1133ff0eaSJérôme Glisse /* 2133ff0eaSJérôme Glisse * Copyright 2013 Red Hat Inc. 3133ff0eaSJérôme Glisse * 4133ff0eaSJérôme Glisse * This program is free software; you can redistribute it and/or modify 5133ff0eaSJérôme Glisse * it under the terms of the GNU General Public License as published by 6133ff0eaSJérôme Glisse * the Free Software Foundation; either version 2 of the License, or 7133ff0eaSJérôme Glisse * (at your option) any later version. 8133ff0eaSJérôme Glisse * 9133ff0eaSJérôme Glisse * This program is distributed in the hope that it will be useful, 10133ff0eaSJérôme Glisse * but WITHOUT ANY WARRANTY; without even the implied warranty of 11133ff0eaSJérôme Glisse * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12133ff0eaSJérôme Glisse * GNU General Public License for more details. 13133ff0eaSJérôme Glisse * 14133ff0eaSJérôme Glisse * Authors: Jérôme Glisse <jglisse@redhat.com> 15133ff0eaSJérôme Glisse */ 16133ff0eaSJérôme Glisse /* 17133ff0eaSJérôme Glisse * Refer to include/linux/hmm.h for information about heterogeneous memory 18133ff0eaSJérôme Glisse * management or HMM for short. 19133ff0eaSJérôme Glisse */ 20133ff0eaSJérôme Glisse #include <linux/mm.h> 21133ff0eaSJérôme Glisse #include <linux/hmm.h> 22da4c3c73SJérôme Glisse #include <linux/rmap.h> 23da4c3c73SJérôme Glisse #include <linux/swap.h> 24133ff0eaSJérôme Glisse #include <linux/slab.h> 25133ff0eaSJérôme Glisse #include <linux/sched.h> 26da4c3c73SJérôme Glisse #include <linux/swapops.h> 27da4c3c73SJérôme Glisse #include <linux/hugetlb.h> 28*7b2d55d2SJérôme Glisse #include <linux/jump_label.h> 29c0b12405SJérôme Glisse #include <linux/mmu_notifier.h> 30133ff0eaSJérôme Glisse 31133ff0eaSJérôme Glisse 32*7b2d55d2SJérôme Glisse /* 33*7b2d55d2SJérôme Glisse * Device private memory see HMM (Documentation/vm/hmm.txt) or hmm.h 34*7b2d55d2SJérôme Glisse */ 35*7b2d55d2SJérôme Glisse DEFINE_STATIC_KEY_FALSE(device_private_key); 36*7b2d55d2SJérôme Glisse EXPORT_SYMBOL(device_private_key); 37*7b2d55d2SJérôme Glisse 38*7b2d55d2SJérôme Glisse 39133ff0eaSJérôme Glisse #ifdef CONFIG_HMM 40c0b12405SJérôme Glisse static const struct mmu_notifier_ops hmm_mmu_notifier_ops; 41c0b12405SJérôme Glisse 42133ff0eaSJérôme Glisse /* 43133ff0eaSJérôme Glisse * struct hmm - HMM per mm struct 44133ff0eaSJérôme Glisse * 45133ff0eaSJérôme Glisse * @mm: mm struct this HMM struct is bound to 46da4c3c73SJérôme Glisse * @lock: lock protecting ranges list 47c0b12405SJérôme Glisse * @sequence: we track updates to the CPU page table with a sequence number 48da4c3c73SJérôme Glisse * @ranges: list of range being snapshotted 49c0b12405SJérôme Glisse * @mirrors: list of mirrors for this mm 50c0b12405SJérôme Glisse * @mmu_notifier: mmu notifier to track updates to CPU page table 51c0b12405SJérôme Glisse * @mirrors_sem: read/write semaphore protecting the mirrors list 52133ff0eaSJérôme Glisse */ 53133ff0eaSJérôme Glisse struct hmm { 54133ff0eaSJérôme Glisse struct mm_struct *mm; 55da4c3c73SJérôme Glisse spinlock_t lock; 56c0b12405SJérôme Glisse atomic_t sequence; 57da4c3c73SJérôme Glisse struct list_head ranges; 58c0b12405SJérôme Glisse struct list_head mirrors; 59c0b12405SJérôme Glisse struct mmu_notifier mmu_notifier; 60c0b12405SJérôme Glisse struct rw_semaphore mirrors_sem; 61133ff0eaSJérôme Glisse }; 62133ff0eaSJérôme Glisse 63133ff0eaSJérôme Glisse /* 64133ff0eaSJérôme Glisse * hmm_register - register HMM against an mm (HMM internal) 65133ff0eaSJérôme Glisse * 66133ff0eaSJérôme Glisse * @mm: mm struct to attach to 67133ff0eaSJérôme Glisse * 68133ff0eaSJérôme Glisse * This is not intended to be used directly by device drivers. It allocates an 69133ff0eaSJérôme Glisse * HMM struct if mm does not have one, and initializes it. 70133ff0eaSJérôme Glisse */ 71133ff0eaSJérôme Glisse static struct hmm *hmm_register(struct mm_struct *mm) 72133ff0eaSJérôme Glisse { 73c0b12405SJérôme Glisse struct hmm *hmm = READ_ONCE(mm->hmm); 74c0b12405SJérôme Glisse bool cleanup = false; 75133ff0eaSJérôme Glisse 76133ff0eaSJérôme Glisse /* 77133ff0eaSJérôme Glisse * The hmm struct can only be freed once the mm_struct goes away, 78133ff0eaSJérôme Glisse * hence we should always have pre-allocated an new hmm struct 79133ff0eaSJérôme Glisse * above. 