pmap.c revision 266175
1/* From: $NetBSD: pmap.c,v 1.148 2004/04/03 04:35:48 bsh Exp $ */ 2/*- 3 * Copyright 2004 Olivier Houchard. 4 * Copyright 2003 Wasabi Systems, Inc. 5 * All rights reserved. 6 * 7 * Written by Steve C. Woodford for Wasabi Systems, Inc. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed for the NetBSD Project by 20 * Wasabi Systems, Inc. 21 * 4. The name of Wasabi Systems, Inc. may not be used to endorse 22 * or promote products derived from this software without specific prior 23 * written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38/*- 39 * Copyright (c) 2002-2003 Wasabi Systems, Inc. 40 * Copyright (c) 2001 Richard Earnshaw 41 * Copyright (c) 2001-2002 Christopher Gilbert 42 * All rights reserved. 43 * 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 3. The name of the company nor the name of the author may be used to 50 * endorse or promote products derived from this software without specific 51 * prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 54 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 55 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 56 * IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 57 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 58 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 59 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 */ 65/*- 66 * Copyright (c) 1999 The NetBSD Foundation, Inc. 67 * All rights reserved. 68 * 69 * This code is derived from software contributed to The NetBSD Foundation 70 * by Charles M. Hannum. 71 * 72 * Redistribution and use in source and binary forms, with or without 73 * modification, are permitted provided that the following conditions 74 * are met: 75 * 1. Redistributions of source code must retain the above copyright 76 * notice, this list of conditions and the following disclaimer. 77 * 2. Redistributions in binary form must reproduce the above copyright 78 * notice, this list of conditions and the following disclaimer in the 79 * documentation and/or other materials provided with the distribution. 80 * 81 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 82 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 83 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 84 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 85 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 86 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 87 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 88 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 89 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 90 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 91 * POSSIBILITY OF SUCH DAMAGE. 92 */ 93 94/*- 95 * Copyright (c) 1994-1998 Mark Brinicombe. 96 * Copyright (c) 1994 Brini. 97 * All rights reserved. 98 * 99 * This code is derived from software written for Brini by Mark Brinicombe 100 * 101 * Redistribution and use in source and binary forms, with or without 102 * modification, are permitted provided that the following conditions 103 * are met: 104 * 1. Redistributions of source code must retain the above copyright 105 * notice, this list of conditions and the following disclaimer. 106 * 2. Redistributions in binary form must reproduce the above copyright 107 * notice, this list of conditions and the following disclaimer in the 108 * documentation and/or other materials provided with the distribution. 109 * 3. All advertising materials mentioning features or use of this software 110 * must display the following acknowledgement: 111 * This product includes software developed by Mark Brinicombe. 112 * 4. The name of the author may not be used to endorse or promote products 113 * derived from this software without specific prior written permission. 114 * 115 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 116 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 117 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 118 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 119 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 120 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 121 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 122 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 123 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 124 * 125 * RiscBSD kernel project 126 * 127 * pmap.c 128 * 129 * Machine dependant vm stuff 130 * 131 * Created : 20/09/94 132 */ 133 134/* 135 * Special compilation symbols 136 * PMAP_DEBUG - Build in pmap_debug_level code 137 * 138 * Note that pmap_mapdev() and pmap_unmapdev() are implemented in arm/devmap.c 139 */ 140/* Include header files */ 141 142#include "opt_vm.h" 143 144#include <sys/cdefs.h> 145__FBSDID("$FreeBSD: stable/10/sys/arm/arm/pmap.c 266175 2014-05-15 19:09:31Z ian $"); 146#include <sys/param.h> 147#include <sys/systm.h> 148#include <sys/kernel.h> 149#include <sys/ktr.h> 150#include <sys/lock.h> 151#include <sys/proc.h> 152#include <sys/malloc.h> 153#include <sys/msgbuf.h> 154#include <sys/mutex.h> 155#include <sys/vmmeter.h> 156#include <sys/mman.h> 157#include <sys/rwlock.h> 158#include <sys/smp.h> 159#include <sys/sched.h> 160 161#include <vm/vm.h> 162#include <vm/vm_param.h> 163#include <vm/uma.h> 164#include <vm/pmap.h> 165#include <vm/vm_kern.h> 166#include <vm/vm_object.h> 167#include <vm/vm_map.h> 168#include <vm/vm_page.h> 169#include <vm/vm_pageout.h> 170#include <vm/vm_phys.h> 171#include <vm/vm_extern.h> 172 173#include <machine/md_var.h> 174#include <machine/cpu.h> 175#include <machine/cpufunc.h> 176#include <machine/pcb.h> 177 178#ifdef PMAP_DEBUG 179#define PDEBUG(_lev_,_stat_) \ 180 if (pmap_debug_level >= (_lev_)) \ 181 ((_stat_)) 182#define dprintf printf 183 184int pmap_debug_level = 0; 185#define PMAP_INLINE 186#else /* PMAP_DEBUG */ 187#define PDEBUG(_lev_,_stat_) /* Nothing */ 188#define dprintf(x, arg...) 189#define PMAP_INLINE __inline 190#endif /* PMAP_DEBUG */ 191 192extern struct pv_addr systempage; 193 194extern int last_fault_code; 195 196/* 197 * Internal function prototypes 198 */ 199static void pmap_free_pv_entry (pv_entry_t); 200static pv_entry_t pmap_get_pv_entry(void); 201 202static void pmap_enter_locked(pmap_t, vm_offset_t, vm_page_t, 203 vm_prot_t, boolean_t, int); 204static vm_paddr_t pmap_extract_locked(pmap_t pmap, vm_offset_t va); 205static void pmap_fix_cache(struct vm_page *, pmap_t, vm_offset_t); 206static void pmap_alloc_l1(pmap_t); 207static void pmap_free_l1(pmap_t); 208 209static int pmap_clearbit(struct vm_page *, u_int); 210 211static struct l2_bucket *pmap_get_l2_bucket(pmap_t, vm_offset_t); 212static struct l2_bucket *pmap_alloc_l2_bucket(pmap_t, vm_offset_t); 213static void pmap_free_l2_bucket(pmap_t, struct l2_bucket *, u_int); 214static vm_offset_t kernel_pt_lookup(vm_paddr_t); 215 216static MALLOC_DEFINE(M_VMPMAP, "pmap", "PMAP L1"); 217 218vm_offset_t virtual_avail; /* VA of first avail page (after kernel bss) */ 219vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */ 220vm_offset_t pmap_curmaxkvaddr; 221vm_paddr_t kernel_l1pa; 222 223vm_offset_t kernel_vm_end = 0; 224 225vm_offset_t vm_max_kernel_address; 226 227struct pmap kernel_pmap_store; 228 229static pt_entry_t *csrc_pte, *cdst_pte; 230static vm_offset_t csrcp, cdstp; 231static struct mtx cmtx; 232 233static void pmap_init_l1(struct l1_ttable *, pd_entry_t *); 234/* 235 * These routines are called when the CPU type is identified to set up 236 * the PTE prototypes, cache modes, etc. 237 * 238 * The variables are always here, just in case LKMs need to reference 239 * them (though, they shouldn't). 240 */ 241 242pt_entry_t pte_l1_s_cache_mode; 243pt_entry_t pte_l1_s_cache_mode_pt; 244pt_entry_t pte_l1_s_cache_mask; 245 246pt_entry_t pte_l2_l_cache_mode; 247pt_entry_t pte_l2_l_cache_mode_pt; 248pt_entry_t pte_l2_l_cache_mask; 249 250pt_entry_t pte_l2_s_cache_mode; 251pt_entry_t pte_l2_s_cache_mode_pt; 252pt_entry_t pte_l2_s_cache_mask; 253 254pt_entry_t pte_l2_s_prot_u; 255pt_entry_t pte_l2_s_prot_w; 256pt_entry_t pte_l2_s_prot_mask; 257 258pt_entry_t pte_l1_s_proto; 259pt_entry_t pte_l1_c_proto; 260pt_entry_t pte_l2_s_proto; 261 262void (*pmap_copy_page_func)(vm_paddr_t, vm_paddr_t); 263void (*pmap_copy_page_offs_func)(vm_paddr_t a_phys, 264 vm_offset_t a_offs, vm_paddr_t b_phys, vm_offset_t b_offs, 265 int cnt); 266void (*pmap_zero_page_func)(vm_paddr_t, int, int); 267 268struct msgbuf *msgbufp = 0; 269 270/* 271 * Crashdump maps. 272 */ 273static caddr_t crashdumpmap; 274 275extern void bcopy_page(vm_offset_t, vm_offset_t); 276extern void bzero_page(vm_offset_t); 277 278extern vm_offset_t alloc_firstaddr; 279 280char *_tmppt; 281 282/* 283 * Metadata for L1 translation tables. 284 */ 285struct l1_ttable { 286 /* Entry on the L1 Table list */ 287 SLIST_ENTRY(l1_ttable) l1_link; 288 289 /* Entry on the L1 Least Recently Used list */ 290 TAILQ_ENTRY(l1_ttable) l1_lru; 291 292 /* Track how many domains are allocated from this L1 */ 293 volatile u_int l1_domain_use_count; 294 295 /* 296 * A free-list of domain numbers for this L1. 297 * We avoid using ffs() and a bitmap to track domains since ffs() 298 * is slow on ARM. 299 */ 300 u_int8_t l1_domain_first; 301 u_int8_t l1_domain_free[PMAP_DOMAINS]; 302 303 /* Physical address of this L1 page table */ 304 vm_paddr_t l1_physaddr; 305 306 /* KVA of this L1 page table */ 307 pd_entry_t *l1_kva; 308}; 309 310/* 311 * Convert a virtual address into its L1 table index. That is, the 312 * index used to locate the L2 descriptor table pointer in an L1 table. 313 * This is basically used to index l1->l1_kva[]. 314 * 315 * Each L2 descriptor table represents 1MB of VA space. 316 */ 317#define L1_IDX(va) (((vm_offset_t)(va)) >> L1_S_SHIFT) 318 319/* 320 * L1 Page Tables are tracked using a Least Recently Used list. 321 * - New L1s are allocated from the HEAD. 322 * - Freed L1s are added to the TAIl. 323 * - Recently accessed L1s (where an 'access' is some change to one of 324 * the userland pmaps which owns this L1) are moved to the TAIL. 325 */ 326static TAILQ_HEAD(, l1_ttable) l1_lru_list; 327/* 328 * A list of all L1 tables 329 */ 330static SLIST_HEAD(, l1_ttable) l1_list; 331static struct mtx l1_lru_lock; 332 333/* 334 * The l2_dtable tracks L2_BUCKET_SIZE worth of L1 slots. 335 * 336 * This is normally 16MB worth L2 page descriptors for any given pmap. 337 * Reference counts are maintained for L2 descriptors so they can be 338 * freed when empty. 339 */ 340struct l2_dtable { 341 /* The number of L2 page descriptors allocated to this l2_dtable */ 342 u_int l2_occupancy; 343 344 /* List of L2 page descriptors */ 345 struct l2_bucket { 346 pt_entry_t *l2b_kva; /* KVA of L2 Descriptor Table */ 347 vm_paddr_t l2b_phys; /* Physical address of same */ 348 u_short l2b_l1idx; /* This L2 table's L1 index */ 349 u_short l2b_occupancy; /* How many active descriptors */ 350 } l2_bucket[L2_BUCKET_SIZE]; 351}; 352 353/* pmap_kenter_internal flags */ 354#define KENTER_CACHE 0x1 355#define KENTER_USER 0x2 356 357/* 358 * Given an L1 table index, calculate the corresponding l2_dtable index 359 * and bucket index within the l2_dtable. 360 */ 361#define L2_IDX(l1idx) (((l1idx) >> L2_BUCKET_LOG2) & \ 362 (L2_SIZE - 1)) 363#define L2_BUCKET(l1idx) ((l1idx) & (L2_BUCKET_SIZE - 1)) 364 365/* 366 * Given a virtual address, this macro returns the 367 * virtual address required to drop into the next L2 bucket. 368 */ 369#define L2_NEXT_BUCKET(va) (((va) & L1_S_FRAME) + L1_S_SIZE) 370 371/* 372 * We try to map the page tables write-through, if possible. However, not 373 * all CPUs have a write-through cache mode, so on those we have to sync 374 * the cache when we frob page tables. 375 * 376 * We try to evaluate this at compile time, if possible. However, it's 377 * not always possible to do that, hence this run-time var. 378 */ 379int pmap_needs_pte_sync; 380 381/* 382 * Macro to determine if a mapping might be resident in the 383 * instruction cache and/or TLB 384 */ 385#define PV_BEEN_EXECD(f) (((f) & (PVF_REF | PVF_EXEC)) == (PVF_REF | PVF_EXEC)) 386 387/* 388 * Macro to determine if a mapping might be resident in the 389 * data cache and/or TLB 390 */ 391#define PV_BEEN_REFD(f) (((f) & PVF_REF) != 0) 392 393#ifndef PMAP_SHPGPERPROC 394#define PMAP_SHPGPERPROC 200 395#endif 396 397#define pmap_is_current(pm) ((pm) == pmap_kernel() || \ 398 curproc->p_vmspace->vm_map.pmap == (pm)) 399static uma_zone_t pvzone = NULL; 400uma_zone_t l2zone; 401static uma_zone_t l2table_zone; 402static vm_offset_t pmap_kernel_l2dtable_kva; 403static vm_offset_t pmap_kernel_l2ptp_kva; 404static vm_paddr_t pmap_kernel_l2ptp_phys; 405static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0; 406static struct rwlock pvh_global_lock; 407 408void pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs, 409 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt); 410#if ARM_MMU_XSCALE == 1 411void pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs, 412 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt); 413#endif 414 415/* 416 * This list exists for the benefit of pmap_map_chunk(). It keeps track 417 * of the kernel L2 tables during bootstrap, so that pmap_map_chunk() can 418 * find them as necessary. 419 * 420 * Note that the data on this list MUST remain valid after initarm() returns, 421 * as pmap_bootstrap() uses it to contruct L2 table metadata. 422 */ 423SLIST_HEAD(, pv_addr) kernel_pt_list = SLIST_HEAD_INITIALIZER(kernel_pt_list); 424 425static void 426pmap_init_l1(struct l1_ttable *l1, pd_entry_t *l1pt) 427{ 428 int i; 429 430 l1->l1_kva = l1pt; 431 l1->l1_domain_use_count = 0; 432 l1->l1_domain_first = 0; 433 434 for (i = 0; i < PMAP_DOMAINS; i++) 435 l1->l1_domain_free[i] = i + 1; 436 437 /* 438 * Copy the kernel's L1 entries to each new L1. 439 */ 440 if (l1pt != pmap_kernel()->pm_l1->l1_kva) 441 memcpy(l1pt, pmap_kernel()->pm_l1->l1_kva, L1_TABLE_SIZE); 442 443 if ((l1->l1_physaddr = pmap_extract(pmap_kernel(), (vm_offset_t)l1pt)) == 0) 444 panic("pmap_init_l1: can't get PA of L1 at %p", l1pt); 445 SLIST_INSERT_HEAD(&l1_list, l1, l1_link); 446 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 447} 448 449static vm_offset_t 450kernel_pt_lookup(vm_paddr_t pa) 451{ 452 struct pv_addr *pv; 453 454 SLIST_FOREACH(pv, &kernel_pt_list, pv_list) { 455 if (pv->pv_pa == pa) 456 return (pv->pv_va); 457 } 458 return (0); 459} 460 461#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 462void 463pmap_pte_init_generic(void) 464{ 465 466 pte_l1_s_cache_mode = L1_S_B|L1_S_C; 467 pte_l1_s_cache_mask = L1_S_CACHE_MASK_generic; 468 469 pte_l2_l_cache_mode = L2_B|L2_C; 470 pte_l2_l_cache_mask = L2_L_CACHE_MASK_generic; 471 472 pte_l2_s_cache_mode = L2_B|L2_C; 473 pte_l2_s_cache_mask = L2_S_CACHE_MASK_generic; 474 475 /* 476 * If we have a write-through cache, set B and C. If 477 * we have a write-back cache, then we assume setting 478 * only C will make those pages write-through. 479 */ 480 if (cpufuncs.cf_dcache_wb_range == (void *) cpufunc_nullop) { 481 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 482 pte_l2_l_cache_mode_pt = L2_B|L2_C; 483 pte_l2_s_cache_mode_pt = L2_B|L2_C; 484 } else { 485 pte_l1_s_cache_mode_pt = L1_S_C; 486 pte_l2_l_cache_mode_pt = L2_C; 487 pte_l2_s_cache_mode_pt = L2_C; 488 } 489 490 pte_l2_s_prot_u = L2_S_PROT_U_generic; 491 pte_l2_s_prot_w = L2_S_PROT_W_generic; 492 pte_l2_s_prot_mask = L2_S_PROT_MASK_generic; 493 494 pte_l1_s_proto = L1_S_PROTO_generic; 495 pte_l1_c_proto = L1_C_PROTO_generic; 496 pte_l2_s_proto = L2_S_PROTO_generic; 497 498 pmap_copy_page_func = pmap_copy_page_generic; 499 pmap_copy_page_offs_func = pmap_copy_page_offs_generic; 500 pmap_zero_page_func = pmap_zero_page_generic; 501} 502 503#if defined(CPU_ARM8) 504void 505pmap_pte_init_arm8(void) 506{ 507 508 /* 509 * ARM8 is compatible with generic, but we need to use 510 * the page tables uncached. 