2 * Copyright (c) 1991 Regents of the University of California.
4 * Copyright (c) 1994 John S. Dyson
6 * Copyright (c) 1994 David Greenman
9 * This code is derived from software contributed to Berkeley by
10 * the Systems Programming Group of the University of Utah Computer
11 * Science Department and William Jolitz of UUNET Technologies Inc.
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. All advertising materials mentioning features or use of this software
22 * must display the following acknowledgement:
23 * This product includes software developed by the University of
24 * California, Berkeley and its contributors.
25 * 4. Neither the name of the University nor the names of its contributors
26 * may be used to endorse or promote products derived from this software
27 * without specific prior written permission.
29 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
32 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 * from: @(#)pmap.c 7.7 (Berkeley) 5/12/91
42 * $FreeBSD: src/sys/i386/i386/pmap.c,v 1.250.2.18 2002/03/06 22:48:53 silby Exp $
43 * $DragonFly: src/sys/i386/i386/Attic/pmap.c,v 1.51 2005/11/04 08:57:27 dillon Exp $
47 * Manages physical address maps.
49 * In addition to hardware address maps, this
50 * module is called upon to provide software-use-only
51 * maps which may or may not be stored in the same
52 * form as hardware maps. These pseudo-maps are
53 * used to store intermediate results from copy
54 * operations to and from address spaces.
56 * Since the information managed by this module is
57 * also stored by the logical address mapping module,
58 * this module may throw away valid virtual-to-physical
59 * mappings at almost any time. However, invalidations
60 * of virtual-to-physical mappings must be done as
63 * In order to cope with hardware architectures which
64 * make virtual-to-physical map invalidates expensive,
65 * this module may delay invalidate or reduced protection
66 * operations until such time as they are actually
67 * necessary. This module is given full information as
68 * to which processors are currently using which maps,
69 * and to when physical maps must be made correct.
72 #include "opt_disable_pse.h"
74 #include "opt_msgbuf.h"
76 #include <sys/param.h>
77 #include <sys/systm.h>
78 #include <sys/kernel.h>
80 #include <sys/msgbuf.h>
81 #include <sys/vmmeter.h>
85 #include <vm/vm_param.h>
86 #include <sys/sysctl.h>
88 #include <vm/vm_kern.h>
89 #include <vm/vm_page.h>
90 #include <vm/vm_map.h>
91 #include <vm/vm_object.h>
92 #include <vm/vm_extern.h>
93 #include <vm/vm_pageout.h>
94 #include <vm/vm_pager.h>
95 #include <vm/vm_zone.h>
98 #include <sys/thread2.h>
100 #include <machine/cputypes.h>
101 #include <machine/md_var.h>
102 #include <machine/specialreg.h>
103 #include <machine/smp.h>
104 #include <arch/apic/apicreg.h>
105 #include <machine/globaldata.h>
106 #include <machine/pmap.h>
107 #include <machine/pmap_inval.h>
109 #define PMAP_KEEP_PDIRS
110 #ifndef PMAP_SHPGPERPROC
111 #define PMAP_SHPGPERPROC 200
114 #if defined(DIAGNOSTIC)
115 #define PMAP_DIAGNOSTIC
120 #if !defined(PMAP_DIAGNOSTIC)
121 #define PMAP_INLINE __inline
127 * Get PDEs and PTEs for user/kernel address space
129 #define pmap_pde(m, v) (&((m)->pm_pdir[(vm_offset_t)(v) >> PDRSHIFT]))
130 #define pdir_pde(m, v) (m[(vm_offset_t)(v) >> PDRSHIFT])
132 #define pmap_pde_v(pte) ((*(int *)pte & PG_V) != 0)
133 #define pmap_pte_w(pte) ((*(int *)pte & PG_W) != 0)
134 #define pmap_pte_m(pte) ((*(int *)pte & PG_M) != 0)
135 #define pmap_pte_u(pte) ((*(int *)pte & PG_A) != 0)
136 #define pmap_pte_v(pte) ((*(int *)pte & PG_V) != 0)
140 * Given a map and a machine independent protection code,
141 * convert to a vax protection code.
143 #define pte_prot(m, p) \
144 (protection_codes[p & (VM_PROT_READ|VM_PROT_WRITE|VM_PROT_EXECUTE)])
145 static int protection_codes[8];
147 static struct pmap kernel_pmap_store;
150 vm_paddr_t avail_start; /* PA of first available physical page */
151 vm_paddr_t avail_end; /* PA of last available physical page */
152 vm_offset_t virtual_avail; /* VA of first avail page (after kernel bss) */
153 vm_offset_t virtual_end; /* VA of last avail page (end of kernel AS) */
154 static boolean_t pmap_initialized = FALSE; /* Has pmap_init completed? */
155 static int pgeflag; /* PG_G or-in */
156 static int pseflag; /* PG_PS or-in */
158 static vm_object_t kptobj;
161 vm_offset_t kernel_vm_end;
164 * Data for the pv entry allocation mechanism
166 static vm_zone_t pvzone;
167 static struct vm_zone pvzone_store;
168 static struct vm_object pvzone_obj;
169 static int pv_entry_count=0, pv_entry_max=0, pv_entry_high_water=0;
170 static int pmap_pagedaemon_waken = 0;
171 static struct pv_entry *pvinit;
174 * All those kernel PT submaps that BSD is so fond of
176 pt_entry_t *CMAP1 = 0, *ptmmap;
177 caddr_t CADDR1 = 0, ptvmmap = 0;
178 static pt_entry_t *msgbufmap;
179 struct msgbuf *msgbufp=0;
184 static pt_entry_t *pt_crashdumpmap;
185 static caddr_t crashdumpmap;
187 extern pt_entry_t *SMPpt;
189 static PMAP_INLINE void free_pv_entry (pv_entry_t pv);
190 static unsigned * get_ptbase (pmap_t pmap);
191 static pv_entry_t get_pv_entry (void);
192 static void i386_protection_init (void);
193 static __inline void pmap_changebit (vm_page_t m, int bit, boolean_t setem);
195 static void pmap_remove_all (vm_page_t m);
196 static vm_page_t pmap_enter_quick (pmap_t pmap, vm_offset_t va,
197 vm_page_t m, vm_page_t mpte);
198 static int pmap_remove_pte (struct pmap *pmap, unsigned *ptq,
199 vm_offset_t sva, pmap_inval_info_t info);
200 static void pmap_remove_page (struct pmap *pmap,
201 vm_offset_t va, pmap_inval_info_t info);
202 static int pmap_remove_entry (struct pmap *pmap, vm_page_t m,
203 vm_offset_t va, pmap_inval_info_t info);
204 static boolean_t pmap_testbit (vm_page_t m, int bit);
205 static void pmap_insert_entry (pmap_t pmap, vm_offset_t va,
206 vm_page_t mpte, vm_page_t m);
208 static vm_page_t pmap_allocpte (pmap_t pmap, vm_offset_t va);
210 static int pmap_release_free_page (pmap_t pmap, vm_page_t p);
211 static vm_page_t _pmap_allocpte (pmap_t pmap, unsigned ptepindex);
212 static unsigned * pmap_pte_quick (pmap_t pmap, vm_offset_t va);
213 static vm_page_t pmap_page_lookup (vm_object_t object, vm_pindex_t pindex);
214 static int pmap_unuse_pt (pmap_t, vm_offset_t, vm_page_t, pmap_inval_info_t);
215 static vm_offset_t pmap_kmem_choose(vm_offset_t addr);
217 static unsigned pdir4mb;
220 * Move the kernel virtual free pointer to the next
221 * 4MB. This is used to help improve performance
222 * by using a large (4MB) page for much of the kernel
223 * (.text, .data, .bss)
226 pmap_kmem_choose(vm_offset_t addr)
228 vm_offset_t newaddr = addr;
230 if (cpu_feature & CPUID_PSE) {
231 newaddr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
240 * Extract the page table entry associated with the given map/virtual
243 * This function may NOT be called from an interrupt.
245 PMAP_INLINE unsigned *
246 pmap_pte(pmap_t pmap, vm_offset_t va)
251 pdeaddr = (unsigned *) pmap_pde(pmap, va);
252 if (*pdeaddr & PG_PS)
255 return get_ptbase(pmap) + i386_btop(va);
264 * Super fast pmap_pte routine best used when scanning the pv lists.
265 * This eliminates many course-grained invltlb calls. Note that many of
266 * the pv list scans are across different pmaps and it is very wasteful
267 * to do an entire invltlb when checking a single mapping.
269 * Should only be called while in a critical section.
272 pmap_pte_quick(pmap_t pmap, vm_offset_t va)
274 struct mdglobaldata *gd = mdcpu;
277 if ((pde = (unsigned) pmap->pm_pdir[va >> PDRSHIFT]) != 0) {
278 unsigned frame = (unsigned) pmap->pm_pdir[PTDPTDI] & PG_FRAME;
279 unsigned index = i386_btop(va);
280 /* are we current address space or kernel? */
281 if ((pmap == kernel_pmap) ||
282 (frame == (((unsigned) PTDpde) & PG_FRAME))) {
283 return (unsigned *) PTmap + index;
285 newpf = pde & PG_FRAME;
286 if ( ((* (unsigned *) gd->gd_PMAP1) & PG_FRAME) != newpf) {
287 * (unsigned *) gd->gd_PMAP1 = newpf | PG_RW | PG_V;
288 cpu_invlpg(gd->gd_PADDR1);
290 return gd->gd_PADDR1 + ((unsigned) index & (NPTEPG - 1));
297 * Bootstrap the system enough to run with virtual memory.
299 * On the i386 this is called after mapping has already been enabled
300 * and just syncs the pmap module with what has already been done.
301 * [We can't call it easily with mapping off since the kernel is not
302 * mapped with PA == VA, hence we would have to relocate every address
303 * from the linked base (virtual) address "KERNBASE" to the actual
304 * (physical) address starting relative to 0]
307 pmap_bootstrap(firstaddr, loadaddr)
308 vm_paddr_t firstaddr;
313 struct mdglobaldata *gd;
316 avail_start = firstaddr;
319 * XXX The calculation of virtual_avail is wrong. It's NKPT*PAGE_SIZE too
320 * large. It should instead be correctly calculated in locore.s and
321 * not based on 'first' (which is a physical address, not a virtual
322 * address, for the start of unused physical memory). The kernel
323 * page tables are NOT double mapped and thus should not be included
324 * in this calculation.
326 virtual_avail = (vm_offset_t) KERNBASE + firstaddr;
327 virtual_avail = pmap_kmem_choose(virtual_avail);
329 virtual_end = VM_MAX_KERNEL_ADDRESS;
332 * Initialize protection array.
