2 * Copyright (C) 2009 Red Hat, Inc.
4 * This work is licensed under the terms of the GNU GPL, version 2. See
5 * the COPYING file in the top-level directory.
9 #include <linux/sched.h>
10 #include <linux/highmem.h>
11 #include <linux/hugetlb.h>
12 #include <linux/mmu_notifier.h>
13 #include <linux/rmap.h>
14 #include <linux/swap.h>
15 #include <linux/mm_inline.h>
16 #include <linux/kthread.h>
17 #include <linux/khugepaged.h>
19 #include <asm/pgalloc.h>
23 * By default transparent hugepage support is enabled for all mappings
24 * and khugepaged scans all mappings. Defrag is only invoked by
25 * khugepaged hugepage allocations and by page faults inside
26 * MADV_HUGEPAGE regions to avoid the risk of slowing down short lived
29 unsigned long transparent_hugepage_flags __read_mostly =
30 (1<<TRANSPARENT_HUGEPAGE_FLAG)|
31 (1<<TRANSPARENT_HUGEPAGE_DEFRAG_FLAG)|
32 (1<<TRANSPARENT_HUGEPAGE_DEFRAG_KHUGEPAGED_FLAG);
34 /* default scan 8*512 pte (or vmas) every 30 second */
35 static unsigned int khugepaged_pages_to_scan __read_mostly = HPAGE_PMD_NR*8;
36 static unsigned int khugepaged_pages_collapsed;
37 static unsigned int khugepaged_full_scans;
38 static unsigned int khugepaged_scan_sleep_millisecs __read_mostly = 10000;
39 /* during fragmentation poll the hugepage allocator once every minute */
40 static unsigned int khugepaged_alloc_sleep_millisecs __read_mostly = 60000;
41 static struct task_struct *khugepaged_thread __read_mostly;
42 static DEFINE_MUTEX(khugepaged_mutex);
43 static DEFINE_SPINLOCK(khugepaged_mm_lock);
44 static DECLARE_WAIT_QUEUE_HEAD(khugepaged_wait);
46 * default collapse hugepages if there is at least one pte mapped like
47 * it would have happened if the vma was large enough during page
50 static unsigned int khugepaged_max_ptes_none __read_mostly = HPAGE_PMD_NR-1;
52 static int khugepaged(void *none);
53 static int mm_slots_hash_init(void);
54 static int khugepaged_slab_init(void);
55 static void khugepaged_slab_free(void);
57 #define MM_SLOTS_HASH_HEADS 1024
58 static struct hlist_head *mm_slots_hash __read_mostly;
59 static struct kmem_cache *mm_slot_cache __read_mostly;
62 * struct mm_slot - hash lookup from mm to mm_slot
63 * @hash: hash collision list
64 * @mm_node: khugepaged scan list headed in khugepaged_scan.mm_head
65 * @mm: the mm that this information is valid for
68 struct hlist_node hash;
69 struct list_head mm_node;
74 * struct khugepaged_scan - cursor for scanning
75 * @mm_head: the head of the mm list to scan
76 * @mm_slot: the current mm_slot we are scanning
77 * @address: the next address inside that to be scanned
79 * There is only the one khugepaged_scan instance of this cursor structure.
81 struct khugepaged_scan {
82 struct list_head mm_head;
83 struct mm_slot *mm_slot;
84 unsigned long address;
86 .mm_head = LIST_HEAD_INIT(khugepaged_scan.mm_head),
90 static int set_recommended_min_free_kbytes(void)
94 unsigned long recommended_min;
95 extern int min_free_kbytes;
97 if (!test_bit(TRANSPARENT_HUGEPAGE_FLAG,
98 &transparent_hugepage_flags) &&
99 !test_bit(TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG,
100 &transparent_hugepage_flags))
103 for_each_populated_zone(zone)
106 /* Make sure at least 2 hugepages are free for MIGRATE_RESERVE */
107 recommended_min = pageblock_nr_pages * nr_zones * 2;
110 * Make sure that on average at least two pageblocks are almost free
111 * of another type, one for a migratetype to fall back to and a
112 * second to avoid subsequent fallbacks of other types There are 3
113 * MIGRATE_TYPES we care about.
115 recommended_min += pageblock_nr_pages * nr_zones *
116 MIGRATE_PCPTYPES * MIGRATE_PCPTYPES;
118 /* don't ever allow to reserve more than 5% of the lowmem */
119 recommended_min = min(recommended_min,
120 (unsigned long) nr_free_buffer_pages() / 20);
121 recommended_min <<= (PAGE_SHIFT-10);
123 if (recommended_min > min_free_kbytes)
124 min_free_kbytes = recommended_min;
125 setup_per_zone_wmarks();
128 late_initcall(set_recommended_min_free_kbytes);
130 static int start_khugepaged(void)
133 if (khugepaged_enabled()) {
135 if (unlikely(!mm_slot_cache || !mm_slots_hash)) {
139 mutex_lock(&khugepaged_mutex);
140 if (!khugepaged_thread)
141 khugepaged_thread = kthread_run(khugepaged, NULL,
143 if (unlikely(IS_ERR(khugepaged_thread))) {
145 "khugepaged: kthread_run(khugepaged) failed\n");
146 err = PTR_ERR(khugepaged_thread);
147 khugepaged_thread = NULL;
149 wakeup = !list_empty(&khugepaged_scan.mm_head);
150 mutex_unlock(&khugepaged_mutex);
152 wake_up_interruptible(&khugepaged_wait);
154 set_recommended_min_free_kbytes();
157 wake_up_interruptible(&khugepaged_wait);
164 static ssize_t double_flag_show(struct kobject *kobj,
165 struct kobj_attribute *attr, char *buf,
166 enum transparent_hugepage_flag enabled,
167 enum transparent_hugepage_flag req_madv)
169 if (test_bit(enabled, &transparent_hugepage_flags)) {
170 VM_BUG_ON(test_bit(req_madv, &transparent_hugepage_flags));
171 return sprintf(buf, "[always] madvise never\n");
172 } else if (test_bit(req_madv, &transparent_hugepage_flags))
173 return sprintf(buf, "always [madvise] never\n");
175 return sprintf(buf, "always madvise [never]\n");
177 static ssize_t double_flag_store(struct kobject *kobj,
178 struct kobj_attribute *attr,
179 const char *buf, size_t count,
180 enum transparent_hugepage_flag enabled,
181 enum transparent_hugepage_flag req_madv)
183 if (!memcmp("always", buf,
184 min(sizeof("always")-1, count))) {
185 set_bit(enabled, &transparent_hugepage_flags);
186 clear_bit(req_madv, &transparent_hugepage_flags);
187 } else if (!memcmp("madvise", buf,
188 min(sizeof("madvise")-1, count))) {
189 clear_bit(enabled, &transparent_hugepage_flags);
190 set_bit(req_madv, &transparent_hugepage_flags);
191 } else if (!memcmp("never", buf,
192 min(sizeof("never")-1, count))) {
193 clear_bit(enabled, &transparent_hugepage_flags);
194 clear_bit(req_madv, &transparent_hugepage_flags);
201 static ssize_t enabled_show(struct kobject *kobj,
202 struct kobj_attribute *attr, char *buf)
204 return double_flag_show(kobj, attr, buf,
205 TRANSPARENT_HUGEPAGE_FLAG,
206 TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG);
208 static ssize_t enabled_store(struct kobject *kobj,
209 struct kobj_attribute *attr,
210 const char *buf, size_t count)
214 ret = double_flag_store(kobj, attr, buf, count,
215 TRANSPARENT_HUGEPAGE_FLAG,
216 TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG);
219 int err = start_khugepaged();
225 (test_bit(TRANSPARENT_HUGEPAGE_FLAG,
226 &transparent_hugepage_flags) ||
227 test_bit(TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG,
228 &transparent_hugepage_flags)))
229 set_recommended_min_free_kbytes();
233 static struct kobj_attribute enabled_attr =
234 __ATTR(enabled, 0644, enabled_show, enabled_store);
236 static ssize_t single_flag_show(struct kobject *kobj,
237 struct kobj_attribute *attr, char *buf,
238 enum transparent_hugepage_flag flag)
240 if (test_bit(flag, &transparent_hugepage_flags))
241 return sprintf(buf, "[yes] no\n");
243 return sprintf(buf, "yes [no]\n");
245 static ssize_t single_flag_store(struct kobject *kobj,
246 struct kobj_attribute *attr,
247 const char *buf, size_t count,
248 enum transparent_hugepage_flag flag)
250 if (!memcmp("yes", buf,
251 min(sizeof("yes")-1, count))) {
252 set_bit(flag, &transparent_hugepage_flags);
253 } else if (!memcmp("no", buf,
254 min(sizeof("no")-1, count))) {
255 clear_bit(flag, &transparent_hugepage_flags);
263 * Currently defrag only disables __GFP_NOWAIT for allocation. A blind
264 * __GFP_REPEAT is too aggressive, it's never worth swapping tons of
265 * memory just to allocate one more hugepage.
