mm/cma: change cma mutex to irq safe spinlock

Patch series "make hugetlb put_page safe for all calling contexts", v5.

This effort is the result a recent bug report [1].  Syzbot found a
potential deadlock in the hugetlb put_page/free_huge_page_path.  WARNING:
SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected Since the
free_huge_page_path already has code to 'hand off' page free requests to a
workqueue, a suggestion was proposed to make the in_irq() detection
accurate by always enabling PREEMPT_COUNT [2].  The outcome of that
discussion was that the hugetlb put_page path (free_huge_page) path should
be properly fixed and safe for all calling contexts.

[1] https://lore.kernel.org/linux-mm/000000000000f1c03b05bc43aadc@google.com/
[2] http://lkml.kernel.org/r/20210311021321.127500-1-mike.kravetz@oracle.com

This patch (of 8):

cma_release is currently a sleepable operatation because the bitmap
manipulation is protected by cma->lock mutex.  Hugetlb code which relies
on cma_release for CMA backed (giga) hugetlb pages, however, needs to be
irq safe.

The lock doesn't protect any sleepable operation so it can be changed to a
(irq aware) spin lock.  The bitmap processing should be quite fast in
typical case but if cma sizes grow to TB then we will likely need to
replace the lock by a more optimized bitmap implementation.

Link: https://lkml.kernel.org/r/20210409205254.242291-1-mike.kravetz@oracle.com
Link: https://lkml.kernel.org/r/20210409205254.242291-2-mike.kravetz@oracle.com
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Acked-by: Roman Gushchin <guro@fb.com>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Oscar Salvador <osalvador@suse.de>
Cc: Muchun Song <songmuchun@bytedance.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Miaohe Lin <linmiaohe@huawei.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: HORIGUCHI NAOYA <naoya.horiguchi@nec.com>
Cc: "Aneesh Kumar K . V" <aneesh.kumar@linux.ibm.com>
Cc: Waiman Long <longman@redhat.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Mina Almasry <almasrymina@google.com>
Cc: Hillf Danton <hdanton@sina.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Barry Song <song.bao.hua@hisilicon.com>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/mm/cma.c b/mm/cma.c
index 54eee2119822026fe08a2c24329c5f5b8ee3516a..acd6991f77a00111185eec72224ccdbb7ab512c7 100644 (file)
--- a/mm/cma.c
+++ b/mm/cma.c
@@ -24,7 +24,6 @@
 #include <linux/memblock.h>
 #include <linux/err.h>
 #include <linux/mm.h>
-#include <linux/mutex.h>
 #include <linux/sizes.h>
 #include <linux/slab.h>
 #include <linux/log2.h>
@@ -83,13 +82,14 @@ static void cma_clear_bitmap(struct cma *cma, unsigned long pfn,
                             unsigned int count)
 {
        unsigned long bitmap_no, bitmap_count;
+       unsigned long flags;
 
        bitmap_no = (pfn - cma->base_pfn) >> cma->order_per_bit;
        bitmap_count = cma_bitmap_pages_to_bits(cma, count);
 
-       mutex_lock(&cma->lock);
+       spin_lock_irqsave(&cma->lock, flags);
        bitmap_clear(cma->bitmap, bitmap_no, bitmap_count);
-       mutex_unlock(&cma->lock);
+       spin_unlock_irqrestore(&cma->lock, flags);
 }
 
 static void __init cma_activate_area(struct cma *cma)
@@ -118,7 +118,7 @@ static void __init cma_activate_area(struct cma *cma)
             pfn += pageblock_nr_pages)
                init_cma_reserved_pageblock(pfn_to_page(pfn));
 
-       mutex_init(&cma->lock);
+       spin_lock_init(&cma->lock);
 
 #ifdef CONFIG_CMA_DEBUGFS
        INIT_HLIST_HEAD(&cma->mem_head);
@@ -392,7 +392,7 @@ static void cma_debug_show_areas(struct cma *cma)
        unsigned long nr_part, nr_total = 0;
        unsigned long nbits = cma_bitmap_maxno(cma);
 
