2008-03-17 16:36:55 -07:00
|
|
|
#include <linux/mm.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 17:04:11 +09:00
|
|
|
#include <linux/gfp.h>
|
2018-04-11 17:24:38 +02:00
|
|
|
#include <linux/hugetlb.h>
|
2008-03-17 16:36:55 -07:00
|
|
|
#include <asm/pgalloc.h>
|
2008-03-17 16:37:03 -07:00
|
|
|
#include <asm/pgtable.h>
|
2008-03-17 16:36:55 -07:00
|
|
|
#include <asm/tlb.h>
|
2008-06-20 15:34:46 +02:00
|
|
|
#include <asm/fixmap.h>
|
2015-04-14 15:47:32 -07:00
|
|
|
#include <asm/mtrr.h>
|
2008-03-17 16:36:55 -07:00
|
|
|
|
kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls
Synthetic filesystem mempressure testing has shown softlockups, with
hour-long page allocation stalls, and pgd_alloc() trying for order:1
with __GFP_REPEAT in one of the backtraces each time.
That's _pgd_alloc() going for a Kaiser double-pgd, using the __GFP_REPEAT
common to all page table allocations, but actually having no effect on
order:0 (see should_alloc_oom() and should_continue_reclaim() in this
tree, but beware that ports to another tree might behave differently).
Order:1 stack allocation has been working satisfactorily without
__GFP_REPEAT forever, and page table allocation only asks __GFP_REPEAT
for awkward occasions in a long-running process: it's not appropriate
at fork or exec time, and seems to be doing much more harm than good:
getting those contiguous pages under very heavy mempressure can be
hard (though even without it, Kaiser does generate more mempressure).
Mask out that __GFP_REPEAT inside _pgd_alloc(). Why not take it out
of the PGALLOG_GFP altogether, as v4.7 commit a3a9a59d2067 ("x86: get
rid of superfluous __GFP_REPEAT") did? Because I think that might
make a difference to our page table memcg charging, which I'd prefer
not to interfere with at this time.
hughd adds: __alloc_pages_slowpath() in the 4.4.89-stable tree handles
__GFP_REPEAT a little differently than in prod kernel or 3.18.72-stable,
so it may not always be exactly a no-op on order:0 pages, as said above;
but I think still appropriate to omit it from Kaiser or non-Kaiser pgd.
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-10-13 12:10:00 -07:00
|
|
|
#define PGALLOC_GFP (GFP_KERNEL | __GFP_NOTRACK | __GFP_REPEAT | __GFP_ZERO)
|
2009-02-22 11:28:25 +01:00
|
|
|
|
2010-02-17 10:38:10 +00:00
|
|
|
#ifdef CONFIG_HIGHPTE
|
|
|
|
|
#define PGALLOC_USER_GFP __GFP_HIGHMEM
|
|
|
|
|
#else
|
|
|
|
|
#define PGALLOC_USER_GFP 0
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
gfp_t __userpte_alloc_gfp = PGALLOC_GFP | PGALLOC_USER_GFP;
|
|
|
|
|
|
2008-03-17 16:36:55 -07:00
|
|
|
pte_t *pte_alloc_one_kernel(struct mm_struct *mm, unsigned long address)
|
|
|
|
|
{
|
2009-02-22 11:28:25 +01:00
|
|
|
return (pte_t *)__get_free_page(PGALLOC_GFP);
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pgtable_t pte_alloc_one(struct mm_struct *mm, unsigned long address)
|
|
|
|
|
{
|
|
|
|
|
struct page *pte;
|
|
|
|
|
|
2010-02-17 10:38:10 +00:00
|
|
|
pte = alloc_pages(__userpte_alloc_gfp, 0);
|
2013-11-14 14:31:47 -08:00
|
|
|
if (!pte)
|
|
|
|
|
return NULL;
|
|
|
|
|
if (!pgtable_page_ctor(pte)) {
|
|
|
|
|
__free_page(pte);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2008-03-17 16:36:55 -07:00
|
|
|
return pte;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-17 10:38:10 +00:00
|
|
|
static int __init setup_userpte(char *arg)
|
|
|
|
|
{
|
|
|
|
|
if (!arg)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* "userpte=nohigh" disables allocation of user pagetables in
|
|
|
|
|
* high memory.
|
|
|
|
|
*/
|
|
|
|
|
if (strcmp(arg, "nohigh") == 0)
|
|
|
|
|
__userpte_alloc_gfp &= ~__GFP_HIGHMEM;
|
|
|
|
|
else
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
early_param("userpte", setup_userpte);
|
|
|
|
|
|
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
Upcoming paches to support the new 64-bit "BookE" powerpc architecture
will need to have the virtual address corresponding to PTE page when
freeing it, due to the way the HW table walker works.
Basically, the TLB can be loaded with "large" pages that cover the whole
virtual space (well, sort-of, half of it actually) represented by a PTE
page, and which contain an "indirect" bit indicating that this TLB entry
RPN points to an array of PTEs from which the TLB can then create direct
entries. Thus, in order to invalidate those when PTE pages are deleted,
we need the virtual address to pass to tlbilx or tlbivax instructions.
The old trick of sticking it somewhere in the PTE page struct page sucks
too much, the address is almost readily available in all call sites and
almost everybody implemets these as macros, so we may as well add the
argument everywhere. I added it to the pmd and pud variants for consistency.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: David Howells <dhowells@redhat.com> [MN10300 & FRV]
Acked-by: Nick Piggin <npiggin@suse.de>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com> [s390]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-07-22 15:44:28 +10:00
|
|
|
void ___pte_free_tlb(struct mmu_gather *tlb, struct page *pte)
|
2008-03-17 16:36:57 -07:00
|
|
|
{
|
|
|
|
|
pgtable_page_dtor(pte);
|
2008-03-17 16:37:01 -07:00
|
|
|
paravirt_release_pte(page_to_pfn(pte));
|
2008-03-17 16:36:57 -07:00
|
|
|
tlb_remove_page(tlb, pte);
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-14 15:46:14 -07:00
|
|
|
#if CONFIG_PGTABLE_LEVELS > 2
|
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
Upcoming paches to support the new 64-bit "BookE" powerpc architecture
will need to have the virtual address corresponding to PTE page when
freeing it, due to the way the HW table walker works.
Basically, the TLB can be loaded with "large" pages that cover the whole
virtual space (well, sort-of, half of it actually) represented by a PTE
page, and which contain an "indirect" bit indicating that this TLB entry
RPN points to an array of PTEs from which the TLB can then create direct
entries. Thus, in order to invalidate those when PTE pages are deleted,
we need the virtual address to pass to tlbilx or tlbivax instructions.
The old trick of sticking it somewhere in the PTE page struct page sucks
too much, the address is almost readily available in all call sites and
almost everybody implemets these as macros, so we may as well add the
argument everywhere. I added it to the pmd and pud variants for consistency.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: David Howells <dhowells@redhat.com> [MN10300 & FRV]
Acked-by: Nick Piggin <npiggin@suse.de>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com> [s390]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-07-22 15:44:28 +10:00
|
|
|
void ___pmd_free_tlb(struct mmu_gather *tlb, pmd_t *pmd)
|
2008-03-17 16:36:58 -07:00
|
|
|
{
|
2013-11-21 14:32:09 -08:00
|
|
|
struct page *page = virt_to_page(pmd);
|
2008-03-17 16:37:01 -07:00
|
|
|
paravirt_release_pmd(__pa(pmd) >> PAGE_SHIFT);
|
2013-04-12 16:23:54 -07:00
|
|
|
/*
|
|
|
|
|
* NOTE! For PAE, any changes to the top page-directory-pointer-table
|
|
|
|
|
* entries need a full cr3 reload to flush.
|
|
|
|
|
*/
|
|
|
|
|
#ifdef CONFIG_X86_PAE
|
|
|
|
|
tlb->need_flush_all = 1;
|
|
|
|
|
#endif
|
2013-11-21 14:32:09 -08:00
|
|
|
pgtable_pmd_page_dtor(page);
|
|
|
|
|
tlb_remove_page(tlb, page);
|
2008-03-17 16:36:58 -07:00
|
|
|
}
|
2008-03-17 16:36:59 -07:00
|
|
|
|
2015-04-14 15:46:14 -07:00
|
|
|
#if CONFIG_PGTABLE_LEVELS > 3
|
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
mm: Pass virtual address to [__]p{te,ud,md}_free_tlb()
Upcoming paches to support the new 64-bit "BookE" powerpc architecture
will need to have the virtual address corresponding to PTE page when
freeing it, due to the way the HW table walker works.
Basically, the TLB can be loaded with "large" pages that cover the whole
virtual space (well, sort-of, half of it actually) represented by a PTE
page, and which contain an "indirect" bit indicating that this TLB entry
RPN points to an array of PTEs from which the TLB can then create direct
entries. Thus, in order to invalidate those when PTE pages are deleted,
we need the virtual address to pass to tlbilx or tlbivax instructions.
