6 * Address space accounting code <alan@redhat.com>
9 #include <linux/slab.h>
10 #include <linux/shm.h>
11 #include <linux/mman.h>
12 #include <linux/pagemap.h>
13 #include <linux/swap.h>
14 #include <linux/init.h>
15 #include <linux/file.h>
17 #include <linux/personality.h>
18 #include <linux/security.h>
19 #include <linux/hugetlb.h>
20 #include <linux/profile.h>
22 #include <asm/uaccess.h>
23 #include <asm/pgalloc.h>
27 * WARNING: the debugging will use recursive algorithms so never enable this
28 * unless you know what you are doing.
32 /* description of effects of mapping type and prot in current implementation.
33 * this is due to the limited x86 page protection hardware. The expected
34 * behavior is in parens:
37 * PROT_NONE PROT_READ PROT_WRITE PROT_EXEC
38 * MAP_SHARED r: (no) no r: (yes) yes r: (no) yes r: (no) yes
39 * w: (no) no w: (no) no w: (yes) yes w: (no) no
40 * x: (no) no x: (no) yes x: (no) yes x: (yes) yes
42 * MAP_PRIVATE r: (no) no r: (yes) yes r: (no) yes r: (no) yes
43 * w: (no) no w: (no) no w: (copy) copy w: (no) no
44 * x: (no) no x: (no) yes x: (no) yes x: (yes) yes
47 pgprot_t protection_map[16] = {
48 __P000, __P001, __P010, __P011, __P100, __P101, __P110, __P111,
49 __S000, __S001, __S010, __S011, __S100, __S101, __S110, __S111
52 int sysctl_overcommit_memory = 0; /* default is heuristic overcommit */
53 int sysctl_overcommit_ratio = 50; /* default is 50% */
54 atomic_t vm_committed_space = ATOMIC_INIT(0);
57 * Check that a process has enough memory to allocate a new virtual
58 * mapping. 1 means there is enough memory for the allocation to
59 * succeed and 0 implies there is not.
61 * We currently support three overcommit policies, which are set via the
62 * vm.overcommit_memory sysctl. See Documentation/vm/overcommit-acounting
64 * Strict overcommit modes added 2002 Feb 26 by Alan Cox.
65 * Additional code 2002 Jul 20 by Robert Love.
67 int vm_enough_memory(long pages)
69 unsigned long free, allowed;
71 vm_acct_memory(pages);
74 * Sometimes we want to use more memory than we have
76 if (sysctl_overcommit_memory == 1)
79 if (sysctl_overcommit_memory == 0) {
80 free = get_page_cache_size();
81 free += nr_free_pages();
82 free += nr_swap_pages;
85 * The code below doesn't account for free space in the
86 * inode and dentry slab cache, slab cache fragmentation,
87 * inodes and dentries which will become freeable under
88 * VM load, etc. Lets just hope all these (complex)
89 * factors balance out...
91 free += (dentry_stat.nr_unused * sizeof(struct dentry)) >>
93 free += (inodes_stat.nr_unused * sizeof(struct inode)) >>
98 vm_unacct_memory(pages);
102 allowed = totalram_pages * sysctl_overcommit_ratio / 100;
103 allowed += total_swap_pages;
105 if (atomic_read(&vm_committed_space) < allowed)
108 vm_unacct_memory(pages);
114 * Requires inode->i_mapping->i_shared_sem
117 __remove_shared_vm_struct(struct vm_area_struct *vma, struct inode *inode)
120 if (vma->vm_flags & VM_DENYWRITE)
121 atomic_inc(&inode->i_writecount);
122 list_del_init(&vma->shared);
127 * Remove one vm structure from the inode's i_mapping address space.
129 static void remove_shared_vm_struct(struct vm_area_struct *vma)
131 struct file *file = vma->vm_file;
134 struct inode *inode = file->f_dentry->d_inode;
136 down(&inode->i_mapping->i_shared_sem);
137 __remove_shared_vm_struct(vma, inode);
138 up(&inode->i_mapping->i_shared_sem);
143 * sys_brk() for the most part doesn't need the global kernel
144 * lock, except when an application is doing something nasty
145 * like trying to un-brk an area that has already been mapped
146 * to a regular file. in this case, the unmapping will need
147 * to invoke file system routines that need the global lock.
