]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - mm/swapfile.c
projects / mirror_ubuntu-jammy-kernel.git / blob
? search:


eb71b5d9430ba73cba79586ddd29acdd2cdbb759
[mirror_ubuntu-jammy-kernel.git] / mm / swapfile.c
1 /*
2 * linux/mm/swapfile.c
3 *
4 * Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds
5 * Swap reorganised 29.12.95, Stephen Tweedie
6 */
7
8 #include <linux/mm.h>
9 #include <linux/hugetlb.h>
10 #include <linux/mman.h>
11 #include <linux/slab.h>
12 #include <linux/kernel_stat.h>
13 #include <linux/swap.h>
14 #include <linux/vmalloc.h>
15 #include <linux/pagemap.h>
16 #include <linux/namei.h>
17 #include <linux/shmem_fs.h>
18 #include <linux/blkdev.h>
19 #include <linux/random.h>
20 #include <linux/writeback.h>
21 #include <linux/proc_fs.h>
22 #include <linux/seq_file.h>
23 #include <linux/init.h>
24 #include <linux/ksm.h>
25 #include <linux/rmap.h>
26 #include <linux/security.h>
27 #include <linux/backing-dev.h>
28 #include <linux/mutex.h>
29 #include <linux/capability.h>
30 #include <linux/syscalls.h>
31 #include <linux/memcontrol.h>
32 #include <linux/poll.h>
33 #include <linux/oom.h>
34 #include <linux/frontswap.h>
35 #include <linux/swapfile.h>
36 #include <linux/export.h>
37
38 #include <asm/pgtable.h>
39 #include <asm/tlbflush.h>
40 #include <linux/swapops.h>
41 #include <linux/swap_cgroup.h>
42
43 static bool swap_count_continued(struct swap_info_struct *, pgoff_t,
44 unsigned char);
45 static void free_swap_count_continuations(struct swap_info_struct *);
46 static sector_t map_swap_entry(swp_entry_t, struct block_device**);
47
48 DEFINE_SPINLOCK(swap_lock);
49 static unsigned int nr_swapfiles;
50 atomic_long_t nr_swap_pages;
51 /*
52 * Some modules use swappable objects and may try to swap them out under
53 * memory pressure (via the shrinker). Before doing so, they may wish to
54 * check to see if any swap space is available.
55 */
56 EXPORT_SYMBOL_GPL(nr_swap_pages);
57 /* protected with swap_lock. reading in vm_swap_full() doesn't need lock */
58 long total_swap_pages;
59 static int least_priority;
60
61 static const char Bad_file[] = "Bad swap file entry ";
62 static const char Unused_file[] = "Unused swap file entry ";
63 static const char Bad_offset[] = "Bad swap offset entry ";
64 static const char Unused_offset[] = "Unused swap offset entry ";
65
66 /*
67 * all active swap_info_structs
68 * protected with swap_lock, and ordered by priority.
69 */
70 PLIST_HEAD(swap_active_head);
71
72 /*
73 * all available (active, not full) swap_info_structs
74 * protected with swap_avail_lock, ordered by priority.
75 * This is used by get_swap_page() instead of swap_active_head
76 * because swap_active_head includes all swap_info_structs,
77 * but get_swap_page() doesn't need to look at full ones.
78 * This uses its own lock instead of swap_lock because when a
79 * swap_info_struct changes between not-full/full, it needs to
80 * add/remove itself to/from this list, but the swap_info_struct->lock
81 * is held and the locking order requires swap_lock to be taken
82 * before any swap_info_struct->lock.
83 */
84 static PLIST_HEAD(swap_avail_head);
85 static DEFINE_SPINLOCK(swap_avail_lock);
86
87 struct swap_info_struct *swap_info[MAX_SWAPFILES];
88
89 static DEFINE_MUTEX(swapon_mutex);
90
91 static DECLARE_WAIT_QUEUE_HEAD(proc_poll_wait);
92 /* Activity counter to indicate that a swapon or swapoff has occurred */
93 static atomic_t proc_poll_event = ATOMIC_INIT(0);
94
95 static inline unsigned char swap_count(unsigned char ent)
96 {
97 return ent & ~SWAP_HAS_CACHE; /* may include SWAP_HAS_CONT flag */
98 }
99
100 /* returns 1 if swap entry is freed */
101 static int
102 __try_to_reclaim_swap(struct swap_info_struct *si, unsigned long offset)
103 {
104 swp_entry_t entry = swp_entry(si->type, offset);
105 struct page *page;
106 int ret = 0;
107
108 page = find_get_page(swap_address_space(entry), swp_offset(entry));
109 if (!page)
110 return 0;
111 /*
112 * This function is called from scan_swap_map() and it's called
113 * by vmscan.c at reclaiming pages. So, we hold a lock on a page, here.
114 * We have to use trylock for avoiding deadlock. This is a special
115 * case and you should use try_to_free_swap() with explicit lock_page()
116 * in usual operations.
117 */
118 if (trylock_page(page)) {
119 ret = try_to_free_swap(page);
120 unlock_page(page);
121 }
122 put_page(page);
123 return ret;
124 }
125
126 /*
127 * swapon tell device that all the old swap contents can be discarded,
128 * to allow the swap device to optimize its wear-levelling.
129 */
130 static int discard_swap(struct swap_info_struct *si)
131 {
132 struct swap_extent *se;
133 sector_t start_block;
134 sector_t nr_blocks;
135 int err = 0;
136
137 /* Do not discard the swap header page! */
138 se = &si->first_swap_extent;
139 start_block = (se->start_block + 1) << (PAGE_SHIFT - 9);
140 nr_blocks = ((sector_t)se->nr_pages - 1) << (PAGE_SHIFT - 9);
141 if (nr_blocks) {
142 err = blkdev_issue_discard(si->bdev, start_block,
143 nr_blocks, GFP_KERNEL, 0);
144 if (err)
145 return err;
146 cond_resched();
147 }
148
149 list_for_each_entry(se, &si->first_swap_extent.list, list) {
150 start_block = se->start_block << (PAGE_SHIFT - 9);
151 nr_blocks = (sector_t)se->nr_pages << (PAGE_SHIFT - 9);
152
153 err = blkdev_issue_discard(si->bdev, start_block,
154 nr_blocks, GFP_KERNEL, 0);
155 if (err)
156 break;
157
158 cond_resched();
159 }
160 return err; /* That will often be -EOPNOTSUPP */
161 }
162
163 /*
164 * swap allocation tell device that a cluster of swap can now be discarded,
165 * to allow the swap device to optimize its wear-levelling.
166 */
167 static void discard_swap_cluster(struct swap_info_struct *si,
168 pgoff_t start_page, pgoff_t nr_pages)
169 {
170 struct swap_extent *se = si->curr_swap_extent;
171 int found_extent = 0;
172
173 while (nr_pages) {
174 if (se->start_page <= start_page &&
175 start_page < se->start_page + se->nr_pages) {
176 pgoff_t offset = start_page - se->start_page;
177 sector_t start_block = se->start_block + offset;
178 sector_t nr_blocks = se->nr_pages - offset;
179
180 if (nr_blocks > nr_pages)
181 nr_blocks = nr_pages;
182 start_page += nr_blocks;
183 nr_pages -= nr_blocks;
184
185 if (!found_extent++)
186 si->curr_swap_extent = se;
187
188 start_block <<= PAGE_SHIFT - 9;
189 nr_blocks <<= PAGE_SHIFT - 9;
190 if (blkdev_issue_discard(si->bdev, start_block,
191 nr_blocks, GFP_NOIO, 0))
192 break;
193 }
194
195 se = list_next_entry(se, list);
196 }
197 }
198
199 #define SWAPFILE_CLUSTER 256
200 #define LATENCY_LIMIT 256
201
202 static inline void cluster_set_flag(struct swap_cluster_info *info,
203 unsigned int flag)
204 {
205 info->flags = flag;
206 }
207
208 static inline unsigned int cluster_count(struct swap_cluster_info *info)
209 {
210 return info->data;
211 }
212
213 static inline void cluster_set_count(struct swap_cluster_info *info,
214 unsigned int c)
215 {
216 info->data = c;
217 }
218
219 static inline void cluster_set_count_flag(struct swap_cluster_info *info,
220 unsigned int c, unsigned int f)
221 {
222 info->flags = f;
223 info->data = c;
224 }
225
226 static inline unsigned int cluster_next(struct swap_cluster_info *info)
227 {
228 return info->data;
229 }
230
231 static inline void cluster_set_next(struct swap_cluster_info *info,
232 unsigned int n)
233 {
234 info->data = n;
235 }
236
237 static inline void cluster_set_next_flag(struct swap_cluster_info *info,
238 unsigned int n, unsigned int f)
239 {
240 info->flags = f;
241 info->data = n;
242 }
243
244 static inline bool cluster_is_free(struct swap_cluster_info *info)
245 {
246 return info->flags & CLUSTER_FLAG_FREE;
247 }
248
249 static inline bool cluster_is_null(struct swap_cluster_info *info)
250 {
251 return info->flags & CLUSTER_FLAG_NEXT_NULL;
252 }
253
254 static inline void cluster_set_null(struct swap_cluster_info *info)
255 {
256 info->flags = CLUSTER_FLAG_NEXT_NULL;
257 info->data = 0;
258 }
259
260 static inline struct swap_cluster_info *lock_cluster(struct swap_info_struct *si,
261 unsigned long offset)
262 {
263 struct swap_cluster_info *ci;
264
265 ci = si->cluster_info;
266 if (ci) {
267 ci += offset / SWAPFILE_CLUSTER;
268 spin_lock(&ci->lock);
269 }
270 return ci;
271 }
272
273 static inline void unlock_cluster(struct swap_cluster_info *ci)
274 {
275 if (ci)
276 spin_unlock(&ci->lock);
277 }
278
279 static inline struct swap_cluster_info *lock_cluster_or_swap_info(
280 struct swap_info_struct *si,
281 unsigned long offset)
282 {
283 struct swap_cluster_info *ci;
284
285 ci = lock_cluster(si, offset);
286 if (!ci)
287 spin_lock(&si->lock);
288
289 return ci;
290 }
291
292 static inline void unlock_cluster_or_swap_info(struct swap_info_struct *si,
293 struct swap_cluster_info *ci)
294 {
295 if (ci)
296 unlock_cluster(ci);
297 else
298 spin_unlock(&si->lock);
299 }
300
301 static inline bool cluster_list_empty(struct swap_cluster_list *list)
302 {
303 return cluster_is_null(&list->head);
304 }
305
306 static inline unsigned int cluster_list_first(struct swap_cluster_list *list)
307 {
308 return cluster_next(&list->head);
309 }
310
311 static void cluster_list_init(struct swap_cluster_list *list)
312 {
313 cluster_set_null(&list->head);
314 cluster_set_null(&list->tail);
315 }
316
317 static void cluster_list_add_tail(struct swap_cluster_list *list,
318 struct swap_cluster_info *ci,
319 unsigned int idx)
320 {
321 if (cluster_list_empty(list)) {
322 cluster_set_next_flag(&list->head, idx, 0);
323 cluster_set_next_flag(&list->tail, idx, 0);
324 } else {
325 struct swap_cluster_info *ci_tail;
326 unsigned int tail = cluster_next(&list->tail);
327
328 /*
329 * Nested cluster lock, but both cluster locks are
330 * only acquired when we held swap_info_struct->lock
331 */
332 ci_tail = ci + tail;
333 spin_lock_nested(&ci_tail->lock, SINGLE_DEPTH_NESTING);
334 cluster_set_next(ci_tail, idx);
335 unlock_cluster(ci_tail);
336 cluster_set_next_flag(&list->tail, idx, 0);
337 }
338 }
339
340 static unsigned int cluster_list_del_first(struct swap_cluster_list *list,
341 struct swap_cluster_info *ci)
342 {
343 unsigned int idx;
344
345 idx = cluster_next(&list->head);
346 if (cluster_next(&list->tail) == idx) {
347 cluster_set_null(&list->head);
348 cluster_set_null(&list->tail);
349 } else
350 cluster_set_next_flag(&list->head,
351 cluster_next(&ci[idx]), 0);
352
353 return idx;
354 }
355
356 /* Add a cluster to discard list and schedule it to do discard */
357 static void swap_cluster_schedule_discard(struct swap_info_struct *si,
358 unsigned int idx)
359 {
360 /*
361 * If scan_swap_map() can't find a free cluster, it will check
362 * si->swap_map directly. To make sure the discarding cluster isn't
363 * taken by scan_swap_map(), mark the swap entries bad (occupied). It
364 * will be cleared after discard
365 */
366 memset(si->swap_map + idx * SWAPFILE_CLUSTER,
367 SWAP_MAP_BAD, SWAPFILE_CLUSTER);
368
369 cluster_list_add_tail(&si->discard_clusters, si->cluster_info, idx);
370
371 schedule_work(&si->discard_work);
372 }
373
374 /*
375 * Doing discard actually. After a cluster discard is finished, the cluster
376 * will be added to free cluster list. caller should hold si->lock.
377 */
378 static void swap_do_scheduled_discard(struct swap_info_struct *si)
379 {
380 struct swap_cluster_info *info, *ci;
381 unsigned int idx;
382
383 info = si->cluster_info;
384
385 while (!cluster_list_empty(&si->discard_clusters)) {
386 idx = cluster_list_del_first(&si->discard_clusters, info);
387 spin_unlock(&si->lock);
388
389 discard_swap_cluster(si, idx * SWAPFILE_CLUSTER,
390 SWAPFILE_CLUSTER);
391
392 spin_lock(&si->lock);
393 ci = lock_cluster(si, idx * SWAPFILE_CLUSTER);
394 cluster_set_flag(ci, CLUSTER_FLAG_FREE);
395 unlock_cluster(ci);
396 cluster_list_add_tail(&si->free_clusters, info, idx);
397 ci = lock_cluster(si, idx * SWAPFILE_CLUSTER);
398 memset(si->swap_map + idx * SWAPFILE_CLUSTER,
399 0, SWAPFILE_CLUSTER);
400 unlock_cluster(ci);
401 }
402 }
403
404 static void swap_discard_work(struct work_struct *work)
405 {
406 struct swap_info_struct *si;
407
408 si = container_of(work, struct swap_info_struct, discard_work);
409
410 spin_lock(&si->lock);
411 swap_do_scheduled_discard(si);
412 spin_unlock(&si->lock);
413 }
414
415 /*
416 * The cluster corresponding to page_nr will be used. The cluster will be
417 * removed from free cluster list and its usage counter will be increased.
