[PATCH] reject corrupt swapfiles earlier
[linux-2.6.git] / mm / swapfile.c
1 /*
2  *  linux/mm/swapfile.c
3  *
4  *  Copyright (C) 1991, 1992, 1993, 1994  Linus Torvalds
5  *  Swap reorganised 29.12.95, Stephen Tweedie
6  */
7
8 #include <linux/mm.h>
9 #include <linux/hugetlb.h>
10 #include <linux/mman.h>
11 #include <linux/slab.h>
12 #include <linux/kernel_stat.h>
13 #include <linux/swap.h>
14 #include <linux/vmalloc.h>
15 #include <linux/pagemap.h>
16 #include <linux/namei.h>
17 #include <linux/shm.h>
18 #include <linux/blkdev.h>
19 #include <linux/writeback.h>
20 #include <linux/proc_fs.h>
21 #include <linux/seq_file.h>
22 #include <linux/init.h>
23 #include <linux/module.h>
24 #include <linux/rmap.h>
25 #include <linux/security.h>
26 #include <linux/backing-dev.h>
27 #include <linux/mutex.h>
28 #include <linux/capability.h>
29 #include <linux/syscalls.h>
30
31 #include <asm/pgtable.h>
32 #include <asm/tlbflush.h>
33 #include <linux/swapops.h>
34
35 DEFINE_SPINLOCK(swap_lock);
36 unsigned int nr_swapfiles;
37 long total_swap_pages;
38 static int swap_overflow;
39
40 static const char Bad_file[] = "Bad swap file entry ";
41 static const char Unused_file[] = "Unused swap file entry ";
42 static const char Bad_offset[] = "Bad swap offset entry ";
43 static const char Unused_offset[] = "Unused swap offset entry ";
44
45 struct swap_list_t swap_list = {-1, -1};
46
47 static struct swap_info_struct swap_info[MAX_SWAPFILES];
48
49 static DEFINE_MUTEX(swapon_mutex);
50
51 /*
52  * We need this because the bdev->unplug_fn can sleep and we cannot
53  * hold swap_lock while calling the unplug_fn. And swap_lock
54  * cannot be turned into a mutex.
55  */
56 static DECLARE_RWSEM(swap_unplug_sem);
57
58 void swap_unplug_io_fn(struct backing_dev_info *unused_bdi, struct page *page)
59 {
60         swp_entry_t entry;
61
62         down_read(&swap_unplug_sem);
63         entry.val = page_private(page);
64         if (PageSwapCache(page)) {
65                 struct block_device *bdev = swap_info[swp_type(entry)].bdev;
66                 struct backing_dev_info *bdi;
67
68                 /*
69                  * If the page is removed from swapcache from under us (with a
70                  * racy try_to_unuse/swapoff) we need an additional reference
71                  * count to avoid reading garbage from page_private(page) above.
72                  * If the WARN_ON triggers during a swapoff it maybe the race
73                  * condition and it's harmless. However if it triggers without
74                  * swapoff it signals a problem.
75                  */
76                 WARN_ON(page_count(page) <= 1);
77
78                 bdi = bdev->bd_inode->i_mapping->backing_dev_info;
79                 blk_run_backing_dev(bdi, page);
80         }
81         up_read(&swap_unplug_sem);
82 }
83
84 #define SWAPFILE_CLUSTER        256
85 #define LATENCY_LIMIT           256
86
87 static inline unsigned long scan_swap_map(struct swap_info_struct *si)
88 {
89         unsigned long offset, last_in_cluster;
90         int latency_ration = LATENCY_LIMIT;
91
92         /* 
93          * We try to cluster swap pages by allocating them sequentially
94          * in swap.  Once we've allocated SWAPFILE_CLUSTER pages this
95          * way, however, we resort to first-free allocation, starting
96          * a new cluster.  This prevents us from scattering swap pages
97          * all over the entire swap partition, so that we reduce
98          * overall disk seek times between swap pages.  -- sct
99          * But we do now try to find an empty cluster.  -Andrea
100          */
101
102         si->flags += SWP_SCANNING;
103         if (unlikely(!si->cluster_nr)) {
104                 si->cluster_nr = SWAPFILE_CLUSTER - 1;
105                 if (si->pages - si->inuse_pages < SWAPFILE_CLUSTER)
106                         goto lowest;
107                 spin_unlock(&swap_lock);
108
109                 offset = si->lowest_bit;
110                 last_in_cluster = offset + SWAPFILE_CLUSTER - 1;
111
112                 /* Locate the first empty (unaligned) cluster */
113                 for (; last_in_cluster <= si->highest_bit; offset++) {
114                         if (si->swap_map[offset])
115                                 last_in_cluster = offset + SWAPFILE_CLUSTER;
116                         else if (offset == last_in_cluster) {
117                                 spin_lock(&swap_lock);
118                                 si->cluster_next = offset-SWAPFILE_CLUSTER+1;
119                                 goto cluster;
120                         }
121                         if (unlikely(--latency_ration < 0)) {
122                                 cond_resched();
123                                 latency_ration = LATENCY_LIMIT;
124                         }
125                 }
126                 spin_lock(&swap_lock);
127                 goto lowest;
128         }
129
130         si->cluster_nr--;
131 cluster:
132         offset = si->cluster_next;
133         if (offset > si->highest_bit)
134 lowest:         offset = si->lowest_bit;
135 checks: if (!(si->flags & SWP_WRITEOK))
136                 goto no_page;
137         if (!si->highest_bit)
138                 goto no_page;
139         if (!si->swap_map[offset]) {
140                 if (offset == si->lowest_bit)
141                         si->lowest_bit++;
142                 if (offset == si->highest_bit)
143                         si->highest_bit--;
144                 si->inuse_pages++;
145                 if (si->inuse_pages == si->pages) {
146                         si->lowest_bit = si->max;
147                         si->highest_bit = 0;
148                 }
149                 si->swap_map[offset] = 1;
150                 si->cluster_next = offset + 1;
151                 si->flags -= SWP_SCANNING;
152                 return offset;
153         }
154
155         spin_unlock(&swap_lock);
156         while (++offset <= si->highest_bit) {
157                 if (!si->swap_map[offset]) {
158                         spin_lock(&swap_lock);
159                         goto checks;
160                 }
161                 if (unlikely(--latency_ration < 0)) {
162                         cond_resched();
163                         latency_ration = LATENCY_LIMIT;
164                 }
165         }
166         spin_lock(&swap_lock);
167         goto lowest;
168
169 no_page:
170         si->flags -= SWP_SCANNING;
171         return 0;
172 }
173
174 swp_entry_t get_swap_page(void)
175 {
176         struct swap_info_struct *si;
177         pgoff_t offset;
178         int type, next;
179         int wrapped = 0;
180
181         spin_lock(&swap_lock);
182         if (nr_swap_pages <= 0)
183                 goto noswap;
184         nr_swap_pages--;
185
186         for (type = swap_list.next; type >= 0 && wrapped < 2; type = next) {
187                 si = swap_info + type;
188                 next = si->next;
189                 if (next < 0 ||
190                     (!wrapped && si->prio != swap_info[next].prio)) {
191                         next = swap_list.head;
192                         wrapped++;
193                 }
194
195                 if (!si->highest_bit)
196                         continue;
197                 if (!(si->flags & SWP_WRITEOK))
198                         continue;
199
200                 swap_list.next = next;
201                 offset = scan_swap_map(si);
202                 if (offset) {
203                         spin_unlock(&swap_lock);
204                         return swp_entry(type, offset);
205                 }
206                 next = swap_list.next;
207         }
208
209         nr_swap_pages++;
210 noswap:
211         spin_unlock(&swap_lock);
212         return (swp_entry_t) {0};
213 }
214
215 swp_entry_t get_swap_page_of_type(int type)
216 {
217         struct swap_info_struct *si;
218         pgoff_t offset;
219
220         spin_lock(&swap_lock);
221         si = swap_info + type;
222         if (si->flags & SWP_WRITEOK) {
223                 nr_swap_pages--;
224                 offset = scan_swap_map(si);
225                 if (offset) {
226                         spin_unlock(&swap_lock);
227                         return swp_entry(type, offset);
228                 }
229                 nr_swap_pages++;
230         }
231         spin_unlock(&swap_lock);
232         return (swp_entry_t) {0};
233 }
234
235 static struct swap_info_struct * swap_info_get(swp_entry_t entry)
