|
|
|
#ifndef _LINUX_PAGEMAP_H
|
|
|
|
#define _LINUX_PAGEMAP_H
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Copyright 1995 Linus Torvalds
|
|
|
|
*/
|
|
|
|
#include <linux/mm.h>
|
|
|
|
#include <linux/fs.h>
|
|
|
|
#include <linux/list.h>
|
|
|
|
#include <linux/highmem.h>
|
|
|
|
#include <linux/compiler.h>
|
|
|
|
#include <asm/uaccess.h>
|
|
|
|
#include <linux/gfp.h>
|
|
|
|
#include <linux/bitops.h>
|
|
|
|
#include <linux/hardirq.h> /* for in_interrupt() */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Bits in mapping->flags. The lower __GFP_BITS_SHIFT bits are the page
|
|
|
|
* allocation mode flags.
|
|
|
|
*/
|
|
|
|
#define AS_EIO (__GFP_BITS_SHIFT + 0) /* IO error on async write */
|
|
|
|
#define AS_ENOSPC (__GFP_BITS_SHIFT + 1) /* ENOSPC on async write */
|
|
|
|
#define AS_MM_ALL_LOCKS (__GFP_BITS_SHIFT + 2) /* under mm_take_all_locks() */
|
|
|
|
|
|
|
|
static inline void mapping_set_error(struct address_space *mapping, int error)
|
|
|
|
{
|
|
|
|
if (unlikely(error)) {
|
|
|
|
if (error == -ENOSPC)
|
|
|
|
set_bit(AS_ENOSPC, &mapping->flags);
|
|
|
|
else
|
|
|
|
set_bit(AS_EIO, &mapping->flags);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef CONFIG_UNEVICTABLE_LRU
|
|
|
|
#define AS_UNEVICTABLE (__GFP_BITS_SHIFT + 2) /* e.g., ramdisk, SHM_LOCK */
|
|
|
|
|
|
|
|
static inline void mapping_set_unevictable(struct address_space *mapping)
|
|
|
|
{
|
|
|
|
set_bit(AS_UNEVICTABLE, &mapping->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void mapping_clear_unevictable(struct address_space *mapping)
|
|
|
|
{
|
|
|
|
clear_bit(AS_UNEVICTABLE, &mapping->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int mapping_unevictable(struct address_space *mapping)
|
|
|
|
{
|
|
|
|
if (likely(mapping))
|
|
|
|
return test_bit(AS_UNEVICTABLE, &mapping->flags);
|
|
|
|
return !!mapping;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
static inline void mapping_set_unevictable(struct address_space *mapping) { }
|
|
|
|
static inline void mapping_clear_unevictable(struct address_space *mapping) { }
|
|
|
|
static inline int mapping_unevictable(struct address_space *mapping)
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
static inline gfp_t mapping_gfp_mask(struct address_space * mapping)
|
|
|
|
{
|
|
|
|
return (__force gfp_t)mapping->flags & __GFP_BITS_MASK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This is non-atomic. Only to be used before the mapping is activated.
|
|
|
|
* Probably needs a barrier...
|
|
|
|
*/
|
|
|
|
static inline void mapping_set_gfp_mask(struct address_space *m, gfp_t mask)
|
|
|
|
{
|
|
|
|
m->flags = (m->flags & ~(__force unsigned long)__GFP_BITS_MASK) |
|
|
|
|
(__force unsigned long)mask;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The page cache can done in larger chunks than
|
|
|
|
* one page, because it allows for more efficient
|
|
|
|
* throughput (it can then be mapped into user
|
|
|
|
* space in smaller chunks for same flexibility).
|
|
|
|
*
|
|
|
|
* Or rather, it _will_ be done in larger chunks.