418 */
419 static void inc_cluster_info_page(struct swap_info_struct *p,
420 struct swap_cluster_info *cluster_info, unsigned long page_nr)
421 {
422 unsigned long idx = page_nr / SWAPFILE_CLUSTER;
423
424 if (!cluster_info)
425 return;
426 if (cluster_is_free(&cluster_info[idx])) {
427 VM_BUG_ON(cluster_list_first(&p->free_clusters) != idx);
428 cluster_list_del_first(&p->free_clusters, cluster_info);
429 cluster_set_count_flag(&cluster_info[idx], 0, 0);
430 }
431
432 VM_BUG_ON(cluster_count(&cluster_info[idx]) >= SWAPFILE_CLUSTER);
433 cluster_set_count(&cluster_info[idx],
434 cluster_count(&cluster_info[idx]) + 1);
435 }
436
437 /*
438 * The cluster corresponding to page_nr decreases one usage. If the usage
439 * counter becomes 0, which means no page in the cluster is in using, we can
440 * optionally discard the cluster and add it to free cluster list.
441 */
442 static void dec_cluster_info_page(struct swap_info_struct *p,
443 struct swap_cluster_info *cluster_info, unsigned long page_nr)
444 {
445 unsigned long idx = page_nr / SWAPFILE_CLUSTER;
446
447 if (!cluster_info)
448 return;
449
450 VM_BUG_ON(cluster_count(&cluster_info[idx]) == 0);
451 cluster_set_count(&cluster_info[idx],
452 cluster_count(&cluster_info[idx]) - 1);
453
454 if (cluster_count(&cluster_info[idx]) == 0) {
455 /*
456 * If the swap is discardable, prepare discard the cluster
457 * instead of free it immediately. The cluster will be freed
458 * after discard.
459 */
460 if ((p->flags & (SWP_WRITEOK | SWP_PAGE_DISCARD)) ==
461 (SWP_WRITEOK | SWP_PAGE_DISCARD)) {
462 swap_cluster_schedule_discard(p, idx);
463 return;
464 }
465
466 cluster_set_flag(&cluster_info[idx], CLUSTER_FLAG_FREE);
467 cluster_list_add_tail(&p->free_clusters, cluster_info, idx);
468 }
469 }
470
471 /*
472 * It's possible scan_swap_map() uses a free cluster in the middle of free
473 * cluster list. Avoiding such abuse to avoid list corruption.
474 */
475 static bool
476 scan_swap_map_ssd_cluster_conflict(struct swap_info_struct *si,
477 unsigned long offset)
478 {
479 struct percpu_cluster *percpu_cluster;
480 bool conflict;
481
482 offset /= SWAPFILE_CLUSTER;
483 conflict = !cluster_list_empty(&si->free_clusters) &&
484 offset != cluster_list_first(&si->free_clusters) &&
485 cluster_is_free(&si->cluster_info[offset]);
486
487 if (!conflict)
488 return false;
489
490 percpu_cluster = this_cpu_ptr(si->percpu_cluster);
491 cluster_set_null(&percpu_cluster->index);
492 return true;
493 }
494
495 /*
496 * Try to get a swap entry from current cpu's swap entry pool (a cluster). This
497 * might involve allocating a new cluster for current CPU too.
498 */
499 static void scan_swap_map_try_ssd_cluster(struct swap_info_struct *si,
500 unsigned long *offset, unsigned long *scan_base)
501 {
502 struct percpu_cluster *cluster;
503 struct swap_cluster_info *ci;
504 bool found_free;
505 unsigned long tmp, max;
506
507 new_cluster:
508 cluster = this_cpu_ptr(si->percpu_cluster);
509 if (cluster_is_null(&cluster->index)) {
510 if (!cluster_list_empty(&si->free_clusters)) {
511 cluster->index = si->free_clusters.head;
512 cluster->next = cluster_next(&cluster->index) *
513 SWAPFILE_CLUSTER;
514 } else if (!cluster_list_empty(&si->discard_clusters)) {
515 /*
516 * we don't have free cluster but have some clusters in
517 * discarding, do discard now and reclaim them
518 */
519 swap_do_scheduled_discard(si);
520 *scan_base = *offset = si->cluster_next;
521 goto new_cluster;
522 } else
523 return;
524 }
525
526 found_free = false;
527
528 /*
529 * Other CPUs can use our cluster if they can't find a free cluster,
530 * check if there is still free entry in the cluster
531 */
532 tmp = cluster->next;
533 max = min_t(unsigned long, si->max,
534 (cluster_next(&cluster->index) + 1) * SWAPFILE_CLUSTER);
535 if (tmp >= max) {
536 cluster_set_null(&cluster->index);
537 goto new_cluster;
538 }
539 ci = lock_cluster(si, tmp);
540 while (tmp < max) {
541 if (!si->swap_map[tmp]) {
542 found_free = true;
543 break;
544 }
545 tmp++;
546 }
547 unlock_cluster(ci);
548 if (!found_free) {
549 cluster_set_null(&cluster->index);
550 goto new_cluster;
551 }
552 cluster->next = tmp + 1;
553 *offset = tmp;
554 *scan_base = tmp;
555 }
556
557 static unsigned long scan_swap_map(struct swap_info_struct *si,
558 unsigned char usage)
559 {
560 struct swap_cluster_info *ci;
561 unsigned long offset;
562 unsigned long scan_base;
563 unsigned long last_in_cluster = 0;
564 int latency_ration = LATENCY_LIMIT;
565
566 /*
567 * We try to cluster swap pages by allocating them sequentially
568 * in swap. Once we've allocated SWAPFILE_CLUSTER pages this
569 * way, however, we resort to first-free allocation, starting
570 * a new cluster. This prevents us from scattering swap pages
571 * all over the entire swap partition, so that we reduce
572 * overall disk seek times between swap pages. -- sct
573 * But we do now try to find an empty cluster. -Andrea
574 * And we let swap pages go all over an SSD partition. Hugh
575 */
576
577 si->flags += SWP_SCANNING;
578 scan_base = offset = si->cluster_next;
579
580 /* SSD algorithm */
581 if (si->cluster_info) {
582 scan_swap_map_try_ssd_cluster(si, &offset, &scan_base);
583 goto checks;
584 }
585
586 if (unlikely(!si->cluster_nr--)) {
587 if (si->pages - si->inuse_pages < SWAPFILE_CLUSTER) {
588 si->cluster_nr = SWAPFILE_CLUSTER - 1;
589 goto checks;
590 }
591
592 spin_unlock(&si->lock);
593
594 /*
595 * If seek is expensive, start searching for new cluster from
596 * start of partition, to minimize the span of allocated swap.
597 * If seek is cheap, that is the SWP_SOLIDSTATE si->cluster_info
598 * case, just handled by scan_swap_map_try_ssd_cluster() above.
599 */
600 scan_base = offset = si->lowest_bit;
601 last_in_cluster = offset + SWAPFILE_CLUSTER - 1;
602
603 /* Locate the first empty (unaligned) cluster */
604 for (; last_in_cluster <= si->highest_bit; offset++) {
605 if (si->swap_map[offset])
606 last_in_cluster = offset + SWAPFILE_CLUSTER;
607 else if (offset == last_in_cluster) {
608 spin_lock(&si->lock);
609 offset -= SWAPFILE_CLUSTER - 1;
610 si->cluster_next = offset;
611 si->cluster_nr = SWAPFILE_CLUSTER - 1;
612 goto checks;
613 }
614 if (unlikely(--latency_ration < 0)) {
615 cond_resched();
616 latency_ration = LATENCY_LIMIT;
617 }
618 }
619
620 offset = scan_base;
621 spin_lock(&si->lock);
622 si->cluster_nr = SWAPFILE_CLUSTER - 1;
623 }
624
625 checks:
626 if (si->cluster_info) {
627 while (scan_swap_map_ssd_cluster_conflict(si, offset))
628 scan_swap_map_try_ssd_cluster(si, &offset, &scan_base);
629 }
630 if (!(si->flags & SWP_WRITEOK))
631 goto no_page;
632 if (!si->highest_bit)
633 goto no_page;
634 if (offset > si->highest_bit)
635 scan_base = offset = si->lowest_bit;
636
637 ci = lock_cluster(si, offset);
638 /* reuse swap entry of cache-only swap if not busy. */
639 if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
640 int swap_was_freed;
641 unlock_cluster(ci);
642 spin_unlock(&si->lock);
643 swap_was_freed = __try_to_reclaim_swap(si, offset);
644 spin_lock(&si->lock);
645 /* entry was freed successfully, try to use this again */
646 if (swap_was_freed)
647 goto checks;
648 goto scan; /* check next one */
649 }
650
651 if (si->swap_map[offset]) {
652 unlock_cluster(ci);
653 goto scan;
654 }
655
656 if (offset == si->lowest_bit)
657 si->lowest_bit++;
658 if (offset == si->highest_bit)
659 si->highest_bit--;
660 si->inuse_pages++;
661 if (si->inuse_pages == si->pages) {
662 si->lowest_bit = si->max;
663 si->highest_bit = 0;
664 spin_lock(&swap_avail_lock);
665 plist_del(&si->avail_list, &swap_avail_head);
666 spin_unlock(&swap_avail_lock);
667 }
668 si->swap_map[offset] = usage;
669 inc_cluster_info_page(si, si->cluster_info, offset);
670 unlock_cluster(ci);
671 si->cluster_next = offset + 1;
672 si->flags -= SWP_SCANNING;
673
674 return offset;
675
676 scan:
677 spin_unlock(&si->lock);
678 while (++offset <= si->highest_bit) {
679 if (!si->swap_map[offset]) {
680 spin_lock(&si->lock);
681 goto checks;
682 }
683 if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
684 spin_lock(&si->lock);
685 goto checks;
686 }
687 if (unlikely(--latency_ration < 0)) {
688 cond_resched();
689 latency_ration = LATENCY_LIMIT;
690 }
691 }
692 offset = si->lowest_bit;
693 while (offset < scan_base) {
694 if (!si->swap_map[offset]) {
695 spin_lock(&si->lock);
696 goto checks;
697 }
698 if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
699 spin_lock(&si->lock);
700 goto checks;
701 }
702 if (unlikely(--latency_ration < 0)) {
703 cond_resched();
704 latency_ration = LATENCY_LIMIT;
705 }
706 offset++;
707 }
708 spin_lock(&si->lock);
709
710 no_page:
711 si->flags -= SWP_SCANNING;
712 return 0;
713 }
714
715 swp_entry_t get_swap_page(void)
716 {
717 struct swap_info_struct *si, *next;
718 pgoff_t offset;
719
720 if (atomic_long_read(&nr_swap_pages) <= 0)
721 goto noswap;
722 atomic_long_dec(&nr_swap_pages);
723
724 spin_lock(&swap_avail_lock);
725
726 start_over:
727 plist_for_each_entry_safe(si, next, &swap_avail_head, avail_list) {
728 /* requeue si to after same-priority siblings */
729 plist_requeue(&si->avail_list, &swap_avail_head);
730 spin_unlock(&swap_avail_lock);
731 spin_lock(&si->lock);
732 if (!si->highest_bit || !(si->flags & SWP_WRITEOK)) {
733 spin_lock(&swap_avail_lock);
734 if (plist_node_empty(&si->avail_list)) {
735 spin_unlock(&si->lock);
736 goto nextsi;
737 }
738 WARN(!si->highest_bit,
739 "swap_info %d in list but !highest_bit\n",
740 si->type);
741 WARN(!(si->flags & SWP_WRITEOK),
742 "swap_info %d in list but !SWP_WRITEOK\n",
743 si->type);
744 plist_del(&si->avail_list, &swap_avail_head);
745 spin_unlock(&si->lock);
746 goto nextsi;
747 }
748
749 /* This is called for allocating swap entry for cache */
750 offset = scan_swap_map(si, SWAP_HAS_CACHE);
751 spin_unlock(&si->lock);
752 if (offset)
753 return swp_entry(si->type, offset);
754 pr_debug("scan_swap_map of si %d failed to find offset\n",
755 si->type);
756 spin_lock(&swap_avail_lock);
757 nextsi:
758 /*
759 * if we got here, it's likely that si was almost full before,
760 * and since scan_swap_map() can drop the si->lock, multiple
761 * callers probably all tried to get a page from the same si
762 * and it filled up before we could get one; or, the si filled
763 * up between us dropping swap_avail_lock and taking si->lock.
764 * Since we dropped the swap_avail_lock, the swap_avail_head
765 * list may have been modified; so if next is still in the
766 * swap_avail_head list then try it, otherwise start over.