236 {
237         struct swap_info_struct * p;
238         unsigned long offset, type;
239
240         if (!entry.val)
241                 goto out;
242         type = swp_type(entry);
243         if (type >= nr_swapfiles)
244                 goto bad_nofile;
245         p = & swap_info[type];
246         if (!(p->flags & SWP_USED))
247                 goto bad_device;
248         offset = swp_offset(entry);
249         if (offset >= p->max)
250                 goto bad_offset;
251         if (!p->swap_map[offset])
252                 goto bad_free;
253         spin_lock(&swap_lock);
254         return p;
255
256 bad_free:
257         printk(KERN_ERR "swap_free: %s%08lx\n", Unused_offset, entry.val);
258         goto out;
259 bad_offset:
260         printk(KERN_ERR "swap_free: %s%08lx\n", Bad_offset, entry.val);
261         goto out;
262 bad_device:
263         printk(KERN_ERR "swap_free: %s%08lx\n", Unused_file, entry.val);
264         goto out;
265 bad_nofile:
266         printk(KERN_ERR "swap_free: %s%08lx\n", Bad_file, entry.val);
267 out:
268         return NULL;
269 }       
270
271 static int swap_entry_free(struct swap_info_struct *p, unsigned long offset)
272 {
273         int count = p->swap_map[offset];
274
275         if (count < SWAP_MAP_MAX) {
276                 count--;
277                 p->swap_map[offset] = count;
278                 if (!count) {
279                         if (offset < p->lowest_bit)
280                                 p->lowest_bit = offset;
281                         if (offset > p->highest_bit)
282                                 p->highest_bit = offset;
283                         if (p->prio > swap_info[swap_list.next].prio)
284                                 swap_list.next = p - swap_info;
285                         nr_swap_pages++;
286                         p->inuse_pages--;
287                 }
288         }
289         return count;
290 }
291
292 /*
293  * Caller has made sure that the swapdevice corresponding to entry
294  * is still around or has not been recycled.
295  */
296 void swap_free(swp_entry_t entry)
297 {
298         struct swap_info_struct * p;
299
300         p = swap_info_get(entry);
301         if (p) {
302                 swap_entry_free(p, swp_offset(entry));
303                 spin_unlock(&swap_lock);
304         }
305 }
306
307 /*
308  * How many references to page are currently swapped out?
309  */
310 static inline int page_swapcount(struct page *page)
311 {
312         int count = 0;
313         struct swap_info_struct *p;
314         swp_entry_t entry;
315
316         entry.val = page_private(page);
317         p = swap_info_get(entry);
318         if (p) {
319                 /* Subtract the 1 for the swap cache itself */
320                 count = p->swap_map[swp_offset(entry)] - 1;
321                 spin_unlock(&swap_lock);
322         }
323         return count;
324 }
325
326 /*
327  * We can use this swap cache entry directly
328  * if there are no other references to it.
329  */
330 int can_share_swap_page(struct page *page)
331 {
332         int count;
333
334         BUG_ON(!PageLocked(page));
335         count = page_mapcount(page);
336         if (count <= 1 && PageSwapCache(page))
337                 count += page_swapcount(page);
338         return count == 1;
339 }
340
341 /*
342  * Work out if there are any other processes sharing this
343  * swap cache page. Free it if you can. Return success.
344  */
345 int remove_exclusive_swap_page(struct page *page)
346 {
347         int retval;
348         struct swap_info_struct * p;
349         swp_entry_t entry;
350
351         BUG_ON(PagePrivate(page));
352         BUG_ON(!PageLocked(page));
353
354         if (!PageSwapCache(page))
355                 return 0;
356         if (PageWriteback(page))
357                 return 0;
358         if (page_count(page) != 2) /* 2: us + cache */
359                 return 0;
360
361         entry.val = page_private(page);
362         p = swap_info_get(entry);
363         if (!p)
364                 return 0;
365
366         /* Is the only swap cache user the cache itself? */
367         retval = 0;
368         if (p->swap_map[swp_offset(entry)] == 1) {
369                 /* Recheck the page count with the swapcache lock held.. */
370                 write_lock_irq(&swapper_space.tree_lock);
371                 if ((page_count(page) == 2) && !PageWriteback(page)) {
372                         __delete_from_swap_cache(page);
373                         SetPageDirty(page);
374                         retval = 1;
375                 }
376                 write_unlock_irq(&swapper_space.tree_lock);
377         }
378         spin_unlock(&swap_lock);
379
380         if (retval) {
381                 swap_free(entry);
382                 page_cache_release(page);
383         }
384
385         return retval;
386 }
387
388 /*
389  * Free the swap entry like above, but also try to
390  * free the page cache entry if it is the last user.
391  */
392 void free_swap_and_cache(swp_entry_t entry)
393 {
394         struct swap_info_struct * p;
395         struct page *page = NULL;
396
397         if (is_migration_entry(entry))
398                 return;
399
400         p = swap_info_get(entry);
401         if (p) {
402                 if (swap_entry_free(p, swp_offset(entry)) == 1) {
403                         page = find_get_page(&swapper_space, entry.val);
404                         if (page && unlikely(TestSetPageLocked(page))) {
405                                 page_cache_release(page);
406                                 page = NULL;
407                         }
408                 }
409                 spin_unlock(&swap_lock);
410         }
411         if (page) {
412                 int one_user;
413
414                 BUG_ON(PagePrivate(page));
415                 one_user = (page_count(page) == 2);
416                 /* Only cache user (+us), or swap space full? Free it! */
417                 /* Also recheck PageSwapCache after page is locked (above) */
418                 if (PageSwapCache(page) && !PageWriteback(page) &&
419                                         (one_user || vm_swap_full())) {
420                         delete_from_swap_cache(page);
421                         SetPageDirty(page);
422                 }
423                 unlock_page(page);
424                 page_cache_release(page);
425         }
426 }
427
428 #ifdef CONFIG_SOFTWARE_SUSPEND
429 /*
430  * Find the swap type that corresponds to given device (if any)
431  *
432  * This is needed for software suspend and is done in such a way that inode
433  * aliasing is allowed.
434  */
435 int swap_type_of(dev_t device)
436 {
437         int i;
438
439         spin_lock(&swap_lock);
440         for (i = 0; i < nr_swapfiles; i++) {
441                 struct inode *inode;
442
443                 if (!(swap_info[i].flags & SWP_WRITEOK))
444                         continue;
445
446                 if (!device) {
447                         spin_unlock(&swap_lock);
448                         return i;
449                 }
450                 inode = swap_info[i].swap_file->f_dentry->d_inode;
451                 if (S_ISBLK(inode->i_mode) &&
452                     device == MKDEV(imajor(inode), iminor(inode))) {
453                         spin_unlock(&swap_lock);
454                         return i;
455                 }
456         }
457         spin_unlock(&swap_lock);
458         return -ENODEV;
459 }
460
461 /*
462  * Return either the total number of swap pages of given type, or the number
463  * of free pages of that type (depending on @free)
464  *
465  * This is needed for software suspend
466  */
467 unsigned int count_swap_pages(int type, int free)
468 {
469         unsigned int n = 0;
470
471         if (type < nr_swapfiles) {
472                 spin_lock(&swap_lock);
473                 if (swap_info[type].flags & SWP_WRITEOK) {
474                         n = swap_info[type].pages;
475                         if (free)
476                                 n -= swap_info[type].inuse_pages;
477                 }
478                 spin_unlock(&swap_lock);
479         }
480         return n;
481 }
482 #endif
483
484 /*
485  * No need to decide whether this PTE shares the swap entry with others,
486  * just let do_wp_page work it out if a write is requested later - to
487  * force COW, vm_page_prot omits write permission from any private vma.
