Kernel

Kernel Git Source Tree

Root/mm/swapfile.c

1	/*
2	* linux/mm/swapfile.c
3	*
4	* Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds
5	* Swap reorganised 29.12.95, Stephen Tweedie
6	*/
7
8	#include <linux/mm.h>
9	#include <linux/hugetlb.h>
10	#include <linux/mman.h>
11	#include <linux/slab.h>
12	#include <linux/kernel_stat.h>
13	#include <linux/swap.h>
14	#include <linux/vmalloc.h>
15	#include <linux/pagemap.h>
16	#include <linux/namei.h>
17	#include <linux/shmem_fs.h>
18	#include <linux/blkdev.h>
19	#include <linux/random.h>
20	#include <linux/writeback.h>
21	#include <linux/proc_fs.h>
22	#include <linux/seq_file.h>
23	#include <linux/init.h>
24	#include <linux/ksm.h>
25	#include <linux/rmap.h>
26	#include <linux/security.h>
27	#include <linux/backing-dev.h>
28	#include <linux/mutex.h>
29	#include <linux/capability.h>
30	#include <linux/syscalls.h>
31	#include <linux/memcontrol.h>
32	#include <linux/poll.h>
33	#include <linux/oom.h>
34	#include <linux/frontswap.h>
35	#include <linux/swapfile.h>
36	#include <linux/export.h>
37
38	#include <asm/pgtable.h>
39	#include <asm/tlbflush.h>
40	#include <linux/swapops.h>
41	#include <linux/page_cgroup.h>
42
43	static bool swap_count_continued(struct swap_info_struct *, pgoff_t,
44	unsigned char);
45	static void free_swap_count_continuations(struct swap_info_struct *);
46	static sector_t map_swap_entry(swp_entry_t, struct block_device**);
47
48	DEFINE_SPINLOCK(swap_lock);
49	static unsigned int nr_swapfiles;
50	atomic_long_t nr_swap_pages;
51	/* protected with swap_lock. reading in vm_swap_full() doesn't need lock */
52	long total_swap_pages;
53	static int least_priority;
54	static atomic_t highest_priority_index = ATOMIC_INIT(-1);
55
56	static const char Bad_file[] = "Bad swap file entry ";
57	static const char Unused_file[] = "Unused swap file entry ";
58	static const char Bad_offset[] = "Bad swap offset entry ";
59	static const char Unused_offset[] = "Unused swap offset entry ";
60
61	struct swap_list_t swap_list = {-1, -1};
62
63	struct swap_info_struct *swap_info[MAX_SWAPFILES];
64
65	static DEFINE_MUTEX(swapon_mutex);
66
67	static DECLARE_WAIT_QUEUE_HEAD(proc_poll_wait);
68	/* Activity counter to indicate that a swapon or swapoff has occurred */
69	static atomic_t proc_poll_event = ATOMIC_INIT(0);
70
71	static inline unsigned char swap_count(unsigned char ent)
72	{
73	return ent & ~SWAP_HAS_CACHE; /* may include SWAP_HAS_CONT flag */
74	}
75
76	/* returns 1 if swap entry is freed */
77	static int
78	__try_to_reclaim_swap(struct swap_info_struct *si, unsigned long offset)
79	{
80	swp_entry_t entry = swp_entry(si->type, offset);
81	struct page *page;
82	int ret = 0;
83
84	page = find_get_page(swap_address_space(entry), entry.val);
85	if (!page)
86	return 0;
87	/*
88	* This function is called from scan_swap_map() and it's called
89	* by vmscan.c at reclaiming pages. So, we hold a lock on a page, here.
90	* We have to use trylock for avoiding deadlock. This is a special
91	* case and you should use try_to_free_swap() with explicit lock_page()
92	* in usual operations.
93	*/
94	if (trylock_page(page)) {
95	ret = try_to_free_swap(page);
96	unlock_page(page);
97	}
98	page_cache_release(page);
99	return ret;
100	}
101
102	/*
103	* swapon tell device that all the old swap contents can be discarded,
104	* to allow the swap device to optimize its wear-levelling.
105	*/
106	static int discard_swap(struct swap_info_struct *si)
107	{
108	struct swap_extent *se;
109	sector_t start_block;
110	sector_t nr_blocks;
111	int err = 0;
112
113	/* Do not discard the swap header page! */
114	se = &si->first_swap_extent;
115	start_block = (se->start_block + 1) << (PAGE_SHIFT - 9);
116	nr_blocks = ((sector_t)se->nr_pages - 1) << (PAGE_SHIFT - 9);
117	if (nr_blocks) {
118	err = blkdev_issue_discard(si->bdev, start_block,
119	nr_blocks, GFP_KERNEL, 0);
120	if (err)
121	return err;
122	cond_resched();
123	}
124
125	list_for_each_entry(se, &si->first_swap_extent.list, list) {
126	start_block = se->start_block << (PAGE_SHIFT - 9);
127	nr_blocks = (sector_t)se->nr_pages << (PAGE_SHIFT - 9);
128
129	err = blkdev_issue_discard(si->bdev, start_block,
130	nr_blocks, GFP_KERNEL, 0);
131	if (err)
132	break;
133
134	cond_resched();
135	}
136	return err; /* That will often be -EOPNOTSUPP */
137	}
138
139	/*
140	* swap allocation tell device that a cluster of swap can now be discarded,
141	* to allow the swap device to optimize its wear-levelling.
142	*/
143	static void discard_swap_cluster(struct swap_info_struct *si,
144	pgoff_t start_page, pgoff_t nr_pages)
145	{
146	struct swap_extent *se = si->curr_swap_extent;
147	int found_extent = 0;
148
149	while (nr_pages) {
150	struct list_head *lh;
151
152	if (se->start_page <= start_page &&
153	start_page < se->start_page + se->nr_pages) {
154	pgoff_t offset = start_page - se->start_page;
155	sector_t start_block = se->start_block + offset;
156	sector_t nr_blocks = se->nr_pages - offset;
157
158	if (nr_blocks > nr_pages)
159	nr_blocks = nr_pages;
160	start_page += nr_blocks;
161	nr_pages -= nr_blocks;
162
163	if (!found_extent++)
164	si->curr_swap_extent = se;
165
166	start_block <<= PAGE_SHIFT - 9;
167	nr_blocks <<= PAGE_SHIFT - 9;
168	if (blkdev_issue_discard(si->bdev, start_block,
169	nr_blocks, GFP_NOIO, 0))
170	break;
171	}
172
173	lh = se->list.next;
174	se = list_entry(lh, struct swap_extent, list);
175	}
176	}
177
178	#define SWAPFILE_CLUSTER 256
179	#define LATENCY_LIMIT 256
180
181	static inline void cluster_set_flag(struct swap_cluster_info *info,
182	unsigned int flag)
183	{
184	info->flags = flag;
185	}
186
187	static inline unsigned int cluster_count(struct swap_cluster_info *info)
188	{
189	return info->data;
190	}
191
192	static inline void cluster_set_count(struct swap_cluster_info *info,
193	unsigned int c)
194	{
195	info->data = c;
196	}
197
198	static inline void cluster_set_count_flag(struct swap_cluster_info *info,
199	unsigned int c, unsigned int f)
200	{
201	info->flags = f;
202	info->data = c;
203	}
204
205	static inline unsigned int cluster_next(struct swap_cluster_info *info)
206	{
207	return info->data;
208	}
209
210	static inline void cluster_set_next(struct swap_cluster_info *info,
211	unsigned int n)
212	{
213	info->data = n;
214	}
215
216	static inline void cluster_set_next_flag(struct swap_cluster_info *info,
217	unsigned int n, unsigned int f)
218	{
219	info->flags = f;
220	info->data = n;
221	}
222
223	static inline bool cluster_is_free(struct swap_cluster_info *info)
224	{
225	return info->flags & CLUSTER_FLAG_FREE;
226	}
227
228	static inline bool cluster_is_null(struct swap_cluster_info *info)
229	{
230	return info->flags & CLUSTER_FLAG_NEXT_NULL;
231	}
232
233	static inline void cluster_set_null(struct swap_cluster_info *info)
234	{
235	info->flags = CLUSTER_FLAG_NEXT_NULL;
236	info->data = 0;
237	}
238
239	/* Add a cluster to discard list and schedule it to do discard */
240	static void swap_cluster_schedule_discard(struct swap_info_struct *si,
241	unsigned int idx)
242	{
243	/*
244	* If scan_swap_map() can't find a free cluster, it will check
245	* si->swap_map directly. To make sure the discarding cluster isn't
246	* taken by scan_swap_map(), mark the swap entries bad (occupied). It
247	* will be cleared after discard
248	*/
249	memset(si->swap_map + idx * SWAPFILE_CLUSTER,
250	SWAP_MAP_BAD, SWAPFILE_CLUSTER);
251
252	if (cluster_is_null(&si->discard_cluster_head)) {
253	cluster_set_next_flag(&si->discard_cluster_head,
254	idx, 0);
255	cluster_set_next_flag(&si->discard_cluster_tail,
256	idx, 0);
257	} else {
258	unsigned int tail = cluster_next(&si->discard_cluster_tail);
259	cluster_set_next(&si->cluster_info[tail], idx);
260	cluster_set_next_flag(&si->discard_cluster_tail,
261	idx, 0);
262	}
263
264	schedule_work(&si->discard_work);
265	}
266
267	/*
268	* Doing discard actually. After a cluster discard is finished, the cluster
269	* will be added to free cluster list. caller should hold si->lock.
270	*/
271	static void swap_do_scheduled_discard(struct swap_info_struct *si)
272	{
273	struct swap_cluster_info *info;
274	unsigned int idx;
275
276	info = si->cluster_info;
277
278	while (!cluster_is_null(&si->discard_cluster_head)) {
279	idx = cluster_next(&si->discard_cluster_head);
280
281	cluster_set_next_flag(&si->discard_cluster_head,
282	cluster_next(&info[idx]), 0);
283	if (cluster_next(&si->discard_cluster_tail) == idx) {
284	cluster_set_null(&si->discard_cluster_head);
285	cluster_set_null(&si->discard_cluster_tail);
286	}
287	spin_unlock(&si->lock);
288
289	discard_swap_cluster(si, idx * SWAPFILE_CLUSTER,
290	SWAPFILE_CLUSTER);
291
292	spin_lock(&si->lock);
293	cluster_set_flag(&info[idx], CLUSTER_FLAG_FREE);
294	if (cluster_is_null(&si->free_cluster_head)) {
295	cluster_set_next_flag(&si->free_cluster_head,
296	idx, 0);
297	cluster_set_next_flag(&si->free_cluster_tail,
298	idx, 0);
299	} else {
300	unsigned int tail;
301
302	tail = cluster_next(&si->free_cluster_tail);
303	cluster_set_next(&info[tail], idx);
304	cluster_set_next_flag(&si->free_cluster_tail,
305	idx, 0);
306	}
307	memset(si->swap_map + idx * SWAPFILE_CLUSTER,
308	0, SWAPFILE_CLUSTER);
309	}
310	}
311
312	static void swap_discard_work(struct work_struct *work)
313	{
314	struct swap_info_struct *si;
315
316	si = container_of(work, struct swap_info_struct, discard_work);
317
318	spin_lock(&si->lock);
319	swap_do_scheduled_discard(si);
320	spin_unlock(&si->lock);
321	}
322
323	/*
324	* The cluster corresponding to page_nr will be used. The cluster will be
325	* removed from free cluster list and its usage counter will be increased.
326	*/
327	static void inc_cluster_info_page(struct swap_info_struct *p,
328	struct swap_cluster_info *cluster_info, unsigned long page_nr)
329	{
330	unsigned long idx = page_nr / SWAPFILE_CLUSTER;
331
332	if (!cluster_info)
333	return;
334	if (cluster_is_free(&cluster_info[idx])) {
335	VM_BUG_ON(cluster_next(&p->free_cluster_head) != idx);
336	cluster_set_next_flag(&p->free_cluster_head,
337	cluster_next(&cluster_info[idx]), 0);
338	if (cluster_next(&p->free_cluster_tail) == idx) {
339	cluster_set_null(&p->free_cluster_tail);
340	cluster_set_null(&p->free_cluster_head);
341	}
342	cluster_set_count_flag(&cluster_info[idx], 0, 0);
343	}
344
345	VM_BUG_ON(cluster_count(&cluster_info[idx]) >= SWAPFILE_CLUSTER);
346	cluster_set_count(&cluster_info[idx],
347	cluster_count(&cluster_info[idx]) + 1);
348	}
349
350	/*
351	* The cluster corresponding to page_nr decreases one usage. If the usage
352	* counter becomes 0, which means no page in the cluster is in using, we can
353	* optionally discard the cluster and add it to free cluster list.
354	*/
355	static void dec_cluster_info_page(struct swap_info_struct *p,
356	struct swap_cluster_info *cluster_info, unsigned long page_nr)
357	{
358	unsigned long idx = page_nr / SWAPFILE_CLUSTER;
359
360	if (!cluster_info)
361	return;
362
363	VM_BUG_ON(cluster_count(&cluster_info[idx]) == 0);
364	cluster_set_count(&cluster_info[idx],
365	cluster_count(&cluster_info[idx]) - 1);
366
367	if (cluster_count(&cluster_info[idx]) == 0) {
368	/*
369	* If the swap is discardable, prepare discard the cluster
370	* instead of free it immediately. The cluster will be freed
371	* after discard.