267 static ssize_t defrag_show(struct kobject *kobj,
268 struct kobj_attribute *attr, char *buf)
270 return double_flag_show(kobj, attr, buf,
271 TRANSPARENT_HUGEPAGE_DEFRAG_FLAG,
272 TRANSPARENT_HUGEPAGE_DEFRAG_REQ_MADV_FLAG);
274 static ssize_t defrag_store(struct kobject *kobj,
275 struct kobj_attribute *attr,
276 const char *buf, size_t count)
278 return double_flag_store(kobj, attr, buf, count,
279 TRANSPARENT_HUGEPAGE_DEFRAG_FLAG,
280 TRANSPARENT_HUGEPAGE_DEFRAG_REQ_MADV_FLAG);
282 static struct kobj_attribute defrag_attr =
283 __ATTR(defrag, 0644, defrag_show, defrag_store);
285 #ifdef CONFIG_DEBUG_VM
286 static ssize_t debug_cow_show(struct kobject *kobj,
287 struct kobj_attribute *attr, char *buf)
289 return single_flag_show(kobj, attr, buf,
290 TRANSPARENT_HUGEPAGE_DEBUG_COW_FLAG);
292 static ssize_t debug_cow_store(struct kobject *kobj,
293 struct kobj_attribute *attr,
294 const char *buf, size_t count)
296 return single_flag_store(kobj, attr, buf, count,
297 TRANSPARENT_HUGEPAGE_DEBUG_COW_FLAG);
299 static struct kobj_attribute debug_cow_attr =
300 __ATTR(debug_cow, 0644, debug_cow_show, debug_cow_store);
301 #endif /* CONFIG_DEBUG_VM */
303 static struct attribute *hugepage_attr[] = {
306 #ifdef CONFIG_DEBUG_VM
307 &debug_cow_attr.attr,
312 static struct attribute_group hugepage_attr_group = {
313 .attrs = hugepage_attr,
316 static ssize_t scan_sleep_millisecs_show(struct kobject *kobj,
317 struct kobj_attribute *attr,
320 return sprintf(buf, "%u\n", khugepaged_scan_sleep_millisecs);
323 static ssize_t scan_sleep_millisecs_store(struct kobject *kobj,
324 struct kobj_attribute *attr,
325 const char *buf, size_t count)
330 err = strict_strtoul(buf, 10, &msecs);
331 if (err || msecs > UINT_MAX)
334 khugepaged_scan_sleep_millisecs = msecs;
335 wake_up_interruptible(&khugepaged_wait);
339 static struct kobj_attribute scan_sleep_millisecs_attr =
340 __ATTR(scan_sleep_millisecs, 0644, scan_sleep_millisecs_show,
341 scan_sleep_millisecs_store);
343 static ssize_t alloc_sleep_millisecs_show(struct kobject *kobj,
344 struct kobj_attribute *attr,
347 return sprintf(buf, "%u\n", khugepaged_alloc_sleep_millisecs);
350 static ssize_t alloc_sleep_millisecs_store(struct kobject *kobj,
351 struct kobj_attribute *attr,
352 const char *buf, size_t count)
357 err = strict_strtoul(buf, 10, &msecs);
358 if (err || msecs > UINT_MAX)
361 khugepaged_alloc_sleep_millisecs = msecs;
362 wake_up_interruptible(&khugepaged_wait);
366 static struct kobj_attribute alloc_sleep_millisecs_attr =
367 __ATTR(alloc_sleep_millisecs, 0644, alloc_sleep_millisecs_show,
368 alloc_sleep_millisecs_store);
370 static ssize_t pages_to_scan_show(struct kobject *kobj,
371 struct kobj_attribute *attr,
374 return sprintf(buf, "%u\n", khugepaged_pages_to_scan);
376 static ssize_t pages_to_scan_store(struct kobject *kobj,
377 struct kobj_attribute *attr,
378 const char *buf, size_t count)
383 err = strict_strtoul(buf, 10, &pages);
384 if (err || !pages || pages > UINT_MAX)
387 khugepaged_pages_to_scan = pages;
391 static struct kobj_attribute pages_to_scan_attr =
392 __ATTR(pages_to_scan, 0644, pages_to_scan_show,
393 pages_to_scan_store);
395 static ssize_t pages_collapsed_show(struct kobject *kobj,
396 struct kobj_attribute *attr,
399 return sprintf(buf, "%u\n", khugepaged_pages_collapsed);
401 static struct kobj_attribute pages_collapsed_attr =
402 __ATTR_RO(pages_collapsed);
404 static ssize_t full_scans_show(struct kobject *kobj,
405 struct kobj_attribute *attr,
408 return sprintf(buf, "%u\n", khugepaged_full_scans);
410 static struct kobj_attribute full_scans_attr =
411 __ATTR_RO(full_scans);
413 static ssize_t khugepaged_defrag_show(struct kobject *kobj,
414 struct kobj_attribute *attr, char *buf)
416 return single_flag_show(kobj, attr, buf,
417 TRANSPARENT_HUGEPAGE_DEFRAG_KHUGEPAGED_FLAG);
419 static ssize_t khugepaged_defrag_store(struct kobject *kobj,
420 struct kobj_attribute *attr,
421 const char *buf, size_t count)
423 return single_flag_store(kobj, attr, buf, count,
424 TRANSPARENT_HUGEPAGE_DEFRAG_KHUGEPAGED_FLAG);
426 static struct kobj_attribute khugepaged_defrag_attr =
427 __ATTR(defrag, 0644, khugepaged_defrag_show,
428 khugepaged_defrag_store);
431 * max_ptes_none controls if khugepaged should collapse hugepages over
432 * any unmapped ptes in turn potentially increasing the memory
433 * footprint of the vmas. When max_ptes_none is 0 khugepaged will not
434 * reduce the available free memory in the system as it
435 * runs. Increasing max_ptes_none will instead potentially reduce the
436 * free memory in the system during the khugepaged scan.