488  */
489 static void unuse_pte(struct vm_area_struct *vma, pte_t *pte,
490                 unsigned long addr, swp_entry_t entry, struct page *page)
491 {
492         inc_mm_counter(vma->vm_mm, anon_rss);
493         get_page(page);
494         set_pte_at(vma->vm_mm, addr, pte,
495                    pte_mkold(mk_pte(page, vma->vm_page_prot)));
496         page_add_anon_rmap(page, vma, addr);
497         swap_free(entry);
498         /*
499          * Move the page to the active list so it is not
500          * immediately swapped out again after swapon.
501          */
502         activate_page(page);
503 }
504
505 static int unuse_pte_range(struct vm_area_struct *vma, pmd_t *pmd,
506                                 unsigned long addr, unsigned long end,
507                                 swp_entry_t entry, struct page *page)
508 {
509         pte_t swp_pte = swp_entry_to_pte(entry);
510         pte_t *pte;
511         spinlock_t *ptl;
512         int found = 0;
513
514         pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl);
515         do {
516                 /*
517                  * swapoff spends a _lot_ of time in this loop!
518                  * Test inline before going to call unuse_pte.
519                  */
520                 if (unlikely(pte_same(*pte, swp_pte))) {
521                         unuse_pte(vma, pte++, addr, entry, page);
522                         found = 1;
523                         break;
524                 }
525         } while (pte++, addr += PAGE_SIZE, addr != end);
526         pte_unmap_unlock(pte - 1, ptl);
527         return found;
528 }
529
530 static inline int unuse_pmd_range(struct vm_area_struct *vma, pud_t *pud,
531                                 unsigned long addr, unsigned long end,
532                                 swp_entry_t entry, struct page *page)
533 {
534         pmd_t *pmd;
535         unsigned long next;
536
537         pmd = pmd_offset(pud, addr);
538         do {
539                 next = pmd_addr_end(addr, end);
540                 if (pmd_none_or_clear_bad(pmd))
541                         continue;
542                 if (unuse_pte_range(vma, pmd, addr, next, entry, page))
543                         return 1;
544         } while (pmd++, addr = next, addr != end);
545         return 0;
546 }
547
548 static inline int unuse_pud_range(struct vm_area_struct *vma, pgd_t *pgd,
549                                 unsigned long addr, unsigned long end,
550                                 swp_entry_t entry, struct page *page)
551 {
552         pud_t *pud;
553         unsigned long next;
554
555         pud = pud_offset(pgd, addr);
556         do {
557                 next = pud_addr_end(addr, end);
558                 if (pud_none_or_clear_bad(pud))
559                         continue;
560                 if (unuse_pmd_range(vma, pud, addr, next, entry, page))
561                         return 1;
562         } while (pud++, addr = next, addr != end);
563         return 0;
564 }
565
566 static int unuse_vma(struct vm_area_struct *vma,
567                                 swp_entry_t entry, struct page *page)
568 {
569         pgd_t *pgd;
570         unsigned long addr, end, next;
571
572         if (page->mapping) {
573                 addr = page_address_in_vma(page, vma);
574                 if (addr == -EFAULT)
575                         return 0;
576                 else
577                         end = addr + PAGE_SIZE;
578         } else {
579                 addr = vma->vm_start;
580                 end = vma->vm_end;
581         }
582
583         pgd = pgd_offset(vma->vm_mm, addr);
584         do {
585                 next = pgd_addr_end(addr, end);
586                 if (pgd_none_or_clear_bad(pgd))
587                         continue;
588                 if (unuse_pud_range(vma, pgd, addr, next, entry, page))
589                         return 1;
590         } while (pgd++, addr = next, addr != end);
591         return 0;
592 }
593
594 static int unuse_mm(struct mm_struct *mm,
595                                 swp_entry_t entry, struct page *page)
596 {
597         struct vm_area_struct *vma;
598
599         if (!down_read_trylock(&mm->mmap_sem)) {
600                 /*
601                  * Activate page so shrink_cache is unlikely to unmap its
602                  * ptes while lock is dropped, so swapoff can make progress.
603                  */
604                 activate_page(page);
605                 unlock_page(page);
606                 down_read(&mm->mmap_sem);
607                 lock_page(page);
608         }
609         for (vma = mm->mmap; vma; vma = vma->vm_next) {
610                 if (vma->anon_vma && unuse_vma(vma, entry, page))
611                         break;
612         }
613         up_read(&mm->mmap_sem);
614         /*
615          * Currently unuse_mm cannot fail, but leave error handling
616          * at call sites for now, since we change it from time to time.
617          */
618         return 0;
619 }
620
621 /*
622  * Scan swap_map from current position to next entry still in use.
623  * Recycle to start on reaching the end, returning 0 when empty.
624  */
625 static unsigned int find_next_to_unuse(struct swap_info_struct *si,
626                                         unsigned int prev)
627 {
628         unsigned int max = si->max;
629         unsigned int i = prev;
630         int count;
631
632         /*
633          * No need for swap_lock here: we're just looking
634          * for whether an entry is in use, not modifying it; false
635          * hits are okay, and sys_swapoff() has already prevented new
636          * allocations from this area (while holding swap_lock).
637          */
638         for (;;) {
639                 if (++i >= max) {
640                         if (!prev) {
641                                 i = 0;
642                                 break;
643                         }
644                         /*
645                          * No entries in use at top of swap_map,
646                          * loop back to start and recheck there.
647                          */
648                         max = prev + 1;
649                         prev = 0;
650                         i = 1;
651                 }
652                 count = si->swap_map[i];
653                 if (count && count != SWAP_MAP_BAD)
654                         break;
655         }
656         return i;
657 }
658
659 /*
660  * We completely avoid races by reading each swap page in advance,
661  * and then search for the process using it.  All the necessary
662  * page table adjustments can then be made atomically.
663  */
664 static int try_to_unuse(unsigned int type)
665 {
666         struct swap_info_struct * si = &swap_info[type];
667         struct mm_struct *start_mm;
668         unsigned short *swap_map;
669         unsigned short swcount;
670         struct page *page;
671         swp_entry_t entry;
672         unsigned int i = 0;
673         int retval = 0;
674         int reset_overflow = 0;
675         int shmem;
676
677         /*
678          * When searching mms for an entry, a good strategy is to
679          * start at the first mm we freed the previous entry from
680          * (though actually we don't notice whether we or coincidence
681          * freed the entry).  Initialize this start_mm with a hold.
682          *
683          * A simpler strategy would be to start at the last mm we
684          * freed the previous entry from; but that would take less
685          * advantage of mmlist ordering, which clusters forked mms
686          * together, child after parent.  If we race with dup_mmap(), we
687          * prefer to resolve parent before child, lest we miss entries
688          * duplicated after we scanned child: using last mm would invert
689          * that.  Though it's only a serious concern when an overflowed
690          * swap count is reset from SWAP_MAP_MAX, preventing a rescan.
691          */
692         start_mm = &init_mm;
693         atomic_inc(&init_mm.mm_users);
694
695         /*
696          * Keep on scanning until all entries have gone.  Usually,
697          * one pass through swap_map is enough, but not necessarily:
698          * there are races when an instance of an entry might be missed.
699          */
700         while ((i = find_next_to_unuse(si, i)) != 0) {
701                 if (signal_pending(current)) {
702                         retval = -EINTR;
703                         break;
704                 }
705
706                 /* 
707                  * Get a page for the entry, using the existing swap
708                  * cache page if there is one.  Otherwise, get a clean
709                  * page and read the swap into it. 