80133ff0eaSJérôme Glisse */ 81c0b12405SJérôme Glisse if (hmm) 82c0b12405SJérôme Glisse return hmm; 83c0b12405SJérôme Glisse 84c0b12405SJérôme Glisse hmm = kmalloc(sizeof(*hmm), GFP_KERNEL); 85c0b12405SJérôme Glisse if (!hmm) 86c0b12405SJérôme Glisse return NULL; 87c0b12405SJérôme Glisse INIT_LIST_HEAD(&hmm->mirrors); 88c0b12405SJérôme Glisse init_rwsem(&hmm->mirrors_sem); 89c0b12405SJérôme Glisse atomic_set(&hmm->sequence, 0); 90c0b12405SJérôme Glisse hmm->mmu_notifier.ops = NULL; 91da4c3c73SJérôme Glisse INIT_LIST_HEAD(&hmm->ranges); 92da4c3c73SJérôme Glisse spin_lock_init(&hmm->lock); 93c0b12405SJérôme Glisse hmm->mm = mm; 94c0b12405SJérôme Glisse 95c0b12405SJérôme Glisse /* 96c0b12405SJérôme Glisse * We should only get here if hold the mmap_sem in write mode ie on 97c0b12405SJérôme Glisse * registration of first mirror through hmm_mirror_register() 98c0b12405SJérôme Glisse */ 99c0b12405SJérôme Glisse hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops; 100c0b12405SJérôme Glisse if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) { 101c0b12405SJérôme Glisse kfree(hmm); 102c0b12405SJérôme Glisse return NULL; 103c0b12405SJérôme Glisse } 104c0b12405SJérôme Glisse 105c0b12405SJérôme Glisse spin_lock(&mm->page_table_lock); 106c0b12405SJérôme Glisse if (!mm->hmm) 107c0b12405SJérôme Glisse mm->hmm = hmm; 108c0b12405SJérôme Glisse else 109c0b12405SJérôme Glisse cleanup = true; 110c0b12405SJérôme Glisse spin_unlock(&mm->page_table_lock); 111c0b12405SJérôme Glisse 112c0b12405SJérôme Glisse if (cleanup) { 113c0b12405SJérôme Glisse mmu_notifier_unregister(&hmm->mmu_notifier, mm); 114c0b12405SJérôme Glisse kfree(hmm); 115c0b12405SJérôme Glisse } 116c0b12405SJérôme Glisse 117133ff0eaSJérôme Glisse return mm->hmm; 118133ff0eaSJérôme Glisse } 119133ff0eaSJérôme Glisse 120133ff0eaSJérôme Glisse void hmm_mm_destroy(struct mm_struct *mm) 121133ff0eaSJérôme Glisse { 122133ff0eaSJérôme Glisse kfree(mm->hmm); 123133ff0eaSJérôme Glisse } 124133ff0eaSJérôme Glisse #endif /* CONFIG_HMM */ 125c0b12405SJérôme Glisse 126c0b12405SJérôme Glisse #if IS_ENABLED(CONFIG_HMM_MIRROR) 127c0b12405SJérôme Glisse static void hmm_invalidate_range(struct hmm *hmm, 128c0b12405SJérôme Glisse enum hmm_update_type action, 129c0b12405SJérôme Glisse unsigned long start, 130c0b12405SJérôme Glisse unsigned long end) 131c0b12405SJérôme Glisse { 132c0b12405SJérôme Glisse struct hmm_mirror *mirror; 133da4c3c73SJérôme Glisse struct hmm_range *range; 134da4c3c73SJérôme Glisse 135da4c3c73SJérôme Glisse spin_lock(&hmm->lock); 136da4c3c73SJérôme Glisse list_for_each_entry(range, &hmm->ranges, list) { 137da4c3c73SJérôme Glisse unsigned long addr, idx, npages; 138da4c3c73SJérôme Glisse 139da4c3c73SJérôme Glisse if (end < range->start || start >= range->end) 140da4c3c73SJérôme Glisse continue; 141da4c3c73SJérôme Glisse 142da4c3c73SJérôme Glisse range->valid = false; 143da4c3c73SJérôme Glisse addr = max(start, range->start); 144da4c3c73SJérôme Glisse idx = (addr - range->start) >> PAGE_SHIFT; 145da4c3c73SJérôme Glisse npages = (min(range->end, end) - addr) >> PAGE_SHIFT; 146da4c3c73SJérôme Glisse memset(&range->pfns[idx], 0, sizeof(*range->pfns) * npages); 147da4c3c73SJérôme Glisse } 148da4c3c73SJérôme Glisse spin_unlock(&hmm->lock); 149c0b12405SJérôme Glisse 150c0b12405SJérôme Glisse down_read(&hmm->mirrors_sem); 151c0b12405SJérôme Glisse list_for_each_entry(mirror, &hmm->mirrors, list) 152c0b12405SJérôme Glisse mirror->ops->sync_cpu_device_pagetables(mirror, action, 153c0b12405SJérôme Glisse start, end); 154c0b12405SJérôme Glisse up_read(&hmm->mirrors_sem); 155c0b12405SJérôme Glisse } 156c0b12405SJérôme Glisse 157c0b12405SJérôme Glisse static void hmm_invalidate_range_start(struct mmu_notifier *mn, 158c0b12405SJérôme Glisse struct mm_struct *mm, 159c0b12405SJérôme Glisse unsigned long start, 160c0b12405SJérôme Glisse unsigned long end) 161c0b12405SJérôme Glisse { 162c0b12405SJérôme Glisse struct hmm *hmm = mm->hmm; 163c0b12405SJérôme Glisse 164c0b12405SJérôme Glisse VM_BUG_ON(!hmm); 165c0b12405SJérôme Glisse 166c0b12405SJérôme Glisse atomic_inc(&hmm->sequence); 167c0b12405SJérôme Glisse } 168c0b12405SJérôme Glisse 169c0b12405SJérôme Glisse static void hmm_invalidate_range_end(struct mmu_notifier *mn, 170c0b12405SJérôme Glisse struct mm_struct *mm, 171c0b12405SJérôme Glisse unsigned long start, 172c0b12405SJérôme Glisse unsigned long end) 173c0b12405SJérôme Glisse { 174c0b12405SJérôme Glisse struct hmm *hmm = mm->hmm; 175c0b12405SJérôme Glisse 176c0b12405SJérôme Glisse VM_BUG_ON(!hmm); 177c0b12405SJérôme Glisse 178c0b12405SJérôme Glisse hmm_invalidate_range(mm->hmm, HMM_UPDATE_INVALIDATE, start, end); 179c0b12405SJérôme Glisse } 180c0b12405SJérôme Glisse 181c0b12405SJérôme Glisse static const struct mmu_notifier_ops hmm_mmu_notifier_ops = { 182c0b12405SJérôme Glisse .invalidate_range_start = hmm_invalidate_range_start, 183c0b12405SJérôme Glisse .invalidate_range_end = hmm_invalidate_range_end, 184c0b12405SJérôme Glisse }; 185c0b12405SJérôme Glisse 186c0b12405SJérôme Glisse /* 187c0b12405SJérôme Glisse * hmm_mirror_register() - register a mirror against an mm 188c0b12405SJérôme Glisse * 189c0b12405SJérôme Glisse * @mirror: new mirror struct to register 190c0b12405SJérôme Glisse * @mm: mm to register against 191c0b12405SJérôme Glisse * 192c0b12405SJérôme Glisse * To start mirroring a process address space, the device driver must register 193c0b12405SJérôme Glisse * an HMM mirror struct. 