pmap.c revision 266160
1/* From: $NetBSD: pmap.c,v 1.148 2004/04/03 04:35:48 bsh Exp $ */ 2/*- 3 * Copyright 2004 Olivier Houchard. 4 * Copyright 2003 Wasabi Systems, Inc. 5 * All rights reserved. 6 * 7 * Written by Steve C. Woodford for Wasabi Systems, Inc. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed for the NetBSD Project by 20 * Wasabi Systems, Inc. 21 * 4. The name of Wasabi Systems, Inc. may not be used to endorse 22 * or promote products derived from this software without specific prior 23 * written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38/*- 39 * Copyright (c) 2002-2003 Wasabi Systems, Inc. 40 * Copyright (c) 2001 Richard Earnshaw 41 * Copyright (c) 2001-2002 Christopher Gilbert 42 * All rights reserved. 43 * 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 3. The name of the company nor the name of the author may be used to 50 * endorse or promote products derived from this software without specific 51 * prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 54 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 55 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 56 * IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 57 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 58 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 59 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 */ 65/*- 66 * Copyright (c) 1999 The NetBSD Foundation, Inc. 67 * All rights reserved. 68 * 69 * This code is derived from software contributed to The NetBSD Foundation 70 * by Charles M. Hannum. 71 * 72 * Redistribution and use in source and binary forms, with or without 73 * modification, are permitted provided that the following conditions 74 * are met: 75 * 1. Redistributions of source code must retain the above copyright 76 * notice, this list of conditions and the following disclaimer. 77 * 2. Redistributions in binary form must reproduce the above copyright 78 * notice, this list of conditions and the following disclaimer in the 79 * documentation and/or other materials provided with the distribution. 80 * 81 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 82 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 83 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 84 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 85 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 86 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 87 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 88 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 89 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 90 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 91 * POSSIBILITY OF SUCH DAMAGE. 92 */ 93 94/*- 95 * Copyright (c) 1994-1998 Mark Brinicombe. 96 * Copyright (c) 1994 Brini. 97 * All rights reserved. 98 * 99 * This code is derived from software written for Brini by Mark Brinicombe 100 * 101 * Redistribution and use in source and binary forms, with or without 102 * modification, are permitted provided that the following conditions 103 * are met: 104 * 1. Redistributions of source code must retain the above copyright 105 * notice, this list of conditions and the following disclaimer. 106 * 2. Redistributions in binary form must reproduce the above copyright 107 * notice, this list of conditions and the following disclaimer in the 108 * documentation and/or other materials provided with the distribution. 109 * 3. All advertising materials mentioning features or use of this software 110 * must display the following acknowledgement: 111 * This product includes software developed by Mark Brinicombe. 112 * 4. The name of the author may not be used to endorse or promote products 113 * derived from this software without specific prior written permission. 114 * 115 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 116 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 117 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 118 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 119 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 120 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 121 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 122 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 123 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 124 * 125 * RiscBSD kernel project 126 * 127 * pmap.c 128 * 129 * Machine dependant vm stuff 130 * 131 * Created : 20/09/94 132 */ 133 134/* 135 * Special compilation symbols 136 * PMAP_DEBUG - Build in pmap_debug_level code 137 * 138 * Note that pmap_mapdev() and pmap_unmapdev() are implemented in arm/devmap.c 139 */ 140/* Include header files */ 141 142#include "opt_vm.h" 143 144#include <sys/cdefs.h> 145__FBSDID("$FreeBSD: stable/10/sys/arm/arm/pmap.c 266160 2014-05-15 17:30:16Z ian $"); 146#include <sys/param.h> 147#include <sys/systm.h> 148#include <sys/kernel.h> 149#include <sys/ktr.h> 150#include <sys/lock.h> 151#include <sys/proc.h> 152#include <sys/malloc.h> 153#include <sys/msgbuf.h> 154#include <sys/mutex.h> 155#include <sys/vmmeter.h> 156#include <sys/mman.h> 157#include <sys/rwlock.h> 158#include <sys/smp.h> 159#include <sys/sched.h> 160 161#include <vm/vm.h> 162#include <vm/vm_param.h> 163#include <vm/uma.h> 164#include <vm/pmap.h> 165#include <vm/vm_kern.h> 166#include <vm/vm_object.h> 167#include <vm/vm_map.h> 168#include <vm/vm_page.h> 169#include <vm/vm_pageout.h> 170#include <vm/vm_phys.h> 171#include <vm/vm_extern.h> 172 173#include <machine/md_var.h> 174#include <machine/cpu.h> 175#include <machine/cpufunc.h> 176#include <machine/pcb.h> 177 178#ifdef PMAP_DEBUG 179#define PDEBUG(_lev_,_stat_) \ 180 if (pmap_debug_level >= (_lev_)) \ 181 ((_stat_)) 182#define dprintf printf 183 184int pmap_debug_level = 0; 185#define PMAP_INLINE 186#else /* PMAP_DEBUG */ 187#define PDEBUG(_lev_,_stat_) /* Nothing */ 188#define dprintf(x, arg...) 189#define PMAP_INLINE __inline 190#endif /* PMAP_DEBUG */ 191 192extern struct pv_addr systempage; 193 194extern int last_fault_code; 195 196/* 197 * Internal function prototypes 198 */ 199static void pmap_free_pv_entry (pv_entry_t); 200static pv_entry_t pmap_get_pv_entry(void); 201 202static void pmap_enter_locked(pmap_t, vm_offset_t, vm_page_t, 203 vm_prot_t, boolean_t, int); 204static vm_paddr_t pmap_extract_locked(pmap_t pmap, vm_offset_t va); 205static void pmap_fix_cache(struct vm_page *, pmap_t, vm_offset_t); 206static void pmap_alloc_l1(pmap_t); 207static void pmap_free_l1(pmap_t); 208 209static int pmap_clearbit(struct vm_page *, u_int); 210 211static struct l2_bucket *pmap_get_l2_bucket(pmap_t, vm_offset_t); 212static struct l2_bucket *pmap_alloc_l2_bucket(pmap_t, vm_offset_t); 213static void pmap_free_l2_bucket(pmap_t, struct l2_bucket *, u_int); 214static vm_offset_t kernel_pt_lookup(vm_paddr_t); 215 216static MALLOC_DEFINE(M_VMPMAP, "pmap", "PMAP L1"); 217 218vm_offset_t virtual_avail; /* VA of first avail page (after kernel bss) */ 219vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */ 220vm_offset_t pmap_curmaxkvaddr; 221vm_paddr_t kernel_l1pa; 222 223vm_offset_t kernel_vm_end = 0; 224 225vm_offset_t vm_max_kernel_address; 226 227struct pmap kernel_pmap_store; 228 229static pt_entry_t *csrc_pte, *cdst_pte; 230static vm_offset_t csrcp, cdstp; 231static struct mtx cmtx; 232 233static void pmap_init_l1(struct l1_ttable *, pd_entry_t *); 234/* 235 * These routines are called when the CPU type is identified to set up 236 * the PTE prototypes, cache modes, etc. 237 * 238 * The variables are always here, just in case LKMs need to reference 239 * them (though, they shouldn't). 240 */ 241 242pt_entry_t pte_l1_s_cache_mode; 243pt_entry_t pte_l1_s_cache_mode_pt; 244pt_entry_t pte_l1_s_cache_mask; 245 246pt_entry_t pte_l2_l_cache_mode; 247pt_entry_t pte_l2_l_cache_mode_pt; 248pt_entry_t pte_l2_l_cache_mask; 249 250pt_entry_t pte_l2_s_cache_mode; 251pt_entry_t pte_l2_s_cache_mode_pt; 252pt_entry_t pte_l2_s_cache_mask; 253 254pt_entry_t pte_l2_s_prot_u; 255pt_entry_t pte_l2_s_prot_w; 256pt_entry_t pte_l2_s_prot_mask; 257 258pt_entry_t pte_l1_s_proto; 259pt_entry_t pte_l1_c_proto; 260pt_entry_t pte_l2_s_proto; 261 262void (*pmap_copy_page_func)(vm_paddr_t, vm_paddr_t); 263void (*pmap_copy_page_offs_func)(vm_paddr_t a_phys, 264 vm_offset_t a_offs, vm_paddr_t b_phys, vm_offset_t b_offs, 265 int cnt); 266void (*pmap_zero_page_func)(vm_paddr_t, int, int); 267 268struct msgbuf *msgbufp = 0; 269 270/* 271 * Crashdump maps. 272 */ 273static caddr_t crashdumpmap; 274 275extern void bcopy_page(vm_offset_t, vm_offset_t); 276extern void bzero_page(vm_offset_t); 277 278extern vm_offset_t alloc_firstaddr; 279 280char *_tmppt; 281 282/* 283 * Metadata for L1 translation tables. 284 */ 285struct l1_ttable { 286 /* Entry on the L1 Table list */ 287 SLIST_ENTRY(l1_ttable) l1_link; 288 289 /* Entry on the L1 Least Recently Used list */ 290 TAILQ_ENTRY(l1_ttable) l1_lru; 291 292 /* Track how many domains are allocated from this L1 */ 293 volatile u_int l1_domain_use_count; 294 295 /* 296 * A free-list of domain numbers for this L1. 297 * We avoid using ffs() and a bitmap to track domains since ffs() 298 * is slow on ARM. 299 */ 300 u_int8_t l1_domain_first; 301 u_int8_t l1_domain_free[PMAP_DOMAINS]; 302 303 /* Physical address of this L1 page table */ 304 vm_paddr_t l1_physaddr; 305 306 /* KVA of this L1 page table */ 307 pd_entry_t *l1_kva; 308}; 309 310/* 311 * Convert a virtual address into its L1 table index. That is, the 312 * index used to locate the L2 descriptor table pointer in an L1 table. 313 * This is basically used to index l1->l1_kva[]. 314 * 315 * Each L2 descriptor table represents 1MB of VA space. 316 */ 317#define L1_IDX(va) (((vm_offset_t)(va)) >> L1_S_SHIFT) 318 319/* 320 * L1 Page Tables are tracked using a Least Recently Used list. 321 * - New L1s are allocated from the HEAD. 322 * - Freed L1s are added to the TAIl. 323 * - Recently accessed L1s (where an 'access' is some change to one of 324 * the userland pmaps which owns this L1) are moved to the TAIL. 325 */ 326static TAILQ_HEAD(, l1_ttable) l1_lru_list; 327/* 328 * A list of all L1 tables 329 */ 330static SLIST_HEAD(, l1_ttable) l1_list; 331static struct mtx l1_lru_lock; 332 333/* 334 * The l2_dtable tracks L2_BUCKET_SIZE worth of L1 slots. 335 * 336 * This is normally 16MB worth L2 page descriptors for any given pmap. 337 * Reference counts are maintained for L2 descriptors so they can be 338 * freed when empty. 339 */ 340struct l2_dtable { 341 /* The number of L2 page descriptors allocated to this l2_dtable */ 342 u_int l2_occupancy; 343 344 /* List of L2 page descriptors */ 345 struct l2_bucket { 346 pt_entry_t *l2b_kva; /* KVA of L2 Descriptor Table */ 347 vm_paddr_t l2b_phys; /* Physical address of same */ 348 u_short l2b_l1idx; /* This L2 table's L1 index */ 349 u_short l2b_occupancy; /* How many active descriptors */ 350 } l2_bucket[L2_BUCKET_SIZE]; 351}; 352 353/* pmap_kenter_internal flags */ 354#define KENTER_CACHE 0x1 355#define KENTER_USER 0x2 356 357/* 358 * Given an L1 table index, calculate the corresponding l2_dtable index 359 * and bucket index within the l2_dtable. 360 */ 361#define L2_IDX(l1idx) (((l1idx) >> L2_BUCKET_LOG2) & \ 362 (L2_SIZE - 1)) 363#define L2_BUCKET(l1idx) ((l1idx) & (L2_BUCKET_SIZE - 1)) 364 365/* 366 * Given a virtual address, this macro returns the 367 * virtual address required to drop into the next L2 bucket. 368 */ 369#define L2_NEXT_BUCKET(va) (((va) & L1_S_FRAME) + L1_S_SIZE) 370 371/* 372 * We try to map the page tables write-through, if possible. However, not 373 * all CPUs have a write-through cache mode, so on those we have to sync 374 * the cache when we frob page tables. 375 * 376 * We try to evaluate this at compile time, if possible. However, it's 377 * not always possible to do that, hence this run-time var. 378 */ 379int pmap_needs_pte_sync; 380 381/* 382 * Macro to determine if a mapping might be resident in the 383 * instruction cache and/or TLB 384 */ 385#define PV_BEEN_EXECD(f) (((f) & (PVF_REF | PVF_EXEC)) == (PVF_REF | PVF_EXEC)) 386 387/* 388 * Macro to determine if a mapping might be resident in the 389 * data cache and/or TLB 390 */ 391#define PV_BEEN_REFD(f) (((f) & PVF_REF) != 0) 392 393#ifndef PMAP_SHPGPERPROC 394#define PMAP_SHPGPERPROC 200 395#endif 396 397#define pmap_is_current(pm) ((pm) == pmap_kernel() || \ 398 curproc->p_vmspace->vm_map.pmap == (pm)) 399static uma_zone_t pvzone = NULL; 400uma_zone_t l2zone; 401static uma_zone_t l2table_zone; 402static vm_offset_t pmap_kernel_l2dtable_kva; 403static vm_offset_t pmap_kernel_l2ptp_kva; 404static vm_paddr_t pmap_kernel_l2ptp_phys; 405static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0; 406static struct rwlock pvh_global_lock; 407 408void pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs, 409 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt); 410#if ARM_MMU_XSCALE == 1 411void pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs, 412 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt); 413#endif 414 415/* 416 * This list exists for the benefit of pmap_map_chunk(). It keeps track 417 * of the kernel L2 tables during bootstrap, so that pmap_map_chunk() can 418 * find them as necessary. 419 * 420 * Note that the data on this list MUST remain valid after initarm() returns, 421 * as pmap_bootstrap() uses it to contruct L2 table metadata. 422 */ 423SLIST_HEAD(, pv_addr) kernel_pt_list = SLIST_HEAD_INITIALIZER(kernel_pt_list); 424 425static void 426pmap_init_l1(struct l1_ttable *l1, pd_entry_t *l1pt) 427{ 428 int i; 429 430 l1->l1_kva = l1pt; 431 l1->l1_domain_use_count = 0; 432 l1->l1_domain_first = 0; 433 434 for (i = 0; i < PMAP_DOMAINS; i++) 435 l1->l1_domain_free[i] = i + 1; 436 437 /* 438 * Copy the kernel's L1 entries to each new L1. 439 */ 440 if (l1pt != pmap_kernel()->pm_l1->l1_kva) 441 memcpy(l1pt, pmap_kernel()->pm_l1->l1_kva, L1_TABLE_SIZE); 442 443 if ((l1->l1_physaddr = pmap_extract(pmap_kernel(), (vm_offset_t)l1pt)) == 0) 444 panic("pmap_init_l1: can't get PA of L1 at %p", l1pt); 445 SLIST_INSERT_HEAD(&l1_list, l1, l1_link); 446 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 447} 448 449static vm_offset_t 450kernel_pt_lookup(vm_paddr_t pa) 451{ 452 struct pv_addr *pv; 453 454 SLIST_FOREACH(pv, &kernel_pt_list, pv_list) { 455 if (pv->pv_pa == pa) 456 return (pv->pv_va); 457 } 458 return (0); 459} 460 461#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 462void 463pmap_pte_init_generic(void) 464{ 465 466 pte_l1_s_cache_mode = L1_S_B|L1_S_C; 467 pte_l1_s_cache_mask = L1_S_CACHE_MASK_generic; 468 469 pte_l2_l_cache_mode = L2_B|L2_C; 470 pte_l2_l_cache_mask = L2_L_CACHE_MASK_generic; 471 472 pte_l2_s_cache_mode = L2_B|L2_C; 473 pte_l2_s_cache_mask = L2_S_CACHE_MASK_generic; 474 475 /* 476 * If we have a write-through cache, set B and C. If 477 * we have a write-back cache, then we assume setting 478 * only C will make those pages write-through. 479 */ 480 if (cpufuncs.cf_dcache_wb_range == (void *) cpufunc_nullop) { 481 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 482 pte_l2_l_cache_mode_pt = L2_B|L2_C; 483 pte_l2_s_cache_mode_pt = L2_B|L2_C; 484 } else { 485 pte_l1_s_cache_mode_pt = L1_S_C; 486 pte_l2_l_cache_mode_pt = L2_C; 487 pte_l2_s_cache_mode_pt = L2_C; 488 } 489 490 pte_l2_s_prot_u = L2_S_PROT_U_generic; 491 pte_l2_s_prot_w = L2_S_PROT_W_generic; 492 pte_l2_s_prot_mask = L2_S_PROT_MASK_generic; 493 494 pte_l1_s_proto = L1_S_PROTO_generic; 495 pte_l1_c_proto = L1_C_PROTO_generic; 496 pte_l2_s_proto = L2_S_PROTO_generic; 497 498 pmap_copy_page_func = pmap_copy_page_generic; 499 pmap_copy_page_offs_func = pmap_copy_page_offs_generic; 500 pmap_zero_page_func = pmap_zero_page_generic; 501} 502 503#if defined(CPU_ARM8) 504void 505pmap_pte_init_arm8(void) 506{ 507 508 /* 509 * ARM8 is compatible with generic, but we need to use 510 * the page tables uncached. 511 */ 512 pmap_pte_init_generic(); 513 514 pte_l1_s_cache_mode_pt = 0; 515 pte_l2_l_cache_mode_pt = 0; 516 pte_l2_s_cache_mode_pt = 0; 517} 518#endif /* CPU_ARM8 */ 519 520#if defined(CPU_ARM9) && defined(ARM9_CACHE_WRITE_THROUGH) 521void 522pmap_pte_init_arm9(void) 523{ 524 525 /* 526 * ARM9 is compatible with generic, but we want to use 527 * write-through caching for now. 528 */ 529 pmap_pte_init_generic(); 530 531 pte_l1_s_cache_mode = L1_S_C; 532 pte_l2_l_cache_mode = L2_C; 533 pte_l2_s_cache_mode = L2_C; 534 535 pte_l1_s_cache_mode_pt = L1_S_C; 536 pte_l2_l_cache_mode_pt = L2_C; 537 pte_l2_s_cache_mode_pt = L2_C; 538} 539#endif /* CPU_ARM9 */ 540#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 541 542#if defined(CPU_ARM10) 543void 544pmap_pte_init_arm10(void) 545{ 546 547 /* 548 * ARM10 is compatible with generic, but we want to use 549 * write-through caching for now. 550 */ 551 pmap_pte_init_generic(); 552 553 pte_l1_s_cache_mode = L1_S_B | L1_S_C; 554 pte_l2_l_cache_mode = L2_B | L2_C; 555 pte_l2_s_cache_mode = L2_B | L2_C; 556 557 pte_l1_s_cache_mode_pt = L1_S_C; 558 pte_l2_l_cache_mode_pt = L2_C; 559 pte_l2_s_cache_mode_pt = L2_C; 560 561} 562#endif /* CPU_ARM10 */ 563 564#if ARM_MMU_SA1 == 1 565void 566pmap_pte_init_sa1(void) 567{ 568 569 /* 570 * The StrongARM SA-1 cache does not have a write-through 571 * mode. So, do the generic initialization, then reset 572 * the page table cache mode to B=1,C=1, and note that 573 * the PTEs need to be sync'd. 574 */ 575 pmap_pte_init_generic(); 576 577 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 578 pte_l2_l_cache_mode_pt = L2_B|L2_C; 579 pte_l2_s_cache_mode_pt = L2_B|L2_C; 580 581 pmap_needs_pte_sync = 1; 582} 583#endif /* ARM_MMU_SA1 == 1*/ 584 585#if ARM_MMU_XSCALE == 1 586#if (ARM_NMMUS > 1) || defined (CPU_XSCALE_CORE3) 587static u_int xscale_use_minidata; 588#endif 589 590void 591pmap_pte_init_xscale(void) 592{ 593 uint32_t auxctl; 594 int write_through = 0; 595 596 pte_l1_s_cache_mode = L1_S_B|L1_S_C|L1_S_XSCALE_P; 597 pte_l1_s_cache_mask = L1_S_CACHE_MASK_xscale; 598 599 pte_l2_l_cache_mode = L2_B|L2_C; 600 pte_l2_l_cache_mask = L2_L_CACHE_MASK_xscale; 601 602 pte_l2_s_cache_mode = L2_B|L2_C; 603 pte_l2_s_cache_mask = L2_S_CACHE_MASK_xscale; 604 605 pte_l1_s_cache_mode_pt = L1_S_C; 606 pte_l2_l_cache_mode_pt = L2_C; 607 pte_l2_s_cache_mode_pt = L2_C; 608#ifdef XSCALE_CACHE_READ_WRITE_ALLOCATE 609 /* 610 * The XScale core has an enhanced mode where writes that 611 * miss the cache cause a cache line to be allocated. This 612 * is significantly faster than the traditional, write-through 613 * behavior of this case. 614 */ 615 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_X); 616 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_X); 617 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_X); 618#endif /* XSCALE_CACHE_READ_WRITE_ALLOCATE */ 619#ifdef XSCALE_CACHE_WRITE_THROUGH 620 /* 621 * Some versions of the XScale core have various bugs in 622 * their cache units, the work-around for which is to run 623 * the cache in write-through mode. Unfortunately, this 624 * has a major (negative) impact on performance. So, we 625 * go ahead and run fast-and-loose, in the hopes that we 626 * don't line up the planets in a way that will trip the 627 * bugs. 628 * 629 * However, we give you the option to be slow-but-correct. 