710                  */
711                 swap_map = &si->swap_map[i];
712                 entry = swp_entry(type, i);
713                 page = read_swap_cache_async(entry, NULL, 0);
714                 if (!page) {
715                         /*
716                          * Either swap_duplicate() failed because entry
717                          * has been freed independently, and will not be
718                          * reused since sys_swapoff() already disabled
719                          * allocation from here, or alloc_page() failed.
720                          */
721                         if (!*swap_map)
722                                 continue;
723                         retval = -ENOMEM;
724                         break;
725                 }
726
727                 /*
728                  * Don't hold on to start_mm if it looks like exiting.
729                  */
730                 if (atomic_read(&start_mm->mm_users) == 1) {
731                         mmput(start_mm);
732                         start_mm = &init_mm;
733                         atomic_inc(&init_mm.mm_users);
734                 }
735
736                 /*
737                  * Wait for and lock page.  When do_swap_page races with
738                  * try_to_unuse, do_swap_page can handle the fault much
739                  * faster than try_to_unuse can locate the entry.  This
740                  * apparently redundant "wait_on_page_locked" lets try_to_unuse
741                  * defer to do_swap_page in such a case - in some tests,
742                  * do_swap_page and try_to_unuse repeatedly compete.
743                  */
744                 wait_on_page_locked(page);
745                 wait_on_page_writeback(page);
746                 lock_page(page);
747                 wait_on_page_writeback(page);
748
749                 /*
750                  * Remove all references to entry.
751                  * Whenever we reach init_mm, there's no address space
752                  * to search, but use it as a reminder to search shmem.
753                  */
754                 shmem = 0;
755                 swcount = *swap_map;
756                 if (swcount > 1) {
757                         if (start_mm == &init_mm)
758                                 shmem = shmem_unuse(entry, page);
759                         else
760                                 retval = unuse_mm(start_mm, entry, page);
761                 }
762                 if (*swap_map > 1) {
763                         int set_start_mm = (*swap_map >= swcount);
764                         struct list_head *p = &start_mm->mmlist;
765                         struct mm_struct *new_start_mm = start_mm;
766                         struct mm_struct *prev_mm = start_mm;
767                         struct mm_struct *mm;
768
769                         atomic_inc(&new_start_mm->mm_users);
770                         atomic_inc(&prev_mm->mm_users);
771                         spin_lock(&mmlist_lock);
772                         while (*swap_map > 1 && !retval &&
773                                         (p = p->next) != &start_mm->mmlist) {
774                                 mm = list_entry(p, struct mm_struct, mmlist);
775                                 if (!atomic_inc_not_zero(&mm->mm_users))
776                                         continue;
777                                 spin_unlock(&mmlist_lock);
778                                 mmput(prev_mm);
779                                 prev_mm = mm;
780
781                                 cond_resched();
782
783                                 swcount = *swap_map;
784                                 if (swcount <= 1)
785                                         ;
786                                 else if (mm == &init_mm) {
787                                         set_start_mm = 1;
788                                         shmem = shmem_unuse(entry, page);
789                                 } else
790                                         retval = unuse_mm(mm, entry, page);
791                                 if (set_start_mm && *swap_map < swcount) {
792                                         mmput(new_start_mm);
793                                         atomic_inc(&mm->mm_users);
794                                         new_start_mm = mm;
795                                         set_start_mm = 0;
796                                 }
797                                 spin_lock(&mmlist_lock);
798                         }
799                         spin_unlock(&mmlist_lock);
800                         mmput(prev_mm);
801                         mmput(start_mm);
802                         start_mm = new_start_mm;
803                 }
804                 if (retval) {
805                         unlock_page(page);
806                         page_cache_release(page);
807                         break;
808                 }
809
810                 /*
811                  * How could swap count reach 0x7fff when the maximum
812                  * pid is 0x7fff, and there's no way to repeat a swap
813                  * page within an mm (except in shmem, where it's the
814                  * shared object which takes the reference count)?
815                  * We believe SWAP_MAP_MAX cannot occur in Linux 2.4.
816                  *
817                  * If that's wrong, then we should worry more about
818                  * exit_mmap() and do_munmap() cases described above:
819                  * we might be resetting SWAP_MAP_MAX too early here.
820                  * We know "Undead"s can happen, they're okay, so don't
821                  * report them; but do report if we reset SWAP_MAP_MAX.
822                  */
823                 if (*swap_map == SWAP_MAP_MAX) {
824                         spin_lock(&swap_lock);
825                         *swap_map = 1;
826                         spin_unlock(&swap_lock);
827                         reset_overflow = 1;
828                 }
829
830                 /*
831                  * If a reference remains (rare), we would like to leave
832                  * the page in the swap cache; but try_to_unmap could
833                  * then re-duplicate the entry once we drop page lock,
834                  * so we might loop indefinitely; also, that page could
835                  * not be swapped out to other storage meanwhile.  So:
836                  * delete from cache even if there's another reference,
837                  * after ensuring that the data has been saved to disk -
838                  * since if the reference remains (rarer), it will be
839                  * read from disk into another page.  Splitting into two
840                  * pages would be incorrect if swap supported "shared
841                  * private" pages, but they are handled by tmpfs files.
842                  *
843                  * Note shmem_unuse already deleted a swappage from
844                  * the swap cache, unless the move to filepage failed:
845                  * in which case it left swappage in cache, lowered its
846                  * swap count to pass quickly through the loops above,
847                  * and now we must reincrement count to try again later.
848                  */
849                 if ((*swap_map > 1) && PageDirty(page) && PageSwapCache(page)) {
850                         struct writeback_control wbc = {
851                                 .sync_mode = WB_SYNC_NONE,
852                         };
853
854                         swap_writepage(page, &wbc);
855                         lock_page(page);
856                         wait_on_page_writeback(page);
857                 }
858                 if (PageSwapCache(page)) {
859                         if (shmem)
860                                 swap_duplicate(entry);
861                         else
862                                 delete_from_swap_cache(page);
863                 }
864
865                 /*
866                  * So we could skip searching mms once swap count went
867                  * to 1, we did not mark any present ptes as dirty: must
868                  * mark page dirty so shrink_list will preserve it.
869                  */
870                 SetPageDirty(page);
871                 unlock_page(page);
872                 page_cache_release(page);
873
874                 /*
875                  * Make sure that we aren't completely killing
876                  * interactive performance.
877                  */
878                 cond_resched();
879         }
880
881         mmput(start_mm);
882         if (reset_overflow) {
883                 printk(KERN_WARNING "swapoff: cleared swap entry overflow\n");
884                 swap_overflow = 0;
885         }
886         return retval;
887 }
888
889 /*
890  * After a successful try_to_unuse, if no swap is now in use, we know
891  * we can empty the mmlist.  swap_lock must be held on entry and exit.
892  * Note that mmlist_lock nests inside swap_lock, and an mm must be
893  * added to the mmlist just after page_duplicate - before would be racy.
894  */
895 static void drain_mmlist(void)
896 {
897         struct list_head *p, *next;
898         unsigned int i;
899
900         for (i = 0; i < nr_swapfiles; i++)
901                 if (swap_info[i].inuse_pages)
902                         return;
903         spin_lock(&mmlist_lock);
904         list_for_each_safe(p, next, &init_mm.mmlist)
905                 list_del_init(p);
906         spin_unlock(&mmlist_lock);
907 }
908
909 /*
910  * Use this swapdev's extent info to locate the (PAGE_SIZE) block which
911  * corresponds to page offset `offset'.
