linux/mm/mmu_notifier.c
<<
>>
Prefs 
   1/*
   2 *  linux/mm/mmu_notifier.c
   3 *
   4 *  Copyright (C) 2008  Qumranet, Inc.
   5 *  Copyright (C) 2008  SGI
   6 *             Christoph Lameter <clameter@sgi.com>
   7 *
   8 *  This work is licensed under the terms of the GNU GPL, version 2. See
   9 *  the COPYING file in the top-level directory.
  10 */
  11
  12#include <linux/rculist.h>
  13#include <linux/mmu_notifier.h>
  14#include <linux/export.h>
  15#include <linux/mm.h>
  16#include <linux/err.h>
  17#include <linux/srcu.h>
  18#include <linux/rcupdate.h>
  19#include <linux/sched.h>
  20#include <linux/slab.h>
  21
  22/* global SRCU for all MMs */
  23static struct srcu_struct srcu;
  24
  25/*
  26 * This function can't run concurrently against mmu_notifier_register
  27 * because mm->mm_users > 0 during mmu_notifier_register and exit_mmap
  28 * runs with mm_users == 0. Other tasks may still invoke mmu notifiers
  29 * in parallel despite there being no task using this mm any more,
  30 * through the vmas outside of the exit_mmap context, such as with
  31 * vmtruncate. This serializes against mmu_notifier_unregister with
  32 * the mmu_notifier_mm->lock in addition to SRCU and it serializes
  33 * against the other mmu notifiers with SRCU. struct mmu_notifier_mm
  34 * can't go away from under us as exit_mmap holds an mm_count pin
  35 * itself.
  36 */
  37void __mmu_notifier_release(struct mm_struct *mm)
  38{
  39        struct mmu_notifier *mn;
  40        struct hlist_node *n;
  41        int id;
  42
  43        /*
  44         * SRCU here will block mmu_notifier_unregister until
  45         * ->release returns.
  46         */
  47        id = srcu_read_lock(&srcu);
  48        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist)
  49                /*
  50                 * if ->release runs before mmu_notifier_unregister it
  51                 * must be handled as it's the only way for the driver
  52                 * to flush all existing sptes and stop the driver
  53                 * from establishing any more sptes before all the
  54                 * pages in the mm are freed.
  55                 */
  56                if (mn->ops->release)
  57                        mn->ops->release(mn, mm);
  58        srcu_read_unlock(&srcu, id);
  59
  60        spin_lock(&mm->mmu_notifier_mm->lock);
  61        while (unlikely(!hlist_empty(&mm->mmu_notifier_mm->list))) {
  62                mn = hlist_entry(mm->mmu_notifier_mm->list.first,
  63                                 struct mmu_notifier,
  64                                 hlist);
  65                /*
  66                 * We arrived before mmu_notifier_unregister so
  67                 * mmu_notifier_unregister will do nothing other than
  68                 * to wait ->release to finish and
  69                 * mmu_notifier_unregister to return.
  70                 */
  71                hlist_del_init_rcu(&mn->hlist);
  72        }
  73        spin_unlock(&mm->mmu_notifier_mm->lock);
  74
  75        /*
  76         * synchronize_srcu here prevents mmu_notifier_release to
  77         * return to exit_mmap (which would proceed freeing all pages
  78         * in the mm) until the ->release method returns, if it was
  79         * invoked by mmu_notifier_unregister.
  80         *
  81         * The mmu_notifier_mm can't go away from under us because one
  82         * mm_count is hold by exit_mmap.
  83         */
  84        synchronize_srcu(&srcu);
  85}
  86
  87/*
  88 * If no young bitflag is supported by the hardware, ->clear_flush_young can
  89 * unmap the address and return 1 or 0 depending if the mapping previously
  90 * existed or not.
