2 * Copyright (c) 1991 Regents of the University of California.
3 * Copyright (c) 1994 John S. Dyson
4 * Copyright (c) 1994 David Greenman
5 * Copyright (c) 2003 Peter Wemm
6 * Copyright (c) 2005-2008 Alan L. Cox <alc@cs.rice.edu>
7 * Copyright (c) 2008, 2009 The DragonFly Project.
8 * Copyright (c) 2008, 2009 Jordan Gordeev.
11 * This code is derived from software contributed to Berkeley by
12 * the Systems Programming Group of the University of Utah Computer
13 * Science Department and William Jolitz of UUNET Technologies Inc.
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. All advertising materials mentioning features or use of this software
24 * must display the following acknowledgement:
25 * This product includes software developed by the University of
26 * California, Berkeley and its contributors.
27 * 4. Neither the name of the University nor the names of its contributors
28 * may be used to endorse or promote products derived from this software
29 * without specific prior written permission.
31 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
32 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
35 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
43 * from: @(#)pmap.c 7.7 (Berkeley) 5/12/91
44 * $FreeBSD: src/sys/i386/i386/pmap.c,v 1.250.2.18 2002/03/06 22:48:53 silby Exp $
45 * $DragonFly: src/sys/platform/pc64/amd64/pmap.c,v 1.3 2008/08/29 17:07:10 dillon Exp $
49 * Manages physical address maps.
51 * In addition to hardware address maps, this
52 * module is called upon to provide software-use-only
53 * maps which may or may not be stored in the same
54 * form as hardware maps. These pseudo-maps are
55 * used to store intermediate results from copy
56 * operations to and from address spaces.
58 * Since the information managed by this module is
59 * also stored by the logical address mapping module,
60 * this module may throw away valid virtual-to-physical
61 * mappings at almost any time. However, invalidations
62 * of virtual-to-physical mappings must be done as
65 * In order to cope with hardware architectures which
66 * make virtual-to-physical map invalidates expensive,
67 * this module may delay invalidate or reduced protection
68 * operations until such time as they are actually
69 * necessary. This module is given full information as
70 * to which processors are currently using which maps,
71 * and to when physical maps must be made correct.
75 #include "opt_disable_pse.h"
78 #include "opt_msgbuf.h"
80 #include <sys/param.h>
81 #include <sys/systm.h>
82 #include <sys/kernel.h>
84 #include <sys/msgbuf.h>
85 #include <sys/vmmeter.h>
89 #include <vm/vm_param.h>
90 #include <sys/sysctl.h>
92 #include <vm/vm_kern.h>
93 #include <vm/vm_page.h>
94 #include <vm/vm_map.h>
95 #include <vm/vm_object.h>
96 #include <vm/vm_extern.h>
97 #include <vm/vm_pageout.h>
98 #include <vm/vm_pager.h>
99 #include <vm/vm_zone.h>
101 #include <sys/user.h>
102 #include <sys/thread2.h>
103 #include <sys/sysref2.h>
105 #include <machine/cputypes.h>
106 #include <machine/md_var.h>
107 #include <machine/specialreg.h>
108 #include <machine/smp.h>
109 #include <machine_base/apic/apicreg.h>
110 #include <machine/globaldata.h>
111 #include <machine/pmap.h>
112 #include <machine/pmap_inval.h>
116 #define PMAP_KEEP_PDIRS
117 #ifndef PMAP_SHPGPERPROC
118 #define PMAP_SHPGPERPROC 200
121 #if defined(DIAGNOSTIC)
122 #define PMAP_DIAGNOSTIC
127 #if !defined(PMAP_DIAGNOSTIC)
128 #define PMAP_INLINE __inline
144 * Get PDEs and PTEs for user/kernel address space
147 #define pmap_pde(m, v) (&((m)->pm_pdir[(vm_offset_t)(v) >> PDRSHIFT]))
149 static pd_entry_t *pmap_pde(pmap_t pmap, vm_offset_t va);
150 #define pdir_pde(m, v) (m[(vm_offset_t)(v) >> PDRSHIFT])
152 #define pmap_pde_v(pte) ((*(pd_entry_t *)pte & PG_V) != 0)
153 #define pmap_pte_w(pte) ((*(pt_entry_t *)pte & PG_W) != 0)
154 #define pmap_pte_m(pte) ((*(pt_entry_t *)pte & PG_M) != 0)
155 #define pmap_pte_u(pte) ((*(pt_entry_t *)pte & PG_A) != 0)
156 #define pmap_pte_v(pte) ((*(pt_entry_t *)pte & PG_V) != 0)
160 * Given a map and a machine independent protection code,
161 * convert to a vax protection code.
163 #define pte_prot(m, p) \
164 (protection_codes[p & (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE)])
165 static int protection_codes[8];
167 struct pmap kernel_pmap;
168 static TAILQ_HEAD(,pmap) pmap_list = TAILQ_HEAD_INITIALIZER(pmap_list);
170 vm_paddr_t avail_start; /* PA of first available physical page */
171 vm_paddr_t avail_end; /* PA of last available physical page */
172 vm_offset_t virtual_start; /* VA of first avail page (after kernel bss) */
173 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
174 vm_offset_t KvaStart; /* VA start of KVA space */
175 vm_offset_t KvaEnd; /* VA end of KVA space (non-inclusive) */
176 vm_offset_t KvaSize; /* max size of kernel virtual address space */
177 static boolean_t pmap_initialized = FALSE; /* Has pmap_init completed? */
178 static int pgeflag; /* PG_G or-in */
179 static int pseflag; /* PG_PS or-in */
181 static vm_object_t kptobj;
184 static vm_paddr_t dmaplimit;
186 vm_offset_t kernel_vm_end;
188 static uint64_t KPDphys; /* phys addr of kernel level 2 */
189 uint64_t KPDPphys; /* phys addr of kernel level 3 */
190 uint64_t KPML4phys; /* phys addr of kernel level 4 */
192 static uint64_t DMPDphys; /* phys addr of direct mapped level 2 */
193 static uint64_t DMPDPphys; /* phys addr of direct mapped level 3 */
196 * Data for the pv entry allocation mechanism
198 static vm_zone_t pvzone;
199 static struct vm_zone pvzone_store;
200 static struct vm_object pvzone_obj;
201 static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0;
202 static int pmap_pagedaemon_waken = 0;
203 static struct pv_entry *pvinit;
206 * All those kernel PT submaps that BSD is so fond of
208 pt_entry_t *CMAP1 = 0, *ptmmap;
209 caddr_t CADDR1 = 0, ptvmmap = 0;
210 static pt_entry_t *msgbufmap;
211 struct msgbuf *msgbufp=0;
216 static pt_entry_t *pt_crashdumpmap;
217 static caddr_t crashdumpmap;
219 extern uint64_t KPTphys;
220 extern pt_entry_t *SMPpt;
221 extern uint64_t SMPptpa;
225 static PMAP_INLINE void free_pv_entry (pv_entry_t pv);
226 static pv_entry_t get_pv_entry (void);
227 static void i386_protection_init (void);
228 static __inline void pmap_clearbit (vm_page_t m, int bit);
230 static void pmap_remove_all (vm_page_t m);
231 static void pmap_enter_quick (pmap_t pmap, vm_offset_t va, vm_page_t m);
232 static int pmap_remove_pte (struct pmap *pmap, pt_entry_t *ptq,
233 vm_offset_t sva, pmap_inval_info_t info);
234 static void pmap_remove_page (struct pmap *pmap,
235 vm_offset_t va, pmap_inval_info_t info);
236 static int pmap_remove_entry (struct pmap *pmap, vm_page_t m,
237 vm_offset_t va, pmap_inval_info_t info);
238 static boolean_t pmap_testbit (vm_page_t m, int bit);
239 static void pmap_insert_entry (pmap_t pmap, vm_offset_t va,
240 vm_page_t mpte, vm_page_t m);
242 static vm_page_t pmap_allocpte (pmap_t pmap, vm_offset_t va);
244 static int pmap_release_free_page (pmap_t pmap, vm_page_t p);
245 static vm_page_t _pmap_allocpte (pmap_t pmap, vm_pindex_t ptepindex);
246 static pt_entry_t * pmap_pte_quick (pmap_t pmap, vm_offset_t va);
247 static vm_page_t pmap_page_lookup (vm_object_t object, vm_pindex_t pindex);
248 static int pmap_unwire_pte_hold(pmap_t pmap, vm_offset_t va, vm_page_t m,
249 pmap_inval_info_t info);
250 static int pmap_unuse_pt (pmap_t, vm_offset_t, vm_page_t, pmap_inval_info_t);
251 static vm_offset_t pmap_kmem_choose(vm_offset_t addr);
253 static unsigned pdir4mb;
256 * Move the kernel virtual free pointer to the next
257 * 2MB. This is used to help improve performance
258 * by using a large (2MB) page for much of the kernel
259 * (.text, .data, .bss)
262 pmap_kmem_choose(vm_offset_t addr)
265 vm_offset_t newaddr = addr;
267 newaddr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
274 * Super fast pmap_pte routine best used when scanning the pv lists.
275 * This eliminates many course-grained invltlb calls. Note that many of
276 * the pv list scans are across different pmaps and it is very wasteful
277 * to do an entire invltlb when checking a single mapping.
279 * Should only be called while in a critical section.