630 */ 631 write_through = 1; 632#elif defined(XSCALE_CACHE_WRITE_BACK) 633 /* force write back cache mode */ 634 write_through = 0; 635#elif defined(CPU_XSCALE_PXA2X0) 636 /* 637 * Intel PXA2[15]0 processors are known to have a bug in 638 * write-back cache on revision 4 and earlier (stepping 639 * A[01] and B[012]). Fixed for C0 and later. 640 */ 641 { 642 uint32_t id, type; 643 644 id = cpufunc_id(); 645 type = id & ~(CPU_ID_XSCALE_COREREV_MASK|CPU_ID_REVISION_MASK); 646 647 if (type == CPU_ID_PXA250 || type == CPU_ID_PXA210) { 648 if ((id & CPU_ID_REVISION_MASK) < 5) { 649 /* write through for stepping A0-1 and B0-2 */ 650 write_through = 1; 651 } 652 } 653 } 654#endif /* XSCALE_CACHE_WRITE_THROUGH */ 655 656 if (write_through) { 657 pte_l1_s_cache_mode = L1_S_C; 658 pte_l2_l_cache_mode = L2_C; 659 pte_l2_s_cache_mode = L2_C; 660 } 661 662#if (ARM_NMMUS > 1) 663 xscale_use_minidata = 1; 664#endif 665 666 pte_l2_s_prot_u = L2_S_PROT_U_xscale; 667 pte_l2_s_prot_w = L2_S_PROT_W_xscale; 668 pte_l2_s_prot_mask = L2_S_PROT_MASK_xscale; 669 670 pte_l1_s_proto = L1_S_PROTO_xscale; 671 pte_l1_c_proto = L1_C_PROTO_xscale; 672 pte_l2_s_proto = L2_S_PROTO_xscale; 673 674#ifdef CPU_XSCALE_CORE3 675 pmap_copy_page_func = pmap_copy_page_generic; 676 pmap_copy_page_offs_func = pmap_copy_page_offs_generic; 677 pmap_zero_page_func = pmap_zero_page_generic; 678 xscale_use_minidata = 0; 679 /* Make sure it is L2-cachable */ 680 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_T); 681 pte_l1_s_cache_mode_pt = pte_l1_s_cache_mode &~ L1_S_XSCALE_P; 682 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_T) ; 683 pte_l2_l_cache_mode_pt = pte_l1_s_cache_mode; 684 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_T); 685 pte_l2_s_cache_mode_pt = pte_l2_s_cache_mode; 686 687#else 688 pmap_copy_page_func = pmap_copy_page_xscale; 689 pmap_copy_page_offs_func = pmap_copy_page_offs_xscale; 690 pmap_zero_page_func = pmap_zero_page_xscale; 691#endif 692 693 /* 694 * Disable ECC protection of page table access, for now. 695 */ 696 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl)); 697 auxctl &= ~XSCALE_AUXCTL_P; 698 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl)); 699} 700 701/* 702 * xscale_setup_minidata: 703 * 704 * Set up the mini-data cache clean area. We require the 705 * caller to allocate the right amount of physically and 706 * virtually contiguous space. 707 */ 708extern vm_offset_t xscale_minidata_clean_addr; 709extern vm_size_t xscale_minidata_clean_size; /* already initialized */ 710void 711xscale_setup_minidata(vm_offset_t l1pt, vm_offset_t va, vm_paddr_t pa) 712{ 713 pd_entry_t *pde = (pd_entry_t *) l1pt; 714 pt_entry_t *pte; 715 vm_size_t size; 716 uint32_t auxctl; 717 718 xscale_minidata_clean_addr = va; 719 720 /* Round it to page size. */ 721 size = (xscale_minidata_clean_size + L2_S_OFFSET) & L2_S_FRAME; 722 723 for (; size != 0; 724 va += L2_S_SIZE, pa += L2_S_SIZE, size -= L2_S_SIZE) { 725 pte = (pt_entry_t *) kernel_pt_lookup( 726 pde[L1_IDX(va)] & L1_C_ADDR_MASK); 727 if (pte == NULL) 728 panic("xscale_setup_minidata: can't find L2 table for " 729 "VA 0x%08x", (u_int32_t) va); 730 pte[l2pte_index(va)] = 731 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 732 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 733 } 734 735 /* 736 * Configure the mini-data cache for write-back with 737 * read/write-allocate. 738 * 739 * NOTE: In order to reconfigure the mini-data cache, we must 740 * make sure it contains no valid data! In order to do that, 741 * we must issue a global data cache invalidate command! 742 * 743 * WE ASSUME WE ARE RUNNING UN-CACHED WHEN THIS ROUTINE IS CALLED! 744 * THIS IS VERY IMPORTANT! 745 */ 746 747 /* Invalidate data and mini-data. */ 748 __asm __volatile("mcr p15, 0, %0, c7, c6, 0" : : "r" (0)); 749 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl)); 750 auxctl = (auxctl & ~XSCALE_AUXCTL_MD_MASK) | XSCALE_AUXCTL_MD_WB_RWA; 751 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl)); 752} 753#endif 754 755/* 756 * Allocate an L1 translation table for the specified pmap. 757 * This is called at pmap creation time. 758 */ 759static void 760pmap_alloc_l1(pmap_t pm) 761{ 762 struct l1_ttable *l1; 763 u_int8_t domain; 764 765 /* 766 * Remove the L1 at the head of the LRU list 767 */ 768 mtx_lock(&l1_lru_lock); 769 l1 = TAILQ_FIRST(&l1_lru_list); 770 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 771 772 /* 773 * Pick the first available domain number, and update 774 * the link to the next number. 775 */ 776 domain = l1->l1_domain_first; 777 l1->l1_domain_first = l1->l1_domain_free[domain]; 778 779 /* 780 * If there are still free domain numbers in this L1, 781 * put it back on the TAIL of the LRU list. 782 */ 783 if (++l1->l1_domain_use_count < PMAP_DOMAINS) 784 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 785 786 mtx_unlock(&l1_lru_lock); 787 788 /* 789 * Fix up the relevant bits in the pmap structure 790 */ 791 pm->pm_l1 = l1; 792 pm->pm_domain = domain + 1; 793} 794 795/* 796 * Free an L1 translation table. 797 * This is called at pmap destruction time. 798 */ 799static void 800pmap_free_l1(pmap_t pm) 801{ 802 struct l1_ttable *l1 = pm->pm_l1; 803 804 mtx_lock(&l1_lru_lock); 805 806 /* 807 * If this L1 is currently on the LRU list, remove it. 808 */ 809 if (l1->l1_domain_use_count < PMAP_DOMAINS) 810 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 811 812 /* 813 * Free up the domain number which was allocated to the pmap 814 */ 815 l1->l1_domain_free[pm->pm_domain - 1] = l1->l1_domain_first; 816 l1->l1_domain_first = pm->pm_domain - 1; 817 l1->l1_domain_use_count--; 818 819 /* 820 * The L1 now must have at least 1 free domain, so add 821 * it back to the LRU list. If the use count is zero, 822 * put it at the head of the list, otherwise it goes 823 * to the tail. 824 */ 825 if (l1->l1_domain_use_count == 0) { 826 TAILQ_INSERT_HEAD(&l1_lru_list, l1, l1_lru); 827 } else 828 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 829 830 mtx_unlock(&l1_lru_lock); 831} 832 833/* 834 * Returns a pointer to the L2 bucket associated with the specified pmap 835 * and VA, or NULL if no L2 bucket exists for the address. 836 */ 837static PMAP_INLINE struct l2_bucket * 838pmap_get_l2_bucket(pmap_t pm, vm_offset_t va) 839{ 840 struct l2_dtable *l2; 841 struct l2_bucket *l2b; 842 u_short l1idx; 843 844 l1idx = L1_IDX(va); 845 846 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL || 847 (l2b = &l2->l2_bucket[L2_BUCKET(l1idx)])->l2b_kva == NULL) 848 return (NULL); 849 850 return (l2b); 851} 852 853/* 854 * Returns a pointer to the L2 bucket associated with the specified pmap 855 * and VA. 856 * 857 * If no L2 bucket exists, perform the necessary allocations to put an L2 858 * bucket/page table in place. 859 * 860 * Note that if a new L2 bucket/page was allocated, the caller *must* 861 * increment the bucket occupancy counter appropriately *before* 862 * releasing the pmap's lock to ensure no other thread or cpu deallocates 863 * the bucket/page in the meantime. 864 */ 865static struct l2_bucket * 866pmap_alloc_l2_bucket(pmap_t pm, vm_offset_t va) 867{ 868 struct l2_dtable *l2; 869 struct l2_bucket *l2b; 870 u_short l1idx; 871 872 l1idx = L1_IDX(va); 873 874 PMAP_ASSERT_LOCKED(pm); 875 rw_assert(&pvh_global_lock, RA_WLOCKED); 876 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) { 877 /* 878 * No mapping at this address, as there is 879 * no entry in the L1 table. 880 * Need to allocate a new l2_dtable. 881 */ 882 PMAP_UNLOCK(pm); 883 rw_wunlock(&pvh_global_lock); 884 if ((l2 = uma_zalloc(l2table_zone, M_NOWAIT)) == NULL) { 885 rw_wlock(&pvh_global_lock); 886 PMAP_LOCK(pm); 887 return (NULL); 888 } 889 rw_wlock(&pvh_global_lock); 890 PMAP_LOCK(pm); 891 if (pm->pm_l2[L2_IDX(l1idx)] != NULL) { 892 /* 893 * Someone already allocated the l2_dtable while 894 * we were doing the same. 895 */ 896 uma_zfree(l2table_zone, l2); 897 l2 = pm->pm_l2[L2_IDX(l1idx)]; 898 } else { 899 bzero(l2, sizeof(*l2)); 900 /* 901 * Link it into the parent pmap 902 */ 903 pm->pm_l2[L2_IDX(l1idx)] = l2; 904 } 905 } 906 907 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 908 909 /* 910 * Fetch pointer to the L2 page table associated with the address. 911 */ 912 if (l2b->l2b_kva == NULL) { 913 pt_entry_t *ptep; 914 915 /* 916 * No L2 page table has been allocated. Chances are, this 917 * is because we just allocated the l2_dtable, above. 918 */ 919 PMAP_UNLOCK(pm); 920 rw_wunlock(&pvh_global_lock); 921 ptep = uma_zalloc(l2zone, M_NOWAIT); 922 rw_wlock(&pvh_global_lock); 923 PMAP_LOCK(pm); 924 if (l2b->l2b_kva != 0) { 925 /* We lost the race. */ 926 uma_zfree(l2zone, ptep); 927 return (l2b); 928 } 929 l2b->l2b_phys = vtophys(ptep); 930 if (ptep == NULL) { 931 /* 932 * Oops, no more L2 page tables available at this 933 * time. We may need to deallocate the l2_dtable 934 * if we allocated a new one above. 935 */ 936 if (l2->l2_occupancy == 0) { 937 pm->pm_l2[L2_IDX(l1idx)] = NULL; 938 uma_zfree(l2table_zone, l2); 939 } 940 return (NULL); 941 } 942 943 l2->l2_occupancy++; 944 l2b->l2b_kva = ptep; 945 l2b->l2b_l1idx = l1idx; 946 } 947 948 return (l2b); 949} 950 951static PMAP_INLINE void 952#ifndef PMAP_INCLUDE_PTE_SYNC 953pmap_free_l2_ptp(pt_entry_t *l2) 954#else 955pmap_free_l2_ptp(boolean_t need_sync, pt_entry_t *l2) 956#endif 957{ 958#ifdef PMAP_INCLUDE_PTE_SYNC 959 /* 960 * Note: With a write-back cache, we may need to sync this 961 * L2 table before re-using it. 962 * This is because it may have belonged to a non-current 963 * pmap, in which case the cache syncs would have been 964 * skipped when the pages were being unmapped. If the 965 * L2 table were then to be immediately re-allocated to 966 * the *current* pmap, it may well contain stale mappings 967 * which have not yet been cleared by a cache write-back 968 * and so would still be visible to the mmu. 969 */ 970 if (need_sync) 971 PTE_SYNC_RANGE(l2, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 972#endif 973 uma_zfree(l2zone, l2); 974} 975/* 976 * One or more mappings in the specified L2 descriptor table have just been 977 * invalidated. 978 * 979 * Garbage collect the metadata and descriptor table itself if necessary. 980 * 981 * The pmap lock must be acquired when this is called (not necessary 982 * for the kernel pmap). 983 */ 984static void 985pmap_free_l2_bucket(pmap_t pm, struct l2_bucket *l2b, u_int count) 986{ 987 struct l2_dtable *l2; 988 pd_entry_t *pl1pd, l1pd; 989 pt_entry_t *ptep; 990 u_short l1idx; 991 992 993 /* 994 * Update the bucket's reference count according to how many 995 * PTEs the caller has just invalidated. 996 */ 997 l2b->l2b_occupancy -= count; 998 999 /* 1000 * Note: 1001 * 1002 * Level 2 page tables allocated to the kernel pmap are never freed 1003 * as that would require checking all Level 1 page tables and 1004 * removing any references to the Level 2 page table. See also the 1005 * comment elsewhere about never freeing bootstrap L2 descriptors. 1006 * 1007 * We make do with just invalidating the mapping in the L2 table. 1008 * 1009 * This isn't really a big deal in practice and, in fact, leads 1010 * to a performance win over time as we don't need to continually 1011 * alloc/free. 1012 */ 1013 if (l2b->l2b_occupancy > 0 || pm == pmap_kernel()) 1014 return; 1015 1016 /* 1017 * There are no more valid mappings in this level 2 page table. 1018 * Go ahead and NULL-out the pointer in the bucket, then 1019 * free the page table. 1020 */ 1021 l1idx = l2b->l2b_l1idx; 1022 ptep = l2b->l2b_kva; 1023 l2b->l2b_kva = NULL; 1024 1025 pl1pd = &pm->pm_l1->l1_kva[l1idx]; 1026 1027 /* 1028 * If the L1 slot matches the pmap's domain 1029 * number, then invalidate it. 1030 */ 1031 l1pd = *pl1pd & (L1_TYPE_MASK | L1_C_DOM_MASK); 1032 if (l1pd == (L1_C_DOM(pm->pm_domain) | L1_TYPE_C)) { 1033 *pl1pd = 0; 1034 PTE_SYNC(pl1pd); 1035 } 1036 1037 /* 1038 * Release the L2 descriptor table back to the pool cache. 1039 */ 1040#ifndef PMAP_INCLUDE_PTE_SYNC 1041 pmap_free_l2_ptp(ptep); 1042#else 1043 pmap_free_l2_ptp(!pmap_is_current(pm), ptep); 1044#endif 1045 1046 /* 1047 * Update the reference count in the associated l2_dtable 1048 */ 1049 l2 = pm->pm_l2[L2_IDX(l1idx)]; 1050 if (--l2->l2_occupancy > 0) 1051 return; 1052 1053 /* 1054 * There are no more valid mappings in any of the Level 1 1055 * slots managed by this l2_dtable. Go ahead and NULL-out 1056 * the pointer in the parent pmap and free the l2_dtable. 1057 */ 1058 pm->pm_l2[L2_IDX(l1idx)] = NULL; 1059 uma_zfree(l2table_zone, l2); 1060} 1061 1062/* 1063 * Pool cache constructors for L2 descriptor tables, metadata and pmap 1064 * structures. 1065 */ 1066static int 1067pmap_l2ptp_ctor(void *mem, int size, void *arg, int flags) 1068{ 1069#ifndef PMAP_INCLUDE_PTE_SYNC 1070 struct l2_bucket *l2b; 1071 pt_entry_t *ptep, pte; 1072#ifdef ARM_USE_SMALL_ALLOC 1073 pd_entry_t *pde; 1074#endif 1075 vm_offset_t va = (vm_offset_t)mem & ~PAGE_MASK; 1076 1077 /* 1078 * The mappings for these page tables were initially made using 1079 * pmap_kenter() by the pool subsystem. Therefore, the cache- 1080 * mode will not be right for page table mappings. To avoid 1081 * polluting the pmap_kenter() code with a special case for 1082 * page tables, we simply fix up the cache-mode here if it's not 1083 * correct. 