num_purged_areas); | |
1789 | return num_purged_areas > 0; | |
db64fe02 NP |
1790 | } |
1791 | ||
1792 | /* | |
1793 | * Kick off a purge of the outstanding lazy areas. | |
1794 | */ | |
1795 | static void purge_vmap_area_lazy(void) | |
1796 | { | |
f9e09977 | 1797 | mutex_lock(&vmap_purge_lock); |
0574ecd1 CH |
1798 | purge_fragmented_blocks_allcpus(); |
1799 | __purge_vmap_area_lazy(ULONG_MAX, 0); | |
f9e09977 | 1800 | mutex_unlock(&vmap_purge_lock); |
db64fe02 NP |
1801 | } |
1802 | ||
690467c8 URS |
1803 | static void drain_vmap_area_work(struct work_struct *work) |
1804 | { | |
1805 | unsigned long nr_lazy; | |
1806 | ||
1807 | do { | |
1808 | mutex_lock(&vmap_purge_lock); | |
1809 | __purge_vmap_area_lazy(ULONG_MAX, 0); | |
1810 | mutex_unlock(&vmap_purge_lock); | |
1811 | ||
1812 | /* Recheck if further work is required. */ | |
1813 | nr_lazy = atomic_long_read(&vmap_lazy_nr); | |
1814 | } while (nr_lazy > lazy_max_pages()); | |
1815 | } | |
1816 | ||
db64fe02 | 1817 | /* |
64141da5 JF |
1818 | * Free a vmap area, caller ensuring that the area has been unmapped |
1819 | * and flush_cache_vunmap had been called for the correct range | |
1820 | * previously. | |
db64fe02 | 1821 | */ |
64141da5 | 1822 | static void free_vmap_area_noflush(struct vmap_area *va) |
db64fe02 | 1823 | { |
8c4196fe URS |
1824 | unsigned long nr_lazy_max = lazy_max_pages(); |
1825 | unsigned long va_start = va->va_start; | |
4d36e6f8 | 1826 | unsigned long nr_lazy; |
80c4bd7a | 1827 | |
dd3b8353 URS |
1828 | spin_lock(&vmap_area_lock); |
1829 | unlink_va(va, &vmap_area_root); | |
1830 | spin_unlock(&vmap_area_lock); | |
1831 | ||
4d36e6f8 URS |
1832 | nr_lazy = atomic_long_add_return((va->va_end - va->va_start) >> |
1833 | PAGE_SHIFT, &vmap_lazy_nr); | |
80c4bd7a | 1834 | |
96e2db45 URS |
1835 | /* |
1836 | * Merge or place it to the purge tree/list. | |
1837 | */ | |
1838 | spin_lock(&purge_vmap_area_lock); | |
1839 | merge_or_add_vmap_area(va, | |
1840 | &purge_vmap_area_root, &purge_vmap_area_list); | |
1841 | spin_unlock(&purge_vmap_area_lock); | |
80c4bd7a | 1842 | |
8c4196fe URS |
1843 | trace_free_vmap_area_noflush(va_start, nr_lazy, nr_lazy_max); |
1844 | ||
96e2db45 | 1845 | /* After this point, we may free va at any time */ |
8c4196fe | 1846 | if (unlikely(nr_lazy > nr_lazy_max)) |
690467c8 | 1847 | schedule_work(&drain_vmap_work); |
db64fe02 NP |
1848 | } |
1849 | ||
b29acbdc NP |
1850 | /* |
1851 | * Free and unmap a vmap area | |
1852 | */ | |
1853 | static void free_unmap_vmap_area(struct vmap_area *va) | |
1854 | { | |
1855 | flush_cache_vunmap(va->va_start, va->va_end); | |
4ad0ae8c | 1856 | vunmap_range_noflush(va->va_start, va->va_end); |
8e57f8ac | 1857 | if (debug_pagealloc_enabled_static()) |
82a2e924 CP |
1858 | flush_tlb_kernel_range(va->va_start, va->va_end); |
1859 | ||
c8eef01e | 1860 | free_vmap_area_noflush(va); |
b29acbdc NP |
1861 | } |
1862 | ||
993d0b28 | 1863 | struct vmap_area *find_vmap_area(unsigned long addr) |
db64fe02 NP |
1864 | { |
1865 | struct vmap_area *va; | |
1866 | ||
1867 | spin_lock(&vmap_area_lock); | |
899c6efe | 1868 | va = __find_vmap_area(addr, &vmap_area_root); |
db64fe02 NP |
1869 | spin_unlock(&vmap_area_lock); |
1870 | ||
1871 | return va; | |
1872 | } | |
1873 | ||
db64fe02 NP |
1874 | /*** Per cpu kva allocator ***/ |
1875 | ||
1876 | /* | |
1877 | * vmap space is limited especially on 32 bit architectures. Ensure there is | |
1878 | * room for at least 16 percpu vmap blocks per CPU. | |
1879 | */ | |
1880 | /* | |
1881 | * If we had a constant VMALLOC_START and VMALLOC_END, we'd like to be able | |
1882 | * to #define VMALLOC_SPACE (VMALLOC_END-VMALLOC_START). Guess | |
1883 | * instead (we just need a rough idea) | |
1884 | */ | |
1885 | #if BITS_PER_LONG == 32 | |
1886 | #define VMALLOC_SPACE (128UL*1024*1024) | |
1887 | #else | |
1888 | #define VMALLOC_SPACE (128UL*1024*1024*1024) | |
1889 | #endif | |
1890 | ||
1891 | #define VMALLOC_PAGES (VMALLOC_SPACE / PAGE_SIZE) | |
1892 | #define VMAP_MAX_ALLOC BITS_PER_LONG /* 256K with 4K pages */ | |
1893 | #define VMAP_BBMAP_BITS_MAX 1024 /* 4MB with 4K pages */ | |
1894 | #define VMAP_BBMAP_BITS_MIN (VMAP_MAX_ALLOC*2) | |
1895 | #define VMAP_MIN(x, y) ((x) < (y) ? (x) : (y)) /* can't use min() */ | |
1896 | #define VMAP_MAX(x, y) ((x) > (y) ? (x) : (y)) /* can't use max() */ | |
f982f915 CL |
1897 | #define VMAP_BBMAP_BITS \ |
1898 | VMAP_MIN(VMAP_BBMAP_BITS_MAX, \ | |
1899 | VMAP_MAX(VMAP_BBMAP_BITS_MIN, \ | |
1900 | VMALLOC_PAGES / roundup_pow_of_two(NR_CPUS) / 16)) | |
db64fe02 NP |
1901 | |
1902 | #define VMAP_BLOCK_SIZE (VMAP_BBMAP_BITS * PAGE_SIZE) | |
1903 | ||
1904 | struct vmap_block_queue { | |
1905 | spinlock_t lock; | |
1906 | struct list_head free; | |
db64fe02 NP |
1907 | }; |
1908 | ||
1909 | struct vmap_block { | |
1910 | spinlock_t lock; | |
1911 | struct vmap_area *va; | |
db64fe02 | 1912 | unsigned long free, dirty; |
7d61bfe8 | 1913 | unsigned long dirty_min, dirty_max; /*< dirty range */ |
de560423 NP |
1914 | struct list_head free_list; |
1915 | struct rcu_head rcu_head; | |
02b709df | 1916 | struct list_head purge; |
db64fe02 NP |
1917 | }; |
1918 | ||
1919 | /* Queue of free and dirty vmap blocks, for allocation and flushing purposes */ | |
1920 | static DEFINE_PER_CPU(struct vmap_block_queue, vmap_block_queue); | |
1921 | ||
1922 | /* | |
0f14599c | 1923 | * XArray of vmap blocks, indexed by address, to quickly find a vmap block |
db64fe02 NP |
1924 | * in the free path. Could get rid of this if we change the API to return a |
1925 | * "cookie" from alloc, to be passed to free. But no big deal yet. | |
1926 | */ | |
0f14599c | 1927 | static DEFINE_XARRAY(vmap_blocks); |
db64fe02 NP |
1928 | |
1929 | /* | |
1930 | * We should probably have a fallback mechanism to allocate virtual memory | |
1931 | * out of partially filled vmap blocks. However vmap block sizing should be | |
1932 | * fairly reasonable according to the vmalloc size, so it shouldn't be a | |
1933 | * big problem. | |
1934 | */ | |
1935 | ||
1936 | static unsigned long addr_to_vb_idx(unsigned long addr) | |
1937 | { | |
1938 | addr -= VMALLOC_START & ~(VMAP_BLOCK_SIZE-1); | |
1939 | addr /= VMAP_BLOCK_SIZE; | |
1940 | return addr; | |
1941 | } | |
1942 | ||
cf725ce2 RP |
1943 | static void *vmap_block_vaddr(unsigned long va_start, unsigned long pages_off) |
1944 | { | |
1945 | unsigned long addr; | |
1946 | ||
1947 | addr = va_start + (pages_off << PAGE_SHIFT); | |
1948 | BUG_ON(addr_to_vb_idx(addr) != addr_to_vb_idx(va_start)); | |
1949 | return (void *)addr; | |
1950 | } | |
1951 | ||
1952 | /** | |
1953 | * new_vmap_block - allocates new vmap_block and occupies 2^order pages in this | |
1954 | * block. Of course pages number can't exceed VMAP_BBMAP_BITS | |
1955 | * @order: how many 2^order pages should be occupied in newly allocated block | |
1956 | * @gfp_mask: flags for the page level allocator | |
1957 | * | |
a862f68a | 1958 | * Return: virtual address in a newly allocated block or ERR_PTR(-errno) |
cf725ce2 RP |
1959 | */ |
1960 | static void *new_vmap_block(unsigned int order, gfp_t gfp_mask) | |
db64fe02 NP |
1961 | { |
1962 | struct vmap_block_queue *vbq; | |
1963 | struct vmap_block *vb; | |
1964 | struct vmap_area *va; | |
1965 | unsigned long vb_idx; | |
1966 | int node, err; | |
cf725ce2 | 1967 | void *vaddr; |
db64fe02 NP |
1968 | |
1969 | node = numa_node_id(); | |
1970 | ||
1971 | vb = kmalloc_node(sizeof(struct vmap_block), | |
1972 | gfp_mask & GFP_RECLAIM_MASK, node); | |
1973 | if (unlikely(!vb)) | |
1974 | return ERR_PTR(-ENOMEM); | |
1975 | ||
1976 | va = alloc_vmap_area(VMAP_BLOCK_SIZE, VMAP_BLOCK_SIZE, | |
1977 | VMALLOC_START, VMALLOC_END, | |
1978 | node, gfp_mask); | |
ddf9c6d4 | 1979 | if (IS_ERR(va)) { |
db64fe02 | 1980 | kfree(vb); |
e7d86340 | 1981 | return ERR_CAST(va); |
db64fe02 NP |
1982 | } |
1983 | ||
cf725ce2 | 1984 | vaddr = vmap_block_vaddr(va->va_start, 0); |
db64fe02 NP |
1985 | spin_lock_init(&vb->lock); |
1986 | vb->va = va; | |
cf725ce2 RP |
1987 | /* At least something should be left free */ |
1988 | BUG_ON(VMAP_BBMAP_BITS <= (1UL << order)); | |
1989 | vb->free = VMAP_BBMAP_BITS - (1UL << order); | |
db64fe02 | 1990 | vb->dirty = 0; |
7d61bfe8 RP |
1991 | vb->dirty_min = VMAP_BBMAP_BITS; |
1992 | vb->dirty_max = 0; | |
db64fe02 | 1993 | INIT_LIST_HEAD(&vb->free_list); |
db64fe02 NP |
1994 | |
1995 | vb_idx = addr_to_vb_idx(va->va_start); | |
0f14599c MWO |
1996 | err = xa_insert(&vmap_blocks, vb_idx, vb, gfp_mask); |
1997 | if (err) { | |
1998 | kfree(vb); | |
1999 | free_vmap_area(va); | |
2000 | return ERR_PTR(err); | |
2001 | } | |
db64fe02 | 2002 | |
3f804920 | 2003 | vbq = raw_cpu_ptr(&vmap_block_queue); |
db64fe02 | 2004 | spin_lock(&vbq->lock); |
68ac546f | 2005 | list_add_tail_rcu(&vb->free_list, &vbq->free); |
db64fe02 | 2006 | spin_unlock(&vbq->lock); |
db64fe02 | 2007 | |
cf725ce2 | 2008 | return vaddr; |
db64fe02 NP |
2009 | } |
2010 | ||
db64fe02 NP |
2011 | static void free_vmap_block(struct vmap_block *vb) |
2012 | { | |
2013 | struct vmap_block *tmp; | |
db64fe02 | 2014 | |
0f14599c | 2015 | tmp = xa_erase(&vmap_blocks, addr_to_vb_idx(vb->va->va_start)); |
db64fe02 NP |
2016 | BUG_ON(tmp != vb); |
2017 | ||
64141da5 | 2018 | free_vmap_area_noflush(vb->va); |
22a3c7d1 | 2019 | kfree_rcu(vb, rcu_head); |
db64fe02 NP |
2020 | } |
2021 | ||
02b709df NP |
2022 | static void purge_fragmented_blocks(int cpu) |
2023 | { | |
2024 | LIST_HEAD(purge); | |
2025 | struct vmap_block *vb; | |
2026 | struct vmap_block *n_vb; | |
2027 | struct vmap_block_queue *vbq = &per_cpu(vmap_block_queue, cpu); | |
2028 | ||
2029 | rcu_read_lock(); | |
2030 | list_for_each_entry_rcu(vb, &vbq->free, free_list) { | |
2031 | ||
2032 | if (!(vb->free + vb->dirty == VMAP_BBMAP_BITS && vb->dirty != VMAP_BBMAP_BITS)) | |
2033 | continue; | |
2034 | ||
2035 | spin_lock(&vb->lock); | |
2036 | if (vb->free + vb->dirty == VMAP_BBMAP_BITS && vb->dirty != VMAP_BBMAP_BITS) { | |
2037 | vb->free = 0; /* prevent further allocs after releasing lock */ | |
2038 | vb->dirty = VMAP_BBMAP_BITS; /* prevent purging it again */ | |
7d61bfe8 RP |
2039 | vb->dirty_min = 0; |
2040 | vb->dirty_max = VMAP_BBMAP_BITS; | |
02b709df NP |
2041 | spin_lock(&vbq->lock); |
2042 | list_del_rcu(&vb->free_list); | |
2043 | spin_unlock(&vbq->lock); | |
2044 | spin_unlock(&vb->lock); | |
2045 | list_add_tail(&vb->purge, &purge); | |
2046 | } else | |
2047 | spin_unlock(&vb->lock); | |
2048 | } | |
2049 | rcu_read_unlock(); | |
2050 | ||
2051 | list_for_each_entry_safe(vb, n_vb, &purge, purge) { | |
2052 | list_del(&vb->purge); | |
2053 | free_vmap_block(vb); | |
2054 | } | |
2055 | } | |
2056 | ||
02b709df NP |
2057 | static void purge_fragmented_blocks_allcpus(void) |
2058 | { | |
2059 | int cpu; | |
2060 | ||
2061 | for_each_possible_cpu(cpu) | |
2062 | purge_fragmented_blocks(cpu); | |
2063 | } | |
2064 | ||
db64fe02 NP |
2065 | static void *vb_alloc(unsigned long size, gfp_t gfp_mask) |
2066 | { | |
2067 | struct vmap_block_queue *vbq; | |
2068 | struct vmap_block *vb; | |
cf725ce2 | 2069 | void *vaddr = NULL; |
db64fe02 NP |
2070 | unsigned int order; |
2071 | ||
891c49ab | 2072 | BUG_ON(offset_in_page(size)); |
db64fe02 | 2073 | BUG_ON(size > PAGE_SIZE*VMAP_MAX_ALLOC); |
aa91c4d8 JK |
2074 | if (WARN_ON(size == 0)) { |
2075 | /* | |
2076 | * Allocating 0 bytes isn't what caller wants since | |
2077 | * get_order(0) returns funny result. Just warn and terminate | |
2078 | * early. | |
2079 | */ | |
2080 | return NULL; | |
2081 | } | |
db64fe02 NP |
2082 | order = get_order(size); |
2083 | ||
db64fe02 | 2084 | rcu_read_lock(); |
3f804920 | 2085 | vbq = raw_cpu_ptr(&vmap_block_queue); |
db64fe02 | 2086 | list_for_each_entry_rcu(vb, &vbq->free, free_list) { |
cf725ce2 | 2087 | unsigned long pages_off; |
db64fe02 NP |
2088 | |
2089 | spin_lock(&vb->lock); | |
cf725ce2 RP |
2090 | if (vb->free < (1UL << order)) { |
2091 | spin_unlock(&vb->lock); | |
2092 | continue; | |
2093 | } | |
02b709df | 2094 | |
cf725ce2 RP |
2095 | pages_off = VMAP_BBMAP_BITS - vb->free; |
2096 | vaddr = vmap_block_vaddr(vb->va->va_start, pages_off); | |
02b709df NP |
2097 | vb->free -= 1UL << order; |
2098 | if (vb->free == 0) { | |
2099 | spin_lock(&vbq->lock); | |
