mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-09 06:33:34 +00:00
353d5c30c6
2.6.30's commit 8a0bdec194
removed
user_shm_lock() calls in hugetlb_file_setup() but left the
user_shm_unlock call in shm_destroy().
In detail:
Assume that can_do_hugetlb_shm() returns true and hence user_shm_lock()
is not called in hugetlb_file_setup(). However, user_shm_unlock() is
called in any case in shm_destroy() and in the following
atomic_dec_and_lock(&up->__count) in free_uid() is executed and if
up->__count gets zero, also cleanup_user_struct() is scheduled.
Note that sched_destroy_user() is empty if CONFIG_USER_SCHED is not set.
However, the ref counter up->__count gets unexpectedly non-positive and
the corresponding structs are freed even though there are live
references to them, resulting in a kernel oops after a lots of
shmget(SHM_HUGETLB)/shmctl(IPC_RMID) cycles and CONFIG_USER_SCHED set.
Hugh changed Stefan's suggested patch: can_do_hugetlb_shm() at the
time of shm_destroy() may give a different answer from at the time
of hugetlb_file_setup(). And fixed newseg()'s no_id error path,
which has missed user_shm_unlock() ever since it came in 2.6.9.
Reported-by: Stefan Huber <shuber2@gmail.com>
Signed-off-by: Hugh Dickins <hugh.dickins@tiscali.co.uk>
Tested-by: Stefan Huber <shuber2@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
301 lines
8.3 KiB
C
301 lines
8.3 KiB
C
#ifndef _LINUX_HUGETLB_H
|
|
#define _LINUX_HUGETLB_H
|
|
|
|
#include <linux/fs.h>
|
|
|
|
#ifdef CONFIG_HUGETLB_PAGE
|
|
|
|
#include <linux/mempolicy.h>
|
|
#include <linux/shm.h>
|
|
#include <asm/tlbflush.h>
|
|
|
|
struct ctl_table;
|
|
struct user_struct;
|
|
|
|
int PageHuge(struct page *page);
|
|
|
|
static inline int is_vm_hugetlb_page(struct vm_area_struct *vma)
|
|
{
|
|
return vma->vm_flags & VM_HUGETLB;
|
|
}
|
|
|
|
void reset_vma_resv_huge_pages(struct vm_area_struct *vma);
|
|
int hugetlb_sysctl_handler(struct ctl_table *, int, struct file *, void __user *, size_t *, loff_t *);
|
|
int hugetlb_overcommit_handler(struct ctl_table *, int, struct file *, void __user *, size_t *, loff_t *);
|
|
int hugetlb_treat_movable_handler(struct ctl_table *, int, struct file *, void __user *, size_t *, loff_t *);
|
|
int copy_hugetlb_page_range(struct mm_struct *, struct mm_struct *, struct vm_area_struct *);
|
|
int follow_hugetlb_page(struct mm_struct *, struct vm_area_struct *, struct page **, struct vm_area_struct **, unsigned long *, int *, int, int);
|
|
void unmap_hugepage_range(struct vm_area_struct *,
|
|
unsigned long, unsigned long, struct page *);
|
|
void __unmap_hugepage_range(struct vm_area_struct *,
|
|
unsigned long, unsigned long, struct page *);
|
|
int hugetlb_prefault(struct address_space *, struct vm_area_struct *);
|
|
void hugetlb_report_meminfo(struct seq_file *);
|
|
int hugetlb_report_node_meminfo(int, char *);
|
|
unsigned long hugetlb_total_pages(void);
|
|
int hugetlb_fault(struct mm_struct *mm, struct vm_area_struct *vma,
|
|
unsigned long address, unsigned int flags);
|
|
int hugetlb_reserve_pages(struct inode *inode, long from, long to,
|
|
struct vm_area_struct *vma,
|
|
int acctflags);
|
|
void hugetlb_unreserve_pages(struct inode *inode, long offset, long freed);
|
|
|
|
extern unsigned long hugepages_treat_as_movable;
|
|
extern const unsigned long hugetlb_zero, hugetlb_infinity;
|
|
extern int sysctl_hugetlb_shm_group;
|
|
extern struct list_head huge_boot_pages;
|
|
|
|
/* arch callbacks */
|
|
|
|
pte_t *huge_pte_alloc(struct mm_struct *mm,
|
|
unsigned long addr, unsigned long sz);
|
|
pte_t *huge_pte_offset(struct mm_struct *mm, unsigned long addr);
|
|
