2 * Copyright (c) 1991 Regents of the University of California.
4 * Copyright (c) 1994 John S. Dyson
6 * Copyright (c) 1994 David Greenman
8 * Copyright (c) 2003 Peter Wemm
10 * Copyright (c) 2005-2010 Alan L. Cox <alc@cs.rice.edu>
11 * All rights reserved.
12 * Copyright (c) 2014 Andrew Turner
13 * All rights reserved.
14 * Copyright (c) 2014-2016 The FreeBSD Foundation
15 * All rights reserved.
17 * This code is derived from software contributed to Berkeley by
18 * the Systems Programming Group of the University of Utah Computer
19 * Science Department and William Jolitz of UUNET Technologies Inc.
21 * This software was developed by Andrew Turner under sponsorship from
22 * the FreeBSD Foundation.
24 * Redistribution and use in source and binary forms, with or without
25 * modification, are permitted provided that the following conditions
27 * 1. Redistributions of source code must retain the above copyright
28 * notice, this list of conditions and the following disclaimer.
29 * 2. Redistributions in binary form must reproduce the above copyright
30 * notice, this list of conditions and the following disclaimer in the
31 * documentation and/or other materials provided with the distribution.
32 * 3. All advertising materials mentioning features or use of this software
33 * must display the following acknowledgement:
34 * This product includes software developed by the University of
35 * California, Berkeley and its contributors.
36 * 4. Neither the name of the University nor the names of its contributors
37 * may be used to endorse or promote products derived from this software
38 * without specific prior written permission.
40 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * from: @(#)pmap.c 7.7 (Berkeley) 5/12/91
55 * Copyright (c) 2003 Networks Associates Technology, Inc.
56 * All rights reserved.
58 * This software was developed for the FreeBSD Project by Jake Burkholder,
59 * Safeport Network Services, and Network Associates Laboratories, the
60 * Security Research Division of Network Associates, Inc. under
61 * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
62 * CHATS research program.
64 * Redistribution and use in source and binary forms, with or without
65 * modification, are permitted provided that the following conditions
67 * 1. Redistributions of source code must retain the above copyright
68 * notice, this list of conditions and the following disclaimer.
69 * 2. Redistributions in binary form must reproduce the above copyright
70 * notice, this list of conditions and the following disclaimer in the
71 * documentation and/or other materials provided with the distribution.
73 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
74 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
75 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
76 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
77 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
78 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
79 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
80 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
81 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
82 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
86 #include <sys/cdefs.h>
87 __FBSDID("$FreeBSD$");
90 * Manages physical address maps.
92 * Since the information managed by this module is
93 * also stored by the logical address mapping module,
94 * this module may throw away valid virtual-to-physical
95 * mappings at almost any time. However, invalidations
96 * of virtual-to-physical mappings must be done as
99 * In order to cope with hardware architectures which
100 * make virtual-to-physical map invalidates expensive,
101 * this module may delay invalidate or reduced protection
102 * operations until such time as they are actually
103 * necessary. This module is given full information as
104 * to which processors are currently using which maps,
105 * and to when physical maps must be made correct.
108 #include <sys/param.h>
110 #include <sys/systm.h>
111 #include <sys/kernel.h>
113 #include <sys/lock.h>
114 #include <sys/malloc.h>
115 #include <sys/mman.h>
116 #include <sys/msgbuf.h>
117 #include <sys/mutex.h>
118 #include <sys/proc.h>
119 #include <sys/rwlock.h>
121 #include <sys/vmem.h>
122 #include <sys/vmmeter.h>
123 #include <sys/sched.h>
124 #include <sys/sysctl.h>
125 #include <sys/_unrhdr.h>
129 #include <vm/vm_param.h>
130 #include <vm/vm_kern.h>
131 #include <vm/vm_page.h>
132 #include <vm/vm_map.h>
133 #include <vm/vm_object.h>
134 #include <vm/vm_extern.h>
135 #include <vm/vm_pageout.h>
136 #include <vm/vm_pager.h>
137 #include <vm/vm_radix.h>
138 #include <vm/vm_reserv.h>
141 #include <machine/machdep.h>
142 #include <machine/md_var.h>
143 #include <machine/pcb.h>
145 #define NL0PG (PAGE_SIZE/(sizeof (pd_entry_t)))
146 #define NL1PG (PAGE_SIZE/(sizeof (pd_entry_t)))
147 #define NL2PG (PAGE_SIZE/(sizeof (pd_entry_t)))
148 #define NL3PG (PAGE_SIZE/(sizeof (pt_entry_t)))
150 #define NUL0E L0_ENTRIES
151 #define NUL1E (NUL0E * NL1PG)
152 #define NUL2E (NUL1E * NL2PG)
154 #if !defined(DIAGNOSTIC)
155 #ifdef __GNUC_GNU_INLINE__
156 #define PMAP_INLINE __attribute__((__gnu_inline__)) inline
158 #define PMAP_INLINE extern inline
165 * These are configured by the mair_el1 register. This is set up in locore.S
167 #define DEVICE_MEMORY 0
168 #define UNCACHED_MEMORY 1
169 #define CACHED_MEMORY 2
173 #define PV_STAT(x) do { x ; } while (0)
175 #define PV_STAT(x) do { } while (0)
178 #define pmap_l2_pindex(v) ((v) >> L2_SHIFT)
180 #define NPV_LIST_LOCKS MAXCPU
182 #define PHYS_TO_PV_LIST_LOCK(pa) \
183 (&pv_list_locks[pa_index(pa) % NPV_LIST_LOCKS])
185 #define CHANGE_PV_LIST_LOCK_TO_PHYS(lockp, pa) do { \
186 struct rwlock **_lockp = (lockp); \
187 struct rwlock *_new_lock; \
189 _new_lock = PHYS_TO_PV_LIST_LOCK(pa); \
190 if (_new_lock != *_lockp) { \
191 if (*_lockp != NULL) \
192 rw_wunlock(*_lockp); \
193 *_lockp = _new_lock; \
198 #define CHANGE_PV_LIST_LOCK_TO_VM_PAGE(lockp, m) \
199 CHANGE_PV_LIST_LOCK_TO_PHYS(lockp, VM_PAGE_TO_PHYS(m))
201 #define RELEASE_PV_LIST_LOCK(lockp) do { \
202 struct rwlock **_lockp = (lockp); \
204 if (*_lockp != NULL) { \
205 rw_wunlock(*_lockp); \
210 #define VM_PAGE_TO_PV_LIST_LOCK(m) \
211 PHYS_TO_PV_LIST_LOCK(VM_PAGE_TO_PHYS(m))
213 struct pmap kernel_pmap_store;
215 vm_offset_t virtual_avail; /* VA of first avail page (after kernel bss) */
216 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
217 vm_offset_t kernel_vm_end = 0;
219 struct msgbuf *msgbufp = NULL;
221 static struct rwlock_padalign pvh_global_lock;
223 vm_paddr_t dmap_phys_base; /* The start of the dmap region */
224 vm_paddr_t dmap_phys_max; /* The limit of the dmap region */
225 vm_offset_t dmap_max_addr; /* The virtual address limit of the dmap */
227 /* This code assumes all L1 DMAP entries will be used */
228 CTASSERT((DMAP_MIN_ADDRESS & ~L0_OFFSET) == DMAP_MIN_ADDRESS);
229 CTASSERT((DMAP_MAX_ADDRESS & ~L0_OFFSET) == DMAP_MAX_ADDRESS);
231 #define DMAP_TABLES ((DMAP_MAX_ADDRESS - DMAP_MIN_ADDRESS) >> L0_SHIFT)
232 extern pt_entry_t pagetable_dmap[];
235 * Data for the pv entry allocation mechanism
237 static TAILQ_HEAD(pch, pv_chunk) pv_chunks = TAILQ_HEAD_INITIALIZER(pv_chunks);
238 static struct mtx pv_chunks_mutex;
239 static struct rwlock pv_list_locks[NPV_LIST_LOCKS];
241 static void free_pv_chunk(struct pv_chunk *pc);
242 static void free_pv_entry(pmap_t pmap, pv_entry_t pv);
243 static pv_entry_t get_pv_entry(pmap_t pmap, struct rwlock **lockp);
244 static vm_page_t reclaim_pv_chunk(pmap_t locked_pmap, struct rwlock **lockp);
245 static void pmap_pvh_free(struct md_page *pvh, pmap_t pmap, vm_offset_t va);
246 static pv_entry_t pmap_pvh_remove(struct md_page *pvh, pmap_t pmap,
248 static vm_page_t pmap_enter_quick_locked(pmap_t pmap, vm_offset_t va,
249 vm_page_t m, vm_prot_t prot, vm_page_t mpte, struct rwlock **lockp);
250 static int pmap_remove_l3(pmap_t pmap, pt_entry_t *l3, vm_offset_t sva,
251 pd_entry_t ptepde, struct spglist *free, struct rwlock **lockp);
252 static boolean_t pmap_try_insert_pv_entry(pmap_t pmap, vm_offset_t va,
253 vm_page_t m, struct rwlock **lockp);
255 static vm_page_t _pmap_alloc_l3(pmap_t pmap, vm_pindex_t ptepindex,
256 struct rwlock **lockp);
258 static void _pmap_unwire_l3(pmap_t pmap, vm_offset_t va, vm_page_t m,
259 struct spglist *free);
260 static int pmap_unuse_l3(pmap_t, vm_offset_t, pd_entry_t, struct spglist *);
263 * These load the old table data and store the new value.
264 * They need to be atomic as the System MMU may write to the table at
265 * the same time as the CPU.
267 #define pmap_load_store(table, entry) atomic_swap_64(table, entry)
268 #define pmap_set(table, mask) atomic_set_64(table, mask)
269 #define pmap_load_clear(table) atomic_swap_64(table, 0)
270 #define pmap_load(table) (*table)
272 /********************/
273 /* Inline functions */
274 /********************/
277 pagecopy(void *s, void *d)
280 memcpy(d, s, PAGE_SIZE);
283 #define pmap_l0_index(va) (((va) >> L0_SHIFT) & L0_ADDR_MASK)
284 #define pmap_l1_index(va) (((va) >> L1_SHIFT) & Ln_ADDR_MASK)
285 #define pmap_l2_index(va) (((va) >> L2_SHIFT) & Ln_ADDR_MASK)
286 #define pmap_l3_index(va) (((va) >> L3_SHIFT) & Ln_ADDR_MASK)
288 static __inline pd_entry_t *
289 pmap_l0(pmap_t pmap, vm_offset_t va)
292 return (&pmap->pm_l0[pmap_l0_index(va)]);
295 static __inline pd_entry_t *
296 pmap_l0_to_l1(pd_entry_t *l0, vm_offset_t va)
300 l1 = (pd_entry_t *)PHYS_TO_DMAP(pmap_load(l0) & ~ATTR_MASK);
301 return (&l1[pmap_l1_index(va)]);
304 static __inline pd_entry_t *
305 pmap_l1(pmap_t pmap, vm_offset_t va)
309 l0 = pmap_l0(pmap, va);
310 if ((pmap_load(l0) & ATTR_DESCR_MASK) != L0_TABLE)
313 return (pmap_l0_to_l1(l0, va));
316 static __inline pd_entry_t *
317 pmap_l1_to_l2(pd_entry_t *l1, vm_offset_t va)
321 l2 = (pd_entry_t *)PHYS_TO_DMAP(pmap_load(l1) & ~ATTR_MASK);
322 return (&l2[pmap_l2_index(va)]);
325 static __inline pd_entry_t *
326 pmap_l2(pmap_t pmap, vm_offset_t va)
330 l1 = pmap_l1(pmap, va);
331 if ((pmap_load(l1) & ATTR_DESCR_MASK) != L1_TABLE)
334 return (pmap_l1_to_l2(l1, va));
337 static __inline pt_entry_t *
338 pmap_l2_to_l3(pd_entry_t *l2, vm_offset_t va)
342 l3 = (pd_entry_t *)PHYS_TO_DMAP(pmap_load(l2) & ~ATTR_MASK);
343 return (&l3[pmap_l3_index(va)]);
347 * Returns the lowest valid pde for a given virtual address.
348 * The next level may or may not point to a valid page or block.
350 static __inline pd_entry_t *
351 pmap_pde(pmap_t pmap, vm_offset_t va, int *level)
353 pd_entry_t *l0, *l1, *l2, desc;
355 l0 = pmap_l0(pmap, va);
356 desc = pmap_load(l0) & ATTR_DESCR_MASK;
357 if (desc != L0_TABLE) {
362 l1 = pmap_l0_to_l1(l0, va);
363 desc = pmap_load(l1) & ATTR_DESCR_MASK;
364 if (desc != L1_TABLE) {
369 l2 = pmap_l1_to_l2(l1, va);
370 desc = pmap_load(l2) & ATTR_DESCR_MASK;
371 if (desc != L2_TABLE) {
381 * Returns the lowest valid pte block or table entry for a given virtual
382 * address. If there are no valid entries return NULL and set the level to
383 * the first invalid level.
