1 /* From: $NetBSD: pmap.c,v 1.148 2004/04/03 04:35:48 bsh Exp $ */
3 * Copyright 2004 Olivier Houchard.
4 * Copyright 2003 Wasabi Systems, Inc.
7 * Written by Steve C. Woodford for Wasabi Systems, Inc.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed for the NetBSD Project by
20 * Wasabi Systems, Inc.
21 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
22 * or promote products derived from this software without specific prior
25 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35 * POSSIBILITY OF SUCH DAMAGE.
39 * Copyright (c) 2002-2003 Wasabi Systems, Inc.
40 * Copyright (c) 2001 Richard Earnshaw
41 * Copyright (c) 2001-2002 Christopher Gilbert
42 * All rights reserved.
44 * 1. Redistributions of source code must retain the above copyright
45 * notice, this list of conditions and the following disclaimer.
46 * 2. Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in the
48 * documentation and/or other materials provided with the distribution.
49 * 3. The name of the company nor the name of the author may be used to
50 * endorse or promote products derived from this software without specific
51 * prior written permission.
53 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
54 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
55 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
56 * IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
57 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
58 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
59 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
66 * Copyright (c) 1999 The NetBSD Foundation, Inc.
67 * All rights reserved.
69 * This code is derived from software contributed to The NetBSD Foundation
70 * by Charles M. Hannum.
72 * Redistribution and use in source and binary forms, with or without
73 * modification, are permitted provided that the following conditions
75 * 1. Redistributions of source code must retain the above copyright
76 * notice, this list of conditions and the following disclaimer.
77 * 2. Redistributions in binary form must reproduce the above copyright
78 * notice, this list of conditions and the following disclaimer in the
79 * documentation and/or other materials provided with the distribution.
81 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
82 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
83 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
84 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
85 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
86 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
87 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
88 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
89 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
90 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
91 * POSSIBILITY OF SUCH DAMAGE.
95 * Copyright (c) 1994-1998 Mark Brinicombe.
96 * Copyright (c) 1994 Brini.
97 * All rights reserved.
99 * This code is derived from software written for Brini by Mark Brinicombe
101 * Redistribution and use in source and binary forms, with or without
102 * modification, are permitted provided that the following conditions
104 * 1. Redistributions of source code must retain the above copyright
105 * notice, this list of conditions and the following disclaimer.
106 * 2. Redistributions in binary form must reproduce the above copyright
107 * notice, this list of conditions and the following disclaimer in the
108 * documentation and/or other materials provided with the distribution.
109 * 3. All advertising materials mentioning features or use of this software
110 * must display the following acknowledgement:
111 * This product includes software developed by Mark Brinicombe.
112 * 4. The name of the author may not be used to endorse or promote products
113 * derived from this software without specific prior written permission.
115 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
116 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
117 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
118 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
119 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
120 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
121 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
122 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
123 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
125 * RiscBSD kernel project
129 * Machine dependant vm stuff
135 * Special compilation symbols
136 * PMAP_DEBUG - Build in pmap_debug_level code
138 * Note that pmap_mapdev() and pmap_unmapdev() are implemented in arm/devmap.c
140 /* Include header files */
144 #include <sys/cdefs.h>
145 __FBSDID("$FreeBSD$");
146 #include <sys/param.h>
147 #include <sys/systm.h>
148 #include <sys/kernel.h>
150 #include <sys/lock.h>
151 #include <sys/proc.h>
152 #include <sys/malloc.h>
153 #include <sys/msgbuf.h>
154 #include <sys/mutex.h>
155 #include <sys/vmmeter.h>
156 #include <sys/mman.h>
157 #include <sys/rwlock.h>
159 #include <sys/sched.h>
162 #include <vm/vm_param.h>
165 #include <vm/vm_kern.h>
166 #include <vm/vm_object.h>
167 #include <vm/vm_map.h>
168 #include <vm/vm_page.h>
169 #include <vm/vm_pageout.h>
170 #include <vm/vm_phys.h>
171 #include <vm/vm_extern.h>
173 #include <machine/md_var.h>
174 #include <machine/cpu.h>
175 #include <machine/cpufunc.h>
176 #include <machine/pcb.h>
179 #define PDEBUG(_lev_,_stat_) \
180 if (pmap_debug_level >= (_lev_)) \
182 #define dprintf printf
184 int pmap_debug_level = 0;
186 #else /* PMAP_DEBUG */
187 #define PDEBUG(_lev_,_stat_) /* Nothing */
188 #define dprintf(x, arg...)
189 #define PMAP_INLINE __inline
190 #endif /* PMAP_DEBUG */
192 extern struct pv_addr systempage;
194 extern int last_fault_code;
197 * Internal function prototypes
199 static void pmap_free_pv_entry (pv_entry_t);
200 static pv_entry_t pmap_get_pv_entry(void);
202 static int pmap_enter_locked(pmap_t, vm_offset_t, vm_page_t,
204 static vm_paddr_t pmap_extract_locked(pmap_t pmap, vm_offset_t va);
205 static void pmap_fix_cache(struct vm_page *, pmap_t, vm_offset_t);
206 static void pmap_alloc_l1(pmap_t);
207 static void pmap_free_l1(pmap_t);
209 static int pmap_clearbit(struct vm_page *, u_int);
211 static struct l2_bucket *pmap_get_l2_bucket(pmap_t, vm_offset_t);
212 static struct l2_bucket *pmap_alloc_l2_bucket(pmap_t, vm_offset_t);
213 static void pmap_free_l2_bucket(pmap_t, struct l2_bucket *, u_int);
214 static vm_offset_t kernel_pt_lookup(vm_paddr_t);
216 static MALLOC_DEFINE(M_VMPMAP, "pmap", "PMAP L1");
218 vm_offset_t virtual_avail; /* VA of first avail page (after kernel bss) */
219 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
220 vm_offset_t pmap_curmaxkvaddr;
221 vm_paddr_t kernel_l1pa;
223 vm_offset_t kernel_vm_end = 0;
225 vm_offset_t vm_max_kernel_address;
227 struct pmap kernel_pmap_store;
229 static pt_entry_t *csrc_pte, *cdst_pte;
230 static vm_offset_t csrcp, cdstp;
231 static struct mtx cmtx;
233 static void pmap_init_l1(struct l1_ttable *, pd_entry_t *);
235 * These routines are called when the CPU type is identified to set up
236 * the PTE prototypes, cache modes, etc.
238 * The variables are always here, just in case LKMs need to reference
239 * them (though, they shouldn't).
242 pt_entry_t pte_l1_s_cache_mode;
243 pt_entry_t pte_l1_s_cache_mode_pt;
244 pt_entry_t pte_l1_s_cache_mask;
246 pt_entry_t pte_l2_l_cache_mode;
247 pt_entry_t pte_l2_l_cache_mode_pt;
248 pt_entry_t pte_l2_l_cache_mask;
250 pt_entry_t pte_l2_s_cache_mode;
251 pt_entry_t pte_l2_s_cache_mode_pt;
252 pt_entry_t pte_l2_s_cache_mask;
254 pt_entry_t pte_l2_s_prot_u;
255 pt_entry_t pte_l2_s_prot_w;
256 pt_entry_t pte_l2_s_prot_mask;
258 pt_entry_t pte_l1_s_proto;
259 pt_entry_t pte_l1_c_proto;
260 pt_entry_t pte_l2_s_proto;
262 void (*pmap_copy_page_func)(vm_paddr_t, vm_paddr_t);
263 void (*pmap_copy_page_offs_func)(vm_paddr_t a_phys,
264 vm_offset_t a_offs, vm_paddr_t b_phys, vm_offset_t b_offs,
266 void (*pmap_zero_page_func)(vm_paddr_t, int, int);
268 struct msgbuf *msgbufp = 0;
273 static caddr_t crashdumpmap;
275 extern void bcopy_page(vm_offset_t, vm_offset_t);
276 extern void bzero_page(vm_offset_t);
278 extern vm_offset_t alloc_firstaddr;
283 * Metadata for L1 translation tables.
286 /* Entry on the L1 Table list */
287 SLIST_ENTRY(l1_ttable) l1_link;
289 /* Entry on the L1 Least Recently Used list */
290 TAILQ_ENTRY(l1_ttable) l1_lru;
292 /* Track how many domains are allocated from this L1 */
293 volatile u_int l1_domain_use_count;
296 * A free-list of domain numbers for this L1.
297 * We avoid using ffs() and a bitmap to track domains since ffs()
300 u_int8_t l1_domain_first;
301 u_int8_t l1_domain_free[PMAP_DOMAINS];
303 /* Physical address of this L1 page table */
304 vm_paddr_t l1_physaddr;
306 /* KVA of this L1 page table */
311 * Convert a virtual address into its L1 table index. That is, the
312 * index used to locate the L2 descriptor table pointer in an L1 table.
313 * This is basically used to index l1->l1_kva[].
315 * Each L2 descriptor table represents 1MB of VA space.
317 #define L1_IDX(va) (((vm_offset_t)(va)) >> L1_S_SHIFT)
320 * L1 Page Tables are tracked using a Least Recently Used list.
321 * - New L1s are allocated from the HEAD.
322 * - Freed L1s are added to the TAIl.
323 * - Recently accessed L1s (where an 'access' is some change to one of
324 * the userland pmaps which owns this L1) are moved to the TAIL.
326 static TAILQ_HEAD(, l1_ttable) l1_lru_list;
328 * A list of all L1 tables
330 static SLIST_HEAD(, l1_ttable) l1_list;
331 static struct mtx l1_lru_lock;
334 * The l2_dtable tracks L2_BUCKET_SIZE worth of L1 slots.
336 * This is normally 16MB worth L2 page descriptors for any given pmap.
337 * Reference counts are maintained for L2 descriptors so they can be
341 /* The number of L2 page descriptors allocated to this l2_dtable */
344 /* List of L2 page descriptors */
346 pt_entry_t *l2b_kva; /* KVA of L2 Descriptor Table */
347 vm_paddr_t l2b_phys; /* Physical address of same */
348 u_short l2b_l1idx; /* This L2 table's L1 index */
349 u_short l2b_occupancy; /* How many active descriptors */
350 } l2_bucket[L2_BUCKET_SIZE];
353 /* pmap_kenter_internal flags */
354 #define KENTER_CACHE 0x1
355 #define KENTER_USER 0x2
358 * Given an L1 table index, calculate the corresponding l2_dtable index
359 * and bucket index within the l2_dtable.
361 #define L2_IDX(l1idx) (((l1idx) >> L2_BUCKET_LOG2) & \
363 #define L2_BUCKET(l1idx) ((l1idx) & (L2_BUCKET_SIZE - 1))
366 * Given a virtual address, this macro returns the
367 * virtual address required to drop into the next L2 bucket.
369 #define L2_NEXT_BUCKET(va) (((va) & L1_S_FRAME) + L1_S_SIZE)
372 * We try to map the page tables write-through, if possible. However, not
373 * all CPUs have a write-through cache mode, so on those we have to sync
374 * the cache when we frob page tables.
376 * We try to evaluate this at compile time, if possible. However, it's
377 * not always possible to do that, hence this run-time var.
379 int pmap_needs_pte_sync;
382 * Macro to determine if a mapping might be resident in the
383 * instruction cache and/or TLB
385 #define PV_BEEN_EXECD(f) (((f) & (PVF_REF | PVF_EXEC)) == (PVF_REF | PVF_EXEC))
388 * Macro to determine if a mapping might be resident in the
389 * data cache and/or TLB
391 #define PV_BEEN_REFD(f) (((f) & PVF_REF) != 0)
393 #ifndef PMAP_SHPGPERPROC
394 #define PMAP_SHPGPERPROC 200
397 #define pmap_is_current(pm) ((pm) == pmap_kernel() || \
398 curproc->p_vmspace->vm_map.pmap == (pm))
399 static uma_zone_t pvzone = NULL;
401 static uma_zone_t l2table_zone;
402 static vm_offset_t pmap_kernel_l2dtable_kva;
403 static vm_offset_t pmap_kernel_l2ptp_kva;
404 static vm_paddr_t pmap_kernel_l2ptp_phys;
405 static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0;
406 static struct rwlock pvh_global_lock;
408 void pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs,
409 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt);
410 #if ARM_MMU_XSCALE == 1
411 void pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs,
412 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt);
416 * This list exists for the benefit of pmap_map_chunk(). It keeps track
417 * of the kernel L2 tables during bootstrap, so that pmap_map_chunk() can
418 * find them as necessary.
420 * Note that the data on this list MUST remain valid after initarm() returns,
421 * as pmap_bootstrap() uses it to contruct L2 table metadata.
423 SLIST_HEAD(, pv_addr) kernel_pt_list = SLIST_HEAD_INITIALIZER(kernel_pt_list);
426 pmap_init_l1(struct l1_ttable *l1, pd_entry_t *l1pt)
431 l1->l1_domain_use_count = 0;
432 l1->l1_domain_first = 0;
434 for (i = 0; i < PMAP_DOMAINS; i++)
435 l1->l1_domain_free[i] = i + 1;
438 * Copy the kernel's L1 entries to each new L1.
440 if (l1pt != pmap_kernel()->pm_l1->l1_kva)
441 memcpy(l1pt, pmap_kernel()->pm_l1->l1_kva, L1_TABLE_SIZE);
443 if ((l1->l1_physaddr = pmap_extract(pmap_kernel(), (vm_offset_t)l1pt)) == 0)
444 panic("pmap_init_l1: can't get PA of L1 at %p", l1pt);
445 SLIST_INSERT_HEAD(&l1_list, l1, l1_link);
446 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru);
450 kernel_pt_lookup(vm_paddr_t pa)
454 SLIST_FOREACH(pv, &kernel_pt_list, pv_list) {
461 #if ARM_MMU_GENERIC != 0
463 pmap_pte_init_generic(void)
466 pte_l1_s_cache_mode = L1_S_B|L1_S_C;
467 pte_l1_s_cache_mask = L1_S_CACHE_MASK_generic;
469 pte_l2_l_cache_mode = L2_B|L2_C;
470 pte_l2_l_cache_mask = L2_L_CACHE_MASK_generic;
472 pte_l2_s_cache_mode = L2_B|L2_C;
473 pte_l2_s_cache_mask = L2_S_CACHE_MASK_generic;
476 * If we have a write-through cache, set B and C. If
477 * we have a write-back cache, then we assume setting
478 * only C will make those pages write-through.
480 if (cpufuncs.cf_dcache_wb_range == (void *) cpufunc_nullop) {
481 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C;
482 pte_l2_l_cache_mode_pt = L2_B|L2_C;
483 pte_l2_s_cache_mode_pt = L2_B|L2_C;
485 pte_l1_s_cache_mode_pt = L1_S_C;
486 pte_l2_l_cache_mode_pt = L2_C;
487 pte_l2_s_cache_mode_pt = L2_C;
490 pte_l2_s_prot_u = L2_S_PROT_U_generic;
491 pte_l2_s_prot_w = L2_S_PROT_W_generic;
492 pte_l2_s_prot_mask = L2_S_PROT_MASK_generic;
494 pte_l1_s_proto = L1_S_PROTO_generic;
495 pte_l1_c_proto = L1_C_PROTO_generic;
496 pte_l2_s_proto = L2_S_PROTO_generic;
498 pmap_copy_page_func = pmap_copy_page_generic;
499 pmap_copy_page_offs_func = pmap_copy_page_offs_generic;
500 pmap_zero_page_func = pmap_zero_page_generic;
503 #if defined(CPU_ARM9) && defined(ARM9_CACHE_WRITE_THROUGH)
505 pmap_pte_init_arm9(void)
509 * ARM9 is compatible with generic, but we want to use
510 * write-through caching for now.
512 pmap_pte_init_generic();
514 pte_l1_s_cache_mode = L1_S_C;
515 pte_l2_l_cache_mode = L2_C;
516 pte_l2_s_cache_mode = L2_C;
518 pte_l1_s_cache_mode_pt = L1_S_C;
519 pte_l2_l_cache_mode_pt = L2_C;
520 pte_l2_s_cache_mode_pt = L2_C;
522 #endif /* CPU_ARM9 */
523 #endif /* ARM_MMU_GENERIC != 0 */
525 #if defined(CPU_ARM10)
527 pmap_pte_init_arm10(void)
531 * ARM10 is compatible with generic, but we want to use
532 * write-through caching for now.
534 pmap_pte_init_generic();
536 pte_l1_s_cache_mode = L1_S_B | L1_S_C;
537 pte_l2_l_cache_mode = L2_B | L2_C;
538 pte_l2_s_cache_mode = L2_B | L2_C;
540 pte_l1_s_cache_mode_pt = L1_S_C;
541 pte_l2_l_cache_mode_pt = L2_C;
542 pte_l2_s_cache_mode_pt = L2_C;
545 #endif /* CPU_ARM10 */
547 #if ARM_MMU_XSCALE == 1
548 #if (ARM_NMMUS > 1) || defined (CPU_XSCALE_CORE3)
549 static u_int xscale_use_minidata;
553 pmap_pte_init_xscale(void)
556 int write_through = 0;
558 pte_l1_s_cache_mode = L1_S_B|L1_S_C|L1_S_XSCALE_P;
559 pte_l1_s_cache_mask = L1_S_CACHE_MASK_xscale;
561 pte_l2_l_cache_mode = L2_B|L2_C;
562 pte_l2_l_cache_mask = L2_L_CACHE_MASK_xscale;
564 pte_l2_s_cache_mode = L2_B|L2_C;
565 pte_l2_s_cache_mask = L2_S_CACHE_MASK_xscale;
567 pte_l1_s_cache_mode_pt = L1_S_C;
568 pte_l2_l_cache_mode_pt = L2_C;
569 pte_l2_s_cache_mode_pt = L2_C;
570 #ifdef XSCALE_CACHE_READ_WRITE_ALLOCATE
572 * The XScale core has an enhanced mode where writes that
573 * miss the cache cause a cache line to be allocated. This
574 * is significantly faster than the traditional, write-through
575 * behavior of this case.