|
|
|
|
*/
|
|
|
|
#define PAGE_CACHE_SHIFT PAGE_SHIFT
|
|
|
|
#define PAGE_CACHE_SIZE PAGE_SIZE
|
|
|
|
#define PAGE_CACHE_MASK PAGE_MASK
|
|
|
|
#define PAGE_CACHE_ALIGN(addr) (((addr)+PAGE_CACHE_SIZE-1)&PAGE_CACHE_MASK)
|
|
|
|
|
|
|
|
#define page_cache_get(page) get_page(page)
|
|
|
|
#define page_cache_release(page) put_page(page)
|
|
|
|
void release_pages(struct page **pages, int nr, int cold);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* speculatively take a reference to a page.
|
|
|
|
* If the page is free (_count == 0), then _count is untouched, and 0
|
|
|
|
* is returned. Otherwise, _count is incremented by 1 and 1 is returned.
|
|
|
|
*
|
|
|
|
* This function must be called inside the same rcu_read_lock() section as has
|
|
|
|
* been used to lookup the page in the pagecache radix-tree (or page table):
|
|
|
|
* this allows allocators to use a synchronize_rcu() to stabilize _count.
|
|
|
|
*
|
|
|
|
* Unless an RCU grace period has passed, the count of all pages coming out
|
|
|
|
* of the allocator must be considered unstable. page_count may return higher
|
|
|
|
* than expected, and put_page must be able to do the right thing when the
|
|
|
|
* page has been finished with, no matter what it is subsequently allocated
|
|
|
|
* for (because put_page is what is used here to drop an invalid speculative
|
|
|
|
* reference).
|
|
|
|
*
|
|
|
|
* This is the interesting part of the lockless pagecache (and lockless
|
|
|
|
* get_user_pages) locking protocol, where the lookup-side (eg. find_get_page)
|
|
|
|
* has the following pattern:
|
|
|
|
* 1. find page in radix tree
|
|
|
|
* 2. conditionally increment refcount
|
|
|
|
* 3. check the page is still in pagecache (if no, goto 1)
|
|
|
|
*
|
|
|
|
* Remove-side that cares about stability of _count (eg. reclaim) has the
|
|
|
|
* following (with tree_lock held for write):
|
|
|
|
* A. atomically check refcount is correct and set it to 0 (atomic_cmpxchg)
|
|
|
|
* B. remove page from pagecache
|
|
|
|
* C. free the page
|
|
|
|
*
|
|
|
|
* There are 2 critical interleavings that matter:
|
|
|
|
* - 2 runs before A: in this case, A sees elevated refcount and bails out
|
|
|
|
* - A runs before 2: in this case, 2 sees zero refcount and retries;
|
|
|
|
* subsequently, B will complete and 1 will find no page, causing the
|
|
|
|
* lookup to return NULL.
|
|
|
|
*
|
|
|
|
* It is possible that between 1 and 2, the page is removed then the exact same
|
|
|
|
* page is inserted into the same position in pagecache. That's OK: the
|
|
|
|
* old find_get_page using tree_lock could equally have run before or after
|
|
|
|
* such a re-insertion, depending on order that locks are granted.
|
|
|
|
*
|
|
|
|
* Lookups racing against pagecache insertion isn't a big problem: either 1
|
|
|
|
* will find the page or it will not. Likewise, the old find_get_page could run
|
|
|
|
* either before the insertion or afterwards, depending on timing.
|
|
|
|
*/
|
|
|
|
static inline int page_cache_get_speculative(struct page *page)
|
|
|
|
{
|
|
|
|
VM_BUG_ON(in_interrupt());
|
|
|
|
|
|
|
|
#if !defined(CONFIG_SMP) && defined(CONFIG_CLASSIC_RCU)
|
|
|
|
# ifdef CONFIG_PREEMPT
|
|
|
|
VM_BUG_ON(!in_atomic());
|
|
|
|
# endif
|
|
|
|
/*
|
|
|
|
* Preempt must be disabled here - we rely on rcu_read_lock doing
|
|
|
|
* this for us.
