]> git.ipfire.org Git - thirdparty/kernel/stable.git/blob - drivers/dax/device.c
projects / thirdparty / kernel / stable.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mm/devm_memremap_pages: fix final page put race
[thirdparty/kernel/stable.git] / drivers / dax / device.c
1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright(c) 2016-2018 Intel Corporation. All rights reserved. */
3 #include <linux/memremap.h>
4 #include <linux/pagemap.h>
5 #include <linux/module.h>
6 #include <linux/device.h>
7 #include <linux/pfn_t.h>
8 #include <linux/cdev.h>
9 #include <linux/slab.h>
10 #include <linux/dax.h>
11 #include <linux/fs.h>
12 #include <linux/mm.h>
13 #include <linux/mman.h>
14 #include "dax-private.h"
15 #include "bus.h"
16
17 static struct dev_dax *ref_to_dev_dax(struct percpu_ref *ref)
18 {
19 return container_of(ref, struct dev_dax, ref);
20 }
21
22 static void dev_dax_percpu_release(struct percpu_ref *ref)
23 {
24 struct dev_dax *dev_dax = ref_to_dev_dax(ref);
25
26 dev_dbg(&dev_dax->dev, "%s\n", __func__);
27 complete(&dev_dax->cmp);
28 }
29
30 static void dev_dax_percpu_exit(struct percpu_ref *ref)
31 {
32 struct dev_dax *dev_dax = ref_to_dev_dax(ref);
33
34 dev_dbg(&dev_dax->dev, "%s\n", __func__);
35 wait_for_completion(&dev_dax->cmp);
36 percpu_ref_exit(ref);
37 }
38
39 static void dev_dax_percpu_kill(struct percpu_ref *data)
40 {
41 struct percpu_ref *ref = data;
42 struct dev_dax *dev_dax = ref_to_dev_dax(ref);
43
44 dev_dbg(&dev_dax->dev, "%s\n", __func__);
45 percpu_ref_kill(ref);
46 }
47
48 static int check_vma(struct dev_dax *dev_dax, struct vm_area_struct *vma,
49 const char *func)
50 {
51 struct dax_region *dax_region = dev_dax->region;
52 struct device *dev = &dev_dax->dev;
53 unsigned long mask;
54
55 if (!dax_alive(dev_dax->dax_dev))
56 return -ENXIO;
57
58 /* prevent private mappings from being established */
59 if ((vma->vm_flags & VM_MAYSHARE) != VM_MAYSHARE) {
60 dev_info_ratelimited(dev,
61 "%s: %s: fail, attempted private mapping\n",
62 current->comm, func);
63 return -EINVAL;
64 }
65
66 mask = dax_region->align - 1;
67 if (vma->vm_start & mask || vma->vm_end & mask) {
68 dev_info_ratelimited(dev,
69 "%s: %s: fail, unaligned vma (%#lx - %#lx, %#lx)\n",
70 current->comm, func, vma->vm_start, vma->vm_end,
71 mask);
72 return -EINVAL;
73 }
74
75 if ((dax_region->pfn_flags & (PFN_DEV|PFN_MAP)) == PFN_DEV
76 && (vma->vm_flags & VM_DONTCOPY) == 0) {
77 dev_info_ratelimited(dev,
78 "%s: %s: fail, dax range requires MADV_DONTFORK\n",
79 current->comm, func);
80 return -EINVAL;
81 }
82
83 if (!vma_is_dax(vma)) {
84 dev_info_ratelimited(dev,
85 "%s: %s: fail, vma is not DAX capable\n",
86 current->comm, func);
87 return -EINVAL;
88 }
89
90 return 0;
91 }
92
93 /* see "strong" declaration in tools/testing/nvdimm/dax-dev.c */
94 __weak phys_addr_t dax_pgoff_to_phys(struct dev_dax *dev_dax, pgoff_t pgoff,
