1 /* 2 * Slab allocator functions that are independent of the allocator strategy 3 * 4 * (C) 2012 Christoph Lameter <cl@linux.com> 5 */ 6 #include <linux/slab.h> 7 8 #include <linux/mm.h> 9 #include <linux/poison.h> 10 #include <linux/interrupt.h> 11 #include <linux/memory.h> 12 #include <linux/compiler.h> 13 #include <linux/module.h> 14 #include <linux/cpu.h> 15 #include <linux/uaccess.h> 16 #include <linux/seq_file.h> 17 #include <linux/proc_fs.h> 18 #include <asm/cacheflush.h> 19 #include <asm/tlbflush.h> 20 #include <asm/page.h> 21 #include <linux/memcontrol.h> 22 23 #define CREATE_TRACE_POINTS 24 #include <trace/events/kmem.h> 25 26 #include "slab.h" 27 28 enum slab_state slab_state; 29 LIST_HEAD(slab_caches); 30 DEFINE_MUTEX(slab_mutex); 31 struct kmem_cache *kmem_cache; 32 33 /* 34 * Set of flags that will prevent slab merging 35 */ 36 #define SLAB_NEVER_MERGE (SLAB_RED_ZONE | SLAB_POISON | SLAB_STORE_USER | \ 37 SLAB_TRACE | SLAB_DESTROY_BY_RCU | SLAB_NOLEAKTRACE | \ 38 SLAB_FAILSLAB | SLAB_KASAN) 39 40 #define SLAB_MERGE_SAME (SLAB_RECLAIM_ACCOUNT | SLAB_CACHE_DMA | \ 41 SLAB_NOTRACK | SLAB_ACCOUNT) 42 43 /* 44 * Merge control. If this is set then no merging of slab caches will occur. 45 * (Could be removed. This was introduced to pacify the merge skeptics.) 46 */ 47 static int slab_nomerge; 48 49 static int __init setup_slab_nomerge(char *str) 50 { 51 slab_nomerge = 1; 52 return 1; 53 } 54 55 #ifdef CONFIG_SLUB 56 __setup_param("slub_nomerge", slub_nomerge, setup_slab_nomerge, 0); 57 #endif 58 59 __setup("slab_nomerge", setup_slab_nomerge); 60 61 /* 62 * Determine the size of a slab object 63 */ 64 unsigned int kmem_cache_size(struct kmem_cache *s) 65 { 66 return s->object_size; 67 } 68 EXPORT_SYMBOL(kmem_cache_size); 69 70 #ifdef CONFIG_DEBUG_VM 71 static int kmem_cache_sanity_check(const char *name, size_t size) 72 { 73 struct kmem_cache *s = NULL; 74 75 if (!name || in_interrupt() || size < sizeof(void *) || 76 size > KMALLOC_MAX_SIZE) { 77 pr_err("kmem_cache_create(%s) integrity check failed\n", name); 78 return -EINVAL; 79 } 80 81 list_for_each_entry(s, &slab_caches, list) { 82 char tmp; 83 int res; 84 85 /* 86 * This happens when the module gets unloaded and doesn't 87 * destroy its slab cache and no-one else reuses the vmalloc 88 * area of the module. Print a warning. 89 */ 90 res = probe_kernel_address(s->name, tmp); 91 if (res) { 92 pr_err("Slab cache with size %d has lost its name\n", 93 s->object_size); 94 continue; 95 } 96 } 97 98 WARN_ON(strchr(name, ' ')); /* It confuses parsers */ 99 return 0; 100 } 101 #else 102 static inline int kmem_cache_sanity_check(const char *name, size_t size) 103 { 104 return 0; 105 } 106 #endif 107 108 void __kmem_cache_free_bulk(struct kmem_cache *s, size_t nr, void **p) 109 { 110 size_t i; 111 112 for (i = 0; i < nr; i++) { 113 if (s) 114 kmem_cache_free(s, p[i]); 115 else 116 kfree(p[i]); 117 } 118 } 119 120 int __kmem_cache_alloc_bulk(struct kmem_cache *s, gfp_t flags, size_t nr, 121 void **p) 122 { 123 size_t i; 124 125 for (i = 0; i < nr; i++) { 126 void *x = p[i] = kmem_cache_alloc(s, flags); 127 if (!x) { 128 __kmem_cache_free_bulk(s, i, p); 129 return 0; 130 } 131 } 132 return i; 133 } 134 135 #if defined(CONFIG_MEMCG) && !defined(CONFIG_SLOB) 136 void slab_init_memcg_params(struct kmem_cache *s) 137 { 138 s->memcg_params.is_root_cache = true; 139 INIT_LIST_HEAD(&s->memcg_params.list); 140 RCU_INIT_POINTER(s->memcg_params.memcg_caches, NULL); 141 } 142 143 static int init_memcg_params(struct kmem_cache *s, 144 struct mem_cgroup *memcg, struct kmem_cache *root_cache) 145 { 146 struct memcg_cache_array *arr; 147 148 if (memcg) { 149 s->memcg_params.is_root_cache = false; 150 s->memcg_params.memcg = memcg; 151 s->memcg_params.root_cache = root_cache; 152 return 0; 153 } 154 155 slab_init_memcg_params(s); 156 157 if (!memcg_nr_cache_ids) 158 return 0; 159 160 arr = kzalloc(sizeof(struct memcg_cache_array) + 161 memcg_nr_cache_ids * sizeof(void *), 162 GFP_KERNEL); 163 if (!arr) 164 return -ENOMEM; 165 166 RCU_INIT_POINTER(s->memcg_params.memcg_caches, arr); 167 return 0; 168 } 169 170 static void destroy_memcg_params(struct kmem_cache *s) 171 { 172 if (is_root_cache(s)) 173 kfree(rcu_access_pointer(s->memcg_params.memcg_caches)); 174 } 175 176 static int update_memcg_params(struct kmem_cache *s, int new_array_size) 177 { 178 struct memcg_cache_array *old, *new; 179 180 if (!is_root_cache(s)) 181 return 0; 182 183 new = kzalloc(sizeof(struct memcg_cache_array) + 184 new_array_size * sizeof(void *), GFP_KERNEL); 185 if (!new) 186 return -ENOMEM; 187 188 old = rcu_dereference_protected(s->memcg_params.memcg_caches, 189 lockdep_is_held(&slab_mutex)); 190 if (old) 191 memcpy(new->entries, old->entries, 192 memcg_nr_cache_ids * sizeof(void *)); 193 194 rcu_assign_pointer(s->memcg_params.memcg_caches, new); 195 if (old) 196 kfree_rcu(old, rcu); 197 return 0; 198 } 199 200 int memcg_update_all_caches(int num_memcgs) 201 { 202 struct kmem_cache *s; 203 int ret = 0; 204 205 mutex_lock(&slab_mutex); 206 list_for_each_entry(s, &slab_caches, list) { 207 ret = update_memcg_params(s, num_memcgs); 208 /* 209 * Instead of freeing the memory, we'll just leave the caches 210 * up to this point in an updated state. 211 */ 212 if (ret) 213 break; 214 } 215 mutex_unlock(&slab_mutex); 216 return ret; 217 } 218 #else 219 static inline int init_memcg_params(struct kmem_cache *s, 220 struct mem_cgroup *memcg, struct kmem_cache *root_cache) 221 { 222 return 0; 223 } 224 225 static inline void destroy_memcg_params(struct kmem_cache *s) 226 { 227 } 228 #endif /* CONFIG_MEMCG && !CONFIG_SLOB */ 229 230 /* 231 * Find a mergeable slab cache 232 */ 233 int slab_unmergeable(struct kmem_cache *s) 234 { 235 if (slab_nomerge || (s->flags & SLAB_NEVER_MERGE)) 236 return 1; 237 238 if (!is_root_cache(s)) 239 return 1; 240 241 if (s->ctor) 242 return 1; 243 244 /* 245 * We may have set a slab to be unmergeable during bootstrap. 246 */ 247 if (s->refcount < 0) 248 return 1; 249 250 return 0; 251 } 252 253 struct kmem_cache *find_mergeable(size_t size, size_t align, 254 unsigned long flags, const char *name, void (*ctor)(void *)) 255 { 256 struct kmem_cache *s; 257 258 if (slab_nomerge || (flags & SLAB_NEVER_MERGE)) 259 return NULL; 260 261 if (ctor) 262 return NULL; 263 264 size = ALIGN(size, sizeof(void *)); 265 align = calculate_alignment(flags, align, size); 266 size = ALIGN(size, align); 267 flags = kmem_cache_flags(size, flags, name, NULL); 268 269 list_for_each_entry_reverse(s, &slab_caches, list) { 270 if (slab_unmergeable(s)) 271 continue; 272 273 if (size > s->size) 274 continue; 275 276 if ((flags & SLAB_MERGE_SAME) != (s->flags & SLAB_MERGE_SAME)) 277 continue; 278 /* 279 * Check if alignment is compatible. 280 * Courtesy of Adrian Drzewiecki 281 */ 282 if ((s->size & ~(align - 1)) != s->size) 283 continue; 284 285 if (s->size - size >= sizeof(void *)) 286 continue; 287 288 if (IS_ENABLED(CONFIG_SLAB) && align && 289 (align > s->align || s->align % align)) 290 continue; 291 292 return s; 293 } 294 return NULL; 295 } 296 297 /* 298 * Figure out what the alignment of the objects will be given a set of 299 * flags, a user specified alignment and the size of the objects. 300 */ 301 unsigned long calculate_alignment(unsigned long flags, 302 unsigned long align, unsigned long size) 303 { 304 /* 305 * If the user wants hardware cache aligned objects then follow that 306 * suggestion if the object is sufficiently large. 307 * 308 * The hardware cache alignment cannot override the specified 309 * alignment though. If that is greater then use it. 310 */ 311 if (flags & SLAB_HWCACHE_ALIGN) { 312 unsigned long ralign = cache_line_size(); 313 while (size <= ralign / 2) 314 ralign /= 2; 315 align = max(align, ralign); 316 } 317 318 if (align < ARCH_SLAB_MINALIGN) 319 align = ARCH_SLAB_MINALIGN; 320 321 return ALIGN(align, sizeof(void *)); 322 } 323 324 static struct kmem_cache *create_cache(const char *name, 325 size_t object_size, size_t size, size_t align, 326 unsigned long flags, void (*ctor)(void *), 327 struct mem_cgroup *memcg, struct kmem_cache *root_cache) 328 { 329 struct kmem_cache *s; 330 int err; 331 332 err = -ENOMEM; 333 s = kmem_cache_zalloc(kmem_cache, GFP_KERNEL); 334 if (!s) 335 goto out; 336 337 s->name = name; 338 s->object_size = object_size; 339 s->size = size; 340 s->align = align; 341 s->ctor = ctor; 342 343 err = init_memcg_params(s, memcg, root_cache); 344 if (err) 345 goto out_free_cache; 346 347 err = __kmem_cache_create(s, flags); 348 if (err) 349 goto out_free_cache; 350 351 s->refcount = 1; 352 list_add(&s->list, &slab_caches); 353 out: 354 if (err) 355 return ERR_PTR(err); 356 return s; 357 358 out_free_cache: 359 destroy_memcg_params(s); 360 kmem_cache_free(kmem_cache, s); 361 goto out; 362 } 363 364 /* 365 * kmem_cache_create - Create a cache. 366 * @name: A string which is used in /proc/slabinfo to identify this cache. 