|
|
|
|
*
|
|
|
|
* Pagecache won't be truncated from interrupt context, so if we have
|
|
|
|
* found a page in the radix tree here, we have pinned its refcount by
|
|
|
|
* disabling preempt, and hence no need for the "speculative get" that
|
|
|
|
* SMP requires.
|
|
|
|
*/
|
|
|
|
VM_BUG_ON(page_count(page) == 0);
|
|
|
|
atomic_inc(&page->_count);
|
|
|
|
|
|
|
|
#else
|
|
|
|
if (unlikely(!get_page_unless_zero(page))) {
|
|
|
|
/*
|
|
|
|
* Either the page has been freed, or will be freed.
|
|
|
|
* In either case, retry here and the caller should
|
|
|
|
* do the right thing (see comments above).
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
VM_BUG_ON(PageTail(page));
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Same as above, but add instead of inc (could just be merged)
|
|
|
|
*/
|
|
|
|
static inline int page_cache_add_speculative(struct page *page, int count)
|
|
|
|
{
|
|
|
|
VM_BUG_ON(in_interrupt());
|
|
|
|
|
|
|
|
#if !defined(CONFIG_SMP) && defined(CONFIG_CLASSIC_RCU)
|
|
|
|
# ifdef CONFIG_PREEMPT
|
|
|
|
VM_BUG_ON(!in_atomic());
|
|
|
|
# endif
|
|
|
|
VM_BUG_ON(page_count(page) == 0);
|
|
|
|
atomic_add(count, &page->_count);
|
|
|
|
|
|
|
|
#else
|
|
|
|
if (unlikely(!atomic_add_unless(&page->_count, count, 0)))
|
|
|
|
return 0;
|
|
|
|
#endif
|
|
|
|
VM_BUG_ON(PageCompound(page) && page != compound_head(page));
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int page_freeze_refs(struct page *page, int count)
|
|
|
|
{
|
|
|
|
return likely(atomic_cmpxchg(&page->_count, count, 0) == count);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void page_unfreeze_refs(struct page *page, int count)
|
|
|
|
{
|
|
|
|
VM_BUG_ON(page_count(page) != 0);
|
|
|
|
VM_BUG_ON(count == 0);
|
|
|
|
|
|
|
|
atomic_set(&page->_count, count);
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef CONFIG_NUMA
|
|
|
|
extern struct page *__page_cache_alloc(gfp_t gfp);
|
|
|
|
#else
|
|
|
|
static inline struct page *__page_cache_alloc(gfp_t gfp)
|
|
|
|
{
|
|
|
|
return alloc_pages(gfp, 0);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
static inline struct page *page_cache_alloc(struct address_space *x)
|
|
|
|
{
|
|
|
|
return __page_cache_alloc(mapping_gfp_mask(x));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct page *page_cache_alloc_cold(struct address_space *x)
|
|
|
|
{
|
|
|
|
return __page_cache_alloc(mapping_gfp_mask(x)|__GFP_COLD);
|
|
|
|
}
|
|
|
|
|
|
|
|
typedef int filler_t(void *, struct page *);
|
|
|
|
|
|
|
|
extern struct page * find_get_page(struct address_space *mapping,
|
|
|
|
pgoff_t index);
|
|
|
|
extern struct page * find_lock_page(struct address_space *mapping,
|
|
|
|
pgoff_t index);
|
|
|
|
extern struct page * find_or_create_page(struct address_space *mapping,
|
|
|
|
pgoff_t index, gfp_t gfp_mask);
|
|
|
|
unsigned find_get_pages(struct address_space *mapping, pgoff_t start,
|
|
|
|
unsigned int nr_pages, struct page **pages);
|
|
|
|
unsigned find_get_pages_contig(struct address_space *mapping, pgoff_t start,
|
|
|
|
unsigned int nr_pages, struct page **pages);
|
|
|
|
unsigned find_get_pages_tag(struct address_space *mapping, pgoff_t *index,
|
|
|
|
int tag, unsigned int nr_pages, struct page **pages);
|
|
|
|
|
fs: symlink write_begin allocation context fix
With the write_begin/write_end aops, page_symlink was broken because it
could no longer pass a GFP_NOFS type mask into the point where the
allocations happened. They are done in write_begin, which would always
assume that the filesystem can be entered from reclaim. This bug could
cause filesystem deadlocks.
