1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _LINUX_RMAP_H 3 #define _LINUX_RMAP_H 4 /* 5 * Declarations for Reverse Mapping functions in mm/rmap.c 6 */ 7 8 #include <linux/list.h> 9 #include <linux/slab.h> 10 #include <linux/mm.h> 11 #include <linux/rwsem.h> 12 #include <linux/memcontrol.h> 13 #include <linux/highmem.h> 14 #include <linux/pagemap.h> 15 #include <linux/memremap.h> 16 17 /* 18 * The anon_vma heads a list of private "related" vmas, to scan if 19 * an anonymous page pointing to this anon_vma needs to be unmapped: 20 * the vmas on the list will be related by forking, or by splitting. 21 * 22 * Since vmas come and go as they are split and merged (particularly 23 * in mprotect), the mapping field of an anonymous page cannot point 24 * directly to a vma: instead it points to an anon_vma, on whose list 25 * the related vmas can be easily linked or unlinked. 26 * 27 * After unlinking the last vma on the list, we must garbage collect 28 * the anon_vma object itself: we're guaranteed no page can be 29 * pointing to this anon_vma once its vma list is empty. 30 */ 31 struct anon_vma { 32 struct anon_vma *root; /* Root of this anon_vma tree */ 33 struct rw_semaphore rwsem; /* W: modification, R: walking the list */ 34 /* 35 * The refcount is taken on an anon_vma when there is no 36 * guarantee that the vma of page tables will exist for 37 * the duration of the operation. A caller that takes 38 * the reference is responsible for clearing up the 39 * anon_vma if they are the last user on release 40 */ 41 atomic_t refcount; 42 43 /* 44 * Count of child anon_vmas. Equals to the count of all anon_vmas that 45 * have ->parent pointing to this one, including itself. 46 * 47 * This counter is used for making decision about reusing anon_vma 48 * instead of forking new one. See comments in function anon_vma_clone. 49 */ 50 unsigned long num_children; 51 /* Count of VMAs whose ->anon_vma pointer points to this object. */ 52 unsigned long num_active_vmas; 53 54 struct anon_vma *parent; /* Parent of this anon_vma */ 55 56 /* 57 * NOTE: the LSB of the rb_root.rb_node is set by 58 * mm_take_all_locks() _after_ taking the above lock. So the 59 * rb_root must only be read/written after taking the above lock 60 * to be sure to see a valid next pointer. The LSB bit itself 61 * is serialized by a system wide lock only visible to 62 * mm_take_all_locks() (mm_all_locks_mutex). 63 */ 64 65 /* Interval tree of private "related" vmas */ 66 struct rb_root_cached rb_root; 67 }; 68 69 /* 70 * The copy-on-write semantics of fork mean that an anon_vma 71 * can become associated with multiple processes. Furthermore, 72 * each child process will have its own anon_vma, where new 73 * pages for that process are instantiated. 74 * 75 * This structure allows us to find the anon_vmas associated 76 * with a VMA, or the VMAs associated with an anon_vma. 77 * The "same_vma" list contains the anon_vma_chains linking 78 * all the anon_vmas associated with this VMA. 79 * The "rb" field indexes on an interval tree the anon_vma_chains 80 * which link all the VMAs associated with this anon_vma. 81 */ 82 struct anon_vma_chain { 83 struct vm_area_struct *vma; 84 struct anon_vma *anon_vma; 85 struct list_head same_vma; /* locked by mmap_lock & page_table_lock */ 86 struct rb_node rb; /* locked by anon_vma->rwsem */ 87 unsigned long rb_subtree_last; 88 #ifdef CONFIG_DEBUG_VM_RB 89 unsigned long cached_vma_start, cached_vma_last; 90 #endif 91 }; 92 93 enum ttu_flags { 94 TTU_SPLIT_HUGE_PMD = 0x4, /* split huge PMD if any */ 95 TTU_IGNORE_MLOCK = 0x8, /* ignore mlock */ 96 TTU_SYNC = 0x10, /* avoid racy checks with PVMW_SYNC */ 97 TTU_HWPOISON = 0x20, /* do convert pte to hwpoison entry */ 98 TTU_BATCH_FLUSH = 0x40, /* Batch TLB flushes where possible 99 * and caller guarantees they will 100 * do a final flush if necessary */ 101 TTU_RMAP_LOCKED = 0x80, /* do not grab rmap lock: 102 * caller holds it */ 103 }; 104 105 #ifdef CONFIG_MMU 106 static inline void get_anon_vma(struct anon_vma *anon_vma) 107 { 108 atomic_inc(&anon_vma->refcount); 109 } 110 111 void __put_anon_vma(struct anon_vma *anon_vma); 112 113 static inline void put_anon_vma(struct anon_vma *anon_vma) 114 { 115 if (atomic_dec_and_test(&anon_vma->refcount)) 116 __put_anon_vma(anon_vma); 117 } 118 119 static inline void anon_vma_lock_write(struct anon_vma *anon_vma) 120 { 121 down_write(&anon_vma->root->rwsem); 122 } 123 124 static inline int anon_vma_trylock_write(struct anon_vma *anon_vma) 125 { 126 return down_write_trylock(&anon_vma->root->rwsem); 127 } 128 129 static inline void anon_vma_unlock_write(struct anon_vma *anon_vma) 130 { 131 up_write(&anon_vma->root->rwsem); 132 } 133 134 static inline void anon_vma_lock_read(struct anon_vma *anon_vma) 135 { 136 down_read(&anon_vma->root->rwsem); 137 } 138 139 static inline int anon_vma_trylock_read(struct anon_vma *anon_vma) 140 { 141 return down_read_trylock(&anon_vma->root->rwsem); 142 } 143 144 static inline void anon_vma_unlock_read(struct anon_vma *anon_vma) 145 { 146 up_read(&anon_vma->root->rwsem); 147 } 148 149 150 /* 151 * anon_vma helper functions. 152 */ 153 void anon_vma_init(void); /* create anon_vma_cachep */ 154 int __anon_vma_prepare(struct vm_area_struct *); 155 void unlink_anon_vmas(struct vm_area_struct *); 156 int anon_vma_clone(struct vm_area_struct *, struct vm_area_struct *); 157 int anon_vma_fork(struct vm_area_struct *, struct vm_area_struct *); 158 159 static inline int anon_vma_prepare(struct vm_area_struct *vma) 160 { 161 if (likely(vma->anon_vma)) 162 return 0; 163 164 return __anon_vma_prepare(vma); 165 } 166 167 static inline void anon_vma_merge(struct vm_area_struct *vma, 168 struct vm_area_struct *next) 169 { 170 VM_BUG_ON_VMA(vma->anon_vma != next->anon_vma, vma); 171 unlink_anon_vmas(next); 172 } 173 174 struct anon_vma *folio_get_anon_vma(const struct folio *folio); 175 176 /* RMAP flags, currently only relevant for some anon rmap operations. */ 177 typedef int __bitwise rmap_t; 178 179 /* 180 * No special request: A mapped anonymous (sub)page is possibly shared between 181 * processes. 182 */ 183 #define RMAP_NONE ((__force rmap_t)0) 184 185 /* The anonymous (sub)page is exclusive to a single process. */ 186 #define RMAP_EXCLUSIVE ((__force rmap_t)BIT(0)) 187 188 /* 189 * Internally, we're using an enum to specify the granularity. We make the 190 * compiler emit specialized code for each granularity. 191 */ 192 enum rmap_level { 193 RMAP_LEVEL_PTE = 0, 194 RMAP_LEVEL_PMD, 195 RMAP_LEVEL_PUD, 196 }; 197 198 static inline void __folio_rmap_sanity_checks(const struct folio *folio, 199 const struct page *page, int nr_pages, enum rmap_level level) 200 { 201 /* hugetlb folios are handled separately. */ 202 VM_WARN_ON_FOLIO(folio_test_hugetlb(folio), folio); 203 204 /* When (un)mapping zeropages, we should never touch ref+mapcount. */ 205 VM_WARN_ON_FOLIO(is_zero_folio(folio), folio); 206 207 /* 208 * TODO: we get driver-allocated folios that have nothing to do with 209 * the rmap using vm_insert_page(); therefore, we cannot assume that 210 * folio_test_large_rmappable() holds for large folios. We should 211 * handle any desired mapcount+stats accounting for these folios in 212 * VM_MIXEDMAP VMAs separately, and then sanity-check here that 213 * we really only get rmappable folios. 