194c0b12405SJérôme Glisse * 195c0b12405SJérôme Glisse * THE mm->mmap_sem MUST BE HELD IN WRITE MODE ! 196c0b12405SJérôme Glisse */ 197c0b12405SJérôme Glisse int hmm_mirror_register(struct hmm_mirror *mirror, struct mm_struct *mm) 198c0b12405SJérôme Glisse { 199c0b12405SJérôme Glisse /* Sanity check */ 200c0b12405SJérôme Glisse if (!mm || !mirror || !mirror->ops) 201c0b12405SJérôme Glisse return -EINVAL; 202c0b12405SJérôme Glisse 203c0b12405SJérôme Glisse mirror->hmm = hmm_register(mm); 204c0b12405SJérôme Glisse if (!mirror->hmm) 205c0b12405SJérôme Glisse return -ENOMEM; 206c0b12405SJérôme Glisse 207c0b12405SJérôme Glisse down_write(&mirror->hmm->mirrors_sem); 208c0b12405SJérôme Glisse list_add(&mirror->list, &mirror->hmm->mirrors); 209c0b12405SJérôme Glisse up_write(&mirror->hmm->mirrors_sem); 210c0b12405SJérôme Glisse 211c0b12405SJérôme Glisse return 0; 212c0b12405SJérôme Glisse } 213c0b12405SJérôme Glisse EXPORT_SYMBOL(hmm_mirror_register); 214c0b12405SJérôme Glisse 215c0b12405SJérôme Glisse /* 216c0b12405SJérôme Glisse * hmm_mirror_unregister() - unregister a mirror 217c0b12405SJérôme Glisse * 218c0b12405SJérôme Glisse * @mirror: new mirror struct to register 219c0b12405SJérôme Glisse * 220c0b12405SJérôme Glisse * Stop mirroring a process address space, and cleanup. 221c0b12405SJérôme Glisse */ 222c0b12405SJérôme Glisse void hmm_mirror_unregister(struct hmm_mirror *mirror) 223c0b12405SJérôme Glisse { 224c0b12405SJérôme Glisse struct hmm *hmm = mirror->hmm; 225c0b12405SJérôme Glisse 226c0b12405SJérôme Glisse down_write(&hmm->mirrors_sem); 227c0b12405SJérôme Glisse list_del(&mirror->list); 228c0b12405SJérôme Glisse up_write(&hmm->mirrors_sem); 229c0b12405SJérôme Glisse } 230c0b12405SJérôme Glisse EXPORT_SYMBOL(hmm_mirror_unregister); 231da4c3c73SJérôme Glisse 23274eee180SJérôme Glisse struct hmm_vma_walk { 23374eee180SJérôme Glisse struct hmm_range *range; 23474eee180SJérôme Glisse unsigned long last; 23574eee180SJérôme Glisse bool fault; 23674eee180SJérôme Glisse bool block; 23774eee180SJérôme Glisse bool write; 23874eee180SJérôme Glisse }; 23974eee180SJérôme Glisse 24074eee180SJérôme Glisse static int hmm_vma_do_fault(struct mm_walk *walk, 24174eee180SJérôme Glisse unsigned long addr, 24274eee180SJérôme Glisse hmm_pfn_t *pfn) 24374eee180SJérôme Glisse { 24474eee180SJérôme Glisse unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_REMOTE; 24574eee180SJérôme Glisse struct hmm_vma_walk *hmm_vma_walk = walk->private; 24674eee180SJérôme Glisse struct vm_area_struct *vma = walk->vma; 24774eee180SJérôme Glisse int r; 24874eee180SJérôme Glisse 24974eee180SJérôme Glisse flags |= hmm_vma_walk->block ? 0 : FAULT_FLAG_ALLOW_RETRY; 25074eee180SJérôme Glisse flags |= hmm_vma_walk->write ? FAULT_FLAG_WRITE : 0; 25174eee180SJérôme Glisse r = handle_mm_fault(vma, addr, flags); 25274eee180SJérôme Glisse if (r & VM_FAULT_RETRY) 25374eee180SJérôme Glisse return -EBUSY; 25474eee180SJérôme Glisse if (r & VM_FAULT_ERROR) { 25574eee180SJérôme Glisse *pfn = HMM_PFN_ERROR; 25674eee180SJérôme Glisse return -EFAULT; 25774eee180SJérôme Glisse } 25874eee180SJérôme Glisse 25974eee180SJérôme Glisse return -EAGAIN; 26074eee180SJérôme Glisse } 26174eee180SJérôme Glisse 262da4c3c73SJérôme Glisse static void hmm_pfns_special(hmm_pfn_t *pfns, 263da4c3c73SJérôme Glisse unsigned long addr, 264da4c3c73SJérôme Glisse unsigned long end) 265da4c3c73SJérôme Glisse { 266da4c3c73SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, pfns++) 267da4c3c73SJérôme Glisse *pfns = HMM_PFN_SPECIAL; 268da4c3c73SJérôme Glisse } 269da4c3c73SJérôme Glisse 270da4c3c73SJérôme Glisse static int hmm_pfns_bad(unsigned long addr, 271da4c3c73SJérôme Glisse unsigned long end, 272da4c3c73SJérôme Glisse struct mm_walk *walk) 273da4c3c73SJérôme Glisse { 274da4c3c73SJérôme Glisse struct hmm_range *range = walk->private; 275da4c3c73SJérôme Glisse hmm_pfn_t *pfns = range->pfns; 276da4c3c73SJérôme Glisse unsigned long i; 277da4c3c73SJérôme Glisse 278da4c3c73SJérôme Glisse i = (addr - range->start) >> PAGE_SHIFT; 279da4c3c73SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, i++) 280da4c3c73SJérôme Glisse pfns[i] = HMM_PFN_ERROR; 281da4c3c73SJérôme Glisse 282da4c3c73SJérôme