912  */
913 sector_t map_swap_page(struct swap_info_struct *sis, pgoff_t offset)
914 {
915         struct swap_extent *se = sis->curr_swap_extent;
916         struct swap_extent *start_se = se;
917
918         for ( ; ; ) {
919                 struct list_head *lh;
920
921                 if (se->start_page <= offset &&
922                                 offset < (se->start_page + se->nr_pages)) {
923                         return se->start_block + (offset - se->start_page);
924                 }
925                 lh = se->list.next;
926                 if (lh == &sis->extent_list)
927                         lh = lh->next;
928                 se = list_entry(lh, struct swap_extent, list);
929                 sis->curr_swap_extent = se;
930                 BUG_ON(se == start_se);         /* It *must* be present */
931         }
932 }
933
934 /*
935  * Free all of a swapdev's extent information
936  */
937 static void destroy_swap_extents(struct swap_info_struct *sis)
938 {
939         while (!list_empty(&sis->extent_list)) {
940                 struct swap_extent *se;
941
942                 se = list_entry(sis->extent_list.next,
943                                 struct swap_extent, list);
944                 list_del(&se->list);
945                 kfree(se);
946         }
947 }
948
949 /*
950  * Add a block range (and the corresponding page range) into this swapdev's
951  * extent list.  The extent list is kept sorted in page order.
952  *
953  * This function rather assumes that it is called in ascending page order.
954  */
955 static int
956 add_swap_extent(struct swap_info_struct *sis, unsigned long start_page,
957                 unsigned long nr_pages, sector_t start_block)
958 {
959         struct swap_extent *se;
960         struct swap_extent *new_se;
961         struct list_head *lh;
962
963         lh = sis->extent_list.prev;     /* The highest page extent */
964         if (lh != &sis->extent_list) {
965                 se = list_entry(lh, struct swap_extent, list);
966                 BUG_ON(se->start_page + se->nr_pages != start_page);
967                 if (se->start_block + se->nr_pages == start_block) {
968                         /* Merge it */
969                         se->nr_pages += nr_pages;
970                         return 0;
971                 }
972         }
973
974         /*
975          * No merge.  Insert a new extent, preserving ordering.
976          */
977         new_se = kmalloc(sizeof(*se), GFP_KERNEL);
978         if (new_se == NULL)
979                 return -ENOMEM;
980         new_se->start_page = start_page;
981         new_se->nr_pages = nr_pages;
982         new_se->start_block = start_block;
983
984         list_add_tail(&new_se->list, &sis->extent_list);
985         return 1;
986 }
987
988 /*
989  * A `swap extent' is a simple thing which maps a contiguous range of pages
990  * onto a contiguous range of disk blocks.  An ordered list of swap extents
991  * is built at swapon time and is then used at swap_writepage/swap_readpage
992  * time for locating where on disk a page belongs.
993  *
994  * If the swapfile is an S_ISBLK block device, a single extent is installed.
995  * This is done so that the main operating code can treat S_ISBLK and S_ISREG
996  * swap files identically.
997  *
998  * Whether the swapdev is an S_ISREG file or an S_ISBLK blockdev, the swap
999  * extent list operates in PAGE_SIZE disk blocks.  Both S_ISREG and S_ISBLK
1000  * swapfiles are handled *identically* after swapon time.
1001  *
1002  * For S_ISREG swapfiles, setup_swap_extents() will walk all the file's blocks
1003  * and will parse them into an ordered extent list, in PAGE_SIZE chunks.  If
1004  * some stray blocks are found which do not fall within the PAGE_SIZE alignment
1005  * requirements, they are simply tossed out - we will never use those blocks
1006  * for swapping.
1007  *
1008  * For S_ISREG swapfiles we set S_SWAPFILE across the life of the swapon.  This
1009  * prevents root from shooting her foot off by ftruncating an in-use swapfile,
1010  * which will scribble on the fs.
1011  *
1012  * The amount of disk space which a single swap extent represents varies.
1013  * Typically it is in the 1-4 megabyte range.  So we can have hundreds of
1014  * extents in the list.  To avoid much list walking, we cache the previous
1015  * search location in `curr_swap_extent', and start new searches from there.
1016  * This is extremely effective.  The average number of iterations in
1017  * map_swap_page() has been measured at about 0.3 per page.  - akpm.
1018  */
1019 static int setup_swap_extents(struct swap_info_struct *sis, sector_t *span)
1020 {
1021         struct inode *inode;
1022         unsigned blocks_per_page;
1023         unsigned long page_no;
1024         unsigned blkbits;
1025         sector_t probe_block;
1026         sector_t last_block;
1027         sector_t lowest_block = -1;
1028         sector_t highest_block = 0;
1029         int nr_extents = 0;
1030         int ret;
1031
1032         inode = sis->swap_file->f_mapping->host;
1033         if (S_ISBLK(inode->i_mode)) {
1034                 ret = add_swap_extent(sis, 0, sis->max, 0);
1035                 *span = sis->pages;
1036                 goto done;
1037         }
1038
1039         blkbits = inode->i_blkbits;
1040         blocks_per_page = PAGE_SIZE >> blkbits;
1041
1042         /*
1043          * Map all the blocks into the extent list.  This code doesn't try
1044          * to be very smart.
1045          */
1046         probe_block = 0;
1047         page_no = 0;
1048         last_block = i_size_read(inode) >> blkbits;
1049         while ((probe_block + blocks_per_page) <= last_block &&
1050                         page_no < sis->max) {
1051                 unsigned block_in_page;
1052                 sector_t first_block;
1053
1054                 first_block = bmap(inode, probe_block);
1055                 if (first_block == 0)
1056                         goto bad_bmap;
1057
1058                 /*
1059                  * It must be PAGE_SIZE aligned on-disk
1060                  */
1061                 if (first_block & (blocks_per_page - 1)) {
1062                         probe_block++;
1063                         goto reprobe;
1064                 }
1065
1066                 for (block_in_page = 1; block_in_page < blocks_per_page;
1067                                         block_in_page++) {
1068                         sector_t block;
1069
1070                         block = bmap(inode, probe_block + block_in_page);
1071                         if (block == 0)
1072                                 goto bad_bmap;
1073                         if (block != first_block + block_in_page) {
1074                                 /* Discontiguity */
1075                                 probe_block++;
1076                                 goto reprobe;
1077                         }
1078                 }
1079
1080                 first_block >>= (PAGE_SHIFT - blkbits);
1081                 if (page_no) {  /* exclude the header page */
1082                         if (first_block < lowest_block)
1083                                 lowest_block = first_block;
1084                         if (first_block > highest_block)
1085                                 highest_block = first_block;
1086                 }
1087
1088                 /*
1089                  * We found a PAGE_SIZE-length, PAGE_SIZE-aligned run of blocks
1090                  */
1091                 ret = add_swap_extent(sis, page_no, 1, first_block);
1092                 if (ret < 0)
1093                         goto out;
1094                 nr_extents += ret;
1095                 page_no++;
1096                 probe_block += blocks_per_page;
1097 reprobe:
1098                 continue;
1099         }
1100         ret = nr_extents;
1101         *span = 1 + highest_block - lowest_block;
1102         if (page_no == 0)
1103                 page_no = 1;    /* force Empty message */
1104         sis->max = page_no;
1105         sis->pages = page_no - 1;
1106         sis->highest_bit = page_no - 1;
1107 done:
1108         sis->curr_swap_extent = list_entry(sis->extent_list.prev,
1109                                         struct swap_extent, list);
1110         goto out;
1111 bad_bmap:
1112         printk(KERN_ERR "swapon: swapfile has holes\n");
1113         ret = -EINVAL;
1114 out:
1115         return ret;
1116 }
1117
1118 #if 0   /* We don't need this yet */
1119 #include <linux/backing-dev.h>
1120 int page_queue_congested(struct page *page)
1121 {
1122         struct backing_dev_info *bdi;