The old trick of sticking it somewhere in the PTE page struct page sucks
too much, the address is almost readily available in all call sites and
almost everybody implemets these as macros, so we may as well add the
argument everywhere. I added it to the pmd and pud variants for consistency.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: David Howells <dhowells@redhat.com> [MN10300 & FRV]
Acked-by: Nick Piggin <npiggin@suse.de>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com> [s390]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-07-22 15:44:28 +10:00
|
|
|
void ___pud_free_tlb(struct mmu_gather *tlb, pud_t *pud)
|
2008-03-17 16:36:59 -07:00
|
|
|
{
|
2008-03-17 16:37:02 -07:00
|
|
|
paravirt_release_pud(__pa(pud) >> PAGE_SHIFT);
|
2008-03-17 16:36:59 -07:00
|
|
|
tlb_remove_page(tlb, virt_to_page(pud));
|
|
|
|
|
}
|
2015-04-14 15:46:14 -07:00
|
|
|
#endif /* CONFIG_PGTABLE_LEVELS > 3 */
|
|
|
|
|
#endif /* CONFIG_PGTABLE_LEVELS > 2 */
|
2008-03-17 16:36:58 -07:00
|
|
|
|
2008-03-17 16:36:55 -07:00
|
|
|
static inline void pgd_list_add(pgd_t *pgd)
|
|
|
|
|
{
|
|
|
|
|
struct page *page = virt_to_page(pgd);
|
|
|
|
|
|
|
|
|
|
list_add(&page->lru, &pgd_list);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void pgd_list_del(pgd_t *pgd)
|
|
|
|
|
{
|
|
|
|
|
struct page *page = virt_to_page(pgd);
|
|
|
|
|
|
|
|
|
|
list_del(&page->lru);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#define UNSHARED_PTRS_PER_PGD \
|
2008-03-17 16:37:13 -07:00
|
|
|
(SHARED_KERNEL_PMD ? KERNEL_PGD_BOUNDARY : PTRS_PER_PGD)
|
2008-03-17 16:36:55 -07:00
|
|
|
|
2010-09-21 12:01:51 -07:00
|
|
|
|
|
|
|
|
static void pgd_set_mm(pgd_t *pgd, struct mm_struct *mm)
|
|
|
|
|
{
|
|
|
|
|
BUILD_BUG_ON(sizeof(virt_to_page(pgd)->index) < sizeof(mm));
|
|
|
|
|
virt_to_page(pgd)->index = (pgoff_t)mm;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct mm_struct *pgd_page_get_mm(struct page *page)
|
|
|
|
|
{
|
|
|
|
|
return (struct mm_struct *)page->index;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void pgd_ctor(struct mm_struct *mm, pgd_t *pgd)
|
2008-03-17 16:36:55 -07:00
|
|
|
{
|
|
|
|
|
/* If the pgd points to a shared pagetable level (either the
|
|
|
|
|
ptes in non-PAE, or shared PMD in PAE), then just copy the
|
|
|
|
|
references from swapper_pg_dir. */
|
2015-04-14 15:46:14 -07:00
|
|
|
if (CONFIG_PGTABLE_LEVELS == 2 ||
|
|
|
|
|
(CONFIG_PGTABLE_LEVELS == 3 && SHARED_KERNEL_PMD) ||
|
|
|
|
|
CONFIG_PGTABLE_LEVELS == 4) {
|
2008-03-17 16:37:13 -07:00
|
|
|
clone_pgd_range(pgd + KERNEL_PGD_BOUNDARY,
|
|
|
|
|
swapper_pg_dir + KERNEL_PGD_BOUNDARY,
|
2008-03-17 16:36:55 -07:00
|
|
|
KERNEL_PGD_PTRS);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* list required to sync kernel mapping updates */
|
2010-09-21 12:01:51 -07:00
|
|
|
if (!SHARED_KERNEL_PMD) {
|
|
|
|
|
pgd_set_mm(pgd, mm);
|
2008-03-17 16:36:55 -07:00
|
|
|
pgd_list_add(pgd);
|
2010-09-21 12:01:51 -07:00
|
|
|
}
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
|
|
|
|
|
2008-08-29 12:51:32 +01:00
|
|
|
static void pgd_dtor(pgd_t *pgd)
|
2008-03-17 16:36:55 -07:00
|
|
|
{
|
|
|
|
|
if (SHARED_KERNEL_PMD)
|
|
|
|
|
return;
|
|
|
|
|
|
2011-02-16 15:45:22 -08:00
|
|
|
spin_lock(&pgd_lock);
|
2008-03-17 16:36:55 -07:00
|
|
|
pgd_list_del(pgd);
|
2011-02-16 15:45:22 -08:00
|
|
|
spin_unlock(&pgd_lock);
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
|
|
|
|
|
2008-03-17 16:37:14 -07:00
|
|
|
/*
|
|
|
|
|
* List of all pgd's needed for non-PAE so it can invalidate entries
|
|
|
|
|
* in both cached and uncached pgd's; not needed for PAE since the
|
|
|
|
|
* kernel pmd is shared. If PAE were not to share the pmd a similar
|
|
|
|
|
* tactic would be needed. This is essentially codepath-based locking
|
|
|
|
|
* against pageattr.c; it is the unique case in which a valid change
|
|
|
|
|
* of kernel pagetables can't be lazily synchronized by vmalloc faults.
|
|
|
|
|
* vmalloc faults work because attached pagetables are never freed.
|
2012-12-06 10:39:54 +01:00
|
|
|
* -- nyc
|
2008-03-17 16:37:14 -07:00
|
|
|
*/
|
|
|
|
|
|
2008-03-17 16:36:55 -07:00
|
|
|
#ifdef CONFIG_X86_PAE
|
2008-06-25 00:19:13 -04:00
|
|
|
/*
|
|
|
|
|
* In PAE mode, we need to do a cr3 reload (=tlb flush) when
|
|
|
|
|
* updating the top-level pagetable entries to guarantee the
|
|
|
|
|
* processor notices the update. Since this is expensive, and
|
|
|
|
|
* all 4 top-level entries are used almost immediately in a
|
|
|
|
|
* new process's life, we just pre-populate them here.
|
|
|
|
|
*
|
|
|
|
|
* Also, if we're in a paravirt environment where the kernel pmd is
|
|
|
|
|
* not shared between pagetables (!SHARED_KERNEL_PMDS), we allocate
|
|
|
|
|
* and initialize the kernel pmds here.
|
|
|
|
|
*/
|
|
|
|
|
#define PREALLOCATED_PMDS UNSHARED_PTRS_PER_PGD
|
|
|
|
|
|
|
|
|
|
void pud_populate(struct mm_struct *mm, pud_t *pudp, pmd_t *pmd)
|
|
|
|
|
{
|
|
|
|
|
paravirt_alloc_pmd(mm, __pa(pmd) >> PAGE_SHIFT);
|
|
|
|
|
|
|
|
|
|
/* Note: almost everything apart from _PAGE_PRESENT is
|
|
|
|
|
reserved at the pmd (PDPT) level. */
|
|
|
|
|
set_pud(pudp, __pud(__pa(pmd) | _PAGE_PRESENT));
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* According to Intel App note "TLBs, Paging-Structure Caches,
|
|
|
|
|
* and Their Invalidation", April 2007, document 317080-001,
|
|
|
|
|
* section 8.1: in PAE mode we explicitly have to flush the
|
|
|
|
|
* TLB via cr3 if the top-level pgd is changed...
|
|
|
|
|
*/
|
2011-03-16 11:37:29 +08:00
|
|
|
flush_tlb_mm(mm);
|
2008-06-25 00:19:13 -04:00
|
|
|
}
|
|
|
|
|
#else /* !CONFIG_X86_PAE */
|
|
|
|
|
|
|
|
|
|
/* No need to prepopulate any pagetable entries in non-PAE modes. */
|
|
|
|
|
#define PREALLOCATED_PMDS 0
|
|
|
|
|
|
|
|
|
|
#endif /* CONFIG_X86_PAE */
|
|
|
|
|
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
static void free_pmds(struct mm_struct *mm, pmd_t *pmds[])
|
2008-06-25 00:19:13 -04:00
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
for(i = 0; i < PREALLOCATED_PMDS; i++)
|
x86: add missed pgtable_pmd_page_ctor/dtor calls for preallocated pmds
In split page table lock case, we embed spinlock_t into struct page.
For obvious reason, we don't want to increase size of struct page if
spinlock_t is too big, like with DEBUG_SPINLOCK or DEBUG_LOCK_ALLOC or
on -rt kernel. So we disable split page table lock, if spinlock_t is
too big.
This patchset allows to allocate the lock dynamically if spinlock_t is
big. In this page->ptl is used to store pointer to spinlock instead of
spinlock itself. It costs additional cache line for indirect access,
but fix page fault scalability for multi-threaded applications.