214 */ 215 216 VM_WARN_ON_ONCE(nr_pages <= 0); 217 VM_WARN_ON_FOLIO(page_folio(page) != folio, folio); 218 VM_WARN_ON_FOLIO(page_folio(page + nr_pages - 1) != folio, folio); 219 220 switch (level) { 221 case RMAP_LEVEL_PTE: 222 break; 223 case RMAP_LEVEL_PMD: 224 /* 225 * We don't support folios larger than a single PMD yet. So 226 * when RMAP_LEVEL_PMD is set, we assume that we are creating 227 * a single "entire" mapping of the folio. 228 */ 229 VM_WARN_ON_FOLIO(folio_nr_pages(folio) != HPAGE_PMD_NR, folio); 230 VM_WARN_ON_FOLIO(nr_pages != HPAGE_PMD_NR, folio); 231 break; 232 case RMAP_LEVEL_PUD: 233 /* 234 * Assume that we are creating a single "entire" mapping of the 235 * folio. 236 */ 237 VM_WARN_ON_FOLIO(folio_nr_pages(folio) != HPAGE_PUD_NR, folio); 238 VM_WARN_ON_FOLIO(nr_pages != HPAGE_PUD_NR, folio); 239 break; 240 default: 241 VM_WARN_ON_ONCE(true); 242 } 243 } 244 245 /* 246 * rmap interfaces called when adding or removing pte of page 247 */ 248 void folio_move_anon_rmap(struct folio *, struct vm_area_struct *); 249 void folio_add_anon_rmap_ptes(struct folio *, struct page *, int nr_pages, 250 struct vm_area_struct *, unsigned long address, rmap_t flags); 251 #define folio_add_anon_rmap_pte(folio, page, vma, address, flags) \ 252 folio_add_anon_rmap_ptes(folio, page, 1, vma, address, flags) 253 void folio_add_anon_rmap_pmd(struct folio *, struct page *, 254 struct vm_area_struct *, unsigned long address, rmap_t flags); 255 void folio_add_new_anon_rmap(struct folio *, struct vm_area_struct *, 256 unsigned long address, rmap_t flags); 257 void folio_add_file_rmap_ptes(struct folio *, struct page *, int nr_pages, 258 struct vm_area_struct *); 259 #define folio_add_file_rmap_pte(folio, page, vma) \ 260 folio_add_file_rmap_ptes(folio, page, 1, vma) 261 void folio_add_file_rmap_pmd(struct folio *, struct page *, 262 struct vm_area_struct *); 263 void folio_add_file_rmap_pud(struct folio *, struct page *, 264 struct vm_area_struct *); 265 void folio_remove_rmap_ptes(struct folio *, struct page *, int nr_pages, 266 struct vm_area_struct *); 267 #define folio_remove_rmap_pte(folio, page, vma) \ 268 folio_remove_rmap_ptes(folio, page, 1, vma) 269 void folio_remove_rmap_pmd(struct folio *, struct page *, 270 struct vm_area_struct *); 271 void folio_remove_rmap_pud(struct folio *, struct page *, 272 struct vm_area_struct *); 273 274 void hugetlb_add_anon_rmap(struct folio *, struct vm_area_struct *, 275 unsigned long address, rmap_t flags); 276 void hugetlb_add_new_anon_rmap(struct folio *, struct vm_area_struct *, 277 unsigned long address); 278 279 /* See folio_try_dup_anon_rmap_*() */ 280 static inline int hugetlb_try_dup_anon_rmap(struct folio *folio, 281 struct vm_area_struct *vma) 282 { 283 VM_WARN_ON_FOLIO(!folio_test_hugetlb(folio), folio); 284 VM_WARN_ON_FOLIO(!folio_test_anon(folio), folio); 285 286 if (PageAnonExclusive(&folio->page)) { 287 if (unlikely(folio_needs_cow_for_dma(vma, folio))) 288 return -EBUSY; 289 ClearPageAnonExclusive(&folio->page); 290 } 291 atomic_inc(&folio->_entire_mapcount); 292 atomic_inc(&folio->_large_mapcount); 293 return 0; 294 } 295 296 /* See folio_try_share_anon_rmap_*() */ 297 static inline int hugetlb_try_share_anon_rmap(struct folio *folio) 298 { 299 VM_WARN_ON_FOLIO(!folio_test_hugetlb(folio), folio); 300 VM_WARN_ON_FOLIO(!folio_test_anon(folio), folio); 301 VM_WARN_ON_FOLIO(!PageAnonExclusive(&folio->page), folio); 302 303 /* Paired with the memory barrier in try_grab_folio(). */ 304 if (IS_ENABLED(CONFIG_HAVE_GUP_FAST)) 305 smp_mb(); 306 307 if (unlikely(folio_maybe_dma_pinned(folio))) 308 return -EBUSY; 309 ClearPageAnonExclusive(&folio->page); 310 311 /* 312 * This is conceptually a smp_wmb() paired with the smp_rmb() in 313 * gup_must_unshare(). 