511 */ 512 pmap_pte_init_generic(); 513 514 pte_l1_s_cache_mode_pt = 0; 515 pte_l2_l_cache_mode_pt = 0; 516 pte_l2_s_cache_mode_pt = 0; 517} 518#endif /* CPU_ARM8 */ 519 520#if defined(CPU_ARM9) && defined(ARM9_CACHE_WRITE_THROUGH) 521void 522pmap_pte_init_arm9(void) 523{ 524 525 /* 526 * ARM9 is compatible with generic, but we want to use 527 * write-through caching for now. 528 */ 529 pmap_pte_init_generic(); 530 531 pte_l1_s_cache_mode = L1_S_C; 532 pte_l2_l_cache_mode = L2_C; 533 pte_l2_s_cache_mode = L2_C; 534 535 pte_l1_s_cache_mode_pt = L1_S_C; 536 pte_l2_l_cache_mode_pt = L2_C; 537 pte_l2_s_cache_mode_pt = L2_C; 538} 539#endif /* CPU_ARM9 */ 540#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 541 542#if defined(CPU_ARM10) 543void 544pmap_pte_init_arm10(void) 545{ 546 547 /* 548 * ARM10 is compatible with generic, but we want to use 549 * write-through caching for now. 550 */ 551 pmap_pte_init_generic(); 552 553 pte_l1_s_cache_mode = L1_S_B | L1_S_C; 554 pte_l2_l_cache_mode = L2_B | L2_C; 555 pte_l2_s_cache_mode = L2_B | L2_C; 556 557 pte_l1_s_cache_mode_pt = L1_S_C; 558 pte_l2_l_cache_mode_pt = L2_C; 559 pte_l2_s_cache_mode_pt = L2_C; 560 561} 562#endif /* CPU_ARM10 */ 563 564#if ARM_MMU_SA1 == 1 565void 566pmap_pte_init_sa1(void) 567{ 568 569 /* 570 * The StrongARM SA-1 cache does not have a write-through 571 * mode. So, do the generic initialization, then reset 572 * the page table cache mode to B=1,C=1, and note that 573 * the PTEs need to be sync'd. 574 */ 575 pmap_pte_init_generic(); 576 577 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 578 pte_l2_l_cache_mode_pt = L2_B|L2_C; 579 pte_l2_s_cache_mode_pt = L2_B|L2_C; 580 581 pmap_needs_pte_sync = 1; 582} 583#endif /* ARM_MMU_SA1 == 1*/ 584 585#if ARM_MMU_XSCALE == 1 586#if (ARM_NMMUS > 1) || defined (CPU_XSCALE_CORE3) 587static u_int xscale_use_minidata; 588#endif 589 590void 591pmap_pte_init_xscale(void) 592{ 593 uint32_t auxctl; 594 int write_through = 0; 595 596 pte_l1_s_cache_mode = L1_S_B|L1_S_C|L1_S_XSCALE_P; 597 pte_l1_s_cache_mask = L1_S_CACHE_MASK_xscale; 598 599 pte_l2_l_cache_mode = L2_B|L2_C; 600 pte_l2_l_cache_mask = L2_L_CACHE_MASK_xscale; 601 602 pte_l2_s_cache_mode = L2_B|L2_C; 603 pte_l2_s_cache_mask = L2_S_CACHE_MASK_xscale; 604 605 pte_l1_s_cache_mode_pt = L1_S_C; 606 pte_l2_l_cache_mode_pt = L2_C; 607 pte_l2_s_cache_mode_pt = L2_C; 608#ifdef XSCALE_CACHE_READ_WRITE_ALLOCATE 609 /* 610 * The XScale core has an enhanced mode where writes that 611 * miss the cache cause a cache line to be allocated. This 612 * is significantly faster than the traditional, write-through 613 * behavior of this case. 614 */ 615 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_X); 616 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_X); 617 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_X); 618#endif /* XSCALE_CACHE_READ_WRITE_ALLOCATE */ 619#ifdef XSCALE_CACHE_WRITE_THROUGH 620 /* 621 * Some versions of the XScale core have various bugs in 622 * their cache units, the work-around for which is to run 623 * the cache in write-through mode. Unfortunately, this 624 * has a major (negative) impact on performance. So, we 625 * go ahead and run fast-and-loose, in the hopes that we 626 * don't line up the planets in a way that will trip the 627 * bugs. 628 * 629 * However, we give you the option to be slow-but-correct. 630 */ 631 write_through = 1; 632#elif defined(XSCALE_CACHE_WRITE_BACK) 633 /* force write back cache mode */ 634 write_through = 0; 635#elif defined(CPU_XSCALE_PXA2X0) 636 /* 637 * Intel PXA2[15]0 processors are known to have a bug in 638 * write-back cache on revision 4 and earlier (stepping 639 * A[01] and B[012]). Fixed for C0 and later. 640 */ 641 { 642 uint32_t id, type; 643 644 id = cpufunc_id(); 645 type = id & ~(CPU_ID_XSCALE_COREREV_MASK|CPU_ID_REVISION_MASK); 646 647 if (type == CPU_ID_PXA250 || type == CPU_ID_PXA210) { 648 if ((id & CPU_ID_REVISION_MASK) < 5) { 649 /* write through for stepping A0-1 and B0-2 */ 650 write_through = 1; 651 } 652 } 653 } 654#endif /* XSCALE_CACHE_WRITE_THROUGH */ 655 656 if (write_through) { 657 pte_l1_s_cache_mode = L1_S_C; 658 pte_l2_l_cache_mode = L2_C; 659 pte_l2_s_cache_mode = L2_C; 660 } 661 662#if (ARM_NMMUS > 1) 663 xscale_use_minidata = 1; 664#endif 665 666 pte_l2_s_prot_u = L2_S_PROT_U_xscale; 667 pte_l2_s_prot_w = L2_S_PROT_W_xscale; 668 pte_l2_s_prot_mask = L2_S_PROT_MASK_xscale; 669 670 pte_l1_s_proto = L1_S_PROTO_xscale; 671 pte_l1_c_proto = L1_C_PROTO_xscale; 672 pte_l2_s_proto = L2_S_PROTO_xscale; 673 674#ifdef CPU_XSCALE_CORE3 675 pmap_copy_page_func = pmap_copy_page_generic; 676 pmap_copy_page_offs_func = pmap_copy_page_offs_generic; 677 pmap_zero_page_func = pmap_zero_page_generic; 678 xscale_use_minidata = 0; 679 /* Make sure it is L2-cachable */ 680 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_T); 681 pte_l1_s_cache_mode_pt = pte_l1_s_cache_mode &~ L1_S_XSCALE_P; 682 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_T) ; 683 pte_l2_l_cache_mode_pt = pte_l1_s_cache_mode; 684 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_T); 685 pte_l2_s_cache_mode_pt = pte_l2_s_cache_mode; 686 687#else 688 pmap_copy_page_func = pmap_copy_page_xscale; 689 pmap_copy_page_offs_func = pmap_copy_page_offs_xscale; 690 pmap_zero_page_func = pmap_zero_page_xscale; 691#endif 692 693 /* 694 * Disable ECC protection of page table access, for now. 695 */ 696 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl)); 697 auxctl &= ~XSCALE_AUXCTL_P; 698 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl)); 699} 700 701/* 702 * xscale_setup_minidata: 703 * 704 * Set up the mini-data cache clean area. We require the 705 * caller to allocate the right amount of physically and 706 * virtually contiguous space. 707 */ 708extern vm_offset_t xscale_minidata_clean_addr; 709extern vm_size_t xscale_minidata_clean_size; /* already initialized */ 710void 711xscale_setup_minidata(vm_offset_t l1pt, vm_offset_t va, vm_paddr_t pa) 712{ 713 pd_entry_t *pde = (pd_entry_t *) l1pt; 714 pt_entry_t *pte; 715 vm_size_t size; 716 uint32_t auxctl; 717 718 xscale_minidata_clean_addr = va; 719 720 /* Round it to page size. */ 721 size = (xscale_minidata_clean_size + L2_S_OFFSET) & L2_S_FRAME; 722 723 for (; size != 0; 724 va += L2_S_SIZE, pa += L2_S_SIZE, size -= L2_S_SIZE) { 725 pte = (pt_entry_t *) kernel_pt_lookup( 726 pde[L1_IDX(va)] & L1_C_ADDR_MASK); 727 if (pte == NULL) 728 panic("xscale_setup_minidata: can't find L2 table for " 729 "VA 0x%08x", (u_int32_t) va); 730 pte[l2pte_index(va)] = 731 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 732 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 733 } 734 735 /* 736 * Configure the mini-data cache for write-back with 737 * read/write-allocate. 738 * 739 * NOTE: In order to reconfigure the mini-data cache, we must 740 * make sure it contains no valid data! In order to do that, 741 * we must issue a global data cache invalidate command! 742 * 743 * WE ASSUME WE ARE RUNNING UN-CACHED WHEN THIS ROUTINE IS CALLED! 744 * THIS IS VERY IMPORTANT! 745 */ 746 747 /* Invalidate data and mini-data. */ 748 __asm __volatile("mcr p15, 0, %0, c7, c6, 0" : : "r" (0)); 749 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl)); 750 auxctl = (auxctl & ~XSCALE_AUXCTL_MD_MASK) | XSCALE_AUXCTL_MD_WB_RWA; 751 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl)); 752} 753#endif 754 755/* 756 * Allocate an L1 translation table for the specified pmap. 757 * This is called at pmap creation time. 758 */ 759static void 760pmap_alloc_l1(pmap_t pm) 761{ 762 struct l1_ttable *l1; 763 u_int8_t domain; 764 765 /* 766 * Remove the L1 at the head of the LRU list 767 */ 768 mtx_lock(&l1_lru_lock); 769 l1 = TAILQ_FIRST(&l1_lru_list); 770 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 771 772 /* 773 * Pick the first available domain number, and update 774 * the link to the next number. 775 */ 776 domain = l1->l1_domain_first; 777 l1->l1_domain_first = l1->l1_domain_free[domain]; 778 779 /* 780 * If there are still free domain numbers in this L1, 781 * put it back on the TAIL of the LRU list. 782 */ 783 if (++l1->l1_domain_use_count < PMAP_DOMAINS) 784 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 785 786 mtx_unlock(&l1_lru_lock); 787 788 /* 789 * Fix up the relevant bits in the pmap structure 790 */ 791 pm->pm_l1 = l1; 792 pm->pm_domain = domain + 1; 793} 794 795/* 796 * Free an L1 translation table. 797 * This is called at pmap destruction time. 798 */ 799static void 800pmap_free_l1(pmap_t pm) 801{ 802 struct l1_ttable *l1 = pm->pm_l1; 803 804 mtx_lock(&l1_lru_lock); 805 806 /* 807 * If this L1 is currently on the LRU list, remove it. 808 */ 809 if (l1->l1_domain_use_count < PMAP_DOMAINS) 810 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 811 812 /* 813 * Free up the domain number which was allocated to the pmap 814 */ 815 l1->l1_domain_free[pm->pm_domain - 1] = l1->l1_domain_first; 816 l1->l1_domain_first = pm->pm_domain - 1; 817 l1->l1_domain_use_count--; 818 819 /* 820 * The L1 now must have at least 1 free domain, so add 821 * it back to the LRU list. If the use count is zero, 822 * put it at the head of the list, otherwise it goes 823 * to the tail. 824 */ 825 if (l1->l1_domain_use_count == 0) { 826 TAILQ_INSERT_HEAD(&l1_lru_list, l1, l1_lru); 827 } else 828 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 829 830 mtx_unlock(&l1_lru_lock); 831} 832 833/* 834 * Returns a pointer to the L2 bucket associated with the specified pmap 835 * and VA, or NULL if no L2 bucket exists for the address. 836 */ 837static PMAP_INLINE struct l2_bucket * 838pmap_get_l2_bucket(pmap_t pm, vm_offset_t va) 839{ 840 struct l2_dtable *l2; 841 struct l2_bucket *l2b; 842 u_short l1idx; 843 844 l1idx = L1_IDX(va); 845 846 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL || 847 (l2b = &l2->l2_bucket[L2_BUCKET(l1idx)])->l2b_kva == NULL) 848 return (NULL); 849 850 return (l2b); 851} 852 853/* 854 * Returns a pointer to the L2 bucket associated with the specified pmap 855 * and VA. 856 * 857 * If no L2 bucket exists, perform the necessary allocations to put an L2 858 * bucket/page table in place. 859 * 860 * Note that if a new L2 bucket/page was allocated, the caller *must* 861 * increment the bucket occupancy counter appropriately *before* 862 * releasing the pmap's lock to ensure no other thread or cpu deallocates 863 * the bucket/page in the meantime. 864 */ 865static struct l2_bucket * 866pmap_alloc_l2_bucket(pmap_t pm, vm_offset_t va) 867{ 868 struct l2_dtable *l2; 869 struct l2_bucket *l2b; 870 u_short l1idx; 871 872 l1idx = L1_IDX(va); 873 874 PMAP_ASSERT_LOCKED(pm); 875 rw_assert(&pvh_global_lock, RA_WLOCKED); 876 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) { 877 /* 878 * No mapping at this address, as there is 879 * no entry in the L1 table. 880 * Need to allocate a new l2_dtable. 881 */ 882 PMAP_UNLOCK(pm); 883 rw_wunlock(&pvh_global_lock); 884 if ((l2 = uma_zalloc(l2table_zone, M_NOWAIT)) == NULL) { 885 rw_wlock(&pvh_global_lock); 886 PMAP_LOCK(pm); 887 return (NULL); 888 } 889 rw_wlock(&pvh_global_lock); 890 PMAP_LOCK(pm); 891 if (pm->pm_l2[L2_IDX(l1idx)] != NULL) { 892 /* 893 * Someone already allocated the l2_dtable while 894 * we were doing the same. 895 */ 896 uma_zfree(l2table_zone, l2); 897 l2 = pm->pm_l2[L2_IDX(l1idx)]; 898 } else { 899 bzero(l2, sizeof(*l2)); 900 /* 901 * Link it into the parent pmap 902 */ 903 pm->pm_l2[L2_IDX(l1idx)] = l2; 904 } 905 } 906 907 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 908 909 /* 910 * Fetch pointer to the L2 page table associated with the address. 911 */ 912 if (l2b->l2b_kva == NULL) { 913 pt_entry_t *ptep; 914 915 /* 916 * No L2 page table has been allocated. Chances are, this 917 * is because we just allocated the l2_dtable, above. 918 */ 919 PMAP_UNLOCK(pm); 920 rw_wunlock(&pvh_global_lock); 921 ptep = uma_zalloc(l2zone, M_NOWAIT); 922 rw_wlock(&pvh_global_lock); 923 PMAP_LOCK(pm); 924 if (l2b->l2b_kva != 0) { 925 /* We lost the race. */ 926 uma_zfree(l2zone, ptep); 927 return (l2b); 928 } 929 l2b->l2b_phys = vtophys(ptep); 930 if (ptep == NULL) { 931 /* 932 * Oops, no more L2 page tables available at this 933 * time. We may need to deallocate the l2_dtable 934 * if we allocated a new one above. 935 */ 936 if (l2->l2_occupancy == 0) { 937 pm->pm_l2[L2_IDX(l1idx)] = NULL; 938 uma_zfree(l2table_zone, l2); 939 } 940 return (NULL); 941 } 942 943 l2->l2_occupancy++; 944 l2b->l2b_kva = ptep; 945 l2b->l2b_l1idx = l1idx; 946 } 947 948 return (l2b); 949} 950 951static PMAP_INLINE void 952#ifndef PMAP_INCLUDE_PTE_SYNC 953pmap_free_l2_ptp(pt_entry_t *l2) 954#else 955pmap_free_l2_ptp(boolean_t need_sync, pt_entry_t *l2) 956#endif 957{ 958#ifdef PMAP_INCLUDE_PTE_SYNC 959 /* 960 * Note: With a write-back cache, we may need to sync this 961 * L2 table before re-using it. 962 * This is because it may have belonged to a non-current 963 * pmap, in which case the cache syncs would have been 964 * skipped when the pages were being unmapped. If the 965 * L2 table were then to be immediately re-allocated to 966 * the *current* pmap, it may well contain stale mappings 967 * which have not yet been cleared by a cache write-back 968 * and so would still be visible to the mmu. 969 */ 970 if (need_sync) 971 PTE_SYNC_RANGE(l2, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 972#endif 973 uma_zfree(l2zone, l2); 974} 975/* 976 * One or more mappings in the specified L2 descriptor table have just been 977 * invalidated. 978 * 979 * Garbage collect the metadata and descriptor table itself if necessary. 980 * 981 * The pmap lock must be acquired when this is called (not necessary 982 * for the kernel pmap). 983 */ 984static void 985pmap_free_l2_bucket(pmap_t pm, struct l2_bucket *l2b, u_int count) 986{ 987 struct l2_dtable *l2; 988 pd_entry_t *pl1pd, l1pd; 989 pt_entry_t *ptep; 990 u_short l1idx; 991 992 993 /* 994 * Update the bucket's reference count according to how many 995 * PTEs the caller has just invalidated. 996 */ 997 l2b->l2b_occupancy -= count; 998 999 /* 1000 * Note: 1001 * 1002 * Level 2 page tables allocated to the kernel pmap are never freed 1003 * as that would require checking all Level 1 page tables and 1004 * removing any references to the Level 2 page table. See also the 1005 * comment elsewhere about never freeing bootstrap L2 descriptors. 1006 * 1007 * We make do with just invalidating the mapping in the L2 table. 1008 * 1009 * This isn't really a big deal in practice and, in fact, leads 1010 * to a performance win over time as we don't need to continually 1011 * alloc/free. 1012 */ 1013 if (l2b->l2b_occupancy > 0 || pm == pmap_kernel()) 1014 return; 1015 1016 /* 1017 * There are no more valid mappings in this level 2 page table. 1018 * Go ahead and NULL-out the pointer in the bucket, then 1019 * free the page table. 1020 */ 1021 l1idx = l2b->l2b_l1idx; 1022 ptep = l2b->l2b_kva; 1023 l2b->l2b_kva = NULL; 1024 1025 pl1pd = &pm->pm_l1->l1_kva[l1idx]; 1026 1027 /* 1028 * If the L1 slot matches the pmap's domain 1029 * number, then invalidate it. 1030 */ 1031 l1pd = *pl1pd & (L1_TYPE_MASK | L1_C_DOM_MASK); 1032 if (l1pd == (L1_C_DOM(pm->pm_domain) | L1_TYPE_C)) { 1033 *pl1pd = 0; 1034 PTE_SYNC(pl1pd); 1035 } 1036 1037 /* 1038 * Release the L2 descriptor table back to the pool cache. 1039 */ 1040#ifndef PMAP_INCLUDE_PTE_SYNC 1041 pmap_free_l2_ptp(ptep); 1042#else 1043 pmap_free_l2_ptp(!pmap_is_current(pm), ptep); 1044#endif 1045 1046 /* 1047 * Update the reference count in the associated l2_dtable 1048 */ 1049 l2 = pm->pm_l2[L2_IDX(l1idx)]; 1050 if (--l2->l2_occupancy > 0) 1051 return; 1052 1053 /* 1054 * There are no more valid mappings in any of the Level 1 1055 * slots managed by this l2_dtable. Go ahead and NULL-out 1056 * the pointer in the parent pmap and free the l2_dtable. 1057 */ 1058 pm->pm_l2[L2_IDX(l1idx)] = NULL; 1059 uma_zfree(l2table_zone, l2); 1060} 1061 1062/* 1063 * Pool cache constructors for L2 descriptor tables, metadata and pmap 1064 * structures. 1065 */ 1066static int 1067pmap_l2ptp_ctor(void *mem, int size, void *arg, int flags) 1068{ 1069#ifndef PMAP_INCLUDE_PTE_SYNC 1070 struct l2_bucket *l2b; 1071 pt_entry_t *ptep, pte; 1072 1073 vm_offset_t va = (vm_offset_t)mem & ~PAGE_MASK; 1074 1075 /* 1076 * The mappings for these page tables were initially made using 1077 * pmap_kenter() by the pool subsystem. Therefore, the cache- 1078 * mode will not be right for page table mappings. To avoid 1079 * polluting the pmap_kenter() code with a special case for 1080 * page tables, we simply fix up the cache-mode here if it's not 1081 * correct. 