577 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_X);
578 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_X);
579 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_X);
580 #endif /* XSCALE_CACHE_READ_WRITE_ALLOCATE */
581 #ifdef XSCALE_CACHE_WRITE_THROUGH
583 * Some versions of the XScale core have various bugs in
584 * their cache units, the work-around for which is to run
585 * the cache in write-through mode. Unfortunately, this
586 * has a major (negative) impact on performance. So, we
587 * go ahead and run fast-and-loose, in the hopes that we
588 * don't line up the planets in a way that will trip the
591 * However, we give you the option to be slow-but-correct.
594 #elif defined(XSCALE_CACHE_WRITE_BACK)
595 /* force write back cache mode */
597 #elif defined(CPU_XSCALE_PXA2X0)
599 * Intel PXA2[15]0 processors are known to have a bug in
600 * write-back cache on revision 4 and earlier (stepping
601 * A[01] and B[012]). Fixed for C0 and later.
607 type = id & ~(CPU_ID_XSCALE_COREREV_MASK|CPU_ID_REVISION_MASK);
609 if (type == CPU_ID_PXA250 || type == CPU_ID_PXA210) {
610 if ((id & CPU_ID_REVISION_MASK) < 5) {
611 /* write through for stepping A0-1 and B0-2 */
616 #endif /* XSCALE_CACHE_WRITE_THROUGH */
619 pte_l1_s_cache_mode = L1_S_C;
620 pte_l2_l_cache_mode = L2_C;
621 pte_l2_s_cache_mode = L2_C;
625 xscale_use_minidata = 1;
628 pte_l2_s_prot_u = L2_S_PROT_U_xscale;
629 pte_l2_s_prot_w = L2_S_PROT_W_xscale;
630 pte_l2_s_prot_mask = L2_S_PROT_MASK_xscale;
632 pte_l1_s_proto = L1_S_PROTO_xscale;
633 pte_l1_c_proto = L1_C_PROTO_xscale;
634 pte_l2_s_proto = L2_S_PROTO_xscale;
636 #ifdef CPU_XSCALE_CORE3
637 pmap_copy_page_func = pmap_copy_page_generic;
638 pmap_copy_page_offs_func = pmap_copy_page_offs_generic;
639 pmap_zero_page_func = pmap_zero_page_generic;
640 xscale_use_minidata = 0;
641 /* Make sure it is L2-cachable */
642 pte_l1_s_cache_mode |= L1_S_XSCALE_TEX(TEX_XSCALE_T);
643 pte_l1_s_cache_mode_pt = pte_l1_s_cache_mode &~ L1_S_XSCALE_P;
644 pte_l2_l_cache_mode |= L2_XSCALE_L_TEX(TEX_XSCALE_T) ;
645 pte_l2_l_cache_mode_pt = pte_l1_s_cache_mode;
646 pte_l2_s_cache_mode |= L2_XSCALE_T_TEX(TEX_XSCALE_T);
647 pte_l2_s_cache_mode_pt = pte_l2_s_cache_mode;
650 pmap_copy_page_func = pmap_copy_page_xscale;
651 pmap_copy_page_offs_func = pmap_copy_page_offs_xscale;
652 pmap_zero_page_func = pmap_zero_page_xscale;
656 * Disable ECC protection of page table access, for now.
658 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl));
659 auxctl &= ~XSCALE_AUXCTL_P;
660 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl));
664 * xscale_setup_minidata:
666 * Set up the mini-data cache clean area. We require the
667 * caller to allocate the right amount of physically and
668 * virtually contiguous space.
670 extern vm_offset_t xscale_minidata_clean_addr;
671 extern vm_size_t xscale_minidata_clean_size; /* already initialized */
673 xscale_setup_minidata(vm_offset_t l1pt, vm_offset_t va, vm_paddr_t pa)
675 pd_entry_t *pde = (pd_entry_t *) l1pt;
680 xscale_minidata_clean_addr = va;
682 /* Round it to page size. */
683 size = (xscale_minidata_clean_size + L2_S_OFFSET) & L2_S_FRAME;
686 va += L2_S_SIZE, pa += L2_S_SIZE, size -= L2_S_SIZE) {
687 pte = (pt_entry_t *) kernel_pt_lookup(
688 pde[L1_IDX(va)] & L1_C_ADDR_MASK);
690 panic("xscale_setup_minidata: can't find L2 table for "
691 "VA 0x%08x", (u_int32_t) va);
692 pte[l2pte_index(va)] =
693 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, VM_PROT_READ) |
694 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X);
698 * Configure the mini-data cache for write-back with
699 * read/write-allocate.
701 * NOTE: In order to reconfigure the mini-data cache, we must
702 * make sure it contains no valid data! In order to do that,
703 * we must issue a global data cache invalidate command!
705 * WE ASSUME WE ARE RUNNING UN-CACHED WHEN THIS ROUTINE IS CALLED!
706 * THIS IS VERY IMPORTANT!
709 /* Invalidate data and mini-data. */
710 __asm __volatile("mcr p15, 0, %0, c7, c6, 0" : : "r" (0));
711 __asm __volatile("mrc p15, 0, %0, c1, c0, 1" : "=r" (auxctl));
712 auxctl = (auxctl & ~XSCALE_AUXCTL_MD_MASK) | XSCALE_AUXCTL_MD_WB_RWA;
713 __asm __volatile("mcr p15, 0, %0, c1, c0, 1" : : "r" (auxctl));
718 * Allocate an L1 translation table for the specified pmap.
719 * This is called at pmap creation time.
722 pmap_alloc_l1(pmap_t pm)
724 struct l1_ttable *l1;
728 * Remove the L1 at the head of the LRU list
730 mtx_lock(&l1_lru_lock);
731 l1 = TAILQ_FIRST(&l1_lru_list);
732 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru);
735 * Pick the first available domain number, and update
736 * the link to the next number.
738 domain = l1->l1_domain_first;
739 l1->l1_domain_first = l1->l1_domain_free[domain];
742 * If there are still free domain numbers in this L1,
743 * put it back on the TAIL of the LRU list.
745 if (++l1->l1_domain_use_count < PMAP_DOMAINS)
746 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru);
748 mtx_unlock(&l1_lru_lock);
751 * Fix up the relevant bits in the pmap structure
754 pm->pm_domain = domain + 1;
758 * Free an L1 translation table.
759 * This is called at pmap destruction time.
762 pmap_free_l1(pmap_t pm)
764 struct l1_ttable *l1 = pm->pm_l1;
766 mtx_lock(&l1_lru_lock);
769 * If this L1 is currently on the LRU list, remove it.
771 if (l1->l1_domain_use_count < PMAP_DOMAINS)
772 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru);
775 * Free up the domain number which was allocated to the pmap
777 l1->l1_domain_free[pm->pm_domain - 1] = l1->l1_domain_first;
778 l1->l1_domain_first = pm->pm_domain - 1;
779 l1->l1_domain_use_count--;
782 * The L1 now must have at least 1 free domain, so add
783 * it back to the LRU list. If the use count is zero,
784 * put it at the head of the list, otherwise it goes
787 if (l1->l1_domain_use_count == 0) {
788 TAILQ_INSERT_HEAD(&l1_lru_list, l1, l1_lru);
790 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru);
792 mtx_unlock(&l1_lru_lock);
796 * Returns a pointer to the L2 bucket associated with the specified pmap
797 * and VA, or NULL if no L2 bucket exists for the address.
799 static PMAP_INLINE struct l2_bucket *
800 pmap_get_l2_bucket(pmap_t pm, vm_offset_t va)
802 struct l2_dtable *l2;
803 struct l2_bucket *l2b;
808 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL ||
809 (l2b = &l2->l2_bucket[L2_BUCKET(l1idx)])->l2b_kva == NULL)
816 * Returns a pointer to the L2 bucket associated with the specified pmap
819 * If no L2 bucket exists, perform the necessary allocations to put an L2
820 * bucket/page table in place.
822 * Note that if a new L2 bucket/page was allocated, the caller *must*
823 * increment the bucket occupancy counter appropriately *before*
824 * releasing the pmap's lock to ensure no other thread or cpu deallocates
825 * the bucket/page in the meantime.
827 static struct l2_bucket *
828 pmap_alloc_l2_bucket(pmap_t pm, vm_offset_t va)
830 struct l2_dtable *l2;
831 struct l2_bucket *l2b;
836 PMAP_ASSERT_LOCKED(pm);
837 rw_assert(&pvh_global_lock, RA_WLOCKED);
838 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) {
840 * No mapping at this address, as there is
841 * no entry in the L1 table.
842 * Need to allocate a new l2_dtable.
845 rw_wunlock(&pvh_global_lock);
846 if ((l2 = uma_zalloc(l2table_zone, M_NOWAIT)) == NULL) {
847 rw_wlock(&pvh_global_lock);
851 rw_wlock(&pvh_global_lock);
853 if (pm->pm_l2[L2_IDX(l1idx)] != NULL) {
855 * Someone already allocated the l2_dtable while
856 * we were doing the same.
858 uma_zfree(l2table_zone, l2);
859 l2 = pm->pm_l2[L2_IDX(l1idx)];
861 bzero(l2, sizeof(*l2));
863 * Link it into the parent pmap
865 pm->pm_l2[L2_IDX(l1idx)] = l2;
869 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)];
872 * Fetch pointer to the L2 page table associated with the address.
874 if (l2b->l2b_kva == NULL) {
878 * No L2 page table has been allocated. Chances are, this
879 * is because we just allocated the l2_dtable, above.
882 rw_wunlock(&pvh_global_lock);
883 ptep = uma_zalloc(l2zone, M_NOWAIT);
884 rw_wlock(&pvh_global_lock);
886 if (l2b->l2b_kva != 0) {
887 /* We lost the race. */
888 uma_zfree(l2zone, ptep);
891 l2b->l2b_phys = vtophys(ptep);
894 * Oops, no more L2 page tables available at this
895 * time. We may need to deallocate the l2_dtable
896 * if we allocated a new one above.
898 if (l2->l2_occupancy == 0) {
899 pm->pm_l2[L2_IDX(l1idx)] = NULL;
900 uma_zfree(l2table_zone, l2);
907 l2b->l2b_l1idx = l1idx;
913 static PMAP_INLINE void
914 #ifndef PMAP_INCLUDE_PTE_SYNC
915 pmap_free_l2_ptp(pt_entry_t *l2)
917 pmap_free_l2_ptp(boolean_t need_sync, pt_entry_t *l2)
920 #ifdef PMAP_INCLUDE_PTE_SYNC
922 * Note: With a write-back cache, we may need to sync this
923 * L2 table before re-using it.
924 * This is because it may have belonged to a non-current
925 * pmap, in which case the cache syncs would have been
926 * skipped when the pages were being unmapped. If the
927 * L2 table were then to be immediately re-allocated to
928 * the *current* pmap, it may well contain stale mappings
929 * which have not yet been cleared by a cache write-back
930 * and so would still be visible to the mmu.
933 PTE_SYNC_RANGE(l2, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t));
935 uma_zfree(l2zone, l2);
938 * One or more mappings in the specified L2 descriptor table have just been
941 * Garbage collect the metadata and descriptor table itself if necessary.
943 * The pmap lock must be acquired when this is called (not necessary
944 * for the kernel pmap).
947 pmap_free_l2_bucket(pmap_t pm, struct l2_bucket *l2b, u_int count)
949 struct l2_dtable *l2;
950 pd_entry_t *pl1pd, l1pd;
956 * Update the bucket's reference count according to how many
957 * PTEs the caller has just invalidated.
959 l2b->l2b_occupancy -= count;
964 * Level 2 page tables allocated to the kernel pmap are never freed
965 * as that would require checking all Level 1 page tables and
966 * removing any references to the Level 2 page table. See also the
967 * comment elsewhere about never freeing bootstrap L2 descriptors.
969 * We make do with just invalidating the mapping in the L2 table.
971 * This isn't really a big deal in practice and, in fact, leads
972 * to a performance win over time as we don't need to continually
975 if (l2b->l2b_occupancy > 0 || pm == pmap_kernel())
979 * There are no more valid mappings in this level 2 page table.
980 * Go ahead and NULL-out the pointer in the bucket, then
981 * free the page table.
983 l1idx = l2b->l2b_l1idx;
987 pl1pd = &pm->pm_l1->l1_kva[l1idx];
990 * If the L1 slot matches the pmap's domain
991 * number, then invalidate it.
993 l1pd = *pl1pd & (L1_TYPE_MASK | L1_C_DOM_MASK);
994 if (l1pd == (L1_C_DOM(pm->pm_domain) | L1_TYPE_C)) {
1000 * Release the L2 descriptor table back to the pool cache.
1002 #ifndef PMAP_INCLUDE_PTE_SYNC
1003 pmap_free_l2_ptp(ptep);
1005 pmap_free_l2_ptp(!pmap_is_current(pm), ptep);
1009 * Update the reference count in the associated l2_dtable
1011 l2 = pm->pm_l2[L2_IDX(l1idx)];
1012 if (--l2->l2_occupancy > 0)
1016 * There are no more valid mappings in any of the Level 1
1017 * slots managed by this l2_dtable. Go ahead and NULL-out
1018 * the pointer in the parent pmap and free the l2_dtable.
1020 pm->pm_l2[L2_IDX(l1idx)] = NULL;
1021 uma_zfree(l2table_zone, l2);
1025 * Pool cache constructors for L2 descriptor tables, metadata and pmap
1029 pmap_l2ptp_ctor(void *mem, int size, void *arg, int flags)
1031 #ifndef PMAP_INCLUDE_PTE_SYNC
1032 struct l2_bucket *l2b;
1033 pt_entry_t *ptep, pte;
1035 vm_offset_t va = (vm_offset_t)mem & ~PAGE_MASK;
1038 * The mappings for these page tables were initially made using
1039 * pmap_kenter() by the pool subsystem. Therefore, the cache-
1040 * mode will not be right for page table mappings. To avoid
1041 * polluting the pmap_kenter() code with a special case for
1042 * page tables, we simply fix up the cache-mode here if it's not
1045 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
1046 ptep = &l2b->l2b_kva[l2pte_index(va)];
1049 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) {
1051 * Page tables must have the cache-mode set to
1054 *ptep = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt;
1056 cpu_tlb_flushD_SE(va);
1060 memset(mem, 0, L2_TABLE_SIZE_REAL);
1061 PTE_SYNC_RANGE(mem, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t));
1066 * A bunch of routines to conditionally flush the caches/TLB depending
1067 * on whether the specified pmap actually needs to be flushed at any
1070 static PMAP_INLINE void
1071 pmap_tlb_flushID_SE(pmap_t pm, vm_offset_t va)
1074 if (pmap_is_current(pm))
1075 cpu_tlb_flushID_SE(va);
1078 static PMAP_INLINE void
1079 pmap_tlb_flushD_SE(pmap_t pm, vm_offset_t va)
1082 if (pmap_is_current(pm))
1083 cpu_tlb_flushD_SE(va);
1086 static PMAP_INLINE void
1087 pmap_tlb_flushID(pmap_t pm)
1090 if (pmap_is_current(pm))
1093 static PMAP_INLINE void
1094 pmap_tlb_flushD(pmap_t pm)
1097 if (pmap_is_current(pm))
1102 pmap_has_valid_mapping(pmap_t pm, vm_offset_t va)
1107 if (pmap_get_pde_pte(pm, va, &pde, &ptep) &&
1108 ptep && ((*ptep & L2_TYPE_MASK) != L2_TYPE_INV))
1114 static PMAP_INLINE void
1115 pmap_idcache_wbinv_range(pmap_t pm, vm_offset_t va, vm_size_t len)
1119 CTR4(KTR_PMAP, "pmap_dcache_wbinv_range: pmap %p is_kernel %d va 0x%08x"
1120 " len 0x%x ", pm, pm == pmap_kernel(), va, len);
1122 if (pmap_is_current(pm) || pm == pmap_kernel()) {
1123 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len);
1125 if (pmap_has_valid_mapping(pm, va)) {
1126 cpu_idcache_wbinv_range(va, rest);
1127 cpu_l2cache_wbinv_range(va, rest);
1131 rest = MIN(PAGE_SIZE, len);
1136 static PMAP_INLINE void
1137 pmap_dcache_wb_range(pmap_t pm, vm_offset_t va, vm_size_t len, boolean_t do_inv,
1142 CTR4(KTR_PMAP, "pmap_dcache_wb_range: pmap %p is_kernel %d va 0x%08x "
1143 "len 0x%x ", pm, pm == pmap_kernel(), va, len);
1144 CTR2(KTR_PMAP, " do_inv %d rd_only %d", do_inv, rd_only);
1146 if (pmap_is_current(pm)) {
1147 rest = MIN(PAGE_SIZE - (va & PAGE_MASK), len);
1149 if (pmap_has_valid_mapping(pm, va)) {
1150 if (do_inv && rd_only) {
1151 cpu_dcache_inv_range(va, rest);
1152 cpu_l2cache_inv_range(va, rest);
1153 } else if (do_inv) {
1154 cpu_dcache_wbinv_range(va, rest);
1155 cpu_l2cache_wbinv_range(va, rest);
1156 } else if (!rd_only) {
1157 cpu_dcache_wb_range(va, rest);
1158 cpu_l2cache_wb_range(va, rest);
1164 rest = MIN(PAGE_SIZE, len);
1169 static PMAP_INLINE void
1170 pmap_idcache_wbinv_all(pmap_t pm)
1173 if (pmap_is_current(pm)) {
1174 cpu_idcache_wbinv_all();
1175 cpu_l2cache_wbinv_all();
1180 static PMAP_INLINE void
1181 pmap_dcache_wbinv_all(pmap_t pm)
1184 if (pmap_is_current(pm)) {
1185 cpu_dcache_wbinv_all();
1186 cpu_l2cache_wbinv_all();
1194 * Make sure the pte is written out to RAM.