281 static __inline pt_entry_t *pmap_pte(pmap_t pmap, vm_offset_t va);
284 pmap_pte_quick(pmap_t pmap, vm_offset_t va)
287 return pmap_pte(pmap, va);
290 /* Return a non-clipped PD index for a given VA */
291 static __inline vm_pindex_t
292 pmap_pde_pindex(vm_offset_t va)
295 return va >> PDRSHIFT;
298 /* Return various clipped indexes for a given VA */
299 static __inline vm_pindex_t
300 pmap_pte_index(vm_offset_t va)
304 return ((va >> PAGE_SHIFT) & ((1ul << NPTEPGSHIFT) - 1));
307 static __inline vm_pindex_t
308 pmap_pde_index(vm_offset_t va)
312 return ((va >> PDRSHIFT) & ((1ul << NPDEPGSHIFT) - 1));
315 static __inline vm_pindex_t
316 pmap_pdpe_index(vm_offset_t va)
320 return ((va >> PDPSHIFT) & ((1ul << NPDPEPGSHIFT) - 1));
323 static __inline vm_pindex_t
324 pmap_pml4e_index(vm_offset_t va)
328 return ((va >> PML4SHIFT) & ((1ul << NPML4EPGSHIFT) - 1));
331 /* Return a pointer to the PML4 slot that corresponds to a VA */
332 static __inline pml4_entry_t *
333 pmap_pml4e(pmap_t pmap, vm_offset_t va)
337 return (&pmap->pm_pml4[pmap_pml4e_index(va)]);
340 /* Return a pointer to the PDP slot that corresponds to a VA */
341 static __inline pdp_entry_t *
342 pmap_pml4e_to_pdpe(pml4_entry_t *pml4e, vm_offset_t va)
347 pdpe = (pdp_entry_t *)PHYS_TO_DMAP(*pml4e & PG_FRAME);
348 return (&pdpe[pmap_pdpe_index(va)]);
351 /* Return a pointer to the PDP slot that corresponds to a VA */
352 static __inline pdp_entry_t *
353 pmap_pdpe(pmap_t pmap, vm_offset_t va)
358 pml4e = pmap_pml4e(pmap, va);
359 if ((*pml4e & PG_V) == 0)
361 return (pmap_pml4e_to_pdpe(pml4e, va));
364 /* Return a pointer to the PD slot that corresponds to a VA */
365 static __inline pd_entry_t *
366 pmap_pdpe_to_pde(pdp_entry_t *pdpe, vm_offset_t va)
371 pde = (pd_entry_t *)PHYS_TO_DMAP(*pdpe & PG_FRAME);
372 return (&pde[pmap_pde_index(va)]);
375 /* Return a pointer to the PD slot that corresponds to a VA */
376 static __inline pd_entry_t *
377 pmap_pde(pmap_t pmap, vm_offset_t va)
382 pdpe = pmap_pdpe(pmap, va);
383 if (pdpe == NULL || (*pdpe & PG_V) == 0)
385 return (pmap_pdpe_to_pde(pdpe, va));
388 /* Return a pointer to the PT slot that corresponds to a VA */
389 static __inline pt_entry_t *
390 pmap_pde_to_pte(pd_entry_t *pde, vm_offset_t va)
395 pte = (pt_entry_t *)PHYS_TO_DMAP(*pde & PG_FRAME);
396 return (&pte[pmap_pte_index(va)]);
399 /* Return a pointer to the PT slot that corresponds to a VA */
400 static __inline pt_entry_t *
401 pmap_pte(pmap_t pmap, vm_offset_t va)
406 pde = pmap_pde(pmap, va);
407 if (pde == NULL || (*pde & PG_V) == 0)
409 if ((*pde & PG_PS) != 0) /* compat with i386 pmap_pte() */
410 return ((pt_entry_t *)pde);
411 return (pmap_pde_to_pte(pde, va));
415 PMAP_INLINE pt_entry_t *
416 vtopte(vm_offset_t va)
419 uint64_t mask = ((1ul << (NPTEPGSHIFT + NPDEPGSHIFT + NPDPEPGSHIFT + NPML4EPGSHIFT)) - 1);
421 return (PTmap + ((va >> PAGE_SHIFT) & mask));
424 static __inline pd_entry_t *
425 vtopde(vm_offset_t va)
428 uint64_t mask = ((1ul << (NPDEPGSHIFT + NPDPEPGSHIFT + NPML4EPGSHIFT)) - 1);
430 return (PDmap + ((va >> PDRSHIFT) & mask));
434 allocpages(vm_paddr_t *firstaddr, int n)
440 bzero((void *)ret, n * PAGE_SIZE);
441 *firstaddr += n * PAGE_SIZE;
446 create_pagetables(vm_paddr_t *firstaddr)
451 uint64_t cpu0pp, cpu0idlestk;
452 int idlestk_page_offset = offsetof(struct privatespace, idlestack) / PAGE_SIZE;
454 /* we are running (mostly) V=P at this point */
457 KPTphys = allocpages(firstaddr, NKPT);
458 KPML4phys = allocpages(firstaddr, 1);
459 KPDPphys = allocpages(firstaddr, NKPML4E);
460 KPDphys = allocpages(firstaddr, NKPDPE);
462 ndmpdp = (ptoa(Maxmem) + NBPDP - 1) >> PDPSHIFT;
463 if (ndmpdp < 4) /* Minimum 4GB of dirmap */
465 DMPDPphys = allocpages(firstaddr, NDMPML4E);
466 if ((amd_feature & AMDID_PAGE1GB) == 0)
467 DMPDphys = allocpages(firstaddr, ndmpdp);
468 dmaplimit = (vm_paddr_t)ndmpdp << PDPSHIFT;
470 /* Fill in the underlying page table pages */
471 /* Read-only from zero to physfree */
472 /* XXX not fully used, underneath 2M pages */
473 for (i = 0; (i << PAGE_SHIFT) < *firstaddr; i++) {
474 ((pt_entry_t *)KPTphys)[i] = i << PAGE_SHIFT;
475 ((pt_entry_t *)KPTphys)[i] |= PG_RW | PG_V | PG_G;
478 /* Now map the page tables at their location within PTmap */
479 for (i = 0; i < NKPT; i++) {
480 ((pd_entry_t *)KPDphys)[i] = KPTphys + (i << PAGE_SHIFT);
481 ((pd_entry_t *)KPDphys)[i] |= PG_RW | PG_V;
484 /* Map from zero to end of allocations under 2M pages */
485 /* This replaces some of the KPTphys entries above */
486 for (i = 0; (i << PDRSHIFT) < *firstaddr; i++) {
487 ((pd_entry_t *)KPDphys)[i] = i << PDRSHIFT;
488 ((pd_entry_t *)KPDphys)[i] |= PG_RW | PG_V | PG_PS | PG_G;
491 /* And connect up the PD to the PDP */
492 for (i = 0; i < NKPDPE; i++) {
493 ((pdp_entry_t *)KPDPphys)[i + KPDPI] = KPDphys +
495 ((pdp_entry_t *)KPDPphys)[i + KPDPI] |= PG_RW | PG_V | PG_U;
498 /* Now set up the direct map space using either 2MB or 1GB pages */
499 /* Preset PG_M and PG_A because demotion expects it */
500 if ((amd_feature & AMDID_PAGE1GB) == 0) {
501 for (i = 0; i < NPDEPG * ndmpdp; i++) {
502 ((pd_entry_t *)DMPDphys)[i] = (vm_paddr_t)i << PDRSHIFT;
503 ((pd_entry_t *)DMPDphys)[i] |= PG_RW | PG_V | PG_PS |
506 /* And the direct map space's PDP */
507 for (i = 0; i < ndmpdp; i++) {
508 ((pdp_entry_t *)DMPDPphys)[i] = DMPDphys +
510 ((pdp_entry_t *)DMPDPphys)[i] |= PG_RW | PG_V | PG_U;
513 for (i = 0; i < ndmpdp; i++) {
514 ((pdp_entry_t *)DMPDPphys)[i] =
515 (vm_paddr_t)i << PDPSHIFT;
516 ((pdp_entry_t *)DMPDPphys)[i] |= PG_RW | PG_V | PG_PS |
521 /* And recursively map PML4 to itself in order to get PTmap */
522 ((pdp_entry_t *)KPML4phys)[PML4PML4I] = KPML4phys;
523 ((pdp_entry_t *)KPML4phys)[PML4PML4I] |= PG_RW | PG_V | PG_U;
525 /* Connect the Direct Map slot up to the PML4 */
526 ((pdp_entry_t *)KPML4phys)[DMPML4I] = DMPDPphys;
527 ((pdp_entry_t *)KPML4phys)[DMPML4I] |= PG_RW | PG_V | PG_U;
529 /* Connect the KVA slot up to the PML4 */
530 ((pdp_entry_t *)KPML4phys)[KPML4I] = KPDPphys;
531 ((pdp_entry_t *)KPML4phys)[KPML4I] |= PG_RW | PG_V | PG_U;
533 common_lvl4_phys = allocpages(firstaddr, 1); /* 512 512G mappings */
534 common_lvl3_phys = allocpages(firstaddr, 1); /* 512 1G mappings */
535 KPTphys = allocpages(firstaddr, NKPT); /* kernel page table */
536 IdlePTD = allocpages(firstaddr, 1); /* kernel page dir */
537 cpu0pp = allocpages(firstaddr, MDGLOBALDATA_BASEALLOC_PAGES);
538 cpu0idlestk = allocpages(firstaddr, UPAGES);
539 SMPptpa = allocpages(firstaddr, 1);
540 SMPpt = (void *)(SMPptpa + KERNBASE);
544 * Load kernel page table with kernel memory mappings
546 for (i = 0; (i << PAGE_SHIFT) < *firstaddr; i++) {
547 ((pt_entry_t *)KPTphys)[i] = i << PAGE_SHIFT;
548 ((pt_entry_t *)KPTphys)[i] |= PG_RW | PG_V;
552 for (i = 0; i < NKPT; i++) {
553 ((pd_entry_t *)IdlePTD)[i] = KPTphys + (i << PAGE_SHIFT);
554 ((pd_entry_t *)IdlePTD)[i] |= PG_RW | PG_V;
559 * Set up the kernel page table itself.
561 for (i = 0; i < NKPT; i++) {
562 ((pd_entry_t *)IdlePTD)[KPTDI + i] = KPTphys + (i << PAGE_SHIFT);
563 ((pd_entry_t *)IdlePTD)[KPTDI + i] |= PG_RW | PG_V;
567 count = ISA_HOLE_LENGTH >> PAGE_SHIFT;
568 for (i = 0; i < count; i++) {
569 ((pt_entry_t *)KPTphys)[amd64_btop(ISA_HOLE_START) + i] = \
570 (ISA_HOLE_START + i * PAGE_SIZE) | PG_RW | PG_V;
577 ((pd_entry_t *)IdlePTD)[PTDPTDI] = (pd_entry_t)IdlePTD | PG_RW | PG_V;
580 * Map CPU_prvspace[0].mdglobaldata
582 for (i = 0; i < MDGLOBALDATA_BASEALLOC_PAGES; i++) {
583 ((pt_entry_t *)SMPptpa)[i] = \
584 (cpu0pp + i * PAGE_SIZE) | PG_RW | PG_V;
588 * Map CPU_prvspace[0].idlestack
590 for (i = 0; i < UPAGES; i++) {
591 ((pt_entry_t *)SMPptpa)[idlestk_page_offset + i] = \
592 (cpu0idlestk + i * PAGE_SIZE) | PG_RW | PG_V;
598 ((pd_entry_t *)IdlePTD)[MPPTDI] = SMPptpa | PG_RW | PG_V;
603 ((pml4_entry_t *)common_lvl4_phys)[LINKPML4I] = common_lvl3_phys | PG_RW | PG_V | PG_U;
606 * location of "virtual CR3" - a PDP entry that is loaded
607 * with a PD physical address (+ page attributes).
608 * Matt: location of user page directory entry (representing 1G)
610 link_pdpe = &((pdp_entry_t *)common_lvl3_phys)[LINKPDPI];
611 #endif /* JGPMAP32 */
616 init_paging(vm_paddr_t *firstaddr) {
617 create_pagetables(firstaddr);
620 /* switch to the newly created page table */
621 *link_pdpe = IdlePTD | PG_RW | PG_V | PG_U;
622 load_cr3(common_lvl4_phys);
623 link_pdpe = (void *)((char *)link_pdpe + KERNBASE);
625 KvaStart = (vm_offset_t)VADDR(PTDPTDI, 0);
626 KvaEnd = (vm_offset_t)VADDR(APTDPTDI, 0);
627 KvaSize = KvaEnd - KvaStart;
632 * Bootstrap the system enough to run with virtual memory.
634 * On the i386 this is called after mapping has already been enabled
635 * and just syncs the pmap module with what has already been done.
636 * [We can't call it easily with mapping off since the kernel is not
637 * mapped with PA == VA, hence we would have to relocate every address
638 * from the linked base (virtual) address "KERNBASE" to the actual
639 * (physical) address starting relative to 0]
642 pmap_bootstrap(vm_paddr_t *firstaddr)
647 struct mdglobaldata *gd;
651 KvaStart = VM_MIN_KERNEL_ADDRESS;
652 KvaEnd = VM_MAX_KERNEL_ADDRESS;
653 KvaSize = KvaEnd - KvaStart;
655 avail_start = *firstaddr;
658 * Create an initial set of page tables to run the kernel in.
660 create_pagetables(firstaddr);
662 virtual_start = (vm_offset_t) PTOV_OFFSET + *firstaddr;
663 virtual_start = pmap_kmem_choose(virtual_start);
665 virtual_end = VM_MAX_KERNEL_ADDRESS;
667 /* XXX do %cr0 as well */
668 load_cr4(rcr4() | CR4_PGE | CR4_PSE);
672 * Initialize protection array.
674 i386_protection_init();
677 * The kernel's pmap is statically allocated so we don't have to use
678 * pmap_create, which is unlikely to work correctly at this part of
679 * the boot sequence (XXX and which no longer exists).
682 kernel_pmap.pm_pdir = (pd_entry_t *)(PTOV_OFFSET + (uint64_t)IdlePTD);
684 kernel_pmap.pm_pml4 = (pdp_entry_t *) (PTOV_OFFSET + KPML4phys);
685 kernel_pmap.pm_count = 1;
686 kernel_pmap.pm_active = (cpumask_t)-1; /* don't allow deactivation */
687 TAILQ_INIT(&kernel_pmap.pm_pvlist);
691 * Reserve some special page table entries/VA space for temporary
694 #define SYSMAP(c, p, v, n) \
695 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n);
699 pte = (pt_entry_t *) pmap_pte(&kernel_pmap, va);
705 * CMAP1/CMAP2 are used for zeroing and copying pages.
707 SYSMAP(caddr_t, CMAP1, CADDR1, 1)
712 SYSMAP(caddr_t, pt_crashdumpmap, crashdumpmap, MAXDUMPPGS);
715 * ptvmmap is used for reading arbitrary physical pages via
718 SYSMAP(caddr_t, ptmmap, ptvmmap, 1)
721 * msgbufp is used to map the system message buffer.
722 * XXX msgbufmap is not used.
724 SYSMAP(struct msgbuf *, msgbufmap, msgbufp,
725 atop(round_page(MSGBUF_SIZE)))
731 for (i = 0; i < NKPT; i++)
736 * PG_G is terribly broken on SMP because we IPI invltlb's in some
737 * cases rather then invl1pg. Actually, I don't even know why it
738 * works under UP because self-referential page table mappings
743 if (cpu_feature & CPUID_PGE)
748 * Initialize the 4MB page size flag
752 * The 4MB page version of the initial
753 * kernel page mapping.
757 #if !defined(DISABLE_PSE)
758 if (cpu_feature & CPUID_PSE) {
761 * Note that we have enabled PSE mode
764 ptditmp = *(PTmap + amd64_btop(KERNBASE));
765 ptditmp &= ~(NBPDR - 1);
766 ptditmp |= PG_V | PG_RW | PG_PS | PG_U | pgeflag;
771 * Enable the PSE mode. If we are SMP we can't do this
772 * now because the APs will not be able to use it when
775 load_cr4(rcr4() | CR4_PSE);
778 * We can do the mapping here for the single processor
779 * case. We simply ignore the old page table page from
783 * For SMP, we still need 4K pages to bootstrap APs,
784 * PSE will be enabled as soon as all APs are up.