385 static __inline pt_entry_t *
386 pmap_pte(pmap_t pmap, vm_offset_t va, int *level)
388 pd_entry_t *l1, *l2, desc;
391 l1 = pmap_l1(pmap, va);
396 desc = pmap_load(l1) & ATTR_DESCR_MASK;
397 if (desc == L1_BLOCK) {
402 if (desc != L1_TABLE) {
407 l2 = pmap_l1_to_l2(l1, va);
408 desc = pmap_load(l2) & ATTR_DESCR_MASK;
409 if (desc == L2_BLOCK) {
414 if (desc != L2_TABLE) {
420 l3 = pmap_l2_to_l3(l2, va);
421 if ((pmap_load(l3) & ATTR_DESCR_MASK) != L3_PAGE)
428 pmap_get_tables(pmap_t pmap, vm_offset_t va, pd_entry_t **l0, pd_entry_t **l1,
429 pd_entry_t **l2, pt_entry_t **l3)
431 pd_entry_t *l0p, *l1p, *l2p;
433 if (pmap->pm_l0 == NULL)
436 l0p = pmap_l0(pmap, va);
439 if ((pmap_load(l0p) & ATTR_DESCR_MASK) != L0_TABLE)
442 l1p = pmap_l0_to_l1(l0p, va);
445 if ((pmap_load(l1p) & ATTR_DESCR_MASK) == L1_BLOCK) {
451 if ((pmap_load(l1p) & ATTR_DESCR_MASK) != L1_TABLE)
454 l2p = pmap_l1_to_l2(l1p, va);
457 if ((pmap_load(l2p) & ATTR_DESCR_MASK) == L2_BLOCK) {
462 *l3 = pmap_l2_to_l3(l2p, va);
468 pmap_is_current(pmap_t pmap)
471 return ((pmap == pmap_kernel()) ||
472 (pmap == curthread->td_proc->p_vmspace->vm_map.pmap));
476 pmap_l3_valid(pt_entry_t l3)
479 return ((l3 & ATTR_DESCR_MASK) == L3_PAGE);
483 pmap_l3_valid_cacheable(pt_entry_t l3)
486 return (((l3 & ATTR_DESCR_MASK) == L3_PAGE) &&
487 ((l3 & ATTR_IDX_MASK) == ATTR_IDX(CACHED_MEMORY)));
490 #define PTE_SYNC(pte) cpu_dcache_wb_range((vm_offset_t)pte, sizeof(*pte))
493 * Checks if the page is dirty. We currently lack proper tracking of this on
494 * arm64 so for now assume is a page mapped as rw was accessed it is.
497 pmap_page_dirty(pt_entry_t pte)
500 return ((pte & (ATTR_AF | ATTR_AP_RW_BIT)) ==
501 (ATTR_AF | ATTR_AP(ATTR_AP_RW)));
505 pmap_resident_count_inc(pmap_t pmap, int count)
508 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
509 pmap->pm_stats.resident_count += count;
513 pmap_resident_count_dec(pmap_t pmap, int count)
516 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
517 KASSERT(pmap->pm_stats.resident_count >= count,
518 ("pmap %p resident count underflow %ld %d", pmap,
519 pmap->pm_stats.resident_count, count));
520 pmap->pm_stats.resident_count -= count;
524 pmap_early_page_idx(vm_offset_t l1pt, vm_offset_t va, u_int *l1_slot,
530 l1 = (pd_entry_t *)l1pt;
531 *l1_slot = (va >> L1_SHIFT) & Ln_ADDR_MASK;
533 /* Check locore has used a table L1 map */
534 KASSERT((l1[*l1_slot] & ATTR_DESCR_MASK) == L1_TABLE,
535 ("Invalid bootstrap L1 table"));
536 /* Find the address of the L2 table */
537 l2 = (pt_entry_t *)init_pt_va;
538 *l2_slot = pmap_l2_index(va);
544 pmap_early_vtophys(vm_offset_t l1pt, vm_offset_t va)
546 u_int l1_slot, l2_slot;
549 l2 = pmap_early_page_idx(l1pt, va, &l1_slot, &l2_slot);
551 return ((l2[l2_slot] & ~ATTR_MASK) + (va & L2_OFFSET));
555 pmap_bootstrap_dmap(vm_offset_t kern_l1, vm_paddr_t min_pa, vm_paddr_t max_pa)
561 pa = dmap_phys_base = min_pa & ~L1_OFFSET;
562 va = DMAP_MIN_ADDRESS;
563 for (; va < DMAP_MAX_ADDRESS && pa < max_pa;
564 pa += L1_SIZE, va += L1_SIZE, l1_slot++) {
565 l1_slot = ((va - DMAP_MIN_ADDRESS) >> L1_SHIFT);
567 pmap_load_store(&pagetable_dmap[l1_slot],
568 (pa & ~L1_OFFSET) | ATTR_DEFAULT |
569 ATTR_IDX(CACHED_MEMORY) | L1_BLOCK);
572 /* Set the upper limit of the DMAP region */
576 cpu_dcache_wb_range((vm_offset_t)pagetable_dmap,
577 PAGE_SIZE * DMAP_TABLES);
582 pmap_bootstrap_l2(vm_offset_t l1pt, vm_offset_t va, vm_offset_t l2_start)
589 KASSERT((va & L1_OFFSET) == 0, ("Invalid virtual address"));
591 l1 = (pd_entry_t *)l1pt;
592 l1_slot = pmap_l1_index(va);
595 for (; va < VM_MAX_KERNEL_ADDRESS; l1_slot++, va += L1_SIZE) {
596 KASSERT(l1_slot < Ln_ENTRIES, ("Invalid L1 index"));
598 pa = pmap_early_vtophys(l1pt, l2pt);
599 pmap_load_store(&l1[l1_slot],
600 (pa & ~Ln_TABLE_MASK) | L1_TABLE);
604 /* Clean the L2 page table */
605 memset((void *)l2_start, 0, l2pt - l2_start);
606 cpu_dcache_wb_range(l2_start, l2pt - l2_start);
608 /* Flush the l1 table to ram */
609 cpu_dcache_wb_range((vm_offset_t)l1, PAGE_SIZE);
615 pmap_bootstrap_l3(vm_offset_t l1pt, vm_offset_t va, vm_offset_t l3_start)
617 vm_offset_t l2pt, l3pt;
622 KASSERT((va & L2_OFFSET) == 0, ("Invalid virtual address"));
624 l2 = pmap_l2(kernel_pmap, va);
625 l2 = (pd_entry_t *)rounddown2((uintptr_t)l2, PAGE_SIZE);
626 l2pt = (vm_offset_t)l2;
627 l2_slot = pmap_l2_index(va);
630 for (; va < VM_MAX_KERNEL_ADDRESS; l2_slot++, va += L2_SIZE) {
631 KASSERT(l2_slot < Ln_ENTRIES, ("Invalid L2 index"));
633 pa = pmap_early_vtophys(l1pt, l3pt);
634 pmap_load_store(&l2[l2_slot],
635 (pa & ~Ln_TABLE_MASK) | L2_TABLE);
639 /* Clean the L2 page table */
640 memset((void *)l3_start, 0, l3pt - l3_start);
641 cpu_dcache_wb_range(l3_start, l3pt - l3_start);
643 cpu_dcache_wb_range((vm_offset_t)l2, PAGE_SIZE);
649 * Bootstrap the system enough to run with virtual memory.
652 pmap_bootstrap(vm_offset_t l0pt, vm_offset_t l1pt, vm_paddr_t kernstart,
655 u_int l1_slot, l2_slot, avail_slot, map_slot, used_map_slot;
658 vm_offset_t va, freemempos;
659 vm_offset_t dpcpu, msgbufpv;
660 vm_paddr_t pa, max_pa, min_pa;
663 kern_delta = KERNBASE - kernstart;
666 printf("pmap_bootstrap %lx %lx %lx\n", l1pt, kernstart, kernlen);
667 printf("%lx\n", l1pt);
668 printf("%lx\n", (KERNBASE >> L1_SHIFT) & Ln_ADDR_MASK);
670 /* Set this early so we can use the pagetable walking functions */
671 kernel_pmap_store.pm_l0 = (pd_entry_t *)l0pt;
672 PMAP_LOCK_INIT(kernel_pmap);
675 * Initialize the global pv list lock.
677 rw_init(&pvh_global_lock, "pmap pv global");
679 /* Assume the address we were loaded to is a valid physical address */
680 min_pa = max_pa = KERNBASE - kern_delta;
683 * Find the minimum physical address. physmap is sorted,
684 * but may contain empty ranges.
686 for (i = 0; i < (physmap_idx * 2); i += 2) {
687 if (physmap[i] == physmap[i + 1])
689 if (physmap[i] <= min_pa)
691 if (physmap[i + 1] > max_pa)
692 max_pa = physmap[i + 1];
695 /* Create a direct map region early so we can use it for pa -> va */
696 pmap_bootstrap_dmap(l1pt, min_pa, max_pa);
699 pa = KERNBASE - kern_delta;
702 * Start to initialise phys_avail by copying from physmap
703 * up to the physical address KERNBASE points at.
705 map_slot = avail_slot = 0;
706 for (; map_slot < (physmap_idx * 2) &&
707 avail_slot < (PHYS_AVAIL_SIZE - 2); map_slot += 2) {
708 if (physmap[map_slot] == physmap[map_slot + 1])
711 if (physmap[map_slot] <= pa &&
712 physmap[map_slot + 1] > pa)
715 phys_avail[avail_slot] = physmap[map_slot];
716 phys_avail[avail_slot + 1] = physmap[map_slot + 1];
717 physmem += (phys_avail[avail_slot + 1] -
718 phys_avail[avail_slot]) >> PAGE_SHIFT;
722 /* Add the memory before the kernel */
723 if (physmap[avail_slot] < pa && avail_slot < (PHYS_AVAIL_SIZE - 2)) {
724 phys_avail[avail_slot] = physmap[map_slot];
725 phys_avail[avail_slot + 1] = pa;
726 physmem += (phys_avail[avail_slot + 1] -
727 phys_avail[avail_slot]) >> PAGE_SHIFT;
730 used_map_slot = map_slot;
733 * Read the page table to find out what is already mapped.
734 * This assumes we have mapped a block of memory from KERNBASE
735 * using a single L1 entry.
737 l2 = pmap_early_page_idx(l1pt, KERNBASE, &l1_slot, &l2_slot);
739 /* Sanity check the index, KERNBASE should be the first VA */
740 KASSERT(l2_slot == 0, ("The L2 index is non-zero"));
742 /* Find how many pages we have mapped */
743 for (; l2_slot < Ln_ENTRIES; l2_slot++) {
744 if ((l2[l2_slot] & ATTR_DESCR_MASK) == 0)
747 /* Check locore used L2 blocks */
748 KASSERT((l2[l2_slot] & ATTR_DESCR_MASK) == L2_BLOCK,
749 ("Invalid bootstrap L2 table"));
750 KASSERT((l2[l2_slot] & ~ATTR_MASK) == pa,
751 ("Incorrect PA in L2 table"));
757 va = roundup2(va, L1_SIZE);
759 freemempos = KERNBASE + kernlen;
760 freemempos = roundup2(freemempos, PAGE_SIZE);
761 /* Create the l2 tables up to VM_MAX_KERNEL_ADDRESS */
762 freemempos = pmap_bootstrap_l2(l1pt, va, freemempos);
763 /* And the l3 tables for the early devmap */
764 freemempos = pmap_bootstrap_l3(l1pt,
765 VM_MAX_KERNEL_ADDRESS - L2_SIZE, freemempos);
769 #define alloc_pages(var, np) \
770 (var) = freemempos; \
771 freemempos += (np * PAGE_SIZE); \
772 memset((char *)(var), 0, ((np) * PAGE_SIZE));
774 /* Allocate dynamic per-cpu area. */
775 alloc_pages(dpcpu, DPCPU_SIZE / PAGE_SIZE);
776 dpcpu_init((void *)dpcpu, 0);
778 /* Allocate memory for the msgbuf, e.g. for /sbin/dmesg */
779 alloc_pages(msgbufpv, round_page(msgbufsize) / PAGE_SIZE);
780 msgbufp = (void *)msgbufpv;
782 virtual_avail = roundup2(freemempos, L1_SIZE);
783 virtual_end = VM_MAX_KERNEL_ADDRESS - L2_SIZE;
784 kernel_vm_end = virtual_avail;
786 pa = pmap_early_vtophys(l1pt, freemempos);
788 /* Finish initialising physmap */
789 map_slot = used_map_slot;
790 for (; avail_slot < (PHYS_AVAIL_SIZE - 2) &&
791 map_slot < (physmap_idx * 2); map_slot += 2) {
792 if (physmap[map_slot] == physmap[map_slot + 1])
795 /* Have we used the current range? */
796 if (physmap[map_slot + 1] <= pa)
799 /* Do we need to split the entry? */
800 if (physmap[map_slot] < pa) {
801 phys_avail[avail_slot] = pa;
802 phys_avail[avail_slot + 1] = physmap[map_slot + 1];
804 phys_avail[avail_slot] = physmap[map_slot];
805 phys_avail[avail_slot + 1] = physmap[map_slot + 1];
807 physmem += (phys_avail[avail_slot + 1] -
808 phys_avail[avail_slot]) >> PAGE_SHIFT;
812 phys_avail[avail_slot] = 0;
813 phys_avail[avail_slot + 1] = 0;
816 * Maxmem isn't the "maximum memory", it's one larger than the
817 * highest page of the physical address space. It should be
818 * called something like "Maxphyspage".
820 Maxmem = atop(phys_avail[avail_slot - 1]);
826 * Initialize a vm_page's machine-dependent fields.
829 pmap_page_init(vm_page_t m)
832 TAILQ_INIT(&m->md.pv_list);
833 m->md.pv_memattr = VM_MEMATTR_WRITE_BACK;
837 * Initialize the pmap module.
