1 /* $NetBSD: pmap.c,v 1.325 2015/06/09 10:44:55 skrll Exp $ */ 2 3 /* 4 * Copyright 2003 Wasabi Systems, Inc. 5 * All rights reserved. 6 * 7 * Written by Steve C. Woodford for Wasabi Systems, Inc. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed for the NetBSD Project by 20 * Wasabi Systems, Inc. 21 * 4. The name of Wasabi Systems, Inc. may not be used to endorse 22 * or promote products derived from this software without specific prior 23 * written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 /* 39 * Copyright (c) 2002-2003 Wasabi Systems, Inc. 40 * Copyright (c) 2001 Richard Earnshaw 41 * Copyright (c) 2001-2002 Christopher Gilbert 42 * All rights reserved. 43 * 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 3. The name of the company nor the name of the author may be used to 50 * endorse or promote products derived from this software without specific 51 * prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 54 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 55 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 56 * IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 57 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 58 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 59 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 */ 65 66 /*- 67 * Copyright (c) 1999 The NetBSD Foundation, Inc. 68 * All rights reserved. 69 * 70 * This code is derived from software contributed to The NetBSD Foundation 71 * by Charles M. Hannum. 72 * 73 * Redistribution and use in source and binary forms, with or without 74 * modification, are permitted provided that the following conditions 75 * are met: 76 * 1. Redistributions of source code must retain the above copyright 77 * notice, this list of conditions and the following disclaimer. 78 * 2. Redistributions in binary form must reproduce the above copyright 79 * notice, this list of conditions and the following disclaimer in the 80 * documentation and/or other materials provided with the distribution. 81 * 82 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 83 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 84 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 85 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 86 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 87 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 88 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 89 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 90 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 91 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 92 * POSSIBILITY OF SUCH DAMAGE. 93 */ 94 95 /* 96 * Copyright (c) 1994-1998 Mark Brinicombe. 97 * Copyright (c) 1994 Brini. 98 * All rights reserved. 99 * 100 * This code is derived from software written for Brini by Mark Brinicombe 101 * 102 * Redistribution and use in source and binary forms, with or without 103 * modification, are permitted provided that the following conditions 104 * are met: 105 * 1. Redistributions of source code must retain the above copyright 106 * notice, this list of conditions and the following disclaimer. 107 * 2. Redistributions in binary form must reproduce the above copyright 108 * notice, this list of conditions and the following disclaimer in the 109 * documentation and/or other materials provided with the distribution. 110 * 3. All advertising materials mentioning features or use of this software 111 * must display the following acknowledgement: 112 * This product includes software developed by Mark Brinicombe. 113 * 4. The name of the author may not be used to endorse or promote products 114 * derived from this software without specific prior written permission. 115 * 116 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 117 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 118 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 119 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 120 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 121 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 122 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 123 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 124 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 125 * 126 * RiscBSD kernel project 127 * 128 * pmap.c 129 * 130 * Machine dependent vm stuff 131 * 132 * Created : 20/09/94 133 */ 134 135 /* 136 * armv6 and VIPT cache support by 3am Software Foundry, 137 * Copyright (c) 2007 Microsoft 138 */ 139 140 /* 141 * Performance improvements, UVM changes, overhauls and part-rewrites 142 * were contributed by Neil A. Carson <neil@causality.com>. 143 */ 144 145 /* 146 * Overhauled again to speedup the pmap, use MMU Domains so that L1 tables 147 * can be shared, and re-work the KVM layout, by Steve Woodford of Wasabi 148 * Systems, Inc. 149 * 150 * There are still a few things outstanding at this time: 151 * 152 * - There are some unresolved issues for MP systems: 153 * 154 * o The L1 metadata needs a lock, or more specifically, some places 155 * need to acquire an exclusive lock when modifying L1 translation 156 * table entries. 157 * 158 * o When one cpu modifies an L1 entry, and that L1 table is also 159 * being used by another cpu, then the latter will need to be told 160 * that a tlb invalidation may be necessary. (But only if the old 161 * domain number in the L1 entry being over-written is currently 162 * the active domain on that cpu). I guess there are lots more tlb 163 * shootdown issues too... 164 * 165 * o If the vector_page is at 0x00000000 instead of in kernel VA space, 166 * then MP systems will lose big-time because of the MMU domain hack. 167 * The only way this can be solved (apart from moving the vector 168 * page to 0xffff0000) is to reserve the first 1MB of user address 169 * space for kernel use only. This would require re-linking all 170 * applications so that the text section starts above this 1MB 171 * boundary. 172 * 173 * o Tracking which VM space is resident in the cache/tlb has not yet 174 * been implemented for MP systems. 175 * 176 * o Finally, there is a pathological condition where two cpus running 177 * two separate processes (not lwps) which happen to share an L1 178 * can get into a fight over one or more L1 entries. This will result 179 * in a significant slow-down if both processes are in tight loops. 180 */ 181 182 /* 183 * Special compilation symbols 184 * PMAP_DEBUG - Build in pmap_debug_level code 185 */ 186 187 /* Include header files */ 188 189 #include "opt_arm_debug.h" 190 #include "opt_cpuoptions.h" 191 #include "opt_pmap_debug.h" 192 #include "opt_ddb.h" 193 #include "opt_lockdebug.h" 194 #include "opt_multiprocessor.h" 195 196 #ifdef MULTIPROCESSOR 197 #define _INTR_PRIVATE 198 #endif 199 200 #include <sys/param.h> 201 #include <sys/types.h> 202 #include <sys/kernel.h> 203 #include <sys/systm.h> 204 #include <sys/proc.h> 205 #include <sys/intr.h> 206 #include <sys/pool.h> 207 #include <sys/kmem.h> 208 #include <sys/cdefs.h> 209 #include <sys/cpu.h> 210 #include <sys/sysctl.h> 211 #include <sys/bus.h> 212 #include <sys/atomic.h> 213 #include <sys/kernhist.h> 214 215 #include <uvm/uvm.h> 216 217 #include <arm/locore.h> 218 219 __KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.325 2015/06/09 10:44:55 skrll Exp $"); 220 221 //#define PMAP_DEBUG 222 #ifdef PMAP_DEBUG 223 224 /* XXX need to get rid of all refs to this */ 225 int pmap_debug_level = 0; 226 227 /* 228 * for switching to potentially finer grained debugging 229 */ 230 #define PDB_FOLLOW 0x0001 231 #define PDB_INIT 0x0002 232 #define PDB_ENTER 0x0004 233 #define PDB_REMOVE 0x0008 234 #define PDB_CREATE 0x0010 235 #define PDB_PTPAGE 0x0020 236 #define PDB_GROWKERN 0x0040 237 #define PDB_BITS 0x0080 238 #define PDB_COLLECT 0x0100 239 #define PDB_PROTECT 0x0200 240 #define PDB_MAP_L1 0x0400 241 #define PDB_BOOTSTRAP 0x1000 242 #define PDB_PARANOIA 0x2000 243 #define PDB_WIRING 0x4000 244 #define PDB_PVDUMP 0x8000 245 #define PDB_VAC 0x10000 246 #define PDB_KENTER 0x20000 247 #define PDB_KREMOVE 0x40000 248 #define PDB_EXEC 0x80000 249 250 int debugmap = 1; 251 int pmapdebug = 0; 252 #define NPDEBUG(_lev_,_stat_) \ 253 if (pmapdebug & (_lev_)) \ 254 ((_stat_)) 255 256 #else /* PMAP_DEBUG */ 257 #define NPDEBUG(_lev_,_stat_) /* Nothing */ 258 #endif /* PMAP_DEBUG */ 259 260 /* 261 * pmap_kernel() points here 262 */ 263 static struct pmap kernel_pmap_store = { 264 #ifndef ARM_MMU_EXTENDED 265 .pm_activated = true, 266 .pm_domain = PMAP_DOMAIN_KERNEL, 267 .pm_cstate.cs_all = PMAP_CACHE_STATE_ALL, 268 #endif 269 }; 270 struct pmap * const kernel_pmap_ptr = &kernel_pmap_store; 271 #undef pmap_kernel 272 #define pmap_kernel() (&kernel_pmap_store) 273 #ifdef PMAP_NEED_ALLOC_POOLPAGE 274 int arm_poolpage_vmfreelist = VM_FREELIST_DEFAULT; 275 #endif 276 277 /* 278 * Pool and cache that pmap structures are allocated from. 279 * We use a cache to avoid clearing the pm_l2[] array (1KB) 280 * in pmap_create(). 281 */ 282 static struct pool_cache pmap_cache; 283 static LIST_HEAD(, pmap) pmap_pmaps; 284 285 /* 286 * Pool of PV structures 287 */ 288 static struct pool pmap_pv_pool; 289 static void *pmap_bootstrap_pv_page_alloc(struct pool *, int); 290 static void pmap_bootstrap_pv_page_free(struct pool *, void *); 291 static struct pool_allocator pmap_bootstrap_pv_allocator = { 292 pmap_bootstrap_pv_page_alloc, pmap_bootstrap_pv_page_free 293 }; 294 295 /* 296 * Pool and cache of l2_dtable structures. 297 * We use a cache to avoid clearing the structures when they're 298 * allocated. (196 bytes) 299 */ 300 static struct pool_cache pmap_l2dtable_cache; 301 static vaddr_t pmap_kernel_l2dtable_kva; 302 303 /* 304 * Pool and cache of L2 page descriptors. 305 * We use a cache to avoid clearing the descriptor table 306 * when they're allocated. (1KB) 307 */ 308 static struct pool_cache pmap_l2ptp_cache; 309 static vaddr_t pmap_kernel_l2ptp_kva; 310 static paddr_t pmap_kernel_l2ptp_phys; 311 312 #ifdef PMAPCOUNTERS 313 #define PMAP_EVCNT_INITIALIZER(name) \ 314 EVCNT_INITIALIZER(EVCNT_TYPE_MISC, NULL, "pmap", name) 315 316 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 317 static struct evcnt pmap_ev_vac_clean_one = 318 PMAP_EVCNT_INITIALIZER("clean page (1 color)"); 319 static struct evcnt pmap_ev_vac_flush_one = 320 PMAP_EVCNT_INITIALIZER("flush page (1 color)"); 321 static struct evcnt pmap_ev_vac_flush_lots = 322 PMAP_EVCNT_INITIALIZER("flush page (2+ colors)"); 323 static struct evcnt pmap_ev_vac_flush_lots2 = 324 PMAP_EVCNT_INITIALIZER("flush page (2+ colors, kmpage)"); 325 EVCNT_ATTACH_STATIC(pmap_ev_vac_clean_one); 326 EVCNT_ATTACH_STATIC(pmap_ev_vac_flush_one); 327 EVCNT_ATTACH_STATIC(pmap_ev_vac_flush_lots); 328 EVCNT_ATTACH_STATIC(pmap_ev_vac_flush_lots2); 329 330 static struct evcnt pmap_ev_vac_color_new = 331 PMAP_EVCNT_INITIALIZER("new page color"); 332 static struct evcnt pmap_ev_vac_color_reuse = 333 PMAP_EVCNT_INITIALIZER("ok first page color"); 334 static struct evcnt pmap_ev_vac_color_ok = 335 PMAP_EVCNT_INITIALIZER("ok page color"); 336 static struct evcnt pmap_ev_vac_color_blind = 337 PMAP_EVCNT_INITIALIZER("blind page color"); 338 static struct evcnt pmap_ev_vac_color_change = 339 PMAP_EVCNT_INITIALIZER("change page color"); 340 static struct evcnt pmap_ev_vac_color_erase = 341 PMAP_EVCNT_INITIALIZER("erase page color"); 342 static struct evcnt pmap_ev_vac_color_none = 343 PMAP_EVCNT_INITIALIZER("no page color"); 344 static struct evcnt pmap_ev_vac_color_restore = 345 PMAP_EVCNT_INITIALIZER("restore page color"); 346 347 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_new); 348 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_reuse); 349 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_ok); 350 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_blind); 351 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_change); 352 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_erase); 353 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_none); 354 EVCNT_ATTACH_STATIC(pmap_ev_vac_color_restore); 355 #endif 356 357 static struct evcnt pmap_ev_mappings = 358 PMAP_EVCNT_INITIALIZER("pages mapped"); 359 static struct evcnt pmap_ev_unmappings = 360 PMAP_EVCNT_INITIALIZER("pages unmapped"); 361 static struct evcnt pmap_ev_remappings = 362 PMAP_EVCNT_INITIALIZER("pages remapped"); 363 364 EVCNT_ATTACH_STATIC(pmap_ev_mappings); 365 EVCNT_ATTACH_STATIC(pmap_ev_unmappings); 366 EVCNT_ATTACH_STATIC(pmap_ev_remappings); 367 368 static struct evcnt pmap_ev_kernel_mappings = 369 PMAP_EVCNT_INITIALIZER("kernel pages mapped"); 370 static struct evcnt pmap_ev_kernel_unmappings = 371 PMAP_EVCNT_INITIALIZER("kernel pages unmapped"); 372 static struct evcnt pmap_ev_kernel_remappings = 373 PMAP_EVCNT_INITIALIZER("kernel pages remapped"); 374 375 EVCNT_ATTACH_STATIC(pmap_ev_kernel_mappings); 376 EVCNT_ATTACH_STATIC(pmap_ev_kernel_unmappings); 377 EVCNT_ATTACH_STATIC(pmap_ev_kernel_remappings); 378 379 static struct evcnt pmap_ev_kenter_mappings = 380 PMAP_EVCNT_INITIALIZER("kenter pages mapped"); 381 static struct evcnt pmap_ev_kenter_unmappings = 382 PMAP_EVCNT_INITIALIZER("kenter pages unmapped"); 383 static struct evcnt pmap_ev_kenter_remappings = 384 PMAP_EVCNT_INITIALIZER("kenter pages remapped"); 385 static struct evcnt pmap_ev_pt_mappings = 386 PMAP_EVCNT_INITIALIZER("page table pages mapped"); 387 388 EVCNT_ATTACH_STATIC(pmap_ev_kenter_mappings); 389 EVCNT_ATTACH_STATIC(pmap_ev_kenter_unmappings); 390 EVCNT_ATTACH_STATIC(pmap_ev_kenter_remappings); 391 EVCNT_ATTACH_STATIC(pmap_ev_pt_mappings); 392 393 static struct evcnt pmap_ev_fixup_mod = 394 PMAP_EVCNT_INITIALIZER("page modification emulations"); 395 static struct evcnt pmap_ev_fixup_ref = 396 PMAP_EVCNT_INITIALIZER("page reference emulations"); 397 static struct evcnt pmap_ev_fixup_exec = 398 PMAP_EVCNT_INITIALIZER("exec pages fixed up"); 399 static struct evcnt pmap_ev_fixup_pdes = 400 PMAP_EVCNT_INITIALIZER("pdes fixed up"); 401 #ifndef ARM_MMU_EXTENDED 402 static struct evcnt pmap_ev_fixup_ptesync = 403 PMAP_EVCNT_INITIALIZER("ptesync fixed"); 404 #endif 405 406 EVCNT_ATTACH_STATIC(pmap_ev_fixup_mod); 407 EVCNT_ATTACH_STATIC(pmap_ev_fixup_ref); 408 EVCNT_ATTACH_STATIC(pmap_ev_fixup_exec); 409 EVCNT_ATTACH_STATIC(pmap_ev_fixup_pdes); 410 #ifndef ARM_MMU_EXTENDED 411 EVCNT_ATTACH_STATIC(pmap_ev_fixup_ptesync); 412 #endif 413 414 #ifdef PMAP_CACHE_VIPT 415 static struct evcnt pmap_ev_exec_mappings = 416 PMAP_EVCNT_INITIALIZER("exec pages mapped"); 417 static struct evcnt pmap_ev_exec_cached = 418 PMAP_EVCNT_INITIALIZER("exec pages cached"); 419 420 EVCNT_ATTACH_STATIC(pmap_ev_exec_mappings); 421 EVCNT_ATTACH_STATIC(pmap_ev_exec_cached); 422 423 static struct evcnt pmap_ev_exec_synced = 424 PMAP_EVCNT_INITIALIZER("exec pages synced"); 425 static struct evcnt pmap_ev_exec_synced_map = 426 PMAP_EVCNT_INITIALIZER("exec pages synced (MP)"); 427 #ifndef ARM_MMU_EXTENDED 428 static struct evcnt pmap_ev_exec_synced_unmap = 429 PMAP_EVCNT_INITIALIZER("exec pages synced (UM)"); 430 static struct evcnt pmap_ev_exec_synced_remap = 431 PMAP_EVCNT_INITIALIZER("exec pages synced (RM)"); 432 static struct evcnt pmap_ev_exec_synced_clearbit = 433 PMAP_EVCNT_INITIALIZER("exec pages synced (DG)"); 434 static struct evcnt pmap_ev_exec_synced_kremove = 435 PMAP_EVCNT_INITIALIZER("exec pages synced (KU)"); 436 #endif 437 438 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced); 439 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced_map); 440 #ifndef ARM_MMU_EXTENDED 441 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced_unmap); 442 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced_remap); 443 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced_clearbit); 444 EVCNT_ATTACH_STATIC(pmap_ev_exec_synced_kremove); 445 #endif 446 447 static struct evcnt pmap_ev_exec_discarded_unmap = 448 PMAP_EVCNT_INITIALIZER("exec pages discarded (UM)"); 449 static struct evcnt pmap_ev_exec_discarded_zero = 450 PMAP_EVCNT_INITIALIZER("exec pages discarded (ZP)"); 451 static struct evcnt pmap_ev_exec_discarded_copy = 452 PMAP_EVCNT_INITIALIZER("exec pages discarded (CP)"); 453 static struct evcnt pmap_ev_exec_discarded_page_protect = 454 PMAP_EVCNT_INITIALIZER("exec pages discarded (PP)"); 455 static struct evcnt pmap_ev_exec_discarded_clearbit = 456 PMAP_EVCNT_INITIALIZER("exec pages discarded (DG)"); 457 static struct evcnt pmap_ev_exec_discarded_kremove = 458 PMAP_EVCNT_INITIALIZER("exec pages discarded (KU)"); 459 #ifdef ARM_MMU_EXTENDED 460 static struct evcnt pmap_ev_exec_discarded_modfixup = 461 PMAP_EVCNT_INITIALIZER("exec pages discarded (MF)"); 462 #endif 463 464 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_unmap); 465 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_zero); 466 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_copy); 467 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_page_protect); 468 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_clearbit); 469 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_kremove); 470 #ifdef ARM_MMU_EXTENDED 471 EVCNT_ATTACH_STATIC(pmap_ev_exec_discarded_modfixup); 472 #endif 473 #endif /* PMAP_CACHE_VIPT */ 474 475 static struct evcnt pmap_ev_updates = PMAP_EVCNT_INITIALIZER("updates"); 476 static struct evcnt pmap_ev_collects = PMAP_EVCNT_INITIALIZER("collects"); 477 static struct evcnt pmap_ev_activations = PMAP_EVCNT_INITIALIZER("activations"); 478 479 EVCNT_ATTACH_STATIC(pmap_ev_updates); 480 EVCNT_ATTACH_STATIC(pmap_ev_collects); 481 EVCNT_ATTACH_STATIC(pmap_ev_activations); 482 483 #define PMAPCOUNT(x) ((void)(pmap_ev_##x.ev_count++)) 484 #else 485 #define PMAPCOUNT(x) ((void)0) 486 #endif 487 488 /* 489 * pmap copy/zero page, and mem(5) hook point 490 */ 491 static pt_entry_t *csrc_pte, *cdst_pte; 492 static vaddr_t csrcp, cdstp; 493 #ifdef MULTIPROCESSOR 494 static size_t cnptes; 495 #define cpu_csrc_pte(o) (csrc_pte + cnptes * cpu_number() + ((o) >> L2_S_SHIFT)) 496 #define cpu_cdst_pte(o) (cdst_pte + cnptes * cpu_number() + ((o) >> L2_S_SHIFT)) 497 #define cpu_csrcp(o) (csrcp + L2_S_SIZE * cnptes * cpu_number() + (o)) 498 #define cpu_cdstp(o) (cdstp + L2_S_SIZE * cnptes * cpu_number() + (o)) 499 #else 500 #define cpu_csrc_pte(o) (csrc_pte + ((o) >> L2_S_SHIFT)) 501 #define cpu_cdst_pte(o) (cdst_pte + ((o) >> L2_S_SHIFT)) 502 #define cpu_csrcp(o) (csrcp + (o)) 503 #define cpu_cdstp(o) (cdstp + (o)) 504 #endif 505 vaddr_t memhook; /* used by mem.c & others */ 506 kmutex_t memlock __cacheline_aligned; /* used by mem.c & others */ 507 kmutex_t pmap_lock __cacheline_aligned; 508 extern void *msgbufaddr; 509 int pmap_kmpages; 510 /* 511 * Flag to indicate if pmap_init() has done its thing 512 */ 513 bool pmap_initialized; 514 515 #if defined(ARM_MMU_EXTENDED) && defined(__HAVE_MM_MD_DIRECT_MAPPED_PHYS) 516 /* 517 * Virtual end of direct-mapped memory 518 */ 519 vaddr_t pmap_directlimit; 520 #endif 521 522 /* 523 * Misc. locking data structures 524 */ 525 526 static inline void 527 pmap_acquire_pmap_lock(pmap_t pm) 528 { 529 if (pm == pmap_kernel()) { 530 #ifdef MULTIPROCESSOR 531 KERNEL_LOCK(1, NULL); 532 #endif 533 } else { 534 mutex_enter(pm->pm_lock); 535 } 536 } 537 538 static inline void 539 pmap_release_pmap_lock(pmap_t pm) 540 { 541 if (pm == pmap_kernel()) { 542 #ifdef MULTIPROCESSOR 543 KERNEL_UNLOCK_ONE(NULL); 544 #endif 545 } else { 546 mutex_exit(pm->pm_lock); 547 } 548 } 549 550 static inline void 551 pmap_acquire_page_lock(struct vm_page_md *md) 552 { 553 mutex_enter(&pmap_lock); 554 } 555 556 static inline void 557 pmap_release_page_lock(struct vm_page_md *md) 558 { 559 mutex_exit(&pmap_lock); 560 } 561 562 #ifdef DIAGNOSTIC 563 static inline int 564 pmap_page_locked_p(struct vm_page_md *md) 565 { 566 return mutex_owned(&pmap_lock); 567 } 568 #endif 569 570 571 /* 572 * Metadata for L1 translation tables. 573 */ 574 #ifndef ARM_MMU_EXTENDED 575 struct l1_ttable { 576 /* Entry on the L1 Table list */ 577 SLIST_ENTRY(l1_ttable) l1_link; 578 579 /* Entry on the L1 Least Recently Used list */ 580 TAILQ_ENTRY(l1_ttable) l1_lru; 581 582 /* Track how many domains are allocated from this L1 */ 583 volatile u_int l1_domain_use_count; 584 585 /* 586 * A free-list of domain numbers for this L1. 587 * We avoid using ffs() and a bitmap to track domains since ffs() 588 * is slow on ARM. 589 */ 590 uint8_t l1_domain_first; 591 uint8_t l1_domain_free[PMAP_DOMAINS]; 592 593 /* Physical address of this L1 page table */ 594 paddr_t l1_physaddr; 595 596 /* KVA of this L1 page table */ 597 pd_entry_t *l1_kva; 598 }; 599 600 /* 601 * L1 Page Tables are tracked using a Least Recently Used list. 602 * - New L1s are allocated from the HEAD. 603 * - Freed L1s are added to the TAIl. 604 * - Recently accessed L1s (where an 'access' is some change to one of 605 * the userland pmaps which owns this L1) are moved to the TAIL. 606 */ 607 static TAILQ_HEAD(, l1_ttable) l1_lru_list; 608 static kmutex_t l1_lru_lock __cacheline_aligned; 609 610 /* 611 * A list of all L1 tables 612 */ 613 static SLIST_HEAD(, l1_ttable) l1_list; 614 #endif /* ARM_MMU_EXTENDED */ 615 616 /* 617 * The l2_dtable tracks L2_BUCKET_SIZE worth of L1 slots. 618 * 619 * This is normally 16MB worth L2 page descriptors for any given pmap. 620 * Reference counts are maintained for L2 descriptors so they can be 621 * freed when empty. 622 */ 623 struct l2_bucket { 624 pt_entry_t *l2b_kva; /* KVA of L2 Descriptor Table */ 625 paddr_t l2b_pa; /* Physical address of same */ 626 u_short l2b_l1slot; /* This L2 table's L1 index */ 627 u_short l2b_occupancy; /* How many active descriptors */ 628 }; 629 630 struct l2_dtable { 631 /* The number of L2 page descriptors allocated to this l2_dtable */ 632 u_int l2_occupancy; 633 634 /* List of L2 page descriptors */ 635 struct l2_bucket l2_bucket[L2_BUCKET_SIZE]; 636 }; 637 638 /* 639 * Given an L1 table index, calculate the corresponding l2_dtable index 640 * and bucket index within the l2_dtable. 641 */ 642 #define L2_BUCKET_XSHIFT (L2_BUCKET_XLOG2 - L1_S_SHIFT) 643 #define L2_BUCKET_XFRAME (~(vaddr_t)0 << L2_BUCKET_XLOG2) 644 #define L2_BUCKET_IDX(l1slot) ((l1slot) >> L2_BUCKET_XSHIFT) 645 #define L2_IDX(l1slot) (L2_BUCKET_IDX(l1slot) >> L2_BUCKET_LOG2) 646 #define L2_BUCKET(l1slot) (L2_BUCKET_IDX(l1slot) & (L2_BUCKET_SIZE - 1)) 647 648 __CTASSERT(0x100000000ULL == ((uint64_t)L2_SIZE * L2_BUCKET_SIZE * L1_S_SIZE)); 649 __CTASSERT(L2_BUCKET_XFRAME == ~(L2_BUCKET_XSIZE-1)); 650 651 /* 652 * Given a virtual address, this macro returns the 653 * virtual address required to drop into the next L2 bucket. 654 */ 655 #define L2_NEXT_BUCKET_VA(va) (((va) & L2_BUCKET_XFRAME) + L2_BUCKET_XSIZE) 656 657 /* 658 * L2 allocation. 659 */ 660 #define pmap_alloc_l2_dtable() \ 661 pool_cache_get(&pmap_l2dtable_cache, PR_NOWAIT) 662 #define pmap_free_l2_dtable(l2) \ 663 pool_cache_put(&pmap_l2dtable_cache, (l2)) 664 #define pmap_alloc_l2_ptp(pap) \ 665 ((pt_entry_t *)pool_cache_get_paddr(&pmap_l2ptp_cache,\ 666 PR_NOWAIT, (pap))) 667 668 /* 669 * We try to map the page tables write-through, if possible. However, not 670 * all CPUs have a write-through cache mode, so on those we have to sync 671 * the cache when we frob page tables. 672 * 673 * We try to evaluate this at compile time, if possible. However, it's 674 * not always possible to do that, hence this run-time var. 675 */ 676 int pmap_needs_pte_sync; 677 678 /* 679 * Real definition of pv_entry. 680 */ 681 struct pv_entry { 682 SLIST_ENTRY(pv_entry) pv_link; /* next pv_entry */ 683 pmap_t pv_pmap; /* pmap where mapping lies */ 684 vaddr_t pv_va; /* virtual address for mapping */ 685 u_int pv_flags; /* flags */ 686 }; 687 688 /* 689 * Macros to determine if a mapping might be resident in the 690 * instruction/data cache and/or TLB 691 */ 692 #if ARM_MMU_V7 > 0 && !defined(ARM_MMU_EXTENDED) 693 /* 694 * Speculative loads by Cortex cores can cause TLB entries to be filled even if 695 * there are no explicit accesses, so there may be always be TLB entries to 696 * flush. If we used ASIDs then this would not be a problem. 697 */ 698 #define PV_BEEN_EXECD(f) (((f) & PVF_EXEC) == PVF_EXEC) 699 #define PV_BEEN_REFD(f) (true) 700 #else 701 #define PV_BEEN_EXECD(f) (((f) & (PVF_REF | PVF_EXEC)) == (PVF_REF | PVF_EXEC)) 702 #define PV_BEEN_REFD(f) (((f) & PVF_REF) != 0) 703 #endif 704 #define PV_IS_EXEC_P(f) (((f) & PVF_EXEC) != 0) 705 #define PV_IS_KENTRY_P(f) (((f) & PVF_KENTRY) != 0) 706 #define PV_IS_WRITE_P(f) (((f) & PVF_WRITE) != 0) 707 708 /* 709 * Local prototypes 710 */ 711 static bool pmap_set_pt_cache_mode(pd_entry_t *, vaddr_t, size_t); 712 static void pmap_alloc_specials(vaddr_t *, int, vaddr_t *, 713 pt_entry_t **); 714 static bool pmap_is_current(pmap_t) __unused; 715 static bool pmap_is_cached(pmap_t); 716 static void pmap_enter_pv(struct vm_page_md *, paddr_t, struct pv_entry *, 717 pmap_t, vaddr_t, u_int); 718 static struct pv_entry *pmap_find_pv(struct vm_page_md *, pmap_t, vaddr_t); 719 static struct pv_entry *pmap_remove_pv(struct vm_page_md *, paddr_t, pmap_t, vaddr_t); 720 static u_int pmap_modify_pv(struct vm_page_md *, paddr_t, pmap_t, vaddr_t, 721 u_int, u_int); 722 723 static void pmap_pinit(pmap_t); 724 static int pmap_pmap_ctor(void *, void *, int); 725 726 static void pmap_alloc_l1(pmap_t); 727 static void pmap_free_l1(pmap_t); 728 #ifndef ARM_MMU_EXTENDED 729 static void pmap_use_l1(pmap_t); 730 #endif 731 732 static struct l2_bucket *pmap_get_l2_bucket(pmap_t, vaddr_t); 733 static struct l2_bucket *pmap_alloc_l2_bucket(pmap_t, vaddr_t); 734 static void pmap_free_l2_bucket(pmap_t, struct l2_bucket *, u_int); 735 static int pmap_l2ptp_ctor(void *, void *, int); 736 static int pmap_l2dtable_ctor(void *, void *, int); 737 738 static void pmap_vac_me_harder(struct vm_page_md *, paddr_t, pmap_t, vaddr_t); 739 #ifdef PMAP_CACHE_VIVT 740 static void pmap_vac_me_kpmap(struct vm_page_md *, paddr_t, pmap_t, vaddr_t); 741 static void pmap_vac_me_user(struct vm_page_md *, paddr_t, pmap_t, vaddr_t); 742 #endif 743 744 static void pmap_clearbit(struct vm_page_md *, paddr_t, u_int); 745 #ifdef PMAP_CACHE_VIVT 746 static bool pmap_clean_page(struct vm_page_md *, bool); 747 #endif 748 #ifdef PMAP_CACHE_VIPT 749 static void pmap_syncicache_page(struct vm_page_md *, paddr_t); 750 enum pmap_flush_op { 751 PMAP_FLUSH_PRIMARY, 752 PMAP_FLUSH_SECONDARY, 753 PMAP_CLEAN_PRIMARY 754 }; 755 #ifndef ARM_MMU_EXTENDED 756 static void pmap_flush_page(struct vm_page_md *, paddr_t, enum pmap_flush_op); 757 #endif 758 #endif 759 static void pmap_page_remove(struct vm_page_md *, paddr_t); 760 761 #ifndef ARM_MMU_EXTENDED 762 static void pmap_init_l1(struct l1_ttable *, pd_entry_t *); 763 #endif 764 static vaddr_t kernel_pt_lookup(paddr_t); 765 766 767 /* 768 * Misc variables 769 */ 770 vaddr_t virtual_avail; 771 vaddr_t virtual_end; 772 vaddr_t pmap_curmaxkvaddr; 773 774 paddr_t avail_start; 775 paddr_t avail_end; 776 777 pv_addrqh_t pmap_boot_freeq = SLIST_HEAD_INITIALIZER(&pmap_boot_freeq); 778 pv_addr_t kernelpages; 779 pv_addr_t kernel_l1pt; 780 pv_addr_t systempage; 781 782 /* Function to set the debug level of the pmap code */ 783 784 #ifdef PMAP_DEBUG 785 void 786 pmap_debug(int level) 787 { 788 pmap_debug_level = level; 789 printf("pmap_debug: level=%d\n", pmap_debug_level); 790 } 791 #endif /* PMAP_DEBUG */ 792 793 #ifdef PMAP_CACHE_VIPT 794 #define PMAP_VALIDATE_MD_PAGE(md) \ 795 KASSERTMSG(arm_cache_prefer_mask == 0 || (((md)->pvh_attrs & PVF_WRITE) == 0) == ((md)->urw_mappings + (md)->krw_mappings == 0), \ 796 "(md) %p: attrs=%#x urw=%u krw=%u", (md), \ 797 (md)->pvh_attrs, (md)->urw_mappings, (md)->krw_mappings); 798 #endif /* PMAP_CACHE_VIPT */ 799 /* 800 * A bunch of routines to conditionally flush the caches/TLB depending 801 * on whether the specified pmap actually needs to be flushed at any 802 * given time. 803 */ 804 static inline void 805 pmap_tlb_flush_SE(pmap_t pm, vaddr_t va, u_int flags) 806 { 807 #ifdef ARM_MMU_EXTENDED 808 pmap_tlb_invalidate_addr(pm, va); 809 #else 810 if (pm->pm_cstate.cs_tlb_id != 0) { 811 if (PV_BEEN_EXECD(flags)) { 812 cpu_tlb_flushID_SE(va); 813 } else if (PV_BEEN_REFD(flags)) { 814 cpu_tlb_flushD_SE(va); 815 } 816 } 817 #endif /* ARM_MMU_EXTENDED */ 818 } 819 820 static inline void 821 pmap_tlb_flushID(pmap_t pm) 822 { 823 #ifdef ARM_MMU_EXTENDED 824 pmap_tlb_asid_release_all(pm); 825 #else 826 if (pm->pm_cstate.cs_tlb_id) { 827 cpu_tlb_flushID(); 828 #if ARM_MMU_V7 == 0 829 /* 830 * Speculative loads by Cortex cores can cause TLB entries to 831 * be filled even if there are no explicit accesses, so there 832 * may be always be TLB entries to flush. If we used ASIDs 833 * then it would not be a problem. 834 * This is not true for other CPUs. 835 */ 836 pm->pm_cstate.cs_tlb = 0; 837 #endif /* ARM_MMU_V7 */ 838 } 839 #endif /* ARM_MMU_EXTENDED */ 840 } 841 842 #ifndef ARM_MMU_EXTENDED 843 static inline void 844 pmap_tlb_flushD(pmap_t pm) 845 { 846 if (pm->pm_cstate.cs_tlb_d) { 847 cpu_tlb_flushD(); 848 #if ARM_MMU_V7 == 0 849 /* 850 * Speculative loads by Cortex cores can cause TLB entries to 851 * be filled even if there are no explicit accesses, so there 852 * may be always be TLB entries to flush. If we used ASIDs 853 * then it would not be a problem. 