Glisse return 0; 283da4c3c73SJérôme Glisse } 284da4c3c73SJérôme Glisse 28574eee180SJérôme Glisse static void hmm_pfns_clear(hmm_pfn_t *pfns, 28674eee180SJérôme Glisse unsigned long addr, 28774eee180SJérôme Glisse unsigned long end) 28874eee180SJérôme Glisse { 28974eee180SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, pfns++) 29074eee180SJérôme Glisse *pfns = 0; 29174eee180SJérôme Glisse } 29274eee180SJérôme Glisse 293da4c3c73SJérôme Glisse static int hmm_vma_walk_hole(unsigned long addr, 294da4c3c73SJérôme Glisse unsigned long end, 295da4c3c73SJérôme Glisse struct mm_walk *walk) 296da4c3c73SJérôme Glisse { 29774eee180SJérôme Glisse struct hmm_vma_walk *hmm_vma_walk = walk->private; 29874eee180SJérôme Glisse struct hmm_range *range = hmm_vma_walk->range; 299da4c3c73SJérôme Glisse hmm_pfn_t *pfns = range->pfns; 300da4c3c73SJérôme Glisse unsigned long i; 301da4c3c73SJérôme Glisse 30274eee180SJérôme Glisse hmm_vma_walk->last = addr; 303da4c3c73SJérôme Glisse i = (addr - range->start) >> PAGE_SHIFT; 30474eee180SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, i++) { 305da4c3c73SJérôme Glisse pfns[i] = HMM_PFN_EMPTY; 30674eee180SJérôme Glisse if (hmm_vma_walk->fault) { 30774eee180SJérôme Glisse int ret; 308da4c3c73SJérôme Glisse 30974eee180SJérôme Glisse ret = hmm_vma_do_fault(walk, addr, &pfns[i]); 31074eee180SJérôme Glisse if (ret != -EAGAIN) 31174eee180SJérôme Glisse return ret; 31274eee180SJérôme Glisse } 31374eee180SJérôme Glisse } 31474eee180SJérôme Glisse 31574eee180SJérôme Glisse return hmm_vma_walk->fault ? -EAGAIN : 0; 316da4c3c73SJérôme Glisse } 317da4c3c73SJérôme Glisse 318da4c3c73SJérôme Glisse static int hmm_vma_walk_clear(unsigned long addr, 319da4c3c73SJérôme Glisse unsigned long end, 320da4c3c73SJérôme Glisse struct mm_walk *walk) 321da4c3c73SJérôme Glisse { 32274eee180SJérôme Glisse struct hmm_vma_walk *hmm_vma_walk = walk->private; 32374eee180SJérôme Glisse struct hmm_range *range = hmm_vma_walk->range; 324da4c3c73SJérôme Glisse hmm_pfn_t *pfns = range->pfns; 325da4c3c73SJérôme Glisse unsigned long i; 326da4c3c73SJérôme Glisse 32774eee180SJérôme Glisse hmm_vma_walk->last = addr; 328da4c3c73SJérôme Glisse i = (addr - range->start) >> PAGE_SHIFT; 32974eee180SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, i++) { 330da4c3c73SJérôme Glisse pfns[i] = 0; 33174eee180SJérôme Glisse if (hmm_vma_walk->fault) { 33274eee180SJérôme Glisse int ret; 333da4c3c73SJérôme Glisse 33474eee180SJérôme Glisse ret = hmm_vma_do_fault(walk, addr, &pfns[i]); 33574eee180SJérôme Glisse if (ret != -EAGAIN) 33674eee180SJérôme Glisse return ret; 33774eee180SJérôme Glisse } 33874eee180SJérôme Glisse } 33974eee180SJérôme Glisse 34074eee180SJérôme Glisse return hmm_vma_walk->fault ? -EAGAIN : 0; 341da4c3c73SJérôme Glisse } 342da4c3c73SJérôme Glisse 343da4c3c73SJérôme Glisse static int hmm_vma_walk_pmd(pmd_t *pmdp, 344da4c3c73SJérôme Glisse unsigned long start, 345da4c3c73SJérôme Glisse unsigned long end, 346da4c3c73SJérôme Glisse struct mm_walk *walk) 347da4c3c73SJérôme Glisse { 34874eee180SJérôme Glisse struct hmm_vma_walk *hmm_vma_walk = walk->private; 34974eee180SJérôme Glisse struct hmm_range *range = hmm_vma_walk->range; 350da4c3c73SJérôme Glisse struct vm_area_struct *vma = walk->vma; 351da4c3c73SJérôme Glisse hmm_pfn_t *pfns = range->pfns; 352da4c3c73SJérôme Glisse unsigned long addr = start, i; 35374eee180SJérôme Glisse bool write_fault; 354da4c3c73SJérôme Glisse hmm_pfn_t flag; 355da4c3c73SJérôme Glisse pte_t *ptep; 356da4c3c73SJérôme Glisse 357da4c3c73SJérôme Glisse i = (addr - range->start) >> PAGE_SHIFT; 358da4c3c73SJérôme Glisse flag = vma->vm_flags & VM_READ ? HMM_PFN_READ : 0; 35974eee180SJérôme Glisse write_fault = hmm_vma_walk->fault & hmm_vma_walk->write; 360da4c3c73SJérôme Glisse 361da4c3c73SJérôme Glisse again: 362da4c3c73SJérôme Glisse if (pmd_none(*pmdp)) 363da4c3c73SJérôme Glisse return hmm_vma_walk_hole(start, end, walk); 364da4c3c73SJérôme Glisse 365da4c3c73SJérôme Glisse if (pmd_huge(*pmdp) && vma->vm_flags & VM_HUGETLB) 366da4c3c73SJérôme Glisse return hmm_pfns_bad(start, end, walk); 367da4c3c73SJérôme Glisse 368da4c3c73SJérôme Glisse if (pmd_devmap(*pmdp) || pmd_trans_huge(*pmdp)) { 369da4c3c73SJérôme Glisse unsigned long pfn; 370da4c3c73SJérôme Glisse pmd_t pmd; 371da4c3c73SJérôme Glisse 372da4c3c73SJérôme Glisse /* 373da4c3c73SJérôme Glisse * No need to take pmd_lock here, even if some other threads 374da4c3c73SJérôme Glisse * is splitting the huge pmd we will get that event through 375da4c3c73SJérôme Glisse * mmu_notifier callback. 