334 i386_protection_init();
337 * The kernel's pmap is statically allocated so we don't have to use
338 * pmap_create, which is unlikely to work correctly at this part of
339 * the boot sequence (XXX and which no longer exists).
341 kernel_pmap = &kernel_pmap_store;
343 kernel_pmap->pm_pdir = (pd_entry_t *)(KERNBASE + (u_int)IdlePTD);
344 kernel_pmap->pm_count = 1;
345 kernel_pmap->pm_active = (cpumask_t)-1; /* don't allow deactivation */
346 TAILQ_INIT(&kernel_pmap->pm_pvlist);
350 * Reserve some special page table entries/VA space for temporary
353 #define SYSMAP(c, p, v, n) \
354 v = (c)va; va += ((n)*PAGE_SIZE); p = pte; pte += (n);
357 pte = (pt_entry_t *) pmap_pte(kernel_pmap, va);
360 * CMAP1/CMAP2 are used for zeroing and copying pages.
362 SYSMAP(caddr_t, CMAP1, CADDR1, 1)
367 SYSMAP(caddr_t, pt_crashdumpmap, crashdumpmap, MAXDUMPPGS);
370 * ptvmmap is used for reading arbitrary physical pages via
373 SYSMAP(caddr_t, ptmmap, ptvmmap, 1)
376 * msgbufp is used to map the system message buffer.
377 * XXX msgbufmap is not used.
379 SYSMAP(struct msgbuf *, msgbufmap, msgbufp,
380 atop(round_page(MSGBUF_SIZE)))
385 for (i = 0; i < NKPT; i++)
389 * PG_G is terribly broken on SMP because we IPI invltlb's in some
390 * cases rather then invl1pg. Actually, I don't even know why it
391 * works under UP because self-referential page table mappings
396 if (cpu_feature & CPUID_PGE)
401 * Initialize the 4MB page size flag
405 * The 4MB page version of the initial
406 * kernel page mapping.
410 #if !defined(DISABLE_PSE)
411 if (cpu_feature & CPUID_PSE) {
414 * Note that we have enabled PSE mode
417 ptditmp = *((unsigned *)PTmap + i386_btop(KERNBASE));
418 ptditmp &= ~(NBPDR - 1);
419 ptditmp |= PG_V | PG_RW | PG_PS | PG_U | pgeflag;
424 * Enable the PSE mode. If we are SMP we can't do this
425 * now because the APs will not be able to use it when
428 load_cr4(rcr4() | CR4_PSE);
431 * We can do the mapping here for the single processor
432 * case. We simply ignore the old page table page from
436 * For SMP, we still need 4K pages to bootstrap APs,
437 * PSE will be enabled as soon as all APs are up.
439 PTD[KPTDI] = (pd_entry_t)ptditmp;
440 kernel_pmap->pm_pdir[KPTDI] = (pd_entry_t)ptditmp;
446 if (cpu_apic_address == 0)
447 panic("pmap_bootstrap: no local apic!");
449 /* local apic is mapped on last page */
450 SMPpt[NPTEPG - 1] = (pt_entry_t)(PG_V | PG_RW | PG_N | pgeflag |
451 (cpu_apic_address & PG_FRAME));
454 /* BSP does this itself, AP's get it pre-set */
455 gd = &CPU_prvspace[0].mdglobaldata;
456 gd->gd_CMAP1 = &SMPpt[1];
457 gd->gd_CMAP2 = &SMPpt[2];
458 gd->gd_CMAP3 = &SMPpt[3];
459 gd->gd_PMAP1 = &SMPpt[4];
460 gd->gd_CADDR1 = CPU_prvspace[0].CPAGE1;
461 gd->gd_CADDR2 = CPU_prvspace[0].CPAGE2;
462 gd->gd_CADDR3 = CPU_prvspace[0].CPAGE3;
463 gd->gd_PADDR1 = (unsigned *)CPU_prvspace[0].PPAGE1;
470 * Set 4mb pdir for mp startup
475 if (pseflag && (cpu_feature & CPUID_PSE)) {
476 load_cr4(rcr4() | CR4_PSE);
477 if (pdir4mb && mycpu->gd_cpuid == 0) { /* only on BSP */
478 kernel_pmap->pm_pdir[KPTDI] =
479 PTD[KPTDI] = (pd_entry_t)pdir4mb;
487 * Initialize the pmap module.
488 * Called by vm_init, to initialize any structures that the pmap
489 * system needs to map virtual memory.
490 * pmap_init has been enhanced to support in a fairly consistant
491 * way, discontiguous physical memory.
500 * object for kernel page table pages
502 kptobj = vm_object_allocate(OBJT_DEFAULT, NKPDE);
505 * Allocate memory for random pmap data structures. Includes the
509 for(i = 0; i < vm_page_array_size; i++) {
512 m = &vm_page_array[i];
513 TAILQ_INIT(&m->md.pv_list);
514 m->md.pv_list_count = 0;
518 * init the pv free list
520 initial_pvs = vm_page_array_size;
521 if (initial_pvs < MINPV)
523 pvzone = &pvzone_store;
524 pvinit = (struct pv_entry *) kmem_alloc(kernel_map,
525 initial_pvs * sizeof (struct pv_entry));
526 zbootinit(pvzone, "PV ENTRY", sizeof (struct pv_entry), pvinit,
530 * Now it is safe to enable pv_table recording.
532 pmap_initialized = TRUE;
536 * Initialize the address space (zone) for the pv_entries. Set a
537 * high water mark so that the system can recover from excessive
538 * numbers of pv entries.
543 int shpgperproc = PMAP_SHPGPERPROC;
545 TUNABLE_INT_FETCH("vm.pmap.shpgperproc", &shpgperproc);
546 pv_entry_max = shpgperproc * maxproc + vm_page_array_size;
547 TUNABLE_INT_FETCH("vm.pmap.pv_entries", &pv_entry_max);
548 pv_entry_high_water = 9 * (pv_entry_max / 10);
549 zinitna(pvzone, &pvzone_obj, NULL, 0, pv_entry_max, ZONE_INTERRUPT, 1);
553 /***************************************************
554 * Low level helper routines.....
555 ***************************************************/
557 #if defined(PMAP_DIAGNOSTIC)
560 * This code checks for non-writeable/modified pages.
561 * This should be an invalid condition.
564 pmap_nw_modified(pt_entry_t ptea)
570 if ((pte & (PG_M|PG_RW)) == PG_M)
579 * this routine defines the region(s) of memory that should
580 * not be tested for the modified bit.
582 static PMAP_INLINE int
583 pmap_track_modified(vm_offset_t va)
585 if ((va < clean_sva) || (va >= clean_eva))
592 get_ptbase(pmap_t pmap)
594 unsigned frame = (unsigned) pmap->pm_pdir[PTDPTDI] & PG_FRAME;
595 struct globaldata *gd = mycpu;
597 /* are we current address space or kernel? */
598 if (pmap == kernel_pmap || frame == (((unsigned) PTDpde) & PG_FRAME)) {
599 return (unsigned *) PTmap;
602 /* otherwise, we are alternate address space */
603 KKASSERT(gd->gd_intr_nesting_level == 0 && (gd->gd_curthread->td_flags & TDF_INTTHREAD) == 0);
605 if (frame != (((unsigned) APTDpde) & PG_FRAME)) {
606 APTDpde = (pd_entry_t)(frame | PG_RW | PG_V);
607 /* The page directory is not shared between CPUs */
610 return (unsigned *) APTmap;
616 * Extract the physical page address associated with the map/VA pair.
618 * This function may not be called from an interrupt if the pmap is
622 pmap_extract(pmap_t pmap, vm_offset_t va)
625 vm_offset_t pdirindex;
627 pdirindex = va >> PDRSHIFT;
628 if (pmap && (rtval = (unsigned) pmap->pm_pdir[pdirindex])) {
630 if ((rtval & PG_PS) != 0) {
631 rtval &= ~(NBPDR - 1);
632 rtval |= va & (NBPDR - 1);
635 pte = get_ptbase(pmap) + i386_btop(va);
636 rtval = ((*pte & PG_FRAME) | (va & PAGE_MASK));
643 * Extract user accessible page only, return NULL if the page is not
644 * present or if it's current state is not sufficient. Caller will
645 * generally call vm_fault() on failure and try again.
648 pmap_extract_vmpage(pmap_t pmap, vm_offset_t va, int prot)
651 vm_offset_t pdirindex;
653 pdirindex = va >> PDRSHIFT;
654 if (pmap && (rtval = (unsigned) pmap->pm_pdir[pdirindex])) {
658 if ((rtval & PG_PS) != 0) {
659 if ((rtval & (PG_V|PG_U)) != (PG_V|PG_U))
661 if ((prot & VM_PROT_WRITE) && (rtval & PG_RW) == 0)
663 rtval &= ~(NBPDR - 1);
664 rtval |= va & (NBPDR - 1);
665 m = PHYS_TO_VM_PAGE(rtval);
667 pte = get_ptbase(pmap) + i386_btop(va);
668 if ((*pte & (PG_V|PG_U)) != (PG_V|PG_U))
670 if ((prot & VM_PROT_WRITE) && (*pte & PG_RW) == 0)
672 rtval = ((*pte & PG_FRAME) | (va & PAGE_MASK));
673 m = PHYS_TO_VM_PAGE(rtval);
680 /***************************************************
681 * Low level mapping routines.....
682 ***************************************************/
685 * Routine: pmap_kenter
687 * Add a wired page to the KVA
688 * NOTE! note that in order for the mapping to take effect -- you
689 * should do an invltlb after doing the pmap_kenter().
692 pmap_kenter(vm_offset_t va, vm_paddr_t pa)
696 pmap_inval_info info;
698 pmap_inval_init(&info);
699 pmap_inval_add(&info, kernel_pmap, va);
700 npte = pa | PG_RW | PG_V | pgeflag;
701 pte = (unsigned *)vtopte(va);
703 pmap_inval_flush(&info);
707 * Routine: pmap_kenter_quick
709 * Similar to pmap_kenter(), except we only invalidate the
710 * mapping on the current CPU.
713 pmap_kenter_quick(vm_offset_t va, vm_paddr_t pa)
718 npte = pa | PG_RW | PG_V | pgeflag;
719 pte = (unsigned *)vtopte(va);
721 cpu_invlpg((void *)va);
725 pmap_kenter_sync(vm_offset_t va)
727 pmap_inval_info info;
729 pmap_inval_init(&info);
730 pmap_inval_add(&info, kernel_pmap, va);
731 pmap_inval_flush(&info);
735 pmap_kenter_sync_quick(vm_offset_t va)
737 cpu_invlpg((void *)va);
741 * remove a page from the kernel pagetables
744 pmap_kremove(vm_offset_t va)
747 pmap_inval_info info;
749 pmap_inval_init(&info);
750 pmap_inval_add(&info, kernel_pmap, va);
751 pte = (unsigned *)vtopte(va);
753 pmap_inval_flush(&info);
757 pmap_kremove_quick(vm_offset_t va)
760 pte = (unsigned *)vtopte(va);
762 cpu_invlpg((void *)va);
766 * Used to map a range of physical addresses into kernel
767 * virtual address space.