854 * This is not true for other CPUs. 855 */ 856 pm->pm_cstate.cs_tlb_d = 0; 857 #endif /* ARM_MMU_V7 */ 858 } 859 } 860 #endif /* ARM_MMU_EXTENDED */ 861 862 #ifdef PMAP_CACHE_VIVT 863 static inline void 864 pmap_cache_wbinv_page(pmap_t pm, vaddr_t va, bool do_inv, u_int flags) 865 { 866 if (PV_BEEN_EXECD(flags) && pm->pm_cstate.cs_cache_id) { 867 cpu_idcache_wbinv_range(va, PAGE_SIZE); 868 } else if (PV_BEEN_REFD(flags) && pm->pm_cstate.cs_cache_d) { 869 if (do_inv) { 870 if (flags & PVF_WRITE) 871 cpu_dcache_wbinv_range(va, PAGE_SIZE); 872 else 873 cpu_dcache_inv_range(va, PAGE_SIZE); 874 } else if (flags & PVF_WRITE) { 875 cpu_dcache_wb_range(va, PAGE_SIZE); 876 } 877 } 878 } 879 880 static inline void 881 pmap_cache_wbinv_all(pmap_t pm, u_int flags) 882 { 883 if (PV_BEEN_EXECD(flags)) { 884 if (pm->pm_cstate.cs_cache_id) { 885 cpu_idcache_wbinv_all(); 886 pm->pm_cstate.cs_cache = 0; 887 } 888 } else if (pm->pm_cstate.cs_cache_d) { 889 cpu_dcache_wbinv_all(); 890 pm->pm_cstate.cs_cache_d = 0; 891 } 892 } 893 #endif /* PMAP_CACHE_VIVT */ 894 895 static inline uint8_t 896 pmap_domain(pmap_t pm) 897 { 898 #ifdef ARM_MMU_EXTENDED 899 return pm == pmap_kernel() ? PMAP_DOMAIN_KERNEL : PMAP_DOMAIN_USER; 900 #else 901 return pm->pm_domain; 902 #endif 903 } 904 905 static inline pd_entry_t * 906 pmap_l1_kva(pmap_t pm) 907 { 908 #ifdef ARM_MMU_EXTENDED 909 return pm->pm_l1; 910 #else 911 return pm->pm_l1->l1_kva; 912 #endif 913 } 914 915 static inline bool 916 pmap_is_current(pmap_t pm) 917 { 918 if (pm == pmap_kernel() || curproc->p_vmspace->vm_map.pmap == pm) 919 return true; 920 921 return false; 922 } 923 924 static inline bool 925 pmap_is_cached(pmap_t pm) 926 { 927 #ifdef ARM_MMU_EXTENDED 928 if (pm == pmap_kernel()) 929 return true; 930 #ifdef MULTIPROCESSOR 931 // Is this pmap active on any CPU? 932 if (!kcpuset_iszero(pm->pm_active)) 933 return true; 934 #else 935 struct pmap_tlb_info * const ti = cpu_tlb_info(curcpu()); 936 // Is this pmap active? 937 if (PMAP_PAI_ASIDVALID_P(PMAP_PAI(pm, ti), ti)) 938 return true; 939 #endif 940 #else 941 struct cpu_info * const ci = curcpu(); 942 if (pm == pmap_kernel() || ci->ci_pmap_lastuser == NULL 943 || ci->ci_pmap_lastuser == pm) 944 return true; 945 #endif /* ARM_MMU_EXTENDED */ 946 947 return false; 948 } 949 950 /* 951 * PTE_SYNC_CURRENT: 952 * 953 * Make sure the pte is written out to RAM. 954 * We need to do this for one of two cases: 955 * - We're dealing with the kernel pmap 956 * - There is no pmap active in the cache/tlb. 957 * - The specified pmap is 'active' in the cache/tlb. 958 */ 959 960 static inline void 961 pmap_pte_sync_current(pmap_t pm, pt_entry_t *ptep) 962 { 963 if (PMAP_NEEDS_PTE_SYNC && pmap_is_cached(pm)) 964 PTE_SYNC(ptep); 965 arm_dsb(); 966 } 967 968 #ifdef PMAP_INCLUDE_PTE_SYNC 969 #define PTE_SYNC_CURRENT(pm, ptep) pmap_pte_sync_current(pm, ptep) 970 #else 971 #define PTE_SYNC_CURRENT(pm, ptep) /* nothing */ 972 #endif 973 974 /* 975 * main pv_entry manipulation functions: 976 * pmap_enter_pv: enter a mapping onto a vm_page list 977 * pmap_remove_pv: remove a mapping from a vm_page list 978 * 979 * NOTE: pmap_enter_pv expects to lock the pvh itself 980 * pmap_remove_pv expects the caller to lock the pvh before calling 981 */ 982 983 /* 984 * pmap_enter_pv: enter a mapping onto a vm_page lst 985 * 986 * => caller should hold the proper lock on pmap_main_lock 987 * => caller should have pmap locked 988 * => we will gain the lock on the vm_page and allocate the new pv_entry 989 * => caller should adjust ptp's wire_count before calling 990 * => caller should not adjust pmap's wire_count 991 */ 992 static void 993 pmap_enter_pv(struct vm_page_md *md, paddr_t pa, struct pv_entry *pv, pmap_t pm, 994 vaddr_t va, u_int flags) 995 { 996 struct pv_entry **pvp; 997 998 NPDEBUG(PDB_PVDUMP, 999 printf("pmap_enter_pv: pm %p, md %p, flags 0x%x\n", pm, md, flags)); 1000 1001 pv->pv_pmap = pm; 1002 pv->pv_va = va; 1003 pv->pv_flags = flags; 1004 1005 pvp = &SLIST_FIRST(&md->pvh_list); 1006 #ifdef PMAP_CACHE_VIPT 1007 /* 1008 * Insert unmanaged entries, writeable first, at the head of 1009 * the pv list. 1010 */ 1011 if (__predict_true(!PV_IS_KENTRY_P(flags))) { 1012 while (*pvp != NULL && PV_IS_KENTRY_P((*pvp)->pv_flags)) 1013 pvp = &SLIST_NEXT(*pvp, pv_link); 1014 } 1015 if (!PV_IS_WRITE_P(flags)) { 1016 while (*pvp != NULL && PV_IS_WRITE_P((*pvp)->pv_flags)) 1017 pvp = &SLIST_NEXT(*pvp, pv_link); 1018 } 1019 #endif 1020 SLIST_NEXT(pv, pv_link) = *pvp; /* add to ... */ 1021 *pvp = pv; /* ... locked list */ 1022 md->pvh_attrs |= flags & (PVF_REF | PVF_MOD); 1023 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 1024 if ((pv->pv_flags & PVF_KWRITE) == PVF_KWRITE) 1025 md->pvh_attrs |= PVF_KMOD; 1026 if ((md->pvh_attrs & (PVF_DMOD|PVF_NC)) != PVF_NC) 1027 md->pvh_attrs |= PVF_DIRTY; 1028 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 1029 #endif 1030 if (pm == pmap_kernel()) { 1031 PMAPCOUNT(kernel_mappings); 1032 if (flags & PVF_WRITE) 1033 md->krw_mappings++; 1034 else 1035 md->kro_mappings++; 1036 } else { 1037 if (flags & PVF_WRITE) 1038 md->urw_mappings++; 1039 else 1040 md->uro_mappings++; 1041 } 1042 1043 #ifdef PMAP_CACHE_VIPT 1044 #ifndef ARM_MMU_EXTENDED 1045 /* 1046 * Even though pmap_vac_me_harder will set PVF_WRITE for us, 1047 * do it here as well to keep the mappings & KVF_WRITE consistent. 1048 */ 1049 if (arm_cache_prefer_mask != 0 && (flags & PVF_WRITE) != 0) { 1050 md->pvh_attrs |= PVF_WRITE; 1051 } 1052 #endif 1053 /* 1054 * If this is an exec mapping and its the first exec mapping 1055 * for this page, make sure to sync the I-cache. 1056 */ 1057 if (PV_IS_EXEC_P(flags)) { 1058 #ifndef ARM_MMU_EXTENDED 1059 if (!PV_IS_EXEC_P(md->pvh_attrs)) { 1060 pmap_syncicache_page(md, pa); 1061 PMAPCOUNT(exec_synced_map); 1062 } 1063 #endif 1064 PMAPCOUNT(exec_mappings); 1065 } 1066 #endif 1067 1068 PMAPCOUNT(mappings); 1069 1070 if (pv->pv_flags & PVF_WIRED) 1071 ++pm->pm_stats.wired_count; 1072 } 1073 1074 /* 1075 * 1076 * pmap_find_pv: Find a pv entry 1077 * 1078 * => caller should hold lock on vm_page 1079 */ 1080 static inline struct pv_entry * 1081 pmap_find_pv(struct vm_page_md *md, pmap_t pm, vaddr_t va) 1082 { 1083 struct pv_entry *pv; 1084 1085 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 1086 if (pm == pv->pv_pmap && va == pv->pv_va) 1087 break; 1088 } 1089 1090 return (pv); 1091 } 1092 1093 /* 1094 * pmap_remove_pv: try to remove a mapping from a pv_list 1095 * 1096 * => caller should hold proper lock on pmap_main_lock 1097 * => pmap should be locked 1098 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1099 * => caller should adjust ptp's wire_count and free PTP if needed 1100 * => caller should NOT adjust pmap's wire_count 1101 * => we return the removed pv 1102 */ 1103 static struct pv_entry * 1104 pmap_remove_pv(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va) 1105 { 1106 struct pv_entry *pv, **prevptr; 1107 1108 NPDEBUG(PDB_PVDUMP, 1109 printf("pmap_remove_pv: pm %p, md %p, va 0x%08lx\n", pm, md, va)); 1110 1111 prevptr = &SLIST_FIRST(&md->pvh_list); /* prev pv_entry ptr */ 1112 pv = *prevptr; 1113 1114 while (pv) { 1115 if (pv->pv_pmap == pm && pv->pv_va == va) { /* match? */ 1116 NPDEBUG(PDB_PVDUMP, printf("pmap_remove_pv: pm %p, md " 1117 "%p, flags 0x%x\n", pm, md, pv->pv_flags)); 1118 if (pv->pv_flags & PVF_WIRED) { 1119 --pm->pm_stats.wired_count; 1120 } 1121 *prevptr = SLIST_NEXT(pv, pv_link); /* remove it! */ 1122 if (pm == pmap_kernel()) { 1123 PMAPCOUNT(kernel_unmappings); 1124 if (pv->pv_flags & PVF_WRITE) 1125 md->krw_mappings--; 1126 else 1127 md->kro_mappings--; 1128 } else { 1129 if (pv->pv_flags & PVF_WRITE) 1130 md->urw_mappings--; 1131 else 1132 md->uro_mappings--; 1133 } 1134 1135 PMAPCOUNT(unmappings); 1136 #ifdef PMAP_CACHE_VIPT 1137 if (!(pv->pv_flags & PVF_WRITE)) 1138 break; 1139 /* 1140 * If this page has had an exec mapping, then if 1141 * this was the last mapping, discard the contents, 1142 * otherwise sync the i-cache for this page. 1143 */ 1144 if (PV_IS_EXEC_P(md->pvh_attrs)) { 1145 #ifdef ARM_MMU_EXTENDED 1146 md->pvh_attrs &= ~PVF_EXEC; 1147 PMAPCOUNT(exec_discarded_unmap); 1148 #else 1149 if (SLIST_EMPTY(&md->pvh_list)) { 1150 md->pvh_attrs &= ~PVF_EXEC; 1151 PMAPCOUNT(exec_discarded_unmap); 1152 } else { 1153 pmap_syncicache_page(md, pa); 1154 PMAPCOUNT(exec_synced_unmap); 1155 } 1156 #endif /* ARM_MMU_EXTENDED */ 1157 } 1158 #endif /* PMAP_CACHE_VIPT */ 1159 break; 1160 } 1161 prevptr = &SLIST_NEXT(pv, pv_link); /* previous pointer */ 1162 pv = *prevptr; /* advance */ 1163 } 1164 1165 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 1166 /* 1167 * If we no longer have a WRITEABLE KENTRY at the head of list, 1168 * clear the KMOD attribute from the page. 1169 */ 1170 if (SLIST_FIRST(&md->pvh_list) == NULL 1171 || (SLIST_FIRST(&md->pvh_list)->pv_flags & PVF_KWRITE) != PVF_KWRITE) 1172 md->pvh_attrs &= ~PVF_KMOD; 1173 1174 /* 1175 * If this was a writeable page and there are no more writeable 1176 * mappings (ignoring KMPAGE), clear the WRITE flag and writeback 1177 * the contents to memory. 1178 */ 1179 if (arm_cache_prefer_mask != 0) { 1180 if (md->krw_mappings + md->urw_mappings == 0) 1181 md->pvh_attrs &= ~PVF_WRITE; 1182 PMAP_VALIDATE_MD_PAGE(md); 1183 } 1184 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 1185 #endif /* PMAP_CACHE_VIPT && !ARM_MMU_EXTENDED */ 1186 1187 return(pv); /* return removed pv */ 1188 } 1189 1190 /* 1191 * 1192 * pmap_modify_pv: Update pv flags 1193 * 1194 * => caller should hold lock on vm_page [so that attrs can be adjusted] 1195 * => caller should NOT adjust pmap's wire_count 1196 * => caller must call pmap_vac_me_harder() if writable status of a page 1197 * may have changed. 1198 * => we return the old flags 1199 * 1200 * Modify a physical-virtual mapping in the pv table 1201 */ 1202 static u_int 1203 pmap_modify_pv(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va, 1204 u_int clr_mask, u_int set_mask) 1205 { 1206 struct pv_entry *npv; 1207 u_int flags, oflags; 1208 1209 KASSERT(!PV_IS_KENTRY_P(clr_mask)); 1210 KASSERT(!PV_IS_KENTRY_P(set_mask)); 1211 1212 if ((npv = pmap_find_pv(md, pm, va)) == NULL) 1213 return (0); 1214 1215 NPDEBUG(PDB_PVDUMP, 1216 printf("pmap_modify_pv: pm %p, md %p, clr 0x%x, set 0x%x, flags 0x%x\n", pm, md, clr_mask, set_mask, npv->pv_flags)); 1217 1218 /* 1219 * There is at least one VA mapping this page. 1220 */ 1221 1222 if (clr_mask & (PVF_REF | PVF_MOD)) { 1223 md->pvh_attrs |= set_mask & (PVF_REF | PVF_MOD); 1224 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 1225 if ((md->pvh_attrs & (PVF_DMOD|PVF_NC)) != PVF_NC) 1226 md->pvh_attrs |= PVF_DIRTY; 1227 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 1228 #endif /* PMAP_CACHE_VIPT && !ARM_MMU_EXTENDED */ 1229 } 1230 1231 oflags = npv->pv_flags; 1232 npv->pv_flags = flags = (oflags & ~clr_mask) | set_mask; 1233 1234 if ((flags ^ oflags) & PVF_WIRED) { 1235 if (flags & PVF_WIRED) 1236 ++pm->pm_stats.wired_count; 1237 else 1238 --pm->pm_stats.wired_count; 1239 } 1240 1241 if ((flags ^ oflags) & PVF_WRITE) { 1242 if (pm == pmap_kernel()) { 1243 if (flags & PVF_WRITE) { 1244 md->krw_mappings++; 1245 md->kro_mappings--; 1246 } else { 1247 md->kro_mappings++; 1248 md->krw_mappings--; 1249 } 1250 } else { 1251 if (flags & PVF_WRITE) { 1252 md->urw_mappings++; 1253 md->uro_mappings--; 1254 } else { 1255 md->uro_mappings++; 1256 md->urw_mappings--; 1257 } 1258 } 1259 } 1260 #ifdef PMAP_CACHE_VIPT 1261 if (arm_cache_prefer_mask != 0) { 1262 if (md->urw_mappings + md->krw_mappings == 0) { 1263 md->pvh_attrs &= ~PVF_WRITE; 1264 } else { 1265 md->pvh_attrs |= PVF_WRITE; 1266 } 1267 } 1268 #ifndef ARM_MMU_EXTENDED 1269 /* 1270 * We have two cases here: the first is from enter_pv (new exec 1271 * page), the second is a combined pmap_remove_pv/pmap_enter_pv. 1272 * Since in latter, pmap_enter_pv won't do anything, we just have 1273 * to do what pmap_remove_pv would do. 1274 */ 1275 if ((PV_IS_EXEC_P(flags) && !PV_IS_EXEC_P(md->pvh_attrs)) 1276 || (PV_IS_EXEC_P(md->pvh_attrs) 1277 || (!(flags & PVF_WRITE) && (oflags & PVF_WRITE)))) { 1278 pmap_syncicache_page(md, pa); 1279 PMAPCOUNT(exec_synced_remap); 1280 } 1281 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 1282 #endif /* !ARM_MMU_EXTENDED */ 1283 #endif /* PMAP_CACHE_VIPT */ 1284 1285 PMAPCOUNT(remappings); 1286 1287 return (oflags); 1288 } 1289 1290 /* 1291 * Allocate an L1 translation table for the specified pmap. 1292 * This is called at pmap creation time. 1293 */ 1294 static void 1295 pmap_alloc_l1(pmap_t pm) 1296 { 1297 #ifdef ARM_MMU_EXTENDED 1298 #ifdef __HAVE_MM_MD_DIRECT_MAPPED_PHYS 1299 struct vm_page *pg; 1300 bool ok __diagused; 1301 for (;;) { 1302 #ifdef PMAP_NEED_ALLOC_POOLPAGE 1303 pg = arm_pmap_alloc_poolpage(UVM_PGA_ZERO); 1304 #else 1305 pg = uvm_pagealloc(NULL, 0, NULL, UVM_PGA_ZERO); 1306 #endif 1307 if (pg != NULL) 1308 break; 1309 uvm_wait("pmapl1alloc"); 1310 } 1311 pm->pm_l1_pa = VM_PAGE_TO_PHYS(pg); 1312 vaddr_t va = pmap_direct_mapped_phys(pm->pm_l1_pa, &ok, 0); 1313 KASSERT(ok); 1314 KASSERT(va >= KERNEL_BASE); 1315 1316 #else 1317 KASSERTMSG(kernel_map != NULL, "pm %p", pm); 1318 vaddr_t va = uvm_km_alloc(kernel_map, PAGE_SIZE, 0, 1319 UVM_KMF_WIRED|UVM_KMF_ZERO); 1320 KASSERT(va); 1321 pmap_extract(pmap_kernel(), va, &pm->pm_l1_pa); 1322 #endif 1323 pm->pm_l1 = (pd_entry_t *)va; 1324 PTE_SYNC_RANGE(pm->pm_l1, PAGE_SIZE / sizeof(pt_entry_t)); 1325 #else 1326 struct l1_ttable *l1; 1327 uint8_t domain; 1328 1329 /* 1330 * Remove the L1 at the head of the LRU list 1331 */ 1332 mutex_spin_enter(&l1_lru_lock); 1333 l1 = TAILQ_FIRST(&l1_lru_list); 1334 KDASSERT(l1 != NULL); 1335 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 1336 1337 /* 1338 * Pick the first available domain number, and update 1339 * the link to the next number. 1340 */ 1341 domain = l1->l1_domain_first; 1342 l1->l1_domain_first = l1->l1_domain_free[domain]; 1343 1344 /* 1345 * If there are still free domain numbers in this L1, 1346 * put it back on the TAIL of the LRU list. 1347 */ 1348 if (++l1->l1_domain_use_count < PMAP_DOMAINS) 1349 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 1350 1351 mutex_spin_exit(&l1_lru_lock); 1352 1353 /* 1354 * Fix up the relevant bits in the pmap structure 1355 */ 1356 pm->pm_l1 = l1; 1357 pm->pm_domain = domain + 1; 1358 #endif 1359 } 1360 1361 /* 1362 * Free an L1 translation table. 1363 * This is called at pmap destruction time. 1364 */ 1365 static void 1366 pmap_free_l1(pmap_t pm) 1367 { 1368 #ifdef ARM_MMU_EXTENDED 1369 #ifdef __HAVE_MM_MD_DIRECT_MAPPED_PHYS 1370 struct vm_page *pg = PHYS_TO_VM_PAGE(pm->pm_l1_pa); 1371 uvm_pagefree(pg); 1372 #else 1373 uvm_km_free(kernel_map, (vaddr_t)pm->pm_l1, PAGE_SIZE, UVM_KMF_WIRED); 1374 #endif 1375 pm->pm_l1 = NULL; 1376 pm->pm_l1_pa = 0; 1377 #else 1378 struct l1_ttable *l1 = pm->pm_l1; 1379 1380 mutex_spin_enter(&l1_lru_lock); 1381 1382 /* 1383 * If this L1 is currently on the LRU list, remove it. 1384 */ 1385 if (l1->l1_domain_use_count < PMAP_DOMAINS) 1386 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 1387 1388 /* 1389 * Free up the domain number which was allocated to the pmap 1390 */ 1391 l1->l1_domain_free[pmap_domain(pm) - 1] = l1->l1_domain_first; 1392 l1->l1_domain_first = pmap_domain(pm) - 1; 1393 l1->l1_domain_use_count--; 1394 1395 /* 1396 * The L1 now must have at least 1 free domain, so add 1397 * it back to the LRU list. If the use count is zero, 1398 * put it at the head of the list, otherwise it goes 1399 * to the tail. 1400 */ 1401 if (l1->l1_domain_use_count == 0) 1402 TAILQ_INSERT_HEAD(&l1_lru_list, l1, l1_lru); 1403 else 1404 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 1405 1406 mutex_spin_exit(&l1_lru_lock); 1407 #endif /* ARM_MMU_EXTENDED */ 1408 } 1409 1410 #ifndef ARM_MMU_EXTENDED 1411 static inline void 1412 pmap_use_l1(pmap_t pm) 1413 { 1414 struct l1_ttable *l1; 1415 1416 /* 1417 * Do nothing if we're in interrupt context. 1418 * Access to an L1 by the kernel pmap must not affect 1419 * the LRU list. 1420 */ 1421 if (cpu_intr_p() || pm == pmap_kernel()) 1422 return; 1423 1424 l1 = pm->pm_l1; 1425 1426 /* 1427 * If the L1 is not currently on the LRU list, just return 1428 */ 1429 if (l1->l1_domain_use_count == PMAP_DOMAINS) 1430 return; 1431 1432 mutex_spin_enter(&l1_lru_lock); 1433 1434 /* 1435 * Check the use count again, now that we've acquired the lock 1436 */ 1437 if (l1->l1_domain_use_count == PMAP_DOMAINS) { 1438 mutex_spin_exit(&l1_lru_lock); 1439 return; 1440 } 1441 1442 /* 1443 * Move the L1 to the back of the LRU list 1444 */ 1445 TAILQ_REMOVE(&l1_lru_list, l1, l1_lru); 1446 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 1447 1448 mutex_spin_exit(&l1_lru_lock); 1449 } 1450 #endif /* !ARM_MMU_EXTENDED */ 1451 1452 /* 1453 * void pmap_free_l2_ptp(pt_entry_t *, paddr_t *) 1454 * 1455 * Free an L2 descriptor table. 1456 */ 1457 static inline void 1458 #if defined(PMAP_INCLUDE_PTE_SYNC) && defined(PMAP_CACHE_VIVT) 1459 pmap_free_l2_ptp(bool need_sync, pt_entry_t *l2, paddr_t pa) 1460 #else 1461 pmap_free_l2_ptp(pt_entry_t *l2, paddr_t pa) 1462 #endif 1463 { 1464 #if defined(PMAP_INCLUDE_PTE_SYNC) && defined(PMAP_CACHE_VIVT) 1465 /* 1466 * Note: With a write-back cache, we may need to sync this 1467 * L2 table before re-using it. 1468 * This is because it may have belonged to a non-current 1469 * pmap, in which case the cache syncs would have been 1470 * skipped for the pages that were being unmapped. If the 1471 * L2 table were then to be immediately re-allocated to 1472 * the *current* pmap, it may well contain stale mappings 1473 * which have not yet been cleared by a cache write-back 1474 * and so would still be visible to the mmu. 1475 */ 1476 if (need_sync) 1477 PTE_SYNC_RANGE(l2, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 1478 #endif /* PMAP_INCLUDE_PTE_SYNC && PMAP_CACHE_VIVT */ 1479 pool_cache_put_paddr(&pmap_l2ptp_cache, (void *)l2, pa); 1480 } 1481 1482 /* 1483 * Returns a pointer to the L2 bucket associated with the specified pmap 1484 * and VA, or NULL if no L2 bucket exists for the address. 1485 */ 1486 static inline struct l2_bucket * 1487 pmap_get_l2_bucket(pmap_t pm, vaddr_t va) 1488 { 1489 const size_t l1slot = l1pte_index(va); 1490 struct l2_dtable *l2; 1491 struct l2_bucket *l2b; 1492 1493 if ((l2 = pm->pm_l2[L2_IDX(l1slot)]) == NULL || 1494 (l2b = &l2->l2_bucket[L2_BUCKET(l1slot)])->l2b_kva == NULL) 1495 return (NULL); 1496 1497 return (l2b); 1498 } 1499 1500 /* 1501 * Returns a pointer to the L2 bucket associated with the specified pmap 1502 * and VA. 1503 * 1504 * If no L2 bucket exists, perform the necessary allocations to put an L2 1505 * bucket/page table in place. 1506 * 1507 * Note that if a new L2 bucket/page was allocated, the caller *must* 1508 * increment the bucket occupancy counter appropriately *before* 1509 * releasing the pmap's lock to ensure no other thread or cpu deallocates 1510 * the bucket/page in the meantime. 1511 */ 1512 static struct l2_bucket * 1513 pmap_alloc_l2_bucket(pmap_t pm, vaddr_t va) 1514 { 1515 const size_t l1slot = l1pte_index(va); 1516 struct l2_dtable *l2; 1517 1518 if ((l2 = pm->pm_l2[L2_IDX(l1slot)]) == NULL) { 1519 /* 1520 * No mapping at this address, as there is 1521 * no entry in the L1 table. 1522 * Need to allocate a new l2_dtable. 1523 */ 1524 if ((l2 = pmap_alloc_l2_dtable()) == NULL) 1525 return (NULL); 1526 1527 /* 1528 * Link it into the parent pmap 1529 */ 1530 pm->pm_l2[L2_IDX(l1slot)] = l2; 1531 } 1532 1533 struct l2_bucket * const l2b = &l2->l2_bucket[L2_BUCKET(l1slot)]; 1534 1535 /* 1536 * Fetch pointer to the L2 page table associated with the address. 1537 */ 1538 if (l2b->l2b_kva == NULL) { 1539 pt_entry_t *ptep; 1540 1541 /* 1542 * No L2 page table has been allocated. Chances are, this 1543 * is because we just allocated the l2_dtable, above. 1544 */ 1545 if ((ptep = pmap_alloc_l2_ptp(&l2b->l2b_pa)) == NULL) { 1546 /* 1547 * Oops, no more L2 page tables available at this 1548 * time. We may need to deallocate the l2_dtable 1549 * if we allocated a new one above. 1550 */ 1551 if (l2->l2_occupancy == 0) { 1552 pm->pm_l2[L2_IDX(l1slot)] = NULL; 1553 pmap_free_l2_dtable(l2); 1554 } 1555 return (NULL); 1556 } 1557 1558 l2->l2_occupancy++; 1559 l2b->l2b_kva = ptep; 1560 l2b->l2b_l1slot = l1slot; 1561 1562 #ifdef ARM_MMU_EXTENDED 1563 /* 1564 * We know there will be a mapping here, so simply 1565 * enter this PTP into the L1 now. 1566 */ 1567 pd_entry_t * const pdep = pmap_l1_kva(pm) + l1slot; 1568 pd_entry_t npde = L1_C_PROTO | l2b->l2b_pa 1569 | L1_C_DOM(pmap_domain(pm)); 1570 KASSERT(*pdep == 0); 1571 l1pte_setone(pdep, npde); 1572 PDE_SYNC(pdep); 1573 #endif 1574 } 1575 1576 return (l2b); 1577 } 1578 1579 /* 1580 * One or more mappings in the specified L2 descriptor table have just been 1581 * invalidated. 1582 * 1583 * Garbage collect the metadata and descriptor table itself if necessary. 1584 * 1585 * The pmap lock must be acquired when this is called (not necessary 1586 * for the kernel pmap). 1587 */ 1588 static void 1589 pmap_free_l2_bucket(pmap_t pm, struct l2_bucket *l2b, u_int count) 1590 { 1591 KDASSERT(count <= l2b->l2b_occupancy); 1592 1593 /* 1594 * Update the bucket's reference count according to how many 1595 * PTEs the caller has just invalidated. 1596 */ 1597 l2b->l2b_occupancy -= count; 1598 1599 /* 1600 * Note: 1601 * 1602 * Level 2 page tables allocated to the kernel pmap are never freed 1603 * as that would require checking all Level 1 page tables and 1604 * removing any references to the Level 2 page table. See also the 1605 * comment elsewhere about never freeing bootstrap L2 descriptors. 1606 * 1607 * We make do with just invalidating the mapping in the L2 table. 1608 * 1609 * This isn't really a big deal in practice and, in fact, leads 1610 * to a performance win over time as we don't need to continually 1611 * alloc/free. 1612 */ 1613 if (l2b->l2b_occupancy > 0 || pm == pmap_kernel()) 1614 return; 1615 1616 /* 1617 * There are no more valid mappings in this level 2 page table. 1618 * Go ahead and NULL-out the pointer in the bucket, then 1619 * free the page table. 1620 */ 1621 const size_t l1slot = l2b->l2b_l1slot; 1622 pt_entry_t * const ptep = l2b->l2b_kva; 1623 l2b->l2b_kva = NULL; 1624 1625 pd_entry_t * const pdep = pmap_l1_kva(pm) + l1slot; 1626 pd_entry_t pde __diagused = *pdep; 1627 1628 #ifdef ARM_MMU_EXTENDED 1629 /* 1630 * Invalidate the L1 slot. 1631 */ 1632 KASSERT((pde & L1_TYPE_MASK) == L1_TYPE_C); 1633 #else 1634 /* 1635 * If the L1 slot matches the pmap's domain number, then invalidate it. 1636 */ 1637 if ((pde & (L1_C_DOM_MASK|L1_TYPE_MASK)) 1638 == (L1_C_DOM(pmap_domain(pm))|L1_TYPE_C)) { 1639 #endif 1640 l1pte_setone(pdep, 0); 1641 PDE_SYNC(pdep); 1642 #ifndef ARM_MMU_EXTENDED 1643 } 1644 #endif 1645 1646 /* 1647 * Release the L2 descriptor table back to the pool cache. 1648 */ 1649 #if defined(PMAP_INCLUDE_PTE_SYNC) && defined(PMAP_CACHE_VIVT) 1650 pmap_free_l2_ptp(!pmap_is_cached(pm), ptep, l2b->l2b_pa); 1651 #else 1652 pmap_free_l2_ptp(ptep, l2b->l2b_pa); 1653 #endif 1654 1655 /* 1656 * Update the reference count in the associated l2_dtable 1657 */ 1658 struct l2_dtable * const l2 = pm->pm_l2[L2_IDX(l1slot)]; 1659 if (--l2->l2_occupancy > 0) 1660 return; 1661 1662 /* 1663 * There are no more valid mappings in any of the Level 1 1664 * slots managed by this l2_dtable. Go ahead and NULL-out 1665 * the pointer in the parent pmap and free the l2_dtable. 1666 */ 1667 pm->pm_l2[L2_IDX(l1slot)] = NULL; 1668 pmap_free_l2_dtable(l2); 1669 } 1670 1671 /* 1672 * Pool cache constructors for L2 descriptor tables, metadata and pmap 1673 * structures. 1674 */ 1675 static int 1676 pmap_l2ptp_ctor(void *arg, void *v, int flags) 1677 { 1678 #ifndef PMAP_INCLUDE_PTE_SYNC 1679 vaddr_t va = (vaddr_t)v & ~PGOFSET; 1680 1681 /* 1682 * The mappings for these page tables were initially made using 1683 * pmap_kenter_pa() by the pool subsystem. Therefore, the cache- 1684 * mode will not be right for page table mappings. To avoid 1685 * polluting the pmap_kenter_pa() code with a special case for 1686 * page tables, we simply fix up the cache-mode here if it's not 1687 * correct. 1688 */ 1689 if (pte_l2_s_cache_mode != pte_l2_s_cache_mode_pt) { 1690 const struct l2_bucket * const l2b = 1691 pmap_get_l2_bucket(pmap_kernel(), va); 1692 KASSERTMSG(l2b != NULL, "%#lx", va); 1693 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 1694 const pt_entry_t opte = *ptep; 1695 1696 if ((opte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 1697 /* 1698 * Page tables must have the cache-mode set correctly. 1699 */ 1700 const pt_entry_t npte = (pte & ~L2_S_CACHE_MASK) 1701 | pte_l2_s_cache_mode_pt; 1702 l2pte_set(ptep, npte, opte); 1703 PTE_SYNC(ptep); 1704 cpu_tlb_flushD_SE(va); 1705 cpu_cpwait(); 1706 } 1707 } 1708 #endif 1709 1710 memset(v, 0, L2_TABLE_SIZE_REAL); 1711 PTE_SYNC_RANGE(v, L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 1712 return (0); 1713 } 1714 1715 static int 1716 pmap_l2dtable_ctor(void *arg, void *v, int flags) 1717 { 1718 1719 memset(v, 0, sizeof(struct l2_dtable)); 1720 return (0); 1721 } 1722 1723 static int 1724 pmap_pmap_ctor(void *arg, void *v, int flags) 1725 { 1726 1727 memset(v, 0, sizeof(struct pmap)); 1728 return (0); 1729 } 1730 1731 static void 1732 pmap_pinit(pmap_t pm) 1733 { 1734 #ifndef ARM_HAS_VBAR 1735 struct l2_bucket *l2b; 1736 1737 if (vector_page < KERNEL_BASE) { 1738 /* 1739 * Map the vector page. 1740 */ 1741 pmap_enter(pm, vector_page, systempage.pv_pa, 1742 VM_PROT_READ | VM_PROT_EXECUTE, 1743 VM_PROT_READ | VM_PROT_EXECUTE | PMAP_WIRED); 1744 pmap_update(pm); 1745 1746 pm->pm_pl1vec = pmap_l1_kva(pm) + l1pte_index(vector_page); 1747 l2b = pmap_get_l2_bucket(pm, vector_page); 1748 KASSERTMSG(l2b != NULL, "%#lx", vector_page); 1749 pm->pm_l1vec = l2b->l2b_pa | L1_C_PROTO | 1750 L1_C_DOM(pmap_domain(pm)); 1751 } else 1752 pm->pm_pl1vec = NULL; 1753 #endif 1754 } 1755 1756 #ifdef PMAP_CACHE_VIVT 1757 /* 1758 * Since we have a virtually indexed cache, we may need to inhibit caching if 1759 * there is more than one mapping and at least one of them is writable. 1760 * Since we purge the cache on every context switch, we only need to check for 1761 * other mappings within the same pmap, or kernel_pmap. 1762 * This function is also called when a page is unmapped, to possibly reenable 1763 * caching on any remaining mappings. 1764 * 1765 * The code implements the following logic, where: 1766 * 1767 * KW = # of kernel read/write pages 1768 * KR = # of kernel read only pages 1769 * UW = # of user read/write pages 1770 * UR = # of user read only pages 1771 * 1772 * KC = kernel mapping is cacheable 1773 * UC = user mapping is cacheable 1774 * 1775 * KW=0,KR=0 KW=0,KR>0 KW=1,KR=0 KW>1,KR>=0 1776 * +--------------------------------------------- 1777 * UW=0,UR=0 | --- KC=1 KC=1 KC=0 1778 * UW=0,UR>0 | UC=1 KC=1,UC=1 KC=0,UC=0 KC=0,UC=0 1779 * UW=1,UR=0 | UC=1 KC=0,UC=0 KC=0,UC=0 KC=0,UC=0 1780 * UW>1,UR>=0 | UC=0 KC=0,UC=0 KC=0,UC=0 KC=0,UC=0 1781 */ 1782 1783 static const int pmap_vac_flags[4][4] = { 1784 {-1, 0, 0, PVF_KNC}, 1785 {0, 0, PVF_NC, PVF_NC}, 1786 {0, PVF_NC, PVF_NC, PVF_NC}, 1787 {PVF_UNC, PVF_NC, PVF_NC, PVF_NC} 1788 }; 1789 1790 static inline int 1791 pmap_get_vac_flags(const struct vm_page_md *md) 1792 { 1793 int kidx, uidx; 1794 1795 kidx = 0; 1796 if (md->kro_mappings || md->krw_mappings > 1) 1797 kidx |= 1; 1798 if (md->krw_mappings) 1799 kidx |= 2; 1800 1801 uidx = 0; 1802 if (md->uro_mappings || md->urw_mappings > 1) 1803 uidx |= 1; 1804 if (md->urw_mappings) 1805 uidx |= 2; 1806 1807 return (pmap_vac_flags[uidx][kidx]); 1808 } 1809 1810 static inline void 1811 pmap_vac_me_harder(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va) 1812 { 1813 int nattr; 1814 1815 nattr = pmap_get_vac_flags(md); 1816 1817 if (nattr < 0) { 1818 md->pvh_attrs &= ~PVF_NC; 1819 return; 1820 } 1821 1822 if (nattr == 0 && (md->pvh_attrs & PVF_NC) == 0) 1823 return; 1824 1825 if (pm == pmap_kernel()) 1826 pmap_vac_me_kpmap(md, pa, pm, va); 1827 else 1828 pmap_vac_me_user(md, pa, pm, va); 1829 1830 md->pvh_attrs = (md->pvh_attrs & ~PVF_NC) | nattr; 1831 } 1832 1833 static void 1834 pmap_vac_me_kpmap(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va) 1835 { 1836 u_int u_cacheable, u_entries; 1837 struct pv_entry *pv; 1838 pmap_t last_pmap = pm; 1839 1840 /* 1841 * Pass one, see if there are both kernel and user pmaps for 1842 * this page. Calculate whether there are user-writable or 1843 * kernel-writable pages. 