]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - mm/migrate.c
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ksm: enable KSM page migration
[mirror_ubuntu-jammy-kernel.git] / mm / migrate.c
CommitLineData
b20a3503
CL		 1/*
2 * Memory Migration functionality - linux/mm/migration.c
3 *
4 * Copyright (C) 2006 Silicon Graphics, Inc., Christoph Lameter
5 *
6 * Page migration was first developed in the context of the memory hotplug
7 * project. The main authors of the migration code are:
8 *
9 * IWAMOTO Toshihiro <iwamoto@valinux.co.jp>
10 * Hirokazu Takahashi <taka@valinux.co.jp>
11 * Dave Hansen <haveblue@us.ibm.com>
cde53535 12 * Christoph Lameter
b20a3503
CL		 13 */
14
15#include <linux/migrate.h>
b95f1b31 16#include <linux/export.h>
b20a3503 17#include <linux/swap.h>
0697212a 18#include <linux/swapops.h>
b20a3503 19#include <linux/pagemap.h>
e23ca00b 20#include <linux/buffer_head.h>
b20a3503 21#include <linux/mm_inline.h>
b488893a 22#include <linux/nsproxy.h>
b20a3503 23#include <linux/pagevec.h>
e9995ef9 24#include <linux/ksm.h>
b20a3503
CL		 25#include <linux/rmap.h>
26#include <linux/topology.h>
27#include <linux/cpu.h>
28#include <linux/cpuset.h>
04e62a29 29#include <linux/writeback.h>
742755a1
CL		 30#include <linux/mempolicy.h>
31#include <linux/vmalloc.h>
86c3a764 32#include <linux/security.h>
8a9f3ccd 33#include <linux/memcontrol.h>
4f5ca265 34#include <linux/syscalls.h>
290408d4 35#include <linux/hugetlb.h>
8e6ac7fa 36#include <linux/hugetlb_cgroup.h>
5a0e3ad6 37#include <linux/gfp.h>
bf6bddf1 38#include <linux/balloon_compaction.h>
b20a3503 39
0d1836c3
MN		 40#include <asm/tlbflush.h>
41
7b2a2d4a
MG		 42#define CREATE_TRACE_POINTS
43#include <trace/events/migrate.h>
44
b20a3503
CL		 45#include "internal.h"
46
b20a3503 47/*
742755a1 48 * migrate_prep() needs to be called before we start compiling a list of pages
748446bb
MG		 49 * to be migrated using isolate_lru_page(). If scheduling work on other CPUs is
50 * undesirable, use migrate_prep_local()
b20a3503
CL		 51 */
52int migrate_prep(void)
53{
b20a3503
CL		 54 /*
55 * Clear the LRU lists so pages can be isolated.
56 * Note that pages may be moved off the LRU after we have
57 * drained them. Those pages will fail to migrate like other
58 * pages that may be busy.
59 */
60 lru_add_drain_all();
61
62 return 0;
63}
64
748446bb
MG		 65/* Do the necessary work of migrate_prep but not if it involves other CPUs */
66int migrate_prep_local(void)
67{
68 lru_add_drain();
69
70 return 0;
71}
72
b20a3503 73/*
894bc310
LS		 74 * Add isolated pages on the list back to the LRU under page lock
75 * to avoid leaking evictable pages back onto unevictable list.
b20a3503 76 */
e13861d8 77void putback_lru_pages(struct list_head *l)
b20a3503
CL		 78{
79 struct page *page;
80 struct page *page2;
b20a3503 81
5733c7d1
RA		 82 list_for_each_entry_safe(page, page2, l, lru) {
83 list_del(&page->lru);
84 dec_zone_page_state(page, NR_ISOLATED_ANON +
85 page_is_file_cache(page));
86 putback_lru_page(page);
87 }
88}
89
90/*
91 * Put previously isolated pages back onto the appropriate lists
92 * from where they were once taken off for compaction/migration.
93 *
94 * This function shall be used instead of putback_lru_pages(),
95 * whenever the isolated pageset has been built by isolate_migratepages_range()
96 */
97void putback_movable_pages(struct list_head *l)
98{
99 struct page *page;
100 struct page *page2;
101
b20a3503 102 list_for_each_entry_safe(page, page2, l, lru) {
e24f0b8f 103 list_del(&page->lru);
a731286d 104 dec_zone_page_state(page, NR_ISOLATED_ANON +
6c0b1351 105 page_is_file_cache(page));
bf6bddf1
RA		 106 if (unlikely(balloon_page_movable(page)))
107 balloon_page_putback(page);
108 else
109 putback_lru_page(page);
b20a3503 110 }
b20a3503
CL		 111}
112
0697212a
CL		 113/*
114 * Restore a potential migration pte to a working pte entry
115 */
e9995ef9
HD		 116static int remove_migration_pte(struct page *new, struct vm_area_struct *vma,
117 unsigned long addr, void *old)
0697212a
CL		 118{
119 struct mm_struct *mm = vma->vm_mm;
120 swp_entry_t entry;
0697212a
CL		 121 pmd_t *pmd;
122 pte_t *ptep, pte;
123 spinlock_t *ptl;
124
290408d4
NH		 125 if (unlikely(PageHuge(new))) {
126 ptep = huge_pte_offset(mm, addr);
127 if (!ptep)
128 goto out;
129 ptl = &mm->page_table_lock;
130 } else {
6219049a
BL		 131 pmd = mm_find_pmd(mm, addr);
132 if (!pmd)
290408d4 133 goto out;
500d65d4
AA		 134 if (pmd_trans_huge(*pmd))
135 goto out;
0697212a 136
290408d4 137 ptep = pte_offset_map(pmd, addr);
0697212a 138
486cf46f
HD		 139 /*
140 * Peek to check is_swap_pte() before taking ptlock? No, we
141 * can race mremap's move_ptes(), which skips anon_vma lock.
142 */
290408d4
NH		 143
144 ptl = pte_lockptr(mm, pmd);
145 }
0697212a 146
0697212a
CL		 147 spin_lock(ptl);
148 pte = *ptep;
149 if (!is_swap_pte(pte))
e9995ef9 150 goto unlock;
0697212a
CL		 151
152 entry = pte_to_swp_entry(pte);
153
e9995ef9
HD		 154 if (!is_migration_entry(entry) ||
155 migration_entry_to_page(entry) != old)
156 goto unlock;
0697212a 157
0697212a
CL		 158 get_page(new);
159 pte = pte_mkold(mk_pte(new, vma->vm_page_prot));
160 if (is_write_migration_entry(entry))
161 pte = pte_mkwrite(pte);
3ef8fd7f 162#ifdef CONFIG_HUGETLB_PAGE
be7517d6 163 if (PageHuge(new)) {
290408d4 164 pte = pte_mkhuge(pte);
be7517d6
TL		 165 pte = arch_make_huge_pte(pte, vma, new, 0);
166 }
3ef8fd7f 167#endif
97ee0524 168 flush_cache_page(vma, addr, pte_pfn(pte));
0697212a 169 set_pte_at(mm, addr, ptep, pte);
04e62a29 170
290408d4
NH		 171 if (PageHuge(new)) {
172 if (PageAnon(new))
173 hugepage_add_anon_rmap(new, vma, addr);
174 else
175 page_dup_rmap(new);
176 } else if (PageAnon(new))
04e62a29
CL		 177 page_add_anon_rmap(new, vma, addr);
178 else
179 page_add_file_rmap(new);
180
181 /* No need to invalidate - it was non-present before */
4b3073e1 182 update_mmu_cache(vma, addr, ptep);
e9995ef9 183unlock:
0697212a 184 pte_unmap_unlock(ptep, ptl);
e9995ef9
HD		 185out:
186 return SWAP_AGAIN;
0697212a
CL		 187}
188
04e62a29
CL		 189/*
190 * Get rid of all migration entries and replace them by
191 * references to the indicated page.
192 */
193static void remove_migration_ptes(struct page *old, struct page *new)
194{
e9995ef9 195 rmap_walk(new, remove_migration_pte, old);
04e62a29
CL		 196}
197
0697212a
CL		 198/*
199 * Something used the pte of a page under migration. We need to
200 * get to the page and wait until migration is finished.
201 * When we return from this function the fault will be retried.
0697212a
CL		 202 */
203void migration_entry_wait(struct mm_struct *mm, pmd_t *pmd,
204 unsigned long address)
205{
206 pte_t *ptep, pte;
207 spinlock_t *ptl;
208 swp_entry_t entry;
209 struct page *page;
210
211 ptep = pte_offset_map_lock(mm, pmd, address, &ptl);
212 pte = *ptep;
213 if (!is_swap_pte(pte))
214 goto out;
215
216 entry = pte_to_swp_entry(pte);
217 if (!is_migration_entry(entry))
218 goto out;
219
220 page = migration_entry_to_page(entry);
221
e286781d
NP		 222 /*
223 * Once radix-tree replacement of page migration started, page_count
224 * *must* be zero. And, we don't want to call wait_on_page_locked()
225 * against a page without get_page().