367 * @size: The size of objects to be created in this cache. 368 * @align: The required alignment for the objects. 369 * @flags: SLAB flags 370 * @ctor: A constructor for the objects. 371 * 372 * Returns a ptr to the cache on success, NULL on failure. 373 * Cannot be called within a interrupt, but can be interrupted. 374 * The @ctor is run when new pages are allocated by the cache. 375 * 376 * The flags are 377 * 378 * %SLAB_POISON - Poison the slab with a known test pattern (a5a5a5a5) 379 * to catch references to uninitialised memory. 380 * 381 * %SLAB_RED_ZONE - Insert `Red' zones around the allocated memory to check 382 * for buffer overruns. 383 * 384 * %SLAB_HWCACHE_ALIGN - Align the objects in this cache to a hardware 385 * cacheline. This can be beneficial if you're counting cycles as closely 386 * as davem. 387 */ 388 struct kmem_cache * 389 kmem_cache_create(const char *name, size_t size, size_t align, 390 unsigned long flags, void (*ctor)(void *)) 391 { 392 struct kmem_cache *s = NULL; 393 const char *cache_name; 394 int err; 395 396 get_online_cpus(); 397 get_online_mems(); 398 memcg_get_cache_ids(); 399 400 mutex_lock(&slab_mutex); 401 402 err = kmem_cache_sanity_check(name, size); 403 if (err) { 404 goto out_unlock; 405 } 406 407 /* 408 * Some allocators will constraint the set of valid flags to a subset 409 * of all flags. We expect them to define CACHE_CREATE_MASK in this 410 * case, and we'll just provide them with a sanitized version of the 411 * passed flags. 412 */ 413 flags &= CACHE_CREATE_MASK; 414 415 s = __kmem_cache_alias(name, size, align, flags, ctor); 416 if (s) 417 goto out_unlock; 418 419 cache_name = kstrdup_const(name, GFP_KERNEL); 420 if (!cache_name) { 421 err = -ENOMEM; 422 goto out_unlock; 423 } 424 425 s = create_cache(cache_name, size, size, 426 calculate_alignment(flags, align, size), 427 flags, ctor, NULL, NULL); 428 if (IS_ERR(s)) { 429 err = PTR_ERR(s); 430 kfree_const(cache_name); 431 } 432 433 out_unlock: 434 mutex_unlock(&slab_mutex); 435 436 memcg_put_cache_ids(); 437 put_online_mems(); 438 put_online_cpus(); 439 440 if (err) { 441 if (flags & SLAB_PANIC) 442 panic("kmem_cache_create: Failed to create slab '%s'. Error %d\n", 443 name, err); 444 else { 445 pr_warn("kmem_cache_create(%s) failed with error %d\n", 446 name, err); 447 dump_stack(); 448 } 449 return NULL; 450 } 451 return s; 452 } 453 EXPORT_SYMBOL(kmem_cache_create); 454 455 static int shutdown_cache(struct kmem_cache *s, 456 struct list_head *release, bool *need_rcu_barrier) 457 { 458 if (__kmem_cache_shutdown(s) != 0) 459 return -EBUSY; 460 461 if (s->flags & SLAB_DESTROY_BY_RCU) 462 *need_rcu_barrier = true; 463 464 list_move(&s->list, release); 465 return 0; 466 } 467 468 static void release_caches(struct list_head *release, bool need_rcu_barrier) 469 { 470 struct kmem_cache *s, *s2; 471 472 if (need_rcu_barrier) 473 rcu_barrier(); 474 475 list_for_each_entry_safe(s, s2, release, list) { 476 #ifdef SLAB_SUPPORTS_SYSFS 477 sysfs_slab_remove(s); 478 #else 479 slab_kmem_cache_release(s); 480 #endif 481 } 482 } 483 484 #if defined(CONFIG_MEMCG) && !defined(CONFIG_SLOB) 485 /* 486 * memcg_create_kmem_cache - Create a cache for a memory cgroup. 487 * @memcg: The memory cgroup the new cache is for. 488 * @root_cache: The parent of the new cache. 489 * 490 * This function attempts to create a kmem cache that will serve allocation 491 * requests going from @memcg to @root_cache. The new cache inherits properties 492 * from its parent. 493 */ 494 void memcg_create_kmem_cache(struct mem_cgroup *memcg, 495 struct kmem_cache *root_cache) 496 { 497 static char memcg_name_buf[NAME_MAX + 1]; /* protected by slab_mutex */ 498 struct cgroup_subsys_state *css = &memcg->css; 499 struct memcg_cache_array *arr; 500 struct kmem_cache *s = NULL; 501 char *cache_name; 502 int idx; 503 504 get_online_cpus(); 505 get_online_mems(); 506 507 mutex_lock(&slab_mutex); 508 509 /* 510 * The memory cgroup could have been offlined while the cache 511 * creation work was pending. 512 */ 513 if (memcg->kmem_state != KMEM_ONLINE) 514 goto out_unlock; 515 516 idx = memcg_cache_id(memcg); 517 arr = rcu_dereference_protected(root_cache->memcg_params.memcg_caches, 518 lockdep_is_held(&slab_mutex)); 519 520 /* 521 * Since per-memcg caches are created asynchronously on first 522 * allocation (see memcg_kmem_get_cache()), several threads can try to 523 * create the same cache, but only one of them may succeed. 