769 * For now, VM is already on, we only need to map the
773 pmap_map(vm_offset_t virt, vm_paddr_t start, vm_paddr_t end, int prot)
775 while (start < end) {
776 pmap_kenter(virt, start);
785 * Add a list of wired pages to the kva
786 * this routine is only used for temporary
787 * kernel mappings that do not need to have
788 * page modification or references recorded.
789 * Note that old mappings are simply written
790 * over. The page *must* be wired.
793 pmap_qenter(vm_offset_t va, vm_page_t *m, int count)
797 end_va = va + count * PAGE_SIZE;
799 while (va < end_va) {
802 pte = (unsigned *)vtopte(va);
803 *pte = VM_PAGE_TO_PHYS(*m) | PG_RW | PG_V | pgeflag;
804 cpu_invlpg((void *)va);
809 smp_invltlb(); /* XXX */
814 pmap_qenter2(vm_offset_t va, vm_page_t *m, int count, cpumask_t *mask)
817 cpumask_t cmask = mycpu->gd_cpumask;
819 end_va = va + count * PAGE_SIZE;
821 while (va < end_va) {
826 * Install the new PTE. If the pte changed from the prior
827 * mapping we must reset the cpu mask and invalidate the page.
828 * If the pte is the same but we have not seen it on the
829 * current cpu, invlpg the existing mapping. Otherwise the
830 * entry is optimal and no invalidation is required.
832 pte = (unsigned *)vtopte(va);
833 pteval = VM_PAGE_TO_PHYS(*m) | PG_A | PG_RW | PG_V | pgeflag;
834 if (*pte != pteval) {
837 cpu_invlpg((void *)va);
838 } else if ((*mask & cmask) == 0) {
839 cpu_invlpg((void *)va);
848 * this routine jerks page mappings from the
849 * kernel -- it is meant only for temporary mappings.
852 pmap_qremove(vm_offset_t va, int count)
856 end_va = va + count*PAGE_SIZE;
858 while (va < end_va) {
861 pte = (unsigned *)vtopte(va);
863 cpu_invlpg((void *)va);
872 * This routine works like vm_page_lookup() but also blocks as long as the
873 * page is busy. This routine does not busy the page it returns.
875 * Unless the caller is managing objects whos pages are in a known state,
876 * the call should be made with a critical section held so the page's object
877 * association remains valid on return.
880 pmap_page_lookup(vm_object_t object, vm_pindex_t pindex)
885 m = vm_page_lookup(object, pindex);
886 if (m && vm_page_sleep_busy(m, FALSE, "pplookp"))
892 * Create a new thread and optionally associate it with a (new) process.
893 * NOTE! the new thread's cpu may not equal the current cpu.
896 pmap_init_thread(thread_t td)
898 /* enforce pcb placement */
899 td->td_pcb = (struct pcb *)(td->td_kstack + td->td_kstack_size) - 1;
900 td->td_savefpu = &td->td_pcb->pcb_save;
901 td->td_sp = (char *)td->td_pcb - 16;
905 * Create the UPAGES for a new process.
906 * This routine directly affects the fork perf for a process.
909 pmap_init_proc(struct proc *p, struct thread *td)
911 p->p_addr = (void *)td->td_kstack;
914 td->td_lwp = &p->p_lwp;
915 td->td_switch = cpu_heavy_switch;
919 bzero(p->p_addr, sizeof(*p->p_addr));
923 * Dispose the UPAGES for a process that has exited.
924 * This routine directly impacts the exit perf of a process.
927 pmap_dispose_proc(struct proc *p)
931 KASSERT(p->p_lock == 0, ("attempt to dispose referenced proc! %p", p));
933 if ((td = p->p_thread) != NULL) {
942 * Allow the UPAGES for a process to be prejudicially paged out.
945 pmap_swapout_proc(struct proc *p)
953 upobj = p->p_upages_obj;
956 * Unwiring the pages allow them to be paged to their backing store
960 for (i = 0; i < UPAGES; i++) {
961 if ((m = vm_page_lookup(upobj, i)) == NULL)
962 panic("pmap_swapout_proc: upage already missing???");
964 vm_page_unwire(m, 0);
965 pmap_kremove((vm_offset_t)p->p_addr + (PAGE_SIZE * i));
972 * Bring the UPAGES for a specified process back in.
975 pmap_swapin_proc(struct proc *p)
983 upobj = p->p_upages_obj;
984 for (i = 0; i < UPAGES; i++) {
985 m = vm_page_grab(upobj, i, VM_ALLOC_NORMAL | VM_ALLOC_RETRY);
987 pmap_kenter((vm_offset_t)p->p_addr + (i * PAGE_SIZE),
990 if (m->valid != VM_PAGE_BITS_ALL) {
991 rv = vm_pager_get_pages(upobj, &m, 1, 0);
992 if (rv != VM_PAGER_OK)
993 panic("pmap_swapin_proc: cannot get upages for proc: %d\n", p->p_pid);
994 m = vm_page_lookup(upobj, i);
995 m->valid = VM_PAGE_BITS_ALL;
999 vm_page_flag_set(m, PG_MAPPED | PG_WRITEABLE);
1005 /***************************************************
1006 * Page table page management routines.....
1007 ***************************************************/
1010 * This routine unholds page table pages, and if the hold count
1011 * drops to zero, then it decrements the wire count.
1014 _pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
1016 pmap_inval_flush(info);
1017 while (vm_page_sleep_busy(m, FALSE, "pmuwpt"))
1020 if (m->hold_count == 0) {
1022 * unmap the page table page
1024 pmap_inval_add(info, pmap, -1);
1025 pmap->pm_pdir[m->pindex] = 0;
1026 --pmap->pm_stats.resident_count;
1028 if (pmap->pm_ptphint == m)
1029 pmap->pm_ptphint = NULL;
1032 * If the page is finally unwired, simply free it.
1035 if (m->wire_count == 0) {
1038 vm_page_free_zero(m);
1039 --vmstats.v_wire_count;
1046 static PMAP_INLINE int
1047 pmap_unwire_pte_hold(pmap_t pmap, vm_page_t m, pmap_inval_info_t info)
1050 if (m->hold_count == 0)
1051 return _pmap_unwire_pte_hold(pmap, m, info);
1057 * After removing a page table entry, this routine is used to
1058 * conditionally free the page, and manage the hold/wire counts.
1061 pmap_unuse_pt(pmap_t pmap, vm_offset_t va, vm_page_t mpte,
1062 pmap_inval_info_t info)
1065 if (va >= UPT_MIN_ADDRESS)
1069 ptepindex = (va >> PDRSHIFT);
1070 if (pmap->pm_ptphint &&
1071 (pmap->pm_ptphint->pindex == ptepindex)) {
1072 mpte = pmap->pm_ptphint;
1074 pmap_inval_flush(info);
1075 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1076 pmap->pm_ptphint = mpte;
1080 return pmap_unwire_pte_hold(pmap, mpte, info);
1084 pmap_pinit0(struct pmap *pmap)
1087 (pd_entry_t *)kmem_alloc_pageable(kernel_map, PAGE_SIZE);
1088 pmap_kenter((vm_offset_t)pmap->pm_pdir, (vm_offset_t) IdlePTD);
1090 pmap->pm_active = 0;
1091 pmap->pm_ptphint = NULL;
1092 TAILQ_INIT(&pmap->pm_pvlist);
1093 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1097 * Initialize a preallocated and zeroed pmap structure,
1098 * such as one in a vmspace structure.
1101 pmap_pinit(struct pmap *pmap)
1106 * No need to allocate page table space yet but we do need a valid
1107 * page directory table.
1109 if (pmap->pm_pdir == NULL) {
1111 (pd_entry_t *)kmem_alloc_pageable(kernel_map, PAGE_SIZE);
1115 * allocate object for the ptes
1117 if (pmap->pm_pteobj == NULL)
1118 pmap->pm_pteobj = vm_object_allocate( OBJT_DEFAULT, PTDPTDI + 1);
1121 * allocate the page directory page
1123 ptdpg = vm_page_grab( pmap->pm_pteobj, PTDPTDI,
1124 VM_ALLOC_NORMAL | VM_ALLOC_RETRY);
1126 ptdpg->wire_count = 1;
1127 ++vmstats.v_wire_count;
1130 vm_page_flag_clear(ptdpg, PG_MAPPED | PG_BUSY); /* not usually mapped*/
1131 ptdpg->valid = VM_PAGE_BITS_ALL;
1133 pmap_kenter((vm_offset_t)pmap->pm_pdir, VM_PAGE_TO_PHYS(ptdpg));
1134 if ((ptdpg->flags & PG_ZERO) == 0)
1135 bzero(pmap->pm_pdir, PAGE_SIZE);
1137 pmap->pm_pdir[MPPTDI] = PTD[MPPTDI];
1139 /* install self-referential address mapping entry */
1140 *(unsigned *) (pmap->pm_pdir + PTDPTDI) =
1141 VM_PAGE_TO_PHYS(ptdpg) | PG_V | PG_RW | PG_A | PG_M;
1144 pmap->pm_active = 0;
1145 pmap->pm_ptphint = NULL;
1146 TAILQ_INIT(&pmap->pm_pvlist);
1147 bzero(&pmap->pm_stats, sizeof pmap->pm_stats);
1151 * Wire in kernel global address entries. To avoid a race condition
1152 * between pmap initialization and pmap_growkernel, this procedure
1153 * should be called after the vmspace is attached to the process
1154 * but before this pmap is activated.
1157 pmap_pinit2(struct pmap *pmap)
1159 /* XXX copies current process, does not fill in MPPTDI */
1160 bcopy(PTD + KPTDI, pmap->pm_pdir + KPTDI, nkpt * PTESIZE);
1164 pmap_release_free_page(struct pmap *pmap, vm_page_t p)
1166 unsigned *pde = (unsigned *) pmap->pm_pdir;
1168 * This code optimizes the case of freeing non-busy
1169 * page-table pages. Those pages are zero now, and
1170 * might as well be placed directly into the zero queue.
1172 if (vm_page_sleep_busy(p, FALSE, "pmaprl"))
1178 * Remove the page table page from the processes address space.
