2019-05-27 14:55:02 +08:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2005-04-17 06:20:36 +08:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2001 Momchil Velikov
|
|
|
|
* Portions Copyright (C) 2001 Christoph Hellwig
|
2006-12-07 12:33:44 +08:00
|
|
|
* Copyright (C) 2006 Nick Piggin
|
2012-03-29 05:42:53 +08:00
|
|
|
* Copyright (C) 2012 Konstantin Khlebnikov
|
2005-04-17 06:20:36 +08:00
|
|
|
*/
|
|
|
|
#ifndef _LINUX_RADIX_TREE_H
|
|
|
|
#define _LINUX_RADIX_TREE_H
|
|
|
|
|
2016-03-18 05:21:42 +08:00
|
|
|
#include <linux/bitops.h>
|
2006-12-07 12:33:44 +08:00
|
|
|
#include <linux/kernel.h>
|
2016-12-17 03:46:09 +08:00
|
|
|
#include <linux/list.h>
|
|
|
|
#include <linux/preempt.h>
|
2006-12-07 12:33:44 +08:00
|
|
|
#include <linux/rcupdate.h>
|
2016-12-17 03:46:09 +08:00
|
|
|
#include <linux/spinlock.h>
|
|
|
|
#include <linux/types.h>
|
2017-11-04 01:30:42 +08:00
|
|
|
#include <linux/xarray.h>
|
2006-12-07 12:33:44 +08:00
|
|
|
|
2017-11-08 05:30:10 +08:00
|
|
|
/* Keep unconverted code working */
|
|
|
|
#define radix_tree_root xarray
|
2017-11-09 22:23:56 +08:00
|
|
|
#define radix_tree_node xa_node
|
2017-11-08 05:30:10 +08:00
|
|
|
|
2006-12-07 12:33:44 +08:00
|
|
|
/*
|
2016-05-21 08:03:54 +08:00
|
|
|
* The bottom two bits of the slot determine how the remaining bits in the
|
|
|
|
* slot are interpreted:
|
2006-12-07 12:33:44 +08:00
|
|
|
*
|
2016-05-21 08:03:54 +08:00
|
|
|
* 00 - data pointer
|
2017-11-04 01:30:42 +08:00
|
|
|
* 10 - internal entry
|
|
|
|
* x1 - value entry
|
2016-05-21 08:03:54 +08:00
|
|
|
*
|
|
|
|
* The internal entry may be a pointer to the next level in the tree, a
|
|
|
|
* sibling entry, or an indicator that the entry in this slot has been moved
|
|
|
|
* to another location in the tree and the lookup should be restarted. While
|
|
|
|
* NULL fits the 'data pointer' pattern, it means that there is no entry in
|
|
|
|
* the tree for this index (no matter what level of the tree it is found at).
|
2017-11-04 01:30:42 +08:00
|
|
|
* This means that storing a NULL entry in the tree is the same as deleting
|
|
|
|
* the entry from the tree.
|
2006-12-07 12:33:44 +08:00
|
|
|
*/
|
2016-05-21 08:03:54 +08:00
|
|
|
#define RADIX_TREE_ENTRY_MASK 3UL
|
2017-11-04 01:30:42 +08:00
|
|
|
#define RADIX_TREE_INTERNAL_NODE 2UL
|
2006-12-07 12:33:44 +08:00
|
|
|
|
2016-05-21 08:03:54 +08:00
|
|
|
static inline bool radix_tree_is_internal_node(void *ptr)
|
2006-12-07 12:33:44 +08:00
|
|
|
{
|
2016-05-21 08:03:54 +08:00
|
|
|
return ((unsigned long)ptr & RADIX_TREE_ENTRY_MASK) ==
|
|
|
|
RADIX_TREE_INTERNAL_NODE;
|
2006-12-07 12:33:44 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*** radix-tree API starts here ***/
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2017-11-04 11:09:45 +08:00
|
|
|
#define RADIX_TREE_MAP_SHIFT XA_CHUNK_SHIFT
|
2014-04-04 05:47:54 +08:00
|
|
|
#define RADIX_TREE_MAP_SIZE (1UL << RADIX_TREE_MAP_SHIFT)
|
|
|
|
#define RADIX_TREE_MAP_MASK (RADIX_TREE_MAP_SIZE-1)
|
|
|
|
|
2017-11-09 22:23:56 +08:00
|
|
|
#define RADIX_TREE_MAX_TAGS XA_MAX_MARKS
|
|
|
|
#define RADIX_TREE_TAG_LONGS XA_MARK_LONGS
|
2014-04-04 05:47:54 +08:00
|
|
|
|
mm: keep page cache radix tree nodes in check
Previously, page cache radix tree nodes were freed after reclaim emptied
out their page pointers. But now reclaim stores shadow entries in their
place, which are only reclaimed when the inodes themselves are
reclaimed. This is problematic for bigger files that are still in use
after they have a significant amount of their cache reclaimed, without
any of those pages actually refaulting. The shadow entries will just
sit there and waste memory. In the worst case, the shadow entries will
accumulate until the machine runs out of memory.
To get this under control, the VM will track radix tree nodes
exclusively containing shadow entries on a per-NUMA node list. Per-NUMA
rather than global because we expect the radix tree nodes themselves to
be allocated node-locally and we want to reduce cross-node references of
otherwise independent cache workloads. A simple shrinker will then
reclaim these nodes on memory pressure.
A few things need to be stored in the radix tree node to implement the
shadow node LRU and allow tree deletions coming from the list:
1. There is no index available that would describe the reverse path
from the node up to the tree root, which is needed to perform a
deletion. To solve this, encode in each node its offset inside the
parent. This can be stored in the unused upper bits of the same
member that stores the node's height at no extra space cost.
2. The number of shadow entries needs to be counted in addition to the
regular entries, to quickly detect when the node is ready to go to
the shadow node LRU list. The current entry count is an unsigned
int but the maximum number of entries is 64, so a shadow counter
can easily be stored in the unused upper bits.
3. Tree modification needs tree lock and tree root, which are located
in the address space, so store an address_space backpointer in the
node. The parent pointer of the node is in a union with the 2-word
rcu_head, so the backpointer comes at no extra cost as well.
4. The node needs to be linked to an LRU list, which requires a list
head inside the node. This does increase the size of the node, but
it does not change the number of objects that fit into a slab page.