1844 */ 1845 u_cacheable = 0; 1846 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 1847 if (pv->pv_pmap != pm && (pv->pv_flags & PVF_NC) == 0) 1848 u_cacheable++; 1849 } 1850 1851 u_entries = md->urw_mappings + md->uro_mappings; 1852 1853 /* 1854 * We know we have just been updating a kernel entry, so if 1855 * all user pages are already cacheable, then there is nothing 1856 * further to do. 1857 */ 1858 if (md->k_mappings == 0 && u_cacheable == u_entries) 1859 return; 1860 1861 if (u_entries) { 1862 /* 1863 * Scan over the list again, for each entry, if it 1864 * might not be set correctly, call pmap_vac_me_user 1865 * to recalculate the settings. 1866 */ 1867 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 1868 /* 1869 * We know kernel mappings will get set 1870 * correctly in other calls. We also know 1871 * that if the pmap is the same as last_pmap 1872 * then we've just handled this entry. 1873 */ 1874 if (pv->pv_pmap == pm || pv->pv_pmap == last_pmap) 1875 continue; 1876 1877 /* 1878 * If there are kernel entries and this page 1879 * is writable but non-cacheable, then we can 1880 * skip this entry also. 1881 */ 1882 if (md->k_mappings && 1883 (pv->pv_flags & (PVF_NC | PVF_WRITE)) == 1884 (PVF_NC | PVF_WRITE)) 1885 continue; 1886 1887 /* 1888 * Similarly if there are no kernel-writable 1889 * entries and the page is already 1890 * read-only/cacheable. 1891 */ 1892 if (md->krw_mappings == 0 && 1893 (pv->pv_flags & (PVF_NC | PVF_WRITE)) == 0) 1894 continue; 1895 1896 /* 1897 * For some of the remaining cases, we know 1898 * that we must recalculate, but for others we 1899 * can't tell if they are correct or not, so 1900 * we recalculate anyway. 1901 */ 1902 pmap_vac_me_user(md, pa, (last_pmap = pv->pv_pmap), 0); 1903 } 1904 1905 if (md->k_mappings == 0) 1906 return; 1907 } 1908 1909 pmap_vac_me_user(md, pa, pm, va); 1910 } 1911 1912 static void 1913 pmap_vac_me_user(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va) 1914 { 1915 pmap_t kpmap = pmap_kernel(); 1916 struct pv_entry *pv, *npv = NULL; 1917 u_int entries = 0; 1918 u_int writable = 0; 1919 u_int cacheable_entries = 0; 1920 u_int kern_cacheable = 0; 1921 u_int other_writable = 0; 1922 1923 /* 1924 * Count mappings and writable mappings in this pmap. 1925 * Include kernel mappings as part of our own. 1926 * Keep a pointer to the first one. 1927 */ 1928 npv = NULL; 1929 KASSERT(pmap_page_locked_p(md)); 1930 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 1931 /* Count mappings in the same pmap */ 1932 if (pm == pv->pv_pmap || kpmap == pv->pv_pmap) { 1933 if (entries++ == 0) 1934 npv = pv; 1935 1936 /* Cacheable mappings */ 1937 if ((pv->pv_flags & PVF_NC) == 0) { 1938 cacheable_entries++; 1939 if (kpmap == pv->pv_pmap) 1940 kern_cacheable++; 1941 } 1942 1943 /* Writable mappings */ 1944 if (pv->pv_flags & PVF_WRITE) 1945 ++writable; 1946 } else 1947 if (pv->pv_flags & PVF_WRITE) 1948 other_writable = 1; 1949 } 1950 1951 /* 1952 * Enable or disable caching as necessary. 1953 * Note: the first entry might be part of the kernel pmap, 1954 * so we can't assume this is indicative of the state of the 1955 * other (maybe non-kpmap) entries. 1956 */ 1957 if ((entries > 1 && writable) || 1958 (entries > 0 && pm == kpmap && other_writable)) { 1959 if (cacheable_entries == 0) { 1960 return; 1961 } 1962 1963 for (pv = npv; pv; pv = SLIST_NEXT(pv, pv_link)) { 1964 if ((pm != pv->pv_pmap && kpmap != pv->pv_pmap) || 1965 (pv->pv_flags & PVF_NC)) 1966 continue; 1967 1968 pv->pv_flags |= PVF_NC; 1969 1970 struct l2_bucket * const l2b 1971 = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 1972 KASSERTMSG(l2b != NULL, "%#lx", va); 1973 pt_entry_t * const ptep 1974 = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 1975 const pt_entry_t opte = *ptep; 1976 pt_entry_t npte = opte & ~L2_S_CACHE_MASK; 1977 1978 if ((va != pv->pv_va || pm != pv->pv_pmap) 1979 && l2pte_valid_p(npte)) { 1980 #ifdef PMAP_CACHE_VIVT 1981 pmap_cache_wbinv_page(pv->pv_pmap, pv->pv_va, 1982 true, pv->pv_flags); 1983 #endif 1984 pmap_tlb_flush_SE(pv->pv_pmap, pv->pv_va, 1985 pv->pv_flags); 1986 } 1987 1988 l2pte_set(ptep, npte, opte); 1989 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 1990 } 1991 cpu_cpwait(); 1992 } else 1993 if (entries > cacheable_entries) { 1994 /* 1995 * Turn cacheing back on for some pages. If it is a kernel 1996 * page, only do so if there are no other writable pages. 1997 */ 1998 for (pv = npv; pv; pv = SLIST_NEXT(pv, pv_link)) { 1999 if (!(pv->pv_flags & PVF_NC) || (pm != pv->pv_pmap && 2000 (kpmap != pv->pv_pmap || other_writable))) 2001 continue; 2002 2003 pv->pv_flags &= ~PVF_NC; 2004 2005 struct l2_bucket * const l2b 2006 = pmap_get_l2_bucket(pv->pv_pmap, pv->pv_va); 2007 KASSERTMSG(l2b != NULL, "%#lx", va); 2008 pt_entry_t * const ptep 2009 = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 2010 const pt_entry_t opte = *ptep; 2011 pt_entry_t npte = (opte & ~L2_S_CACHE_MASK) 2012 | pte_l2_s_cache_mode; 2013 2014 if (l2pte_valid_p(opte)) { 2015 pmap_tlb_flush_SE(pv->pv_pmap, pv->pv_va, 2016 pv->pv_flags); 2017 } 2018 2019 l2pte_set(ptep, npte, opte); 2020 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 2021 } 2022 } 2023 } 2024 #endif 2025 2026 #ifdef PMAP_CACHE_VIPT 2027 static void 2028 pmap_vac_me_harder(struct vm_page_md *md, paddr_t pa, pmap_t pm, vaddr_t va) 2029 { 2030 #ifndef ARM_MMU_EXTENDED 2031 struct pv_entry *pv; 2032 vaddr_t tst_mask; 2033 bool bad_alias; 2034 const u_int 2035 rw_mappings = md->urw_mappings + md->krw_mappings, 2036 ro_mappings = md->uro_mappings + md->kro_mappings; 2037 2038 /* do we need to do anything? */ 2039 if (arm_cache_prefer_mask == 0) 2040 return; 2041 2042 NPDEBUG(PDB_VAC, printf("pmap_vac_me_harder: md=%p, pmap=%p va=%08lx\n", 2043 md, pm, va)); 2044 2045 KASSERT(!va || pm); 2046 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2047 2048 /* Already a conflict? */ 2049 if (__predict_false(md->pvh_attrs & PVF_NC)) { 2050 /* just an add, things are already non-cached */ 2051 KASSERT(!(md->pvh_attrs & PVF_DIRTY)); 2052 KASSERT(!(md->pvh_attrs & PVF_MULTCLR)); 2053 bad_alias = false; 2054 if (va) { 2055 PMAPCOUNT(vac_color_none); 2056 bad_alias = true; 2057 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2058 goto fixup; 2059 } 2060 pv = SLIST_FIRST(&md->pvh_list); 2061 /* the list can't be empty because it would be cachable */ 2062 if (md->pvh_attrs & PVF_KMPAGE) { 2063 tst_mask = md->pvh_attrs; 2064 } else { 2065 KASSERT(pv); 2066 tst_mask = pv->pv_va; 2067 pv = SLIST_NEXT(pv, pv_link); 2068 } 2069 /* 2070 * Only check for a bad alias if we have writable mappings. 2071 */ 2072 tst_mask &= arm_cache_prefer_mask; 2073 if (rw_mappings > 0) { 2074 for (; pv && !bad_alias; pv = SLIST_NEXT(pv, pv_link)) { 2075 /* if there's a bad alias, stop checking. */ 2076 if (tst_mask != (pv->pv_va & arm_cache_prefer_mask)) 2077 bad_alias = true; 2078 } 2079 md->pvh_attrs |= PVF_WRITE; 2080 if (!bad_alias) 2081 md->pvh_attrs |= PVF_DIRTY; 2082 } else { 2083 /* 2084 * We have only read-only mappings. Let's see if there 2085 * are multiple colors in use or if we mapped a KMPAGE. 2086 * If the latter, we have a bad alias. If the former, 2087 * we need to remember that. 2088 */ 2089 for (; pv; pv = SLIST_NEXT(pv, pv_link)) { 2090 if (tst_mask != (pv->pv_va & arm_cache_prefer_mask)) { 2091 if (md->pvh_attrs & PVF_KMPAGE) 2092 bad_alias = true; 2093 break; 2094 } 2095 } 2096 md->pvh_attrs &= ~PVF_WRITE; 2097 /* 2098 * No KMPAGE and we exited early, so we must have 2099 * multiple color mappings. 2100 */ 2101 if (!bad_alias && pv != NULL) 2102 md->pvh_attrs |= PVF_MULTCLR; 2103 } 2104 2105 /* If no conflicting colors, set everything back to cached */ 2106 if (!bad_alias) { 2107 #ifdef DEBUG 2108 if ((md->pvh_attrs & PVF_WRITE) 2109 || ro_mappings < 2) { 2110 SLIST_FOREACH(pv, &md->pvh_list, pv_link) 2111 KDASSERT(((tst_mask ^ pv->pv_va) & arm_cache_prefer_mask) == 0); 2112 } 2113 #endif 2114 md->pvh_attrs &= (PAGE_SIZE - 1) & ~PVF_NC; 2115 md->pvh_attrs |= tst_mask | PVF_COLORED; 2116 /* 2117 * Restore DIRTY bit if page is modified 2118 */ 2119 if (md->pvh_attrs & PVF_DMOD) 2120 md->pvh_attrs |= PVF_DIRTY; 2121 PMAPCOUNT(vac_color_restore); 2122 } else { 2123 KASSERT(SLIST_FIRST(&md->pvh_list) != NULL); 2124 KASSERT(SLIST_NEXT(SLIST_FIRST(&md->pvh_list), pv_link) != NULL); 2125 } 2126 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2127 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2128 } else if (!va) { 2129 KASSERT(pmap_is_page_colored_p(md)); 2130 KASSERT(!(md->pvh_attrs & PVF_WRITE) 2131 || (md->pvh_attrs & PVF_DIRTY)); 2132 if (rw_mappings == 0) { 2133 md->pvh_attrs &= ~PVF_WRITE; 2134 if (ro_mappings == 1 2135 && (md->pvh_attrs & PVF_MULTCLR)) { 2136 /* 2137 * If this is the last readonly mapping 2138 * but it doesn't match the current color 2139 * for the page, change the current color 2140 * to match this last readonly mapping. 2141 */ 2142 pv = SLIST_FIRST(&md->pvh_list); 2143 tst_mask = (md->pvh_attrs ^ pv->pv_va) 2144 & arm_cache_prefer_mask; 2145 if (tst_mask) { 2146 md->pvh_attrs ^= tst_mask; 2147 PMAPCOUNT(vac_color_change); 2148 } 2149 } 2150 } 2151 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2152 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2153 return; 2154 } else if (!pmap_is_page_colored_p(md)) { 2155 /* not colored so we just use its color */ 2156 KASSERT(md->pvh_attrs & (PVF_WRITE|PVF_DIRTY)); 2157 KASSERT(!(md->pvh_attrs & PVF_MULTCLR)); 2158 PMAPCOUNT(vac_color_new); 2159 md->pvh_attrs &= PAGE_SIZE - 1; 2160 md->pvh_attrs |= PVF_COLORED 2161 | (va & arm_cache_prefer_mask) 2162 | (rw_mappings > 0 ? PVF_WRITE : 0); 2163 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2164 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2165 return; 2166 } else if (((md->pvh_attrs ^ va) & arm_cache_prefer_mask) == 0) { 2167 bad_alias = false; 2168 if (rw_mappings > 0) { 2169 /* 2170 * We now have writeable mappings and if we have 2171 * readonly mappings in more than once color, we have 2172 * an aliasing problem. Regardless mark the page as 2173 * writeable. 2174 */ 2175 if (md->pvh_attrs & PVF_MULTCLR) { 2176 if (ro_mappings < 2) { 2177 /* 2178 * If we only have less than two 2179 * read-only mappings, just flush the 2180 * non-primary colors from the cache. 2181 */ 2182 pmap_flush_page(md, pa, 2183 PMAP_FLUSH_SECONDARY); 2184 } else { 2185 bad_alias = true; 2186 } 2187 } 2188 md->pvh_attrs |= PVF_WRITE; 2189 } 2190 /* If no conflicting colors, set everything back to cached */ 2191 if (!bad_alias) { 2192 #ifdef DEBUG 2193 if (rw_mappings > 0 2194 || (md->pvh_attrs & PMAP_KMPAGE)) { 2195 tst_mask = md->pvh_attrs & arm_cache_prefer_mask; 2196 SLIST_FOREACH(pv, &md->pvh_list, pv_link) 2197 KDASSERT(((tst_mask ^ pv->pv_va) & arm_cache_prefer_mask) == 0); 2198 } 2199 #endif 2200 if (SLIST_EMPTY(&md->pvh_list)) 2201 PMAPCOUNT(vac_color_reuse); 2202 else 2203 PMAPCOUNT(vac_color_ok); 2204 2205 /* matching color, just return */ 2206 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2207 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2208 return; 2209 } 2210 KASSERT(SLIST_FIRST(&md->pvh_list) != NULL); 2211 KASSERT(SLIST_NEXT(SLIST_FIRST(&md->pvh_list), pv_link) != NULL); 2212 2213 /* color conflict. evict from cache. */ 2214 2215 pmap_flush_page(md, pa, PMAP_FLUSH_PRIMARY); 2216 md->pvh_attrs &= ~PVF_COLORED; 2217 md->pvh_attrs |= PVF_NC; 2218 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2219 KASSERT(!(md->pvh_attrs & PVF_MULTCLR)); 2220 PMAPCOUNT(vac_color_erase); 2221 } else if (rw_mappings == 0 2222 && (md->pvh_attrs & PVF_KMPAGE) == 0) { 2223 KASSERT((md->pvh_attrs & PVF_WRITE) == 0); 2224 2225 /* 2226 * If the page has dirty cache lines, clean it. 2227 */ 2228 if (md->pvh_attrs & PVF_DIRTY) 2229 pmap_flush_page(md, pa, PMAP_CLEAN_PRIMARY); 2230 2231 /* 2232 * If this is the first remapping (we know that there are no 2233 * writeable mappings), then this is a simple color change. 2234 * Otherwise this is a seconary r/o mapping, which means 2235 * we don't have to do anything. 2236 */ 2237 if (ro_mappings == 1) { 2238 KASSERT(((md->pvh_attrs ^ va) & arm_cache_prefer_mask) != 0); 2239 md->pvh_attrs &= PAGE_SIZE - 1; 2240 md->pvh_attrs |= (va & arm_cache_prefer_mask); 2241 PMAPCOUNT(vac_color_change); 2242 } else { 2243 PMAPCOUNT(vac_color_blind); 2244 } 2245 md->pvh_attrs |= PVF_MULTCLR; 2246 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2247 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2248 return; 2249 } else { 2250 if (rw_mappings > 0) 2251 md->pvh_attrs |= PVF_WRITE; 2252 2253 /* color conflict. evict from cache. */ 2254 pmap_flush_page(md, pa, PMAP_FLUSH_PRIMARY); 2255 2256 /* the list can't be empty because this was a enter/modify */ 2257 pv = SLIST_FIRST(&md->pvh_list); 2258 if ((md->pvh_attrs & PVF_KMPAGE) == 0) { 2259 KASSERT(pv); 2260 /* 2261 * If there's only one mapped page, change color to the 2262 * page's new color and return. Restore the DIRTY bit 2263 * that was erased by pmap_flush_page. 2264 */ 2265 if (SLIST_NEXT(pv, pv_link) == NULL) { 2266 md->pvh_attrs &= PAGE_SIZE - 1; 2267 md->pvh_attrs |= (va & arm_cache_prefer_mask); 2268 if (md->pvh_attrs & PVF_DMOD) 2269 md->pvh_attrs |= PVF_DIRTY; 2270 PMAPCOUNT(vac_color_change); 2271 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2272 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2273 KASSERT(!(md->pvh_attrs & PVF_MULTCLR)); 2274 return; 2275 } 2276 } 2277 bad_alias = true; 2278 md->pvh_attrs &= ~PVF_COLORED; 2279 md->pvh_attrs |= PVF_NC; 2280 PMAPCOUNT(vac_color_erase); 2281 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 2282 } 2283 2284 fixup: 2285 KASSERT((rw_mappings == 0) == !(md->pvh_attrs & PVF_WRITE)); 2286 2287 /* 2288 * Turn cacheing on/off for all pages. 2289 */ 2290 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 2291 struct l2_bucket * const l2b = pmap_get_l2_bucket(pv->pv_pmap, 2292 pv->pv_va); 2293 KASSERTMSG(l2b != NULL, "%#lx", va); 2294 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 2295 const pt_entry_t opte = *ptep; 2296 pt_entry_t npte = opte & ~L2_S_CACHE_MASK; 2297 if (bad_alias) { 2298 pv->pv_flags |= PVF_NC; 2299 } else { 2300 pv->pv_flags &= ~PVF_NC; 2301 npte |= pte_l2_s_cache_mode; 2302 } 2303 2304 if (opte == npte) /* only update is there's a change */ 2305 continue; 2306 2307 if (l2pte_valid_p(npte)) { 2308 pmap_tlb_flush_SE(pv->pv_pmap, pv->pv_va, pv->pv_flags); 2309 } 2310 2311 l2pte_set(ptep, npte, opte); 2312 PTE_SYNC_CURRENT(pv->pv_pmap, ptep); 2313 } 2314 #endif /* !ARM_MMU_EXTENDED */ 2315 } 2316 #endif /* PMAP_CACHE_VIPT */ 2317 2318 2319 /* 2320 * Modify pte bits for all ptes corresponding to the given physical address. 2321 * We use `maskbits' rather than `clearbits' because we're always passing 2322 * constants and the latter would require an extra inversion at run-time. 2323 */ 2324 static void 2325 pmap_clearbit(struct vm_page_md *md, paddr_t pa, u_int maskbits) 2326 { 2327 struct pv_entry *pv; 2328 #ifdef PMAP_CACHE_VIPT 2329 const bool want_syncicache = PV_IS_EXEC_P(md->pvh_attrs); 2330 #ifdef ARM_MMU_EXTENDED 2331 const u_int execbits = (maskbits & PVF_EXEC) ? L2_XS_XN : 0; 2332 #else 2333 const u_int execbits = 0; 2334 bool need_vac_me_harder = false; 2335 bool need_syncicache = false; 2336 #endif 2337 #else 2338 const u_int execbits = 0; 2339 #endif 2340 2341 NPDEBUG(PDB_BITS, 2342 printf("pmap_clearbit: md %p mask 0x%x\n", 2343 md, maskbits)); 2344 2345 #ifdef PMAP_CACHE_VIPT 2346 /* 2347 * If we might want to sync the I-cache and we've modified it, 2348 * then we know we definitely need to sync or discard it. 2349 */ 2350 if (want_syncicache) { 2351 #ifdef ARM_MMU_EXTENDED 2352 if (md->pvh_attrs & PVF_MOD) 2353 md->pvh_attrs &= ~PVF_EXEC; 2354 #else 2355 need_syncicache = md->pvh_attrs & PVF_MOD; 2356 #endif 2357 } 2358 #endif 2359 KASSERT(pmap_page_locked_p(md)); 2360 2361 /* 2362 * Clear saved attributes (modify, reference) 2363 */ 2364 md->pvh_attrs &= ~(maskbits & (PVF_MOD | PVF_REF)); 2365 2366 if (SLIST_EMPTY(&md->pvh_list)) { 2367 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 2368 if (need_syncicache) { 2369 /* 2370 * No one has it mapped, so just discard it. The next 2371 * exec remapping will cause it to be synced. 2372 */ 2373 md->pvh_attrs &= ~PVF_EXEC; 2374 PMAPCOUNT(exec_discarded_clearbit); 2375 } 2376 #endif 2377 return; 2378 } 2379 2380 /* 2381 * Loop over all current mappings setting/clearing as appropos 2382 */ 2383 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 2384 pmap_t pm = pv->pv_pmap; 2385 const vaddr_t va = pv->pv_va; 2386 const u_int oflags = pv->pv_flags; 2387 #ifndef ARM_MMU_EXTENDED 2388 /* 2389 * Kernel entries are unmanaged and as such not to be changed. 2390 */ 2391 if (PV_IS_KENTRY_P(oflags)) 2392 continue; 2393 #endif 2394 pv->pv_flags &= ~maskbits; 2395 2396 pmap_release_page_lock(md); 2397 pmap_acquire_pmap_lock(pm); 2398 2399 struct l2_bucket * const l2b = pmap_get_l2_bucket(pm, va); 2400 if (l2b == NULL) { 2401 pmap_release_pmap_lock(pm); 2402 pmap_acquire_page_lock(md); 2403 continue; 2404 } 2405 KASSERTMSG(l2b != NULL, "%#lx", va); 2406 2407 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 2408 const pt_entry_t opte = *ptep; 2409 pt_entry_t npte = opte | execbits; 2410 2411 #ifdef ARM_MMU_EXTENDED 2412 KASSERT((opte & L2_XS_nG) == (pm == pmap_kernel() ? 0 : L2_XS_nG)); 2413 #endif 2414 2415 NPDEBUG(PDB_BITS, 2416 printf( "%s: pv %p, pm %p, va 0x%08lx, flag 0x%x\n", 2417 __func__, pv, pm, va, oflags)); 2418 2419 if (maskbits & (PVF_WRITE|PVF_MOD)) { 2420 #ifdef PMAP_CACHE_VIVT 2421 if ((oflags & PVF_NC)) { 2422 /* 2423 * Entry is not cacheable: 2424 * 2425 * Don't turn caching on again if this is a 2426 * modified emulation. This would be 2427 * inconsitent with the settings created by 2428 * pmap_vac_me_harder(). Otherwise, it's safe 2429 * to re-enable cacheing. 2430 * 2431 * There's no need to call pmap_vac_me_harder() 2432 * here: all pages are losing their write 2433 * permission. 2434 */ 2435 if (maskbits & PVF_WRITE) { 2436 npte |= pte_l2_s_cache_mode; 2437 pv->pv_flags &= ~PVF_NC; 2438 } 2439 } else 2440 if (l2pte_writable_p(opte)) { 2441 /* 2442 * Entry is writable/cacheable: check if pmap 2443 * is current if it is flush it, otherwise it 2444 * won't be in the cache 2445 */ 2446 pmap_cache_wbinv_page(pm, va, 2447 (maskbits & PVF_REF) != 0, 2448 oflags|PVF_WRITE); 2449 } 2450 #endif 2451 2452 /* make the pte read only */ 2453 npte = l2pte_set_readonly(npte); 2454 2455 pmap_acquire_page_lock(md); 2456 #ifdef MULTIPROCESSOR 2457 pv = pmap_find_pv(md, pm, va); 2458 #endif 2459 if (pv != NULL && (maskbits & oflags & PVF_WRITE)) { 2460 /* 2461 * Keep alias accounting up to date 2462 */ 2463 if (pm == pmap_kernel()) { 2464 md->krw_mappings--; 2465 md->kro_mappings++; 2466 } else { 2467 md->urw_mappings--; 2468 md->uro_mappings++; 2469 } 2470 #ifdef PMAP_CACHE_VIPT 2471 if (arm_cache_prefer_mask != 0) { 2472 if (md->urw_mappings + md->krw_mappings == 0) { 2473 md->pvh_attrs &= ~PVF_WRITE; 2474 } else { 2475 PMAP_VALIDATE_MD_PAGE(md); 2476 } 2477 } 2478 #ifndef ARM_MMU_EXTENDED 2479 if (want_syncicache) 2480 need_syncicache = true; 2481 need_vac_me_harder = true; 2482 #endif 2483 #endif /* PMAP_CACHE_VIPT */ 2484 } 2485 pmap_release_page_lock(md); 2486 } 2487 2488 if (maskbits & PVF_REF) { 2489 if (true 2490 #ifndef ARM_MMU_EXTENDED 2491 && (oflags & PVF_NC) == 0 2492 #endif 2493 && (maskbits & (PVF_WRITE|PVF_MOD)) == 0 2494 && l2pte_valid_p(npte)) { 2495 #ifdef PMAP_CACHE_VIVT 2496 /* 2497 * Check npte here; we may have already 2498 * done the wbinv above, and the validity 2499 * of the PTE is the same for opte and 2500 * npte. 2501 */ 2502 pmap_cache_wbinv_page(pm, va, true, oflags); 2503 #endif 2504 } 2505 2506 /* 2507 * Make the PTE invalid so that we will take a 2508 * page fault the next time the mapping is 2509 * referenced. 2510 */ 2511 npte &= ~L2_TYPE_MASK; 2512 npte |= L2_TYPE_INV; 2513 } 2514 2515 if (npte != opte) { 2516 l2pte_reset(ptep); 2517 PTE_SYNC(ptep); 2518 2519 /* Flush the TLB entry if a current pmap. */ 2520 pmap_tlb_flush_SE(pm, va, oflags); 2521 2522 l2pte_set(ptep, npte, 0); 2523 PTE_SYNC(ptep); 2524 } 2525 2526 pmap_release_pmap_lock(pm); 2527 pmap_acquire_page_lock(md); 2528 2529 NPDEBUG(PDB_BITS, 2530 printf("pmap_clearbit: pm %p va 0x%lx opte 0x%08x npte 0x%08x\n", 2531 pm, va, opte, npte)); 2532 } 2533 2534 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 2535 /* 2536 * If we need to sync the I-cache and we haven't done it yet, do it. 2537 */ 2538 if (need_syncicache) { 2539 pmap_release_page_lock(md); 2540 pmap_syncicache_page(md, pa); 2541 pmap_acquire_page_lock(md); 2542 PMAPCOUNT(exec_synced_clearbit); 2543 } 2544 2545 /* 2546 * If we are changing this to read-only, we need to call vac_me_harder 2547 * so we can change all the read-only pages to cacheable. We pretend 2548 * this as a page deletion. 2549 */ 2550 if (need_vac_me_harder) { 2551 if (md->pvh_attrs & PVF_NC) 2552 pmap_vac_me_harder(md, pa, NULL, 0); 2553 } 2554 #endif /* PMAP_CACHE_VIPT && !ARM_MMU_EXTENDED */ 2555 } 2556 2557 /* 2558 * pmap_clean_page() 2559 * 2560 * This is a local function used to work out the best strategy to clean 2561 * a single page referenced by its entry in the PV table. It's used by 2562 * pmap_copy_page, pmap_zero_page and maybe some others later on. 2563 * 2564 * Its policy is effectively: 2565 * o If there are no mappings, we don't bother doing anything with the cache. 2566 * o If there is one mapping, we clean just that page. 2567 * o If there are multiple mappings, we clean the entire cache. 2568 * 2569 * So that some functions can be further optimised, it returns 0 if it didn't 2570 * clean the entire cache, or 1 if it did. 2571 * 2572 * XXX One bug in this routine is that if the pv_entry has a single page 2573 * mapped at 0x00000000 a whole cache clean will be performed rather than 2574 * just the 1 page. Since this should not occur in everyday use and if it does 2575 * it will just result in not the most efficient clean for the page. 2576 */ 2577 #ifdef PMAP_CACHE_VIVT 2578 static bool 2579 pmap_clean_page(struct vm_page_md *md, bool is_src) 2580 { 2581 struct pv_entry *pv; 2582 pmap_t pm_to_clean = NULL; 2583 bool cache_needs_cleaning = false; 2584 vaddr_t page_to_clean = 0; 2585 u_int flags = 0; 2586 2587 /* 2588 * Since we flush the cache each time we change to a different 2589 * user vmspace, we only need to flush the page if it is in the 2590 * current pmap. 2591 */ 2592 KASSERT(pmap_page_locked_p(md)); 2593 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 2594 if (pmap_is_current(pv->pv_pmap)) { 2595 flags |= pv->pv_flags; 2596 /* 2597 * The page is mapped non-cacheable in 2598 * this map. No need to flush the cache. 2599 */ 2600 if (pv->pv_flags & PVF_NC) { 2601 #ifdef DIAGNOSTIC 2602 KASSERT(!cache_needs_cleaning); 2603 #endif 2604 break; 2605 } else if (is_src && (pv->pv_flags & PVF_WRITE) == 0) 2606 continue; 2607 if (cache_needs_cleaning) { 2608 page_to_clean = 0; 2609 break; 2610 } else { 2611 page_to_clean = pv->pv_va; 2612 pm_to_clean = pv->pv_pmap; 2613 } 2614 cache_needs_cleaning = true; 2615 } 2616 } 2617 2618 if (page_to_clean) { 2619 pmap_cache_wbinv_page(pm_to_clean, page_to_clean, 2620 !is_src, flags | PVF_REF); 2621 } else if (cache_needs_cleaning) { 2622 pmap_t const pm = curproc->p_vmspace->vm_map.pmap; 2623 2624 pmap_cache_wbinv_all(pm, flags); 2625 return true; 2626 } 2627 return false; 2628 } 2629 #endif 2630 2631 #ifdef PMAP_CACHE_VIPT 2632 /* 2633 * Sync a page with the I-cache. Since this is a VIPT, we must pick the 2634 * right cache alias to make sure we flush the right stuff. 2635 */ 2636 void 2637 pmap_syncicache_page(struct vm_page_md *md, paddr_t pa) 2638 { 2639 pmap_t kpm = pmap_kernel(); 2640 const size_t way_size = arm_pcache.icache_type == CACHE_TYPE_PIPT 2641 ? PAGE_SIZE 2642 : arm_pcache.icache_way_size; 2643 2644 NPDEBUG(PDB_EXEC, printf("pmap_syncicache_page: md=%p (attrs=%#x)\n", 2645 md, md->pvh_attrs)); 2646 /* 2647 * No need to clean the page if it's non-cached. 2648 */ 2649 #ifndef ARM_MMU_EXTENDED 2650 if (md->pvh_attrs & PVF_NC) 2651 return; 2652 KASSERT(arm_cache_prefer_mask == 0 || md->pvh_attrs & PVF_COLORED); 2653 #endif 2654 2655 pt_entry_t * const ptep = cpu_cdst_pte(0); 2656 const vaddr_t dstp = cpu_cdstp(0); 2657 #ifdef __HAVE_MM_MD_DIRECT_MAPPED_PHYS 2658 if (way_size <= PAGE_SIZE) { 2659 bool ok = false; 2660 vaddr_t vdstp = pmap_direct_mapped_phys(pa, &ok, dstp); 2661 if (ok) { 2662 cpu_icache_sync_range(vdstp, way_size); 2663 return; 2664 } 2665 } 2666 #endif 2667 2668 /* 2669 * We don't worry about the color of the exec page, we map the 2670 * same page to pages in the way and then do the icache_sync on 2671 * the entire way making sure we are cleaned. 2672 */ 2673 const pt_entry_t npte = L2_S_PROTO | pa | pte_l2_s_cache_mode 2674 | L2_S_PROT(PTE_KERNEL, VM_PROT_READ|VM_PROT_WRITE); 2675 2676 for (size_t i = 0, j = 0; i < way_size; 2677 i += PAGE_SIZE, j += PAGE_SIZE / L2_S_SIZE) { 2678 l2pte_reset(ptep + j); 2679 PTE_SYNC(ptep + j); 2680 2681 pmap_tlb_flush_SE(kpm, dstp + i, PVF_REF | PVF_EXEC); 2682 /* 2683 * Set up a PTE with to flush these cache lines. 2684 */ 2685 l2pte_set(ptep + j, npte, 0); 2686 } 2687 PTE_SYNC_RANGE(ptep, way_size / L2_S_SIZE); 2688 2689 /* 2690 * Flush it. 2691 */ 2692 cpu_icache_sync_range(dstp, way_size); 2693 2694 for (size_t i = 0, j = 0; i < way_size; 2695 i += PAGE_SIZE, j += PAGE_SIZE / L2_S_SIZE) { 2696 /* 2697 * Unmap the page(s). 2698 */ 2699 l2pte_reset(ptep + j); 2700 pmap_tlb_flush_SE(kpm, dstp + i, PVF_REF | PVF_EXEC); 2701 } 2702 PTE_SYNC_RANGE(ptep, way_size / L2_S_SIZE); 2703 2704 md->pvh_attrs |= PVF_EXEC; 2705 PMAPCOUNT(exec_synced); 2706 } 2707 2708 #ifndef ARM_MMU_EXTENDED 2709 void 2710 pmap_flush_page(struct vm_page_md *md, paddr_t pa, enum pmap_flush_op flush) 2711 { 2712 vsize_t va_offset, end_va; 2713 bool wbinv_p; 2714 2715 if (arm_cache_prefer_mask == 0) 2716 return; 2717 2718 switch (flush) { 2719 case PMAP_FLUSH_PRIMARY: 2720 if (md->pvh_attrs & PVF_MULTCLR) { 2721 va_offset = 0; 2722 end_va = arm_cache_prefer_mask; 2723 md->pvh_attrs &= ~PVF_MULTCLR; 2724 PMAPCOUNT(vac_flush_lots); 2725 } else { 2726 va_offset = md->pvh_attrs & arm_cache_prefer_mask; 2727 end_va = va_offset; 2728 PMAPCOUNT(vac_flush_one); 2729 } 2730 /* 2731 * Mark that the page is no longer dirty. 2732 */ 2733 md->pvh_attrs &= ~PVF_DIRTY; 2734 wbinv_p = true; 2735 break; 2736 case PMAP_FLUSH_SECONDARY: 2737 va_offset = 0; 2738 end_va = arm_cache_prefer_mask; 2739 wbinv_p = true; 2740 md->pvh_attrs &= ~PVF_MULTCLR; 2741 PMAPCOUNT(vac_flush_lots); 2742 break; 2743 case PMAP_CLEAN_PRIMARY: 2744 va_offset = md->pvh_attrs & arm_cache_prefer_mask; 2745 end_va = va_offset; 2746 wbinv_p = false; 2747 /* 2748 * Mark that the page is no longer dirty. 2749 */ 2750 if ((md->pvh_attrs & PVF_DMOD) == 0) 2751 md->pvh_attrs &= ~PVF_DIRTY; 2752 PMAPCOUNT(vac_clean_one); 2753 break; 2754 default: 2755 return; 2756 } 2757 2758 KASSERT(!(md->pvh_attrs & PVF_NC)); 2759 2760 NPDEBUG(PDB_VAC, printf("pmap_flush_page: md=%p (attrs=%#x)\n", 2761 md, md->pvh_attrs)); 2762 2763 const size_t scache_line_size = arm_scache.dcache_line_size; 2764 2765 for (; va_offset <= end_va; va_offset += PAGE_SIZE) { 2766 pt_entry_t * const ptep = cpu_cdst_pte(va_offset); 2767 const vaddr_t dstp = cpu_cdstp(va_offset); 2768 const pt_entry_t opte = *ptep; 2769 2770 if (flush == PMAP_FLUSH_SECONDARY 2771 && va_offset == (md->pvh_attrs & arm_cache_prefer_mask)) 2772 continue; 2773 2774 pmap_tlb_flush_SE(pmap_kernel(), dstp, PVF_REF | PVF_EXEC); 2775 /* 2776 * Set up a PTE with the right coloring to flush 2777 * existing cache entries. 2778 */ 2779 const pt_entry_t npte = L2_S_PROTO 2780 | pa 2781 | L2_S_PROT(PTE_KERNEL, VM_PROT_READ|VM_PROT_WRITE) 2782 | pte_l2_s_cache_mode; 2783 l2pte_set(ptep, npte, opte); 2784 PTE_SYNC(ptep); 2785 2786 /* 2787 * Flush it. Make sure to flush secondary cache too since 2788 * bus_dma will ignore uncached pages. 2789 */ 2790 if (scache_line_size != 0) { 2791 cpu_dcache_wb_range(dstp, PAGE_SIZE); 2792 if (wbinv_p) { 2793 cpu_sdcache_wbinv_range(dstp, pa, PAGE_SIZE); 2794 cpu_dcache_inv_range(dstp, PAGE_SIZE); 2795 } else { 2796 cpu_sdcache_wb_range(dstp, pa, PAGE_SIZE); 2797 } 2798 } else { 2799 if (wbinv_p) { 2800 cpu_dcache_wbinv_range(dstp, PAGE_SIZE); 2801 } else { 2802 cpu_dcache_wb_range(dstp, PAGE_SIZE); 2803 } 2804 } 2805 2806 /* 2807 * Restore the page table entry since we might have interrupted 2808 * pmap_zero_page or pmap_copy_page which was already using 2809 * this pte. 2810 */ 2811 if (opte) { 2812 l2pte_set(ptep, opte, npte); 2813 } else { 2814 l2pte_reset(ptep); 2815 } 2816 PTE_SYNC(ptep); 2817 pmap_tlb_flush_SE(pmap_kernel(), dstp, PVF_REF | PVF_EXEC); 2818 } 2819 } 2820 #endif /* ARM_MMU_EXTENDED */ 2821 #endif /* PMAP_CACHE_VIPT */ 2822 2823 /* 2824 * Routine: pmap_page_remove 2825 * Function: 2826 * Removes this physical page from 2827 * all physical maps in which it resides. 2828 * Reflects back modify bits to the pager. 