314 */ 315 if (IS_ENABLED(CONFIG_HAVE_GUP_FAST)) 316 smp_mb__after_atomic(); 317 return 0; 318 } 319 320 static inline void hugetlb_add_file_rmap(struct folio *folio) 321 { 322 VM_WARN_ON_FOLIO(!folio_test_hugetlb(folio), folio); 323 VM_WARN_ON_FOLIO(folio_test_anon(folio), folio); 324 325 atomic_inc(&folio->_entire_mapcount); 326 atomic_inc(&folio->_large_mapcount); 327 } 328 329 static inline void hugetlb_remove_rmap(struct folio *folio) 330 { 331 VM_WARN_ON_FOLIO(!folio_test_hugetlb(folio), folio); 332 333 atomic_dec(&folio->_entire_mapcount); 334 atomic_dec(&folio->_large_mapcount); 335 } 336 337 static __always_inline void __folio_dup_file_rmap(struct folio *folio, 338 struct page *page, int nr_pages, enum rmap_level level) 339 { 340 const int orig_nr_pages = nr_pages; 341 342 __folio_rmap_sanity_checks(folio, page, nr_pages, level); 343 344 switch (level) { 345 case RMAP_LEVEL_PTE: 346 if (!folio_test_large(folio)) { 347 atomic_inc(&folio->_mapcount); 348 break; 349 } 350 351 do { 352 atomic_inc(&page->_mapcount); 353 } while (page++, --nr_pages > 0); 354 atomic_add(orig_nr_pages, &folio->_large_mapcount); 355 break; 356 case RMAP_LEVEL_PMD: 357 case RMAP_LEVEL_PUD: 358 atomic_inc(&folio->_entire_mapcount); 359 atomic_inc(&folio->_large_mapcount); 360 break; 361 } 362 } 363 364 /** 365 * folio_dup_file_rmap_ptes - duplicate PTE mappings of a page range of a folio 366 * @folio: The folio to duplicate the mappings of 367 * @page: The first page to duplicate the mappings of 368 * @nr_pages: The number of pages of which the mapping will be duplicated 369 * 370 * The page range of the folio is defined by [page, page + nr_pages) 371 * 372 * The caller needs to hold the page table lock. 373 */ 374 static inline void folio_dup_file_rmap_ptes(struct folio *folio, 375 struct page *page, int nr_pages) 376 { 377 __folio_dup_file_rmap(folio, page, nr_pages, RMAP_LEVEL_PTE); 378 } 379 380 static __always_inline void folio_dup_file_rmap_pte(struct folio *folio, 381 struct page *page) 382 { 383 __folio_dup_file_rmap(folio, page, 1, RMAP_LEVEL_PTE); 384 } 385 386 /** 387 * folio_dup_file_rmap_pmd - duplicate a PMD mapping of a page range of a folio 388 * @folio: The folio to duplicate the mapping of 389 * @page: The first page to duplicate the mapping of 390 * 391 * The page range of the folio is defined by [page, page + HPAGE_PMD_NR) 392 * 393 * The caller needs to hold the page table lock. 394 */ 395 static inline void folio_dup_file_rmap_pmd(struct folio *folio, 396 struct page *page) 397 { 398 #ifdef CONFIG_TRANSPARENT_HUGEPAGE 399 __folio_dup_file_rmap(folio, page, HPAGE_PMD_NR, RMAP_LEVEL_PTE); 400 #else 401 WARN_ON_ONCE(true); 402 #endif 403 } 404 405 static __always_inline int __folio_try_dup_anon_rmap(struct folio *folio, 406 struct page *page, int nr_pages, struct vm_area_struct *src_vma, 407 enum rmap_level level) 408 { 409 const int orig_nr_pages = nr_pages; 410 bool maybe_pinned; 411 int i; 412 413 VM_WARN_ON_FOLIO(!folio_test_anon(folio), folio); 414 __folio_rmap_sanity_checks(folio, page, nr_pages, level); 415 416 /* 417 * If this folio may have been pinned by the parent process, 418 * don't allow to duplicate the mappings but instead require to e.g., 419 * copy the subpage immediately for the child so that we'll always 420 * guarantee the pinned folio won't be randomly replaced in the 421 * future on write faults. 