767 */
768 if (plist_node_empty(&next->avail_list))
769 goto start_over;
770 }
771
772 spin_unlock(&swap_avail_lock);
773
774 atomic_long_inc(&nr_swap_pages);
775 noswap:
776 return (swp_entry_t) {0};
777 }
778
779 /* The only caller of this function is now suspend routine */
780 swp_entry_t get_swap_page_of_type(int type)
781 {
782 struct swap_info_struct *si;
783 pgoff_t offset;
784
785 si = swap_info[type];
786 spin_lock(&si->lock);
787 if (si && (si->flags & SWP_WRITEOK)) {
788 atomic_long_dec(&nr_swap_pages);
789 /* This is called for allocating swap entry, not cache */
790 offset = scan_swap_map(si, 1);
791 if (offset) {
792 spin_unlock(&si->lock);
793 return swp_entry(type, offset);
794 }
795 atomic_long_inc(&nr_swap_pages);
796 }
797 spin_unlock(&si->lock);
798 return (swp_entry_t) {0};
799 }
800
801 static struct swap_info_struct *_swap_info_get(swp_entry_t entry)
802 {
803 struct swap_info_struct *p;
804 unsigned long offset, type;
805
806 if (!entry.val)
807 goto out;
808 type = swp_type(entry);
809 if (type >= nr_swapfiles)
810 goto bad_nofile;
811 p = swap_info[type];
812 if (!(p->flags & SWP_USED))
813 goto bad_device;
814 offset = swp_offset(entry);
815 if (offset >= p->max)
816 goto bad_offset;
817 if (!p->swap_map[offset])
818 goto bad_free;
819 return p;
820
821 bad_free:
822 pr_err("swap_info_get: %s%08lx\n", Unused_offset, entry.val);
823 goto out;
824 bad_offset:
825 pr_err("swap_info_get: %s%08lx\n", Bad_offset, entry.val);
826 goto out;
827 bad_device:
828 pr_err("swap_info_get: %s%08lx\n", Unused_file, entry.val);
829 goto out;
830 bad_nofile:
831 pr_err("swap_info_get: %s%08lx\n", Bad_file, entry.val);
832 out:
833 return NULL;
834 }
835
836 static struct swap_info_struct *swap_info_get(swp_entry_t entry)
837 {
838 struct swap_info_struct *p;
839
840 p = _swap_info_get(entry);
841 if (p)
842 spin_lock(&p->lock);
843 return p;
844 }
845
846 static unsigned char swap_entry_free(struct swap_info_struct *p,
847 swp_entry_t entry, unsigned char usage,
848 bool swap_info_locked)
849 {
850 struct swap_cluster_info *ci;
851 unsigned long offset = swp_offset(entry);
852 unsigned char count;
853 unsigned char has_cache;
854 bool lock_swap_info = false;
855
856 if (!swap_info_locked) {
857 count = p->swap_map[offset];
858 if (!p->cluster_info || count == usage || count == SWAP_MAP_SHMEM) {
859 lock_swap_info:
860 swap_info_locked = true;
861 lock_swap_info = true;
862 spin_lock(&p->lock);
863 }
864 }
865
866 ci = lock_cluster(p, offset);
867
868 count = p->swap_map[offset];
869
870 if (!swap_info_locked && (count == usage || count == SWAP_MAP_SHMEM)) {
871 unlock_cluster(ci);
872 goto lock_swap_info;
873 }
874
875 has_cache = count & SWAP_HAS_CACHE;
876 count &= ~SWAP_HAS_CACHE;
877
878 if (usage == SWAP_HAS_CACHE) {
879 VM_BUG_ON(!has_cache);
880 has_cache = 0;
881 } else if (count == SWAP_MAP_SHMEM) {
882 /*
883 * Or we could insist on shmem.c using a special
884 * swap_shmem_free() and free_shmem_swap_and_cache()...
885 */
886 count = 0;
887 } else if ((count & ~COUNT_CONTINUED) <= SWAP_MAP_MAX) {
888 if (count == COUNT_CONTINUED) {
889 if (swap_count_continued(p, offset, count))
890 count = SWAP_MAP_MAX | COUNT_CONTINUED;
891 else
892 count = SWAP_MAP_MAX;
893 } else
894 count--;
895 }
896
897 usage = count | has_cache;
898 p->swap_map[offset] = usage;
899
900 unlock_cluster(ci);
901
902 /* free if no reference */
903 if (!usage) {
904 VM_BUG_ON(!swap_info_locked);
905 mem_cgroup_uncharge_swap(entry);
906 ci = lock_cluster(p, offset);
907 dec_cluster_info_page(p, p->cluster_info, offset);
908 unlock_cluster(ci);
909 if (offset < p->lowest_bit)
910 p->lowest_bit = offset;
911 if (offset > p->highest_bit) {
912 bool was_full = !p->highest_bit;
913 p->highest_bit = offset;
914 if (was_full && (p->flags & SWP_WRITEOK)) {
915 spin_lock(&swap_avail_lock);
916 WARN_ON(!plist_node_empty(&p->avail_list));
917 if (plist_node_empty(&p->avail_list))
918 plist_add(&p->avail_list,
919 &swap_avail_head);
920 spin_unlock(&swap_avail_lock);
921 }
922 }
923 atomic_long_inc(&nr_swap_pages);
924 p->inuse_pages--;
925 frontswap_invalidate_page(p->type, offset);
926 if (p->flags & SWP_BLKDEV) {
927 struct gendisk *disk = p->bdev->bd_disk;
928 if (disk->fops->swap_slot_free_notify)
929 disk->fops->swap_slot_free_notify(p->bdev,
930 offset);
931 }
932 }
933
934 if (lock_swap_info)
935 spin_unlock(&p->lock);
936
937 return usage;
938 }
939
940 /*
941 * Caller has made sure that the swap device corresponding to entry
942 * is still around or has not been recycled.
943 */
944 void swap_free(swp_entry_t entry)
945 {
946 struct swap_info_struct *p;
947
948 p = _swap_info_get(entry);
949 if (p)
950 swap_entry_free(p, entry, 1, false);
951 }
952
953 /*
954 * Called after dropping swapcache to decrease refcnt to swap entries.
955 */
956 void swapcache_free(swp_entry_t entry)
957 {
958 struct swap_info_struct *p;
959
960 p = _swap_info_get(entry);
961 if (p)
962 swap_entry_free(p, entry, SWAP_HAS_CACHE, false);
963 }
964
965 /*
966 * How many references to page are currently swapped out?
967 * This does not give an exact answer when swap count is continued,
968 * but does include the high COUNT_CONTINUED flag to allow for that.
969 */
970 int page_swapcount(struct page *page)
971 {
972 int count = 0;
973 struct swap_info_struct *p;
974 struct swap_cluster_info *ci;
975 swp_entry_t entry;
976 unsigned long offset;
977
978 entry.val = page_private(page);
979 p = _swap_info_get(entry);
980 if (p) {
981 offset = swp_offset(entry);
982 ci = lock_cluster_or_swap_info(p, offset);
983 count = swap_count(p->swap_map[offset]);
984 unlock_cluster_or_swap_info(p, ci);
985 }
986 return count;
987 }
988
989 /*
990 * How many references to @entry are currently swapped out?
991 * This considers COUNT_CONTINUED so it returns exact answer.
992 */
993 int swp_swapcount(swp_entry_t entry)
994 {
995 int count, tmp_count, n;
996 struct swap_info_struct *p;
997 struct swap_cluster_info *ci;
998 struct page *page;
999 pgoff_t offset;
1000 unsigned char *map;
1001
1002 p = _swap_info_get(entry);
1003 if (!p)
1004 return 0;
1005
1006 offset = swp_offset(entry);
1007
1008 ci = lock_cluster_or_swap_info(p, offset);
1009
1010 count = swap_count(p->swap_map[offset]);
1011 if (!(count & COUNT_CONTINUED))
1012 goto out;
1013
1014 count &= ~COUNT_CONTINUED;
1015 n = SWAP_MAP_MAX + 1;
1016
1017 page = vmalloc_to_page(p->swap_map + offset);
1018 offset &= ~PAGE_MASK;
1019 VM_BUG_ON(page_private(page) != SWP_CONTINUED);
1020
1021 do {
1022 page = list_next_entry(page, lru);
1023 map = kmap_atomic(page);
1024 tmp_count = map[offset];
1025 kunmap_atomic(map);
1026
1027 count += (tmp_count & ~COUNT_CONTINUED) * n;
1028 n *= (SWAP_CONT_MAX + 1);
1029 } while (tmp_count & COUNT_CONTINUED);
1030 out:
1031 unlock_cluster_or_swap_info(p, ci);
1032 return count;
1033 }
1034
1035 /*
1036 * We can write to an anon page without COW if there are no other references
1037 * to it. And as a side-effect, free up its swap: because the old content
1038 * on disk will never be read, and seeking back there to write new content
1039 * later would only waste time away from clustering.
1040 *
1041 * NOTE: total_mapcount should not be relied upon by the caller if
1042 * reuse_swap_page() returns false, but it may be always overwritten
1043 * (see the other implementation for CONFIG_SWAP=n).
1044 */
1045 bool reuse_swap_page(struct page *page, int *total_mapcount)
1046 {
1047 int count;
1048
1049 VM_BUG_ON_PAGE(!PageLocked(page), page);
1050 if (unlikely(PageKsm(page)))
1051 return false;
1052 count = page_trans_huge_mapcount(page, total_mapcount);
1053 if (count <= 1 && PageSwapCache(page)) {
1054 count += page_swapcount(page);
1055 if (count != 1)
1056 goto out;
1057 if (!PageWriteback(page)) {
1058 delete_from_swap_cache(page);
1059 SetPageDirty(page);
1060 } else {
1061 swp_entry_t entry;
1062 struct swap_info_struct *p;
1063
1064 entry.val = page_private(page);
1065 p = swap_info_get(entry);
1066 if (p->flags & SWP_STABLE_WRITES) {
1067 spin_unlock(&p->lock);
1068 return false;
1069 }
1070 spin_unlock(&p->lock);
1071 }
1072 }
1073 out:
1074 return count <= 1;
1075 }
1076
1077 /*
1078 * If swap is getting full, or if there are no more mappings of this page,
1079 * then try_to_free_swap is called to free its swap space.
1080 */
1081 int try_to_free_swap(struct page *page)
1082 {
1083 VM_BUG_ON_PAGE(!PageLocked(page), page);
1084
1085 if (!PageSwapCache(page))
1086 return 0;
1087 if (PageWriteback(page))
1088 return 0;
1089 if (page_swapcount(page))
1090 return 0;
1091
1092 /*
1093 * Once hibernation has begun to create its image of memory,
1094 * there's a danger that one of the calls to try_to_free_swap()
1095 * - most probably a call from __try_to_reclaim_swap() while
1096 * hibernation is allocating its own swap pages for the image,
1097 * but conceivably even a call from memory reclaim - will free
1098 * the swap from a page which has already been recorded in the
1099 * image as a clean swapcache page, and then reuse its swap for
1100 * another page of the image. On waking from hibernation, the
1101 * original page might be freed under memory pressure, then
1102 * later read back in from swap, now with the wrong data.
1103 *
1104 * Hibernation suspends storage while it is writing the image
1105 * to disk so check that here.
1106 */
1107 if (pm_suspended_storage())
1108 return 0;
1109
1110 delete_from_swap_cache(page);
1111 SetPageDirty(page);
1112 return 1;
1113 }
1114
1115 /*
1116 * Free the swap entry like above, but also try to
1117 * free the page cache entry if it is the last user.
1118 */
1119 int free_swap_and_cache(swp_entry_t entry)
1120 {
1121 struct swap_info_struct *p;
1122 struct page *page = NULL;
1123
1124 if (non_swap_entry(entry))
1125 return 1;
1126
1127 p = swap_info_get(entry);
1128 if (p) {
1129 if (swap_entry_free(p, entry, 1, true) == SWAP_HAS_CACHE) {
1130 page = find_get_page(swap_address_space(entry),
1131 swp_offset(entry));
1132 if (page && !trylock_page(page)) {
1133 put_page(page);
1134 page = NULL;
1135 }
1136 }
1137 spin_unlock(&p->lock);
1138 }
1139 if (page) {
1140 /*
1141 * Not mapped elsewhere, or swap space full? Free it!
1142 * Also recheck PageSwapCache now page is locked (above).
1143 */
1144 if (PageSwapCache(page) && !PageWriteback(page) &&
1145 (!page_mapped(page) || mem_cgroup_swap_full(page))) {
1146 delete_from_swap_cache(page);
1147 SetPageDirty(page);
1148 }
1149 unlock_page(page);
1150 put_page(page);
1151 }
1152 return p != NULL;
1153 }
1154
1155 #ifdef CONFIG_HIBERNATION
1156 /*
1157 * Find the swap type that corresponds to given device (if any).
1158 *
1159 * @offset - number of the PAGE_SIZE-sized block of the device, starting
1160 * from 0, in which the swap header is expected to be located.
1161 *
1162 * This is needed for the suspend to disk (aka swsusp).
1163 */
1164 int swap_type_of(dev_t device, sector_t offset, struct block_device **bdev_p)
1165 {
1166 struct block_device *bdev = NULL;
1167 int type;
1168
1169 if (device)
1170 bdev = bdget(device);
1171
1172 spin_lock(&swap_lock);
1173 for (type = 0; type < nr_swapfiles; type++) {
1174 struct swap_info_struct *sis = swap_info[type];
1175
1176 if (!(sis->flags & SWP_WRITEOK))
1177 continue;
1178
1179 if (!bdev) {
1180 if (bdev_p)
1181 *bdev_p = bdgrab(sis->bdev);
1182
1183 spin_unlock(&swap_lock);
1184 return type;
1185 }
1186 if (bdev == sis->bdev) {
1187 struct swap_extent *se = &sis->first_swap_extent;
1188
1189 if (se->start_block == offset) {
1190 if (bdev_p)
1191 *bdev_p = bdgrab(sis->bdev);
1192
1193 spin_unlock(&swap_lock);
1194 bdput(bdev);
1195 return type;
1196 }
1197 }
1198 }
1199 spin_unlock(&swap_lock);
1200 if (bdev)
1201 bdput(bdev);
1202
1203 return -ENODEV;
1204 }
1205
1206 /*
1207 * Get the (PAGE_SIZE) block corresponding to given offset on the swapdev
1208 * corresponding to given index in swap_info (swap type).