372	*/
373	if ((p->flags & (SWP_WRITEOK \| SWP_PAGE_DISCARD)) ==
374	(SWP_WRITEOK \| SWP_PAGE_DISCARD)) {
375	swap_cluster_schedule_discard(p, idx);
376	return;
377	}
378
379	cluster_set_flag(&cluster_info[idx], CLUSTER_FLAG_FREE);
380	if (cluster_is_null(&p->free_cluster_head)) {
381	cluster_set_next_flag(&p->free_cluster_head, idx, 0);
382	cluster_set_next_flag(&p->free_cluster_tail, idx, 0);
383	} else {
384	unsigned int tail = cluster_next(&p->free_cluster_tail);
385	cluster_set_next(&cluster_info[tail], idx);
386	cluster_set_next_flag(&p->free_cluster_tail, idx, 0);
387	}
388	}
389	}
390
391	/*
392	* It's possible scan_swap_map() uses a free cluster in the middle of free
393	* cluster list. Avoiding such abuse to avoid list corruption.
394	*/
395	static bool
396	scan_swap_map_ssd_cluster_conflict(struct swap_info_struct *si,
397	unsigned long offset)
398	{
399	struct percpu_cluster *percpu_cluster;
400	bool conflict;
401
402	offset /= SWAPFILE_CLUSTER;
403	conflict = !cluster_is_null(&si->free_cluster_head) &&
404	offset != cluster_next(&si->free_cluster_head) &&
405	cluster_is_free(&si->cluster_info[offset]);
406
407	if (!conflict)
408	return false;
409
410	percpu_cluster = this_cpu_ptr(si->percpu_cluster);
411	cluster_set_null(&percpu_cluster->index);
412	return true;
413	}
414
415	/*
416	* Try to get a swap entry from current cpu's swap entry pool (a cluster). This
417	* might involve allocating a new cluster for current CPU too.
418	*/
419	static void scan_swap_map_try_ssd_cluster(struct swap_info_struct *si,
420	unsigned long offset, unsigned long scan_base)
421	{
422	struct percpu_cluster *cluster;
423	bool found_free;
424	unsigned long tmp;
425
426	new_cluster:
427	cluster = this_cpu_ptr(si->percpu_cluster);
428	if (cluster_is_null(&cluster->index)) {
429	if (!cluster_is_null(&si->free_cluster_head)) {
430	cluster->index = si->free_cluster_head;
431	cluster->next = cluster_next(&cluster->index) *
432	SWAPFILE_CLUSTER;
433	} else if (!cluster_is_null(&si->discard_cluster_head)) {
434	/*
435	* we don't have free cluster but have some clusters in
436	* discarding, do discard now and reclaim them
437	*/
438	swap_do_scheduled_discard(si);
439	scan_base = offset = si->cluster_next;
440	goto new_cluster;
441	} else
442	return;
443	}
444
445	found_free = false;
446
447	/*
448	* Other CPUs can use our cluster if they can't find a free cluster,
449	* check if there is still free entry in the cluster
450	*/
451	tmp = cluster->next;
452	while (tmp < si->max && tmp < (cluster_next(&cluster->index) + 1) *
453	SWAPFILE_CLUSTER) {
454	if (!si->swap_map[tmp]) {
455	found_free = true;
456	break;
457	}
458	tmp++;
459	}
460	if (!found_free) {
461	cluster_set_null(&cluster->index);
462	goto new_cluster;
463	}
464	cluster->next = tmp + 1;
465	*offset = tmp;
466	*scan_base = tmp;
467	}
468
469	static unsigned long scan_swap_map(struct swap_info_struct *si,
470	unsigned char usage)
471	{
472	unsigned long offset;
473	unsigned long scan_base;
474	unsigned long last_in_cluster = 0;
475	int latency_ration = LATENCY_LIMIT;
476
477	/*
478	* We try to cluster swap pages by allocating them sequentially
479	* in swap. Once we've allocated SWAPFILE_CLUSTER pages this
480	* way, however, we resort to first-free allocation, starting
481	* a new cluster. This prevents us from scattering swap pages
482	* all over the entire swap partition, so that we reduce
483	* overall disk seek times between swap pages. -- sct
484	* But we do now try to find an empty cluster. -Andrea
485	* And we let swap pages go all over an SSD partition. Hugh
486	*/
487
488	si->flags += SWP_SCANNING;
489	scan_base = offset = si->cluster_next;
490
491	/* SSD algorithm */
492	if (si->cluster_info) {
493	scan_swap_map_try_ssd_cluster(si, &offset, &scan_base);
494	goto checks;
495	}
496
497	if (unlikely(!si->cluster_nr--)) {
498	if (si->pages - si->inuse_pages < SWAPFILE_CLUSTER) {
499	si->cluster_nr = SWAPFILE_CLUSTER - 1;
500	goto checks;
501	}
502
503	spin_unlock(&si->lock);
504
505	/*
506	* If seek is expensive, start searching for new cluster from
507	* start of partition, to minimize the span of allocated swap.
508	* But if seek is cheap, search from our current position, so
509	* that swap is allocated from all over the partition: if the
510	* Flash Translation Layer only remaps within limited zones,
511	* we don't want to wear out the first zone too quickly.
512	*/
513	if (!(si->flags & SWP_SOLIDSTATE))
514	scan_base = offset = si->lowest_bit;
515	last_in_cluster = offset + SWAPFILE_CLUSTER - 1;
516
517	/* Locate the first empty (unaligned) cluster */
518	for (; last_in_cluster <= si->highest_bit; offset++) {
519	if (si->swap_map[offset])
520	last_in_cluster = offset + SWAPFILE_CLUSTER;
521	else if (offset == last_in_cluster) {
522	spin_lock(&si->lock);
523	offset -= SWAPFILE_CLUSTER - 1;
524	si->cluster_next = offset;
525	si->cluster_nr = SWAPFILE_CLUSTER - 1;
526	goto checks;
527	}
528	if (unlikely(--latency_ration < 0)) {
529	cond_resched();
530	latency_ration = LATENCY_LIMIT;
531	}
532	}
533
534	offset = si->lowest_bit;
535	last_in_cluster = offset + SWAPFILE_CLUSTER - 1;
536
537	/* Locate the first empty (unaligned) cluster */
538	for (; last_in_cluster < scan_base; offset++) {
539	if (si->swap_map[offset])
540	last_in_cluster = offset + SWAPFILE_CLUSTER;
541	else if (offset == last_in_cluster) {
542	spin_lock(&si->lock);
543	offset -= SWAPFILE_CLUSTER - 1;
544	si->cluster_next = offset;
545	si->cluster_nr = SWAPFILE_CLUSTER - 1;
546	goto checks;
547	}
548	if (unlikely(--latency_ration < 0)) {
549	cond_resched();
550	latency_ration = LATENCY_LIMIT;
551	}
552	}
553
554	offset = scan_base;
555	spin_lock(&si->lock);
556	si->cluster_nr = SWAPFILE_CLUSTER - 1;
557	}
558
559	checks:
560	if (si->cluster_info) {
561	while (scan_swap_map_ssd_cluster_conflict(si, offset))
562	scan_swap_map_try_ssd_cluster(si, &offset, &scan_base);
563	}
564	if (!(si->flags & SWP_WRITEOK))
565	goto no_page;
566	if (!si->highest_bit)
567	goto no_page;
568	if (offset > si->highest_bit)
569	scan_base = offset = si->lowest_bit;
570
571	/* reuse swap entry of cache-only swap if not busy. */
572	if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
573	int swap_was_freed;
574	spin_unlock(&si->lock);
575	swap_was_freed = __try_to_reclaim_swap(si, offset);
576	spin_lock(&si->lock);
577	/* entry was freed successfully, try to use this again */
578	if (swap_was_freed)
579	goto checks;
580	goto scan; /* check next one */
581	}
582
583	if (si->swap_map[offset])
584	goto scan;
585
586	if (offset == si->lowest_bit)
587	si->lowest_bit++;
588	if (offset == si->highest_bit)
589	si->highest_bit--;
590	si->inuse_pages++;
591	if (si->inuse_pages == si->pages) {
592	si->lowest_bit = si->max;
593	si->highest_bit = 0;
594	}
595	si->swap_map[offset] = usage;
596	inc_cluster_info_page(si, si->cluster_info, offset);
597	si->cluster_next = offset + 1;
598	si->flags -= SWP_SCANNING;
599
600	return offset;
601
602	scan:
603	spin_unlock(&si->lock);
604	while (++offset <= si->highest_bit) {
605	if (!si->swap_map[offset]) {
606	spin_lock(&si->lock);
607	goto checks;
608	}
609	if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
610	spin_lock(&si->lock);
611	goto checks;
612	}
613	if (unlikely(--latency_ration < 0)) {
614	cond_resched();
615	latency_ration = LATENCY_LIMIT;
616	}
617	}
618	offset = si->lowest_bit;
619	while (++offset < scan_base) {
620	if (!si->swap_map[offset]) {
621	spin_lock(&si->lock);
622	goto checks;
623	}
624	if (vm_swap_full() && si->swap_map[offset] == SWAP_HAS_CACHE) {
625	spin_lock(&si->lock);
626	goto checks;
627	}
628	if (unlikely(--latency_ration < 0)) {
629	cond_resched();
630	latency_ration = LATENCY_LIMIT;
631	}
632	}
633	spin_lock(&si->lock);
634
635	no_page:
636	si->flags -= SWP_SCANNING;
637	return 0;
638	}
639
640	swp_entry_t get_swap_page(void)
641	{
642	struct swap_info_struct *si;
643	pgoff_t offset;
644	int type, next;
645	int wrapped = 0;
646	int hp_index;
647
648	spin_lock(&swap_lock);
649	if (atomic_long_read(&nr_swap_pages) <= 0)
650	goto noswap;
651	atomic_long_dec(&nr_swap_pages);
652
653	for (type = swap_list.next; type >= 0 && wrapped < 2; type = next) {
654	hp_index = atomic_xchg(&highest_priority_index, -1);
655	/*
656	* highest_priority_index records current highest priority swap
657	* type which just frees swap entries. If its priority is
658	* higher than that of swap_list.next swap type, we use it. It
659	* isn't protected by swap_lock, so it can be an invalid value
660	* if the corresponding swap type is swapoff. We double check
661	* the flags here. It's even possible the swap type is swapoff
662	* and swapon again and its priority is changed. In such rare
663	* case, low prority swap type might be used, but eventually
664	* high priority swap will be used after several rounds of
665	* swap.
666	*/
667	if (hp_index != -1 && hp_index != type &&
668	swap_info[type]->prio < swap_info[hp_index]->prio &&
669	(swap_info[hp_index]->flags & SWP_WRITEOK)) {
670	type = hp_index;
671	swap_list.next = type;
672	}
673
674	si = swap_info[type];
675	next = si->next;
676	if (next < 0 \|\|
677	(!wrapped && si->prio != swap_info[next]->prio)) {
678	next = swap_list.head;
679	wrapped++;
680	}
681
682	spin_lock(&si->lock);
683	if (!si->highest_bit) {
684	spin_unlock(&si->lock);
685	continue;
686	}
687	if (!(si->flags & SWP_WRITEOK)) {
688	spin_unlock(&si->lock);
689	continue;
690	}
691
692	swap_list.next = next;
693
694	spin_unlock(&swap_lock);
695	/* This is called for allocating swap entry for cache */
696	offset = scan_swap_map(si, SWAP_HAS_CACHE);
697	spin_unlock(&si->lock);
698	if (offset)
699	return swp_entry(type, offset);
700	spin_lock(&swap_lock);
701	next = swap_list.next;
702	}
703
704	atomic_long_inc(&nr_swap_pages);
705	noswap:
706	spin_unlock(&swap_lock);
707	return (swp_entry_t) {0};
708	}
709
710	/* The only caller of this function is now susupend routine */
711	swp_entry_t get_swap_page_of_type(int type)
712	{
713	struct swap_info_struct *si;
714	pgoff_t offset;
715
716	si = swap_info[type];
717	spin_lock(&si->lock);
718	if (si && (si->flags & SWP_WRITEOK)) {
719	atomic_long_dec(&nr_swap_pages);
720	/* This is called for allocating swap entry, not cache */
721	offset = scan_swap_map(si, 1);
722	if (offset) {
723	spin_unlock(&si->lock);
724	return swp_entry(type, offset);
725	}
726	atomic_long_inc(&nr_swap_pages);
727	}
728	spin_unlock(&si->lock);
729	return (swp_entry_t) {0};
730	}
731
732	static struct swap_info_struct *swap_info_get(swp_entry_t entry)
733	{
734	struct swap_info_struct *p;
735	unsigned long offset, type;
736
737	if (!entry.val)
738	goto out;
739	type = swp_type(entry);
740	if (type >= nr_swapfiles)
741	goto bad_nofile;
742	p = swap_info[type];
743	if (!(p->flags & SWP_USED))
744	goto bad_device;
745	offset = swp_offset(entry);
746	if (offset >= p->max)
747	goto bad_offset;
748	if (!p->swap_map[offset])
749	goto bad_free;
750	spin_lock(&p->lock);
751	return p;
752
753	bad_free:
754	pr_err("swap_free: %s%08lx\n", Unused_offset, entry.val);
755	goto out;
756	bad_offset:
757	pr_err("swap_free: %s%08lx\n", Bad_offset, entry.val);
758	goto out;
759	bad_device:
760	pr_err("swap_free: %s%08lx\n", Unused_file, entry.val);
761	goto out;
762	bad_nofile:
763	pr_err("swap_free: %s%08lx\n", Bad_file, entry.val);
764	out:
765	return NULL;
766	}
767
768	/*
769	* This swap type frees swap entry, check if it is the highest priority swap
770	* type which just frees swap entry. get_swap_page() uses
771	* highest_priority_index to search highest priority swap type. The
772	* swap_info_struct.lock can't protect us if there are multiple swap types
773	* active, so we use atomic_cmpxchg.