838 * Called by vm_init, to initialize any structures that the pmap
839 * system needs to map virtual memory.
847 * Initialize the pv chunk list mutex.
849 mtx_init(&pv_chunks_mutex, "pmap pv chunk list", NULL, MTX_DEF);
852 * Initialize the pool of pv list locks.
854 for (i = 0; i < NPV_LIST_LOCKS; i++)
855 rw_init(&pv_list_locks[i], "pmap pv list");
859 * Normal, non-SMP, invalidation functions.
860 * We inline these within pmap.c for speed.
863 pmap_invalidate_page(pmap_t pmap, vm_offset_t va)
869 "tlbi vaae1is, %0 \n"
872 : : "r"(va >> PAGE_SHIFT));
877 pmap_invalidate_range(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
882 __asm __volatile("dsb sy");
883 for (addr = sva; addr < eva; addr += PAGE_SIZE) {
885 "tlbi vaae1is, %0" : : "r"(addr >> PAGE_SHIFT));
894 pmap_invalidate_all(pmap_t pmap)
907 * Routine: pmap_extract
909 * Extract the physical page address associated
910 * with the given map/virtual_address pair.
913 pmap_extract(pmap_t pmap, vm_offset_t va)
915 pt_entry_t *pte, tpte;
922 * Find the block or page map for this virtual address. pmap_pte
923 * will return either a valid block/page entry, or NULL.
925 pte = pmap_pte(pmap, va, &lvl);
927 tpte = pmap_load(pte);
928 pa = tpte & ~ATTR_MASK;
931 KASSERT((tpte & ATTR_DESCR_MASK) == L1_BLOCK,
932 ("pmap_extract: Invalid L1 pte found: %lx",
933 tpte & ATTR_DESCR_MASK));
934 pa |= (va & L1_OFFSET);
937 KASSERT((tpte & ATTR_DESCR_MASK) == L2_BLOCK,
938 ("pmap_extract: Invalid L2 pte found: %lx",
939 tpte & ATTR_DESCR_MASK));
940 pa |= (va & L2_OFFSET);
943 KASSERT((tpte & ATTR_DESCR_MASK) == L3_PAGE,
944 ("pmap_extract: Invalid L3 pte found: %lx",
945 tpte & ATTR_DESCR_MASK));
946 pa |= (va & L3_OFFSET);
955 * Routine: pmap_extract_and_hold
957 * Atomically extract and hold the physical page
958 * with the given pmap and virtual address pair
959 * if that mapping permits the given protection.
962 pmap_extract_and_hold(pmap_t pmap, vm_offset_t va, vm_prot_t prot)
964 pt_entry_t *pte, tpte;
973 pte = pmap_pte(pmap, va, &lvl);
975 tpte = pmap_load(pte);
977 KASSERT(lvl > 0 && lvl <= 3,
978 ("pmap_extract_and_hold: Invalid level %d", lvl));
979 CTASSERT(L1_BLOCK == L2_BLOCK);
980 KASSERT((lvl == 3 && (tpte & ATTR_DESCR_MASK) == L3_PAGE) ||
981 (lvl < 3 && (tpte & ATTR_DESCR_MASK) == L1_BLOCK),
982 ("pmap_extract_and_hold: Invalid pte at L%d: %lx", lvl,
983 tpte & ATTR_DESCR_MASK));
984 if (((tpte & ATTR_AP_RW_BIT) == ATTR_AP(ATTR_AP_RW)) ||
985 ((prot & VM_PROT_WRITE) == 0)) {
986 if (vm_page_pa_tryrelock(pmap, tpte & ~ATTR_MASK, &pa))
988 m = PHYS_TO_VM_PAGE(tpte & ~ATTR_MASK);
998 pmap_kextract(vm_offset_t va)
1000 pt_entry_t *pte, tpte;
1004 if (va >= DMAP_MIN_ADDRESS && va < DMAP_MAX_ADDRESS) {
1005 pa = DMAP_TO_PHYS(va);
1008 pte = pmap_pte(kernel_pmap, va, &lvl);
1010 tpte = pmap_load(pte);
1011 pa = tpte & ~ATTR_MASK;
1014 KASSERT((tpte & ATTR_DESCR_MASK) == L1_BLOCK,
1015 ("pmap_kextract: Invalid L1 pte found: %lx",
1016 tpte & ATTR_DESCR_MASK));
1017 pa |= (va & L1_OFFSET);
1020 KASSERT((tpte & ATTR_DESCR_MASK) == L2_BLOCK,
1021 ("pmap_kextract: Invalid L2 pte found: %lx",
1022 tpte & ATTR_DESCR_MASK));
1023 pa |= (va & L2_OFFSET);
1026 KASSERT((tpte & ATTR_DESCR_MASK) == L3_PAGE,
1027 ("pmap_kextract: Invalid L3 pte found: %lx",
1028 tpte & ATTR_DESCR_MASK));
1029 pa |= (va & L3_OFFSET);
1037 /***************************************************
1038 * Low level mapping routines.....
1039 ***************************************************/
1042 pmap_kenter_device(vm_offset_t sva, vm_size_t size, vm_paddr_t pa)
1049 KASSERT((pa & L3_OFFSET) == 0,
1050 ("pmap_kenter_device: Invalid physical address"));
1051 KASSERT((sva & L3_OFFSET) == 0,
1052 ("pmap_kenter_device: Invalid virtual address"));
1053 KASSERT((size & PAGE_MASK) == 0,
1054 ("pmap_kenter_device: Mapping is not page-sized"));
1058 pde = pmap_pde(kernel_pmap, va, &lvl);
1059 KASSERT(pde != NULL,
1060 ("pmap_kenter_device: Invalid page entry, va: 0x%lx", va));
1062 ("pmap_kenter_device: Invalid level %d", lvl));
1064 pte = pmap_l2_to_l3(pde, va);
1065 pmap_load_store(pte, (pa & ~L3_OFFSET) | ATTR_DEFAULT |
1066 ATTR_IDX(DEVICE_MEMORY) | L3_PAGE);
1073 pmap_invalidate_range(kernel_pmap, sva, va);
1077 * Remove a page from the kernel pagetables.
1080 pmap_kremove(vm_offset_t va)
1085 pte = pmap_pte(kernel_pmap, va, &lvl);
1086 KASSERT(pte != NULL, ("pmap_kremove: Invalid address"));
1087 KASSERT(lvl == 3, ("pmap_kremove: Invalid pte level %d", lvl));
1089 if (pmap_l3_valid_cacheable(pmap_load(pte)))
1090 cpu_dcache_wb_range(va, L3_SIZE);
1091 pmap_load_clear(pte);
1093 pmap_invalidate_page(kernel_pmap, va);
1097 pmap_kremove_device(vm_offset_t sva, vm_size_t size)
1103 KASSERT((sva & L3_OFFSET) == 0,
1104 ("pmap_kremove_device: Invalid virtual address"));
1105 KASSERT((size & PAGE_MASK) == 0,
1106 ("pmap_kremove_device: Mapping is not page-sized"));
1110 pte = pmap_pte(kernel_pmap, va, &lvl);
1111 KASSERT(pte != NULL, ("Invalid page table, va: 0x%lx", va));
1113 ("Invalid device pagetable level: %d != 3", lvl));
1114 pmap_load_clear(pte);
1120 pmap_invalidate_range(kernel_pmap, sva, va);
1124 * Used to map a range of physical addresses into kernel
1125 * virtual address space.
1127 * The value passed in '*virt' is a suggested virtual address for
1128 * the mapping. Architectures which can support a direct-mapped
1129 * physical to virtual region can return the appropriate address
1130 * within that region, leaving '*virt' unchanged. Other
1131 * architectures should map the pages starting at '*virt' and
1132 * update '*virt' with the first usable address after the mapped
1136 pmap_map(vm_offset_t *virt, vm_paddr_t start, vm_paddr_t end, int prot)
1138 return PHYS_TO_DMAP(start);
1143 * Add a list of wired pages to the kva
1144 * this routine is only used for temporary
1145 * kernel mappings that do not need to have
1146 * page modification or references recorded.
1147 * Note that old mappings are simply written
1148 * over. The page *must* be wired.
1149 * Note: SMP coherent. Uses a ranged shootdown IPI.
1152 pmap_qenter(vm_offset_t sva, vm_page_t *ma, int count)
1155 pt_entry_t *pte, pa;
1161 for (i = 0; i < count; i++) {
1162 pde = pmap_pde(kernel_pmap, va, &lvl);
1163 KASSERT(pde != NULL,
1164 ("pmap_qenter: Invalid page entry, va: 0x%lx", va));
1166 ("pmap_qenter: Invalid level %d", lvl));
1169 pa = VM_PAGE_TO_PHYS(m) | ATTR_DEFAULT | ATTR_AP(ATTR_AP_RW) |
1170 ATTR_IDX(m->md.pv_memattr) | L3_PAGE;
1171 pte = pmap_l2_to_l3(pde, va);
1172 pmap_load_store(pte, pa);
1177 pmap_invalidate_range(kernel_pmap, sva, va);
1181 * This routine tears out page mappings from the
1182 * kernel -- it is meant only for temporary mappings.
1185 pmap_qremove(vm_offset_t sva, int count)
1191 KASSERT(sva >= VM_MIN_KERNEL_ADDRESS, ("usermode va %lx", sva));
1194 while (count-- > 0) {
1195 pte = pmap_pte(kernel_pmap, va, &lvl);
1197 ("Invalid device pagetable level: %d != 3", lvl));
1199 if (pmap_l3_valid_cacheable(pmap_load(pte)))
1200 cpu_dcache_wb_range(va, L3_SIZE);
1201 pmap_load_clear(pte);
1207 pmap_invalidate_range(kernel_pmap, sva, va);
1210 /***************************************************
1211 * Page table page management routines.....
1212 ***************************************************/
1213 static __inline void
1214 pmap_free_zero_pages(struct spglist *free)
1218 while ((m = SLIST_FIRST(free)) != NULL) {
1219 SLIST_REMOVE_HEAD(free, plinks.s.ss);
1220 /* Preserve the page's PG_ZERO setting. */
1221 vm_page_free_toq(m);
1226 * Schedule the specified unused page table page to be freed. Specifically,
1227 * add the page to the specified list of pages that will be released to the
1228 * physical memory manager after the TLB has been updated.
1230 static __inline void
1231 pmap_add_delayed_free_list(vm_page_t m, struct spglist *free,
1232 boolean_t set_PG_ZERO)
1236 m->flags |= PG_ZERO;
1238 m->flags &= ~PG_ZERO;
1239 SLIST_INSERT_HEAD(free, m, plinks.s.ss);
1243 * Decrements a page table page's wire count, which is used to record the
1244 * number of valid page table entries within the page. If the wire count
1245 * drops to zero, then the page table page is unmapped. Returns TRUE if the
1246 * page table page was unmapped and FALSE otherwise.
1248 static inline boolean_t
1249 pmap_unwire_l3(pmap_t pmap, vm_offset_t va, vm_page_t m, struct spglist *free)
1253 if (m->wire_count == 0) {
1254 _pmap_unwire_l3(pmap, va, m, free);
1261 _pmap_unwire_l3(pmap_t pmap, vm_offset_t va, vm_page_t m, struct spglist *free)
1264 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1266 * unmap the page table page
1268 if (m->pindex >= (NUL2E + NUL1E)) {
1272 l0 = pmap_l0(pmap, va);
1273 pmap_load_clear(l0);
1275 } else if (m->pindex >= NUL2E) {
1279 l1 = pmap_l1(pmap, va);
1280 pmap_load_clear(l1);
1286 l2 = pmap_l2(pmap, va);
1287 pmap_load_clear(l2);
1290 pmap_resident_count_dec(pmap, 1);
1291 if (m->pindex < NUL2E) {
1292 /* We just released an l3, unhold the matching l2 */
1293 pd_entry_t *l1, tl1;
1296 l1 = pmap_l1(pmap, va);
1297 tl1 = pmap_load(l1);
1298 l2pg = PHYS_TO_VM_PAGE(tl1 & ~ATTR_MASK);
1299 pmap_unwire_l3(pmap, va, l2pg, free);
1300 } else if (m->pindex < (NUL2E + NUL1E)) {
1301 /* We just released an l2, unhold the matching l1 */
1302 pd_entry_t *l0, tl0;
1305 l0 = pmap_l0(pmap, va);
1306 tl0 = pmap_load(l0);
1307 l1pg = PHYS_TO_VM_PAGE(tl0 & ~ATTR_MASK);
1308 pmap_unwire_l3(pmap, va, l1pg, free);
1310 pmap_invalidate_page(pmap, va);
1313 * This is a release store so that the ordinary store unmapping
1314 * the page table page is globally performed before TLB shoot-
1317 atomic_subtract_rel_int(&vm_cnt.v_wire_count, 1);
1320 * Put page on a list so that it is released after
1321 * *ALL* TLB shootdown is done
1323 pmap_add_delayed_free_list(m, free, TRUE);
1327 * After removing an l3 entry, this routine is used to
1328 * conditionally free the page, and manage the hold/wire counts.