LOCK_STAT depends on DEBUG_SPINLOCK, so on current kernel enabling
LOCK_STAT to analyse scalability issues breaks scalability. ;)
The patchset mostly fixes this. Results for ./thp_memscale -c 80 -b 512M
on 4-socket machine:
baseline, no CONFIG_LOCK_STAT: 9.115460703 seconds time elapsed
baseline, CONFIG_LOCK_STAT=y: 53.890567123 seconds time elapsed
patched, no CONFIG_LOCK_STAT: 8.852250368 seconds time elapsed
patched, CONFIG_LOCK_STAT=y: 11.069770759 seconds time elapsed
Patch count is scary, but most of them trivial. Overview:
Patches 1-4 Few bug fixes. No dependencies to other patches.
Probably should applied as soon as possible.
Patch 5 Changes signature of pgtable_page_ctor(). We will use it
for dynamic lock allocation, so it can fail.
Patches 6-8 Add missing constructor/destructor calls on few archs.
It's fixes NR_PAGETABLE accounting and prepare to use
split ptl.
Patches 9-33 Add pgtable_page_ctor() fail handling to all archs.
Patches 34 Finally adds support of dynamically-allocated page->pte.
Also contains documentation for split page table lock.
This patch (of 34):
I've missed that we preallocate few pmds on pgd_alloc() if X86_PAE
enabled. Let's add missed constructor/destructor calls.
I haven't noticed it during testing since prep_new_page() clears
page->mapping and therefore page->ptl. It's effectively equal to
spin_lock_init(&page->ptl).
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chen Liqin <liqin.chen@sunplusct.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Howells <dhowells@redhat.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hirokazu Takata <takata@linux-m32r.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-11-14 14:31:13 -08:00
|
|
|
if (pmds[i]) {
|
|
|
|
|
pgtable_pmd_page_dtor(virt_to_page(pmds[i]));
|
2008-06-25 00:19:13 -04:00
|
|
|
free_page((unsigned long)pmds[i]);
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
mm_dec_nr_pmds(mm);
|
x86: add missed pgtable_pmd_page_ctor/dtor calls for preallocated pmds
In split page table lock case, we embed spinlock_t into struct page.
For obvious reason, we don't want to increase size of struct page if
spinlock_t is too big, like with DEBUG_SPINLOCK or DEBUG_LOCK_ALLOC or
on -rt kernel. So we disable split page table lock, if spinlock_t is
too big.
This patchset allows to allocate the lock dynamically if spinlock_t is
big. In this page->ptl is used to store pointer to spinlock instead of
spinlock itself. It costs additional cache line for indirect access,
but fix page fault scalability for multi-threaded applications.
LOCK_STAT depends on DEBUG_SPINLOCK, so on current kernel enabling
LOCK_STAT to analyse scalability issues breaks scalability. ;)
The patchset mostly fixes this. Results for ./thp_memscale -c 80 -b 512M
on 4-socket machine:
baseline, no CONFIG_LOCK_STAT: 9.115460703 seconds time elapsed
baseline, CONFIG_LOCK_STAT=y: 53.890567123 seconds time elapsed
patched, no CONFIG_LOCK_STAT: 8.852250368 seconds time elapsed
patched, CONFIG_LOCK_STAT=y: 11.069770759 seconds time elapsed
Patch count is scary, but most of them trivial. Overview:
Patches 1-4 Few bug fixes. No dependencies to other patches.
Probably should applied as soon as possible.
Patch 5 Changes signature of pgtable_page_ctor(). We will use it
for dynamic lock allocation, so it can fail.
Patches 6-8 Add missing constructor/destructor calls on few archs.
It's fixes NR_PAGETABLE accounting and prepare to use
split ptl.
Patches 9-33 Add pgtable_page_ctor() fail handling to all archs.
Patches 34 Finally adds support of dynamically-allocated page->pte.
Also contains documentation for split page table lock.
This patch (of 34):
I've missed that we preallocate few pmds on pgd_alloc() if X86_PAE
enabled. Let's add missed constructor/destructor calls.
I haven't noticed it during testing since prep_new_page() clears
page->mapping and therefore page->ptl. It's effectively equal to
spin_lock_init(&page->ptl).
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chen Liqin <liqin.chen@sunplusct.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Howells <dhowells@redhat.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hirokazu Takata <takata@linux-m32r.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-11-14 14:31:13 -08:00
|
|
|
}
|
2008-06-25 00:19:13 -04:00
|
|
|
}
|
|
|
|
|
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
static int preallocate_pmds(struct mm_struct *mm, pmd_t *pmds[])
|
2008-06-25 00:19:13 -04:00
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
bool failed = false;
|
|
|
|
|
|
|
|
|
|
for(i = 0; i < PREALLOCATED_PMDS; i++) {
|
2009-02-22 11:28:25 +01:00
|
|
|
pmd_t *pmd = (pmd_t *)__get_free_page(PGALLOC_GFP);
|
x86: add missed pgtable_pmd_page_ctor/dtor calls for preallocated pmds
In split page table lock case, we embed spinlock_t into struct page.
For obvious reason, we don't want to increase size of struct page if
spinlock_t is too big, like with DEBUG_SPINLOCK or DEBUG_LOCK_ALLOC or
on -rt kernel. So we disable split page table lock, if spinlock_t is
too big.
This patchset allows to allocate the lock dynamically if spinlock_t is
big. In this page->ptl is used to store pointer to spinlock instead of
spinlock itself. It costs additional cache line for indirect access,
but fix page fault scalability for multi-threaded applications.
LOCK_STAT depends on DEBUG_SPINLOCK, so on current kernel enabling
LOCK_STAT to analyse scalability issues breaks scalability. ;)
The patchset mostly fixes this. Results for ./thp_memscale -c 80 -b 512M
on 4-socket machine:
baseline, no CONFIG_LOCK_STAT: 9.115460703 seconds time elapsed
baseline, CONFIG_LOCK_STAT=y: 53.890567123 seconds time elapsed
patched, no CONFIG_LOCK_STAT: 8.852250368 seconds time elapsed
patched, CONFIG_LOCK_STAT=y: 11.069770759 seconds time elapsed
Patch count is scary, but most of them trivial. Overview:
Patches 1-4 Few bug fixes. No dependencies to other patches.
Probably should applied as soon as possible.
Patch 5 Changes signature of pgtable_page_ctor(). We will use it
for dynamic lock allocation, so it can fail.
Patches 6-8 Add missing constructor/destructor calls on few archs.
It's fixes NR_PAGETABLE accounting and prepare to use
split ptl.
Patches 9-33 Add pgtable_page_ctor() fail handling to all archs.
Patches 34 Finally adds support of dynamically-allocated page->pte.
Also contains documentation for split page table lock.
This patch (of 34):
I've missed that we preallocate few pmds on pgd_alloc() if X86_PAE
enabled. Let's add missed constructor/destructor calls.
I haven't noticed it during testing since prep_new_page() clears
page->mapping and therefore page->ptl. It's effectively equal to
spin_lock_init(&page->ptl).
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chen Liqin <liqin.chen@sunplusct.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Howells <dhowells@redhat.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hirokazu Takata <takata@linux-m32r.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-11-14 14:31:13 -08:00
|
|
|
if (!pmd)
|
2008-06-25 00:19:13 -04:00
|
|
|
failed = true;
|
x86: add missed pgtable_pmd_page_ctor/dtor calls for preallocated pmds
In split page table lock case, we embed spinlock_t into struct page.
For obvious reason, we don't want to increase size of struct page if
spinlock_t is too big, like with DEBUG_SPINLOCK or DEBUG_LOCK_ALLOC or
on -rt kernel. So we disable split page table lock, if spinlock_t is
too big.
This patchset allows to allocate the lock dynamically if spinlock_t is
big. In this page->ptl is used to store pointer to spinlock instead of
spinlock itself. It costs additional cache line for indirect access,
but fix page fault scalability for multi-threaded applications.
LOCK_STAT depends on DEBUG_SPINLOCK, so on current kernel enabling
LOCK_STAT to analyse scalability issues breaks scalability. ;)
The patchset mostly fixes this. Results for ./thp_memscale -c 80 -b 512M
on 4-socket machine:
baseline, no CONFIG_LOCK_STAT: 9.115460703 seconds time elapsed
baseline, CONFIG_LOCK_STAT=y: 53.890567123 seconds time elapsed
patched, no CONFIG_LOCK_STAT: 8.852250368 seconds time elapsed
patched, CONFIG_LOCK_STAT=y: 11.069770759 seconds time elapsed
Patch count is scary, but most of them trivial. Overview:
Patches 1-4 Few bug fixes. No dependencies to other patches.
Probably should applied as soon as possible.
Patch 5 Changes signature of pgtable_page_ctor(). We will use it
for dynamic lock allocation, so it can fail.
Patches 6-8 Add missing constructor/destructor calls on few archs.
It's fixes NR_PAGETABLE accounting and prepare to use
split ptl.
Patches 9-33 Add pgtable_page_ctor() fail handling to all archs.
Patches 34 Finally adds support of dynamically-allocated page->pte.