1082 */ 1083 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 1084 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1085 pte = *ptep; 1086 1087 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 1088 /* 1089 * Page tables must have the cache-mode set to 1090 * Write-Thru. 1091 */ 1092 *ptep = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt; 1093 PTE_SYNC(ptep); 1094 cpu_tlb_flushD_SE(va); 1095 cpu_cpwait(); 1096 } 1097#endif 1098 memset(mem, 0, L2_TABLE_SIZE_REAL); 1099 PTE_SYNC_RANGE(mem, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 1100 return (0); 1101} 1102 1103/* 1104 * A bunch of routines to conditionally flush the caches/TLB depending 1105 * on whether the specified pmap actually needs to be flushed at any 1106 * given time. 1107 */ 1108static PMAP_INLINE void 1109pmap_tlb_flushID_SE(pmap_t pm, vm_offset_t va) 1110{ 1111 1112 if (pmap_is_current(pm)) 1113 cpu_tlb_flushID_SE(va); 1114} 1115 1116static PMAP_INLINE void 1117pmap_tlb_flushD_SE(pmap_t pm, vm_offset_t va) 1118{ 1119 1120 if (pmap_is_current(pm)) 1121 cpu_tlb_flushD_SE(va); 1122} 1123 1124static PMAP_INLINE void 1125pmap_tlb_flushID(pmap_t pm) 1126{ 1127 1128 if (pmap_is_current(pm)) 1129 cpu_tlb_flushID(); 1130} 1131static PMAP_INLINE void 1132pmap_tlb_flushD(pmap_t pm) 1133{ 1134 1135 if (pmap_is_current(pm)) 1136 cpu_tlb_flushD(); 1137} 1138 1139static int 1140pmap_has_valid_mapping(pmap_t pm, vm_offset_t va) 1141{ 1142 pd_entry_t *pde; 1143 pt_entry_t *ptep; 1144 1145 if (pmap_get_pde_pte(pm, va, &pde, &ptep) && 1146 ptep && ((*ptep & L2_TYPE_MASK) != L2_TYPE_INV)) 1147 return (1); 1148 1149 return (0); 1150} 1151 1152static PMAP_INLINE void 1153pmap_idcache_wbinv_range(pmap_t pm, vm_offset_t va, vm_size_t len) 1154{ 1155 vm_size_t rest; 1156 1157 CTR4(KTR_PMAP, "pmap_dcache_wbinv_range: pmap %p is_kernel %d va 0x%08x" 1158 " len 0x%x ", pm, pm == pmap_kernel(), va, len); 1159 1160 if (pmap_is_current(pm) || pm == pmap_kernel()) { 1161 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len); 1162 while (len > 0) { 1163 if (pmap_has_valid_mapping(pm, va)) { 1164 cpu_idcache_wbinv_range(va, rest); 1165 cpu_l2cache_wbinv_range(va, rest); 1166 } 1167 len -= rest; 1168 va += rest; 1169 rest = MIN(PAGE_SIZE, len); 1170 } 1171 } 1172} 1173 1174static PMAP_INLINE void 1175pmap_dcache_wb_range(pmap_t pm, vm_offset_t va, vm_size_t len, boolean_t do_inv, 1176 boolean_t rd_only) 1177{ 1178 vm_size_t rest; 1179 1180 CTR4(KTR_PMAP, "pmap_dcache_wb_range: pmap %p is_kernel %d va 0x%08x " 1181 "len 0x%x ", pm, pm == pmap_kernel(), va, len); 1182 CTR2(KTR_PMAP, " do_inv %d rd_only %d", do_inv, rd_only); 1183 1184 if (pmap_is_current(pm)) { 1185 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len); 1186 while (len > 0) { 1187 if (pmap_has_valid_mapping(pm, va)) { 1188 if (do_inv && rd_only) { 1189 cpu_dcache_inv_range(va, rest); 1190 cpu_l2cache_inv_range(va, rest); 1191 } else if (do_inv) { 1192 cpu_dcache_wbinv_range(va, rest); 1193 cpu_l2cache_wbinv_range(va, rest); 1194 } else if (!rd_only) { 1195 cpu_dcache_wb_range(va, rest); 1196 cpu_l2cache_wb_range(va, rest); 1197 } 1198 } 1199 len -= rest; 1200 va += rest; 1201 1202 rest = MIN(PAGE_SIZE, len); 1203 } 1204 } 1205} 1206 1207static PMAP_INLINE void 1208pmap_idcache_wbinv_all(pmap_t pm) 1209{ 1210 1211 if (pmap_is_current(pm)) { 1212 cpu_idcache_wbinv_all(); 1213 cpu_l2cache_wbinv_all(); 1214 } 1215} 1216 1217#ifdef notyet 1218static PMAP_INLINE void 1219pmap_dcache_wbinv_all(pmap_t pm) 1220{ 1221 1222 if (pmap_is_current(pm)) { 1223 cpu_dcache_wbinv_all(); 1224 cpu_l2cache_wbinv_all(); 1225 } 1226} 1227#endif 1228 1229/* 1230 * PTE_SYNC_CURRENT: 1231 * 1232 * Make sure the pte is written out to RAM. 1233 * We need to do this for one of two cases: 1234 * - We're dealing with the kernel pmap 1235 * - There is no pmap active in the cache/tlb. 1236 * - The specified pmap is 'active' in the cache/tlb. 1237 */ 1238#ifdef PMAP_INCLUDE_PTE_SYNC 1239#define PTE_SYNC_CURRENT(pm, ptep) \ 1240do { \ 1241 if (PMAP_NEEDS_PTE_SYNC && \ 1242 pmap_is_current(pm)) \ 1243 PTE_SYNC(ptep); \ 1244} while (/*CONSTCOND*/0) 1245#else 1246#define PTE_SYNC_CURRENT(pm, ptep) /* nothing */ 1247#endif 1248 1249/* 1250 * cacheable == -1 means we must make the entry uncacheable, 1 means 1251 * cacheable; 1252 */ 1253static __inline void 1254pmap_set_cache_entry(pv_entry_t pv, pmap_t pm, vm_offset_t va, int cacheable) 1255{ 1256 struct l2_bucket *l2b; 1257 pt_entry_t *ptep, pte; 1258 1259 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 1260 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 1261 1262 if (cacheable == 1) { 1263 pte = (*ptep & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode; 1264 if (l2pte_valid(pte)) { 1265 if (PV_BEEN_EXECD(pv->pv_flags)) { 1266 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va); 1267 } else if (PV_BEEN_REFD(pv->pv_flags)) { 1268 pmap_tlb_flushD_SE(pv->pv_pmap, pv->pv_va); 1269 } 1270 } 1271 } else { 1272 pte = *ptep &~ L2_S_CACHE_MASK; 1273 if ((va != pv->pv_va || pm != pv->pv_pmap) && 1274 l2pte_valid(pte)) { 1275 if (PV_BEEN_EXECD(pv->pv_flags)) { 1276 pmap_idcache_wbinv_range(pv->pv_pmap, 1277 pv->pv_va, PAGE_SIZE); 1278 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va); 1279 } else if (PV_BEEN_REFD(pv->pv_flags)) { 1280 pmap_dcache_wb_range(pv->pv_pmap, 1281 pv->pv_va, PAGE_SIZE, TRUE, 1282 (pv->pv_flags & PVF_WRITE) == 0); 1283 pmap_tlb_flushD_SE(pv->pv_pmap, 1284 pv->pv_va); 1285 } 1286 } 1287 } 1288 *ptep = pte; 1289 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 1290} 1291 1292static void 1293pmap_fix_cache(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1294{ 1295 int pmwc = 0; 1296 int writable = 0, kwritable = 0, uwritable = 0; 1297 int entries = 0, kentries = 0, uentries = 0; 1298 struct pv_entry *pv; 1299 1300 rw_assert(&pvh_global_lock, RA_WLOCKED); 1301 1302 /* the cache gets written back/invalidated on context switch. 1303 * therefore, if a user page shares an entry in the same page or 1304 * with the kernel map and at least one is writable, then the 1305 * cache entry must be set write-through. 1306 */ 1307 1308 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1309 /* generate a count of the pv_entry uses */ 1310 if (pv->pv_flags & PVF_WRITE) { 1311 if (pv->pv_pmap == pmap_kernel()) 1312 kwritable++; 1313 else if (pv->pv_pmap == pm) 1314 uwritable++; 1315 writable++; 1316 } 1317 if (pv->pv_pmap == pmap_kernel()) 1318 kentries++; 1319 else { 1320 if (pv->pv_pmap == pm) 1321 uentries++; 1322 entries++; 1323 } 1324 } 1325 /* 1326 * check if the user duplicate mapping has 1327 * been removed. 1328 */ 1329 if ((pm != pmap_kernel()) && (((uentries > 1) && uwritable) || 1330 (uwritable > 1))) 1331 pmwc = 1; 1332 1333 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1334 /* check for user uncachable conditions - order is important */ 1335 if (pm != pmap_kernel() && 1336 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel())) { 1337 1338 if ((uentries > 1 && uwritable) || uwritable > 1) { 1339 1340 /* user duplicate mapping */ 1341 if (pv->pv_pmap != pmap_kernel()) 1342 pv->pv_flags |= PVF_MWC; 1343 1344 if (!(pv->pv_flags & PVF_NC)) { 1345 pv->pv_flags |= PVF_NC; 1346 pmap_set_cache_entry(pv, pm, va, -1); 1347 } 1348 continue; 1349 } else /* no longer a duplicate user */ 1350 pv->pv_flags &= ~PVF_MWC; 1351 } 1352 1353 /* 1354 * check for kernel uncachable conditions 1355 * kernel writable or kernel readable with writable user entry 1356 */ 1357 if ((kwritable && (entries || kentries > 1)) || 1358 (kwritable > 1) || 1359 ((kwritable != writable) && kentries && 1360 (pv->pv_pmap == pmap_kernel() || 1361 (pv->pv_flags & PVF_WRITE) || 1362 (pv->pv_flags & PVF_MWC)))) { 1363 1364 if (!(pv->pv_flags & PVF_NC)) { 1365 pv->pv_flags |= PVF_NC; 1366 pmap_set_cache_entry(pv, pm, va, -1); 1367 } 1368 continue; 1369 } 1370 1371 /* kernel and user are cachable */ 1372 if ((pm == pmap_kernel()) && !(pv->pv_flags & PVF_MWC) && 1373 (pv->pv_flags & PVF_NC)) { 1374 1375 pv->pv_flags &= ~PVF_NC; 1376 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 1377 pmap_set_cache_entry(pv, pm, va, 1); 1378 continue; 1379 } 1380 /* user is no longer sharable and writable */ 1381 if (pm != pmap_kernel() && 1382 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel()) && 1383 !pmwc && (pv->pv_flags & PVF_NC)) { 1384 1385 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1386 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 1387 pmap_set_cache_entry(pv, pm, va, 1); 1388 } 1389 } 1390 1391 if ((kwritable == 0) && (writable == 0)) { 1392 pg->md.pvh_attrs &= ~PVF_MOD; 1393 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1394 return; 1395 } 1396} 1397 1398/* 1399 * Modify pte bits for all ptes corresponding to the given physical address. 1400 * We use `maskbits' rather than `clearbits' because we're always passing 1401 * constants and the latter would require an extra inversion at run-time. 1402 */ 1403static int 1404pmap_clearbit(struct vm_page *pg, u_int maskbits) 1405{ 1406 struct l2_bucket *l2b; 1407 struct pv_entry *pv; 1408 pt_entry_t *ptep, npte, opte; 1409 pmap_t pm; 1410 vm_offset_t va; 1411 u_int oflags; 1412 int count = 0; 1413 1414 rw_wlock(&pvh_global_lock); 1415 1416 if (maskbits & PVF_WRITE) 1417 maskbits |= PVF_MOD; 1418 /* 1419 * Clear saved attributes (modify, reference) 1420 */ 1421 pg->md.pvh_attrs &= ~(maskbits & (PVF_MOD | PVF_REF)); 1422 1423 if (TAILQ_EMPTY(&pg->md.pv_list)) { 1424 rw_wunlock(&pvh_global_lock); 1425 return (0); 1426 } 1427 1428 /* 1429 * Loop over all current mappings setting/clearing as appropos 1430 */ 1431 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1432 va = pv->pv_va; 1433 pm = pv->pv_pmap; 1434 oflags = pv->pv_flags; 1435 1436 if (!(oflags & maskbits)) { 1437 if ((maskbits & PVF_WRITE) && (pv->pv_flags & PVF_NC)) { 1438 if (pg->md.pv_memattr != 1439 VM_MEMATTR_UNCACHEABLE) { 1440 PMAP_LOCK(pm); 1441 l2b = pmap_get_l2_bucket(pm, va); 1442 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1443 *ptep |= pte_l2_s_cache_mode; 1444 PTE_SYNC(ptep); 1445 PMAP_UNLOCK(pm); 1446 } 1447 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1448 } 1449 continue; 1450 } 1451 pv->pv_flags &= ~maskbits; 1452 1453 PMAP_LOCK(pm); 1454 1455 l2b = pmap_get_l2_bucket(pm, va); 1456 1457 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1458 npte = opte = *ptep; 1459 1460 if (maskbits & (PVF_WRITE|PVF_MOD)) { 1461 if ((pv->pv_flags & PVF_NC)) { 1462 /* 1463 * Entry is not cacheable: 1464 * 1465 * Don't turn caching on again if this is a 1466 * modified emulation. This would be 1467 * inconsitent with the settings created by 1468 * pmap_fix_cache(). Otherwise, it's safe 1469 * to re-enable cacheing. 1470 * 1471 * There's no need to call pmap_fix_cache() 1472 * here: all pages are losing their write 1473 * permission. 1474 */ 1475 if (maskbits & PVF_WRITE) { 1476 if (pg->md.pv_memattr != 1477 VM_MEMATTR_UNCACHEABLE) 1478 npte |= pte_l2_s_cache_mode; 1479 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1480 } 1481 } else 1482 if (opte & L2_S_PROT_W) { 1483 vm_page_dirty(pg); 1484 /* 1485 * Entry is writable/cacheable: check if pmap 1486 * is current if it is flush it, otherwise it 1487 * won't be in the cache 1488 */ 1489 if (PV_BEEN_EXECD(oflags)) 1490 pmap_idcache_wbinv_range(pm, pv->pv_va, 1491 PAGE_SIZE); 1492 else 1493 if (PV_BEEN_REFD(oflags)) 1494 pmap_dcache_wb_range(pm, pv->pv_va, 1495 PAGE_SIZE, 1496 (maskbits & PVF_REF) ? TRUE : FALSE, 1497 FALSE); 1498 } 1499 1500 /* make the pte read only */ 1501 npte &= ~L2_S_PROT_W; 1502 } 1503 1504 if (maskbits & PVF_REF) { 1505 if ((pv->pv_flags & PVF_NC) == 0 && 1506 (maskbits & (PVF_WRITE|PVF_MOD)) == 0) { 1507 /* 1508 * Check npte here; we may have already 1509 * done the wbinv above, and the validity 1510 * of the PTE is the same for opte and 1511 * npte. 1512 */ 1513 if (npte & L2_S_PROT_W) { 1514 if (PV_BEEN_EXECD(oflags)) 1515 pmap_idcache_wbinv_range(pm, 1516 pv->pv_va, PAGE_SIZE); 1517 else 1518 if (PV_BEEN_REFD(oflags)) 1519 pmap_dcache_wb_range(pm, 1520 pv->pv_va, PAGE_SIZE, 1521 TRUE, FALSE); 1522 } else 1523 if ((npte & L2_TYPE_MASK) != L2_TYPE_INV) { 1524 /* XXXJRT need idcache_inv_range */ 1525 if (PV_BEEN_EXECD(oflags)) 1526 pmap_idcache_wbinv_range(pm, 1527 pv->pv_va, PAGE_SIZE); 1528 else 1529 if (PV_BEEN_REFD(oflags)) 1530 pmap_dcache_wb_range(pm, 1531 pv->pv_va, PAGE_SIZE, 1532 TRUE, TRUE); 1533 } 1534 } 1535 1536 /* 1537 * Make the PTE invalid so that we will take a 1538 * page fault the next time the mapping is 1539 * referenced. 1540 */ 1541 npte &= ~L2_TYPE_MASK; 1542 npte |= L2_TYPE_INV; 1543 } 1544 1545 if (npte != opte) { 1546 count++; 1547 *ptep = npte; 1548 PTE_SYNC(ptep); 1549 /* Flush the TLB entry if a current pmap. */ 1550 if (PV_BEEN_EXECD(oflags)) 1551 pmap_tlb_flushID_SE(pm, pv->pv_va); 1552 else 1553 if (PV_BEEN_REFD(oflags)) 1554 pmap_tlb_flushD_SE(pm, pv->pv_va); 1555 } 1556 1557 PMAP_UNLOCK(pm); 1558 1559 } 1560 1561 if (maskbits & PVF_WRITE) 1562 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1563 rw_wunlock(&pvh_global_lock); 1564 return (count); 1565} 1566 1567/* 1568 * main pv_entry manipulation functions: 1569 * pmap_enter_pv: enter a mapping onto a vm_page list 1570 * pmap_remove_pv: remove a mappiing from a vm_page list 1571 * 1572 * NOTE: pmap_enter_pv expects to lock the pvh itself 1573 * pmap_remove_pv expects the caller to lock the pvh before calling 1574 */ 1575 1576/* 1577 * pmap_enter_pv: enter a mapping onto a vm_page's PV list 1578 * 1579 * => caller should hold the proper lock on pvh_global_lock 1580 * => caller should have pmap locked 1581 * => we will (someday) gain the lock on the vm_page's PV list 1582 * => caller should adjust ptp's wire_count before calling 1583 * => caller should not adjust pmap's wire_count 1584 */ 1585static void 1586pmap_enter_pv(struct vm_page *pg, struct pv_entry *pve, pmap_t pm, 1587 vm_offset_t va, u_int flags) 1588{ 1589 1590 rw_assert(&pvh_global_lock, RA_WLOCKED); 1591 PMAP_ASSERT_LOCKED(pm); 1592 if (pg->md.pv_kva != 0) { 1593 pve->pv_pmap = kernel_pmap; 1594 pve->pv_va = pg->md.pv_kva; 1595 pve->pv_flags = PVF_WRITE | PVF_UNMAN; 1596 if (pm != kernel_pmap) 1597 PMAP_LOCK(kernel_pmap); 1598 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list); 1599 TAILQ_INSERT_HEAD(&kernel_pmap->pm_pvlist, pve, pv_plist); 1600 if (pm != kernel_pmap) 1601 PMAP_UNLOCK(kernel_pmap); 1602 pg->md.pv_kva = 0; 1603 if ((pve = pmap_get_pv_entry()) == NULL) 1604 panic("pmap_kenter_pv: no pv entries"); 1605 } 1606 pve->pv_pmap = pm; 1607 pve->pv_va = va; 1608 pve->pv_flags = flags; 1609 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list); 1610 TAILQ_INSERT_HEAD(&pm->pm_pvlist, pve, pv_plist); 1611 pg->md.pvh_attrs |= flags & (PVF_REF | PVF_MOD); 1612 if (pve->pv_flags & PVF_WIRED) 1613 ++pm->pm_stats.wired_count; 1614 vm_page_aflag_set(pg, PGA_REFERENCED); 1615} 1616 1617/* 1618 * 1619 * pmap_find_pv: Find a pv entry 1620 * 1621 * => caller should hold lock on vm_page 1622 */ 1623static PMAP_INLINE struct pv_entry * 1624pmap_find_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1625{ 1626 struct pv_entry *pv; 1627 1628 rw_assert(&pvh_global_lock, RA_WLOCKED); 1629 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) 1630 if (pm == pv->pv_pmap && va == pv->pv_va) 1631 break; 1632 return (pv); 1633} 1634 1635/* 1636 * vector_page_setprot: 1637 * 1638 * Manipulate the protection of the vector page. 1639 */ 1640void 1641vector_page_setprot(int prot) 1642{ 1643 struct l2_bucket *l2b; 1644 pt_entry_t *ptep; 1645 1646 l2b = pmap_get_l2_bucket(pmap_kernel(), vector_page); 1647 1648 ptep = &l2b->l2b_kva[l2pte_index(vector_page)]; 1649 1650 *ptep = (*ptep & ~L1_S_PROT_MASK) | L2_S_PROT(PTE_KERNEL, prot); 1651 PTE_SYNC(ptep); 1652 cpu_tlb_flushD_SE(vector_page); 1653 cpu_cpwait(); 1654} 1655 1656/* 1657 * pmap_remove_pv: try to remove a mapping from a pv_list 1658 * 1659 * => caller should hold proper lock on pmap_main_lock 1660 * => pmap should be locked 1661 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1662 * => caller should adjust ptp's wire_count and free PTP if needed 1663 * => caller should NOT adjust pmap's wire_count 1664 * => we return the removed pve 1665 */ 1666 1667static void 1668pmap_nuke_pv(struct vm_page *pg, pmap_t pm, struct pv_entry *pve) 1669{ 1670 1671 struct pv_entry *pv; 1672 rw_assert(&pvh_global_lock, RA_WLOCKED); 1673 PMAP_ASSERT_LOCKED(pm); 1674 TAILQ_REMOVE(&pg->md.pv_list, pve, pv_list); 1675 TAILQ_REMOVE(&pm->pm_pvlist, pve, pv_plist); 1676 if (pve->pv_flags & PVF_WIRED) 1677 --pm->pm_stats.wired_count; 1678 if (pg->md.pvh_attrs & PVF_MOD) 1679 vm_page_dirty(pg); 1680 if (TAILQ_FIRST(&pg->md.pv_list) == NULL) 1681 pg->md.pvh_attrs &= ~PVF_REF; 1682 else 1683 vm_page_aflag_set(pg, PGA_REFERENCED); 1684 if ((pve->pv_flags & PVF_NC) && ((pm == pmap_kernel()) || 1685 (pve->pv_flags & PVF_WRITE) || !(pve->pv_flags & PVF_MWC))) 1686 pmap_fix_cache(pg, pm, 0); 1687 else if (pve->pv_flags & PVF_WRITE) { 1688 TAILQ_FOREACH(pve, &pg->md.pv_list, pv_list) 1689 if (pve->pv_flags & PVF_WRITE) 1690 break; 1691 if (!pve) { 1692 pg->md.pvh_attrs &= ~PVF_MOD; 1693 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1694 } 1695 } 1696 pv = TAILQ_FIRST(&pg->md.pv_list); 1697 if (pv != NULL && (pv->pv_flags & PVF_UNMAN) && 1698 TAILQ_NEXT(pv, pv_list) == NULL) { 1699 pm = kernel_pmap; 1700 pg->md.pv_kva = pv->pv_va; 1701 /* a recursive pmap_nuke_pv */ 1702 TAILQ_REMOVE(&pg->md.pv_list, pv, pv_list); 1703 TAILQ_REMOVE(&pm->pm_pvlist, pv, pv_plist); 1704 if (pv->pv_flags & PVF_WIRED) 1705 --pm->pm_stats.wired_count; 1706 pg->md.pvh_attrs &= ~PVF_REF; 1707 pg->md.pvh_attrs &= ~PVF_MOD; 1708 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1709 pmap_free_pv_entry(pv); 1710 } 1711} 1712 1713static struct pv_entry * 1714pmap_remove_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1715{ 1716 struct pv_entry *pve; 1717 1718 rw_assert(&pvh_global_lock, RA_WLOCKED); 1719 pve = TAILQ_FIRST(&pg->md.pv_list); 1720 1721 while (pve) { 1722 if (pve->pv_pmap == pm && pve->pv_va == va) { /* match? */ 1723 pmap_nuke_pv(pg, pm, pve); 1724 break; 1725 } 1726 pve = TAILQ_NEXT(pve, pv_list); 1727 } 1728 1729 if (pve == NULL && pg->md.pv_kva == va) 1730 pg->md.pv_kva = 0; 1731 1732 return(pve); /* return removed pve */ 1733} 1734/* 1735 * 1736 * pmap_modify_pv: Update pv flags 1737 * 1738 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1739 * => caller should NOT adjust pmap's wire_count 1740 * => we return the old flags 1741 * 1742 * Modify a physical-virtual mapping in the pv table 1743 */ 1744static u_int 1745pmap_modify_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va, 1746 u_int clr_mask, u_int set_mask) 1747{ 1748 struct pv_entry *npv; 1749 u_int flags, oflags; 1750 1751 PMAP_ASSERT_LOCKED(pm); 1752 rw_assert(&pvh_global_lock, RA_WLOCKED); 1753 if ((npv = pmap_find_pv(pg, pm, va)) == NULL) 1754 return (0); 1755 1756 /* 1757 * There is at least one VA mapping this page. 1758 */ 1759 1760 if (clr_mask & (PVF_REF | PVF_MOD)) 1761 pg->md.pvh_attrs |= set_mask & (PVF_REF | PVF_MOD); 1762 1763 oflags = npv->pv_flags; 1764 npv->pv_flags = flags = (oflags & ~clr_mask) | set_mask; 1765 1766 if ((flags ^ oflags) & PVF_WIRED) { 1767 if (flags & PVF_WIRED) 1768 ++pm->pm_stats.wired_count; 1769 else 1770 --pm->pm_stats.wired_count; 1771 } 1772 1773 if ((flags ^ oflags) & PVF_WRITE) 1774 pmap_fix_cache(pg, pm, 0); 1775 1776 return (oflags); 1777} 1778 1779/* Function to set the debug level of the pmap code */ 1780#ifdef PMAP_DEBUG 1781void 1782pmap_debug(int level) 1783{ 1784 pmap_debug_level = level; 1785 dprintf("pmap_debug: level=%d\n", pmap_debug_level); 1786} 1787#endif /* PMAP_DEBUG */ 1788 1789void 1790pmap_pinit0(struct pmap *pmap) 1791{ 1792 PDEBUG(1, printf("pmap_pinit0: pmap = %08x\n", (u_int32_t) pmap)); 1793 1794 bcopy(kernel_pmap, pmap, sizeof(*pmap)); 1795 bzero(&pmap->pm_mtx, sizeof(pmap->pm_mtx)); 1796 PMAP_LOCK_INIT(pmap); 1797} 1798 1799/* 1800 * Initialize a vm_page's machine-dependent fields. 