376da4c3c73SJérôme Glisse * 377da4c3c73SJérôme Glisse * So just read pmd value and check again its a transparent 378da4c3c73SJérôme Glisse * huge or device mapping one and compute corresponding pfn 379da4c3c73SJérôme Glisse * values. 380da4c3c73SJérôme Glisse */ 381da4c3c73SJérôme Glisse pmd = pmd_read_atomic(pmdp); 382da4c3c73SJérôme Glisse barrier(); 383da4c3c73SJérôme Glisse if (!pmd_devmap(pmd) && !pmd_trans_huge(pmd)) 384da4c3c73SJérôme Glisse goto again; 385da4c3c73SJérôme Glisse if (pmd_protnone(pmd)) 386da4c3c73SJérôme Glisse return hmm_vma_walk_clear(start, end, walk); 387da4c3c73SJérôme Glisse 38874eee180SJérôme Glisse if (write_fault && !pmd_write(pmd)) 38974eee180SJérôme Glisse return hmm_vma_walk_clear(start, end, walk); 39074eee180SJérôme Glisse 391da4c3c73SJérôme Glisse pfn = pmd_pfn(pmd) + pte_index(addr); 392da4c3c73SJérôme Glisse flag |= pmd_write(pmd) ? HMM_PFN_WRITE : 0; 393da4c3c73SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, i++, pfn++) 394da4c3c73SJérôme Glisse pfns[i] = hmm_pfn_t_from_pfn(pfn) | flag; 395da4c3c73SJérôme Glisse return 0; 396da4c3c73SJérôme Glisse } 397da4c3c73SJérôme Glisse 398da4c3c73SJérôme Glisse if (pmd_bad(*pmdp)) 399da4c3c73SJérôme Glisse return hmm_pfns_bad(start, end, walk); 400da4c3c73SJérôme Glisse 401da4c3c73SJérôme Glisse ptep = pte_offset_map(pmdp, addr); 402da4c3c73SJérôme Glisse for (; addr < end; addr += PAGE_SIZE, ptep++, i++) { 403da4c3c73SJérôme Glisse pte_t pte = *ptep; 404da4c3c73SJérôme Glisse 405da4c3c73SJérôme Glisse pfns[i] = 0; 406da4c3c73SJérôme Glisse 40774eee180SJérôme Glisse if (pte_none(pte)) { 408da4c3c73SJérôme Glisse pfns[i] = HMM_PFN_EMPTY; 40974eee180SJérôme Glisse if (hmm_vma_walk->fault) 41074eee180SJérôme Glisse goto fault; 411da4c3c73SJérôme Glisse continue; 412da4c3c73SJérôme Glisse } 413da4c3c73SJérôme Glisse 41474eee180SJérôme Glisse if (!pte_present(pte)) { 41574eee180SJérôme Glisse swp_entry_t entry; 41674eee180SJérôme Glisse 41774eee180SJérôme Glisse if (!non_swap_entry(entry)) { 41874eee180SJérôme Glisse if (hmm_vma_walk->fault) 41974eee180SJérôme Glisse goto fault; 42074eee180SJérôme Glisse continue; 42174eee180SJérôme Glisse } 42274eee180SJérôme Glisse 42374eee180SJérôme Glisse entry = pte_to_swp_entry(pte); 42474eee180SJérôme Glisse 42574eee180SJérôme Glisse /* 42674eee180SJérôme Glisse * This is a special swap entry, ignore migration, use 42774eee180SJérôme Glisse * device and report anything else as error. 42874eee180SJérôme Glisse */ 42974eee180SJérôme Glisse if (is_migration_entry(entry)) { 43074eee180SJérôme Glisse if (hmm_vma_walk->fault) { 43174eee180SJérôme Glisse pte_unmap(ptep); 43274eee180SJérôme Glisse hmm_vma_walk->last = addr; 43374eee180SJérôme Glisse migration_entry_wait(vma->vm_mm, 43474eee180SJérôme Glisse pmdp, addr); 43574eee180SJérôme Glisse return -EAGAIN; 43674eee180SJérôme Glisse } 43774eee180SJérôme Glisse continue; 43874eee180SJérôme Glisse } else { 43974eee180SJérôme Glisse /* Report error for everything else */ 44074eee180SJérôme Glisse pfns[i] = HMM_PFN_ERROR; 44174eee180SJérôme Glisse } 44274eee180SJérôme Glisse continue; 44374eee180SJérôme Glisse } 44474eee180SJérôme Glisse 44574eee180SJérôme Glisse if (write_fault && !pte_write(pte)) 44674eee180SJérôme Glisse goto fault; 44774eee180SJérôme Glisse 448da4c3c73SJérôme Glisse pfns[i] = hmm_pfn_t_from_pfn(pte_pfn(pte)) | flag; 449da4c3c73SJérôme Glisse pfns[i] |= pte_write(pte) ? HMM_PFN_WRITE : 0; 45074eee180SJérôme Glisse continue; 45174eee180SJérôme Glisse 45274eee180SJérôme Glisse fault: 45374eee180SJérôme Glisse pte_unmap(ptep); 45474eee180SJérôme Glisse /* Fault all pages in range */ 45574eee180SJérôme Glisse return hmm_vma_walk_clear(start, end, walk); 456da4c3c73SJérôme Glisse } 457da4c3c73SJérôme Glisse pte_unmap(ptep - 1); 458da4c3c73SJérôme Glisse 459da4c3c73SJérôme Glisse return 0; 460da4c3c73SJérôme Glisse } 461da4c3c73SJérôme Glisse 462da4c3c73SJérôme Glisse /* 463da4c3c73SJérôme Glisse * hmm_vma_get_pfns() - snapshot CPU page table for a range of virtual addresses 464da4c3c73SJérôme Glisse * @vma: virtual memory area containing the virtual address range 465da4c3c73SJérôme Glisse * @range: used to track snapshot validity 466da4c3c73SJérôme Glisse * @start: range virtual start address (inclusive) 467da4c3c73SJérôme Glisse * @end: range virtual end address (exclusive) 468da4c3c73SJérôme Glisse * @entries: array of hmm_pfn_t: provided by the caller, filled in by function 469da4c3c73SJérôme Glisse * Returns: -EINVAL if invalid argument, -ENOMEM out of memory, 0 success 470da4c3c73SJérôme Glisse * 471da4c3c73SJérôme Glisse * This snapshots the CPU page table for a range of virtual addresses. Snapshot 472da4c3c73SJérôme Glisse * validity is tracked by range struct. See hmm_vma_range_done() for further 473da4c3c73SJérôme Glisse * information. 