[akpm@linux-foundation.org: export the right function]
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Reviewed-by: Rik van Riel <riel@redhat.com>
Reviewed-by: Minchan Kim <minchan@kernel.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Bob Liu <bob.liu@oracle.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Dave Chinner <david@fromorbit.com>
Cc: Greg Thelen <gthelen@google.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jan Kara <jack@suse.cz>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Luigi Semenzato <semenzato@google.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Metin Doslu <metin@citusdata.com>
Cc: Michel Lespinasse <walken@google.com>
Cc: Ozgun Erdogan <ozgun@citusdata.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Roman Gushchin <klamm@yandex-team.ru>
Cc: Ryan Mallon <rmallon@gmail.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-04-04 05:47:56 +08:00
|
|
|
#define RADIX_TREE_INDEX_BITS (8 /* CHAR_BIT */ * sizeof(unsigned long))
|
|
|
|
#define RADIX_TREE_MAX_PATH (DIV_ROUND_UP(RADIX_TREE_INDEX_BITS, \
|
|
|
|
RADIX_TREE_MAP_SHIFT))
|
|
|
|
|
2017-11-08 05:30:10 +08:00
|
|
|
/* The IDR tag is stored in the low bits of xa_flags */
|
radix tree: use GFP_ZONEMASK bits of gfp_t for flags
Patch series "XArray", v9. (First part thereof).
This patchset is, I believe, appropriate for merging for 4.17. It
contains the XArray implementation, to eventually replace the radix
tree, and converts the page cache to use it.
This conversion keeps the radix tree and XArray data structures in sync
at all times. That allows us to convert the page cache one function at
a time and should allow for easier bisection. Other than renaming some
elements of the structures, the data structures are fundamentally
unchanged; a radix tree walk and an XArray walk will touch the same
number of cachelines. I have changes planned to the XArray data
structure, but those will happen in future patches.
Improvements the XArray has over the radix tree:
- The radix tree provides operations like other trees do; 'insert' and
'delete'. But what most users really want is an automatically
resizing array, and so it makes more sense to give users an API that
is like an array -- 'load' and 'store'. We still have an 'insert'
operation for users that really want that semantic.
- The XArray considers locking as part of its API. This simplifies a
lot of users who formerly had to manage their own locking just for
the radix tree. It also improves code generation as we can now tell
RCU that we're holding a lock and it doesn't need to generate as much
fencing code. The other advantage is that tree nodes can be moved
(not yet implemented).
- GFP flags are now parameters to calls which may need to allocate
memory. The radix tree forced users to decide what the allocation
flags would be at creation time. It's much clearer to specify them at
allocation time.
- Memory is not preloaded; we don't tie up dozens of pages on the off
chance that the slab allocator fails. Instead, we drop the lock,
allocate a new node and retry the operation. We have to convert all
the radix tree, IDA and IDR preload users before we can realise this
benefit, but I have not yet found a user which cannot be converted.
- The XArray provides a cmpxchg operation. The radix tree forces users
to roll their own (and at least four have).
- Iterators take a 'max' parameter. That simplifies many users and will
reduce the amount of iteration done.
- Iteration can proceed backwards. We only have one user for this, but
since it's called as part of the pagefault readahead algorithm, that
seemed worth mentioning.
- RCU-protected pointers are not exposed as part of the API. There are
some fun bugs where the page cache forgets to use rcu_dereference()
in the current codebase.
- Value entries gain an extra bit compared to radix tree exceptional
entries. That gives us the extra bit we need to put huge page swap
entries in the page cache.
- Some iterators now take a 'filter' argument instead of having
separate iterators for tagged/untagged iterations.
The page cache is improved by this:
- Shorter, easier to read code
- More efficient iterations
- Reduction in size of struct address_space
- Fewer walks from the top of the data structure; the XArray API
encourages staying at the leaf node and conducting operations there.
This patch (of 8):
None of these bits may be used for slab allocations, so we can use them
as radix tree flags as long as we mask them off before passing them to
the slab allocator. Move the IDR flag from the high bits to the
GFP_ZONEMASK bits.
Link: http://lkml.kernel.org/r/20180313132639.17387-3-willy@infradead.org
Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com>
Acked-by: Jeff Layton <jlayton@kernel.org>
Cc: Darrick J. Wong <darrick.wong@oracle.com>
Cc: Dave Chinner <david@fromorbit.com>
Cc: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-11 07:36:28 +08:00
|
|
|
#define ROOT_IS_IDR ((__force gfp_t)4)
|
2017-11-08 05:30:10 +08:00
|
|
|
/* The top bits of xa_flags are used to store the root tags */
|
radix tree: use GFP_ZONEMASK bits of gfp_t for flags
Patch series "XArray", v9. (First part thereof).
This patchset is, I believe, appropriate for merging for 4.17. It
contains the XArray implementation, to eventually replace the radix
tree, and converts the page cache to use it.
This conversion keeps the radix tree and XArray data structures in sync
at all times. That allows us to convert the page cache one function at
a time and should allow for easier bisection. Other than renaming some
elements of the structures, the data structures are fundamentally
unchanged; a radix tree walk and an XArray walk will touch the same
number of cachelines. I have changes planned to the XArray data
structure, but those will happen in future patches.
Improvements the XArray has over the radix tree:
- The radix tree provides operations like other trees do; 'insert' and
'delete'. But what most users really want is an automatically
resizing array, and so it makes more sense to give users an API that
is like an array -- 'load' and 'store'. We still have an 'insert'
operation for users that really want that semantic.
- The XArray considers locking as part of its API. This simplifies a
lot of users who formerly had to manage their own locking just for
the radix tree. It also improves code generation as we can now tell
RCU that we're holding a lock and it doesn't need to generate as much
fencing code. The other advantage is that tree nodes can be moved
(not yet implemented).
- GFP flags are now parameters to calls which may need to allocate
memory. The radix tree forced users to decide what the allocation
flags would be at creation time. It's much clearer to specify them at
allocation time.
- Memory is not preloaded; we don't tie up dozens of pages on the off
chance that the slab allocator fails. Instead, we drop the lock,
allocate a new node and retry the operation. We have to convert all
the radix tree, IDA and IDR preload users before we can realise this
benefit, but I have not yet found a user which cannot be converted.
- The XArray provides a cmpxchg operation. The radix tree forces users
to roll their own (and at least four have).
- Iterators take a 'max' parameter. That simplifies many users and will
reduce the amount of iteration done.
- Iteration can proceed backwards. We only have one user for this, but
since it's called as part of the pagefault readahead algorithm, that
seemed worth mentioning.
- RCU-protected pointers are not exposed as part of the API. There are
some fun bugs where the page cache forgets to use rcu_dereference()
in the current codebase.
- Value entries gain an extra bit compared to radix tree exceptional
entries. That gives us the extra bit we need to put huge page swap
entries in the page cache.
- Some iterators now take a 'filter' argument instead of having
separate iterators for tagged/untagged iterations.
The page cache is improved by this:
- Shorter, easier to read code
- More efficient iterations
- Reduction in size of struct address_space
- Fewer walks from the top of the data structure; the XArray API
encourages staying at the leaf node and conducting operations there.