Also contains documentation for split page table lock.
This patch (of 34):
I've missed that we preallocate few pmds on pgd_alloc() if X86_PAE
enabled. Let's add missed constructor/destructor calls.
I haven't noticed it during testing since prep_new_page() clears
page->mapping and therefore page->ptl. It's effectively equal to
spin_lock_init(&page->ptl).
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chen Liqin <liqin.chen@sunplusct.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Howells <dhowells@redhat.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hirokazu Takata <takata@linux-m32r.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-11-14 14:31:13 -08:00
|
|
|
if (pmd && !pgtable_pmd_page_ctor(virt_to_page(pmd))) {
|
2013-11-20 22:16:36 +00:00
|
|
|
free_page((unsigned long)pmd);
|
x86: add missed pgtable_pmd_page_ctor/dtor calls for preallocated pmds
In split page table lock case, we embed spinlock_t into struct page.
For obvious reason, we don't want to increase size of struct page if
spinlock_t is too big, like with DEBUG_SPINLOCK or DEBUG_LOCK_ALLOC or
on -rt kernel. So we disable split page table lock, if spinlock_t is
too big.
This patchset allows to allocate the lock dynamically if spinlock_t is
big. In this page->ptl is used to store pointer to spinlock instead of
spinlock itself. It costs additional cache line for indirect access,
but fix page fault scalability for multi-threaded applications.
LOCK_STAT depends on DEBUG_SPINLOCK, so on current kernel enabling
LOCK_STAT to analyse scalability issues breaks scalability. ;)
The patchset mostly fixes this. Results for ./thp_memscale -c 80 -b 512M
on 4-socket machine:
baseline, no CONFIG_LOCK_STAT: 9.115460703 seconds time elapsed
baseline, CONFIG_LOCK_STAT=y: 53.890567123 seconds time elapsed
patched, no CONFIG_LOCK_STAT: 8.852250368 seconds time elapsed
patched, CONFIG_LOCK_STAT=y: 11.069770759 seconds time elapsed
Patch count is scary, but most of them trivial. Overview:
Patches 1-4 Few bug fixes. No dependencies to other patches.
Probably should applied as soon as possible.
Patch 5 Changes signature of pgtable_page_ctor(). We will use it
for dynamic lock allocation, so it can fail.
Patches 6-8 Add missing constructor/destructor calls on few archs.
It's fixes NR_PAGETABLE accounting and prepare to use
split ptl.
Patches 9-33 Add pgtable_page_ctor() fail handling to all archs.
Patches 34 Finally adds support of dynamically-allocated page->pte.
Also contains documentation for split page table lock.
This patch (of 34):
I've missed that we preallocate few pmds on pgd_alloc() if X86_PAE
enabled. Let's add missed constructor/destructor calls.
I haven't noticed it during testing since prep_new_page() clears
page->mapping and therefore page->ptl. It's effectively equal to
spin_lock_init(&page->ptl).
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Chen Liqin <liqin.chen@sunplusct.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Chris Zankel <chris@zankel.net>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Howells <dhowells@redhat.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Helge Deller <deller@gmx.de>
Cc: Hirokazu Takata <takata@linux-m32r.org>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Paul Mundt <lethal@linux-sh.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rob Herring <rob.herring@calxeda.com>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-11-14 14:31:13 -08:00
|
|
|
pmd = NULL;
|
|
|
|
|
failed = true;
|
|
|
|
|
}
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
if (pmd)
|
|
|
|
|
mm_inc_nr_pmds(mm);
|
2008-06-25 00:19:13 -04:00
|
|
|
pmds[i] = pmd;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (failed) {
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
free_pmds(mm, pmds);
|
2008-06-25 00:19:13 -04:00
|
|
|
return -ENOMEM;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-03-17 16:36:55 -07:00
|
|
|
/*
|
|
|
|
|
* Mop up any pmd pages which may still be attached to the pgd.
|
|
|
|
|
* Normally they will be freed by munmap/exit_mmap, but any pmd we
|
|
|
|
|
* preallocate which never got a corresponding vma will need to be
|
|
|
|
|
* freed manually.
|
|
|
|
|
*/
|
|
|
|
|
static void pgd_mop_up_pmds(struct mm_struct *mm, pgd_t *pgdp)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
2008-06-25 00:19:13 -04:00
|
|
|
for(i = 0; i < PREALLOCATED_PMDS; i++) {
|
2008-03-17 16:36:55 -07:00
|
|
|
pgd_t pgd = pgdp[i];
|
|
|
|
|
|
|
|
|
|
if (pgd_val(pgd) != 0) {
|
|
|
|
|
pmd_t *pmd = (pmd_t *)pgd_page_vaddr(pgd);
|
|
|
|
|
|
|
|
|
|
pgdp[i] = native_make_pgd(0);
|
|
|
|
|
|
2008-03-17 16:37:01 -07:00
|
|
|
paravirt_release_pmd(pgd_val(pgd) >> PAGE_SHIFT);
|
2008-03-17 16:36:55 -07:00
|
|
|
pmd_free(mm, pmd);
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
mm_dec_nr_pmds(mm);
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-25 00:19:13 -04:00
|
|
|
static void pgd_prepopulate_pmd(struct mm_struct *mm, pgd_t *pgd, pmd_t *pmds[])
|
2008-03-17 16:36:55 -07:00
|
|
|
{
|
|
|
|
|
pud_t *pud;
|
|
|
|
|
int i;
|
|
|
|
|
|
2008-08-08 13:46:07 -07:00
|
|
|
if (PREALLOCATED_PMDS == 0) /* Work around gcc-3.4.x bug */
|
|
|
|
|
return;
|
|
|
|
|
|
2008-03-17 16:36:55 -07:00
|
|
|
pud = pud_offset(pgd, 0);
|
|
|
|
|
|
2013-07-08 16:00:17 -07:00
|
|
|
for (i = 0; i < PREALLOCATED_PMDS; i++, pud++) {
|
2008-06-25 00:19:13 -04:00
|
|
|
pmd_t *pmd = pmds[i];
|
2008-03-17 16:36:55 -07:00
|
|
|
|
2008-03-17 16:37:13 -07:00
|
|
|
if (i >= KERNEL_PGD_BOUNDARY)
|
2008-03-17 16:36:55 -07:00
|
|
|
memcpy(pmd, (pmd_t *)pgd_page_vaddr(swapper_pg_dir[i]),
|
|
|
|
|
sizeof(pmd_t) * PTRS_PER_PMD);
|
|
|
|
|
|
|
|
|
|
pud_populate(mm, pud, pmd);
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-03-19 20:30:40 +01:00
|
|
|
|
2015-01-15 20:30:01 -08:00
|
|
|
/*
|
|
|
|
|
* Xen paravirt assumes pgd table should be in one page. 64 bit kernel also
|
|
|
|
|
* assumes that pgd should be in one page.
|
|
|
|
|
*
|
|
|
|
|
* But kernel with PAE paging that is not running as a Xen domain
|
|
|
|
|
* only needs to allocate 32 bytes for pgd instead of one page.
|
|
|
|
|
*/
|
|
|
|
|
#ifdef CONFIG_X86_PAE
|
|
|
|
|
|
|
|
|
|
#include <linux/slab.h>
|
|
|
|
|
|
|
|
|
|
#define PGD_SIZE (PTRS_PER_PGD * sizeof(pgd_t))
|
|
|
|
|
#define PGD_ALIGN 32
|
|
|
|
|
|
|
|
|
|
static struct kmem_cache *pgd_cache;
|
|
|
|
|
|
|
|
|
|
static int __init pgd_cache_init(void)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* When PAE kernel is running as a Xen domain, it does not use
|
|
|
|
|
* shared kernel pmd. And this requires a whole page for pgd.
|
|
|
|
|
*/
|
|
|
|
|
if (!SHARED_KERNEL_PMD)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* when PAE kernel is not running as a Xen domain, it uses
|
|
|
|
|
* shared kernel pmd. Shared kernel pmd does not require a whole
|
|
|
|
|
* page for pgd. We are able to just allocate a 32-byte for pgd.
|
|
|
|
|
* During boot time, we create a 32-byte slab for pgd table allocation.
|
|
|
|
|
*/
|
|
|
|
|
pgd_cache = kmem_cache_create("pgd_cache", PGD_SIZE, PGD_ALIGN,
|
|
|
|
|
SLAB_PANIC, NULL);
|
|
|
|
|
if (!pgd_cache)
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
core_initcall(pgd_cache_init);
|
|
|
|
|
|
|
|
|
|
static inline pgd_t *_pgd_alloc(void)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* If no SHARED_KERNEL_PMD, PAE kernel is running as a Xen domain.
|
|
|
|
|
* We allocate one page for pgd.
|
|
|
|
|
*/
|
|
|
|
|
if (!SHARED_KERNEL_PMD)
|
|
|
|
|
return (pgd_t *)__get_free_page(PGALLOC_GFP);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Now PAE kernel is not running as a Xen domain. We can allocate
|
|
|
|
|
* a 32-byte slab for pgd to save memory space.
|
|
|
|
|
*/
|
|
|
|
|
return kmem_cache_alloc(pgd_cache, PGALLOC_GFP);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void _pgd_free(pgd_t *pgd)
|
|
|
|
|
{
|
|
|
|
|
if (!SHARED_KERNEL_PMD)
|
|
|
|
|
free_page((unsigned long)pgd);
|
|
|
|
|
else
|
|
|
|
|
kmem_cache_free(pgd_cache, pgd);
|
|
|
|
|
}
|
|
|
|
|
#else
|
2017-08-30 16:23:00 -07:00
|
|
|
|
|
|
|
|
/*
|
kaiser: add "nokaiser" boot option, using ALTERNATIVE
Added "nokaiser" boot option: an early param like "noinvpcid".