1195 * We need to do this for one of two cases:
1196 * - We're dealing with the kernel pmap
1197 * - There is no pmap active in the cache/tlb.
1198 * - The specified pmap is 'active' in the cache/tlb.
1200 #ifdef PMAP_INCLUDE_PTE_SYNC
1201 #define PTE_SYNC_CURRENT(pm, ptep) \
1203 if (PMAP_NEEDS_PTE_SYNC && \
1204 pmap_is_current(pm)) \
1206 } while (/*CONSTCOND*/0)
1208 #define PTE_SYNC_CURRENT(pm, ptep) /* nothing */
1212 * cacheable == -1 means we must make the entry uncacheable, 1 means
1215 static __inline void
1216 pmap_set_cache_entry(pv_entry_t pv, pmap_t pm, vm_offset_t va, int cacheable)
1218 struct l2_bucket *l2b;
1219 pt_entry_t *ptep, pte;
1221 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va);
1222 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)];
1224 if (cacheable == 1) {
1225 pte = (*ptep & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode;
1226 if (l2pte_valid(pte)) {
1227 if (PV_BEEN_EXECD(pv->pv_flags)) {
1228 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va);
1229 } else if (PV_BEEN_REFD(pv->pv_flags)) {
1230 pmap_tlb_flushD_SE(pv->pv_pmap, pv->pv_va);
1234 pte = *ptep &~ L2_S_CACHE_MASK;
1235 if ((va != pv->pv_va || pm != pv->pv_pmap) &&
1237 if (PV_BEEN_EXECD(pv->pv_flags)) {
1238 pmap_idcache_wbinv_range(pv->pv_pmap,
1239 pv->pv_va, PAGE_SIZE);
1240 pmap_tlb_flushID_SE(pv->pv_pmap, pv->pv_va);
1241 } else if (PV_BEEN_REFD(pv->pv_flags)) {
1242 pmap_dcache_wb_range(pv->pv_pmap,
1243 pv->pv_va, PAGE_SIZE, TRUE,
1244 (pv->pv_flags & PVF_WRITE) == 0);
1245 pmap_tlb_flushD_SE(pv->pv_pmap,
1251 PTE_SYNC_CURRENT(pv->pv_pmap, ptep);
1255 pmap_fix_cache(struct vm_page *pg, pmap_t pm, vm_offset_t va)
1258 int writable = 0, kwritable = 0, uwritable = 0;
1259 int entries = 0, kentries = 0, uentries = 0;
1260 struct pv_entry *pv;
1262 rw_assert(&pvh_global_lock, RA_WLOCKED);
1264 /* the cache gets written back/invalidated on context switch.
1265 * therefore, if a user page shares an entry in the same page or
1266 * with the kernel map and at least one is writable, then the
1267 * cache entry must be set write-through.
1270 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) {
1271 /* generate a count of the pv_entry uses */
1272 if (pv->pv_flags & PVF_WRITE) {
1273 if (pv->pv_pmap == pmap_kernel())
1275 else if (pv->pv_pmap == pm)
1279 if (pv->pv_pmap == pmap_kernel())
1282 if (pv->pv_pmap == pm)
1288 * check if the user duplicate mapping has
1291 if ((pm != pmap_kernel()) && (((uentries > 1) && uwritable) ||
1295 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) {
1296 /* check for user uncachable conditions - order is important */
1297 if (pm != pmap_kernel() &&
1298 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel())) {
1300 if ((uentries > 1 && uwritable) || uwritable > 1) {
1302 /* user duplicate mapping */
1303 if (pv->pv_pmap != pmap_kernel())
1304 pv->pv_flags |= PVF_MWC;
1306 if (!(pv->pv_flags & PVF_NC)) {
1307 pv->pv_flags |= PVF_NC;
1308 pmap_set_cache_entry(pv, pm, va, -1);
1311 } else /* no longer a duplicate user */
1312 pv->pv_flags &= ~PVF_MWC;
1316 * check for kernel uncachable conditions
1317 * kernel writable or kernel readable with writable user entry
1319 if ((kwritable && (entries || kentries > 1)) ||
1321 ((kwritable != writable) && kentries &&
1322 (pv->pv_pmap == pmap_kernel() ||
1323 (pv->pv_flags & PVF_WRITE) ||
1324 (pv->pv_flags & PVF_MWC)))) {
1326 if (!(pv->pv_flags & PVF_NC)) {
1327 pv->pv_flags |= PVF_NC;
1328 pmap_set_cache_entry(pv, pm, va, -1);
1333 /* kernel and user are cachable */
1334 if ((pm == pmap_kernel()) && !(pv->pv_flags & PVF_MWC) &&
1335 (pv->pv_flags & PVF_NC)) {
1337 pv->pv_flags &= ~PVF_NC;
1338 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE)
1339 pmap_set_cache_entry(pv, pm, va, 1);
1342 /* user is no longer sharable and writable */
1343 if (pm != pmap_kernel() &&
1344 (pv->pv_pmap == pm || pv->pv_pmap == pmap_kernel()) &&
1345 !pmwc && (pv->pv_flags & PVF_NC)) {
1347 pv->pv_flags &= ~(PVF_NC | PVF_MWC);
1348 if (pg->md.pv_memattr != VM_MEMATTR_UNCACHEABLE)
1349 pmap_set_cache_entry(pv, pm, va, 1);
1353 if ((kwritable == 0) && (writable == 0)) {
1354 pg->md.pvh_attrs &= ~PVF_MOD;
1355 vm_page_aflag_clear(pg, PGA_WRITEABLE);
1361 * Modify pte bits for all ptes corresponding to the given physical address.
1362 * We use `maskbits' rather than `clearbits' because we're always passing
1363 * constants and the latter would require an extra inversion at run-time.
1366 pmap_clearbit(struct vm_page *pg, u_int maskbits)
1368 struct l2_bucket *l2b;
1369 struct pv_entry *pv;
1370 pt_entry_t *ptep, npte, opte;
1376 rw_wlock(&pvh_global_lock);
1378 if (maskbits & PVF_WRITE)
1379 maskbits |= PVF_MOD;
1381 * Clear saved attributes (modify, reference)
1383 pg->md.pvh_attrs &= ~(maskbits & (PVF_MOD | PVF_REF));
1385 if (TAILQ_EMPTY(&pg->md.pv_list)) {
1386 rw_wunlock(&pvh_global_lock);
1391 * Loop over all current mappings setting/clearing as appropos
1393 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list) {
1396 oflags = pv->pv_flags;
1398 if (!(oflags & maskbits)) {
1399 if ((maskbits & PVF_WRITE) && (pv->pv_flags & PVF_NC)) {
1400 if (pg->md.pv_memattr !=
1401 VM_MEMATTR_UNCACHEABLE) {
1403 l2b = pmap_get_l2_bucket(pm, va);
1404 ptep = &l2b->l2b_kva[l2pte_index(va)];
1405 *ptep |= pte_l2_s_cache_mode;
1409 pv->pv_flags &= ~(PVF_NC | PVF_MWC);
1413 pv->pv_flags &= ~maskbits;
1417 l2b = pmap_get_l2_bucket(pm, va);
1419 ptep = &l2b->l2b_kva[l2pte_index(va)];
1420 npte = opte = *ptep;
1422 if (maskbits & (PVF_WRITE|PVF_MOD)) {
1423 if ((pv->pv_flags & PVF_NC)) {
1425 * Entry is not cacheable:
1427 * Don't turn caching on again if this is a
1428 * modified emulation. This would be
1429 * inconsitent with the settings created by
1430 * pmap_fix_cache(). Otherwise, it's safe
1431 * to re-enable cacheing.
1433 * There's no need to call pmap_fix_cache()
1434 * here: all pages are losing their write
1437 if (maskbits & PVF_WRITE) {
1438 if (pg->md.pv_memattr !=
1439 VM_MEMATTR_UNCACHEABLE)
1440 npte |= pte_l2_s_cache_mode;
1441 pv->pv_flags &= ~(PVF_NC | PVF_MWC);
1444 if (opte & L2_S_PROT_W) {
1447 * Entry is writable/cacheable: check if pmap
1448 * is current if it is flush it, otherwise it
1449 * won't be in the cache
1451 if (PV_BEEN_EXECD(oflags))
1452 pmap_idcache_wbinv_range(pm, pv->pv_va,
1455 if (PV_BEEN_REFD(oflags))
1456 pmap_dcache_wb_range(pm, pv->pv_va,
1458 (maskbits & PVF_REF) ? TRUE : FALSE,
1462 /* make the pte read only */
1463 npte &= ~L2_S_PROT_W;
1466 if (maskbits & PVF_REF) {
1467 if ((pv->pv_flags & PVF_NC) == 0 &&
1468 (maskbits & (PVF_WRITE|PVF_MOD)) == 0) {
1470 * Check npte here; we may have already
1471 * done the wbinv above, and the validity
1472 * of the PTE is the same for opte and
1475 if (npte & L2_S_PROT_W) {
1476 if (PV_BEEN_EXECD(oflags))
1477 pmap_idcache_wbinv_range(pm,
1478 pv->pv_va, PAGE_SIZE);
1480 if (PV_BEEN_REFD(oflags))
1481 pmap_dcache_wb_range(pm,
1482 pv->pv_va, PAGE_SIZE,
1485 if ((npte & L2_TYPE_MASK) != L2_TYPE_INV) {
1486 /* XXXJRT need idcache_inv_range */
1487 if (PV_BEEN_EXECD(oflags))
1488 pmap_idcache_wbinv_range(pm,
1489 pv->pv_va, PAGE_SIZE);
1491 if (PV_BEEN_REFD(oflags))
1492 pmap_dcache_wb_range(pm,
1493 pv->pv_va, PAGE_SIZE,
1499 * Make the PTE invalid so that we will take a
1500 * page fault the next time the mapping is
1503 npte &= ~L2_TYPE_MASK;
1504 npte |= L2_TYPE_INV;
1511 /* Flush the TLB entry if a current pmap. */
1512 if (PV_BEEN_EXECD(oflags))
1513 pmap_tlb_flushID_SE(pm, pv->pv_va);
1515 if (PV_BEEN_REFD(oflags))
1516 pmap_tlb_flushD_SE(pm, pv->pv_va);
1523 if (maskbits & PVF_WRITE)
1524 vm_page_aflag_clear(pg, PGA_WRITEABLE);
1525 rw_wunlock(&pvh_global_lock);
1530 * main pv_entry manipulation functions:
1531 * pmap_enter_pv: enter a mapping onto a vm_page list
1532 * pmap_remove_pv: remove a mappiing from a vm_page list
1534 * NOTE: pmap_enter_pv expects to lock the pvh itself
1535 * pmap_remove_pv expects the caller to lock the pvh before calling
1539 * pmap_enter_pv: enter a mapping onto a vm_page's PV list
1541 * => caller should hold the proper lock on pvh_global_lock
1542 * => caller should have pmap locked
1543 * => we will (someday) gain the lock on the vm_page's PV list
1544 * => caller should adjust ptp's wire_count before calling
1545 * => caller should not adjust pmap's wire_count
1548 pmap_enter_pv(struct vm_page *pg, struct pv_entry *pve, pmap_t pm,
1549 vm_offset_t va, u_int flags)
1552 rw_assert(&pvh_global_lock, RA_WLOCKED);
1553 PMAP_ASSERT_LOCKED(pm);
1554 if (pg->md.pv_kva != 0) {
1555 pve->pv_pmap = kernel_pmap;
1556 pve->pv_va = pg->md.pv_kva;
1557 pve->pv_flags = PVF_WRITE | PVF_UNMAN;
1558 if (pm != kernel_pmap)
1559 PMAP_LOCK(kernel_pmap);
1560 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list);
1561 TAILQ_INSERT_HEAD(&kernel_pmap->pm_pvlist, pve, pv_plist);
1562 if (pm != kernel_pmap)
1563 PMAP_UNLOCK(kernel_pmap);
1565 if ((pve = pmap_get_pv_entry()) == NULL)
1566 panic("pmap_kenter_pv: no pv entries");
1570 pve->pv_flags = flags;
1571 TAILQ_INSERT_HEAD(&pg->md.pv_list, pve, pv_list);
1572 TAILQ_INSERT_HEAD(&pm->pm_pvlist, pve, pv_plist);
1573 pg->md.pvh_attrs |= flags & (PVF_REF | PVF_MOD);
1574 if (pve->pv_flags & PVF_WIRED)
1575 ++pm->pm_stats.wired_count;
1576 vm_page_aflag_set(pg, PGA_REFERENCED);
1581 * pmap_find_pv: Find a pv entry
1583 * => caller should hold lock on vm_page
1585 static PMAP_INLINE struct pv_entry *
1586 pmap_find_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va)
1588 struct pv_entry *pv;
1590 rw_assert(&pvh_global_lock, RA_WLOCKED);
1591 TAILQ_FOREACH(pv, &pg->md.pv_list, pv_list)
1592 if (pm == pv->pv_pmap && va == pv->pv_va)
1598 * vector_page_setprot:
1600 * Manipulate the protection of the vector page.
1603 vector_page_setprot(int prot)
1605 struct l2_bucket *l2b;
1608 l2b = pmap_get_l2_bucket(pmap_kernel(), vector_page);
1610 ptep = &l2b->l2b_kva[l2pte_index(vector_page)];
1612 *ptep = (*ptep & ~L1_S_PROT_MASK) | L2_S_PROT(PTE_KERNEL, prot);
1614 cpu_tlb_flushD_SE(vector_page);
1619 * pmap_remove_pv: try to remove a mapping from a pv_list
1621 * => caller should hold proper lock on pmap_main_lock
1622 * => pmap should be locked
1623 * => caller should hold lock on vm_page [so that attrs can be adjusted]
1624 * => caller should adjust ptp's wire_count and free PTP if needed
1625 * => caller should NOT adjust pmap's wire_count
1626 * => we return the removed pve
1630 pmap_nuke_pv(struct vm_page *pg, pmap_t pm, struct pv_entry *pve)
1633 struct pv_entry *pv;
1634 rw_assert(&pvh_global_lock, RA_WLOCKED);
1635 PMAP_ASSERT_LOCKED(pm);
1636 TAILQ_REMOVE(&pg->md.pv_list, pve, pv_list);
1637 TAILQ_REMOVE(&pm->pm_pvlist, pve, pv_plist);
1638 if (pve->pv_flags & PVF_WIRED)
1639 --pm->pm_stats.wired_count;
1640 if (pg->md.pvh_attrs & PVF_MOD)
1642 if (TAILQ_FIRST(&pg->md.pv_list) == NULL)
1643 pg->md.pvh_attrs &= ~PVF_REF;
1645 vm_page_aflag_set(pg, PGA_REFERENCED);
1646 if ((pve->pv_flags & PVF_NC) && ((pm == pmap_kernel()) ||
1647 (pve->pv_flags & PVF_WRITE) || !(pve->pv_flags & PVF_MWC)))
1648 pmap_fix_cache(pg, pm, 0);
1649 else if (pve->pv_flags & PVF_WRITE) {
1650 TAILQ_FOREACH(pve, &pg->md.pv_list, pv_list)
1651 if (pve->pv_flags & PVF_WRITE)
1654 pg->md.pvh_attrs &= ~PVF_MOD;
1655 vm_page_aflag_clear(pg, PGA_WRITEABLE);
1658 pv = TAILQ_FIRST(&pg->md.pv_list);
1659 if (pv != NULL && (pv->pv_flags & PVF_UNMAN) &&
1660 TAILQ_NEXT(pv, pv_list) == NULL) {
1662 pg->md.pv_kva = pv->pv_va;
1663 /* a recursive pmap_nuke_pv */
1664 TAILQ_REMOVE(&pg->md.pv_list, pv, pv_list);
1665 TAILQ_REMOVE(&pm->pm_pvlist, pv, pv_plist);
1666 if (pv->pv_flags & PVF_WIRED)
1667 --pm->pm_stats.wired_count;
1668 pg->md.pvh_attrs &= ~PVF_REF;
1669 pg->md.pvh_attrs &= ~PVF_MOD;
1670 vm_page_aflag_clear(pg, PGA_WRITEABLE);
1671 pmap_free_pv_entry(pv);
1675 static struct pv_entry *
1676 pmap_remove_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va)
1678 struct pv_entry *pve;
1680 rw_assert(&pvh_global_lock, RA_WLOCKED);
1681 pve = TAILQ_FIRST(&pg->md.pv_list);
1684 if (pve->pv_pmap == pm && pve->pv_va == va) { /* match? */
1685 pmap_nuke_pv(pg, pm, pve);
1688 pve = TAILQ_NEXT(pve, pv_list);
1691 if (pve == NULL && pg->md.pv_kva == va)
1694 return(pve); /* return removed pve */
1698 * pmap_modify_pv: Update pv flags
1700 * => caller should hold lock on vm_page [so that attrs can be adjusted]
1701 * => caller should NOT adjust pmap's wire_count
1702 * => we return the old flags
1704 * Modify a physical-virtual mapping in the pv table
1707 pmap_modify_pv(struct vm_page *pg, pmap_t pm, vm_offset_t va,
1708 u_int clr_mask, u_int set_mask)
1710 struct pv_entry *npv;
1711 u_int flags, oflags;
1713 PMAP_ASSERT_LOCKED(pm);
1714 rw_assert(&pvh_global_lock, RA_WLOCKED);
1715 if ((npv = pmap_find_pv(pg, pm, va)) == NULL)
1719 * There is at least one VA mapping this page.