149 asmlinkage unsigned long sys_brk(unsigned long brk)
151 unsigned long rlim, retval;
152 unsigned long newbrk, oldbrk;
153 struct mm_struct *mm = current->mm;
155 down_write(&mm->mmap_sem);
157 if (brk < mm->end_code)
159 newbrk = PAGE_ALIGN(brk);
160 oldbrk = PAGE_ALIGN(mm->brk);
161 if (oldbrk == newbrk)
164 /* Always allow shrinking brk. */
165 if (brk <= mm->brk) {
166 if (!do_munmap(mm, newbrk, oldbrk-newbrk))
171 /* Check against rlimit.. */
172 rlim = current->rlim[RLIMIT_DATA].rlim_cur;
173 if (rlim < RLIM_INFINITY && brk - mm->start_data > rlim)
176 /* Check against existing mmap mappings. */
177 if (find_vma_intersection(mm, oldbrk, newbrk+PAGE_SIZE))
180 /* Ok, looks good - let it rip. */
181 if (do_brk(oldbrk, newbrk-oldbrk) != oldbrk)
187 up_write(&mm->mmap_sem);
191 /* Combine the mmap "prot" and "flags" argument into one "vm_flags" used
192 * internally. Essentially, translate the "PROT_xxx" and "MAP_xxx" bits
195 static inline unsigned long
196 calc_vm_flags(unsigned long prot, unsigned long flags)
198 #define _trans(x,bit1,bit2) \
199 ((bit1==bit2)?(x&bit1):(x&bit1)?bit2:0)
201 unsigned long prot_bits, flag_bits;
203 _trans(prot, PROT_READ, VM_READ) |
204 _trans(prot, PROT_WRITE, VM_WRITE) |
205 _trans(prot, PROT_EXEC, VM_EXEC);
207 _trans(flags, MAP_GROWSDOWN, VM_GROWSDOWN) |
208 _trans(flags, MAP_DENYWRITE, VM_DENYWRITE) |
209 _trans(flags, MAP_EXECUTABLE, VM_EXECUTABLE);
210 return prot_bits | flag_bits;
215 static int browse_rb(struct rb_node * rb_node) {
219 i += browse_rb(rb_node->rb_left);
220 i += browse_rb(rb_node->rb_right);
225 static void validate_mm(struct mm_struct * mm) {
228 struct vm_area_struct * tmp = mm->mmap;
233 if (i != mm->map_count)
234 printk("map_count %d vm_next %d\n", mm->map_count, i), bug = 1;
235 i = browse_rb(mm->mm_rb.rb_node);
236 if (i != mm->map_count)
237 printk("map_count %d rb %d\n", mm->map_count, i), bug = 1;
242 #define validate_mm(mm) do { } while (0)
245 static struct vm_area_struct *
246 find_vma_prepare(struct mm_struct *mm, unsigned long addr,
247 struct vm_area_struct **pprev, struct rb_node ***rb_link,
248 struct rb_node ** rb_parent)
250 struct vm_area_struct * vma;
251 struct rb_node ** __rb_link, * __rb_parent, * rb_prev;
253 __rb_link = &mm->mm_rb.rb_node;
254 rb_prev = __rb_parent = NULL;
258 struct vm_area_struct *vma_tmp;
260 __rb_parent = *__rb_link;
261 vma_tmp = rb_entry(__rb_parent, struct vm_area_struct, vm_rb);
263 if (vma_tmp->vm_end > addr) {
265 if (vma_tmp->vm_start <= addr)
267 __rb_link = &__rb_parent->rb_left;
269 rb_prev = __rb_parent;
270 __rb_link = &__rb_parent->rb_right;
276 *pprev = rb_entry(rb_prev, struct vm_area_struct, vm_rb);
277 *rb_link = __rb_link;
278 *rb_parent = __rb_parent;
283 __vma_link_list(struct mm_struct *mm, struct vm_area_struct *vma,
284 struct vm_area_struct *prev, struct rb_node *rb_parent)
287 vma->vm_next = prev->vm_next;
292 vma->vm_next = rb_entry(rb_parent,
293 struct vm_area_struct, vm_rb);
299 static void __vma_link_rb(struct mm_struct *mm, struct vm_area_struct *vma,
300 struct rb_node **rb_link, struct rb_node *rb_parent)
302 rb_link_node(&vma->vm_rb, rb_parent, rb_link);
303 rb_insert_color(&vma->vm_rb, &mm->mm_rb);
306 static inline void __vma_link_file(struct vm_area_struct *vma)
312 struct inode * inode = file->f_dentry->d_inode;
313 struct address_space *mapping = inode->i_mapping;
315 if (vma->vm_flags & VM_DENYWRITE)
316 atomic_dec(&inode->i_writecount);
318 if (vma->vm_flags & VM_SHARED)
319 list_add_tail(&vma->shared, &mapping->i_mmap_shared);
321 list_add_tail(&vma->shared, &mapping->i_mmap);
326 __vma_link(struct mm_struct *mm, struct vm_area_struct *vma,
327 struct vm_area_struct *prev, struct rb_node **rb_link,
328 struct rb_node *rb_parent)
330 __vma_link_list(mm, vma, prev, rb_parent);
331 __vma_link_rb(mm, vma, rb_link, rb_parent);
332 __vma_link_file(vma);
335 static void vma_link(struct mm_struct *mm, struct vm_area_struct *vma,
336 struct vm_area_struct *prev, struct rb_node **rb_link,
337 struct rb_node *rb_parent)
339 struct address_space *mapping = NULL;
342 mapping = vma->vm_file->f_dentry->d_inode->i_mapping;
345 down(&mapping->i_shared_sem);
346 spin_lock(&mm->page_table_lock);
347 __vma_link(mm, vma, prev, rb_link, rb_parent);
348 spin_unlock(&mm->page_table_lock);
350 up(&mapping->i_shared_sem);
352 mark_mm_hugetlb(mm, vma);
358 * If the vma has a ->close operation then the driver probably needs to release
359 * per-vma resources, so we don't attempt to merge those.