1331 pmap_unuse_l3(pmap_t pmap, vm_offset_t va, pd_entry_t ptepde,
1332 struct spglist *free)
1336 if (va >= VM_MAXUSER_ADDRESS)
1338 KASSERT(ptepde != 0, ("pmap_unuse_pt: ptepde != 0"));
1339 mpte = PHYS_TO_VM_PAGE(ptepde & ~ATTR_MASK);
1340 return (pmap_unwire_l3(pmap, va, mpte, free));
1344 pmap_pinit0(pmap_t pmap)
1347 PMAP_LOCK_INIT(pmap);
1348 bzero(&pmap->pm_stats, sizeof(pmap->pm_stats));
1349 pmap->pm_l0 = kernel_pmap->pm_l0;
1353 pmap_pinit(pmap_t pmap)
1359 * allocate the l0 page
1361 while ((l0pt = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL |
1362 VM_ALLOC_NOOBJ | VM_ALLOC_WIRED | VM_ALLOC_ZERO)) == NULL)
1365 l0phys = VM_PAGE_TO_PHYS(l0pt);
1366 pmap->pm_l0 = (pd_entry_t *)PHYS_TO_DMAP(l0phys);
1368 if ((l0pt->flags & PG_ZERO) == 0)
1369 pagezero(pmap->pm_l0);
1371 bzero(&pmap->pm_stats, sizeof(pmap->pm_stats));
1377 * This routine is called if the desired page table page does not exist.
1379 * If page table page allocation fails, this routine may sleep before
1380 * returning NULL. It sleeps only if a lock pointer was given.
1382 * Note: If a page allocation fails at page table level two or three,
1383 * one or two pages may be held during the wait, only to be released
1384 * afterwards. This conservative approach is easily argued to avoid
1388 _pmap_alloc_l3(pmap_t pmap, vm_pindex_t ptepindex, struct rwlock **lockp)
1390 vm_page_t m, l1pg, l2pg;
1392 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1395 * Allocate a page table page.
1397 if ((m = vm_page_alloc(NULL, ptepindex, VM_ALLOC_NOOBJ |
1398 VM_ALLOC_WIRED | VM_ALLOC_ZERO)) == NULL) {
1399 if (lockp != NULL) {
1400 RELEASE_PV_LIST_LOCK(lockp);
1402 rw_runlock(&pvh_global_lock);
1404 rw_rlock(&pvh_global_lock);
1409 * Indicate the need to retry. While waiting, the page table
1410 * page may have been allocated.
1414 if ((m->flags & PG_ZERO) == 0)
1418 * Map the pagetable page into the process address space, if
1419 * it isn't already there.
1422 if (ptepindex >= (NUL2E + NUL1E)) {
1424 vm_pindex_t l0index;
1426 l0index = ptepindex - (NUL2E + NUL1E);
1427 l0 = &pmap->pm_l0[l0index];
1428 pmap_load_store(l0, VM_PAGE_TO_PHYS(m) | L0_TABLE);
1430 } else if (ptepindex >= NUL2E) {
1431 vm_pindex_t l0index, l1index;
1432 pd_entry_t *l0, *l1;
1435 l1index = ptepindex - NUL2E;
1436 l0index = l1index >> L0_ENTRIES_SHIFT;
1438 l0 = &pmap->pm_l0[l0index];
1439 tl0 = pmap_load(l0);
1441 /* recurse for allocating page dir */
1442 if (_pmap_alloc_l3(pmap, NUL2E + NUL1E + l0index,
1445 /* XXX: release mem barrier? */
1446 atomic_subtract_int(&vm_cnt.v_wire_count, 1);
1447 vm_page_free_zero(m);
1451 l1pg = PHYS_TO_VM_PAGE(tl0 & ~ATTR_MASK);
1455 l1 = (pd_entry_t *)PHYS_TO_DMAP(pmap_load(l0) & ~ATTR_MASK);
1456 l1 = &l1[ptepindex & Ln_ADDR_MASK];
1457 pmap_load_store(l1, VM_PAGE_TO_PHYS(m) | L1_TABLE);
1460 vm_pindex_t l0index, l1index;
1461 pd_entry_t *l0, *l1, *l2;
1462 pd_entry_t tl0, tl1;
1464 l1index = ptepindex >> Ln_ENTRIES_SHIFT;
1465 l0index = l1index >> L0_ENTRIES_SHIFT;
1467 l0 = &pmap->pm_l0[l0index];
1468 tl0 = pmap_load(l0);
1470 /* recurse for allocating page dir */
1471 if (_pmap_alloc_l3(pmap, NUL2E + l1index,
1474 atomic_subtract_int(&vm_cnt.v_wire_count, 1);
1475 vm_page_free_zero(m);
1478 tl0 = pmap_load(l0);
1479 l1 = (pd_entry_t *)PHYS_TO_DMAP(tl0 & ~ATTR_MASK);
1480 l1 = &l1[l1index & Ln_ADDR_MASK];
1482 l1 = (pd_entry_t *)PHYS_TO_DMAP(tl0 & ~ATTR_MASK);
1483 l1 = &l1[l1index & Ln_ADDR_MASK];
1484 tl1 = pmap_load(l1);
1486 /* recurse for allocating page dir */
1487 if (_pmap_alloc_l3(pmap, NUL2E + l1index,
1490 /* XXX: release mem barrier? */
1491 atomic_subtract_int(
1492 &vm_cnt.v_wire_count, 1);
1493 vm_page_free_zero(m);
1497 l2pg = PHYS_TO_VM_PAGE(tl1 & ~ATTR_MASK);
1502 l2 = (pd_entry_t *)PHYS_TO_DMAP(pmap_load(l1) & ~ATTR_MASK);
1503 l2 = &l2[ptepindex & Ln_ADDR_MASK];
1504 pmap_load_store(l2, VM_PAGE_TO_PHYS(m) | L2_TABLE);
1508 pmap_resident_count_inc(pmap, 1);
1514 pmap_alloc_l3(pmap_t pmap, vm_offset_t va, struct rwlock **lockp)
1516 vm_pindex_t ptepindex;
1517 pd_entry_t *pde, tpde;
1522 * Calculate pagetable page index
1524 ptepindex = pmap_l2_pindex(va);
1527 * Get the page directory entry
1529 pde = pmap_pde(pmap, va, &lvl);
1532 * If the page table page is mapped, we just increment the hold count,
1533 * and activate it. If we get a level 2 pde it will point to a level 3
1537 tpde = pmap_load(pde);
1539 m = PHYS_TO_VM_PAGE(tpde & ~ATTR_MASK);
1546 * Here if the pte page isn't mapped, or if it has been deallocated.
1548 m = _pmap_alloc_l3(pmap, ptepindex, lockp);
1549 if (m == NULL && lockp != NULL)
1556 /***************************************************
1557 * Pmap allocation/deallocation routines.
1558 ***************************************************/
1561 * Release any resources held by the given physical map.
1562 * Called when a pmap initialized by pmap_pinit is being released.
1563 * Should only be called if the map contains no valid mappings.
1566 pmap_release(pmap_t pmap)
1570 KASSERT(pmap->pm_stats.resident_count == 0,
1571 ("pmap_release: pmap resident count %ld != 0",
1572 pmap->pm_stats.resident_count));
1574 m = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pmap->pm_l0));
1577 atomic_subtract_int(&vm_cnt.v_wire_count, 1);
1578 vm_page_free_zero(m);
1583 kvm_size(SYSCTL_HANDLER_ARGS)
1585 unsigned long ksize = VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS;
1587 return sysctl_handle_long(oidp, &ksize, 0, req);
1589 SYSCTL_PROC(_vm, OID_AUTO, kvm_size, CTLTYPE_LONG|CTLFLAG_RD,
1590 0, 0, kvm_size, "LU", "Size of KVM");
1593 kvm_free(SYSCTL_HANDLER_ARGS)
1595 unsigned long kfree = VM_MAX_KERNEL_ADDRESS - kernel_vm_end;
1597 return sysctl_handle_long(oidp, &kfree, 0, req);
1599 SYSCTL_PROC(_vm, OID_AUTO, kvm_free, CTLTYPE_LONG|CTLFLAG_RD,
1600 0, 0, kvm_free, "LU", "Amount of KVM free");
1604 * grow the number of kernel page table entries, if needed
1607 pmap_growkernel(vm_offset_t addr)
1611 pd_entry_t *l0, *l1, *l2;
1613 mtx_assert(&kernel_map->system_mtx, MA_OWNED);
1615 addr = roundup2(addr, L2_SIZE);
1616 if (addr - 1 >= kernel_map->max_offset)
1617 addr = kernel_map->max_offset;
1618 while (kernel_vm_end < addr) {
1619 l0 = pmap_l0(kernel_pmap, kernel_vm_end);
1620 KASSERT(pmap_load(l0) != 0,
1621 ("pmap_growkernel: No level 0 kernel entry"));
1623 l1 = pmap_l0_to_l1(l0, kernel_vm_end);
1624 if (pmap_load(l1) == 0) {
1625 /* We need a new PDP entry */
1626 nkpg = vm_page_alloc(NULL, kernel_vm_end >> L1_SHIFT,
1627 VM_ALLOC_INTERRUPT | VM_ALLOC_NOOBJ |
1628 VM_ALLOC_WIRED | VM_ALLOC_ZERO);
1630 panic("pmap_growkernel: no memory to grow kernel");
1631 if ((nkpg->flags & PG_ZERO) == 0)
1632 pmap_zero_page(nkpg);
1633 paddr = VM_PAGE_TO_PHYS(nkpg);
1634 pmap_load_store(l1, paddr | L1_TABLE);
1636 continue; /* try again */
1638 l2 = pmap_l1_to_l2(l1, kernel_vm_end);
1639 if ((pmap_load(l2) & ATTR_AF) != 0) {
1640 kernel_vm_end = (kernel_vm_end + L2_SIZE) & ~L2_OFFSET;
1641 if (kernel_vm_end - 1 >= kernel_map->max_offset) {
1642 kernel_vm_end = kernel_map->max_offset;
1648 nkpg = vm_page_alloc(NULL, kernel_vm_end >> L2_SHIFT,
1649 VM_ALLOC_INTERRUPT | VM_ALLOC_NOOBJ | VM_ALLOC_WIRED |
1652 panic("pmap_growkernel: no memory to grow kernel");
1653 if ((nkpg->flags & PG_ZERO) == 0)
1654 pmap_zero_page(nkpg);
1655 paddr = VM_PAGE_TO_PHYS(nkpg);
1656 pmap_load_store(l2, paddr | L2_TABLE);
1658 pmap_invalidate_page(kernel_pmap, kernel_vm_end);
1660 kernel_vm_end = (kernel_vm_end + L2_SIZE) & ~L2_OFFSET;
1661 if (kernel_vm_end - 1 >= kernel_map->max_offset) {
1662 kernel_vm_end = kernel_map->max_offset;
1669 /***************************************************
1670 * page management routines.
1671 ***************************************************/
1673 CTASSERT(sizeof(struct pv_chunk) == PAGE_SIZE);
1674 CTASSERT(_NPCM == 3);
1675 CTASSERT(_NPCPV == 168);
1677 static __inline struct pv_chunk *
1678 pv_to_chunk(pv_entry_t pv)
1681 return ((struct pv_chunk *)((uintptr_t)pv & ~(uintptr_t)PAGE_MASK));
1684 #define PV_PMAP(pv) (pv_to_chunk(pv)->pc_pmap)
1686 #define PC_FREE0 0xfffffffffffffffful
1687 #define PC_FREE1 0xfffffffffffffffful
1688 #define PC_FREE2 0x000000fffffffffful
1690 static const uint64_t pc_freemask[_NPCM] = { PC_FREE0, PC_FREE1, PC_FREE2 };
1694 static int pc_chunk_count, pc_chunk_allocs, pc_chunk_frees, pc_chunk_tryfail;
1696 SYSCTL_INT(_vm_pmap, OID_AUTO, pc_chunk_count, CTLFLAG_RD, &pc_chunk_count, 0,
1697 "Current number of pv entry chunks");
1698 SYSCTL_INT(_vm_pmap, OID_AUTO, pc_chunk_allocs, CTLFLAG_RD, &pc_chunk_allocs, 0,
1699 "Current number of pv entry chunks allocated");
1700 SYSCTL_INT(_vm_pmap, OID_AUTO, pc_chunk_frees, CTLFLAG_RD, &pc_chunk_frees, 0,
1701 "Current number of pv entry chunks frees");
1702 SYSCTL_INT(_vm_pmap, OID_AUTO, pc_chunk_tryfail, CTLFLAG_RD, &pc_chunk_tryfail, 0,
1703 "Number of times tried to get a chunk page but failed.");
1705 static long pv_entry_frees, pv_entry_allocs, pv_entry_count;
1706 static int pv_entry_spare;
1708 SYSCTL_LONG(_vm_pmap, OID_AUTO, pv_entry_frees, CTLFLAG_RD, &pv_entry_frees, 0,
1709 "Current number of pv entry frees");
1710 SYSCTL_LONG(_vm_pmap, OID_AUTO, pv_entry_allocs, CTLFLAG_RD, &pv_entry_allocs, 0,
1711 "Current number of pv entry allocs");
1712 SYSCTL_LONG(_vm_pmap, OID_AUTO, pv_entry_count, CTLFLAG_RD, &pv_entry_count, 0,
1713 "Current number of pv entries");
1714 SYSCTL_INT(_vm_pmap, OID_AUTO, pv_entry_spare, CTLFLAG_RD, &pv_entry_spare, 0,
1715 "Current number of spare pv entries");
1720 * We are in a serious low memory condition. Resort to
1721 * drastic measures to free some pages so we can allocate
1722 * another pv entry chunk.
1724 * Returns NULL if PV entries were reclaimed from the specified pmap.