226 * So, we use get_page_unless_zero(), here. Even failed, page fault
227 * will occur again.
228 */
229 if (!get_page_unless_zero(page))
230 goto out;
0697212a
CL		 231 pte_unmap_unlock(ptep, ptl);
232 wait_on_page_locked(page);
233 put_page(page);
234 return;
235out:
236 pte_unmap_unlock(ptep, ptl);
237}
238
b969c4ab
MG		 239#ifdef CONFIG_BLOCK
240/* Returns true if all buffers are successfully locked */
a6bc32b8
MG		 241static bool buffer_migrate_lock_buffers(struct buffer_head *head,
242 enum migrate_mode mode)
b969c4ab
MG		 243{
244 struct buffer_head *bh = head;
245
246 /* Simple case, sync compaction */
a6bc32b8 247 if (mode != MIGRATE_ASYNC) {
b969c4ab
MG		 248 do {
249 get_bh(bh);
250 lock_buffer(bh);
251 bh = bh->b_this_page;
252
253 } while (bh != head);
254
255 return true;
256 }
257
258 /* async case, we cannot block on lock_buffer so use trylock_buffer */
259 do {
260 get_bh(bh);
261 if (!trylock_buffer(bh)) {
262 /*
263 * We failed to lock the buffer and cannot stall in
264 * async migration. Release the taken locks
265 */
266 struct buffer_head *failed_bh = bh;
267 put_bh(failed_bh);
268 bh = head;
269 while (bh != failed_bh) {
270 unlock_buffer(bh);
271 put_bh(bh);
272 bh = bh->b_this_page;
273 }
274 return false;
275 }
276
277 bh = bh->b_this_page;
278 } while (bh != head);
279 return true;
280}
281#else
282static inline bool buffer_migrate_lock_buffers(struct buffer_head *head,
a6bc32b8 283 enum migrate_mode mode)
b969c4ab
MG		 284{
285 return true;
286}
287#endif /* CONFIG_BLOCK */
288
b20a3503 289/*
c3fcf8a5 290 * Replace the page in the mapping.
5b5c7120
CL		 291 *
292 * The number of remaining references must be:
293 * 1 for anonymous pages without a mapping
294 * 2 for pages with a mapping
266cf658 295 * 3 for pages with a mapping and PagePrivate/PagePrivate2 set.
b20a3503 296 */
2d1db3b1 297static int migrate_page_move_mapping(struct address_space *mapping,
b969c4ab 298 struct page *newpage, struct page *page,
a6bc32b8 299 struct buffer_head *head, enum migrate_mode mode)
b20a3503 300{
7039e1db 301 int expected_count = 0;
7cf9c2c7 302 void **pslot;
b20a3503 303
6c5240ae 304 if (!mapping) {
0e8c7d0f 305 /* Anonymous page without mapping */
6c5240ae
CL		 306 if (page_count(page) != 1)
307 return -EAGAIN;
78bd5209 308 return MIGRATEPAGE_SUCCESS;
6c5240ae
CL		 309 }
310
19fd6231 311 spin_lock_irq(&mapping->tree_lock);
b20a3503 312
7cf9c2c7
NP		 313 pslot = radix_tree_lookup_slot(&mapping->page_tree,
314 page_index(page));
b20a3503 315
edcf4748 316 expected_count = 2 + page_has_private(page);
e286781d 317 if (page_count(page) != expected_count ||
29c1f677 318 radix_tree_deref_slot_protected(pslot, &mapping->tree_lock) != page) {
19fd6231 319 spin_unlock_irq(&mapping->tree_lock);
e23ca00b 320 return -EAGAIN;
b20a3503
CL		 321 }
322
e286781d 323 if (!page_freeze_refs(page, expected_count)) {
19fd6231 324 spin_unlock_irq(&mapping->tree_lock);
e286781d
NP		 325 return -EAGAIN;
326 }
327
b969c4ab
MG		 328 /*
329 * In the async migration case of moving a page with buffers, lock the
330 * buffers using trylock before the mapping is moved. If the mapping
331 * was moved, we later failed to lock the buffers and could not move
332 * the mapping back due to an elevated page count, we would have to
333 * block waiting on other references to be dropped.
334 */
a6bc32b8
MG		 335 if (mode == MIGRATE_ASYNC && head &&
336 !buffer_migrate_lock_buffers(head, mode)) {
b969c4ab
MG		 337 page_unfreeze_refs(page, expected_count);
338 spin_unlock_irq(&mapping->tree_lock);
339 return -EAGAIN;
340 }
341
b20a3503
CL		 342 /*
343 * Now we know that no one else is looking at the page.
b20a3503 344 */
7cf9c2c7 345 get_page(newpage); /* add cache reference */
b20a3503
CL		 346 if (PageSwapCache(page)) {
347 SetPageSwapCache(newpage);
348 set_page_private(newpage, page_private(page));
349 }
350
7cf9c2c7
NP		 351 radix_tree_replace_slot(pslot, newpage);
352
353 /*
937a94c9
JG		 354 * Drop cache reference from old page by unfreezing
355 * to one less reference.
7cf9c2c7
NP		 356 * We know this isn't the last reference.
357 */
937a94c9 358 page_unfreeze_refs(page, expected_count - 1);
7cf9c2c7 359
0e8c7d0f
CL		 360 /*
361 * If moved to a different zone then also account
362 * the page for that zone. Other VM counters will be
363 * taken care of when we establish references to the
364 * new page and drop references to the old page.
365 *
366 * Note that anonymous pages are accounted for
367 * via NR_FILE_PAGES and NR_ANON_PAGES if they
368 * are mapped to swap space.
369 */
370 __dec_zone_page_state(page, NR_FILE_PAGES);
371 __inc_zone_page_state(newpage, NR_FILE_PAGES);
99a15e21 372 if (!PageSwapCache(page) && PageSwapBacked(page)) {
4b02108a
KM		 373 __dec_zone_page_state(page, NR_SHMEM);
374 __inc_zone_page_state(newpage, NR_SHMEM);
375 }
19fd6231 376 spin_unlock_irq(&mapping->tree_lock);
b20a3503 377
78bd5209 378 return MIGRATEPAGE_SUCCESS;
b20a3503 379}
b20a3503 380
290408d4
NH		 381/*
382 * The expected number of remaining references is the same as that
383 * of migrate_page_move_mapping().
384 */
385int migrate_huge_page_move_mapping(struct address_space *mapping,
386 struct page *newpage, struct page *page)
387{
388 int expected_count;
389 void **pslot;
390
391 if (!mapping) {
392 if (page_count(page) != 1)
393 return -EAGAIN;
78bd5209 394 return MIGRATEPAGE_SUCCESS;
290408d4
NH		 395 }
396
397 spin_lock_irq(&mapping->tree_lock);
398
399 pslot = radix_tree_lookup_slot(&mapping->page_tree,
400 page_index(page));
401
402 expected_count = 2 + page_has_private(page);
403 if (page_count(page) != expected_count ||
29c1f677 404 radix_tree_deref_slot_protected(pslot, &mapping->tree_lock) != page) {
290408d4
NH		 405 spin_unlock_irq(&mapping->tree_lock);
406 return -EAGAIN;
407 }
408
409 if (!page_freeze_refs(page, expected_count)) {
410 spin_unlock_irq(&mapping->tree_lock);
411 return -EAGAIN;
412 }
413
414 get_page(newpage);
415
416 radix_tree_replace_slot(pslot, newpage);
417
937a94c9 418 page_unfreeze_refs(page, expected_count - 1);
290408d4
NH		 419
420 spin_unlock_irq(&mapping->tree_lock);
78bd5209 421 return MIGRATEPAGE_SUCCESS;
290408d4
NH		 422}
423
b20a3503
CL		 424/*
425 * Copy the page to its new location
426 */
290408d4 427void migrate_page_copy(struct page *newpage, struct page *page)
b20a3503 428{
b32967ff 429 if (PageHuge(page) || PageTransHuge(page))
290408d4
NH		 430 copy_huge_page(newpage, page);
431 else
432 copy_highpage(newpage, page);
b20a3503
CL		 433
434 if (PageError(page))
435 SetPageError(newpage);
436 if (PageReferenced(page))
437 SetPageReferenced(newpage);
438 if (PageUptodate(page))
439 SetPageUptodate(newpage);
894bc310
LS		 440 if (TestClearPageActive(page)) {
441 VM_BUG_ON(PageUnevictable(page));
b20a3503 442 SetPageActive(newpage);
418b27ef
LS		 443 } else if (TestClearPageUnevictable(page))
444 SetPageUnevictable(newpage);
b20a3503
CL		 445 if (PageChecked(page))
446 SetPageChecked(newpage);
447 if (PageMappedToDisk(page))
448 SetPageMappedToDisk(newpage);
449
450 if (PageDirty(page)) {
451 clear_page_dirty_for_io(page);
3a902c5f
NP		 452 /*
453 * Want to mark the page and the radix tree as dirty, and
454 * redo the accounting that clear_page_dirty_for_io undid,
455 * but we can't use set_page_dirty because that function
456 * is actually a signal that all of the page has become dirty.