422 */ 423 maybe_pinned = likely(!folio_is_device_private(folio)) && 424 unlikely(folio_needs_cow_for_dma(src_vma, folio)); 425 426 /* 427 * No need to check+clear for already shared PTEs/PMDs of the 428 * folio. But if any page is PageAnonExclusive, we must fallback to 429 * copying if the folio maybe pinned. 430 */ 431 switch (level) { 432 case RMAP_LEVEL_PTE: 433 if (unlikely(maybe_pinned)) { 434 for (i = 0; i < nr_pages; i++) 435 if (PageAnonExclusive(page + i)) 436 return -EBUSY; 437 } 438 439 if (!folio_test_large(folio)) { 440 if (PageAnonExclusive(page)) 441 ClearPageAnonExclusive(page); 442 atomic_inc(&folio->_mapcount); 443 break; 444 } 445 446 do { 447 if (PageAnonExclusive(page)) 448 ClearPageAnonExclusive(page); 449 atomic_inc(&page->_mapcount); 450 } while (page++, --nr_pages > 0); 451 atomic_add(orig_nr_pages, &folio->_large_mapcount); 452 break; 453 case RMAP_LEVEL_PMD: 454 case RMAP_LEVEL_PUD: 455 if (PageAnonExclusive(page)) { 456 if (unlikely(maybe_pinned)) 457 return -EBUSY; 458 ClearPageAnonExclusive(page); 459 } 460 atomic_inc(&folio->_entire_mapcount); 461 atomic_inc(&folio->_large_mapcount); 462 break; 463 } 464 return 0; 465 } 466 467 /** 468 * folio_try_dup_anon_rmap_ptes - try duplicating PTE mappings of a page range 469 * of a folio 470 * @folio: The folio to duplicate the mappings of 471 * @page: The first page to duplicate the mappings of 472 * @nr_pages: The number of pages of which the mapping will be duplicated 473 * @src_vma: The vm area from which the mappings are duplicated 474 * 475 * The page range of the folio is defined by [page, page + nr_pages) 476 * 477 * The caller needs to hold the page table lock and the 478 * vma->vma_mm->write_protect_seq. 479 * 480 * Duplicating the mappings can only fail if the folio may be pinned; device 481 * private folios cannot get pinned and consequently this function cannot fail 482 * for them. 483 * 484 * If duplicating the mappings succeeded, the duplicated PTEs have to be R/O in 485 * the parent and the child. They must *not* be writable after this call 486 * succeeded. 487 * 488 * Returns 0 if duplicating the mappings succeeded. Returns -EBUSY otherwise. 489 */ 490 static inline int folio_try_dup_anon_rmap_ptes(struct folio *folio, 491 struct page *page, int nr_pages, struct vm_area_struct *src_vma) 492 { 493 return __folio_try_dup_anon_rmap(folio, page, nr_pages, src_vma, 494 RMAP_LEVEL_PTE); 495 } 496 497 static __always_inline int folio_try_dup_anon_rmap_pte(struct folio *folio, 498 struct page *page, struct vm_area_struct *src_vma) 499 { 500 return __folio_try_dup_anon_rmap(folio, page, 1, src_vma, 501 RMAP_LEVEL_PTE); 502 } 503 504 /** 505 * folio_try_dup_anon_rmap_pmd - try duplicating a PMD mapping of a page range 506 * of a folio 507 * @folio: The folio to duplicate the mapping of 508 * @page: The first page to duplicate the mapping of 509 * @src_vma: The vm area from which the mapping is duplicated 510 * 511 * The page range of the folio is defined by [page, page + HPAGE_PMD_NR) 512 * 513 * The caller needs to hold the page table lock and the 514 * vma->vma_mm->write_protect_seq. 515 * 516 * Duplicating the mapping can only fail if the folio may be pinned; device 517 * private folios cannot get pinned and consequently this function cannot fail 518 * for them. 519 * 520 * If duplicating the mapping succeeds, the duplicated PMD has to be R/O in 521 * the parent and the child. They must *not* be writable after this call 522 * succeeded. 