The funny thing with having a gfp_t mask there is that it doesn't really
allow the caller to arbitrarily tinker with the context in which it can be
called. It couldn't ever be GFP_ATOMIC, for example, because it needs to
take the page lock. The only thing any callers care about is __GFP_FS
anyway, so turn that into a single flag.
Add a new flag for write_begin, AOP_FLAG_NOFS. Filesystems can now act on
this flag in their write_begin function. Change __grab_cache_page to
accept a nofs argument as well, to honour that flag (while we're there,
change the name to grab_cache_page_write_begin which is more instructive
and does away with random leading underscores).
This is really a more flexible way to go in the end anyway -- if a
filesystem happens to want any extra allocations aside from the pagecache
ones in ints write_begin function, it may now use GFP_KERNEL (rather than
GFP_NOFS) for common case allocations (eg. ocfs2_alloc_write_ctxt, for a
random example).
[kosaki.motohiro@jp.fujitsu.com: fix ubifs]
[kosaki.motohiro@jp.fujitsu.com: fix fuse]
Signed-off-by: Nick Piggin <npiggin@suse.de>
Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: <stable@kernel.org> [2.6.28.x]
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
[ Cleaned up the calling convention: just pass in the AOP flags
untouched to the grab_cache_page_write_begin() function. That
just simplifies everybody, and may even allow future expansion of the
logic. - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years ago
|
|
|
struct page *grab_cache_page_write_begin(struct address_space *mapping,
|
|
|
|
pgoff_t index, unsigned flags);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns locked page at given index in given cache, creating it if needed.
|
|
|
|
*/
|
|
|
|
static inline struct page *grab_cache_page(struct address_space *mapping,
|
|
|
|
pgoff_t index)
|
|
|
|
{
|
|
|
|
return find_or_create_page(mapping, index, mapping_gfp_mask(mapping));
|
|
|
|
}
|
|
|
|
|
|
|
|
extern struct page * grab_cache_page_nowait(struct address_space *mapping,
|
|
|
|
pgoff_t index);
|
|
|
|
extern struct page * read_cache_page_async(struct address_space *mapping,
|
|
|
|
pgoff_t index, filler_t *filler,
|
|
|
|
void *data);
|
|
|
|
extern struct page * read_cache_page(struct address_space *mapping,
|
|
|
|
pgoff_t index, filler_t *filler,
|
|
|
|
void *data);
|
|
|
|
extern int read_cache_pages(struct address_space *mapping,
|
|
|
|
struct list_head *pages, filler_t *filler, void *data);
|
|
|
|
|
|
|
|
static inline struct page *read_mapping_page_async(
|
|
|
|
struct address_space *mapping,
|
|
|
|
pgoff_t index, void *data)
|
|
|
|
{
|
|
|
|
filler_t *filler = (filler_t *)mapping->a_ops->readpage;
|
|
|
|
return read_cache_page_async(mapping, index, filler, data);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct page *read_mapping_page(struct address_space *mapping,
|
|
|
|
pgoff_t index, void *data)
|
|
|
|
{
|
|
|
|
filler_t *filler = (filler_t *)mapping->a_ops->readpage;
|
|
|
|
return read_cache_page(mapping, index, filler, data);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Return byte-offset into filesystem object for page.