438 static ssize_t khugepaged_max_ptes_none_show(struct kobject *kobj,
439 struct kobj_attribute *attr,
442 return sprintf(buf, "%u\n", khugepaged_max_ptes_none);
444 static ssize_t khugepaged_max_ptes_none_store(struct kobject *kobj,
445 struct kobj_attribute *attr,
446 const char *buf, size_t count)
449 unsigned long max_ptes_none;
451 err = strict_strtoul(buf, 10, &max_ptes_none);
452 if (err || max_ptes_none > HPAGE_PMD_NR-1)
455 khugepaged_max_ptes_none = max_ptes_none;
459 static struct kobj_attribute khugepaged_max_ptes_none_attr =
460 __ATTR(max_ptes_none, 0644, khugepaged_max_ptes_none_show,
461 khugepaged_max_ptes_none_store);
463 static struct attribute *khugepaged_attr[] = {
464 &khugepaged_defrag_attr.attr,
465 &khugepaged_max_ptes_none_attr.attr,
466 &pages_to_scan_attr.attr,
467 &pages_collapsed_attr.attr,
468 &full_scans_attr.attr,
469 &scan_sleep_millisecs_attr.attr,
470 &alloc_sleep_millisecs_attr.attr,
474 static struct attribute_group khugepaged_attr_group = {
475 .attrs = khugepaged_attr,
476 .name = "khugepaged",
478 #endif /* CONFIG_SYSFS */
480 static int __init hugepage_init(void)
484 static struct kobject *hugepage_kobj;
487 hugepage_kobj = kobject_create_and_add("transparent_hugepage", mm_kobj);
488 if (unlikely(!hugepage_kobj)) {
489 printk(KERN_ERR "hugepage: failed kobject create\n");
493 err = sysfs_create_group(hugepage_kobj, &hugepage_attr_group);
495 printk(KERN_ERR "hugepage: failed register hugeage group\n");
499 err = sysfs_create_group(hugepage_kobj, &khugepaged_attr_group);
501 printk(KERN_ERR "hugepage: failed register hugeage group\n");
506 err = khugepaged_slab_init();
510 err = mm_slots_hash_init();
512 khugepaged_slab_free();
518 set_recommended_min_free_kbytes();
523 module_init(hugepage_init)
525 static int __init setup_transparent_hugepage(char *str)
530 if (!strcmp(str, "always")) {
531 set_bit(TRANSPARENT_HUGEPAGE_FLAG,
532 &transparent_hugepage_flags);
533 clear_bit(TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG,
534 &transparent_hugepage_flags);
536 } else if (!strcmp(str, "madvise")) {
537 clear_bit(TRANSPARENT_HUGEPAGE_FLAG,
538 &transparent_hugepage_flags);
539 set_bit(TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG,
540 &transparent_hugepage_flags);
542 } else if (!strcmp(str, "never")) {
543 clear_bit(TRANSPARENT_HUGEPAGE_FLAG,
544 &transparent_hugepage_flags);
545 clear_bit(TRANSPARENT_HUGEPAGE_REQ_MADV_FLAG,
546 &transparent_hugepage_flags);
552 "transparent_hugepage= cannot parse, ignored\n");
555 __setup("transparent_hugepage=", setup_transparent_hugepage);
557 static void prepare_pmd_huge_pte(pgtable_t pgtable,
558 struct mm_struct *mm)
560 assert_spin_locked(&mm->page_table_lock);
563 if (!mm->pmd_huge_pte)
564 INIT_LIST_HEAD(&pgtable->lru);
566 list_add(&pgtable->lru, &mm->pmd_huge_pte->lru);
567 mm->pmd_huge_pte = pgtable;
570 static inline pmd_t maybe_pmd_mkwrite(pmd_t pmd, struct vm_area_struct *vma)
572 if (likely(vma->vm_flags & VM_WRITE))
573 pmd = pmd_mkwrite(pmd);
577 static int __do_huge_pmd_anonymous_page(struct mm_struct *mm,
578 struct vm_area_struct *vma,
579 unsigned long haddr, pmd_t *pmd,
585 VM_BUG_ON(!PageCompound(page));
586 pgtable = pte_alloc_one(mm, haddr);
587 if (unlikely(!pgtable)) {
588 mem_cgroup_uncharge_page(page);
593 clear_huge_page(page, haddr, HPAGE_PMD_NR);
594 __SetPageUptodate(page);
596 spin_lock(&mm->page_table_lock);
597 if (unlikely(!pmd_none(*pmd))) {
598 spin_unlock(&mm->page_table_lock);
599 mem_cgroup_uncharge_page(page);
601 pte_free(mm, pgtable);
604 entry = mk_pmd(page, vma->vm_page_prot);
605 entry = maybe_pmd_mkwrite(pmd_mkdirty(entry), vma);
606 entry = pmd_mkhuge(entry);
608 * The spinlocking to take the lru_lock inside
609 * page_add_new_anon_rmap() acts as a full memory
610 * barrier to be sure clear_huge_page writes become
611 * visible after the set_pmd_at() write.
613 page_add_new_anon_rmap(page, vma, haddr);
614 set_pmd_at(mm, haddr, pmd, entry);
615 prepare_pmd_huge_pte(pgtable, mm);
616 add_mm_counter(mm, MM_ANONPAGES, HPAGE_PMD_NR);
617 spin_unlock(&mm->page_table_lock);
623 static inline struct page *alloc_hugepage(int defrag)
625 return alloc_pages(GFP_TRANSHUGE & ~(defrag ? 0 : __GFP_WAIT),
629 int do_huge_pmd_anonymous_page(struct mm_struct *mm, struct vm_area_struct *vma,
630 unsigned long address, pmd_t *pmd,
634 unsigned long haddr = address & HPAGE_PMD_MASK;
637 if (haddr >= vma->vm_start && haddr + HPAGE_PMD_SIZE <= vma->vm_end) {
638 if (unlikely(anon_vma_prepare(vma)))
640 if (unlikely(khugepaged_enter(vma)))
642 page = alloc_hugepage(transparent_hugepage_defrag(vma));
645 if (unlikely(mem_cgroup_newpage_charge(page, mm, GFP_KERNEL))) {
650 return __do_huge_pmd_anonymous_page(mm, vma, haddr, pmd, page);
654 * Use __pte_alloc instead of pte_alloc_map, because we can't
655 * run pte_offset_map on the pmd, if an huge pmd could
656 * materialize from under us from a different thread.
658 if (unlikely(__pte_alloc(mm, vma, pmd, address)))
660 /* if an huge pmd materialized from under us just retry later */
661 if (unlikely(pmd_trans_huge(*pmd)))
664 * A regular pmd is established and it can't morph into a huge pmd
665 * from under us anymore at this point because we hold the mmap_sem
666 * read mode and khugepaged takes it in write mode. So now it's
667 * safe to run pte_offset_map().
669 pte = pte_offset_map(pmd, address);
670 return handle_pte_fault(mm, vma, address, pte, pmd, flags);
673 int copy_huge_pmd(struct mm_struct *dst_mm, struct mm_struct *src_mm,
674 pmd_t *dst_pmd, pmd_t *src_pmd, unsigned long addr,
675 struct vm_area_struct *vma)
677 struct page *src_page;
683 pgtable = pte_alloc_one(dst_mm, addr);
684 if (unlikely(!pgtable))
687 spin_lock(&dst_mm->page_table_lock);
688 spin_lock_nested(&src_mm->page_table_lock, SINGLE_DEPTH_NESTING);
692 if (unlikely(!pmd_trans_huge(pmd))) {
693 pte_free(dst_mm, pgtable);
696 if (unlikely(pmd_trans_splitting(pmd))) {
697 /* split huge page running from under us */
698 spin_unlock(&src_mm->page_table_lock);
699 spin_unlock(&dst_mm->page_table_lock);
700 pte_free(dst_mm, pgtable);
702 wait_split_huge_page(vma->anon_vma, src_pmd); /* src_vma */
705 src_page = pmd_page(pmd);
706 VM_BUG_ON(!PageHead(src_page));
708 page_dup_rmap(src_page);
709 add_mm_counter(dst_mm, MM_ANONPAGES, HPAGE_PMD_NR);
711 pmdp_set_wrprotect(src_mm, addr, src_pmd);
712 pmd = pmd_mkold(pmd_wrprotect(pmd));
713 set_pmd_at(dst_mm, addr, dst_pmd, pmd);
714 prepare_pmd_huge_pte(pgtable, dst_mm);
718 spin_unlock(&src_mm->page_table_lock);
719 spin_unlock(&dst_mm->page_table_lock);
724 /* no "address" argument so destroys page coloring of some arch */
725 pgtable_t get_pmd_huge_pte(struct mm_struct *mm)
729 assert_spin_locked(&mm->page_table_lock);
732 pgtable = mm->pmd_huge_pte;
733 if (list_empty(&pgtable->lru))
734 mm->pmd_huge_pte = NULL;
736 mm->pmd_huge_pte = list_entry(pgtable->lru.next,
738 list_del(&pgtable->lru);
743 static int do_huge_pmd_wp_page_fallback(struct mm_struct *mm,
744 struct vm_area_struct *vma,
745 unsigned long address,