This patch (of 8):
None of these bits may be used for slab allocations, so we can use them
as radix tree flags as long as we mask them off before passing them to
the slab allocator. Move the IDR flag from the high bits to the
GFP_ZONEMASK bits.
Link: http://lkml.kernel.org/r/20180313132639.17387-3-willy@infradead.org
Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com>
Acked-by: Jeff Layton <jlayton@kernel.org>
Cc: Darrick J. Wong <darrick.wong@oracle.com>
Cc: Dave Chinner <david@fromorbit.com>
Cc: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-11 07:36:28 +08:00
|
|
|
#define ROOT_TAG_SHIFT (__GFP_BITS_SHIFT)
|
2016-12-20 23:27:56 +08:00
|
|
|
|
2017-11-08 05:30:10 +08:00
|
|
|
#define RADIX_TREE_INIT(name, mask) XARRAY_INIT(name, mask)
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
#define RADIX_TREE(name, mask) \
|
2018-04-11 07:36:52 +08:00
|
|
|
struct radix_tree_root name = RADIX_TREE_INIT(name, mask)
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2017-11-08 05:30:10 +08:00
|
|
|
#define INIT_RADIX_TREE(root, mask) xa_init_flags(root, mask)
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2016-12-20 06:43:19 +08:00
|
|
|
static inline bool radix_tree_empty(const struct radix_tree_root *root)
|
radix-tree: introduce radix_tree_empty
Commit e61452365372 ("radix_tree: add support for multi-order entries")
left the impression that the support for multiorder radix tree entries
was functional. As soon as Ross tried to use it, it became apparent
that my testing was completely inadequate, and it didn't even work a
little bit for orders that were not a multiple of shift.
This series of patches is the result of about 6 weeks of redesign,
reimplementation, testing, arguing and hair-pulling. The great news is
that the test-suite is now far better than it was. That's reflected in
the diffstat for the test-suite alone:
12 files changed, 436 insertions(+), 28 deletions(-)
The highlight for users of the tree is that the restriction on the order
of inserted entries being >= RADIX_TREE_MAP_SHIFT is now gone; the radix
tree now supports any order between 0 and 64.
For those who are interested in how the tree works, patch 9 is probably
the most interesting one as it introduces the new machinery for handling
sibling entries.
I've tried to be fair in attributing authorship to the person who
contributed the majority of the code in each patch; Ross has been an
invaluable partner in the development of this support and it's fair to
say that each of us has code in every commit.
I should also express my appreciation of the 0day testing. It prompted
me that I was bloating the tinyconfig in an unacceptable way, and it
bisected to a commit which contained a rather nasty memory-corruption
bug.
This patch (of 29):
The irqdomain code was checking for 0 or 1 entries, not 0 entries like
the comment said they were. Introduce a new helper that will actually
check for an empty tree.
Signed-off-by: Matthew Wilcox <willy@linux.intel.com>
Reviewed-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Kirill Shutemov <kirill.shutemov@linux.intel.com>
Cc: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-05-21 08:01:33 +08:00
|
|
|
{
|
2017-11-08 05:30:10 +08:00
|
|
|
return root->xa_head == NULL;
|
radix-tree: introduce radix_tree_empty
Commit e61452365372 ("radix_tree: add support for multi-order entries")
left the impression that the support for multiorder radix tree entries
was functional. As soon as Ross tried to use it, it became apparent
that my testing was completely inadequate, and it didn't even work a
little bit for orders that were not a multiple of shift.
This series of patches is the result of about 6 weeks of redesign,
reimplementation, testing, arguing and hair-pulling. The great news is
that the test-suite is now far better than it was. That's reflected in
the diffstat for the test-suite alone:
12 files changed, 436 insertions(+), 28 deletions(-)
The highlight for users of the tree is that the restriction on the order
of inserted entries being >= RADIX_TREE_MAP_SHIFT is now gone; the radix
tree now supports any order between 0 and 64.
For those who are interested in how the tree works, patch 9 is probably
the most interesting one as it introduces the new machinery for handling
sibling entries.
I've tried to be fair in attributing authorship to the person who
contributed the majority of the code in each patch; Ross has been an
invaluable partner in the development of this support and it's fair to
say that each of us has code in every commit.
I should also express my appreciation of the 0day testing. It prompted
me that I was bloating the tinyconfig in an unacceptable way, and it
bisected to a commit which contained a rather nasty memory-corruption
bug.
This patch (of 29):
The irqdomain code was checking for 0 or 1 entries, not 0 entries like
the comment said they were. Introduce a new helper that will actually
check for an empty tree.
Signed-off-by: Matthew Wilcox <willy@linux.intel.com>
Reviewed-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Kirill Shutemov <kirill.shutemov@linux.intel.com>
Cc: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-05-21 08:01:33 +08:00
|
|
|
}
|
|
|
|
|
2016-12-15 07:08:55 +08:00
|
|
|
/**
|
|
|
|
* struct radix_tree_iter - radix tree iterator state
|
|
|
|
*
|
|
|
|
* @index: index of current slot
|
|
|
|
* @next_index: one beyond the last index for this chunk
|
|
|
|
* @tags: bit-mask for tag-iterating
|
|
|
|
* @node: node that contains current slot
|
|
|
|
*
|
|
|
|
* This radix tree iterator works in terms of "chunks" of slots. A chunk is a
|
|
|
|
* subinterval of slots contained within one radix tree leaf node. It is
|
|
|
|
* described by a pointer to its first slot and a struct radix_tree_iter
|
|
|
|
* which holds the chunk's position in the tree and its size. For tagged
|
|
|
|
* iteration radix_tree_iter also holds the slots' bit-mask for one chosen
|
|
|
|
* radix tree tag.
|
|
|
|
*/
|
|
|
|
struct radix_tree_iter {
|
|
|
|
unsigned long index;
|
|
|
|
unsigned long next_index;
|
|
|
|
unsigned long tags;
|
|
|
|
struct radix_tree_node *node;
|
|
|
|
};
|
|
|
|
|
2006-12-07 12:33:44 +08:00
|
|
|
/**
|
|
|
|
* Radix-tree synchronization
|
|
|
|
*
|
|
|
|
* The radix-tree API requires that users provide all synchronisation (with
|
|
|
|
* specific exceptions, noted below).
|
|
|
|
*
|
|
|
|
* Synchronization of access to the data items being stored in the tree, and
|
|
|
|
* management of their lifetimes must be completely managed by API users.
|
|
|
|
*
|
|
|
|
* For API usage, in general,
|
2007-05-09 14:57:56 +08:00
|
|
|
* - any function _modifying_ the tree or tags (inserting or deleting
|
2008-02-03 22:12:47 +08:00
|
|
|
* items, setting or clearing tags) must exclude other modifications, and
|
2006-12-07 12:33:44 +08:00
|
|
|
* exclude any functions reading the tree.