1084 */ 1085#ifdef ARM_USE_SMALL_ALLOC 1086 pde = &kernel_pmap->pm_l1->l1_kva[L1_IDX(va)]; 1087 if (!l1pte_section_p(*pde)) { 1088#endif 1089 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 1090 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1091 pte = *ptep; 1092 1093 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 1094 /* 1095 * Page tables must have the cache-mode set to 1096 * Write-Thru. 1097 */ 1098 *ptep = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt; 1099 PTE_SYNC(ptep); 1100 cpu_tlb_flushD_SE(va); 1101 cpu_cpwait(); 1102 } 1103#ifdef ARM_USE_SMALL_ALLOC 1104 } 1105#endif 1106#endif 1107 memset(mem, 0, L2_TABLE_SIZE_REAL); 1108 PTE_SYNC_RANGE(mem, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 1109 return (0); 1110} 1111 1112/* 1113 * A bunch of routines to conditionally flush the caches/TLB depending 1114 * on whether the specified pmap actually needs to be flushed at any 1115 * given time. 1116 */ 1117static PMAP_INLINE void 1118pmap_tlb_flushID_SE(pmap_t pm, vm_offset_t va) 1119{ 1120 1121 if (pmap_is_current(pm)) 1122 cpu_tlb_flushID_SE(va); 1123} 1124 1125static PMAP_INLINE void 1126pmap_tlb_flushD_SE(pmap_t pm, vm_offset_t va) 1127{ 1128 1129 if (pmap_is_current(pm)) 1130 cpu_tlb_flushD_SE(va); 1131} 1132 1133static PMAP_INLINE void 1134pmap_tlb_flushID(pmap_t pm) 1135{ 1136 1137 if (pmap_is_current(pm)) 1138 cpu_tlb_flushID(); 1139} 1140static PMAP_INLINE void 1141pmap_tlb_flushD(pmap_t pm) 1142{ 1143 1144 if (pmap_is_current(pm)) 1145 cpu_tlb_flushD(); 1146} 1147 1148static int 1149pmap_has_valid_mapping(pmap_t pm, vm_offset_t va) 1150{ 1151 pd_entry_t *pde; 1152 pt_entry_t *ptep; 1153 1154 if (pmap_get_pde_pte(pm, va, &pde, &ptep) && 1155 ptep && ((*ptep & L2_TYPE_MASK) != L2_TYPE_INV)) 1156 return (1); 1157 1158 return (0); 1159} 1160 1161static PMAP_INLINE void 1162pmap_idcache_wbinv_range(pmap_t pm, vm_offset_t va, vm_size_t len) 1163{ 1164 vm_size_t rest; 1165 1166 CTR4(KTR_PMAP, "pmap_dcache_wbinv_range: pmap %p is_kernel %d va 0x%08x" 1167 " len 0x%x ", pm, pm == pmap_kernel(), va, len); 1168 1169 if (pmap_is_current(pm) || pm == pmap_kernel()) { 1170 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len); 1171 while (len > 0) { 1172 if (pmap_has_valid_mapping(pm, va)) { 1173 cpu_idcache_wbinv_range(va, rest); 1174 cpu_l2cache_wbinv_range(va, rest); 1175 } 1176 len -= rest; 1177 va += rest; 1178 rest = MIN(PAGE_SIZE, len); 1179 } 1180 } 1181} 1182 1183static PMAP_INLINE void 1184pmap_dcache_wb_range(pmap_t pm, vm_offset_t va, vm_size_t len, boolean_t do_inv, 1185 boolean_t rd_only) 1186{ 1187 vm_size_t rest; 1188 1189 CTR4(KTR_PMAP, "pmap_dcache_wb_range: pmap %p is_kernel %d va 0x%08x " 1190 "len 0x%x ", pm, pm == pmap_kernel(), va, len); 1191 CTR2(KTR_PMAP, " do_inv %d rd_only %d", do_inv, rd_only); 1192 1193 if (pmap_is_current(pm)) { 1194 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len); 1195 while (len > 0) { 1196 if (pmap_has_valid_mapping(pm, va)) { 1197 if (do_inv && rd_only) { 1198 cpu_dcache_inv_range(va, rest); 1199 cpu_l2cache_inv_range(va, rest); 1200 } else if (do_inv) { 1201 cpu_dcache_wbinv_range(va, rest); 1202 cpu_l2cache_wbinv_range(va, rest); 1203 } else if (!rd_only) { 1204 cpu_dcache_wb_range(va, rest); 1205 cpu_l2cache_wb_range(va, rest); 1206 } 1207 } 1208 len -= rest; 1209 va += rest; 1210 1211 rest = MIN(PAGE_SIZE, len); 1212 } 1213 } 1214} 1215 1216static PMAP_INLINE void 1217pmap_idcache_wbinv_all(pmap_t pm) 1218{ 1219 1220 if (pmap_is_current(pm)) { 1221 cpu_idcache_wbinv_all(); 1222 cpu_l2cache_wbinv_all(); 1223 } 1224} 1225 1226#ifdef notyet 1227static PMAP_INLINE void 1228pmap_dcache_wbinv_all(pmap_t pm) 1229{ 1230 1231 if (pmap_is_current(pm)) { 1232 cpu_dcache_wbinv_all(); 1233 cpu_l2cache_wbinv_all(); 1234 } 1235} 1236#endif 1237 1238/* 1239 * PTE_SYNC_CURRENT: 1240 * 1241 * Make sure the pte is written out to RAM. 1242 * We need to do this for one of two cases: 1243 * - We're dealing with the kernel pmap 1244 * - There is no pmap active in the cache/tlb. 1245 * - The specified pmap is 'active' in the cache/tlb. 1246 */ 1247#ifdef PMAP_INCLUDE_PTE_SYNC 1248#define PTE_SYNC_CURRENT(pm, ptep) \ 1249do { \ 1250 if (PMAP_NEEDS_PTE_SYNC && \ 1251 pmap_is_current(pm)) \ 1252 PTE_SYNC(ptep); \ 1253} while (/*CONSTCOND*/0) 1254#else 1255#define PTE_SYNC_CURRENT(pm, ptep) /* nothing */ 1256#endif 1257 1258/* 1259 * cacheable == -1 means we must make the entry uncacheable, 1 means 1260 * cacheable; 1261 */ 1262static __inline void 1263pmap_set_cache_entry(pv_entry_t pv, pmap_t pm, vm_offset_t va, int cacheable) 1264{ 1265 struct l2_bucket *l2b; 1266 pt_entry_t *ptep, pte; 1267 1268 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 1269 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 1270 1271 if (cacheable == 1) { 1272 pte = (*ptep & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode; 1273 if (l2pte_valid(pte)) { 1274 if (PV_BEEN_EXECD(pv->pv_flags)) { 1275 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va); 1276 } else if (PV_BEEN_REFD(pv->pv_flags)) { 1277 pmap_tlb_flushD_SE(pv->pv_pmap, pv->pv_va); 1278 } 1279 } 1280 } else { 1281 pte = *ptep &~ L2_S_CACHE_MASK; 1282 if ((va != pv->pv_va || pm != pv->pv_pmap) && 1283 l2pte_valid(pte)) { 1284 if (PV_BEEN_EXECD(pv->pv_flags)) { 1285 pmap_idcache_wbinv_range(pv->pv_pmap, 1286 pv->pv_va, PAGE_SIZE); 1287 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va); 1288 } else if (PV_BEEN_REFD(pv->pv_flags)) { 1289 pmap_dcache_wb_range(pv->pv_pmap, 1290 pv->pv_va, PAGE_SIZE, TRUE, 1291 (pv->pv_flags & PVF_WRITE) == 0); 1292 pmap_tlb_flushD_SE(pv->pv_pmap, 1293 pv->pv_va); 1294 } 1295 } 1296 } 1297 *ptep = pte; 1298 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 1299} 1300 1301static void 1302pmap_fix_cache(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1303{ 1304 int pmwc = 0; 1305 int writable = 0, kwritable = 0, uwritable = 0; 1306 int entries = 0, kentries = 0, uentries = 0; 1307 struct pv_entry *pv; 1308 1309 rw_assert(&pvh_global_lock, RA_WLOCKED); 1310 1311 /* the cache gets written back/invalidated on context switch. 1312 * therefore, if a user page shares an entry in the same page or 1313 * with the kernel map and at least one is writable, then the 1314 * cache entry must be set write-through. 1315 */ 1316 1317 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1318 /* generate a count of the pv_entry uses */ 1319 if (pv->pv_flags & PVF_WRITE) { 1320 if (pv->pv_pmap == pmap_kernel()) 1321 kwritable++; 1322 else if (pv->pv_pmap == pm) 1323 uwritable++; 1324 writable++; 1325 } 1326 if (pv->pv_pmap == pmap_kernel()) 1327 kentries++; 1328 else { 1329 if (pv->pv_pmap == pm) 1330 uentries++; 1331 entries++; 1332 } 1333 } 1334 /* 1335 * check if the user duplicate mapping has 1336 * been removed. 1337 */ 1338 if ((pm != pmap_kernel()) && (((uentries > 1) && uwritable) || 1339 (uwritable > 1))) 1340 pmwc = 1; 1341 1342 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1343 /* check for user uncachable conditions - order is important */ 1344 if (pm != pmap_kernel() && 1345 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel())) { 1346 1347 if ((uentries > 1 && uwritable) || uwritable > 1) { 1348 1349 /* user duplicate mapping */ 1350 if (pv->pv_pmap != pmap_kernel()) 1351 pv->pv_flags |= PVF_MWC; 1352 1353 if (!(pv->pv_flags & PVF_NC)) { 1354 pv->pv_flags |= PVF_NC; 1355 pmap_set_cache_entry(pv, pm, va, -1); 1356 } 1357 continue; 1358 } else /* no longer a duplicate user */ 1359 pv->pv_flags &= ~PVF_MWC; 1360 } 1361 1362 /* 1363 * check for kernel uncachable conditions 1364 * kernel writable or kernel readable with writable user entry 1365 */ 1366 if ((kwritable && (entries || kentries > 1)) || 1367 (kwritable > 1) || 1368 ((kwritable != writable) && kentries && 1369 (pv->pv_pmap == pmap_kernel() || 1370 (pv->pv_flags & PVF_WRITE) || 1371 (pv->pv_flags & PVF_MWC)))) { 1372 1373 if (!(pv->pv_flags & PVF_NC)) { 1374 pv->pv_flags |= PVF_NC; 1375 pmap_set_cache_entry(pv, pm, va, -1); 1376 } 1377 continue; 1378 } 1379 1380 /* kernel and user are cachable */ 1381 if ((pm == pmap_kernel()) && !(pv->pv_flags & PVF_MWC) && 1382 (pv->pv_flags & PVF_NC)) { 1383 1384 pv->pv_flags &= ~PVF_NC; 1385 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 1386 pmap_set_cache_entry(pv, pm, va, 1); 1387 continue; 1388 } 1389 /* user is no longer sharable and writable */ 1390 if (pm != pmap_kernel() && 1391 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel()) && 1392 !pmwc && (pv->pv_flags & PVF_NC)) { 1393 1394 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1395 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 1396 pmap_set_cache_entry(pv, pm, va, 1); 1397 } 1398 } 1399 1400 if ((kwritable == 0) && (writable == 0)) { 1401 pg->md.pvh_attrs &= ~PVF_MOD; 1402 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1403 return; 1404 } 1405} 1406 1407/* 1408 * Modify pte bits for all ptes corresponding to the given physical address. 1409 * We use `maskbits' rather than `clearbits' because we're always passing 1410 * constants and the latter would require an extra inversion at run-time. 1411 */ 1412static int 1413pmap_clearbit(struct vm_page *pg, u_int maskbits) 1414{ 1415 struct l2_bucket *l2b; 1416 struct pv_entry *pv; 1417 pt_entry_t *ptep, npte, opte; 1418 pmap_t pm; 1419 vm_offset_t va; 1420 u_int oflags; 1421 int count = 0; 1422 1423 rw_wlock(&pvh_global_lock); 1424 1425 if (maskbits & PVF_WRITE) 1426 maskbits |= PVF_MOD; 1427 /* 1428 * Clear saved attributes (modify, reference) 1429 */ 1430 pg->md.pvh_attrs &= ~(maskbits & (PVF_MOD | PVF_REF)); 1431 1432 if (TAILQ_EMPTY(&pg->md.pv_list)) { 1433 rw_wunlock(&pvh_global_lock); 1434 return (0); 1435 } 1436 1437 /* 1438 * Loop over all current mappings setting/clearing as appropos 1439 */ 1440 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) { 1441 va = pv->pv_va; 1442 pm = pv->pv_pmap; 1443 oflags = pv->pv_flags; 1444 1445 if (!(oflags & maskbits)) { 1446 if ((maskbits & PVF_WRITE) && (pv->pv_flags & PVF_NC)) { 1447 if (pg->md.pv_memattr != 1448 VM_MEMATTR_UNCACHEABLE) { 1449 PMAP_LOCK(pm); 1450 l2b = pmap_get_l2_bucket(pm, va); 1451 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1452 *ptep |= pte_l2_s_cache_mode; 1453 PTE_SYNC(ptep); 1454 PMAP_UNLOCK(pm); 1455 } 1456 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1457 } 1458 continue; 1459 } 1460 pv->pv_flags &= ~maskbits; 1461 1462 PMAP_LOCK(pm); 1463 1464 l2b = pmap_get_l2_bucket(pm, va); 1465 1466 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1467 npte = opte = *ptep; 1468 1469 if (maskbits & (PVF_WRITE|PVF_MOD)) { 1470 if ((pv->pv_flags & PVF_NC)) { 1471 /* 1472 * Entry is not cacheable: 1473 * 1474 * Don't turn caching on again if this is a 1475 * modified emulation. This would be 1476 * inconsitent with the settings created by 1477 * pmap_fix_cache(). Otherwise, it's safe 1478 * to re-enable cacheing. 1479 * 1480 * There's no need to call pmap_fix_cache() 1481 * here: all pages are losing their write 1482 * permission. 1483 */ 1484 if (maskbits & PVF_WRITE) { 1485 if (pg->md.pv_memattr != 1486 VM_MEMATTR_UNCACHEABLE) 1487 npte |= pte_l2_s_cache_mode; 1488 pv->pv_flags &= ~(PVF_NC | PVF_MWC); 1489 } 1490 } else 1491 if (opte & L2_S_PROT_W) { 1492 vm_page_dirty(pg); 1493 /* 1494 * Entry is writable/cacheable: check if pmap 1495 * is current if it is flush it, otherwise it 1496 * won't be in the cache 1497 */ 1498 if (PV_BEEN_EXECD(oflags)) 1499 pmap_idcache_wbinv_range(pm, pv->pv_va, 1500 PAGE_SIZE); 1501 else 1502 if (PV_BEEN_REFD(oflags)) 1503 pmap_dcache_wb_range(pm, pv->pv_va, 1504 PAGE_SIZE, 1505 (maskbits & PVF_REF) ? TRUE : FALSE, 1506 FALSE); 1507 } 1508 1509 /* make the pte read only */ 1510 npte &= ~L2_S_PROT_W; 1511 } 1512 1513 if (maskbits & PVF_REF) { 1514 if ((pv->pv_flags & PVF_NC) == 0 && 1515 (maskbits & (PVF_WRITE|PVF_MOD)) == 0) { 1516 /* 1517 * Check npte here; we may have already 1518 * done the wbinv above, and the validity 1519 * of the PTE is the same for opte and 1520 * npte. 1521 */ 1522 if (npte & L2_S_PROT_W) { 1523 if (PV_BEEN_EXECD(oflags)) 1524 pmap_idcache_wbinv_range(pm, 1525 pv->pv_va, PAGE_SIZE); 1526 else 1527 if (PV_BEEN_REFD(oflags)) 1528 pmap_dcache_wb_range(pm, 1529 pv->pv_va, PAGE_SIZE, 1530 TRUE, FALSE); 1531 } else 1532 if ((npte & L2_TYPE_MASK) != L2_TYPE_INV) { 1533 /* XXXJRT need idcache_inv_range */ 1534 if (PV_BEEN_EXECD(oflags)) 1535 pmap_idcache_wbinv_range(pm, 1536 pv->pv_va, PAGE_SIZE); 1537 else 1538 if (PV_BEEN_REFD(oflags)) 1539 pmap_dcache_wb_range(pm, 1540 pv->pv_va, PAGE_SIZE, 1541 TRUE, TRUE); 1542 } 1543 } 1544 1545 /* 1546 * Make the PTE invalid so that we will take a 1547 * page fault the next time the mapping is 1548 * referenced. 1549 */ 1550 npte &= ~L2_TYPE_MASK; 1551 npte |= L2_TYPE_INV; 1552 } 1553 1554 if (npte != opte) { 1555 count++; 1556 *ptep = npte; 1557 PTE_SYNC(ptep); 1558 /* Flush the TLB entry if a current pmap. */ 1559 if (PV_BEEN_EXECD(oflags)) 1560 pmap_tlb_flushID_SE(pm, pv->pv_va); 1561 else 1562 if (PV_BEEN_REFD(oflags)) 1563 pmap_tlb_flushD_SE(pm, pv->pv_va); 1564 } 1565 1566 PMAP_UNLOCK(pm); 1567 1568 } 1569 1570 if (maskbits & PVF_WRITE) 1571 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1572 rw_wunlock(&pvh_global_lock); 1573 return (count); 1574} 1575 1576/* 1577 * main pv_entry manipulation functions: 1578 * pmap_enter_pv: enter a mapping onto a vm_page list 1579 * pmap_remove_pv: remove a mappiing from a vm_page list 1580 * 1581 * NOTE: pmap_enter_pv expects to lock the pvh itself 1582 * pmap_remove_pv expects the caller to lock the pvh before calling 1583 */ 1584 1585/* 1586 * pmap_enter_pv: enter a mapping onto a vm_page's PV list 1587 * 1588 * => caller should hold the proper lock on pvh_global_lock 1589 * => caller should have pmap locked 1590 * => we will (someday) gain the lock on the vm_page's PV list 1591 * => caller should adjust ptp's wire_count before calling 1592 * => caller should not adjust pmap's wire_count 1593 */ 1594static void 1595pmap_enter_pv(struct vm_page *pg, struct pv_entry *pve, pmap_t pm, 1596 vm_offset_t va, u_int flags) 1597{ 1598 1599 rw_assert(&pvh_global_lock, RA_WLOCKED); 1600 PMAP_ASSERT_LOCKED(pm); 1601 if (pg->md.pv_kva != 0) { 1602 pve->pv_pmap = kernel_pmap; 1603 pve->pv_va = pg->md.pv_kva; 1604 pve->pv_flags = PVF_WRITE | PVF_UNMAN; 1605 if (pm != kernel_pmap) 1606 PMAP_LOCK(kernel_pmap); 1607 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list); 1608 TAILQ_INSERT_HEAD(&kernel_pmap->pm_pvlist, pve, pv_plist); 1609 if (pm != kernel_pmap) 1610 PMAP_UNLOCK(kernel_pmap); 1611 pg->md.pv_kva = 0; 1612 if ((pve = pmap_get_pv_entry()) == NULL) 1613 panic("pmap_kenter_pv: no pv entries"); 1614 } 1615 pve->pv_pmap = pm; 1616 pve->pv_va = va; 1617 pve->pv_flags = flags; 1618 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list); 1619 TAILQ_INSERT_HEAD(&pm->pm_pvlist, pve, pv_plist); 1620 pg->md.pvh_attrs |= flags & (PVF_REF | PVF_MOD); 1621 if (pve->pv_flags & PVF_WIRED) 1622 ++pm->pm_stats.wired_count; 1623 vm_page_aflag_set(pg, PGA_REFERENCED); 1624} 1625 1626/* 1627 * 1628 * pmap_find_pv: Find a pv entry 1629 * 1630 * => caller should hold lock on vm_page 1631 */ 1632static PMAP_INLINE struct pv_entry * 1633pmap_find_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1634{ 1635 struct pv_entry *pv; 1636 1637 rw_assert(&pvh_global_lock, RA_WLOCKED); 1638 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) 1639 if (pm == pv->pv_pmap && va == pv->pv_va) 1640 break; 1641 return (pv); 1642} 1643 1644/* 1645 * vector_page_setprot: 1646 * 1647 * Manipulate the protection of the vector page. 1648 */ 1649void 1650vector_page_setprot(int prot) 1651{ 1652 struct l2_bucket *l2b; 1653 pt_entry_t *ptep; 1654 1655 l2b = pmap_get_l2_bucket(pmap_kernel(), vector_page); 1656 1657 ptep = &l2b->l2b_kva[l2pte_index(vector_page)]; 1658 1659 *ptep = (*ptep & ~L1_S_PROT_MASK) | L2_S_PROT(PTE_KERNEL, prot); 1660 PTE_SYNC(ptep); 1661 cpu_tlb_flushD_SE(vector_page); 1662 cpu_cpwait(); 1663} 1664 1665/* 1666 * pmap_remove_pv: try to remove a mapping from a pv_list 1667 * 1668 * => caller should hold proper lock on pmap_main_lock 1669 * => pmap should be locked 1670 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1671 * => caller should adjust ptp's wire_count and free PTP if needed 1672 * => caller should NOT adjust pmap's wire_count 1673 * => we return the removed pve 1674 */ 1675 1676static void 1677pmap_nuke_pv(struct vm_page *pg, pmap_t pm, struct pv_entry *pve) 1678{ 1679 1680 struct pv_entry *pv; 1681 rw_assert(&pvh_global_lock, RA_WLOCKED); 1682 PMAP_ASSERT_LOCKED(pm); 1683 TAILQ_REMOVE(&pg->md.pv_list, pve, pv_list); 1684 TAILQ_REMOVE(&pm->pm_pvlist, pve, pv_plist); 1685 if (pve->pv_flags & PVF_WIRED) 1686 --pm->pm_stats.wired_count; 1687 if (pg->md.pvh_attrs & PVF_MOD) 1688 vm_page_dirty(pg); 1689 if (TAILQ_FIRST(&pg->md.pv_list) == NULL) 1690 pg->md.pvh_attrs &= ~PVF_REF; 1691 else 1692 vm_page_aflag_set(pg, PGA_REFERENCED); 1693 if ((pve->pv_flags & PVF_NC) && ((pm == pmap_kernel()) || 1694 (pve->pv_flags & PVF_WRITE) || !(pve->pv_flags & PVF_MWC))) 1695 pmap_fix_cache(pg, pm, 0); 1696 else if (pve->pv_flags & PVF_WRITE) { 1697 TAILQ_FOREACH(pve, &pg->md.pv_list, pv_list) 1698 if (pve->pv_flags & PVF_WRITE) 1699 break; 1700 if (!pve) { 1701 pg->md.pvh_attrs &= ~PVF_MOD; 1702 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1703 } 1704 } 1705 pv = TAILQ_FIRST(&pg->md.pv_list); 1706 if (pv != NULL && (pv->pv_flags & PVF_UNMAN) && 1707 TAILQ_NEXT(pv, pv_list) == NULL) { 1708 pm = kernel_pmap; 1709 pg->md.pv_kva = pv->pv_va; 1710 /* a recursive pmap_nuke_pv */ 1711 TAILQ_REMOVE(&pg->md.pv_list, pv, pv_list); 1712 TAILQ_REMOVE(&pm->pm_pvlist, pv, pv_plist); 1713 if (pv->pv_flags & PVF_WIRED) 1714 --pm->pm_stats.wired_count; 1715 pg->md.pvh_attrs &= ~PVF_REF; 1716 pg->md.pvh_attrs &= ~PVF_MOD; 1717 vm_page_aflag_clear(pg, PGA_WRITEABLE); 1718 pmap_free_pv_entry(pv); 1719 } 1720} 1721 1722static struct pv_entry * 1723pmap_remove_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va) 1724{ 1725 struct pv_entry *pve; 1726 1727 rw_assert(&pvh_global_lock, RA_WLOCKED); 1728 pve = TAILQ_FIRST(&pg->md.pv_list); 1729 1730 while (pve) { 1731 if (pve->pv_pmap == pm && pve->pv_va == va) { /* match? */ 1732 pmap_nuke_pv(pg, pm, pve); 1733 break; 1734 } 1735 pve = TAILQ_NEXT(pve, pv_list); 1736 } 1737 1738 if (pve == NULL && pg->md.pv_kva == va) 1739 pg->md.pv_kva = 0; 1740 1741 return(pve); /* return removed pve */ 1742} 1743/* 1744 * 1745 * pmap_modify_pv: Update pv flags 1746 * 1747 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1748 * => caller should NOT adjust pmap's wire_count 1749 * => we return the old flags 1750 * 1751 * Modify a physical-virtual mapping in the pv table 1752 */ 1753static u_int 1754pmap_modify_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va, 1755 u_int clr_mask, u_int set_mask) 1756{ 1757 struct pv_entry *npv; 1758 u_int flags, oflags; 1759 1760 PMAP_ASSERT_LOCKED(pm); 1761 rw_assert(&pvh_global_lock, RA_WLOCKED); 1762 if ((npv = pmap_find_pv(pg, pm, va)) == NULL) 1763 return (0); 1764 1765 /* 1766 * There is at least one VA mapping this page. 1767 */ 1768 1769 if (clr_mask & (PVF_REF | PVF_MOD)) 1770 pg->md.pvh_attrs |= set_mask & (PVF_REF | PVF_MOD); 1771 1772 oflags = npv->pv_flags; 1773 npv->pv_flags = flags = (oflags & ~clr_mask) | set_mask; 1774 1775 if ((flags ^ oflags) & PVF_WIRED) { 1776 if (flags & PVF_WIRED) 1777 ++pm->pm_stats.wired_count; 1778 else 1779 --pm->pm_stats.wired_count; 1780 } 1781 1782 if ((flags ^ oflags) & PVF_WRITE) 1783 pmap_fix_cache(pg, pm, 0); 1784 1785 return (oflags); 1786} 1787 1788/* Function to set the debug level of the pmap code */ 1789#ifdef PMAP_DEBUG 1790void 1791pmap_debug(int level) 1792{ 1793 pmap_debug_level = level; 1794 dprintf("pmap_debug: level=%d\n", pmap_debug_level); 1795} 1796#endif /* PMAP_DEBUG */ 1797 1798void 1799pmap_pinit0(struct pmap *pmap) 1800{ 1801 PDEBUG(1, printf("pmap_pinit0: pmap = %08x\n", (u_int32_t) pmap)); 1802 1803 bcopy(kernel_pmap, pmap, sizeof(*pmap)); 1804 bzero(&pmap->pm_mtx, sizeof(pmap->pm_mtx)); 1805 PMAP_LOCK_INIT(pmap); 1806} 1807 1808/* 1809 * Initialize a vm_page's machine-dependent fields. 