2100 | list_del_rcu(&vb->free_list); | |
2101 | spin_unlock(&vbq->lock); | |
2102 | } | |
cf725ce2 | 2103 | |
02b709df NP |
2104 | spin_unlock(&vb->lock); |
2105 | break; | |
db64fe02 | 2106 | } |
02b709df | 2107 | |
db64fe02 NP |
2108 | rcu_read_unlock(); |
2109 | ||
cf725ce2 RP |
2110 | /* Allocate new block if nothing was found */ |
2111 | if (!vaddr) | |
2112 | vaddr = new_vmap_block(order, gfp_mask); | |
db64fe02 | 2113 | |
cf725ce2 | 2114 | return vaddr; |
db64fe02 NP |
2115 | } |
2116 | ||
78a0e8c4 | 2117 | static void vb_free(unsigned long addr, unsigned long size) |
db64fe02 NP |
2118 | { |
2119 | unsigned long offset; | |
db64fe02 NP |
2120 | unsigned int order; |
2121 | struct vmap_block *vb; | |
2122 | ||
891c49ab | 2123 | BUG_ON(offset_in_page(size)); |
db64fe02 | 2124 | BUG_ON(size > PAGE_SIZE*VMAP_MAX_ALLOC); |
b29acbdc | 2125 | |
78a0e8c4 | 2126 | flush_cache_vunmap(addr, addr + size); |
b29acbdc | 2127 | |
db64fe02 | 2128 | order = get_order(size); |
78a0e8c4 | 2129 | offset = (addr & (VMAP_BLOCK_SIZE - 1)) >> PAGE_SHIFT; |
0f14599c | 2130 | vb = xa_load(&vmap_blocks, addr_to_vb_idx(addr)); |
db64fe02 | 2131 | |
4ad0ae8c | 2132 | vunmap_range_noflush(addr, addr + size); |
64141da5 | 2133 | |
8e57f8ac | 2134 | if (debug_pagealloc_enabled_static()) |
78a0e8c4 | 2135 | flush_tlb_kernel_range(addr, addr + size); |
82a2e924 | 2136 | |
db64fe02 | 2137 | spin_lock(&vb->lock); |
7d61bfe8 RP |
2138 | |
2139 | /* Expand dirty range */ | |
2140 | vb->dirty_min = min(vb->dirty_min, offset); | |
2141 | vb->dirty_max = max(vb->dirty_max, offset + (1UL << order)); | |
d086817d | 2142 | |
db64fe02 NP |
2143 | vb->dirty += 1UL << order; |
2144 | if (vb->dirty == VMAP_BBMAP_BITS) { | |
de560423 | 2145 | BUG_ON(vb->free); |
db64fe02 NP |
2146 | spin_unlock(&vb->lock); |
2147 | free_vmap_block(vb); | |
2148 | } else | |
2149 | spin_unlock(&vb->lock); | |
2150 | } | |
2151 | ||
868b104d | 2152 | static void _vm_unmap_aliases(unsigned long start, unsigned long end, int flush) |
db64fe02 | 2153 | { |
db64fe02 | 2154 | int cpu; |
db64fe02 | 2155 | |
9b463334 JF |
2156 | if (unlikely(!vmap_initialized)) |
2157 | return; | |
2158 | ||
5803ed29 CH |
2159 | might_sleep(); |
2160 | ||
db64fe02 NP |
2161 | for_each_possible_cpu(cpu) { |
2162 | struct vmap_block_queue *vbq = &per_cpu(vmap_block_queue, cpu); | |
2163 | struct vmap_block *vb; | |
2164 | ||
2165 | rcu_read_lock(); | |
2166 | list_for_each_entry_rcu(vb, &vbq->free, free_list) { | |
db64fe02 | 2167 | spin_lock(&vb->lock); |
ad216c03 | 2168 | if (vb->dirty && vb->dirty != VMAP_BBMAP_BITS) { |
7d61bfe8 | 2169 | unsigned long va_start = vb->va->va_start; |
db64fe02 | 2170 | unsigned long s, e; |
b136be5e | 2171 | |
7d61bfe8 RP |
2172 | s = va_start + (vb->dirty_min << PAGE_SHIFT); |
2173 | e = va_start + (vb->dirty_max << PAGE_SHIFT); | |
db64fe02 | 2174 | |
7d61bfe8 RP |
2175 | start = min(s, start); |
2176 | end = max(e, end); | |
db64fe02 | 2177 | |
7d61bfe8 | 2178 | flush = 1; |
db64fe02 NP |
2179 | } |
2180 | spin_unlock(&vb->lock); | |
2181 | } | |
2182 | rcu_read_unlock(); | |
2183 | } | |
2184 | ||
f9e09977 | 2185 | mutex_lock(&vmap_purge_lock); |
0574ecd1 CH |
2186 | purge_fragmented_blocks_allcpus(); |
2187 | if (!__purge_vmap_area_lazy(start, end) && flush) | |
2188 | flush_tlb_kernel_range(start, end); | |
f9e09977 | 2189 | mutex_unlock(&vmap_purge_lock); |
db64fe02 | 2190 | } |
868b104d RE |
2191 | |
2192 | /** | |
2193 | * vm_unmap_aliases - unmap outstanding lazy aliases in the vmap layer | |
2194 | * | |
2195 | * The vmap/vmalloc layer lazily flushes kernel virtual mappings primarily | |
2196 | * to amortize TLB flushing overheads. What this means is that any page you | |
2197 | * have now, may, in a former life, have been mapped into kernel virtual | |
2198 | * address by the vmap layer and so there might be some CPUs with TLB entries | |
2199 | * still referencing that page (additional to the regular 1:1 kernel mapping). | |
2200 | * | |
2201 | * vm_unmap_aliases flushes all such lazy mappings. After it returns, we can | |
2202 | * be sure that none of the pages we have control over will have any aliases | |
2203 | * from the vmap layer. | |
2204 | */ | |
2205 | void vm_unmap_aliases(void) | |
2206 | { | |
2207 | unsigned long start = ULONG_MAX, end = 0; | |
2208 | int flush = 0; | |
2209 | ||
2210 | _vm_unmap_aliases(start, end, flush); | |
2211 | } | |
db64fe02 NP |
2212 | EXPORT_SYMBOL_GPL(vm_unmap_aliases); |
2213 | ||
2214 | /** | |
2215 | * vm_unmap_ram - unmap linear kernel address space set up by vm_map_ram | |
2216 | * @mem: the pointer returned by vm_map_ram | |
2217 | * @count: the count passed to that vm_map_ram call (cannot unmap partial) | |
2218 | */ | |
2219 | void vm_unmap_ram(const void *mem, unsigned int count) | |
2220 | { | |
65ee03c4 | 2221 | unsigned long size = (unsigned long)count << PAGE_SHIFT; |
4aff1dc4 | 2222 | unsigned long addr = (unsigned long)kasan_reset_tag(mem); |
9c3acf60 | 2223 | struct vmap_area *va; |
db64fe02 | 2224 | |
5803ed29 | 2225 | might_sleep(); |
db64fe02 NP |
2226 | BUG_ON(!addr); |
2227 | BUG_ON(addr < VMALLOC_START); | |
2228 | BUG_ON(addr > VMALLOC_END); | |
a1c0b1a0 | 2229 | BUG_ON(!PAGE_ALIGNED(addr)); |
db64fe02 | 2230 | |
d98c9e83 AR |
2231 | kasan_poison_vmalloc(mem, size); |
2232 | ||
9c3acf60 | 2233 | if (likely(count <= VMAP_MAX_ALLOC)) { |
05e3ff95 | 2234 | debug_check_no_locks_freed(mem, size); |
78a0e8c4 | 2235 | vb_free(addr, size); |
9c3acf60 CH |
2236 | return; |
2237 | } | |
2238 | ||
2239 | va = find_vmap_area(addr); | |
2240 | BUG_ON(!va); | |
05e3ff95 CP |
2241 | debug_check_no_locks_freed((void *)va->va_start, |
2242 | (va->va_end - va->va_start)); | |
9c3acf60 | 2243 | free_unmap_vmap_area(va); |
db64fe02 NP |
2244 | } |
2245 | EXPORT_SYMBOL(vm_unmap_ram); | |
2246 | ||
2247 | /** | |
2248 | * vm_map_ram - map pages linearly into kernel virtual address (vmalloc space) | |
2249 | * @pages: an array of pointers to the pages to be mapped | |
2250 | * @count: number of pages | |
2251 | * @node: prefer to allocate data structures on this node | |
e99c97ad | 2252 | * |
36437638 GK |
2253 | * If you use this function for less than VMAP_MAX_ALLOC pages, it could be |
2254 | * faster than vmap so it's good. But if you mix long-life and short-life | |
2255 | * objects with vm_map_ram(), it could consume lots of address space through | |
2256 | * fragmentation (especially on a 32bit machine). You could see failures in | |
2257 | * the end. Please use this function for short-lived objects. | |
2258 | * | |
e99c97ad | 2259 | * Returns: a pointer to the address that has been mapped, or %NULL on failure |
db64fe02 | 2260 | */ |
d4efd79a | 2261 | void *vm_map_ram(struct page **pages, unsigned int count, int node) |
db64fe02 | 2262 | { |
65ee03c4 | 2263 | unsigned long size = (unsigned long)count << PAGE_SHIFT; |
db64fe02 NP |
2264 | unsigned long addr; |
2265 | void *mem; | |
2266 | ||
2267 | if (likely(count <= VMAP_MAX_ALLOC)) { | |
2268 | mem = vb_alloc(size, GFP_KERNEL); | |
2269 | if (IS_ERR(mem)) | |
2270 | return NULL; | |
2271 | addr = (unsigned long)mem; | |
2272 | } else { | |
2273 | struct vmap_area *va; | |
2274 | va = alloc_vmap_area(size, PAGE_SIZE, | |
2275 | VMALLOC_START, VMALLOC_END, node, GFP_KERNEL); | |
2276 | if (IS_ERR(va)) | |
2277 | return NULL; | |
2278 | ||
2279 | addr = va->va_start; | |
2280 | mem = (void *)addr; | |
2281 | } | |
d98c9e83 | 2282 | |
b67177ec NP |
2283 | if (vmap_pages_range(addr, addr + size, PAGE_KERNEL, |
2284 | pages, PAGE_SHIFT) < 0) { | |
db64fe02 NP |
2285 | vm_unmap_ram(mem, count); |
2286 | return NULL; | |
2287 | } | |
b67177ec | 2288 | |
23689e91 AK |
2289 | /* |
2290 | * Mark the pages as accessible, now that they are mapped. | |
2291 | * With hardware tag-based KASAN, marking is skipped for | |
2292 | * non-VM_ALLOC mappings, see __kasan_unpoison_vmalloc(). | |
2293 | */ | |
f6e39794 | 2294 | mem = kasan_unpoison_vmalloc(mem, size, KASAN_VMALLOC_PROT_NORMAL); |
19f1c3ac | 2295 | |
db64fe02 NP |
2296 | return mem; |
2297 | } | |
2298 | EXPORT_SYMBOL(vm_map_ram); | |
2299 | ||
4341fa45 | 2300 | static struct vm_struct *vmlist __initdata; |
92eac168 | 2301 | |
121e6f32 NP |
2302 | static inline unsigned int vm_area_page_order(struct vm_struct *vm) |
2303 | { | |
2304 | #ifdef CONFIG_HAVE_ARCH_HUGE_VMALLOC | |
2305 | return vm->page_order; | |
2306 | #else | |
2307 | return 0; | |
2308 | #endif | |
2309 | } | |
2310 | ||
2311 | static inline void set_vm_area_page_order(struct vm_struct *vm, unsigned int order) | |
2312 | { | |
2313 | #ifdef CONFIG_HAVE_ARCH_HUGE_VMALLOC | |
2314 | vm->page_order = order; | |
2315 | #else | |
2316 | BUG_ON(order != 0); | |
2317 | #endif | |
2318 | } | |
2319 | ||
be9b7335 NP |
2320 | /** |
2321 | * vm_area_add_early - add vmap area early during boot | |
2322 | * @vm: vm_struct to add | |
2323 | * | |
2324 | * This function is used to add fixed kernel vm area to vmlist before | |
2325 | * vmalloc_init() is called. @vm->addr, @vm->size, and @vm->flags | |
2326 | * should contain proper values and the other fields should be zero. | |
2327 | * | |
2328 | * DO NOT USE THIS FUNCTION UNLESS YOU KNOW WHAT YOU'RE DOING. | |
2329 | */ | |
2330 | void __init vm_area_add_early(struct vm_struct *vm) | |
2331 | { | |
2332 | struct vm_struct *tmp, **p; | |
2333 | ||
2334 | BUG_ON(vmap_initialized); | |
2335 | for (p = &vmlist; (tmp = *p) != NULL; p = &tmp->next) { | |
2336 | if (tmp->addr >= vm->addr) { | |
2337 | BUG_ON(tmp->addr < vm->addr + vm->size); | |
2338 | break; | |
2339 | } else | |
2340 | BUG_ON(tmp->addr + tmp->size > vm->addr); | |
2341 | } | |
2342 | vm->next = *p; | |
2343 | *p = vm; | |
2344 | } | |
2345 | ||
f0aa6617 TH |
2346 | /** |
2347 | * vm_area_register_early - register vmap area early during boot | |
2348 | * @vm: vm_struct to register | |
c0c0a293 | 2349 | * @align: requested alignment |
f0aa6617 TH |
2350 | * |
2351 | * This function is used to register kernel vm area before | |
2352 | * vmalloc_init() is called. @vm->size and @vm->flags should contain | |
2353 | * proper values on entry and other fields should be zero. On return, | |
2354 | * vm->addr contains the allocated address. | |
2355 | * | |
2356 | * DO NOT USE THIS FUNCTION UNLESS YOU KNOW WHAT YOU'RE DOING. | |
2357 | */ | |
c0c0a293 | 2358 | void __init vm_area_register_early(struct vm_struct *vm, size_t align) |
f0aa6617 | 2359 | { |
0eb68437 KW |
2360 | unsigned long addr = ALIGN(VMALLOC_START, align); |
2361 | struct vm_struct *cur, **p; | |
c0c0a293 | 2362 | |
0eb68437 | 2363 | BUG_ON(vmap_initialized); |
f0aa6617 | 2364 | |
0eb68437 KW |
2365 | for (p = &vmlist; (cur = *p) != NULL; p = &cur->next) { |
2366 | if ((unsigned long)cur->addr - addr >= vm->size) | |
2367 | break; | |
2368 | addr = ALIGN((unsigned long)cur->addr + cur->size, align); | |
2369 | } | |
f0aa6617 | 2370 | |
0eb68437 KW |
2371 | BUG_ON(addr > VMALLOC_END - vm->size); |
2372 | vm->addr = (void *)addr; | |
2373 | vm->next = *p; | |
2374 | *p = vm; | |
3252b1d8 | 2375 | kasan_populate_early_vm_area_shadow(vm->addr, vm->size); |
f0aa6617 TH |
2376 | } |
2377 | ||
68ad4a33 URS |
2378 | static void vmap_init_free_space(void) |
2379 | { | |
2380 | unsigned long vmap_start = 1; | |
2381 | const unsigned long vmap_end = ULONG_MAX; | |
2382 | struct vmap_area *busy, *free; | |
2383 | ||
2384 | /* | |
2385 | * B F B B B F | |
2386 | * -|-----|.....|-----|-----|-----|.....|- | |
2387 | * | The KVA space | | |
2388 | * |<--------------------------------->| | |
2389 | */ | |
2390 | list_for_each_entry(busy, &vmap_area_list, list) { | |
2391 | if (busy->va_start - vmap_start > 0) { | |
2392 | free = kmem_cache_zalloc(vmap_area_cachep, GFP_NOWAIT); | |
2393 | if (!WARN_ON_ONCE(!free)) { | |
2394 | free->va_start = vmap_start; | |
2395 | free->va_end = busy->va_start; | |
2396 | ||
2397 | insert_vmap_area_augment(free, NULL, | |
2398 | &free_vmap_area_root, | |
2399 | &free_vmap_area_list); | |
2400 | } | |
2401 | } | |
2402 | ||
2403 | vmap_start = busy->va_end; | |
2404 | } | |
2405 | ||
2406 | if (vmap_end - vmap_start > 0) { | |
2407 | free = kmem_cache_zalloc(vmap_area_cachep, GFP_NOWAIT); | |
2408 | if (!WARN_ON_ONCE(!free)) { | |
2409 | free->va_start = vmap_start; | |