-       mutex_lock(&cma->lock);
+       spin_lock_irq(&cma->lock);
        pr_info("number of available pages: ");
        for (;;) {
                next_zero_bit = find_next_zero_bit(cma->bitmap, nbits, start);
@@ -407,7 +407,7 @@ static void cma_debug_show_areas(struct cma *cma)
                start = next_zero_bit + nr_zero;
        }
        pr_cont("=> %lu free of %lu total pages\n", nr_total, cma->count);
-       mutex_unlock(&cma->lock);
+       spin_unlock_irq(&cma->lock);
 }
 #else
 static inline void cma_debug_show_areas(struct cma *cma) { }
@@ -452,12 +452,12 @@ struct page *cma_alloc(struct cma *cma, size_t count, unsigned int align,
                return NULL;
 
        for (;;) {
-               mutex_lock(&cma->lock);
+               spin_lock_irq(&cma->lock);
                bitmap_no = bitmap_find_next_zero_area_off(cma->bitmap,
                                bitmap_maxno, start, bitmap_count, mask,
                                offset);
                if (bitmap_no >= bitmap_maxno) {
-                       mutex_unlock(&cma->lock);
+                       spin_unlock_irq(&cma->lock);
                        break;
                }
                bitmap_set(cma->bitmap, bitmap_no, bitmap_count);
@@ -466,7 +466,7 @@ struct page *cma_alloc(struct cma *cma, size_t count, unsigned int align,
                 * our exclusive use. If the migration fails we will take the
                 * lock again and unmark it.
                 */
-               mutex_unlock(&cma->lock);
+               spin_unlock_irq(&cma->lock);
 
                pfn = cma->base_pfn + (bitmap_no << cma->order_per_bit);
                ret = alloc_contig_range(pfn, pfn + count, MIGRATE_CMA,

diff --git a/mm/cma.h b/mm/cma.h
index 42ae082cb067d15087534d3ef7069a75a7b84619..c46c5050aaa90f70576766a2e8b22cc106ca4abe 100644 (file)
--- a/mm/cma.h
+++ b/mm/cma.h
@@ -9,7 +9,7 @@ struct cma {
        unsigned long   count;
        unsigned long   *bitmap;
        unsigned int order_per_bit; /* Order of pages represented by one bit */
-       struct mutex    lock;
+       spinlock_t      lock;
 #ifdef CONFIG_CMA_DEBUGFS
        struct hlist_head mem_head;
        spinlock_t mem_head_lock;

diff --git a/mm/cma_debug.c b/mm/cma_debug.c
index d5bf8aa34fdca8550f1a5fbee7ed4733ee06627b..2e7704955f4f37b1a328a09d370bde38148f0fa4 100644 (file)
--- a/mm/cma_debug.c
+++ b/mm/cma_debug.c
@@ -36,10 +36,10 @@ static int cma_used_get(void *data, u64 *val)
        struct cma *cma = data;
        unsigned long used;
 
-       mutex_lock(&cma->lock);
+       spin_lock_irq(&cma->lock);
        /* pages counter is smaller than sizeof(int) */
        used = bitmap_weight(cma->bitmap, (int)cma_bitmap_maxno(cma));
-       mutex_unlock(&cma->lock);
+       spin_unlock_irq(&cma->lock);
        *val = (u64)used << cma->order_per_bit;
 
        return 0;
@@ -53,7 +53,7 @@ static int cma_maxchunk_get(void *data, u64 *val)
        unsigned long start, end = 0;
        unsigned long bitmap_maxno = cma_bitmap_maxno(cma);
 
-       mutex_lock(&cma->lock);
+       spin_lock_irq(&cma->lock);
        for (;;) {
                start = find_next_zero_bit(cma->bitmap, bitmap_maxno, end);
                if (start >= bitmap_maxno)
@@ -61,7 +61,7 @@ static int cma_maxchunk_get(void *data, u64 *val)
                end = find_next_bit(cma->bitmap, bitmap_maxno, start);
                maxchunk = max(end - start, maxchunk);
        }
-       mutex_unlock(&cma->lock);
+       spin_unlock_irq(&cma->lock);
        *val = (u64)maxchunk << cma->order_per_bit;
 
        return 0;