2829 */ 2830 static void 2831 pmap_page_remove(struct vm_page_md *md, paddr_t pa) 2832 { 2833 struct l2_bucket *l2b; 2834 struct pv_entry *pv; 2835 pt_entry_t *ptep; 2836 #ifndef ARM_MMU_EXTENDED 2837 bool flush = false; 2838 #endif 2839 u_int flags = 0; 2840 2841 NPDEBUG(PDB_FOLLOW, 2842 printf("pmap_page_remove: md %p (0x%08lx)\n", md, 2843 pa)); 2844 2845 struct pv_entry **pvp = &SLIST_FIRST(&md->pvh_list); 2846 pmap_acquire_page_lock(md); 2847 if (*pvp == NULL) { 2848 #ifdef PMAP_CACHE_VIPT 2849 /* 2850 * We *know* the page contents are about to be replaced. 2851 * Discard the exec contents 2852 */ 2853 if (PV_IS_EXEC_P(md->pvh_attrs)) 2854 PMAPCOUNT(exec_discarded_page_protect); 2855 md->pvh_attrs &= ~PVF_EXEC; 2856 PMAP_VALIDATE_MD_PAGE(md); 2857 #endif 2858 pmap_release_page_lock(md); 2859 return; 2860 } 2861 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 2862 KASSERT(arm_cache_prefer_mask == 0 || pmap_is_page_colored_p(md)); 2863 #endif 2864 2865 /* 2866 * Clear alias counts 2867 */ 2868 #ifdef PMAP_CACHE_VIVT 2869 md->k_mappings = 0; 2870 #endif 2871 md->urw_mappings = md->uro_mappings = 0; 2872 2873 #ifdef PMAP_CACHE_VIVT 2874 pmap_clean_page(md, false); 2875 #endif 2876 2877 while ((pv = *pvp) != NULL) { 2878 pmap_t pm = pv->pv_pmap; 2879 #ifndef ARM_MMU_EXTENDED 2880 if (flush == false && pmap_is_current(pm)) 2881 flush = true; 2882 #endif 2883 2884 if (pm == pmap_kernel()) { 2885 #ifdef PMAP_CACHE_VIPT 2886 /* 2887 * If this was unmanaged mapping, it must be preserved. 2888 * Move it back on the list and advance the end-of-list 2889 * pointer. 2890 */ 2891 if (PV_IS_KENTRY_P(pv->pv_flags)) { 2892 *pvp = pv; 2893 pvp = &SLIST_NEXT(pv, pv_link); 2894 continue; 2895 } 2896 if (pv->pv_flags & PVF_WRITE) 2897 md->krw_mappings--; 2898 else 2899 md->kro_mappings--; 2900 #endif 2901 PMAPCOUNT(kernel_unmappings); 2902 } 2903 *pvp = SLIST_NEXT(pv, pv_link); /* remove from list */ 2904 PMAPCOUNT(unmappings); 2905 2906 pmap_release_page_lock(md); 2907 pmap_acquire_pmap_lock(pm); 2908 2909 l2b = pmap_get_l2_bucket(pm, pv->pv_va); 2910 KASSERTMSG(l2b != NULL, "%#lx", pv->pv_va); 2911 2912 ptep = &l2b->l2b_kva[l2pte_index(pv->pv_va)]; 2913 2914 /* 2915 * Update statistics 2916 */ 2917 --pm->pm_stats.resident_count; 2918 2919 /* Wired bit */ 2920 if (pv->pv_flags & PVF_WIRED) 2921 --pm->pm_stats.wired_count; 2922 2923 flags |= pv->pv_flags; 2924 2925 /* 2926 * Invalidate the PTEs. 2927 */ 2928 l2pte_reset(ptep); 2929 PTE_SYNC_CURRENT(pm, ptep); 2930 2931 #ifdef ARM_MMU_EXTENDED 2932 pmap_tlb_invalidate_addr(pm, pv->pv_va); 2933 #endif 2934 2935 pmap_free_l2_bucket(pm, l2b, PAGE_SIZE / L2_S_SIZE); 2936 2937 pmap_release_pmap_lock(pm); 2938 2939 pool_put(&pmap_pv_pool, pv); 2940 pmap_acquire_page_lock(md); 2941 #ifdef MULTIPROCESSOR 2942 /* 2943 * Restart of the beginning of the list. 2944 */ 2945 pvp = &SLIST_FIRST(&md->pvh_list); 2946 #endif 2947 } 2948 /* 2949 * if we reach the end of the list and there are still mappings, they 2950 * might be able to be cached now. And they must be kernel mappings. 2951 */ 2952 if (!SLIST_EMPTY(&md->pvh_list)) { 2953 pmap_vac_me_harder(md, pa, pmap_kernel(), 0); 2954 } 2955 2956 #ifdef PMAP_CACHE_VIPT 2957 /* 2958 * Its EXEC cache is now gone. 2959 */ 2960 if (PV_IS_EXEC_P(md->pvh_attrs)) 2961 PMAPCOUNT(exec_discarded_page_protect); 2962 md->pvh_attrs &= ~PVF_EXEC; 2963 KASSERT(md->urw_mappings == 0); 2964 KASSERT(md->uro_mappings == 0); 2965 #ifndef ARM_MMU_EXTENDED 2966 if (arm_cache_prefer_mask != 0) { 2967 if (md->krw_mappings == 0) 2968 md->pvh_attrs &= ~PVF_WRITE; 2969 PMAP_VALIDATE_MD_PAGE(md); 2970 } 2971 #endif /* ARM_MMU_EXTENDED */ 2972 #endif /* PMAP_CACHE_VIPT */ 2973 pmap_release_page_lock(md); 2974 2975 #ifndef ARM_MMU_EXTENDED 2976 if (flush) { 2977 /* 2978 * Note: We can't use pmap_tlb_flush{I,D}() here since that 2979 * would need a subsequent call to pmap_update() to ensure 2980 * curpm->pm_cstate.cs_all is reset. Our callers are not 2981 * required to do that (see pmap(9)), so we can't modify 2982 * the current pmap's state. 2983 */ 2984 if (PV_BEEN_EXECD(flags)) 2985 cpu_tlb_flushID(); 2986 else 2987 cpu_tlb_flushD(); 2988 } 2989 cpu_cpwait(); 2990 #endif /* ARM_MMU_EXTENDED */ 2991 } 2992 2993 /* 2994 * pmap_t pmap_create(void) 2995 * 2996 * Create a new pmap structure from scratch. 2997 */ 2998 pmap_t 2999 pmap_create(void) 3000 { 3001 pmap_t pm; 3002 3003 pm = pool_cache_get(&pmap_cache, PR_WAITOK); 3004 3005 mutex_init(&pm->pm_obj_lock, MUTEX_DEFAULT, IPL_NONE); 3006 uvm_obj_init(&pm->pm_obj, NULL, false, 1); 3007 uvm_obj_setlock(&pm->pm_obj, &pm->pm_obj_lock); 3008 3009 pm->pm_stats.wired_count = 0; 3010 pm->pm_stats.resident_count = 1; 3011 #ifdef ARM_MMU_EXTENDED 3012 #ifdef MULTIPROCESSOR 3013 kcpuset_create(&pm->pm_active, true); 3014 kcpuset_create(&pm->pm_onproc, true); 3015 #endif 3016 #else 3017 pm->pm_cstate.cs_all = 0; 3018 #endif 3019 pmap_alloc_l1(pm); 3020 3021 /* 3022 * Note: The pool cache ensures that the pm_l2[] array is already 3023 * initialised to zero. 3024 */ 3025 3026 pmap_pinit(pm); 3027 3028 LIST_INSERT_HEAD(&pmap_pmaps, pm, pm_list); 3029 3030 return (pm); 3031 } 3032 3033 u_int 3034 arm32_mmap_flags(paddr_t pa) 3035 { 3036 /* 3037 * the upper 8 bits in pmap_enter()'s flags are reserved for MD stuff 3038 * and we're using the upper bits in page numbers to pass flags around 3039 * so we might as well use the same bits 3040 */ 3041 return (u_int)pa & PMAP_MD_MASK; 3042 } 3043 /* 3044 * int pmap_enter(pmap_t pm, vaddr_t va, paddr_t pa, vm_prot_t prot, 3045 * u_int flags) 3046 * 3047 * Insert the given physical page (p) at 3048 * the specified virtual address (v) in the 3049 * target physical map with the protection requested. 3050 * 3051 * NB: This is the only routine which MAY NOT lazy-evaluate 3052 * or lose information. That is, this routine must actually 3053 * insert this page into the given map NOW. 3054 */ 3055 int 3056 pmap_enter(pmap_t pm, vaddr_t va, paddr_t pa, vm_prot_t prot, u_int flags) 3057 { 3058 struct l2_bucket *l2b; 3059 struct vm_page *pg, *opg; 3060 u_int nflags; 3061 u_int oflags; 3062 const bool kpm_p = (pm == pmap_kernel()); 3063 #ifdef ARM_HAS_VBAR 3064 const bool vector_page_p = false; 3065 #else 3066 const bool vector_page_p = (va == vector_page); 3067 #endif 3068 3069 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 3070 3071 UVMHIST_LOG(maphist, " (pm %p va %#x pa %#x prot %#x", 3072 pm, va, pa, prot); 3073 UVMHIST_LOG(maphist, " flag %#x", flags, 0, 0, 0); 3074 3075 KDASSERT((flags & PMAP_WIRED) == 0 || (flags & VM_PROT_ALL) != 0); 3076 KDASSERT(((va | pa) & PGOFSET) == 0); 3077 3078 /* 3079 * Get a pointer to the page. Later on in this function, we 3080 * test for a managed page by checking pg != NULL. 3081 */ 3082 pg = pmap_initialized ? PHYS_TO_VM_PAGE(pa) : NULL; 3083 3084 nflags = 0; 3085 if (prot & VM_PROT_WRITE) 3086 nflags |= PVF_WRITE; 3087 if (prot & VM_PROT_EXECUTE) 3088 nflags |= PVF_EXEC; 3089 if (flags & PMAP_WIRED) 3090 nflags |= PVF_WIRED; 3091 3092 pmap_acquire_pmap_lock(pm); 3093 3094 /* 3095 * Fetch the L2 bucket which maps this page, allocating one if 3096 * necessary for user pmaps. 3097 */ 3098 if (kpm_p) { 3099 l2b = pmap_get_l2_bucket(pm, va); 3100 } else { 3101 l2b = pmap_alloc_l2_bucket(pm, va); 3102 } 3103 if (l2b == NULL) { 3104 if (flags & PMAP_CANFAIL) { 3105 pmap_release_pmap_lock(pm); 3106 return (ENOMEM); 3107 } 3108 panic("pmap_enter: failed to allocate L2 bucket"); 3109 } 3110 pt_entry_t *ptep = &l2b->l2b_kva[l2pte_index(va)]; 3111 const pt_entry_t opte = *ptep; 3112 pt_entry_t npte = pa; 3113 oflags = 0; 3114 3115 if (opte) { 3116 /* 3117 * There is already a mapping at this address. 3118 * If the physical address is different, lookup the 3119 * vm_page. 3120 */ 3121 if (l2pte_pa(opte) != pa) 3122 opg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 3123 else 3124 opg = pg; 3125 } else 3126 opg = NULL; 3127 3128 if (pg) { 3129 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3130 3131 /* 3132 * This is to be a managed mapping. 3133 */ 3134 pmap_acquire_page_lock(md); 3135 if ((flags & VM_PROT_ALL) || (md->pvh_attrs & PVF_REF)) { 3136 /* 3137 * - The access type indicates that we don't need 3138 * to do referenced emulation. 3139 * OR 3140 * - The physical page has already been referenced 3141 * so no need to re-do referenced emulation here. 3142 */ 3143 npte |= l2pte_set_readonly(L2_S_PROTO); 3144 3145 nflags |= PVF_REF; 3146 3147 if ((prot & VM_PROT_WRITE) != 0 && 3148 ((flags & VM_PROT_WRITE) != 0 || 3149 (md->pvh_attrs & PVF_MOD) != 0)) { 3150 /* 3151 * This is a writable mapping, and the 3152 * page's mod state indicates it has 3153 * already been modified. Make it 3154 * writable from the outset. 3155 */ 3156 npte = l2pte_set_writable(npte); 3157 nflags |= PVF_MOD; 3158 } 3159 3160 #ifdef ARM_MMU_EXTENDED 3161 /* 3162 * If the page has been cleaned, then the pvh_attrs 3163 * will have PVF_EXEC set, so mark it execute so we 3164 * don't get an access fault when trying to execute 3165 * from it. 3166 */ 3167 if (md->pvh_attrs & nflags & PVF_EXEC) { 3168 npte &= ~L2_XS_XN; 3169 } 3170 #endif 3171 } else { 3172 /* 3173 * Need to do page referenced emulation. 3174 */ 3175 npte |= L2_TYPE_INV; 3176 } 3177 3178 if (flags & ARM32_MMAP_WRITECOMBINE) { 3179 npte |= pte_l2_s_wc_mode; 3180 } else 3181 npte |= pte_l2_s_cache_mode; 3182 3183 if (pg == opg) { 3184 /* 3185 * We're changing the attrs of an existing mapping. 3186 */ 3187 oflags = pmap_modify_pv(md, pa, pm, va, 3188 PVF_WRITE | PVF_EXEC | PVF_WIRED | 3189 PVF_MOD | PVF_REF, nflags); 3190 3191 #ifdef PMAP_CACHE_VIVT 3192 /* 3193 * We may need to flush the cache if we're 3194 * doing rw-ro... 3195 */ 3196 if (pm->pm_cstate.cs_cache_d && 3197 (oflags & PVF_NC) == 0 && 3198 l2pte_writable_p(opte) && 3199 (prot & VM_PROT_WRITE) == 0) 3200 cpu_dcache_wb_range(va, PAGE_SIZE); 3201 #endif 3202 } else { 3203 struct pv_entry *pv; 3204 /* 3205 * New mapping, or changing the backing page 3206 * of an existing mapping. 3207 */ 3208 if (opg) { 3209 struct vm_page_md *omd = VM_PAGE_TO_MD(opg); 3210 paddr_t opa = VM_PAGE_TO_PHYS(opg); 3211 3212 /* 3213 * Replacing an existing mapping with a new one. 3214 * It is part of our managed memory so we 3215 * must remove it from the PV list 3216 */ 3217 pv = pmap_remove_pv(omd, opa, pm, va); 3218 pmap_vac_me_harder(omd, opa, pm, 0); 3219 oflags = pv->pv_flags; 3220 3221 #ifdef PMAP_CACHE_VIVT 3222 /* 3223 * If the old mapping was valid (ref/mod 3224 * emulation creates 'invalid' mappings 3225 * initially) then make sure to frob 3226 * the cache. 3227 */ 3228 if (!(oflags & PVF_NC) && l2pte_valid_p(opte)) { 3229 pmap_cache_wbinv_page(pm, va, true, 3230 oflags); 3231 } 3232 #endif 3233 } else { 3234 pmap_release_page_lock(md); 3235 pv = pool_get(&pmap_pv_pool, PR_NOWAIT); 3236 if (pv == NULL) { 3237 pmap_release_pmap_lock(pm); 3238 if ((flags & PMAP_CANFAIL) == 0) 3239 panic("pmap_enter: " 3240 "no pv entries"); 3241 3242 pmap_free_l2_bucket(pm, l2b, 0); 3243 UVMHIST_LOG(maphist, " <-- done (ENOMEM)", 3244 0, 0, 0, 0); 3245 return (ENOMEM); 3246 } 3247 pmap_acquire_page_lock(md); 3248 } 3249 3250 pmap_enter_pv(md, pa, pv, pm, va, nflags); 3251 } 3252 pmap_release_page_lock(md); 3253 } else { 3254 /* 3255 * We're mapping an unmanaged page. 3256 * These are always readable, and possibly writable, from 3257 * the get go as we don't need to track ref/mod status. 3258 */ 3259 npte |= l2pte_set_readonly(L2_S_PROTO); 3260 if (prot & VM_PROT_WRITE) 3261 npte = l2pte_set_writable(npte); 3262 3263 /* 3264 * Make sure the vector table is mapped cacheable 3265 */ 3266 if ((vector_page_p && !kpm_p) 3267 || (flags & ARM32_MMAP_CACHEABLE)) { 3268 npte |= pte_l2_s_cache_mode; 3269 #ifdef ARM_MMU_EXTENDED 3270 npte &= ~L2_XS_XN; /* and executable */ 3271 #endif 3272 } else if (flags & ARM32_MMAP_WRITECOMBINE) { 3273 npte |= pte_l2_s_wc_mode; 3274 } 3275 if (opg) { 3276 /* 3277 * Looks like there's an existing 'managed' mapping 3278 * at this address. 3279 */ 3280 struct vm_page_md *omd = VM_PAGE_TO_MD(opg); 3281 paddr_t opa = VM_PAGE_TO_PHYS(opg); 3282 3283 pmap_acquire_page_lock(omd); 3284 struct pv_entry *pv = pmap_remove_pv(omd, opa, pm, va); 3285 pmap_vac_me_harder(omd, opa, pm, 0); 3286 oflags = pv->pv_flags; 3287 pmap_release_page_lock(omd); 3288 3289 #ifdef PMAP_CACHE_VIVT 3290 if (!(oflags & PVF_NC) && l2pte_valid_p(opte)) { 3291 pmap_cache_wbinv_page(pm, va, true, oflags); 3292 } 3293 #endif 3294 pool_put(&pmap_pv_pool, pv); 3295 } 3296 } 3297 3298 /* 3299 * Make sure userland mappings get the right permissions 3300 */ 3301 if (!vector_page_p && !kpm_p) { 3302 npte |= L2_S_PROT_U; 3303 #ifdef ARM_MMU_EXTENDED 3304 npte |= L2_XS_nG; /* user pages are not global */ 3305 #endif 3306 } 3307 3308 /* 3309 * Keep the stats up to date 3310 */ 3311 if (opte == 0) { 3312 l2b->l2b_occupancy += PAGE_SIZE / L2_S_SIZE; 3313 pm->pm_stats.resident_count++; 3314 } 3315 3316 UVMHIST_LOG(maphist, " opte %#x npte %#x", opte, npte, 0, 0); 3317 3318 #if defined(ARM_MMU_EXTENDED) 3319 /* 3320 * If exec protection was requested but the page hasn't been synced, 3321 * sync it now and allow execution from it. 3322 */ 3323 if ((nflags & PVF_EXEC) && (npte & L2_XS_XN)) { 3324 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3325 npte &= ~L2_XS_XN; 3326 pmap_syncicache_page(md, pa); 3327 PMAPCOUNT(exec_synced_map); 3328 } 3329 #endif 3330 /* 3331 * If this is just a wiring change, the two PTEs will be 3332 * identical, so there's no need to update the page table. 3333 */ 3334 if (npte != opte) { 3335 l2pte_reset(ptep); 3336 PTE_SYNC(ptep); 3337 if (l2pte_valid_p(opte)) { 3338 pmap_tlb_flush_SE(pm, va, oflags); 3339 } 3340 l2pte_set(ptep, npte, 0); 3341 PTE_SYNC(ptep); 3342 #ifndef ARM_MMU_EXTENDED 3343 bool is_cached = pmap_is_cached(pm); 3344 if (is_cached) { 3345 /* 3346 * We only need to frob the cache/tlb if this pmap 3347 * is current 3348 */ 3349 if (!vector_page_p && l2pte_valid_p(npte)) { 3350 /* 3351 * This mapping is likely to be accessed as 3352 * soon as we return to userland. Fix up the 3353 * L1 entry to avoid taking another 3354 * page/domain fault. 3355 */ 3356 pd_entry_t *pdep = pmap_l1_kva(pm) 3357 + l1pte_index(va); 3358 pd_entry_t pde = L1_C_PROTO | l2b->l2b_pa 3359 | L1_C_DOM(pmap_domain(pm)); 3360 if (*pdep != pde) { 3361 l1pte_setone(pdep, pde); 3362 PDE_SYNC(pdep); 3363 } 3364 } 3365 } 3366 #endif /* !ARM_MMU_EXTENDED */ 3367 3368 #ifndef ARM_MMU_EXTENDED 3369 UVMHIST_LOG(maphist, " is_cached %d cs 0x%08x\n", 3370 is_cached, pm->pm_cstate.cs_all, 0, 0); 3371 3372 if (pg != NULL) { 3373 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3374 3375 pmap_acquire_page_lock(md); 3376 pmap_vac_me_harder(md, pa, pm, va); 3377 pmap_release_page_lock(md); 3378 } 3379 #endif 3380 } 3381 #if defined(PMAP_CACHE_VIPT) && defined(DIAGNOSTIC) 3382 if (pg) { 3383 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3384 3385 pmap_acquire_page_lock(md); 3386 #ifndef ARM_MMU_EXTENDED 3387 KASSERT((md->pvh_attrs & PVF_DMOD) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 3388 #endif 3389 PMAP_VALIDATE_MD_PAGE(md); 3390 pmap_release_page_lock(md); 3391 } 3392 #endif 3393 3394 pmap_release_pmap_lock(pm); 3395 3396 return (0); 3397 } 3398 3399 /* 3400 * pmap_remove() 3401 * 3402 * pmap_remove is responsible for nuking a number of mappings for a range 3403 * of virtual address space in the current pmap. To do this efficiently 3404 * is interesting, because in a number of cases a wide virtual address 3405 * range may be supplied that contains few actual mappings. So, the 3406 * optimisations are: 3407 * 1. Skip over hunks of address space for which no L1 or L2 entry exists. 3408 * 2. Build up a list of pages we've hit, up to a maximum, so we can 3409 * maybe do just a partial cache clean. This path of execution is 3410 * complicated by the fact that the cache must be flushed _before_ 3411 * the PTE is nuked, being a VAC :-) 3412 * 3. If we're called after UVM calls pmap_remove_all(), we can defer 3413 * all invalidations until pmap_update(), since pmap_remove_all() has 3414 * already flushed the cache. 3415 * 4. Maybe later fast-case a single page, but I don't think this is 3416 * going to make _that_ much difference overall. 3417 */ 3418 3419 #define PMAP_REMOVE_CLEAN_LIST_SIZE 3 3420 3421 void 3422 pmap_remove(pmap_t pm, vaddr_t sva, vaddr_t eva) 3423 { 3424 vaddr_t next_bucket; 3425 u_int cleanlist_idx, total, cnt; 3426 struct { 3427 vaddr_t va; 3428 pt_entry_t *ptep; 3429 } cleanlist[PMAP_REMOVE_CLEAN_LIST_SIZE]; 3430 u_int mappings; 3431 3432 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 3433 UVMHIST_LOG(maphist, " (pm=%p, sva=%#x, eva=%#x)", pm, sva, eva, 0); 3434 3435 /* 3436 * we lock in the pmap => pv_head direction 3437 */ 3438 pmap_acquire_pmap_lock(pm); 3439 3440 if (pm->pm_remove_all || !pmap_is_cached(pm)) { 3441 cleanlist_idx = PMAP_REMOVE_CLEAN_LIST_SIZE + 1; 3442 #ifndef ARM_MMU_EXTENDED 3443 if (pm->pm_cstate.cs_tlb == 0) 3444 pm->pm_remove_all = true; 3445 #endif 3446 } else 3447 cleanlist_idx = 0; 3448 3449 total = 0; 3450 3451 while (sva < eva) { 3452 /* 3453 * Do one L2 bucket's worth at a time. 3454 */ 3455 next_bucket = L2_NEXT_BUCKET_VA(sva); 3456 if (next_bucket > eva) 3457 next_bucket = eva; 3458 3459 struct l2_bucket * const l2b = pmap_get_l2_bucket(pm, sva); 3460 if (l2b == NULL) { 3461 sva = next_bucket; 3462 continue; 3463 } 3464 3465 pt_entry_t *ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3466 3467 for (mappings = 0; 3468 sva < next_bucket; 3469 sva += PAGE_SIZE, ptep += PAGE_SIZE / L2_S_SIZE) { 3470 pt_entry_t opte = *ptep; 3471 3472 if (opte == 0) { 3473 /* Nothing here, move along */ 3474 continue; 3475 } 3476 3477 u_int flags = PVF_REF; 3478 paddr_t pa = l2pte_pa(opte); 3479 struct vm_page * const pg = PHYS_TO_VM_PAGE(pa); 3480 3481 /* 3482 * Update flags. In a number of circumstances, 3483 * we could cluster a lot of these and do a 3484 * number of sequential pages in one go. 3485 */ 3486 if (pg != NULL) { 3487 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3488 struct pv_entry *pv; 3489 3490 pmap_acquire_page_lock(md); 3491 pv = pmap_remove_pv(md, pa, pm, sva); 3492 pmap_vac_me_harder(md, pa, pm, 0); 3493 pmap_release_page_lock(md); 3494 if (pv != NULL) { 3495 if (pm->pm_remove_all == false) { 3496 flags = pv->pv_flags; 3497 } 3498 pool_put(&pmap_pv_pool, pv); 3499 } 3500 } 3501 mappings += PAGE_SIZE / L2_S_SIZE; 3502 3503 if (!l2pte_valid_p(opte)) { 3504 /* 3505 * Ref/Mod emulation is still active for this 3506 * mapping, therefore it is has not yet been 3507 * accessed. No need to frob the cache/tlb. 3508 */ 3509 l2pte_reset(ptep); 3510 PTE_SYNC_CURRENT(pm, ptep); 3511 continue; 3512 } 3513 3514 #ifdef ARM_MMU_EXTENDED 3515 if (pm == pmap_kernel()) { 3516 l2pte_reset(ptep); 3517 PTE_SYNC(ptep); 3518 pmap_tlb_flush_SE(pm, sva, flags); 3519 continue; 3520 } 3521 #endif 3522 if (cleanlist_idx < PMAP_REMOVE_CLEAN_LIST_SIZE) { 3523 /* Add to the clean list. */ 3524 cleanlist[cleanlist_idx].ptep = ptep; 3525 cleanlist[cleanlist_idx].va = 3526 sva | (flags & PVF_EXEC); 3527 cleanlist_idx++; 3528 } else if (cleanlist_idx == PMAP_REMOVE_CLEAN_LIST_SIZE) { 3529 /* Nuke everything if needed. */ 3530 #ifdef PMAP_CACHE_VIVT 3531 pmap_cache_wbinv_all(pm, PVF_EXEC); 3532 #endif 3533 /* 3534 * Roll back the previous PTE list, 3535 * and zero out the current PTE. 3536 */ 3537 for (cnt = 0; 3538 cnt < PMAP_REMOVE_CLEAN_LIST_SIZE; cnt++) { 3539 l2pte_reset(cleanlist[cnt].ptep); 3540 PTE_SYNC(cleanlist[cnt].ptep); 3541 } 3542 l2pte_reset(ptep); 3543 PTE_SYNC(ptep); 3544 cleanlist_idx++; 3545 pm->pm_remove_all = true; 3546 } else { 3547 l2pte_reset(ptep); 3548 PTE_SYNC(ptep); 3549 if (pm->pm_remove_all == false) { 3550 pmap_tlb_flush_SE(pm, sva, flags); 3551 } 3552 } 3553 } 3554 3555 /* 3556 * Deal with any left overs 3557 */ 3558 if (cleanlist_idx <= PMAP_REMOVE_CLEAN_LIST_SIZE) { 3559 total += cleanlist_idx; 3560 for (cnt = 0; cnt < cleanlist_idx; cnt++) { 3561 l2pte_reset(cleanlist[cnt].ptep); 3562 PTE_SYNC_CURRENT(pm, cleanlist[cnt].ptep); 3563 #ifdef ARM_MMU_EXTENDED 3564 vaddr_t clva = cleanlist[cnt].va; 3565 pmap_tlb_flush_SE(pm, clva, PVF_REF); 3566 #else 3567 vaddr_t va = cleanlist[cnt].va; 3568 if (pm->pm_cstate.cs_all != 0) { 3569 vaddr_t clva = va & ~PAGE_MASK; 3570 u_int flags = va & PVF_EXEC; 3571 #ifdef PMAP_CACHE_VIVT 3572 pmap_cache_wbinv_page(pm, clva, true, 3573 PVF_REF | PVF_WRITE | flags); 3574 #endif 3575 pmap_tlb_flush_SE(pm, clva, 3576 PVF_REF | flags); 3577 } 3578 #endif /* ARM_MMU_EXTENDED */ 3579 } 3580 3581 /* 3582 * If it looks like we're removing a whole bunch 3583 * of mappings, it's faster to just write-back 3584 * the whole cache now and defer TLB flushes until 3585 * pmap_update() is called. 3586 */ 3587 if (total <= PMAP_REMOVE_CLEAN_LIST_SIZE) 3588 cleanlist_idx = 0; 3589 else { 3590 cleanlist_idx = PMAP_REMOVE_CLEAN_LIST_SIZE + 1; 3591 #ifdef PMAP_CACHE_VIVT 3592 pmap_cache_wbinv_all(pm, PVF_EXEC); 3593 #endif 3594 pm->pm_remove_all = true; 3595 } 3596 } 3597 3598 3599 pmap_free_l2_bucket(pm, l2b, mappings); 3600 pm->pm_stats.resident_count -= mappings / (PAGE_SIZE/L2_S_SIZE); 3601 } 3602 3603 pmap_release_pmap_lock(pm); 3604 } 3605 3606 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3607 static struct pv_entry * 3608 pmap_kremove_pg(struct vm_page *pg, vaddr_t va) 3609 { 3610 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 3611 paddr_t pa = VM_PAGE_TO_PHYS(pg); 3612 struct pv_entry *pv; 3613 3614 KASSERT(arm_cache_prefer_mask == 0 || md->pvh_attrs & (PVF_COLORED|PVF_NC)); 3615 KASSERT((md->pvh_attrs & PVF_KMPAGE) == 0); 3616 KASSERT(pmap_page_locked_p(md)); 3617 3618 pv = pmap_remove_pv(md, pa, pmap_kernel(), va); 3619 KASSERTMSG(pv, "pg %p (pa #%lx) va %#lx", pg, pa, va); 3620 KASSERT(PV_IS_KENTRY_P(pv->pv_flags)); 3621 3622 /* 3623 * If we are removing a writeable mapping to a cached exec page, 3624 * if it's the last mapping then clear it execness other sync 3625 * the page to the icache. 3626 */ 3627 if ((md->pvh_attrs & (PVF_NC|PVF_EXEC)) == PVF_EXEC 3628 && (pv->pv_flags & PVF_WRITE) != 0) { 3629 if (SLIST_EMPTY(&md->pvh_list)) { 3630 md->pvh_attrs &= ~PVF_EXEC; 3631 PMAPCOUNT(exec_discarded_kremove); 3632 } else { 3633 pmap_syncicache_page(md, pa); 3634 PMAPCOUNT(exec_synced_kremove); 3635 } 3636 } 3637 pmap_vac_me_harder(md, pa, pmap_kernel(), 0); 3638 3639 return pv; 3640 } 3641 #endif /* PMAP_CACHE_VIPT && !ARM_MMU_EXTENDED */ 3642 3643 /* 3644 * pmap_kenter_pa: enter an unmanaged, wired kernel mapping 3645 * 3646 * We assume there is already sufficient KVM space available 3647 * to do this, as we can't allocate L2 descriptor tables/metadata 3648 * from here. 3649 */ 3650 void 3651 pmap_kenter_pa(vaddr_t va, paddr_t pa, vm_prot_t prot, u_int flags) 3652 { 3653 #ifdef PMAP_CACHE_VIVT 3654 struct vm_page *pg = (flags & PMAP_KMPAGE) ? PHYS_TO_VM_PAGE(pa) : NULL; 3655 #endif 3656 #ifdef PMAP_CACHE_VIPT 3657 struct vm_page *pg = PHYS_TO_VM_PAGE(pa); 3658 struct vm_page *opg; 3659 #ifndef ARM_MMU_EXTENDED 3660 struct pv_entry *pv = NULL; 3661 #endif 3662 #endif 3663 struct vm_page_md *md = pg != NULL ? VM_PAGE_TO_MD(pg) : NULL; 3664 3665 UVMHIST_FUNC(__func__); 3666 3667 if (pmap_initialized) { 3668 UVMHIST_CALLED(maphist); 3669 UVMHIST_LOG(maphist, " (va=%#x, pa=%#x, prot=%#x, flags=%#x", 3670 va, pa, prot, flags); 3671 } 3672 3673 pmap_t kpm = pmap_kernel(); 3674 pmap_acquire_pmap_lock(kpm); 3675 struct l2_bucket * const l2b = pmap_get_l2_bucket(kpm, va); 3676 const size_t l1slot __diagused = l1pte_index(va); 3677 KASSERTMSG(l2b != NULL, 3678 "va %#lx pa %#lx prot %d maxkvaddr %#lx: l2 %p l2b %p kva %p", 3679 va, pa, prot, pmap_curmaxkvaddr, kpm->pm_l2[L2_IDX(l1slot)], 3680 kpm->pm_l2[L2_IDX(l1slot)] 3681 ? &kpm->pm_l2[L2_IDX(l1slot)]->l2_bucket[L2_BUCKET(l1slot)] 3682 : NULL, 3683 kpm->pm_l2[L2_IDX(l1slot)] 3684 ? kpm->pm_l2[L2_IDX(l1slot)]->l2_bucket[L2_BUCKET(l1slot)].l2b_kva 3685 : NULL); 3686 KASSERT(l2b->l2b_kva != NULL); 3687 3688 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 3689 const pt_entry_t opte = *ptep; 3690 3691 if (opte == 0) { 3692 PMAPCOUNT(kenter_mappings); 3693 l2b->l2b_occupancy += PAGE_SIZE / L2_S_SIZE; 3694 } else { 3695 PMAPCOUNT(kenter_remappings); 3696 #ifdef PMAP_CACHE_VIPT 3697 opg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 3698 #if !defined(ARM_MMU_EXTENDED) || defined(DIAGNOSTIC) 3699 struct vm_page_md *omd __diagused = VM_PAGE_TO_MD(opg); 3700 #endif 3701 if (opg && arm_cache_prefer_mask != 0) { 3702 KASSERT(opg != pg); 3703 KASSERT((omd->pvh_attrs & PVF_KMPAGE) == 0); 3704 KASSERT((flags & PMAP_KMPAGE) == 0); 3705 #ifndef ARM_MMU_EXTENDED 3706 pmap_acquire_page_lock(omd); 3707 pv = pmap_kremove_pg(opg, va); 3708 pmap_release_page_lock(omd); 3709 #endif 3710 } 3711 #endif 3712 if (l2pte_valid_p(opte)) { 3713 l2pte_reset(ptep); 3714 PTE_SYNC(ptep); 3715 #ifdef PMAP_CACHE_VIVT 3716 cpu_dcache_wbinv_range(va, PAGE_SIZE); 3717 #endif 3718 cpu_tlb_flushD_SE(va); 3719 cpu_cpwait(); 3720 } 3721 } 3722 pmap_release_pmap_lock(kpm); 3723 3724 pt_entry_t npte = L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot) 3725 | ((flags & PMAP_NOCACHE) 3726 ? 0 3727 : ((flags & PMAP_PTE) 3728 ? pte_l2_s_cache_mode_pt : pte_l2_s_cache_mode)); 3729 #ifdef ARM_MMU_EXTENDED 3730 if (prot & VM_PROT_EXECUTE) 3731 npte &= ~L2_XS_XN; 3732 #endif 3733 l2pte_set(ptep, npte, 0); 3734 PTE_SYNC(ptep); 3735 3736 if (pg) { 3737 if (flags & PMAP_KMPAGE) { 3738 KASSERT(md->urw_mappings == 0); 3739 KASSERT(md->uro_mappings == 0); 3740 KASSERT(md->krw_mappings == 0); 3741 KASSERT(md->kro_mappings == 0); 3742 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3743 KASSERT(pv == NULL); 3744 KASSERT(arm_cache_prefer_mask == 0 || (va & PVF_COLORED) == 0); 3745 KASSERT((md->pvh_attrs & PVF_NC) == 0); 3746 /* if there is a color conflict, evict from cache. */ 3747 if (pmap_is_page_colored_p(md) 3748 && ((va ^ md->pvh_attrs) & arm_cache_prefer_mask)) { 3749 PMAPCOUNT(vac_color_change); 3750 pmap_flush_page(md, pa, PMAP_FLUSH_PRIMARY); 3751 } else if (md->pvh_attrs & PVF_MULTCLR) { 3752 /* 3753 * If this page has multiple colors, expunge 3754 * them. 3755 */ 3756 PMAPCOUNT(vac_flush_lots2); 3757 pmap_flush_page(md, pa, PMAP_FLUSH_SECONDARY); 3758 } 3759 /* 3760 * Since this is a KMPAGE, there can be no contention 3761 * for this page so don't lock it. 3762 */ 3763 md->pvh_attrs &= PAGE_SIZE - 1; 3764 md->pvh_attrs |= PVF_KMPAGE | PVF_COLORED | PVF_DIRTY 3765 | (va & arm_cache_prefer_mask); 3766 #else /* !PMAP_CACHE_VIPT || ARM_MMU_EXTENDED */ 3767 md->pvh_attrs |= PVF_KMPAGE; 3768 #endif 3769 atomic_inc_32(&pmap_kmpages); 3770 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3771 } else if (arm_cache_prefer_mask != 0) { 3772 if (pv == NULL) { 3773 pv = pool_get(&pmap_pv_pool, PR_NOWAIT); 3774 KASSERT(pv != NULL); 3775 } 3776 pmap_acquire_page_lock(md); 3777 pmap_enter_pv(md, pa, pv, pmap_kernel(), va, 3778 PVF_WIRED | PVF_KENTRY 3779 | (prot & VM_PROT_WRITE ? PVF_WRITE : 0)); 3780 if ((prot & VM_PROT_WRITE) 3781 && !(md->pvh_attrs & PVF_NC)) 3782 md->pvh_attrs |= PVF_DIRTY; 3783 KASSERT((prot & VM_PROT_WRITE) == 0 || (md->pvh_attrs & (PVF_DIRTY|PVF_NC))); 3784 pmap_vac_me_harder(md, pa, pmap_kernel(), va); 3785 pmap_release_page_lock(md); 3786 #endif 3787 } 3788 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3789 } else { 3790 if (pv != NULL) 3791 pool_put(&pmap_pv_pool, pv); 3792 #endif 3793 } 3794 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3795 KASSERT(md == NULL || !pmap_page_locked_p(md)); 3796 #endif 3797 if (pmap_initialized) { 3798 UVMHIST_LOG(maphist, " <-- done (ptep %p: %#x -> %#x)", 3799 ptep, opte, npte, 0); 3800 } 3801 3802 } 3803 3804 void 3805 pmap_kremove(vaddr_t va, vsize_t len) 3806 { 3807 #ifdef UVMHIST 3808 u_int total_mappings = 0; 3809 #endif 3810 3811 PMAPCOUNT(kenter_unmappings); 3812 3813 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 3814 3815 UVMHIST_LOG(maphist, " (va=%#x, len=%#x)", va, len, 0, 0); 3816 3817 const vaddr_t eva = va + len; 3818 3819 pmap_acquire_pmap_lock(pmap_kernel()); 3820 3821 while (va < eva) { 3822 vaddr_t next_bucket = L2_NEXT_BUCKET_VA(va); 3823 if (next_bucket > eva) 3824 next_bucket = eva; 3825 3826 pmap_t kpm = pmap_kernel(); 3827 struct l2_bucket * const l2b = pmap_get_l2_bucket(kpm, va); 3828 KDASSERT(l2b != NULL); 3829 3830 pt_entry_t * const sptep = &l2b->l2b_kva[l2pte_index(va)]; 3831 pt_entry_t *ptep = sptep; 3832 u_int mappings = 0; 3833 3834 while (va < next_bucket) { 3835 const pt_entry_t opte = *ptep; 3836 struct vm_page *opg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 3837 if (opg != NULL) { 3838 struct vm_page_md *omd = VM_PAGE_TO_MD(opg); 3839 3840 if (omd->pvh_attrs & PVF_KMPAGE) { 3841 KASSERT(omd->urw_mappings == 0); 3842 KASSERT(omd->uro_mappings == 0); 3843 KASSERT(omd->krw_mappings == 0); 3844 KASSERT(omd->kro_mappings == 0); 3845 omd->pvh_attrs &= ~PVF_KMPAGE; 3846 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3847 if (arm_cache_prefer_mask != 0) { 3848 omd->pvh_attrs &= ~PVF_WRITE; 3849 } 3850 #endif 3851 atomic_dec_32(&pmap_kmpages); 3852 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 3853 } else if (arm_cache_prefer_mask != 0) { 3854 pmap_acquire_page_lock(omd); 3855 pool_put(&pmap_pv_pool, 3856 pmap_kremove_pg(opg, va)); 3857 pmap_release_page_lock(omd); 3858 #endif 3859 } 3860 } 3861 if (l2pte_valid_p(opte)) { 3862 l2pte_reset(ptep); 3863 PTE_SYNC(ptep); 3864 #ifdef PMAP_CACHE_VIVT 3865 cpu_dcache_wbinv_range(va, PAGE_SIZE); 3866 #endif 3867 cpu_tlb_flushD_SE(va); 3868 3869 mappings += PAGE_SIZE / L2_S_SIZE; 3870 } 3871 va += PAGE_SIZE; 3872 ptep += PAGE_SIZE / L2_S_SIZE; 3873 } 3874 KDASSERTMSG(mappings <= l2b->l2b_occupancy, "%u %u", 3875 mappings, l2b->l2b_occupancy); 3876 l2b->l2b_occupancy -= mappings; 3877 //PTE_SYNC_RANGE(sptep, (u_int)(ptep - sptep)); 3878 #ifdef UVMHIST 3879 total_mappings += mappings; 3880 #endif 3881 } 3882 pmap_release_pmap_lock(pmap_kernel()); 3883 cpu_cpwait(); 3884 UVMHIST_LOG(maphist, " <--- done (%u mappings removed)", 3885 total_mappings, 0, 0, 0); 3886 } 3887 3888 bool 3889 pmap_extract(pmap_t pm, vaddr_t va, paddr_t *pap) 3890 { 3891 struct l2_dtable *l2; 3892 pd_entry_t *pdep, pde; 3893 pt_entry_t *ptep, pte; 3894 paddr_t pa; 3895 u_int l1slot; 3896 3897 pmap_acquire_pmap_lock(pm); 3898 3899 l1slot = l1pte_index(va); 3900 pdep = pmap_l1_kva(pm) + l1slot; 3901 pde = *pdep; 3902 3903 if (l1pte_section_p(pde)) { 3904 /* 3905 * These should only happen for pmap_kernel() 3906 */ 3907 KDASSERT(pm == pmap_kernel()); 3908 pmap_release_pmap_lock(pm); 3909 #if (ARM_MMU_V6 + ARM_MMU_V7) > 0 3910 if (l1pte_supersection_p(pde)) { 3911 pa = (pde & L1_SS_FRAME) | (va & L1_SS_OFFSET); 3912 } else 3913 #endif 3914 pa = (pde & L1_S_FRAME) | (va & L1_S_OFFSET); 3915 } else { 3916 /* 3917 * Note that we can't rely on the validity of the L1 3918 * descriptor as an indication that a mapping exists. 