474da4c3c73SJérôme Glisse * 475da4c3c73SJérôme Glisse * The range struct is initialized here. It tracks the CPU page table, but only 476da4c3c73SJérôme Glisse * if the function returns success (0), in which case the caller must then call 477da4c3c73SJérôme Glisse * hmm_vma_range_done() to stop CPU page table update tracking on this range. 478da4c3c73SJérôme Glisse * 479da4c3c73SJérôme Glisse * NOT CALLING hmm_vma_range_done() IF FUNCTION RETURNS 0 WILL LEAD TO SERIOUS 480da4c3c73SJérôme Glisse * MEMORY CORRUPTION ! YOU HAVE BEEN WARNED ! 481da4c3c73SJérôme Glisse */ 482da4c3c73SJérôme Glisse int hmm_vma_get_pfns(struct vm_area_struct *vma, 483da4c3c73SJérôme Glisse struct hmm_range *range, 484da4c3c73SJérôme Glisse unsigned long start, 485da4c3c73SJérôme Glisse unsigned long end, 486da4c3c73SJérôme Glisse hmm_pfn_t *pfns) 487da4c3c73SJérôme Glisse { 48874eee180SJérôme Glisse struct hmm_vma_walk hmm_vma_walk; 489da4c3c73SJérôme Glisse struct mm_walk mm_walk; 490da4c3c73SJérôme Glisse struct hmm *hmm; 491da4c3c73SJérôme Glisse 492da4c3c73SJérôme Glisse /* FIXME support hugetlb fs */ 493da4c3c73SJérôme Glisse if (is_vm_hugetlb_page(vma) || (vma->vm_flags & VM_SPECIAL)) { 494da4c3c73SJérôme Glisse hmm_pfns_special(pfns, start, end); 495da4c3c73SJérôme Glisse return -EINVAL; 496da4c3c73SJérôme Glisse } 497da4c3c73SJérôme Glisse 498da4c3c73SJérôme Glisse /* Sanity check, this really should not happen ! */ 499da4c3c73SJérôme Glisse if (start < vma->vm_start || start >= vma->vm_end) 500da4c3c73SJérôme Glisse return -EINVAL; 501da4c3c73SJérôme Glisse if (end < vma->vm_start || end > vma->vm_end) 502da4c3c73SJérôme Glisse return -EINVAL; 503da4c3c73SJérôme Glisse 504da4c3c73SJérôme Glisse hmm = hmm_register(vma->vm_mm); 505da4c3c73SJérôme Glisse if (!hmm) 506da4c3c73SJérôme Glisse return -ENOMEM; 507da4c3c73SJérôme Glisse /* Caller must have registered a mirror, via hmm_mirror_register() ! */ 508da4c3c73SJérôme Glisse if (!hmm->mmu_notifier.ops) 509da4c3c73SJérôme Glisse return -EINVAL; 510da4c3c73SJérôme Glisse 511da4c3c73SJérôme Glisse /* Initialize range to track CPU page table update */ 512da4c3c73SJérôme Glisse range->start = start; 513da4c3c73SJérôme Glisse range->pfns = pfns; 514da4c3c73SJérôme Glisse range->end = end; 515da4c3c73SJérôme Glisse spin_lock(&hmm->lock); 516da4c3c73SJérôme Glisse range->valid = true; 517da4c3c73SJérôme Glisse list_add_rcu(&range->list, &hmm->ranges); 518da4c3c73SJérôme Glisse spin_unlock(&hmm->lock); 519da4c3c73SJérôme Glisse 52074eee180SJérôme Glisse hmm_vma_walk.fault = false; 52174eee180SJérôme Glisse hmm_vma_walk.range = range; 52274eee180SJérôme Glisse mm_walk.private = &hmm_vma_walk; 52374eee180SJérôme Glisse 524da4c3c73SJérôme Glisse mm_walk.vma = vma; 525da4c3c73SJérôme Glisse mm_walk.mm = vma->vm_mm; 526da4c3c73SJérôme Glisse mm_walk.pte_entry = NULL; 527da4c3c73SJérôme Glisse mm_walk.test_walk = NULL; 528da4c3c73SJérôme Glisse mm_walk.hugetlb_entry = NULL; 529da4c3c73SJérôme Glisse mm_walk.pmd_entry = hmm_vma_walk_pmd; 530da4c3c73SJérôme Glisse mm_walk.pte_hole = hmm_vma_walk_hole; 531da4c3c73SJérôme Glisse 532da4c3c73SJérôme Glisse walk_page_range(start, end, &mm_walk); 533da4c3c73SJérôme Glisse return 0; 534da4c3c73SJérôme Glisse } 535da4c3c73SJérôme Glisse EXPORT_SYMBOL(hmm_vma_get_pfns); 536da4c3c73SJérôme Glisse 537da4c3c73SJérôme Glisse /* 538da4c3c73SJérôme Glisse * hmm_vma_range_done() - stop tracking change to CPU page table over a range 539da4c3c73SJérôme Glisse * @vma: virtual memory area containing the virtual address range 540da4c3c73SJérôme Glisse * @range: range being tracked 541da4c3c73SJérôme Glisse * Returns: false if range data has been invalidated, true otherwise 542da4c3c73SJérôme Glisse * 543da4c3c73SJérôme Glisse * Range struct is used to track updates to the CPU page table after a call to 544da4c3c73SJérôme Glisse * either hmm_vma_get_pfns() or hmm_vma_fault(). Once the device driver is done 545da4c3c73SJérôme Glisse * using the data, or wants to lock updates to the data it got from those 546da4c3c73SJérôme Glisse * functions, it must call the hmm_vma_range_done() function, which will then 547da4c3c73SJérôme Glisse * stop tracking CPU page table updates. 548da4c3c73SJérôme Glisse * 549da4c3c73SJérôme Glisse * Note that device driver must still implement general CPU page table update 550da4c3c73SJérôme Glisse * tracking either by using hmm_mirror (see hmm_mirror_register()) or by using 551da4c3c73SJérôme Glisse * the mmu_notifier API directly. 