1801 */ 1802void 1803pmap_page_init(vm_page_t m) 1804{ 1805 1806 TAILQ_INIT(&m->md.pv_list); 1807 m->md.pv_memattr = VM_MEMATTR_DEFAULT; 1808} 1809 1810/* 1811 * Initialize the pmap module. 1812 * Called by vm_init, to initialize any structures that the pmap 1813 * system needs to map virtual memory. 1814 */ 1815void 1816pmap_init(void) 1817{ 1818 int shpgperproc = PMAP_SHPGPERPROC; 1819 1820 l2zone = uma_zcreate("L2 Table", L2_TABLE_SIZE_REAL, pmap_l2ptp_ctor, 1821 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1822 l2table_zone = uma_zcreate("L2 Table", sizeof(struct l2_dtable), NULL, 1823 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1824 1825 /* 1826 * Initialize the PV entry allocator. 1827 */ 1828 pvzone = uma_zcreate("PV ENTRY", sizeof (struct pv_entry), NULL, NULL, 1829 NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1830 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc); 1831 pv_entry_max = shpgperproc * maxproc + cnt.v_page_count; 1832 uma_zone_reserve_kva(pvzone, pv_entry_max); 1833 pv_entry_high_water = 9 * (pv_entry_max / 10); 1834 1835 /* 1836 * Now it is safe to enable pv_table recording. 1837 */ 1838 PDEBUG(1, printf("pmap_init: done!\n")); 1839} 1840 1841int 1842pmap_fault_fixup(pmap_t pm, vm_offset_t va, vm_prot_t ftype, int user) 1843{ 1844 struct l2_dtable *l2; 1845 struct l2_bucket *l2b; 1846 pd_entry_t *pl1pd, l1pd; 1847 pt_entry_t *ptep, pte; 1848 vm_paddr_t pa; 1849 u_int l1idx; 1850 int rv = 0; 1851 1852 l1idx = L1_IDX(va); 1853 rw_wlock(&pvh_global_lock); 1854 PMAP_LOCK(pm); 1855 1856 /* 1857 * If there is no l2_dtable for this address, then the process 1858 * has no business accessing it. 1859 * 1860 * Note: This will catch userland processes trying to access 1861 * kernel addresses. 1862 */ 1863 l2 = pm->pm_l2[L2_IDX(l1idx)]; 1864 if (l2 == NULL) 1865 goto out; 1866 1867 /* 1868 * Likewise if there is no L2 descriptor table 1869 */ 1870 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 1871 if (l2b->l2b_kva == NULL) 1872 goto out; 1873 1874 /* 1875 * Check the PTE itself. 1876 */ 1877 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1878 pte = *ptep; 1879 if (pte == 0) 1880 goto out; 1881 1882 /* 1883 * Catch a userland access to the vector page mapped at 0x0 1884 */ 1885 if (user && (pte & L2_S_PROT_U) == 0) 1886 goto out; 1887 if (va == vector_page) 1888 goto out; 1889 1890 pa = l2pte_pa(pte); 1891 1892 if ((ftype & VM_PROT_WRITE) && (pte & L2_S_PROT_W) == 0) { 1893 /* 1894 * This looks like a good candidate for "page modified" 1895 * emulation... 1896 */ 1897 struct pv_entry *pv; 1898 struct vm_page *pg; 1899 1900 /* Extract the physical address of the page */ 1901 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) { 1902 goto out; 1903 } 1904 /* Get the current flags for this page. */ 1905 1906 pv = pmap_find_pv(pg, pm, va); 1907 if (pv == NULL) { 1908 goto out; 1909 } 1910 1911 /* 1912 * Do the flags say this page is writable? If not then it 1913 * is a genuine write fault. If yes then the write fault is 1914 * our fault as we did not reflect the write access in the 1915 * PTE. Now we know a write has occurred we can correct this 1916 * and also set the modified bit 1917 */ 1918 if ((pv->pv_flags & PVF_WRITE) == 0) { 1919 goto out; 1920 } 1921 1922 pg->md.pvh_attrs |= PVF_REF | PVF_MOD; 1923 vm_page_dirty(pg); 1924 pv->pv_flags |= PVF_REF | PVF_MOD; 1925 1926 /* 1927 * Re-enable write permissions for the page. No need to call 1928 * pmap_fix_cache(), since this is just a 1929 * modified-emulation fault, and the PVF_WRITE bit isn't 1930 * changing. We've already set the cacheable bits based on 1931 * the assumption that we can write to this page. 1932 */ 1933 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO | L2_S_PROT_W; 1934 PTE_SYNC(ptep); 1935 rv = 1; 1936 } else 1937 if ((pte & L2_TYPE_MASK) == L2_TYPE_INV) { 1938 /* 1939 * This looks like a good candidate for "page referenced" 1940 * emulation. 1941 */ 1942 struct pv_entry *pv; 1943 struct vm_page *pg; 1944 1945 /* Extract the physical address of the page */ 1946 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) 1947 goto out; 1948 /* Get the current flags for this page. */ 1949 1950 pv = pmap_find_pv(pg, pm, va); 1951 if (pv == NULL) 1952 goto out; 1953 1954 pg->md.pvh_attrs |= PVF_REF; 1955 pv->pv_flags |= PVF_REF; 1956 1957 1958 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO; 1959 PTE_SYNC(ptep); 1960 rv = 1; 1961 } 1962 1963 /* 1964 * We know there is a valid mapping here, so simply 1965 * fix up the L1 if necessary. 1966 */ 1967 pl1pd = &pm->pm_l1->l1_kva[l1idx]; 1968 l1pd = l2b->l2b_phys | L1_C_DOM(pm->pm_domain) | L1_C_PROTO; 1969 if (*pl1pd != l1pd) { 1970 *pl1pd = l1pd; 1971 PTE_SYNC(pl1pd); 1972 rv = 1; 1973 } 1974 1975#ifdef CPU_SA110 1976 /* 1977 * There are bugs in the rev K SA110. This is a check for one 1978 * of them. 1979 */ 1980 if (rv == 0 && curcpu()->ci_arm_cputype == CPU_ID_SA110 && 1981 curcpu()->ci_arm_cpurev < 3) { 1982 /* Always current pmap */ 1983 if (l2pte_valid(pte)) { 1984 extern int kernel_debug; 1985 if (kernel_debug & 1) { 1986 struct proc *p = curlwp->l_proc; 1987 printf("prefetch_abort: page is already " 1988 "mapped - pte=%p *pte=%08x\n", ptep, pte); 1989 printf("prefetch_abort: pc=%08lx proc=%p " 1990 "process=%s\n", va, p, p->p_comm); 1991 printf("prefetch_abort: far=%08x fs=%x\n", 1992 cpu_faultaddress(), cpu_faultstatus()); 1993 } 1994#ifdef DDB 1995 if (kernel_debug & 2) 1996 Debugger(); 1997#endif 1998 rv = 1; 1999 } 2000 } 2001#endif /* CPU_SA110 */ 2002 2003#ifdef DEBUG 2004 /* 2005 * If 'rv == 0' at this point, it generally indicates that there is a 2006 * stale TLB entry for the faulting address. This happens when two or 2007 * more processes are sharing an L1. Since we don't flush the TLB on 2008 * a context switch between such processes, we can take domain faults 2009 * for mappings which exist at the same VA in both processes. EVEN IF 2010 * WE'VE RECENTLY FIXED UP THE CORRESPONDING L1 in pmap_enter(), for 2011 * example. 2012 * 2013 * This is extremely likely to happen if pmap_enter() updated the L1 2014 * entry for a recently entered mapping. In this case, the TLB is 2015 * flushed for the new mapping, but there may still be TLB entries for 2016 * other mappings belonging to other processes in the 1MB range 2017 * covered by the L1 entry. 2018 * 2019 * Since 'rv == 0', we know that the L1 already contains the correct 2020 * value, so the fault must be due to a stale TLB entry. 2021 * 2022 * Since we always need to flush the TLB anyway in the case where we 2023 * fixed up the L1, or frobbed the L2 PTE, we effectively deal with 2024 * stale TLB entries dynamically. 2025 * 2026 * However, the above condition can ONLY happen if the current L1 is 2027 * being shared. If it happens when the L1 is unshared, it indicates 2028 * that other parts of the pmap are not doing their job WRT managing 2029 * the TLB. 2030 */ 2031 if (rv == 0 && pm->pm_l1->l1_domain_use_count == 1) { 2032 printf("fixup: pm %p, va 0x%lx, ftype %d - nothing to do!\n", 2033 pm, (u_long)va, ftype); 2034 printf("fixup: l2 %p, l2b %p, ptep %p, pl1pd %p\n", 2035 l2, l2b, ptep, pl1pd); 2036 printf("fixup: pte 0x%x, l1pd 0x%x, last code 0x%x\n", 2037 pte, l1pd, last_fault_code); 2038#ifdef DDB 2039 Debugger(); 2040#endif 2041 } 2042#endif 2043 2044 cpu_tlb_flushID_SE(va); 2045 cpu_cpwait(); 2046 2047 rv = 1; 2048 2049out: 2050 rw_wunlock(&pvh_global_lock); 2051 PMAP_UNLOCK(pm); 2052 return (rv); 2053} 2054 2055void 2056pmap_postinit(void) 2057{ 2058 struct l2_bucket *l2b; 2059 struct l1_ttable *l1; 2060 pd_entry_t *pl1pt; 2061 pt_entry_t *ptep, pte; 2062 vm_offset_t va, eva; 2063 u_int loop, needed; 2064 2065 needed = (maxproc / PMAP_DOMAINS) + ((maxproc % PMAP_DOMAINS) ? 1 : 0); 2066 needed -= 1; 2067 l1 = malloc(sizeof(*l1) * needed, M_VMPMAP, M_WAITOK); 2068 2069 for (loop = 0; loop < needed; loop++, l1++) { 2070 /* Allocate a L1 page table */ 2071 va = (vm_offset_t)contigmalloc(L1_TABLE_SIZE, M_VMPMAP, 0, 0x0, 2072 0xffffffff, L1_TABLE_SIZE, 0); 2073 2074 if (va == 0) 2075 panic("Cannot allocate L1 KVM"); 2076 2077 eva = va + L1_TABLE_SIZE; 2078 pl1pt = (pd_entry_t *)va; 2079 2080 while (va < eva) { 2081 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2082 ptep = &l2b->l2b_kva[l2pte_index(va)]; 2083 pte = *ptep; 2084 pte = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt; 2085 *ptep = pte; 2086 PTE_SYNC(ptep); 2087 cpu_tlb_flushD_SE(va); 2088 2089 va += PAGE_SIZE; 2090 } 2091 pmap_init_l1(l1, pl1pt); 2092 } 2093 2094 2095#ifdef DEBUG 2096 printf("pmap_postinit: Allocated %d static L1 descriptor tables\n", 2097 needed); 2098#endif 2099} 2100 2101/* 2102 * This is used to stuff certain critical values into the PCB where they 2103 * can be accessed quickly from cpu_switch() et al. 2104 */ 2105void 2106pmap_set_pcb_pagedir(pmap_t pm, struct pcb *pcb) 2107{ 2108 struct l2_bucket *l2b; 2109 2110 pcb->pcb_pagedir = pm->pm_l1->l1_physaddr; 2111 pcb->pcb_dacr = (DOMAIN_CLIENT << (PMAP_DOMAIN_KERNEL * 2)) | 2112 (DOMAIN_CLIENT << (pm->pm_domain * 2)); 2113 2114 if (vector_page < KERNBASE) { 2115 pcb->pcb_pl1vec = &pm->pm_l1->l1_kva[L1_IDX(vector_page)]; 2116 l2b = pmap_get_l2_bucket(pm, vector_page); 2117 pcb->pcb_l1vec = l2b->l2b_phys | L1_C_PROTO | 2118 L1_C_DOM(pm->pm_domain) | L1_C_DOM(PMAP_DOMAIN_KERNEL); 2119 } else 2120 pcb->pcb_pl1vec = NULL; 2121} 2122 2123void 2124pmap_activate(struct thread *td) 2125{ 2126 pmap_t pm; 2127 struct pcb *pcb; 2128 2129 pm = vmspace_pmap(td->td_proc->p_vmspace); 2130 pcb = td->td_pcb; 2131 2132 critical_enter(); 2133 pmap_set_pcb_pagedir(pm, pcb); 2134 2135 if (td == curthread) { 2136 u_int cur_dacr, cur_ttb; 2137 2138 __asm __volatile("mrc p15, 0, %0, c2, c0, 0" : "=r"(cur_ttb)); 2139 __asm __volatile("mrc p15, 0, %0, c3, c0, 0" : "=r"(cur_dacr)); 2140 2141 cur_ttb &= ~(L1_TABLE_SIZE - 1); 2142 2143 if (cur_ttb == (u_int)pcb->pcb_pagedir && 2144 cur_dacr == pcb->pcb_dacr) { 2145 /* 2146 * No need to switch address spaces. 2147 */ 2148 critical_exit(); 2149 return; 2150 } 2151 2152 2153 /* 2154 * We MUST, I repeat, MUST fix up the L1 entry corresponding 2155 * to 'vector_page' in the incoming L1 table before switching 2156 * to it otherwise subsequent interrupts/exceptions (including 2157 * domain faults!) will jump into hyperspace. 2158 */ 2159 if (pcb->pcb_pl1vec) { 2160 2161 *pcb->pcb_pl1vec = pcb->pcb_l1vec; 2162 /* 2163 * Don't need to PTE_SYNC() at this point since 2164 * cpu_setttb() is about to flush both the cache 2165 * and the TLB. 2166 */ 2167 } 2168 2169 cpu_domains(pcb->pcb_dacr); 2170 cpu_setttb(pcb->pcb_pagedir); 2171 } 2172 critical_exit(); 2173} 2174 2175static int 2176pmap_set_pt_cache_mode(pd_entry_t *kl1, vm_offset_t va) 2177{ 2178 pd_entry_t *pdep, pde; 2179 pt_entry_t *ptep, pte; 2180 vm_offset_t pa; 2181 int rv = 0; 2182 2183 /* 2184 * Make sure the descriptor itself has the correct cache mode 2185 */ 2186 pdep = &kl1[L1_IDX(va)]; 2187 pde = *pdep; 2188 2189 if (l1pte_section_p(pde)) { 2190 if ((pde & L1_S_CACHE_MASK) != pte_l1_s_cache_mode_pt) { 2191 *pdep = (pde & ~L1_S_CACHE_MASK) | 2192 pte_l1_s_cache_mode_pt; 2193 PTE_SYNC(pdep); 2194 cpu_dcache_wbinv_range((vm_offset_t)pdep, 2195 sizeof(*pdep)); 2196 cpu_l2cache_wbinv_range((vm_offset_t)pdep, 2197 sizeof(*pdep)); 2198 rv = 1; 2199 } 2200 } else { 2201 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK); 2202 ptep = (pt_entry_t *)kernel_pt_lookup(pa); 2203 if (ptep == NULL) 2204 panic("pmap_bootstrap: No L2 for L2 @ va %p\n", ptep); 2205 2206 ptep = &ptep[l2pte_index(va)]; 2207 pte = *ptep; 2208 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 2209 *ptep = (pte & ~L2_S_CACHE_MASK) | 2210 pte_l2_s_cache_mode_pt; 2211 PTE_SYNC(ptep); 2212 cpu_dcache_wbinv_range((vm_offset_t)ptep, 2213 sizeof(*ptep)); 2214 cpu_l2cache_wbinv_range((vm_offset_t)ptep, 2215 sizeof(*ptep)); 2216 rv = 1; 2217 } 2218 } 2219 2220 return (rv); 2221} 2222 2223static void 2224pmap_alloc_specials(vm_offset_t *availp, int pages, vm_offset_t *vap, 2225 pt_entry_t **ptep) 2226{ 2227 vm_offset_t va = *availp; 2228 struct l2_bucket *l2b; 2229 2230 if (ptep) { 2231 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2232 if (l2b == NULL) 2233 panic("pmap_alloc_specials: no l2b for 0x%x", va); 2234 2235 *ptep = &l2b->l2b_kva[l2pte_index(va)]; 2236 } 2237 2238 *vap = va; 2239 *availp = va + (PAGE_SIZE * pages); 2240} 2241 2242/* 2243 * Bootstrap the system enough to run with virtual memory. 2244 * 2245 * On the arm this is called after mapping has already been enabled 2246 * and just syncs the pmap module with what has already been done. 2247 * [We can't call it easily with mapping off since the kernel is not 2248 * mapped with PA == VA, hence we would have to relocate every address 2249 * from the linked base (virtual) address "KERNBASE" to the actual 2250 * (physical) address starting relative to 0] 2251 */ 2252#define PMAP_STATIC_L2_SIZE 16 2253void 2254pmap_bootstrap(vm_offset_t firstaddr, struct pv_addr *l1pt) 2255{ 2256 static struct l1_ttable static_l1; 2257 static struct l2_dtable static_l2[PMAP_STATIC_L2_SIZE]; 2258 struct l1_ttable *l1 = &static_l1; 2259 struct l2_dtable *l2; 2260 struct l2_bucket *l2b; 2261 pd_entry_t pde; 2262 pd_entry_t *kernel_l1pt = (pd_entry_t *)l1pt->pv_va; 2263 pt_entry_t *ptep; 2264 vm_paddr_t pa; 2265 vm_offset_t va; 2266 vm_size_t size; 2267 int l1idx, l2idx, l2next = 0; 2268 2269 PDEBUG(1, printf("firstaddr = %08x, lastaddr = %08x\n", 2270 firstaddr, vm_max_kernel_address)); 2271 2272 virtual_avail = firstaddr; 2273 kernel_pmap->pm_l1 = l1; 2274 kernel_l1pa = l1pt->pv_pa; 2275 2276 /* 2277 * Scan the L1 translation table created by initarm() and create 2278 * the required metadata for all valid mappings found in it. 2279 */ 2280 for (l1idx = 0; l1idx < (L1_TABLE_SIZE / sizeof(pd_entry_t)); l1idx++) { 2281 pde = kernel_l1pt[l1idx]; 2282 2283 /* 2284 * We're only interested in Coarse mappings. 2285 * pmap_extract() can deal with section mappings without 2286 * recourse to checking L2 metadata. 2287 */ 2288 if ((pde & L1_TYPE_MASK) != L1_TYPE_C) 2289 continue; 2290 2291 /* 2292 * Lookup the KVA of this L2 descriptor table 2293 */ 2294 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK); 2295 ptep = (pt_entry_t *)kernel_pt_lookup(pa); 2296 2297 if (ptep == NULL) { 2298 panic("pmap_bootstrap: No L2 for va 0x%x, pa 0x%lx", 2299 (u_int)l1idx << L1_S_SHIFT, (long unsigned int)pa); 2300 } 2301 2302 /* 2303 * Fetch the associated L2 metadata structure. 2304 * Allocate a new one if necessary. 2305 */ 2306 if ((l2 = kernel_pmap->pm_l2[L2_IDX(l1idx)]) == NULL) { 2307 if (l2next == PMAP_STATIC_L2_SIZE) 2308 panic("pmap_bootstrap: out of static L2s"); 2309 kernel_pmap->pm_l2[L2_IDX(l1idx)] = l2 = 2310 &static_l2[l2next++]; 2311 } 2312 2313 /* 2314 * One more L1 slot tracked... 2315 */ 2316 l2->l2_occupancy++; 2317 2318 /* 2319 * Fill in the details of the L2 descriptor in the 2320 * appropriate bucket. 2321 */ 2322 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 2323 l2b->l2b_kva = ptep; 2324 l2b->l2b_phys = pa; 2325 l2b->l2b_l1idx = l1idx; 2326 2327 /* 2328 * Establish an initial occupancy count for this descriptor 2329 */ 2330 for (l2idx = 0; 2331 l2idx < (L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 2332 l2idx++) { 2333 if ((ptep[l2idx] & L2_TYPE_MASK) != L2_TYPE_INV) { 2334 l2b->l2b_occupancy++; 2335 } 2336 } 2337 2338 /* 2339 * Make sure the descriptor itself has the correct cache mode. 2340 * If not, fix it, but whine about the problem. Port-meisters 2341 * should consider this a clue to fix up their initarm() 2342 * function. :) 2343 */ 2344 if (pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)ptep)) { 2345 printf("pmap_bootstrap: WARNING! wrong cache mode for " 2346 "L2 pte @ %p\n", ptep); 2347 } 2348 } 2349 2350 2351 /* 2352 * Ensure the primary (kernel) L1 has the correct cache mode for 2353 * a page table. Bitch if it is not correctly set. 2354 */ 2355 for (va = (vm_offset_t)kernel_l1pt; 2356 va < ((vm_offset_t)kernel_l1pt + L1_TABLE_SIZE); va += PAGE_SIZE) { 2357 if (pmap_set_pt_cache_mode(kernel_l1pt, va)) 2358 printf("pmap_bootstrap: WARNING! wrong cache mode for " 2359 "primary L1 @ 0x%x\n", va); 2360 } 2361 2362 cpu_dcache_wbinv_all(); 2363 cpu_l2cache_wbinv_all(); 2364 cpu_tlb_flushID(); 2365 cpu_cpwait(); 2366 2367 PMAP_LOCK_INIT(kernel_pmap); 2368 CPU_FILL(&kernel_pmap->pm_active); 2369 kernel_pmap->pm_domain = PMAP_DOMAIN_KERNEL; 2370 TAILQ_INIT(&kernel_pmap->pm_pvlist); 2371 2372 /* 2373 * Initialize the global pv list lock. 2374 */ 2375 rw_init_flags(&pvh_global_lock, "pmap pv global", RW_RECURSE); 2376 2377 /* 2378 * Reserve some special page table entries/VA space for temporary 2379 * mapping of pages. 