3919 * We have to look it up in the L2 dtable. 3920 */ 3921 l2 = pm->pm_l2[L2_IDX(l1slot)]; 3922 3923 if (l2 == NULL || 3924 (ptep = l2->l2_bucket[L2_BUCKET(l1slot)].l2b_kva) == NULL) { 3925 pmap_release_pmap_lock(pm); 3926 return false; 3927 } 3928 3929 pte = ptep[l2pte_index(va)]; 3930 pmap_release_pmap_lock(pm); 3931 3932 if (pte == 0) 3933 return false; 3934 3935 switch (pte & L2_TYPE_MASK) { 3936 case L2_TYPE_L: 3937 pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET); 3938 break; 3939 3940 default: 3941 pa = (pte & ~PAGE_MASK) | (va & PAGE_MASK); 3942 break; 3943 } 3944 } 3945 3946 if (pap != NULL) 3947 *pap = pa; 3948 3949 return true; 3950 } 3951 3952 void 3953 pmap_protect(pmap_t pm, vaddr_t sva, vaddr_t eva, vm_prot_t prot) 3954 { 3955 struct l2_bucket *l2b; 3956 vaddr_t next_bucket; 3957 3958 NPDEBUG(PDB_PROTECT, 3959 printf("pmap_protect: pm %p sva 0x%lx eva 0x%lx prot 0x%x\n", 3960 pm, sva, eva, prot)); 3961 3962 if ((prot & VM_PROT_READ) == 0) { 3963 pmap_remove(pm, sva, eva); 3964 return; 3965 } 3966 3967 if (prot & VM_PROT_WRITE) { 3968 /* 3969 * If this is a read->write transition, just ignore it and let 3970 * uvm_fault() take care of it later. 3971 */ 3972 return; 3973 } 3974 3975 pmap_acquire_pmap_lock(pm); 3976 3977 #ifndef ARM_MMU_EXTENDED 3978 const bool flush = eva - sva >= PAGE_SIZE * 4; 3979 u_int flags = 0; 3980 #endif 3981 u_int clr_mask = PVF_WRITE | ((prot & VM_PROT_EXECUTE) ? 0 : PVF_EXEC); 3982 3983 while (sva < eva) { 3984 next_bucket = L2_NEXT_BUCKET_VA(sva); 3985 if (next_bucket > eva) 3986 next_bucket = eva; 3987 3988 l2b = pmap_get_l2_bucket(pm, sva); 3989 if (l2b == NULL) { 3990 sva = next_bucket; 3991 continue; 3992 } 3993 3994 pt_entry_t *ptep = &l2b->l2b_kva[l2pte_index(sva)]; 3995 3996 while (sva < next_bucket) { 3997 const pt_entry_t opte = *ptep; 3998 if (l2pte_valid_p(opte) && l2pte_writable_p(opte)) { 3999 struct vm_page *pg; 4000 #ifndef ARM_MMU_EXTENDED 4001 u_int f; 4002 #endif 4003 4004 #ifdef PMAP_CACHE_VIVT 4005 /* 4006 * OK, at this point, we know we're doing 4007 * write-protect operation. If the pmap is 4008 * active, write-back the page. 4009 */ 4010 pmap_cache_wbinv_page(pm, sva, false, 4011 PVF_REF | PVF_WRITE); 4012 #endif 4013 4014 pg = PHYS_TO_VM_PAGE(l2pte_pa(opte)); 4015 pt_entry_t npte = l2pte_set_readonly(opte); 4016 l2pte_reset(ptep); 4017 PTE_SYNC(ptep); 4018 #ifdef ARM_MMU_EXTENDED 4019 pmap_tlb_flush_SE(pm, sva, PVF_REF); 4020 #endif 4021 l2pte_set(ptep, npte, 0); 4022 PTE_SYNC(ptep); 4023 4024 if (pg != NULL) { 4025 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4026 paddr_t pa = VM_PAGE_TO_PHYS(pg); 4027 4028 pmap_acquire_page_lock(md); 4029 #ifndef ARM_MMU_EXTENDED 4030 f = 4031 #endif 4032 pmap_modify_pv(md, pa, pm, sva, 4033 clr_mask, 0); 4034 pmap_vac_me_harder(md, pa, pm, sva); 4035 pmap_release_page_lock(md); 4036 #ifndef ARM_MMU_EXTENDED 4037 } else { 4038 f = PVF_REF | PVF_EXEC; 4039 } 4040 4041 if (flush) { 4042 flags |= f; 4043 } else { 4044 pmap_tlb_flush_SE(pm, sva, f); 4045 #endif 4046 } 4047 } 4048 4049 sva += PAGE_SIZE; 4050 ptep += PAGE_SIZE / L2_S_SIZE; 4051 } 4052 } 4053 4054 #ifndef ARM_MMU_EXTENDED 4055 if (flush) { 4056 if (PV_BEEN_EXECD(flags)) { 4057 pmap_tlb_flushID(pm); 4058 } else if (PV_BEEN_REFD(flags)) { 4059 pmap_tlb_flushD(pm); 4060 } 4061 } 4062 #endif 4063 4064 pmap_release_pmap_lock(pm); 4065 } 4066 4067 void 4068 pmap_icache_sync_range(pmap_t pm, vaddr_t sva, vaddr_t eva) 4069 { 4070 struct l2_bucket *l2b; 4071 pt_entry_t *ptep; 4072 vaddr_t next_bucket; 4073 vsize_t page_size = trunc_page(sva) + PAGE_SIZE - sva; 4074 4075 NPDEBUG(PDB_EXEC, 4076 printf("pmap_icache_sync_range: pm %p sva 0x%lx eva 0x%lx\n", 4077 pm, sva, eva)); 4078 4079 pmap_acquire_pmap_lock(pm); 4080 4081 while (sva < eva) { 4082 next_bucket = L2_NEXT_BUCKET_VA(sva); 4083 if (next_bucket > eva) 4084 next_bucket = eva; 4085 4086 l2b = pmap_get_l2_bucket(pm, sva); 4087 if (l2b == NULL) { 4088 sva = next_bucket; 4089 continue; 4090 } 4091 4092 for (ptep = &l2b->l2b_kva[l2pte_index(sva)]; 4093 sva < next_bucket; 4094 sva += page_size, 4095 ptep += PAGE_SIZE / L2_S_SIZE, 4096 page_size = PAGE_SIZE) { 4097 if (l2pte_valid_p(*ptep)) { 4098 cpu_icache_sync_range(sva, 4099 min(page_size, eva - sva)); 4100 } 4101 } 4102 } 4103 4104 pmap_release_pmap_lock(pm); 4105 } 4106 4107 void 4108 pmap_page_protect(struct vm_page *pg, vm_prot_t prot) 4109 { 4110 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4111 paddr_t pa = VM_PAGE_TO_PHYS(pg); 4112 4113 NPDEBUG(PDB_PROTECT, 4114 printf("pmap_page_protect: md %p (0x%08lx), prot 0x%x\n", 4115 md, pa, prot)); 4116 4117 switch(prot) { 4118 case VM_PROT_READ|VM_PROT_WRITE: 4119 #if defined(ARM_MMU_EXTENDED) 4120 pmap_acquire_page_lock(md); 4121 pmap_clearbit(md, pa, PVF_EXEC); 4122 pmap_release_page_lock(md); 4123 break; 4124 #endif 4125 case VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE: 4126 break; 4127 4128 case VM_PROT_READ: 4129 #if defined(ARM_MMU_EXTENDED) 4130 pmap_acquire_page_lock(md); 4131 pmap_clearbit(md, pa, PVF_WRITE|PVF_EXEC); 4132 pmap_release_page_lock(md); 4133 break; 4134 #endif 4135 case VM_PROT_READ|VM_PROT_EXECUTE: 4136 pmap_acquire_page_lock(md); 4137 pmap_clearbit(md, pa, PVF_WRITE); 4138 pmap_release_page_lock(md); 4139 break; 4140 4141 default: 4142 pmap_page_remove(md, pa); 4143 break; 4144 } 4145 } 4146 4147 /* 4148 * pmap_clear_modify: 4149 * 4150 * Clear the "modified" attribute for a page. 4151 */ 4152 bool 4153 pmap_clear_modify(struct vm_page *pg) 4154 { 4155 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4156 paddr_t pa = VM_PAGE_TO_PHYS(pg); 4157 bool rv; 4158 4159 pmap_acquire_page_lock(md); 4160 4161 if (md->pvh_attrs & PVF_MOD) { 4162 rv = true; 4163 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 4164 /* 4165 * If we are going to clear the modified bit and there are 4166 * no other modified bits set, flush the page to memory and 4167 * mark it clean. 4168 */ 4169 if ((md->pvh_attrs & (PVF_DMOD|PVF_NC)) == PVF_MOD) 4170 pmap_flush_page(md, pa, PMAP_CLEAN_PRIMARY); 4171 #endif 4172 pmap_clearbit(md, pa, PVF_MOD); 4173 } else { 4174 rv = false; 4175 } 4176 pmap_release_page_lock(md); 4177 4178 return rv; 4179 } 4180 4181 /* 4182 * pmap_clear_reference: 4183 * 4184 * Clear the "referenced" attribute for a page. 4185 */ 4186 bool 4187 pmap_clear_reference(struct vm_page *pg) 4188 { 4189 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4190 paddr_t pa = VM_PAGE_TO_PHYS(pg); 4191 bool rv; 4192 4193 pmap_acquire_page_lock(md); 4194 4195 if (md->pvh_attrs & PVF_REF) { 4196 rv = true; 4197 pmap_clearbit(md, pa, PVF_REF); 4198 } else { 4199 rv = false; 4200 } 4201 pmap_release_page_lock(md); 4202 4203 return rv; 4204 } 4205 4206 /* 4207 * pmap_is_modified: 4208 * 4209 * Test if a page has the "modified" attribute. 4210 */ 4211 /* See <arm/arm32/pmap.h> */ 4212 4213 /* 4214 * pmap_is_referenced: 4215 * 4216 * Test if a page has the "referenced" attribute. 4217 */ 4218 /* See <arm/arm32/pmap.h> */ 4219 4220 #if defined(ARM_MMU_EXTENDED) && 0 4221 int 4222 pmap_prefetchabt_fixup(void *v) 4223 { 4224 struct trapframe * const tf = v; 4225 vaddr_t va = trunc_page(tf->tf_pc); 4226 int rv = ABORT_FIXUP_FAILED; 4227 4228 if (!TRAP_USERMODE(tf) && va < VM_MAXUSER_ADDRESS) 4229 return rv; 4230 4231 kpreempt_disable(); 4232 pmap_t pm = curcpu()->ci_pmap_cur; 4233 const size_t l1slot = l1pte_index(va); 4234 struct l2_dtable * const l2 = pm->pm_l2[L2_IDX(l1slot)]; 4235 if (l2 == NULL) 4236 goto out; 4237 4238 struct l2_bucket * const l2b = &l2->l2_bucket[L2_BUCKET(l1slot)]; 4239 if (l2b->l2b_kva == NULL) 4240 goto out; 4241 4242 /* 4243 * Check the PTE itself. 4244 */ 4245 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 4246 const pt_entry_t opte = *ptep; 4247 if ((opte & L2_S_PROT_U) == 0 || (opte & L2_XS_XN) == 0) 4248 goto out; 4249 4250 paddr_t pa = l2pte_pa(pte); 4251 struct vm_page * const pg = PHYS_TO_VM_PAGE(pa); 4252 KASSERT(pg != NULL); 4253 4254 struct vm_page_md * const md = VM_PAGE_TO_MD(pg); 4255 4256 pmap_acquire_page_lock(md); 4257 struct pv_entry * const pv = pmap_find_pv(md, pm, va); 4258 KASSERT(pv != NULL); 4259 4260 if (PV_IS_EXEC_P(pv->pv_flags)) { 4261 l2pte_reset(ptep); 4262 PTE_SYNC(ptep); 4263 pmap_tlb_flush_SE(pm, va, PVF_EXEC | PVF_REF); 4264 if (!PV_IS_EXEC_P(md->pvh_attrs)) { 4265 pmap_syncicache_page(md, pa); 4266 } 4267 rv = ABORT_FIXUP_RETURN; 4268 l2pte_set(ptep, opte & ~L2_XS_XN, 0); 4269 PTE_SYNC(ptep); 4270 } 4271 pmap_release_page_lock(md); 4272 4273 out: 4274 kpreempt_enable(); 4275 return rv; 4276 } 4277 #endif 4278 4279 int 4280 pmap_fault_fixup(pmap_t pm, vaddr_t va, vm_prot_t ftype, int user) 4281 { 4282 struct l2_dtable *l2; 4283 struct l2_bucket *l2b; 4284 paddr_t pa; 4285 const size_t l1slot = l1pte_index(va); 4286 int rv = 0; 4287 4288 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 4289 4290 va = trunc_page(va); 4291 4292 KASSERT(!user || (pm != pmap_kernel())); 4293 4294 UVMHIST_LOG(maphist, " (pm=%#x, va=%#x, ftype=%#x, user=%d)", 4295 pm, va, ftype, user); 4296 #ifdef ARM_MMU_EXTENDED 4297 UVMHIST_LOG(maphist, " ti=%#x pai=%#x asid=%#x", 4298 cpu_tlb_info(curcpu()), PMAP_PAI(pm, cpu_tlb_info(curcpu())), 4299 PMAP_PAI(pm, cpu_tlb_info(curcpu()))->pai_asid, 0); 4300 #endif 4301 4302 pmap_acquire_pmap_lock(pm); 4303 4304 /* 4305 * If there is no l2_dtable for this address, then the process 4306 * has no business accessing it. 4307 * 4308 * Note: This will catch userland processes trying to access 4309 * kernel addresses. 4310 */ 4311 l2 = pm->pm_l2[L2_IDX(l1slot)]; 4312 if (l2 == NULL) { 4313 UVMHIST_LOG(maphist, " no l2 for l1slot %#x", l1slot, 0, 0, 0); 4314 goto out; 4315 } 4316 4317 /* 4318 * Likewise if there is no L2 descriptor table 4319 */ 4320 l2b = &l2->l2_bucket[L2_BUCKET(l1slot)]; 4321 if (l2b->l2b_kva == NULL) { 4322 UVMHIST_LOG(maphist, " <-- done (no ptep for l1slot %#x)", l1slot, 0, 0, 0); 4323 goto out; 4324 } 4325 4326 /* 4327 * Check the PTE itself. 4328 */ 4329 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 4330 pt_entry_t const opte = *ptep; 4331 if (opte == 0 || (opte & L2_TYPE_MASK) == L2_TYPE_L) { 4332 UVMHIST_LOG(maphist, " <-- done (empty pde for l1slot %#x)", l1slot, 0, 0, 0); 4333 goto out; 4334 } 4335 4336 #ifndef ARM_HAS_VBAR 4337 /* 4338 * Catch a userland access to the vector page mapped at 0x0 4339 */ 4340 if (user && (opte & L2_S_PROT_U) == 0) { 4341 UVMHIST_LOG(maphist, " <-- done (vector_page)", 0, 0, 0, 0); 4342 goto out; 4343 } 4344 #endif 4345 4346 pa = l2pte_pa(opte); 4347 4348 if ((ftype & VM_PROT_WRITE) && !l2pte_writable_p(opte)) { 4349 /* 4350 * This looks like a good candidate for "page modified" 4351 * emulation... 4352 */ 4353 struct pv_entry *pv; 4354 struct vm_page *pg; 4355 4356 /* Extract the physical address of the page */ 4357 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) { 4358 UVMHIST_LOG(maphist, " <-- done (mod/ref unmanaged page)", 0, 0, 0, 0); 4359 goto out; 4360 } 4361 4362 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4363 4364 /* Get the current flags for this page. */ 4365 pmap_acquire_page_lock(md); 4366 pv = pmap_find_pv(md, pm, va); 4367 if (pv == NULL || PV_IS_KENTRY_P(pv->pv_flags)) { 4368 pmap_release_page_lock(md); 4369 UVMHIST_LOG(maphist, " <-- done (mod/ref emul: no PV)", 0, 0, 0, 0); 4370 goto out; 4371 } 4372 4373 /* 4374 * Do the flags say this page is writable? If not then it 4375 * is a genuine write fault. If yes then the write fault is 4376 * our fault as we did not reflect the write access in the 4377 * PTE. Now we know a write has occurred we can correct this 4378 * and also set the modified bit 4379 */ 4380 if ((pv->pv_flags & PVF_WRITE) == 0) { 4381 pmap_release_page_lock(md); 4382 goto out; 4383 } 4384 4385 md->pvh_attrs |= PVF_REF | PVF_MOD; 4386 pv->pv_flags |= PVF_REF | PVF_MOD; 4387 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 4388 /* 4389 * If there are cacheable mappings for this page, mark it dirty. 4390 */ 4391 if ((md->pvh_attrs & PVF_NC) == 0) 4392 md->pvh_attrs |= PVF_DIRTY; 4393 #endif 4394 #ifdef ARM_MMU_EXTENDED 4395 if (md->pvh_attrs & PVF_EXEC) { 4396 md->pvh_attrs &= ~PVF_EXEC; 4397 PMAPCOUNT(exec_discarded_modfixup); 4398 } 4399 #endif 4400 pmap_release_page_lock(md); 4401 4402 /* 4403 * Re-enable write permissions for the page. No need to call 4404 * pmap_vac_me_harder(), since this is just a 4405 * modified-emulation fault, and the PVF_WRITE bit isn't 4406 * changing. We've already set the cacheable bits based on 4407 * the assumption that we can write to this page. 4408 */ 4409 const pt_entry_t npte = 4410 l2pte_set_writable((opte & ~L2_TYPE_MASK) | L2_S_PROTO) 4411 #ifdef ARM_MMU_EXTENDED 4412 | (pm != pmap_kernel() ? L2_XS_nG : 0) 4413 #endif 4414 | 0; 4415 l2pte_reset(ptep); 4416 PTE_SYNC(ptep); 4417 pmap_tlb_flush_SE(pm, va, 4418 (ftype & VM_PROT_EXECUTE) ? PVF_EXEC | PVF_REF : PVF_REF); 4419 l2pte_set(ptep, npte, 0); 4420 PTE_SYNC(ptep); 4421 PMAPCOUNT(fixup_mod); 4422 rv = 1; 4423 UVMHIST_LOG(maphist, " <-- done (mod/ref emul: changed pte from %#x to %#x)", 4424 opte, npte, 0, 0); 4425 } else if ((opte & L2_TYPE_MASK) == L2_TYPE_INV) { 4426 /* 4427 * This looks like a good candidate for "page referenced" 4428 * emulation. 4429 */ 4430 struct vm_page *pg; 4431 4432 /* Extract the physical address of the page */ 4433 if ((pg = PHYS_TO_VM_PAGE(pa)) == NULL) { 4434 UVMHIST_LOG(maphist, " <-- done (ref emul: unmanaged page)", 0, 0, 0, 0); 4435 goto out; 4436 } 4437 4438 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4439 4440 /* Get the current flags for this page. */ 4441 pmap_acquire_page_lock(md); 4442 struct pv_entry *pv = pmap_find_pv(md, pm, va); 4443 if (pv == NULL || PV_IS_KENTRY_P(pv->pv_flags)) { 4444 pmap_release_page_lock(md); 4445 UVMHIST_LOG(maphist, " <-- done (ref emul no PV)", 0, 0, 0, 0); 4446 goto out; 4447 } 4448 4449 md->pvh_attrs |= PVF_REF; 4450 pv->pv_flags |= PVF_REF; 4451 4452 pt_entry_t npte = 4453 l2pte_set_readonly((opte & ~L2_TYPE_MASK) | L2_S_PROTO); 4454 #ifdef ARM_MMU_EXTENDED 4455 if (pm != pmap_kernel()) { 4456 npte |= L2_XS_nG; 4457 } 4458 /* 4459 * If we got called from prefetch abort, then ftype will have 4460 * VM_PROT_EXECUTE set. Now see if we have no-execute set in 4461 * the PTE. 4462 */ 4463 if (user && (ftype & VM_PROT_EXECUTE) && (npte & L2_XS_XN)) { 4464 /* 4465 * Is this a mapping of an executable page? 4466 */ 4467 if ((pv->pv_flags & PVF_EXEC) == 0) { 4468 pmap_release_page_lock(md); 4469 UVMHIST_LOG(maphist, " <-- done (ref emul: no exec)", 4470 0, 0, 0, 0); 4471 goto out; 4472 } 4473 /* 4474 * If we haven't synced the page, do so now. 4475 */ 4476 if ((md->pvh_attrs & PVF_EXEC) == 0) { 4477 UVMHIST_LOG(maphist, " ref emul: syncicache page #%#x", 4478 pa, 0, 0, 0); 4479 pmap_syncicache_page(md, pa); 4480 PMAPCOUNT(fixup_exec); 4481 } 4482 npte &= ~L2_XS_XN; 4483 } 4484 #endif /* ARM_MMU_EXTENDED */ 4485 pmap_release_page_lock(md); 4486 l2pte_reset(ptep); 4487 PTE_SYNC(ptep); 4488 pmap_tlb_flush_SE(pm, va, 4489 (ftype & VM_PROT_EXECUTE) ? PVF_EXEC | PVF_REF : PVF_REF); 4490 l2pte_set(ptep, npte, 0); 4491 PTE_SYNC(ptep); 4492 PMAPCOUNT(fixup_ref); 4493 rv = 1; 4494 UVMHIST_LOG(maphist, " <-- done (ref emul: changed pte from %#x to %#x)", 4495 opte, npte, 0, 0); 4496 #ifdef ARM_MMU_EXTENDED 4497 } else if (user && (ftype & VM_PROT_EXECUTE) && (opte & L2_XS_XN)) { 4498 struct vm_page * const pg = PHYS_TO_VM_PAGE(pa); 4499 if (pg == NULL) { 4500 UVMHIST_LOG(maphist, " <-- done (unmanaged page)", 0, 0, 0, 0); 4501 goto out; 4502 } 4503 4504 struct vm_page_md * const md = VM_PAGE_TO_MD(pg); 4505 4506 /* Get the current flags for this page. */ 4507 pmap_acquire_page_lock(md); 4508 struct pv_entry * const pv = pmap_find_pv(md, pm, va); 4509 if (pv == NULL || (pv->pv_flags & PVF_EXEC) == 0) { 4510 pmap_release_page_lock(md); 4511 UVMHIST_LOG(maphist, " <-- done (no PV or not EXEC)", 0, 0, 0, 0); 4512 goto out; 4513 } 4514 4515 /* 4516 * If we haven't synced the page, do so now. 4517 */ 4518 if ((md->pvh_attrs & PVF_EXEC) == 0) { 4519 UVMHIST_LOG(maphist, "syncicache page #%#x", 4520 pa, 0, 0, 0); 4521 pmap_syncicache_page(md, pa); 4522 } 4523 pmap_release_page_lock(md); 4524 /* 4525 * Turn off no-execute. 4526 */ 4527 KASSERT(opte & L2_XS_nG); 4528 l2pte_reset(ptep); 4529 PTE_SYNC(ptep); 4530 pmap_tlb_flush_SE(pm, va, PVF_EXEC | PVF_REF); 4531 l2pte_set(ptep, opte & ~L2_XS_XN, 0); 4532 PTE_SYNC(ptep); 4533 rv = 1; 4534 PMAPCOUNT(fixup_exec); 4535 UVMHIST_LOG(maphist, "exec: changed pte from %#x to %#x", 4536 opte, opte & ~L2_XS_XN, 0, 0); 4537 #endif 4538 } 4539 4540 #ifndef ARM_MMU_EXTENDED 4541 /* 4542 * We know there is a valid mapping here, so simply 4543 * fix up the L1 if necessary. 4544 */ 4545 pd_entry_t * const pdep = pmap_l1_kva(pm) + l1slot; 4546 pd_entry_t pde = L1_C_PROTO | l2b->l2b_pa | L1_C_DOM(pmap_domain(pm)); 4547 if (*pdep != pde) { 4548 l1pte_setone(pdep, pde); 4549 PDE_SYNC(pdep); 4550 rv = 1; 4551 PMAPCOUNT(fixup_pdes); 4552 } 4553 #endif 4554 4555 #ifdef CPU_SA110 4556 /* 4557 * There are bugs in the rev K SA110. This is a check for one 4558 * of them. 4559 */ 4560 if (rv == 0 && curcpu()->ci_arm_cputype == CPU_ID_SA110 && 4561 curcpu()->ci_arm_cpurev < 3) { 4562 /* Always current pmap */ 4563 if (l2pte_valid_p(opte)) { 4564 extern int kernel_debug; 4565 if (kernel_debug & 1) { 4566 struct proc *p = curlwp->l_proc; 4567 printf("prefetch_abort: page is already " 4568 "mapped - pte=%p *pte=%08x\n", ptep, opte); 4569 printf("prefetch_abort: pc=%08lx proc=%p " 4570 "process=%s\n", va, p, p->p_comm); 4571 printf("prefetch_abort: far=%08x fs=%x\n", 4572 cpu_faultaddress(), cpu_faultstatus()); 4573 } 4574 #ifdef DDB 4575 if (kernel_debug & 2) 4576 Debugger(); 4577 #endif 4578 rv = 1; 4579 } 4580 } 4581 #endif /* CPU_SA110 */ 4582 4583 #ifndef ARM_MMU_EXTENDED 4584 /* 4585 * If 'rv == 0' at this point, it generally indicates that there is a 4586 * stale TLB entry for the faulting address. That might be due to a 4587 * wrong setting of pmap_needs_pte_sync. So set it and retry. 4588 */ 4589 if (rv == 0 4590 && pm->pm_l1->l1_domain_use_count == 1 4591 && pmap_needs_pte_sync == 0) { 4592 pmap_needs_pte_sync = 1; 4593 PTE_SYNC(ptep); 4594 PMAPCOUNT(fixup_ptesync); 4595 rv = 1; 4596 } 4597 #endif 4598 4599 #ifndef MULTIPROCESSOR 4600 #if defined(DEBUG) || 1 4601 /* 4602 * If 'rv == 0' at this point, it generally indicates that there is a 4603 * stale TLB entry for the faulting address. This happens when two or 4604 * more processes are sharing an L1. Since we don't flush the TLB on 4605 * a context switch between such processes, we can take domain faults 4606 * for mappings which exist at the same VA in both processes. EVEN IF 4607 * WE'VE RECENTLY FIXED UP THE CORRESPONDING L1 in pmap_enter(), for 4608 * example. 4609 * 4610 * This is extremely likely to happen if pmap_enter() updated the L1 4611 * entry for a recently entered mapping. In this case, the TLB is 4612 * flushed for the new mapping, but there may still be TLB entries for 4613 * other mappings belonging to other processes in the 1MB range 4614 * covered by the L1 entry. 4615 * 4616 * Since 'rv == 0', we know that the L1 already contains the correct 4617 * value, so the fault must be due to a stale TLB entry. 4618 * 4619 * Since we always need to flush the TLB anyway in the case where we 4620 * fixed up the L1, or frobbed the L2 PTE, we effectively deal with 4621 * stale TLB entries dynamically. 4622 * 4623 * However, the above condition can ONLY happen if the current L1 is 4624 * being shared. If it happens when the L1 is unshared, it indicates 4625 * that other parts of the pmap are not doing their job WRT managing 4626 * the TLB. 4627 */ 4628 if (rv == 0 4629 #ifndef ARM_MMU_EXTENDED 4630 && pm->pm_l1->l1_domain_use_count == 1 4631 #endif 4632 && true) { 4633 #ifdef DEBUG 4634 extern int last_fault_code; 4635 #else 4636 int last_fault_code = ftype & VM_PROT_EXECUTE 4637 ? armreg_ifsr_read() 4638 : armreg_dfsr_read(); 4639 #endif 4640 printf("fixup: pm %p, va 0x%lx, ftype %d - nothing to do!\n", 4641 pm, va, ftype); 4642 printf("fixup: l2 %p, l2b %p, ptep %p, pte %#x\n", 4643 l2, l2b, ptep, opte); 4644 4645 #ifndef ARM_MMU_EXTENDED 4646 printf("fixup: pdep %p, pde %#x, fsr %#x\n", 4647 pdep, pde, last_fault_code); 4648 #else 4649 printf("fixup: pdep %p, pde %#x, ttbcr %#x\n", 4650 &pmap_l1_kva(pm)[l1slot], pmap_l1_kva(pm)[l1slot], 4651 armreg_ttbcr_read()); 4652 printf("fixup: fsr %#x cpm %p casid %#x contextidr %#x dacr %#x\n", 4653 last_fault_code, curcpu()->ci_pmap_cur, 4654 curcpu()->ci_pmap_asid_cur, 4655 armreg_contextidr_read(), armreg_dacr_read()); 4656 #ifdef _ARM_ARCH_7 4657 if (ftype & VM_PROT_WRITE) 4658 armreg_ats1cuw_write(va); 4659 else 4660 armreg_ats1cur_write(va); 4661 arm_isb(); 4662 printf("fixup: par %#x\n", armreg_par_read()); 4663 #endif 4664 #endif 4665 #ifdef DDB 4666 extern int kernel_debug; 4667 4668 if (kernel_debug & 2) { 4669 pmap_release_pmap_lock(pm); 4670 #ifdef UVMHIST 4671 KERNHIST_DUMP(maphist); 4672 #endif 4673 cpu_Debugger(); 4674 pmap_acquire_pmap_lock(pm); 4675 } 4676 #endif 4677 } 4678 #endif 4679 #endif 4680 4681 #ifndef ARM_MMU_EXTENDED 4682 /* Flush the TLB in the shared L1 case - see comment above */ 4683 pmap_tlb_flush_SE(pm, va, 4684 (ftype & VM_PROT_EXECUTE) ? PVF_EXEC | PVF_REF : PVF_REF); 4685 #endif 4686 4687 rv = 1; 4688 4689 out: 4690 pmap_release_pmap_lock(pm); 4691 4692 return (rv); 4693 } 4694 4695 /* 4696 * Routine: pmap_procwr 4697 * 4698 * Function: 4699 * Synchronize caches corresponding to [addr, addr+len) in p. 4700 * 4701 */ 4702 void 4703 pmap_procwr(struct proc *p, vaddr_t va, int len) 4704 { 4705 /* We only need to do anything if it is the current process. */ 4706 if (p == curproc) 4707 cpu_icache_sync_range(va, len); 4708 } 4709 4710 /* 4711 * Routine: pmap_unwire 4712 * Function: Clear the wired attribute for a map/virtual-address pair. 4713 * 4714 * In/out conditions: 4715 * The mapping must already exist in the pmap. 4716 */ 4717 void 4718 pmap_unwire(pmap_t pm, vaddr_t va) 4719 { 4720 struct l2_bucket *l2b; 4721 pt_entry_t *ptep, pte; 4722 struct vm_page *pg; 4723 paddr_t pa; 4724 4725 NPDEBUG(PDB_WIRING, printf("pmap_unwire: pm %p, va 0x%08lx\n", pm, va)); 4726 4727 pmap_acquire_pmap_lock(pm); 4728 4729 l2b = pmap_get_l2_bucket(pm, va); 4730 KDASSERT(l2b != NULL); 4731 4732 ptep = &l2b->l2b_kva[l2pte_index(va)]; 4733 pte = *ptep; 4734 4735 /* Extract the physical address of the page */ 4736 pa = l2pte_pa(pte); 4737 4738 if ((pg = PHYS_TO_VM_PAGE(pa)) != NULL) { 4739 /* Update the wired bit in the pv entry for this page. */ 4740 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 4741 4742 pmap_acquire_page_lock(md); 4743 (void) pmap_modify_pv(md, pa, pm, va, PVF_WIRED, 0); 4744 pmap_release_page_lock(md); 4745 } 4746 4747 pmap_release_pmap_lock(pm); 4748 } 4749 4750 void 4751 pmap_activate(struct lwp *l) 4752 { 4753 struct cpu_info * const ci = curcpu(); 4754 extern int block_userspace_access; 4755 pmap_t npm = l->l_proc->p_vmspace->vm_map.pmap; 4756 #ifdef ARM_MMU_EXTENDED 4757 struct pmap_asid_info * const pai = PMAP_PAI(npm, cpu_tlb_info(ci)); 4758 #endif 4759 4760 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 4761 4762 UVMHIST_LOG(maphist, "(l=%#x) pm=%#x", l, npm, 0, 0); 4763 4764 /* 4765 * If activating a non-current lwp or the current lwp is 4766 * already active, just return. 4767 */ 4768 if (false 4769 || l != curlwp 4770 #ifdef ARM_MMU_EXTENDED 4771 || (ci->ci_pmap_cur == npm && 4772 (npm == pmap_kernel() 4773 /* || PMAP_PAI_ASIDVALID_P(pai, cpu_tlb_info(ci)) */)) 4774 #else 4775 || npm->pm_activated == true 4776 #endif 4777 || false) { 4778 UVMHIST_LOG(maphist, " <-- (same pmap)", curlwp, l, 0, 0); 4779 return; 4780 } 4781 4782 #ifndef ARM_MMU_EXTENDED 4783 const uint32_t ndacr = (DOMAIN_CLIENT << (PMAP_DOMAIN_KERNEL * 2)) 4784 | (DOMAIN_CLIENT << (pmap_domain(npm) * 2)); 4785 4786 /* 4787 * If TTB and DACR are unchanged, short-circuit all the 4788 * TLB/cache management stuff. 4789 */ 4790 pmap_t opm = ci->ci_lastlwp 4791 ? ci->ci_lastlwp->l_proc->p_vmspace->vm_map.pmap 4792 : NULL; 4793 if (opm != NULL) { 4794 uint32_t odacr = (DOMAIN_CLIENT << (PMAP_DOMAIN_KERNEL * 2)) 4795 | (DOMAIN_CLIENT << (pmap_domain(opm) * 2)); 4796 4797 if (opm->pm_l1 == npm->pm_l1 && odacr == ndacr) 4798 goto all_done; 4799 } 4800 #endif /* !ARM_MMU_EXTENDED */ 4801 4802 PMAPCOUNT(activations); 4803 block_userspace_access = 1; 4804 4805 #ifndef ARM_MMU_EXTENDED 4806 /* 4807 * If switching to a user vmspace which is different to the 4808 * most recent one, and the most recent one is potentially 4809 * live in the cache, we must write-back and invalidate the 4810 * entire cache. 4811 */ 4812 pmap_t rpm = ci->ci_pmap_lastuser; 4813 #endif 4814 4815 /* 4816 * XXXSCW: There's a corner case here which can leave turds in the cache as 4817 * reported in kern/41058. They're probably left over during tear-down and 4818 * switching away from an exiting process. Until the root cause is identified 4819 * and fixed, zap the cache when switching pmaps. This will result in a few 4820 * unnecessary cache flushes, but that's better than silently corrupting data. 4821 */ 4822 #ifndef ARM_MMU_EXTENDED 4823 #if 0 4824 if (npm != pmap_kernel() && rpm && npm != rpm && 4825 rpm->pm_cstate.cs_cache) { 4826 rpm->pm_cstate.cs_cache = 0; 4827 #ifdef PMAP_CACHE_VIVT 4828 cpu_idcache_wbinv_all(); 4829 #endif 4830 } 4831 #else 4832 if (rpm) { 4833 rpm->pm_cstate.cs_cache = 0; 4834 if (npm == pmap_kernel()) 4835 ci->ci_pmap_lastuser = NULL; 4836 #ifdef PMAP_CACHE_VIVT 4837 cpu_idcache_wbinv_all(); 4838 #endif 4839 } 4840 #endif 4841 4842 /* No interrupts while we frob the TTB/DACR */ 4843 uint32_t oldirqstate = disable_interrupts(IF32_bits); 4844 #endif /* !ARM_MMU_EXTENDED */ 4845 4846 #ifndef ARM_HAS_VBAR 4847 /* 4848 * For ARM_VECTORS_LOW, we MUST, I repeat, MUST fix up the L1 4849 * entry corresponding to 'vector_page' in the incoming L1 table 4850 * before switching to it otherwise subsequent interrupts/exceptions 4851 * (including domain faults!) will jump into hyperspace. 4852 */ 4853 if (npm->pm_pl1vec != NULL) { 4854 cpu_tlb_flushID_SE((u_int)vector_page); 4855 cpu_cpwait(); 4856 *npm->pm_pl1vec = npm->pm_l1vec; 4857 PTE_SYNC(npm->pm_pl1vec); 4858 } 4859 #endif 4860 4861 #ifdef ARM_MMU_EXTENDED 4862 /* 4863 * Assume that TTBR1 has only global mappings and TTBR0 only has 4864 * non-global mappings. To prevent speculation from doing evil things 4865 * we disable translation table walks using TTBR0 before setting the 4866 * CONTEXTIDR (ASID) or new TTBR0 value. Once both are set, table 4867 * walks are reenabled. 4868 */ 4869 UVMHIST_LOG(maphist, " acquiring asid", 0, 0, 0, 0); 4870 const uint32_t old_ttbcr = armreg_ttbcr_read(); 4871 armreg_ttbcr_write(old_ttbcr | TTBCR_S_PD0); 4872 arm_isb(); 4873 pmap_tlb_asid_acquire(npm, l); 4874 UVMHIST_LOG(maphist, " setting ttbr pa=%#x asid=%#x", npm->pm_l1_pa, pai->pai_asid, 0, 0); 4875 cpu_setttb(npm->pm_l1_pa, pai->pai_asid); 4876 /* 4877 * Now we can reenable tablewalks since the CONTEXTIDR and TTRB0 have 4878 * been updated. 