1123
1124         BUG_ON(!PageLocked(page));      /* It pins the swap_info_struct */
1125
1126         if (PageSwapCache(page)) {
1127                 swp_entry_t entry = { .val = page_private(page) };
1128                 struct swap_info_struct *sis;
1129
1130                 sis = get_swap_info_struct(swp_type(entry));
1131                 bdi = sis->bdev->bd_inode->i_mapping->backing_dev_info;
1132         } else
1133                 bdi = page->mapping->backing_dev_info;
1134         return bdi_write_congested(bdi);
1135 }
1136 #endif
1137
1138 asmlinkage long sys_swapoff(const char __user * specialfile)
1139 {
1140         struct swap_info_struct * p = NULL;
1141         unsigned short *swap_map;
1142         struct file *swap_file, *victim;
1143         struct address_space *mapping;
1144         struct inode *inode;
1145         char * pathname;
1146         int i, type, prev;
1147         int err;
1148         
1149         if (!capable(CAP_SYS_ADMIN))
1150                 return -EPERM;
1151
1152         pathname = getname(specialfile);
1153         err = PTR_ERR(pathname);
1154         if (IS_ERR(pathname))
1155                 goto out;
1156
1157         victim = filp_open(pathname, O_RDWR|O_LARGEFILE, 0);
1158         putname(pathname);
1159         err = PTR_ERR(victim);
1160         if (IS_ERR(victim))
1161                 goto out;
1162
1163         mapping = victim->f_mapping;
1164         prev = -1;
1165         spin_lock(&swap_lock);
1166         for (type = swap_list.head; type >= 0; type = swap_info[type].next) {
1167                 p = swap_info + type;
1168                 if ((p->flags & SWP_ACTIVE) == SWP_ACTIVE) {
1169                         if (p->swap_file->f_mapping == mapping)
1170                                 break;
1171                 }
1172                 prev = type;
1173         }
1174         if (type < 0) {
1175                 err = -EINVAL;
1176                 spin_unlock(&swap_lock);
1177                 goto out_dput;
1178         }
1179         if (!security_vm_enough_memory(p->pages))
1180                 vm_unacct_memory(p->pages);
1181         else {
1182                 err = -ENOMEM;
1183                 spin_unlock(&swap_lock);
1184                 goto out_dput;
1185         }
1186         if (prev < 0) {
1187                 swap_list.head = p->next;
1188         } else {
1189                 swap_info[prev].next = p->next;
1190         }
1191         if (type == swap_list.next) {
1192                 /* just pick something that's safe... */
1193                 swap_list.next = swap_list.head;
1194         }
1195         nr_swap_pages -= p->pages;
1196         total_swap_pages -= p->pages;
1197         p->flags &= ~SWP_WRITEOK;
1198         spin_unlock(&swap_lock);
1199
1200         current->flags |= PF_SWAPOFF;
1201         err = try_to_unuse(type);
1202         current->flags &= ~PF_SWAPOFF;
1203
1204         if (err) {
1205                 /* re-insert swap space back into swap_list */
1206                 spin_lock(&swap_lock);
1207                 for (prev = -1, i = swap_list.head; i >= 0; prev = i, i = swap_info[i].next)
1208                         if (p->prio >= swap_info[i].prio)
1209                                 break;
1210                 p->next = i;
1211                 if (prev < 0)
1212                         swap_list.head = swap_list.next = p - swap_info;
1213                 else
1214                         swap_info[prev].next = p - swap_info;
1215                 nr_swap_pages += p->pages;
1216                 total_swap_pages += p->pages;
1217                 p->flags |= SWP_WRITEOK;
1218                 spin_unlock(&swap_lock);
1219                 goto out_dput;
1220         }
1221
1222         /* wait for any unplug function to finish */
1223         down_write(&swap_unplug_sem);
1224         up_write(&swap_unplug_sem);
1225
1226         destroy_swap_extents(p);
1227         mutex_lock(&swapon_mutex);
1228         spin_lock(&swap_lock);
1229         drain_mmlist();
1230
1231         /* wait for anyone still in scan_swap_map */
1232         p->highest_bit = 0;             /* cuts scans short */
1233         while (p->flags >= SWP_SCANNING) {
1234                 spin_unlock(&swap_lock);
1235                 schedule_timeout_uninterruptible(1);
1236                 spin_lock(&swap_lock);
1237         }
1238
1239         swap_file = p->swap_file;
1240         p->swap_file = NULL;
1241         p->max = 0;
1242         swap_map = p->swap_map;
1243         p->swap_map = NULL;
1244         p->flags = 0;
1245         spin_unlock(&swap_lock);
1246         mutex_unlock(&swapon_mutex);
1247         vfree(swap_map);
1248         inode = mapping->host;
1249         if (S_ISBLK(inode->i_mode)) {
1250                 struct block_device *bdev = I_BDEV(inode);
1251                 set_blocksize(bdev, p->old_block_size);
1252                 bd_release(bdev);
1253         } else {
1254                 mutex_lock(&inode->i_mutex);
1255                 inode->i_flags &= ~S_SWAPFILE;
1256                 mutex_unlock(&inode->i_mutex);
1257         }
1258         filp_close(swap_file, NULL);
1259         err = 0;
1260
1261 out_dput:
1262         filp_close(victim, NULL);
1263 out:
1264         return err;
1265 }
1266
1267 #ifdef CONFIG_PROC_FS
1268 /* iterator */
1269 static void *swap_start(struct seq_file *swap, loff_t *pos)
1270 {
1271         struct swap_info_struct *ptr = swap_info;
1272         int i;
1273         loff_t l = *pos;
1274
1275         mutex_lock(&swapon_mutex);
1276
1277         if (!l)
1278                 return SEQ_START_TOKEN;
1279
1280         for (i = 0; i < nr_swapfiles; i++, ptr++) {
1281                 if (!(ptr->flags & SWP_USED) || !ptr->swap_map)
1282                         continue;
1283                 if (!--l)
1284                         return ptr;
1285         }
1286
1287         return NULL;
1288 }
1289
1290 static void *swap_next(struct seq_file *swap, void *v, loff_t *pos)
1291 {
1292         struct swap_info_struct *ptr;
1293         struct swap_info_struct *endptr = swap_info + nr_swapfiles;
1294
1295         if (v == SEQ_START_TOKEN)
1296                 ptr = swap_info;
1297         else {
1298                 ptr = v;
1299                 ptr++;
1300         }
1301
1302         for (; ptr < endptr; ptr++) {
1303                 if (!(ptr->flags & SWP_USED) || !ptr->swap_map)
1304                         continue;
1305                 ++*pos;
1306                 return ptr;
1307         }
1308
1309         return NULL;
1310 }
1311
1312 static void swap_stop(struct seq_file *swap, void *v)
1313 {
1314         mutex_unlock(&swapon_mutex);
1315 }
1316
1317 static int swap_show(struct seq_file *swap, void *v)
1318 {
1319         struct swap_info_struct *ptr = v;
1320         struct file *file;
1321         int len;
1322
1323         if (ptr == SEQ_START_TOKEN) {
1324                 seq_puts(swap,"Filename\t\t\t\tType\t\tSize\tUsed\tPriority\n");
1325                 return 0;
1326         }
1327
1328         file = ptr->swap_file;
1329         len = seq_path(swap, file->f_vfsmnt, file->f_dentry, " \t\n\\");
1330         seq_printf(swap, "%*s%s\t%u\t%u\t%d\n",
1331                        len < 40 ? 40 - len : 1, " ",
1332                        S_ISBLK(file->f_dentry->d_inode->i_mode) ?
1333                                 "partition" : "file\t",
1334                        ptr->pages << (PAGE_SHIFT - 10),
1335                        ptr->inuse_pages << (PAGE_SHIFT - 10),
1336                        ptr->prio);
1337         return 0;
1338 }
1339
1340 static struct seq_operations swaps_op = {
1341         .start =        swap_start,
1342         .next =         swap_next,
1343         .stop =         swap_stop,
1344         .show =         swap_show
1345 };
1346
1347 static int swaps_open(struct inode *inode, struct file *file)
1348 {
1349         return seq_open(file, &swaps_op);
1350 }
1351
1352 static struct file_operations proc_swaps_operations = {
1353         .open           = swaps_open,
1354         .read           = seq_read,
1355         .llseek         = seq_lseek,
1356         .release        = seq_release,
1357 };
1358
1359 static int __init procswaps_init(void)
1360 {
1361         struct proc_dir_entry *entry;
1362
1363         entry = create_proc_entry("swaps", 0, NULL);
1364         if (entry)
1365                 entry->proc_fops = &proc_swaps_operations;
1366         return 0;
1367 }
1368 __initcall(procswaps_init);
1369 #endif /* CONFIG_PROC_FS */
1370
1371 /*
1372  * Written 01/25/92 by Simmule Turner, heavily changed by Linus.