361 #define VM_SPECIAL (VM_IO | VM_DONTCOPY | VM_DONTEXPAND | VM_RESERVED)
363 static inline int is_mergeable_vma(struct vm_area_struct *vma,
364 struct file *file, unsigned long vm_flags)
366 if (vma->vm_ops && vma->vm_ops->close)
368 if (vma->vm_file != file)
370 if (vma->vm_flags != vm_flags)
372 if (vma->vm_private_data)
378 * Return true if we can merge this (vm_flags,file,vm_pgoff,size)
379 * in front of (at a lower virtual address and file offset than) the vma.
381 * We don't check here for the merged mmap wrapping around the end of pagecache
382 * indices (16TB on ia32) because do_mmap_pgoff() does not permit mmap's which
383 * wrap, nor mmaps which cover the final page at index -1UL.
386 can_vma_merge_before(struct vm_area_struct *vma, unsigned long vm_flags,
387 struct file *file, unsigned long vm_pgoff, unsigned long size)
389 if (is_mergeable_vma(vma, file, vm_flags)) {
391 return 1; /* anon mapping */
392 if (vma->vm_pgoff == vm_pgoff + size)
399 * Return true if we can merge this (vm_flags,file,vm_pgoff)
400 * beyond (at a higher virtual address and file offset than) the vma.
403 can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags,
404 struct file *file, unsigned long vm_pgoff)
406 if (is_mergeable_vma(vma, file, vm_flags)) {
407 unsigned long vma_size;
410 return 1; /* anon mapping */
412 vma_size = (vma->vm_end - vma->vm_start) >> PAGE_SHIFT;
413 if (vma->vm_pgoff + vma_size == vm_pgoff)
420 * Given a new mapping request (addr,end,vm_flags,file,pgoff), figure out
421 * whether that can be merged with its predecessor or its successor. Or
422 * both (it neatly fills a hole).
424 static int vma_merge(struct mm_struct *mm, struct vm_area_struct *prev,
425 struct rb_node *rb_parent, unsigned long addr,
426 unsigned long end, unsigned long vm_flags,
427 struct file *file, unsigned long pgoff)
429 spinlock_t * lock = &mm->page_table_lock;
432 * We later require that vma->vm_flags == vm_flags, so this tests
433 * vma->vm_flags & VM_SPECIAL, too.
435 if (vm_flags & VM_SPECIAL)
439 prev = rb_entry(rb_parent, struct vm_area_struct, vm_rb);
444 * Can it merge with the predecessor?
446 if (prev->vm_end == addr &&
447 is_mergeable_vma(prev, file, vm_flags) &&
448 can_vma_merge_after(prev, vm_flags, file, pgoff)) {
449 struct vm_area_struct *next;
450 struct inode *inode = file ? file->f_dentry->d_inode : NULL;
453 if (unlikely(file && prev->vm_next &&
454 prev->vm_next->vm_file == file)) {
455 down(&inode->i_mapping->i_shared_sem);
462 * OK, it did. Can we now merge in the successor as well?
464 next = prev->vm_next;
465 if (next && prev->vm_end == next->vm_start &&
466 can_vma_merge_before(next, vm_flags, file,
467 pgoff, (end - addr) >> PAGE_SHIFT)) {
468 prev->vm_end = next->vm_end;
469 __vma_unlink(mm, next, prev);
470 __remove_shared_vm_struct(next, inode);
473 up(&inode->i_mapping->i_shared_sem);
476 kmem_cache_free(vm_area_cachep, next);
481 up(&inode->i_mapping->i_shared_sem);
486 * Can this new request be merged in front of prev->vm_next?
488 prev = prev->vm_next;
491 if (!can_vma_merge_before(prev, vm_flags, file,
492 pgoff, (end - addr) >> PAGE_SHIFT))
494 if (end == prev->vm_start) {
496 prev->vm_start = addr;
497 prev->vm_pgoff -= (end - addr) >> PAGE_SHIFT;
507 * The caller must hold down_write(current->mm->mmap_sem).
510 unsigned long do_mmap_pgoff(struct file * file, unsigned long addr,
511 unsigned long len, unsigned long prot,
512 unsigned long flags, unsigned long pgoff)
514 struct mm_struct * mm = current->mm;
515 struct vm_area_struct * vma, * prev;
517 unsigned int vm_flags;
518 int correct_wcount = 0;
520 struct rb_node ** rb_link, * rb_parent;
521 unsigned long charged = 0;
523 if (file && (!file->f_op || !file->f_op->mmap))
532 len = PAGE_ALIGN(len);
534 /* offset overflow? */
535 if ((pgoff + (len >> PAGE_SHIFT)) < pgoff)
538 /* Too many mappings? */
539 if (mm->map_count > MAX_MAP_COUNT)
542 /* Obtain the address to map to. we verify (or select) it and ensure
543 * that it represents a valid section of the address space.
545 addr = get_unmapped_area(file, addr, len, pgoff, flags);
546 if (addr & ~PAGE_MASK)
549 /* Do simple checking here so the lower-level routines won't have
550 * to. we assume access permissions have been handled by the open
551 * of the memory object, so we don't do any here.