786 PTD[KPTDI] = (pd_entry_t)ptditmp;
788 kernel_pmap.pm_pdir[KPTDI] = (pd_entry_t)ptditmp;
795 if (cpu_apic_address == 0)
796 panic("pmap_bootstrap: no local apic!");
798 /* local apic is mapped on last page */
799 SMPpt[NPTEPG - 1] = (pt_entry_t)(PG_V | PG_RW | PG_N | pgeflag |
800 (cpu_apic_address & PG_FRAME));
804 * We need to finish setting up the globaldata page for the BSP.
805 * locore has already populated the page table for the mdglobaldata
808 pg = MDGLOBALDATA_BASEALLOC_PAGES;
809 gd = &CPU_prvspace[0].mdglobaldata;
810 gd->gd_CMAP1 = &SMPpt[pg + 0];
811 gd->gd_CMAP2 = &SMPpt[pg + 1];
812 gd->gd_CMAP3 = &SMPpt[pg + 2];
813 gd->gd_PMAP1 = &SMPpt[pg + 3];
814 gd->gd_CADDR1 = CPU_prvspace[0].CPAGE1;
815 gd->gd_CADDR2 = CPU_prvspace[0].CPAGE2;
816 gd->gd_CADDR3 = CPU_prvspace[0].CPAGE3;
817 gd->gd_PADDR1 = (pt_entry_t *)CPU_prvspace[0].PPAGE1;
824 * Set 4mb pdir for mp startup
830 if (pseflag && (cpu_feature & CPUID_PSE)) {
831 load_cr4(rcr4() | CR4_PSE);
832 if (pdir4mb && mycpu->gd_cpuid == 0) { /* only on BSP */
834 kernel_pmap.pm_pdir[KPTDI] =
835 PTD[KPTDI] = (pd_entry_t)pdir4mb;
844 * Initialize the pmap module.
845 * Called by vm_init, to initialize any structures that the pmap
846 * system needs to map virtual memory.
847 * pmap_init has been enhanced to support in a fairly consistant
848 * way, discontiguous physical memory.
858 * object for kernel page table pages
860 /* JG I think the number can be arbitrary */
861 kptobj = vm_object_allocate(OBJT_DEFAULT, 5);
864 * Allocate memory for random pmap data structures. Includes the
868 for(i = 0; i < vm_page_array_size; i++) {
871 m = &vm_page_array[i];
872 TAILQ_INIT(&m->md.pv_list);
873 m->md.pv_list_count = 0;
877 * init the pv free list
879 initial_pvs = vm_page_array_size;
880 if (initial_pvs < MINPV)
882 pvzone = &pvzone_store;
883 pvinit = (struct pv_entry *) kmem_alloc(&kernel_map,
884 initial_pvs * sizeof (struct pv_entry));
885 zbootinit(pvzone, "PV ENTRY", sizeof (struct pv_entry), pvinit,
889 * Now it is safe to enable pv_table recording.
891 pmap_initialized = TRUE;
895 * Initialize the address space (zone) for the pv_entries. Set a
896 * high water mark so that the system can recover from excessive
897 * numbers of pv entries.
903 int shpgperproc = PMAP_SHPGPERPROC;
905 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc);
906 pv_entry_max = shpgperproc * maxproc + vm_page_array_size;
907 TUNABLE_INT_FETCH("vm.pmap.pv_entries", &pv_entry_max);
908 pv_entry_high_water = 9 * (pv_entry_max / 10);
909 zinitna(pvzone, &pvzone_obj, NULL, 0, pv_entry_max, ZONE_INTERRUPT, 1);
913 /***************************************************
914 * Low level helper routines.....
915 ***************************************************/
917 #if defined(PMAP_DIAGNOSTIC)
920 * This code checks for non-writeable/modified pages.
921 * This should be an invalid condition.
924 pmap_nw_modified(pt_entry_t pte)
927 if ((pte & (PG_M|PG_RW)) == PG_M)
936 * this routine defines the region(s) of memory that should
937 * not be tested for the modified bit.
939 static PMAP_INLINE int
940 pmap_track_modified(vm_offset_t va)
943 if ((va < clean_sva) || (va >= clean_eva))
952 * Extract the physical page address associated with the map/VA pair.
954 * This function may not be called from an interrupt if the pmap is
958 pmap_extract(pmap_t pmap, vm_offset_t va)
963 pd_entry_t pde, *pdep;
966 pdep = pmap_pde(pmap, va);
970 if ((pde & PG_PS) != 0) {
971 rtval = (pde & PG_PS_FRAME) | (va & PDRMASK);
973 pte = pmap_pde_to_pte(pdep, va);
974 rtval = (*pte & PG_FRAME) | (va & PAGE_MASK);
982 * Routine: pmap_kextract
984 * Extract the physical page address associated
985 * kernel virtual address.
988 pmap_kextract(vm_offset_t va)
994 if (va >= DMAP_MIN_ADDRESS && va < DMAP_MAX_ADDRESS) {
995 pa = DMAP_TO_PHYS(va);
999 pa = (pde & PG_PS_FRAME) | (va & PDRMASK);
1002 * Beware of a concurrent promotion that changes the
1003 * PDE at this point! For example, vtopte() must not
1004 * be used to access the PTE because it would use the
1005 * new PDE. It is, however, safe to use the old PDE
1006 * because the page table page is preserved by the
1009 pa = *pmap_pde_to_pte(&pde, va);
1010 pa = (pa & PG_FRAME) | (va & PAGE_MASK);
1016 /***************************************************
1017 * Low level mapping routines.....
1018 ***************************************************/
1021 * Routine: pmap_kenter
1023 * Add a wired page to the KVA
1024 * NOTE! note that in order for the mapping to take effect -- you
1025 * should do an invltlb after doing the pmap_kenter().
1028 pmap_kenter(vm_offset_t va, vm_paddr_t pa)
1033 pmap_inval_info info;
1035 pmap_inval_init(&info);
1036 npte = pa | PG_RW | PG_V | pgeflag;
1038 pmap_inval_add(&info, &kernel_pmap, va);
1040 pmap_inval_flush(&info);
1044 * Routine: pmap_kenter_quick
1046 * Similar to pmap_kenter(), except we only invalidate the
1047 * mapping on the current CPU.
1050 pmap_kenter_quick(vm_offset_t va, vm_paddr_t pa)
1056 npte = pa | PG_RW | PG_V | pgeflag;
1059 cpu_invlpg((void *)va);
1063 pmap_kenter_sync(vm_offset_t va)
1066 pmap_inval_info info;
1068 pmap_inval_init(&info);
1069 pmap_inval_add(&info, &kernel_pmap, va);
1070 pmap_inval_flush(&info);
1074 pmap_kenter_sync_quick(vm_offset_t va)
1077 cpu_invlpg((void *)va);
1081 * remove a page from the kernel pagetables
1084 pmap_kremove(vm_offset_t va)
1088 pmap_inval_info info;
1090 pmap_inval_init(&info);
1092 pmap_inval_add(&info, &kernel_pmap, va);
1094 pmap_inval_flush(&info);
1098 pmap_kremove_quick(vm_offset_t va)
1104 cpu_invlpg((void *)va);
1108 * XXX these need to be recoded. They are not used in any critical path.
1111 pmap_kmodify_rw(vm_offset_t va)
1114 *vtopte(va) |= PG_RW;
1115 cpu_invlpg((void *)va);
1119 pmap_kmodify_nc(vm_offset_t va)
1122 *vtopte(va) |= PG_N;
1123 cpu_invlpg((void *)va);
1127 * Used to map a range of physical addresses into kernel
1128 * virtual address space.
1130 * For now, VM is already on, we only need to map the
1134 pmap_map(vm_offset_t virt, vm_paddr_t start, vm_paddr_t end, int prot)
1137 return PHYS_TO_DMAP(start);
1142 * Add a list of wired pages to the kva
1143 * this routine is only used for temporary
1144 * kernel mappings that do not need to have
1145 * page modification or references recorded.
1146 * Note that old mappings are simply written
1147 * over. The page *must* be wired.
1150 pmap_qenter(vm_offset_t va, vm_page_t *m, int count)
1155 end_va = va + count * PAGE_SIZE;
1157 while (va < end_va) {
1161 *pte = VM_PAGE_TO_PHYS(*m) | PG_RW | PG_V | pgeflag;
1162 cpu_invlpg((void *)va);
1167 smp_invltlb(); /* XXX */
1172 pmap_qenter2(vm_offset_t va, vm_page_t *m, int count, cpumask_t *mask)
1176 cpumask_t cmask = mycpu->gd_cpumask;
1178 end_va = va + count * PAGE_SIZE;
1180 while (va < end_va) {
1185 * Install the new PTE. If the pte changed from the prior
1186 * mapping we must reset the cpu mask and invalidate the page.
1187 * If the pte is the same but we have not seen it on the
1188 * current cpu, invlpg the existing mapping. Otherwise the
1189 * entry is optimal and no invalidation is required.
1192 pteval = VM_PAGE_TO_PHYS(*m) | PG_A | PG_RW | PG_V | pgeflag;
1193 if (*pte != pteval) {
1196 cpu_invlpg((void *)va);
1197 } else if ((*mask & cmask) == 0) {
1198 cpu_invlpg((void *)va);
1207 * this routine jerks page mappings from the
1208 * kernel -- it is meant only for temporary mappings.
1211 pmap_qremove(vm_offset_t va, int count)
1216 end_va = va + count * PAGE_SIZE;
1218 while (va < end_va) {
1223 cpu_invlpg((void *)va);
1232 * This routine works like vm_page_lookup() but also blocks as long as the
1233 * page is busy. This routine does not busy the page it returns.
1235 * Unless the caller is managing objects whos pages are in a known state,
1236 * the call should be made with a critical section held so the page's object
1237 * association remains valid on return.
1240 pmap_page_lookup(vm_object_t object, vm_pindex_t pindex)
1246 m = vm_page_lookup(object, pindex);
1247 } while (m && vm_page_sleep_busy(m, FALSE, "pplookp"));
1253 * Create a new thread and optionally associate it with a (new) process.
1254 * NOTE! the new thread's cpu may not equal the current cpu.
1257 pmap_init_thread(thread_t td)
1260 /* enforce pcb placement */
1261 td->td_pcb = (struct pcb *)(td->td_kstack + td->td_kstack_size) - 1;
1262 td->td_savefpu = &td->td_pcb->pcb_save;
1263 td->td_sp = (char *)td->td_pcb - 16; /* JG is -16 needed on amd64? */
1267 * This routine directly affects the fork perf for a process.
1270 pmap_init_proc(struct proc *p)
1276 * Dispose the UPAGES for a process that has exited.
1277 * This routine directly impacts the exit perf of a process.
1280 pmap_dispose_proc(struct proc *p)
1283 KASSERT(p->p_lock == 0, ("attempt to dispose referenced proc! %p", p));
1286 /***************************************************
1287 * Page table page management routines.....
1288 ***************************************************/
1291 * This routine unholds page table pages, and if the hold count
1292 * drops to zero, then it decrements the wire count.
1295 _pmap_unwire_pte_hold(pmap_t pmap, vm_offset_t va, vm_page_t m, pmap_inval_info_t info)
1299 * Wait until we can busy the page ourselves. We cannot have
1300 * any active flushes if we block.
1302 if (m->flags & PG_BUSY) {
1303 pmap_inval_flush(info);
1304 while (vm_page_sleep_busy(m, FALSE, "pmuwpt"))
1307 KASSERT(m->queue == PQ_NONE,
1308 ("_pmap_unwire_pte_hold: %p->queue != PQ_NONE", m));
1310 if (m->hold_count == 1) {
1312 * Unmap the page table page
1315 pmap_inval_add(info, pmap, -1);
1317 if (m->pindex >= (NUPDE + NUPDPE)) {
1320 pml4 = pmap_pml4e(pmap, va);
1322 } else if (m->pindex >= NUPDE) {
1325 pdp = pmap_pdpe(pmap, va);
1330 pd = pmap_pde(pmap, va);
1334 KKASSERT(pmap->pm_stats.resident_count > 0);
1335 --pmap->pm_stats.resident_count;
1337 if (pmap->pm_ptphint == m)
1338 pmap->pm_ptphint = NULL;
1340 if (m->pindex < NUPDE) {
1341 /* We just released a PT, unhold the matching PD */
1344 pdpg = PHYS_TO_VM_PAGE(*pmap_pdpe(pmap, va) & PG_FRAME);
1345 pmap_unwire_pte_hold(pmap, va, pdpg, info);
1347 if (m->pindex >= NUPDE && m->pindex < (NUPDE + NUPDPE)) {
1348 /* We just released a PD, unhold the matching PDP */
1351 pdppg = PHYS_TO_VM_PAGE(*pmap_pml4e(pmap, va) & PG_FRAME);
1352 pmap_unwire_pte_hold(pmap, va, pdppg, info);
1356 * This was our last hold, the page had better be unwired
1357 * after we decrement wire_count.