1726 * We do not, however, unmap 2mpages because subsequent accesses will
1727 * allocate per-page pv entries until repromotion occurs, thereby
1728 * exacerbating the shortage of free pv entries.
1731 reclaim_pv_chunk(pmap_t locked_pmap, struct rwlock **lockp)
1734 panic("ARM64TODO: reclaim_pv_chunk");
1738 * free the pv_entry back to the free list
1741 free_pv_entry(pmap_t pmap, pv_entry_t pv)
1743 struct pv_chunk *pc;
1744 int idx, field, bit;
1746 rw_assert(&pvh_global_lock, RA_LOCKED);
1747 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1748 PV_STAT(atomic_add_long(&pv_entry_frees, 1));
1749 PV_STAT(atomic_add_int(&pv_entry_spare, 1));
1750 PV_STAT(atomic_subtract_long(&pv_entry_count, 1));
1751 pc = pv_to_chunk(pv);
1752 idx = pv - &pc->pc_pventry[0];
1755 pc->pc_map[field] |= 1ul << bit;
1756 if (pc->pc_map[0] != PC_FREE0 || pc->pc_map[1] != PC_FREE1 ||
1757 pc->pc_map[2] != PC_FREE2) {
1758 /* 98% of the time, pc is already at the head of the list. */
1759 if (__predict_false(pc != TAILQ_FIRST(&pmap->pm_pvchunk))) {
1760 TAILQ_REMOVE(&pmap->pm_pvchunk, pc, pc_list);
1761 TAILQ_INSERT_HEAD(&pmap->pm_pvchunk, pc, pc_list);
1765 TAILQ_REMOVE(&pmap->pm_pvchunk, pc, pc_list);
1770 free_pv_chunk(struct pv_chunk *pc)
1774 mtx_lock(&pv_chunks_mutex);
1775 TAILQ_REMOVE(&pv_chunks, pc, pc_lru);
1776 mtx_unlock(&pv_chunks_mutex);
1777 PV_STAT(atomic_subtract_int(&pv_entry_spare, _NPCPV));
1778 PV_STAT(atomic_subtract_int(&pc_chunk_count, 1));
1779 PV_STAT(atomic_add_int(&pc_chunk_frees, 1));
1780 /* entire chunk is free, return it */
1781 m = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pc));
1782 dump_drop_page(m->phys_addr);
1783 vm_page_unwire(m, PQ_NONE);
1788 * Returns a new PV entry, allocating a new PV chunk from the system when
1789 * needed. If this PV chunk allocation fails and a PV list lock pointer was
1790 * given, a PV chunk is reclaimed from an arbitrary pmap. Otherwise, NULL is
1793 * The given PV list lock may be released.
1796 get_pv_entry(pmap_t pmap, struct rwlock **lockp)
1800 struct pv_chunk *pc;
1803 rw_assert(&pvh_global_lock, RA_LOCKED);
1804 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1805 PV_STAT(atomic_add_long(&pv_entry_allocs, 1));
1807 pc = TAILQ_FIRST(&pmap->pm_pvchunk);
1809 for (field = 0; field < _NPCM; field++) {
1810 if (pc->pc_map[field]) {
1811 bit = ffsl(pc->pc_map[field]) - 1;
1815 if (field < _NPCM) {
1816 pv = &pc->pc_pventry[field * 64 + bit];
1817 pc->pc_map[field] &= ~(1ul << bit);
1818 /* If this was the last item, move it to tail */
1819 if (pc->pc_map[0] == 0 && pc->pc_map[1] == 0 &&
1820 pc->pc_map[2] == 0) {
1821 TAILQ_REMOVE(&pmap->pm_pvchunk, pc, pc_list);
1822 TAILQ_INSERT_TAIL(&pmap->pm_pvchunk, pc,
1825 PV_STAT(atomic_add_long(&pv_entry_count, 1));
1826 PV_STAT(atomic_subtract_int(&pv_entry_spare, 1));
1830 /* No free items, allocate another chunk */
1831 m = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL | VM_ALLOC_NOOBJ |
1834 if (lockp == NULL) {
1835 PV_STAT(pc_chunk_tryfail++);
1838 m = reclaim_pv_chunk(pmap, lockp);
1842 PV_STAT(atomic_add_int(&pc_chunk_count, 1));
1843 PV_STAT(atomic_add_int(&pc_chunk_allocs, 1));
1844 dump_add_page(m->phys_addr);
1845 pc = (void *)PHYS_TO_DMAP(m->phys_addr);
1847 pc->pc_map[0] = PC_FREE0 & ~1ul; /* preallocated bit 0 */
1848 pc->pc_map[1] = PC_FREE1;
1849 pc->pc_map[2] = PC_FREE2;
1850 mtx_lock(&pv_chunks_mutex);
1851 TAILQ_INSERT_TAIL(&pv_chunks, pc, pc_lru);
1852 mtx_unlock(&pv_chunks_mutex);
1853 pv = &pc->pc_pventry[0];
1854 TAILQ_INSERT_HEAD(&pmap->pm_pvchunk, pc, pc_list);
1855 PV_STAT(atomic_add_long(&pv_entry_count, 1));
1856 PV_STAT(atomic_add_int(&pv_entry_spare, _NPCPV - 1));
1861 * First find and then remove the pv entry for the specified pmap and virtual
1862 * address from the specified pv list. Returns the pv entry if found and NULL
1863 * otherwise. This operation can be performed on pv lists for either 4KB or
1864 * 2MB page mappings.
1866 static __inline pv_entry_t
1867 pmap_pvh_remove(struct md_page *pvh, pmap_t pmap, vm_offset_t va)
1871 rw_assert(&pvh_global_lock, RA_LOCKED);
1872 TAILQ_FOREACH(pv, &pvh->pv_list, pv_next) {
1873 if (pmap == PV_PMAP(pv) && va == pv->pv_va) {
1874 TAILQ_REMOVE(&pvh->pv_list, pv, pv_next);
1883 * First find and then destroy the pv entry for the specified pmap and virtual
1884 * address. This operation can be performed on pv lists for either 4KB or 2MB
1888 pmap_pvh_free(struct md_page *pvh, pmap_t pmap, vm_offset_t va)
1892 pv = pmap_pvh_remove(pvh, pmap, va);
1893 KASSERT(pv != NULL, ("pmap_pvh_free: pv not found"));
1894 free_pv_entry(pmap, pv);
1898 * Conditionally create the PV entry for a 4KB page mapping if the required
1899 * memory can be allocated without resorting to reclamation.
1902 pmap_try_insert_pv_entry(pmap_t pmap, vm_offset_t va, vm_page_t m,
1903 struct rwlock **lockp)
1907 rw_assert(&pvh_global_lock, RA_LOCKED);
1908 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1909 /* Pass NULL instead of the lock pointer to disable reclamation. */
1910 if ((pv = get_pv_entry(pmap, NULL)) != NULL) {
1912 CHANGE_PV_LIST_LOCK_TO_VM_PAGE(lockp, m);
1913 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_next);
1921 * pmap_remove_l3: do the things to unmap a page in a process
1924 pmap_remove_l3(pmap_t pmap, pt_entry_t *l3, vm_offset_t va,
1925 pd_entry_t l2e, struct spglist *free, struct rwlock **lockp)
1930 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
1931 if (pmap_is_current(pmap) && pmap_l3_valid_cacheable(pmap_load(l3)))
1932 cpu_dcache_wb_range(va, L3_SIZE);
1933 old_l3 = pmap_load_clear(l3);
1935 pmap_invalidate_page(pmap, va);
1936 if (old_l3 & ATTR_SW_WIRED)
1937 pmap->pm_stats.wired_count -= 1;
1938 pmap_resident_count_dec(pmap, 1);
1939 if (old_l3 & ATTR_SW_MANAGED) {
1940 m = PHYS_TO_VM_PAGE(old_l3 & ~ATTR_MASK);
1941 if (pmap_page_dirty(old_l3))
1943 if (old_l3 & ATTR_AF)
1944 vm_page_aflag_set(m, PGA_REFERENCED);
1945 CHANGE_PV_LIST_LOCK_TO_VM_PAGE(lockp, m);
1946 pmap_pvh_free(&m->md, pmap, va);
1948 return (pmap_unuse_l3(pmap, va, l2e, free));
1952 * Remove the given range of addresses from the specified map.
1954 * It is assumed that the start and end are properly
1955 * rounded to the page size.
1958 pmap_remove(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
1960 struct rwlock *lock;
1961 vm_offset_t va, va_next;
1962 pd_entry_t *l0, *l1, *l2;
1963 pt_entry_t l3_paddr, *l3;
1964 struct spglist free;
1968 * Perform an unsynchronized read. This is, however, safe.
1970 if (pmap->pm_stats.resident_count == 0)
1976 rw_rlock(&pvh_global_lock);
1980 for (; sva < eva; sva = va_next) {
1982 if (pmap->pm_stats.resident_count == 0)
1985 l0 = pmap_l0(pmap, sva);
1986 if (pmap_load(l0) == 0) {
1987 va_next = (sva + L0_SIZE) & ~L0_OFFSET;
1993 l1 = pmap_l0_to_l1(l0, sva);
1994 if (pmap_load(l1) == 0) {
1995 va_next = (sva + L1_SIZE) & ~L1_OFFSET;
2002 * Calculate index for next page table.
2004 va_next = (sva + L2_SIZE) & ~L2_OFFSET;
2008 l2 = pmap_l1_to_l2(l1, sva);
2012 l3_paddr = pmap_load(l2);
2015 * Weed out invalid mappings.
2017 if ((l3_paddr & ATTR_DESCR_MASK) != L2_TABLE)
2021 * Limit our scan to either the end of the va represented
2022 * by the current page table page, or to the end of the
2023 * range being removed.
2029 for (l3 = pmap_l2_to_l3(l2, sva); sva != va_next; l3++,
2032 panic("l3 == NULL");
2033 if (pmap_load(l3) == 0) {
2034 if (va != va_next) {
2035 pmap_invalidate_range(pmap, va, sva);
2042 if (pmap_remove_l3(pmap, l3, sva, l3_paddr, &free,
2049 pmap_invalidate_range(pmap, va, sva);
2054 pmap_invalidate_all(pmap);
2055 rw_runlock(&pvh_global_lock);
2057 pmap_free_zero_pages(&free);
2061 * Routine: pmap_remove_all
2063 * Removes this physical page from
2064 * all physical maps in which it resides.
2065 * Reflects back modify bits to the pager.
2068 * Original versions of this routine were very
2069 * inefficient because they iteratively called
2070 * pmap_remove (slow...)
2074 pmap_remove_all(vm_page_t m)
2078 pd_entry_t *pde, tpde;
2079 pt_entry_t *pte, tpte;
2080 struct spglist free;
2083 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
2084 ("pmap_remove_all: page %p is not managed", m));
2086 rw_wlock(&pvh_global_lock);
2087 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
2090 pmap_resident_count_dec(pmap, 1);
2092 pde = pmap_pde(pmap, pv->pv_va, &lvl);
2093 KASSERT(pde != NULL,
2094 ("pmap_remove_all: no page directory entry found"));
2096 ("pmap_remove_all: invalid pde level %d", lvl));
2097 tpde = pmap_load(pde);
2099 pte = pmap_l2_to_l3(pde, pv->pv_va);
2100 tpte = pmap_load(pte);
2101 if (pmap_is_current(pmap) &&
2102 pmap_l3_valid_cacheable(tpte))
2103 cpu_dcache_wb_range(pv->pv_va, L3_SIZE);
2104 pmap_load_clear(pte);
2106 pmap_invalidate_page(pmap, pv->pv_va);
2107 if (tpte & ATTR_SW_WIRED)
2108 pmap->pm_stats.wired_count--;
2109 if ((tpte & ATTR_AF) != 0)
2110 vm_page_aflag_set(m, PGA_REFERENCED);
2113 * Update the vm_page_t clean and reference bits.
2115 if (pmap_page_dirty(tpte))
2117 pmap_unuse_l3(pmap, pv->pv_va, tpde, &free);
2118 TAILQ_REMOVE(&m->md.pv_list, pv, pv_next);
2120 free_pv_entry(pmap, pv);
2123 vm_page_aflag_clear(m, PGA_WRITEABLE);
2124 rw_wunlock(&pvh_global_lock);
2125 pmap_free_zero_pages(&free);
2129 * Set the physical protection on the
2130 * specified range of this map as requested.
2133 pmap_protect(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
2135 vm_offset_t va, va_next;
2136 pd_entry_t *l0, *l1, *l2;
2137 pt_entry_t *l3p, l3;
2139 if ((prot & VM_PROT_READ) == VM_PROT_NONE) {
2140 pmap_remove(pmap, sva, eva);
2144 if ((prot & VM_PROT_WRITE) == VM_PROT_WRITE)
2148 for (; sva < eva; sva = va_next) {
2150 l0 = pmap_l0(pmap, sva);
2151 if (pmap_load(l0) == 0) {
2152 va_next = (sva + L0_SIZE) & ~L0_OFFSET;
2158 l1 = pmap_l0_to_l1(l0, sva);
2159 if (pmap_load(l1) == 0) {
2160 va_next = (sva + L1_SIZE) & ~L1_OFFSET;
2166 va_next = (sva + L2_SIZE) & ~L2_OFFSET;
2170 l2 = pmap_l1_to_l2(l1, sva);
2171 if (l2 == NULL || (pmap_load(l2) & ATTR_DESCR_MASK) != L2_TABLE)
2178 for (l3p = pmap_l2_to_l3(l2, sva); sva != va_next; l3p++,
2180 l3 = pmap_load(l3p);
2181 if (pmap_l3_valid(l3)) {
2182 pmap_set(l3p, ATTR_AP(ATTR_AP_RO));
2184 /* XXX: Use pmap_invalidate_range */
2185 pmap_invalidate_page(pmap, va);
2191 /* TODO: Only invalidate entries we are touching */
2192 pmap_invalidate_all(pmap);
2196 * Insert the given physical page (p) at
2197 * the specified virtual address (v) in the
2198 * target physical map with the protection requested.