553 vm_flags = calc_vm_flags(prot,flags) | mm->def_flags |
554 VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC;
556 if (flags & MAP_LOCKED) {
557 if (!capable(CAP_IPC_LOCK))
559 vm_flags |= VM_LOCKED;
561 /* mlock MCL_FUTURE? */
562 if (vm_flags & VM_LOCKED) {
563 unsigned long locked = mm->locked_vm << PAGE_SHIFT;
565 if (locked > current->rlim[RLIMIT_MEMLOCK].rlim_cur)
569 inode = file ? file->f_dentry->d_inode : NULL;
572 switch (flags & MAP_TYPE) {
574 if ((prot&PROT_WRITE) && !(file->f_mode&FMODE_WRITE))
578 * Make sure we don't allow writing to an append-only
581 if (IS_APPEND(inode) && (file->f_mode & FMODE_WRITE))
585 * Make sure there are no mandatory locks on the file.
587 if (locks_verify_locked(inode))
590 vm_flags |= VM_SHARED | VM_MAYSHARE;
591 if (!(file->f_mode & FMODE_WRITE))
592 vm_flags &= ~(VM_MAYWRITE | VM_SHARED);
596 if (!(file->f_mode & FMODE_READ))
604 vm_flags |= VM_SHARED | VM_MAYSHARE;
605 switch (flags & MAP_TYPE) {
609 vm_flags &= ~(VM_SHARED | VM_MAYSHARE);
616 error = security_file_mmap(file, prot, flags);
623 vma = find_vma_prepare(mm, addr, &prev, &rb_link, &rb_parent);
624 if (vma && vma->vm_start < addr + len) {
625 if (do_munmap(mm, addr, len))
630 /* Check against address space limit. */
631 if ((mm->total_vm << PAGE_SHIFT) + len
632 > current->rlim[RLIMIT_AS].rlim_cur)
635 if (!(flags & MAP_NORESERVE) || sysctl_overcommit_memory > 1) {
636 if (vm_flags & VM_SHARED) {
637 /* Check memory availability in shmem_file_setup? */
638 vm_flags |= VM_ACCOUNT;
639 } else if (vm_flags & VM_WRITE) {
641 * Private writable mapping: check memory availability
643 charged = len >> PAGE_SHIFT;
644 if (!vm_enough_memory(charged))
646 vm_flags |= VM_ACCOUNT;
650 /* Can we just expand an old anonymous mapping? */
651 if (!file && !(vm_flags & VM_SHARED) && rb_parent)
652 if (vma_merge(mm, prev, rb_parent, addr, addr + len,
657 * Determine the object being mapped and call the appropriate
658 * specific mapper. the address has already been validated, but
659 * not unmapped, but the maps are removed from the list.
661 vma = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
667 vma->vm_start = addr;
668 vma->vm_end = addr + len;
669 vma->vm_flags = vm_flags;
670 vma->vm_page_prot = protection_map[vm_flags & 0x0f];
672 vma->vm_pgoff = pgoff;
674 vma->vm_private_data = NULL;
675 INIT_LIST_HEAD(&vma->shared);
679 if (vm_flags & (VM_GROWSDOWN|VM_GROWSUP))
681 if (vm_flags & VM_DENYWRITE) {
682 error = deny_write_access(file);
689 error = file->f_op->mmap(file, vma);
691 goto unmap_and_free_vma;
692 } else if (vm_flags & VM_SHARED) {
693 error = shmem_zero_setup(vma);
698 /* We set VM_ACCOUNT in a shared mapping's vm_flags, to inform
699 * shmem_zero_setup (perhaps called through /dev/zero's ->mmap)
700 * that memory reservation must be checked; but that reservation
701 * belongs to shared memory object, not to vma: so now clear it.
703 if ((vm_flags & (VM_SHARED|VM_ACCOUNT)) == (VM_SHARED|VM_ACCOUNT))
704 vma->vm_flags &= ~VM_ACCOUNT;
706 /* Can addr have changed??
708 * Answer: Yes, several device drivers can do it in their
709 * f_op->mmap method. -DaveM
711 addr = vma->vm_start;
713 if (!file || !rb_parent || !vma_merge(mm, prev, rb_parent, addr,
714 addr + len, vma->vm_flags, file, pgoff)) {
715 vma_link(mm, vma, prev, rb_link, rb_parent);
717 atomic_inc(&inode->i_writecount);
721 atomic_inc(&inode->i_writecount);
724 kmem_cache_free(vm_area_cachep, vma);
727 mm->total_vm += len >> PAGE_SHIFT;
728 if (vm_flags & VM_LOCKED) {
729 mm->locked_vm += len >> PAGE_SHIFT;
730 make_pages_present(addr, addr + len);
732 if (flags & MAP_POPULATE) {
733 up_write(&mm->mmap_sem);
734 sys_remap_file_pages(addr, len, prot,
735 pgoff, flags & MAP_NONBLOCK);
736 down_write(&mm->mmap_sem);
742 atomic_inc(&inode->i_writecount);
746 /* Undo any partial mapping done by a device driver. */
747 zap_page_range(vma, vma->vm_start, vma->vm_end - vma->vm_start);
749 kmem_cache_free(vm_area_cachep, vma);
752 vm_unacct_memory(charged);
756 /* Get an address range which is currently unmapped.
757 * For shmat() with addr=0.