1722 if (clr_mask & (PVF_REF | PVF_MOD))
1723 pg->md.pvh_attrs |= set_mask & (PVF_REF | PVF_MOD);
1725 oflags = npv->pv_flags;
1726 npv->pv_flags = flags = (oflags & ~clr_mask) | set_mask;
1728 if ((flags ^ oflags) & PVF_WIRED) {
1729 if (flags & PVF_WIRED)
1730 ++pm->pm_stats.wired_count;
1732 --pm->pm_stats.wired_count;
1735 if ((flags ^ oflags) & PVF_WRITE)
1736 pmap_fix_cache(pg, pm, 0);
1741 /* Function to set the debug level of the pmap code */
1744 pmap_debug(int level)
1746 pmap_debug_level = level;
1747 dprintf("pmap_debug: level=%d\n", pmap_debug_level);
1749 #endif /* PMAP_DEBUG */
1752 pmap_pinit0(struct pmap *pmap)
1754 PDEBUG(1, printf("pmap_pinit0: pmap = %08x\n", (u_int32_t) pmap));
1756 bcopy(kernel_pmap, pmap, sizeof(*pmap));
1757 bzero(&pmap->pm_mtx, sizeof(pmap->pm_mtx));
1758 PMAP_LOCK_INIT(pmap);
1762 * Initialize a vm_page's machine-dependent fields.
1765 pmap_page_init(vm_page_t m)
1768 TAILQ_INIT(&m->md.pv_list);
1769 m->md.pv_memattr = VM_MEMATTR_DEFAULT;
1773 * Initialize the pmap module.
1774 * Called by vm_init, to initialize any structures that the pmap
1775 * system needs to map virtual memory.
1780 int shpgperproc = PMAP_SHPGPERPROC;
1782 l2zone = uma_zcreate("L2 Table", L2_TABLE_SIZE_REAL, pmap_l2ptp_ctor,
1783 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE);
1784 l2table_zone = uma_zcreate("L2 Table", sizeof(struct l2_dtable), NULL,
1785 NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE);
1788 * Initialize the PV entry allocator.
1790 pvzone = uma_zcreate("PV ENTRY", sizeof (struct pv_entry), NULL, NULL,
1791 NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_VM | UMA_ZONE_NOFREE);
1792 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc);
1793 pv_entry_max = shpgperproc * maxproc + cnt.v_page_count;
1794 uma_zone_reserve_kva(pvzone, pv_entry_max);
1795 pv_entry_high_water = 9 * (pv_entry_max / 10);
1798 * Now it is safe to enable pv_table recording.
1800 PDEBUG(1, printf("pmap_init: done!\n"));
1804 pmap_fault_fixup(pmap_t pm, vm_offset_t va, vm_prot_t ftype, int user)
1806 struct l2_dtable *l2;
1807 struct l2_bucket *l2b;
1808 pd_entry_t *pl1pd, l1pd;
1809 pt_entry_t *ptep, pte;
1815 rw_wlock(&pvh_global_lock);
1819 * If there is no l2_dtable for this address, then the process
1820 * has no business accessing it.
1822 * Note: This will catch userland processes trying to access
1825 l2 = pm->pm_l2[L2_IDX(l1idx)];
1830 * Likewise if there is no L2 descriptor table
1832 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)];
1833 if (l2b->l2b_kva == NULL)
1837 * Check the PTE itself.
1839 ptep = &l2b->l2b_kva[l2pte_index(va)];
1845 * Catch a userland access to the vector page mapped at 0x0
1847 if (user && (pte & L2_S_PROT_U) == 0)
1849 if (va == vector_page)
1854 if ((ftype & VM_PROT_WRITE) && (pte & L2_S_PROT_W) == 0) {
1856 * This looks like a good candidate for "page modified"
1859 struct pv_entry *pv;
1862 /* Extract the physical address of the page */
1863 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) {
1866 /* Get the current flags for this page. */
1868 pv = pmap_find_pv(pg, pm, va);
1874 * Do the flags say this page is writable? If not then it
1875 * is a genuine write fault. If yes then the write fault is
1876 * our fault as we did not reflect the write access in the
1877 * PTE. Now we know a write has occurred we can correct this
1878 * and also set the modified bit
1880 if ((pv->pv_flags & PVF_WRITE) == 0) {
1884 pg->md.pvh_attrs |= PVF_REF | PVF_MOD;
1886 pv->pv_flags |= PVF_REF | PVF_MOD;
1889 * Re-enable write permissions for the page. No need to call
1890 * pmap_fix_cache(), since this is just a
1891 * modified-emulation fault, and the PVF_WRITE bit isn't
1892 * changing. We've already set the cacheable bits based on
1893 * the assumption that we can write to this page.
1895 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO | L2_S_PROT_W;
1899 if ((pte & L2_TYPE_MASK) == L2_TYPE_INV) {
1901 * This looks like a good candidate for "page referenced"
1904 struct pv_entry *pv;
1907 /* Extract the physical address of the page */
1908 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL)
1910 /* Get the current flags for this page. */
1912 pv = pmap_find_pv(pg, pm, va);
1916 pg->md.pvh_attrs |= PVF_REF;
1917 pv->pv_flags |= PVF_REF;
1920 *ptep = (pte & ~L2_TYPE_MASK) | L2_S_PROTO;
1926 * We know there is a valid mapping here, so simply
1927 * fix up the L1 if necessary.
1929 pl1pd = &pm->pm_l1->l1_kva[l1idx];
1930 l1pd = l2b->l2b_phys | L1_C_DOM(pm->pm_domain) | L1_C_PROTO;
1931 if (*pl1pd != l1pd) {
1939 * If 'rv == 0' at this point, it generally indicates that there is a
1940 * stale TLB entry for the faulting address. This happens when two or
1941 * more processes are sharing an L1. Since we don't flush the TLB on
1942 * a context switch between such processes, we can take domain faults
1943 * for mappings which exist at the same VA in both processes. EVEN IF
1944 * WE'VE RECENTLY FIXED UP THE CORRESPONDING L1 in pmap_enter(), for
1947 * This is extremely likely to happen if pmap_enter() updated the L1
1948 * entry for a recently entered mapping. In this case, the TLB is
1949 * flushed for the new mapping, but there may still be TLB entries for
1950 * other mappings belonging to other processes in the 1MB range
1951 * covered by the L1 entry.
1953 * Since 'rv == 0', we know that the L1 already contains the correct
1954 * value, so the fault must be due to a stale TLB entry.
1956 * Since we always need to flush the TLB anyway in the case where we
1957 * fixed up the L1, or frobbed the L2 PTE, we effectively deal with
1958 * stale TLB entries dynamically.
1960 * However, the above condition can ONLY happen if the current L1 is
1961 * being shared. If it happens when the L1 is unshared, it indicates
1962 * that other parts of the pmap are not doing their job WRT managing
1965 if (rv == 0 && pm->pm_l1->l1_domain_use_count == 1) {
1966 printf("fixup: pm %p, va 0x%lx, ftype %d - nothing to do!\n",
1967 pm, (u_long)va, ftype);
1968 printf("fixup: l2 %p, l2b %p, ptep %p, pl1pd %p\n",
1969 l2, l2b, ptep, pl1pd);
1970 printf("fixup: pte 0x%x, l1pd 0x%x, last code 0x%x\n",
1971 pte, l1pd, last_fault_code);
1978 cpu_tlb_flushID_SE(va);
1984 rw_wunlock(&pvh_global_lock);
1992 struct l2_bucket *l2b;
1993 struct l1_ttable *l1;
1995 pt_entry_t *ptep, pte;
1996 vm_offset_t va, eva;
1999 needed = (maxproc / PMAP_DOMAINS) + ((maxproc % PMAP_DOMAINS) ? 1 : 0);
2001 l1 = malloc(sizeof(*l1) * needed, M_VMPMAP, M_WAITOK);
2003 for (loop = 0; loop < needed; loop++, l1++) {
2004 /* Allocate a L1 page table */
2005 va = (vm_offset_t)contigmalloc(L1_TABLE_SIZE, M_VMPMAP, 0, 0x0,
2006 0xffffffff, L1_TABLE_SIZE, 0);
2009 panic("Cannot allocate L1 KVM");
2011 eva = va + L1_TABLE_SIZE;
2012 pl1pt = (pd_entry_t *)va;
2015 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
2016 ptep = &l2b->l2b_kva[l2pte_index(va)];
2018 pte = (pte & ~L2_S_CACHE_MASK) | pte_l2_s_cache_mode_pt;
2021 cpu_tlb_flushD_SE(va);
2025 pmap_init_l1(l1, pl1pt);
2030 printf("pmap_postinit: Allocated %d static L1 descriptor tables\n",
2036 * This is used to stuff certain critical values into the PCB where they
2037 * can be accessed quickly from cpu_switch() et al.
2040 pmap_set_pcb_pagedir(pmap_t pm, struct pcb *pcb)
2042 struct l2_bucket *l2b;
2044 pcb->pcb_pagedir = pm->pm_l1->l1_physaddr;
2045 pcb->pcb_dacr = (DOMAIN_CLIENT << (PMAP_DOMAIN_KERNEL * 2)) |
2046 (DOMAIN_CLIENT << (pm->pm_domain * 2));
2048 if (vector_page < KERNBASE) {
2049 pcb->pcb_pl1vec = &pm->pm_l1->l1_kva[L1_IDX(vector_page)];
2050 l2b = pmap_get_l2_bucket(pm, vector_page);
2051 pcb->pcb_l1vec = l2b->l2b_phys | L1_C_PROTO |
2052 L1_C_DOM(pm->pm_domain) | L1_C_DOM(PMAP_DOMAIN_KERNEL);
2054 pcb->pcb_pl1vec = NULL;
2058 pmap_activate(struct thread *td)
2063 pm = vmspace_pmap(td->td_proc->p_vmspace);
2067 pmap_set_pcb_pagedir(pm, pcb);
2069 if (td == curthread) {
2070 u_int cur_dacr, cur_ttb;
2072 __asm __volatile("mrc p15, 0, %0, c2, c0, 0" : "=r"(cur_ttb));
2073 __asm __volatile("mrc p15, 0, %0, c3, c0, 0" : "=r"(cur_dacr));
2075 cur_ttb &= ~(L1_TABLE_SIZE - 1);
2077 if (cur_ttb == (u_int)pcb->pcb_pagedir &&
2078 cur_dacr == pcb->pcb_dacr) {
2080 * No need to switch address spaces.
2088 * We MUST, I repeat, MUST fix up the L1 entry corresponding
2089 * to 'vector_page' in the incoming L1 table before switching
2090 * to it otherwise subsequent interrupts/exceptions (including
2091 * domain faults!) will jump into hyperspace.
2093 if (pcb->pcb_pl1vec) {
2095 *pcb->pcb_pl1vec = pcb->pcb_l1vec;
2097 * Don't need to PTE_SYNC() at this point since
2098 * cpu_setttb() is about to flush both the cache
2103 cpu_domains(pcb->pcb_dacr);
2104 cpu_setttb(pcb->pcb_pagedir);
2110 pmap_set_pt_cache_mode(pd_entry_t *kl1, vm_offset_t va)
2112 pd_entry_t *pdep, pde;
2113 pt_entry_t *ptep, pte;
2118 * Make sure the descriptor itself has the correct cache mode
2120 pdep = &kl1[L1_IDX(va)];
2123 if (l1pte_section_p(pde)) {
2124 if ((pde & L1_S_CACHE_MASK) != pte_l1_s_cache_mode_pt) {
2125 *pdep = (pde & ~L1_S_CACHE_MASK) |
2126 pte_l1_s_cache_mode_pt;
2128 cpu_dcache_wbinv_range((vm_offset_t)pdep,
2130 cpu_l2cache_wbinv_range((vm_offset_t)pdep,
2135 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK);
2136 ptep = (pt_entry_t *)kernel_pt_lookup(pa);
2138 panic("pmap_bootstrap: No L2 for L2 @ va %p\n", ptep);
2140 ptep = &ptep[l2pte_index(va)];
2142 if ((pte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) {
2143 *ptep = (pte & ~L2_S_CACHE_MASK) |
2144 pte_l2_s_cache_mode_pt;
2146 cpu_dcache_wbinv_range((vm_offset_t)ptep,
2148 cpu_l2cache_wbinv_range((vm_offset_t)ptep,
2158 pmap_alloc_specials(vm_offset_t *availp, int pages, vm_offset_t *vap,
2161 vm_offset_t va = *availp;
2162 struct l2_bucket *l2b;
2165 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
2167 panic("pmap_alloc_specials: no l2b for 0x%x", va);
2169 *ptep = &l2b->l2b_kva[l2pte_index(va)];
2173 *availp = va + (PAGE_SIZE * pages);
2177 * Bootstrap the system enough to run with virtual memory.
2179 * On the arm this is called after mapping has already been enabled
2180 * and just syncs the pmap module with what has already been done.
2181 * [We can't call it easily with mapping off since the kernel is not
2182 * mapped with PA == VA, hence we would have to relocate every address
2183 * from the linked base (virtual) address "KERNBASE" to the actual
2184 * (physical) address starting relative to 0]
2186 #define PMAP_STATIC_L2_SIZE 16
2188 pmap_bootstrap(vm_offset_t firstaddr, struct pv_addr *l1pt)
2190 static struct l1_ttable static_l1;
2191 static struct l2_dtable static_l2[PMAP_STATIC_L2_SIZE];
2192 struct l1_ttable *l1 = &static_l1;
2193 struct l2_dtable *l2;
2194 struct l2_bucket *l2b;
2196 pd_entry_t *kernel_l1pt = (pd_entry_t *)l1pt->pv_va;
2201 int l1idx, l2idx, l2next = 0;
2203 PDEBUG(1, printf("firstaddr = %08x, lastaddr = %08x\n",
2204 firstaddr, vm_max_kernel_address));
2206 virtual_avail = firstaddr;
2207 kernel_pmap->pm_l1 = l1;
2208 kernel_l1pa = l1pt->pv_pa;
2211 * Scan the L1 translation table created by initarm() and create
2212 * the required metadata for all valid mappings found in it.
2214 for (l1idx = 0; l1idx < (L1_TABLE_SIZE / sizeof(pd_entry_t)); l1idx++) {
2215 pde = kernel_l1pt[l1idx];
2218 * We're only interested in Coarse mappings.
2219 * pmap_extract() can deal with section mappings without
2220 * recourse to checking L2 metadata.
2222 if ((pde & L1_TYPE_MASK) != L1_TYPE_C)
2226 * Lookup the KVA of this L2 descriptor table
2228 pa = (vm_paddr_t)(pde & L1_C_ADDR_MASK);
2229 ptep = (pt_entry_t *)kernel_pt_lookup(pa);
2232 panic("pmap_bootstrap: No L2 for va 0x%x, pa 0x%lx",
2233 (u_int)l1idx << L1_S_SHIFT, (long unsigned int)pa);
2237 * Fetch the associated L2 metadata structure.
2238 * Allocate a new one if necessary.
2240 if ((l2 = kernel_pmap->pm_l2[L2_IDX(l1idx)]) == NULL) {
2241 if (l2next == PMAP_STATIC_L2_SIZE)
2242 panic("pmap_bootstrap: out of static L2s");
2243 kernel_pmap->pm_l2[L2_IDX(l1idx)] = l2 =
2244 &static_l2[l2next++];
2248 * One more L1 slot tracked...
2253 * Fill in the details of the L2 descriptor in the
2254 * appropriate bucket.
2256 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)];
2257 l2b->l2b_kva = ptep;
2259 l2b->l2b_l1idx = l1idx;
2262 * Establish an initial occupancy count for this descriptor
2265 l2idx < (L2_TABLE_SIZE_REAL / sizeof(pt_entry_t));
2267 if ((ptep[l2idx] & L2_TYPE_MASK) != L2_TYPE_INV) {
2268 l2b->l2b_occupancy++;
2273 * Make sure the descriptor itself has the correct cache mode.
2274 * If not, fix it, but whine about the problem. Port-meisters
2275 * should consider this a clue to fix up their initarm()
2278 if (pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)ptep)) {
2279 printf("pmap_bootstrap: WARNING! wrong cache mode for "
2280 "L2 pte @ %p\n", ptep);
2286 * Ensure the primary (kernel) L1 has the correct cache mode for
2287 * a page table. Bitch if it is not correctly set.