2200 * If specified, the page will be wired down, meaning
2201 * that the related pte can not be reclaimed.
2203 * NB: This is the only routine which MAY NOT lazy-evaluate
2204 * or lose information. That is, this routine must actually
2205 * insert this page into the given map NOW.
2208 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
2209 u_int flags, int8_t psind __unused)
2211 struct rwlock *lock;
2213 pt_entry_t new_l3, orig_l3;
2216 vm_paddr_t opa, pa, l1_pa, l2_pa, l3_pa;
2217 vm_page_t mpte, om, l1_m, l2_m, l3_m;
2221 va = trunc_page(va);
2222 if ((m->oflags & VPO_UNMANAGED) == 0 && !vm_page_xbusied(m))
2223 VM_OBJECT_ASSERT_LOCKED(m->object);
2224 pa = VM_PAGE_TO_PHYS(m);
2225 new_l3 = (pt_entry_t)(pa | ATTR_DEFAULT | ATTR_IDX(m->md.pv_memattr) |
2227 if ((prot & VM_PROT_WRITE) == 0)
2228 new_l3 |= ATTR_AP(ATTR_AP_RO);
2229 if ((flags & PMAP_ENTER_WIRED) != 0)
2230 new_l3 |= ATTR_SW_WIRED;
2231 if ((va >> 63) == 0)
2232 new_l3 |= ATTR_AP(ATTR_AP_USER);
2234 CTR2(KTR_PMAP, "pmap_enter: %.16lx -> %.16lx", va, pa);
2239 rw_rlock(&pvh_global_lock);
2242 if (va < VM_MAXUSER_ADDRESS) {
2243 nosleep = (flags & PMAP_ENTER_NOSLEEP) != 0;
2244 mpte = pmap_alloc_l3(pmap, va, nosleep ? NULL : &lock);
2245 if (mpte == NULL && nosleep) {
2246 CTR0(KTR_PMAP, "pmap_enter: mpte == NULL");
2249 rw_runlock(&pvh_global_lock);
2251 return (KERN_RESOURCE_SHORTAGE);
2253 pde = pmap_pde(pmap, va, &lvl);
2254 KASSERT(pde != NULL,
2255 ("pmap_enter: Invalid page entry, va: 0x%lx", va));
2257 ("pmap_enter: Invalid level %d", lvl));
2259 l3 = pmap_l2_to_l3(pde, va);
2261 pde = pmap_pde(pmap, va, &lvl);
2263 * If we get a level 2 pde it must point to a level 3 entry
2264 * otherwise we will need to create the intermediate tables
2270 /* Get the l0 pde to update */
2271 pde = pmap_l0(pmap, va);
2272 KASSERT(pde != NULL, ("..."));
2274 l1_m = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL |
2275 VM_ALLOC_NOOBJ | VM_ALLOC_WIRED |
2278 panic("pmap_enter: l1 pte_m == NULL");
2279 if ((l1_m->flags & PG_ZERO) == 0)
2280 pmap_zero_page(l1_m);
2282 l1_pa = VM_PAGE_TO_PHYS(l1_m);
2283 pmap_load_store(pde, l1_pa | L0_TABLE);
2287 /* Get the l1 pde to update */
2288 pde = pmap_l1_to_l2(pde, va);
2289 KASSERT(pde != NULL, ("..."));
2291 l2_m = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL |
2292 VM_ALLOC_NOOBJ | VM_ALLOC_WIRED |
2295 panic("pmap_enter: l2 pte_m == NULL");
2296 if ((l2_m->flags & PG_ZERO) == 0)
2297 pmap_zero_page(l2_m);
2299 l2_pa = VM_PAGE_TO_PHYS(l2_m);
2300 pmap_load_store(pde, l2_pa | L1_TABLE);
2304 /* Get the l2 pde to update */
2305 pde = pmap_l1_to_l2(pde, va);
2307 l3_m = vm_page_alloc(NULL, 0, VM_ALLOC_NORMAL |
2308 VM_ALLOC_NOOBJ | VM_ALLOC_WIRED |
2311 panic("pmap_enter: l3 pte_m == NULL");
2312 if ((l3_m->flags & PG_ZERO) == 0)
2313 pmap_zero_page(l3_m);
2315 l3_pa = VM_PAGE_TO_PHYS(l3_m);
2316 pmap_load_store(pde, l3_pa | L2_TABLE);
2321 l3 = pmap_l2_to_l3(pde, va);
2322 pmap_invalidate_page(pmap, va);
2326 orig_l3 = pmap_load(l3);
2327 opa = orig_l3 & ~ATTR_MASK;
2330 * Is the specified virtual address already mapped?
2332 if (pmap_l3_valid(orig_l3)) {
2334 * Wiring change, just update stats. We don't worry about
2335 * wiring PT pages as they remain resident as long as there
2336 * are valid mappings in them. Hence, if a user page is wired,
2337 * the PT page will be also.
2339 if ((flags & PMAP_ENTER_WIRED) != 0 &&
2340 (orig_l3 & ATTR_SW_WIRED) == 0)
2341 pmap->pm_stats.wired_count++;
2342 else if ((flags & PMAP_ENTER_WIRED) == 0 &&
2343 (orig_l3 & ATTR_SW_WIRED) != 0)
2344 pmap->pm_stats.wired_count--;
2347 * Remove the extra PT page reference.
2351 KASSERT(mpte->wire_count > 0,
2352 ("pmap_enter: missing reference to page table page,"
2357 * Has the physical page changed?
2361 * No, might be a protection or wiring change.
2363 if ((orig_l3 & ATTR_SW_MANAGED) != 0) {
2364 new_l3 |= ATTR_SW_MANAGED;
2365 if ((new_l3 & ATTR_AP(ATTR_AP_RW)) ==
2366 ATTR_AP(ATTR_AP_RW)) {
2367 vm_page_aflag_set(m, PGA_WRITEABLE);
2373 /* Flush the cache, there might be uncommitted data in it */
2374 if (pmap_is_current(pmap) && pmap_l3_valid_cacheable(orig_l3))
2375 cpu_dcache_wb_range(va, L3_SIZE);
2378 * Increment the counters.
2380 if ((new_l3 & ATTR_SW_WIRED) != 0)
2381 pmap->pm_stats.wired_count++;
2382 pmap_resident_count_inc(pmap, 1);
2385 * Enter on the PV list if part of our managed memory.
2387 if ((m->oflags & VPO_UNMANAGED) == 0) {
2388 new_l3 |= ATTR_SW_MANAGED;
2389 pv = get_pv_entry(pmap, &lock);
2391 CHANGE_PV_LIST_LOCK_TO_PHYS(&lock, pa);
2392 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_next);
2394 if ((new_l3 & ATTR_AP_RW_BIT) == ATTR_AP(ATTR_AP_RW))
2395 vm_page_aflag_set(m, PGA_WRITEABLE);
2399 * Update the L3 entry.
2403 orig_l3 = pmap_load_store(l3, new_l3);
2405 opa = orig_l3 & ~ATTR_MASK;
2408 if ((orig_l3 & ATTR_SW_MANAGED) != 0) {
2409 om = PHYS_TO_VM_PAGE(opa);
2410 if (pmap_page_dirty(orig_l3))
2412 if ((orig_l3 & ATTR_AF) != 0)
2413 vm_page_aflag_set(om, PGA_REFERENCED);
2414 CHANGE_PV_LIST_LOCK_TO_PHYS(&lock, opa);
2415 pmap_pvh_free(&om->md, pmap, va);
2417 } else if (pmap_page_dirty(orig_l3)) {
2418 if ((orig_l3 & ATTR_SW_MANAGED) != 0)
2422 pmap_load_store(l3, new_l3);
2425 pmap_invalidate_page(pmap, va);
2426 if ((pmap != pmap_kernel()) && (pmap == &curproc->p_vmspace->vm_pmap))
2427 cpu_icache_sync_range(va, PAGE_SIZE);
2431 rw_runlock(&pvh_global_lock);
2433 return (KERN_SUCCESS);
2437 * Maps a sequence of resident pages belonging to the same object.
2438 * The sequence begins with the given page m_start. This page is
2439 * mapped at the given virtual address start. Each subsequent page is
2440 * mapped at a virtual address that is offset from start by the same
2441 * amount as the page is offset from m_start within the object. The
2442 * last page in the sequence is the page with the largest offset from
2443 * m_start that can be mapped at a virtual address less than the given
2444 * virtual address end. Not every virtual page between start and end
2445 * is mapped; only those for which a resident page exists with the
2446 * corresponding offset from m_start are mapped.
2449 pmap_enter_object(pmap_t pmap, vm_offset_t start, vm_offset_t end,
2450 vm_page_t m_start, vm_prot_t prot)
2452 struct rwlock *lock;
2455 vm_pindex_t diff, psize;
2457 VM_OBJECT_ASSERT_LOCKED(m_start->object);
2459 psize = atop(end - start);
2463 rw_rlock(&pvh_global_lock);
2465 while (m != NULL && (diff = m->pindex - m_start->pindex) < psize) {
2466 va = start + ptoa(diff);
2467 mpte = pmap_enter_quick_locked(pmap, va, m, prot, mpte, &lock);
2468 m = TAILQ_NEXT(m, listq);
2472 rw_runlock(&pvh_global_lock);
2477 * this code makes some *MAJOR* assumptions:
2478 * 1. Current pmap & pmap exists.
2481 * 4. No page table pages.
2482 * but is *MUCH* faster than pmap_enter...
2486 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot)
2488 struct rwlock *lock;
2491 rw_rlock(&pvh_global_lock);
2493 (void)pmap_enter_quick_locked(pmap, va, m, prot, NULL, &lock);
2496 rw_runlock(&pvh_global_lock);
2501 pmap_enter_quick_locked(pmap_t pmap, vm_offset_t va, vm_page_t m,
2502 vm_prot_t prot, vm_page_t mpte, struct rwlock **lockp)
2504 struct spglist free;
2510 KASSERT(va < kmi.clean_sva || va >= kmi.clean_eva ||
2511 (m->oflags & VPO_UNMANAGED) != 0,
2512 ("pmap_enter_quick_locked: managed mapping within the clean submap"));
2513 rw_assert(&pvh_global_lock, RA_LOCKED);
2514 PMAP_LOCK_ASSERT(pmap, MA_OWNED);
2516 CTR2(KTR_PMAP, "pmap_enter_quick_locked: %p %lx", pmap, va);
2518 * In the case that a page table page is not
2519 * resident, we are creating it here.
2521 if (va < VM_MAXUSER_ADDRESS) {
2522 vm_pindex_t l2pindex;
2525 * Calculate pagetable page index
2527 l2pindex = pmap_l2_pindex(va);
2528 if (mpte && (mpte->pindex == l2pindex)) {
2534 pde = pmap_pde(pmap, va, &lvl);
2537 * If the page table page is mapped, we just increment
2538 * the hold count, and activate it. Otherwise, we
2539 * attempt to allocate a page table page. If this
2540 * attempt fails, we don't retry. Instead, we give up.
2542 if (lvl == 2 && pmap_load(pde) != 0) {
2544 PHYS_TO_VM_PAGE(pmap_load(pde) & ~ATTR_MASK);
2548 * Pass NULL instead of the PV list lock
2549 * pointer, because we don't intend to sleep.
2551 mpte = _pmap_alloc_l3(pmap, l2pindex, NULL);
2556 l3 = (pt_entry_t *)PHYS_TO_DMAP(VM_PAGE_TO_PHYS(mpte));
2557 l3 = &l3[pmap_l3_index(va)];
2560 pde = pmap_pde(kernel_pmap, va, &lvl);
2561 KASSERT(pde != NULL,
2562 ("pmap_enter_quick_locked: Invalid page entry, va: 0x%lx",
2565 ("pmap_enter_quick_locked: Invalid level %d", lvl));
2566 l3 = pmap_l2_to_l3(pde, va);
2569 if (pmap_load(l3) != 0) {
2578 * Enter on the PV list if part of our managed memory.
2580 if ((m->oflags & VPO_UNMANAGED) == 0 &&
2581 !pmap_try_insert_pv_entry(pmap, va, m, lockp)) {
2584 if (pmap_unwire_l3(pmap, va, mpte, &free)) {
2585 pmap_invalidate_page(pmap, va);
2586 pmap_free_zero_pages(&free);
2594 * Increment counters
2596 pmap_resident_count_inc(pmap, 1);
2598 pa = VM_PAGE_TO_PHYS(m) | ATTR_DEFAULT | ATTR_IDX(m->md.pv_memattr) |
2599 ATTR_AP(ATTR_AP_RW) | L3_PAGE;
2602 * Now validate mapping with RO protection
2604 if ((m->oflags & VPO_UNMANAGED) == 0)
2605 pa |= ATTR_SW_MANAGED;
2606 pmap_load_store(l3, pa);
2608 pmap_invalidate_page(pmap, va);
2613 * This code maps large physical mmap regions into the
2614 * processor address space. Note that some shortcuts
2615 * are taken, but the code works.