25985edc 457 * Whereas only part of our page may be dirty.
3a902c5f 458 */
752dc185
HD		 459 if (PageSwapBacked(page))
460 SetPageDirty(newpage);
461 else
462 __set_page_dirty_nobuffers(newpage);
b20a3503
CL		 463 }
464
b291f000 465 mlock_migrate_page(newpage, page);
e9995ef9 466 ksm_migrate_page(newpage, page);
c8d6553b
HD		 467 /*
468 * Please do not reorder this without considering how mm/ksm.c's
469 * get_ksm_page() depends upon ksm_migrate_page() and PageSwapCache().
470 */
b20a3503 471 ClearPageSwapCache(page);
b20a3503
CL		 472 ClearPagePrivate(page);
473 set_page_private(page, 0);
b20a3503
CL		 474
475 /*
476 * If any waiters have accumulated on the new page then
477 * wake them up.
478 */
479 if (PageWriteback(newpage))
480 end_page_writeback(newpage);
481}
b20a3503 482
1d8b85cc
CL		 483/************************************************************
484 * Migration functions
485 ***********************************************************/
486
487/* Always fail migration. Used for mappings that are not movable */
2d1db3b1
CL		 488int fail_migrate_page(struct address_space *mapping,
489 struct page *newpage, struct page *page)
1d8b85cc
CL		 490{
491 return -EIO;
492}
493EXPORT_SYMBOL(fail_migrate_page);
494
b20a3503
CL		 495/*
496 * Common logic to directly migrate a single page suitable for
266cf658 497 * pages that do not use PagePrivate/PagePrivate2.
b20a3503
CL		 498 *
499 * Pages are locked upon entry and exit.
500 */
2d1db3b1 501int migrate_page(struct address_space *mapping,
a6bc32b8
MG		 502 struct page *newpage, struct page *page,
503 enum migrate_mode mode)
b20a3503
CL		 504{
505 int rc;
506
507 BUG_ON(PageWriteback(page)); /* Writeback must be complete */
508
a6bc32b8 509 rc = migrate_page_move_mapping(mapping, newpage, page, NULL, mode);
b20a3503 510
78bd5209 511 if (rc != MIGRATEPAGE_SUCCESS)
b20a3503
CL		 512 return rc;
513
514 migrate_page_copy(newpage, page);
78bd5209 515 return MIGRATEPAGE_SUCCESS;
b20a3503
CL		 516}
517EXPORT_SYMBOL(migrate_page);
518
9361401e 519#ifdef CONFIG_BLOCK
1d8b85cc
CL		 520/*
521 * Migration function for pages with buffers. This function can only be used
522 * if the underlying filesystem guarantees that no other references to "page"
523 * exist.
524 */
2d1db3b1 525int buffer_migrate_page(struct address_space *mapping,
a6bc32b8 526 struct page *newpage, struct page *page, enum migrate_mode mode)
1d8b85cc 527{
1d8b85cc
CL		 528 struct buffer_head *bh, *head;
529 int rc;
530
1d8b85cc 531 if (!page_has_buffers(page))
a6bc32b8 532 return migrate_page(mapping, newpage, page, mode);
1d8b85cc
CL		 533
534 head = page_buffers(page);
535
a6bc32b8 536 rc = migrate_page_move_mapping(mapping, newpage, page, head, mode);
1d8b85cc 537
78bd5209 538 if (rc != MIGRATEPAGE_SUCCESS)
1d8b85cc
CL		 539 return rc;
540
b969c4ab
MG		 541 /*
542 * In the async case, migrate_page_move_mapping locked the buffers
543 * with an IRQ-safe spinlock held. In the sync case, the buffers
544 * need to be locked now
545 */
a6bc32b8
MG		 546 if (mode != MIGRATE_ASYNC)
547 BUG_ON(!buffer_migrate_lock_buffers(head, mode));
1d8b85cc
CL		 548
549 ClearPagePrivate(page);
550 set_page_private(newpage, page_private(page));
551 set_page_private(page, 0);
552 put_page(page);
553 get_page(newpage);
554
555 bh = head;
556 do {
557 set_bh_page(bh, newpage, bh_offset(bh));
558 bh = bh->b_this_page;
559
560 } while (bh != head);
561
562 SetPagePrivate(newpage);
563
564 migrate_page_copy(newpage, page);
565
566 bh = head;
567 do {
568 unlock_buffer(bh);
569 put_bh(bh);
570 bh = bh->b_this_page;
571
572 } while (bh != head);
573
78bd5209 574 return MIGRATEPAGE_SUCCESS;
1d8b85cc
CL		 575}
576EXPORT_SYMBOL(buffer_migrate_page);
9361401e 577#endif
1d8b85cc 578
04e62a29
CL		 579/*
580 * Writeback a page to clean the dirty state
581 */
582static int writeout(struct address_space *mapping, struct page *page)
8351a6e4 583{
04e62a29
CL		 584 struct writeback_control wbc = {
585 .sync_mode = WB_SYNC_NONE,
586 .nr_to_write = 1,
587 .range_start = 0,
588 .range_end = LLONG_MAX,
04e62a29
CL		 589 .for_reclaim = 1
590 };
591 int rc;
592
593 if (!mapping->a_ops->writepage)
594 /* No write method for the address space */
595 return -EINVAL;
596
597 if (!clear_page_dirty_for_io(page))
598 /* Someone else already triggered a write */
599 return -EAGAIN;
600
8351a6e4 601 /*
04e62a29
CL		 602 * A dirty page may imply that the underlying filesystem has
603 * the page on some queue. So the page must be clean for
604 * migration. Writeout may mean we loose the lock and the
605 * page state is no longer what we checked for earlier.
606 * At this point we know that the migration attempt cannot
607 * be successful.
8351a6e4 608 */
04e62a29 609 remove_migration_ptes(page, page);
8351a6e4 610
04e62a29 611 rc = mapping->a_ops->writepage(page, &wbc);
8351a6e4 612
04e62a29
CL		 613 if (rc != AOP_WRITEPAGE_ACTIVATE)
614 /* unlocked. Relock */
615 lock_page(page);
616
bda8550d 617 return (rc < 0) ? -EIO : -EAGAIN;
04e62a29
CL		 618}
619
620/*
621 * Default handling if a filesystem does not provide a migration function.
622 */
623static int fallback_migrate_page(struct address_space *mapping,
a6bc32b8 624 struct page *newpage, struct page *page, enum migrate_mode mode)
04e62a29 625{
b969c4ab 626 if (PageDirty(page)) {
a6bc32b8
MG		 627 /* Only writeback pages in full synchronous migration */
628 if (mode != MIGRATE_SYNC)
b969c4ab 629 return -EBUSY;
04e62a29 630 return writeout(mapping, page);
b969c4ab 631 }
8351a6e4
CL		 632
633 /*
634 * Buffers may be managed in a filesystem specific way.
635 * We must have no buffers or drop them.
636 */
266cf658 637 if (page_has_private(page) &&
8351a6e4
CL		 638 !try_to_release_page(page, GFP_KERNEL))
639 return -EAGAIN;
640
a6bc32b8 641 return migrate_page(mapping, newpage, page, mode);
8351a6e4
CL		 642}
643
e24f0b8f
CL		 644/*
645 * Move a page to a newly allocated page
646 * The page is locked and all ptes have been successfully removed.
647 *
648 * The new page will have replaced the old page if this function
649 * is successful.
894bc310
LS		 650 *
651 * Return value:
652 * < 0 - error code
78bd5209 653 * MIGRATEPAGE_SUCCESS - success
e24f0b8f 654 */
3fe2011f 655static int move_to_new_page(struct page *newpage, struct page *page,
a6bc32b8 656 int remap_swapcache, enum migrate_mode mode)
e24f0b8f
CL		 657{
658 struct address_space *mapping;
659 int rc;
660
661 /*
662 * Block others from accessing the page when we get around to
663 * establishing additional references. We are the only one
664 * holding a reference to the new page at this point.