1810 */ 1811void 1812pmap_page_init(vm_page_t m) 1813{ 1814 1815 TAILQ_INIT(&m->md.pv_list); 1816 m->md.pv_memattr = VM_MEMATTR_DEFAULT; 1817} 1818 1819/* 1820 * Initialize the pmap module. 1821 * Called by vm_init, to initialize any structures that the pmap 1822 * system needs to map virtual memory. 1823 */ 1824void 1825pmap_init(void) 1826{ 1827 int shpgperproc = PMAP_SHPGPERPROC; 1828 1829 l2zone = uma_zcreate("L2 Table", L2_TABLE_SIZE_REAL, pmap_l2ptp_ctor, 1830 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1831 l2table_zone = uma_zcreate("L2 Table", sizeof(struct l2_dtable), NULL, 1832 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1833 1834 /* 1835 * Initialize the PV entry allocator. 1836 */ 1837 pvzone = uma_zcreate("PV ENTRY", sizeof (struct pv_entry), NULL, NULL, 1838 NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE); 1839 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc); 1840 pv_entry_max = shpgperproc * maxproc + cnt.v_page_count; 1841 uma_zone_reserve_kva(pvzone, pv_entry_max); 1842 pv_entry_high_water = 9 * (pv_entry_max / 10); 1843 1844 /* 1845 * Now it is safe to enable pv_table recording. 1846 */ 1847 PDEBUG(1, printf("pmap_init: done!\n")); 1848} 1849 1850int 1851pmap_fault_fixup(pmap_t pm, vm_offset_t va, vm_prot_t ftype, int user) 1852{ 1853 struct l2_dtable *l2; 1854 struct l2_bucket *l2b; 1855 pd_entry_t *pl1pd, l1pd; 1856 pt_entry_t *ptep, pte; 1857 vm_paddr_t pa; 1858 u_int l1idx; 1859 int rv = 0; 1860 1861 l1idx = L1_IDX(va); 1862 rw_wlock(&pvh_global_lock); 1863 PMAP_LOCK(pm); 1864 1865 /* 1866 * If there is no l2_dtable for this address, then the process 1867 * has no business accessing it. 1868 * 1869 * Note: This will catch userland processes trying to access 1870 * kernel addresses. 1871 */ 1872 l2 = pm->pm_l2[L2_IDX(l1idx)]; 1873 if (l2 == NULL) 1874 goto out; 1875 1876 /* 1877 * Likewise if there is no L2 descriptor table 1878 */ 1879 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 1880 if (l2b->l2b_kva == NULL) 1881 goto out; 1882 1883 /* 1884 * Check the PTE itself. 1885 */ 1886 ptep = &l2b->l2b_kva[l2pte_index(va)]; 1887 pte = *ptep; 1888 if (pte == 0) 1889 goto out; 1890 1891 /* 1892 * Catch a userland access to the vector page mapped at 0x0 1893 */ 1894 if (user && (pte & L2_S_PROT_U) == 0) 1895 goto out; 1896 if (va == vector_page) 1897 goto out; 1898 1899 pa = l2pte_pa(pte); 1900 1901 if ((ftype & VM_PROT_WRITE) && (pte & L2_S_PROT_W) == 0) { 1902 /* 1903 * This looks like a good candidate for "page modified" 1904 * emulation... 1905 */ 1906 struct pv_entry *pv; 1907 struct vm_page *pg; 1908 1909 /* Extract the physical address of the page */ 1910 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) { 1911 goto out; 1912 } 1913 /* Get the current flags for this page. */ 1914 1915 pv = pmap_find_pv(pg, pm, va); 1916 if (pv == NULL) { 1917 goto out; 1918 } 1919 1920 /* 1921 * Do the flags say this page is writable? If not then it 1922 * is a genuine write fault. If yes then the write fault is 1923 * our fault as we did not reflect the write access in the 1924 * PTE. Now we know a write has occurred we can correct this 1925 * and also set the modified bit 1926 */ 1927 if ((pv->pv_flags & PVF_WRITE) == 0) { 1928 goto out; 1929 } 1930 1931 pg->md.pvh_attrs |= PVF_REF | PVF_MOD; 1932 vm_page_dirty(pg); 1933 pv->pv_flags |= PVF_REF | PVF_MOD; 1934 1935 /* 1936 * Re-enable write permissions for the page. No need to call 1937 * pmap_fix_cache(), since this is just a 1938 * modified-emulation fault, and the PVF_WRITE bit isn't 1939 * changing. We've already set the cacheable bits based on 1940 * the assumption that we can write to this page. 1941 */ 1942 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO | L2_S_PROT_W; 1943 PTE_SYNC(ptep); 1944 rv = 1; 1945 } else 1946 if ((pte & L2_TYPE_MASK) == L2_TYPE_INV) { 1947 /* 1948 * This looks like a good candidate for "page referenced" 1949 * emulation. 1950 */ 1951 struct pv_entry *pv; 1952 struct vm_page *pg; 1953 1954 /* Extract the physical address of the page */ 1955 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) 1956 goto out; 1957 /* Get the current flags for this page. */ 1958 1959 pv = pmap_find_pv(pg, pm, va); 1960 if (pv == NULL) 1961 goto out; 1962 1963 pg->md.pvh_attrs |= PVF_REF; 1964 pv->pv_flags |= PVF_REF; 1965 1966 1967 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO; 1968 PTE_SYNC(ptep); 1969 rv = 1; 1970 } 1971 1972 /* 1973 * We know there is a valid mapping here, so simply 1974 * fix up the L1 if necessary. 1975 */ 1976 pl1pd = &pm->pm_l1->l1_kva[l1idx]; 1977 l1pd = l2b->l2b_phys | L1_C_DOM(pm->pm_domain) | L1_C_PROTO; 1978 if (*pl1pd != l1pd) { 1979 *pl1pd = l1pd; 1980 PTE_SYNC(pl1pd); 1981 rv = 1; 1982 } 1983 1984#ifdef CPU_SA110 1985 /* 1986 * There are bugs in the rev K SA110. This is a check for one 1987 * of them. 1988 */ 1989 if (rv == 0 && curcpu()->ci_arm_cputype == CPU_ID_SA110 && 1990 curcpu()->ci_arm_cpurev < 3) { 1991 /* Always current pmap */ 1992 if (l2pte_valid(pte)) { 1993 extern int kernel_debug; 1994 if (kernel_debug & 1) { 1995 struct proc *p = curlwp->l_proc; 1996 printf("prefetch_abort: page is already " 1997 "mapped - pte=%p *pte=%08x\n", ptep, pte); 1998 printf("prefetch_abort: pc=%08lx proc=%p " 1999 "process=%s\n", va, p, p->p_comm); 2000 printf("prefetch_abort: far=%08x fs=%x\n", 2001 cpu_faultaddress(), cpu_faultstatus()); 2002 } 2003#ifdef DDB 2004 if (kernel_debug & 2) 2005 Debugger(); 2006#endif 2007 rv = 1; 2008 } 2009 } 2010#endif /* CPU_SA110 */ 2011 2012#ifdef DEBUG 2013 /* 2014 * If 'rv == 0' at this point, it generally indicates that there is a 2015 * stale TLB entry for the faulting address. This happens when two or 2016 * more processes are sharing an L1. Since we don't flush the TLB on 2017 * a context switch between such processes, we can take domain faults 2018 * for mappings which exist at the same VA in both processes. EVEN IF 2019 * WE'VE RECENTLY FIXED UP THE CORRESPONDING L1 in pmap_enter(), for 2020 * example. 2021 * 2022 * This is extremely likely to happen if pmap_enter() updated the L1 2023 * entry for a recently entered mapping. In this case, the TLB is 2024 * flushed for the new mapping, but there may still be TLB entries for 2025 * other mappings belonging to other processes in the 1MB range 2026 * covered by the L1 entry. 2027 * 2028 * Since 'rv == 0', we know that the L1 already contains the correct 2029 * value, so the fault must be due to a stale TLB entry. 2030 * 2031 * Since we always need to flush the TLB anyway in the case where we 2032 * fixed up the L1, or frobbed the L2 PTE, we effectively deal with 2033 * stale TLB entries dynamically. 2034 * 2035 * However, the above condition can ONLY happen if the current L1 is 2036 * being shared. If it happens when the L1 is unshared, it indicates 2037 * that other parts of the pmap are not doing their job WRT managing 2038 * the TLB. 2039 */ 2040 if (rv == 0 && pm->pm_l1->l1_domain_use_count == 1) { 2041 printf("fixup: pm %p, va 0x%lx, ftype %d - nothing to do!\n", 2042 pm, (u_long)va, ftype); 2043 printf("fixup: l2 %p, l2b %p, ptep %p, pl1pd %p\n", 2044 l2, l2b, ptep, pl1pd); 2045 printf("fixup: pte 0x%x, l1pd 0x%x, last code 0x%x\n", 2046 pte, l1pd, last_fault_code); 2047#ifdef DDB 2048 Debugger(); 2049#endif 2050 } 2051#endif 2052 2053 cpu_tlb_flushID_SE(va); 2054 cpu_cpwait(); 2055 2056 rv = 1; 2057 2058out: 2059 rw_wunlock(&pvh_global_lock); 2060 PMAP_UNLOCK(pm); 2061 return (rv); 2062} 2063 2064void 2065pmap_postinit(void) 2066{ 2067 struct l2_bucket *l2b; 2068 struct l1_ttable *l1; 2069 pd_entry_t *pl1pt; 2070 pt_entry_t *ptep, pte; 2071 vm_offset_t va, eva; 2072 u_int loop, needed; 2073 2074 needed = (maxproc / PMAP_DOMAINS) + ((maxproc % PMAP_DOMAINS) ? 1 : 0); 2075 needed -= 1; 2076 l1 = malloc(sizeof(*l1) * needed, M_VMPMAP, M_WAITOK); 2077 2078 for (loop = 0; loop < needed; loop++, l1++) { 2079 /* Allocate a L1 page table */ 2080 va = (vm_offset_t)contigmalloc(L1_TABLE_SIZE, M_VMPMAP, 0, 0x0, 2081 0xffffffff, L1_TABLE_SIZE, 0); 2082 2083 if (va == 0) 2084 panic("Cannot allocate L1 KVM"); 2085 2086 eva = va + L1_TABLE_SIZE; 2087 pl1pt = (pd_entry_t *)va; 2088 2089 while (va < eva) { 2090 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2091 ptep = &l2b->l2b_kva[l2pte_index(va)]; 2092 pte = *ptep; 2093 pte = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt; 2094 *ptep = pte; 2095 PTE_SYNC(ptep); 2096 cpu_tlb_flushD_SE(va); 2097 2098 va += PAGE_SIZE; 2099 } 2100 pmap_init_l1(l1, pl1pt); 2101 } 2102 2103 2104#ifdef DEBUG 2105 printf("pmap_postinit: Allocated %d static L1 descriptor tables\n", 2106 needed); 2107#endif 2108} 2109 2110/* 2111 * This is used to stuff certain critical values into the PCB where they 2112 * can be accessed quickly from cpu_switch() et al. 2113 */ 2114void 2115pmap_set_pcb_pagedir(pmap_t pm, struct pcb *pcb) 2116{ 2117 struct l2_bucket *l2b; 2118 2119 pcb->pcb_pagedir = pm->pm_l1->l1_physaddr; 2120 pcb->pcb_dacr = (DOMAIN_CLIENT << (PMAP_DOMAIN_KERNEL * 2)) | 2121 (DOMAIN_CLIENT << (pm->pm_domain * 2)); 2122 2123 if (vector_page < KERNBASE) { 2124 pcb->pcb_pl1vec = &pm->pm_l1->l1_kva[L1_IDX(vector_page)]; 2125 l2b = pmap_get_l2_bucket(pm, vector_page); 2126 pcb->pcb_l1vec = l2b->l2b_phys | L1_C_PROTO | 2127 L1_C_DOM(pm->pm_domain) | L1_C_DOM(PMAP_DOMAIN_KERNEL); 2128 } else 2129 pcb->pcb_pl1vec = NULL; 2130} 2131 2132void 2133pmap_activate(struct thread *td) 2134{ 2135 pmap_t pm; 2136 struct pcb *pcb; 2137 2138 pm = vmspace_pmap(td->td_proc->p_vmspace); 2139 pcb = td->td_pcb; 2140 2141 critical_enter(); 2142 pmap_set_pcb_pagedir(pm, pcb); 2143 2144 if (td == curthread) { 2145 u_int cur_dacr, cur_ttb; 2146 2147 __asm __volatile("mrc p15, 0, %0, c2, c0, 0" : "=r"(cur_ttb)); 2148 __asm __volatile("mrc p15, 0, %0, c3, c0, 0" : "=r"(cur_dacr)); 2149 2150 cur_ttb &= ~(L1_TABLE_SIZE - 1); 2151 2152 if (cur_ttb == (u_int)pcb->pcb_pagedir && 2153 cur_dacr == pcb->pcb_dacr) { 2154 /* 2155 * No need to switch address spaces. 2156 */ 2157 critical_exit(); 2158 return; 2159 } 2160 2161 2162 /* 2163 * We MUST, I repeat, MUST fix up the L1 entry corresponding 2164 * to 'vector_page' in the incoming L1 table before switching 2165 * to it otherwise subsequent interrupts/exceptions (including 2166 * domain faults!) will jump into hyperspace. 2167 */ 2168 if (pcb->pcb_pl1vec) { 2169 2170 *pcb->pcb_pl1vec = pcb->pcb_l1vec; 2171 /* 2172 * Don't need to PTE_SYNC() at this point since 2173 * cpu_setttb() is about to flush both the cache 2174 * and the TLB. 2175 */ 2176 } 2177 2178 cpu_domains(pcb->pcb_dacr); 2179 cpu_setttb(pcb->pcb_pagedir); 2180 } 2181 critical_exit(); 2182} 2183 2184static int 2185pmap_set_pt_cache_mode(pd_entry_t *kl1, vm_offset_t va) 2186{ 2187 pd_entry_t *pdep, pde; 2188 pt_entry_t *ptep, pte; 2189 vm_offset_t pa; 2190 int rv = 0; 2191 2192 /* 2193 * Make sure the descriptor itself has the correct cache mode 2194 */ 2195 pdep = &kl1[L1_IDX(va)]; 2196 pde = *pdep; 2197 2198 if (l1pte_section_p(pde)) { 2199 if ((pde & L1_S_CACHE_MASK) != pte_l1_s_cache_mode_pt) { 2200 *pdep = (pde & ~L1_S_CACHE_MASK) | 2201 pte_l1_s_cache_mode_pt; 2202 PTE_SYNC(pdep); 2203 cpu_dcache_wbinv_range((vm_offset_t)pdep, 2204 sizeof(*pdep)); 2205 cpu_l2cache_wbinv_range((vm_offset_t)pdep, 2206 sizeof(*pdep)); 2207 rv = 1; 2208 } 2209 } else { 2210 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK); 2211 ptep = (pt_entry_t *)kernel_pt_lookup(pa); 2212 if (ptep == NULL) 2213 panic("pmap_bootstrap: No L2 for L2 @ va %p\n", ptep); 2214 2215 ptep = &ptep[l2pte_index(va)]; 2216 pte = *ptep; 2217 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 2218 *ptep = (pte & ~L2_S_CACHE_MASK) | 2219 pte_l2_s_cache_mode_pt; 2220 PTE_SYNC(ptep); 2221 cpu_dcache_wbinv_range((vm_offset_t)ptep, 2222 sizeof(*ptep)); 2223 cpu_l2cache_wbinv_range((vm_offset_t)ptep, 2224 sizeof(*ptep)); 2225 rv = 1; 2226 } 2227 } 2228 2229 return (rv); 2230} 2231 2232static void 2233pmap_alloc_specials(vm_offset_t *availp, int pages, vm_offset_t *vap, 2234 pt_entry_t **ptep) 2235{ 2236 vm_offset_t va = *availp; 2237 struct l2_bucket *l2b; 2238 2239 if (ptep) { 2240 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2241 if (l2b == NULL) 2242 panic("pmap_alloc_specials: no l2b for 0x%x", va); 2243 2244 *ptep = &l2b->l2b_kva[l2pte_index(va)]; 2245 } 2246 2247 *vap = va; 2248 *availp = va + (PAGE_SIZE * pages); 2249} 2250 2251/* 2252 * Bootstrap the system enough to run with virtual memory. 2253 * 2254 * On the arm this is called after mapping has already been enabled 2255 * and just syncs the pmap module with what has already been done. 2256 * [We can't call it easily with mapping off since the kernel is not 2257 * mapped with PA == VA, hence we would have to relocate every address 2258 * from the linked base (virtual) address "KERNBASE" to the actual 2259 * (physical) address starting relative to 0] 2260 */ 2261#define PMAP_STATIC_L2_SIZE 16 2262#ifdef ARM_USE_SMALL_ALLOC 2263extern struct mtx smallalloc_mtx; 2264#endif 2265 2266void 2267pmap_bootstrap(vm_offset_t firstaddr, struct pv_addr *l1pt) 2268{ 2269 static struct l1_ttable static_l1; 2270 static struct l2_dtable static_l2[PMAP_STATIC_L2_SIZE]; 2271 struct l1_ttable *l1 = &static_l1; 2272 struct l2_dtable *l2; 2273 struct l2_bucket *l2b; 2274 pd_entry_t pde; 2275 pd_entry_t *kernel_l1pt = (pd_entry_t *)l1pt->pv_va; 2276 pt_entry_t *ptep; 2277 vm_paddr_t pa; 2278 vm_offset_t va; 2279 vm_size_t size; 2280 int l1idx, l2idx, l2next = 0; 2281 2282 PDEBUG(1, printf("firstaddr = %08x, lastaddr = %08x\n", 2283 firstaddr, vm_max_kernel_address)); 2284 2285 virtual_avail = firstaddr; 2286 kernel_pmap->pm_l1 = l1; 2287 kernel_l1pa = l1pt->pv_pa; 2288 2289 /* 2290 * Scan the L1 translation table created by initarm() and create 2291 * the required metadata for all valid mappings found in it. 2292 */ 2293 for (l1idx = 0; l1idx < (L1_TABLE_SIZE / sizeof(pd_entry_t)); l1idx++) { 2294 pde = kernel_l1pt[l1idx]; 2295 2296 /* 2297 * We're only interested in Coarse mappings. 2298 * pmap_extract() can deal with section mappings without 2299 * recourse to checking L2 metadata. 2300 */ 2301 if ((pde & L1_TYPE_MASK) != L1_TYPE_C) 2302 continue; 2303 2304 /* 2305 * Lookup the KVA of this L2 descriptor table 2306 */ 2307 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK); 2308 ptep = (pt_entry_t *)kernel_pt_lookup(pa); 2309 2310 if (ptep == NULL) { 2311 panic("pmap_bootstrap: No L2 for va 0x%x, pa 0x%lx", 2312 (u_int)l1idx << L1_S_SHIFT, (long unsigned int)pa); 2313 } 2314 2315 /* 2316 * Fetch the associated L2 metadata structure. 2317 * Allocate a new one if necessary. 2318 */ 2319 if ((l2 = kernel_pmap->pm_l2[L2_IDX(l1idx)]) == NULL) { 2320 if (l2next == PMAP_STATIC_L2_SIZE) 2321 panic("pmap_bootstrap: out of static L2s"); 2322 kernel_pmap->pm_l2[L2_IDX(l1idx)] = l2 = 2323 &static_l2[l2next++]; 2324 } 2325 2326 /* 2327 * One more L1 slot tracked... 2328 */ 2329 l2->l2_occupancy++; 2330 2331 /* 2332 * Fill in the details of the L2 descriptor in the 2333 * appropriate bucket. 2334 */ 2335 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 2336 l2b->l2b_kva = ptep; 2337 l2b->l2b_phys = pa; 2338 l2b->l2b_l1idx = l1idx; 2339 2340 /* 2341 * Establish an initial occupancy count for this descriptor 2342 */ 2343 for (l2idx = 0; 2344 l2idx < (L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 2345 l2idx++) { 2346 if ((ptep[l2idx] & L2_TYPE_MASK) != L2_TYPE_INV) { 2347 l2b->l2b_occupancy++; 2348 } 2349 } 2350 2351 /* 2352 * Make sure the descriptor itself has the correct cache mode. 2353 * If not, fix it, but whine about the problem. Port-meisters 2354 * should consider this a clue to fix up their initarm() 2355 * function. :) 2356 */ 2357 if (pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)ptep)) { 2358 printf("pmap_bootstrap: WARNING! wrong cache mode for " 2359 "L2 pte @ %p\n", ptep); 2360 } 2361 } 2362 2363 2364 /* 2365 * Ensure the primary (kernel) L1 has the correct cache mode for 2366 * a page table. Bitch if it is not correctly set. 2367 */ 2368 for (va = (vm_offset_t)kernel_l1pt; 2369 va < ((vm_offset_t)kernel_l1pt + L1_TABLE_SIZE); va += PAGE_SIZE) { 2370 if (pmap_set_pt_cache_mode(kernel_l1pt, va)) 2371 printf("pmap_bootstrap: WARNING! wrong cache mode for " 2372 "primary L1 @ 0x%x\n", va); 2373 } 2374 2375 cpu_dcache_wbinv_all(); 2376 cpu_l2cache_wbinv_all(); 2377 cpu_tlb_flushID(); 2378 cpu_cpwait(); 2379 2380 PMAP_LOCK_INIT(kernel_pmap); 2381 CPU_FILL(&kernel_pmap->pm_active); 2382 kernel_pmap->pm_domain = PMAP_DOMAIN_KERNEL; 2383 TAILQ_INIT(&kernel_pmap->pm_pvlist); 2384 2385 /* 2386 * Initialize the global pv list lock. 2387 */ 2388 rw_init_flags(&pvh_global_lock, "pmap pv global", RW_RECURSE); 2389 2390 /* 2391 * Reserve some special page table entries/VA space for temporary 2392 * mapping of pages. 