1============================ 2Transparent Hugepage Support 3============================ 4 5This document describes design principles for Transparent Hugepage (THP) 6support and its interaction with other parts of the memory management 7system. 8 9Design principles 10================= 11 12- "graceful fallback": mm components which don't have transparent hugepage 13 knowledge fall back to breaking huge pmd mapping into table of ptes and, 14 if necessary, split a transparent hugepage. Therefore these components 15 can continue working on the regular pages or regular pte mappings. 16 17- if a hugepage allocation fails because of memory fragmentation, 18 regular pages should be gracefully allocated instead and mixed in 19 the same vma without any failure or significant delay and without 20 userland noticing 21 22- if some task quits and more hugepages become available (either 23 immediately in the buddy or through the VM), guest physical memory 24 backed by regular pages should be relocated on hugepages 25 automatically (with khugepaged) 26 27- it doesn't require memory reservation and in turn it uses hugepages 28 whenever possible (the only possible reservation here is kernelcore= 29 to avoid unmovable pages to fragment all the memory but such a tweak 30 is not specific to transparent hugepage support and it's a generic 31 feature that applies to all dynamic high order allocations in the 32 kernel) 33 34get_user_pages and pin_user_pages 35================================= 36 37get_user_pages and pin_user_pages if run on a hugepage, will return the 38head or tail pages as usual (exactly as they would do on 39hugetlbfs). Most GUP users will only care about the actual physical 40address of the page and its temporary pinning to release after the I/O 41is complete, so they won't ever notice the fact the page is huge. But 42if any driver is going to mangle over the page structure of the tail 43page (like for checking page->mapping or other bits that are relevant 44for the head page and not the tail page), it should be updated to jump 45to check head page instead. Taking a reference on any head/tail page would 46prevent the page from being split by anyone. 47 48.. note:: 49 these aren't new constraints to the GUP API, and they match the 50 same constraints that apply to hugetlbfs too, so any driver capable 51 of handling GUP on hugetlbfs will also work fine on transparent 52 hugepage backed mappings. 53 54Graceful fallback 55================= 56 57Code walking pagetables but unaware about huge pmds can simply call 58split_huge_pmd(vma, pmd, addr) where the pmd is the one returned by 59pmd_offset. It's trivial to make the code transparent hugepage aware 60by just grepping for "pmd_offset" and adding split_huge_pmd where 61missing after pmd_offset returns the pmd. Thanks to the graceful 62fallback design, with a one liner change, you can avoid to write 63hundreds if not thousands of lines of complex code to make your code 64hugepage aware. 65 66If you're not walking pagetables but you run into a physical hugepage 67that you can't handle natively in your code, you can split it by 68calling split_huge_page(page). This is what the Linux VM does before 69it tries to swapout the hugepage for example. split_huge_page() can fail 70if the page is pinned and you must handle this correctly. 71 72Example to make mremap.c transparent hugepage aware with a one liner 73change:: 74 75 diff --git a/mm/mremap.c b/mm/mremap.c 76 --- a/mm/mremap.c 77 +++ b/mm/mremap.c 78 @@ -41,6 +41,7 @@ static pmd_t *get_old_pmd(struct mm_stru 79 return NULL; 80 81 pmd = pmd_offset(pud, addr); 82 + split_huge_pmd(vma, pmd, addr); 83 if (pmd_none_or_clear_bad(pmd)) 84 return NULL; 85 86Locking in hugepage aware code 87============================== 88 89We want as much code as possible hugepage aware, as calling 90split_huge_page() or split_huge_pmd() has a cost. 91 92To make pagetable walks huge pmd aware, all you need to do is to call 93pmd_trans_huge() on the pmd returned by pmd_offset. You must hold the 94mmap_lock in read (or write) mode to be sure a huge pmd cannot be 95created from under you by khugepaged (khugepaged collapse_huge_page 96takes the mmap_lock in write mode in addition to the anon_vma lock). If 97pmd_trans_huge returns false, you just fallback in the old code 98paths. If instead pmd_trans_huge returns true, you have to take the 99page table lock (pmd_lock()) and re-run pmd_trans_huge. Taking the 100page table lock will prevent the huge pmd being converted into a 101regular pmd from under you (split_huge_pmd can run in parallel to the 102pagetable walk). If the second pmd_trans_huge returns false, you 103should just drop the page table lock and fallback to the old code as 104before. Otherwise, you can proceed to process the huge pmd and the 105hugepage natively. Once finished, you can drop the page table lock. 106 107Refcounts and transparent huge pages 108==================================== 109 110Refcounting on THP is mostly consistent with refcounting on other compound 111pages: 112 113 - get_page()/put_page() and GUP operate on the folio->_refcount. 