1359 * FUTURE NOTE: shared page directory page could result in
1360 * multiple wire counts.
1364 KKASSERT(m->wire_count == 0);
1365 --vmstats.v_wire_count;
1366 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1368 vm_page_free_zero(m);
1371 /* JG Can we get here? */
1372 KKASSERT(m->hold_count > 1);
1378 static PMAP_INLINE int
1379 pmap_unwire_pte_hold(pmap_t pmap, vm_offset_t va, vm_page_t m, pmap_inval_info_t info)
1382 KKASSERT(m->hold_count > 0);
1383 if (m->hold_count > 1) {
1387 return _pmap_unwire_pte_hold(pmap, va, m, info);
1392 * After removing a page table entry, this routine is used to
1393 * conditionally free the page, and manage the hold/wire counts.
1396 pmap_unuse_pt(pmap_t pmap, vm_offset_t va, vm_page_t mpte,
1397 pmap_inval_info_t info)
1400 /* JG Use FreeBSD/amd64 or FreeBSD/i386 ptepde approaches? */
1401 vm_pindex_t ptepindex;
1402 if (va >= VM_MAX_USER_ADDRESS)
1406 ptepindex = pmap_pde_pindex(va);
1408 if (pmap->pm_ptphint &&
1409 (pmap->pm_ptphint->pindex == ptepindex)) {
1410 mpte = pmap->pm_ptphint;
1413 pmap_inval_flush(info);
1414 mpte = pmap_page_lookup(pmap->pm_pteobj, ptepindex);
1415 pmap->pm_ptphint = mpte;
1421 return pmap_unwire_pte_hold(pmap, va, mpte, info);
1425 * Initialize pmap0/vmspace0. This pmap is not added to pmap_list because
1426 * it, and IdlePTD, represents the template used to update all other pmaps.
1428 * On architectures where the kernel pmap is not integrated into the user
1429 * process pmap, this pmap represents the process pmap, not the kernel pmap.
1430 * kernel_pmap should be used to directly access the kernel_pmap.
1433 pmap_pinit0(struct pmap *pmap)
1438 (pd_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1439 pmap_kenter((vm_offset_t)pmap->pm_pdir, (vm_offset_t) IdlePTD);
1441 pmap->pm_pml4 = (pml4_entry_t *)(PTOV_OFFSET + KPML4phys);
1443 pmap->pm_active = 0;
1444 pmap->pm_ptphint = NULL;
1445 TAILQ_INIT(&pmap->pm_pvlist);
1446 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1450 * Initialize a preallocated and zeroed pmap structure,
1451 * such as one in a vmspace structure.
1454 pmap_pinit(struct pmap *pmap)
1460 * No need to allocate page table space yet but we do need a valid
1461 * page directory table.
1463 if (pmap->pm_pml4 == NULL) {
1465 (pml4_entry_t *)kmem_alloc_pageable(&kernel_map, PAGE_SIZE);
1469 * Allocate an object for the ptes
1471 if (pmap->pm_pteobj == NULL)
1472 pmap->pm_pteobj = vm_object_allocate(OBJT_DEFAULT, NUPDE + NUPDPE + PML4PML4I + 1);
1475 * Allocate the page directory page, unless we already have
1476 * one cached. If we used the cached page the wire_count will
1477 * already be set appropriately.
1479 if ((ptdpg = pmap->pm_pdirm) == NULL) {
1480 ptdpg = vm_page_grab(pmap->pm_pteobj, NUPDE + NUPDPE + PML4PML4I,
1481 VM_ALLOC_NORMAL | VM_ALLOC_RETRY);
1482 pmap->pm_pdirm = ptdpg;
1483 vm_page_flag_clear(ptdpg, PG_MAPPED | PG_BUSY);
1484 ptdpg->valid = VM_PAGE_BITS_ALL;
1485 ptdpg->wire_count = 1;
1486 ++vmstats.v_wire_count;
1487 pmap_kenter((vm_offset_t)pmap->pm_pml4, VM_PAGE_TO_PHYS(ptdpg));
1489 if ((ptdpg->flags & PG_ZERO) == 0)
1490 bzero(pmap->pm_pml4, PAGE_SIZE);
1492 pmap->pm_pml4[KPML4I] = KPDPphys | PG_RW | PG_V | PG_U;
1493 pmap->pm_pml4[DMPML4I] = DMPDPphys | PG_RW | PG_V | PG_U;
1495 /* install self-referential address mapping entry */
1496 pmap->pm_pml4[PML4PML4I] = VM_PAGE_TO_PHYS(ptdpg) | PG_V | PG_RW | PG_A | PG_M;
1499 pmap->pm_active = 0;
1500 pmap->pm_ptphint = NULL;
1501 TAILQ_INIT(&pmap->pm_pvlist);
1502 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1503 pmap->pm_stats.resident_count = 1;
1507 * Clean up a pmap structure so it can be physically freed. This routine
1508 * is called by the vmspace dtor function. A great deal of pmap data is
1509 * left passively mapped to improve vmspace management so we have a bit
1510 * of cleanup work to do here.
1513 pmap_puninit(pmap_t pmap)
1518 KKASSERT(pmap->pm_active == 0);
1519 if ((p = pmap->pm_pdirm) != NULL) {
1520 KKASSERT(pmap->pm_pml4 != NULL);
1521 KKASSERT(pmap->pm_pml4 != (PTOV_OFFSET + KPML4phys));
1522 pmap_kremove((vm_offset_t)pmap->pm_pml4);
1524 vmstats.v_wire_count--;
1525 KKASSERT((p->flags & PG_BUSY) == 0);
1527 vm_page_free_zero(p);
1528 pmap->pm_pdirm = NULL;
1530 if (pmap->pm_pml4) {
1531 KKASSERT(pmap->pm_pml4 != (PTOV_OFFSET + KPML4phys));
1532 kmem_free(&kernel_map, (vm_offset_t)pmap->pm_pml4, PAGE_SIZE);
1533 pmap->pm_pml4 = NULL;
1535 if (pmap->pm_pteobj) {
1536 vm_object_deallocate(pmap->pm_pteobj);
1537 pmap->pm_pteobj = NULL;
1542 * Wire in kernel global address entries. To avoid a race condition
1543 * between pmap initialization and pmap_growkernel, this procedure
1544 * adds the pmap to the master list (which growkernel scans to update),
1545 * then copies the template.
1548 pmap_pinit2(struct pmap *pmap)
1552 TAILQ_INSERT_TAIL(&pmap_list, pmap, pm_pmnode);
1553 /* XXX copies current process, does not fill in MPPTDI */
1555 bcopy(PTD + KPTDI, pmap->pm_pdir + KPTDI, nkpt * PTESIZE);
1561 * Attempt to release and free a vm_page in a pmap. Returns 1 on success,
1562 * 0 on failure (if the procedure had to sleep).
1564 * When asked to remove the page directory page itself, we actually just
1565 * leave it cached so we do not have to incur the SMP inval overhead of
1566 * removing the kernel mapping. pmap_puninit() will take care of it.
1569 pmap_release_free_page(struct pmap *pmap, vm_page_t p)
1572 pml4_entry_t *pml4 = pmap->pm_pml4;
1574 * This code optimizes the case of freeing non-busy
1575 * page-table pages. Those pages are zero now, and
1576 * might as well be placed directly into the zero queue.
1578 if (vm_page_sleep_busy(p, FALSE, "pmaprl"))
1584 * Remove the page table page from the processes address space.
1586 if (p->pindex >= (NUPDE + NUPDPE) && p->pindex != (NUPDE + NUPDPE + PML4PML4I)) {
1588 * We are a PDP page.
1589 * We look for the PML4 entry that points to us.
1591 vm_page_t m4 = vm_page_lookup(pmap->pm_pteobj, NUPDE + NUPDPE + PML4PML4I);
1592 KKASSERT(m4 != NULL);
1593 pml4_entry_t *pml4 = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m4));
1594 int idx = (p->pindex - (NUPDE + NUPDPE)) % NPML4EPG;
1595 KKASSERT(pml4[idx] != 0);
1598 /* JG What about wire_count? */
1599 } else if (p->pindex >= NUPDE) {
1602 * We look for the PDP entry that points to us.
1604 vm_page_t m3 = vm_page_lookup(pmap->pm_pteobj, NUPDE + NUPDPE + (p->pindex - NUPDE) / NPDPEPG);
1605 KKASSERT(m3 != NULL);
1606 pdp_entry_t *pdp = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m3));
1607 int idx = (p->pindex - NUPDE) % NPDPEPG;
1608 KKASSERT(pdp[idx] != 0);
1611 /* JG What about wire_count? */
1613 /* We are a PT page.
1614 * We look for the PD entry that points to us.
1616 vm_page_t m2 = vm_page_lookup(pmap->pm_pteobj, NUPDE + p->pindex / NPDEPG);
1617 KKASSERT(m2 != NULL);
1618 pd_entry_t *pd = PHYS_TO_DMAP(VM_PAGE_TO_PHYS(m2));
1619 int idx = p->pindex % NPDEPG;
1622 /* JG What about wire_count? */
1624 KKASSERT(pmap->pm_stats.resident_count > 0);
1625 --pmap->pm_stats.resident_count;
1627 if (p->hold_count) {
1628 panic("pmap_release: freeing held page table page");
1630 if (pmap->pm_ptphint && (pmap->pm_ptphint->pindex == p->pindex))
1631 pmap->pm_ptphint = NULL;
1634 * We leave the top-level page table page cached, wired, and mapped in
1635 * the pmap until the dtor function (pmap_puninit()) gets called.
1636 * However, still clean it up so we can set PG_ZERO.
1638 if (p->pindex == NUPDE + NUPDPE + PML4PML4I) {
1639 bzero(pmap->pm_pml4, PAGE_SIZE);
1640 vm_page_flag_set(p, PG_ZERO);
1644 vmstats.v_wire_count--;
1645 /* JG eventually revert to using vm_page_free_zero() */
1652 * this routine is called if the page table page is not
1656 _pmap_allocpte(pmap_t pmap, vm_pindex_t ptepindex)
1659 vm_page_t m, pdppg, pdpg;
1662 * Find or fabricate a new pagetable page
1664 m = vm_page_grab(pmap->pm_pteobj, ptepindex,
1665 VM_ALLOC_NORMAL | VM_ALLOC_ZERO | VM_ALLOC_RETRY);
1668 if ((m->flags & PG_ZERO) == 0) {
1669 pmap_zero_page(VM_PAGE_TO_PHYS(m));
1672 KASSERT(m->queue == PQ_NONE,
1673 ("_pmap_allocpte: %p->queue != PQ_NONE", m));
1676 * Increment the hold count for the page we will be returning to
1682 * It is possible that someone else got in and mapped by the page
1683 * directory page while we were blocked, if so just unbusy and
1684 * return the held page.
1687 if ((ptepa = pmap->pm_pdir[ptepindex]) != 0) {
1688 KKASSERT((ptepa & PG_FRAME) == VM_PAGE_TO_PHYS(m));
1694 if (m->wire_count == 0)
1695 vmstats.v_wire_count++;
1700 * Map the pagetable page into the process address space, if
1701 * it isn't already there.
1704 ++pmap->pm_stats.resident_count;
1707 ptepa = VM_PAGE_TO_PHYS(m);
1708 pmap->pm_pdir[ptepindex] =
1709 (pd_entry_t) (ptepa | PG_U | PG_RW | PG_V | PG_A | PG_M);
1711 if (ptepindex >= (NUPDE + NUPDPE)) {
1713 vm_pindex_t pml4index;
1715 /* Wire up a new PDP page */
1716 pml4index = ptepindex - (NUPDE + NUPDPE);
1717 pml4 = &pmap->pm_pml4[pml4index];
1718 *pml4 = VM_PAGE_TO_PHYS(m) | PG_U | PG_RW | PG_V | PG_A | PG_M;
1720 } else if (ptepindex >= NUPDE) {
1721 vm_pindex_t pml4index;
1722 vm_pindex_t pdpindex;
1726 /* Wire up a new PD page */
1727 pdpindex = ptepindex - NUPDE;
1728 pml4index = pdpindex >> NPML4EPGSHIFT;
1730 pml4 = &pmap->pm_pml4[pml4index];
1731 if ((*pml4 & PG_V) == 0) {
1732 /* Have to allocate a new PDP page, recurse */
1733 if (_pmap_allocpte(pmap, NUPDE + NUPDPE + pml4index)
1740 /* Add reference to the PDP page */
1741 pdppg = PHYS_TO_VM_PAGE(*pml4 & PG_FRAME);
1742 pdppg->hold_count++;
1744 pdp = (pdp_entry_t *)PHYS_TO_DMAP(*pml4 & PG_FRAME);
1746 /* Now find the pdp page */
1747 pdp = &pdp[pdpindex & ((1ul << NPDPEPGSHIFT) - 1)];
1748 KKASSERT(*pdp == 0); /* JG DEBUG64 */
1749 *pdp = VM_PAGE_TO_PHYS(m) | PG_U | PG_RW | PG_V | PG_A | PG_M;
1752 vm_pindex_t pml4index;
1753 vm_pindex_t pdpindex;
1758 /* Wire up a new PT page */
1759 pdpindex = ptepindex >> NPDPEPGSHIFT;
1760 pml4index = pdpindex >> NPML4EPGSHIFT;
1762 /* First, find the pdp and check that its valid. */
1763 pml4 = &pmap->pm_pml4[pml4index];
1764 if ((*pml4 & PG_V) == 0) {
1765 /* We miss a PDP page. We ultimately need a PD page.
