1 /* 2 * Copyright (c) 1991 Regents of the University of California. 3 * All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * The Mach Operating System project at Carnegie-Mellon University. 7 * 8 * %sccs.include.redist.c% 9 * 10 * @(#)vm_fault.c 7.10 (Berkeley) 04/25/92 11 * 12 * 13 * Copyright (c) 1987, 1990 Carnegie-Mellon University. 14 * All rights reserved. 15 * 16 * Authors: Avadis Tevanian, Jr., Michael Wayne Young 17 * 18 * Permission to use, copy, modify and distribute this software and 19 * its documentation is hereby granted, provided that both the copyright 20 * notice and this permission notice appear in all copies of the 21 * software, derivative works or modified versions, and any portions 22 * thereof, and that both notices appear in supporting documentation. 23 * 24 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS" 25 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND 26 * FOR ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. 27 * 28 * Carnegie Mellon requests users of this software to return to 29 * 30 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU 31 * School of Computer Science 32 * Carnegie Mellon University 33 * Pittsburgh PA 15213-3890 34 * 35 * any improvements or extensions that they make and grant Carnegie the 36 * rights to redistribute these changes. 37 */ 38 39 /* 40 * Page fault handling module. 41 */ 42 43 #include "param.h" 44 45 #include "vm.h" 46 #include "vm_page.h" 47 #include "vm_pageout.h" 48 49 /* 50 * vm_fault: 51 * 52 * Handle a page fault occuring at the given address, 53 * requiring the given permissions, in the map specified. 54 * If successful, the page is inserted into the 55 * associated physical map. 56 * 57 * NOTE: the given address should be truncated to the 58 * proper page address. 59 * 60 * KERN_SUCCESS is returned if the page fault is handled; otherwise, 61 * a standard error specifying why the fault is fatal is returned. 62 * 63 * 64 * The map in question must be referenced, and remains so. 65 * Caller may hold no locks. 66 */ 67 vm_fault(map, vaddr, fault_type, change_wiring) 68 vm_map_t map; 69 vm_offset_t vaddr; 70 vm_prot_t fault_type; 71 boolean_t change_wiring; 72 { 73 vm_object_t first_object; 74 vm_offset_t first_offset; 75 vm_map_entry_t entry; 76 register vm_object_t object; 77 register vm_offset_t offset; 78 register vm_page_t m; 79 vm_page_t first_m; 80 vm_prot_t prot; 81 int result; 82 boolean_t wired; 83 boolean_t su; 84 boolean_t lookup_still_valid; 85 boolean_t page_exists; 86 vm_page_t old_m; 87 vm_object_t next_object; 88 89 cnt.v_vm_faults++; /* needs lock XXX */ 90 /* 91 * Recovery actions 92 */ 93 #define FREE_PAGE(m) { \ 94 PAGE_WAKEUP(m); \ 95 vm_page_lock_queues(); \ 96 vm_page_free(m); \ 97 vm_page_unlock_queues(); \ 98 } 99 100 #define RELEASE_PAGE(m) { \ 101 PAGE_WAKEUP(m); \ 102 vm_page_lock_queues(); \ 103 vm_page_activate(m); \ 104 vm_page_unlock_queues(); \ 105 } 106 107 #define UNLOCK_MAP { \ 108 if (lookup_still_valid) { \ 109 vm_map_lookup_done(map, entry); \ 110 lookup_still_valid = FALSE; \ 111 } \ 112 } 113 114 #define UNLOCK_THINGS { \ 115 object->paging_in_progress--; \ 116 vm_object_unlock(object); \ 117 if (object != first_object) { \ 118 vm_object_lock(first_object); \ 119 FREE_PAGE(first_m); \ 120 first_object->paging_in_progress--; \ 121 vm_object_unlock(first_object); \ 122 } \ 123 UNLOCK_MAP; \ 124 } 125 126 #define UNLOCK_AND_DEALLOCATE { \ 127 UNLOCK_THINGS; \ 128 vm_object_deallocate(first_object); \ 129 } 130 131 RetryFault: ; 132 133 /* 134 * Find the backing store object and offset into 135 * it to begin the search. 