524 */ 525 if (arr->entries[idx]) 526 goto out_unlock; 527 528 cgroup_name(css->cgroup, memcg_name_buf, sizeof(memcg_name_buf)); 529 cache_name = kasprintf(GFP_KERNEL, "%s(%llu:%s)", root_cache->name, 530 css->serial_nr, memcg_name_buf); 531 if (!cache_name) 532 goto out_unlock; 533 534 s = create_cache(cache_name, root_cache->object_size, 535 root_cache->size, root_cache->align, 536 root_cache->flags, root_cache->ctor, 537 memcg, root_cache); 538 /* 539 * If we could not create a memcg cache, do not complain, because 540 * that's not critical at all as we can always proceed with the root 541 * cache. 542 */ 543 if (IS_ERR(s)) { 544 kfree(cache_name); 545 goto out_unlock; 546 } 547 548 list_add(&s->memcg_params.list, &root_cache->memcg_params.list); 549 550 /* 551 * Since readers won't lock (see cache_from_memcg_idx()), we need a 552 * barrier here to ensure nobody will see the kmem_cache partially 553 * initialized. 554 */ 555 smp_wmb(); 556 arr->entries[idx] = s; 557 558 out_unlock: 559 mutex_unlock(&slab_mutex); 560 561 put_online_mems(); 562 put_online_cpus(); 563 } 564 565 void memcg_deactivate_kmem_caches(struct mem_cgroup *memcg) 566 { 567 int idx; 568 struct memcg_cache_array *arr; 569 struct kmem_cache *s, *c; 570 571 idx = memcg_cache_id(memcg); 572 573 get_online_cpus(); 574 get_online_mems(); 575 576 mutex_lock(&slab_mutex); 577 list_for_each_entry(s, &slab_caches, list) { 578 if (!is_root_cache(s)) 579 continue; 580 581 arr = rcu_dereference_protected(s->memcg_params.memcg_caches, 582 lockdep_is_held(&slab_mutex)); 583 c = arr->entries[idx]; 584 if (!c) 585 continue; 586 587 __kmem_cache_shrink(c, true); 588 arr->entries[idx] = NULL; 589 } 590 mutex_unlock(&slab_mutex); 591 592 put_online_mems(); 593 put_online_cpus(); 594 } 595 596 static int __shutdown_memcg_cache(struct kmem_cache *s, 597 struct list_head *release, bool *need_rcu_barrier) 598 { 599 BUG_ON(is_root_cache(s)); 600 601 if (shutdown_cache(s, release, need_rcu_barrier)) 602 return -EBUSY; 603 604 list_del(&s->memcg_params.list); 605 return 0; 606 } 607 608 void memcg_destroy_kmem_caches(struct mem_cgroup *memcg) 609 { 610 LIST_HEAD(release); 611 bool need_rcu_barrier = false; 612 struct kmem_cache *s, *s2; 613 614 get_online_cpus(); 615 get_online_mems(); 616 617 mutex_lock(&slab_mutex); 618 list_for_each_entry_safe(s, s2, &slab_caches, list) { 619 if (is_root_cache(s) || s->memcg_params.memcg != memcg) 620 continue; 621 /* 622 * The cgroup is about to be freed and therefore has no charges 623 * left. Hence, all its caches must be empty by now. 624 */ 625 BUG_ON(__shutdown_memcg_cache(s, &release, &need_rcu_barrier)); 626 } 627 mutex_unlock(&slab_mutex); 628 629 put_online_mems(); 630 put_online_cpus(); 631 632 release_caches(&release, need_rcu_barrier); 633 } 634 635 static int shutdown_memcg_caches(struct kmem_cache *s, 636 struct list_head *release, bool *need_rcu_barrier) 637 { 638 struct memcg_cache_array *arr; 639 struct kmem_cache *c, *c2; 640 LIST_HEAD(busy); 641 int i; 642 643 BUG_ON(!is_root_cache(s)); 644 645 /* 646 * First, shutdown active caches, i.e. caches that belong to online 647 * memory cgroups. 648 */ 649 arr = rcu_dereference_protected(s->memcg_params.memcg_caches, 650 lockdep_is_held(&slab_mutex)); 651 for_each_memcg_cache_index(i) { 652 c = arr->entries[i]; 653 if (!c) 654 continue; 655 if (__shutdown_memcg_cache(c, release, need_rcu_barrier)) 656 /* 657 * The cache still has objects. Move it to a temporary 658 * list so as not to try to destroy it for a second 659 * time while iterating over inactive caches below. 660 */ 661 list_move(&c->memcg_params.list, &busy); 662 else 663 /* 664 * The cache is empty and will be destroyed soon. Clear 665 * the pointer to it in the memcg_caches array so that 666 * it will never be accessed even if the root cache 667 * stays alive. 668 */ 669 arr->entries[i] = NULL; 670 } 671 672 /* 673 * Second, shutdown all caches left from memory cgroups that are now 674 * offline. 