2618 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_object_t object,
2619 vm_pindex_t pindex, vm_size_t size)
2622 VM_OBJECT_ASSERT_WLOCKED(object);
2623 KASSERT(object->type == OBJT_DEVICE || object->type == OBJT_SG,
2624 ("pmap_object_init_pt: non-device object"));
2628 * Clear the wired attribute from the mappings for the specified range of
2629 * addresses in the given pmap. Every valid mapping within that range
2630 * must have the wired attribute set. In contrast, invalid mappings
2631 * cannot have the wired attribute set, so they are ignored.
2633 * The wired attribute of the page table entry is not a hardware feature,
2634 * so there is no need to invalidate any TLB entries.
2637 pmap_unwire(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
2639 vm_offset_t va_next;
2640 pd_entry_t *l0, *l1, *l2;
2642 boolean_t pv_lists_locked;
2644 pv_lists_locked = FALSE;
2646 for (; sva < eva; sva = va_next) {
2647 l0 = pmap_l0(pmap, sva);
2648 if (pmap_load(l0) == 0) {
2649 va_next = (sva + L0_SIZE) & ~L0_OFFSET;
2655 l1 = pmap_l0_to_l1(l0, sva);
2656 if (pmap_load(l1) == 0) {
2657 va_next = (sva + L1_SIZE) & ~L1_OFFSET;
2663 va_next = (sva + L2_SIZE) & ~L2_OFFSET;
2667 l2 = pmap_l1_to_l2(l1, sva);
2668 if (pmap_load(l2) == 0)
2673 for (l3 = pmap_l2_to_l3(l2, sva); sva != va_next; l3++,
2675 if (pmap_load(l3) == 0)
2677 if ((pmap_load(l3) & ATTR_SW_WIRED) == 0)
2678 panic("pmap_unwire: l3 %#jx is missing "
2679 "ATTR_SW_WIRED", (uintmax_t)pmap_load(l3));
2682 * PG_W must be cleared atomically. Although the pmap
2683 * lock synchronizes access to PG_W, another processor
2684 * could be setting PG_M and/or PG_A concurrently.
2686 atomic_clear_long(l3, ATTR_SW_WIRED);
2687 pmap->pm_stats.wired_count--;
2690 if (pv_lists_locked)
2691 rw_runlock(&pvh_global_lock);
2696 * Copy the range specified by src_addr/len
2697 * from the source map to the range dst_addr/len
2698 * in the destination map.
2700 * This routine is only advisory and need not do anything.
2704 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr, vm_size_t len,
2705 vm_offset_t src_addr)
2710 * pmap_zero_page zeros the specified hardware page by mapping
2711 * the page into KVM and using bzero to clear its contents.
2714 pmap_zero_page(vm_page_t m)
2716 vm_offset_t va = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m));
2718 pagezero((void *)va);
2722 * pmap_zero_page_area zeros the specified hardware page by mapping
2723 * the page into KVM and using bzero to clear its contents.
2725 * off and size may not cover an area beyond a single hardware page.
2728 pmap_zero_page_area(vm_page_t m, int off, int size)
2730 vm_offset_t va = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m));
2732 if (off == 0 && size == PAGE_SIZE)
2733 pagezero((void *)va);
2735 bzero((char *)va + off, size);
2739 * pmap_zero_page_idle zeros the specified hardware page by mapping
2740 * the page into KVM and using bzero to clear its contents. This
2741 * is intended to be called from the vm_pagezero process only and
2745 pmap_zero_page_idle(vm_page_t m)
2747 vm_offset_t va = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m));
2749 pagezero((void *)va);
2753 * pmap_copy_page copies the specified (machine independent)
2754 * page by mapping the page into virtual memory and using
2755 * bcopy to copy the page, one machine dependent page at a
2759 pmap_copy_page(vm_page_t msrc, vm_page_t mdst)
2761 vm_offset_t src = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(msrc));
2762 vm_offset_t dst = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(mdst));
2764 pagecopy((void *)src, (void *)dst);
2767 int unmapped_buf_allowed = 1;
2770 pmap_copy_pages(vm_page_t ma[], vm_offset_t a_offset, vm_page_t mb[],
2771 vm_offset_t b_offset, int xfersize)
2775 vm_paddr_t p_a, p_b;
2776 vm_offset_t a_pg_offset, b_pg_offset;
2779 while (xfersize > 0) {
2780 a_pg_offset = a_offset & PAGE_MASK;
2781 m_a = ma[a_offset >> PAGE_SHIFT];
2782 p_a = m_a->phys_addr;
2783 b_pg_offset = b_offset & PAGE_MASK;
2784 m_b = mb[b_offset >> PAGE_SHIFT];
2785 p_b = m_b->phys_addr;
2786 cnt = min(xfersize, PAGE_SIZE - a_pg_offset);
2787 cnt = min(cnt, PAGE_SIZE - b_pg_offset);
2788 if (__predict_false(!PHYS_IN_DMAP(p_a))) {
2789 panic("!DMAP a %lx", p_a);
2791 a_cp = (char *)PHYS_TO_DMAP(p_a) + a_pg_offset;
2793 if (__predict_false(!PHYS_IN_DMAP(p_b))) {
2794 panic("!DMAP b %lx", p_b);
2796 b_cp = (char *)PHYS_TO_DMAP(p_b) + b_pg_offset;
2798 bcopy(a_cp, b_cp, cnt);
2806 pmap_quick_enter_page(vm_page_t m)
2809 return (PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m)));
2813 pmap_quick_remove_page(vm_offset_t addr)
2818 * Returns true if the pmap's pv is one of the first
2819 * 16 pvs linked to from this page. This count may
2820 * be changed upwards or downwards in the future; it
2821 * is only necessary that true be returned for a small
2822 * subset of pmaps for proper page aging.
2825 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
2827 struct rwlock *lock;
2832 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
2833 ("pmap_page_exists_quick: page %p is not managed", m));
2835 rw_rlock(&pvh_global_lock);
2836 lock = VM_PAGE_TO_PV_LIST_LOCK(m);
2838 TAILQ_FOREACH(pv, &m->md.pv_list, pv_next) {
2839 if (PV_PMAP(pv) == pmap) {
2848 rw_runlock(&pvh_global_lock);
2853 * pmap_page_wired_mappings:
2855 * Return the number of managed mappings to the given physical page
2859 pmap_page_wired_mappings(vm_page_t m)
2861 struct rwlock *lock;
2865 int count, lvl, md_gen;
2867 if ((m->oflags & VPO_UNMANAGED) != 0)
2869 rw_rlock(&pvh_global_lock);
2870 lock = VM_PAGE_TO_PV_LIST_LOCK(m);
2874 TAILQ_FOREACH(pv, &m->md.pv_list, pv_next) {
2876 if (!PMAP_TRYLOCK(pmap)) {
2877 md_gen = m->md.pv_gen;
2881 if (md_gen != m->md.pv_gen) {
2886 pte = pmap_pte(pmap, pv->pv_va, &lvl);
2887 if (pte != NULL && (pmap_load(pte) & ATTR_SW_WIRED) != 0)
2892 rw_runlock(&pvh_global_lock);
2897 * Destroy all managed, non-wired mappings in the given user-space
2898 * pmap. This pmap cannot be active on any processor besides the
2901 * This function cannot be applied to the kernel pmap. Moreover, it
2902 * is not intended for general use. It is only to be used during
2903 * process termination. Consequently, it can be implemented in ways
2904 * that make it faster than pmap_remove(). First, it can more quickly
2905 * destroy mappings by iterating over the pmap's collection of PV
2906 * entries, rather than searching the page table. Second, it doesn't
2907 * have to test and clear the page table entries atomically, because
2908 * no processor is currently accessing the user address space. In
2909 * particular, a page table entry's dirty bit won't change state once
2910 * this function starts.
2913 pmap_remove_pages(pmap_t pmap)
2916 pt_entry_t *pte, tpte;
2917 struct spglist free;
2920 struct pv_chunk *pc, *npc;
2921 struct rwlock *lock;
2923 uint64_t inuse, bitmask;
2924 int allfree, field, freed, idx, lvl;
2930 rw_rlock(&pvh_global_lock);
2932 TAILQ_FOREACH_SAFE(pc, &pmap->pm_pvchunk, pc_list, npc) {
2935 for (field = 0; field < _NPCM; field++) {
2936 inuse = ~pc->pc_map[field] & pc_freemask[field];
2937 while (inuse != 0) {
2938 bit = ffsl(inuse) - 1;
2939 bitmask = 1UL << bit;
2940 idx = field * 64 + bit;
2941 pv = &pc->pc_pventry[idx];
2944 pde = pmap_pde(pmap, pv->pv_va, &lvl);
2945 KASSERT(pde != NULL,
2946 ("Attempting to remove an unmapped page"));
2948 ("Invalid page directory level: %d", lvl));
2950 pte = pmap_l2_to_l3(pde, pv->pv_va);
2951 KASSERT(pte != NULL,
2952 ("Attempting to remove an unmapped page"));
2954 tpte = pmap_load(pte);
2957 * We cannot remove wired pages from a process' mapping at this time
2959 if (tpte & ATTR_SW_WIRED) {
2964 pa = tpte & ~ATTR_MASK;
2966 m = PHYS_TO_VM_PAGE(pa);
2967 KASSERT(m->phys_addr == pa,
2968 ("vm_page_t %p phys_addr mismatch %016jx %016jx",
2969 m, (uintmax_t)m->phys_addr,
2972 KASSERT((m->flags & PG_FICTITIOUS) != 0 ||
2973 m < &vm_page_array[vm_page_array_size],
2974 ("pmap_remove_pages: bad pte %#jx",
2977 /* XXX: assumes tpte is level 3 */
2978 if (pmap_is_current(pmap) &&
2979 pmap_l3_valid_cacheable(tpte))
2980 cpu_dcache_wb_range(pv->pv_va, L3_SIZE);
2981 pmap_load_clear(pte);
2983 pmap_invalidate_page(pmap, pv->pv_va);
2986 * Update the vm_page_t clean/reference bits.
2988 if ((tpte & ATTR_AP_RW_BIT) == ATTR_AP(ATTR_AP_RW))
2991 CHANGE_PV_LIST_LOCK_TO_VM_PAGE(&lock, m);
2994 pc->pc_map[field] |= bitmask;
2996 pmap_resident_count_dec(pmap, 1);
2997 TAILQ_REMOVE(&m->md.pv_list, pv, pv_next);
3000 pmap_unuse_l3(pmap, pv->pv_va, pmap_load(pde),
3005 PV_STAT(atomic_add_long(&pv_entry_frees, freed));
3006 PV_STAT(atomic_add_int(&pv_entry_spare, freed));
3007 PV_STAT(atomic_subtract_long(&pv_entry_count, freed));
3009 TAILQ_REMOVE(&pmap->pm_pvchunk, pc, pc_list);
3013 pmap_invalidate_all(pmap);
3016 rw_runlock(&pvh_global_lock);
3018 pmap_free_zero_pages(&free);
3022 * This is used to check if a page has been accessed or modified. As we
3023 * don't have a bit to see if it has been modified we have to assume it
3024 * has been if the page is read/write.
3027 pmap_page_test_mappings(vm_page_t m, boolean_t accessed, boolean_t modified)
3029 struct rwlock *lock;
3031 pt_entry_t *pte, mask, value;
3037 rw_rlock(&pvh_global_lock);
3038 lock = VM_PAGE_TO_PV_LIST_LOCK(m);
3041 TAILQ_FOREACH(pv, &m->md.pv_list, pv_next) {
3043 if (!PMAP_TRYLOCK(pmap)) {
3044 md_gen = m->md.pv_gen;
3048 if (md_gen != m->md.pv_gen) {
3053 pte = pmap_pte(pmap, pv->pv_va, &lvl);
3055 ("pmap_page_test_mappings: Invalid level %d", lvl));
3059 mask |= ATTR_AP_RW_BIT;
3060 value |= ATTR_AP(ATTR_AP_RW);
3063 mask |= ATTR_AF | ATTR_DESCR_MASK;
3064 value |= ATTR_AF | L3_PAGE;
3066 rv = (pmap_load(pte) & mask) == value;
3073 rw_runlock(&pvh_global_lock);
3080 * Return whether or not the specified physical page was modified
3081 * in any physical maps.
3084 pmap_is_modified(vm_page_t m)
3087 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3088 ("pmap_is_modified: page %p is not managed", m));
3091 * If the page is not exclusive busied, then PGA_WRITEABLE cannot be
3092 * concurrently set while the object is locked. Thus, if PGA_WRITEABLE
3093 * is clear, no PTEs can have PG_M set.
3095 VM_OBJECT_ASSERT_WLOCKED(m->object);
3096 if (!vm_page_xbusied(m) && (m->aflags & PGA_WRITEABLE) == 0)
3098 return (pmap_page_test_mappings(m, FALSE, TRUE));
3102 * pmap_is_prefaultable:
3104 * Return whether or not the specified virtual address is eligible
3108 pmap_is_prefaultable(pmap_t pmap, vm_offset_t addr)
3116 pte = pmap_pte(pmap, addr, &lvl);
3117 if (pte != NULL && pmap_load(pte) != 0) {
3125 * pmap_is_referenced:
3127 * Return whether or not the specified physical page was referenced
3128 * in any physical maps.
