Avoid beyond bounds copy while caching ACL
[zen-stable.git] / arch / s390 / mm / gup.c
blob65cb06e2af4eaa0a7b18b2e3b0f5b4b1af8be9d8
1 /*
2 * Lockless get_user_pages_fast for s390
4 * Copyright IBM Corp. 2010
5 * Author(s): Martin Schwidefsky <schwidefsky@de.ibm.com>
6 */
7 #include <linux/sched.h>
8 #include <linux/mm.h>
9 #include <linux/hugetlb.h>
10 #include <linux/vmstat.h>
11 #include <linux/pagemap.h>
12 #include <linux/rwsem.h>
13 #include <asm/pgtable.h>
16 * The performance critical leaf functions are made noinline otherwise gcc
17 * inlines everything into a single function which results in too much
18 * register pressure.
20 static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
21 unsigned long end, int write, struct page **pages, int *nr)
23 unsigned long mask;
24 pte_t *ptep, pte;
25 struct page *page;
27 mask = (write ? _PAGE_RO : 0) | _PAGE_INVALID | _PAGE_SPECIAL;
29 ptep = ((pte_t *) pmd_deref(pmd)) + pte_index(addr);
30 do {
31 pte = *ptep;
32 barrier();
33 if ((pte_val(pte) & mask) != 0)
34 return 0;
35 VM_BUG_ON(!pfn_valid(pte_pfn(pte)));
36 page = pte_page(pte);
37 if (!page_cache_get_speculative(page))
38 return 0;
39 if (unlikely(pte_val(pte) != pte_val(*ptep))) {
40 put_page(page);
41 return 0;
43 pages[*nr] = page;
44 (*nr)++;
46 } while (ptep++, addr += PAGE_SIZE, addr != end);
48 return 1;
51 static inline int gup_huge_pmd(pmd_t *pmdp, pmd_t pmd, unsigned long addr,
52 unsigned long end, int write, struct page **pages, int *nr)
54 unsigned long mask, result;
55 struct page *head, *page, *tail;
56 int refs;
58 result = write ? 0 : _SEGMENT_ENTRY_RO;
59 mask = result | _SEGMENT_ENTRY_INV;
60 if ((pmd_val(pmd) & mask) != result)
61 return 0;
62 VM_BUG_ON(!pfn_valid(pmd_val(pmd) >> PAGE_SHIFT));
64 refs = 0;
65 head = pmd_page(pmd);
66 page = head + ((addr & ~PMD_MASK) >> PAGE_SHIFT);
67 tail = page;
68 do {
69 VM_BUG_ON(compound_head(page) != head);
70 pages[*nr] = page;
71 (*nr)++;
72 page++;
73 refs++;
74 } while (addr += PAGE_SIZE, addr != end);
76 if (!page_cache_add_speculative(head, refs)) {
77 *nr -= refs;
78 return 0;
81 if (unlikely(pmd_val(pmd) != pmd_val(*pmdp))) {
82 *nr -= refs;
83 while (refs--)
84 put_page(head);
85 return 0;
89 * Any tail page need their mapcount reference taken before we
90 * return.