675 */ 676 list_for_each_entry_safe(c, c2, &s->memcg_params.list, 677 memcg_params.list) 678 __shutdown_memcg_cache(c, release, need_rcu_barrier); 679 680 list_splice(&busy, &s->memcg_params.list); 681 682 /* 683 * A cache being destroyed must be empty. In particular, this means 684 * that all per memcg caches attached to it must be empty too. 685 */ 686 if (!list_empty(&s->memcg_params.list)) 687 return -EBUSY; 688 return 0; 689 } 690 #else 691 static inline int shutdown_memcg_caches(struct kmem_cache *s, 692 struct list_head *release, bool *need_rcu_barrier) 693 { 694 return 0; 695 } 696 #endif /* CONFIG_MEMCG && !CONFIG_SLOB */ 697 698 void slab_kmem_cache_release(struct kmem_cache *s) 699 { 700 __kmem_cache_release(s); 701 destroy_memcg_params(s); 702 kfree_const(s->name); 703 kmem_cache_free(kmem_cache, s); 704 } 705 706 void kmem_cache_destroy(struct kmem_cache *s) 707 { 708 LIST_HEAD(release); 709 bool need_rcu_barrier = false; 710 int err; 711 712 if (unlikely(!s)) 713 return; 714 715 get_online_cpus(); 716 get_online_mems(); 717 718 kasan_cache_destroy(s); 719 mutex_lock(&slab_mutex); 720 721 s->refcount--; 722 if (s->refcount) 723 goto out_unlock; 724 725 err = shutdown_memcg_caches(s, &release, &need_rcu_barrier); 726 if (!err) 727 err = shutdown_cache(s, &release, &need_rcu_barrier); 728 729 if (err) { 730 pr_err("kmem_cache_destroy %s: Slab cache still has objects\n", 731 s->name); 732 dump_stack(); 733 } 734 out_unlock: 735 mutex_unlock(&slab_mutex); 736 737 put_online_mems(); 738 put_online_cpus(); 739 740 release_caches(&release, need_rcu_barrier); 741 } 742 EXPORT_SYMBOL(kmem_cache_destroy); 743 744 /** 745 * kmem_cache_shrink - Shrink a cache. 746 * @cachep: The cache to shrink. 747 * 748 * Releases as many slabs as possible for a cache. 749 * To help debugging, a zero exit status indicates all slabs were released. 750 */ 751 int kmem_cache_shrink(struct kmem_cache *cachep) 752 { 753 int ret; 754 755 get_online_cpus(); 756 get_online_mems(); 757 kasan_cache_shrink(cachep); 758 ret = __kmem_cache_shrink(cachep, false); 759 put_online_mems(); 760 put_online_cpus(); 761 return ret; 762 } 763 EXPORT_SYMBOL(kmem_cache_shrink); 764 765 bool slab_is_available(void) 766 { 767 return slab_state >= UP; 768 } 769 770 #ifndef CONFIG_SLOB 771 /* Create a cache during boot when no slab services are available yet */ 772 void __init create_boot_cache(struct kmem_cache *s, const char *name, size_t size, 773 unsigned long flags) 774 { 775 int err; 776 777 s->name = name; 778 s->size = s->object_size = size; 779 s->align = calculate_alignment(flags, ARCH_KMALLOC_MINALIGN, size); 780 781 slab_init_memcg_params(s); 782 783 err = __kmem_cache_create(s, flags); 784 785 if (err) 786 panic("Creation of kmalloc slab %s size=%zu failed. Reason %d\n", 787 name, size, err); 788 789 s->refcount = -1; /* Exempt from merging for now */ 790 } 791 792 struct kmem_cache *__init create_kmalloc_cache(const char *name, size_t size, 793 unsigned long flags) 794 { 795 struct kmem_cache *s = kmem_cache_zalloc(kmem_cache, GFP_NOWAIT); 796 797 if (!s) 798 panic("Out of memory when creating slab %s\n", name); 799 800 create_boot_cache(s, name, size, flags); 801 list_add(&s->list, &slab_caches); 802 s->refcount = 1; 803 return s; 804 } 805 806 struct kmem_cache *kmalloc_caches[KMALLOC_SHIFT_HIGH + 1]; 807 EXPORT_SYMBOL(kmalloc_caches); 808 809 #ifdef CONFIG_ZONE_DMA 810 struct kmem_cache *kmalloc_dma_caches[KMALLOC_SHIFT_HIGH + 1]; 811 EXPORT_SYMBOL(kmalloc_dma_caches); 812 #endif 813 814 /* 815 * Conversion table for small slabs sizes / 8 to the index in the 816 * kmalloc array. This is necessary for slabs < 192 since we have non power 817 * of two cache sizes there. The size of larger slabs can be determined using 818 * fls. 819 */ 820 static s8 size_index[24] = { 821 3, /* 8 */ 822 4, /* 16 */ 823 5, /* 24 */ 824 5, /* 32 */ 825 6, /* 40 */ 826 6, /* 48 */ 827 6, /* 56 */ 828 6, /* 64 */ 829 1, /* 72 */ 830 1, /* 80 */ 831 1, /* 88 */ 832 1, /* 96 */ 833 7, /* 104 */ 834 7, /* 112 */ 835 7, /* 120 */ 836 7, /* 128 */ 837 2, /* 136 */ 838 2, /* 144 */ 839 2, /* 152 */ 840 2, /* 160 */ 841 2, /* 168 */ 842 2, /* 176 */ 843 2, /* 184 */ 844 2 /* 192 */ 845 }; 846 847 static inline int size_index_elem(size_t bytes) 848 { 849 return (bytes - 1) / 8; 850 } 851 852 /* 853 * Find the kmem_cache structure that serves a given size of 854 * allocation 855 */ 856 struct kmem_cache *kmalloc_slab(size_t size, gfp_t flags) 857 { 858 int index; 859 860 if (unlikely(size > KMALLOC_MAX_SIZE)) { 861 WARN_ON_ONCE(!(flags & __GFP_NOWARN)); 862 return NULL; 863 } 864 865 if (size <= 192) { 866 if (!size) 867 return ZERO_SIZE_PTR; 868 869 index = size_index[size_index_elem(size)]; 870 } else 871 index = fls(size - 1); 872 873 #ifdef CONFIG_ZONE_DMA 874 if (unlikely((flags & GFP_DMA))) 875 return kmalloc_dma_caches[index]; 876 877 #endif 878 return kmalloc_caches[index]; 879 } 880 881 /* 882 * kmalloc_info[] is to make slub_debug=,kmalloc-xx option work at boot time. 883 * kmalloc_index() supports up to 2^26=64MB, so the final entry of the table is 884 * kmalloc-67108864. 