95 unsigned long size)
96 {
97 struct resource *res = &dev_dax->region->res;
98 phys_addr_t phys;
99
100 phys = pgoff * PAGE_SIZE + res->start;
101 if (phys >= res->start && phys <= res->end) {
102 if (phys + size - 1 <= res->end)
103 return phys;
104 }
105
106 return -1;
107 }
108
109 static vm_fault_t __dev_dax_pte_fault(struct dev_dax *dev_dax,
110 struct vm_fault *vmf, pfn_t *pfn)
111 {
112 struct device *dev = &dev_dax->dev;
113 struct dax_region *dax_region;
114 phys_addr_t phys;
115 unsigned int fault_size = PAGE_SIZE;
116
117 if (check_vma(dev_dax, vmf->vma, __func__))
118 return VM_FAULT_SIGBUS;
119
120 dax_region = dev_dax->region;
121 if (dax_region->align > PAGE_SIZE) {
122 dev_dbg(dev, "alignment (%#x) > fault size (%#x)\n",
123 dax_region->align, fault_size);
124 return VM_FAULT_SIGBUS;
125 }
126
127 if (fault_size != dax_region->align)
128 return VM_FAULT_SIGBUS;
129
130 phys = dax_pgoff_to_phys(dev_dax, vmf->pgoff, PAGE_SIZE);
131 if (phys == -1) {
132 dev_dbg(dev, "pgoff_to_phys(%#lx) failed\n", vmf->pgoff);
133 return VM_FAULT_SIGBUS;
134 }
135
136 *pfn = phys_to_pfn_t(phys, dax_region->pfn_flags);
137
138 return vmf_insert_mixed(vmf->vma, vmf->address, *pfn);
139 }
140
141 static vm_fault_t __dev_dax_pmd_fault(struct dev_dax *dev_dax,
142 struct vm_fault *vmf, pfn_t *pfn)
143 {
144 unsigned long pmd_addr = vmf->address & PMD_MASK;
145 struct device *dev = &dev_dax->dev;
146 struct dax_region *dax_region;
147 phys_addr_t phys;
148 pgoff_t pgoff;
149 unsigned int fault_size = PMD_SIZE;
150
151 if (check_vma(dev_dax, vmf->vma, __func__))
152 return VM_FAULT_SIGBUS;
153
154 dax_region = dev_dax->region;
155 if (dax_region->align > PMD_SIZE) {
156 dev_dbg(dev, "alignment (%#x) > fault size (%#x)\n",
157 dax_region->align, fault_size);
158 return VM_FAULT_SIGBUS;
159 }
160
161 /* dax pmd mappings require pfn_t_devmap() */
162 if ((dax_region->pfn_flags & (PFN_DEV|PFN_MAP)) != (PFN_DEV|PFN_MAP)) {
163 dev_dbg(dev, "region lacks devmap flags\n");
164 return VM_FAULT_SIGBUS;
165 }
166
167 if (fault_size < dax_region->align)
168 return VM_FAULT_SIGBUS;
169 else if (fault_size > dax_region->align)
170 return VM_FAULT_FALLBACK;
171
172 /* if we are outside of the VMA */
173 if (pmd_addr < vmf->vma->vm_start ||
174 (pmd_addr + PMD_SIZE) > vmf->vma->vm_end)
175 return VM_FAULT_SIGBUS;
176
177 pgoff = linear_page_index(vmf->vma, pmd_addr);
178 phys = dax_pgoff_to_phys(dev_dax, pgoff, PMD_SIZE);
179 if (phys == -1) {
180 dev_dbg(dev, "pgoff_to_phys(%#lx) failed\n", pgoff);
181 return VM_FAULT_SIGBUS;
182 }
183
184 *pfn = phys_to_pfn_t(phys, dax_region->pfn_flags);
185
186 return vmf_insert_pfn_pmd(vmf, *pfn, vmf->flags & FAULT_FLAG_WRITE);
187 }
188
189 #ifdef CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD
190 static vm_fault_t __dev_dax_pud_fault(struct dev_dax *dev_dax,