2380 */ 2381#define SYSMAP(c, p, v, n) \ 2382 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n); 2383 2384 pmap_alloc_specials(&virtual_avail, 1, &csrcp, &csrc_pte); 2385 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)csrc_pte); 2386 pmap_alloc_specials(&virtual_avail, 1, &cdstp, &cdst_pte); 2387 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)cdst_pte); 2388 size = ((vm_max_kernel_address - pmap_curmaxkvaddr) + L1_S_OFFSET) / 2389 L1_S_SIZE; 2390 pmap_alloc_specials(&virtual_avail, 2391 round_page(size * L2_TABLE_SIZE_REAL) / PAGE_SIZE, 2392 &pmap_kernel_l2ptp_kva, NULL); 2393 2394 size = (size + (L2_BUCKET_SIZE - 1)) / L2_BUCKET_SIZE; 2395 pmap_alloc_specials(&virtual_avail, 2396 round_page(size * sizeof(struct l2_dtable)) / PAGE_SIZE, 2397 &pmap_kernel_l2dtable_kva, NULL); 2398 2399 pmap_alloc_specials(&virtual_avail, 2400 1, (vm_offset_t*)&_tmppt, NULL); 2401 pmap_alloc_specials(&virtual_avail, 2402 MAXDUMPPGS, (vm_offset_t *)&crashdumpmap, NULL); 2403 SLIST_INIT(&l1_list); 2404 TAILQ_INIT(&l1_lru_list); 2405 mtx_init(&l1_lru_lock, "l1 list lock", NULL, MTX_DEF); 2406 pmap_init_l1(l1, kernel_l1pt); 2407 cpu_dcache_wbinv_all(); 2408 cpu_l2cache_wbinv_all(); 2409 2410 virtual_avail = round_page(virtual_avail); 2411 virtual_end = vm_max_kernel_address; 2412 kernel_vm_end = pmap_curmaxkvaddr; 2413 mtx_init(&cmtx, "TMP mappings mtx", NULL, MTX_DEF); 2414 2415 pmap_set_pcb_pagedir(kernel_pmap, thread0.td_pcb); 2416} 2417 2418/*************************************************** 2419 * Pmap allocation/deallocation routines. 2420 ***************************************************/ 2421 2422/* 2423 * Release any resources held by the given physical map. 2424 * Called when a pmap initialized by pmap_pinit is being released. 2425 * Should only be called if the map contains no valid mappings. 2426 */ 2427void 2428pmap_release(pmap_t pmap) 2429{ 2430 struct pcb *pcb; 2431 2432 pmap_idcache_wbinv_all(pmap); 2433 cpu_l2cache_wbinv_all(); 2434 pmap_tlb_flushID(pmap); 2435 cpu_cpwait(); 2436 if (vector_page < KERNBASE) { 2437 struct pcb *curpcb = PCPU_GET(curpcb); 2438 pcb = thread0.td_pcb; 2439 if (pmap_is_current(pmap)) { 2440 /* 2441 * Frob the L1 entry corresponding to the vector 2442 * page so that it contains the kernel pmap's domain 2443 * number. This will ensure pmap_remove() does not 2444 * pull the current vector page out from under us. 2445 */ 2446 critical_enter(); 2447 *pcb->pcb_pl1vec = pcb->pcb_l1vec; 2448 cpu_domains(pcb->pcb_dacr); 2449 cpu_setttb(pcb->pcb_pagedir); 2450 critical_exit(); 2451 } 2452 pmap_remove(pmap, vector_page, vector_page + PAGE_SIZE); 2453 /* 2454 * Make sure cpu_switch(), et al, DTRT. This is safe to do 2455 * since this process has no remaining mappings of its own. 2456 */ 2457 curpcb->pcb_pl1vec = pcb->pcb_pl1vec; 2458 curpcb->pcb_l1vec = pcb->pcb_l1vec; 2459 curpcb->pcb_dacr = pcb->pcb_dacr; 2460 curpcb->pcb_pagedir = pcb->pcb_pagedir; 2461 2462 } 2463 pmap_free_l1(pmap); 2464 2465 dprintf("pmap_release()\n"); 2466} 2467 2468 2469 2470/* 2471 * Helper function for pmap_grow_l2_bucket() 2472 */ 2473static __inline int 2474pmap_grow_map(vm_offset_t va, pt_entry_t cache_mode, vm_paddr_t *pap) 2475{ 2476 struct l2_bucket *l2b; 2477 pt_entry_t *ptep; 2478 vm_paddr_t pa; 2479 struct vm_page *pg; 2480 2481 pg = vm_page_alloc(NULL, 0, VM_ALLOC_NOOBJ | VM_ALLOC_WIRED); 2482 if (pg == NULL) 2483 return (1); 2484 pa = VM_PAGE_TO_PHYS(pg); 2485 2486 if (pap) 2487 *pap = pa; 2488 2489 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2490 2491 ptep = &l2b->l2b_kva[l2pte_index(va)]; 2492 *ptep = L2_S_PROTO | pa | cache_mode | 2493 L2_S_PROT(PTE_KERNEL, VM_PROT_READ | VM_PROT_WRITE); 2494 PTE_SYNC(ptep); 2495 return (0); 2496} 2497 2498/* 2499 * This is the same as pmap_alloc_l2_bucket(), except that it is only 2500 * used by pmap_growkernel(). 2501 */ 2502static __inline struct l2_bucket * 2503pmap_grow_l2_bucket(pmap_t pm, vm_offset_t va) 2504{ 2505 struct l2_dtable *l2; 2506 struct l2_bucket *l2b; 2507 struct l1_ttable *l1; 2508 pd_entry_t *pl1pd; 2509 u_short l1idx; 2510 vm_offset_t nva; 2511 2512 l1idx = L1_IDX(va); 2513 2514 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) { 2515 /* 2516 * No mapping at this address, as there is 2517 * no entry in the L1 table. 2518 * Need to allocate a new l2_dtable. 2519 */ 2520 nva = pmap_kernel_l2dtable_kva; 2521 if ((nva & PAGE_MASK) == 0) { 2522 /* 2523 * Need to allocate a backing page 2524 */ 2525 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL)) 2526 return (NULL); 2527 } 2528 2529 l2 = (struct l2_dtable *)nva; 2530 nva += sizeof(struct l2_dtable); 2531 2532 if ((nva & PAGE_MASK) < (pmap_kernel_l2dtable_kva & 2533 PAGE_MASK)) { 2534 /* 2535 * The new l2_dtable straddles a page boundary. 2536 * Map in another page to cover it. 2537 */ 2538 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL)) 2539 return (NULL); 2540 } 2541 2542 pmap_kernel_l2dtable_kva = nva; 2543 2544 /* 2545 * Link it into the parent pmap 2546 */ 2547 pm->pm_l2[L2_IDX(l1idx)] = l2; 2548 memset(l2, 0, sizeof(*l2)); 2549 } 2550 2551 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 2552 2553 /* 2554 * Fetch pointer to the L2 page table associated with the address. 2555 */ 2556 if (l2b->l2b_kva == NULL) { 2557 pt_entry_t *ptep; 2558 2559 /* 2560 * No L2 page table has been allocated. Chances are, this 2561 * is because we just allocated the l2_dtable, above. 2562 */ 2563 nva = pmap_kernel_l2ptp_kva; 2564 ptep = (pt_entry_t *)nva; 2565 if ((nva & PAGE_MASK) == 0) { 2566 /* 2567 * Need to allocate a backing page 2568 */ 2569 if (pmap_grow_map(nva, pte_l2_s_cache_mode_pt, 2570 &pmap_kernel_l2ptp_phys)) 2571 return (NULL); 2572 PTE_SYNC_RANGE(ptep, PAGE_SIZE / sizeof(pt_entry_t)); 2573 } 2574 memset(ptep, 0, L2_TABLE_SIZE_REAL); 2575 l2->l2_occupancy++; 2576 l2b->l2b_kva = ptep; 2577 l2b->l2b_l1idx = l1idx; 2578 l2b->l2b_phys = pmap_kernel_l2ptp_phys; 2579 2580 pmap_kernel_l2ptp_kva += L2_TABLE_SIZE_REAL; 2581 pmap_kernel_l2ptp_phys += L2_TABLE_SIZE_REAL; 2582 } 2583 2584 /* Distribute new L1 entry to all other L1s */ 2585 SLIST_FOREACH(l1, &l1_list, l1_link) { 2586 pl1pd = &l1->l1_kva[L1_IDX(va)]; 2587 *pl1pd = l2b->l2b_phys | L1_C_DOM(PMAP_DOMAIN_KERNEL) | 2588 L1_C_PROTO; 2589 PTE_SYNC(pl1pd); 2590 } 2591 2592 return (l2b); 2593} 2594 2595 2596/* 2597 * grow the number of kernel page table entries, if needed 2598 */ 2599void 2600pmap_growkernel(vm_offset_t addr) 2601{ 2602 pmap_t kpm = pmap_kernel(); 2603 2604 if (addr <= pmap_curmaxkvaddr) 2605 return; /* we are OK */ 2606 2607 /* 2608 * whoops! we need to add kernel PTPs 2609 */ 2610 2611 /* Map 1MB at a time */ 2612 for (; pmap_curmaxkvaddr < addr; pmap_curmaxkvaddr += L1_S_SIZE) 2613 pmap_grow_l2_bucket(kpm, pmap_curmaxkvaddr); 2614 2615 /* 2616 * flush out the cache, expensive but growkernel will happen so 2617 * rarely 2618 */ 2619 cpu_dcache_wbinv_all(); 2620 cpu_l2cache_wbinv_all(); 2621 cpu_tlb_flushD(); 2622 cpu_cpwait(); 2623 kernel_vm_end = pmap_curmaxkvaddr; 2624} 2625 2626 2627/* 2628 * Remove all pages from specified address space 2629 * this aids process exit speeds. Also, this code 2630 * is special cased for current process only, but 2631 * can have the more generic (and slightly slower) 2632 * mode enabled. This is much faster than pmap_remove 2633 * in the case of running down an entire address space. 2634 */ 2635void 2636pmap_remove_pages(pmap_t pmap) 2637{ 2638 struct pv_entry *pv, *npv; 2639 struct l2_bucket *l2b = NULL; 2640 vm_page_t m; 2641 pt_entry_t *pt; 2642 2643 rw_wlock(&pvh_global_lock); 2644 PMAP_LOCK(pmap); 2645 cpu_idcache_wbinv_all(); 2646 cpu_l2cache_wbinv_all(); 2647 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) { 2648 if (pv->pv_flags & PVF_WIRED || pv->pv_flags & PVF_UNMAN) { 2649 /* Cannot remove wired or unmanaged pages now. */ 2650 npv = TAILQ_NEXT(pv, pv_plist); 2651 continue; 2652 } 2653 pmap->pm_stats.resident_count--; 2654 l2b = pmap_get_l2_bucket(pmap, pv->pv_va); 2655 KASSERT(l2b != NULL, ("No L2 bucket in pmap_remove_pages")); 2656 pt = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 2657 m = PHYS_TO_VM_PAGE(*pt & L2_ADDR_MASK); 2658 KASSERT((vm_offset_t)m >= KERNBASE, ("Trying to access non-existent page va %x pte %x", pv->pv_va, *pt)); 2659 *pt = 0; 2660 PTE_SYNC(pt); 2661 npv = TAILQ_NEXT(pv, pv_plist); 2662 pmap_nuke_pv(m, pmap, pv); 2663 if (TAILQ_EMPTY(&m->md.pv_list)) 2664 vm_page_aflag_clear(m, PGA_WRITEABLE); 2665 pmap_free_pv_entry(pv); 2666 pmap_free_l2_bucket(pmap, l2b, 1); 2667 } 2668 rw_wunlock(&pvh_global_lock); 2669 cpu_tlb_flushID(); 2670 cpu_cpwait(); 2671 PMAP_UNLOCK(pmap); 2672} 2673 2674 2675/*************************************************** 2676 * Low level mapping routines..... 2677 ***************************************************/ 2678 2679#ifdef ARM_HAVE_SUPERSECTIONS 2680/* Map a super section into the KVA. */ 2681 2682void 2683pmap_kenter_supersection(vm_offset_t va, uint64_t pa, int flags) 2684{ 2685 pd_entry_t pd = L1_S_PROTO | L1_S_SUPERSEC | (pa & L1_SUP_FRAME) | 2686 (((pa >> 32) & 0xf) << 20) | L1_S_PROT(PTE_KERNEL, 2687 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL); 2688 struct l1_ttable *l1; 2689 vm_offset_t va0, va_end; 2690 2691 KASSERT(((va | pa) & L1_SUP_OFFSET) == 0, 2692 ("Not a valid super section mapping")); 2693 if (flags & SECTION_CACHE) 2694 pd |= pte_l1_s_cache_mode; 2695 else if (flags & SECTION_PT) 2696 pd |= pte_l1_s_cache_mode_pt; 2697 va0 = va & L1_SUP_FRAME; 2698 va_end = va + L1_SUP_SIZE; 2699 SLIST_FOREACH(l1, &l1_list, l1_link) { 2700 va = va0; 2701 for (; va < va_end; va += L1_S_SIZE) { 2702 l1->l1_kva[L1_IDX(va)] = pd; 2703 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]); 2704 } 2705 } 2706} 2707#endif 2708 2709/* Map a section into the KVA. */ 2710 2711void 2712pmap_kenter_section(vm_offset_t va, vm_offset_t pa, int flags) 2713{ 2714 pd_entry_t pd = L1_S_PROTO | pa | L1_S_PROT(PTE_KERNEL, 2715 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL); 2716 struct l1_ttable *l1; 2717 2718 KASSERT(((va | pa) & L1_S_OFFSET) == 0, 2719 ("Not a valid section mapping")); 2720 if (flags & SECTION_CACHE) 2721 pd |= pte_l1_s_cache_mode; 2722 else if (flags & SECTION_PT) 2723 pd |= pte_l1_s_cache_mode_pt; 2724 SLIST_FOREACH(l1, &l1_list, l1_link) { 2725 l1->l1_kva[L1_IDX(va)] = pd; 2726 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]); 2727 } 2728} 2729 2730/* 2731 * Make a temporary mapping for a physical address. This is only intended 2732 * to be used for panic dumps. 2733 */ 2734void * 2735pmap_kenter_temp(vm_paddr_t pa, int i) 2736{ 2737 vm_offset_t va; 2738 2739 va = (vm_offset_t)crashdumpmap + (i * PAGE_SIZE); 2740 pmap_kenter(va, pa); 2741 return ((void *)crashdumpmap); 2742} 2743 2744/* 2745 * add a wired page to the kva 2746 * note that in order for the mapping to take effect -- you 2747 * should do a invltlb after doing the pmap_kenter... 2748 */ 2749static PMAP_INLINE void 2750pmap_kenter_internal(vm_offset_t va, vm_offset_t pa, int flags) 2751{ 2752 struct l2_bucket *l2b; 2753 pt_entry_t *pte; 2754 pt_entry_t opte; 2755 struct pv_entry *pve; 2756 vm_page_t m; 2757 2758 PDEBUG(1, printf("pmap_kenter: va = %08x, pa = %08x\n", 2759 (uint32_t) va, (uint32_t) pa)); 2760 2761 2762 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2763 if (l2b == NULL) 2764 l2b = pmap_grow_l2_bucket(pmap_kernel(), va); 2765 KASSERT(l2b != NULL, ("No L2 Bucket")); 2766 pte = &l2b->l2b_kva[l2pte_index(va)]; 2767 opte = *pte; 2768 PDEBUG(1, printf("pmap_kenter: pte = %08x, opte = %08x, npte = %08x\n", 2769 (uint32_t) pte, opte, *pte)); 2770 if (l2pte_valid(opte)) { 2771 pmap_kremove(va); 2772 } else { 2773 if (opte == 0) 2774 l2b->l2b_occupancy++; 2775 } 2776 *pte = L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, 2777 VM_PROT_READ | VM_PROT_WRITE); 2778 if (flags & KENTER_CACHE) 2779 *pte |= pte_l2_s_cache_mode; 2780 if (flags & KENTER_USER) 2781 *pte |= L2_S_PROT_U; 2782 PTE_SYNC(pte); 2783 2784 /* 2785 * A kernel mapping may not be the page's only mapping, so create a PV 2786 * entry to ensure proper caching. 2787 * 2788 * The existence test for the pvzone is used to delay the recording of 2789 * kernel mappings until the VM system is fully initialized. 2790 * 2791 * This expects the physical memory to have a vm_page_array entry. 2792 */ 2793 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) != NULL) { 2794 rw_wlock(&pvh_global_lock); 2795 if (!TAILQ_EMPTY(&m->md.pv_list) || m->md.pv_kva != 0) { 2796 if ((pve = pmap_get_pv_entry()) == NULL) 2797 panic("pmap_kenter_internal: no pv entries"); 2798 PMAP_LOCK(pmap_kernel()); 2799 pmap_enter_pv(m, pve, pmap_kernel(), va, 2800 PVF_WRITE | PVF_UNMAN); 2801 pmap_fix_cache(m, pmap_kernel(), va); 2802 PMAP_UNLOCK(pmap_kernel()); 2803 } else { 2804 m->md.pv_kva = va; 2805 } 2806 rw_wunlock(&pvh_global_lock); 2807 } 2808} 2809 2810void 2811pmap_kenter(vm_offset_t va, vm_paddr_t pa) 2812{ 2813 pmap_kenter_internal(va, pa, KENTER_CACHE); 2814} 2815 2816void 2817pmap_kenter_nocache(vm_offset_t va, vm_paddr_t pa) 2818{ 2819 2820 pmap_kenter_internal(va, pa, 0); 2821} 2822 2823void 2824pmap_kenter_device(vm_offset_t va, vm_paddr_t pa) 2825{ 2826 2827 /* 2828 * XXX - Need a way for kenter_internal to handle PTE_DEVICE mapping as 2829 * a potentially different thing than PTE_NOCACHE. 2830 */ 2831 pmap_kenter_internal(va, pa, 0); 2832} 2833 2834void 2835pmap_kenter_user(vm_offset_t va, vm_paddr_t pa) 2836{ 2837 2838 pmap_kenter_internal(va, pa, KENTER_CACHE|KENTER_USER); 2839 /* 2840 * Call pmap_fault_fixup now, to make sure we'll have no exception 2841 * at the first use of the new address, or bad things will happen, 2842 * as we use one of these addresses in the exception handlers. 2843 */ 2844 pmap_fault_fixup(pmap_kernel(), va, VM_PROT_READ|VM_PROT_WRITE, 1); 2845} 2846 2847vm_paddr_t 2848pmap_kextract(vm_offset_t va) 2849{ 2850 2851 return (pmap_extract_locked(kernel_pmap, va)); 2852} 2853 2854/* 2855 * remove a page from the kernel pagetables 2856 */ 2857void 2858pmap_kremove(vm_offset_t va) 2859{ 2860 struct l2_bucket *l2b; 2861 pt_entry_t *pte, opte; 2862 struct pv_entry *pve; 2863 vm_page_t m; 2864 vm_offset_t pa; 2865 2866 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2867 if (!l2b) 2868 return; 2869 KASSERT(l2b != NULL, ("No L2 Bucket")); 2870 pte = &l2b->l2b_kva[l2pte_index(va)]; 2871 opte = *pte; 2872 if (l2pte_valid(opte)) { 2873 /* pa = vtophs(va) taken from pmap_extract() */ 2874 switch (opte & L2_TYPE_MASK) { 2875 case L2_TYPE_L: 2876 pa = (opte & L2_L_FRAME) | (va & L2_L_OFFSET); 2877 break; 2878 default: 2879 pa = (opte & L2_S_FRAME) | (va & L2_S_OFFSET); 2880 break; 2881 } 2882 /* note: should never have to remove an allocation 2883 * before the pvzone is initialized. 2884 */ 2885 rw_wlock(&pvh_global_lock); 2886 PMAP_LOCK(pmap_kernel()); 2887 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) && 2888 (pve = pmap_remove_pv(m, pmap_kernel(), va))) 2889 pmap_free_pv_entry(pve); 2890 PMAP_UNLOCK(pmap_kernel()); 2891 rw_wunlock(&pvh_global_lock); 2892 va = va & ~PAGE_MASK; 2893 cpu_dcache_wbinv_range(va, PAGE_SIZE); 2894 cpu_l2cache_wbinv_range(va, PAGE_SIZE); 2895 cpu_tlb_flushD_SE(va); 2896 cpu_cpwait(); 2897 *pte = 0; 2898 } 2899} 2900 2901 2902/* 2903 * Used to map a range of physical addresses into kernel 2904 * virtual address space. 2905 * 2906 * The value passed in '*virt' is a suggested virtual address for 2907 * the mapping. Architectures which can support a direct-mapped 2908 * physical to virtual region can return the appropriate address 2909 * within that region, leaving '*virt' unchanged. Other 2910 * architectures should map the pages starting at '*virt' and 2911 * update '*virt' with the first usable address after the mapped 2912 * region. 2913 */ 2914vm_offset_t 2915pmap_map(vm_offset_t *virt, vm_offset_t start, vm_offset_t end, int prot) 2916{ 2917 vm_offset_t sva = *virt; 2918 vm_offset_t va = sva; 2919 2920 PDEBUG(1, printf("pmap_map: virt = %08x, start = %08x, end = %08x, " 2921 "prot = %d\n", (uint32_t) *virt, (uint32_t) start, (uint32_t) end, 2922 prot)); 2923 2924 while (start < end) { 2925 pmap_kenter(va, start); 2926 va += PAGE_SIZE; 2927 start += PAGE_SIZE; 2928 } 2929 *virt = va; 2930 return (sva); 2931} 2932 2933static void 2934pmap_wb_page(vm_page_t m) 2935{ 2936 struct pv_entry *pv; 2937 2938 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 2939 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, FALSE, 2940 (pv->pv_flags & PVF_WRITE) == 0); 2941} 2942 2943static void 2944pmap_inv_page(vm_page_t m) 2945{ 2946 struct pv_entry *pv; 2947 2948 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 2949 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, TRUE, TRUE); 2950} 2951/* 2952 * Add a list of wired pages to the kva 2953 * this routine is only used for temporary 2954 * kernel mappings that do not need to have 2955 * page modification or references recorded. 2956 * Note that old mappings are simply written 2957 * over. The page *must* be wired. 