665 */
529ae9aa 666 if (!trylock_page(newpage))
e24f0b8f
CL		 667 BUG();
668
669 /* Prepare mapping for the new page.*/
670 newpage->index = page->index;
671 newpage->mapping = page->mapping;
b2e18538
RR		 672 if (PageSwapBacked(page))
673 SetPageSwapBacked(newpage);
e24f0b8f
CL		 674
675 mapping = page_mapping(page);
676 if (!mapping)
a6bc32b8 677 rc = migrate_page(mapping, newpage, page, mode);
b969c4ab 678 else if (mapping->a_ops->migratepage)
e24f0b8f 679 /*
b969c4ab
MG		 680 * Most pages have a mapping and most filesystems provide a
681 * migratepage callback. Anonymous pages are part of swap
682 * space which also has its own migratepage callback. This
683 * is the most common path for page migration.
e24f0b8f 684 */
b969c4ab 685 rc = mapping->a_ops->migratepage(mapping,
a6bc32b8 686 newpage, page, mode);
b969c4ab 687 else
a6bc32b8 688 rc = fallback_migrate_page(mapping, newpage, page, mode);
e24f0b8f 689
78bd5209 690 if (rc != MIGRATEPAGE_SUCCESS) {
e24f0b8f 691 newpage->mapping = NULL;
3fe2011f
MG		 692 } else {
693 if (remap_swapcache)
694 remove_migration_ptes(page, newpage);
35512eca 695 page->mapping = NULL;
3fe2011f 696 }
e24f0b8f
CL		 697
698 unlock_page(newpage);
699
700 return rc;
701}
702
0dabec93 703static int __unmap_and_move(struct page *page, struct page *newpage,
a6bc32b8 704 int force, bool offlining, enum migrate_mode mode)
e24f0b8f 705{
0dabec93 706 int rc = -EAGAIN;
3fe2011f 707 int remap_swapcache = 1;
56039efa 708 struct mem_cgroup *mem;
3f6c8272 709 struct anon_vma *anon_vma = NULL;
95a402c3 710
529ae9aa 711 if (!trylock_page(page)) {
a6bc32b8 712 if (!force || mode == MIGRATE_ASYNC)
0dabec93 713 goto out;
3e7d3449
MG		 714
715 /*
716 * It's not safe for direct compaction to call lock_page.
717 * For example, during page readahead pages are added locked
718 * to the LRU. Later, when the IO completes the pages are
719 * marked uptodate and unlocked. However, the queueing
720 * could be merging multiple pages for one bio (e.g.
721 * mpage_readpages). If an allocation happens for the
722 * second or third page, the process can end up locking
723 * the same page twice and deadlocking. Rather than
724 * trying to be clever about what pages can be locked,
725 * avoid the use of lock_page for direct compaction
726 * altogether.
727 */
728 if (current->flags & PF_MEMALLOC)
0dabec93 729 goto out;
3e7d3449 730
e24f0b8f
CL		 731 lock_page(page);
732 }
733
01b1ae63 734 /* charge against new page */
0030f535 735 mem_cgroup_prepare_migration(page, newpage, &mem);
01b1ae63 736
e24f0b8f 737 if (PageWriteback(page)) {
11bc82d6 738 /*
a6bc32b8
MG		 739 * Only in the case of a full syncronous migration is it
740 * necessary to wait for PageWriteback. In the async case,
741 * the retry loop is too short and in the sync-light case,
742 * the overhead of stalling is too much
11bc82d6 743 */
a6bc32b8 744 if (mode != MIGRATE_SYNC) {
11bc82d6
AA		 745 rc = -EBUSY;
746 goto uncharge;
747 }
748 if (!force)
01b1ae63 749 goto uncharge;
e24f0b8f
CL		 750 wait_on_page_writeback(page);
751 }
e24f0b8f 752 /*
dc386d4d
KH		 753 * By try_to_unmap(), page->mapcount goes down to 0 here. In this case,
754 * we cannot notice that anon_vma is freed while we migrates a page.
1ce82b69 755 * This get_anon_vma() delays freeing anon_vma pointer until the end
dc386d4d 756 * of migration. File cache pages are no problem because of page_lock()
989f89c5
KH		 757 * File Caches may use write_page() or lock_page() in migration, then,
758 * just care Anon page here.
dc386d4d 759 */
b79bc0a0 760 if (PageAnon(page) && !PageKsm(page)) {
1ce82b69 761 /*
4fc3f1d6 762 * Only page_lock_anon_vma_read() understands the subtleties of
1ce82b69
HD		 763 * getting a hold on an anon_vma from outside one of its mms.
764 */
746b18d4 765 anon_vma = page_get_anon_vma(page);
1ce82b69
HD		 766 if (anon_vma) {
767 /*
746b18d4 768 * Anon page
1ce82b69 769 */
1ce82b69 770 } else if (PageSwapCache(page)) {
3fe2011f
MG		 771 /*
772 * We cannot be sure that the anon_vma of an unmapped
773 * swapcache page is safe to use because we don't
774 * know in advance if the VMA that this page belonged
775 * to still exists. If the VMA and others sharing the
776 * data have been freed, then the anon_vma could
777 * already be invalid.
778 *
779 * To avoid this possibility, swapcache pages get
780 * migrated but are not remapped when migration
781 * completes
782 */
783 remap_swapcache = 0;
784 } else {
1ce82b69 785 goto uncharge;
3fe2011f 786 }
989f89c5 787 }
62e1c553 788
bf6bddf1
RA		 789 if (unlikely(balloon_page_movable(page))) {
790 /*
791 * A ballooned page does not need any special attention from
792 * physical to virtual reverse mapping procedures.
793 * Skip any attempt to unmap PTEs or to remap swap cache,
794 * in order to avoid burning cycles at rmap level, and perform
795 * the page migration right away (proteced by page lock).
796 */
797 rc = balloon_page_migrate(newpage, page, mode);
798 goto uncharge;
799 }
800
dc386d4d 801 /*
62e1c553
SL		 802 * Corner case handling:
803 * 1. When a new swap-cache page is read into, it is added to the LRU
804 * and treated as swapcache but it has no rmap yet.
805 * Calling try_to_unmap() against a page->mapping==NULL page will
806 * trigger a BUG. So handle it here.
807 * 2. An orphaned page (see truncate_complete_page) might have
808 * fs-private metadata. The page can be picked up due to memory
809 * offlining. Everywhere else except page reclaim, the page is
810 * invisible to the vm, so the page can not be migrated. So try to
811 * free the metadata, so the page can be freed.
e24f0b8f 812 */
62e1c553 813 if (!page->mapping) {
1ce82b69
HD		 814 VM_BUG_ON(PageAnon(page));
815 if (page_has_private(page)) {
62e1c553 816 try_to_free_buffers(page);
1ce82b69 817 goto uncharge;
62e1c553 818 }
abfc3488 819 goto skip_unmap;
62e1c553
SL		 820 }
821
dc386d4d 822 /* Establish migration ptes or remove ptes */
14fa31b8 823 try_to_unmap(page, TTU_MIGRATION|TTU_IGNORE_MLOCK|TTU_IGNORE_ACCESS);
dc386d4d 824
abfc3488 825skip_unmap:
e6a1530d 826 if (!page_mapped(page))
a6bc32b8 827 rc = move_to_new_page(newpage, page, remap_swapcache, mode);
e24f0b8f 828
3fe2011f 829 if (rc && remap_swapcache)
e24f0b8f 830 remove_migration_ptes(page, page);
3f6c8272
MG		 831
832 /* Drop an anon_vma reference if we took one */
76545066 833 if (anon_vma)
9e60109f 834 put_anon_vma(anon_vma);
3f6c8272 835
01b1ae63 836uncharge:
bf6bddf1
RA		 837 mem_cgroup_end_migration(mem, page, newpage,
838 (rc == MIGRATEPAGE_SUCCESS ||
839 rc == MIGRATEPAGE_BALLOON_SUCCESS));
e24f0b8f 840 unlock_page(page);
0dabec93
MK		 841out:
842 return rc;
843}
95a402c3 844
0dabec93
MK		 845/*
846 * Obtain the lock on page, remove all ptes and migrate the page
847 * to the newly allocated page in newpage.
848 */
849static int unmap_and_move(new_page_t get_new_page, unsigned long private,
a6bc32b8
MG		 850 struct page *page, int force, bool offlining,
851 enum migrate_mode mode)
0dabec93
MK		 852{
853 int rc = 0;
854 int *result = NULL;
855 struct page *newpage = get_new_page(page, private, &result);
856
857 if (!newpage)
858 return -ENOMEM;
859
860 if (page_count(page) == 1) {
861 /* page was freed from under us. So we are done. */
862 goto out;
863 }
864
865 if (unlikely(PageTransHuge(page)))
866 if (unlikely(split_huge_page(page)))
867 goto out;
868
a6bc32b8 869 rc = __unmap_and_move(page, newpage, force, offlining, mode);
bf6bddf1
RA		 870
871 if (unlikely(rc == MIGRATEPAGE_BALLOON_SUCCESS)) {
872 /*
873 * A ballooned page has been migrated already.
874 * Now, it's the time to wrap-up counters,
875 * handle the page back to Buddy and return.
876 */
877 dec_zone_page_state(page, NR_ISOLATED_ANON +
878 page_is_file_cache(page));
879 balloon_page_free(page);
880 return MIGRATEPAGE_SUCCESS;
881 }
0dabec93 882out:
e24f0b8f 883 if (rc != -EAGAIN) {
0dabec93
MK		 884 /*
885 * A page that has been migrated has all references
886 * removed and will be freed. A page that has not been
887 * migrated will have kepts its references and be
888 * restored.
