1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _LINUX_RMAP_H
3 #define _LINUX_RMAP_H
4 /*
5 * Declarations for Reverse Mapping functions in mm/rmap.c
6 */
7
8 #include <linux/list.h>
9 #include <linux/slab.h>
10 #include <linux/mm.h>
11 #include <linux/rwsem.h>
12 #include <linux/memcontrol.h>
13 #include <linux/highmem.h>
14 #include <linux/pagemap.h>
15 #include <linux/memremap.h>
16
17 /*
18 * The anon_vma heads a list of private "related" vmas, to scan if
19 * an anonymous page pointing to this anon_vma needs to be unmapped:
20 * the vmas on the list will be related by forking, or by splitting.
21 *
22 * Since vmas come and go as they are split and merged (particularly
23 * in mprotect), the mapping field of an anonymous page cannot point
24 * directly to a vma: instead it points to an anon_vma, on whose list
25 * the related vmas can be easily linked or unlinked.
26 *
27 * After unlinking the last vma on the list, we must garbage collect
28 * the anon_vma object itself: we're guaranteed no page can be
29 * pointing to this anon_vma once its vma list is empty.
30 */
31 struct anon_vma {
32 struct anon_vma *root; /* Root of this anon_vma tree */
33 struct rw_semaphore rwsem; /* W: modification, R: walking the list */
34 /*
35 * The refcount is taken on an anon_vma when there is no
36 * guarantee that the vma of page tables will exist for
37 * the duration of the operation. A caller that takes
38 * the reference is responsible for clearing up the
39 * anon_vma if they are the last user on release
40 */
41 atomic_t refcount;
42
43 /*
44 * Count of child anon_vmas. Equals to the count of all anon_vmas that
45 * have ->parent pointing to this one, including itself.
46 *
47 * This counter is used for making decision about reusing anon_vma
48 * instead of forking new one. See comments in function anon_vma_clone.
49 */
50 unsigned long num_children;
51 /* Count of VMAs whose ->anon_vma pointer points to this object. */
52 unsigned long num_active_vmas;
53
54 struct anon_vma *parent; /* Parent of this anon_vma */
55
56 /*
57 * NOTE: the LSB of the rb_root.rb_node is set by
58 * mm_take_all_locks() _after_ taking the above lock. So the
59 * rb_root must only be read/written after taking the above lock
60 * to be sure to see a valid next pointer. The LSB bit itself
61 * is serialized by a system wide lock only visible to
62 * mm_take_all_locks() (mm_all_locks_mutex).
63 */
64
65 /* Interval tree of private "related" vmas */
66 struct rb_root_cached rb_root;
67 };
68
69 /*
70 * The copy-on-write semantics of fork mean that an anon_vma
71 * can become associated with multiple processes. Furthermore,
72 * each child process will have its own anon_vma, where new
73 * pages for that process are instantiated.
74 *
75 * This structure allows us to find the anon_vmas associated
76 * with a VMA, or the VMAs associated with an anon_vma.
77 * The "same_vma" list contains the anon_vma_chains linking
78 * all the anon_vmas associated with this VMA.
79 * The "rb" field indexes on an interval tree the anon_vma_chains
80 * which link all the VMAs associated with this anon_vma.
81 */
82 struct anon_vma_chain {
83 struct vm_area_struct *vma;
84 struct anon_vma *anon_vma;
85 struct list_head same_vma; /* locked by mmap_lock & page_table_lock */
86 struct rb_node rb; /* locked by anon_vma->rwsem */
87 unsigned long rb_subtree_last;
88 #ifdef CONFIG_DEBUG_VM_RB
89 unsigned long cached_vma_start, cached_vma_last;
90 #endif
91 };
92
93 enum ttu_flags {
94 TTU_SPLIT_HUGE_PMD = 0x4, /* split huge PMD if any */
95 TTU_IGNORE_MLOCK = 0x8, /* ignore mlock */
96 TTU_SYNC = 0x10, /* avoid racy checks with PVMW_SYNC */
97 TTU_IGNORE_HWPOISON = 0x20, /* corrupted page is recoverable */
98 TTU_BATCH_FLUSH = 0x40, /* Batch TLB flushes where possible
99 * and caller guarantees they will
100 * do a final flush if necessary */
101 TTU_RMAP_LOCKED = 0x80, /* do not grab rmap lock:
102 * caller holds it */
103 };
104
105 #ifdef CONFIG_MMU
get_anon_vma(struct anon_vma * anon_vma)106 static inline void get_anon_vma(struct anon_vma *anon_vma)
107 {
108 atomic_inc(&anon_vma->refcount);
109 }
110