2289 for (va = (vm_offset_t)kernel_l1pt;
2290 va < ((vm_offset_t)kernel_l1pt + L1_TABLE_SIZE); va += PAGE_SIZE) {
2291 if (pmap_set_pt_cache_mode(kernel_l1pt, va))
2292 printf("pmap_bootstrap: WARNING! wrong cache mode for "
2293 "primary L1 @ 0x%x\n", va);
2296 cpu_dcache_wbinv_all();
2297 cpu_l2cache_wbinv_all();
2301 PMAP_LOCK_INIT(kernel_pmap);
2302 CPU_FILL(&kernel_pmap->pm_active);
2303 kernel_pmap->pm_domain = PMAP_DOMAIN_KERNEL;
2304 TAILQ_INIT(&kernel_pmap->pm_pvlist);
2307 * Initialize the global pv list lock.
2309 rw_init_flags(&pvh_global_lock, "pmap pv global", RW_RECURSE);
2312 * Reserve some special page table entries/VA space for temporary
2315 #define SYSMAP(c, p, v, n) \
2316 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n);
2318 pmap_alloc_specials(&virtual_avail, 1, &csrcp, &csrc_pte);
2319 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)csrc_pte);
2320 pmap_alloc_specials(&virtual_avail, 1, &cdstp, &cdst_pte);
2321 pmap_set_pt_cache_mode(kernel_l1pt, (vm_offset_t)cdst_pte);
2322 size = ((vm_max_kernel_address - pmap_curmaxkvaddr) + L1_S_OFFSET) /
2324 pmap_alloc_specials(&virtual_avail,
2325 round_page(size * L2_TABLE_SIZE_REAL) / PAGE_SIZE,
2326 &pmap_kernel_l2ptp_kva, NULL);
2328 size = (size + (L2_BUCKET_SIZE - 1)) / L2_BUCKET_SIZE;
2329 pmap_alloc_specials(&virtual_avail,
2330 round_page(size * sizeof(struct l2_dtable)) / PAGE_SIZE,
2331 &pmap_kernel_l2dtable_kva, NULL);
2333 pmap_alloc_specials(&virtual_avail,
2334 1, (vm_offset_t*)&_tmppt, NULL);
2335 pmap_alloc_specials(&virtual_avail,
2336 MAXDUMPPGS, (vm_offset_t *)&crashdumpmap, NULL);
2337 SLIST_INIT(&l1_list);
2338 TAILQ_INIT(&l1_lru_list);
2339 mtx_init(&l1_lru_lock, "l1 list lock", NULL, MTX_DEF);
2340 pmap_init_l1(l1, kernel_l1pt);
2341 cpu_dcache_wbinv_all();
2342 cpu_l2cache_wbinv_all();
2344 virtual_avail = round_page(virtual_avail);
2345 virtual_end = vm_max_kernel_address;
2346 kernel_vm_end = pmap_curmaxkvaddr;
2347 mtx_init(&cmtx, "TMP mappings mtx", NULL, MTX_DEF);
2349 pmap_set_pcb_pagedir(kernel_pmap, thread0.td_pcb);
2352 /***************************************************
2353 * Pmap allocation/deallocation routines.
2354 ***************************************************/
2357 * Release any resources held by the given physical map.
2358 * Called when a pmap initialized by pmap_pinit is being released.
2359 * Should only be called if the map contains no valid mappings.
2362 pmap_release(pmap_t pmap)
2366 pmap_idcache_wbinv_all(pmap);
2367 cpu_l2cache_wbinv_all();
2368 pmap_tlb_flushID(pmap);
2370 if (vector_page < KERNBASE) {
2371 struct pcb *curpcb = PCPU_GET(curpcb);
2372 pcb = thread0.td_pcb;
2373 if (pmap_is_current(pmap)) {
2375 * Frob the L1 entry corresponding to the vector
2376 * page so that it contains the kernel pmap's domain
2377 * number. This will ensure pmap_remove() does not
2378 * pull the current vector page out from under us.
2381 *pcb->pcb_pl1vec = pcb->pcb_l1vec;
2382 cpu_domains(pcb->pcb_dacr);
2383 cpu_setttb(pcb->pcb_pagedir);
2386 pmap_remove(pmap, vector_page, vector_page + PAGE_SIZE);
2388 * Make sure cpu_switch(), et al, DTRT. This is safe to do
2389 * since this process has no remaining mappings of its own.
2391 curpcb->pcb_pl1vec = pcb->pcb_pl1vec;
2392 curpcb->pcb_l1vec = pcb->pcb_l1vec;
2393 curpcb->pcb_dacr = pcb->pcb_dacr;
2394 curpcb->pcb_pagedir = pcb->pcb_pagedir;
2399 dprintf("pmap_release()\n");
2405 * Helper function for pmap_grow_l2_bucket()
2408 pmap_grow_map(vm_offset_t va, pt_entry_t cache_mode, vm_paddr_t *pap)
2410 struct l2_bucket *l2b;
2415 pg = vm_page_alloc(NULL, 0, VM_ALLOC_NOOBJ | VM_ALLOC_WIRED);
2418 pa = VM_PAGE_TO_PHYS(pg);
2423 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
2425 ptep = &l2b->l2b_kva[l2pte_index(va)];
2426 *ptep = L2_S_PROTO | pa | cache_mode |
2427 L2_S_PROT(PTE_KERNEL, VM_PROT_READ | VM_PROT_WRITE);
2433 * This is the same as pmap_alloc_l2_bucket(), except that it is only
2434 * used by pmap_growkernel().
2436 static __inline struct l2_bucket *
2437 pmap_grow_l2_bucket(pmap_t pm, vm_offset_t va)
2439 struct l2_dtable *l2;
2440 struct l2_bucket *l2b;
2441 struct l1_ttable *l1;
2448 if ((l2 = pm->pm_l2[L2_IDX(l1idx)]) == NULL) {
2450 * No mapping at this address, as there is
2451 * no entry in the L1 table.
2452 * Need to allocate a new l2_dtable.
2454 nva = pmap_kernel_l2dtable_kva;
2455 if ((nva & PAGE_MASK) == 0) {
2457 * Need to allocate a backing page
2459 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL))
2463 l2 = (struct l2_dtable *)nva;
2464 nva += sizeof(struct l2_dtable);
2466 if ((nva & PAGE_MASK) < (pmap_kernel_l2dtable_kva &
2469 * The new l2_dtable straddles a page boundary.
2470 * Map in another page to cover it.
2472 if (pmap_grow_map(nva, pte_l2_s_cache_mode, NULL))
2476 pmap_kernel_l2dtable_kva = nva;
2479 * Link it into the parent pmap
2481 pm->pm_l2[L2_IDX(l1idx)] = l2;
2482 memset(l2, 0, sizeof(*l2));
2485 l2b = &l2->l2_bucket[L2_BUCKET(l1idx)];
2488 * Fetch pointer to the L2 page table associated with the address.
2490 if (l2b->l2b_kva == NULL) {
2494 * No L2 page table has been allocated. Chances are, this
2495 * is because we just allocated the l2_dtable, above.
2497 nva = pmap_kernel_l2ptp_kva;
2498 ptep = (pt_entry_t *)nva;
2499 if ((nva & PAGE_MASK) == 0) {
2501 * Need to allocate a backing page
2503 if (pmap_grow_map(nva, pte_l2_s_cache_mode_pt,
2504 &pmap_kernel_l2ptp_phys))
2506 PTE_SYNC_RANGE(ptep, PAGE_SIZE / sizeof(pt_entry_t));
2508 memset(ptep, 0, L2_TABLE_SIZE_REAL);
2510 l2b->l2b_kva = ptep;
2511 l2b->l2b_l1idx = l1idx;
2512 l2b->l2b_phys = pmap_kernel_l2ptp_phys;
2514 pmap_kernel_l2ptp_kva += L2_TABLE_SIZE_REAL;
2515 pmap_kernel_l2ptp_phys += L2_TABLE_SIZE_REAL;
2518 /* Distribute new L1 entry to all other L1s */
2519 SLIST_FOREACH(l1, &l1_list, l1_link) {
2520 pl1pd = &l1->l1_kva[L1_IDX(va)];
2521 *pl1pd = l2b->l2b_phys | L1_C_DOM(PMAP_DOMAIN_KERNEL) |
2531 * grow the number of kernel page table entries, if needed
2534 pmap_growkernel(vm_offset_t addr)
2536 pmap_t kpm = pmap_kernel();
2538 if (addr <= pmap_curmaxkvaddr)
2539 return; /* we are OK */
2542 * whoops! we need to add kernel PTPs
2545 /* Map 1MB at a time */
2546 for (; pmap_curmaxkvaddr < addr; pmap_curmaxkvaddr += L1_S_SIZE)
2547 pmap_grow_l2_bucket(kpm, pmap_curmaxkvaddr);
2550 * flush out the cache, expensive but growkernel will happen so
2553 cpu_dcache_wbinv_all();
2554 cpu_l2cache_wbinv_all();
2557 kernel_vm_end = pmap_curmaxkvaddr;
2562 * Remove all pages from specified address space
2563 * this aids process exit speeds. Also, this code
2564 * is special cased for current process only, but
2565 * can have the more generic (and slightly slower)
2566 * mode enabled. This is much faster than pmap_remove
2567 * in the case of running down an entire address space.
2570 pmap_remove_pages(pmap_t pmap)
2572 struct pv_entry *pv, *npv;
2573 struct l2_bucket *l2b = NULL;
2577 rw_wlock(&pvh_global_lock);
2579 cpu_idcache_wbinv_all();
2580 cpu_l2cache_wbinv_all();
2581 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) {
2582 if (pv->pv_flags & PVF_WIRED || pv->pv_flags & PVF_UNMAN) {
2583 /* Cannot remove wired or unmanaged pages now. */
2584 npv = TAILQ_NEXT(pv, pv_plist);
2587 pmap->pm_stats.resident_count--;
2588 l2b = pmap_get_l2_bucket(pmap, pv->pv_va);
2589 KASSERT(l2b != NULL, ("No L2 bucket in pmap_remove_pages"));
2590 pt = &l2b->l2b_kva[l2pte_index(pv->pv_va)];
2591 m = PHYS_TO_VM_PAGE(*pt & L2_ADDR_MASK);
2592 KASSERT((vm_offset_t)m >= KERNBASE, ("Trying to access non-existent page va %x pte %x", pv->pv_va, *pt));
2595 npv = TAILQ_NEXT(pv, pv_plist);
2596 pmap_nuke_pv(m, pmap, pv);
2597 if (TAILQ_EMPTY(&m->md.pv_list))
2598 vm_page_aflag_clear(m, PGA_WRITEABLE);
2599 pmap_free_pv_entry(pv);
2600 pmap_free_l2_bucket(pmap, l2b, 1);
2602 rw_wunlock(&pvh_global_lock);
2609 /***************************************************
2610 * Low level mapping routines.....
2611 ***************************************************/
2613 #ifdef ARM_HAVE_SUPERSECTIONS
2614 /* Map a super section into the KVA. */
2617 pmap_kenter_supersection(vm_offset_t va, uint64_t pa, int flags)
2619 pd_entry_t pd = L1_S_PROTO | L1_S_SUPERSEC | (pa & L1_SUP_FRAME) |
2620 (((pa >> 32) & 0xf) << 20) | L1_S_PROT(PTE_KERNEL,
2621 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL);
2622 struct l1_ttable *l1;
2623 vm_offset_t va0, va_end;
2625 KASSERT(((va | pa) & L1_SUP_OFFSET) == 0,
2626 ("Not a valid super section mapping"));
2627 if (flags & SECTION_CACHE)
2628 pd |= pte_l1_s_cache_mode;
2629 else if (flags & SECTION_PT)
2630 pd |= pte_l1_s_cache_mode_pt;
2631 va0 = va & L1_SUP_FRAME;
2632 va_end = va + L1_SUP_SIZE;
2633 SLIST_FOREACH(l1, &l1_list, l1_link) {
2635 for (; va < va_end; va += L1_S_SIZE) {
2636 l1->l1_kva[L1_IDX(va)] = pd;
2637 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]);
2643 /* Map a section into the KVA. */
2646 pmap_kenter_section(vm_offset_t va, vm_offset_t pa, int flags)
2648 pd_entry_t pd = L1_S_PROTO | pa | L1_S_PROT(PTE_KERNEL,
2649 VM_PROT_READ|VM_PROT_WRITE) | L1_S_DOM(PMAP_DOMAIN_KERNEL);
2650 struct l1_ttable *l1;
2652 KASSERT(((va | pa) & L1_S_OFFSET) == 0,
2653 ("Not a valid section mapping"));
2654 if (flags & SECTION_CACHE)
2655 pd |= pte_l1_s_cache_mode;
2656 else if (flags & SECTION_PT)
2657 pd |= pte_l1_s_cache_mode_pt;
2658 SLIST_FOREACH(l1, &l1_list, l1_link) {
2659 l1->l1_kva[L1_IDX(va)] = pd;
2660 PTE_SYNC(&l1->l1_kva[L1_IDX(va)]);
2665 * Make a temporary mapping for a physical address. This is only intended
2666 * to be used for panic dumps.
2669 pmap_kenter_temporary(vm_paddr_t pa, int i)
2673 va = (vm_offset_t)crashdumpmap + (i * PAGE_SIZE);
2674 pmap_kenter(va, pa);
2675 return ((void *)crashdumpmap);
2679 * add a wired page to the kva
2680 * note that in order for the mapping to take effect -- you
2681 * should do a invltlb after doing the pmap_kenter...
2683 static PMAP_INLINE void
2684 pmap_kenter_internal(vm_offset_t va, vm_offset_t pa, int flags)
2686 struct l2_bucket *l2b;
2689 struct pv_entry *pve;
2692 PDEBUG(1, printf("pmap_kenter: va = %08x, pa = %08x\n",
2693 (uint32_t) va, (uint32_t) pa));
2696 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
2698 l2b = pmap_grow_l2_bucket(pmap_kernel(), va);
2699 KASSERT(l2b != NULL, ("No L2 Bucket"));
2700 pte = &l2b->l2b_kva[l2pte_index(va)];
2702 PDEBUG(1, printf("pmap_kenter: pte = %08x, opte = %08x, npte = %08x\n",
2703 (uint32_t) pte, opte, *pte));
2704 if (l2pte_valid(opte)) {
2708 l2b->l2b_occupancy++;
2710 *pte = L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL,
2711 VM_PROT_READ | VM_PROT_WRITE);
2712 if (flags & KENTER_CACHE)
2713 *pte |= pte_l2_s_cache_mode;
2714 if (flags & KENTER_USER)
2715 *pte |= L2_S_PROT_U;
2719 * A kernel mapping may not be the page's only mapping, so create a PV
2720 * entry to ensure proper caching.
2722 * The existence test for the pvzone is used to delay the recording of
2723 * kernel mappings until the VM system is fully initialized.
2725 * This expects the physical memory to have a vm_page_array entry.
2727 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) != NULL) {
2728 rw_wlock(&pvh_global_lock);
2729 if (!TAILQ_EMPTY(&m->md.pv_list) || m->md.pv_kva != 0) {
2730 if ((pve = pmap_get_pv_entry()) == NULL)
2731 panic("pmap_kenter_internal: no pv entries");
2732 PMAP_LOCK(pmap_kernel());
2733 pmap_enter_pv(m, pve, pmap_kernel(), va,
2734 PVF_WRITE | PVF_UNMAN);
2735 pmap_fix_cache(m, pmap_kernel(), va);
2736 PMAP_UNLOCK(pmap_kernel());
2740 rw_wunlock(&pvh_global_lock);
2745 pmap_kenter(vm_offset_t va, vm_paddr_t pa)
2747 pmap_kenter_internal(va, pa, KENTER_CACHE);
2751 pmap_kenter_nocache(vm_offset_t va, vm_paddr_t pa)
2754 pmap_kenter_internal(va, pa, 0);
2758 pmap_kenter_device(vm_offset_t va, vm_paddr_t pa)
2762 * XXX - Need a way for kenter_internal to handle PTE_DEVICE mapping as
2763 * a potentially different thing than PTE_NOCACHE.
2765 pmap_kenter_internal(va, pa, 0);
2769 pmap_kenter_user(vm_offset_t va, vm_paddr_t pa)
2772 pmap_kenter_internal(va, pa, KENTER_CACHE|KENTER_USER);
2774 * Call pmap_fault_fixup now, to make sure we'll have no exception
2775 * at the first use of the new address, or bad things will happen,
2776 * as we use one of these addresses in the exception handlers.
2778 pmap_fault_fixup(pmap_kernel(), va, VM_PROT_READ|VM_PROT_WRITE, 1);
2782 pmap_kextract(vm_offset_t va)
2785 return (pmap_extract_locked(kernel_pmap, va));
2789 * remove a page from the kernel pagetables
2792 pmap_kremove(vm_offset_t va)
2794 struct l2_bucket *l2b;
2795 pt_entry_t *pte, opte;
2796 struct pv_entry *pve;
2800 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
2803 KASSERT(l2b != NULL, ("No L2 Bucket"));
2804 pte = &l2b->l2b_kva[l2pte_index(va)];
2806 if (l2pte_valid(opte)) {
2807 /* pa = vtophs(va) taken from pmap_extract() */
2808 switch (opte & L2_TYPE_MASK) {
2810 pa = (opte & L2_L_FRAME) | (va & L2_L_OFFSET);
2813 pa = (opte & L2_S_FRAME) | (va & L2_S_OFFSET);
2816 /* note: should never have to remove an allocation
2817 * before the pvzone is initialized.