1766 * Recursively allocating a PD page will allocate
1767 * the missing PDP page and will also allocate
1768 * the PD page we need.
1770 /* Have to allocate a new PD page, recurse */
1771 if (_pmap_allocpte(pmap, NUPDE + pdpindex)
1777 pdp = (pdp_entry_t *)PHYS_TO_DMAP(*pml4 & PG_FRAME);
1778 pdp = &pdp[pdpindex & ((1ul << NPDPEPGSHIFT) - 1)];
1780 pdp = (pdp_entry_t *)PHYS_TO_DMAP(*pml4 & PG_FRAME);
1781 pdp = &pdp[pdpindex & ((1ul << NPDPEPGSHIFT) - 1)];
1782 if ((*pdp & PG_V) == 0) {
1783 /* Have to allocate a new PD page, recurse */
1784 if (_pmap_allocpte(pmap, NUPDE + pdpindex)
1791 /* Add reference to the PD page */
1792 pdpg = PHYS_TO_VM_PAGE(*pdp & PG_FRAME);
1796 pd = (pd_entry_t *)PHYS_TO_DMAP(*pdp & PG_FRAME);
1798 /* Now we know where the page directory page is */
1799 pd = &pd[ptepindex & ((1ul << NPDEPGSHIFT) - 1)];
1800 KKASSERT(*pd == 0); /* JG DEBUG64 */
1801 *pd = VM_PAGE_TO_PHYS(m) | PG_U | PG_RW | PG_V | PG_A | PG_M;
1806 * Set the page table hint
1808 pmap->pm_ptphint = m;
1810 m->valid = VM_PAGE_BITS_ALL;
1811 vm_page_flag_clear(m, PG_ZERO);
1812 vm_page_flag_set(m, PG_MAPPED);
1819 pmap_allocpte(pmap_t pmap, vm_offset_t va)
1822 vm_pindex_t ptepindex;
1827 * Calculate pagetable page index
1829 ptepindex = pmap_pde_pindex(va);
1832 * Get the page directory entry
1834 pd = pmap_pde(pmap, va);
1837 * This supports switching from a 2MB page to a
1840 if (pd != NULL && (*pd & (PG_PS | PG_V)) == (PG_PS | PG_V)) {
1841 panic("no promotion/demotion yet");
1849 * If the page table page is mapped, we just increment the
1850 * hold count, and activate it.
1852 if (pd != NULL && (*pd & PG_V) != 0) {
1853 /* YYY hint is used here on i386 */
1854 m = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1855 pmap->pm_ptphint = m;
1860 * Here if the pte page isn't mapped, or if it has been deallocated.
1862 return _pmap_allocpte(pmap, ptepindex);
1866 /***************************************************
1867 * Pmap allocation/deallocation routines.
1868 ***************************************************/
1871 * Release any resources held by the given physical map.
1872 * Called when a pmap initialized by pmap_pinit is being released.
1873 * Should only be called if the map contains no valid mappings.
1875 static int pmap_release_callback(struct vm_page *p, void *data);
1878 pmap_release(struct pmap *pmap)
1881 vm_object_t object = pmap->pm_pteobj;
1882 struct rb_vm_page_scan_info info;
1884 KASSERT(pmap->pm_active == 0, ("pmap still active! %08x", pmap->pm_active));
1885 #if defined(DIAGNOSTIC)
1886 if (object->ref_count != 1)
1887 panic("pmap_release: pteobj reference count != 1");
1891 info.object = object;
1893 TAILQ_REMOVE(&pmap_list, pmap, pm_pmnode);
1900 info.limit = object->generation;
1902 vm_page_rb_tree_RB_SCAN(&object->rb_memq, NULL,
1903 pmap_release_callback, &info);
1904 if (info.error == 0 && info.mpte) {
1905 if (!pmap_release_free_page(pmap, info.mpte))
1909 } while (info.error);
1913 pmap_release_callback(struct vm_page *p, void *data)
1916 struct rb_vm_page_scan_info *info = data;
1918 if (p->pindex == NUPDE + NUPDPE + PML4PML4I) {
1922 if (!pmap_release_free_page(info->pmap, p)) {
1926 if (info->object->generation != info->limit) {
1934 * Grow the number of kernel page table entries, if needed.
1938 pmap_growkernel(vm_offset_t addr)
1943 vm_offset_t ptppaddr;
1945 pd_entry_t *pde, newpdir;
1949 if (kernel_vm_end == 0) {
1950 kernel_vm_end = KERNBASE;
1952 while ((*pmap_pde(&kernel_pmap, kernel_vm_end) & PG_V) != 0) {
1953 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1955 if (kernel_vm_end - 1 >= kernel_map.max_offset) {
1956 kernel_vm_end = kernel_map.max_offset;
1961 addr = roundup2(addr, PAGE_SIZE * NPTEPG);
1962 if (addr - 1 >= kernel_map.max_offset)
1963 addr = kernel_map.max_offset;
1964 while (kernel_vm_end < addr) {
1965 pde = pmap_pde(&kernel_pmap, kernel_vm_end);
1967 /* We need a new PDP entry */
1968 nkpg = vm_page_alloc(kptobj, nkpt,
1969 VM_ALLOC_NORMAL | VM_ALLOC_SYSTEM
1970 | VM_ALLOC_INTERRUPT);
1972 panic("pmap_growkernel: no memory to grow kernel");
1973 if ((nkpg->flags & PG_ZERO) == 0)
1974 pmap_zero_page(nkpg);
1975 paddr = VM_PAGE_TO_PHYS(nkpg);
1976 newpdp = (pdp_entry_t)
1977 (paddr | PG_V | PG_RW | PG_A | PG_M);
1978 *pmap_pdpe(&kernel_pmap, kernel_vm_end) = newpdp;
1979 continue; /* try again */
1981 if ((*pde & PG_V) != 0) {
1982 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1983 if (kernel_vm_end - 1 >= kernel_map.max_offset) {
1984 kernel_vm_end = kernel_map.max_offset;
1991 * This index is bogus, but out of the way
1993 nkpg = vm_page_alloc(kptobj, nkpt,
1994 VM_ALLOC_NORMAL | VM_ALLOC_SYSTEM | VM_ALLOC_INTERRUPT);
1996 panic("pmap_growkernel: no memory to grow kernel");
1999 ptppaddr = VM_PAGE_TO_PHYS(nkpg);
2000 pmap_zero_page(ptppaddr);
2001 newpdir = (pd_entry_t) (ptppaddr | PG_V | PG_RW | PG_A | PG_M);
2002 *pmap_pde(&kernel_pmap, kernel_vm_end) = newpdir;
2005 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
2006 if (kernel_vm_end - 1 >= kernel_map.max_offset) {
2007 kernel_vm_end = kernel_map.max_offset;
2015 * Retire the given physical map from service.
2016 * Should only be called if the map contains
2017 * no valid mappings.
2020 pmap_destroy(pmap_t pmap)
2028 count = --pmap->pm_count;
2031 panic("destroying a pmap is not yet implemented");
2036 * Add a reference to the specified pmap.
2039 pmap_reference(pmap_t pmap)
2047 /***************************************************
2048 * page management routines.
2049 ***************************************************/
2052 * free the pv_entry back to the free list. This function may be
2053 * called from an interrupt.
2055 static PMAP_INLINE void
2056 free_pv_entry(pv_entry_t pv)
2060 KKASSERT(pv_entry_count >= 0);
2065 * get a new pv_entry, allocating a block from the system
2066 * when needed. This function may be called from an interrupt.
2073 if (pv_entry_high_water &&
2074 (pv_entry_count > pv_entry_high_water) &&
2075 (pmap_pagedaemon_waken == 0)) {
2076 pmap_pagedaemon_waken = 1;
2077 wakeup(&vm_pages_needed);
2079 return zalloc(pvzone);
2083 * This routine is very drastic, but can save the system
2092 static int warningdone=0;
2094 if (pmap_pagedaemon_waken == 0)
2097 if (warningdone < 5) {
2098 kprintf("pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC\n");
2102 for(i = 0; i < vm_page_array_size; i++) {
2103 m = &vm_page_array[i];
2104 if (m->wire_count || m->hold_count || m->busy ||
2105 (m->flags & PG_BUSY))
2109 pmap_pagedaemon_waken = 0;
2114 * If it is the first entry on the list, it is actually
2115 * in the header and we must copy the following entry up
2116 * to the header. Otherwise we must search the list for
2117 * the entry. In either case we free the now unused entry.
2120 pmap_remove_entry(struct pmap *pmap, vm_page_t m,
2121 vm_offset_t va, pmap_inval_info_t info)
2128 if (m->md.pv_list_count < pmap->pm_stats.resident_count) {
2129 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2130 if (pmap == pv->pv_pmap && va == pv->pv_va)
2134 TAILQ_FOREACH(pv, &pmap->pm_pvlist, pv_plist) {
2135 if (va == pv->pv_va)
2141 /* JGXXX When can 'pv' be NULL? */
2143 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2144 m->md.pv_list_count--;
2145 KKASSERT(m->md.pv_list_count >= 0);
2146 if (TAILQ_EMPTY(&m->md.pv_list))
2147 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
2148 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
2149 ++pmap->pm_generation;
2150 rtval = pmap_unuse_pt(pmap, va, pv->pv_ptem, info);
2158 * Create a pv entry for page at pa for
2162 pmap_insert_entry(pmap_t pmap, vm_offset_t va, vm_page_t mpte, vm_page_t m)
2168 pv = get_pv_entry();
2173 TAILQ_INSERT_TAIL(&pmap->pm_pvlist, pv, pv_plist);
2174 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
2175 m->md.pv_list_count++;
2181 * pmap_remove_pte: do the things to unmap a page in a process
2184 pmap_remove_pte(struct pmap *pmap, pt_entry_t *ptq, vm_offset_t va,
2185 pmap_inval_info_t info)
2191 pmap_inval_add(info, pmap, va);
2192 oldpte = pte_load_clear(ptq);
2194 pmap->pm_stats.wired_count -= 1;
2196 * Machines that don't support invlpg, also don't support
2197 * PG_G. XXX PG_G is disabled for SMP so don't worry about
2201 cpu_invlpg((void *)va);
2202 KKASSERT(pmap->pm_stats.resident_count > 0);
2203 --pmap->pm_stats.resident_count;
2204 if (oldpte & PG_MANAGED) {
2205 m = PHYS_TO_VM_PAGE(oldpte);
2206 if (oldpte & PG_M) {
2207 #if defined(PMAP_DIAGNOSTIC)
2208 if (pmap_nw_modified((pt_entry_t) oldpte)) {
2210 "pmap_remove: modified page not writable: va: 0x%lx, pte: 0x%lx\n",
2214 if (pmap_track_modified(va))
2218 vm_page_flag_set(m, PG_REFERENCED);
2219 return pmap_remove_entry(pmap, m, va, info);
2221 return pmap_unuse_pt(pmap, va, NULL, info);
2230 * Remove a single page from a process address space.
2232 * This function may not be called from an interrupt if the pmap is
2236 pmap_remove_page(struct pmap *pmap, vm_offset_t va, pmap_inval_info_t info)
2241 pte = pmap_pte(pmap, va);
2244 if ((*pte & PG_V) == 0)
2246 pmap_remove_pte(pmap, pte, va, info);
2252 * Remove the given range of addresses from the specified map.
2254 * It is assumed that the start and end are properly
2255 * rounded to the page size.
2257 * This function may not be called from an interrupt if the pmap is
2261 pmap_remove(struct pmap *pmap, vm_offset_t sva, vm_offset_t eva)
2264 vm_offset_t va_next;
2265 pml4_entry_t *pml4e;
2267 pd_entry_t ptpaddr, *pde;
2269 struct pmap_inval_info info;
2274 if (pmap->pm_stats.resident_count == 0)
2277 pmap_inval_init(&info);
2280 * special handling of removing one page. a very
2281 * common operation and easy to short circuit some
2284 if (sva + PAGE_SIZE == eva) {
2285 pde = pmap_pde(pmap, sva);
2286 if (pde && (*pde & PG_PS) == 0) {
2287 pmap_remove_page(pmap, sva, &info);
2288 pmap_inval_flush(&info);
2293 for (; sva < eva; sva = va_next) {
2294 pml4e = pmap_pml4e(pmap, sva);
2295 if ((*pml4e & PG_V) == 0) {
2296 va_next = (sva + NBPML4) & ~PML4MASK;
2302 pdpe = pmap_pml4e_to_pdpe(pml4e, sva);
2303 if ((*pdpe & PG_V) == 0) {
2304 va_next = (sva + NBPDP) & ~PDPMASK;
2311 * Calculate index for next page table.