Most places now check int kaiser_enabled (#defined 0 when not
CONFIG_KAISER) instead of #ifdef CONFIG_KAISER; but entry_64.S
and entry_64_compat.S are using the ALTERNATIVE technique, which
patches in the preferred instructions at runtime. That technique
is tied to x86 cpu features, so X86_FEATURE_KAISER is fabricated.
Prior to "nokaiser", Kaiser #defined _PAGE_GLOBAL 0: revert that,
but be careful with both _PAGE_GLOBAL and CR4.PGE: setting them when
nokaiser like when !CONFIG_KAISER, but not setting either when kaiser -
neither matters on its own, but it's hard to be sure that _PAGE_GLOBAL
won't get set in some obscure corner, or something add PGE into CR4.
By omitting _PAGE_GLOBAL from __supported_pte_mask when kaiser_enabled,
all page table setup which uses pte_pfn() masks it out of the ptes.
It's slightly shameful that the same declaration versus definition of
kaiser_enabled appears in not one, not two, but in three header files
(asm/kaiser.h, asm/pgtable.h, asm/tlbflush.h). I felt safer that way,
than with #including any of those in any of the others; and did not
feel it worth an asm/kaiser_enabled.h - kernel/cpu/common.c includes
them all, so we shall hear about it if they get out of synch.
Cleanups while in the area: removed the silly #ifdef CONFIG_KAISER
from kaiser.c; removed the unused native_get_normal_pgd(); removed
the spurious reg clutter from SWITCH_*_CR3 macro stubs; corrected some
comments. But more interestingly, set CR4.PSE in secondary_startup_64:
the manual is clear that it does not matter whether it's 0 or 1 when
4-level-pts are enabled, but I was distracted to find cr4 different on
BSP and auxiliaries - BSP alone was adding PSE, in probe_page_size_mask().
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-09-24 16:59:49 -07:00
|
|
|
* Instead of one pgd, Kaiser acquires two pgds. Being order-1, it is
|
2017-08-30 16:23:00 -07:00
|
|
|
* both 8k in size and 8k-aligned. That lets us just flip bit 12
|
|
|
|
|
* in a pointer to swap between the two 4k halves.
|
|
|
|
|
*/
|
kaiser: add "nokaiser" boot option, using ALTERNATIVE
Added "nokaiser" boot option: an early param like "noinvpcid".
Most places now check int kaiser_enabled (#defined 0 when not
CONFIG_KAISER) instead of #ifdef CONFIG_KAISER; but entry_64.S
and entry_64_compat.S are using the ALTERNATIVE technique, which
patches in the preferred instructions at runtime. That technique
is tied to x86 cpu features, so X86_FEATURE_KAISER is fabricated.
Prior to "nokaiser", Kaiser #defined _PAGE_GLOBAL 0: revert that,
but be careful with both _PAGE_GLOBAL and CR4.PGE: setting them when
nokaiser like when !CONFIG_KAISER, but not setting either when kaiser -
neither matters on its own, but it's hard to be sure that _PAGE_GLOBAL
won't get set in some obscure corner, or something add PGE into CR4.
By omitting _PAGE_GLOBAL from __supported_pte_mask when kaiser_enabled,
all page table setup which uses pte_pfn() masks it out of the ptes.
It's slightly shameful that the same declaration versus definition of
kaiser_enabled appears in not one, not two, but in three header files
(asm/kaiser.h, asm/pgtable.h, asm/tlbflush.h). I felt safer that way,
than with #including any of those in any of the others; and did not
feel it worth an asm/kaiser_enabled.h - kernel/cpu/common.c includes
them all, so we shall hear about it if they get out of synch.
Cleanups while in the area: removed the silly #ifdef CONFIG_KAISER
from kaiser.c; removed the unused native_get_normal_pgd(); removed
the spurious reg clutter from SWITCH_*_CR3 macro stubs; corrected some
comments. But more interestingly, set CR4.PSE in secondary_startup_64:
the manual is clear that it does not matter whether it's 0 or 1 when
4-level-pts are enabled, but I was distracted to find cr4 different on
BSP and auxiliaries - BSP alone was adding PSE, in probe_page_size_mask().
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-09-24 16:59:49 -07:00
|
|
|
#define PGD_ALLOCATION_ORDER kaiser_enabled
|
2017-08-30 16:23:00 -07:00
|
|
|
|
|
|
|
|
static inline pgd_t *_pgd_alloc(void)
|
|
|
|
|
{
|
kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls
Synthetic filesystem mempressure testing has shown softlockups, with
hour-long page allocation stalls, and pgd_alloc() trying for order:1
with __GFP_REPEAT in one of the backtraces each time.
That's _pgd_alloc() going for a Kaiser double-pgd, using the __GFP_REPEAT
common to all page table allocations, but actually having no effect on
order:0 (see should_alloc_oom() and should_continue_reclaim() in this
tree, but beware that ports to another tree might behave differently).
Order:1 stack allocation has been working satisfactorily without
__GFP_REPEAT forever, and page table allocation only asks __GFP_REPEAT
for awkward occasions in a long-running process: it's not appropriate
at fork or exec time, and seems to be doing much more harm than good:
getting those contiguous pages under very heavy mempressure can be
hard (though even without it, Kaiser does generate more mempressure).
Mask out that __GFP_REPEAT inside _pgd_alloc(). Why not take it out
of the PGALLOG_GFP altogether, as v4.7 commit a3a9a59d2067 ("x86: get
rid of superfluous __GFP_REPEAT") did? Because I think that might
make a difference to our page table memcg charging, which I'd prefer
not to interfere with at this time.
hughd adds: __alloc_pages_slowpath() in the 4.4.89-stable tree handles
__GFP_REPEAT a little differently than in prod kernel or 3.18.72-stable,
so it may not always be exactly a no-op on order:0 pages, as said above;
but I think still appropriate to omit it from Kaiser or non-Kaiser pgd.
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-10-13 12:10:00 -07:00
|
|
|
/* No __GFP_REPEAT: to avoid page allocation stalls in order-1 case */
|
|
|
|
|
return (pgd_t *)__get_free_pages(PGALLOC_GFP & ~__GFP_REPEAT,
|
|
|
|
|
PGD_ALLOCATION_ORDER);
|
2015-01-15 20:30:01 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void _pgd_free(pgd_t *pgd)
|
|
|
|
|
{
|
2017-08-30 16:23:00 -07:00
|
|
|
free_pages((unsigned long)pgd, PGD_ALLOCATION_ORDER);
|
2015-01-15 20:30:01 -08:00
|
|
|
}
|
|
|
|
|
#endif /* CONFIG_X86_PAE */
|
|
|
|
|
|
2008-06-25 00:19:13 -04:00
|
|
|
pgd_t *pgd_alloc(struct mm_struct *mm)
|
2008-03-19 20:30:40 +01:00
|
|
|
{
|
2008-06-25 00:19:13 -04:00
|
|
|
pgd_t *pgd;
|
|
|
|
|
pmd_t *pmds[PREALLOCATED_PMDS];
|
2008-03-19 20:30:40 +01:00
|
|
|
|
2015-01-15 20:30:01 -08:00
|
|
|
pgd = _pgd_alloc();
|
2008-06-25 00:19:13 -04:00
|
|
|
|
|
|
|
|
if (pgd == NULL)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
mm->pgd = pgd;
|
|
|
|
|
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
if (preallocate_pmds(mm, pmds) != 0)
|
2008-06-25 00:19:13 -04:00
|
|
|
goto out_free_pgd;
|
|
|
|
|
|
|
|
|
|
if (paravirt_pgd_alloc(mm) != 0)
|
|
|
|
|
goto out_free_pmds;
|
2008-03-19 20:30:40 +01:00
|
|
|
|
|
|
|
|
/*
|
2008-06-25 00:19:13 -04:00
|
|
|
* Make sure that pre-populating the pmds is atomic with
|
|
|
|
|
* respect to anything walking the pgd_list, so that they
|
|
|
|
|
* never see a partially populated pgd.
|
2008-03-19 20:30:40 +01:00
|
|
|
*/
|
2011-02-16 15:45:22 -08:00
|
|
|
spin_lock(&pgd_lock);
|
2008-03-17 16:36:55 -07:00
|
|
|
|
2010-09-21 12:01:51 -07:00
|
|
|
pgd_ctor(mm, pgd);
|
2008-06-25 00:19:13 -04:00
|
|
|
pgd_prepopulate_pmd(mm, pgd, pmds);
|
2008-03-17 16:36:55 -07:00
|
|
|
|
2011-02-16 15:45:22 -08:00
|
|
|
spin_unlock(&pgd_lock);
|
2008-03-17 16:36:55 -07:00
|
|
|
|
|
|
|
|
return pgd;
|
2008-06-25 00:19:13 -04:00
|
|
|
|
|
|
|
|
out_free_pmds:
|
mm: account pmd page tables to the process
Dave noticed that unprivileged process can allocate significant amount of
memory -- >500 MiB on x86_64 -- and stay unnoticed by oom-killer and
memory cgroup. The trick is to allocate a lot of PMD page tables. Linux
kernel doesn't account PMD tables to the process, only PTE.