3131 pmap_is_referenced(vm_page_t m)
3134 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3135 ("pmap_is_referenced: page %p is not managed", m));
3136 return (pmap_page_test_mappings(m, TRUE, FALSE));
3140 * Clear the write and modified bits in each of the given page's mappings.
3143 pmap_remove_write(vm_page_t m)
3146 struct rwlock *lock;
3148 pt_entry_t oldpte, *pte;
3151 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3152 ("pmap_remove_write: page %p is not managed", m));
3155 * If the page is not exclusive busied, then PGA_WRITEABLE cannot be
3156 * set by another thread while the object is locked. Thus,
3157 * if PGA_WRITEABLE is clear, no page table entries need updating.
3159 VM_OBJECT_ASSERT_WLOCKED(m->object);
3160 if (!vm_page_xbusied(m) && (m->aflags & PGA_WRITEABLE) == 0)
3162 rw_rlock(&pvh_global_lock);
3163 lock = VM_PAGE_TO_PV_LIST_LOCK(m);
3166 TAILQ_FOREACH(pv, &m->md.pv_list, pv_next) {
3168 if (!PMAP_TRYLOCK(pmap)) {
3169 md_gen = m->md.pv_gen;
3173 if (md_gen != m->md.pv_gen) {
3179 pte = pmap_pte(pmap, pv->pv_va, &lvl);
3181 oldpte = pmap_load(pte);
3182 if ((oldpte & ATTR_AP_RW_BIT) == ATTR_AP(ATTR_AP_RW)) {
3183 if (!atomic_cmpset_long(pte, oldpte,
3184 oldpte | ATTR_AP(ATTR_AP_RO)))
3186 if ((oldpte & ATTR_AF) != 0)
3188 pmap_invalidate_page(pmap, pv->pv_va);
3193 vm_page_aflag_clear(m, PGA_WRITEABLE);
3194 rw_runlock(&pvh_global_lock);
3197 static __inline boolean_t
3198 safe_to_clear_referenced(pmap_t pmap, pt_entry_t pte)
3204 #define PMAP_TS_REFERENCED_MAX 5
3207 * pmap_ts_referenced:
3209 * Return a count of reference bits for a page, clearing those bits.
3210 * It is not necessary for every reference bit to be cleared, but it
3211 * is necessary that 0 only be returned when there are truly no
3212 * reference bits set.
3214 * XXX: The exact number of bits to check and clear is a matter that
3215 * should be tested and standardized at some point in the future for
3216 * optimal aging of shared pages.
3219 pmap_ts_referenced(vm_page_t m)
3223 struct rwlock *lock;
3224 pd_entry_t *pde, tpde;
3225 pt_entry_t *pte, tpte;
3227 int cleared, md_gen, not_cleared, lvl;
3228 struct spglist free;
3230 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3231 ("pmap_ts_referenced: page %p is not managed", m));
3234 pa = VM_PAGE_TO_PHYS(m);
3235 lock = PHYS_TO_PV_LIST_LOCK(pa);
3236 rw_rlock(&pvh_global_lock);
3240 if ((pvf = TAILQ_FIRST(&m->md.pv_list)) == NULL)
3247 if (!PMAP_TRYLOCK(pmap)) {
3248 md_gen = m->md.pv_gen;
3252 if (md_gen != m->md.pv_gen) {
3257 pde = pmap_pde(pmap, pv->pv_va, &lvl);
3258 KASSERT(pde != NULL, ("pmap_ts_referenced: no l2 table found"));
3260 ("pmap_ts_referenced: invalid pde level %d", lvl));
3261 tpde = pmap_load(pde);
3262 KASSERT((tpde & ATTR_DESCR_MASK) == L2_TABLE,
3263 ("pmap_ts_referenced: found an invalid l2 table"));
3264 pte = pmap_l2_to_l3(pde, pv->pv_va);
3265 tpte = pmap_load(pte);
3266 if ((tpte & ATTR_AF) != 0) {
3267 if (safe_to_clear_referenced(pmap, tpte)) {
3269 * TODO: We don't handle the access flag
3270 * at all. We need to be able to set it in
3271 * the exception handler.
3273 panic("ARM64TODO: safe_to_clear_referenced\n");
3274 } else if ((tpte & ATTR_SW_WIRED) == 0) {
3276 * Wired pages cannot be paged out so
3277 * doing accessed bit emulation for
3278 * them is wasted effort. We do the
3279 * hard work for unwired pages only.
3281 pmap_remove_l3(pmap, pte, pv->pv_va, tpde,
3283 pmap_invalidate_page(pmap, pv->pv_va);
3288 KASSERT(lock == VM_PAGE_TO_PV_LIST_LOCK(m),
3289 ("inconsistent pv lock %p %p for page %p",
3290 lock, VM_PAGE_TO_PV_LIST_LOCK(m), m));
3295 /* Rotate the PV list if it has more than one entry. */
3296 if (pv != NULL && TAILQ_NEXT(pv, pv_next) != NULL) {
3297 TAILQ_REMOVE(&m->md.pv_list, pv, pv_next);
3298 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_next);
3301 } while ((pv = TAILQ_FIRST(&m->md.pv_list)) != pvf && cleared +
3302 not_cleared < PMAP_TS_REFERENCED_MAX);
3305 rw_runlock(&pvh_global_lock);
3306 pmap_free_zero_pages(&free);
3307 return (cleared + not_cleared);
3311 * Apply the given advice to the specified range of addresses within the
3312 * given pmap. Depending on the advice, clear the referenced and/or
3313 * modified flags in each mapping and set the mapped page's dirty field.
3316 pmap_advise(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, int advice)
3321 * Clear the modify bits on the specified physical page.
3324 pmap_clear_modify(vm_page_t m)
3327 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3328 ("pmap_clear_modify: page %p is not managed", m));
3329 VM_OBJECT_ASSERT_WLOCKED(m->object);
3330 KASSERT(!vm_page_xbusied(m),
3331 ("pmap_clear_modify: page %p is exclusive busied", m));
3334 * If the page is not PGA_WRITEABLE, then no PTEs can have PG_M set.
3335 * If the object containing the page is locked and the page is not
3336 * exclusive busied, then PGA_WRITEABLE cannot be concurrently set.
3338 if ((m->aflags & PGA_WRITEABLE) == 0)
3341 /* ARM64TODO: We lack support for tracking if a page is modified */
3345 pmap_mapbios(vm_paddr_t pa, vm_size_t size)
3348 return ((void *)PHYS_TO_DMAP(pa));
3352 pmap_unmapbios(vm_paddr_t pa, vm_size_t size)
3357 * Sets the memory attribute for the specified page.
3360 pmap_page_set_memattr(vm_page_t m, vm_memattr_t ma)
3363 m->md.pv_memattr = ma;
3366 * ARM64TODO: Implement the below (from the amd64 pmap)
3367 * If "m" is a normal page, update its direct mapping. This update
3368 * can be relied upon to perform any cache operations that are
3369 * required for data coherence.
3371 if ((m->flags & PG_FICTITIOUS) == 0 &&
3372 PHYS_IN_DMAP(VM_PAGE_TO_PHYS(m)))
3373 panic("ARM64TODO: pmap_page_set_memattr");
3377 * perform the pmap work for mincore
3380 pmap_mincore(pmap_t pmap, vm_offset_t addr, vm_paddr_t *locked_pa)
3382 pd_entry_t *l1p, l1;
3383 pd_entry_t *l2p, l2;
3384 pt_entry_t *l3p, l3;
3395 l1p = pmap_l1(pmap, addr);
3396 if (l1p == NULL) /* No l1 */
3399 l1 = pmap_load(l1p);
3400 if ((l1 & ATTR_DESCR_MASK) == L1_INVAL)
3403 if ((l1 & ATTR_DESCR_MASK) == L1_BLOCK) {
3404 pa = (l1 & ~ATTR_MASK) | (addr & L1_OFFSET);
3405 managed = (l1 & ATTR_SW_MANAGED) == ATTR_SW_MANAGED;
3406 val = MINCORE_SUPER | MINCORE_INCORE;
3407 if (pmap_page_dirty(l1))
3408 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER;
3409 if ((l1 & ATTR_AF) == ATTR_AF)
3410 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER;
3414 l2p = pmap_l1_to_l2(l1p, addr);
3415 if (l2p == NULL) /* No l2 */
3418 l2 = pmap_load(l2p);
3419 if ((l2 & ATTR_DESCR_MASK) == L2_INVAL)
3422 if ((l2 & ATTR_DESCR_MASK) == L2_BLOCK) {
3423 pa = (l2 & ~ATTR_MASK) | (addr & L2_OFFSET);
3424 managed = (l2 & ATTR_SW_MANAGED) == ATTR_SW_MANAGED;
3425 val = MINCORE_SUPER | MINCORE_INCORE;
3426 if (pmap_page_dirty(l2))
3427 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER;
3428 if ((l2 & ATTR_AF) == ATTR_AF)
3429 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER;
3433 l3p = pmap_l2_to_l3(l2p, addr);
3434 if (l3p == NULL) /* No l3 */
3437 l3 = pmap_load(l2p);
3438 if ((l3 & ATTR_DESCR_MASK) == L3_INVAL)
3441 if ((l3 & ATTR_DESCR_MASK) == L3_PAGE) {
3442 pa = (l3 & ~ATTR_MASK) | (addr & L3_OFFSET);
3443 managed = (l3 & ATTR_SW_MANAGED) == ATTR_SW_MANAGED;
3444 val = MINCORE_INCORE;
3445 if (pmap_page_dirty(l3))
3446 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER;
3447 if ((l3 & ATTR_AF) == ATTR_AF)
3448 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER;
3452 if ((val & (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER)) !=
3453 (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER) && managed) {
3454 /* Ensure that "PHYS_TO_VM_PAGE(pa)->object" doesn't change. */
3455 if (vm_page_pa_tryrelock(pmap, pa, locked_pa))
3458 PA_UNLOCK_COND(*locked_pa);
3465 pmap_activate(struct thread *td)
3470 pmap = vmspace_pmap(td->td_proc->p_vmspace);
3471 td->td_pcb->pcb_l0addr = vtophys(pmap->pm_l0);
3472 __asm __volatile("msr ttbr0_el1, %0" : : "r"(td->td_pcb->pcb_l0addr));
3473 pmap_invalidate_all(pmap);
3478 pmap_sync_icache(pmap_t pmap, vm_offset_t va, vm_size_t sz)
3481 if (va >= VM_MIN_KERNEL_ADDRESS) {
3482 cpu_icache_sync_range(va, sz);
3487 /* Find the length of data in this page to flush */
3488 offset = va & PAGE_MASK;
3489 len = imin(PAGE_SIZE - offset, sz);
3492 /* Extract the physical address & find it in the DMAP */
3493 pa = pmap_extract(pmap, va);
3495 cpu_icache_sync_range(PHYS_TO_DMAP(pa), len);
3497 /* Move to the next page */
3500 /* Set the length for the next iteration */
3501 len = imin(PAGE_SIZE, sz);
3507 * Increase the starting virtual address of the given mapping if a
3508 * different alignment might result in more superpage mappings.
3511 pmap_align_superpage(vm_object_t object, vm_ooffset_t offset,
3512 vm_offset_t *addr, vm_size_t size)
3517 * Get the kernel virtual address of a set of physical pages. If there are
3518 * physical addresses not covered by the DMAP perform a transient mapping
3519 * that will be removed when calling pmap_unmap_io_transient.
3521 * \param page The pages the caller wishes to obtain the virtual
3522 * address on the kernel memory map.
3523 * \param vaddr On return contains the kernel virtual memory address
3524 * of the pages passed in the page parameter.
3525 * \param count Number of pages passed in.
3526 * \param can_fault TRUE if the thread using the mapped pages can take
3527 * page faults, FALSE otherwise.
3529 * \returns TRUE if the caller must call pmap_unmap_io_transient when
3530 * finished or FALSE otherwise.
3534 pmap_map_io_transient(vm_page_t page[], vm_offset_t vaddr[], int count,
3535 boolean_t can_fault)
3538 boolean_t needs_mapping;
3542 * Allocate any KVA space that we need, this is done in a separate
3543 * loop to prevent calling vmem_alloc while pinned.
3545 needs_mapping = FALSE;
3546 for (i = 0; i < count; i++) {
3547 paddr = VM_PAGE_TO_PHYS(page[i]);
3548 if (__predict_false(!PHYS_IN_DMAP(paddr))) {
3549 error = vmem_alloc(kernel_arena, PAGE_SIZE,
3550 M_BESTFIT | M_WAITOK, &vaddr[i]);
3551 KASSERT(error == 0, ("vmem_alloc failed: %d", error));
3552 needs_mapping = TRUE;
3554 vaddr[i] = PHYS_TO_DMAP(paddr);
3558 /* Exit early if everything is covered by the DMAP */
3564 for (i = 0; i < count; i++) {
3565 paddr = VM_PAGE_TO_PHYS(page[i]);
3566 if (!PHYS_IN_DMAP(paddr)) {
3568 "pmap_map_io_transient: TODO: Map out of DMAP data");
3572 return (needs_mapping);
3576 pmap_unmap_io_transient(vm_page_t page[], vm_offset_t vaddr[], int count,
3577 boolean_t can_fault)
3584 for (i = 0; i < count; i++) {
3585 paddr = VM_PAGE_TO_PHYS(page[i]);
3586 if (!PHYS_IN_DMAP(paddr)) {
3587 panic("ARM64TODO: pmap_unmap_io_transient: Unmap data");
projects / FreeBSD / FreeBSD.git / blob