2313 va_next = (sva + NBPDR) & ~PDRMASK;
2317 pde = pmap_pdpe_to_pde(pdpe, sva);
2321 * Weed out invalid mappings.
2327 * Check for large page.
2329 if ((ptpaddr & PG_PS) != 0) {
2330 /* JG FreeBSD has more complex treatment here */
2331 pmap_inval_add(&info, pmap, -1);
2333 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
2338 * Limit our scan to either the end of the va represented
2339 * by the current page table page, or to the end of the
2340 * range being removed.
2346 * NOTE: pmap_remove_pte() can block.
2348 for (pte = pmap_pde_to_pte(pde, sva); sva != va_next; pte++,
2352 if (pmap_remove_pte(pmap, pte, sva, &info))
2356 pmap_inval_flush(&info);
2362 * Removes this physical page from all physical maps in which it resides.
2363 * Reflects back modify bits to the pager.
2365 * This routine may not be called from an interrupt.
2369 pmap_remove_all(vm_page_t m)
2372 struct pmap_inval_info info;
2373 pt_entry_t *pte, tpte;
2376 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2379 pmap_inval_init(&info);
2381 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
2382 KKASSERT(pv->pv_pmap->pm_stats.resident_count > 0);
2383 --pv->pv_pmap->pm_stats.resident_count;
2385 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2386 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
2387 tpte = pte_load_clear(pte);
2390 pv->pv_pmap->pm_stats.wired_count--;
2393 vm_page_flag_set(m, PG_REFERENCED);
2396 * Update the vm_page_t clean and reference bits.
2399 #if defined(PMAP_DIAGNOSTIC)
2400 if (pmap_nw_modified(tpte)) {
2402 "pmap_remove_all: modified page not writable: va: 0x%lx, pte: 0x%lx\n",
2406 if (pmap_track_modified(pv->pv_va))
2409 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2410 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
2411 ++pv->pv_pmap->pm_generation;
2412 m->md.pv_list_count--;
2413 KKASSERT(m->md.pv_list_count >= 0);
2414 if (TAILQ_EMPTY(&m->md.pv_list))
2415 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
2416 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
2420 KKASSERT((m->flags & (PG_MAPPED|PG_WRITEABLE)) == 0);
2421 pmap_inval_flush(&info);
2427 * Set the physical protection on the specified range of this map
2430 * This function may not be called from an interrupt if the map is
2431 * not the kernel_pmap.
2434 pmap_protect(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
2437 vm_offset_t va_next;
2438 pml4_entry_t *pml4e;
2440 pd_entry_t ptpaddr, *pde;
2442 pmap_inval_info info;
2444 /* JG review for NX */
2449 if ((prot & VM_PROT_READ) == VM_PROT_NONE) {
2450 pmap_remove(pmap, sva, eva);
2454 if (prot & VM_PROT_WRITE)
2457 pmap_inval_init(&info);
2459 for (; sva < eva; sva = va_next) {
2461 pml4e = pmap_pml4e(pmap, sva);
2462 if ((*pml4e & PG_V) == 0) {
2463 va_next = (sva + NBPML4) & ~PML4MASK;
2469 pdpe = pmap_pml4e_to_pdpe(pml4e, sva);
2470 if ((*pdpe & PG_V) == 0) {
2471 va_next = (sva + NBPDP) & ~PDPMASK;
2477 va_next = (sva + NBPDR) & ~PDRMASK;
2481 pde = pmap_pdpe_to_pde(pdpe, sva);
2485 * Check for large page.
2487 if ((ptpaddr & PG_PS) != 0) {
2488 pmap_inval_add(&info, pmap, -1);
2489 *pde &= ~(PG_M|PG_RW);
2490 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
2495 * Weed out invalid mappings. Note: we assume that the page
2496 * directory table is always allocated, and in kernel virtual.
2504 for (pte = pmap_pde_to_pte(pde, sva); sva != va_next; pte++,
2506 pt_entry_t obits, pbits;
2510 * XXX non-optimal. Note also that there can be
2511 * no pmap_inval_flush() calls until after we modify
2512 * ptbase[sindex] (or otherwise we have to do another
2513 * pmap_inval_add() call).
2515 pmap_inval_add(&info, pmap, sva);
2516 obits = pbits = *pte;
2517 if ((pbits & PG_V) == 0)
2519 if (pbits & PG_MANAGED) {
2522 m = PHYS_TO_VM_PAGE(pbits & PG_FRAME);
2523 vm_page_flag_set(m, PG_REFERENCED);
2527 if (pmap_track_modified(sva)) {
2529 m = PHYS_TO_VM_PAGE(pbits & PG_FRAME);
2538 if (pbits != obits) {
2543 pmap_inval_flush(&info);
2547 * Insert the given physical page (p) at
2548 * the specified virtual address (v) in the
2549 * target physical map with the protection requested.
2551 * If specified, the page will be wired down, meaning
2552 * that the related pte can not be reclaimed.
2554 * NB: This is the only routine which MAY NOT lazy-evaluate
2555 * or lose information. That is, this routine must actually
2556 * insert this page into the given map NOW.
2559 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
2567 pt_entry_t origpte, newpte;
2569 pmap_inval_info info;
2574 va = trunc_page(va);
2575 #ifdef PMAP_DIAGNOSTIC
2577 panic("pmap_enter: toobig");
2578 if ((va >= UPT_MIN_ADDRESS) && (va < UPT_MAX_ADDRESS))
2579 panic("pmap_enter: invalid to pmap_enter page table pages (va: 0x%lx)", va);
2581 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
2582 kprintf("Warning: pmap_enter called on UVA with kernel_pmap\n");
2584 db_print_backtrace();
2587 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
2588 kprintf("Warning: pmap_enter called on KVA without kernel_pmap\n");
2590 db_print_backtrace();
2595 * In the case that a page table page is not
2596 * resident, we are creating it here.
2598 if (va < VM_MAX_USER_ADDRESS)
2599 mpte = pmap_allocpte(pmap, va);
2603 pmap_inval_init(&info);
2604 pde = pmap_pde(pmap, va);
2605 if (pde != NULL && (*pde & PG_V) != 0) {
2606 if ((*pde & PG_PS) != 0)
2607 panic("pmap_enter: attempted pmap_enter on 2MB page");
2608 pte = pmap_pde_to_pte(pde, va);
2610 panic("pmap_enter: invalid page directory va=%#lx", va);
2612 KKASSERT(pte != NULL);
2613 pa = VM_PAGE_TO_PHYS(m);
2615 opa = origpte & PG_FRAME;
2618 * Mapping has not changed, must be protection or wiring change.
2620 if (origpte && (opa == pa)) {
2622 * Wiring change, just update stats. We don't worry about
2623 * wiring PT pages as they remain resident as long as there
2624 * are valid mappings in them. Hence, if a user page is wired,
2625 * the PT page will be also.
2627 if (wired && ((origpte & PG_W) == 0))
2628 pmap->pm_stats.wired_count++;
2629 else if (!wired && (origpte & PG_W))
2630 pmap->pm_stats.wired_count--;
2632 #if defined(PMAP_DIAGNOSTIC)
2633 if (pmap_nw_modified(origpte)) {
2635 "pmap_enter: modified page not writable: va: 0x%lx, pte: 0x%lx\n",
2641 * Remove the extra pte reference. Note that we cannot
2642 * optimize the RO->RW case because we have adjusted the
2643 * wiring count above and may need to adjust the wiring
2650 * We might be turning off write access to the page,
2651 * so we go ahead and sense modify status.
2653 if (origpte & PG_MANAGED) {
2654 if ((origpte & PG_M) && pmap_track_modified(va)) {
2656 om = PHYS_TO_VM_PAGE(opa);
2660 KKASSERT(m->flags & PG_MAPPED);
2665 * Mapping has changed, invalidate old range and fall through to
2666 * handle validating new mapping.
2670 err = pmap_remove_pte(pmap, pte, va, &info);
2672 panic("pmap_enter: pte vanished, va: 0x%lx", va);
2676 * Enter on the PV list if part of our managed memory. Note that we
2677 * raise IPL while manipulating pv_table since pmap_enter can be
2678 * called at interrupt time.
2680 if (pmap_initialized &&
2681 (m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2682 pmap_insert_entry(pmap, va, mpte, m);
2684 vm_page_flag_set(m, PG_MAPPED);
2688 * Increment counters
2690 ++pmap->pm_stats.resident_count;
2692 pmap->pm_stats.wired_count++;
2696 * Now validate mapping with desired protection/wiring.
2698 newpte = (pt_entry_t) (pa | pte_prot(pmap, prot) | PG_V);
2702 if (va < VM_MAX_USER_ADDRESS)
2704 if (pmap == &kernel_pmap)
2708 * if the mapping or permission bits are different, we need
2709 * to update the pte.
2711 if ((origpte & ~(PG_M|PG_A)) != newpte) {
2712 pmap_inval_add(&info, pmap, va);
2713 *pte = newpte | PG_A;
2715 vm_page_flag_set(m, PG_WRITEABLE);
2717 KKASSERT((newpte & PG_MANAGED) == 0 || (m->flags & PG_MAPPED));
2718 pmap_inval_flush(&info);
2722 * This code works like pmap_enter() but assumes VM_PROT_READ and not-wired.
2723 * This code also assumes that the pmap has no pre-existing entry for this
2726 * This code currently may only be used on user pmaps, not kernel_pmap.
2729 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m)
2735 vm_pindex_t ptepindex;
2737 pmap_inval_info info;
2739 pmap_inval_init(&info);
2741 if (va < UPT_MAX_ADDRESS && pmap == &kernel_pmap) {
2742 kprintf("Warning: pmap_enter_quick called on UVA with kernel_pmap\n");
2744 db_print_backtrace();
2747 if (va >= UPT_MAX_ADDRESS && pmap != &kernel_pmap) {
2748 kprintf("Warning: pmap_enter_quick called on KVA without kernel_pmap\n");
2750 db_print_backtrace();
2754 KKASSERT(va < UPT_MIN_ADDRESS); /* assert used on user pmaps only */
2757 * Calculate the page table page (mpte), allocating it if necessary.
2759 * A held page table page (mpte), or NULL, is passed onto the
2760 * section following.
2762 if (va < VM_MAX_USER_ADDRESS) {
2764 * Calculate pagetable page index
2766 ptepindex = pmap_pde_pindex(va);
2770 * Get the page directory entry
2772 ptepa = pmap_pde(pmap, va);
2775 * If the page table page is mapped, we just increment
2776 * the hold count, and activate it.
2778 if (ptepa && (*ptepa & PG_V) != 0) {
2780 panic("pmap_enter_quick: unexpected mapping into 2MB page");
2781 // if (pmap->pm_ptphint &&
2782 // (pmap->pm_ptphint->pindex == ptepindex)) {
2783 // mpte = pmap->pm_ptphint;
2785 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
2786 pmap->pm_ptphint = mpte;
2791 mpte = _pmap_allocpte(pmap, ptepindex);
2793 } while (mpte == NULL);
2796 /* this code path is not yet used */
2800 * With a valid (and held) page directory page, we can just use
2801 * vtopte() to get to the pte. If the pte is already present
2802 * we do not disturb it.
2807 pmap_unwire_pte_hold(pmap, va, mpte, &info);
2808 pa = VM_PAGE_TO_PHYS(m);
2809 KKASSERT(((*pte ^ pa) & PG_FRAME) == 0);
2814 * Enter on the PV list if part of our managed memory
2816 if ((m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2817 pmap_insert_entry(pmap, va, mpte, m);
2818 vm_page_flag_set(m, PG_MAPPED);
2822 * Increment counters
2824 ++pmap->pm_stats.resident_count;
2826 pa = VM_PAGE_TO_PHYS(m);
2829 * Now validate mapping with RO protection
2831 if (m->flags & (PG_FICTITIOUS|PG_UNMANAGED))
2832 *pte = pa | PG_V | PG_U;
2834 *pte = pa | PG_V | PG_U | PG_MANAGED;
2835 /* pmap_inval_add(&info, pmap, va); shouldn't be needed inval->valid */
2836 pmap_inval_flush(&info);
2840 * Make a temporary mapping for a physical address. This is only intended
2841 * to be used for panic dumps.
2843 /* JG Needed on amd64? */
2845 pmap_kenter_temporary(vm_paddr_t pa, int i)
2848 pmap_kenter((vm_offset_t)crashdumpmap + (i * PAGE_SIZE), pa);
2849 return ((void *)crashdumpmap);
2852 #define MAX_INIT_PT (96)
2855 * This routine preloads the ptes for a given object into the specified pmap.