111 void __put_anon_vma(struct anon_vma *anon_vma);
112
put_anon_vma(struct anon_vma * anon_vma)113 static inline void put_anon_vma(struct anon_vma *anon_vma)
114 {
115 if (atomic_dec_and_test(&anon_vma->refcount))
116 __put_anon_vma(anon_vma);
117 }
118
anon_vma_lock_write(struct anon_vma * anon_vma)119 static inline void anon_vma_lock_write(struct anon_vma *anon_vma)
120 {
121 down_write(&anon_vma->root->rwsem);
122 }
123
anon_vma_unlock_write(struct anon_vma * anon_vma)124 static inline void anon_vma_unlock_write(struct anon_vma *anon_vma)
125 {
126 up_write(&anon_vma->root->rwsem);
127 }
128
anon_vma_lock_read(struct anon_vma * anon_vma)129 static inline void anon_vma_lock_read(struct anon_vma *anon_vma)
130 {
131 down_read(&anon_vma->root->rwsem);
132 }
133
anon_vma_trylock_read(struct anon_vma * anon_vma)134 static inline int anon_vma_trylock_read(struct anon_vma *anon_vma)
135 {
136 return down_read_trylock(&anon_vma->root->rwsem);
137 }
138
anon_vma_unlock_read(struct anon_vma * anon_vma)139 static inline void anon_vma_unlock_read(struct anon_vma *anon_vma)
140 {
141 up_read(&anon_vma->root->rwsem);
142 }
143
144
145 /*
146 * anon_vma helper functions.
147 */
148 void anon_vma_init(void); /* create anon_vma_cachep */
149 int __anon_vma_prepare(struct vm_area_struct *);
150 void unlink_anon_vmas(struct vm_area_struct *);
151 int anon_vma_clone(struct vm_area_struct *, struct vm_area_struct *);
152 int anon_vma_fork(struct vm_area_struct *, struct vm_area_struct *);
153
anon_vma_prepare(struct vm_area_struct * vma)154 static inline int anon_vma_prepare(struct vm_area_struct *vma)
155 {
156 if (likely(vma->anon_vma))
157 return 0;
158
159 return __anon_vma_prepare(vma);
160 }
161
anon_vma_merge(struct vm_area_struct * vma,struct vm_area_struct * next)162 static inline void anon_vma_merge(struct vm_area_struct *vma,
163 struct vm_area_struct *next)
164 {
165 VM_BUG_ON_VMA(vma->anon_vma != next->anon_vma, vma);
166 unlink_anon_vmas(next);
167 }
168
169 struct anon_vma *page_get_anon_vma(struct page *page);
170
171 /* RMAP flags, currently only relevant for some anon rmap operations. */
172 typedef int __bitwise rmap_t;
173
174 /*
175 * No special request: if the page is a subpage of a compound page, it is
176 * mapped via a PTE. The mapped (sub)page is possibly shared between processes.
177 */
178 #define RMAP_NONE ((__force rmap_t)0)
179
180 /* The (sub)page is exclusive to a single process. */
181 #define RMAP_EXCLUSIVE ((__force rmap_t)BIT(0))
182
183 /*
184 * The compound page is not mapped via PTEs, but instead via a single PMD and
185 * should be accounted accordingly.
186 */
187 #define RMAP_COMPOUND ((__force rmap_t)BIT(1))
188
189 /*
190 * rmap interfaces called when adding or removing pte of page
191 */
192 void page_move_anon_rmap(struct page *, struct vm_area_struct *);
193 void page_add_anon_rmap(struct page *, struct vm_area_struct *,
194 unsigned long address, rmap_t flags);
195 void page_add_new_anon_rmap(struct page *, struct vm_area_struct *,
196 unsigned long address);
197 void page_add_file_rmap(struct page *, struct vm_area_struct *,
198 bool compound);
199 void page_remove_rmap(struct page *, struct vm_area_struct *,
200 bool compound);
201
202 void hugepage_add_anon_rmap(struct page *, struct vm_area_struct *,
203 unsigned long address, rmap_t flags);
204 void hugepage_add_new_anon_rmap(struct page *, struct vm_area_struct *,
205 unsigned long address);
206
__page_dup_rmap(struct page * page,bool compound)207 static inline void __page_dup_rmap(struct page *page, bool compound)
208 {
209 atomic_inc(compound ? compound_mapcount_ptr(page) : &page->_mapcount);
210 }
211
page_dup_file_rmap(struct page * page,bool compound)212 static inline void page_dup_file_rmap(struct page *page, bool compound)
213 {
214 __page_dup_rmap(page, compound);
215 }
216
217 /**
218 * page_try_dup_anon_rmap - try duplicating a mapping of an already mapped
219 * anonymous page
220 * @page: the page to duplicate the mapping for
221 * @compound: the page is mapped as compound or as a small page
222 * @vma: the source vma
223 *
224 * The caller needs to hold the PT lock and the vma->vma_mm->write_protect_seq.