523 * 524 * Returns 0 if duplicating the mapping succeeded. Returns -EBUSY otherwise. 525 */ 526 static inline int folio_try_dup_anon_rmap_pmd(struct folio *folio, 527 struct page *page, struct vm_area_struct *src_vma) 528 { 529 #ifdef CONFIG_TRANSPARENT_HUGEPAGE 530 return __folio_try_dup_anon_rmap(folio, page, HPAGE_PMD_NR, src_vma, 531 RMAP_LEVEL_PMD); 532 #else 533 WARN_ON_ONCE(true); 534 return -EBUSY; 535 #endif 536 } 537 538 static __always_inline int __folio_try_share_anon_rmap(struct folio *folio, 539 struct page *page, int nr_pages, enum rmap_level level) 540 { 541 VM_WARN_ON_FOLIO(!folio_test_anon(folio), folio); 542 VM_WARN_ON_FOLIO(!PageAnonExclusive(page), folio); 543 __folio_rmap_sanity_checks(folio, page, nr_pages, level); 544 545 /* device private folios cannot get pinned via GUP. */ 546 if (unlikely(folio_is_device_private(folio))) { 547 ClearPageAnonExclusive(page); 548 return 0; 549 } 550 551 /* 552 * We have to make sure that when we clear PageAnonExclusive, that 553 * the page is not pinned and that concurrent GUP-fast won't succeed in 554 * concurrently pinning the page. 555 * 556 * Conceptually, PageAnonExclusive clearing consists of: 557 * (A1) Clear PTE 558 * (A2) Check if the page is pinned; back off if so. 559 * (A3) Clear PageAnonExclusive 560 * (A4) Restore PTE (optional, but certainly not writable) 561 * 562 * When clearing PageAnonExclusive, we cannot possibly map the page 563 * writable again, because anon pages that may be shared must never 564 * be writable. So in any case, if the PTE was writable it cannot 565 * be writable anymore afterwards and there would be a PTE change. Only 566 * if the PTE wasn't writable, there might not be a PTE change. 567 * 568 * Conceptually, GUP-fast pinning of an anon page consists of: 569 * (B1) Read the PTE 570 * (B2) FOLL_WRITE: check if the PTE is not writable; back off if so. 571 * (B3) Pin the mapped page 572 * (B4) Check if the PTE changed by re-reading it; back off if so. 573 * (B5) If the original PTE is not writable, check if 574 * PageAnonExclusive is not set; back off if so. 575 * 576 * If the PTE was writable, we only have to make sure that GUP-fast 577 * observes a PTE change and properly backs off. 578 * 579 * If the PTE was not writable, we have to make sure that GUP-fast either 580 * detects a (temporary) PTE change or that PageAnonExclusive is cleared 581 * and properly backs off. 582 * 583 * Consequently, when clearing PageAnonExclusive(), we have to make 584 * sure that (A1), (A2)/(A3) and (A4) happen in the right memory 585 * order. In GUP-fast pinning code, we have to make sure that (B3),(B4) 586 * and (B5) happen in the right memory order. 587 * 588 * We assume that there might not be a memory barrier after 589 * clearing/invalidating the PTE (A1) and before restoring the PTE (A4), 590 * so we use explicit ones here. 591 */ 592 593 /* Paired with the memory barrier in try_grab_folio(). */ 594 if (IS_ENABLED(CONFIG_HAVE_GUP_FAST)) 595 smp_mb(); 596 597 if (unlikely(folio_maybe_dma_pinned(folio))) 598 return -EBUSY; 599 ClearPageAnonExclusive(page); 600 601 /* 602 * This is conceptually a smp_wmb() paired with the smp_rmb() in 603 * gup_must_unshare(). 604 */ 605 if (IS_ENABLED(CONFIG_HAVE_GUP_FAST)) 606 smp_mb__after_atomic(); 607 return 0; 608 } 609 610 /** 611 * folio_try_share_anon_rmap_pte - try marking an exclusive anonymous page 612 * mapped by a PTE possibly shared to prepare 613 * for KSM or temporary unmapping 614 * @folio: The folio to share a mapping of 615 * @page: The mapped exclusive page 616 * 617 * The caller needs to hold the page table lock and has to have the page table 618 * entries cleared/invalidated. 