1209 */
1210 sector_t swapdev_block(int type, pgoff_t offset)
1211 {
1212 struct block_device *bdev;
1213
1214 if ((unsigned int)type >= nr_swapfiles)
1215 return 0;
1216 if (!(swap_info[type]->flags & SWP_WRITEOK))
1217 return 0;
1218 return map_swap_entry(swp_entry(type, offset), &bdev);
1219 }
1220
1221 /*
1222 * Return either the total number of swap pages of given type, or the number
1223 * of free pages of that type (depending on @free)
1224 *
1225 * This is needed for software suspend
1226 */
1227 unsigned int count_swap_pages(int type, int free)
1228 {
1229 unsigned int n = 0;
1230
1231 spin_lock(&swap_lock);
1232 if ((unsigned int)type < nr_swapfiles) {
1233 struct swap_info_struct *sis = swap_info[type];
1234
1235 spin_lock(&sis->lock);
1236 if (sis->flags & SWP_WRITEOK) {
1237 n = sis->pages;
1238 if (free)
1239 n -= sis->inuse_pages;
1240 }
1241 spin_unlock(&sis->lock);
1242 }
1243 spin_unlock(&swap_lock);
1244 return n;
1245 }
1246 #endif /* CONFIG_HIBERNATION */
1247
1248 static inline int pte_same_as_swp(pte_t pte, pte_t swp_pte)
1249 {
1250 return pte_same(pte_swp_clear_soft_dirty(pte), swp_pte);
1251 }
1252
1253 /*
1254 * No need to decide whether this PTE shares the swap entry with others,
1255 * just let do_wp_page work it out if a write is requested later - to
1256 * force COW, vm_page_prot omits write permission from any private vma.
1257 */
1258 static int unuse_pte(struct vm_area_struct *vma, pmd_t *pmd,
1259 unsigned long addr, swp_entry_t entry, struct page *page)
1260 {
1261 struct page *swapcache;
1262 struct mem_cgroup *memcg;
1263 spinlock_t *ptl;
1264 pte_t *pte;
1265 int ret = 1;
1266
1267 swapcache = page;
1268 page = ksm_might_need_to_copy(page, vma, addr);
1269 if (unlikely(!page))
1270 return -ENOMEM;
1271
1272 if (mem_cgroup_try_charge(page, vma->vm_mm, GFP_KERNEL,
1273 &memcg, false)) {
1274 ret = -ENOMEM;
1275 goto out_nolock;
1276 }
1277
1278 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl);
1279 if (unlikely(!pte_same_as_swp(*pte, swp_entry_to_pte(entry)))) {
1280 mem_cgroup_cancel_charge(page, memcg, false);
1281 ret = 0;
1282 goto out;
1283 }
1284
1285 dec_mm_counter(vma->vm_mm, MM_SWAPENTS);
1286 inc_mm_counter(vma->vm_mm, MM_ANONPAGES);
1287 get_page(page);
1288 set_pte_at(vma->vm_mm, addr, pte,
1289 pte_mkold(mk_pte(page, vma->vm_page_prot)));
1290 if (page == swapcache) {
1291 page_add_anon_rmap(page, vma, addr, false);
1292 mem_cgroup_commit_charge(page, memcg, true, false);
1293 } else { /* ksm created a completely new copy */
1294 page_add_new_anon_rmap(page, vma, addr, false);
1295 mem_cgroup_commit_charge(page, memcg, false, false);
1296 lru_cache_add_active_or_unevictable(page, vma);
1297 }
1298 swap_free(entry);
1299 /*
1300 * Move the page to the active list so it is not
1301 * immediately swapped out again after swapon.
1302 */
1303 activate_page(page);
1304 out:
1305 pte_unmap_unlock(pte, ptl);
1306 out_nolock:
1307 if (page != swapcache) {
1308 unlock_page(page);
1309 put_page(page);
1310 }
1311 return ret;
1312 }
1313
1314 static int unuse_pte_range(struct vm_area_struct *vma, pmd_t *pmd,
1315 unsigned long addr, unsigned long end,
1316 swp_entry_t entry, struct page *page)
1317 {
1318 pte_t swp_pte = swp_entry_to_pte(entry);
1319 pte_t *pte;
1320 int ret = 0;
1321
1322 /*
1323 * We don't actually need pte lock while scanning for swp_pte: since
1324 * we hold page lock and mmap_sem, swp_pte cannot be inserted into the
1325 * page table while we're scanning; though it could get zapped, and on
1326 * some architectures (e.g. x86_32 with PAE) we might catch a glimpse
1327 * of unmatched parts which look like swp_pte, so unuse_pte must
1328 * recheck under pte lock. Scanning without pte lock lets it be
1329 * preemptable whenever CONFIG_PREEMPT but not CONFIG_HIGHPTE.
1330 */
1331 pte = pte_offset_map(pmd, addr);
1332 do {
1333 /*
1334 * swapoff spends a _lot_ of time in this loop!
1335 * Test inline before going to call unuse_pte.
1336 */
1337 if (unlikely(pte_same_as_swp(*pte, swp_pte))) {
1338 pte_unmap(pte);
1339 ret = unuse_pte(vma, pmd, addr, entry, page);
1340 if (ret)
1341 goto out;
1342 pte = pte_offset_map(pmd, addr);
1343 }
1344 } while (pte++, addr += PAGE_SIZE, addr != end);
1345 pte_unmap(pte - 1);
1346 out:
1347 return ret;
1348 }
1349
1350 static inline int unuse_pmd_range(struct vm_area_struct *vma, pud_t *pud,
1351 unsigned long addr, unsigned long end,
1352 swp_entry_t entry, struct page *page)
1353 {
1354 pmd_t *pmd;
1355 unsigned long next;
1356 int ret;
1357
1358 pmd = pmd_offset(pud, addr);
1359 do {
1360 cond_resched();
1361 next = pmd_addr_end(addr, end);
1362 if (pmd_none_or_trans_huge_or_clear_bad(pmd))
1363 continue;
1364 ret = unuse_pte_range(vma, pmd, addr, next, entry, page);
1365 if (ret)
1366 return ret;
1367 } while (pmd++, addr = next, addr != end);
1368 return 0;
1369 }
1370
1371 static inline int unuse_pud_range(struct vm_area_struct *vma, pgd_t *pgd,
1372 unsigned long addr, unsigned long end,
1373 swp_entry_t entry, struct page *page)
1374 {
1375 pud_t *pud;
1376 unsigned long next;
1377 int ret;
1378
1379 pud = pud_offset(pgd, addr);
1380 do {
1381 next = pud_addr_end(addr, end);
1382 if (pud_none_or_clear_bad(pud))
1383 continue;
1384 ret = unuse_pmd_range(vma, pud, addr, next, entry, page);
1385 if (ret)
1386 return ret;
1387 } while (pud++, addr = next, addr != end);
1388 return 0;
1389 }
1390
1391 static int unuse_vma(struct vm_area_struct *vma,
1392 swp_entry_t entry, struct page *page)
1393 {
1394 pgd_t *pgd;
1395 unsigned long addr, end, next;
1396 int ret;
1397
1398 if (page_anon_vma(page)) {
1399 addr = page_address_in_vma(page, vma);
1400 if (addr == -EFAULT)
1401 return 0;
1402 else
1403 end = addr + PAGE_SIZE;
1404 } else {
1405 addr = vma->vm_start;
1406 end = vma->vm_end;
1407 }
1408
1409 pgd = pgd_offset(vma->vm_mm, addr);
1410 do {
1411 next = pgd_addr_end(addr, end);
1412 if (pgd_none_or_clear_bad(pgd))
1413 continue;
1414 ret = unuse_pud_range(vma, pgd, addr, next, entry, page);
1415 if (ret)
1416 return ret;
1417 } while (pgd++, addr = next, addr != end);
1418 return 0;
1419 }
1420
1421 static int unuse_mm(struct mm_struct *mm,
1422 swp_entry_t entry, struct page *page)
1423 {
1424 struct vm_area_struct *vma;
1425 int ret = 0;
1426
1427 if (!down_read_trylock(&mm->mmap_sem)) {
1428 /*
1429 * Activate page so shrink_inactive_list is unlikely to unmap
1430 * its ptes while lock is dropped, so swapoff can make progress.
1431 */
1432 activate_page(page);
1433 unlock_page(page);
1434 down_read(&mm->mmap_sem);
1435 lock_page(page);
1436 }
1437 for (vma = mm->mmap; vma; vma = vma->vm_next) {
1438 if (vma->anon_vma && (ret = unuse_vma(vma, entry, page)))
1439 break;
1440 cond_resched();
1441 }
1442 up_read(&mm->mmap_sem);
1443 return (ret < 0)? ret: 0;
1444 }
1445
1446 /*
1447 * Scan swap_map (or frontswap_map if frontswap parameter is true)
1448 * from current position to next entry still in use.
1449 * Recycle to start on reaching the end, returning 0 when empty.
1450 */
1451 static unsigned int find_next_to_unuse(struct swap_info_struct *si,
1452 unsigned int prev, bool frontswap)
1453 {
1454 unsigned int max = si->max;
1455 unsigned int i = prev;
1456 unsigned char count;
1457
1458 /*
1459 * No need for swap_lock here: we're just looking
1460 * for whether an entry is in use, not modifying it; false
1461 * hits are okay, and sys_swapoff() has already prevented new
1462 * allocations from this area (while holding swap_lock).
1463 */
1464 for (;;) {
1465 if (++i >= max) {
1466 if (!prev) {
1467 i = 0;
1468 break;
1469 }
1470 /*
1471 * No entries in use at top of swap_map,
1472 * loop back to start and recheck there.
1473 */
1474 max = prev + 1;
1475 prev = 0;
1476 i = 1;
1477 }
1478 count = READ_ONCE(si->swap_map[i]);
1479 if (count && swap_count(count) != SWAP_MAP_BAD)
1480 if (!frontswap || frontswap_test(si, i))
1481 break;
1482 if ((i % LATENCY_LIMIT) == 0)
1483 cond_resched();
1484 }
1485 return i;
1486 }
1487
1488 /*
1489 * We completely avoid races by reading each swap page in advance,
1490 * and then search for the process using it. All the necessary
1491 * page table adjustments can then be made atomically.
1492 *
1493 * if the boolean frontswap is true, only unuse pages_to_unuse pages;
1494 * pages_to_unuse==0 means all pages; ignored if frontswap is false
1495 */
1496 int try_to_unuse(unsigned int type, bool frontswap,
1497 unsigned long pages_to_unuse)
1498 {
1499 struct swap_info_struct *si = swap_info[type];
1500 struct mm_struct *start_mm;
1501 volatile unsigned char *swap_map; /* swap_map is accessed without
1502 * locking. Mark it as volatile
1503 * to prevent compiler doing
1504 * something odd.
1505 */
1506 unsigned char swcount;
1507 struct page *page;
1508 swp_entry_t entry;
1509 unsigned int i = 0;
1510 int retval = 0;
1511
1512 /*
1513 * When searching mms for an entry, a good strategy is to
1514 * start at the first mm we freed the previous entry from
1515 * (though actually we don't notice whether we or coincidence
1516 * freed the entry). Initialize this start_mm with a hold.
1517 *
1518 * A simpler strategy would be to start at the last mm we
1519 * freed the previous entry from; but that would take less
1520 * advantage of mmlist ordering, which clusters forked mms
1521 * together, child after parent. If we race with dup_mmap(), we
1522 * prefer to resolve parent before child, lest we miss entries
1523 * duplicated after we scanned child: using last mm would invert
1524 * that.
1525 */
1526 start_mm = &init_mm;
1527 atomic_inc(&init_mm.mm_users);
1528
1529 /*
1530 * Keep on scanning until all entries have gone. Usually,
1531 * one pass through swap_map is enough, but not necessarily:
1532 * there are races when an instance of an entry might be missed.
1533 */
1534 while ((i = find_next_to_unuse(si, i, frontswap)) != 0) {
1535 if (signal_pending(current)) {
1536 retval = -EINTR;
1537 break;
1538 }
1539
1540 /*
1541 * Get a page for the entry, using the existing swap
1542 * cache page if there is one. Otherwise, get a clean
1543 * page and read the swap into it.
1544 */
1545 swap_map = &si->swap_map[i];
1546 entry = swp_entry(type, i);
1547 page = read_swap_cache_async(entry,
1548 GFP_HIGHUSER_MOVABLE, NULL, 0);
1549 if (!page) {
1550 /*
1551 * Either swap_duplicate() failed because entry
1552 * has been freed independently, and will not be
1553 * reused since sys_swapoff() already disabled
1554 * allocation from here, or alloc_page() failed.
1555 */
1556 swcount = *swap_map;
1557 /*
1558 * We don't hold lock here, so the swap entry could be
1559 * SWAP_MAP_BAD (when the cluster is discarding).
1560 * Instead of fail out, We can just skip the swap
1561 * entry because swapoff will wait for discarding
1562 * finish anyway.
1563 */
1564 if (!swcount || swcount == SWAP_MAP_BAD)
1565 continue;
1566 retval = -ENOMEM;
1567 break;
1568 }
1569
1570 /*
1571 * Don't hold on to start_mm if it looks like exiting.
1572 */
1573 if (atomic_read(&start_mm->mm_users) == 1) {
1574 mmput(start_mm);
1575 start_mm = &init_mm;
1576 atomic_inc(&init_mm.mm_users);
1577 }
1578
1579 /*
1580 * Wait for and lock page. When do_swap_page races with
1581 * try_to_unuse, do_swap_page can handle the fault much
1582 * faster than try_to_unuse can locate the entry. This
1583 * apparently redundant "wait_on_page_locked" lets try_to_unuse
1584 * defer to do_swap_page in such a case - in some tests,
1585 * do_swap_page and try_to_unuse repeatedly compete.
1586 */
1587 wait_on_page_locked(page);
1588 wait_on_page_writeback(page);
1589 lock_page(page);
1590 wait_on_page_writeback(page);
1591
1592 /*
1593 * Remove all references to entry.