889 */
890 list_del(&page->lru);
a731286d 891 dec_zone_page_state(page, NR_ISOLATED_ANON +
6c0b1351 892 page_is_file_cache(page));
894bc310 893 putback_lru_page(page);
e24f0b8f 894 }
95a402c3
CL		 895 /*
896 * Move the new page to the LRU. If migration was not successful
897 * then this will free the page.
898 */
894bc310 899 putback_lru_page(newpage);
742755a1
CL		 900 if (result) {
901 if (rc)
902 *result = rc;
903 else
904 *result = page_to_nid(newpage);
905 }
e24f0b8f
CL		 906 return rc;
907}
908
290408d4
NH		 909/*
910 * Counterpart of unmap_and_move_page() for hugepage migration.
911 *
912 * This function doesn't wait the completion of hugepage I/O
913 * because there is no race between I/O and migration for hugepage.
914 * Note that currently hugepage I/O occurs only in direct I/O
915 * where no lock is held and PG_writeback is irrelevant,
916 * and writeback status of all subpages are counted in the reference
917 * count of the head page (i.e. if all subpages of a 2MB hugepage are
918 * under direct I/O, the reference of the head page is 512 and a bit more.)
919 * This means that when we try to migrate hugepage whose subpages are
920 * doing direct I/O, some references remain after try_to_unmap() and
921 * hugepage migration fails without data corruption.
922 *
923 * There is also no race when direct I/O is issued on the page under migration,
924 * because then pte is replaced with migration swap entry and direct I/O code
925 * will wait in the page fault for migration to complete.
926 */
927static int unmap_and_move_huge_page(new_page_t get_new_page,
928 unsigned long private, struct page *hpage,
a6bc32b8
MG		 929 int force, bool offlining,
930 enum migrate_mode mode)
290408d4
NH		 931{
932 int rc = 0;
933 int *result = NULL;
934 struct page *new_hpage = get_new_page(hpage, private, &result);
290408d4
NH		 935 struct anon_vma *anon_vma = NULL;
936
937 if (!new_hpage)
938 return -ENOMEM;
939
940 rc = -EAGAIN;
941
942 if (!trylock_page(hpage)) {
a6bc32b8 943 if (!force || mode != MIGRATE_SYNC)
290408d4
NH		 944 goto out;
945 lock_page(hpage);
946 }
947
746b18d4
PZ		 948 if (PageAnon(hpage))
949 anon_vma = page_get_anon_vma(hpage);
290408d4
NH		 950
951 try_to_unmap(hpage, TTU_MIGRATION|TTU_IGNORE_MLOCK|TTU_IGNORE_ACCESS);
952
953 if (!page_mapped(hpage))
a6bc32b8 954 rc = move_to_new_page(new_hpage, hpage, 1, mode);
290408d4
NH		 955
956 if (rc)
957 remove_migration_ptes(hpage, hpage);
958
fd4a4663 959 if (anon_vma)
9e60109f 960 put_anon_vma(anon_vma);
8e6ac7fa
AK		 961
962 if (!rc)
963 hugetlb_cgroup_migrate(hpage, new_hpage);
964
290408d4 965 unlock_page(hpage);
09761333 966out:
290408d4 967 put_page(new_hpage);
290408d4
NH		 968 if (result) {
969 if (rc)
970 *result = rc;
971 else
972 *result = page_to_nid(new_hpage);
973 }
974 return rc;
975}
976
b20a3503
CL		 977/*
978 * migrate_pages
979 *
95a402c3
CL		 980 * The function takes one list of pages to migrate and a function
981 * that determines from the page to be migrated and the private data
982 * the target of the move and allocates the page.
b20a3503
CL		 983 *
984 * The function returns after 10 attempts or if no pages
985 * are movable anymore because to has become empty
cf608ac1
MK		 986 * or no retryable pages exist anymore.
987 * Caller should call putback_lru_pages to return pages to the LRU
28bd6578 988 * or free list only if ret != 0.
b20a3503 989 *
95a402c3 990 * Return: Number of pages not migrated or error code.
b20a3503 991 */
95a402c3 992int migrate_pages(struct list_head *from,
7f0f2496 993 new_page_t get_new_page, unsigned long private, bool offlining,
7b2a2d4a 994 enum migrate_mode mode, int reason)
b20a3503 995{
e24f0b8f 996 int retry = 1;
b20a3503 997 int nr_failed = 0;
5647bc29 998 int nr_succeeded = 0;
b20a3503
CL		 999 int pass = 0;
1000 struct page *page;
1001 struct page *page2;
1002 int swapwrite = current->flags & PF_SWAPWRITE;
1003 int rc;
1004
1005 if (!swapwrite)
1006 current->flags |= PF_SWAPWRITE;
1007
e24f0b8f
CL		 1008 for(pass = 0; pass < 10 && retry; pass++) {
1009 retry = 0;
b20a3503 1010
e24f0b8f 1011 list_for_each_entry_safe(page, page2, from, lru) {
e24f0b8f 1012 cond_resched();
2d1db3b1 1013
95a402c3 1014 rc = unmap_and_move(get_new_page, private,
77f1fe6b 1015 page, pass > 2, offlining,
a6bc32b8 1016 mode);
2d1db3b1 1017
e24f0b8f 1018 switch(rc) {
95a402c3
CL		 1019 case -ENOMEM:
1020 goto out;
e24f0b8f 1021 case -EAGAIN:
2d1db3b1 1022 retry++;
e24f0b8f 1023 break;
78bd5209 1024 case MIGRATEPAGE_SUCCESS:
5647bc29 1025 nr_succeeded++;
e24f0b8f
CL		 1026 break;
1027 default:
2d1db3b1 1028 /* Permanent failure */
2d1db3b1 1029 nr_failed++;
e24f0b8f 1030 break;
2d1db3b1 1031 }
b20a3503
CL		 1032 }
1033 }
78bd5209 1034 rc = nr_failed + retry;
95a402c3 1035out:
5647bc29
MG		 1036 if (nr_succeeded)
1037 count_vm_events(PGMIGRATE_SUCCESS, nr_succeeded);
1038 if (nr_failed)
1039 count_vm_events(PGMIGRATE_FAIL, nr_failed);
7b2a2d4a
MG		 1040 trace_mm_migrate_pages(nr_succeeded, nr_failed, mode, reason);
1041
b20a3503
CL		 1042 if (!swapwrite)
1043 current->flags &= ~PF_SWAPWRITE;
1044
78bd5209 1045 return rc;
b20a3503 1046}
95a402c3 1047
189ebff2
AK		 1048int migrate_huge_page(struct page *hpage, new_page_t get_new_page,
1049 unsigned long private, bool offlining,
1050 enum migrate_mode mode)
290408d4 1051{
189ebff2
AK		 1052 int pass, rc;
1053
1054 for (pass = 0; pass < 10; pass++) {
1055 rc = unmap_and_move_huge_page(get_new_page,
1056 private, hpage, pass > 2, offlining,
1057 mode);
1058 switch (rc) {
1059 case -ENOMEM:
1060 goto out;
1061 case -EAGAIN:
1062 /* try again */
290408d4 1063 cond_resched();
189ebff2 1064 break;
78bd5209 1065 case MIGRATEPAGE_SUCCESS:
189ebff2
AK		 1066 goto out;
1067 default:
1068 rc = -EIO;
1069 goto out;
290408d4
NH		 1070 }
1071 }
290408d4 1072out:
189ebff2 1073 return rc;
290408d4
NH		 1074}
1075
742755a1
CL		 1076#ifdef CONFIG_NUMA
1077/*
1078 * Move a list of individual pages
1079 */
1080struct page_to_node {
1081 unsigned long addr;
1082 struct page *page;
1083 int node;
1084 int status;
1085};
1086
1087static struct page *new_page_node(struct page *p, unsigned long private,
1088 int **result)
1089{
1090 struct page_to_node *pm = (struct page_to_node *)private;
1091
1092 while (pm->node != MAX_NUMNODES && pm->page != p)
1093 pm++;
1094
1095 if (pm->node == MAX_NUMNODES)
1096 return NULL;
1097
1098 *result = &pm->status;
1099
6484eb3e 1100 return alloc_pages_exact_node(pm->node,
769848c0 1101 GFP_HIGHUSER_MOVABLE | GFP_THISNODE, 0);
742755a1
CL		 1102}
1103
1104/*
1105 * Move a set of pages as indicated in the pm array. The addr
1106 * field must be set to the virtual address of the page to be moved
1107 * and the node number must contain a valid target node.
5e9a0f02 1108 * The pm array ends with node = MAX_NUMNODES.