|
|
|
|
*/
|
|
|
|
static inline loff_t page_offset(struct page *page)
|
|
|
|
{
|
|
|
|
return ((loff_t)page->index) << PAGE_CACHE_SHIFT;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline pgoff_t linear_page_index(struct vm_area_struct *vma,
|
|
|
|
unsigned long address)
|
|
|
|
{
|
|
|
|
pgoff_t pgoff = (address - vma->vm_start) >> PAGE_SHIFT;
|
|
|
|
pgoff += vma->vm_pgoff;
|
|
|
|
return pgoff >> (PAGE_CACHE_SHIFT - PAGE_SHIFT);
|
|
|
|
}
|
|
|
|
|
|
|
|
extern void __lock_page(struct page *page);
|
|
|
|
extern int __lock_page_killable(struct page *page);
|
|
|
|
extern void __lock_page_nosync(struct page *page);
|
|
|
|
extern void unlock_page(struct page *page);
|
|
|
|
|
|
|
|
static inline void __set_page_locked(struct page *page)
|
|
|
|
{
|
|
|
|
__set_bit(PG_locked, &page->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void __clear_page_locked(struct page *page)
|
|
|
|
{
|
|
|
|
__clear_bit(PG_locked, &page->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int trylock_page(struct page *page)
|
|
|
|
{
|
|
|
|
return (likely(!test_and_set_bit_lock(PG_locked, &page->flags)));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lock_page may only be called if we have the page's inode pinned.
|
|
|
|
*/
|
|
|
|
static inline void lock_page(struct page *page)
|
|
|
|
{
|
|
|
|
might_sleep();
|
|
|
|
if (!trylock_page(page))
|
|
|
|
__lock_page(page);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lock_page_killable is like lock_page but can be interrupted by fatal
|
|
|
|
* signals. It returns 0 if it locked the page and -EINTR if it was
|
|
|
|
* killed while waiting.
|
|
|
|
*/
|
|
|
|
static inline int lock_page_killable(struct page *page)
|
|
|
|
{
|
|
|
|
might_sleep();
|
|
|
|
if (!trylock_page(page))
|
|
|
|
return __lock_page_killable(page);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lock_page_nosync should only be used if we can't pin the page's inode.
|
|
|
|
* Doesn't play quite so well with block device plugging.
|
|
|
|
*/
|
|
|
|
static inline void lock_page_nosync(struct page *page)
|
|
|
|
{
|
|
|
|
might_sleep();
|
|
|
|
if (!trylock_page(page))
|
|
|
|
__lock_page_nosync(page);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This is exported only for wait_on_page_locked/wait_on_page_writeback.
|
|
|
|
* Never use this directly!
|
|
|
|
*/
|
|
|
|
extern void wait_on_page_bit(struct page *page, int bit_nr);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Wait for a page to be unlocked.
|
|
|
|
*
|
|
|
|
* This must be called with the caller "holding" the page,
|
|
|
|
* ie with increased "page->count" so that the page won't
|
|
|
|
* go away during the wait..
|
|
|
|
*/
|
|
|
|
static inline void wait_on_page_locked(struct page *page)
|
|
|
|
{
|
|
|
|
if (PageLocked(page))
|
|
|
|
wait_on_page_bit(page, PG_locked);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Wait for a page to complete writeback
|
|
|
|
*/
|
|
|
|
static inline void wait_on_page_writeback(struct page *page)
|
|
|
|
{
|
|
|
|
if (PageWriteback(page))
|
|
|
|
wait_on_page_bit(page, PG_writeback);
|
|
|
|
}
|
|
|
|
|
|
|
|
extern void end_page_writeback(struct page *page);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Fault a userspace page into pagetables. Return non-zero on a fault.
|
|
|
|
*
|
|
|
|
* This assumes that two userspace pages are always sufficient. That's
|
|
|
|
* not true if PAGE_CACHE_SIZE > PAGE_SIZE.