2410 | free->va_end = vmap_end; | |
2411 | ||
2412 | insert_vmap_area_augment(free, NULL, | |
2413 | &free_vmap_area_root, | |
2414 | &free_vmap_area_list); | |
2415 | } | |
2416 | } | |
2417 | } | |
2418 | ||
db64fe02 NP |
2419 | void __init vmalloc_init(void) |
2420 | { | |
822c18f2 IK |
2421 | struct vmap_area *va; |
2422 | struct vm_struct *tmp; | |
db64fe02 NP |
2423 | int i; |
2424 | ||
68ad4a33 URS |
2425 | /* |
2426 | * Create the cache for vmap_area objects. | |
2427 | */ | |
2428 | vmap_area_cachep = KMEM_CACHE(vmap_area, SLAB_PANIC); | |
2429 | ||
db64fe02 NP |
2430 | for_each_possible_cpu(i) { |
2431 | struct vmap_block_queue *vbq; | |
32fcfd40 | 2432 | struct vfree_deferred *p; |
db64fe02 NP |
2433 | |
2434 | vbq = &per_cpu(vmap_block_queue, i); | |
2435 | spin_lock_init(&vbq->lock); | |
2436 | INIT_LIST_HEAD(&vbq->free); | |
32fcfd40 AV |
2437 | p = &per_cpu(vfree_deferred, i); |
2438 | init_llist_head(&p->list); | |
2439 | INIT_WORK(&p->wq, free_work); | |
db64fe02 | 2440 | } |
9b463334 | 2441 | |
822c18f2 IK |
2442 | /* Import existing vmlist entries. */ |
2443 | for (tmp = vmlist; tmp; tmp = tmp->next) { | |
68ad4a33 URS |
2444 | va = kmem_cache_zalloc(vmap_area_cachep, GFP_NOWAIT); |
2445 | if (WARN_ON_ONCE(!va)) | |
2446 | continue; | |
2447 | ||
822c18f2 IK |
2448 | va->va_start = (unsigned long)tmp->addr; |
2449 | va->va_end = va->va_start + tmp->size; | |
dbda591d | 2450 | va->vm = tmp; |
68ad4a33 | 2451 | insert_vmap_area(va, &vmap_area_root, &vmap_area_list); |
822c18f2 | 2452 | } |
ca23e405 | 2453 | |
68ad4a33 URS |
2454 | /* |
2455 | * Now we can initialize a free vmap space. | |
2456 | */ | |
2457 | vmap_init_free_space(); | |
9b463334 | 2458 | vmap_initialized = true; |
db64fe02 NP |
2459 | } |
2460 | ||
e36176be URS |
2461 | static inline void setup_vmalloc_vm_locked(struct vm_struct *vm, |
2462 | struct vmap_area *va, unsigned long flags, const void *caller) | |
cf88c790 | 2463 | { |
cf88c790 TH |
2464 | vm->flags = flags; |
2465 | vm->addr = (void *)va->va_start; | |
2466 | vm->size = va->va_end - va->va_start; | |
2467 | vm->caller = caller; | |
db1aecaf | 2468 | va->vm = vm; |
e36176be URS |
2469 | } |
2470 | ||
2471 | static void setup_vmalloc_vm(struct vm_struct *vm, struct vmap_area *va, | |
2472 | unsigned long flags, const void *caller) | |
2473 | { | |
2474 | spin_lock(&vmap_area_lock); | |
2475 | setup_vmalloc_vm_locked(vm, va, flags, caller); | |
c69480ad | 2476 | spin_unlock(&vmap_area_lock); |
f5252e00 | 2477 | } |
cf88c790 | 2478 | |
20fc02b4 | 2479 | static void clear_vm_uninitialized_flag(struct vm_struct *vm) |
f5252e00 | 2480 | { |
d4033afd | 2481 | /* |
20fc02b4 | 2482 | * Before removing VM_UNINITIALIZED, |
d4033afd JK |
2483 | * we should make sure that vm has proper values. |
2484 | * Pair with smp_rmb() in show_numa_info(). | |
2485 | */ | |
2486 | smp_wmb(); | |
20fc02b4 | 2487 | vm->flags &= ~VM_UNINITIALIZED; |
cf88c790 TH |
2488 | } |
2489 | ||
db64fe02 | 2490 | static struct vm_struct *__get_vm_area_node(unsigned long size, |
7ca3027b DA |
2491 | unsigned long align, unsigned long shift, unsigned long flags, |
2492 | unsigned long start, unsigned long end, int node, | |
2493 | gfp_t gfp_mask, const void *caller) | |
db64fe02 | 2494 | { |
0006526d | 2495 | struct vmap_area *va; |
db64fe02 | 2496 | struct vm_struct *area; |
d98c9e83 | 2497 | unsigned long requested_size = size; |
1da177e4 | 2498 | |
52fd24ca | 2499 | BUG_ON(in_interrupt()); |
7ca3027b | 2500 | size = ALIGN(size, 1ul << shift); |
31be8309 OH |
2501 | if (unlikely(!size)) |
2502 | return NULL; | |
1da177e4 | 2503 | |
252e5c6e | 2504 | if (flags & VM_IOREMAP) |
2505 | align = 1ul << clamp_t(int, get_count_order_long(size), | |
2506 | PAGE_SHIFT, IOREMAP_MAX_ORDER); | |
2507 | ||
cf88c790 | 2508 | area = kzalloc_node(sizeof(*area), gfp_mask & GFP_RECLAIM_MASK, node); |
1da177e4 LT |
2509 | if (unlikely(!area)) |
2510 | return NULL; | |
2511 | ||
71394fe5 AR |
2512 | if (!(flags & VM_NO_GUARD)) |
2513 | size += PAGE_SIZE; | |
1da177e4 | 2514 | |
db64fe02 NP |
2515 | va = alloc_vmap_area(size, align, start, end, node, gfp_mask); |
2516 | if (IS_ERR(va)) { | |
2517 | kfree(area); | |
2518 | return NULL; | |
1da177e4 | 2519 | } |
1da177e4 | 2520 | |
d98c9e83 | 2521 | setup_vmalloc_vm(area, va, flags, caller); |
3c5c3cfb | 2522 | |
19f1c3ac AK |
2523 | /* |
2524 | * Mark pages for non-VM_ALLOC mappings as accessible. Do it now as a | |
2525 | * best-effort approach, as they can be mapped outside of vmalloc code. | |
2526 | * For VM_ALLOC mappings, the pages are marked as accessible after | |
2527 | * getting mapped in __vmalloc_node_range(). | |
23689e91 AK |
2528 | * With hardware tag-based KASAN, marking is skipped for |
2529 | * non-VM_ALLOC mappings, see __kasan_unpoison_vmalloc(). | |
19f1c3ac AK |
2530 | */ |
2531 | if (!(flags & VM_ALLOC)) | |
23689e91 | 2532 | area->addr = kasan_unpoison_vmalloc(area->addr, requested_size, |
f6e39794 | 2533 | KASAN_VMALLOC_PROT_NORMAL); |
1d96320f | 2534 | |
1da177e4 | 2535 | return area; |
1da177e4 LT |
2536 | } |
2537 | ||
c2968612 BH |
2538 | struct vm_struct *__get_vm_area_caller(unsigned long size, unsigned long flags, |
2539 | unsigned long start, unsigned long end, | |
5e6cafc8 | 2540 | const void *caller) |
c2968612 | 2541 | { |
7ca3027b DA |
2542 | return __get_vm_area_node(size, 1, PAGE_SHIFT, flags, start, end, |
2543 | NUMA_NO_NODE, GFP_KERNEL, caller); | |
c2968612 BH |
2544 | } |
2545 | ||
1da177e4 | 2546 | /** |
92eac168 MR |
2547 | * get_vm_area - reserve a contiguous kernel virtual area |
2548 | * @size: size of the area | |
2549 | * @flags: %VM_IOREMAP for I/O mappings or VM_ALLOC | |
1da177e4 | 2550 | * |
92eac168 MR |
2551 | * Search an area of @size in the kernel virtual mapping area, |
2552 | * and reserved it for out purposes. Returns the area descriptor | |
2553 | * on success or %NULL on failure. | |
a862f68a MR |
2554 | * |
2555 | * Return: the area descriptor on success or %NULL on failure. | |
1da177e4 LT |
2556 | */ |
2557 | struct vm_struct *get_vm_area(unsigned long size, unsigned long flags) | |
2558 | { | |
7ca3027b DA |
2559 | return __get_vm_area_node(size, 1, PAGE_SHIFT, flags, |
2560 | VMALLOC_START, VMALLOC_END, | |
00ef2d2f DR |
2561 | NUMA_NO_NODE, GFP_KERNEL, |
2562 | __builtin_return_address(0)); | |
23016969 CL |
2563 | } |
2564 | ||
2565 | struct vm_struct *get_vm_area_caller(unsigned long size, unsigned long flags, | |
5e6cafc8 | 2566 | const void *caller) |
23016969 | 2567 | { |
7ca3027b DA |
2568 | return __get_vm_area_node(size, 1, PAGE_SHIFT, flags, |
2569 | VMALLOC_START, VMALLOC_END, | |
00ef2d2f | 2570 | NUMA_NO_NODE, GFP_KERNEL, caller); |
1da177e4 LT |
2571 | } |
2572 | ||
e9da6e99 | 2573 | /** |
92eac168 MR |
2574 | * find_vm_area - find a continuous kernel virtual area |
2575 | * @addr: base address | |
e9da6e99 | 2576 | * |
92eac168 MR |
2577 | * Search for the kernel VM area starting at @addr, and return it. |
2578 | * It is up to the caller to do all required locking to keep the returned | |
2579 | * pointer valid. | |
a862f68a | 2580 | * |
74640617 | 2581 | * Return: the area descriptor on success or %NULL on failure. |
e9da6e99 MS |
2582 | */ |
2583 | struct vm_struct *find_vm_area(const void *addr) | |
83342314 | 2584 | { |
db64fe02 | 2585 | struct vmap_area *va; |
83342314 | 2586 | |
db64fe02 | 2587 | va = find_vmap_area((unsigned long)addr); |
688fcbfc PL |
2588 | if (!va) |
2589 | return NULL; | |
1da177e4 | 2590 | |
688fcbfc | 2591 | return va->vm; |
1da177e4 LT |
2592 | } |
2593 | ||
7856dfeb | 2594 | /** |
92eac168 MR |
2595 | * remove_vm_area - find and remove a continuous kernel virtual area |
2596 | * @addr: base address | |
7856dfeb | 2597 | * |
92eac168 MR |
2598 | * Search for the kernel VM area starting at @addr, and remove it. |
2599 | * This function returns the found VM area, but using it is NOT safe | |
2600 | * on SMP machines, except for its size or flags. | |
a862f68a | 2601 | * |
74640617 | 2602 | * Return: the area descriptor on success or %NULL on failure. |
7856dfeb | 2603 | */ |
b3bdda02 | 2604 | struct vm_struct *remove_vm_area(const void *addr) |
7856dfeb | 2605 | { |
db64fe02 NP |
2606 | struct vmap_area *va; |
2607 | ||
5803ed29 CH |
2608 | might_sleep(); |
2609 | ||
dd3b8353 | 2610 | spin_lock(&vmap_area_lock); |
899c6efe | 2611 | va = __find_vmap_area((unsigned long)addr, &vmap_area_root); |
688fcbfc | 2612 | if (va && va->vm) { |
db1aecaf | 2613 | struct vm_struct *vm = va->vm; |
f5252e00 | 2614 | |
c69480ad | 2615 | va->vm = NULL; |
c69480ad JK |
2616 | spin_unlock(&vmap_area_lock); |
2617 | ||
63840de2 | 2618 | kasan_free_module_shadow(vm); |
dd32c279 | 2619 | free_unmap_vmap_area(va); |
dd32c279 | 2620 | |
db64fe02 NP |
2621 | return vm; |
2622 | } | |
dd3b8353 URS |
2623 | |
2624 | spin_unlock(&vmap_area_lock); | |
db64fe02 | 2625 | return NULL; |
7856dfeb AK |
2626 | } |
2627 | ||
868b104d RE |
2628 | static inline void set_area_direct_map(const struct vm_struct *area, |
2629 | int (*set_direct_map)(struct page *page)) | |
2630 | { | |
2631 | int i; | |
2632 | ||
121e6f32 | 2633 | /* HUGE_VMALLOC passes small pages to set_direct_map */ |
868b104d RE |
2634 | for (i = 0; i < area->nr_pages; i++) |
2635 | if (page_address(area->pages[i])) | |
2636 | set_direct_map(area->pages[i]); | |
2637 | } | |
2638 | ||
2639 | /* Handle removing and resetting vm mappings related to the vm_struct. */ | |
2640 | static void vm_remove_mappings(struct vm_struct *area, int deallocate_pages) | |
2641 | { | |
868b104d | 2642 | unsigned long start = ULONG_MAX, end = 0; |
121e6f32 | 2643 | unsigned int page_order = vm_area_page_order(area); |
868b104d | 2644 | int flush_reset = area->flags & VM_FLUSH_RESET_PERMS; |
31e67340 | 2645 | int flush_dmap = 0; |
868b104d RE |
2646 | int i; |
2647 | ||
868b104d RE |
2648 | remove_vm_area(area->addr); |
2649 | ||
2650 | /* If this is not VM_FLUSH_RESET_PERMS memory, no need for the below. */ | |
2651 | if (!flush_reset) | |
2652 | return; | |
2653 | ||
2654 | /* | |
2655 | * If not deallocating pages, just do the flush of the VM area and | |
2656 | * return. | |
2657 | */ | |
2658 | if (!deallocate_pages) { | |
2659 | vm_unmap_aliases(); | |
2660 | return; | |
2661 | } | |
2662 | ||
2663 | /* | |
2664 | * If execution gets here, flush the vm mapping and reset the direct | |
2665 | * map. Find the start and end range of the direct mappings to make sure | |
2666 | * the vm_unmap_aliases() flush includes the direct map. | |
2667 | */ | |
121e6f32 | 2668 | for (i = 0; i < area->nr_pages; i += 1U << page_order) { |
8e41f872 RE |
2669 | unsigned long addr = (unsigned long)page_address(area->pages[i]); |
2670 | if (addr) { | |
121e6f32 NP |
2671 | unsigned long page_size; |
2672 | ||
2673 | page_size = PAGE_SIZE << page_order; | |
868b104d | 2674 | start = min(addr, start); |
121e6f32 | 2675 | end = max(addr + page_size, end); |
31e67340 | 2676 | flush_dmap = 1; |
868b104d RE |
2677 | } |
2678 | } | |
2679 | ||
2680 | /* | |
2681 | * Set direct map to something invalid so that it won't be cached if | |
2682 | * there are any accesses after the TLB flush, then flush the TLB and | |
2683 | * reset the direct map permissions to the default. | |
2684 | */ | |
2685 | set_area_direct_map(area, set_direct_map_invalid_noflush); | |
31e67340 | 2686 | _vm_unmap_aliases(start, end, flush_dmap); |
868b104d RE |
2687 | set_area_direct_map(area, set_direct_map_default_noflush); |
2688 | } | |
2689 | ||
b3bdda02 | 2690 | static void __vunmap(const void *addr, int deallocate_pages) |
1da177e4 LT |
2691 | { |
2692 | struct vm_struct *area; | |
2693 | ||
2694 | if (!addr) | |
2695 | return; | |
2696 | ||
e69e9d4a | 2697 | if (WARN(!PAGE_ALIGNED(addr), "Trying to vfree() bad address (%p)\n", |
ab15d9b4 | 2698 | addr)) |
1da177e4 | 2699 | return; |
1da177e4 | 2700 | |
6ade2032 | 2701 | area = find_vm_area(addr); |
1da177e4 | 2702 | if (unlikely(!area)) { |
4c8573e2 | 2703 | WARN(1, KERN_ERR "Trying to vfree() nonexistent vm area (%p)\n", |
1da177e4 | 2704 | addr); |
1da177e4 LT |
2705 | return; |
2706 | } | |
2707 | ||
05e3ff95 CP |
2708 | debug_check_no_locks_freed(area->addr, get_vm_area_size(area)); |
2709 | debug_check_no_obj_freed(area->addr, get_vm_area_size(area)); | |