2393 */ 2394#define SYSMAP(c, p, v, n) \ 2395 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n); 2396 2397 pmap_alloc_specials(&virtual_avail, 1, &csrcp, &csrc_pte); 2398 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)csrc_pte); 2399 pmap_alloc_specials(&virtual_avail, 1, &cdstp, &cdst_pte); 2400 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)cdst_pte); 2401 size = ((vm_max_kernel_address - pmap_curmaxkvaddr) + L1_S_OFFSET) / 2402 L1_S_SIZE; 2403 pmap_alloc_specials(&virtual_avail, 2404 round_page(size * L2_TABLE_SIZE_REAL) / PAGE_SIZE, 2405 &pmap_kernel_l2ptp_kva, NULL); 2406 2407 size = (size + (L2_BUCKET_SIZE - 1)) / L2_BUCKET_SIZE; 2408 pmap_alloc_specials(&virtual_avail, 2409 round_page(size * sizeof(struct l2_dtable)) / PAGE_SIZE, 2410 &pmap_kernel_l2dtable_kva, NULL); 2411 2412 pmap_alloc_specials(&virtual_avail, 2413 1, (vm_offset_t*)&_tmppt, NULL); 2414 pmap_alloc_specials(&virtual_avail, 2415 MAXDUMPPGS, (vm_offset_t *)&crashdumpmap, NULL); 2416 SLIST_INIT(&l1_list); 2417 TAILQ_INIT(&l1_lru_list); 2418 mtx_init(&l1_lru_lock, "l1 list lock", NULL, MTX_DEF); 2419 pmap_init_l1(l1, kernel_l1pt); 2420 cpu_dcache_wbinv_all(); 2421 cpu_l2cache_wbinv_all(); 2422 2423 virtual_avail = round_page(virtual_avail); 2424 virtual_end = vm_max_kernel_address; 2425 kernel_vm_end = pmap_curmaxkvaddr; 2426 mtx_init(&cmtx, "TMP mappings mtx", NULL, MTX_DEF); 2427 2428#ifdef ARM_USE_SMALL_ALLOC 2429 mtx_init(&smallalloc_mtx, "Small alloc page list", NULL, MTX_DEF); 2430 arm_init_smallalloc(); 2431#endif 2432 pmap_set_pcb_pagedir(kernel_pmap, thread0.td_pcb); 2433} 2434 2435/*************************************************** 2436 * Pmap allocation/deallocation routines. 2437 ***************************************************/ 2438 2439/* 2440 * Release any resources held by the given physical map. 2441 * Called when a pmap initialized by pmap_pinit is being released. 2442 * Should only be called if the map contains no valid mappings. 2443 */ 2444void 2445pmap_release(pmap_t pmap) 2446{ 2447 struct pcb *pcb; 2448 2449 pmap_idcache_wbinv_all(pmap); 2450 cpu_l2cache_wbinv_all(); 2451 pmap_tlb_flushID(pmap); 2452 cpu_cpwait(); 2453 if (vector_page < KERNBASE) { 2454 struct pcb *curpcb = PCPU_GET(curpcb); 2455 pcb = thread0.td_pcb; 2456 if (pmap_is_current(pmap)) { 2457 /* 2458 * Frob the L1 entry corresponding to the vector 2459 * page so that it contains the kernel pmap's domain 2460 * number. This will ensure pmap_remove() does not 2461 * pull the current vector page out from under us. 2462 */ 2463 critical_enter(); 2464 *pcb->pcb_pl1vec = pcb->pcb_l1vec; 2465 cpu_domains(pcb->pcb_dacr); 2466 cpu_setttb(pcb->pcb_pagedir); 2467 critical_exit(); 2468 } 2469 pmap_remove(pmap, vector_page, vector_page + PAGE_SIZE); 2470 /* 2471 * Make sure cpu_switch(), et al, DTRT. This is safe to do 2472 * since this process has no remaining mappings of its own. 2473 */ 2474 curpcb->pcb_pl1vec = pcb->pcb_pl1vec; 2475 curpcb->pcb_l1vec = pcb->pcb_l1vec; 2476 curpcb->pcb_dacr = pcb->pcb_dacr; 2477 curpcb->pcb_pagedir = pcb->pcb_pagedir; 2478 2479 } 2480 pmap_free_l1(pmap); 2481 2482 dprintf("pmap_release()\n"); 2483} 2484 2485 2486 2487/* 2488 * Helper function for pmap_grow_l2_bucket() 2489 */ 2490static __inline int 2491pmap_grow_map(vm_offset_t va, pt_entry_t cache_mode, vm_paddr_t *pap) 2492{ 2493 struct l2_bucket *l2b; 2494 pt_entry_t *ptep; 2495 vm_paddr_t pa; 2496 struct vm_page *pg; 2497 2498 pg = vm_page_alloc(NULL, 0, VM_ALLOC_NOOBJ | VM_ALLOC_WIRED); 2499 if (pg == NULL) 2500 return (1); 2501 pa = VM_PAGE_TO_PHYS(pg); 2502 2503 if (pap) 2504 *pap = pa; 2505 2506 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2507 2508 ptep = &l2b->l2b_kva[l2pte_index(va)]; 2509 *ptep = L2_S_PROTO | pa | cache_mode | 2510 L2_S_PROT(PTE_KERNEL, VM_PROT_READ | VM_PROT_WRITE); 2511 PTE_SYNC(ptep); 2512 return (0); 2513} 2514 2515/* 2516 * This is the same as pmap_alloc_l2_bucket(), except that it is only 2517 * used by pmap_growkernel(). 2518 */ 2519static __inline struct l2_bucket * 2520pmap_grow_l2_bucket(pmap_t pm, vm_offset_t va) 2521{ 2522 struct l2_dtable *l2; 2523 struct l2_bucket *l2b; 2524 struct l1_ttable *l1; 2525 pd_entry_t *pl1pd; 2526 u_short l1idx; 2527 vm_offset_t nva; 2528 2529 l1idx = L1_IDX(va); 2530 2531 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) { 2532 /* 2533 * No mapping at this address, as there is 2534 * no entry in the L1 table. 2535 * Need to allocate a new l2_dtable. 2536 */ 2537 nva = pmap_kernel_l2dtable_kva; 2538 if ((nva & PAGE_MASK) == 0) { 2539 /* 2540 * Need to allocate a backing page 2541 */ 2542 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL)) 2543 return (NULL); 2544 } 2545 2546 l2 = (struct l2_dtable *)nva; 2547 nva += sizeof(struct l2_dtable); 2548 2549 if ((nva & PAGE_MASK) < (pmap_kernel_l2dtable_kva & 2550 PAGE_MASK)) { 2551 /* 2552 * The new l2_dtable straddles a page boundary. 2553 * Map in another page to cover it. 2554 */ 2555 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL)) 2556 return (NULL); 2557 } 2558 2559 pmap_kernel_l2dtable_kva = nva; 2560 2561 /* 2562 * Link it into the parent pmap 2563 */ 2564 pm->pm_l2[L2_IDX(l1idx)] = l2; 2565 memset(l2, 0, sizeof(*l2)); 2566 } 2567 2568 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)]; 2569 2570 /* 2571 * Fetch pointer to the L2 page table associated with the address. 2572 */ 2573 if (l2b->l2b_kva == NULL) { 2574 pt_entry_t *ptep; 2575 2576 /* 2577 * No L2 page table has been allocated. Chances are, this 2578 * is because we just allocated the l2_dtable, above. 2579 */ 2580 nva = pmap_kernel_l2ptp_kva; 2581 ptep = (pt_entry_t *)nva; 2582 if ((nva & PAGE_MASK) == 0) { 2583 /* 2584 * Need to allocate a backing page 2585 */ 2586 if (pmap_grow_map(nva, pte_l2_s_cache_mode_pt, 2587 &pmap_kernel_l2ptp_phys)) 2588 return (NULL); 2589 PTE_SYNC_RANGE(ptep, PAGE_SIZE / sizeof(pt_entry_t)); 2590 } 2591 memset(ptep, 0, L2_TABLE_SIZE_REAL); 2592 l2->l2_occupancy++; 2593 l2b->l2b_kva = ptep; 2594 l2b->l2b_l1idx = l1idx; 2595 l2b->l2b_phys = pmap_kernel_l2ptp_phys; 2596 2597 pmap_kernel_l2ptp_kva += L2_TABLE_SIZE_REAL; 2598 pmap_kernel_l2ptp_phys += L2_TABLE_SIZE_REAL; 2599 } 2600 2601 /* Distribute new L1 entry to all other L1s */ 2602 SLIST_FOREACH(l1, &l1_list, l1_link) { 2603 pl1pd = &l1->l1_kva[L1_IDX(va)]; 2604 *pl1pd = l2b->l2b_phys | L1_C_DOM(PMAP_DOMAIN_KERNEL) | 2605 L1_C_PROTO; 2606 PTE_SYNC(pl1pd); 2607 } 2608 2609 return (l2b); 2610} 2611 2612 2613/* 2614 * grow the number of kernel page table entries, if needed 2615 */ 2616void 2617pmap_growkernel(vm_offset_t addr) 2618{ 2619 pmap_t kpm = pmap_kernel(); 2620 2621 if (addr <= pmap_curmaxkvaddr) 2622 return; /* we are OK */ 2623 2624 /* 2625 * whoops! we need to add kernel PTPs 2626 */ 2627 2628 /* Map 1MB at a time */ 2629 for (; pmap_curmaxkvaddr < addr; pmap_curmaxkvaddr += L1_S_SIZE) 2630 pmap_grow_l2_bucket(kpm, pmap_curmaxkvaddr); 2631 2632 /* 2633 * flush out the cache, expensive but growkernel will happen so 2634 * rarely 2635 */ 2636 cpu_dcache_wbinv_all(); 2637 cpu_l2cache_wbinv_all(); 2638 cpu_tlb_flushD(); 2639 cpu_cpwait(); 2640 kernel_vm_end = pmap_curmaxkvaddr; 2641} 2642 2643 2644/* 2645 * Remove all pages from specified address space 2646 * this aids process exit speeds. Also, this code 2647 * is special cased for current process only, but 2648 * can have the more generic (and slightly slower) 2649 * mode enabled. This is much faster than pmap_remove 2650 * in the case of running down an entire address space. 2651 */ 2652void 2653pmap_remove_pages(pmap_t pmap) 2654{ 2655 struct pv_entry *pv, *npv; 2656 struct l2_bucket *l2b = NULL; 2657 vm_page_t m; 2658 pt_entry_t *pt; 2659 2660 rw_wlock(&pvh_global_lock); 2661 PMAP_LOCK(pmap); 2662 cpu_idcache_wbinv_all(); 2663 cpu_l2cache_wbinv_all(); 2664 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) { 2665 if (pv->pv_flags & PVF_WIRED || pv->pv_flags & PVF_UNMAN) { 2666 /* Cannot remove wired or unmanaged pages now. */ 2667 npv = TAILQ_NEXT(pv, pv_plist); 2668 continue; 2669 } 2670 pmap->pm_stats.resident_count--; 2671 l2b = pmap_get_l2_bucket(pmap, pv->pv_va); 2672 KASSERT(l2b != NULL, ("No L2 bucket in pmap_remove_pages")); 2673 pt = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 2674 m = PHYS_TO_VM_PAGE(*pt & L2_ADDR_MASK); 2675#ifdef ARM_USE_SMALL_ALLOC 2676 KASSERT((vm_offset_t)m >= alloc_firstaddr, ("Trying to access non-existent page va %x pte %x", pv->pv_va, *pt)); 2677#else 2678 KASSERT((vm_offset_t)m >= KERNBASE, ("Trying to access non-existent page va %x pte %x", pv->pv_va, *pt)); 2679#endif 2680 *pt = 0; 2681 PTE_SYNC(pt); 2682 npv = TAILQ_NEXT(pv, pv_plist); 2683 pmap_nuke_pv(m, pmap, pv); 2684 if (TAILQ_EMPTY(&m->md.pv_list)) 2685 vm_page_aflag_clear(m, PGA_WRITEABLE); 2686 pmap_free_pv_entry(pv); 2687 pmap_free_l2_bucket(pmap, l2b, 1); 2688 } 2689 rw_wunlock(&pvh_global_lock); 2690 cpu_tlb_flushID(); 2691 cpu_cpwait(); 2692 PMAP_UNLOCK(pmap); 2693} 2694 2695 2696/*************************************************** 2697 * Low level mapping routines..... 2698 ***************************************************/ 2699 2700#ifdef ARM_HAVE_SUPERSECTIONS 2701/* Map a super section into the KVA. */ 2702 2703void 2704pmap_kenter_supersection(vm_offset_t va, uint64_t pa, int flags) 2705{ 2706 pd_entry_t pd = L1_S_PROTO | L1_S_SUPERSEC | (pa & L1_SUP_FRAME) | 2707 (((pa >> 32) & 0xf) << 20) | L1_S_PROT(PTE_KERNEL, 2708 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL); 2709 struct l1_ttable *l1; 2710 vm_offset_t va0, va_end; 2711 2712 KASSERT(((va | pa) & L1_SUP_OFFSET) == 0, 2713 ("Not a valid super section mapping")); 2714 if (flags & SECTION_CACHE) 2715 pd |= pte_l1_s_cache_mode; 2716 else if (flags & SECTION_PT) 2717 pd |= pte_l1_s_cache_mode_pt; 2718 va0 = va & L1_SUP_FRAME; 2719 va_end = va + L1_SUP_SIZE; 2720 SLIST_FOREACH(l1, &l1_list, l1_link) { 2721 va = va0; 2722 for (; va < va_end; va += L1_S_SIZE) { 2723 l1->l1_kva[L1_IDX(va)] = pd; 2724 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]); 2725 } 2726 } 2727} 2728#endif 2729 2730/* Map a section into the KVA. */ 2731 2732void 2733pmap_kenter_section(vm_offset_t va, vm_offset_t pa, int flags) 2734{ 2735 pd_entry_t pd = L1_S_PROTO | pa | L1_S_PROT(PTE_KERNEL, 2736 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL); 2737 struct l1_ttable *l1; 2738 2739 KASSERT(((va | pa) & L1_S_OFFSET) == 0, 2740 ("Not a valid section mapping")); 2741 if (flags & SECTION_CACHE) 2742 pd |= pte_l1_s_cache_mode; 2743 else if (flags & SECTION_PT) 2744 pd |= pte_l1_s_cache_mode_pt; 2745 SLIST_FOREACH(l1, &l1_list, l1_link) { 2746 l1->l1_kva[L1_IDX(va)] = pd; 2747 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]); 2748 } 2749} 2750 2751/* 2752 * Make a temporary mapping for a physical address. This is only intended 2753 * to be used for panic dumps. 2754 */ 2755void * 2756pmap_kenter_temp(vm_paddr_t pa, int i) 2757{ 2758 vm_offset_t va; 2759 2760 va = (vm_offset_t)crashdumpmap + (i * PAGE_SIZE); 2761 pmap_kenter(va, pa); 2762 return ((void *)crashdumpmap); 2763} 2764 2765/* 2766 * add a wired page to the kva 2767 * note that in order for the mapping to take effect -- you 2768 * should do a invltlb after doing the pmap_kenter... 2769 */ 2770static PMAP_INLINE void 2771pmap_kenter_internal(vm_offset_t va, vm_offset_t pa, int flags) 2772{ 2773 struct l2_bucket *l2b; 2774 pt_entry_t *pte; 2775 pt_entry_t opte; 2776 struct pv_entry *pve; 2777 vm_page_t m; 2778 2779 PDEBUG(1, printf("pmap_kenter: va = %08x, pa = %08x\n", 2780 (uint32_t) va, (uint32_t) pa)); 2781 2782 2783 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2784 if (l2b == NULL) 2785 l2b = pmap_grow_l2_bucket(pmap_kernel(), va); 2786 KASSERT(l2b != NULL, ("No L2 Bucket")); 2787 pte = &l2b->l2b_kva[l2pte_index(va)]; 2788 opte = *pte; 2789 PDEBUG(1, printf("pmap_kenter: pte = %08x, opte = %08x, npte = %08x\n", 2790 (uint32_t) pte, opte, *pte)); 2791 if (l2pte_valid(opte)) { 2792 pmap_kremove(va); 2793 } else { 2794 if (opte == 0) 2795 l2b->l2b_occupancy++; 2796 } 2797 *pte = L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, 2798 VM_PROT_READ | VM_PROT_WRITE); 2799 if (flags & KENTER_CACHE) 2800 *pte |= pte_l2_s_cache_mode; 2801 if (flags & KENTER_USER) 2802 *pte |= L2_S_PROT_U; 2803 PTE_SYNC(pte); 2804 2805 /* 2806 * A kernel mapping may not be the page's only mapping, so create a PV 2807 * entry to ensure proper caching. 2808 * 2809 * The existence test for the pvzone is used to delay the recording of 2810 * kernel mappings until the VM system is fully initialized. 2811 * 2812 * This expects the physical memory to have a vm_page_array entry. 2813 */ 2814 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) != NULL) { 2815 rw_wlock(&pvh_global_lock); 2816 if (!TAILQ_EMPTY(&m->md.pv_list) || m->md.pv_kva != 0) { 2817 if ((pve = pmap_get_pv_entry()) == NULL) 2818 panic("pmap_kenter_internal: no pv entries"); 2819 PMAP_LOCK(pmap_kernel()); 2820 pmap_enter_pv(m, pve, pmap_kernel(), va, 2821 PVF_WRITE | PVF_UNMAN); 2822 pmap_fix_cache(m, pmap_kernel(), va); 2823 PMAP_UNLOCK(pmap_kernel()); 2824 } else { 2825 m->md.pv_kva = va; 2826 } 2827 rw_wunlock(&pvh_global_lock); 2828 } 2829} 2830 2831void 2832pmap_kenter(vm_offset_t va, vm_paddr_t pa) 2833{ 2834 pmap_kenter_internal(va, pa, KENTER_CACHE); 2835} 2836 2837void 2838pmap_kenter_nocache(vm_offset_t va, vm_paddr_t pa) 2839{ 2840 2841 pmap_kenter_internal(va, pa, 0); 2842} 2843 2844void 2845pmap_kenter_device(vm_offset_t va, vm_paddr_t pa) 2846{ 2847 2848 /* 2849 * XXX - Need a way for kenter_internal to handle PTE_DEVICE mapping as 2850 * a potentially different thing than PTE_NOCACHE. 2851 */ 2852 pmap_kenter_internal(va, pa, 0); 2853} 2854 2855void 2856pmap_kenter_user(vm_offset_t va, vm_paddr_t pa) 2857{ 2858 2859 pmap_kenter_internal(va, pa, KENTER_CACHE|KENTER_USER); 2860 /* 2861 * Call pmap_fault_fixup now, to make sure we'll have no exception 2862 * at the first use of the new address, or bad things will happen, 2863 * as we use one of these addresses in the exception handlers. 2864 */ 2865 pmap_fault_fixup(pmap_kernel(), va, VM_PROT_READ|VM_PROT_WRITE, 1); 2866} 2867 2868vm_paddr_t 2869pmap_kextract(vm_offset_t va) 2870{ 2871 2872 return (pmap_extract_locked(kernel_pmap, va)); 2873} 2874 2875/* 2876 * remove a page from the kernel pagetables 2877 */ 2878void 2879pmap_kremove(vm_offset_t va) 2880{ 2881 struct l2_bucket *l2b; 2882 pt_entry_t *pte, opte; 2883 struct pv_entry *pve; 2884 vm_page_t m; 2885 vm_offset_t pa; 2886 2887 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 2888 if (!l2b) 2889 return; 2890 KASSERT(l2b != NULL, ("No L2 Bucket")); 2891 pte = &l2b->l2b_kva[l2pte_index(va)]; 2892 opte = *pte; 2893 if (l2pte_valid(opte)) { 2894 /* pa = vtophs(va) taken from pmap_extract() */ 2895 switch (opte & L2_TYPE_MASK) { 2896 case L2_TYPE_L: 2897 pa = (opte & L2_L_FRAME) | (va & L2_L_OFFSET); 2898 break; 2899 default: 2900 pa = (opte & L2_S_FRAME) | (va & L2_S_OFFSET); 2901 break; 2902 } 2903 /* note: should never have to remove an allocation 2904 * before the pvzone is initialized. 2905 */ 2906 rw_wlock(&pvh_global_lock); 2907 PMAP_LOCK(pmap_kernel()); 2908 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) && 2909 (pve = pmap_remove_pv(m, pmap_kernel(), va))) 2910 pmap_free_pv_entry(pve); 2911 PMAP_UNLOCK(pmap_kernel()); 2912 rw_wunlock(&pvh_global_lock); 2913 va = va & ~PAGE_MASK; 2914 cpu_dcache_wbinv_range(va, PAGE_SIZE); 2915 cpu_l2cache_wbinv_range(va, PAGE_SIZE); 2916 cpu_tlb_flushD_SE(va); 2917 cpu_cpwait(); 2918 *pte = 0; 2919 } 2920} 2921 2922 2923/* 2924 * Used to map a range of physical addresses into kernel 2925 * virtual address space. 2926 * 2927 * The value passed in '*virt' is a suggested virtual address for 2928 * the mapping. Architectures which can support a direct-mapped 2929 * physical to virtual region can return the appropriate address 2930 * within that region, leaving '*virt' unchanged. Other 2931 * architectures should map the pages starting at '*virt' and 2932 * update '*virt' with the first usable address after the mapped 2933 * region. 2934 */ 2935vm_offset_t 2936pmap_map(vm_offset_t *virt, vm_offset_t start, vm_offset_t end, int prot) 2937{ 2938#ifdef ARM_USE_SMALL_ALLOC 2939 return (arm_ptovirt(start)); 2940#else 2941 vm_offset_t sva = *virt; 2942 vm_offset_t va = sva; 2943 2944 PDEBUG(1, printf("pmap_map: virt = %08x, start = %08x, end = %08x, " 2945 "prot = %d\n", (uint32_t) *virt, (uint32_t) start, (uint32_t) end, 2946 prot)); 2947 2948 while (start < end) { 2949 pmap_kenter(va, start); 2950 va += PAGE_SIZE; 2951 start += PAGE_SIZE; 2952 } 2953 *virt = va; 2954 return (sva); 2955#endif 2956} 2957 2958static void 2959pmap_wb_page(vm_page_t m) 2960{ 2961 struct pv_entry *pv; 2962 2963 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 2964 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, FALSE, 2965 (pv->pv_flags & PVF_WRITE) == 0); 2966} 2967 2968static void 2969pmap_inv_page(vm_page_t m) 2970{ 2971 struct pv_entry *pv; 2972 2973 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 2974 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, TRUE, TRUE); 2975} 2976/* 2977 * Add a list of wired pages to the kva 2978 * this routine is only used for temporary 2979 * kernel mappings that do not need to have 2980 * page modification or references recorded. 2981 * Note that old mappings are simply written 2982 * over. The page *must* be wired. 2983 */ 2984void 2985pmap_qenter(vm_offset_t va, vm_page_t *m, int count) 2986{ 2987 int i; 2988 2989 for (i = 0; i < count; i++) { 2990 pmap_wb_page(m[i]); 2991 pmap_kenter_internal(va, VM_PAGE_TO_PHYS(m[i]), 2992 KENTER_CACHE); 2993 va += PAGE_SIZE; 2994 } 2995} 2996 2997 2998/* 2999 * this routine jerks page mappings from the 3000 * kernel -- it is meant only for temporary mappings. 3001 */ 3002void 3003pmap_qremove(vm_offset_t va, int count) 3004{ 3005 vm_paddr_t pa; 3006 int i; 3007 3008 for (i = 0; i < count; i++) { 3009 pa = vtophys(va); 3010 if (pa) { 3011 pmap_inv_page(PHYS_TO_VM_PAGE(pa)); 3012 pmap_kremove(va); 3013 } 3014 va += PAGE_SIZE; 3015 } 3016} 3017 3018 3019/* 3020 * pmap_object_init_pt preloads the ptes for a given object 3021 * into the specified pmap. This eliminates the blast of soft 3022 * faults on process startup and immediately after an mmap. 3023 */ 3024void 3025pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_object_t object, 3026 vm_pindex_t pindex, vm_size_t size) 3027{ 3028 3029 VM_OBJECT_ASSERT_WLOCKED(object); 3030 KASSERT(object->type == OBJT_DEVICE || object->type == OBJT_SG, 3031 ("pmap_object_init_pt: non-device object")); 3032} 3033 3034 3035/* 3036 * pmap_is_prefaultable: 3037 * 3038 * Return whether or not the specified virtual address is elgible 3039 * for prefault. 