1594 */
1595 swcount = *swap_map;
1596 if (swap_count(swcount) == SWAP_MAP_SHMEM) {
1597 retval = shmem_unuse(entry, page);
1598 /* page has already been unlocked and released */
1599 if (retval < 0)
1600 break;
1601 continue;
1602 }
1603 if (swap_count(swcount) && start_mm != &init_mm)
1604 retval = unuse_mm(start_mm, entry, page);
1605
1606 if (swap_count(*swap_map)) {
1607 int set_start_mm = (*swap_map >= swcount);
1608 struct list_head *p = &start_mm->mmlist;
1609 struct mm_struct *new_start_mm = start_mm;
1610 struct mm_struct *prev_mm = start_mm;
1611 struct mm_struct *mm;
1612
1613 atomic_inc(&new_start_mm->mm_users);
1614 atomic_inc(&prev_mm->mm_users);
1615 spin_lock(&mmlist_lock);
1616 while (swap_count(*swap_map) && !retval &&
1617 (p = p->next) != &start_mm->mmlist) {
1618 mm = list_entry(p, struct mm_struct, mmlist);
1619 if (!atomic_inc_not_zero(&mm->mm_users))
1620 continue;
1621 spin_unlock(&mmlist_lock);
1622 mmput(prev_mm);
1623 prev_mm = mm;
1624
1625 cond_resched();
1626
1627 swcount = *swap_map;
1628 if (!swap_count(swcount)) /* any usage ? */
1629 ;
1630 else if (mm == &init_mm)
1631 set_start_mm = 1;
1632 else
1633 retval = unuse_mm(mm, entry, page);
1634
1635 if (set_start_mm && *swap_map < swcount) {
1636 mmput(new_start_mm);
1637 atomic_inc(&mm->mm_users);
1638 new_start_mm = mm;
1639 set_start_mm = 0;
1640 }
1641 spin_lock(&mmlist_lock);
1642 }
1643 spin_unlock(&mmlist_lock);
1644 mmput(prev_mm);
1645 mmput(start_mm);
1646 start_mm = new_start_mm;
1647 }
1648 if (retval) {
1649 unlock_page(page);
1650 put_page(page);
1651 break;
1652 }
1653
1654 /*
1655 * If a reference remains (rare), we would like to leave
1656 * the page in the swap cache; but try_to_unmap could
1657 * then re-duplicate the entry once we drop page lock,
1658 * so we might loop indefinitely; also, that page could
1659 * not be swapped out to other storage meanwhile. So:
1660 * delete from cache even if there's another reference,
1661 * after ensuring that the data has been saved to disk -
1662 * since if the reference remains (rarer), it will be
1663 * read from disk into another page. Splitting into two
1664 * pages would be incorrect if swap supported "shared
1665 * private" pages, but they are handled by tmpfs files.
1666 *
1667 * Given how unuse_vma() targets one particular offset
1668 * in an anon_vma, once the anon_vma has been determined,
1669 * this splitting happens to be just what is needed to
1670 * handle where KSM pages have been swapped out: re-reading
1671 * is unnecessarily slow, but we can fix that later on.
1672 */
1673 if (swap_count(*swap_map) &&
1674 PageDirty(page) && PageSwapCache(page)) {
1675 struct writeback_control wbc = {
1676 .sync_mode = WB_SYNC_NONE,
1677 };
1678
1679 swap_writepage(page, &wbc);
1680 lock_page(page);
1681 wait_on_page_writeback(page);
1682 }
1683
1684 /*
1685 * It is conceivable that a racing task removed this page from
1686 * swap cache just before we acquired the page lock at the top,
1687 * or while we dropped it in unuse_mm(). The page might even
1688 * be back in swap cache on another swap area: that we must not
1689 * delete, since it may not have been written out to swap yet.
1690 */
1691 if (PageSwapCache(page) &&
1692 likely(page_private(page) == entry.val))
1693 delete_from_swap_cache(page);
1694
1695 /*
1696 * So we could skip searching mms once swap count went
1697 * to 1, we did not mark any present ptes as dirty: must
1698 * mark page dirty so shrink_page_list will preserve it.
1699 */
1700 SetPageDirty(page);
1701 unlock_page(page);
1702 put_page(page);
1703
1704 /*
1705 * Make sure that we aren't completely killing
1706 * interactive performance.
1707 */
1708 cond_resched();
1709 if (frontswap && pages_to_unuse > 0) {
1710 if (!--pages_to_unuse)
1711 break;
1712 }
1713 }
1714
1715 mmput(start_mm);
1716 return retval;
1717 }
1718
1719 /*
1720 * After a successful try_to_unuse, if no swap is now in use, we know
1721 * we can empty the mmlist. swap_lock must be held on entry and exit.
1722 * Note that mmlist_lock nests inside swap_lock, and an mm must be
1723 * added to the mmlist just after page_duplicate - before would be racy.
1724 */
1725 static void drain_mmlist(void)
1726 {
1727 struct list_head *p, *next;
1728 unsigned int type;
1729
1730 for (type = 0; type < nr_swapfiles; type++)
1731 if (swap_info[type]->inuse_pages)
1732 return;
1733 spin_lock(&mmlist_lock);
1734 list_for_each_safe(p, next, &init_mm.mmlist)
1735 list_del_init(p);
1736 spin_unlock(&mmlist_lock);
1737 }
1738
1739 /*
1740 * Use this swapdev's extent info to locate the (PAGE_SIZE) block which
1741 * corresponds to page offset for the specified swap entry.
1742 * Note that the type of this function is sector_t, but it returns page offset
1743 * into the bdev, not sector offset.
1744 */
1745 static sector_t map_swap_entry(swp_entry_t entry, struct block_device **bdev)
1746 {
1747 struct swap_info_struct *sis;
1748 struct swap_extent *start_se;
1749 struct swap_extent *se;
1750 pgoff_t offset;
1751
1752 sis = swap_info[swp_type(entry)];
1753 *bdev = sis->bdev;
1754
1755 offset = swp_offset(entry);
1756 start_se = sis->curr_swap_extent;
1757 se = start_se;
1758
1759 for ( ; ; ) {
1760 if (se->start_page <= offset &&
1761 offset < (se->start_page + se->nr_pages)) {
1762 return se->start_block + (offset - se->start_page);
1763 }
1764 se = list_next_entry(se, list);
1765 sis->curr_swap_extent = se;
1766 BUG_ON(se == start_se); /* It *must* be present */
1767 }
1768 }
1769
1770 /*
1771 * Returns the page offset into bdev for the specified page's swap entry.
1772 */
1773 sector_t map_swap_page(struct page *page, struct block_device **bdev)
1774 {
1775 swp_entry_t entry;
1776 entry.val = page_private(page);
1777 return map_swap_entry(entry, bdev);
1778 }
1779
1780 /*
1781 * Free all of a swapdev's extent information
1782 */
1783 static void destroy_swap_extents(struct swap_info_struct *sis)
1784 {
1785 while (!list_empty(&sis->first_swap_extent.list)) {
1786 struct swap_extent *se;
1787
1788 se = list_first_entry(&sis->first_swap_extent.list,
1789 struct swap_extent, list);
1790 list_del(&se->list);
1791 kfree(se);
1792 }
1793
1794 if (sis->flags & SWP_FILE) {
1795 struct file *swap_file = sis->swap_file;
1796 struct address_space *mapping = swap_file->f_mapping;
1797
1798 sis->flags &= ~SWP_FILE;
1799 mapping->a_ops->swap_deactivate(swap_file);
1800 }
1801 }
1802
1803 /*
1804 * Add a block range (and the corresponding page range) into this swapdev's
1805 * extent list. The extent list is kept sorted in page order.
1806 *
1807 * This function rather assumes that it is called in ascending page order.
1808 */
1809 int
1810 add_swap_extent(struct swap_info_struct *sis, unsigned long start_page,
1811 unsigned long nr_pages, sector_t start_block)
1812 {
1813 struct swap_extent *se;
1814 struct swap_extent *new_se;
1815 struct list_head *lh;
1816
1817 if (start_page == 0) {
1818 se = &sis->first_swap_extent;
1819 sis->curr_swap_extent = se;
1820 se->start_page = 0;
1821 se->nr_pages = nr_pages;
1822 se->start_block = start_block;
1823 return 1;
1824 } else {
1825 lh = sis->first_swap_extent.list.prev; /* Highest extent */
1826 se = list_entry(lh, struct swap_extent, list);
1827 BUG_ON(se->start_page + se->nr_pages != start_page);
1828 if (se->start_block + se->nr_pages == start_block) {
1829 /* Merge it */
1830 se->nr_pages += nr_pages;
1831 return 0;
1832 }
1833 }
1834
1835 /*
1836 * No merge. Insert a new extent, preserving ordering.
1837 */
1838 new_se = kmalloc(sizeof(*se), GFP_KERNEL);
1839 if (new_se == NULL)
1840 return -ENOMEM;
1841 new_se->start_page = start_page;
1842 new_se->nr_pages = nr_pages;
1843 new_se->start_block = start_block;
1844
1845 list_add_tail(&new_se->list, &sis->first_swap_extent.list);
1846 return 1;
1847 }
1848
1849 /*
1850 * A `swap extent' is a simple thing which maps a contiguous range of pages
1851 * onto a contiguous range of disk blocks. An ordered list of swap extents
1852 * is built at swapon time and is then used at swap_writepage/swap_readpage
1853 * time for locating where on disk a page belongs.
1854 *
1855 * If the swapfile is an S_ISBLK block device, a single extent is installed.
1856 * This is done so that the main operating code can treat S_ISBLK and S_ISREG
1857 * swap files identically.
1858 *
1859 * Whether the swapdev is an S_ISREG file or an S_ISBLK blockdev, the swap
1860 * extent list operates in PAGE_SIZE disk blocks. Both S_ISREG and S_ISBLK
1861 * swapfiles are handled *identically* after swapon time.
1862 *
1863 * For S_ISREG swapfiles, setup_swap_extents() will walk all the file's blocks
1864 * and will parse them into an ordered extent list, in PAGE_SIZE chunks. If
1865 * some stray blocks are found which do not fall within the PAGE_SIZE alignment
1866 * requirements, they are simply tossed out - we will never use those blocks
1867 * for swapping.
1868 *
1869 * For S_ISREG swapfiles we set S_SWAPFILE across the life of the swapon. This
1870 * prevents root from shooting her foot off by ftruncating an in-use swapfile,
1871 * which will scribble on the fs.
1872 *
1873 * The amount of disk space which a single swap extent represents varies.
1874 * Typically it is in the 1-4 megabyte range. So we can have hundreds of
1875 * extents in the list. To avoid much list walking, we cache the previous
1876 * search location in `curr_swap_extent', and start new searches from there.
1877 * This is extremely effective. The average number of iterations in
1878 * map_swap_page() has been measured at about 0.3 per page. - akpm.
1879 */
1880 static int setup_swap_extents(struct swap_info_struct *sis, sector_t *span)
1881 {
1882 struct file *swap_file = sis->swap_file;
1883 struct address_space *mapping = swap_file->f_mapping;
1884 struct inode *inode = mapping->host;
1885 int ret;
1886
1887 if (S_ISBLK(inode->i_mode)) {
1888 ret = add_swap_extent(sis, 0, sis->max, 0);
1889 *span = sis->pages;
1890 return ret;
1891 }
1892
1893 if (mapping->a_ops->swap_activate) {
1894 ret = mapping->a_ops->swap_activate(sis, swap_file, span);
1895 if (!ret) {
1896 sis->flags |= SWP_FILE;
1897 ret = add_swap_extent(sis, 0, sis->max, 0);
1898 *span = sis->pages;
1899 }
1900 return ret;
1901 }
1902
1903 return generic_swapfile_activate(sis, swap_file, span);
1904 }
1905
1906 static void _enable_swap_info(struct swap_info_struct *p, int prio,
1907 unsigned char *swap_map,
1908 struct swap_cluster_info *cluster_info)
1909 {
1910 if (prio >= 0)
1911 p->prio = prio;
1912 else
1913 p->prio = --least_priority;
1914 /*
1915 * the plist prio is negated because plist ordering is
1916 * low-to-high, while swap ordering is high-to-low
1917 */
1918 p->list.prio = -p->prio;
1919 p->avail_list.prio = -p->prio;
1920 p->swap_map = swap_map;
1921 p->cluster_info = cluster_info;
1922 p->flags |= SWP_WRITEOK;
1923 atomic_long_add(p->pages, &nr_swap_pages);
1924 total_swap_pages += p->pages;
1925
1926 assert_spin_locked(&swap_lock);
1927 /*
1928 * both lists are plists, and thus priority ordered.
1929 * swap_active_head needs to be priority ordered for swapoff(),
1930 * which on removal of any swap_info_struct with an auto-assigned
1931 * (i.e. negative) priority increments the auto-assigned priority
1932 * of any lower-priority swap_info_structs.
1933 * swap_avail_head needs to be priority ordered for get_swap_page(),
1934 * which allocates swap pages from the highest available priority
1935 * swap_info_struct.