774	*/
775	static void set_highest_priority_index(int type)
776	{
777	int old_hp_index, new_hp_index;
778
779	do {
780	old_hp_index = atomic_read(&highest_priority_index);
781	if (old_hp_index != -1 &&
782	swap_info[old_hp_index]->prio >= swap_info[type]->prio)
783	break;
784	new_hp_index = type;
785	} while (atomic_cmpxchg(&highest_priority_index,
786	old_hp_index, new_hp_index) != old_hp_index);
787	}
788
789	static unsigned char swap_entry_free(struct swap_info_struct *p,
790	swp_entry_t entry, unsigned char usage)
791	{
792	unsigned long offset = swp_offset(entry);
793	unsigned char count;
794	unsigned char has_cache;
795
796	count = p->swap_map[offset];
797	has_cache = count & SWAP_HAS_CACHE;
798	count &= ~SWAP_HAS_CACHE;
799
800	if (usage == SWAP_HAS_CACHE) {
801	VM_BUG_ON(!has_cache);
802	has_cache = 0;
803	} else if (count == SWAP_MAP_SHMEM) {
804	/*
805	* Or we could insist on shmem.c using a special
806	* swap_shmem_free() and free_shmem_swap_and_cache()...
807	*/
808	count = 0;
809	} else if ((count & ~COUNT_CONTINUED) <= SWAP_MAP_MAX) {
810	if (count == COUNT_CONTINUED) {
811	if (swap_count_continued(p, offset, count))
812	count = SWAP_MAP_MAX \| COUNT_CONTINUED;
813	else
814	count = SWAP_MAP_MAX;
815	} else
816	count--;
817	}
818
819	if (!count)
820	mem_cgroup_uncharge_swap(entry);
821
822	usage = count \| has_cache;
823	p->swap_map[offset] = usage;
824
825	/* free if no reference */
826	if (!usage) {
827	dec_cluster_info_page(p, p->cluster_info, offset);
828	if (offset < p->lowest_bit)
829	p->lowest_bit = offset;
830	if (offset > p->highest_bit)
831	p->highest_bit = offset;
832	set_highest_priority_index(p->type);
833	atomic_long_inc(&nr_swap_pages);
834	p->inuse_pages--;
835	frontswap_invalidate_page(p->type, offset);
836	if (p->flags & SWP_BLKDEV) {
837	struct gendisk *disk = p->bdev->bd_disk;
838	if (disk->fops->swap_slot_free_notify)
839	disk->fops->swap_slot_free_notify(p->bdev,
840	offset);
841	}
842	}
843
844	return usage;
845	}
846
847	/*
848	* Caller has made sure that the swapdevice corresponding to entry
849	* is still around or has not been recycled.
850	*/
851	void swap_free(swp_entry_t entry)
852	{
853	struct swap_info_struct *p;
854
855	p = swap_info_get(entry);
856	if (p) {
857	swap_entry_free(p, entry, 1);
858	spin_unlock(&p->lock);
859	}
860	}
861
862	/*
863	* Called after dropping swapcache to decrease refcnt to swap entries.
864	*/
865	void swapcache_free(swp_entry_t entry, struct page *page)
866	{
867	struct swap_info_struct *p;
868	unsigned char count;
869
870	p = swap_info_get(entry);
871	if (p) {
872	count = swap_entry_free(p, entry, SWAP_HAS_CACHE);
873	if (page)
874	mem_cgroup_uncharge_swapcache(page, entry, count != 0);
875	spin_unlock(&p->lock);
876	}
877	}
878
879	/*
880	* How many references to page are currently swapped out?
881	* This does not give an exact answer when swap count is continued,
882	* but does include the high COUNT_CONTINUED flag to allow for that.
883	*/
884	int page_swapcount(struct page *page)
885	{
886	int count = 0;
887	struct swap_info_struct *p;
888	swp_entry_t entry;
889
890	entry.val = page_private(page);
891	p = swap_info_get(entry);
892	if (p) {
893	count = swap_count(p->swap_map[swp_offset(entry)]);
894	spin_unlock(&p->lock);
895	}
896	return count;
897	}
898
899	/*
900	* We can write to an anon page without COW if there are no other references
901	* to it. And as a side-effect, free up its swap: because the old content
902	* on disk will never be read, and seeking back there to write new content
903	* later would only waste time away from clustering.
904	*/
905	int reuse_swap_page(struct page *page)
906	{
907	int count;
908
909	VM_BUG_ON(!PageLocked(page));
910	if (unlikely(PageKsm(page)))
911	return 0;
912	count = page_mapcount(page);
913	if (count <= 1 && PageSwapCache(page)) {
914	count += page_swapcount(page);
915	if (count == 1 && !PageWriteback(page)) {
916	delete_from_swap_cache(page);
917	SetPageDirty(page);
918	}
919	}
920	return count <= 1;
921	}
922
923	/*
924	* If swap is getting full, or if there are no more mappings of this page,
925	* then try_to_free_swap is called to free its swap space.
926	*/
927	int try_to_free_swap(struct page *page)
928	{
929	VM_BUG_ON(!PageLocked(page));
930
931	if (!PageSwapCache(page))
932	return 0;
933	if (PageWriteback(page))
934	return 0;
935	if (page_swapcount(page))
936	return 0;
937
938	/*
939	* Once hibernation has begun to create its image of memory,
940	* there's a danger that one of the calls to try_to_free_swap()
941	* - most probably a call from __try_to_reclaim_swap() while
942	* hibernation is allocating its own swap pages for the image,
943	* but conceivably even a call from memory reclaim - will free
944	* the swap from a page which has already been recorded in the
945	* image as a clean swapcache page, and then reuse its swap for
946	* another page of the image. On waking from hibernation, the
947	* original page might be freed under memory pressure, then
948	* later read back in from swap, now with the wrong data.
949	*
950	* Hibration suspends storage while it is writing the image
951	* to disk so check that here.
952	*/
953	if (pm_suspended_storage())
954	return 0;
955
956	delete_from_swap_cache(page);
957	SetPageDirty(page);
958	return 1;
959	}
960
961	/*
962	* Free the swap entry like above, but also try to
963	* free the page cache entry if it is the last user.
964	*/
965	int free_swap_and_cache(swp_entry_t entry)
966	{
967	struct swap_info_struct *p;
968	struct page *page = NULL;
969
970	if (non_swap_entry(entry))
971	return 1;
972
973	p = swap_info_get(entry);
974	if (p) {
975	if (swap_entry_free(p, entry, 1) == SWAP_HAS_CACHE) {
976	page = find_get_page(swap_address_space(entry),
977	entry.val);
978	if (page && !trylock_page(page)) {
979	page_cache_release(page);
980	page = NULL;
981	}
982	}
983	spin_unlock(&p->lock);
984	}
985	if (page) {
986	/*
987	* Not mapped elsewhere, or swap space full? Free it!
988	* Also recheck PageSwapCache now page is locked (above).
989	*/
990	if (PageSwapCache(page) && !PageWriteback(page) &&
991	(!page_mapped(page) \|\| vm_swap_full())) {
992	delete_from_swap_cache(page);
993	SetPageDirty(page);
994	}
995	unlock_page(page);
996	page_cache_release(page);
997	}
998	return p != NULL;
999	}
1000
1001	#ifdef CONFIG_HIBERNATION
1002	/*
1003	* Find the swap type that corresponds to given device (if any).
1004	*
1005	* @offset - number of the PAGE_SIZE-sized block of the device, starting
1006	* from 0, in which the swap header is expected to be located.
1007	*
1008	* This is needed for the suspend to disk (aka swsusp).
1009	*/
1010	int swap_type_of(dev_t device, sector_t offset, struct block_device **bdev_p)
1011	{
1012	struct block_device *bdev = NULL;
1013	int type;
1014
1015	if (device)
1016	bdev = bdget(device);
1017
1018	spin_lock(&swap_lock);
1019	for (type = 0; type < nr_swapfiles; type++) {
1020	struct swap_info_struct *sis = swap_info[type];
1021
1022	if (!(sis->flags & SWP_WRITEOK))
1023	continue;
1024
1025	if (!bdev) {
1026	if (bdev_p)
1027	*bdev_p = bdgrab(sis->bdev);
1028
1029	spin_unlock(&swap_lock);
1030	return type;
1031	}
1032	if (bdev == sis->bdev) {
1033	struct swap_extent *se = &sis->first_swap_extent;
1034
1035	if (se->start_block == offset) {
1036	if (bdev_p)
1037	*bdev_p = bdgrab(sis->bdev);
1038
1039	spin_unlock(&swap_lock);
1040	bdput(bdev);
1041	return type;
1042	}
1043	}
1044	}
1045	spin_unlock(&swap_lock);
1046	if (bdev)
1047	bdput(bdev);
1048
1049	return -ENODEV;
1050	}
1051
1052	/*
1053	* Get the (PAGE_SIZE) block corresponding to given offset on the swapdev
1054	* corresponding to given index in swap_info (swap type).
1055	*/
1056	sector_t swapdev_block(int type, pgoff_t offset)
1057	{
1058	struct block_device *bdev;
1059
1060	if ((unsigned int)type >= nr_swapfiles)
1061	return 0;
1062	if (!(swap_info[type]->flags & SWP_WRITEOK))
1063	return 0;
1064	return map_swap_entry(swp_entry(type, offset), &bdev);
1065	}
1066
1067	/*
1068	* Return either the total number of swap pages of given type, or the number
1069	* of free pages of that type (depending on @free)
1070	*
1071	* This is needed for software suspend
1072	*/
1073	unsigned int count_swap_pages(int type, int free)
1074	{
1075	unsigned int n = 0;
1076
1077	spin_lock(&swap_lock);
1078	if ((unsigned int)type < nr_swapfiles) {
1079	struct swap_info_struct *sis = swap_info[type];
1080
1081	spin_lock(&sis->lock);
1082	if (sis->flags & SWP_WRITEOK) {
1083	n = sis->pages;
1084	if (free)
1085	n -= sis->inuse_pages;
1086	}
1087	spin_unlock(&sis->lock);
1088	}
1089	spin_unlock(&swap_lock);
1090	return n;
1091	}
1092	#endif /* CONFIG_HIBERNATION */
1093
1094	static inline int maybe_same_pte(pte_t pte, pte_t swp_pte)
1095	{
1096	#ifdef CONFIG_MEM_SOFT_DIRTY
1097	/*
1098	* When pte keeps soft dirty bit the pte generated
1099	* from swap entry does not has it, still it's same
1100	* pte from logical point of view.
1101	*/
1102	pte_t swp_pte_dirty = pte_swp_mksoft_dirty(swp_pte);
1103	return pte_same(pte, swp_pte) \|\| pte_same(pte, swp_pte_dirty);
1104	#else
1105	return pte_same(pte, swp_pte);
1106	#endif
1107	}
1108
1109	/*
1110	* No need to decide whether this PTE shares the swap entry with others,
1111	* just let do_wp_page work it out if a write is requested later - to
1112	* force COW, vm_page_prot omits write permission from any private vma.
1113	*/
1114	static int unuse_pte(struct vm_area_struct vma, pmd_t pmd,
1115	unsigned long addr, swp_entry_t entry, struct page *page)
1116	{
1117	struct page *swapcache;
1118	struct mem_cgroup *memcg;
1119	spinlock_t *ptl;
1120	pte_t *pte;
1121	int ret = 1;
1122
1123	swapcache = page;
1124	page = ksm_might_need_to_copy(page, vma, addr);
1125	if (unlikely(!page))
1126	return -ENOMEM;
1127
1128	if (mem_cgroup_try_charge_swapin(vma->vm_mm, page,
1129	GFP_KERNEL, &memcg)) {
1130	ret = -ENOMEM;
1131	goto out_nolock;
1132	}
1133
1134	pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl);
1135	if (unlikely(!maybe_same_pte(*pte, swp_entry_to_pte(entry)))) {
1136	mem_cgroup_cancel_charge_swapin(memcg);
1137	ret = 0;
1138	goto out;
1139	}
1140
1141	dec_mm_counter(vma->vm_mm, MM_SWAPENTS);
1142	inc_mm_counter(vma->vm_mm, MM_ANONPAGES);
1143	get_page(page);
1144	set_pte_at(vma->vm_mm, addr, pte,
1145	pte_mkold(mk_pte(page, vma->vm_page_prot)));
1146	if (page == swapcache)
1147	page_add_anon_rmap(page, vma, addr);
1148	else /* ksm created a completely new copy */
1149	page_add_new_anon_rmap(page, vma, addr);
1150	mem_cgroup_commit_charge_swapin(page, memcg);
1151	swap_free(entry);
1152	/*
1153	* Move the page to the active list so it is not
1154	* immediately swapped out again after swapon.