136 */ 137 138 if ((result = vm_map_lookup(&map, vaddr, fault_type, &entry, 139 &first_object, &first_offset, 140 &prot, &wired, &su)) != KERN_SUCCESS) { 141 return(result); 142 } 143 lookup_still_valid = TRUE; 144 145 if (wired) 146 fault_type = prot; 147 148 first_m = NULL; 149 150 /* 151 * Make a reference to this object to 152 * prevent its disposal while we are messing with 153 * it. Once we have the reference, the map is free 154 * to be diddled. Since objects reference their 155 * shadows (and copies), they will stay around as well. 156 */ 157 158 vm_object_lock(first_object); 159 160 first_object->ref_count++; 161 first_object->paging_in_progress++; 162 163 /* 164 * INVARIANTS (through entire routine): 165 * 166 * 1) At all times, we must either have the object 167 * lock or a busy page in some object to prevent 168 * some other thread from trying to bring in 169 * the same page. 170 * 171 * Note that we cannot hold any locks during the 172 * pager access or when waiting for memory, so 173 * we use a busy page then. 174 * 175 * Note also that we aren't as concerned about 176 * more than one thead attempting to pager_data_unlock 177 * the same page at once, so we don't hold the page 178 * as busy then, but do record the highest unlock 179 * value so far. [Unlock requests may also be delivered 180 * out of order.] 181 * 182 * 2) Once we have a busy page, we must remove it from 183 * the pageout queues, so that the pageout daemon 184 * will not grab it away. 185 * 186 * 3) To prevent another thread from racing us down the 187 * shadow chain and entering a new page in the top 188 * object before we do, we must keep a busy page in 189 * the top object while following the shadow chain. 190 * 191 * 4) We must increment paging_in_progress on any object 192 * for which we have a busy page, to prevent 193 * vm_object_collapse from removing the busy page 194 * without our noticing. 195 */ 196 197 /* 198 * Search for the page at object/offset. 199 */ 200 201 object = first_object; 202 offset = first_offset; 203 204 /* 205 * See whether this page is resident 206 */ 207 208 while (TRUE) { 209 m = vm_page_lookup(object, offset); 210 if (m != NULL) { 211 /* 212 * If the page is being brought in, 213 * wait for it and then retry. 214 */ 215 if (m->busy) { 216 #ifdef DOTHREADS 217 int wait_result; 218 219 PAGE_ASSERT_WAIT(m, !change_wiring); 220 UNLOCK_THINGS; 221 thread_block(); 222 wait_result = current_thread()->wait_result; 223 vm_object_deallocate(first_object); 224 if (wait_result != THREAD_AWAKENED) 225 return(KERN_SUCCESS); 226 goto RetryFault; 227 #else 228 PAGE_ASSERT_WAIT(m, !change_wiring); 229 UNLOCK_THINGS; 230 thread_block(); 231 vm_object_deallocate(first_object); 232 goto RetryFault; 233 #endif 234 } 235 236 if (m->absent) 237 panic("vm_fault: absent"); 238 239 /* 240 * If the desired access to this page has 241 * been locked out, request that it be unlocked. 242 */ 243 244 if (fault_type & m->page_lock) { 245 #ifdef DOTHREADS 246 int wait_result; 247 248 if ((fault_type & m->unlock_request) != fault_type) 249 panic("vm_fault: pager_data_unlock"); 250 251 PAGE_ASSERT_WAIT(m, !change_wiring); 252 UNLOCK_THINGS; 253 thread_block(); 254 wait_result = current_thread()->wait_result; 255 vm_object_deallocate(first_object); 256 if (wait_result != THREAD_AWAKENED) 257 return(KERN_SUCCESS); 258 goto RetryFault; 259 #else 260 if ((fault_type & m->unlock_request) != fault_type) 261 panic("vm_fault: pager_data_unlock"); 262 263 PAGE_ASSERT_WAIT(m, !change_wiring); 264 UNLOCK_THINGS; 265 thread_block(); 266 vm_object_deallocate(first_object); 267 goto RetryFault; 268 #endif 269 } 270 271 /* 272 * Remove the page from the pageout daemon's 273 * reach while we play with it. 274 */ 275 276 vm_page_lock_queues(); 277 if (m->inactive) { 278 queue_remove(&vm_page_queue_inactive, m, 279 vm_page_t, pageq); 280 m->inactive = FALSE; 281 cnt.v_inactive_count--; 282 cnt.v_reactivated++; 283 } 284 285 if (m->active) { 286 queue_remove(&vm_page_queue_active, m, 287 vm_page_t, pageq); 288 m->active = FALSE; 289 cnt.v_active_count--; 290 } 291 vm_page_unlock_queues(); 292 293 /* 294 * Mark page busy for other threads. 