759 * Ugly calling convention alert:
760 * Return value with the low bits set means error value,
762 * if (ret & ~PAGE_MASK)
765 * This function "knows" that -ENOMEM has the bits set.
767 #ifndef HAVE_ARCH_UNMAPPED_AREA
768 static inline unsigned long
769 arch_get_unmapped_area(struct file *filp, unsigned long addr,
770 unsigned long len, unsigned long pgoff, unsigned long flags)
772 struct mm_struct *mm = current->mm;
773 struct vm_area_struct *vma;
780 addr = PAGE_ALIGN(addr);
781 vma = find_vma(mm, addr);
782 if (TASK_SIZE - len >= addr &&
783 (!vma || addr + len <= vma->vm_start))
786 addr = mm->free_area_cache;
788 for (vma = find_vma(mm, addr); ; vma = vma->vm_next) {
789 /* At this point: (!vma || addr < vma->vm_end). */
790 if (TASK_SIZE - len < addr)
793 * Record the first available hole.
795 if (!found_hole && (!vma || addr < vma->vm_start)) {
796 mm->free_area_cache = addr;
799 if (!vma || addr + len <= vma->vm_start)
806 arch_get_unmapped_area(struct file *, unsigned long, unsigned long,
807 unsigned long, unsigned long);
811 get_unmapped_area(struct file *file, unsigned long addr, unsigned long len,
812 unsigned long pgoff, unsigned long flags)
814 if (flags & MAP_FIXED) {
817 if (addr > TASK_SIZE - len)
819 if (addr & ~PAGE_MASK)
821 if (file && is_file_hugepages(file)) {
823 * Make sure that addr and length are properly aligned.
825 ret = is_aligned_hugepage_range(addr, len);
828 * Ensure that a normal request is not falling in a
829 * reserved hugepage range. For some archs like IA-64,
830 * there is a separate region for hugepages.
832 ret = check_valid_hugepage_range(addr, len);
839 if (file && file->f_op && file->f_op->get_unmapped_area)
840 return file->f_op->get_unmapped_area(file, addr, len,
843 return arch_get_unmapped_area(file, addr, len, pgoff, flags);
846 /* Look up the first VMA which satisfies addr < vm_end, NULL if none. */
847 struct vm_area_struct * find_vma(struct mm_struct * mm, unsigned long addr)
849 struct vm_area_struct *vma = NULL;
852 /* Check the cache first. */
853 /* (Cache hit rate is typically around 35%.) */
854 vma = mm->mmap_cache;
855 if (!(vma && vma->vm_end > addr && vma->vm_start <= addr)) {
856 struct rb_node * rb_node;
858 rb_node = mm->mm_rb.rb_node;
862 struct vm_area_struct * vma_tmp;
864 vma_tmp = rb_entry(rb_node,
865 struct vm_area_struct, vm_rb);
867 if (vma_tmp->vm_end > addr) {
869 if (vma_tmp->vm_start <= addr)
871 rb_node = rb_node->rb_left;
873 rb_node = rb_node->rb_right;
876 mm->mmap_cache = vma;
882 /* Same as find_vma, but also return a pointer to the previous VMA in *pprev. */
883 struct vm_area_struct *
884 find_vma_prev(struct mm_struct *mm, unsigned long addr,
885 struct vm_area_struct **pprev)
887 struct vm_area_struct *vma = NULL, *prev = NULL;
888 struct rb_node * rb_node;
892 /* Guard against addr being lower than the first VMA */
895 /* Go through the RB tree quickly. */
896 rb_node = mm->mm_rb.rb_node;
899 struct vm_area_struct *vma_tmp;
900 vma_tmp = rb_entry(rb_node, struct vm_area_struct, vm_rb);
902 if (addr < vma_tmp->vm_end) {
903 rb_node = rb_node->rb_left;
906 if (!prev->vm_next || (addr < prev->vm_next->vm_end))
908 rb_node = rb_node->rb_right;
914 return prev ? prev->vm_next : vma;
917 #ifdef CONFIG_STACK_GROWSUP
919 * vma is the first one with address > vma->vm_end. Have to extend vma.
921 int expand_stack(struct vm_area_struct * vma, unsigned long address)
925 if (!(vma->vm_flags & VM_GROWSUP))
929 * vma->vm_start/vm_end cannot change under us because the caller
930 * is required to hold the mmap_sem in read mode. We need to get
931 * the spinlock only before relocating the vma range ourself.
933 address += 4 + PAGE_SIZE - 1;
934 address &= PAGE_MASK;
935 spin_lock(&vma->vm_mm->page_table_lock);
936 grow = (address - vma->vm_end) >> PAGE_SHIFT;
939 if (!vm_enough_memory(grow)) {
940 spin_unlock(&vma->vm_mm->page_table_lock);
944 if (address - vma->vm_start > current->rlim[RLIMIT_STACK].rlim_cur ||
945 ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) >
946 current->rlim[RLIMIT_AS].rlim_cur) {
947 spin_unlock(&vma->vm_mm->page_table_lock);
948 vm_unacct_memory(grow);
951 vma->vm_end = address;
952 vma->vm_mm->total_vm += grow;
953 if (vma->vm_flags & VM_LOCKED)
954 vma->vm_mm->locked_vm += grow;
955 spin_unlock(&vma->vm_mm->page_table_lock);
959 struct vm_area_struct *
960 find_extend_vma(struct mm_struct *mm, unsigned long addr)
962 struct vm_area_struct *vma, *prev;
965 vma = find_vma_prev(mm, addr, &prev);
966 if (vma && (vma->vm_start <= addr))
968 if (!prev || expand_stack(prev, addr))
970 if (prev->vm_flags & VM_LOCKED) {
971 make_pages_present(addr, prev->vm_end);
977 * vma is the first one with address < vma->vm_start. Have to extend vma.
