Chinaunix首页 | 论坛 | 博客
  • 博客访问: 343657
  • 博文数量: 96
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 152
  • 用 户 组: 普通用户
  • 注册时间: 2013-09-02 09:27
文章分类

全部博文(96)

文章存档

2017年(2)

2016年(30)

2015年(38)

2014年(25)

2013年(1)

我的朋友

分类: LINUX

2015-11-02 18:08:02

原文地址:linux内存管理之vmalloc 作者:linuxDOS

     在前面我们讲解了kmalloc申请连续物理内存的操作,以及原理和基础cache . 在内核中还有另外一个接口函数那就是vmalloc,申请一片连续的虚拟地址空间,但不保证物理空间连续,实际上我们会想到用户空间的malloc,malloc它是标准的glibc封装的一个函数,最终实现是通过系统调用brk和mmap来实现,以后在分析它的实现过程. 它就是申请连续的虚拟空间,但是不保证物理内存的连续,当然用户程序也不怎么关心这个问题,只所以会关心物理内存的连续性一般是由于设备驱动的使用,或者DMA.  但是vmalloc申请效率比较低,还会造成TLB抖动. 一般内核里常用kmalloc. 除非特殊需求,比如要获取大块内存时,实例就是当ko模块加载到内核运行时,即需要vmalloc. 
释放函数:vfree 
参考内核  3.8.13
  这里是说32位的处理器,即最大寻址4G虚拟空间,(当然现在已经64位比较普及了,后续补上吧)而虚拟地址到物理地址的转化往往需要硬件的支持才能提高效率,即MMU。
当然前提需要os先建立页表PT. 在linux内核,这4G空间并不是完全给用户空间使用在高端0xC0000000 (3G开始)留给内核空间使用(x86默认配置,默认0-16M(DMA),16M-896M(Normal),896M-1G(128M)作为高端内存分配区域),当然这个区域也是可是配置的.).
kmalloc函数返回的是虚拟地址(). kmalloc特殊之处在于它分配的内存是物理上连续的,这对于要进行DMA的设备十分重要. 而用vmalloc分配的内存只是连续,物理地址不一定连续,不能直接用于DMA。我们可以参考一个图:(它是arm 32架构的内核虚拟地址分配图)

下面我们就看看vmalloc函数:(mm/vmalloc.c)

点击(此处)折叠或打开

  1. /**
  2.  *    vmalloc - allocate virtually contiguous memory
  3.  *    @size:        allocation size
  4.  *    Allocate enough pages to cover @size from the page level
  5.  *    allocator and map them into contiguous kernel virtual space.
  6.  *
  7.  *    For tight control over page level allocator and protection flags
  8.  *    use __vmalloc() instead.
  9.  */
  10. void *vmalloc(unsigned long size)
  11. {
  12.     return __vmalloc_node_flags(size, -1, GFP_KERNEL | __GFP_HIGHMEM);
  13. }
这里我们只用关注size即可,而vmalloc优先从高端内存分配,并且可以睡眠.
继续:

点击(此处)折叠或打开

  1. static inline void *__vmalloc_node_flags(unsigned long size,
  2.                     int node, gfp_t flags)
  3. {
  4.     return __vmalloc_node(size, 1, flags, PAGE_KERNEL,
  5.                     node, __builtin_return_address(0));
  6. }
重点看一下__vmalloc_node:

点击(此处)折叠或打开

  1. /**
  2.  *    __vmalloc_node - allocate virtually contiguous memory
  3.  *    @size:        allocation size
  4.  *    @align:        desired alignment
  5.  *    @gfp_mask:    flags for the page level allocator
  6.  *    @prot:        protection mask for the allocated pages
  7.  *    @node:        node to use for allocation or -1
  8.  *    @caller:    caller's return address
  9.  *
  10.  *    Allocate enough pages to cover @size from the page level
  11.  *    allocator with @gfp_mask flags. Map them into contiguous
  12.  *    kernel virtual space, using a pagetable protection of @prot.
  13.  */
  14. static void *__vmalloc_node(unsigned long size, unsigned long align,
  15.              gfp_t gfp_mask, pgprot_t prot,
  16.              int node, const void *caller)
  17. {
  18.     return __vmalloc_node_range(size, align, VMALLOC_START, VMALLOC_END,
  19.                 gfp_mask, prot, node, caller);
  20. }
因为这里提到了VMALLOC_START和VMALLOC_END它们究竟是什么值呢?
这里看了arm32和mips32的(根据架构虚拟地址分配不同而不同,比如mips就比较特殊):
在arch/mips/include/asm/pgtable-32.h中
首先看mips虚拟地址分布图:

从这个图里我们知道用户空间为2G(0x0-0x7fff ffff),dma或者normal内存映射在kseg0(512M)/kseg1,而对于vmalloc申请的虚拟地址在kseg2中,当然还有其他一些特殊的映射比如io等.

点击(此处)折叠或打开

  1. #define VMALLOC_START MAP_BASE

  2. #define PKMAP_BASE        (0xfe000000UL)

  3. #ifdef CONFIG_HIGHMEM
  4. # define VMALLOC_END    (PKMAP_BASE-2*PAGE_SIZE)
  5. #else
  6. # define VMALLOC_END    (FIXADDR_START-2*PAGE_SIZE)
  7. #endif
在arch/arm/include/asm/pgtable.h

点击(此处)折叠或打开

  1. /*
  2.  * Just any arbitrary offset to the start of the vmalloc VM area: the
  3.  * current 8MB value just means that there will be a 8MB "hole" after the
  4.  * physical memory until the kernel virtual memory starts. That means that
  5.  * any out-of-bounds memory accesses will hopefully be caught.
  6.  * The vmalloc() routines leaves a hole of 4kB between each vmalloced
  7.  * area for the same reason. ;)
  8.  */
  9. #define VMALLOC_OFFSET        (8*1024*1024)
  10. #define VMALLOC_START        (((unsigned long)high_memory + VMALLOC_OFFSET) & ~(VMALLOC_OFFSET-1))
  11. #define VMALLOC_END        0xff000000UL
在看一个图:

我们知道物理内存简单分为三个区域:ZONE_NORMAL、ZONE_DMA、ZONE_HIGHMEM
vmalloc我们看到它是默认从ZONE_HIGMEM里申请,但是这两个函数虚拟地址是保持一致的,即都占用了4G地址空间的内核虚拟地址.通过上面的图,我们确定了虚拟地址从哪里分配,以及对于的物理空间从哪里分配。
下面看看 vmalloc核心实现:

点击(此处)折叠或打开

  1. /**
  2.  *    __vmalloc_node_range - allocate virtually contiguous memory
  3.  *    @size:        allocation size
  4.  *    @align:        desired alignment
  5.  *    @start:        vm area range start
  6.  *    @end:        vm area range end
  7.  *    @gfp_mask:    flags for the page level allocator
  8.  *    @prot:        protection mask for the allocated pages
  9.  *    @node:        node to use for allocation or -1
  10.  *    @caller:    caller's return address
  11.  *
  12.  *    Allocate enough pages to cover @size from the page level
  13.  *    allocator with @gfp_mask flags. Map them into contiguous
  14.  *    kernel virtual space, using a pagetable protection of @prot.
  15.  */
  16. void *__vmalloc_node_range(unsigned long size, unsigned long align,
  17.             unsigned long start, unsigned long end, gfp_t gfp_mask,
  18.             pgprot_t prot, int node, const void *caller)
  19. {
  20.     struct vm_struct *area;
  21.     void *addr;
  22.     unsigned long real_size = size;

  23.     size = PAGE_ALIGN(size);
  24.     if (!size || (size >> PAGE_SHIFT) > totalram_pages)
  25.         goto fail;

  26.     area = __get_vm_area_node(size, align, VM_ALLOC | VM_UNLIST,    // 分配虚拟地址空间 把vm_struct 和vm_area(红黑树机制)关联起来.
  27.                  start, end, node, gfp_mask, caller);
  28.     if (!area)
  29.         goto fail;