1181 pmap->pm_stats.resident_count--;
1183 if (p->hold_count) {
1184 panic("pmap_release: freeing held page table page");
1187 * Page directory pages need to have the kernel
1188 * stuff cleared, so they can go into the zero queue also.
1190 if (p->pindex == PTDPTDI) {
1191 bzero(pde + KPTDI, nkpt * PTESIZE);
1194 pmap_kremove((vm_offset_t)pmap->pm_pdir);
1197 if (pmap->pm_ptphint && (pmap->pm_ptphint->pindex == p->pindex))
1198 pmap->pm_ptphint = NULL;
1201 vmstats.v_wire_count--;
1202 vm_page_free_zero(p);
1207 * this routine is called if the page table page is not
1211 _pmap_allocpte(pmap_t pmap, unsigned ptepindex)
1213 vm_offset_t pteva, ptepa;
1217 * Find or fabricate a new pagetable page
1219 m = vm_page_grab(pmap->pm_pteobj, ptepindex,
1220 VM_ALLOC_NORMAL | VM_ALLOC_ZERO | VM_ALLOC_RETRY);
1222 KASSERT(m->queue == PQ_NONE,
1223 ("_pmap_allocpte: %p->queue != PQ_NONE", m));
1225 if (m->wire_count == 0)
1226 vmstats.v_wire_count++;
1230 * Increment the hold count for the page table page
1231 * (denoting a new mapping.)
1236 * Map the pagetable page into the process address space, if
1237 * it isn't already there.
1240 pmap->pm_stats.resident_count++;
1242 ptepa = VM_PAGE_TO_PHYS(m);
1243 pmap->pm_pdir[ptepindex] =
1244 (pd_entry_t) (ptepa | PG_U | PG_RW | PG_V | PG_A | PG_M);
1247 * Set the page table hint
1249 pmap->pm_ptphint = m;
1252 * Try to use the new mapping, but if we cannot, then
1253 * do it with the routine that maps the page explicitly.
1255 if ((m->flags & PG_ZERO) == 0) {
1256 if ((((unsigned)pmap->pm_pdir[PTDPTDI]) & PG_FRAME) ==
1257 (((unsigned) PTDpde) & PG_FRAME)) {
1258 pteva = UPT_MIN_ADDRESS + i386_ptob(ptepindex);
1259 bzero((caddr_t) pteva, PAGE_SIZE);
1261 pmap_zero_page(ptepa);
1265 m->valid = VM_PAGE_BITS_ALL;
1266 vm_page_flag_clear(m, PG_ZERO);
1267 vm_page_flag_set(m, PG_MAPPED);
1274 pmap_allocpte(pmap_t pmap, vm_offset_t va)
1281 * Calculate pagetable page index
1283 ptepindex = va >> PDRSHIFT;
1286 * Get the page directory entry
1288 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
1291 * This supports switching from a 4MB page to a
1294 if (ptepa & PG_PS) {
1295 pmap->pm_pdir[ptepindex] = 0;
1302 * If the page table page is mapped, we just increment the
1303 * hold count, and activate it.
1307 * In order to get the page table page, try the
1310 if (pmap->pm_ptphint &&
1311 (pmap->pm_ptphint->pindex == ptepindex)) {
1312 m = pmap->pm_ptphint;
1314 m = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
1315 pmap->pm_ptphint = m;
1321 * Here if the pte page isn't mapped, or if it has been deallocated.
1323 return _pmap_allocpte(pmap, ptepindex);
1327 /***************************************************
1328 * Pmap allocation/deallocation routines.
1329 ***************************************************/
1332 * Release any resources held by the given physical map.
1333 * Called when a pmap initialized by pmap_pinit is being released.
1334 * Should only be called if the map contains no valid mappings.
1337 pmap_release(struct pmap *pmap)
1339 vm_page_t p,n,ptdpg;
1340 vm_object_t object = pmap->pm_pteobj;
1343 #if defined(DIAGNOSTIC)
1344 if (object->ref_count != 1)
1345 panic("pmap_release: pteobj reference count != 1");
1351 curgeneration = object->generation;
1352 for (p = TAILQ_FIRST(&object->memq); p != NULL; p = n) {
1353 n = TAILQ_NEXT(p, listq);
1354 if (p->pindex == PTDPTDI) {
1359 if (!pmap_release_free_page(pmap, p) &&
1360 (object->generation != curgeneration)) {
1368 if (ptdpg && !pmap_release_free_page(pmap, ptdpg))
1373 kvm_size(SYSCTL_HANDLER_ARGS)
1375 unsigned long ksize = VM_MAX_KERNEL_ADDRESS - KERNBASE;
1377 return sysctl_handle_long(oidp, &ksize, 0, req);
1379 SYSCTL_PROC(_vm, OID_AUTO, kvm_size, CTLTYPE_LONG|CTLFLAG_RD,
1380 0, 0, kvm_size, "IU", "Size of KVM");
1383 kvm_free(SYSCTL_HANDLER_ARGS)
1385 unsigned long kfree = VM_MAX_KERNEL_ADDRESS - kernel_vm_end;
1387 return sysctl_handle_long(oidp, &kfree, 0, req);
1389 SYSCTL_PROC(_vm, OID_AUTO, kvm_free, CTLTYPE_LONG|CTLFLAG_RD,
1390 0, 0, kvm_free, "IU", "Amount of KVM free");
1393 * grow the number of kernel page table entries, if needed
1396 pmap_growkernel(vm_offset_t addr)
1400 vm_offset_t ptppaddr;
1405 if (kernel_vm_end == 0) {
1406 kernel_vm_end = KERNBASE;
1408 while (pdir_pde(PTD, kernel_vm_end)) {
1409 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1413 addr = (addr + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1414 while (kernel_vm_end < addr) {
1415 if (pdir_pde(PTD, kernel_vm_end)) {
1416 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1421 * This index is bogus, but out of the way
1423 nkpg = vm_page_alloc(kptobj, nkpt,
1424 VM_ALLOC_NORMAL | VM_ALLOC_SYSTEM | VM_ALLOC_INTERRUPT);
1426 panic("pmap_growkernel: no memory to grow kernel");
1431 ptppaddr = VM_PAGE_TO_PHYS(nkpg);
1432 pmap_zero_page(ptppaddr);
1433 newpdir = (pd_entry_t) (ptppaddr | PG_V | PG_RW | PG_A | PG_M);
1434 pdir_pde(PTD, kernel_vm_end) = newpdir;
1436 FOREACH_PROC_IN_SYSTEM(p) {
1438 pmap = vmspace_pmap(p->p_vmspace);
1439 *pmap_pde(pmap, kernel_vm_end) = newpdir;
1442 *pmap_pde(kernel_pmap, kernel_vm_end) = newpdir;
1443 kernel_vm_end = (kernel_vm_end + PAGE_SIZE * NPTEPG) & ~(PAGE_SIZE * NPTEPG - 1);
1449 * Retire the given physical map from service.
1450 * Should only be called if the map contains
1451 * no valid mappings.
1454 pmap_destroy(pmap_t pmap)
1461 count = --pmap->pm_count;
1464 panic("destroying a pmap is not yet implemented");
1469 * Add a reference to the specified pmap.
1472 pmap_reference(pmap_t pmap)
1479 /***************************************************
1480 * page management routines.
1481 ***************************************************/
1484 * free the pv_entry back to the free list. This function may be
1485 * called from an interrupt.
1487 static PMAP_INLINE void
1488 free_pv_entry(pv_entry_t pv)
1495 * get a new pv_entry, allocating a block from the system
1496 * when needed. This function may be called from an interrupt.
1502 if (pv_entry_high_water &&
1503 (pv_entry_count > pv_entry_high_water) &&
1504 (pmap_pagedaemon_waken == 0)) {
1505 pmap_pagedaemon_waken = 1;
1506 wakeup (&vm_pages_needed);
1508 return zalloc(pvzone);
1512 * This routine is very drastic, but can save the system
1520 static int warningdone=0;
1522 if (pmap_pagedaemon_waken == 0)
1525 if (warningdone < 5) {
1526 printf("pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC\n");
1530 for(i = 0; i < vm_page_array_size; i++) {
1531 m = &vm_page_array[i];
1532 if (m->wire_count || m->hold_count || m->busy ||
1533 (m->flags & PG_BUSY))
1537 pmap_pagedaemon_waken = 0;
1542 * If it is the first entry on the list, it is actually
1543 * in the header and we must copy the following entry up
1544 * to the header. Otherwise we must search the list for
1545 * the entry. In either case we free the now unused entry.
1548 pmap_remove_entry(struct pmap *pmap, vm_page_t m,
1549 vm_offset_t va, pmap_inval_info_t info)
1555 if (m->md.pv_list_count < pmap->pm_stats.resident_count) {
1556 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
1557 if (pmap == pv->pv_pmap && va == pv->pv_va)
1561 TAILQ_FOREACH(pv, &pmap->pm_pvlist, pv_plist) {
1562 if (va == pv->pv_va)
1569 rtval = pmap_unuse_pt(pmap, va, pv->pv_ptem, info);
1570 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1571 m->md.pv_list_count--;
1572 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
1573 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1574 TAILQ_REMOVE(&pmap->pm_pvlist, pv, pv_plist);
1582 * Create a pv entry for page at pa for
1586 pmap_insert_entry(pmap_t pmap, vm_offset_t va, vm_page_t mpte, vm_page_t m)
1591 pv = get_pv_entry();
1596 TAILQ_INSERT_TAIL(&pmap->pm_pvlist, pv, pv_plist);
1597 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
1598 m->md.pv_list_count++;
1604 * pmap_remove_pte: do the things to unmap a page in a process
1607 pmap_remove_pte(struct pmap *pmap, unsigned *ptq, vm_offset_t va,
1608 pmap_inval_info_t info)
1613 pmap_inval_add(info, pmap, va);
1614 oldpte = loadandclear(ptq);
1616 pmap->pm_stats.wired_count -= 1;
1618 * Machines that don't support invlpg, also don't support
1619 * PG_G. XXX PG_G is disabled for SMP so don't worry about
1623 cpu_invlpg((void *)va);
1624 pmap->pm_stats.resident_count -= 1;
1625 if (oldpte & PG_MANAGED) {
1626 m = PHYS_TO_VM_PAGE(oldpte);
1627 if (oldpte & PG_M) {
1628 #if defined(PMAP_DIAGNOSTIC)
1629 if (pmap_nw_modified((pt_entry_t) oldpte)) {
1631 "pmap_remove: modified page not writable: va: 0x%x, pte: 0x%x\n",
1635 if (pmap_track_modified(va))
1639 vm_page_flag_set(m, PG_REFERENCED);
1640 return pmap_remove_entry(pmap, m, va, info);
1642 return pmap_unuse_pt(pmap, va, NULL, info);
1651 * Remove a single page from a process address space.