9a11b49a | 2710 | |
c041098c | 2711 | kasan_poison_vmalloc(area->addr, get_vm_area_size(area)); |
3c5c3cfb | 2712 | |
868b104d RE |
2713 | vm_remove_mappings(area, deallocate_pages); |
2714 | ||
1da177e4 | 2715 | if (deallocate_pages) { |
3b8000ae | 2716 | int i; |
1da177e4 | 2717 | |
3b8000ae | 2718 | for (i = 0; i < area->nr_pages; i++) { |
bf53d6f8 CL |
2719 | struct page *page = area->pages[i]; |
2720 | ||
2721 | BUG_ON(!page); | |
3b8000ae NP |
2722 | mod_memcg_page_state(page, MEMCG_VMALLOC, -1); |
2723 | /* | |
2724 | * High-order allocs for huge vmallocs are split, so | |
2725 | * can be freed as an array of order-0 allocations | |
2726 | */ | |
2727 | __free_pages(page, 0); | |
a850e932 | 2728 | cond_resched(); |
1da177e4 | 2729 | } |
97105f0a | 2730 | atomic_long_sub(area->nr_pages, &nr_vmalloc_pages); |
1da177e4 | 2731 | |
244d63ee | 2732 | kvfree(area->pages); |
1da177e4 LT |
2733 | } |
2734 | ||
2735 | kfree(area); | |
1da177e4 | 2736 | } |
bf22e37a AR |
2737 | |
2738 | static inline void __vfree_deferred(const void *addr) | |
2739 | { | |
2740 | /* | |
2741 | * Use raw_cpu_ptr() because this can be called from preemptible | |
2742 | * context. Preemption is absolutely fine here, because the llist_add() | |
2743 | * implementation is lockless, so it works even if we are adding to | |
73221d88 | 2744 | * another cpu's list. schedule_work() should be fine with this too. |
bf22e37a AR |
2745 | */ |
2746 | struct vfree_deferred *p = raw_cpu_ptr(&vfree_deferred); | |
2747 | ||
2748 | if (llist_add((struct llist_node *)addr, &p->list)) | |
2749 | schedule_work(&p->wq); | |
2750 | } | |
2751 | ||
2752 | /** | |
92eac168 MR |
2753 | * vfree_atomic - release memory allocated by vmalloc() |
2754 | * @addr: memory base address | |
bf22e37a | 2755 | * |
92eac168 MR |
2756 | * This one is just like vfree() but can be called in any atomic context |
2757 | * except NMIs. | |
bf22e37a AR |
2758 | */ |
2759 | void vfree_atomic(const void *addr) | |
2760 | { | |
2761 | BUG_ON(in_nmi()); | |
2762 | ||
2763 | kmemleak_free(addr); | |
2764 | ||
2765 | if (!addr) | |
2766 | return; | |
2767 | __vfree_deferred(addr); | |
2768 | } | |
2769 | ||
c67dc624 RP |
2770 | static void __vfree(const void *addr) |
2771 | { | |
2772 | if (unlikely(in_interrupt())) | |
2773 | __vfree_deferred(addr); | |
2774 | else | |
2775 | __vunmap(addr, 1); | |
2776 | } | |
2777 | ||
1da177e4 | 2778 | /** |
fa307474 MWO |
2779 | * vfree - Release memory allocated by vmalloc() |
2780 | * @addr: Memory base address | |
1da177e4 | 2781 | * |
fa307474 MWO |
2782 | * Free the virtually continuous memory area starting at @addr, as obtained |
2783 | * from one of the vmalloc() family of APIs. This will usually also free the | |
2784 | * physical memory underlying the virtual allocation, but that memory is | |
2785 | * reference counted, so it will not be freed until the last user goes away. | |
1da177e4 | 2786 | * |
fa307474 | 2787 | * If @addr is NULL, no operation is performed. |
c9fcee51 | 2788 | * |
fa307474 | 2789 | * Context: |
92eac168 | 2790 | * May sleep if called *not* from interrupt context. |
fa307474 MWO |
2791 | * Must not be called in NMI context (strictly speaking, it could be |
2792 | * if we have CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG, but making the calling | |
f0953a1b | 2793 | * conventions for vfree() arch-dependent would be a really bad idea). |
1da177e4 | 2794 | */ |
b3bdda02 | 2795 | void vfree(const void *addr) |
1da177e4 | 2796 | { |
32fcfd40 | 2797 | BUG_ON(in_nmi()); |
89219d37 CM |
2798 | |
2799 | kmemleak_free(addr); | |
2800 | ||
a8dda165 AR |
2801 | might_sleep_if(!in_interrupt()); |
2802 | ||
32fcfd40 AV |
2803 | if (!addr) |
2804 | return; | |
c67dc624 RP |
2805 | |
2806 | __vfree(addr); | |
1da177e4 | 2807 | } |
1da177e4 LT |
2808 | EXPORT_SYMBOL(vfree); |
2809 | ||
2810 | /** | |
92eac168 MR |
2811 | * vunmap - release virtual mapping obtained by vmap() |
2812 | * @addr: memory base address | |
1da177e4 | 2813 | * |
92eac168 MR |
2814 | * Free the virtually contiguous memory area starting at @addr, |
2815 | * which was created from the page array passed to vmap(). | |
1da177e4 | 2816 | * |
92eac168 | 2817 | * Must not be called in interrupt context. |
1da177e4 | 2818 | */ |
b3bdda02 | 2819 | void vunmap(const void *addr) |
1da177e4 LT |
2820 | { |
2821 | BUG_ON(in_interrupt()); | |
34754b69 | 2822 | might_sleep(); |
32fcfd40 AV |
2823 | if (addr) |
2824 | __vunmap(addr, 0); | |
1da177e4 | 2825 | } |
1da177e4 LT |
2826 | EXPORT_SYMBOL(vunmap); |
2827 | ||
2828 | /** | |
92eac168 MR |
2829 | * vmap - map an array of pages into virtually contiguous space |
2830 | * @pages: array of page pointers | |
2831 | * @count: number of pages to map | |
2832 | * @flags: vm_area->flags | |
2833 | * @prot: page protection for the mapping | |
2834 | * | |
b944afc9 CH |
2835 | * Maps @count pages from @pages into contiguous kernel virtual space. |
2836 | * If @flags contains %VM_MAP_PUT_PAGES the ownership of the pages array itself | |
2837 | * (which must be kmalloc or vmalloc memory) and one reference per pages in it | |
2838 | * are transferred from the caller to vmap(), and will be freed / dropped when | |
2839 | * vfree() is called on the return value. | |
a862f68a MR |
2840 | * |
2841 | * Return: the address of the area or %NULL on failure | |
1da177e4 LT |
2842 | */ |
2843 | void *vmap(struct page **pages, unsigned int count, | |
92eac168 | 2844 | unsigned long flags, pgprot_t prot) |
1da177e4 LT |
2845 | { |
2846 | struct vm_struct *area; | |
b67177ec | 2847 | unsigned long addr; |
65ee03c4 | 2848 | unsigned long size; /* In bytes */ |
1da177e4 | 2849 | |
34754b69 PZ |
2850 | might_sleep(); |
2851 | ||
bd1a8fb2 PZ |
2852 | /* |
2853 | * Your top guard is someone else's bottom guard. Not having a top | |
2854 | * guard compromises someone else's mappings too. | |
2855 | */ | |
2856 | if (WARN_ON_ONCE(flags & VM_NO_GUARD)) | |
2857 | flags &= ~VM_NO_GUARD; | |
2858 | ||
ca79b0c2 | 2859 | if (count > totalram_pages()) |
1da177e4 LT |
2860 | return NULL; |
2861 | ||
65ee03c4 GJM |
2862 | size = (unsigned long)count << PAGE_SHIFT; |
2863 | area = get_vm_area_caller(size, flags, __builtin_return_address(0)); | |
1da177e4 LT |
2864 | if (!area) |
2865 | return NULL; | |
23016969 | 2866 | |
b67177ec NP |
2867 | addr = (unsigned long)area->addr; |
2868 | if (vmap_pages_range(addr, addr + size, pgprot_nx(prot), | |
2869 | pages, PAGE_SHIFT) < 0) { | |
1da177e4 LT |
2870 | vunmap(area->addr); |
2871 | return NULL; | |
2872 | } | |
2873 | ||
c22ee528 | 2874 | if (flags & VM_MAP_PUT_PAGES) { |
b944afc9 | 2875 | area->pages = pages; |
c22ee528 ML |
2876 | area->nr_pages = count; |
2877 | } | |
1da177e4 LT |
2878 | return area->addr; |
2879 | } | |
1da177e4 LT |
2880 | EXPORT_SYMBOL(vmap); |
2881 | ||
3e9a9e25 CH |
2882 | #ifdef CONFIG_VMAP_PFN |
2883 | struct vmap_pfn_data { | |
2884 | unsigned long *pfns; | |
2885 | pgprot_t prot; | |
2886 | unsigned int idx; | |
2887 | }; | |
2888 | ||
2889 | static int vmap_pfn_apply(pte_t *pte, unsigned long addr, void *private) | |
2890 | { | |
2891 | struct vmap_pfn_data *data = private; | |
2892 | ||
2893 | if (WARN_ON_ONCE(pfn_valid(data->pfns[data->idx]))) | |
2894 | return -EINVAL; | |
2895 | *pte = pte_mkspecial(pfn_pte(data->pfns[data->idx++], data->prot)); | |
2896 | return 0; | |
2897 | } | |
2898 | ||
2899 | /** | |
2900 | * vmap_pfn - map an array of PFNs into virtually contiguous space | |
2901 | * @pfns: array of PFNs | |
2902 | * @count: number of pages to map | |
2903 | * @prot: page protection for the mapping | |
2904 | * | |
2905 | * Maps @count PFNs from @pfns into contiguous kernel virtual space and returns | |
2906 | * the start address of the mapping. | |
2907 | */ | |
2908 | void *vmap_pfn(unsigned long *pfns, unsigned int count, pgprot_t prot) | |
2909 | { | |
2910 | struct vmap_pfn_data data = { .pfns = pfns, .prot = pgprot_nx(prot) }; | |
2911 | struct vm_struct *area; | |
2912 | ||
2913 | area = get_vm_area_caller(count * PAGE_SIZE, VM_IOREMAP, | |
2914 | __builtin_return_address(0)); | |
2915 | if (!area) | |
2916 | return NULL; | |
2917 | if (apply_to_page_range(&init_mm, (unsigned long)area->addr, | |
2918 | count * PAGE_SIZE, vmap_pfn_apply, &data)) { | |
2919 | free_vm_area(area); | |
2920 | return NULL; | |
2921 | } | |
2922 | return area->addr; | |
2923 | } | |
2924 | EXPORT_SYMBOL_GPL(vmap_pfn); | |
2925 | #endif /* CONFIG_VMAP_PFN */ | |
2926 | ||
12b9f873 UR |
2927 | static inline unsigned int |
2928 | vm_area_alloc_pages(gfp_t gfp, int nid, | |
343ab817 | 2929 | unsigned int order, unsigned int nr_pages, struct page **pages) |
12b9f873 UR |
2930 | { |
2931 | unsigned int nr_allocated = 0; | |
ffb29b1c CW |
2932 | struct page *page; |
2933 | int i; | |
12b9f873 UR |
2934 | |
2935 | /* | |
2936 | * For order-0 pages we make use of bulk allocator, if | |
2937 | * the page array is partly or not at all populated due | |
2938 | * to fails, fallback to a single page allocator that is | |
2939 | * more permissive. | |
2940 | */ | |
c00b6b96 | 2941 | if (!order) { |
9376130c MH |
2942 | gfp_t bulk_gfp = gfp & ~__GFP_NOFAIL; |
2943 | ||
343ab817 URS |
2944 | while (nr_allocated < nr_pages) { |
2945 | unsigned int nr, nr_pages_request; | |
2946 | ||
2947 | /* | |
2948 | * A maximum allowed request is hard-coded and is 100 | |
2949 | * pages per call. That is done in order to prevent a | |
2950 | * long preemption off scenario in the bulk-allocator | |
2951 | * so the range is [1:100]. | |
2952 | */ | |
2953 | nr_pages_request = min(100U, nr_pages - nr_allocated); | |
2954 | ||
c00b6b96 CW |
2955 | /* memory allocation should consider mempolicy, we can't |
2956 | * wrongly use nearest node when nid == NUMA_NO_NODE, | |
2957 | * otherwise memory may be allocated in only one node, | |
98af39d5 | 2958 | * but mempolicy wants to alloc memory by interleaving. |
c00b6b96 CW |
2959 | */ |
2960 | if (IS_ENABLED(CONFIG_NUMA) && nid == NUMA_NO_NODE) | |
9376130c | 2961 | nr = alloc_pages_bulk_array_mempolicy(bulk_gfp, |
c00b6b96 CW |
2962 | nr_pages_request, |
2963 | pages + nr_allocated); | |
2964 | ||
2965 | else | |
9376130c | 2966 | nr = alloc_pages_bulk_array_node(bulk_gfp, nid, |
c00b6b96 CW |
2967 | nr_pages_request, |
2968 | pages + nr_allocated); | |
343ab817 URS |
2969 | |
2970 | nr_allocated += nr; | |
2971 | cond_resched(); | |
2972 | ||
2973 | /* | |
2974 | * If zero or pages were obtained partly, | |
2975 | * fallback to a single page allocator. | |
2976 | */ | |
2977 | if (nr != nr_pages_request) | |
2978 | break; | |
2979 | } | |
3b8000ae | 2980 | } |
12b9f873 UR |
2981 | |
2982 | /* High-order pages or fallback path if "bulk" fails. */ | |
12b9f873 | 2983 | |
ffb29b1c | 2984 | while (nr_allocated < nr_pages) { |
dd544141 VA |
2985 | if (fatal_signal_pending(current)) |
2986 | break; | |
2987 | ||
ffb29b1c CW |
2988 | if (nid == NUMA_NO_NODE) |
2989 | page = alloc_pages(gfp, order); | |
2990 | else | |
2991 | page = alloc_pages_node(nid, gfp, order); | |
12b9f873 UR |
2992 | if (unlikely(!page)) |
2993 | break; | |
3b8000ae NP |
2994 | /* |
2995 | * Higher order allocations must be able to be treated as | |
2996 | * indepdenent small pages by callers (as they can with | |
2997 | * small-page vmallocs). Some drivers do their own refcounting | |
2998 | * on vmalloc_to_page() pages, some use page->mapping, | |
2999 | * page->lru, etc. | |
3000 | */ | |
3001 | if (order) | |
3002 | split_page(page, order); | |
12b9f873 UR |
3003 | |
3004 | /* | |
3005 | * Careful, we allocate and map page-order pages, but | |
3006 | * tracking is done per PAGE_SIZE page so as to keep the | |
3007 | * vm_struct APIs independent of the physical/mapped size. | |
3008 | */ | |
3009 | for (i = 0; i < (1U << order); i++) | |
3010 | pages[nr_allocated + i] = page + i; | |
3011 | ||
12e376a6 | 3012 | cond_resched(); |
12b9f873 UR |
3013 | nr_allocated += 1U << order; |
3014 | } | |
3015 | ||
3016 | return nr_allocated; | |
3017 | } | |
3018 | ||
e31d9eb5 | 3019 | static void *__vmalloc_area_node(struct vm_struct *area, gfp_t gfp_mask, |
121e6f32 NP |
3020 | pgprot_t prot, unsigned int page_shift, |
3021 | int node) | |
1da177e4 | 3022 | { |