1155	*/
1156	activate_page(page);
1157	out:
1158	pte_unmap_unlock(pte, ptl);
1159	out_nolock:
1160	if (page != swapcache) {
1161	unlock_page(page);
1162	put_page(page);
1163	}
1164	return ret;
1165	}
1166
1167	static int unuse_pte_range(struct vm_area_struct vma, pmd_t pmd,
1168	unsigned long addr, unsigned long end,
1169	swp_entry_t entry, struct page *page)
1170	{
1171	pte_t swp_pte = swp_entry_to_pte(entry);
1172	pte_t *pte;
1173	int ret = 0;
1174
1175	/*
1176	* We don't actually need pte lock while scanning for swp_pte: since
1177	* we hold page lock and mmap_sem, swp_pte cannot be inserted into the
1178	* page table while we're scanning; though it could get zapped, and on
1179	* some architectures (e.g. x86_32 with PAE) we might catch a glimpse
1180	* of unmatched parts which look like swp_pte, so unuse_pte must
1181	* recheck under pte lock. Scanning without pte lock lets it be
1182	* preemptible whenever CONFIG_PREEMPT but not CONFIG_HIGHPTE.
1183	*/
1184	pte = pte_offset_map(pmd, addr);
1185	do {
1186	/*
1187	* swapoff spends a _lot_ of time in this loop!
1188	* Test inline before going to call unuse_pte.
1189	*/
1190	if (unlikely(maybe_same_pte(*pte, swp_pte))) {
1191	pte_unmap(pte);
1192	ret = unuse_pte(vma, pmd, addr, entry, page);
1193	if (ret)
1194	goto out;
1195	pte = pte_offset_map(pmd, addr);
1196	}
1197	} while (pte++, addr += PAGE_SIZE, addr != end);
1198	pte_unmap(pte - 1);
1199	out:
1200	return ret;
1201	}
1202
1203	static inline int unuse_pmd_range(struct vm_area_struct vma, pud_t pud,
1204	unsigned long addr, unsigned long end,
1205	swp_entry_t entry, struct page *page)
1206	{
1207	pmd_t *pmd;
1208	unsigned long next;
1209	int ret;
1210
1211	pmd = pmd_offset(pud, addr);
1212	do {
1213	next = pmd_addr_end(addr, end);
1214	if (pmd_none_or_trans_huge_or_clear_bad(pmd))
1215	continue;
1216	ret = unuse_pte_range(vma, pmd, addr, next, entry, page);
1217	if (ret)
1218	return ret;
1219	} while (pmd++, addr = next, addr != end);
1220	return 0;
1221	}
1222
1223	static inline int unuse_pud_range(struct vm_area_struct vma, pgd_t pgd,
1224	unsigned long addr, unsigned long end,
1225	swp_entry_t entry, struct page *page)
1226	{
1227	pud_t *pud;
1228	unsigned long next;
1229	int ret;
1230
1231	pud = pud_offset(pgd, addr);
1232	do {
1233	next = pud_addr_end(addr, end);
1234	if (pud_none_or_clear_bad(pud))
1235	continue;
1236	ret = unuse_pmd_range(vma, pud, addr, next, entry, page);
1237	if (ret)
1238	return ret;
1239	} while (pud++, addr = next, addr != end);
1240	return 0;
1241	}
1242
1243	static int unuse_vma(struct vm_area_struct *vma,
1244	swp_entry_t entry, struct page *page)
1245	{
1246	pgd_t *pgd;
1247	unsigned long addr, end, next;
1248	int ret;
1249
1250	if (page_anon_vma(page)) {
1251	addr = page_address_in_vma(page, vma);
1252	if (addr == -EFAULT)
1253	return 0;
1254	else
1255	end = addr + PAGE_SIZE;
1256	} else {
1257	addr = vma->vm_start;
1258	end = vma->vm_end;
1259	}
1260
1261	pgd = pgd_offset(vma->vm_mm, addr);
1262	do {
1263	next = pgd_addr_end(addr, end);
1264	if (pgd_none_or_clear_bad(pgd))
1265	continue;
1266	ret = unuse_pud_range(vma, pgd, addr, next, entry, page);
1267	if (ret)
1268	return ret;
1269	} while (pgd++, addr = next, addr != end);
1270	return 0;
1271	}
1272
1273	static int unuse_mm(struct mm_struct *mm,
1274	swp_entry_t entry, struct page *page)
1275	{
1276	struct vm_area_struct *vma;
1277	int ret = 0;
1278
1279	if (!down_read_trylock(&mm->mmap_sem)) {
1280	/*
1281	* Activate page so shrink_inactive_list is unlikely to unmap
1282	* its ptes while lock is dropped, so swapoff can make progress.
1283	*/
1284	activate_page(page);
1285	unlock_page(page);
1286	down_read(&mm->mmap_sem);
1287	lock_page(page);
1288	}
1289	for (vma = mm->mmap; vma; vma = vma->vm_next) {
1290	if (vma->anon_vma && (ret = unuse_vma(vma, entry, page)))
1291	break;
1292	}
1293	up_read(&mm->mmap_sem);
1294	return (ret < 0)? ret: 0;
1295	}
1296
1297	/*
1298	* Scan swap_map (or frontswap_map if frontswap parameter is true)
1299	* from current position to next entry still in use.
1300	* Recycle to start on reaching the end, returning 0 when empty.
1301	*/
1302	static unsigned int find_next_to_unuse(struct swap_info_struct *si,
1303	unsigned int prev, bool frontswap)
1304	{
1305	unsigned int max = si->max;
1306	unsigned int i = prev;
1307	unsigned char count;
1308
1309	/*
1310	* No need for swap_lock here: we're just looking
1311	* for whether an entry is in use, not modifying it; false
1312	* hits are okay, and sys_swapoff() has already prevented new
1313	* allocations from this area (while holding swap_lock).
1314	*/
1315	for (;;) {
1316	if (++i >= max) {
1317	if (!prev) {
1318	i = 0;
1319	break;
1320	}
1321	/*
1322	* No entries in use at top of swap_map,
1323	* loop back to start and recheck there.
1324	*/
1325	max = prev + 1;
1326	prev = 0;
1327	i = 1;
1328	}
1329	if (frontswap) {
1330	if (frontswap_test(si, i))
1331	break;
1332	else
1333	continue;
1334	}
1335	count = ACCESS_ONCE(si->swap_map[i]);
1336	if (count && swap_count(count) != SWAP_MAP_BAD)
1337	break;
1338	}
1339	return i;
1340	}
1341
1342	/*
1343	* We completely avoid races by reading each swap page in advance,
1344	* and then search for the process using it. All the necessary
1345	* page table adjustments can then be made atomically.
1346	*
1347	* if the boolean frontswap is true, only unuse pages_to_unuse pages;
1348	* pages_to_unuse==0 means all pages; ignored if frontswap is false
1349	*/
1350	int try_to_unuse(unsigned int type, bool frontswap,
1351	unsigned long pages_to_unuse)
1352	{
1353	struct swap_info_struct *si = swap_info[type];
1354	struct mm_struct *start_mm;
1355	volatile unsigned char swap_map; / swap_map is accessed without
1356	* locking. Mark it as volatile
1357	* to prevent compiler doing
1358	* something odd.
1359	*/
1360	unsigned char swcount;
1361	struct page *page;
1362	swp_entry_t entry;
1363	unsigned int i = 0;
1364	int retval = 0;
1365
1366	/*
1367	* When searching mms for an entry, a good strategy is to
1368	* start at the first mm we freed the previous entry from
1369	* (though actually we don't notice whether we or coincidence
1370	* freed the entry). Initialize this start_mm with a hold.
1371	*
1372	* A simpler strategy would be to start at the last mm we
1373	* freed the previous entry from; but that would take less
1374	* advantage of mmlist ordering, which clusters forked mms
1375	* together, child after parent. If we race with dup_mmap(), we
1376	* prefer to resolve parent before child, lest we miss entries
1377	* duplicated after we scanned child: using last mm would invert
1378	* that.
1379	*/
1380	start_mm = &init_mm;
1381	atomic_inc(&init_mm.mm_users);
1382
1383	/*
1384	* Keep on scanning until all entries have gone. Usually,
1385	* one pass through swap_map is enough, but not necessarily:
1386	* there are races when an instance of an entry might be missed.
1387	*/
1388	while ((i = find_next_to_unuse(si, i, frontswap)) != 0) {
1389	if (signal_pending(current)) {
1390	retval = -EINTR;
1391	break;
1392	}
1393
1394	/*
1395	* Get a page for the entry, using the existing swap
1396	* cache page if there is one. Otherwise, get a clean
1397	* page and read the swap into it.
1398	*/
1399	swap_map = &si->swap_map[i];
1400	entry = swp_entry(type, i);
1401	page = read_swap_cache_async(entry,
1402	GFP_HIGHUSER_MOVABLE, NULL, 0);
1403	if (!page) {
1404	/*
1405	* Either swap_duplicate() failed because entry
1406	* has been freed independently, and will not be
1407	* reused since sys_swapoff() already disabled
1408	* allocation from here, or alloc_page() failed.
1409	*/
1410	swcount = *swap_map;
1411	/*
1412	* We don't hold lock here, so the swap entry could be
1413	* SWAP_MAP_BAD (when the cluster is discarding).
1414	* Instead of fail out, We can just skip the swap
1415	* entry because swapoff will wait for discarding
1416	* finish anyway.
1417	*/
1418	if (!swcount \|\| swcount == SWAP_MAP_BAD)
1419	continue;
1420	retval = -ENOMEM;
1421	break;
1422	}
1423
1424	/*
1425	* Don't hold on to start_mm if it looks like exiting.
1426	*/
1427	if (atomic_read(&start_mm->mm_users) == 1) {
1428	mmput(start_mm);
1429	start_mm = &init_mm;
1430	atomic_inc(&init_mm.mm_users);
1431	}
1432
1433	/*
1434	* Wait for and lock page. When do_swap_page races with
1435	* try_to_unuse, do_swap_page can handle the fault much
1436	* faster than try_to_unuse can locate the entry. This
1437	* apparently redundant "wait_on_page_locked" lets try_to_unuse
1438	* defer to do_swap_page in such a case - in some tests,
1439	* do_swap_page and try_to_unuse repeatedly compete.
1440	*/
1441	wait_on_page_locked(page);
1442	wait_on_page_writeback(page);
1443	lock_page(page);
1444	wait_on_page_writeback(page);
1445
1446	/*
1447	* Remove all references to entry.
1448	*/
1449	swcount = *swap_map;
1450	if (swap_count(swcount) == SWAP_MAP_SHMEM) {
1451	retval = shmem_unuse(entry, page);
1452	/* page has already been unlocked and released */
1453	if (retval < 0)
1454	break;
1455	continue;
1456	}
1457	if (swap_count(swcount) && start_mm != &init_mm)
1458	retval = unuse_mm(start_mm, entry, page);
1459
1460	if (swap_count(*swap_map)) {
1461	int set_start_mm = (*swap_map >= swcount);
1462	struct list_head *p = &start_mm->mmlist;
1463	struct mm_struct *new_start_mm = start_mm;
1464	struct mm_struct *prev_mm = start_mm;
1465	struct mm_struct *mm;
1466
1467	atomic_inc(&new_start_mm->mm_users);
1468	atomic_inc(&prev_mm->mm_users);
1469	spin_lock(&mmlist_lock);
1470	while (swap_count(*swap_map) && !retval &&
1471	(p = p->next) != &start_mm->mmlist) {
1472	mm = list_entry(p, struct mm_struct, mmlist);
1473	if (!atomic_inc_not_zero(&mm->mm_users))
1474	continue;
1475	spin_unlock(&mmlist_lock);
1476	mmput(prev_mm);
1477	prev_mm = mm;
1478
1479	cond_resched();
1480
1481	swcount = *swap_map;
1482	if (!swap_count(swcount)) /* any usage ? */
1483	;
1484	else if (mm == &init_mm)
1485	set_start_mm = 1;
1486	else
1487	retval = unuse_mm(mm, entry, page);
1488
1489	if (set_start_mm && *swap_map < swcount) {
1490	mmput(new_start_mm);
1491	atomic_inc(&mm->mm_users);
1492	new_start_mm = mm;
1493	set_start_mm = 0;
1494	}
1495	spin_lock(&mmlist_lock);
1496	}
1497	spin_unlock(&mmlist_lock);
1498	mmput(prev_mm);
1499	mmput(start_mm);
1500	start_mm = new_start_mm;
1501	}
1502	if (retval) {
1503	unlock_page(page);
1504	page_cache_release(page);
1505	break;
1506	}
1507
1508	/*
1509	* If a reference remains (rare), we would like to leave
1510	* the page in the swap cache; but try_to_unmap could
1511	* then re-duplicate the entry once we drop page lock,
1512	* so we might loop indefinitely; also, that page could
1513	* not be swapped out to other storage meanwhile. So:
1514	* delete from cache even if there's another reference,
1515	* after ensuring that the data has been saved to disk -
1516	* since if the reference remains (rarer), it will be
1517	* read from disk into another page. Splitting into two
1518	* pages would be incorrect if swap supported "shared
1519	* private" pages, but they are handled by tmpfs files.