4879 */ 4880 arm_isb(); 4881 if (npm != pmap_kernel()) { 4882 armreg_ttbcr_write(old_ttbcr & ~TTBCR_S_PD0); 4883 } 4884 cpu_cpwait(); 4885 ci->ci_pmap_asid_cur = pai->pai_asid; 4886 #else 4887 cpu_domains(ndacr); 4888 if (npm == pmap_kernel() || npm == rpm) { 4889 /* 4890 * Switching to a kernel thread, or back to the 4891 * same user vmspace as before... Simply update 4892 * the TTB (no TLB flush required) 4893 */ 4894 cpu_setttb(npm->pm_l1->l1_physaddr, false); 4895 cpu_cpwait(); 4896 } else { 4897 /* 4898 * Otherwise, update TTB and flush TLB 4899 */ 4900 cpu_context_switch(npm->pm_l1->l1_physaddr); 4901 if (rpm != NULL) 4902 rpm->pm_cstate.cs_tlb = 0; 4903 } 4904 4905 restore_interrupts(oldirqstate); 4906 #endif /* ARM_MMU_EXTENDED */ 4907 4908 block_userspace_access = 0; 4909 4910 #ifndef ARM_MMU_EXTENDED 4911 all_done: 4912 /* 4913 * The new pmap is resident. Make sure it's marked 4914 * as resident in the cache/TLB. 4915 */ 4916 npm->pm_cstate.cs_all = PMAP_CACHE_STATE_ALL; 4917 if (npm != pmap_kernel()) 4918 ci->ci_pmap_lastuser = npm; 4919 4920 /* The old pmap is not longer active */ 4921 if (opm != npm) { 4922 if (opm != NULL) 4923 opm->pm_activated = false; 4924 4925 /* But the new one is */ 4926 npm->pm_activated = true; 4927 } 4928 #endif 4929 ci->ci_pmap_cur = npm; 4930 UVMHIST_LOG(maphist, " <-- done", 0, 0, 0, 0); 4931 } 4932 4933 void 4934 pmap_deactivate(struct lwp *l) 4935 { 4936 pmap_t pm = l->l_proc->p_vmspace->vm_map.pmap; 4937 4938 UVMHIST_FUNC(__func__); UVMHIST_CALLED(maphist); 4939 4940 UVMHIST_LOG(maphist, "(l=%#x) pm=%#x", l, pm, 0, 0); 4941 4942 #ifdef ARM_MMU_EXTENDED 4943 kpreempt_disable(); 4944 struct cpu_info * const ci = curcpu(); 4945 /* 4946 * Disable translation table walks from TTBR0 while no pmap has been 4947 * activated. 4948 */ 4949 const uint32_t old_ttbcr = armreg_ttbcr_read(); 4950 armreg_ttbcr_write(old_ttbcr | TTBCR_S_PD0); 4951 arm_isb(); 4952 pmap_tlb_asid_deactivate(pm); 4953 cpu_setttb(pmap_kernel()->pm_l1_pa, KERNEL_PID); 4954 ci->ci_pmap_cur = pmap_kernel(); 4955 ci->ci_pmap_asid_cur = KERNEL_PID; 4956 kpreempt_enable(); 4957 #else 4958 /* 4959 * If the process is exiting, make sure pmap_activate() does 4960 * a full MMU context-switch and cache flush, which we might 4961 * otherwise skip. See PR port-arm/38950. 4962 */ 4963 if (l->l_proc->p_sflag & PS_WEXIT) 4964 curcpu()->ci_lastlwp = NULL; 4965 4966 pm->pm_activated = false; 4967 #endif 4968 UVMHIST_LOG(maphist, " <-- done", 0, 0, 0, 0); 4969 } 4970 4971 void 4972 pmap_update(pmap_t pm) 4973 { 4974 4975 if (pm->pm_remove_all) { 4976 #ifdef ARM_MMU_EXTENDED 4977 KASSERTMSG(curcpu()->ci_pmap_cur != pm || pm->pm_pai[0].pai_asid == curcpu()->ci_pmap_asid_cur, "pmap/asid %p/%#x != %s cur pmap/asid %p/%#x", pm, pm->pm_pai[0].pai_asid, curcpu()->ci_data.cpu_name, curcpu()->ci_pmap_cur, curcpu()->ci_pmap_asid_cur); 4978 /* 4979 * Finish up the pmap_remove_all() optimisation by flushing 4980 * all our ASIDs. 4981 */ 4982 pmap_tlb_asid_release_all(pm); 4983 #else 4984 /* 4985 * Finish up the pmap_remove_all() optimisation by flushing 4986 * the TLB. 4987 */ 4988 pmap_tlb_flushID(pm); 4989 #endif 4990 pm->pm_remove_all = false; 4991 } 4992 4993 #ifdef ARM_MMU_EXTENDED 4994 #if defined(MULTIPROCESSOR) 4995 armreg_bpiallis_write(0); 4996 #else 4997 armreg_bpiall_write(0); 4998 #endif 4999 5000 #if defined(MULTIPROCESSOR) && PMAP_MAX_TLB > 1 5001 u_int pending = atomic_swap_uint(&pmap->pm_shootdown_pending, 0); 5002 if (pending && pmap_tlb_shootdown_bystanders(pmap)) { 5003 PMAP_COUNT(shootdown_ipis); 5004 } 5005 #endif 5006 KASSERTMSG(curcpu()->ci_pmap_cur != pm || pm->pm_pai[0].pai_asid == curcpu()->ci_pmap_asid_cur, "pmap/asid %p/%#x != %s cur pmap/asid %p/%#x", pm, pm->pm_pai[0].pai_asid, curcpu()->ci_data.cpu_name, curcpu()->ci_pmap_cur, curcpu()->ci_pmap_asid_cur); 5007 #else 5008 if (pmap_is_current(pm)) { 5009 /* 5010 * If we're dealing with a current userland pmap, move its L1 5011 * to the end of the LRU. 5012 */ 5013 if (pm != pmap_kernel()) 5014 pmap_use_l1(pm); 5015 5016 /* 5017 * We can assume we're done with frobbing the cache/tlb for 5018 * now. Make sure any future pmap ops don't skip cache/tlb 5019 * flushes. 5020 */ 5021 pm->pm_cstate.cs_all = PMAP_CACHE_STATE_ALL; 5022 } 5023 #endif 5024 5025 PMAPCOUNT(updates); 5026 5027 /* 5028 * make sure TLB/cache operations have completed. 5029 */ 5030 cpu_cpwait(); 5031 } 5032 5033 void 5034 pmap_remove_all(pmap_t pm) 5035 { 5036 5037 /* 5038 * The vmspace described by this pmap is about to be torn down. 5039 * Until pmap_update() is called, UVM will only make calls 5040 * to pmap_remove(). We can make life much simpler by flushing 5041 * the cache now, and deferring TLB invalidation to pmap_update(). 5042 */ 5043 #ifdef PMAP_CACHE_VIVT 5044 pmap_cache_wbinv_all(pm, PVF_EXEC); 5045 #endif 5046 pm->pm_remove_all = true; 5047 } 5048 5049 /* 5050 * Retire the given physical map from service. 5051 * Should only be called if the map contains no valid mappings. 5052 */ 5053 void 5054 pmap_destroy(pmap_t pm) 5055 { 5056 u_int count; 5057 5058 if (pm == NULL) 5059 return; 5060 5061 if (pm->pm_remove_all) { 5062 pmap_tlb_flushID(pm); 5063 pm->pm_remove_all = false; 5064 } 5065 5066 /* 5067 * Drop reference count 5068 */ 5069 mutex_enter(pm->pm_lock); 5070 count = --pm->pm_obj.uo_refs; 5071 mutex_exit(pm->pm_lock); 5072 if (count > 0) { 5073 #ifndef ARM_MMU_EXTENDED 5074 if (pmap_is_current(pm)) { 5075 if (pm != pmap_kernel()) 5076 pmap_use_l1(pm); 5077 pm->pm_cstate.cs_all = PMAP_CACHE_STATE_ALL; 5078 } 5079 #endif 5080 return; 5081 } 5082 5083 /* 5084 * reference count is zero, free pmap resources and then free pmap. 5085 */ 5086 5087 #ifndef ARM_HAS_VBAR 5088 if (vector_page < KERNEL_BASE) { 5089 KDASSERT(!pmap_is_current(pm)); 5090 5091 /* Remove the vector page mapping */ 5092 pmap_remove(pm, vector_page, vector_page + PAGE_SIZE); 5093 pmap_update(pm); 5094 } 5095 #endif 5096 5097 LIST_REMOVE(pm, pm_list); 5098 5099 pmap_free_l1(pm); 5100 5101 #ifdef ARM_MMU_EXTENDED 5102 #ifdef MULTIPROCESSOR 5103 kcpuset_destroy(pm->pm_active); 5104 kcpuset_destroy(pm->pm_onproc); 5105 #endif 5106 #else 5107 struct cpu_info * const ci = curcpu(); 5108 if (ci->ci_pmap_lastuser == pm) 5109 ci->ci_pmap_lastuser = NULL; 5110 #endif 5111 5112 uvm_obj_destroy(&pm->pm_obj, false); 5113 mutex_destroy(&pm->pm_obj_lock); 5114 pool_cache_put(&pmap_cache, pm); 5115 } 5116 5117 5118 /* 5119 * void pmap_reference(pmap_t pm) 5120 * 5121 * Add a reference to the specified pmap. 5122 */ 5123 void 5124 pmap_reference(pmap_t pm) 5125 { 5126 5127 if (pm == NULL) 5128 return; 5129 5130 #ifndef ARM_MMU_EXTENDED 5131 pmap_use_l1(pm); 5132 #endif 5133 5134 mutex_enter(pm->pm_lock); 5135 pm->pm_obj.uo_refs++; 5136 mutex_exit(pm->pm_lock); 5137 } 5138 5139 #if (ARM_MMU_V6 + ARM_MMU_V7) > 0 5140 5141 static struct evcnt pmap_prefer_nochange_ev = 5142 EVCNT_INITIALIZER(EVCNT_TYPE_MISC, NULL, "pmap prefer", "nochange"); 5143 static struct evcnt pmap_prefer_change_ev = 5144 EVCNT_INITIALIZER(EVCNT_TYPE_MISC, NULL, "pmap prefer", "change"); 5145 5146 EVCNT_ATTACH_STATIC(pmap_prefer_change_ev); 5147 EVCNT_ATTACH_STATIC(pmap_prefer_nochange_ev); 5148 5149 void 5150 pmap_prefer(vaddr_t hint, vaddr_t *vap, int td) 5151 { 5152 vsize_t mask = arm_cache_prefer_mask | (PAGE_SIZE - 1); 5153 vaddr_t va = *vap; 5154 vaddr_t diff = (hint - va) & mask; 5155 if (diff == 0) { 5156 pmap_prefer_nochange_ev.ev_count++; 5157 } else { 5158 pmap_prefer_change_ev.ev_count++; 5159 if (__predict_false(td)) 5160 va -= mask + 1; 5161 *vap = va + diff; 5162 } 5163 } 5164 #endif /* ARM_MMU_V6 | ARM_MMU_V7 */ 5165 5166 /* 5167 * pmap_zero_page() 5168 * 5169 * Zero a given physical page by mapping it at a page hook point. 5170 * In doing the zero page op, the page we zero is mapped cachable, as with 5171 * StrongARM accesses to non-cached pages are non-burst making writing 5172 * _any_ bulk data very slow. 5173 */ 5174 #if (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6 + ARM_MMU_V7) != 0 5175 void 5176 pmap_zero_page_generic(paddr_t pa) 5177 { 5178 #if defined(PMAP_CACHE_VIPT) || defined(DEBUG) 5179 struct vm_page *pg = PHYS_TO_VM_PAGE(pa); 5180 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 5181 #endif 5182 #if defined(PMAP_CACHE_VIPT) 5183 /* Choose the last page color it had, if any */ 5184 const vsize_t va_offset = md->pvh_attrs & arm_cache_prefer_mask; 5185 #else 5186 const vsize_t va_offset = 0; 5187 #endif 5188 #if defined(__HAVE_MM_MD_DIRECT_MAPPED_PHYS) 5189 /* 5190 * Is this page mapped at its natural color? 5191 * If we have all of memory mapped, then just convert PA to VA. 5192 */ 5193 bool okcolor = arm_pcache.dcache_type == CACHE_TYPE_PIPT 5194 || va_offset == (pa & arm_cache_prefer_mask); 5195 const vaddr_t vdstp = okcolor 5196 ? pmap_direct_mapped_phys(pa, &okcolor, cpu_cdstp(va_offset)) 5197 : cpu_cdstp(va_offset); 5198 #else 5199 const bool okcolor = false; 5200 const vaddr_t vdstp = cpu_cdstp(va_offset); 5201 #endif 5202 pt_entry_t * const ptep = cpu_cdst_pte(va_offset); 5203 5204 5205 #ifdef DEBUG 5206 if (!SLIST_EMPTY(&md->pvh_list)) 5207 panic("pmap_zero_page: page has mappings"); 5208 #endif 5209 5210 KDASSERT((pa & PGOFSET) == 0); 5211 5212 if (!okcolor) { 5213 /* 5214 * Hook in the page, zero it, and purge the cache for that 5215 * zeroed page. Invalidate the TLB as needed. 5216 */ 5217 const pt_entry_t npte = L2_S_PROTO | pa | pte_l2_s_cache_mode 5218 | L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE); 5219 l2pte_set(ptep, npte, 0); 5220 PTE_SYNC(ptep); 5221 cpu_tlb_flushD_SE(vdstp); 5222 cpu_cpwait(); 5223 #if defined(__HAVE_MM_MD_DIRECT_MAPPED_PHYS) && defined(PMAP_CACHE_VIPT) \ 5224 && !defined(ARM_MMU_EXTENDED) 5225 /* 5226 * If we are direct-mapped and our color isn't ok, then before 5227 * we bzero the page invalidate its contents from the cache and 5228 * reset the color to its natural color. 5229 */ 5230 cpu_dcache_inv_range(vdstp, PAGE_SIZE); 5231 md->pvh_attrs &= ~arm_cache_prefer_mask; 5232 md->pvh_attrs |= (pa & arm_cache_prefer_mask); 5233 #endif 5234 } 5235 bzero_page(vdstp); 5236 if (!okcolor) { 5237 /* 5238 * Unmap the page. 5239 */ 5240 l2pte_reset(ptep); 5241 PTE_SYNC(ptep); 5242 cpu_tlb_flushD_SE(vdstp); 5243 #ifdef PMAP_CACHE_VIVT 5244 cpu_dcache_wbinv_range(vdstp, PAGE_SIZE); 5245 #endif 5246 } 5247 #ifdef PMAP_CACHE_VIPT 5248 /* 5249 * This page is now cache resident so it now has a page color. 5250 * Any contents have been obliterated so clear the EXEC flag. 5251 */ 5252 #ifndef ARM_MMU_EXTENDED 5253 if (!pmap_is_page_colored_p(md)) { 5254 PMAPCOUNT(vac_color_new); 5255 md->pvh_attrs |= PVF_COLORED; 5256 } 5257 md->pvh_attrs |= PVF_DIRTY; 5258 #endif 5259 if (PV_IS_EXEC_P(md->pvh_attrs)) { 5260 md->pvh_attrs &= ~PVF_EXEC; 5261 PMAPCOUNT(exec_discarded_zero); 5262 } 5263 #endif 5264 } 5265 #endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6) != 0 */ 5266 5267 #if ARM_MMU_XSCALE == 1 5268 void 5269 pmap_zero_page_xscale(paddr_t pa) 5270 { 5271 #ifdef DEBUG 5272 struct vm_page *pg = PHYS_TO_VM_PAGE(pa); 5273 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 5274 5275 if (!SLIST_EMPTY(&md->pvh_list)) 5276 panic("pmap_zero_page: page has mappings"); 5277 #endif 5278 5279 KDASSERT((pa & PGOFSET) == 0); 5280 5281 /* 5282 * Hook in the page, zero it, and purge the cache for that 5283 * zeroed page. Invalidate the TLB as needed. 5284 */ 5285 5286 pt_entry_t npte = L2_S_PROTO | pa | 5287 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | 5288 L2_C | L2_XS_T_TEX(TEX_XSCALE_X); /* mini-data */ 5289 l2pte_set(cdst_pte, npte, 0); 5290 PTE_SYNC(cdst_pte); 5291 cpu_tlb_flushD_SE(cdstp); 5292 cpu_cpwait(); 5293 bzero_page(cdstp); 5294 xscale_cache_clean_minidata(); 5295 l2pte_reset(cdst_pte); 5296 PTE_SYNC(cdst_pte); 5297 } 5298 #endif /* ARM_MMU_XSCALE == 1 */ 5299 5300 /* pmap_pageidlezero() 5301 * 5302 * The same as above, except that we assume that the page is not 5303 * mapped. This means we never have to flush the cache first. Called 5304 * from the idle loop. 5305 */ 5306 bool 5307 pmap_pageidlezero(paddr_t pa) 5308 { 5309 bool rv = true; 5310 #if defined(PMAP_CACHE_VIPT) || defined(DEBUG) 5311 struct vm_page * const pg = PHYS_TO_VM_PAGE(pa); 5312 struct vm_page_md *md = VM_PAGE_TO_MD(pg); 5313 #endif 5314 #ifdef PMAP_CACHE_VIPT 5315 /* Choose the last page color it had, if any */ 5316 const vsize_t va_offset = md->pvh_attrs & arm_cache_prefer_mask; 5317 #else 5318 const vsize_t va_offset = 0; 5319 #endif 5320 #ifdef __HAVE_MM_MD_DIRECT_MAPPED_PHYS 5321 bool okcolor = arm_pcache.dcache_type == CACHE_TYPE_PIPT 5322 || va_offset == (pa & arm_cache_prefer_mask); 5323 const vaddr_t vdstp = okcolor 5324 ? pmap_direct_mapped_phys(pa, &okcolor, cpu_cdstp(va_offset)) 5325 : cpu_cdstp(va_offset); 5326 #else 5327 const bool okcolor = false; 5328 const vaddr_t vdstp = cpu_cdstp(va_offset); 5329 #endif 5330 pt_entry_t * const ptep = cpu_cdst_pte(va_offset); 5331 5332 5333 #ifdef DEBUG 5334 if (!SLIST_EMPTY(&md->pvh_list)) 5335 panic("pmap_pageidlezero: page has mappings"); 5336 #endif 5337 5338 KDASSERT((pa & PGOFSET) == 0); 5339 5340 if (!okcolor) { 5341 /* 5342 * Hook in the page, zero it, and purge the cache for that 5343 * zeroed page. Invalidate the TLB as needed. 5344 */ 5345 const pt_entry_t npte = L2_S_PROTO | pa | 5346 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 5347 l2pte_set(ptep, npte, 0); 5348 PTE_SYNC(ptep); 5349 cpu_tlb_flushD_SE(vdstp); 5350 cpu_cpwait(); 5351 } 5352 5353 uint64_t *ptr = (uint64_t *)vdstp; 5354 for (size_t i = 0; i < PAGE_SIZE / sizeof(*ptr); i++) { 5355 if (sched_curcpu_runnable_p() != 0) { 5356 /* 5357 * A process has become ready. Abort now, 5358 * so we don't keep it waiting while we 5359 * do slow memory access to finish this 5360 * page. 5361 */ 5362 rv = false; 5363 break; 5364 } 5365 *ptr++ = 0; 5366 } 5367 5368 #ifdef PMAP_CACHE_VIVT 5369 if (rv) 5370 /* 5371 * if we aborted we'll rezero this page again later so don't 5372 * purge it unless we finished it 5373 */ 5374 cpu_dcache_wbinv_range(vdstp, PAGE_SIZE); 5375 #elif defined(PMAP_CACHE_VIPT) 5376 /* 5377 * This page is now cache resident so it now has a page color. 5378 * Any contents have been obliterated so clear the EXEC flag. 5379 */ 5380 #ifndef ARM_MMU_EXTENDED 5381 if (!pmap_is_page_colored_p(md)) { 5382 PMAPCOUNT(vac_color_new); 5383 md->pvh_attrs |= PVF_COLORED; 5384 } 5385 #endif 5386 if (PV_IS_EXEC_P(md->pvh_attrs)) { 5387 md->pvh_attrs &= ~PVF_EXEC; 5388 PMAPCOUNT(exec_discarded_zero); 5389 } 5390 #endif 5391 /* 5392 * Unmap the page. 5393 */ 5394 if (!okcolor) { 5395 l2pte_reset(ptep); 5396 PTE_SYNC(ptep); 5397 cpu_tlb_flushD_SE(vdstp); 5398 } 5399 5400 return rv; 5401 } 5402 5403 /* 5404 * pmap_copy_page() 5405 * 5406 * Copy one physical page into another, by mapping the pages into 5407 * hook points. The same comment regarding cachability as in 5408 * pmap_zero_page also applies here. 5409 */ 5410 #if (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6 + ARM_MMU_V7) != 0 5411 void 5412 pmap_copy_page_generic(paddr_t src, paddr_t dst) 5413 { 5414 struct vm_page * const src_pg = PHYS_TO_VM_PAGE(src); 5415 struct vm_page_md *src_md = VM_PAGE_TO_MD(src_pg); 5416 #if defined(PMAP_CACHE_VIPT) || defined(DEBUG) 5417 struct vm_page * const dst_pg = PHYS_TO_VM_PAGE(dst); 5418 struct vm_page_md *dst_md = VM_PAGE_TO_MD(dst_pg); 5419 #endif 5420 #ifdef PMAP_CACHE_VIPT 5421 const vsize_t src_va_offset = src_md->pvh_attrs & arm_cache_prefer_mask; 5422 const vsize_t dst_va_offset = dst_md->pvh_attrs & arm_cache_prefer_mask; 5423 #else 5424 const vsize_t src_va_offset = 0; 5425 const vsize_t dst_va_offset = 0; 5426 #endif 5427 #if defined(__HAVE_MM_MD_DIRECT_MAPPED_PHYS) 5428 /* 5429 * Is this page mapped at its natural color? 5430 * If we have all of memory mapped, then just convert PA to VA. 5431 */ 5432 bool src_okcolor = arm_pcache.dcache_type == CACHE_TYPE_PIPT 5433 || src_va_offset == (src & arm_cache_prefer_mask); 5434 bool dst_okcolor = arm_pcache.dcache_type == CACHE_TYPE_PIPT 5435 || dst_va_offset == (dst & arm_cache_prefer_mask); 5436 const vaddr_t vsrcp = src_okcolor 5437 ? pmap_direct_mapped_phys(src, &src_okcolor, 5438 cpu_csrcp(src_va_offset)) 5439 : cpu_csrcp(src_va_offset); 5440 const vaddr_t vdstp = pmap_direct_mapped_phys(dst, &dst_okcolor, 5441 cpu_cdstp(dst_va_offset)); 5442 #else 5443 const bool src_okcolor = false; 5444 const bool dst_okcolor = false; 5445 const vaddr_t vsrcp = cpu_csrcp(src_va_offset); 5446 const vaddr_t vdstp = cpu_cdstp(dst_va_offset); 5447 #endif 5448 pt_entry_t * const src_ptep = cpu_csrc_pte(src_va_offset); 5449 pt_entry_t * const dst_ptep = cpu_cdst_pte(dst_va_offset); 5450 5451 #ifdef DEBUG 5452 if (!SLIST_EMPTY(&dst_md->pvh_list)) 5453 panic("pmap_copy_page: dst page has mappings"); 5454 #endif 5455 5456 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 5457 KASSERT(arm_cache_prefer_mask == 0 || src_md->pvh_attrs & (PVF_COLORED|PVF_NC)); 5458 #endif 5459 KDASSERT((src & PGOFSET) == 0); 5460 KDASSERT((dst & PGOFSET) == 0); 5461 5462 /* 5463 * Clean the source page. Hold the source page's lock for 5464 * the duration of the copy so that no other mappings can 5465 * be created while we have a potentially aliased mapping. 5466 */ 5467 #ifdef PMAP_CACHE_VIVT 5468 pmap_acquire_page_lock(src_md); 5469 (void) pmap_clean_page(src_md, true); 5470 pmap_release_page_lock(src_md); 5471 #endif 5472 5473 /* 5474 * Map the pages into the page hook points, copy them, and purge 5475 * the cache for the appropriate page. Invalidate the TLB 5476 * as required. 5477 */ 5478 if (!src_okcolor) { 5479 const pt_entry_t nsrc_pte = L2_S_PROTO 5480 | src 5481 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 5482 | ((src_md->pvh_attrs & PVF_NC) ? 0 : pte_l2_s_cache_mode) 5483 #else // defined(PMAP_CACHE_VIVT) || defined(ARM_MMU_EXTENDED) 5484 | pte_l2_s_cache_mode 5485 #endif 5486 | L2_S_PROT(PTE_KERNEL, VM_PROT_READ); 5487 l2pte_set(src_ptep, nsrc_pte, 0); 5488 PTE_SYNC(src_ptep); 5489 cpu_tlb_flushD_SE(vsrcp); 5490 cpu_cpwait(); 5491 } 5492 if (!dst_okcolor) { 5493 const pt_entry_t ndst_pte = L2_S_PROTO | dst | 5494 L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) | pte_l2_s_cache_mode; 5495 l2pte_set(dst_ptep, ndst_pte, 0); 5496 PTE_SYNC(dst_ptep); 5497 cpu_tlb_flushD_SE(vdstp); 5498 cpu_cpwait(); 5499 #if defined(__HAVE_MM_MD_DIRECT_MAPPED_PHYS) && defined(PMAP_CACHE_VIPT) 5500 /* 5501 * If we are direct-mapped and our color isn't ok, then before 5502 * we bcopy to the new page invalidate its contents from the 5503 * cache and reset its color to its natural color. 5504 */ 5505 cpu_dcache_inv_range(vdstp, PAGE_SIZE); 5506 dst_md->pvh_attrs &= ~arm_cache_prefer_mask; 5507 dst_md->pvh_attrs |= (dst & arm_cache_prefer_mask); 5508 #endif 5509 } 5510 bcopy_page(vsrcp, vdstp); 5511 #ifdef PMAP_CACHE_VIVT 5512 cpu_dcache_inv_range(vsrcp, PAGE_SIZE); 5513 cpu_dcache_wbinv_range(vdstp, PAGE_SIZE); 5514 #endif 5515 /* 5516 * Unmap the pages. 5517 */ 5518 if (!src_okcolor) { 5519 l2pte_reset(src_ptep); 5520 PTE_SYNC(src_ptep); 5521 cpu_tlb_flushD_SE(vsrcp); 5522 cpu_cpwait(); 5523 } 5524 if (!dst_okcolor) { 5525 l2pte_reset(dst_ptep); 5526 PTE_SYNC(dst_ptep); 5527 cpu_tlb_flushD_SE(vdstp); 5528 cpu_cpwait(); 5529 } 5530 #ifdef PMAP_CACHE_VIPT 5531 /* 5532 * Now that the destination page is in the cache, mark it as colored. 5533 * If this was an exec page, discard it. 5534 */ 5535 pmap_acquire_page_lock(dst_md); 5536 #ifndef ARM_MMU_EXTENDED 5537 if (arm_pcache.cache_type == CACHE_TYPE_PIPT) { 5538 dst_md->pvh_attrs &= ~arm_cache_prefer_mask; 5539 dst_md->pvh_attrs |= (dst & arm_cache_prefer_mask); 5540 } 5541 if (!pmap_is_page_colored_p(dst_md)) { 5542 PMAPCOUNT(vac_color_new); 5543 dst_md->pvh_attrs |= PVF_COLORED; 5544 } 5545 dst_md->pvh_attrs |= PVF_DIRTY; 5546 #endif 5547 if (PV_IS_EXEC_P(dst_md->pvh_attrs)) { 5548 dst_md->pvh_attrs &= ~PVF_EXEC; 5549 PMAPCOUNT(exec_discarded_copy); 5550 } 5551 pmap_release_page_lock(dst_md); 5552 #endif 5553 } 5554 #endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6) != 0 */ 5555 5556 #if ARM_MMU_XSCALE == 1 5557 void 5558 pmap_copy_page_xscale(paddr_t src, paddr_t dst) 5559 { 5560 struct vm_page *src_pg = PHYS_TO_VM_PAGE(src); 5561 struct vm_page_md *src_md = VM_PAGE_TO_MD(src_pg); 5562 #ifdef DEBUG 5563 struct vm_page_md *dst_md = VM_PAGE_TO_MD(PHYS_TO_VM_PAGE(dst)); 5564 5565 if (!SLIST_EMPTY(&dst_md->pvh_list)) 5566 panic("pmap_copy_page: dst page has mappings"); 5567 #endif 5568 5569 KDASSERT((src & PGOFSET) == 0); 5570 KDASSERT((dst & PGOFSET) == 0); 5571 5572 /* 5573 * Clean the source page. Hold the source page's lock for 5574 * the duration of the copy so that no other mappings can 5575 * be created while we have a potentially aliased mapping. 5576 */ 5577 #ifdef PMAP_CACHE_VIVT 5578 pmap_acquire_page_lock(src_md); 5579 (void) pmap_clean_page(src_md, true); 5580 pmap_release_page_lock(src_md); 5581 #endif 5582 5583 /* 5584 * Map the pages into the page hook points, copy them, and purge 5585 * the cache for the appropriate page. Invalidate the TLB 5586 * as required. 5587 */ 5588 const pt_entry_t nsrc_pte = L2_S_PROTO | src 5589 | L2_S_PROT(PTE_KERNEL, VM_PROT_READ) 5590 | L2_C | L2_XS_T_TEX(TEX_XSCALE_X); /* mini-data */ 5591 l2pte_set(csrc_pte, nsrc_pte, 0); 5592 PTE_SYNC(csrc_pte); 5593 5594 const pt_entry_t ndst_pte = L2_S_PROTO | dst 5595 | L2_S_PROT(PTE_KERNEL, VM_PROT_WRITE) 5596 | L2_C | L2_XS_T_TEX(TEX_XSCALE_X); /* mini-data */ 5597 l2pte_set(cdst_pte, ndst_pte, 0); 5598 PTE_SYNC(cdst_pte); 5599 5600 cpu_tlb_flushD_SE(csrcp); 5601 cpu_tlb_flushD_SE(cdstp); 5602 cpu_cpwait(); 5603 bcopy_page(csrcp, cdstp); 5604 xscale_cache_clean_minidata(); 5605 l2pte_reset(csrc_pte); 5606 l2pte_reset(cdst_pte); 5607 PTE_SYNC(csrc_pte); 5608 PTE_SYNC(cdst_pte); 5609 } 5610 #endif /* ARM_MMU_XSCALE == 1 */ 5611 5612 /* 5613 * void pmap_virtual_space(vaddr_t *start, vaddr_t *end) 5614 * 5615 * Return the start and end addresses of the kernel's virtual space. 5616 * These values are setup in pmap_bootstrap and are updated as pages 5617 * are allocated. 5618 */ 5619 void 5620 pmap_virtual_space(vaddr_t *start, vaddr_t *end) 5621 { 5622 *start = virtual_avail; 5623 *end = virtual_end; 5624 } 5625 5626 /* 5627 * Helper function for pmap_grow_l2_bucket() 5628 */ 5629 static inline int 5630 pmap_grow_map(vaddr_t va, paddr_t *pap) 5631 { 5632 paddr_t pa; 5633 5634 if (uvm.page_init_done == false) { 5635 #ifdef PMAP_STEAL_MEMORY 5636 pv_addr_t pv; 5637 pmap_boot_pagealloc(PAGE_SIZE, 5638 #ifdef PMAP_CACHE_VIPT 5639 arm_cache_prefer_mask, 5640 va & arm_cache_prefer_mask, 5641 #else 5642 0, 0, 5643 #endif 5644 &pv); 5645 pa = pv.pv_pa; 5646 #else 5647 if (uvm_page_physget(&pa) == false) 5648 return (1); 5649 #endif /* PMAP_STEAL_MEMORY */ 5650 } else { 5651 struct vm_page *pg; 5652 pg = uvm_pagealloc(NULL, 0, NULL, UVM_PGA_USERESERVE); 5653 if (pg == NULL) 5654 return (1); 5655 pa = VM_PAGE_TO_PHYS(pg); 5656 /* 5657 * This new page must not have any mappings. Enter it via 5658 * pmap_kenter_pa and let that routine do the hard work. 5659 */ 5660 struct vm_page_md *md __diagused = VM_PAGE_TO_MD(pg); 5661 KASSERT(SLIST_EMPTY(&md->pvh_list)); 5662 pmap_kenter_pa(va, pa, 5663 VM_PROT_READ|VM_PROT_WRITE, PMAP_KMPAGE|PMAP_PTE); 5664 } 5665 5666 if (pap) 5667 *pap = pa; 5668 5669 PMAPCOUNT(pt_mappings); 5670 #ifdef DEBUG 5671 struct l2_bucket * const l2b = pmap_get_l2_bucket(pmap_kernel(), va); 5672 KDASSERT(l2b != NULL); 5673 5674 pt_entry_t * const ptep = &l2b->l2b_kva[l2pte_index(va)]; 5675 const pt_entry_t opte = *ptep; 5676 KDASSERT((opte & L2_S_CACHE_MASK) == pte_l2_s_cache_mode_pt); 5677 #endif 5678 memset((void *)va, 0, PAGE_SIZE); 5679 return (0); 5680 } 5681 5682 /* 5683 * This is the same as pmap_alloc_l2_bucket(), except that it is only 5684 * used by pmap_growkernel(). 5685 */ 5686 static inline struct l2_bucket * 5687 pmap_grow_l2_bucket(pmap_t pm, vaddr_t va) 5688 { 5689 struct l2_dtable *l2; 5690 struct l2_bucket *l2b; 5691 u_short l1slot; 5692 vaddr_t nva; 5693 5694 l1slot = l1pte_index(va); 5695 5696 if ((l2 = pm->pm_l2[L2_IDX(l1slot)]) == NULL) { 5697 /* 5698 * No mapping at this address, as there is 5699 * no entry in the L1 table. 5700 * Need to allocate a new l2_dtable. 5701 */ 5702 nva = pmap_kernel_l2dtable_kva; 5703 if ((nva & PGOFSET) == 0) { 5704 /* 5705 * Need to allocate a backing page 5706 */ 5707 if (pmap_grow_map(nva, NULL)) 5708 return (NULL); 5709 } 5710 5711 l2 = (struct l2_dtable *)nva; 5712 nva += sizeof(struct l2_dtable); 5713 5714 if ((nva & PGOFSET) < (pmap_kernel_l2dtable_kva & PGOFSET)) { 5715 /* 5716 * The new l2_dtable straddles a page boundary. 5717 * Map in another page to cover it. 5718 */ 5719 if (pmap_grow_map(nva, NULL)) 5720 return (NULL); 5721 } 5722 5723 pmap_kernel_l2dtable_kva = nva; 5724 5725 /* 5726 * Link it into the parent pmap 5727 */ 5728 pm->pm_l2[L2_IDX(l1slot)] = l2; 5729 } 5730 5731 l2b = &l2->l2_bucket[L2_BUCKET(l1slot)]; 5732 5733 /* 5734 * Fetch pointer to the L2 page table associated with the address. 5735 */ 5736 if (l2b->l2b_kva == NULL) { 5737 pt_entry_t *ptep; 5738 5739 /* 5740 * No L2 page table has been allocated. Chances are, this 5741 * is because we just allocated the l2_dtable, above. 5742 */ 5743 nva = pmap_kernel_l2ptp_kva; 5744 ptep = (pt_entry_t *)nva; 5745 if ((nva & PGOFSET) == 0) { 5746 /* 5747 * Need to allocate a backing page 5748 */ 5749 if (pmap_grow_map(nva, &pmap_kernel_l2ptp_phys)) 5750 return (NULL); 5751 PTE_SYNC_RANGE(ptep, PAGE_SIZE / sizeof(pt_entry_t)); 5752 } 5753 5754 l2->l2_occupancy++; 5755 l2b->l2b_kva = ptep; 5756 l2b->l2b_l1slot = l1slot; 5757 l2b->l2b_pa = pmap_kernel_l2ptp_phys; 5758 5759 pmap_kernel_l2ptp_kva += L2_TABLE_SIZE_REAL; 5760 pmap_kernel_l2ptp_phys += L2_TABLE_SIZE_REAL; 5761 } 5762 5763 return (l2b); 5764 } 5765 5766 vaddr_t 5767 pmap_growkernel(vaddr_t maxkvaddr) 5768 { 5769 pmap_t kpm = pmap_kernel(); 5770 #ifndef ARM_MMU_EXTENDED 5771 struct l1_ttable *l1; 5772 #endif 5773 int s; 5774 5775 if (maxkvaddr <= pmap_curmaxkvaddr) 5776 goto out; /* we are OK */ 5777 5778 NPDEBUG(PDB_GROWKERN, 5779 printf("pmap_growkernel: growing kernel from 0x%lx to 0x%lx\n", 5780 pmap_curmaxkvaddr, maxkvaddr)); 5781 5782 KDASSERT(maxkvaddr <= virtual_end); 5783 5784 /* 5785 * whoops! we need to add kernel PTPs 5786 */ 5787 5788 s = splhigh(); /* to be safe */ 5789 mutex_enter(kpm->pm_lock); 5790 5791 /* Map 1MB at a time */ 5792 size_t l1slot = l1pte_index(pmap_curmaxkvaddr); 5793 #ifdef ARM_MMU_EXTENDED 5794 pd_entry_t * const spdep = &kpm->pm_l1[l1slot]; 5795 pd_entry_t *pdep = spdep; 5796 #endif 5797 for (;pmap_curmaxkvaddr < maxkvaddr; pmap_curmaxkvaddr += L1_S_SIZE, 5798 #ifdef ARM_MMU_EXTENDED 5799 pdep++, 5800 #endif 5801 l1slot++) { 5802 struct l2_bucket *l2b = 5803 pmap_grow_l2_bucket(kpm, pmap_curmaxkvaddr); 5804 KASSERT(l2b != NULL); 5805 5806 const pd_entry_t npde = L1_C_PROTO | l2b->l2b_pa 5807 | L1_C_DOM(PMAP_DOMAIN_KERNEL); 5808 #ifdef ARM_MMU_EXTENDED 5809 l1pte_setone(pdep, npde); 5810 #else 5811 /* Distribute new L1 entry to all other L1s */ 5812 SLIST_FOREACH(l1, &l1_list, l1_link) { 5813 pd_entry_t * const pdep = &l1->l1_kva[l1slot]; 5814 l1pte_setone(pdep, npde); 5815 PDE_SYNC(pdep); 5816 } 5817 #endif 5818 } 5819 #ifdef ARM_MMU_EXTENDED 5820 PDE_SYNC_RANGE(spdep, pdep - spdep); 5821 #endif 5822 5823 #ifdef PMAP_CACHE_VIVT 5824 /* 5825 * flush out the cache, expensive but growkernel will happen so 5826 * rarely 5827 */ 5828 cpu_dcache_wbinv_all(); 5829 cpu_tlb_flushD(); 5830 cpu_cpwait(); 5831 #endif 5832 5833 mutex_exit(kpm->pm_lock); 5834 splx(s); 5835 5836 out: 5837 return (pmap_curmaxkvaddr); 5838 } 5839 5840 /************************ Utility routines ****************************/ 5841 5842 #ifndef ARM_HAS_VBAR 5843 /* 5844 * vector_page_setprot: 5845 * 5846 * Manipulate the protection of the vector page. 5847 */ 5848 void 5849 vector_page_setprot(int prot) 5850 { 5851 struct l2_bucket *l2b; 5852 pt_entry_t *ptep; 5853 5854 #if defined(CPU_ARMV7) || defined(CPU_ARM11) 5855 /* 5856 * If we are using VBAR to use the vectors in the kernel, then it's 5857 * already mapped in the kernel text so no need to anything here. 5858 */ 5859 if (vector_page != ARM_VECTORS_LOW && vector_page != ARM_VECTORS_HIGH) { 5860 KASSERT((armreg_pfr1_read() & ARM_PFR1_SEC_MASK) != 0); 5861 return; 5862 } 5863 #endif 5864 5865 l2b = pmap_get_l2_bucket(pmap_kernel(), vector_page); 5866 KASSERT(l2b != NULL); 5867 5868 ptep = &l2b->l2b_kva[l2pte_index(vector_page)]; 5869 5870 const pt_entry_t opte = *ptep; 5871 #ifdef ARM_MMU_EXTENDED 5872 const pt_entry_t npte = (opte & ~(L2_S_PROT_MASK|L2_XS_XN)) 5873 | L2_S_PROT(PTE_KERNEL, prot); 5874 #else 5875 const pt_entry_t npte = (opte & ~L2_S_PROT_MASK) 5876 | L2_S_PROT(PTE_KERNEL, prot); 5877 #endif 5878 l2pte_set(ptep, npte, opte); 5879 PTE_SYNC(ptep); 5880 cpu_tlb_flushD_SE(vector_page); 5881 cpu_cpwait(); 5882 } 5883 #endif 5884 5885 /* 5886 * Fetch pointers to the PDE/PTE for the given pmap/VA pair. 5887 * Returns true if the mapping exists, else false. 