  30.     addr = __vmalloc_area_node(area, gfp_mask, prot, node, caller);  //计算需要申请的页面,申请page,然后修改页表完成映射.
  31.     if (!addr)
  32.         return NULL;

  33.     /*
  34.      * In this function, newly allocated vm_struct is not added
  35.      * to vmlist at __get_vm_area_node(). so, it is added here.
  36.      */
  37.     insert_vmalloc_vmlist(area);     //把vm_struct插入 全局vmlist链表

  38.     /*
  39.      * A ref_count = 3 is needed because the vm_struct and vmap_area
  40.      * structures allocated in the __get_vm_area_node() function contain
  41.      * references to the virtual address of the vmalloc'ed block.
  42.      */
  43.     kmemleak_alloc(addr, real_size, 3, gfp_mask);    //内存泄露追踪

  44.     return addr;

  45. fail:
  46.     warn_alloc_failed(gfp_mask, 0,
  47.              "vmalloc: allocation failure: %lu bytes\n",
  48.              real_size);
  49.     return NULL;
  50. }
它的基本实现思路很简单:
1. 分配虚拟地址空间 
2.对虚拟地址空间进行页表映射

需要熟知 下面两个结构体:
struct vmap_area

点击(此处)折叠或打开

  1. struct vmap_area {
  2.     unsigned long va_start;
  3.     unsigned long va_end;
  4.     unsigned long flags;
  5.     struct rb_node rb_node;        /* address sorted rbtree */
  6.     struct list_head list;        /* address sorted list */
  7.     struct list_head purge_list;    /* "lazy purge" list */
  8.     struct vm_struct *vm;
  9.     struct rcu_head rcu_head;
  10. };
vm_struct *area :

点击(此处)折叠或打开

  1. struct vm_struct {
  2.     struct vm_struct    *next;
  3.     void            *addr;
  4.     unsigned long        size;
  5.     unsigned long        flags;
  6.     struct page        **pages;
  7.     unsigned int        nr_pages;
  8.     phys_addr_t        phys_addr;
  9.     const void        *caller;
  10. };

这里在说明一下vmalloc_init的初始化.

点击(此处)折叠或打开

  1. /*
  2.  * Set up kernel memory allocators
  3.  */
  4. static void __init mm_init(void)
  5. {
  6.     /*
  7.      * page_cgroup requires contiguous pages,
  8.      * bigger than MAX_ORDER unless SPARSEMEM.
  9.      */
  10.     page_cgroup_init_flatmem();
  11.     mem_init();
  12.     kmem_cache_init();
  13.     percpu_init_late();
  14.     pgtable_cache_init();
  15.     vmalloc_init();
  16. }
其实在讲slab机制的时候已经说过。

点击(此处)折叠或打开

  1. void __init vmalloc_init(void)
  2. {
  3.     struct vmap_area *va;
  4.     struct vm_struct *tmp;
  5.     int i;

  6.     for_each_possible_cpu(i) {
  7.         struct vmap_block_queue *vbq;

  8.         vbq = &per_cpu(vmap_block_queue, i);
  9.         spin_lock_init(&vbq->lock);
  10.         INIT_LIST_HEAD(&vbq->free);
  11.     }

  12.     /* Import existing vmlist entries. */
  13.     for (tmp = vmlist; tmp; tmp = tmp->next) {                     // 在系统启动或者初始化之初,vmlist为空.
  14.         va = kzalloc(sizeof(struct vmap_area), GFP_NOWAIT);
  15.         va->flags = VM_VM_AREA;
  16.         va->va_start = (unsigned long)tmp->addr;
  17.         va->va_end = va->va_start + tmp->size;
  18.         va->vm = tmp;
  19.         __insert_vmap_area(va);
  20.     }

  21.     vmap_area_pcpu_hole = VMALLOC_END;

  22.     vmap_initialized = true;
  23. }
下面就说说__get_vm_area_node函数:

点击(此处)折叠或打开

  1. static struct vm_struct *__get_vm_area_node(unsigned long size,
  2.         unsigned long align, unsigned long flags, unsigned long start,
  3.         unsigned long end, int node, gfp_t gfp_mask, const void *caller)
  4. {
  5.     struct vmap_area *va;
  6.     struct vm_struct *area;

  7.     BUG_ON(in_interrupt());
  8.     if (flags & VM_IOREMAP) { // ioremap标志,映射的是设备内存
  9.         int bit = fls(size);

  10.         if (bit > IOREMAP_MAX_ORDER)
  11.             bit = IOREMAP_MAX_ORDER;
  12.         else if (bit < PAGE_SHIFT)
  13.             bit = PAGE_SHIFT;

  14.         align = 1ul << bit;
  15.     }

  16.     size = PAGE_ALIGN(size);
  17.     if (unlikely(!size))
  18.         return NULL;

  19.     area = kzalloc_node(sizeof(*area), gfp_mask & GFP_RECLAIM_MASK, node);
  20.     if (unlikely(!area))
  21.         return NULL;

  22.     /*
  23.      * We always allocate a guard page.
  24.      */
  25.     size += PAGE_SIZE; // 多偏移一页,为了防止访问越界,由于多出来的一页并不映射,所以当访问的时候,会引发保护异常.

  26.     va = alloc_vmap_area(size, align, start, end, node, gfp_mask);        // 申请vm_area虚拟地址空间
  27.     if (IS_ERR(va)) {
  28.         kfree(area);
  29.         return NULL;
  30.     }

  31.     /*
  32.      * When this function is called from __vmalloc_node_range,
  33.      * we do not add vm_struct to vmlist here to avoid
  34.      * accessing uninitialized members of vm_struct such as
  35.      * pages and nr_pages fields. They will be set later.
  36.      * To distinguish it from others, we use a VM_UNLIST flag.
  37.      */
  38.     if (flags & VM_UNLIST)   // 必然走这里 
  39.         setup_vmalloc_vm(area, va, flags, caller);  // 关联vm_struct 和 vm_area
  40.     else
  41.         insert_vmalloc_vm(area, va, flags, caller);

  42.     return area;
  43. }
这个函数核心就是alloc_vmap_area,这个很有趣的,之前我们讲到了vmalloc申请的虚拟地址范围,而它只传递了size而已,对于mips,x86,arm会有不同的虚拟空间.

点击(此处)折叠或打开

  1. /*
  2.  * Allocate a region of KVA of the specified size and alignment, within the
  3.  * vstart and vend.
  4.  */
  5. static struct vmap_area *alloc_vmap_area(unsigned long size,
  6.                 unsigned long align,
  7.                 unsigned long vstart, unsigned long vend,
  8.                 int node, gfp_t gfp_mask)
  9. {
  10.     struct vmap_area *va;
  11.     struct rb_node *n;
  12.     unsigned long addr;
  13.     int purged = 0;
  14.     struct vmap_area *first;

  15.     BUG_ON(!size);
  16.     BUG_ON(size & ~PAGE_MASK);
  17.     BUG_ON(!is_power_of_2(align));

  18.     va = kmalloc_node(sizeof(struct vmap_area),
  19.             gfp_mask & GFP_RECLAIM_MASK, node);
  20.     if (unlikely(!va))
  21.         return ERR_PTR(-ENOMEM);

  22. retry:
  23.     spin_lock(&vmap_area_lock);
  24.     /*
  25.      * Invalidate cache if we have more permissive parameters.
  26.      * cached_hole_size notes the largest hole noticed _below_
  27.      * the vmap_area cached in free_vmap_cache: if size fits
  28.      * into that hole, we want to scan from vstart to reuse
  29.      * the hole instead of allocating above free_vmap_cache.
  30.      * Note that __free_vmap_area may update free_vmap_cache
  31.      * without updating cached_hole_size or cached_align.
  32.      */
  33.     if (!free_vmap_cache ||                              //第一次调用的时候 free_vmap_cache为空,后来即后边的代码line 105 : free_vmap_cache = &va->rb_node; 一般不为空 ;一般会发                                                           // 生align < cached_align的情况,即会清除free_vmap_cache。有时候align比较大的时候,它会跳过一段虚拟地址空间.后面的申请由于没                                                            //有free_vmap_cache,所以它需要重新查询
  34.             size < cached_hole_size ||
  35.             vstart < cached_vstart ||
  36.             align < cached_align) {
  37. nocache:
  38.         cached_hole_size = 0;
  39.         free_vmap_cache = NULL;
  40.     }
  41.     /* record if we encounter less permissive parameters */
  42.     cached_vstart = vstart;
  43.     cached_align = align;