|
|
|
|
*/
|
|
|
|
static inline int fault_in_pages_writeable(char __user *uaddr, int size)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
mm: fix pagecache write deadlocks
Modify the core write() code so that it won't take a pagefault while holding a
lock on the pagecache page. There are a number of different deadlocks possible
if we try to do such a thing:
1. generic_buffered_write
2. lock_page
3. prepare_write
4. unlock_page+vmtruncate
5. copy_from_user
6. mmap_sem(r)
7. handle_mm_fault
8. lock_page (filemap_nopage)
9. commit_write
10. unlock_page
a. sys_munmap / sys_mlock / others
b. mmap_sem(w)
c. make_pages_present
d. get_user_pages
e. handle_mm_fault
f. lock_page (filemap_nopage)
2,8 - recursive deadlock if page is same
2,8;2,8 - ABBA deadlock is page is different
2,6;b,f - ABBA deadlock if page is same
The solution is as follows:
1. If we find the destination page is uptodate, continue as normal, but use
atomic usercopies which do not take pagefaults and do not zero the uncopied
tail of the destination. The destination is already uptodate, so we can
commit_write the full length even if there was a partial copy: it does not
matter that the tail was not modified, because if it is dirtied and written
back to disk it will not cause any problems (uptodate *means* that the
destination page is as new or newer than the copy on disk).
1a. The above requires that fault_in_pages_readable correctly returns access
information, because atomic usercopies cannot distinguish between
non-present pages in a readable mapping, from lack of a readable mapping.
2. If we find the destination page is non uptodate, unlock it (this could be
made slightly more optimal), then allocate a temporary page to copy the
source data into. Relock the destination page and continue with the copy.
However, instead of a usercopy (which might take a fault), copy the data
from the pinned temporary page via the kernel address space.
(also, rename maxlen to seglen, because it was confusing)
This increases the CPU/memory copy cost by almost 50% on the affected
workloads. That will be solved by introducing a new set of pagecache write
aops in a subsequent patch.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago
|
|
|
if (unlikely(size == 0))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Writing zeroes into userspace here is OK, because we know that if
|
|
|
|
* the zero gets there, we'll be overwriting it.
|
|
|
|
*/
|
|
|
|
ret = __put_user(0, uaddr);
|
|
|
|
if (ret == 0) {
|
|
|
|
char __user *end = uaddr + size - 1;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If the page was already mapped, this will get a cache miss
|
|
|
|
* for sure, so try to avoid doing it.
|
|
|
|
*/
|
|
|
|
if (((unsigned long)uaddr & PAGE_MASK) !=
|
|
|
|
((unsigned long)end & PAGE_MASK))
|
|
|
|
ret = __put_user(0, end);
|
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
mm: fix pagecache write deadlocks
Modify the core write() code so that it won't take a pagefault while holding a
lock on the pagecache page. There are a number of different deadlocks possible
if we try to do such a thing:
1. generic_buffered_write
2. lock_page
3. prepare_write
4. unlock_page+vmtruncate
5. copy_from_user
6. mmap_sem(r)
7. handle_mm_fault
8. lock_page (filemap_nopage)
9. commit_write
10. unlock_page
a. sys_munmap / sys_mlock / others
b. mmap_sem(w)
c. make_pages_present
d. get_user_pages
e. handle_mm_fault
f. lock_page (filemap_nopage)
2,8 - recursive deadlock if page is same
2,8;2,8 - ABBA deadlock is page is different
2,6;b,f - ABBA deadlock if page is same
The solution is as follows:
1. If we find the destination page is uptodate, continue as normal, but use
atomic usercopies which do not take pagefaults and do not zero the uncopied
tail of the destination. The destination is already uptodate, so we can
commit_write the full length even if there was a partial copy: it does not
matter that the tail was not modified, because if it is dirtied and written
back to disk it will not cause any problems (uptodate *means* that the
destination page is as new or newer than the copy on disk).
1a. The above requires that fault_in_pages_readable correctly returns access
information, because atomic usercopies cannot distinguish between
non-present pages in a readable mapping, from lack of a readable mapping.