191 struct vm_fault *vmf, pfn_t *pfn)
192 {
193 unsigned long pud_addr = vmf->address & PUD_MASK;
194 struct device *dev = &dev_dax->dev;
195 struct dax_region *dax_region;
196 phys_addr_t phys;
197 pgoff_t pgoff;
198 unsigned int fault_size = PUD_SIZE;
199
200
201 if (check_vma(dev_dax, vmf->vma, __func__))
202 return VM_FAULT_SIGBUS;
203
204 dax_region = dev_dax->region;
205 if (dax_region->align > PUD_SIZE) {
206 dev_dbg(dev, "alignment (%#x) > fault size (%#x)\n",
207 dax_region->align, fault_size);
208 return VM_FAULT_SIGBUS;
209 }
210
211 /* dax pud mappings require pfn_t_devmap() */
212 if ((dax_region->pfn_flags & (PFN_DEV|PFN_MAP)) != (PFN_DEV|PFN_MAP)) {
213 dev_dbg(dev, "region lacks devmap flags\n");
214 return VM_FAULT_SIGBUS;
215 }
216
217 if (fault_size < dax_region->align)
218 return VM_FAULT_SIGBUS;
219 else if (fault_size > dax_region->align)
220 return VM_FAULT_FALLBACK;
221
222 /* if we are outside of the VMA */
223 if (pud_addr < vmf->vma->vm_start ||
224 (pud_addr + PUD_SIZE) > vmf->vma->vm_end)
225 return VM_FAULT_SIGBUS;
226
227 pgoff = linear_page_index(vmf->vma, pud_addr);
228 phys = dax_pgoff_to_phys(dev_dax, pgoff, PUD_SIZE);
229 if (phys == -1) {
230 dev_dbg(dev, "pgoff_to_phys(%#lx) failed\n", pgoff);
231 return VM_FAULT_SIGBUS;
232 }
233
234 *pfn = phys_to_pfn_t(phys, dax_region->pfn_flags);
235
236 return vmf_insert_pfn_pud(vmf, *pfn, vmf->flags & FAULT_FLAG_WRITE);
237 }
238 #else
239 static vm_fault_t __dev_dax_pud_fault(struct dev_dax *dev_dax,
240 struct vm_fault *vmf, pfn_t *pfn)
241 {
242 return VM_FAULT_FALLBACK;
243 }
244 #endif /* !CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD */
245
246 static vm_fault_t dev_dax_huge_fault(struct vm_fault *vmf,
247 enum page_entry_size pe_size)
248 {
249 struct file *filp = vmf->vma->vm_file;
250 unsigned long fault_size;
251 vm_fault_t rc = VM_FAULT_SIGBUS;
252 int id;
253 pfn_t pfn;
254 struct dev_dax *dev_dax = filp->private_data;
255
256 dev_dbg(&dev_dax->dev, "%s: %s (%#lx - %#lx) size = %d\n", current->comm,
257 (vmf->flags & FAULT_FLAG_WRITE) ? "write" : "read",
258 vmf->vma->vm_start, vmf->vma->vm_end, pe_size);
259
260 id = dax_read_lock();
261 switch (pe_size) {
262 case PE_SIZE_PTE:
263 fault_size = PAGE_SIZE;
264 rc = __dev_dax_pte_fault(dev_dax, vmf, &pfn);
265 break;
266 case PE_SIZE_PMD:
267 fault_size = PMD_SIZE;
268 rc = __dev_dax_pmd_fault(dev_dax, vmf, &pfn);
269 break;
270 case PE_SIZE_PUD:
271 fault_size = PUD_SIZE;
272 rc = __dev_dax_pud_fault(dev_dax, vmf, &pfn);
273 break;
274 default:
275 rc = VM_FAULT_SIGBUS;
276 }
277
278 if (rc == VM_FAULT_NOPAGE) {
279 unsigned long i;
280 pgoff_t pgoff;
281
282 /*
283 * In the device-dax case the only possibility for a
284 * VM_FAULT_NOPAGE result is when device-dax capacity is
285 * mapped. No need to consider the zero page, or racing
286 * conflicting mappings.