int huge_pmd_unshare(struct mm_struct *mm, unsigned long *addr, pte_t *ptep);
|
|
struct page *follow_huge_addr(struct mm_struct *mm, unsigned long address,
|
|
int write);
|
|
struct page *follow_huge_pmd(struct mm_struct *mm, unsigned long address,
|
|
pmd_t *pmd, int write);
|
|
struct page *follow_huge_pud(struct mm_struct *mm, unsigned long address,
|
|
pud_t *pud, int write);
|
|
int pmd_huge(pmd_t pmd);
|
|
int pud_huge(pud_t pmd);
|
|
void hugetlb_change_protection(struct vm_area_struct *vma,
|
|
unsigned long address, unsigned long end, pgprot_t newprot);
|
|
|
|
#else /* !CONFIG_HUGETLB_PAGE */
|
|
|
|
static inline int PageHuge(struct page *page)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline int is_vm_hugetlb_page(struct vm_area_struct *vma)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void reset_vma_resv_huge_pages(struct vm_area_struct *vma)
|
|
{
|
|
}
|
|
|
|
static inline unsigned long hugetlb_total_pages(void)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
#define follow_hugetlb_page(m,v,p,vs,a,b,i,w) ({ BUG(); 0; })
|
|
#define follow_huge_addr(mm, addr, write) ERR_PTR(-EINVAL)
|
|
#define copy_hugetlb_page_range(src, dst, vma) ({ BUG(); 0; })
|
|
#define hugetlb_prefault(mapping, vma) ({ BUG(); 0; })
|
|
#define unmap_hugepage_range(vma, start, end, page) BUG()
|
|
static inline void hugetlb_report_meminfo(struct seq_file *m)
|
|
{
|
|
}
|
|
#define hugetlb_report_node_meminfo(n, buf) 0
|
|
#define follow_huge_pmd(mm, addr, pmd, write) NULL
|
|
#define follow_huge_pud(mm, addr, pud, write) NULL
|
|
#define prepare_hugepage_range(file, addr, len) (-EINVAL)
|
|
#define pmd_huge(x) 0
|
|
#define pud_huge(x) 0
|
|
#define is_hugepage_only_range(mm, addr, len) 0
|
|
#define hugetlb_free_pgd_range(tlb, addr, end, floor, ceiling) ({BUG(); 0; })
|
|
#define hugetlb_fault(mm, vma, addr, flags) ({ BUG(); 0; })
|
|
|
|
#define hugetlb_change_protection(vma, address, end, newprot)
|
|
|
|
#ifndef HPAGE_MASK
|
|
#define HPAGE_MASK PAGE_MASK /* Keep the compiler happy */
|
|
#define HPAGE_SIZE PAGE_SIZE
|
|
#endif
|
|
|
|
#endif /* !CONFIG_HUGETLB_PAGE */
|
|
|
|
#ifdef CONFIG_HUGETLBFS
|
|
struct hugetlbfs_config {
|
|
uid_t uid;
|
|
gid_t gid;
|
|
umode_t mode;
|
|
long nr_blocks;
|
|
long nr_inodes;
|
|
struct hstate *hstate;
|
|
};
|
|
|
|
struct hugetlbfs_sb_info {
|
|
long max_blocks; /* blocks allowed */
|
|
long free_blocks; /* blocks free */
|
|
long max_inodes; /* inodes allowed */
|
|
long free_inodes; /* inodes free */
|
|
spinlock_t stat_lock;
|
|
struct hstate *hstate;
|
|
};
|
|
|
|
|
|
struct hugetlbfs_inode_info {
|
|
struct shared_policy policy;
|
|
struct inode vfs_inode;
|
|
};
|
|
|
|
static inline struct hugetlbfs_inode_info *HUGETLBFS_I(struct inode *inode)
|
|
{
|
|
return container_of(inode, struct hugetlbfs_inode_info, vfs_inode);
|
|
}
|
|
|
|
static inline struct hugetlbfs_sb_info *HUGETLBFS_SB(struct super_block *sb)
|
|
{
|
|
return sb->s_fs_info;
|
|
}
|
|
|
|
extern const struct file_operations hugetlbfs_file_operations;
|
|
extern struct vm_operations_struct hugetlb_vm_ops;
|
|
struct file *hugetlb_file_setup(const char *name, size_t size, int acct,
|
|
struct user_struct **user);
|
|
int hugetlb_get_quota(struct address_space *mapping, long delta);
|
|
void hugetlb_put_quota(struct address_space *mapping, long delta);
|
|
|
|
static inline int is_file_hugepages(struct file *file)
|
|
{
|
|
if (file->f_op == &hugetlbfs_file_operations)
|
|
return 1;
|
|
if (is_file_shm_hugepages(file))
|
|
return 1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static inline void set_file_hugepages(struct file *file)
|
|
{
|
|
file->f_op = &hugetlbfs_file_operations;
|
|
}
|
|