5888 * 5889 * NOTE: This function is only used by a couple of arm-specific modules. 5890 * It is not safe to take any pmap locks here, since we could be right 5891 * in the middle of debugging the pmap anyway... 5892 * 5893 * It is possible for this routine to return false even though a valid 5894 * mapping does exist. This is because we don't lock, so the metadata 5895 * state may be inconsistent. 5896 * 5897 * NOTE: We can return a NULL *ptp in the case where the L1 pde is 5898 * a "section" mapping. 5899 */ 5900 bool 5901 pmap_get_pde_pte(pmap_t pm, vaddr_t va, pd_entry_t **pdp, pt_entry_t **ptp) 5902 { 5903 struct l2_dtable *l2; 5904 pd_entry_t *pdep, pde; 5905 pt_entry_t *ptep; 5906 u_short l1slot; 5907 5908 if (pm->pm_l1 == NULL) 5909 return false; 5910 5911 l1slot = l1pte_index(va); 5912 *pdp = pdep = pmap_l1_kva(pm) + l1slot; 5913 pde = *pdep; 5914 5915 if (l1pte_section_p(pde)) { 5916 *ptp = NULL; 5917 return true; 5918 } 5919 5920 l2 = pm->pm_l2[L2_IDX(l1slot)]; 5921 if (l2 == NULL || 5922 (ptep = l2->l2_bucket[L2_BUCKET(l1slot)].l2b_kva) == NULL) { 5923 return false; 5924 } 5925 5926 *ptp = &ptep[l2pte_index(va)]; 5927 return true; 5928 } 5929 5930 bool 5931 pmap_get_pde(pmap_t pm, vaddr_t va, pd_entry_t **pdp) 5932 { 5933 5934 if (pm->pm_l1 == NULL) 5935 return false; 5936 5937 *pdp = pmap_l1_kva(pm) + l1pte_index(va); 5938 5939 return true; 5940 } 5941 5942 /************************ Bootstrapping routines ****************************/ 5943 5944 #ifndef ARM_MMU_EXTENDED 5945 static void 5946 pmap_init_l1(struct l1_ttable *l1, pd_entry_t *l1pt) 5947 { 5948 int i; 5949 5950 l1->l1_kva = l1pt; 5951 l1->l1_domain_use_count = 0; 5952 l1->l1_domain_first = 0; 5953 5954 for (i = 0; i < PMAP_DOMAINS; i++) 5955 l1->l1_domain_free[i] = i + 1; 5956 5957 /* 5958 * Copy the kernel's L1 entries to each new L1. 5959 */ 5960 if (pmap_initialized) 5961 memcpy(l1pt, pmap_l1_kva(pmap_kernel()), L1_TABLE_SIZE); 5962 5963 if (pmap_extract(pmap_kernel(), (vaddr_t)l1pt, 5964 &l1->l1_physaddr) == false) 5965 panic("pmap_init_l1: can't get PA of L1 at %p", l1pt); 5966 5967 SLIST_INSERT_HEAD(&l1_list, l1, l1_link); 5968 TAILQ_INSERT_TAIL(&l1_lru_list, l1, l1_lru); 5969 } 5970 #endif /* !ARM_MMU_EXTENDED */ 5971 5972 /* 5973 * pmap_bootstrap() is called from the board-specific initarm() routine 5974 * once the kernel L1/L2 descriptors tables have been set up. 5975 * 5976 * This is a somewhat convoluted process since pmap bootstrap is, effectively, 5977 * spread over a number of disparate files/functions. 5978 * 5979 * We are passed the following parameters 5980 * - kernel_l1pt 5981 * This is a pointer to the base of the kernel's L1 translation table. 5982 * - vstart 5983 * 1MB-aligned start of managed kernel virtual memory. 5984 * - vend 5985 * 1MB-aligned end of managed kernel virtual memory. 5986 * 5987 * We use the first parameter to build the metadata (struct l1_ttable and 5988 * struct l2_dtable) necessary to track kernel mappings. 5989 */ 5990 #define PMAP_STATIC_L2_SIZE 16 5991 void 5992 pmap_bootstrap(vaddr_t vstart, vaddr_t vend) 5993 { 5994 static struct l2_dtable static_l2[PMAP_STATIC_L2_SIZE]; 5995 #ifndef ARM_MMU_EXTENDED 5996 static struct l1_ttable static_l1; 5997 struct l1_ttable *l1 = &static_l1; 5998 #endif 5999 struct l2_dtable *l2; 6000 struct l2_bucket *l2b; 6001 pd_entry_t *l1pt = (pd_entry_t *) kernel_l1pt.pv_va; 6002 pmap_t pm = pmap_kernel(); 6003 pt_entry_t *ptep; 6004 paddr_t pa; 6005 vsize_t size; 6006 int nptes, l2idx, l2next = 0; 6007 6008 #ifdef ARM_MMU_EXTENDED 6009 KASSERT(pte_l1_s_cache_mode == pte_l1_s_cache_mode_pt); 6010 KASSERT(pte_l2_s_cache_mode == pte_l2_s_cache_mode_pt); 6011 #endif 6012 6013 #ifdef VERBOSE_INIT_ARM 6014 printf("kpm "); 6015 #endif 6016 /* 6017 * Initialise the kernel pmap object 6018 */ 6019 curcpu()->ci_pmap_cur = pm; 6020 #ifdef ARM_MMU_EXTENDED 6021 pm->pm_l1 = l1pt; 6022 pm->pm_l1_pa = kernel_l1pt.pv_pa; 6023 #ifdef VERBOSE_INIT_ARM 6024 printf("tlb0 "); 6025 #endif 6026 pmap_tlb_info_init(&pmap_tlb0_info); 6027 #ifdef MULTIPROCESSOR 6028 #ifdef VERBOSE_INIT_ARM 6029 printf("kcpusets "); 6030 #endif 6031 pm->pm_onproc = kcpuset_running; 6032 pm->pm_active = kcpuset_running; 6033 #endif 6034 #else 6035 pm->pm_l1 = l1; 6036 #endif 6037 6038 #ifdef VERBOSE_INIT_ARM 6039 printf("locks "); 6040 #endif 6041 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 6042 if (arm_cache_prefer_mask != 0) { 6043 mutex_init(&pmap_lock, MUTEX_DEFAULT, IPL_VM); 6044 } else { 6045 #endif 6046 mutex_init(&pmap_lock, MUTEX_DEFAULT, IPL_NONE); 6047 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 6048 } 6049 #endif 6050 mutex_init(&pm->pm_obj_lock, MUTEX_DEFAULT, IPL_NONE); 6051 uvm_obj_init(&pm->pm_obj, NULL, false, 1); 6052 uvm_obj_setlock(&pm->pm_obj, &pm->pm_obj_lock); 6053 6054 #ifdef VERBOSE_INIT_ARM 6055 printf("l1pt "); 6056 #endif 6057 /* 6058 * Scan the L1 translation table created by initarm() and create 6059 * the required metadata for all valid mappings found in it. 6060 */ 6061 for (size_t l1slot = 0; 6062 l1slot < L1_TABLE_SIZE / sizeof(pd_entry_t); 6063 l1slot++) { 6064 pd_entry_t pde = l1pt[l1slot]; 6065 6066 /* 6067 * We're only interested in Coarse mappings. 6068 * pmap_extract() can deal with section mappings without 6069 * recourse to checking L2 metadata. 6070 */ 6071 if ((pde & L1_TYPE_MASK) != L1_TYPE_C) 6072 continue; 6073 6074 /* 6075 * Lookup the KVA of this L2 descriptor table 6076 */ 6077 pa = l1pte_pa(pde); 6078 ptep = (pt_entry_t *)kernel_pt_lookup(pa); 6079 if (ptep == NULL) { 6080 panic("pmap_bootstrap: No L2 for va 0x%x, pa 0x%lx", 6081 (u_int)l1slot << L1_S_SHIFT, pa); 6082 } 6083 6084 /* 6085 * Fetch the associated L2 metadata structure. 6086 * Allocate a new one if necessary. 6087 */ 6088 if ((l2 = pm->pm_l2[L2_IDX(l1slot)]) == NULL) { 6089 if (l2next == PMAP_STATIC_L2_SIZE) 6090 panic("pmap_bootstrap: out of static L2s"); 6091 pm->pm_l2[L2_IDX(l1slot)] = l2 = &static_l2[l2next++]; 6092 } 6093 6094 /* 6095 * One more L1 slot tracked... 6096 */ 6097 l2->l2_occupancy++; 6098 6099 /* 6100 * Fill in the details of the L2 descriptor in the 6101 * appropriate bucket. 6102 */ 6103 l2b = &l2->l2_bucket[L2_BUCKET(l1slot)]; 6104 l2b->l2b_kva = ptep; 6105 l2b->l2b_pa = pa; 6106 l2b->l2b_l1slot = l1slot; 6107 6108 /* 6109 * Establish an initial occupancy count for this descriptor 6110 */ 6111 for (l2idx = 0; 6112 l2idx < (L2_TABLE_SIZE_REAL / sizeof(pt_entry_t)); 6113 l2idx++) { 6114 if ((ptep[l2idx] & L2_TYPE_MASK) != L2_TYPE_INV) { 6115 l2b->l2b_occupancy++; 6116 } 6117 } 6118 6119 /* 6120 * Make sure the descriptor itself has the correct cache mode. 6121 * If not, fix it, but whine about the problem. Port-meisters 6122 * should consider this a clue to fix up their initarm() 6123 * function. :) 6124 */ 6125 if (pmap_set_pt_cache_mode(l1pt, (vaddr_t)ptep, 1)) { 6126 printf("pmap_bootstrap: WARNING! wrong cache mode for " 6127 "L2 pte @ %p\n", ptep); 6128 } 6129 } 6130 6131 #ifdef VERBOSE_INIT_ARM 6132 printf("cache(l1pt) "); 6133 #endif 6134 /* 6135 * Ensure the primary (kernel) L1 has the correct cache mode for 6136 * a page table. Bitch if it is not correctly set. 6137 */ 6138 if (pmap_set_pt_cache_mode(l1pt, kernel_l1pt.pv_va, 6139 L1_TABLE_SIZE / L2_S_SIZE)) { 6140 printf("pmap_bootstrap: WARNING! wrong cache mode for " 6141 "primary L1 @ 0x%lx\n", kernel_l1pt.pv_va); 6142 } 6143 6144 #ifdef PMAP_CACHE_VIVT 6145 cpu_dcache_wbinv_all(); 6146 cpu_tlb_flushID(); 6147 cpu_cpwait(); 6148 #endif 6149 6150 /* 6151 * now we allocate the "special" VAs which are used for tmp mappings 6152 * by the pmap (and other modules). we allocate the VAs by advancing 6153 * virtual_avail (note that there are no pages mapped at these VAs). 6154 * 6155 * Managed KVM space start from wherever initarm() tells us. 6156 */ 6157 virtual_avail = vstart; 6158 virtual_end = vend; 6159 6160 #ifdef VERBOSE_INIT_ARM 6161 printf("specials "); 6162 #endif 6163 #ifdef PMAP_CACHE_VIPT 6164 /* 6165 * If we have a VIPT cache, we need one page/pte per possible alias 6166 * page so we won't violate cache aliasing rules. 6167 */ 6168 virtual_avail = (virtual_avail + arm_cache_prefer_mask) & ~arm_cache_prefer_mask; 6169 nptes = (arm_cache_prefer_mask >> L2_S_SHIFT) + 1; 6170 nptes = roundup(nptes, PAGE_SIZE / L2_S_SIZE); 6171 if (arm_pcache.icache_type != CACHE_TYPE_PIPT 6172 && arm_pcache.icache_way_size > nptes * L2_S_SIZE) { 6173 nptes = arm_pcache.icache_way_size >> L2_S_SHIFT; 6174 nptes = roundup(nptes, PAGE_SIZE / L2_S_SIZE); 6175 } 6176 #else 6177 nptes = PAGE_SIZE / L2_S_SIZE; 6178 #endif 6179 #ifdef MULTIPROCESSOR 6180 cnptes = nptes; 6181 nptes *= arm_cpu_max; 6182 #endif 6183 pmap_alloc_specials(&virtual_avail, nptes, &csrcp, &csrc_pte); 6184 pmap_set_pt_cache_mode(l1pt, (vaddr_t)csrc_pte, nptes); 6185 pmap_alloc_specials(&virtual_avail, nptes, &cdstp, &cdst_pte); 6186 pmap_set_pt_cache_mode(l1pt, (vaddr_t)cdst_pte, nptes); 6187 pmap_alloc_specials(&virtual_avail, nptes, &memhook, NULL); 6188 if (msgbufaddr == NULL) { 6189 pmap_alloc_specials(&virtual_avail, 6190 round_page(MSGBUFSIZE) / PAGE_SIZE, 6191 (void *)&msgbufaddr, NULL); 6192 } 6193 6194 /* 6195 * Allocate a range of kernel virtual address space to be used 6196 * for L2 descriptor tables and metadata allocation in 6197 * pmap_growkernel(). 6198 */ 6199 size = ((virtual_end - pmap_curmaxkvaddr) + L1_S_OFFSET) / L1_S_SIZE; 6200 pmap_alloc_specials(&virtual_avail, 6201 round_page(size * L2_TABLE_SIZE_REAL) / PAGE_SIZE, 6202 &pmap_kernel_l2ptp_kva, NULL); 6203 6204 size = (size + (L2_BUCKET_SIZE - 1)) / L2_BUCKET_SIZE; 6205 pmap_alloc_specials(&virtual_avail, 6206 round_page(size * sizeof(struct l2_dtable)) / PAGE_SIZE, 6207 &pmap_kernel_l2dtable_kva, NULL); 6208 6209 #ifndef ARM_MMU_EXTENDED 6210 /* 6211 * init the static-global locks and global pmap list. 6212 */ 6213 mutex_init(&l1_lru_lock, MUTEX_DEFAULT, IPL_VM); 6214 6215 /* 6216 * We can now initialise the first L1's metadata. 6217 */ 6218 SLIST_INIT(&l1_list); 6219 TAILQ_INIT(&l1_lru_list); 6220 pmap_init_l1(l1, l1pt); 6221 #endif /* ARM_MMU_EXTENDED */ 6222 6223 #ifndef ARM_HAS_VBAR 6224 /* Set up vector page L1 details, if necessary */ 6225 if (vector_page < KERNEL_BASE) { 6226 pm->pm_pl1vec = pmap_l1_kva(pm) + l1pte_index(vector_page); 6227 l2b = pmap_get_l2_bucket(pm, vector_page); 6228 KDASSERT(l2b != NULL); 6229 pm->pm_l1vec = l2b->l2b_pa | L1_C_PROTO | 6230 L1_C_DOM(pmap_domain(pm)); 6231 } else 6232 pm->pm_pl1vec = NULL; 6233 #endif 6234 6235 #ifdef VERBOSE_INIT_ARM 6236 printf("pools "); 6237 #endif 6238 /* 6239 * Initialize the pmap cache 6240 */ 6241 pool_cache_bootstrap(&pmap_cache, sizeof(struct pmap), 0, 0, 0, 6242 "pmappl", NULL, IPL_NONE, pmap_pmap_ctor, NULL, NULL); 6243 LIST_INIT(&pmap_pmaps); 6244 LIST_INSERT_HEAD(&pmap_pmaps, pm, pm_list); 6245 6246 /* 6247 * Initialize the pv pool. 6248 */ 6249 pool_init(&pmap_pv_pool, sizeof(struct pv_entry), 0, 0, 0, "pvepl", 6250 &pmap_bootstrap_pv_allocator, IPL_NONE); 6251 6252 /* 6253 * Initialize the L2 dtable pool and cache. 6254 */ 6255 pool_cache_bootstrap(&pmap_l2dtable_cache, sizeof(struct l2_dtable), 0, 6256 0, 0, "l2dtblpl", NULL, IPL_NONE, pmap_l2dtable_ctor, NULL, NULL); 6257 6258 /* 6259 * Initialise the L2 descriptor table pool and cache 6260 */ 6261 pool_cache_bootstrap(&pmap_l2ptp_cache, L2_TABLE_SIZE_REAL, 0, 6262 L2_TABLE_SIZE_REAL, 0, "l2ptppl", NULL, IPL_NONE, 6263 pmap_l2ptp_ctor, NULL, NULL); 6264 6265 mutex_init(&memlock, MUTEX_DEFAULT, IPL_NONE); 6266 6267 cpu_dcache_wbinv_all(); 6268 } 6269 6270 static bool 6271 pmap_set_pt_cache_mode(pd_entry_t *kl1, vaddr_t va, size_t nptes) 6272 { 6273 #ifdef ARM_MMU_EXTENDED 6274 return false; 6275 #else 6276 if (pte_l1_s_cache_mode == pte_l1_s_cache_mode_pt 6277 && pte_l2_s_cache_mode == pte_l2_s_cache_mode_pt) 6278 return false; 6279 6280 const vaddr_t eva = va + nptes * PAGE_SIZE; 6281 int rv = 0; 6282 6283 while (va < eva) { 6284 /* 6285 * Make sure the descriptor itself has the correct cache mode 6286 */ 6287 pd_entry_t * const pdep = &kl1[l1pte_index(va)]; 6288 pd_entry_t pde = *pdep; 6289 6290 if (l1pte_section_p(pde)) { 6291 __CTASSERT((L1_S_CACHE_MASK & L1_S_V6_SUPER) == 0); 6292 if ((pde & L1_S_CACHE_MASK) != pte_l1_s_cache_mode_pt) { 6293 *pdep = (pde & ~L1_S_CACHE_MASK) | 6294 pte_l1_s_cache_mode_pt; 6295 PDE_SYNC(pdep); 6296 cpu_dcache_wbinv_range((vaddr_t)pdep, 6297 sizeof(*pdep)); 6298 rv = 1; 6299 } 6300 return rv; 6301 } 6302 vaddr_t pa = l1pte_pa(pde); 6303 pt_entry_t *ptep = (pt_entry_t *)kernel_pt_lookup(pa); 6304 if (ptep == NULL) 6305 panic("pmap_bootstrap: No PTP for va %#lx\n", va); 6306 6307 ptep += l2pte_index(va); 6308 const pt_entry_t opte = *ptep; 6309 if ((opte & L2_S_CACHE_MASK) != pte_l2_s_cache_mode_pt) { 6310 const pt_entry_t npte = (opte & ~L2_S_CACHE_MASK) 6311 | pte_l2_s_cache_mode_pt; 6312 l2pte_set(ptep, npte, opte); 6313 PTE_SYNC(ptep); 6314 cpu_dcache_wbinv_range((vaddr_t)ptep, sizeof(*ptep)); 6315 rv = 1; 6316 } 6317 va += PAGE_SIZE; 6318 } 6319 6320 return (rv); 6321 #endif 6322 } 6323 6324 static void 6325 pmap_alloc_specials(vaddr_t *availp, int pages, vaddr_t *vap, pt_entry_t **ptep) 6326 { 6327 vaddr_t va = *availp; 6328 struct l2_bucket *l2b; 6329 6330 if (ptep) { 6331 l2b = pmap_get_l2_bucket(pmap_kernel(), va); 6332 if (l2b == NULL) 6333 panic("pmap_alloc_specials: no l2b for 0x%lx", va); 6334 6335 if (ptep) 6336 *ptep = &l2b->l2b_kva[l2pte_index(va)]; 6337 } 6338 6339 *vap = va; 6340 *availp = va + (PAGE_SIZE * pages); 6341 } 6342 6343 void 6344 pmap_init(void) 6345 { 6346 6347 /* 6348 * Set the available memory vars - These do not map to real memory 6349 * addresses and cannot as the physical memory is fragmented. 6350 * They are used by ps for %mem calculations. 6351 * One could argue whether this should be the entire memory or just 6352 * the memory that is useable in a user process. 6353 */ 6354 avail_start = ptoa(VM_PHYSMEM_PTR(0)->start); 6355 avail_end = ptoa(VM_PHYSMEM_PTR(vm_nphysseg - 1)->end); 6356 6357 /* 6358 * Now we need to free enough pv_entry structures to allow us to get 6359 * the kmem_map/kmem_object allocated and inited (done after this 6360 * function is finished). to do this we allocate one bootstrap page out 6361 * of kernel_map and use it to provide an initial pool of pv_entry 6362 * structures. we never free this page. 6363 */ 6364 pool_setlowat(&pmap_pv_pool, (PAGE_SIZE / sizeof(struct pv_entry)) * 2); 6365 6366 #ifdef ARM_MMU_EXTENDED 6367 pmap_tlb_info_evcnt_attach(&pmap_tlb0_info); 6368 #endif 6369 6370 pmap_initialized = true; 6371 } 6372 6373 static vaddr_t last_bootstrap_page = 0; 6374 static void *free_bootstrap_pages = NULL; 6375 6376 static void * 6377 pmap_bootstrap_pv_page_alloc(struct pool *pp, int flags) 6378 { 6379 extern void *pool_page_alloc(struct pool *, int); 6380 vaddr_t new_page; 6381 void *rv; 6382 6383 if (pmap_initialized) 6384 return (pool_page_alloc(pp, flags)); 6385 6386 if (free_bootstrap_pages) { 6387 rv = free_bootstrap_pages; 6388 free_bootstrap_pages = *((void **)rv); 6389 return (rv); 6390 } 6391 6392 KASSERT(kernel_map != NULL); 6393 new_page = uvm_km_alloc(kernel_map, PAGE_SIZE, 0, 6394 UVM_KMF_WIRED | ((flags & PR_WAITOK) ? 0 : UVM_KMF_NOWAIT)); 6395 6396 KASSERT(new_page > last_bootstrap_page); 6397 last_bootstrap_page = new_page; 6398 return ((void *)new_page); 6399 } 6400 6401 static void 6402 pmap_bootstrap_pv_page_free(struct pool *pp, void *v) 6403 { 6404 extern void pool_page_free(struct pool *, void *); 6405 6406 if ((vaddr_t)v <= last_bootstrap_page) { 6407 *((void **)v) = free_bootstrap_pages; 6408 free_bootstrap_pages = v; 6409 return; 6410 } 6411 6412 if (pmap_initialized) { 6413 pool_page_free(pp, v); 6414 return; 6415 } 6416 } 6417 6418 /* 6419 * pmap_postinit() 6420 * 6421 * This routine is called after the vm and kmem subsystems have been 6422 * initialised. This allows the pmap code to perform any initialisation 6423 * that can only be done one the memory allocation is in place. 6424 */ 6425 void 6426 pmap_postinit(void) 6427 { 6428 #ifndef ARM_MMU_EXTENDED 6429 extern paddr_t physical_start, physical_end; 6430 struct l1_ttable *l1; 6431 struct pglist plist; 6432 struct vm_page *m; 6433 pd_entry_t *pdep; 6434 vaddr_t va, eva; 6435 u_int loop, needed; 6436 int error; 6437 #endif 6438 6439 pool_cache_setlowat(&pmap_l2ptp_cache, (PAGE_SIZE / L2_TABLE_SIZE_REAL) * 4); 6440 pool_cache_setlowat(&pmap_l2dtable_cache, 6441 (PAGE_SIZE / sizeof(struct l2_dtable)) * 2); 6442 6443 #ifndef ARM_MMU_EXTENDED 6444 needed = (maxproc / PMAP_DOMAINS) + ((maxproc % PMAP_DOMAINS) ? 1 : 0); 6445 needed -= 1; 6446 6447 l1 = kmem_alloc(sizeof(*l1) * needed, KM_SLEEP); 6448 6449 for (loop = 0; loop < needed; loop++, l1++) { 6450 /* Allocate a L1 page table */ 6451 va = uvm_km_alloc(kernel_map, L1_TABLE_SIZE, 0, UVM_KMF_VAONLY); 6452 if (va == 0) 6453 panic("Cannot allocate L1 KVM"); 6454 6455 error = uvm_pglistalloc(L1_TABLE_SIZE, physical_start, 6456 physical_end, L1_TABLE_SIZE, 0, &plist, 1, 1); 6457 if (error) 6458 panic("Cannot allocate L1 physical pages"); 6459 6460 m = TAILQ_FIRST(&plist); 6461 eva = va + L1_TABLE_SIZE; 6462 pdep = (pd_entry_t *)va; 6463 6464 while (m && va < eva) { 6465 paddr_t pa = VM_PAGE_TO_PHYS(m); 6466 6467 pmap_kenter_pa(va, pa, 6468 VM_PROT_READ|VM_PROT_WRITE, PMAP_KMPAGE|PMAP_PTE); 6469 6470 va += PAGE_SIZE; 6471 m = TAILQ_NEXT(m, pageq.queue); 6472 } 6473 6474 #ifdef DIAGNOSTIC 6475 if (m) 6476 panic("pmap_alloc_l1pt: pglist not empty"); 6477 #endif /* DIAGNOSTIC */ 6478 6479 pmap_init_l1(l1, pdep); 6480 } 6481 6482 #ifdef DEBUG 6483 printf("pmap_postinit: Allocated %d static L1 descriptor tables\n", 6484 needed); 6485 #endif 6486 #endif /* !ARM_MMU_EXTENDED */ 6487 } 6488 6489 /* 6490 * Note that the following routines are used by board-specific initialisation 6491 * code to configure the initial kernel page tables. 6492 * 6493 * If ARM32_NEW_VM_LAYOUT is *not* defined, they operate on the assumption that 6494 * L2 page-table pages are 4KB in size and use 4 L1 slots. This mimics the 6495 * behaviour of the old pmap, and provides an easy migration path for 6496 * initial bring-up of the new pmap on existing ports. Fortunately, 6497 * pmap_bootstrap() compensates for this hackery. This is only a stop-gap and 6498 * will be deprecated. 6499 * 6500 * If ARM32_NEW_VM_LAYOUT *is* defined, these functions deal with 1KB L2 page 6501 * tables. 6502 */ 6503 6504 /* 6505 * This list exists for the benefit of pmap_map_chunk(). It keeps track 6506 * of the kernel L2 tables during bootstrap, so that pmap_map_chunk() can 6507 * find them as necessary. 6508 * 6509 * Note that the data on this list MUST remain valid after initarm() returns, 6510 * as pmap_bootstrap() uses it to contruct L2 table metadata. 6511 */ 6512 SLIST_HEAD(, pv_addr) kernel_pt_list = SLIST_HEAD_INITIALIZER(kernel_pt_list); 6513 6514 static vaddr_t 6515 kernel_pt_lookup(paddr_t pa) 6516 { 6517 pv_addr_t *pv; 6518 6519 SLIST_FOREACH(pv, &kernel_pt_list, pv_list) { 6520 if (pv->pv_pa == (pa & ~PGOFSET)) 6521 return (pv->pv_va | (pa & PGOFSET)); 6522 } 6523 return (0); 6524 } 6525 6526 /* 6527 * pmap_map_section: 6528 * 6529 * Create a single section mapping. 6530 */ 6531 void 6532 pmap_map_section(vaddr_t l1pt, vaddr_t va, paddr_t pa, int prot, int cache) 6533 { 6534 pd_entry_t * const pdep = (pd_entry_t *) l1pt; 6535 const size_t l1slot = l1pte_index(va); 6536 pd_entry_t fl; 6537 6538 KASSERT(((va | pa) & L1_S_OFFSET) == 0); 6539 6540 switch (cache) { 6541 case PTE_NOCACHE: 6542 default: 6543 fl = 0; 6544 break; 6545 6546 case PTE_CACHE: 6547 fl = pte_l1_s_cache_mode; 6548 break; 6549 6550 case PTE_PAGETABLE: 6551 fl = pte_l1_s_cache_mode_pt; 6552 break; 6553 } 6554 6555 const pd_entry_t npde = L1_S_PROTO | pa | 6556 L1_S_PROT(PTE_KERNEL, prot) | fl | L1_S_DOM(PMAP_DOMAIN_KERNEL); 6557 l1pte_setone(pdep + l1slot, npde); 6558 PDE_SYNC(pdep + l1slot); 6559 } 6560 6561 /* 6562 * pmap_map_entry: 6563 * 6564 * Create a single page mapping. 6565 */ 6566 void 6567 pmap_map_entry(vaddr_t l1pt, vaddr_t va, paddr_t pa, int prot, int cache) 6568 { 6569 pd_entry_t * const pdep = (pd_entry_t *) l1pt; 6570 const size_t l1slot = l1pte_index(va); 6571 pt_entry_t npte; 6572 pt_entry_t *ptep; 6573 6574 KASSERT(((va | pa) & PGOFSET) == 0); 6575 6576 switch (cache) { 6577 case PTE_NOCACHE: 6578 default: 6579 npte = 0; 6580 break; 6581 6582 case PTE_CACHE: 6583 npte = pte_l2_s_cache_mode; 6584 break; 6585 6586 case PTE_PAGETABLE: 6587 npte = pte_l2_s_cache_mode_pt; 6588 break; 6589 } 6590 6591 if ((pdep[l1slot] & L1_TYPE_MASK) != L1_TYPE_C) 6592 panic("pmap_map_entry: no L2 table for VA 0x%08lx", va); 6593 6594 ptep = (pt_entry_t *) kernel_pt_lookup(l1pte_pa(pdep[l1slot])); 6595 if (ptep == NULL) 6596 panic("pmap_map_entry: can't find L2 table for VA 0x%08lx", va); 6597 6598 npte |= L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, prot); 6599 #ifdef ARM_MMU_EXTENDED 6600 if (prot & VM_PROT_EXECUTE) { 6601 npte &= ~L2_XS_XN; 6602 } 6603 #endif 6604 ptep += l2pte_index(va); 6605 l2pte_set(ptep, npte, 0); 6606 PTE_SYNC(ptep); 6607 } 6608 6609 /* 6610 * pmap_link_l2pt: 6611 * 6612 * Link the L2 page table specified by "l2pv" into the L1 6613 * page table at the slot for "va". 6614 */ 6615 void 6616 pmap_link_l2pt(vaddr_t l1pt, vaddr_t va, pv_addr_t *l2pv) 6617 { 6618 pd_entry_t * const pdep = (pd_entry_t *) l1pt + l1pte_index(va); 6619 6620 KASSERT((va & ((L1_S_SIZE * (PAGE_SIZE / L2_T_SIZE)) - 1)) == 0); 6621 KASSERT((l2pv->pv_pa & PGOFSET) == 0); 6622 6623 const pd_entry_t npde = L1_S_DOM(PMAP_DOMAIN_KERNEL) | L1_C_PROTO 6624 | l2pv->pv_pa; 6625 6626 l1pte_set(pdep, npde); 6627 PDE_SYNC_RANGE(pdep, PAGE_SIZE / L2_T_SIZE); 6628 6629 SLIST_INSERT_HEAD(&kernel_pt_list, l2pv, pv_list); 6630 } 6631 6632 /* 6633 * pmap_map_chunk: 6634 * 6635 * Map a chunk of memory using the most efficient mappings 6636 * possible (section, large page, small page) into the 6637 * provided L1 and L2 tables at the specified virtual address. 6638 */ 6639 vsize_t 6640 pmap_map_chunk(vaddr_t l1pt, vaddr_t va, paddr_t pa, vsize_t size, 6641 int prot, int cache) 6642 { 6643 pd_entry_t * const pdep = (pd_entry_t *) l1pt; 6644 pt_entry_t f1, f2s, f2l; 6645 vsize_t resid; 6646 6647 resid = (size + (PAGE_SIZE - 1)) & ~(PAGE_SIZE - 1); 6648 6649 if (l1pt == 0) 6650 panic("pmap_map_chunk: no L1 table provided"); 6651 6652 #ifdef VERBOSE_INIT_ARM 6653 printf("pmap_map_chunk: pa=0x%lx va=0x%lx size=0x%lx resid=0x%lx " 6654 "prot=0x%x cache=%d\n", pa, va, size, resid, prot, cache); 6655 #endif 6656 6657 switch (cache) { 6658 case PTE_NOCACHE: 6659 default: 6660 f1 = 0; 6661 f2l = 0; 6662 f2s = 0; 6663 break; 6664 6665 case PTE_CACHE: 6666 f1 = pte_l1_s_cache_mode; 6667 f2l = pte_l2_l_cache_mode; 6668 f2s = pte_l2_s_cache_mode; 6669 break; 6670 6671 case PTE_PAGETABLE: 6672 f1 = pte_l1_s_cache_mode_pt; 6673 f2l = pte_l2_l_cache_mode_pt; 6674 f2s = pte_l2_s_cache_mode_pt; 6675 break; 6676 } 6677 6678 size = resid; 6679 6680 while (resid > 0) { 6681 const size_t l1slot = l1pte_index(va); 6682 #if (ARM_MMU_V6 + ARM_MMU_V7) > 0 6683 /* See if we can use a supersection mapping. */ 6684 if (L1_SS_PROTO && L1_SS_MAPPABLE_P(va, pa, resid)) { 6685 /* Supersection are always domain 0 */ 6686 const pd_entry_t npde = L1_SS_PROTO | pa 6687 #ifdef ARM_MMU_EXTENDED_XXX 6688 | ((prot & VM_PROT_EXECUTE) ? 0 : L1_S_V6_XN) 6689 #endif 6690 #ifdef ARM_MMU_EXTENDED 6691 | (va & 0x80000000 ? 0 : L1_S_V6_nG) 6692 #endif 6693 | L1_S_PROT(PTE_KERNEL, prot) | f1; 6694 #ifdef VERBOSE_INIT_ARM 6695 printf("sS"); 6696 #endif 6697 l1pte_set(&pdep[l1slot], npde); 6698 PDE_SYNC_RANGE(&pdep[l1slot], L1_SS_SIZE / L1_S_SIZE); 6699 va += L1_SS_SIZE; 6700 pa += L1_SS_SIZE; 6701 resid -= L1_SS_SIZE; 6702 continue; 6703 } 6704 #endif 6705 /* See if we can use a section mapping. */ 6706 if (L1_S_MAPPABLE_P(va, pa, resid)) { 6707 const pd_entry_t npde = L1_S_PROTO | pa 6708 #ifdef ARM_MMU_EXTENDED_XXX 6709 | ((prot & VM_PROT_EXECUTE) ? 0 : L1_S_V6_XN) 6710 #endif 6711 #ifdef ARM_MMU_EXTENDED 6712 | (va & 0x80000000 ? 0 : L1_S_V6_nG) 6713 #endif 6714 | L1_S_PROT(PTE_KERNEL, prot) | f1 6715 | L1_S_DOM(PMAP_DOMAIN_KERNEL); 6716 #ifdef VERBOSE_INIT_ARM 6717 printf("S"); 6718 #endif 6719 l1pte_set(&pdep[l1slot], npde); 6720 PDE_SYNC(&pdep[l1slot]); 6721 va += L1_S_SIZE; 6722 pa += L1_S_SIZE; 6723 resid -= L1_S_SIZE; 6724 continue; 6725 } 6726 6727 /* 6728 * Ok, we're going to use an L2 table. Make sure 6729 * one is actually in the corresponding L1 slot 6730 * for the current VA. 6731 */ 6732 if ((pdep[l1slot] & L1_TYPE_MASK) != L1_TYPE_C) 6733 panic("%s: no L2 table for VA %#lx", __func__, va); 6734 6735 pt_entry_t *ptep = (pt_entry_t *) kernel_pt_lookup(l1pte_pa(pdep[l1slot])); 6736 if (ptep == NULL) 6737 panic("%s: can't find L2 table for VA %#lx", __func__, 6738 va); 6739 6740 ptep += l2pte_index(va); 6741 6742 /* See if we can use a L2 large page mapping. */ 6743 if (L2_L_MAPPABLE_P(va, pa, resid)) { 6744 const pt_entry_t npte = L2_L_PROTO | pa 6745 #ifdef ARM_MMU_EXTENDED_XXX 6746 | ((prot & VM_PROT_EXECUTE) ? 0 : L2_XS_L_XN) 6747 #endif 6748 #ifdef ARM_MMU_EXTENDED 6749 | (va & 0x80000000 ? 0 : L2_XS_nG) 6750 #endif 6751 | L2_L_PROT(PTE_KERNEL, prot) | f2l; 6752 #ifdef VERBOSE_INIT_ARM 6753 printf("L"); 6754 #endif 6755 l2pte_set(ptep, npte, 0); 6756 PTE_SYNC_RANGE(ptep, L2_L_SIZE / L2_S_SIZE); 6757 va += L2_L_SIZE; 6758 pa += L2_L_SIZE; 6759 resid -= L2_L_SIZE; 6760 continue; 6761 } 6762 6763 /* Use a small page mapping. */ 6764 #ifdef VERBOSE_INIT_ARM 6765 printf("P"); 6766 #endif 6767 const pt_entry_t npte = L2_S_PROTO | pa 6768 #ifdef ARM_MMU_EXTENDED_XXX 6769 | ((prot & VM_PROT_EXECUTE) ? 0 : L2_XS_XN) 6770 #endif 6771 #ifdef ARM_MMU_EXTENDED 6772 | (va & 0x80000000 ? 0 : L2_XS_nG) 6773 #endif 6774 | L2_S_PROT(PTE_KERNEL, prot) | f2s; 6775 l2pte_set(ptep, npte, 0); 6776 PTE_SYNC(ptep); 6777 va += PAGE_SIZE; 6778 pa += PAGE_SIZE; 6779 resid -= PAGE_SIZE; 6780 } 6781 #ifdef VERBOSE_INIT_ARM 6782 printf("\n"); 6783 #endif 6784 return (size); 6785 } 6786 6787 /********************** Static device map routines ***************************/ 6788 6789 static const struct pmap_devmap *pmap_devmap_table; 6790 6791 /* 6792 * Register the devmap table. This is provided in case early console 6793 * initialization needs to register mappings created by bootstrap code 6794 * before pmap_devmap_bootstrap() is called. 6795 */ 6796 void 6797 pmap_devmap_register(const struct pmap_devmap *table) 6798 { 6799 6800 pmap_devmap_table = table; 6801 } 6802 6803 /* 6804 * Map all of the static regions in the devmap table, and remember 6805 * the devmap table so other parts of the kernel can look up entries 6806 * later. 6807 */ 6808 void 6809 pmap_devmap_bootstrap(vaddr_t l1pt, const struct pmap_devmap *table) 6810 { 6811 int i; 6812 6813 pmap_devmap_table = table; 6814 6815 for (i = 0; pmap_devmap_table[i].pd_size != 0; i++) { 6816 #ifdef VERBOSE_INIT_ARM 6817 printf("devmap: %08lx -> %08lx @ %08lx\n", 6818 pmap_devmap_table[i].pd_pa, 6819 pmap_devmap_table[i].pd_pa + 6820 pmap_devmap_table[i].pd_size - 1, 6821 pmap_devmap_table[i].pd_va); 6822 #endif 6823 pmap_map_chunk(l1pt, pmap_devmap_table[i].pd_va, 6824 pmap_devmap_table[i].pd_pa, 6825 pmap_devmap_table[i].pd_size, 6826 pmap_devmap_table[i].pd_prot, 6827 pmap_devmap_table[i].pd_cache); 6828 } 6829 } 6830 6831 const struct pmap_devmap * 6832 pmap_devmap_find_pa(paddr_t pa, psize_t size) 6833 { 6834 uint64_t endpa; 6835 int i; 6836 6837 if (pmap_devmap_table == NULL) 6838 return (NULL); 6839 6840 endpa = (uint64_t)pa + (uint64_t)(size - 1); 6841 6842 for (i = 0; pmap_devmap_table[i].pd_size != 0; i++) { 6843 if (pa >= pmap_devmap_table[i].pd_pa && 6844 endpa <= (uint64_t)pmap_devmap_table[i].pd_pa + 6845 (uint64_t)(pmap_devmap_table[i].pd_size - 1)) 6846 return (&pmap_devmap_table[i]); 6847 } 6848 6849 return (NULL); 6850 } 6851 6852 const struct pmap_devmap * 6853 pmap_devmap_find_va(vaddr_t va, vsize_t size) 6854 { 6855 int i; 6856 6857 if (pmap_devmap_table == NULL) 6858 return (NULL); 6859 6860 for (i = 0; pmap_devmap_table[i].pd_size != 0; i++) { 6861 if (va >= pmap_devmap_table[i].pd_va && 6862 va + size - 1 <= pmap_devmap_table[i].pd_va + 6863 pmap_devmap_table[i].pd_size - 1) 6864 return (&pmap_devmap_table[i]); 6865 } 6866 6867 return (NULL); 6868 } 6869 6870 /********************** PTE initialization routines **************************/ 6871 6872 /* 6873 * These routines are called when the CPU type is identified to set up 6874 * the PTE prototypes, cache modes, etc. 6875 * 6876 * The variables are always here, just in case modules need to reference 6877 * them (though, they shouldn't). 