1653 * This function may not be called from an interrupt if the pmap is
1657 pmap_remove_page(struct pmap *pmap, vm_offset_t va, pmap_inval_info_t info)
1662 * if there is no pte for this address, just skip it!!! Otherwise
1663 * get a local va for mappings for this pmap and remove the entry.
1665 if (*pmap_pde(pmap, va) != 0) {
1666 ptq = get_ptbase(pmap) + i386_btop(va);
1668 pmap_remove_pte(pmap, ptq, va, info);
1676 * Remove the given range of addresses from the specified map.
1678 * It is assumed that the start and end are properly
1679 * rounded to the page size.
1681 * This function may not be called from an interrupt if the pmap is
1685 pmap_remove(struct pmap *pmap, vm_offset_t sva, vm_offset_t eva)
1689 vm_offset_t ptpaddr;
1690 vm_offset_t sindex, eindex;
1691 struct pmap_inval_info info;
1696 if (pmap->pm_stats.resident_count == 0)
1699 pmap_inval_init(&info);
1702 * special handling of removing one page. a very
1703 * common operation and easy to short circuit some
1706 if (((sva + PAGE_SIZE) == eva) &&
1707 (((unsigned) pmap->pm_pdir[(sva >> PDRSHIFT)] & PG_PS) == 0)) {
1708 pmap_remove_page(pmap, sva, &info);
1709 pmap_inval_flush(&info);
1714 * Get a local virtual address for the mappings that are being
1717 ptbase = get_ptbase(pmap);
1719 sindex = i386_btop(sva);
1720 eindex = i386_btop(eva);
1722 for (; sindex < eindex; sindex = pdnxt) {
1726 * Calculate index for next page table.
1728 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1729 if (pmap->pm_stats.resident_count == 0)
1732 pdirindex = sindex / NPDEPG;
1733 if (((ptpaddr = (unsigned) pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1734 pmap_inval_add(&info, pmap, -1);
1735 pmap->pm_pdir[pdirindex] = 0;
1736 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1741 * Weed out invalid mappings. Note: we assume that the page
1742 * directory table is always allocated, and in kernel virtual.
1748 * Limit our scan to either the end of the va represented
1749 * by the current page table page, or to the end of the
1750 * range being removed.
1752 if (pdnxt > eindex) {
1756 for (; sindex != pdnxt; sindex++) {
1758 if (ptbase[sindex] == 0)
1760 va = i386_ptob(sindex);
1761 if (pmap_remove_pte(pmap, ptbase + sindex, va, &info))
1765 pmap_inval_flush(&info);
1771 * Removes this physical page from all physical maps in which it resides.
1772 * Reflects back modify bits to the pager.
1774 * This routine may not be called from an interrupt.
1778 pmap_remove_all(vm_page_t m)
1780 struct pmap_inval_info info;
1781 unsigned *pte, tpte;
1784 #if defined(PMAP_DIAGNOSTIC)
1786 * XXX this makes pmap_page_protect(NONE) illegal for non-managed
1789 if (!pmap_initialized || (m->flags & PG_FICTITIOUS)) {
1790 panic("pmap_page_protect: illegal for unmanaged page, va: 0x%08llx", (long long)VM_PAGE_TO_PHYS(m));
1794 pmap_inval_init(&info);
1796 while ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
1797 pv->pv_pmap->pm_stats.resident_count--;
1799 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
1800 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
1802 tpte = loadandclear(pte);
1804 pv->pv_pmap->pm_stats.wired_count--;
1807 vm_page_flag_set(m, PG_REFERENCED);
1810 * Update the vm_page_t clean and reference bits.
1813 #if defined(PMAP_DIAGNOSTIC)
1814 if (pmap_nw_modified((pt_entry_t) tpte)) {
1816 "pmap_remove_all: modified page not writable: va: 0x%x, pte: 0x%x\n",
1820 if (pmap_track_modified(pv->pv_va))
1823 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
1824 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
1825 m->md.pv_list_count--;
1826 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
1830 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
1832 pmap_inval_flush(&info);
1838 * Set the physical protection on the specified range of this map
1841 * This function may not be called from an interrupt if the map is
1842 * not the kernel_pmap.
1845 pmap_protect(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, vm_prot_t prot)
1848 vm_offset_t pdnxt, ptpaddr;
1849 vm_pindex_t sindex, eindex;
1850 pmap_inval_info info;
1855 if ((prot & VM_PROT_READ) == VM_PROT_NONE) {
1856 pmap_remove(pmap, sva, eva);
1860 if (prot & VM_PROT_WRITE)
1863 pmap_inval_init(&info);
1865 ptbase = get_ptbase(pmap);
1867 sindex = i386_btop(sva);
1868 eindex = i386_btop(eva);
1870 for (; sindex < eindex; sindex = pdnxt) {
1874 pdnxt = ((sindex + NPTEPG) & ~(NPTEPG - 1));
1876 pdirindex = sindex / NPDEPG;
1877 if (((ptpaddr = (unsigned) pmap->pm_pdir[pdirindex]) & PG_PS) != 0) {
1878 pmap_inval_add(&info, pmap, -1);
1879 (unsigned) pmap->pm_pdir[pdirindex] &= ~(PG_M|PG_RW);
1880 pmap->pm_stats.resident_count -= NBPDR / PAGE_SIZE;
1885 * Weed out invalid mappings. Note: we assume that the page
1886 * directory table is always allocated, and in kernel virtual.
1891 if (pdnxt > eindex) {
1895 for (; sindex != pdnxt; sindex++) {
1900 /* XXX this isn't optimal */
1901 pmap_inval_add(&info, pmap, i386_ptob(sindex));
1902 pbits = ptbase[sindex];
1904 if (pbits & PG_MANAGED) {
1907 m = PHYS_TO_VM_PAGE(pbits);
1908 vm_page_flag_set(m, PG_REFERENCED);
1912 if (pmap_track_modified(i386_ptob(sindex))) {
1914 m = PHYS_TO_VM_PAGE(pbits);
1923 if (pbits != ptbase[sindex]) {
1924 ptbase[sindex] = pbits;
1928 pmap_inval_flush(&info);
1932 * Insert the given physical page (p) at
1933 * the specified virtual address (v) in the
1934 * target physical map with the protection requested.
1936 * If specified, the page will be wired down, meaning
1937 * that the related pte can not be reclaimed.
1939 * NB: This is the only routine which MAY NOT lazy-evaluate
1940 * or lose information. That is, this routine must actually
1941 * insert this page into the given map NOW.
1944 pmap_enter(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_prot_t prot,
1950 vm_offset_t origpte, newpte;
1952 pmap_inval_info info;
1958 #ifdef PMAP_DIAGNOSTIC
1959 if (va > VM_MAX_KERNEL_ADDRESS)
1960 panic("pmap_enter: toobig");
1961 if ((va >= UPT_MIN_ADDRESS) && (va < UPT_MAX_ADDRESS))
1962 panic("pmap_enter: invalid to pmap_enter page table pages (va: 0x%x)", va);
1967 * In the case that a page table page is not
1968 * resident, we are creating it here.
1970 if (va < UPT_MIN_ADDRESS) {
1971 mpte = pmap_allocpte(pmap, va);
1974 pmap_inval_init(&info);
1975 pte = pmap_pte(pmap, va);
1978 * Page Directory table entry not valid, we need a new PT page
1981 panic("pmap_enter: invalid page directory pdir=%x, va=0x%x\n",
1982 (unsigned) pmap->pm_pdir[PTDPTDI], va);
1985 pa = VM_PAGE_TO_PHYS(m) & PG_FRAME;
1986 pmap_inval_add(&info, pmap, va); /* XXX non-optimal */
1987 origpte = *(vm_offset_t *)pte;
1988 opa = origpte & PG_FRAME;
1990 if (origpte & PG_PS)
1991 panic("pmap_enter: attempted pmap_enter on 4MB page");
1994 * Mapping has not changed, must be protection or wiring change.
1996 if (origpte && (opa == pa)) {
1998 * Wiring change, just update stats. We don't worry about
1999 * wiring PT pages as they remain resident as long as there
2000 * are valid mappings in them. Hence, if a user page is wired,
2001 * the PT page will be also.
2003 if (wired && ((origpte & PG_W) == 0))
2004 pmap->pm_stats.wired_count++;
2005 else if (!wired && (origpte & PG_W))
2006 pmap->pm_stats.wired_count--;
2008 #if defined(PMAP_DIAGNOSTIC)
2009 if (pmap_nw_modified((pt_entry_t) origpte)) {
2011 "pmap_enter: modified page not writable: va: 0x%x, pte: 0x%x\n",
2017 * Remove the extra pte reference. Note that we cannot
2018 * optimize the RO->RW case because we have adjusted the
2019 * wiring count above and may need to adjust the wiring
2026 * We might be turning off write access to the page,
2027 * so we go ahead and sense modify status.
2029 if (origpte & PG_MANAGED) {
2030 if ((origpte & PG_M) && pmap_track_modified(va)) {
2032 om = PHYS_TO_VM_PAGE(opa);
2040 * Mapping has changed, invalidate old range and fall through to
2041 * handle validating new mapping.
2045 err = pmap_remove_pte(pmap, pte, va, &info);
2047 panic("pmap_enter: pte vanished, va: 0x%x", va);
2051 * Enter on the PV list if part of our managed memory. Note that we
2052 * raise IPL while manipulating pv_table since pmap_enter can be
2053 * called at interrupt time.
2055 if (pmap_initialized &&
2056 (m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0) {
2057 pmap_insert_entry(pmap, va, mpte, m);
2062 * Increment counters
2064 pmap->pm_stats.resident_count++;
2066 pmap->pm_stats.wired_count++;
2070 * Now validate mapping with desired protection/wiring.
2072 newpte = (vm_offset_t) (pa | pte_prot(pmap, prot) | PG_V);
2076 if (va < UPT_MIN_ADDRESS)
2078 if (pmap == kernel_pmap)
2082 * if the mapping or permission bits are different, we need
2083 * to update the pte.
2085 if ((origpte & ~(PG_M|PG_A)) != newpte) {
2086 *pte = newpte | PG_A;
2088 pmap_inval_flush(&info);
2092 * this code makes some *MAJOR* assumptions:
2093 * 1. Current pmap & pmap exists.
2096 * 4. No page table pages.
2097 * 5. Tlbflush is deferred to calling procedure.
2098 * 6. Page IS managed.
2099 * but is *MUCH* faster than pmap_enter...