1520	*
1521	* Given how unuse_vma() targets one particular offset
1522	* in an anon_vma, once the anon_vma has been determined,
1523	* this splitting happens to be just what is needed to
1524	* handle where KSM pages have been swapped out: re-reading
1525	* is unnecessarily slow, but we can fix that later on.
1526	*/
1527	if (swap_count(*swap_map) &&
1528	PageDirty(page) && PageSwapCache(page)) {
1529	struct writeback_control wbc = {
1530	.sync_mode = WB_SYNC_NONE,
1531	};
1532
1533	swap_writepage(page, &wbc);
1534	lock_page(page);
1535	wait_on_page_writeback(page);
1536	}
1537
1538	/*
1539	* It is conceivable that a racing task removed this page from
1540	* swap cache just before we acquired the page lock at the top,
1541	* or while we dropped it in unuse_mm(). The page might even
1542	* be back in swap cache on another swap area: that we must not
1543	* delete, since it may not have been written out to swap yet.
1544	*/
1545	if (PageSwapCache(page) &&
1546	likely(page_private(page) == entry.val))
1547	delete_from_swap_cache(page);
1548
1549	/*
1550	* So we could skip searching mms once swap count went
1551	* to 1, we did not mark any present ptes as dirty: must
1552	* mark page dirty so shrink_page_list will preserve it.
1553	*/
1554	SetPageDirty(page);
1555	unlock_page(page);
1556	page_cache_release(page);
1557
1558	/*
1559	* Make sure that we aren't completely killing
1560	* interactive performance.
1561	*/
1562	cond_resched();
1563	if (frontswap && pages_to_unuse > 0) {
1564	if (!--pages_to_unuse)
1565	break;
1566	}
1567	}
1568
1569	mmput(start_mm);
1570	return retval;
1571	}
1572
1573	/*
1574	* After a successful try_to_unuse, if no swap is now in use, we know
1575	* we can empty the mmlist. swap_lock must be held on entry and exit.
1576	* Note that mmlist_lock nests inside swap_lock, and an mm must be
1577	* added to the mmlist just after page_duplicate - before would be racy.
1578	*/
1579	static void drain_mmlist(void)
1580	{
1581	struct list_head p, next;
1582	unsigned int type;
1583
1584	for (type = 0; type < nr_swapfiles; type++)
1585	if (swap_info[type]->inuse_pages)
1586	return;
1587	spin_lock(&mmlist_lock);
1588	list_for_each_safe(p, next, &init_mm.mmlist)
1589	list_del_init(p);
1590	spin_unlock(&mmlist_lock);
1591	}
1592
1593	/*
1594	* Use this swapdev's extent info to locate the (PAGE_SIZE) block which
1595	* corresponds to page offset for the specified swap entry.
1596	* Note that the type of this function is sector_t, but it returns page offset
1597	* into the bdev, not sector offset.
1598	*/
1599	static sector_t map_swap_entry(swp_entry_t entry, struct block_device **bdev)
1600	{
1601	struct swap_info_struct *sis;
1602	struct swap_extent *start_se;
1603	struct swap_extent *se;
1604	pgoff_t offset;
1605
1606	sis = swap_info[swp_type(entry)];
1607	*bdev = sis->bdev;
1608
1609	offset = swp_offset(entry);
1610	start_se = sis->curr_swap_extent;
1611	se = start_se;
1612
1613	for ( ; ; ) {
1614	struct list_head *lh;
1615
1616	if (se->start_page <= offset &&
1617	offset < (se->start_page + se->nr_pages)) {
1618	return se->start_block + (offset - se->start_page);
1619	}
1620	lh = se->list.next;
1621	se = list_entry(lh, struct swap_extent, list);
1622	sis->curr_swap_extent = se;
1623	BUG_ON(se == start_se); /* It must be present */
1624	}
1625	}
1626
1627	/*
1628	* Returns the page offset into bdev for the specified page's swap entry.
1629	*/
1630	sector_t map_swap_page(struct page page, struct block_device *bdev)
1631	{
1632	swp_entry_t entry;
1633	entry.val = page_private(page);
1634	return map_swap_entry(entry, bdev);
1635	}
1636
1637	/*
1638	* Free all of a swapdev's extent information
1639	*/
1640	static void destroy_swap_extents(struct swap_info_struct *sis)
1641	{
1642	while (!list_empty(&sis->first_swap_extent.list)) {
1643	struct swap_extent *se;
1644
1645	se = list_entry(sis->first_swap_extent.list.next,
1646	struct swap_extent, list);
1647	list_del(&se->list);
1648	kfree(se);
1649	}
1650
1651	if (sis->flags & SWP_FILE) {
1652	struct file *swap_file = sis->swap_file;
1653	struct address_space *mapping = swap_file->f_mapping;
1654
1655	sis->flags &= ~SWP_FILE;
1656	mapping->a_ops->swap_deactivate(swap_file);
1657	}
1658	}
1659
1660	/*
1661	* Add a block range (and the corresponding page range) into this swapdev's
1662	* extent list. The extent list is kept sorted in page order.
1663	*
1664	* This function rather assumes that it is called in ascending page order.
1665	*/
1666	int
1667	add_swap_extent(struct swap_info_struct *sis, unsigned long start_page,
1668	unsigned long nr_pages, sector_t start_block)
1669	{
1670	struct swap_extent *se;
1671	struct swap_extent *new_se;
1672	struct list_head *lh;
1673
1674	if (start_page == 0) {
1675	se = &sis->first_swap_extent;
1676	sis->curr_swap_extent = se;
1677	se->start_page = 0;
1678	se->nr_pages = nr_pages;
1679	se->start_block = start_block;
1680	return 1;
1681	} else {
1682	lh = sis->first_swap_extent.list.prev; /* Highest extent */
1683	se = list_entry(lh, struct swap_extent, list);
1684	BUG_ON(se->start_page + se->nr_pages != start_page);
1685	if (se->start_block + se->nr_pages == start_block) {
1686	/* Merge it */
1687	se->nr_pages += nr_pages;
1688	return 0;
1689	}
1690	}
1691
1692	/*
1693	* No merge. Insert a new extent, preserving ordering.
1694	*/
1695	new_se = kmalloc(sizeof(*se), GFP_KERNEL);
1696	if (new_se == NULL)
1697	return -ENOMEM;
1698	new_se->start_page = start_page;
1699	new_se->nr_pages = nr_pages;
1700	new_se->start_block = start_block;
1701
1702	list_add_tail(&new_se->list, &sis->first_swap_extent.list);
1703	return 1;
1704	}
1705
1706	/*
1707	* A `swap extent' is a simple thing which maps a contiguous range of pages
1708	* onto a contiguous range of disk blocks. An ordered list of swap extents
1709	* is built at swapon time and is then used at swap_writepage/swap_readpage
1710	* time for locating where on disk a page belongs.
1711	*
1712	* If the swapfile is an S_ISBLK block device, a single extent is installed.
1713	* This is done so that the main operating code can treat S_ISBLK and S_ISREG
1714	* swap files identically.
1715	*
1716	* Whether the swapdev is an S_ISREG file or an S_ISBLK blockdev, the swap
1717	* extent list operates in PAGE_SIZE disk blocks. Both S_ISREG and S_ISBLK
1718	* swapfiles are handled identically after swapon time.
1719	*
1720	* For S_ISREG swapfiles, setup_swap_extents() will walk all the file's blocks
1721	* and will parse them into an ordered extent list, in PAGE_SIZE chunks. If
1722	* some stray blocks are found which do not fall within the PAGE_SIZE alignment
1723	* requirements, they are simply tossed out - we will never use those blocks
1724	* for swapping.
1725	*
1726	* For S_ISREG swapfiles we set S_SWAPFILE across the life of the swapon. This
1727	* prevents root from shooting her foot off by ftruncating an in-use swapfile,
1728	* which will scribble on the fs.
1729	*
1730	* The amount of disk space which a single swap extent represents varies.
1731	* Typically it is in the 1-4 megabyte range. So we can have hundreds of
1732	* extents in the list. To avoid much list walking, we cache the previous
1733	* search location in `curr_swap_extent', and start new searches from there.
1734	* This is extremely effective. The average number of iterations in
1735	* map_swap_page() has been measured at about 0.3 per page. - akpm.
1736	*/
1737	static int setup_swap_extents(struct swap_info_struct sis, sector_t span)
1738	{
1739	struct file *swap_file = sis->swap_file;
1740	struct address_space *mapping = swap_file->f_mapping;
1741	struct inode *inode = mapping->host;
1742	int ret;
1743
1744	if (S_ISBLK(inode->i_mode)) {
1745	ret = add_swap_extent(sis, 0, sis->max, 0);
1746	*span = sis->pages;
1747	return ret;
1748	}
1749
1750	if (mapping->a_ops->swap_activate) {
1751	ret = mapping->a_ops->swap_activate(sis, swap_file, span);
1752	if (!ret) {
1753	sis->flags \|= SWP_FILE;
1754	ret = add_swap_extent(sis, 0, sis->max, 0);
1755	*span = sis->pages;
1756	}
1757	return ret;
1758	}
1759
1760	return generic_swapfile_activate(sis, swap_file, span);
1761	}
1762
1763	static void _enable_swap_info(struct swap_info_struct *p, int prio,
1764	unsigned char *swap_map,
1765	struct swap_cluster_info *cluster_info)
1766	{
1767	int i, prev;
1768
1769	if (prio >= 0)
1770	p->prio = prio;
1771	else
1772	p->prio = --least_priority;
1773	p->swap_map = swap_map;
1774	p->cluster_info = cluster_info;
1775	p->flags \|= SWP_WRITEOK;
1776	atomic_long_add(p->pages, &nr_swap_pages);
1777	total_swap_pages += p->pages;
1778
1779	/* insert swap space into swap_list: */
1780	prev = -1;
1781	for (i = swap_list.head; i >= 0; i = swap_info[i]->next) {
1782	if (p->prio >= swap_info[i]->prio)
1783	break;
1784	prev = i;
1785	}
1786	p->next = i;
1787	if (prev < 0)
1788	swap_list.head = swap_list.next = p->type;
1789	else
1790	swap_info[prev]->next = p->type;
1791	}
1792
1793	static void enable_swap_info(struct swap_info_struct *p, int prio,
1794	unsigned char *swap_map,
1795	struct swap_cluster_info *cluster_info,
1796	unsigned long *frontswap_map)
1797	{
1798	frontswap_init(p->type, frontswap_map);
1799	spin_lock(&swap_lock);
1800	spin_lock(&p->lock);
1801	_enable_swap_info(p, prio, swap_map, cluster_info);
1802	spin_unlock(&p->lock);
1803	spin_unlock(&swap_lock);
1804	}
1805
1806	static void reinsert_swap_info(struct swap_info_struct *p)
1807	{
1808	spin_lock(&swap_lock);
1809	spin_lock(&p->lock);
1810	_enable_swap_info(p, p->prio, p->swap_map, p->cluster_info);
1811	spin_unlock(&p->lock);
1812	spin_unlock(&swap_lock);
1813	}
1814
1815	SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
1816	{
1817	struct swap_info_struct *p = NULL;
1818	unsigned char *swap_map;
1819	struct swap_cluster_info *cluster_info;
1820	unsigned long *frontswap_map;
1821	struct file swap_file, victim;
1822	struct address_space *mapping;
1823	struct inode *inode;
1824	struct filename *pathname;
1825	int i, type, prev;
1826	int err;
1827	unsigned int old_block_size;
1828
1829	if (!capable(CAP_SYS_ADMIN))
1830	return -EPERM;
1831
1832	BUG_ON(!current->mm);
1833
1834	pathname = getname(specialfile);
1835	if (IS_ERR(pathname))
1836	return PTR_ERR(pathname);
1837
1838	victim = file_open_name(pathname, O_RDWR\|O_LARGEFILE, 0);