2819 rw_wlock(&pvh_global_lock);
2820 PMAP_LOCK(pmap_kernel());
2821 if (pvzone != NULL && (m = vm_phys_paddr_to_vm_page(pa)) &&
2822 (pve = pmap_remove_pv(m, pmap_kernel(), va)))
2823 pmap_free_pv_entry(pve);
2824 PMAP_UNLOCK(pmap_kernel());
2825 rw_wunlock(&pvh_global_lock);
2826 va = va & ~PAGE_MASK;
2827 cpu_dcache_wbinv_range(va, PAGE_SIZE);
2828 cpu_l2cache_wbinv_range(va, PAGE_SIZE);
2829 cpu_tlb_flushD_SE(va);
2837 * Used to map a range of physical addresses into kernel
2838 * virtual address space.
2840 * The value passed in '*virt' is a suggested virtual address for
2841 * the mapping. Architectures which can support a direct-mapped
2842 * physical to virtual region can return the appropriate address
2843 * within that region, leaving '*virt' unchanged. Other
2844 * architectures should map the pages starting at '*virt' and
2845 * update '*virt' with the first usable address after the mapped
2849 pmap_map(vm_offset_t *virt, vm_offset_t start, vm_offset_t end, int prot)
2851 vm_offset_t sva = *virt;
2852 vm_offset_t va = sva;
2854 PDEBUG(1, printf("pmap_map: virt = %08x, start = %08x, end = %08x, "
2855 "prot = %d\n", (uint32_t) *virt, (uint32_t) start, (uint32_t) end,
2858 while (start < end) {
2859 pmap_kenter(va, start);
2868 pmap_wb_page(vm_page_t m)
2870 struct pv_entry *pv;
2872 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list)
2873 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, FALSE,
2874 (pv->pv_flags & PVF_WRITE) == 0);
2878 pmap_inv_page(vm_page_t m)
2880 struct pv_entry *pv;
2882 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list)
2883 pmap_dcache_wb_range(pv->pv_pmap, pv->pv_va, PAGE_SIZE, TRUE, TRUE);
2886 * Add a list of wired pages to the kva
2887 * this routine is only used for temporary
2888 * kernel mappings that do not need to have
2889 * page modification or references recorded.
2890 * Note that old mappings are simply written
2891 * over. The page *must* be wired.
2894 pmap_qenter(vm_offset_t va, vm_page_t *m, int count)
2898 for (i = 0; i < count; i++) {
2900 pmap_kenter_internal(va, VM_PAGE_TO_PHYS(m[i]),
2908 * this routine jerks page mappings from the
2909 * kernel -- it is meant only for temporary mappings.
2912 pmap_qremove(vm_offset_t va, int count)
2917 for (i = 0; i < count; i++) {
2920 pmap_inv_page(PHYS_TO_VM_PAGE(pa));
2929 * pmap_object_init_pt preloads the ptes for a given object
2930 * into the specified pmap. This eliminates the blast of soft
2931 * faults on process startup and immediately after an mmap.
2934 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_object_t object,
2935 vm_pindex_t pindex, vm_size_t size)
2938 VM_OBJECT_ASSERT_WLOCKED(object);
2939 KASSERT(object->type == OBJT_DEVICE || object->type == OBJT_SG,
2940 ("pmap_object_init_pt: non-device object"));
2945 * pmap_is_prefaultable:
2947 * Return whether or not the specified virtual address is elgible
2951 pmap_is_prefaultable(pmap_t pmap, vm_offset_t addr)
2956 if (!pmap_get_pde_pte(pmap, addr, &pde, &pte))
2958 KASSERT(pte != NULL, ("Valid mapping but no pte ?"));
2965 * Fetch pointers to the PDE/PTE for the given pmap/VA pair.
2966 * Returns TRUE if the mapping exists, else FALSE.
2968 * NOTE: This function is only used by a couple of arm-specific modules.
2969 * It is not safe to take any pmap locks here, since we could be right
2970 * in the middle of debugging the pmap anyway...
2972 * It is possible for this routine to return FALSE even though a valid
2973 * mapping does exist. This is because we don't lock, so the metadata
2974 * state may be inconsistent.
2976 * NOTE: We can return a NULL *ptp in the case where the L1 pde is
2977 * a "section" mapping.
2980 pmap_get_pde_pte(pmap_t pm, vm_offset_t va, pd_entry_t **pdp, pt_entry_t **ptp)
2982 struct l2_dtable *l2;
2983 pd_entry_t *pl1pd, l1pd;
2987 if (pm->pm_l1 == NULL)
2991 *pdp = pl1pd = &pm->pm_l1->l1_kva[l1idx];
2994 if (l1pte_section_p(l1pd)) {
2999 if (pm->pm_l2 == NULL)
3002 l2 = pm->pm_l2[L2_IDX(l1idx)];
3005 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) {
3009 *ptp = &ptep[l2pte_index(va)];
3014 * Routine: pmap_remove_all
3016 * Removes this physical page from
3017 * all physical maps in which it resides.
3018 * Reflects back modify bits to the pager.
3021 * Original versions of this routine were very
3022 * inefficient because they iteratively called
3023 * pmap_remove (slow...)
3026 pmap_remove_all(vm_page_t m)
3030 struct l2_bucket *l2b;
3031 boolean_t flush = FALSE;
3035 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
3036 ("pmap_remove_all: page %p is not managed", m));
3037 if (TAILQ_EMPTY(&m->md.pv_list))
3039 rw_wlock(&pvh_global_lock);
3040 pmap_remove_write(m);
3041 curpm = vmspace_pmap(curproc->p_vmspace);
3042 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
3043 if (flush == FALSE && (pv->pv_pmap == curpm ||
3044 pv->pv_pmap == pmap_kernel()))
3047 PMAP_LOCK(pv->pv_pmap);
3049 * Cached contents were written-back in pmap_remove_write(),
3050 * but we still have to invalidate the cache entry to make
3051 * sure stale data are not retrieved when another page will be
3052 * mapped under this virtual address.
3054 if (pmap_is_current(pv->pv_pmap)) {
3055 cpu_dcache_inv_range(pv->pv_va, PAGE_SIZE);
3056 if (pmap_has_valid_mapping(pv->pv_pmap, pv->pv_va))
3057 cpu_l2cache_inv_range(pv->pv_va, PAGE_SIZE);
3060 if (pv->pv_flags & PVF_UNMAN) {
3061 /* remove the pv entry, but do not remove the mapping
3062 * and remember this is a kernel mapped page
3064 m->md.pv_kva = pv->pv_va;
3066 /* remove the mapping and pv entry */
3067 l2b = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va);
3068 KASSERT(l2b != NULL, ("No l2 bucket"));
3069 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)];
3071 PTE_SYNC_CURRENT(pv->pv_pmap, ptep);
3072 pmap_free_l2_bucket(pv->pv_pmap, l2b, 1);
3073 pv->pv_pmap->pm_stats.resident_count--;
3074 flags |= pv->pv_flags;
3076 pmap_nuke_pv(m, pv->pv_pmap, pv);
3077 PMAP_UNLOCK(pv->pv_pmap);
3078 pmap_free_pv_entry(pv);
3082 if (PV_BEEN_EXECD(flags))
3083 pmap_tlb_flushID(curpm);
3085 pmap_tlb_flushD(curpm);
3087 vm_page_aflag_clear(m, PGA_WRITEABLE);
3088 rw_wunlock(&pvh_global_lock);
3093 * Set the physical protection on the
3094 * specified range of this map as requested.
3097 pmap_protect(pmap_t pm, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
3099 struct l2_bucket *l2b;
3100 pt_entry_t *ptep, pte;
3101 vm_offset_t next_bucket;
3105 CTR4(KTR_PMAP, "pmap_protect: pmap %p sva 0x%08x eva 0x%08x prot %x",
3106 pm, sva, eva, prot);
3108 if ((prot & VM_PROT_READ) == 0) {
3109 pmap_remove(pm, sva, eva);
3113 if (prot & VM_PROT_WRITE) {
3115 * If this is a read->write transition, just ignore it and let
3116 * vm_fault() take care of it later.
3121 rw_wlock(&pvh_global_lock);
3125 * OK, at this point, we know we're doing write-protect operation.
3126 * If the pmap is active, write-back the range.
3128 pmap_dcache_wb_range(pm, sva, eva - sva, FALSE, FALSE);
3130 flush = ((eva - sva) >= (PAGE_SIZE * 4)) ? 0 : -1;
3134 next_bucket = L2_NEXT_BUCKET(sva);
3135 if (next_bucket > eva)
3138 l2b = pmap_get_l2_bucket(pm, sva);
3144 ptep = &l2b->l2b_kva[l2pte_index(sva)];
3146 while (sva < next_bucket) {
3147 if ((pte = *ptep) != 0 && (pte & L2_S_PROT_W) != 0) {
3151 pg = PHYS_TO_VM_PAGE(l2pte_pa(pte));
3152 pte &= ~L2_S_PROT_W;
3156 if (!(pg->oflags & VPO_UNMANAGED)) {
3157 f = pmap_modify_pv(pg, pm, sva,
3168 if (PV_BEEN_EXECD(f))
3169 pmap_tlb_flushID_SE(pm, sva);
3171 if (PV_BEEN_REFD(f))
3172 pmap_tlb_flushD_SE(pm, sva);
3182 if (PV_BEEN_EXECD(flags))
3183 pmap_tlb_flushID(pm);
3185 if (PV_BEEN_REFD(flags))
3186 pmap_tlb_flushD(pm);
3188 rw_wunlock(&pvh_global_lock);
3195 * Insert the given physical page (p) at
3196 * the specified virtual address (v) in the
3197 * target physical map with the protection requested.
3199 * If specified, the page will be wired down, meaning
3200 * that the related pte can not be reclaimed.
3202 * NB: This is the only routine which MAY NOT lazy-evaluate
3203 * or lose information. That is, this routine must actually
3204 * insert this page into the given map NOW.
3208 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
3209 u_int flags, int8_t psind __unused)
3213 rw_wlock(&pvh_global_lock);
3215 rv = pmap_enter_locked(pmap, va, m, prot, flags);
3216 rw_wunlock(&pvh_global_lock);
3222 * The pvh global and pmap locks must be held.
3225 pmap_enter_locked(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
3228 struct l2_bucket *l2b = NULL;
3229 struct vm_page *opg;
3230 struct pv_entry *pve = NULL;
3231 pt_entry_t *ptep, npte, opte;
3236 PMAP_ASSERT_LOCKED(pmap);
3237 rw_assert(&pvh_global_lock, RA_WLOCKED);
3238 if (va == vector_page) {
3239 pa = systempage.pv_pa;
3242 if ((m->oflags & VPO_UNMANAGED) == 0 && !vm_page_xbusied(m))
3243 VM_OBJECT_ASSERT_LOCKED(m->object);
3244 pa = VM_PAGE_TO_PHYS(m);
3247 if (prot & VM_PROT_WRITE)
3248 nflags |= PVF_WRITE;
3249 if (prot & VM_PROT_EXECUTE)
3251 if ((flags & PMAP_ENTER_WIRED) != 0)
3252 nflags |= PVF_WIRED;
3253 PDEBUG(1, printf("pmap_enter: pmap = %08x, va = %08x, m = %08x, prot = %x, "
3254 "flags = %x\n", (uint32_t) pmap, va, (uint32_t) m, prot, flags));
3256 if (pmap == pmap_kernel()) {
3257 l2b = pmap_get_l2_bucket(pmap, va);
3259 l2b = pmap_grow_l2_bucket(pmap, va);
3262 l2b = pmap_alloc_l2_bucket(pmap, va);
3264 if ((flags & PMAP_ENTER_NOSLEEP) == 0) {
3266 rw_wunlock(&pvh_global_lock);
3268 rw_wlock(&pvh_global_lock);
3272 return (KERN_RESOURCE_SHORTAGE);
3276 ptep = &l2b->l2b_kva[l2pte_index(va)];
3283 * There is already a mapping at this address.
3284 * If the physical address is different, lookup the
3287 if (l2pte_pa(opte) != pa)
3288 opg = PHYS_TO_VM_PAGE(l2pte_pa(opte));
3294 if ((prot & (VM_PROT_ALL)) ||
3295 (!m || m->md.pvh_attrs & PVF_REF)) {
3297 * - The access type indicates that we don't need
3298 * to do referenced emulation.
3300 * - The physical page has already been referenced
3301 * so no need to re-do referenced emulation here.
3307 if (m && ((prot & VM_PROT_WRITE) != 0 ||
3308 (m->md.pvh_attrs & PVF_MOD))) {
3310 * This is a writable mapping, and the
3311 * page's mod state indicates it has
3312 * already been modified. Make it
3313 * writable from the outset.
3316 if (!(m->md.pvh_attrs & PVF_MOD))
3320 vm_page_aflag_set(m, PGA_REFERENCED);
3323 * Need to do page referenced emulation.
3325 npte |= L2_TYPE_INV;
3328 if (prot & VM_PROT_WRITE) {
3329 npte |= L2_S_PROT_W;
3331 (m->oflags & VPO_UNMANAGED) == 0)
3332 vm_page_aflag_set(m, PGA_WRITEABLE);
3334 if (m->md.pv_memattr != VM_MEMATTR_UNCACHEABLE)
3335 npte |= pte_l2_s_cache_mode;
3336 if (m && m == opg) {
3338 * We're changing the attrs of an existing mapping.
3340 oflags = pmap_modify_pv(m, pmap, va,
3341 PVF_WRITE | PVF_EXEC | PVF_WIRED |
3342 PVF_MOD | PVF_REF, nflags);
3345 * We may need to flush the cache if we're
3348 if (pmap_is_current(pmap) &&
3349 (oflags & PVF_NC) == 0 &&
3350 (opte & L2_S_PROT_W) != 0 &&
3351 (prot & VM_PROT_WRITE) == 0 &&
3352 (opte & L2_TYPE_MASK) != L2_TYPE_INV) {
3353 cpu_dcache_wb_range(va, PAGE_SIZE);
3354 cpu_l2cache_wb_range(va, PAGE_SIZE);
3358 * New mapping, or changing the backing page
3359 * of an existing mapping.
3363 * Replacing an existing mapping with a new one.
3364 * It is part of our managed memory so we
3365 * must remove it from the PV list
3367 if ((pve = pmap_remove_pv(opg, pmap, va))) {
3369 /* note for patch: the oflags/invalidation was moved
3370 * because PG_FICTITIOUS pages could free the pve
3372 oflags = pve->pv_flags;
3374 * If the old mapping was valid (ref/mod
3375 * emulation creates 'invalid' mappings
3376 * initially) then make sure to frob
3379 if ((oflags & PVF_NC) == 0 && l2pte_valid(opte)) {
3380 if (PV_BEEN_EXECD(oflags)) {
3381 pmap_idcache_wbinv_range(pmap, va,
3384 if (PV_BEEN_REFD(oflags)) {
3385 pmap_dcache_wb_range(pmap, va,
3387 (oflags & PVF_WRITE) == 0);
3391 /* free/allocate a pv_entry for UNMANAGED pages if
3392 * this physical page is not/is already mapped.
3395 if (m && (m->oflags & VPO_UNMANAGED) &&
3397 TAILQ_EMPTY(&m->md.pv_list)) {
3398 pmap_free_pv_entry(pve);
3402 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva ||
3403 !TAILQ_EMPTY(&m->md.pv_list)))
3404 pve = pmap_get_pv_entry();
3406 (!(m->oflags & VPO_UNMANAGED) || m->md.pv_kva ||
3407 !TAILQ_EMPTY(&m->md.pv_list)))
3408 pve = pmap_get_pv_entry();
3411 if ((m->oflags & VPO_UNMANAGED)) {
3412 if (!TAILQ_EMPTY(&m->md.pv_list) ||
3414 KASSERT(pve != NULL, ("No pv"));
3415 nflags |= PVF_UNMAN;
3416 pmap_enter_pv(m, pve, pmap, va, nflags);
3420 KASSERT(va < kmi.clean_sva ||
3421 va >= kmi.clean_eva,
3422 ("pmap_enter: managed mapping within the clean submap"));
3423 KASSERT(pve != NULL, ("No pv"));
3424 pmap_enter_pv(m, pve, pmap, va, nflags);
3429 * Make sure userland mappings get the right permissions
3431 if (pmap != pmap_kernel() && va != vector_page) {
3432 npte |= L2_S_PROT_U;
3436 * Keep the stats up to date
3439 l2b->l2b_occupancy++;
3440 pmap->pm_stats.resident_count++;
3444 * If this is just a wiring change, the two PTEs will be
3445 * identical, so there's no need to update the page table.
3448 boolean_t is_cached = pmap_is_current(pmap);
3453 * We only need to frob the cache/tlb if this pmap
3457 if (L1_IDX(va) != L1_IDX(vector_page) &&
3458 l2pte_valid(npte)) {
3460 * This mapping is likely to be accessed as
3461 * soon as we return to userland. Fix up the
3462 * L1 entry to avoid taking another
3463 * page/domain fault.