The use-cases below use few tricks to allocate a lot of PMD page tables
while keeping VmRSS and VmPTE low. oom_score for the process will be 0.
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/mman.h>
#include <sys/prctl.h>
#define PUD_SIZE (1UL << 30)
#define PMD_SIZE (1UL << 21)
#define NR_PUD 130000
int main(void)
{
char *addr = NULL;
unsigned long i;
prctl(PR_SET_THP_DISABLE);
for (i = 0; i < NR_PUD ; i++) {
addr = mmap(addr + PUD_SIZE, PUD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
if (addr == MAP_FAILED) {
perror("mmap");
break;
}
*addr = 'x';
munmap(addr, PMD_SIZE);
mmap(addr, PMD_SIZE, PROT_WRITE|PROT_READ,
MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED, -1, 0);
if (addr == MAP_FAILED)
perror("re-mmap"), exit(1);
}
printf("PID %d consumed %lu KiB in PMD page tables\n",
getpid(), i * 4096 >> 10);
return pause();
}
The patch addresses the issue by account PMD tables to the process the
same way we account PTE.
The main place where PMD tables is accounted is __pmd_alloc() and
free_pmd_range(). But there're few corner cases:
- HugeTLB can share PMD page tables. The patch handles by accounting
the table to all processes who share it.
- x86 PAE pre-allocates few PMD tables on fork.
- Architectures with FIRST_USER_ADDRESS > 0. We need to adjust sanity
check on exit(2).
Accounting only happens on configuration where PMD page table's level is
present (PMD is not folded). As with nr_ptes we use per-mm counter. The
counter value is used to calculate baseline for badness score by
oom-killer.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: David Rientjes <rientjes@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-11 15:26:50 -08:00
|
|
|
free_pmds(mm, pmds);
|
2008-06-25 00:19:13 -04:00
|
|
|
out_free_pgd:
|
2015-01-15 20:30:01 -08:00
|
|
|
_pgd_free(pgd);
|
2008-06-25 00:19:13 -04:00
|
|
|
out:
|
|
|
|
|
return NULL;
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void pgd_free(struct mm_struct *mm, pgd_t *pgd)
|
|
|
|
|
{
|
|
|
|
|
pgd_mop_up_pmds(mm, pgd);
|
|
|
|
|
pgd_dtor(pgd);
|
2008-06-25 00:19:12 -04:00
|
|
|
paravirt_pgd_free(mm, pgd);
|
2015-01-15 20:30:01 -08:00
|
|
|
_pgd_free(pgd);
|
2008-03-17 16:36:55 -07:00
|
|
|
}
|
2008-03-17 16:37:03 -07:00
|
|
|
|
2012-11-06 09:54:47 +00:00
|
|
|
/*
|
|
|
|
|
* Used to set accessed or dirty bits in the page table entries
|
|
|
|
|
* on other architectures. On x86, the accessed and dirty bits
|
|
|
|
|
* are tracked by hardware. However, do_wp_page calls this function
|
|
|
|
|
* to also make the pte writeable at the same time the dirty bit is
|
|
|
|
|
* set. In that case we do actually need to write the PTE.
|
|
|
|
|
*/
|
2008-03-17 16:37:03 -07:00
|
|
|
int ptep_set_access_flags(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long address, pte_t *ptep,
|
|
|
|
|
pte_t entry, int dirty)
|
|
|
|
|
{
|
|
|
|
|
int changed = !pte_same(*ptep, entry);
|
|
|
|
|
|
|
|
|
|
if (changed && dirty) {
|
|
|
|
|
*ptep = entry;
|
|
|
|
|
pte_update_defer(vma->vm_mm, address, ptep);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return changed;
|
|
|
|
|
}
|
2008-03-17 16:37:04 -07:00
|
|
|
|
2011-01-13 15:46:41 -08:00
|
|
|
#ifdef CONFIG_TRANSPARENT_HUGEPAGE
|
|
|
|
|
int pmdp_set_access_flags(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long address, pmd_t *pmdp,
|
|
|
|
|
pmd_t entry, int dirty)
|
|
|
|
|
{
|
|
|
|
|
int changed = !pmd_same(*pmdp, entry);
|
|
|
|
|
|
|
|
|
|
VM_BUG_ON(address & ~HPAGE_PMD_MASK);
|
|
|
|
|
|
|
|
|
|
if (changed && dirty) {
|
|
|
|
|
*pmdp = entry;
|
|
|
|
|
pmd_update_defer(vma->vm_mm, address, pmdp);
|
2012-11-20 13:02:51 +01:00
|
|
|
/*
|
|
|
|
|
* We had a write-protection fault here and changed the pmd
|
|
|
|
|
* to to more permissive. No need to flush the TLB for that,
|
|
|
|
|
* #PF is architecturally guaranteed to do that and in the
|
|
|
|
|
* worst-case we'll generate a spurious fault.
|
|
|
|
|
*/
|
2011-01-13 15:46:41 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return changed;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2008-03-17 16:37:04 -07:00
|
|
|
int ptep_test_and_clear_young(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long addr, pte_t *ptep)
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
|
|
if (pte_young(*ptep))
|
|
|
|
|
ret = test_and_clear_bit(_PAGE_BIT_ACCESSED,
|
2008-05-24 17:24:34 +02:00
|
|
|
(unsigned long *) &ptep->pte);
|
2008-03-17 16:37:04 -07:00
|
|
|
|
|
|
|
|
if (ret)
|
|
|
|
|
pte_update(vma->vm_mm, addr, ptep);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2008-03-17 16:37:05 -07:00
|
|
|
|
2011-01-13 15:46:41 -08:00
|
|
|
#ifdef CONFIG_TRANSPARENT_HUGEPAGE
|
|
|
|
|
int pmdp_test_and_clear_young(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long addr, pmd_t *pmdp)
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
|
|
|
|
if (pmd_young(*pmdp))
|
|
|
|
|
ret = test_and_clear_bit(_PAGE_BIT_ACCESSED,
|
2011-01-13 15:47:01 -08:00
|
|
|
(unsigned long *)pmdp);
|
2011-01-13 15:46:41 -08:00
|
|
|
|
|
|
|
|
if (ret)
|
|
|
|
|
pmd_update(vma->vm_mm, addr, pmdp);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2008-03-17 16:37:05 -07:00
|
|
|
int ptep_clear_flush_young(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long address, pte_t *ptep)
|
|
|
|
|
{
|
2014-04-08 15:58:09 +08:00
|
|
|
/*
|
|
|
|
|
* On x86 CPUs, clearing the accessed bit without a TLB flush
|
|
|
|
|
* doesn't cause data corruption. [ It could cause incorrect
|
|
|
|
|
* page aging and the (mistaken) reclaim of hot pages, but the
|
|
|
|
|
* chance of that should be relatively low. ]
|
|
|
|
|
*
|
|
|
|
|
* So as a performance optimization don't flush the TLB when
|
|
|
|
|
* clearing the accessed bit, it will eventually be flushed by
|
|
|
|
|
* a context switch or a VM operation anyway. [ In the rare
|
|
|
|
|
* event of it not getting flushed for a long time the delay
|
|
|
|
|
* shouldn't really matter because there's no real memory
|
|
|
|
|
* pressure for swapout to react to. ]
|
|
|
|
|
*/
|
|
|
|
|
return ptep_test_and_clear_young(vma, address, ptep);
|
2008-03-17 16:37:05 -07:00
|
|
|
}
|
2008-06-17 11:41:54 -07:00
|
|
|
|
2011-01-13 15:46:41 -08:00
|
|
|
#ifdef CONFIG_TRANSPARENT_HUGEPAGE
|
|
|
|
|
int pmdp_clear_flush_young(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long address, pmd_t *pmdp)
|
|
|
|
|
{
|
|
|
|
|
int young;
|
|
|
|
|
|
|
|
|
|
VM_BUG_ON(address & ~HPAGE_PMD_MASK);
|
|
|
|
|
|
|
|
|
|
young = pmdp_test_and_clear_young(vma, address, pmdp);
|
|
|
|
|
if (young)
|
|
|
|
|
flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
|
|
|
|
|
|
|
|
|
|
return young;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void pmdp_splitting_flush(struct vm_area_struct *vma,
|
|
|
|
|
unsigned long address, pmd_t *pmdp)
|
|
|
|
|
{
|
|
|
|
|
int set;
|
|
|
|
|
VM_BUG_ON(address & ~HPAGE_PMD_MASK);
|
|
|
|
|
set = !test_and_set_bit(_PAGE_BIT_SPLITTING,
|
2011-01-13 15:47:01 -08:00
|
|
|
(unsigned long *)pmdp);
|
2011-01-13 15:46:41 -08:00
|
|
|
if (set) {
|
|
|
|
|
pmd_update(vma->vm_mm, address, pmdp);
|
|
|
|
|
/* need tlb flush only to serialize against gup-fast */
|
|
|
|
|
flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2009-02-15 21:48:54 -03:00
|
|
|
/**
|
|
|
|
|
* reserve_top_address - reserves a hole in the top of kernel address space
|
|
|
|
|
* @reserve - size of hole to reserve
|
|
|
|
|
*
|
|
|
|
|
* Can be used to relocate the fixmap area and poke a hole in the top
|
|
|
|
|
* of kernel address space to make room for a hypervisor.