2103 pmap_enter_quick(pmap_t pmap, vm_offset_t va, vm_page_t m, vm_page_t mpte)
2107 pmap_inval_info info;
2109 pmap_inval_init(&info);
2112 * In the case that a page table page is not
2113 * resident, we are creating it here.
2115 if (va < UPT_MIN_ADDRESS) {
2120 * Calculate pagetable page index
2122 ptepindex = va >> PDRSHIFT;
2123 if (mpte && (mpte->pindex == ptepindex)) {
2128 * Get the page directory entry
2130 ptepa = (vm_offset_t) pmap->pm_pdir[ptepindex];
2133 * If the page table page is mapped, we just increment
2134 * the hold count, and activate it.
2138 panic("pmap_enter_quick: unexpected mapping into 4MB page");
2139 if (pmap->pm_ptphint &&
2140 (pmap->pm_ptphint->pindex == ptepindex)) {
2141 mpte = pmap->pm_ptphint;
2143 mpte = pmap_page_lookup( pmap->pm_pteobj, ptepindex);
2144 pmap->pm_ptphint = mpte;
2150 mpte = _pmap_allocpte(pmap, ptepindex);
2158 * This call to vtopte makes the assumption that we are
2159 * entering the page into the current pmap. In order to support
2160 * quick entry into any pmap, one would likely use pmap_pte_quick.
2161 * But that isn't as quick as vtopte.
2163 pte = (unsigned *)vtopte(va);
2166 pmap_unwire_pte_hold(pmap, mpte, &info);
2171 * Enter on the PV list if part of our managed memory. Note that we
2172 * raise IPL while manipulating pv_table since pmap_enter can be
2173 * called at interrupt time.
2175 if ((m->flags & (PG_FICTITIOUS|PG_UNMANAGED)) == 0)
2176 pmap_insert_entry(pmap, va, mpte, m);
2179 * Increment counters
2181 pmap->pm_stats.resident_count++;
2183 pa = VM_PAGE_TO_PHYS(m);
2186 * Now validate mapping with RO protection
2188 if (m->flags & (PG_FICTITIOUS|PG_UNMANAGED))
2189 *pte = pa | PG_V | PG_U;
2191 *pte = pa | PG_V | PG_U | PG_MANAGED;
2197 * Make a temporary mapping for a physical address. This is only intended
2198 * to be used for panic dumps.
2201 pmap_kenter_temporary(vm_paddr_t pa, int i)
2203 pmap_kenter((vm_offset_t)crashdumpmap + (i * PAGE_SIZE), pa);
2204 return ((void *)crashdumpmap);
2207 #define MAX_INIT_PT (96)
2210 * This routine preloads the ptes for a given object into the specified pmap.
2211 * This eliminates the blast of soft faults on process startup and
2212 * immediately after an mmap.
2215 pmap_object_init_pt(pmap_t pmap, vm_offset_t addr, vm_prot_t prot,
2216 vm_object_t object, vm_pindex_t pindex,
2217 vm_size_t size, int limit)
2224 if ((prot & VM_PROT_READ) == 0 || pmap == NULL || object == NULL)
2229 * XXX you must be joking, entering PTE's into a user page table
2230 * without any accounting? This could result in the page table
2231 * being freed while it still contains mappings (free with PG_ZERO
2232 * assumption leading to a non-zero page being marked PG_ZERO).
2235 * This code maps large physical mmap regions into the
2236 * processor address space. Note that some shortcuts
2237 * are taken, but the code works.
2240 (object->type == OBJT_DEVICE) &&
2241 ((addr & (NBPDR - 1)) == 0) &&
2242 ((size & (NBPDR - 1)) == 0) ) {
2245 unsigned int ptepindex;
2249 if (pmap->pm_pdir[ptepindex = (addr >> PDRSHIFT)])
2253 p = vm_page_lookup(object, pindex);
2254 if (p && vm_page_sleep_busy(p, FALSE, "init4p"))
2258 p = vm_page_alloc(object, pindex, VM_ALLOC_NORMAL);
2263 if (vm_pager_get_pages(object, m, 1, 0) != VM_PAGER_OK) {
2268 p = vm_page_lookup(object, pindex);
2272 ptepa = (vm_offset_t) VM_PAGE_TO_PHYS(p);
2273 if (ptepa & (NBPDR - 1)) {
2277 p->valid = VM_PAGE_BITS_ALL;
2279 pmap->pm_stats.resident_count += size >> PAGE_SHIFT;
2280 npdes = size >> PDRSHIFT;
2281 for (i = 0; i < npdes; i++) {
2282 pmap->pm_pdir[ptepindex] =
2283 (pd_entry_t) (ptepa | PG_U | PG_RW | PG_V | PG_PS);
2287 vm_page_flag_set(p, PG_MAPPED);
2294 psize = i386_btop(size);
2296 if ((object->type != OBJT_VNODE) ||
2297 ((limit & MAP_PREFAULT_PARTIAL) && (psize > MAX_INIT_PT) &&
2298 (object->resident_page_count > MAX_INIT_PT))) {
2302 if (psize + pindex > object->size) {
2303 if (object->size < pindex)
2305 psize = object->size - pindex;
2310 * If we are processing a major portion of the object, then scan the
2313 * We cannot safely scan the object's memq unless we are in a
2314 * critical section since interrupts can remove pages from objects.
2318 if (psize > (object->resident_page_count >> 2)) {
2321 for (p = TAILQ_FIRST(&object->memq);
2322 objpgs > 0 && p != NULL;
2323 p = TAILQ_NEXT(p, listq)
2326 if (tmpidx < pindex)
2329 if (tmpidx >= psize)
2333 * don't allow an madvise to blow away our really
2334 * free pages allocating pv entries.
2336 if ((limit & MAP_PREFAULT_MADVISE) &&
2337 vmstats.v_free_count < vmstats.v_free_reserved) {
2340 if (((p->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2342 (p->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2343 if ((p->queue - p->pc) == PQ_CACHE)
2344 vm_page_deactivate(p);
2346 mpte = pmap_enter_quick(pmap,
2347 addr + i386_ptob(tmpidx), p, mpte);
2348 vm_page_flag_set(p, PG_MAPPED);
2355 * else lookup the pages one-by-one.
2357 for (tmpidx = 0; tmpidx < psize; tmpidx += 1) {
2359 * don't allow an madvise to blow away our really
2360 * free pages allocating pv entries.
2362 if ((limit & MAP_PREFAULT_MADVISE) &&
2363 vmstats.v_free_count < vmstats.v_free_reserved) {
2366 p = vm_page_lookup(object, tmpidx + pindex);
2368 ((p->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2370 (p->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2371 if ((p->queue - p->pc) == PQ_CACHE)
2372 vm_page_deactivate(p);
2374 mpte = pmap_enter_quick(pmap,
2375 addr + i386_ptob(tmpidx), p, mpte);
2376 vm_page_flag_set(p, PG_MAPPED);
2385 * pmap_prefault provides a quick way of clustering pagefaults into a
2386 * processes address space. It is a "cousin" of pmap_object_init_pt,
2387 * except it runs at page fault time instead of mmap time.
2391 #define PAGEORDER_SIZE (PFBAK+PFFOR)
2393 static int pmap_prefault_pageorder[] = {
2394 -PAGE_SIZE, PAGE_SIZE,
2395 -2 * PAGE_SIZE, 2 * PAGE_SIZE,
2396 -3 * PAGE_SIZE, 3 * PAGE_SIZE,
2397 -4 * PAGE_SIZE, 4 * PAGE_SIZE
2401 pmap_prefault(pmap_t pmap, vm_offset_t addra, vm_map_entry_t entry)
2410 if (!curproc || (pmap != vmspace_pmap(curproc->p_vmspace)))
2413 object = entry->object.vm_object;
2415 starta = addra - PFBAK * PAGE_SIZE;
2416 if (starta < entry->start)
2417 starta = entry->start;
2418 else if (starta > addra)
2422 * critical section protection is required to maintain the
2423 * page/object association, interrupts can free pages and remove
2424 * them from their objects.
2428 for (i = 0; i < PAGEORDER_SIZE; i++) {
2429 vm_object_t lobject;
2432 addr = addra + pmap_prefault_pageorder[i];
2433 if (addr > addra + (PFFOR * PAGE_SIZE))
2436 if (addr < starta || addr >= entry->end)
2439 if ((*pmap_pde(pmap, addr)) == NULL)
2442 pte = (unsigned *) vtopte(addr);
2446 pindex = ((addr - entry->start) + entry->offset) >> PAGE_SHIFT;
2449 for (m = vm_page_lookup(lobject, pindex);
2450 (!m && (lobject->type == OBJT_DEFAULT) &&
2451 (lobject->backing_object));
2452 lobject = lobject->backing_object
2454 if (lobject->backing_object_offset & PAGE_MASK)
2456 pindex += (lobject->backing_object_offset >> PAGE_SHIFT);
2457 m = vm_page_lookup(lobject->backing_object, pindex);
2461 * give-up when a page is not in memory
2466 if (((m->valid & VM_PAGE_BITS_ALL) == VM_PAGE_BITS_ALL) &&
2468 (m->flags & (PG_BUSY | PG_FICTITIOUS)) == 0) {
2470 if ((m->queue - m->pc) == PQ_CACHE) {
2471 vm_page_deactivate(m);
2474 mpte = pmap_enter_quick(pmap, addr, m, mpte);
2475 vm_page_flag_set(m, PG_MAPPED);
2483 * Routine: pmap_change_wiring
2484 * Function: Change the wiring attribute for a map/virtual-address
2486 * In/out conditions:
2487 * The mapping must already exist in the pmap.
2490 pmap_change_wiring(pmap_t pmap, vm_offset_t va, boolean_t wired)
2497 pte = pmap_pte(pmap, va);
2499 if (wired && !pmap_pte_w(pte))
2500 pmap->pm_stats.wired_count++;
2501 else if (!wired && pmap_pte_w(pte))
2502 pmap->pm_stats.wired_count--;
2505 * Wiring is not a hardware characteristic so there is no need to
2506 * invalidate TLB. However, in an SMP environment we must use
2507 * a locked bus cycle to update the pte (if we are not using
2508 * the pmap_inval_*() API that is)... it's ok to do this for simple
2513 atomic_set_int(pte, PG_W);
2515 atomic_clear_int(pte, PG_W);
2518 atomic_set_int_nonlocked(pte, PG_W);
2520 atomic_clear_int_nonlocked(pte, PG_W);
2527 * Copy the range specified by src_addr/len
2528 * from the source map to the range dst_addr/len
2529 * in the destination map.
2531 * This routine is only advisory and need not do anything.