287 */
288 pgoff = linear_page_index(vmf->vma, vmf->address
289 & ~(fault_size - 1));
290 for (i = 0; i < fault_size / PAGE_SIZE; i++) {
291 struct page *page;
292
293 page = pfn_to_page(pfn_t_to_pfn(pfn) + i);
294 if (page->mapping)
295 continue;
296 page->mapping = filp->f_mapping;
297 page->index = pgoff + i;
298 }
299 }
300 dax_read_unlock(id);
301
302 return rc;
303 }
304
305 static vm_fault_t dev_dax_fault(struct vm_fault *vmf)
306 {
307 return dev_dax_huge_fault(vmf, PE_SIZE_PTE);
308 }
309
310 static int dev_dax_split(struct vm_area_struct *vma, unsigned long addr)
311 {
312 struct file *filp = vma->vm_file;
313 struct dev_dax *dev_dax = filp->private_data;
314 struct dax_region *dax_region = dev_dax->region;
315
316 if (!IS_ALIGNED(addr, dax_region->align))
317 return -EINVAL;
318 return 0;
319 }
320
321 static unsigned long dev_dax_pagesize(struct vm_area_struct *vma)
322 {
323 struct file *filp = vma->vm_file;
324 struct dev_dax *dev_dax = filp->private_data;
325 struct dax_region *dax_region = dev_dax->region;
326
327 return dax_region->align;
328 }
329
330 static const struct vm_operations_struct dax_vm_ops = {
331 .fault = dev_dax_fault,
332 .huge_fault = dev_dax_huge_fault,
333 .split = dev_dax_split,
334 .pagesize = dev_dax_pagesize,
335 };
336
337 static int dax_mmap(struct file *filp, struct vm_area_struct *vma)
338 {
339 struct dev_dax *dev_dax = filp->private_data;
340 int rc, id;
341
342 dev_dbg(&dev_dax->dev, "trace\n");
343
344 /*
345 * We lock to check dax_dev liveness and will re-check at
346 * fault time.
347 */
348 id = dax_read_lock();
349 rc = check_vma(dev_dax, vma, __func__);
350 dax_read_unlock(id);
351 if (rc)
352 return rc;
353
354 vma->vm_ops = &dax_vm_ops;
355 vma->vm_flags |= VM_HUGEPAGE;
356 return 0;
357 }
358
359 /* return an unmapped area aligned to the dax region specified alignment */
360 static unsigned long dax_get_unmapped_area(struct file *filp,
361 unsigned long addr, unsigned long len, unsigned long pgoff,
362 unsigned long flags)
363 {
364 unsigned long off, off_end, off_align, len_align, addr_align, align;
365 struct dev_dax *dev_dax = filp ? filp->private_data : NULL;
366 struct dax_region *dax_region;
367
368 if (!dev_dax || addr)
369 goto out;
370
371 dax_region = dev_dax->region;
372 align = dax_region->align;
373 off = pgoff << PAGE_SHIFT;
374 off_end = off + len;
375 off_align = round_up(off, align);
376
377 if ((off_end <= off_align) || ((off_end - off_align) < align))
378 goto out;
379
380 len_align = len + align;
381 if ((off + len_align) < off)
382 goto out;
383
384 addr_align = current->mm->get_unmapped_area(filp, addr, len_align,
385 pgoff, flags);
386 if (!IS_ERR_VALUE(addr_align)) {
387 addr_align += (off - addr_align) & (align - 1);
388 return addr_align;
389 }
390 out:
391 return current->mm->get_unmapped_area(filp, addr, len, pgoff, flags);
392 }
393
394 static const struct address_space_operations dev_dax_aops = {
395 .set_page_dirty = noop_set_page_dirty,
396 .invalidatepage = noop_invalidatepage,
397 };
398
399 static int dax_open(struct inode *inode, struct file *filp)
400 {
401 struct dax_device *dax_dev = inode_dax(inode);
402 struct inode *__dax_inode = dax_inode(dax_dev);
403 struct dev_dax *dev_dax = dax_get_private(dax_dev);