2958 */ 2959void 2960pmap_qenter(vm_offset_t va, vm_page_t *m, int count) 2961{ 2962 int i; 2963 2964 for (i = 0; i < count; i++) { 2965 pmap_wb_page(m[i]); 2966 pmap_kenter_internal(va, VM_PAGE_TO_PHYS(m[i]), 2967 KENTER_CACHE); 2968 va += PAGE_SIZE; 2969 } 2970} 2971 2972 2973/* 2974 * this routine jerks page mappings from the 2975 * kernel -- it is meant only for temporary mappings. 2976 */ 2977void 2978pmap_qremove(vm_offset_t va, int count) 2979{ 2980 vm_paddr_t pa; 2981 int i; 2982 2983 for (i = 0; i < count; i++) { 2984 pa = vtophys(va); 2985 if (pa) { 2986 pmap_inv_page(PHYS_TO_VM_PAGE(pa)); 2987 pmap_kremove(va); 2988 } 2989 va += PAGE_SIZE; 2990 } 2991} 2992 2993 2994/* 2995 * pmap_object_init_pt preloads the ptes for a given object 2996 * into the specified pmap. This eliminates the blast of soft 2997 * faults on process startup and immediately after an mmap. 2998 */ 2999void 3000pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_object_t object, 3001 vm_pindex_t pindex, vm_size_t size) 3002{ 3003 3004 VM_OBJECT_ASSERT_WLOCKED(object); 3005 KASSERT(object->type == OBJT_DEVICE || object->type == OBJT_SG, 3006 ("pmap_object_init_pt: non-device object")); 3007} 3008 3009 3010/* 3011 * pmap_is_prefaultable: 3012 * 3013 * Return whether or not the specified virtual address is elgible 3014 * for prefault. 3015 */ 3016boolean_t 3017pmap_is_prefaultable(pmap_t pmap, vm_offset_t addr) 3018{ 3019 pd_entry_t *pde; 3020 pt_entry_t *pte; 3021 3022 if (!pmap_get_pde_pte(pmap, addr, &pde, &pte)) 3023 return (FALSE); 3024 KASSERT(pte != NULL, ("Valid mapping but no pte ?")); 3025 if (*pte == 0) 3026 return (TRUE); 3027 return (FALSE); 3028} 3029 3030/* 3031 * Fetch pointers to the PDE/PTE for the given pmap/VA pair. 3032 * Returns TRUE if the mapping exists, else FALSE. 3033 * 3034 * NOTE: This function is only used by a couple of arm-specific modules. 3035 * It is not safe to take any pmap locks here, since we could be right 3036 * in the middle of debugging the pmap anyway... 3037 * 3038 * It is possible for this routine to return FALSE even though a valid 3039 * mapping does exist. This is because we don't lock, so the metadata 3040 * state may be inconsistent. 3041 * 3042 * NOTE: We can return a NULL *ptp in the case where the L1 pde is 3043 * a "section" mapping. 3044 */ 3045boolean_t 3046pmap_get_pde_pte(pmap_t pm, vm_offset_t va, pd_entry_t **pdp, pt_entry_t **ptp) 3047{ 3048 struct l2_dtable *l2; 3049 pd_entry_t *pl1pd, l1pd; 3050 pt_entry_t *ptep; 3051 u_short l1idx; 3052 3053 if (pm->pm_l1 == NULL) 3054 return (FALSE); 3055 3056 l1idx = L1_IDX(va); 3057 *pdp = pl1pd = &pm->pm_l1->l1_kva[l1idx]; 3058 l1pd = *pl1pd; 3059 3060 if (l1pte_section_p(l1pd)) { 3061 *ptp = NULL; 3062 return (TRUE); 3063 } 3064 3065 if (pm->pm_l2 == NULL) 3066 return (FALSE); 3067 3068 l2 = pm->pm_l2[L2_IDX(l1idx)]; 3069 3070 if (l2 == NULL || 3071 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) { 3072 return (FALSE); 3073 } 3074 3075 *ptp = &ptep[l2pte_index(va)]; 3076 return (TRUE); 3077} 3078 3079/* 3080 * Routine: pmap_remove_all 3081 * Function: 3082 * Removes this physical page from 3083 * all physical maps in which it resides. 3084 * Reflects back modify bits to the pager. 3085 * 3086 * Notes: 3087 * Original versions of this routine were very 3088 * inefficient because they iteratively called 3089 * pmap_remove (slow...) 3090 */ 3091void 3092pmap_remove_all(vm_page_t m) 3093{ 3094 pv_entry_t pv; 3095 pt_entry_t *ptep; 3096 struct l2_bucket *l2b; 3097 boolean_t flush = FALSE; 3098 pmap_t curpm; 3099 int flags = 0; 3100 3101 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 3102 ("pmap_remove_all: page %p is not managed", m)); 3103 if (TAILQ_EMPTY(&m->md.pv_list)) 3104 return; 3105 rw_wlock(&pvh_global_lock); 3106 pmap_remove_write(m); 3107 curpm = vmspace_pmap(curproc->p_vmspace); 3108 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) { 3109 if (flush == FALSE && (pv->pv_pmap == curpm || 3110 pv->pv_pmap == pmap_kernel())) 3111 flush = TRUE; 3112 3113 PMAP_LOCK(pv->pv_pmap); 3114 /* 3115 * Cached contents were written-back in pmap_remove_write(), 3116 * but we still have to invalidate the cache entry to make 3117 * sure stale data are not retrieved when another page will be 3118 * mapped under this virtual address. 3119 */ 3120 if (pmap_is_current(pv->pv_pmap)) { 3121 cpu_dcache_inv_range(pv->pv_va, PAGE_SIZE); 3122 if (pmap_has_valid_mapping(pv->pv_pmap, pv->pv_va)) 3123 cpu_l2cache_inv_range(pv->pv_va, PAGE_SIZE); 3124 } 3125 3126 if (pv->pv_flags & PVF_UNMAN) { 3127 /* remove the pv entry, but do not remove the mapping 3128 * and remember this is a kernel mapped page 3129 */ 3130 m->md.pv_kva = pv->pv_va; 3131 } else { 3132 /* remove the mapping and pv entry */ 3133 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 3134 KASSERT(l2b != NULL, ("No l2 bucket")); 3135 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 3136 *ptep = 0; 3137 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 3138 pmap_free_l2_bucket(pv->pv_pmap, l2b, 1); 3139 pv->pv_pmap->pm_stats.resident_count--; 3140 flags |= pv->pv_flags; 3141 } 3142 pmap_nuke_pv(m, pv->pv_pmap, pv); 3143 PMAP_UNLOCK(pv->pv_pmap); 3144 pmap_free_pv_entry(pv); 3145 } 3146 3147 if (flush) { 3148 if (PV_BEEN_EXECD(flags)) 3149 pmap_tlb_flushID(curpm); 3150 else 3151 pmap_tlb_flushD(curpm); 3152 } 3153 vm_page_aflag_clear(m, PGA_WRITEABLE); 3154 rw_wunlock(&pvh_global_lock); 3155} 3156 3157 3158/* 3159 * Set the physical protection on the 3160 * specified range of this map as requested. 3161 */ 3162void 3163pmap_protect(pmap_t pm, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot) 3164{ 3165 struct l2_bucket *l2b; 3166 pt_entry_t *ptep, pte; 3167 vm_offset_t next_bucket; 3168 u_int flags; 3169 int flush; 3170 3171 CTR4(KTR_PMAP, "pmap_protect: pmap %p sva 0x%08x eva 0x%08x prot %x", 3172 pm, sva, eva, prot); 3173 3174 if ((prot & VM_PROT_READ) == 0) { 3175 pmap_remove(pm, sva, eva); 3176 return; 3177 } 3178 3179 if (prot & VM_PROT_WRITE) { 3180 /* 3181 * If this is a read->write transition, just ignore it and let 3182 * vm_fault() take care of it later. 3183 */ 3184 return; 3185 } 3186 3187 rw_wlock(&pvh_global_lock); 3188 PMAP_LOCK(pm); 3189 3190 /* 3191 * OK, at this point, we know we're doing write-protect operation. 3192 * If the pmap is active, write-back the range. 3193 */ 3194 pmap_dcache_wb_range(pm, sva, eva - sva, FALSE, FALSE); 3195 3196 flush = ((eva - sva) >= (PAGE_SIZE * 4)) ? 0 : -1; 3197 flags = 0; 3198 3199 while (sva < eva) { 3200 next_bucket = L2_NEXT_BUCKET(sva); 3201 if (next_bucket > eva) 3202 next_bucket = eva; 3203 3204 l2b = pmap_get_l2_bucket(pm, sva); 3205 if (l2b == NULL) { 3206 sva = next_bucket; 3207 continue; 3208 } 3209 3210 ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3211 3212 while (sva < next_bucket) { 3213 if ((pte = *ptep) != 0 && (pte & L2_S_PROT_W) != 0) { 3214 struct vm_page *pg; 3215 u_int f; 3216 3217 pg = PHYS_TO_VM_PAGE(l2pte_pa(pte)); 3218 pte &= ~L2_S_PROT_W; 3219 *ptep = pte; 3220 PTE_SYNC(ptep); 3221 3222 if (!(pg->oflags & VPO_UNMANAGED)) { 3223 f = pmap_modify_pv(pg, pm, sva, 3224 PVF_WRITE, 0); 3225 if (f & PVF_WRITE) 3226 vm_page_dirty(pg); 3227 } else 3228 f = 0; 3229 3230 if (flush >= 0) { 3231 flush++; 3232 flags |= f; 3233 } else 3234 if (PV_BEEN_EXECD(f)) 3235 pmap_tlb_flushID_SE(pm, sva); 3236 else 3237 if (PV_BEEN_REFD(f)) 3238 pmap_tlb_flushD_SE(pm, sva); 3239 } 3240 3241 sva += PAGE_SIZE; 3242 ptep++; 3243 } 3244 } 3245 3246 3247 if (flush) { 3248 if (PV_BEEN_EXECD(flags)) 3249 pmap_tlb_flushID(pm); 3250 else 3251 if (PV_BEEN_REFD(flags)) 3252 pmap_tlb_flushD(pm); 3253 } 3254 rw_wunlock(&pvh_global_lock); 3255 3256 PMAP_UNLOCK(pm); 3257} 3258 3259 3260/* 3261 * Insert the given physical page (p) at 3262 * the specified virtual address (v) in the 3263 * target physical map with the protection requested. 3264 * 3265 * If specified, the page will be wired down, meaning 3266 * that the related pte can not be reclaimed. 3267 * 3268 * NB: This is the only routine which MAY NOT lazy-evaluate 3269 * or lose information. That is, this routine must actually 3270 * insert this page into the given map NOW. 3271 */ 3272 3273void 3274pmap_enter(pmap_t pmap, vm_offset_t va, vm_prot_t access, vm_page_t m, 3275 vm_prot_t prot, boolean_t wired) 3276{ 3277 3278 rw_wlock(&pvh_global_lock); 3279 PMAP_LOCK(pmap); 3280 pmap_enter_locked(pmap, va, m, prot, wired, M_WAITOK); 3281 rw_wunlock(&pvh_global_lock); 3282 PMAP_UNLOCK(pmap); 3283} 3284 3285/* 3286 * The pvh global and pmap locks must be held. 3287 */ 3288static void 3289pmap_enter_locked(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot, 3290 boolean_t wired, int flags) 3291{ 3292 struct l2_bucket *l2b = NULL; 3293 struct vm_page *opg; 3294 struct pv_entry *pve = NULL; 3295 pt_entry_t *ptep, npte, opte; 3296 u_int nflags; 3297 u_int oflags; 3298 vm_paddr_t pa; 3299 3300 PMAP_ASSERT_LOCKED(pmap); 3301 rw_assert(&pvh_global_lock, RA_WLOCKED); 3302 if (va == vector_page) { 3303 pa = systempage.pv_pa; 3304 m = NULL; 3305 } else { 3306 KASSERT((m->oflags & VPO_UNMANAGED) != 0 || 3307 vm_page_xbusied(m) || (flags & M_NOWAIT) != 0, 3308 ("pmap_enter_locked: page %p is not busy", m)); 3309 pa = VM_PAGE_TO_PHYS(m); 3310 } 3311 nflags = 0; 3312 if (prot & VM_PROT_WRITE) 3313 nflags |= PVF_WRITE; 3314 if (prot & VM_PROT_EXECUTE) 3315 nflags |= PVF_EXEC; 3316 if (wired) 3317 nflags |= PVF_WIRED; 3318 PDEBUG(1, printf("pmap_enter: pmap = %08x, va = %08x, m = %08x, prot = %x, " 3319 "wired = %x\n", (uint32_t) pmap, va, (uint32_t) m, prot, wired)); 3320 3321 if (pmap == pmap_kernel()) { 3322 l2b = pmap_get_l2_bucket(pmap, va); 3323 if (l2b == NULL) 3324 l2b = pmap_grow_l2_bucket(pmap, va); 3325 } else { 3326do_l2b_alloc: 3327 l2b = pmap_alloc_l2_bucket(pmap, va); 3328 if (l2b == NULL) { 3329 if (flags & M_WAITOK) { 3330 PMAP_UNLOCK(pmap); 3331 rw_wunlock(&pvh_global_lock); 3332 VM_WAIT; 3333 rw_wlock(&pvh_global_lock); 3334 PMAP_LOCK(pmap); 3335 goto do_l2b_alloc; 3336 } 3337 return; 3338 } 3339 } 3340 3341 ptep = &l2b->l2b_kva[l2pte_index(va)]; 3342 3343 opte = *ptep; 3344 npte = pa; 3345 oflags = 0; 3346 if (opte) { 3347 /* 3348 * There is already a mapping at this address. 3349 * If the physical address is different, lookup the 3350 * vm_page. 3351 */ 3352 if (l2pte_pa(opte) != pa) 3353 opg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 3354 else 3355 opg = m; 3356 } else 3357 opg = NULL; 3358 3359 if ((prot & (VM_PROT_ALL)) || 3360 (!m || m->md.pvh_attrs & PVF_REF)) { 3361 /* 3362 * - The access type indicates that we don't need 3363 * to do referenced emulation. 3364 * OR 3365 * - The physical page has already been referenced 3366 * so no need to re-do referenced emulation here. 3367 */ 3368 npte |= L2_S_PROTO; 3369 3370 nflags |= PVF_REF; 3371 3372 if (m && ((prot & VM_PROT_WRITE) != 0 || 3373 (m->md.pvh_attrs & PVF_MOD))) { 3374 /* 3375 * This is a writable mapping, and the 3376 * page's mod state indicates it has 3377 * already been modified. Make it 3378 * writable from the outset. 3379 */ 3380 nflags |= PVF_MOD; 3381 if (!(m->md.pvh_attrs & PVF_MOD)) 3382 vm_page_dirty(m); 3383 } 3384 if (m && opte) 3385 vm_page_aflag_set(m, PGA_REFERENCED); 3386 } else { 3387 /* 3388 * Need to do page referenced emulation. 3389 */ 3390 npte |= L2_TYPE_INV; 3391 } 3392 3393 if (prot & VM_PROT_WRITE) { 3394 npte |= L2_S_PROT_W; 3395 if (m != NULL && 3396 (m->oflags & VPO_UNMANAGED) == 0) 3397 vm_page_aflag_set(m, PGA_WRITEABLE); 3398 } 3399 if (m->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 3400 npte |= pte_l2_s_cache_mode; 3401 if (m && m == opg) { 3402 /* 3403 * We're changing the attrs of an existing mapping. 3404 */ 3405 oflags = pmap_modify_pv(m, pmap, va, 3406 PVF_WRITE | PVF_EXEC | PVF_WIRED | 3407 PVF_MOD | PVF_REF, nflags); 3408 3409 /* 3410 * We may need to flush the cache if we're 3411 * doing rw-ro... 3412 */ 3413 if (pmap_is_current(pmap) && 3414 (oflags & PVF_NC) == 0 && 3415 (opte & L2_S_PROT_W) != 0 && 3416 (prot & VM_PROT_WRITE) == 0 && 3417 (opte & L2_TYPE_MASK) != L2_TYPE_INV) { 3418 cpu_dcache_wb_range(va, PAGE_SIZE); 3419 cpu_l2cache_wb_range(va, PAGE_SIZE); 3420 } 3421 } else { 3422 /* 3423 * New mapping, or changing the backing page 3424 * of an existing mapping. 3425 */ 3426 if (opg) { 3427 /* 3428 * Replacing an existing mapping with a new one. 3429 * It is part of our managed memory so we 3430 * must remove it from the PV list 3431 */ 3432 if ((pve = pmap_remove_pv(opg, pmap, va))) { 3433 3434 /* note for patch: the oflags/invalidation was moved 3435 * because PG_FICTITIOUS pages could free the pve 3436 */ 3437 oflags = pve->pv_flags; 3438 /* 3439 * If the old mapping was valid (ref/mod 3440 * emulation creates 'invalid' mappings 3441 * initially) then make sure to frob 3442 * the cache. 3443 */ 3444 if ((oflags & PVF_NC) == 0 && l2pte_valid(opte)) { 3445 if (PV_BEEN_EXECD(oflags)) { 3446 pmap_idcache_wbinv_range(pmap, va, 3447 PAGE_SIZE); 3448 } else 3449 if (PV_BEEN_REFD(oflags)) { 3450 pmap_dcache_wb_range(pmap, va, 3451 PAGE_SIZE, TRUE, 3452 (oflags & PVF_WRITE) == 0); 3453 } 3454 } 3455 3456 /* free/allocate a pv_entry for UNMANAGED pages if 3457 * this physical page is not/is already mapped. 3458 */ 3459 3460 if (m && (m->oflags & VPO_UNMANAGED) && 3461 !m->md.pv_kva && 3462 TAILQ_EMPTY(&m->md.pv_list)) { 3463 pmap_free_pv_entry(pve); 3464 pve = NULL; 3465 } 3466 } else if (m && 3467 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva || 3468 !TAILQ_EMPTY(&m->md.pv_list))) 3469 pve = pmap_get_pv_entry(); 3470 } else if (m && 3471 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva || 3472 !TAILQ_EMPTY(&m->md.pv_list))) 3473 pve = pmap_get_pv_entry(); 3474 3475 if (m) { 3476 if ((m->oflags & VPO_UNMANAGED)) { 3477 if (!TAILQ_EMPTY(&m->md.pv_list) || 3478 m->md.pv_kva) { 3479 KASSERT(pve != NULL, ("No pv")); 3480 nflags |= PVF_UNMAN; 3481 pmap_enter_pv(m, pve, pmap, va, nflags); 3482 } else 3483 m->md.pv_kva = va; 3484 } else { 3485 KASSERT(va < kmi.clean_sva || 3486 va >= kmi.clean_eva, 3487 ("pmap_enter: managed mapping within the clean submap")); 3488 KASSERT(pve != NULL, ("No pv")); 3489 pmap_enter_pv(m, pve, pmap, va, nflags); 3490 } 3491 } 3492 } 3493 /* 3494 * Make sure userland mappings get the right permissions 3495 */ 3496 if (pmap != pmap_kernel() && va != vector_page) { 3497 npte |= L2_S_PROT_U; 3498 } 3499 3500 /* 3501 * Keep the stats up to date 3502 */ 3503 if (opte == 0) { 3504 l2b->l2b_occupancy++; 3505 pmap->pm_stats.resident_count++; 3506 } 3507 3508 /* 3509 * If this is just a wiring change, the two PTEs will be 3510 * identical, so there's no need to update the page table. 3511 */ 3512 if (npte != opte) { 3513 boolean_t is_cached = pmap_is_current(pmap); 3514 3515 *ptep = npte; 3516 if (is_cached) { 3517 /* 3518 * We only need to frob the cache/tlb if this pmap 3519 * is current 3520 */ 3521 PTE_SYNC(ptep); 3522 if (L1_IDX(va) != L1_IDX(vector_page) && 3523 l2pte_valid(npte)) { 3524 /* 3525 * This mapping is likely to be accessed as 3526 * soon as we return to userland. Fix up the 3527 * L1 entry to avoid taking another 3528 * page/domain fault. 3529 */ 3530 pd_entry_t *pl1pd, l1pd; 3531 3532 pl1pd = &pmap->pm_l1->l1_kva[L1_IDX(va)]; 3533 l1pd = l2b->l2b_phys | L1_C_DOM(pmap->pm_domain) | 3534 L1_C_PROTO; 3535 if (*pl1pd != l1pd) { 3536 *pl1pd = l1pd; 3537 PTE_SYNC(pl1pd); 3538 } 3539 } 3540 } 3541 3542 if (PV_BEEN_EXECD(oflags)) 3543 pmap_tlb_flushID_SE(pmap, va); 3544 else if (PV_BEEN_REFD(oflags)) 3545 pmap_tlb_flushD_SE(pmap, va); 3546 3547 3548 if (m) 3549 pmap_fix_cache(m, pmap, va); 3550 } 3551} 3552 3553/* 3554 * Maps a sequence of resident pages belonging to the same object. 3555 * The sequence begins with the given page m_start. This page is 3556 * mapped at the given virtual address start. Each subsequent page is 3557 * mapped at a virtual address that is offset from start by the same 3558 * amount as the page is offset from m_start within the object. The 3559 * last page in the sequence is the page with the largest offset from 3560 * m_start that can be mapped at a virtual address less than the given 3561 * virtual address end. Not every virtual page between start and end 3562 * is mapped; only those for which a resident page exists with the 3563 * corresponding offset from m_start are mapped. 3564 */ 3565void 3566pmap_enter_object(pmap_t pmap, vm_offset_t start, vm_offset_t end, 3567 vm_page_t m_start, vm_prot_t prot) 3568{ 3569 vm_page_t m; 3570 vm_pindex_t diff, psize; 3571 3572 VM_OBJECT_ASSERT_LOCKED(m_start->object); 3573 3574 psize = atop(end - start); 3575 m = m_start; 3576 rw_wlock(&pvh_global_lock); 3577 PMAP_LOCK(pmap); 3578 while (m != NULL && (diff = m->pindex - m_start->pindex) < psize) { 3579 pmap_enter_locked(pmap, start + ptoa(diff), m, prot & 3580 (VM_PROT_READ | VM_PROT_EXECUTE), FALSE, M_NOWAIT); 3581 m = TAILQ_NEXT(m, listq); 3582 } 3583 rw_wunlock(&pvh_global_lock); 3584 PMAP_UNLOCK(pmap); 3585} 3586 3587/* 3588 * this code makes some *MAJOR* assumptions: 3589 * 1. Current pmap & pmap exists. 3590 * 2. Not wired. 3591 * 3. Read access. 3592 * 4. No page table pages. 3593 * but is *MUCH* faster than pmap_enter... 