3465 pd_entry_t *pl1pd, l1pd;
3467 pl1pd = &pmap->pm_l1->l1_kva[L1_IDX(va)];
3468 l1pd = l2b->l2b_phys | L1_C_DOM(pmap->pm_domain) |
3470 if (*pl1pd != l1pd) {
3477 if (PV_BEEN_EXECD(oflags))
3478 pmap_tlb_flushID_SE(pmap, va);
3479 else if (PV_BEEN_REFD(oflags))
3480 pmap_tlb_flushD_SE(pmap, va);
3484 pmap_fix_cache(m, pmap, va);
3486 return (KERN_SUCCESS);
3490 * Maps a sequence of resident pages belonging to the same object.
3491 * The sequence begins with the given page m_start. This page is
3492 * mapped at the given virtual address start. Each subsequent page is
3493 * mapped at a virtual address that is offset from start by the same
3494 * amount as the page is offset from m_start within the object. The
3495 * last page in the sequence is the page with the largest offset from
3496 * m_start that can be mapped at a virtual address less than the given
3497 * virtual address end. Not every virtual page between start and end
3498 * is mapped; only those for which a resident page exists with the
3499 * corresponding offset from m_start are mapped.
3502 pmap_enter_object(pmap_t pmap, vm_offset_t start, vm_offset_t end,
3503 vm_page_t m_start, vm_prot_t prot)
3506 vm_pindex_t diff, psize;
3508 VM_OBJECT_ASSERT_LOCKED(m_start->object);
3510 psize = atop(end - start);
3512 rw_wlock(&pvh_global_lock);
3514 while (m != NULL && (diff = m->pindex - m_start->pindex) < psize) {
3515 pmap_enter_locked(pmap, start + ptoa(diff), m, prot &
3516 (VM_PROT_READ | VM_PROT_EXECUTE), PMAP_ENTER_NOSLEEP);
3517 m = TAILQ_NEXT(m, listq);
3519 rw_wunlock(&pvh_global_lock);
3524 * this code makes some *MAJOR* assumptions:
3525 * 1. Current pmap & pmap exists.
3528 * 4. No page table pages.
3529 * but is *MUCH* faster than pmap_enter...
3533 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot)
3536 rw_wlock(&pvh_global_lock);
3538 pmap_enter_locked(pmap, va, m, prot & (VM_PROT_READ | VM_PROT_EXECUTE),
3539 PMAP_ENTER_NOSLEEP);
3540 rw_wunlock(&pvh_global_lock);
3545 * Clear the wired attribute from the mappings for the specified range of
3546 * addresses in the given pmap. Every valid mapping within that range
3547 * must have the wired attribute set. In contrast, invalid mappings
3548 * cannot have the wired attribute set, so they are ignored.
3550 * XXX Wired mappings of unmanaged pages cannot be counted by this pmap
3554 pmap_unwire(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
3556 struct l2_bucket *l2b;
3557 pt_entry_t *ptep, pte;
3559 vm_offset_t next_bucket;
3562 rw_wlock(&pvh_global_lock);
3565 next_bucket = L2_NEXT_BUCKET(sva);
3566 if (next_bucket > eva)
3568 l2b = pmap_get_l2_bucket(pmap, sva);
3573 for (ptep = &l2b->l2b_kva[l2pte_index(sva)]; sva < next_bucket;
3574 sva += PAGE_SIZE, ptep++) {
3575 if ((pte = *ptep) == 0 ||
3576 (m = PHYS_TO_VM_PAGE(l2pte_pa(pte))) == NULL ||
3577 (m->oflags & VPO_UNMANAGED) != 0)
3579 pv = pmap_find_pv(m, pmap, sva);
3580 if ((pv->pv_flags & PVF_WIRED) == 0)
3581 panic("pmap_unwire: pv %p isn't wired", pv);
3582 pv->pv_flags &= ~PVF_WIRED;
3583 pmap->pm_stats.wired_count--;
3586 rw_wunlock(&pvh_global_lock);
3592 * Copy the range specified by src_addr/len
3593 * from the source map to the range dst_addr/len
3594 * in the destination map.
3596 * This routine is only advisory and need not do anything.
3599 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr,
3600 vm_size_t len, vm_offset_t src_addr)
3606 * Routine: pmap_extract
3608 * Extract the physical page address associated
3609 * with the given map/virtual_address pair.
3612 pmap_extract(pmap_t pmap, vm_offset_t va)
3617 pa = pmap_extract_locked(pmap, va);
3623 pmap_extract_locked(pmap_t pmap, vm_offset_t va)
3625 struct l2_dtable *l2;
3627 pt_entry_t *ptep, pte;
3631 if (pmap != kernel_pmap)
3632 PMAP_ASSERT_LOCKED(pmap);
3634 l1pd = pmap->pm_l1->l1_kva[l1idx];
3635 if (l1pte_section_p(l1pd)) {
3637 * These should only happen for the kernel pmap.
3639 KASSERT(pmap == kernel_pmap, ("unexpected section"));
3640 /* XXX: what to do about the bits > 32 ? */
3641 if (l1pd & L1_S_SUPERSEC)
3642 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET);
3644 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET);
3647 * Note that we can't rely on the validity of the L1
3648 * descriptor as an indication that a mapping exists.
3649 * We have to look it up in the L2 dtable.
3651 l2 = pmap->pm_l2[L2_IDX(l1idx)];
3653 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL)
3655 pte = ptep[l2pte_index(va)];
3658 switch (pte & L2_TYPE_MASK) {
3660 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET);
3663 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET);
3671 * Atomically extract and hold the physical page with the given
3672 * pmap and virtual address pair if that mapping permits the given
3677 pmap_extract_and_hold(pmap_t pmap, vm_offset_t va, vm_prot_t prot)
3679 struct l2_dtable *l2;
3681 pt_entry_t *ptep, pte;
3682 vm_paddr_t pa, paddr;
3690 l1pd = pmap->pm_l1->l1_kva[l1idx];
3691 if (l1pte_section_p(l1pd)) {
3693 * These should only happen for pmap_kernel()
3695 KASSERT(pmap == pmap_kernel(), ("huh"));
3696 /* XXX: what to do about the bits > 32 ? */
3697 if (l1pd & L1_S_SUPERSEC)
3698 pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET);
3700 pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET);
3701 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr))
3703 if (l1pd & L1_S_PROT_W || (prot & VM_PROT_WRITE) == 0) {
3704 m = PHYS_TO_VM_PAGE(pa);
3710 * Note that we can't rely on the validity of the L1
3711 * descriptor as an indication that a mapping exists.
3712 * We have to look it up in the L2 dtable.
3714 l2 = pmap->pm_l2[L2_IDX(l1idx)];
3717 (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) {
3722 ptep = &ptep[l2pte_index(va)];
3729 if (pte & L2_S_PROT_W || (prot & VM_PROT_WRITE) == 0) {
3730 switch (pte & L2_TYPE_MASK) {
3732 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET);
3736 pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET);
3739 if (vm_page_pa_tryrelock(pmap, pa & PG_FRAME, &paddr))
3741 m = PHYS_TO_VM_PAGE(pa);
3747 PA_UNLOCK_COND(paddr);
3752 * Initialize a preallocated and zeroed pmap structure,
3753 * such as one in a vmspace structure.
3757 pmap_pinit(pmap_t pmap)
3759 PDEBUG(1, printf("pmap_pinit: pmap = %08x\n", (uint32_t) pmap));
3761 pmap_alloc_l1(pmap);
3762 bzero(pmap->pm_l2, sizeof(pmap->pm_l2));
3764 CPU_ZERO(&pmap->pm_active);
3766 TAILQ_INIT(&pmap->pm_pvlist);
3767 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
3768 pmap->pm_stats.resident_count = 1;
3769 if (vector_page < KERNBASE) {
3770 pmap_enter(pmap, vector_page, PHYS_TO_VM_PAGE(systempage.pv_pa),
3771 VM_PROT_READ, PMAP_ENTER_WIRED | VM_PROT_READ, 0);
3777 /***************************************************
3778 * page management routines.
3779 ***************************************************/
3783 pmap_free_pv_entry(pv_entry_t pv)
3786 uma_zfree(pvzone, pv);
3791 * get a new pv_entry, allocating a block from the system
3793 * the memory allocation is performed bypassing the malloc code
3794 * because of the possibility of allocations at interrupt time.
3797 pmap_get_pv_entry(void)
3799 pv_entry_t ret_value;
3802 if (pv_entry_count > pv_entry_high_water)
3803 pagedaemon_wakeup();
3804 ret_value = uma_zalloc(pvzone, M_NOWAIT);
3809 * Remove the given range of addresses from the specified map.
3811 * It is assumed that the start and end are properly
3812 * rounded to the page size.
3814 #define PMAP_REMOVE_CLEAN_LIST_SIZE 3
3816 pmap_remove(pmap_t pm, vm_offset_t sva, vm_offset_t eva)
3818 struct l2_bucket *l2b;
3819 vm_offset_t next_bucket;
3822 u_int mappings, is_exec, is_refd;
3827 * we lock in the pmap => pv_head direction
3830 rw_wlock(&pvh_global_lock);
3835 * Do one L2 bucket's worth at a time.
3837 next_bucket = L2_NEXT_BUCKET(sva);
3838 if (next_bucket > eva)
3841 l2b = pmap_get_l2_bucket(pm, sva);
3847 ptep = &l2b->l2b_kva[l2pte_index(sva)];
3850 while (sva < next_bucket) {
3859 * Nothing here, move along
3866 pm->pm_stats.resident_count--;
3872 * Update flags. In a number of circumstances,
3873 * we could cluster a lot of these and do a
3874 * number of sequential pages in one go.
3876 if ((pg = PHYS_TO_VM_PAGE(pa)) != NULL) {
3877 struct pv_entry *pve;
3879 pve = pmap_remove_pv(pg, pm, sva);
3881 is_exec = PV_BEEN_EXECD(pve->pv_flags);
3882 is_refd = PV_BEEN_REFD(pve->pv_flags);
3883 pmap_free_pv_entry(pve);
3887 if (l2pte_valid(pte) && pmap_is_current(pm)) {
3888 if (total < PMAP_REMOVE_CLEAN_LIST_SIZE) {
3891 cpu_idcache_wbinv_range(sva,
3893 cpu_l2cache_wbinv_range(sva,
3895 cpu_tlb_flushID_SE(sva);
3896 } else if (is_refd) {
3897 cpu_dcache_wbinv_range(sva,
3899 cpu_l2cache_wbinv_range(sva,
3901 cpu_tlb_flushD_SE(sva);
3903 } else if (total == PMAP_REMOVE_CLEAN_LIST_SIZE) {
3904 /* flushall will also only get set for
3905 * for a current pmap
3907 cpu_idcache_wbinv_all();
3908 cpu_l2cache_wbinv_all();
3921 pmap_free_l2_bucket(pm, l2b, mappings);
3924 rw_wunlock(&pvh_global_lock);
3933 * Zero a given physical page by mapping it at a page hook point.
3934 * In doing the zero page op, the page we zero is mapped cachable, as with
3935 * StrongARM accesses to non-cached pages are non-burst making writing
3936 * _any_ bulk data very slow.
3938 #if ARM_MMU_GENERIC != 0 || defined(CPU_XSCALE_CORE3)
3940 pmap_zero_page_generic(vm_paddr_t phys, int off, int size)
3943 if (_arm_bzero && size >= _min_bzero_size &&
3944 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0)
3949 * Hook in the page, zero it, invalidate the TLB as needed.
3951 * Note the temporary zero-page mapping must be a non-cached page in
3952 * order to work without corruption when write-allocate is enabled.
3954 *cdst_pte = L2_S_PROTO | phys | L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE);
3956 cpu_tlb_flushD_SE(cdstp);
3958 if (off || size != PAGE_SIZE)
3959 bzero((void *)(cdstp + off), size);
3965 #endif /* ARM_MMU_GENERIC != 0 */
3967 #if ARM_MMU_XSCALE == 1
3969 pmap_zero_page_xscale(vm_paddr_t phys, int off, int size)
3972 if (_arm_bzero && size >= _min_bzero_size &&
3973 _arm_bzero((void *)(phys + off), size, IS_PHYSICAL) == 0)
3978 * Hook in the page, zero it, and purge the cache for that
3979 * zeroed page. Invalidate the TLB as needed.
3981 *cdst_pte = L2_S_PROTO | phys |
3982 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) |
3983 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */
3985 cpu_tlb_flushD_SE(cdstp);
3987 if (off || size != PAGE_SIZE)
3988 bzero((void *)(cdstp + off), size);
3992 xscale_cache_clean_minidata();
3996 * Change the PTEs for the specified kernel mappings such that they
3997 * will use the mini data cache instead of the main data cache.
4000 pmap_use_minicache(vm_offset_t va, vm_size_t size)
4002 struct l2_bucket *l2b;
4003 pt_entry_t *ptep, *sptep, pte;
4004 vm_offset_t next_bucket, eva;
4006 #if (ARM_NMMUS > 1) || defined(CPU_XSCALE_CORE3)
4007 if (xscale_use_minidata == 0)
4014 next_bucket = L2_NEXT_BUCKET(va);
4015 if (next_bucket > eva)
4018 l2b = pmap_get_l2_bucket(pmap_kernel(), va);
4020 sptep = ptep = &l2b->l2b_kva[l2pte_index(va)];
4022 while (va < next_bucket) {
4024 if (!l2pte_minidata(pte)) {
4025 cpu_dcache_wbinv_range(va, PAGE_SIZE);
4026 cpu_tlb_flushD_SE(va);
4027 *ptep = pte & ~L2_B;
4032 PTE_SYNC_RANGE(sptep, (u_int)(ptep - sptep));
4036 #endif /* ARM_MMU_XSCALE == 1 */
4039 * pmap_zero_page zeros the specified hardware page by mapping
4040 * the page into KVM and using bzero to clear its contents.
4043 pmap_zero_page(vm_page_t m)
4045 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), 0, PAGE_SIZE);
4050 * pmap_zero_page_area zeros the specified hardware page by mapping
4051 * the page into KVM and using bzero to clear its contents.
4053 * off and size may not cover an area beyond a single hardware page.
4056 pmap_zero_page_area(vm_page_t m, int off, int size)
4059 pmap_zero_page_func(VM_PAGE_TO_PHYS(m), off, size);
4064 * pmap_zero_page_idle zeros the specified hardware page by mapping
4065 * the page into KVM and using bzero to clear its contents. This
4066 * is intended to be called from the vm_pagezero process only and
4070 pmap_zero_page_idle(vm_page_t m)
4080 * This is a local function used to work out the best strategy to clean
4081 * a single page referenced by its entry in the PV table. It should be used by
4082 * pmap_copy_page, pmap_zero page and maybe some others later on.
4084 * Its policy is effectively:
4085 * o If there are no mappings, we don't bother doing anything with the cache.
4086 * o If there is one mapping, we clean just that page.
4087 * o If there are multiple mappings, we clean the entire cache.
4089 * So that some functions can be further optimised, it returns 0 if it didn't
4090 * clean the entire cache, or 1 if it did.
4092 * XXX One bug in this routine is that if the pv_entry has a single page
4093 * mapped at 0x00000000 a whole cache clean will be performed rather than
4094 * just the 1 page. Since this should not occur in everyday use and if it does
4095 * it will just result in not the most efficient clean for the page.
4097 * We don't yet use this function but may want to.
4100 pmap_clean_page(struct pv_entry *pv, boolean_t is_src)
4102 pmap_t pm, pm_to_clean = NULL;
4103 struct pv_entry *npv;
4104 u_int cache_needs_cleaning = 0;
4106 vm_offset_t page_to_clean = 0;
4109 /* nothing mapped in so nothing to flush */
4114 * Since we flush the cache each time we change to a different
4115 * user vmspace, we only need to flush the page if it is in the
4119 pm = vmspace_pmap(curproc->p_vmspace);
4123 for (npv = pv; npv; npv = TAILQ_NEXT(npv, pv_list)) {
4124 if (npv->pv_pmap == pmap_kernel() || npv->pv_pmap == pm) {
4125 flags |= npv->pv_flags;
4127 * The page is mapped non-cacheable in
4128 * this map. No need to flush the cache.
4130 if (npv->pv_flags & PVF_NC) {
4132 if (cache_needs_cleaning)
4133 panic("pmap_clean_page: "
4134 "cache inconsistency");
4137 } else if (is_src && (npv->pv_flags & PVF_WRITE) == 0)
4139 if (cache_needs_cleaning) {
4143 page_to_clean = npv->pv_va;
4144 pm_to_clean = npv->pv_pmap;
4146 cache_needs_cleaning = 1;
4149 if (page_to_clean) {
4150 if (PV_BEEN_EXECD(flags))
4151 pmap_idcache_wbinv_range(pm_to_clean, page_to_clean,
4154 pmap_dcache_wb_range(pm_to_clean, page_to_clean,
4155 PAGE_SIZE, !is_src, (flags & PVF_WRITE) == 0);
4156 } else if (cache_needs_cleaning) {
4157 if (PV_BEEN_EXECD(flags))
4158 pmap_idcache_wbinv_all(pm);
4160 pmap_dcache_wbinv_all(pm);
4168 * pmap_copy_page copies the specified (machine independent)
4169 * page by mapping the page into virtual memory and using
4170 * bcopy to copy the page, one machine dependent page at a
4177 * Copy one physical page into another, by mapping the pages into
4178 * hook points. The same comment regarding cachability as in
4179 * pmap_zero_page also applies here.