1936 */
1937 plist_add(&p->list, &swap_active_head);
1938 spin_lock(&swap_avail_lock);
1939 plist_add(&p->avail_list, &swap_avail_head);
1940 spin_unlock(&swap_avail_lock);
1941 }
1942
1943 static void enable_swap_info(struct swap_info_struct *p, int prio,
1944 unsigned char *swap_map,
1945 struct swap_cluster_info *cluster_info,
1946 unsigned long *frontswap_map)
1947 {
1948 frontswap_init(p->type, frontswap_map);
1949 spin_lock(&swap_lock);
1950 spin_lock(&p->lock);
1951 _enable_swap_info(p, prio, swap_map, cluster_info);
1952 spin_unlock(&p->lock);
1953 spin_unlock(&swap_lock);
1954 }
1955
1956 static void reinsert_swap_info(struct swap_info_struct *p)
1957 {
1958 spin_lock(&swap_lock);
1959 spin_lock(&p->lock);
1960 _enable_swap_info(p, p->prio, p->swap_map, p->cluster_info);
1961 spin_unlock(&p->lock);
1962 spin_unlock(&swap_lock);
1963 }
1964
1965 SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
1966 {
1967 struct swap_info_struct *p = NULL;
1968 unsigned char *swap_map;
1969 struct swap_cluster_info *cluster_info;
1970 unsigned long *frontswap_map;
1971 struct file *swap_file, *victim;
1972 struct address_space *mapping;
1973 struct inode *inode;
1974 struct filename *pathname;
1975 int err, found = 0;
1976 unsigned int old_block_size;
1977
1978 if (!capable(CAP_SYS_ADMIN))
1979 return -EPERM;
1980
1981 BUG_ON(!current->mm);
1982
1983 pathname = getname(specialfile);
1984 if (IS_ERR(pathname))
1985 return PTR_ERR(pathname);
1986
1987 victim = file_open_name(pathname, O_RDWR|O_LARGEFILE, 0);
1988 err = PTR_ERR(victim);
1989 if (IS_ERR(victim))
1990 goto out;
1991
1992 mapping = victim->f_mapping;
1993 spin_lock(&swap_lock);
1994 plist_for_each_entry(p, &swap_active_head, list) {
1995 if (p->flags & SWP_WRITEOK) {
1996 if (p->swap_file->f_mapping == mapping) {
1997 found = 1;
1998 break;
1999 }
2000 }
2001 }
2002 if (!found) {
2003 err = -EINVAL;
2004 spin_unlock(&swap_lock);
2005 goto out_dput;
2006 }
2007 if (!security_vm_enough_memory_mm(current->mm, p->pages))
2008 vm_unacct_memory(p->pages);
2009 else {
2010 err = -ENOMEM;
2011 spin_unlock(&swap_lock);
2012 goto out_dput;
2013 }
2014 spin_lock(&swap_avail_lock);
2015 plist_del(&p->avail_list, &swap_avail_head);
2016 spin_unlock(&swap_avail_lock);
2017 spin_lock(&p->lock);
2018 if (p->prio < 0) {
2019 struct swap_info_struct *si = p;
2020
2021 plist_for_each_entry_continue(si, &swap_active_head, list) {
2022 si->prio++;
2023 si->list.prio--;
2024 si->avail_list.prio--;
2025 }
2026 least_priority++;
2027 }
2028 plist_del(&p->list, &swap_active_head);
2029 atomic_long_sub(p->pages, &nr_swap_pages);
2030 total_swap_pages -= p->pages;
2031 p->flags &= ~SWP_WRITEOK;
2032 spin_unlock(&p->lock);
2033 spin_unlock(&swap_lock);
2034
2035 set_current_oom_origin();
2036 err = try_to_unuse(p->type, false, 0); /* force unuse all pages */
2037 clear_current_oom_origin();
2038
2039 if (err) {
2040 /* re-insert swap space back into swap_list */
2041 reinsert_swap_info(p);
2042 goto out_dput;
2043 }
2044
2045 flush_work(&p->discard_work);
2046
2047 destroy_swap_extents(p);
2048 if (p->flags & SWP_CONTINUED)
2049 free_swap_count_continuations(p);
2050
2051 mutex_lock(&swapon_mutex);
2052 spin_lock(&swap_lock);
2053 spin_lock(&p->lock);
2054 drain_mmlist();
2055
2056 /* wait for anyone still in scan_swap_map */
2057 p->highest_bit = 0; /* cuts scans short */
2058 while (p->flags >= SWP_SCANNING) {
2059 spin_unlock(&p->lock);
2060 spin_unlock(&swap_lock);
2061 schedule_timeout_uninterruptible(1);
2062 spin_lock(&swap_lock);
2063 spin_lock(&p->lock);
2064 }
2065
2066 swap_file = p->swap_file;
2067 old_block_size = p->old_block_size;
2068 p->swap_file = NULL;
2069 p->max = 0;
2070 swap_map = p->swap_map;
2071 p->swap_map = NULL;
2072 cluster_info = p->cluster_info;
2073 p->cluster_info = NULL;
2074 frontswap_map = frontswap_map_get(p);
2075 spin_unlock(&p->lock);
2076 spin_unlock(&swap_lock);
2077 frontswap_invalidate_area(p->type);
2078 frontswap_map_set(p, NULL);
2079 mutex_unlock(&swapon_mutex);
2080 free_percpu(p->percpu_cluster);
2081 p->percpu_cluster = NULL;
2082 vfree(swap_map);
2083 vfree(cluster_info);
2084 vfree(frontswap_map);
2085 /* Destroy swap account information */
2086 swap_cgroup_swapoff(p->type);
2087
2088 inode = mapping->host;
2089 if (S_ISBLK(inode->i_mode)) {
2090 struct block_device *bdev = I_BDEV(inode);
2091 set_blocksize(bdev, old_block_size);
2092 blkdev_put(bdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL);
2093 } else {
2094 inode_lock(inode);
2095 inode->i_flags &= ~S_SWAPFILE;
2096 inode_unlock(inode);
2097 }
2098 filp_close(swap_file, NULL);
2099
2100 /*
2101 * Clear the SWP_USED flag after all resources are freed so that swapon
2102 * can reuse this swap_info in alloc_swap_info() safely. It is ok to
2103 * not hold p->lock after we cleared its SWP_WRITEOK.
2104 */
2105 spin_lock(&swap_lock);
2106 p->flags = 0;
2107 spin_unlock(&swap_lock);
2108
2109 err = 0;
2110 atomic_inc(&proc_poll_event);
2111 wake_up_interruptible(&proc_poll_wait);
2112
2113 out_dput:
2114 filp_close(victim, NULL);
2115 out:
2116 putname(pathname);
2117 return err;
2118 }
2119
2120 #ifdef CONFIG_PROC_FS
2121 static unsigned swaps_poll(struct file *file, poll_table *wait)
2122 {
2123 struct seq_file *seq = file->private_data;
2124
2125 poll_wait(file, &proc_poll_wait, wait);
2126
2127 if (seq->poll_event != atomic_read(&proc_poll_event)) {
2128 seq->poll_event = atomic_read(&proc_poll_event);
2129 return POLLIN | POLLRDNORM | POLLERR | POLLPRI;
2130 }
2131
2132 return POLLIN | POLLRDNORM;
2133 }
2134
2135 /* iterator */
2136 static void *swap_start(struct seq_file *swap, loff_t *pos)
2137 {
2138 struct swap_info_struct *si;
2139 int type;
2140 loff_t l = *pos;
2141
2142 mutex_lock(&swapon_mutex);
2143
2144 if (!l)
2145 return SEQ_START_TOKEN;
2146
2147 for (type = 0; type < nr_swapfiles; type++) {
2148 smp_rmb(); /* read nr_swapfiles before swap_info[type] */
2149 si = swap_info[type];
2150 if (!(si->flags & SWP_USED) || !si->swap_map)
2151 continue;
2152 if (!--l)
2153 return si;
2154 }
2155
2156 return NULL;
2157 }
2158
2159 static void *swap_next(struct seq_file *swap, void *v, loff_t *pos)
2160 {
2161 struct swap_info_struct *si = v;
2162 int type;
2163
2164 if (v == SEQ_START_TOKEN)
2165 type = 0;
2166 else
2167 type = si->type + 1;
2168
2169 for (; type < nr_swapfiles; type++) {
2170 smp_rmb(); /* read nr_swapfiles before swap_info[type] */
2171 si = swap_info[type];
2172 if (!(si->flags & SWP_USED) || !si->swap_map)
2173 continue;
2174 ++*pos;
2175 return si;
2176 }
2177
2178 return NULL;
2179 }
2180
2181 static void swap_stop(struct seq_file *swap, void *v)
2182 {
2183 mutex_unlock(&swapon_mutex);
2184 }
2185
2186 static int swap_show(struct seq_file *swap, void *v)
2187 {
2188 struct swap_info_struct *si = v;
2189 struct file *file;
2190 int len;
2191
2192 if (si == SEQ_START_TOKEN) {
2193 seq_puts(swap,"Filename\t\t\t\tType\t\tSize\tUsed\tPriority\n");
2194 return 0;
2195 }
2196
2197 file = si->swap_file;
2198 len = seq_file_path(swap, file, " \t\n\\");
2199 seq_printf(swap, "%*s%s\t%u\t%u\t%d\n",
2200 len < 40 ? 40 - len : 1, " ",
2201 S_ISBLK(file_inode(file)->i_mode) ?
2202 "partition" : "file\t",
2203 si->pages << (PAGE_SHIFT - 10),
2204 si->inuse_pages << (PAGE_SHIFT - 10),
2205 si->prio);
2206 return 0;
2207 }
2208
2209 static const struct seq_operations swaps_op = {
2210 .start = swap_start,
2211 .next = swap_next,
2212 .stop = swap_stop,
2213 .show = swap_show
2214 };
2215
2216 static int swaps_open(struct inode *inode, struct file *file)
2217 {
2218 struct seq_file *seq;
2219 int ret;
2220
2221 ret = seq_open(file, &swaps_op);
2222 if (ret)
2223 return ret;
2224
2225 seq = file->private_data;
2226 seq->poll_event = atomic_read(&proc_poll_event);
2227 return 0;
2228 }
2229
2230 static const struct file_operations proc_swaps_operations = {
2231 .open = swaps_open,
2232 .read = seq_read,
2233 .llseek = seq_lseek,
2234 .release = seq_release,
2235 .poll = swaps_poll,
2236 };
2237
2238 static int __init procswaps_init(void)
2239 {
2240 proc_create("swaps", 0, NULL, &proc_swaps_operations);
2241 return 0;
2242 }
2243 __initcall(procswaps_init);
2244 #endif /* CONFIG_PROC_FS */
2245
2246 #ifdef MAX_SWAPFILES_CHECK
2247 static int __init max_swapfiles_check(void)
2248 {
2249 MAX_SWAPFILES_CHECK();
2250 return 0;
2251 }
2252 late_initcall(max_swapfiles_check);
2253 #endif
2254
2255 static struct swap_info_struct *alloc_swap_info(void)
2256 {
2257 struct swap_info_struct *p;
2258 unsigned int type;
2259
2260 p = kzalloc(sizeof(*p), GFP_KERNEL);
2261 if (!p)
2262 return ERR_PTR(-ENOMEM);
2263
2264 spin_lock(&swap_lock);
2265 for (type = 0; type < nr_swapfiles; type++) {
2266 if (!(swap_info[type]->flags & SWP_USED))
2267 break;
2268 }
2269 if (type >= MAX_SWAPFILES) {
2270 spin_unlock(&swap_lock);
2271 kfree(p);
2272 return ERR_PTR(-EPERM);
2273 }
2274 if (type >= nr_swapfiles) {
2275 p->type = type;
2276 swap_info[type] = p;
2277 /*
2278 * Write swap_info[type] before nr_swapfiles, in case a
2279 * racing procfs swap_start() or swap_next() is reading them.
2280 * (We never shrink nr_swapfiles, we never free this entry.)
2281 */
2282 smp_wmb();
2283 nr_swapfiles++;
2284 } else {
2285 kfree(p);
2286 p = swap_info[type];
2287 /*
2288 * Do not memset this entry: a racing procfs swap_next()
2289 * would be relying on p->type to remain valid.
2290 */
2291 }
2292 INIT_LIST_HEAD(&p->first_swap_extent.list);
2293 plist_node_init(&p->list, 0);
2294 plist_node_init(&p->avail_list, 0);
2295 p->flags = SWP_USED;
2296 spin_unlock(&swap_lock);
2297 spin_lock_init(&p->lock);
2298
2299 return p;
2300 }
2301
2302 static int claim_swapfile(struct swap_info_struct *p, struct inode *inode)
2303 {
2304 int error;
2305
2306 if (S_ISBLK(inode->i_mode)) {
2307 p->bdev = bdgrab(I_BDEV(inode));
2308 error = blkdev_get(p->bdev,
2309 FMODE_READ | FMODE_WRITE | FMODE_EXCL, p);
2310 if (error < 0) {
2311 p->bdev = NULL;
2312 return error;
2313 }
2314 p->old_block_size = block_size(p->bdev);
2315 error = set_blocksize(p->bdev, PAGE_SIZE);
2316 if (error < 0)
2317 return error;
2318 p->flags |= SWP_BLKDEV;
2319 } else if (S_ISREG(inode->i_mode)) {
2320 p->bdev = inode->i_sb->s_bdev;
2321 inode_lock(inode);
2322 if (IS_SWAPFILE(inode))
2323 return -EBUSY;
2324 } else
2325 return -EINVAL;
2326
2327 return 0;
2328 }
2329
2330 static unsigned long read_swap_header(struct swap_info_struct *p,
2331 union swap_header *swap_header,
2332 struct inode *inode)
2333 {
2334 int i;
2335 unsigned long maxpages;
2336 unsigned long swapfilepages;
2337 unsigned long last_page;
2338
2339 if (memcmp("SWAPSPACE2", swap_header->magic.magic, 10)) {
2340 pr_err("Unable to find swap-space signature\n");
2341 return 0;
2342 }
2343
2344 /* swap partition endianess hack... */
2345 if (swab32(swap_header->info.version) == 1) {
2346 swab32s(&swap_header->info.version);
2347 swab32s(&swap_header->info.last_page);
2348 swab32s(&swap_header->info.nr_badpages);
2349 if (swap_header->info.nr_badpages > MAX_SWAP_BADPAGES)
2350 return 0;
2351 for (i = 0; i < swap_header->info.nr_badpages; i++)
2352 swab32s(&swap_header->info.badpages[i]);
2353 }
2354 /* Check the swap header's sub-version */
2355 if (swap_header->info.version != 1) {
2356 pr_warn("Unable to handle swap header version %d\n",
2357 swap_header->info.version);
2358 return 0;
2359 }
2360
2361 p->lowest_bit = 1;
2362 p->cluster_next = 1;
2363 p->cluster_nr = 0;
2364
2365 /*
2366 * Find out how many pages are allowed for a single swap
2367 * device. There are two limiting factors: 1) the number
2368 * of bits for the swap offset in the swp_entry_t type, and
2369 * 2) the number of bits in the swap pte as defined by the
2370 * different architectures. In order to find the
2371 * largest possible bit mask, a swap entry with swap type 0
2372 * and swap offset ~0UL is created, encoded to a swap pte,
2373 * decoded to a swp_entry_t again, and finally the swap
2374 * offset is extracted. This will mask all the bits from
2375 * the initial ~0UL mask that can't be encoded in either
2376 * the swp_entry_t or the architecture definition of a
2377 * swap pte.