885 */ 886 static struct { 887 const char *name; 888 unsigned long size; 889 } const kmalloc_info[] __initconst = { 890 {NULL, 0}, {"kmalloc-96", 96}, 891 {"kmalloc-192", 192}, {"kmalloc-8", 8}, 892 {"kmalloc-16", 16}, {"kmalloc-32", 32}, 893 {"kmalloc-64", 64}, {"kmalloc-128", 128}, 894 {"kmalloc-256", 256}, {"kmalloc-512", 512}, 895 {"kmalloc-1024", 1024}, {"kmalloc-2048", 2048}, 896 {"kmalloc-4096", 4096}, {"kmalloc-8192", 8192}, 897 {"kmalloc-16384", 16384}, {"kmalloc-32768", 32768}, 898 {"kmalloc-65536", 65536}, {"kmalloc-131072", 131072}, 899 {"kmalloc-262144", 262144}, {"kmalloc-524288", 524288}, 900 {"kmalloc-1048576", 1048576}, {"kmalloc-2097152", 2097152}, 901 {"kmalloc-4194304", 4194304}, {"kmalloc-8388608", 8388608}, 902 {"kmalloc-16777216", 16777216}, {"kmalloc-33554432", 33554432}, 903 {"kmalloc-67108864", 67108864} 904 }; 905 906 /* 907 * Patch up the size_index table if we have strange large alignment 908 * requirements for the kmalloc array. This is only the case for 909 * MIPS it seems. The standard arches will not generate any code here. 910 * 911 * Largest permitted alignment is 256 bytes due to the way we 912 * handle the index determination for the smaller caches. 913 * 914 * Make sure that nothing crazy happens if someone starts tinkering 915 * around with ARCH_KMALLOC_MINALIGN 916 */ 917 void __init setup_kmalloc_cache_index_table(void) 918 { 919 int i; 920 921 BUILD_BUG_ON(KMALLOC_MIN_SIZE > 256 || 922 (KMALLOC_MIN_SIZE & (KMALLOC_MIN_SIZE - 1))); 923 924 for (i = 8; i < KMALLOC_MIN_SIZE; i += 8) { 925 int elem = size_index_elem(i); 926 927 if (elem >= ARRAY_SIZE(size_index)) 928 break; 929 size_index[elem] = KMALLOC_SHIFT_LOW; 930 } 931 932 if (KMALLOC_MIN_SIZE >= 64) { 933 /* 934 * The 96 byte size cache is not used if the alignment 935 * is 64 byte. 936 */ 937 for (i = 64 + 8; i <= 96; i += 8) 938 size_index[size_index_elem(i)] = 7; 939 940 } 941 942 if (KMALLOC_MIN_SIZE >= 128) { 943 /* 944 * The 192 byte sized cache is not used if the alignment 945 * is 128 byte. Redirect kmalloc to use the 256 byte cache 946 * instead. 947 */ 948 for (i = 128 + 8; i <= 192; i += 8) 949 size_index[size_index_elem(i)] = 8; 950 } 951 } 952 953 static void __init new_kmalloc_cache(int idx, unsigned long flags) 954 { 955 kmalloc_caches[idx] = create_kmalloc_cache(kmalloc_info[idx].name, 956 kmalloc_info[idx].size, flags); 957 } 958 959 /* 960 * Create the kmalloc array. Some of the regular kmalloc arrays 961 * may already have been created because they were needed to 962 * enable allocations for slab creation. 963 */ 964 void __init create_kmalloc_caches(unsigned long flags) 965 { 966 int i; 967 968 for (i = KMALLOC_SHIFT_LOW; i <= KMALLOC_SHIFT_HIGH; i++) { 969 if (!kmalloc_caches[i]) 970 new_kmalloc_cache(i, flags); 971 972 /* 973 * Caches that are not of the two-to-the-power-of size. 974 * These have to be created immediately after the 975 * earlier power of two caches 976 */ 977 if (KMALLOC_MIN_SIZE <= 32 && !kmalloc_caches[1] && i == 6) 978 new_kmalloc_cache(1, flags); 979 if (KMALLOC_MIN_SIZE <= 64 && !kmalloc_caches[2] && i == 7) 980 new_kmalloc_cache(2, flags); 981 } 982 983 /* Kmalloc array is now usable */ 984 slab_state = UP; 985 986 #ifdef CONFIG_ZONE_DMA 987 for (i = 0; i <= KMALLOC_SHIFT_HIGH; i++) { 988 struct kmem_cache *s = kmalloc_caches[i]; 989 990 if (s) { 991 int size = kmalloc_size(i); 992 char *n = kasprintf(GFP_NOWAIT, 993 "dma-kmalloc-%d", size); 994 995 BUG_ON(!n); 996 kmalloc_dma_caches[i] = create_kmalloc_cache(n, 997 size, SLAB_CACHE_DMA | flags); 998 } 999 } 1000 #endif 1001 } 1002 #endif /* !CONFIG_SLOB */ 1003 1004 /* 1005 * To avoid unnecessary overhead, we pass through large allocation requests 1006 * directly to the page allocator. We use __GFP_COMP, because we will need to 1007 * know the allocation order to free the pages properly in kfree. 