|
2007-05-09 14:57:56 +08:00
|
|
|
* - any function _reading_ the tree or tags (looking up items or tags,
|
2006-12-07 12:33:44 +08:00
|
|
|
* gang lookups) must exclude modifications to the tree, but may occur
|
|
|
|
* concurrently with other readers.
|
|
|
|
*
|
|
|
|
* The notable exceptions to this rule are the following functions:
|
2014-04-04 05:47:54 +08:00
|
|
|
* __radix_tree_lookup
|
2006-12-07 12:33:44 +08:00
|
|
|
* radix_tree_lookup
|
2008-07-26 10:45:29 +08:00
|
|
|
* radix_tree_lookup_slot
|
2006-12-07 12:33:44 +08:00
|
|
|
* radix_tree_tag_get
|
|
|
|
* radix_tree_gang_lookup
|
|
|
|
* radix_tree_gang_lookup_tag
|
2008-07-26 10:45:29 +08:00
|
|
|
* radix_tree_gang_lookup_tag_slot
|
2006-12-07 12:33:44 +08:00
|
|
|
* radix_tree_tagged
|
|
|
|
*
|
2017-12-02 11:13:06 +08:00
|
|
|
* The first 7 functions are able to be called locklessly, using RCU. The
|
2006-12-07 12:33:44 +08:00
|
|
|
* caller must ensure calls to these functions are made within rcu_read_lock()
|
|
|
|
* regions. Other readers (lock-free or otherwise) and modifications may be
|
|
|
|
* running concurrently.
|
|
|
|
*
|
|
|
|
* It is still required that the caller manage the synchronization and lifetimes
|
|
|
|
* of the items. So if RCU lock-free lookups are used, typically this would mean
|
|
|
|
* that the items have their own locks, or are amenable to lock-free access; and
|
|
|
|
* that the items are freed by RCU (or only freed after having been deleted from
|
|
|
|
* the radix tree *and* a synchronize_rcu() grace period).
|
|
|
|
*
|
|
|
|
* (Note, rcu_assign_pointer and rcu_dereference are not needed to control
|
|
|
|
* access to data items when inserting into or looking up from the radix tree)
|
|
|
|
*
|
radix_tree_tag_get() is not as safe as the docs make out [ver #2]
radix_tree_tag_get() is not safe to use concurrently with radix_tree_tag_set()
or radix_tree_tag_clear(). The problem is that the double tag_get() in
radix_tree_tag_get():
if (!tag_get(node, tag, offset))
saw_unset_tag = 1;
if (height == 1) {
int ret = tag_get(node, tag, offset);
may see the value change due to the action of set/clear. RCU is no protection
against this as no pointers are being changed, no nodes are being replaced
according to a COW protocol - set/clear alter the node directly.
The documentation in linux/radix-tree.h, however, says that
radix_tree_tag_get() is an exception to the rule that "any function modifying
the tree or tags (...) must exclude other modifications, and exclude any
functions reading the tree".
The problem is that the next statement in radix_tree_tag_get() checks that the
tag doesn't vary over time:
BUG_ON(ret && saw_unset_tag);
This has been seen happening in FS-Cache:
https://www.redhat.com/archives/linux-cachefs/2010-April/msg00013.html
To this end, remove the BUG_ON() from radix_tree_tag_get() and note in various
comments that the value of the tag may change whilst the RCU read lock is held,
and thus that the return value of radix_tree_tag_get() may not be relied upon
unless radix_tree_tag_set/clear() and radix_tree_delete() are excluded from
running concurrently with it.
Reported-by: Romain DEGEZ <romain.degez@smartjog.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-04-07 05:36:20 +08:00
|
|
|
* Note that the value returned by radix_tree_tag_get() may not be relied upon
|
|
|
|
* if only the RCU read lock is held. Functions to set/clear tags and to
|
|
|
|
* delete nodes running concurrently with it may affect its result such that
|
|
|
|
* two consecutive reads in the same locked section may return different
|
|
|
|
* values. If reliability is required, modification functions must also be
|
|
|
|
* excluded from concurrency.
|
|
|
|
*
|
2006-12-07 12:33:44 +08:00
|
|
|
* radix_tree_tagged is able to be called without locking or RCU.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
2017-02-14 04:58:24 +08:00
|
|
|
* radix_tree_deref_slot - dereference a slot
|
|
|
|
* @slot: slot pointer, returned by radix_tree_lookup_slot
|
2006-12-07 12:33:44 +08:00
|
|
|
*
|
|
|
|
* For use with radix_tree_lookup_slot(). Caller must hold tree at least read
|
2010-11-12 06:05:19 +08:00
|
|
|
* locked across slot lookup and dereference. Not required if write lock is
|
|
|
|
* held (ie. items cannot be concurrently inserted).
|
|
|
|
*
|
|
|
|
* radix_tree_deref_retry must be used to confirm validity of the pointer if
|
|
|
|
* only the read lock is held.
|
2017-02-14 04:58:24 +08:00
|
|
|
*
|
|
|
|
* Return: entry stored in that slot.
|
2006-12-07 12:33:44 +08:00
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
static inline void *radix_tree_deref_slot(void __rcu **slot)
|
2006-12-07 12:33:44 +08:00
|
|
|
{
|
2017-02-14 04:58:24 +08:00
|
|
|
return rcu_dereference(*slot);
|
2006-12-07 12:33:44 +08:00
|
|
|
}
|
2010-11-12 06:05:19 +08:00
|
|
|
|
2011-01-14 07:47:21 +08:00
|
|
|
/**
|
2017-02-14 04:58:24 +08:00
|
|
|
* radix_tree_deref_slot_protected - dereference a slot with tree lock held
|
|
|
|
* @slot: slot pointer, returned by radix_tree_lookup_slot
|
|
|
|
*
|
|
|
|
* Similar to radix_tree_deref_slot. The caller does not hold the RCU read
|
|
|
|
* lock but it must hold the tree lock to prevent parallel updates.
|
2011-01-14 07:47:21 +08:00
|
|
|
*
|
2017-02-14 04:58:24 +08:00
|
|
|
* Return: entry stored in that slot.