  91 */
  92int __mmu_notifier_clear_flush_young(struct mm_struct *mm,
  93                                        unsigned long address)
  94{
  95        struct mmu_notifier *mn;
  96        struct hlist_node *n;
  97        int young = 0, id;
  98
  99        id = srcu_read_lock(&srcu);
 100        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 101                if (mn->ops->clear_flush_young)
 102                        young |= mn->ops->clear_flush_young(mn, mm, address);
 103        }
 104        srcu_read_unlock(&srcu, id);
 105
 106        return young;
 107}
 108
 109int __mmu_notifier_test_young(struct mm_struct *mm,
 110                              unsigned long address)
 111{
 112        struct mmu_notifier *mn;
 113        struct hlist_node *n;
 114        int young = 0, id;
 115
 116        id = srcu_read_lock(&srcu);
 117        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 118                if (mn->ops->test_young) {
 119                        young = mn->ops->test_young(mn, mm, address);
 120                        if (young)
 121                                break;
 122                }
 123        }
 124        srcu_read_unlock(&srcu, id);
 125
 126        return young;
 127}
 128
 129void __mmu_notifier_change_pte(struct mm_struct *mm, unsigned long address,
 130                               pte_t pte)
 131{
 132        struct mmu_notifier *mn;
 133        struct hlist_node *n;
 134        int id;
 135
 136        id = srcu_read_lock(&srcu);
 137        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 138                if (mn->ops->change_pte)
 139                        mn->ops->change_pte(mn, mm, address, pte);
 140        }
 141        srcu_read_unlock(&srcu, id);
 142}
 143
 144void __mmu_notifier_invalidate_page(struct mm_struct *mm,
 145                                          unsigned long address)
 146{
 147        struct mmu_notifier *mn;
 148        struct hlist_node *n;
 149        int id;
 150
 151        id = srcu_read_lock(&srcu);
 152        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 153                if (mn->ops->invalidate_page)
 154                        mn->ops->invalidate_page(mn, mm, address);
 155        }
 156        srcu_read_unlock(&srcu, id);
 157}
 158
 159void __mmu_notifier_invalidate_range_start(struct mm_struct *mm,
 160                                  unsigned long start, unsigned long end)
 161{
 162        struct mmu_notifier *mn;
 163        struct hlist_node *n;
 164        int id;
 165
 166        id = srcu_read_lock(&srcu);
 167        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 168                if (mn->ops->invalidate_range_start)
 169                        mn->ops->invalidate_range_start(mn, mm, start, end);
 170        }
 171        srcu_read_unlock(&srcu, id);
 172}
 173
 174void __mmu_notifier_invalidate_range_end(struct mm_struct *mm,
 175                                  unsigned long start, unsigned long end)
 176{
 177        struct mmu_notifier *mn;
 178        struct hlist_node *n;
 179        int id;
 180
 181        id = srcu_read_lock(&srcu);
 182        hlist_for_each_entry_rcu(mn, n, &mm->mmu_notifier_mm->list, hlist) {
 183                if (mn->ops->invalidate_range_end)
 184                        mn->ops->invalidate_range_end(mn, mm, start, end);
 185        }
 186        srcu_read_unlock(&srcu, id);
 187}
 188
 189static int do_mmu_notifier_register(struct mmu_notifier *mn,
 190                                    struct mm_struct *mm,
 191                                    int take_mmap_sem)
 192{
 193        struct mmu_notifier_mm *mmu_notifier_mm;
 194        int ret;
 195
 196        BUG_ON(atomic_read(&mm->mm_users) <= 0);
 197
 198        /*
 199         * Verify that mmu_notifier_init() already run and the global srcu is
 200         * initialized.
 201         */
 202        BUG_ON(!srcu.per_cpu_ref);
 203
 204        ret = -ENOMEM;
 205        mmu_notifier_mm = kmalloc(sizeof(struct mmu_notifier_mm), GFP_KERNEL);
 206        if (unlikely(!mmu_notifier_mm))
 207                goto out;
 208
 209        if (take_mmap_sem)
 210                down_write(&mm->mmap_sem);
 211        ret = mm_take_all_locks(mm);
 212        if (unlikely(ret))
 213                goto out_clean;
 214
 215        if (!mm_has_notifiers(mm)) {
 216                INIT_HLIST_HEAD(&mmu_notifier_mm->list);
 217                spin_lock_init(&mmu_notifier_mm->lock);
 218
 219                mm->mmu_notifier_mm = mmu_notifier_mm;
 220                mmu_notifier_mm = NULL;
 221        }
 222        atomic_inc(&mm->mm_count);
 223
 224        /*
 225         * Serialize the update against mmu_notifier_unregister. A
 226         * side note: mmu_notifier_release can't run concurrently with
 227         * us because we hold the mm_users pin (either implicitly as
 228         * current->mm or explicitly with get_task_mm() or similar).
 229         * We can't race against any other mmu notifier method either
 230         * thanks to mm_take_all_locks().