3594 */ 3595 3596void 3597pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot) 3598{ 3599 3600 rw_wlock(&pvh_global_lock); 3601 PMAP_LOCK(pmap); 3602 pmap_enter_locked(pmap, va, m, prot & (VM_PROT_READ | VM_PROT_EXECUTE), 3603 FALSE, M_NOWAIT); 3604 rw_wunlock(&pvh_global_lock); 3605 PMAP_UNLOCK(pmap); 3606} 3607 3608/* 3609 * Routine: pmap_change_wiring 3610 * Function: Change the wiring attribute for a map/virtual-address 3611 * pair. 3612 * In/out conditions: 3613 * The mapping must already exist in the pmap. 3614 */ 3615void 3616pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired) 3617{ 3618 struct l2_bucket *l2b; 3619 pt_entry_t *ptep, pte; 3620 vm_page_t pg; 3621 3622 rw_wlock(&pvh_global_lock); 3623 PMAP_LOCK(pmap); 3624 l2b = pmap_get_l2_bucket(pmap, va); 3625 KASSERT(l2b, ("No l2b bucket in pmap_change_wiring")); 3626 ptep = &l2b->l2b_kva[l2pte_index(va)]; 3627 pte = *ptep; 3628 pg = PHYS_TO_VM_PAGE(l2pte_pa(pte)); 3629 if (pg) 3630 pmap_modify_pv(pg, pmap, va, PVF_WIRED, wired ? PVF_WIRED : 0); 3631 rw_wunlock(&pvh_global_lock); 3632 PMAP_UNLOCK(pmap); 3633} 3634 3635 3636/* 3637 * Copy the range specified by src_addr/len 3638 * from the source map to the range dst_addr/len 3639 * in the destination map. 3640 * 3641 * This routine is only advisory and need not do anything. 3642 */ 3643void 3644pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr, 3645 vm_size_t len, vm_offset_t src_addr) 3646{ 3647} 3648 3649 3650/* 3651 * Routine: pmap_extract 3652 * Function: 3653 * Extract the physical page address associated 3654 * with the given map/virtual_address pair. 3655 */ 3656vm_paddr_t 3657pmap_extract(pmap_t pmap, vm_offset_t va) 3658{ 3659 vm_paddr_t pa; 3660 3661 PMAP_LOCK(pmap); 3662 pa = pmap_extract_locked(pmap, va); 3663 PMAP_UNLOCK(pmap); 3664 return (pa); 3665} 3666 3667static vm_paddr_t 3668pmap_extract_locked(pmap_t pmap, vm_offset_t va) 3669{ 3670 struct l2_dtable *l2; 3671 pd_entry_t l1pd; 3672 pt_entry_t *ptep, pte; 3673 vm_paddr_t pa; 3674 u_int l1idx; 3675 3676 if (pmap != kernel_pmap) 3677 PMAP_ASSERT_LOCKED(pmap); 3678 l1idx = L1_IDX(va); 3679 l1pd = pmap->pm_l1->l1_kva[l1idx]; 3680 if (l1pte_section_p(l1pd)) { 3681 /* 3682 * These should only happen for the kernel pmap. 3683 */ 3684 KASSERT(pmap == kernel_pmap, ("unexpected section")); 3685 /* XXX: what to do about the bits > 32 ? */ 3686 if (l1pd & L1_S_SUPERSEC) 3687 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET); 3688 else 3689 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET); 3690 } else { 3691 /* 3692 * Note that we can't rely on the validity of the L1 3693 * descriptor as an indication that a mapping exists. 3694 * We have to look it up in the L2 dtable. 3695 */ 3696 l2 = pmap->pm_l2[L2_IDX(l1idx)]; 3697 if (l2 == NULL || 3698 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) 3699 return (0); 3700 pte = ptep[l2pte_index(va)]; 3701 if (pte == 0) 3702 return (0); 3703 switch (pte & L2_TYPE_MASK) { 3704 case L2_TYPE_L: 3705 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET); 3706 break; 3707 default: 3708 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET); 3709 break; 3710 } 3711 } 3712 return (pa); 3713} 3714 3715/* 3716 * Atomically extract and hold the physical page with the given 3717 * pmap and virtual address pair if that mapping permits the given 3718 * protection. 3719 * 3720 */ 3721vm_page_t 3722pmap_extract_and_hold(pmap_t pmap, vm_offset_t va, vm_prot_t prot) 3723{ 3724 struct l2_dtable *l2; 3725 pd_entry_t l1pd; 3726 pt_entry_t *ptep, pte; 3727 vm_paddr_t pa, paddr; 3728 vm_page_t m = NULL; 3729 u_int l1idx; 3730 l1idx = L1_IDX(va); 3731 paddr = 0; 3732 3733 PMAP_LOCK(pmap); 3734retry: 3735 l1pd = pmap->pm_l1->l1_kva[l1idx]; 3736 if (l1pte_section_p(l1pd)) { 3737 /* 3738 * These should only happen for pmap_kernel() 3739 */ 3740 KASSERT(pmap == pmap_kernel(), ("huh")); 3741 /* XXX: what to do about the bits > 32 ? */ 3742 if (l1pd & L1_S_SUPERSEC) 3743 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET); 3744 else 3745 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET); 3746 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr)) 3747 goto retry; 3748 if (l1pd & L1_S_PROT_W || (prot & VM_PROT_WRITE) == 0) { 3749 m = PHYS_TO_VM_PAGE(pa); 3750 vm_page_hold(m); 3751 } 3752 3753 } else { 3754 /* 3755 * Note that we can't rely on the validity of the L1 3756 * descriptor as an indication that a mapping exists. 3757 * We have to look it up in the L2 dtable. 3758 */ 3759 l2 = pmap->pm_l2[L2_IDX(l1idx)]; 3760 3761 if (l2 == NULL || 3762 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) { 3763 PMAP_UNLOCK(pmap); 3764 return (NULL); 3765 } 3766 3767 ptep = &ptep[l2pte_index(va)]; 3768 pte = *ptep; 3769 3770 if (pte == 0) { 3771 PMAP_UNLOCK(pmap); 3772 return (NULL); 3773 } 3774 if (pte & L2_S_PROT_W || (prot & VM_PROT_WRITE) == 0) { 3775 switch (pte & L2_TYPE_MASK) { 3776 case L2_TYPE_L: 3777 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET); 3778 break; 3779 3780 default: 3781 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET); 3782 break; 3783 } 3784 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr)) 3785 goto retry; 3786 m = PHYS_TO_VM_PAGE(pa); 3787 vm_page_hold(m); 3788 } 3789 } 3790 3791 PMAP_UNLOCK(pmap); 3792 PA_UNLOCK_COND(paddr); 3793 return (m); 3794} 3795 3796/* 3797 * Initialize a preallocated and zeroed pmap structure, 3798 * such as one in a vmspace structure. 3799 */ 3800 3801int 3802pmap_pinit(pmap_t pmap) 3803{ 3804 PDEBUG(1, printf("pmap_pinit: pmap = %08x\n", (uint32_t) pmap)); 3805 3806 pmap_alloc_l1(pmap); 3807 bzero(pmap->pm_l2, sizeof(pmap->pm_l2)); 3808 3809 CPU_ZERO(&pmap->pm_active); 3810 3811 TAILQ_INIT(&pmap->pm_pvlist); 3812 bzero(&pmap->pm_stats, sizeof pmap->pm_stats); 3813 pmap->pm_stats.resident_count = 1; 3814 if (vector_page < KERNBASE) { 3815 pmap_enter(pmap, vector_page, 3816 VM_PROT_READ, PHYS_TO_VM_PAGE(systempage.pv_pa), 3817 VM_PROT_READ, 1); 3818 } 3819 return (1); 3820} 3821 3822 3823/*************************************************** 3824 * page management routines. 3825 ***************************************************/ 3826 3827 3828static void 3829pmap_free_pv_entry(pv_entry_t pv) 3830{ 3831 pv_entry_count--; 3832 uma_zfree(pvzone, pv); 3833} 3834 3835 3836/* 3837 * get a new pv_entry, allocating a block from the system 3838 * when needed. 3839 * the memory allocation is performed bypassing the malloc code 3840 * because of the possibility of allocations at interrupt time. 3841 */ 3842static pv_entry_t 3843pmap_get_pv_entry(void) 3844{ 3845 pv_entry_t ret_value; 3846 3847 pv_entry_count++; 3848 if (pv_entry_count > pv_entry_high_water) 3849 pagedaemon_wakeup(); 3850 ret_value = uma_zalloc(pvzone, M_NOWAIT); 3851 return ret_value; 3852} 3853 3854/* 3855 * Remove the given range of addresses from the specified map. 3856 * 3857 * It is assumed that the start and end are properly 3858 * rounded to the page size. 3859 */ 3860#define PMAP_REMOVE_CLEAN_LIST_SIZE 3 3861void 3862pmap_remove(pmap_t pm, vm_offset_t sva, vm_offset_t eva) 3863{ 3864 struct l2_bucket *l2b; 3865 vm_offset_t next_bucket; 3866 pt_entry_t *ptep; 3867 u_int total; 3868 u_int mappings, is_exec, is_refd; 3869 int flushall = 0; 3870 3871 3872 /* 3873 * we lock in the pmap => pv_head direction 3874 */ 3875 3876 rw_wlock(&pvh_global_lock); 3877 PMAP_LOCK(pm); 3878 total = 0; 3879 while (sva < eva) { 3880 /* 3881 * Do one L2 bucket's worth at a time. 3882 */ 3883 next_bucket = L2_NEXT_BUCKET(sva); 3884 if (next_bucket > eva) 3885 next_bucket = eva; 3886 3887 l2b = pmap_get_l2_bucket(pm, sva); 3888 if (l2b == NULL) { 3889 sva = next_bucket; 3890 continue; 3891 } 3892 3893 ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3894 mappings = 0; 3895 3896 while (sva < next_bucket) { 3897 struct vm_page *pg; 3898 pt_entry_t pte; 3899 vm_paddr_t pa; 3900 3901 pte = *ptep; 3902 3903 if (pte == 0) { 3904 /* 3905 * Nothing here, move along 3906 */ 3907 sva += PAGE_SIZE; 3908 ptep++; 3909 continue; 3910 } 3911 3912 pm->pm_stats.resident_count--; 3913 pa = l2pte_pa(pte); 3914 is_exec = 0; 3915 is_refd = 1; 3916 3917 /* 3918 * Update flags. In a number of circumstances, 3919 * we could cluster a lot of these and do a 3920 * number of sequential pages in one go. 3921 */ 3922 if ((pg = PHYS_TO_VM_PAGE(pa)) != NULL) { 3923 struct pv_entry *pve; 3924 3925 pve = pmap_remove_pv(pg, pm, sva); 3926 if (pve) { 3927 is_exec = PV_BEEN_EXECD(pve->pv_flags); 3928 is_refd = PV_BEEN_REFD(pve->pv_flags); 3929 pmap_free_pv_entry(pve); 3930 } 3931 } 3932 3933 if (l2pte_valid(pte) && pmap_is_current(pm)) { 3934 if (total < PMAP_REMOVE_CLEAN_LIST_SIZE) { 3935 total++; 3936 if (is_exec) { 3937 cpu_idcache_wbinv_range(sva, 3938 PAGE_SIZE); 3939 cpu_l2cache_wbinv_range(sva, 3940 PAGE_SIZE); 3941 cpu_tlb_flushID_SE(sva); 3942 } else if (is_refd) { 3943 cpu_dcache_wbinv_range(sva, 3944 PAGE_SIZE); 3945 cpu_l2cache_wbinv_range(sva, 3946 PAGE_SIZE); 3947 cpu_tlb_flushD_SE(sva); 3948 } 3949 } else if (total == PMAP_REMOVE_CLEAN_LIST_SIZE) { 3950 /* flushall will also only get set for 3951 * for a current pmap 3952 */ 3953 cpu_idcache_wbinv_all(); 3954 cpu_l2cache_wbinv_all(); 3955 flushall = 1; 3956 total++; 3957 } 3958 } 3959 *ptep = 0; 3960 PTE_SYNC(ptep); 3961 3962 sva += PAGE_SIZE; 3963 ptep++; 3964 mappings++; 3965 } 3966 3967 pmap_free_l2_bucket(pm, l2b, mappings); 3968 } 3969 3970 rw_wunlock(&pvh_global_lock); 3971 if (flushall) 3972 cpu_tlb_flushID(); 3973 PMAP_UNLOCK(pm); 3974} 3975 3976/* 3977 * pmap_zero_page() 3978 * 3979 * Zero a given physical page by mapping it at a page hook point. 3980 * In doing the zero page op, the page we zero is mapped cachable, as with 3981 * StrongARM accesses to non-cached pages are non-burst making writing 3982 * _any_ bulk data very slow. 3983 */ 3984#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 || defined(CPU_XSCALE_CORE3) 3985void 3986pmap_zero_page_generic(vm_paddr_t phys, int off, int size) 3987{ 3988 3989 if (_arm_bzero && size >= _min_bzero_size && 3990 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0) 3991 return; 3992 3993 mtx_lock(&cmtx); 3994 /* 3995 * Hook in the page, zero it, invalidate the TLB as needed. 3996 * 3997 * Note the temporary zero-page mapping must be a non-cached page in 3998 * order to work without corruption when write-allocate is enabled. 3999 */ 4000 *cdst_pte = L2_S_PROTO | phys | L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE); 4001 PTE_SYNC(cdst_pte); 4002 cpu_tlb_flushD_SE(cdstp); 4003 cpu_cpwait(); 4004 if (off || size != PAGE_SIZE) 4005 bzero((void *)(cdstp + off), size); 4006 else 4007 bzero_page(cdstp); 4008 4009 mtx_unlock(&cmtx); 4010} 4011#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 4012 4013#if ARM_MMU_XSCALE == 1 4014void 4015pmap_zero_page_xscale(vm_paddr_t phys, int off, int size) 4016{ 4017 4018 if (_arm_bzero && size >= _min_bzero_size && 4019 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0) 4020 return; 4021 4022 mtx_lock(&cmtx); 4023 /* 4024 * Hook in the page, zero it, and purge the cache for that 4025 * zeroed page. Invalidate the TLB as needed. 4026 */ 4027 *cdst_pte = L2_S_PROTO | phys | 4028 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4029 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4030 PTE_SYNC(cdst_pte); 4031 cpu_tlb_flushD_SE(cdstp); 4032 cpu_cpwait(); 4033 if (off || size != PAGE_SIZE) 4034 bzero((void *)(cdstp + off), size); 4035 else 4036 bzero_page(cdstp); 4037 mtx_unlock(&cmtx); 4038 xscale_cache_clean_minidata(); 4039} 4040 4041/* 4042 * Change the PTEs for the specified kernel mappings such that they 4043 * will use the mini data cache instead of the main data cache. 4044 */ 4045void 4046pmap_use_minicache(vm_offset_t va, vm_size_t size) 4047{ 4048 struct l2_bucket *l2b; 4049 pt_entry_t *ptep, *sptep, pte; 4050 vm_offset_t next_bucket, eva; 4051 4052#if (ARM_NMMUS > 1) || defined(CPU_XSCALE_CORE3) 4053 if (xscale_use_minidata == 0) 4054 return; 4055#endif 4056 4057 eva = va + size; 4058 4059 while (va < eva) { 4060 next_bucket = L2_NEXT_BUCKET(va); 4061 if (next_bucket > eva) 4062 next_bucket = eva; 4063 4064 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 4065 4066 sptep = ptep = &l2b->l2b_kva[l2pte_index(va)]; 4067 4068 while (va < next_bucket) { 4069 pte = *ptep; 4070 if (!l2pte_minidata(pte)) { 4071 cpu_dcache_wbinv_range(va, PAGE_SIZE); 4072 cpu_tlb_flushD_SE(va); 4073 *ptep = pte & ~L2_B; 4074 } 4075 ptep++; 4076 va += PAGE_SIZE; 4077 } 4078 PTE_SYNC_RANGE(sptep, (u_int)(ptep - sptep)); 4079 } 4080 cpu_cpwait(); 4081} 4082#endif /* ARM_MMU_XSCALE == 1 */ 4083 4084/* 4085 * pmap_zero_page zeros the specified hardware page by mapping 4086 * the page into KVM and using bzero to clear its contents. 4087 */ 4088void 4089pmap_zero_page(vm_page_t m) 4090{ 4091 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), 0, PAGE_SIZE); 4092} 4093 4094 4095/* 4096 * pmap_zero_page_area zeros the specified hardware page by mapping 4097 * the page into KVM and using bzero to clear its contents. 4098 * 4099 * off and size may not cover an area beyond a single hardware page. 4100 */ 4101void 4102pmap_zero_page_area(vm_page_t m, int off, int size) 4103{ 4104 4105 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), off, size); 4106} 4107 4108 4109/* 4110 * pmap_zero_page_idle zeros the specified hardware page by mapping 4111 * the page into KVM and using bzero to clear its contents. This 4112 * is intended to be called from the vm_pagezero process only and 4113 * outside of Giant. 4114 */ 4115void 4116pmap_zero_page_idle(vm_page_t m) 4117{ 4118 4119 pmap_zero_page(m); 4120} 4121 4122#if 0 4123/* 4124 * pmap_clean_page() 4125 * 4126 * This is a local function used to work out the best strategy to clean 4127 * a single page referenced by its entry in the PV table. It should be used by 4128 * pmap_copy_page, pmap_zero page and maybe some others later on. 4129 * 4130 * Its policy is effectively: 4131 * o If there are no mappings, we don't bother doing anything with the cache. 4132 * o If there is one mapping, we clean just that page. 4133 * o If there are multiple mappings, we clean the entire cache. 4134 * 4135 * So that some functions can be further optimised, it returns 0 if it didn't 4136 * clean the entire cache, or 1 if it did. 4137 * 4138 * XXX One bug in this routine is that if the pv_entry has a single page 4139 * mapped at 0x00000000 a whole cache clean will be performed rather than 4140 * just the 1 page. Since this should not occur in everyday use and if it does 4141 * it will just result in not the most efficient clean for the page. 4142 * 4143 * We don't yet use this function but may want to. 4144 */ 4145static int 4146pmap_clean_page(struct pv_entry *pv, boolean_t is_src) 4147{ 4148 pmap_t pm, pm_to_clean = NULL; 4149 struct pv_entry *npv; 4150 u_int cache_needs_cleaning = 0; 4151 u_int flags = 0; 4152 vm_offset_t page_to_clean = 0; 4153 4154 if (pv == NULL) { 4155 /* nothing mapped in so nothing to flush */ 4156 return (0); 4157 } 4158 4159 /* 4160 * Since we flush the cache each time we change to a different 4161 * user vmspace, we only need to flush the page if it is in the 4162 * current pmap. 4163 */ 4164 if (curthread) 4165 pm = vmspace_pmap(curproc->p_vmspace); 4166 else 4167 pm = pmap_kernel(); 4168 4169 for (npv = pv; npv; npv = TAILQ_NEXT(npv, pv_list)) { 4170 if (npv->pv_pmap == pmap_kernel() || npv->pv_pmap == pm) { 4171 flags |= npv->pv_flags; 4172 /* 4173 * The page is mapped non-cacheable in 4174 * this map. No need to flush the cache. 4175 */ 4176 if (npv->pv_flags & PVF_NC) { 4177#ifdef DIAGNOSTIC 4178 if (cache_needs_cleaning) 4179 panic("pmap_clean_page: " 4180 "cache inconsistency"); 4181#endif 4182 break; 4183 } else if (is_src && (npv->pv_flags & PVF_WRITE) == 0) 4184 continue; 4185 if (cache_needs_cleaning) { 4186 page_to_clean = 0; 4187 break; 4188 } else { 4189 page_to_clean = npv->pv_va; 4190 pm_to_clean = npv->pv_pmap; 4191 } 4192 cache_needs_cleaning = 1; 4193 } 4194 } 4195 if (page_to_clean) { 4196 if (PV_BEEN_EXECD(flags)) 4197 pmap_idcache_wbinv_range(pm_to_clean, page_to_clean, 4198 PAGE_SIZE); 4199 else 4200 pmap_dcache_wb_range(pm_to_clean, page_to_clean, 4201 PAGE_SIZE, !is_src, (flags & PVF_WRITE) == 0); 4202 } else if (cache_needs_cleaning) { 4203 if (PV_BEEN_EXECD(flags)) 4204 pmap_idcache_wbinv_all(pm); 4205 else 4206 pmap_dcache_wbinv_all(pm); 4207 return (1); 4208 } 4209 return (0); 4210} 4211#endif 4212 4213/* 4214 * pmap_copy_page copies the specified (machine independent) 4215 * page by mapping the page into virtual memory and using 4216 * bcopy to copy the page, one machine dependent page at a 4217 * time. 4218 */ 4219 4220/* 4221 * pmap_copy_page() 4222 * 4223 * Copy one physical page into another, by mapping the pages into 4224 * hook points. The same comment regarding cachability as in 4225 * pmap_zero_page also applies here. 4226 */ 4227#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 || defined (CPU_XSCALE_CORE3) 4228void 4229pmap_copy_page_generic(vm_paddr_t src, vm_paddr_t dst) 4230{ 4231#if 0 4232 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src); 4233#endif 4234 4235 /* 4236 * Clean the source page. Hold the source page's lock for 4237 * the duration of the copy so that no other mappings can 4238 * be created while we have a potentially aliased mapping. 4239 */ 4240#if 0 4241 /* 4242 * XXX: Not needed while we call cpu_dcache_wbinv_all() in 4243 * pmap_copy_page(). 