|
2011-01-14 07:47:21 +08:00
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
static inline void *radix_tree_deref_slot_protected(void __rcu **slot,
|
2011-01-14 07:47:21 +08:00
|
|
|
spinlock_t *treelock)
|
|
|
|
{
|
2017-02-14 04:58:24 +08:00
|
|
|
return rcu_dereference_protected(*slot, lockdep_is_held(treelock));
|
2011-01-14 07:47:21 +08:00
|
|
|
}
|
|
|
|
|
2010-11-12 06:05:19 +08:00
|
|
|
/**
|
|
|
|
* radix_tree_deref_retry - check radix_tree_deref_slot
|
|
|
|
* @arg: pointer returned by radix_tree_deref_slot
|
|
|
|
* Returns: 0 if retry is not required, otherwise retry is required
|
|
|
|
*
|
|
|
|
* radix_tree_deref_retry must be used with radix_tree_deref_slot.
|
|
|
|
*/
|
|
|
|
static inline int radix_tree_deref_retry(void *arg)
|
|
|
|
{
|
2016-05-21 08:03:30 +08:00
|
|
|
return unlikely(radix_tree_is_internal_node(arg));
|
2010-11-12 06:05:19 +08:00
|
|
|
}
|
|
|
|
|
radix_tree: exceptional entries and indices
A patchset to extend tmpfs to MAX_LFS_FILESIZE by abandoning its
peculiar swap vector, instead keeping a file's swap entries in the same
radix tree as its struct page pointers: thus saving memory, and
simplifying its code and locking.
This patch:
The radix_tree is used by several subsystems for different purposes. A
major use is to store the struct page pointers of a file's pagecache for
memory management. But what if mm wanted to store something other than
page pointers there too?
The low bit of a radix_tree entry is already used to denote an indirect
pointer, for internal use, and the unlikely radix_tree_deref_retry()
case.
Define the next bit as denoting an exceptional entry, and supply inline
functions radix_tree_exception() to return non-0 in either unlikely
case, and radix_tree_exceptional_entry() to return non-0 in the second
case.
If a subsystem already uses radix_tree with that bit set, no problem: it
does not affect internal workings at all, but is defined for the
convenience of those storing well-aligned pointers in the radix_tree.
The radix_tree_gang_lookups have an implicit assumption that the caller
can deduce the offset of each entry returned e.g. by the page->index of
a struct page. But that may not be feasible for some kinds of item to
be stored there.
radix_tree_gang_lookup_slot() allow for an optional indices argument,
output array in which to return those offsets. The same could be added
to other radix_tree_gang_lookups, but for now keep it to the only one
for which we need it.
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Rik van Riel <riel@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-08-04 07:21:18 +08:00
|
|
|
/**
|
|
|
|
* radix_tree_exception - radix_tree_deref_slot returned either exception?
|
|
|
|
* @arg: value returned by radix_tree_deref_slot
|
|
|
|
* Returns: 0 if well-aligned pointer, non-0 if either kind of exception.
|
|
|
|
*/
|
|
|
|
static inline int radix_tree_exception(void *arg)
|
|
|
|
{
|
2016-05-21 08:03:54 +08:00
|
|
|
return unlikely((unsigned long)arg & RADIX_TREE_ENTRY_MASK);
|
radix_tree: exceptional entries and indices
A patchset to extend tmpfs to MAX_LFS_FILESIZE by abandoning its
peculiar swap vector, instead keeping a file's swap entries in the same
radix tree as its struct page pointers: thus saving memory, and
simplifying its code and locking.
This patch:
The radix_tree is used by several subsystems for different purposes. A
major use is to store the struct page pointers of a file's pagecache for
memory management. But what if mm wanted to store something other than
page pointers there too?
The low bit of a radix_tree entry is already used to denote an indirect
pointer, for internal use, and the unlikely radix_tree_deref_retry()
case.
Define the next bit as denoting an exceptional entry, and supply inline
functions radix_tree_exception() to return non-0 in either unlikely
case, and radix_tree_exceptional_entry() to return non-0 in the second
case.
If a subsystem already uses radix_tree with that bit set, no problem: it
does not affect internal workings at all, but is defined for the
convenience of those storing well-aligned pointers in the radix_tree.
The radix_tree_gang_lookups have an implicit assumption that the caller
can deduce the offset of each entry returned e.g. by the page->index of
a struct page. But that may not be feasible for some kinds of item to
be stored there.
radix_tree_gang_lookup_slot() allow for an optional indices argument,
output array in which to return those offsets. The same could be added
to other radix_tree_gang_lookups, but for now keep it to the only one
for which we need it.
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Rik van Riel <riel@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-08-04 07:21:18 +08:00
|
|
|
}
|
|
|
|
|
2018-09-23 04:14:30 +08:00
|
|
|
int radix_tree_insert(struct radix_tree_root *, unsigned long index,
|
|
|
|
void *);
|
2016-12-20 06:43:19 +08:00
|
|
|
void *__radix_tree_lookup(const struct radix_tree_root *, unsigned long index,
|
2017-02-14 04:58:24 +08:00
|
|
|
struct radix_tree_node **nodep, void __rcu ***slotp);
|
2016-12-20 06:43:19 +08:00
|
|
|
void *radix_tree_lookup(const struct radix_tree_root *, unsigned long);
|
2017-02-14 04:58:24 +08:00
|
|
|
void __rcu **radix_tree_lookup_slot(const struct radix_tree_root *,
|
|
|
|
unsigned long index);
|
|
|
|
void __radix_tree_replace(struct radix_tree_root *, struct radix_tree_node *,
|
2018-04-10 04:24:45 +08:00
|
|
|
void __rcu **slot, void *entry);
|
2016-12-15 07:09:01 +08:00
|
|
|
void radix_tree_iter_replace(struct radix_tree_root *,
|
2017-02-14 04:58:24 +08:00
|
|
|
const struct radix_tree_iter *, void __rcu **slot, void *entry);
|
|
|
|
void radix_tree_replace_slot(struct radix_tree_root *,
|
|
|
|
void __rcu **slot, void *entry);
|
2017-01-28 22:56:22 +08:00
|
|
|
void radix_tree_iter_delete(struct radix_tree_root *,
|
2017-02-14 04:58:24 +08:00
|
|
|
struct radix_tree_iter *iter, void __rcu **slot);
|
2014-04-04 05:47:39 +08:00