1373  *
1374  * The swapon system call
1375  */
1376 asmlinkage long sys_swapon(const char __user * specialfile, int swap_flags)
1377 {
1378         struct swap_info_struct * p;
1379         char *name = NULL;
1380         struct block_device *bdev = NULL;
1381         struct file *swap_file = NULL;
1382         struct address_space *mapping;
1383         unsigned int type;
1384         int i, prev;
1385         int error;
1386         static int least_priority;
1387         union swap_header *swap_header = NULL;
1388         int swap_header_version;
1389         unsigned int nr_good_pages = 0;
1390         int nr_extents = 0;
1391         sector_t span;
1392         unsigned long maxpages = 1;
1393         int swapfilesize;
1394         unsigned short *swap_map;
1395         struct page *page = NULL;
1396         struct inode *inode = NULL;
1397         int did_down = 0;
1398
1399         if (!capable(CAP_SYS_ADMIN))
1400                 return -EPERM;
1401         spin_lock(&swap_lock);
1402         p = swap_info;
1403         for (type = 0 ; type < nr_swapfiles ; type++,p++)
1404                 if (!(p->flags & SWP_USED))
1405                         break;
1406         error = -EPERM;
1407         if (type >= MAX_SWAPFILES) {
1408                 spin_unlock(&swap_lock);
1409                 goto out;
1410         }
1411         if (type >= nr_swapfiles)
1412                 nr_swapfiles = type+1;
1413         INIT_LIST_HEAD(&p->extent_list);
1414         p->flags = SWP_USED;
1415         p->swap_file = NULL;
1416         p->old_block_size = 0;
1417         p->swap_map = NULL;
1418         p->lowest_bit = 0;
1419         p->highest_bit = 0;
1420         p->cluster_nr = 0;
1421         p->inuse_pages = 0;
1422         p->next = -1;
1423         if (swap_flags & SWAP_FLAG_PREFER) {
1424                 p->prio =
1425                   (swap_flags & SWAP_FLAG_PRIO_MASK)>>SWAP_FLAG_PRIO_SHIFT;
1426         } else {
1427                 p->prio = --least_priority;
1428         }
1429         spin_unlock(&swap_lock);
1430         name = getname(specialfile);
1431         error = PTR_ERR(name);
1432         if (IS_ERR(name)) {
1433                 name = NULL;
1434                 goto bad_swap_2;
1435         }
1436         swap_file = filp_open(name, O_RDWR|O_LARGEFILE, 0);
1437         error = PTR_ERR(swap_file);
1438         if (IS_ERR(swap_file)) {
1439                 swap_file = NULL;
1440                 goto bad_swap_2;
1441         }
1442
1443         p->swap_file = swap_file;
1444         mapping = swap_file->f_mapping;
1445         inode = mapping->host;
1446
1447         error = -EBUSY;
1448         for (i = 0; i < nr_swapfiles; i++) {
1449                 struct swap_info_struct *q = &swap_info[i];
1450
1451                 if (i == type || !q->swap_file)
1452                         continue;
1453                 if (mapping == q->swap_file->f_mapping)
1454                         goto bad_swap;
1455         }
1456
1457         error = -EINVAL;
1458         if (S_ISBLK(inode->i_mode)) {
1459                 bdev = I_BDEV(inode);
1460                 error = bd_claim(bdev, sys_swapon);
1461                 if (error < 0) {
1462                         bdev = NULL;
1463                         error = -EINVAL;
1464                         goto bad_swap;
1465                 }
1466                 p->old_block_size = block_size(bdev);
1467                 error = set_blocksize(bdev, PAGE_SIZE);
1468                 if (error < 0)
1469                         goto bad_swap;
1470                 p->bdev = bdev;
1471         } else if (S_ISREG(inode->i_mode)) {
1472                 p->bdev = inode->i_sb->s_bdev;
1473                 mutex_lock(&inode->i_mutex);
1474                 did_down = 1;
1475                 if (IS_SWAPFILE(inode)) {
1476                         error = -EBUSY;
1477                         goto bad_swap;
1478                 }
1479         } else {
1480                 goto bad_swap;
1481         }
1482
1483         swapfilesize = i_size_read(inode) >> PAGE_SHIFT;
1484
1485         /*
1486          * Read the swap header.
1487          */
1488         if (!mapping->a_ops->readpage) {
1489                 error = -EINVAL;
1490                 goto bad_swap;
1491         }
1492         page = read_mapping_page(mapping, 0, swap_file);
1493         if (IS_ERR(page)) {
1494                 error = PTR_ERR(page);
1495                 goto bad_swap;
1496         }
1497         wait_on_page_locked(page);
1498         if (!PageUptodate(page))
1499                 goto bad_swap;
1500         kmap(page);
1501         swap_header = page_address(page);
1502
1503         if (!memcmp("SWAP-SPACE",swap_header->magic.magic,10))
1504                 swap_header_version = 1;
1505         else if (!memcmp("SWAPSPACE2",swap_header->magic.magic,10))
1506                 swap_header_version = 2;
1507         else {
1508                 printk(KERN_ERR "Unable to find swap-space signature\n");
1509                 error = -EINVAL;
1510                 goto bad_swap;
1511         }
1512         
1513         switch (swap_header_version) {
1514         case 1:
1515                 printk(KERN_ERR "version 0 swap is no longer supported. "
1516                         "Use mkswap -v1 %s\n", name);
1517                 error = -EINVAL;
1518                 goto bad_swap;
1519         case 2:
1520                 /* Check the swap header's sub-version and the size of
1521                    the swap file and bad block lists */
1522                 if (swap_header->info.version != 1) {
1523                         printk(KERN_WARNING
1524                                "Unable to handle swap header version %d\n",
1525                                swap_header->info.version);
1526                         error = -EINVAL;
1527                         goto bad_swap;
1528                 }
1529
1530                 p->lowest_bit  = 1;
1531                 p->cluster_next = 1;
1532
1533                 /*
1534                  * Find out how many pages are allowed for a single swap
1535                  * device. There are two limiting factors: 1) the number of
1536                  * bits for the swap offset in the swp_entry_t type and
1537                  * 2) the number of bits in the a swap pte as defined by
1538                  * the different architectures. In order to find the
1539                  * largest possible bit mask a swap entry with swap type 0
1540                  * and swap offset ~0UL is created, encoded to a swap pte,
1541                  * decoded to a swp_entry_t again and finally the swap
1542                  * offset is extracted. This will mask all the bits from
1543                  * the initial ~0UL mask that can't be encoded in either
1544                  * the swp_entry_t or the architecture definition of a
1545                  * swap pte.