979 int expand_stack(struct vm_area_struct *vma, unsigned long address)
984 * vma->vm_start/vm_end cannot change under us because the caller
985 * is required to hold the mmap_sem in read mode. We need to get
986 * the spinlock only before relocating the vma range ourself.
988 address &= PAGE_MASK;
989 spin_lock(&vma->vm_mm->page_table_lock);
990 grow = (vma->vm_start - address) >> PAGE_SHIFT;
993 if (!vm_enough_memory(grow)) {
994 spin_unlock(&vma->vm_mm->page_table_lock);
998 if (vma->vm_end - address > current->rlim[RLIMIT_STACK].rlim_cur ||
999 ((vma->vm_mm->total_vm + grow) << PAGE_SHIFT) >
1000 current->rlim[RLIMIT_AS].rlim_cur) {
1001 spin_unlock(&vma->vm_mm->page_table_lock);
1002 vm_unacct_memory(grow);
1005 vma->vm_start = address;
1006 vma->vm_pgoff -= grow;
1007 vma->vm_mm->total_vm += grow;
1008 if (vma->vm_flags & VM_LOCKED)
1009 vma->vm_mm->locked_vm += grow;
1010 spin_unlock(&vma->vm_mm->page_table_lock);
1014 struct vm_area_struct *
1015 find_extend_vma(struct mm_struct * mm, unsigned long addr)
1017 struct vm_area_struct * vma;
1018 unsigned long start;
1021 vma = find_vma(mm,addr);
1024 if (vma->vm_start <= addr)
1026 if (!(vma->vm_flags & VM_GROWSDOWN))
1028 start = vma->vm_start;
1029 if (expand_stack(vma, addr))
1031 if (vma->vm_flags & VM_LOCKED) {
1032 make_pages_present(addr, start);
1039 * Try to free as many page directory entries as we can,
1040 * without having to work very hard at actually scanning
1041 * the page tables themselves.
1043 * Right now we try to free page tables if we have a nice
1044 * PGDIR-aligned area that got free'd up. We could be more
1045 * granular if we want to, but this is fast and simple,
1046 * and covers the bad cases.
1048 * "prev", if it exists, points to a vma before the one
1049 * we just free'd - but there's no telling how much before.
1051 static void free_pgtables(struct mmu_gather *tlb, struct vm_area_struct *prev,
1052 unsigned long start, unsigned long end)
1054 unsigned long first = start & PGDIR_MASK;
1055 unsigned long last = end + PGDIR_SIZE - 1;
1056 unsigned long start_index, end_index;
1057 struct mm_struct *mm = tlb->mm;
1063 if (prev->vm_end > start) {
1064 if (last > prev->vm_start)
1065 last = prev->vm_start;
1070 struct vm_area_struct *next = prev->vm_next;
1073 if (next->vm_start < start) {
1077 if (last > next->vm_start)
1078 last = next->vm_start;
1080 if (prev->vm_end > first)
1081 first = prev->vm_end + PGDIR_SIZE - 1;
1085 if (last < first) /* for arches with discontiguous pgd indices */
1088 * If the PGD bits are not consecutive in the virtual address, the
1089 * old method of shifting the VA >> by PGDIR_SHIFT doesn't work.
1091 start_index = pgd_index(first);
1092 if (start_index < FIRST_USER_PGD_NR)
1093 start_index = FIRST_USER_PGD_NR;
1094 end_index = pgd_index(last);
1095 if (end_index > start_index) {
1096 clear_page_tables(tlb, start_index, end_index - start_index);
1097 flush_tlb_pgtables(mm, first & PGDIR_MASK, last & PGDIR_MASK);
1101 /* Normal function to fix up a mapping
1102 * This function is the default for when an area has no specific
1103 * function. This may be used as part of a more specific routine.
1105 * By the time this function is called, the area struct has been
1106 * removed from the process mapping list.
1108 static void unmap_vma(struct mm_struct *mm, struct vm_area_struct *area)
1110 size_t len = area->vm_end - area->vm_start;
1112 area->vm_mm->total_vm -= len >> PAGE_SHIFT;
1113 if (area->vm_flags & VM_LOCKED)
1114 area->vm_mm->locked_vm -= len >> PAGE_SHIFT;
1116 * Is this a new hole at the lowest possible address?
1118 if (area->vm_start >= TASK_UNMAPPED_BASE &&
1119 area->vm_start < area->vm_mm->free_area_cache)
1120 area->vm_mm->free_area_cache = area->vm_start;
1122 remove_shared_vm_struct(area);
1124 if (area->vm_ops && area->vm_ops->close)
1125 area->vm_ops->close(area);
1127 fput(area->vm_file);
1128 kmem_cache_free(vm_area_cachep, area);
1132 * Update the VMA and inode share lists.