746 pmd_t *pmd, pmd_t orig_pmd,
755 pages = kmalloc(sizeof(struct page *) * HPAGE_PMD_NR,
757 if (unlikely(!pages)) {
762 for (i = 0; i < HPAGE_PMD_NR; i++) {
763 pages[i] = alloc_page_vma(GFP_HIGHUSER_MOVABLE,
765 if (unlikely(!pages[i] ||
766 mem_cgroup_newpage_charge(pages[i], mm,
770 mem_cgroup_uncharge_start();
772 mem_cgroup_uncharge_page(pages[i]);
775 mem_cgroup_uncharge_end();
782 for (i = 0; i < HPAGE_PMD_NR; i++) {
783 copy_user_highpage(pages[i], page + i,
784 haddr + PAGE_SHIFT*i, vma);
785 __SetPageUptodate(pages[i]);
789 spin_lock(&mm->page_table_lock);
790 if (unlikely(!pmd_same(*pmd, orig_pmd)))
792 VM_BUG_ON(!PageHead(page));
794 pmdp_clear_flush_notify(vma, haddr, pmd);
795 /* leave pmd empty until pte is filled */
797 pgtable = get_pmd_huge_pte(mm);
798 pmd_populate(mm, &_pmd, pgtable);
800 for (i = 0; i < HPAGE_PMD_NR; i++, haddr += PAGE_SIZE) {
802 entry = mk_pte(pages[i], vma->vm_page_prot);
803 entry = maybe_mkwrite(pte_mkdirty(entry), vma);
804 page_add_new_anon_rmap(pages[i], vma, haddr);
805 pte = pte_offset_map(&_pmd, haddr);
806 VM_BUG_ON(!pte_none(*pte));
807 set_pte_at(mm, haddr, pte, entry);
813 smp_wmb(); /* make pte visible before pmd */
814 pmd_populate(mm, pmd, pgtable);
815 page_remove_rmap(page);
816 spin_unlock(&mm->page_table_lock);
818 ret |= VM_FAULT_WRITE;
825 spin_unlock(&mm->page_table_lock);
826 mem_cgroup_uncharge_start();
827 for (i = 0; i < HPAGE_PMD_NR; i++) {
828 mem_cgroup_uncharge_page(pages[i]);
831 mem_cgroup_uncharge_end();
836 int do_huge_pmd_wp_page(struct mm_struct *mm, struct vm_area_struct *vma,
837 unsigned long address, pmd_t *pmd, pmd_t orig_pmd)
840 struct page *page, *new_page;
843 VM_BUG_ON(!vma->anon_vma);
844 spin_lock(&mm->page_table_lock);
845 if (unlikely(!pmd_same(*pmd, orig_pmd)))
848 page = pmd_page(orig_pmd);
849 VM_BUG_ON(!PageCompound(page) || !PageHead(page));
850 haddr = address & HPAGE_PMD_MASK;
851 if (page_mapcount(page) == 1) {
853 entry = pmd_mkyoung(orig_pmd);
854 entry = maybe_pmd_mkwrite(pmd_mkdirty(entry), vma);
855 if (pmdp_set_access_flags(vma, haddr, pmd, entry, 1))
856 update_mmu_cache(vma, address, entry);
857 ret |= VM_FAULT_WRITE;
861 spin_unlock(&mm->page_table_lock);
863 if (transparent_hugepage_enabled(vma) &&
864 !transparent_hugepage_debug_cow())
865 new_page = alloc_hugepage(transparent_hugepage_defrag(vma));
869 if (unlikely(!new_page)) {
870 ret = do_huge_pmd_wp_page_fallback(mm, vma, address,
871 pmd, orig_pmd, page, haddr);
876 if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL))) {
883 copy_user_huge_page(new_page, page, haddr, vma, HPAGE_PMD_NR);
884 __SetPageUptodate(new_page);
886 spin_lock(&mm->page_table_lock);
888 if (unlikely(!pmd_same(*pmd, orig_pmd))) {
889 mem_cgroup_uncharge_page(new_page);
893 VM_BUG_ON(!PageHead(page));
894 entry = mk_pmd(new_page, vma->vm_page_prot);
895 entry = maybe_pmd_mkwrite(pmd_mkdirty(entry), vma);
896 entry = pmd_mkhuge(entry);
897 pmdp_clear_flush_notify(vma, haddr, pmd);
898 page_add_new_anon_rmap(new_page, vma, haddr);
899 set_pmd_at(mm, haddr, pmd, entry);
900 update_mmu_cache(vma, address, entry);
901 page_remove_rmap(page);
903 ret |= VM_FAULT_WRITE;
906 spin_unlock(&mm->page_table_lock);
911 struct page *follow_trans_huge_pmd(struct mm_struct *mm,
916 struct page *page = NULL;
918 assert_spin_locked(&mm->page_table_lock);
920 if (flags & FOLL_WRITE && !pmd_write(*pmd))
923 page = pmd_page(*pmd);
924 VM_BUG_ON(!PageHead(page));
925 if (flags & FOLL_TOUCH) {
928 * We should set the dirty bit only for FOLL_WRITE but
929 * for now the dirty bit in the pmd is meaningless.
930 * And if the dirty bit will become meaningful and
931 * we'll only set it with FOLL_WRITE, an atomic
932 * set_bit will be required on the pmd to set the
933 * young bit, instead of the current set_pmd_at.
935 _pmd = pmd_mkyoung(pmd_mkdirty(*pmd));
936 set_pmd_at(mm, addr & HPAGE_PMD_MASK, pmd, _pmd);
938 page += (addr & ~HPAGE_PMD_MASK) >> PAGE_SHIFT;
939 VM_BUG_ON(!PageCompound(page));
940 if (flags & FOLL_GET)
947 int zap_huge_pmd(struct mmu_gather *tlb, struct vm_area_struct *vma,
952 spin_lock(&tlb->mm->page_table_lock);
953 if (likely(pmd_trans_huge(*pmd))) {
954 if (unlikely(pmd_trans_splitting(*pmd))) {
955 spin_unlock(&tlb->mm->page_table_lock);
956 wait_split_huge_page(vma->anon_vma,
961 pgtable = get_pmd_huge_pte(tlb->mm);
962 page = pmd_page(*pmd);
964 page_remove_rmap(page);
965 VM_BUG_ON(page_mapcount(page) < 0);
966 add_mm_counter(tlb->mm, MM_ANONPAGES, -HPAGE_PMD_NR);
967 VM_BUG_ON(!PageHead(page));
968 spin_unlock(&tlb->mm->page_table_lock);
969 tlb_remove_page(tlb, page);
970 pte_free(tlb->mm, pgtable);
974 spin_unlock(&tlb->mm->page_table_lock);
979 int mincore_huge_pmd(struct vm_area_struct *vma, pmd_t *pmd,
980 unsigned long addr, unsigned long end,
985 spin_lock(&vma->vm_mm->page_table_lock);
986 if (likely(pmd_trans_huge(*pmd))) {
987 ret = !pmd_trans_splitting(*pmd);
988 spin_unlock(&vma->vm_mm->page_table_lock);
990 wait_split_huge_page(vma->anon_vma, pmd);
993 * All logical pages in the range are present
994 * if backed by a huge page.
996 memset(vec, 1, (end - addr) >> PAGE_SHIFT);
999 spin_unlock(&vma->vm_mm->page_table_lock);
1004 int change_huge_pmd(struct vm_area_struct *vma, pmd_t *pmd,
1005 unsigned long addr, pgprot_t newprot)
1007 struct mm_struct *mm = vma->vm_mm;
1010 spin_lock(&mm->page_table_lock);
1011 if (likely(pmd_trans_huge(*pmd))) {
1012 if (unlikely(pmd_trans_splitting(*pmd))) {
1013 spin_unlock(&mm->page_table_lock);
1014 wait_split_huge_page(vma->anon_vma, pmd);
1018 entry = pmdp_get_and_clear(mm, addr, pmd);
1019 entry = pmd_modify(entry, newprot);
1020 set_pmd_at(mm, addr, pmd, entry);
1021 spin_unlock(&vma->vm_mm->page_table_lock);
1022 flush_tlb_range(vma, addr, addr + HPAGE_PMD_SIZE);
1026 spin_unlock(&vma->vm_mm->page_table_lock);
1031 pmd_t *page_check_address_pmd(struct page *page,
1032 struct mm_struct *mm,
1033 unsigned long address,
1034 enum page_check_address_pmd_flag flag)
1038 pmd_t *pmd, *ret = NULL;
1040 if (address & ~HPAGE_PMD_MASK)
1043 pgd = pgd_offset(mm, address);
1044 if (!pgd_present(*pgd))
1047 pud = pud_offset(pgd, address);
1048 if (!pud_present(*pud))
1051 pmd = pmd_offset(pud, address);
1054 if (pmd_page(*pmd) != page)
1056 VM_BUG_ON(flag == PAGE_CHECK_ADDRESS_PMD_NOTSPLITTING_FLAG &&
1057 pmd_trans_splitting(*pmd));
1058 if (pmd_trans_huge(*pmd)) {
1059 VM_BUG_ON(flag == PAGE_CHECK_ADDRESS_PMD_SPLITTING_FLAG &&
1060 !pmd_trans_splitting(*pmd));
1067 static int __split_huge_page_splitting(struct page *page,
1068 struct vm_area_struct *vma,
1069 unsigned long address)
1071 struct mm_struct *mm = vma->vm_mm;
1075 spin_lock(&mm->page_table_lock);
1076 pmd = page_check_address_pmd(page, mm, address,
1077 PAGE_CHECK_ADDRESS_PMD_NOTSPLITTING_FLAG);
1080 * We can't temporarily set the pmd to null in order
1081 * to split it, the pmd must remain marked huge at all
1082 * times or the VM won't take the pmd_trans_huge paths
1083 * and it won't wait on the anon_vma->root->lock to
1084 * serialize against split_huge_page*.