404
405 dev_dbg(&dev_dax->dev, "trace\n");
406 inode->i_mapping = __dax_inode->i_mapping;
407 inode->i_mapping->host = __dax_inode;
408 inode->i_mapping->a_ops = &dev_dax_aops;
409 filp->f_mapping = inode->i_mapping;
410 filp->f_wb_err = filemap_sample_wb_err(filp->f_mapping);
411 filp->private_data = dev_dax;
412 inode->i_flags = S_DAX;
413
414 return 0;
415 }
416
417 static int dax_release(struct inode *inode, struct file *filp)
418 {
419 struct dev_dax *dev_dax = filp->private_data;
420
421 dev_dbg(&dev_dax->dev, "trace\n");
422 return 0;
423 }
424
425 static const struct file_operations dax_fops = {
426 .llseek = noop_llseek,
427 .owner = THIS_MODULE,
428 .open = dax_open,
429 .release = dax_release,
430 .get_unmapped_area = dax_get_unmapped_area,
431 .mmap = dax_mmap,
432 .mmap_supported_flags = MAP_SYNC,
433 };
434
435 static void dev_dax_cdev_del(void *cdev)
436 {
437 cdev_del(cdev);
438 }
439
440 static void dev_dax_kill(void *dev_dax)
441 {
442 kill_dev_dax(dev_dax);
443 }
444
445 int dev_dax_probe(struct device *dev)
446 {
447 struct dev_dax *dev_dax = to_dev_dax(dev);
448 struct dax_device *dax_dev = dev_dax->dax_dev;
449 struct resource *res = &dev_dax->region->res;
450 struct inode *inode;
451 struct cdev *cdev;
452 void *addr;
453 int rc;
454
455 /* 1:1 map region resource range to device-dax instance range */
456 if (!devm_request_mem_region(dev, res->start, resource_size(res),
457 dev_name(dev))) {
458 dev_warn(dev, "could not reserve region %pR\n", res);
459 return -EBUSY;
460 }
461
462 init_completion(&dev_dax->cmp);
463 rc = percpu_ref_init(&dev_dax->ref, dev_dax_percpu_release, 0,
464 GFP_KERNEL);
465 if (rc)
466 return rc;
467
468 dev_dax->pgmap.ref = &dev_dax->ref;
469 dev_dax->pgmap.kill = dev_dax_percpu_kill;
470 dev_dax->pgmap.cleanup = dev_dax_percpu_exit;
471 addr = devm_memremap_pages(dev, &dev_dax->pgmap);
472 if (IS_ERR(addr))
473 return PTR_ERR(addr);
474
475 inode = dax_inode(dax_dev);
476 cdev = inode->i_cdev;
477 cdev_init(cdev, &dax_fops);
478 if (dev->class) {
479 /* for the CONFIG_DEV_DAX_PMEM_COMPAT case */
480 cdev->owner = dev->parent->driver->owner;
481 } else
482 cdev->owner = dev->driver->owner;
483 cdev_set_parent(cdev, &dev->kobj);
484 rc = cdev_add(cdev, dev->devt, 1);
485 if (rc)
486 return rc;
487
488 rc = devm_add_action_or_reset(dev, dev_dax_cdev_del, cdev);
489 if (rc)
490 return rc;
491
492 run_dax(dax_dev);
493 return devm_add_action_or_reset(dev, dev_dax_kill, dev_dax);
494 }
495 EXPORT_SYMBOL_GPL(dev_dax_probe);
496
497 static int dev_dax_remove(struct device *dev)
498 {
499 /* all probe actions are unwound by devm */
500 return 0;
501 }
502
503 static struct dax_device_driver device_dax_driver = {
504 .drv = {
505 .probe = dev_dax_probe,
506 .remove = dev_dax_remove,
507 },
508 .match_always = 1,
509 };
510
511 static int __init dax_init(void)
512 {
513 return dax_driver_register(&device_dax_driver);
514 }
515
516 static void __exit dax_exit(void)
517 {
518 dax_driver_unregister(&device_dax_driver);
519 }
520
521 MODULE_AUTHOR("Intel Corporation");
522 MODULE_LICENSE("GPL v2");
523 module_init(dax_init);
524 module_exit(dax_exit);
525 MODULE_ALIAS_DAX_DEVICE(0);
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git