930f036b | 3023 | const gfp_t nested_gfp = (gfp_mask & GFP_RECLAIM_MASK) | __GFP_ZERO; |
9376130c | 3024 | bool nofail = gfp_mask & __GFP_NOFAIL; |
121e6f32 NP |
3025 | unsigned long addr = (unsigned long)area->addr; |
3026 | unsigned long size = get_vm_area_size(area); | |
34fe6537 | 3027 | unsigned long array_size; |
121e6f32 NP |
3028 | unsigned int nr_small_pages = size >> PAGE_SHIFT; |
3029 | unsigned int page_order; | |
451769eb MH |
3030 | unsigned int flags; |
3031 | int ret; | |
1da177e4 | 3032 | |
121e6f32 | 3033 | array_size = (unsigned long)nr_small_pages * sizeof(struct page *); |
f255935b CH |
3034 | gfp_mask |= __GFP_NOWARN; |
3035 | if (!(gfp_mask & (GFP_DMA | GFP_DMA32))) | |
3036 | gfp_mask |= __GFP_HIGHMEM; | |
1da177e4 | 3037 | |
1da177e4 | 3038 | /* Please note that the recursion is strictly bounded. */ |
8757d5fa | 3039 | if (array_size > PAGE_SIZE) { |
5c1f4e69 | 3040 | area->pages = __vmalloc_node(array_size, 1, nested_gfp, node, |
f255935b | 3041 | area->caller); |
286e1ea3 | 3042 | } else { |
5c1f4e69 | 3043 | area->pages = kmalloc_node(array_size, nested_gfp, node); |
286e1ea3 | 3044 | } |
7ea36242 | 3045 | |
5c1f4e69 | 3046 | if (!area->pages) { |
c3d77172 | 3047 | warn_alloc(gfp_mask, NULL, |
f4bdfeaf URS |
3048 | "vmalloc error: size %lu, failed to allocated page array size %lu", |
3049 | nr_small_pages * PAGE_SIZE, array_size); | |
cd61413b | 3050 | free_vm_area(area); |
1da177e4 LT |
3051 | return NULL; |
3052 | } | |
1da177e4 | 3053 | |
121e6f32 | 3054 | set_vm_area_page_order(area, page_shift - PAGE_SHIFT); |
121e6f32 | 3055 | page_order = vm_area_page_order(area); |
bf53d6f8 | 3056 | |
c3d77172 URS |
3057 | area->nr_pages = vm_area_alloc_pages(gfp_mask | __GFP_NOWARN, |
3058 | node, page_order, nr_small_pages, area->pages); | |
5c1f4e69 | 3059 | |
97105f0a | 3060 | atomic_long_add(area->nr_pages, &nr_vmalloc_pages); |
4e5aa1f4 | 3061 | if (gfp_mask & __GFP_ACCOUNT) { |
3b8000ae | 3062 | int i; |
4e5aa1f4 | 3063 | |
3b8000ae NP |
3064 | for (i = 0; i < area->nr_pages; i++) |
3065 | mod_memcg_page_state(area->pages[i], MEMCG_VMALLOC, 1); | |
4e5aa1f4 | 3066 | } |
1da177e4 | 3067 | |
5c1f4e69 URS |
3068 | /* |
3069 | * If not enough pages were obtained to accomplish an | |
3070 | * allocation request, free them via __vfree() if any. | |
3071 | */ | |
3072 | if (area->nr_pages != nr_small_pages) { | |
c3d77172 | 3073 | warn_alloc(gfp_mask, NULL, |
f4bdfeaf | 3074 | "vmalloc error: size %lu, page order %u, failed to allocate pages", |
5c1f4e69 URS |
3075 | area->nr_pages * PAGE_SIZE, page_order); |
3076 | goto fail; | |
3077 | } | |
3078 | ||
451769eb MH |
3079 | /* |
3080 | * page tables allocations ignore external gfp mask, enforce it | |
3081 | * by the scope API | |
3082 | */ | |
3083 | if ((gfp_mask & (__GFP_FS | __GFP_IO)) == __GFP_IO) | |
3084 | flags = memalloc_nofs_save(); | |
3085 | else if ((gfp_mask & (__GFP_FS | __GFP_IO)) == 0) | |
3086 | flags = memalloc_noio_save(); | |
3087 | ||
9376130c MH |
3088 | do { |
3089 | ret = vmap_pages_range(addr, addr + size, prot, area->pages, | |
451769eb | 3090 | page_shift); |
9376130c MH |
3091 | if (nofail && (ret < 0)) |
3092 | schedule_timeout_uninterruptible(1); | |
3093 | } while (nofail && (ret < 0)); | |
451769eb MH |
3094 | |
3095 | if ((gfp_mask & (__GFP_FS | __GFP_IO)) == __GFP_IO) | |
3096 | memalloc_nofs_restore(flags); | |
3097 | else if ((gfp_mask & (__GFP_FS | __GFP_IO)) == 0) | |
3098 | memalloc_noio_restore(flags); | |
3099 | ||
3100 | if (ret < 0) { | |
c3d77172 | 3101 | warn_alloc(gfp_mask, NULL, |
f4bdfeaf URS |
3102 | "vmalloc error: size %lu, failed to map pages", |
3103 | area->nr_pages * PAGE_SIZE); | |
1da177e4 | 3104 | goto fail; |
d70bec8c | 3105 | } |
ed1f324c | 3106 | |
1da177e4 LT |
3107 | return area->addr; |
3108 | ||
3109 | fail: | |
c67dc624 | 3110 | __vfree(area->addr); |
1da177e4 LT |
3111 | return NULL; |
3112 | } | |
3113 | ||
3114 | /** | |
92eac168 MR |
3115 | * __vmalloc_node_range - allocate virtually contiguous memory |
3116 | * @size: allocation size | |
3117 | * @align: desired alignment | |
3118 | * @start: vm area range start | |
3119 | * @end: vm area range end | |
3120 | * @gfp_mask: flags for the page level allocator | |
3121 | * @prot: protection mask for the allocated pages | |
3122 | * @vm_flags: additional vm area flags (e.g. %VM_NO_GUARD) | |
3123 | * @node: node to use for allocation or NUMA_NO_NODE | |
3124 | * @caller: caller's return address | |
3125 | * | |
3126 | * Allocate enough pages to cover @size from the page level | |
b7d90e7a | 3127 | * allocator with @gfp_mask flags. Please note that the full set of gfp |
30d3f011 MH |
3128 | * flags are not supported. GFP_KERNEL, GFP_NOFS and GFP_NOIO are all |
3129 | * supported. | |
3130 | * Zone modifiers are not supported. From the reclaim modifiers | |
3131 | * __GFP_DIRECT_RECLAIM is required (aka GFP_NOWAIT is not supported) | |
3132 | * and only __GFP_NOFAIL is supported (i.e. __GFP_NORETRY and | |
3133 | * __GFP_RETRY_MAYFAIL are not supported). | |
3134 | * | |
3135 | * __GFP_NOWARN can be used to suppress failures messages. | |
b7d90e7a MH |
3136 | * |
3137 | * Map them into contiguous kernel virtual space, using a pagetable | |
3138 | * protection of @prot. | |
a862f68a MR |
3139 | * |
3140 | * Return: the address of the area or %NULL on failure | |
1da177e4 | 3141 | */ |
d0a21265 DR |
3142 | void *__vmalloc_node_range(unsigned long size, unsigned long align, |
3143 | unsigned long start, unsigned long end, gfp_t gfp_mask, | |
cb9e3c29 AR |
3144 | pgprot_t prot, unsigned long vm_flags, int node, |
3145 | const void *caller) | |
1da177e4 LT |
3146 | { |
3147 | struct vm_struct *area; | |
19f1c3ac | 3148 | void *ret; |
f6e39794 | 3149 | kasan_vmalloc_flags_t kasan_flags = KASAN_VMALLOC_NONE; |
89219d37 | 3150 | unsigned long real_size = size; |
121e6f32 NP |
3151 | unsigned long real_align = align; |
3152 | unsigned int shift = PAGE_SHIFT; | |
1da177e4 | 3153 | |
d70bec8c NP |
3154 | if (WARN_ON_ONCE(!size)) |
3155 | return NULL; | |
3156 | ||
3157 | if ((size >> PAGE_SHIFT) > totalram_pages()) { | |
3158 | warn_alloc(gfp_mask, NULL, | |
f4bdfeaf URS |
3159 | "vmalloc error: size %lu, exceeds total pages", |
3160 | real_size); | |
d70bec8c | 3161 | return NULL; |
121e6f32 NP |
3162 | } |
3163 | ||
559089e0 | 3164 | if (vmap_allow_huge && (vm_flags & VM_ALLOW_HUGE_VMAP)) { |
121e6f32 | 3165 | unsigned long size_per_node; |
1da177e4 | 3166 | |
121e6f32 NP |
3167 | /* |
3168 | * Try huge pages. Only try for PAGE_KERNEL allocations, | |
3169 | * others like modules don't yet expect huge pages in | |
3170 | * their allocations due to apply_to_page_range not | |
3171 | * supporting them. | |
3172 | */ | |
3173 | ||
3174 | size_per_node = size; | |
3175 | if (node == NUMA_NO_NODE) | |
3176 | size_per_node /= num_online_nodes(); | |
3382bbee | 3177 | if (arch_vmap_pmd_supported(prot) && size_per_node >= PMD_SIZE) |
121e6f32 | 3178 | shift = PMD_SHIFT; |
3382bbee CL |
3179 | else |
3180 | shift = arch_vmap_pte_supported_shift(size_per_node); | |
3181 | ||
3182 | align = max(real_align, 1UL << shift); | |
3183 | size = ALIGN(real_size, 1UL << shift); | |
121e6f32 NP |
3184 | } |
3185 | ||
3186 | again: | |
7ca3027b DA |
3187 | area = __get_vm_area_node(real_size, align, shift, VM_ALLOC | |
3188 | VM_UNINITIALIZED | vm_flags, start, end, node, | |
3189 | gfp_mask, caller); | |
d70bec8c | 3190 | if (!area) { |
9376130c | 3191 | bool nofail = gfp_mask & __GFP_NOFAIL; |
d70bec8c | 3192 | warn_alloc(gfp_mask, NULL, |
9376130c MH |
3193 | "vmalloc error: size %lu, vm_struct allocation failed%s", |
3194 | real_size, (nofail) ? ". Retrying." : ""); | |
3195 | if (nofail) { | |
3196 | schedule_timeout_uninterruptible(1); | |
3197 | goto again; | |
3198 | } | |
de7d2b56 | 3199 | goto fail; |
d70bec8c | 3200 | } |
1da177e4 | 3201 | |
f6e39794 AK |
3202 | /* |
3203 | * Prepare arguments for __vmalloc_area_node() and | |
3204 | * kasan_unpoison_vmalloc(). | |
3205 | */ | |
3206 | if (pgprot_val(prot) == pgprot_val(PAGE_KERNEL)) { | |
3207 | if (kasan_hw_tags_enabled()) { | |
3208 | /* | |
3209 | * Modify protection bits to allow tagging. | |
3210 | * This must be done before mapping. | |
3211 | */ | |
3212 | prot = arch_vmap_pgprot_tagged(prot); | |
01d92c7f | 3213 | |
f6e39794 AK |
3214 | /* |
3215 | * Skip page_alloc poisoning and zeroing for physical | |
3216 | * pages backing VM_ALLOC mapping. Memory is instead | |
3217 | * poisoned and zeroed by kasan_unpoison_vmalloc(). | |
3218 | */ | |
3219 | gfp_mask |= __GFP_SKIP_KASAN_UNPOISON | __GFP_SKIP_ZERO; | |
3220 | } | |
3221 | ||
3222 | /* Take note that the mapping is PAGE_KERNEL. */ | |
3223 | kasan_flags |= KASAN_VMALLOC_PROT_NORMAL; | |
23689e91 AK |
3224 | } |
3225 | ||
01d92c7f | 3226 | /* Allocate physical pages and map them into vmalloc space. */ |
19f1c3ac AK |
3227 | ret = __vmalloc_area_node(area, gfp_mask, prot, shift, node); |
3228 | if (!ret) | |
121e6f32 | 3229 | goto fail; |
89219d37 | 3230 | |
23689e91 AK |
3231 | /* |
3232 | * Mark the pages as accessible, now that they are mapped. | |
6c2f761d AK |
3233 | * The condition for setting KASAN_VMALLOC_INIT should complement the |
3234 | * one in post_alloc_hook() with regards to the __GFP_SKIP_ZERO check | |
3235 | * to make sure that memory is initialized under the same conditions. | |
f6e39794 AK |
3236 | * Tag-based KASAN modes only assign tags to normal non-executable |
3237 | * allocations, see __kasan_unpoison_vmalloc(). | |
23689e91 | 3238 | */ |
f6e39794 | 3239 | kasan_flags |= KASAN_VMALLOC_VM_ALLOC; |
6c2f761d AK |
3240 | if (!want_init_on_free() && want_init_on_alloc(gfp_mask) && |
3241 | (gfp_mask & __GFP_SKIP_ZERO)) | |
23689e91 | 3242 | kasan_flags |= KASAN_VMALLOC_INIT; |
f6e39794 | 3243 | /* KASAN_VMALLOC_PROT_NORMAL already set if required. */ |
23689e91 | 3244 | area->addr = kasan_unpoison_vmalloc(area->addr, real_size, kasan_flags); |
19f1c3ac | 3245 | |
f5252e00 | 3246 | /* |
20fc02b4 ZY |
3247 | * In this function, newly allocated vm_struct has VM_UNINITIALIZED |
3248 | * flag. It means that vm_struct is not fully initialized. | |
4341fa45 | 3249 | * Now, it is fully initialized, so remove this flag here. |
f5252e00 | 3250 | */ |
20fc02b4 | 3251 | clear_vm_uninitialized_flag(area); |
f5252e00 | 3252 | |
7ca3027b | 3253 | size = PAGE_ALIGN(size); |
60115fa5 KW |
3254 | if (!(vm_flags & VM_DEFER_KMEMLEAK)) |
3255 | kmemleak_vmalloc(area, size, gfp_mask); | |
89219d37 | 3256 | |
19f1c3ac | 3257 | return area->addr; |
de7d2b56 JP |
3258 | |
3259 | fail: | |
121e6f32 NP |
3260 | if (shift > PAGE_SHIFT) { |
3261 | shift = PAGE_SHIFT; | |
3262 | align = real_align; | |
3263 | size = real_size; | |
3264 | goto again; | |
3265 | } | |
3266 | ||
de7d2b56 | 3267 | return NULL; |
1da177e4 LT |
3268 | } |
3269 | ||
d0a21265 | 3270 | /** |
92eac168 MR |
3271 | * __vmalloc_node - allocate virtually contiguous memory |
3272 | * @size: allocation size | |
3273 | * @align: desired alignment | |
3274 | * @gfp_mask: flags for the page level allocator | |
92eac168 MR |
3275 | * @node: node to use for allocation or NUMA_NO_NODE |
3276 | * @caller: caller's return address | |
a7c3e901 | 3277 | * |
f38fcb9c CH |
3278 | * Allocate enough pages to cover @size from the page level allocator with |
3279 | * @gfp_mask flags. Map them into contiguous kernel virtual space. | |
a7c3e901 | 3280 | * |
92eac168 MR |
3281 | * Reclaim modifiers in @gfp_mask - __GFP_NORETRY, __GFP_RETRY_MAYFAIL |
3282 | * and __GFP_NOFAIL are not supported | |
a7c3e901 | 3283 | * |
92eac168 MR |
3284 | * Any use of gfp flags outside of GFP_KERNEL should be consulted |
3285 | * with mm people. | |
a862f68a MR |
3286 | * |
3287 | * Return: pointer to the allocated memory or %NULL on error | |
d0a21265 | 3288 | */ |
2b905948 | 3289 | void *__vmalloc_node(unsigned long size, unsigned long align, |
f38fcb9c | 3290 | gfp_t gfp_mask, int node, const void *caller) |
d0a21265 DR |
3291 | { |
3292 | return __vmalloc_node_range(size, align, VMALLOC_START, VMALLOC_END, | |
f38fcb9c | 3293 | gfp_mask, PAGE_KERNEL, 0, node, caller); |
d0a21265 | 3294 | } |
c3f896dc CH |
3295 | /* |
3296 | * This is only for performance analysis of vmalloc and stress purpose. | |