|
|
|
|
|
*/
|
|
|
|
|
void __init reserve_top_address(unsigned long reserve)
|
|
|
|
|
{
|
|
|
|
|
#ifdef CONFIG_X86_32
|
|
|
|
|
BUG_ON(fixmaps_set > 0);
|
2014-05-05 12:19:31 -07:00
|
|
|
__FIXADDR_TOP = round_down(-reserve, 1 << PMD_SHIFT) - PAGE_SIZE;
|
|
|
|
|
printk(KERN_INFO "Reserving virtual address space above 0x%08lx (rounded to 0x%08lx)\n",
|
|
|
|
|
-reserve, __FIXADDR_TOP + PAGE_SIZE);
|
2009-02-15 21:48:54 -03:00
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2008-06-17 11:41:54 -07:00
|
|
|
int fixmaps_set;
|
|
|
|
|
|
2008-06-17 11:42:01 -07:00
|
|
|
void __native_set_fixmap(enum fixed_addresses idx, pte_t pte)
|
2008-06-17 11:41:54 -07:00
|
|
|
{
|
|
|
|
|
unsigned long address = __fix_to_virt(idx);
|
|
|
|
|
|
|
|
|
|
if (idx >= __end_of_fixed_addresses) {
|
|
|
|
|
BUG();
|
|
|
|
|
return;
|
|
|
|
|
}
|
2008-06-17 11:42:01 -07:00
|
|
|
set_pte_vaddr(address, pte);
|
2008-06-17 11:41:54 -07:00
|
|
|
fixmaps_set++;
|
|
|
|
|
}
|
2008-06-17 11:42:01 -07:00
|
|
|
|
2009-04-09 10:55:33 -07:00
|
|
|
void native_set_fixmap(enum fixed_addresses idx, phys_addr_t phys,
|
|
|
|
|
pgprot_t flags)
|
2008-06-17 11:42:01 -07:00
|
|
|
{
|
|
|
|
|
__native_set_fixmap(idx, pfn_pte(phys >> PAGE_SHIFT, flags));
|
|
|
|
|
}
|
2015-04-14 15:47:32 -07:00
|
|
|
|
|
|
|
|
#ifdef CONFIG_HAVE_ARCH_HUGE_VMAP
|
2015-05-26 10:28:07 +02:00
|
|
|
/**
|
|
|
|
|
* pud_set_huge - setup kernel PUD mapping
|
|
|
|
|
*
|
2015-05-26 10:28:10 +02:00
|
|
|
* MTRRs can override PAT memory types with 4KiB granularity. Therefore, this
|
|
|
|
|
* function sets up a huge page only if any of the following conditions are met:
|
|
|
|
|
*
|
|
|
|
|
* - MTRRs are disabled, or
|
|
|
|
|
*
|
|
|
|
|
* - MTRRs are enabled and the range is completely covered by a single MTRR, or
|
|
|
|
|
*
|
|
|
|
|
* - MTRRs are enabled and the corresponding MTRR memory type is WB, which
|
|
|
|
|
* has no effect on the requested PAT memory type.
|
|
|
|
|
*
|
|
|
|
|
* Callers should try to decrease page size (1GB -> 2MB -> 4K) if the bigger
|
|
|
|
|
* page mapping attempt fails.
|
2015-05-26 10:28:07 +02:00
|
|
|
*
|
|
|
|
|
* Returns 1 on success and 0 on failure.
|
|
|
|
|
*/
|
2015-04-14 15:47:32 -07:00
|
|
|
int pud_set_huge(pud_t *pud, phys_addr_t addr, pgprot_t prot)
|
|
|
|
|
{
|
2015-05-26 10:28:10 +02:00
|
|
|
u8 mtrr, uniform;
|
2015-04-14 15:47:32 -07:00
|
|
|
|
2015-05-26 10:28:10 +02:00
|
|
|
mtrr = mtrr_type_lookup(addr, addr + PUD_SIZE, &uniform);
|
|
|
|
|
if ((mtrr != MTRR_TYPE_INVALID) && (!uniform) &&
|
|
|
|
|
(mtrr != MTRR_TYPE_WRBACK))
|
2015-04-14 15:47:32 -07:00
|
|
|
return 0;
|
|
|
|
|
|
2018-04-11 17:24:38 +02:00
|
|
|
/* Bail out if we are we on a populated non-leaf entry: */
|
|
|
|
|
if (pud_present(*pud) && !pud_huge(*pud))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-04-14 15:47:32 -07:00
|
|
|
prot = pgprot_4k_2_large(prot);
|
|
|
|
|
|
|
|
|
|
set_pte((pte_t *)pud, pfn_pte(
|
|
|
|
|
(u64)addr >> PAGE_SHIFT,
|
|
|
|
|
__pgprot(pgprot_val(prot) | _PAGE_PSE)));
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-26 10:28:07 +02:00
|
|
|
/**
|
|
|
|
|
* pmd_set_huge - setup kernel PMD mapping
|
|
|
|
|
*
|
2015-05-26 10:28:10 +02:00
|
|
|
* See text over pud_set_huge() above.
|
2015-05-26 10:28:07 +02:00
|
|
|
*
|
|
|
|
|
* Returns 1 on success and 0 on failure.
|
|
|
|
|
*/
|
2015-04-14 15:47:32 -07:00
|
|
|
int pmd_set_huge(pmd_t *pmd, phys_addr_t addr, pgprot_t prot)
|
|
|
|
|
{
|
2015-05-26 10:28:10 +02:00
|
|
|
u8 mtrr, uniform;
|
2015-04-14 15:47:32 -07:00
|
|
|
|
2015-05-26 10:28:10 +02:00
|
|
|
mtrr = mtrr_type_lookup(addr, addr + PMD_SIZE, &uniform);
|
|
|
|
|
if ((mtrr != MTRR_TYPE_INVALID) && (!uniform) &&
|
|
|
|
|
(mtrr != MTRR_TYPE_WRBACK)) {
|
|
|
|
|
pr_warn_once("%s: Cannot satisfy [mem %#010llx-%#010llx] with a huge-page mapping due to MTRR override.\n",
|
|
|
|
|
__func__, addr, addr + PMD_SIZE);
|
2015-04-14 15:47:32 -07:00
|
|
|
return 0;
|
2015-05-26 10:28:10 +02:00
|
|
|
}
|
2015-04-14 15:47:32 -07:00
|
|
|
|
2018-04-11 17:24:38 +02:00
|
|
|
/* Bail out if we are we on a populated non-leaf entry: */
|
|
|
|
|
if (pmd_present(*pmd) && !pmd_huge(*pmd))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-04-14 15:47:32 -07:00
|
|
|
prot = pgprot_4k_2_large(prot);
|
|
|
|
|
|
|
|
|
|
set_pte((pte_t *)pmd, pfn_pte(
|
|
|
|
|
(u64)addr >> PAGE_SHIFT,
|
|
|
|
|
__pgprot(pgprot_val(prot) | _PAGE_PSE)));
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-26 10:28:07 +02:00
|
|
|
/**
|
|
|
|
|
* pud_clear_huge - clear kernel PUD mapping when it is set
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 on success and 0 on failure (no PUD map is found).
|
|
|
|
|
*/
|
2015-04-14 15:47:32 -07:00
|
|
|
int pud_clear_huge(pud_t *pud)
|
|
|
|
|
{
|
|
|
|
|
if (pud_large(*pud)) {
|
|
|
|
|
pud_clear(pud);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-26 10:28:07 +02:00
|
|
|
/**
|
|
|
|
|
* pmd_clear_huge - clear kernel PMD mapping when it is set
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 on success and 0 on failure (no PMD map is found).
|
|
|
|
|
*/
|
2015-04-14 15:47:32 -07:00
|
|
|
int pmd_clear_huge(pmd_t *pmd)
|
|
|
|
|
{
|
|
|
|
|
if (pmd_large(*pmd)) {
|
|
|
|
|
pmd_clear(pmd);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
mm/vmalloc: add interfaces to free unmapped page table
commit b6bdb7517c3d3f41f20e5c2948d6bc3f8897394e upstream.