  44.     /* find starting point for our search */
  45.     if (free_vmap_cache) {                                                  // 第一次使用的时候为空;当不为空时,它保持上次申请的节点,并初始化addr为va_end.
  46.         first = rb_entry(free_vmap_cache, struct vmap_area, rb_node);
  47.         addr = ALIGN(first->va_end, align);
  48.         if (addr < vstart)
  49.             goto nocache;
  50.         if (addr + size - 1 < addr)
  51.             goto overflow;

  52.     } else {
  53.         addr = ALIGN(vstart, align);
  54.         if (addr + size - 1 < addr)
  55.             goto overflow;

  56.         n = vmap_area_root.rb_node;                               // 同样vmap_area_root.rb_node; 初始化也为空,第一次使用为空
  57.         first = NULL;

  58.         while (n) {                                               // 当不是第一申请,并且free_cache为空的时候, 需要重新找到根节点即va_start <= addr
  59.             struct vmap_area *tmp;
  60.             tmp = rb_entry(n, struct vmap_area, rb_node);
  61.      
  62.             if (tmp->va_end >= addr) {
  63.                 first = tmp;
  64.                 if (tmp->va_start <= addr)
  65.                     break;
  66.                 n = n->rb_left;
  67.             } else
  68.                 n = n->rb_right;
  69.         }

  70.         if (!first)
  71.             goto found;
  72.     }

  73.     /* from the starting point, walk areas until a suitable hole is found */
  74.     while (addr + size > first->va_start && addr + size <= vend) {                // 当不是第一申请,并且free_cache为空的时候,查询红黑树节点,找到合适的空间地址.
  75.         if (addr + cached_hole_size < first->va_start)
  76.             cached_hole_size = first->va_start - addr;
  77.         addr = ALIGN(first->va_end, align);
  78.         if (addr + size - 1 < addr)
  79.             goto overflow;
  80.          
  81.         if (list_is_last(&first->list, &vmap_area_list))     // 默认不会在这里操作。也就是说它没有元素.
  82.             goto found;

  83.         first = list_entry(first->list.next,
  84.                 struct vmap_area, list);
  85.     }

  86. found:
  87.     if (addr + size > vend)
  88.         goto overflow;

  89.     va->va_start = addr;
  90.     va->va_end = addr + size;
  91.     va->flags = 0;
  92.     __insert_vmap_area(va);                           // 添加到红黑树 vmap_area_root
  93.     free_vmap_cache = &va->rb_node;                  // 初始化free_vmap_cache ,它会影响后续虚拟空间的申请.
  94.     spin_unlock(&vmap_area_lock);

  95.     BUG_ON(va->va_start & (align-1));
  96.     BUG_ON(va->va_start < vstart);
  97.     BUG_ON(va->va_end > vend);

  98.     return va;

  99. overflow:
  100.     spin_unlock(&vmap_area_lock);
  101.     if (!purged) {
  102.         purge_vmap_area_lazy();
  103.         purged = 1;
  104.         goto retry;
  105.     }
  106.     if (printk_ratelimit())
  107.         printk(KERN_WARNING
  108.             "vmap allocation for size %lu failed: "
  109.             "use vmalloc= to increase size.\n", size);
  110.     kfree(va);
  111.     return ERR_PTR(-EBUSY);
  112. }
既然我们已经开辟了虚拟地址空间,那么还需要做的当然是和页面一一映射起来.
看函数__vmalloc_area_node:

点击(此处)折叠或打开

  1. static void *__vmalloc_area_node(struct vm_struct *area, gfp_t gfp_mask,
  2.                  pgprot_t prot, int node, const void *caller)
  3. {
  4.     const int order = 0;
  5.     struct page **pages;
  6.     unsigned int nr_pages, array_size, i;
  7.     gfp_t nested_gfp = (gfp_mask & GFP_RECLAIM_MASK) | __GFP_ZERO;

  8.     nr_pages = (area->size - PAGE_SIZE) >> PAGE_SHIFT; //申请多少pages
  9.     array_size = (nr_pages * sizeof(struct page *));   //需要多大的存放page指针的空间 .

  10.     area->nr_pages = nr_pages;
  11.     /* Please note that the recursion is strictly bounded. */
  12.     if (array_size > PAGE_SIZE) {                          // 这里默认page_size 为4k 即4096 ,地址32位的话,相当于申请1024个pages:4M空间
  13.         pages = __vmalloc_node(array_size, 1, nested_gfp|__GFP_HIGHMEM,
  14.                 PAGE_KERNEL, node, caller);
  15.         area->flags |= VM_VPAGES;
  16.     } else {
  17.         pages = kmalloc_node(array_size, nested_gfp, node);    // 小于一页,则直接利用slab机制申请物理空间地址 给pages.
  18.     }
  19.     area->pages = pages;
  20.     area->caller = caller;
  21.     if (!area->pages) {
  22.         remove_vm_area(area->addr);
  23.         kfree(area);
  24.         return NULL;
  25.     }

  26.     for (i = 0; i < area->nr_pages; i++) {              //  每次申请一个page利用alloc_page直接申请物理页面
  27.         struct page *page;
  28.         gfp_t tmp_mask = gfp_mask | __GFP_NOWARN;

  29.         if (node < 0)
  30.             page = alloc_page(tmp_mask);
  31.         else
  32.             page = alloc_pages_node(node, tmp_mask, order);

  33.         if (unlikely(!page)) {
  34.             /* Successfully allocated i pages, free them in __vunmap() */
  35.             area->nr_pages = i;
  36.             goto fail;
  37.         }
  38.         area->pages[i] = page;             // 分配的地址存放在指针数组.
  39.     }

  40.     if (map_vm_area(area, prot, &pages)) // 修改页表 ,一页一页的实现映射,以及flush cache保持数据的一致性;对页面映射和操作感兴趣的可以深入看看这个函数.
  41.         goto fail;
  42.     return area->addr;

  43. fail:
  44.     warn_alloc_failed(gfp_mask, order,
  45.              "vmalloc: allocation failure, allocated %ld of %ld bytes\n",
  46.              (area->nr_pages*PAGE_SIZE), area->size);
  47.     vfree(area->addr);
  48.     return NULL;
  49. }
而insert_vmalloc_vmlist很明显把vm_struct插入到vmlist。
那么就完成了整个过程,没有想象的复杂,当然对内存有了更多的认识,这里还需要说一下,一般情况下有高端内存会比没有的好些,防止了vmalloc申请的时候造成的TLB抖动等问题,更少的破坏normal空间。
可以通过proc来查看vmalloc的一下信息:

点击(此处)折叠或打开

  1. cat /proc/vmallocinfo
  2. 0xc0002000-0xc0045000 274432 jffs2_zlib_init+0x24/0xa4 pages=66 vmalloc
  3. 0xc0045000-0xc0051000 49152 jffs2_zlib_init+0x40/0xa4 pages=11 vmalloc
  4. 0xc0051000-0xc0053000 8192 brcmnand_create_cet+0x244/0x788 pages=1 vmalloc
  5. 0xc0053000-0xc0055000 8192 ebt_register_table+0x98/0x39c pages=1 vmalloc
还有:

点击(此处)折叠或打开

  1. # cat /proc/vmstat
  2. #cat /proc/meminfo









阅读(1488) | 评论(0) | 转发(0) |
0

上一篇:什么是TLB ?

下一篇:Linux高端内存

给主人留下些什么吧!~~