92 while (refs--) {
93 if (PageTail(tail))
94 get_huge_page_tail(tail);
95 tail++;
98 return 1;
102 static inline int gup_pmd_range(pud_t *pudp, pud_t pud, unsigned long addr,
103 unsigned long end, int write, struct page **pages, int *nr)
105 unsigned long next;
106 pmd_t *pmdp, pmd;
108 pmdp = (pmd_t *) pudp;
109 #ifdef CONFIG_64BIT
110 if ((pud_val(pud) & _REGION_ENTRY_TYPE_MASK) == _REGION_ENTRY_TYPE_R3)
111 pmdp = (pmd_t *) pud_deref(pud);
112 pmdp += pmd_index(addr);
113 #endif
114 do {
115 pmd = *pmdp;
116 barrier();
117 next = pmd_addr_end(addr, end);
118 if (pmd_none(pmd))
119 return 0;
120 if (unlikely(pmd_huge(pmd))) {
121 if (!gup_huge_pmd(pmdp, pmd, addr, next,
122 write, pages, nr))
123 return 0;
124 } else if (!gup_pte_range(pmdp, pmd, addr, next,
125 write, pages, nr))
126 return 0;
127 } while (pmdp++, addr = next, addr != end);
129 return 1;
132 static inline int gup_pud_range(pgd_t *pgdp, pgd_t pgd, unsigned long addr,
133 unsigned long end, int write, struct page **pages, int *nr)
135 unsigned long next;
136 pud_t *pudp, pud;
138 pudp = (pud_t *) pgdp;
139 #ifdef CONFIG_64BIT
140 if ((pgd_val(pgd) & _REGION_ENTRY_TYPE_MASK) == _REGION_ENTRY_TYPE_R2)
141 pudp = (pud_t *) pgd_deref(pgd);
142 pudp += pud_index(addr);
143 #endif
144 do {
145 pud = *pudp;
146 barrier();
147 next = pud_addr_end(addr, end);
148 if (pud_none(pud))
149 return 0;
150 if (!gup_pmd_range(pudp, pud, addr, next, write, pages, nr))
151 return 0;
152 } while (pudp++, addr = next, addr != end);
154 return 1;
158 * get_user_pages_fast() - pin user pages in memory
159 * @start: starting user address
160 * @nr_pages: number of pages from start to pin
161 * @write: whether pages will be written to
162 * @pages: array that receives pointers to the pages pinned.
163 * Should be at least nr_pages long.
165 * Attempt to pin user pages in memory without taking mm->mmap_sem.
166 * If not successful, it will fall back to taking the lock and
167 * calling get_user_pages().
169 * Returns number of pages pinned. This may be fewer than the number
170 * requested. If nr_pages is 0 or negative, returns 0. If no pages
171 * were pinned, returns -errno.
173 int get_user_pages_fast(unsigned long start, int nr_pages, int write,
174 struct page **pages)
176 struct mm_struct *mm = current->mm;
177 unsigned long addr, len, end;
178 unsigned long next;
179 pgd_t *pgdp, pgd;
180 int nr = 0;
182 start &= PAGE_MASK;
183 addr = start;
184 len = (unsigned long) nr_pages << PAGE_SHIFT;
185 end = start + len;
186 if (end < start)
187 goto slow_irqon;
190 * local_irq_disable() doesn't prevent pagetable teardown, but does
191 * prevent the pagetables from being freed on s390.
193 * So long as we atomically load page table pointers versus teardown,
194 * we can follow the address down to the the page and take a ref on it.
196 local_irq_disable();
197 pgdp = pgd_offset(mm, addr);
198 do {
199 pgd = *pgdp;
200 barrier();
201 next = pgd_addr_end(addr, end);
202 if (pgd_none(pgd))
203 goto slow;
204 if (!gup_pud_range(pgdp, pgd, addr, next, write, pages, &nr))
205 goto slow;
206 } while (pgdp++, addr = next, addr != end);
207 local_irq_enable();
209 VM_BUG_ON(nr != (end - start) >> PAGE_SHIFT);
210 return nr;
213 int ret;
214 slow:
215 local_irq_enable();
216 slow_irqon:
217 /* Try to get the remaining pages with get_user_pages */
218 start += nr << PAGE_SHIFT;
219 pages += nr;
221 down_read(&mm->mmap_sem);
222 ret = get_user_pages(current, mm, start,
223 (end - start) >> PAGE_SHIFT, write, 0, pages, NULL);
224 up_read(&mm->mmap_sem);
226 /* Have to be a bit careful with return values */
227 if (nr > 0) {
228 if (ret < 0)
229 ret = nr;
230 else
231 ret += nr;
234 return ret;