mm: bring in additional flag for fixup_user_fault to signal unlock

During Jason's work with postcopy migration support for s390 a problem regarding gmap faults was discovered. The gmap code will call fixup_user_fault which will end up always in handle_mm_fault. Till now we never cared about retries, but as the userfaultfd code kind of relies on it. this needs some fix. This patchset does not take care of the futex code. I will now look closer at this. This patch (of 2): With the introduction of userfaultfd, kvm on s390 needs fixup_user_fault to pass in FAULT_FLAG_ALLOW_RETRY and give feedback if during the faulting we ever unlocked mmap_sem. This patch brings in the logic to handle retries as well as it cleans up the current documentation. fixup_user_fault was not having the same semantics as filemap_fault. It never indicated if a retry happened and so a caller wasn't able to handle that case. So we now changed the behaviour to always retry a locked mmap_sem. Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com> Reviewed-by: Andrea Arcangeli <aarcange@redhat.com> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Christian Borntraeger <borntraeger@de.ibm.com> Cc: "Jason J. Herne" <jjherne@linux.vnet.ibm.com> Cc: David Rientjes <rientjes@google.com> Cc: Eric B Munson <emunson@akamai.com> Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Mel Gorman <mgorman@suse.de> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Dominik Dingel <dingel@linux.vnet.ibm.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Dominik Dingel <dingel@linux.vnet.ibm.com> 2016-01-15 19:57:04 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2016-01-15 20:56:32 -0500
commit: 4a9e1cda274893eca7d178d7dc265503ccb9d87a (patch)
tree: ef92b43a0c3c38edeb554beb64ca8962d795eb3b /mm
parent: c046c321cb4a0bdac9fb922db3859893ca556d27 (diff)
1 files changed, 25 insertions, 5 deletions
diff --git a/mm/gup.c b/mm/gup.c
index aa21c4b865a5..b64a36175884 100644
--- a/mm/gup.c
+++ b/mm/gup.c
@@ -618,6 +618,8 @@ EXPORT_SYMBOL(__get_user_pages);
 * @mm:         mm_struct of target mm
 * @address:    user address
 * @fault_flags:flags to pass down to handle_mm_fault()
+ * @unlocked:   did we unlock the mmap_sem while retrying, maybe NULL if caller
+ *              does not allow retry
 *
 * This is meant to be called in the specific scenario where for locking reasons
 * we try to access user memory in atomic context (within a pagefault_disable()
@@ -629,22 +631,28 @@ EXPORT_SYMBOL(__get_user_pages);
 * The main difference with get_user_pages() is that this function will
 * unconditionally call handle_mm_fault() which will in turn perform all the
 * necessary SW fixup of the dirty and young bits in the PTE, while
- * handle_mm_fault() only guarantees to update these in the struct page.
+ * get_user_pages() only guarantees to update these in the struct page.
 *
 * This is important for some architectures where those bits also gate the
 * access permission to the page because they are maintained in software.  On
 * such architectures, gup() will not be enough to make a subsequent access
 * succeed.
 *
- * This has the same semantics wrt the @mm->mmap_sem as does filemap_fault().
+ * This function will not return with an unlocked mmap_sem. So it has not the
+ * same semantics wrt the @mm->mmap_sem as does filemap_fault().
 */
 int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm,
-                     unsigned long address, unsigned int fault_flags)
+                     unsigned long address, unsigned int fault_flags,
+                     bool *unlocked)
 {
        struct vm_area_struct *vma;
        vm_flags_t vm_flags;
-        int ret;
+        int ret, major = 0;
+        if (unlocked)
+                fault_flags |= FAULT_FLAG_ALLOW_RETRY;
+retry:
        vma = find_extend_vma(mm, address);
        if (!vma || address < vma->vm_start)
                return -EFAULT;
@@ -654,6 +662,7 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm,
                return -EFAULT;
        ret = handle_mm_fault(mm, vma, address, fault_flags);
+        major |= ret & VM_FAULT_MAJOR;
        if (ret & VM_FAULT_ERROR) {
                if (ret & VM_FAULT_OOM)
                        return -ENOMEM;
@@ -663,8 +672,19 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm,
                        return -EFAULT;
                BUG();
        }
+        if (ret & VM_FAULT_RETRY) {
+                down_read(&mm->mmap_sem);
+                if (!(fault_flags & FAULT_FLAG_TRIED)) {
+                        *unlocked = true;
+                        fault_flags &= ~FAULT_FLAG_ALLOW_RETRY;
+                        fault_flags |= FAULT_FLAG_TRIED;
+                        goto retry;
+                }
+        }
        if (tsk) {
-                if (ret & VM_FAULT_MAJOR)
+                if (major)
                        tsk->maj_flt++;
                else
                        tsk->min_flt++;
author	Dominik Dingel <dingel@linux.vnet.ibm.com>	2016-01-15 19:57:04 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2016-01-15 20:56:32 -0500
commit	4a9e1cda274893eca7d178d7dc265503ccb9d87a (patch)
tree	ef92b43a0c3c38edeb554beb64ca8962d795eb3b /mm
parent	c046c321cb4a0bdac9fb922db3859893ca556d27 (diff)