1086 pmdp_splitting_flush_notify(vma, address, pmd);
1089 spin_unlock(&mm->page_table_lock);
1094 static void __split_huge_page_refcount(struct page *page)
1097 unsigned long head_index = page->index;
1098 struct zone *zone = page_zone(page);
1100 /* prevent PageLRU to go away from under us, and freeze lru stats */
1101 spin_lock_irq(&zone->lru_lock);
1102 compound_lock(page);
1104 for (i = 1; i < HPAGE_PMD_NR; i++) {
1105 struct page *page_tail = page + i;
1107 /* tail_page->_count cannot change */
1108 atomic_sub(atomic_read(&page_tail->_count), &page->_count);
1109 BUG_ON(page_count(page) <= 0);
1110 atomic_add(page_mapcount(page) + 1, &page_tail->_count);
1111 BUG_ON(atomic_read(&page_tail->_count) <= 0);
1113 /* after clearing PageTail the gup refcount can be released */
1116 page_tail->flags &= ~PAGE_FLAGS_CHECK_AT_PREP;
1117 page_tail->flags |= (page->flags &
1118 ((1L << PG_referenced) |
1119 (1L << PG_swapbacked) |
1120 (1L << PG_mlocked) |
1121 (1L << PG_uptodate)));
1122 page_tail->flags |= (1L << PG_dirty);
1125 * 1) clear PageTail before overwriting first_page
1126 * 2) clear PageTail before clearing PageHead for VM_BUG_ON
1131 * __split_huge_page_splitting() already set the
1132 * splitting bit in all pmd that could map this
1133 * hugepage, that will ensure no CPU can alter the
1134 * mapcount on the head page. The mapcount is only
1135 * accounted in the head page and it has to be
1136 * transferred to all tail pages in the below code. So
1137 * for this code to be safe, the split the mapcount
1138 * can't change. But that doesn't mean userland can't
1139 * keep changing and reading the page contents while
1140 * we transfer the mapcount, so the pmd splitting
1141 * status is achieved setting a reserved bit in the
1142 * pmd, not by clearing the present bit.
1144 BUG_ON(page_mapcount(page_tail));
1145 page_tail->_mapcount = page->_mapcount;
1147 BUG_ON(page_tail->mapping);
1148 page_tail->mapping = page->mapping;
1150 page_tail->index = ++head_index;
1152 BUG_ON(!PageAnon(page_tail));
1153 BUG_ON(!PageUptodate(page_tail));
1154 BUG_ON(!PageDirty(page_tail));
1155 BUG_ON(!PageSwapBacked(page_tail));
1157 lru_add_page_tail(zone, page, page_tail);
1160 __dec_zone_page_state(page, NR_ANON_TRANSPARENT_HUGEPAGES);
1161 __mod_zone_page_state(zone, NR_ANON_PAGES, HPAGE_PMD_NR);
1163 ClearPageCompound(page);
1164 compound_unlock(page);
1165 spin_unlock_irq(&zone->lru_lock);
1167 for (i = 1; i < HPAGE_PMD_NR; i++) {
1168 struct page *page_tail = page + i;
1169 BUG_ON(page_count(page_tail) <= 0);
1171 * Tail pages may be freed if there wasn't any mapping
1172 * like if add_to_swap() is running on a lru page that
1173 * had its mapping zapped. And freeing these pages
1174 * requires taking the lru_lock so we do the put_page
1175 * of the tail pages after the split is complete.
1177 put_page(page_tail);
1181 * Only the head page (now become a regular page) is required
1182 * to be pinned by the caller.
1184 BUG_ON(page_count(page) <= 0);
1187 static int __split_huge_page_map(struct page *page,
1188 struct vm_area_struct *vma,
1189 unsigned long address)
1191 struct mm_struct *mm = vma->vm_mm;
1195 unsigned long haddr;
1197 spin_lock(&mm->page_table_lock);
1198 pmd = page_check_address_pmd(page, mm, address,
1199 PAGE_CHECK_ADDRESS_PMD_SPLITTING_FLAG);
1201 pgtable = get_pmd_huge_pte(mm);
1202 pmd_populate(mm, &_pmd, pgtable);
1204 for (i = 0, haddr = address; i < HPAGE_PMD_NR;
1205 i++, haddr += PAGE_SIZE) {
1207 BUG_ON(PageCompound(page+i));
1208 entry = mk_pte(page + i, vma->vm_page_prot);
1209 entry = maybe_mkwrite(pte_mkdirty(entry), vma);
1210 if (!pmd_write(*pmd))
1211 entry = pte_wrprotect(entry);
1213 BUG_ON(page_mapcount(page) != 1);
1214 if (!pmd_young(*pmd))
1215 entry = pte_mkold(entry);
1216 pte = pte_offset_map(&_pmd, haddr);
1217 BUG_ON(!pte_none(*pte));
1218 set_pte_at(mm, haddr, pte, entry);
1223 smp_wmb(); /* make pte visible before pmd */
1225 * Up to this point the pmd is present and huge and
1226 * userland has the whole access to the hugepage
1227 * during the split (which happens in place). If we
1228 * overwrite the pmd with the not-huge version
1229 * pointing to the pte here (which of course we could
1230 * if all CPUs were bug free), userland could trigger
1231 * a small page size TLB miss on the small sized TLB
1232 * while the hugepage TLB entry is still established
1233 * in the huge TLB. Some CPU doesn't like that. See
1234 * http://support.amd.com/us/Processor_TechDocs/41322.pdf,
1235 * Erratum 383 on page 93. Intel should be safe but is
1236 * also warns that it's only safe if the permission
1237 * and cache attributes of the two entries loaded in
1238 * the two TLB is identical (which should be the case
1239 * here). But it is generally safer to never allow
1240 * small and huge TLB entries for the same virtual
1241 * address to be loaded simultaneously. So instead of
1242 * doing "pmd_populate(); flush_tlb_range();" we first
1243 * mark the current pmd notpresent (atomically because
1244 * here the pmd_trans_huge and pmd_trans_splitting
1245 * must remain set at all times on the pmd until the
1246 * split is complete for this pmd), then we flush the
1247 * SMP TLB and finally we write the non-huge version
1248 * of the pmd entry with pmd_populate.
1250 set_pmd_at(mm, address, pmd, pmd_mknotpresent(*pmd));
1251 flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
1252 pmd_populate(mm, pmd, pgtable);
1255 spin_unlock(&mm->page_table_lock);
1260 /* must be called with anon_vma->root->lock hold */
1261 static void __split_huge_page(struct page *page,
1262 struct anon_vma *anon_vma)
1264 int mapcount, mapcount2;
1265 struct anon_vma_chain *avc;
1267 BUG_ON(!PageHead(page));
1268 BUG_ON(PageTail(page));
1271 list_for_each_entry(avc, &anon_vma->head, same_anon_vma) {
1272 struct vm_area_struct *vma = avc->vma;
1273 unsigned long addr = vma_address(page, vma);
1274 BUG_ON(is_vma_temporary_stack(vma));
1275 if (addr == -EFAULT)
1277 mapcount += __split_huge_page_splitting(page, vma, addr);
1280 * It is critical that new vmas are added to the tail of the
1281 * anon_vma list. This guarantes that if copy_huge_pmd() runs
1282 * and establishes a child pmd before
1283 * __split_huge_page_splitting() freezes the parent pmd (so if
1284 * we fail to prevent copy_huge_pmd() from running until the
1285 * whole __split_huge_page() is complete), we will still see
1286 * the newly established pmd of the child later during the
1287 * walk, to be able to set it as pmd_trans_splitting too.