225 *
226 * Duplicating the mapping can only fail if the page may be pinned; device
227 * private pages cannot get pinned and consequently this function cannot fail.
228 *
229 * If duplicating the mapping succeeds, the page has to be mapped R/O into
230 * the parent and the child. It must *not* get mapped writable after this call.
231 *
232 * Returns 0 if duplicating the mapping succeeded. Returns -EBUSY otherwise.
233 */
page_try_dup_anon_rmap(struct page * page,bool compound,struct vm_area_struct * vma)234 static inline int page_try_dup_anon_rmap(struct page *page, bool compound,
235 struct vm_area_struct *vma)
236 {
237 VM_BUG_ON_PAGE(!PageAnon(page), page);
238
239 /*
240 * No need to check+clear for already shared pages, including KSM
241 * pages.
242 */
243 if (!PageAnonExclusive(page))
244 goto dup;
245
246 /*
247 * If this page may have been pinned by the parent process,
248 * don't allow to duplicate the mapping but instead require to e.g.,
249 * copy the page immediately for the child so that we'll always
250 * guarantee the pinned page won't be randomly replaced in the
251 * future on write faults.
252 */
253 if (likely(!is_device_private_page(page) &&
254 unlikely(page_needs_cow_for_dma(vma, page))))
255 return -EBUSY;
256
257 ClearPageAnonExclusive(page);
258 /*
259 * It's okay to share the anon page between both processes, mapping
260 * the page R/O into both processes.
261 */
262 dup:
263 __page_dup_rmap(page, compound);
264 return 0;
265 }
266
267 /**
268 * page_try_share_anon_rmap - try marking an exclusive anonymous page possibly
269 * shared to prepare for KSM or temporary unmapping
270 * @page: the exclusive anonymous page to try marking possibly shared
271 *
272 * The caller needs to hold the PT lock and has to have the page table entry
273 * cleared/invalidated+flushed, to properly sync against GUP-fast.
274 *
275 * This is similar to page_try_dup_anon_rmap(), however, not used during fork()
276 * to duplicate a mapping, but instead to prepare for KSM or temporarily
277 * unmapping a page (swap, migration) via page_remove_rmap().
278 *
279 * Marking the page shared can only fail if the page may be pinned; device
280 * private pages cannot get pinned and consequently this function cannot fail.
281 *
282 * Returns 0 if marking the page possibly shared succeeded. Returns -EBUSY
283 * otherwise.
284 */
page_try_share_anon_rmap(struct page * page)285 static inline int page_try_share_anon_rmap(struct page *page)
286 {
287 VM_BUG_ON_PAGE(!PageAnon(page) || !PageAnonExclusive(page), page);
288
289 /* See page_try_dup_anon_rmap(). */
290 if (likely(!is_device_private_page(page) &&
291 unlikely(page_maybe_dma_pinned(page))))
292 return -EBUSY;
293
294 ClearPageAnonExclusive(page);
295 return 0;
296 }
297
298 /*
299 * Called from mm/vmscan.c to handle paging out
300 */
301 int folio_referenced(struct folio *, int is_locked,
302 struct mem_cgroup *memcg, unsigned long *vm_flags);
303
304 void try_to_migrate(struct folio *folio, enum ttu_flags flags);
305 void try_to_unmap(struct folio *, enum ttu_flags flags);
306
307 int make_device_exclusive_range(struct mm_struct *mm, unsigned long start,
308 unsigned long end, struct page **pages,
309 void *arg);
310
311 /* Avoid racy checks */
312 #define PVMW_SYNC (1 << 0)
313 /* Look for migration entries rather than present PTEs */
314 #define PVMW_MIGRATION (1 << 1)
315
316 struct page_vma_mapped_walk {
317 unsigned long pfn;
318 unsigned long nr_pages;
319 pgoff_t pgoff;
320 struct vm_area_struct *vma;
321 unsigned long address;
322 pmd_t *pmd;
323 pte_t *pte;
324 spinlock_t *ptl;
325 unsigned int flags;
326 };
327
328 #define DEFINE_PAGE_VMA_WALK(name, _page, _vma, _address, _flags) \
329 struct page_vma_mapped_walk name = { \
330 .pfn = page_to_pfn(_page), \
331 .nr_pages = compound_nr(_page), \
332 .pgoff = page_to_pgoff(_page), \
333 .vma = _vma, \
334 .address = _address, \
335 .flags = _flags, \
336 }
337
338 #define DEFINE_FOLIO_VMA_WALK(name, _folio, _vma, _address, _flags) \
339 struct page_vma_mapped_walk name = { \
340 .pfn = folio_pfn(_folio), \
341 .nr_pages = folio_nr_pages(_folio), \
342 .pgoff = folio_pgoff(_folio), \
343 .vma = _vma, \
344 .address = _address, \
345 .flags = _flags, \
346 }
347
page_vma_mapped_walk_done(struct page_vma_mapped_walk * pvmw)348 static inline void page_vma_mapped_walk_done(struct page_vma_mapped_walk *pvmw)
349 {
350 /* HugeTLB pte is set to the relevant page table entry without pte_mapped. */
351 if (pvmw->pte && !is_vm_hugetlb_page(pvmw->vma))
352 pte_unmap(pvmw->pte);
353 if (pvmw->ptl)
354 spin_unlock(pvmw->ptl);
355 }
356
357 bool page_vma_mapped_walk(struct page_vma_mapped_walk *pvmw);
358
359 /*
360 * Used by swapoff to help locate where page is expected in vma.