1546                  */
1547                 maxpages = swp_offset(pte_to_swp_entry(swp_entry_to_pte(swp_entry(0,~0UL)))) - 1;
1548                 if (maxpages > swap_header->info.last_page)
1549                         maxpages = swap_header->info.last_page;
1550                 p->highest_bit = maxpages - 1;
1551
1552                 error = -EINVAL;
1553                 if (!maxpages)
1554                         goto bad_swap;
1555                 if (swapfilesize && maxpages > swapfilesize) {
1556                         printk(KERN_WARNING
1557                                "Swap area shorter than signature indicates\n");
1558                         goto bad_swap;
1559                 }
1560                 if (swap_header->info.nr_badpages && S_ISREG(inode->i_mode))
1561                         goto bad_swap;
1562                 if (swap_header->info.nr_badpages > MAX_SWAP_BADPAGES)
1563                         goto bad_swap;
1564
1565                 /* OK, set up the swap map and apply the bad block list */
1566                 if (!(p->swap_map = vmalloc(maxpages * sizeof(short)))) {
1567                         error = -ENOMEM;
1568                         goto bad_swap;
1569                 }
1570
1571                 error = 0;
1572                 memset(p->swap_map, 0, maxpages * sizeof(short));
1573                 for (i = 0; i < swap_header->info.nr_badpages; i++) {
1574                         int page_nr = swap_header->info.badpages[i];
1575                         if (page_nr <= 0 || page_nr >= swap_header->info.last_page)
1576                                 error = -EINVAL;
1577                         else
1578                                 p->swap_map[page_nr] = SWAP_MAP_BAD;
1579                 }
1580                 nr_good_pages = swap_header->info.last_page -
1581                                 swap_header->info.nr_badpages -
1582                                 1 /* header page */;
1583                 if (error)
1584                         goto bad_swap;
1585         }
1586
1587         if (nr_good_pages) {
1588                 p->swap_map[0] = SWAP_MAP_BAD;
1589                 p->max = maxpages;
1590                 p->pages = nr_good_pages;
1591                 nr_extents = setup_swap_extents(p, &span);
1592                 if (nr_extents < 0) {
1593                         error = nr_extents;
1594                         goto bad_swap;
1595                 }
1596                 nr_good_pages = p->pages;
1597         }
1598         if (!nr_good_pages) {
1599                 printk(KERN_WARNING "Empty swap-file\n");
1600                 error = -EINVAL;
1601                 goto bad_swap;
1602         }
1603
1604         mutex_lock(&swapon_mutex);
1605         spin_lock(&swap_lock);
1606         p->flags = SWP_ACTIVE;
1607         nr_swap_pages += nr_good_pages;
1608         total_swap_pages += nr_good_pages;
1609
1610         printk(KERN_INFO "Adding %uk swap on %s.  "
1611                         "Priority:%d extents:%d across:%lluk\n",
1612                 nr_good_pages<<(PAGE_SHIFT-10), name, p->prio,
1613                 nr_extents, (unsigned long long)span<<(PAGE_SHIFT-10));
1614
1615         /* insert swap space into swap_list: */
1616         prev = -1;
1617         for (i = swap_list.head; i >= 0; i = swap_info[i].next) {
1618                 if (p->prio >= swap_info[i].prio) {
1619                         break;
1620                 }
1621                 prev = i;
1622         }
1623         p->next = i;
1624         if (prev < 0) {
1625                 swap_list.head = swap_list.next = p - swap_info;
1626         } else {
1627                 swap_info[prev].next = p - swap_info;
1628         }
1629         spin_unlock(&swap_lock);
1630         mutex_unlock(&swapon_mutex);
1631         error = 0;
1632         goto out;
1633 bad_swap:
1634         if (bdev) {
1635                 set_blocksize(bdev, p->old_block_size);
1636                 bd_release(bdev);
1637         }
1638         destroy_swap_extents(p);
1639 bad_swap_2:
1640         spin_lock(&swap_lock);
1641         swap_map = p->swap_map;
1642         p->swap_file = NULL;
1643         p->swap_map = NULL;
1644         p->flags = 0;
1645         if (!(swap_flags & SWAP_FLAG_PREFER))
1646                 ++least_priority;
1647         spin_unlock(&swap_lock);
1648         vfree(swap_map);
1649         if (swap_file)
1650                 filp_close(swap_file, NULL);
1651 out:
1652         if (page && !IS_ERR(page)) {
1653                 kunmap(page);
1654                 page_cache_release(page);
1655         }
1656         if (name)
1657                 putname(name);
1658         if (did_down) {
1659                 if (!error)
1660                         inode->i_flags |= S_SWAPFILE;
1661                 mutex_unlock(&inode->i_mutex);
1662         }
1663         return error;
1664 }
1665
1666 void si_swapinfo(struct sysinfo *val)
1667 {
1668         unsigned int i;
1669         unsigned long nr_to_be_unused = 0;
1670
1671         spin_lock(&swap_lock);
1672         for (i = 0; i < nr_swapfiles; i++) {
1673                 if (!(swap_info[i].flags & SWP_USED) ||
1674                      (swap_info[i].flags & SWP_WRITEOK))
1675                         continue;
1676                 nr_to_be_unused += swap_info[i].inuse_pages;
1677         }
1678         val->freeswap = nr_swap_pages + nr_to_be_unused;
1679         val->totalswap = total_swap_pages + nr_to_be_unused;
1680         spin_unlock(&swap_lock);
1681 }
1682
1683 /*
1684  * Verify that a swap entry is valid and increment its swap map count.
1685  *
1686  * Note: if swap_map[] reaches SWAP_MAP_MAX the entries are treated as
1687  * "permanent", but will be reclaimed by the next swapoff.
1688  */
1689 int swap_duplicate(swp_entry_t entry)
1690 {
1691         struct swap_info_struct * p;
1692         unsigned long offset, type;
1693         int result = 0;
1694
1695         if (is_migration_entry(entry))
1696                 return 1;
1697
1698         type = swp_type(entry);
1699         if (type >= nr_swapfiles)
1700                 goto bad_file;
1701         p = type + swap_info;
1702         offset = swp_offset(entry);
1703
1704         spin_lock(&swap_lock);
1705         if (offset < p->max && p->swap_map[offset]) {
1706                 if (p->swap_map[offset] < SWAP_MAP_MAX - 1) {
1707                         p->swap_map[offset]++;
1708                         result = 1;
1709                 } else if (p->swap_map[offset] <= SWAP_MAP_MAX) {
1710                         if (swap_overflow++ < 5)
1711                                 printk(KERN_WARNING "swap_dup: swap entry overflow\n");
1712                         p->swap_map[offset] = SWAP_MAP_MAX;
1713                         result = 1;
1714                 }
1715         }
1716         spin_unlock(&swap_lock);
1717 out:
1718         return result;
1719
1720 bad_file:
1721         printk(KERN_ERR "swap_dup: %s%08lx\n", Bad_file, entry.val);
1722         goto out;
1723 }
1724
1725 struct swap_info_struct *
1726 get_swap_info_struct(unsigned type)
1727 {
1728         return &swap_info[type];
1729 }
1730
1731 /*
1732  * swap_lock prevents swap_map being freed. Don't grab an extra
1733  * reference on the swaphandle, it doesn't matter if it becomes unused.
1734  */
1735 int valid_swaphandles(swp_entry_t entry, unsigned long *offset)
1736 {
1737         int our_page_cluster = page_cluster;
1738         int ret = 0, i = 1 << our_page_cluster;
1739         unsigned long toff;
1740         struct swap_info_struct *swapdev = swp_type(entry) + swap_info;
1741
1742         if (!our_page_cluster)  /* no readahead */
1743                 return 0;
1744         toff = (swp_offset(entry) >> our_page_cluster) << our_page_cluster;
1745         if (!toff)              /* first page is swap header */
1746                 toff++, i--;
1747         *offset = toff;
1748
1749         spin_lock(&swap_lock);
1750         do {
1751                 /* Don't read-ahead past the end of the swap area */
1752                 if (toff >= swapdev->max)
1753                         break;
1754                 /* Don't read in free or bad pages */
1755                 if (!swapdev->swap_map[toff])
1756                         break;
1757                 if (swapdev->swap_map[toff] == SWAP_MAP_BAD)
1758                         break;
1759                 toff++;
1760                 ret++;
1761         } while (--i);
1762         spin_unlock(&swap_lock);
1763         return ret;
1764 }