4244 */ 4245 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE); 4246#endif 4247 /* 4248 * Map the pages into the page hook points, copy them, and purge 4249 * the cache for the appropriate page. Invalidate the TLB 4250 * as required. 4251 */ 4252 mtx_lock(&cmtx); 4253 *csrc_pte = L2_S_PROTO | src | 4254 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode; 4255 PTE_SYNC(csrc_pte); 4256 *cdst_pte = L2_S_PROTO | dst | 4257 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 4258 PTE_SYNC(cdst_pte); 4259 cpu_tlb_flushD_SE(csrcp); 4260 cpu_tlb_flushD_SE(cdstp); 4261 cpu_cpwait(); 4262 bcopy_page(csrcp, cdstp); 4263 mtx_unlock(&cmtx); 4264 cpu_dcache_inv_range(csrcp, PAGE_SIZE); 4265 cpu_dcache_wbinv_range(cdstp, PAGE_SIZE); 4266 cpu_l2cache_inv_range(csrcp, PAGE_SIZE); 4267 cpu_l2cache_wbinv_range(cdstp, PAGE_SIZE); 4268} 4269 4270void 4271pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs, 4272 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt) 4273{ 4274 4275 mtx_lock(&cmtx); 4276 *csrc_pte = L2_S_PROTO | a_phys | 4277 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode; 4278 PTE_SYNC(csrc_pte); 4279 *cdst_pte = L2_S_PROTO | b_phys | 4280 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 4281 PTE_SYNC(cdst_pte); 4282 cpu_tlb_flushD_SE(csrcp); 4283 cpu_tlb_flushD_SE(cdstp); 4284 cpu_cpwait(); 4285 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt); 4286 mtx_unlock(&cmtx); 4287 cpu_dcache_inv_range(csrcp + a_offs, cnt); 4288 cpu_dcache_wbinv_range(cdstp + b_offs, cnt); 4289 cpu_l2cache_inv_range(csrcp + a_offs, cnt); 4290 cpu_l2cache_wbinv_range(cdstp + b_offs, cnt); 4291} 4292#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 4293 4294#if ARM_MMU_XSCALE == 1 4295void 4296pmap_copy_page_xscale(vm_paddr_t src, vm_paddr_t dst) 4297{ 4298#if 0 4299 /* XXX: Only needed for pmap_clean_page(), which is commented out. */ 4300 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src); 4301#endif 4302 4303 /* 4304 * Clean the source page. Hold the source page's lock for 4305 * the duration of the copy so that no other mappings can 4306 * be created while we have a potentially aliased mapping. 4307 */ 4308#if 0 4309 /* 4310 * XXX: Not needed while we call cpu_dcache_wbinv_all() in 4311 * pmap_copy_page(). 4312 */ 4313 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE); 4314#endif 4315 /* 4316 * Map the pages into the page hook points, copy them, and purge 4317 * the cache for the appropriate page. Invalidate the TLB 4318 * as required. 4319 */ 4320 mtx_lock(&cmtx); 4321 *csrc_pte = L2_S_PROTO | src | 4322 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 4323 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4324 PTE_SYNC(csrc_pte); 4325 *cdst_pte = L2_S_PROTO | dst | 4326 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4327 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4328 PTE_SYNC(cdst_pte); 4329 cpu_tlb_flushD_SE(csrcp); 4330 cpu_tlb_flushD_SE(cdstp); 4331 cpu_cpwait(); 4332 bcopy_page(csrcp, cdstp); 4333 mtx_unlock(&cmtx); 4334 xscale_cache_clean_minidata(); 4335} 4336 4337void 4338pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs, 4339 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt) 4340{ 4341 4342 mtx_lock(&cmtx); 4343 *csrc_pte = L2_S_PROTO | a_phys | 4344 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 4345 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 4346 PTE_SYNC(csrc_pte); 4347 *cdst_pte = L2_S_PROTO | b_phys | 4348 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4349 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 4350 PTE_SYNC(cdst_pte); 4351 cpu_tlb_flushD_SE(csrcp); 4352 cpu_tlb_flushD_SE(cdstp); 4353 cpu_cpwait(); 4354 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt); 4355 mtx_unlock(&cmtx); 4356 xscale_cache_clean_minidata(); 4357} 4358#endif /* ARM_MMU_XSCALE == 1 */ 4359 4360void 4361pmap_copy_page(vm_page_t src, vm_page_t dst) 4362{ 4363 4364 cpu_dcache_wbinv_all(); 4365 cpu_l2cache_wbinv_all(); 4366 if (_arm_memcpy && PAGE_SIZE >= _min_memcpy_size && 4367 _arm_memcpy((void *)VM_PAGE_TO_PHYS(dst), 4368 (void *)VM_PAGE_TO_PHYS(src), PAGE_SIZE, IS_PHYSICAL) == 0) 4369 return; 4370 pmap_copy_page_func(VM_PAGE_TO_PHYS(src), VM_PAGE_TO_PHYS(dst)); 4371} 4372 4373int unmapped_buf_allowed = 1; 4374 4375void 4376pmap_copy_pages(vm_page_t ma[], vm_offset_t a_offset, vm_page_t mb[], 4377 vm_offset_t b_offset, int xfersize) 4378{ 4379 vm_page_t a_pg, b_pg; 4380 vm_offset_t a_pg_offset, b_pg_offset; 4381 int cnt; 4382 4383 cpu_dcache_wbinv_all(); 4384 cpu_l2cache_wbinv_all(); 4385 while (xfersize > 0) { 4386 a_pg = ma[a_offset >> PAGE_SHIFT]; 4387 a_pg_offset = a_offset & PAGE_MASK; 4388 cnt = min(xfersize, PAGE_SIZE - a_pg_offset); 4389 b_pg = mb[b_offset >> PAGE_SHIFT]; 4390 b_pg_offset = b_offset & PAGE_MASK; 4391 cnt = min(cnt, PAGE_SIZE - b_pg_offset); 4392 pmap_copy_page_offs_func(VM_PAGE_TO_PHYS(a_pg), a_pg_offset, 4393 VM_PAGE_TO_PHYS(b_pg), b_pg_offset, cnt); 4394 xfersize -= cnt; 4395 a_offset += cnt; 4396 b_offset += cnt; 4397 } 4398} 4399 4400/* 4401 * this routine returns true if a physical page resides 4402 * in the given pmap. 4403 */ 4404boolean_t 4405pmap_page_exists_quick(pmap_t pmap, vm_page_t m) 4406{ 4407 pv_entry_t pv; 4408 int loops = 0; 4409 boolean_t rv; 4410 4411 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4412 ("pmap_page_exists_quick: page %p is not managed", m)); 4413 rv = FALSE; 4414 rw_wlock(&pvh_global_lock); 4415 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) { 4416 if (pv->pv_pmap == pmap) { 4417 rv = TRUE; 4418 break; 4419 } 4420 loops++; 4421 if (loops >= 16) 4422 break; 4423 } 4424 rw_wunlock(&pvh_global_lock); 4425 return (rv); 4426} 4427 4428/* 4429 * pmap_page_wired_mappings: 4430 * 4431 * Return the number of managed mappings to the given physical page 4432 * that are wired. 4433 */ 4434int 4435pmap_page_wired_mappings(vm_page_t m) 4436{ 4437 pv_entry_t pv; 4438 int count; 4439 4440 count = 0; 4441 if ((m->oflags & VPO_UNMANAGED) != 0) 4442 return (count); 4443 rw_wlock(&pvh_global_lock); 4444 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 4445 if ((pv->pv_flags & PVF_WIRED) != 0) 4446 count++; 4447 rw_wunlock(&pvh_global_lock); 4448 return (count); 4449} 4450 4451/* 4452 * This function is advisory. 4453 */ 4454void 4455pmap_advise(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, int advice) 4456{ 4457} 4458 4459/* 4460 * pmap_ts_referenced: 4461 * 4462 * Return the count of reference bits for a page, clearing all of them. 4463 */ 4464int 4465pmap_ts_referenced(vm_page_t m) 4466{ 4467 4468 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4469 ("pmap_ts_referenced: page %p is not managed", m)); 4470 return (pmap_clearbit(m, PVF_REF)); 4471} 4472 4473 4474boolean_t 4475pmap_is_modified(vm_page_t m) 4476{ 4477 4478 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4479 ("pmap_is_modified: page %p is not managed", m)); 4480 if (m->md.pvh_attrs & PVF_MOD) 4481 return (TRUE); 4482 4483 return(FALSE); 4484} 4485 4486 4487/* 4488 * Clear the modify bits on the specified physical page. 4489 */ 4490void 4491pmap_clear_modify(vm_page_t m) 4492{ 4493 4494 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4495 ("pmap_clear_modify: page %p is not managed", m)); 4496 VM_OBJECT_ASSERT_WLOCKED(m->object); 4497 KASSERT(!vm_page_xbusied(m), 4498 ("pmap_clear_modify: page %p is exclusive busied", m)); 4499 4500 /* 4501 * If the page is not PGA_WRITEABLE, then no mappings can be modified. 4502 * If the object containing the page is locked and the page is not 4503 * exclusive busied, then PGA_WRITEABLE cannot be concurrently set. 4504 */ 4505 if ((m->aflags & PGA_WRITEABLE) == 0) 4506 return; 4507 if (m->md.pvh_attrs & PVF_MOD) 4508 pmap_clearbit(m, PVF_MOD); 4509} 4510 4511 4512/* 4513 * pmap_is_referenced: 4514 * 4515 * Return whether or not the specified physical page was referenced 4516 * in any physical maps. 4517 */ 4518boolean_t 4519pmap_is_referenced(vm_page_t m) 4520{ 4521 4522 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4523 ("pmap_is_referenced: page %p is not managed", m)); 4524 return ((m->md.pvh_attrs & PVF_REF) != 0); 4525} 4526 4527 4528/* 4529 * Clear the write and modified bits in each of the given page's mappings. 4530 */ 4531void 4532pmap_remove_write(vm_page_t m) 4533{ 4534 4535 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4536 ("pmap_remove_write: page %p is not managed", m)); 4537 4538 /* 4539 * If the page is not exclusive busied, then PGA_WRITEABLE cannot be 4540 * set by another thread while the object is locked. Thus, 4541 * if PGA_WRITEABLE is clear, no page table entries need updating. 4542 */ 4543 VM_OBJECT_ASSERT_WLOCKED(m->object); 4544 if (vm_page_xbusied(m) || (m->aflags & PGA_WRITEABLE) != 0) 4545 pmap_clearbit(m, PVF_WRITE); 4546} 4547 4548 4549/* 4550 * perform the pmap work for mincore 4551 */ 4552int 4553pmap_mincore(pmap_t pmap, vm_offset_t addr, vm_paddr_t *locked_pa) 4554{ 4555 struct l2_bucket *l2b; 4556 pt_entry_t *ptep, pte; 4557 vm_paddr_t pa; 4558 vm_page_t m; 4559 int val; 4560 boolean_t managed; 4561 4562 PMAP_LOCK(pmap); 4563retry: 4564 l2b = pmap_get_l2_bucket(pmap, addr); 4565 if (l2b == NULL) { 4566 val = 0; 4567 goto out; 4568 } 4569 ptep = &l2b->l2b_kva[l2pte_index(addr)]; 4570 pte = *ptep; 4571 if (!l2pte_valid(pte)) { 4572 val = 0; 4573 goto out; 4574 } 4575 val = MINCORE_INCORE; 4576 if (pte & L2_S_PROT_W) 4577 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER; 4578 managed = false; 4579 pa = l2pte_pa(pte); 4580 m = PHYS_TO_VM_PAGE(pa); 4581 if (m != NULL && !(m->oflags & VPO_UNMANAGED)) 4582 managed = true; 4583 if (managed) { 4584 /* 4585 * The ARM pmap tries to maintain a per-mapping 4586 * reference bit. The trouble is that it's kept in 4587 * the PV entry, not the PTE, so it's costly to access 4588 * here. You would need to acquire the pvh global 4589 * lock, call pmap_find_pv(), and introduce a custom 4590 * version of vm_page_pa_tryrelock() that releases and 4591 * reacquires the pvh global lock. In the end, I 4592 * doubt it's worthwhile. This may falsely report 4593 * the given address as referenced. 4594 */ 4595 if ((m->md.pvh_attrs & PVF_REF) != 0) 4596 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER; 4597 } 4598 if ((val & (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER)) != 4599 (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER) && managed) { 4600 /* Ensure that "PHYS_TO_VM_PAGE(pa)->object" doesn't change. */ 4601 if (vm_page_pa_tryrelock(pmap, pa, locked_pa)) 4602 goto retry; 4603 } else 4604out: 4605 PA_UNLOCK_COND(*locked_pa); 4606 PMAP_UNLOCK(pmap); 4607 return (val); 4608} 4609 4610 4611void 4612pmap_sync_icache(pmap_t pm, vm_offset_t va, vm_size_t sz) 4613{ 4614} 4615 4616 4617/* 4618 * Increase the starting virtual address of the given mapping if a 4619 * different alignment might result in more superpage mappings. 4620 */ 4621void 4622pmap_align_superpage(vm_object_t object, vm_ooffset_t offset, 4623 vm_offset_t *addr, vm_size_t size) 4624{ 4625} 4626 4627#define BOOTSTRAP_DEBUG 4628 4629/* 4630 * pmap_map_section: 4631 * 4632 * Create a single section mapping. 4633 */ 4634void 4635pmap_map_section(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, 4636 int prot, int cache) 4637{ 4638 pd_entry_t *pde = (pd_entry_t *) l1pt; 4639 pd_entry_t fl; 4640 4641 KASSERT(((va | pa) & L1_S_OFFSET) == 0, ("ouin2")); 4642 4643 switch (cache) { 4644 case PTE_NOCACHE: 4645 default: 4646 fl = 0; 4647 break; 4648 4649 case PTE_CACHE: 4650 fl = pte_l1_s_cache_mode; 4651 break; 4652 4653 case PTE_PAGETABLE: 4654 fl = pte_l1_s_cache_mode_pt; 4655 break; 4656 } 4657 4658 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa | 4659 L1_S_PROT(PTE_KERNEL, prot) | fl | L1_S_DOM(PMAP_DOMAIN_KERNEL); 4660 PTE_SYNC(&pde[va >> L1_S_SHIFT]); 4661 4662} 4663 4664/* 4665 * pmap_link_l2pt: 4666 * 4667 * Link the L2 page table specified by l2pv.pv_pa into the L1 4668 * page table at the slot for "va". 4669 */ 4670void 4671pmap_link_l2pt(vm_offset_t l1pt, vm_offset_t va, struct pv_addr *l2pv) 4672{ 4673 pd_entry_t *pde = (pd_entry_t *) l1pt, proto; 4674 u_int slot = va >> L1_S_SHIFT; 4675 4676 proto = L1_S_DOM(PMAP_DOMAIN_KERNEL) | L1_C_PROTO; 4677 4678#ifdef VERBOSE_INIT_ARM 4679 printf("pmap_link_l2pt: pa=0x%x va=0x%x\n", l2pv->pv_pa, l2pv->pv_va); 4680#endif 4681 4682 pde[slot + 0] = proto | (l2pv->pv_pa + 0x000); 4683 4684 PTE_SYNC(&pde[slot]); 4685 4686 SLIST_INSERT_HEAD(&kernel_pt_list, l2pv, pv_list); 4687 4688 4689} 4690 4691/* 4692 * pmap_map_entry 4693 * 4694 * Create a single page mapping. 4695 */ 4696void 4697pmap_map_entry(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, int prot, 4698 int cache) 4699{ 4700 pd_entry_t *pde = (pd_entry_t *) l1pt; 4701 pt_entry_t fl; 4702 pt_entry_t *pte; 4703 4704 KASSERT(((va | pa) & PAGE_MASK) == 0, ("ouin")); 4705 4706 switch (cache) { 4707 case PTE_NOCACHE: 4708 default: 4709 fl = 0; 4710 break; 4711 4712 case PTE_CACHE: 4713 fl = pte_l2_s_cache_mode; 4714 break; 4715 4716 case PTE_PAGETABLE: 4717 fl = pte_l2_s_cache_mode_pt; 4718 break; 4719 } 4720 4721 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C) 4722 panic("pmap_map_entry: no L2 table for VA 0x%08x", va); 4723 4724 pte = (pt_entry_t *) kernel_pt_lookup(pde[L1_IDX(va)] & L1_C_ADDR_MASK); 4725 4726 if (pte == NULL) 4727 panic("pmap_map_entry: can't find L2 table for VA 0x%08x", va); 4728 4729 pte[l2pte_index(va)] = 4730 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | fl; 4731 PTE_SYNC(&pte[l2pte_index(va)]); 4732} 4733 4734/* 4735 * pmap_map_chunk: 4736 * 4737 * Map a chunk of memory using the most efficient mappings 4738 * possible (section. large page, small page) into the 4739 * provided L1 and L2 tables at the specified virtual address. 4740 */ 4741vm_size_t 4742pmap_map_chunk(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, 4743 vm_size_t size, int prot, int cache) 4744{ 4745 pd_entry_t *pde = (pd_entry_t *) l1pt; 4746 pt_entry_t *pte, f1, f2s, f2l; 4747 vm_size_t resid; 4748 int i; 4749 4750 resid = (size + (PAGE_SIZE - 1)) & ~(PAGE_SIZE - 1); 4751 4752 if (l1pt == 0) 4753 panic("pmap_map_chunk: no L1 table provided"); 4754 4755#ifdef VERBOSE_INIT_ARM 4756 printf("pmap_map_chunk: pa=0x%x va=0x%x size=0x%x resid=0x%x " 4757 "prot=0x%x cache=%d\n", pa, va, size, resid, prot, cache); 4758#endif 4759 4760 switch (cache) { 4761 case PTE_NOCACHE: 4762 default: 4763 f1 = 0; 4764 f2l = 0; 4765 f2s = 0; 4766 break; 4767 4768 case PTE_CACHE: 4769 f1 = pte_l1_s_cache_mode; 4770 f2l = pte_l2_l_cache_mode; 4771 f2s = pte_l2_s_cache_mode; 4772 break; 4773 4774 case PTE_PAGETABLE: 4775 f1 = pte_l1_s_cache_mode_pt; 4776 f2l = pte_l2_l_cache_mode_pt; 4777 f2s = pte_l2_s_cache_mode_pt; 4778 break; 4779 } 4780 4781 size = resid; 4782 4783 while (resid > 0) { 4784 /* See if we can use a section mapping. */ 4785 if (L1_S_MAPPABLE_P(va, pa, resid)) { 4786#ifdef VERBOSE_INIT_ARM 4787 printf("S"); 4788#endif 4789 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa | 4790 L1_S_PROT(PTE_KERNEL, prot) | f1 | 4791 L1_S_DOM(PMAP_DOMAIN_KERNEL); 4792 PTE_SYNC(&pde[va >> L1_S_SHIFT]); 4793 va += L1_S_SIZE; 4794 pa += L1_S_SIZE; 4795 resid -= L1_S_SIZE; 4796 continue; 4797 } 4798 4799 /* 4800 * Ok, we're going to use an L2 table. Make sure 4801 * one is actually in the corresponding L1 slot 4802 * for the current VA. 4803 */ 4804 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C) 4805 panic("pmap_map_chunk: no L2 table for VA 0x%08x", va); 4806 4807 pte = (pt_entry_t *) kernel_pt_lookup( 4808 pde[L1_IDX(va)] & L1_C_ADDR_MASK); 4809 if (pte == NULL) 4810 panic("pmap_map_chunk: can't find L2 table for VA" 4811 "0x%08x", va); 4812 /* See if we can use a L2 large page mapping. */ 4813 if (L2_L_MAPPABLE_P(va, pa, resid)) { 4814#ifdef VERBOSE_INIT_ARM 4815 printf("L"); 4816#endif 4817 for (i = 0; i < 16; i++) { 4818 pte[l2pte_index(va) + i] = 4819 L2_L_PROTO | pa | 4820 L2_L_PROT(PTE_KERNEL, prot) | f2l; 4821 PTE_SYNC(&pte[l2pte_index(va) + i]); 4822 } 4823 va += L2_L_SIZE; 4824 pa += L2_L_SIZE; 4825 resid -= L2_L_SIZE; 4826 continue; 4827 } 4828 4829 /* Use a small page mapping. */ 4830#ifdef VERBOSE_INIT_ARM 4831 printf("P"); 4832#endif 4833 pte[l2pte_index(va)] = 4834 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | f2s; 4835 PTE_SYNC(&pte[l2pte_index(va)]); 4836 va += PAGE_SIZE; 4837 pa += PAGE_SIZE; 4838 resid -= PAGE_SIZE; 4839 } 4840#ifdef VERBOSE_INIT_ARM 4841 printf("\n"); 4842#endif 4843 return (size); 4844 4845} 4846 4847void 4848pmap_page_set_memattr(vm_page_t m, vm_memattr_t ma) 4849{ 4850 /* 4851 * Remember the memattr in a field that gets used to set the appropriate 4852 * bits in the PTEs as mappings are established. 4853 */ 4854 m->md.pv_memattr = ma; 4855 4856 /* 4857 * It appears that this function can only be called before any mappings 4858 * for the page are established on ARM. If this ever changes, this code 4859 * will need to walk the pv_list and make each of the existing mappings 4860 * uncacheable, being careful to sync caches and PTEs (and maybe 4861 * invalidate TLB?) for any current mapping it modifies. 4862 */ 4863 if (m->md.pv_kva != 0 || TAILQ_FIRST(&m->md.pv_list) != NULL) 4864 panic("Can't change memattr on page with existing mappings"); 4865} 4866 4867 4868