295 */ 296 m->busy = TRUE; 297 m->absent = FALSE; 298 break; 299 } 300 301 if (((object->pager != NULL) && 302 (!change_wiring || wired)) 303 || (object == first_object)) { 304 305 /* 306 * Allocate a new page for this object/offset 307 * pair. 308 */ 309 310 m = vm_page_alloc(object, offset); 311 312 if (m == NULL) { 313 UNLOCK_AND_DEALLOCATE; 314 VM_WAIT; 315 goto RetryFault; 316 } 317 } 318 319 if ((object->pager != NULL) && 320 (!change_wiring || wired)) { 321 int rv; 322 323 /* 324 * Now that we have a busy page, we can 325 * release the object lock. 326 */ 327 vm_object_unlock(object); 328 329 /* 330 * Call the pager to retrieve the data, if any, 331 * after releasing the lock on the map. 332 */ 333 UNLOCK_MAP; 334 335 rv = vm_pager_get(object->pager, m, TRUE); 336 if (rv == VM_PAGER_OK) { 337 /* 338 * Found the page. 339 * Leave it busy while we play with it. 340 */ 341 vm_object_lock(object); 342 343 /* 344 * Relookup in case pager changed page. 345 * Pager is responsible for disposition 346 * of old page if moved. 347 */ 348 m = vm_page_lookup(object, offset); 349 350 cnt.v_pageins++; 351 m->fake = FALSE; 352 m->clean = TRUE; 353 pmap_clear_modify(VM_PAGE_TO_PHYS(m)); 354 break; 355 } 356 357 /* 358 * Remove the bogus page (which does not 359 * exist at this object/offset); before 360 * doing so, we must get back our object 361 * lock to preserve our invariant. 362 * 363 * Also wake up any other thread that may want 364 * to bring in this page. 365 * 366 * If this is the top-level object, we must 367 * leave the busy page to prevent another 368 * thread from rushing past us, and inserting 369 * the page in that object at the same time 370 * that we are. 371 */ 372 373 vm_object_lock(object); 374 /* 375 * Data outside the range of the pager; an error 376 */ 377 if (rv == VM_PAGER_BAD) { 378 FREE_PAGE(m); 379 UNLOCK_AND_DEALLOCATE; 380 return(KERN_PROTECTION_FAILURE); /* XXX */ 381 } 382 if (object != first_object) { 383 FREE_PAGE(m); 384 /* 385 * XXX - we cannot just fall out at this 386 * point, m has been freed and is invalid! 387 */ 388 panic("vm_fault: free page"); /* XXX */ 389 } 390 } 391 392 /* 393 * We get here if the object has no pager (or unwiring) 394 * or the pager doesn't have the page. 395 */ 396 if (object == first_object) 397 first_m = m; 398 399 /* 400 * Move on to the next object. Lock the next 401 * object before unlocking the current one. 402 */ 403 404 offset += object->shadow_offset; 405 next_object = object->shadow; 406 if (next_object == NULL) { 407 /* 408 * If there's no object left, fill the page 409 * in the top object with zeros. 410 */ 411 if (object != first_object) { 412 object->paging_in_progress--; 413 vm_object_unlock(object); 414 415 object = first_object; 416 offset = first_offset; 417 m = first_m; 418 vm_object_lock(object); 419 } 420 first_m = NULL; 421 422 vm_page_zero_fill(m); 423 cnt.v_zfod++; 424 m->fake = FALSE; 425 m->absent = FALSE; 426 break; 427 } 428 else { 429 vm_object_lock(next_object); 430 if (object != first_object) 431 object->paging_in_progress--; 432 vm_object_unlock(object); 433 object = next_object; 434 object->paging_in_progress++; 435 } 436 } 437 438 if (m->absent || m->active || m->inactive || !m->busy) 439 panic("vm_fault: absent or active or inactive or not busy after main loop"); 440 441 /* 442 * PAGE HAS BEEN FOUND. 