|
|
|
void *radix_tree_delete_item(struct radix_tree_root *, unsigned long, void *);
|
2005-04-17 06:20:36 +08:00
|
|
|
void *radix_tree_delete(struct radix_tree_root *, unsigned long);
|
2016-12-20 06:43:19 +08:00
|
|
|
unsigned int radix_tree_gang_lookup(const struct radix_tree_root *,
|
2016-05-21 08:03:45 +08:00
|
|
|
void **results, unsigned long first_index,
|
|
|
|
unsigned int max_items);
|
2005-10-07 14:46:04 +08:00
|
|
|
int radix_tree_preload(gfp_t gfp_mask);
|
2013-09-12 05:26:05 +08:00
|
|
|
int radix_tree_maybe_preload(gfp_t gfp_mask);
|
2005-04-17 06:20:36 +08:00
|
|
|
void radix_tree_init(void);
|
2017-02-14 04:58:24 +08:00
|
|
|
void *radix_tree_tag_set(struct radix_tree_root *,
|
2006-03-25 19:08:05 +08:00
|
|
|
unsigned long index, unsigned int tag);
|
2017-02-14 04:58:24 +08:00
|
|
|
void *radix_tree_tag_clear(struct radix_tree_root *,
|
2006-03-25 19:08:05 +08:00
|
|
|
unsigned long index, unsigned int tag);
|
2016-12-20 06:43:19 +08:00
|
|
|
int radix_tree_tag_get(const struct radix_tree_root *,
|
2006-03-25 19:08:05 +08:00
|
|
|
unsigned long index, unsigned int tag);
|
2017-01-28 22:55:20 +08:00
|
|
|
void radix_tree_iter_tag_clear(struct radix_tree_root *,
|
2016-12-15 07:08:55 +08:00
|
|
|
const struct radix_tree_iter *iter, unsigned int tag);
|
2017-02-14 04:58:24 +08:00
|
|
|
unsigned int radix_tree_gang_lookup_tag(const struct radix_tree_root *,
|
|
|
|
void **results, unsigned long first_index,
|
|
|
|
unsigned int max_items, unsigned int tag);
|
|
|
|
unsigned int radix_tree_gang_lookup_tag_slot(const struct radix_tree_root *,
|
|
|
|
void __rcu ***results, unsigned long first_index,
|
|
|
|
unsigned int max_items, unsigned int tag);
|
|
|
|
int radix_tree_tagged(const struct radix_tree_root *, unsigned int tag);
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
static inline void radix_tree_preload_end(void)
|
|
|
|
{
|
|
|
|
preempt_enable();
|
|
|
|
}
|
|
|
|
|
2017-11-29 04:16:24 +08:00
|
|
|
void __rcu **idr_get_free(struct radix_tree_root *root,
|
idr: Add new APIs to support unsigned long
The following new APIs are added:
int idr_alloc_ext(struct idr *idr, void *ptr, unsigned long *index,
unsigned long start, unsigned long end, gfp_t gfp);
void *idr_remove_ext(struct idr *idr, unsigned long id);
void *idr_find_ext(const struct idr *idr, unsigned long id);
void *idr_replace_ext(struct idr *idr, void *ptr, unsigned long id);
void *idr_get_next_ext(struct idr *idr, unsigned long *nextid);
Signed-off-by: Chris Mi <chrism@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-08-30 14:31:57 +08:00
|
|
|
struct radix_tree_iter *iter, gfp_t gfp,
|
|
|
|
unsigned long max);
|
2016-12-15 07:08:58 +08:00
|
|
|
|
2016-12-20 23:27:56 +08:00
|
|
|
enum {
|
|
|
|
RADIX_TREE_ITER_TAG_MASK = 0x0f, /* tag index in lower nybble */
|
|
|
|
RADIX_TREE_ITER_TAGGED = 0x10, /* lookup tagged slots */
|
|
|
|
RADIX_TREE_ITER_CONTIG = 0x20, /* stop at first hole */
|
|
|
|
};
|
2012-03-29 05:42:53 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* radix_tree_iter_init - initialize radix tree iterator
|
|
|
|
*
|
|
|
|
* @iter: pointer to iterator state
|
|
|
|
* @start: iteration starting index
|
|
|
|
* Returns: NULL
|
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
static __always_inline void __rcu **
|
2012-03-29 05:42:53 +08:00
|
|
|
radix_tree_iter_init(struct radix_tree_iter *iter, unsigned long start)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Leave iter->tags uninitialized. radix_tree_next_chunk() will fill it
|
|
|
|
* in the case of a successful tagged chunk lookup. If the lookup was
|
|
|
|
* unsuccessful or non-tagged then nobody cares about ->tags.
|
|
|
|
*
|
|
|
|
* Set index to zero to bypass next_index overflow protection.
|
|
|
|
* See the comment in radix_tree_next_chunk() for details.
|
|
|
|
*/
|
|
|
|
iter->index = 0;
|
|
|
|
iter->next_index = start;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* radix_tree_next_chunk - find next chunk of slots for iteration
|
|
|
|
*
|
|
|
|
* @root: radix tree root
|
|
|
|
* @iter: iterator state
|
|
|
|
* @flags: RADIX_TREE_ITER_* flags and tag index
|
|
|
|
* Returns: pointer to chunk first slot, or NULL if there no more left
|
|
|
|
*
|
|
|
|
* This function looks up the next chunk in the radix tree starting from
|
|
|
|
* @iter->next_index. It returns a pointer to the chunk's first slot.
|
|
|
|
* Also it fills @iter with data about chunk: position in the tree (index),
|
|
|
|
* its end (next_index), and constructs a bit mask for tagged iterating (tags).
|
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
void __rcu **radix_tree_next_chunk(const struct radix_tree_root *,
|
2012-03-29 05:42:53 +08:00
|
|
|
struct radix_tree_iter *iter, unsigned flags);
|
|
|
|
|
2016-12-20 23:27:56 +08:00
|
|
|
/**
|
|
|
|
* radix_tree_iter_lookup - look up an index in the radix tree
|
|
|
|
* @root: radix tree root
|
|
|
|
* @iter: iterator state
|
|
|
|
* @index: key to look up
|
|
|
|
*
|
|
|
|
* If @index is present in the radix tree, this function returns the slot
|
|
|
|
* containing it and updates @iter to describe the entry. If @index is not
|
|
|
|
* present, it returns NULL.
|
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
static inline void __rcu **
|
|
|
|
radix_tree_iter_lookup(const struct radix_tree_root *root,
|
2016-12-20 23:27:56 +08:00
|
|
|
struct radix_tree_iter *iter, unsigned long index)
|
|
|
|
{
|
|
|
|
radix_tree_iter_init(iter, index);
|
|
|
|
return radix_tree_next_chunk(root, iter, RADIX_TREE_ITER_CONTIG);
|
|
|
|
}
|
|
|
|
|
2016-02-03 08:57:52 +08:00
|
|
|
/**
|
|
|
|
* radix_tree_iter_retry - retry this chunk of the iteration
|
|
|
|
* @iter: iterator state
|
|
|
|
*
|
|
|
|
* If we iterate over a tree protected only by the RCU lock, a race
|
|
|
|
* against deletion or creation may result in seeing a slot for which
|
|
|
|
* radix_tree_deref_retry() returns true. If so, call this function
|
|
|
|
* and continue the iteration.