3297 | * It is required by vmalloc test module, therefore do not use it other | |
3298 | * than that. | |
3299 | */ | |
3300 | #ifdef CONFIG_TEST_VMALLOC_MODULE | |
3301 | EXPORT_SYMBOL_GPL(__vmalloc_node); | |
3302 | #endif | |
d0a21265 | 3303 | |
88dca4ca | 3304 | void *__vmalloc(unsigned long size, gfp_t gfp_mask) |
930fc45a | 3305 | { |
f38fcb9c | 3306 | return __vmalloc_node(size, 1, gfp_mask, NUMA_NO_NODE, |
23016969 | 3307 | __builtin_return_address(0)); |
930fc45a | 3308 | } |
1da177e4 LT |
3309 | EXPORT_SYMBOL(__vmalloc); |
3310 | ||
3311 | /** | |
92eac168 MR |
3312 | * vmalloc - allocate virtually contiguous memory |
3313 | * @size: allocation size | |
3314 | * | |
3315 | * Allocate enough pages to cover @size from the page level | |
3316 | * allocator and map them into contiguous kernel virtual space. | |
1da177e4 | 3317 | * |
92eac168 MR |
3318 | * For tight control over page level allocator and protection flags |
3319 | * use __vmalloc() instead. | |
a862f68a MR |
3320 | * |
3321 | * Return: pointer to the allocated memory or %NULL on error | |
1da177e4 LT |
3322 | */ |
3323 | void *vmalloc(unsigned long size) | |
3324 | { | |
4d39d728 CH |
3325 | return __vmalloc_node(size, 1, GFP_KERNEL, NUMA_NO_NODE, |
3326 | __builtin_return_address(0)); | |
1da177e4 | 3327 | } |
1da177e4 LT |
3328 | EXPORT_SYMBOL(vmalloc); |
3329 | ||
15a64f5a | 3330 | /** |
559089e0 SL |
3331 | * vmalloc_huge - allocate virtually contiguous memory, allow huge pages |
3332 | * @size: allocation size | |
3333 | * @gfp_mask: flags for the page level allocator | |
15a64f5a | 3334 | * |
559089e0 | 3335 | * Allocate enough pages to cover @size from the page level |
15a64f5a | 3336 | * allocator and map them into contiguous kernel virtual space. |
559089e0 SL |
3337 | * If @size is greater than or equal to PMD_SIZE, allow using |
3338 | * huge pages for the memory | |
15a64f5a CI |
3339 | * |
3340 | * Return: pointer to the allocated memory or %NULL on error | |
3341 | */ | |
559089e0 | 3342 | void *vmalloc_huge(unsigned long size, gfp_t gfp_mask) |
15a64f5a CI |
3343 | { |
3344 | return __vmalloc_node_range(size, 1, VMALLOC_START, VMALLOC_END, | |
559089e0 | 3345 | gfp_mask, PAGE_KERNEL, VM_ALLOW_HUGE_VMAP, |
15a64f5a CI |
3346 | NUMA_NO_NODE, __builtin_return_address(0)); |
3347 | } | |
559089e0 | 3348 | EXPORT_SYMBOL_GPL(vmalloc_huge); |
15a64f5a | 3349 | |
e1ca7788 | 3350 | /** |
92eac168 MR |
3351 | * vzalloc - allocate virtually contiguous memory with zero fill |
3352 | * @size: allocation size | |
3353 | * | |
3354 | * Allocate enough pages to cover @size from the page level | |
3355 | * allocator and map them into contiguous kernel virtual space. | |
3356 | * The memory allocated is set to zero. | |
3357 | * | |
3358 | * For tight control over page level allocator and protection flags | |
3359 | * use __vmalloc() instead. | |
a862f68a MR |
3360 | * |
3361 | * Return: pointer to the allocated memory or %NULL on error | |
e1ca7788 DY |
3362 | */ |
3363 | void *vzalloc(unsigned long size) | |
3364 | { | |
4d39d728 CH |
3365 | return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_ZERO, NUMA_NO_NODE, |
3366 | __builtin_return_address(0)); | |
e1ca7788 DY |
3367 | } |
3368 | EXPORT_SYMBOL(vzalloc); | |
3369 | ||
83342314 | 3370 | /** |
ead04089 REB |
3371 | * vmalloc_user - allocate zeroed virtually contiguous memory for userspace |
3372 | * @size: allocation size | |
83342314 | 3373 | * |
ead04089 REB |
3374 | * The resulting memory area is zeroed so it can be mapped to userspace |
3375 | * without leaking data. | |
a862f68a MR |
3376 | * |
3377 | * Return: pointer to the allocated memory or %NULL on error | |
83342314 NP |
3378 | */ |
3379 | void *vmalloc_user(unsigned long size) | |
3380 | { | |
bc84c535 RP |
3381 | return __vmalloc_node_range(size, SHMLBA, VMALLOC_START, VMALLOC_END, |
3382 | GFP_KERNEL | __GFP_ZERO, PAGE_KERNEL, | |
3383 | VM_USERMAP, NUMA_NO_NODE, | |
3384 | __builtin_return_address(0)); | |
83342314 NP |
3385 | } |
3386 | EXPORT_SYMBOL(vmalloc_user); | |
3387 | ||
930fc45a | 3388 | /** |
92eac168 MR |
3389 | * vmalloc_node - allocate memory on a specific node |
3390 | * @size: allocation size | |
3391 | * @node: numa node | |
930fc45a | 3392 | * |
92eac168 MR |
3393 | * Allocate enough pages to cover @size from the page level |
3394 | * allocator and map them into contiguous kernel virtual space. | |
930fc45a | 3395 | * |
92eac168 MR |
3396 | * For tight control over page level allocator and protection flags |
3397 | * use __vmalloc() instead. | |
a862f68a MR |
3398 | * |
3399 | * Return: pointer to the allocated memory or %NULL on error | |
930fc45a CL |
3400 | */ |
3401 | void *vmalloc_node(unsigned long size, int node) | |
3402 | { | |
f38fcb9c CH |
3403 | return __vmalloc_node(size, 1, GFP_KERNEL, node, |
3404 | __builtin_return_address(0)); | |
930fc45a CL |
3405 | } |
3406 | EXPORT_SYMBOL(vmalloc_node); | |
3407 | ||
e1ca7788 DY |
3408 | /** |
3409 | * vzalloc_node - allocate memory on a specific node with zero fill | |
3410 | * @size: allocation size | |
3411 | * @node: numa node | |
3412 | * | |
3413 | * Allocate enough pages to cover @size from the page level | |
3414 | * allocator and map them into contiguous kernel virtual space. | |
3415 | * The memory allocated is set to zero. | |
3416 | * | |
a862f68a | 3417 | * Return: pointer to the allocated memory or %NULL on error |
e1ca7788 DY |
3418 | */ |
3419 | void *vzalloc_node(unsigned long size, int node) | |
3420 | { | |
4d39d728 CH |
3421 | return __vmalloc_node(size, 1, GFP_KERNEL | __GFP_ZERO, node, |
3422 | __builtin_return_address(0)); | |
e1ca7788 DY |
3423 | } |
3424 | EXPORT_SYMBOL(vzalloc_node); | |
3425 | ||
0d08e0d3 | 3426 | #if defined(CONFIG_64BIT) && defined(CONFIG_ZONE_DMA32) |
698d0831 | 3427 | #define GFP_VMALLOC32 (GFP_DMA32 | GFP_KERNEL) |
0d08e0d3 | 3428 | #elif defined(CONFIG_64BIT) && defined(CONFIG_ZONE_DMA) |
698d0831 | 3429 | #define GFP_VMALLOC32 (GFP_DMA | GFP_KERNEL) |
0d08e0d3 | 3430 | #else |
698d0831 MH |
3431 | /* |
3432 | * 64b systems should always have either DMA or DMA32 zones. For others | |
3433 | * GFP_DMA32 should do the right thing and use the normal zone. | |
3434 | */ | |
68d68ff6 | 3435 | #define GFP_VMALLOC32 (GFP_DMA32 | GFP_KERNEL) |
0d08e0d3 AK |
3436 | #endif |
3437 | ||
1da177e4 | 3438 | /** |
92eac168 MR |
3439 | * vmalloc_32 - allocate virtually contiguous memory (32bit addressable) |
3440 | * @size: allocation size | |
1da177e4 | 3441 | * |
92eac168 MR |
3442 | * Allocate enough 32bit PA addressable pages to cover @size from the |
3443 | * page level allocator and map them into contiguous kernel virtual space. | |
a862f68a MR |
3444 | * |
3445 | * Return: pointer to the allocated memory or %NULL on error | |
1da177e4 LT |
3446 | */ |
3447 | void *vmalloc_32(unsigned long size) | |
3448 | { | |
f38fcb9c CH |
3449 | return __vmalloc_node(size, 1, GFP_VMALLOC32, NUMA_NO_NODE, |
3450 | __builtin_return_address(0)); | |
1da177e4 | 3451 | } |
1da177e4 LT |
3452 | EXPORT_SYMBOL(vmalloc_32); |
3453 | ||
83342314 | 3454 | /** |
ead04089 | 3455 | * vmalloc_32_user - allocate zeroed virtually contiguous 32bit memory |
92eac168 | 3456 | * @size: allocation size |
ead04089 REB |
3457 | * |
3458 | * The resulting memory area is 32bit addressable and zeroed so it can be | |
3459 | * mapped to userspace without leaking data. | |
a862f68a MR |
3460 | * |
3461 | * Return: pointer to the allocated memory or %NULL on error | |
83342314 NP |
3462 | */ |
3463 | void *vmalloc_32_user(unsigned long size) | |
3464 | { | |
bc84c535 RP |
3465 | return __vmalloc_node_range(size, SHMLBA, VMALLOC_START, VMALLOC_END, |
3466 | GFP_VMALLOC32 | __GFP_ZERO, PAGE_KERNEL, | |
3467 | VM_USERMAP, NUMA_NO_NODE, | |
3468 | __builtin_return_address(0)); | |
83342314 NP |
3469 | } |
3470 | EXPORT_SYMBOL(vmalloc_32_user); | |
3471 | ||
d0107eb0 KH |
3472 | /* |
3473 | * small helper routine , copy contents to buf from addr. | |
3474 | * If the page is not present, fill zero. | |
3475 | */ | |
3476 | ||
3477 | static int aligned_vread(char *buf, char *addr, unsigned long count) | |
3478 | { | |
3479 | struct page *p; | |
3480 | int copied = 0; | |
3481 | ||
3482 | while (count) { | |
3483 | unsigned long offset, length; | |
3484 | ||
891c49ab | 3485 | offset = offset_in_page(addr); |
d0107eb0 KH |
3486 | length = PAGE_SIZE - offset; |
3487 | if (length > count) | |
3488 | length = count; | |
3489 | p = vmalloc_to_page(addr); | |
3490 | /* | |
3491 | * To do safe access to this _mapped_ area, we need | |
3492 | * lock. But adding lock here means that we need to add | |
f0953a1b | 3493 | * overhead of vmalloc()/vfree() calls for this _debug_ |
d0107eb0 KH |
3494 | * interface, rarely used. Instead of that, we'll use |
3495 | * kmap() and get small overhead in this access function. | |
3496 | */ | |
3497 | if (p) { | |
f7c8ce44 | 3498 | /* We can expect USER0 is not used -- see vread() */ |
9b04c5fe | 3499 | void *map = kmap_atomic(p); |
d0107eb0 | 3500 | memcpy(buf, map + offset, length); |
9b04c5fe | 3501 | kunmap_atomic(map); |
d0107eb0 KH |
3502 | } else |
3503 | memset(buf, 0, length); | |
3504 | ||
3505 | addr += length; | |
3506 | buf += length; | |
3507 | copied += length; | |
3508 | count -= length; | |
3509 | } | |
3510 | return copied; | |
3511 | } | |
3512 | ||
d0107eb0 | 3513 | /** |
92eac168 MR |
3514 | * vread() - read vmalloc area in a safe way. |
3515 | * @buf: buffer for reading data | |
3516 | * @addr: vm address. | |
3517 | * @count: number of bytes to be read. | |
3518 | * | |
92eac168 MR |
3519 | * This function checks that addr is a valid vmalloc'ed area, and |
3520 | * copy data from that area to a given buffer. If the given memory range | |
3521 | * of [addr...addr+count) includes some valid address, data is copied to | |
3522 | * proper area of @buf. If there are memory holes, they'll be zero-filled. | |
3523 | * IOREMAP area is treated as memory hole and no copy is done. | |
3524 | * | |
3525 | * If [addr...addr+count) doesn't includes any intersects with alive | |
3526 | * vm_struct area, returns 0. @buf should be kernel's buffer. | |
3527 | * | |
3528 | * Note: In usual ops, vread() is never necessary because the caller | |
3529 | * should know vmalloc() area is valid and can use memcpy(). | |
3530 | * This is for routines which have to access vmalloc area without | |
bbcd53c9 | 3531 | * any information, as /proc/kcore. |
a862f68a MR |
3532 | * |
3533 | * Return: number of bytes for which addr and buf should be increased | |
3534 | * (same number as @count) or %0 if [addr...addr+count) doesn't | |
3535 | * include any intersection with valid vmalloc area | |
d0107eb0 | 3536 | */ |
1da177e4 LT |
3537 | long vread(char *buf, char *addr, unsigned long count) |
3538 | { | |
e81ce85f JK |
3539 | struct vmap_area *va; |
3540 | struct vm_struct *vm; | |
1da177e4 | 3541 | char *vaddr, *buf_start = buf; |
d0107eb0 | 3542 | unsigned long buflen = count; |
1da177e4 LT |
3543 | unsigned long n; |
3544 | ||
4aff1dc4 AK |
3545 | addr = kasan_reset_tag(addr); |
3546 | ||
1da177e4 LT |
3547 | /* Don't allow overflow */ |
3548 | if ((unsigned long) addr + count < count) | |
3549 | count = -(unsigned long) addr; | |
3550 | ||
e81ce85f | 3551 | spin_lock(&vmap_area_lock); |
f181234a | 3552 | va = find_vmap_area_exceed_addr((unsigned long)addr); |
f608788c SD |
3553 | if (!va) |
3554 | goto finished; | |
f181234a CW |
3555 | |
3556 | /* no intersects with alive vmap_area */ | |
3557 | if ((unsigned long)addr + count <= va->va_start) | |
3558 | goto finished; | |
3559 | ||
f608788c | 3560 | list_for_each_entry_from(va, &vmap_area_list, list) { |
e81ce85f JK |
3561 | if (!count) |
3562 | break; | |
3563 | ||
688fcbfc | 3564 | if (!va->vm) |
e81ce85f JK |
3565 | continue; |
3566 | ||
3567 | vm = va->vm; | |
3568 | vaddr = (char *) vm->addr; | |
762216ab | 3569 | if (addr >= vaddr + get_vm_area_size(vm)) |
1da177e4 LT |
3570 | continue; |
3571 | while (addr < vaddr) { | |
3572 | if (count == 0) | |
3573 | goto finished; | |
3574 | *buf = '\0'; | |
3575 | buf++; | |
3576 | addr++; | |
3577 | count--; | |
3578 | } | |
762216ab | 3579 | n = vaddr + get_vm_area_size(vm) - addr; |
d0107eb0 KH |
3580 | if (n > count) |
3581 | n = count; | |