4181 #if ARM_MMU_GENERIC != 0 || defined (CPU_XSCALE_CORE3)
4183 pmap_copy_page_generic(vm_paddr_t src, vm_paddr_t dst)
4186 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src);
4190 * Clean the source page. Hold the source page's lock for
4191 * the duration of the copy so that no other mappings can
4192 * be created while we have a potentially aliased mapping.
4196 * XXX: Not needed while we call cpu_dcache_wbinv_all() in
4199 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE);
4202 * Map the pages into the page hook points, copy them, and purge
4203 * the cache for the appropriate page. Invalidate the TLB
4207 *csrc_pte = L2_S_PROTO | src |
4208 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode;
4210 *cdst_pte = L2_S_PROTO | dst |
4211 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode;
4213 cpu_tlb_flushD_SE(csrcp);
4214 cpu_tlb_flushD_SE(cdstp);
4216 bcopy_page(csrcp, cdstp);
4218 cpu_dcache_inv_range(csrcp, PAGE_SIZE);
4219 cpu_dcache_wbinv_range(cdstp, PAGE_SIZE);
4220 cpu_l2cache_inv_range(csrcp, PAGE_SIZE);
4221 cpu_l2cache_wbinv_range(cdstp, PAGE_SIZE);
4225 pmap_copy_page_offs_generic(vm_paddr_t a_phys, vm_offset_t a_offs,
4226 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt)
4230 *csrc_pte = L2_S_PROTO | a_phys |
4231 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) | pte_l2_s_cache_mode;
4233 *cdst_pte = L2_S_PROTO | b_phys |
4234 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode;
4236 cpu_tlb_flushD_SE(csrcp);
4237 cpu_tlb_flushD_SE(cdstp);
4239 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt);
4241 cpu_dcache_inv_range(csrcp + a_offs, cnt);
4242 cpu_dcache_wbinv_range(cdstp + b_offs, cnt);
4243 cpu_l2cache_inv_range(csrcp + a_offs, cnt);
4244 cpu_l2cache_wbinv_range(cdstp + b_offs, cnt);
4246 #endif /* ARM_MMU_GENERIC != 0 */
4248 #if ARM_MMU_XSCALE == 1
4250 pmap_copy_page_xscale(vm_paddr_t src, vm_paddr_t dst)
4253 /* XXX: Only needed for pmap_clean_page(), which is commented out. */
4254 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src);
4258 * Clean the source page. Hold the source page's lock for
4259 * the duration of the copy so that no other mappings can
4260 * be created while we have a potentially aliased mapping.
4264 * XXX: Not needed while we call cpu_dcache_wbinv_all() in
4267 (void) pmap_clean_page(TAILQ_FIRST(&src_pg->md.pv_list), TRUE);
4270 * Map the pages into the page hook points, copy them, and purge
4271 * the cache for the appropriate page. Invalidate the TLB
4275 *csrc_pte = L2_S_PROTO | src |
4276 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) |
4277 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */
4279 *cdst_pte = L2_S_PROTO | dst |
4280 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) |
4281 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X); /* mini-data */
4283 cpu_tlb_flushD_SE(csrcp);
4284 cpu_tlb_flushD_SE(cdstp);
4286 bcopy_page(csrcp, cdstp);
4288 xscale_cache_clean_minidata();
4292 pmap_copy_page_offs_xscale(vm_paddr_t a_phys, vm_offset_t a_offs,
4293 vm_paddr_t b_phys, vm_offset_t b_offs, int cnt)
4297 *csrc_pte = L2_S_PROTO | a_phys |
4298 L2_S_PROT(PTE_KERNEL, VM_PROT_READ) |
4299 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X);
4301 *cdst_pte = L2_S_PROTO | b_phys |
4302 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) |
4303 L2_C | L2_XSCALE_T_TEX(TEX_XSCALE_X);
4305 cpu_tlb_flushD_SE(csrcp);
4306 cpu_tlb_flushD_SE(cdstp);
4308 bcopy((char *)csrcp + a_offs, (char *)cdstp + b_offs, cnt);
4310 xscale_cache_clean_minidata();
4312 #endif /* ARM_MMU_XSCALE == 1 */
4315 pmap_copy_page(vm_page_t src, vm_page_t dst)
4318 cpu_dcache_wbinv_all();
4319 cpu_l2cache_wbinv_all();
4320 if (_arm_memcpy && PAGE_SIZE >= _min_memcpy_size &&
4321 _arm_memcpy((void *)VM_PAGE_TO_PHYS(dst),
4322 (void *)VM_PAGE_TO_PHYS(src), PAGE_SIZE, IS_PHYSICAL) == 0)
4324 pmap_copy_page_func(VM_PAGE_TO_PHYS(src), VM_PAGE_TO_PHYS(dst));
4328 * We have code to do unmapped I/O. However, it isn't quite right and
4329 * causes un-page-aligned I/O to devices to fail (most notably newfs
4330 * or fsck). We give up a little performance to not allow unmapped I/O
4331 * to gain stability.
4333 int unmapped_buf_allowed = 0;
4336 pmap_copy_pages(vm_page_t ma[], vm_offset_t a_offset, vm_page_t mb[],
4337 vm_offset_t b_offset, int xfersize)
4339 vm_page_t a_pg, b_pg;
4340 vm_offset_t a_pg_offset, b_pg_offset;
4343 cpu_dcache_wbinv_all();
4344 cpu_l2cache_wbinv_all();
4345 while (xfersize > 0) {
4346 a_pg = ma[a_offset >> PAGE_SHIFT];
4347 a_pg_offset = a_offset & PAGE_MASK;
4348 cnt = min(xfersize, PAGE_SIZE - a_pg_offset);
4349 b_pg = mb[b_offset >> PAGE_SHIFT];
4350 b_pg_offset = b_offset & PAGE_MASK;
4351 cnt = min(cnt, PAGE_SIZE - b_pg_offset);
4352 pmap_copy_page_offs_func(VM_PAGE_TO_PHYS(a_pg), a_pg_offset,
4353 VM_PAGE_TO_PHYS(b_pg), b_pg_offset, cnt);
4361 * this routine returns true if a physical page resides
4362 * in the given pmap.
4365 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
4371 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4372 ("pmap_page_exists_quick: page %p is not managed", m));
4374 rw_wlock(&pvh_global_lock);
4375 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
4376 if (pv->pv_pmap == pmap) {
4384 rw_wunlock(&pvh_global_lock);
4389 * pmap_page_wired_mappings:
4391 * Return the number of managed mappings to the given physical page
4395 pmap_page_wired_mappings(vm_page_t m)
4401 if ((m->oflags & VPO_UNMANAGED) != 0)
4403 rw_wlock(&pvh_global_lock);
4404 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list)
4405 if ((pv->pv_flags & PVF_WIRED) != 0)
4407 rw_wunlock(&pvh_global_lock);
4412 * This function is advisory.
4415 pmap_advise(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, int advice)
4420 * pmap_ts_referenced:
4422 * Return the count of reference bits for a page, clearing all of them.
4425 pmap_ts_referenced(vm_page_t m)
4428 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4429 ("pmap_ts_referenced: page %p is not managed", m));
4430 return (pmap_clearbit(m, PVF_REF));
4435 pmap_is_modified(vm_page_t m)
4438 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4439 ("pmap_is_modified: page %p is not managed", m));
4440 if (m->md.pvh_attrs & PVF_MOD)
4448 * Clear the modify bits on the specified physical page.
4451 pmap_clear_modify(vm_page_t m)
4454 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4455 ("pmap_clear_modify: page %p is not managed", m));
4456 VM_OBJECT_ASSERT_WLOCKED(m->object);
4457 KASSERT(!vm_page_xbusied(m),
4458 ("pmap_clear_modify: page %p is exclusive busied", m));
4461 * If the page is not PGA_WRITEABLE, then no mappings can be modified.
4462 * If the object containing the page is locked and the page is not
4463 * exclusive busied, then PGA_WRITEABLE cannot be concurrently set.
4465 if ((m->aflags & PGA_WRITEABLE) == 0)
4467 if (m->md.pvh_attrs & PVF_MOD)
4468 pmap_clearbit(m, PVF_MOD);
4473 * pmap_is_referenced:
4475 * Return whether or not the specified physical page was referenced
4476 * in any physical maps.
4479 pmap_is_referenced(vm_page_t m)
4482 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4483 ("pmap_is_referenced: page %p is not managed", m));
4484 return ((m->md.pvh_attrs & PVF_REF) != 0);
4489 * Clear the write and modified bits in each of the given page's mappings.
4492 pmap_remove_write(vm_page_t m)
4495 KASSERT((m->oflags & VPO_UNMANAGED) == 0,
4496 ("pmap_remove_write: page %p is not managed", m));
4499 * If the page is not exclusive busied, then PGA_WRITEABLE cannot be
4500 * set by another thread while the object is locked. Thus,
4501 * if PGA_WRITEABLE is clear, no page table entries need updating.
4503 VM_OBJECT_ASSERT_WLOCKED(m->object);
4504 if (vm_page_xbusied(m) || (m->aflags & PGA_WRITEABLE) != 0)
4505 pmap_clearbit(m, PVF_WRITE);
4510 * perform the pmap work for mincore
4513 pmap_mincore(pmap_t pmap, vm_offset_t addr, vm_paddr_t *locked_pa)
4515 struct l2_bucket *l2b;
4516 pt_entry_t *ptep, pte;
4524 l2b = pmap_get_l2_bucket(pmap, addr);
4529 ptep = &l2b->l2b_kva[l2pte_index(addr)];
4531 if (!l2pte_valid(pte)) {
4535 val = MINCORE_INCORE;
4536 if (pte & L2_S_PROT_W)
4537 val |= MINCORE_MODIFIED | MINCORE_MODIFIED_OTHER;
4540 m = PHYS_TO_VM_PAGE(pa);
4541 if (m != NULL && !(m->oflags & VPO_UNMANAGED))
4545 * The ARM pmap tries to maintain a per-mapping
4546 * reference bit. The trouble is that it's kept in
4547 * the PV entry, not the PTE, so it's costly to access
4548 * here. You would need to acquire the pvh global
4549 * lock, call pmap_find_pv(), and introduce a custom
4550 * version of vm_page_pa_tryrelock() that releases and
4551 * reacquires the pvh global lock. In the end, I
4552 * doubt it's worthwhile. This may falsely report
4553 * the given address as referenced.
4555 if ((m->md.pvh_attrs & PVF_REF) != 0)
4556 val |= MINCORE_REFERENCED | MINCORE_REFERENCED_OTHER;
4558 if ((val & (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER)) !=
4559 (MINCORE_MODIFIED_OTHER | MINCORE_REFERENCED_OTHER) && managed) {
4560 /* Ensure that "PHYS_TO_VM_PAGE(pa)->object" doesn't change. */
4561 if (vm_page_pa_tryrelock(pmap, pa, locked_pa))
4565 PA_UNLOCK_COND(*locked_pa);
4572 pmap_sync_icache(pmap_t pm, vm_offset_t va, vm_size_t sz)
4578 * Increase the starting virtual address of the given mapping if a
4579 * different alignment might result in more superpage mappings.
4582 pmap_align_superpage(vm_object_t object, vm_ooffset_t offset,
4583 vm_offset_t *addr, vm_size_t size)
4587 #define BOOTSTRAP_DEBUG
4592 * Create a single section mapping.
4595 pmap_map_section(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa,
4596 int prot, int cache)
4598 pd_entry_t *pde = (pd_entry_t *) l1pt;
4601 KASSERT(((va | pa) & L1_S_OFFSET) == 0, ("ouin2"));
4610 fl = pte_l1_s_cache_mode;
4614 fl = pte_l1_s_cache_mode_pt;
4618 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa |
4619 L1_S_PROT(PTE_KERNEL, prot) | fl | L1_S_DOM(PMAP_DOMAIN_KERNEL);
4620 PTE_SYNC(&pde[va >> L1_S_SHIFT]);
4627 * Link the L2 page table specified by l2pv.pv_pa into the L1
4628 * page table at the slot for "va".
4631 pmap_link_l2pt(vm_offset_t l1pt, vm_offset_t va, struct pv_addr *l2pv)
4633 pd_entry_t *pde = (pd_entry_t *) l1pt, proto;
4634 u_int slot = va >> L1_S_SHIFT;
4636 proto = L1_S_DOM(PMAP_DOMAIN_KERNEL) | L1_C_PROTO;
4638 #ifdef VERBOSE_INIT_ARM
4639 printf("pmap_link_l2pt: pa=0x%x va=0x%x\n", l2pv->pv_pa, l2pv->pv_va);
4642 pde[slot + 0] = proto | (l2pv->pv_pa + 0x000);
4644 PTE_SYNC(&pde[slot]);
4646 SLIST_INSERT_HEAD(&kernel_pt_list, l2pv, pv_list);
4654 * Create a single page mapping.
4657 pmap_map_entry(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa, int prot,
4660 pd_entry_t *pde = (pd_entry_t *) l1pt;
4664 KASSERT(((va | pa) & PAGE_MASK) == 0, ("ouin"));
4673 fl = pte_l2_s_cache_mode;
4677 fl = pte_l2_s_cache_mode_pt;
4681 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C)
4682 panic("pmap_map_entry: no L2 table for VA 0x%08x", va);
4684 pte = (pt_entry_t *) kernel_pt_lookup(pde[L1_IDX(va)] & L1_C_ADDR_MASK);
4687 panic("pmap_map_entry: can't find L2 table for VA 0x%08x", va);
4689 pte[l2pte_index(va)] =
4690 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | fl;
4691 PTE_SYNC(&pte[l2pte_index(va)]);
4697 * Map a chunk of memory using the most efficient mappings
4698 * possible (section. large page, small page) into the
4699 * provided L1 and L2 tables at the specified virtual address.
4702 pmap_map_chunk(vm_offset_t l1pt, vm_offset_t va, vm_offset_t pa,
4703 vm_size_t size, int prot, int cache)
4705 pd_entry_t *pde = (pd_entry_t *) l1pt;
4706 pt_entry_t *pte, f1, f2s, f2l;
4710 resid = (size + (PAGE_SIZE - 1)) & ~(PAGE_SIZE - 1);
4713 panic("pmap_map_chunk: no L1 table provided");
4715 #ifdef VERBOSE_INIT_ARM
4716 printf("pmap_map_chunk: pa=0x%x va=0x%x size=0x%x resid=0x%x "
4717 "prot=0x%x cache=%d\n", pa, va, size, resid, prot, cache);
4729 f1 = pte_l1_s_cache_mode;
4730 f2l = pte_l2_l_cache_mode;
4731 f2s = pte_l2_s_cache_mode;
4735 f1 = pte_l1_s_cache_mode_pt;
4736 f2l = pte_l2_l_cache_mode_pt;
4737 f2s = pte_l2_s_cache_mode_pt;
4744 /* See if we can use a section mapping. */
4745 if (L1_S_MAPPABLE_P(va, pa, resid)) {
4746 #ifdef VERBOSE_INIT_ARM
4749 pde[va >> L1_S_SHIFT] = L1_S_PROTO | pa |
4750 L1_S_PROT(PTE_KERNEL, prot) | f1 |
4751 L1_S_DOM(PMAP_DOMAIN_KERNEL);
4752 PTE_SYNC(&pde[va >> L1_S_SHIFT]);
4760 * Ok, we're going to use an L2 table. Make sure
4761 * one is actually in the corresponding L1 slot
4762 * for the current VA.
4764 if ((pde[va >> L1_S_SHIFT] & L1_TYPE_MASK) != L1_TYPE_C)
4765 panic("pmap_map_chunk: no L2 table for VA 0x%08x", va);
4767 pte = (pt_entry_t *) kernel_pt_lookup(
4768 pde[L1_IDX(va)] & L1_C_ADDR_MASK);
4770 panic("pmap_map_chunk: can't find L2 table for VA"
4772 /* See if we can use a L2 large page mapping. */
4773 if (L2_L_MAPPABLE_P(va, pa, resid)) {
4774 #ifdef VERBOSE_INIT_ARM
4777 for (i = 0; i < 16; i++) {
4778 pte[l2pte_index(va) + i] =
4780 L2_L_PROT(PTE_KERNEL, prot) | f2l;
4781 PTE_SYNC(&pte[l2pte_index(va) + i]);
4789 /* Use a small page mapping. */
4790 #ifdef VERBOSE_INIT_ARM
4793 pte[l2pte_index(va)] =
4794 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) | f2s;
4795 PTE_SYNC(&pte[l2pte_index(va)]);
4800 #ifdef VERBOSE_INIT_ARM
4808 pmap_page_set_memattr(vm_page_t m, vm_memattr_t ma)
4811 * Remember the memattr in a field that gets used to set the appropriate
4812 * bits in the PTEs as mappings are established.
4814 m->md.pv_memattr = ma;
4817 * It appears that this function can only be called before any mappings
4818 * for the page are established on ARM. If this ever changes, this code
4819 * will need to walk the pv_list and make each of the existing mappings
4820 * uncacheable, being careful to sync caches and PTEs (and maybe
4821 * invalidate TLB?) for any current mapping it modifies.
4823 if (m->md.pv_kva != 0 || TAILQ_FIRST(&m->md.pv_list) != NULL)
4824 panic("Can't change memattr on page with existing mappings");
projects / FreeBSD / releng / 10.2.git / blob