619 * 620 * This is similar to folio_try_dup_anon_rmap_pte(), however, not used during 621 * fork() to duplicate mappings, but instead to prepare for KSM or temporarily 622 * unmapping parts of a folio (swap, migration) via folio_remove_rmap_pte(). 623 * 624 * Marking the mapped page shared can only fail if the folio maybe pinned; 625 * device private folios cannot get pinned and consequently this function cannot 626 * fail. 627 * 628 * Returns 0 if marking the mapped page possibly shared succeeded. Returns 629 * -EBUSY otherwise. 630 */ 631 static inline int folio_try_share_anon_rmap_pte(struct folio *folio, 632 struct page *page) 633 { 634 return __folio_try_share_anon_rmap(folio, page, 1, RMAP_LEVEL_PTE); 635 } 636 637 /** 638 * folio_try_share_anon_rmap_pmd - try marking an exclusive anonymous page 639 * range mapped by a PMD possibly shared to 640 * prepare for temporary unmapping 641 * @folio: The folio to share the mapping of 642 * @page: The first page to share the mapping of 643 * 644 * The page range of the folio is defined by [page, page + HPAGE_PMD_NR) 645 * 646 * The caller needs to hold the page table lock and has to have the page table 647 * entries cleared/invalidated. 648 * 649 * This is similar to folio_try_dup_anon_rmap_pmd(), however, not used during 650 * fork() to duplicate a mapping, but instead to prepare for temporarily 651 * unmapping parts of a folio (swap, migration) via folio_remove_rmap_pmd(). 652 * 653 * Marking the mapped pages shared can only fail if the folio maybe pinned; 654 * device private folios cannot get pinned and consequently this function cannot 655 * fail. 656 * 657 * Returns 0 if marking the mapped pages possibly shared succeeded. Returns 658 * -EBUSY otherwise. 659 */ 660 static inline int folio_try_share_anon_rmap_pmd(struct folio *folio, 661 struct page *page) 662 { 663 #ifdef CONFIG_TRANSPARENT_HUGEPAGE 664 return __folio_try_share_anon_rmap(folio, page, HPAGE_PMD_NR, 665 RMAP_LEVEL_PMD); 666 #else 667 WARN_ON_ONCE(true); 668 return -EBUSY; 669 #endif 670 } 671 672 /* 673 * Called from mm/vmscan.c to handle paging out 674 */ 675 int folio_referenced(struct folio *, int is_locked, 676 struct mem_cgroup *memcg, unsigned long *vm_flags); 677 678 void try_to_migrate(struct folio *folio, enum ttu_flags flags); 679 void try_to_unmap(struct folio *, enum ttu_flags flags); 680 681 struct page *make_device_exclusive(struct mm_struct *mm, unsigned long addr, 682 void *owner, struct folio **foliop); 683 684 /* Avoid racy checks */ 685 #define PVMW_SYNC (1 << 0) 686 /* Look for migration entries rather than present PTEs */ 687 #define PVMW_MIGRATION (1 << 1) 688 689 struct page_vma_mapped_walk { 690 unsigned long pfn; 691 unsigned long nr_pages; 692 pgoff_t pgoff; 693 struct vm_area_struct *vma; 694 unsigned long address; 695 pmd_t *pmd; 696 pte_t *pte; 697 spinlock_t *ptl; 698 unsigned int flags; 699 }; 700 701 #define DEFINE_FOLIO_VMA_WALK(name, _folio, _vma, _address, _flags) \ 702 struct page_vma_mapped_walk name = { \ 703 .pfn = folio_pfn(_folio), \ 704 .nr_pages = folio_nr_pages(_folio), \ 705 .pgoff = folio_pgoff(_folio), \ 706 .vma = _vma, \ 707 .address = _address, \ 708 .flags = _flags, \ 709 } 710 711 static inline void page_vma_mapped_walk_done(struct page_vma_mapped_walk *pvmw) 712 { 713 /* HugeTLB pte is set to the relevant page table entry without