742755a1 1109 */
5e9a0f02
BG		 1110static int do_move_page_to_node_array(struct mm_struct *mm,
1111 struct page_to_node *pm,
1112 int migrate_all)
742755a1
CL		 1113{
1114 int err;
1115 struct page_to_node *pp;
1116 LIST_HEAD(pagelist);
1117
1118 down_read(&mm->mmap_sem);
1119
1120 /*
1121 * Build a list of pages to migrate
1122 */
742755a1
CL		 1123 for (pp = pm; pp->node != MAX_NUMNODES; pp++) {
1124 struct vm_area_struct *vma;
1125 struct page *page;
1126
742755a1
CL		 1127 err = -EFAULT;
1128 vma = find_vma(mm, pp->addr);
70384dc6 1129 if (!vma || pp->addr < vma->vm_start || !vma_migratable(vma))
742755a1
CL		 1130 goto set_status;
1131
500d65d4 1132 page = follow_page(vma, pp->addr, FOLL_GET|FOLL_SPLIT);
89f5b7da
LT		 1133
1134 err = PTR_ERR(page);
1135 if (IS_ERR(page))
1136 goto set_status;
1137
742755a1
CL		 1138 err = -ENOENT;
1139 if (!page)
1140 goto set_status;
1141
62b61f61 1142 /* Use PageReserved to check for zero page */
b79bc0a0 1143 if (PageReserved(page))
742755a1
CL		 1144 goto put_and_set;
1145
1146 pp->page = page;
1147 err = page_to_nid(page);
1148
1149 if (err == pp->node)
1150 /*
1151 * Node already in the right place
1152 */
1153 goto put_and_set;
1154
1155 err = -EACCES;
1156 if (page_mapcount(page) > 1 &&
1157 !migrate_all)
1158 goto put_and_set;
1159
62695a84 1160 err = isolate_lru_page(page);
6d9c285a 1161 if (!err) {
62695a84 1162 list_add_tail(&page->lru, &pagelist);
6d9c285a
KM		 1163 inc_zone_page_state(page, NR_ISOLATED_ANON +
1164 page_is_file_cache(page));
1165 }
742755a1
CL		 1166put_and_set:
1167 /*
1168 * Either remove the duplicate refcount from
1169 * isolate_lru_page() or drop the page ref if it was
1170 * not isolated.
1171 */
1172 put_page(page);
1173set_status:
1174 pp->status = err;
1175 }
1176
e78bbfa8 1177 err = 0;
cf608ac1 1178 if (!list_empty(&pagelist)) {
742755a1 1179 err = migrate_pages(&pagelist, new_page_node,
7b2a2d4a
MG		 1180 (unsigned long)pm, 0, MIGRATE_SYNC,
1181 MR_SYSCALL);
cf608ac1
MK		 1182 if (err)
1183 putback_lru_pages(&pagelist);
1184 }
742755a1
CL		 1185
1186 up_read(&mm->mmap_sem);
1187 return err;
1188}
1189
5e9a0f02
BG		 1190/*
1191 * Migrate an array of page address onto an array of nodes and fill
1192 * the corresponding array of status.
1193 */
3268c63e 1194static int do_pages_move(struct mm_struct *mm, nodemask_t task_nodes,
5e9a0f02
BG		 1195 unsigned long nr_pages,
1196 const void __user * __user *pages,
1197 const int __user *nodes,
1198 int __user *status, int flags)
1199{
3140a227 1200 struct page_to_node *pm;
3140a227
BG		 1201 unsigned long chunk_nr_pages;
1202 unsigned long chunk_start;
1203 int err;
5e9a0f02 1204
3140a227
BG		 1205 err = -ENOMEM;
1206 pm = (struct page_to_node *)__get_free_page(GFP_KERNEL);
1207 if (!pm)
5e9a0f02 1208 goto out;
35282a2d
BG		 1209
1210 migrate_prep();
1211
5e9a0f02 1212 /*
3140a227
BG		 1213 * Store a chunk of page_to_node array in a page,
1214 * but keep the last one as a marker
5e9a0f02 1215 */
3140a227 1216 chunk_nr_pages = (PAGE_SIZE / sizeof(struct page_to_node)) - 1;
5e9a0f02 1217
3140a227
BG		 1218 for (chunk_start = 0;
1219 chunk_start < nr_pages;
1220 chunk_start += chunk_nr_pages) {
1221 int j;
5e9a0f02 1222
3140a227
BG		 1223 if (chunk_start + chunk_nr_pages > nr_pages)
1224 chunk_nr_pages = nr_pages - chunk_start;
1225
1226 /* fill the chunk pm with addrs and nodes from user-space */
1227 for (j = 0; j < chunk_nr_pages; j++) {
1228 const void __user *p;
5e9a0f02
BG		 1229 int node;
1230
3140a227
BG		 1231 err = -EFAULT;
1232 if (get_user(p, pages + j + chunk_start))
1233 goto out_pm;
1234 pm[j].addr = (unsigned long) p;
1235
1236 if (get_user(node, nodes + j + chunk_start))
5e9a0f02
BG		 1237 goto out_pm;
1238
1239 err = -ENODEV;
6f5a55f1
LT		 1240 if (node < 0 || node >= MAX_NUMNODES)
1241 goto out_pm;
1242
389162c2 1243 if (!node_state(node, N_MEMORY))
5e9a0f02
BG		 1244 goto out_pm;
1245
1246 err = -EACCES;
1247 if (!node_isset(node, task_nodes))
1248 goto out_pm;
1249
3140a227
BG		 1250 pm[j].node = node;
1251 }
1252
1253 /* End marker for this chunk */
1254 pm[chunk_nr_pages].node = MAX_NUMNODES;
1255
1256 /* Migrate this chunk */
1257 err = do_move_page_to_node_array(mm, pm,
1258 flags & MPOL_MF_MOVE_ALL);
1259 if (err < 0)
1260 goto out_pm;
5e9a0f02 1261
5e9a0f02 1262 /* Return status information */
3140a227
BG		 1263 for (j = 0; j < chunk_nr_pages; j++)
1264 if (put_user(pm[j].status, status + j + chunk_start)) {
5e9a0f02 1265 err = -EFAULT;
3140a227
BG		 1266 goto out_pm;
1267 }
1268 }
1269 err = 0;
5e9a0f02
BG		 1270
1271out_pm:
3140a227 1272 free_page((unsigned long)pm);
5e9a0f02
BG		 1273out:
1274 return err;
1275}
1276
742755a1 1277/*
2f007e74 1278 * Determine the nodes of an array of pages and store it in an array of status.
742755a1 1279 */
80bba129
BG		 1280static void do_pages_stat_array(struct mm_struct *mm, unsigned long nr_pages,
1281 const void __user **pages, int *status)
742755a1 1282{
2f007e74 1283 unsigned long i;
2f007e74 1284
742755a1
CL		 1285 down_read(&mm->mmap_sem);
1286
2f007e74 1287 for (i = 0; i < nr_pages; i++) {
80bba129 1288 unsigned long addr = (unsigned long)(*pages);
742755a1
CL		 1289 struct vm_area_struct *vma;
1290 struct page *page;
c095adbc 1291 int err = -EFAULT;
2f007e74
BG		 1292
1293 vma = find_vma(mm, addr);
70384dc6 1294 if (!vma || addr < vma->vm_start)
742755a1
CL		 1295 goto set_status;
1296
2f007e74 1297 page = follow_page(vma, addr, 0);
89f5b7da
LT		 1298
1299 err = PTR_ERR(page);
1300 if (IS_ERR(page))
1301 goto set_status;
1302
742755a1
CL		 1303 err = -ENOENT;
1304 /* Use PageReserved to check for zero page */
b79bc0a0 1305 if (!page || PageReserved(page))
742755a1
CL		 1306 goto set_status;
1307
1308 err = page_to_nid(page);
1309set_status:
80bba129
BG		 1310 *status = err;
1311
1312 pages++;
1313 status++;
1314 }
1315
1316 up_read(&mm->mmap_sem);
1317}
1318
1319/*
1320 * Determine the nodes of a user array of pages and store it in
1321 * a user array of status.
1322 */
1323static int do_pages_stat(struct mm_struct *mm, unsigned long nr_pages,
1324 const void __user * __user *pages,
1325 int __user *status)
1326{
1327#define DO_PAGES_STAT_CHUNK_NR 16
1328 const void __user *chunk_pages[DO_PAGES_STAT_CHUNK_NR];
1329 int chunk_status[DO_PAGES_STAT_CHUNK_NR];
80bba129 1330
87b8d1ad
PA		 1331 while (nr_pages) {
1332 unsigned long chunk_nr;
80bba129 1333
87b8d1ad
PA		 1334 chunk_nr = nr_pages;
1335 if (chunk_nr > DO_PAGES_STAT_CHUNK_NR)
1336 chunk_nr = DO_PAGES_STAT_CHUNK_NR;
1337
1338 if (copy_from_user(chunk_pages, pages, chunk_nr * sizeof(*chunk_pages)))
1339 break;
80bba129
BG		 1340
1341 do_pages_stat_array(mm, chunk_nr, chunk_pages, chunk_status);
1342
87b8d1ad
PA		 1343 if (copy_to_user(status, chunk_status, chunk_nr * sizeof(*status)))
1344 break;
742755a1 1345
87b8d1ad
PA		 1346 pages += chunk_nr;
1347 status += chunk_nr;
1348 nr_pages -= chunk_nr;
1349 }
1350 return nr_pages ? -EFAULT : 0;
742755a1
CL		 1351}
1352
1353/*
1354 * Move a list of pages in the address space of the currently executing
1355 * process.