2534 pmap_copy(pmap_t dst_pmap, pmap_t src_pmap, vm_offset_t dst_addr,
2535 vm_size_t len, vm_offset_t src_addr)
2537 pmap_inval_info info;
2539 vm_offset_t end_addr = src_addr + len;
2541 unsigned src_frame, dst_frame;
2544 if (dst_addr != src_addr)
2547 src_frame = ((unsigned) src_pmap->pm_pdir[PTDPTDI]) & PG_FRAME;
2548 if (src_frame != (((unsigned) PTDpde) & PG_FRAME)) {
2552 dst_frame = ((unsigned) dst_pmap->pm_pdir[PTDPTDI]) & PG_FRAME;
2553 if (dst_frame != (((unsigned) APTDpde) & PG_FRAME)) {
2554 APTDpde = (pd_entry_t) (dst_frame | PG_RW | PG_V);
2555 /* The page directory is not shared between CPUs */
2558 pmap_inval_init(&info);
2559 pmap_inval_add(&info, dst_pmap, -1);
2560 pmap_inval_add(&info, src_pmap, -1);
2563 * critical section protection is required to maintain the page/object
2564 * association, interrupts can free pages and remove them from
2568 for (addr = src_addr; addr < end_addr; addr = pdnxt) {
2569 unsigned *src_pte, *dst_pte;
2570 vm_page_t dstmpte, srcmpte;
2571 vm_offset_t srcptepaddr;
2574 if (addr >= UPT_MIN_ADDRESS)
2575 panic("pmap_copy: invalid to pmap_copy page tables\n");
2578 * Don't let optional prefaulting of pages make us go
2579 * way below the low water mark of free pages or way
2580 * above high water mark of used pv entries.
2582 if (vmstats.v_free_count < vmstats.v_free_reserved ||
2583 pv_entry_count > pv_entry_high_water)
2586 pdnxt = ((addr + PAGE_SIZE*NPTEPG) & ~(PAGE_SIZE*NPTEPG - 1));
2587 ptepindex = addr >> PDRSHIFT;
2589 srcptepaddr = (vm_offset_t) src_pmap->pm_pdir[ptepindex];
2590 if (srcptepaddr == 0)
2593 if (srcptepaddr & PG_PS) {
2594 if (dst_pmap->pm_pdir[ptepindex] == 0) {
2595 dst_pmap->pm_pdir[ptepindex] = (pd_entry_t) srcptepaddr;
2596 dst_pmap->pm_stats.resident_count += NBPDR / PAGE_SIZE;
2601 srcmpte = vm_page_lookup(src_pmap->pm_pteobj, ptepindex);
2602 if ((srcmpte == NULL) ||
2603 (srcmpte->hold_count == 0) || (srcmpte->flags & PG_BUSY))
2606 if (pdnxt > end_addr)
2609 src_pte = (unsigned *) vtopte(addr);
2610 dst_pte = (unsigned *) avtopte(addr);
2611 while (addr < pdnxt) {
2615 * we only virtual copy managed pages
2617 if ((ptetemp & PG_MANAGED) != 0) {
2619 * We have to check after allocpte for the
2620 * pte still being around... allocpte can
2623 dstmpte = pmap_allocpte(dst_pmap, addr);
2624 if ((*dst_pte == 0) && (ptetemp = *src_pte)) {
2626 * Clear the modified and
2627 * accessed (referenced) bits
2630 m = PHYS_TO_VM_PAGE(ptetemp);
2631 *dst_pte = ptetemp & ~(PG_M | PG_A);
2632 dst_pmap->pm_stats.resident_count++;
2633 pmap_insert_entry(dst_pmap, addr,
2636 pmap_unwire_pte_hold(dst_pmap, dstmpte, &info);
2638 if (dstmpte->hold_count >= srcmpte->hold_count)
2647 pmap_inval_flush(&info);
2651 * Routine: pmap_kernel
2653 * Returns the physical map handle for the kernel.
2658 return (kernel_pmap);
2664 * Zero the specified PA by mapping the page into KVM and clearing its
2667 * This function may be called from an interrupt and no locking is
2671 pmap_zero_page(vm_paddr_t phys)
2673 struct mdglobaldata *gd = mdcpu;
2676 if (*(int *)gd->gd_CMAP3)
2677 panic("pmap_zero_page: CMAP3 busy");
2678 *(int *)gd->gd_CMAP3 =
2679 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2680 cpu_invlpg(gd->gd_CADDR3);
2682 #if defined(I686_CPU)
2683 if (cpu_class == CPUCLASS_686)
2684 i686_pagezero(gd->gd_CADDR3);
2687 bzero(gd->gd_CADDR3, PAGE_SIZE);
2688 *(int *) gd->gd_CMAP3 = 0;
2693 * pmap_page_assertzero:
2695 * Assert that a page is empty, panic if it isn't.
2698 pmap_page_assertzero(vm_paddr_t phys)
2700 struct mdglobaldata *gd = mdcpu;
2704 if (*(int *)gd->gd_CMAP3)
2705 panic("pmap_zero_page: CMAP3 busy");
2706 *(int *)gd->gd_CMAP3 =
2707 PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2708 cpu_invlpg(gd->gd_CADDR3);
2709 for (i = 0; i < PAGE_SIZE; i += 4) {
2710 if (*(int *)((char *)gd->gd_CADDR3 + i) != 0) {
2711 panic("pmap_page_assertzero() @ %p not zero!\n",
2712 (void *)gd->gd_CADDR3);
2715 *(int *) gd->gd_CMAP3 = 0;
2722 * Zero part of a physical page by mapping it into memory and clearing
2723 * its contents with bzero.
2725 * off and size may not cover an area beyond a single hardware page.
2728 pmap_zero_page_area(vm_paddr_t phys, int off, int size)
2730 struct mdglobaldata *gd = mdcpu;
2733 if (*(int *) gd->gd_CMAP3)
2734 panic("pmap_zero_page: CMAP3 busy");
2735 *(int *) gd->gd_CMAP3 = PG_V | PG_RW | (phys & PG_FRAME) | PG_A | PG_M;
2736 cpu_invlpg(gd->gd_CADDR3);
2738 #if defined(I686_CPU)
2739 if (cpu_class == CPUCLASS_686 && off == 0 && size == PAGE_SIZE)
2740 i686_pagezero(gd->gd_CADDR3);
2743 bzero((char *)gd->gd_CADDR3 + off, size);
2744 *(int *) gd->gd_CMAP3 = 0;
2751 * Copy the physical page from the source PA to the target PA.
2752 * This function may be called from an interrupt. No locking
2756 pmap_copy_page(vm_paddr_t src, vm_paddr_t dst)
2758 struct mdglobaldata *gd = mdcpu;
2761 if (*(int *) gd->gd_CMAP1)
2762 panic("pmap_copy_page: CMAP1 busy");
2763 if (*(int *) gd->gd_CMAP2)
2764 panic("pmap_copy_page: CMAP2 busy");
2766 *(int *) gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2767 *(int *) gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2769 cpu_invlpg(gd->gd_CADDR1);
2770 cpu_invlpg(gd->gd_CADDR2);
2772 bcopy(gd->gd_CADDR1, gd->gd_CADDR2, PAGE_SIZE);
2774 *(int *) gd->gd_CMAP1 = 0;
2775 *(int *) gd->gd_CMAP2 = 0;
2780 * pmap_copy_page_frag:
2782 * Copy the physical page from the source PA to the target PA.
2783 * This function may be called from an interrupt. No locking
2787 pmap_copy_page_frag(vm_paddr_t src, vm_paddr_t dst, size_t bytes)
2789 struct mdglobaldata *gd = mdcpu;
2792 if (*(int *) gd->gd_CMAP1)
2793 panic("pmap_copy_page: CMAP1 busy");
2794 if (*(int *) gd->gd_CMAP2)
2795 panic("pmap_copy_page: CMAP2 busy");
2797 *(int *) gd->gd_CMAP1 = PG_V | (src & PG_FRAME) | PG_A;
2798 *(int *) gd->gd_CMAP2 = PG_V | PG_RW | (dst & PG_FRAME) | PG_A | PG_M;
2800 cpu_invlpg(gd->gd_CADDR1);
2801 cpu_invlpg(gd->gd_CADDR2);
2803 bcopy((char *)gd->gd_CADDR1 + (src & PAGE_MASK),
2804 (char *)gd->gd_CADDR2 + (dst & PAGE_MASK),
2807 *(int *) gd->gd_CMAP1 = 0;
2808 *(int *) gd->gd_CMAP2 = 0;
2813 * Returns true if the pmap's pv is one of the first
2814 * 16 pvs linked to from this page. This count may
2815 * be changed upwards or downwards in the future; it
2816 * is only necessary that true be returned for a small
2817 * subset of pmaps for proper page aging.
2820 pmap_page_exists_quick(pmap_t pmap, vm_page_t m)
2825 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2830 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2831 if (pv->pv_pmap == pmap) {
2843 #define PMAP_REMOVE_PAGES_CURPROC_ONLY
2845 * Remove all pages from specified address space
2846 * this aids process exit speeds. Also, this code
2847 * is special cased for current process only, but
2848 * can have the more generic (and slightly slower)
2849 * mode enabled. This is much faster than pmap_remove
2850 * in the case of running down an entire address space.
2853 pmap_remove_pages(pmap_t pmap, vm_offset_t sva, vm_offset_t eva)
2855 unsigned *pte, tpte;
2858 pmap_inval_info info;
2860 #ifdef PMAP_REMOVE_PAGES_CURPROC_ONLY
2861 if (!curproc || (pmap != vmspace_pmap(curproc->p_vmspace))) {
2862 printf("warning: pmap_remove_pages called with non-current pmap\n");
2867 pmap_inval_init(&info);
2869 for(pv = TAILQ_FIRST(&pmap->pm_pvlist);
2873 if (pv->pv_va >= eva || pv->pv_va < sva) {
2874 npv = TAILQ_NEXT(pv, pv_plist);
2878 #ifdef PMAP_REMOVE_PAGES_CURPROC_ONLY
2879 pte = (unsigned *)vtopte(pv->pv_va);
2881 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2883 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
2887 * We cannot remove wired pages from a process' mapping at this time
2890 npv = TAILQ_NEXT(pv, pv_plist);
2895 m = PHYS_TO_VM_PAGE(tpte);
2897 KASSERT(m < &vm_page_array[vm_page_array_size],
2898 ("pmap_remove_pages: bad tpte %x", tpte));
2900 pv->pv_pmap->pm_stats.resident_count--;
2903 * Update the vm_page_t clean and reference bits.