1289 if (mapcount != page_mapcount(page))
1290 printk(KERN_ERR "mapcount %d page_mapcount %d\n",
1291 mapcount, page_mapcount(page));
1292 BUG_ON(mapcount != page_mapcount(page));
1294 __split_huge_page_refcount(page);
1297 list_for_each_entry(avc, &anon_vma->head, same_anon_vma) {
1298 struct vm_area_struct *vma = avc->vma;
1299 unsigned long addr = vma_address(page, vma);
1300 BUG_ON(is_vma_temporary_stack(vma));
1301 if (addr == -EFAULT)
1303 mapcount2 += __split_huge_page_map(page, vma, addr);
1305 if (mapcount != mapcount2)
1306 printk(KERN_ERR "mapcount %d mapcount2 %d page_mapcount %d\n",
1307 mapcount, mapcount2, page_mapcount(page));
1308 BUG_ON(mapcount != mapcount2);
1311 int split_huge_page(struct page *page)
1313 struct anon_vma *anon_vma;
1316 BUG_ON(!PageAnon(page));
1317 anon_vma = page_lock_anon_vma(page);
1321 if (!PageCompound(page))
1324 BUG_ON(!PageSwapBacked(page));
1325 __split_huge_page(page, anon_vma);
1327 BUG_ON(PageCompound(page));
1329 page_unlock_anon_vma(anon_vma);
1334 int hugepage_madvise(unsigned long *vm_flags)
1337 * Be somewhat over-protective like KSM for now!
1339 if (*vm_flags & (VM_HUGEPAGE | VM_SHARED | VM_MAYSHARE |
1340 VM_PFNMAP | VM_IO | VM_DONTEXPAND |
1341 VM_RESERVED | VM_HUGETLB | VM_INSERTPAGE |
1342 VM_MIXEDMAP | VM_SAO))
1345 *vm_flags |= VM_HUGEPAGE;
1350 static int __init khugepaged_slab_init(void)
1352 mm_slot_cache = kmem_cache_create("khugepaged_mm_slot",
1353 sizeof(struct mm_slot),
1354 __alignof__(struct mm_slot), 0, NULL);
1361 static void __init khugepaged_slab_free(void)
1363 kmem_cache_destroy(mm_slot_cache);
1364 mm_slot_cache = NULL;
1367 static inline struct mm_slot *alloc_mm_slot(void)
1369 if (!mm_slot_cache) /* initialization failed */
1371 return kmem_cache_zalloc(mm_slot_cache, GFP_KERNEL);
1374 static inline void free_mm_slot(struct mm_slot *mm_slot)
1376 kmem_cache_free(mm_slot_cache, mm_slot);
1379 static int __init mm_slots_hash_init(void)
1381 mm_slots_hash = kzalloc(MM_SLOTS_HASH_HEADS * sizeof(struct hlist_head),
1389 static void __init mm_slots_hash_free(void)
1391 kfree(mm_slots_hash);
1392 mm_slots_hash = NULL;
1396 static struct mm_slot *get_mm_slot(struct mm_struct *mm)
1398 struct mm_slot *mm_slot;
1399 struct hlist_head *bucket;
1400 struct hlist_node *node;
1402 bucket = &mm_slots_hash[((unsigned long)mm / sizeof(struct mm_struct))
1403 % MM_SLOTS_HASH_HEADS];
1404 hlist_for_each_entry(mm_slot, node, bucket, hash) {
1405 if (mm == mm_slot->mm)
1411 static void insert_to_mm_slots_hash(struct mm_struct *mm,
1412 struct mm_slot *mm_slot)
1414 struct hlist_head *bucket;
1416 bucket = &mm_slots_hash[((unsigned long)mm / sizeof(struct mm_struct))
1417 % MM_SLOTS_HASH_HEADS];
1419 hlist_add_head(&mm_slot->hash, bucket);
1422 static inline int khugepaged_test_exit(struct mm_struct *mm)
1424 return atomic_read(&mm->mm_users) == 0;
1427 int __khugepaged_enter(struct mm_struct *mm)
1429 struct mm_slot *mm_slot;
1432 mm_slot = alloc_mm_slot();
1436 /* __khugepaged_exit() must not run from under us */
1437 VM_BUG_ON(khugepaged_test_exit(mm));
1438 if (unlikely(test_and_set_bit(MMF_VM_HUGEPAGE, &mm->flags))) {
1439 free_mm_slot(mm_slot);
1443 spin_lock(&khugepaged_mm_lock);
1444 insert_to_mm_slots_hash(mm, mm_slot);
1446 * Insert just behind the scanning cursor, to let the area settle
1449 wakeup = list_empty(&khugepaged_scan.mm_head);
1450 list_add_tail(&mm_slot->mm_node, &khugepaged_scan.mm_head);
1451 spin_unlock(&khugepaged_mm_lock);
1453 atomic_inc(&mm->mm_count);
1455 wake_up_interruptible(&khugepaged_wait);
1460 int khugepaged_enter_vma_merge(struct vm_area_struct *vma)
1462 unsigned long hstart, hend;
1465 * Not yet faulted in so we will register later in the
1466 * page fault if needed.
1469 if (vma->vm_file || vma->vm_ops)
1470 /* khugepaged not yet working on file or special mappings */
1472 VM_BUG_ON(is_linear_pfn_mapping(vma) || is_pfn_mapping(vma));
1473 hstart = (vma->vm_start + ~HPAGE_PMD_MASK) & HPAGE_PMD_MASK;
1474 hend = vma->vm_end & HPAGE_PMD_MASK;
1476 return khugepaged_enter(vma);
1480 void __khugepaged_exit(struct mm_struct *mm)
1482 struct mm_slot *mm_slot;
1485 spin_lock(&khugepaged_mm_lock);
1486 mm_slot = get_mm_slot(mm);
1487 if (mm_slot && khugepaged_scan.mm_slot != mm_slot) {
1488 hlist_del(&mm_slot->hash);
1489 list_del(&mm_slot->mm_node);
1494 spin_unlock(&khugepaged_mm_lock);
1495 clear_bit(MMF_VM_HUGEPAGE, &mm->flags);
1496 free_mm_slot(mm_slot);
1498 } else if (mm_slot) {
1499 spin_unlock(&khugepaged_mm_lock);
1501 * This is required to serialize against
1502 * khugepaged_test_exit() (which is guaranteed to run
1503 * under mmap sem read mode). Stop here (after we
1504 * return all pagetables will be destroyed) until
1505 * khugepaged has finished working on the pagetables
1506 * under the mmap_sem.
1508 down_write(&mm->mmap_sem);
1509 up_write(&mm->mmap_sem);
1511 spin_unlock(&khugepaged_mm_lock);
1514 static void release_pte_page(struct page *page)
1516 /* 0 stands for page_is_file_cache(page) == false */
1517 dec_zone_page_state(page, NR_ISOLATED_ANON + 0);
1519 putback_lru_page(page);
1522 static void release_pte_pages(pte_t *pte, pte_t *_pte)
1524 while (--_pte >= pte) {
1525 pte_t pteval = *_pte;
1526 if (!pte_none(pteval))
1527 release_pte_page(pte_page(pteval));
1531 static void release_all_pte_pages(pte_t *pte)
1533 release_pte_pages(pte, pte + HPAGE_PMD_NR);
1536 static int __collapse_huge_page_isolate(struct vm_area_struct *vma,
1537 unsigned long address,
1542 int referenced = 0, isolated = 0, none = 0;
1543 for (_pte = pte; _pte < pte+HPAGE_PMD_NR;
1544 _pte++, address += PAGE_SIZE) {
1545 pte_t pteval = *_pte;
1546 if (pte_none(pteval)) {
1547 if (++none <= khugepaged_max_ptes_none)
1550 release_pte_pages(pte, _pte);
1554 if (!pte_present(pteval) || !pte_write(pteval)) {
1555 release_pte_pages(pte, _pte);
1558 page = vm_normal_page(vma, address, pteval);
1559 if (unlikely(!page)) {
1560 release_pte_pages(pte, _pte);
1563 VM_BUG_ON(PageCompound(page));
1564 BUG_ON(!PageAnon(page));
1565 VM_BUG_ON(!PageSwapBacked(page));
1567 /* cannot use mapcount: can't collapse if there's a gup pin */
1568 if (page_count(page) != 1) {
1569 release_pte_pages(pte, _pte);
1573 * We can do it before isolate_lru_page because the
1574 * page can't be freed from under us. NOTE: PG_lock
1575 * is needed to serialize against split_huge_page
1576 * when invoked from the VM.