1356 */
938bb9f5
HC		 1357SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages,
1358 const void __user * __user *, pages,
1359 const int __user *, nodes,
1360 int __user *, status, int, flags)
742755a1 1361{
c69e8d9c 1362 const struct cred *cred = current_cred(), *tcred;
742755a1 1363 struct task_struct *task;
742755a1 1364 struct mm_struct *mm;
5e9a0f02 1365 int err;
3268c63e 1366 nodemask_t task_nodes;
742755a1
CL		 1367
1368 /* Check flags */
1369 if (flags & ~(MPOL_MF_MOVE|MPOL_MF_MOVE_ALL))
1370 return -EINVAL;
1371
1372 if ((flags & MPOL_MF_MOVE_ALL) && !capable(CAP_SYS_NICE))
1373 return -EPERM;
1374
1375 /* Find the mm_struct */
a879bf58 1376 rcu_read_lock();
228ebcbe 1377 task = pid ? find_task_by_vpid(pid) : current;
742755a1 1378 if (!task) {
a879bf58 1379 rcu_read_unlock();
742755a1
CL		 1380 return -ESRCH;
1381 }
3268c63e 1382 get_task_struct(task);
742755a1
CL		 1383
1384 /*
1385 * Check if this process has the right to modify the specified
1386 * process. The right exists if the process has administrative
1387 * capabilities, superuser privileges or the same
1388 * userid as the target process.
1389 */
c69e8d9c 1390 tcred = __task_cred(task);
b38a86eb
EB		 1391 if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) &&
1392 !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) &&
742755a1 1393 !capable(CAP_SYS_NICE)) {
c69e8d9c 1394 rcu_read_unlock();
742755a1 1395 err = -EPERM;
5e9a0f02 1396 goto out;
742755a1 1397 }
c69e8d9c 1398 rcu_read_unlock();
742755a1 1399
86c3a764
DQ		 1400 err = security_task_movememory(task);
1401 if (err)
5e9a0f02 1402 goto out;
86c3a764 1403
3268c63e
CL		 1404 task_nodes = cpuset_mems_allowed(task);
1405 mm = get_task_mm(task);
1406 put_task_struct(task);
1407
6e8b09ea
SL		 1408 if (!mm)
1409 return -EINVAL;
1410
1411 if (nodes)
1412 err = do_pages_move(mm, task_nodes, nr_pages, pages,
1413 nodes, status, flags);
1414 else
1415 err = do_pages_stat(mm, nr_pages, pages, status);
742755a1 1416
742755a1
CL		 1417 mmput(mm);
1418 return err;
3268c63e
CL		 1419
1420out:
1421 put_task_struct(task);
1422 return err;
742755a1 1423}
742755a1 1424
7b2259b3
CL		 1425/*
1426 * Call migration functions in the vma_ops that may prepare
1427 * memory in a vm for migration. migration functions may perform
1428 * the migration for vmas that do not have an underlying page struct.
1429 */
1430int migrate_vmas(struct mm_struct *mm, const nodemask_t *to,
1431 const nodemask_t *from, unsigned long flags)
1432{
1433 struct vm_area_struct *vma;
1434 int err = 0;
1435
1001c9fb 1436 for (vma = mm->mmap; vma && !err; vma = vma->vm_next) {
7b2259b3
CL		 1437 if (vma->vm_ops && vma->vm_ops->migrate) {
1438 err = vma->vm_ops->migrate(vma, to, from, flags);
1439 if (err)
1440 break;
1441 }
1442 }
1443 return err;
1444}
7039e1db
PZ		 1445
1446#ifdef CONFIG_NUMA_BALANCING
1447/*
1448 * Returns true if this is a safe migration target node for misplaced NUMA
1449 * pages. Currently it only checks the watermarks which crude
1450 */
1451static bool migrate_balanced_pgdat(struct pglist_data *pgdat,
3abef4e6 1452 unsigned long nr_migrate_pages)
7039e1db
PZ		 1453{
1454 int z;
1455 for (z = pgdat->nr_zones - 1; z >= 0; z--) {
1456 struct zone *zone = pgdat->node_zones + z;
1457
1458 if (!populated_zone(zone))
1459 continue;
1460
1461 if (zone->all_unreclaimable)
1462 continue;
1463
1464 /* Avoid waking kswapd by allocating pages_to_migrate pages. */
1465 if (!zone_watermark_ok(zone, 0,
1466 high_wmark_pages(zone) +
1467 nr_migrate_pages,
1468 0, 0))
1469 continue;
1470 return true;
1471 }
1472 return false;
1473}
1474
1475static struct page *alloc_misplaced_dst_page(struct page *page,
1476 unsigned long data,
1477 int **result)
1478{
1479 int nid = (int) data;
1480 struct page *newpage;
1481
1482 newpage = alloc_pages_exact_node(nid,
1483 (GFP_HIGHUSER_MOVABLE | GFP_THISNODE |
1484 __GFP_NOMEMALLOC | __GFP_NORETRY |
1485 __GFP_NOWARN) &
1486 ~GFP_IOFS, 0);
bac0382c 1487 if (newpage)
22b751c3 1488 page_nid_xchg_last(newpage, page_nid_last(page));
bac0382c 1489
7039e1db
PZ		 1490 return newpage;
1491}
1492
a8f60772
MG		 1493/*
1494 * page migration rate limiting control.
1495 * Do not migrate more than @pages_to_migrate in a @migrate_interval_millisecs
1496 * window of time. Default here says do not migrate more than 1280M per second.
e14808b4
MG		 1497 * If a node is rate-limited then PTE NUMA updates are also rate-limited. However
1498 * as it is faults that reset the window, pte updates will happen unconditionally
1499 * if there has not been a fault since @pteupdate_interval_millisecs after the
1500 * throttle window closed.
a8f60772
MG		 1501 */
1502static unsigned int migrate_interval_millisecs __read_mostly = 100;
e14808b4 1503static unsigned int pteupdate_interval_millisecs __read_mostly = 1000;
a8f60772
MG		 1504static unsigned int ratelimit_pages __read_mostly = 128 << (20 - PAGE_SHIFT);
1505
e14808b4
MG		 1506/* Returns true if NUMA migration is currently rate limited */
1507bool migrate_ratelimited(int node)
1508{
1509 pg_data_t *pgdat = NODE_DATA(node);
1510
1511 if (time_after(jiffies, pgdat->numabalancing_migrate_next_window +
1512 msecs_to_jiffies(pteupdate_interval_millisecs)))
1513 return false;
1514
1515 if (pgdat->numabalancing_migrate_nr_pages < ratelimit_pages)
1516 return false;
1517
1518 return true;
1519}
1520
b32967ff 1521/* Returns true if the node is migrate rate-limited after the update */
d28d4335 1522bool numamigrate_update_ratelimit(pg_data_t *pgdat, unsigned long nr_pages)
7039e1db 1523{
b32967ff 1524 bool rate_limited = false;
7039e1db 1525
a8f60772
MG		 1526 /*
1527 * Rate-limit the amount of data that is being migrated to a node.
1528 * Optimal placement is no good if the memory bus is saturated and
1529 * all the time is being spent migrating!
1530 */
1531 spin_lock(&pgdat->numabalancing_migrate_lock);
1532 if (time_after(jiffies, pgdat->numabalancing_migrate_next_window)) {
1533 pgdat->numabalancing_migrate_nr_pages = 0;
1534 pgdat->numabalancing_migrate_next_window = jiffies +
1535 msecs_to_jiffies(migrate_interval_millisecs);
1536 }
b32967ff
MG		 1537 if (pgdat->numabalancing_migrate_nr_pages > ratelimit_pages)
1538 rate_limited = true;
1539 else
d28d4335 1540 pgdat->numabalancing_migrate_nr_pages += nr_pages;
a8f60772 1541 spin_unlock(&pgdat->numabalancing_migrate_lock);
b32967ff
MG		 1542
1543 return rate_limited;
1544}
1545
1546int numamigrate_isolate_page(pg_data_t *pgdat, struct page *page)
1547{
340ef390 1548 int page_lru;
a8f60772 1549
3abef4e6
MG		 1550 VM_BUG_ON(compound_order(page) && !PageTransHuge(page));
1551
7039e1db 1552 /* Avoid migrating to a node that is nearly full */
340ef390
HD		 1553 if (!migrate_balanced_pgdat(pgdat, 1UL << compound_order(page)))
1554 return 0;
7039e1db 1555
340ef390
HD		 1556 if (isolate_lru_page(page))
1557 return 0;
7039e1db 1558
340ef390
HD		 1559 /*
1560 * migrate_misplaced_transhuge_page() skips page migration's usual
1561 * check on page_count(), so we must do it here, now that the page
1562 * has been isolated: a GUP pin, or any other pin, prevents migration.