1839	err = PTR_ERR(victim);
1840	if (IS_ERR(victim))
1841	goto out;
1842
1843	mapping = victim->f_mapping;
1844	prev = -1;
1845	spin_lock(&swap_lock);
1846	for (type = swap_list.head; type >= 0; type = swap_info[type]->next) {
1847	p = swap_info[type];
1848	if (p->flags & SWP_WRITEOK) {
1849	if (p->swap_file->f_mapping == mapping)
1850	break;
1851	}
1852	prev = type;
1853	}
1854	if (type < 0) {
1855	err = -EINVAL;
1856	spin_unlock(&swap_lock);
1857	goto out_dput;
1858	}
1859	if (!security_vm_enough_memory_mm(current->mm, p->pages))
1860	vm_unacct_memory(p->pages);
1861	else {
1862	err = -ENOMEM;
1863	spin_unlock(&swap_lock);
1864	goto out_dput;
1865	}
1866	if (prev < 0)
1867	swap_list.head = p->next;
1868	else
1869	swap_info[prev]->next = p->next;
1870	if (type == swap_list.next) {
1871	/* just pick something that's safe... */
1872	swap_list.next = swap_list.head;
1873	}
1874	spin_lock(&p->lock);
1875	if (p->prio < 0) {
1876	for (i = p->next; i >= 0; i = swap_info[i]->next)
1877	swap_info[i]->prio = p->prio--;
1878	least_priority++;
1879	}
1880	atomic_long_sub(p->pages, &nr_swap_pages);
1881	total_swap_pages -= p->pages;
1882	p->flags &= ~SWP_WRITEOK;
1883	spin_unlock(&p->lock);
1884	spin_unlock(&swap_lock);
1885
1886	set_current_oom_origin();
1887	err = try_to_unuse(type, false, 0); /* force all pages to be unused */
1888	clear_current_oom_origin();
1889
1890	if (err) {
1891	/* re-insert swap space back into swap_list */
1892	reinsert_swap_info(p);
1893	goto out_dput;
1894	}
1895
1896	flush_work(&p->discard_work);
1897
1898	destroy_swap_extents(p);
1899	if (p->flags & SWP_CONTINUED)
1900	free_swap_count_continuations(p);
1901
1902	mutex_lock(&swapon_mutex);
1903	spin_lock(&swap_lock);
1904	spin_lock(&p->lock);
1905	drain_mmlist();
1906
1907	/* wait for anyone still in scan_swap_map */
1908	p->highest_bit = 0; /* cuts scans short */
1909	while (p->flags >= SWP_SCANNING) {
1910	spin_unlock(&p->lock);
1911	spin_unlock(&swap_lock);
1912	schedule_timeout_uninterruptible(1);
1913	spin_lock(&swap_lock);
1914	spin_lock(&p->lock);
1915	}
1916
1917	swap_file = p->swap_file;
1918	old_block_size = p->old_block_size;
1919	p->swap_file = NULL;
1920	p->max = 0;
1921	swap_map = p->swap_map;
1922	p->swap_map = NULL;
1923	cluster_info = p->cluster_info;
1924	p->cluster_info = NULL;
1925	p->flags = 0;
1926	frontswap_map = frontswap_map_get(p);
1927	frontswap_map_set(p, NULL);
1928	spin_unlock(&p->lock);
1929	spin_unlock(&swap_lock);
1930	frontswap_invalidate_area(type);
1931	mutex_unlock(&swapon_mutex);
1932	free_percpu(p->percpu_cluster);
1933	p->percpu_cluster = NULL;
1934	vfree(swap_map);
1935	vfree(cluster_info);
1936	vfree(frontswap_map);
1937	/* Destroy swap account informatin */
1938	swap_cgroup_swapoff(type);
1939
1940	inode = mapping->host;
1941	if (S_ISBLK(inode->i_mode)) {
1942	struct block_device *bdev = I_BDEV(inode);
1943	set_blocksize(bdev, old_block_size);
1944	blkdev_put(bdev, FMODE_READ \| FMODE_WRITE \| FMODE_EXCL);
1945	} else {
1946	mutex_lock(&inode->i_mutex);
1947	inode->i_flags &= ~S_SWAPFILE;
1948	mutex_unlock(&inode->i_mutex);
1949	}
1950	filp_close(swap_file, NULL);
1951	err = 0;
1952	atomic_inc(&proc_poll_event);
1953	wake_up_interruptible(&proc_poll_wait);
1954
1955	out_dput:
1956	filp_close(victim, NULL);
1957	out:
1958	putname(pathname);
1959	return err;
1960	}
1961
1962	#ifdef CONFIG_PROC_FS
1963	static unsigned swaps_poll(struct file file, poll_table wait)
1964	{
1965	struct seq_file *seq = file->private_data;
1966
1967	poll_wait(file, &proc_poll_wait, wait);
1968
1969	if (seq->poll_event != atomic_read(&proc_poll_event)) {
1970	seq->poll_event = atomic_read(&proc_poll_event);
1971	return POLLIN \| POLLRDNORM \| POLLERR \| POLLPRI;
1972	}
1973
1974	return POLLIN \| POLLRDNORM;
1975	}
1976
1977	/* iterator */
1978	static void swap_start(struct seq_file swap, loff_t *pos)
1979	{
1980	struct swap_info_struct *si;
1981	int type;
1982	loff_t l = *pos;
1983
1984	mutex_lock(&swapon_mutex);
1985
1986	if (!l)
1987	return SEQ_START_TOKEN;
1988
1989	for (type = 0; type < nr_swapfiles; type++) {
1990	smp_rmb(); /* read nr_swapfiles before swap_info[type] */
1991	si = swap_info[type];
1992	if (!(si->flags & SWP_USED) \|\| !si->swap_map)
1993	continue;
1994	if (!--l)
1995	return si;
1996	}
1997
1998	return NULL;
1999	}
2000
2001	static void swap_next(struct seq_file swap, void v, loff_t pos)
2002	{
2003	struct swap_info_struct *si = v;
2004	int type;
2005
2006	if (v == SEQ_START_TOKEN)
2007	type = 0;
2008	else
2009	type = si->type + 1;
2010
2011	for (; type < nr_swapfiles; type++) {
2012	smp_rmb(); /* read nr_swapfiles before swap_info[type] */
2013	si = swap_info[type];
2014	if (!(si->flags & SWP_USED) \|\| !si->swap_map)
2015	continue;
2016	++*pos;
2017	return si;
2018	}
2019
2020	return NULL;
2021	}
2022
2023	static void swap_stop(struct seq_file swap, void v)
2024	{
2025	mutex_unlock(&swapon_mutex);
2026	}
2027
2028	static int swap_show(struct seq_file swap, void v)
2029	{
2030	struct swap_info_struct *si = v;
2031	struct file *file;
2032	int len;
2033
2034	if (si == SEQ_START_TOKEN) {
2035	seq_puts(swap,"Filename\t\t\t\tType\t\tSize\tUsed\tPriority\n");
2036	return 0;
2037	}
2038
2039	file = si->swap_file;
2040	len = seq_path(swap, &file->f_path, " \t\n\\");
2041	seq_printf(swap, "%*s%s\t%u\t%u\t%d\n",
2042	len < 40 ? 40 - len : 1, " ",
2043	S_ISBLK(file_inode(file)->i_mode) ?
2044	"partition" : "file\t",
2045	si->pages << (PAGE_SHIFT - 10),
2046	si->inuse_pages << (PAGE_SHIFT - 10),
2047	si->prio);
2048	return 0;
2049	}
2050
2051	static const struct seq_operations swaps_op = {
2052	.start = swap_start,
2053	.next = swap_next,
2054	.stop = swap_stop,
2055	.show = swap_show
2056	};
2057
2058	static int swaps_open(struct inode inode, struct file file)
2059	{
2060	struct seq_file *seq;
2061	int ret;
2062
2063	ret = seq_open(file, &swaps_op);
2064	if (ret)
2065	return ret;
2066
2067	seq = file->private_data;
2068	seq->poll_event = atomic_read(&proc_poll_event);
2069	return 0;
2070	}
2071
2072	static const struct file_operations proc_swaps_operations = {
2073	.open = swaps_open,
2074	.read = seq_read,
2075	.llseek = seq_lseek,
2076	.release = seq_release,
2077	.poll = swaps_poll,
2078	};
2079
2080	static int __init procswaps_init(void)
2081	{
2082	proc_create("swaps", 0, NULL, &proc_swaps_operations);
2083	return 0;
2084	}
2085	__initcall(procswaps_init);
2086	#endif /* CONFIG_PROC_FS */
2087
2088	#ifdef MAX_SWAPFILES_CHECK
2089	static int __init max_swapfiles_check(void)
2090	{
2091	MAX_SWAPFILES_CHECK();
2092	return 0;
2093	}
2094	late_initcall(max_swapfiles_check);
2095	#endif
2096
2097	static struct swap_info_struct *alloc_swap_info(void)
2098	{
2099	struct swap_info_struct *p;
2100	unsigned int type;
2101
2102	p = kzalloc(sizeof(*p), GFP_KERNEL);
2103	if (!p)
2104	return ERR_PTR(-ENOMEM);
2105
2106	spin_lock(&swap_lock);
2107	for (type = 0; type < nr_swapfiles; type++) {
2108	if (!(swap_info[type]->flags & SWP_USED))
2109	break;
2110	}
2111	if (type >= MAX_SWAPFILES) {
2112	spin_unlock(&swap_lock);
2113	kfree(p);
2114	return ERR_PTR(-EPERM);
2115	}
2116	if (type >= nr_swapfiles) {
2117	p->type = type;
2118	swap_info[type] = p;
2119	/*
2120	* Write swap_info[type] before nr_swapfiles, in case a
2121	* racing procfs swap_start() or swap_next() is reading them.
2122	* (We never shrink nr_swapfiles, we never free this entry.)
2123	*/
2124	smp_wmb();
2125	nr_swapfiles++;
2126	} else {
2127	kfree(p);
2128	p = swap_info[type];
2129	/*
2130	* Do not memset this entry: a racing procfs swap_next()
2131	* would be relying on p->type to remain valid.
2132	*/
2133	}
2134	INIT_LIST_HEAD(&p->first_swap_extent.list);
2135	p->flags = SWP_USED;
2136	p->next = -1;
2137	spin_unlock(&swap_lock);
2138	spin_lock_init(&p->lock);
2139
2140	return p;
2141	}
2142
2143	static int claim_swapfile(struct swap_info_struct p, struct inode inode)
2144	{
2145	int error;
2146
2147	if (S_ISBLK(inode->i_mode)) {
2148	p->bdev = bdgrab(I_BDEV(inode));
2149	error = blkdev_get(p->bdev,
2150	FMODE_READ \| FMODE_WRITE \| FMODE_EXCL,
2151	sys_swapon);
2152	if (error < 0) {
2153	p->bdev = NULL;
2154	return -EINVAL;
2155	}
2156	p->old_block_size = block_size(p->bdev);
2157	error = set_blocksize(p->bdev, PAGE_SIZE);
2158	if (error < 0)
2159	return error;
2160	p->flags \|= SWP_BLKDEV;
2161	} else if (S_ISREG(inode->i_mode)) {
2162	p->bdev = inode->i_sb->s_bdev;
2163	mutex_lock(&inode->i_mutex);
2164	if (IS_SWAPFILE(inode))
2165	return -EBUSY;
2166	} else
2167	return -EINVAL;
2168
2169	return 0;
2170	}
2171
2172	static unsigned long read_swap_header(struct swap_info_struct *p,
2173	union swap_header *swap_header,
2174	struct inode *inode)
2175	{
2176	int i;
2177	unsigned long maxpages;
2178	unsigned long swapfilepages;
2179	unsigned long last_page;
2180
2181	if (memcmp("SWAPSPACE2", swap_header->magic.magic, 10)) {
2182	pr_err("Unable to find swap-space signature\n");
2183	return 0;
2184	}
2185
2186	/* swap partition endianess hack... */
2187	if (swab32(swap_header->info.version) == 1) {
2188	swab32s(&swap_header->info.version);
2189	swab32s(&swap_header->info.last_page);
2190	swab32s(&swap_header->info.nr_badpages);
2191	for (i = 0; i < swap_header->info.nr_badpages; i++)
2192	swab32s(&swap_header->info.badpages[i]);
2193	}
2194	/* Check the swap header's sub-version */
2195	if (swap_header->info.version != 1) {
2196	pr_warn("Unable to handle swap header version %d\n",
2197	swap_header->info.version);
2198	return 0;
2199	}
2200
2201	p->lowest_bit = 1;
2202	p->cluster_next = 1;
2203	p->cluster_nr = 0;
2204
2205	/*
2206	* Find out how many pages are allowed for a single swap
2207	* device. There are two limiting factors: 1) the number
2208	* of bits for the swap offset in the swp_entry_t type, and
2209	* 2) the number of bits in the swap pte as defined by the
2210	* different architectures. In order to find the
2211	* largest possible bit mask, a swap entry with swap type 0
2212	* and swap offset ~0UL is created, encoded to a swap pte,
2213	* decoded to a swp_entry_t again, and finally the swap
2214	* offset is extracted. This will mask all the bits from
2215	* the initial ~0UL mask that can't be encoded in either
2216	* the swp_entry_t or the architecture definition of a
2217	* swap pte.