1578 if (!trylock_page(page)) {
1579 release_pte_pages(pte, _pte);
1583 * Isolate the page to avoid collapsing an hugepage
1584 * currently in use by the VM.
1586 if (isolate_lru_page(page)) {
1588 release_pte_pages(pte, _pte);
1591 /* 0 stands for page_is_file_cache(page) == false */
1592 inc_zone_page_state(page, NR_ISOLATED_ANON + 0);
1593 VM_BUG_ON(!PageLocked(page));
1594 VM_BUG_ON(PageLRU(page));
1596 /* If there is no mapped pte young don't collapse the page */
1597 if (pte_young(pteval))
1600 if (unlikely(!referenced))
1601 release_all_pte_pages(pte);
1608 static void __collapse_huge_page_copy(pte_t *pte, struct page *page,
1609 struct vm_area_struct *vma,
1610 unsigned long address,
1614 for (_pte = pte; _pte < pte+HPAGE_PMD_NR; _pte++) {
1615 pte_t pteval = *_pte;
1616 struct page *src_page;
1618 if (pte_none(pteval)) {
1619 clear_user_highpage(page, address);
1620 add_mm_counter(vma->vm_mm, MM_ANONPAGES, 1);
1622 src_page = pte_page(pteval);
1623 copy_user_highpage(page, src_page, address, vma);
1624 VM_BUG_ON(page_mapcount(src_page) != 1);
1625 VM_BUG_ON(page_count(src_page) != 2);
1626 release_pte_page(src_page);
1628 * ptl mostly unnecessary, but preempt has to
1629 * be disabled to update the per-cpu stats
1630 * inside page_remove_rmap().
1634 * paravirt calls inside pte_clear here are
1637 pte_clear(vma->vm_mm, address, _pte);
1638 page_remove_rmap(src_page);
1640 free_page_and_swap_cache(src_page);
1643 address += PAGE_SIZE;
1648 static void collapse_huge_page(struct mm_struct *mm,
1649 unsigned long address,
1650 struct page **hpage)
1652 struct vm_area_struct *vma;
1658 struct page *new_page;
1661 unsigned long hstart, hend;
1663 VM_BUG_ON(address & ~HPAGE_PMD_MASK);
1667 * Prevent all access to pagetables with the exception of
1668 * gup_fast later hanlded by the ptep_clear_flush and the VM
1669 * handled by the anon_vma lock + PG_lock.
1671 down_write(&mm->mmap_sem);
1672 if (unlikely(khugepaged_test_exit(mm)))
1675 vma = find_vma(mm, address);
1676 hstart = (vma->vm_start + ~HPAGE_PMD_MASK) & HPAGE_PMD_MASK;
1677 hend = vma->vm_end & HPAGE_PMD_MASK;
1678 if (address < hstart || address + HPAGE_PMD_SIZE > hend)
1681 if (!(vma->vm_flags & VM_HUGEPAGE) && !khugepaged_always())
1684 /* VM_PFNMAP vmas may have vm_ops null but vm_file set */
1685 if (!vma->anon_vma || vma->vm_ops || vma->vm_file)
1687 VM_BUG_ON(is_linear_pfn_mapping(vma) || is_pfn_mapping(vma));
1689 pgd = pgd_offset(mm, address);
1690 if (!pgd_present(*pgd))
1693 pud = pud_offset(pgd, address);
1694 if (!pud_present(*pud))
1697 pmd = pmd_offset(pud, address);
1698 /* pmd can't go away or become huge under us */
1699 if (!pmd_present(*pmd) || pmd_trans_huge(*pmd))
1703 if (unlikely(mem_cgroup_newpage_charge(new_page, mm, GFP_KERNEL)))
1706 anon_vma_lock(vma->anon_vma);
1708 pte = pte_offset_map(pmd, address);
1709 ptl = pte_lockptr(mm, pmd);
1711 spin_lock(&mm->page_table_lock); /* probably unnecessary */
1713 * After this gup_fast can't run anymore. This also removes
1714 * any huge TLB entry from the CPU so we won't allow
1715 * huge and small TLB entries for the same virtual address
1716 * to avoid the risk of CPU bugs in that area.
1718 _pmd = pmdp_clear_flush_notify(vma, address, pmd);
1719 spin_unlock(&mm->page_table_lock);
1722 isolated = __collapse_huge_page_isolate(vma, address, pte);
1726 if (unlikely(!isolated)) {
1727 spin_lock(&mm->page_table_lock);
1728 BUG_ON(!pmd_none(*pmd));
1729 set_pmd_at(mm, address, pmd, _pmd);
1730 spin_unlock(&mm->page_table_lock);
1731 anon_vma_unlock(vma->anon_vma);
1732 mem_cgroup_uncharge_page(new_page);
1737 * All pages are isolated and locked so anon_vma rmap
1738 * can't run anymore.
1740 anon_vma_unlock(vma->anon_vma);
1742 __collapse_huge_page_copy(pte, new_page, vma, address, ptl);
1743 __SetPageUptodate(new_page);
1744 pgtable = pmd_pgtable(_pmd);
1745 VM_BUG_ON(page_count(pgtable) != 1);
1746 VM_BUG_ON(page_mapcount(pgtable) != 0);
1748 _pmd = mk_pmd(new_page, vma->vm_page_prot);
1749 _pmd = maybe_pmd_mkwrite(pmd_mkdirty(_pmd), vma);
1750 _pmd = pmd_mkhuge(_pmd);
1753 * spin_lock() below is not the equivalent of smp_wmb(), so
1754 * this is needed to avoid the copy_huge_page writes to become
1755 * visible after the set_pmd_at() write.
1759 spin_lock(&mm->page_table_lock);
1760 BUG_ON(!pmd_none(*pmd));
1761 page_add_new_anon_rmap(new_page, vma, address);
1762 set_pmd_at(mm, address, pmd, _pmd);
1763 update_mmu_cache(vma, address, entry);
1764 prepare_pmd_huge_pte(pgtable, mm);
1766 spin_unlock(&mm->page_table_lock);
1769 khugepaged_pages_collapsed++;
1771 up_write(&mm->mmap_sem);
1774 static int khugepaged_scan_pmd(struct mm_struct *mm,
1775 struct vm_area_struct *vma,
1776 unsigned long address,
1777 struct page **hpage)
1783 int ret = 0, referenced = 0, none = 0;
1785 unsigned long _address;
1788 VM_BUG_ON(address & ~HPAGE_PMD_MASK);
1790 pgd = pgd_offset(mm, address);
1791 if (!pgd_present(*pgd))
1794 pud = pud_offset(pgd, address);
1795 if (!pud_present(*pud))
1798 pmd = pmd_offset(pud, address);
1799 if (!pmd_present(*pmd) || pmd_trans_huge(*pmd))
1802 pte = pte_offset_map_lock(mm, pmd, address, &ptl);
1803 for (_address = address, _pte = pte; _pte < pte+HPAGE_PMD_NR;
1804 _pte++, _address += PAGE_SIZE) {
1805 pte_t pteval = *_pte;
1806 if (pte_none(pteval)) {
1807 if (++none <= khugepaged_max_ptes_none)
1812 if (!pte_present(pteval) || !pte_write(pteval))
1814 page = vm_normal_page(vma, _address, pteval);
1815 if (unlikely(!page))
1817 VM_BUG_ON(PageCompound(page));
1818 if (!PageLRU(page) || PageLocked(page) || !PageAnon(page))
1820 /* cannot use mapcount: can't collapse if there's a gup pin */
1821 if (page_count(page) != 1)
1823 if (pte_young(pteval))
1829 pte_unmap_unlock(pte, ptl);
1831 up_read(&mm->mmap_sem);
1832 collapse_huge_page(mm, address, hpage);
1838 static void collect_mm_slot(struct mm_slot *mm_slot)
1840 struct mm_struct *mm = mm_slot->mm;
1842 VM_BUG_ON(!spin_is_locked(&khugepaged_mm_lock));
1844 if (khugepaged_test_exit(mm)) {
1846 hlist_del(&mm_slot->hash);
1847 list_del(&mm_slot->mm_node);
1850 * Not strictly needed because the mm exited already.