1008 */ 1009 void *kmalloc_order(size_t size, gfp_t flags, unsigned int order) 1010 { 1011 void *ret; 1012 struct page *page; 1013 1014 flags |= __GFP_COMP; 1015 page = alloc_pages(flags, order); 1016 ret = page ? page_address(page) : NULL; 1017 kmemleak_alloc(ret, size, 1, flags); 1018 kasan_kmalloc_large(ret, size, flags); 1019 return ret; 1020 } 1021 EXPORT_SYMBOL(kmalloc_order); 1022 1023 #ifdef CONFIG_TRACING 1024 void *kmalloc_order_trace(size_t size, gfp_t flags, unsigned int order) 1025 { 1026 void *ret = kmalloc_order(size, flags, order); 1027 trace_kmalloc(_RET_IP_, ret, size, PAGE_SIZE << order, flags); 1028 return ret; 1029 } 1030 EXPORT_SYMBOL(kmalloc_order_trace); 1031 #endif 1032 1033 #ifdef CONFIG_SLAB_FREELIST_RANDOM 1034 /* Randomize a generic freelist */ 1035 static void freelist_randomize(struct rnd_state *state, unsigned int *list, 1036 size_t count) 1037 { 1038 size_t i; 1039 unsigned int rand; 1040 1041 for (i = 0; i < count; i++) 1042 list[i] = i; 1043 1044 /* Fisher-Yates shuffle */ 1045 for (i = count - 1; i > 0; i--) { 1046 rand = prandom_u32_state(state); 1047 rand %= (i + 1); 1048 swap(list[i], list[rand]); 1049 } 1050 } 1051 1052 /* Create a random sequence per cache */ 1053 int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, 1054 gfp_t gfp) 1055 { 1056 struct rnd_state state; 1057 1058 if (count < 2 || cachep->random_seq) 1059 return 0; 1060 1061 cachep->random_seq = kcalloc(count, sizeof(unsigned int), gfp); 1062 if (!cachep->random_seq) 1063 return -ENOMEM; 1064 1065 /* Get best entropy at this stage of boot */ 1066 prandom_seed_state(&state, get_random_long()); 1067 1068 freelist_randomize(&state, cachep->random_seq, count); 1069 return 0; 1070 } 1071 1072 /* Destroy the per-cache random freelist sequence */ 1073 void cache_random_seq_destroy(struct kmem_cache *cachep) 1074 { 1075 kfree(cachep->random_seq); 1076 cachep->random_seq = NULL; 1077 } 1078 #endif /* CONFIG_SLAB_FREELIST_RANDOM */ 1079 1080 #ifdef CONFIG_SLABINFO 1081 1082 #ifdef CONFIG_SLAB 1083 #define SLABINFO_RIGHTS (S_IWUSR | S_IRUSR) 1084 #else 1085 #define SLABINFO_RIGHTS S_IRUSR 1086 #endif 1087 1088 static void print_slabinfo_header(struct seq_file *m) 1089 { 1090 /* 1091 * Output format version, so at least we can change it 1092 * without _too_ many complaints. 1093 */ 1094 #ifdef CONFIG_DEBUG_SLAB 1095 seq_puts(m, "slabinfo - version: 2.1 (statistics)\n"); 1096 #else 1097 seq_puts(m, "slabinfo - version: 2.1\n"); 1098 #endif 1099 seq_puts(m, "# name <active_objs> <num_objs> <objsize> <objperslab> <pagesperslab>"); 1100 seq_puts(m, " : tunables <limit> <batchcount> <sharedfactor>"); 1101 seq_puts(m, " : slabdata <active_slabs> <num_slabs> <sharedavail>"); 1102 #ifdef CONFIG_DEBUG_SLAB 1103 seq_puts(m, " : globalstat <listallocs> <maxobjs> <grown> <reaped> <error> <maxfreeable> <nodeallocs> <remotefrees> <alienoverflow>"); 1104 seq_puts(m, " : cpustat <allochit> <allocmiss> <freehit> <freemiss>"); 1105 #endif 1106 seq_putc(m, '\n'); 1107 } 1108 1109 void *slab_start(struct seq_file *m, loff_t *pos) 1110 { 1111 mutex_lock(&slab_mutex); 1112 return seq_list_start(&slab_caches, *pos); 1113 } 1114 1115 void *slab_next(struct seq_file *m, void *p, loff_t *pos) 1116 { 1117 return seq_list_next(p, &slab_caches, pos); 1118 } 1119 1120 void slab_stop(struct seq_file *m, void *p) 1121 { 1122 mutex_unlock(&slab_mutex); 1123 } 1124 1125 static void 1126 memcg_accumulate_slabinfo(struct kmem_cache *s, struct slabinfo *info) 1127 { 1128 struct kmem_cache *c; 1129 struct slabinfo sinfo; 1130 1131 if (!is_root_cache(s)) 1132 return; 1133 1134 for_each_memcg_cache(c, s) { 1135 memset(&sinfo, 0, sizeof(sinfo)); 1136 get_slabinfo(c, &sinfo); 1137 1138 info->active_slabs += sinfo.active_slabs; 1139 info->num_slabs += sinfo.num_slabs; 1140 info->shared_avail += sinfo.shared_avail; 1141 info->active_objs += sinfo.active_objs; 1142 info->num_objs += sinfo.num_objs; 1143 } 1144 } 1145 1146 static void cache_show(struct kmem_cache *s, struct seq_file *m) 1147 { 1148 struct slabinfo sinfo; 1149 1150 memset(&sinfo, 0, sizeof(sinfo)); 1151 get_slabinfo(s, &sinfo); 1152 1153 memcg_accumulate_slabinfo(s, &sinfo); 1154 1155 seq_printf(m, "%-17s %6lu %6lu %6u %4u %4d", 1156 cache_name(s), sinfo.active_objs, sinfo.num_objs, s->size, 1157 sinfo.objects_per_slab, (1 << sinfo.cache_order)); 1158 1159 seq_printf(m, " : tunables %4u %4u %4u", 1160 sinfo.limit, sinfo.batchcount, sinfo.shared); 1161 seq_printf(m, " : slabdata %6lu %6lu %6lu", 1162 sinfo.active_slabs, sinfo.num_slabs, sinfo.shared_avail); 1163 slabinfo_show_stats(m, s); 1164 seq_putc(m, '\n'); 1165 } 1166 1167 static int slab_show(struct seq_file *m, void *p) 1168 { 1169 struct kmem_cache *s = list_entry(p, struct kmem_cache, list); 1170 1171 if (p == slab_caches.next) 1172 print_slabinfo_header(m); 1173 if (is_root_cache(s)) 1174 cache_show(s, m); 