361 */
362 unsigned long page_address_in_vma(struct page *, struct vm_area_struct *);
363
364 /*
365 * Cleans the PTEs of shared mappings.
366 * (and since clean PTEs should also be readonly, write protects them too)
367 *
368 * returns the number of cleaned PTEs.
369 */
370 int folio_mkclean(struct folio *);
371
372 int pfn_mkclean_range(unsigned long pfn, unsigned long nr_pages, pgoff_t pgoff,
373 struct vm_area_struct *vma);
374
375 void remove_migration_ptes(struct folio *src, struct folio *dst, bool locked);
376
377 int page_mapped_in_vma(struct page *page, struct vm_area_struct *vma);
378
379 /*
380 * rmap_walk_control: To control rmap traversing for specific needs
381 *
382 * arg: passed to rmap_one() and invalid_vma()
383 * try_lock: bail out if the rmap lock is contended
384 * contended: indicate the rmap traversal bailed out due to lock contention
385 * rmap_one: executed on each vma where page is mapped
386 * done: for checking traversing termination condition
387 * anon_lock: for getting anon_lock by optimized way rather than default
388 * invalid_vma: for skipping uninterested vma
389 */
390 struct rmap_walk_control {
391 void *arg;
392 bool try_lock;
393 bool contended;
394 /*
395 * Return false if page table scanning in rmap_walk should be stopped.
396 * Otherwise, return true.
397 */
398 bool (*rmap_one)(struct folio *folio, struct vm_area_struct *vma,
399 unsigned long addr, void *arg);
400 int (*done)(struct folio *folio);
401 struct anon_vma *(*anon_lock)(struct folio *folio,
402 struct rmap_walk_control *rwc);
403 bool (*invalid_vma)(struct vm_area_struct *vma, void *arg);
404 };
405
406 void rmap_walk(struct folio *folio, struct rmap_walk_control *rwc);
407 void rmap_walk_locked(struct folio *folio, struct rmap_walk_control *rwc);
408
409 /*
410 * Called by memory-failure.c to kill processes.
411 */
412 struct anon_vma *folio_lock_anon_vma_read(struct folio *folio,
413 struct rmap_walk_control *rwc);
414 void page_unlock_anon_vma_read(struct anon_vma *anon_vma);
415
416 #else /* !CONFIG_MMU */
417
418 #define anon_vma_init() do {} while (0)
419 #define anon_vma_prepare(vma) (0)
420 #define anon_vma_link(vma) do {} while (0)
421
folio_referenced(struct folio * folio,int is_locked,struct mem_cgroup * memcg,unsigned long * vm_flags)422 static inline int folio_referenced(struct folio *folio, int is_locked,
423 struct mem_cgroup *memcg,
424 unsigned long *vm_flags)
425 {
426 *vm_flags = 0;
427 return 0;
428 }
429
try_to_unmap(struct folio * folio,enum ttu_flags flags)430 static inline void try_to_unmap(struct folio *folio, enum ttu_flags flags)
431 {
432 }
433
folio_mkclean(struct folio * folio)434 static inline int folio_mkclean(struct folio *folio)
435 {
436 return 0;
437 }
438 #endif /* CONFIG_MMU */
439
page_mkclean(struct page * page)440 static inline int page_mkclean(struct page *page)
441 {
442 return folio_mkclean(page_folio(page));
443 }
444 #endif /* _LINUX_RMAP_H */
445