3040 */ 3041boolean_t 3042pmap_is_prefaultable(pmap_t pmap, vm_offset_t addr) 3043{ 3044 pd_entry_t *pde; 3045 pt_entry_t *pte; 3046 3047 if (!pmap_get_pde_pte(pmap, addr, &pde, &pte)) 3048 return (FALSE); 3049 KASSERT(pte != NULL, ("Valid mapping but no pte ?")); 3050 if (*pte == 0) 3051 return (TRUE); 3052 return (FALSE); 3053} 3054 3055/* 3056 * Fetch pointers to the PDE/PTE for the given pmap/VA pair. 3057 * Returns TRUE if the mapping exists, else FALSE. 3058 * 3059 * NOTE: This function is only used by a couple of arm-specific modules. 3060 * It is not safe to take any pmap locks here, since we could be right 3061 * in the middle of debugging the pmap anyway... 3062 * 3063 * It is possible for this routine to return FALSE even though a valid 3064 * mapping does exist. This is because we don't lock, so the metadata 3065 * state may be inconsistent. 3066 * 3067 * NOTE: We can return a NULL *ptp in the case where the L1 pde is 3068 * a "section" mapping. 3069 */ 3070boolean_t 3071pmap_get_pde_pte(pmap_t pm, vm_offset_t va, pd_entry_t **pdp, pt_entry_t **ptp) 3072{ 3073 struct l2_dtable *l2; 3074 pd_entry_t *pl1pd, l1pd; 3075 pt_entry_t *ptep; 3076 u_short l1idx; 3077 3078 if (pm->pm_l1 == NULL) 3079 return (FALSE); 3080 3081 l1idx = L1_IDX(va); 3082 *pdp = pl1pd = &pm->pm_l1->l1_kva[l1idx]; 3083 l1pd = *pl1pd; 3084 3085 if (l1pte_section_p(l1pd)) { 3086 *ptp = NULL; 3087 return (TRUE); 3088 } 3089 3090 if (pm->pm_l2 == NULL) 3091 return (FALSE); 3092 3093 l2 = pm->pm_l2[L2_IDX(l1idx)]; 3094 3095 if (l2 == NULL || 3096 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) { 3097 return (FALSE); 3098 } 3099 3100 *ptp = &ptep[l2pte_index(va)]; 3101 return (TRUE); 3102} 3103 3104/* 3105 * Routine: pmap_remove_all 3106 * Function: 3107 * Removes this physical page from 3108 * all physical maps in which it resides. 3109 * Reflects back modify bits to the pager. 3110 * 3111 * Notes: 3112 * Original versions of this routine were very 3113 * inefficient because they iteratively called 3114 * pmap_remove (slow...) 3115 */ 3116void 3117pmap_remove_all(vm_page_t m) 3118{ 3119 pv_entry_t pv; 3120 pt_entry_t *ptep; 3121 struct l2_bucket *l2b; 3122 boolean_t flush = FALSE; 3123 pmap_t curpm; 3124 int flags = 0; 3125 3126 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 3127 ("pmap_remove_all: page %p is not managed", m)); 3128 if (TAILQ_EMPTY(&m->md.pv_list)) 3129 return; 3130 rw_wlock(&pvh_global_lock); 3131 pmap_remove_write(m); 3132 curpm = vmspace_pmap(curproc->p_vmspace); 3133 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) { 3134 if (flush == FALSE && (pv->pv_pmap == curpm || 3135 pv->pv_pmap == pmap_kernel())) 3136 flush = TRUE; 3137 3138 PMAP_LOCK(pv->pv_pmap); 3139 /* 3140 * Cached contents were written-back in pmap_remove_write(), 3141 * but we still have to invalidate the cache entry to make 3142 * sure stale data are not retrieved when another page will be 3143 * mapped under this virtual address. 3144 */ 3145 if (pmap_is_current(pv->pv_pmap)) { 3146 cpu_dcache_inv_range(pv->pv_va, PAGE_SIZE); 3147 if (pmap_has_valid_mapping(pv->pv_pmap, pv->pv_va)) 3148 cpu_l2cache_inv_range(pv->pv_va, PAGE_SIZE); 3149 } 3150 3151 if (pv->pv_flags & PVF_UNMAN) { 3152 /* remove the pv entry, but do not remove the mapping 3153 * and remember this is a kernel mapped page 3154 */ 3155 m->md.pv_kva = pv->pv_va; 3156 } else { 3157 /* remove the mapping and pv entry */ 3158 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 3159 KASSERT(l2b != NULL, ("No l2 bucket")); 3160 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 3161 *ptep = 0; 3162 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 3163 pmap_free_l2_bucket(pv->pv_pmap, l2b, 1); 3164 pv->pv_pmap->pm_stats.resident_count--; 3165 flags |= pv->pv_flags; 3166 } 3167 pmap_nuke_pv(m, pv->pv_pmap, pv); 3168 PMAP_UNLOCK(pv->pv_pmap); 3169 pmap_free_pv_entry(pv); 3170 } 3171 3172 if (flush) { 3173 if (PV_BEEN_EXECD(flags)) 3174 pmap_tlb_flushID(curpm); 3175 else 3176 pmap_tlb_flushD(curpm); 3177 } 3178 vm_page_aflag_clear(m, PGA_WRITEABLE); 3179 rw_wunlock(&pvh_global_lock); 3180} 3181 3182 3183/* 3184 * Set the physical protection on the 3185 * specified range of this map as requested. 3186 */ 3187void 3188pmap_protect(pmap_t pm, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot) 3189{ 3190 struct l2_bucket *l2b; 3191 pt_entry_t *ptep, pte; 3192 vm_offset_t next_bucket; 3193 u_int flags; 3194 int flush; 3195 3196 CTR4(KTR_PMAP, "pmap_protect: pmap %p sva 0x%08x eva 0x%08x prot %x", 3197 pm, sva, eva, prot); 3198 3199 if ((prot & VM_PROT_READ) == 0) { 3200 pmap_remove(pm, sva, eva); 3201 return; 3202 } 3203 3204 if (prot & VM_PROT_WRITE) { 3205 /* 3206 * If this is a read->write transition, just ignore it and let 3207 * vm_fault() take care of it later. 3208 */ 3209 return; 3210 } 3211 3212 rw_wlock(&pvh_global_lock); 3213 PMAP_LOCK(pm); 3214 3215 /* 3216 * OK, at this point, we know we're doing write-protect operation. 3217 * If the pmap is active, write-back the range. 3218 */ 3219 pmap_dcache_wb_range(pm, sva, eva - sva, FALSE, FALSE); 3220 3221 flush = ((eva - sva) >= (PAGE_SIZE * 4)) ? 0 : -1; 3222 flags = 0; 3223 3224 while (sva < eva) { 3225 next_bucket = L2_NEXT_BUCKET(sva); 3226 if (next_bucket > eva) 3227 next_bucket = eva; 3228 3229 l2b = pmap_get_l2_bucket(pm, sva); 3230 if (l2b == NULL) { 3231 sva = next_bucket; 3232 continue; 3233 } 3234 3235 ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3236 3237 while (sva < next_bucket) { 3238 if ((pte = *ptep) != 0 && (pte & L2_S_PROT_W) != 0) { 3239 struct vm_page *pg; 3240 u_int f; 3241 3242 pg = PHYS_TO_VM_PAGE(l2pte_pa(pte)); 3243 pte &= ~L2_S_PROT_W; 3244 *ptep = pte; 3245 PTE_SYNC(ptep); 3246 3247 if (!(pg->oflags & VPO_UNMANAGED)) { 3248 f = pmap_modify_pv(pg, pm, sva, 3249 PVF_WRITE, 0); 3250 if (f & PVF_WRITE) 3251 vm_page_dirty(pg); 3252 } else 3253 f = 0; 3254 3255 if (flush >= 0) { 3256 flush++; 3257 flags |= f; 3258 } else 3259 if (PV_BEEN_EXECD(f)) 3260 pmap_tlb_flushID_SE(pm, sva); 3261 else 3262 if (PV_BEEN_REFD(f)) 3263 pmap_tlb_flushD_SE(pm, sva); 3264 } 3265 3266 sva += PAGE_SIZE; 3267 ptep++; 3268 } 3269 } 3270 3271 3272 if (flush) { 3273 if (PV_BEEN_EXECD(flags)) 3274 pmap_tlb_flushID(pm); 3275 else 3276 if (PV_BEEN_REFD(flags)) 3277 pmap_tlb_flushD(pm); 3278 } 3279 rw_wunlock(&pvh_global_lock); 3280 3281 PMAP_UNLOCK(pm); 3282} 3283 3284 3285/* 3286 * Insert the given physical page (p) at 3287 * the specified virtual address (v) in the 3288 * target physical map with the protection requested. 3289 * 3290 * If specified, the page will be wired down, meaning 3291 * that the related pte can not be reclaimed. 3292 * 3293 * NB: This is the only routine which MAY NOT lazy-evaluate 3294 * or lose information. That is, this routine must actually 3295 * insert this page into the given map NOW. 3296 */ 3297 3298void 3299pmap_enter(pmap_t pmap, vm_offset_t va, vm_prot_t access, vm_page_t m, 3300 vm_prot_t prot, boolean_t wired) 3301{ 3302 3303 rw_wlock(&pvh_global_lock); 3304 PMAP_LOCK(pmap); 3305 pmap_enter_locked(pmap, va, m, prot, wired, M_WAITOK); 3306 rw_wunlock(&pvh_global_lock); 3307 PMAP_UNLOCK(pmap); 3308} 3309 3310/* 3311 * The pvh global and pmap locks must be held. 3312 */ 3313static void 3314pmap_enter_locked(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot, 3315 boolean_t wired, int flags) 3316{ 3317 struct l2_bucket *l2b = NULL; 3318 struct vm_page *opg; 3319 struct pv_entry *pve = NULL; 3320 pt_entry_t *ptep, npte, opte; 3321 u_int nflags; 3322 u_int oflags; 3323 vm_paddr_t pa; 3324 3325 PMAP_ASSERT_LOCKED(pmap); 3326 rw_assert(&pvh_global_lock, RA_WLOCKED); 3327 if (va == vector_page) { 3328 pa = systempage.pv_pa; 3329 m = NULL; 3330 } else { 3331 KASSERT((m->oflags & VPO_UNMANAGED) != 0 || 3332 vm_page_xbusied(m) || (flags & M_NOWAIT) != 0, 3333 ("pmap_enter_locked: page %p is not busy", m)); 3334 pa = VM_PAGE_TO_PHYS(m); 3335 } 3336 nflags = 0; 3337 if (prot & VM_PROT_WRITE) 3338 nflags |= PVF_WRITE; 3339 if (prot & VM_PROT_EXECUTE) 3340 nflags |= PVF_EXEC; 3341 if (wired) 3342 nflags |= PVF_WIRED; 3343 PDEBUG(1, printf("pmap_enter: pmap = %08x, va = %08x, m = %08x, prot = %x, " 3344 "wired = %x\n", (uint32_t) pmap, va, (uint32_t) m, prot, wired)); 3345 3346 if (pmap == pmap_kernel()) { 3347 l2b = pmap_get_l2_bucket(pmap, va); 3348 if (l2b == NULL) 3349 l2b = pmap_grow_l2_bucket(pmap, va); 3350 } else { 3351do_l2b_alloc: 3352 l2b = pmap_alloc_l2_bucket(pmap, va); 3353 if (l2b == NULL) { 3354 if (flags & M_WAITOK) { 3355 PMAP_UNLOCK(pmap); 3356 rw_wunlock(&pvh_global_lock); 3357 VM_WAIT; 3358 rw_wlock(&pvh_global_lock); 3359 PMAP_LOCK(pmap); 3360 goto do_l2b_alloc; 3361 } 3362 return; 3363 } 3364 } 3365 3366 ptep = &l2b->l2b_kva[l2pte_index(va)]; 3367 3368 opte = *ptep; 3369 npte = pa; 3370 oflags = 0; 3371 if (opte) { 3372 /* 3373 * There is already a mapping at this address. 3374 * If the physical address is different, lookup the 3375 * vm_page. 3376 */ 3377 if (l2pte_pa(opte) != pa) 3378 opg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 3379 else 3380 opg = m; 3381 } else 3382 opg = NULL; 3383 3384 if ((prot & (VM_PROT_ALL)) || 3385 (!m || m->md.pvh_attrs & PVF_REF)) { 3386 /* 3387 * - The access type indicates that we don't need 3388 * to do referenced emulation. 3389 * OR 3390 * - The physical page has already been referenced 3391 * so no need to re-do referenced emulation here. 3392 */ 3393 npte |= L2_S_PROTO; 3394 3395 nflags |= PVF_REF; 3396 3397 if (m && ((prot & VM_PROT_WRITE) != 0 || 3398 (m->md.pvh_attrs & PVF_MOD))) { 3399 /* 3400 * This is a writable mapping, and the 3401 * page's mod state indicates it has 3402 * already been modified. Make it 3403 * writable from the outset. 3404 */ 3405 nflags |= PVF_MOD; 3406 if (!(m->md.pvh_attrs & PVF_MOD)) 3407 vm_page_dirty(m); 3408 } 3409 if (m && opte) 3410 vm_page_aflag_set(m, PGA_REFERENCED); 3411 } else { 3412 /* 3413 * Need to do page referenced emulation. 3414 */ 3415 npte |= L2_TYPE_INV; 3416 } 3417 3418 if (prot & VM_PROT_WRITE) { 3419 npte |= L2_S_PROT_W; 3420 if (m != NULL && 3421 (m->oflags & VPO_UNMANAGED) == 0) 3422 vm_page_aflag_set(m, PGA_WRITEABLE); 3423 } 3424 if (m->md.pv_memattr != VM_MEMATTR_UNCACHEABLE) 3425 npte |= pte_l2_s_cache_mode; 3426 if (m && m == opg) { 3427 /* 3428 * We're changing the attrs of an existing mapping. 3429 */ 3430 oflags = pmap_modify_pv(m, pmap, va, 3431 PVF_WRITE | PVF_EXEC | PVF_WIRED | 3432 PVF_MOD | PVF_REF, nflags); 3433 3434 /* 3435 * We may need to flush the cache if we're 3436 * doing rw-ro... 3437 */ 3438 if (pmap_is_current(pmap) && 3439 (oflags & PVF_NC) == 0 && 3440 (opte & L2_S_PROT_W) != 0 && 3441 (prot & VM_PROT_WRITE) == 0 && 3442 (opte & L2_TYPE_MASK) != L2_TYPE_INV) { 3443 cpu_dcache_wb_range(va, PAGE_SIZE); 3444 cpu_l2cache_wb_range(va, PAGE_SIZE); 3445 } 3446 } else { 3447 /* 3448 * New mapping, or changing the backing page 3449 * of an existing mapping. 3450 */ 3451 if (opg) { 3452 /* 3453 * Replacing an existing mapping with a new one. 3454 * It is part of our managed memory so we 3455 * must remove it from the PV list 3456 */ 3457 if ((pve = pmap_remove_pv(opg, pmap, va))) { 3458 3459 /* note for patch: the oflags/invalidation was moved 3460 * because PG_FICTITIOUS pages could free the pve 3461 */ 3462 oflags = pve->pv_flags; 3463 /* 3464 * If the old mapping was valid (ref/mod 3465 * emulation creates 'invalid' mappings 3466 * initially) then make sure to frob 3467 * the cache. 3468 */ 3469 if ((oflags & PVF_NC) == 0 && l2pte_valid(opte)) { 3470 if (PV_BEEN_EXECD(oflags)) { 3471 pmap_idcache_wbinv_range(pmap, va, 3472 PAGE_SIZE); 3473 } else 3474 if (PV_BEEN_REFD(oflags)) { 3475 pmap_dcache_wb_range(pmap, va, 3476 PAGE_SIZE, TRUE, 3477 (oflags & PVF_WRITE) == 0); 3478 } 3479 } 3480 3481 /* free/allocate a pv_entry for UNMANAGED pages if 3482 * this physical page is not/is already mapped. 3483 */ 3484 3485 if (m && (m->oflags & VPO_UNMANAGED) && 3486 !m->md.pv_kva && 3487 TAILQ_EMPTY(&m->md.pv_list)) { 3488 pmap_free_pv_entry(pve); 3489 pve = NULL; 3490 } 3491 } else if (m && 3492 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva || 3493 !TAILQ_EMPTY(&m->md.pv_list))) 3494 pve = pmap_get_pv_entry(); 3495 } else if (m && 3496 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva || 3497 !TAILQ_EMPTY(&m->md.pv_list))) 3498 pve = pmap_get_pv_entry(); 3499 3500 if (m) { 3501 if ((m->oflags & VPO_UNMANAGED)) { 3502 if (!TAILQ_EMPTY(&m->md.pv_list) || 3503 m->md.pv_kva) { 3504 KASSERT(pve != NULL, ("No pv")); 3505 nflags |= PVF_UNMAN; 3506 pmap_enter_pv(m, pve, pmap, va, nflags); 3507 } else 3508 m->md.pv_kva = va; 3509 } else { 3510 KASSERT(va < kmi.clean_sva || 3511 va >= kmi.clean_eva, 3512 ("pmap_enter: managed mapping within the clean submap")); 3513 KASSERT(pve != NULL, ("No pv")); 3514 pmap_enter_pv(m, pve, pmap, va, nflags); 3515 } 3516 } 3517 } 3518 /* 3519 * Make sure userland mappings get the right permissions 3520 */ 3521 if (pmap != pmap_kernel() && va != vector_page) { 3522 npte |= L2_S_PROT_U; 3523 } 3524 3525 /* 3526 * Keep the stats up to date 3527 */ 3528 if (opte == 0) { 3529 l2b->l2b_occupancy++; 3530 pmap->pm_stats.resident_count++; 3531 } 3532 3533 /* 3534 * If this is just a wiring change, the two PTEs will be 3535 * identical, so there's no need to update the page table. 3536 */ 3537 if (npte != opte) { 3538 boolean_t is_cached = pmap_is_current(pmap); 3539 3540 *ptep = npte; 3541 if (is_cached) { 3542 /* 3543 * We only need to frob the cache/tlb if this pmap 3544 * is current 3545 */ 3546 PTE_SYNC(ptep); 3547 if (L1_IDX(va) != L1_IDX(vector_page) && 3548 l2pte_valid(npte)) { 3549 /* 3550 * This mapping is likely to be accessed as 3551 * soon as we return to userland. Fix up the 3552 * L1 entry to avoid taking another 3553 * page/domain fault. 3554 */ 3555 pd_entry_t *pl1pd, l1pd; 3556 3557 pl1pd = &pmap->pm_l1->l1_kva[L1_IDX(va)]; 3558 l1pd = l2b->l2b_phys | L1_C_DOM(pmap->pm_domain) | 3559 L1_C_PROTO; 3560 if (*pl1pd != l1pd) { 3561 *pl1pd = l1pd; 3562 PTE_SYNC(pl1pd); 3563 } 3564 } 3565 } 3566 3567 if (PV_BEEN_EXECD(oflags)) 3568 pmap_tlb_flushID_SE(pmap, va); 3569 else if (PV_BEEN_REFD(oflags)) 3570 pmap_tlb_flushD_SE(pmap, va); 3571 3572 3573 if (m) 3574 pmap_fix_cache(m, pmap, va); 3575 } 3576} 3577 3578/* 3579 * Maps a sequence of resident pages belonging to the same object. 3580 * The sequence begins with the given page m_start. This page is 3581 * mapped at the given virtual address start. Each subsequent page is 3582 * mapped at a virtual address that is offset from start by the same 3583 * amount as the page is offset from m_start within the object. The 3584 * last page in the sequence is the page with the largest offset from 3585 * m_start that can be mapped at a virtual address less than the given 3586 * virtual address end. Not every virtual page between start and end 3587 * is mapped; only those for which a resident page exists with the 3588 * corresponding offset from m_start are mapped. 3589 */ 3590void 3591pmap_enter_object(pmap_t pmap, vm_offset_t start, vm_offset_t end, 3592 vm_page_t m_start, vm_prot_t prot) 3593{ 3594 vm_page_t m; 3595 vm_pindex_t diff, psize; 3596 3597 VM_OBJECT_ASSERT_LOCKED(m_start->object); 3598 3599 psize = atop(end - start); 3600 m = m_start; 3601 rw_wlock(&pvh_global_lock); 3602 PMAP_LOCK(pmap); 3603 while (m != NULL && (diff = m->pindex - m_start->pindex) < psize) { 3604 pmap_enter_locked(pmap, start + ptoa(diff), m, prot & 3605 (VM_PROT_READ | VM_PROT_EXECUTE), FALSE, M_NOWAIT); 3606 m = TAILQ_NEXT(m, listq); 3607 } 3608 rw_wunlock(&pvh_global_lock); 3609 PMAP_UNLOCK(pmap); 3610} 3611 3612/* 3613 * this code makes some *MAJOR* assumptions: 3614 * 1. Current pmap & pmap exists. 3615 * 2. Not wired. 3616 * 3. Read access. 3617 * 4. No page table pages. 3618 * but is *MUCH* faster than pmap_enter... 3619 */ 3620 3621void 3622pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot) 3623{ 3624 3625 rw_wlock(&pvh_global_lock); 3626 PMAP_LOCK(pmap); 3627 pmap_enter_locked(pmap, va, m, prot & (VM_PROT_READ | VM_PROT_EXECUTE), 3628 FALSE, M_NOWAIT); 3629 rw_wunlock(&pvh_global_lock); 3630 PMAP_UNLOCK(pmap); 3631} 3632 3633/* 3634 * Routine: pmap_change_wiring 3635 * Function: Change the wiring attribute for a map/virtual-address 3636 * pair. 3637 * In/out conditions: 3638 * The mapping must already exist in the pmap. 3639 */ 3640void 3641pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired) 3642{ 3643 struct l2_bucket *l2b; 3644 pt_entry_t *ptep, pte; 3645 vm_page_t pg; 3646 3647 rw_wlock(&pvh_global_lock); 3648 PMAP_LOCK(pmap); 3649 l2b = pmap_get_l2_bucket(pmap, va); 3650 KASSERT(l2b, ("No l2b bucket in pmap_change_wiring")); 3651 ptep = &l2b->l2b_kva[l2pte_index(va)]; 3652 pte = *ptep; 3653 pg = PHYS_TO_VM_PAGE(l2pte_pa(pte)); 3654 if (pg) 3655 pmap_modify_pv(pg, pmap, va, PVF_WIRED, wired ? PVF_WIRED : 0); 3656 rw_wunlock(&pvh_global_lock); 3657 PMAP_UNLOCK(pmap); 3658} 3659 3660 3661/* 3662 * Copy the range specified by src_addr/len 3663 * from the source map to the range dst_addr/len 3664 * in the destination map. 3665 * 3666 * This routine is only advisory and need not do anything. 