 231         */
 232        spin_lock(&mm->mmu_notifier_mm->lock);
 233        hlist_add_head(&mn->hlist, &mm->mmu_notifier_mm->list);
 234        spin_unlock(&mm->mmu_notifier_mm->lock);
 235
 236        mm_drop_all_locks(mm);
 237out_clean:
 238        if (take_mmap_sem)
 239                up_write(&mm->mmap_sem);
 240        kfree(mmu_notifier_mm);
 241out:
 242        BUG_ON(atomic_read(&mm->mm_users) <= 0);
 243        return ret;
 244}
 245
 246/*
 247 * Must not hold mmap_sem nor any other VM related lock when calling
 248 * this registration function. Must also ensure mm_users can't go down
 249 * to zero while this runs to avoid races with mmu_notifier_release,
 250 * so mm has to be current->mm or the mm should be pinned safely such
 251 * as with get_task_mm(). If the mm is not current->mm, the mm_users
 252 * pin should be released by calling mmput after mmu_notifier_register
 253 * returns. mmu_notifier_unregister must be always called to
 254 * unregister the notifier. mm_count is automatically pinned to allow
 255 * mmu_notifier_unregister to safely run at any time later, before or
 256 * after exit_mmap. ->release will always be called before exit_mmap
 257 * frees the pages.
 258 */
 259int mmu_notifier_register(struct mmu_notifier *mn, struct mm_struct *mm)
 260{
 261        return do_mmu_notifier_register(mn, mm, 1);
 262}
 263EXPORT_SYMBOL_GPL(mmu_notifier_register);
 264
 265/*
 266 * Same as mmu_notifier_register but here the caller must hold the
 267 * mmap_sem in write mode.
 268 */
 269int __mmu_notifier_register(struct mmu_notifier *mn, struct mm_struct *mm)
 270{
 271        return do_mmu_notifier_register(mn, mm, 0);
 272}
 273EXPORT_SYMBOL_GPL(__mmu_notifier_register);
 274
 275/* this is called after the last mmu_notifier_unregister() returned */
 276void __mmu_notifier_mm_destroy(struct mm_struct *mm)
 277{
 278        BUG_ON(!hlist_empty(&mm->mmu_notifier_mm->list));
 279        kfree(mm->mmu_notifier_mm);
 280        mm->mmu_notifier_mm = LIST_POISON1; /* debug */
 281}
 282
 283/*
 284 * This releases the mm_count pin automatically and frees the mm
 285 * structure if it was the last user of it. It serializes against
 286 * running mmu notifiers with SRCU and against mmu_notifier_unregister
 287 * with the unregister lock + SRCU. All sptes must be dropped before
 288 * calling mmu_notifier_unregister. ->release or any other notifier
 289 * method may be invoked concurrently with mmu_notifier_unregister,
 290 * and only after mmu_notifier_unregister returned we're guaranteed
 291 * that ->release or any other method can't run anymore.
 292 */
 293void mmu_notifier_unregister(struct mmu_notifier *mn, struct mm_struct *mm)
 294{
 295        BUG_ON(atomic_read(&mm->mm_count) <= 0);
 296
 297        if (!hlist_unhashed(&mn->hlist)) {
 298                /*
 299                 * SRCU here will force exit_mmap to wait ->release to finish
 300                 * before freeing the pages.
 301                 */
 302                int id;
 303
 304                id = srcu_read_lock(&srcu);
 305                /*
 306                 * exit_mmap will block in mmu_notifier_release to
 307                 * guarantee ->release is called before freeing the
 308                 * pages.
 309                 */
 310                if (mn->ops->release)
 311                        mn->ops->release(mn, mm);
 312                srcu_read_unlock(&srcu, id);
 313
 314                spin_lock(&mm->mmu_notifier_mm->lock);
 315                hlist_del_rcu(&mn->hlist);
 316                spin_unlock(&mm->mmu_notifier_mm->lock);
 317        }
 318
 319        /*
 320         * Wait any running method to finish, of course including
 321         * ->release if it was run by mmu_notifier_relase instead of us.
 322         */
 323        synchronize_srcu(&srcu);
 324
 325        BUG_ON(atomic_read(&mm->mm_count) <= 0);
 326
 327        mmdrop(mm);
 328}
 329EXPORT_SYMBOL_GPL(mmu_notifier_unregister);
 330
 331static int __init mmu_notifier_init(void)
 332{
 333        return init_srcu_struct(&srcu);
 334}
 335
 336module_init(mmu_notifier_init);
 337
The original LXR software by the LXR community, this experimental version by lxr@linux.no.
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.