e81ce85f | 3582 | if (!(vm->flags & VM_IOREMAP)) |
d0107eb0 KH |
3583 | aligned_vread(buf, addr, n); |
3584 | else /* IOREMAP area is treated as memory hole */ | |
3585 | memset(buf, 0, n); | |
3586 | buf += n; | |
3587 | addr += n; | |
3588 | count -= n; | |
1da177e4 LT |
3589 | } |
3590 | finished: | |
e81ce85f | 3591 | spin_unlock(&vmap_area_lock); |
d0107eb0 KH |
3592 | |
3593 | if (buf == buf_start) | |
3594 | return 0; | |
3595 | /* zero-fill memory holes */ | |
3596 | if (buf != buf_start + buflen) | |
3597 | memset(buf, 0, buflen - (buf - buf_start)); | |
3598 | ||
3599 | return buflen; | |
1da177e4 LT |
3600 | } |
3601 | ||
83342314 | 3602 | /** |
92eac168 MR |
3603 | * remap_vmalloc_range_partial - map vmalloc pages to userspace |
3604 | * @vma: vma to cover | |
3605 | * @uaddr: target user address to start at | |
3606 | * @kaddr: virtual address of vmalloc kernel memory | |
bdebd6a2 | 3607 | * @pgoff: offset from @kaddr to start at |
92eac168 | 3608 | * @size: size of map area |
7682486b | 3609 | * |
92eac168 | 3610 | * Returns: 0 for success, -Exxx on failure |
83342314 | 3611 | * |
92eac168 MR |
3612 | * This function checks that @kaddr is a valid vmalloc'ed area, |
3613 | * and that it is big enough to cover the range starting at | |
3614 | * @uaddr in @vma. Will return failure if that criteria isn't | |
3615 | * met. | |
83342314 | 3616 | * |
92eac168 | 3617 | * Similar to remap_pfn_range() (see mm/memory.c) |
83342314 | 3618 | */ |
e69e9d4a | 3619 | int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr, |
bdebd6a2 JH |
3620 | void *kaddr, unsigned long pgoff, |
3621 | unsigned long size) | |
83342314 NP |
3622 | { |
3623 | struct vm_struct *area; | |
bdebd6a2 JH |
3624 | unsigned long off; |
3625 | unsigned long end_index; | |
3626 | ||
3627 | if (check_shl_overflow(pgoff, PAGE_SHIFT, &off)) | |
3628 | return -EINVAL; | |
83342314 | 3629 | |
e69e9d4a HD |
3630 | size = PAGE_ALIGN(size); |
3631 | ||
3632 | if (!PAGE_ALIGNED(uaddr) || !PAGE_ALIGNED(kaddr)) | |
83342314 NP |
3633 | return -EINVAL; |
3634 | ||
e69e9d4a | 3635 | area = find_vm_area(kaddr); |
83342314 | 3636 | if (!area) |
db64fe02 | 3637 | return -EINVAL; |
83342314 | 3638 | |
fe9041c2 | 3639 | if (!(area->flags & (VM_USERMAP | VM_DMA_COHERENT))) |
db64fe02 | 3640 | return -EINVAL; |
83342314 | 3641 | |
bdebd6a2 JH |
3642 | if (check_add_overflow(size, off, &end_index) || |
3643 | end_index > get_vm_area_size(area)) | |
db64fe02 | 3644 | return -EINVAL; |
bdebd6a2 | 3645 | kaddr += off; |
83342314 | 3646 | |
83342314 | 3647 | do { |
e69e9d4a | 3648 | struct page *page = vmalloc_to_page(kaddr); |
db64fe02 NP |
3649 | int ret; |
3650 | ||
83342314 NP |
3651 | ret = vm_insert_page(vma, uaddr, page); |
3652 | if (ret) | |
3653 | return ret; | |
3654 | ||
3655 | uaddr += PAGE_SIZE; | |
e69e9d4a HD |
3656 | kaddr += PAGE_SIZE; |
3657 | size -= PAGE_SIZE; | |
3658 | } while (size > 0); | |
83342314 | 3659 | |
314e51b9 | 3660 | vma->vm_flags |= VM_DONTEXPAND | VM_DONTDUMP; |
83342314 | 3661 | |
db64fe02 | 3662 | return 0; |
83342314 | 3663 | } |
e69e9d4a HD |
3664 | |
3665 | /** | |
92eac168 MR |
3666 | * remap_vmalloc_range - map vmalloc pages to userspace |
3667 | * @vma: vma to cover (map full range of vma) | |
3668 | * @addr: vmalloc memory | |
3669 | * @pgoff: number of pages into addr before first page to map | |
e69e9d4a | 3670 | * |
92eac168 | 3671 | * Returns: 0 for success, -Exxx on failure |
e69e9d4a | 3672 | * |
92eac168 MR |
3673 | * This function checks that addr is a valid vmalloc'ed area, and |
3674 | * that it is big enough to cover the vma. Will return failure if | |
3675 | * that criteria isn't met. | |
e69e9d4a | 3676 | * |
92eac168 | 3677 | * Similar to remap_pfn_range() (see mm/memory.c) |
e69e9d4a HD |
3678 | */ |
3679 | int remap_vmalloc_range(struct vm_area_struct *vma, void *addr, | |
3680 | unsigned long pgoff) | |
3681 | { | |
3682 | return remap_vmalloc_range_partial(vma, vma->vm_start, | |
bdebd6a2 | 3683 | addr, pgoff, |
e69e9d4a HD |
3684 | vma->vm_end - vma->vm_start); |
3685 | } | |
83342314 NP |
3686 | EXPORT_SYMBOL(remap_vmalloc_range); |
3687 | ||
5f4352fb JF |
3688 | void free_vm_area(struct vm_struct *area) |
3689 | { | |
3690 | struct vm_struct *ret; | |
3691 | ret = remove_vm_area(area->addr); | |
3692 | BUG_ON(ret != area); | |
3693 | kfree(area); | |
3694 | } | |
3695 | EXPORT_SYMBOL_GPL(free_vm_area); | |
a10aa579 | 3696 | |
4f8b02b4 | 3697 | #ifdef CONFIG_SMP |
ca23e405 TH |
3698 | static struct vmap_area *node_to_va(struct rb_node *n) |
3699 | { | |
4583e773 | 3700 | return rb_entry_safe(n, struct vmap_area, rb_node); |
ca23e405 TH |
3701 | } |
3702 | ||
3703 | /** | |
68ad4a33 URS |
3704 | * pvm_find_va_enclose_addr - find the vmap_area @addr belongs to |
3705 | * @addr: target address | |
ca23e405 | 3706 | * |
68ad4a33 URS |
3707 | * Returns: vmap_area if it is found. If there is no such area |
3708 | * the first highest(reverse order) vmap_area is returned | |
3709 | * i.e. va->va_start < addr && va->va_end < addr or NULL | |
3710 | * if there are no any areas before @addr. | |
ca23e405 | 3711 | */ |
68ad4a33 URS |
3712 | static struct vmap_area * |
3713 | pvm_find_va_enclose_addr(unsigned long addr) | |
ca23e405 | 3714 | { |
68ad4a33 URS |
3715 | struct vmap_area *va, *tmp; |
3716 | struct rb_node *n; | |
3717 | ||
3718 | n = free_vmap_area_root.rb_node; | |
3719 | va = NULL; | |
ca23e405 TH |
3720 | |
3721 | while (n) { | |
68ad4a33 URS |
3722 | tmp = rb_entry(n, struct vmap_area, rb_node); |
3723 | if (tmp->va_start <= addr) { | |
3724 | va = tmp; | |
3725 | if (tmp->va_end >= addr) | |
3726 | break; | |
3727 | ||
ca23e405 | 3728 | n = n->rb_right; |
68ad4a33 URS |
3729 | } else { |
3730 | n = n->rb_left; | |
3731 | } | |
ca23e405 TH |
3732 | } |
3733 | ||
68ad4a33 | 3734 | return va; |
ca23e405 TH |
3735 | } |
3736 | ||
3737 | /** | |
68ad4a33 URS |
3738 | * pvm_determine_end_from_reverse - find the highest aligned address |
3739 | * of free block below VMALLOC_END | |
3740 | * @va: | |
3741 | * in - the VA we start the search(reverse order); | |
3742 | * out - the VA with the highest aligned end address. | |
799fa85d | 3743 | * @align: alignment for required highest address |
ca23e405 | 3744 | * |
68ad4a33 | 3745 | * Returns: determined end address within vmap_area |
ca23e405 | 3746 | */ |
68ad4a33 URS |
3747 | static unsigned long |
3748 | pvm_determine_end_from_reverse(struct vmap_area **va, unsigned long align) | |
ca23e405 | 3749 | { |
68ad4a33 | 3750 | unsigned long vmalloc_end = VMALLOC_END & ~(align - 1); |
ca23e405 TH |
3751 | unsigned long addr; |
3752 | ||
68ad4a33 URS |
3753 | if (likely(*va)) { |
3754 | list_for_each_entry_from_reverse((*va), | |
3755 | &free_vmap_area_list, list) { | |
3756 | addr = min((*va)->va_end & ~(align - 1), vmalloc_end); | |
3757 | if ((*va)->va_start < addr) | |
3758 | return addr; | |
3759 | } | |
ca23e405 TH |
3760 | } |
3761 | ||
68ad4a33 | 3762 | return 0; |
ca23e405 TH |
3763 | } |
3764 | ||
3765 | /** | |
3766 | * pcpu_get_vm_areas - allocate vmalloc areas for percpu allocator | |
3767 | * @offsets: array containing offset of each area | |
3768 | * @sizes: array containing size of each area | |
3769 | * @nr_vms: the number of areas to allocate | |
3770 | * @align: alignment, all entries in @offsets and @sizes must be aligned to this | |
ca23e405 TH |
3771 | * |
3772 | * Returns: kmalloc'd vm_struct pointer array pointing to allocated | |
3773 | * vm_structs on success, %NULL on failure | |
3774 | * | |
3775 | * Percpu allocator wants to use congruent vm areas so that it can | |
3776 | * maintain the offsets among percpu areas. This function allocates | |
ec3f64fc DR |
3777 | * congruent vmalloc areas for it with GFP_KERNEL. These areas tend to |
3778 | * be scattered pretty far, distance between two areas easily going up | |
3779 | * to gigabytes. To avoid interacting with regular vmallocs, these | |
3780 | * areas are allocated from top. | |
ca23e405 | 3781 | * |
68ad4a33 URS |
3782 | * Despite its complicated look, this allocator is rather simple. It |
3783 | * does everything top-down and scans free blocks from the end looking | |
3784 | * for matching base. While scanning, if any of the areas do not fit the | |
3785 | * base address is pulled down to fit the area. Scanning is repeated till | |
3786 | * all the areas fit and then all necessary data structures are inserted | |
3787 | * and the result is returned. | |
ca23e405 TH |
3788 | */ |
3789 | struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets, | |
3790 | const size_t *sizes, int nr_vms, | |
ec3f64fc | 3791 | size_t align) |
ca23e405 TH |
3792 | { |
3793 | const unsigned long vmalloc_start = ALIGN(VMALLOC_START, align); | |
3794 | const unsigned long vmalloc_end = VMALLOC_END & ~(align - 1); | |
68ad4a33 | 3795 | struct vmap_area **vas, *va; |
ca23e405 TH |
3796 | struct vm_struct **vms; |
3797 | int area, area2, last_area, term_area; | |
253a496d | 3798 | unsigned long base, start, size, end, last_end, orig_start, orig_end; |
ca23e405 TH |
3799 | bool purged = false; |
3800 | ||
ca23e405 | 3801 | /* verify parameters and allocate data structures */ |
891c49ab | 3802 | BUG_ON(offset_in_page(align) || !is_power_of_2(align)); |
ca23e405 TH |
3803 | for (last_area = 0, area = 0; area < nr_vms; area++) { |
3804 | start = offsets[area]; | |
3805 | end = start + sizes[area]; | |
3806 | ||
3807 | /* is everything aligned properly? */ | |
3808 | BUG_ON(!IS_ALIGNED(offsets[area], align)); | |
3809 | BUG_ON(!IS_ALIGNED(sizes[area], align)); | |
3810 | ||
3811 | /* detect the area with the highest address */ | |
3812 | if (start > offsets[last_area]) | |
3813 | last_area = area; | |
3814 | ||
c568da28 | 3815 | for (area2 = area + 1; area2 < nr_vms; area2++) { |
ca23e405 TH |
3816 | unsigned long start2 = offsets[area2]; |
3817 | unsigned long end2 = start2 + sizes[area2]; | |
3818 | ||
c568da28 | 3819 | BUG_ON(start2 < end && start < end2); |
ca23e405 TH |
3820 | } |
3821 | } | |
3822 | last_end = offsets[last_area] + sizes[last_area]; | |
3823 | ||
3824 | if (vmalloc_end - vmalloc_start < last_end) { | |
3825 | WARN_ON(true); | |
3826 | return NULL; | |
3827 | } | |
3828 | ||
4d67d860 TM |
3829 | vms = kcalloc(nr_vms, sizeof(vms[0]), GFP_KERNEL); |
3830 | vas = kcalloc(nr_vms, sizeof(vas[0]), GFP_KERNEL); | |
ca23e405 | 3831 | if (!vas || !vms) |
f1db7afd | 3832 | goto err_free2; |
ca23e405 TH |
3833 | |
3834 | for (area = 0; area < nr_vms; area++) { | |
68ad4a33 | 3835 | vas[area] = kmem_cache_zalloc(vmap_area_cachep, GFP_KERNEL); |
ec3f64fc | 3836 | vms[area] = kzalloc(sizeof(struct vm_struct), GFP_KERNEL); |
ca23e405 TH |
3837 | if (!vas[area] || !vms[area]) |
3838 | goto err_free; | |
3839 | } | |
3840 | retry: | |
e36176be | 3841 | spin_lock(&free_vmap_area_lock); |
ca23e405 TH |
3842 | |
3843 | /* start scanning - we scan from the top, begin with the last area */ | |
3844 | area = term_area = last_area; | |
3845 | start = offsets[area]; | |
3846 | end = start + sizes[area]; | |
3847 | ||
68ad4a33 URS |
3848 | va = pvm_find_va_enclose_addr(vmalloc_end); |
3849 | base = pvm_determine_end_from_reverse(&va, align) - end; | |
ca23e405 TH |
3850 | |
3851 | while (true) { | |
ca23e405 TH |
3852 | /* |
3853 | * base might have underflowed, add last_end before | |
3854 | * comparing. | |
3855 | */ | |
68ad4a33 URS |
3856 | if (base + last_end < vmalloc_start + last_end) |
3857 | goto overflow; | |
ca23e405 TH |
3858 | |
3859 | /* | |
68ad4a33 | 3860 | * Fitting base has not been found. |
ca23e405 | 3861 | */ |
68ad4a33 URS |
3862 | if (va == NULL) |
3863 | goto overflow; | |
ca23e405 | 3864 | |
5336e52c | 3865 | /* |
d8cc323d | 3866 | * If required width exceeds current VA block, move |
5336e52c KS |
3867 | * base downwards and then recheck. |
3868 | */ | |
3869 | if (base + end > va->va_end) { | |
3870 | base = pvm_determine_end_from_reverse(&va, align) - end; | |
3871 | term_area = area; | |
3872 | continue; | |
3873 | } | |
3874 | ||
ca23e405 | 3875 | /* |
68ad4a33 | 3876 | * If this VA does not fit, move base downwards and recheck. |
ca23e405 | 3877 | */ |
5336e52c | 3878 | if (base + start < va->va_start) { |
68ad4a33 URS |
3879 | va = node_to_va(rb_prev(&va->rb_node)); |