1852 * clear_bit(MMF_VM_HUGEPAGE, &mm->flags);
1855 /* khugepaged_mm_lock actually not necessary for the below */
1856 free_mm_slot(mm_slot);
1861 static unsigned int khugepaged_scan_mm_slot(unsigned int pages,
1862 struct page **hpage)
1864 struct mm_slot *mm_slot;
1865 struct mm_struct *mm;
1866 struct vm_area_struct *vma;
1870 VM_BUG_ON(!spin_is_locked(&khugepaged_mm_lock));
1872 if (khugepaged_scan.mm_slot)
1873 mm_slot = khugepaged_scan.mm_slot;
1875 mm_slot = list_entry(khugepaged_scan.mm_head.next,
1876 struct mm_slot, mm_node);
1877 khugepaged_scan.address = 0;
1878 khugepaged_scan.mm_slot = mm_slot;
1880 spin_unlock(&khugepaged_mm_lock);
1883 down_read(&mm->mmap_sem);
1884 if (unlikely(khugepaged_test_exit(mm)))
1887 vma = find_vma(mm, khugepaged_scan.address);
1890 for (; vma; vma = vma->vm_next) {
1891 unsigned long hstart, hend;
1894 if (unlikely(khugepaged_test_exit(mm))) {
1899 if (!(vma->vm_flags & VM_HUGEPAGE) &&
1900 !khugepaged_always()) {
1905 /* VM_PFNMAP vmas may have vm_ops null but vm_file set */
1906 if (!vma->anon_vma || vma->vm_ops || vma->vm_file) {
1907 khugepaged_scan.address = vma->vm_end;
1911 VM_BUG_ON(is_linear_pfn_mapping(vma) || is_pfn_mapping(vma));
1913 hstart = (vma->vm_start + ~HPAGE_PMD_MASK) & HPAGE_PMD_MASK;
1914 hend = vma->vm_end & HPAGE_PMD_MASK;
1915 if (hstart >= hend) {
1919 if (khugepaged_scan.address < hstart)
1920 khugepaged_scan.address = hstart;
1921 if (khugepaged_scan.address > hend) {
1922 khugepaged_scan.address = hend + HPAGE_PMD_SIZE;
1926 BUG_ON(khugepaged_scan.address & ~HPAGE_PMD_MASK);
1928 while (khugepaged_scan.address < hend) {
1931 if (unlikely(khugepaged_test_exit(mm)))
1932 goto breakouterloop;
1934 VM_BUG_ON(khugepaged_scan.address < hstart ||
1935 khugepaged_scan.address + HPAGE_PMD_SIZE >
1937 ret = khugepaged_scan_pmd(mm, vma,
1938 khugepaged_scan.address,
1940 /* move to next address */
1941 khugepaged_scan.address += HPAGE_PMD_SIZE;
1942 progress += HPAGE_PMD_NR;
1944 /* we released mmap_sem so break loop */
1945 goto breakouterloop_mmap_sem;
1946 if (progress >= pages)
1947 goto breakouterloop;
1951 up_read(&mm->mmap_sem); /* exit_mmap will destroy ptes after this */
1952 breakouterloop_mmap_sem:
1954 spin_lock(&khugepaged_mm_lock);
1955 BUG_ON(khugepaged_scan.mm_slot != mm_slot);
1957 * Release the current mm_slot if this mm is about to die, or
1958 * if we scanned all vmas of this mm.
1960 if (khugepaged_test_exit(mm) || !vma) {
1962 * Make sure that if mm_users is reaching zero while
1963 * khugepaged runs here, khugepaged_exit will find
1964 * mm_slot not pointing to the exiting mm.
1966 if (mm_slot->mm_node.next != &khugepaged_scan.mm_head) {
1967 khugepaged_scan.mm_slot = list_entry(
1968 mm_slot->mm_node.next,
1969 struct mm_slot, mm_node);
1970 khugepaged_scan.address = 0;
1972 khugepaged_scan.mm_slot = NULL;
1973 khugepaged_full_scans++;
1976 collect_mm_slot(mm_slot);
1982 static int khugepaged_has_work(void)
1984 return !list_empty(&khugepaged_scan.mm_head) &&
1985 khugepaged_enabled();
1988 static int khugepaged_wait_event(void)
1990 return !list_empty(&khugepaged_scan.mm_head) ||
1991 !khugepaged_enabled();
1994 static void khugepaged_do_scan(struct page **hpage)
1996 unsigned int progress = 0, pass_through_head = 0;
1997 unsigned int pages = khugepaged_pages_to_scan;
1999 barrier(); /* write khugepaged_pages_to_scan to local stack */
2001 while (progress < pages) {
2005 *hpage = alloc_hugepage(khugepaged_defrag());
2006 if (unlikely(!*hpage))
2010 spin_lock(&khugepaged_mm_lock);
2011 if (!khugepaged_scan.mm_slot)
2012 pass_through_head++;
2013 if (khugepaged_has_work() &&
2014 pass_through_head < 2)
2015 progress += khugepaged_scan_mm_slot(pages - progress,
2019 spin_unlock(&khugepaged_mm_lock);
2023 static struct page *khugepaged_alloc_hugepage(void)
2028 hpage = alloc_hugepage(khugepaged_defrag());
2031 add_wait_queue(&khugepaged_wait, &wait);
2032 schedule_timeout_interruptible(
2034 khugepaged_alloc_sleep_millisecs));
2035 remove_wait_queue(&khugepaged_wait, &wait);
2037 } while (unlikely(!hpage) &&
2038 likely(khugepaged_enabled()));
2042 static void khugepaged_loop(void)
2046 while (likely(khugepaged_enabled())) {
2047 hpage = khugepaged_alloc_hugepage();
2048 if (unlikely(!hpage))
2051 khugepaged_do_scan(&hpage);
2054 if (khugepaged_has_work()) {
2056 if (!khugepaged_scan_sleep_millisecs)
2058 add_wait_queue(&khugepaged_wait, &wait);
2059 schedule_timeout_interruptible(
2061 khugepaged_scan_sleep_millisecs));
2062 remove_wait_queue(&khugepaged_wait, &wait);
2063 } else if (khugepaged_enabled())
2064 wait_event_interruptible(khugepaged_wait,
2065 khugepaged_wait_event());
2069 static int khugepaged(void *none)
2071 struct mm_slot *mm_slot;
2073 set_user_nice(current, 19);
2075 /* serialize with start_khugepaged() */
2076 mutex_lock(&khugepaged_mutex);
2079 mutex_unlock(&khugepaged_mutex);
2080 BUG_ON(khugepaged_thread != current);
2082 BUG_ON(khugepaged_thread != current);
2084 mutex_lock(&khugepaged_mutex);
2085 if (!khugepaged_enabled())
2089 spin_lock(&khugepaged_mm_lock);
2090 mm_slot = khugepaged_scan.mm_slot;
2091 khugepaged_scan.mm_slot = NULL;
2093 collect_mm_slot(mm_slot);
2094 spin_unlock(&khugepaged_mm_lock);
2096 khugepaged_thread = NULL;
2097 mutex_unlock(&khugepaged_mutex);
2102 void __split_huge_page_pmd(struct mm_struct *mm, pmd_t *pmd)
2106 spin_lock(&mm->page_table_lock);
2107 if (unlikely(!pmd_trans_huge(*pmd))) {
2108 spin_unlock(&mm->page_table_lock);
2111 page = pmd_page(*pmd);
2112 VM_BUG_ON(!page_count(page));
2114 spin_unlock(&mm->page_table_lock);
2116 split_huge_page(page);
2119 BUG_ON(pmd_trans_huge(*pmd));
git.openpandora.org / pandora-kernel.git / blob