2856 * This eliminates the blast of soft faults on process startup and
2857 * immediately after an mmap.
2859 static int pmap_object_init_pt_callback(vm_page_t p, void *data);
2862 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_prot_t prot,
2863 vm_object_t object, vm_pindex_t pindex,
2864 vm_size_t size, int limit)
2867 struct rb_vm_page_scan_info info;
2872 * We can't preinit if read access isn't set or there is no pmap
2875 if ((prot & VM_PROT_READ) == 0 || pmap == NULL || object == NULL)
2879 * We can't preinit if the pmap is not the current pmap
2881 lp = curthread->td_lwp;
2882 if (lp == NULL || pmap != vmspace_pmap(lp->lwp_vmspace))
2885 psize = amd64_btop(size);
2887 if ((object->type != OBJT_VNODE) ||
2888 ((limit & MAP_PREFAULT_PARTIAL) && (psize > MAX_INIT_PT) &&
2889 (object->resident_page_count > MAX_INIT_PT))) {
2893 if (psize + pindex > object->size) {
2894 if (object->size < pindex)
2896 psize = object->size - pindex;
2903 * Use a red-black scan to traverse the requested range and load
2904 * any valid pages found into the pmap.
2906 * We cannot safely scan the object's memq unless we are in a
2907 * critical section since interrupts can remove pages from objects.
2909 info.start_pindex = pindex;
2910 info.end_pindex = pindex + psize - 1;
2917 vm_page_rb_tree_RB_SCAN(&object->rb_memq, rb_vm_page_scancmp,
2918 pmap_object_init_pt_callback, &info);
2924 pmap_object_init_pt_callback(vm_page_t p, void *data)
2927 struct rb_vm_page_scan_info *info = data;
2928 vm_pindex_t rel_index;
2930 * don't allow an madvise to blow away our really
2931 * free pages allocating pv entries.
2933 if ((info->limit & MAP_PREFAULT_MADVISE) &&
2934 vmstats.v_free_count < vmstats.v_free_reserved) {
2937 if (((p->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2938 (p->busy == 0) && (p->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2939 if ((p->queue - p->pc) == PQ_CACHE)
2940 vm_page_deactivate(p);
2942 rel_index = p->pindex - info->start_pindex;
2943 pmap_enter_quick(info->pmap,
2944 info->addr + amd64_ptob(rel_index), p);
2951 * pmap_prefault provides a quick way of clustering pagefaults into a
2952 * processes address space. It is a "cousin" of pmap_object_init_pt,
2953 * except it runs at page fault time instead of mmap time.
2957 #define PAGEORDER_SIZE (PFBAK+PFFOR)
2959 static int pmap_prefault_pageorder[] = {
2960 -PAGE_SIZE, PAGE_SIZE,
2961 -2 * PAGE_SIZE, 2 * PAGE_SIZE,
2962 -3 * PAGE_SIZE, 3 * PAGE_SIZE,
2963 -4 * PAGE_SIZE, 4 * PAGE_SIZE
2967 pmap_prefault(pmap_t pmap, vm_offset_t addra, vm_map_entry_t entry)
2979 * We do not currently prefault mappings that use virtual page
2980 * tables. We do not prefault foreign pmaps.
2982 if (entry->maptype == VM_MAPTYPE_VPAGETABLE)
2984 lp = curthread->td_lwp;
2985 if (lp == NULL || (pmap != vmspace_pmap(lp->lwp_vmspace)))
2988 object = entry->object.vm_object;
2990 starta = addra - PFBAK * PAGE_SIZE;
2991 if (starta < entry->start)
2992 starta = entry->start;
2993 else if (starta > addra)
2997 * critical section protection is required to maintain the
2998 * page/object association, interrupts can free pages and remove
2999 * them from their objects.
3002 for (i = 0; i < PAGEORDER_SIZE; i++) {
3003 vm_object_t lobject;
3006 addr = addra + pmap_prefault_pageorder[i];
3007 if (addr > addra + (PFFOR * PAGE_SIZE))
3010 if (addr < starta || addr >= entry->end)
3013 if ((*pmap_pde(pmap, addr)) == 0)
3020 pindex = ((addr - entry->start) + entry->offset) >> PAGE_SHIFT;
3023 for (m = vm_page_lookup(lobject, pindex);
3024 (!m && (lobject->type == OBJT_DEFAULT) &&
3025 (lobject->backing_object));
3026 lobject = lobject->backing_object
3028 if (lobject->backing_object_offset & PAGE_MASK)
3030 pindex += (lobject->backing_object_offset >> PAGE_SHIFT);
3031 m = vm_page_lookup(lobject->backing_object, pindex);
3035 * give-up when a page is not in memory
3040 if (((m->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
3042 (m->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
3044 if ((m->queue - m->pc) == PQ_CACHE) {
3045 vm_page_deactivate(m);
3048 pmap_enter_quick(pmap, addr, m);
3056 * Routine: pmap_change_wiring
3057 * Function: Change the wiring attribute for a map/virtual-address
3059 * In/out conditions:
3060 * The mapping must already exist in the pmap.
3063 pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired)
3071 pte = pmap_pte(pmap, va);
3073 if (wired && !pmap_pte_w(pte))
3074 pmap->pm_stats.wired_count++;
3075 else if (!wired && pmap_pte_w(pte))
3076 pmap->pm_stats.wired_count--;
3079 * Wiring is not a hardware characteristic so there is no need to
3080 * invalidate TLB. However, in an SMP environment we must use
3081 * a locked bus cycle to update the pte (if we are not using
3082 * the pmap_inval_*() API that is)... it's ok to do this for simple
3087 atomic_set_int(pte, PG_W);
3089 atomic_clear_int(pte, PG_W);
3092 atomic_set_int_nonlocked(pte, PG_W);
3094 atomic_clear_int_nonlocked(pte, PG_W);
3101 * Copy the range specified by src_addr/len
3102 * from the source map to the range dst_addr/len
3103 * in the destination map.
3105 * This routine is only advisory and need not do anything.
3108 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr,
3109 vm_size_t len, vm_offset_t src_addr)
3112 pmap_inval_info info;
3114 vm_offset_t end_addr = src_addr + len;
3116 pd_entry_t src_frame, dst_frame;
3119 if (dst_addr != src_addr)
3122 * XXX BUGGY. Amoung other things srcmpte is assumed to remain
3123 * valid through blocking calls, and that's just not going to
3131 src_frame = src_pmap->pm_pdir[PTDPTDI] & PG_FRAME;
3132 if (src_frame != (PTDpde & PG_FRAME)) {
3136 dst_frame = dst_pmap->pm_pdir[PTDPTDI] & PG_FRAME;
3137 if (dst_frame != (APTDpde & PG_FRAME)) {
3138 APTDpde = (pd_entry_t) (dst_frame | PG_RW | PG_V);
3139 /* The page directory is not shared between CPUs */
3143 pmap_inval_init(&info);
3144 pmap_inval_add(&info, dst_pmap, -1);
3145 pmap_inval_add(&info, src_pmap, -1);
3148 * critical section protection is required to maintain the page/object
3149 * association, interrupts can free pages and remove them from
3153 for (addr = src_addr; addr < end_addr; addr = pdnxt) {
3154 pt_entry_t *src_pte, *dst_pte;
3155 vm_page_t dstmpte, srcmpte;
3156 vm_offset_t srcptepaddr;
3157 vm_pindex_t ptepindex;
3159 if (addr >= UPT_MIN_ADDRESS)
3160 panic("pmap_copy: invalid to pmap_copy page tables\n");
3163 * Don't let optional prefaulting of pages make us go
3164 * way below the low water mark of free pages or way
3165 * above high water mark of used pv entries.
3167 if (vmstats.v_free_count < vmstats.v_free_reserved ||
3168 pv_entry_count > pv_entry_high_water)
3171 pdnxt = ((addr + PAGE_SIZE*NPTEPG) & ~(PAGE_SIZE*NPTEPG - 1));
3172 ptepindex = addr >> PDRSHIFT;
3175 srcptepaddr = (vm_offset_t) src_pmap->pm_pdir[ptepindex];
3177 if (srcptepaddr == 0)
3180 if (srcptepaddr & PG_PS) {
3182 if (dst_pmap->pm_pdir[ptepindex] == 0) {
3183 dst_pmap->pm_pdir[ptepindex] = (pd_entry_t) srcptepaddr;
3184 dst_pmap->pm_stats.resident_count += NBPDR / PAGE_SIZE;
3190 srcmpte = vm_page_lookup(src_pmap->pm_pteobj, ptepindex);
3191 if ((srcmpte == NULL) || (srcmpte->hold_count == 0) ||
3192 (srcmpte->flags & PG_BUSY)) {
3196 if (pdnxt > end_addr)
3199 src_pte = vtopte(addr);
3201 dst_pte = avtopte(addr);
3203 while (addr < pdnxt) {
3208 * we only virtual copy managed pages
3210 if ((ptetemp & PG_MANAGED) != 0) {
3212 * We have to check after allocpte for the
3213 * pte still being around... allocpte can
3216 * pmap_allocpte() can block. If we lose
3217 * our page directory mappings we stop.
3219 dstmpte = pmap_allocpte(dst_pmap, addr);
3222 if (src_frame != (PTDpde & PG_FRAME) ||
3223 dst_frame != (APTDpde & PG_FRAME)
3225 kprintf("WARNING: pmap_copy: detected and corrected race\n");
3226 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
3228 } else if ((*dst_pte == 0) &&
3229 (ptetemp = *src_pte) != 0 &&
3230 (ptetemp & PG_MANAGED)) {
3232 * Clear the modified and
3233 * accessed (referenced) bits
3236 m = PHYS_TO_VM_PAGE(ptetemp);
3237 *dst_pte = ptetemp & ~(PG_M | PG_A);
3238 ++dst_pmap->pm_stats.resident_count;
3239 pmap_insert_entry(dst_pmap, addr,
3241 KKASSERT(m->flags & PG_MAPPED);
3243 kprintf("WARNING: pmap_copy: dst_pte race detected and corrected\n");
3244 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
3248 if (dstmpte->hold_count >= srcmpte->hold_count)
3258 pmap_inval_flush(&info);
3264 * Zero the specified physical page.
3266 * This function may be called from an interrupt and no locking is
3270 pmap_zero_page(vm_paddr_t phys)
3273 vm_offset_t va = PHYS_TO_DMAP(phys);
3275 pagezero((void *)va);
3279 * pmap_page_assertzero:
3281 * Assert that a page is empty, panic if it isn't.
3284 pmap_page_assertzero(vm_paddr_t phys)
3287 struct mdglobaldata *gd = mdcpu;
3291 vm_offset_t virt = PHYS_TO_DMAP(phys);
3293 for (i = 0; i < PAGE_SIZE; i += sizeof(int)) {
3294 if (*(int *)((char *)virt + i) != 0) {
3295 panic("pmap_page_assertzero() @ %p not zero!\n",
3305 * Zero part of a physical page by mapping it into memory and clearing
3306 * its contents with bzero.
3308 * off and size may not cover an area beyond a single hardware page.
3311 pmap_zero_page_area(vm_paddr_t phys, int off, int size)
3314 struct mdglobaldata *gd = mdcpu;
3317 vm_offset_t virt = PHYS_TO_DMAP(phys);
3318 bzero((char *)virt + off, size);
3325 * Copy the physical page from the source PA to the target PA.
3326 * This function may be called from an interrupt. No locking
3330 pmap_copy_page(vm_paddr_t src, vm_paddr_t dst)
3333 vm_offset_t src_virt, dst_virt;
3336 src_virt = PHYS_TO_DMAP(src);
3337 dst_virt = PHYS_TO_DMAP(dst);
3338 bcopy(src_virt, dst_virt, PAGE_SIZE);
3343 * pmap_copy_page_frag:
3345 * Copy the physical page from the source PA to the target PA.
3346 * This function may be called from an interrupt. No locking
3350 pmap_copy_page_frag(vm_paddr_t src, vm_paddr_t dst, size_t bytes)
3353 vm_offset_t src_virt, dst_virt;
3356 src_virt = PHYS_TO_DMAP(src);
3357 dst_virt = PHYS_TO_DMAP(dst);
3358 bcopy((char *)src_virt + (src & PAGE_MASK),
3359 (char *)dst_virt + (dst & PAGE_MASK),
3365 * Returns true if the pmap's pv is one of the first
3366 * 16 pvs linked to from this page. This count may
3367 * be changed upwards or downwards in the future; it
3368 * is only necessary that true be returned for a small
3369 * subset of pmaps for proper page aging.
3372 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
3378 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3383 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3384 if (pv->pv_pmap == pmap) {
3397 * Remove all pages from specified address space
3398 * this aids process exit speeds. Also, this code
3399 * is special cased for current process only, but
3400 * can have the more generic (and slightly slower)
3401 * mode enabled. This is much faster than pmap_remove
3402 * in the case of running down an entire address space.