2. If we find the destination page is non uptodate, unlock it (this could be
made slightly more optimal), then allocate a temporary page to copy the
source data into. Relock the destination page and continue with the copy.
However, instead of a usercopy (which might take a fault), copy the data
from the pinned temporary page via the kernel address space.
(also, rename maxlen to seglen, because it was confusing)
This increases the CPU/memory copy cost by almost 50% on the affected
workloads. That will be solved by introducing a new set of pagecache write
aops in a subsequent patch.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago
|
|
|
static inline int fault_in_pages_readable(const char __user *uaddr, int size)
|
|
|
|
{
|
|
|
|
volatile char c;
|
|
|
|
int ret;
|
|
|
|
|
mm: fix pagecache write deadlocks
Modify the core write() code so that it won't take a pagefault while holding a
lock on the pagecache page. There are a number of different deadlocks possible
if we try to do such a thing:
1. generic_buffered_write
2. lock_page
3. prepare_write
4. unlock_page+vmtruncate
5. copy_from_user
6. mmap_sem(r)
7. handle_mm_fault
8. lock_page (filemap_nopage)
9. commit_write
10. unlock_page
a. sys_munmap / sys_mlock / others
b. mmap_sem(w)
c. make_pages_present
d. get_user_pages
e. handle_mm_fault
f. lock_page (filemap_nopage)
2,8 - recursive deadlock if page is same
2,8;2,8 - ABBA deadlock is page is different
2,6;b,f - ABBA deadlock if page is same
The solution is as follows:
1. If we find the destination page is uptodate, continue as normal, but use
atomic usercopies which do not take pagefaults and do not zero the uncopied
tail of the destination. The destination is already uptodate, so we can
commit_write the full length even if there was a partial copy: it does not
matter that the tail was not modified, because if it is dirtied and written
back to disk it will not cause any problems (uptodate *means* that the
destination page is as new or newer than the copy on disk).
1a. The above requires that fault_in_pages_readable correctly returns access
information, because atomic usercopies cannot distinguish between
non-present pages in a readable mapping, from lack of a readable mapping.
2. If we find the destination page is non uptodate, unlock it (this could be
made slightly more optimal), then allocate a temporary page to copy the
source data into. Relock the destination page and continue with the copy.
However, instead of a usercopy (which might take a fault), copy the data
from the pinned temporary page via the kernel address space.
(also, rename maxlen to seglen, because it was confusing)
This increases the CPU/memory copy cost by almost 50% on the affected
workloads. That will be solved by introducing a new set of pagecache write
aops in a subsequent patch.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago
|
|
|
if (unlikely(size == 0))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
ret = __get_user(c, uaddr);
|
|
|
|
if (ret == 0) {
|
|
|
|
const char __user *end = uaddr + size - 1;
|
|
|
|
|
|
|
|
if (((unsigned long)uaddr & PAGE_MASK) !=
|
|
|
|
((unsigned long)end & PAGE_MASK))
|
mm: fix pagecache write deadlocks
Modify the core write() code so that it won't take a pagefault while holding a
lock on the pagecache page. There are a number of different deadlocks possible
if we try to do such a thing:
1. generic_buffered_write
2. lock_page
3. prepare_write
4. unlock_page+vmtruncate
5. copy_from_user
6. mmap_sem(r)
7. handle_mm_fault
8. lock_page (filemap_nopage)
9. commit_write
10. unlock_page
a. sys_munmap / sys_mlock / others
b. mmap_sem(w)
c. make_pages_present
d. get_user_pages
e. handle_mm_fault
f. lock_page (filemap_nopage)
2,8 - recursive deadlock if page is same
2,8;2,8 - ABBA deadlock is page is different
2,6;b,f - ABBA deadlock if page is same
The solution is as follows:
1. If we find the destination page is uptodate, continue as normal, but use
atomic usercopies which do not take pagefaults and do not zero the uncopied
tail of the destination. The destination is already uptodate, so we can
commit_write the full length even if there was a partial copy: it does not
matter that the tail was not modified, because if it is dirtied and written
back to disk it will not cause any problems (uptodate *means* that the
destination page is as new or newer than the copy on disk).