552da4c3c73SJérôme Glisse * 553da4c3c73SJérôme Glisse * CPU page table update tracking done through hmm_range is only temporary and 554da4c3c73SJérôme Glisse * to be used while trying to duplicate CPU page table contents for a range of 555da4c3c73SJérôme Glisse * virtual addresses. 556da4c3c73SJérôme Glisse * 557da4c3c73SJérôme Glisse * There are two ways to use this : 558da4c3c73SJérôme Glisse * again: 55974eee180SJérôme Glisse * hmm_vma_get_pfns(vma, range, start, end, pfns); or hmm_vma_fault(...); 560da4c3c73SJérôme Glisse * trans = device_build_page_table_update_transaction(pfns); 561da4c3c73SJérôme Glisse * device_page_table_lock(); 562da4c3c73SJérôme Glisse * if (!hmm_vma_range_done(vma, range)) { 563da4c3c73SJérôme Glisse * device_page_table_unlock(); 564da4c3c73SJérôme Glisse * goto again; 565da4c3c73SJérôme Glisse * } 566da4c3c73SJérôme Glisse * device_commit_transaction(trans); 567da4c3c73SJérôme Glisse * device_page_table_unlock(); 568da4c3c73SJérôme Glisse * 569da4c3c73SJérôme Glisse * Or: 57074eee180SJérôme Glisse * hmm_vma_get_pfns(vma, range, start, end, pfns); or hmm_vma_fault(...); 571da4c3c73SJérôme Glisse * device_page_table_lock(); 572da4c3c73SJérôme Glisse * hmm_vma_range_done(vma, range); 573da4c3c73SJérôme Glisse * device_update_page_table(pfns); 574da4c3c73SJérôme Glisse * device_page_table_unlock(); 575da4c3c73SJérôme Glisse */ 576da4c3c73SJérôme Glisse bool hmm_vma_range_done(struct vm_area_struct *vma, struct hmm_range *range) 577da4c3c73SJérôme Glisse { 578da4c3c73SJérôme Glisse unsigned long npages = (range->end - range->start) >> PAGE_SHIFT; 579da4c3c73SJérôme Glisse struct hmm *hmm; 580da4c3c73SJérôme Glisse 581da4c3c73SJérôme Glisse if (range->end <= range->start) { 582da4c3c73SJérôme Glisse BUG(); 583da4c3c73SJérôme Glisse return false; 584da4c3c73SJérôme Glisse } 585da4c3c73SJérôme Glisse 586da4c3c73SJérôme Glisse hmm = hmm_register(vma->vm_mm); 587da4c3c73SJérôme Glisse if (!hmm) { 588da4c3c73SJérôme Glisse memset(range->pfns, 0, sizeof(*range->pfns) * npages); 589da4c3c73SJérôme Glisse return false; 590da4c3c73SJérôme Glisse } 591da4c3c73SJérôme Glisse 592da4c3c73SJérôme Glisse spin_lock(&hmm->lock); 593da4c3c73SJérôme Glisse list_del_rcu(&range->list); 594da4c3c73SJérôme Glisse spin_unlock(&hmm->lock); 595da4c3c73SJérôme Glisse 596da4c3c73SJérôme Glisse return range->valid; 597da4c3c73SJérôme Glisse } 598da4c3c73SJérôme Glisse EXPORT_SYMBOL(hmm_vma_range_done); 59974eee180SJérôme Glisse 60074eee180SJérôme Glisse /* 60174eee180SJérôme Glisse * hmm_vma_fault() - try to fault some address in a virtual address range 60274eee180SJérôme Glisse * @vma: virtual memory area containing the virtual address range 60374eee180SJérôme Glisse * @range: use to track pfns array content validity 60474eee180SJérôme Glisse * @start: fault range virtual start address (inclusive) 60574eee180SJérôme Glisse * @end: fault range virtual end address (exclusive) 60674eee180SJérôme Glisse * @pfns: array of hmm_pfn_t, only entry with fault flag set will be faulted 60774eee180SJérôme Glisse * @write: is it a write fault 60874eee180SJérôme Glisse * @block: allow blocking on fault (if true it sleeps and do not drop mmap_sem) 60974eee180SJérôme Glisse * Returns: 0 success, error otherwise (-EAGAIN means mmap_sem have been drop) 61074eee180SJérôme Glisse * 61174eee180SJérôme Glisse * This is similar to a regular CPU page fault except that it will not trigger 61274eee180SJérôme Glisse * any memory migration if the memory being faulted is not accessible by CPUs. 61374eee180SJérôme Glisse * 61474eee180SJérôme Glisse * On error, for one virtual address in the range, the function will set the 61574eee180SJérôme Glisse * hmm_pfn_t error flag for the corresponding pfn entry. 61674eee180SJérôme Glisse * 61774eee180SJérôme Glisse * Expected use pattern: 61874eee180SJérôme Glisse * retry: 61974eee180SJérôme Glisse * down_read(&mm->mmap_sem); 62074eee180SJérôme Glisse * // Find vma and address device wants to fault, initialize hmm_pfn_t 62174eee180SJérôme Glisse * // array accordingly 62274eee180SJérôme Glisse * ret = hmm_vma_fault(vma, start, end, pfns, allow_retry); 62374eee180SJérôme Glisse * switch (ret) { 62474eee180SJérôme Glisse * case -EAGAIN: 62574eee180SJérôme Glisse * hmm_vma_range_done(vma, range); 62674eee180SJérôme Glisse * // You might want to rate limit or yield to play nicely, you may 62774eee180SJérôme Glisse * // also commit any valid pfn in the array assuming that you are 62874eee180SJérôme Glisse * // getting true from hmm_vma_range_monitor_end() 62974eee180SJérôme Glisse * goto retry; 63074eee180SJérôme Glisse * case 0: 63174eee180SJérôme Glisse * break; 63274eee180SJérôme Glisse * default: 63374eee180SJérôme Glisse * // Handle error ! 