3405 pmap_remove_pages(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
3409 pt_entry_t *pte, tpte;
3412 pmap_inval_info info;
3414 int save_generation;
3416 lp = curthread->td_lwp;
3417 if (lp && pmap == vmspace_pmap(lp->lwp_vmspace))
3422 pmap_inval_init(&info);
3424 for (pv = TAILQ_FIRST(&pmap->pm_pvlist); pv; pv = npv) {
3425 if (pv->pv_va >= eva || pv->pv_va < sva) {
3426 npv = TAILQ_NEXT(pv, pv_plist);
3430 KKASSERT(pmap == pv->pv_pmap);
3433 pte = vtopte(pv->pv_va);
3435 pte = pmap_pte_quick(pmap, pv->pv_va);
3436 if (pmap->pm_active)
3437 pmap_inval_add(&info, pmap, pv->pv_va);
3440 * We cannot remove wired pages from a process' mapping
3444 npv = TAILQ_NEXT(pv, pv_plist);
3447 tpte = pte_load_clear(pte);
3449 m = PHYS_TO_VM_PAGE(tpte & PG_FRAME);
3451 KASSERT(m < &vm_page_array[vm_page_array_size],
3452 ("pmap_remove_pages: bad tpte %lx", tpte));
3454 KKASSERT(pmap->pm_stats.resident_count > 0);
3455 --pmap->pm_stats.resident_count;
3458 * Update the vm_page_t clean and reference bits.
3464 npv = TAILQ_NEXT(pv, pv_plist);
3465 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
3466 save_generation = ++pmap->pm_generation;
3468 m->md.pv_list_count--;
3469 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
3470 if (TAILQ_EMPTY(&m->md.pv_list))
3471 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
3473 pmap_unuse_pt(pmap, pv->pv_va, pv->pv_ptem, &info);
3477 * Restart the scan if we blocked during the unuse or free
3478 * calls and other removals were made.
3480 if (save_generation != pmap->pm_generation) {
3481 kprintf("Warning: pmap_remove_pages race-A avoided\n");
3482 pv = TAILQ_FIRST(&pmap->pm_pvlist);
3485 pmap_inval_flush(&info);
3490 * pmap_testbit tests bits in pte's
3491 * note that the testbit/clearbit routines are inline,
3492 * and a lot of things compile-time evaluate.
3495 pmap_testbit(vm_page_t m, int bit)
3501 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3504 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
3509 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3511 * if the bit being tested is the modified bit, then
3512 * mark clean_map and ptes as never
3515 if (bit & (PG_A|PG_M)) {
3516 if (!pmap_track_modified(pv->pv_va))
3520 #if defined(PMAP_DIAGNOSTIC)
3521 if (pv->pv_pmap == NULL) {
3522 kprintf("Null pmap (tb) at va: 0x%lx\n", pv->pv_va);
3526 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3537 * this routine is used to modify bits in ptes
3539 static __inline void
3540 pmap_clearbit(vm_page_t m, int bit)
3543 struct pmap_inval_info info;
3548 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3551 pmap_inval_init(&info);
3555 * Loop over all current mappings setting/clearing as appropos If
3556 * setting RO do we need to clear the VAC?
3558 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3560 * don't write protect pager mappings
3563 if (!pmap_track_modified(pv->pv_va))
3567 #if defined(PMAP_DIAGNOSTIC)
3568 if (pv->pv_pmap == NULL) {
3569 kprintf("Null pmap (cb) at va: 0x%lx\n", pv->pv_va);
3575 * Careful here. We can use a locked bus instruction to
3576 * clear PG_A or PG_M safely but we need to synchronize
3577 * with the target cpus when we mess with PG_RW.
3579 * We do not have to force synchronization when clearing
3580 * PG_M even for PTEs generated via virtual memory maps,
3581 * because the virtual kernel will invalidate the pmap
3582 * entry when/if it needs to resynchronize the Modify bit.
3585 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
3586 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3593 atomic_clear_long(pte, PG_M|PG_RW);
3596 * The cpu may be trying to set PG_M
3597 * simultaniously with our clearing
3600 if (!atomic_cmpset_long(pte, pbits,
3604 } else if (bit == PG_M) {
3606 * We could also clear PG_RW here to force
3607 * a fault on write to redetect PG_M for
3608 * virtual kernels, but it isn't necessary
3609 * since virtual kernels invalidate the pte
3610 * when they clear the VPTE_M bit in their
3611 * virtual page tables.
3613 atomic_clear_long(pte, PG_M);
3615 atomic_clear_long(pte, bit);
3619 pmap_inval_flush(&info);
3624 * pmap_page_protect:
3626 * Lower the permission for all mappings to a given page.
3629 pmap_page_protect(vm_page_t m, vm_prot_t prot)
3632 /* JG NX support? */
3633 if ((prot & VM_PROT_WRITE) == 0) {
3634 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) {
3635 pmap_clearbit(m, PG_RW);
3636 vm_page_flag_clear(m, PG_WRITEABLE);
3644 pmap_phys_address(vm_pindex_t ppn)
3647 return (amd64_ptob(ppn));
3651 * pmap_ts_referenced:
3653 * Return a count of reference bits for a page, clearing those bits.
3654 * It is not necessary for every reference bit to be cleared, but it
3655 * is necessary that 0 only be returned when there are truly no
3656 * reference bits set.
3658 * XXX: The exact number of bits to check and clear is a matter that
3659 * should be tested and standardized at some point in the future for
3660 * optimal aging of shared pages.
3663 pmap_ts_referenced(vm_page_t m)
3666 pv_entry_t pv, pvf, pvn;
3670 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3675 if ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
3680 pvn = TAILQ_NEXT(pv, pv_list);
3682 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
3684 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
3686 if (!pmap_track_modified(pv->pv_va))
3689 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3691 if (pte && (*pte & PG_A)) {
3693 atomic_clear_long(pte, PG_A);
3695 atomic_clear_long_nonlocked(pte, PG_A);
3702 } while ((pv = pvn) != NULL && pv != pvf);
3712 * Return whether or not the specified physical page was modified
3713 * in any physical maps.
3716 pmap_is_modified(vm_page_t m)
3719 return pmap_testbit(m, PG_M);
3723 * Clear the modify bits on the specified physical page.
3726 pmap_clear_modify(vm_page_t m)
3729 pmap_clearbit(m, PG_M);
3733 * pmap_clear_reference:
3735 * Clear the reference bit on the specified physical page.
3738 pmap_clear_reference(vm_page_t m)
3741 pmap_clearbit(m, PG_A);
3745 * Miscellaneous support routines follow
3749 i386_protection_init(void)
3754 /* JG NX support may go here; No VM_PROT_EXECUTE ==> set NX bit */
3755 kp = protection_codes;
3756 for (prot = 0; prot < 8; prot++) {
3758 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_NONE:
3760 * Read access is also 0. There isn't any execute bit,
3761 * so just make it readable.
3763 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_NONE:
3764 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_EXECUTE:
3765 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_EXECUTE:
3768 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_NONE:
3769 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_EXECUTE:
3770 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_NONE:
3771 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE:
3779 * Map a set of physical memory pages into the kernel virtual
3780 * address space. Return a pointer to where it is mapped. This
3781 * routine is intended to be used for mapping device memory,
3784 * NOTE: we can't use pgeflag unless we invalidate the pages one at
3788 pmap_mapdev(vm_paddr_t pa, vm_size_t size)
3791 vm_offset_t va, tmpva, offset;
3794 offset = pa & PAGE_MASK;
3795 size = roundup(offset + size, PAGE_SIZE);
3797 va = kmem_alloc_nofault(&kernel_map, size);
3799 panic("pmap_mapdev: Couldn't alloc kernel virtual memory");
3801 pa = pa & ~PAGE_MASK;
3802 for (tmpva = va; size > 0;) {
3803 pte = vtopte(tmpva);
3804 *pte = pa | PG_RW | PG_V; /* | pgeflag; */
3812 return ((void *)(va + offset));
3816 pmap_unmapdev(vm_offset_t va, vm_size_t size)
3819 vm_offset_t base, offset;
3821 base = va & ~PAGE_MASK;
3822 offset = va & PAGE_MASK;
3823 size = roundup(offset + size, PAGE_SIZE);
3824 pmap_qremove(va, size >> PAGE_SHIFT);
3825 kmem_free(&kernel_map, base, size);
3829 * perform the pmap work for mincore
3832 pmap_mincore(pmap_t pmap, vm_offset_t addr)
3835 pt_entry_t *ptep, pte;
3839 ptep = pmap_pte(pmap, addr);
3844 if ((pte = *ptep) != 0) {
3847 val = MINCORE_INCORE;
3848 if ((pte & PG_MANAGED) == 0)
3851 pa = pte & PG_FRAME;
3853 m = PHYS_TO_VM_PAGE(pa);
3859 val |= MINCORE_MODIFIED|MINCORE_MODIFIED_OTHER;
3861 * Modified by someone
3863 else if (m->dirty || pmap_is_modified(m))
3864 val |= MINCORE_MODIFIED_OTHER;
3869 val |= MINCORE_REFERENCED|MINCORE_REFERENCED_OTHER;
3872 * Referenced by someone
3874 else if ((m->flags & PG_REFERENCED) || pmap_ts_referenced(m)) {
3875 val |= MINCORE_REFERENCED_OTHER;
3876 vm_page_flag_set(m, PG_REFERENCED);
3883 * Replace p->p_vmspace with a new one. If adjrefs is non-zero the new
3884 * vmspace will be ref'd and the old one will be deref'd.
3886 * The vmspace for all lwps associated with the process will be adjusted
3887 * and cr3 will be reloaded if any lwp is the current lwp.
3890 pmap_replacevm(struct proc *p, struct vmspace *newvm, int adjrefs)
3893 struct vmspace *oldvm;
3897 oldvm = p->p_vmspace;
3898 if (oldvm != newvm) {
3899 p->p_vmspace = newvm;
3900 KKASSERT(p->p_nthreads == 1);
3901 lp = RB_ROOT(&p->p_lwp_tree);
3902 pmap_setlwpvm(lp, newvm);
3904 sysref_get(&newvm->vm_sysref);
3905 sysref_put(&oldvm->vm_sysref);
3912 * Set the vmspace for a LWP. The vmspace is almost universally set the
3913 * same as the process vmspace, but virtual kernels need to swap out contexts
3914 * on a per-lwp basis.
3917 pmap_setlwpvm(struct lwp *lp, struct vmspace *newvm)
3920 struct vmspace *oldvm;
3924 oldvm = lp->lwp_vmspace;
3926 if (oldvm != newvm) {
3927 lp->lwp_vmspace = newvm;
3928 if (curthread->td_lwp == lp) {
3929 pmap = vmspace_pmap(newvm);
3931 atomic_set_int(&pmap->pm_active, 1 << mycpu->gd_cpuid);
3933 pmap->pm_active |= 1;
3935 #if defined(SWTCH_OPTIM_STATS)
3938 curthread->td_pcb->pcb_cr3 = vtophys(pmap->pm_pml4);
3939 load_cr3(curthread->td_pcb->pcb_cr3);
3940 pmap = vmspace_pmap(oldvm);
3942 atomic_clear_int(&pmap->pm_active,
3943 1 << mycpu->gd_cpuid);
3945 pmap->pm_active &= ~1;
3953 pmap_addr_hint(vm_object_t obj, vm_offset_t addr, vm_size_t size)
3957 if ((obj == NULL) || (size < NBPDR) || (obj->type != OBJT_DEVICE)) {
3961 addr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
3968 static void pads (pmap_t pm);
3969 void pmap_pvdump (vm_paddr_t pa);
3971 /* print address space of pmap*/
3980 if (pm == &kernel_pmap)
3983 for (i = 0; i < NPDEPG; i++) {
3985 if (pm->pm_pdir[i]) {
3986 for (j = 0; j < NPTEPG; j++) {
3987 va = (i << PDRSHIFT) + (j << PAGE_SHIFT);
3988 if (pm == &kernel_pmap && va < KERNBASE)
3990 if (pm != &kernel_pmap && va > UPT_MAX_ADDRESS)
3992 ptep = pmap_pte_quick(pm, va);
3993 if (pmap_pte_v(ptep))
3994 kprintf("%lx:%lx ", va, *ptep);
4004 pmap_pvdump(vm_paddr_t pa)
4010 kprintf("pa %08llx", (long long)pa);
4011 m = PHYS_TO_VM_PAGE(pa);
4012 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
4014 kprintf(" -> pmap %p, va %x, flags %x",
4015 (void *)pv->pv_pmap, pv->pv_va, pv->pv_flags);
4017 kprintf(" -> pmap %p, va %x", (void *)pv->pv_pmap, pv->pv_va);
projects / dragonfly.git / blob