443 * [Loop invariant still holds -- the object lock 444 * is held.] 445 */ 446 447 old_m = m; /* save page that would be copied */ 448 449 /* 450 * If the page is being written, but isn't 451 * already owned by the top-level object, 452 * we have to copy it into a new page owned 453 * by the top-level object. 454 */ 455 456 if (object != first_object) { 457 /* 458 * We only really need to copy if we 459 * want to write it. 460 */ 461 462 if (fault_type & VM_PROT_WRITE) { 463 464 /* 465 * If we try to collapse first_object at this 466 * point, we may deadlock when we try to get 467 * the lock on an intermediate object (since we 468 * have the bottom object locked). We can't 469 * unlock the bottom object, because the page 470 * we found may move (by collapse) if we do. 471 * 472 * Instead, we first copy the page. Then, when 473 * we have no more use for the bottom object, 474 * we unlock it and try to collapse. 475 * 476 * Note that we copy the page even if we didn't 477 * need to... that's the breaks. 478 */ 479 480 /* 481 * We already have an empty page in 482 * first_object - use it. 483 */ 484 485 vm_page_copy(m, first_m); 486 first_m->fake = FALSE; 487 first_m->absent = FALSE; 488 489 /* 490 * If another map is truly sharing this 491 * page with us, we have to flush all 492 * uses of the original page, since we 493 * can't distinguish those which want the 494 * original from those which need the 495 * new copy. 496 * 497 * XXX If we know that only one map has 498 * access to this page, then we could 499 * avoid the pmap_page_protect() call. 500 */ 501 502 vm_page_lock_queues(); 503 vm_page_activate(m); 504 pmap_page_protect(VM_PAGE_TO_PHYS(m), VM_PROT_NONE); 505 vm_page_unlock_queues(); 506 507 /* 508 * We no longer need the old page or object. 509 */ 510 PAGE_WAKEUP(m); 511 object->paging_in_progress--; 512 vm_object_unlock(object); 513 514 /* 515 * Only use the new page below... 516 */ 517 518 cnt.v_cow_faults++; 519 m = first_m; 520 object = first_object; 521 offset = first_offset; 522 523 /* 524 * Now that we've gotten the copy out of the 525 * way, let's try to collapse the top object. 526 */ 527 vm_object_lock(object); 528 /* 529 * But we have to play ugly games with 530 * paging_in_progress to do that... 531 */ 532 object->paging_in_progress--; 533 vm_object_collapse(object); 534 object->paging_in_progress++; 535 } 536 else { 537 prot &= (~VM_PROT_WRITE); 538 m->copy_on_write = TRUE; 539 } 540 } 541 542 if (m->active || m->inactive) 543 panic("vm_fault: active or inactive before copy object handling"); 544 545 /* 546 * If the page is being written, but hasn't been 547 * copied to the copy-object, we have to copy it there. 548 */ 549 RetryCopy: 550 if (first_object->copy != NULL) { 551 vm_object_t copy_object = first_object->copy; 552 vm_offset_t copy_offset; 553 vm_page_t copy_m; 554 555 /* 556 * We only need to copy if we want to write it. 557 */ 558 if ((fault_type & VM_PROT_WRITE) == 0) { 559 prot &= ~VM_PROT_WRITE; 560 m->copy_on_write = TRUE; 561 } 562 else { 563 /* 564 * Try to get the lock on the copy_object. 565 */ 566 if (!vm_object_lock_try(copy_object)) { 567 vm_object_unlock(object); 568 /* should spin a bit here... */ 569 vm_object_lock(object); 570 goto RetryCopy; 571 } 572 573 /* 574 * Make another reference to the copy-object, 575 * to keep it from disappearing during the 576 * copy. 577 */ 578 copy_object->ref_count++; 579 580 /* 581 * Does the page exist in the copy? 582 */ 583 copy_offset = first_offset 584 - copy_object->shadow_offset; 585 copy_m = vm_page_lookup(copy_object, copy_offset); 586 if (page_exists = (copy_m != NULL)) { 587 if (copy_m->busy) { 588 #ifdef DOTHREADS 589 int wait_result; 590 591 /* 592 * If the page is being brought 593 * in, wait for it and then retry. 