2218	*/
2219	maxpages = swp_offset(pte_to_swp_entry(
2220	swp_entry_to_pte(swp_entry(0, ~0UL)))) + 1;
2221	last_page = swap_header->info.last_page;
2222	if (last_page > maxpages) {
2223	pr_warn("Truncating oversized swap area, only using %luk out of %luk\n",
2224	maxpages << (PAGE_SHIFT - 10),
2225	last_page << (PAGE_SHIFT - 10));
2226	}
2227	if (maxpages > last_page) {
2228	maxpages = last_page + 1;
2229	/* p->max is an unsigned int: don't overflow it */
2230	if ((unsigned int)maxpages == 0)
2231	maxpages = UINT_MAX;
2232	}
2233	p->highest_bit = maxpages - 1;
2234
2235	if (!maxpages)
2236	return 0;
2237	swapfilepages = i_size_read(inode) >> PAGE_SHIFT;
2238	if (swapfilepages && maxpages > swapfilepages) {
2239	pr_warn("Swap area shorter than signature indicates\n");
2240	return 0;
2241	}
2242	if (swap_header->info.nr_badpages && S_ISREG(inode->i_mode))
2243	return 0;
2244	if (swap_header->info.nr_badpages > MAX_SWAP_BADPAGES)
2245	return 0;
2246
2247	return maxpages;
2248	}
2249
2250	static int setup_swap_map_and_extents(struct swap_info_struct *p,
2251	union swap_header *swap_header,
2252	unsigned char *swap_map,
2253	struct swap_cluster_info *cluster_info,
2254	unsigned long maxpages,
2255	sector_t *span)
2256	{
2257	int i;
2258	unsigned int nr_good_pages;
2259	int nr_extents;
2260	unsigned long nr_clusters = DIV_ROUND_UP(maxpages, SWAPFILE_CLUSTER);
2261	unsigned long idx = p->cluster_next / SWAPFILE_CLUSTER;
2262
2263	nr_good_pages = maxpages - 1; /* omit header page */
2264
2265	cluster_set_null(&p->free_cluster_head);
2266	cluster_set_null(&p->free_cluster_tail);
2267	cluster_set_null(&p->discard_cluster_head);
2268	cluster_set_null(&p->discard_cluster_tail);
2269
2270	for (i = 0; i < swap_header->info.nr_badpages; i++) {
2271	unsigned int page_nr = swap_header->info.badpages[i];
2272	if (page_nr == 0 \|\| page_nr > swap_header->info.last_page)
2273	return -EINVAL;
2274	if (page_nr < maxpages) {
2275	swap_map[page_nr] = SWAP_MAP_BAD;
2276	nr_good_pages--;
2277	/*
2278	* Haven't marked the cluster free yet, no list
2279	* operation involved
2280	*/
2281	inc_cluster_info_page(p, cluster_info, page_nr);
2282	}
2283	}
2284
2285	/* Haven't marked the cluster free yet, no list operation involved */
2286	for (i = maxpages; i < round_up(maxpages, SWAPFILE_CLUSTER); i++)
2287	inc_cluster_info_page(p, cluster_info, i);
2288
2289	if (nr_good_pages) {
2290	swap_map[0] = SWAP_MAP_BAD;
2291	/*
2292	* Not mark the cluster free yet, no list
2293	* operation involved
2294	*/
2295	inc_cluster_info_page(p, cluster_info, 0);
2296	p->max = maxpages;
2297	p->pages = nr_good_pages;
2298	nr_extents = setup_swap_extents(p, span);
2299	if (nr_extents < 0)
2300	return nr_extents;
2301	nr_good_pages = p->pages;
2302	}
2303	if (!nr_good_pages) {
2304	pr_warn("Empty swap-file\n");
2305	return -EINVAL;
2306	}
2307
2308	if (!cluster_info)
2309	return nr_extents;
2310
2311	for (i = 0; i < nr_clusters; i++) {
2312	if (!cluster_count(&cluster_info[idx])) {
2313	cluster_set_flag(&cluster_info[idx], CLUSTER_FLAG_FREE);
2314	if (cluster_is_null(&p->free_cluster_head)) {
2315	cluster_set_next_flag(&p->free_cluster_head,
2316	idx, 0);
2317	cluster_set_next_flag(&p->free_cluster_tail,
2318	idx, 0);
2319	} else {
2320	unsigned int tail;
2321
2322	tail = cluster_next(&p->free_cluster_tail);
2323	cluster_set_next(&cluster_info[tail], idx);
2324	cluster_set_next_flag(&p->free_cluster_tail,
2325	idx, 0);
2326	}
2327	}
2328	idx++;
2329	if (idx == nr_clusters)
2330	idx = 0;
2331	}
2332	return nr_extents;
2333	}
2334
2335	/*
2336	* Helper to sys_swapon determining if a given swap
2337	* backing device queue supports DISCARD operations.
2338	*/
2339	static bool swap_discardable(struct swap_info_struct *si)
2340	{
2341	struct request_queue *q = bdev_get_queue(si->bdev);
2342
2343	if (!q \|\| !blk_queue_discard(q))
2344	return false;
2345
2346	return true;
2347	}
2348
2349	SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
2350	{
2351	struct swap_info_struct *p;
2352	struct filename *name;
2353	struct file *swap_file = NULL;
2354	struct address_space *mapping;
2355	int i;
2356	int prio;
2357	int error;
2358	union swap_header *swap_header;
2359	int nr_extents;
2360	sector_t span;
2361	unsigned long maxpages;
2362	unsigned char *swap_map = NULL;
2363	struct swap_cluster_info *cluster_info = NULL;
2364	unsigned long *frontswap_map = NULL;
2365	struct page *page = NULL;
2366	struct inode *inode = NULL;
2367
2368	if (swap_flags & ~SWAP_FLAGS_VALID)
2369	return -EINVAL;
2370
2371	if (!capable(CAP_SYS_ADMIN))
2372	return -EPERM;
2373
2374	p = alloc_swap_info();
2375	if (IS_ERR(p))
2376	return PTR_ERR(p);
2377
2378	INIT_WORK(&p->discard_work, swap_discard_work);
2379
2380	name = getname(specialfile);
2381	if (IS_ERR(name)) {
2382	error = PTR_ERR(name);
2383	name = NULL;
2384	goto bad_swap;
2385	}
2386	swap_file = file_open_name(name, O_RDWR\|O_LARGEFILE, 0);
2387	if (IS_ERR(swap_file)) {
2388	error = PTR_ERR(swap_file);
2389	swap_file = NULL;
2390	goto bad_swap;
2391	}
2392
2393	p->swap_file = swap_file;
2394	mapping = swap_file->f_mapping;
2395
2396	for (i = 0; i < nr_swapfiles; i++) {
2397	struct swap_info_struct *q = swap_info[i];
2398
2399	if (q == p \|\| !q->swap_file)
2400	continue;
2401	if (mapping == q->swap_file->f_mapping) {
2402	error = -EBUSY;
2403	goto bad_swap;
2404	}
2405	}
2406
2407	inode = mapping->host;
2408	/* If S_ISREG(inode->i_mode) will do mutex_lock(&inode->i_mutex); */
2409	error = claim_swapfile(p, inode);
2410	if (unlikely(error))
2411	goto bad_swap;
2412
2413	/*
2414	* Read the swap header.
2415	*/
2416	if (!mapping->a_ops->readpage) {
2417	error = -EINVAL;
2418	goto bad_swap;
2419	}
2420	page = read_mapping_page(mapping, 0, swap_file);
2421	if (IS_ERR(page)) {
2422	error = PTR_ERR(page);
2423	goto bad_swap;
2424	}
2425	swap_header = kmap(page);
2426
2427	maxpages = read_swap_header(p, swap_header, inode);
2428	if (unlikely(!maxpages)) {
2429	error = -EINVAL;
2430	goto bad_swap;
2431	}
2432
2433	/* OK, set up the swap map and apply the bad block list */
2434	swap_map = vzalloc(maxpages);
2435	if (!swap_map) {
2436	error = -ENOMEM;
2437	goto bad_swap;
2438	}
2439	if (p->bdev && blk_queue_nonrot(bdev_get_queue(p->bdev))) {
2440	p->flags \|= SWP_SOLIDSTATE;
2441	/*
2442	* select a random position to start with to help wear leveling
2443	* SSD
2444	*/
2445	p->cluster_next = 1 + (prandom_u32() % p->highest_bit);
2446
2447	cluster_info = vzalloc(DIV_ROUND_UP(maxpages,
2448	SWAPFILE_CLUSTER) * sizeof(*cluster_info));
2449	if (!cluster_info) {
2450	error = -ENOMEM;
2451	goto bad_swap;
2452	}
2453	p->percpu_cluster = alloc_percpu(struct percpu_cluster);
2454	if (!p->percpu_cluster) {
2455	error = -ENOMEM;
2456	goto bad_swap;
2457	}
2458	for_each_possible_cpu(i) {
2459	struct percpu_cluster *cluster;
2460	cluster = per_cpu_ptr(p->percpu_cluster, i);
2461	cluster_set_null(&cluster->index);
2462	}
2463	}
2464
2465	error = swap_cgroup_swapon(p->type, maxpages);
2466	if (error)
2467	goto bad_swap;
2468
2469	nr_extents = setup_swap_map_and_extents(p, swap_header, swap_map,
2470	cluster_info, maxpages, &span);
2471	if (unlikely(nr_extents < 0)) {
2472	error = nr_extents;
2473	goto bad_swap;
2474	}
2475	/* frontswap enabled? set up bit-per-page map for frontswap */
2476	if (frontswap_enabled)
2477	frontswap_map = vzalloc(BITS_TO_LONGS(maxpages) * sizeof(long));
2478
2479	if (p->bdev &&(swap_flags & SWAP_FLAG_DISCARD) && swap_discardable(p)) {
2480	/*
2481	* When discard is enabled for swap with no particular
2482	* policy flagged, we set all swap discard flags here in
2483	* order to sustain backward compatibility with older
2484	* swapon(8) releases.
2485	*/
2486	p->flags \|= (SWP_DISCARDABLE \| SWP_AREA_DISCARD \|
2487	SWP_PAGE_DISCARD);
2488
2489	/*
2490	* By flagging sys_swapon, a sysadmin can tell us to
2491	* either do single-time area discards only, or to just
2492	* perform discards for released swap page-clusters.
2493	* Now it's time to adjust the p->flags accordingly.
2494	*/
2495	if (swap_flags & SWAP_FLAG_DISCARD_ONCE)
2496	p->flags &= ~SWP_PAGE_DISCARD;
2497	else if (swap_flags & SWAP_FLAG_DISCARD_PAGES)
2498	p->flags &= ~SWP_AREA_DISCARD;
2499
2500	/* issue a swapon-time discard if it's still required */
2501	if (p->flags & SWP_AREA_DISCARD) {
2502	int err = discard_swap(p);
2503	if (unlikely(err))
2504	pr_err("swapon: discard_swap(%p): %d\n",
2505	p, err);
2506	}
2507	}
2508
2509	mutex_lock(&swapon_mutex);
2510	prio = -1;
2511	if (swap_flags & SWAP_FLAG_PREFER)
2512	prio =
2513	(swap_flags & SWAP_FLAG_PRIO_MASK) >> SWAP_FLAG_PRIO_SHIFT;
2514	enable_swap_info(p, prio, swap_map, cluster_info, frontswap_map);
2515
2516	pr_info("Adding %uk swap on %s. "
2517	"Priority:%d extents:%d across:%lluk %s%s%s%s%s\n",
2518	p->pages<<(PAGE_SHIFT-10), name->name, p->prio,
2519	nr_extents, (unsigned long long)span<<(PAGE_SHIFT-10),
2520	(p->flags & SWP_SOLIDSTATE) ? "SS" : "",
2521	(p->flags & SWP_DISCARDABLE) ? "D" : "",
2522	(p->flags & SWP_AREA_DISCARD) ? "s" : "",
2523	(p->flags & SWP_PAGE_DISCARD) ? "c" : "",
2524	(frontswap_map) ? "FS" : "");
2525
2526	mutex_unlock(&swapon_mutex);
2527	atomic_inc(&proc_poll_event);
2528	wake_up_interruptible(&proc_poll_wait);
2529
2530	if (S_ISREG(inode->i_mode))
2531	inode->i_flags \|= S_SWAPFILE;
2532	error = 0;
2533	goto out;
2534	bad_swap:
2535	free_percpu(p->percpu_cluster);
2536	p->percpu_cluster = NULL;
2537	if (inode && S_ISBLK(inode->i_mode) && p->bdev) {
2538	set_blocksize(p->bdev, p->old_block_size);
2539	blkdev_put(p->bdev, FMODE_READ \| FMODE_WRITE \| FMODE_EXCL);
2540	}
2541	destroy_swap_extents(p);
2542	swap_cgroup_swapoff(p->type);
2543	spin_lock(&swap_lock);
2544	p->swap_file = NULL;
2545	p->flags = 0;
2546	spin_unlock(&swap_lock);
2547	vfree(swap_map);
2548	vfree(cluster_info);
2549	if (swap_file) {
2550	if (inode && S_ISREG(inode->i_mode)) {
2551	mutex_unlock(&inode->i_mutex);
2552	inode = NULL;
2553	}
2554	filp_close(swap_file, NULL);
2555	}
2556	out:
2557	if (page && !IS_ERR(page)) {
2558	kunmap(page);
2559	page_cache_release(page);
2560	}
2561	if (name)
2562	putname(name);
2563	if (inode && S_ISREG(inode->i_mode))
2564	mutex_unlock(&inode->i_mutex);
2565	return error;
2566	}
2567
2568	void si_swapinfo(struct sysinfo *val)
2569	{
2570	unsigned int type;
2571	unsigned long nr_to_be_unused = 0;
2572
2573	spin_lock(&swap_lock);
2574	for (type = 0; type < nr_swapfiles; type++) {
2575	struct swap_info_struct *si = swap_info[type];
2576
2577	if ((si->flags & SWP_USED) && !(si->flags & SWP_WRITEOK))
2578	nr_to_be_unused += si->inuse_pages;
2579	}
2580	val->freeswap = atomic_long_read(&nr_swap_pages) + nr_to_be_unused;
2581	val->totalswap = total_swap_pages + nr_to_be_unused;
2582	spin_unlock(&swap_lock);
2583	}
2584
2585	/*
2586	* Verify that a swap entry is valid and increment its swap map count.
2587	*
2588	* Returns error code in following case.