#else /* !CONFIG_HUGETLBFS */
|
|
|
|
#define is_file_hugepages(file) 0
|
|
#define set_file_hugepages(file) BUG()
|
|
#define hugetlb_file_setup(name,size,acct,user) ERR_PTR(-ENOSYS)
|
|
|
|
#endif /* !CONFIG_HUGETLBFS */
|
|
|
|
#ifdef HAVE_ARCH_HUGETLB_UNMAPPED_AREA
|
|
unsigned long hugetlb_get_unmapped_area(struct file *file, unsigned long addr,
|
|
unsigned long len, unsigned long pgoff,
|
|
unsigned long flags);
|
|
#endif /* HAVE_ARCH_HUGETLB_UNMAPPED_AREA */
|
|
|
|
#ifdef CONFIG_HUGETLB_PAGE
|
|
|
|
#define HSTATE_NAME_LEN 32
|
|
/* Defines one hugetlb page size */
|
|
struct hstate {
|
|
int hugetlb_next_nid;
|
|
unsigned int order;
|
|
unsigned long mask;
|
|
unsigned long max_huge_pages;
|
|
unsigned long nr_huge_pages;
|
|
unsigned long free_huge_pages;
|
|
unsigned long resv_huge_pages;
|
|
unsigned long surplus_huge_pages;
|
|
unsigned long nr_overcommit_huge_pages;
|
|
struct list_head hugepage_freelists[MAX_NUMNODES];
|
|
unsigned int nr_huge_pages_node[MAX_NUMNODES];
|
|
unsigned int free_huge_pages_node[MAX_NUMNODES];
|
|
unsigned int surplus_huge_pages_node[MAX_NUMNODES];
|
|
char name[HSTATE_NAME_LEN];
|
|
};
|
|
|
|
struct huge_bootmem_page {
|
|
struct list_head list;
|
|
struct hstate *hstate;
|
|
};
|
|
|
|
/* arch callback */
|
|
int __init alloc_bootmem_huge_page(struct hstate *h);
|
|
|
|
void __init hugetlb_add_hstate(unsigned order);
|
|
struct hstate *size_to_hstate(unsigned long size);
|
|
|
|
#ifndef HUGE_MAX_HSTATE
|
|
#define HUGE_MAX_HSTATE 1
|
|
#endif
|
|
|
|
extern struct hstate hstates[HUGE_MAX_HSTATE];
|
|
extern unsigned int default_hstate_idx;
|
|
|
|
#define default_hstate (hstates[default_hstate_idx])
|
|
|
|
static inline struct hstate *hstate_inode(struct inode *i)
|
|
{
|
|
struct hugetlbfs_sb_info *hsb;
|
|
hsb = HUGETLBFS_SB(i->i_sb);
|
|
return hsb->hstate;
|
|
}
|
|
|
|
static inline struct hstate *hstate_file(struct file *f)
|
|
{
|
|
return hstate_inode(f->f_dentry->d_inode);
|
|
}
|
|
|
|
static inline struct hstate *hstate_vma(struct vm_area_struct *vma)
|
|
{
|
|
return hstate_file(vma->vm_file);
|
|
}
|
|
|
|
static inline unsigned long huge_page_size(struct hstate *h)
|
|
{
|
|
return (unsigned long)PAGE_SIZE << h->order;
|
|
}
|
|
|
|
extern unsigned long vma_kernel_pagesize(struct vm_area_struct *vma);
|
|
|
|
extern unsigned long vma_mmu_pagesize(struct vm_area_struct *vma);
|
|
|
|
static inline unsigned long huge_page_mask(struct hstate *h)
|
|
{
|
|
return h->mask;
|
|
}
|
|
|
|
static inline unsigned int huge_page_order(struct hstate *h)
|
|
{
|
|
return h->order;
|
|
}
|
|
|
|
static inline unsigned huge_page_shift(struct hstate *h)
|
|
{
|
|
return h->order + PAGE_SHIFT;
|
|
}
|
|
|
|
static inline unsigned int pages_per_huge_page(struct hstate *h)
|
|
{
|
|
return 1 << h->order;
|
|
}
|
|
|
|
static inline unsigned int blocks_per_huge_page(struct hstate *h)
|
|
{
|
|
return huge_page_size(h) / 512;
|
|
}
|
|
|
|
#include <asm/hugetlb.h>
|
|
|
|
static inline struct hstate *page_hstate(struct page *page)
|
|
{
|
|
return size_to_hstate(PAGE_SIZE << compound_order(page));
|
|
}
|
|
|
|
#else
|
|
struct hstate {};
|
|
#define alloc_bootmem_huge_page(h) NULL
|
|
#define hstate_file(f) NULL
|
|
#define hstate_vma(v) NULL
|
|
#define hstate_inode(i) NULL
|
|
#define huge_page_size(h) PAGE_SIZE
|
|
#define huge_page_mask(h) PAGE_MASK
|
|
#define vma_kernel_pagesize(v) PAGE_SIZE
|
|
#define vma_mmu_pagesize(v) PAGE_SIZE
|
|
#define huge_page_order(h) 0
|
|
#define huge_page_shift(h) PAGE_SHIFT
|
|
static inline unsigned int pages_per_huge_page(struct hstate *h)
|
|
{
|
|
return 1;
|
|
}
|
|
#endif
|
|
|
|
#endif /* _LINUX_HUGETLB_H */
|