1134 * Ok - we have the memory areas we should free on the 'free' list,
1135 * so release them, and do the vma updates.
1137 static void unmap_vma_list(struct mm_struct *mm,
1138 struct vm_area_struct *mpnt)
1141 struct vm_area_struct *next = mpnt->vm_next;
1142 unmap_vma(mm, mpnt);
1144 } while (mpnt != NULL);
1149 * Get rid of page table information in the indicated region.
1151 * Called with the page table lock held.
1153 static void unmap_region(struct mm_struct *mm,
1154 struct vm_area_struct *vma,
1155 struct vm_area_struct *prev,
1156 unsigned long start,
1159 struct mmu_gather *tlb;
1160 unsigned long nr_accounted = 0;
1163 tlb = tlb_gather_mmu(mm, 0);
1164 unmap_vmas(&tlb, mm, vma, start, end, &nr_accounted);
1165 vm_unacct_memory(nr_accounted);
1166 free_pgtables(tlb, prev, start, end);
1167 tlb_finish_mmu(tlb, start, end);
1171 * Create a list of vma's touched by the unmap, removing them from the mm's
1172 * vma list as we go..
1174 * Called with the page_table_lock held.
1177 detach_vmas_to_be_unmapped(struct mm_struct *mm, struct vm_area_struct *vma,
1178 struct vm_area_struct *prev, unsigned long end)
1180 struct vm_area_struct **insertion_point;
1181 struct vm_area_struct *tail_vma = NULL;
1183 insertion_point = (prev ? &prev->vm_next : &mm->mmap);
1185 rb_erase(&vma->vm_rb, &mm->mm_rb);
1189 } while (vma && vma->vm_start < end);
1190 *insertion_point = vma;
1191 tail_vma->vm_next = NULL;
1192 mm->mmap_cache = NULL; /* Kill the cache. */
1196 * Split a vma into two pieces at address 'addr', a new vma is allocated
1197 * either for the first part or the the tail.
1199 int split_vma(struct mm_struct * mm, struct vm_area_struct * vma,
1200 unsigned long addr, int new_below)
1202 struct vm_area_struct *new;
1204 if (mm->map_count >= MAX_MAP_COUNT)
1207 new = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
1211 /* most fields are the same, copy all, and then fixup */
1214 INIT_LIST_HEAD(&new->shared);
1218 vma->vm_start = addr;
1219 vma->vm_pgoff += ((addr - new->vm_start) >> PAGE_SHIFT);
1222 new->vm_start = addr;
1223 new->vm_pgoff += ((addr - vma->vm_start) >> PAGE_SHIFT);
1227 get_file(new->vm_file);
1229 if (new->vm_ops && new->vm_ops->open)
1230 new->vm_ops->open(new);
1232 insert_vm_struct(mm, new);
1236 /* Munmap is split into 2 main parts -- this part which finds
1237 * what needs doing, and the areas themselves, which do the
1238 * work. This now handles partial unmappings.
1239 * Jeremy Fitzhardinge <jeremy@goop.org>
1241 int do_munmap(struct mm_struct *mm, unsigned long start, size_t len)
1244 struct vm_area_struct *mpnt, *prev, *last;
1246 if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE-start)
1249 if ((len = PAGE_ALIGN(len)) == 0)
1252 /* Find the first overlapping VMA */
1253 mpnt = find_vma_prev(mm, start, &prev);
1256 /* we have start < mpnt->vm_end */
1258 if (is_vm_hugetlb_page(mpnt)) {
1259 int ret = is_aligned_hugepage_range(start, len);
1265 /* if it doesn't overlap, we have nothing.. */
1267 if (mpnt->vm_start >= end)
1270 /* Something will probably happen, so notify. */
1271 if (mpnt->vm_file && (mpnt->vm_flags & VM_EXEC))
1272 profile_exec_unmap(mm);
1275 * If we need to split any vma, do it now to save pain later.
1277 * Note: mremap's move_vma VM_ACCOUNT handling assumes a partially
1278 * unmapped vm_area_struct will remain in use: so lower split_vma
1279 * places tmp vma above, and higher split_vma places tmp vma below.
1281 if (start > mpnt->vm_start) {
1282 if (split_vma(mm, mpnt, start, 0))
1287 /* Does it split the last one? */
1288 last = find_vma(mm, end);
1289 if (last && end > last->vm_start) {
1290 if (split_vma(mm, last, end, 1))
1293 mpnt = prev? prev->vm_next: mm->mmap;
1296 * Remove the vma's, and unmap the actual pages
1298 spin_lock(&mm->page_table_lock);
1299 detach_vmas_to_be_unmapped(mm, mpnt, prev, end);
1300 unmap_region(mm, mpnt, prev, start, end);
1301 spin_unlock(&mm->page_table_lock);
1303 /* Fix up all other VM information */
1304 unmap_vma_list(mm, mpnt);
1309 asmlinkage long sys_munmap(unsigned long addr, size_t len)
1312 struct mm_struct *mm = current->mm;
1314 down_write(&mm->mmap_sem);
1315 ret = do_munmap(mm, addr, len);
1316 up_write(&mm->mmap_sem);
1321 * this is really a simplified "do_mmap". it only handles
1322 * anonymous maps. eventually we may be able to do some
1323 * brk-specific accounting here.