2589	* - success -> 0
2590	* - swp_entry is invalid -> EINVAL
2591	* - swp_entry is migration entry -> EINVAL
2592	* - swap-cache reference is requested but there is already one. -> EEXIST
2593	* - swap-cache reference is requested but the entry is not used. -> ENOENT
2594	* - swap-mapped reference requested but needs continued swap count. -> ENOMEM
2595	*/
2596	static int __swap_duplicate(swp_entry_t entry, unsigned char usage)
2597	{
2598	struct swap_info_struct *p;
2599	unsigned long offset, type;
2600	unsigned char count;
2601	unsigned char has_cache;
2602	int err = -EINVAL;
2603
2604	if (non_swap_entry(entry))
2605	goto out;
2606
2607	type = swp_type(entry);
2608	if (type >= nr_swapfiles)
2609	goto bad_file;
2610	p = swap_info[type];
2611	offset = swp_offset(entry);
2612
2613	spin_lock(&p->lock);
2614	if (unlikely(offset >= p->max))
2615	goto unlock_out;
2616
2617	count = p->swap_map[offset];
2618
2619	/*
2620	* swapin_readahead() doesn't check if a swap entry is valid, so the
2621	* swap entry could be SWAP_MAP_BAD. Check here with lock held.
2622	*/
2623	if (unlikely(swap_count(count) == SWAP_MAP_BAD)) {
2624	err = -ENOENT;
2625	goto unlock_out;
2626	}
2627
2628	has_cache = count & SWAP_HAS_CACHE;
2629	count &= ~SWAP_HAS_CACHE;
2630	err = 0;
2631
2632	if (usage == SWAP_HAS_CACHE) {
2633
2634	/* set SWAP_HAS_CACHE if there is no cache and entry is used */
2635	if (!has_cache && count)
2636	has_cache = SWAP_HAS_CACHE;
2637	else if (has_cache) /* someone else added cache */
2638	err = -EEXIST;
2639	else /* no users remaining */
2640	err = -ENOENT;
2641
2642	} else if (count \|\| has_cache) {
2643
2644	if ((count & ~COUNT_CONTINUED) < SWAP_MAP_MAX)
2645	count += usage;
2646	else if ((count & ~COUNT_CONTINUED) > SWAP_MAP_MAX)
2647	err = -EINVAL;
2648	else if (swap_count_continued(p, offset, count))
2649	count = COUNT_CONTINUED;
2650	else
2651	err = -ENOMEM;
2652	} else
2653	err = -ENOENT; /* unused swap entry */
2654
2655	p->swap_map[offset] = count \| has_cache;
2656
2657	unlock_out:
2658	spin_unlock(&p->lock);
2659	out:
2660	return err;
2661
2662	bad_file:
2663	pr_err("swap_dup: %s%08lx\n", Bad_file, entry.val);
2664	goto out;
2665	}
2666
2667	/*
2668	* Help swapoff by noting that swap entry belongs to shmem/tmpfs
2669	* (in which case its reference count is never incremented).
2670	*/
2671	void swap_shmem_alloc(swp_entry_t entry)
2672	{
2673	__swap_duplicate(entry, SWAP_MAP_SHMEM);
2674	}
2675
2676	/*
2677	* Increase reference count of swap entry by 1.
2678	* Returns 0 for success, or -ENOMEM if a swap_count_continuation is required
2679	* but could not be atomically allocated. Returns 0, just as if it succeeded,
2680	* if __swap_duplicate() fails for another reason (-EINVAL or -ENOENT), which
2681	* might occur if a page table entry has got corrupted.
2682	*/
2683	int swap_duplicate(swp_entry_t entry)
2684	{
2685	int err = 0;
2686
2687	while (!err && __swap_duplicate(entry, 1) == -ENOMEM)
2688	err = add_swap_count_continuation(entry, GFP_ATOMIC);
2689	return err;
2690	}
2691
2692	/*
2693	* @entry: swap entry for which we allocate swap cache.
2694	*
2695	* Called when allocating swap cache for existing swap entry,
2696	* This can return error codes. Returns 0 at success.
2697	* -EBUSY means there is a swap cache.
2698	* Note: return code is different from swap_duplicate().
2699	*/
2700	int swapcache_prepare(swp_entry_t entry)
2701	{
2702	return __swap_duplicate(entry, SWAP_HAS_CACHE);
2703	}
2704
2705	struct swap_info_struct page_swap_info(struct page page)
2706	{
2707	swp_entry_t swap = { .val = page_private(page) };
2708	BUG_ON(!PageSwapCache(page));
2709	return swap_info[swp_type(swap)];
2710	}
2711
2712	/*
2713	* out-of-line __page_file_ methods to avoid include hell.
2714	*/
2715	struct address_space __page_file_mapping(struct page page)
2716	{
2717	VM_BUG_ON(!PageSwapCache(page));
2718	return page_swap_info(page)->swap_file->f_mapping;
2719	}
2720	EXPORT_SYMBOL_GPL(__page_file_mapping);
2721
2722	pgoff_t __page_file_index(struct page *page)
2723	{
2724	swp_entry_t swap = { .val = page_private(page) };
2725	VM_BUG_ON(!PageSwapCache(page));
2726	return swp_offset(swap);
2727	}
2728	EXPORT_SYMBOL_GPL(__page_file_index);
2729
2730	/*
2731	* add_swap_count_continuation - called when a swap count is duplicated
2732	* beyond SWAP_MAP_MAX, it allocates a new page and links that to the entry's
2733	* page of the original vmalloc'ed swap_map, to hold the continuation count
2734	* (for that entry and for its neighbouring PAGE_SIZE swap entries). Called
2735	* again when count is duplicated beyond SWAP_MAP_MAX * SWAP_CONT_MAX, etc.
2736	*
2737	* These continuation pages are seldom referenced: the common paths all work
2738	* on the original swap_map, only referring to a continuation page when the
2739	* low "digit" of a count is incremented or decremented through SWAP_MAP_MAX.
2740	*
2741	* add_swap_count_continuation(, GFP_ATOMIC) can be called while holding
2742	* page table locks; if it fails, add_swap_count_continuation(, GFP_KERNEL)
2743	* can be called after dropping locks.
2744	*/
2745	int add_swap_count_continuation(swp_entry_t entry, gfp_t gfp_mask)
2746	{
2747	struct swap_info_struct *si;
2748	struct page *head;
2749	struct page *page;
2750	struct page *list_page;
2751	pgoff_t offset;
2752	unsigned char count;
2753
2754	/*
2755	* When debugging, it's easier to use __GFP_ZERO here; but it's better
2756	* for latency not to zero a page while GFP_ATOMIC and holding locks.
2757	*/
2758	page = alloc_page(gfp_mask \| __GFP_HIGHMEM);
2759
2760	si = swap_info_get(entry);
2761	if (!si) {
2762	/*
2763	* An acceptable race has occurred since the failing
2764	* __swap_duplicate(): the swap entry has been freed,
2765	* perhaps even the whole swap_map cleared for swapoff.
2766	*/
2767	goto outer;
2768	}
2769
2770	offset = swp_offset(entry);
2771	count = si->swap_map[offset] & ~SWAP_HAS_CACHE;
2772
2773	if ((count & ~COUNT_CONTINUED) != SWAP_MAP_MAX) {
2774	/*
2775	* The higher the swap count, the more likely it is that tasks
2776	* will race to add swap count continuation: we need to avoid
2777	* over-provisioning.
2778	*/
2779	goto out;
2780	}
2781
2782	if (!page) {
2783	spin_unlock(&si->lock);
2784	return -ENOMEM;
2785	}
2786
2787	/*
2788	* We are fortunate that although vmalloc_to_page uses pte_offset_map,
2789	* no architecture is using highmem pages for kernel pagetables: so it
2790	* will not corrupt the GFP_ATOMIC caller's atomic pagetable kmaps.
2791	*/
2792	head = vmalloc_to_page(si->swap_map + offset);
2793	offset &= ~PAGE_MASK;
2794
2795	/*
2796	* Page allocation does not initialize the page's lru field,
2797	* but it does always reset its private field.
2798	*/
2799	if (!page_private(head)) {
2800	BUG_ON(count & COUNT_CONTINUED);
2801	INIT_LIST_HEAD(&head->lru);
2802	set_page_private(head, SWP_CONTINUED);
2803	si->flags \|= SWP_CONTINUED;
2804	}
2805
2806	list_for_each_entry(list_page, &head->lru, lru) {
2807	unsigned char *map;
2808
2809	/*
2810	* If the previous map said no continuation, but we've found
2811	* a continuation page, free our allocation and use this one.
2812	*/
2813	if (!(count & COUNT_CONTINUED))
2814	goto out;
2815
2816	map = kmap_atomic(list_page) + offset;
2817	count = *map;
2818	kunmap_atomic(map);
2819
2820	/*
2821	* If this continuation count now has some space in it,
2822	* free our allocation and use this one.
2823	*/
2824	if ((count & ~COUNT_CONTINUED) != SWAP_CONT_MAX)
2825	goto out;
2826	}
2827
2828	list_add_tail(&page->lru, &head->lru);
2829	page = NULL; /* now it's attached, don't free it */
2830	out:
2831	spin_unlock(&si->lock);
2832	outer:
2833	if (page)
2834	__free_page(page);
2835	return 0;
2836	}
2837
2838	/*
2839	* swap_count_continued - when the original swap_map count is incremented
2840	* from SWAP_MAP_MAX, check if there is already a continuation page to carry
2841	* into, carry if so, or else fail until a new continuation page is allocated;
2842	* when the original swap_map count is decremented from 0 with continuation,
2843	* borrow from the continuation and report whether it still holds more.
2844	* Called while __swap_duplicate() or swap_entry_free() holds swap_lock.
2845	*/
2846	static bool swap_count_continued(struct swap_info_struct *si,
2847	pgoff_t offset, unsigned char count)
2848	{
2849	struct page *head;
2850	struct page *page;
2851	unsigned char *map;
2852
2853	head = vmalloc_to_page(si->swap_map + offset);
2854	if (page_private(head) != SWP_CONTINUED) {
2855	BUG_ON(count & COUNT_CONTINUED);
2856	return false; /* need to add count continuation */
2857	}
2858
2859	offset &= ~PAGE_MASK;
2860	page = list_entry(head->lru.next, struct page, lru);
2861	map = kmap_atomic(page) + offset;
2862
2863	if (count == SWAP_MAP_MAX) /* initial increment from swap_map */
2864	goto init_map; /* jump over SWAP_CONT_MAX checks */
2865
2866	if (count == (SWAP_MAP_MAX \| COUNT_CONTINUED)) { /* incrementing */
2867	/*
2868	* Think of how you add 1 to 999
2869	*/
2870	while (*map == (SWAP_CONT_MAX \| COUNT_CONTINUED)) {
2871	kunmap_atomic(map);
2872	page = list_entry(page->lru.next, struct page, lru);
2873	BUG_ON(page == head);
2874	map = kmap_atomic(page) + offset;
2875	}
2876	if (*map == SWAP_CONT_MAX) {
2877	kunmap_atomic(map);
2878	page = list_entry(page->lru.next, struct page, lru);
2879	if (page == head)
2880	return false; /* add count continuation */
2881	map = kmap_atomic(page) + offset;
2882	init_map: map = 0; / we didn't zero the page */
2883	}
2884	*map += 1;
2885	kunmap_atomic(map);
2886	page = list_entry(page->lru.prev, struct page, lru);
2887	while (page != head) {
2888	map = kmap_atomic(page) + offset;
2889	*map = COUNT_CONTINUED;
2890	kunmap_atomic(map);
2891	page = list_entry(page->lru.prev, struct page, lru);
2892	}
2893	return true; /* incremented */
2894
2895	} else { /* decrementing */
2896	/*
2897	* Think of how you subtract 1 from 1000
2898	*/
2899	BUG_ON(count != COUNT_CONTINUED);
2900	while (*map == COUNT_CONTINUED) {
2901	kunmap_atomic(map);
2902	page = list_entry(page->lru.next, struct page, lru);
2903	BUG_ON(page == head);
2904	map = kmap_atomic(page) + offset;
2905	}
2906	BUG_ON(*map == 0);
2907	*map -= 1;
2908	if (*map == 0)
2909	count = 0;
2910	kunmap_atomic(map);
2911	page = list_entry(page->lru.prev, struct page, lru);
2912	while (page != head) {
2913	map = kmap_atomic(page) + offset;
2914	*map = SWAP_CONT_MAX \| count;
2915	count = COUNT_CONTINUED;
2916	kunmap_atomic(map);
2917	page = list_entry(page->lru.prev, struct page, lru);
2918	}
2919	return count == COUNT_CONTINUED;
2920	}
2921	}
2922
2923	/*
2924	* free_swap_count_continuations - swapoff free all the continuation pages
2925	* appended to the swap_map, after swap_map is quiesced, before vfree'ing it.
2926	*/
2927	static void free_swap_count_continuations(struct swap_info_struct *si)
2928	{
2929	pgoff_t offset;
2930
2931	for (offset = 0; offset < si->max; offset += PAGE_SIZE) {
2932	struct page *head;
2933	head = vmalloc_to_page(si->swap_map + offset);
2934	if (page_private(head)) {
2935	struct list_head this, next;
2936	list_for_each_safe(this, next, &head->lru) {
2937	struct page *page;
2938	page = list_entry(this, struct page, lru);
2939	list_del(this);
2940	__free_page(page);
2941	}
2942	}
2943	}
2944	}
2945

Download this file

Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master

Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9

Kernel

Kernel Git Source Tree

Root/mm/swapfile.c

interactive