3880 | base = pvm_determine_end_from_reverse(&va, align) - end; | |
ca23e405 TH |
3881 | term_area = area; |
3882 | continue; | |
3883 | } | |
3884 | ||
3885 | /* | |
3886 | * This area fits, move on to the previous one. If | |
3887 | * the previous one is the terminal one, we're done. | |
3888 | */ | |
3889 | area = (area + nr_vms - 1) % nr_vms; | |
3890 | if (area == term_area) | |
3891 | break; | |
68ad4a33 | 3892 | |
ca23e405 TH |
3893 | start = offsets[area]; |
3894 | end = start + sizes[area]; | |
68ad4a33 | 3895 | va = pvm_find_va_enclose_addr(base + end); |
ca23e405 | 3896 | } |
68ad4a33 | 3897 | |
ca23e405 TH |
3898 | /* we've found a fitting base, insert all va's */ |
3899 | for (area = 0; area < nr_vms; area++) { | |
68ad4a33 | 3900 | int ret; |
ca23e405 | 3901 | |
68ad4a33 URS |
3902 | start = base + offsets[area]; |
3903 | size = sizes[area]; | |
ca23e405 | 3904 | |
68ad4a33 URS |
3905 | va = pvm_find_va_enclose_addr(start); |
3906 | if (WARN_ON_ONCE(va == NULL)) | |
3907 | /* It is a BUG(), but trigger recovery instead. */ | |
3908 | goto recovery; | |
3909 | ||
f9863be4 URS |
3910 | ret = adjust_va_to_fit_type(&free_vmap_area_root, |
3911 | &free_vmap_area_list, | |
3912 | va, start, size); | |
1b23ff80 | 3913 | if (WARN_ON_ONCE(unlikely(ret))) |
68ad4a33 URS |
3914 | /* It is a BUG(), but trigger recovery instead. */ |
3915 | goto recovery; | |
3916 | ||
68ad4a33 URS |
3917 | /* Allocated area. */ |
3918 | va = vas[area]; | |
3919 | va->va_start = start; | |
3920 | va->va_end = start + size; | |
68ad4a33 | 3921 | } |
ca23e405 | 3922 | |
e36176be | 3923 | spin_unlock(&free_vmap_area_lock); |
ca23e405 | 3924 | |
253a496d DA |
3925 | /* populate the kasan shadow space */ |
3926 | for (area = 0; area < nr_vms; area++) { | |
3927 | if (kasan_populate_vmalloc(vas[area]->va_start, sizes[area])) | |
3928 | goto err_free_shadow; | |
253a496d DA |
3929 | } |
3930 | ||
ca23e405 | 3931 | /* insert all vm's */ |
e36176be URS |
3932 | spin_lock(&vmap_area_lock); |
3933 | for (area = 0; area < nr_vms; area++) { | |
3934 | insert_vmap_area(vas[area], &vmap_area_root, &vmap_area_list); | |
3935 | ||
3936 | setup_vmalloc_vm_locked(vms[area], vas[area], VM_ALLOC, | |
3645cb4a | 3937 | pcpu_get_vm_areas); |
e36176be URS |
3938 | } |
3939 | spin_unlock(&vmap_area_lock); | |
ca23e405 | 3940 | |
19f1c3ac AK |
3941 | /* |
3942 | * Mark allocated areas as accessible. Do it now as a best-effort | |
3943 | * approach, as they can be mapped outside of vmalloc code. | |
23689e91 AK |
3944 | * With hardware tag-based KASAN, marking is skipped for |
3945 | * non-VM_ALLOC mappings, see __kasan_unpoison_vmalloc(). | |
19f1c3ac | 3946 | */ |
1d96320f AK |
3947 | for (area = 0; area < nr_vms; area++) |
3948 | vms[area]->addr = kasan_unpoison_vmalloc(vms[area]->addr, | |
f6e39794 | 3949 | vms[area]->size, KASAN_VMALLOC_PROT_NORMAL); |
1d96320f | 3950 | |
ca23e405 TH |
3951 | kfree(vas); |
3952 | return vms; | |
3953 | ||
68ad4a33 | 3954 | recovery: |
e36176be URS |
3955 | /* |
3956 | * Remove previously allocated areas. There is no | |
3957 | * need in removing these areas from the busy tree, | |
3958 | * because they are inserted only on the final step | |
3959 | * and when pcpu_get_vm_areas() is success. | |
3960 | */ | |
68ad4a33 | 3961 | while (area--) { |
253a496d DA |
3962 | orig_start = vas[area]->va_start; |
3963 | orig_end = vas[area]->va_end; | |
96e2db45 URS |
3964 | va = merge_or_add_vmap_area_augment(vas[area], &free_vmap_area_root, |
3965 | &free_vmap_area_list); | |
9c801f61 URS |
3966 | if (va) |
3967 | kasan_release_vmalloc(orig_start, orig_end, | |
3968 | va->va_start, va->va_end); | |
68ad4a33 URS |
3969 | vas[area] = NULL; |
3970 | } | |
3971 | ||
3972 | overflow: | |
e36176be | 3973 | spin_unlock(&free_vmap_area_lock); |
68ad4a33 URS |
3974 | if (!purged) { |
3975 | purge_vmap_area_lazy(); | |
3976 | purged = true; | |
3977 | ||
3978 | /* Before "retry", check if we recover. */ | |
3979 | for (area = 0; area < nr_vms; area++) { | |
3980 | if (vas[area]) | |
3981 | continue; | |
3982 | ||
3983 | vas[area] = kmem_cache_zalloc( | |
3984 | vmap_area_cachep, GFP_KERNEL); | |
3985 | if (!vas[area]) | |
3986 | goto err_free; | |
3987 | } | |
3988 | ||
3989 | goto retry; | |
3990 | } | |
3991 | ||
ca23e405 TH |
3992 | err_free: |
3993 | for (area = 0; area < nr_vms; area++) { | |
68ad4a33 URS |
3994 | if (vas[area]) |
3995 | kmem_cache_free(vmap_area_cachep, vas[area]); | |
3996 | ||
f1db7afd | 3997 | kfree(vms[area]); |
ca23e405 | 3998 | } |
f1db7afd | 3999 | err_free2: |
ca23e405 TH |
4000 | kfree(vas); |
4001 | kfree(vms); | |
4002 | return NULL; | |
253a496d DA |
4003 | |
4004 | err_free_shadow: | |
4005 | spin_lock(&free_vmap_area_lock); | |
4006 | /* | |
4007 | * We release all the vmalloc shadows, even the ones for regions that | |
4008 | * hadn't been successfully added. This relies on kasan_release_vmalloc | |
4009 | * being able to tolerate this case. | |
4010 | */ | |
4011 | for (area = 0; area < nr_vms; area++) { | |
4012 | orig_start = vas[area]->va_start; | |
4013 | orig_end = vas[area]->va_end; | |
96e2db45 URS |
4014 | va = merge_or_add_vmap_area_augment(vas[area], &free_vmap_area_root, |
4015 | &free_vmap_area_list); | |
9c801f61 URS |
4016 | if (va) |
4017 | kasan_release_vmalloc(orig_start, orig_end, | |
4018 | va->va_start, va->va_end); | |
253a496d DA |
4019 | vas[area] = NULL; |
4020 | kfree(vms[area]); | |
4021 | } | |
4022 | spin_unlock(&free_vmap_area_lock); | |
4023 | kfree(vas); | |
4024 | kfree(vms); | |
4025 | return NULL; | |
ca23e405 TH |
4026 | } |
4027 | ||
4028 | /** | |
4029 | * pcpu_free_vm_areas - free vmalloc areas for percpu allocator | |
4030 | * @vms: vm_struct pointer array returned by pcpu_get_vm_areas() | |
4031 | * @nr_vms: the number of allocated areas | |
4032 | * | |
4033 | * Free vm_structs and the array allocated by pcpu_get_vm_areas(). | |
4034 | */ | |
4035 | void pcpu_free_vm_areas(struct vm_struct **vms, int nr_vms) | |
4036 | { | |
4037 | int i; | |
4038 | ||
4039 | for (i = 0; i < nr_vms; i++) | |
4040 | free_vm_area(vms[i]); | |
4041 | kfree(vms); | |
4042 | } | |
4f8b02b4 | 4043 | #endif /* CONFIG_SMP */ |
a10aa579 | 4044 | |
5bb1bb35 | 4045 | #ifdef CONFIG_PRINTK |
98f18083 PM |
4046 | bool vmalloc_dump_obj(void *object) |
4047 | { | |
4048 | struct vm_struct *vm; | |
4049 | void *objp = (void *)PAGE_ALIGN((unsigned long)object); | |
4050 | ||
4051 | vm = find_vm_area(objp); | |
4052 | if (!vm) | |
4053 | return false; | |
bd34dcd4 PM |
4054 | pr_cont(" %u-page vmalloc region starting at %#lx allocated at %pS\n", |
4055 | vm->nr_pages, (unsigned long)vm->addr, vm->caller); | |
98f18083 PM |
4056 | return true; |
4057 | } | |
5bb1bb35 | 4058 | #endif |
98f18083 | 4059 | |
a10aa579 CL |
4060 | #ifdef CONFIG_PROC_FS |
4061 | static void *s_start(struct seq_file *m, loff_t *pos) | |
e36176be | 4062 | __acquires(&vmap_purge_lock) |
d4033afd | 4063 | __acquires(&vmap_area_lock) |
a10aa579 | 4064 | { |
e36176be | 4065 | mutex_lock(&vmap_purge_lock); |
d4033afd | 4066 | spin_lock(&vmap_area_lock); |
e36176be | 4067 | |
3f500069 | 4068 | return seq_list_start(&vmap_area_list, *pos); |
a10aa579 CL |
4069 | } |
4070 | ||
4071 | static void *s_next(struct seq_file *m, void *p, loff_t *pos) | |
4072 | { | |
3f500069 | 4073 | return seq_list_next(p, &vmap_area_list, pos); |
a10aa579 CL |
4074 | } |
4075 | ||
4076 | static void s_stop(struct seq_file *m, void *p) | |
d4033afd | 4077 | __releases(&vmap_area_lock) |
0a7dd4e9 | 4078 | __releases(&vmap_purge_lock) |
a10aa579 | 4079 | { |
d4033afd | 4080 | spin_unlock(&vmap_area_lock); |
0a7dd4e9 | 4081 | mutex_unlock(&vmap_purge_lock); |
a10aa579 CL |
4082 | } |
4083 | ||
a47a126a ED |
4084 | static void show_numa_info(struct seq_file *m, struct vm_struct *v) |
4085 | { | |
e5adfffc | 4086 | if (IS_ENABLED(CONFIG_NUMA)) { |
a47a126a | 4087 | unsigned int nr, *counters = m->private; |
51e50b3a | 4088 | unsigned int step = 1U << vm_area_page_order(v); |
a47a126a ED |
4089 | |
4090 | if (!counters) | |
4091 | return; | |
4092 | ||
af12346c WL |
4093 | if (v->flags & VM_UNINITIALIZED) |
4094 | return; | |
7e5b528b DV |
4095 | /* Pair with smp_wmb() in clear_vm_uninitialized_flag() */ |
4096 | smp_rmb(); | |
af12346c | 4097 | |
a47a126a ED |
4098 | memset(counters, 0, nr_node_ids * sizeof(unsigned int)); |
4099 | ||
51e50b3a ED |
4100 | for (nr = 0; nr < v->nr_pages; nr += step) |
4101 | counters[page_to_nid(v->pages[nr])] += step; | |
a47a126a ED |
4102 | for_each_node_state(nr, N_HIGH_MEMORY) |
4103 | if (counters[nr]) | |
4104 | seq_printf(m, " N%u=%u", nr, counters[nr]); | |
4105 | } | |
4106 | } | |
4107 | ||
dd3b8353 URS |
4108 | static void show_purge_info(struct seq_file *m) |
4109 | { | |
dd3b8353 URS |
4110 | struct vmap_area *va; |
4111 | ||
96e2db45 URS |
4112 | spin_lock(&purge_vmap_area_lock); |
4113 | list_for_each_entry(va, &purge_vmap_area_list, list) { | |
dd3b8353 URS |
4114 | seq_printf(m, "0x%pK-0x%pK %7ld unpurged vm_area\n", |
4115 | (void *)va->va_start, (void *)va->va_end, | |
4116 | va->va_end - va->va_start); | |
4117 | } | |
96e2db45 | 4118 | spin_unlock(&purge_vmap_area_lock); |
dd3b8353 URS |
4119 | } |
4120 | ||
a10aa579 CL |
4121 | static int s_show(struct seq_file *m, void *p) |
4122 | { | |
3f500069 | 4123 | struct vmap_area *va; |
d4033afd JK |
4124 | struct vm_struct *v; |
4125 | ||
3f500069 | 4126 | va = list_entry(p, struct vmap_area, list); |
4127 | ||
c2ce8c14 | 4128 | /* |
688fcbfc PL |
4129 | * s_show can encounter race with remove_vm_area, !vm on behalf |
4130 | * of vmap area is being tear down or vm_map_ram allocation. | |
c2ce8c14 | 4131 | */ |
688fcbfc | 4132 | if (!va->vm) { |
dd3b8353 | 4133 | seq_printf(m, "0x%pK-0x%pK %7ld vm_map_ram\n", |
78c72746 | 4134 | (void *)va->va_start, (void *)va->va_end, |
dd3b8353 | 4135 | va->va_end - va->va_start); |
78c72746 | 4136 | |
7cc7913e | 4137 | goto final; |
78c72746 | 4138 | } |
d4033afd JK |
4139 | |
4140 | v = va->vm; | |
a10aa579 | 4141 | |
45ec1690 | 4142 | seq_printf(m, "0x%pK-0x%pK %7ld", |
a10aa579 CL |
4143 | v->addr, v->addr + v->size, v->size); |
4144 | ||
62c70bce JP |
4145 | if (v->caller) |
4146 | seq_printf(m, " %pS", v->caller); | |
23016969 | 4147 | |
a10aa579 CL |
4148 | if (v->nr_pages) |
4149 | seq_printf(m, " pages=%d", v->nr_pages); | |
4150 | ||
4151 | if (v->phys_addr) | |
199eaa05 | 4152 | seq_printf(m, " phys=%pa", &v->phys_addr); |
a10aa579 CL |
4153 | |
4154 | if (v->flags & VM_IOREMAP) | |
f4527c90 | 4155 | seq_puts(m, " ioremap"); |
a10aa579 CL |
4156 | |
4157 | if (v->flags & VM_ALLOC) | |
f4527c90 | 4158 | seq_puts(m, " vmalloc"); |
a10aa579 CL |
4159 | |
4160 | if (v->flags & VM_MAP) | |
f4527c90 | 4161 | seq_puts(m, " vmap"); |
a10aa579 CL |
4162 | |
4163 | if (v->flags & VM_USERMAP) | |
f4527c90 | 4164 | seq_puts(m, " user"); |
a10aa579 | 4165 | |
fe9041c2 CH |
4166 | if (v->flags & VM_DMA_COHERENT) |
4167 | seq_puts(m, " dma-coherent"); | |
4168 | ||
244d63ee | 4169 | if (is_vmalloc_addr(v->pages)) |
f4527c90 | 4170 | seq_puts(m, " vpages"); |
a10aa579 | 4171 | |
a47a126a | 4172 | show_numa_info(m, v); |
a10aa579 | 4173 | seq_putc(m, '\n'); |
dd3b8353 URS |
4174 | |
4175 | /* | |
96e2db45 | 4176 | * As a final step, dump "unpurged" areas. |
dd3b8353 | 4177 | */ |
7cc7913e | 4178 | final: |
dd3b8353 URS |
4179 | if (list_is_last(&va->list, &vmap_area_list)) |
4180 | show_purge_info(m); | |
4181 | ||
a10aa579 CL |
4182 | return 0; |
4183 | } | |
4184 | ||
5f6a6a9c | 4185 | static const struct seq_operations vmalloc_op = { |
a10aa579 CL |
4186 | .start = s_start, |
4187 | .next = s_next, | |
4188 | .stop = s_stop, | |
4189 | .show = s_show, | |
4190 | }; | |
5f6a6a9c | 4191 | |
5f6a6a9c AD |
4192 | static int __init proc_vmalloc_init(void) |
4193 | { | |
fddda2b7 | 4194 | if (IS_ENABLED(CONFIG_NUMA)) |
0825a6f9 | 4195 | proc_create_seq_private("vmallocinfo", 0400, NULL, |
44414d82 CH |
4196 | &vmalloc_op, |
4197 | nr_node_ids * sizeof(unsigned int), NULL); | |
fddda2b7 | 4198 | else |
0825a6f9 | 4199 | proc_create_seq("vmallocinfo", 0400, NULL, &vmalloc_op); |
5f6a6a9c AD |
4200 | return 0; |
4201 | } | |
4202 | module_init(proc_vmalloc_init); | |
db3808c1 | 4203 | |
a10aa579 | 4204 | #endif |