1325 unsigned long do_brk(unsigned long addr, unsigned long len)
1327 struct mm_struct * mm = current->mm;
1328 struct vm_area_struct * vma, * prev;
1329 unsigned long flags;
1330 struct rb_node ** rb_link, * rb_parent;
1332 len = PAGE_ALIGN(len);
1339 if (mm->def_flags & VM_LOCKED) {
1340 unsigned long locked = mm->locked_vm << PAGE_SHIFT;
1342 if (locked > current->rlim[RLIMIT_MEMLOCK].rlim_cur)
1347 * Clear old maps. this also does some error checking for us
1350 vma = find_vma_prepare(mm, addr, &prev, &rb_link, &rb_parent);
1351 if (vma && vma->vm_start < addr + len) {
1352 if (do_munmap(mm, addr, len))
1357 /* Check against address space limits *after* clearing old maps... */
1358 if ((mm->total_vm << PAGE_SHIFT) + len
1359 > current->rlim[RLIMIT_AS].rlim_cur)
1362 if (mm->map_count > MAX_MAP_COUNT)
1365 if (!vm_enough_memory(len >> PAGE_SHIFT))
1368 flags = VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags;
1370 /* Can we just expand an old anonymous mapping? */
1371 if (rb_parent && vma_merge(mm, prev, rb_parent, addr, addr + len,
1376 * create a vma struct for an anonymous mapping
1378 vma = kmem_cache_alloc(vm_area_cachep, SLAB_KERNEL);
1380 vm_unacct_memory(len >> PAGE_SHIFT);
1385 vma->vm_start = addr;
1386 vma->vm_end = addr + len;
1387 vma->vm_flags = flags;
1388 vma->vm_page_prot = protection_map[flags & 0x0f];
1391 vma->vm_file = NULL;
1392 vma->vm_private_data = NULL;
1393 INIT_LIST_HEAD(&vma->shared);
1395 vma_link(mm, vma, prev, rb_link, rb_parent);
1398 mm->total_vm += len >> PAGE_SHIFT;
1399 if (flags & VM_LOCKED) {
1400 mm->locked_vm += len >> PAGE_SHIFT;
1401 make_pages_present(addr, addr + len);
1406 /* Build the RB tree corresponding to the VMA list. */
1407 void build_mmap_rb(struct mm_struct * mm)
1409 struct vm_area_struct * vma;
1410 struct rb_node ** rb_link, * rb_parent;
1412 mm->mm_rb = RB_ROOT;
1413 rb_link = &mm->mm_rb.rb_node;
1415 for (vma = mm->mmap; vma; vma = vma->vm_next) {
1416 __vma_link_rb(mm, vma, rb_link, rb_parent);
1417 rb_parent = &vma->vm_rb;
1418 rb_link = &rb_parent->rb_right;
1422 /* Release all mmaps. */
1423 void exit_mmap(struct mm_struct *mm)
1425 struct mmu_gather *tlb;
1426 struct vm_area_struct *vma;
1427 unsigned long nr_accounted = 0;
1429 profile_exit_mmap(mm);
1433 spin_lock(&mm->page_table_lock);
1435 tlb = tlb_gather_mmu(mm, 1);
1437 /* Use ~0UL here to ensure all VMAs in the mm are unmapped */
1438 mm->map_count -= unmap_vmas(&tlb, mm, mm->mmap, 0,
1439 ~0UL, &nr_accounted);
1440 vm_unacct_memory(nr_accounted);
1441 BUG_ON(mm->map_count); /* This is just debugging */
1442 clear_page_tables(tlb, FIRST_USER_PGD_NR, USER_PTRS_PER_PGD);
1443 tlb_finish_mmu(tlb, 0, MM_VM_SIZE(mm));
1446 mm->mmap = mm->mmap_cache = NULL;
1447 mm->mm_rb = RB_ROOT;
1452 spin_unlock(&mm->page_table_lock);
1455 * Walk the list again, actually closing and freeing it
1456 * without holding any MM locks.
1459 struct vm_area_struct *next = vma->vm_next;
1460 remove_shared_vm_struct(vma);
1462 if (vma->vm_ops->close)
1463 vma->vm_ops->close(vma);
1467 kmem_cache_free(vm_area_cachep, vma);
1472 /* Insert vm structure into process list sorted by address
1473 * and into the inode's i_mmap ring. If vm_file is non-NULL
1474 * then i_shared_sem is taken here.
1476 void insert_vm_struct(struct mm_struct * mm, struct vm_area_struct * vma)
1478 struct vm_area_struct * __vma, * prev;
1479 struct rb_node ** rb_link, * rb_parent;
1481 __vma = find_vma_prepare(mm,vma->vm_start,&prev,&rb_link,&rb_parent);
1482 if (__vma && __vma->vm_start < vma->vm_end)
1484 vma_link(mm, vma, prev, rb_link, rb_parent);
projects / linux-flexiantxendom0-3.2.10.git / blob