|
|
|
|
*/
|
|
|
|
static inline __must_check
|
2017-02-14 04:58:24 +08:00
|
|
|
void __rcu **radix_tree_iter_retry(struct radix_tree_iter *iter)
|
2016-02-03 08:57:52 +08:00
|
|
|
{
|
|
|
|
iter->next_index = iter->index;
|
2016-07-21 06:45:00 +08:00
|
|
|
iter->tags = 0;
|
2016-02-03 08:57:52 +08:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2016-05-21 08:02:26 +08:00
|
|
|
static inline unsigned long
|
|
|
|
__radix_tree_iter_add(struct radix_tree_iter *iter, unsigned long slots)
|
|
|
|
{
|
2018-09-23 04:14:30 +08:00
|
|
|
return iter->index + slots;
|
2016-05-21 08:02:26 +08:00
|
|
|
}
|
|
|
|
|
2016-03-18 05:22:06 +08:00
|
|
|
/**
|
2016-12-15 07:08:49 +08:00
|
|
|
* radix_tree_iter_resume - resume iterating when the chunk may be invalid
|
|
|
|
* @slot: pointer to current slot
|
|
|
|
* @iter: iterator state
|
|
|
|
* Returns: New slot pointer
|
2016-03-18 05:22:06 +08:00
|
|
|
*
|
|
|
|
* If the iterator needs to release then reacquire a lock, the chunk may
|
|
|
|
* have been invalidated by an insertion or deletion. Call this function
|
2016-12-15 07:08:49 +08:00
|
|
|
* before releasing the lock to continue the iteration from the next index.
|
2016-03-18 05:22:06 +08:00
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
void __rcu **__must_check radix_tree_iter_resume(void __rcu **slot,
|
2016-12-15 07:08:49 +08:00
|
|
|
struct radix_tree_iter *iter);
|
2016-03-18 05:22:06 +08:00
|
|
|
|
2012-03-29 05:42:53 +08:00
|
|
|
/**
|
|
|
|
* radix_tree_chunk_size - get current chunk size
|
|
|
|
*
|
|
|
|
* @iter: pointer to radix tree iterator
|
|
|
|
* Returns: current chunk size
|
|
|
|
*/
|
2016-02-06 07:37:01 +08:00
|
|
|
static __always_inline long
|
2012-03-29 05:42:53 +08:00
|
|
|
radix_tree_chunk_size(struct radix_tree_iter *iter)
|
|
|
|
{
|
2018-09-23 04:14:30 +08:00
|
|
|
return iter->next_index - iter->index;
|
2012-03-29 05:42:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* radix_tree_next_slot - find next slot in chunk
|
|
|
|
*
|
|
|
|
* @slot: pointer to current slot
|
|
|
|
* @iter: pointer to interator state
|
|
|
|
* @flags: RADIX_TREE_ITER_*, should be constant
|
|
|
|
* Returns: pointer to next slot, or NULL if there no more left
|
|
|
|
*
|
|
|
|
* This function updates @iter->index in the case of a successful lookup.
|
|
|
|
* For tagged lookup it also eats @iter->tags.
|
radix-tree: 'slot' can be NULL in radix_tree_next_slot()
There are four cases I can see where we could end up with a NULL 'slot' in
radix_tree_next_slot(). Yet radix_tree_next_slot() never actually checks
whether 'slot' is NULL. It just happens that for the cases where 'slot'
is NULL, some other combination of factors prevents us from dereferencing
it.
It would be very easy for someone to unwittingly change one of these
factors without realizing that we are implicitly depending on it to save
us from a NULL pointer dereference.
Add a comment documenting the things that allow 'slot' to be safely passed
as NULL to radix_tree_next_slot().
Here are details on the four cases:
1) radix_tree_iter_retry() via a non-tagged iteration like
radix_tree_for_each_slot(). In this case we currently aren't seeing a bug
because radix_tree_iter_retry() sets
iter->next_index = iter->index;
which means that in in the else case in radix_tree_next_slot(), 'count' is
zero, so we skip over the while() loop and effectively just return NULL
without ever dereferencing 'slot'.
2) radix_tree_iter_retry() via tagged iteration like
radix_tree_for_each_tagged(). This case was giving us NULL pointer
dereferences in testing, and was fixed with this commit:
commit 3cb9185c6730 ("radix-tree: fix radix_tree_iter_retry() for tagged
iterators.")
This fix doesn't explicitly check for 'slot' being NULL, though, it works
around the NULL pointer dereference by instead zeroing iter->tags in
radix_tree_iter_retry(), which makes us bail out of the if() case in
radix_tree_next_slot() before we dereference 'slot'.
3) radix_tree_iter_next() via via a non-tagged iteration like
radix_tree_for_each_slot(). This currently happens in shmem_tag_pins()
and shmem_partial_swap_usage().
As with non-tagged iteration, 'count' in the else case of
radix_tree_next_slot() is zero, so we skip over the while() loop and
effectively just return NULL without ever dereferencing 'slot'.
4) radix_tree_iter_next() via tagged iteration like
radix_tree_for_each_tagged(). This happens in shmem_wait_for_pins().
radix_tree_iter_next() zeros out iter->tags, so we end up exiting
radix_tree_next_slot() here:
if (flags & RADIX_TREE_ITER_TAGGED) {
void *canon = slot;
iter->tags >>= 1;
if (unlikely(!iter->tags))
return NULL;
Link: http://lkml.kernel.org/r/20160815194237.25967-2-ross.zwisler@linux.intel.com
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-10-12 04:51:18 +08:00
|
|
|
*
|
|
|
|
* There are several cases where 'slot' can be passed in as NULL to this
|
2016-12-15 07:08:49 +08:00
|
|
|
* function. These cases result from the use of radix_tree_iter_resume() or
|
radix-tree: 'slot' can be NULL in radix_tree_next_slot()
There are four cases I can see where we could end up with a NULL 'slot' in
radix_tree_next_slot(). Yet radix_tree_next_slot() never actually checks
whether 'slot' is NULL. It just happens that for the cases where 'slot'
is NULL, some other combination of factors prevents us from dereferencing
it.
It would be very easy for someone to unwittingly change one of these
factors without realizing that we are implicitly depending on it to save
us from a NULL pointer dereference.
Add a comment documenting the things that allow 'slot' to be safely passed
as NULL to radix_tree_next_slot().
Here are details on the four cases:
1) radix_tree_iter_retry() via a non-tagged iteration like
radix_tree_for_each_slot(). In this case we currently aren't seeing a bug
because radix_tree_iter_retry() sets
iter->next_index = iter->index;
which means that in in the else case in radix_tree_next_slot(), 'count' is
zero, so we skip over the while() loop and effectively just return NULL
without ever dereferencing 'slot'.
2) radix_tree_iter_retry() via tagged iteration like
radix_tree_for_each_tagged(). This case was giving us NULL pointer
dereferences in testing, and was fixed with this commit:
commit 3cb9185c6730 ("radix-tree: fix radix_tree_iter_retry() for tagged
iterators.")