3667 */ 3668void 3669pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr, 3670 vm_size_t len, vm_offset_t src_addr) 3671{ 3672} 3673 3674 3675/* 3676 * Routine: pmap_extract 3677 * Function: 3678 * Extract the physical page address associated 3679 * with the given map/virtual_address pair. 3680 */ 3681vm_paddr_t 3682pmap_extract(pmap_t pmap, vm_offset_t va) 3683{ 3684 vm_paddr_t pa; 3685 3686 PMAP_LOCK(pmap); 3687 pa = pmap_extract_locked(pmap, va); 3688 PMAP_UNLOCK(pmap); 3689 return (pa); 3690} 3691 3692static vm_paddr_t 3693pmap_extract_locked(pmap_t pmap, vm_offset_t va) 3694{ 3695 struct l2_dtable *l2; 3696 pd_entry_t l1pd; 3697 pt_entry_t *ptep, pte; 3698 vm_paddr_t pa; 3699 u_int l1idx; 3700 3701 if (pmap != kernel_pmap) 3702 PMAP_ASSERT_LOCKED(pmap); 3703 l1idx = L1_IDX(va); 3704 l1pd = pmap->pm_l1->l1_kva[l1idx]; 3705 if (l1pte_section_p(l1pd)) { 3706 /* 3707 * These should only happen for the kernel pmap. 3708 */ 3709 KASSERT(pmap == kernel_pmap, ("unexpected section")); 3710 /* XXX: what to do about the bits > 32 ? */ 3711 if (l1pd & L1_S_SUPERSEC) 3712 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET); 3713 else 3714 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET); 3715 } else { 3716 /* 3717 * Note that we can't rely on the validity of the L1 3718 * descriptor as an indication that a mapping exists. 3719 * We have to look it up in the L2 dtable. 3720 */ 3721 l2 = pmap->pm_l2[L2_IDX(l1idx)]; 3722 if (l2 == NULL || 3723 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) 3724 return (0); 3725 pte = ptep[l2pte_index(va)]; 3726 if (pte == 0) 3727 return (0); 3728 switch (pte & L2_TYPE_MASK) { 3729 case L2_TYPE_L: 3730 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET); 3731 break; 3732 default: 3733 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET); 3734 break; 3735 } 3736 } 3737 return (pa); 3738} 3739 3740/* 3741 * Atomically extract and hold the physical page with the given 3742 * pmap and virtual address pair if that mapping permits the given 3743 * protection. 3744 * 3745 */ 3746vm_page_t 3747pmap_extract_and_hold(pmap_t pmap, vm_offset_t va, vm_prot_t prot) 3748{ 3749 struct l2_dtable *l2; 3750 pd_entry_t l1pd; 3751 pt_entry_t *ptep, pte; 3752 vm_paddr_t pa, paddr; 3753 vm_page_t m = NULL; 3754 u_int l1idx; 3755 l1idx = L1_IDX(va); 3756 paddr = 0; 3757 3758 PMAP_LOCK(pmap); 3759retry: 3760 l1pd = pmap->pm_l1->l1_kva[l1idx]; 3761 if (l1pte_section_p(l1pd)) { 3762 /* 3763 * These should only happen for pmap_kernel() 3764 */ 3765 KASSERT(pmap == pmap_kernel(), ("huh")); 3766 /* XXX: what to do about the bits > 32 ? */ 3767 if (l1pd & L1_S_SUPERSEC) 3768 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET); 3769 else 3770 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET); 3771 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr)) 3772 goto retry; 3773 if (l1pd & L1_S_PROT_W || (prot & VM_PROT_WRITE) == 0) { 3774 m = PHYS_TO_VM_PAGE(pa); 3775 vm_page_hold(m); 3776 } 3777 3778 } else { 3779 /* 3780 * Note that we can't rely on the validity of the L1 3781 * descriptor as an indication that a mapping exists. 3782 * We have to look it up in the L2 dtable. 3783 */ 3784 l2 = pmap->pm_l2[L2_IDX(l1idx)]; 3785 3786 if (l2 == NULL || 3787 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) { 3788 PMAP_UNLOCK(pmap); 3789 return (NULL); 3790 } 3791 3792 ptep = &ptep[l2pte_index(va)]; 3793 pte = *ptep; 3794 3795 if (pte == 0) { 3796 PMAP_UNLOCK(pmap); 3797 return (NULL); 3798 } 3799 if (pte & L2_S_PROT_W || (prot & VM_PROT_WRITE) == 0) { 3800 switch (pte & L2_TYPE_MASK) { 3801 case L2_TYPE_L: 3802 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET); 3803 break; 3804 3805 default: 3806 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET); 3807 break; 3808 } 3809 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr)) 3810 goto retry; 3811 m = PHYS_TO_VM_PAGE(pa); 3812 vm_page_hold(m); 3813 } 3814 } 3815 3816 PMAP_UNLOCK(pmap); 3817 PA_UNLOCK_COND(paddr); 3818 return (m); 3819} 3820 3821/* 3822 * Initialize a preallocated and zeroed pmap structure, 3823 * such as one in a vmspace structure. 3824 */ 3825 3826int 3827pmap_pinit(pmap_t pmap) 3828{ 3829 PDEBUG(1, printf("pmap_pinit: pmap = %08x\n", (uint32_t) pmap)); 3830 3831 pmap_alloc_l1(pmap); 3832 bzero(pmap->pm_l2, sizeof(pmap->pm_l2)); 3833 3834 CPU_ZERO(&pmap->pm_active); 3835 3836 TAILQ_INIT(&pmap->pm_pvlist); 3837 bzero(&pmap->pm_stats, sizeof pmap->pm_stats); 3838 pmap->pm_stats.resident_count = 1; 3839 if (vector_page < KERNBASE) { 3840 pmap_enter(pmap, vector_page, 3841 VM_PROT_READ, PHYS_TO_VM_PAGE(systempage.pv_pa), 3842 VM_PROT_READ, 1); 3843 } 3844 return (1); 3845} 3846 3847 3848/*************************************************** 3849 * page management routines. 3850 ***************************************************/ 3851 3852 3853static void 3854pmap_free_pv_entry(pv_entry_t pv) 3855{ 3856 pv_entry_count--; 3857 uma_zfree(pvzone, pv); 3858} 3859 3860 3861/* 3862 * get a new pv_entry, allocating a block from the system 3863 * when needed. 3864 * the memory allocation is performed bypassing the malloc code 3865 * because of the possibility of allocations at interrupt time. 3866 */ 3867static pv_entry_t 3868pmap_get_pv_entry(void) 3869{ 3870 pv_entry_t ret_value; 3871 3872 pv_entry_count++; 3873 if (pv_entry_count > pv_entry_high_water) 3874 pagedaemon_wakeup(); 3875 ret_value = uma_zalloc(pvzone, M_NOWAIT); 3876 return ret_value; 3877} 3878 3879/* 3880 * Remove the given range of addresses from the specified map. 3881 * 3882 * It is assumed that the start and end are properly 3883 * rounded to the page size. 3884 */ 3885#define PMAP_REMOVE_CLEAN_LIST_SIZE 3 3886void 3887pmap_remove(pmap_t pm, vm_offset_t sva, vm_offset_t eva) 3888{ 3889 struct l2_bucket *l2b; 3890 vm_offset_t next_bucket; 3891 pt_entry_t *ptep; 3892 u_int total; 3893 u_int mappings, is_exec, is_refd; 3894 int flushall = 0; 3895 3896 3897 /* 3898 * we lock in the pmap => pv_head direction 3899 */ 3900 3901 rw_wlock(&pvh_global_lock); 3902 PMAP_LOCK(pm); 3903 total = 0; 3904 while (sva < eva) { 3905 /* 3906 * Do one L2 bucket's worth at a time. 3907 */ 3908 next_bucket = L2_NEXT_BUCKET(sva); 3909 if (next_bucket > eva) 3910 next_bucket = eva; 3911 3912 l2b = pmap_get_l2_bucket(pm, sva); 3913 if (l2b == NULL) { 3914 sva = next_bucket; 3915 continue; 3916 } 3917 3918 ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3919 mappings = 0; 3920 3921 while (sva < next_bucket) { 3922 struct vm_page *pg; 3923 pt_entry_t pte; 3924 vm_paddr_t pa; 3925 3926 pte = *ptep; 3927 3928 if (pte == 0) { 3929 /* 3930 * Nothing here, move along 3931 */ 3932 sva += PAGE_SIZE; 3933 ptep++; 3934 continue; 3935 } 3936 3937 pm->pm_stats.resident_count--; 3938 pa = l2pte_pa(pte); 3939 is_exec = 0; 3940 is_refd = 1; 3941 3942 /* 3943 * Update flags. In a number of circumstances, 3944 * we could cluster a lot of these and do a 3945 * number of sequential pages in one go. 3946 */ 3947 if ((pg = PHYS_TO_VM_PAGE(pa)) != NULL) { 3948 struct pv_entry *pve; 3949 3950 pve = pmap_remove_pv(pg, pm, sva); 3951 if (pve) { 3952 is_exec = PV_BEEN_EXECD(pve->pv_flags); 3953 is_refd = PV_BEEN_REFD(pve->pv_flags); 3954 pmap_free_pv_entry(pve); 3955 } 3956 } 3957 3958 if (l2pte_valid(pte) && pmap_is_current(pm)) { 3959 if (total < PMAP_REMOVE_CLEAN_LIST_SIZE) { 3960 total++; 3961 if (is_exec) { 3962 cpu_idcache_wbinv_range(sva, 3963 PAGE_SIZE); 3964 cpu_l2cache_wbinv_range(sva, 3965 PAGE_SIZE); 3966 cpu_tlb_flushID_SE(sva); 3967 } else if (is_refd) { 3968 cpu_dcache_wbinv_range(sva, 3969 PAGE_SIZE); 3970 cpu_l2cache_wbinv_range(sva, 3971 PAGE_SIZE); 3972 cpu_tlb_flushD_SE(sva); 3973 } 3974 } else if (total == PMAP_REMOVE_CLEAN_LIST_SIZE) { 3975 /* flushall will also only get set for 3976 * for a current pmap 3977 */ 3978 cpu_idcache_wbinv_all(); 3979 cpu_l2cache_wbinv_all(); 3980 flushall = 1; 3981 total++; 3982 } 3983 } 3984 *ptep = 0; 3985 PTE_SYNC(ptep); 3986 3987 sva += PAGE_SIZE; 3988 ptep++; 3989 mappings++; 3990 } 3991 3992 pmap_free_l2_bucket(pm, l2b, mappings); 3993 } 3994 3995 rw_wunlock(&pvh_global_lock); 3996 if (flushall) 3997 cpu_tlb_flushID(); 3998 PMAP_UNLOCK(pm); 3999} 4000 4001/* 4002 * pmap_zero_page() 4003 * 4004 * Zero a given physical page by mapping it at a page hook point. 4005 * In doing the zero page op, the page we zero is mapped cachable, as with 4006 * StrongARM accesses to non-cached pages are non-burst making writing 4007 * _any_ bulk data very slow. 4008 */ 4009#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 || defined(CPU_XSCALE_CORE3) 4010void 4011pmap_zero_page_generic(vm_paddr_t phys, int off, int size) 4012{ 4013#ifdef ARM_USE_SMALL_ALLOC 4014 char *dstpg; 4015#endif 4016 4017 if (_arm_bzero && size >= _min_bzero_size && 4018 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0) 4019 return; 4020 4021#ifdef ARM_USE_SMALL_ALLOC 4022 dstpg = (char *)arm_ptovirt(phys); 4023 if (off || size != PAGE_SIZE) { 4024 bzero(dstpg + off, size); 4025 cpu_dcache_wbinv_range((vm_offset_t)(dstpg + off), size); 4026 cpu_l2cache_wbinv_range((vm_offset_t)(dstpg + off), size); 4027 } else { 4028 bzero_page((vm_offset_t)dstpg); 4029 cpu_dcache_wbinv_range((vm_offset_t)dstpg, PAGE_SIZE); 4030 cpu_l2cache_wbinv_range((vm_offset_t)dstpg, PAGE_SIZE); 4031 } 4032#else 4033 4034 mtx_lock(&cmtx); 4035 /* 4036 * Hook in the page, zero it, invalidate the TLB as needed. 4037 * 4038 * Note the temporary zero-page mapping must be a non-cached page in 4039 * order to work without corruption when write-allocate is enabled. 4040 */ 4041 *cdst_pte = L2_S_PROTO | phys | L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE); 4042 PTE_SYNC(cdst_pte); 4043 cpu_tlb_flushD_SE(cdstp); 4044 cpu_cpwait(); 4045 if (off || size != PAGE_SIZE) 4046 bzero((void *)(cdstp + off), size); 4047 else 4048 bzero_page(cdstp); 4049 4050 mtx_unlock(&cmtx); 4051#endif 4052} 4053#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 4054 4055#if ARM_MMU_XSCALE == 1 4056void 4057pmap_zero_page_xscale(vm_paddr_t phys, int off, int size) 4058{ 4059#ifdef ARM_USE_SMALL_ALLOC 4060 char *dstpg; 4061#endif 4062 4063 if (_arm_bzero && size >= _min_bzero_size && 4064 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0) 4065 return; 4066#ifdef ARM_USE_SMALL_ALLOC 4067 dstpg = (char *)arm_ptovirt(phys); 4068 if (off || size != PAGE_SIZE) { 4069 bzero(dstpg + off, size); 4070 cpu_dcache_wbinv_range((vm_offset_t)(dstpg + off), size); 4071 } else { 4072 bzero_page((vm_offset_t)dstpg); 4073 cpu_dcache_wbinv_range((vm_offset_t)dstpg, PAGE_SIZE); 4074 } 4075#else 4076 mtx_lock(&cmtx); 4077 /* 4078 * Hook in the page, zero it, and purge the cache for that 4079 * zeroed page. Invalidate the TLB as needed. 4080 */ 4081 *cdst_pte = L2_S_PROTO | phys | 4082 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4083 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4084 PTE_SYNC(cdst_pte); 4085 cpu_tlb_flushD_SE(cdstp); 4086 cpu_cpwait(); 4087 if (off || size != PAGE_SIZE) 4088 bzero((void *)(cdstp + off), size); 4089 else 4090 bzero_page(cdstp); 4091 mtx_unlock(&cmtx); 4092 xscale_cache_clean_minidata(); 4093#endif 4094} 4095 4096/* 4097 * Change the PTEs for the specified kernel mappings such that they 4098 * will use the mini data cache instead of the main data cache. 4099 */ 4100void 4101pmap_use_minicache(vm_offset_t va, vm_size_t size) 4102{ 4103 struct l2_bucket *l2b; 4104 pt_entry_t *ptep, *sptep, pte; 4105 vm_offset_t next_bucket, eva; 4106 4107#if (ARM_NMMUS > 1) || defined(CPU_XSCALE_CORE3) 4108 if (xscale_use_minidata == 0) 4109 return; 4110#endif 4111 4112 eva = va + size; 4113 4114 while (va < eva) { 4115 next_bucket = L2_NEXT_BUCKET(va); 4116 if (next_bucket > eva) 4117 next_bucket = eva; 4118 4119 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 4120 4121 sptep = ptep = &l2b->l2b_kva[l2pte_index(va)]; 4122 4123 while (va < next_bucket) { 4124 pte = *ptep; 4125 if (!l2pte_minidata(pte)) { 4126 cpu_dcache_wbinv_range(va, PAGE_SIZE); 4127 cpu_tlb_flushD_SE(va); 4128 *ptep = pte & ~L2_B; 4129 } 4130 ptep++; 4131 va += PAGE_SIZE; 4132 } 4133 PTE_SYNC_RANGE(sptep, (u_int)(ptep - sptep)); 4134 } 4135 cpu_cpwait(); 4136} 4137#endif /* ARM_MMU_XSCALE == 1 */ 4138 4139/* 4140 * pmap_zero_page zeros the specified hardware page by mapping 4141 * the page into KVM and using bzero to clear its contents. 4142 */ 4143void 4144pmap_zero_page(vm_page_t m) 4145{ 4146 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), 0, PAGE_SIZE); 4147} 4148 4149 4150/* 4151 * pmap_zero_page_area zeros the specified hardware page by mapping 4152 * the page into KVM and using bzero to clear its contents. 4153 * 4154 * off and size may not cover an area beyond a single hardware page. 4155 */ 4156void 4157pmap_zero_page_area(vm_page_t m, int off, int size) 4158{ 4159 4160 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), off, size); 4161} 4162 4163 4164/* 4165 * pmap_zero_page_idle zeros the specified hardware page by mapping 4166 * the page into KVM and using bzero to clear its contents. This 4167 * is intended to be called from the vm_pagezero process only and 4168 * outside of Giant. 4169 */ 4170void 4171pmap_zero_page_idle(vm_page_t m) 4172{ 4173 4174 pmap_zero_page(m); 4175} 4176 4177#if 0 4178/* 4179 * pmap_clean_page() 4180 * 4181 * This is a local function used to work out the best strategy to clean 4182 * a single page referenced by its entry in the PV table. It should be used by 4183 * pmap_copy_page, pmap_zero page and maybe some others later on. 4184 * 4185 * Its policy is effectively: 4186 * o If there are no mappings, we don't bother doing anything with the cache. 4187 * o If there is one mapping, we clean just that page. 4188 * o If there are multiple mappings, we clean the entire cache. 4189 * 4190 * So that some functions can be further optimised, it returns 0 if it didn't 4191 * clean the entire cache, or 1 if it did. 4192 * 4193 * XXX One bug in this routine is that if the pv_entry has a single page 4194 * mapped at 0x00000000 a whole cache clean will be performed rather than 4195 * just the 1 page. Since this should not occur in everyday use and if it does 4196 * it will just result in not the most efficient clean for the page. 4197 * 4198 * We don't yet use this function but may want to. 4199 */ 4200static int 4201pmap_clean_page(struct pv_entry *pv, boolean_t is_src) 4202{ 4203 pmap_t pm, pm_to_clean = NULL; 4204 struct pv_entry *npv; 4205 u_int cache_needs_cleaning = 0; 4206 u_int flags = 0; 4207 vm_offset_t page_to_clean = 0; 4208 4209 if (pv == NULL) { 4210 /* nothing mapped in so nothing to flush */ 4211 return (0); 4212 } 4213 4214 /* 4215 * Since we flush the cache each time we change to a different 4216 * user vmspace, we only need to flush the page if it is in the 4217 * current pmap. 4218 */ 4219 if (curthread) 4220 pm = vmspace_pmap(curproc->p_vmspace); 4221 else 4222 pm = pmap_kernel(); 4223 4224 for (npv = pv; npv; npv = TAILQ_NEXT(npv, pv_list)) { 4225 if (npv->pv_pmap == pmap_kernel() || npv->pv_pmap == pm) { 4226 flags |= npv->pv_flags; 4227 /* 4228 * The page is mapped non-cacheable in 4229 * this map. No need to flush the cache. 4230 */ 4231 if (npv->pv_flags & PVF_NC) { 4232#ifdef DIAGNOSTIC 4233 if (cache_needs_cleaning) 4234 panic("pmap_clean_page: " 4235 "cache inconsistency"); 4236#endif 4237 break; 4238 } else if (is_src && (npv->pv_flags & PVF_WRITE) == 0) 4239 continue; 4240 if (cache_needs_cleaning) { 4241 page_to_clean = 0; 4242 break; 4243 } else { 4244 page_to_clean = npv->pv_va; 4245 pm_to_clean = npv->pv_pmap; 4246 } 4247 cache_needs_cleaning = 1; 4248 } 4249 } 4250 if (page_to_clean) { 4251 if (PV_BEEN_EXECD(flags)) 4252 pmap_idcache_wbinv_range(pm_to_clean, page_to_clean, 4253 PAGE_SIZE); 4254 else 4255 pmap_dcache_wb_range(pm_to_clean, page_to_clean, 4256 PAGE_SIZE, !is_src, (flags & PVF_WRITE) == 0); 4257 } else if (cache_needs_cleaning) { 4258 if (PV_BEEN_EXECD(flags)) 4259 pmap_idcache_wbinv_all(pm); 4260 else 4261 pmap_dcache_wbinv_all(pm); 4262 return (1); 4263 } 4264 return (0); 4265} 4266#endif 4267 4268/* 4269 * pmap_copy_page copies the specified (machine independent) 4270 * page by mapping the page into virtual memory and using 4271 * bcopy to copy the page, one machine dependent page at a 4272 * time. 4273 */ 4274 4275/* 4276 * pmap_copy_page() 4277 * 4278 * Copy one physical page into another, by mapping the pages into 4279 * hook points. The same comment regarding cachability as in 4280 * pmap_zero_page also applies here. 4281 */ 4282#if (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 || defined (CPU_XSCALE_CORE3) 4283void 4284pmap_copy_page_generic(vm_paddr_t src, vm_paddr_t dst) 4285{ 4286#if 0 4287 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src); 4288#endif 4289 4290 /* 4291 * Clean the source page. Hold the source page's lock for 4292 * the duration of the copy so that no other mappings can 4293 * be created while we have a potentially aliased mapping. 4294 */ 4295#if 0 4296 /* 4297 * XXX: Not needed while we call cpu_dcache_wbinv_all() in 4298 * pmap_copy_page(). 4299 */ 4300 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE); 4301#endif 4302 /* 4303 * Map the pages into the page hook points, copy them, and purge 4304 * the cache for the appropriate page. Invalidate the TLB 4305 * as required. 