594 */ 595 PAGE_ASSERT_WAIT(copy_m, !change_wiring); 596 RELEASE_PAGE(m); 597 copy_object->ref_count--; 598 vm_object_unlock(copy_object); 599 UNLOCK_THINGS; 600 thread_block(); 601 wait_result = current_thread()->wait_result; 602 vm_object_deallocate(first_object); 603 if (wait_result != THREAD_AWAKENED) 604 return(KERN_SUCCESS); 605 goto RetryFault; 606 #else 607 /* 608 * If the page is being brought 609 * in, wait for it and then retry. 610 */ 611 PAGE_ASSERT_WAIT(copy_m, !change_wiring); 612 RELEASE_PAGE(m); 613 copy_object->ref_count--; 614 vm_object_unlock(copy_object); 615 UNLOCK_THINGS; 616 thread_block(); 617 vm_object_deallocate(first_object); 618 goto RetryFault; 619 #endif 620 } 621 } 622 623 /* 624 * If the page is not in memory (in the object) 625 * and the object has a pager, we have to check 626 * if the pager has the data in secondary 627 * storage. 628 */ 629 if (!page_exists) { 630 631 /* 632 * If we don't allocate a (blank) page 633 * here... another thread could try 634 * to page it in, allocate a page, and 635 * then block on the busy page in its 636 * shadow (first_object). Then we'd 637 * trip over the busy page after we 638 * found that the copy_object's pager 639 * doesn't have the page... 640 */ 641 copy_m = vm_page_alloc(copy_object, 642 copy_offset); 643 if (copy_m == NULL) { 644 /* 645 * Wait for a page, then retry. 646 */ 647 RELEASE_PAGE(m); 648 copy_object->ref_count--; 649 vm_object_unlock(copy_object); 650 UNLOCK_AND_DEALLOCATE; 651 VM_WAIT; 652 goto RetryFault; 653 } 654 655 if (copy_object->pager != NULL) { 656 vm_object_unlock(object); 657 vm_object_unlock(copy_object); 658 UNLOCK_MAP; 659 660 page_exists = vm_pager_has_page( 661 copy_object->pager, 662 (copy_offset + copy_object->paging_offset)); 663 664 vm_object_lock(copy_object); 665 666 /* 667 * Since the map is unlocked, someone 668 * else could have copied this object 669 * and put a different copy_object 670 * between the two. Or, the last 671 * reference to the copy-object (other 672 * than the one we have) may have 673 * disappeared - if that has happened, 674 * we don't need to make the copy. 675 */ 676 if (copy_object->shadow != object || 677 copy_object->ref_count == 1) { 678 /* 679 * Gaah... start over! 680 */ 681 FREE_PAGE(copy_m); 682 vm_object_unlock(copy_object); 683 vm_object_deallocate(copy_object); 684 /* may block */ 685 vm_object_lock(object); 686 goto RetryCopy; 687 } 688 vm_object_lock(object); 689 690 if (page_exists) { 691 /* 692 * We didn't need the page 693 */ 694 FREE_PAGE(copy_m); 695 } 696 } 697 } 698 if (!page_exists) { 699 /* 700 * Must copy page into copy-object. 701 */ 702 vm_page_copy(m, copy_m); 703 copy_m->fake = FALSE; 704 copy_m->absent = FALSE; 705 706 /* 707 * Things to remember: 708 * 1. The copied page must be marked 'dirty' 709 * so it will be paged out to the copy 710 * object. 711 * 2. If the old page was in use by any users 712 * of the copy-object, it must be removed 713 * from all pmaps. (We can't know which 714 * pmaps use it.) 715 */ 716 vm_page_lock_queues(); 717 pmap_page_protect(VM_PAGE_TO_PHYS(old_m), 718 VM_PROT_NONE); 719 copy_m->clean = FALSE; 720 vm_page_activate(copy_m); /* XXX */ 721 vm_page_unlock_queues(); 722 723 PAGE_WAKEUP(copy_m); 724 } 725 /* 726 * The reference count on copy_object must be 727 * at least 2: one for our extra reference, 728 * and at least one from the outside world 729 * (we checked that when we last locked 730 * copy_object). 731 */ 732 copy_object->ref_count--; 733 vm_object_unlock(copy_object); 734 m->copy_on_write = FALSE; 735 } 736 } 737 738 if (m->active || m->inactive) 739 panic("vm_fault: active or inactive before retrying lookup"); 740 741 /* 742 * We must verify that the maps have not changed 743 * since our last lookup. 