63474eee180SJérôme Glisse * up_read(&mm->mmap_sem) 63574eee180SJérôme Glisse * return; 63674eee180SJérôme Glisse * } 63774eee180SJérôme Glisse * // Take device driver lock that serialize device page table update 63874eee180SJérôme Glisse * driver_lock_device_page_table_update(); 63974eee180SJérôme Glisse * hmm_vma_range_done(vma, range); 64074eee180SJérôme Glisse * // Commit pfns we got from hmm_vma_fault() 64174eee180SJérôme Glisse * driver_unlock_device_page_table_update(); 64274eee180SJérôme Glisse * up_read(&mm->mmap_sem) 64374eee180SJérôme Glisse * 64474eee180SJérôme Glisse * YOU MUST CALL hmm_vma_range_done() AFTER THIS FUNCTION RETURN SUCCESS (0) 64574eee180SJérôme Glisse * BEFORE FREEING THE range struct OR YOU WILL HAVE SERIOUS MEMORY CORRUPTION ! 64674eee180SJérôme Glisse * 64774eee180SJérôme Glisse * YOU HAVE BEEN WARNED ! 64874eee180SJérôme Glisse */ 64974eee180SJérôme Glisse int hmm_vma_fault(struct vm_area_struct *vma, 65074eee180SJérôme Glisse struct hmm_range *range, 65174eee180SJérôme Glisse unsigned long start, 65274eee180SJérôme Glisse unsigned long end, 65374eee180SJérôme Glisse hmm_pfn_t *pfns, 65474eee180SJérôme Glisse bool write, 65574eee180SJérôme Glisse bool block) 65674eee180SJérôme Glisse { 65774eee180SJérôme Glisse struct hmm_vma_walk hmm_vma_walk; 65874eee180SJérôme Glisse struct mm_walk mm_walk; 65974eee180SJérôme Glisse struct hmm *hmm; 66074eee180SJérôme Glisse int ret; 66174eee180SJérôme Glisse 66274eee180SJérôme Glisse /* Sanity check, this really should not happen ! */ 66374eee180SJérôme Glisse if (start < vma->vm_start || start >= vma->vm_end) 66474eee180SJérôme Glisse return -EINVAL; 66574eee180SJérôme Glisse if (end < vma->vm_start || end > vma->vm_end) 66674eee180SJérôme Glisse return -EINVAL; 66774eee180SJérôme Glisse 66874eee180SJérôme Glisse hmm = hmm_register(vma->vm_mm); 66974eee180SJérôme Glisse if (!hmm) { 67074eee180SJérôme Glisse hmm_pfns_clear(pfns, start, end); 67174eee180SJérôme Glisse return -ENOMEM; 67274eee180SJérôme Glisse } 67374eee180SJérôme Glisse /* Caller must have registered a mirror using hmm_mirror_register() */ 67474eee180SJérôme Glisse if (!hmm->mmu_notifier.ops) 67574eee180SJérôme Glisse return -EINVAL; 67674eee180SJérôme Glisse 67774eee180SJérôme Glisse /* Initialize range to track CPU page table update */ 67874eee180SJérôme Glisse range->start = start; 67974eee180SJérôme Glisse range->pfns = pfns; 68074eee180SJérôme Glisse range->end = end; 68174eee180SJérôme Glisse spin_lock(&hmm->lock); 68274eee180SJérôme Glisse range->valid = true; 68374eee180SJérôme Glisse list_add_rcu(&range->list, &hmm->ranges); 68474eee180SJérôme Glisse spin_unlock(&hmm->lock); 68574eee180SJérôme Glisse 68674eee180SJérôme Glisse /* FIXME support hugetlb fs */ 68774eee180SJérôme Glisse if (is_vm_hugetlb_page(vma) || (vma->vm_flags & VM_SPECIAL)) { 68874eee180SJérôme Glisse hmm_pfns_special(pfns, start, end); 68974eee180SJérôme Glisse return 0; 69074eee180SJérôme Glisse } 69174eee180SJérôme Glisse 69274eee180SJérôme Glisse hmm_vma_walk.fault = true; 69374eee180SJérôme Glisse hmm_vma_walk.write = write; 69474eee180SJérôme Glisse hmm_vma_walk.block = block; 69574eee180SJérôme Glisse hmm_vma_walk.range = range; 69674eee180SJérôme Glisse mm_walk.private = &hmm_vma_walk; 69774eee180SJérôme Glisse hmm_vma_walk.last = range->start; 69874eee180SJérôme Glisse 69974eee180SJérôme Glisse mm_walk.vma = vma; 70074eee180SJérôme Glisse mm_walk.mm = vma->vm_mm; 70174eee180SJérôme Glisse mm_walk.pte_entry = NULL; 70274eee180SJérôme Glisse mm_walk.test_walk = NULL; 70374eee180SJérôme Glisse mm_walk.hugetlb_entry = NULL; 70474eee180SJérôme Glisse mm_walk.pmd_entry = hmm_vma_walk_pmd; 70574eee180SJérôme Glisse mm_walk.pte_hole = hmm_vma_walk_hole; 70674eee180SJérôme Glisse 70774eee180SJérôme Glisse do { 70874eee180SJérôme Glisse ret = walk_page_range(start, end, &mm_walk); 70974eee180SJérôme Glisse start = hmm_vma_walk.last; 71074eee180SJérôme Glisse } while (ret == -EAGAIN); 71174eee180SJérôme Glisse 71274eee180SJérôme Glisse if (ret) { 71374eee180SJérôme Glisse unsigned long i; 71474eee180SJérôme Glisse 71574eee180SJérôme Glisse i = (hmm_vma_walk.last - range->start) >> PAGE_SHIFT; 71674eee180SJérôme Glisse hmm_pfns_clear(&pfns[i], hmm_vma_walk.last, end); 71774eee180SJérôme Glisse hmm_vma_range_done(vma, range); 71874eee180SJérôme Glisse } 71974eee180SJérôme Glisse return ret; 72074eee180SJérôme Glisse } 72174eee180SJérôme Glisse EXPORT_SYMBOL(hmm_vma_fault); 722c0b12405SJérôme Glisse #endif /* IS_ENABLED(CONFIG_HMM_MIRROR) */ 723