4306 */ 4307 mtx_lock(&cmtx); 4308 *csrc_pte = L2_S_PROTO | src | 4309 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode; 4310 PTE_SYNC(csrc_pte); 4311 *cdst_pte = L2_S_PROTO | dst | 4312 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 4313 PTE_SYNC(cdst_pte); 4314 cpu_tlb_flushD_SE(csrcp); 4315 cpu_tlb_flushD_SE(cdstp); 4316 cpu_cpwait(); 4317 bcopy_page(csrcp, cdstp); 4318 mtx_unlock(&cmtx); 4319 cpu_dcache_inv_range(csrcp, PAGE_SIZE); 4320 cpu_dcache_wbinv_range(cdstp, PAGE_SIZE); 4321 cpu_l2cache_inv_range(csrcp, PAGE_SIZE); 4322 cpu_l2cache_wbinv_range(cdstp, PAGE_SIZE); 4323} 4324 4325void 4326pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs, 4327 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt) 4328{ 4329 4330 mtx_lock(&cmtx); 4331 *csrc_pte = L2_S_PROTO | a_phys | 4332 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode; 4333 PTE_SYNC(csrc_pte); 4334 *cdst_pte = L2_S_PROTO | b_phys | 4335 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 4336 PTE_SYNC(cdst_pte); 4337 cpu_tlb_flushD_SE(csrcp); 4338 cpu_tlb_flushD_SE(cdstp); 4339 cpu_cpwait(); 4340 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt); 4341 mtx_unlock(&cmtx); 4342 cpu_dcache_inv_range(csrcp + a_offs, cnt); 4343 cpu_dcache_wbinv_range(cdstp + b_offs, cnt); 4344 cpu_l2cache_inv_range(csrcp + a_offs, cnt); 4345 cpu_l2cache_wbinv_range(cdstp + b_offs, cnt); 4346} 4347#endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1) != 0 */ 4348 4349#if ARM_MMU_XSCALE == 1 4350void 4351pmap_copy_page_xscale(vm_paddr_t src, vm_paddr_t dst) 4352{ 4353#if 0 4354 /* XXX: Only needed for pmap_clean_page(), which is commented out. */ 4355 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src); 4356#endif 4357 4358 /* 4359 * Clean the source page. Hold the source page's lock for 4360 * the duration of the copy so that no other mappings can 4361 * be created while we have a potentially aliased mapping. 4362 */ 4363#if 0 4364 /* 4365 * XXX: Not needed while we call cpu_dcache_wbinv_all() in 4366 * pmap_copy_page(). 4367 */ 4368 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE); 4369#endif 4370 /* 4371 * Map the pages into the page hook points, copy them, and purge 4372 * the cache for the appropriate page. Invalidate the TLB 4373 * as required. 4374 */ 4375 mtx_lock(&cmtx); 4376 *csrc_pte = L2_S_PROTO | src | 4377 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 4378 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4379 PTE_SYNC(csrc_pte); 4380 *cdst_pte = L2_S_PROTO | dst | 4381 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4382 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */ 4383 PTE_SYNC(cdst_pte); 4384 cpu_tlb_flushD_SE(csrcp); 4385 cpu_tlb_flushD_SE(cdstp); 4386 cpu_cpwait(); 4387 bcopy_page(csrcp, cdstp); 4388 mtx_unlock(&cmtx); 4389 xscale_cache_clean_minidata(); 4390} 4391 4392void 4393pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs, 4394 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt) 4395{ 4396 4397 mtx_lock(&cmtx); 4398 *csrc_pte = L2_S_PROTO | a_phys | 4399 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | 4400 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 4401 PTE_SYNC(csrc_pte); 4402 *cdst_pte = L2_S_PROTO | b_phys | 4403 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 4404 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); 4405 PTE_SYNC(cdst_pte); 4406 cpu_tlb_flushD_SE(csrcp); 4407 cpu_tlb_flushD_SE(cdstp); 4408 cpu_cpwait(); 4409 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt); 4410 mtx_unlock(&cmtx); 4411 xscale_cache_clean_minidata(); 4412} 4413#endif /* ARM_MMU_XSCALE == 1 */ 4414 4415void 4416pmap_copy_page(vm_page_t src, vm_page_t dst) 4417{ 4418#ifdef ARM_USE_SMALL_ALLOC 4419 vm_offset_t srcpg, dstpg; 4420#endif 4421 4422 cpu_dcache_wbinv_all(); 4423 cpu_l2cache_wbinv_all(); 4424 if (_arm_memcpy && PAGE_SIZE >= _min_memcpy_size && 4425 _arm_memcpy((void *)VM_PAGE_TO_PHYS(dst), 4426 (void *)VM_PAGE_TO_PHYS(src), PAGE_SIZE, IS_PHYSICAL) == 0) 4427 return; 4428#ifdef ARM_USE_SMALL_ALLOC 4429 srcpg = arm_ptovirt(VM_PAGE_TO_PHYS(src)); 4430 dstpg = arm_ptovirt(VM_PAGE_TO_PHYS(dst)); 4431 bcopy_page(srcpg, dstpg); 4432 cpu_dcache_wbinv_range(dstpg, PAGE_SIZE); 4433 cpu_l2cache_wbinv_range(dstpg, PAGE_SIZE); 4434#else 4435 pmap_copy_page_func(VM_PAGE_TO_PHYS(src), VM_PAGE_TO_PHYS(dst)); 4436#endif 4437} 4438 4439int unmapped_buf_allowed = 1; 4440 4441void 4442pmap_copy_pages(vm_page_t ma[], vm_offset_t a_offset, vm_page_t mb[], 4443 vm_offset_t b_offset, int xfersize) 4444{ 4445 vm_page_t a_pg, b_pg; 4446 vm_offset_t a_pg_offset, b_pg_offset; 4447 int cnt; 4448#ifdef ARM_USE_SMALL_ALLOC 4449 vm_offset_t a_va, b_va; 4450#endif 4451 4452 cpu_dcache_wbinv_all(); 4453 cpu_l2cache_wbinv_all(); 4454 while (xfersize > 0) { 4455 a_pg = ma[a_offset >> PAGE_SHIFT]; 4456 a_pg_offset = a_offset & PAGE_MASK; 4457 cnt = min(xfersize, PAGE_SIZE - a_pg_offset); 4458 b_pg = mb[b_offset >> PAGE_SHIFT]; 4459 b_pg_offset = b_offset & PAGE_MASK; 4460 cnt = min(cnt, PAGE_SIZE - b_pg_offset); 4461#ifdef ARM_USE_SMALL_ALLOC 4462 a_va = arm_ptovirt(VM_PAGE_TO_PHYS(a_pg)) + a_pg_offset; 4463 b_va = arm_ptovirt(VM_PAGE_TO_PHYS(b_pg)) + b_pg_offset; 4464 bcopy((char *)a_va, (char *)b_va, cnt); 4465 cpu_dcache_wbinv_range(b_va, cnt); 4466 cpu_l2cache_wbinv_range(b_va, cnt); 4467#else 4468 pmap_copy_page_offs_func(VM_PAGE_TO_PHYS(a_pg), a_pg_offset, 4469 VM_PAGE_TO_PHYS(b_pg), b_pg_offset, cnt); 4470#endif 4471 xfersize -= cnt; 4472 a_offset += cnt; 4473 b_offset += cnt; 4474 } 4475} 4476 4477/* 4478 * this routine returns true if a physical page resides 4479 * in the given pmap. 4480 */ 4481boolean_t 4482pmap_page_exists_quick(pmap_t pmap, vm_page_t m) 4483{ 4484 pv_entry_t pv; 4485 int loops = 0; 4486 boolean_t rv; 4487 4488 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4489 ("pmap_page_exists_quick: page %p is not managed", m)); 4490 rv = FALSE; 4491 rw_wlock(&pvh_global_lock); 4492 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) { 4493 if (pv->pv_pmap == pmap) { 4494 rv = TRUE; 4495 break; 4496 } 4497 loops++; 4498 if (loops >= 16) 4499 break; 4500 } 4501 rw_wunlock(&pvh_global_lock); 4502 return (rv); 4503} 4504 4505/* 4506 * pmap_page_wired_mappings: 4507 * 4508 * Return the number of managed mappings to the given physical page 4509 * that are wired. 4510 */ 4511int 4512pmap_page_wired_mappings(vm_page_t m) 4513{ 4514 pv_entry_t pv; 4515 int count; 4516 4517 count = 0; 4518 if ((m->oflags & VPO_UNMANAGED) != 0) 4519 return (count); 4520 rw_wlock(&pvh_global_lock); 4521 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) 4522 if ((pv->pv_flags & PVF_WIRED) != 0) 4523 count++; 4524 rw_wunlock(&pvh_global_lock); 4525 return (count); 4526} 4527 4528/* 4529 * This function is advisory. 4530 */ 4531void 4532pmap_advise(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, int advice) 4533{ 4534} 4535 4536/* 4537 * pmap_ts_referenced: 4538 * 4539 * Return the count of reference bits for a page, clearing all of them. 4540 */ 4541int 4542pmap_ts_referenced(vm_page_t m) 4543{ 4544 4545 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4546 ("pmap_ts_referenced: page %p is not managed", m)); 4547 return (pmap_clearbit(m, PVF_REF)); 4548} 4549 4550 4551boolean_t 4552pmap_is_modified(vm_page_t m) 4553{ 4554 4555 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4556 ("pmap_is_modified: page %p is not managed", m)); 4557 if (m->md.pvh_attrs & PVF_MOD) 4558 return (TRUE); 4559 4560 return(FALSE); 4561} 4562 4563 4564/* 4565 * Clear the modify bits on the specified physical page. 4566 */ 4567void 4568pmap_clear_modify(vm_page_t m) 4569{ 4570 4571 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4572 ("pmap_clear_modify: page %p is not managed", m)); 4573 VM_OBJECT_ASSERT_WLOCKED(m->object); 4574 KASSERT(!vm_page_xbusied(m), 4575 ("pmap_clear_modify: page %p is exclusive busied", m)); 4576 4577 /* 4578 * If the page is not PGA_WRITEABLE, then no mappings can be modified. 4579 * If the object containing the page is locked and the page is not 4580 * exclusive busied, then PGA_WRITEABLE cannot be concurrently set. 4581 */ 4582 if ((m->aflags & PGA_WRITEABLE) == 0) 4583 return; 4584 if (m->md.pvh_attrs & PVF_MOD) 4585 pmap_clearbit(m, PVF_MOD); 4586} 4587 4588 4589/* 4590 * pmap_is_referenced: 4591 * 4592 * Return whether or not the specified physical page was referenced 4593 * in any physical maps. 4594 */ 4595boolean_t 4596pmap_is_referenced(vm_page_t m) 4597{ 4598 4599 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4600 ("pmap_is_referenced: page %p is not managed", m)); 4601 return ((m->md.pvh_attrs & PVF_REF) != 0); 4602} 4603 4604 4605/* 4606 * Clear the write and modified bits in each of the given page's mappings. 4607 */ 4608void 4609pmap_remove_write(vm_page_t m) 4610{ 4611 4612 KASSERT((m->oflags & VPO_UNMANAGED) == 0, 4613 ("pmap_remove_write: page %p is not managed", m)); 4614 4615 /* 4616 * If the page is not exclusive busied, then PGA_WRITEABLE cannot be 4617 * set by another thread while the object is locked. Thus, 4618 * if PGA_WRITEABLE is clear, no page table entries need updating. 4619 */ 4620 VM_OBJECT_ASSERT_WLOCKED(m->object); 4621 if (vm_page_xbusied(m) || (m->aflags & PGA_WRITEABLE) != 0) 4622 pmap_clearbit(m, PVF_WRITE); 4623} 4624 4625 4626/* 4627 * perform the pmap work for mincore 4628 */ 4629int 4630pmap_mincore(pmap_t pmap, vm_offset_t addr, vm_paddr_t *locked_pa) 4631{ 4632 struct l2_bucket *l2b; 4633 pt_entry_t *ptep, pte; 4634 vm_paddr_t pa; 4635 vm_page_t m; 4636 int val; 4637 boolean_t managed; 4638 4639 PMAP_LOCK(pmap); 4640retry: 4641 l2b = pmap_get_l2_bucket(pmap, addr); 4642 if (l2b == NULL) { 4643 val = 0; 4644 goto out; 4645 } 4646 ptep = &l2b->l2b_kva[l2pte_index(addr)]; 4647 pte = *ptep; 4648 if (!l2pte_valid(pte)) { 4649 val = 0; 4650 goto out; 4651 } 4652 val = MINCORE_INCORE; 4653 if (pte & L2_S_PROT_W) 4654 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER; 4655 managed = false; 4656 pa = l2pte_pa(pte); 4657 m = PHYS_TO_VM_PAGE(pa); 4658 if (m != NULL && !(m->oflags & VPO_UNMANAGED)) 4659 managed = true; 4660 if (managed) { 4661 /* 4662 * The ARM pmap tries to maintain a per-mapping 4663 * reference bit. The trouble is that it's kept in 4664 * the PV entry, not the PTE, so it's costly to access 4665 * here. You would need to acquire the pvh global 4666 * lock, call pmap_find_pv(), and introduce a custom 4667 * version of vm_page_pa_tryrelock() that releases and 4668 * reacquires the pvh global lock. In the end, I 4669 * doubt it's worthwhile. This may falsely report 4670 * the given address as referenced. 4671 */ 4672 if ((m->md.pvh_attrs & PVF_REF) != 0) 4673 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER; 4674 } 4675 if ((val & (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER)) != 4676 (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER) && managed) { 4677 /* Ensure that "PHYS_TO_VM_PAGE(pa)->object" doesn't change. */ 4678 if (vm_page_pa_tryrelock(pmap, pa, locked_pa)) 4679 goto retry; 4680 } else 4681out: 4682 PA_UNLOCK_COND(*locked_pa); 4683 PMAP_UNLOCK(pmap); 4684 return (val); 4685} 4686 4687 4688void 4689pmap_sync_icache(pmap_t pm, vm_offset_t va, vm_size_t sz) 4690{ 4691} 4692 4693 4694/* 4695 * Increase the starting virtual address of the given mapping if a 4696 * different alignment might result in more superpage mappings. 4697 */ 4698void 4699pmap_align_superpage(vm_object_t object, vm_ooffset_t offset, 4700 vm_offset_t *addr, vm_size_t size) 4701{ 4702} 4703 4704#define BOOTSTRAP_DEBUG 4705 4706/* 4707 * pmap_map_section: 4708 * 4709 * Create a single section mapping. 4710 */ 4711void 4712pmap_map_section(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, 4713 int prot, int cache) 4714{ 4715 pd_entry_t *pde = (pd_entry_t *) l1pt; 4716 pd_entry_t fl; 4717 4718 KASSERT(((va | pa) & L1_S_OFFSET) == 0, ("ouin2")); 4719 4720 switch (cache) { 4721 case PTE_NOCACHE: 4722 default: 4723 fl = 0; 4724 break; 4725 4726 case PTE_CACHE: 4727 fl = pte_l1_s_cache_mode; 4728 break; 4729 4730 case PTE_PAGETABLE: 4731 fl = pte_l1_s_cache_mode_pt; 4732 break; 4733 } 4734 4735 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa | 4736 L1_S_PROT(PTE_KERNEL, prot) | fl | L1_S_DOM(PMAP_DOMAIN_KERNEL); 4737 PTE_SYNC(&pde[va >> L1_S_SHIFT]); 4738 4739} 4740 4741/* 4742 * pmap_link_l2pt: 4743 * 4744 * Link the L2 page table specified by l2pv.pv_pa into the L1 4745 * page table at the slot for "va". 4746 */ 4747void 4748pmap_link_l2pt(vm_offset_t l1pt, vm_offset_t va, struct pv_addr *l2pv) 4749{ 4750 pd_entry_t *pde = (pd_entry_t *) l1pt, proto; 4751 u_int slot = va >> L1_S_SHIFT; 4752 4753 proto = L1_S_DOM(PMAP_DOMAIN_KERNEL) | L1_C_PROTO; 4754 4755#ifdef VERBOSE_INIT_ARM 4756 printf("pmap_link_l2pt: pa=0x%x va=0x%x\n", l2pv->pv_pa, l2pv->pv_va); 4757#endif 4758 4759 pde[slot + 0] = proto | (l2pv->pv_pa + 0x000); 4760 4761 PTE_SYNC(&pde[slot]); 4762 4763 SLIST_INSERT_HEAD(&kernel_pt_list, l2pv, pv_list); 4764 4765 4766} 4767 4768/* 4769 * pmap_map_entry 4770 * 4771 * Create a single page mapping. 4772 */ 4773void 4774pmap_map_entry(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, int prot, 4775 int cache) 4776{ 4777 pd_entry_t *pde = (pd_entry_t *) l1pt; 4778 pt_entry_t fl; 4779 pt_entry_t *pte; 4780 4781 KASSERT(((va | pa) & PAGE_MASK) == 0, ("ouin")); 4782 4783 switch (cache) { 4784 case PTE_NOCACHE: 4785 default: 4786 fl = 0; 4787 break; 4788 4789 case PTE_CACHE: 4790 fl = pte_l2_s_cache_mode; 4791 break; 4792 4793 case PTE_PAGETABLE: 4794 fl = pte_l2_s_cache_mode_pt; 4795 break; 4796 } 4797 4798 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C) 4799 panic("pmap_map_entry: no L2 table for VA 0x%08x", va); 4800 4801 pte = (pt_entry_t *) kernel_pt_lookup(pde[L1_IDX(va)] & L1_C_ADDR_MASK); 4802 4803 if (pte == NULL) 4804 panic("pmap_map_entry: can't find L2 table for VA 0x%08x", va); 4805 4806 pte[l2pte_index(va)] = 4807 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | fl; 4808 PTE_SYNC(&pte[l2pte_index(va)]); 4809} 4810 4811/* 4812 * pmap_map_chunk: 4813 * 4814 * Map a chunk of memory using the most efficient mappings 4815 * possible (section. large page, small page) into the 4816 * provided L1 and L2 tables at the specified virtual address. 4817 */ 4818vm_size_t 4819pmap_map_chunk(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, 4820 vm_size_t size, int prot, int cache) 4821{ 4822 pd_entry_t *pde = (pd_entry_t *) l1pt; 4823 pt_entry_t *pte, f1, f2s, f2l; 4824 vm_size_t resid; 4825 int i; 4826 4827 resid = (size + (PAGE_SIZE - 1)) & ~(PAGE_SIZE - 1); 4828 4829 if (l1pt == 0) 4830 panic("pmap_map_chunk: no L1 table provided"); 4831 4832#ifdef VERBOSE_INIT_ARM 4833 printf("pmap_map_chunk: pa=0x%x va=0x%x size=0x%x resid=0x%x " 4834 "prot=0x%x cache=%d\n", pa, va, size, resid, prot, cache); 4835#endif 4836 4837 switch (cache) { 4838 case PTE_NOCACHE: 4839 default: 4840 f1 = 0; 4841 f2l = 0; 4842 f2s = 0; 4843 break; 4844 4845 case PTE_CACHE: 4846 f1 = pte_l1_s_cache_mode; 4847 f2l = pte_l2_l_cache_mode; 4848 f2s = pte_l2_s_cache_mode; 4849 break; 4850 4851 case PTE_PAGETABLE: 4852 f1 = pte_l1_s_cache_mode_pt; 4853 f2l = pte_l2_l_cache_mode_pt; 4854 f2s = pte_l2_s_cache_mode_pt; 4855 break; 4856 } 4857 4858 size = resid; 4859 4860 while (resid > 0) { 4861 /* See if we can use a section mapping. */ 4862 if (L1_S_MAPPABLE_P(va, pa, resid)) { 4863#ifdef VERBOSE_INIT_ARM 4864 printf("S"); 4865#endif 4866 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa | 4867 L1_S_PROT(PTE_KERNEL, prot) | f1 | 4868 L1_S_DOM(PMAP_DOMAIN_KERNEL); 4869 PTE_SYNC(&pde[va >> L1_S_SHIFT]); 4870 va += L1_S_SIZE; 4871 pa += L1_S_SIZE; 4872 resid -= L1_S_SIZE; 4873 continue; 4874 } 4875 4876 /* 4877 * Ok, we're going to use an L2 table. Make sure 4878 * one is actually in the corresponding L1 slot 4879 * for the current VA. 4880 */ 4881 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C) 4882 panic("pmap_map_chunk: no L2 table for VA 0x%08x", va); 4883 4884 pte = (pt_entry_t *) kernel_pt_lookup( 4885 pde[L1_IDX(va)] & L1_C_ADDR_MASK); 4886 if (pte == NULL) 4887 panic("pmap_map_chunk: can't find L2 table for VA" 4888 "0x%08x", va); 4889 /* See if we can use a L2 large page mapping. */ 4890 if (L2_L_MAPPABLE_P(va, pa, resid)) { 4891#ifdef VERBOSE_INIT_ARM 4892 printf("L"); 4893#endif 4894 for (i = 0; i < 16; i++) { 4895 pte[l2pte_index(va) + i] = 4896 L2_L_PROTO | pa | 4897 L2_L_PROT(PTE_KERNEL, prot) | f2l; 4898 PTE_SYNC(&pte[l2pte_index(va) + i]); 4899 } 4900 va += L2_L_SIZE; 4901 pa += L2_L_SIZE; 4902 resid -= L2_L_SIZE; 4903 continue; 4904 } 4905 4906 /* Use a small page mapping. */ 4907#ifdef VERBOSE_INIT_ARM 4908 printf("P"); 4909#endif 4910 pte[l2pte_index(va)] = 4911 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | f2s; 4912 PTE_SYNC(&pte[l2pte_index(va)]); 4913 va += PAGE_SIZE; 4914 pa += PAGE_SIZE; 4915 resid -= PAGE_SIZE; 4916 } 4917#ifdef VERBOSE_INIT_ARM 4918 printf("\n"); 4919#endif 4920 return (size); 4921 4922} 4923 4924void 4925pmap_page_set_memattr(vm_page_t m, vm_memattr_t ma) 4926{ 4927 /* 4928 * Remember the memattr in a field that gets used to set the appropriate 4929 * bits in the PTEs as mappings are established. 4930 */ 4931 m->md.pv_memattr = ma; 4932 4933 /* 4934 * It appears that this function can only be called before any mappings 4935 * for the page are established on ARM. If this ever changes, this code 4936 * will need to walk the pv_list and make each of the existing mappings 4937 * uncacheable, being careful to sync caches and PTEs (and maybe 4938 * invalidate TLB?) for any current mapping it modifies. 4939 */ 4940 if (m->md.pv_kva != 0 || TAILQ_FIRST(&m->md.pv_list) != NULL) 4941 panic("Can't change memattr on page with existing mappings"); 4942} 4943 4944 4945