2910 npv = TAILQ_NEXT(pv, pv_plist);
2911 TAILQ_REMOVE(&pv->pv_pmap->pm_pvlist, pv, pv_plist);
2913 m->md.pv_list_count--;
2914 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
2915 if (TAILQ_FIRST(&m->md.pv_list) == NULL) {
2916 vm_page_flag_clear(m, PG_MAPPED | PG_WRITEABLE);
2919 pmap_unuse_pt(pv->pv_pmap, pv->pv_va, pv->pv_ptem, &info);
2922 pmap_inval_flush(&info);
2927 * pmap_testbit tests bits in pte's
2928 * note that the testbit/changebit routines are inline,
2929 * and a lot of things compile-time evaluate.
2932 pmap_testbit(vm_page_t m, int bit)
2937 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2940 if (TAILQ_FIRST(&m->md.pv_list) == NULL)
2945 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2947 * if the bit being tested is the modified bit, then
2948 * mark clean_map and ptes as never
2951 if (bit & (PG_A|PG_M)) {
2952 if (!pmap_track_modified(pv->pv_va))
2956 #if defined(PMAP_DIAGNOSTIC)
2958 printf("Null pmap (tb) at va: 0x%x\n", pv->pv_va);
2962 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
2973 * this routine is used to modify bits in ptes
2975 static __inline void
2976 pmap_changebit(vm_page_t m, int bit, boolean_t setem)
2978 struct pmap_inval_info info;
2982 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
2985 pmap_inval_init(&info);
2989 * Loop over all current mappings setting/clearing as appropos If
2990 * setting RO do we need to clear the VAC?
2992 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
2994 * don't write protect pager mappings
2996 if (!setem && (bit == PG_RW)) {
2997 if (!pmap_track_modified(pv->pv_va))
3001 #if defined(PMAP_DIAGNOSTIC)
3003 printf("Null pmap (cb) at va: 0x%x\n", pv->pv_va);
3009 * Careful here. We can use a locked bus instruction to
3010 * clear PG_A or PG_M safely but we need to synchronize
3011 * with the target cpus when we mess with PG_RW.
3013 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3015 pmap_inval_add(&info, pv->pv_pmap, pv->pv_va);
3019 atomic_set_int(pte, bit);
3021 atomic_set_int_nonlocked(pte, bit);
3024 vm_offset_t pbits = *(vm_offset_t *)pte;
3031 atomic_clear_int(pte, PG_M|PG_RW);
3033 atomic_clear_int_nonlocked(pte, PG_M|PG_RW);
3037 atomic_clear_int(pte, bit);
3039 atomic_clear_int_nonlocked(pte, bit);
3045 pmap_inval_flush(&info);
3050 * pmap_page_protect:
3052 * Lower the permission for all mappings to a given page.
3055 pmap_page_protect(vm_page_t m, vm_prot_t prot)
3057 if ((prot & VM_PROT_WRITE) == 0) {
3058 if (prot & (VM_PROT_READ | VM_PROT_EXECUTE)) {
3059 pmap_changebit(m, PG_RW, FALSE);
3067 pmap_phys_address(int ppn)
3069 return (i386_ptob(ppn));
3073 * pmap_ts_referenced:
3075 * Return a count of reference bits for a page, clearing those bits.
3076 * It is not necessary for every reference bit to be cleared, but it
3077 * is necessary that 0 only be returned when there are truly no
3078 * reference bits set.
3080 * XXX: The exact number of bits to check and clear is a matter that
3081 * should be tested and standardized at some point in the future for
3082 * optimal aging of shared pages.
3085 pmap_ts_referenced(vm_page_t m)
3087 pv_entry_t pv, pvf, pvn;
3091 if (!pmap_initialized || (m->flags & PG_FICTITIOUS))
3096 if ((pv = TAILQ_FIRST(&m->md.pv_list)) != NULL) {
3101 pvn = TAILQ_NEXT(pv, pv_list);
3103 TAILQ_REMOVE(&m->md.pv_list, pv, pv_list);
3105 TAILQ_INSERT_TAIL(&m->md.pv_list, pv, pv_list);
3107 if (!pmap_track_modified(pv->pv_va))
3110 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va);
3112 if (pte && (*pte & PG_A)) {
3114 atomic_clear_int(pte, PG_A);
3116 atomic_clear_int_nonlocked(pte, PG_A);
3123 } while ((pv = pvn) != NULL && pv != pvf);
3133 * Return whether or not the specified physical page was modified
3134 * in any physical maps.
3137 pmap_is_modified(vm_page_t m)
3139 return pmap_testbit(m, PG_M);
3143 * Clear the modify bits on the specified physical page.
3146 pmap_clear_modify(vm_page_t m)
3148 pmap_changebit(m, PG_M, FALSE);
3152 * pmap_clear_reference:
3154 * Clear the reference bit on the specified physical page.
3157 pmap_clear_reference(vm_page_t m)
3159 pmap_changebit(m, PG_A, FALSE);
3163 * Miscellaneous support routines follow
3167 i386_protection_init(void)
3171 kp = protection_codes;
3172 for (prot = 0; prot < 8; prot++) {
3174 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_NONE:
3176 * Read access is also 0. There isn't any execute bit,
3177 * so just make it readable.
3179 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_NONE:
3180 case VM_PROT_READ | VM_PROT_NONE | VM_PROT_EXECUTE:
3181 case VM_PROT_NONE | VM_PROT_NONE | VM_PROT_EXECUTE:
3184 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_NONE:
3185 case VM_PROT_NONE | VM_PROT_WRITE | VM_PROT_EXECUTE:
3186 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_NONE:
3187 case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE:
3195 * Map a set of physical memory pages into the kernel virtual
3196 * address space. Return a pointer to where it is mapped. This
3197 * routine is intended to be used for mapping device memory,
3200 * NOTE: we can't use pgeflag unless we invalidate the pages one at
3204 pmap_mapdev(vm_paddr_t pa, vm_size_t size)
3206 vm_offset_t va, tmpva, offset;
3209 offset = pa & PAGE_MASK;
3210 size = roundup(offset + size, PAGE_SIZE);
3212 va = kmem_alloc_nofault(kernel_map, size);
3214 panic("pmap_mapdev: Couldn't alloc kernel virtual memory");
3217 for (tmpva = va; size > 0;) {
3218 pte = (unsigned *)vtopte(tmpva);
3219 *pte = pa | PG_RW | PG_V; /* | pgeflag; */
3227 return ((void *)(va + offset));
3231 pmap_unmapdev(vm_offset_t va, vm_size_t size)
3233 vm_offset_t base, offset;
3235 base = va & PG_FRAME;
3236 offset = va & PAGE_MASK;
3237 size = roundup(offset + size, PAGE_SIZE);
3238 pmap_qremove(va, size >> PAGE_SHIFT);
3239 kmem_free(kernel_map, base, size);
3243 * perform the pmap work for mincore
3246 pmap_mincore(pmap_t pmap, vm_offset_t addr)
3248 unsigned *ptep, pte;
3252 ptep = pmap_pte(pmap, addr);
3257 if ((pte = *ptep) != 0) {
3260 val = MINCORE_INCORE;
3261 if ((pte & PG_MANAGED) == 0)
3264 pa = pte & PG_FRAME;
3266 m = PHYS_TO_VM_PAGE(pa);
3272 val |= MINCORE_MODIFIED|MINCORE_MODIFIED_OTHER;
3274 * Modified by someone
3276 else if (m->dirty || pmap_is_modified(m))
3277 val |= MINCORE_MODIFIED_OTHER;
3282 val |= MINCORE_REFERENCED|MINCORE_REFERENCED_OTHER;
3285 * Referenced by someone
3287 else if ((m->flags & PG_REFERENCED) || pmap_ts_referenced(m)) {
3288 val |= MINCORE_REFERENCED_OTHER;
3289 vm_page_flag_set(m, PG_REFERENCED);
3296 pmap_activate(struct proc *p)
3300 pmap = vmspace_pmap(p->p_vmspace);
3302 atomic_set_int(&pmap->pm_active, 1 << mycpu->gd_cpuid);
3304 pmap->pm_active |= 1;
3306 #if defined(SWTCH_OPTIM_STATS)
3309 p->p_thread->td_pcb->pcb_cr3 = vtophys(pmap->pm_pdir);
3310 load_cr3(p->p_thread->td_pcb->pcb_cr3);
3314 pmap_addr_hint(vm_object_t obj, vm_offset_t addr, vm_size_t size)
3317 if ((obj == NULL) || (size < NBPDR) || (obj->type != OBJT_DEVICE)) {
3321 addr = (addr + (NBPDR - 1)) & ~(NBPDR - 1);
3326 #if defined(PMAP_DEBUG)
3328 pmap_pid_dump(int pid)
3334 FOREACH_PROC_IN_SYSTEM(p) {
3335 if (p->p_pid != pid)
3341 pmap = vmspace_pmap(p->p_vmspace);
3342 for(i=0;i<1024;i++) {
3345 unsigned base = i << PDRSHIFT;
3347 pde = &pmap->pm_pdir[i];
3348 if (pde && pmap_pde_v(pde)) {
3349 for(j=0;j<1024;j++) {
3350 unsigned va = base + (j << PAGE_SHIFT);
3351 if (va >= (vm_offset_t) VM_MIN_KERNEL_ADDRESS) {
3358 pte = pmap_pte_quick( pmap, va);
3359 if (pte && pmap_pte_v(pte)) {
3363 m = PHYS_TO_VM_PAGE(pa);
3364 printf("va: 0x%x, pt: 0x%x, h: %d, w: %d, f: 0x%x",
3365 va, pa, m->hold_count, m->wire_count, m->flags);
3386 static void pads (pmap_t pm);
3387 void pmap_pvdump (vm_paddr_t pa);
3389 /* print address space of pmap*/
3396 if (pm == kernel_pmap)
3398 for (i = 0; i < 1024; i++)
3400 for (j = 0; j < 1024; j++) {
3401 va = (i << PDRSHIFT) + (j << PAGE_SHIFT);
3402 if (pm == kernel_pmap && va < KERNBASE)
3404 if (pm != kernel_pmap && va > UPT_MAX_ADDRESS)
3406 ptep = pmap_pte_quick(pm, va);
3407 if (pmap_pte_v(ptep))
3408 printf("%x:%x ", va, *(int *) ptep);
3414 pmap_pvdump(vm_paddr_t pa)
3419 printf("pa %08llx", (long long)pa);
3420 m = PHYS_TO_VM_PAGE(pa);
3421 TAILQ_FOREACH(pv, &m->md.pv_list, pv_list) {
3423 printf(" -> pmap %p, va %x, flags %x",
3424 (void *)pv->pv_pmap, pv->pv_va, pv->pv_flags);
3426 printf(" -> pmap %p, va %x", (void *)pv->pv_pmap, pv->pv_va);
lentferj's projects / dragonfly.git / blob