pte_mapped. */ 714 if (pvmw->pte && !is_vm_hugetlb_page(pvmw->vma)) 715 pte_unmap(pvmw->pte); 716 if (pvmw->ptl) 717 spin_unlock(pvmw->ptl); 718 } 719 720 /** 721 * page_vma_mapped_walk_restart - Restart the page table walk. 722 * @pvmw: Pointer to struct page_vma_mapped_walk. 723 * 724 * It restarts the page table walk when changes occur in the page 725 * table, such as splitting a PMD. Ensures that the PTL held during 726 * the previous walk is released and resets the state to allow for 727 * a new walk starting at the current address stored in pvmw->address. 728 */ 729 static inline void 730 page_vma_mapped_walk_restart(struct page_vma_mapped_walk *pvmw) 731 { 732 WARN_ON_ONCE(!pvmw->pmd && !pvmw->pte); 733 734 if (likely(pvmw->ptl)) 735 spin_unlock(pvmw->ptl); 736 else 737 WARN_ON_ONCE(1); 738 739 pvmw->ptl = NULL; 740 pvmw->pmd = NULL; 741 pvmw->pte = NULL; 742 } 743 744 bool page_vma_mapped_walk(struct page_vma_mapped_walk *pvmw); 745 unsigned long page_address_in_vma(const struct folio *folio, 746 const struct page *, const struct vm_area_struct *); 747 748 /* 749 * Cleans the PTEs of shared mappings. 750 * (and since clean PTEs should also be readonly, write protects them too) 751 * 752 * returns the number of cleaned PTEs. 753 */ 754 int folio_mkclean(struct folio *); 755 756 int mapping_wrprotect_range(struct address_space *mapping, pgoff_t pgoff, 757 unsigned long pfn, unsigned long nr_pages); 758 759 int pfn_mkclean_range(unsigned long pfn, unsigned long nr_pages, pgoff_t pgoff, 760 struct vm_area_struct *vma); 761 762 enum rmp_flags { 763 RMP_LOCKED = 1 << 0, 764 RMP_USE_SHARED_ZEROPAGE = 1 << 1, 765 }; 766 767 void remove_migration_ptes(struct folio *src, struct folio *dst, int flags); 768 769 /* 770 * rmap_walk_control: To control rmap traversing for specific needs 771 * 772 * arg: passed to rmap_one() and invalid_vma() 773 * try_lock: bail out if the rmap lock is contended 774 * contended: indicate the rmap traversal bailed out due to lock contention 775 * rmap_one: executed on each vma where page is mapped 776 * done: for checking traversing termination condition 777 * anon_lock: for getting anon_lock by optimized way rather than default 778 * invalid_vma: for skipping uninterested vma 779 */ 780 struct rmap_walk_control { 781 void *arg; 782 bool try_lock; 783 bool contended; 784 /* 785 * Return false if page table scanning in rmap_walk should be stopped. 786 * Otherwise, return true. 787 */ 788 bool (*rmap_one)(struct folio *folio, struct vm_area_struct *vma, 789 unsigned long addr, void *arg); 790 int (*done)(struct folio *folio); 791 struct anon_vma *(*anon_lock)(const struct folio *folio, 792 struct rmap_walk_control *rwc); 793 bool (*invalid_vma)(struct vm_area_struct *vma, void *arg); 794 }; 795 796 void rmap_walk(struct folio *folio, struct rmap_walk_control *rwc); 797 void rmap_walk_locked(struct folio *folio, struct rmap_walk_control *rwc); 798 struct anon_vma *folio_lock_anon_vma_read(const struct folio *folio, 799 struct rmap_walk_control *rwc); 800 801 #else /* !CONFIG_MMU */ 802 803 #define anon_vma_init() do {} while (0) 804 #define anon_vma_prepare(vma) (0) 805 806 static inline int folio_referenced(struct folio *folio, int is_locked, 807 struct mem_cgroup *memcg, 808 unsigned long *vm_flags) 809 { 810 *vm_flags = 0; 811 return 0; 812 } 813 814 static inline void try_to_unmap(struct folio *folio, enum ttu_flags flags) 815 { 816 } 817 818 static inline int folio_mkclean(struct folio *folio) 819 { 820 return 0; 821 } 822 #endif /* CONFIG_MMU */ 823 824 #endif /* _LINUX_RMAP_H */ 825