2378 */
2379 maxpages = swp_offset(pte_to_swp_entry(
2380 swp_entry_to_pte(swp_entry(0, ~0UL)))) + 1;
2381 last_page = swap_header->info.last_page;
2382 if (last_page > maxpages) {
2383 pr_warn("Truncating oversized swap area, only using %luk out of %luk\n",
2384 maxpages << (PAGE_SHIFT - 10),
2385 last_page << (PAGE_SHIFT - 10));
2386 }
2387 if (maxpages > last_page) {
2388 maxpages = last_page + 1;
2389 /* p->max is an unsigned int: don't overflow it */
2390 if ((unsigned int)maxpages == 0)
2391 maxpages = UINT_MAX;
2392 }
2393 p->highest_bit = maxpages - 1;
2394
2395 if (!maxpages)
2396 return 0;
2397 swapfilepages = i_size_read(inode) >> PAGE_SHIFT;
2398 if (swapfilepages && maxpages > swapfilepages) {
2399 pr_warn("Swap area shorter than signature indicates\n");
2400 return 0;
2401 }
2402 if (swap_header->info.nr_badpages && S_ISREG(inode->i_mode))
2403 return 0;
2404 if (swap_header->info.nr_badpages > MAX_SWAP_BADPAGES)
2405 return 0;
2406
2407 return maxpages;
2408 }
2409
2410 #define SWAP_CLUSTER_COLS \
2411 DIV_ROUND_UP(L1_CACHE_BYTES, sizeof(struct swap_cluster_info))
2412
2413 static int setup_swap_map_and_extents(struct swap_info_struct *p,
2414 union swap_header *swap_header,
2415 unsigned char *swap_map,
2416 struct swap_cluster_info *cluster_info,
2417 unsigned long maxpages,
2418 sector_t *span)
2419 {
2420 unsigned int j, k;
2421 unsigned int nr_good_pages;
2422 int nr_extents;
2423 unsigned long nr_clusters = DIV_ROUND_UP(maxpages, SWAPFILE_CLUSTER);
2424 unsigned long col = p->cluster_next / SWAPFILE_CLUSTER % SWAP_CLUSTER_COLS;
2425 unsigned long i, idx;
2426
2427 nr_good_pages = maxpages - 1; /* omit header page */
2428
2429 cluster_list_init(&p->free_clusters);
2430 cluster_list_init(&p->discard_clusters);
2431
2432 for (i = 0; i < swap_header->info.nr_badpages; i++) {
2433 unsigned int page_nr = swap_header->info.badpages[i];
2434 if (page_nr == 0 || page_nr > swap_header->info.last_page)
2435 return -EINVAL;
2436 if (page_nr < maxpages) {
2437 swap_map[page_nr] = SWAP_MAP_BAD;
2438 nr_good_pages--;
2439 /*
2440 * Haven't marked the cluster free yet, no list
2441 * operation involved
2442 */
2443 inc_cluster_info_page(p, cluster_info, page_nr);
2444 }
2445 }
2446
2447 /* Haven't marked the cluster free yet, no list operation involved */
2448 for (i = maxpages; i < round_up(maxpages, SWAPFILE_CLUSTER); i++)
2449 inc_cluster_info_page(p, cluster_info, i);
2450
2451 if (nr_good_pages) {
2452 swap_map[0] = SWAP_MAP_BAD;
2453 /*
2454 * Not mark the cluster free yet, no list
2455 * operation involved
2456 */
2457 inc_cluster_info_page(p, cluster_info, 0);
2458 p->max = maxpages;
2459 p->pages = nr_good_pages;
2460 nr_extents = setup_swap_extents(p, span);
2461 if (nr_extents < 0)
2462 return nr_extents;
2463 nr_good_pages = p->pages;
2464 }
2465 if (!nr_good_pages) {
2466 pr_warn("Empty swap-file\n");
2467 return -EINVAL;
2468 }
2469
2470 if (!cluster_info)
2471 return nr_extents;
2472
2473
2474 /* Reduce false cache line sharing between cluster_info */
2475 for (k = 0; k < SWAP_CLUSTER_COLS; k++) {
2476 j = (k + col) % SWAP_CLUSTER_COLS;
2477 for (i = 0; i < DIV_ROUND_UP(nr_clusters, SWAP_CLUSTER_COLS); i++) {
2478 idx = i * SWAP_CLUSTER_COLS + j;
2479 if (idx >= nr_clusters)
2480 continue;
2481 if (cluster_count(&cluster_info[idx]))
2482 continue;
2483 cluster_set_flag(&cluster_info[idx], CLUSTER_FLAG_FREE);
2484 cluster_list_add_tail(&p->free_clusters, cluster_info,
2485 idx);
2486 }
2487 }
2488 return nr_extents;
2489 }
2490
2491 /*
2492 * Helper to sys_swapon determining if a given swap
2493 * backing device queue supports DISCARD operations.
2494 */
2495 static bool swap_discardable(struct swap_info_struct *si)
2496 {
2497 struct request_queue *q = bdev_get_queue(si->bdev);
2498
2499 if (!q || !blk_queue_discard(q))
2500 return false;
2501
2502 return true;
2503 }
2504
2505 SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
2506 {
2507 struct swap_info_struct *p;
2508 struct filename *name;
2509 struct file *swap_file = NULL;
2510 struct address_space *mapping;
2511 int prio;
2512 int error;
2513 union swap_header *swap_header;
2514 int nr_extents;
2515 sector_t span;
2516 unsigned long maxpages;
2517 unsigned char *swap_map = NULL;
2518 struct swap_cluster_info *cluster_info = NULL;
2519 unsigned long *frontswap_map = NULL;
2520 struct page *page = NULL;
2521 struct inode *inode = NULL;
2522
2523 if (swap_flags & ~SWAP_FLAGS_VALID)
2524 return -EINVAL;
2525
2526 if (!capable(CAP_SYS_ADMIN))
2527 return -EPERM;
2528
2529 p = alloc_swap_info();
2530 if (IS_ERR(p))
2531 return PTR_ERR(p);
2532
2533 INIT_WORK(&p->discard_work, swap_discard_work);
2534
2535 name = getname(specialfile);
2536 if (IS_ERR(name)) {
2537 error = PTR_ERR(name);
2538 name = NULL;
2539 goto bad_swap;
2540 }
2541 swap_file = file_open_name(name, O_RDWR|O_LARGEFILE, 0);
2542 if (IS_ERR(swap_file)) {
2543 error = PTR_ERR(swap_file);
2544 swap_file = NULL;
2545 goto bad_swap;
2546 }
2547
2548 p->swap_file = swap_file;
2549 mapping = swap_file->f_mapping;
2550 inode = mapping->host;
2551
2552 /* If S_ISREG(inode->i_mode) will do inode_lock(inode); */
2553 error = claim_swapfile(p, inode);
2554 if (unlikely(error))
2555 goto bad_swap;
2556
2557 /*
2558 * Read the swap header.
2559 */
2560 if (!mapping->a_ops->readpage) {
2561 error = -EINVAL;
2562 goto bad_swap;
2563 }
2564 page = read_mapping_page(mapping, 0, swap_file);
2565 if (IS_ERR(page)) {
2566 error = PTR_ERR(page);
2567 goto bad_swap;
2568 }
2569 swap_header = kmap(page);
2570
2571 maxpages = read_swap_header(p, swap_header, inode);
2572 if (unlikely(!maxpages)) {
2573 error = -EINVAL;
2574 goto bad_swap;
2575 }
2576
2577 /* OK, set up the swap map and apply the bad block list */
2578 swap_map = vzalloc(maxpages);
2579 if (!swap_map) {
2580 error = -ENOMEM;
2581 goto bad_swap;
2582 }
2583
2584 if (bdi_cap_stable_pages_required(inode_to_bdi(inode)))
2585 p->flags |= SWP_STABLE_WRITES;
2586
2587 if (p->bdev && blk_queue_nonrot(bdev_get_queue(p->bdev))) {
2588 int cpu;
2589 unsigned long ci, nr_cluster;
2590
2591 p->flags |= SWP_SOLIDSTATE;
2592 /*
2593 * select a random position to start with to help wear leveling
2594 * SSD
2595 */
2596 p->cluster_next = 1 + (prandom_u32() % p->highest_bit);
2597 nr_cluster = DIV_ROUND_UP(maxpages, SWAPFILE_CLUSTER);
2598
2599 cluster_info = vzalloc(nr_cluster * sizeof(*cluster_info));
2600 if (!cluster_info) {
2601 error = -ENOMEM;
2602 goto bad_swap;
2603 }
2604
2605 for (ci = 0; ci < nr_cluster; ci++)
2606 spin_lock_init(&((cluster_info + ci)->lock));
2607
2608 p->percpu_cluster = alloc_percpu(struct percpu_cluster);
2609 if (!p->percpu_cluster) {
2610 error = -ENOMEM;
2611 goto bad_swap;
2612 }
2613 for_each_possible_cpu(cpu) {
2614 struct percpu_cluster *cluster;
2615 cluster = per_cpu_ptr(p->percpu_cluster, cpu);
2616 cluster_set_null(&cluster->index);
2617 }
2618 }
2619
2620 error = swap_cgroup_swapon(p->type, maxpages);
2621 if (error)
2622 goto bad_swap;
2623
2624 nr_extents = setup_swap_map_and_extents(p, swap_header, swap_map,
2625 cluster_info, maxpages, &span);
2626 if (unlikely(nr_extents < 0)) {
2627 error = nr_extents;
2628 goto bad_swap;
2629 }
2630 /* frontswap enabled? set up bit-per-page map for frontswap */
2631 if (IS_ENABLED(CONFIG_FRONTSWAP))
2632 frontswap_map = vzalloc(BITS_TO_LONGS(maxpages) * sizeof(long));
2633
2634 if (p->bdev &&(swap_flags & SWAP_FLAG_DISCARD) && swap_discardable(p)) {
2635 /*
2636 * When discard is enabled for swap with no particular
2637 * policy flagged, we set all swap discard flags here in
2638 * order to sustain backward compatibility with older
2639 * swapon(8) releases.
2640 */
2641 p->flags |= (SWP_DISCARDABLE | SWP_AREA_DISCARD |
2642 SWP_PAGE_DISCARD);
2643
2644 /*
2645 * By flagging sys_swapon, a sysadmin can tell us to
2646 * either do single-time area discards only, or to just
2647 * perform discards for released swap page-clusters.
2648 * Now it's time to adjust the p->flags accordingly.
2649 */
2650 if (swap_flags & SWAP_FLAG_DISCARD_ONCE)
2651 p->flags &= ~SWP_PAGE_DISCARD;
2652 else if (swap_flags & SWAP_FLAG_DISCARD_PAGES)
2653 p->flags &= ~SWP_AREA_DISCARD;
2654
2655 /* issue a swapon-time discard if it's still required */
2656 if (p->flags & SWP_AREA_DISCARD) {
2657 int err = discard_swap(p);
2658 if (unlikely(err))
2659 pr_err("swapon: discard_swap(%p): %d\n",
2660 p, err);
2661 }
2662 }
2663
2664 mutex_lock(&swapon_mutex);
2665 prio = -1;
2666 if (swap_flags & SWAP_FLAG_PREFER)
2667 prio =
2668 (swap_flags & SWAP_FLAG_PRIO_MASK) >> SWAP_FLAG_PRIO_SHIFT;
2669 enable_swap_info(p, prio, swap_map, cluster_info, frontswap_map);
2670
2671 pr_info("Adding %uk swap on %s. Priority:%d extents:%d across:%lluk %s%s%s%s%s\n",
2672 p->pages<<(PAGE_SHIFT-10), name->name, p->prio,
2673 nr_extents, (unsigned long long)span<<(PAGE_SHIFT-10),
2674 (p->flags & SWP_SOLIDSTATE) ? "SS" : "",
2675 (p->flags & SWP_DISCARDABLE) ? "D" : "",
2676 (p->flags & SWP_AREA_DISCARD) ? "s" : "",
2677 (p->flags & SWP_PAGE_DISCARD) ? "c" : "",
2678 (frontswap_map) ? "FS" : "");
2679
2680 mutex_unlock(&swapon_mutex);
2681 atomic_inc(&proc_poll_event);
2682 wake_up_interruptible(&proc_poll_wait);
2683
2684 if (S_ISREG(inode->i_mode))
2685 inode->i_flags |= S_SWAPFILE;
2686 error = 0;
2687 goto out;
2688 bad_swap:
2689 free_percpu(p->percpu_cluster);
2690 p->percpu_cluster = NULL;
2691 if (inode && S_ISBLK(inode->i_mode) && p->bdev) {
2692 set_blocksize(p->bdev, p->old_block_size);
2693 blkdev_put(p->bdev, FMODE_READ | FMODE_WRITE | FMODE_EXCL);
2694 }
2695 destroy_swap_extents(p);
2696 swap_cgroup_swapoff(p->type);
2697 spin_lock(&swap_lock);
2698 p->swap_file = NULL;
2699 p->flags = 0;
2700 spin_unlock(&swap_lock);
2701 vfree(swap_map);
2702 vfree(cluster_info);
2703 if (swap_file) {
2704 if (inode && S_ISREG(inode->i_mode)) {
2705 inode_unlock(inode);
2706 inode = NULL;
2707 }
2708 filp_close(swap_file, NULL);
2709 }
2710 out:
2711 if (page && !IS_ERR(page)) {
2712 kunmap(page);
2713 put_page(page);
2714 }
2715 if (name)
2716 putname(name);
2717 if (inode && S_ISREG(inode->i_mode))
2718 inode_unlock(inode);
2719 return error;
2720 }
2721
2722 void si_swapinfo(struct sysinfo *val)
2723 {
2724 unsigned int type;
2725 unsigned long nr_to_be_unused = 0;
2726
2727 spin_lock(&swap_lock);
2728 for (type = 0; type < nr_swapfiles; type++) {
2729 struct swap_info_struct *si = swap_info[type];
2730
2731 if ((si->flags & SWP_USED) && !(si->flags & SWP_WRITEOK))
2732 nr_to_be_unused += si->inuse_pages;
2733 }
2734 val->freeswap = atomic_long_read(&nr_swap_pages) + nr_to_be_unused;
2735 val->totalswap = total_swap_pages + nr_to_be_unused;
2736 spin_unlock(&swap_lock);
2737 }
2738
2739 /*
2740 * Verify that a swap entry is valid and increment its swap map count.