On architectures with CONFIG_HAVE_ARCH_HUGE_VMAP set, ioremap() may
create pud/pmd mappings. A kernel panic was observed on arm64 systems
with Cortex-A75 in the following steps as described by Hanjun Guo.
1. ioremap a 4K size, valid page table will build,
2. iounmap it, pte0 will set to 0;
3. ioremap the same address with 2M size, pgd/pmd is unchanged,
then set the a new value for pmd;
4. pte0 is leaked;
5. CPU may meet exception because the old pmd is still in TLB,
which will lead to kernel panic.
This panic is not reproducible on x86. INVLPG, called from iounmap,
purges all levels of entries associated with purged address on x86. x86
still has memory leak.
The patch changes the ioremap path to free unmapped page table(s) since
doing so in the unmap path has the following issues:
- The iounmap() path is shared with vunmap(). Since vmap() only
supports pte mappings, making vunmap() to free a pte page is an
overhead for regular vmap users as they do not need a pte page freed
up.
- Checking if all entries in a pte page are cleared in the unmap path
is racy, and serializing this check is expensive.
- The unmap path calls free_vmap_area_noflush() to do lazy TLB purges.
Clearing a pud/pmd entry before the lazy TLB purges needs extra TLB
purge.
Add two interfaces, pud_free_pmd_page() and pmd_free_pte_page(), which
clear a given pud/pmd entry and free up a page for the lower level
entries.
This patch implements their stub functions on x86 and arm64, which work
as workaround.
[akpm@linux-foundation.org: fix typo in pmd_free_pte_page() stub]
Link: http://lkml.kernel.org/r/20180314180155.19492-2-toshi.kani@hpe.com
Fixes: e61ce6ade404e ("mm: change ioremap to set up huge I/O mappings")
Reported-by: Lei Li <lious.lilei@hisilicon.com>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Wang Xuefeng <wxf.wang@hisilicon.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Chintan Pandya <cpandya@codeaurora.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[ tweak arm64 portion to rely on CONFIG_ARCH_HAVE_HUGE_VMAP - gregkh]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-22 16:17:20 -07:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* pud_free_pmd_page - Clear pud entry and free pmd page.
|
|
|
|
|
* @pud: Pointer to a PUD.
|
|
|
|
|
*
|
|
|
|
|
* Context: The pud range has been unmaped and TLB purged.
|
|
|
|
|
* Return: 1 if clearing the entry succeeded. 0 otherwise.
|
|
|
|
|
*/
|
|
|
|
|
int pud_free_pmd_page(pud_t *pud)
|
|
|
|
|
{
|
2018-03-22 16:17:24 -07:00
|
|
|
pmd_t *pmd;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
if (pud_none(*pud))
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
pmd = (pmd_t *)pud_page_vaddr(*pud);
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < PTRS_PER_PMD; i++)
|
|
|
|
|
if (!pmd_free_pte_page(&pmd[i]))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
pud_clear(pud);
|
|
|
|
|
free_page((unsigned long)pmd);
|
|
|
|
|
|
|
|
|
|
return 1;
|
mm/vmalloc: add interfaces to free unmapped page table
commit b6bdb7517c3d3f41f20e5c2948d6bc3f8897394e upstream.
On architectures with CONFIG_HAVE_ARCH_HUGE_VMAP set, ioremap() may
create pud/pmd mappings. A kernel panic was observed on arm64 systems
with Cortex-A75 in the following steps as described by Hanjun Guo.
1. ioremap a 4K size, valid page table will build,
2. iounmap it, pte0 will set to 0;
3. ioremap the same address with 2M size, pgd/pmd is unchanged,
then set the a new value for pmd;
4. pte0 is leaked;
5. CPU may meet exception because the old pmd is still in TLB,
which will lead to kernel panic.
This panic is not reproducible on x86. INVLPG, called from iounmap,
purges all levels of entries associated with purged address on x86. x86
still has memory leak.
The patch changes the ioremap path to free unmapped page table(s) since
doing so in the unmap path has the following issues:
- The iounmap() path is shared with vunmap(). Since vmap() only
supports pte mappings, making vunmap() to free a pte page is an
overhead for regular vmap users as they do not need a pte page freed
up.
- Checking if all entries in a pte page are cleared in the unmap path
is racy, and serializing this check is expensive.
- The unmap path calls free_vmap_area_noflush() to do lazy TLB purges.
Clearing a pud/pmd entry before the lazy TLB purges needs extra TLB
purge.
Add two interfaces, pud_free_pmd_page() and pmd_free_pte_page(), which
clear a given pud/pmd entry and free up a page for the lower level
entries.
This patch implements their stub functions on x86 and arm64, which work
as workaround.
[akpm@linux-foundation.org: fix typo in pmd_free_pte_page() stub]
Link: http://lkml.kernel.org/r/20180314180155.19492-2-toshi.kani@hpe.com
Fixes: e61ce6ade404e ("mm: change ioremap to set up huge I/O mappings")
Reported-by: Lei Li <lious.lilei@hisilicon.com>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Wang Xuefeng <wxf.wang@hisilicon.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Chintan Pandya <cpandya@codeaurora.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[ tweak arm64 portion to rely on CONFIG_ARCH_HAVE_HUGE_VMAP - gregkh]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-22 16:17:20 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* pmd_free_pte_page - Clear pmd entry and free pte page.
|
|
|
|
|
* @pmd: Pointer to a PMD.
|
|
|
|
|
*
|
|
|
|
|
* Context: The pmd range has been unmaped and TLB purged.
|
|
|
|
|
* Return: 1 if clearing the entry succeeded. 0 otherwise.
|
|
|
|
|
*/
|
|
|
|
|
int pmd_free_pte_page(pmd_t *pmd)
|
|
|
|
|
{
|
2018-03-22 16:17:24 -07:00
|
|
|
pte_t *pte;
|
|
|
|
|
|
|
|
|
|
if (pmd_none(*pmd))
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
pte = (pte_t *)pmd_page_vaddr(*pmd);
|
|
|
|
|
pmd_clear(pmd);
|
|
|
|
|
free_page((unsigned long)pte);
|
|
|
|
|
|
|
|
|
|
return 1;
|
mm/vmalloc: add interfaces to free unmapped page table
commit b6bdb7517c3d3f41f20e5c2948d6bc3f8897394e upstream.
On architectures with CONFIG_HAVE_ARCH_HUGE_VMAP set, ioremap() may
create pud/pmd mappings. A kernel panic was observed on arm64 systems
with Cortex-A75 in the following steps as described by Hanjun Guo.
1. ioremap a 4K size, valid page table will build,
2. iounmap it, pte0 will set to 0;
3. ioremap the same address with 2M size, pgd/pmd is unchanged,
then set the a new value for pmd;
4. pte0 is leaked;
5. CPU may meet exception because the old pmd is still in TLB,
which will lead to kernel panic.
This panic is not reproducible on x86. INVLPG, called from iounmap,
purges all levels of entries associated with purged address on x86. x86
still has memory leak.
The patch changes the ioremap path to free unmapped page table(s) since
doing so in the unmap path has the following issues:
- The iounmap() path is shared with vunmap(). Since vmap() only
supports pte mappings, making vunmap() to free a pte page is an
overhead for regular vmap users as they do not need a pte page freed
up.
- Checking if all entries in a pte page are cleared in the unmap path
is racy, and serializing this check is expensive.
- The unmap path calls free_vmap_area_noflush() to do lazy TLB purges.
Clearing a pud/pmd entry before the lazy TLB purges needs extra TLB
purge.
Add two interfaces, pud_free_pmd_page() and pmd_free_pte_page(), which
clear a given pud/pmd entry and free up a page for the lower level
entries.
This patch implements their stub functions on x86 and arm64, which work
as workaround.
[akpm@linux-foundation.org: fix typo in pmd_free_pte_page() stub]
Link: http://lkml.kernel.org/r/20180314180155.19492-2-toshi.kani@hpe.com
Fixes: e61ce6ade404e ("mm: change ioremap to set up huge I/O mappings")
Reported-by: Lei Li <lious.lilei@hisilicon.com>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Wang Xuefeng <wxf.wang@hisilicon.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Chintan Pandya <cpandya@codeaurora.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[ tweak arm64 portion to rely on CONFIG_ARCH_HAVE_HUGE_VMAP - gregkh]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-22 16:17:20 -07:00
|
|
|
}
|
2015-04-14 15:47:32 -07:00
|
|
|
#endif /* CONFIG_HAVE_ARCH_HUGE_VMAP */
|