744 */ 745 746 if (!lookup_still_valid) { 747 vm_object_t retry_object; 748 vm_offset_t retry_offset; 749 vm_prot_t retry_prot; 750 751 /* 752 * Since map entries may be pageable, make sure we can 753 * take a page fault on them. 754 */ 755 vm_object_unlock(object); 756 757 /* 758 * To avoid trying to write_lock the map while another 759 * thread has it read_locked (in vm_map_pageable), we 760 * do not try for write permission. If the page is 761 * still writable, we will get write permission. If it 762 * is not, or has been marked needs_copy, we enter the 763 * mapping without write permission, and will merely 764 * take another fault. 765 */ 766 result = vm_map_lookup(&map, vaddr, 767 fault_type & ~VM_PROT_WRITE, &entry, 768 &retry_object, &retry_offset, &retry_prot, 769 &wired, &su); 770 771 vm_object_lock(object); 772 773 /* 774 * If we don't need the page any longer, put it on the 775 * active list (the easiest thing to do here). If no 776 * one needs it, pageout will grab it eventually. 777 */ 778 779 if (result != KERN_SUCCESS) { 780 RELEASE_PAGE(m); 781 UNLOCK_AND_DEALLOCATE; 782 return(result); 783 } 784 785 lookup_still_valid = TRUE; 786 787 if ((retry_object != first_object) || 788 (retry_offset != first_offset)) { 789 RELEASE_PAGE(m); 790 UNLOCK_AND_DEALLOCATE; 791 goto RetryFault; 792 } 793 794 /* 795 * Check whether the protection has changed or the object 796 * has been copied while we left the map unlocked. 797 * Changing from read to write permission is OK - we leave 798 * the page write-protected, and catch the write fault. 799 * Changing from write to read permission means that we 800 * can't mark the page write-enabled after all. 801 */ 802 prot &= retry_prot; 803 if (m->copy_on_write) 804 prot &= ~VM_PROT_WRITE; 805 } 806 807 /* 808 * (the various bits we're fiddling with here are locked by 809 * the object's lock) 810 */ 811 812 /* XXX This distorts the meaning of the copy_on_write bit */ 813 814 if (prot & VM_PROT_WRITE) 815 m->copy_on_write = FALSE; 816 817 /* 818 * It's critically important that a wired-down page be faulted 819 * only once in each map for which it is wired. 820 */ 821 822 if (m->active || m->inactive) 823 panic("vm_fault: active or inactive before pmap_enter"); 824 825 vm_object_unlock(object); 826 827 /* 828 * Put this page into the physical map. 829 * We had to do the unlock above because pmap_enter 830 * may cause other faults. We don't put the 831 * page back on the active queue until later so 832 * that the page-out daemon won't find us (yet). 833 */ 834 835 pmap_enter(map->pmap, vaddr, VM_PAGE_TO_PHYS(m), 836 prot & ~(m->page_lock), wired); 837 838 /* 839 * If the page is not wired down, then put it where the 840 * pageout daemon can find it. 841 */ 842 vm_object_lock(object); 843 vm_page_lock_queues(); 844 if (change_wiring) { 845 if (wired) 846 vm_page_wire(m); 847 else 848 vm_page_unwire(m); 849 } 850 else 851 vm_page_activate(m); 852 vm_page_unlock_queues(); 853 854 /* 855 * Unlock everything, and return 856 */ 857 858 PAGE_WAKEUP(m); 859 UNLOCK_AND_DEALLOCATE; 860 861 return(KERN_SUCCESS); 862 863 } 864 865 /* 866 * vm_fault_wire: 867 * 868 * Wire down a range of virtual addresses in a map. 869 */ 870 void vm_fault_wire(map, start, end) 871 vm_map_t map; 872 vm_offset_t start, end; 873 { 874 875 register vm_offset_t va; 876 register pmap_t pmap; 877 878 pmap = vm_map_pmap(map); 879 880 /* 881 * Inform the physical mapping system that the 882 * range of addresses may not fault, so that 883 * page tables and such can be locked down as well. 884 */ 885 886 pmap_pageable(pmap, start, end, FALSE); 887 888 /* 889 * We simulate a fault to get the page and enter it 890 * in the physical map. 891 */ 892 893 for (va = start; va < end; va += PAGE_SIZE) { 894 (void) vm_fault(map, va, VM_PROT_NONE, TRUE); 895 } 896 } 897 898 899 /* 900 * vm_fault_unwire: 901 * 902 * Unwire a range of virtual addresses in a map. 903 */ 904 void vm_fault_unwire(map, start, end) 905 vm_map_t map; 906 vm_offset_t start, end; 907 { 908 909 register vm_offset_t va, pa; 910 register pmap_t pmap; 911 912 pmap = vm_map_pmap(map); 913 914 /* 915 * Since the pages are wired down, we must be able to 916 * get their mappings from the physical map system. 