1a. The above requires that fault_in_pages_readable correctly returns access
information, because atomic usercopies cannot distinguish between
non-present pages in a readable mapping, from lack of a readable mapping.
2. If we find the destination page is non uptodate, unlock it (this could be
made slightly more optimal), then allocate a temporary page to copy the
source data into. Relock the destination page and continue with the copy.
However, instead of a usercopy (which might take a fault), copy the data
from the pinned temporary page via the kernel address space.
(also, rename maxlen to seglen, because it was confusing)
This increases the CPU/memory copy cost by almost 50% on the affected
workloads. That will be solved by introducing a new set of pagecache write
aops in a subsequent patch.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago
|
|
|
ret = __get_user(c, end);
|
|
|
|
}
|
mm: fix pagecache write deadlocks
Modify the core write() code so that it won't take a pagefault while holding a
lock on the pagecache page. There are a number of different deadlocks possible
if we try to do such a thing:
1. generic_buffered_write
2. lock_page
3. prepare_write
4. unlock_page+vmtruncate
5. copy_from_user
6. mmap_sem(r)
7. handle_mm_fault
8. lock_page (filemap_nopage)
9. commit_write
10. unlock_page
a. sys_munmap / sys_mlock / others
b. mmap_sem(w)
c. make_pages_present
d. get_user_pages
e. handle_mm_fault
f. lock_page (filemap_nopage)
2,8 - recursive deadlock if page is same
2,8;2,8 - ABBA deadlock is page is different
2,6;b,f - ABBA deadlock if page is same
The solution is as follows:
1. If we find the destination page is uptodate, continue as normal, but use
atomic usercopies which do not take pagefaults and do not zero the uncopied
tail of the destination. The destination is already uptodate, so we can
commit_write the full length even if there was a partial copy: it does not
matter that the tail was not modified, because if it is dirtied and written
back to disk it will not cause any problems (uptodate *means* that the
destination page is as new or newer than the copy on disk).
1a. The above requires that fault_in_pages_readable correctly returns access
information, because atomic usercopies cannot distinguish between
non-present pages in a readable mapping, from lack of a readable mapping.
2. If we find the destination page is non uptodate, unlock it (this could be
made slightly more optimal), then allocate a temporary page to copy the
source data into. Relock the destination page and continue with the copy.
However, instead of a usercopy (which might take a fault), copy the data
from the pinned temporary page via the kernel address space.
(also, rename maxlen to seglen, because it was confusing)
This increases the CPU/memory copy cost by almost 50% on the affected
workloads. That will be solved by introducing a new set of pagecache write
aops in a subsequent patch.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
int add_to_page_cache_locked(struct page *page, struct address_space *mapping,
|
|
|
|
pgoff_t index, gfp_t gfp_mask);
|
|
|
|
int add_to_page_cache_lru(struct page *page, struct address_space *mapping,
|
|
|
|
pgoff_t index, gfp_t gfp_mask);
|
|
|
|
extern void remove_from_page_cache(struct page *page);
|
|
|
|
extern void __remove_from_page_cache(struct page *page);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Like add_to_page_cache_locked, but used to add newly allocated pages:
|
|
|
|
* the page is new, so we can just run __set_page_locked() against it.
|
|
|
|
*/
|
|
|
|
static inline int add_to_page_cache(struct page *page,
|
|
|
|
struct address_space *mapping, pgoff_t offset, gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
int error;
|
|
|
|
|
|
|
|
__set_page_locked(page);
|
|
|
|
error = add_to_page_cache_locked(page, mapping, offset, gfp_mask);
|
|
|
|
if (unlikely(error))
|
|
|
|
__clear_page_locked(page);
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif /* _LINUX_PAGEMAP_H */
|