This fix doesn't explicitly check for 'slot' being NULL, though, it works
around the NULL pointer dereference by instead zeroing iter->tags in
radix_tree_iter_retry(), which makes us bail out of the if() case in
radix_tree_next_slot() before we dereference 'slot'.
3) radix_tree_iter_next() via via a non-tagged iteration like
radix_tree_for_each_slot(). This currently happens in shmem_tag_pins()
and shmem_partial_swap_usage().
As with non-tagged iteration, 'count' in the else case of
radix_tree_next_slot() is zero, so we skip over the while() loop and
effectively just return NULL without ever dereferencing 'slot'.
4) radix_tree_iter_next() via tagged iteration like
radix_tree_for_each_tagged(). This happens in shmem_wait_for_pins().
radix_tree_iter_next() zeros out iter->tags, so we end up exiting
radix_tree_next_slot() here:
if (flags & RADIX_TREE_ITER_TAGGED) {
void *canon = slot;
iter->tags >>= 1;
if (unlikely(!iter->tags))
return NULL;
Link: http://lkml.kernel.org/r/20160815194237.25967-2-ross.zwisler@linux.intel.com
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Shuah Khan <shuahkh@osg.samsung.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-10-12 04:51:18 +08:00
|
|
|
* radix_tree_iter_retry(). In these cases we don't end up dereferencing
|
|
|
|
* 'slot' because either:
|
|
|
|
* a) we are doing tagged iteration and iter->tags has been set to 0, or
|
|
|
|
* b) we are doing non-tagged iteration, and iter->index and iter->next_index
|
|
|
|
* have been set up so that radix_tree_chunk_size() returns 1 or 0.
|
2012-03-29 05:42:53 +08:00
|
|
|
*/
|
2017-02-14 04:58:24 +08:00
|
|
|
static __always_inline void __rcu **radix_tree_next_slot(void __rcu **slot,
|
|
|
|
struct radix_tree_iter *iter, unsigned flags)
|
2012-03-29 05:42:53 +08:00
|
|
|
{
|
|
|
|
if (flags & RADIX_TREE_ITER_TAGGED) {
|
|
|
|
iter->tags >>= 1;
|
2016-05-21 08:02:26 +08:00
|
|
|
if (unlikely(!iter->tags))
|
|
|
|
return NULL;
|
2012-03-29 05:42:53 +08:00
|
|
|
if (likely(iter->tags & 1ul)) {
|
2016-05-21 08:02:26 +08:00
|
|
|
iter->index = __radix_tree_iter_add(iter, 1);
|
2016-12-15 07:08:49 +08:00
|
|
|
slot++;
|
|
|
|
goto found;
|
2012-03-29 05:42:53 +08:00
|
|
|
}
|
2016-05-21 08:02:26 +08:00
|
|
|
if (!(flags & RADIX_TREE_ITER_CONTIG)) {
|
2012-03-29 05:42:53 +08:00
|
|
|
unsigned offset = __ffs(iter->tags);
|
|
|
|
|
2016-12-15 07:08:49 +08:00
|
|
|
iter->tags >>= offset++;
|
|
|
|
iter->index = __radix_tree_iter_add(iter, offset);
|
|
|
|
slot += offset;
|
|
|
|
goto found;
|
2012-03-29 05:42:53 +08:00
|
|
|
}
|
|
|
|
} else {
|
2016-05-21 08:02:26 +08:00
|
|
|
long count = radix_tree_chunk_size(iter);
|
2012-03-29 05:42:53 +08:00
|
|
|
|
2016-05-21 08:02:26 +08:00
|
|
|
while (--count > 0) {
|
2012-03-29 05:42:53 +08:00
|
|
|
slot++;
|
2016-05-21 08:02:26 +08:00
|
|
|
iter->index = __radix_tree_iter_add(iter, 1);
|
|
|
|
|
2012-03-29 05:42:53 +08:00
|
|
|
if (likely(*slot))
|
2016-12-15 07:08:49 +08:00
|
|
|
goto found;
|
2012-06-06 01:36:33 +08:00
|
|
|
if (flags & RADIX_TREE_ITER_CONTIG) {
|
|
|
|
/* forbid switching to the next chunk */
|
|
|
|
iter->next_index = 0;
|
2012-03-29 05:42:53 +08:00
|
|
|
break;
|
2012-06-06 01:36:33 +08:00
|
|
|
}
|
2012-03-29 05:42:53 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
2016-12-15 07:08:49 +08:00
|
|
|
|
|
|
|
found:
|
|
|
|
return slot;
|
2012-03-29 05:42:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* radix_tree_for_each_slot - iterate over non-empty slots
|
|
|
|
*
|
|
|
|
* @slot: the void** variable for pointer to slot
|
|
|
|
* @root: the struct radix_tree_root pointer
|
|
|
|
* @iter: the struct radix_tree_iter pointer
|
|
|
|
* @start: iteration starting index
|
|
|
|
*
|
|
|
|
* @slot points to radix tree slot, @iter->index contains its index.
|
|
|
|
*/
|
|
|
|
#define radix_tree_for_each_slot(slot, root, iter, start) \
|
|
|
|
for (slot = radix_tree_iter_init(iter, start) ; \
|
|
|
|
slot || (slot = radix_tree_next_chunk(root, iter, 0)) ; \
|
|
|
|
slot = radix_tree_next_slot(slot, iter, 0))
|
|
|
|
|
|
|
|
/**
|
|
|
|
* radix_tree_for_each_tagged - iterate over tagged slots
|
|
|
|
*
|
|
|
|
* @slot: the void** variable for pointer to slot
|
|
|
|
* @root: the struct radix_tree_root pointer
|
|
|
|
* @iter: the struct radix_tree_iter pointer
|
|
|
|
* @start: iteration starting index
|
|
|
|
* @tag: tag index
|
|
|
|
*
|
|
|
|
* @slot points to radix tree slot, @iter->index contains its index.
|
|
|
|
*/
|
|
|
|
#define radix_tree_for_each_tagged(slot, root, iter, start, tag) \
|
|
|
|
for (slot = radix_tree_iter_init(iter, start) ; \
|
|
|
|
slot || (slot = radix_tree_next_chunk(root, iter, \
|
|
|
|
RADIX_TREE_ITER_TAGGED | tag)) ; \
|
|
|
|
slot = radix_tree_next_slot(slot, iter, \
|
2016-12-15 07:08:49 +08:00
|
|
|
RADIX_TREE_ITER_TAGGED | tag))
|
2012-03-29 05:42:53 +08:00
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
#endif /* _LINUX_RADIX_TREE_H */
|