917 */ 918 919 vm_page_lock_queues(); 920 921 for (va = start; va < end; va += PAGE_SIZE) { 922 pa = pmap_extract(pmap, va); 923 if (pa == (vm_offset_t) 0) { 924 panic("unwire: page not in pmap"); 925 } 926 pmap_change_wiring(pmap, va, FALSE); 927 vm_page_unwire(PHYS_TO_VM_PAGE(pa)); 928 } 929 vm_page_unlock_queues(); 930 931 /* 932 * Inform the physical mapping system that the range 933 * of addresses may fault, so that page tables and 934 * such may be unwired themselves. 935 */ 936 937 pmap_pageable(pmap, start, end, TRUE); 938 939 } 940 941 /* 942 * Routine: 943 * vm_fault_copy_entry 944 * Function: 945 * Copy all of the pages from a wired-down map entry to another. 946 * 947 * In/out conditions: 948 * The source and destination maps must be locked for write. 949 * The source map entry must be wired down (or be a sharing map 950 * entry corresponding to a main map entry that is wired down). 951 */ 952 953 void vm_fault_copy_entry(dst_map, src_map, dst_entry, src_entry) 954 vm_map_t dst_map; 955 vm_map_t src_map; 956 vm_map_entry_t dst_entry; 957 vm_map_entry_t src_entry; 958 { 959 960 vm_object_t dst_object; 961 vm_object_t src_object; 962 vm_offset_t dst_offset; 963 vm_offset_t src_offset; 964 vm_prot_t prot; 965 vm_offset_t vaddr; 966 vm_page_t dst_m; 967 vm_page_t src_m; 968 969 #ifdef lint 970 src_map++; 971 #endif lint 972 973 src_object = src_entry->object.vm_object; 974 src_offset = src_entry->offset; 975 976 /* 977 * Create the top-level object for the destination entry. 978 * (Doesn't actually shadow anything - we copy the pages 979 * directly.) 980 */ 981 dst_object = vm_object_allocate( 982 (vm_size_t) (dst_entry->end - dst_entry->start)); 983 984 dst_entry->object.vm_object = dst_object; 985 dst_entry->offset = 0; 986 987 prot = dst_entry->max_protection; 988 989 /* 990 * Loop through all of the pages in the entry's range, copying 991 * each one from the source object (it should be there) to the 992 * destination object. 993 */ 994 for (vaddr = dst_entry->start, dst_offset = 0; 995 vaddr < dst_entry->end; 996 vaddr += PAGE_SIZE, dst_offset += PAGE_SIZE) { 997 998 /* 999 * Allocate a page in the destination object 1000 */ 1001 vm_object_lock(dst_object); 1002 do { 1003 dst_m = vm_page_alloc(dst_object, dst_offset); 1004 if (dst_m == NULL) { 1005 vm_object_unlock(dst_object); 1006 VM_WAIT; 1007 vm_object_lock(dst_object); 1008 } 1009 } while (dst_m == NULL); 1010 1011 /* 1012 * Find the page in the source object, and copy it in. 1013 * (Because the source is wired down, the page will be 1014 * in memory.) 1015 */ 1016 vm_object_lock(src_object); 1017 src_m = vm_page_lookup(src_object, dst_offset + src_offset); 1018 if (src_m == NULL) 1019 panic("vm_fault_copy_wired: page missing"); 1020 1021 vm_page_copy(src_m, dst_m); 1022 1023 /* 1024 * Enter it in the pmap... 1025 */ 1026 vm_object_unlock(src_object); 1027 vm_object_unlock(dst_object); 1028 1029 pmap_enter(dst_map->pmap, vaddr, VM_PAGE_TO_PHYS(dst_m), 1030 prot, FALSE); 1031 1032 /* 1033 * Mark it no longer busy, and put it on the active list. 1034 */ 1035 vm_object_lock(dst_object); 1036 vm_page_lock_queues(); 1037 vm_page_activate(dst_m); 1038 vm_page_unlock_queues(); 1039 PAGE_WAKEUP(dst_m); 1040 vm_object_unlock(dst_object); 1041 } 1042 1043 } 1044