1563 * The expected page count is 3: 1 for page's mapcount and 1 for the
1564 * caller's pin and 1 for the reference taken by isolate_lru_page().
1565 */
1566 if (PageTransHuge(page) && page_count(page) != 3) {
1567 putback_lru_page(page);
1568 return 0;
7039e1db
PZ		 1569 }
1570
340ef390
HD		 1571 page_lru = page_is_file_cache(page);
1572 mod_zone_page_state(page_zone(page), NR_ISOLATED_ANON + page_lru,
1573 hpage_nr_pages(page));
1574
149c33e1 1575 /*
340ef390
HD		 1576 * Isolating the page has taken another reference, so the
1577 * caller's reference can be safely dropped without the page
1578 * disappearing underneath us during migration.
149c33e1
MG		 1579 */
1580 put_page(page);
340ef390 1581 return 1;
b32967ff
MG		 1582}
1583
1584/*
1585 * Attempt to migrate a misplaced page to the specified destination
1586 * node. Caller is expected to have an elevated reference count on
1587 * the page that will be dropped by this function before returning.
1588 */
1589int migrate_misplaced_page(struct page *page, int node)
1590{
1591 pg_data_t *pgdat = NODE_DATA(node);
340ef390 1592 int isolated;
b32967ff
MG		 1593 int nr_remaining;
1594 LIST_HEAD(migratepages);
1595
1596 /*
1597 * Don't migrate pages that are mapped in multiple processes.
1598 * TODO: Handle false sharing detection instead of this hammer
1599 */
340ef390 1600 if (page_mapcount(page) != 1)
b32967ff 1601 goto out;
b32967ff
MG		 1602
1603 /*
1604 * Rate-limit the amount of data that is being migrated to a node.
1605 * Optimal placement is no good if the memory bus is saturated and
1606 * all the time is being spent migrating!
1607 */
340ef390 1608 if (numamigrate_update_ratelimit(pgdat, 1))
b32967ff 1609 goto out;
b32967ff
MG		 1610
1611 isolated = numamigrate_isolate_page(pgdat, page);
1612 if (!isolated)
1613 goto out;
1614
1615 list_add(&page->lru, &migratepages);
1616 nr_remaining = migrate_pages(&migratepages,
1617 alloc_misplaced_dst_page,
1618 node, false, MIGRATE_ASYNC,
1619 MR_NUMA_MISPLACED);
1620 if (nr_remaining) {
1621 putback_lru_pages(&migratepages);
1622 isolated = 0;
1623 } else
1624 count_vm_numa_event(NUMA_PAGE_MIGRATE);
7039e1db 1625 BUG_ON(!list_empty(&migratepages));
7039e1db 1626 return isolated;
340ef390
HD		 1627
1628out:
1629 put_page(page);
1630 return 0;
7039e1db 1631}
220018d3 1632#endif /* CONFIG_NUMA_BALANCING */
b32967ff 1633
220018d3 1634#if defined(CONFIG_NUMA_BALANCING) && defined(CONFIG_TRANSPARENT_HUGEPAGE)
340ef390
HD		 1635/*
1636 * Migrates a THP to a given target node. page must be locked and is unlocked
1637 * before returning.
1638 */
b32967ff
MG		 1639int migrate_misplaced_transhuge_page(struct mm_struct *mm,
1640 struct vm_area_struct *vma,
1641 pmd_t *pmd, pmd_t entry,
1642 unsigned long address,
1643 struct page *page, int node)
1644{
1645 unsigned long haddr = address & HPAGE_PMD_MASK;
1646 pg_data_t *pgdat = NODE_DATA(node);
1647 int isolated = 0;
1648 struct page *new_page = NULL;
1649 struct mem_cgroup *memcg = NULL;
1650 int page_lru = page_is_file_cache(page);
1651
1652 /*
1653 * Don't migrate pages that are mapped in multiple processes.
1654 * TODO: Handle false sharing detection instead of this hammer
1655 */
1656 if (page_mapcount(page) != 1)
1657 goto out_dropref;
1658
1659 /*
1660 * Rate-limit the amount of data that is being migrated to a node.
1661 * Optimal placement is no good if the memory bus is saturated and
1662 * all the time is being spent migrating!
1663 */
d28d4335 1664 if (numamigrate_update_ratelimit(pgdat, HPAGE_PMD_NR))
b32967ff
MG		 1665 goto out_dropref;
1666
1667 new_page = alloc_pages_node(node,
1668 (GFP_TRANSHUGE | GFP_THISNODE) & ~__GFP_WAIT, HPAGE_PMD_ORDER);
340ef390
HD		 1669 if (!new_page)
1670 goto out_fail;
1671
22b751c3 1672 page_nid_xchg_last(new_page, page_nid_last(page));
b32967ff
MG		 1673
1674 isolated = numamigrate_isolate_page(pgdat, page);
340ef390 1675 if (!isolated) {
b32967ff 1676 put_page(new_page);
340ef390 1677 goto out_fail;
b32967ff
MG		 1678 }
1679
1680 /* Prepare a page as a migration target */
1681 __set_page_locked(new_page);
1682 SetPageSwapBacked(new_page);
1683
1684 /* anon mapping, we can simply copy page->mapping to the new page: */
1685 new_page->mapping = page->mapping;
1686 new_page->index = page->index;
1687 migrate_page_copy(new_page, page);
1688 WARN_ON(PageLRU(new_page));
1689
1690 /* Recheck the target PMD */
1691 spin_lock(&mm->page_table_lock);
1692 if (unlikely(!pmd_same(*pmd, entry))) {
1693 spin_unlock(&mm->page_table_lock);
1694
1695 /* Reverse changes made by migrate_page_copy() */
1696 if (TestClearPageActive(new_page))
1697 SetPageActive(page);
1698 if (TestClearPageUnevictable(new_page))
1699 SetPageUnevictable(page);
1700 mlock_migrate_page(page, new_page);
1701
1702 unlock_page(new_page);
1703 put_page(new_page); /* Free it */
1704
1705 unlock_page(page);
1706 putback_lru_page(page);
1707
1708 count_vm_events(PGMIGRATE_FAIL, HPAGE_PMD_NR);
340ef390 1709 isolated = 0;
b32967ff
MG		 1710 goto out;
1711 }
1712
1713 /*
1714 * Traditional migration needs to prepare the memcg charge
1715 * transaction early to prevent the old page from being
1716 * uncharged when installing migration entries. Here we can
1717 * save the potential rollback and start the charge transfer
1718 * only when migration is already known to end successfully.
1719 */
1720 mem_cgroup_prepare_migration(page, new_page, &memcg);
1721
1722 entry = mk_pmd(new_page, vma->vm_page_prot);
1723 entry = pmd_mknonnuma(entry);
1724 entry = maybe_pmd_mkwrite(pmd_mkdirty(entry), vma);
1725 entry = pmd_mkhuge(entry);
1726
1727 page_add_new_anon_rmap(new_page, vma, haddr);
1728
1729 set_pmd_at(mm, haddr, pmd, entry);
ce4a9cc5 1730 update_mmu_cache_pmd(vma, address, &entry);
b32967ff
MG		 1731 page_remove_rmap(page);
1732 /*
1733 * Finish the charge transaction under the page table lock to
1734 * prevent split_huge_page() from dividing up the charge
1735 * before it's fully transferred to the new page.
1736 */
1737 mem_cgroup_end_migration(memcg, page, new_page, true);
1738 spin_unlock(&mm->page_table_lock);
1739
1740 unlock_page(new_page);
1741 unlock_page(page);
1742 put_page(page); /* Drop the rmap reference */
1743 put_page(page); /* Drop the LRU isolation reference */
1744
1745 count_vm_events(PGMIGRATE_SUCCESS, HPAGE_PMD_NR);
1746 count_vm_numa_events(NUMA_PAGE_MIGRATE, HPAGE_PMD_NR);
1747
1748out:
1749 mod_zone_page_state(page_zone(page),
1750 NR_ISOLATED_ANON + page_lru,
1751 -HPAGE_PMD_NR);
1752 return isolated;
1753
340ef390
HD		 1754out_fail:
1755 count_vm_events(PGMIGRATE_FAIL, HPAGE_PMD_NR);
b32967ff 1756out_dropref:
340ef390 1757 unlock_page(page);
b32967ff 1758 put_page(page);
b32967ff
MG		 1759 return 0;
1760}
7039e1db
PZ		 1761#endif /* CONFIG_NUMA_BALANCING */
1762
1763#endif /* CONFIG_NUMA */
Ubuntu Jammy Linux kernel mirror