114 115 - ->_refcount in tail pages is always zero: get_page_unless_zero() never 116 succeeds on tail pages. 117 118 - map/unmap of a PMD entry for the whole THP increment/decrement 119 folio->_entire_mapcount and folio->_large_mapcount. 120 121 We also maintain the two slots for tracking MM owners (MM ID and 122 corresponding mapcount), and the current status ("maybe mapped shared" vs. 123 "mapped exclusively"). 124 125 With CONFIG_PAGE_MAPCOUNT, we also increment/decrement 126 folio->_nr_pages_mapped by ENTIRELY_MAPPED when _entire_mapcount goes 127 from -1 to 0 or 0 to -1. 128 129 - map/unmap of individual pages with PTE entry increment/decrement 130 folio->_large_mapcount. 131 132 We also maintain the two slots for tracking MM owners (MM ID and 133 corresponding mapcount), and the current status ("maybe mapped shared" vs. 134 "mapped exclusively"). 135 136 With CONFIG_PAGE_MAPCOUNT, we also increment/decrement 137 page->_mapcount and increment/decrement folio->_nr_pages_mapped when 138 page->_mapcount goes from -1 to 0 or 0 to -1 as this counts the number 139 of pages mapped by PTE. 140 141split_huge_page internally has to distribute the refcounts in the head 142page to the tail pages before clearing all PG_head/tail bits from the page 143structures. It can be done easily for refcounts taken by page table 144entries, but we don't have enough information on how to distribute any 145additional pins (i.e. from get_user_pages). split_huge_page() fails any 146requests to split pinned huge pages: it expects page count to be equal to 147the sum of mapcount of all sub-pages plus one (split_huge_page caller must 148have a reference to the head page). 149 150split_huge_page uses migration entries to stabilize page->_refcount and 151page->_mapcount of anonymous pages. File pages just get unmapped. 152 153We are safe against physical memory scanners too: the only legitimate way 154a scanner can get a reference to a page is get_page_unless_zero(). 155 156All tail pages have zero ->_refcount until atomic_add(). This prevents the 157scanner from getting a reference to the tail page up to that point. After the 158atomic_add() we don't care about the ->_refcount value. We already know how 159many references should be uncharged from the head page. 160 161For head page get_page_unless_zero() will succeed and we don't mind. It's 162clear where references should go after split: it will stay on the head page. 163 164Note that split_huge_pmd() doesn't have any limitations on refcounting: 165pmd can be split at any point and never fails. 166 167Partial unmap and deferred_split_folio() (anon THP only) 168======================================================== 169 170Unmapping part of THP (with munmap() or other way) is not going to free 171memory immediately. Instead, we detect that a subpage of THP is not in use 172in folio_remove_rmap_*() and queue the THP for splitting if memory pressure 173comes. Splitting will free up unused subpages. 174 175Splitting the page right away is not an option due to locking context in 176the place where we can detect partial unmap. It also might be 177counterproductive since in many cases partial unmap happens during exit(2) if 178a THP crosses a VMA boundary. 179 180The function deferred_split_folio() is used to queue a folio for splitting. 181The splitting itself will happen when we get memory pressure via shrinker 182interface. 183 184With CONFIG_PAGE_MAPCOUNT, we reliably detect partial mappings based on 185folio->_nr_pages_mapped. 186 187With CONFIG_NO_PAGE_MAPCOUNT, we detect partial mappings based on the 188average per-page mapcount in a THP: if the average is < 1, an anon THP is 189certainly partially mapped. As long as only a single process maps a THP, 190this detection is reliable. With long-running child processes, there can 191be scenarios where partial mappings can currently not be detected, and 192might need asynchronous detection during memory reclaim in the future. 193