1175 return 0; 1176 } 1177 1178 #if defined(CONFIG_MEMCG) && !defined(CONFIG_SLOB) 1179 int memcg_slab_show(struct seq_file *m, void *p) 1180 { 1181 struct kmem_cache *s = list_entry(p, struct kmem_cache, list); 1182 struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(m)); 1183 1184 if (p == slab_caches.next) 1185 print_slabinfo_header(m); 1186 if (!is_root_cache(s) && s->memcg_params.memcg == memcg) 1187 cache_show(s, m); 1188 return 0; 1189 } 1190 #endif 1191 1192 /* 1193 * slabinfo_op - iterator that generates /proc/slabinfo 1194 * 1195 * Output layout: 1196 * cache-name 1197 * num-active-objs 1198 * total-objs 1199 * object size 1200 * num-active-slabs 1201 * total-slabs 1202 * num-pages-per-slab 1203 * + further values on SMP and with statistics enabled 1204 */ 1205 static const struct seq_operations slabinfo_op = { 1206 .start = slab_start, 1207 .next = slab_next, 1208 .stop = slab_stop, 1209 .show = slab_show, 1210 }; 1211 1212 static int slabinfo_open(struct inode *inode, struct file *file) 1213 { 1214 return seq_open(file, &slabinfo_op); 1215 } 1216 1217 static const struct file_operations proc_slabinfo_operations = { 1218 .open = slabinfo_open, 1219 .read = seq_read, 1220 .write = slabinfo_write, 1221 .llseek = seq_lseek, 1222 .release = seq_release, 1223 }; 1224 1225 static int __init slab_proc_init(void) 1226 { 1227 proc_create("slabinfo", SLABINFO_RIGHTS, NULL, 1228 &proc_slabinfo_operations); 1229 return 0; 1230 } 1231 module_init(slab_proc_init); 1232 #endif /* CONFIG_SLABINFO */ 1233 1234 static __always_inline void *__do_krealloc(const void *p, size_t new_size, 1235 gfp_t flags) 1236 { 1237 void *ret; 1238 size_t ks = 0; 1239 1240 if (p) 1241 ks = ksize(p); 1242 1243 if (ks >= new_size) { 1244 kasan_krealloc((void *)p, new_size, flags); 1245 return (void *)p; 1246 } 1247 1248 ret = kmalloc_track_caller(new_size, flags); 1249 if (ret && p) 1250 memcpy(ret, p, ks); 1251 1252 return ret; 1253 } 1254 1255 /** 1256 * __krealloc - like krealloc() but don't free @p. 1257 * @p: object to reallocate memory for. 1258 * @new_size: how many bytes of memory are required. 1259 * @flags: the type of memory to allocate. 1260 * 1261 * This function is like krealloc() except it never frees the originally 1262 * allocated buffer. Use this if you don't want to free the buffer immediately 1263 * like, for example, with RCU. 1264 */ 1265 void *__krealloc(const void *p, size_t new_size, gfp_t flags) 1266 { 1267 if (unlikely(!new_size)) 1268 return ZERO_SIZE_PTR; 1269 1270 return __do_krealloc(p, new_size, flags); 1271 1272 } 1273 EXPORT_SYMBOL(__krealloc); 1274 1275 /** 1276 * krealloc - reallocate memory. The contents will remain unchanged. 1277 * @p: object to reallocate memory for. 1278 * @new_size: how many bytes of memory are required. 1279 * @flags: the type of memory to allocate. 1280 * 1281 * The contents of the object pointed to are preserved up to the 1282 * lesser of the new and old sizes. If @p is %NULL, krealloc() 1283 * behaves exactly like kmalloc(). If @new_size is 0 and @p is not a 1284 * %NULL pointer, the object pointed to is freed. 1285 */ 1286 void *krealloc(const void *p, size_t new_size, gfp_t flags) 1287 { 1288 void *ret; 1289 1290 if (unlikely(!new_size)) { 1291 kfree(p); 1292 return ZERO_SIZE_PTR; 1293 } 1294 1295 ret = __do_krealloc(p, new_size, flags); 1296 if (ret && p != ret) 1297 kfree(p); 1298 1299 return ret; 1300 } 1301 EXPORT_SYMBOL(krealloc); 1302 1303 /** 1304 * kzfree - like kfree but zero memory 1305 * @p: object to free memory of 1306 * 1307 * The memory of the object @p points to is zeroed before freed. 1308 * If @p is %NULL, kzfree() does nothing. 1309 * 1310 * Note: this function zeroes the whole allocated buffer which can be a good 1311 * deal bigger than the requested buffer size passed to kmalloc(). So be 1312 * careful when using this function in performance sensitive code. 1313 */ 1314 void kzfree(const void *p) 1315 { 1316 size_t ks; 1317 void *mem = (void *)p; 1318 1319 if (unlikely(ZERO_OR_NULL_PTR(mem))) 1320 return; 1321 ks = ksize(mem); 1322 memset(mem, 0, ks); 1323 kfree(mem); 1324 } 1325 EXPORT_SYMBOL(kzfree); 1326 1327 /* Tracepoints definitions. */ 1328 EXPORT_TRACEPOINT_SYMBOL(kmalloc); 1329 EXPORT_TRACEPOINT_SYMBOL(kmem_cache_alloc); 1330 EXPORT_TRACEPOINT_SYMBOL(kmalloc_node); 1331 EXPORT_TRACEPOINT_SYMBOL(kmem_cache_alloc_node); 1332 EXPORT_TRACEPOINT_SYMBOL(kfree); 1333 EXPORT_TRACEPOINT_SYMBOL(kmem_cache_free); 1334