2741 *
2742 * Returns error code in following case.
2743 * - success -> 0
2744 * - swp_entry is invalid -> EINVAL
2745 * - swp_entry is migration entry -> EINVAL
2746 * - swap-cache reference is requested but there is already one. -> EEXIST
2747 * - swap-cache reference is requested but the entry is not used. -> ENOENT
2748 * - swap-mapped reference requested but needs continued swap count. -> ENOMEM
2749 */
2750 static int __swap_duplicate(swp_entry_t entry, unsigned char usage)
2751 {
2752 struct swap_info_struct *p;
2753 struct swap_cluster_info *ci;
2754 unsigned long offset, type;
2755 unsigned char count;
2756 unsigned char has_cache;
2757 int err = -EINVAL;
2758
2759 if (non_swap_entry(entry))
2760 goto out;
2761
2762 type = swp_type(entry);
2763 if (type >= nr_swapfiles)
2764 goto bad_file;
2765 p = swap_info[type];
2766 offset = swp_offset(entry);
2767 if (unlikely(offset >= p->max))
2768 goto out;
2769
2770 ci = lock_cluster_or_swap_info(p, offset);
2771
2772 count = p->swap_map[offset];
2773
2774 /*
2775 * swapin_readahead() doesn't check if a swap entry is valid, so the
2776 * swap entry could be SWAP_MAP_BAD. Check here with lock held.
2777 */
2778 if (unlikely(swap_count(count) == SWAP_MAP_BAD)) {
2779 err = -ENOENT;
2780 goto unlock_out;
2781 }
2782
2783 has_cache = count & SWAP_HAS_CACHE;
2784 count &= ~SWAP_HAS_CACHE;
2785 err = 0;
2786
2787 if (usage == SWAP_HAS_CACHE) {
2788
2789 /* set SWAP_HAS_CACHE if there is no cache and entry is used */
2790 if (!has_cache && count)
2791 has_cache = SWAP_HAS_CACHE;
2792 else if (has_cache) /* someone else added cache */
2793 err = -EEXIST;
2794 else /* no users remaining */
2795 err = -ENOENT;
2796
2797 } else if (count || has_cache) {
2798
2799 if ((count & ~COUNT_CONTINUED) < SWAP_MAP_MAX)
2800 count += usage;
2801 else if ((count & ~COUNT_CONTINUED) > SWAP_MAP_MAX)
2802 err = -EINVAL;
2803 else if (swap_count_continued(p, offset, count))
2804 count = COUNT_CONTINUED;
2805 else
2806 err = -ENOMEM;
2807 } else
2808 err = -ENOENT; /* unused swap entry */
2809
2810 p->swap_map[offset] = count | has_cache;
2811
2812 unlock_out:
2813 unlock_cluster_or_swap_info(p, ci);
2814 out:
2815 return err;
2816
2817 bad_file:
2818 pr_err("swap_dup: %s%08lx\n", Bad_file, entry.val);
2819 goto out;
2820 }
2821
2822 /*
2823 * Help swapoff by noting that swap entry belongs to shmem/tmpfs
2824 * (in which case its reference count is never incremented).
2825 */
2826 void swap_shmem_alloc(swp_entry_t entry)
2827 {
2828 __swap_duplicate(entry, SWAP_MAP_SHMEM);
2829 }
2830
2831 /*
2832 * Increase reference count of swap entry by 1.
2833 * Returns 0 for success, or -ENOMEM if a swap_count_continuation is required
2834 * but could not be atomically allocated. Returns 0, just as if it succeeded,
2835 * if __swap_duplicate() fails for another reason (-EINVAL or -ENOENT), which
2836 * might occur if a page table entry has got corrupted.
2837 */
2838 int swap_duplicate(swp_entry_t entry)
2839 {
2840 int err = 0;
2841
2842 while (!err && __swap_duplicate(entry, 1) == -ENOMEM)
2843 err = add_swap_count_continuation(entry, GFP_ATOMIC);
2844 return err;
2845 }
2846
2847 /*
2848 * @entry: swap entry for which we allocate swap cache.
2849 *
2850 * Called when allocating swap cache for existing swap entry,
2851 * This can return error codes. Returns 0 at success.
2852 * -EBUSY means there is a swap cache.
2853 * Note: return code is different from swap_duplicate().
2854 */
2855 int swapcache_prepare(swp_entry_t entry)
2856 {
2857 return __swap_duplicate(entry, SWAP_HAS_CACHE);
2858 }
2859
2860 struct swap_info_struct *page_swap_info(struct page *page)
2861 {
2862 swp_entry_t swap = { .val = page_private(page) };
2863 return swap_info[swp_type(swap)];
2864 }
2865
2866 /*
2867 * out-of-line __page_file_ methods to avoid include hell.
2868 */
2869 struct address_space *__page_file_mapping(struct page *page)
2870 {
2871 VM_BUG_ON_PAGE(!PageSwapCache(page), page);
2872 return page_swap_info(page)->swap_file->f_mapping;
2873 }
2874 EXPORT_SYMBOL_GPL(__page_file_mapping);
2875
2876 pgoff_t __page_file_index(struct page *page)
2877 {
2878 swp_entry_t swap = { .val = page_private(page) };
2879 VM_BUG_ON_PAGE(!PageSwapCache(page), page);
2880 return swp_offset(swap);
2881 }
2882 EXPORT_SYMBOL_GPL(__page_file_index);
2883
2884 /*
2885 * add_swap_count_continuation - called when a swap count is duplicated
2886 * beyond SWAP_MAP_MAX, it allocates a new page and links that to the entry's
2887 * page of the original vmalloc'ed swap_map, to hold the continuation count
2888 * (for that entry and for its neighbouring PAGE_SIZE swap entries). Called
2889 * again when count is duplicated beyond SWAP_MAP_MAX * SWAP_CONT_MAX, etc.
2890 *
2891 * These continuation pages are seldom referenced: the common paths all work
2892 * on the original swap_map, only referring to a continuation page when the
2893 * low "digit" of a count is incremented or decremented through SWAP_MAP_MAX.
2894 *
2895 * add_swap_count_continuation(, GFP_ATOMIC) can be called while holding
2896 * page table locks; if it fails, add_swap_count_continuation(, GFP_KERNEL)
2897 * can be called after dropping locks.
2898 */
2899 int add_swap_count_continuation(swp_entry_t entry, gfp_t gfp_mask)
2900 {
2901 struct swap_info_struct *si;
2902 struct swap_cluster_info *ci;
2903 struct page *head;
2904 struct page *page;
2905 struct page *list_page;
2906 pgoff_t offset;
2907 unsigned char count;
2908
2909 /*
2910 * When debugging, it's easier to use __GFP_ZERO here; but it's better
2911 * for latency not to zero a page while GFP_ATOMIC and holding locks.
2912 */
2913 page = alloc_page(gfp_mask | __GFP_HIGHMEM);
2914
2915 si = swap_info_get(entry);
2916 if (!si) {
2917 /*
2918 * An acceptable race has occurred since the failing
2919 * __swap_duplicate(): the swap entry has been freed,
2920 * perhaps even the whole swap_map cleared for swapoff.
2921 */
2922 goto outer;
2923 }
2924
2925 offset = swp_offset(entry);
2926
2927 ci = lock_cluster(si, offset);
2928
2929 count = si->swap_map[offset] & ~SWAP_HAS_CACHE;
2930
2931 if ((count & ~COUNT_CONTINUED) != SWAP_MAP_MAX) {
2932 /*
2933 * The higher the swap count, the more likely it is that tasks
2934 * will race to add swap count continuation: we need to avoid
2935 * over-provisioning.
2936 */
2937 goto out;
2938 }
2939
2940 if (!page) {
2941 unlock_cluster(ci);
2942 spin_unlock(&si->lock);
2943 return -ENOMEM;
2944 }
2945
2946 /*
2947 * We are fortunate that although vmalloc_to_page uses pte_offset_map,
2948 * no architecture is using highmem pages for kernel page tables: so it
2949 * will not corrupt the GFP_ATOMIC caller's atomic page table kmaps.
2950 */
2951 head = vmalloc_to_page(si->swap_map + offset);
2952 offset &= ~PAGE_MASK;
2953
2954 /*
2955 * Page allocation does not initialize the page's lru field,
2956 * but it does always reset its private field.
2957 */
2958 if (!page_private(head)) {
2959 BUG_ON(count & COUNT_CONTINUED);
2960 INIT_LIST_HEAD(&head->lru);
2961 set_page_private(head, SWP_CONTINUED);
2962 si->flags |= SWP_CONTINUED;
2963 }
2964
2965 list_for_each_entry(list_page, &head->lru, lru) {
2966 unsigned char *map;
2967
2968 /*
2969 * If the previous map said no continuation, but we've found
2970 * a continuation page, free our allocation and use this one.
2971 */
2972 if (!(count & COUNT_CONTINUED))
2973 goto out;
2974
2975 map = kmap_atomic(list_page) + offset;
2976 count = *map;
2977 kunmap_atomic(map);
2978
2979 /*
2980 * If this continuation count now has some space in it,
2981 * free our allocation and use this one.
2982 */
2983 if ((count & ~COUNT_CONTINUED) != SWAP_CONT_MAX)
2984 goto out;
2985 }
2986
2987 list_add_tail(&page->lru, &head->lru);
2988 page = NULL; /* now it's attached, don't free it */
2989 out:
2990 unlock_cluster(ci);
2991 spin_unlock(&si->lock);
2992 outer:
2993 if (page)
2994 __free_page(page);
2995 return 0;
2996 }
2997
2998 /*
2999 * swap_count_continued - when the original swap_map count is incremented
3000 * from SWAP_MAP_MAX, check if there is already a continuation page to carry
3001 * into, carry if so, or else fail until a new continuation page is allocated;
3002 * when the original swap_map count is decremented from 0 with continuation,
3003 * borrow from the continuation and report whether it still holds more.
3004 * Called while __swap_duplicate() or swap_entry_free() holds swap or cluster
3005 * lock.
3006 */
3007 static bool swap_count_continued(struct swap_info_struct *si,
3008 pgoff_t offset, unsigned char count)
3009 {
3010 struct page *head;
3011 struct page *page;
3012 unsigned char *map;
3013
3014 head = vmalloc_to_page(si->swap_map + offset);
3015 if (page_private(head) != SWP_CONTINUED) {
3016 BUG_ON(count & COUNT_CONTINUED);
3017 return false; /* need to add count continuation */
3018 }
3019
3020 offset &= ~PAGE_MASK;
3021 page = list_entry(head->lru.next, struct page, lru);
3022 map = kmap_atomic(page) + offset;
3023
3024 if (count == SWAP_MAP_MAX) /* initial increment from swap_map */
3025 goto init_map; /* jump over SWAP_CONT_MAX checks */
3026
3027 if (count == (SWAP_MAP_MAX | COUNT_CONTINUED)) { /* incrementing */
3028 /*
3029 * Think of how you add 1 to 999
3030 */
3031 while (*map == (SWAP_CONT_MAX | COUNT_CONTINUED)) {
3032 kunmap_atomic(map);
3033 page = list_entry(page->lru.next, struct page, lru);
3034 BUG_ON(page == head);
3035 map = kmap_atomic(page) + offset;
3036 }
3037 if (*map == SWAP_CONT_MAX) {
3038 kunmap_atomic(map);
3039 page = list_entry(page->lru.next, struct page, lru);
3040 if (page == head)
3041 return false; /* add count continuation */
3042 map = kmap_atomic(page) + offset;
3043 init_map: *map = 0; /* we didn't zero the page */
3044 }
3045 *map += 1;
3046 kunmap_atomic(map);
3047 page = list_entry(page->lru.prev, struct page, lru);
3048 while (page != head) {
3049 map = kmap_atomic(page) + offset;
3050 *map = COUNT_CONTINUED;
3051 kunmap_atomic(map);
3052 page = list_entry(page->lru.prev, struct page, lru);
3053 }
3054 return true; /* incremented */
3055
3056 } else { /* decrementing */
3057 /*
3058 * Think of how you subtract 1 from 1000
3059 */
3060 BUG_ON(count != COUNT_CONTINUED);
3061 while (*map == COUNT_CONTINUED) {
3062 kunmap_atomic(map);
3063 page = list_entry(page->lru.next, struct page, lru);
3064 BUG_ON(page == head);
3065 map = kmap_atomic(page) + offset;
3066 }
3067 BUG_ON(*map == 0);
3068 *map -= 1;
3069 if (*map == 0)
3070 count = 0;
3071 kunmap_atomic(map);
3072 page = list_entry(page->lru.prev, struct page, lru);
3073 while (page != head) {
3074 map = kmap_atomic(page) + offset;
3075 *map = SWAP_CONT_MAX | count;
3076 count = COUNT_CONTINUED;
3077 kunmap_atomic(map);
3078 page = list_entry(page->lru.prev, struct page, lru);
3079 }
3080 return count == COUNT_CONTINUED;
3081 }
3082 }
3083
3084 /*
3085 * free_swap_count_continuations - swapoff free all the continuation pages
3086 * appended to the swap_map, after swap_map is quiesced, before vfree'ing it.
3087 */
3088 static void free_swap_count_continuations(struct swap_info_struct *si)
3089 {
3090 pgoff_t offset;
3091
3092 for (offset = 0; offset < si->max; offset += PAGE_SIZE) {
3093 struct page *head;
3094 head = vmalloc_to_page(si->swap_map + offset);
3095 if (page_private(head)) {
3096 struct page *page, *next;
3097
3098 list_for_each_entry_safe(page, next, &head->lru, lru) {
3099 list_del(&page->lru);
3100 __free_page(page);
3101 }
3102 }
3103 }
3104 }
Ubuntu Jammy Linux kernel mirror