6878 */ 6879 6880 pt_entry_t pte_l1_s_cache_mode; 6881 pt_entry_t pte_l1_s_wc_mode; 6882 pt_entry_t pte_l1_s_cache_mode_pt; 6883 pt_entry_t pte_l1_s_cache_mask; 6884 6885 pt_entry_t pte_l2_l_cache_mode; 6886 pt_entry_t pte_l2_l_wc_mode; 6887 pt_entry_t pte_l2_l_cache_mode_pt; 6888 pt_entry_t pte_l2_l_cache_mask; 6889 6890 pt_entry_t pte_l2_s_cache_mode; 6891 pt_entry_t pte_l2_s_wc_mode; 6892 pt_entry_t pte_l2_s_cache_mode_pt; 6893 pt_entry_t pte_l2_s_cache_mask; 6894 6895 pt_entry_t pte_l1_s_prot_u; 6896 pt_entry_t pte_l1_s_prot_w; 6897 pt_entry_t pte_l1_s_prot_ro; 6898 pt_entry_t pte_l1_s_prot_mask; 6899 6900 pt_entry_t pte_l2_s_prot_u; 6901 pt_entry_t pte_l2_s_prot_w; 6902 pt_entry_t pte_l2_s_prot_ro; 6903 pt_entry_t pte_l2_s_prot_mask; 6904 6905 pt_entry_t pte_l2_l_prot_u; 6906 pt_entry_t pte_l2_l_prot_w; 6907 pt_entry_t pte_l2_l_prot_ro; 6908 pt_entry_t pte_l2_l_prot_mask; 6909 6910 pt_entry_t pte_l1_ss_proto; 6911 pt_entry_t pte_l1_s_proto; 6912 pt_entry_t pte_l1_c_proto; 6913 pt_entry_t pte_l2_s_proto; 6914 6915 void (*pmap_copy_page_func)(paddr_t, paddr_t); 6916 void (*pmap_zero_page_func)(paddr_t); 6917 6918 #if (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6 + ARM_MMU_V7) != 0 6919 void 6920 pmap_pte_init_generic(void) 6921 { 6922 6923 pte_l1_s_cache_mode = L1_S_B|L1_S_C; 6924 pte_l1_s_wc_mode = L1_S_B; 6925 pte_l1_s_cache_mask = L1_S_CACHE_MASK_generic; 6926 6927 pte_l2_l_cache_mode = L2_B|L2_C; 6928 pte_l2_l_wc_mode = L2_B; 6929 pte_l2_l_cache_mask = L2_L_CACHE_MASK_generic; 6930 6931 pte_l2_s_cache_mode = L2_B|L2_C; 6932 pte_l2_s_wc_mode = L2_B; 6933 pte_l2_s_cache_mask = L2_S_CACHE_MASK_generic; 6934 6935 /* 6936 * If we have a write-through cache, set B and C. If 6937 * we have a write-back cache, then we assume setting 6938 * only C will make those pages write-through (except for those 6939 * Cortex CPUs which can read the L1 caches). 6940 */ 6941 if (cpufuncs.cf_dcache_wb_range == (void *) cpufunc_nullop 6942 #if ARM_MMU_V7 > 0 6943 || CPU_ID_CORTEX_P(curcpu()->ci_arm_cpuid) 6944 #endif 6945 #if ARM_MMU_V6 > 0 6946 || CPU_ID_ARM11_P(curcpu()->ci_arm_cpuid) /* arm116 errata 399234 */ 6947 #endif 6948 || false) { 6949 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 6950 pte_l2_l_cache_mode_pt = L2_B|L2_C; 6951 pte_l2_s_cache_mode_pt = L2_B|L2_C; 6952 } else { 6953 pte_l1_s_cache_mode_pt = L1_S_C; /* write through */ 6954 pte_l2_l_cache_mode_pt = L2_C; /* write through */ 6955 pte_l2_s_cache_mode_pt = L2_C; /* write through */ 6956 } 6957 6958 pte_l1_s_prot_u = L1_S_PROT_U_generic; 6959 pte_l1_s_prot_w = L1_S_PROT_W_generic; 6960 pte_l1_s_prot_ro = L1_S_PROT_RO_generic; 6961 pte_l1_s_prot_mask = L1_S_PROT_MASK_generic; 6962 6963 pte_l2_s_prot_u = L2_S_PROT_U_generic; 6964 pte_l2_s_prot_w = L2_S_PROT_W_generic; 6965 pte_l2_s_prot_ro = L2_S_PROT_RO_generic; 6966 pte_l2_s_prot_mask = L2_S_PROT_MASK_generic; 6967 6968 pte_l2_l_prot_u = L2_L_PROT_U_generic; 6969 pte_l2_l_prot_w = L2_L_PROT_W_generic; 6970 pte_l2_l_prot_ro = L2_L_PROT_RO_generic; 6971 pte_l2_l_prot_mask = L2_L_PROT_MASK_generic; 6972 6973 pte_l1_ss_proto = L1_SS_PROTO_generic; 6974 pte_l1_s_proto = L1_S_PROTO_generic; 6975 pte_l1_c_proto = L1_C_PROTO_generic; 6976 pte_l2_s_proto = L2_S_PROTO_generic; 6977 6978 pmap_copy_page_func = pmap_copy_page_generic; 6979 pmap_zero_page_func = pmap_zero_page_generic; 6980 } 6981 6982 #if defined(CPU_ARM8) 6983 void 6984 pmap_pte_init_arm8(void) 6985 { 6986 6987 /* 6988 * ARM8 is compatible with generic, but we need to use 6989 * the page tables uncached. 6990 */ 6991 pmap_pte_init_generic(); 6992 6993 pte_l1_s_cache_mode_pt = 0; 6994 pte_l2_l_cache_mode_pt = 0; 6995 pte_l2_s_cache_mode_pt = 0; 6996 } 6997 #endif /* CPU_ARM8 */ 6998 6999 #if defined(CPU_ARM9) && defined(ARM9_CACHE_WRITE_THROUGH) 7000 void 7001 pmap_pte_init_arm9(void) 7002 { 7003 7004 /* 7005 * ARM9 is compatible with generic, but we want to use 7006 * write-through caching for now. 7007 */ 7008 pmap_pte_init_generic(); 7009 7010 pte_l1_s_cache_mode = L1_S_C; 7011 pte_l2_l_cache_mode = L2_C; 7012 pte_l2_s_cache_mode = L2_C; 7013 7014 pte_l1_s_wc_mode = L1_S_B; 7015 pte_l2_l_wc_mode = L2_B; 7016 pte_l2_s_wc_mode = L2_B; 7017 7018 pte_l1_s_cache_mode_pt = L1_S_C; 7019 pte_l2_l_cache_mode_pt = L2_C; 7020 pte_l2_s_cache_mode_pt = L2_C; 7021 } 7022 #endif /* CPU_ARM9 && ARM9_CACHE_WRITE_THROUGH */ 7023 #endif /* (ARM_MMU_GENERIC + ARM_MMU_SA1 + ARM_MMU_V6) != 0 */ 7024 7025 #if defined(CPU_ARM10) 7026 void 7027 pmap_pte_init_arm10(void) 7028 { 7029 7030 /* 7031 * ARM10 is compatible with generic, but we want to use 7032 * write-through caching for now. 7033 */ 7034 pmap_pte_init_generic(); 7035 7036 pte_l1_s_cache_mode = L1_S_B | L1_S_C; 7037 pte_l2_l_cache_mode = L2_B | L2_C; 7038 pte_l2_s_cache_mode = L2_B | L2_C; 7039 7040 pte_l1_s_cache_mode = L1_S_B; 7041 pte_l2_l_cache_mode = L2_B; 7042 pte_l2_s_cache_mode = L2_B; 7043 7044 pte_l1_s_cache_mode_pt = L1_S_C; 7045 pte_l2_l_cache_mode_pt = L2_C; 7046 pte_l2_s_cache_mode_pt = L2_C; 7047 7048 } 7049 #endif /* CPU_ARM10 */ 7050 7051 #if defined(CPU_ARM11) && defined(ARM11_CACHE_WRITE_THROUGH) 7052 void 7053 pmap_pte_init_arm11(void) 7054 { 7055 7056 /* 7057 * ARM11 is compatible with generic, but we want to use 7058 * write-through caching for now. 7059 */ 7060 pmap_pte_init_generic(); 7061 7062 pte_l1_s_cache_mode = L1_S_C; 7063 pte_l2_l_cache_mode = L2_C; 7064 pte_l2_s_cache_mode = L2_C; 7065 7066 pte_l1_s_wc_mode = L1_S_B; 7067 pte_l2_l_wc_mode = L2_B; 7068 pte_l2_s_wc_mode = L2_B; 7069 7070 pte_l1_s_cache_mode_pt = L1_S_C; 7071 pte_l2_l_cache_mode_pt = L2_C; 7072 pte_l2_s_cache_mode_pt = L2_C; 7073 } 7074 #endif /* CPU_ARM11 && ARM11_CACHE_WRITE_THROUGH */ 7075 7076 #if ARM_MMU_SA1 == 1 7077 void 7078 pmap_pte_init_sa1(void) 7079 { 7080 7081 /* 7082 * The StrongARM SA-1 cache does not have a write-through 7083 * mode. So, do the generic initialization, then reset 7084 * the page table cache mode to B=1,C=1, and note that 7085 * the PTEs need to be sync'd. 7086 */ 7087 pmap_pte_init_generic(); 7088 7089 pte_l1_s_cache_mode_pt = L1_S_B|L1_S_C; 7090 pte_l2_l_cache_mode_pt = L2_B|L2_C; 7091 pte_l2_s_cache_mode_pt = L2_B|L2_C; 7092 7093 pmap_needs_pte_sync = 1; 7094 } 7095 #endif /* ARM_MMU_SA1 == 1*/ 7096 7097 #if ARM_MMU_XSCALE == 1 7098 #if (ARM_NMMUS > 1) 7099 static u_int xscale_use_minidata; 7100 #endif 7101 7102 void 7103 pmap_pte_init_xscale(void) 7104 { 7105 uint32_t auxctl; 7106 int write_through = 0; 7107 7108 pte_l1_s_cache_mode = L1_S_B|L1_S_C; 7109 pte_l1_s_wc_mode = L1_S_B; 7110 pte_l1_s_cache_mask = L1_S_CACHE_MASK_xscale; 7111 7112 pte_l2_l_cache_mode = L2_B|L2_C; 7113 pte_l2_l_wc_mode = L2_B; 7114 pte_l2_l_cache_mask = L2_L_CACHE_MASK_xscale; 7115 7116 pte_l2_s_cache_mode = L2_B|L2_C; 7117 pte_l2_s_wc_mode = L2_B; 7118 pte_l2_s_cache_mask = L2_S_CACHE_MASK_xscale; 7119 7120 pte_l1_s_cache_mode_pt = L1_S_C; 7121 pte_l2_l_cache_mode_pt = L2_C; 7122 pte_l2_s_cache_mode_pt = L2_C; 7123 7124 #ifdef XSCALE_CACHE_READ_WRITE_ALLOCATE 7125 /* 7126 * The XScale core has an enhanced mode where writes that 7127 * miss the cache cause a cache line to be allocated. This 7128 * is significantly faster than the traditional, write-through 7129 * behavior of this case. 7130 */ 7131 pte_l1_s_cache_mode |= L1_S_XS_TEX(TEX_XSCALE_X); 7132 pte_l2_l_cache_mode |= L2_XS_L_TEX(TEX_XSCALE_X); 7133 pte_l2_s_cache_mode |= L2_XS_T_TEX(TEX_XSCALE_X); 7134 #endif /* XSCALE_CACHE_READ_WRITE_ALLOCATE */ 7135 7136 #ifdef XSCALE_CACHE_WRITE_THROUGH 7137 /* 7138 * Some versions of the XScale core have various bugs in 7139 * their cache units, the work-around for which is to run 7140 * the cache in write-through mode. Unfortunately, this 7141 * has a major (negative) impact on performance. So, we 7142 * go ahead and run fast-and-loose, in the hopes that we 7143 * don't line up the planets in a way that will trip the 7144 * bugs. 7145 * 7146 * However, we give you the option to be slow-but-correct. 7147 */ 7148 write_through = 1; 7149 #elif defined(XSCALE_CACHE_WRITE_BACK) 7150 /* force write back cache mode */ 7151 write_through = 0; 7152 #elif defined(CPU_XSCALE_PXA250) || defined(CPU_XSCALE_PXA270) 7153 /* 7154 * Intel PXA2[15]0 processors are known to have a bug in 7155 * write-back cache on revision 4 and earlier (stepping 7156 * A[01] and B[012]). Fixed for C0 and later. 7157 */ 7158 { 7159 uint32_t id, type; 7160 7161 id = cpufunc_id(); 7162 type = id & ~(CPU_ID_XSCALE_COREREV_MASK|CPU_ID_REVISION_MASK); 7163 7164 if (type == CPU_ID_PXA250 || type == CPU_ID_PXA210) { 7165 if ((id & CPU_ID_REVISION_MASK) < 5) { 7166 /* write through for stepping A0-1 and B0-2 */ 7167 write_through = 1; 7168 } 7169 } 7170 } 7171 #endif /* XSCALE_CACHE_WRITE_THROUGH */ 7172 7173 if (write_through) { 7174 pte_l1_s_cache_mode = L1_S_C; 7175 pte_l2_l_cache_mode = L2_C; 7176 pte_l2_s_cache_mode = L2_C; 7177 } 7178 7179 #if (ARM_NMMUS > 1) 7180 xscale_use_minidata = 1; 7181 #endif 7182 7183 pte_l1_s_prot_u = L1_S_PROT_U_xscale; 7184 pte_l1_s_prot_w = L1_S_PROT_W_xscale; 7185 pte_l1_s_prot_ro = L1_S_PROT_RO_xscale; 7186 pte_l1_s_prot_mask = L1_S_PROT_MASK_xscale; 7187 7188 pte_l2_s_prot_u = L2_S_PROT_U_xscale; 7189 pte_l2_s_prot_w = L2_S_PROT_W_xscale; 7190 pte_l2_s_prot_ro = L2_S_PROT_RO_xscale; 7191 pte_l2_s_prot_mask = L2_S_PROT_MASK_xscale; 7192 7193 pte_l2_l_prot_u = L2_L_PROT_U_xscale; 7194 pte_l2_l_prot_w = L2_L_PROT_W_xscale; 7195 pte_l2_l_prot_ro = L2_L_PROT_RO_xscale; 7196 pte_l2_l_prot_mask = L2_L_PROT_MASK_xscale; 7197 7198 pte_l1_ss_proto = L1_SS_PROTO_xscale; 7199 pte_l1_s_proto = L1_S_PROTO_xscale; 7200 pte_l1_c_proto = L1_C_PROTO_xscale; 7201 pte_l2_s_proto = L2_S_PROTO_xscale; 7202 7203 pmap_copy_page_func = pmap_copy_page_xscale; 7204 pmap_zero_page_func = pmap_zero_page_xscale; 7205 7206 /* 7207 * Disable ECC protection of page table access, for now. 7208 */ 7209 auxctl = armreg_auxctl_read(); 7210 auxctl &= ~XSCALE_AUXCTL_P; 7211 armreg_auxctl_write(auxctl); 7212 } 7213 7214 /* 7215 * xscale_setup_minidata: 7216 * 7217 * Set up the mini-data cache clean area. We require the 7218 * caller to allocate the right amount of physically and 7219 * virtually contiguous space. 7220 */ 7221 void 7222 xscale_setup_minidata(vaddr_t l1pt, vaddr_t va, paddr_t pa) 7223 { 7224 extern vaddr_t xscale_minidata_clean_addr; 7225 extern vsize_t xscale_minidata_clean_size; /* already initialized */ 7226 pd_entry_t *pde = (pd_entry_t *) l1pt; 7227 vsize_t size; 7228 uint32_t auxctl; 7229 7230 xscale_minidata_clean_addr = va; 7231 7232 /* Round it to page size. */ 7233 size = (xscale_minidata_clean_size + L2_S_OFFSET) & L2_S_FRAME; 7234 7235 for (; size != 0; 7236 va += L2_S_SIZE, pa += L2_S_SIZE, size -= L2_S_SIZE) { 7237 const size_t l1slot = l1pte_index(va); 7238 pt_entry_t *ptep = (pt_entry_t *) kernel_pt_lookup(l1pte_pa(pde[l1slot])); 7239 if (ptep == NULL) 7240 panic("xscale_setup_minidata: can't find L2 table for " 7241 "VA 0x%08lx", va); 7242 7243 ptep += l2pte_index(va); 7244 pt_entry_t opte = *ptep; 7245 l2pte_set(ptep, 7246 L2_S_PROTO | pa | L2_S_PROT(PTE_KERNEL, VM_PROT_READ) 7247 | L2_C | L2_XS_T_TEX(TEX_XSCALE_X), opte); 7248 } 7249 7250 /* 7251 * Configure the mini-data cache for write-back with 7252 * read/write-allocate. 7253 * 7254 * NOTE: In order to reconfigure the mini-data cache, we must 7255 * make sure it contains no valid data! In order to do that, 7256 * we must issue a global data cache invalidate command! 7257 * 7258 * WE ASSUME WE ARE RUNNING UN-CACHED WHEN THIS ROUTINE IS CALLED! 7259 * THIS IS VERY IMPORTANT! 7260 */ 7261 7262 /* Invalidate data and mini-data. */ 7263 __asm volatile("mcr p15, 0, %0, c7, c6, 0" : : "r" (0)); 7264 auxctl = armreg_auxctl_read(); 7265 auxctl = (auxctl & ~XSCALE_AUXCTL_MD_MASK) | XSCALE_AUXCTL_MD_WB_RWA; 7266 armreg_auxctl_write(auxctl); 7267 } 7268 7269 /* 7270 * Change the PTEs for the specified kernel mappings such that they 7271 * will use the mini data cache instead of the main data cache. 7272 */ 7273 void 7274 pmap_uarea(vaddr_t va) 7275 { 7276 vaddr_t next_bucket, eva; 7277 7278 #if (ARM_NMMUS > 1) 7279 if (xscale_use_minidata == 0) 7280 return; 7281 #endif 7282 7283 eva = va + USPACE; 7284 7285 while (va < eva) { 7286 next_bucket = L2_NEXT_BUCKET_VA(va); 7287 if (next_bucket > eva) 7288 next_bucket = eva; 7289 7290 struct l2_bucket *l2b = pmap_get_l2_bucket(pmap_kernel(), va); 7291 KDASSERT(l2b != NULL); 7292 7293 pt_entry_t * const sptep = &l2b->l2b_kva[l2pte_index(va)]; 7294 pt_entry_t *ptep = sptep; 7295 7296 while (va < next_bucket) { 7297 const pt_entry_t opte = *ptep; 7298 if (!l2pte_minidata_p(opte)) { 7299 cpu_dcache_wbinv_range(va, PAGE_SIZE); 7300 cpu_tlb_flushD_SE(va); 7301 l2pte_set(ptep, opte & ~L2_B, opte); 7302 } 7303 ptep += PAGE_SIZE / L2_S_SIZE; 7304 va += PAGE_SIZE; 7305 } 7306 PTE_SYNC_RANGE(sptep, (u_int)(ptep - sptep)); 7307 } 7308 cpu_cpwait(); 7309 } 7310 #endif /* ARM_MMU_XSCALE == 1 */ 7311 7312 7313 #if defined(CPU_ARM11MPCORE) 7314 7315 void 7316 pmap_pte_init_arm11mpcore(void) 7317 { 7318 7319 /* cache mode is controlled by 5 bits (B, C, TEX) */ 7320 pte_l1_s_cache_mask = L1_S_CACHE_MASK_armv6; 7321 pte_l2_l_cache_mask = L2_L_CACHE_MASK_armv6; 7322 #if defined(ARM11MPCORE_COMPAT_MMU) || defined(ARMV6_EXTENDED_SMALL_PAGE) 7323 /* use extended small page (without APn, with TEX) */ 7324 pte_l2_s_cache_mask = L2_XS_CACHE_MASK_armv6; 7325 #else 7326 pte_l2_s_cache_mask = L2_S_CACHE_MASK_armv6c; 7327 #endif 7328 7329 /* write-back, write-allocate */ 7330 pte_l1_s_cache_mode = L1_S_C | L1_S_B | L1_S_V6_TEX(0x01); 7331 pte_l2_l_cache_mode = L2_C | L2_B | L2_V6_L_TEX(0x01); 7332 #if defined(ARM11MPCORE_COMPAT_MMU) || defined(ARMV6_EXTENDED_SMALL_PAGE) 7333 pte_l2_s_cache_mode = L2_C | L2_B | L2_V6_XS_TEX(0x01); 7334 #else 7335 /* no TEX. read-allocate */ 7336 pte_l2_s_cache_mode = L2_C | L2_B; 7337 #endif 7338 /* 7339 * write-back, write-allocate for page tables. 7340 */ 7341 pte_l1_s_cache_mode_pt = L1_S_C | L1_S_B | L1_S_V6_TEX(0x01); 7342 pte_l2_l_cache_mode_pt = L2_C | L2_B | L2_V6_L_TEX(0x01); 7343 #if defined(ARM11MPCORE_COMPAT_MMU) || defined(ARMV6_EXTENDED_SMALL_PAGE) 7344 pte_l2_s_cache_mode_pt = L2_C | L2_B | L2_V6_XS_TEX(0x01); 7345 #else 7346 pte_l2_s_cache_mode_pt = L2_C | L2_B; 7347 #endif 7348 7349 pte_l1_s_prot_u = L1_S_PROT_U_armv6; 7350 pte_l1_s_prot_w = L1_S_PROT_W_armv6; 7351 pte_l1_s_prot_ro = L1_S_PROT_RO_armv6; 7352 pte_l1_s_prot_mask = L1_S_PROT_MASK_armv6; 7353 7354 #if defined(ARM11MPCORE_COMPAT_MMU) || defined(ARMV6_EXTENDED_SMALL_PAGE) 7355 pte_l2_s_prot_u = L2_S_PROT_U_armv6n; 7356 pte_l2_s_prot_w = L2_S_PROT_W_armv6n; 7357 pte_l2_s_prot_ro = L2_S_PROT_RO_armv6n; 7358 pte_l2_s_prot_mask = L2_S_PROT_MASK_armv6n; 7359 7360 #else 7361 /* with AP[0..3] */ 7362 pte_l2_s_prot_u = L2_S_PROT_U_generic; 7363 pte_l2_s_prot_w = L2_S_PROT_W_generic; 7364 pte_l2_s_prot_ro = L2_S_PROT_RO_generic; 7365 pte_l2_s_prot_mask = L2_S_PROT_MASK_generic; 7366 #endif 7367 7368 #ifdef ARM11MPCORE_COMPAT_MMU 7369 /* with AP[0..3] */ 7370 pte_l2_l_prot_u = L2_L_PROT_U_generic; 7371 pte_l2_l_prot_w = L2_L_PROT_W_generic; 7372 pte_l2_l_prot_ro = L2_L_PROT_RO_generic; 7373 pte_l2_l_prot_mask = L2_L_PROT_MASK_generic; 7374 7375 pte_l1_ss_proto = L1_SS_PROTO_armv6; 7376 pte_l1_s_proto = L1_S_PROTO_armv6; 7377 pte_l1_c_proto = L1_C_PROTO_armv6; 7378 pte_l2_s_proto = L2_S_PROTO_armv6c; 7379 #else 7380 pte_l2_l_prot_u = L2_L_PROT_U_armv6n; 7381 pte_l2_l_prot_w = L2_L_PROT_W_armv6n; 7382 pte_l2_l_prot_ro = L2_L_PROT_RO_armv6n; 7383 pte_l2_l_prot_mask = L2_L_PROT_MASK_armv6n; 7384 7385 pte_l1_ss_proto = L1_SS_PROTO_armv6; 7386 pte_l1_s_proto = L1_S_PROTO_armv6; 7387 pte_l1_c_proto = L1_C_PROTO_armv6; 7388 pte_l2_s_proto = L2_S_PROTO_armv6n; 7389 #endif 7390 7391 pmap_copy_page_func = pmap_copy_page_generic; 7392 pmap_zero_page_func = pmap_zero_page_generic; 7393 pmap_needs_pte_sync = 1; 7394 } 7395 #endif /* CPU_ARM11MPCORE */ 7396 7397 7398 #if ARM_MMU_V7 == 1 7399 void 7400 pmap_pte_init_armv7(void) 7401 { 7402 /* 7403 * The ARMv7-A MMU is mostly compatible with generic. If the 7404 * AP field is zero, that now means "no access" rather than 7405 * read-only. The prototypes are a little different because of 7406 * the XN bit. 7407 */ 7408 pmap_pte_init_generic(); 7409 7410 pmap_needs_pte_sync = 1; 7411 7412 pte_l1_s_cache_mask = L1_S_CACHE_MASK_armv7; 7413 pte_l2_l_cache_mask = L2_L_CACHE_MASK_armv7; 7414 pte_l2_s_cache_mask = L2_S_CACHE_MASK_armv7; 7415 7416 /* 7417 * If the core support coherent walk then updates to translation tables 7418 * do not require a clean to the point of unification to ensure 7419 * visibility by subsequent translation table walks. That means we can 7420 * map everything shareable and cached and the right thing will happen. 7421 */ 7422 if (__SHIFTOUT(armreg_mmfr3_read(), __BITS(23,20))) { 7423 pmap_needs_pte_sync = 0; 7424 7425 /* 7426 * write-back, no write-allocate, shareable for normal pages. 7427 */ 7428 pte_l1_s_cache_mode |= L1_S_V6_S; 7429 pte_l2_l_cache_mode |= L2_XS_S; 7430 pte_l2_s_cache_mode |= L2_XS_S; 7431 } 7432 7433 /* 7434 * Page tables are just all other memory. We can use write-back since 7435 * pmap_needs_pte_sync is 1 (or the MMU can read out of cache). 7436 */ 7437 pte_l1_s_cache_mode_pt = pte_l1_s_cache_mode; 7438 pte_l2_l_cache_mode_pt = pte_l2_l_cache_mode; 7439 pte_l2_s_cache_mode_pt = pte_l2_s_cache_mode; 7440 7441 /* 7442 * Check the Memory Model Features to see if this CPU supports 7443 * the TLBIASID coproc op. 7444 */ 7445 if (__SHIFTOUT(armreg_mmfr2_read(), __BITS(16,19)) >= 2) { 7446 arm_has_tlbiasid_p = true; 7447 } 7448 7449 pte_l1_s_prot_u = L1_S_PROT_U_armv7; 7450 pte_l1_s_prot_w = L1_S_PROT_W_armv7; 7451 pte_l1_s_prot_ro = L1_S_PROT_RO_armv7; 7452 pte_l1_s_prot_mask = L1_S_PROT_MASK_armv7; 7453 7454 pte_l2_s_prot_u = L2_S_PROT_U_armv7; 7455 pte_l2_s_prot_w = L2_S_PROT_W_armv7; 7456 pte_l2_s_prot_ro = L2_S_PROT_RO_armv7; 7457 pte_l2_s_prot_mask = L2_S_PROT_MASK_armv7; 7458 7459 pte_l2_l_prot_u = L2_L_PROT_U_armv7; 7460 pte_l2_l_prot_w = L2_L_PROT_W_armv7; 7461 pte_l2_l_prot_ro = L2_L_PROT_RO_armv7; 7462 pte_l2_l_prot_mask = L2_L_PROT_MASK_armv7; 7463 7464 pte_l1_ss_proto = L1_SS_PROTO_armv7; 7465 pte_l1_s_proto = L1_S_PROTO_armv7; 7466 pte_l1_c_proto = L1_C_PROTO_armv7; 7467 pte_l2_s_proto = L2_S_PROTO_armv7; 7468 7469 } 7470 #endif /* ARM_MMU_V7 */ 7471 7472 /* 7473 * return the PA of the current L1 table, for use when handling a crash dump 7474 */ 7475 uint32_t 7476 pmap_kernel_L1_addr(void) 7477 { 7478 #ifdef ARM_MMU_EXTENDED 7479 return pmap_kernel()->pm_l1_pa; 7480 #else 7481 return pmap_kernel()->pm_l1->l1_physaddr; 7482 #endif 7483 } 7484 7485 #if defined(DDB) 7486 /* 7487 * A couple of ddb-callable functions for dumping pmaps 7488 */ 7489 void pmap_dump_all(void); 7490 void pmap_dump(pmap_t); 7491 7492 void 7493 pmap_dump_all(void) 7494 { 7495 pmap_t pm; 7496 7497 LIST_FOREACH(pm, &pmap_pmaps, pm_list) { 7498 if (pm == pmap_kernel()) 7499 continue; 7500 pmap_dump(pm); 7501 printf("\n"); 7502 } 7503 } 7504 7505 static pt_entry_t ncptes[64]; 7506 static void pmap_dump_ncpg(pmap_t); 7507 7508 void 7509 pmap_dump(pmap_t pm) 7510 { 7511 struct l2_dtable *l2; 7512 struct l2_bucket *l2b; 7513 pt_entry_t *ptep, pte; 7514 vaddr_t l2_va, l2b_va, va; 7515 int i, j, k, occ, rows = 0; 7516 7517 if (pm == pmap_kernel()) 7518 printf("pmap_kernel (%p): ", pm); 7519 else 7520 printf("user pmap (%p): ", pm); 7521 7522 #ifdef ARM_MMU_EXTENDED 7523 printf("l1 at %p\n", pmap_l1_kva(pm)); 7524 #else 7525 printf("domain %d, l1 at %p\n", pmap_domain(pm), pmap_l1_kva(pm)); 7526 #endif 7527 7528 l2_va = 0; 7529 for (i = 0; i < L2_SIZE; i++, l2_va += 0x01000000) { 7530 l2 = pm->pm_l2[i]; 7531 7532 if (l2 == NULL || l2->l2_occupancy == 0) 7533 continue; 7534 7535 l2b_va = l2_va; 7536 for (j = 0; j < L2_BUCKET_SIZE; j++, l2b_va += 0x00100000) { 7537 l2b = &l2->l2_bucket[j]; 7538 7539 if (l2b->l2b_occupancy == 0 || l2b->l2b_kva == NULL) 7540 continue; 7541 7542 ptep = l2b->l2b_kva; 7543 7544 for (k = 0; k < 256 && ptep[k] == 0; k++) 7545 ; 7546 7547 k &= ~63; 7548 occ = l2b->l2b_occupancy; 7549 va = l2b_va + (k * 4096); 7550 for (; k < 256; k++, va += 0x1000) { 7551 char ch = ' '; 7552 if ((k % 64) == 0) { 7553 if ((rows % 8) == 0) { 7554 printf( 7555 " |0000 |8000 |10000 |18000 |20000 |28000 |30000 |38000\n"); 7556 } 7557 printf("%08lx: ", va); 7558 } 7559 7560 ncptes[k & 63] = 0; 7561 pte = ptep[k]; 7562 if (pte == 0) { 7563 ch = '.'; 7564 } else { 7565 occ--; 7566 switch (pte & 0x0c) { 7567 case 0x00: 7568 ch = 'D'; /* No cache No buff */ 7569 break; 7570 case 0x04: 7571 ch = 'B'; /* No cache buff */ 7572 break; 7573 case 0x08: 7574 if (pte & 0x40) 7575 ch = 'm'; 7576 else 7577 ch = 'C'; /* Cache No buff */ 7578 break; 7579 case 0x0c: 7580 ch = 'F'; /* Cache Buff */ 7581 break; 7582 } 7583 7584 if ((pte & L2_S_PROT_U) == L2_S_PROT_U) 7585 ch += 0x20; 7586 7587 if ((pte & 0xc) == 0) 7588 ncptes[k & 63] = pte; 7589 } 7590 7591 if ((k % 64) == 63) { 7592 rows++; 7593 printf("%c\n", ch); 7594 pmap_dump_ncpg(pm); 7595 if (occ == 0) 7596 break; 7597 } else 7598 printf("%c", ch); 7599 } 7600 } 7601 } 7602 } 7603 7604 static void 7605 pmap_dump_ncpg(pmap_t pm) 7606 { 7607 struct vm_page *pg; 7608 struct vm_page_md *md; 7609 struct pv_entry *pv; 7610 int i; 7611 7612 for (i = 0; i < 63; i++) { 7613 if (ncptes[i] == 0) 7614 continue; 7615 7616 pg = PHYS_TO_VM_PAGE(l2pte_pa(ncptes[i])); 7617 if (pg == NULL) 7618 continue; 7619 md = VM_PAGE_TO_MD(pg); 7620 7621 printf(" pa 0x%08lx: krw %d kro %d urw %d uro %d\n", 7622 VM_PAGE_TO_PHYS(pg), 7623 md->krw_mappings, md->kro_mappings, 7624 md->urw_mappings, md->uro_mappings); 7625 7626 SLIST_FOREACH(pv, &md->pvh_list, pv_link) { 7627 printf(" %c va 0x%08lx, flags 0x%x\n", 7628 (pm == pv->pv_pmap) ? '*' : ' ', 7629 pv->pv_va, pv->pv_flags); 7630 } 7631 } 7632 } 7633 #endif 7634 7635 #ifdef PMAP_STEAL_MEMORY 7636 void 7637 pmap_boot_pageadd(pv_addr_t *newpv) 7638 { 7639 pv_addr_t *pv, *npv; 7640 7641 if ((pv = SLIST_FIRST(&pmap_boot_freeq)) != NULL) { 7642 if (newpv->pv_pa < pv->pv_va) { 7643 KASSERT(newpv->pv_pa + newpv->pv_size <= pv->pv_pa); 7644 if (newpv->pv_pa + newpv->pv_size == pv->pv_pa) { 7645 newpv->pv_size += pv->pv_size; 7646 SLIST_REMOVE_HEAD(&pmap_boot_freeq, pv_list); 7647 } 7648 pv = NULL; 7649 } else { 7650 for (; (npv = SLIST_NEXT(pv, pv_list)) != NULL; 7651 pv = npv) { 7652 KASSERT(pv->pv_pa + pv->pv_size < npv->pv_pa); 7653 KASSERT(pv->pv_pa < newpv->pv_pa); 7654 if (newpv->pv_pa > npv->pv_pa) 7655 continue; 7656 if (pv->pv_pa + pv->pv_size == newpv->pv_pa) { 7657 pv->pv_size += newpv->pv_size; 7658 return; 7659 } 7660 if (newpv->pv_pa + newpv->pv_size < npv->pv_pa) 7661 break; 7662 newpv->pv_size += npv->pv_size; 7663 SLIST_INSERT_AFTER(pv, newpv, pv_list); 7664 SLIST_REMOVE_AFTER(newpv, pv_list); 7665 return; 7666 } 7667 } 7668 } 7669 7670 if (pv) { 7671 SLIST_INSERT_AFTER(pv, newpv, pv_list); 7672 } else { 7673 SLIST_INSERT_HEAD(&pmap_boot_freeq, newpv, pv_list); 7674 } 7675 } 7676 7677 void 7678 pmap_boot_pagealloc(psize_t amount, psize_t mask, psize_t match, 7679 pv_addr_t *rpv) 7680 { 7681 pv_addr_t *pv, **pvp; 7682 struct vm_physseg *ps; 7683 size_t i; 7684 7685 KASSERT(amount & PGOFSET); 7686 KASSERT((mask & PGOFSET) == 0); 7687 KASSERT((match & PGOFSET) == 0); 7688 KASSERT(amount != 0); 7689 7690 for (pvp = &SLIST_FIRST(&pmap_boot_freeq); 7691 (pv = *pvp) != NULL; 7692 pvp = &SLIST_NEXT(pv, pv_list)) { 7693 pv_addr_t *newpv; 7694 psize_t off; 7695 /* 7696 * If this entry is too small to satify the request... 7697 */ 7698 KASSERT(pv->pv_size > 0); 7699 if (pv->pv_size < amount) 7700 continue; 7701 7702 for (off = 0; off <= mask; off += PAGE_SIZE) { 7703 if (((pv->pv_pa + off) & mask) == match 7704 && off + amount <= pv->pv_size) 7705 break; 7706 } 7707 if (off > mask) 7708 continue; 7709 7710 rpv->pv_va = pv->pv_va + off; 7711 rpv->pv_pa = pv->pv_pa + off; 7712 rpv->pv_size = amount; 7713 pv->pv_size -= amount; 7714 if (pv->pv_size == 0) { 7715 KASSERT(off == 0); 7716 KASSERT((vaddr_t) pv == rpv->pv_va); 7717 *pvp = SLIST_NEXT(pv, pv_list); 7718 } else if (off == 0) { 7719 KASSERT((vaddr_t) pv == rpv->pv_va); 7720 newpv = (pv_addr_t *) (rpv->pv_va + amount); 7721 *newpv = *pv; 7722 newpv->pv_pa += amount; 7723 newpv->pv_va += amount; 7724 *pvp = newpv; 7725 } else if (off < pv->pv_size) { 7726 newpv = (pv_addr_t *) (rpv->pv_va + amount); 7727 *newpv = *pv; 7728 newpv->pv_size -= off; 7729 newpv->pv_pa += off + amount; 7730 newpv->pv_va += off + amount; 7731 7732 SLIST_NEXT(pv, pv_list) = newpv; 7733 pv->pv_size = off; 7734 } else { 7735 KASSERT((vaddr_t) pv != rpv->pv_va); 7736 } 7737 memset((void *)rpv->pv_va, 0, amount); 7738 return; 7739 } 7740 7741 if (vm_nphysseg == 0) 7742 panic("pmap_boot_pagealloc: couldn't allocate memory"); 7743 7744 for (pvp = &SLIST_FIRST(&pmap_boot_freeq); 7745 (pv = *pvp) != NULL; 7746 pvp = &SLIST_NEXT(pv, pv_list)) { 7747 if (SLIST_NEXT(pv, pv_list) == NULL) 7748 break; 7749 } 7750 KASSERT(mask == 0); 7751 for (i = 0; i < vm_nphysseg; i++) { 7752 ps = VM_PHYSMEM_PTR(i); 7753 if (ps->avail_start == atop(pv->pv_pa + pv->pv_size) 7754 && pv->pv_va + pv->pv_size <= ptoa(ps->avail_end)) { 7755 rpv->pv_va = pv->pv_va; 7756 rpv->pv_pa = pv->pv_pa; 7757 rpv->pv_size = amount; 7758 *pvp = NULL; 7759 pmap_map_chunk(kernel_l1pt.pv_va, 7760 ptoa(ps->avail_start) + (pv->pv_va - pv->pv_pa), 7761 ptoa(ps->avail_start), 7762 amount - pv->pv_size, 7763 VM_PROT_READ|VM_PROT_WRITE, 7764 PTE_CACHE); 7765 ps->avail_start += atop(amount - pv->pv_size); 7766 /* 7767 * If we consumed the entire physseg, remove it. 7768 */ 7769 if (ps->avail_start == ps->avail_end) { 7770 for (--vm_nphysseg; i < vm_nphysseg; i++) 7771 VM_PHYSMEM_PTR_SWAP(i, i + 1); 7772 } 7773 memset((void *)rpv->pv_va, 0, rpv->pv_size); 7774 return; 7775 } 7776 } 7777 7778 panic("pmap_boot_pagealloc: couldn't allocate memory"); 7779 } 7780 7781 vaddr_t 7782 pmap_steal_memory(vsize_t size, vaddr_t *vstartp, vaddr_t *vendp) 7783 { 7784 pv_addr_t pv; 7785 7786 pmap_boot_pagealloc(size, 0, 0, &pv); 7787 7788 return pv.pv_va; 7789 } 7790 #endif /* PMAP_STEAL_MEMORY */ 7791 7792 SYSCTL_SETUP(sysctl_machdep_pmap_setup, "sysctl machdep.kmpages setup") 7793 { 7794 sysctl_createv(clog, 0, NULL, NULL, 7795 CTLFLAG_PERMANENT, 7796 CTLTYPE_NODE, "machdep", NULL, 7797 NULL, 0, NULL, 0, 7798 CTL_MACHDEP, CTL_EOL); 7799 7800 sysctl_createv(clog, 0, NULL, NULL, 7801 CTLFLAG_PERMANENT, 7802 CTLTYPE_INT, "kmpages", 7803 SYSCTL_DESCR("count of pages allocated to kernel memory allocators"), 7804 NULL, 0, &pmap_kmpages, 0, 7805 CTL_MACHDEP, CTL_CREATE, CTL_EOL); 7806 } 7807 7808 #ifdef PMAP_NEED_ALLOC_POOLPAGE 7809 struct vm_page * 7810 arm_pmap_alloc_poolpage(int flags) 7811 { 7812 /* 7813 * On some systems, only some pages may be "coherent" for dma and we 7814 * want to prefer those for pool pages (think mbufs) but fallback to 7815 * any page if none is available. But we can only fallback if we 7816 * aren't direct mapping memory or all of memory can be direct-mapped. 7817 * If that isn't true, pool changes can only come from direct-mapped 7818 * memory. 7819 */ 7820 if (arm_poolpage_vmfreelist != VM_FREELIST_DEFAULT) { 7821 return uvm_pagealloc_strat(NULL, 0, NULL, flags, 7822 UVM_PGA_STRAT_FALLBACK, 7823 arm_poolpage_vmfreelist); 7824 } 7825 7826 return uvm_pagealloc(NULL, 0, NULL, flags); 7827 } 7828 #endif 7829 7830 #if defined(ARM_MMU_EXTENDED) && defined(MULTIPROCESSOR) 7831 void 7832 pmap_md_tlb_info_attach(struct pmap_tlb_info *ti, struct cpu_info *ci) 7833 { 7834 /* nothing */ 7835 } 7836 7837 int 7838 pic_ipi_shootdown(void *arg) 7839 { 7840 #if PMAP_NEED_TLB_SHOOTDOWN 7841 pmap_tlb_shootdown_process(); 7842 #endif 7843 return 1; 7844 } 7845 #endif /* ARM_MMU_EXTENDED && MULTIPROCESSOR */ 7846 7847 7848 #ifdef __HAVE_MM_MD_DIRECT_MAPPED_PHYS 7849 vaddr_t 7850 pmap_direct_mapped_phys(paddr_t pa, bool *ok_p, vaddr_t va) 7851 { 7852 bool ok = false; 7853 if (physical_start <= pa && pa < physical_end) { 7854 #ifdef KERNEL_BASE_VOFFSET 7855 const vaddr_t newva = pa + KERNEL_BASE_VOFFSET; 7856 #else 7857 const vaddr_t newva = KERNEL_BASE + pa - physical_start; 7858 #endif 7859 #ifdef ARM_MMU_EXTENDED 7860 if (newva >= KERNEL_BASE && newva < pmap_directlimit) { 7861 #endif 7862 va = newva; 7863 ok = true; 7864 #ifdef ARM_MMU_EXTENDED 7865 } 7866 #endif 7867 } 7868 KASSERT(ok_p); 7869 *ok_p = ok; 7870 return va; 7871 } 7872 7873 vaddr_t 7874 pmap_map_poolpage(paddr_t pa) 7875 { 7876 bool ok __diagused; 7877 vaddr_t va = pmap_direct_mapped_phys(pa, &ok, 0); 7878 KASSERT(ok); 7879 #if defined(PMAP_CACHE_VIPT) && !defined(ARM_MMU_EXTENDED) 7880 if (arm_cache_prefer_mask != 0) { 7881 struct vm_page * const pg = PHYS_TO_VM_PAGE(pa); 7882 struct vm_page_md * const md = VM_PAGE_TO_MD(pg); 7883 pmap_acquire_page_lock(md); 7884 pmap_vac_me_harder(md, pa, pmap_kernel(), va); 7885 pmap_release_page_lock(md); 7886 } 7887 #endif 7888 return va; 7889 } 7890 7891 paddr_t 7892 pmap_unmap_poolpage(vaddr_t va) 7893 { 7894 KASSERT(va >= KERNEL_BASE); 7895 #ifdef PMAP_CACHE_VIVT 7896 cpu_idcache_wbinv_range(va, PAGE_SIZE); 7897 #endif 7898 #if defined(KERNEL_BASE_VOFFSET) 7899 return va - KERNEL_BASE_VOFFSET; 7900 #else 7901 return va - KERNEL_BASE + physical_start; 7902 #endif 7903 } 7904 #endif /* __HAVE_MM_MD_DIRECT_MAPPED_PHYS */ 7905